@salesforce/lds-runtime-aura 1.435.1 → 1.437.0

package/dist/ldsEngineCreator.js

@@ -41,8 +41,10 @@ import lightningConnectEnabled from '@salesforce/gate/ui.services.LightningConne
 import bypassAppRestrictionEnabled from '@salesforce/gate/ui.services.LightningConnect.BypassAppRestriction.enabled';
 import csrfValidationEnabled from '@salesforce/gate/ui.services.LightningConnect.CsrfValidation.enabled';
 import sessionApiEnabled from '@salesforce/gate/ui.uisdk.session.api.enabled';
-import useHttpUiapiOneApp from '@salesforce/gate/lds.useHttpUiapiOneApp';
-import useHttpUiapiOneRuntime from '@salesforce/gate/lds.useHttpUiapiOneRuntime';
+import useHttpUiapiOneAppPublic from '@salesforce/gate/lds.useHttpUiapiOneAppPublic';
+import useHttpUiapiOneAppPrivate from '@salesforce/gate/lds.useHttpUiapiOneAppPrivate';
+import useHttpUiapiOneRuntimePublic from '@salesforce/gate/lds.useHttpUiapiOneRuntimePublic';
+import useHttpUiapiOneRuntimePrivate from '@salesforce/gate/lds.useHttpUiapiOneRuntimePrivate';
 import disableCreateContentDocumentAndVersionHTTPLexRuntime from '@salesforce/gate/lds.lex.http.disableCreateContentDocumentAndVersion';
 import useHotspotLimit from '@salesforce/gate/lds.pdl.useHotspotLimit';
 import { registerSubRequestNetworkAdapter } from 'force/ldsNetwork';
@@ -2760,7 +2762,7 @@ function buildServiceDescriptor$d(luvio) {
         },
     };
 }
-// version: 1.435.1-4492aa27df
+// version: 1.437.0-90398d3223
 
 /*!
  * Copyright (c) 2022, Salesforce, Inc.,
@@ -3113,7 +3115,7 @@ function buildServiceDescriptor$9(notifyRecordUpdateAvailable, getNormalizedLuvi
         },
     };
 }
-// version: 1.435.1-4492aa27df
+// version: 1.437.0-90398d3223
 
 /*!
  * Copyright (c) 2022, Salesforce, Inc.,
@@ -4623,7 +4625,9 @@ var HttpStatusCode;
     HttpStatusCode[HttpStatusCode["Unauthorized"] = 401] = "Unauthorized";
     HttpStatusCode[HttpStatusCode["Forbidden"] = 403] = "Forbidden";
     HttpStatusCode[HttpStatusCode["NotFound"] = 404] = "NotFound";
+    HttpStatusCode[HttpStatusCode["TooManyRequests"] = 429] = "TooManyRequests";
     HttpStatusCode[HttpStatusCode["ServerError"] = 500] = "ServerError";
+    HttpStatusCode[HttpStatusCode["ServiceUnavailable"] = 503] = "ServiceUnavailable";
     HttpStatusCode[HttpStatusCode["GatewayTimeout"] = 504] = "GatewayTimeout";
 })(HttpStatusCode || (HttpStatusCode = {}));
 /**
@@ -4686,7 +4690,7 @@ var TypeCheckShapes;
     TypeCheckShapes[TypeCheckShapes["Integer"] = 3] = "Integer";
     TypeCheckShapes[TypeCheckShapes["Unsupported"] = 4] = "Unsupported";
 })(TypeCheckShapes || (TypeCheckShapes = {}));
-// engine version: 0.160.4-b7e0ea82
+// engine version: 0.160.5-e6ada846
 
 const { keys: keys$1 } = Object;
 
@@ -5743,7 +5747,7 @@ function getEnvironmentSetting(name) {
     }
     return undefined;
 }
-// version: 1.435.1-a9f05717b8
+// version: 1.437.0-f680421dc4
 
