@passlock/client 0.9.32 → 2.0.0-beta.2

package/dist/passkey/registration/micro.d.ts

@@ -0,0 +1,101 @@
+import { Micro } from "effect";
+import { type UnexpectedError } from "../../network";
+import { OtherPasskeyError as OtherPasskeyError, PasskeysUnsupportedError } from "../shared";
+import { type PasslockOptions } from "../../shared";
+import { Logger } from "../../logger";
+import type { UserVerification } from "../types";
+export declare const isDuplicatePasskeyError: (err: unknown) => err is DuplicatePasskeyError;
+declare const DuplicatePasskeyError_base: new <A extends Record<string, any> = {}>(args: import("effect/Types").Equals<A, {}> extends true ? void : { readonly [P in keyof A as P extends "_tag" ? never : P]: A[P]; }) => Micro.YieldableError & {
+    readonly _tag: "@error/DuplicatePasskeyError";
+} & Readonly<A>;
+/**
+ * Raised if excludeCredentials or userId was provided and the
+ * device recognises one of the passkey ids i.e. the user currently
+ * has a passkey registered on the current device for a given userId.
+ */
+export declare class DuplicatePasskeyError extends DuplicatePasskeyError_base<{
+    readonly message: string;
+}> {
+    static isDuplicatePasskeyError: (err: unknown) => err is DuplicatePasskeyError;
+}
+/**
+ * Passkey registration options
+ */
+export interface RegistrationOptions extends PasslockOptions {
+    /**
+     * The username associated with the newly reguistered passkey..
+     *
+     * @see {@link https://passlock.dev/getting-started/passkey-registration/#passkey-username|username}
+     */
+    username: string;
+    /**
+     * Human palateable username
+     */
+    userDisplayName?: string | undefined;
+    /**
+     * Passlock userId. Essentially a shortcut to look up any
+     * currently registered passkeys (excludeCredentials) for a given user.
+     */
+    userId?: string | undefined;
+    /**
+     * Prevents the user registering a passkey if they already have one
+     * (for the same user account) registered on the current device.
+     *
+     * @see {@link https://passlock.dev/passkeys/registration/#excludecredentials|excludeCredentials}
+     */
+    excludeCredentials?: Array<string> | undefined;
+    /**
+     * Whether the device should re-authenticate the user locally before registering the passkey.
+     *
+     * @see {@link https://passlock.dev/passkeys/user-verification/|userVerification}
+     */
+    userVerification?: UserVerification | undefined;
+    timeout?: number | undefined;
+}
+declare const RegistrationSuccessTag: "RegistrationSuccess";
+type RegistrationSuccessTag = typeof RegistrationSuccessTag;
+/**
+ * Represents the outcome of a successfull passkey registration.
+ * Submit the code and/or id_token to your backend, then either
+ * exchange the code with the passlock REST API or decode and
+ * verify the id_token (JWT).
+ *
+ * Note: The @passlock/node library includes utilities to do this
+ * for you.
+ */
+export interface RegistrationSuccess {
+    _tag: RegistrationSuccessTag;
+    principal: {
+        authenticatorId: string;
+        userId: string;
+    };
+    /**
+     * A signed JWT representing the newly registered passkey.
+     * Decode and verify this in your backend or use one of the @passlock/node
+     * helper utilities.
+     *
+     * @see {@link https://passlock.dev/principal/idtoken-verification/|id_token}
+     */
+    id_token: string;
+    /**
+     * Call the Passlock API to exchange this code for details about the newly
+     * registered passkey.
+     *
+     * @see {@link https://passlock.dev/principal/code-exchange//|code exchange}
+     */
+    code: string;
+}
+export declare const isRegistrationSuccess: (payload: unknown) => payload is RegistrationSuccess;
+/**
+ * Potential errors associated with Passkey registration
+ */
+export type RegistrationError = PasskeysUnsupportedError | DuplicatePasskeyError | OtherPasskeyError | UnexpectedError;
+/**
+ * Register a passkey on the local device and store the
+ * associated public key in the Passlock vault.
+ * @param options
+ * @returns
+ */
+export declare const registerPasskey: (options: RegistrationOptions) => Micro.Micro<RegistrationSuccess, RegistrationError, Logger>;
+export {};
+//# sourceMappingURL=micro.d.ts.map

