@neetru/sdk 3.1.4 → 3.1.7
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +9 -0
- package/README.md +8 -4
- package/dist/auth.cjs +35 -9
- package/dist/auth.cjs.map +1 -1
- package/dist/auth.d.cts +1 -1
- package/dist/auth.d.ts +1 -1
- package/dist/auth.mjs +35 -9
- package/dist/auth.mjs.map +1 -1
- package/dist/catalog.cjs.map +1 -1
- package/dist/catalog.d.cts +1 -1
- package/dist/catalog.d.ts +1 -1
- package/dist/catalog.mjs.map +1 -1
- package/dist/checkout.cjs.map +1 -1
- package/dist/checkout.d.cts +1 -1
- package/dist/checkout.d.ts +1 -1
- package/dist/checkout.mjs.map +1 -1
- package/dist/db-react.d.cts +1 -1
- package/dist/db-react.d.ts +1 -1
- package/dist/db.cjs.map +1 -1
- package/dist/db.d.cts +1 -1
- package/dist/db.d.ts +1 -1
- package/dist/db.mjs.map +1 -1
- package/dist/entitlements.cjs.map +1 -1
- package/dist/entitlements.d.cts +1 -1
- package/dist/entitlements.d.ts +1 -1
- package/dist/entitlements.mjs.map +1 -1
- package/dist/errors.cjs.map +1 -1
- package/dist/errors.d.cts +8 -8
- package/dist/errors.d.ts +8 -8
- package/dist/errors.mjs.map +1 -1
- package/dist/firestore-compat.d.cts +1 -1
- package/dist/firestore-compat.d.ts +1 -1
- package/dist/index.cjs +36 -10
- package/dist/index.cjs.map +1 -1
- package/dist/index.d.cts +3 -3
- package/dist/index.d.ts +3 -3
- package/dist/index.mjs +36 -10
- package/dist/index.mjs.map +1 -1
- package/dist/mocks.cjs +26 -7
- package/dist/mocks.cjs.map +1 -1
- package/dist/mocks.d.cts +24 -7
- package/dist/mocks.d.ts +24 -7
- package/dist/mocks.mjs +26 -7
- package/dist/mocks.mjs.map +1 -1
- package/dist/notifications.cjs.map +1 -1
- package/dist/notifications.d.cts +1 -1
- package/dist/notifications.d.ts +1 -1
- package/dist/notifications.mjs.map +1 -1
- package/dist/react.d.cts +1 -1
- package/dist/react.d.ts +1 -1
- package/dist/support.cjs.map +1 -1
- package/dist/support.d.cts +1 -1
- package/dist/support.d.ts +1 -1
- package/dist/support.mjs.map +1 -1
- package/dist/telemetry.cjs.map +1 -1
- package/dist/telemetry.d.cts +1 -1
- package/dist/telemetry.d.ts +1 -1
- package/dist/telemetry.mjs.map +1 -1
- package/dist/{types-DvMdYbfV.d.cts → types-BXvGHppn.d.cts} +8 -0
- package/dist/{types-CRIIjqzC.d.ts → types-CQVak2a3.d.ts} +8 -0
- package/dist/usage.cjs.map +1 -1
- package/dist/usage.d.cts +1 -1
- package/dist/usage.d.ts +1 -1
- package/dist/usage.mjs.map +1 -1
- package/dist/webhooks.cjs.map +1 -1
- package/dist/webhooks.d.cts +1 -1
- package/dist/webhooks.d.ts +1 -1
- package/dist/webhooks.mjs.map +1 -1
- package/package.json +156 -156
package/CHANGELOG.md
CHANGED
|
@@ -5,6 +5,15 @@ All notable changes to `@neetru/sdk` will be documented in this file.
|
|
|
5
5
|
The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/),
|
|
6
6
|
and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
|
|
7
7
|
|
|
8
|
+
## [3.1.5] - 2026-06-18 — **fix: drift de versão + exemplos quebrados no README**
|
|
9
|
+
|
|
10
|
+
Release **patch**. Item I4 do Conselho de UI (version/reference drift).
