@hello-bill/node 1.0.4 → 2.1.0-beta.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (42) hide show
  1. package/CHANGELOG.md +2 -0
  2. package/dist/express/index.d.cts +2 -2
  3. package/dist/express/index.d.ts +2 -2
  4. package/dist/express/index.js +12 -3
  5. package/dist/express/index.js.map +1 -1
  6. package/dist/express/index.mjs +12 -3
  7. package/dist/express/index.mjs.map +1 -1
  8. package/dist/hono/index.d.cts +2 -2
  9. package/dist/hono/index.d.ts +2 -2
  10. package/dist/hono/index.js +12 -3
  11. package/dist/hono/index.js.map +1 -1
  12. package/dist/hono/index.mjs +12 -3
  13. package/dist/hono/index.mjs.map +1 -1
  14. package/dist/{index-C2MzlH64.d.ts → index-D81ftBQo.d.ts} +5 -3
  15. package/dist/{index-YlknV1_H.d.cts → index-lPvEf5hZ.d.cts} +5 -3
  16. package/dist/index.d.cts +4 -4
  17. package/dist/index.d.ts +4 -4
  18. package/dist/index.js +12 -3
  19. package/dist/index.js.map +1 -1
  20. package/dist/index.mjs +12 -3
  21. package/dist/index.mjs.map +1 -1
  22. package/dist/koa/index.d.cts +2 -2
  23. package/dist/koa/index.d.ts +2 -2
  24. package/dist/koa/index.js +12 -3
  25. package/dist/koa/index.js.map +1 -1
  26. package/dist/koa/index.mjs +12 -3
  27. package/dist/koa/index.mjs.map +1 -1
  28. package/dist/next/index.d.cts +2 -2
  29. package/dist/next/index.d.ts +2 -2
  30. package/dist/next/index.js +12 -3
  31. package/dist/next/index.js.map +1 -1
  32. package/dist/next/index.mjs +12 -3
  33. package/dist/next/index.mjs.map +1 -1
  34. package/dist/types/index.d.cts +3 -3
  35. package/dist/types/index.d.ts +3 -3
  36. package/dist/types/index.js.map +1 -1
  37. package/dist/types/index.mjs.map +1 -1
  38. package/dist/webhook/index.d.cts +2 -2
  39. package/dist/webhook/index.d.ts +2 -2
  40. package/dist/{webhooks-DPpqf7d2.d.cts → webhooks-Cv4e8oXp.d.cts} +3 -2
  41. package/dist/{webhooks-DPpqf7d2.d.ts → webhooks-Cv4e8oXp.d.ts} +3 -2
  42. package/package.json +1 -1
@@ -1,9 +1,9 @@
1
- import { V as IsoDateTime, R as RequestId } from '../webhooks-DPpqf7d2.js';
2
- export { A as Address, i as AddressObject, j as AddressesObject, k as ApiVersion, l as AppDeeplinks, m as BankDetailsCollected, n as BankDetailsConsent, o as BankDetailsObject, B as BankDetailsRequest, h as BankDetailsResponse, p as BankDetailsStatus, q as BillType, r as BreakdownCoverProduct, s as BroadbandProduct, t as BuildingStyle, u as BuildingType, v as CacheStatus, w as ClientMode, x as Consent, y as ContextEntry, z as CouncilTaxProduct, C as CreateCustomerInput, D as Customer, e as CustomerCreateResponse, f as CustomerId, g as CustomerStatusResponse, E as CustomerType, F as DataCompleteness, G as DiscoveryStatus, H as Email, I as EnergyProduct, J as Environment, K as EpcRating, M as FinalRead, N as FuelType, O as HeatingType, Q as HomeInsuranceProduct, T as IdempotencyKey, U as IsoDate, W as LoASignature, X as LoaId, L as LoaListResponse, Y as LoaRecord, Z as LocationRole, _ as MaskedSortCode, $ as Meters, a0 as MobileProduct, a1 as MoveIn, a2 as MoveObject, a3 as MoveOut, a4 as MoveOutNotificationFailed, a5 as MoveOutNotificationSent, a6 as MoveOutNotifyFlags, a7 as MoveOutReason, a8 as MoveOutStatus, a9 as NearbyPoi, aa as OccupantObject, ab as OccupantType, ac as OnboardingInfo, ad as OverallStatus, ae as Paginated, af as Person, ag as PhoneNumber, ah as Postcode, ai as Product, aj as ProductBase, ak as ProductCategory, al as ProductConfidence, am as ProductId, an as ProductSetup, P as ProductsQuery, c