npm - @hifilabs/pixel - Versions diffs - 0.6.2 → 0.7.1 - Mend

@hifilabs/pixel 0.6.2 → 0.7.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (6) hide show

package/dist/browser.js CHANGED Viewed

@@ -8,6 +8,7 @@ var BalancePixel = (() => {
   // src/browser.ts
   (function() {
+    const PIXEL_VERSION = "0.7.0";
     function parseUserAgent(ua) {
       let device_type = "desktop";
       if (/ipad|tablet|android(?!.*mobile)/i.test(ua))
@@ -85,7 +86,7 @@ var BalancePixel = (() => {
     }
     let trackingSource = "pixel";
     if (!artistId) {
-      console.error("[BALANCE Pixel] Error: data-artist-id attribute is required");
+      logError(" Error: data-artist-id attribute is required");
       return;
     }
     const SESSION_KEY = "session_id";
@@ -94,9 +95,11 @@ var BalancePixel = (() => {
     const FAN_ID_KEY = "fan_id_hash";
     const VISITOR_ID_KEY = "visitor_id";
     const CONSENT_STORAGE_KEY = "balance_consent";
+    const CONSENT_TTL = 365 * 24 * 60 * 60 * 1e3;
+    const CONSENT_REFRESH_THRESHOLD = 30 * 24 * 60 * 60 * 1e3;
     const SESSION_DURATION = 60 * 60 * 1e3;
     const STORAGE_PREFIX = "balance_";
-    const API_ENDPOINT = customEndpoint ? customEndpoint : useEmulator ? `http://localhost:5001/artist-os-distro/us-central1/pixelEndpoint` : `https://us-central1-artist-os-distro.cloudfunctions.net/pixelEndpoint`;
+    const API_ENDPOINT = customEndpoint ? customEndpoint : useEmulator ? `http://localhost:5001/artist-os-distro/us-central1/ingestEvents` : `https://us-central1-artist-os-distro.cloudfunctions.net/ingestEvents`;
     let sessionId = null;
     let visitorId = null;
     let fanIdHash = null;
@@ -113,9 +116,14 @@ var BalancePixel = (() => {
     const IDLE_TIMEOUT = 2 * 60 * 1e3;
     let lastActivityTime = Date.now();
     let isIdle = false;
+    const SILENT_MODE = !debug;
     const log = (...args) => {
       if (debug)
-        console.log("[BALANCE Pixel]", ...args);
+        console.log("[BLN]", ...args);
+    };
+    const logError = (...args) => {
+      if (!SILENT_MODE)
+        console.error("[BLN]", ...args);
     };
     const CONSENT_STYLES = {
       base: `
@@ -227,6 +235,9 @@ var BalancePixel = (() => {
       }
       hasStoredConsent() {
         try {
+          if (window._balanceConsentNeedsRefresh) {
+            return false;
+          }
           return localStorage.getItem(CONSENT_STORAGE_KEY) !== null;
         } catch {
           return false;
@@ -269,6 +280,14 @@ var BalancePixel = (() => {
             timestamp: (/* @__PURE__ */ new Date()).toISOString()
           });
         }
+        if (accepted && !window._balanceInitialPageviewFired) {
+          window._balanceInitialPageviewFired = true;
+          if (window.balance?.page) {
+            window.balance.page();
+          }
+          startHeartbeat();
+          log("Initial pageview fired after consent granted");
+        }
         this.remove();
       }
       remove() {
@@ -338,7 +357,7 @@ var BalancePixel = (() => {
         currentStorageTier = "local";
         log(`Storage tier upgraded, migrated ${keysToMigrate.length} items`);
       } catch (error) {
-        console.error("[BALANCE Pixel] Storage migration failed:", error);
+        logError(" Storage migration failed:", error);
       }
     }
     function generateUUID() {
@@ -438,6 +457,19 @@ var BalancePixel = (() => {
         const stored = localStorage.getItem(CONSENT_STORAGE_KEY);
         if (stored) {
           const parsed = JSON.parse(stored);
+          if (parsed.expiresAt && Date.now() > parsed.expiresAt) {
+            log("Consent expired - clearing stored consent");
+            localStorage.removeItem(CONSENT_STORAGE_KEY);
+            consent = null;
+            return;
+          }
+          if (parsed.expiresAt) {
+            const timeUntilExpiry = parsed.expiresAt - Date.now();
+            if (timeUntilExpiry > 0 && timeUntilExpiry < CONSENT_REFRESH_THRESHOLD) {
+              log("Consent nearing expiration - will prompt for refresh");
+              window._balanceConsentNeedsRefresh = true;
+            }
+          }
           consent = parsed.preferences || null;
           log("Loaded consent:", consent);
         }
@@ -451,12 +483,15 @@ var BalancePixel = (() => {
         const storage = {
           preferences,
           method: "explicit",
-          version: 1
+          version: 1,
+          expiresAt: Date.now() + CONSENT_TTL
+          // 12-month expiration
         };
         localStorage.setItem(CONSENT_STORAGE_KEY, JSON.stringify(storage));
-        log("Consent saved:", preferences);
+        log("Consent saved with TTL:", preferences);
+        window._balanceConsentNeedsRefresh = false;
       } catch (e) {
-        console.error("[BALANCE Pixel] Could not save consent:", e);
+        logError(" Could not save consent:", e);
       }
       if (preferences.analytics === true) {
         upgradeStorageTier();
@@ -547,7 +582,7 @@ var BalancePixel = (() => {
         }
         log("Events sent successfully");
       } catch (error) {
-        console.error("[BALANCE Pixel] Failed to send events:", error);
+        logError(" Failed to send events:", error);
         if (eventQueue.length < 50) {
           eventQueue.push(...events);
         }
@@ -683,9 +718,10 @@ var BalancePixel = (() => {
