@signstack/cli 0.1.1

package/dist/libs/signstack/base/src/lib/models/template.d.ts

@@ -0,0 +1,248 @@
+import { ActorRef, ListResp, LiteralOrExpression, ResourceListItemBase, ResourceMetadata, VersionType } from './base';
+import type { AssetResource } from './asset';
+import type { JsonataFunctionResource } from './jsonata-function';
+import type { SchemaResource } from './schema';
+import { FunctionDependency } from './jsonata-function';
+export interface TemplateResource {
+    metadata: ResourceMetadata;
+    spec: TemplateSpec;
+}
+export interface TemplateSpec {
+    type: TemplateType;
+    contentKey?: string;
+    contentVersion?: string;
+    data?: HtmlDataConfig;
+    fields?: TemplateFieldInfo[];
+    inputs?: Input[];
+    roles?: TemplateRole[];
+    functions?: FunctionDependency[];
+}
+export interface Input {
+    key: string;
+    name?: string;
+    description?: string;
+    schemaKey: string;
+    schemaVersion: string;
+    required: LiteralOrExpression<boolean>;
+}
+export interface TemplateFieldInfo {
+    key: string;
+    type: FieldType;
+    value?: LiteralOrExpression<string | number | boolean | Date>;
+    includeIf?: string;
+    widgets: FieldWidgetInfo[];
+    role?: string;
+}
+export interface HtmlDataConfig {
+    transform: string;
+}
+export interface OverlayField {
+    key: string;
+    type: FieldType;
+    widgets?: FieldWidgetInfo[];
+    includeIf?: string;
+    value?: LiteralOrExpression<string | number | boolean | Date>;
+    assignment?: {
+        roleKey?: string;
+        assignedToStepKey?: string;
+    };
+}
+export interface FieldWidgetInfo {
+    position?: FieldPosition;
+    dimensions?: {
+        width: number;
+        height: number;
+    };
+    style?: {
+        fontSizePx?: number;
+        fontColor?: string;
+        fontFamily?: string;
+        strokeWidth?: number;
+        strokeColor?: string;
+    };
+    rotationDegree?: number;
+}
+export interface FieldValue {
+    text?: string;
+    checked?: boolean;
+    selections?: string[];
+    fileId?: string;
+    localImagePath?: string;
+}
+export interface FieldPosition {
+    pageNumber: number;
+    x: number;
+    y: number;
+}
+export declare enum PDFFormFieldType {
+    PDFTextField = "PDFTextField",
+    PDFCheckBox = "PDFCheckBox",
+    PDFImage = "PDFImage",
+    PDFLine = "PDFLine"
+}
+export declare enum TabType {
+    SignHere = "SignHere",
+    InitialHere = "InitialHere",
+    DateSigned = "DateSigned"
+}
+export declare enum FieldType {
+    TextField = "text_field",
+    CheckBox = "check_box",
+    Image = "image",
+    Line = "line",
+    Signature = "signature",
+    Initial = "initial",
+    SignedDate = "signed_date"
+}
+export declare enum TemplateType {
+    PDF = "pdf",
+    HTML = "html"
+}
+export interface RoleOutput {
+    schemaKey: string;
+    schemaVersion: string;
+    transform: string;
+}
+export interface TemplateRole {
+    key: string;
+    name?: string;
+    roleCategory?: string;
+    output?: RoleOutput;
+}
+export interface AssetReference {
+    key: string;
+    version: string;
+}
+export interface PartialReference extends AssetReference {
+    content?: string;
+}
+export interface StyleReference extends AssetReference {
+    content?: string;
+}
+export interface ListTemplatesReq {
+    search?: string;
+    limit?: number;
+    offset?: number;
+    skipDraft?: boolean;
+    labels?: Record<string, string>;
+}
+export type ListTemplatesResp = ListResp<TemplateListItem>;
+export type ListTemplateVersionsResp = ListResp<TemplateListItem>;
+export interface TemplateListItem extends ResourceListItemBase {
+    spec: {
+        inputs?: Input[];
+        roles?: {
+            key: string;
+            name?: string;
+            roleCategory?: string;
