@mevdragon/vidfarm-devcli 0.1.0 → 0.2.1

package/dist/src/services/auth.js

@@ -1,7 +1,7 @@
 import { randomInt } from "node:crypto";
 import { config } from "../config.js";
 import { database } from "../db.js";
-import { hashSecret, safeEqualHash } from "../lib/crypto.js";
+import { hashPassword, hashSecret, safeEqualHash, verifyPassword } from "../lib/crypto.js";
 import { createId } from "../lib/ids.js";
 import { addSeconds, nowIso } from "../lib/time.js";
 export class AuthService {
@@ -47,16 +47,24 @@ export class AuthService {
             throw new Error("Invalid OTP code.");
         }
         database.consumeOtpChallenge(String(challenge.id));
-        const customer = database.getCustomerByEmail(email) ?? database.upsertCustomer({
-            id: createId("cus"),
+        const existing = database.getCustomerByEmail(email);
+        const normalizedEmail = email.trim().toLowerCase();
+        const customer = database.upsertCustomer({
+            id: existing?.id ?? createId("cus"),
             email,
-            name: name ?? null
+            name: name ?? existing?.name ?? null,
+            defaultWebhookUrl: existing?.defaultWebhookUrl ?? null,
+            isDeveloper: existing?.isDeveloper
+                || config.adminEmails.includes(normalizedEmail)
+                || config.developerEmails.includes(normalizedEmail),
+            isPaidPlan: existing?.isPaidPlan ?? false
         });
         const rawApiKey = `vf_${createId("key")}`;
         database.insertApiKey({
             id: createId("api"),
             customerId: customer.id,
             keyHash: hashSecret(rawApiKey + config.API_KEY_SALT),
+            rawValue: rawApiKey,
             label: `Issued ${nowIso()}`
         });
         return { customer, apiKey: rawApiKey };
@@ -69,12 +77,68 @@ export class AuthService {
         if (!row || String(row.customer_id) !== userId) {
             throw new Error("Invalid API credentials.");
         }
+        if (!Boolean(row.is_paid_plan)) {
+            throw new Error("Paid plan required.");
+        }
         database.touchApiKey(String(row.id));
         return {
             id: String(row.customer_id),
             email: String(row.email),
             name: row.name ? String(row.name) : null,
-            defaultWebhookUrl: row.default_webhook_url ? String(row.default_webhook_url) : null
+            defaultWebhookUrl: row.default_webhook_url ? String(row.default_webhook_url) : null,
+            isDeveloper: Boolean(row.is_developer),
+            isPaidPlan: Boolean(row.is_paid_plan),
+            about: row.about ? String(row.about) : null,
+            groupchatUrl: row.groupchat_url ? String(row.groupchat_url) : null,
+            flockposterApiKey: row.flockposter_api_key ? String(row.flockposter_api_key) : null
         };
     }
+    verifyOtpForBrowserLogin(email, code, name) {
+        const result = this.verifyOtp(email, code, name);
+        if (!result.customer.isPaidPlan) {
+            return {
+                status: "pricing",
+                customer: result.customer
+            };
+        }
+        return {
+            status: "authenticated",
+            customer: result.customer
+        };
+    }
+    authenticateWithPassword(email, password) {
+        const row = database.getCustomerAuthByEmail(email);
+        if (!row || !row.password_hash || !verifyPassword(password, String(row.password_hash))) {
+            throw new Error("Invalid email or password.");
+        }
+        const customer = database.getCustomerById(String(row.id));
+        if (!customer) {
+            throw new Error("Customer not found.");
+        }
+        if (!customer.isPaidPlan) {
+            return {
+                status: "pricing",
+                customer
+            };
+        }
+        return {
+            status: "authenticated",
+            customer
+        };
+    }
+    createPasswordUser(input) {
+        const normalizedEmail = input.email.trim().toLowerCase();
