@thebes/cadmus 0.2.1

package/dist/index.cjs

@@ -0,0 +1,60 @@
+Object.defineProperty(exports, Symbol.toStringTag, { value: "Module" });
+const require_auth_index = require("./auth/index.cjs");
+const require_cache_index = require("./cache/index.cjs");
+const require_errors = require("./errors-CW6Lz0AQ.cjs");
+const require_queues_index = require("./queues/index.cjs");
+const require_cms_index = require("./cms/index.cjs");
+const require_db_index = require("./db/index.cjs");
+const require_email_index = require("./email/index.cjs");
+const require_rate_limit_index = require("./rate-limit/index.cjs");
+const require_session_index = require("./session/index.cjs");
+const require_storage_index = require("./storage/index.cjs");
+exports.CadmusAccessDeniedError = require_errors.CadmusAccessDeniedError;
+exports.CadmusApiError = require_errors.CadmusApiError;
+exports.CadmusAuthError = require_errors.CadmusAuthError;
+exports.CadmusCacheError = require_errors.CadmusCacheError;
+exports.CadmusCmsError = require_errors.CadmusCmsError;
+exports.CadmusDbError = require_errors.CadmusDbError;
+exports.CadmusEmailError = require_errors.CadmusEmailError;
+exports.CadmusError = require_errors.CadmusError;
+exports.CadmusQueueError = require_errors.CadmusQueueError;
+exports.CadmusRateLimitError = require_errors.CadmusRateLimitError;
+exports.CadmusSessionError = require_errors.CadmusSessionError;
+exports.CadmusStorageError = require_errors.CadmusStorageError;
+exports.IMAGE_MIME_WHITELIST = require_storage_index.IMAGE_MIME_WHITELIST;
+exports.MAX_IMAGE_UPLOAD_BYTES = require_storage_index.MAX_IMAGE_UPLOAD_BYTES;
+exports.can = require_cms_index.can;
+exports.checkRateLimit = require_rate_limit_index.checkRateLimit;
+exports.cmsConfigToSchema = require_cms_index.cmsConfigToSchema;
+exports.collectionSearchTableName = require_cms_index.collectionSearchTableName;
+exports.collectionSearchTableSQL = require_cms_index.collectionSearchTableSQL;
+exports.collectionToTable = require_cms_index.collectionToTable;
+exports.collectionVersionsTable = require_cms_index.collectionVersionsTable;
+exports.createLocalApi = require_cms_index.createLocalApi;
+exports.createSession = require_session_index.createSession;
+exports.createVersionedLocalApi = require_cms_index.createVersionedLocalApi;
+exports.createWebhookHook = require_cms_index.createWebhookHook;
+exports.db = require_db_index.db;
+exports.defineCmsConfig = require_cms_index.defineCmsConfig;
+exports.defineCollection = require_cms_index.defineCollection;
+exports.deleteSession = require_session_index.deleteSession;
+exports.deliverWebhookMessage = require_cms_index.deliverWebhookMessage;
+exports.enqueue = require_queues_index.enqueue;
+exports.extractSearchText = require_cms_index.extractSearchText;
+exports.flattenDoc = require_cms_index.flattenDoc;
+exports.flattenFields = require_cms_index.flattenFields;
+exports.generateSchemaSource = require_cms_index.generateSchemaSource;
+exports.generateSessionId = require_auth_index.generateSessionId;
+exports.generateToken = require_auth_index.generateToken;
+exports.getCollectionsMeta = require_cms_index.getCollectionsMeta;
+exports.getRegisteredApi = require_cms_index.getRegisteredApi;
+exports.getSession = require_session_index.getSession;
+exports.hashToken = require_auth_index.hashToken;
+exports.nestDoc = require_cms_index.nestDoc;
+exports.processBatch = require_queues_index.processBatch;
+exports.purgeCache = require_cache_index.purgeCache;
+exports.relationshipJoinTables = require_cms_index.relationshipJoinTables;
+exports.sendEmail = require_email_index.sendEmail;
+exports.signSession = require_auth_index.signSession;
+exports.validateImageFile = require_storage_index.validateImageFile;
+exports.verifySession = require_auth_index.verifySession;