package/dist/passkey/registration/micro.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"micro.d.ts","sourceRoot":"","sources":["../../../src/passkey/registration/micro.ts"],"names":[],"mappings":"AAQA,OAAO,EAAE,KAAK,EAAQ,MAAM,QAAQ,CAAC;AAGrC,OAAO,EACL,KAAK,eAAe,EAIrB,MAAM,eAAe,CAAC;AAEvB,OAAO,EACL,iBAAiB,IAAI,iBAAiB,EACtC,wBAAwB,EACzB,MAAM,WAAW,CAAC;AACnB,OAAO,EAAE,KAAK,eAAe,EAAE,MAAM,cAAc,CAAC;AACpD,OAAO,EAAE,MAAM,EAAE,MAAM,cAAc,CAAC;AACtC,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,UAAU,CAAC;AAOjD,eAAO,MAAM,uBAAuB,GAClC,KAAK,OAAO,KACX,GAAG,IAAI,qBAA6D,CAAC;;;;AAExE;;;;GAIG;AACH,qBAAa,qBAAsB,SAAQ,2BAEzC;IACA,QAAQ,CAAC,OAAO,EAAE,MAAM,CAAC;CAC1B,CAAC;IACA,MAAM,CAAC,uBAAuB,QAbzB,OAAO,KACX,GAAG,IAAI,qBAAqB,CAY4B;CAC1D;AAgBD;;GAEG;AACH,MAAM,WAAW,mBAAoB,SAAQ,eAAe;IAC1D;;;;OAIG;IACH,QAAQ,EAAE,MAAM,CAAC;IACjB;;OAEG;IACH,eAAe,CAAC,EAAE,MAAM,GAAG,SAAS,CAAC;IACrC;;;OAGG;IACH,MAAM,CAAC,EAAE,MAAM,GAAG,SAAS,CAAC;IAC5B;;;;;OAKG;IACH,kBAAkB,CAAC,EAAE,KAAK,CAAC,MAAM,CAAC,GAAG,SAAS,CAAC;IAC/C;;;;OAIG;IACH,gBAAgB,CAAC,EAAE,gBAAgB,GAAG,SAAS,CAAC;IAChD,OAAO,CAAC,EAAE,MAAM,GAAG,SAAS,CAAC;CAC9B;AAmCD,QAAA,MAAM,sBAAsB,EAAG,qBAA8B,CAAC;AAC9D,KAAK,sBAAsB,GAAG,OAAO,sBAAsB,CAAC;AAE5D;;;;;;;;GAQG;AACH,MAAM,WAAW,mBAAmB;IAClC,IAAI,EAAE,sBAAsB,CAAC;IAC7B,SAAS,EAAE;QACT,eAAe,EAAE,MAAM,CAAC;QACxB,MAAM,EAAE,MAAM,CAAC;KAChB,CAAC;IACF;;;;;;OAMG;IACH,QAAQ,EAAE,MAAM,CAAC;IACjB;;;;;OAKG;IACH,IAAI,EAAE,MAAM,CAAC;CACd;AAED,eAAO,MAAM,qBAAqB,GAChC,SAAS,OAAO,KACf,OAAO,IAAI,mBASb,CAAC;AAkEF;;GAEG;AACH,MAAM,MAAM,iBAAiB,GACzB,wBAAwB,GACxB,qBAAqB,GACrB,iBAAiB,GACjB,eAAe,CAAC;AAEpB;;;;;GAKG;AACH,eAAO,MAAM,eAAe,GAC1B,SAAS,mBAAmB,KAC3B,KAAK,CAAC,KAAK,CAAC,mBAAmB,EAAE,iBAAiB,EAAE,MAAM,CAc5D,CAAC"}

package/dist/passkey/registration/micro.js

@@ -0,0 +1,126 @@
+import { browserSupportsWebAuthn, startRegistration as simpleRegistration, WebAuthnError, } from "@simplewebauthn/browser";
+import { Micro, pipe } from "effect";
+import { TenancyId } from "../../tenancy";
+import { buildEndpoint, Endpoint, makeRequest, } from "../../network";
+import { OtherPasskeyError as OtherPasskeyError, PasskeysUnsupportedError, } from "../shared";
+import {} from "../../shared";
+import { Logger } from "../../logger";
+export const isDuplicatePasskeyError = (err) => err instanceof DuplicatePasskeyError;
+/**
+ * Raised if excludeCredentials or userId was provided and the
+ * device recognises one of the passkey ids i.e. the user currently
+ * has a passkey registered on the current device for a given userId.
+ */
+export class DuplicatePasskeyError extends Micro.TaggedError("@error/DuplicatePasskeyError") {
+    static isDuplicatePasskeyError = isDuplicatePasskeyError;
+}
+const isOptionsResponse = (payload) => {
+    if (typeof payload !== "object")
+        return false;
+    if (payload === null)
+        return false;
+    if (!("optionsJSON" in payload))
+        return false;
+    if (typeof payload.optionsJSON !== "object")
+        return false;
+    if (payload.optionsJSON === null)
+        return false;
+    if (!("sessionToken" in payload))
+        return false;
+    if (typeof payload.sessionToken !== "string")
+        return false;
+    return true;
+};
+const fetchOptions = ({ username, userDisplayName, userId, excludeCredentials, userVerification, timeout, }) => Micro.gen(function* () {
+    const logger = yield* Micro.service(Logger);
+    const { endpoint } = yield* Micro.service(Endpoint);
+    const { tenancyId } = yield* Micro.service(TenancyId);
+    const url = new URL(`${tenancyId}/passkey/registration/options`, endpoint);
+    yield* logger.logInfo("Fetching passkey registration options from Passlock");
+    return yield* makeRequest({
+        url,
+        payload: {
+            username,
+            userDisplayName,
+            userId,
+            excludeCredentials,
+            userVerification,
+            timeout,
+        },
+        responsePredicate: isOptionsResponse,
+        label: "registration options",
+    });
+});
+const RegistrationSuccessTag = "RegistrationSuccess";
+export const isRegistrationSuccess = (payload) => {
+    if (typeof payload !== "object")
+        return false;
+    if (payload === null)
+        return false;
+    if (!("_tag" in payload))
+        return false;
+    if (typeof payload._tag !== "string")
+        return false;
+    if (payload._tag !== RegistrationSuccessTag)
+        return false;
+    return true;
+};
+const verifyCredential = (sessionToken, response) => Micro.gen(function* () {
+    const logger = yield* Micro.service(Logger);
+    const { endpoint } = yield* Micro.service(Endpoint);
+    const { tenancyId } = yield* Micro.service(TenancyId);
+    const url = new URL(`${tenancyId}/passkey/registration/verification`, endpoint);
+    yield* logger.logInfo("Registering passkey in Passlock vault");
+    const registrationResponse = yield* makeRequest({
+        url,
+        payload: { sessionToken, response },
+        responsePredicate: isRegistrationSuccess,
+        label: "registration verification",
+    });
+    yield* logger.logInfo(`Passkey registered with id ${registrationResponse.principal.authenticatorId}`);
+    return registrationResponse;
+});
+const startRegistration = (optionsJSON) => Micro.gen(function* () {
+    const logger = yield* Micro.service(Logger);
+    yield* logger.logInfo("Registering passkey on device");
+    const isSupport = browserSupportsWebAuthn();
+    if (!isSupport)
+        yield* new PasskeysUnsupportedError({
+            message: "Device does not support passkeys",
+        });
+    return yield* Micro.tryPromise({
+        try: () => simpleRegistration({ optionsJSON }),
+        catch: (error) => {
+            if (error instanceof WebAuthnError &&
+                error.code === "ERROR_AUTHENTICATOR_PREVIOUSLY_REGISTERED") {
+                return new DuplicatePasskeyError({ message: error.message });
+            }
+            else if (error instanceof WebAuthnError) {
+                return new OtherPasskeyError({
+                    error: error.cause,
+                    message: error.message,
+                    code: error.code,
+                });
+            }
+            else {
+                return new OtherPasskeyError({ error, message: "Unexpected error" });
+            }
+        },
+    });
+});
+/**
+ * Register a passkey on the local device and store the
+ * associated public key in the Passlock vault.
+ * @param options
+ * @returns
+ */
+export const registerPasskey = (options) => {
+    const endpoint = buildEndpoint(options);
+    const effect = Micro.gen(function* () {
+        const { sessionToken, optionsJSON } = yield* fetchOptions(options);
+        const response = yield* startRegistration(optionsJSON);
+        return yield* verifyCredential(sessionToken, response);
+    });
+    return pipe(effect, Micro.provideService(TenancyId, options), Micro.provideService(Endpoint, endpoint));
+};
+//# sourceMappingURL=micro.js.map

