@interfere/next 10.0.1-canary.0 → 10.0.1-canary.1

package/dist/internal/build/release/index.d.mts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.mts","names":[],"sources":["../../../../src/internal/build/release/index.ts"],"mappings":";;;;;iBASgB,qBAAA,CACd,OAAA,UACA,WAAA,EAAa,WAAA,EACb,MAAA,EAAQ,sBAAA,GACP,oBAAA"}
+{"version":3,"file":"index.d.mts","names":[],"sources":["../../../../src/internal/build/release/index.ts"],"mappings":";;;;;iBAUgB,qBAAA,CACd,OAAA,UACA,WAAA,EAAa,WAAA,EACb,MAAA,EAAQ,sBAAA,GACP,oBAAA"}

package/dist/internal/build/release/index.mjs

@@ -1 +1 @@
-import{log}from"../../logger.mjs";import{PRODUCER_VERSION}from"../../version.mjs";import{destinations}from"./destinations/index.mjs";import{sources}from"./sources/index.mjs";function resolveReleaseRequest(buildId,releaseSlug,config){return config.surface.sourceProvider?config.surface.destinationProvider?{source:sources[config.surface.sourceProvider](),destination:destinations[config.surface.destinationProvider](),buildId,slug:releaseSlug,producerVersion:PRODUCER_VERSION}:log.fatal(`Missing deployment target`,[`This surface does not have a deployment target integration configured.`,`Configure one at https://interfere.com/~/${config.org.slug}/surfaces/${config.surface.slug}`]):log.fatal(`Missing version control provider`,[`This surface does not have a version control provider configured.`,`Configure one at https://interfere.com/~/${config.org.slug}/surfaces/${config.surface.slug}`])}export{resolveReleaseRequest};
+import{log}from"../../logger.mjs";import{PRODUCER_VERSION}from"../../version.mjs";import{destinations}from"./destinations/index.mjs";import{sources}from"./sources/index.mjs";import{destinationProviderSchema}from"@interfere/types/integrations";function resolveReleaseRequest(buildId,releaseSlug,config){if(!config.surface.sourceProvider)return log.fatal(`Missing version control provider`,[`This surface does not have a version control provider configured.`,`Configure one at https://interfere.com/~/${config.org.slug}/surfaces/${config.surface.slug}`]);let destinationProvider=destinationProviderSchema.safeParse(config.surface.destinationProvider);return destinationProvider.success?{source:sources[config.surface.sourceProvider](),destination:destinations[destinationProvider.data](),buildId,slug:releaseSlug,producerVersion:PRODUCER_VERSION}:log.fatal(`Missing deployment target`,[`This surface does not have a deployment target integration configured.`,`Configure one at https://interfere.com/~/${config.org.slug}/surfaces/${config.surface.slug}`])}export{resolveReleaseRequest};

package/dist/internal/build/release/index.mjs.map

@@ -1 +1 @@
-{"version":3,"file":"index.mjs","names":[],"sources":["../../../../src/internal/build/release/index.ts"],"sourcesContent":["import type { ReleaseSlug } from \"@interfere/types/releases/slug\";\nimport type { ReleasesConfigResponse } from \"@interfere/sdk/models/releases-config-response.js\";\nimport type { CreateReleaseRequest } from \"@interfere/types/releases/definition\";\n\nimport { log } from \"../../logger.js\";\nimport { PRODUCER_VERSION } from \"../../version.js\";\nimport { destinations } from \"./destinations/index.js\";\nimport { sources } from \"./sources/index.js\";\n\nexport function resolveReleaseRequest(\n  buildId: string,\n  releaseSlug: ReleaseSlug,\n  config: ReleasesConfigResponse\n): CreateReleaseRequest {\n  if (!config.surface.sourceProvider) {\n    return log.fatal(\"Missing version control provider\", [\n      \"This surface does not have a version control provider configured.\",\n      `Configure one at https://interfere.com/~/${config.org.slug}/surfaces/${config.surface.slug}`,\n    ]);\n  }\n\n  if (!config.surface.destinationProvider) {\n    return log.fatal(\"Missing deployment target\", [\n      \"This surface does not have a deployment target integration configured.