as ProductsResponse, ao as PropertyDetailObject, d as PropertyDetailResponse, ap as PropertyLocation, aq as PropertyObject, ar as PropertyType, as as PropertyTypeCode, at as PropertyTypeSubcode, au as ProvidedFieldPath, av as SESSION_IDEMPOTENCY_TTL_MS, aw as SavingsSummaryResponse, ax as SelectedProduct, ay as SessionAccountCreated, az as SessionAppDeferred, aA as SessionAppInstalled, aB as SessionDetailsConfirmed, aC as SessionEmbedOpened, b as SessionGetResponse, aD as SessionLoaSigned, S as SessionPayload, aE as SessionProductsSelected, a as SessionResponse, aF as SetupStatus, aG as SetupStatusChanged, aH as SignatureImage, aI as StoredBankDetails, aJ as SubscriptionChanged, aK as SubscriptionStatus, aL as TvLicenceProduct, aM as Url, aN as WaterProduct, aO as WebhookEvent, aP as WebhookEventBase, aQ as WebhookEventId, aR as WebhookEventType } from '../webhooks-DPpqf7d2.js';
1
+ import { V as IsoDateTime, R as RequestId } from '../webhooks-Cv4e8oXp.js';
2
+ export { A as Address, i as AddressObject, j as AddressesObject, k as ApiVersion, l as AppDeeplinks, m as BankDetailsCollected, n as BankDetailsConsent, o as BankDetailsObject, B as BankDetailsRequest, h as BankDetailsResponse, p as BankDetailsStatus, q as BillType, r as BreakdownCoverProduct, s as BroadbandProduct, t as BuildingStyle, u as BuildingType, v as CacheStatus, w as ClientMode, x as Consent, y as ContextEntry, z as CouncilTaxProduct, C as CreateCustomerInput, D as Customer, e as CustomerCreateResponse, f as CustomerId, g as CustomerStatusResponse, E as CustomerType, F as DataCompleteness, G as DiscoveryStatus, H as Email, I as EnergyProduct, J as Environment, K as EpcRating, M as FinalRead, N as FuelType, O as HeatingType, Q as HomeInsuranceProduct, T as IdempotencyKey, U as IsoDate, W as LoASignature, X as LoaId, L as LoaListResponse, Y as LoaRecord, Z as LocationRole, _ as MaskedSortCode, $ as Meters, a0 as MobileProduct, a1 as MoveIn, a2 as MoveObject, a3 as MoveOut, a4 as MoveOutNotificationFailed, a5 as MoveOutNotificationSent, a6 as MoveOutNotifyFlags, a7 as MoveOutReason, a8 as MoveOutStatus, a9 as NearbyPoi, aa as OccupantObject, ab as OccupantType, ac as OnboardingInfo, ad as OverallStatus, ae as Paginated, af as Person, ag as PhoneNumber, ah as Postcode, ai as Product, aj as ProductBase, ak as ProductCategory, al as ProductConfidence, am as ProductId, an as ProductSetup, P as ProductsQuery, c as ProductsResponse, ao as PropertyDetailObject, d as PropertyDetailResponse, ap as PropertyLocation, aq as PropertyObject, ar as PropertyType, as as PropertyTypeCode, at as PropertyTypeSubcode, au as ProvidedFieldPath, av as SESSION_IDEMPOTENCY_TTL_MS, aw as SavingsSummaryResponse, ax as SelectedProduct, ay as SessionAccountCreated, az as SessionAppDeferred, aA as SessionAppInstalled, aB as SessionDetailsConfirmed, aC as SessionEmbedOpened, b as SessionGetResponse, aD as SessionLoaSigned, S as SessionPayload, aE as SessionProductsSelected, a as SessionResponse, aF as SetupStatus, aG as SetupStatusChanged, aH as SignatureImage, aI as StoredBankDetails, aJ as SubscriptionChanged, aK as SubscriptionStatus, aL as TvLicenceProduct, aM as Url, aN as WaterProduct, aO as WebhookEvent, aP as WebhookEventBase, aQ as WebhookEventId, aR as WebhookEventType } from '../webhooks-Cv4e8oXp.js';
3
3
 
4
4
  /**
5
5
  * AnyVan move slot types.
6
- * Returned by GET /partner/sessions/:id/anyvan-slots.
6
+ * Legacy AnyVan move slot types (superseded by service-slots schema).