           event_name: "identify",
           fan_id_hash: fanIdHash,
           metadata: {
-            email,
-            // Pass email for display_name fallback (extracted prefix only stored)
+            // GDPR FIX: Never send plaintext email - only hashed identifier
             email_sha256: fanIdHash,
+            email_display: maskedEmail,
+            // Safe for UI display (e.g., "j***@example.com")
             traits,
             consent_preferences: consent || void 0,
             storage_tier: currentStorageTier
@@ -693,7 +729,7 @@ var BalancePixel = (() => {
         });
         enqueueEvent(event);
       } catch (error) {
-        console.error("[BALANCE Pixel] Failed to identify:", error);
+        logError(" Failed to identify:", error);
       }
     }
     function purchase(revenue, currency = "USD", properties = {}) {
@@ -725,14 +761,7 @@ var BalancePixel = (() => {
         if (consentUIEnabled) {
           log("Consent UI enabled, waiting for explicit user consent (Tier 0 mode)");
         } else {
-          consent = {
-            analytics: true,
-            marketing: true,
-            personalization: true,
-            timestamp: (/* @__PURE__ */ new Date()).toISOString()
-          };
-          log("Default consent enabled (all tracking):", consent);
-          upgradeStorageTier();
+          log("No consent - operating in privacy-first mode (session storage only, limited tracking)");
         }
       }
       if (consent?.analytics && !visitorId) {
@@ -753,9 +782,19 @@ var BalancePixel = (() => {
         useEmulator,
         endpoint: API_ENDPOINT
       });
-      window._balanceInitialPageviewFired = true;
-      trackPageView();
-      startHeartbeat();
+      if (consent?.analytics === true) {
+        window._balanceInitialPageviewFired = true;
+        trackPageView();
+        startHeartbeat();
+        log("Full tracking enabled (user consented)");
+      } else if (consentUIEnabled) {
+        log("Tracking dormant - waiting for explicit consent via ConsentManager");
+      } else {
+        window._balanceInitialPageviewFired = true;
+        trackPageView();
+        startHeartbeat();
+        log("Privacy-first tracking enabled (session-scoped, no persistent IDs)");
+      }
       ["mousemove", "keydown", "scroll", "touchstart"].forEach((eventType) => {
         document.addEventListener(eventType, resetIdleTimer, { passive: true });
       });
@@ -772,6 +811,12 @@ var BalancePixel = (() => {
         }
       });
     }
+    if (window.balance?._version && window.balance._version !== PIXEL_VERSION) {
+      console.warn(
+        `[BLN] Version conflict: ${window.balance._version} already loaded, skipping ${PIXEL_VERSION}`
+      );
+      return;
+    }
     const existingQueue = window.balance?.q || [];
     function processQueue() {
       if (existingQueue.length > 0) {
@@ -811,7 +856,9 @@ var BalancePixel = (() => {
       getAttribution: () => attribution,
       setConsent,
       getConsent,
-      hasConsent
+      hasConsent,
+      _version: PIXEL_VERSION
+      // Expose version for collision detection
     };
     function initConsentManager() {
       if (consentUIEnabled && !consent) {
@@ -822,16 +869,17 @@ var BalancePixel = (() => {
         });
       }
     }
+    const scheduleIdleWork = window.requestIdleCallback || ((cb) => setTimeout(cb, 1));
     if (document.readyState === "loading") {
       document.addEventListener("DOMContentLoaded", () => {
         init();
         processQueue();
-        initConsentManager();
+        scheduleIdleWork(() => initConsentManager());
       });
     } else {
       init();
       processQueue();
-      initConsentManager();
+      scheduleIdleWork(() => initConsentManager());
     }
     log("Pixel script loaded");
   })();

package/dist/browser.min.js CHANGED Viewed

@@ -1,4 +1,4 @@
-var BalancePixel=(()=>{var Me=Object.defineProperty;var Be=(f,a,g)=>a in f?Me(f,a,{enumerable:!0,configurable:!0,writable:!0,value:g}):f[a]=g;var T=(f,a,g)=>(Be(f,typeof a!="symbol"?a+"":a,g),g);(function(){function f(e){let t="desktop";/ipad|tablet|android(?!.*mobile)/i.test(e)?t="tablet":/mobile|iphone|android.*mobile|blackberry|iemobile/i.test(e)&&(t="mobile");let n="Unknown";/edg/i.test(e)?n="Edge":/opr|opera/i.test(e)?n="Opera":/firefox/i.test(e)?n="Firefox":/chrome/i.test(e)?n="Chrome":/safari/i.test(e)&&(n="Safari");let o="Unknown";return/iphone|ipad/i.test(e)?o="iOS":/android/i.test(e)?o="Android":/windows/i.test(e)?o="Windows":/mac os/i.test(e)?o="macOS":/linux/i.test(e)?o="Linux":/cros/i.test(e)&&(o="ChromeOS"),{device_type:t,browser:n,os:o}}let a=null;function g(){if(!a)try{a=f(navigator.userAgent)}catch{a={device_type:"desktop",browser:"Unknown",os:"Unknown"}}return a}let s=document.currentScript,A=s?.dataset.artistId,P=s?.dataset.projectId,D=P?fe(P):void 0;function fe(e){return!e||e.startsWith("release_")||e.startsWith("merch_")||e.startsWith("link_")||e.startsWith("custom_")?e:`custom_${e}`}let W=s?.dataset.emulator==="true",ge=s?.dataset.debug==="true",O=parseInt(s?.dataset.heartbeatInterval||"30000",10),q=s?.dataset.heartbeat!=="false",V=s?.dataset.source,Y=s?.dataset.endpoint,J=s?.dataset.consentUi==="true",pe=s?.dataset.consentStyle||"brutalist",me=s?.dataset.primaryColor,he=s?.dataset.bannerPosition||"bottom";function be(){if(V)return V;let e=typeof window.dataLayer<"u"&&Array.isArray(window.dataLayer),t=typeof window.gtag=="function";return e&&t?"gtm":"pixel"}let _="pixel";if(!A){console.error("[BALANCE Pixel] Error: data-artist-id attribute is required");return}let G="session_id",L="session_timestamp",Q="attribution",X="fan_id_hash",N="visitor_id",U="balance_consent",ye=60*60*1e3,p="balance_",R=Y||(W?"http://localhost:5001/artist-os-distro/us-central1/pixelEndpoint":"https://us-central1-artist-os-distro.cloudfunctions.net/pixelEndpoint"),k=null,c=null,l=null,i=null,m={},d=[],M=null,u="session",h=null,ve=0,B=0,b=0,w=!0,we=2*60*1e3,Z=Date.now(),x=!1,r=(...e)=>{ge&&console.log("[BALANCE Pixel]",...e)},H={base:`