+            output?: {
+                schemaKey: string;
+                schemaVersion: string;
+            };
+        }[];
+    };
+}
+/**
+ * Full template — returned by `GET /templates/{key}`, `POST /templates`,
+ * `PUT .../versions/draft`, and `POST .../versions/draft/publish`. The
+ * optimistic-locking handle is returned in the HTTP `ETag` response header
+ * (RFC 7232) — pass it back as `If-Match` on the next `PUT` / `DELETE`.
+ */
+export interface TemplateResp extends TemplateResource {
+    createdAt: Date;
+    updatedAt: Date;
+    createdBy: ActorRef;
+    publishedAt?: Date;
+    publishedBy?: ActorRef;
+    contentHash?: string;
+}
+export interface BatchGetTemplatesReq {
+    identifiers: {
+        key: string;
+        version?: string;
+    }[];
+}
+export interface BatchGetTemplateItem extends TemplateResp {
+    _eTag?: string;
+}
+export interface BatchGetTemplatesResp {
+    data: BatchGetTemplateItem[];
+}
+export interface CreateTemplateReq {
+    apiVersion?: string;
+    metadata: ResourceMetadata;
+    spec: TemplateSpec;
+}
+export interface UpdateTemplateReq {
+    metadata: ResourceMetadata;
+    spec: TemplateSpec;
+}
+export interface PublishTemplateReq {
+    versionType?: VersionType;
+    version?: string;
+}
+/**
+ * Unified request for template rendering: POST /templates/render
+ *
+ * @public-api-shape
+ *   The PUBLIC API surface for this endpoint exposes ONLY the body-based
+ *   reference flow: `{ templateKey, templateVersion?, entities, options }`.
+ *   The `inlineResources` and `options.inlineOnly` fields are for internal
+ *   surfaces only (CLI preview from local YAML, Studio scratch renders before
+ *   push). DO NOT document them in `openapi.json`, public API references,
+ *   user guides, SDK examples, or LLM-generated content.
+ *
+ *   If you need to expose inline rendering publicly in the future, that should
+ *   be a deliberate product decision, not an incidental documentation update.
+ */
+export interface RenderTemplateReq {
+    /** Reference an existing template by key. Required when not using `inlineResources.template`. */
+    templateKey?: string;
+    /** Specific version of the referenced template. Defaults to latest published. */
+    templateVersion?: string;
+    inlineResources?: {
+        template?: TemplateResource;
+        assets?: AssetResource[];
+        functions?: JsonataFunctionResource[];
+        schemas?: SchemaResource[];
+        inlineOnly?: boolean;
+    };
+    entities?: {
+        inputKey: string;
+        data: Record<string, any>;
+    }[];
+    options?: {
+        skipSignatureFields?: boolean;
+    };
+}
+export interface RenderTemplateResp {
+    /**
+     * Short-lived URL to download the rendered PDF directly.
+     * The render output is a temporary preview, not a persisted resource —
+     * download via this URL or re-render. Do not store as a long-lived reference.
+     */
+    signedUrl: string;
+    detectedFields?: TemplateFieldInfo[];
+}
+/**
+ * Immediate response of `POST /templates/render` under the async contract:
+ * the job is accepted and runs in the background. Callers poll
+ * `GET …/render-jobs/:jobId` until terminal, then read the
+ * `RenderTemplateResp` off `GetRenderJobResp.result`. FE/CLI clients do
+ * this transparently and still resolve `RenderTemplateResp` to app code.
+ */
+export interface RenderTemplateAcceptedResp {
+    jobId: string;
+}
+export interface AutoGeneratedFieldByAi {
+    key: string;
+    type: FieldType;
+    pageNumber: number;
+}
+export interface AutoGenerateFieldsReq {
+    fileId: string;
+}
+export interface AutoGenerateFieldsResp {
+    source: 'ai' | 'pdf';
+    extractedFields: TemplateFieldInfo[] | AutoGeneratedFieldByAi[];
+}