 const environmentHasAura = typeof window !== 'undefined' && typeof window.$A !== 'undefined';
 const defaultConfig = {
@@ -6210,6 +6214,7 @@ const CSRF_STORAGE_CONFIG = {
 class CsrfTokenManager {
     constructor() {
         this.tokenPromise = null;
+        this.refreshInFlight = null;
         // Initialize AuraStorage
         this.storage = createStorage(CSRF_STORAGE_CONFIG);
     }
@@ -6285,20 +6290,37 @@ class CsrfTokenManager {
     /**
      * Obtains and returns a new token value as a promise.
      * This will clear the cached token and fetch a fresh one.
+     *
+     * Concurrent calls coalesce onto a single in-flight refresh — important when
+     * multiple requests fail with INVALID_ACCESS_TOKEN simultaneously and each
+     * retry policy independently calls refreshToken(). Without this, every caller
+     * triggers its own /session/csrf round-trip.
      */
-    async refreshToken() {
-        // Clear cached token
-        if (this.storage) {
-            try {
-                await this.storage.remove(CSRF_TOKEN_KEY);
+    refreshToken() {
+        if (this.refreshInFlight) {
+            return this.refreshInFlight;
+        }
+        const refresh = (async () => {
+            if (this.storage) {
+                try {
+                    await this.storage.remove(CSRF_TOKEN_KEY);
+                }
+                catch {
+                    // Non-fatal: continue with refresh even if clear fails
+                }
             }
-            catch {
-                // Non-fatal: continue with refresh even if clear fails
+            return this.fetchFreshToken();
+        })();
+        this.refreshInFlight = refresh;
+        this.tokenPromise = refresh;
+        // Clear the in-flight reference once settled (success or failure) so
+        // subsequent token expirations can trigger a fresh refresh.
+        refresh.finally(() => {
+            if (this.refreshInFlight === refresh) {
+                this.refreshInFlight = null;
             }
-        }
-        // Fetch (and cache) fresh token
-        this.tokenPromise = this.fetchFreshToken();
-        return this.tokenPromise;
+        });
+        return refresh;
     }
     /**
      * Reset the singleton instance (useful for testing).
@@ -6633,6 +6655,147 @@ function buildLuvioThirdPartyTrackerFinishInterceptor() {
     };
 }
 