+var BalancePixel=(()=>{var ze=Object.defineProperty;var Ve=(l,d,c)=>d in l?ze(l,d,{enumerable:!0,configurable:!0,writable:!0,value:c}):l[d]=c;var A=(l,d,c)=>(Ve(l,typeof d!="symbol"?d+"":d,c),c);(function(){let l="0.7.0";function d(e){let t="desktop";/ipad|tablet|android(?!.*mobile)/i.test(e)?t="tablet":/mobile|iphone|android.*mobile|blackberry|iemobile/i.test(e)&&(t="mobile");let n="Unknown";/edg/i.test(e)?n="Edge":/opr|opera/i.test(e)?n="Opera":/firefox/i.test(e)?n="Firefox":/chrome/i.test(e)?n="Chrome":/safari/i.test(e)&&(n="Safari");let o="Unknown";return/iphone|ipad/i.test(e)?o="iOS":/android/i.test(e)?o="Android":/windows/i.test(e)?o="Windows":/mac os/i.test(e)?o="macOS":/linux/i.test(e)?o="Linux":/cros/i.test(e)&&(o="ChromeOS"),{device_type:t,browser:n,os:o}}let c=null;function be(){if(!c)try{c=d(navigator.userAgent)}catch{c={device_type:"desktop",browser:"Unknown",os:"Unknown"}}return c}let a=document.currentScript,O=a?.dataset.artistId,N=a?.dataset.projectId,L=N?he(N):void 0;function he(e){return!e||e.startsWith("release_")||e.startsWith("merch_")||e.startsWith("link_")||e.startsWith("custom_")?e:`custom_${e}`}let K=a?.dataset.emulator==="true",Y=a?.dataset.debug==="true",R=parseInt(a?.dataset.heartbeatInterval||"30000",10),J=a?.dataset.heartbeat!=="false",G=a?.dataset.source,Q=a?.dataset.endpoint,U=a?.dataset.consentUi==="true",ye=a?.dataset.consentStyle||"brutalist",ve=a?.dataset.primaryColor,we=a?.dataset.bannerPosition||"bottom";function Ie(){if(G)return G;let e=typeof window.dataLayer<"u"&&Array.isArray(window.dataLayer),t=typeof window.gtag=="function";return e&&t?"gtm":"pixel"}let k="pixel";if(!O){x(" Error: data-artist-id attribute is required");return}let X="session_id",M="session_timestamp",Z="attribution",ee="fan_id_hash",F="visitor_id",C="balance_consent",xe=365*24*60*60*1e3,Se=30*24*60*60*1e3,_e=60*60*1e3,p="balance_",H=Q||(K?"http://localhost:5001/artist-os-distro/us-central1/ingestEvents":"https://us-central1-artist-os-distro.cloudfunctions.net/ingestEvents"),E=null,s=null,u=null,i=null,m={},f=[],j=null,g="session",b=null,ke=0,B=0,h=0,w=!0,Ce=2*60*1e3,te=Date.now(),I=!1,Ee=!Y,r=(...e)=>{Y&&console.log("[BLN]",...e)},x=(...e)=>{Ee||console.error("[BLN]",...e)},$={base:`
       :host {
         font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, sans-serif;
         position: fixed;
@@ -83,12 +83,12 @@ var BalancePixel=(()=>{var Me=Object.defineProperty;var Be=(f,a,g)=>a in f?Me(f,
       }
       .btn.accept { background: #fff; color: #000; border-color: #fff; }
       .btn:hover { opacity: 0.8; }
-    `};class xe{constructor(t){T(this,"container",null);T(this,"shadow",null);T(this,"config");if(this.config=t,this.hasStoredConsent()){r("ConsentManager: Consent already exists, not showing banner");return}this.container=document.createElement("div"),this.container.id="balance-consent-manager",this.shadow=this.container.attachShadow({mode:"closed"}),this.render(),document.body.appendChild(this.container),r("ConsentManager: Banner rendered")}hasStoredConsent(){try{return localStorage.getItem(U)!==null}catch{return!1}}render(){if(!this.shadow)return;let t=this.config.style||"brutalist",n=H.base,o=H[t]||H.brutalist,S=this.config.position==="top"?"top: 0;":"bottom: 0;",ue=this.config.primaryColor?`.btn.accept { background: ${this.config.primaryColor} !important; border-color: ${this.config.primaryColor} !important; color: #fff !important; }`:"";this.shadow.innerHTML=`
+    `};class Te{constructor(t){A(this,"container",null);A(this,"shadow",null);A(this,"config");if(this.config=t,this.hasStoredConsent()){r("ConsentManager: Consent already exists, not showing banner");return}this.container=document.createElement("div"),this.container.id="balance-consent-manager",this.shadow=this.container.attachShadow({mode:"closed"}),this.render(),document.body.appendChild(this.container),r("ConsentManager: Banner rendered")}hasStoredConsent(){try{return window._balanceConsentNeedsRefresh?!1:localStorage.getItem(C)!==null}catch{return!1}}render(){if(!this.shadow)return;let t=this.config.style||"brutalist",n=$.base,o=$[t]||$.brutalist,_=this.config.position==="top"?"top: 0;":"bottom: 0;",me=this.config.primaryColor?`.btn.accept { background: ${this.config.primaryColor} !important; border-color: ${this.config.primaryColor} !important; color: #fff !important; }`:"";this.shadow.innerHTML=`
         <style>
           ${n}
-          :host { ${S} }
+          :host { ${_} }
           ${o}
-          ${ue}
+          ${me}
         </style>
         <div class="banner" role="dialog" aria-label="Cookie consent" aria-modal="false">
           <p class="text">