+        const existing = database.getCustomerByEmail(normalizedEmail);
+        return database.upsertCustomer({
+            id: existing?.id ?? createId("cus"),
+            email: normalizedEmail,
+            name: input.name ?? existing?.name ?? null,
+            defaultWebhookUrl: existing?.defaultWebhookUrl ?? null,
+            isDeveloper: existing?.isDeveloper
+                || config.adminEmails.includes(normalizedEmail)
+                || config.developerEmails.includes(normalizedEmail),
+            isPaidPlan: true,
+            passwordHash: hashPassword(input.password)
+        });
+    }
 }

package/dist/src/services/jobs.js

@@ -2,8 +2,26 @@ import { config } from "../config.js";
 import { database } from "../db.js";
 import { createId } from "../lib/ids.js";
 import { addSeconds, nowIso } from "../lib/time.js";
+const PENDING_JOB_STATUSES = ["queued", "running", "waiting_for_child", "waiting_for_human"];
 export class JobsService {
+    assertQueueCapacity(customerId) {
+        if (config.MAX_PENDING_JOBS_GLOBAL <= 0 && config.MAX_PENDING_JOBS_PER_CUSTOMER <= 0) {
+            return;
+        }
+        const globalPending = database.countJobsByStatuses({ statuses: PENDING_JOB_STATUSES });
+        if (config.MAX_PENDING_JOBS_GLOBAL > 0 && globalPending >= config.MAX_PENDING_JOBS_GLOBAL) {
+            throw new Error(`Vidfarm queue is full. Try again later. Active backlog: ${globalPending}.`);
+        }
+        const customerPending = database.countJobsByStatuses({
+            statuses: PENDING_JOB_STATUSES,
+            customerId
+        });
+        if (config.MAX_PENDING_JOBS_PER_CUSTOMER > 0 && customerPending >= config.MAX_PENDING_JOBS_PER_CUSTOMER) {
+            throw new Error(`Customer queue limit reached. Reduce outstanding jobs before submitting more.`);
+        }
+    }
     createRootJob(input) {
+        this.assertQueueCapacity(input.customer.id);
         return database.createJob({
             id: createId("job"),
             templateId: input.templateId,
@@ -26,6 +44,7 @@ export class JobsService {
         });
     }
     async enqueueChildJob(input) {
+        this.assertQueueCapacity(input.customerId);
         return database.createJob({
             id: createId("job"),
             templateId: input.templateId,
@@ -50,11 +69,11 @@ export class JobsService {
     getJob(jobId) {
         return database.getJob(jobId);
     }
-    listJobs(customerId, templateId) {
-        return database.listJobsForCustomer(customerId, templateId);
+    listJobs(input) {
+        return database.listJobsForCustomer(input);
     }
-    listLogs(jobId, since, limit) {
-        return database.getJobEvents(jobId, since, limit);
+    listLogs(input) {
+        return database.getJobEvents(input);
     }
     cancelJob(jobId) {
         database.updateJobStatus({

package/dist/src/services/providers.js

@@ -15,6 +15,14 @@ export class ProviderRateLimitError extends Error {
         this.retryAfterSeconds = retryAfterSeconds;
     }
 }
+function readStoredProviderSecret(value) {
+    try {
+        return decryptString(value, config.ENCRYPTION_SECRET);
+    }
+    catch {
+        return value;
+    }
+}
 export class ProviderService {
     async leaseCustomerKey(input) {
         const leaseToken = createId("lease");
@@ -33,7 +41,7 @@ export class ProviderService {
             keyId: row.keyId,
             leaseToken,
             provider: input.provider,
-            secret: decryptString(row.encryptedSecret, config.ENCRYPTION_SECRET)
+            secret: readStoredProviderSecret(row.encryptedSecret)
         };
     }
     async releaseLease(lease) {
@@ -154,11 +162,15 @@ export class ProviderService {
                 ? await this.callGeminiImageGeneration({
                     model: input.model,
                     prompt: input.prompt,
+                    promptAttachments: input.promptAttachments,
+                    aspectRatio: input.aspectRatio,
+                    imageSize: input.imageSize,
