npm - @sorb/juice - Versions diffs - 0.1.0 - Mend

@sorb/juice 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

package/README.md +53 -0
package/dist/cli.js +1209 -0
package/dist/cli.js.map +7 -0
package/dist/index.js +989 -0
package/dist/index.js.map +7 -0
package/dist/migrations/001_init.sql +106 -0
package/package.json +49 -0

package/dist/index.js ADDED Viewed

@@ -0,0 +1,989 @@
+const __sorbModuleUrl = require('url').pathToFileURL(require('path').join(__dirname, 'migrate.js')).href;
+var __create = Object.create;
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __getProtoOf = Object.getPrototypeOf;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __esm = (fn, res) => function __init() {
+  return fn && (res = (0, fn[__getOwnPropNames(fn)[0]])(fn = 0)), res;
+};
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toESM = (mod, isNodeMode, target) => (target = mod != null ? __create(__getProtoOf(mod)) : {}, __copyProps(
+  // If the importer is in node compatibility mode or this is not an ESM
+  // file that has been converted to a CommonJS file using a Babel-
+  // compatible transform (i.e. "__esModule" has not been set), then set
+  // "default" to the CommonJS "module.exports" for node compatibility.
+  isNodeMode || !mod || !mod.__esModule ? __defProp(target, "default", { value: mod, enumerable: true }) : target,
+  mod
+));
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+// src/store/redis.js
+var redis_exports = {};
+__export(redis_exports, {
+  createRedisStore: () => createRedisStore,
+  default: () => redis_default
+});
+var import_ioredis, PREVIEW_PREFIX, VERIFY_PREFIX, VERIFY_LATEST_KEY, previewKey, verifyKey, scanCount, createRedisStore, redis_default;
+var init_redis = __esm({
+  "src/store/redis.js"() {
+    import_ioredis = __toESM(require("ioredis"));
+    PREVIEW_PREFIX = "preview:";
+    VERIFY_PREFIX = "verify:";
+    VERIFY_LATEST_KEY = "verify:latest";
+    previewKey = (id) => PREVIEW_PREFIX + id;
+    verifyKey = (id) => VERIFY_PREFIX + id;
+    scanCount = async (client, match) => {
+      let cursor = "0";
+      let total = 0;
+      do {
+        const [next, keys] = await client.scan(cursor, "MATCH", match, "COUNT", 100);
+        cursor = next;
+        total += keys.length;
+      } while (cursor !== "0");
+      return total;
+    };
+    createRedisStore = async (config) => {
+      const ttlMs = config.previewTtlMs;
+      const client = new import_ioredis.default(config.redisUrl, {
+        lazyConnect: true,
+        maxRetriesPerRequest: 2
+      });
+      client.on("error", () => {
+      });
+      try {
+        await client.connect();
+      } catch (e) {
+      }
+      const putPreview = async (id, tokens) => {
+        const entry = { tokens, createdAt: Date.now() };
+        await client.set(previewKey(id), JSON.stringify(entry), "PX", ttlMs);
+      };
+      const getPreview = async (id) => {
+        const raw = await client.get(previewKey(id));
+        if (raw == null) return null;
+        return JSON.parse(raw);
+      };
+      const hasPreview = async (id) => {
+        return await client.exists(previewKey(id)) === 1;
+      };
+      const updatePreview = async (id, tokens) => {
+        if (!await hasPreview(id)) return false;
+        const entry = { tokens, createdAt: Date.now() };
+        await client.set(previewKey(id), JSON.stringify(entry), "PX", ttlMs);
+        return true;
+      };
+      const deletePreview = async (id) => {
+        await client.del(previewKey(id));
+      };
+      const countPreviews = async () => {
+        return scanCount(client, PREVIEW_PREFIX + "*");
+      };
+      const putVerification = async (id, { storyId, bbox, meta }) => {
+        const entry = { storyId, bbox, meta, createdAt: Date.now() };
+        const pipeline = client.multi();
+        pipeline.set(verifyKey(id), JSON.stringify(entry), "PX", ttlMs);
+        pipeline.set(VERIFY_LATEST_KEY, id, "PX", ttlMs);
+        await pipeline.exec();
+      };
+      const getVerification = async (id) => {
+        const raw = await client.get(verifyKey(id));
+        if (raw == null) return null;
+        return JSON.parse(raw);
+      };
+      const getLatestVerification = async () => {
+        const id = await client.get(VERIFY_LATEST_KEY);
+        if (id == null) return null;
+        return getVerification(id);
+      };
+      const countVerifications = async () => {
+        const total = await scanCount(client, VERIFY_PREFIX + "*");
+        const hasLatest = await client.exists(VERIFY_LATEST_KEY) === 1;
+        return hasLatest ? Math.max(0, total - 1) : total;
+      };
+      const ping = async () => {
+        try {
+          return await client.ping() === "PONG";
+        } catch (e) {
+          return false;
+        }
+      };