package/dist/passkey/registration/micro.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"micro.js","sourceRoot":"","sources":["../../../src/passkey/registration/micro.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,uBAAuB,EAGvB,iBAAiB,IAAI,kBAAkB,EACvC,aAAa,GACd,MAAM,yBAAyB,CAAC;AAEjC,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,MAAM,QAAQ,CAAC;AACrC,OAAO,EAAE,SAAS,EAAE,MAAM,eAAe,CAAC;AAE1C,OAAO,EAEL,aAAa,EACb,QAAQ,EACR,WAAW,GACZ,MAAM,eAAe,CAAC;AAEvB,OAAO,EACL,iBAAiB,IAAI,iBAAiB,EACtC,wBAAwB,GACzB,MAAM,WAAW,CAAC;AACnB,OAAO,EAAwB,MAAM,cAAc,CAAC;AACpD,OAAO,EAAE,MAAM,EAAE,MAAM,cAAc,CAAC;AAQtC,MAAM,CAAC,MAAM,uBAAuB,GAAG,CACrC,GAAY,EACkB,EAAE,CAAC,GAAG,YAAY,qBAAqB,CAAC;AAExE;;;;GAIG;AACH,MAAM,OAAO,qBAAsB,SAAQ,KAAK,CAAC,WAAW,CAC1D,8BAA8B,CAG9B;IACA,MAAM,CAAC,uBAAuB,GAAG,uBAAuB,CAAC;;AAG3D,MAAM,iBAAiB,GAAG,CAAC,OAAgB,EAA8B,EAAE;IACzE,IAAI,OAAO,OAAO,KAAK,QAAQ;QAAE,OAAO,KAAK,CAAC;IAC9C,IAAI,OAAO,KAAK,IAAI;QAAE,OAAO,KAAK,CAAC;IAEnC,IAAI,CAAC,CAAC,aAAa,IAAI,OAAO,CAAC;QAAE,OAAO,KAAK,CAAC;IAC9C,IAAI,OAAO,OAAO,CAAC,WAAW,KAAK,QAAQ;QAAE,OAAO,KAAK,CAAC;IAC1D,IAAI,OAAO,CAAC,WAAW,KAAK,IAAI;QAAE,OAAO,KAAK,CAAC;IAE/C,IAAI,CAAC,CAAC,cAAc,IAAI,OAAO,CAAC;QAAE,OAAO,KAAK,CAAC;IAC/C,IAAI,OAAO,OAAO,CAAC,YAAY,KAAK,QAAQ;QAAE,OAAO,KAAK,CAAC;IAE3D,OAAO,IAAI,CAAC;AACd,CAAC,CAAC;AAqCF,MAAM,YAAY,GAAG,CAAC,EACpB,QAAQ,EACR,eAAe,EACf,MAAM,EACN,kBAAkB,EAClB,gBAAgB,EAChB,OAAO,GACa,EAAE,EAAE,CACxB,KAAK,CAAC,GAAG,CAAC,QAAQ,CAAC;IACjB,MAAM,MAAM,GAAG,KAAK,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;IAC5C,MAAM,EAAE,QAAQ,EAAE,GAAG,KAAK,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;IACpD,MAAM,EAAE,SAAS,EAAE,GAAG,KAAK,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;IAEtD,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,GAAG,SAAS,+BAA+B,EAAE,QAAQ,CAAC,CAAC;IAE3E,KAAK,CAAC,CAAC,MAAM,CAAC,OAAO,CACnB,qDAAqD,CACtD,CAAC;IACF,OAAO,KAAK,CAAC,CAAC,WAAW,CAAC;QACxB,GAAG;QACH,OAAO,EAAE;YACP,QAAQ;YACR,eAAe;YACf,MAAM;YACN,kBAAkB;YAClB,gBAAgB;YAChB,OAAO;SACR;QACD,iBAAiB,EAAE,iBAAiB;QACpC,KAAK,EAAE,sBAAsB;KAC9B,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEL,MAAM,sBAAsB,GAAG,qBAA8B,CAAC;AAmC9D,MAAM,CAAC,MAAM,qBAAqB,GAAG,CACnC,OAAgB,EACgB,EAAE;IAClC,IAAI,OAAO,OAAO,KAAK,QAAQ;QAAE,OAAO,KAAK,CAAC;IAC9C,IAAI,OAAO,KAAK,IAAI;QAAE,OAAO,KAAK,CAAC;IAEnC,IAAI,CAAC,CAAC,MAAM,IAAI,OAAO,CAAC;QAAE,OAAO,KAAK,CAAC;IACvC,IAAI,OAAO,OAAO,CAAC,IAAI,KAAK,QAAQ;QAAE,OAAO,KAAK,CAAC;IACnD,IAAI,OAAO,CAAC,IAAI,KAAK,sBAAsB;QAAE,OAAO,