package/dist/index.d.cts

@@ -0,0 +1,107 @@
+import { generateSessionId, generateToken, hashToken, signSession, verifySession } from "./auth/index.cjs";
+import { purgeCache } from "./cache/index.cjs";
+import { A as CollectionAccess, B as RelationshipFieldConfig, C as relationshipJoinTables, D as CadmeaPlugin, E as BaseFieldConfig, F as GroupFieldConfig, G as flattenDoc, H as SelectFieldConfig, I as JsonFieldConfig, K as flattenFields, L as JsonValue, M as CollectionHooks, N as DateFieldConfig, O as CheckboxFieldConfig, P as FieldConfig, R as NumberFieldConfig, S as extractSearchText, T as ArrayFieldConfig, U as TextFieldConfig, V as RichTextFieldConfig, W as UploadFieldConfig, _ as cmsConfigToSchema, a as generateSchemaSource, b as collectionToTable, c as CmsRegistry, d as can, f as createLocalApi, g as defineCollection, h as defineCmsConfig, i as deliverWebhookMessage, j as CollectionConfig, k as CmsConfig, l as LocalApi, m as getRegisteredApi, n as WebhookMessage, o as CollectionMeta, p as createVersionedLocalApi, q as nestDoc, r as createWebhookHook, s as getCollectionsMeta, t as WebhookConfig, u as VersionedLocalApi, v as collectionSearchTableName, w as AccessFn, x as collectionVersionsTable, y as collectionSearchTableSQL, z as RelationshipDepth } from "./index-BUrCSGVb.cjs";
+import { db } from "./db/index.cjs";
+import { SendEmailInput, sendEmail } from "./email/index.cjs";
+import { QueueMessageHandler, enqueue, processBatch } from "./queues/index.cjs";
+import { RateLimitResult, checkRateLimit } from "./rate-limit/index.cjs";
+import { createSession, deleteSession, getSession } from "./session/index.cjs";
+import { IMAGE_MIME_WHITELIST, ImageService, MAX_IMAGE_UPLOAD_BYTES, RenderedImage, validateImageFile } from "./storage/index.cjs";
+
+//#region src/errors.d.ts
+declare global {
+  interface ErrorConstructor {
+    captureStackTrace?(targetObject: object, constructorOpt?: Function): void;
+  }
+}
+/**
+ * Base class for all Cadmus errors.
+ * All primitives throw CadmusError or a typed subclass — never a raw Error.
+ *
+ * @example
+ * try {
+ *   await createMagicLink({ kv, email, to })
+ * } catch (e) {
+ *   if (e instanceof CadmusAuthError) {
+ *     // auth-specific handling
+ *   } else if (e instanceof CadmusError) {
+ *     // any cadmus error — e.code tells you which primitive threw
+ *   } else {
+ *     throw e // re-throw unknown errors
+ *   }
+ * }
+ */
+declare class CadmusError extends Error {
+  readonly code: string;
+  readonly cause?: unknown | undefined;
+  constructor(message: string, code: string, cause?: unknown | undefined);
+}
+/** Thrown by @thebes/cadmus/auth primitives */
+declare class CadmusAuthError extends CadmusError {
+  constructor(message: string, cause?: unknown);
+}
+/** Thrown by @thebes/cadmus/db primitives */
+declare class CadmusDbError extends CadmusError {
+  constructor(message: string, cause?: unknown);
+}
+/** Thrown by @thebes/cadmus/storage primitives */
+declare class CadmusStorageError extends CadmusError {
+  constructor(message: string, cause?: unknown);
+}
+/** Thrown by @thebes/cadmus/cache primitives */
+declare class CadmusCacheError extends CadmusError {
+  constructor(message: string, cause?: unknown);
+}
+/** Thrown by @thebes/cadmus/email primitives */
+declare class CadmusEmailError extends CadmusError {
+  constructor(message: string, cause?: unknown);
+}
+/** Thrown by @thebes/cadmus/session primitives */
+declare class CadmusSessionError extends CadmusError {
+  constructor(message: string, cause?: unknown);
+}
+/** Thrown by @thebes/cadmus/rate-limit primitives */
+declare class CadmusRateLimitError extends CadmusError {
+  constructor(message: string, cause?: unknown);
+}
+/** Thrown by @thebes/cadmus/queues primitives */
+declare class CadmusQueueError extends CadmusError {
+  constructor(message: string, cause?: unknown);
+}
+/** Thrown by @thebes/cadmus/cms primitives */
+declare class CadmusCmsError extends CadmusError {
+  constructor(message: string, cause?: unknown);
+}
+/**
+ * Thrown by @thebes/cadmus/cms's createLocalApi when a collection's
+ * `access` function rejects an operation. A distinct subclass (rather than
+ * a plain CadmusCmsError) so consumers like mountCmsRoutes can map it to
+ * 403 by `instanceof`, not by matching on message text.
+ */
+declare class CadmusAccessDeniedError extends CadmusCmsError {
+  constructor(message: string, cause?: unknown);
+}
+/**
+ * Thrown by @thebes/cadmus/hono's `createCmsApiClient` when a request
+ * against a `mountCmsRoutes` surface returns a non-2xx response. Carries
+ * the HTTP status and parsed body so callers can branch on `status`
+ * (e.g. 403 → access denied, 404 → not found) instead of re-parsing
+ * `{ error: string }` response bodies by hand.
+ */
+declare class CadmusApiError extends CadmusError {
+  readonly status: number;
+  readonly body: unknown;
+  constructor(message: string, status: number, body: unknown);
+}
+//#endregion
+//#region src/index.d.ts
+interface CadmusEnv {
+  DB: D1Database;
+  KV: KVNamespace;
+  R2: R2Bucket;
+  EMAIL: SendEmail;
+  SESSION_SECRET: string;
+}
+//#endregion
+export { AccessFn, ArrayFieldConfig, BaseFieldConfig, CadmeaPlugin, CadmusAccessDeniedError, CadmusApiError, CadmusAuthError, CadmusCacheError, CadmusCmsError, CadmusDbError, CadmusEmailError, CadmusEnv, CadmusError, CadmusQueueError, CadmusRateLimitError, CadmusSessionError, CadmusStorageError, CheckboxFieldConfig, CmsConfig, CmsRegistry, CollectionAccess, CollectionConfig, CollectionHooks, CollectionMeta, DateFieldConfig, FieldConfig, GroupFieldConfig, IMAGE_MIME_WHITELIST, ImageService, JsonFieldConfig, JsonValue, LocalApi, MAX_IMAGE_UPLOAD_BYTES, NumberFieldConfig, QueueMessageHandler, RateLimitResult, RelationshipDepth, RelationshipFieldConfig, RenderedImage, RichTextFieldConfig, SelectFieldConfig, SendEmailInput, TextFieldConfig, UploadFieldConfig, VersionedLocalApi, WebhookConfig, WebhookMessage, can, checkRateLimit, cmsConfigToSchema, collectionSearchTableName, collectionSearchTableSQL, collectionToTable, collectionVersionsTable, createLocalApi, createSession, createVersionedLocalApi, createWebhookHook, db, defineCmsConfig, defineCollection, deleteSession, deliverWebhookMessage, enqueue, extractSearchText, flattenDoc, flattenFields, generateSchemaSource, generateSessionId, generateToken, getCollectionsMeta, getRegisteredApi, getSession, hashToken, nestDoc, processBatch, purgeCache, relationshipJoinTables, sendEmail, signSession, validateImageFile, verifySession };
+//# sourceMappingURL=index.d.cts.map

package/dist/index.d.cts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.cts","names":[],"sources":["../src/errors.ts","../src/index.ts"],"mappings":";;;;;;;;;;;QAOQ,MAAA;EAAA,UACI,gBAAA;IAER,iBAAA,EAAmB,YAAA,UAAsB,cAAA,GAAiB,QAAQ;EAAA;AAAA;;;;;;;;;;;;;;;;;;cAqBzD,WAAA,SAAoB,KAAK;EAAA,SAGlB,IAAA;EAAA,SACA,KAAA;cAFhB,OAAA,UACgB,IAAA,UACA,KAAA;AAAA;;cAYP,eAAA,SAAwB,WAAW;cAClC,OAAA,UAAiB,KAAA;AAAA;;cAOlB,aAAA,SAAsB,WAAW;cAChC,OAAA,UAAiB,KAAA;AAAA;;cAOlB,kBAAA,SAA2B,WAAW;cACrC,OAAA,UAAiB,KAAA;AAAA;;cAOlB,gBAAA,SAAyB,WAAW;cACnC,OAAA,UAAiB,KAAA;AAAA;;cAOlB,gBAAA,SAAyB,WAAW;cACnC,OAAA,UAAiB,KAAA;AAAA;AAzB/B;AAAA,cAgCa,kBAAA,SAA2B,WAAW;cACrC,OAAA,UAAiB,KAAA;AAAA;;cAOlB,oBAAA,SAA6B,WAAW;cACvC,OAAA,UAAiB,KAAA;AAAA;;cAOlB,gBAAA,SAAyB,WAAW;cACnC,OAAA,UAAiB,KAAA;AAAA;;cAOlB,cAAA,SAAuB,WAAW;cACjC,OAAA,UAAiB,KAAA;AAAA;;;;AAhDe;AAO9C;;cAqDa,uBAAA,SAAgC,cAAc;cAC7C,OAAA,UAAiB,KAAA;AAAA;;;;;AArDe;AAO9C;;cA2Da,cAAA,SAAuB,WAAW;EAAA,SAG3B,MAAA;EAAA,SACA,IAAA;cAFhB,OAAA,UACgB,MAAA,UACA,IAAA;AAAA;;;UC3HH,SAAA;EACf,EAAA,EAAI,UAAA;EACJ,EAAA,EAAI,WAAA;EACJ,EAAA,EAAI,QAAA;EACJ,KAAA,EAAO,SAAA;EACP,cAAA;AAAA"}

