@mymehq/sdk 5.3.0 → 5.5.0

package/dist/index.d.ts

@@ -113,6 +113,14 @@ interface UpdateOptions {
     /** Toggle the tier (`library` ↔ `feed`). Independent of the version-merge
      *  path for `properties`; a tier-only update never conflicts. */
     tier?: Tier;
+    /**
+     * Repoint the item at a new natural-key identifier under the caller's
+     * stamped `source`. The server enforces `(source, source_id)` uniqueness
+     * per tenant — a collision returns HTTP 409 `source_id_conflict`. PATCHing
+     * the value the item already carries is a no-op success. Used by the
+     * sync-agent (T-118) to preserve item identity through file renames.
+     */
+    source_id?: string;
     /**
      * Item type. Required by the `auto` strategy when a `keep_both_copies`
      * conflict spawns a sibling item. Omit to let the SDK pre-fetch it —
@@ -790,6 +798,33 @@ declare class MymeClient {
             list: (tenantId: string) => Promise<TenantApiKeySummary[]>;
         };
     };
+    /**
+     * Account-lifecycle surface (T-116).
+     *
+     * The data plane (every other namespace on the client) authenticates
+     * with a bearer token; these account-management endpoints accept
+     * EITHER a bearer (workspace_admin / admin in the user's tenant)
+     * OR a better-auth session cookie. The CLI flow uses a bearer (the
+     * user's own key); web flows use the cookie. The transport sends
+     * the bearer header by default, so SDK callers operating with a
+     * bearer just work.
+     */
+    readonly auth: {
+        account: {
+            /** Initiate deletion. Mints a confirm token and dispatches the
+             *  confirmation email. Returns when the request is accepted
+             *  (HTTP 202). Idempotent within the token TTL. */
+            requestDelete: () => Promise<void>;
+            /** Consume a confirmation token. The server's GET response is an
+             *  HTML page intended for the email recipient's browser; this
+             *  helper exposes the same effect to programmatic callers (CLI
+             *  / integration tests). Throws on bad / expired tokens. */
+            confirmDelete: (token: string) => Promise<void>;
+            /** Cancel an in-flight deletion (session-cookie or bearer path).
+             *  Throws if the account is not in pending-deletion. */
+            cancel: () => Promise<void>;
+        };
+    };
     /**
      * The calling user's profile. `system.profile` is a virtual type —
      * served by a dedicated endpoint over the `users` table joined to

package/dist/index.js

@@ -289,7 +289,7 @@ function toConflictError(response, clientPatch) {
     clientPatch
   );
 }
-async function handleConflictUpdate(transport, itemId, itemType, clientPatch, version, strategy, resolver, tier, onAutoMerge) {
+async function handleConflictUpdate(transport, itemId, itemType, clientPatch, version, strategy, resolver, tier, onAutoMerge, sourceId) {
   let properties = clientPatch;
   let currentVersion = version;
   let pendingAutoMergeEvent;
@@ -298,7 +298,8 @@ async function handleConflictUpdate(transport, itemId, itemType, clientPatch, ve
       body: {
         properties,
         version: currentVersion,
-        ...tier !== void 0 && { tier }
+        ...tier !== void 0 && { tier },
+        ...sourceId !== void 0 && { source_id: sourceId }
       }
     });
     if (!isConflictResponse(result)) {
@@ -473,7 +474,8 @@ var MymeClient = class {
         strategy,
         options?.resolve,
         options?.tier,
-        onAutoMerge
+        onAutoMerge,
+        options?.source_id
       );
     },
     delete: async (id) => {
@@ -1200,6 +1202,54 @@ var MymeClient = class {
       }
     }
   };
+  // ---- Auth (T-116) ----
+  /**
+   * Account-lifecycle surface (T-116).
+   *
+   * The data plane (every other namespace on the client) authenticates
+   * with a bearer token; these account-management endpoints accept
+   * EITHER a bearer (workspace_admin / admin in the user's tenant)
+   * OR a better-auth session cookie. The CLI flow uses a bearer (the
+   * user's own key); web flows use the cookie. The transport sends
+   * the bearer header by default, so SDK callers operating with a
+   * bearer just work.
+   */
+  auth = {
+    account: {
+      /** Initiate deletion. Mints a confirm token and dispatches the
+       *  confirmation email. Returns when the request is accepted
+       *  (HTTP 202). Idempotent within the token TTL. */
+      requestDelete: async () => {
+        await this.transport.request(
+          "POST",
+          "/auth/account/delete"
+        );
+      },
+      /** Consume a confirmation token. The server's GET response is an
+       *  HTML page intended for the email recipient's browser; this
+       *  helper exposes the same effect to programmatic callers (CLI
+       *  / integration tests). Throws on bad / expired tokens. */
+      confirmDelete: async (token) => {
+        const res = await this.transport.rawRequest(
+          "GET",
+          `/auth/account/delete/confirm?token=${encodeURIComponent(token)}`
+        );
+        if (!res.ok) {
+          throw new Error(
+            `Account-delete confirm failed (${String(res.status)})`
+          );
+        }
+      },
+      /** Cancel an in-flight deletion (session-cookie or bearer path).
+       *  Throws if the account is not in pending-deletion. */
+      cancel: async () => {
+        await this.transport.request(
+          "POST",
+          "/auth/account/delete/cancel"
+        );
+      }
+    }
+  };
   // ---- Profile (T-074) ----
   /**
    * The calling user's profile. `system.profile` is a virtual type —

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@mymehq/sdk",
-  "version": "5.3.0",
+  "version": "5.5.0",
   "type": "module",
   "publishConfig": {
     "registry": "https://registry.npmjs.org",
@@ -20,7 +20,7 @@
     "dist"
   ],
   "dependencies": {
-    "@mymehq/shared": "5.3.0"
+    "@mymehq/shared": "5.5.0"
   },
   "devDependencies": {
     "@types/node": "^22.0.0",