@mohasinac/appkit 2.6.8 → 2.7.0

package/README.md

@@ -0,0 +1,207 @@
+# @mohasinac/appkit
+
+Internal component library and server toolkit for the LetItRip collectibles marketplace.
+
+## Architecture
+
+```
+appkit/src/
+├── _internal/
+│   ├── client/features/   # Client-side feature views (RSC-compatible islands)
+│   ├── server/features/   # Server data-fetchers, adapters, server actions
+│   └── shared/            # Types, config, constants shared across both
+├── features/              # Domain feature modules (auth, products, scams, support …)
+├── repositories/          # Firestore Admin SDK repository layer (one per collection)
+├── seed/                  # Seed data + manifest for SeedPanel
+├── ui/                    # Primitive UI components (Button, Input, Modal, Stack …)
+├── next/                  # Next.js helpers (ROUTES, route-map, hooks, SSR utilities)
+├── seo/                   # JSON-LD builders, metadata helpers
+└── configs/               # Next.js + Tailwind shared config
+```
+
+## Entry Points
+
+| Entry | Purpose |
+|-------|---------|
+| `@mohasinac/appkit` | Main barrel — UI, repositories, constants, seed data |
+| `@mohasinac/appkit/client` | Client bundle — UI components, client hooks (firebase-admin free) |
+| `@mohasinac/appkit/server` | Server bundle — Admin SDK providers, server actions |
+| `@mohasinac/appkit/jobs` | Firebase Functions binders + pure job handlers |
+| `@mohasinac/appkit/styles` | Pre-compiled Tailwind utilities CSS |
+
+## Development
+
+```bash
+# From the letitrip.in root — watches src/ and recompiles on change
+npm run watch:appkit
+
+# Full build + CSS + asset copy
+npm run build          # inside appkit/
+```
+
+The consumer app links via `"file:./appkit"` — no npm publish required during local dev.
+
+## Publishing
+
+Only publish when explicitly requested. See `CLAUDE.md § Appkit Publish & Deploy Rules`.
+
+```bash
+# 1. Commit all source changes
+# 2. npm run build  (inside appkit/)
+# 3. npm publish   (inside appkit/)
+# 4. Update letitrip package.json + lockfile
+```
+
+---
+
+## Version History
+
+### v2.7.0 — 2026-05-14
+
+**Support Tickets seed data + Firestore indices + seed pipeline wiring (BAN9/SCAM9 followup)**
+
+- `appkit/src/seed/support-tickets-seed-data.ts` — 6 sample tickets covering all 5 statuses (open, in_progress, waiting_on_user, resolved, closed) and 5 categories
+- `SeedCollectionName` extended with `"supportTickets"`; wired into seed manifest + barrel + consumer seed route
+- `SUPPORT_TICKET_COLLECTION`, `ACTIVE_TICKET_STATUSES`, `TicketCategoryValues`, `TicketStatusValues`, `TicketPriorityValues` exported from main barrel
+- 6 new Firestore composite indices for `supportTickets` (userId+status+createdAt, assignedTo+status, status+priority, category+status, etc.)
+- `firestore.indexes.json` regenerated via `firebase-merge.mjs`
+- SeedPanel: `supportTickets` entry added to Trust & Safety group with full field schema + seededItems + uiPath
+- CSS build fix: stale `tailwind-utilities.css` rebuilt; `verify-css-build.mjs` passes all 8 required breakpoints/classes
+
+### v2.6.9 — 2026-05-14
+
+**Vercel Lambda transitive dependency tracing fix**
+
+- `appkit/src/configs/next.ts`: added `@grpc/**`, `protobufjs/**`, `@protobufjs/**`, `object-hash/**`, `proto3-json-serializer/**`, `long/**`, `node-fetch/**`, `abort-controller/**`, `retry-request/**`, `duplexify/**`, `uuid/**`, `lodash.camelcase/**` to `defaultOutputFileTracingIncludes["/api/**"]`
+- Fixes `MODULE_NOT_FOUND: object-hash` and `@protobufjs/*` sub-package `Cannot find module` errors in Vercel Lambdas (google-gax transitive deps)
+
+### v2.6.8 — 2026-05-14
+
+**gRPC/protobuf transitive dep tracing**
+
+- Added `grpc_node.node` native binding and `@grpc/grpc-js/**` to `defaultOutputFileTracingIncludes`
+
+### v2.6.7 — 2026-05-14
+
+**TitleBar auth buttons + role badge + employee role + avatar fix**
+
+- `TitleBarLayout`: `loginHref`/`registerHref` props; guest "Sign in"/"Register" buttons on desktop (lg+); replaced `next/image` with `<img>` for any-domain avatar support
+- `AppLayoutShell`: `registerHref` prop forwarded to `TitleBar`; `RoleBadge` overlay replaced with 16px colored dot (role initial, no text overflow)
+- `RoleBadge + Badge`: `employee` label/color/variant; `appkit-badge--employee` amber CSS (light + dark)
+- Scam awareness: `ScamAwarenessModal` client component (non-dismissible, 7 category cards, checkbox ack); `scamAwarenessAcknowledgedAt` added to `SessionUser`; `LayoutShellClient` 30-day gate
+- `LoginForm`/`RegisterForm`: `renderCreateAccountLink`, `renderForgotPasswordLink`, `renderLoginLink`, `renderTermsLink` slot props
+- Seed users: `avatarMetadata` on 3 existing users; `user-deepak-verma` (moderator) + `user-simran-kaur` (employee) with avatarMetadata
+
+### v2.6.5 — 2026-05-13
+
+**Dashboard listing quality pass + CSS var tokens**
+
+- `AdminPrizeDrawsView`: CSS var token pass replacing hardcoded zinc/red dark pairs
+- `SellerPreOrdersView`, `SellerPrizeDrawsView`: new seller listing views with URL state
+- `SELLER_PRE_ORDER_STATUS_TABS`, `SELLER_PRIZE_DRAW_STATUS_TABS` added to `filter-tabs.ts`
+- Client barrel exports for 3 new views
+
+### v2.6.4 — 2026-05-13
+
+**S-SBUNI-RULES refund/payout/shipping constants quality pass**
+