package/dist/libs/signstack/base/src/lib/models/template.js

@@ -0,0 +1,32 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.TemplateType = exports.FieldType = exports.TabType = exports.PDFFormFieldType = void 0;
+var PDFFormFieldType;
+(function (PDFFormFieldType) {
+    PDFFormFieldType["PDFTextField"] = "PDFTextField";
+    PDFFormFieldType["PDFCheckBox"] = "PDFCheckBox";
+    PDFFormFieldType["PDFImage"] = "PDFImage";
+    PDFFormFieldType["PDFLine"] = "PDFLine";
+})(PDFFormFieldType || (exports.PDFFormFieldType = PDFFormFieldType = {}));
+var TabType;
+(function (TabType) {
+    TabType["SignHere"] = "SignHere";
+    TabType["InitialHere"] = "InitialHere";
+    TabType["DateSigned"] = "DateSigned";
+})(TabType || (exports.TabType = TabType = {}));
+var FieldType;
+(function (FieldType) {
+    FieldType["TextField"] = "text_field";
+    FieldType["CheckBox"] = "check_box";
+    FieldType["Image"] = "image";
+    FieldType["Line"] = "line";
+    FieldType["Signature"] = "signature";
+    FieldType["Initial"] = "initial";
+    FieldType["SignedDate"] = "signed_date";
+})(FieldType || (exports.FieldType = FieldType = {}));
+var TemplateType;
+(function (TemplateType) {
+    TemplateType["PDF"] = "pdf";
+    TemplateType["HTML"] = "html";
+})(TemplateType || (exports.TemplateType = TemplateType = {}));
+//# sourceMappingURL=template.js.map

package/dist/libs/signstack/base/src/lib/models/template.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"template.js","sourceRoot":"","sources":["../../../../../../../../../libs/signstack/base/src/lib/models/template.ts"],"names":[],"mappings":";;;AA8FA,IAAY,gBAKX;AALD,WAAY,gBAAgB;IAC1B,iDAA6B,CAAA;IAC7B,+CAA2B,CAAA;IAC3B,yCAAqB,CAAA;IACrB,uCAAmB,CAAA;AACrB,CAAC,EALW,gBAAgB,gCAAhB,gBAAgB,QAK3B;AAED,IAAY,OAIX;AAJD,WAAY,OAAO;IACjB,gCAAqB,CAAA;IACrB,sCAA2B,CAAA;IAC3B,oCAAyB,CAAA;AAC3B,CAAC,EAJW,OAAO,uBAAP,OAAO,QAIlB;AAED,IAAY,SAQX;AARD,WAAY,SAAS;IACnB,qCAAwB,CAAA;IACxB,mCAAsB,CAAA;IACtB,4BAAe,CAAA;IACf,0BAAa,CAAA;IACb,oCAAuB,CAAA;IACvB,gCAAmB,CAAA;IACnB,uCAA0B,CAAA;AAC5B,CAAC,EARW,SAAS,yBAAT,SAAS,QAQpB;AAED,IAAY,YAGX;AAHD,WAAY,YAAY;IACtB,2BAAW,CAAA;IACX,6BAAa,CAAA;AACf,CAAC,EAHW,YAAY,4BAAZ,YAAY,QAGvB"}

package/dist/libs/signstack/base/src/lib/models/user.d.ts

@@ -0,0 +1,30 @@
+import { OrganizationRole } from '@signstack/base';
+export interface AddNewSignstackUserReq {
+    firebaseToken: string;
+    firstName: string;
+    lastName: string;
+}
+export interface AddNewSignstackUserResp {
+    uid: string;
+    orgId: string;
+}
+export interface GetSignstackUserInfoResp {
+    uid: string;
+    firstName: string;
+    lastName: string;
+    email: string;
+    isEmailVerified: boolean;
+    orgs: {
+        orgId: string;
+        roles: OrganizationRole[];
+    }[];
+}
+export interface SignstackUserExistsResp {
+    uidExists: boolean;
+    emailExists: boolean;
+}
+export interface UpdateUserReq {
+    firstName?: string;
+    lastName?: string;
+}
+export type UpdateUserResp = GetSignstackUserInfoResp;