\",\n      `Configure one at https://interfere.com/~/${config.org.slug}/surfaces/${config.surface.slug}`,\n    ]);\n  }\n\n  return {\n    source: sources[config.surface.sourceProvider](),\n    destination: destinations[config.surface.destinationProvider](),\n    buildId,\n    slug: releaseSlug,\n    producerVersion: PRODUCER_VERSION,\n  };\n}\n"],"mappings":"8KASA,SAAgB,sBACd,QACA,YACA,OACsB,CAetB,OAdK,OAAO,QAAQ,eAOf,OAAO,QAAQ,oBAOb,CACL,OAAQ,QAAQ,OAAO,QAAQ,gBAAgB,EAC/C,YAAa,aAAa,OAAO,QAAQ,qBAAqB,EAC9D,QACA,KAAM,YACN,gBAAiB,gBACnB,EAZS,IAAI,MAAM,4BAA6B,CAC5C,yEACA,4CAA4C,OAAO,IAAI,KAAK,YAAY,OAAO,QAAQ,MACzF,CAAC,EAVM,IAAI,MAAM,mCAAoC,CACnD,oEACA,4CAA4C,OAAO,IAAI,KAAK,YAAY,OAAO,QAAQ,MACzF,CAAC,CAiBL"}
+{"version":3,"file":"index.mjs","names":[],"sources":["../../../../src/internal/build/release/index.ts"],"sourcesContent":["import type { ReleaseSlug } from \"@interfere/types/releases/slug\";\nimport type { ReleasesConfigResponse } from \"@interfere/sdk/models/releases-config-response.js\";\nimport type { CreateReleaseRequest } from \"@interfere/types/releases/definition\";\nimport { destinationProviderSchema } from \"@interfere/types/integrations\";\n\nimport { log } from \"../../logger.js\";\nimport { PRODUCER_VERSION } from \"../../version.js\";\nimport { destinations } from \"./destinations/index.js\";\nimport { sources } from \"./sources/index.js\";\n\nexport function resolveReleaseRequest(\n  buildId: string,\n  releaseSlug: ReleaseSlug,\n  config: ReleasesConfigResponse\n): CreateReleaseRequest {\n  if (!config.surface.sourceProvider) {\n    return log.fatal(\"Missing version control provider\", [\n      \"This surface does not have a version control provider configured.\",\n      `Configure one at https://interfere.com/~/${config.org.slug}/surfaces/${config.surface.slug}`,\n    ]);\n  }\n\n  const destinationProvider = destinationProviderSchema.safeParse(\n    config.surface.destinationProvider\n  );\n  if (!destinationProvider.success) {\n    return log.fatal(\"Missing deployment target\", [\n      \"This surface does not have a deployment target integration configured.\",\n      `Configure one at https://interfere.com/~/${config.org.slug}/surfaces/${config.surface.slug}`,\n    ]);\n  }\n\n  return {\n    source: sources[config.surface.sourceProvider](),\n    destination: destinations[destinationProvider.data](),\n    buildId,\n    slug: releaseSlug,\n    producerVersion: PRODUCER_VERSION,\n  };\n}\n"],"mappings":"mPAUA,SAAgB,sBACd,QACA,YACA,OACsB,CACtB,GAAI,CAAC,OAAO,QAAQ,eAClB,OAAO,IAAI,MAAM,mCAAoC,CACnD,oEACA,4CAA4C,OAAO,IAAI,KAAK,YAAY,OAAO,QAAQ,MACzF,CAAC,EAGH,IAAM,oBAAsB,0BAA0B,UACpD,OAAO,QAAQ,mBACjB,EAQA,OAPK,oBAAoB,QAOlB,CACL,OAAQ,QAAQ,OAAO,QAAQ,gBAAgB,EAC/C,YAAa,aAAa,oBAAoB,MAAM,EACpD,QACA,KAAM,YACN,gBAAiB,gBACnB,EAZS,IAAI,MAAM,4BAA6B,CAC5C,yEACA,4CAA4C,OAAO,IAAI,KAAK,YAAY,OAAO,QAAQ,MACzF,CAAC,CAUL"}

package/dist/internal/route/proxy.d.mts

@@ -22,7 +22,7 @@ declare function extractSubPath(request: Request): string;
 /**
  * Preserve any query string verbatim when forwarding upstream.
  *
- * The browser SDK uses `?_pv=…` and `?pk=…` (and `?_pt=…` in direct-ingestion
+ * The browser SDK uses `?_pv=…` and `?pk=…` (and `?_pt=…` in direct
  * mode) as a `navigator.sendBeacon` fallback when `visibilitychange→
  * hidden` aborts the keepalive fetch path. The collector's
  * `otlpProducerGuard` and `surfacePkAuth` accept those values verbatim

package/dist/internal/route/proxy.mjs.map

@@ -1 +1 @@
