@rei-standard/amsg-client 2.3.0 → 2.4.0

package/README.md

@@ -2,6 +2,10 @@
 
 `@rei-standard/amsg-client` 是 ReiStandard 主动消息标准的浏览器端 SDK 包，负责加密请求、解密响应和 Push 订阅。
 
+## v2.4.0 — SSE consumer
+
+新增 `consumeInstantStream(payload, endpointPath?, options)`：消费 amsg-instant 0.9.0+ 的 SSE 默认响应，按 frame 解析 `event: payload` / `event: done` / `event: error` 分发到 `options.onPayload`。前台场景下 push 不再绕 push service → SW → IDB → main thread 整条链路，延迟少一个数量级。详见下方 [SSE 流消费](#sse-流消费-consumeinstantstream240配合-amsg-instant-090)。请求体默认不再由 client 做本地体积限制；需要本地护栏时可在构造器传 `maxPayloadBytes`。
+
 ## v2.3.0 — Shared push types
 
 The client now re-exports `@rei-standard/amsg-shared` 的类型、运行时常量（`MESSAGE_KIND` / `MESSAGE_TYPE` / `PUSH_SOURCE`）、推送 builder（`buildContentPush` 等）和类型守卫（`isContentPush` 等）。调用方可以直接 `import { MessageKind, buildContentPush, isContentPush } from '@rei-standard/amsg-client'`，无需单独再装一个 `@rei-standard/amsg-shared` 依赖。client 本身在运行时不消费这些导出 —— 它们是给同时调 `ReiClient` 又在 Service Worker / 客户端处理推送的 app 用的便利出口。
@@ -175,30 +179,77 @@ await client.sendInstant({
 
 `splitPattern` 类型是 `string | string[]`。`scheduleMessage` 也支持，`updateMessage` 可显式传 `splitPattern: null` 重置回默认。client SDK 完全透传不校验，所有错误在 Worker / Server 端返回（每项 ≤ 200 字符、数组 ≤ 10 项、必须能 `new RegExp()` 通过）。
 
-**两个常见 footgun**：
+**两个常见坑**：
 
 - 传**正则 source**，不要带 `/.../` 也不要尾 flag。`'/foo/i'` 会被当字面量斜杠 + 字面量 `i`，不是大小写不敏感的 `foo`。大小写不敏感请用 `[Aa]` 字符类替代。
 - 想让分隔符回贴到前一段（默认行为），把分隔符包进 `(...)` 捕获组。库**不会自动包**——传 `'\\n+'` 而不是 `'(\\n+)'` 会得到首尾相连、分隔符丢失的奇怪结果。
 
-### 本地软清空：`avatarUrl` 与 payload 体积（2.2.4+ / 2.3.0+）
+### SSE 流消费 `consumeInstantStream`（2.4.0+，配合 amsg-instant 0.9.0+）
+
+`sendInstant()` 只在显式 `Accept: application/json` opt-out 模式下使用。amsg-instant 0.9.0 起默认走 SSE 流式传输——每条 push 通过 `event: payload` 直接打到主线程，前台延迟从约 1–3s（push service → SW → IDB → window）降到次百毫秒。Web Push backup 同时**常开 always-on**（即使 SSE enqueue 成功也照样发一份），用 SW / client 端按 `messageId` 做 dedupe 把两路收敛回一次。前台场景应该改用 `consumeInstantStream()`。
+
+```js
+const abort = new AbortController();
+
+try {
+  await client.consumeInstantStream(payload, '/instant', {
+    onPayload: async (push) => {
+      // 跟 SW 收到的 wire format 字节级一致：含 messageKind / sessionId / messageId
+      // 等。按 messageKind 分轨写 IDB / 渲染 / 更新 UI 状态机即可。
+      await routePushToIDB(push);
+    },
+    onError: (err) => log.warn('stream error', err),  // 通知性，不抑制 throw
+    onDone:  () => stopSpinner(),
+    signal:  abort.signal,
+  });
+} catch (err) {
+  // 网络 / 协议 / abort / onPayload 抛错都会到这里
+  showError(err);
+}
+```
+
+请求体跟 `sendInstant()` 完全一样——包括必须的 `pushSubscription`。两条投递路径同时跑：
+
+1. **SSE 直送**（首选）——payload 走 `event: payload` 直接到 `onPayload`。
+2. **Web Push always-on backup**——成功 enqueue 的 payload 也会通过 `pushSubscription` 发一份；SSE 写失败 / 客户端断开 / enqueue throw 时也走这条路兜底。
 
-`scheduleMessage` / `sendInstant` / `updateMessage` 在发请求**之前**会在本地做两项保护：
+同一 `messageId` 两路都到，由 SW 的 dedupe gate 或客户端按 ID 幂等去重收敛成一次业务投递与一次（必要时的）通知。
+
+#### 错误语义
+
+任何失败——`fetch` 网络异常、非 2xx 响应、非 `text/event-stream` `Content-Type`、SSE `event: error` 帧、`onPayload` 回调抛错、`signal` abort——都会让返回的 Promise reject。`onError` 是**通知性 side-channel**（fire 后照常 throw），不要把它当 try/catch 替代。
+
+#### 端点 / transport 配置
+
+`endpointPath` 默认 `'/instant'`，按需传 `'/continue'` 续跑 tool result。加密 / 明文两种 transport 与 `sendInstant()` 共享构造器配置（`instantEncryption` / `instantClientToken`），调用方无感。
+
+### 本地软清空：`avatarUrl` 与可选 payload 体积上限（2.2.4+ / 2.4.0+）
+
+`scheduleMessage` / `sendInstant` / `consumeInstantStream` / `updateMessage` 在发请求**之前**会保留 `avatarUrl` 软清空保护。请求体大小默认不限制；如果你希望在 SDK 本地先挡住过大的请求，可以在构造器显式传 `maxPayloadBytes`：
+
+```js
+const client = new ReiClient({
+  baseUrl: '/api/v1',
+  userId,
+  maxPayloadBytes: 256_000, // 可选；默认 null / 不限制
+});
+```
 
 | 触发条件 | 处理方式 | 触发原因（背景说明，不在 message 里） |
 | --- | --- | --- |
 | `payload.avatarUrl` 以 `data:` 开头（含 `data:image/...;base64,...`） | `console.warn` + 在 payload 上把 `avatarUrl` 置为 `null`，请求照发（`updateMessage` 从 patch 里删除该字段，保留服务端原头像） | base64 内嵌头像把单个 push payload 撑到几十 KB，远端 Web Push 服务直接返回 4KB 超限 / 网关 `413`。 |
