@stackframe/stack-shared 2.8.34 → 2.8.36

package/dist/esm/utils/types.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../../../src/utils/types.tsx"],"sourcesContent":["import { DeepPartial } from \"./objects\";\nimport { Join } from \"./strings\";\n\nexport type IsAny<T> = 0 extends (1 & T) ? true : false;\nexport type IsNever<T> = [T] extends [never] ? true : false;\nexport type IsNullish<T> = [T] extends [null | undefined] ? true : false;\nexport type IsUnion<T, U = T> =\n  IsNever<T> extends true ? false\n  : IsAny<T> extends true ? false\n    : T extends U // distributive conditional https://www.typescriptlang.org/docs/handbook/2/conditional-types.html#distributive-conditional-types\n        ? /* if the *whole* original type (`U`) still fits inside the current variant, then `T` wasn’t a union */ ([U] extends [T] ? false : true)\n        : never;\n\nexport type NullishCoalesce<T, U> = T extends null | undefined ? U : T;\n\nexport type LastUnionElement<U> = UnionToIntersection<U extends any ? (x: U) => 0 : never> extends (x: infer L) => 0 ? L & U : never;\n\n/**\n * Makes a type prettier by recursively expanding all object types. For example, `Omit<{ a: 1 }, \"a\">` becomes just `{}`.\n */\nexport type Expand<T> = T extends (...args: infer A) => infer R\n  ? (\n    ((...args: A) => R) extends T\n      ? (...args: Expand<A>) => Expand<R>\n      : ((...args: Expand<A>) => Expand<R>) & { [K in keyof T]: Expand<T[K]> }\n  )\n  : (\n    T extends object\n      ? { [K in keyof T]: Expand<T[K]> }\n      : T\n  );\n\n\n/**\n * Removes all optional undefined/never keys from an object.\n */\nexport type DeepRemoveOptionalUndefined<T> = T extends object ? { [K in keyof T]: DeepRemoveOptionalUndefined<T[K]> } : T;\n\n// why this works: https://stackoverflow.com/a/50375286\nexport type UnionToIntersection<U> =\n  (U extends any ? (x: U) => void : never) extends ((x: infer I) => void) ? I : never\n\ntype _UnionToTupleInner<U, R extends any[], Last> = UnionToTuple<Exclude<U, Last>, [...R, Last]>\nexport type UnionToTuple<U, R extends any[] = []> = [U] extends [never] ? R : _UnionToTupleInner<U, R, LastUnionElement<U>>;\n\nexport type CollapseObjectUnion<T extends object> = {\n  [K in AllUnionKeys<T>]?: T extends Record<K, infer V> ? V : never;\n};\ntypeAssertIs<CollapseObjectUnion<{ a: string } | { b: number }>, { a?: string, b?: number }>()();\ntypeAssertIs<CollapseObjectUnion<{ a: string } | { a: number }>, { a?: string | number }>()();\n\nexport type IntersectAll<T extends any[]> = UnionToIntersection<T[number]>;\n\nexport type OptionalKeys<T> = {\n  [K in keyof T]: {} extends Pick<T, K> ? K : never;\n}[keyof T];\nexport type RequiredKeys<T> = {\n  [K in keyof T]: {} extends Pick<T, K> ? never : K;\n}[keyof T];\n\n/**\n * Returns a type whose keys are the intersection of the keys of T and U, deeply.\n */\nexport type KeyIntersect<T, U> =\n  | { [K in keyof T & keyof U]?: T[K] & U[K] }\n  | { [K in RequiredKeys<T> & keyof U]: T[K] & U[K] }\n  | { [K in RequiredKeys<U> & keyof T]: U[K] & T[K] }\n\n/**\n * Returns ALL keys of all union elements.\n */\nexport type AllUnionKeys<T extends object> = T extends T ? keyof T : never;\ntypeAssertIs<AllUnionKeys<{ a: string } | { b: number }>, \"a\" | \"b\">()();\n\nexport type SubtractType<T, U> = T extends object ? { [K in keyof T]: K extends keyof U ? SubtractType<T[K], U[K]> : T[K] } : (T extends U ? never : T); // note: this only works due to the distributive property of conditional types https://www.typescriptlang.org/docs/handbook/2/conditional-types.html#distributive-conditional-types\n\n\ntype _AntiIntersectInner<T, U> = T extends object ? (\n  & Omit<U, keyof T>\n  & { [K in keyof Pick<U, { [K in keyof T & keyof U]: U[K] extends T[K] ? (T[K] extends U[K] ? never : K) : never }[keyof T & keyof U]>]: PseudoAntiIntersect<T[K], U[K]> }\n  & { [K in keyof Pick<U, keyof T & keyof U>]?: PseudoAntiIntersect<T[K], U[K]> }\n) : U;\n/**\n * Returns a type R such that T & R = U.\n */\nexport type AntiIntersect<T, U> = U extends T ? _AntiIntersectInner<T, U> : \"Cannot anti-intersect a type with a type that is not a subtype of it\"; // NOTE: This type is mostly untested — not sure how well it works on the edge cases\nexport type PseudoAntiIntersect<T, U> = _AntiIntersectInner<T, T & U>;\n\n/**\n * A variation of TypeScript's conditionals with slightly different semantics. It is the perfect type for cases where:\n *\n * - If all possible values are contained in `Extends`, then it will be mapped to `Then`.\n * - If all possible values are not contained in `Extends`, then it will be mapped to `Otherwise`.\n * - If some possible values are contained in `Extends` and some are not, then it will be mapped to `Then | Otherwise`.\n *\n * This is different from TypeScript's built-in conditional types (`Value extends Extends ? Then : Otherwise`), which\n * returns `Otherwise` for the third case (causing unsoundness in many real-world cases).\n */\nexport type IfAndOnlyIf<Value, Extends, Then, Otherwise> =\n  | (Value extends Extends ? never : Otherwise)\n  | (Value & Extends extends never ? never : Then);\n\n\n/**\n * Can be used to prettify a type in the IDE; for example, some complicated intersected types can be flattened into a single type.\n */\nexport type PrettifyType<T> = T extends object ? { [K in keyof T]: T[K] } & {} : T;\n\ntype _ToStringAndJoin<T extends any[], Separator extends string> =\n  T extends [infer U, ...infer Rest extends any[]]\n    ? `${TypeToString<U>}${Rest extends [any, ...any[]] ? `${Separator}${_ToStringAndJoin<Rest, Separator>}` : \"\"}`\n    : \"<error-joining-tuple-elements>\";\ntype _TypeToStringInner<T> =\n  IsAny<T> extends true ? \"any\"\n  : IsNever<T> extends true ? \"never\"\n  : IsUnion<T> extends true ? _ToStringAndJoin<UnionToTuple<T>, \" | \">\n  : [T] extends [number] ? (number extends T ? \"number\" : `${T}`)\n  : [T] extends [boolean] ? `${T}`\n  : [T] extends [undefined] ? \"undefined\"\n  : [T] extends [null] ? \"null\"\n  : [T] extends [string] ? (string extends T ? \"string\" : `'${T}'`)\n  : [T] extends [[]] ? \"[]\"\n  : [T] extends [[any, ...any[]]] ? `[${_ToStringAndJoin<T, \", \">}]`\n  : [T] extends [(infer E)[]] ? `${TypeToString<E>}[]`\n  : [T] extends [Function] ? \"function\"\n  : [T] extends [symbol] ? `symbol(${T['description']})`\n  : [T] extends [object] ? `{ ${Join<UnionToTuple<{ [K in keyof T]: `${TypeToString<K>}: ${TypeToString<T[K]>}` }[keyof T]>, \", \">} }`\n  : \"<unknown-type>\"\nexport type TypeToString<T> = _TypeToStringInner<T> extends `${infer S}` ? S : never;\n\n/**\n * Can be used to create assertions on types. For example, if passed any T other than `true`, the following will\n * show a type error:\n *\n * ```ts\n * typeAssert<T>()();  // the second pair of braces is important!\n * ```\n */\nexport function typeAssert<T>(): (\n  IsAny<T> extends true ? TypeAssertionError<`Type assertion failed. Expected true, but got any.`>\n    : IsNever<T> extends true ? TypeAssertionError<`Type assertion failed. Expected true, but got never.`>\n    : T extends true ? (() => undefined)\n    : TypeAssertionError<`Type assertion failed. Expected true, but got: ${TypeToString<T>}`>\n) {\n  return (() => undefined) as any;\n}\ntype TypeAssertionError<T> =\n  & [T]\n  & /* this promise makes sure that if we accidentally forget the second pair of braces, eslint will complain (if we have no-floating-promises enabled) */ Promise<any>;\n\n\ntypeAssertExtends<ReturnType<typeof typeAssert<true>>, () => undefined>()();\ntypeAssertExtends<ReturnType<typeof typeAssert<false>>, TypeAssertionError<`Type assertion failed. Expected true, but got: false`>>()();\ntypeAssertExtends<ReturnType<typeof typeAssert<never>>, TypeAssertionError<`Type assertion failed. Expected true, but got never.`>>()();\ntypeAssertExtends<ReturnType<typeof typeAssert<any>>, TypeAssertionError<`Type assertion failed. Expected true, but got any.`>>()();\n\n/**\n * Functionally equivalent to `typeAssert<T extends S ? true : false>()()`, but with better error messages.