+- `REFUND_COPY` constants module — single source for all refund/shipping/sibling-payment strings
+- `PayoutRefundDeduction` interface + `applyRefundDeductionAction`
+- `buildShiprocketTrackingUrl()` + `SHIPROCKET_STATUS_PICKUP_SCHEDULED` constants
+- `TB1/TB2/MNB-1/BN-1` layout system: breakpoint `lg` governs all four; no duplicate wishlist/notificationSlot
+
+### v2.6.3 — 2026-05-13
+
+**Firebase Functions ADC cold-start fix**
+
+- `admin.ts` + `admin-app-lite.ts`: detect `FUNCTION_TARGET || K_SERVICE || FIREBASE_CONFIG || GOOGLE_APPLICATION_CREDENTIALS` → `initializeApp()` with no credential
+- Closes cold-start 500 on every HTTPS Cloud Function
+
+### v2.6.2 — 2026-05-13
+
+**S9 RBAC complete — employee permission system + team management + store capabilities**
+
+- `Permission` union (85+ strings) + `EmployeeGroup` union (18 presets) + `PERMISSION_GROUPS` bundles + `StoreCapability` flags
+- `getServerPermissions()` resolver — admin bypasses, employee gated by `permissions[]`
+- `makeAdminSectionLayout()` factory — generates per-section RSC layout with `admin:X:read` gate
+- `AdminTeamView` + `AdminEmployeeEditorView` — invite/edit/revoke employee accounts with permission group picker
+- `getStoreCapabilities()` + `storeHasCapability()` — `capabilities[]` array enforcement on auction/preorder creation
+- `AdminStoreEditorView` Capabilities section — 3 collapsible tiers with per-capability checkboxes
+- `ADMIN_NAV_GROUPS`: `requiredPermission` annotation on every item; `DashboardLayoutClient.filterAdminGroups` hides items by permissions
+- `ROUTE_PERMISSION_MAP` — maps every `/admin/[section]` path to its required read permission
+
+### v2.6.1 — 2026-05-13
+
+**S-SBUNI Phase 1 fully closed + SB-UNI-Z1/Z2/Z3 media upload reliability**
+
+- Signed-URL upload flow replacing `/api/media/upload` (SB-UNI-Z1)
+- MIME widening: `3gpp`, `3gpp2`, `x-matroska` (SB-UNI-Z2)
+- Media limits centralized in `_internal/shared/media/limits.ts` (SB-UNI-Z3)
+- `bundleStockStatus` propagation via `onProductStockChangeHandler` (SB-UNI-V)
+- Bundle → `categoryType:"bundle"` migration complete; `BUNDLES_COLLECTION` dropped
+
+### v2.6.0 — 2026-05-13
+
+**S8 Event Raffles + Spin Wheel + SB10 tab constants**
+
+- SB9 raffle/spin schema (14 raffle fields on Event, 5 on EventEntry)
+- `triggerEventRaffleAction` + `assignSpinPrizeAction` server actions (`crypto.randomInt`)
+- `SpinWheelView` + public winner page
+- Admin raffle section with manual trigger in event editor
+- `SB10` filter-tab constants: `SELLER_LISTING_TABS`, `STORE_LISTINGS_TABS`, `filter-tabs.ts` with 6 view migrations
+- SB11 homepage section builder types for `FeaturedBundles`, `PrizeDraws`, `EventRaffles`
+
+### v2.5.x — 2026-05-11 to 2026-05-13
+
+**S7 Prize Draws cohort + SB-UNI Phases 1–5**
+
+- SB4 reveal API (crypto.randomInt pool-exhaust auto-refund) + lock-on-reveal + theatrical 3.2s modal
+- 7 Firebase Functions: prizeRevealOpen/Close/Expiry/Reminder, bundleStockSync, triggerEventRaffle, assignSpinPrize
+- SB-UNI address top-level collection (`ownerType` discriminator), categories unification (sublisting/brand/bundle)
+- `listingType` migration complete: `isAuction`/`isPreOrder` booleans removed; all queries via `where("listingType","==",X)`
+- `isAuctionListing()`, `isPreOrderListing()`, `normalizeListingType()` canonical accessors
+
+### v2.4.x — 2026-05-10 to 2026-05-11
+
+**S5/S6 seed scale + S4 bundle/pre-order foundation**
+
+- Auction expansion (11→20) + bid ladder helper `buildBidLadder()`
+- Bundle schema: `SB3` stock-sync hook, admin list/edit pages, Zod hardening
+- OG edge-runtime fix: all 9 OG routes switched from `runtime="edge"` to Node runtime
+- Wishlist (20-cap), History (50-cap FIFO), Cart (50-cap) per-user one-doc pattern
+
+### v2.3.x — 2026-05-08 to 2026-05-09
+
+**S2/S3 cart, checkout, orders, SSR architecture**
+
+- `_internal/server/features/` layers: cart, orders, promotions, reviews, wishlist, history, homepage
+- `listingType` field introduced; `isAuction`/`isPreOrder` deprecated (fully removed in v2.5)
+- Support ticket schema + `SupportRepository` (BAN1)
+- Ban schema: `softBans[]`, `hardBanReason`, `hardBannedAt`; `isSoftBanned()` helper
+
+### v2.2.x — 2026-05-06 to 2026-05-07
+
+**Scam registry foundation + homepage sections + prize draws schema**
+
+- `ScammerDocument` + `scammerRepository` + 27 scam types + SCAM_CATEGORIES
+- Public scam pages: `/scams`, `/scams/[slug]`, `/scams/types`
+- Homepage sections (19 types): `SB11` full section-builder admin UI
+- `DashboardLayoutClient` + `RoleGuard` — collapsed 3 separate layout shells
+
+### v2.1.x — 2026-05-04 to 2026-05-05
+
+**Auth, addresses, messages foundation**
+
+- RTDB signal channel for Google OAuth
+- Addresses top-level collection (`SB-UNI-A`)
+- `conversationsRepository` + RTDB ping-channel for messages (D5+VC7)
+- `ScrollToTop` component; `BaseListingCard.Checkbox` + `useLongPress` card-selection pattern
+
+### v2.0.0 — 2026-05-03
+
+**Initial appkit extraction from letitrip monorepo**
+
+- Extracted from inline letitrip.in code into standalone `@mohasinac/appkit` package
+- Firebase Admin SDK entry point separation (`server.ts` vs `client.ts`)
+- `sideEffects: false` for Turbopack client-bundle safety
+- Repository pattern: `BaseRepository` with PII encryption hooks