@@ -99,4 +99,4 @@ var BalancePixel=(()=>{var Me=Object.defineProperty;var Be=(f,a,g)=>a in f?Me(f,
             <button id="accept" class="btn accept">Accept</button>
           </div>
         </div>
-      `,this.shadow.getElementById("accept")?.addEventListener("click",()=>this.handleConsent(!0)),this.shadow.getElementById("decline")?.addEventListener("click",()=>this.handleConsent(!1))}handleConsent(t){window.balance?.setConsent&&window.balance.setConsent({analytics:t,marketing:t,personalization:t,timestamp:new Date().toISOString()}),this.remove()}remove(){this.container&&(this.container.remove(),this.container=null,this.shadow=null,r("ConsentManager: Banner removed"))}}function ee(){try{return u==="local"?localStorage:sessionStorage}catch{return null}}function C(e){let t=ee();if(!t)return null;try{let n=p+e,o=t.getItem(n);if(!o&&u==="session")try{o=localStorage.getItem(n)}catch{}return o}catch{return null}}function I(e,t){let n=ee();if(n)try{n.setItem(p+e,t)}catch{}}function j(){if(u!=="local"){r("Upgrading storage tier: session -> local");try{let e=[];for(let t=0;t<sessionStorage.length;t++){let n=sessionStorage.key(t);n?.startsWith(p)&&e.push(n)}for(let t of e){let n=sessionStorage.getItem(t);n&&localStorage.setItem(t,n)}for(let t of e)sessionStorage.removeItem(t);u="local",r(`Storage tier upgraded, migrated ${e.length} items`)}catch(e){console.error("[BALANCE Pixel] Storage migration failed:",e)}}}function F(){return crypto&&crypto.randomUUID?crypto.randomUUID():"xxxxxxxx-xxxx-4xxx-yxxx-xxxxxxxxxxxx".replace(/[xy]/g,e=>{let t=Math.random()*16|0;return(e==="x"?t:t&3|8).toString(16)})}function Ie(){try{let e=C(G),t=C(L);if(e&&t&&Date.now()-parseInt(t,10)<ye)return I(L,Date.now().toString()),e;let n=F();return I(G,n),I(L,Date.now().toString()),n}catch{return F()}}function Se(){let e=new URLSearchParams(window.location.search),t={};return["source","medium","campaign","content","term"].forEach(n=>{let o=e.get(`utm_${n}`);o&&(t[`utm_${n}`]=o)}),t}function _e(){try{let e=C(Q);if(e){m=JSON.parse(e),r("Loaded attribution:",m);return}let t=Se();Object.keys(t).length>0&&(m=t,I(Q,JSON.stringify(t)),r("Captured attribution:",m))}catch{}}function ke(){try{l=C(X)}catch{}}function te(){if(!i?.analytics)return null;try{let e=localStorage.getItem(p+N);if(e)return e;let t=F();return localStorage.setItem(p+N,t),r("Created persistent visitor ID:",t.substring(0,8)+"..."),t}catch{return null}}function Ce(){if(!i?.analytics){c=null;return}try{c=localStorage.getItem(p+N),c&&r("Loaded visitor ID:",c.substring(0,8)+"...")}catch{}}function Ee(){try{let e=localStorage.getItem(U);e&&(i=JSON.parse(e).preferences||null,r("Loaded consent:",i))}catch{}}function ne(e){let t=i;i=e;try{let o={preferences:e,method:"explicit",version:1};localStorage.setItem(U,JSON.stringify(o)),r("Consent saved:",e)}catch(o){console.error("[BALANCE Pixel] Could not save consent:",o)}e.analytics===!0&&(j(),c||(c=te()));let n=y({event_name:"consent_updated",metadata:{consent_preferences:e,consent_method:"explicit",previous_consent:t||void 0}});v(n);try{window.dispatchEvent(new CustomEvent("balance:consent:updated",{detail:e})),r("DOM event balance:consent:updated dispatched")}catch{}}function Te(){return i}function Ae(e){return i?.[e]===!0}async function Pe(e){let t=e.toLowerCase().trim(),o=new TextEncoder().encode(t),S=await crypto.subtle.digest("SHA-256",o);return Array.from(new Uint8Array(S)).map(Re=>Re.toString(16).padStart(2,"0")).join("")}function y(e){let t=g(),n={artist_id:A,fan_session_id:k,visitor_id:c||void 0,fan_id_hash:l||void 0,timestamp:new Date().toISOString(),source_url:window.location.href,referrer_url:document.referrer||void 0,user_agent:navigator.userAgent,device_type:t.device_type,browser:t.browser,os:t.os,tracking_source:_,...e,...m};return D&&!e.projectId&&(n.projectId=D),n}function v(e){d.push(e),r("Event queued:",e.event_name,"(queue:",d.length,")"),d.length>=10&&E()}async function E(){if(d.length===0)return;let e=[...d];d=[],r("Flushing",e.length,"events to",R);try{let t=await fetch(R,{method:"POST",headers:{"Content-Type":"application/json"},body:JSON.stringify({events:e}),keepalive:!0});if(!t.ok)throw new Error(`HTTP ${t.status}`);r("Events sent successfully")}catch(t){console.error("[BALANCE Pixel] Failed to send events:",t),d.length<50&&d.push(...e)}}function De(){M&&clearInterval(M),M=window.setInterval(()=>{d.length>0&&E()},5e3)}function z(){b||(ve=Date.now()),b=Date.now(),w=!0,r("Active time tracking started/resumed")}function re(){b&&w&&(B+=Date.now()-b),w=!1,r("Active time tracking paused, accumulated:",B,"ms")}function Oe(){let e=B;return w&&b&&(e+=Date.now()-b),e}function Le(){Z=Date.now(),x&&(x=!1,z(),r("User returned from idle"))}function oe(){if(document.visibilityState==="hidden"){r("Skipping heartbeat - tab hidden");return}if(Date.now()-Z>we){x||(x=!0,re(),r("User idle - pausing heartbeat"));return}let e=Oe(),t=Math.round(e/1e3),n=y({event_name:"engagement_heartbeat",metadata:{time_on_page_seconds:t,time_on_page_ms:e,heartbeat_interval_ms:O,is_active:w&&!x}});v(n),r("Heartbeat sent:",t,"seconds active")}function Ne(){if(!q){r('Heartbeat disabled via data-heartbeat="false"');return}h&&clearInterval(h),z(),h=window.setInterval(()=>{oe()},O),r("Heartbeat started with interval:",O,"ms")}function Ue(){h&&(clearInterval(h),h=null),q&&(oe(),r("Heartbeat stopped, final time