package/dist/index.d.ts

@@ -0,0 +1,107 @@
+import { generateSessionId, generateToken, hashToken, signSession, verifySession } from "./auth/index.js";
+import { purgeCache } from "./cache/index.js";
+import { A as CollectionAccess, B as RelationshipFieldConfig, C as relationshipJoinTables, D as CadmeaPlugin, E as BaseFieldConfig, F as GroupFieldConfig, G as flattenDoc, H as SelectFieldConfig, I as JsonFieldConfig, K as flattenFields, L as JsonValue, M as CollectionHooks, N as DateFieldConfig, O as CheckboxFieldConfig, P as FieldConfig, R as NumberFieldConfig, S as extractSearchText, T as ArrayFieldConfig, U as TextFieldConfig, V as RichTextFieldConfig, W as UploadFieldConfig, _ as cmsConfigToSchema, a as generateSchemaSource, b as collectionToTable, c as CmsRegistry, d as can, f as createLocalApi, g as defineCollection, h as defineCmsConfig, i as deliverWebhookMessage, j as CollectionConfig, k as CmsConfig, l as LocalApi, m as getRegisteredApi, n as WebhookMessage, o as CollectionMeta, p as createVersionedLocalApi, q as nestDoc, r as createWebhookHook, s as getCollectionsMeta, t as WebhookConfig, u as VersionedLocalApi, v as collectionSearchTableName, w as AccessFn, x as collectionVersionsTable, y as collectionSearchTableSQL, z as RelationshipDepth } from "./index-BUrCSGVb.js";
+import { db } from "./db/index.js";
+import { SendEmailInput, sendEmail } from "./email/index.js";
+import { QueueMessageHandler, enqueue, processBatch } from "./queues/index.js";
+import { RateLimitResult, checkRateLimit } from "./rate-limit/index.js";
+import { createSession, deleteSession, getSession } from "./session/index.js";
+import { IMAGE_MIME_WHITELIST, ImageService, MAX_IMAGE_UPLOAD_BYTES, RenderedImage, validateImageFile } from "./storage/index.js";
+
+//#region src/errors.d.ts
+declare global {
+  interface ErrorConstructor {
+    captureStackTrace?(targetObject: object, constructorOpt?: Function): void;
+  }
+}
+/**
+ * Base class for all Cadmus errors.
+ * All primitives throw CadmusError or a typed subclass — never a raw Error.
+ *
+ * @example
+ * try {
+ *   await createMagicLink({ kv, email, to })
+ * } catch (e) {
+ *   if (e instanceof CadmusAuthError) {
+ *     // auth-specific handling
+ *   } else if (e instanceof CadmusError) {
+ *     // any cadmus error — e.code tells you which primitive threw
+ *   } else {
+ *     throw e // re-throw unknown errors
+ *   }
+ * }
+ */
+declare class CadmusError extends Error {
+  readonly code: string;
+  readonly cause?: unknown | undefined;
+  constructor(message: string, code: string, cause?: unknown | undefined);
+}
+/** Thrown by @thebes/cadmus/auth primitives */
+declare class CadmusAuthError extends CadmusError {
+  constructor(message: string, cause?: unknown);
+}
+/** Thrown by @thebes/cadmus/db primitives */
+declare class CadmusDbError extends CadmusError {
+  constructor(message: string, cause?: unknown);
+}
+/** Thrown by @thebes/cadmus/storage primitives */
+declare class CadmusStorageError extends CadmusError {
+  constructor(message: string, cause?: unknown);
+}
+/** Thrown by @thebes/cadmus/cache primitives */
+declare class CadmusCacheError extends CadmusError {
+  constructor(message: string, cause?: unknown);
+}
+/** Thrown by @thebes/cadmus/email primitives */
+declare class CadmusEmailError extends CadmusError {
+  constructor(message: string, cause?: unknown);
+}
+/** Thrown by @thebes/cadmus/session primitives */
+declare class CadmusSessionError extends CadmusError {
+  constructor(message: string, cause?: unknown);
+}
+/** Thrown by @thebes/cadmus/rate-limit primitives */
+declare class CadmusRateLimitError extends CadmusError {
+  constructor(message: string, cause?: unknown);
+}
+/** Thrown by @thebes/cadmus/queues primitives */
+declare class CadmusQueueError extends CadmusError {
+  constructor(message: string, cause?: unknown);
+}
+/** Thrown by @thebes/cadmus/cms primitives */
+declare class CadmusCmsError extends CadmusError {
+  constructor(message: string, cause?: unknown);
+}
+/**
+ * Thrown by @thebes/cadmus/cms's createLocalApi when a collection's
+ * `access` function rejects an operation. A distinct subclass (rather than
+ * a plain CadmusCmsError) so consumers like mountCmsRoutes can map it to
+ * 403 by `instanceof`, not by matching on message text.
+ */
+declare class CadmusAccessDeniedError extends CadmusCmsError {
+  constructor(message: string, cause?: unknown);
+}
+/**
+ * Thrown by @thebes/cadmus/hono's `createCmsApiClient` when a request
+ * against a `mountCmsRoutes` surface returns a non-2xx response. Carries
+ * the HTTP status and parsed body so callers can branch on `status`
+ * (e.g. 403 → access denied, 404 → not found) instead of re-parsing
+ * `{ error: string }` response bodies by hand.
+ */
+declare class CadmusApiError extends CadmusError {
+  readonly status: number;
+  readonly body: unknown;
+  constructor(message: string, status: number, body: unknown);
+}
+//#endregion
+//#region src/index.d.ts
+interface CadmusEnv {
+  DB: D1Database;
+  KV: KVNamespace;
+  R2: R2Bucket;
+  EMAIL: SendEmail;
+  SESSION_SECRET: string;
+}
+//#endregion
+export { AccessFn, ArrayFieldConfig, BaseFieldConfig, CadmeaPlugin, CadmusAccessDeniedError, CadmusApiError, CadmusAuthError, CadmusCacheError, CadmusCmsError, CadmusDbError, CadmusEmailError, CadmusEnv, CadmusError, CadmusQueueError, CadmusRateLimitError, CadmusSessionError, CadmusStorageError, CheckboxFieldConfig, CmsConfig, CmsRegistry, CollectionAccess, CollectionConfig, CollectionHooks, CollectionMeta, DateFieldConfig, FieldConfig, GroupFieldConfig, IMAGE_MIME_WHITELIST, ImageService, JsonFieldConfig, JsonValue, LocalApi, MAX_IMAGE_UPLOAD_BYTES, NumberFieldConfig, QueueMessageHandler, RateLimitResult, RelationshipDepth, RelationshipFieldConfig, RenderedImage, RichTextFieldConfig, SelectFieldConfig, SendEmailInput, TextFieldConfig, UploadFieldConfig, VersionedLocalApi, WebhookConfig, WebhookMessage, can, checkRateLimit, cmsConfigToSchema, collectionSearchTableName, collectionSearchTableSQL, collectionToTable, collectionVersionsTable, createLocalApi, createSession, createVersionedLocalApi, createWebhookHook, db, defineCmsConfig, defineCollection, deleteSession, deliverWebhookMessage, enqueue, extractSearchText, flattenDoc, flattenFields, generateSchemaSource, generateSessionId, generateToken, getCollectionsMeta, getRegisteredApi, getSession, hashToken, nestDoc, processBatch, purgeCache, relationshipJoinTables, sendEmail, signSession, validateImageFile, verifySession };
+//# sourceMappingURL=index.d.ts.map