 | `payload.avatarUrl` 长度 > 2048 字符 | 同上 | 同上。建议用 CDN 缩略图 URL。 |
 | `payload.avatarUrl` 不是字符串 | 同上 | 类型错误。 |
-| `JSON.stringify(payload)` UTF-8 字节数 > 3072 | 抛出 `Error.code === 'PAYLOAD_TOO_LARGE_LOCAL'`，错误对象带 `.details = { method, actualBytes, limitBytes }` | 远端网关 / Web Push 4KB 硬上限的本地兜底。 |
+| 已配置 `maxPayloadBytes`，且 `JSON.stringify(payload)` UTF-8 字节数超过该值 | 抛出 `Error.code === 'PAYLOAD_TOO_LARGE_LOCAL'`，错误对象带 `.details = { method, actualBytes, limitBytes }` | 只在调用方主动需要本地请求体护栏时启用。Web Push 单条回复超限由 `amsg-instant` 的 BlobStore / multipart 输出链路处理，不靠 client 限制请求体。 |
 
-头像是装饰字段，单个不合规 URL 不再让整次调度 / 推送挂掉；想拦到错误请监听 `console.warn`，或在调用前自己用 `validateAvatarUrl` 预检（server / instant 包都有导出）。`PAYLOAD_TOO_LARGE_LOCAL` 仍然是真正的"整包过大"信号，照常用 try/catch 捕获：
+头像是装饰字段，单个不合规 URL 不再让整次调度 / 推送挂掉；想拦到错误请监听 `console.warn`，或在调用前自己用 `validateAvatarUrl` 预检（server / instant 包都有导出）。未配置 `maxPayloadBytes` 时不会产生 `PAYLOAD_TOO_LARGE_LOCAL`；配置后照常用 try/catch 捕获：
 
 ```js
 try {
   await client.sendInstant(payload);
 } catch (err) {
   if (err.code === 'PAYLOAD_TOO_LARGE_LOCAL') {
-    // err.details = { method: 'sendInstant', actualBytes: 8732, limitBytes: 3072 }
+    // err.details = { method: 'sendInstant', actualBytes: 87320, limitBytes: 256000 }
   } else {
     throw err;
   }

package/dist/index.cjs

@@ -35,7 +35,6 @@ __export(src_exports, {
 module.exports = __toCommonJS(src_exports);
 var import_amsg_shared = require("@rei-standard/amsg-shared");
 var AVATAR_URL_MAX_LENGTH = 2048;
-var PAYLOAD_LOCAL_MAX_BYTES = 3072;
 function makeLocalError(code, message, details) {
   const err = new Error(`[rei-standard-amsg-client] ${message}`);
   err.code = code;
@@ -67,6 +66,7 @@ var ReiClient = class {
     this._userKey = null;
     this._instantEncryption = instantEncryption;
     this._instantClientToken = typeof config.instantClientToken === "string" && config.instantClientToken ? config.instantClientToken : "";
+    this._maxPayloadBytes = normalizeMaxPayloadBytes(config.maxPayloadBytes);
   }
   /**
    * Resolve the base URL for a given endpoint, falling back to `baseUrl`.
@@ -119,8 +119,8 @@ var ReiClient = class {
    *
    * If `avatarUrl` is unusable (`data:` URI, > 2 KB, or non-string), the
    * client soft-strips it on the payload and emits a `console.warn` — the
-   * schedule still ships, just without an avatar. The only throw left is
-   * `PAYLOAD_TOO_LARGE_LOCAL` — JSON-serialized payload exceeds 3 KB.
+   * schedule still ships, just without an avatar. If `maxPayloadBytes` is
+   * configured, oversized JSON payloads throw `PAYLOAD_TOO_LARGE_LOCAL`.
    *
    * @param {Object} payload - Schedule message payload.
    * @returns {Promise<Object>} API response body.
@@ -165,8 +165,8 @@ var ReiClient = class {
    *
    * If `avatarUrl` is unusable (`data:` URI, > 2 KB, or non-string), the
    * client soft-strips it on the payload and emits a `console.warn` — the
-   * push still ships, just without an icon. The only throw left is
-   * `PAYLOAD_TOO_LARGE_LOCAL` — JSON-serialized payload exceeds 3 KB.
+   * push still ships, just without an icon. If `maxPayloadBytes` is
+   * configured, oversized JSON payloads throw `PAYLOAD_TOO_LARGE_LOCAL`.
    *
    * @param {Object} payload - Instant message payload.
    * @param {string} [endpointPath] - Path under the resolved base URL. Default '/instant'.
@@ -202,14 +202,153 @@ var ReiClient = class {
     });
     return res.json();
   }
+  /**
+   * Consume an instant SSE stream.
+   *
+   * Error semantics: any failure (network, protocol, abort, `onPayload`
+   * callback throwing) rejects the returned Promise. `options.onError`,
+   * when provided, is a side-channel notification (e.g. for logging or
+   * UI flashes) and fires before the rejection — it does not suppress
+   * it. Always wrap calls in `try / await` and treat the rejection as
+   * the canonical error path.
+   *
+   * @param {Object} payload - Instant message payload.
+   * @param {string} [endpointPath] - Path under the resolved base URL. Default '/instant'.
