npm - @sylphx/sdk - Versions diffs - 0.7.0 → 0.8.0-rc.2 - Mend

@sylphx/sdk 0.7.0 → 0.8.0-rc.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (29) hide show

package/README.md +60 -27
package/dist/health/index.mjs +475 -0
package/dist/health/index.mjs.map +1 -0
package/dist/index.d.ts +51 -17
package/dist/index.mjs +11 -6
package/dist/index.mjs.map +1 -1
package/dist/nextjs/index.mjs.map +1 -1
package/dist/react/index.d.ts +2 -2
package/dist/react/index.mjs +10 -10
package/dist/react/index.mjs.map +1 -1
package/dist/server/index.d.ts +11 -7
package/dist/server/index.mjs +5 -5
package/dist/server/index.mjs.map +1 -1
package/dist/web-analytics.mjs.map +1 -1
package/package.json +18 -14
package/dist/index.d.cts +0 -9385
package/dist/index.js +0 -11229
package/dist/index.js.map +0 -1
package/dist/nextjs/index.d.cts +0 -567
package/dist/nextjs/index.js +0 -2081
package/dist/nextjs/index.js.map +0 -1
package/dist/react/index.d.cts +0 -14250
package/dist/react/index.js +0 -81688
package/dist/react/index.js.map +0 -1
package/dist/server/index.d.cts +0 -1842
package/dist/server/index.js +0 -3430
package/dist/server/index.js.map +0 -1
package/dist/web-analytics.js +0 -248
package/dist/web-analytics.js.map +0 -1

package/dist/server/index.js DELETED Viewed

@@ -1,3430 +0,0 @@
-"use strict";
-var __defProp = Object.defineProperty;
-var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
-var __getOwnPropNames = Object.getOwnPropertyNames;
-var __hasOwnProp = Object.prototype.hasOwnProperty;
-var __export = (target, all) => {
-  for (var name in all)
-    __defProp(target, name, { get: all[name], enumerable: true });
-};
-var __copyProps = (to, from, except, desc) => {
-  if (from && typeof from === "object" || typeof from === "function") {
-    for (let key of __getOwnPropNames(from))
-      if (!__hasOwnProp.call(to, key) && key !== except)
-        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
-  }
-  return to;
-};
-var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
-// src/server/index.ts
-var server_exports = {};
-__export(server_exports, {
-  FunctionsClient: () => FunctionsClient,
-  InvalidConnectionUrlError: () => InvalidConnectionUrlError,
-  createAI: () => createAI,
-  createAuthenticatedServerClient: () => createAuthenticatedServerClient,
-  createClient: () => createClient,
-  createKv: () => createKv,
-  createServerClient: () => createServerClient,
-  createServerRestClient: () => createServerRestClient,
-  createStreams: () => createStreams,
-  createWebhookHandler: () => createWebhookHandler,
-  decodeUserId: () => decodeUserId,
-  detectEnvironment: () => detectEnvironment,
-  detectKeyType: () => detectKeyType,
-  encodeUserId: () => encodeUserId,
-  getAI: () => getAI,
-  getAppConfig: () => getAppConfig,
-  getAppMetadata: () => getAppMetadata,
-  getConsentTypes: () => getConsentTypes,
-  getCookieNamespace: () => getCookieNamespace,
-  getDatabaseConnection: () => getDatabaseConnection,
-  getDatabaseStatus: () => getDatabaseStatus,
-  getEngagementLeaderboard: () => getEngagementLeaderboard,
-  getFeatureFlags: () => getFeatureFlags,
-  getJwks: () => getJwks,
-  getKv: () => getKv,
-  getOAuthProviders: () => getOAuthProviders,
-  getOAuthProvidersWithInfo: () => getOAuthProvidersWithInfo,
-  getPlans: () => getPlans,
-  getReferralLeaderboard: () => getReferralLeaderboard,
-  getStreams: () => getStreams,
-  isAppId: () => isAppId,
-  isDevelopmentKey: () => isDevelopmentKey,
-  isDevelopmentRuntime: () => isDevelopmentRuntime,
-  isProductionKey: () => isProductionKey,
-  isSecretKey: () => isSecretKey,
-  resetJwksCache: () => resetJwksCache,
-  validateAndSanitizeAppId: () => validateAndSanitizeAppId,
-  validateAndSanitizeKey: () => validateAndSanitizeKey,
-  validateAndSanitizeSecretKey: () => validateAndSanitizeSecretKey,
-  validateAppId: () => validateAppId,
-  validateKey: () => validateKey,
-  validateSecretKey: () => validateSecretKey,
-  verifyAccessToken: () => verifyAccessToken,
-  verifyWebhook: () => verifyWebhook
-});
-module.exports = __toCommonJS(server_exports);
-// ../../node_modules/jose/dist/webapi/lib/buffer_utils.js
-var encoder = new TextEncoder();
-var decoder = new TextDecoder();
-var MAX_INT32 = 2 ** 32;
-function concat(...buffers) {
-  const size = buffers.reduce((acc, { length }) => acc + length, 0);
-  const buf = new Uint8Array(size);
-  let i = 0;
-  for (const buffer of buffers) {
-    buf.set(buffer, i);
-    i += buffer.length;
-  }
-  return buf;
-}
-function encode(string) {
-  const bytes = new Uint8Array(string.length);
-  for (let i = 0; i < string.length; i++) {
-    const code = string.charCodeAt(i);
-    if (code > 127) {
-      throw new TypeError("non-ASCII string encountered in encode()");
-    }
-    bytes[i] = code;
-  }
-  return bytes;
-}
-// ../../node_modules/jose/dist/webapi/lib/base64.js
-function decodeBase64(encoded) {
-  if (Uint8Array.fromBase64) {
-    return Uint8Array.fromBase64(encoded);
-  }
-  const binary = atob(encoded);
-  const bytes = new Uint8Array(binary.length);
-  for (let i = 0; i < binary.length; i++) {
-    bytes[i] = binary.charCodeAt(i);
-  }
-  return bytes;
-}
-// ../../node_modules/jose/dist/webapi/util/base64url.js
-function decode(input) {
-  if (Uint8Array.fromBase64) {
-    return Uint8Array.fromBase64(typeof input === "string" ? input : decoder.decode(input), {
-      alphabet: "base64url"
-    });
-  }
-  let encoded = input;
-  if (encoded instanceof Uint8Array) {
-    encoded = decoder.decode(encoded);
-  }
-  encoded = encoded.replace(/-/g, "+").replace(/_/g, "/");
-  try {
-    return decodeBase64(encoded);
-  } catch {
-    throw new TypeError("The input to be decoded is not correctly encoded.");
-  }
-}
-// ../../node_modules/jose/dist/webapi/util/errors.js
-var JOSEError = class extends Error {
-  static code = "ERR_JOSE_GENERIC";
-  code = "ERR_JOSE_GENERIC";
-  constructor(message2, options) {
-    super(message2, options);
-    this.name = this.constructor.name;
-    Error.captureStackTrace?.(this, this.constructor);
-  }
-};
-var JWTClaimValidationFailed = class extends JOSEError {
-  static code = "ERR_JWT_CLAIM_VALIDATION_FAILED";
-  code = "ERR_JWT_CLAIM_VALIDATION_FAILED";
-  claim;
-  reason;
-  payload;
-  constructor(message2, payload, claim = "unspecified", reason = "unspecified") {
-    super(message2, { cause: { claim, reason, payload } });
-    this.claim = claim;
-    this.reason = reason;
-    this.payload = payload;
-  }
-};
-var JWTExpired = class extends JOSEError {
-  static code = "ERR_JWT_EXPIRED";
-  code = "ERR_JWT_EXPIRED";
-  claim;
-  reason;
-  payload;
-  constructor(message2, payload, claim = "unspecified", reason = "unspecified") {
-    super(message2, { cause: { claim, reason, payload } });
-    this.claim = claim;
-    this.reason = reason;
-    this.payload = payload;
-  }
-};
-var JOSEAlgNotAllowed = class extends JOSEError {
-  static code = "ERR_JOSE_ALG_NOT_ALLOWED";
-  code = "ERR_JOSE_ALG_NOT_ALLOWED";
-};
-var JOSENotSupported = class extends JOSEError {
-  static code = "ERR_JOSE_NOT_SUPPORTED";
-  code = "ERR_JOSE_NOT_SUPPORTED";
-};
-var JWSInvalid = class extends JOSEError {
-  static code = "ERR_JWS_INVALID";
-  code = "ERR_JWS_INVALID";
-};
-var JWTInvalid = class extends JOSEError {
-  static code = "ERR_JWT_INVALID";
-  code = "ERR_JWT_INVALID";
-};
-var JWSSignatureVerificationFailed = class extends JOSEError {
-  static code = "ERR_JWS_SIGNATURE_VERIFICATION_FAILED";
-  code = "ERR_JWS_SIGNATURE_VERIFICATION_FAILED";
-  constructor(message2 = "signature verification failed", options) {
-    super(message2, options);
-  }
-};
-// ../../node_modules/jose/dist/webapi/lib/crypto_key.js
-var unusable = (name, prop = "algorithm.name") => new TypeError(`CryptoKey does not support this operation, its ${prop} must be ${name}`);
-var isAlgorithm = (algorithm, name) => algorithm.name === name;
-function getHashLength(hash) {
-  return parseInt(hash.name.slice(4), 10);
-}
-function getNamedCurve(alg) {
-  switch (alg) {
-    case "ES256":
-      return "P-256";
-    case "ES384":
-      return "P-384";
-    case "ES512":
-      return "P-521";
-    default:
-      throw new Error("unreachable");
-  }
-}
-function checkUsage(key, usage) {
-  if (usage && !key.usages.includes(usage)) {
-    throw new TypeError(`CryptoKey does not support this operation, its usages must include ${usage}.`);
-  }
-}
-function checkSigCryptoKey(key, alg, usage) {
-  switch (alg) {
-    case "HS256":
-    case "HS384":
-    case "HS512": {
-      if (!isAlgorithm(key.algorithm, "HMAC"))
-        throw unusable("HMAC");
-      const expected = parseInt(alg.slice(2), 10);
-      const actual = getHashLength(key.algorithm.hash);
-      if (actual !== expected)
-        throw unusable(`SHA-${expected}`, "algorithm.hash");
-      break;
-    }
-    case "RS256":
-    case "RS384":
-    case "RS512": {
-      if (!isAlgorithm(key.algorithm, "RSASSA-PKCS1-v1_5"))
-        throw unusable("RSASSA-PKCS1-v1_5");
-      const expected = parseInt(alg.slice(2), 10);
-      const actual = getHashLength(key.algorithm.hash);
-      if (actual !== expected)
-        throw unusable(`SHA-${expected}`, "algorithm.hash");
-      break;
-    }
-    case "PS256":
-    case "PS384":
-    case "PS512": {
-      if (!isAlgorithm(key.algorithm, "RSA-PSS"))
-        throw unusable("RSA-PSS");
-      const expected = parseInt(alg.slice(2), 10);
-      const actual = getHashLength(key.algorithm.hash);
-      if (actual !== expected)
-        throw unusable(`SHA-${expected}`, "algorithm.hash");
-      break;
-    }
-    case "Ed25519":
-    case "EdDSA": {
-      if (!isAlgorithm(key.algorithm, "Ed25519"))
-        throw unusable("Ed25519");
-      break;
-    }
-    case "ML-DSA-44":
-    case "ML-DSA-65":
-    case "ML-DSA-87": {
-      if (!isAlgorithm(key.algorithm, alg))
-        throw unusable(alg);
-      break;
-    }
-    case "ES256":
-    case "ES384":
-    case "ES512": {
-      if (!isAlgorithm(key.algorithm, "ECDSA"))
-        throw unusable("ECDSA");
-      const expected = getNamedCurve(alg);
-      const actual = key.algorithm.namedCurve;
-      if (actual !== expected)
-        throw unusable(expected, "algorithm.namedCurve");
-      break;
-    }
-    default:
-      throw new TypeError("CryptoKey does not support this operation");
-  }
-  checkUsage(key, usage);
-}
-// ../../node_modules/jose/dist/webapi/lib/invalid_key_input.js
-function message(msg, actual, ...types) {
-  types = types.filter(Boolean);
-  if (types.length > 2) {
-    const last = types.pop();
-    msg += `one of type ${types.join(", ")}, or ${last}.`;
-  } else if (types.length === 2) {
-    msg += `one of type ${types[0]} or ${types[1]}.`;
-  } else {
-    msg += `of type ${types[0]}.`;
-  }
-  if (actual == null) {
-    msg += ` Received ${actual}`;
-  } else if (typeof actual === "function" && actual.name) {
-    msg += ` Received function ${actual.name}`;
-  } else if (typeof actual === "object" && actual != null) {
-    if (actual.constructor?.name) {
-      msg += ` Received an instance of ${actual.constructor.name}`;
-    }
-  }
-  return msg;
-}
-var invalidKeyInput = (actual, ...types) => message("Key must be ", actual, ...types);
-var withAlg = (alg, actual, ...types) => message(`Key for the ${alg} algorithm must be `, actual, ...types);
-// ../../node_modules/jose/dist/webapi/lib/is_key_like.js
-var isCryptoKey = (key) => {
-  if (key?.[Symbol.toStringTag] === "CryptoKey")
-    return true;
-  try {
-    return key instanceof CryptoKey;
-  } catch {
-    return false;
-  }
-};
-var isKeyObject = (key) => key?.[Symbol.toStringTag] === "KeyObject";
-var isKeyLike = (key) => isCryptoKey(key) || isKeyObject(key);
-// ../../node_modules/jose/dist/webapi/lib/is_disjoint.js
-function isDisjoint(...headers) {
-  const sources = headers.filter(Boolean);
-  if (sources.length === 0 || sources.length === 1) {
-    return true;
-  }
-  let acc;
-  for (const header of sources) {
-    const parameters = Object.keys(header);
-    if (!acc || acc.size === 0) {
-      acc = new Set(parameters);
-      continue;
-    }
-    for (const parameter of parameters) {
-      if (acc.has(parameter)) {
-        return false;
-      }
-      acc.add(parameter);
-    }
-  }
-  return true;
-}
-// ../../node_modules/jose/dist/webapi/lib/is_object.js
-var isObjectLike = (value) => typeof value === "object" && value !== null;
-function isObject(input) {
-  if (!isObjectLike(input) || Object.prototype.toString.call(input) !== "[object Object]") {
-    return false;
-  }
-  if (Object.getPrototypeOf(input) === null) {
-    return true;
-  }
-  let proto = input;
-  while (Object.getPrototypeOf(proto) !== null) {
-    proto = Object.getPrototypeOf(proto);
-  }
-  return Object.getPrototypeOf(input) === proto;
-}
-// ../../node_modules/jose/dist/webapi/lib/check_key_length.js
-function checkKeyLength(alg, key) {