package/dist/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","names":[],"sources":["../src/errors.ts","../src/index.ts"],"mappings":";;;;;;;;;;;QAOQ,MAAA;EAAA,UACI,gBAAA;IAER,iBAAA,EAAmB,YAAA,UAAsB,cAAA,GAAiB,QAAQ;EAAA;AAAA;;;;;;;;;;;;;;;;;;cAqBzD,WAAA,SAAoB,KAAK;EAAA,SAGlB,IAAA;EAAA,SACA,KAAA;cAFhB,OAAA,UACgB,IAAA,UACA,KAAA;AAAA;;cAYP,eAAA,SAAwB,WAAW;cAClC,OAAA,UAAiB,KAAA;AAAA;;cAOlB,aAAA,SAAsB,WAAW;cAChC,OAAA,UAAiB,KAAA;AAAA;;cAOlB,kBAAA,SAA2B,WAAW;cACrC,OAAA,UAAiB,KAAA;AAAA;;cAOlB,gBAAA,SAAyB,WAAW;cACnC,OAAA,UAAiB,KAAA;AAAA;;cAOlB,gBAAA,SAAyB,WAAW;cACnC,OAAA,UAAiB,KAAA;AAAA;AAzB/B;AAAA,cAgCa,kBAAA,SAA2B,WAAW;cACrC,OAAA,UAAiB,KAAA;AAAA;;cAOlB,oBAAA,SAA6B,WAAW;cACvC,OAAA,UAAiB,KAAA;AAAA;;cAOlB,gBAAA,SAAyB,WAAW;cACnC,OAAA,UAAiB,KAAA;AAAA;;cAOlB,cAAA,SAAuB,WAAW;cACjC,OAAA,UAAiB,KAAA;AAAA;;;;AAhDe;AAO9C;;cAqDa,uBAAA,SAAgC,cAAc;cAC7C,OAAA,UAAiB,KAAA;AAAA;;;;;AArDe;AAO9C;;cA2Da,cAAA,SAAuB,WAAW;EAAA,SAG3B,MAAA;EAAA,SACA,IAAA;cAFhB,OAAA,UACgB,MAAA,UACA,IAAA;AAAA;;;UC3HH,SAAA;EACf,EAAA,EAAI,UAAA;EACJ,EAAA,EAAI,WAAA;EACJ,EAAA,EAAI,QAAA;EACJ,KAAA,EAAO,SAAA;EACP,cAAA;AAAA"}

package/dist/index.js

@@ -0,0 +1,11 @@
+import { generateSessionId, generateToken, hashToken, signSession, verifySession } from "./auth/index.js";
+import { purgeCache } from "./cache/index.js";
+import { a as CadmusCmsError, c as CadmusError, d as CadmusSessionError, f as CadmusStorageError, i as CadmusCacheError, l as CadmusQueueError, n as CadmusApiError, o as CadmusDbError, r as CadmusAuthError, s as CadmusEmailError, t as CadmusAccessDeniedError, u as CadmusRateLimitError } from "./errors-mZIqZJO4.js";
+import { enqueue, processBatch } from "./queues/index.js";
+import { can, cmsConfigToSchema, collectionSearchTableName, collectionSearchTableSQL, collectionToTable, collectionVersionsTable, createLocalApi, createVersionedLocalApi, createWebhookHook, defineCmsConfig, defineCollection, deliverWebhookMessage, extractSearchText, flattenDoc, flattenFields, generateSchemaSource, getCollectionsMeta, getRegisteredApi, nestDoc, relationshipJoinTables } from "./cms/index.js";
+import { db } from "./db/index.js";
+import { sendEmail } from "./email/index.js";
+import { checkRateLimit } from "./rate-limit/index.js";
+import { createSession, deleteSession, getSession } from "./session/index.js";
+import { IMAGE_MIME_WHITELIST, MAX_IMAGE_UPLOAD_BYTES, validateImageFile } from "./storage/index.js";
+export { CadmusAccessDeniedError, CadmusApiError, CadmusAuthError, CadmusCacheError, CadmusCmsError, CadmusDbError, CadmusEmailError, CadmusError, CadmusQueueError, CadmusRateLimitError, CadmusSessionError, CadmusStorageError, IMAGE_MIME_WHITELIST, MAX_IMAGE_UPLOAD_BYTES, can, checkRateLimit, cmsConfigToSchema, collectionSearchTableName, collectionSearchTableSQL, collectionToTable, collectionVersionsTable, createLocalApi, createSession, createVersionedLocalApi, createWebhookHook, db, defineCmsConfig, defineCollection, deleteSession, deliverWebhookMessage, enqueue, extractSearchText, flattenDoc, flattenFields, generateSchemaSource, generateSessionId, generateToken, getCollectionsMeta, getRegisteredApi, getSession, hashToken, nestDoc, processBatch, purgeCache, relationshipJoinTables, sendEmail, signSession, validateImageFile, verifySession };

package/dist/queues/index.cjs

@@ -0,0 +1,31 @@
+Object.defineProperty(exports, Symbol.toStringTag, { value: "Module" });
+const require_errors = require("../errors-CW6Lz0AQ.cjs");
+//#region src/queues/index.ts
+/** Enqueues `message` onto `queue`. Throws CadmusQueueError on failure. */
+async function enqueue(queue, message) {
+	try {
+		await queue.send(message);
+	} catch (cause) {
+		throw new require_errors.CadmusQueueError("Failed to enqueue message", cause);
+	}
+}
+/**
+* Drains a `MessageBatch`, running `handler` once per message. Each
+* message is acked or retried independently — one failing message
+* doesn't block the rest of the batch from acking. Never throws itself;
+* a handler's own errors are caught and turned into a `retry()` so a
+* Worker's `queue()` export can call this directly as its entire body.
+*/
+async function processBatch(batch, handler) {
+	for (const message of batch.messages) try {
+		await handler(message.body, { attempts: message.attempts });
+		message.ack();
+	} catch {
+		message.retry();
+	}
+}
+//#endregion
+exports.enqueue = enqueue;
+exports.processBatch = processBatch;
+
+//# sourceMappingURL=index.cjs.map