package/dist/libs/signstack/base/src/lib/models/user.js

@@ -0,0 +1,3 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+//# sourceMappingURL=user.js.map

package/dist/libs/signstack/base/src/lib/models/user.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"user.js","sourceRoot":"","sources":["../../../../../../../../../libs/signstack/base/src/lib/models/user.ts"],"names":[],"mappings":""}

package/dist/libs/signstack/base/src/lib/models/webhook.d.ts

@@ -0,0 +1,223 @@
+import type { ListResp } from './base';
+/**
+ * Per-namespace cap on **active** webhook endpoints. Paused endpoints
+ * (`isActive: false`) and soft-deleted endpoints do NOT count — only
+ * endpoints that would actually fire events do. Pausing is therefore a
+ * legitimate way to free up a slot without losing the endpoint. Backend
+ * enforces this at create time and returns `409 Conflict` if breached.
+ * Studio uses it to disable the "Add webhook" button when at the cap.
+ */
+export declare const MAX_WEBHOOKS_PER_NAMESPACE = 4;
+export declare enum WebhookEventType {
+    WorkflowStarted = "workflow.started",
+    WorkflowFailed = "workflow.failed",
+    WorkflowCompleted = "workflow.completed",
+    WorkflowDeclined = "workflow.declined",
+    WorkflowVoided = "workflow.voided",
+    StepStarted = "step.started",
+    StepFailed = "step.failed",
+    StepCompleted = "step.completed",
+    ParticipantTaskAssigned = "participant.task_assigned",
+    ParticipantEmailSent = "participant.email_sent",
+    ParticipantTaskViewed = "participant.task_viewed",
+    ParticipantSigningCompleted = "participant.signing_completed",
+    ParticipantSigningDeclined = "participant.signing_declined",
+    EnvelopeSent = "envelope.sent",
+    EnvelopeCompleted = "envelope.completed",
+    EnvelopeVoided = "envelope.voided"
+}
+export declare enum WebhookDeliveryStatus {
+    Pending = "pending",
+    Success = "success",
+    Failed = "failed"
+}
+export interface WebhookRetryConfig {
+    maxAttempts: number;
+    maxRetryDuration: number;
+    minBackoff: number;
+    maxBackoff: number;
+    maxDoublings: number;
+    backoffStrategy: 'exponential' | 'linear' | 'constant';
+    jitter: 'full' | 'none';
+}
+export interface CreateWebhookEndpointReq {
+    url: string;
+    eventTypes: WebhookEventType[];
+    description?: string;
+}
+export interface UpdateWebhookEndpointReq {
+    url?: string;
+    eventTypes?: WebhookEventType[];
+    description?: string;
+    isActive?: boolean;
+}
+export interface WebhookEndpointResp {
+    /** Prefixed lowercase ULID, e.g. `we_01jv8m7qfj6xj9gkz7a4s2h8e`. */
+    id: string;
+    url: string;
+    eventTypes: WebhookEventType[];
+    isActive: boolean;
+    description?: string;
+    retryConfig: WebhookRetryConfig;
+    createdAt: Date;
+    updatedAt: Date;
+}
+/**
+ * Webhook endpoint list item — carries `_eTag` per item since list responses
+ * cannot multiplex `ETag` headers across items. Pass back as `If-Match` on a
+ * subsequent `PATCH /webhook-endpoints/{id}` to enable optimistic concurrency.
+ */
+export interface WebhookEndpointListItem extends WebhookEndpointResp {
+    _eTag: string;
+}
+/**
+ * Returned only by `POST /webhook-endpoints`. The signing `secret` is shown
+ * once at create time and never again — store it immediately. To rotate
+ * (e.g. on suspected leak) call `POST /webhook-endpoints/{id}/rotate-secret`,
+ * which keeps the previous secret valid alongside the new one for a
+ * configurable grace window so consumers can roll their verification code
+ * forward without dropped events.
+ */
+export interface CreateWebhookEndpointResp extends WebhookEndpointResp {
+    secret: string;
+}
+/**
+ * Grace period during which the previous signing secret stays valid for
+ * verification alongside the newly issued one. Outbound webhook deliveries
+ * are signed with **both** secrets during the grace window — customers can
+ * keep verifying with their old stored secret while they redeploy with the
+ * new one. After the grace expires, only the new secret is valid.
+ *
+ * Use `immediate` only for compromised secrets where the old one must be
+ * killed at once — accept that any deliveries in flight that the customer's
+ * server hasn't yet verified will fail.
+ */
+export declare enum WebhookSecretGracePeriod {
+    Immediate = "immediate",
+    H24 = "24h",
+    H48 = "48h",
+    D7 = "7d",
+    D14 = "14d",
+    D30 = "30d"
+}
+export interface RotateWebhookSecretReq {
+    /** Defaults to `'24h'`. */
+    gracePeriod?: WebhookSecretGracePeriod;
+}
+export interface RotateWebhookSecretResp {