+      const close = async () => {
+        try {
+          await client.quit();
+        } catch (e) {
+        }
+      };
+      return {
+        putPreview,
+        getPreview,
+        hasPreview,
+        updatePreview,
+        deletePreview,
+        countPreviews,
+        putVerification,
+        getVerification,
+        getLatestVerification,
+        countVerifications,
+        ping,
+        close
+      };
+    };
+    redis_default = createRedisStore;
+  }
+});
+// src/index.js
+var src_exports = {};
+__export(src_exports, {
+  createDb: () => createDb,
+  createMemoryStore: () => createMemoryStore,
+  createServer: () => createServer,
+  createStore: () => createStore,
+  loadConfig: () => loadConfig,
+  openTokenPR: () => openTokenPR,
+  runStyleDictionary: () => runStyleDictionary,
+  watchTokenFile: () => watchTokenFile
+});
+module.exports = __toCommonJS(src_exports);
+// src/server.js
+var import_hono = require("hono");
+var import_cors = require("hono/cors");
+var import_nanoid = require("nanoid");
+// src/auth.js
+var import_node_crypto = require("node:crypto");
+var SCOPE = Object.freeze({ READ: "read", WRITE: "write" });
+function hashKey(raw) {
+  return (0, import_node_crypto.createHash)("sha256").update(raw, "utf8").digest("hex");
+}
+function parseBearer(authHeader) {
+  if (typeof authHeader !== "string") return null;
+  const trimmed = authHeader.trim();
+  if (trimmed === "") return null;
+  const match = /^(\S+)\s+(.*)$/.exec(trimmed);
+  if (!match) return null;
+  const scheme = match[1];
+  if (scheme.toLowerCase() !== "bearer") return null;
+  const token = match[2].trim();
+  if (token === "") return null;
+  return token;
+}
+async function resolveApiKey(db, authHeader) {
+  const raw = parseBearer(authHeader);
+  if (raw === null) return null;
+  const hash = hashKey(raw);
+  const result = await db.query(
+    `SELECT k.id AS key_id, k.type, k.project_id, p.org_id, p.namespace, p.allowed_origins
+       FROM api_keys k
+       JOIN projects p ON p.id = k.project_id
+      WHERE k.hash = $1 AND k.revoked_at IS NULL
+      LIMIT 1`,
+    [hash]
+  );
+  const rows = result && result.rows || [];
+  if (rows.length === 0) return null;
+  const row = rows[0];
+  const type = row.type;
+  const scope = type === "publishable" ? SCOPE.READ : SCOPE.WRITE;
+  const allowedOrigins = Array.isArray(row.allowed_origins) ? row.allowed_origins : [];
+  return Object.freeze({
+    keyId: row.key_id,
+    type,
+    projectId: row.project_id,
+    orgId: row.org_id,
+    namespace: row.namespace,
+    allowedOrigins,
+    scope
+  });
+}
+// src/entitlements.js
+var FREE = Object.freeze({
+  plan: "free",
+  status: "active",
+  seats: 1,
+  previewPersistence: false,
+  previewSharing: false,
+  maxProjects: 1,
+  maxActivePreviews: -1,
+  captureEnabled: false
+});
+var numOr = (v, fallback) => {
+  const n = Number(v);
+  return Number.isFinite(n) ? n : fallback;
+};
+function normalizeEntitlements(row) {
+  const r = row || {};
+  let data = r.data;
+  if (typeof data === "string") {
+    try {
+      data = JSON.parse(data);
+    } catch (e) {
+      data = null;
+    }
+  }
+  if (data === null || data === void 0 || typeof data !== "object") data = {};
+  const out = {
+    plan: FREE.plan,
+    status: FREE.status,
+    seats: "seats" in data ? Math.max(1, numOr(data.seats, FREE.seats)) : FREE.seats,
+    previewPersistence: "previewPersistence" in data ? Boolean(data.previewPersistence) : FREE.previewPersistence,
+    previewSharing: "previewSharing" in data ? Boolean(data.previewSharing) : FREE.previewSharing,
+    maxProjects: "maxProjects" in data ? numOr(data.maxProjects, FREE.maxProjects) : FREE.maxProjects,
+    maxActivePreviews: "maxActivePreviews" in data ? numOr(data.maxActivePreviews, FREE.maxActivePreviews) : FREE.maxActivePreviews,
+    captureEnabled: "captureEnabled" in data ? Boolean(data.captureEnabled) : FREE.captureEnabled
+  };
+  if (r.plan !== void 0 && r.plan !== null && String(r.plan).trim() !== "") {
+    out.plan = /** @type {Entitlements['plan']} */
+    String(r.plan);
+  }
+  if (r.status !== void 0 && r.status !== null && String(r.status).trim() !== "") {
+    out.status = /** @type {Entitlements['status']} */
+    String(r.status);
+  }
+  return Object.freeze(out);
+}
+async function getEntitlements(db, orgId) {
+  const { rows } = await db.query(
+    "SELECT plan, status, data FROM entitlements WHERE org_id = $1 LIMIT 1",
+    [orgId]
+  );
+  if (!rows || rows.length === 0) return FREE;
+  return normalizeEntitlements(rows[0]);
+}
+function effectiveEntitlements(ent) {
+  if (ent && (ent.status === "past_due" || ent.status === "canceled")) {
+    return Object.freeze({
+      ...ent,
+      // Overlay FREE's gate fields; keep plan + status from ent.