+   * @param {Object} options
+   * @param {Record<string, string>} [options.headers]
+   * @param {(payload: unknown) => Promise<void> | void} options.onPayload
+   * @param {(error: unknown) => void} [options.onError]
+   * @param {() => void} [options.onDone]
+   * @param {AbortSignal} [options.signal]
+   * @returns {Promise<void>}
+   */
+  async consumeInstantStream(payload, endpointPath = "/instant", options = {}) {
+    this._sanitizeAvatarUrl(payload);
+    const json = JSON.stringify(payload);
+    this._assertPayloadSize(json, "consumeInstantStream");
+    const headers = { "Content-Type": "application/json", ...options.headers || {} };
+    let body;
+    if (this._instantEncryption === false) {
+      body = json;
+      if (this._instantClientToken) {
+        headers["X-Client-Token"] = this._instantClientToken;
+      }
+    } else {
+      const encrypted = await this._encrypt(json);
+      headers["X-User-Id"] = this._userId;
+      headers["X-Payload-Encrypted"] = "true";
+      headers["X-Encryption-Version"] = "1";
+      body = JSON.stringify(encrypted);
+    }
+    const path = endpointPath.startsWith("/") ? endpointPath : `/${endpointPath}`;
+    const res = await fetch(`${this._resolveBaseUrl("instant")}${path}`, {
+      method: "POST",
+      headers,
+      body,
+      signal: options.signal
+    });
+    if (!res.ok) {
+      const text = await res.text().catch(() => "");
+      throw new Error(`Instant request failed: ${res.status} ${text}`);
+    }
+    const contentType = res.headers.get("content-type") || "";
+    if (!contentType.includes("text/event-stream")) {
+      const text = await res.text().catch(() => "");
+      throw new Error(`Expected text/event-stream, got ${contentType}: ${text}`);
+    }
+    if (!res.body) {
+      throw new Error("Response body is null");
+    }
+    const reader = res.body.getReader();
+    const decoder = new TextDecoder();
+    let buffer = "";
+    let thrown;
+    try {
+      while (true) {
+        const { done, value } = await reader.read();
+        if (done) break;
+        buffer += decoder.decode(value, { stream: true });
+        const parts = buffer.split("\n\n");
+        buffer = parts.pop() || "";
+        for (const part of parts) {
+          if (!part.trim()) continue;
+          let eventName = "message";
+          let data = "";
+          const lines = part.split("\n");
+          for (const line of lines) {
+            if (line.startsWith(":")) continue;
+            if (line.startsWith("event:")) {
+              eventName = line.slice(6).trim();
+            } else if (line.startsWith("data:")) {
+              const piece = line.slice(5).trim();
+              data = data ? `${data}
+${piece}` : piece;
+            }
+          }
+          if (eventName === "done") {
+            if (options.onDone) options.onDone();
+            return;
+          }
+          if (eventName === "error") {
+            let parsedErr;
+            try {
+              parsedErr = JSON.parse(data);
+            } catch {
+              parsedErr = { code: "PARSE_ERROR", message: data };
+            }
+            const err = new Error(parsedErr.message || "Stream error");
+            err.code = parsedErr.code;
+            thrown = err;
+            return;
+          }
+          if (eventName === "payload") {
+            let parsedPayload;
+            try {
+              parsedPayload = JSON.parse(data);
+            } catch {
+              continue;
+            }
+            if (options.onPayload) {
+              await options.onPayload(parsedPayload);
+            }
+          }
+        }
+      }
+      if (options.onDone) options.onDone();
+    } catch (err) {
+      thrown = err;
+    } finally {
+      if (thrown) {
+        try {
+          await reader.cancel(thrown);
+        } catch {
+        }
+        if (options.onError) {
+          try {
+            options.onError(thrown);
+          } catch {
+          }
+        }
+        try {
+          reader.releaseLock();
+        } catch {
+        }
+        throw thrown;
+      }
+      try {
+        reader.releaseLock();
+      } catch {
+      }
+    }
+  }
   /**
    * Update an existing scheduled message.
    *
    * If `updates.avatarUrl` is unusable (`data:` URI, > 2 KB, or non-string),
    * the client soft-strips it from the patch and emits a `console.warn` —
    * the rest of the update still applies, and the stored avatar is left
-   * untouched. The only throw left is `PAYLOAD_TOO_LARGE_LOCAL` —
-   * JSON-serialized updates exceed 3 KB.
+   * untouched. If `maxPayloadBytes` is configured, oversized JSON patches
+   * throw `PAYLOAD_TOO_LARGE_LOCAL`.
    *
    * @param {string} uuid    - Task UUID.
    * @param {Object} updates - Fields to update.
@@ -330,21 +469,22 @@ var ReiClient = class {
     return false;
   }
   /**
-   * Reject outgoing payloads larger than 3 KB pre-encryption. Spares the
-   * remote a guaranteed 413 / Web Push 4 KB-limit failure and gives the
-   * caller a precise local error pointing at the size cap.
+   * Enforce the optional local request payload cap before encryption.
+   * By default there is no SDK-level request-size limit; runtime, proxy,
+   * database, and LLM-provider limits remain the deployer's boundary.
    *
    * @private
    * @param {string} bodyJson  - `JSON.stringify(payload)`.
    * @param {string} methodName
    */
   _assertPayloadSize(bodyJson, methodName) {
+    if (this._maxPayloadBytes == null) return;
     const bytes = new TextEncoder().encode(bodyJson).length;
-    if (bytes > PAYLOAD_LOCAL_MAX_BYTES) {
+    if (bytes > this._maxPayloadBytes) {
       throw makeLocalError(
         "PAYLOAD_TOO_LARGE_LOCAL",
-        `${methodName} payload \u4F53\u79EF ${bytes} \u5B57\u8282\u8D85\u8FC7\u672C\u5730\u4E0A\u9650 ${PAYLOAD_LOCAL_MAX_BYTES} \u5B57\u8282`,
-        { method: methodName, actualBytes: bytes, limitBytes: PAYLOAD_LOCAL_MAX_BYTES }
+        `${methodName} payload \u4F53\u79EF ${bytes} \u5B57\u8282\u8D85\u8FC7\u672C\u5730\u4E0A\u9650 ${this._maxPayloadBytes} \u5B57\u8282`,
+        { method: methodName, actualBytes: bytes, limitBytes: this._maxPayloadBytes }
       );
     }
   }
@@ -422,3 +562,10 @@ var ReiClient = class {
     return arr;
   }
 };
+function normalizeMaxPayloadBytes(value) {
+  if (value === void 0 || value === null) return null;
+  if (!Number.isInteger(value) || value <= 0) {
+    throw new TypeError("[rei-standard-amsg-client] maxPayloadBytes must be a positive integer when set");
+  }
+  return value;
+}

package/dist/index.d.cts

@@ -61,6 +61,9 @@ export { MESSAGE_KIND, MESSAGE_TYPE, PUSH_SOURCE, buildContentPush, buildErrorPu
  *                                                         a *weak* shared secret — it ships inside any
  *                                                         frontend bundle that uses it, so devtools can
  *                                                         read it. Use for casual URL-direct abuse only.
+ * @property {number|null} [maxPayloadBytes=null]        - Optional local UTF-8 byte cap for outgoing request
+ *                                                         payloads before encryption. `null` / omitted means
+ *                                                         no SDK-level request-size limit.
