@hogsend/engine 0.7.0 → 0.9.0

package/src/destinations/registry-singleton.ts

@@ -0,0 +1,78 @@
+import type { DefinedDestination } from "./define-destination.js";
+import { PRESET_DESTINATIONS } from "./presets/index.js";
+
+/**
+ * The process-wide destination registry, set once by `createHogsendClient` at
+ * startup and read by the delivery task (`workflows/deliver-webhook.ts`) to
+ * resolve a transform by `endpoint.kind`.
+ *
+ * Why a singleton (mirrors `lib/analytics-singleton.ts`): the durable
+ * `deliverWebhookTask` SELF-BOOTS — it opens its own `getDb()` from
+ * `process.env` and has NO client/container reference. So the registered
+ * transforms (presets + the consumer's `defineDestination()` destinations) MUST
+ * be reachable via a process singleton, exactly as analytics / the journey +
+ * bucket registries are. `createHogsendClient` runs in BOTH the API and worker,
+ * so by the time any worker task executes the registry has been installed.
+ *
+ * Resilient default: if a delivery task somehow runs in a process that never
+ * called `createHogsendClient` (a bare reaper re-drive in a test harness), the
+ * getter lazily falls back to the shipped {@link PRESET_DESTINATIONS} so the
+ * no-regression `webhook` + the `posthog` presets still resolve. Installing a
+ * registry via {@link setDestinationRegistry} replaces this fallback.
+ */
+export class DestinationRegistry {
+  private readonly byKind = new Map<string, DefinedDestination>();
+
+  constructor(destinations: DefinedDestination[] = []) {
+    for (const destination of destinations) {
+      // Last-writer-wins on id collision — the caller (container) orders the
+      // array so the consumer's destination wins over a preset of the same id.
+      this.byKind.set(destination.meta.id, destination);
+    }
+  }
+
+  /** Resolve a destination by its `kind` id, or `undefined` when unregistered. */
+  get(kind: string): DefinedDestination | undefined {
+    return this.byKind.get(kind);
+  }
+
+  /** Every registered destination (for diagnostics / catalog enumeration). */
+  getAll(): DefinedDestination[] {
+    return [...this.byKind.values()];
+  }
+
+  /** Number of registered destinations. */
+  count(): number {
+    return this.byKind.size;
+  }
+}
+
+/** The lazily-built fallback registry of just the shipped presets. */
+let fallback: DestinationRegistry | undefined;
+let installed: DestinationRegistry | undefined;
+
+/**
+ * Install the resolved destination registry. Called by `createHogsendClient`
+ * after merging the env presets with the consumer's `opts.destinations`.
+ */
+export function setDestinationRegistry(registry: DestinationRegistry): void {
+  installed = registry;
+}
+
+/**
+ * Read the destination registry. Returns the installed registry, or a lazily
+ * built preset-only fallback so a self-booting task always resolves the
+ * always-on `webhook` + `posthog` presets even before any container ran.
+ */
+export function getDestinationRegistry(): DestinationRegistry {
+  if (installed) return installed;
+  if (!fallback) {
+    fallback = new DestinationRegistry(Object.values(PRESET_DESTINATIONS));
+  }
+  return fallback;
+}
+
+/** Reset the installed registry — only for test cleanup. */
+export function resetDestinationRegistry(): void {
+  installed = undefined;
+}