+const DEFAULT_CONFIG$3 = {
+    maxRetries: 1,
+};
+class LuvioCsrfTokenRetryPolicy extends RetryPolicy {
+    constructor(config = DEFAULT_CONFIG$3) {
+        super();
+        this.config = config;
+        this.csrfTokenManager = CsrfTokenManager.getInstance();
+    }
+    setRequestContext(context) {
+        this.requestContext = context;
+    }
+    async shouldRetry(result, context) {
+        if (context.attempt >= this.config.maxRetries) {
+            return false;
+        }
+        // UIAPI returns 401 for invalid/expired CSRF tokens; the default is 400
+        if (result.status !== 400 && result.status !== 401) {
+            return false;
+        }
+        return isCsrfError$1(result);
+    }
+    async calculateDelay(_result, _context) {
+        return 0;
+    }
+    async prepareRetry(_result, _context) {
+        if (!this.requestContext) {
+            return;
+        }
+        const newToken = await this.csrfTokenManager.refreshToken();
+        const req = this.requestContext.request;
+        const { [CSRF_TOKEN_HEADER]: _stale, ...remainingHeaders } = req.headers ?? {};
+        // If refresh failed, drop the stale token entirely so the request interceptor
+        // will fetch a fresh one via getToken() on the retry.
+        const headers = newToken
+            ? { ...remainingHeaders, [CSRF_TOKEN_HEADER]: newToken }
+            : remainingHeaders;
+        this.requestContext.request = { ...req, headers };
+    }
+}
+/**
+ * Returns true when a Luvio FetchResponse indicates a CSRF token error.
+ * Body is already parsed JSON on FetchResponse, so no clone/json() needed.
+ *
+ * UIAPI error bodies come in both shapes: an object `{ errorCode, message }`
+ * for single errors, or an array `[{ errorCode, message }]` for endpoints that
+ * return collections of errors. Handle both.
+ */
+function isCsrfError$1(response) {
+    const body = response.body;
+    const errorCode = Array.isArray(body) ? body[0]?.errorCode : body?.errorCode;
+    return errorCode === 'INVALID_ACCESS_TOKEN';
+}
+
+const DEFAULT_CONFIG$2 = {
+    maxRetries: 3,
+    maxTimeToRetry: 10000,
+    baseDelay: 250,
+    maxDelay: 5000,
+    exponentialFactor: 2,
+    jitterPercent: 0.5,
+};
+class LuvioFetchThrottlingRetryPolicy extends RetryPolicy {
+    constructor(config = DEFAULT_CONFIG$2) {
+        super();
+        this.config = config;
+    }
+    async shouldRetry(result, context) {
+        return ((result.status === 429 || result.status === 503) &&
+            context.attempt < this.config.maxRetries &&
+            context.totalElapsedMs <= this.config.maxTimeToRetry);
+    }
+    async calculateDelay(result, context) {
+        let delay;
+        const retryAfterHeader = this.parseRetryAfterHeader(result);
+        if (retryAfterHeader !== undefined) {
+            delay = Math.min(retryAfterHeader, this.config.maxDelay);
+        }
+        else {
+            delay = Math.min(this.config.baseDelay * Math.pow(this.config.exponentialFactor, context.attempt), this.config.maxDelay);
+        }
+        const jitter = delay * this.config.jitterPercent * (Math.random() - 0.5);
+        return Math.max(0, delay + jitter);
+    }
+    parseRetryAfterHeader(result) {
+        const headers = result.headers;
+        if (!headers) {
+            return undefined;
+        }
+        // FetchResponse headers is a plain { [key: string]: string } object
+        // (no Headers.get available), so do a case-insensitive lookup manually.
+        let value;
+        for (const key in headers) {
+            if (key.toLowerCase() === 'retry-after') {
+                value = headers[key];
+                break;
+            }
+        }
+        if (!value) {
+            return undefined;
+        }
+        const trimmed = value.trim();
+        if (/^\d+$/.test(trimmed)) {
+            const seconds = Number(trimmed);
+            if (Number.isFinite(seconds) && seconds >= 0) {
+                return seconds * 1000;
+            }
+            return undefined;
+        }
+        const IMF_FIXDATE = /^(Mon|Tue|Wed|Thu|Fri|Sat|Sun), \d{2} (Jan|Feb|Mar|Apr|May|Jun|Jul|Aug|Sep|Oct|Nov|Dec) \d{4} \d{2}:\d{2}:\d{2} GMT$/;
+        if (!IMF_FIXDATE.test(trimmed)) {
+            return undefined;
+        }
+        const millis = Date.parse(trimmed);
+        if (Number.isFinite(millis)) {
+            return Math.max(0, millis - Date.now());
+        }
+        return undefined;
+    }
+}
+
+/**
+ * Builds the LuvioRetryInterceptor used by the UIAPI fetch adapter.
+ *
+ * A fresh RetryService and policy instances are created per request to keep the
+ * CSRF policy's mutableRequest context isolated from concurrent requests.
+ */
+function buildLuvioFetchRetryInterceptor() {
+    return (request, doFetch) => {
+        const csrfPolicy = new LuvioCsrfTokenRetryPolicy();
