@primitivedotdev/sdk 0.2.4 → 0.4.0

package/dist/api/index.js

@@ -0,0 +1,39 @@
+/**
+ * Primitive API client module.
+ *
+ * Generated operations are exported directly, and `PrimitiveApiClient`
+ * provides a configured fetch client for those operations.
+ */
+import { createClient, createConfig, } from "./generated/client/index.js";
+import * as generatedOperations from "./generated/sdk.gen.js";
+export const DEFAULT_BASE_URL = "https://www.primitive.dev/api/v1";
+function createDefaultAuth(apiKey) {
+    return (security) => {
+        if (security.type === "http" && security.scheme === "bearer") {
+            return apiKey;
+        }
+        return undefined;
+    };
+}
+export class PrimitiveApiClient {
+    client;
+    constructor(options = {}) {
+        const { apiKey, auth, baseUrl = DEFAULT_BASE_URL, ...config } = options;
+        this.client = createClient(createConfig({
+            ...config,
+            auth: auth ?? createDefaultAuth(apiKey),
+            baseUrl,
+        }));
+    }
+    getConfig() {
+        return this.client.getConfig();
+    }
+    setConfig(config) {
+        return this.client.setConfig(config);
+    }
+}
+export function createPrimitiveApiClient(options = {}) {
+    return new PrimitiveApiClient(options);
+}
+export const operations = generatedOperations;
+export * from "./generated/index.js";

package/dist/chunk-Cl8Af3a2.js

@@ -0,0 +1,11 @@
+//#region rolldown:runtime
+var __defProp = Object.defineProperty;
+var __export = (target, all) => {
+	for (var name in all) __defProp(target, name, {
+		get: all[name],
+		enumerable: true
+	});
+};
+
+//#endregion
+export { __export };

package/dist/contract/index.d.ts

@@ -1,5 +1,5 @@
-import { EmailAddress, EmailAnalysis, EmailAuth, EmailReceivedEvent, ParsedDataComplete, ParsedDataFailed, ParsedError, RawContentDownloadOnly, RawContentInline, WebhookAttachment } from "../types-B5IgP-Zx.js";
-import { SignResult, WEBHOOK_VERSION$1 as WEBHOOK_VERSION, signWebhookPayload$1 as signWebhookPayload } from "../index-BdRIHaXz.js";
+import { EmailAddress, EmailAnalysis, EmailAuth, EmailReceivedEvent, ParsedDataComplete, ParsedDataFailed, ParsedError, RawContentDownloadOnly, RawContentInline, WebhookAttachment } from "../types-C3ms4R0d.js";
+import { SignResult, StandardWebhooksSignResult, WEBHOOK_VERSION$1 as WEBHOOK_VERSION, signStandardWebhooksPayload$1 as signStandardWebhooksPayload, signWebhookPayload$1 as signWebhookPayload } from "../index-D2OuDGVz.js";
 
 //#region src/contract/contract.d.ts
 /** Maximum raw email size for inline inclusion (256 KB). */
@@ -147,4 +147,4 @@ declare function buildEmailReceivedEvent(input: EmailReceivedEventInput, options
   /** Override the attempted-at timestamp, typically for tests. */
   attempted_at?: string;
 }): EmailReceivedEvent; //#endregion
-export { EmailAddress, EmailAnalysis, EmailAuth, EmailReceivedEvent, EmailReceivedEventInput, ParsedDataComplete, ParsedDataFailed, ParsedError, ParsedInput, ParsedInputComplete, ParsedInputFailed, RAW_EMAIL_INLINE_THRESHOLD, RawContentDownloadOnly, RawContentInline, SignResult, WEBHOOK_VERSION, WebhookAttachment, buildEmailReceivedEvent, generateEventId, signWebhookPayload };
+export { EmailAddress, EmailAnalysis, EmailAuth, EmailReceivedEvent, EmailReceivedEventInput, ParsedDataComplete, ParsedDataFailed, ParsedError, ParsedInput, ParsedInputComplete, ParsedInputFailed, RAW_EMAIL_INLINE_THRESHOLD, RawContentDownloadOnly, RawContentInline, SignResult, StandardWebhooksSignResult, WEBHOOK_VERSION, WebhookAttachment, buildEmailReceivedEvent, generateEventId, signStandardWebhooksPayload, signWebhookPayload };

package/dist/contract/index.js

@@ -1,4 +1,4 @@
-import { WEBHOOK_VERSION, signWebhookPayload, validateEmailReceivedEvent } from "../webhook-Be2vM0F-.js";
+import { WEBHOOK_VERSION, signStandardWebhooksPayload, signWebhookPayload, validateEmailReceivedEvent } from "../webhook-uSco6pyX.js";
 import { createHash } from "node:crypto";
 
 //#region src/contract/contract.ts
@@ -196,4 +196,4 @@ function buildEmailReceivedEvent(input, options) {
 }
 
 //#endregion
-export { RAW_EMAIL_INLINE_THRESHOLD, WEBHOOK_VERSION, buildEmailReceivedEvent, generateEventId, signWebhookPayload };
+export { RAW_EMAIL_INLINE_THRESHOLD, WEBHOOK_VERSION, buildEmailReceivedEvent, generateEventId, signStandardWebhooksPayload, signWebhookPayload };

package/dist/{index-BdRIHaXz.d.ts → index-D2OuDGVz.d.ts}

@@ -1,4 +1,4 @@
-import { EmailAuth, EmailReceivedEvent, ValidateEmailAuthResult, WebhookEvent } from "./types-B5IgP-Zx.js";
+import { EmailAuth, EmailReceivedEvent, ValidateEmailAuthResult, WebhookEvent } from "./types-C3ms4R0d.js";
 import { ErrorObject } from "ajv";
 
 //#region src/webhook/errors.d.ts
@@ -317,6 +317,82 @@ declare function signWebhookPayload(rawBody: string | Buffer, secret: string | B
  */
 declare function verifyWebhookSignature(opts: VerifyOptions): true;
 