7
7
  */
8
8
 
9
9
  interface AnyvanSlot {
@@ -1 +1 @@
1
- {"version":3,"sources":["../../src/types/session.ts","../../src/types/errors.ts"],"names":[],"mappings":";;;AAwFO,IAAM,0BAAA,GAA6B,EAAA,GAAK,EAAA,GAAK,EAAA,GAAK;;;ACRlD,IAAM,uBAAA,uBAA8B,GAAA,CAAY,CAAC,KAAK,GAAA,EAAK,GAAA,EAAK,GAAA,EAAK,GAAG,CAAC","file":"index.js","sourcesContent":["/**\n * Session lifecycle types.\n * POST /partner/sessions creates a session and returns a short-lived session_token\n * that the embed presents to the frontend-facing endpoints.\n */\n\nimport type {\n AddressObject,\n Consent,\n ContextEntry,\n Customer,\n IsoDateTime,\n Meters,\n MoveIn,\n MoveOut,\n ProvidedFieldPath,\n OccupantObject,\n PropertyObject,\n} from './common.js';\n\nexport interface AddressesObject {\n /** The property the customer is moving INTO. Where utilities are set up. */\n current: PropertyObject;\n /** The property the customer is moving OUT of, if applicable. */\n previous?: PropertyObject;\n}\n\nexport interface MoveObject {\n in: MoveIn;\n out?: MoveOut;\n}\n\n/**\n * Canonical snake_case shape the SDK sends to POST /partner/sessions.\n * `buildSessionPayload(req)` on the server is responsible for assembling this\n * from whatever shape the partner's host page provides.\n */\nexport interface SessionPayload {\n /** Partner-controlled correlation. Echoed back on webhooks as `data.referral_id`. */\n referral_id?: string;\n customer: Customer;\n occupants?: OccupantObject[];\n addresses: AddressesObject;\n move: MoveObject;\n meters?: Meters;\n consent: Consent;\n context?: ContextEntry[];\n}\n\n/** Response from POST /partner/sessions. */\nexport interface SessionResponse {\n session_id: string;\n /** Short-lived JWT (300s) the embed presents to the SDK-mounted endpoints. */\n session_token: string;\n embed_url: string;\n /** Initial discovery status. Embed polls /products until complete. */\n discovery_status: 'running' | 'complete';\n estimated_ready_seconds?: number;\n /** Dot-notation paths of fields HelloBill received. Drives adaptive UI. */\n provided_fields: ProvidedFieldPath[];\n /** ISO 8601. Session resource expires after 90 days. */\n expires_at: IsoDateTime;\n}\n\n/**\n * Response from GET /partner/sessions/:id.\n *\n * Per spec §3.7, the endpoint echoes back the full SessionPayload the partner\n * originally sent to POST /partner/sessions, extended with server-assigned fields.\n * This is distinct from SessionResponse (POST projection) which carries session_token\n * and embed_url but not the original payload fields.\n */\nexport interface SessionGetResponse extends SessionPayload {\n /** Stable server-assigned session identifier. */\n session_id: string;\n /** ISO 8601 timestamp when the session was created. */\n created_at: IsoDateTime;\n /** ISO 8601 session expiry (90 days from creation). */\n expires_at: IsoDateTime;\n /** Lifecycle status of the session. */\n status: 'created' | 'customer_created' | 'expired';\n}\n\n/**\n * Idempotency window for POST /sessions: 24h on\n * email + addresses.current.postcode + addresses.current.address_line_1.\n * `move.out` is NOT part of the key — partners cannot retroactively change shape.\n */\nexport const SESSION_IDEMPOTENCY_TTL_MS = 24 * 60 * 60 * 1000;\n","/**\n * Spec error envelope.\n * Returned with non-2xx responses from the Partner API and surfaced verbatim by the SDK.\n */\n\nimport type { RequestId } from './common.js';\n\n/**\n * Error codes follow `<category>.<specific>` naming and match the v15 §12 catalog.\n */\nexport type ErrorCode =\n // validation.*\n | 'validation.missing_required_field'\n | 'validation.invalid_field_value'\n | 'validation.invalid_enum_value'\n // consent.*\n | 'consent.required'\n // product.*\n | 'product.id_expired'\n // loa.*\n | 'loa.coverage_missing'\n | 'loa.coverage_excess'\n | 'loa.session_mismatch'\n | 'loa.template_changed'\n | 'loa.selection_changed'\n // signature_image.*\n | 'signature_image.invalid'\n | 'signature_image.too_large'\n | 'signature_image.dimensions_invalid'\n // address.*\n | 'address.line_too_long'\n | 'address.postcode_invalid'\n // move_out.*\n | 'move_out.requires_previous_property'\n | 'move_out.invalid_date'\n // final_read.*\n | 'final_read.implausible'\n // customer.*\n | 'customer.address_invalid'\n | 'customer.not_found'\n // bank_details.