+    /**
+     * The newly generated signing secret. Returned ONCE — store it
+     * immediately. Outbound deliveries are signed with this secret going
+     * forward (and additionally with the previous secret until the grace
+     * period expires).
+     */
+    secret: string;
+    /**
+     * When the previous secret stops being valid. Absent when
+     * `gracePeriod: 'immediate'` was supplied (the previous secret is dead
+     * the moment this response is returned). During the grace window,
+     * webhook delivery headers carry signatures from both the old and new
+     * secrets — verification with either passes.
+     */
+    previousSecretExpiresAt?: Date;
+}
+export interface WebhookDeliveryAttemptResp {
+    attemptNumber: number;
+    attemptedAt: Date;
+    responseStatus?: number;
+    responseBody?: string;
+    errorMessage?: string;
+    duration?: number;
+}
+export interface WebhookDeliveryResp {
+    /** Prefixed lowercase ULID, e.g. `wd_01jv8m7qfj6xj9gkz7a4s2h8e`. */
+    id: string;
+    /** Prefixed lowercase ULID, e.g. `we_01jv8m7qfj6xj9gkz7a4s2h8e`. */
+    webhookEndpointId: string;
+    eventType: WebhookEventType;
+    /** Prefixed lowercase ULID, e.g. `evt_01jv8m7qfj6xj9gkz7a4s2h8e`. */
+    eventId: string;
+    payload: any;
+    status: string;
+    attempts: WebhookDeliveryAttemptResp[];
+    nextRetryAt?: Date;
+    /** Prefixed lowercase ULID, e.g. `wf_01jv8m7qfj6xj9gkz7a4s2h8e`. */
+    workflowId?: string;
+    stepKey?: string;
+    envelopeKey?: string;
+    participantEmail?: string;
+    createdAt: Date;
+    updatedAt: Date;
+}
+/**
+ * Trimmed delivery shape returned by `GET /webhook-deliveries` and other list
+ * endpoints. Drops the full `payload` envelope and the per-attempt detail
+ * (response body, error message). Fetch `GET /webhook-deliveries/{id}` for
+ * the full `WebhookDeliveryResp` when you need to drill in.
+ */
+export interface WebhookDeliveryListItem {
+    /** Prefixed lowercase ULID, e.g. `wd_01jv8m7qfj6xj9gkz7a4s2h8e`. */
+    id: string;
+    /** Prefixed lowercase ULID, e.g. `we_01jv8m7qfj6xj9gkz7a4s2h8e`. */
+    webhookEndpointId: string;
+    eventType: WebhookEventType;
+    /** Prefixed lowercase ULID, e.g. `evt_01jv8m7qfj6xj9gkz7a4s2h8e`. */
+    eventId: string;
+    status: string;
+    /** Number of attempts made so far (length of the underlying `attempts` array). */
+    attemptCount: number;
+    /** Summary of the most recent attempt — absent when no attempt has run yet. */
+    lastAttempt?: {
+        attemptedAt: Date;
+        responseStatus?: number;
+        errorMessage?: string;
+    };
+    nextRetryAt?: Date;
+    /** Prefixed lowercase ULID, e.g. `wf_01jv8m7qfj6xj9gkz7a4s2h8e`. */
+    workflowId?: string;
+    stepKey?: string;
+    envelopeKey?: string;
+    participantEmail?: string;
+    createdAt: Date;
+    updatedAt: Date;
+}
+export type ListWebhookEndpointsResp = ListResp<WebhookEndpointListItem>;
+export type ListWebhookDeliveriesResp = ListResp<WebhookDeliveryListItem>;
+/**
+ * Stable identifier for the webhook payload schema. Bumped when the shape of
+ * `data` for any event type, or the envelope itself, changes in a
+ * backwards-incompatible way. Consumers should branch on this field when
+ * parsing — never rely on field presence alone. Today's value is `'1'`; new
+ * versions will be added as needed and old payloads will keep flowing under
+ * their original version.
+ */
+export type WebhookPayloadVersion = '1';
+export interface WebhookPayload {
+    /**
+     * Schema version of this payload. See `WebhookPayloadVersion`. Always
+     * present, always a literal string — branch on this in your handler
+     * before reading `data` so future schema changes don't silently break
+     * you.
+     */
+    apiVersion: WebhookPayloadVersion;
+    eventType: WebhookEventType;
+    /** Prefixed lowercase ULID, e.g. `evt_01jv8m7qfj6xj9gkz7a4s2h8e`. */
+    eventId: string;
+    timestamp: string;
+    /**
+     * Org / namespace scope of the event. The webhook endpoint that fired
+     * this delivery was registered in this `(orgId, namespaceKey)`. Use for
+     * routing on the consumer side when a single handler URL receives events
+     * from multiple namespaces.
+     *
+     * Prefixed lowercase ULID, e.g. `org_01jv8m7qfj6xj9gkz7a4s2h8e`.
+     */
+    orgId: string;
+    namespaceKey: string;
+    /**
+     * Namespace mode. Critical safety signal — branch on this to make sure
+     * test workflows never write to your production systems.
+     */
+    mode: 'test' | 'live';
+    data: Record<string, any>;
+}