+//#endregion
+//#region src/webhook/standard-webhooks.d.ts
+/**
+ * Standard Webhooks Verification & Signing
+ *
+ * Implements the Standard Webhooks spec (standardwebhooks.com) for webhook
+ * signature verification and payload signing.
+ *
+ * Header format:
+ *   webhook-id: <msg_id>
+ *   webhook-timestamp: <unix_seconds>
+ *   webhook-signature: v1,<base64_hmac_sha256> [v1,<base64_2> ...]
+ *
+ * Signed payload format: "{msg_id}.{timestamp}.{raw_body}"
+ *
+ * Secrets are base64-encoded, optionally prefixed with "whsec_".
+ */
+/** Standard Webhooks header names */
+declare const STANDARD_WEBHOOK_ID_HEADER = "webhook-id";
+declare const STANDARD_WEBHOOK_TIMESTAMP_HEADER = "webhook-timestamp";
+declare const STANDARD_WEBHOOK_SIGNATURE_HEADER = "webhook-signature";
+/**
+ * Result from signing a payload in Standard Webhooks format.
+ */
+interface StandardWebhooksSignResult {
+  /** The webhook-signature header value (e.g. "v1,<base64>") */
+  signature: string;
+  /** The message ID used for signing */
+  msgId: string;
+  /** Unix timestamp used for signing */
+  timestamp: number;
+}
+/**
+ * Options for verifying a Standard Webhooks signature.
+ */
+interface StandardWebhooksVerifyOptions {
+  /** The raw HTTP request body */
+  rawBody: string | Buffer;
+  /** The webhook-id header value */
+  msgId: string;
+  /** The webhook-timestamp header value (string, parsed to number internally) */
+  timestamp: string;
+  /** The webhook-signature header value */
+  signatureHeader: string;
+  /** Your webhook secret (with or without whsec_ prefix) */
+  secret: string | Buffer;
+  /** Max age in seconds (default: 300) */
+  toleranceSeconds?: number;
+  /** Override current time for testing (unix seconds) */
+  nowSeconds?: number;
+}
+/**
+ * Prepare a Standard Webhooks secret for HMAC computation.
+ *
+ * Strips the "whsec_" prefix if present, then base64-decodes the remainder
+ * to produce the raw HMAC key bytes.
+ *
+ * @internal
+ */
+
+/**
+ * Sign a webhook payload using the Standard Webhooks format.
+ *
+ * @param rawBody - The raw JSON body string to sign
+ * @param secret - The webhook secret (with or without whsec_ prefix)
+ * @param msgId - The message ID (used in webhook-id header)
+ * @param timestamp - Unix timestamp in seconds (defaults to current time)
+ */
+declare function signStandardWebhooksPayload(rawBody: string | Buffer, secret: string | Buffer, msgId: string, timestamp?: number): StandardWebhooksSignResult;
+/**
+ * Verify a Standard Webhooks signature.
+ *
+ * Throws `WebhookVerificationError` on failure with a specific error code.
+ */
+declare function verifyStandardWebhooksSignature(opts: StandardWebhooksVerifyOptions): true;
+
 //#endregion
 //#region src/schema.generated.d.ts
 /**
@@ -801,14 +877,14 @@ declare const emailReceivedEventJsonSchema: {
             };
           };
           readonly required: ["score"];
-          readonly description: "SpamAssassin analysis results.";
+          readonly description: "SpamAssassin analysis results.\n\nOptional. Present when the email was processed by a SpamAssassin-equipped pipeline (always present in Primitive's managed service). When absent, spam scoring was not performed on this email.";
         };
         readonly forward: {
           readonly $ref: "#/definitions/ForwardAnalysis";
-          readonly description: "Forward detection and analysis results.";
+          readonly description: "Forward detection and analysis results.\n\nOptional. Present when the email was processed by a forward-detection pipeline (always present in Primitive's managed service). When absent, forward detection was not performed on this email.";
         };
       };
-      readonly description: "Email analysis and classification results.";
+      readonly description: "Email analysis and classification results.\n\nAll properties in this object are optional. Which fields are present depends on the analysis pipeline processing the email. Primitive's managed service populates all fields. Self-hosted or third-party deployments may include some, all, or none of these fields depending on their pipeline configuration.\n\nWhen a field is absent, it means that particular analysis was not performed, not that the analysis produced no results. For example, a missing `spamassassin` field means SpamAssassin was not run, not that the email scored 0.\n\nThese fields may be omitted from the payload entirely but must not be set to null.";
     };
     readonly ForwardAnalysis: {
       readonly type: "object";
@@ -1476,4 +1552,4 @@ declare function decodeRawEmail(event: EmailReceivedEvent, options?: DecodeRawEm
 declare function verifyRawEmailDownload(downloaded: Buffer | ArrayBuffer | Uint8Array, event: EmailReceivedEvent): Buffer;
 