+      seats: FREE.seats,
+      previewPersistence: FREE.previewPersistence,
+      previewSharing: FREE.previewSharing,
+      maxProjects: FREE.maxProjects,
+      maxActivePreviews: FREE.maxActivePreviews,
+      captureEnabled: FREE.captureEnabled,
+      plan: ent.plan,
+      status: ent.status
+    });
+  }
+  return ent;
+}
+// src/server.js
+var createServer = ({
+  store,
+  config,
+  db = null,
+  getLatestTokens = () => ({}),
+  getResolvedTokens = () => null,
+  getArtifactIndex = () => null,
+  getArtifact = () => null,
+  onError = () => {
+  }
+}) => {
+  const namespace = config.namespace;
+  const corsOrigin = config.corsOrigins && config.corsOrigins !== "*" ? config.corsOrigins : "*";
+  const hosted = Boolean(config.databaseUrl);
+  const upgradeUrl = process.env.SORB_UPGRADE_URL || "/billing";
+  const previewTtlMs = config.previewTtlMs || 864e5;
+  const app = new import_hono.Hono();
+  if (hosted) {
+    app.use("*", async (c, next) => {
+      const path = c.req.path;
+      if (path === "/health" || path === "/ready") return next();
+      if (c.req.method === "OPTIONS") return next();
+      let ctx;
+      try {
+        ctx = await resolveApiKey(db, c.req.header("Authorization"));
+      } catch (e) {
+        onError(e, { at: "auth" });
+        return c.json({ error: "Service unavailable", code: "db_unavailable" }, 503);
+      }
+      if (!ctx) {
+        return c.json({ error: "Unauthorized", code: "unauthorized" }, 401);
+      }
+      c.set("auth", ctx);
+      let ent;
+      try {
+        ent = effectiveEntitlements(await getEntitlements(db, ctx.orgId));
+      } catch (e) {
+        onError(e, { at: "entitlements" });
+        return c.json({ error: "Service unavailable", code: "db_unavailable" }, 503);
+      }
+      c.set("ent", ent);
+      return next();
+    });
+    app.use(
+      "*",
+      (0, import_cors.cors)({
+        origin: (origin, c) => {
+          if (!origin) return origin;
+          if (c.req.method === "OPTIONS") return origin;
+          const ctx = c.get("auth");
+          if (ctx && Array.isArray(ctx.allowedOrigins) && ctx.allowedOrigins.includes(origin)) {
+            return origin;
+          }
+          return void 0;
+        }
+      })
+    );
+  } else {
+    app.use("*", (0, import_cors.cors)({ origin: corsOrigin }));
+  }
+  const requireWrite = (c) => {
+    if (!hosted) return null;
+    const ctx = c.get("auth");
+    if (ctx.scope !== SCOPE.WRITE) {
+      return c.json({ error: "Publishable keys are read-only", code: "read_only" }, 403);
+    }
+    return null;
+  };
+  const activePreviewCount = async (projectId) => {
+    const res = await db.query(
+      "SELECT count(*)::int AS n FROM previews WHERE project_id = $1 AND (expires_at IS NULL OR expires_at > now())",
+      [projectId]
+    );
+    const row = res && res.rows && res.rows[0];
+    return row ? Number(row.n) || 0 : 0;
+  };
+  const requireSharing = (c) => {
+    const ent = c.get("ent");
+    if (!ent || ent.previewSharing !== true) {
+      return c.json({ error: "Preview sharing is not available on your plan", code: "sharing_locked", upgradeUrl }, 402);
+    }
+    return null;
+  };
+  app.post("/preview", async (c) => {
+    if (hosted) {
+      const denied = requireWrite(c);
+      if (denied) return denied;
+      const ctx = c.get("auth");
+      const ent = c.get("ent");
+      if (c.req.query("share") === "1") {
+        const locked = requireSharing(c);
+        if (locked) return locked;
+      }
+      if (ent.maxActivePreviews !== -1) {
+        let active;
+        try {
+          active = await activePreviewCount(ctx.projectId);
+        } catch (e) {
+          onError(e, { at: "preview.count" });
+          return c.json({ error: "Service unavailable", code: "db_unavailable" }, 503);