KAAK,CAAC;IAE1D,OAAO,IAAI,CAAC;AACd,CAAC,CAAC;AAEF,MAAM,gBAAgB,GAAG,CACvB,YAAoB,EACpB,QAAkC,EAClC,EAAE,CACF,KAAK,CAAC,GAAG,CAAC,QAAQ,CAAC;IACjB,MAAM,MAAM,GAAG,KAAK,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;IAC5C,MAAM,EAAE,QAAQ,EAAE,GAAG,KAAK,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;IACpD,MAAM,EAAE,SAAS,EAAE,GAAG,KAAK,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;IAEtD,MAAM,GAAG,GAAG,IAAI,GAAG,CACjB,GAAG,SAAS,oCAAoC,EAChD,QAAQ,CACT,CAAC;IAEF,KAAK,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,uCAAuC,CAAC,CAAC;IAE/D,MAAM,oBAAoB,GAAG,KAAK,CAAC,CAAC,WAAW,CAAC;QAC9C,GAAG;QACH,OAAO,EAAE,EAAE,YAAY,EAAE,QAAQ,EAAE;QACnC,iBAAiB,EAAE,qBAAqB;QACxC,KAAK,EAAE,2BAA2B;KACnC,CAAC,CAAC;IAEH,KAAK,CAAC,CAAC,MAAM,CAAC,OAAO,CACnB,8BAA8B,oBAAoB,CAAC,SAAS,CAAC,eAAe,EAAE,CAC/E,CAAC;IAEF,OAAO,oBAAoB,CAAC;AAC9B,CAAC,CAAC,CAAC;AAEL,MAAM,iBAAiB,GAAG,CACxB,WAAmD,EACnD,EAAE,CACF,KAAK,CAAC,GAAG,CAAC,QAAQ,CAAC;IACjB,MAAM,MAAM,GAAG,KAAK,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;IAC5C,KAAK,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,+BAA+B,CAAC,CAAC;IAEvD,MAAM,SAAS,GAAG,uBAAuB,EAAE,CAAC;IAC5C,IAAI,CAAC,SAAS;QACZ,KAAK,CAAC,CAAC,IAAI,wBAAwB,CAAC;YAClC,OAAO,EAAE,kCAAkC;SAC5C,CAAC,CAAC;IAEL,OAAO,KAAK,CAAC,CAAC,KAAK,CAAC,UAAU,CAAC;QAC7B,GAAG,EAAE,GAAG,EAAE,CAAC,kBAAkB,CAAC,EAAE,WAAW,EAAE,CAAC;QAC9C,KAAK,EAAE,CAAC,KAAK,EAAE,EAAE;YACf,IACE,KAAK,YAAY,aAAa;gBAC9B,KAAK,CAAC,IAAI,KAAK,2CAA2C,EAC1D,CAAC;gBACD,OAAO,IAAI,qBAAqB,CAAC,EAAE,OAAO,EAAE,KAAK,CAAC,OAAO,EAAE,CAAC,CAAC;YAC/D,CAAC;iBAAM,IAAI,KAAK,YAAY,aAAa,EAAE,CAAC;gBAC1C,OAAO,IAAI,iBAAiB,CAAC;oBAC3B,KAAK,EAAE,KAAK,CAAC,KAAK;oBAClB,OAAO,EAAE,KAAK,CAAC,OAAO;oBACtB,IAAI,EAAE,KAAK,CAAC,IAAI;iBACjB,CAAC,CAAC;YACL,CAAC;iBAAM,CAAC;gBACN,OAAO,IAAI,iBAAiB,CAAC,EAAE,KAAK,EAAE,OAAO,EAAE,kBAAkB,EAAE,CAAC,CAAC;YACvE,CAAC;QACH,CAAC;KACF,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAWL;;;;;GAKG;AACH,MAAM,CAAC,MAAM,eAAe,GAAG,CAC7B,OAA4B,EACiC,EAAE;IAC/D,MAAM,QAAQ,GAAG,aAAa,CAAC,OAAO,CAAC,CAAC;IAExC,MAAM,MAAM,GAAG,KAAK,CAAC,GAAG,CAAC,QAAQ,CAAC;QAChC,MAAM,EAAE,YAAY,EAAE,WAAW,EAAE,GAAG,KAAK,CAAC,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC;QACnE,MAAM,QAAQ,GAAG,KAAK,CAAC,CAAC,iBAAiB,CAAC,WAAW,CAAC,CAAC;QACvD,OAAO,KAAK,CAAC,CAAC,gBAAgB,CAAC,YAAY,EAAE,QAAQ,CAAC,CAAC;IACzD,CAAC,CAAC,CAAC;IAEH,OAAO,IAAI,CACT,MAAM,EACN,KAAK,CAAC,cAAc,CAAC,SAAS,EAAE,OAAO,CAAC,EACxC,KAAK,CAAC,cAAc,CAAC,QAAQ,EAAE,QAAQ,CAAC,CACzC,CAAC;AACJ,CAAC,CAAC"}