package/dist/libs/signstack/base/src/lib/models/webhook.js

@@ -0,0 +1,62 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.WebhookSecretGracePeriod = exports.WebhookDeliveryStatus = exports.WebhookEventType = exports.MAX_WEBHOOKS_PER_NAMESPACE = void 0;
+/**
+ * Per-namespace cap on **active** webhook endpoints. Paused endpoints
+ * (`isActive: false`) and soft-deleted endpoints do NOT count — only
+ * endpoints that would actually fire events do. Pausing is therefore a
+ * legitimate way to free up a slot without losing the endpoint. Backend
+ * enforces this at create time and returns `409 Conflict` if breached.
+ * Studio uses it to disable the "Add webhook" button when at the cap.
+ */
+exports.MAX_WEBHOOKS_PER_NAMESPACE = 4;
+var WebhookEventType;
+(function (WebhookEventType) {
+    // Workflow events
+    WebhookEventType["WorkflowStarted"] = "workflow.started";
+    WebhookEventType["WorkflowFailed"] = "workflow.failed";
+    WebhookEventType["WorkflowCompleted"] = "workflow.completed";
+    WebhookEventType["WorkflowDeclined"] = "workflow.declined";
+    WebhookEventType["WorkflowVoided"] = "workflow.voided";
+    // Step events
+    WebhookEventType["StepStarted"] = "step.started";
+    WebhookEventType["StepFailed"] = "step.failed";
+    WebhookEventType["StepCompleted"] = "step.completed";
+    // Participant events
+    WebhookEventType["ParticipantTaskAssigned"] = "participant.task_assigned";
+    WebhookEventType["ParticipantEmailSent"] = "participant.email_sent";
+    WebhookEventType["ParticipantTaskViewed"] = "participant.task_viewed";
+    WebhookEventType["ParticipantSigningCompleted"] = "participant.signing_completed";
+    WebhookEventType["ParticipantSigningDeclined"] = "participant.signing_declined";
+    // Envelope events
+    WebhookEventType["EnvelopeSent"] = "envelope.sent";
+    WebhookEventType["EnvelopeCompleted"] = "envelope.completed";
+    WebhookEventType["EnvelopeVoided"] = "envelope.voided";
+})(WebhookEventType || (exports.WebhookEventType = WebhookEventType = {}));
+var WebhookDeliveryStatus;
+(function (WebhookDeliveryStatus) {
+    WebhookDeliveryStatus["Pending"] = "pending";
+    WebhookDeliveryStatus["Success"] = "success";
+    WebhookDeliveryStatus["Failed"] = "failed";
+})(WebhookDeliveryStatus || (exports.WebhookDeliveryStatus = WebhookDeliveryStatus = {}));
+/**
+ * Grace period during which the previous signing secret stays valid for
+ * verification alongside the newly issued one. Outbound webhook deliveries
+ * are signed with **both** secrets during the grace window — customers can
+ * keep verifying with their old stored secret while they redeploy with the
+ * new one. After the grace expires, only the new secret is valid.
+ *
+ * Use `immediate` only for compromised secrets where the old one must be
+ * killed at once — accept that any deliveries in flight that the customer's
+ * server hasn't yet verified will fail.
+ */
+var WebhookSecretGracePeriod;
+(function (WebhookSecretGracePeriod) {
+    WebhookSecretGracePeriod["Immediate"] = "immediate";
+    WebhookSecretGracePeriod["H24"] = "24h";
+    WebhookSecretGracePeriod["H48"] = "48h";
+    WebhookSecretGracePeriod["D7"] = "7d";
+    WebhookSecretGracePeriod["D14"] = "14d";
+    WebhookSecretGracePeriod["D30"] = "30d";
+})(WebhookSecretGracePeriod || (exports.WebhookSecretGracePeriod = WebhookSecretGracePeriod = {}));
+//# sourceMappingURL=webhook.js.map