sent"))}function $(e={}){let t=y({event_name:"pageview",page_title:e.title||document.title,source_url:e.url||window.location.href});v(t)}function ie(e,t={}){let n=y({event_name:"custom",metadata:{event_type:e,...t}});v(n)}async function ae(e,t={}){try{if(i&&i.analytics===!1){r("Identify skipped - user declined analytics consent");return}l=await Pe(e),i?.analytics===!0&&j(),I(X,l);let n=e.split("@"),o=n[0].charAt(0)+"***@"+(n[1]||"");r("Fan identified:",{name:t.name||"(no name)",email:o,hash:l.substring(0,16)+"...",traits:t,storageTier:u});let S=y({event_name:"identify",fan_id_hash:l,metadata:{email:e,email_sha256:l,traits:t,consent_preferences:i||void 0,storage_tier:u}});v(S)}catch(n){console.error("[BALANCE Pixel] Failed to identify:",n)}}function se(e,t="USD",n={}){let o=y({event_name:"purchase",metadata:{revenue:e,currency:t,...n}});v(o)}function ce(){_=be(),r("Tracking source detected:",_),Ee(),i?.analytics===!0?(u="local",r("Storage tier: local (analytics consent granted)")):(u="session",r("Storage tier: session (privacy by default)")),k=Ie(),ke(),Ce(),i||(J?r("Consent UI enabled, waiting for explicit user consent (Tier 0 mode)"):(i={analytics:!0,marketing:!0,personalization:!0,timestamp:new Date().toISOString()},r("Default consent enabled (all tracking):",i),j())),i?.analytics&&!c&&(c=te()),_e(),De(),r("Initialized",{artistId:A,projectId:D||"(none - will track to all projects)",rawProjectId:P||"(none)",sessionId:k,visitorId:c?c.substring(0,8)+"...":null,fanIdHash:l,consent:i,storageTier:u,trackingSource:_,useEmulator:W,endpoint:R}),window._balanceInitialPageviewFired=!0,$(),Ne(),["mousemove","keydown","scroll","touchstart"].forEach(e=>{document.addEventListener(e,Le,{passive:!0})}),window.addEventListener("beforeunload",()=>{Ue(),E()}),document.addEventListener("visibilitychange",()=>{document.visibilityState==="hidden"?(re(),E()):z()})}let K=window.balance?.q||[];function le(){if(K.length>0){r("Processing",K.length,"queued commands");for(let e of K){let[t,...n]=e;switch(t){case"track":ie(n[0],n[1]);break;case"identify":ae(n[0],n[1]);break;case"page":$(n[0]);break;case"purchase":se(n[0],n[1],n[2]);break;case"setConsent":ne(n[0]);break;default:r("Unknown queued command:",t)}}}}window.balance={track:ie,identify:ae,page:$,purchase:se,getSessionId:()=>k,getVisitorId:()=>c,getFanIdHash:()=>l,getAttribution:()=>m,setConsent:ne,getConsent:Te,hasConsent:Ae};function de(){J&&!i&&new xe({style:pe,primaryColor:me,position:he})}document.readyState==="loading"?document.addEventListener("DOMContentLoaded",()=>{ce(),le(),de()}):(ce(),le(),de()),r("Pixel script loaded")})();})();
+      `,this.shadow.getElementById("accept")?.addEventListener("click",()=>this.handleConsent(!0)),this.shadow.getElementById("decline")?.addEventListener("click",()=>this.handleConsent(!1))}handleConsent(t){window.balance?.setConsent&&window.balance.setConsent({analytics:t,marketing:t,personalization:t,timestamp:new Date().toISOString()}),t&&!window._balanceInitialPageviewFired&&(window._balanceInitialPageviewFired=!0,window.balance?.page&&window.balance.page(),W(),r("Initial pageview fired after consent granted")),this.remove()}remove(){this.container&&(this.container.remove(),this.container=null,this.shadow=null,r("ConsentManager: Banner removed"))}}function ne(){try{return g==="local"?localStorage:sessionStorage}catch{return null}}function T(e){let t=ne();if(!t)return null;try{let n=p+e,o=t.getItem(n);if(!o&&g==="session")try{o=localStorage.getItem(n)}catch{}return o}catch{return null}}function S(e,t){let n=ne();if(n)try{n.setItem(p+e,t)}catch{}}function re(){if(g!=="local"){r("Upgrading storage tier: session -> local");try{let e=[];for(let t=0;t<sessionStorage.length;t++){let n=sessionStorage.key(t);n?.startsWith(p)&&e.push(n)}for(let t of e){let n=sessionStorage.getItem(t);n&&localStorage.setItem(t,n)}for(let t of e)sessionStorage.removeItem(t);g="local",r(`Storage tier upgraded, migrated ${e.length} items`)}catch(e){x(" Storage migration failed:",e)}}}function z(){return crypto&&crypto.randomUUID?crypto.randomUUID():"xxxxxxxx-xxxx-4xxx-yxxx-xxxxxxxxxxxx".replace(/[xy]/g,e=>{let t=Math.random()*16|0;return(e==="x"?t:t&3|8).toString(16)})}function De(){try{let e=T(X),t=T(M);if(e&&t&&Date.now()-parseInt(t,10)<_e)return S(M,Date.now().toString()),e;let n=z();return S(X,n),S(M,Date.now().toString()),n}catch{return z()}}function Pe(){let e=new URLSearchParams(window.location.search),t={};return["source","medium","campaign","content","term"].forEach(n=>{let o=e.get(`utm_${n}`);o&&(t[`utm_${n}`]=o)}),t}function Ae(){try{let e=T(Z);if(e){m=JSON.parse(e),r("Loaded attribution:",m);return}let t=Pe();Object.keys(t).length>0&&(m=t,S(Z,JSON.stringify(t)),r("Captured attribution:",m))}catch{}}function Oe(){try{u=T(ee)}catch{}}function oe(){if(!i?.analytics)return null;try{let e=localStorage.getItem(p+F);if(e)return e;let t=z();return localStorage.setItem(p+F,t),r("Created persistent visitor ID:",t.substring(0,8)+"..."),t}catch{return null}}function Ne(){if(!i?.analytics){s=null;return}try{s=localStorage.getItem(p+F),s&&r("Loaded visitor ID:",s.substring(0,8)+"...")