package/src/env.ts

@@ -57,6 +57,12 @@ export const env = createEnv({
     POSTHOG_API_KEY: z.string().min(1).optional(),
     POSTHOG_HOST: z.string().url().optional(),
     POSTHOG_WEBHOOK_SECRET: z.string().min(1).optional(),
+    // When true AND POSTHOG_API_KEY is set, the engine idempotently auto-seeds
+    // ONE kind="posthog" webhook endpoint subscribed to the email funnel so the
+    // full email lifecycle fans out to PostHog DURABLY (on the delivery spine).
+    // Default OFF to avoid a surprise double-emit alongside the existing
+    // fire-and-forget PostHog capture path.
+    ENABLE_POSTHOG_DESTINATION: z.coerce.boolean().default(false),
     RESEND_WEBHOOK_SECRET: z.string().min(1).optional(),
     ADMIN_API_KEY: z.string().min(1).optional(),
     API_PUBLIC_URL: z.string().url().default("http://localhost:3002"),
@@ -71,6 +77,40 @@ export const env = createEnv({
     ENABLED_LISTS: z.string().default("*"),
     // Cadence for the engine-owned bucket reconcile cron (time-based leaves).
     BUCKET_RECONCILE_CRON: z.string().default("*/5 * * * *"),
+    // --- Outbound webhooks (Section 1.5/1.8) ---
+    // Cadence for the engine-owned outbound-delivery reaper cron (the retry
+    // scheduler + orphan-`sending` recovery). Declared for parity with
+    // BUCKET_RECONCILE_CRON; the delivery task also reads it raw off process.env.
+    OUTBOUND_WEBHOOK_REAPER_CRON: z.string().optional(),
+    // Delivery tunables — read raw off process.env inside the durable task;
+    // declared here so they are part of the validated env contract. All optional
+    // with task-internal defaults (MAX_ATTEMPTS 8, TIMEOUT 15s, BASE 5s,
+    // MAX_DELAY 6h, STUCK_AFTER 5min).
+    OUTBOUND_WEBHOOK_MAX_ATTEMPTS: z.coerce.number().optional(),
+    OUTBOUND_WEBHOOK_TIMEOUT_MS: z.coerce.number().optional(),
+    OUTBOUND_WEBHOOK_BASE_DELAY_MS: z.coerce.number().optional(),
+    OUTBOUND_WEBHOOK_MAX_DELAY_MS: z.coerce.number().optional(),
+    OUTBOUND_WEBHOOK_STUCK_AFTER_MS: z.coerce.number().optional(),
+    // --- Integration presets (Section 2.2) ---
+    // Signature-source secrets. The webhook route resolves a preset's secret via
+    // env[source.auth.envKey]; a signature source FAILS CLOSED when its secret is
+    // unset. Setting one auto-enables that preset at POST /v1/webhooks/<id>.
+    CLERK_WEBHOOK_SECRET: z.string().min(1).optional(),
+    SUPABASE_WEBHOOK_SECRET: z.string().min(1).optional(),
+    STRIPE_WEBHOOK_SECRET: z.string().min(1).optional(),
+    SEGMENT_WEBHOOK_SECRET: z.string().min(1).optional(),
+    // Preset enablement override: csv of preset ids, `"*"` (all with a secret),
+    // or `"none"`. Absent → auto-enable any preset whose secret is set.
+    ENABLED_WEBHOOK_PRESETS: z.string().optional(),
+    // --- Outbound destination presets (Phase 3) ---
+    // Which `defineDestination()` PRESETS are registered into the process
+    // destination registry the delivery task resolves by `endpoint.kind`. csv of
+    // ids (e.g. "segment,slack"), `"*"` (all presets), or `"none"`. Absent → the
+    // DEFAULT set (webhook + posthog). The `webhook` and `posthog` presets are
+    // ALWAYS registered regardless of this value, so the no-regression delivery
+    // path can never be turned off by misconfiguration. Set this to add the
+    // segment/slack presets (credentials still live per-endpoint in `config`).
+    ENABLED_DESTINATION_PRESETS: z.string().optional(),
   },
   runtimeEnv: process.env,
   emptyStringAsUndefined: true,