 //#endregion
-export { DecodeRawEmailOptions, HandleWebhookOptions, LEGACY_CONFIRMED_HEADER as LEGACY_CONFIRMED_HEADER$1, LEGACY_SIGNATURE_HEADER as LEGACY_SIGNATURE_HEADER$1, PAYLOAD_ERRORS as PAYLOAD_ERRORS$1, PRIMITIVE_CONFIRMED_HEADER as PRIMITIVE_CONFIRMED_HEADER$1, PRIMITIVE_SIGNATURE_HEADER as PRIMITIVE_SIGNATURE_HEADER$1, PrimitiveWebhookError as PrimitiveWebhookError$1, RAW_EMAIL_ERRORS as RAW_EMAIL_ERRORS$1, RawEmailDecodeError as RawEmailDecodeError$1, RawEmailDecodeErrorCode, SignResult, VERIFICATION_ERRORS as VERIFICATION_ERRORS$1, VerifyOptions, WEBHOOK_VERSION as WEBHOOK_VERSION$1, WebhookErrorCode, WebhookHeaders, WebhookPayloadError as WebhookPayloadError$1, WebhookPayloadErrorCode, WebhookValidationError as WebhookValidationError$1, WebhookValidationErrorCode, WebhookVerificationError as WebhookVerificationError$1, WebhookVerificationErrorCode, confirmedHeaders as confirmedHeaders$1, decodeRawEmail as decodeRawEmail$1, emailReceivedEventJsonSchema as emailReceivedEventJsonSchema$1, getDownloadTimeRemaining as getDownloadTimeRemaining$1, handleWebhook as handleWebhook$1, isDownloadExpired as isDownloadExpired$1, isEmailReceivedEvent as isEmailReceivedEvent$1, isRawIncluded as isRawIncluded$1, parseWebhookEvent as parseWebhookEvent$1, safeValidateEmailReceivedEvent as safeValidateEmailReceivedEvent$1, signWebhookPayload as signWebhookPayload$1, validateEmailAuth as validateEmailAuth$1, validateEmailReceivedEvent as validateEmailReceivedEvent$1, verifyRawEmailDownload as verifyRawEmailDownload$1, verifyWebhookSignature as verifyWebhookSignature$1 };
+export { DecodeRawEmailOptions, HandleWebhookOptions, LEGACY_CONFIRMED_HEADER as LEGACY_CONFIRMED_HEADER$1, LEGACY_SIGNATURE_HEADER as LEGACY_SIGNATURE_HEADER$1, PAYLOAD_ERRORS as PAYLOAD_ERRORS$1, PRIMITIVE_CONFIRMED_HEADER as PRIMITIVE_CONFIRMED_HEADER$1, PRIMITIVE_SIGNATURE_HEADER as PRIMITIVE_SIGNATURE_HEADER$1, PrimitiveWebhookError as PrimitiveWebhookError$1, RAW_EMAIL_ERRORS as RAW_EMAIL_ERRORS$1, RawEmailDecodeError as RawEmailDecodeError$1, RawEmailDecodeErrorCode, STANDARD_WEBHOOK_ID_HEADER as STANDARD_WEBHOOK_ID_HEADER$1, STANDARD_WEBHOOK_SIGNATURE_HEADER as STANDARD_WEBHOOK_SIGNATURE_HEADER$1, STANDARD_WEBHOOK_TIMESTAMP_HEADER as STANDARD_WEBHOOK_TIMESTAMP_HEADER$1, SignResult, StandardWebhooksSignResult, StandardWebhooksVerifyOptions, VERIFICATION_ERRORS as VERIFICATION_ERRORS$1, VerifyOptions, WEBHOOK_VERSION as WEBHOOK_VERSION$1, WebhookErrorCode, WebhookHeaders, WebhookPayloadError as WebhookPayloadError$1, WebhookPayloadErrorCode, WebhookValidationError as WebhookValidationError$1, WebhookValidationErrorCode, WebhookVerificationError as WebhookVerificationError$1, WebhookVerificationErrorCode, confirmedHeaders as confirmedHeaders$1, decodeRawEmail as decodeRawEmail$1, emailReceivedEventJsonSchema as emailReceivedEventJsonSchema$1, getDownloadTimeRemaining as getDownloadTimeRemaining$1, handleWebhook as handleWebhook$1, isDownloadExpired as isDownloadExpired$1, isEmailReceivedEvent as isEmailReceivedEvent$1, isRawIncluded as isRawIncluded$1, parseWebhookEvent as parseWebhookEvent$1, safeValidateEmailReceivedEvent as safeValidateEmailReceivedEvent$1, signStandardWebhooksPayload as signStandardWebhooksPayload$1, signWebhookPayload as signWebhookPayload$1, validateEmailAuth as validateEmailAuth$1, validateEmailReceivedEvent as validateEmailReceivedEvent$1, verifyRawEmailDownload as verifyRawEmailDownload$1, verifyStandardWebhooksSignature as verifyStandardWebhooksSignature$1, verifyWebhookSignature as verifyWebhookSignature$1 };