package/dist/passkey/shared.d.ts

@@ -0,0 +1,24 @@
+import { Micro } from "effect";
+export declare const isPasskeysUnsupportedError: (error: unknown) => error is PasskeysUnsupportedError;
+declare const PasskeysUnsupportedError_base: new <A extends Record<string, any> = {}>(args: import("effect/Types").Equals<A, {}> extends true ? void : { readonly [P in keyof A as P extends "_tag" ? never : P]: A[P]; }) => Micro.YieldableError & {
+    readonly _tag: "@error/PasskeysUnsupportedError";
+} & Readonly<A>;
+export declare class PasskeysUnsupportedError extends PasskeysUnsupportedError_base<{
+    readonly message: string;
+}> {
+    static isPasskeysUnsupportedError: (error: unknown) => error is PasskeysUnsupportedError;
+}
+export type ErrorCode = "ERROR_CEREMONY_ABORTED" | "ERROR_INVALID_DOMAIN" | "ERROR_INVALID_RP_ID" | "ERROR_INVALID_USER_ID_LENGTH" | "ERROR_MALFORMED_PUBKEYCREDPARAMS" | "ERROR_AUTHENTICATOR_GENERAL_ERROR" | "ERROR_AUTHENTICATOR_MISSING_DISCOVERABLE_CREDENTIAL_SUPPORT" | "ERROR_AUTHENTICATOR_MISSING_USER_VERIFICATION_SUPPORT" | "ERROR_AUTHENTICATOR_PREVIOUSLY_REGISTERED" | "ERROR_AUTHENTICATOR_NO_SUPPORTED_PUBKEYCREDPARAMS_ALG" | "ERROR_AUTO_REGISTER_USER_VERIFICATION_FAILURE" | "ERROR_PASSTHROUGH_SEE_CAUSE_PROPERTY";
+export declare const isOtherPasskeyError: (error: unknown) => error is OtherPasskeyError;
+declare const OtherPasskeyError_base: new <A extends Record<string, any> = {}>(args: import("effect/Types").Equals<A, {}> extends true ? void : { readonly [P in keyof A as P extends "_tag" ? never : P]: A[P]; }) => Micro.YieldableError & {
+    readonly _tag: "@error/OtherPasskeyError";
+} & Readonly<A>;
+export declare class OtherPasskeyError extends OtherPasskeyError_base<{
+    readonly error: unknown;
+    readonly message: string;
+    readonly code?: ErrorCode;
+}> {
+    static isOtherPasskeyError: (error: unknown) => error is OtherPasskeyError;
+}
+export {};
+//# sourceMappingURL=shared.d.ts.map

package/dist/passkey/shared.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"shared.d.ts","sourceRoot":"","sources":["../../src/passkey/shared.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,EAAE,MAAM,QAAQ,CAAC;AAE/B,eAAO,MAAM,0BAA0B,GACrC,OAAO,OAAO,KACb,KAAK,IAAI,wBAC+B,CAAC;;;;AAE5C,qBAAa,wBAAyB,SAAQ,8BAE5C;IACA,QAAQ,CAAC,OAAO,EAAE,MAAM,CAAC;CAC1B,CAAC;IACA,MAAM,CAAC,0BAA0B,UAT1B,OAAO,KACb,KAAK,IAAI,wBAAwB,CAQ6B;CAChE;AAED,MAAM,MAAM,SAAS,GACjB,wBAAwB,GACxB,sBAAsB,GACtB,qBAAqB,GACrB,8BAA8B,GAC9B,kCAAkC,GAClC,mCAAmC,GACnC,6DAA6D,GAC7D,uDAAuD,GACvD,2CAA2C,GAC3C,uDAAuD,GACvD,+CAA+C,GAC/C,sCAAsC,CAAC;AAE3C,eAAO,MAAM,mBAAmB,GAC9B,OAAO,OAAO,KACb,KAAK,IAAI,iBAAuD,CAAC;;;;AAEpE,qBAAa,iBAAkB,SAAQ,uBAErC;IACA,QAAQ,CAAC,KAAK,EAAE,OAAO,CAAC;IACxB,QAAQ,CAAC,OAAO,EAAE,MAAM,CAAC;IACzB,QAAQ,CAAC,IAAI,CAAC,EAAE,SAAS,CAAC;CAC3B,CAAC;IACA,MAAM,CAAC,mBAAmB,UAVnB,OAAO,KACb,KAAK,IAAI,iBAAiB,CASsB;CAClD"}

package/dist/passkey/shared.js

@@ -0,0 +1,10 @@
+import { Micro } from "effect";
+export const isPasskeysUnsupportedError = (error) => error instanceof PasskeysUnsupportedError;
+export class PasskeysUnsupportedError extends Micro.TaggedError("@error/PasskeysUnsupportedError") {
+    static isPasskeysUnsupportedError = isPasskeysUnsupportedError;
+}
+export const isOtherPasskeyError = (error) => error instanceof OtherPasskeyError;
+export class OtherPasskeyError extends Micro.TaggedError("@error/OtherPasskeyError") {
+    static isOtherPasskeyError = isOtherPasskeyError;
+}
+//# sourceMappingURL=shared.js.map

package/dist/passkey/shared.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"shared.js","sourceRoot":"","sources":["../../src/passkey/shared.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,EAAE,MAAM,QAAQ,CAAC;AAE/B,MAAM,CAAC,MAAM,0BAA0B,GAAG,CACxC,KAAc,EACqB,EAAE,CACrC,KAAK,YAAY,wBAAwB,CAAC;AAE5C,MAAM,OAAO,wBAAyB,SAAQ,KAAK,CAAC,WAAW,CAC7D,iCAAiC,CAGjC;IACA,MAAM,CAAC,0BAA0B,GAAG,0BAA0B,CAAC;;AAiBjE,MAAM,CAAC,MAAM,mBAAmB,GAAG,CACjC,KAAc,EACc,EAAE,CAAC,KAAK,YAAY,iBAAiB,CAAC;AAEpE,MAAM,OAAO,iBAAkB,SAAQ,KAAK,CAAC,WAAW,CACtD,0BAA0B,CAK1B;IACA,MAAM,CAAC,mBAAmB,GAAG,mBAAmB,CAAC"}

package/dist/passkey/support.d.ts

@@ -0,0 +1,3 @@
+export declare const isPasskeySupport: () => boolean;
+export declare const isAutofillSupport: () => Promise<boolean>;
+//# sourceMappingURL=support.d.ts.map

package/dist/passkey/support.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"support.d.ts","sourceRoot":"","sources":["../../src/passkey/support.ts"],"names":[],"mappings":"AAKA,eAAO,MAAM,gBAAgB,QAAO,OAAoC,CAAC;AAEzE,eAAO,MAAM,iBAAiB,QAAO,OAAO,CAAC,OAAO,CACjB,CAAC"}

package/dist/passkey/support.js

@@ -0,0 +1,4 @@
+import { browserSupportsWebAuthn, browserSupportsWebAuthnAutofill, } from "@simplewebauthn/browser";
+export const isPasskeySupport = () => browserSupportsWebAuthn();
+export const isAutofillSupport = () => browserSupportsWebAuthnAutofill();
+//# sourceMappingURL=support.js.map