package/dist/queues/index.cjs.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.cjs","names":["CadmusQueueError"],"sources":["../../src/queues/index.ts"],"sourcesContent":["// Copyright (c) 2026 BowenLabs. All rights reserved.\n// Cadmus is MIT licensed. See LICENSE in the repo root.\n//\n// @thebes/cadmus/queues\n//\n// Thin wrapper over Cloudflare Queues' `Queue`/`MessageBatch` bindings.\n// Producer side is a single `enqueue()` call; consumer side is a batch\n// runner that acks each message on success and calls `retry()` on\n// failure. Cloudflare Queues — not this module — owns the actual\n// redelivery/backoff schedule and DLQ routing: once a message exceeds the\n// queue's configured `max_retries`, CF routes it to that queue's\n// `dead_letter_queue` automatically (set in wrangler.jsonc, not here).\n\nimport { CadmusQueueError } from \"../errors.js\";\n\n/** Enqueues `message` onto `queue`. Throws CadmusQueueError on failure. */\nexport async function enqueue<T>(queue: Queue<T>, message: T): Promise<void> {\n  try {\n    await queue.send(message);\n  } catch (cause) {\n    throw new CadmusQueueError(\"Failed to enqueue message\", cause);\n  }\n}\n\n/**\n * Called once per message in a batch. Throwing marks that message for\n * retry; returning normally acks it. `attempts` is the 1-indexed delivery\n * count CF Queues reports on the message itself.\n */\nexport type QueueMessageHandler<T> = (\n  message: T,\n  context: { attempts: number },\n) => void | Promise<void>;\n\n/**\n * Drains a `MessageBatch`, running `handler` once per message. Each\n * message is acked or retried independently — one failing message\n * doesn't block the rest of the batch from acking. Never throws itself;\n * a handler's own errors are caught and turned into a `retry()` so a\n * Worker's `queue()` export can call this directly as its entire body.\n */\nexport async function processBatch<T>(\n  batch: MessageBatch<T>,\n  handler: QueueMessageHandler<T>,\n): Promise<void> {\n  for (const message of batch.messages) {\n    try {\n      await handler(message.body, { attempts: message.attempts });\n      message.ack();\n    } catch {\n      message.retry();\n    }\n  }\n}\n"],"mappings":";;;;AAgBA,eAAsB,QAAW,OAAiB,SAA2B;CAC3E,IAAI;EACF,MAAM,MAAM,KAAK,OAAO;CAC1B,SAAS,OAAO;EACd,MAAM,IAAIA,eAAAA,iBAAiB,6BAA6B,KAAK;CAC/D;AACF;;;;;;;;AAmBA,eAAsB,aACpB,OACA,SACe;CACf,KAAK,MAAM,WAAW,MAAM,UAC1B,IAAI;EACF,MAAM,QAAQ,QAAQ,MAAM,EAAE,UAAU,QAAQ,SAAS,CAAC;EAC1D,QAAQ,IAAI;CACd,QAAQ;EACN,QAAQ,MAAM;CAChB;AAEJ"}

package/dist/queues/index.d.cts

@@ -0,0 +1,22 @@
+//#region src/queues/index.d.ts
+/** Enqueues `message` onto `queue`. Throws CadmusQueueError on failure. */
+declare function enqueue<T>(queue: Queue<T>, message: T): Promise<void>;
+/**
+ * Called once per message in a batch. Throwing marks that message for
+ * retry; returning normally acks it. `attempts` is the 1-indexed delivery
+ * count CF Queues reports on the message itself.
+ */
+type QueueMessageHandler<T> = (message: T, context: {
+  attempts: number;
+}) => void | Promise<void>;
+/**
+ * Drains a `MessageBatch`, running `handler` once per message. Each
+ * message is acked or retried independently — one failing message
+ * doesn't block the rest of the batch from acking. Never throws itself;
+ * a handler's own errors are caught and turned into a `retry()` so a
+ * Worker's `queue()` export can call this directly as its entire body.
+ */
+declare function processBatch<T>(batch: MessageBatch<T>, handler: QueueMessageHandler<T>): Promise<void>;
+//#endregion
+export { QueueMessageHandler, enqueue, processBatch };
+//# sourceMappingURL=index.d.cts.map

package/dist/queues/index.d.cts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.cts","names":[],"sources":["../../src/queues/index.ts"],"mappings":";;iBAgBsB,OAAA,IAAW,KAAA,EAAO,KAAA,CAAM,CAAA,GAAI,OAAA,EAAS,CAAA,GAAI,OAAA;;;;;;KAanD,mBAAA,OACV,OAAA,EAAS,CAAA,EACT,OAAA;EAAW,QAAA;AAAA,aACD,OAAO;;;;;;;;iBASG,YAAA,IACpB,KAAA,EAAO,YAAA,CAAa,CAAA,GACpB,OAAA,EAAS,mBAAA,CAAoB,CAAA,IAC5B,OAAA"}

package/dist/queues/index.d.ts

@@ -0,0 +1,22 @@
+//#region src/queues/index.d.ts
+/** Enqueues `message` onto `queue`. Throws CadmusQueueError on failure. */
+declare function enqueue<T>(queue: Queue<T>, message: T): Promise<void>;
+/**
+ * Called once per message in a batch. Throwing marks that message for
+ * retry; returning normally acks it. `attempts` is the 1-indexed delivery
+ * count CF Queues reports on the message itself.
+ */
+type QueueMessageHandler<T> = (message: T, context: {
+  attempts: number;
+}) => void | Promise<void>;
+/**
+ * Drains a `MessageBatch`, running `handler` once per message. Each
+ * message is acked or retried independently — one failing message
+ * doesn't block the rest of the batch from acking. Never throws itself;
+ * a handler's own errors are caught and turned into a `retry()` so a
+ * Worker's `queue()` export can call this directly as its entire body.
+ */
+declare function processBatch<T>(batch: MessageBatch<T>, handler: QueueMessageHandler<T>): Promise<void>;
+//#endregion
+export { QueueMessageHandler, enqueue, processBatch };
+//# sourceMappingURL=index.d.ts.map

package/dist/queues/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","names":[],"sources":["../../src/queues/index.ts"],"mappings":";;iBAgBsB,OAAA,IAAW,KAAA,EAAO,KAAA,CAAM,CAAA,GAAI,OAAA,EAAS,CAAA,GAAI,OAAA;;;;;;KAanD,mBAAA,OACV,OAAA,EAAS,CAAA,EACT,OAAA;EAAW,QAAA;AAAA,aACD,OAAO;;;;;;;;iBASG,YAAA,IACpB,KAAA,EAAO,YAAA,CAAa,CAAA,GACpB,OAAA,EAAS,mBAAA,CAAoB,CAAA,IAC5B,OAAA"}

package/dist/queues/index.js

@@ -0,0 +1,29 @@
+import { l as CadmusQueueError } from "../errors-mZIqZJO4.js";
+//#region src/queues/index.ts
+/** Enqueues `message` onto `queue`. Throws CadmusQueueError on failure. */
+async function enqueue(queue, message) {
+	try {
+		await queue.send(message);
+	} catch (cause) {
+		throw new CadmusQueueError("Failed to enqueue message", cause);
+	}
+}
+/**
+* Drains a `MessageBatch`, running `handler` once per message. Each
+* message is acked or retried independently — one failing message
+* doesn't block the rest of the batch from acking. Never throws itself;
+* a handler's own errors are caught and turned into a `retry()` so a
+* Worker's `queue()` export can call this directly as its entire body.
+*/
+async function processBatch(batch, handler) {
+	for (const message of batch.messages) try {
+		await handler(message.body, { attempts: message.attempts });
+		message.ack();
+	} catch {
+		message.retry();
+	}
+}
+//#endregion
+export { enqueue, processBatch };
+
+//# sourceMappingURL=index.js.map