+        }
+        if (active >= ent.maxActivePreviews) {
+          return c.json(
+            {
+              error: `Active preview limit reached (${ent.maxActivePreviews}). Upgrade for more concurrent previews.`,
+              code: "preview_limit",
+              upgradeUrl
+            },
+            402
+          );
+        }
+      }
+      const tokens2 = await c.req.json();
+      const id2 = (0, import_nanoid.nanoid)(8);
+      const ttlMs = ent.previewPersistence ? null : previewTtlMs;
+      await store.putPreview(id2, tokens2, ttlMs);
+      const expiresAt = ttlMs == null ? null : new Date(Date.now() + ttlMs);
+      try {
+        await db.query(
+          "INSERT INTO previews (id, project_id, expires_at) VALUES ($1, $2, $3)",
+          [id2, ctx.projectId, expiresAt]
+        );
+      } catch (e) {
+        onError(e, { at: "preview.bookkeeping.insert", id: id2 });
+      }
+      const url2 = `?preview=${id2}`;
+      return c.json({ id: id2, url: url2 });
+    }
+    const tokens = await c.req.json();
+    const id = (0, import_nanoid.nanoid)(8);
+    await store.putPreview(id, tokens);
+    const url = `?preview=${id}`;
+    return c.json({ id, url });
+  });
+  app.get("/preview/:id", async (c) => {
+    const id = c.req.param("id");
+    const entry = await store.getPreview(id);
+    if (!entry) {
+      return c.json({ error: "Preview not found or expired" }, 404);
+    }
+    if (hosted) {
+      const ctx = c.get("auth");
+      let owned = false;
+      try {
+        const res = await db.query(
+          "SELECT 1 FROM previews WHERE id = $1 AND project_id = $2 LIMIT 1",
+          [id, ctx.projectId]
+        );
+        owned = Boolean(res && res.rows && res.rows.length);
+      } catch (e) {
+        onError(e, { at: "preview.owner", method: "GET", id });
+        return c.json({ error: "Service unavailable", code: "db_unavailable" }, 503);
+      }
+      if (!owned) {
+        return c.json({ error: "Preview not found or expired" }, 404);
+      }
+    }
+    return c.json(entry.tokens);
+  });
+  app.put("/preview/:id", async (c) => {
+    const id = c.req.param("id");
+    if (hosted) {
+      const denied = requireWrite(c);
+      if (denied) return denied;
+      const ctx = c.get("auth");
+      let owned = false;
+      try {
+        const res = await db.query(
+          "SELECT 1 FROM previews WHERE id = $1 AND project_id = $2 LIMIT 1",
+          [id, ctx.projectId]
+        );
+        owned = Boolean(res && res.rows && res.rows.length);
+      } catch (e) {
+        onError(e, { at: "preview.owner", method: "PUT", id });
+        return c.json({ error: "Service unavailable", code: "db_unavailable" }, 503);
+      }
+      if (!owned) {
+        return c.json({ error: "Preview not found" }, 404);
+      }
+    }
+    const tokens = await c.req.json();
+    const updated = await store.updatePreview(id, tokens);
+    if (!updated) {
+      return c.json({ error: "Preview not found" }, 404);
+    }
+    return c.json({ id, updated: true });
+  });
+  app.delete("/preview/:id", async (c) => {
+    const id = c.req.param("id");
+    if (hosted) {
+      const denied = requireWrite(c);
+      if (denied) return denied;
+      const ctx = c.get("auth");
+      let owned = false;
+      try {
+        const res = await db.query(
+          "SELECT 1 FROM previews WHERE id = $1 AND project_id = $2 LIMIT 1",
+          [id, ctx.projectId]
+        );
+        owned = Boolean(res && res.rows && res.rows.length);
+      } catch (e) {
+        onError(e, { at: "preview.owner", method: "DELETE", id });
+        return c.json({ error: "Service unavailable", code: "db_unavailable" }, 503);
+      }
+      if (!owned) {
+        return c.json({ error: "Preview not found" }, 404);
+      }
+      await store.deletePreview(id);