package/dist/passkey/support.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"support.js","sourceRoot":"","sources":["../../src/passkey/support.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,uBAAuB,EACvB,+BAA+B,GAChC,MAAM,yBAAyB,CAAC;AAEjC,MAAM,CAAC,MAAM,gBAAgB,GAAG,GAAY,EAAE,CAAC,uBAAuB,EAAE,CAAC;AAEzE,MAAM,CAAC,MAAM,iBAAiB,GAAG,GAAqB,EAAE,CACtD,+BAA+B,EAAE,CAAC"}

package/dist/passkey/types.d.ts

@@ -0,0 +1,26 @@
+export type UserVerification = "discouraged" | "preferred" | "required";
+/**
+ * https://w3c.github.io/webauthn/#enumdef-publickeycredentialhint
+ */
+export type PublicKeyCredentialHint = "hybrid" | "security-key" | "client-device";
+/**
+ * https://www.iana.org/assignments/webauthn/webauthn.xhtml#webauthn-attestation-statement-format-ids
+ */
+export type AttestationFormat = "fido-u2f" | "packed" | "android-safetynet" | "android-key" | "tpm" | "apple" | "none";
+/**
+ * https://w3c.github.io/webauthn/#dictdef-publickeycredentialcreationoptionsjson
+ */
+export interface PublicKeyCredentialCreationOptionsJSON {
+    rp: PublicKeyCredentialRpEntity;
+    user: PublicKeyCredentialUserEntityJSON;
+    challenge: Base64URLString;
+    pubKeyCredParams: Array<PublicKeyCredentialParameters>;
+    timeout?: number;
+    excludeCredentials?: Array<PublicKeyCredentialDescriptorJSON>;
+    authenticatorSelection?: AuthenticatorSelectionCriteria;
+    hints?: Array<PublicKeyCredentialHint>;
+    attestation?: AttestationConveyancePreference;
+    attestationFormats?: Array<AttestationFormat>;
+    extensions?: AuthenticationExtensionsClientInputs;
+}
+//# sourceMappingURL=types.d.ts.map

package/dist/passkey/types.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../src/passkey/types.ts"],"names":[],"mappings":"AAAA,MAAM,MAAM,gBAAgB,GAAG,aAAa,GAAG,WAAW,GAAG,UAAU,CAAC;AAExE;;GAEG;AACH,MAAM,MAAM,uBAAuB,GAC/B,QAAQ,GACR,cAAc,GACd,eAAe,CAAC;AAEpB;;GAEG;AACH,MAAM,MAAM,iBAAiB,GACzB,UAAU,GACV,QAAQ,GACR,mBAAmB,GACnB,aAAa,GACb,KAAK,GACL,OAAO,GACP,MAAM,CAAC;AAEX;;GAEG;AACH,MAAM,WAAW,sCAAsC;IACrD,EAAE,EAAE,2BAA2B,CAAC;IAChC,IAAI,EAAE,iCAAiC,CAAC;IACxC,SAAS,EAAE,eAAe,CAAC;IAC3B,gBAAgB,EAAE,KAAK,CAAC,6BAA6B,CAAC,CAAC;IACvD,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,kBAAkB,CAAC,EAAE,KAAK,CAAC,iCAAiC,CAAC,CAAC;IAC9D,sBAAsB,CAAC,EAAE,8BAA8B,CAAC;IACxD,KAAK,CAAC,EAAE,KAAK,CAAC,uBAAuB,CAAC,CAAC;IACvC,WAAW,CAAC,EAAE,+BAA+B,CAAC;IAC9C,kBAAkB,CAAC,EAAE,KAAK,CAAC,iBAAiB,CAAC,CAAC;IAC9C,UAAU,CAAC,EAAE,oCAAoC,CAAC;CACnD"}

package/dist/passkey/types.js

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=types.js.map

package/dist/passkey/types.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.js","sourceRoot":"","sources":["../../src/passkey/types.ts"],"names":[],"mappings":""}

package/dist/promise.d.ts

@@ -0,0 +1,15 @@
+import { Micro } from "effect";
+/**
+ * Run a Micro and return a success or failure.
+ * Note: function could still throw for an unexpected error.
+ * @param micro
+ * @returns
+ */
+export declare const runToPromise: <A, E>(micro: Micro.Micro<A, E>) => Promise<A | E>;
+/**
+ * Run a Micro and return a success or throw an error
+ * @param micro
+ * @returns
+ */
+export declare const runToPromiseUnsafe: <A, E>(micro: Micro.Micro<A, E>) => Promise<A>;
+//# sourceMappingURL=promise.d.ts.map

package/dist/promise.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"promise.d.ts","sourceRoot":"","sources":["../src/promise.ts"],"names":[],"mappings":"AAAA,OAAO,EAAoB,KAAK,EAAQ,MAAM,QAAQ,CAAC;AAGvD;;;;;GAKG;AACH,eAAO,MAAM,YAAY,GAAU,CAAC,EAAE,CAAC,EACrC,OAAO,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,KACvB,OAAO,CAAC,CAAC,GAAG,CAAC,CAOf,CAAC;AAEF;;;;GAIG;AACH,eAAO,MAAM,kBAAkB,GAAU,CAAC,EAAE,CAAC,EAC3C,OAAO,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,KACvB,OAAO,CAAC,CAAC,CAqBX,CAAC"}