\n */\nexport function typeAssertExtends<T, S>(): (\n  [T] extends [S] ? (() => undefined) : TypeAssertionError<`Type assertion failed. Expected ${TypeToString<T>} to extend ${TypeToString<S>}`>\n) {\n  return (() => undefined) as any;\n}\n\ntypeAssertExtends<ReturnType<typeof typeAssertExtends<never, true>>, () => undefined>()();\ntypeAssertExtends<ReturnType<typeof typeAssertExtends<any, true>>, () => undefined>()();\ntypeAssertExtends<ReturnType<typeof typeAssertExtends<false, false>>, () => undefined>()();\ntypeAssertExtends<ReturnType<typeof typeAssertExtends<\"abc\", string>>, () => undefined>()();\ntypeAssertExtends<ReturnType<typeof typeAssertExtends<{a: 1, b: 123}, {a: number}>>, () => undefined>()();\ntypeAssertExtends<ReturnType<typeof typeAssertExtends<never, never>>, () => undefined>()();\ntypeAssertExtends<ReturnType<typeof typeAssertExtends<true, any>>, () => undefined>()();\n\ntypeAssertExtends<ReturnType<typeof typeAssertExtends<{a: number}, {a: 1}>>, [\"Type assertion failed. Expected { 'a': number } to extend { 'a': 1 }\"]>()();\ntypeAssertExtends<ReturnType<typeof typeAssertExtends<any, never>>, [\"Type assertion failed. Expected any to extend never\"]>()();\ntypeAssertExtends<ReturnType<typeof typeAssertExtends<false, true>>, [\"Type assertion failed. Expected false to extend true\"]>()();\ntypeAssertExtends<ReturnType<typeof typeAssertExtends<false, never>>, [\"Type assertion failed. Expected false to extend never\"]>()();\n\n\nexport function typeAssertIs<T, U>(): (\n  IsAny<T> extends true ? (IsAny<U> extends true ? (() => undefined) : TypeAssertionError<`Type assertion failed. Expected ${TypeToString<T>} to be ${TypeToString<U>}`>)\n    : IsAny<U> extends true ? TypeAssertionError<`Type assertion failed. Expected ${TypeToString<T>} to be ${TypeToString<U>}`>\n    : [T] extends [U] ? ([U] extends [T] ? (() => undefined) : TypeAssertionError<`Type assertion failed. Expected ${TypeToString<T>} to be ${TypeToString<U>}`>)\n    : TypeAssertionError<`Type assertion failed. Expected ${TypeToString<T>} to be ${TypeToString<U>}`>\n) {\n  return (() => undefined) as any;\n}\n\ntypeAssertExtends<ReturnType<typeof typeAssertIs<\"123\", \"123\">>, () => undefined>()();\ntypeAssertExtends<ReturnType<typeof typeAssertIs<{a: 1}, {a: 1}>>, () => undefined>()();\ntypeAssertExtends<ReturnType<typeof typeAssertIs<DeepPartial<{a: 1}>, {a?: 1}>>, () => undefined>()();\ntypeAssertExtends<ReturnType<typeof typeAssertIs<any, any>>, () => undefined>()();\ntypeAssertExtends<ReturnType<typeof typeAssertIs<never, never>>, () => undefined>()();\ntypeAssertExtends<ReturnType<typeof typeAssertIs<1, any>>, [\"Type assertion failed. Expected 1 to be any\"]>()();\ntypeAssertExtends<ReturnType<typeof typeAssertIs<any, 1>>, [\"Type assertion failed. Expected any to be 1\"]>()();\ntypeAssertExtends<ReturnType<typeof typeAssertIs<false, true>>, [\"Type assertion failed. Expected false to be true\"]>()();\ntypeAssertExtends<ReturnType<typeof typeAssertIs<{a: number}, {a: 1}>>, [\"Type assertion failed. Expected { 'a': number } to be { 'a': 1 }\"]>()();\ntypeAssertExtends<ReturnType<typeof typeAssertIs<any, never>>, [\"Type assertion failed. Expected any to be never\"]>()();\ntypeAssertExtends<ReturnType<typeof typeAssertIs<false, true>>, [\"Type assertion failed. Expected false to be true\"]>()();\ntypeAssertExtends<ReturnType<typeof typeAssertIs<false, never>>, [\"Type assertion failed. Expected false to be never\"]>()();\n"],"mappings":";AAgDA,aAA6F,EAAE;AAC/F,aAA0F,EAAE;AAuB5F,aAAqE,EAAE;AAkEhE,SAAS,aAKd;AACA,SAAQ,MAAM;AAChB;AAMA,kBAAwE,EAAE;AAC1E,kBAAoI,EAAE;AACtI,kBAAoI,EAAE;AACtI,kBAAgI,EAAE;AAK3H,SAAS,oBAEd;AACA,SAAQ,MAAM;AAChB;AAEA,kBAAsF,EAAE;AACxF,kBAAoF,EAAE;AACtF,kBAAuF,EAAE;AACzF,kBAAwF,EAAE;AAC1F,kBAAsG,EAAE;AACxG,kBAAuF,EAAE;AACzF,kBAAoF,EAAE;AAEtF,kBAAuJ,EAAE;AACzJ,kBAA6H,EAAE;AAC/H,kBAA+H,EAAE;AACjI,kBAAiI,EAAE;AAG5H,SAAS,eAKd;AACA,SAAQ,MAAM;AAChB;AAEA,kBAAkF,EAAE;AACpF,kBAAoF,EAAE;AACtF,kBAAkG,EAAE;AACpG,kBAA8E,EAAE;AAChF,kBAAkF,EAAE;AACpF,kBAA4G,EAAE;AAC9G,kBAA4G,EAAE;AAC9G,kBAAsH,EAAE;AACxH,kBAA8I,EAAE;AAChJ,kBAAoH,EAAE;AACtH,kBAAsH,EAAE;AACxH,kBAAwH,EAAE;","names":[]}
+{"version":3,"sources":["../../../src/utils/types.tsx"],"sourcesContent":["import { DeepPartial } from \"./objects\";\nimport { Join } from \"./strings\";\n\nexport type IsAny<T> = 0 extends (1 & T) ? true : false;\nexport type IsNever<T> = [T] extends [never] ? true : false;\nexport type IsNullish<T> = [T] extends [null | undefined] ? true : false;\nexport type IsUnion<T, U = T> =\n  IsNever<T> extends true ? false\n  : IsAny<T> extends true ? false\n    : T extends U // distributive conditional https://www.typescriptlang.org/docs/handbook/2/conditional-types.html#distributive-conditional-types\n        ? /* if the *whole* original type (`U`) still fits inside the current variant, then `T` wasn’t a union */ ([U] extends [T] ? false : true)\n        : never;\n\nexport type NullishCoalesce<T, U> = T extends null | undefined ? U : T;\n\nexport type LastUnionElement<U> = UnionToIntersection<U extends any ? (x: U) => 0 : never> extends (x: infer L) => 0 ? L & U : never;\n\ntype primitive = string | number | boolean | bigint | symbol | null | undefined;\n\n/**\n * Makes a type prettier by recursively expanding all object types. For example, `Omit<{ a: 1 }, \"a\">` becomes just `{}`.\n */\nexport type Expand<T> = T extends (...args: infer A) => infer R\n  ? ((...args: A) => R) extends T\n    ? (...args: Expand<A>) => Expand<R>\n    : ((...args: Expand<A>) => Expand<R>) & { [K in keyof T]: Expand<T[K]> }\n  : T extends object\n    ? T extends primitive\n      ? T\n      : T extends infer O\n        ? { [K in keyof O]: Expand<O[K]> }\n        : never\n    : T;\n\n\n/**\n * Removes all optional undefined/never keys from an object.\n */\nexport type DeepRemoveOptionalUndefined<T> = T extends object ? { [K in keyof T]: DeepRemoveOptionalUndefined<T[K]> } : T;\n\n// why this works: https://stackoverflow.com/a/50375286\nexport type UnionToIntersection<U> =\n  (U extends any ? (x: U) => void : never) extends ((x: infer I) => void) ? I : never\n\ntype _UnionToTupleInner<U, R extends any[], Last> = UnionToTuple<Exclude<U, Last>, [...R, Last]>\nexport type UnionToTuple<U, R extends any[] = []> = [U] extends [never] ? R : _UnionToTupleInner<U, R, LastUnionElement<U>>;\n\nexport type CollapseObjectUnion<T extends object> = {\n  [K in AllUnionKeys<T>]?: T extends Record<K, infer V> ? V : never;\n};\ntypeAssertIs<CollapseObjectUnion<{ a: string } | { b: number }>, { a?: string, b?: number }>()();\ntypeAssertIs<CollapseObjectUnion<{ a: string } | { a: number }>, { a?: string | number }>()();\n\nexport type IntersectAll<T extends any[]> = UnionToIntersection<T[number]>;\n\nexport type OptionalKeys<T> = {\n  [K in keyof T]: {} extends Pick<T, K> ? K : never;\n}[keyof T];\nexport type RequiredKeys<T> = {\n  [K in keyof T]: {} extends Pick<T, K> ? never : K;\n}[keyof T];\n\n/**\n * Returns a type whose keys are the intersection of the keys of T and U, deeply.\n */\nexport type KeyIntersect<T, U> =\n  | { [K in keyof T & keyof U]?: T[K] & U[K] }\n  | { [K in RequiredKeys<T> & keyof U]: T[K] & U[K] }\n  | { [K in RequiredKeys<U> & keyof T]: U[K] & T[K] }\n\n/**\n * Returns ALL keys of all union elements.\n */\nexport type AllUnionKeys<T extends object> = T extends T ? keyof T : never;\ntypeAssertIs<AllUnionKeys<{ a: string } | { b: number }>, \"a\" | \"b\">()();\n\nexport type SubtractType<T, U> = T extends object ? { [K in keyof T]: K extends keyof U ? SubtractType<T[K], U[K]> : T[K] } : (T extends U ? never : T); // note: this only works due to the distributive property of conditional types https://www.typescriptlang.org/docs/handbook/2/conditional-types.html#distributive-conditional-types\n\n\ntype _AntiIntersectInner<T, U> = T extends object ? (\n  & Omit<U, keyof T>\n  & { [K in keyof Pick<U, { [K in keyof T & keyof U]: U[K] extends T[K] ? (T[K] extends U[K] ? never : K) : never }[keyof T & keyof U]>]: PseudoAntiIntersect<T[K], U[K]> }\n  & { [K in keyof Pick<U, keyof T & keyof U>]?: PseudoAntiIntersect<T[K], U[K]> }\n) : U;\n/**\n * Returns a type R such that T & R = U.