@proveanything/smartlinks 1.13.5 → 1.13.8

package/README.md

@@ -75,13 +75,13 @@ initializeApi({
 List public collections and fetch products:
 
 ```ts
-import { collection, product } from '@proveanything/smartlinks'
+import { collection, products } from '@proveanything/smartlinks'
 
 const collections = await collection.list(false) // public endpoint
 const first = collections[0]
 if (first) {
-  const products = await product.list(first.id, false) // public endpoint
-  console.log('First product:', products[0])
+  const items = await products.list(first.id, false) // public endpoint
+  console.log('First product:', items[0])
 }
 ```
 
@@ -90,28 +90,51 @@ if (first) {
 **Public storefront or portal experience**
 
 ```ts
-import { initializeApi, collection, product } from '@proveanything/smartlinks'
+import { initializeApi, collection, products } from '@proveanything/smartlinks'
 
 initializeApi({ baseURL: 'https://smartlinks.app/api/v1' })
 
 const collections = await collection.list(false)
-const products = await product.list('collectionId', false)
+const items = await products.list('collectionId', false)
 ```
 
 **Server-side admin scripts or back office tools**
 
 ```ts
-import { initializeApi, product } from '@proveanything/smartlinks'
+import { initializeApi, products } from '@proveanything/smartlinks'
 
 initializeApi({
   baseURL: 'https://smartlinks.app/api/v1',
   apiKey: process.env.SMARTLINKS_API_KEY,
 })
 
-const created = await product.create('collectionId', { name: 'New product' })
+const created = await products.create('collectionId', { name: 'New product' })
 console.log(created.id)
 ```
 
+### Product API migration: use products (plural)
+
+The SDK keeps `product` (singular) for backward compatibility, but it is deprecated.
+For all new integrations, use `products` (plural).
+
+```ts
+// Preferred
+import { products } from '@proveanything/smartlinks'
+
+await products.get(collectionId, productId, false)
+await products.list(collectionId, false)
+await products.query(collectionId, { query: { search: 'cabernet' } })
+```
+
+Quick mapping:
+
+- `product.get` -> `products.get`
+- `product.list` -> `products.list`
+- `product.create` -> `products.create`
+- `product.update` -> `products.update`
+- `product.remove` -> `products.remove`
+- `product.find` / `product.publicFind` -> `products.query` / `products.get`
+
 **AI-powered assistant or setup flow**
 
 ```ts
@@ -181,10 +204,10 @@ The SDK automatically normalizes various server error response formats into a co
 // { error: "..." }
 
 // All are normalized to SmartlinksApiError with consistent access:
-import { SmartlinksApiError, product } from '@proveanything/smartlinks'
+import { SmartlinksApiError, products } from '@proveanything/smartlinks'
 
 try {
-  const item = await product.get('collectionId', 'productId', false)
+  const item = await products.get('collectionId', 'productId', false)
 } catch (error) {
   if (error instanceof SmartlinksApiError) {
     console.error({
@@ -286,15 +309,15 @@ For complete documentation, see [docs/utils.md](docs/utils.md).
 ### Products
 
 ```ts
-import { product } from '@proveanything/smartlinks'
+import { products } from '@proveanything/smartlinks'
 
 // Public fetch
-const item = await product.get('collectionId', 'productId', false)
+const item = await products.get('collectionId', 'productId', false)
 
 // Admin create/update/delete (requires auth)
-await product.create('collectionId', { name: 'New product' })
-await product.update('collectionId', 'productId', { description: 'Updated' })
-await product.remove('collectionId', 'productId')
+await products.create('collectionId', { name: 'New product' })
+await products.update('collectionId', 'productId', { description: 'Updated' })
+await products.remove('collectionId', 'productId')
 ```
 
 ### Assets

package/dist/README.md

@@ -38,16 +38,21 @@ initializeApi({
 List public collections and fetch products:
 