+        const composedPolicy = new ComposedRetryPolicy([
+            new LuvioFetchThrottlingRetryPolicy(),
+            csrfPolicy,
+        ]);
+        const retryService = new RetryService(composedPolicy);
+        const mutableRequest = { request };
+        csrfPolicy.setRequestContext(mutableRequest);
+        return retryService.applyRetry(() => doFetch(mutableRequest.request));
+    };
+}
+
 const SFDC_REQUEST_ID_KEY = 'X-SFDC-Request-Id';
 function buildTransportMarksSendInterceptor() {
     return async (fetchArgs, context) => {
@@ -6738,31 +6901,187 @@ function isOneRuntime() {
     return !!globalThis.LWR;
 }
 /**
- * Base set of url paths that this adapter can serve via HTTP when enabled.
- * Extend this list to support additional endpoints (see predicate wiring below).
+ * Public UIAPI url paths verified for HTTP transport.
+ *
+ * Inclusion criteria:
+ *   1. The path's underlying Connect resource does NOT carry
+ *      `clientFilters=@ConnectClientFilters({@ConnectClientFilter(key = "UiTier")...})`.
+ *   2. LDS actually invokes this URL via a Luvio adapter wired into
+ *      `ldsEngineCreator.js` (i.e. there is a corresponding `*AdapterFactory`
+ *      import). Connect resources with no LDS adapter are intentionally
+ *      excluded — adding them produces no traffic and just bloats the matcher.
  *
- * Examples:
- * - Add another endpoint pattern:
- *   "/ui-api/records/{recordId}"
- * - Keep placeholders for variable segments wrapped in "{}".
+ * Where a single Connect resource exposes multiple URL shapes (e.g. a 4-segment
+ * GET form alongside a 3-segment POST form), all forms LDS adapters can hit at
+ * runtime are registered.
  */
-const UIAPI_PATHS = [
-    // getObjectInfo
+const UIAPI_PUBLIC_PATHS = [
+    // ----- Object Info -----
+    // getObjectInfo — IObjectInfoResource
     '/ui-api/object-info/{objectApiName}',
-    // getObjectInfos
+    // getObjectInfos (batch) — IObjectInfoBatchResource
     '/ui-api/object-info/batch/{objectApiNames}',
-    // getPicklistValuesByRecordType
+    // getPicklistValues — IPicklistValuesResource
+    '/ui-api/object-info/{objectApiName}/picklist-values/{recordTypeId}/{fieldApiName}',
+    // getPicklistValuesByRecordType — IPicklistValuesByRecordTypeResource
     '/ui-api/object-info/{objectApiName}/picklist-values/{recordTypeId}',
-    // getDuplicates
-    '/ui-api/predupe',
-    // getRecord
+    // ----- Records -----
+    // createRecord (POST) — IRecordDataCollectionResource
+    '/ui-api/records',
+    // getRecord / updateRecord (PATCH) / deleteRecord (DELETE) — IRecordDataResource
     '/ui-api/records/{recordId}',
-    // getRecordUi
+    // getRecords (batch GET) — IBatchRecordDataResource
+    '/ui-api/records/batch/{recordIds}',
+    // executeBatchRecordOperations (POST, no recordIds segment) — IBatchRecordResource
+    '/ui-api/records/batch',
+    // getRecordUi — IRecordUiResource
     '/ui-api/record-ui/{recordIds}',
-    // getRelatedListInfo
+    // ----- Layout -----
+    // getLayout — ILayoutResource
+    '/ui-api/layout/{objectApiName}',
+    // getPathLayout — IPathLayoutResource
+    '/ui-api/path/layout/{objectApiName}',
+    // ----- Record Defaults -----
+    // getRecordCreateDefaults — IRecordCreateDefaultsResource
+    '/ui-api/record-defaults/create/{objectApiName}',
+    // getRecordDefaultsTemplateForCreate — IRecordDefaultsTemplateCreateResource
+    '/ui-api/record-defaults/template/create/{objectApiName}',
+    // getRecordDefaultsTemplateClone — IRecordDefaultsTemplateCloneResource
+    '/ui-api/record-defaults/template/clone/{recordId}',
+    // ----- Duplicates -----
+    // getDuplicateConfig — IDuplicateConfigResource
+    '/ui-api/duplicates/{objectApiName}',
+    // findDuplicates (POST) — IPredupeResource
+    '/ui-api/predupe',
+    // ----- GraphQL -----
+    // executeGraphQL (POST) — IGraphQLResource (no /ui-api prefix)
+    '/graphql',
+    // ----- List UI -----
+    // getListUiByName (2-segment form) — IListUiResource212
+    '/ui-api/list-ui/{objectApiName}/{listViewApiName}',
+    // 1-segment form covers both:
+    //   /ui-api/list-ui/{listViewId} — IListUiResource
+    //   /ui-api/list-ui/{objectApiName} — IListCollectionResource
+    '/ui-api/list-ui/{objectApiNameOrListViewId}',
+    // getListInfoByName (GET) / updateListInfoByApiName (PATCH) / deleteListInfo (DELETE) — IListInfoResource
+    // (Also covers /ui-api/list-info/{listViewId} via shape collision.)
+    '/ui-api/list-info/{objectApiName}/{listViewApiName}',
+    // getListInfosByObjectName (GET) / createListInfo (POST) — IListInfoCreationAndCollectionResource
+    // (Also covers /ui-api/list-info/batch — IListInfoBatchResource — via shape collision.)
+    '/ui-api/list-info/{objectApiName}',
+    // getListObjectInfo — IListObjectInfoResource
+    '/ui-api/list-object-info/{objectApiName}',