package/dist/index.d.ts

@@ -1,3 +1,3 @@
-import { AuthConfidence$1 as AuthConfidence, AuthVerdict$1 as AuthVerdict, DkimResult$1 as DkimResult, DkimSignature, DmarcPolicy$1 as DmarcPolicy, DmarcResult$1 as DmarcResult, EmailAddress, EmailAnalysis, EmailAuth, EmailReceivedEvent, EventType$1 as EventType, ForwardAnalysis, ForwardOriginalSender, ForwardResult, ForwardResultAttachmentAnalyzed, ForwardResultAttachmentSkipped, ForwardResultInline, ForwardVerdict$1 as ForwardVerdict, ForwardVerification, KnownWebhookEvent, ParsedData, ParsedDataComplete, ParsedDataFailed, ParsedError, ParsedStatus$1 as ParsedStatus, RawContent, RawContentDownloadOnly, RawContentInline, SpfResult$1 as SpfResult, UnknownEvent, ValidateEmailAuthResult, WebhookAttachment, WebhookEvent } from "./types-B5IgP-Zx.js";
-import { DecodeRawEmailOptions, HandleWebhookOptions, LEGACY_CONFIRMED_HEADER$1 as LEGACY_CONFIRMED_HEADER, LEGACY_SIGNATURE_HEADER$1 as LEGACY_SIGNATURE_HEADER, PAYLOAD_ERRORS$1 as PAYLOAD_ERRORS, PRIMITIVE_CONFIRMED_HEADER$1 as PRIMITIVE_CONFIRMED_HEADER, PRIMITIVE_SIGNATURE_HEADER$1 as PRIMITIVE_SIGNATURE_HEADER, PrimitiveWebhookError$1 as PrimitiveWebhookError, RAW_EMAIL_ERRORS$1 as RAW_EMAIL_ERRORS, RawEmailDecodeError$1 as RawEmailDecodeError, RawEmailDecodeErrorCode, SignResult, VERIFICATION_ERRORS$1 as VERIFICATION_ERRORS, VerifyOptions, WEBHOOK_VERSION$1 as WEBHOOK_VERSION, WebhookErrorCode, WebhookHeaders, WebhookPayloadError$1 as WebhookPayloadError, WebhookPayloadErrorCode, WebhookValidationError$1 as WebhookValidationError, WebhookValidationErrorCode, WebhookVerificationError$1 as WebhookVerificationError, WebhookVerificationErrorCode, confirmedHeaders$1 as confirmedHeaders, decodeRawEmail$1 as decodeRawEmail, emailReceivedEventJsonSchema$1 as emailReceivedEventJsonSchema, getDownloadTimeRemaining$1 as getDownloadTimeRemaining, handleWebhook$1 as handleWebhook, isDownloadExpired$1 as isDownloadExpired, isEmailReceivedEvent$1 as isEmailReceivedEvent, isRawIncluded$1 as isRawIncluded, parseWebhookEvent$1 as parseWebhookEvent, safeValidateEmailReceivedEvent$1 as safeValidateEmailReceivedEvent, signWebhookPayload$1 as signWebhookPayload, validateEmailAuth$1 as validateEmailAuth, validateEmailReceivedEvent$1 as validateEmailReceivedEvent, verifyRawEmailDownload$1 as verifyRawEmailDownload, verifyWebhookSignature$1 as verifyWebhookSignature } from "./index-BdRIHaXz.js";
-export { AuthConfidence, AuthVerdict, DecodeRawEmailOptions, DkimResult, DkimSignature, DmarcPolicy, DmarcResult, EmailAddress, EmailAnalysis, EmailAuth, EmailReceivedEvent, EventType, ForwardAnalysis, ForwardOriginalSender, ForwardResult, ForwardResultAttachmentAnalyzed, ForwardResultAttachmentSkipped, ForwardResultInline, ForwardVerdict, ForwardVerification, HandleWebhookOptions, KnownWebhookEvent, LEGACY_CONFIRMED_HEADER, LEGACY_SIGNATURE_HEADER, PAYLOAD_ERRORS, PRIMITIVE_CONFIRMED_HEADER, PRIMITIVE_SIGNATURE_HEADER, ParsedData, ParsedDataComplete, ParsedDataFailed, ParsedError, ParsedStatus, PrimitiveWebhookError, RAW_EMAIL_ERRORS, RawContent, RawContentDownloadOnly, RawContentInline, RawEmailDecodeError, RawEmailDecodeErrorCode, SignResult, SpfResult, UnknownEvent, VERIFICATION_ERRORS, ValidateEmailAuthResult, VerifyOptions, WEBHOOK_VERSION, WebhookAttachment, WebhookErrorCode, WebhookEvent, WebhookHeaders, WebhookPayloadError, WebhookPayloadErrorCode, WebhookValidationError, WebhookValidationErrorCode, WebhookVerificationError, WebhookVerificationErrorCode, confirmedHeaders, decodeRawEmail, emailReceivedEventJsonSchema, getDownloadTimeRemaining, handleWebhook, isDownloadExpired, isEmailReceivedEvent, isRawIncluded, parseWebhookEvent, safeValidateEmailReceivedEvent, signWebhookPayload, validateEmailAuth, validateEmailReceivedEvent, verifyRawEmailDownload, verifyWebhookSignature };
+import { AuthConfidence$1 as AuthConfidence, AuthVerdict$1 as AuthVerdict, DkimResult$1 as DkimResult, DkimSignature, DmarcPolicy$1 as DmarcPolicy, DmarcResult$1 as DmarcResult, EmailAddress, EmailAnalysis, EmailAuth, EmailReceivedEvent, EventType$1 as EventType, ForwardAnalysis, ForwardOriginalSender, ForwardResult, ForwardResultAttachmentAnalyzed, ForwardResultAttachmentSkipped, ForwardResultInline, ForwardVerdict$1 as ForwardVerdict, ForwardVerification, KnownWebhookEvent, ParsedData, ParsedDataComplete, ParsedDataFailed, ParsedError, ParsedStatus$1 as ParsedStatus, RawContent, RawContentDownloadOnly, RawContentInline, SpfResult$1 as SpfResult, UnknownEvent, ValidateEmailAuthResult, WebhookAttachment, WebhookEvent } from "./types-C3ms4R0d.js";
+import { DecodeRawEmailOptions, HandleWebhookOptions, LEGACY_CONFIRMED_HEADER$1 as LEGACY_CONFIRMED_HEADER, LEGACY_SIGNATURE_HEADER$1 as LEGACY_SIGNATURE_HEADER, PAYLOAD_ERRORS$1 as PAYLOAD_ERRORS, PRIMITIVE_CONFIRMED_HEADER$1 as PRIMITIVE_CONFIRMED_HEADER, PRIMITIVE_SIGNATURE_HEADER$1 as PRIMITIVE_SIGNATURE_HEADER, PrimitiveWebhookError$1 as PrimitiveWebhookError, RAW_EMAIL_ERRORS$1 as RAW_EMAIL_ERRORS, RawEmailDecodeError$1 as RawEmailDecodeError, RawEmailDecodeErrorCode, STANDARD_WEBHOOK_ID_HEADER$1 as STANDARD_WEBHOOK_ID_HEADER, STANDARD_WEBHOOK_SIGNATURE_HEADER$1 as STANDARD_WEBHOOK_SIGNATURE_HEADER, STANDARD_WEBHOOK_TIMESTAMP_HEADER$1 as STANDARD_WEBHOOK_TIMESTAMP_HEADER, SignResult, StandardWebhooksSignResult, StandardWebhooksVerifyOptions, VERIFICATION_ERRORS$1 as VERIFICATION_ERRORS, VerifyOptions, WEBHOOK_VERSION$1 as WEBHOOK_VERSION, WebhookErrorCode, WebhookHeaders, WebhookPayloadError$1 as WebhookPayloadError, WebhookPayloadErrorCode, WebhookValidationError$1 as WebhookValidationError, WebhookValidationErrorCode, WebhookVerificationError$1 as WebhookVerificationError, WebhookVerificationErrorCode, confirmedHeaders$1 as confirmedHeaders, decodeRawEmail$1 as decodeRawEmail, emailReceivedEventJsonSchema$1 as emailReceivedEventJsonSchema, getDownloadTimeRemaining$1 as getDownloadTimeRemaining, handleWebhook$1 as handleWebhook, isDownloadExpired$1 as isDownloadExpired, isEmailReceivedEvent$1 as isEmailReceivedEvent, isRawIncluded$1 as isRawIncluded, parseWebhookEvent$1 as parseWebhookEvent, safeValidateEmailReceivedEvent$1 as safeValidateEmailReceivedEvent, signStandardWebhooksPayload$1 as signStandardWebhooksPayload, signWebhookPayload$1 as signWebhookPayload, validateEmailAuth$1 as validateEmailAuth, validateEmailReceivedEvent$1 as validateEmailReceivedEvent, verifyRawEmailDownload$1 as verifyRawEmailDownload, verifyStandardWebhooksSignature$1 as verifyStandardWebhooksSignature, verifyWebhookSignature$1 as verifyWebhookSignature } from "./index-D2OuDGVz.js";
+export { AuthConfidence, AuthVerdict, DecodeRawEmailOptions, DkimResult, DkimSignature, DmarcPolicy, DmarcResult, EmailAddress, EmailAnalysis, EmailAuth, EmailReceivedEvent, EventType, ForwardAnalysis, ForwardOriginalSender, ForwardResult, ForwardResultAttachmentAnalyzed, ForwardResultAttachmentSkipped, ForwardResultInline, ForwardVerdict, ForwardVerification, HandleWebhookOptions, KnownWebhookEvent, LEGACY_CONFIRMED_HEADER, LEGACY_SIGNATURE_HEADER, PAYLOAD_ERRORS, PRIMITIVE_CONFIRMED_HEADER, PRIMITIVE_SIGNATURE_HEADER, ParsedData, ParsedDataComplete, ParsedDataFailed, ParsedError, ParsedStatus, PrimitiveWebhookError, RAW_EMAIL_ERRORS, RawContent, RawContentDownloadOnly, RawContentInline, RawEmailDecodeError, RawEmailDecodeErrorCode, STANDARD_WEBHOOK_ID_HEADER, STANDARD_WEBHOOK_SIGNATURE_HEADER, STANDARD_WEBHOOK_TIMESTAMP_HEADER, SignResult, SpfResult, StandardWebhooksSignResult, StandardWebhooksVerifyOptions, UnknownEvent, VERIFICATION_ERRORS, ValidateEmailAuthResult, VerifyOptions, WEBHOOK_VERSION, WebhookAttachment, WebhookErrorCode, WebhookEvent, WebhookHeaders, WebhookPayloadError, WebhookPayloadErrorCode, WebhookValidationError, WebhookValidationErrorCode, WebhookVerificationError, WebhookVerificationErrorCode, confirmedHeaders, decodeRawEmail, emailReceivedEventJsonSchema, getDownloadTimeRemaining, handleWebhook, isDownloadExpired, isEmailReceivedEvent, isRawIncluded, parseWebhookEvent, safeValidateEmailReceivedEvent, signStandardWebhooksPayload, signWebhookPayload, validateEmailAuth, validateEmailReceivedEvent, verifyRawEmailDownload, verifyStandardWebhooksSignature, verifyWebhookSignature };