*\n | 'bank_details.invalid_sort_code'\n | 'bank_details.invalid_account_number'\n | 'bank_details.modulus_check_failed'\n | 'bank_details.session_locked'\n // auth.*\n | 'auth.invalid_credentials'\n | 'auth.token_expired'\n | 'auth.token_malformed'\n | 'auth.insufficient_scope'\n // session.*\n | 'session.not_found'\n // rate.*\n | 'rate.limited'\n // internal.*\n | 'internal.error'\n // discovery.*\n | 'discovery.unavailable';\n\nexport type ErrorType =\n | 'authentication_error'\n | 'validation_error'\n | 'rate_limit_error'\n | 'api_error';\n\nexport interface ErrorEnvelope {\n error: {\n type: ErrorType;\n code: ErrorCode;\n message: string;\n /** Path of the offending field (e.g. \"addresses.current.postcode\"). */\n param?: string;\n /** For validation.missing_required_field — dot-notation list of missing fields. */\n missing_fields?: string[];\n /** Echo of `X-HelloBill-Request-Id` for support correlation. */\n request_id: RequestId;\n };\n}\n\n/** HTTP statuses the SDK retries automatically with exponential backoff. */\nexport const RETRYABLE_HTTP_STATUSES = new Set<number>([429, 500, 502, 503, 504]);\n"]}
1
+ {"version":3,"sources":["../../src/types/session.ts","../../src/types/errors.ts"],"names":[],"mappings":";;;AAwFO,IAAM,0BAAA,GAA6B,EAAA,GAAK,EAAA,GAAK,EAAA,GAAK;;;ACRlD,IAAM,uBAAA,uBAA8B,GAAA,CAAY,CAAC,KAAK,GAAA,EAAK,GAAA,EAAK,GAAA,EAAK,GAAG,CAAC","file":"index.js","sourcesContent":["/**\n * Session lifecycle types.\n * POST /partner/sessions creates a session and returns a short-lived session_token\n * that the embed presents to the frontend-facing endpoints.\n */\n\nimport type {\n AddressObject,\n Consent,\n ContextEntry,\n Customer,\n IsoDateTime,\n Meters,\n MoveIn,\n MoveOut,\n ProvidedFieldPath,\n OccupantObject,\n PropertyObject,\n} from './common.js';\n\nexport interface AddressesObject {\n /** The property the customer is moving INTO. Where utilities are set up. */\n current: PropertyObject;\n /** The property the customer is moving OUT of, if applicable. */\n previous?: PropertyObject;\n}\n\nexport interface MoveObject {\n in: MoveIn;\n out?: MoveOut;\n}\n\n/**\n * Canonical snake_case shape the SDK sends to POST /partner/sessions.\n * `buildSessionPayload(req)` on the server is responsible for assembling this\n * from whatever shape the partner's host page provides.\n */\nexport interface SessionPayload {\n /** Partner-controlled correlation. Echoed back on webhooks as `data.referral_id`. */\n referral_id?: string;\n customer: Customer;\n occupants?: OccupantObject[];\n addresses: AddressesObject;\n move: MoveObject;\n meters?: Meters;\n consent: Consent;\n context?: ContextEntry[];\n}\n\n/** Response from POST /partner/sessions. */\nexport interface SessionResponse {\n session_id: string;\n /** Short-lived JWT (300s) the embed presents to the SDK-mounted endpoints. */\n session_token: string;\n embed_base_url: string;\n /** Initial discovery status. Embed polls /products until complete. */\n discovery_status: 'running' | 'complete';\n estimated_ready_seconds?: number;\n /** Dot-notation paths of fields HelloBill received. Drives adaptive UI. */\n provided_fields: ProvidedFieldPath[];\n /** ISO 8601. Session resource expires after 90 days. */\n expires_at: IsoDateTime;\n}\n\n/**\n * Response from GET /partner/sessions/:id.\n *\n * Per spec §3.7, the endpoint echoes back the full SessionPayload the partner\n * originally sent to POST /partner/sessions, extended with server-assigned fields.\n * This is distinct from SessionResponse (POST projection) which carries session_token\n * and embed_base_url but not the original payload fields.\n */\nexport interface SessionGetResponse extends SessionPayload {\n /** Stable server-assigned session identifier. */\n session_id: string;\n /** ISO 8601 timestamp when the session was created. */\n created_at: IsoDateTime;\n /** ISO 8601 session expiry (90 days from creation). */\n expires_at: IsoDateTime;\n /** Lifecycle status of the session. */\n status: 'created' | 'customer_created' | 'expired';\n}\n\n/**\n * Idempotency window for POST /sessions: 24h on\n * email + addresses.current.postcode + addresses.current.address_line_1.\n * `move.out` is NOT part of the key — partners cannot retroactively change shape.\n */\nexport const SESSION_IDEMPOTENCY_TTL_MS = 24 * 60 * 60 * 1000;\n","/**\n * Spec error envelope.\n * Returned with non-2xx responses from the Partner API and surfaced verbatim by the SDK.