@scadable/privacy 0.1.0

package/README.md

@@ -0,0 +1,60 @@
+# @scadable/privacy
+
+Render your always-current privacy policy in a Next.js app. You publish the policy once
+in the SCADABLE app; this component shows whatever version is currently published, so
+updating your policy never means a redeploy on your side.
+
+## Install
+
+```bash
+npm install @scadable/privacy
+```
+
+## Use (App Router)
+
+Drop the component on your privacy page. It is a Server Component, so the policy text is
+server-rendered (good for SEO) and cached.
+
+```tsx
+import { PrivacyPolicy } from '@scadable/privacy';
+
+export default function PrivacyPage() {
+  return (
+    <main>
+      <PrivacyPolicy token="YOUR_PUBLIC_TOKEN" />
+    </main>
+  );
+}
+```
+
+Get `YOUR_PUBLIC_TOKEN` from the SCADABLE app after you publish a policy.
+
+### Options
+
+| Prop | Type | Default | Notes |
+| --- | --- | --- | --- |
+| `token` | `string` | required | Your scope's public token. |
+| `className` | `string` | none | Class on the wrapper element. |
+| `showVersion` | `boolean` | `false` | Show a "Version N, last updated ..." line. |
+| `revalidate` | `number \| false` | `3600` | Next.js ISR seconds. `false` = always fresh. |
+| `docType` | `string` | `"privacy_policy"` | Which document to render. |
+| `baseUrl` | `string` | `https://api.scadable.com` | Override the API base. |
+
+## Just the data
+
+If you want to render it yourself:
+
+```ts
+import { fetchPolicy } from '@scadable/privacy';
+
+const policy = await fetchPolicy('YOUR_PUBLIC_TOKEN');
+// { scope_name, domain, version, effective_date, updated_at, html }
+```
+
+`policy.html` is an HTML content fragment with scoped styles (class `scadable-policy`),
+safe to inject inline.
+
+## Notes
+
+- This package only talks to the public SCADABLE API. It stores no secrets.
+- The rendered HTML is your own published policy content from the SCADABLE API.

package/dist/index.cjs

@@ -0,0 +1,44 @@
+'use strict';
+
+var jsxRuntime = require('react/jsx-runtime');
+
+// src/client.ts
+var DEFAULT_BASE_URL = "https://api.scadable.com";
+async function fetchPolicy(token, options = {}) {
+  if (!token) {
+    throw new Error("@scadable/privacy: a policy token is required");
+  }
+  const baseUrl = (options.baseUrl ?? DEFAULT_BASE_URL).replace(/\/$/, "");
+  const docType = options.docType ?? "privacy_policy";
+  const revalidate = options.revalidate ?? 3600;
+  const url = `${baseUrl}/policy/${encodeURIComponent(token)}?doc_type=${encodeURIComponent(docType)}&format=json`;
+  const init = revalidate === false ? { cache: "no-store" } : { next: { revalidate } };
+  const res = await fetch(url, init);
+  if (!res.ok) {
+    throw new Error(`@scadable/privacy: failed to load policy (${res.status}) for token "${token}"`);
+  }
+  return await res.json();
+}
+async function PrivacyPolicy({
+  token,
+  className,
+  showVersion = false,
+  ...options
+}) {
+  const policy = await fetchPolicy(token, options);
+  return /* @__PURE__ */ jsxRuntime.jsxs("div", { className, children: [
+    /* @__PURE__ */ jsxRuntime.jsx("div", { dangerouslySetInnerHTML: { __html: policy.html } }),
+    showVersion && policy.updated_at ? /* @__PURE__ */ jsxRuntime.jsxs("p", { style: { fontSize: 12, color: "#9ca3af", marginTop: 24 }, children: [
+      "Version ",
+      policy.version,
+      ". Last updated",
+      " ",
+      new Date(policy.updated_at).toLocaleDateString(),
+      "."
+    ] }) : null
+  ] });
+}
+
+exports.DEFAULT_BASE_URL = DEFAULT_BASE_URL;
+exports.PrivacyPolicy = PrivacyPolicy;
+exports.fetchPolicy = fetchPolicy;