  */
 
 /**
@@ -71,15 +74,6 @@ export { MESSAGE_KIND, MESSAGE_TYPE, PUSH_SOURCE, buildContentPush, buildErrorPu
  */
 const AVATAR_URL_MAX_LENGTH = 2048;
 
-/**
- * Max byte length of a single outgoing payload (3 KB, measured pre-encryption
- * on the plaintext JSON body). Anything over this is almost certainly a base64
- * avatar smuggled into `avatarUrl` and will trigger downstream `413 Payload
- * Too Large` or hit the Web Push 4 KB hard limit at delivery. We bail locally
- * to save a remote round-trip and give a precise error.
- */
-const PAYLOAD_LOCAL_MAX_BYTES = 3072;
-
 function makeLocalError(code, message, details) {
   const err = new Error(`[rei-standard-amsg-client] ${message}`);
   err.code = code;
@@ -122,6 +116,8 @@ class ReiClient {
     this._instantClientToken = typeof config.instantClientToken === 'string' && config.instantClientToken
       ? config.instantClientToken
       : '';
+    /** @private */
+    this._maxPayloadBytes = normalizeMaxPayloadBytes(config.maxPayloadBytes);
   }
 
   /**
@@ -183,8 +179,8 @@ class ReiClient {
    *
    * If `avatarUrl` is unusable (`data:` URI, > 2 KB, or non-string), the
    * client soft-strips it on the payload and emits a `console.warn` — the
-   * schedule still ships, just without an avatar. The only throw left is
-   * `PAYLOAD_TOO_LARGE_LOCAL` — JSON-serialized payload exceeds 3 KB.
+   * schedule still ships, just without an avatar. If `maxPayloadBytes` is
+   * configured, oversized JSON payloads throw `PAYLOAD_TOO_LARGE_LOCAL`.
    *
    * @param {Object} payload - Schedule message payload.
    * @returns {Promise<Object>} API response body.
@@ -232,8 +228,8 @@ class ReiClient {
    *
    * If `avatarUrl` is unusable (`data:` URI, > 2 KB, or non-string), the
    * client soft-strips it on the payload and emits a `console.warn` — the
-   * push still ships, just without an icon. The only throw left is
-   * `PAYLOAD_TOO_LARGE_LOCAL` — JSON-serialized payload exceeds 3 KB.
+   * push still ships, just without an icon. If `maxPayloadBytes` is
+   * configured, oversized JSON payloads throw `PAYLOAD_TOO_LARGE_LOCAL`.
    *
    * @param {Object} payload - Instant message payload.
    * @param {string} [endpointPath] - Path under the resolved base URL. Default '/instant'.
@@ -275,14 +271,163 @@ class ReiClient {
     return res.json();
   }
 
+  /**
+   * Consume an instant SSE stream.
+   *
+   * Error semantics: any failure (network, protocol, abort, `onPayload`
+   * callback throwing) rejects the returned Promise. `options.onError`,
+   * when provided, is a side-channel notification (e.g. for logging or
+   * UI flashes) and fires before the rejection — it does not suppress
+   * it. Always wrap calls in `try / await` and treat the rejection as
+   * the canonical error path.
+   *
+   * @param {Object} payload - Instant message payload.
+   * @param {string} [endpointPath] - Path under the resolved base URL. Default '/instant'.
+   * @param {Object} options
+   * @param {Record<string, string>} [options.headers]
+   * @param {(payload: unknown) => Promise<void> | void} options.onPayload
+   * @param {(error: unknown) => void} [options.onError]
+   * @param {() => void} [options.onDone]
+   * @param {AbortSignal} [options.signal]
+   * @returns {Promise<void>}
+   */
+  async consumeInstantStream(payload, endpointPath = '/instant', options = {}) {
+    this._sanitizeAvatarUrl(payload);
+    const json = JSON.stringify(payload);
+    this._assertPayloadSize(json, 'consumeInstantStream');
+
+    const headers = { 'Content-Type': 'application/json', ...(options.headers || {}) };
+    let body;
+
+    if (this._instantEncryption === false) {
+      body = json;
+      if (this._instantClientToken) {
+        headers['X-Client-Token'] = this._instantClientToken;
+      }
+    } else {
+      const encrypted = await this._encrypt(json);
+      headers['X-User-Id'] = this._userId;
+      headers['X-Payload-Encrypted'] = 'true';
+      headers['X-Encryption-Version'] = '1';
+      body = JSON.stringify(encrypted);
+    }
+
+    const path = endpointPath.startsWith('/') ? endpointPath : `/${endpointPath}`;
+    const res = await fetch(`${this._resolveBaseUrl('instant')}${path}`, {
+      method: 'POST',
+      headers,
+      body,
+      signal: options.signal
+    });
+
+    if (!res.ok) {
+      const text = await res.text().catch(() => '');
+      throw new Error(`Instant request failed: ${res.status} ${text}`);
+    }
+
+    const contentType = res.headers.get('content-type') || '';
+    if (!contentType.includes('text/event-stream')) {
+      const text = await res.text().catch(() => '');
+      throw new Error(`Expected text/event-stream, got ${contentType}: ${text}`);
+    }
+
+    if (!res.body) {
+      throw new Error('Response body is null');
+    }
+
+    const reader = res.body.getReader();
+    const decoder = new TextDecoder();
+    let buffer = '';
+    let thrown;
+
+    try {
+      while (true) {
+        const { done, value } = await reader.read();
+        if (done) break;
+
+        buffer += decoder.decode(value, { stream: true });
+        const parts = buffer.split('\n\n');
+        buffer = parts.pop() || ''; // last part may be incomplete
+
+        for (const part of parts) {
+          if (!part.trim()) continue;
+
+          let eventName = 'message';
+          // Per SSE spec multiple `data:` lines in one event concatenate
+          // with `\n`. Our own server always emits a single data line,
+          // but `consumeInstantStream` is a general-purpose consumer.