-{"version":3,"file":"proxy.mjs","names":[],"sources":["../../../src/internal/route/proxy.ts"],"sourcesContent":["import { resolveRoutePrefix } from \"@interfere/constants/route-prefix\";\nimport { omitUndefined } from \"@interfere/helpers/omit-undefined\";\nimport { extractCountryHeader } from \"@interfere/types/sdk/geo\";\n\nimport { type InterfereEnv, readInterfereEnv } from \"../env.js\";\nimport { log } from \"../logger.js\";\n\n// Never forward customer API keys from browser-originated ingestion requests.\nconst STRIPPED_AUTH_HEADERS = [\n  \"authorization\",\n  \"x-api-key\",\n  \"x-interfere-api-key\",\n] as const;\n\n// Headers tied to the *inbound* HTTP transaction. These must not leak onto\n// the *outbound* `fetch` because the runtime computes them fresh for the new\n// body / connection, and forwarding them stale either silently corrupts the\n// request or hangs it until a timeout fires.\n//\n// Specifically `content-length`: `handleIngest` parses the incoming JSON,\n// injects build/release metadata, then re-`JSON.stringify`s the result. The\n// new body almost always has a different byte length to the original, so\n// forwarding the inbound `content-length` makes undici stall writing the\n// body until our 10s `AbortSignal.timeout` fires with\n// `Request body length does not match content-length header`. This was the\n// 2026-05-01 prod symptom (Vercel proxy 502s on `POST /v1/ingest` from\n// dashboard + homepage).\n//\n// `host` would route the upstream fetch back at the proxy hostname. fetch\n// sets it correctly from the URL automatically.\n//\n// The remainder are RFC 7230 §6.1 hop-by-hop headers — meaningful only on\n// the connection that received them. There's no canonical stdlib list for\n// any of this; every proxy in the Node ecosystem hand-rolls the same set\n// (`http-proxy`, Cloudflare Workers docs, Hono, undici's ProxyAgent, …).\nconst STRIPPED_TRANSPORT_HEADERS = [\n  \"host\",\n  \"content-length\",\n  \"connection\",\n  \"keep-alive\",\n  \"transfer-encoding\",\n  \"te\",\n  \"trailer\",\n  \"upgrade\",\n  \"proxy-authenticate\",\n  \"proxy-authorization\",\n] as const;\n\n/**\n * Clone the inbound request's headers, removing entries that should never\n * cross the proxy boundary. Returns a mutable `Headers` so callers can\n * `.set()`/`.delete()` upstream-specific values without having to merge\n * record literals (which lose case-insensitivity and create the precedence\n * footguns that masked the 2026-05-01 incident in code review).\n */\nexport function forwardedHeaders(request: Request): Headers {\n  const headers = new Headers(request.headers);\n  for (const name of STRIPPED_AUTH_HEADERS) {\n    headers.delete(name);\n  }\n  for (const name of STRIPPED_TRANSPORT_HEADERS) {\n    headers.delete(name);\n  }\n  return headers;\n}\n\nexport interface AuthenticatedEnv {\n  apiUrl: string;\n  publicKey: string | null;\n  release: InterfereEnv[\"release\"];\n}\n\nexport function resolveAuthenticatedEnv(): AuthenticatedEnv {\n  const env = readInterfereEnv();\n  return {\n    apiUrl: env.apiUrl,\n    publicKey: env.publicKey,\n    release: env.release,\n  };\n}\n\n/** True when the proxy can attach a publishable key from env or the request. */\nexport function hasPublicKeyCredential(\n  request: Request,\n  envPublicKey: string | null\n): boolean {\n  if (envPublicKey) {\n    return true;\n  }\n  return new URL(request.url).searchParams.has(\"pk\");\n}\n\nexport function notConfiguredResponse(): Response {\n  log.warn(\"Not configured\", [\n    \"INTERFERE_PUBLIC_KEY is not set and the request has no ?pk= query param. The proxy route will return 503.\",\n  ]);\n  return Response.json(\n    {\n      code: \"INTERFERE_NOT_CONFIGURED\",\n      message: \"INTERFERE_PUBLIC_KEY is required.\",\n    },\n    { status: 503 }\n  );\n}\n\nexport function extractSubPath(request: Request): string {\n  const prefix = resolveRoutePrefix();\n  const url = new URL(request.url);\n  const idx = url.pathname.indexOf(prefix);\n  if (idx === -1) {\n    return \"/\";\n  }\n  const remainder = url.pathname.slice(idx + prefix.length);\n  if (remainder === \"\") {\n    return \"/\";\n  }\n  return remainder.startsWith(\"/\") ? remainder : `/${remainder}`;\n}\n\n/**\n * Preserve any query string verbatim when forwarding upstream.