-  if (alg.startsWith("RS") || alg.startsWith("PS")) {
-    const { modulusLength } = key.algorithm;
-    if (typeof modulusLength !== "number" || modulusLength < 2048) {
-      throw new TypeError(`${alg} requires key modulusLength to be 2048 bits or larger`);
-    }
-  }
-}
-// ../../node_modules/jose/dist/webapi/lib/jwk_to_key.js
-function subtleMapping(jwk) {
-  let algorithm;
-  let keyUsages;
-  switch (jwk.kty) {
-    case "AKP": {
-      switch (jwk.alg) {
-        case "ML-DSA-44":
-        case "ML-DSA-65":
-        case "ML-DSA-87":
-          algorithm = { name: jwk.alg };
-          keyUsages = jwk.priv ? ["sign"] : ["verify"];
-          break;
-        default:
-          throw new JOSENotSupported('Invalid or unsupported JWK "alg" (Algorithm) Parameter value');
-      }
-      break;
-    }
-    case "RSA": {
-      switch (jwk.alg) {
-        case "PS256":
-        case "PS384":
-        case "PS512":
-          algorithm = { name: "RSA-PSS", hash: `SHA-${jwk.alg.slice(-3)}` };
-          keyUsages = jwk.d ? ["sign"] : ["verify"];
-          break;
-        case "RS256":
-        case "RS384":
-        case "RS512":
-          algorithm = { name: "RSASSA-PKCS1-v1_5", hash: `SHA-${jwk.alg.slice(-3)}` };
-          keyUsages = jwk.d ? ["sign"] : ["verify"];
-          break;
-        case "RSA-OAEP":
-        case "RSA-OAEP-256":
-        case "RSA-OAEP-384":
-        case "RSA-OAEP-512":
-          algorithm = {
-            name: "RSA-OAEP",
-            hash: `SHA-${parseInt(jwk.alg.slice(-3), 10) || 1}`
-          };
-          keyUsages = jwk.d ? ["decrypt", "unwrapKey"] : ["encrypt", "wrapKey"];
-          break;
-        default:
-          throw new JOSENotSupported('Invalid or unsupported JWK "alg" (Algorithm) Parameter value');
-      }
-      break;
-    }
-    case "EC": {
-      switch (jwk.alg) {
-        case "ES256":
-          algorithm = { name: "ECDSA", namedCurve: "P-256" };
-          keyUsages = jwk.d ? ["sign"] : ["verify"];
-          break;
-        case "ES384":
-          algorithm = { name: "ECDSA", namedCurve: "P-384" };
-          keyUsages = jwk.d ? ["sign"] : ["verify"];
-          break;
-        case "ES512":
-          algorithm = { name: "ECDSA", namedCurve: "P-521" };
-          keyUsages = jwk.d ? ["sign"] : ["verify"];
-          break;
-        case "ECDH-ES":
-        case "ECDH-ES+A128KW":
-        case "ECDH-ES+A192KW":
-        case "ECDH-ES+A256KW":
-          algorithm = { name: "ECDH", namedCurve: jwk.crv };
-          keyUsages = jwk.d ? ["deriveBits"] : [];
-          break;
-        default:
-          throw new JOSENotSupported('Invalid or unsupported JWK "alg" (Algorithm) Parameter value');
-      }
-      break;
-    }
-    case "OKP": {
-      switch (jwk.alg) {
-        case "Ed25519":
-        case "EdDSA":
-          algorithm = { name: "Ed25519" };
-          keyUsages = jwk.d ? ["sign"] : ["verify"];
-          break;
-        case "ECDH-ES":
-        case "ECDH-ES+A128KW":
-        case "ECDH-ES+A192KW":
-        case "ECDH-ES+A256KW":
-          algorithm = { name: jwk.crv };
-          keyUsages = jwk.d ? ["deriveBits"] : [];
-          break;
-        default:
-          throw new JOSENotSupported('Invalid or unsupported JWK "alg" (Algorithm) Parameter value');
-      }
-      break;
-    }
-    default:
-      throw new JOSENotSupported('Invalid or unsupported JWK "kty" (Key Type) Parameter value');
-  }
-  return { algorithm, keyUsages };
-}
-async function jwkToKey(jwk) {
-  if (!jwk.alg) {
-    throw new TypeError('"alg" argument is required when "jwk.alg" is not present');
-  }
-  const { algorithm, keyUsages } = subtleMapping(jwk);
-  const keyData = { ...jwk };
-  if (keyData.kty !== "AKP") {
-    delete keyData.alg;
-  }
-  delete keyData.use;
-  return crypto.subtle.importKey("jwk", keyData, algorithm, jwk.ext ?? (jwk.d || jwk.priv ? false : true), jwk.key_ops ?? keyUsages);
-}
-// ../../node_modules/jose/dist/webapi/key/import.js
-async function importJWK(jwk, alg, options) {
-  if (!isObject(jwk)) {
-    throw new TypeError("JWK must be an object");
-  }
-  let ext;
-  alg ??= jwk.alg;
-  ext ??= options?.extractable ?? jwk.ext;
-  switch (jwk.kty) {
-    case "oct":
-      if (typeof jwk.k !== "string" || !jwk.k) {
-        throw new TypeError('missing "k" (Key Value) Parameter value');
-      }
-      return decode(jwk.k);
-    case "RSA":
-      if ("oth" in jwk && jwk.oth !== void 0) {
-        throw new JOSENotSupported('RSA JWK "oth" (Other Primes Info) Parameter value is not supported');
-      }
-      return jwkToKey({ ...jwk, alg, ext });
-    case "AKP": {
-      if (typeof jwk.alg !== "string" || !jwk.alg) {
-        throw new TypeError('missing "alg" (Algorithm) Parameter value');
-      }
-      if (alg !== void 0 && alg !== jwk.alg) {
-        throw new TypeError("JWK alg and alg option value mismatch");
-      }
-      return jwkToKey({ ...jwk, ext });
-    }
-    case "EC":
-    case "OKP":
-      return jwkToKey({ ...jwk, alg, ext });
-    default:
-      throw new JOSENotSupported('Unsupported "kty" (Key Type) Parameter value');
-  }
-}
-// ../../node_modules/jose/dist/webapi/lib/validate_crit.js
-function validateCrit(Err, recognizedDefault, recognizedOption, protectedHeader, joseHeader) {
-  if (joseHeader.crit !== void 0 && protectedHeader?.crit === void 0) {
-    throw new Err('"crit" (Critical) Header Parameter MUST be integrity protected');
-  }
-  if (!protectedHeader || protectedHeader.crit === void 0) {
-    return /* @__PURE__ */ new Set();
-  }
-  if (!Array.isArray(protectedHeader.crit) || protectedHeader.crit.length === 0 || protectedHeader.crit.some((input) => typeof input !== "string" || input.length === 0)) {
-    throw new Err('"crit" (Critical) Header Parameter MUST be an array of non-empty strings when present');
-  }
-  let recognized;
-  if (recognizedOption !== void 0) {
-    recognized = new Map([...Object.entries(recognizedOption), ...recognizedDefault.entries()]);
-  } else {
-    recognized = recognizedDefault;
-  }
-  for (const parameter of protectedHeader.crit) {
-    if (!recognized.has(parameter)) {
-      throw new JOSENotSupported(`Extension Header Parameter "${parameter}" is not recognized`);
-    }
-    if (joseHeader[parameter] === void 0) {
-      throw new Err(`Extension Header Parameter "${parameter}" is missing`);
-    }
-    if (recognized.get(parameter) && protectedHeader[parameter] === void 0) {
-      throw new Err(`Extension Header Parameter "${parameter}" MUST be integrity protected`);
-    }
-  }
-  return new Set(protectedHeader.crit);
-}
-// ../../node_modules/jose/dist/webapi/lib/validate_algorithms.js
-function validateAlgorithms(option, algorithms) {
-  if (algorithms !== void 0 && (!Array.isArray(algorithms) || algorithms.some((s) => typeof s !== "string"))) {
-    throw new TypeError(`"${option}" option must be an array of strings`);
-  }
-  if (!algorithms) {
-    return void 0;
-  }
-  return new Set(algorithms);
-}
-// ../../node_modules/jose/dist/webapi/lib/is_jwk.js
-var isJWK = (key) => isObject(key) && typeof key.kty === "string";
-var isPrivateJWK = (key) => key.kty !== "oct" && (key.kty === "AKP" && typeof key.priv === "string" || typeof key.d === "string");
-var isPublicJWK = (key) => key.kty !== "oct" && key.d === void 0 && key.priv === void 0;
-var isSecretJWK = (key) => key.kty === "oct" && typeof key.k === "string";
-// ../../node_modules/jose/dist/webapi/lib/normalize_key.js
-var cache;
-var handleJWK = async (key, jwk, alg, freeze = false) => {
-  cache ||= /* @__PURE__ */ new WeakMap();
-  let cached = cache.get(key);
-  if (cached?.[alg]) {
-    return cached[alg];
-  }
-  const cryptoKey = await jwkToKey({ ...jwk, alg });
-  if (freeze)
-    Object.freeze(key);
-  if (!cached) {
-    cache.set(key, { [alg]: cryptoKey });
-  } else {
-    cached[alg] = cryptoKey;
-  }
-  return cryptoKey;
-};
-var handleKeyObject = (keyObject, alg) => {
-  cache ||= /* @__PURE__ */ new WeakMap();
-  let cached = cache.get(keyObject);
-  if (cached?.[alg]) {
-    return cached[alg];
-  }
-  const isPublic = keyObject.type === "public";
-  const extractable = isPublic ? true : false;
-  let cryptoKey;
-  if (keyObject.asymmetricKeyType === "x25519") {
-    switch (alg) {
-      case "ECDH-ES":
-      case "ECDH-ES+A128KW":
-      case "ECDH-ES+A192KW":
-      case "ECDH-ES+A256KW":
-        break;
-      default:
-        throw new TypeError("given KeyObject instance cannot be used for this algorithm");
-    }
-    cryptoKey = keyObject.toCryptoKey(keyObject.asymmetricKeyType, extractable, isPublic ? [] : ["deriveBits"]);
-  }
-  if (keyObject.asymmetricKeyType === "ed25519") {
-    if (alg !== "EdDSA" && alg !== "Ed25519") {
-      throw new TypeError("given KeyObject instance cannot be used for this algorithm");
-    }
-    cryptoKey = keyObject.toCryptoKey(keyObject.asymmetricKeyType, extractable, [
-      isPublic ? "verify" : "sign"
-    ]);
-  }
-  switch (keyObject.asymmetricKeyType) {
-    case "ml-dsa-44":
-    case "ml-dsa-65":
-    case "ml-dsa-87": {
-      if (alg !== keyObject.asymmetricKeyType.toUpperCase()) {
-        throw new TypeError("given KeyObject instance cannot be used for this algorithm");
-      }
-      cryptoKey = keyObject.toCryptoKey(keyObject.asymmetricKeyType, extractable, [
-        isPublic ? "verify" : "sign"
-      ]);
-    }
-  }
-  if (keyObject.asymmetricKeyType === "rsa") {
-    let hash;
-    switch (alg) {
-      case "RSA-OAEP":
-        hash = "SHA-1";
-        break;
-      case "RS256":
-      case "PS256":
-      case "RSA-OAEP-256":
-        hash = "SHA-256";
-        break;
-      case "RS384":
-      case "PS384":
-      case "RSA-OAEP-384":
-        hash = "SHA-384";
-        break;
-      case "RS512":
-      case "PS512":
-      case "RSA-OAEP-512":
-        hash = "SHA-512";
-        break;
-      default:
-        throw new TypeError("given KeyObject instance cannot be used for this algorithm");
-    }
-    if (alg.startsWith("RSA-OAEP")) {
-      return keyObject.toCryptoKey({
-        name: "RSA-OAEP",
-        hash
-      }, extractable, isPublic ? ["encrypt"] : ["decrypt"]);
-    }
-    cryptoKey = keyObject.toCryptoKey({
-      name: alg.startsWith("PS") ? "RSA-PSS" : "RSASSA-PKCS1-v1_5",
-      hash
-    }, extractable, [isPublic ? "verify" : "sign"]);
-  }
-  if (keyObject.asymmetricKeyType === "ec") {
-    const nist = /* @__PURE__ */ new Map([
-      ["prime256v1", "P-256"],
-      ["secp384r1", "P-384"],
-      ["secp521r1", "P-521"]
-    ]);
-    const namedCurve = nist.get(keyObject.asymmetricKeyDetails?.namedCurve);
-    if (!namedCurve) {
-      throw new TypeError("given KeyObject instance cannot be used for this algorithm");
-    }
-    if (alg === "ES256" && namedCurve === "P-256") {
-      cryptoKey = keyObject.toCryptoKey({
-        name: "ECDSA",
-        namedCurve
-      }, extractable, [isPublic ? "verify" : "sign"]);
-    }
-    if (alg === "ES384" && namedCurve === "P-384") {
-      cryptoKey = keyObject.toCryptoKey({
-        name: "ECDSA",
-        namedCurve
-      }, extractable, [isPublic ? "verify" : "sign"]);
-    }
-    if (alg === "ES512" && namedCurve === "P-521") {
-      cryptoKey = keyObject.toCryptoKey({
-        name: "ECDSA",
-        namedCurve
-      }, extractable, [isPublic ? "verify" : "sign"]);
-    }
-    if (alg.startsWith("ECDH-ES")) {
-      cryptoKey = keyObject.toCryptoKey({
-        name: "ECDH",
-        namedCurve
-      }, extractable, isPublic ? [] : ["deriveBits"]);
-    }
-  }
-  if (!cryptoKey) {
-    throw new TypeError("given KeyObject instance cannot be used for this algorithm");
-  }
-  if (!cached) {
-    cache.set(keyObject, { [alg]: cryptoKey });
-  } else {
-    cached[alg] = cryptoKey;
-  }
-  return cryptoKey;
-};
-async function normalizeKey(key, alg) {
-  if (key instanceof Uint8Array) {
-    return key;
-  }
-  if (isCryptoKey(key)) {
-    return key;
-  }
-  if (isKeyObject(key)) {
-    if (key.type === "secret") {
-      return key.export();
-    }
-    if ("toCryptoKey" in key && typeof key.toCryptoKey === "function") {
-      try {
-        return handleKeyObject(key, alg);
-      } catch (err) {
-        if (err instanceof TypeError) {
-          throw err;
-        }
-      }
-    }
-    let jwk = key.export({ format: "jwk" });
-    return handleJWK(key, jwk, alg);
-  }
-  if (isJWK(key)) {
-    if (key.k) {
-      return decode(key.k);
-    }
-    return handleJWK(key, key, alg, true);
-  }
-  throw new Error("unreachable");
-}
-// ../../node_modules/jose/dist/webapi/lib/check_key_type.js
-var tag = (key) => key?.[Symbol.toStringTag];
-var jwkMatchesOp = (alg, key, usage) => {
-  if (key.use !== void 0) {
-    let expected;
-    switch (usage) {
-      case "sign":
-      case "verify":
-        expected = "sig";
-        break;
-      case "encrypt":
-      case "decrypt":