+          let data = '';
+
+          const lines = part.split('\n');
+          for (const line of lines) {
+            if (line.startsWith(':')) continue; // keepalive comment
+            if (line.startsWith('event:')) {
+              eventName = line.slice(6).trim();
+            } else if (line.startsWith('data:')) {
+              const piece = line.slice(5).trim();
+              data = data ? `${data}\n${piece}` : piece;
+            }
+          }
+
+          if (eventName === 'done') {
+            if (options.onDone) options.onDone();
+            return;
+          }
+
+          if (eventName === 'error') {
+            let parsedErr;
+            try {
+              parsedErr = JSON.parse(data);
+            } catch {
+              parsedErr = { code: 'PARSE_ERROR', message: data };
+            }
+            const err = new Error(parsedErr.message || 'Stream error');
+            err.code = parsedErr.code;
+            thrown = err;
+            return; // exit loop, finally re-throws
+          }
+
+          if (eventName === 'payload') {
+            let parsedPayload;
+            try {
+              parsedPayload = JSON.parse(data);
+            } catch {
+              continue;
+            }
+            if (options.onPayload) {
+              await options.onPayload(parsedPayload);
+            }
+          }
+        }
+      }
+
+      // Stream ended without `event: done` — treat EOF as done.
+      if (options.onDone) options.onDone();
+    } catch (err) {
+      thrown = err;
+    } finally {
+      // Always notify onError (side-channel) and always throw — callers
+      // rely on Promise rejection as the canonical failure signal.
+      if (thrown) {
+        try { await reader.cancel(thrown); } catch { /* already cancelled */ }
+        if (options.onError) {
+          try { options.onError(thrown); } catch { /* observer can't break the throw */ }
+        }
+        try { reader.releaseLock(); } catch { /* already released */ }
+        throw thrown;
+      }
+      try { reader.releaseLock(); } catch { /* already released */ }
+    }
+  }
+
   /**
    * Update an existing scheduled message.
    *
    * If `updates.avatarUrl` is unusable (`data:` URI, > 2 KB, or non-string),
    * the client soft-strips it from the patch and emits a `console.warn` —
    * the rest of the update still applies, and the stored avatar is left
-   * untouched. The only throw left is `PAYLOAD_TOO_LARGE_LOCAL` —
-   * JSON-serialized updates exceed 3 KB.
+   * untouched. If `maxPayloadBytes` is configured, oversized JSON patches
+   * throw `PAYLOAD_TOO_LARGE_LOCAL`.
    *
    * @param {string} uuid    - Task UUID.
    * @param {Object} updates - Fields to update.
@@ -420,21 +565,22 @@ class ReiClient {
   }
 
   /**
-   * Reject outgoing payloads larger than 3 KB pre-encryption. Spares the
-   * remote a guaranteed 413 / Web Push 4 KB-limit failure and gives the
-   * caller a precise local error pointing at the size cap.
+   * Enforce the optional local request payload cap before encryption.
+   * By default there is no SDK-level request-size limit; runtime, proxy,
+   * database, and LLM-provider limits remain the deployer's boundary.
    *
    * @private
    * @param {string} bodyJson  - `JSON.stringify(payload)`.
    * @param {string} methodName
    */
   _assertPayloadSize(bodyJson, methodName) {
+    if (this._maxPayloadBytes == null) return;
     const bytes = new TextEncoder().encode(bodyJson).length;
-    if (bytes > PAYLOAD_LOCAL_MAX_BYTES) {
+    if (bytes > this._maxPayloadBytes) {
       throw makeLocalError(
         'PAYLOAD_TOO_LARGE_LOCAL',
-        `${methodName} payload 体积 ${bytes} 字节超过本地上限 ${PAYLOAD_LOCAL_MAX_BYTES} 字节`,
-        { method: methodName, actualBytes: bytes, limitBytes: PAYLOAD_LOCAL_MAX_BYTES }
+        `${methodName} payload 体积 ${bytes} 字节超过本地上限 ${this._maxPayloadBytes} 字节`,
+        { method: methodName, actualBytes: bytes, limitBytes: this._maxPayloadBytes }
       );
     }
   }
@@ -527,4 +673,12 @@ class ReiClient {
   }
 }
 
+function normalizeMaxPayloadBytes(value) {
+  if (value === undefined || value === null) return null;
+  if (!Number.isInteger(value) || value <= 0) {
+    throw new TypeError('[rei-standard-amsg-client] maxPayloadBytes must be a positive integer when set');
+  }
+  return value;
+}
+
 export { ReiClient };

package/dist/index.d.ts

@@ -61,6 +61,9 @@ export { MESSAGE_KIND, MESSAGE_TYPE, PUSH_SOURCE, buildContentPush, buildErrorPu
  *                                                         a *weak* shared secret — it ships inside any
  *                                                         frontend bundle that uses it, so devtools can
  *                                                         read it. Use for casual URL-direct abuse only.
+ * @property {number|null} [maxPayloadBytes=null]        - Optional local UTF-8 byte cap for outgoing request
+ *                                                         payloads before encryption. `null` / omitted means
+ *                                                         no SDK-level request-size limit.
  */
 
 /**
@@ -71,15 +74,6 @@ export { MESSAGE_KIND, MESSAGE_TYPE, PUSH_SOURCE, buildContentPush, buildErrorPu
  */
 const AVATAR_URL_MAX_LENGTH = 2048;
 
-/**
- * Max byte length of a single outgoing payload (3 KB, measured pre-encryption
- * on the plaintext JSON body). Anything over this is almost certainly a base64
- * avatar smuggled into `avatarUrl` and will trigger downstream `413 Payload
- * Too Large` or hit the Web Push 4 KB hard limit at delivery. We bail locally
- * to save a remote round-trip and give a precise error.
- */
-const PAYLOAD_LOCAL_MAX_BYTES = 3072;
-
 function makeLocalError(code, message, details) {
   const err = new Error(`[rei-standard-amsg-client] ${message}`);
   err.code = code;
@@ -122,6 +116,8 @@ class ReiClient {
     this._instantClientToken = typeof config.instantClientToken === 'string' && config.instantClientToken
       ? config.instantClientToken
       : '';
+    /** @private */
+    this._maxPayloadBytes = normalizeMaxPayloadBytes(config.maxPayloadBytes);
   }
 
   /**
@@ -183,8 +179,8 @@ class ReiClient {
    *
    * If `avatarUrl` is unusable (`data:` URI, > 2 KB, or non-string), the
    * client soft-strips it on the payload and emits a `console.warn` — the
-   * schedule still ships, just without an avatar. The only throw left is
-   * `PAYLOAD_TOO_LARGE_LOCAL` — JSON-serialized payload exceeds 3 KB.
+   * schedule still ships, just without an avatar. If `maxPayloadBytes` is
+   * configured, oversized JSON payloads throw `PAYLOAD_TOO_LARGE_LOCAL`.
    *
    * @param {Object} payload - Schedule message payload.