package/dist/queues/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","names":[],"sources":["../../src/queues/index.ts"],"sourcesContent":["// Copyright (c) 2026 BowenLabs. All rights reserved.\n// Cadmus is MIT licensed. See LICENSE in the repo root.\n//\n// @thebes/cadmus/queues\n//\n// Thin wrapper over Cloudflare Queues' `Queue`/`MessageBatch` bindings.\n// Producer side is a single `enqueue()` call; consumer side is a batch\n// runner that acks each message on success and calls `retry()` on\n// failure. Cloudflare Queues — not this module — owns the actual\n// redelivery/backoff schedule and DLQ routing: once a message exceeds the\n// queue's configured `max_retries`, CF routes it to that queue's\n// `dead_letter_queue` automatically (set in wrangler.jsonc, not here).\n\nimport { CadmusQueueError } from \"../errors.js\";\n\n/** Enqueues `message` onto `queue`. Throws CadmusQueueError on failure. */\nexport async function enqueue<T>(queue: Queue<T>, message: T): Promise<void> {\n  try {\n    await queue.send(message);\n  } catch (cause) {\n    throw new CadmusQueueError(\"Failed to enqueue message\", cause);\n  }\n}\n\n/**\n * Called once per message in a batch. Throwing marks that message for\n * retry; returning normally acks it. `attempts` is the 1-indexed delivery\n * count CF Queues reports on the message itself.\n */\nexport type QueueMessageHandler<T> = (\n  message: T,\n  context: { attempts: number },\n) => void | Promise<void>;\n\n/**\n * Drains a `MessageBatch`, running `handler` once per message. Each\n * message is acked or retried independently — one failing message\n * doesn't block the rest of the batch from acking. Never throws itself;\n * a handler's own errors are caught and turned into a `retry()` so a\n * Worker's `queue()` export can call this directly as its entire body.\n */\nexport async function processBatch<T>(\n  batch: MessageBatch<T>,\n  handler: QueueMessageHandler<T>,\n): Promise<void> {\n  for (const message of batch.messages) {\n    try {\n      await handler(message.body, { attempts: message.attempts });\n      message.ack();\n    } catch {\n      message.retry();\n    }\n  }\n}\n"],"mappings":";;;AAgBA,eAAsB,QAAW,OAAiB,SAA2B;CAC3E,IAAI;EACF,MAAM,MAAM,KAAK,OAAO;CAC1B,SAAS,OAAO;EACd,MAAM,IAAI,iBAAiB,6BAA6B,KAAK;CAC/D;AACF;;;;;;;;AAmBA,eAAsB,aACpB,OACA,SACe;CACf,KAAK,MAAM,WAAW,MAAM,UAC1B,IAAI;EACF,MAAM,QAAQ,QAAQ,MAAM,EAAE,UAAU,QAAQ,SAAS,CAAC;EAC1D,QAAQ,IAAI;CACd,QAAQ;EACN,QAAQ,MAAM;CAChB;AAEJ"}

package/dist/rate-limit/index.cjs

@@ -0,0 +1,38 @@
+Object.defineProperty(exports, Symbol.toStringTag, { value: "Module" });
+const require_errors = require("../errors-CW6Lz0AQ.cjs");
+//#region src/rate-limit/index.ts
+/**
+* Increments the counter for `key` within a fixed `windowSeconds` window,
+* resetting once the window elapses. Returns whether this request is
+* still within `limit`, and how many requests remain in the window.
+*/
+async function checkRateLimit(kv, key, limit, windowSeconds) {
+	let record;
+	try {
+		record = await kv.get(key, "json");
+	} catch (cause) {
+		throw new require_errors.CadmusRateLimitError(`Failed to read rate limit counter "${key}"`, cause);
+	}
+	const now = Date.now();
+	const windowMs = windowSeconds * 1e3;
+	const next = !record || now >= record.resetAt ? {
+		count: 1,
+		resetAt: now + windowMs
+	} : {
+		count: record.count + 1,
+		resetAt: record.resetAt
+	};
+	try {
+		await kv.put(key, JSON.stringify(next), { expirationTtl: Math.max(1, Math.ceil((next.resetAt - now) / 1e3)) });
+	} catch (cause) {
+		throw new require_errors.CadmusRateLimitError(`Failed to write rate limit counter "${key}"`, cause);
+	}
+	return {
+		allowed: next.count <= limit,
+		remaining: Math.max(0, limit - next.count)
+	};
+}
+//#endregion
+exports.checkRateLimit = checkRateLimit;
+
+//# sourceMappingURL=index.cjs.map

package/dist/rate-limit/index.cjs.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.cjs","names":["CadmusRateLimitError"],"sources":["../../src/rate-limit/index.ts"],"sourcesContent":["// Copyright (c) 2026 BowenLabs. All rights reserved.\n// Cadmus is MIT licensed. See LICENSE in the repo root.\n//\n// @thebes/cadmus/rate-limit\n//\n// Fixed-window rate limiter over KV. Best-effort, not atomic — KV has no\n// transactions, so a tight race on the same key can let one or two extra\n// requests through. That's an acceptable tradeoff for the scale this is\n// built for (per-IP/per-email request throttling, not billing-grade\n// metering); a Durable Object would be the answer if exact counts ever\n// mattered.\n\nimport { CadmusRateLimitError } from \"../errors.js\";\n\ninterface RateLimitRecord {\n  count: number;\n  resetAt: number;\n}\n\nexport interface RateLimitResult {\n  allowed: boolean;\n  remaining: number;\n}\n\n/**\n * Increments the counter for `key` within a fixed `windowSeconds` window,\n * resetting once the window elapses. Returns whether this request is\n * still within `limit`, and how many requests remain in the window.\n */\nexport async function checkRateLimit(\n  kv: KVNamespace,\n  key: string,\n  limit: number,\n  windowSeconds: number,\n): Promise<RateLimitResult> {\n  let record: RateLimitRecord | null;\n  try {\n    record = await kv.get<RateLimitRecord>(key, \"json\");\n  } catch (cause) {\n    throw new CadmusRateLimitError(\n      `Failed to read rate limit counter \"${key}\"`,\n      cause,\n    );\n  }\n\n  const now = Date.now();\n  const windowMs = windowSeconds * 1000;\n\n  const next: RateLimitRecord =\n    !record || now >= record.resetAt\n      ? { count: 1, resetAt: now + windowMs }\n      : { count: record.count + 1, resetAt: record.resetAt };\n\n  try {\n    await kv.put(key, JSON.stringify(next), {\n      expirationTtl: Math.max(1, Math.ceil((next.resetAt - now) / 1000)),\n    });\n  } catch (cause) {\n    throw new CadmusRateLimitError(\n      `Failed to write rate limit counter \"${key}\"`,\n      cause,\n    );\n  }\n\n  return {\n    allowed: next.count <= limit,\n    remaining: Math.max(0, limit - next.count),\n  };\n}\n"],"mappings":";;;;;;;;AA6BA,eAAsB,eACpB,IACA,KACA,OACA,eAC0B;CAC1B,IAAI;CACJ,IAAI;EACF,SAAS,MAAM,GAAG,IAAqB,KAAK,MAAM;CACpD,SAAS,OAAO;EACd,MAAM,IAAIA,eAAAA,qBACR,sCAAsC,IAAI,IAC1C,KACF;CACF;CAEA,MAAM,MAAM,KAAK,IAAI;CACrB,MAAM,WAAW,gBAAgB;CAEjC,MAAM,OACJ,CAAC,UAAU,OAAO,OAAO,UACrB;EAAE,OAAO;EAAG,SAAS,MAAM;CAAS,IACpC;EAAE,OAAO,OAAO,QAAQ;EAAG,SAAS,OAAO;CAAQ;CAEzD,IAAI;EACF,MAAM,GAAG,IAAI,KAAK,KAAK,UAAU,IAAI,GAAG,EACtC,eAAe,KAAK,IAAI,GAAG,KAAK,MAAM,KAAK,UAAU,OAAO,GAAI,CAAC,EACnE,CAAC;CACH,SAAS,OAAO;EACd,MAAM,IAAIA,eAAAA,qBACR,uCAAuC,IAAI,IAC3C,KACF;CACF;CAEA,OAAO;EACL,SAAS,KAAK,SAAS;EACvB,WAAW,KAAK,IAAI,GAAG,QAAQ,KAAK,KAAK;CAC3C;AACF"}