+    // postListRecordsByName (POST) — IListRecordsResource
+    '/ui-api/list-records/{objectApiName}/{listViewApiName}',
+    // getListPreferences (GET) / updateListPreferences (PATCH) — IListPreferencesResource
+    '/ui-api/list-preferences/{objectApiName}/{listViewApiName}',
+    // ----- Related List UI -----
+    // getRelatedListInfo (GET) / updateRelatedListInfo (PATCH) — IRelatedListInfoResource
+    // (Also covers /ui-api/related-list-info/{parentRecordId}/{relatedListId} via shape collision.)
     '/ui-api/related-list-info/{parentObjectApiName}/{relatedListId}',
-    // getRelatedListRecords
+    // getRelatedListInfoBatch — IRelatedListInfoBatchResource
+    '/ui-api/related-list-info/batch/{parentObjectApiName}/{relatedListNames}',
+    // getRelatedListsInfo (collection) — IRelatedListInfoCollectionResource
+    '/ui-api/related-list-info/{parentObjectApiName}',
+    // postRelatedListRecords (POST) — IRelatedListRecordsResource
     '/ui-api/related-list-records/{parentRecordId}/{relatedListId}',
+    // postRelatedListRecordsBatch (POST, 3-segment form) — IRelatedListRecordsBatchResource
+    '/ui-api/related-list-records/batch/{parentRecordId}',
+    // getRelatedListRecordsBatch (GET, 4-segment form) — IRelatedListRecordsBatchResource [newly added]
+    '/ui-api/related-list-records/batch/{parentRecordId}/{relatedListIds}',
+    // getRelatedListCount — IRelatedListRecordCountResource
+    '/ui-api/related-list-count/{parentRecordId}/{relatedListId}',
+    // getRelatedListsCount (batch) — IRelatedListRecordCountBatchResource
+    '/ui-api/related-list-count/batch/{parentRecordId}/{relatedListNames}',
+    // getRelatedListPreferences (GET) / updateRelatedListPreferences (PATCH) — IRelatedListPreferencesResource
+    '/ui-api/related-list-preferences/{preferencesId}',
+    // getRelatedListPreferencesBatch — IRelatedListPreferencesBatchResource
+    '/ui-api/related-list-preferences/batch/{preferencesIds}',
+    // ----- Actions -----
+    // getGlobalActions — IActionGlobalResource
+    '/ui-api/actions/global',
+    // getActionLayout — IActionLayoutResource
+    '/ui-api/actions/layout/{actionApiName}',
+    // getLookupActions — IActionLookupResource
+    '/ui-api/actions/lookup/{objectApiNames}',
+    // getObjectCreateActions — IActionObjectResource
+    '/ui-api/actions/object/{objectApiName}/record-create',
+    // getActionOverrides — IActionOverrideResource
+    '/ui-api/actions/overrides/{objectApiName}',
+    // performQuickAction (POST) / performUpdateRecordQuickAction (PATCH) — IActionPerformQuickActionResource
+    '/ui-api/actions/perform-quick-action/{actionApiName}',
+    // getQuickActionInfo — IActionQuickActionInfoResource
+    '/ui-api/actions/quick-action-info/{actionApiName}',
+    // getRecordActions — IActionRecordResource
+    '/ui-api/actions/record/{recordIds}',
+    // getRecordEditActions — IActionRecordEditResource
+    '/ui-api/actions/record/{recordIds}/record-edit',
+    // getAllRelatedListActionsForRecord (4-segment form) — IActionRelatedListResource [newly added]
+    '/ui-api/actions/record/{recordIds}/related-list',
+    // postRelatedListActions (POST) — IActionRelatedListResource
+    '/ui-api/actions/record/{recordIds}/related-list/{relatedListId}',
+    // postRelatedListsActions (POST) / getRelatedListsActions (GET, 5-segment form) — IActionRelatedListBatchResource
+    '/ui-api/actions/record/{recordIds}/related-list/batch',
+    // getRelatedListsActions (GET, 6-segment form) — IActionRelatedListBatchResource [newly added]
+    '/ui-api/actions/record/{recordIds}/related-list/batch/{relatedListIds}',
+    // getRelatedListRecordActions — IActionRelatedListRecordResource
+    '/ui-api/actions/record/{recordIds}/related-list-record/{relatedListRecordIds}',
+    // getQuickActionDefaults — IActionQuickActionDefaultsResource
+    '/ui-api/actions/record-defaults/{actionApiName}',
+    // getFlexipageFormulaOverrides — IActionFlexipageFormulaActivationResource
+    '/ui-api/actions/formula-activation/{actionFeature}',
+    // ----- Lookup / Search -----
+    // lookup (POST) — ILookupEntityResource
+    '/ui-api/lookups/{objectApiName}/{keyPrefix}/{targetApiName}',
+    // searchResults (POST) — ISearchResultsResource
+    '/ui-api/search/results',
+    // searchKeywordResults (POST) — IKeywordSearchResultsResource
+    '/ui-api/search/results/keyword',
+    // getSearchFilterMetadata — ISearchInfoFilterMetadataCollectionResource
+    '/ui-api/search-info/{objectApiName}/filters',
+    // getSearchFilterOptions — ISearchInfoFilterOptionsResource
+    '/ui-api/search-info/{objectApiName}/filters/{filterApiName}/options',
+    // getLookupMetadata — ILookupMetadataResource
+    '/ui-api/search-info/{objectApiName}/lookup/{fieldApiName}',
+    // ----- MRU Lists -----