    * @returns {Promise<Object>} API response body.
@@ -232,8 +228,8 @@ class ReiClient {
    *
    * If `avatarUrl` is unusable (`data:` URI, > 2 KB, or non-string), the
    * client soft-strips it on the payload and emits a `console.warn` — the
-   * push still ships, just without an icon. The only throw left is
-   * `PAYLOAD_TOO_LARGE_LOCAL` — JSON-serialized payload exceeds 3 KB.
+   * push still ships, just without an icon. If `maxPayloadBytes` is
+   * configured, oversized JSON payloads throw `PAYLOAD_TOO_LARGE_LOCAL`.
    *
    * @param {Object} payload - Instant message payload.
    * @param {string} [endpointPath] - Path under the resolved base URL. Default '/instant'.
@@ -275,14 +271,163 @@ class ReiClient {
     return res.json();
   }
 
+  /**
+   * Consume an instant SSE stream.
+   *
+   * Error semantics: any failure (network, protocol, abort, `onPayload`
+   * callback throwing) rejects the returned Promise. `options.onError`,
+   * when provided, is a side-channel notification (e.g. for logging or
+   * UI flashes) and fires before the rejection — it does not suppress
+   * it. Always wrap calls in `try / await` and treat the rejection as
+   * the canonical error path.
+   *
+   * @param {Object} payload - Instant message payload.
+   * @param {string} [endpointPath] - Path under the resolved base URL. Default '/instant'.
+   * @param {Object} options
+   * @param {Record<string, string>} [options.headers]
+   * @param {(payload: unknown) => Promise<void> | void} options.onPayload
+   * @param {(error: unknown) => void} [options.onError]
+   * @param {() => void} [options.onDone]
+   * @param {AbortSignal} [options.signal]
+   * @returns {Promise<void>}
+   */
+  async consumeInstantStream(payload, endpointPath = '/instant', options = {}) {
+    this._sanitizeAvatarUrl(payload);
+    const json = JSON.stringify(payload);
+    this._assertPayloadSize(json, 'consumeInstantStream');
+
+    const headers = { 'Content-Type': 'application/json', ...(options.headers || {}) };
+    let body;
+
+    if (this._instantEncryption === false) {
+      body = json;
+      if (this._instantClientToken) {
+        headers['X-Client-Token'] = this._instantClientToken;
+      }
+    } else {
+      const encrypted = await this._encrypt(json);
+      headers['X-User-Id'] = this._userId;
+      headers['X-Payload-Encrypted'] = 'true';
+      headers['X-Encryption-Version'] = '1';
+      body = JSON.stringify(encrypted);
+    }
+
+    const path = endpointPath.startsWith('/') ? endpointPath : `/${endpointPath}`;
+    const res = await fetch(`${this._resolveBaseUrl('instant')}${path}`, {
+      method: 'POST',
+      headers,
+      body,
+      signal: options.signal
+    });
+
+    if (!res.ok) {
+      const text = await res.text().catch(() => '');
+      throw new Error(`Instant request failed: ${res.status} ${text}`);
+    }
+
+    const contentType = res.headers.get('content-type') || '';
+    if (!contentType.includes('text/event-stream')) {
+      const text = await res.text().catch(() => '');
+      throw new Error(`Expected text/event-stream, got ${contentType}: ${text}`);
+    }
+
+    if (!res.body) {
+      throw new Error('Response body is null');
+    }
+
+    const reader = res.body.getReader();
+    const decoder = new TextDecoder();
+    let buffer = '';
+    let thrown;
+
+    try {
+      while (true) {
+        const { done, value } = await reader.read();
+        if (done) break;
+
+        buffer += decoder.decode(value, { stream: true });
+        const parts = buffer.split('\n\n');
+        buffer = parts.pop() || ''; // last part may be incomplete
+
+        for (const part of parts) {
+          if (!part.trim()) continue;
+
+          let eventName = 'message';
+          // Per SSE spec multiple `data:` lines in one event concatenate
+          // with `\n`. Our own server always emits a single data line,
+          // but `consumeInstantStream` is a general-purpose consumer.
+          let data = '';
+
+          const lines = part.split('\n');
+          for (const line of lines) {
+            if (line.startsWith(':')) continue; // keepalive comment
+            if (line.startsWith('event:')) {
+              eventName = line.slice(6).trim();
+            } else if (line.startsWith('data:')) {
+              const piece = line.slice(5).trim();
+              data = data ? `${data}\n${piece}` : piece;
+            }
+          }
+
+          if (eventName === 'done') {
+            if (options.onDone) options.onDone();
+            return;
+          }
+
+          if (eventName === 'error') {
+            let parsedErr;
+            try {
+              parsedErr = JSON.parse(data);
+            } catch {
+              parsedErr = { code: 'PARSE_ERROR', message: data };
+            }
+            const err = new Error(parsedErr.message || 'Stream error');
+            err.code = parsedErr.code;
+            thrown = err;
+            return; // exit loop, finally re-throws
+          }
+
+          if (eventName === 'payload') {
+            let parsedPayload;
+            try {
+              parsedPayload = JSON.parse(data);
+            } catch {
+              continue;
+            }
+            if (options.onPayload) {
+              await options.onPayload(parsedPayload);
+            }
+          }
+        }
+      }
+
+      // Stream ended without `event: done` — treat EOF as done.
+      if (options.onDone) options.onDone();
+    } catch (err) {
+      thrown = err;
+    } finally {
+      // Always notify onError (side-channel) and always throw — callers
+      // rely on Promise rejection as the canonical failure signal.
+      if (thrown) {
+        try { await reader.cancel(thrown); } catch { /* already cancelled */ }
+        if (options.onError) {
+          try { options.onError(thrown); } catch { /* observer can't break the throw */ }
+        }
+        try { reader.releaseLock(); } catch { /* already released */ }
+        throw thrown;
+      }
+      try { reader.releaseLock(); } catch { /* already released */ }
+    }
+  }
+
   /**
    * Update an existing scheduled message.
    *
    * If `updates.avatarUrl` is unusable (`data:` URI, > 2 KB, or non-string),
    * the client soft-strips it from the patch and emits a `console.warn` —
    * the rest of the update still applies, and the stored avatar is left
-   * untouched. The only throw left is `PAYLOAD_TOO_LARGE_LOCAL` —
-   * JSON-serialized updates exceed 3 KB.