                     apiKey: lease.secret
                 })
                 : await this.callOpenAIImageGeneration({
                     model: input.model,
                     prompt: input.prompt,
+                    promptAttachments: input.promptAttachments,
                     size: input.size,
                     apiKey: lease.secret
                 });
@@ -217,7 +229,8 @@ export class ProviderService {
                     overlayText: input.overlayText,
                     apiKey: lease.secret
                 })
-                : await this.callOpenAILayoutAnalysis({
+                : await this.callOpenAICompatibleLayoutAnalysis({
+                    provider: input.provider === "openrouter" ? "openrouter" : "openai",
                     model: input.model,
                     imageUrl: input.imageUrl,
                     overlayText: input.overlayText,
@@ -252,6 +265,9 @@ export class ProviderService {
         }
     }
     async callOpenAIImageGeneration(input) {
+        if (input.promptAttachments?.length) {
+            throw new Error("OpenAI image generation attachments are not implemented in this provider path. Use Gemini for reference attachments.");
+        }
         const response = await fetch("https://api.openai.com/v1/images/generations", {
             method: "POST",
             headers: {
@@ -286,15 +302,27 @@ export class ProviderService {
         };
     }
     async callGeminiImageGeneration(input) {
+        const imageConfig = {};
+        if (input.aspectRatio) {
+            imageConfig.aspectRatio = input.aspectRatio;
+        }
+        if (input.imageSize && supportsGeminiImageSize(input.model)) {
+            imageConfig.imageSize = input.imageSize;
+        }
         const response = await fetch(`https://generativelanguage.googleapis.com/v1beta/models/${input.model}:generateContent?key=${input.apiKey}`, {
             method: "POST",
             headers: {
                 "Content-Type": "application/json"
             },
             body: JSON.stringify({
-                contents: [{ parts: [{ text: input.prompt }] }],
+                contents: [{ parts: await buildGeminiPromptParts(input.prompt, input.promptAttachments ?? []) }],
                 generationConfig: {
-                    responseModalities: ["TEXT", "IMAGE"]
+                    responseModalities: ["TEXT", "IMAGE"],
+                    ...(Object.keys(imageConfig).length
+                        ? {
+                            imageConfig
+                        }
+                        : {})
                 }
             })
         });
@@ -319,8 +347,11 @@ export class ProviderService {
             revisedPrompt: null
         };
     }
-    async callOpenAILayoutAnalysis(input) {
-        const response = await fetch("https://api.openai.com/v1/chat/completions", {
+    async callOpenAICompatibleLayoutAnalysis(input) {
+        const endpoint = input.provider === "openrouter"
+            ? "https://openrouter.ai/api/v1/chat/completions"
+            : "https://api.openai.com/v1/chat/completions";
+        const response = await fetch(endpoint, {
             method: "POST",
             headers: {
                 "Content-Type": "application/json",
@@ -333,14 +364,14 @@ export class ProviderService {
                 messages: [
                     {
                         role: "system",
-                        content: "Analyze a 9:16 slideshow image and return JSON with zone, align, maxWidthPercent, justification. Prefer negative space and avoid covering a subject."
+                        content: "Analyze a 9:16 slideshow image and return JSON with zone, align, maxWidthPercent, justification. Prefer centered text placement in the middle third of the frame unless that would cover the subject. Avoid covering the subject, avoid fake caption panels, and keep the caption inside a TikTok-safe region that avoids the top tabs, right-side action rail, and bottom caption/audio UI."