-        expected = "enc";
-        break;
-    }
-    if (key.use !== expected) {
-      throw new TypeError(`Invalid key for this operation, its "use" must be "${expected}" when present`);
-    }
-  }
-  if (key.alg !== void 0 && key.alg !== alg) {
-    throw new TypeError(`Invalid key for this operation, its "alg" must be "${alg}" when present`);
-  }
-  if (Array.isArray(key.key_ops)) {
-    let expectedKeyOp;
-    switch (true) {
-      case (usage === "sign" || usage === "verify"):
-      case alg === "dir":
-      case alg.includes("CBC-HS"):
-        expectedKeyOp = usage;
-        break;
-      case alg.startsWith("PBES2"):
-        expectedKeyOp = "deriveBits";
-        break;
-      case /^A\d{3}(?:GCM)?(?:KW)?$/.test(alg):
-        if (!alg.includes("GCM") && alg.endsWith("KW")) {
-          expectedKeyOp = usage === "encrypt" ? "wrapKey" : "unwrapKey";
-        } else {
-          expectedKeyOp = usage;
-        }
-        break;
-      case (usage === "encrypt" && alg.startsWith("RSA")):
-        expectedKeyOp = "wrapKey";
-        break;
-      case usage === "decrypt":
-        expectedKeyOp = alg.startsWith("RSA") ? "unwrapKey" : "deriveBits";
-        break;
-    }
-    if (expectedKeyOp && key.key_ops?.includes?.(expectedKeyOp) === false) {
-      throw new TypeError(`Invalid key for this operation, its "key_ops" must include "${expectedKeyOp}" when present`);
-    }
-  }
-  return true;
-};
-var symmetricTypeCheck = (alg, key, usage) => {
-  if (key instanceof Uint8Array)
-    return;
-  if (isJWK(key)) {
-    if (isSecretJWK(key) && jwkMatchesOp(alg, key, usage))
-      return;
-    throw new TypeError(`JSON Web Key for symmetric algorithms must have JWK "kty" (Key Type) equal to "oct" and the JWK "k" (Key Value) present`);
-  }
-  if (!isKeyLike(key)) {
-    throw new TypeError(withAlg(alg, key, "CryptoKey", "KeyObject", "JSON Web Key", "Uint8Array"));
-  }
-  if (key.type !== "secret") {
-    throw new TypeError(`${tag(key)} instances for symmetric algorithms must be of type "secret"`);
-  }
-};
-var asymmetricTypeCheck = (alg, key, usage) => {
-  if (isJWK(key)) {
-    switch (usage) {
-      case "decrypt":
-      case "sign":
-        if (isPrivateJWK(key) && jwkMatchesOp(alg, key, usage))
-          return;
-        throw new TypeError(`JSON Web Key for this operation must be a private JWK`);
-      case "encrypt":
-      case "verify":
-        if (isPublicJWK(key) && jwkMatchesOp(alg, key, usage))
-          return;
-        throw new TypeError(`JSON Web Key for this operation must be a public JWK`);
-    }
-  }
-  if (!isKeyLike(key)) {
-    throw new TypeError(withAlg(alg, key, "CryptoKey", "KeyObject", "JSON Web Key"));
-  }
-  if (key.type === "secret") {
-    throw new TypeError(`${tag(key)} instances for asymmetric algorithms must not be of type "secret"`);
-  }
-  if (key.type === "public") {
-    switch (usage) {
-      case "sign":
-        throw new TypeError(`${tag(key)} instances for asymmetric algorithm signing must be of type "private"`);
-      case "decrypt":
-        throw new TypeError(`${tag(key)} instances for asymmetric algorithm decryption must be of type "private"`);
-    }
-  }
-  if (key.type === "private") {
-    switch (usage) {
-      case "verify":
-        throw new TypeError(`${tag(key)} instances for asymmetric algorithm verifying must be of type "public"`);
-      case "encrypt":
-        throw new TypeError(`${tag(key)} instances for asymmetric algorithm encryption must be of type "public"`);
-    }
-  }
-};
-function checkKeyType(alg, key, usage) {
-  switch (alg.substring(0, 2)) {
-    case "A1":
-    case "A2":
-    case "di":
-    case "HS":
-    case "PB":
-      symmetricTypeCheck(alg, key, usage);
-      break;
-    default:
-      asymmetricTypeCheck(alg, key, usage);
-  }
-}
-// ../../node_modules/jose/dist/webapi/lib/subtle_dsa.js
-function subtleAlgorithm(alg, algorithm) {
-  const hash = `SHA-${alg.slice(-3)}`;
-  switch (alg) {
-    case "HS256":
-    case "HS384":
-    case "HS512":
-      return { hash, name: "HMAC" };
-    case "PS256":
-    case "PS384":
-    case "PS512":
-      return { hash, name: "RSA-PSS", saltLength: parseInt(alg.slice(-3), 10) >> 3 };
-    case "RS256":
-    case "RS384":
-    case "RS512":
-      return { hash, name: "RSASSA-PKCS1-v1_5" };
-    case "ES256":
-    case "ES384":
-    case "ES512":
-      return { hash, name: "ECDSA", namedCurve: algorithm.namedCurve };
-    case "Ed25519":
-    case "EdDSA":
-      return { name: "Ed25519" };
-    case "ML-DSA-44":
-    case "ML-DSA-65":
-    case "ML-DSA-87":
-      return { name: alg };
-    default:
-      throw new JOSENotSupported(`alg ${alg} is not supported either by JOSE or your javascript runtime`);
-  }
-}
-// ../../node_modules/jose/dist/webapi/lib/get_sign_verify_key.js
-async function getSigKey(alg, key, usage) {
-  if (key instanceof Uint8Array) {
-    if (!alg.startsWith("HS")) {
-      throw new TypeError(invalidKeyInput(key, "CryptoKey", "KeyObject", "JSON Web Key"));
-    }
-    return crypto.subtle.importKey("raw", key, { hash: `SHA-${alg.slice(-3)}`, name: "HMAC" }, false, [usage]);
-  }
-  checkSigCryptoKey(key, alg, usage);
-  return key;
-}
-// ../../node_modules/jose/dist/webapi/lib/verify.js
-async function verify(alg, key, signature, data) {
-  const cryptoKey = await getSigKey(alg, key, "verify");
-  checkKeyLength(alg, cryptoKey);
-  const algorithm = subtleAlgorithm(alg, cryptoKey.algorithm);
-  try {
-    return await crypto.subtle.verify(algorithm, cryptoKey, signature, data);
-  } catch {
-    return false;
-  }
-}
-// ../../node_modules/jose/dist/webapi/jws/flattened/verify.js
-async function flattenedVerify(jws, key, options) {
-  if (!isObject(jws)) {
-    throw new JWSInvalid("Flattened JWS must be an object");
-  }
-  if (jws.protected === void 0 && jws.header === void 0) {
-    throw new JWSInvalid('Flattened JWS must have either of the "protected" or "header" members');
-  }
-  if (jws.protected !== void 0 && typeof jws.protected !== "string") {
-    throw new JWSInvalid("JWS Protected Header incorrect type");
-  }
-  if (jws.payload === void 0) {
-    throw new JWSInvalid("JWS Payload missing");
-  }
-  if (typeof jws.signature !== "string") {
-    throw new JWSInvalid("JWS Signature missing or incorrect type");
-  }
-  if (jws.header !== void 0 && !isObject(jws.header)) {
-    throw new JWSInvalid("JWS Unprotected Header incorrect type");
-  }
-  let parsedProt = {};
-  if (jws.protected) {
-    try {
-      const protectedHeader = decode(jws.protected);
-      parsedProt = JSON.parse(decoder.decode(protectedHeader));
-    } catch {
-      throw new JWSInvalid("JWS Protected Header is invalid");
-    }
-  }
-  if (!isDisjoint(parsedProt, jws.header)) {
-    throw new JWSInvalid("JWS Protected and JWS Unprotected Header Parameter names must be disjoint");
-  }
-  const joseHeader = {
-    ...parsedProt,
-    ...jws.header
-  };
-  const extensions = validateCrit(JWSInvalid, /* @__PURE__ */ new Map([["b64", true]]), options?.crit, parsedProt, joseHeader);
-  let b64 = true;
-  if (extensions.has("b64")) {
-    b64 = parsedProt.b64;
-    if (typeof b64 !== "boolean") {
-      throw new JWSInvalid('The "b64" (base64url-encode payload) Header Parameter must be a boolean');
-    }
-  }
-  const { alg } = joseHeader;
-  if (typeof alg !== "string" || !alg) {
-    throw new JWSInvalid('JWS "alg" (Algorithm) Header Parameter missing or invalid');
-  }
-  const algorithms = options && validateAlgorithms("algorithms", options.algorithms);
-  if (algorithms && !algorithms.has(alg)) {
-    throw new JOSEAlgNotAllowed('"alg" (Algorithm) Header Parameter value not allowed');
-  }
-  if (b64) {
-    if (typeof jws.payload !== "string") {
-      throw new JWSInvalid("JWS Payload must be a string");
-    }
-  } else if (typeof jws.payload !== "string" && !(jws.payload instanceof Uint8Array)) {
-    throw new JWSInvalid("JWS Payload must be a string or an Uint8Array instance");
-  }
-  let resolvedKey = false;
-  if (typeof key === "function") {
-    key = await key(parsedProt, jws);
-    resolvedKey = true;
-  }
-  checkKeyType(alg, key, "verify");
-  const data = concat(jws.protected !== void 0 ? encode(jws.protected) : new Uint8Array(), encode("."), typeof jws.payload === "string" ? b64 ? encode(jws.payload) : encoder.encode(jws.payload) : jws.payload);
-  let signature;
-  try {
-    signature = decode(jws.signature);
-  } catch {
-    throw new JWSInvalid("Failed to base64url decode the signature");
-  }
-  const k = await normalizeKey(key, alg);
-  const verified = await verify(alg, k, signature, data);
-  if (!verified) {
-    throw new JWSSignatureVerificationFailed();
-  }
-  let payload;
-  if (b64) {
-    try {
-      payload = decode(jws.payload);
-    } catch {
-      throw new JWSInvalid("Failed to base64url decode the payload");
-    }
-  } else if (typeof jws.payload === "string") {
-    payload = encoder.encode(jws.payload);
-  } else {
-    payload = jws.payload;
-  }
-  const result = { payload };
-  if (jws.protected !== void 0) {
-    result.protectedHeader = parsedProt;
-  }
-  if (jws.header !== void 0) {
-    result.unprotectedHeader = jws.header;
-  }
-  if (resolvedKey) {
-    return { ...result, key: k };
-  }
-  return result;
-}
-// ../../node_modules/jose/dist/webapi/jws/compact/verify.js
-async function compactVerify(jws, key, options) {
-  if (jws instanceof Uint8Array) {
-    jws = decoder.decode(jws);
-  }
-  if (typeof jws !== "string") {
-    throw new JWSInvalid("Compact JWS must be a string or Uint8Array");
-  }
-  const { 0: protectedHeader, 1: payload, 2: signature, length } = jws.split(".");
-  if (length !== 3) {
-    throw new JWSInvalid("Invalid Compact JWS");
-  }
-  const verified = await flattenedVerify({ payload, protected: protectedHeader, signature }, key, options);
-  const result = { payload: verified.payload, protectedHeader: verified.protectedHeader };
-  if (typeof key === "function") {
-    return { ...result, key: verified.key };
-  }
-  return result;
-}
-// ../../node_modules/jose/dist/webapi/lib/jwt_claims_set.js
-var epoch = (date) => Math.floor(date.getTime() / 1e3);
-var minute = 60;
-var hour = minute * 60;
-var day = hour * 24;
-var week = day * 7;
-var year = day * 365.25;
-var REGEX = /^(\+|\-)? ?(\d+|\d+\.\d+) ?(seconds?|secs?|s|minutes?|mins?|m|hours?|hrs?|h|days?|d|weeks?|w|years?|yrs?|y)(?: (ago|from now))?$/i;
-function secs(str) {
-  const matched = REGEX.exec(str);
-  if (!matched || matched[4] && matched[1]) {
-    throw new TypeError("Invalid time period format");
-  }
-  const value = parseFloat(matched[2]);
-  const unit = matched[3].toLowerCase();
-  let numericDate;
-  switch (unit) {
-    case "sec":
-    case "secs":
-    case "second":
-    case "seconds":
-    case "s":
-      numericDate = Math.round(value);
-      break;
-    case "minute":
-    case "minutes":
-    case "min":
-    case "mins":
-    case "m":
-      numericDate = Math.round(value * minute);
-      break;
-    case "hour":
-    case "hours":
-    case "hr":
-    case "hrs":
-    case "h":
-      numericDate = Math.round(value * hour);
-      break;
-    case "day":
-    case "days":
-    case "d":
-      numericDate = Math.round(value * day);
-      break;
-    case "week":
-    case "weeks":
-    case "w":
-      numericDate = Math.round(value * week);
-      break;
-    default:
-      numericDate = Math.round(value * year);
-      break;
-  }
-  if (matched[1] === "-" || matched[4] === "ago") {
-    return -numericDate;
-  }
-  return numericDate;
-}
-var normalizeTyp = (value) => {
-  if (value.includes("/")) {
-    return value.toLowerCase();
-  }
-  return `application/${value.toLowerCase()}`;
-};
-var checkAudiencePresence = (audPayload, audOption) => {
-  if (typeof audPayload === "string") {
-    return audOption.includes(audPayload);
-  }
-  if (Array.isArray(audPayload)) {
-    return audOption.some(Set.prototype.has.bind(new Set(audPayload)));
-  }
-  return false;
-};
-function validateClaimsSet(protectedHeader, encodedPayload, options = {}) {
-  let payload;
-  try {
-    payload = JSON.parse(decoder.decode(encodedPayload));
-  } catch {
-  }
-  if (!isObject(payload)) {
-    throw new JWTInvalid("JWT Claims Set must be a top-level JSON object");
-  }
-  const { typ } = options;
-  if (typ && (typeof protectedHeader.typ !== "string" || normalizeTyp(protectedHeader.typ) !== normalizeTyp(typ))) {
-    throw new JWTClaimValidationFailed('unexpected "typ" JWT header value', payload, "typ", "check_failed");
-  }
-  const { requiredClaims = [], issuer, subject, audience, maxTokenAge } = options;
-  const presenceCheck = [...requiredClaims];
-  if (maxTokenAge !== void 0)
-    presenceCheck.push("iat");
-  if (audience !== void 0)
-    presenceCheck.push("aud");
-  if (subject !== void 0)
-    presenceCheck.push("sub");
-  if (issuer !== void 0)