}catch{}}function Le(){try{let e=localStorage.getItem(C);if(e){let t=JSON.parse(e);if(t.expiresAt&&Date.now()>t.expiresAt){r("Consent expired - clearing stored consent"),localStorage.removeItem(C),i=null;return}if(t.expiresAt){let n=t.expiresAt-Date.now();n>0&&n<Se&&(r("Consent nearing expiration - will prompt for refresh"),window._balanceConsentNeedsRefresh=!0)}i=t.preferences||null,r("Loaded consent:",i)}}catch{}}function ie(e){let t=i;i=e;try{let o={preferences:e,method:"explicit",version:1,expiresAt:Date.now()+xe};localStorage.setItem(C,JSON.stringify(o)),r("Consent saved with TTL:",e),window._balanceConsentNeedsRefresh=!1}catch(o){x(" Could not save consent:",o)}e.analytics===!0&&(re(),s||(s=oe()));let n=y({event_name:"consent_updated",metadata:{consent_preferences:e,consent_method:"explicit",previous_consent:t||void 0}});v(n);try{window.dispatchEvent(new CustomEvent("balance:consent:updated",{detail:e})),r("DOM event balance:consent:updated dispatched")}catch{}}function Re(){return i}function Ue(e){return i?.[e]===!0}async function Me(e){let t=e.toLowerCase().trim(),o=new TextEncoder().encode(t),_=await crypto.subtle.digest("SHA-256",o);return Array.from(new Uint8Array(_)).map($e=>$e.toString(16).padStart(2,"0")).join("")}function y(e){let t=be(),n={artist_id:O,fan_session_id:E,visitor_id:s||void 0,fan_id_hash:u||void 0,timestamp:new Date().toISOString(),source_url:window.location.href,referrer_url:document.referrer||void 0,user_agent:navigator.userAgent,device_type:t.device_type,browser:t.browser,os:t.os,tracking_source:k,...e,...m};return L&&!e.projectId&&(n.projectId=L),n}function v(e){f.push(e),r("Event queued:",e.event_name,"(queue:",f.length,")"),f.length>=10&&D()}async function D(){if(f.length===0)return;let e=[...f];f=[],r("Flushing",e.length,"events to",H);try{let t=await fetch(H,{method:"POST",headers:{"Content-Type":"application/json"},body:JSON.stringify({events:e}),keepalive:!0});if(!t.ok)throw new Error(`HTTP ${t.status}`);r("Events sent successfully")}catch(t){x(" Failed to send events:",t),f.length<50&&f.push(...e)}}function Fe(){j&&clearInterval(j),j=window.setInterval(()=>{f.length>0&&D()},5e3)}function V(){h||(ke=Date.now()),h=Date.now(),w=!0,r("Active time tracking started/resumed")}function ae(){h&&w&&(B+=Date.now()-h),w=!1,r("Active time tracking paused, accumulated:",B,"ms")}function He(){let e=B;return w&&h&&(e+=Date.now()-h),e}function je(){te=Date.now(),I&&(I=!1,V(),r("User returned from idle"))}function se(){if(document.visibilityState==="hidden"){r("Skipping heartbeat - tab hidden");return}if(Date.now()-te>Ce){I||(I=!0,ae(),r("User idle - pausing heartbeat"));return}let e=He(),t=Math.round(e/1e3),n=y({event_name:"engagement_heartbeat",metadata:{time_on_page_seconds:t,time_on_page_ms:e,heartbeat_interval_ms:R,is_active:w&&!I}});v(n),r("Heartbeat sent:",t,"seconds active")}function W(){if(!J){r('Heartbeat disabled via data-heartbeat="false"');return}b&&clearInterval(b),V(),b=window.setInterval(()=>{se()},R),r("Heartbeat started with interval:",R,"ms")}function Be(){b&&(clearInterval(b),b=null),J&&(se(),r("Heartbeat stopped, final time sent"))}function P(e={}){let t=y({event_name:"pageview",page_title:e.title||document.title,source_url:e.url||window.location.href});v(t)}function ce(e,t={}){let n=y({event_name:"custom",metadata:{event_type:e,...t}});v(n)}async function le(e,t={}){try{if(i&&i.analytics===!1){r("Identify skipped - user declined analytics consent");return}u=await Me(e),i?.analytics===!0&&re(),S(ee,u);let n=e.split("@"),o=n[0].charAt(0)+"***@"+(n[1]||"");r("Fan identified:",{name:t.name||"(no name)",email:o,hash:u.substring(0,16)+"...",traits:t,storageTier:g});let _=y({event_name:"identify",fan_id_hash:u,metadata:{email_sha256:u,email_display:o,traits:t,consent_preferences:i||void 0,storage_tier:g}});v(_)}catch(n){x(" Failed to identify:",n)}}function de(e,t="USD",n={}){let o=y({event_name:"purchase",metadata:{revenue:e,currency:t,...n}});v(o)}function ue(){k=Ie(),r("Tracking source detected:",k),Le(),i?.analytics===!0?(g="local",r("Storage tier: local (analytics consent granted)")):(g="session",r("Storage tier: session (privacy by default)")),E=De(),Oe(),Ne(),i||r(U?"Consent UI enabled, waiting for explicit user consent (Tier 0 mode)":"No consent - operating in privacy-first mode (session storage only, limited tracking)"),i?.analytics&&!s&&(s=oe()),Ae(),Fe(),r("Initialized",{artistId:O,projectId:L||"(none - will track to all projects)",rawProjectId:N||"(none)",sessionId:E,visitorId:s?s.substring(0,8)+"...":null,fanIdHash:u,consent:i,storageTier:g,trackingSource:k,useEmulator:K,endpoint:H}),i?.analytics===!0?(window._balanceInitialPageviewFired=!0,P(),W(),r("Full tracking enabled (user consented)")):U?r("Tracking dormant - waiting for explicit consent via ConsentManager"):(window._balanceInitialPageviewFired=!0,P(),W(),r("Privacy-first tracking enabled (session-scoped, no persistent IDs)")),["mousemove","keydown","scroll","touchstart"].forEach(e=>{document.addEventListener(e,je,{passive:!0})}),window.addEventListener("beforeunload",()=>{Be(),D()}),document.addEventListener("visibilitychange",()=>{document.visibilityState==="hidden"?(ae(),D()):V()})}if(window.balance?._version&&window.balance._version!==l){console.warn(`[BLN] Version conflict: ${window.balance._version} already loaded, skipping ${l}`);return}let q=window.balance?.q||[];function fe(){if(q.length>0){r("Processing",q.length,"queued commands");for(let e of q){let[t,...n]=e;switch(t){case"track":ce(n[0],n[1]);break;case"identify":le(n[0],n[1]);break;case"page":P(n[0]);break;case"purchase":de(n[0],n[1],n[2]);break;case"setConsent":ie(n[0]);break;default:r("Unknown queued command:",t)}}}}window.balance={track:ce,identify:le,page:P,purchase:de,getSessionId:()=>E,getVisitorId:()=>s,getFanIdHash:()=>u,getAttribution:()=>m,setConsent:ie,getConsent:Re,hasConsent:Ue,_version:l};function ge(){U&&!i&&new Te({style:ye,primaryColor:ve,position:we})}let pe=window.requestIdleCallback||(e=>setTimeout(e,1));document.readyState==="loading"?document.addEventListener("DOMContentLoaded",()=>{ue(),fe(),pe(()=>ge())}):(ue(),fe(),pe(()=>ge())),r("Pixel script loaded")})();})();