package/dist/index.js

@@ -1,3 +1,3 @@
-import { AuthConfidence, AuthVerdict, DkimResult, DmarcPolicy, DmarcResult, EventType, ForwardVerdict, LEGACY_CONFIRMED_HEADER, LEGACY_SIGNATURE_HEADER, PAYLOAD_ERRORS, PRIMITIVE_CONFIRMED_HEADER, PRIMITIVE_SIGNATURE_HEADER, ParsedStatus, PrimitiveWebhookError, RAW_EMAIL_ERRORS, RawEmailDecodeError, SpfResult, VERIFICATION_ERRORS, WEBHOOK_VERSION, WebhookPayloadError, WebhookValidationError, WebhookVerificationError, confirmedHeaders, decodeRawEmail, emailReceivedEventJsonSchema, getDownloadTimeRemaining, handleWebhook, isDownloadExpired, isEmailReceivedEvent, isRawIncluded, parseWebhookEvent, safeValidateEmailReceivedEvent, signWebhookPayload, validateEmailAuth, validateEmailReceivedEvent, verifyRawEmailDownload, verifyWebhookSignature } from "./webhook-Be2vM0F-.js";
+import { AuthConfidence, AuthVerdict, DkimResult, DmarcPolicy, DmarcResult, EventType, ForwardVerdict, LEGACY_CONFIRMED_HEADER, LEGACY_SIGNATURE_HEADER, PAYLOAD_ERRORS, PRIMITIVE_CONFIRMED_HEADER, PRIMITIVE_SIGNATURE_HEADER, ParsedStatus, PrimitiveWebhookError, RAW_EMAIL_ERRORS, RawEmailDecodeError, STANDARD_WEBHOOK_ID_HEADER, STANDARD_WEBHOOK_SIGNATURE_HEADER, STANDARD_WEBHOOK_TIMESTAMP_HEADER, SpfResult, VERIFICATION_ERRORS, WEBHOOK_VERSION, WebhookPayloadError, WebhookValidationError, WebhookVerificationError, confirmedHeaders, decodeRawEmail, emailReceivedEventJsonSchema, getDownloadTimeRemaining, handleWebhook, isDownloadExpired, isEmailReceivedEvent, isRawIncluded, parseWebhookEvent, safeValidateEmailReceivedEvent, signStandardWebhooksPayload, signWebhookPayload, validateEmailAuth, validateEmailReceivedEvent, verifyRawEmailDownload, verifyStandardWebhooksSignature, verifyWebhookSignature } from "./webhook-uSco6pyX.js";
 