package/dist/_internal/server/jobs/core/onScamReportCreate.d.ts

@@ -0,0 +1,12 @@
+import type { JobContext } from "../runtime/types";
+export interface HandleScamReportCreateInput {
+    scammerId: string;
+    report: {
+        reportedBy?: string;
+        displayNames?: string[];
+        scamType?: string;
+        scamPlatform?: string;
+        amountLost?: number;
+    };
+}
+export declare function handleScamReportCreate(input: HandleScamReportCreateInput, ctx: JobContext): Promise<void>;

package/dist/_internal/server/jobs/core/onScamReportCreate.js

@@ -0,0 +1,50 @@
+import { notificationRepository, userRepository } from "../../../../repositories";
+import { SCAM_TYPE_LABELS } from "../../../../features/scams/constants/scam-types";
+export async function handleScamReportCreate(input, ctx) {
+    const { scammerId, report } = input;
+    const { reportedBy, displayNames, scamType, scamPlatform, amountLost } = report;
+    const name = displayNames?.[0] ?? "Unknown";
+    // 1. Notify the reporter
+    if (reportedBy) {
+        try {
+            await notificationRepository.create({
+                userId: reportedBy,
+                type: "account_action",
+                title: "Scam report submitted",
+                body: `Your report for "${name}" has been received. Our team will review it within 48 hours.`,
+                isRead: false,
+                entityId: scammerId,
+                entityType: "scammer",
+                createdAt: new Date(),
+            });
+        }
+        catch (err) {
+            ctx.logger.error("Failed to notify reporter (non-fatal)", err, { scammerId, reportedBy });
+        }
+    }
+    // 2. Notify all employees with admin:scammers:read permission
+    try {
+        const result = await userRepository.list({
+            filters: "role==employee",
+            page: 1,
+            pageSize: 100,
+        });
+        const scamTypeLabel = scamType ? (SCAM_TYPE_LABELS[scamType] ?? scamType) : "Unknown";
+        const amountStr = amountLost ? ` ₹${(amountLost / 100).toLocaleString("en-IN")}` : "";
+        const platformStr = scamPlatform ? ` via ${scamPlatform}` : "";
+        await Promise.all(result.items.map((employee) => notificationRepository.create({
+            userId: employee.id,
+            type: "account_action",
+            title: "New scam report submitted",
+            body: `A report was submitted for "${name}" — ${scamTypeLabel}${platformStr}.${amountStr}`,
+            isRead: false,
+            entityId: scammerId,
+            entityType: "scammer",
+            createdAt: new Date(),
+        }).catch((err) => ctx.logger.error("Failed to notify employee (non-fatal)", err, { scammerId, employeeId: employee.id }))));
+    }
+    catch (err) {
+        ctx.logger.error("Failed to query employees for scam notification (non-fatal)", err, { scammerId });
+    }
+    ctx.logger.info("onScamReportCreate complete", { scammerId, reportedBy });
+}

package/dist/_internal/server/jobs/core/onScamReportRejected.d.ts

@@ -0,0 +1,11 @@
+import type { JobContext } from "../runtime/types";
+export interface HandleScamReportRejectedInput {
+    scammerId: string;
+    report: {
+        reportedBy?: string;
+        displayNames?: string[];
+        prevStatus?: string;
+        nextStatus?: string;
+    };
+}
+export declare function handleScamReportRejected(input: HandleScamReportRejectedInput, ctx: JobContext): Promise<void>;