\n */\nexport type AntiIntersect<T, U> = U extends T ? _AntiIntersectInner<T, U> : \"Cannot anti-intersect a type with a type that is not a subtype of it\"; // NOTE: This type is mostly untested — not sure how well it works on the edge cases\nexport type PseudoAntiIntersect<T, U> = _AntiIntersectInner<T, T & U>;\n\n/**\n * A variation of TypeScript's conditionals with slightly different semantics. It is the perfect type for cases where:\n *\n * - If all possible values are contained in `Extends`, then it will be mapped to `Then`.\n * - If all possible values are not contained in `Extends`, then it will be mapped to `Otherwise`.\n * - If some possible values are contained in `Extends` and some are not, then it will be mapped to `Then | Otherwise`.\n *\n * This is different from TypeScript's built-in conditional types (`Value extends Extends ? Then : Otherwise`), which\n * returns `Otherwise` for the third case (causing unsoundness in many real-world cases).\n */\nexport type IfAndOnlyIf<Value, Extends, Then, Otherwise> =\n  | (Value extends Extends ? never : Otherwise)\n  | (Value & Extends extends never ? never : Then);\n\n\n/**\n * Can be used to prettify a type in the IDE; for example, some complicated intersected types can be flattened into a single type.\n */\nexport type PrettifyType<T> = T extends object ? { [K in keyof T]: T[K] } & {} : T;\n\ntype _ToStringAndJoin<T extends any[], Separator extends string> =\n  T extends [infer U, ...infer Rest extends any[]]\n    ? `${TypeToString<U>}${Rest extends [any, ...any[]] ? `${Separator}${_ToStringAndJoin<Rest, Separator>}` : \"\"}`\n    : \"<error-joining-tuple-elements>\";\ntype _TypeToStringInner<T> =\n  IsAny<T> extends true ? \"any\"\n  : IsNever<T> extends true ? \"never\"\n  : IsUnion<T> extends true ? _ToStringAndJoin<UnionToTuple<T>, \" | \">\n  : [T] extends [number] ? (number extends T ? \"number\" : `${T}`)\n  : [T] extends [boolean] ? `${T}`\n  : [T] extends [undefined] ? \"undefined\"\n  : [T] extends [null] ? \"null\"\n  : [T] extends [string] ? (string extends T ? \"string\" : `'${T}'`)\n  : [T] extends [[]] ? \"[]\"\n  : [T] extends [[any, ...any[]]] ? `[${_ToStringAndJoin<T, \", \">}]`\n  : [T] extends [(infer E)[]] ? `${TypeToString<E>}[]`\n  : [T] extends [Function] ? \"function\"\n  : [T] extends [symbol] ? `symbol(${T['description']})`\n  : [T] extends [object] ? `{ ${Join<UnionToTuple<{ [K in keyof T]: `${TypeToString<K>}: ${TypeToString<T[K]>}` }[keyof T]>, \", \">} }`\n  : \"<unknown-type>\"\nexport type TypeToString<T> = _TypeToStringInner<T> extends `${infer S}` ? S : never;\n\n/**\n * Can be used to create assertions on types. For example, if passed any T other than `true`, the following will\n * show a type error:\n *\n * ```ts\n * typeAssert<T>()();  // the second pair of braces is important!\n * ```\n */\nexport function typeAssert<T>(): (\n  IsAny<T> extends true ? TypeAssertionError<`Type assertion failed. Expected true, but got any.`>\n    : IsNever<T> extends true ? TypeAssertionError<`Type assertion failed. Expected true, but got never.`>\n    : T extends true ? (() => undefined)\n    : TypeAssertionError<`Type assertion failed. Expected true, but got: ${TypeToString<T>}`>\n) {\n  return (() => undefined) as any;\n}\ntype TypeAssertionError<T> =\n  & [T]\n  & /* this promise makes sure that if we accidentally forget the second pair of braces, eslint will complain (if we have no-floating-promises enabled) */ Promise<any>;\n\n\ntypeAssertExtends<ReturnType<typeof typeAssert<true>>, () => undefined>()();\ntypeAssertExtends<ReturnType<typeof typeAssert<false>>, TypeAssertionError<`Type assertion failed. Expected true, but got: false`>>()();\ntypeAssertExtends<ReturnType<typeof typeAssert<never>>, TypeAssertionError<`Type assertion failed. Expected true, but got never.`>>()();\ntypeAssertExtends<ReturnType<typeof typeAssert<any>>, TypeAssertionError<`Type assertion failed. Expected true, but got any.`>>()();\n\n/**\n * Functionally equivalent to `typeAssert<T extends S ? true : false>()()`, but with better error messages.\n */\nexport function typeAssertExtends<T, S>(): (\n  [T] extends [S] ? (() => undefined) : TypeAssertionError<`Type assertion failed. Expected ${TypeToString<T>} to extend ${TypeToString<S>}`>\n) {\n  return (() => undefined) as any;\n}\n\ntypeAssertExtends<ReturnType<typeof typeAssertExtends<never, true>>, () => undefined>()();\ntypeAssertExtends<ReturnType<typeof typeAssertExtends<any, true>>, () => undefined>()();\ntypeAssertExtends<ReturnType<typeof typeAssertExtends<false, false>>, () => undefined>()();\ntypeAssertExtends<ReturnType<typeof typeAssertExtends<\"abc\", string>>, () => undefined>()();\ntypeAssertExtends<ReturnType<typeof typeAssertExtends<{a: 1, b: 123}, {a: number}>>, () => undefined>()();\ntypeAssertExtends<ReturnType<typeof typeAssertExtends<never, never>>, () => undefined>()();\ntypeAssertExtends<ReturnType<typeof typeAssertExtends<true, any>>, () => undefined>()();\n\ntypeAssertExtends<ReturnType<typeof typeAssertExtends<{a: number}, {a: 1}>>, [\"Type assertion failed. Expected { 'a': number } to extend { 'a': 1 }\"]>()();\ntypeAssertExtends<ReturnType<typeof typeAssertExtends<any, never>>, [\"Type assertion failed. Expected any to extend never\"]>()();\ntypeAssertExtends<ReturnType<typeof typeAssertExtends<false, true>>, [\"Type assertion failed. Expected false to extend true\"]>()();\ntypeAssertExtends<ReturnType<typeof typeAssertExtends<false, never>>, [\"Type assertion failed. Expected false to extend never\"]>()();\n\n\nexport function typeAssertIs<T, U>(): (\n  IsAny<T> extends true ? (IsAny<U> extends true ? (() => undefined) : TypeAssertionError<`Type assertion failed. Expected ${TypeToString<T>} to be ${TypeToString<U>}`>)\n    : IsAny<U> extends true ? TypeAssertionError<`Type assertion failed. Expected ${TypeToString<T>} to be ${TypeToString<U>}`>\n    : [T] extends [U] ? ([U] extends [T] ? (() => undefined) : TypeAssertionError<`Type assertion failed. Expected ${TypeToString<T>} to be ${TypeToString<U>}`>)\n    : TypeAssertionError<`Type assertion failed. Expected ${TypeToString<T>} to be ${TypeToString<U>}`>\n) {\n  return (() => undefined) as any;\n}\n\ntypeAssertExtends<ReturnType<typeof typeAssertIs<\"123\", \"123\">>, () => undefined>()();\ntypeAssertExtends<ReturnType<typeof typeAssertIs<{a: 1}, {a: 1}>>, () => undefined>()();\ntypeAssertExtends<ReturnType<typeof typeAssertIs<DeepPartial<{a: 1}>, {a?: 1}>>, () => undefined>()();\ntypeAssertExtends<ReturnType<typeof typeAssertIs<any, any>>, () => undefined>()();\ntypeAssertExtends<ReturnType<typeof typeAssertIs<never, never>>, () => undefined>()();\ntypeAssertExtends<ReturnType<typeof typeAssertIs<1, any>>, [\"Type assertion failed. Expected 1 to be any\"]>()();\ntypeAssertExtends<ReturnType<typeof typeAssertIs<any, 1>>, [\"Type assertion failed. Expected any to be 1\"]>()();\ntypeAssertExtends<ReturnType<typeof typeAssertIs<false, true>>, [\"Type assertion failed. Expected false to be true\"]>()();\ntypeAssertExtends<ReturnType<typeof typeAssertIs<{a: number}, {a: 1}>>, [\"Type assertion failed. Expected { 'a': number } to be { 'a': 1 }\"]>()();\ntypeAssertExtends<ReturnType<typeof typeAssertIs<any, never>>, [\"Type assertion failed. Expected any to be never\"]>()();\ntypeAssertExtends<ReturnType<typeof typeAssertIs<false, true>>, [\"Type assertion failed. Expected false to be true\"]>()();\ntypeAssertExtends<ReturnType<typeof typeAssertIs<false, never>>, [\"Type assertion failed. Expected false to be never\"]>()();\n"],"mappings":";AAkDA,aAA6F,EAAE;AAC/F,aAA0F,EAAE;AAuB5F,aAAqE,EAAE;AAkEhE,SAAS,aAKd;AACA,SAAQ,MAAM;AAChB;AAMA,kBAAwE,EAAE;AAC1E,kBAAoI,EAAE;AACtI,kBAAoI,EAAE;AACtI,kBAAgI,EAAE;AAK3H,SAAS,oBAEd;AACA,SAAQ,MAAM;AAChB;AAEA,kBAAsF,EAAE;AACxF,kBAAoF,EAAE;AACtF,kBAAuF,EAAE;AACzF,kBAAwF,EAAE;AAC1F,kBAAsG,EAAE;AACxG,kBAAuF,EAAE;AACzF,kBAAoF,EAAE;AAEtF,kBAAuJ,EAAE;AACzJ,kBAA6H,EAAE;AAC/H,kBAA+H,EAAE;AACjI,kBAAiI,EAAE;AAG5H,SAAS,eAKd;AACA,SAAQ,MAAM;AAChB;AAEA,kBAAkF,EAAE;AACpF,kBAAoF,EAAE;AACtF,kBAAkG,EAAE;AACpG,kBAA8E,EAAE;AAChF,kBAAkF,EAAE;AACpF,kBAA4G,EAAE;AAC9G,kBAA4G,EAAE;AAC9G,kBAAsH,EAAE;AACxH,kBAA8I,EAAE;AAChJ,kBAAoH,EAAE;AACtH,kBAAsH,EAAE;AACxH,kBAAwH,EAAE;","names":[]}