+   * untouched. If `maxPayloadBytes` is configured, oversized JSON patches
+   * throw `PAYLOAD_TOO_LARGE_LOCAL`.
    *
    * @param {string} uuid    - Task UUID.
    * @param {Object} updates - Fields to update.
@@ -420,21 +565,22 @@ class ReiClient {
   }
 
   /**
-   * Reject outgoing payloads larger than 3 KB pre-encryption. Spares the
-   * remote a guaranteed 413 / Web Push 4 KB-limit failure and gives the
-   * caller a precise local error pointing at the size cap.
+   * Enforce the optional local request payload cap before encryption.
+   * By default there is no SDK-level request-size limit; runtime, proxy,
+   * database, and LLM-provider limits remain the deployer's boundary.
    *
    * @private
    * @param {string} bodyJson  - `JSON.stringify(payload)`.
    * @param {string} methodName
    */
   _assertPayloadSize(bodyJson, methodName) {
+    if (this._maxPayloadBytes == null) return;
     const bytes = new TextEncoder().encode(bodyJson).length;
-    if (bytes > PAYLOAD_LOCAL_MAX_BYTES) {
+    if (bytes > this._maxPayloadBytes) {
       throw makeLocalError(
         'PAYLOAD_TOO_LARGE_LOCAL',
-        `${methodName} payload 体积 ${bytes} 字节超过本地上限 ${PAYLOAD_LOCAL_MAX_BYTES} 字节`,
-        { method: methodName, actualBytes: bytes, limitBytes: PAYLOAD_LOCAL_MAX_BYTES }
+        `${methodName} payload 体积 ${bytes} 字节超过本地上限 ${this._maxPayloadBytes} 字节`,
+        { method: methodName, actualBytes: bytes, limitBytes: this._maxPayloadBytes }
       );
     }
   }
@@ -527,4 +673,12 @@ class ReiClient {
   }
 }
 
+function normalizeMaxPayloadBytes(value) {
+  if (value === undefined || value === null) return null;
+  if (!Number.isInteger(value) || value <= 0) {
+    throw new TypeError('[rei-standard-amsg-client] maxPayloadBytes must be a positive integer when set');
+  }
+  return value;
+}
+
 export { ReiClient };

package/dist/index.mjs

@@ -13,7 +13,6 @@ import {
   isErrorPush
 } from "@rei-standard/amsg-shared";
 var AVATAR_URL_MAX_LENGTH = 2048;
-var PAYLOAD_LOCAL_MAX_BYTES = 3072;
 function makeLocalError(code, message, details) {
   const err = new Error(`[rei-standard-amsg-client] ${message}`);
   err.code = code;
@@ -45,6 +44,7 @@ var ReiClient = class {
     this._userKey = null;
     this._instantEncryption = instantEncryption;
     this._instantClientToken = typeof config.instantClientToken === "string" && config.instantClientToken ? config.instantClientToken : "";
+    this._maxPayloadBytes = normalizeMaxPayloadBytes(config.maxPayloadBytes);
   }
   /**
    * Resolve the base URL for a given endpoint, falling back to `baseUrl`.
@@ -97,8 +97,8 @@ var ReiClient = class {
    *
    * If `avatarUrl` is unusable (`data:` URI, > 2 KB, or non-string), the
    * client soft-strips it on the payload and emits a `console.warn` — the
-   * schedule still ships, just without an avatar. The only throw left is
-   * `PAYLOAD_TOO_LARGE_LOCAL` — JSON-serialized payload exceeds 3 KB.
+   * schedule still ships, just without an avatar. If `maxPayloadBytes` is
+   * configured, oversized JSON payloads throw `PAYLOAD_TOO_LARGE_LOCAL`.
    *
    * @param {Object} payload - Schedule message payload.
    * @returns {Promise<Object>} API response body.
@@ -143,8 +143,8 @@ var ReiClient = class {
    *
    * If `avatarUrl` is unusable (`data:` URI, > 2 KB, or non-string), the
    * client soft-strips it on the payload and emits a `console.warn` — the
-   * push still ships, just without an icon. The only throw left is
-   * `PAYLOAD_TOO_LARGE_LOCAL` — JSON-serialized payload exceeds 3 KB.
+   * push still ships, just without an icon. If `maxPayloadBytes` is
+   * configured, oversized JSON payloads throw `PAYLOAD_TOO_LARGE_LOCAL`.
    *
    * @param {Object} payload - Instant message payload.
    * @param {string} [endpointPath] - Path under the resolved base URL. Default '/instant'.
@@ -180,14 +180,153 @@ var ReiClient = class {
     });
     return res.json();
   }
+  /**
+   * Consume an instant SSE stream.
+   *
+   * Error semantics: any failure (network, protocol, abort, `onPayload`
+   * callback throwing) rejects the returned Promise. `options.onError`,
+   * when provided, is a side-channel notification (e.g. for logging or
+   * UI flashes) and fires before the rejection — it does not suppress
+   * it. Always wrap calls in `try / await` and treat the rejection as
+   * the canonical error path.
+   *
+   * @param {Object} payload - Instant message payload.
+   * @param {string} [endpointPath] - Path under the resolved base URL. Default '/instant'.