                     },
                     {
                         role: "user",
                         content: [
                             {
                                 type: "text",
-                                text: `The exact overlay text is: ${input.overlayText}\nChoose zone from top, center, bottom. Choose align from left, center, right. maxWidthPercent must be between 52 and 88.`
+                                text: `The exact overlay text is: ${input.overlayText}\nChoose zone from top, center, bottom. Choose align from left, center, right. Prefer center when viable. maxWidthPercent must be between 46 and 62.\nTreat the top 12 percent, right 22 percent, and bottom 20 percent as reserved TikTok UI chrome.\nThe visual goal is native TikTok caption placement, not poster typography.`
                             },
                             {
                                 type: "image_url",
@@ -354,13 +385,13 @@ export class ProviderService {
             })
         });
         if (response.status === 401) {
-            throw new ProviderAuthError("openai authentication failed");
+            throw new ProviderAuthError(`${input.provider} authentication failed`);
         }
         if (response.status === 429) {
-            throw new ProviderRateLimitError("openai rate limited");
+            throw new ProviderRateLimitError(`${input.provider} rate limited`);
         }
         if (!response.ok) {
-            throw new Error(`openai layout analysis returned ${response.status}`);
+            throw new Error(`${input.provider} layout analysis returned ${response.status}`);
         }
         const data = await response.json();
         return String(data.choices?.[0]?.message?.content ?? "");
@@ -385,8 +416,11 @@ export class ProviderService {
                                     "Analyze this 9:16 slideshow image and return JSON with keys zone, align, maxWidthPercent, justification.",
                                     "zone must be one of top, center, bottom.",
                                     "align must be one of left, center, right.",
-                                    "maxWidthPercent must be between 52 and 88.",
+                                    "Prefer centered text placement in the middle third unless that would cover the subject.",
+                                    "maxWidthPercent must be between 46 and 62.",
                                     "Prefer negative space and avoid covering the subject.",
+                                    "Treat the top 12 percent, right 22 percent, and bottom 20 percent as reserved TikTok UI chrome.",
+                                    "The visual goal is native TikTok caption placement, not poster typography or large title cards.",
                                     `Exact overlay text: ${input.overlayText}`
                                 ].join("\n")
                             },
@@ -501,6 +535,34 @@ export class ProviderService {
 function clamp(value, min, max) {
     return Math.max(min, Math.min(max, value));
 }
+function supportsGeminiImageSize(model) {
+    return model === "gemini-3.1-flash-image-preview" || model === "gemini-3-pro-image-preview";
+}
+async function buildGeminiPromptParts(prompt, attachments) {
+    const parts = [];
+    for (const attachment of attachments) {
+        if (!/^https?:\/\//i.test(attachment)) {
+            throw new Error(`Gemini prompt attachments must be public URLs: ${attachment}`);
+        }
+        const response = await fetch(attachment);
+        if (!response.ok) {
+            throw new Error(`Could not fetch Gemini prompt attachment ${attachment}: ${response.status}`);
+        }
+        const mimeType = response.headers.get("content-type")?.split(";")[0]?.trim();
+        if (!mimeType) {
+            throw new Error(`Gemini prompt attachment did not return a content type: ${attachment}`);
+        }
+        const bytes = Buffer.from(await response.arrayBuffer());
+        parts.push({
+            inlineData: {
+                mimeType,
+                data: bytes.toString("base64")
+            }
+        });
+    }
+    parts.push({ text: prompt });
+    return parts;
+}
 function buildMockSlideSvg(prompt) {
     const escaped = escapeXml(prompt.slice(0, 220));
     return `

package/dist/src/services/storage.js

@@ -1,6 +1,6 @@