package/dist/helpers/password.d.mts

@@ -1,13 +1,13 @@
-import '../crud.mjs';
 import { KnownErrors } from '../known-errors.mjs';
+import '../crud.mjs';
 import '../schema-fields.mjs';
-import 'yup';
-import '../utils/types.mjs';
-import '../utils/strings.mjs';
 import '../utils/errors.mjs';
 import '../utils/json.mjs';
 import '../utils/results.mjs';
-import '../utils/currencies.mjs';
+import 'yup';
+import '../utils/types.mjs';
+import '../utils/strings.mjs';
+import '../utils/currency-constants.mjs';
 import '../utils/dates.mjs';
 
 declare function getPasswordError(password: string): KnownErrors["PasswordRequirementsNotMet"] | undefined;

package/dist/helpers/password.d.ts

@@ -1,13 +1,13 @@
-import '../crud.js';
 import { KnownErrors } from '../known-errors.js';
+import '../crud.js';
 import '../schema-fields.js';
-import 'yup';
-import '../utils/types.js';
-import '../utils/strings.js';
 import '../utils/errors.js';
 import '../utils/json.js';
 import '../utils/results.js';
-import '../utils/currencies.js';
+import 'yup';
+import '../utils/types.js';
+import '../utils/strings.js';
+import '../utils/currency-constants.js';
 import '../utils/dates.js';
 
 declare function getPasswordError(password: string): KnownErrors["PasswordRequirementsNotMet"] | undefined;

package/dist/helpers/vault/client-side.d.mts

@@ -0,0 +1,14 @@
+/**
+ * Use to hash the key so the server cannot infer it.
+ */
+declare function hashKey(secret: string, key: string): Promise<string>;
+/**
+ * Use to encrypt the value so that the server cannot read the value without knowing the key.
+ */
+declare function encryptValue(secret: string, key: string, value: string): Promise<string>;
+/**
+ * Use to decrypt the value. See encryptValue.
+ */
+declare function decryptValue(secret: string, key: string, encryptedValue: string): Promise<string>;
+
+export { decryptValue, encryptValue, hashKey };

package/dist/helpers/vault/client-side.d.ts

@@ -0,0 +1,14 @@
+/**
+ * Use to hash the key so the server cannot infer it.
+ */
+declare function hashKey(secret: string, key: string): Promise<string>;
+/**
+ * Use to encrypt the value so that the server cannot read the value without knowing the key.
+ */
+declare function encryptValue(secret: string, key: string, value: string): Promise<string>;
+/**
+ * Use to decrypt the value. See encryptValue.
+ */
+declare function decryptValue(secret: string, key: string, encryptedValue: string): Promise<string>;
+
+export { decryptValue, encryptValue, hashKey };

package/dist/helpers/vault/client-side.js

@@ -0,0 +1,73 @@
+"use strict";
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+
+// src/helpers/vault/client-side.ts
+var client_side_exports = {};
+__export(client_side_exports, {
+  decryptValue: () => decryptValue,
+  encryptValue: () => encryptValue,
+  hashKey: () => hashKey
+});
+module.exports = __toCommonJS(client_side_exports);
+var import_bytes = require("../../utils/bytes.js");
+var import_crypto = require("../../utils/crypto.js");
+var hashPurpose = "stack-data-vault-client-side-encryption-key-hash";
+var encryptionSecretPurpose = "stack-data-vault-client-side-encryption-value-encryption-key-hash";
+var encryptionValuePurpose = "stack-data-vault-client-side-encryption-value-encryption-value-encryption";
+async function getDerivedKey(secret, key) {
+  return await (0, import_crypto.iteratedHash)({
+    purpose: encryptionSecretPurpose,
+    extra: secret,
+    value: key,
+    iterations: 1e5
+  });
+}
+async function hashKey(secret, key) {
+  return (0, import_bytes.encodeBase64)(await (0, import_crypto.hash)({
+    purpose: hashPurpose,
+    extra: secret,
+    value: await getDerivedKey(secret, key)
+  }));
+}
+async function encryptValue(secret, key, value) {
+  const valueEncryptionDerivedKey = await getDerivedKey(secret, key);
+  const bytes = await (0, import_crypto.encrypt)({
+    purpose: encryptionValuePurpose,
+    secret: valueEncryptionDerivedKey,
+    value: new TextEncoder().encode(value)
+  });
+  return (0, import_bytes.encodeBase64)(bytes);
+}
+async function decryptValue(secret, key, encryptedValue) {
+  const valueEncryptionDerivedKey = await getDerivedKey(secret, key);
+  const bytesResult = await (0, import_crypto.decrypt)({
+    purpose: encryptionValuePurpose,
+    secret: valueEncryptionDerivedKey,
+    cipher: (0, import_bytes.decodeBase64)(encryptedValue)
+  });
+  if (bytesResult.status === "error") throw new Error("Data vault client-side decryption failed. Are you sure you're using the correct secret?", { cause: bytesResult.error });
+  return new TextDecoder().decode(bytesResult.data);
+}
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  decryptValue,
+  encryptValue,
+  hashKey
+});
+//# sourceMappingURL=client-side.js.map