+      try {
+        await db.query("DELETE FROM previews WHERE id = $1 AND project_id = $2", [id, ctx.projectId]);
+      } catch (e) {
+        onError(e, { at: "preview.bookkeeping.delete", id });
+      }
+      return c.json({ deleted: true });
+    }
+    await store.deletePreview(id);
+    return c.json({ deleted: true });
+  });
+  app.post("/verify", async (c) => {
+    if (hosted) {
+      const denied = requireWrite(c);
+      if (denied) return denied;
+    }
+    const { storyId, bbox, meta } = await c.req.json();
+    const id = (0, import_nanoid.nanoid)(8);
+    await store.putVerification(id, { storyId, bbox, meta });
+    return c.json({ id });
+  });
+  app.get("/verify/latest", async (c) => {
+    const entry = await store.getLatestVerification();
+    if (!entry) {
+      return c.json({ error: "No verification reported yet" }, 404);
+    }
+    return c.json(entry);
+  });
+  app.get("/verify/:id", async (c) => {
+    const entry = await store.getVerification(c.req.param("id"));
+    if (!entry) {
+      return c.json({ error: "Verification not found or expired" }, 404);
+    }
+    return c.json(entry);
+  });
+  app.get("/tokens/latest", (c) => {
+    return c.json(getLatestTokens());
+  });
+  app.get("/tokens/resolved", (c) => {
+    const resolved = getResolvedTokens();
+    if (!resolved) {
+      return c.json(
+        { error: "No resolved token map. Run `sorb-seed resolve` (Style Dictionary build)." },
+        404
+      );
+    }
+    return c.json(resolved);
+  });
+  app.get("/artifacts", (c) => {
+    const idx = getArtifactIndex();
+    if (!idx) {
+      return c.json(
+        { error: "No artifact index. Run `sorb-seed capture`." },
+        404
+      );
+    }
+    return c.json(idx);
+  });
+  app.get("/artifact", (c) => {
+    const storyId = c.req.query("id");
+    if (!storyId) return c.json({ error: "Missing ?id=" }, 400);
+    const art = getArtifact(storyId);
+    if (!art) return c.json({ error: "Artifact not found for id: " + storyId }, 404);
+    return c.json(art);
+  });
+  app.get("/health", async (c) => {
+    return c.json({
+      ok: true,
+      namespace,
+      activePreviews: await store.countPreviews(),
+      verifications: await store.countVerifications()
+    });
+  });
+  app.get("/ready", async (c) => {
+    const checks = {};
+    try {
+      checks.store = await store.ping();
+    } catch (e) {
+      checks.store = false;
+    }
+    if (db) {
+      try {
+        checks.db = await db.ping();
+      } catch (e) {
+        checks.db = false;
+      }
+    }
+    const ok = Object.values(checks).every(Boolean);
+    return c.json({ ok, checks }, ok ? 200 : 503);
+  });
+  return app;
+};
+// src/store/memory.js
+var createMemoryStore = (config) => {
+  const ttlMs = config.previewTtlMs;
+  const pruneIntervalMs = config.pruneIntervalMs;
+  const previews = /* @__PURE__ */ new Map();
+  const verifications = /* @__PURE__ */ new Map();
+  let latestVerifyId = null;
+  const isExpired = (entry, now) => now - entry.createdAt > ttlMs;
+  const pruneTimer = setInterval(() => {
+    const now = Date.now();
+    for (const [id, entry] of previews) {
+      if (isExpired(entry, now)) previews.delete(id);
+    }
+    for (const [id, entry] of verifications) {
+      if (isExpired(entry, now)) {
+        verifications.delete(id);
+        if (id === latestVerifyId) latestVerifyId = null;
+      }
+    }
+  }, pruneIntervalMs);
+  if (typeof pruneTimer.unref === "function") pruneTimer.unref();
+  const putPreview = async (id, tokens) => {
+    previews.set(id, { tokens, createdAt: Date.now() });
+  };
+  const getPreview = async (id) => {
+    const entry = previews.get(id);
+    if (!entry) return null;
+    if (isExpired(entry, Date.now())) {
+      previews.delete(id);
+      return null;