+   * @param {Object} options
+   * @param {Record<string, string>} [options.headers]
+   * @param {(payload: unknown) => Promise<void> | void} options.onPayload
+   * @param {(error: unknown) => void} [options.onError]
+   * @param {() => void} [options.onDone]
+   * @param {AbortSignal} [options.signal]
+   * @returns {Promise<void>}
+   */
+  async consumeInstantStream(payload, endpointPath = "/instant", options = {}) {
+    this._sanitizeAvatarUrl(payload);
+    const json = JSON.stringify(payload);
+    this._assertPayloadSize(json, "consumeInstantStream");
+    const headers = { "Content-Type": "application/json", ...options.headers || {} };
+    let body;
+    if (this._instantEncryption === false) {
+      body = json;
+      if (this._instantClientToken) {
+        headers["X-Client-Token"] = this._instantClientToken;
+      }
+    } else {
+      const encrypted = await this._encrypt(json);
+      headers["X-User-Id"] = this._userId;
+      headers["X-Payload-Encrypted"] = "true";
+      headers["X-Encryption-Version"] = "1";
+      body = JSON.stringify(encrypted);
+    }
+    const path = endpointPath.startsWith("/") ? endpointPath : `/${endpointPath}`;
+    const res = await fetch(`${this._resolveBaseUrl("instant")}${path}`, {
+      method: "POST",
+      headers,
+      body,
+      signal: options.signal
+    });
+    if (!res.ok) {
+      const text = await res.text().catch(() => "");
+      throw new Error(`Instant request failed: ${res.status} ${text}`);
+    }
+    const contentType = res.headers.get("content-type") || "";
+    if (!contentType.includes("text/event-stream")) {
+      const text = await res.text().catch(() => "");
+      throw new Error(`Expected text/event-stream, got ${contentType}: ${text}`);
+    }
+    if (!res.body) {
+      throw new Error("Response body is null");
+    }
+    const reader = res.body.getReader();
+    const decoder = new TextDecoder();
+    let buffer = "";
+    let thrown;
+    try {
+      while (true) {
+        const { done, value } = await reader.read();
+        if (done) break;
+        buffer += decoder.decode(value, { stream: true });
+        const parts = buffer.split("\n\n");
+        buffer = parts.pop() || "";
+        for (const part of parts) {
+          if (!part.trim()) continue;
+          let eventName = "message";
+          let data = "";
+          const lines = part.split("\n");
+          for (const line of lines) {
+            if (line.startsWith(":")) continue;
+            if (line.startsWith("event:")) {
+              eventName = line.slice(6).trim();
+            } else if (line.startsWith("data:")) {
+              const piece = line.slice(5).trim();
+              data = data ? `${data}
+${piece}` : piece;
+            }
+          }
+          if (eventName === "done") {
+            if (options.onDone) options.onDone();
+            return;
+          }
+          if (eventName === "error") {
+            let parsedErr;
+            try {
+              parsedErr = JSON.parse(data);
+            } catch {
+              parsedErr = { code: "PARSE_ERROR", message: data };
+            }
+            const err = new Error(parsedErr.message || "Stream error");
+            err.code = parsedErr.code;
+            thrown = err;
+            return;
+          }
+          if (eventName === "payload") {
+            let parsedPayload;
+            try {
+              parsedPayload = JSON.parse(data);
+            } catch {
+              continue;
+            }
+            if (options.onPayload) {
+              await options.onPayload(parsedPayload);
+            }
+          }
+        }
+      }
+      if (options.onDone) options.onDone();
+    } catch (err) {
+      thrown = err;
+    } finally {
+      if (thrown) {
+        try {
+          await reader.cancel(thrown);
+        } catch {
+        }
+        if (options.onError) {
+          try {
+            options.onError(thrown);
+          } catch {
+          }
+        }
+        try {
+          reader.releaseLock();
+        } catch {
+        }
+        throw thrown;
+      }
+      try {
+        reader.releaseLock();
+      } catch {
+      }
+    }
+  }
   /**
    * Update an existing scheduled message.
    *
    * If `updates.avatarUrl` is unusable (`data:` URI, > 2 KB, or non-string),
    * the client soft-strips it from the patch and emits a `console.warn` —
    * the rest of the update still applies, and the stored avatar is left
-   * untouched. The only throw left is `PAYLOAD_TOO_LARGE_LOCAL` —
-   * JSON-serialized updates exceed 3 KB.
+   * untouched. If `maxPayloadBytes` is configured, oversized JSON patches
+   * throw `PAYLOAD_TOO_LARGE_LOCAL`.
    *
    * @param {string} uuid    - Task UUID.
    * @param {Object} updates - Fields to update.
@@ -308,21 +447,22 @@ var ReiClient = class {
     return false;
   }
   /**
-   * Reject outgoing payloads larger than 3 KB pre-encryption. Spares the
-   * remote a guaranteed 413 / Web Push 4 KB-limit failure and gives the
-   * caller a precise local error pointing at the size cap.
+   * Enforce the optional local request payload cap before encryption.
+   * By default there is no SDK-level request-size limit; runtime, proxy,
+   * database, and LLM-provider limits remain the deployer's boundary.
    *
    * @private
    * @param {string} bodyJson  - `JSON.stringify(payload)`.
    * @param {string} methodName
    */
   _assertPayloadSize(bodyJson, methodName) {
+    if (this._maxPayloadBytes == null) return;
     const bytes = new TextEncoder().encode(bodyJson).length;
-    if (bytes > PAYLOAD_LOCAL_MAX_BYTES) {
+    if (bytes > this._maxPayloadBytes) {
       throw makeLocalError(
         "PAYLOAD_TOO_LARGE_LOCAL",
-        `${methodName} payload \u4F53\u79EF ${bytes} \u5B57\u8282\u8D85\u8FC7\u672C\u5730\u4E0A\u9650 ${PAYLOAD_LOCAL_MAX_BYTES} \u5B57\u8282`,
-        { method: methodName, actualBytes: bytes, limitBytes: PAYLOAD_LOCAL_MAX_BYTES }
+        `${methodName} payload \u4F53\u79EF ${bytes} \u5B57\u8282\u8D85\u8FC7\u672C\u5730\u4E0A\u9650 ${this._maxPayloadBytes} \u5B57\u8282`,
+        { method: methodName, actualBytes: bytes, limitBytes: this._maxPayloadBytes }
       );
     }
   }
@@ -400,6 +540,13 @@ var ReiClient = class {
     return arr;
   }
 };
+function normalizeMaxPayloadBytes(value) {
+  if (value === void 0 || value === null) return null;
+  if (!Number.isInteger(value) || value <= 0) {
+    throw new TypeError("[rei-standard-amsg-client] maxPayloadBytes must be a positive integer when set");
+  }
+  return value;
+}
 export {
   MESSAGE_KIND,
   MESSAGE_TYPE,

package/package.json

@@ -1,10 +1,10 @@
 {
   "name": "@rei-standard/amsg-client",
-  "version": "2.3.0",
+  "version": "2.4.0",
   "description": "ReiStandard Active Messaging browser client SDK — also re-exports shared push types, builders, and guards from @rei-standard/amsg-shared",
   "repository": {
     "type": "git",
-    "url": "https://github.com/Tosd0/ReiStandard",
+    "url": "git+https://github.com/Tosd0/ReiStandard.git",
     "directory": "packages/rei-standard-amsg/client"
   },
   "license": "MIT",
@@ -33,7 +33,7 @@
     "node": ">=20"
   },
   "dependencies": {
-    "@rei-standard/amsg-shared": "0.1.0"
+    "@rei-standard/amsg-shared": "0.2.0"
   },
   "devDependencies": {
     "tsup": "^8.0.0",