-export { AuthConfidence, AuthVerdict, DkimResult, DmarcPolicy, DmarcResult, EventType, ForwardVerdict, LEGACY_CONFIRMED_HEADER, LEGACY_SIGNATURE_HEADER, PAYLOAD_ERRORS, PRIMITIVE_CONFIRMED_HEADER, PRIMITIVE_SIGNATURE_HEADER, ParsedStatus, PrimitiveWebhookError, RAW_EMAIL_ERRORS, RawEmailDecodeError, SpfResult, VERIFICATION_ERRORS, WEBHOOK_VERSION, WebhookPayloadError, WebhookValidationError, WebhookVerificationError, confirmedHeaders, decodeRawEmail, emailReceivedEventJsonSchema, getDownloadTimeRemaining, handleWebhook, isDownloadExpired, isEmailReceivedEvent, isRawIncluded, parseWebhookEvent, safeValidateEmailReceivedEvent, signWebhookPayload, validateEmailAuth, validateEmailReceivedEvent, verifyRawEmailDownload, verifyWebhookSignature };
+export { AuthConfidence, AuthVerdict, DkimResult, DmarcPolicy, DmarcResult, EventType, ForwardVerdict, LEGACY_CONFIRMED_HEADER, LEGACY_SIGNATURE_HEADER, PAYLOAD_ERRORS, PRIMITIVE_CONFIRMED_HEADER, PRIMITIVE_SIGNATURE_HEADER, ParsedStatus, PrimitiveWebhookError, RAW_EMAIL_ERRORS, RawEmailDecodeError, STANDARD_WEBHOOK_ID_HEADER, STANDARD_WEBHOOK_SIGNATURE_HEADER, STANDARD_WEBHOOK_TIMESTAMP_HEADER, SpfResult, VERIFICATION_ERRORS, WEBHOOK_VERSION, WebhookPayloadError, WebhookValidationError, WebhookVerificationError, confirmedHeaders, decodeRawEmail, emailReceivedEventJsonSchema, getDownloadTimeRemaining, handleWebhook, isDownloadExpired, isEmailReceivedEvent, isRawIncluded, parseWebhookEvent, safeValidateEmailReceivedEvent, signStandardWebhooksPayload, signWebhookPayload, validateEmailAuth, validateEmailReceivedEvent, verifyRawEmailDownload, verifyStandardWebhooksSignature, verifyWebhookSignature };

package/dist/oclif/api-command.js

@@ -0,0 +1,218 @@
+import { readFileSync, writeFileSync } from "node:fs";
+import { Command, Errors, Flags } from "@oclif/core";
+import { operations, PrimitiveApiClient } from "../api/index.js";
+function flagName(parameterName) {
+    return parameterName.replace(/_/g, "-");
+}
+function flagDescription(parameter) {
+    return parameter.description ?? parameter.name;
+}
+export function flagForParameter(parameter) {
+    const common = {
+        description: flagDescription(parameter),
+        required: parameter.required,
+    };
+    if (parameter.type === "boolean") {
+        return Flags.boolean(common);
+    }
+    if (parameter.type === "integer") {
+        return Flags.integer(common);
+    }
+    if (parameter.enum && parameter.enum.length > 0) {
+        return Flags.string({ ...common, options: parameter.enum });
+    }
+    return Flags.string(common);
+}
+function coerceParameterValue(parameter, value) {
+    if (value === undefined) {
+        return undefined;
+    }
+    if (parameter.type === "number") {
+        if (typeof value === "number") {
+            return value;
+        }
+        const parsed = Number(value);
+        if (Number.isNaN(parsed)) {
+            throw new Errors.CLIError(`Invalid number for --${parameter.name}: ${value}`);
+        }
+        return parsed;
+    }
+    if (typeof value === "boolean" ||
+        typeof value === "number" ||
+        typeof value === "string") {
+        return value;
+    }
+    throw new Errors.CLIError(`Unsupported flag value for --${parameter.name}`);
+}
+function cliError(message) {
+    return new Errors.CLIError(message, { exit: 1 });
+}
+function parseJson(source, flagLabel) {
+    try {
+        return JSON.parse(source);
+    }
+    catch (error) {
+        const detail = error instanceof Error ? error.message : String(error);
+        throw cliError(`${flagLabel} is not valid JSON: ${detail}`);
+    }
+}
+export function readJsonBody(flags) {
+    const bodyFile = flags["body-file"];
+    const body = flags.body;
+    if (bodyFile && body) {
+        throw cliError("Use either --body or --body-file, not both");
+    }
+    if (typeof bodyFile === "string") {
+        let contents;
+        try {
+            contents = readFileSync(bodyFile, "utf8");
+        }
+        catch (error) {
+            const detail = error instanceof Error ? error.message : String(error);
+            throw cliError(`Could not read --body-file ${bodyFile}: ${detail}`);
+        }
+        return parseJson(contents, `--body-file ${bodyFile}`);
+    }
+    if (typeof body === "string") {
+        return parseJson(body, "--body");
+    }
+    return undefined;
+}
+export function extractErrorPayload(raw) {
+    if (raw &&
+        typeof raw === "object" &&
+        !(raw instanceof Error) &&
+        "error" in raw) {
+        const inner = raw.error;
+        if (inner !== null && inner !== undefined) {
+            return inner;
+        }
+    }
+    return raw;
+}
+function extractCauseDetails(cause) {
+    const details = {};
+    let code;
+    if (!cause || typeof cause !== "object") {
+        return { details };
+    }
+    for (const [key, value] of Object.entries(cause)) {
+        if (typeof value === "string" || typeof value === "number") {
+            details[key] = value;
+            if (key === "code" && typeof value === "string") {
+                code = value;
+            }
+        }
+    }
+    return { code, details };
+}
+export function formatErrorPayload(payload) {
+    if (payload instanceof Error) {
+        const { code, details } = extractCauseDetails(payload.cause);
+        const body = {
+            code: code ?? "client_error",
+            message: payload.message || payload.name || String(payload),
+        };
+        if (Object.keys(details).length > 0) {
+            body.cause = details;
+        }
+        return JSON.stringify(body, null, 2);
+    }
+    return JSON.stringify(payload, null, 2);
+}
+function buildFlags(operation) {
+    const flags = {
+        "api-key": Flags.string({
+            description: "Primitive API key (defaults to PRIMITIVE_API_KEY)",
+            env: "PRIMITIVE_API_KEY",
+        }),
+        "base-url": Flags.string({
+            description: "API base URL (defaults to PRIMITIVE_API_URL or production)",
+            env: "PRIMITIVE_API_URL",
+        }),
+    };
+    for (const parameter of [...operation.pathParams, ...operation.queryParams]) {
+        flags[flagName(parameter.name)] = flagForParameter(parameter);
+    }
+    if (operation.hasJsonBody) {
+        flags.body = Flags.string({ description: "JSON request body" });
+        flags["body-file"] = Flags.string({
+            description: "Path to a JSON file used as the request body",
+        });
+    }
+    if (operation.binaryResponse) {
+        flags.output = Flags.string({
+            description: "Write binary response bytes to a file",
+        });
+    }
+    return flags;
+}
+function collectValues(parameters, flags) {
+    const values = {};
+    for (const parameter of parameters) {
+        const value = coerceParameterValue(parameter, flags[flagName(parameter.name)]);
+        if (value !== undefined) {
+            values[parameter.name] = value;
+        }
+    }
+    return values;
+}
+export function createOperationCommand(operation) {
+    const flags = buildFlags(operation);
+    class OperationCommand extends Command {
+        static description = operation.description ?? `${operation.method} ${operation.path}`;
+        static flags = flags;
+        static summary = operation.summary ?? `${operation.method} ${operation.path}`;
+        async run() {
+            const { flags } = await this.parse(OperationCommand);
+            const parsedFlags = flags;
+            const apiClient = new PrimitiveApiClient({
+                apiKey: typeof parsedFlags["api-key"] === "string"
+                    ? parsedFlags["api-key"]
+                    : undefined,
+                baseUrl: typeof parsedFlags["base-url"] === "string"
+                    ? parsedFlags["base-url"]
+                    : undefined,
+            });
+            const body = operation.hasJsonBody
+                ? readJsonBody(parsedFlags)
+                : undefined;
+            if (operation.bodyRequired && body === undefined) {
+                throw new Errors.CLIError(`Operation ${operation.operationId} requires --body or --body-file`);
+            }
+            const operationFn = operations[operation.sdkName];
+            const result = await operationFn({
+                body,
+                client: apiClient.client,
+                parseAs: operation.binaryResponse ? "blob" : "auto",
+                path: collectValues(operation.pathParams, parsedFlags),
+                query: collectValues(operation.queryParams, parsedFlags),
+                responseStyle: "fields",
+            });
+            if (result.error) {
+                const errorPayload = extractErrorPayload(result.error);
+                process.stderr.write(`${formatErrorPayload(errorPayload)}\n`);
+                process.exitCode = 1;
+                return;
+            }
+            if (operation.binaryResponse) {
+                const blob = result.data;
+                const bytes = Buffer.from(await blob.arrayBuffer());
+                const output = parsedFlags.output;
+                if (typeof output === "string") {
+                    writeFileSync(output, bytes);
+                    return;
+                }
+                process.stdout.write(bytes);
+                return;
+            }
+            const envelope = result.data;
+            const cursor = envelope?.meta?.cursor;
+            if (cursor) {
+                process.stderr.write(`next cursor: ${cursor}\n`);
+            }
+            this.log(JSON.stringify(envelope?.data ?? null, null, 2));
+        }
+    }
+    return OperationCommand;
+}