package/src/index.ts

@@ -16,7 +16,6 @@ export type {
   PostHogService,
   SendResult,
   WebhookEvent,
-  WebhookEventType,
   WebhookHandlerMap,
 } from "@hogsend/core";
 // Core helpers used by content journeys (days/hours/minutes, condition + journey
@@ -77,6 +76,31 @@ export {
   type HogsendClientOptions,
   type HogsendDefaults,
 } from "./container.js";
+// --- Outbound destinations: public authoring layer (Phase 3) ---
+export {
+  type DefinedDestination,
+  type DestinationCtx,
+  type DestinationEnvelope,
+  type DestinationMeta,
+  type DestinationTransformResult,
+  defineDestination,
+  type WebhookEndpointRow,
+} from "./destinations/define-destination.js";
+export {
+  type DestinationPresetId,
+  destinationsFromEnv,
+  PRESET_DESTINATIONS,
+  posthogDestination,
+  segmentDestination,
+  slackDestination,
+  webhookDestination,
+} from "./destinations/presets/index.js";
+export {
+  DestinationRegistry,
+  getDestinationRegistry,
+  resetDestinationRegistry,
+  setDestinationRegistry,
+} from "./destinations/registry-singleton.js";
 // --- Env ---
 export { API_VERSION, env } from "./env.js";
 // --- Journeys ---
@@ -150,6 +174,13 @@ export {
 // --- Logging ---
 export { createLogger, type Logger } from "./lib/logger.js";
 export { createTrackedMailer } from "./lib/mailer.js";
+// --- Outbound webhooks: emit spine (Section 1.4) ---
+export {
+  emitOutbound,
+  OUTBOUND_EVENTS,
+  type OutboundEventName,
+  type OutboundPayloads,
+} from "./lib/outbound.js";
 export { getPostHog } from "./lib/posthog.js";
 export { getRedisIfConnected } from "./lib/redis.js";
 export { type MountStudioResult, mountStudio } from "./lib/studio.js";
@@ -174,7 +205,17 @@ export {
 export {
   pushTrackingEvent,
   resolveEmailSendContext,
+  resolveEmailSendContextByResendId,
 } from "./lib/tracking-events.js";
+// --- Outbound webhooks: signing core (Section 1.2) ---
+export {
+  generateWebhookSecret,
+  type SignedWebhook,
+  signWebhook,
+  verifyWebhookSignature,
+  WEBHOOK_EVENT_TYPES,
+  type WebhookEventType,
+} from "./lib/webhook-signing.js";
 // --- Lists (D3) ---
 export {
   type DefinedList,
@@ -191,9 +232,21 @@ export {
 export {
   type DefinedWebhookSource,
   defineWebhookSource,
+  verifySignature,
+  type WebhookSourceAuth,
   type WebhookSourceCtx,
   type WebhookSourceMeta,
 } from "./webhook-sources/define-webhook-source.js";
+// --- Integration presets (Section 2.3/2.4) ---
+export {
+  clerkSource,
+  PRESET_SOURCES,
+  type PresetId,
+  presetsFromEnv,
+  segmentSource,
+  stripeSource,
+  supabaseSource,
+} from "./webhook-sources/presets/index.js";
 export {
   type CreateWorkerOptions,
   createWorker,
@@ -211,6 +264,11 @@ export {
   bucketReconcileTask,
 } from "./workflows/bucket-reconcile.js";
 export { checkAlertsTask } from "./workflows/check-alerts.js";
+// --- Outbound webhooks: durable delivery task + reaper (Section 1.5) ---
+export {
+  deliverWebhookTask,
+  reapDueWebhookDeliveriesTask,
+} from "./workflows/deliver-webhook.js";
 export { importContactsTask } from "./workflows/import-contacts.js";
 export { sendCampaignTask } from "./workflows/send-campaign.js";
 // --- Built-in Hatchet workflow tasks ---

package/src/journeys/define-journey.ts

@@ -15,6 +15,7 @@ import {
 } from "../lib/enrollment-guards.js";
 import { hatchet } from "../lib/hatchet.js";
 import { createLogger } from "../lib/logger.js";
+import { emitOutbound } from "../lib/outbound.js";
 import { resolveTimezoneWithSource } from "../lib/timezone.js";
 import { getClientScheduleDefaults } from "./client-defaults-singleton.js";
 import { JOURNEY_EXECUTION_TIMEOUT } from "./constants.js";
@@ -178,7 +179,6 @@ export function defineJourney(options: {
         hatchetCtx,
         registry: getJourneyRegistrySingleton(),
         logger,
-        posthog,
         stateId,
         userId,
         userEmail,
@@ -190,12 +190,13 @@ export function defineJourney(options: {
       try {
         await options.run(user, ctx);
 
+        const completedAt = new Date();
         await db
           .update(journeyStates)
           .set({
             status: "completed",
-            completedAt: new Date(),
-            updatedAt: new Date(),
+            completedAt,
+            updatedAt: completedAt,
           })
           .where(eq(journeyStates.id, stateId));
 
@@ -205,6 +206,28 @@ export function defineJourney(options: {
           userId,
         });
 