\n *\n * The browser SDK uses `?_pv=…` and `?pk=…` (and `?_pt=…` in direct-ingestion\n * mode) as a `navigator.sendBeacon` fallback when `visibilitychange→\n * hidden` aborts the keepalive fetch path. The collector's\n * `otlpProducerGuard` and `surfacePkAuth` accept those values verbatim\n * — but only if the proxy actually forwards them. Passing\n * `request.url`'s `search` through (`\"\"` when absent, leading `?`\n * when present) keeps the rewrite transparent.\n */\nexport function extractSearch(request: Request): string {\n  return new URL(request.url).search;\n}\n\nexport function formatProxyError(error: unknown): {\n  message: string;\n  lines: string[];\n} {\n  if (!(error instanceof Error)) {\n    return { message: String(error), lines: [String(error)] };\n  }\n\n  const lines = [`${error.name}: ${error.message}`];\n\n  if (\"cause\" in error && error.cause) {\n    const cause =\n      error.cause instanceof Error ? error.cause.message : String(error.cause);\n    lines.push(`cause: ${cause}`);\n  }\n\n  if (\n    \"code\" in error &&\n    typeof (error as NodeJS.ErrnoException).code === \"string\"\n  ) {\n    lines.push(`code: ${(error as NodeJS.ErrnoException).code}`);\n  }\n\n  return { message: `${error.name}: ${error.message}`, lines };\n}\n\n/**\n * Append `?pk=` to the outbound URL from the server env. Proxy mode\n * means the browser never sees `INTERFERE_PUBLIC_KEY` (it's not\n * `NEXT_PUBLIC_`-exposed), so the proxy is the only place the\n * credential can attach to the request. Preserves any existing query\n * params (e.g. `_pv=` debug flag). If the inbound request already\n * carries `?pk=`, that value wins — a misconfigured server-env pk\n * shouldn't clobber an explicit one from the SDK.\n */\nfunction buildUpstreamUrl(\n  apiUrl: string,\n  subPath: string,\n  request: Request,\n  publicKey: string | null\n): string {\n  const incoming = new URL(request.url);\n  const upstream = new URL(`${apiUrl}${subPath}`);\n\n  for (const [key, value] of incoming.searchParams) {\n    upstream.searchParams.append(key, value);\n  }\n\n  if (publicKey && !upstream.searchParams.has(\"pk\")) {\n    upstream.searchParams.set(\"pk\", publicKey);\n  }\n\n  return upstream.toString();\n}\n\nexport async function forwardToCollector(\n  request: Request,\n  env: AuthenticatedEnv,\n  subPath: string\n): Promise<Response> {\n  const url = buildUpstreamUrl(env.apiUrl, subPath, request, env.publicKey);\n  const hasBody = request.method !== \"GET\" && request.method !== \"HEAD\";\n  const body = hasBody ? await request.text() : undefined;\n\n  const headers = forwardedHeaders(request);\n  // Default to JSON only when the inbound request didn't pin a content-type\n  // — non-`/v1/ingest` paths relay the body bytes verbatim, so honour\n  // whatever the caller said it was sending.\n  if (!headers.has(\"content-type\")) {\n    headers.set(\"content-type\", \"application/json\");\n  }\n  const country = extractCountryHeader(request);\n  if (country !== null) {\n    headers.set(\"x-country-code\", country);\n  }\n\n  const upstream = await fetch(url, {\n    ...omitUndefined({ body }),\n    method: request.method,\n    headers,\n    signal: AbortSignal.timeout(10_000),\n  });\n\n  if (!upstream.ok) {\n    const text = await upstream.text().catch(() => \"\");\n\n    if (upstream.status >= 500) {\n      log.error(\n        `Upstream ${upstream.status} for ${request.method} ${subPath}`,\n        [text]\n      );\n      return Response.json(\n        { code: \"INTERFERE_UPSTREAM_ERROR\", message: text },\n        { status: upstream.status }\n      );\n    }\n    if (upstream.status >= 400) {\n      log.warn(`Upstream ${upstream.status} for ${request.method} ${subPath}`, [\n        text,\n      ]);\n      return Response.json(\n        { code: \"INTERFERE_UPSTREAM_WARNING\", message: text },\n        { status: upstream.status }\n      );\n    }\n\n    log.error(`Upstream ${upstream.status} for ${request.method} ${subPath}`, [\n      text,\n    ]);\n    return Response.json(\n      { code: \"INTERFERE_UPSTREAM_ERROR\", message: text },\n      { status: upstream.status }\n    );\n  }\n\n  return new Response(upstream.body, {\n    status: upstream.status,\n    headers: {\n      \"content-type\":\n        upstream.headers.get(\"content-type\") ?? \"application/json\",\n    },\n  });\n}\n"],"mappings":"kQAQA,MAAM,sBAAwB,CAC5B,gBACA,YACA,qBACF,EAuBM,2BAA6B,CACjC,OACA,iBACA,aACA,aACA,oBACA,KACA,UACA,UACA,qBACA,qBACF,EASA,SAAgB,iBAAiB,QAA2B,CAC1D,IAAM,QAAU,IAAI,QAAQ,QAAQ,OAAO,EAC3C,IAAK,IAAM,QAAQ,sBACjB,QAAQ,OAAO,IAAI,EAErB,IAAK,IAAM,QAAQ,2BACjB,QAAQ,OAAO,IAAI,EAErB,OAAO,OACT,CAQA,SAAgB,yBAA4C,CAC1D,IAAM,IAAM,iBAAiB,EAC7B,MAAO,CACL,OAAQ,IAAI,OACZ,UAAW,IAAI,UACf,QAAS,IAAI,OACf,CACF,CAGA,SAAgB,uBACd,QACA,aACS,CAIT,OAHI,aACK,GAEF,IAAI,IAAI,QAAQ,GAAG,EAAE,aAAa,IAAI,IAAI,CACnD,CAEA,SAAgB,uBAAkC,CAIhD,OAHA,IAAI,KAAK,iBAAkB,CACzB,2GACF,CAAC,EACM,SAAS,KACd,CACE,KAAM,2BACN,QAAS,mCACX,EACA,CAAE,OAAQ,GAAI,CAChB,CACF,CAEA,SAAgB,eAAe,QAA0B,CACvD,IAAM,OAAS,mBAAmB,EAC5B,IAAM,IAAI,IAAI,QAAQ,GAAG,EACzB,IAAM,IAAI,SAAS,QAAQ,MAAM,EACvC,GAAI,MAAQ,GACV,MAAO,IAET,IAAM,UAAY,IAAI,SAAS,MAAM,IAAM,OAAO,MAAM,EAIxD,OAHI,YAAc,GACT,IAEF,UAAU,WAAW,GAAG,EAAI,UAAY,IAAI,WACrD,CAaA,SAAgB,cAAc,QAA0B,CACtD,OAAO,IAAI,IAAI,QAAQ,GAAG,EAAE,MAC9B,CAEA,SAAgB,iBAAiB,MAG/B,CACA,GAAI,EAAE,iBAAiB,OACrB,MAAO,CAAE,QAAS,OAAO,KAAK,EAAG,MAAO,CAAC,OAAO,KAAK,CAAC,CAAE,EAG1D,IAAM,MAAQ,CAAC,GAAG,MAAM,KAAK,IAAI,MAAM,SAAS,EAEhD,GAAI,UAAW,OAAS,MAAM,MAAO,CACnC,IAAM,MACJ,MAAM,iBAAiB,MAAQ,MAAM,MAAM,QAAU,OAAO,MAAM,KAAK,EACzE,MAAM,KAAK,UAAU,OAAO,CAC9B,CASA,MANE,SAAU,OACV,OAAQ,MAAgC,MAAS,UAEjD,MAAM,KAAK,SAAU,MAAgC,MAAM,EAGtD,CAAE,QAAS,GAAG,MAAM,KAAK,IAAI,MAAM,UAAW,KAAM,CAC7D,CAWA,SAAS,iBACP,OACA,QACA,QACA,UACQ,CACR,IAAM,SAAW,IAAI,IAAI,QAAQ,GAAG,EAC9B,SAAW,IAAI,IAAI,GAAG,SAAS,SAAS,EAE9C,IAAK,GAAM,CAAC,IAAK,SAAU,SAAS,aAClC,SAAS,aAAa,OAAO,IAAK,KAAK,EAOzC,OAJI,WAAa,CAAC,SAAS,aAAa,IAAI,IAAI,GAC9C,SAAS,aAAa,IAAI,KAAM,SAAS,EAGpC,SAAS,SAAS,CAC3B,CAEA,eAAsB,mBACpB,QACA,IACA,QACmB,CACnB,IAAM,IAAM,iBAAiB,IAAI,OAAQ,QAAS,QAAS,IAAI,SAAS,EAElE,KADU,QAAQ,SAAW,OAAS,QAAQ,SAAW,OACxC,MAAM,QAAQ,KAAK,EAAI,IAAA,GAExC,QAAU,iBAAiB,OAAO,EAInC,QAAQ,IAAI,cAAc,GAC7B,QAAQ,IAAI,eAAgB,kBAAkB,EAEhD,IAAM,QAAU,qBAAqB,OAAO,EACxC,UAAY,MACd,QAAQ,IAAI,iBAAkB,OAAO,EAGvC,IAAM,SAAW,MAAM,MAAM,IAAK,CAChC,GAAG,cAAc,CAAE,IAAK,CAAC,EACzB,OAAQ,QAAQ,OAChB,QACA,OAAQ,YAAY,QAAQ,GAAM,CACpC,CAAC,EAED,GAAI,CAAC,SAAS,GAAI,CAChB,IAAM,KAAO,MAAM,SAAS,KAAK,EAAE,UAAY,EAAE,EAyBjD,OAvBI,SAAS,QAAU,KACrB,IAAI,MACF,YAAY,SAAS,OAAO,OAAO,QAAQ,OAAO,GAAG,UACrD,CAAC,IAAI,CACP,EACO,SAAS,KACd,CAAE,KAAM,2BAA4B,QAAS,IAAK,EAClD,CAAE,OAAQ,SAAS,MAAO,CAC5B,GAEE,SAAS,QAAU,KACrB,IAAI,KAAK,YAAY,SAAS,OAAO,OAAO,QAAQ,OAAO,GAAG,UAAW,CACvE,IACF,CAAC,EACM,SAAS,KACd,CAAE,KAAM,6BAA8B,QAAS,IAAK,EACpD,CAAE,OAAQ,SAAS,MAAO,CAC5B,IAGF,IAAI,MAAM,YAAY,SAAS,OAAO,OAAO,QAAQ,OAAO,GAAG,UAAW,CACxE,IACF,CAAC,EACM,SAAS,KACd,CAAE,KAAM,2BAA4B,QAAS,IAAK,EAClD,CAAE,OAAQ,SAAS,MAAO,CAC5B,EACF,CAEA,OAAO,IAAI,SAAS,SAAS,KAAM,CACjC,OAAQ,SAAS,OACjB,QAAS,CACP,eACE,SAAS,QAAQ,IAAI,cAAc,GAAK,kBAC5C,CACF,CAAC,CACH"}
+{"version":3,"file":"proxy.mjs","names":[],"sources":["../../../src/internal/route/proxy.ts"],"sourcesContent":["import { resolveRoutePrefix } from \"@interfere/constants/route-prefix\";\nimport { omitUndefined } from \"@interfere/helpers/omit-undefined\";\nimport { extractCountryHeader } from \"@interfere/types/sdk/geo\";\n\nimport { type InterfereEnv, readInterfereEnv } from \"../env.js\";\nimport { log } from \"../logger.js\";\n\n// Never forward customer API keys from browser-originated ingestion requests.