\n */\n\nimport type { RequestId } from './common.js';\n\n/**\n * Error codes follow `<category>.<specific>` naming and match the v15 §12 catalog.\n */\nexport type ErrorCode =\n // validation.*\n | 'validation.missing_required_field'\n | 'validation.invalid_field_value'\n | 'validation.invalid_enum_value'\n // consent.*\n | 'consent.required'\n // product.*\n | 'product.id_expired'\n // loa.*\n | 'loa.coverage_missing'\n | 'loa.coverage_excess'\n | 'loa.session_mismatch'\n | 'loa.template_changed'\n | 'loa.selection_changed'\n // signature_image.*\n | 'signature_image.invalid'\n | 'signature_image.too_large'\n | 'signature_image.dimensions_invalid'\n // address.*\n | 'address.line_too_long'\n | 'address.postcode_invalid'\n // move_out.*\n | 'move_out.requires_previous_property'\n | 'move_out.invalid_date'\n // final_read.*\n | 'final_read.implausible'\n // customer.*\n | 'customer.address_invalid'\n | 'customer.not_found'\n // bank_details.*\n | 'bank_details.invalid_sort_code'\n | 'bank_details.invalid_account_number'\n | 'bank_details.modulus_check_failed'\n | 'bank_details.session_locked'\n // auth.*\n | 'auth.invalid_credentials'\n | 'auth.token_expired'\n | 'auth.token_malformed'\n | 'auth.insufficient_scope'\n // session.*\n | 'session.not_found'\n // rate.*\n | 'rate.limited'\n // internal.*\n | 'internal.error'\n // discovery.*\n | 'discovery.unavailable';\n\nexport type ErrorType =\n | 'authentication_error'\n | 'validation_error'\n | 'rate_limit_error'\n | 'api_error';\n\nexport interface ErrorEnvelope {\n error: {\n type: ErrorType;\n code: ErrorCode;\n message: string;\n /** Path of the offending field (e.g. \"addresses.current.postcode\"). */\n param?: string;\n /** For validation.missing_required_field — dot-notation list of missing fields. */\n missing_fields?: string[];\n /** Echo of `X-HelloBill-Request-Id` for support correlation. */\n request_id: RequestId;\n };\n}\n\n/** HTTP statuses the SDK retries automatically with exponential backoff. */\nexport const RETRYABLE_HTTP_STATUSES = new Set<number>([429, 500, 502, 503, 504]);\n"]}
@@ -1 +1 @@
1
- {"version":3,"sources":["../../src/types/session.ts","../../src/types/errors.ts"],"names":[],"mappings":";AAwFO,IAAM,0BAAA,GAA6B,EAAA,GAAK,EAAA,GAAK,EAAA,GAAK;;;ACRlD,IAAM,uBAAA,uBAA8B,GAAA,CAAY,CAAC,KAAK,GAAA,EAAK,GAAA,EAAK,GAAA,EAAK,GAAG,CAAC","file":"index.mjs","sourcesContent":["/**\n * Session lifecycle types.\n * POST /partner/sessions creates a session and returns a short-lived session_token\n * that the embed presents to the frontend-facing endpoints.\n */\n\nimport type {\n AddressObject,\n Consent,\n ContextEntry,\n Customer,\n IsoDateTime,\n Meters,\n MoveIn,\n MoveOut,\n ProvidedFieldPath,\n OccupantObject,\n PropertyObject,\n} from './common.js';\n\nexport interface AddressesObject {\n /** The property the customer is moving INTO. Where utilities are set up. */\n current: PropertyObject;\n /** The property the customer is moving OUT of, if applicable. */\n previous?: PropertyObject;\n}\n\nexport interface MoveObject {\n in: MoveIn;\n out?: MoveOut;\n}\n\n/**\n * Canonical snake_case shape the SDK sends to POST /partner/sessions.\n * `buildSessionPayload(req)` on the server is responsible for assembling this\n * from whatever shape the partner's host page provides.\n */\nexport interface SessionPayload {\n /** Partner-controlled correlation. Echoed back on webhooks as `data.referral_id`. */\n referral_id?: string;\n customer: Customer;\n occupants?: OccupantObject[];\n addresses: AddressesObject;\n move: MoveObject;\n meters?: Meters;\n consent: Consent;\n context?: ContextEntry[];\n}\n\n/** Response from POST /partner/sessions. */\nexport interface SessionResponse {\n session_id: string;\n /** Short-lived JWT (300s) the embed presents to the SDK-mounted endpoints. */\n session_token: string;\n embed_url: string;\n /** Initial discovery status. Embed polls /products until complete. */\n discovery_status: 'running' | 'complete';\n estimated_ready_seconds?: number;\n /** Dot-notation paths of fields HelloBill received. Drives adaptive UI. */\n provided_fields: ProvidedFieldPath[];\n /** ISO 8601. Session resource expires after 90 days. */\n expires_at: IsoDateTime;\n}\n\n/**\n * Response from GET /partner/sessions/:id.\n *\n * Per spec §3.7, the endpoint echoes back the full SessionPayload the partner\n * originally sent to POST /partner/sessions, extended with server-assigned fields.