-    presenceCheck.push("iss");
-  for (const claim of new Set(presenceCheck.reverse())) {
-    if (!(claim in payload)) {
-      throw new JWTClaimValidationFailed(`missing required "${claim}" claim`, payload, claim, "missing");
-    }
-  }
-  if (issuer && !(Array.isArray(issuer) ? issuer : [issuer]).includes(payload.iss)) {
-    throw new JWTClaimValidationFailed('unexpected "iss" claim value', payload, "iss", "check_failed");
-  }
-  if (subject && payload.sub !== subject) {
-    throw new JWTClaimValidationFailed('unexpected "sub" claim value', payload, "sub", "check_failed");
-  }
-  if (audience && !checkAudiencePresence(payload.aud, typeof audience === "string" ? [audience] : audience)) {
-    throw new JWTClaimValidationFailed('unexpected "aud" claim value', payload, "aud", "check_failed");
-  }
-  let tolerance;
-  switch (typeof options.clockTolerance) {
-    case "string":
-      tolerance = secs(options.clockTolerance);
-      break;
-    case "number":
-      tolerance = options.clockTolerance;
-      break;
-    case "undefined":
-      tolerance = 0;
-      break;
-    default:
-      throw new TypeError("Invalid clockTolerance option type");
-  }
-  const { currentDate } = options;
-  const now = epoch(currentDate || /* @__PURE__ */ new Date());
-  if ((payload.iat !== void 0 || maxTokenAge) && typeof payload.iat !== "number") {
-    throw new JWTClaimValidationFailed('"iat" claim must be a number', payload, "iat", "invalid");
-  }
-  if (payload.nbf !== void 0) {
-    if (typeof payload.nbf !== "number") {
-      throw new JWTClaimValidationFailed('"nbf" claim must be a number', payload, "nbf", "invalid");
-    }
-    if (payload.nbf > now + tolerance) {
-      throw new JWTClaimValidationFailed('"nbf" claim timestamp check failed', payload, "nbf", "check_failed");
-    }
-  }
-  if (payload.exp !== void 0) {
-    if (typeof payload.exp !== "number") {
-      throw new JWTClaimValidationFailed('"exp" claim must be a number', payload, "exp", "invalid");
-    }
-    if (payload.exp <= now - tolerance) {
-      throw new JWTExpired('"exp" claim timestamp check failed', payload, "exp", "check_failed");
-    }
-  }
-  if (maxTokenAge) {
-    const age = now - payload.iat;
-    const max = typeof maxTokenAge === "number" ? maxTokenAge : secs(maxTokenAge);
-    if (age - tolerance > max) {
-      throw new JWTExpired('"iat" claim timestamp check failed (too far in the past)', payload, "iat", "check_failed");
-    }
-    if (age < 0 - tolerance) {
-      throw new JWTClaimValidationFailed('"iat" claim timestamp check failed (it should be in the past)', payload, "iat", "check_failed");
-    }
-  }
-  return payload;
-}
-// ../../node_modules/jose/dist/webapi/jwt/verify.js
-async function jwtVerify(jwt, key, options) {
-  const verified = await compactVerify(jwt, key, options);
-  if (verified.protectedHeader.crit?.includes("b64") && verified.protectedHeader.b64 === false) {
-    throw new JWTInvalid("JWTs MUST NOT use unencoded payload");
-  }
-  const payload = validateClaimsSet(verified.protectedHeader, verified.payload, options);
-  const result = { payload, protectedHeader: verified.protectedHeader };
-  if (typeof key === "function") {
-    return { ...result, key: verified.key };
-  }
-  return result;
-}
-// src/constants.ts
-var ENV_SECRET_URL = "SYLPHX_SECRET_URL";
-function resolveSecretUrl(explicit) {
-  return explicit || process.env[ENV_SECRET_URL];
-}
-var SDK_API_PATH = `/v1`;
-var DEFAULT_SDK_API_HOST = "api.sylphx.com";
-var SDK_VERSION = "0.5.0";
-var SDK_PLATFORM = typeof window !== "undefined" ? "browser" : typeof process !== "undefined" && process.versions?.node ? "node" : "unknown";
-var DEFAULT_TIMEOUT_MS = 3e4;
-var SESSION_TOKEN_LIFETIME_SECONDS = 5 * 60;
-var SESSION_TOKEN_LIFETIME_MS = SESSION_TOKEN_LIFETIME_SECONDS * 1e3;
-var REFRESH_TOKEN_LIFETIME_SECONDS = 30 * 24 * 60 * 60;
-var FLAGS_CACHE_TTL_MS = 5 * 60 * 1e3;
-var FLAGS_STALE_WHILE_REVALIDATE_MS = 60 * 1e3;
-var MAX_RETRY_DELAY_MS = 3e4;
-var BASE_RETRY_DELAY_MS = 1e3;
-var MAX_RETRIES = 3;
-var ANALYTICS_SESSION_TIMEOUT_MS = 30 * 60 * 1e3;
-var WEBHOOK_MAX_AGE_MS = 5 * 60 * 1e3;
-var WEBHOOK_CLOCK_SKEW_MS = 30 * 1e3;
-var PKCE_CODE_TTL_MS = 10 * 60 * 1e3;
-var JOBS_DLQ_MAX_AGE_MS = 7 * 24 * 60 * 60 * 1e3;
-var SESSION_REPLAY_MAX_DURATION_MS = 60 * 60 * 1e3;
-var FLAGS_EXPOSURE_DEDUPE_WINDOW_MS = 60 * 60 * 1e3;
-var CLICK_ID_EXPIRY_MS = 90 * 24 * 60 * 60 * 1e3;
-var STALE_TIME_FREQUENT_MS = 60 * 1e3;
-var STALE_TIME_MODERATE_MS = 2 * 60 * 1e3;
-var STALE_TIME_STABLE_MS = 5 * 60 * 1e3;
-var STALE_TIME_STATS_MS = 30 * 1e3;
-var NEW_USER_THRESHOLD_MS = 60 * 1e3;
-var STORAGE_MULTIPART_THRESHOLD_BYTES = 5 * 1024 * 1024;
-var STORAGE_DEFAULT_MAX_SIZE_BYTES = 5 * 1024 * 1024;
-var STORAGE_AVATAR_MAX_SIZE_BYTES = 2 * 1024 * 1024;
-var STORAGE_LARGE_MAX_SIZE_BYTES = 10 * 1024 * 1024;
-var JWK_CACHE_TTL_MS = 60 * 60 * 1e3;
-var CIRCUIT_BREAKER_FAILURE_THRESHOLD = 5;
-var CIRCUIT_BREAKER_WINDOW_MS = 1e4;
-var CIRCUIT_BREAKER_OPEN_DURATION_MS = 3e4;
-var ETAG_CACHE_MAX_ENTRIES = 100;
-var ETAG_CACHE_TTL_MS = 5 * 60 * 1e3;
-// src/errors.ts
-var ERROR_CODE_STATUS = {
-  BAD_REQUEST: 400,
-  UNAUTHORIZED: 401,
-  FORBIDDEN: 403,
-  NOT_FOUND: 404,
-  CONFLICT: 409,
-  PAYLOAD_TOO_LARGE: 413,
-  UNPROCESSABLE_ENTITY: 422,
-  TOO_MANY_REQUESTS: 429,
-  QUOTA_EXCEEDED: 402,
-  INTERNAL_SERVER_ERROR: 500,
-  NOT_IMPLEMENTED: 501,
-  BAD_GATEWAY: 502,
-  SERVICE_UNAVAILABLE: 503,
-  GATEWAY_TIMEOUT: 504,
-  NETWORK_ERROR: 0,
-  TIMEOUT: 0,
-  ABORTED: 0,
-  PARSE_ERROR: 0,
-  UNKNOWN: 0
-};
-var RETRYABLE_CODES = /* @__PURE__ */ new Set([
-  "NETWORK_ERROR",
-  "TIMEOUT",
-  "BAD_GATEWAY",
-  "SERVICE_UNAVAILABLE",
-  "GATEWAY_TIMEOUT",
-  "TOO_MANY_REQUESTS",
-  // With backoff
-  "INTERNAL_SERVER_ERROR"
-  // Sometimes transient
-]);
-var SylphxError = class _SylphxError extends Error {
-  /** Error code for programmatic handling */
-  code;
-  /** HTTP status code */
-  status;
-  /** Additional context data */
-  data;
-  /** Whether this error is safe to retry */
-  isRetryable;
-  /** Retry-After value in seconds (for rate limiting) */
-  retryAfter;
-  /** Timestamp when error occurred */
-  timestamp;
-  constructor(message2, options = {}) {
-    super(message2, { cause: options.cause });
-    this.name = "SylphxError";
-    this.code = options.code ?? "UNKNOWN";
-    this.status = options.status ?? ERROR_CODE_STATUS[this.code];
-    this.data = options.data;
-    this.isRetryable = RETRYABLE_CODES.has(this.code);
-    this.retryAfter = options.retryAfter;
-    this.timestamp = /* @__PURE__ */ new Date();
-    if (Error.captureStackTrace) {
-      Error.captureStackTrace(this, _SylphxError);
-    }
-  }
-  // ============================================================================
-  // Static Type Guards (DX helpers)
-  // ============================================================================
-  /**
-   * Check if error is a rate-limit error (429 Too Many Requests)
-   */
-  static isRateLimited(err) {
-    return err instanceof _SylphxError && err.code === "TOO_MANY_REQUESTS";
-  }
-  /**
-   * Check if error is an account lockout error (too many failed login attempts).
-   * When true, `error.data?.lockoutUntil` contains the ISO 8601 timestamp when the lockout expires.
-   */
-  static isAccountLocked(err) {
-    return err instanceof _SylphxError && err.code === "TOO_MANY_REQUESTS" && err.data?.code === "ACCOUNT_LOCKED";
-  }
-  /**
-   * Check if error is a quota exceeded error (plan limit reached)
-   */
-  static isQuotaExceeded(err) {
-    return err instanceof _SylphxError && err.code === "QUOTA_EXCEEDED";
-  }
-  /**
-   * Check if error is an authentication error (401 Unauthorized)
-   */
-  static isUnauthorized(err) {
-    return err instanceof _SylphxError && err.code === "UNAUTHORIZED";
-  }
-  /**
-   * Check if error is a not-found error (404 Not Found)
-   */
-  static isNotFound(err) {
-    return err instanceof _SylphxError && err.code === "NOT_FOUND";
-  }
-  /**
-   * Check if error is an authorization error (403 Forbidden)
-   */
-  static isForbidden(err) {
-    return err instanceof _SylphxError && err.code === "FORBIDDEN";
-  }
-  /**
-   * Check if error is a validation error (422 Unprocessable Entity)
-   */
-  static isValidationError(err) {
-    return err instanceof _SylphxError && err.code === "UNPROCESSABLE_ENTITY";
-  }
-  /**
-   * Check if error is a network error (no response received)
-   */
-  static isNetworkError(err) {
-    return err instanceof _SylphxError && err.code === "NETWORK_ERROR";
-  }
-  /**
-   * Check if error is an upstream/gateway error (502/504)
-   */
-  static isUpstreamError(err) {
-    return err instanceof _SylphxError && (err.code === "BAD_GATEWAY" || err.code === "GATEWAY_TIMEOUT" || err.code === "SERVICE_UNAVAILABLE");
-  }
-  /**
-   * Convert to JSON-serializable object
-   */
-  toJSON() {
-    return {
-      name: this.name,
-      message: this.message,
-      code: this.code,
-      status: this.status,
-      data: this.data,
-      isRetryable: this.isRetryable,
-      retryAfter: this.retryAfter,
-      timestamp: this.timestamp.toISOString()
-    };
-  }
-};
-var NetworkError = class extends SylphxError {
-  constructor(message2 = "Network request failed", options) {
-    super(message2, { ...options, code: "NETWORK_ERROR" });
-    this.name = "NetworkError";
-  }
-};
-var TimeoutError = class extends SylphxError {
-  /** Timeout duration in milliseconds */
-  timeout;
-  constructor(timeout, options) {
-    super(`Request timed out after ${timeout}ms`, {
-      ...options,
-      code: "TIMEOUT"
-    });
-    this.name = "TimeoutError";
-    this.timeout = timeout;
-  }
-};
-var RateLimitError = class extends SylphxError {
-  /** Maximum requests allowed in window */
-  limit;
-  /** Remaining requests in current window */
-  remaining;
-  /** Unix timestamp (seconds) when limit resets */
-  resetAt;
-  constructor(message2 = "Too many requests", options) {
-    super(message2, { ...options, code: "TOO_MANY_REQUESTS" });
-    this.name = "RateLimitError";
-    this.limit = options?.limit;
-    this.remaining = options?.remaining;
-    this.resetAt = options?.resetAt;
-  }
-  /**
-   * Get Date when rate limit resets
-   */
-  getResetDate() {
-    return this.resetAt ? new Date(this.resetAt * 1e3) : void 0;
-  }
-  /**
-   * Get human-readable retry message
-   */
-  getRetryMessage() {
-    if (this.retryAfter) {
-      return `Please retry after ${this.retryAfter} seconds`;
-    }
-    if (this.resetAt) {
-      const seconds = Math.max(0, this.resetAt - Math.floor(Date.now() / 1e3));
-      return `Rate limit resets in ${seconds} seconds`;
-    }
-    return "Please wait before retrying";
-  }
-};
-function exponentialBackoff(attempt, baseDelay = BASE_RETRY_DELAY_MS, maxDelay = MAX_RETRY_DELAY_MS) {
-  const exponentialDelay = baseDelay * 2 ** attempt;
-  const cappedDelay = Math.min(exponentialDelay, maxDelay);
-  const jitter = cappedDelay * 0.25 * (Math.random() * 2 - 1);
-  return Math.round(cappedDelay + jitter);
-}
-// src/key-validation.ts
-var PUBLIC_KEY_PATTERN = /^pk_(dev|stg|prod)_[a-z0-9]{12}_[a-f0-9]{32}$/;
-var APP_ID_PATTERN = /^(app|pk)_(dev|stg|prod|prev)_[a-z0-9_-]+$/;
-var SECRET_KEY_PATTERN = /^sk_(dev|stg|prod)_[a-z0-9_-]+$/;
-var ENV_PREFIX_MAP = {
-  dev: "development",
-  stg: "staging",
-  prod: "production"
-};
-function detectKeyIssues(key) {
-  const issues = [];
-  if (key !== key.trim()) issues.push("whitespace");
-  if (key.includes("\n")) issues.push("newline");
-  if (key.includes("\r")) issues.push("carriage-return");
-  if (key.includes(" ")) issues.push("space");
-  if (key !== key.toLowerCase()) issues.push("uppercase-chars");
-  return issues;
-}
-function createSanitizationWarning(keyType, issues, envVarName) {
-  const keyTypeName = keyType === "appId" ? "App ID" : "Secret Key";
-  return `[Sylphx] ${keyTypeName} contains ${issues.join(", ")}. This is commonly caused by Vercel CLI's 'env pull' command.
-To fix permanently:
-1. Go to Vercel Dashboard \u2192 Your Project \u2192 Settings \u2192 Environment Variables
-2. Edit ${envVarName}
-3. Remove any trailing whitespace or newline characters
-4. Redeploy your application
-The SDK will automatically sanitize the key, but fixing the source is recommended.`;
-}
-function createInvalidKeyError(keyType, key, envVarName) {
-  const maskedKey = key.length > 20 ? `${key.slice(0, 20)}...` : key;
-  const formatHint = keyType === "appId" ? "pk_(dev|stg|prod)_{ref}_{hex} or app_(dev|stg|prod)_[id]" : "sk_(dev|stg|prod)_{ref}_{hex}";
-  const keyTypeName = keyType === "appId" ? "App ID" : "Secret Key";
-  return `[Sylphx] Invalid ${keyTypeName} format.
-Expected format: ${formatHint}
-Received: "${maskedKey}"
-Please check your ${envVarName} environment variable.
-You can find your keys in the Sylphx Console \u2192 API Keys.