package/dist/_internal/server/jobs/core/onScamReportRejected.js

@@ -0,0 +1,28 @@
+import { notificationRepository } from "../../../../repositories";
+export async function handleScamReportRejected(input, ctx) {
+    const { scammerId, report } = input;
+    const { reportedBy, displayNames, prevStatus, nextStatus } = report;
+    if (prevStatus === nextStatus)
+        return;
+    if (nextStatus !== "rejected")
+        return;
+    if (!reportedBy)
+        return;
+    const name = displayNames?.[0] ?? "Unknown";
+    try {
+        await notificationRepository.create({
+            userId: reportedBy,
+            type: "account_action",
+            title: "Scam report not verified",
+            body: `Your report for "${name}" could not be verified with the evidence provided. You may submit a new report with additional evidence.`,
+            isRead: false,
+            entityId: scammerId,
+            entityType: "scammer",
+            createdAt: new Date(),
+        });
+    }
+    catch (err) {
+        ctx.logger.error("Failed to notify reporter of rejection (non-fatal)", err, { scammerId, reportedBy });
+    }
+    ctx.logger.info("onScamReportRejected complete", { scammerId, reportedBy });
+}

package/dist/_internal/server/jobs/core/onScamReportVerified.d.ts

@@ -0,0 +1,11 @@
+import type { JobContext } from "../runtime/types";
+export interface HandleScamReportVerifiedInput {
+    scammerId: string;
+    report: {
+        reportedBy?: string;
+        displayNames?: string[];
+        prevStatus?: string;
+        nextStatus?: string;
+    };
+}
+export declare function handleScamReportVerified(input: HandleScamReportVerifiedInput, ctx: JobContext): Promise<void>;

package/dist/_internal/server/jobs/core/onScamReportVerified.js

@@ -0,0 +1,28 @@
+import { notificationRepository } from "../../../../repositories";
+export async function handleScamReportVerified(input, ctx) {
+    const { scammerId, report } = input;
+    const { reportedBy, displayNames, prevStatus, nextStatus } = report;
+    if (prevStatus === nextStatus)
+        return;
+    if (nextStatus !== "verified")
+        return;
+    if (!reportedBy)
+        return;
+    const name = displayNames?.[0] ?? "Unknown";
+    try {
+        await notificationRepository.create({
+            userId: reportedBy,
+            type: "account_action",
+            title: "Your scam report was verified",
+            body: `The report for "${name}" has been verified and published to the Scam Registry. Thank you for helping protect the community.`,
+            isRead: false,
+            entityId: scammerId,
+            entityType: "scammer",
+            createdAt: new Date(),
+        });
+    }
+    catch (err) {
+        ctx.logger.error("Failed to notify reporter of verification (non-fatal)", err, { scammerId, reportedBy });
+    }
+    ctx.logger.info("onScamReportVerified complete", { scammerId, reportedBy });
+}

package/dist/_internal/server/jobs/handlers/index.d.ts

@@ -44,3 +44,5 @@ export { assignSpinPrizeHandler } from "./assignSpinPrize";
 export { onSupportTicketCreateHandler } from "./onSupportTicketCreate";
 export { onSupportTicketUpdateHandler } from "./onSupportTicketUpdate";
 export { onUserBanChangeHandler } from "./onUserBanChange";
+export { onScamReportCreateHandler } from "./onScamReportCreate";
+export { onScamReportUpdateHandler } from "./onScamReportUpdate";

package/dist/_internal/server/jobs/handlers/index.js

@@ -50,3 +50,6 @@ export { assignSpinPrizeHandler } from "./assignSpinPrize";
 export { onSupportTicketCreateHandler } from "./onSupportTicketCreate";
 export { onSupportTicketUpdateHandler } from "./onSupportTicketUpdate";
 export { onUserBanChangeHandler } from "./onUserBanChange";
+// SCAM8 — scam report notifications
+export { onScamReportCreateHandler } from "./onScamReportCreate";
+export { onScamReportUpdateHandler } from "./onScamReportUpdate";

package/dist/_internal/server/jobs/handlers/onScamReportCreate.d.ts

@@ -0,0 +1,2 @@
+import type { FirestoreTriggerHandler } from "../runtime/types";
+export declare const onScamReportCreateHandler: FirestoreTriggerHandler<null, Record<string, unknown>>;

package/dist/_internal/server/jobs/handlers/onScamReportCreate.js

@@ -0,0 +1,7 @@
+import { handleScamReportCreate } from "../core/onScamReportCreate";
+export const onScamReportCreateHandler = async (event, ctx) => {
+    const report = event.after;
+    if (!report)
+        return;
+    await handleScamReportCreate({ scammerId: event.params.scammerId, report }, ctx);
+};

package/dist/_internal/server/jobs/handlers/onScamReportUpdate.d.ts

@@ -0,0 +1,2 @@
+import type { FirestoreTriggerHandler } from "../runtime/types";
+export declare const onScamReportUpdateHandler: FirestoreTriggerHandler<Record<string, unknown>, Record<string, unknown>>;

package/dist/_internal/server/jobs/handlers/onScamReportUpdate.js

@@ -0,0 +1,25 @@
+import { handleScamReportVerified } from "../core/onScamReportVerified";
+import { handleScamReportRejected } from "../core/onScamReportRejected";
+export const onScamReportUpdateHandler = async (event, ctx) => {
+    const before = event.before;
+    const after = event.after;
+    if (!after)
+        return;
+    const prevStatus = before?.status;
+    const nextStatus = after.status;
+    const baseInput = {
+        scammerId: event.params.scammerId,
+        report: {
+            reportedBy: (after.reportedBy ?? before?.reportedBy),
+            displayNames: (after.displayNames ?? before?.displayNames),
+            prevStatus,
+            nextStatus,
+        },
+    };
+    if (nextStatus === "verified") {
+        await handleScamReportVerified(baseInput, ctx);
+    }
+    else if (nextStatus === "rejected") {
+        await handleScamReportRejected(baseInput, ctx);
+    }
+};