package/dist/index.esm.d.ts CHANGED Viewed

@@ -53,7 +53,12 @@ export interface BalanceContextValue {
   setConsent: (preferences: ConsentPreferences) => void;
   getConsent: () => ConsentPreferences | null;
   hasConsent: (type: 'analytics' | 'marketing' | 'personalization') => boolean;
+  /** True when the pixel script has loaded successfully */
   isReady: boolean;
+  /** True if the pixel script failed to load */
+  isError: boolean;
+  /** Error object if script loading failed */
+  error: Error | null;
   artistId: string;
   projectId?: string;
   endpoint?: string;

package/dist/index.js CHANGED Viewed

@@ -100,6 +100,8 @@ var defaultContextValue = {
   hasConsent: () => false,
   // State - SSR-safe defaults
   isReady: false,
+  isError: false,
+  error: null,
   artistId: "",
   projectId: void 0,
   endpoint: void 0,
@@ -284,6 +286,8 @@ function BalanceProvider({
   children
 }) {
   const [isReady, setIsReady] = (0, import_react4.useState)(false);
+  const [isError, setIsError] = (0, import_react4.useState)(false);
+  const [error, setError] = (0, import_react4.useState)(null);
   const [shouldLoadScript, setShouldLoadScript] = (0, import_react4.useState)(false);
   (0, import_react4.useEffect)(() => {
     ensureGlobalStub();
@@ -390,6 +394,8 @@ function BalanceProvider({
     hasConsent: hasConsent2,
     // State
     isReady,
+    isError,
+    error,
     artistId,
     projectId,
     endpoint,
@@ -406,6 +412,8 @@ function BalanceProvider({
     getConsent2,
     hasConsent2,
     isReady,
+    isError,
+    error,
     artistId,
     projectId,
     endpoint,
@@ -419,8 +427,17 @@ function BalanceProvider({
   }, [debug]);
   const handleScriptError = (0, import_react4.useCallback)((e) => {
     console.error("[BalanceProvider] Failed to load pixel script:", e);
+    setIsError(true);
+    setError(e);
   }, []);
   const resolvedScriptUrl = scriptUrl ?? DEFAULT_SCRIPT_URL;
+  (0, import_react4.useEffect)(() => {
+    if (debug && !scriptUrl) {
+      console.warn(
+        '[BalanceProvider] Using default CDN URL. For production, consider hosting the pixel script locally:\n1. Copy index.js from artist-os-distro/apps/web/public/scripts/\n2. Place it in your public/scripts/index.js\n3. Set scriptUrl="/scripts/index.js"\n\nThis avoids external dependencies and CSP issues.'
+      );
+    }
+  }, [debug, scriptUrl]);
   const content = /* @__PURE__ */ import_react4.default.createElement(BalanceContext.Provider, { value: contextValue }, shouldLoadScript && /* @__PURE__ */ import_react4.default.createElement(
     import_script2.default,
     {
@@ -2880,6 +2897,17 @@ var import_react23 = require("react");
 // src/storage/StorageManager.ts
 var DEFAULT_PREFIX = "balance_";
+var TTL_DURATIONS = {
+  /** Consent should be refreshed annually per GDPR best practices */
+  CONSENT: 365 * 24 * 60 * 60 * 1e3,
+  // 12 months
+  /** Session IDs expire with the session anyway */
+  SESSION: 30 * 60 * 1e3,
+  // 30 minutes
+  /** Visitor IDs can persist longer for returning user detection */
+  VISITOR: 90 * 24 * 60 * 60 * 1e3
+  // 90 days
+};
 var StorageManager = class {
   constructor(config) {
     __publicField(this, "prefix");
@@ -3061,6 +3089,80 @@ var StorageManager = class {
     } catch {
     }
   }
+  /**
+   * Set item with TTL (Time To Live)
+   * The item will automatically expire after the specified duration
+   */
+  setItemWithTTL(key, value, ttlMs) {
+    const ttlWrapper = {
+      value,
+      expiresAt: Date.now() + ttlMs
+    };
+    this.setItem(key, JSON.stringify(ttlWrapper));
+  }
+  /**
+   * Get item with TTL check
+   * Returns null if the item has expired (and removes it)
+   */
+  getItemWithTTL(key) {
+    const raw = this.getItem(key);
+    if (!raw)
+      return null;
+    try {
+      const parsed = JSON.parse(raw);
+      if (typeof parsed === "object" && "expiresAt" in parsed && "value" in parsed) {
+        if (Date.now() > parsed.expiresAt) {
+          this.removeItem(key);
+          return null;
+        }
+        return parsed.value;
+      }
+      return raw;
+    } catch {
+      return raw;
+    }
+  }
+  /**
+   * Set JSON item with TTL
+   */
+  setJSONWithTTL(key, value, ttlMs) {
+    try {
+      this.setItemWithTTL(key, JSON.stringify(value), ttlMs);
+    } catch {
+    }
+  }
+  /**
+   * Get JSON item with TTL check
+   */
+  getJSONWithTTL(key) {
+    const value = this.getItemWithTTL(key);
+    if (!value)
+      return null;
+    try {
+      return JSON.parse(value);
+    } catch {
+      return null;
+    }
+  }
+  /**
+   * Check if an item's TTL needs refresh (e.g., consent nearing expiration)
+   * Returns true if the item will expire within the threshold
+   */
+  needsTTLRefresh(key, refreshThresholdMs = 30 * 24 * 60 * 60 * 1e3) {