\nconst STRIPPED_AUTH_HEADERS = [\n  \"authorization\",\n  \"x-api-key\",\n  \"x-interfere-api-key\",\n] as const;\n\n// Headers tied to the *inbound* HTTP transaction. These must not leak onto\n// the *outbound* `fetch` because the runtime computes them fresh for the new\n// body / connection, and forwarding them stale either silently corrupts the\n// request or hangs it until a timeout fires.\n//\n// Specifically `content-length`: `handleIngest` parses the incoming JSON,\n// injects build/release metadata, then re-`JSON.stringify`s the result. The\n// new body almost always has a different byte length to the original, so\n// forwarding the inbound `content-length` makes undici stall writing the\n// body until our 10s `AbortSignal.timeout` fires with\n// `Request body length does not match content-length header`. This was the\n// 2026-05-01 prod symptom (Vercel proxy 502s on `POST /v1/ingest` from\n// dashboard + homepage).\n//\n// `host` would route the upstream fetch back at the proxy hostname. fetch\n// sets it correctly from the URL automatically.\n//\n// The remainder are RFC 7230 §6.1 hop-by-hop headers — meaningful only on\n// the connection that received them. There's no canonical stdlib list for\n// any of this; every proxy in the Node ecosystem hand-rolls the same set\n// (`http-proxy`, Cloudflare Workers docs, Hono, undici's ProxyAgent, …).\nconst STRIPPED_TRANSPORT_HEADERS = [\n  \"host\",\n  \"content-length\",\n  \"connection\",\n  \"keep-alive\",\n  \"transfer-encoding\",\n  \"te\",\n  \"trailer\",\n  \"upgrade\",\n  \"proxy-authenticate\",\n  \"proxy-authorization\",\n] as const;\n\n/**\n * Clone the inbound request's headers, removing entries that should never\n * cross the proxy boundary. Returns a mutable `Headers` so callers can\n * `.set()`/`.delete()` upstream-specific values without having to merge\n * record literals (which lose case-insensitivity and create the precedence\n * footguns that masked the 2026-05-01 incident in code review).\n */\nexport function forwardedHeaders(request: Request): Headers {\n  const headers = new Headers(request.headers);\n  for (const name of STRIPPED_AUTH_HEADERS) {\n    headers.delete(name);\n  }\n  for (const name of STRIPPED_TRANSPORT_HEADERS) {\n    headers.delete(name);\n  }\n  return headers;\n}\n\nexport interface AuthenticatedEnv {\n  apiUrl: string;\n  publicKey: string | null;\n  release: InterfereEnv[\"release\"];\n}\n\nexport function resolveAuthenticatedEnv(): AuthenticatedEnv {\n  const env = readInterfereEnv();\n  return {\n    apiUrl: env.apiUrl,\n    publicKey: env.publicKey,\n    release: env.release,\n  };\n}\n\n/** True when the proxy can attach a publishable key from env or the request. */\nexport function hasPublicKeyCredential(\n  request: Request,\n  envPublicKey: string | null\n): boolean {\n  if (envPublicKey) {\n    return true;\n  }\n  return new URL(request.url).searchParams.has(\"pk\");\n}\n\nexport function notConfiguredResponse(): Response {\n  log.warn(\"Not configured\", [\n    \"INTERFERE_PUBLIC_KEY is not set and the request has no ?pk= query param. The proxy route will return 503.\",\n  ]);\n  return Response.json(\n    {\n      code: \"INTERFERE_NOT_CONFIGURED\",\n      message: \"INTERFERE_PUBLIC_KEY is required.\",\n    },\n    { status: 503 }\n  );\n}\n\nexport function extractSubPath(request: Request): string {\n  const prefix = resolveRoutePrefix();\n  const url = new URL(request.url);\n  const idx = url.pathname.indexOf(prefix);\n  if (idx === -1) {\n    return \"/\";\n  }\n  const remainder = url.pathname.slice(idx + prefix.length);\n  if (remainder === \"\") {\n    return \"/\";\n  }\n  return remainder.startsWith(\"/\") ? remainder : `/${remainder}`;\n}\n\n/**\n * Preserve any query string verbatim when forwarding upstream.\n *\n * The browser SDK uses `?_pv=…` and `?pk=…` (and `?