package/dist/oclif/fish-completion.js

@@ -0,0 +1,87 @@
+import { openapiDocument, operationManifest, } from "../openapi/index.js";
+function fishEscape(value) {
+    return value.replace(/\\/g, "\\\\").replace(/'/g, "\\'");
+}
+function toKebabCase(value) {
+    return value
+        .replace(/([a-z0-9])([A-Z])/g, "$1-$2")
+        .replace(/[^a-zA-Z0-9]+/g, "-")
+        .replace(/^-+|-+$/g, "")
+        .toLowerCase();
+}
+function tagDescriptions() {
+    const descriptions = new Map();
+    const tags = (openapiDocument.tags ??
+        []);
+    for (const tag of tags) {
+        if (tag.name) {
+            descriptions.set(toKebabCase(tag.name), tag.description ?? tag.name);
+        }
+    }
+    return descriptions;
+}
+function operationCondition(operation) {
+    return `__fish_${fishEscape(BIN_PLACEHOLDER)}_using_operation ${fishEscape(operation.tagCommand)} ${fishEscape(operation.command)}`;
+}
+const BIN_PLACEHOLDER = "__BIN__";
+export function renderFishCompletion(binName) {
+    const tagDescriptionByCommand = tagDescriptions();
+    const topLevelTopics = [
+        ...new Set(operationManifest.map((operation) => operation.tagCommand)),
+    ];
+    const lines = [
+        `function __fish_${binName}_needs_command`,
+        "  set -l cmd (commandline -opc)",
+        "  test (count $cmd) -le 1",
+        "end",
+        "",
+        `function __fish_${binName}_topic_needs_subcommand`,
+        "  set -l cmd (commandline -opc)",
+        "  test (count $cmd) -eq 2",
+        '  and test "$cmd[2]" = "$argv[1]"',
+        "end",
+        "",
+        `function __fish_${binName}_using_operation`,
+        "  set -l cmd (commandline -opc)",
+        "  test (count $cmd) -ge 3",
+        '  and test "$cmd[2]" = "$argv[1]"',
+        '  and test "$cmd[3]" = "$argv[2]"',
+        "end",
+        "",
+        `function __fish_${binName}_using_root_command`,
+        "  set -l cmd (commandline -opc)",
+        "  test (count $cmd) -eq 2",
+        '  and test "$cmd[2]" = "$argv[1]"',
+        "end",
+        "",
+        `complete -c ${binName} -f -n '__fish_${binName}_needs_command' -a 'list-operations' -d 'List all generated API operations'`,
+        `complete -c ${binName} -f -n '__fish_${binName}_needs_command' -a 'completion' -d 'Show shell completion output or installation instructions'`,
+        `complete -c ${binName} -f -n '__fish_${binName}_needs_command' -a 'autocomplete' -d 'Install or display shell autocomplete for bash, zsh, and powershell'`,
+        `complete -c ${binName} -f -n '__fish_${binName}_needs_command' -a 'help' -d 'Display help for ${binName}'`,
+    ];
+    for (const topic of topLevelTopics) {
+        lines.push(`complete -c ${binName} -f -n '__fish_${binName}_needs_command' -a '${fishEscape(topic)}' -d '${fishEscape(tagDescriptionByCommand.get(topic) ?? topic)}'`);
+    }
+    lines.push(`complete -c ${binName} -f -n '__fish_${binName}_using_root_command completion' -a 'bash zsh powershell fish' -d 'Shell type'`);
+    for (const topic of topLevelTopics) {
+        const topicOperations = operationManifest.filter((operation) => operation.tagCommand === topic);
+        for (const operation of topicOperations) {
+            lines.push(`complete -c ${binName} -f -n '__fish_${binName}_topic_needs_subcommand ${fishEscape(topic)}' -a '${fishEscape(operation.command)}' -d '${fishEscape(operation.summary ?? `${operation.method} ${operation.path}`)}'`);
+            for (const parameter of [
+                ...operation.pathParams,
+                ...operation.queryParams,
+            ]) {
+                lines.push(`complete -c ${binName} -n '${operationCondition(operation).replace(BIN_PLACEHOLDER, binName)}' -l '${fishEscape(parameter.name.replace(/_/g, "-"))}' -r -d '${fishEscape(parameter.description ?? parameter.name)}'`);
+            }
+            lines.push(`complete -c ${binName} -n '${operationCondition(operation).replace(BIN_PLACEHOLDER, binName)}' -l 'api-key' -r -d 'Primitive API key (defaults to PRIMITIVE_API_KEY)'`, `complete -c ${binName} -n '${operationCondition(operation).replace(BIN_PLACEHOLDER, binName)}' -l 'base-url' -r -d 'API base URL (defaults to PRIMITIVE_API_URL or production)'`);
+            if (operation.hasJsonBody) {
+                lines.push(`complete -c ${binName} -n '${operationCondition(operation).replace(BIN_PLACEHOLDER, binName)}' -l 'body' -r -d 'JSON request body'`, `complete -c ${binName} -n '${operationCondition(operation).replace(BIN_PLACEHOLDER, binName)}' -l 'body-file' -r -d 'Path to a JSON file used as the request body'`);
+            }
+            if (operation.binaryResponse) {
+                lines.push(`complete -c ${binName} -n '${operationCondition(operation).replace(BIN_PLACEHOLDER, binName)}' -l 'output' -r -d 'Write binary response bytes to a file'`);
+            }
+        }
+    }
+    lines.push(`complete -c ${binName} -l help -d 'Show help for ${binName}'`, `complete -c ${binName} -l version -d 'Show version for ${binName}'`);
+    return `${lines.join("\n")}\n`;
+}