-import { mkdirSync, readFileSync, writeFileSync } from "node:fs";
+import { mkdirSync, readFileSync, rmSync, writeFileSync } from "node:fs";
 import path from "node:path";
-import { PutObjectCommand, S3Client } from "@aws-sdk/client-s3";
+import { DeleteObjectCommand, GetObjectCommand, PutObjectCommand, S3Client } from "@aws-sdk/client-s3";
 import { getSignedUrl } from "@aws-sdk/s3-request-presigner";
 import { config } from "../config.js";
 export class StorageService {
@@ -14,22 +14,39 @@ export class StorageService {
     constructor() {
         mkdirSync(this.localRoot, { recursive: true });
     }
-    async putJson(key, value) {
+    userAttachmentKey(customerId, attachmentId, fileName) {
+        return joinStorageKey("user", customerId, "attachments", attachmentId, fileName);
+    }
+    developerAttachmentKey(customerId, attachmentId, fileName) {
+        return joinStorageKey("developer", customerId, "attachments", attachmentId, fileName);
+    }
+    templateJobPrefix(templateId, customerId, jobId) {
+        return joinStorageKey("templates", templateId, "users", customerId, "jobs", jobId);
+    }
+    templateJobKey(templateId, customerId, jobId, key) {
+        return joinStorageKey(this.templateJobPrefix(templateId, customerId, jobId), key);
+    }
+    templateAboutKey(templateId, assetPath) {
+        return joinStorageKey("templates", templateId, "about", assetPath);
+    }
+    async putJson(key, value, options) {
         const body = JSON.stringify(value, null, 2);
-        return this.putBuffer(key, Buffer.from(body, "utf8"), "application/json");
+        return this.putBuffer(key, Buffer.from(body, "utf8"), "application/json", options);
     }
-    async putText(key, value, contentType = "text/plain; charset=utf-8") {
-        return this.putBuffer(key, Buffer.from(value, "utf8"), contentType);
+    async putText(key, value, contentType = "text/plain; charset=utf-8", options) {
+        return this.putBuffer(key, Buffer.from(value, "utf8"), contentType, options);
     }
-    async putBuffer(key, value, contentType = "application/octet-stream") {
+    async putBuffer(key, value, contentType = "application/octet-stream", options) {
+        const publicRead = options?.publicRead ?? config.s3PublicRead;
         if (this.s3 && config.AWS_S3_BUCKET) {
             await this.s3.send(new PutObjectCommand({
                 Bucket: config.AWS_S3_BUCKET,
                 Key: key,
                 Body: value,
-                ContentType: contentType
+                ContentType: contentType,
+                ACL: publicRead ? "public-read" : undefined
             }));
-            return { key, url: this.getPublicUrl(key) };
+            return { key, url: publicRead ? this.getPublicUrl(key) : await this.createReadUrl(key) };
         }
         const filePath = path.join(this.localRoot, key);
         mkdirSync(path.dirname(filePath), { recursive: true });
@@ -57,34 +74,73 @@ export class StorageService {
             contentType: inferContentType(filePath)
         };
     }
-    async createPresignedWorkspaceUpload(customerId, relativePath, contentType) {
-        const key = `customers/${customerId}/workspace/${relativePath}`;
+    async getReadUrl(key) {
+        return this.createReadUrl(key);
+    }
+    async deleteObject(key) {
         if (this.s3 && config.AWS_S3_BUCKET) {
-            const command = new PutObjectCommand({
+            await this.s3.send(new DeleteObjectCommand({
                 Bucket: config.AWS_S3_BUCKET,
-                Key: key,
-                ContentType: contentType
+                Key: key
+            }));
+            return;
+        }
+        rmSync(path.join(this.localRoot, key), { force: true });
+    }
+    async createReadUrl(key) {
+        if (this.s3 && config.AWS_S3_BUCKET) {
+            if (config.s3PublicRead) {
+                return this.getPublicUrl(key);
+            }
+            const command = new GetObjectCommand({
+                Bucket: config.AWS_S3_BUCKET,
+                Key: key
             });
-            const url = await getSignedUrl(this.s3, command, { expiresIn: 900 });
-            return { key, url, method: "PUT" };
+            return getSignedUrl(this.s3, command, { expiresIn: 86400 });
         }
-        const url = `${config.PUBLIC_BASE_URL}/storage/${encodeURIComponent(key)}`;
-        return { key, url, method: "PUT" };