package/dist/rate-limit/index.d.cts

@@ -0,0 +1,14 @@
+//#region src/rate-limit/index.d.ts
+interface RateLimitResult {
+  allowed: boolean;
+  remaining: number;
+}
+/**
+ * Increments the counter for `key` within a fixed `windowSeconds` window,
+ * resetting once the window elapses. Returns whether this request is
+ * still within `limit`, and how many requests remain in the window.
+ */
+declare function checkRateLimit(kv: KVNamespace, key: string, limit: number, windowSeconds: number): Promise<RateLimitResult>;
+//#endregion
+export { RateLimitResult, checkRateLimit };
+//# sourceMappingURL=index.d.cts.map

package/dist/rate-limit/index.d.cts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.cts","names":[],"sources":["../../src/rate-limit/index.ts"],"mappings":";UAmBiB,eAAA;EACf,OAAA;EACA,SAAS;AAAA;;AAAA;AAQX;;;iBAAsB,cAAA,CACpB,EAAA,EAAI,WAAA,EACJ,GAAA,UACA,KAAA,UACA,aAAA,WACC,OAAA,CAAQ,eAAA"}

package/dist/rate-limit/index.d.ts

@@ -0,0 +1,14 @@
+//#region src/rate-limit/index.d.ts
+interface RateLimitResult {
+  allowed: boolean;
+  remaining: number;
+}
+/**
+ * Increments the counter for `key` within a fixed `windowSeconds` window,
+ * resetting once the window elapses. Returns whether this request is
+ * still within `limit`, and how many requests remain in the window.
+ */
+declare function checkRateLimit(kv: KVNamespace, key: string, limit: number, windowSeconds: number): Promise<RateLimitResult>;
+//#endregion
+export { RateLimitResult, checkRateLimit };
+//# sourceMappingURL=index.d.ts.map

package/dist/rate-limit/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","names":[],"sources":["../../src/rate-limit/index.ts"],"mappings":";UAmBiB,eAAA;EACf,OAAA;EACA,SAAS;AAAA;;AAAA;AAQX;;;iBAAsB,cAAA,CACpB,EAAA,EAAI,WAAA,EACJ,GAAA,UACA,KAAA,UACA,aAAA,WACC,OAAA,CAAQ,eAAA"}

package/dist/rate-limit/index.js

@@ -0,0 +1,37 @@
+import { u as CadmusRateLimitError } from "../errors-mZIqZJO4.js";
+//#region src/rate-limit/index.ts
+/**
+* Increments the counter for `key` within a fixed `windowSeconds` window,
+* resetting once the window elapses. Returns whether this request is
+* still within `limit`, and how many requests remain in the window.
+*/
+async function checkRateLimit(kv, key, limit, windowSeconds) {
+	let record;
+	try {
+		record = await kv.get(key, "json");
+	} catch (cause) {
+		throw new CadmusRateLimitError(`Failed to read rate limit counter "${key}"`, cause);
+	}
+	const now = Date.now();
+	const windowMs = windowSeconds * 1e3;
+	const next = !record || now >= record.resetAt ? {
+		count: 1,
+		resetAt: now + windowMs
+	} : {
+		count: record.count + 1,
+		resetAt: record.resetAt
+	};
+	try {
+		await kv.put(key, JSON.stringify(next), { expirationTtl: Math.max(1, Math.ceil((next.resetAt - now) / 1e3)) });
+	} catch (cause) {
+		throw new CadmusRateLimitError(`Failed to write rate limit counter "${key}"`, cause);
+	}
+	return {
+		allowed: next.count <= limit,
+		remaining: Math.max(0, limit - next.count)
+	};
+}
+//#endregion
+export { checkRateLimit };
+
+//# sourceMappingURL=index.js.map

package/dist/rate-limit/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","names":[],"sources":["../../src/rate-limit/index.ts"],"sourcesContent":["// Copyright (c) 2026 BowenLabs. All rights reserved.\n// Cadmus is MIT licensed. See LICENSE in the repo root.\n//\n// @thebes/cadmus/rate-limit\n//\n// Fixed-window rate limiter over KV. Best-effort, not atomic — KV has no\n// transactions, so a tight race on the same key can let one or two extra\n// requests through. That's an acceptable tradeoff for the scale this is\n// built for (per-IP/per-email request throttling, not billing-grade\n// metering); a Durable Object would be the answer if exact counts ever\n// mattered.\n\nimport { CadmusRateLimitError } from \"../errors.js\";\n\ninterface RateLimitRecord {\n  count: number;\n  resetAt: number;\n}\n\nexport interface RateLimitResult {\n  allowed: boolean;\n  remaining: number;\n}\n\n/**\n * Increments the counter for `key` within a fixed `windowSeconds` window,\n * resetting once the window elapses. Returns whether this request is\n * still within `limit`, and how many requests remain in the window.\n */\nexport async function checkRateLimit(\n  kv: KVNamespace,\n  key: string,\n  limit: number,\n  windowSeconds: number,\n): Promise<RateLimitResult> {\n  let record: RateLimitRecord | null;\n  try {\n    record = await kv.get<RateLimitRecord>(key, \"json\");\n  } catch (cause) {\n    throw new CadmusRateLimitError(\n      `Failed to read rate limit counter \"${key}\"`,\n      cause,\n    );\n  }\n\n  const now = Date.now();\n  const windowMs = windowSeconds * 1000;\n\n  const next: RateLimitRecord =\n    !record || now >= record.resetAt\n      ? { count: 1, resetAt: now + windowMs }\n      : { count: record.count + 1, resetAt: record.resetAt };\n\n  try {\n    await kv.put(key, JSON.stringify(next), {\n      expirationTtl: Math.max(1, Math.ceil((next.resetAt - now) / 1000)),\n    });\n  } catch (cause) {\n    throw new CadmusRateLimitError(\n      `Failed to write rate limit counter \"${key}\"`,\n      cause,\n    );\n  }\n\n  return {\n    allowed: next.count <= limit,\n    remaining: Math.max(0, limit - next.count),\n  };\n}\n"],"mappings":";;;;;;;AA6BA,eAAsB,eACpB,IACA,KACA,OACA,eAC0B;CAC1B,IAAI;CACJ,IAAI;EACF,SAAS,MAAM,GAAG,IAAqB,KAAK,MAAM;CACpD,SAAS,OAAO;EACd,MAAM,IAAI,qBACR,sCAAsC,IAAI,IAC1C,KACF;CACF;CAEA,MAAM,MAAM,KAAK,IAAI;CACrB,MAAM,WAAW,gBAAgB;CAEjC,MAAM,OACJ,CAAC,UAAU,OAAO,OAAO,UACrB;EAAE,OAAO;EAAG,SAAS,MAAM;CAAS,IACpC;EAAE,OAAO,OAAO,QAAQ;EAAG,SAAS,OAAO;CAAQ;CAEzD,IAAI;EACF,MAAM,GAAG,IAAI,KAAK,KAAK,UAAU,IAAI,GAAG,EACtC,eAAe,KAAK,IAAI,GAAG,KAAK,MAAM,KAAK,UAAU,OAAO,GAAI,CAAC,EACnE,CAAC;CACH,SAAS,OAAO;EACd,MAAM,IAAI,qBACR,uCAAuC,IAAI,IAC3C,KACF;CACF;CAEA,OAAO;EACL,SAAS,KAAK,SAAS;EACvB,WAAW,KAAK,IAAI,GAAG,QAAQ,KAAK,KAAK;CAC3C;AACF"}