 ```ts
-import { collection, product } from '@proveanything/smartlinks'
+import { collection, products } from '@proveanything/smartlinks'
 
 const collections = await collection.list(false) // public endpoint
 const first = collections[0]
 if (first) {
-  const products = await product.list(first.id, false) // public endpoint
-  console.log('First product:', products[0])
+  const items = await products.list(first.id, false) // public endpoint
+  console.log('First product:', items[0])
 }
 ```
 
+### Product API migration: use products (plural)
+
+The SDK keeps `product` (singular) for backward compatibility, but it is deprecated.
+For all new integrations, use `products` (plural).
+
 ## Authentication
 
 Use the built-in helpers to log in and verify tokens. After a successful login, the SDK stores the bearer token for subsequent calls.
@@ -100,10 +105,10 @@ The SDK automatically normalizes various server error response formats into a co
 // { error: "..." }
 
 // All are normalized to SmartlinksApiError with consistent access:
-import { SmartlinksApiError, product } from '@proveanything/smartlinks'
+import { SmartlinksApiError, products } from '@proveanything/smartlinks'
 
 try {
-  const item = await product.get('collectionId', 'productId', false)
+  const item = await products.get('collectionId', 'productId', false)
 } catch (error) {
   if (error instanceof SmartlinksApiError) {
     console.error({
@@ -160,15 +165,15 @@ For comprehensive error handling examples and migration guidance, see:
 ### Products
 
 ```ts
-import { product } from '@proveanything/smartlinks'
+import { products } from '@proveanything/smartlinks'
 
 // Public fetch
-const item = await product.get('collectionId', 'productId', false)
+const item = await products.get('collectionId', 'productId', false)
 