+        // OUTBOUND `journey.completed` — fired alongside the internal
+        // `journey:completed` push. Runs in the WORKER (this durable task), so it
+        // uses the engine `db`/`hatchet`/`logger` singletons. `dedupeKey` =
+        // `journey.completed:<stateId>`: a Hatchet re-execution recomputes the
+        // identical key and the unique `(endpointId, dedupeKey)` index absorbs the
+        // duplicate (risk 3). `journey:failed` is NOT in the catalog → no emit.
+        void emitOutbound({
+          db,
+          hatchet,
+          logger,
+          event: "journey.completed",
+          dedupeKey: `journey.completed:${stateId}`,
+          payload: {
+            journeyId: meta.id,
+            journeyName: meta.name,
+            stateId,
+            userId,
+            userEmail,
+            completedAt: completedAt.toISOString(),
+          },
+        }).catch(logger.warn);
+
         return { stateId, status: "completed" };
       } catch (err) {
         // The journey reached a terminal state (exitOn / cancel) while suspended

package/src/journeys/journey-context.ts

@@ -7,7 +7,7 @@ import {
   SleepCondition,
   UserEventCondition,
 } from "@hatchet-dev/typescript-sdk/v1/index.js";
-import type { DurationObject, PostHogService } from "@hogsend/core";
+import type { DurationObject } from "@hogsend/core";
 import { durationToMs, evaluateEventCondition } from "@hogsend/core";
 import type { JourneyRegistry } from "@hogsend/core/registry";
 import {
@@ -69,7 +69,6 @@ interface JourneyContextConfig {
   };
   registry: JourneyRegistry;
   logger: Logger;
-  posthog?: PostHogService;
   stateId: string;
   userId: string;
   userEmail: string;
@@ -140,7 +139,6 @@ export function createJourneyContext(
     hatchetCtx,
     registry,
     logger,
-    posthog,
     stateId,
     userId,
     userEmail,
@@ -316,10 +314,6 @@ export function createJourneyContext(
       });
     },
 
-    identify(properties) {
-      posthog?.identify(userId, properties);
-    },
-
     guard: {
       async isSubscribed() {
         const prefs = await checkEmailPreferences({ db, userId });
@@ -390,15 +384,5 @@ export function createJourneyContext(
         };
       },
     },
-
-    posthog: {
-      capture({ event, properties }) {
-        posthog?.captureEvent({
-          distinctId: userId,
-          event,
-          properties,
-        });
-      },
-    },
   };
 }

package/src/lib/analytics-singleton.ts

@@ -6,6 +6,13 @@ import { createOptionalSingleton } from "./singleton.js";
  * the module-level task-execution sites that have no client reference of their
  * own (the journey durable task in `define-journey`, the bucket PostHog sync).
  *
+ * Its role is deliberately NARROW (see the `analytics?` option doc on
+ * {@link createHogsendClient}): the identity PULL (`getPersonProperties` for
+ * per-user timezone resolution) and the opt-in `bucket.syncToPostHog`
+ * person-property mirror. It is explicitly NOT the outbound-catalog firing
+ * path — the email/contact/journey/bucket lifecycle fans out durably via
+ * DESTINATIONS on the webhook spine, not through this singleton.
+ *
  * Mirrors the journey/bucket-registry + client-schedule-defaults singletons:
  * `createHogsendClient` runs in BOTH the API and worker processes, so by the
  * time any worker task executes, the container has already installed the

package/src/lib/bucket-emit.ts

@@ -6,6 +6,7 @@ import type { BucketLeaveReason } from "../buckets/bucket-reactions.js";
 import { syncBucketToPostHog } from "./bucket-posthog-sync.js";
 import { ingestEvent } from "./ingestion.js";
 import type { Logger } from "./logger.js";
+import { emitOutbound } from "./outbound.js";
 
 export type BucketTransitionKind = "entered" | "left" | "dwell";
 