package/dist/index.d.cts

@@ -0,0 +1,66 @@
+import * as React from 'react';
+
+interface Policy {
+    /** The name you gave the scope (your company / site). */
+    scope_name: string;
+    domain: string;
+    /** "privacy_policy" today; more document types later. */
+    doc_type: string;
+    /** The published version number that is currently live. */
+    version: number;
+    effective_date: string;
+    /** ISO timestamp of when this version was published, or null. */
+    updated_at: string | null;
+    /** The rendered policy as an HTML content fragment (no <html> wrapper). */
+    html: string;
+}
+interface FetchPolicyOptions {
+    /** Which document to fetch. Default "privacy_policy". */
+    docType?: string;
+    /** Override the API base. Default "https://api.scadable.com". */
+    baseUrl?: string;
+    /**
+     * Next.js ISR revalidation, in seconds. The policy is server-rendered and
+     * cached for this long, then refreshed, so it stays current without a fetch
+     * on every request. Pass false to always fetch fresh. Default 3600 (1 hour).
+     */
+    revalidate?: number | false;
+}
+
+declare const DEFAULT_BASE_URL = "https://api.scadable.com";
+/**
+ * Fetch the currently published policy for a public token.
+ *
+ * Works anywhere `fetch` is available. In a Next.js Server Component it uses ISR
+ * caching (the `revalidate` option) so the policy is server-rendered and cached,
+ * then refreshed, which keeps it both fast and current.
+ */
+declare function fetchPolicy(token: string, options?: FetchPolicyOptions): Promise<Policy>;
+
+interface PrivacyPolicyProps extends FetchPolicyOptions {
+    /** The public token from the SCADABLE app. */
+    token: string;
+    /** Optional wrapper class so you can style/position the policy. */
+    className?: string;
+    /** Show a small "Version N, last updated ..." line under the policy. Default false. */
+    showVersion?: boolean;
+}
+/**
+ * A React Server Component that renders your always-current privacy policy.
+ *
+ * It is server-rendered, so the legal text is in the initial HTML (crawlable),
+ * and cached via Next.js ISR (the `revalidate` option), so it stays current
+ * without fetching on every request. The HTML comes from the SCADABLE API
+ * (your own published, trusted content), injected as a content fragment.
+ *
+ * ```tsx
+ * import { PrivacyPolicy } from '@scadable/privacy';
+ *
+ * export default function Page() {
+ *   return <PrivacyPolicy token="YOUR_PUBLIC_TOKEN" />;
+ * }
+ * ```
+ */
+declare function PrivacyPolicy({ token, className, showVersion, ...options }: PrivacyPolicyProps): Promise<React.JSX.Element>;
+
+export { DEFAULT_BASE_URL, type FetchPolicyOptions, type Policy, PrivacyPolicy, type PrivacyPolicyProps, fetchPolicy };

package/dist/index.d.ts

@@ -0,0 +1,66 @@
+import * as React from 'react';
+
+interface Policy {
+    /** The name you gave the scope (your company / site). */
+    scope_name: string;
+    domain: string;
+    /** "privacy_policy" today; more document types later. */
+    doc_type: string;
+    /** The published version number that is currently live. */
+    version: number;
+    effective_date: string;
+    /** ISO timestamp of when this version was published, or null. */
+    updated_at: string | null;
+    /** The rendered policy as an HTML content fragment (no <html> wrapper). */
+    html: string;
+}
+interface FetchPolicyOptions {
+    /** Which document to fetch. Default "privacy_policy". */
+    docType?: string;
+    /** Override the API base. Default "https://api.scadable.com". */
+    baseUrl?: string;
+    /**
+     * Next.js ISR revalidation, in seconds. The policy is server-rendered and
+     * cached for this long, then refreshed, so it stays current without a fetch
+     * on every request. Pass false to always fetch fresh. Default 3600 (1 hour).
+     */
+    revalidate?: number | false;
+}
+
+declare const DEFAULT_BASE_URL = "https://api.scadable.com";
+/**
+ * Fetch the currently published policy for a public token.
+ *
+ * Works anywhere `fetch` is available. In a Next.js Server Component it uses ISR
+ * caching (the `revalidate` option) so the policy is server-rendered and cached,
+ * then refreshed, which keeps it both fast and current.
+ */
+declare function fetchPolicy(token: string, options?: FetchPolicyOptions): Promise<Policy>;
+
+interface PrivacyPolicyProps extends FetchPolicyOptions {
+    /** The public token from the SCADABLE app. */
+    token: string;
+    /** Optional wrapper class so you can style/position the policy. */
+    className?: string;
+    /** Show a small "Version N, last updated ..." line under the policy. Default false. */
+    showVersion?: boolean;
+}
+/**
+ * A React Server Component that renders your always-current privacy policy.
+ *
+ * It is server-rendered, so the legal text is in the initial HTML (crawlable),
+ * and cached via Next.js ISR (the `revalidate` option), so it stays current
+ * without fetching on every request. The HTML comes from the SCADABLE API
+ * (your own published, trusted content), injected as a content fragment.
+ *
+ * ```tsx
+ * import { PrivacyPolicy } from '@scadable/privacy';
+ *
+ * export default function Page() {
+ *   return <PrivacyPolicy token="YOUR_PUBLIC_TOKEN" />;
+ * }
+ * ```
+ */
+declare function PrivacyPolicy({ token, className, showVersion, ...options }: PrivacyPolicyProps): Promise<React.JSX.Element>;
+
+export { DEFAULT_BASE_URL, type FetchPolicyOptions, type Policy, PrivacyPolicy, type PrivacyPolicyProps, fetchPolicy };