+    }
+    return entry;
+  };
+  const hasPreview = async (id) => {
+    return await getPreview(id) !== null;
+  };
+  const updatePreview = async (id, tokens) => {
+    if (!await hasPreview(id)) return false;
+    previews.set(id, { tokens, createdAt: Date.now() });
+    return true;
+  };
+  const deletePreview = async (id) => {
+    previews.delete(id);
+  };
+  const countPreviews = async () => {
+    const now = Date.now();
+    let n = 0;
+    for (const entry of previews.values()) {
+      if (!isExpired(entry, now)) n++;
+    }
+    return n;
+  };
+  const putVerification = async (id, { storyId, bbox, meta }) => {
+    verifications.set(id, { storyId, bbox, meta, createdAt: Date.now() });
+    latestVerifyId = id;
+  };
+  const getVerification = async (id) => {
+    const entry = verifications.get(id);
+    if (!entry) return null;
+    if (isExpired(entry, Date.now())) {
+      verifications.delete(id);
+      if (id === latestVerifyId) latestVerifyId = null;
+      return null;
+    }
+    return entry;
+  };
+  const getLatestVerification = async () => {
+    if (!latestVerifyId) return null;
+    return getVerification(latestVerifyId);
+  };
+  const countVerifications = async () => {
+    const now = Date.now();
+    let n = 0;
+    for (const entry of verifications.values()) {
+      if (!isExpired(entry, now)) n++;
+    }
+    return n;
+  };
+  const ping = async () => true;
+  const close = async () => {
+    clearInterval(pruneTimer);
+  };
+  return {
+    putPreview,
+    getPreview,
+    hasPreview,
+    updatePreview,
+    deletePreview,
+    countPreviews,
+    putVerification,
+    getVerification,
+    getLatestVerification,
+    countVerifications,
+    ping,
+    close
+  };
+};
+// src/store/index.js
+var createStore = async (config) => {
+  if (config.redisUrl) {
+    const { createRedisStore: createRedisStore2 } = await Promise.resolve().then(() => (init_redis(), redis_exports));
+    return createRedisStore2(config);
+  }
+  return createMemoryStore(config);
+};
+// src/config.js
+var DEFAULTS = Object.freeze({
+  PORT: 7777,
+  SORB_NAMESPACE: "sorb-local",
+  REDIS_URL: void 0,
+  DATABASE_URL: void 0,
+  CORS_ORIGINS: "*",
+  // open by default = free local mode
+  PREVIEW_TTL_MS: 864e5,
+  // 24h — preserves today's preview/verify lifetime
+  PRUNE_INTERVAL_MS: 36e5,
+  // 1h — preserves today's in-memory prune cadence
+  NODE_ENV: "development"
+});
+var intOr = (raw, fallback) => {
+  if (raw === void 0 || raw === null || String(raw).trim() === "") return fallback;
+  const n = Number.parseInt(String(raw), 10);
+  return Number.isFinite(n) && n > 0 ? n : fallback;
+};
+var strOrUndef = (raw) => {
+  if (raw === void 0 || raw === null) return void 0;
+  const s = String(raw).trim();
+  return s === "" ? void 0 : s;
+};
+var parseCorsOrigins = (raw) => {
+  const s = strOrUndef(raw);
+  if (s === void 0) return "*";
+  const parts = s.split(",").map((o) => o.trim()).filter((o) => o !== "");
+  if (parts.length === 0 || parts.includes("*")) return "*";
+  return Array.from(new Set(parts));
+};
+var loadConfig = (env = process.env) => {
+  const redisUrl = strOrUndef(env.REDIS_URL);
+  const databaseUrl = strOrUndef(env.DATABASE_URL);
+  const config = {
+    port: intOr(env.PORT, DEFAULTS.PORT),
+    namespace: strOrUndef(env.SORB_NAMESPACE) ?? DEFAULTS.SORB_NAMESPACE,
+    // Presence of these URLs is the switch that activates each hosted backend.
+    redisUrl,
+    databaseUrl,
+    corsOrigins: parseCorsOrigins(env.CORS_ORIGINS),
+    previewTtlMs: intOr(env.PREVIEW_TTL_MS, DEFAULTS.PREVIEW_TTL_MS),
+    pruneIntervalMs: intOr(env.PRUNE_INTERVAL_MS, DEFAULTS.PRUNE_INTERVAL_MS),
+    nodeEnv: strOrUndef(env.NODE_ENV) ?? DEFAULTS.NODE_ENV,
+    // Convenience flags so the store factory + /ready don't re-derive presence.