package/dist/client.d.ts

@@ -189,3 +189,5 @@ export { LISTING_TYPE_REGISTRY, pluginFor } from "./_internal/shared/listing-typ
 export type { ListingTypePlugin } from "./_internal/shared/listing-types/_registry";
 export { MEGABYTE, MAX_IMAGE_BYTES, MAX_PDF_BYTES, MAX_VIDEO_BYTES, MAX_LABEL, MAX_BYTES, ALLOWED_IMAGE_MIMES, ALLOWED_VIDEO_MIMES, ALLOWED_DOC_MIMES, ALLOWED_MIMES, ALLOWED_TYPES_LABEL, MIME_TO_EXT, PDF_MAGIC, VIDEO_CONVERSION_HINTS, classifyMime, isAllowedMime, maxBytesFor, getConversionHint, } from "./_internal/shared/media/limits";
 export type { MediaKind, AllowedImageMime, AllowedVideoMime, AllowedDocMime, AllowedMime, } from "./_internal/shared/media/limits";
+export { ScamAwarenessModal } from "./features/scams/components/ScamAwarenessModal";
+export type { ScamAwarenessModalProps } from "./features/scams/components/ScamAwarenessModal";

package/dist/client.js

@@ -218,3 +218,4 @@ export { LISTING_TYPE_CAPABILITIES, capabilityFor, canAddToCart, canBid, support
 export { LISTING_TYPE_REGISTRY, pluginFor } from "./_internal/shared/listing-types/_registry";
 // Media upload limits — shared by client uploaders + server sign/finalize routes.
 export { MEGABYTE, MAX_IMAGE_BYTES, MAX_PDF_BYTES, MAX_VIDEO_BYTES, MAX_LABEL, MAX_BYTES, ALLOWED_IMAGE_MIMES, ALLOWED_VIDEO_MIMES, ALLOWED_DOC_MIMES, ALLOWED_MIMES, ALLOWED_TYPES_LABEL, MIME_TO_EXT, PDF_MAGIC, VIDEO_CONVERSION_HINTS, classifyMime, isAllowedMime, maxBytesFor, getConversionHint, } from "./_internal/shared/media/limits";
+export { ScamAwarenessModal } from "./features/scams/components/ScamAwarenessModal";

package/dist/configs/next.js

@@ -97,6 +97,7 @@ export function defineNextConfig(override = {}) {
             "./node_modules/@grpc/**",
             // Transitive deps of google-gax / @grpc hoisted to root node_modules
             "./node_modules/protobufjs/**",
+            "./node_modules/@protobufjs/**",
             "./node_modules/object-hash/**",
             "./node_modules/proto3-json-serializer/**",
             "./node_modules/long/**",
@@ -105,6 +106,7 @@ export function defineNextConfig(override = {}) {
             "./node_modules/retry-request/**",
             "./node_modules/duplexify/**",
             "./node_modules/uuid/**",
+            "./node_modules/lodash.camelcase/**",
         ],
     };
     const mergedOutputFileTracingIncludes = {

package/dist/features/scams/components/ScamAwarenessModal.d.ts

@@ -0,0 +1,5 @@
+export interface ScamAwarenessModalProps {
+    isOpen: boolean;
+    onAcknowledged: () => void;
+}
+export declare function ScamAwarenessModal({ isOpen, onAcknowledged }: ScamAwarenessModalProps): import("react/jsx-runtime").JSX.Element;