+        return this.getPublicUrl(key);
     }
 }
+function joinStorageKey(...parts) {
+    return parts
+        .flatMap((part) => part.split("/"))
+        .map((part) => part.trim())
+        .filter(Boolean)
+        .join("/");
+}
 function inferContentType(filePath) {
     switch (path.extname(filePath).toLowerCase()) {
         case ".json":
             return "application/json";
         case ".png":
             return "image/png";
+        case ".gif":
+            return "image/gif";
         case ".jpg":
         case ".jpeg":
             return "image/jpeg";
+        case ".webp":
+            return "image/webp";
         case ".svg":
             return "image/svg+xml";
         case ".mp4":
             return "video/mp4";
+        case ".webm":
+            return "video/webm";
+        case ".mov":
+            return "video/quicktime";
+        case ".mp3":
+            return "audio/mpeg";
+        case ".wav":
+            return "audio/wav";
+        case ".m4a":
+            return "audio/mp4";
+        case ".ogg":
+            return "audio/ogg";
+        case ".pdf":
+            return "application/pdf";
+        case ".md":
+            return "text/markdown; charset=utf-8";
         case ".txt":
             return "text/plain; charset=utf-8";
         default:

package/dist/src/services/template-certification.js

@@ -0,0 +1,160 @@
+import { readFileSync } from "node:fs";
+export class TemplateCertificationService {
+    async certify(input) {
+        const checks = [];
+        const { template, skillPath } = input;
+        checks.push(this.check("template.metadata", Boolean(template.id &&
+            template.slugId &&
+            template.version &&
+            template.about &&
+            typeof template.about.title === "string" &&
+            typeof template.about.description === "string" &&
+            typeof template.about.viral_dna === "string" &&
+            typeof template.about.visual_dna === "string" &&
+            Array.isArray(template.about.preview_media) &&
+            template.about.preview_media.every((entry) => typeof entry === "string") &&
+            typeof template.about.link_to_original === "string"), "Template must define id, slugId, version, and complete about metadata.", {
+            templateId: template.id,
+            slugId: template.slugId,
+            version: template.version,
+            previewMediaCount: template.about?.preview_media?.length ?? 0
+        }));
+        checks.push(this.check("template.operations", Object.keys(template.operations).length > 0, "Template must define at least one operation."));
+        checks.push(this.checkSkill(skillPath));
+        for (const [operationName, operation] of Object.entries(template.operations)) {
+            checks.push(this.check(`operation.${operationName}.workflow`, typeof template.jobs[operation.workflow] === "function", `Operation ${operationName} must reference an existing workflow.`, { workflow: operation.workflow }));
+            checks.push(this.check(`operation.${operationName}.smoke_payload`, Boolean(operation.smokeTestPayload), `Operation ${operationName} must define smokeTestPayload for certification.`));
+            if (!operation.smokeTestPayload) {
+                continue;
+            }
+            try {
+                const payload = operation.inputSchema.parse(operation.smokeTestPayload);
+                const workflow = template.jobs[operation.workflow];
+                const smoke = createSmokeContext(template.id);
+                const result = await workflow(smoke.ctx, payload);
+                checks.push(this.check(`operation.${operationName}.smoke_run`, Boolean(result && (result.output || result.progress !== undefined)), `Operation ${operationName} smoke run completed.`, {
+                    logCount: smoke.logCount,
+                    storageWrites: smoke.storageWrites,
+                    billingCalls: smoke.billingCalls,
+                    providerCalls: smoke.providerCalls,
+                    remotionCalls: smoke.remotionCalls
+                }));
+                checks.push(this.check(`operation.${operationName}.logs`, smoke.logCount > 0, `Operation ${operationName} must emit at least one log/progress event during smoke run.`));
+            }
+            catch (error) {