package/dist/promise.js

@@ -0,0 +1,46 @@
+import { Either, identity, Micro, pipe } from "effect";
+import { error } from "effect/Brand";
+/**
+ * Run a Micro and return a success or failure.
+ * Note: function could still throw for an unexpected error.
+ * @param micro
+ * @returns
+ */
+export const runToPromise = async (micro) => {
+    const either = await pipe(micro, Micro.either, Micro.runPromise);
+    return Either.match(either, {
+        onLeft: identity,
+        onRight: identity,
+    });
+};
+/**
+ * Run a Micro and return a success or throw an error
+ * @param micro
+ * @returns
+ */
+export const runToPromiseUnsafe = async (micro) => {
+    const exit = await Micro.runPromiseExit(micro);
+    if (Micro.exitIsSuccess(exit))
+        return exit.value;
+    if (Micro.exitIsFail(exit)) {
+        if (error instanceof Error) {
+            throw exit.cause;
+        }
+        else
+            throw new Error(String(exit.cause.error));
+    }
+    if (Micro.exitIsDie(exit)) {
+        if (exit.cause.defect instanceof Error) {
+            throw exit.cause.defect;
+        }
+        else
+            new Error(String(exit.cause.defect));
+    }
+    if (Micro.exitIsInterrupt(exit))
+        throw new Error(exit.cause.message);
+    if (Micro.exitIsFailure(exit))
+        throw new Error(exit.cause.message);
+    else
+        throw new Error("Unexpected error");
+};
+//# sourceMappingURL=promise.js.map

package/dist/promise.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"promise.js","sourceRoot":"","sources":["../src/promise.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAE,QAAQ,EAAE,KAAK,EAAE,IAAI,EAAE,MAAM,QAAQ,CAAC;AACvD,OAAO,EAAE,KAAK,EAAE,MAAM,cAAc,CAAC;AAErC;;;;;GAKG;AACH,MAAM,CAAC,MAAM,YAAY,GAAG,KAAK,EAC/B,KAAwB,EACR,EAAE;IAClB,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,KAAK,EAAE,KAAK,CAAC,MAAM,EAAE,KAAK,CAAC,UAAU,CAAC,CAAC;IAEjE,OAAO,MAAM,CAAC,KAAK,CAAC,MAAM,EAAE;QAC1B,MAAM,EAAE,QAAQ;QAChB,OAAO,EAAE,QAAQ;KAClB,CAAC,CAAC;AACL,CAAC,CAAC;AAEF;;;;GAIG;AACH,MAAM,CAAC,MAAM,kBAAkB,GAAG,KAAK,EACrC,KAAwB,EACZ,EAAE;IACd,MAAM,IAAI,GAAG,MAAM,KAAK,CAAC,cAAc,CAAC,KAAK,CAAC,CAAC;IAE/C,IAAI,KAAK,CAAC,aAAa,CAAC,IAAI,CAAC;QAAE,OAAO,IAAI,CAAC,KAAK,CAAC;IAEjD,IAAI,KAAK,CAAC,UAAU,CAAC,IAAI,CAAC,EAAE,CAAC;QAC3B,IAAI,KAAK,YAAY,KAAK,EAAE,CAAC;YAC3B,MAAM,IAAI,CAAC,KAAK,CAAC;QACnB,CAAC;;YAAM,MAAM,IAAI,KAAK,CAAC,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC;IACnD,CAAC;IAED,IAAI,KAAK,CAAC,SAAS,CAAC,IAAI,CAAC,EAAE,CAAC;QAC1B,IAAI,IAAI,CAAC,KAAK,CAAC,MAAM,YAAY,KAAK,EAAE,CAAC;YACvC,MAAM,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC;QAC1B,CAAC;;YAAM,IAAI,KAAK,CAAC,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC;IAC9C,CAAC;IAED,IAAI,KAAK,CAAC,eAAe,CAAC,IAAI,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;IAErE,IAAI,KAAK,CAAC,aAAa,CAAC,IAAI,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;;QAC9D,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAC;AAC3C,CAAC,CAAC"}

package/dist/shared.d.ts

@@ -0,0 +1,15 @@
+/**
+ * Options that are not directly related to passkeys or
+ * other authentication mechanisms, but required by the
+ * Passlock framework
+ */
+export interface PasslockOptions {
+    /**
+     * Obtain this from the settings tab in your Passlock console.
+     * Please note this is environment specific, so your dev
+     * environment will have a different tenancyId to prod.
+     */
+    tenancyId: string;
+    endpoint?: string;
+}
+//# sourceMappingURL=shared.d.ts.map

package/dist/shared.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"shared.d.ts","sourceRoot":"","sources":["../src/shared.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AACH,MAAM,WAAW,eAAe;IAC9B;;;;OAIG;IACH,SAAS,EAAE,MAAM,CAAC;IAClB,QAAQ,CAAC,EAAE,MAAM,CAAC;CACnB"}

package/dist/shared.js

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=shared.js.map

package/dist/shared.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"shared.js","sourceRoot":"","sources":["../src/shared.ts"],"names":[],"mappings":""}

package/dist/tenancy.d.ts

@@ -0,0 +1,8 @@
+import { Context } from "effect";
+declare const TenancyId_base: Context.TagClass<TenancyId, "TenancyId", {
+    readonly tenancyId: string;
+}>;
+export declare class TenancyId extends TenancyId_base {
+}
+export {};
+//# sourceMappingURL=tenancy.d.ts.map

package/dist/tenancy.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"tenancy.d.ts","sourceRoot":"","sources":["../src/tenancy.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,QAAQ,CAAC;;wBAIT,MAAM;;AAF9B,qBAAa,SAAU,SAAQ,cAG5B;CAAG"}

package/dist/tenancy.js

@@ -0,0 +1,4 @@
+import { Context } from "effect";
+export class TenancyId extends Context.Tag("TenancyId")() {
+}
+//# sourceMappingURL=tenancy.js.map

package/dist/tenancy.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"tenancy.js","sourceRoot":"","sources":["../src/tenancy.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,QAAQ,CAAC;AAEjC,MAAM,OAAO,SAAU,SAAQ,OAAO,CAAC,GAAG,CAAC,WAAW,CAAC,EAGpD;CAAG"}