package/dist/helpers/vault/client-side.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../../../src/helpers/vault/client-side.ts"],"sourcesContent":["import { decodeBase64, encodeBase64 } from \"../../utils/bytes\";\nimport { decrypt, encrypt, hash, iteratedHash } from \"../../utils/crypto\";\n\nconst hashPurpose = \"stack-data-vault-client-side-encryption-key-hash\";\nconst encryptionSecretPurpose = \"stack-data-vault-client-side-encryption-value-encryption-key-hash\";\nconst encryptionValuePurpose = \"stack-data-vault-client-side-encryption-value-encryption-value-encryption\";\n\n\nasync function getDerivedKey(secret: string, key: string) {\n  return await iteratedHash({\n    purpose: encryptionSecretPurpose,\n    extra: secret,\n    value: key,\n    iterations: 100_000,\n  });\n}\n\n/**\n * Use to hash the key so the server cannot infer it.\n */\nexport async function hashKey(secret: string, key: string) {\n  return encodeBase64(await hash({\n    purpose: hashPurpose,\n    extra: secret,\n    value: await getDerivedKey(secret, key),\n  }));\n}\n\n/**\n * Use to encrypt the value so that the server cannot read the value without knowing the key.\n */\nexport async function encryptValue(secret: string, key: string, value: string) {\n  const valueEncryptionDerivedKey = await getDerivedKey(secret, key);\n\n  const bytes = await encrypt({\n    purpose: encryptionValuePurpose,\n    secret: valueEncryptionDerivedKey,\n    value: new TextEncoder().encode(value)\n  });\n  return encodeBase64(bytes);\n}\n\n/**\n * Use to decrypt the value. See encryptValue.\n */\nexport async function decryptValue(secret: string, key: string, encryptedValue: string) {\n  const valueEncryptionDerivedKey = await getDerivedKey(secret, key);\n\n  const bytesResult = await decrypt({\n    purpose: encryptionValuePurpose,\n    secret: valueEncryptionDerivedKey,\n    cipher: decodeBase64(encryptedValue),\n  });\n  if (bytesResult.status === \"error\") throw new Error(\"Data vault client-side decryption failed. Are you sure you're using the correct secret?\", { cause: bytesResult.error });\n  return new TextDecoder().decode(bytesResult.data);\n}\n\n\nundefined?.describe(\"encryptValue & decryptValue\", () => {\n  undefined?.it(\"should encrypt and decrypt a value\", async ({ expect }) => {\n    const secret = \"test-secret\";\n    const value = \"test-value\";\n    const encrypted = await encryptValue(secret, \"key\", value);\n    const decrypted = await decryptValue(secret, \"key\", encrypted);\n    expect(decrypted).toEqual(value);\n  });\n\n  undefined?.it(\"should not decrypt a value with a different secret\", async ({ expect }) => {\n    const secret = \"test-secret\";\n    const value = \"test-value\";\n    const encrypted = await encryptValue(secret, \"key\", value);\n    await expect(decryptValue(\"different-secret\", \"key\", encrypted)).rejects.toThrow();\n  });\n\n  undefined?.it(\"should not decrypt a value with a different key\", async ({ expect }) => {\n    const secret = \"test-secret\";\n    const value = \"test-value\";\n    const encrypted = await encryptValue(secret, \"key\", value);\n    await expect(decryptValue(secret, \"different-key\", encrypted)).rejects.toThrow();\n  });\n\n  undefined?.it(\"should not decrypt a value if the cipher was tampered with\", async ({ expect }) => {\n    const secret = \"test-secret\";\n    const value = \"test-value\";\n    const encrypted = await encryptValue(secret, \"key\", value);\n    const tampered = encrypted + \"7\";\n    await expect(decryptValue(secret, \"key\", tampered)).rejects.toThrow();\n  });\n});\n"],"mappings":";;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,mBAA2C;AAC3C,oBAAqD;AAErD,IAAM,cAAc;AACpB,IAAM,0BAA0B;AAChC,IAAM,yBAAyB;AAG/B,eAAe,cAAc,QAAgB,KAAa;AACxD,SAAO,UAAM,4BAAa;AAAA,IACxB,SAAS;AAAA,IACT,OAAO;AAAA,IACP,OAAO;AAAA,IACP,YAAY;AAAA,EACd,CAAC;AACH;AAKA,eAAsB,QAAQ,QAAgB,KAAa;AACzD,aAAO,2BAAa,UAAM,oBAAK;AAAA,IAC7B,SAAS;AAAA,IACT,OAAO;AAAA,IACP,OAAO,MAAM,cAAc,QAAQ,GAAG;AAAA,EACxC,CAAC,CAAC;AACJ;AAKA,eAAsB,aAAa,QAAgB,KAAa,OAAe;AAC7E,QAAM,4BAA4B,MAAM,cAAc,QAAQ,GAAG;AAEjE,QAAM,QAAQ,UAAM,uBAAQ;AAAA,IAC1B,SAAS;AAAA,IACT,QAAQ;AAAA,IACR,OAAO,IAAI,YAAY,EAAE,OAAO,KAAK;AAAA,EACvC,CAAC;AACD,aAAO,2BAAa,KAAK;AAC3B;AAKA,eAAsB,aAAa,QAAgB,KAAa,gBAAwB;AACtF,QAAM,4BAA4B,MAAM,cAAc,QAAQ,GAAG;AAEjE,QAAM,cAAc,UAAM,uBAAQ;AAAA,IAChC,SAAS;AAAA,IACT,QAAQ;AAAA,IACR,YAAQ,2BAAa,cAAc;AAAA,EACrC,CAAC;AACD,MAAI,YAAY,WAAW,QAAS,OAAM,IAAI,MAAM,2FAA2F,EAAE,OAAO,YAAY,MAAM,CAAC;AAC3K,SAAO,IAAI,YAAY,EAAE,OAAO,YAAY,IAAI;AAClD;","names":[]}

package/dist/helpers/vault/server-side.d.mts

@@ -0,0 +1,7 @@
+declare function encryptWithKms(value: string): Promise<{
+    edkBase64: string;
+    ciphertextBase64: string;
+}>;
+declare function decryptWithKms(encrypted: Awaited<ReturnType<typeof encryptWithKms>>): Promise<string>;
+
+export { decryptWithKms, encryptWithKms };

package/dist/helpers/vault/server-side.d.ts

@@ -0,0 +1,7 @@
+declare function encryptWithKms(value: string): Promise<{
+    edkBase64: string;
+    ciphertextBase64: string;
+}>;
+declare function decryptWithKms(encrypted: Awaited<ReturnType<typeof encryptWithKms>>): Promise<string>;
+
+export { decryptWithKms, encryptWithKms };