package/dist/features/scams/components/ScamAwarenessModal.js

@@ -0,0 +1,31 @@
+"use client";
+import { jsx as _jsx, jsxs as _jsxs } from "react/jsx-runtime";
+import { useState } from "react";
+import { useMutation, useQueryClient } from "@tanstack/react-query";
+import { Shield, IndianRupee, UserX, CreditCard, Package, UserCheck, ShieldAlert, Truck } from "lucide-react";
+import { Modal, Stack, Row, Text, Checkbox } from "../../../ui";
+import { apiClient } from "../../../http";
+import { ACCOUNT_ENDPOINTS } from "../../../constants/api-endpoints";
+import { SCAM_CATEGORIES } from "../constants/scam-types";
+import { ROUTES } from "../../../next/routing/route-map";
+const CATEGORY_ICONS = {
+    price_manipulation: _jsx(IndianRupee, { className: "h-5 w-5" }),
+    social_engineering: _jsx(UserX, { className: "h-5 w-5" }),
+    payment_fraud: _jsx(CreditCard, { className: "h-5 w-5" }),
+    preorder_delivery_fraud: _jsx(Package, { className: "h-5 w-5" }),
+    identity_impersonation: _jsx(UserCheck, { className: "h-5 w-5" }),
+    item_authenticity_fraud: _jsx(ShieldAlert, { className: "h-5 w-5" }),
+    logistics_fraud: _jsx(Truck, { className: "h-5 w-5" }),
+};
+export function ScamAwarenessModal({ isOpen, onAcknowledged }) {
+    const [checked, setChecked] = useState(false);
+    const queryClient = useQueryClient();
+    const mutation = useMutation({
+        mutationFn: () => apiClient.patch(ACCOUNT_ENDPOINTS.PROFILE, { acknowledgeScamAwareness: true }),
+        onSuccess: () => {
+            queryClient.invalidateQueries({ queryKey: ["auth", "me"] });
+            onAcknowledged();
+        },
+    });
+    return (_jsx(Modal, { isOpen: isOpen, onClose: () => { }, showCloseButton: false, size: "lg", title: _jsxs(Row, { gap: "sm", align: "center", children: [_jsx(Shield, { className: "h-5 w-5 text-[color:var(--appkit-color-warning,theme(colors.amber.500))]" }), _jsx("span", { children: "Before you start \u2014 Stay Safe on LetItRip" })] }), actions: _jsx(Row, { gap: "sm", justify: "end", className: "w-full", children: _jsx("button", { className: "appkit-button appkit-button--primary appkit-button--md", disabled: !checked || mutation.isPending, onClick: () => mutation.mutate(), children: mutation.isPending ? "Saving…" : "Continue to LetItRip →" }) }), children: _jsxs(Stack, { gap: "md", children: [_jsx(Text, { variant: "secondary", className: "text-sm", children: "LetItRip connects you with verified sellers, but collectibles markets attract scams. Take 60 seconds to learn the most common patterns \u2014 it could save your money." }), _jsx("div", { className: "grid grid-cols-1 gap-3 sm:grid-cols-2", children: SCAM_CATEGORIES.map((cat) => (_jsxs("div", { className: "flex gap-3 rounded-lg border border-[color:var(--appkit-color-border,theme(colors.zinc.200))] bg-[color:var(--appkit-color-surface,theme(colors.zinc.50))] p-3", children: [_jsx("span", { className: "mt-0.5 flex h-8 w-8 shrink-0 items-center justify-center rounded-md bg-[color:var(--appkit-color-warning,theme(colors.amber.500))]/10 text-[color:var(--appkit-color-warning,theme(colors.amber.600))]", children: CATEGORY_ICONS[cat.id] ?? _jsx(Shield, { className: "h-4 w-4" }) }), _jsxs(Stack, { gap: "none", children: [_jsx(Text, { weight: "semibold", className: "text-sm", children: cat.label }), _jsx(Text, { variant: "secondary", className: "text-xs leading-relaxed", children: cat.description })] })] }, cat.id))) }), _jsxs(Row, { gap: "md", className: "flex-wrap text-sm", children: [_jsx("a", { href: String(ROUTES.PUBLIC.SCAM_TYPES), target: "_blank", rel: "noopener noreferrer", className: "text-[color:var(--appkit-color-primary,theme(colors.blue.600))] hover:underline", children: "See all 27 scam types \u2192" }), _jsx("a", { href: String(ROUTES.PUBLIC.SCAM_FAQS), target: "_blank", rel: "noopener noreferrer", className: "text-[color:var(--appkit-color-primary,theme(colors.blue.600))] hover:underline", children: "Common scam FAQs \u2192" })] }), mutation.isError && (_jsx(Text, { variant: "error", className: "text-sm", children: "Something went wrong \u2014 please try again." })), _jsx(Checkbox, { id: "scam-awareness-ack", checked: checked, onChange: (e) => setChecked(e.target.checked), label: "I have read the above and understand the risks of buying and selling collectibles online." })] }) }));
+}

package/dist/features/scams/components/index.d.ts

@@ -2,3 +2,5 @@ export { ScamRegistryView } from "./ScamRegistryView";
 export type { ScamRegistryViewProps } from "./ScamRegistryView";
 export { ScamProfileView } from "./ScamProfileView";
 export type { ScamProfileViewProps } from "./ScamProfileView";
+export { ScamAwarenessModal } from "./ScamAwarenessModal";
+export type { ScamAwarenessModalProps } from "./ScamAwarenessModal";

package/dist/features/scams/components/index.js

@@ -1,2 +1,3 @@
 export { ScamRegistryView } from "./ScamRegistryView";
 export { ScamProfileView } from "./ScamProfileView";
+export { ScamAwarenessModal } from "./ScamAwarenessModal";

package/dist/index.d.ts

@@ -528,7 +528,8 @@ export { storeRepository } from "./repositories/index";
 export { scammerRepository } from "./repositories/index";
 export { supportRepository, SupportRepository } from "./repositories/index";
 export type { SupportTicketDocument, SupportTicketCreateInput, SupportTicketUpdateInput, TicketMessage, TicketCategory, TicketStatus, TicketPriority, } from "./repositories/index";
-export { ELIGIBLE_ORDER_STATUSES_FOR_TICKET } from "./features/support/schemas/firestore";
+export { ELIGIBLE_ORDER_STATUSES_FOR_TICKET, SUPPORT_TICKET_COLLECTION, ACTIVE_TICKET_STATUSES, TicketCategoryValues, TicketStatusValues, TicketPriorityValues, } from "./features/support/schemas/firestore";
+export { supportTicketsSeedData } from "./seed/index";
 export { productFeaturesRepository } from "./repositories/index";
 export type { ProductFeatureListFilter } from "./repositories/index";
 export { loadProductFeaturesForStore } from "./repositories/index";
@@ -875,7 +876,6 @@ export type { ShiprocketTrackingResponse } from "./providers/shipping-shiprocket
 export type { ShiprocketVerifyPickupOTPRequest } from "./providers/shipping-shiprocket/index";
 export type { ShiprocketVerifyPickupOTPResponse } from "./providers/shipping-shiprocket/index";
 export type { ShiprocketWebhookPayload } from "./providers/shipping-shiprocket/index";
-export { firebaseStorageProvider } from "./providers/storage-firebase/index";
 export { STORAGE_PATHS } from "./providers/storage-firebase/client";
 export { createStorageHelpers } from "./providers/storage-firebase/client";
 export { validateFileSize } from "./providers/storage-firebase/client";
@@ -3028,6 +3028,8 @@ export { ScamRegistryView } from "./features/scams/components/ScamRegistryView";
 export type { ScamRegistryViewProps } from "./features/scams/components/ScamRegistryView";
 export { ScamProfileView } from "./features/scams/components/ScamProfileView";
 export type { ScamProfileViewProps } from "./features/scams/components/ScamProfileView";
+export { ScamAwarenessModal } from "./features/scams/components/ScamAwarenessModal";
+export type { ScamAwarenessModalProps } from "./features/scams/components/ScamAwarenessModal";
 export { listVerifiedScammers, getPublicScammerById, getScammerProfilePageData, } from "./features/scams/actions/scam-actions";
 export type { ScammerProfilePageData } from "./features/scams/actions/scam-actions";
 export type { ScammerListResult } from "./features/scams/actions/scam-actions";