|
|
11
|
+
|
|
12
|
+
### Fixed
|
|
13
|
+
|
|
14
|
+
- **`VERSION` exportado** agora bate com o `package.json` (`3.1.5`). Estava pinado em `'3.1.3'` enquanto o pacote publicado já era `3.1.4` → consumers liam a versão errada via `import { VERSION } from '@neetru/sdk'`.
|
|
15
|
+
- **README** parou de mostrar `usage.track()` / `usage.getQuota()` como exemplos vivos — são métodos REMOVIDOS no 3.0 (o próprio README/CHANGELOG documenta a remoção). Trocados por `usage.report(resource, qty)` (devolve `{value, limit, remaining}` inline) e `usage.check(resource)`.
|
|
16
|
+
|
|
8
17
|
## [3.1.0] - 2026-06-05 — **feat: subpath `firestore-compat` + hooks de dados React (frente-B P0)**
|
|
9
18
|
|
|
10
19
|
Release **minor** — só adições, nenhum export removido nem assinatura alterada (a suite de snapshot SDK-QW-5 confirma que a superfície pública 3.0 segue intacta). Upgrade direto de qualquer 3.0.x.
|
package/README.md
CHANGED
|
@@ -194,10 +194,14 @@ const detailed = await neetru.entitlements.detailed('gestovendas', 'ai_recommend
|
|
|
194
194
|
### Usage tracking
|
|
195
195
|
|
|
196
196
|
```ts
|
|
197
|
-
|
|
198
|
-
|
|
199
|
-
const
|
|
200
|
-
// → {
|
|
197
|
+
// Reporta consumo (resource, qty) — devolve {value, limit, remaining} inline,
|
|
198
|
+
// sem precisar de uma chamada de quota separada. Idempotency-Key automático.
|
|
199
|
+
const usage = await neetru.usage.report('reports_generated', 1);
|
|
200
|
+
// → { value: 16, limit: 100, remaining: 84, status: 'ok' }
|
|
201
|
+
|
|
202
|
+
// Verifica entitlement de um resource (sem incrementar o contador).
|
|
203
|
+
const ent = await neetru.usage.check('reports_per_month');
|
|
204
|
+
// → { allowed, limit?, remaining? }
|
|
201
205
|
```
|
|
202
206
|
|
|
203
207
|
### Support
|
package/dist/auth.cjs
CHANGED
|
@@ -5469,9 +5469,19 @@ var DEV_FIXTURE_USER = Object.freeze({
|
|
|
5469
5469
|
var MockAuth = class {
|
|
5470
5470
|
_user;
|
|
5471
5471
|
_listeners;
|
|
5472
|
-
|
|
5472
|
+
_allowUnsignedDecode;
|
|
5473
|
+
constructor(initialUser = null, options) {
|
|
5473
5474
|
this._user = initialUser;
|
|
5474
5475
|
this._listeners = /* @__PURE__ */ new Set();
|
|
5476
|
+
this._allowUnsignedDecode = options?.allowUnsignedDecode ?? false;
|
|
5477
|
+
if (this._allowUnsignedDecode) {
|
|
5478
|
+
const isTestEnv = typeof process !== "undefined" && (process.env?.NODE_ENV === "test" || process.env?.VITEST === "true" || process.env?.VITEST != null);
|
|
5479
|
+
if (!isTestEnv && typeof console !== "undefined") {
|
|
5480
|
+
console.warn(
|
|
5481
|
+
"[neetru-sdk] MockAuth.verifyToken est\xE1 em modo allowUnsignedDecode=true: tokens N\xC3O t\xEAm assinatura verificada. Este modo \xE9 exclusivo para testes \u2014 NUNCA use como security boundary em c\xF3digo deployado."
|
|
5482
|
+
);
|
|
5483
|
+
}
|
|
5484
|
+
}
|
|
5475
5485
|
}
|
|
5476
5486
|
async signIn(_options) {
|
|
5477
5487
|
if (!this._user) this._user = { ...DEV_FIXTURE_USER };
|
|
@@ -5496,18 +5506,27 @@ var MockAuth = class {
|
|
|
5496
5506
|
};
|
|
5497
5507
|
}
|
|
5498
5508
|
/**
|
|
5499
|
-
* Mock de `verifyToken` —
|
|
5500
|
-
*
|
|
5501
|
-
*
|
|
5509
|
+
* Mock de `verifyToken` — por default lança `unauthorized` pra prevenir uso
|
|
5510
|
+
* acidental como security boundary em código deployado.