@@ -146,4 +147,48 @@ export async function emitBucketTransition(opts: {
       },
     });
   }
+
+  // OUTBOUND `bucket.entered` / `bucket.left` — this is the SINGLE producer for
+  // all three transition origins (real-time / reconcile / fast-expiry), so the
+  // emit lives here once. GATED to enter/leave (dwell is a recurring membership
+  // tick, not in the catalog — same gate as the PostHog mirror above). The
+  // `dedupeKey` is the SAME deterministic `idempotencyKey` all three producers
+  // compute, so a Hatchet re-execution converges to ONE emission via the unique
+  // `(endpointId, dedupeKey)` index (risk 3). Fire-and-forget.
+  if (kind === "entered") {
+    void emitOutbound({
+      db,
+      hatchet,
+      logger,
+      event: "bucket.entered",
+      dedupeKey: idempotencyKey,
+      payload: {
+        bucketId: bucket.id,
+        bucketName: bucket.name,
+        userId,
+        userEmail,
+        transition: "entered",
+        entryCount: epoch,
+        source,
+      },
+    }).catch(logger.warn);
+  } else if (kind === "left") {
+    void emitOutbound({
+      db,
+      hatchet,
+      logger,
+      event: "bucket.left",
+      dedupeKey: idempotencyKey,
+      payload: {
+        bucketId: bucket.id,
+        bucketName: bucket.name,
+        userId,
+        userEmail,
+        transition: "left",
+        entryCount: epoch,
+        source,
+        ...(reason != null ? { reason } : {}),
+      },
+    }).catch(logger.warn);
+  }
 }

package/src/lib/contacts.ts

@@ -38,7 +38,7 @@ export async function resolveContact(opts: { db: Database; id: string }) {
   return rows[0] ?? null;
 }
 
-interface SerializedContact {
+export interface SerializedContact {
   id: string;
   externalId: string | null;
   email: string | null;
@@ -1007,13 +1007,23 @@ export async function findContacts(opts: {
 
 /**
  * Soft-delete a contact resolved by email or external id (sets `deletedAt`).
- * Returns true iff a live row was found and soft-deleted.
+ *
+ * Returns `{ deleted }` plus the soft-deleted row's identity (`id`,
+ * `externalId`, `email`) so the delete route can both make its 404 decision
+ * (`deleted`) AND emit the `contact.deleted` outbound webhook with the real
+ * identity — without a second read-back. `deleted` is false (and the identity
+ * fields absent) when no live row matched.
  */
 export async function softDeleteContact(opts: {
   db: Database;
   email?: string;
   userId?: string;
-}): Promise<boolean> {
+}): Promise<{
+  deleted: boolean;
+  id?: string;
+  externalId?: string | null;
+  email?: string | null;
+}> {
   const { db } = opts;
   const email = opts.email ? normalizeEmail(opts.email) : undefined;
   const userId = opts.userId?.trim() || undefined;
@@ -1021,15 +1031,27 @@ export async function softDeleteContact(opts: {
   const clauses = [];
   if (email) clauses.push(eq(contacts.email, email));
   if (userId) clauses.push(eq(contacts.externalId, userId));
-  if (clauses.length === 0) return false;
+  if (clauses.length === 0) return { deleted: false };
 
   const updated = await db
     .update(contacts)
     .set({ deletedAt: new Date(), updatedAt: new Date() })
     .where(and(or(...clauses), isNull(contacts.deletedAt)))
-    .returning({ id: contacts.id });
+    .returning({
+      id: contacts.id,
+      externalId: contacts.externalId,
+      email: contacts.email,
+    });
+
+  const row = updated[0];
+  if (!row) return { deleted: false };
 
-  return updated.length > 0;
+  return {
+    deleted: true,
+    id: row.id,
+    externalId: row.externalId,
+    email: row.email,
+  };
 }
 
 /**

package/src/lib/mailer.ts

@@ -24,8 +24,17 @@ import type {
   SendResult,
   TrackedSendResult,
 } from "./email-service-types.js";
+import { hatchet } from "./hatchet.js";
+import { createLogger } from "./logger.js";
+import { emitOutbound } from "./outbound.js";
 import type { PrepareTrackedHtmlFn } from "./tracked.js";
 import { sendTrackedEmail } from "./tracked.js";
+import { resolveEmailSendContextByResendId } from "./tracking-events.js";
+
+// Fallback logger for the provider-webhook outbound emit — `config.logger` is
+// optional, but `emitOutbound` requires one. Mirrors the engine-lib singleton
+// pattern (define-journey, preferences, tracked).
+const emitLogger = createLogger(process.env.LOG_LEVEL);
 