package/dist/index.js

@@ -0,0 +1,40 @@
+import { jsxs, jsx } from 'react/jsx-runtime';
+
+// src/client.ts
+var DEFAULT_BASE_URL = "https://api.scadable.com";
+async function fetchPolicy(token, options = {}) {
+  if (!token) {
+    throw new Error("@scadable/privacy: a policy token is required");
+  }
+  const baseUrl = (options.baseUrl ?? DEFAULT_BASE_URL).replace(/\/$/, "");
+  const docType = options.docType ?? "privacy_policy";
+  const revalidate = options.revalidate ?? 3600;
+  const url = `${baseUrl}/policy/${encodeURIComponent(token)}?doc_type=${encodeURIComponent(docType)}&format=json`;
+  const init = revalidate === false ? { cache: "no-store" } : { next: { revalidate } };
+  const res = await fetch(url, init);
+  if (!res.ok) {
+    throw new Error(`@scadable/privacy: failed to load policy (${res.status}) for token "${token}"`);
+  }
+  return await res.json();
+}
+async function PrivacyPolicy({
+  token,
+  className,
+  showVersion = false,
+  ...options
+}) {
+  const policy = await fetchPolicy(token, options);
+  return /* @__PURE__ */ jsxs("div", { className, children: [
+    /* @__PURE__ */ jsx("div", { dangerouslySetInnerHTML: { __html: policy.html } }),
+    showVersion && policy.updated_at ? /* @__PURE__ */ jsxs("p", { style: { fontSize: 12, color: "#9ca3af", marginTop: 24 }, children: [
+      "Version ",
+      policy.version,
+      ". Last updated",
+      " ",
+      new Date(policy.updated_at).toLocaleDateString(),
+      "."
+    ] }) : null
+  ] });
+}
+
+export { DEFAULT_BASE_URL, PrivacyPolicy, fetchPolicy };

package/package.json

@@ -0,0 +1,57 @@
+{
+  "name": "@scadable/privacy",
+  "version": "0.1.0",
+  "description": "Render your always-current SCADABLE privacy policy in a Next.js app.",
+  "license": "MIT",
+  "type": "module",
+  "sideEffects": false,
+  "main": "./dist/index.cjs",
+  "module": "./dist/index.js",
+  "types": "./dist/index.d.ts",
+  "exports": {
+    ".": {
+      "types": "./dist/index.d.ts",
+      "import": "./dist/index.js",
+      "require": "./dist/index.cjs"
+    }
+  },
+  "files": [
+    "dist",
+    "README.md"
+  ],
+  "scripts": {
+    "build": "tsup",
+    "dev": "tsup --watch",
+    "typecheck": "tsc --noEmit",
+    "prepublishOnly": "npm run build"
+  },
+  "keywords": [
+    "scadable",
+    "privacy",
+    "privacy-policy",
+    "compliance",
+    "gdpr",
+    "ccpa",
+    "nextjs",
+    "react"
+  ],
+  "peerDependencies": {
+    "next": ">=13",
+    "react": ">=18"
+  },
+  "devDependencies": {
+    "@types/react": "^18.3.0",
+    "next": "^14.2.0",
+    "react": "^18.3.0",
+    "tsup": "^8.3.0",
+    "typescript": "^5.6.0"
+  },
+  "publishConfig": {
+    "access": "public"
+  },
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/scadable/sdk.git",
+    "directory": "next"
+  }
+}