_pt=…` in direct\n * mode) as a `navigator.sendBeacon` fallback when `visibilitychange→\n * hidden` aborts the keepalive fetch path. The collector's\n * `otlpProducerGuard` and `surfacePkAuth` accept those values verbatim\n * — but only if the proxy actually forwards them. Passing\n * `request.url`'s `search` through (`\"\"` when absent, leading `?`\n * when present) keeps the rewrite transparent.\n */\nexport function extractSearch(request: Request): string {\n  return new URL(request.url).search;\n}\n\nexport function formatProxyError(error: unknown): {\n  message: string;\n  lines: string[];\n} {\n  if (!(error instanceof Error)) {\n    return { message: String(error), lines: [String(error)] };\n  }\n\n  const lines = [`${error.name}: ${error.message}`];\n\n  if (\"cause\" in error && error.cause) {\n    const cause =\n      error.cause instanceof Error ? error.cause.message : String(error.cause);\n    lines.push(`cause: ${cause}`);\n  }\n\n  if (\n    \"code\" in error &&\n    typeof (error as NodeJS.ErrnoException).code === \"string\"\n  ) {\n    lines.push(`code: ${(error as NodeJS.ErrnoException).code}`);\n  }\n\n  return { message: `${error.name}: ${error.message}`, lines };\n}\n\n/**\n * Append `?pk=` to the outbound URL from the server env. Proxy mode\n * means the browser never sees `INTERFERE_PUBLIC_KEY` (it's not\n * `NEXT_PUBLIC_`-exposed), so the proxy is the only place the\n * credential can attach to the request. Preserves any existing query\n * params (e.g. `_pv=` debug flag). If the inbound request already\n * carries `?pk=`, that value wins — a misconfigured server-env pk\n * shouldn't clobber an explicit one from the SDK.\n */\nfunction buildUpstreamUrl(\n  apiUrl: string,\n  subPath: string,\n  request: Request,\n  publicKey: string | null\n): string {\n  const incoming = new URL(request.url);\n  const upstream = new URL(`${apiUrl}${subPath}`);\n\n  for (const [key, value] of incoming.searchParams) {\n    upstream.searchParams.append(key, value);\n  }\n\n  if (publicKey && !upstream.searchParams.has(\"pk\")) {\n    upstream.searchParams.set(\"pk\", publicKey);\n  }\n\n  return upstream.toString();\n}\n\nexport async function forwardToCollector(\n  request: Request,\n  env: AuthenticatedEnv,\n  subPath: string\n): Promise<Response> {\n  const url = buildUpstreamUrl(env.apiUrl, subPath, request, env.publicKey);\n  const hasBody = request.method !== \"GET\" && request.method !== \"HEAD\";\n  const body = hasBody ? await request.text() : undefined;\n\n  const headers = forwardedHeaders(request);\n  // Default to JSON only when the inbound request didn't pin a content-type\n  // — non-`/v1/ingest` paths relay the body bytes verbatim, so honour\n  // whatever the caller said it was sending.\n  if (!headers.has(\"content-type\")) {\n    headers.set(\"content-type\", \"application/json\");\n  }\n  const country = extractCountryHeader(request);\n  if (country !== null) {\n    headers.set(\"x-country-code\", country);\n  }\n\n  const upstream = await fetch(url, {\n    ...omitUndefined({ body }),\n    method: request.method,\n    headers,\n    signal: AbortSignal.timeout(10_000),\n  });\n\n  if (!upstream.ok) {\n    const text = await upstream.text().catch(() => \"\");\n\n    if (upstream.status >= 500) {\n      log.error(\n        `Upstream ${upstream.status} for ${request.method} ${subPath}`,\n        [text]\n      );\n      return Response.json(\n        { code: \"INTERFERE_UPSTREAM_ERROR\", message: text },\n        { status: upstream.status }\n      );\n    }\n    if (upstream.status >= 400) {\n      log.warn(`Upstream ${upstream.status} for ${request.method} ${subPath}`, [\n        text,\n      ]);\n      return Response.json(\n        { code: \"INTERFERE_UPSTREAM_WARNING\", message: text },\n        { status: upstream.status }\n      );\n    }\n\n    log.error(`Upstream ${upstream.status} for ${request.method} ${subPath}`, [\n      text,\n    ]);\n    return