package/dist/helpers/vault/server-side.js

@@ -0,0 +1,111 @@
+"use strict";
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+
+// src/helpers/vault/server-side.ts
+var server_side_exports = {};
+__export(server_side_exports, {
+  decryptWithKms: () => decryptWithKms,
+  encryptWithKms: () => encryptWithKms
+});
+module.exports = __toCommonJS(server_side_exports);
+var import_client_kms = require("@aws-sdk/client-kms");
+var import_bytes = require("../../utils/bytes.js");
+var import_crypto = require("../../utils/crypto.js");
+var import_env = require("../../utils/env.js");
+var import_results = require("../../utils/results.js");
+function getKmsClient() {
+  return new import_client_kms.KMSClient({
+    region: (0, import_env.getEnvVariable)("STACK_AWS_REGION"),
+    endpoint: (0, import_env.getEnvVariable)("STACK_AWS_KMS_ENDPOINT"),
+    credentials: {
+      accessKeyId: (0, import_env.getEnvVariable)("STACK_AWS_ACCESS_KEY_ID"),
+      secretAccessKey: (0, import_env.getEnvVariable)("STACK_AWS_SECRET_ACCESS_KEY")
+    }
+  });
+}
+async function getOrCreateKekId() {
+  const id = "alias/stack-data-vault-server-side-kek";
+  const kms = getKmsClient();
+  try {
+    const describeResult = await kms.send(new import_client_kms.DescribeKeyCommand({ KeyId: id }));
+    if (describeResult.KeyMetadata?.KeyId) return describeResult.KeyMetadata.KeyId;
+  } catch (e) {
+    if (e instanceof Error && e.name !== "NotFoundException") {
+      throw e;
+    }
+  }
+  const { KeyMetadata } = await kms.send(new import_client_kms.CreateKeyCommand({
+    KeyUsage: "ENCRYPT_DECRYPT",
+    Description: "DataVault KEK"
+  }));
+  await kms.send(new import_client_kms.CreateAliasCommand({ AliasName: id, TargetKeyId: KeyMetadata.KeyId }));
+  return id;
+}
+async function genDEK() {
+  const kekId = await getOrCreateKekId();
+  const kms = getKmsClient();
+  const out = await kms.send(new import_client_kms.GenerateDataKeyCommand({ KeyId: kekId, KeySpec: "AES_256" }));
+  if (!out.Plaintext || !out.CiphertextBlob) throw new Error("GenerateDataKey failed");
+  return {
+    dekBytes: out.Plaintext,
+    edkBytes: out.CiphertextBlob
+  };
+}
+async function unwrapDEK(edk_b64) {
+  const edkBytes = (0, import_bytes.decodeBase64)(edk_b64);
+  const kms = getKmsClient();
+  const out = await kms.send(new import_client_kms.DecryptCommand({ CiphertextBlob: edkBytes }));
+  if (!out.Plaintext) throw new Error("KMS Decrypt failed");
+  return {
+    dekBytes: out.Plaintext,
+    edkBytes
+  };
+}
+async function encryptWithKms(value) {
+  const { dekBytes, edkBytes } = await genDEK();
+  try {
+    const ciphertext = await (0, import_crypto.encrypt)({
+      purpose: "stack-data-vault-server-side-encryption",
+      secret: dekBytes,
+      value: new TextEncoder().encode(value)
+    });
+    return { edkBase64: (0, import_bytes.encodeBase64)(edkBytes), ciphertextBase64: (0, import_bytes.encodeBase64)(ciphertext) };
+  } finally {
+    dekBytes.fill(0);
+  }
+}
+async function decryptWithKms(encrypted) {
+  const { dekBytes } = await unwrapDEK(encrypted.edkBase64);
+  try {
+    const value = import_results.Result.orThrow(await (0, import_crypto.decrypt)({
+      purpose: "stack-data-vault-server-side-encryption",
+      secret: dekBytes,
+      cipher: (0, import_bytes.decodeBase64)(encrypted.ciphertextBase64)
+    }));
+    return new TextDecoder().decode(value);
+  } finally {
+    dekBytes.fill(0);
+  }
+}
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  decryptWithKms,
+  encryptWithKms
+});
+//# sourceMappingURL=server-side.js.map

package/dist/helpers/vault/server-side.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../../../src/helpers/vault/server-side.ts"],"sourcesContent":["import {\n  CreateAliasCommand,\n  CreateKeyCommand,\n  DecryptCommand,\n  DescribeKeyCommand,\n  GenerateDataKeyCommand,\n  KMSClient\n} from \"@aws-sdk/client-kms\";\nimport { decodeBase64, encodeBase64 } from \"../../utils/bytes\";\nimport { decrypt, encrypt } from \"../../utils/crypto\";\nimport { getEnvVariable } from \"../../utils/env\";\nimport { Result } from \"../../utils/results\";\n\nfunction getKmsClient() {\n  return new KMSClient({\n    region: getEnvVariable(\"STACK_AWS_REGION\"),\n    endpoint: getEnvVariable(\"STACK_AWS_KMS_ENDPOINT\"),\n    credentials: {\n      accessKeyId: getEnvVariable(\"STACK_AWS_ACCESS_KEY_ID\"),\n      secretAccessKey: getEnvVariable(\"STACK_AWS_SECRET_ACCESS_KEY\")\n    }\n  });\n}\n\nasync function getOrCreateKekId(): Promise<string> {\n  const id = \"alias/stack-data-vault-server-side-kek\";\n  const kms = getKmsClient();\n  try {\n    const describeResult = await kms.send(new DescribeKeyCommand({ KeyId: id }));\n    if (describeResult.KeyMetadata?.KeyId) return describeResult.KeyMetadata.KeyId;\n  } catch (e) {\n    if (e instanceof Error && e.name !== \"NotFoundException\") {\n      throw e;\n    }\n  }\n  const { KeyMetadata } = await kms.send(new CreateKeyCommand({\n    KeyUsage: \"ENCRYPT_DECRYPT\",\n    Description: \"DataVault KEK\"\n  }));\n  await kms.send(new CreateAliasCommand({ AliasName: id, TargetKeyId: KeyMetadata!.KeyId! }));\n  return id;\n}\n\nasync function genDEK() {\n  const kekId = await getOrCreateKekId();\n  const kms = getKmsClient();\n  const out = await kms.send(new GenerateDataKeyCommand({ KeyId: kekId, KeySpec: \"AES_256\" }));\n  if (!out.Plaintext || !out.CiphertextBlob) throw new Error(\"GenerateDataKey failed\");\n  return {\n    dekBytes: out.Plaintext,\n    edkBytes: out.CiphertextBlob,\n  };\n}\n\nasync function unwrapDEK(edk_b64: string) {\n  const edkBytes = decodeBase64(edk_b64);\n  const kms = getKmsClient();\n  const out = await kms.send(new DecryptCommand({ CiphertextBlob: edkBytes }));\n  if (!out.Plaintext) throw new Error(\"KMS Decrypt failed\");\n  return {\n    dekBytes: out.Plaintext,\n    edkBytes,\n  };\n}\n\nexport async function encryptWithKms(value: string) {\n  const { dekBytes, edkBytes } = await genDEK();\n  try {\n    const ciphertext = await encrypt({\n      purpose: \"stack-data-vault-server-side-encryption\",\n      secret: dekBytes,\n      value: new TextEncoder().encode(value),\n    });\n    return { edkBase64: encodeBase64(edkBytes), ciphertextBase64: encodeBase64(ciphertext) };\n  } finally {\n    dekBytes.fill(0);\n  }\n}\n\nexport async function decryptWithKms(encrypted: Awaited<ReturnType<typeof encryptWithKms>>) {\n  const { dekBytes } = await unwrapDEK(encrypted.edkBase64);\n  try {\n    const value = Result.orThrow(await decrypt({\n      purpose: \"stack-data-vault-server-side-encryption\",\n      secret: dekBytes,\n      cipher: decodeBase64(encrypted.ciphertextBase64),\n    }));\n    return new TextDecoder().decode(value);\n  } finally {\n    dekBytes.fill(0);\n  }\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,wBAOO;AACP,mBAA2C;AAC3C,oBAAiC;AACjC,iBAA+B;AAC/B,qBAAuB;AAEvB,SAAS,eAAe;AACtB,SAAO,IAAI,4BAAU;AAAA,IACnB,YAAQ,2BAAe,kBAAkB;AAAA,IACzC,cAAU,2BAAe,wBAAwB;AAAA,IACjD,aAAa;AAAA,MACX,iBAAa,2BAAe,yBAAyB;AAAA,MACrD,qBAAiB,2BAAe,6BAA6B;AAAA,IAC/D;AAAA,EACF,CAAC;AACH;AAEA,eAAe,mBAAoC;AACjD,QAAM,KAAK;AACX,QAAM,MAAM,aAAa;AACzB,MAAI;AACF,UAAM,iBAAiB,MAAM,IAAI,KAAK,IAAI,qCAAmB,EAAE,OAAO,GAAG,CAAC,CAAC;AAC3E,QAAI,eAAe,aAAa,MAAO,QAAO,eAAe,YAAY;AAAA,EAC3E,SAAS,GAAG;AACV,QAAI,aAAa,SAAS,EAAE,SAAS,qBAAqB;AACxD,YAAM;AAAA,IACR;AAAA,EACF;AACA,QAAM,EAAE,YAAY,IAAI,MAAM,IAAI,KAAK,IAAI,mCAAiB;AAAA,IAC1D,UAAU;AAAA,IACV,aAAa;AAAA,EACf,CAAC,CAAC;AACF,QAAM,IAAI,KAAK,IAAI,qCAAmB,EAAE,WAAW,IAAI,aAAa,YAAa,MAAO,CAAC,CAAC;AAC1F,SAAO;AACT;AAEA,eAAe,SAAS;AACtB,QAAM,QAAQ,MAAM,iBAAiB;AACrC,QAAM,MAAM,aAAa;AACzB,QAAM,MAAM,MAAM,IAAI,KAAK,IAAI,yCAAuB,EAAE,OAAO,OAAO,SAAS,UAAU,CAAC,CAAC;AAC3F,MAAI,CAAC,IAAI,aAAa,CAAC,IAAI,eAAgB,OAAM,IAAI,MAAM,wBAAwB;AACnF,SAAO;AAAA,IACL,UAAU,IAAI;AAAA,IACd,UAAU,IAAI;AAAA,EAChB;AACF;AAEA,eAAe,UAAU,SAAiB;AACxC,QAAM,eAAW,2BAAa,OAAO;AACrC,QAAM,MAAM,aAAa;AACzB,QAAM,MAAM,MAAM,IAAI,KAAK,IAAI,iCAAe,EAAE,gBAAgB,SAAS,CAAC,CAAC;AAC3E,MAAI,CAAC,IAAI,UAAW,OAAM,IAAI,MAAM,oBAAoB;AACxD,SAAO;AAAA,IACL,UAAU,IAAI;AAAA,IACd;AAAA,EACF;AACF;AAEA,eAAsB,eAAe,OAAe;AAClD,QAAM,EAAE,UAAU,SAAS,IAAI,MAAM,OAAO;AAC5C,MAAI;AACF,UAAM,aAAa,UAAM,uBAAQ;AAAA,MAC/B,SAAS;AAAA,MACT,QAAQ;AAAA,MACR,OAAO,IAAI,YAAY,EAAE,OAAO,KAAK;AAAA,IACvC,CAAC;AACD,WAAO,EAAE,eAAW,2BAAa,QAAQ,GAAG,sBAAkB,2BAAa,UAAU,EAAE;AAAA,EACzF,UAAE;AACA,aAAS,KAAK,CAAC;AAAA,EACjB;AACF;AAEA,eAAsB,eAAe,WAAuD;AAC1F,QAAM,EAAE,SAAS,IAAI,MAAM,UAAU,UAAU,SAAS;AACxD,MAAI;AACF,UAAM,QAAQ,sBAAO,QAAQ,UAAM,uBAAQ;AAAA,MACzC,SAAS;AAAA,MACT,QAAQ;AAAA,MACR,YAAQ,2BAAa,UAAU,gBAAgB;AAAA,IACjD,CAAC,CAAC;AACF,WAAO,IAAI,YAAY,EAAE,OAAO,KAAK;AAAA,EACvC,UAAE;AACA,aAAS,KAAK,CAAC;AAAA,EACjB;AACF;","names":[]}