+    redisEnabled: redisUrl !== void 0,
+    databaseEnabled: databaseUrl !== void 0,
+    hosted: redisUrl !== void 0 || databaseUrl !== void 0
+  };
+  return Object.freeze(config);
+};
+// src/db/migrate.js
+var import_promises = require("node:fs/promises");
+var import_node_path = require("node:path");
+var import_node_url = require("node:url");
+var SELF_URL = __sorbModuleUrl;
+var MIGRATIONS_DIR = (0, import_node_path.join)((0, import_node_path.dirname)((0, import_node_url.fileURLToPath)(SELF_URL)), "migrations");
+var SCHEMA_MIGRATIONS_DDL = `
+CREATE TABLE IF NOT EXISTS schema_migrations (
+  filename    text PRIMARY KEY,
+  applied_at  timestamptz NOT NULL DEFAULT now()
+)
+`;
+async function runMigrations(db, opts) {
+  if (!db) {
+    throw new Error("runMigrations: no DbHandle (DATABASE_URL not configured?)");
+  }
+  const dir = opts && opts.dir || MIGRATIONS_DIR;
+  await db.query(SCHEMA_MIGRATIONS_DDL);
+  let entries;
+  try {
+    entries = await (0, import_promises.readdir)(dir);
+  } catch (e) {
+    if (e && e.code === "ENOENT") return [];
+    throw e;
+  }
+  const files = entries.filter((f) => f.toLowerCase().endsWith(".sql")).sort((a, b) => a < b ? -1 : a > b ? 1 : 0);
+  const appliedRes = await db.query("SELECT filename FROM schema_migrations");
+  const already = new Set((appliedRes.rows || []).map((r) => r.filename));
+  const applied = [];
+  for (const file of files) {
+    if (already.has(file)) continue;
+    const sql = await (0, import_promises.readFile)((0, import_node_path.join)(dir, file), "utf8");
+    await db.tx(async (client) => {
+      await client.query(sql);
+      await client.query("INSERT INTO schema_migrations (filename) VALUES ($1)", [file]);
+    });
+    applied.push(file);
+    console.log(`[db] applied migration ${file}`);
+  }
+  return applied;
+}
+// src/db/index.js
+async function createDb(config) {
+  const databaseUrl = config && config.databaseUrl;
+  if (!databaseUrl) {
+    return null;
+  }
+  const pgModule = await import("pg");
+  const pg = pgModule.default || pgModule;
+  const { Pool } = pg;
+  const pool = new Pool({
+    connectionString: databaseUrl,
+    // Keep the pool conservative; the bridge is mostly Redis-bound. These can
+    // be tuned later via config if needed.
+    max: 10,
+    idleTimeoutMillis: 3e4,
+    connectionTimeoutMillis: 1e4
+  });
+  pool.on("error", (err) => {
+    console.error("[db] idle pool client error:", err && err.message ? err.message : err);
+  });
+  async function query(text, params) {
+    return pool.query(text, params);
+  }
+  async function getClient() {
+    return pool.connect();
+  }
+  async function tx(fn) {
+    const client = await pool.connect();
+    try {
+      await client.query("BEGIN");
+      const result = await fn(client);
+      await client.query("COMMIT");
+      return result;
+    } catch (e) {
+      try {
+        await client.query("ROLLBACK");
+      } catch (rollbackErr) {
+        console.error("[db] rollback failed:", rollbackErr && rollbackErr.message ? rollbackErr.message : rollbackErr);
+      }
+      throw e;
+    } finally {
+      client.release();
+    }
+  }
+  async function ping() {
+    try {
+      const res = await pool.query("SELECT 1 AS ok");
+      return Boolean(res && res.rows && res.rows.length === 1);
+    } catch (e) {
+      console.error("[db] ping failed:", e && e.message ? e.message : e);
+      return false;
+    }
+  }
+  let closed = false;
+  async function close() {
+    if (closed) return;
+    closed = true;
+    try {
+      await pool.end();
+    } catch (e) {
+      console.error("[db] close failed:", e && e.message ? e.message : e);
+    }
+  }
+  const handle = {
+    pool,
+    query,
+    getClient,
+    tx,
+    ping,
+    close,
+    /** Apply pending SQL migrations in order. @returns {Promise<string[]>} */
+    runMigrations: () => runMigrations(handle)
+  };
+  return handle;
+}
+// src/watch.js
+var import_chokidar = __toESM(require("chokidar"));