 const WEBHOOK_TO_STATUS_FIELD: Partial<
   Record<WebhookEventType, keyof typeof emailSends.$inferSelect>
@@ -187,9 +196,24 @@ export function createTrackedMailer(
   ): Promise<boolean> {
     switch (event.type) {
       case "email.sent":
+        // `email.sent` is emitted FIRST-PARTY from the tracked mailer's
+        // provider-accepted branch (lib/tracked.ts) with the rich payload — the
+        // provider-webhook echo only updates the DB status, it does NOT emit.
+        await updateEmailStatus(event.type, event.data.email_id);
+        break;
       case "email.delivered":
+        await updateEmailStatus(event.type, event.data.email_id);
+        // OUTBOUND `email.delivered` — the provider webhook is the SINGLE source
+        // for delivered/bounced (these have no first-party signal).
+        await emitProviderEmailEvent("email.delivered", event.data.email_id);
+        break;
       case "email.opened":
       case "email.clicked":
+        // First-party pixel/redirect is the SINGLE outbound emitter for
+        // open/click — it now fires PER-HIT (every open/click → a delivery to
+        // every destination, owner decision 1). The provider-webhook echo is
+        // SUPPRESSED here: it only updates the DB status, it does NOT emit
+        // outbound (no double-source).
         await updateEmailStatus(event.type, event.data.email_id);
         break;
       case "email.bounced":
@@ -197,10 +221,18 @@ export function createTrackedMailer(
           bounceType: event.data.bounce?.type,
           bounceReason: event.data.bounce?.message,
         });
+        // OUTBOUND `email.bounced` with the bounce detail.
+        await emitProviderEmailEvent("email.bounced", event.data.email_id, {
+          bounceType: event.data.bounce?.type,
+          bounceReason: event.data.bounce?.message,
+        });
         await handleBounce(event.data.to);
         break;
       case "email.complained":
         await updateEmailStatus(event.type, event.data.email_id);
+        // OUTBOUND `email.complained` — the provider webhook is the SINGLE
+        // source for complaints (no first-party signal exists).
+        await emitProviderEmailEvent("email.complained", event.data.email_id);
         await handleComplaint(event.data.to);
         break;
       case "email.delivery_delayed":
@@ -250,6 +282,76 @@ export function createTrackedMailer(
       .where(eq(emailPreferences.email, email));
   }
 
+  /**
+   * Emit the provider-funnel outbound event (`email.delivered` /
+   * `email.bounced` / `email.complained`) for a Resend `email_id`. These three
+   * have no first-party signal — the provider webhook is their single source.
+   * Enriches via {@link resolveEmailSendContextByResendId}
+   * (the only handle a provider webhook holds is the Resend id). Fire-and-forget:
+   * a missing context (webhook racing the send-row commit) or a transient outbound
+   * error is logged and swallowed — never failing the webhook handler. No
+   * `dedupeKey`: the provider path is not a Hatchet-retryable producer, and the
+   * shared `Webhook-Id` is the subscriber-side dedup for any provider redelivery.
+   */
+  function emitProviderEmailEvent(
+    event: "email.delivered" | "email.bounced" | "email.complained",
+    resendId: string,
+    bounce?: { bounceType?: string; bounceReason?: string },
+  ): void {
+    if (!db) return;
+    const log = config.logger ?? emitLogger;
+    const database = db;
+    void resolveEmailSendContextByResendId(database, resendId)
+      .then((ctx) => {
+        if (!ctx) return;
+        const base = {
+          emailSendId: ctx.emailSendId,
+          resendId,
+          templateKey: ctx.templateKey,
+          userId: ctx.userId,
+          to: ctx.to,
+          at: new Date().toISOString(),
+        };
+        if (event === "email.bounced") {
+          return emitOutbound({
+            db: database,
+            hatchet,
+            logger: log,
+            event: "email.bounced",
+            payload: {
+              ...base,
+              ...(bounce?.bounceType ? { bounceType: bounce.bounceType } : {}),
+              ...(bounce?.bounceReason
+                ? { bounceReason: bounce.bounceReason }
+                : {}),
+            },
+          });
+        }
+        if (event === "email.complained") {
+          return emitOutbound({
+            db: database,
+            hatchet,
+            logger: log,
+            event: "email.complained",
+            payload: base,
+          });
+        }
+        return emitOutbound({
+          db: database,
+          hatchet,
+          logger: log,
+          event: "email.delivered",
+          payload: base,
+        });
+      })
+      .catch((err: unknown) => {
+        log.warn(`emitOutbound ${event} failed`, {
+          resendId,
+          error: err instanceof Error ? err.message : String(err),
+        });
+      });
+  }
+
   async function updateEmailStatus(
     eventType: WebhookEventType,
     resendId: string,