\n * This is distinct from SessionResponse (POST projection) which carries session_token\n * and embed_url but not the original payload fields.\n */\nexport interface SessionGetResponse extends SessionPayload {\n /** Stable server-assigned session identifier. */\n session_id: string;\n /** ISO 8601 timestamp when the session was created. */\n created_at: IsoDateTime;\n /** ISO 8601 session expiry (90 days from creation). */\n expires_at: IsoDateTime;\n /** Lifecycle status of the session. */\n status: 'created' | 'customer_created' | 'expired';\n}\n\n/**\n * Idempotency window for POST /sessions: 24h on\n * email + addresses.current.postcode + addresses.current.address_line_1.\n * `move.out` is NOT part of the key — partners cannot retroactively change shape.\n */\nexport const SESSION_IDEMPOTENCY_TTL_MS = 24 * 60 * 60 * 1000;\n","/**\n * Spec error envelope.\n * Returned with non-2xx responses from the Partner API and surfaced verbatim by the SDK.\n */\n\nimport type { RequestId } from './common.js';\n\n/**\n * Error codes follow `<category>.<specific>` naming and match the v15 §12 catalog.\n */\nexport type ErrorCode =\n // validation.*\n | 'validation.missing_required_field'\n | 'validation.invalid_field_value'\n | 'validation.invalid_enum_value'\n // consent.*\n | 'consent.required'\n // product.*\n | 'product.id_expired'\n // loa.*\n | 'loa.coverage_missing'\n | 'loa.coverage_excess'\n | 'loa.session_mismatch'\n | 'loa.template_changed'\n | 'loa.selection_changed'\n // signature_image.*\n | 'signature_image.invalid'\n | 'signature_image.too_large'\n | 'signature_image.dimensions_invalid'\n // address.*\n | 'address.line_too_long'\n | 'address.postcode_invalid'\n // move_out.*\n | 'move_out.requires_previous_property'\n | 'move_out.invalid_date'\n // final_read.*\n | 'final_read.implausible'\n // customer.*\n | 'customer.address_invalid'\n | 'customer.not_found'\n // bank_details.*\n | 'bank_details.invalid_sort_code'\n | 'bank_details.invalid_account_number'\n | 'bank_details.modulus_check_failed'\n | 'bank_details.session_locked'\n // auth.*\n | 'auth.invalid_credentials'\n | 'auth.token_expired'\n | 'auth.token_malformed'\n | 'auth.insufficient_scope'\n // session.*\n | 'session.not_found'\n // rate.*\n | 'rate.limited'\n // internal.*\n | 'internal.error'\n // discovery.*\n | 'discovery.unavailable';\n\nexport type ErrorType =\n | 'authentication_error'\n | 'validation_error'\n | 'rate_limit_error'\n | 'api_error';\n\nexport interface ErrorEnvelope {\n error: {\n type: ErrorType;\n code: ErrorCode;\n message: string;\n /** Path of the offending field (e.g. \"addresses.current.postcode\"). */\n param?: string;\n /** For validation.missing_required_field — dot-notation list of missing fields. */\n missing_fields?: string[];\n /** Echo of `X-HelloBill-Request-Id` for support correlation. */\n request_id: RequestId;\n };\n}\n\n/** HTTP statuses the SDK retries automatically with exponential backoff. */\nexport const RETRYABLE_HTTP_STATUSES = new Set<number>([429, 500, 502, 503, 504]);\n"]}
1
+ {"version":3,"sources":["../../src/types/session.ts","../../src/types/errors.ts"],"names":[],"mappings":";AAwFO,IAAM,0BAAA,GAA6B,EAAA,GAAK,EAAA,GAAK,EAAA,GAAK;;;ACRlD,IAAM,uBAAA,uBAA8B,GAAA,CAAY,CAAC,KAAK,GAAA,EAAK,GAAA,EAAK,GAAA,EAAK,GAAG,CAAC","file":"index.mjs","sourcesContent":["/**\n * Session lifecycle types.\n * POST /partner/sessions creates a session and returns a short-lived session_token\n * that the embed presents to the frontend-facing endpoints.\n */\n\nimport type {\n AddressObject,\n Consent,\n ContextEntry,\n Customer,\n IsoDateTime,\n Meters,\n MoveIn,\n MoveOut,\n ProvidedFieldPath,\n OccupantObject,\n PropertyObject,\n} from './common.js';\n\nexport interface AddressesObject {\n /** The property the customer is moving INTO. Where utilities are set up. */\n current: PropertyObject;\n /** The property the customer is moving OUT of, if applicable. */\n previous?: PropertyObject;\n}\n\nexport interface MoveObject {\n in: MoveIn;\n out?: MoveOut;\n}\n\n/**\n * Canonical snake_case shape the SDK sends to POST /partner/sessions.\n * `buildSessionPayload(req)` on the server is responsible for assembling this\n * from whatever shape the partner's host page provides.