+    // getMruListUi — IMruListUiResource
+    '/ui-api/mru-list-ui/{objectApiName}',
+    // getMruListRecords — IMruListRecordsResource
+    '/ui-api/mru-list-records/{objectApiName}',
+    // ----- Apps / Nav -----
+    // getNavItems — INavItemsResource
+    '/ui-api/nav-items',
+    // getAllApps — IAppsResource
+    '/ui-api/apps',
+    // getAppDetails — IAppResource
+    '/ui-api/apps/{appId}',
+];
+/**
+ * Private UIAPI url paths gated by the private-endpoint gates per runtime.
+ *
+ * Inclusion criteria:
+ *   1. The path's underlying Connect resource carries
+ *      `clientFilters=@ConnectClientFilters({@ConnectClientFilter(key = "UiTier")...})`,
+ *      which restricts callers to the UI tier (one.app / UISDK runtime) and
+ *      excludes the public REST API.
+ *   2. LDS actually invokes this URL via a Luvio adapter wired into
+ *      `ldsEngineCreator.js`.
+ */
+const UIAPI_PRIVATE_PATHS = [
+    // ----- Record Avatars -----
+    // getRecordAvatars (batch) — IRecordAvatarsBatchResource
+    '/ui-api/record-avatars/batch/{recordIds}',
+    // updateRecordAvatar (POST) — IRecordAvatarsAssociationResource
+    '/ui-api/record-avatars/{recordId}/association',
+    // ----- Layout -----
+    // getLayoutUserState (GET) / updateLayoutUserState (PATCH) — ILayoutUserStateResource
+    '/ui-api/layout/{objectApiName}/user-state',
+    // ----- GraphQL -----
+    // executeGraphQLBatch (POST) — IGraphQLBatchResource (no /ui-api prefix)
+    '/graphql/batch',
+    // ----- Aggregate UI -----
+    // executeAggregateUi (POST) — IAggregateUiResource
+    '/ui-api/aggregate-ui',
 ];
 /**
  * Single content documents version URL enabled/disabled by killswitch.
@@ -6784,15 +7103,25 @@ const CONTENT_DOCUMENTS_VERSIONS_PATH = '/ui-api/records/content-documents/conte
  * }
  */
 const PREDICATE_PATH_SETS = [
-    // One Runtime gate
+    // One Runtime — public UIAPI endpoints
+    {
+        predicate: () => isOneRuntime() && useHttpUiapiOneRuntimePublic.isOpen({ fallback: false }),
+        paths: UIAPI_PUBLIC_PATHS,
+    },
+    // One Runtime — private UIAPI endpoints
+    {
+        predicate: () => isOneRuntime() && useHttpUiapiOneRuntimePrivate.isOpen({ fallback: false }),
+        paths: UIAPI_PRIVATE_PATHS,
+    },
+    // one.app — public UIAPI endpoints
     {
-        predicate: () => isOneRuntime() && useHttpUiapiOneRuntime.isOpen({ fallback: false }),
-        paths: UIAPI_PATHS,
+        predicate: () => !isOneRuntime() && useHttpUiapiOneAppPublic.isOpen({ fallback: false }),
+        paths: UIAPI_PUBLIC_PATHS,
     },
-    // one.app gate
+    // one.app — private UIAPI endpoints
     {
-        predicate: () => !isOneRuntime() && useHttpUiapiOneApp.isOpen({ fallback: false }),
-        paths: UIAPI_PATHS,
+        predicate: () => !isOneRuntime() && useHttpUiapiOneAppPrivate.isOpen({ fallback: false }),
+        paths: UIAPI_PRIVATE_PATHS,
     },
     // disableCreateContentDocumentAndVersionHTTPLexRuntime killswitch
     {
@@ -6865,6 +7194,7 @@ const composedFetchNetworkAdapter = {
             buildLuvioPageScopedCacheRequestInterceptor(),
             buildLuvioCsrfTokenInterceptor(),
         ],
+        retry: buildLuvioFetchRetryInterceptor(),
         response: [
             buildLexRuntimeLuvio5xxStatusResponseInterceptor(),
             buildLexRuntimeLuvioAuthExpirationRedirectResponseInterceptor(),
@@ -6931,12 +7261,12 @@ class CsrfTokenRetryPolicy extends RetryPolicy {
         if (context.attempt >= this.config.maxRetries) {
             return false;
         }
-        // Only retry on 400 status
-        if (result.status !== 400) {
+        // UIAPI returns 401 for invalid/expired CSRF tokens; the default is 400.
+        if (result.status !== 400 && result.status !== 401) {
             return false;
         }
         // Check if this is a CSRF error by examining the response body
-        // This avoids retrying all 400s (validation errors, bad requests, etc.)
+        // This avoids retrying all 400s/401s (validation errors, auth errors, etc.)
         return isCsrfError(result);
     }
     /**
@@ -6985,8 +7315,10 @@ async function isCsrfError(response) {
         // Clone to avoid consuming the original response
         const cloned = response.clone();
         const body = await cloned.json();
-        // Check the error array format: body[0].errorCode
-        const errorCode = body?.[0]?.errorCode;
+        // UIAPI error bodies come in both shapes: an object `{ errorCode, message }`
+        // for single errors, or an array `[{ errorCode, message }]` for endpoints
+        // that return collections of errors. Handle both.
+        const errorCode = Array.isArray(body) ? body[0]?.errorCode : body?.errorCode;
         return errorCode === 'INVALID_ACCESS_TOKEN';
     }
     catch {
@@ -10585,4 +10917,4 @@ function ldsEngineCreator() {
 }
 