 // Admin create/update/delete (requires auth)
-await product.create('collectionId', { name: 'New product' })
-await product.update('collectionId', 'productId', { description: 'Updated' })
-await product.remove('collectionId', 'productId')
+await products.create('collectionId', { name: 'New product' })
+await products.update('collectionId', 'productId', { description: 'Updated' })
+await products.remove('collectionId', 'productId')
 ```
 
 ### Assets

package/dist/api/analytics.js

@@ -276,7 +276,7 @@ function queueAnalytics(path, body, options) {
     const preferBeacon = (options === null || options === void 0 ? void 0 : options.preferBeacon) !== false;
     if (typeof navigator !== 'undefined' && typeof navigator.sendBeacon === 'function' && preferBeacon) {
         try {
-            const blob = new Blob([payload], { type: 'application/json' });
+            const blob = new Blob([payload], { type: 'text/plain;charset=UTF-8' });
             const queued = navigator.sendBeacon(url, blob);
             if (queued)
                 return { queued: true, transport: 'beacon' };
@@ -287,9 +287,12 @@ function queueAnalytics(path, body, options) {
     if (typeof fetch === 'function') {
         void fetch(url, {
             method: 'POST',
-            headers: Object.assign({ 'Content-Type': 'application/json' }, headers),
-            body: payload,
+            mode: 'cors',
             keepalive: true,
+            headers: {
+                'Content-Type': 'text/plain;charset=UTF-8',
+            },
+            body: payload,
         }).catch(() => { });
         return { queued: true, transport: 'fetch' };
     }

package/dist/api/appObjects.d.ts

@@ -107,6 +107,9 @@ export declare namespace app {
         /**
          * List records with optional query parameters
          * GET /records
+          *
+          * Public/owner callers only receive records with `status: "active"`.
+          * Admin callers can query all statuses (for example `draft`/`archived`).
          */
         function list(collectionId: string, appId: string, params?: RecordListQueryParams, admin?: boolean): Promise<PaginatedResponse<AppRecord>>;
         /**
@@ -196,7 +199,7 @@ export declare namespace app {
          * ordered by specificity descending (most specific first).
          * POST /records/match
          *
-         * @param admin - false for public endpoint (visibility-filtered), true for admin
+        * @param admin - false for public endpoint (visibility-filtered, active-only), true for admin
          *
          * @example
          * ```ts
@@ -245,7 +248,7 @@ export declare namespace app {
          * deduplicated and sorted by specificity descending.
          * POST /records/resolve-all
          *
-         * @param admin - false for public (visibility-filtered), true for admin (all records)
+          * @param admin - false for public (visibility-filtered, active-only), true for admin (all statuses)
          */
         function resolveAll(collectionId: string, appId: string, input: ResolveAllParams, admin?: boolean): Promise<ResolveAllResult>;
         /**

package/dist/api/appObjects.js

@@ -203,6 +203,9 @@ export var app;
         /**
          * List records with optional query parameters
          * GET /records
+          *
+          * Public/owner callers only receive records with `status: "active"`.
+          * Admin callers can query all statuses (for example `draft`/`archived`).
          */
         async function list(collectionId, appId, params, admin = false) {
             const path = basePath(collectionId, appId, admin);
@@ -323,7 +326,7 @@ export var app;
          * ordered by specificity descending (most specific first).
          * POST /records/match
          *
-         * @param admin - false for public endpoint (visibility-filtered), true for admin
+        * @param admin - false for public endpoint (visibility-filtered, active-only), true for admin
          *
          * @example
          * ```ts
@@ -384,7 +387,7 @@ export var app;
          * deduplicated and sorted by specificity descending.
          * POST /records/resolve-all
          *
-         * @param admin - false for public (visibility-filtered), true for admin (all records)
+          * @param admin - false for public (visibility-filtered, active-only), true for admin (all statuses)
          */
         async function resolveAll(collectionId, appId, input, admin = false) {
             const path = `${basePath(collectionId, appId, admin)}/resolve-all`;

package/dist/api/asset.js

@@ -9,9 +9,20 @@ var __rest = (this && this.__rest) || function (s, e) {
         }
     return t;
 };
-import { request, post, put, del, getApiHeaders, isProxyEnabled, proxyUploadFormData } from "../http";
+import { request, post, put, del, getApiHeaders, getBaseURL, isProxyEnabled, proxyUploadFormData } from "../http";
 export var asset;
 (function (asset) {
+    function resolveApiUrl(path) {
+        const configuredBase = getBaseURL();
+        if (configuredBase) {
+            return `${configuredBase}${path}`;
+        }
