npm - @spilki/widget - Versions diffs - 0.1.0 → 0.1.2 - Mend

@spilki/widget 0.1.0 → 0.1.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (20) hide show

package/README.md +29 -25
package/dist/bootstrap.es.js +168 -120
package/dist/bootstrap.es.js.map +1 -1
package/dist/bootstrap.umd.js +4 -4
package/dist/bootstrap.umd.js.map +1 -1
package/dist/core/jwt.d.ts.map +1 -1
package/dist/core/state.d.ts +5 -2
package/dist/core/state.d.ts.map +1 -1
package/dist/core/transport.d.ts +1 -2
package/dist/core/transport.d.ts.map +1 -1
package/dist/core/utils.d.ts +4 -4
package/dist/core/utils.d.ts.map +1 -1
package/dist/index.d.ts.map +1 -1
package/dist/types.d.ts +4 -2
package/dist/types.d.ts.map +1 -1
package/dist/widget.es.js +169 -121
package/dist/widget.es.js.map +1 -1
package/dist/widget.umd.js +4 -4
package/dist/widget.umd.js.map +1 -1
package/package.json +1 -1

package/README.md CHANGED Viewed

@@ -3,7 +3,8 @@
 [![npm version](https://img.shields.io/npm/v/%40spilki/widget.svg)](https://www.npmjs.com/package/@spilki/widget)
 [![bundle size](https://img.shields.io/badge/gzip%20%3C=35kB-success)](#size-budget)
-Embeddable chat widget that connects your website visitors with the Spilki assistant backend via a secure Web Widget channel.
+Embeddable chat widget that connects your website visitors with the Spilki assistant backend via a secure Web Widget
+channel.
 ## Features
@@ -24,40 +25,38 @@ npm install @spilki/widget
 ### CDN (UMD)
 ```html
 <script src="https://cdn.jsdelivr.net/npm/@spilki/widget/dist/widget.umd.js"
         data-org="ori-bar"
-        data-assistant="main-bot"
         data-token="<your-jwt>"></script>
 ```
 ### ESM
 ```ts
-import { initSpilkiWidget } from "@spilki/widget";
+import {initSpilkiWidget} from "@spilki/widget";
 initSpilkiWidget({
-  org: "ori-bar",
-  assistant: "main-bot",
-  token: "<your-jwt>"
+    org: "ori-bar",
+    token: "<your-jwt>"
 });
 ```
 ## Options
-| Option | Type | Default | Description |
-| --- | --- | --- | --- |
-| `org` | `string` | – | Spilki organisation identifier. |
-| `assistant` | `string` | – | Assistant identifier. |
-| `token` | `string?` | – | Signed JWT obtained from the admin UI or backend. |
-| `apiBase` | `string?` | `https://api.spilki.ai` | Override API endpoint (useful for staging/local). |
-| `position` | `"bottom-right" \| "bottom-left"` | `"bottom-right"` | Corner to anchor the bubble + panel. |
-| `theme` | `"auto" \| "light" \| "dark"` | `"auto"` | Force light/dark or respect OS preference. |
-| `color` | `string?` | `#6366f1` | Accent color for bubble + primary CTA. |
-| `welcome` | `string?` | "Hi! I'm your assistant." | Greeting shown when no conversation exists. |
-| `persist` | `boolean?` | `true` | Persist session + history in localStorage. |
-| `allowedOriginsHint` | `string[]?` | – | List of origins expected to be in JWT allowlist. Logs warnings during misconfiguration. |
-| `i18n` | `Partial<WidgetI18n>?` | – | Override UI strings (welcome, placeholder, sendLabel, typing, offline, title). |
-| `hooks` | `Partial<WidgetHooks>?` | – | Telemetry callbacks for open/close/message/error/transport change. |
+| Option               | Type                              | Default                   | Description                                                                             |
+|----------------------|-----------------------------------|---------------------------|-----------------------------------------------------------------------------------------|
+| `org`                | `string`                          | –                         | Spilki organisation identifier.                                                         |
+| `token`              | `string?`                         | –                         | Signed JWT obtained from the admin UI or backend.                                       |
+| `apiBase`            | `string?`                         | `https://api.spilki.ai`   | Override API endpoint (useful for staging/local).                                       |
+| `position`           | `"bottom-right" \| "bottom-left"` | `"bottom-right"`          | Corner to anchor the bubble + panel.                                                    |
+| `theme`              | `"auto" \| "light" \| "dark"`     | `"auto"`                  | Force light/dark or respect OS preference.                                              |
+| `color`              | `string?`                         | `#6366f1`                 | Accent color for bubble + primary CTA.                                                  |
+| `welcome`            | `string?`                         | "Hi! I'm your assistant." | Greeting shown when no conversation exists.                                             |
+| `persist`            | `boolean?`                        | `true`                    | Persist session + history in localStorage.                                              |
+| `allowedOriginsHint` | `string[]?`                       | –                         | List of origins expected to be in JWT allowlist. Logs warnings during misconfiguration. |
+| `i18n`               | `Partial<WidgetI18n>?`            | –                         | Override UI strings (welcome, placeholder, sendLabel, typing, offline, title).          |
+| `hooks`              | `Partial<WidgetHooks>?`           | –                         | Telemetry callbacks for open/close/message/error/transport change.                      |
 ## Security
@@ -66,13 +65,16 @@ The widget never stores credentials. Provide a short-lived JWT (HS256) issued se
 ```json
 {
   "organisation_id": "ori-bar",
-  "assistant_id": "main-bot",
-  "allowed_origins": ["https://yourdomain.com"],
+  "allowed_origins": [
+    "https://yourdomain.com"
+  ],
   "exp": 1760000000
 }
 ```
-During `POST /widget/connect` the widget sends `Origin` and the JWT for verification. Expired tokens are rejected client-side before any network call. Rotate tokens frequently and limit the allowed origins array to trusted domains only.
+During `POST /widget/session` the widget sends `Origin` and the JWT for verification. Expired tokens are rejected
+client-side before any network call. Rotate tokens frequently and limit the allowed origins array to trusted domains
+only.
 See [`apps/mock-server/openapi.yaml`](../apps/mock-server/openapi.yaml) for the full handshake specification.
@@ -92,8 +94,10 @@ pnpm install
 pnpm -w dev # runs mock server + demo site
 ```
-Open [http://localhost:5174](http://localhost:5174) and use **Issue token** to obtain a development JWT. Messages are relayed via websocket by default; stop the websocket server to see SSE fallback.
+Open [http://localhost:5174](http://localhost:5174) and use **Issue token** to obtain a development JWT. Messages are
+relayed via websocket by default; stop the websocket server to see SSE fallback.
 ## Publishing
-The GitHub Actions workflow publishes on tags that match `v*`. Ensure `NPM_TOKEN` is configured in the repository secrets before tagging `v0.1.0` or later.
+The GitHub Actions workflow publishes on tags that match `v*`. Ensure `NPM_TOKEN` is configured in the repository
+secrets before tagging `v0.1.2` or later.