package/package.json

@@ -1,14 +1,11 @@
 {
   "name": "@passlock/client",
-  "version": "0.9.32",
-  "description": "Passkey authentication and social login for web apps (Typescript). Framework agnostic",
+  "version": "2.0.0-beta.2",
+  "description": "Flexible passkey authentication for Astro, SvelteKit, NextJS and other frameworks",
   "keywords": [
     "passkey",
-    "passkeys",
     "webauthn",
-    "google one tap",
-    "sign in with google",
-    "sign in with apple",
+    "astro",
     "svelte",
     "sveltekit",
     "react",
@@ -16,79 +13,76 @@
     "vue",
     "nuxt"
   ],
-  "author": {
-    "name": "Toby Hobson",
-    "email": "toby@passlock.dev"
-  },
-  "license": "MIT",
   "homepage": "https://passlock.dev",
+  "bugs": {
+    "url": "https://github.com/passlock-dev/passlock/issues",
+    "email": "team@passlock.dev"
+  },
   "repository": {
     "type": "git",
     "url": "git+https://github.com/passlock-dev/passlock.git",
     "directory": "packages/client"
   },
-  "bugs": {
-    "url": "https://github.com/passlock-dev/passlock/issues",
-    "email": "team@passlock.dev"
+  "license": "MIT",
+  "author": {
+    "name": "Toby Hobson",
+    "email": "toby@passlock.dev"
   },
   "type": "module",
   "exports": {
     ".": {
       "types": "./dist/index.d.ts",
-      "import": "./dist/index.js"
+      "import": "./dist/index.js",
+      "default": "./dist/index.js"
+    },
+    "./passkey": {
+      "types": "./dist/passkey/index.d.ts",
+      "import": "./dist/passkey/index.js",
+      "default": "./dist/passkey/index.js"
+    },
+    "./logger": {
+      "types": "./dist/logger/index.d.ts",
+      "import": "./dist/logger/index.js",
+      "default": "./dist/logger/index.js"
     }
   },
+  "module": "./dist/index.js",
+  "types": "./dist/index.d.ts",
   "files": [
-    "src",
-    "dist",
-    "!dist/**/*.test.*",
-    "!dist/**/*.spec.*"
+    "dist"
   ],
   "dependencies": {
-    "@effect/schema": "0.74.1",
-    "@github/webauthn-json": "^2.1.1",
-    "effect": "3.8.4",
-    "@passlock/shared": "0.9.32"
+    "@simplewebauthn/browser": "^13.2.2",
+    "effect": "3.19.10"
   },
   "devDependencies": {
-    "@qetza/replacetokens": "^1.7.0",
-    "@total-typescript/tsconfig": "^1.0.4",
-    "@trivago/prettier-plugin-sort-imports": "^4.3.0",
-    "@tsconfig/node20": "^20.1.4",
-    "@types/node": "^22.7.4",
-    "@typescript-eslint/eslint-plugin": "^8.8.0",
-    "@typescript-eslint/parser": "^8.8.0",
-    "@vitest/coverage-v8": "^2.1.2",
-    "@vitest/ui": "^2.1.2",
-    "eslint": "^9.12.0",
-    "eslint-config-prettier": "^9.1.0",
-    "globals": "^15.10.0",
-    "jsdom": "^25.0.1",
-    "prettier": "^3.3.3",
-    "publint": "^0.2.11",
-    "rimraf": "^6.0.1",
-    "tslib": "^2.7.0",
-    "tsx": "^4.19.1",
-    "typescript": "^5.6.2",
-    "vite": "^5.4.8",
-    "vitest": "^2.1.2",
-    "vitest-mock-extended": "^2.0.2"
+    "@eslint/compat": "^2.0.0",
+    "@eslint/js": "^9.39.1",
+    "eslint": "^9.39.1",
+    "globals": "^16.5.0",
+    "npm-check-updates": "^19.1.2",
+    "prettier": "^3.7.4",
+    "publint": "0.3.15",
+    "rimraf": "^6.1.2",
+    "tsx": "4.21.0",
+    "typescript": "^5.9.3",
+    "typescript-eslint": "^8.49.0"
   },
   "scripts": {
-    "clean": "rimraf ./dist",
-    "typecheck": "tsc --noEmit",
+    "build": "tsc --build",
+    "build:clean": "$npm_execpath run clean:full && $npm_execpath run build",
+    "build:production": "$npm_execpath run build:clean && $npm_execpath run build:readme && $npm_execpath run replaceTokens && echo '' && publint",
+    "build:readme": "LATEST=${npm_package_version} tsx ../../scripts/replace-readme-tokens.ts ./packages/client",
+    "clean": "tsc --build --clean",
+    "clean:full": "rimraf dist tsconfig.tsbuildinfo",
+    "format": "prettier --write \"src/**/*.+(js|ts|json)\"",
+    "lint": "prettier --check \"src/**/*.+(js|ts|json)\" && eslint ./src",
+    "lint:fix": "prettier --check \"src/**/*.+(js|ts|json)\" && eslint ./src --fix",
+    "replaceTokens": "LATEST=${npm_package_version} tsx ../../scripts/replace-tokens.ts ./packages/client",
     "test": "vitest run",
-    "test:watch": "vitest dev",
-    "test:ui": "vitest --coverage.enabled=true --ui",
     "test:coverage": "vitest run --coverage",
-    "build": "tsc --build",
-    "build:clean": "pnpm run clean && pnpm run build",
-    "build:readme": "LATEST=${npm_package_version} tsx ../shared/scripts/replace-readme-tokens.ts ./packages/client",
-    "replaceTokens": "LATEST=${npm_package_version} tsx ../shared/scripts/replace-tokens.ts ./packages/client",
-    "build:production": "pnpm run build:clean && pnpm run build:readme && pnpm run replaceTokens && echo '' && publint",
-    "format": "prettier --write \"(src|scripts)/**/*.+(js|ts|json)\"",
-    "lint": "eslint ./src",
-    "lint:fix": "pnpm run lint --fix",
-    "upgrade:deps": "ncu --peer -x effect -x @effect/* -i -u"
+    "test:ui": "vitest --coverage.enabled=true --ui",
+    "test:watch": "vitest dev",
+    "typecheck": "tsc --noEmit"
   }
 }