\n */\nexport interface SessionPayload {\n /** Partner-controlled correlation. Echoed back on webhooks as `data.referral_id`. */\n referral_id?: string;\n customer: Customer;\n occupants?: OccupantObject[];\n addresses: AddressesObject;\n move: MoveObject;\n meters?: Meters;\n consent: Consent;\n context?: ContextEntry[];\n}\n\n/** Response from POST /partner/sessions. */\nexport interface SessionResponse {\n session_id: string;\n /** Short-lived JWT (300s) the embed presents to the SDK-mounted endpoints. */\n session_token: string;\n embed_base_url: string;\n /** Initial discovery status. Embed polls /products until complete. */\n discovery_status: 'running' | 'complete';\n estimated_ready_seconds?: number;\n /** Dot-notation paths of fields HelloBill received. Drives adaptive UI. */\n provided_fields: ProvidedFieldPath[];\n /** ISO 8601. Session resource expires after 90 days. */\n expires_at: IsoDateTime;\n}\n\n/**\n * Response from GET /partner/sessions/:id.\n *\n * Per spec §3.7, the endpoint echoes back the full SessionPayload the partner\n * originally sent to POST /partner/sessions, extended with server-assigned fields.\n * This is distinct from SessionResponse (POST projection) which carries session_token\n * and embed_base_url but not the original payload fields.\n */\nexport interface SessionGetResponse extends SessionPayload {\n /** Stable server-assigned session identifier. */\n session_id: string;\n /** ISO 8601 timestamp when the session was created. */\n created_at: IsoDateTime;\n /** ISO 8601 session expiry (90 days from creation). */\n expires_at: IsoDateTime;\n /** Lifecycle status of the session. */\n status: 'created' | 'customer_created' | 'expired';\n}\n\n/**\n * Idempotency window for POST /sessions: 24h on\n * email + addresses.current.postcode + addresses.current.address_line_1.\n * `move.out` is NOT part of the key — partners cannot retroactively change shape.\n */\nexport const SESSION_IDEMPOTENCY_TTL_MS = 24 * 60 * 60 * 1000;\n","/**\n * Spec error envelope.\n * Returned with non-2xx responses from the Partner API and surfaced verbatim by the SDK.\n */\n\nimport type { RequestId } from './common.js';\n\n/**\n * Error codes follow `<category>.<specific>` naming and match the v15 §12 catalog.\n */\nexport type ErrorCode =\n // validation.*\n | 'validation.missing_required_field'\n | 'validation.invalid_field_value'\n | 'validation.invalid_enum_value'\n // consent.*\n | 'consent.required'\n // product.*\n | 'product.id_expired'\n // loa.*\n | 'loa.coverage_missing'\n | 'loa.coverage_excess'\n | 'loa.session_mismatch'\n | 'loa.template_changed'\n | 'loa.selection_changed'\n // signature_image.*\n | 'signature_image.invalid'\n | 'signature_image.too_large'\n | 'signature_image.dimensions_invalid'\n // address.*\n | 'address.line_too_long'\n | 'address.postcode_invalid'\n // move_out.*\n | 'move_out.requires_previous_property'\n | 'move_out.invalid_date'\n // final_read.*\n | 'final_read.implausible'\n // customer.*\n | 'customer.address_invalid'\n | 'customer.not_found'\n // bank_details.*\n | 'bank_details.invalid_sort_code'\n | 'bank_details.invalid_account_number'\n | 'bank_details.modulus_check_failed'\n | 'bank_details.session_locked'\n // auth.*\n | 'auth.invalid_credentials'\n | 'auth.token_expired'\n | 'auth.token_malformed'\n | 'auth.insufficient_scope'\n // session.*\n | 'session.not_found'\n // rate.*\n | 'rate.limited'\n // internal.*\n | 'internal.error'\n // discovery.*\n | 'discovery.unavailable';\n\nexport type ErrorType =\n | 'authentication_error'\n | 'validation_error'\n | 'rate_limit_error'\n | 'api_error';\n\nexport interface ErrorEnvelope {\n error: {\n type: ErrorType;\n code: ErrorCode;\n message: string;\n /** Path of the offending field (e.g. \"addresses.current.postcode\"). */\n param?: string;\n /** For validation.missing_required_field — dot-notation list of missing fields. */\n missing_fields?: string[];\n /** Echo of `X-HelloBill-Request-Id` for support correlation. */\n request_id: RequestId;\n };\n}\n\n/** HTTP statuses the SDK retries automatically with exponential backoff. */\nexport const RETRYABLE_HTTP_STATUSES = new Set<number>([429, 500, 502, 503, 504]);\n"]}
@@ -1,2 +1,2 @@
1
- export { c as InMemoryWebhookDedupeStore, U as UnknownWebhookEventError, V as VerifyWebhookOptions, W as WebhookDedupeStore, f as WebhookHandlerContext, g as WebhookHandlerOptions, h as WebhookHandlers, i as WebhookVerificationError, k as createWebhookHandler, v as verifyWebhook, l as verifyWebhookSignature } from '../index-YlknV1_H.cjs';