Response.json(\n      { code: \"INTERFERE_UPSTREAM_ERROR\", message: text },\n      { status: upstream.status }\n    );\n  }\n\n  return new Response(upstream.body, {\n    status: upstream.status,\n    headers: {\n      \"content-type\":\n        upstream.headers.get(\"content-type\") ?? \"application/json\",\n    },\n  });\n}\n"],"mappings":"kQAQA,MAAM,sBAAwB,CAC5B,gBACA,YACA,qBACF,EAuBM,2BAA6B,CACjC,OACA,iBACA,aACA,aACA,oBACA,KACA,UACA,UACA,qBACA,qBACF,EASA,SAAgB,iBAAiB,QAA2B,CAC1D,IAAM,QAAU,IAAI,QAAQ,QAAQ,OAAO,EAC3C,IAAK,IAAM,QAAQ,sBACjB,QAAQ,OAAO,IAAI,EAErB,IAAK,IAAM,QAAQ,2BACjB,QAAQ,OAAO,IAAI,EAErB,OAAO,OACT,CAQA,SAAgB,yBAA4C,CAC1D,IAAM,IAAM,iBAAiB,EAC7B,MAAO,CACL,OAAQ,IAAI,OACZ,UAAW,IAAI,UACf,QAAS,IAAI,OACf,CACF,CAGA,SAAgB,uBACd,QACA,aACS,CAIT,OAHI,aACK,GAEF,IAAI,IAAI,QAAQ,GAAG,EAAE,aAAa,IAAI,IAAI,CACnD,CAEA,SAAgB,uBAAkC,CAIhD,OAHA,IAAI,KAAK,iBAAkB,CACzB,2GACF,CAAC,EACM,SAAS,KACd,CACE,KAAM,2BACN,QAAS,mCACX,EACA,CAAE,OAAQ,GAAI,CAChB,CACF,CAEA,SAAgB,eAAe,QAA0B,CACvD,IAAM,OAAS,mBAAmB,EAC5B,IAAM,IAAI,IAAI,QAAQ,GAAG,EACzB,IAAM,IAAI,SAAS,QAAQ,MAAM,EACvC,GAAI,MAAQ,GACV,MAAO,IAET,IAAM,UAAY,IAAI,SAAS,MAAM,IAAM,OAAO,MAAM,EAIxD,OAHI,YAAc,GACT,IAEF,UAAU,WAAW,GAAG,EAAI,UAAY,IAAI,WACrD,CAaA,SAAgB,cAAc,QAA0B,CACtD,OAAO,IAAI,IAAI,QAAQ,GAAG,EAAE,MAC9B,CAEA,SAAgB,iBAAiB,MAG/B,CACA,GAAI,EAAE,iBAAiB,OACrB,MAAO,CAAE,QAAS,OAAO,KAAK,EAAG,MAAO,CAAC,OAAO,KAAK,CAAC,CAAE,EAG1D,IAAM,MAAQ,CAAC,GAAG,MAAM,KAAK,IAAI,MAAM,SAAS,EAEhD,GAAI,UAAW,OAAS,MAAM,MAAO,CACnC,IAAM,MACJ,MAAM,iBAAiB,MAAQ,MAAM,MAAM,QAAU,OAAO,MAAM,KAAK,EACzE,MAAM,KAAK,UAAU,OAAO,CAC9B,CASA,MANE,SAAU,OACV,OAAQ,MAAgC,MAAS,UAEjD,MAAM,KAAK,SAAU,MAAgC,MAAM,EAGtD,CAAE,QAAS,GAAG,MAAM,KAAK,IAAI,MAAM,UAAW,KAAM,CAC7D,CAWA,SAAS,iBACP,OACA,QACA,QACA,UACQ,CACR,IAAM,SAAW,IAAI,IAAI,QAAQ,GAAG,EAC9B,SAAW,IAAI,IAAI,GAAG,SAAS,SAAS,EAE9C,IAAK,GAAM,CAAC,IAAK,SAAU,SAAS,aAClC,SAAS,aAAa,OAAO,IAAK,KAAK,EAOzC,OAJI,WAAa,CAAC,SAAS,aAAa,IAAI,IAAI,GAC9C,SAAS,aAAa,IAAI,KAAM,SAAS,EAGpC,SAAS,SAAS,CAC3B,CAEA,eAAsB,mBACpB,QACA,IACA,QACmB,CACnB,IAAM,IAAM,iBAAiB,IAAI,OAAQ,QAAS,QAAS,IAAI,SAAS,EAElE,KADU,QAAQ,SAAW,OAAS,QAAQ,SAAW,OACxC,MAAM,QAAQ,KAAK,EAAI,IAAA,GAExC,QAAU,iBAAiB,OAAO,EAInC,QAAQ,IAAI,cAAc,GAC7B,QAAQ,IAAI,eAAgB,kBAAkB,EAEhD,IAAM,QAAU,qBAAqB,OAAO,EACxC,UAAY,MACd,QAAQ,IAAI,iBAAkB,OAAO,EAGvC,IAAM,SAAW,MAAM,MAAM,IAAK,CAChC,GAAG,cAAc,CAAE,IAAK,CAAC,EACzB,OAAQ,QAAQ,OAChB,QACA,OAAQ,YAAY,QAAQ,GAAM,CACpC,CAAC,EAED,GAAI,CAAC,SAAS,GAAI,CAChB,IAAM,KAAO,MAAM,SAAS,KAAK,EAAE,UAAY,EAAE,EAyBjD,OAvBI,SAAS,QAAU,KACrB,IAAI,MACF,YAAY,SAAS,OAAO,OAAO,QAAQ,OAAO,GAAG,UACrD,CAAC,IAAI,CACP,EACO,SAAS,KACd,CAAE,KAAM,2BAA4B,QAAS,IAAK,EAClD,CAAE,OAAQ,SAAS,MAAO,CAC5B,GAEE,SAAS,QAAU,KACrB,IAAI,KAAK,YAAY,SAAS,OAAO,OAAO,QAAQ,OAAO,GAAG,UAAW,CACvE,IACF,CAAC,EACM,SAAS,KACd,CAAE,KAAM,6BAA8B,QAAS,IAAK,EACpD,CAAE,OAAQ,SAAS,MAAO,CAC5B,IAGF,IAAI,MAAM,YAAY,SAAS,OAAO,OAAO,QAAQ,OAAO,GAAG,UAAW,CACxE,IACF,CAAC,EACM,SAAS,KACd,CAAE,KAAM,2BAA4B,QAAS,IAAK,EAClD,CAAE,OAAQ,SAAS,MAAO,CAC5B,EACF,CAEA,OAAO,IAAI,SAAS,SAAS,KAAM,CACjC,OAAQ,SAAS,OACjB,QAAS,CACP,eACE,SAAS,QAAQ,IAAI,cAAc,GAAK,kBAC5C,CACF,CAAC,CACH"}

package/dist/package.mjs

@@ -1 +1 @@
-var name=`@interfere/next`,version=`10.0.1-canary.0`;export{name,version};
+var name=`@interfere/next`,version=`10.0.1-canary.1`;export{name,version};

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@interfere/next",
-  "version": "10.0.1-canary.0",
+  "version": "10.0.1-canary.1",
   "license": "MIT",
   "description": "Build software that never breaks.",
   "keywords": [
@@ -100,8 +100,8 @@
   "dependencies": {
     "@interfere/constants": "^9.0.2-canary.0",
     "@interfere/helpers": "^9.0.0",
-    "@interfere/react": "^10.0.1-canary.0",
-    "@interfere/sdk": "^10.0.1-canary.0",
+    "@interfere/react": "^10.0.1-canary.1",
+    "@interfere/sdk": "^10.0.1-canary.1",
     "@interfere/types": "^9.0.3-canary.0",
     "@opentelemetry/api": "^1.9.1",
     "@opentelemetry/api-logs": "^0.218.0",