+        // Backward compatibility for legacy browser integrations that set a global base URL.
+        if (typeof window !== 'undefined' && window.SMARTLINKS_API_BASEURL) {
+            return `${window.SMARTLINKS_API_BASEURL}${path}`;
+        }
+        throw new Error('HTTP client is not initialized. Call initializeApi(...) first.');
+    }
     /**
      * Error type for asset uploads
      */
@@ -55,9 +66,7 @@ export var asset;
             formData.append("metadata", JSON.stringify(options.metadata));
         // If progress callback provided and NOT in proxy mode, use XHR for progress events (browser-only)
         if (options.onProgress && typeof window !== "undefined" && !isProxyEnabled()) {
-            const url = (typeof window !== "undefined" && window.SMARTLINKS_API_BASEURL)
-                ? window.SMARTLINKS_API_BASEURL + path
-                : path;
+            const url = resolveApiUrl(path);
             const headers = getApiHeaders ? getApiHeaders() : {};
             return new Promise((resolve, reject) => {
                 const xhr = new XMLHttpRequest();
@@ -346,9 +355,7 @@ export var asset;
         const formData = new FormData();
         formData.append('file', options.file);
         if (options.onProgress && typeof window !== 'undefined' && !isProxyEnabled()) {
-            const url = (typeof window !== 'undefined' && window.SMARTLINKS_API_BASEURL)
-                ? window.SMARTLINKS_API_BASEURL + path
-                : path;
+            const url = resolveApiUrl(path);
             const headers = getApiHeaders ? getApiHeaders() : {};
             return new Promise((resolve, reject) => {
                 const xhr = new XMLHttpRequest();
@@ -469,9 +476,7 @@ export var asset;
         if (options.metadata)
             formData.append('metadata', JSON.stringify(options.metadata));
         if (options.onProgress && typeof window !== 'undefined' && !isProxyEnabled()) {
-            const baseUrl = (typeof window !== 'undefined' && window.SMARTLINKS_API_BASEURL)
-                ? window.SMARTLINKS_API_BASEURL + path
-                : path;
+            const baseUrl = resolveApiUrl(path);
             const headers = Object.assign(Object.assign({}, getApiHeaders()), { 'X-Upload-Token': options.tokenId });
             return new Promise((resolve, reject) => {
                 const xhr = new XMLHttpRequest();
@@ -508,9 +513,7 @@ export var asset;
         }
         // Pass the token as a header via a custom fetch; post() doesn't accept extra headers,
         // so we build the request manually using the same base URL resolution.
-        const baseUrl = (typeof window !== 'undefined' && window.SMARTLINKS_API_BASEURL)
-            ? window.SMARTLINKS_API_BASEURL + path
-            : path;
+        const baseUrl = resolveApiUrl(path);
         const headers = Object.assign(Object.assign({}, getApiHeaders()), { 'X-Upload-Token': options.tokenId });
         const response = await fetch(baseUrl, { method: 'POST', headers, body: formData });
         if (!response.ok) {

package/dist/api/authKit.d.ts

@@ -1,4 +1,4 @@
-import type { AuthLoginResponse, PhoneSendCodeResponse, PhoneVerifyResponse, PasswordResetRequestResponse, VerifyResetTokenResponse, PasswordResetCompleteResponse, EmailVerificationActionResponse, EmailVerifyTokenResponse, AuthKitConfig, MagicLinkSendResponse, MagicLinkVerifyResponse, UserProfile, ProfileUpdateData, SuccessResponse } from "../types/authKit";
+import type { AuthLoginResponse, PhoneSendCodeResponse, PhoneVerifyResponse, PasswordResetRequestResponse, VerifyResetTokenResponse, PasswordResetCompleteResponse, EmailVerificationActionResponse, EmailVerifyTokenResponse, AuthKitConfig, MagicLinkSendResponse, MagicLinkVerifyResponse, UserProfile, ProfileUpdateData, SuccessResponse, SendWhatsAppRequest, SendWhatsAppResponse, VerifyWhatsAppResponse, WhatsAppStatusResponse, SendSmsVerifyRequest, SendSmsVerifyResponse, VerifySmsResponse, UpsertContactRequest, UpsertContactResponse } from "../types/authKit";
 /**
  * Namespace containing helper functions for the new AuthKit API.
  * Legacy collection-based authKit helpers retained (marked as *Legacy*).
@@ -27,6 +27,18 @@ export declare namespace authKit {
     function sendPhoneCode(clientId: string, phoneNumber: string): Promise<PhoneSendCodeResponse>;
     /** Verify phone verification code (public). */
     function verifyPhoneCode(clientId: string, phoneNumber: string, code: string): Promise<PhoneVerifyResponse>;
+    /** Send a WhatsApp verification deep-link (public). */
+    function sendWhatsApp(clientId: string, body: SendWhatsAppRequest): Promise<SendWhatsAppResponse>;
+    /** Manually verify WhatsApp token if inbound webhook path is unavailable (public). */
+    function verifyWhatsApp(clientId: string, token: string, phoneNumber: string): Promise<VerifyWhatsAppResponse>;
+    /** Poll WhatsApp verification status for a token (public). */
+    function getWhatsAppStatus(clientId: string, token: string): Promise<WhatsAppStatusResponse>;
+    /** Send an SMS click-to-verify link (public). */