package/dist/hooks/use-hover.d.mts

@@ -0,0 +1,6 @@
+declare function useHover<T extends HTMLElement>(ref: React.RefObject<T>, options?: {
+    onMouseEnter?: () => void;
+    onMouseLeave?: () => void;
+}): boolean;
+
+export { useHover };

package/dist/hooks/use-hover.d.ts

@@ -0,0 +1,6 @@
+declare function useHover<T extends HTMLElement>(ref: React.RefObject<T>, options?: {
+    onMouseEnter?: () => void;
+    onMouseLeave?: () => void;
+}): boolean;
+
+export { useHover };

package/dist/hooks/use-hover.js

@@ -0,0 +1,96 @@
+"use strict";
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+
+// src/hooks/use-hover.tsx
+var use_hover_exports = {};
+__export(use_hover_exports, {
+  useHover: () => useHover
+});
+module.exports = __toCommonJS(use_hover_exports);
+var import_react = require("react");
+var import_react2 = require("../utils/react.js");
+function useHover(ref, options = {}) {
+  const counter = (0, import_react2.useRefState)(0);
+  (0, import_react.useLayoutEffect)(() => {
+    const el = ref.current;
+    if (!el) return;
+    let incr = 0;
+    let prevInside = false;
+    const contains = (r, x, y) => x >= r.left && x <= r.right && y >= r.top && y <= r.bottom;
+    const enter = () => {
+      incr++;
+      counter.set((c) => c + 1);
+      if (counter.current === 1) {
+        options.onMouseEnter?.();
+      }
+    };
+    const leave = () => {
+      incr--;
+      requestAnimationFrame(() => {
+        requestAnimationFrame(() => {
+          counter.set((c) => c - 1);
+          if (counter.current === 0) {
+            options.onMouseLeave?.();
+          }
+        });
+      });
+    };
+    const topMatchesTarget = (x, y) => {
+      const top = document.elementFromPoint(x, y);
+      return !!(top && (top === el || el.contains(top)));
+    };
+    const processPoint = (x, y) => {
+      const rect = el.getBoundingClientRect();
+      const inside = contains(rect, x, y) && topMatchesTarget(x, y);
+      if (inside && !prevInside) {
+        enter();
+      } else if (!inside && prevInside) {
+        leave();
+      }
+      prevInside = inside;
+    };
+    const onMove = (e) => {
+      if (e.pointerType !== "mouse") return;
+      const batch = e.getCoalescedEvents();
+      if (batch.length) {
+        for (let eventIndex = 0; eventIndex < batch.length - 1; eventIndex++) {
+          const e1 = batch[eventIndex];
+          const e2 = batch[eventIndex + 1];
+          const steps = 10;
+          for (let i = 0; i <= steps; i++) {
+            processPoint(e1.clientX + (e2.clientX - e1.clientX) * i / steps, e1.clientY + (e2.clientY - e1.clientY) * i / steps);
+          }
+        }
+      } else {
+        processPoint(e.clientX, e.clientY);
+      }
+    };
+    window.addEventListener("pointermove", onMove, { passive: true });
+    return () => {
+      window.removeEventListener("pointermove", onMove);
+      counter.set((c) => c - incr);
+    };
+  }, []);
+  return counter.current > 0;
+}
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  useHover
+});
+//# sourceMappingURL=use-hover.js.map

package/dist/hooks/use-hover.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../../src/hooks/use-hover.tsx"],"sourcesContent":["import { useLayoutEffect } from \"react\";\nimport { useRefState } from \"../utils/react\";\n\nexport function useHover<T extends HTMLElement>(\n  ref: React.RefObject<T>,\n  options: {\n    onMouseEnter?: () => void,\n    onMouseLeave?: () => void,\n  } = {},\n): boolean {\n  // Internal counter: mouseenter++ / mouseleave-- (isHovering = counter > 0)\n  const counter = useRefState(0);\n\n  useLayoutEffect(() => {\n    const el = ref.current;\n    if (!el) return;\n    let incr = 0;\n    let prevInside = false;\n\n    const contains = (r: DOMRect, x: number, y: number) =>\n      x >= r.left && x <= r.right && y >= r.top && y <= r.bottom;\n\n    const enter = () => {\n      incr++;\n      counter.set(c => c + 1);\n      if (counter.current === 1) {\n        options.onMouseEnter?.();\n      }\n    };\n\n    const leave = () => {\n      incr--;\n      requestAnimationFrame(() => {\n        requestAnimationFrame(() => {\n          counter.set(c => c - 1);\n          if (counter.current === 0) {\n            options.onMouseLeave?.();\n          }\n        });\n      });\n    };\n\n    const topMatchesTarget = (x: number, y: number) => {\n      const top = document.elementFromPoint(x, y);\n      return !!(top && (top === el || el.contains(top)));\n    };\n\n    const processPoint = (x: number, y: number) => {\n      const rect = el.getBoundingClientRect();\n\n      // True “hoverability”: inside rect AND not occluded by others\n      const inside = contains(rect, x, y) && topMatchesTarget(x, y);\n      if (inside && !prevInside) {\n        enter();\n      } else if (!inside && prevInside) {\n        leave();\n      }\n      prevInside = inside;\n    };\n\n    const onMove = (e: PointerEvent) => {\n      if (e.pointerType !== \"mouse\") return; // keep it hover-only\n      // Use coalesced points when available\n      const batch = e.getCoalescedEvents();\n      if (batch.length) {\n        for (let eventIndex = 0; eventIndex < batch.length - 1; eventIndex++) {\n          const e1 = batch[eventIndex];\n          const e2 = batch[eventIndex + 1];\n          const steps = 10;\n          for (let i = 0; i <= steps; i++) {\n            processPoint(e1.clientX + (e2.clientX - e1.clientX) * i / steps, e1.clientY + (e2.clientY - e1.clientY) * i / steps);\n          }\n        }\n      } else {\n        processPoint(e.clientX, e.clientY);\n      }\n    };\n\n    window.addEventListener(\"pointermove\", onMove, { passive: true });\n\n    return () => {\n      window.removeEventListener(\"pointermove\", onMove);\n      counter.set(c => c - incr);\n    };\n  }, []);\n\n  return counter.current > 0;\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,mBAAgC;AAChC,IAAAA,gBAA4B;AAErB,SAAS,SACd,KACA,UAGI,CAAC,GACI;AAET,QAAM,cAAU,2BAAY,CAAC;AAE7B,oCAAgB,MAAM;AACpB,UAAM,KAAK,IAAI;AACf,QAAI,CAAC,GAAI;AACT,QAAI,OAAO;AACX,QAAI,aAAa;AAEjB,UAAM,WAAW,CAAC,GAAY,GAAW,MACvC,KAAK,EAAE,QAAQ,KAAK,EAAE,SAAS,KAAK,EAAE,OAAO,KAAK,EAAE;AAEtD,UAAM,QAAQ,MAAM;AAClB;AACA,cAAQ,IAAI,OAAK,IAAI,CAAC;AACtB,UAAI,QAAQ,YAAY,GAAG;AACzB,gBAAQ,eAAe;AAAA,MACzB;AAAA,IACF;AAEA,UAAM,QAAQ,MAAM;AAClB;AACA,4BAAsB,MAAM;AAC1B,8BAAsB,MAAM;AAC1B,kBAAQ,IAAI,OAAK,IAAI,CAAC;AACtB,cAAI,QAAQ,YAAY,GAAG;AACzB,oBAAQ,eAAe;AAAA,UACzB;AAAA,QACF,CAAC;AAAA,MACH,CAAC;AAAA,IACH;AAEA,UAAM,mBAAmB,CAAC,GAAW,MAAc;AACjD,YAAM,MAAM,SAAS,iBAAiB,GAAG,CAAC;AAC1C,aAAO,CAAC,EAAE,QAAQ,QAAQ,MAAM,GAAG,SAAS,GAAG;AAAA,IACjD;AAEA,UAAM,eAAe,CAAC,GAAW,MAAc;AAC7C,YAAM,OAAO,GAAG,sBAAsB;AAGtC,YAAM,SAAS,SAAS,MAAM,GAAG,CAAC,KAAK,iBAAiB,GAAG,CAAC;AAC5D,UAAI,UAAU,CAAC,YAAY;AACzB,cAAM;AAAA,MACR,WAAW,CAAC,UAAU,YAAY;AAChC,cAAM;AAAA,MACR;AACA,mBAAa;AAAA,IACf;AAEA,UAAM,SAAS,CAAC,MAAoB;AAClC,UAAI,EAAE,gBAAgB,QAAS;AAE/B,YAAM,QAAQ,EAAE,mBAAmB;AACnC,UAAI,MAAM,QAAQ;AAChB,iBAAS,aAAa,GAAG,aAAa,MAAM,SAAS,GAAG,cAAc;AACpE,gBAAM,KAAK,MAAM,UAAU;AAC3B,gBAAM,KAAK,MAAM,aAAa,CAAC;AAC/B,gBAAM,QAAQ;AACd,mBAAS,IAAI,GAAG,KAAK,OAAO,KAAK;AAC/B,yBAAa,GAAG,WAAW,GAAG,UAAU,GAAG,WAAW,IAAI,OAAO,GAAG,WAAW,GAAG,UAAU,GAAG,WAAW,IAAI,KAAK;AAAA,UACrH;AAAA,QACF;AAAA,MACF,OAAO;AACL,qBAAa,EAAE,SAAS,EAAE,OAAO;AAAA,MACnC;AAAA,IACF;AAEA,WAAO,iBAAiB,eAAe,QAAQ,EAAE,SAAS,KAAK,CAAC;AAEhE,WAAO,MAAM;AACX,aAAO,oBAAoB,eAAe,MAAM;AAChD,cAAQ,IAAI,OAAK,IAAI,IAAI;AAAA,IAC3B;AAAA,EACF,GAAG,CAAC,CAAC;AAEL,SAAO,QAAQ,UAAU;AAC3B;","names":["import_react"]}