-Common issues:
-\u2022 Key has uppercase characters (must be lowercase)
-\u2022 Key has wrong prefix (App ID: pk_ or app_, Secret Key: sk_)
-\u2022 Key has invalid environment (must be dev, stg, or prod)
-\u2022 Key was copied with extra whitespace`;
-}
-function extractEnvironment(key) {
-  const match = key.match(/^(?:app|pk|sk)_(dev|stg|prod|prev)_/);
-  if (!match) return void 0;
-  return ENV_PREFIX_MAP[match[1]];
-}
-function validateKeyForType(key, keyType, pattern, envVarName) {
-  const keyTypeName = keyType === "appId" ? "App ID" : "Secret Key";
-  if (!key) {
-    return {
-      valid: false,
-      sanitizedKey: "",
-      error: `[Sylphx] ${keyTypeName} is required. Set ${envVarName} in your environment variables.`,
-      issues: ["missing"]
-    };
-  }
-  const issues = detectKeyIssues(key);
-  if (pattern.test(key)) {
-    return {
-      valid: true,
-      sanitizedKey: key,
-      keyType,
-      environment: extractEnvironment(key),
-      issues: []
-    };
-  }
-  const sanitized = key.trim().toLowerCase();
-  if (pattern.test(sanitized)) {
-    return {
-      valid: true,
-      sanitizedKey: sanitized,
-      keyType,
-      environment: extractEnvironment(sanitized),
-      warning: createSanitizationWarning(keyType, issues, envVarName),
-      issues
-    };
-  }
-  return {
-    valid: false,
-    sanitizedKey: "",
-    error: createInvalidKeyError(keyType, key, envVarName),
-    issues: [...issues, "invalid-format"]
-  };
-}
-function validatePublicKey(key) {
-  return validateKeyForType(key, "publicKey", PUBLIC_KEY_PATTERN, "NEXT_PUBLIC_SYLPHX_KEY");
-}
-function validateAppId(key) {
-  return validateKeyForType(key, "appId", APP_ID_PATTERN, "NEXT_PUBLIC_SYLPHX_APP_ID");
-}
-function validateAndSanitizeAppId(key) {
-  const result = validateAppId(key);
-  if (!result.valid) {
-    throw new Error(result.error);
-  }
-  if (result.warning) {
-    console.warn(result.warning);
-  }
-  return result.sanitizedKey;
-}
-function validateSecretKey(key) {
-  return validateKeyForType(key, "secret", SECRET_KEY_PATTERN, "SYLPHX_SECRET_KEY");
-}
-function validateAndSanitizeSecretKey(key) {
-  const result = validateSecretKey(key);
-  if (!result.valid) {
-    throw new Error(result.error);
-  }
-  if (result.warning) {
-    console.warn(result.warning);
-  }
-  return result.sanitizedKey;
-}
-function detectEnvironment(key) {
-  const sanitized = key.trim().toLowerCase();
-  if (sanitized.startsWith("pk_")) {
-    const result = validatePublicKey(sanitized);
-    if (!result.valid) throw new Error(result.error);
-    return result.environment;
-  }
-  if (sanitized.startsWith("sk_")) {
-    const result = validateSecretKey(sanitized);
-    if (!result.valid) throw new Error(result.error);
-    return result.environment;
-  }
-  if (sanitized.startsWith("app_")) {
-    const result = validateAppId(sanitized);
-    if (!result.valid) throw new Error(result.error);
-    return result.environment;
-  }
-  throw new Error(
-    `[Sylphx] Invalid key format. Key must start with 'pk_' (publishable), 'sk_' (secret), or 'app_' (legacy App ID).`
-  );
-}
-function isDevelopmentKey(key) {
-  return detectEnvironment(key) === "development";
-}
-function isProductionKey(key) {
-  return detectEnvironment(key) === "production";
-}
-function getCookieNamespace(secretKey) {
-  const env = detectEnvironment(secretKey);
-  const shortEnv = env === "development" ? "dev" : env === "staging" ? "stg" : "prod";
-  return `sylphx_${shortEnv}`;
-}
-function detectKeyType(key) {
-  const sanitized = key.trim().toLowerCase();
-  if (sanitized.startsWith("pk_")) return "publicKey";
-  if (sanitized.startsWith("app_")) return "appId";
-  if (sanitized.startsWith("sk_")) return "secret";
-  return null;
-}
-function isAppId(key) {
-  return detectKeyType(key) === "appId";
-}
-function isSecretKey(key) {
-  return detectKeyType(key) === "secret";
-}
-function validateKey(key) {
-  const keyType = key ? detectKeyType(key) : null;
-  if (keyType === "publicKey") {
-    return validatePublicKey(key);
-  }
-  if (keyType === "appId") {
-    return validateAppId(key);
-  }
-  if (keyType === "secret") {
-    return validateSecretKey(key);
-  }
-  return {
-    valid: false,
-    sanitizedKey: "",
-    error: key ? `Invalid key format. Keys must start with 'pk_' (publishable), 'app_' (legacy), or 'sk_' (secret), followed by environment (dev/stg/prod). Got: ${key.slice(0, 20)}...` : "API key is required but was not provided.",
-    issues: key ? ["invalid_format"] : ["missing"]
-  };
-}
-function validateAndSanitizeKey(key) {
-  const result = validateKey(key);
-  if (!result.valid) {
-    throw new Error(result.error);
-  }
-  if (result.warning) {
-    console.warn(`[Sylphx] ${result.warning}`);
-  }
-  return result.sanitizedKey;
-}
-function isDevelopmentRuntime() {
-  if (typeof process !== "undefined" && process.env) {
-    return process.env.NODE_ENV === "development";
-  }
-  if (typeof window !== "undefined") {
-    return window.location.hostname === "localhost" || window.location.hostname === "127.0.0.1";
-  }
-  return false;
-}
-// src/rest-client.ts
-async function runPipeline(middlewares, initial) {
-  let request = initial;
-  for (const mw of middlewares) {
-    if (mw.onRequest) {
-      const next = await mw.onRequest({ request });
-      if (next) request = next;
-    }
-  }
-  let response = await fetch(request);
-  for (const mw of middlewares) {
-    if (mw.onResponse) {
-      const next = await mw.onResponse({ request, response });
-      if (next) response = next;
-    }
-  }
-  return response;
-}
-function buildUrl(baseUrl, path, params) {
-  const url = `${baseUrl}${path}`;
-  if (!params) return url;
-  const entries = Object.entries(params).filter(([, v]) => v !== void 0);
-  if (entries.length === 0) return url;
-  const search = new URLSearchParams(
-    entries.map(([k, v]) => [k, String(v)])
-  ).toString();
-  return `${url}?${search}`;
-}
-function interpolatePath(path, pathParams) {
-  if (!pathParams) return path;
-  return path.replace(/\{(\w+)\}/g, (_match, key) => {
-    const value = pathParams[key];
-    if (value === void 0) return `{${key}}`;
-    return encodeURIComponent(value);
-  });
-}
-async function executeRequest(method, baseUrl, path, options, baseHeaders, middlewares) {
-  const finalPath = interpolatePath(path, options?.params?.path);
-  const url = buildUrl(baseUrl, finalPath, options?.params?.query);
-  const headers = { ...baseHeaders, ...options?.headers };
-  const init = { method, headers };
-  if (options?.body !== void 0) {
-    init.body = typeof options.body === "string" ? options.body : JSON.stringify(options.body);
-    if (!headers["Content-Type"] && !headers["content-type"]) {
-      headers["Content-Type"] = "application/json";
-    }
-  }
-  const request = new Request(url, init);
-  const response = await runPipeline(middlewares, request);
-  const contentType = response.headers.get("content-type") ?? "";
-  let parsed;
-  if (contentType.includes("json")) {
-    try {
-      parsed = await response.clone().json();
-    } catch {
-      parsed = void 0;
-    }
-  } else if (response.status !== 204 && response.status !== 205) {
-    try {
-      const text = await response.clone().text();
-      parsed = text === "" ? void 0 : text;
-    } catch {
-      parsed = void 0;
-    }
-  }
-  if (response.ok) {
-    return { data: parsed, response };
-  }
-  return { error: parsed, response };
-}
-function buildClient(baseUrl, baseHeaders) {
-  const middlewares = [];
-  const dispatch = (method) => (path, options) => executeRequest(method, baseUrl, path, options, baseHeaders, middlewares);
-  const client = {
-    GET: dispatch("GET"),
-    POST: dispatch("POST"),
-    PUT: dispatch("PUT"),
-    PATCH: dispatch("PATCH"),
-    DELETE: dispatch("DELETE"),
-    HEAD: dispatch("HEAD"),
-    OPTIONS: dispatch("OPTIONS"),
-    use(...mws) {
-      middlewares.push(...mws);
-    }
-  };
-  return { client, middlewares };
-}
-function createAuthMiddleware(config) {
-  return {
-    async onRequest({ request }) {
-      request.headers.set("X-SDK-Version", SDK_VERSION);
-      request.headers.set("X-SDK-Platform", SDK_PLATFORM);
-      if (config.secretKey) {
-        request.headers.set("x-app-secret", config.secretKey);
-      }
-      const token = config.getAccessToken?.();
-      if (token) {
-        request.headers.set("Authorization", `Bearer ${token}`);
-      }
-      return request;
-    }
-  };
-}
-function isRetryableStatus(status) {
-  return status >= 500 || status === 429;
-}
-var inFlightRequests = /* @__PURE__ */ new Map();
-async function getRequestKey(request) {
-  const body = request.body ? await request.clone().text() : "";
-  return `${request.method}:${request.url}:${body}`;
-}
-function createDeduplicationMiddleware(config = {}) {
-  const { enabled = true, methods = ["GET"] } = config;
-  if (!enabled) {
-    return {
-      async onRequest({ request }) {
-        return request;
-      }
-    };
-  }
-  return {
-    async onRequest({ request }) {
-      if (!methods.includes(request.method)) {
-        return request;
-      }
-      const key = await getRequestKey(request);
-      const existing = inFlightRequests.get(key);
-      if (existing) {
-        const deduped = request.clone();
-        deduped._dedupKey = key;
-        return deduped;
-      }
-      ;
-      request._dedupKey = key;
-      return request;
-    },
-    async onResponse({ request, response }) {
-      const key = request._dedupKey;
-      if (!key) return response;
-      const existing = inFlightRequests.get(key);
-      if (existing && inFlightRequests.get(key) !== void 0) {
-        const cachedResponse = await existing;
-        return cachedResponse.clone();
-      }
-      const responsePromise = Promise.resolve(response.clone());
-      inFlightRequests.set(key, responsePromise);
-      responsePromise.finally(() => {
-        setTimeout(() => inFlightRequests.delete(key), 100);
-      });
-      return response;
-    }
-  };
-}
-var CircuitBreakerOpenError = class extends Error {
-  remainingMs;
-  constructor(remainingMs) {
-    super(`Circuit breaker is open. Retry after ${Math.ceil(remainingMs / 1e3)}s`);
-    this.name = "CircuitBreakerOpenError";
-    this.remainingMs = remainingMs;
-  }
-};
-function createCircuitBreakerInstance(config = {}) {
-  return {
-    state: "CLOSED",
-    failures: [],
-    openedAt: null,
-    config: {
-      enabled: config.enabled ?? true,
-      failureThreshold: config.failureThreshold ?? CIRCUIT_BREAKER_FAILURE_THRESHOLD,
-      windowMs: config.windowMs ?? CIRCUIT_BREAKER_WINDOW_MS,
-      openDurationMs: config.openDurationMs ?? CIRCUIT_BREAKER_OPEN_DURATION_MS,
-      isFailure: config.isFailure ?? ((status) => status >= 500 || status === 429)
-    }
-  };
-}
-function recordFailure(cb) {
-  const now = Date.now();
-  cb.failures = cb.failures.filter((t) => now - t < cb.config.windowMs);
-  cb.failures.push(now);
-  if (cb.failures.length >= cb.config.failureThreshold) {
-    cb.state = "OPEN";
-    cb.openedAt = now;
-  }
-}
-function recordSuccess(cb) {
-  if (cb.state === "HALF_OPEN") {
-    cb.state = "CLOSED";
-    cb.failures = [];
-    cb.openedAt = null;
-  }
-}
-function shouldAllowRequest(cb) {
-  const now = Date.now();
-  switch (cb.state) {
-    case "CLOSED":
-      return { allowed: true };
-    case "OPEN": {
-      const elapsed = now - (cb.openedAt ?? now);
-      if (elapsed >= cb.config.openDurationMs) {
-        cb.state = "HALF_OPEN";
-        return { allowed: true };
-      }
-      return {
-        allowed: false,
-        remainingMs: cb.config.openDurationMs - elapsed
-      };
-    }
-    case "HALF_OPEN":
-      return { allowed: true };
-    default:
-      return { allowed: true };
-  }
-}
-function createCircuitBreakerMiddleware(config) {
-  if (config === false) {
-    return {
-      async onRequest({ request }) {
-        return request;
-      }
-    };
-  }
-  const cb = createCircuitBreakerInstance(config ?? {});
-  _lastCircuitBreaker = cb;
-  return {
-    async onRequest({ request }) {
-      if (!cb.config.enabled) {
-        return request;
-      }
-      const check = shouldAllowRequest(cb);
-      if (!check.allowed) {
-        throw new CircuitBreakerOpenError(check.remainingMs);
-      }
-      return request;
-    },
-    async onResponse({ response }) {
-      if (!cb.config.enabled) {
-        return response;
-      }
-      if (cb.config.isFailure(response.status)) {
-        recordFailure(cb);
-      } else {
-        recordSuccess(cb);
-      }
-      return response;
-    }
-  };
-}
-var _lastCircuitBreaker = null;
-var etagCache = /* @__PURE__ */ new Map();
-function getETagCacheKey(request) {
-  return `${request.method}:${request.url}`;
-}
-function evictOldEntries(maxEntries, ttlMs) {
-  const now = Date.now();
-  for (const [key, entry] of etagCache) {
-    if (now - entry.timestamp > ttlMs) {
-      etagCache.delete(key);
-    }
-  }
-  if (etagCache.size > maxEntries) {
-    const entries = Array.from(etagCache.entries());
-    entries.sort((a, b) => a[1].timestamp - b[1].timestamp);
-    const toRemove = entries.slice(0, entries.length - maxEntries);
-    for (const [key] of toRemove) {
-      etagCache.delete(key);
-    }
-  }
-}
-function createETagMiddleware(config) {
-  if (config === false) {
-    return {
-      async onRequest({ request }) {
-        return request;
-      }
-    };
-  }
-  const {
-    enabled = true,
-    maxEntries = ETAG_CACHE_MAX_ENTRIES,
-    ttlMs = ETAG_CACHE_TTL_MS
-  } = config ?? {};
-  if (!enabled) {
-    return {
-      async onRequest({ request }) {
-        return request;
-      }
-    };
-  }
-  return {
-    async onRequest({ request }) {
-      if (request.method !== "GET") {
-        return request;
-      }
-      const cacheKey = getETagCacheKey(request);
-      const cached = etagCache.get(cacheKey);
-      if (cached) {
-        if (Date.now() - cached.timestamp > ttlMs) {
-          etagCache.delete(cacheKey);
-        } else {
-          request.headers.set("If-None-Match", cached.etag);
-        }
-      }
-      return request;
-    },
-    async onResponse({ request, response }) {
-      if (request.method !== "GET") {
-        return response;
-      }
-      const cacheKey = getETagCacheKey(request);
-      if (response.status === 304) {
-        const cached = etagCache.get(cacheKey);
-        if (cached) {
-          cached.timestamp = Date.now();
-          return new Response(cached.body, {
-            status: 200,
-            headers: response.headers
-          });
-        }
-        return response;
-      }
-      if (response.ok) {
-        const etag = response.headers.get("ETag");
-        if (etag) {
-          const cloned = response.clone();
-          const body = await cloned.text();
-          evictOldEntries(maxEntries, ttlMs);
-          etagCache.set(cacheKey, {
-            etag,
-            body,
-            timestamp: Date.now()
-          });
-        }
-      }
-      return response;
-    }
-  };
-}
-var retryBodyMap = /* @__PURE__ */ new WeakMap();
-function createRetryMiddleware(retryConfig) {
-  if (retryConfig === false) {
-    return {
-      async onResponse({ response }) {
-        return response;
-      }
-    };
-  }
-  const {
-    maxRetries = 3,
-    baseDelay = BASE_RETRY_DELAY_MS,
-    maxDelay = MAX_RETRY_DELAY_MS,
-    shouldRetry = isRetryableStatus,
-    timeout = DEFAULT_TIMEOUT_MS
-  } = retryConfig ?? {};
-  return {
-    async onRequest({ request }) {
-      const body = request.body ? await request.clone().text() : null;
-      const controller = new AbortController();
-      setTimeout(() => controller.abort(), timeout);
-      const newRequest = new Request(request.url, {
-        method: request.method,
-        headers: request.headers,
-        body,
-        signal: controller.signal
-      });
-      retryBodyMap.set(newRequest, body);
-      return newRequest;
-    },
-    async onResponse({ response, request }) {
-      const originalBody = retryBodyMap.get(request) ?? null;
-      let attempt = 0;
-      let currentResponse = response;