package/dist/oclif/index.js

@@ -0,0 +1,42 @@
+import { Args, Command } from "@oclif/core";
+import { operationManifest, } from "../openapi/index.js";
+import { createOperationCommand } from "./api-command.js";
+import { renderFishCompletion } from "./fish-completion.js";
+class ListOperationsCommand extends Command {
+    static description = "List all generated API operations";
+    static summary = "List all generated API operations";
+    async run() {
+        this.log(JSON.stringify(operationManifest, null, 2));
+    }
+}
+class CompletionCommand extends Command {
+    static args = {
+        shell: Args.string({
+            description: "Shell type",
+            options: ["bash", "zsh", "powershell", "fish"],
+            required: true,
+        }),
+    };
+    static description = "Show shell completion output or installation instructions for supported shells";
+    static summary = "Show shell completion output or installation instructions";
+    async run() {
+        const { args } = await this.parse(CompletionCommand);
+        if (args.shell === "fish") {
+            this.log(renderFishCompletion(this.config.bin));
+            return;
+        }
+        await this.config.runCommand("autocomplete", [args.shell]);
+    }
+}
+function commandId(operation) {
+    return `${operation.tagCommand}:${operation.command}`;
+}
+const generatedCommands = Object.fromEntries(operationManifest.map((operation) => [
+    commandId(operation),
+    createOperationCommand(operation),
+]));
+export const COMMANDS = {
+    completion: CompletionCommand,
+    "list-operations": ListOperationsCommand,
+    ...generatedCommands,
+};

package/dist/openapi/index.d.ts

@@ -0,0 +1,42 @@
+//#region src/openapi/openapi.generated.d.ts
+/**
+ * OpenAPI document for the Primitive API.
+ *
+ * AUTO-GENERATED - DO NOT EDIT
+ * Run `pnpm generate:openapi` to regenerate.
+ */
+declare const openapiDocument: Record<string, unknown>;
+
+//#endregion
+//#region src/openapi/operations.generated.d.ts
+/**
+ * Generated operation metadata for the Primitive API CLI and SDK tooling.
+ *
+ * AUTO-GENERATED - DO NOT EDIT
+ * Run `pnpm generate:openapi` to regenerate.
+ */
+type PrimitiveParameterManifest = {
+  description: string | null;
+  enum: string[] | null;
+  name: string;
+  required: boolean;
+  type: string;
+};
+type PrimitiveOperationManifest = {
+  binaryResponse: boolean;
+  bodyRequired: boolean;
+  command: string;
+  description: string | null;
+  hasJsonBody: boolean;
+  method: string;
+  operationId: string;
+  path: string;
+  pathParams: PrimitiveParameterManifest[];
+  queryParams: PrimitiveParameterManifest[];
+  sdkName: string;
+  summary: string | null;
+  tag: string;
+  tagCommand: string;
+};
+declare const operationManifest: PrimitiveOperationManifest[]; //#endregion
+export { PrimitiveOperationManifest, PrimitiveParameterManifest, openapiDocument, operationManifest };

package/dist/openapi/index.js

@@ -0,0 +1,8 @@
+/**
+ * OpenAPI distribution module.
+ *
+ * Use this subpath when you need the canonical Primitive API specification,
+ * for example to serve it from another application.
+ */
+export { openapiDocument } from "./openapi.generated.js";
+export { operationManifest, } from "./operations.generated.js";