package/dist/index.d.mts

@@ -4,6 +4,7 @@ export { StackServerInterface } from './interface/server-interface.mjs';
 export { KnownError, KnownErrors } from './known-errors.mjs';
 import './sessions.mjs';
 import 'jose';
+import './utils/results.mjs';
 import './interface/crud/config.mjs';
 import './crud.mjs';
 import 'yup';
@@ -15,7 +16,8 @@ import './interface/crud/project-permissions.mjs';
 import './interface/crud/projects.mjs';
 import './interface/crud/svix-token.mjs';
 import './interface/crud/team-permissions.mjs';
-import './utils/results.mjs';
+import './utils/errors.mjs';
+import './utils/json.mjs';
 import './interface/crud/connected-accounts.mjs';
 import './interface/crud/contact-channels.mjs';
 import './interface/crud/current-user.mjs';
@@ -27,10 +29,8 @@ import './interface/crud/team-member-profiles.mjs';
 import './interface/crud/team-memberships.mjs';
 import './interface/crud/teams.mjs';
 import './interface/crud/users.mjs';
-import './utils/errors.mjs';
-import './utils/json.mjs';
 import './schema-fields.mjs';
-import './utils/currencies.mjs';
+import './utils/currency-constants.mjs';
 import './utils/dates.mjs';
 import '@simplewebauthn/types';
 import './interface/crud/project-api-keys.mjs';

package/dist/index.d.ts

@@ -4,6 +4,7 @@ export { StackServerInterface } from './interface/server-interface.js';
 export { KnownError, KnownErrors } from './known-errors.js';
 import './sessions.js';
 import 'jose';
+import './utils/results.js';
 import './interface/crud/config.js';
 import './crud.js';
 import 'yup';
@@ -15,7 +16,8 @@ import './interface/crud/project-permissions.js';
 import './interface/crud/projects.js';
 import './interface/crud/svix-token.js';
 import './interface/crud/team-permissions.js';
-import './utils/results.js';
+import './utils/errors.js';
+import './utils/json.js';
 import './interface/crud/connected-accounts.js';
 import './interface/crud/contact-channels.js';
 import './interface/crud/current-user.js';
@@ -27,10 +29,8 @@ import './interface/crud/team-member-profiles.js';
 import './interface/crud/team-memberships.js';
 import './interface/crud/teams.js';
 import './interface/crud/users.js';
-import './utils/errors.js';
-import './utils/json.js';
 import './schema-fields.js';
-import './utils/currencies.js';
+import './utils/currency-constants.js';
 import './utils/dates.js';
 import '@simplewebauthn/types';
 import './interface/crud/project-api-keys.js';

package/dist/interface/admin-interface.d.mts

@@ -1,4 +1,6 @@
+import { KnownErrors } from '../known-errors.mjs';
 import { InternalSession, AccessToken, RefreshToken } from '../sessions.mjs';
+import { Result } from '../utils/results.mjs';
 import { ConfigCrud, ConfigOverrideCrud } from './crud/config.mjs';
 import { InternalEmailsCrud } from './crud/emails.mjs';
 import { InternalApiKeysCrud } from './crud/internal-api-keys.mjs';
@@ -8,13 +10,13 @@ import { SvixTokenCrud } from './crud/svix-token.mjs';
 import { TeamPermissionDefinitionsCrud } from './crud/team-permissions.mjs';
 import { ServerAuthApplicationOptions, StackServerInterface } from './server-interface.mjs';
 import './client-interface.mjs';
-import '../known-errors.mjs';
+import '../utils/errors.mjs';
+import '../utils/json.mjs';
 import 'jose';
 import '../crud.mjs';
 import 'yup';
 import '../utils/types.mjs';
 import '../utils/strings.mjs';
-import '../utils/results.mjs';
 import './crud/connected-accounts.mjs';
 import './crud/contact-channels.mjs';
 import './crud/current-user.mjs';
@@ -26,10 +28,8 @@ import './crud/team-member-profiles.mjs';
 import './crud/team-memberships.mjs';
 import './crud/teams.mjs';
 import './crud/users.mjs';
-import '../utils/errors.mjs';
-import '../utils/json.mjs';
 import '../schema-fields.mjs';
-import '../utils/currencies.mjs';
+import '../utils/currency-constants.mjs';
 import '../utils/dates.mjs';
 import '@simplewebauthn/types';
 import './crud/project-api-keys.mjs';
@@ -71,6 +71,12 @@ declare class StackAdminInterface extends StackServerInterface {
             refreshToken: RefreshToken | null;
         } | null;
     }>;
+    protected sendAdminRequestAndCatchKnownError<E extends typeof KnownErrors[keyof KnownErrors]>(path: string, requestOptions: RequestInit, tokenStoreOrNull: InternalSession | null, errorsToCatch: readonly E[]): Promise<Result<Response & {
+        usedTokens: {
+            accessToken: AccessToken;
+            refreshToken: RefreshToken | null;
+        } | null;
+    }, InstanceType<E>>>;
     getProject(): Promise<ProjectsCrud["Admin"]["Read"]>;
     updateProject(update: ProjectsCrud["Admin"]["Update"]): Promise<ProjectsCrud["Admin"]["Read"]>;
     createInternalApiKey(options: InternalApiKeyCreateCrudRequest): Promise<InternalApiKeyCreateCrudResponse>;
@@ -154,13 +160,20 @@ declare class StackAdminInterface extends StackServerInterface {
     setupPayments(): Promise<{
         url: string;
     }>;
+    getStripeAccountInfo(): Promise<null | {
+        account_id: string;
+        charges_enabled: boolean;
+        details_submitted: boolean;
+        payouts_enabled: boolean;
+    }>;
     createStripeWidgetAccountSession(): Promise<{
         client_secret: string;
     }>;
-    createPurchaseUrl(options: {
-        customer_id: string;
-        offer_id: string;
-    }): Promise<string>;
+    testModePurchase(options: {
+        price_id: string;
+        full_code: string;
+        quantity?: number;
+    }): Promise<void>;
 }
 
 export { type AdminAuthApplicationOptions, type ChatContent, type InternalApiKeyCreateCrudRequest, type InternalApiKeyCreateCrudResponse, StackAdminInterface };