2
- import '../webhooks-DPpqf7d2.cjs';
1
+ export { c as InMemoryWebhookDedupeStore, U as UnknownWebhookEventError, V as VerifyWebhookOptions, W as WebhookDedupeStore, f as WebhookHandlerContext, g as WebhookHandlerOptions, h as WebhookHandlers, i as WebhookVerificationError, k as createWebhookHandler, v as verifyWebhook, l as verifyWebhookSignature } from '../index-lPvEf5hZ.cjs';
2
+ import '../webhooks-Cv4e8oXp.cjs';
@@ -1,2 +1,2 @@
1
- export { c as InMemoryWebhookDedupeStore, U as UnknownWebhookEventError, V as VerifyWebhookOptions, W as WebhookDedupeStore, f as WebhookHandlerContext, g as WebhookHandlerOptions, h as WebhookHandlers, i as WebhookVerificationError, k as createWebhookHandler, v as verifyWebhook, l as verifyWebhookSignature } from '../index-C2MzlH64.js';
2
- import '../webhooks-DPpqf7d2.js';
1
+ export { c as InMemoryWebhookDedupeStore, U as UnknownWebhookEventError, V as VerifyWebhookOptions, W as WebhookDedupeStore, f as WebhookHandlerContext, g as WebhookHandlerOptions, h as WebhookHandlers, i as WebhookVerificationError, k as createWebhookHandler, v as verifyWebhook, l as verifyWebhookSignature } from '../index-D81ftBQo.js';
2
+ import '../webhooks-Cv4e8oXp.js';
@@ -247,7 +247,7 @@ interface SessionResponse {
247
247
  session_id: string;
248
248
  /** Short-lived JWT (300s) the embed presents to the SDK-mounted endpoints. */
249
249
  session_token: string;
250
- embed_url: string;
250
+ embed_base_url: string;
251
251
  /** Initial discovery status. Embed polls /products until complete. */
252
252
  discovery_status: 'running' | 'complete';
253
253
  estimated_ready_seconds?: number;
@@ -262,7 +262,7 @@ interface SessionResponse {
262
262
  * Per spec §3.7, the endpoint echoes back the full SessionPayload the partner
263
263
  * originally sent to POST /partner/sessions, extended with server-assigned fields.
264
264
  * This is distinct from SessionResponse (POST projection) which carries session_token
265
- * and embed_url but not the original payload fields.
265
+ * and embed_base_url but not the original payload fields.
266
266
  */
267
267
  interface SessionGetResponse extends SessionPayload {
268
268
  /** Stable server-assigned session identifier. */
@@ -638,6 +638,7 @@ interface CustomerStatusResponse {
638
638
  move_out_status: MoveOutStatus;
639
639
  subscription_status: SubscriptionStatus;
640
640
  trial_ends_at: IsoDateTime | null;
641
+ savings_summary: SavingsSummaryResponse | null;
641
642
  products: Array<ProductSetup & {
642
643
  last_updated_at: IsoDateTime;
643
644
  }>;
@@ -247,7 +247,7 @@ interface SessionResponse {
247
247
  session_id: string;
248
248
  /** Short-lived JWT (300s) the embed presents to the SDK-mounted endpoints. */
249
249
  session_token: string;
250
- embed_url: string;
250
+ embed_base_url: string;
251
251
  /** Initial discovery status. Embed polls /products until complete. */
252
252
  discovery_status: 'running' | 'complete';
253
253
  estimated_ready_seconds?: number;
@@ -262,7 +262,7 @@ interface SessionResponse {
262
262
  * Per spec §3.7, the endpoint echoes back the full SessionPayload the partner
263
263
  * originally sent to POST /partner/sessions, extended with server-assigned fields.
264
264
  * This is distinct from SessionResponse (POST projection) which carries session_token
265
- * and embed_url but not the original payload fields.
265
+ * and embed_base_url but not the original payload fields.
266
266
  */
267
267
  interface SessionGetResponse extends SessionPayload {
268
268
  /** Stable server-assigned session identifier. */
@@ -638,6 +638,7 @@ interface CustomerStatusResponse {
638
638
  move_out_status: MoveOutStatus;
639
639
  subscription_status: SubscriptionStatus;
640
640
  trial_ends_at: IsoDateTime | null;
641
+ savings_summary: SavingsSummaryResponse | null;
641
642
  products: Array<ProductSetup & {
642
643
  last_updated_at: IsoDateTime;
643
644
  }>;
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@hello-bill/node",
3
- "version": "1.0.4",
3
+ "version": "2.1.0-beta.0",
4
4
  "description": "Server-side SDK for the HelloBill Partner API. Framework-agnostic core with an Express adapter; ships a webhook verifier and the spec-derived TypeScript types.",
5
5
  "license": "MIT",
6
6
  "type": "module",