 export { LexRequestStrategy, PdlPrefetcherEventType, PdlRequestPriority, buildPredictorForContext, configService, ldsEngineCreator as default, initializeLDS, initializeOneStore, notifyUpdateAvailableFactory, registerRequestStrategy, saveRequestAsPrediction, subscribeToPrefetcherEvents, unregisterRequestStrategy, whenPredictionsReady };
-// version: 1.435.1-4492aa27df
+// version: 1.437.0-90398d3223

package/dist/types/network-fetch.d.ts

@@ -2,15 +2,33 @@ import { type ResourceRequest } from '@luvio/engine';
 import type { RequestLogger } from '@salesforce/lds-network-fetch';
 import type { RequestTracker } from './instrumentation-utils';
 /**
- * Base set of url paths that this adapter can serve via HTTP when enabled.
- * Extend this list to support additional endpoints (see predicate wiring below).
+ * Public UIAPI url paths verified for HTTP transport.
  *
- * Examples:
- * - Add another endpoint pattern:
- *   "/ui-api/records/{recordId}"
- * - Keep placeholders for variable segments wrapped in "{}".
+ * Inclusion criteria:
+ *   1. The path's underlying Connect resource does NOT carry
+ *      `clientFilters=@ConnectClientFilters({@ConnectClientFilter(key = "UiTier")...})`.
+ *   2. LDS actually invokes this URL via a Luvio adapter wired into
+ *      `ldsEngineCreator.js` (i.e. there is a corresponding `*AdapterFactory`
+ *      import). Connect resources with no LDS adapter are intentionally
+ *      excluded — adding them produces no traffic and just bloats the matcher.
+ *
+ * Where a single Connect resource exposes multiple URL shapes (e.g. a 4-segment
+ * GET form alongside a 3-segment POST form), all forms LDS adapters can hit at
+ * runtime are registered.
+ */
+export declare const UIAPI_PUBLIC_PATHS: string[];
+/**
+ * Private UIAPI url paths gated by the private-endpoint gates per runtime.
+ *
+ * Inclusion criteria:
+ *   1. The path's underlying Connect resource carries
+ *      `clientFilters=@ConnectClientFilters({@ConnectClientFilter(key = "UiTier")...})`,
+ *      which restricts callers to the UI tier (one.app / UISDK runtime) and
+ *      excludes the public REST API.
+ *   2. LDS actually invokes this URL via a Luvio adapter wired into
+ *      `ldsEngineCreator.js`.
  */
-export declare const UIAPI_PATHS: string[];
+export declare const UIAPI_PRIVATE_PATHS: string[];
 /**
  * Single content documents version URL enabled/disabled by killswitch.
  * Exported for reuse in tests.

package/dist/types/request-interceptors/csrf-manager.d.ts

@@ -5,6 +5,7 @@
 declare class CsrfTokenManager {
     private static instance;
     private tokenPromise;
+    private refreshInFlight;
     private storage;
     private constructor();
     static getInstance(): CsrfTokenManager;
@@ -28,6 +29,11 @@ declare class CsrfTokenManager {
     /**
      * Obtains and returns a new token value as a promise.
      * This will clear the cached token and fetch a fresh one.
+     *
+     * Concurrent calls coalesce onto a single in-flight refresh — important when
+     * multiple requests fail with INVALID_ACCESS_TOKEN simultaneously and each
+     * retry policy independently calls refreshToken(). Without this, every caller
+     * triggers its own /session/csrf round-trip.
      */
     refreshToken(): Promise<string | undefined>;
     /**

package/dist/types/request-interceptors/csrf-token.d.ts

@@ -1,5 +1,6 @@
 import type { RequestInterceptor } from '@conduit-client/service-fetch-network/v1';
 import type { ResourceRequest } from '@luvio/engine';
+export declare const CSRF_TOKEN_HEADER = "X-CSRF-Token";
 /**
  * Builds a request interceptor that adds CSRF token headers to mutating requests.
  * The CSRF token is fetched once and cached for subsequent requests.

package/dist/types/retry-interceptors/luvio-fetch-retry.d.ts

@@ -0,0 +1,8 @@
+import type { LuvioRetryInterceptor } from '@salesforce/lds-network-fetch';
+/**
+ * Builds the LuvioRetryInterceptor used by the UIAPI fetch adapter.
+ *
+ * A fresh RetryService and policy instances are created per request to keep the
+ * CSRF policy's mutableRequest context isolated from concurrent requests.
+ */
+export declare function buildLuvioFetchRetryInterceptor(): LuvioRetryInterceptor;

package/dist/types/retry-policies/luvio-csrf-token-retry-policy.d.ts

@@ -0,0 +1,32 @@
+import type { RetryContext } from '@conduit-client/service-retry/v1';
+import { RetryPolicy } from '@conduit-client/service-retry/v1';
+import type { FetchResponse, ResourceRequest } from '@luvio/engine';
+type LuvioCsrfTokenRetryPolicyConfig = {
+    maxRetries: number;
+};
+/**
+ * Mutable container for the ResourceRequest that can be updated between retries.
+ */
+export interface MutableLuvioRequest {
+    request: ResourceRequest;
+}
+export declare class LuvioCsrfTokenRetryPolicy extends RetryPolicy<FetchResponse<any>> {
+    private config;
+    private csrfTokenManager;
+    private requestContext?;
+    constructor(config?: LuvioCsrfTokenRetryPolicyConfig);
+    setRequestContext(context: MutableLuvioRequest): void;
+    shouldRetry(result: FetchResponse<any>, context: RetryContext<FetchResponse<any>>): Promise<boolean>;
+    calculateDelay(_result: FetchResponse<any>, _context: RetryContext<FetchResponse<any>>): Promise<number>;
+    prepareRetry(_result: FetchResponse<any>, _context: RetryContext<FetchResponse<any>>): Promise<void>;
+}
+/**
+ * Returns true when a Luvio FetchResponse indicates a CSRF token error.
+ * Body is already parsed JSON on FetchResponse, so no clone/json() needed.
+ *
+ * UIAPI error bodies come in both shapes: an object `{ errorCode, message }`
+ * for single errors, or an array `[{ errorCode, message }]` for endpoints that
+ * return collections of errors. Handle both.
+ */
+export declare function isCsrfError(response: FetchResponse<any>): boolean;
+export {};