-      while (attempt < maxRetries && shouldRetry(currentResponse.status, attempt)) {
-        const retryAfter = currentResponse.headers.get("Retry-After");
-        const delay = retryAfter ? Number.parseInt(retryAfter, 10) * 1e3 : exponentialBackoff(attempt, baseDelay, maxDelay);
-        await new Promise((resolve) => setTimeout(resolve, delay));
-        attempt++;
-        const controller = new AbortController();
-        const timeoutId = setTimeout(() => controller.abort(), timeout);
-        try {
-          const retryRequest = new Request(request.url, {
-            method: request.method,
-            headers: request.headers,
-            body: originalBody,
-            signal: controller.signal
-          });
-          const newResponse = await fetch(retryRequest);
-          clearTimeout(timeoutId);
-          if (newResponse.ok || !shouldRetry(newResponse.status, attempt)) {
-            retryBodyMap.delete(request);
-            return newResponse;
-          }
-          currentResponse = newResponse;
-        } catch (error) {
-          clearTimeout(timeoutId);
-          if (attempt >= maxRetries) {
-            retryBodyMap.delete(request);
-            throw error;
-          }
-        }
-      }
-      retryBodyMap.delete(request);
-      return currentResponse;
-    }
-  };
-}
-function validateClientConfig(config) {
-  return {
-    secretKey: validateAndSanitizeSecretKey(config.secretKey),
-    baseUrl: (config.platformUrl || `https://${DEFAULT_SDK_API_HOST}`).trim()
-  };
-}
-function createRestClient(config) {
-  const { secretKey, baseUrl } = validateClientConfig(config);
-  const { client, middlewares } = buildClient(`${baseUrl}${SDK_API_PATH}`, {
-    "Content-Type": "application/json",
-    "x-app-secret": secretKey
-  });
-  if (config.deduplication !== false) {
-    middlewares.push(createDeduplicationMiddleware(config.deduplication));
-  }
-  if (config.circuitBreaker !== false) {
-    middlewares.push(createCircuitBreakerMiddleware(config.circuitBreaker));
-  }
-  if (config.etag !== false) {
-    middlewares.push(createETagMiddleware(config.etag));
-  }
-  middlewares.push(createRetryMiddleware(config.retry));
-  return client;
-}
-function createDynamicRestClient(config) {
-  const { secretKey, baseUrl } = validateClientConfig(config);
-  const validatedConfig = {
-    ...config,
-    secretKey,
-    platformUrl: baseUrl
-  };
-  const { client, middlewares } = buildClient(`${baseUrl}${SDK_API_PATH}`, {
-    "Content-Type": "application/json"
-  });
-  if (config.deduplication !== false) {
-    middlewares.push(createDeduplicationMiddleware(config.deduplication));
-  }
-  middlewares.push(createAuthMiddleware(validatedConfig));
-  if (config.circuitBreaker !== false) {
-    middlewares.push(createCircuitBreakerMiddleware(config.circuitBreaker));
-  }
-  if (config.etag !== false) {
-    middlewares.push(createETagMiddleware(config.etag));
-  }
-  middlewares.push(createRetryMiddleware(config.retry));
-  return client;
-}
-// src/connection-url.ts
-var SYLPHX_PROTOCOL = "sylphx:";
-var DEFAULT_VERSION = "v1";
-var CREDENTIAL_REGEX = /^(pk|sk)_(dev|stg|prod|prev)_[a-f0-9]{32,64}$/;
-var VERSION_REGEX = /^v[0-9]+$/;
-var SLUG_REGEX = /^[a-z0-9]([a-z0-9-]*[a-z0-9])?$/;
-var InvalidConnectionUrlError = class _InvalidConnectionUrlError extends Error {
-  code = "INVALID_CONNECTION_URL";
-  constructor(message2) {
-    super(message2);
-    this.name = "InvalidConnectionUrlError";
-    Object.setPrototypeOf(this, _InvalidConnectionUrlError.prototype);
-  }
-};
-function fail(reason) {
-  throw new InvalidConnectionUrlError(`Invalid Sylphx connection URL: ${reason}`);
-}
-function parseCredential(raw) {
-  const match = CREDENTIAL_REGEX.exec(raw);
-  if (!match) {
-    fail(`credential must match (pk|sk)_(dev|stg|prod|prev)_[a-f0-9]{32,64}, got "${raw}"`);
-  }
-  return {
-    credentialType: match[1],
-    env: match[2]
-  };
-}
-function validateSlug(candidate) {
-  if (!candidate || candidate.length > 63 || !SLUG_REGEX.test(candidate)) {
-    fail(`slug "${candidate}" is not a valid DNS label (lowercase alnum + hyphens, 1-63 chars)`);
-  }
-  return candidate;
-}
-function parseConnectionUrl(url) {
-  if (typeof url !== "string" || url.length === 0) {
-    fail("url must be a non-empty string");
-  }
-  let parsed;
-  try {
-    parsed = new URL(url);
-  } catch {
-    fail(`not a valid URL: "${url}"`);
-  }
-  if (parsed.protocol !== SYLPHX_PROTOCOL) {
-    fail(`protocol must be "sylphx:", got "${parsed.protocol}"`);
-  }
-  const credential = decodeURIComponent(parsed.username);
-  if (!credential) {
-    fail("missing credential (expected `sylphx://<credential>@<host>`)");
-  }
-  if (parsed.password) {
-    fail("connection URL must not contain a password component");
-  }
-  const { credentialType, env } = parseCredential(credential);
-  const host = parsed.host;
-  if (!host) {
-    fail("missing host");
-  }
-  const hostname = parsed.hostname;
-  const firstDot = hostname.indexOf(".");
-  if (firstDot <= 0) {
-    fail(`host "${hostname}" must contain at least one dot (slug.domain)`);
-  }
-  const slugCandidate = hostname.slice(0, firstDot);
-  const domainSuffix = hostname.slice(firstDot + 1);
-  if (!domainSuffix) {
-    fail(`host "${hostname}" has empty domain suffix`);
-  }
-  const slug = validateSlug(slugCandidate);
-  const rawPath = parsed.pathname.replace(/^\/+/, "").replace(/\/+$/, "");
-  let version = DEFAULT_VERSION;
-  if (rawPath !== "") {
-    if (!VERSION_REGEX.test(rawPath)) {
-      fail(`path "${parsed.pathname}" must be empty or match /v{N}`);
-    }
-    version = rawPath;
-  }
-  if (parsed.search) {
-    fail("connection URL must not contain a query string");
-  }
-  if (parsed.hash) {
-    fail("connection URL must not contain a fragment");
-  }
-  const apiBaseUrl = `https://${host}/${version}`;
-  return {
-    credential,
-    credentialType,
-    env,
-    slug,
-    host,
-    apiBaseUrl
-  };
-}
-// src/config.ts
-var LEGACY_EMBEDDED_REF_PATTERN = /^(pk|sk)_(dev|stg|prod|prev)_[a-z0-9]{12}_[a-f0-9]+$/;
-var LEGACY_APP_KEY_PATTERN = /^app_(dev|stg|prod|prev)_/;
-var MIGRATION_MESSAGE = "API key format has changed. Use a sylphx:// connection URL instead.\n\nNew format: sylphx://pk_prod_{hex}@your-slug.sylphx.com\n\nGenerate new credentials from the Sylphx Console \u2192 Your App \u2192 Environments.\nSee https://docs.sylphx.com/migration for details.";
-function rejectLegacyKeyFormat(input) {
-  const trimmed = input.trim().toLowerCase();
-  if (LEGACY_APP_KEY_PATTERN.test(trimmed)) {
-    throw new SylphxError(`[Sylphx] ${MIGRATION_MESSAGE}`, { code: "BAD_REQUEST" });
-  }
-  if (LEGACY_EMBEDDED_REF_PATTERN.test(trimmed)) {
-    throw new SylphxError(`[Sylphx] ${MIGRATION_MESSAGE}`, { code: "BAD_REQUEST" });
-  }
-}
-function freezeConfig(opts) {
-  return Object.freeze({
-    credential: opts.credential,
-    credentialType: opts.credentialType,
-    env: opts.env,
-    slug: opts.slug,
-    baseUrl: opts.baseUrl,
-    accessToken: opts.accessToken,
-    // Backward-compat aliases
-    secretKey: opts.credentialType === "sk" ? opts.credential : void 0,
-    publicKey: opts.credentialType === "pk" ? opts.credential : void 0,
-    ref: opts.slug
-  });
-}
-function createClient(input) {
-  if (typeof input === "string") {
-    return createConfigFromUrl(input);
-  }
-  return createConfigFromComponents(input);
-}
-function createServerClient(input) {
-  const config = createClient(input);
-  if (config.credentialType !== "sk") {
-    throw new SylphxError(
-      "[Sylphx] createServerClient() requires a secret key (sk_*). Use a SYLPHX_SECRET_URL with an sk_ credential, or pass { secretKey } in the components object.",
-      { code: "BAD_REQUEST" }
-    );
-  }
-  return config;
-}
-function createConfigFromUrl(url) {
-  if (!url || typeof url !== "string") {
-    throw new SylphxError(
-      "[Sylphx] Connection URL is required. Set SYLPHX_URL or NEXT_PUBLIC_SYLPHX_URL environment variable.\n\nFormat: sylphx://pk_prod_{hex}@your-slug.sylphx.com",
-      { code: "BAD_REQUEST" }
-    );
-  }
-  const trimmed = url.trim();
-  rejectLegacyKeyFormat(trimmed);
-  if (!trimmed.startsWith("sylphx://")) {
-    if (CREDENTIAL_REGEX.test(trimmed)) {
-      throw new SylphxError(
-        "[Sylphx] Received a bare credential instead of a connection URL.\n\nWrap it in a connection URL: sylphx://<credential>@<slug>.sylphx.com\nOr use createClient({ slug, publicKey }) for explicit components.",
-        { code: "BAD_REQUEST" }
-      );
-    }
-    throw new SylphxError(
-      `[Sylphx] Invalid connection URL \u2014 must start with "sylphx://". Got: "${trimmed.slice(0, 30)}..."`,
-      { code: "BAD_REQUEST" }
-    );
-  }
-  let parsed;
-  try {
-    parsed = parseConnectionUrl(trimmed);
-  } catch (err) {
-    if (err instanceof InvalidConnectionUrlError) {
-      throw new SylphxError(err.message, { code: "BAD_REQUEST", cause: err });
-    }
-    throw err;
-  }
-  return freezeConfig({
-    credential: parsed.credential,
-    credentialType: parsed.credentialType,
-    env: parsed.env,
-    slug: parsed.slug,
-    baseUrl: parsed.apiBaseUrl
-  });
-}
-function createConfigFromComponents(input) {
-  const credential = input.secretKey || input.publicKey;
-  if (!credential) {
-    throw new SylphxError("[Sylphx] Either publicKey or secretKey must be provided.", {
-      code: "BAD_REQUEST"
-    });
-  }
-  const resolvedSlug = input.slug || input.ref;
-  if (!resolvedSlug) {
-    throw new SylphxError("[Sylphx] slug is required when using explicit components.", {
-      code: "BAD_REQUEST"
-    });
-  }
-  const trimmedCred = credential.trim().toLowerCase();
-  if (CREDENTIAL_REGEX.test(trimmedCred)) {
-    const match = CREDENTIAL_REGEX.exec(trimmedCred);
-    const credentialType = match[1];
-    const env = match[2];
-    const slug = resolvedSlug.trim().toLowerCase();
-    const domain = input.domain?.trim() || "api.sylphx.com";
-    const baseUrl = `https://${slug}.${domain}/v1`;
-    return freezeConfig({
-      credential: trimmedCred,
-      credentialType,
-      env,
-      slug,
-      baseUrl,
-      accessToken: input.accessToken
-    });
-  }
-  const parts = trimmedCred.split("_");
-  const prefix = parts[0];
-  if ((prefix === "pk" || prefix === "sk") && parts.length >= 3) {
-    const envSegment = parts[1];
-    const validEnvs = ["dev", "stg", "prod", "prev"];
-    const env = validEnvs.includes(envSegment) ? envSegment : "prod";
-    const slug = resolvedSlug.trim().toLowerCase();
-    let baseUrl;
-    if (input.platformUrl) {
-      const platform = input.platformUrl.trim().replace(/\/$/, "");
-      baseUrl = platform.includes("/v1") ? platform : `${platform}/v1`;
-    } else {
-      const domain = input.domain?.trim() || "api.sylphx.com";
-      baseUrl = `https://${slug}.${domain}/v1`;
-    }
-    return freezeConfig({
-      credential: trimmedCred,
-      credentialType: prefix,
-      env,
-      slug,
-      baseUrl,
-      accessToken: input.accessToken
-    });
-  }
-  throw new SylphxError(
-    `[Sylphx] Invalid credential format. Expected (pk|sk)_(dev|stg|prod|prev)_[a-f0-9]{32,64}. Got: "${trimmedCred.slice(0, 30)}..."`,
-    { code: "BAD_REQUEST" }
-  );
-}
-function httpStatusToErrorCode(status) {
-  switch (status) {
-    case 400:
-      return "BAD_REQUEST";
-    case 401:
-      return "UNAUTHORIZED";
-    case 403:
-      return "FORBIDDEN";
-    case 404:
-      return "NOT_FOUND";
-    case 409:
-      return "CONFLICT";
-    case 413:
-      return "PAYLOAD_TOO_LARGE";
-    case 422:
-      return "UNPROCESSABLE_ENTITY";
-    case 429:
-      return "TOO_MANY_REQUESTS";
-    case 500:
-      return "INTERNAL_SERVER_ERROR";
-    case 501:
-      return "NOT_IMPLEMENTED";
-    case 502:
-      return "BAD_GATEWAY";
-    case 503:
-      return "SERVICE_UNAVAILABLE";
-    case 504:
-      return "GATEWAY_TIMEOUT";
-    default:
-      return status >= 500 ? "INTERNAL_SERVER_ERROR" : "BAD_REQUEST";
-  }
-}
-function buildHeaders(config) {
-  const headers = {
-    "Content-Type": "application/json"
-  };
-  if (config.credential) {
-    headers["x-app-secret"] = config.credential;
-  }
-  if (config.accessToken) {
-    headers.Authorization = `Bearer ${config.accessToken}`;
-  }
-  return headers;
-}
-function buildApiUrl(config, path) {
-  const base = config.baseUrl.replace(/\/$/, "");
-  const cleanPath = path.startsWith("/") ? path : `/${path}`;
-  return `${base}${cleanPath}`;
-}
-async function callApi(config, path, options = {}) {
-  const {
-    method = "GET",
-    body,
-    query,
-    timeout = DEFAULT_TIMEOUT_MS,
-    signal,
-    idempotencyKey,
-    headers: extraHeaders
-  } = options;
-  let url = buildApiUrl(config, path);
-  if (query) {
-    const params = new URLSearchParams();
-    for (const [key, value] of Object.entries(query)) {
-      if (value !== void 0) {
-        params.set(key, String(value));
-      }
-    }
-    const queryString = params.toString();
-    if (queryString) {
-      url += `?${queryString}`;
-    }
-  }
-  const controller = new AbortController();
-  const timeoutId = setTimeout(() => controller.abort(), timeout);
-  const combinedSignal = signal ? AbortSignal.any([signal, controller.signal]) : controller.signal;
-  const headers = buildHeaders(config);
-  if (idempotencyKey) {
-    headers["Idempotency-Key"] = idempotencyKey;
-  }
-  if (extraHeaders) {
-    for (const [k, v] of Object.entries(extraHeaders)) {
-      headers[k] = v;
-    }
-  }
-  const fetchOptions = {
-    method,
-    headers,
-    signal: combinedSignal
-  };
-  if (body) {
-    fetchOptions.body = JSON.stringify(body);
-  }
-  let response;
-  try {
-    response = await fetch(url, fetchOptions);
-  } catch (error) {
-    clearTimeout(timeoutId);
-    if (error instanceof Error) {
-      if (error.name === "AbortError") {
-        if (controller.signal.aborted && !signal?.aborted) {
-          throw new TimeoutError(timeout);
-        }
-        throw new SylphxError("Request aborted", {
-          code: "ABORTED",
-          cause: error
-        });
-      }
-      throw new NetworkError(error.message, { cause: error });
-    }
-    throw new NetworkError("Network request failed");
-  } finally {
-    clearTimeout(timeoutId);
-  }
-  if (!response.ok) {
-    const errorBody = await response.text().catch(() => "");
-    let errorMessage = "Request failed";
-    let errorData;
-    if (errorBody) {
-      try {
-        const parsed = JSON.parse(errorBody);
-        errorMessage = parsed.error?.message ?? parsed.message ?? errorMessage;
-        errorData = parsed.error;
-      } catch {
-        errorMessage = response.statusText || errorMessage;
-      }
-    }
-    const errorCode = httpStatusToErrorCode(response.status);
-    const retryAfterHeader = response.headers.get("Retry-After");
-    const rateLimitLimit = response.headers.get("X-RateLimit-Limit");
-    const rateLimitRemaining = response.headers.get("X-RateLimit-Remaining");
-    const rateLimitReset = response.headers.get("X-RateLimit-Reset");
-    const retryAfter = retryAfterHeader ? Number.parseInt(retryAfterHeader, 10) : void 0;
-    if (response.status === 429) {
-      throw new RateLimitError(errorMessage || "Too many requests", {
-        status: response.status,
-        data: errorData,
-        retryAfter,
-        limit: rateLimitLimit ? Number.parseInt(rateLimitLimit, 10) : void 0,
-        remaining: rateLimitRemaining ? Number.parseInt(rateLimitRemaining, 10) : void 0,
-        resetAt: rateLimitReset ? Number.parseInt(rateLimitReset, 10) : void 0
-      });
-    }
-    throw new SylphxError(errorMessage, {
-      code: errorCode,
-      status: response.status,
-      data: errorData,
-      retryAfter
-    });
-  }
-  const text = await response.text();
-  if (!text) {
-    return {};
-  }
-  try {
-    return JSON.parse(text);
-  } catch (error) {
-    throw new SylphxError("Failed to parse response", {
-      code: "PARSE_ERROR",
-      cause: error instanceof Error ? error : void 0,
-      data: { body: text.slice(0, 200) }
-    });
-  }
-}
-// src/lib/functions/index.ts
-var FunctionsClient = {
-  /**
-   * Deploy (create or update) a function.