|
|
5511
|
+
*
|
|
5512
|
+
* Para decodificar JWTs sem verificar assinatura em testes, crie a instância
|
|
5513
|
+
* com `new MockAuth(user, { allowUnsignedDecode: true })`. Isso é um opt-in
|
|
5514
|
+
* explícito — nunca acontece silenciosamente.
|
|
5502
5515
|
*
|
|
5503
|
-
* Para simular falhas
|
|
5516
|
+
* Para simular falhas ou resultados customizados, use `__mockVerifyToken(fn)`.
|
|
5504
5517
|
*/
|
|
5505
5518
|
async verifyToken(token) {
|
|
5506
5519
|
if (this._verifyTokenOverride) {
|
|
5507
5520
|
return this._verifyTokenOverride(token);
|
|
5508
5521
|
}
|
|
5509
5522
|
if (!token) {
|
|
5510
|
-
throw
|
|
5523
|
+
throw new NeetruError("token_invalid_signature", "Token inv\xE1lido: string vazia");
|
|
5524
|
+
}
|
|
5525
|
+
if (!this._allowUnsignedDecode) {
|
|
5526
|
+
throw new NeetruError(
|
|
5527
|
+
"unauthorized",
|
|
5528
|
+
"MockAuth.verifyToken n\xE3o verifica assinaturas JWT e N\xC3O deve ser usado como security boundary em c\xF3digo deployado. Em testes, use new MockAuth(user, { allowUnsignedDecode: true }) para habilitar decodifica\xE7\xE3o sem assinatura, ou __mockVerifyToken(fn) para injetar resultado customizado."
|
|
5529
|
+
);
|
|
5511
5530
|
}
|
|
5512
5531
|
try {
|
|
5513
5532
|
const parts = token.split(".");
|
|
@@ -5534,7 +5553,7 @@ var MockAuth = class {
|
|
|
5534
5553
|
} catch {
|
|
5535
5554
|
}
|
|
5536
5555
|
if (this._user) return this._user;
|
|
5537
|
-
throw
|
|
5556
|
+
throw new NeetruError("token_invalid_signature", "Nenhum user mock dispon\xEDvel e JWT sem sub v\xE1lido");
|
|
5538
5557
|
}
|
|
5539
5558
|
/**
|
|
5540
5559
|
* Mock de `handleRedirectCallback` (Bug 2 / 3.1.3) — não há redirect real no
|
|
@@ -6094,13 +6113,20 @@ function createOidcAuthNamespace(config) {
|
|
|
6094
6113
|
const issuer = idpOrigin;
|
|
6095
6114
|
const jwksUrl = `${idpOrigin}/api/v1/oauth/.well-known/jwks.json`;
|
|
6096
6115
|
const cacheTtlMs = options?.jwksCacheTtlMs ?? DEFAULT_JWKS_TTL_MS;
|
|
6116
|
+
const audienceFromOptions = options?.audience;
|
|
6097
6117
|
const parsedKey = tryParseApiKey(config.apiKey);
|
|
6098
|
-
const audience = parsedKey?.keyId;
|
|
6118
|
+
const audience = audienceFromOptions ?? parsedKey?.keyId;
|
|
6119
|
+
if (!audience) {
|
|
6120
|
+
throw new NeetruError(
|
|
6121
|
+
"invalid_config",
|
|
6122
|
+
"verifyToken requires an audience: provide apiKey on the client or pass options.audience. Calling jwtVerify without an audience allows tokens issued for other OIDC clients to pass."
|
|
6123
|
+
);
|
|
6124
|
+
}
|
|
6099
6125
|
const jwks = _getJwks(jwksUrl, cacheTtlMs);
|
|
6100
6126
|
try {
|
|
6101
6127
|
const { payload } = await jose.jwtVerify(token, jwks, {
|
|
6102
6128
|
issuer,
|
|
6103
|
-
|
|
6129
|
+
audience,
|
|
6104
6130
|
algorithms: ["RS256"]
|
|
6105
6131
|
});
|
|
6106
6132
|
return _jwtPayloadToUser(payload);
|