package/dist/index.js

@@ -1084,7 +1084,9 @@ export { storeRepository } from "./repositories/index";
 export { scammerRepository } from "./repositories/index";
 // supportRepository - Server-only repository for support tickets (BAN1).
 export { supportRepository, SupportRepository } from "./repositories/index";
-export { ELIGIBLE_ORDER_STATUSES_FOR_TICKET } from "./features/support/schemas/firestore";
+export { ELIGIBLE_ORDER_STATUSES_FOR_TICKET, SUPPORT_TICKET_COLLECTION, ACTIVE_TICKET_STATUSES, TicketCategoryValues, TicketStatusValues, TicketPriorityValues, } from "./features/support/schemas/firestore";
+// Support tickets — seed data
+export { supportTicketsSeedData } from "./seed/index";
 // SB-UNI-B — sublistingCategoriesRepository + SublistingCategoryDocument deleted.
 // Use categoriesRepository.findBySlugAndType(slug, "sublisting") and CategoryDocument with categoryType:"sublisting".
 // [DB]-Database layer — uses firebase-admin; server-only.
@@ -1806,10 +1808,6 @@ export { shiprocketTrackByAWB } from "./providers/shipping-shiprocket/index";
 // [SERVER-ONLY]-Server-only — uses Node.js, Next.js server internals, or third-party server SDKs (auth, email, payment, shipping).
 // shiprocketVerifyPickupOTP - Shared export for shiprocket verify pickup otp.
 export { shiprocketVerifyPickupOTP } from "./providers/shipping-shiprocket/index";
-// ./providers/storage-firebase/index
-// [CLIENT-SSR]-Runs in both SSR and browser — React component or hook that does not depend on browser-only APIs.
-// firebaseStorageProvider - Component for firebase storage provider.
-export { firebaseStorageProvider } from "./providers/storage-firebase/index";
 // ./providers/storage-firebase/client
 // [CLIENT-SSR]-Runs in both SSR and browser — React component or hook that does not depend on browser-only APIs.
 // STORAGE_PATHS - Constant used across modules.
@@ -5496,6 +5494,7 @@ export { SCAM_TYPES, SCAM_CATEGORIES, SCAM_TYPE_LABELS, SCAM_CATEGORY_LABELS, ge
 // Scam Registry view components (SCAM3–SCAM4)
 export { ScamRegistryView } from "./features/scams/components/ScamRegistryView";
 export { ScamProfileView } from "./features/scams/components/ScamProfileView";
+export { ScamAwarenessModal } from "./features/scams/components/ScamAwarenessModal";
 // Scam server actions
 export { listVerifiedScammers, getPublicScammerById, getScammerProfilePageData, } from "./features/scams/actions/scam-actions";
 // --- Shell primitives (UX1/UX2/UX3/UX6) ----------------------------------------

package/dist/jobs.d.ts

@@ -20,5 +20,5 @@
  *     listingProcessorHandler,
  *   } from "@mohasinac/appkit/jobs";
  */
-export { couponExpiryHandler, offerExpiryHandler, cartPruneHandler, notificationPruneHandler, dailyDataCleanupHandler, cleanupRtdbEventsHandler, auctionSettlementHandler, autoPayoutEligibilityHandler, countersReconcileHandler, onOrderCreateHandler, onOrderStatusChangeHandler, onBidPlacedHandler, onReviewWriteHandler, promotionsHandler, mediaTmpCleanupHandler, pendingOrderTimeoutHandler, productStatsSyncHandler, positionsReconcileHandler, payoutBatchHandler, weeklyPayoutEligibilityHandler, onCategoryWriteHandler, onProductWriteHandler, onStoreWriteHandler, adminAnalyticsHandler, storeAnalyticsHandler, listingProcessorHandler, supportedListingCollections, prizeRevealOpenHandler, prizeRevealCloseHandler, prizeRevealExpiryHandler, prizeRevealReminderHandler, bundleStockSyncHandler, onProductStockChangeHandler, triggerEventRaffleHandler, assignSpinPrizeHandler, onSupportTicketCreateHandler, onSupportTicketUpdateHandler, onUserBanChangeHandler, bindSchedule, bindDocumentWritten, bindDocumentCreated, bindDocumentUpdated, bindCallable, bindHttps, bindToFirebase, } from "./_internal/server/jobs/index.js";
+export { couponExpiryHandler, offerExpiryHandler, cartPruneHandler, notificationPruneHandler, dailyDataCleanupHandler, cleanupRtdbEventsHandler, auctionSettlementHandler, autoPayoutEligibilityHandler, countersReconcileHandler, onOrderCreateHandler, onOrderStatusChangeHandler, onBidPlacedHandler, onReviewWriteHandler, promotionsHandler, mediaTmpCleanupHandler, pendingOrderTimeoutHandler, productStatsSyncHandler, positionsReconcileHandler, payoutBatchHandler, weeklyPayoutEligibilityHandler, onCategoryWriteHandler, onProductWriteHandler, onStoreWriteHandler, adminAnalyticsHandler, storeAnalyticsHandler, listingProcessorHandler, supportedListingCollections, prizeRevealOpenHandler, prizeRevealCloseHandler, prizeRevealExpiryHandler, prizeRevealReminderHandler, bundleStockSyncHandler, onProductStockChangeHandler, triggerEventRaffleHandler, assignSpinPrizeHandler, onSupportTicketCreateHandler, onSupportTicketUpdateHandler, onUserBanChangeHandler, onScamReportCreateHandler, onScamReportUpdateHandler, bindSchedule, bindDocumentWritten, bindDocumentCreated, bindDocumentUpdated, bindCallable, bindHttps, bindToFirebase, } from "./_internal/server/jobs/index.js";
 export type { PromotionsCallableResult, AdminAnalyticsResult, StoreAnalyticsInput, StoreAnalyticsResult, ListingRequestBody, ListingResponseBody, JobContext, JobLogger, JobHandlers, ScheduleHandler, FirestoreTriggerHandler, FirestoreTriggerEvent, CallableHandler, BindHttpsOptions, } from "./_internal/server/jobs/index.js";