package/dist/types/retry-policies/luvio-fetch-throttling-retry-policy.d.ts

@@ -0,0 +1,18 @@
+import { RetryPolicy, type RetryContext } from '@conduit-client/service-retry/v1';
+import type { FetchResponse } from '@luvio/engine';
+type LuvioFetchThrottlingRetryPolicyConfig = {
+    maxRetries: number;
+    maxTimeToRetry: number;
+    baseDelay: number;
+    maxDelay: number;
+    exponentialFactor: number;
+    jitterPercent: number;
+};
+export declare class LuvioFetchThrottlingRetryPolicy extends RetryPolicy<FetchResponse<any>> {
+    private config;
+    constructor(config?: LuvioFetchThrottlingRetryPolicyConfig);
+    shouldRetry(result: FetchResponse<any>, context: RetryContext<FetchResponse<any>>): Promise<boolean>;
+    calculateDelay(result: FetchResponse<any>, context: RetryContext<FetchResponse<any>>): Promise<number>;
+    parseRetryAfterHeader(result: FetchResponse<any>): number | undefined;
+}
+export {};

package/package.json

@@ -1,6 +1,6 @@
 {
     "name": "@salesforce/lds-runtime-aura",
-    "version": "1.435.1",
+    "version": "1.437.0",
     "license": "SEE LICENSE IN LICENSE.txt",
     "description": "LDS engine for Aura runtime",
     "main": "dist/ldsEngineCreator.js",
@@ -36,15 +36,15 @@
     "devDependencies": {
         "@conduit-client/service-provisioner": "3.19.5",
         "@conduit-client/tools-core": "3.19.5",
-        "@salesforce/lds-adapters-apex": "^1.435.1",
-        "@salesforce/lds-adapters-uiapi": "^1.435.1",
-        "@salesforce/lds-ads-bridge": "^1.435.1",
-        "@salesforce/lds-aura-storage": "^1.435.1",
-        "@salesforce/lds-bindings": "^1.435.1",
-        "@salesforce/lds-instrumentation": "^1.435.1",
-        "@salesforce/lds-network-adapter": "^1.435.1",
-        "@salesforce/lds-network-aura": "^1.435.1",
-        "@salesforce/lds-network-fetch": "^1.435.1",
+        "@salesforce/lds-adapters-apex": "^1.437.0",
+        "@salesforce/lds-adapters-uiapi": "^1.437.0",
+        "@salesforce/lds-ads-bridge": "^1.437.0",
+        "@salesforce/lds-aura-storage": "^1.437.0",
+        "@salesforce/lds-bindings": "^1.437.0",
+        "@salesforce/lds-instrumentation": "^1.437.0",
+        "@salesforce/lds-network-adapter": "^1.437.0",
+        "@salesforce/lds-network-aura": "^1.437.0",
+        "@salesforce/lds-network-fetch": "^1.437.0",
         "jwt-encode": "1.0.1"
     },
     "dependencies": {
@@ -72,22 +72,22 @@
         "@conduit-client/service-pubsub": "3.19.5",
         "@conduit-client/service-store": "3.19.5",
         "@conduit-client/utils": "3.19.5",
-        "@luvio/network-adapter-composable": "0.160.4",
-        "@luvio/network-adapter-fetch": "0.160.4",
+        "@luvio/network-adapter-composable": "0.160.5",
+        "@luvio/network-adapter-fetch": "0.160.5",
         "@lwc/state": "^0.29.0",
-        "@salesforce/lds-adapters-onestore-graphql": "^1.435.1",
+        "@salesforce/lds-adapters-onestore-graphql": "^1.437.0",
         "@salesforce/lds-adapters-uiapi-lex": "^1.415.0",
-        "@salesforce/lds-durable-storage": "^1.435.1",
-        "@salesforce/lds-luvio-service": "^1.435.1",
-        "@salesforce/lds-luvio-uiapi-records-service": "^1.435.1"
+        "@salesforce/lds-durable-storage": "^1.437.0",
+        "@salesforce/lds-luvio-service": "^1.437.0",
+        "@salesforce/lds-luvio-uiapi-records-service": "^1.437.0"
     },
     "luvioBundlesize": [
         {
             "path": "./dist/ldsEngineCreator.js",
             "maxSize": {
-                "none": "370 kB",
+                "none": "383 kB",
                 "min": "190 kB",
-                "compressed": "61.9 kB"
+                "compressed": "63 kB"
             }
         }
     ],