+    const raw = this.getItem(key);
+    if (!raw)
+      return false;
+    try {
+      const parsed = JSON.parse(raw);
+      if (typeof parsed === "object" && "expiresAt" in parsed) {
+        const timeUntilExpiry = parsed.expiresAt - Date.now();
+        return timeUntilExpiry > 0 && timeUntilExpiry < refreshThresholdMs;
+      }
+      return false;
+    } catch {
+      return false;
+    }
+  }
 };
 var storageManagerInstance = null;
 function getStorageManager() {

package/dist/index.mjs CHANGED Viewed

@@ -31,6 +31,8 @@ var defaultContextValue = {
   hasConsent: () => false,
   // State - SSR-safe defaults
   isReady: false,
+  isError: false,
+  error: null,
   artistId: "",
   projectId: void 0,
   endpoint: void 0,
@@ -215,6 +217,8 @@ function BalanceProvider({
   children
 }) {
   const [isReady, setIsReady] = useState(false);
+  const [isError, setIsError] = useState(false);
+  const [error, setError] = useState(null);
   const [shouldLoadScript, setShouldLoadScript] = useState(false);
   useEffect2(() => {
     ensureGlobalStub();
@@ -321,6 +325,8 @@ function BalanceProvider({
     hasConsent: hasConsent2,
     // State
     isReady,
+    isError,
+    error,
     artistId,
     projectId,
     endpoint,
@@ -337,6 +343,8 @@ function BalanceProvider({
     getConsent2,
     hasConsent2,
     isReady,
+    isError,
+    error,
     artistId,
     projectId,
     endpoint,
@@ -350,8 +358,17 @@ function BalanceProvider({
   }, [debug]);
   const handleScriptError = useCallback2((e) => {
     console.error("[BalanceProvider] Failed to load pixel script:", e);
+    setIsError(true);
+    setError(e);
   }, []);
   const resolvedScriptUrl = scriptUrl ?? DEFAULT_SCRIPT_URL;
+  useEffect2(() => {
+    if (debug && !scriptUrl) {
+      console.warn(
+        '[BalanceProvider] Using default CDN URL. For production, consider hosting the pixel script locally:\n1. Copy index.js from artist-os-distro/apps/web/public/scripts/\n2. Place it in your public/scripts/index.js\n3. Set scriptUrl="/scripts/index.js"\n\nThis avoids external dependencies and CSP issues.'
+      );
+    }
+  }, [debug, scriptUrl]);
   const content = /* @__PURE__ */ React3.createElement(BalanceContext.Provider, { value: contextValue }, shouldLoadScript && /* @__PURE__ */ React3.createElement(
     Script2,
     {
@@ -2811,6 +2828,17 @@ import { useCallback as useCallback16, useEffect as useEffect9, useRef as useRef
 // src/storage/StorageManager.ts
 var DEFAULT_PREFIX = "balance_";
+var TTL_DURATIONS = {
+  /** Consent should be refreshed annually per GDPR best practices */
+  CONSENT: 365 * 24 * 60 * 60 * 1e3,
+  // 12 months
+  /** Session IDs expire with the session anyway */
+  SESSION: 30 * 60 * 1e3,
+  // 30 minutes
+  /** Visitor IDs can persist longer for returning user detection */
+  VISITOR: 90 * 24 * 60 * 60 * 1e3
+  // 90 days
+};
 var StorageManager = class {
   constructor(config) {
     __publicField(this, "prefix");
@@ -2992,6 +3020,80 @@ var StorageManager = class {
     } catch {
     }
   }
+  /**
+   * Set item with TTL (Time To Live)
+   * The item will automatically expire after the specified duration
+   */
+  setItemWithTTL(key, value, ttlMs) {
+    const ttlWrapper = {
+      value,
+      expiresAt: Date.now() + ttlMs
+    };
+    this.setItem(key, JSON.stringify(ttlWrapper));
+  }
+  /**
+   * Get item with TTL check
+   * Returns null if the item has expired (and removes it)
+   */
+  getItemWithTTL(key) {
+    const raw = this.getItem(key);
+    if (!raw)
+      return null;
+    try {
+      const parsed = JSON.parse(raw);
+      if (typeof parsed === "object" && "expiresAt" in parsed && "value" in parsed) {
+        if (Date.now() > parsed.expiresAt) {
+          this.removeItem(key);
+          return null;
+        }
+        return parsed.value;
+      }
+      return raw;
+    } catch {
+      return raw;
+    }
+  }
+  /**
+   * Set JSON item with TTL
+   */
+  setJSONWithTTL(key, value, ttlMs) {
+    try {
+      this.setItemWithTTL(key, JSON.stringify(value), ttlMs);
+    } catch {
+    }
+  }
+  /**
+   * Get JSON item with TTL check
+   */
+  getJSONWithTTL(key) {
+    const value = this.getItemWithTTL(key);
+    if (!value)
+      return null;
+    try {
+      return JSON.parse(value);
+    } catch {
+      return null;
+    }
+  }
+  /**
+   * Check if an item's TTL needs refresh (e.g., consent nearing expiration)
+   * Returns true if the item will expire within the threshold
+   */
+  needsTTLRefresh(key, refreshThresholdMs = 30 * 24 * 60 * 60 * 1e3) {
+    const raw = this.getItem(key);
+    if (!raw)
+      return false;
+    try {
+      const parsed = JSON.parse(raw);
+      if (typeof parsed === "object" && "expiresAt" in parsed) {
+        const timeUntilExpiry = parsed.expiresAt - Date.now();
+        return timeUntilExpiry > 0 && timeUntilExpiry < refreshThresholdMs;
+      }
+      return false;
+    } catch {
+      return false;
+    }
+  }
 };
 var storageManagerInstance = null;
 function getStorageManager() {

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@hifilabs/pixel",
-  "version": "0.6.2",
+  "version": "0.7.1",
   "description": "BALANCE Pixel - Lightweight browser tracking script for artist fan analytics",
   "main": "./dist/index.js",
   "module": "./dist/index.mjs",