+var import_fs = require("fs");
+var import_path = require("path");
+var import_picocolors = __toESM(require("picocolors"));
+var watchTokenFile = (tokenPath, onChange) => {
+  const abs = (0, import_path.resolve)(process.cwd(), tokenPath);
+  if (!(0, import_fs.existsSync)(abs)) {
+    console.error(import_picocolors.default.red(`  \u2717 Token file not found: ${abs}`));
+    process.exit(1);
+  }
+  const read = () => {
+    try {
+      return JSON.parse((0, import_fs.readFileSync)(abs, "utf-8"));
+    } catch (err) {
+      console.error(import_picocolors.default.red(`  \u2717 Failed to parse token file: ${abs}`));
+      return {};
+    }
+  };
+  const watcher = import_chokidar.default.watch(abs, {
+    ignoreInitial: true,
+    awaitWriteFinish: { stabilityThreshold: 100 }
+  });
+  watcher.on("change", () => {
+    console.log(import_picocolors.default.cyan(`  \u2192 Token file changed`));
+    onChange(read());
+  });
+  watcher.on("error", (err) => {
+    console.error(import_picocolors.default.red(`  \u2717 Watcher error:`), err);
+  });
+  return {
+    read,
+    stop: () => watcher.close()
+  };
+};
+// src/transform.js
+var import_child_process = require("child_process");
+var import_fs2 = require("fs");
+var import_path2 = require("path");
+var import_picocolors2 = __toESM(require("picocolors"));
+var runStyleDictionary = (configPath) => {
+  const abs = (0, import_path2.resolve)(process.cwd(), configPath);
+  if (!(0, import_fs2.existsSync)(abs)) {
+    console.warn(
+      import_picocolors2.default.yellow(`  \u26A0 style-dictionary config not found at ${configPath}, skipping`)
+    );
+    return false;
+  }
+  try {
+    console.log(import_picocolors2.default.dim("  \u2192 Running Style Dictionary..."));
+    (0, import_child_process.execSync)(`npx style-dictionary build --config ${abs}`, {
+      stdio: "inherit",
+      cwd: process.cwd()
+    });
+    console.log(import_picocolors2.default.green("  \u2713 Style Dictionary build complete"));
+    return true;
+  } catch (e) {
+    console.error(import_picocolors2.default.red("  \u2717 Style Dictionary build failed"));
+    return false;
+  }
+};
+// src/github.js
+var import_picocolors3 = __toESM(require("picocolors"));
+var openTokenPR = async (opts) => {
+  const base = `https://api.github.com/repos/${opts.owner}/${opts.repo}`;
+  const headers = {
+    Authorization: `Bearer ${opts.pat}`,
+    "Content-Type": "application/json",
+    Accept: "application/vnd.github+json"
+  };
+  const mainRef = await fetch(`${base}/git/ref/heads/main`, { headers }).then((r) => r.json());
+  const sha = mainRef.object.sha;
+  const branchName = `tokens/update-${Date.now()}`;
+  await fetch(`${base}/git/refs`, {
+    method: "POST",
+    headers,
+    body: JSON.stringify({
+      ref: `refs/heads/${branchName}`,
+      sha
+    })
+  });
+  const fileRes = await fetch(`${base}/contents/${opts.tokenPath}`, {
+    headers
+  });
+  const fileData = fileRes.ok ? await fileRes.json() : null;
+  await fetch(`${base}/contents/${opts.tokenPath}`, {
+    method: "PUT",
+    headers,
+    body: JSON.stringify({
+      message: opts.message,
+      content: Buffer.from(opts.content).toString("base64"),
+      branch: branchName,
+      ...fileData?.sha ? { sha: fileData.sha } : {}
+    })
+  });
+  const pr = await fetch(`${base}/pulls`, {
+    method: "POST",
+    headers,
+    body: JSON.stringify({
+      title: opts.message,
+      head: branchName,
+      base: "main",
+      body: [
+        "> \u{1F3A8} Created by **Sorb**",
+        "",
+        "This PR was generated from the Sorb Figma plugin.",
+        "Review the token diff and merge to apply changes to the app."
+      ].join("\n")
+    })
+  }).then((r) => r.json());
+  return pr.html_url;
+};
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  createDb,
+  createMemoryStore,
+  createServer,
+  createStore,
+  loadConfig,
+  openTokenPR,
+  runStyleDictionary,
+  watchTokenFile
+});
+//# sourceMappingURL=index.js.map