-   *
-   * If a function with the same name already exists, it is updated
-   * (version number incremented, code replaced atomically).
-   *
-   * @example
-   * ```typescript
-   * const fn = await FunctionsClient.deploy(config, {
-   *   name: 'send-webhook',
-   *   code: `
-   *     export default async (req: Request) => {
-   *       const body = await req.json()
-   *       await fetch(body.url, { method: 'POST', body: JSON.stringify(body.payload) })
-   *       return Response.json({ ok: true })
-   *     }
-   *   `,
-   *   timeoutSeconds: 10,
-   * })
-   * console.log('Deployed:', fn.url)
-   * ```
-   */
-  async deploy(config, options) {
-    return callApi(config, "/functions", {
-      method: "POST",
-      body: options
-    });
-  },
-  /**
-   * Get a function by name.
-   */
-  async get(config, name) {
-    return callApi(config, `/functions/${encodeURIComponent(name)}`, { method: "GET" });
-  },
-  /**
-   * List all functions for this project.
-   */
-  async list(config, options = {}) {
-    const params = new URLSearchParams();
-    if (options.status) params.set("status", options.status);
-    if (options.environment) params.set("environment", options.environment);
-    if (options.limit) params.set("limit", String(options.limit));
-    const qs = params.toString();
-    return callApi(config, `/functions${qs ? `?${qs}` : ""}`, { method: "GET" });
-  },
-  /**
-   * Delete a function permanently.
-   */
-  async delete(config, name) {
-    return callApi(config, `/functions/${encodeURIComponent(name)}`, { method: "DELETE" });
-  },
-  /**
-   * Invoke a function from server-side code.
-   *
-   * For client-side invocations, call the function URL directly via fetch().
-   *
-   * @example
-   * ```typescript
-   * const result = await FunctionsClient.invoke(config, 'process-order', {
-   *   body: { orderId: '123', userId: 'user_abc' },
-   * })
-   * ```
-   */
-  async invoke(config, name, body, options = {}) {
-    return callApi(config, `/functions/${encodeURIComponent(name)}/invoke`, {
-      method: options.method ?? "POST",
-      body: body ?? null,
-      headers: options.headers
-    });
-  },
-  /**
-   * Retrieve recent invocation logs for a function.
-   *
-   * @example
-   * ```typescript
-   * const logs = await FunctionsClient.logs(config, 'send-webhook', { errorsOnly: true })
-   * for (const entry of logs) {
-   *   console.log(`${entry.status} ${entry.durationMs}ms`, entry.errorMessage)
-   * }
-   * ```
-   */
-  async logs(config, name, options = {}) {
-    const params = new URLSearchParams();
-    if (options.limit) params.set("limit", String(options.limit));
-    if (options.errorsOnly) params.set("errors_only", "1");
-    if (options.since) params.set("since", options.since);
-    const qs = params.toString();
-    return callApi(config, `/functions/${encodeURIComponent(name)}/logs${qs ? `?${qs}` : ""}`, {
-      method: "GET"
-    });
-  }
-};
-// src/lib/ids.ts
-var CB32 = "0123456789abcdefghjkmnpqrstvwxyz";
-var CB32_MAP = Object.fromEntries([...CB32].map((c, i) => [c, i]));
-var B58 = "123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz";
-var B58_MAP = Object.fromEntries([...B58].map((c, i) => [c, i]));
-function cb32Encode(hex) {
-  const num = BigInt(`0x${hex}`);
-  const chars = [];
-  let n = num;
-  for (let i = 0; i < 26; i++) {
-    chars.unshift(CB32[Number(n & 0x1fn)]);
-    n >>= 5n;
-  }
-  return chars.join("");
-}
-function cb32Decode(str) {
-  if (str.length !== 26) return null;
-  let n = 0n;
-  for (const c of str.toLowerCase()) {
-    const idx = CB32_MAP[c];
-    if (idx === void 0) return null;
-    n = n << 5n | BigInt(idx);
-  }
-  return n.toString(16).padStart(32, "0");
-}
-function b58Decode(str) {
-  let n = 0n;
-  for (const c of str) {
-    const i = B58_MAP[c] ?? -1;
-    if (i === -1) return null;
-    n = n * 58n + BigInt(i);
-  }
-  const hex = n.toString(16).padStart(32, "0");
-  return hex.length === 32 ? hex : null;
-}
-function hexToUuid(hex) {
-  return [
-    hex.slice(0, 8),
-    hex.slice(8, 12),
-    hex.slice(12, 16),
-    hex.slice(16, 20),
-    hex.slice(20)
-  ].join("-");
-}
-function encodeUserId(uuid) {
-  const hex = uuid.replace(/-/g, "");
-  if (hex.length !== 32)
-    throw new Error("Invalid UUID: expected 32 hex chars after stripping dashes");
-  return `user_${cb32Encode(hex)}`;
-}
-function decodeUserId(prefixedId) {
-  if (!prefixedId.startsWith("user_")) return null;
-  const enc = prefixedId.slice(5);
-  if (!enc) return null;
-  if (enc.length === 26) {
-    const hex2 = cb32Decode(enc);
-    if (hex2) return hexToUuid(hex2);
-  }
-  const hex = b58Decode(enc);
-  if (hex) return hexToUuid(hex);
-  return null;
-}
-// src/server/ai.ts
-function createAI(options = {}) {
-  const baseURL = (options.platformUrl || `https://${DEFAULT_SDK_API_HOST}`).trim();
-  const rawApiKey = options.secretKey || process.env.SYLPHX_SECRET_KEY;
-  const apiKey = validateAndSanitizeSecretKey(rawApiKey);
-  const headers = {
-    "Content-Type": "application/json",
-    Authorization: `Bearer ${apiKey}`
-  };
-  async function chat(opts) {
-    const response = await fetch(`${baseURL}/api/v1/chat/completions`, {
-      method: "POST",
-      headers,
-      body: JSON.stringify(opts)
-    });
-    if (!response.ok) {
-      const error = await response.json().catch(() => ({ error: { message: "Chat failed" } }));
-      throw new Error(error.error?.message || "Chat failed");
-    }
-    if (opts.stream) {
-      return parseSSEStream(response);
-    }
-    return response.json();
-  }
-  async function embed(opts) {
-    const response = await fetch(`${baseURL}/api/v1/embeddings`, {
-      method: "POST",
-      headers,
-      body: JSON.stringify(opts)
-    });
-    if (!response.ok) {
-      const error = await response.json().catch(() => ({ error: { message: "Embedding failed" } }));
-      throw new Error(error.error?.message || "Embedding failed");
-    }
-    return response.json();
-  }
-  async function listModels(opts) {
-    const params = new URLSearchParams();
-    if (opts?.capability) params.set("capability", opts.capability);
-    if (opts?.search) params.set("search", opts.search);
-    const query = params.toString();
-    const response = await fetch(`${baseURL}/api/v1/models${query ? `?${query}` : ""}`);
-    if (!response.ok) {
-      throw new Error("Failed to fetch models");
-    }
-    return response.json();
-  }
-  return {
-    chat,
-    embed,
-    listModels
-  };
-}
-async function* parseSSEStream(response) {
-  const reader = response.body?.getReader();
-  if (!reader) {
-    throw new Error("Response body is not readable");
-  }
-  const decoder2 = new TextDecoder();
-  let buffer = "";
-  try {
-    while (true) {
-      const { done, value } = await reader.read();
-      if (done) break;
-      buffer += decoder2.decode(value, { stream: true });
-      const lines = buffer.split("\n");
-      buffer = lines.pop() || "";
-      for (const line of lines) {
-        if (line.startsWith("data: ")) {
-          const data = line.slice(6);
-          if (data === "[DONE]") {
-            return;
-          }
-          try {
-            const chunk = JSON.parse(data);
-            yield chunk;
-          } catch {
-          }
-        }
-      }
-    }
-  } finally {
-    reader.releaseLock();
-  }
-}
-var defaultClient = null;
-function getAI() {
-  if (!defaultClient) {
-    defaultClient = createAI();
-  }
-  return defaultClient;
-}
-// src/server/kv.ts
-function createKv(options = {}) {
-  const platformUrl = (options.platformUrl || `https://${DEFAULT_SDK_API_HOST}`).trim();
-  const secretKey = validateAndSanitizeSecretKey(resolveSecretUrl(options.secretKey));
-  const headers = {
-    "Content-Type": "application/json",
-    "x-app-secret": secretKey,
-    "X-SDK-Version": SDK_VERSION,
-    "X-SDK-Platform": SDK_PLATFORM
-  };
-  async function request(method, path, body) {
-    let lastError;
-    for (let attempt = 0; attempt <= MAX_RETRIES; attempt++) {
-      try {
-        const response = await fetch(`${platformUrl}${SDK_API_PATH}/kv${path}`, {
-          method,
-          headers,
-          body: body ? JSON.stringify(body) : void 0
-        });
-        if (!response.ok) {
-          const errorBody = await response.json().catch(() => ({ error: "Request failed" }));
-          const message2 = typeof errorBody.error === "string" ? errorBody.error : errorBody.error?.message ?? "Request failed";
-          if (response.status === 429) {
-            const retryAfter = Number(response.headers.get("Retry-After")) || void 0;
-            throw new RateLimitError(message2, {
-              retryAfter,
-              limit: Number(response.headers.get("X-RateLimit-Limit")) || void 0,
-              remaining: Number(response.headers.get("X-RateLimit-Remaining")) || void 0
-            });
-          }
-          const codeMap = {
-            400: "BAD_REQUEST",
-            401: "UNAUTHORIZED",
-            403: "FORBIDDEN",
-            404: "NOT_FOUND",
-            409: "CONFLICT",
-            422: "UNPROCESSABLE_ENTITY",
-            500: "INTERNAL_SERVER_ERROR",
-            502: "BAD_GATEWAY",
-            503: "SERVICE_UNAVAILABLE",
-            504: "GATEWAY_TIMEOUT"
-          };
-          throw new SylphxError(message2, {
-            code: codeMap[response.status] ?? "UNKNOWN",
-            status: response.status,
-            data: errorBody.data
-          });
-        }
-        return response.json();
-      } catch (error) {
-        lastError = error instanceof Error ? error : new Error(String(error));
-        const isServerOrNetworkError = error instanceof SylphxError ? error.isRetryable && error.code !== "TOO_MANY_REQUESTS" : error instanceof TypeError;
-        if (!isServerOrNetworkError || attempt >= MAX_RETRIES) {
-          throw error instanceof SylphxError ? error : new SylphxError(lastError.message, {
-            code: "NETWORK_ERROR",
-            cause: lastError
-          });
-        }
-        await new Promise((resolve) => setTimeout(resolve, exponentialBackoff(attempt)));
-      }
-    }
-    throw lastError ?? new SylphxError("Request failed", { code: "UNKNOWN" });
-  }
-  async function get(key) {
-    return request("GET", `/${encodeURIComponent(key)}`);
-  }
-  async function set(key, value, options2) {
-    const result = await request("POST", "", {
-      key,
-      value,
-      ...options2
-    });
-    return result.success;
-  }
-  async function del(key) {
-    const result = await request("DELETE", `/${encodeURIComponent(key)}`);
-    return result.deleted;
-  }
-  async function exists(key) {
-    const result = await request("GET", `/exists/${encodeURIComponent(key)}`);
-    return result.exists;
-  }
-  async function mget(keys) {
-    const result = await request("POST", "/mget", { keys });
-    return result.values;
-  }
-  async function mset(entries, options2) {
-    await request("POST", "/mset", {
-      entries,
-      ...options2
-    });
-  }
-  async function incr(key, by = 1) {
-    const result = await request("POST", "/incr", {
-      key,
-      by
-    });
-    return result.value;
-  }
-  async function expire(key, seconds) {
-    const result = await request("POST", "/expire", {
-      key,
-      seconds
-    });
-    return result.success;
-  }
-  async function ratelimit(key, options2) {
-    return request("POST", "/ratelimit", {
-      key,
-      ...options2
-    });
-  }
-  async function hset(key, fields) {
-    const result = await request("POST", "/hset", {
-      key,
-      fields
-    });
-    return result.created;
-  }
-  async function hget(key, field) {
-    const result = await request("POST", "/hget", {
-      key,
-      field
-    });
-    return result.value;
-  }
-  async function hgetall(key) {
-    const result = await request("POST", "/hgetall", { key });
-    return result.fields;
-  }
-  async function lpush(key, ...values) {
-    const result = await request("POST", "/lpush", {
-      key,
-      values
-    });
-    return result.length;
-  }
-  async function lrange(key, start = 0, stop = -1) {
-    const result = await request("POST", "/lrange", {
-      key,
-      start,
-      stop
-    });
-    return result.values;
-  }
-  async function zadd(key, ...members) {
-    const result = await request("POST", "/zadd", {
-      key,
-      members
-    });
-    return result.added;
-  }
-  async function zrange(key, start = 0, stop = 9, options2) {
-    const result = await request("POST", "/zrange", {
-      key,
-      start,
-      stop,
-      withScores: options2?.withScores ?? false,
-      rev: options2?.rev ?? false
-    });
-    return result.members;
-  }
-  return {
-    get,
-    set,
-    del,
-    exists,
-    mget,
-    mset,
-    incr,
-    expire,
-    ratelimit,
-    hset,
-    hget,
-    hgetall,
-    lpush,
-    lrange,
-    zadd,
-    zrange
-  };
-}
-var defaultClient2 = null;
-function getKv() {
-  if (!defaultClient2) {
-    defaultClient2 = createKv();
-  }
-  return defaultClient2;
-}
-// src/server/streams.ts
-function createStreams(options = {}) {
-  const baseURL = (options.platformUrl || `https://${DEFAULT_SDK_API_HOST}`).trim();
-  const rawApiKey = options.secretKey || process.env.SYLPHX_SECRET_KEY;
-  const apiKey = validateAndSanitizeSecretKey(rawApiKey);
-  const headers = {
-    "Content-Type": "application/json",
-    "x-app-secret": apiKey
-  };
-  async function emit(channel, event, data) {
-    const response = await fetch(`${baseURL}${SDK_API_PATH}/realtime/emit`, {
-      method: "POST",
-      headers,
-      body: JSON.stringify({ channel, event, data })
-    });
-    if (!response.ok) {
-      const error = await response.json().catch(() => ({ error: "Emit failed" }));
-      throw new Error(typeof error.error === "string" ? error.error : "Emit failed");
-    }
-    const result = await response.json();
-    return result.id;
-  }
-  async function history(channel, options2) {
-    const response = await fetch(`${baseURL}${SDK_API_PATH}/realtime/history`, {
-      method: "POST",
-      headers,
-      body: JSON.stringify({
-        channel,
-        start: options2?.start,
-        end: options2?.end,
-        limit: options2?.limit
-      })
-    });
-    if (!response.ok) {
-      const error = await response.json().catch(() => ({ error: "History fetch failed" }));
-      throw new Error(typeof error.error === "string" ? error.error : "History fetch failed");
-    }
-    const result = await response.json();
-    return result.messages;
-  }
-  function channelHelper(name) {
-    return {
-      emit: (event, data) => emit(name, event, data),
-      history: (options2) => history(name, options2)
-    };
-  }
-  return {
-    emit,
-    history,