+                checks.push(this.check(`operation.${operationName}.smoke_run`, false, error instanceof Error ? error.message : "Smoke run failed."));
+            }
+        }
+        return {
+            passed: checks.every((check) => check.ok),
+            checks
+        };
+    }
+    check(code, ok, message, details) {
+        return { code, ok, message, details };
+    }
+    checkSkill(skillPath) {
+        try {
+            const contents = readFileSync(skillPath, "utf8").trim();
+            return this.check("template.skill", contents.length >= 40, "Template must include a non-trivial SKILL.md for customer agents.", { skillPath });
+        }
+        catch (error) {
+            return this.check("template.skill", false, error instanceof Error ? error.message : "Unable to read SKILL.md.", { skillPath });
+        }
+    }
+}
+const MOCK_PNG_BYTES = Uint8Array.from(Buffer.from("iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAACXBIWXMAAAPoAAAD6AG1e1JrAAAADUlEQVR4nGP4////fwAJ+wP9KobjigAAAABJRU5ErkJggg==", "base64"));
+function createSmokeContext(templateId) {
+    let logCount = 0;
+    let storageWrites = 0;
+    let billingCalls = 0;
+    let providerCalls = 0;
+    let remotionCalls = 0;
+    const prefix = `templates/${templateId}/users/certification-user/jobs/certification-job`;
+    const ctx = {
+        env: "development",
+        customer: {
+            id: "certification-user",
+            email: "certification@vidfarm.local",
+            name: "Certification",
+            defaultWebhookUrl: null,
+            isDeveloper: true,
+            isPaidPlan: true,
+            about: null,
+            groupchatUrl: null,
+            flockposterApiKey: null
+        },
+        templateConfig: {},
+        logger: {
+            debug() { logCount += 1; },
+            info() { logCount += 1; },
+            warn() { logCount += 1; },
+            error() { logCount += 1; },
+            progress() { logCount += 1; }
+        },
+        jobs: {
+            async enqueueChild() {
+                return { jobId: "child-certification-job" };
+            }
+        },
+        storage: {
+            async putJson(key) {
+                storageWrites += 1;
+                return { key: `${prefix}/${key}`, url: `https://certification.local/${encodeURIComponent(key)}` };
+            },
+            async putText(key) {
+                storageWrites += 1;
+                return { key: `${prefix}/${key}`, url: `https://certification.local/${encodeURIComponent(key)}` };
+            },
+            async putBuffer(key) {
+                storageWrites += 1;
+                return { key: `${prefix}/${key}`, url: `https://certification.local/${encodeURIComponent(key)}` };
+            },
+            getPublicUrl(key) {
+                return `https://certification.local/${encodeURIComponent(`${prefix}/${key}`)}`;
+            }
+        },
+        billing: {
+            async record() {
+                billingCalls += 1;
+            }
+        },
+        providers: {
+            async generateText() {
+                providerCalls += 1;
+                return { text: "certification text", usage: { inputTokens: 1, outputTokens: 1, costUsd: 0 } };
+            },
+            async generateImage() {
+                providerCalls += 1;
+                return { bytes: MOCK_PNG_BYTES, contentType: "image/png", revisedPrompt: null };
+            },
+            async analyzeImageLayout() {
+                providerCalls += 1;
+                return {
+                    zone: "bottom",
+                    align: "center",
+                    maxWidthPercent: 80,
+                    justification: "Certification mock layout."
+                };
+            }
+        },
+        remotion: {
+            async render() {
+                remotionCalls += 1;
+                return {
+                    renderId: "render-certification",
+                    outputUrl: "https://certification.local/render.mp4",
+                    metadata: { mode: "certification-mock" }
+                };
+            }
+        }
+    };
+    return {
+        ctx,
+        get logCount() { return logCount; },
+        get storageWrites() { return storageWrites; },
+        get billingCalls() { return billingCalls; },
+        get providerCalls() { return providerCalls; },
+        get remotionCalls() { return remotionCalls; }
+    };
+}