package/dist/libs/signstack/base/src/lib/models/webhook.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"webhook.js","sourceRoot":"","sources":["../../../../../../../../../libs/signstack/base/src/lib/models/webhook.ts"],"names":[],"mappings":";;;AAEA;;;;;;;GAOG;AACU,QAAA,0BAA0B,GAAG,CAAC,CAAC;AAE5C,IAAY,gBAwBX;AAxBD,WAAY,gBAAgB;IAC1B,kBAAkB;IAClB,wDAAoC,CAAA;IACpC,sDAAkC,CAAA;IAClC,4DAAwC,CAAA;IACxC,0DAAsC,CAAA;IACtC,sDAAkC,CAAA;IAElC,cAAc;IACd,gDAA4B,CAAA;IAC5B,8CAA0B,CAAA;IAC1B,oDAAgC,CAAA;IAEhC,qBAAqB;IACrB,yEAAqD,CAAA;IACrD,mEAA+C,CAAA;IAC/C,qEAAiD,CAAA;IACjD,iFAA6D,CAAA;IAC7D,+EAA2D,CAAA;IAE3D,kBAAkB;IAClB,kDAA8B,CAAA;IAC9B,4DAAwC,CAAA;IACxC,sDAAkC,CAAA;AACpC,CAAC,EAxBW,gBAAgB,gCAAhB,gBAAgB,QAwB3B;AAED,IAAY,qBAIX;AAJD,WAAY,qBAAqB;IAC/B,4CAAmB,CAAA;IACnB,4CAAmB,CAAA;IACnB,0CAAiB,CAAA;AACnB,CAAC,EAJW,qBAAqB,qCAArB,qBAAqB,QAIhC;AA4DD;;;;;;;;;;GAUG;AACH,IAAY,wBAOX;AAPD,WAAY,wBAAwB;IAClC,mDAAuB,CAAA;IACvB,uCAAW,CAAA;IACX,uCAAW,CAAA;IACX,qCAAS,CAAA;IACT,uCAAW,CAAA;IACX,uCAAW,CAAA;AACb,CAAC,EAPW,wBAAwB,wCAAxB,wBAAwB,QAOnC"}