-    channel: channelHelper
-  };
-}
-var defaultClient3 = null;
-function getStreams() {
-  if (!defaultClient3) {
-    defaultClient3 = createStreams();
-  }
-  return defaultClient3;
-}
-// src/server/index.ts
-function createServerRestClient(config) {
-  const secretKey = validateAndSanitizeSecretKey(config.secretKey);
-  return createRestClient({
-    secretKey,
-    platformUrl: config.platformUrl?.trim()
-  });
-}
-function createAuthenticatedServerClient(config, accessToken) {
-  return createDynamicRestClient({
-    secretKey: config.secretKey,
-    platformUrl: config.platformUrl,
-    getAccessToken: () => accessToken
-  });
-}
-function isJwksResponse(data) {
-  return typeof data === "object" && data !== null && "keys" in data && Array.isArray(data.keys);
-}
-function isAccessTokenPayload(payload) {
-  return typeof payload.sub === "string" && typeof payload.email === "string" && typeof payload.app_id === "string" && typeof payload.iat === "number" && typeof payload.exp === "number";
-}
-var jwksCache = null;
-function resetJwksCache() {
-  jwksCache = null;
-}
-async function getJwks(platformUrl = `https://${DEFAULT_SDK_API_HOST}`) {
-  const now = Date.now();
-  if (jwksCache && jwksCache.expiresAt > now) {
-    return jwksCache.keys;
-  }
-  const response = await fetch(`${platformUrl}/api/v1/auth/.well-known/jwks.json`);
-  if (!response.ok) {
-    throw new Error("Failed to fetch JWKS");
-  }
-  const data = await response.json();
-  if (!isJwksResponse(data)) {
-    throw new Error("Invalid JWKS response format");
-  }
-  jwksCache = {
-    keys: data.keys,
-    expiresAt: now + JWK_CACHE_TTL_MS
-    // Cache for 1 hour
-  };
-  return data.keys;
-}
-async function verifyAccessToken(token, options) {
-  const platformUrl = options.platformUrl || `https://${DEFAULT_SDK_API_HOST}`;
-  const keys = await getJwks(platformUrl);
-  if (!keys.length) {
-    throw new Error("No keys in JWKS");
-  }
-  let lastError = null;
-  for (const key of keys) {
-    try {
-      const jwk = await importJWK(key, "RS256");
-      const { payload } = await jwtVerify(token, jwk, {
-        issuer: platformUrl
-      });
-      if (!isAccessTokenPayload(payload)) {
-        throw new Error("Invalid token payload structure");
-      }
-      return {
-        sub: payload.sub,
-        pid: payload.pid,
-        email: payload.email,
-        name: payload.name,
-        picture: payload.picture,
-        email_verified: payload.email_verified,
-        app_id: payload.app_id,
-        role: payload.role,
-        iat: payload.iat,
-        exp: payload.exp
-      };
-    } catch (err) {
-      lastError = err;
-    }
-  }
-  throw lastError || new Error("Token verification failed");
-}
-async function verifyWebhook(options) {
-  const { payload, secret, verifyOptions = {} } = options;
-  const { maxAge = WEBHOOK_MAX_AGE_MS, clockSkew = WEBHOOK_CLOCK_SKEW_MS } = verifyOptions;
-  let signatureHex = options.signature ?? null;
-  let timestampStr = options.timestamp ?? null;
-  if (options.signatureHeader) {
-    const tMatch = options.signatureHeader.match(/t=(\d+)/);
-    const vMatch = options.signatureHeader.match(/v1=([a-f0-9]+)/);
-    if (tMatch) timestampStr = tMatch[1];
-    if (vMatch) signatureHex = vMatch[1];
-  }
-  if (!signatureHex) {
-    return { valid: false, error: "Missing signature" };
-  }
-  if (!timestampStr) {
-    return { valid: false, error: "Missing timestamp" };
-  }
-  const webhookTimeSeconds = Number.parseInt(timestampStr, 10);
-  if (Number.isNaN(webhookTimeSeconds)) {
-    return { valid: false, error: "Invalid timestamp format" };
-  }
-  const webhookTimeMs = webhookTimeSeconds * 1e3;
-  const now = Date.now();
-  const age = now - webhookTimeMs;
-  if (age > maxAge) {
-    return { valid: false, error: `Webhook too old: ${age}ms` };
-  }
-  if (age < -clockSkew) {
-    return { valid: false, error: "Webhook timestamp is in the future" };
-  }
-  const signedPayload = `${timestampStr}.${payload}`;
-  try {
-    const expectedSignature = await computeHmacSha256(signedPayload, secret);
-    if (!timingSafeEqual(signatureHex, expectedSignature)) {
-      return { valid: false, error: "Invalid signature" };
-    }
-    const parsedPayload = JSON.parse(payload);
-    return { valid: true, payload: parsedPayload };
-  } catch (error) {
-    return {
-      valid: false,
-      error: error instanceof Error ? error.message : "Verification failed"
-    };
-  }
-}
-async function computeHmacSha256(message2, secret) {
-  const encoder2 = new TextEncoder();
-  const keyData = encoder2.encode(secret);
-  const messageData = encoder2.encode(message2);
-  const cryptoKey = await crypto.subtle.importKey(
-    "raw",
-    keyData,
-    { name: "HMAC", hash: "SHA-256" },
-    false,
-    ["sign"]
-  );
-  const signature = await crypto.subtle.sign("HMAC", cryptoKey, messageData);
-  return Buffer.from(signature).toString("hex");
-}
-function timingSafeEqual(a, b) {
-  const target = a.length === b.length ? b : a;
-  let result = a.length ^ b.length;
-  for (let i = 0; i < a.length; i++) {
-    result |= a.charCodeAt(i) ^ target.charCodeAt(i);
-  }
-  return result === 0;
-}
-function createWebhookHandler(config) {
-  return async (request) => {
-    const signatureHeader = request.headers.get("x-webhook-signature");
-    const body = await request.text();
-    const result = await verifyWebhook({
-      payload: body,
-      signatureHeader,
-      secret: config.secret,
-      verifyOptions: config.verifyOptions
-    });
-    if (!result.valid) {
-      return new Response(JSON.stringify({ error: result.error }), {
-        status: 401,
-        headers: { "Content-Type": "application/json" }
-      });
-    }
-    if (!result.payload) {
-      return new Response(JSON.stringify({ error: "Missing payload" }), {
-        status: 400,
-        headers: { "Content-Type": "application/json" }
-      });
-    }
-    const { event, data } = result.payload;
-    const handler = config.handlers[event];
-    if (!handler) {
-      return new Response(JSON.stringify({ received: true, handled: false }), {
-        status: 200,
-        headers: { "Content-Type": "application/json" }
-      });
-    }
-    try {
-      await handler(data);
-      return new Response(JSON.stringify({ received: true, handled: true }), {
-        status: 200,
-        headers: { "Content-Type": "application/json" }
-      });
-    } catch (error) {
-      return new Response(
-        JSON.stringify({
-          error: "Handler failed",
-          message: error instanceof Error ? error.message : "Unknown error"
-        }),
-        {
-          status: 500,
-          headers: { "Content-Type": "application/json" }
-        }
-      );
-    }
-  };
-}
-async function cachedFetch(params) {
-  const { url, headers, fallback, label, revalidate = 60, timeout = 3e3 } = params;
-  try {
-    const controller = new AbortController();
-    const timer = setTimeout(() => controller.abort(), timeout);
-    const response = await fetch(url, {
-      headers,
-      signal: controller.signal,
-      // @ts-expect-error - Next.js extended fetch option
-      next: { revalidate }
-      // Next.js Data Cache with TTL
-    });
-    clearTimeout(timer);
-    if (!response.ok) {
-      console.warn(`[Sylphx] Failed to fetch ${label}:`, response.status);
-      return fallback;
-    }
-    const data = await response.json();
-    return data ?? fallback;
-  } catch (error) {
-    if (error instanceof DOMException && error.name === "AbortError") {
-      console.warn(`[Sylphx] Timeout fetching ${label} (${timeout}ms)`);
-    } else {
-      console.warn(`[Sylphx] Failed to fetch ${label}:`, error);
-    }
-    return fallback;
-  }
-}
-function sanitizeOptions(options) {
-  const secretKey = validateAndSanitizeSecretKey(options.secretKey);
-  let platformUrl;
-  if (options.platformUrl) {
-    platformUrl = options.platformUrl.trim();
-  } else {
-    const parts = secretKey.split("_");
-    const ref = parts.length === 4 ? parts[2] : null;
-    platformUrl = ref ? `https://${ref}.${DEFAULT_SDK_API_HOST}` : `https://${DEFAULT_SDK_API_HOST}`;
-  }
-  return { ...options, secretKey, platformUrl };
-}
-function sdkHeaders(secretKey) {
-  return { "x-app-secret": secretKey };
-}
-async function getOAuthProviders(options) {
-  const data = await fetchOAuthProviders(options);
-  return (data.providers || []).map((p) => p.id);
-}
-async function getOAuthProvidersWithInfo(options) {
-  const data = await fetchOAuthProviders(options);
-  return data.providers || [];
-}
-async function fetchOAuthProviders(options) {
-  const baseURL = (options.platformUrl ?? `https://${DEFAULT_SDK_API_HOST}`).trim();
-  const appId = validateAndSanitizeAppId(options.appId);
-  return cachedFetch({
-    url: `${baseURL}/api/auth/providers`,
-    headers: { "X-App-Id": appId },
-    fallback: { providers: [] },
-    label: "OAuth providers"
-  });
-}
-async function getPlans(options) {
-  const { secretKey, platformUrl = `https://${DEFAULT_SDK_API_HOST}` } = sanitizeOptions(options);
-  return cachedFetch({
-    url: `${platformUrl}${SDK_API_PATH}/billing/plans`,
-    headers: sdkHeaders(secretKey),
-    fallback: [],
-    label: "plans"
-  });
-}
-async function getConsentTypes(options) {
-  const { secretKey, platformUrl = `https://${DEFAULT_SDK_API_HOST}` } = sanitizeOptions(options);
-  return cachedFetch({
-    url: `${platformUrl}${SDK_API_PATH}/consent/types`,
-    headers: sdkHeaders(secretKey),
-    fallback: [],
-    label: "consent types"
-  });
-}
-async function getFeatureFlags(options) {
-  const { secretKey, platformUrl = `https://${DEFAULT_SDK_API_HOST}` } = sanitizeOptions(options);
-  return cachedFetch({
-    url: `${platformUrl}${SDK_API_PATH}/flags`,
-    headers: sdkHeaders(secretKey),
-    fallback: [],
-    label: "feature flags"
-  });
-}
-async function getAppMetadata(options) {
-  const { secretKey, platformUrl = `https://${DEFAULT_SDK_API_HOST}` } = sanitizeOptions(options);
-  return cachedFetch({
-    url: `${platformUrl}${SDK_API_PATH}/app`,
-    headers: sdkHeaders(secretKey),
-    fallback: { id: "", name: "", slug: "" },
-    label: "app metadata"
-  });
-}
-async function getAppConfig(options) {
-  const { secretKey, appId } = options;
-  const resolvedPlatformUrl = (() => {
-    if (options.platformUrl) return options.platformUrl.trim();
-    const keyForRef = secretKey || appId;
-    const parts = keyForRef?.split("_") ?? [];
-    const ref = parts.length === 4 ? parts[2] : null;
-    return ref ? `https://${ref}.${DEFAULT_SDK_API_HOST}` : `https://${DEFAULT_SDK_API_HOST}`;
-  })();
-  const [plans, consentTypes, oauthProviders, featureFlags, app] = await Promise.all([
-    getPlans({ secretKey, platformUrl: resolvedPlatformUrl }),
-    getConsentTypes({ secretKey, platformUrl: resolvedPlatformUrl }),
-    getOAuthProvidersWithInfo({ appId, platformUrl: resolvedPlatformUrl }),
-    getFeatureFlags({ secretKey, platformUrl: resolvedPlatformUrl }),
-    getAppMetadata({ secretKey, platformUrl: resolvedPlatformUrl })
-  ]);
-  return {
-    plans,
-    consentTypes,
-    oauthProviders,
-    featureFlags,
-    app,
-    fetchedAt: (/* @__PURE__ */ new Date()).toISOString()
-  };
-}
-async function getReferralLeaderboard(options) {
-  const {
-    secretKey,
-    platformUrl = `https://${DEFAULT_SDK_API_HOST}`,
-    limit = 10,
-    period = "all"
-  } = sanitizeOptions(options);
-  const url = new URL(`${platformUrl}${SDK_API_PATH}/referrals/leaderboard`);
-  url.searchParams.set("limit", String(limit));
-  url.searchParams.set("period", period);
-  return cachedFetch({
-    url: url.toString(),
-    headers: sdkHeaders(secretKey),
-    fallback: { entries: [], total: 0, period },
-    label: "referral leaderboard"
-  });
-}
-async function getEngagementLeaderboard(options) {
-  const {
-    secretKey,
-    leaderboardId,
-    platformUrl = `https://${DEFAULT_SDK_API_HOST}`,
-    limit = 10
-  } = sanitizeOptions(options);
-  const url = new URL(
-    `${platformUrl}${SDK_API_PATH}/engagement/leaderboards/${encodeURIComponent(leaderboardId)}`
-  );
-  url.searchParams.set("limit", String(limit));
-  return cachedFetch({
-    url: url.toString(),
-    headers: sdkHeaders(secretKey),
-    fallback: {
-      leaderboardId,
-      entries: [],
-      period: "all",
-      resetTime: null,
-      userEntry: null
-    },
-    label: "engagement leaderboard"
-  });
-}
-async function getDatabaseConnection(options) {
-  const { secretKey, platformUrl = `https://${DEFAULT_SDK_API_HOST}` } = sanitizeOptions(options);
-  try {
-    const response = await fetch(`${platformUrl}${SDK_API_PATH}/database/connection-string`, {
-      headers: sdkHeaders(secretKey),
-      cache: "no-store"
-      // Always fetch fresh connection string
-    });
-    if (!response.ok) {
-      if (response.status === 404) {
-        return null;
-      }
-      if (response.status === 412) {
-        console.warn("[Sylphx] Database not ready:", await response.text());
-        return null;
-      }
-      console.warn("[Sylphx] Failed to fetch database connection:", response.status);
-      return null;
-    }
-    return await response.json();
-  } catch (error) {
-    console.warn("[Sylphx] Failed to fetch database connection:", error);
-    return null;
-  }
-}
-async function getDatabaseStatus(options) {
-  const { secretKey, platformUrl = `https://${DEFAULT_SDK_API_HOST}` } = sanitizeOptions(options);
-  return cachedFetch({
-    url: `${platformUrl}${SDK_API_PATH}/database/status`,
-    headers: sdkHeaders(secretKey),
-    fallback: {
-      status: "not_provisioned",
-      region: null,
-      pgVersion: null,
-      databaseName: null
-    },
-    label: "database status"
-  });
-}
-// Annotate the CommonJS export names for ESM import in node:
-0 && (module.exports = {
-  FunctionsClient,
-  InvalidConnectionUrlError,
-  createAI,
-  createAuthenticatedServerClient,
-  createClient,
-  createKv,
-  createServerClient,
-  createServerRestClient,
-  createStreams,
-  createWebhookHandler,
-  decodeUserId,
-  detectEnvironment,
-  detectKeyType,
-  encodeUserId,
-  getAI,
-  getAppConfig,
-  getAppMetadata,
-  getConsentTypes,
-  getCookieNamespace,
-  getDatabaseConnection,
-  getDatabaseStatus,
-  getEngagementLeaderboard,
-  getFeatureFlags,
-  getJwks,
-  getKv,
-  getOAuthProviders,
-  getOAuthProvidersWithInfo,
-  getPlans,
-  getReferralLeaderboard,
-  getStreams,
-  isAppId,
-  isDevelopmentKey,
-  isDevelopmentRuntime,
-  isProductionKey,
-  isSecretKey,
-  resetJwksCache,
-  validateAndSanitizeAppId,
-  validateAndSanitizeKey,
-  validateAndSanitizeSecretKey,
-  validateAppId,
-  validateKey,
-  validateSecretKey,
-  verifyAccessToken,
-  verifyWebhook
-});
-//# sourceMappingURL=index.js.map