+    function sendSmsVerify(clientId: string, body: SendSmsVerifyRequest): Promise<SendSmsVerifyResponse>;
+    /** Verify an SMS click-to-verify token via API (public). */
+    function verifySms(clientId: string, token: string, phoneNumber?: string): Promise<VerifySmsResponse>;
+    /** Upsert contact identity after lightweight verification (public). */
+    function upsertContact(clientId: string, body: UpsertContactRequest): Promise<UpsertContactResponse>;
     function requestPasswordReset(clientId: string, data: {
         email: string;
         redirectUrl?: string;

package/dist/api/authKit.js

@@ -46,6 +46,40 @@ export var authKit;
         return post(`/authkit/${encodeURIComponent(clientId)}/auth/phone/verify`, { phoneNumber, code });
     }
     authKit.verifyPhoneCode = verifyPhoneCode;
+    /** Send a WhatsApp verification deep-link (public). */
+    async function sendWhatsApp(clientId, body) {
+        return post(`/authkit/${encodeURIComponent(clientId)}/auth/whatsapp/send`, body);
+    }
+    authKit.sendWhatsApp = sendWhatsApp;
+    /** Manually verify WhatsApp token if inbound webhook path is unavailable (public). */
+    async function verifyWhatsApp(clientId, token, phoneNumber) {
+        return post(`/authkit/${encodeURIComponent(clientId)}/auth/whatsapp/verify`, { token, phoneNumber });
+    }
+    authKit.verifyWhatsApp = verifyWhatsApp;
+    /** Poll WhatsApp verification status for a token (public). */
+    async function getWhatsAppStatus(clientId, token) {
+        const encodedToken = encodeURIComponent(token);
+        return request(`/authkit/${encodeURIComponent(clientId)}/auth/whatsapp/status?token=${encodedToken}`);
+    }
+    authKit.getWhatsAppStatus = getWhatsAppStatus;
+    /** Send an SMS click-to-verify link (public). */
+    async function sendSmsVerify(clientId, body) {
+        return post(`/authkit/${encodeURIComponent(clientId)}/auth/sms/send`, body);
+    }
+    authKit.sendSmsVerify = sendSmsVerify;
+    /** Verify an SMS click-to-verify token via API (public). */
+    async function verifySms(clientId, token, phoneNumber) {
+        const payload = { token };
+        if (phoneNumber)
+            payload.phoneNumber = phoneNumber;
+        return post(`/authkit/${encodeURIComponent(clientId)}/auth/sms/verify`, payload);
+    }
+    authKit.verifySms = verifySms;
+    /** Upsert contact identity after lightweight verification (public). */
+    async function upsertContact(clientId, body) {
+        return post(`/authkit/${encodeURIComponent(clientId)}/contact/upsert`, body);
+    }
+    authKit.upsertContact = upsertContact;
     /* ===================================
      * Password Reset (Public flows)
      * =================================== */

package/dist/api/comms.d.ts

@@ -106,7 +106,7 @@ export declare namespace comms {
      * No broadcast record is created. The send is logged to the contact's
      * communication history with sourceType: 'transactional'.
      *
-      * POST /admin/collection/:collectionId/comm.send
+      * POST /admin/collection/:collectionId/comm/send
      *
      * @example
      * ```typescript

package/dist/api/comms.js

@@ -201,7 +201,7 @@ export var comms;
      * No broadcast record is created. The send is logged to the contact's
      * communication history with sourceType: 'transactional'.
      *
-      * POST /admin/collection/:collectionId/comm.send
+      * POST /admin/collection/:collectionId/comm/send
      *
      * @example
      * ```typescript
@@ -222,8 +222,19 @@ export var comms;
      * ```
      */
     async function sendTransactional(collectionId, body) {
-        const path = `/admin/collection/${encodeURIComponent(collectionId)}/comm.send`;
-        return post(path, body);
+        const encodedCollectionId = encodeURIComponent(collectionId);
+        const path = `/admin/collection/${encodedCollectionId}/comm/send`;
+        try {
+            return await post(path, body);
+        }
+        catch (error) {
+            // Backward compatibility for deployments still serving the legacy route.
+            if ((error === null || error === void 0 ? void 0 : error.statusCode) === 404 || (error === null || error === void 0 ? void 0 : error.code) === 404) {
+                const legacyPath = `/admin/collection/${encodedCollectionId}/comm.send`;
+                return post(legacyPath, body);
+            }
+            throw error;
+        }
     }
     comms.sendTransactional = sendTransactional;
     /**

package/dist/api/realtime.js

@@ -75,7 +75,7 @@ export async function getPublicToken(params) {
     if (params.appId) {
         queryParams.append('appId', params.appId);
     }
-    return request(`/api/public/push/token?${queryParams.toString()}`);
+    return request(`/public/push/token?${queryParams.toString()}`);
 }
 /**
  * Get an Ably token for admin real-time communication.
@@ -109,5 +109,5 @@ export async function getPublicToken(params) {
  * ```
  */
 export async function getAdminToken() {
-    return request('/api/admin/auth/push');
+    return request('/admin/auth/push');
 }