package/dist/jobs.js

@@ -29,5 +29,7 @@ prizeRevealOpenHandler, prizeRevealCloseHandler, prizeRevealExpiryHandler, prize
 onProductStockChangeHandler, triggerEventRaffleHandler, assignSpinPrizeHandler, 
 // BAN9 — support ticket lifecycle + ban audit trail
 onSupportTicketCreateHandler, onSupportTicketUpdateHandler, onUserBanChangeHandler, 
+// SCAM8 — scam report notifications
+onScamReportCreateHandler, onScamReportUpdateHandler, 
 // Firebase binder adapter
 bindSchedule, bindDocumentWritten, bindDocumentCreated, bindDocumentUpdated, bindCallable, bindHttps, bindToFirebase, } from "./_internal/server/jobs/index.js";

package/dist/react/contexts/SessionContext.d.ts

@@ -29,6 +29,7 @@ export interface SessionUser {
     publicProfile?: Record<string, unknown>;
     stats?: Record<string, unknown>;
     metadata?: Record<string, unknown>;
+    scamAwarenessAcknowledgedAt?: Date | null;
 }
 export interface SessionContextValue {
     user: SessionUser | null;

package/dist/react/contexts/SessionContext.js

@@ -71,6 +71,9 @@ function buildSessionUser(authUser, serverData) {
         publicProfile: serverData.publicProfile,
         stats: serverData.stats,
         metadata: serverData.metadata,
+        scamAwarenessAcknowledgedAt: serverData.scamAwarenessAcknowledgedAt
+            ? new Date(serverData.scamAwarenessAcknowledgedAt)
+            : null,
     };
 }
 // ---------------------------------------------------------------------------
@@ -134,6 +137,9 @@ export function SessionProvider({ children, initialUser, endpoints: endpointOver
                 publicProfile: data.publicProfile,
                 stats: data.stats,
                 metadata: data.metadata,
+                scamAwarenessAcknowledgedAt: data.scamAwarenessAcknowledgedAt
+                    ? new Date(data.scamAwarenessAcknowledgedAt)
+                    : null,
             };
         }
         catch {

package/dist/seed/actions/demo-seed-actions.d.ts

@@ -6,7 +6,7 @@
  * the actual collection-specific seeding logic (800+ lines with PII encryption,
  * Auth user creation, subcollection handling, etc.).
  */
-export type SeedCollectionName = "users" | "addresses" | "categories" | "stores" | "products" | "orders" | "reviews" | "bids" | "coupons" | "carousels" | "carouselSlides" | "homepageSections" | "siteSettings" | "faqs" | "notifications" | "payouts" | "blogPosts" | "events" | "eventEntries" | "sessions" | "carts" | "wishlists" | "history" | "conversations" | "groupedListings" | "scammerProfiles" | "productFeatures";
+export type SeedCollectionName = "users" | "addresses" | "categories" | "stores" | "products" | "orders" | "reviews" | "bids" | "coupons" | "carousels" | "carouselSlides" | "homepageSections" | "siteSettings" | "faqs" | "notifications" | "payouts" | "blogPosts" | "events" | "eventEntries" | "sessions" | "carts" | "wishlists" | "history" | "conversations" | "groupedListings" | "scammerProfiles" | "supportTickets" | "productFeatures";
 export interface SeedOperationResult {
     success?: boolean;
     message: string;

package/dist/seed/index.d.ts

@@ -70,6 +70,7 @@ export { historySeedData } from "./history-seed-data";
 export { conversationsSeedData } from "./conversations-seed-data";
 export { groupedListingsSeedData } from "./grouped-listings-seed-data";
 export { scammersSeedData } from "./scammers-seed-data";
+export { supportTicketsSeedData } from "./support-tickets-seed-data";
 export { productFeaturesSeedData } from "./product-features-seed-data";
 export type { SeedManifest, SeedManifestEntry } from "./manifest";
 export { SEED_MANIFEST } from "./manifest";