package/dist/session/index.cjs

@@ -0,0 +1,48 @@
+Object.defineProperty(exports, Symbol.toStringTag, { value: "Module" });
+const require_errors = require("../errors-CW6Lz0AQ.cjs");
+//#region src/session/index.ts
+const RETRY_ATTEMPTS = 2;
+const RETRY_DELAY_MS = 100;
+function sleep(ms) {
+	return new Promise((resolve) => setTimeout(resolve, ms));
+}
+/** Stores `value` under `key` in KV, JSON-serialized, with a TTL in seconds. */
+async function createSession(kv, key, value, ttlSeconds) {
+	try {
+		await kv.put(key, JSON.stringify(value), { expirationTtl: ttlSeconds });
+	} catch (cause) {
+		throw new require_errors.CadmusSessionError(`Failed to create session "${key}"`, cause);
+	}
+}
+/**
+* Reads and JSON-parses the session at `key`. Retries on a miss (KV's
+* eventual consistency can otherwise produce a false negative right after
+* a write) before returning null.
+*/
+async function getSession(kv, key) {
+	for (let attempt = 0; attempt <= RETRY_ATTEMPTS; attempt++) {
+		let raw;
+		try {
+			raw = await kv.get(key);
+		} catch (cause) {
+			throw new require_errors.CadmusSessionError(`Failed to read session "${key}"`, cause);
+		}
+		if (raw !== null) return JSON.parse(raw);
+		if (attempt < RETRY_ATTEMPTS) await sleep(RETRY_DELAY_MS);
+	}
+	return null;
+}
+/** Deletes the session at `key`. */
+async function deleteSession(kv, key) {
+	try {
+		await kv.delete(key);
+	} catch (cause) {
+		throw new require_errors.CadmusSessionError(`Failed to delete session "${key}"`, cause);
+	}
+}
+//#endregion
+exports.createSession = createSession;
+exports.deleteSession = deleteSession;
+exports.getSession = getSession;
+
+//# sourceMappingURL=index.cjs.map

package/dist/session/index.cjs.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.cjs","names":["CadmusSessionError"],"sources":["../../src/session/index.ts"],"sourcesContent":["// Copyright (c) 2026 BowenLabs. All rights reserved.\n// Cadmus is MIT licensed. See LICENSE in the repo root.\n//\n// @thebes/cadmus/session\n//\n// Thin JSON-over-KV session store. Takes a raw KVNamespace and a caller-\n// chosen key — no \"session:\" prefix or namespace convention baked in,\n// since that's an app-level choice, not a framework one. KV is eventually\n// consistent, so getSession() retries on a miss (a write immediately\n// followed by a read on a different edge location can otherwise see a\n// false negative) before concluding the session genuinely doesn't exist.\n\nimport { CadmusSessionError } from \"../errors.js\";\n\nconst RETRY_ATTEMPTS = 2;\nconst RETRY_DELAY_MS = 100;\n\nfunction sleep(ms: number): Promise<void> {\n  return new Promise((resolve) => setTimeout(resolve, ms));\n}\n\n/** Stores `value` under `key` in KV, JSON-serialized, with a TTL in seconds. */\nexport async function createSession<T>(\n  kv: KVNamespace,\n  key: string,\n  value: T,\n  ttlSeconds: number,\n): Promise<void> {\n  try {\n    await kv.put(key, JSON.stringify(value), { expirationTtl: ttlSeconds });\n  } catch (cause) {\n    throw new CadmusSessionError(`Failed to create session \"${key}\"`, cause);\n  }\n}\n\n/**\n * Reads and JSON-parses the session at `key`. Retries on a miss (KV's\n * eventual consistency can otherwise produce a false negative right after\n * a write) before returning null.\n */\nexport async function getSession<T>(\n  kv: KVNamespace,\n  key: string,\n): Promise<T | null> {\n  for (let attempt = 0; attempt <= RETRY_ATTEMPTS; attempt++) {\n    let raw: string | null;\n    try {\n      raw = await kv.get(key);\n    } catch (cause) {\n      throw new CadmusSessionError(`Failed to read session \"${key}\"`, cause);\n    }\n    if (raw !== null) return JSON.parse(raw) as T;\n    if (attempt < RETRY_ATTEMPTS) await sleep(RETRY_DELAY_MS);\n  }\n  return null;\n}\n\n/** Deletes the session at `key`. */\nexport async function deleteSession(\n  kv: KVNamespace,\n  key: string,\n): Promise<void> {\n  try {\n    await kv.delete(key);\n  } catch (cause) {\n    throw new CadmusSessionError(`Failed to delete session \"${key}\"`, cause);\n  }\n}\n"],"mappings":";;;AAcA,MAAM,iBAAiB;AACvB,MAAM,iBAAiB;AAEvB,SAAS,MAAM,IAA2B;CACxC,OAAO,IAAI,SAAS,YAAY,WAAW,SAAS,EAAE,CAAC;AACzD;;AAGA,eAAsB,cACpB,IACA,KACA,OACA,YACe;CACf,IAAI;EACF,MAAM,GAAG,IAAI,KAAK,KAAK,UAAU,KAAK,GAAG,EAAE,eAAe,WAAW,CAAC;CACxE,SAAS,OAAO;EACd,MAAM,IAAIA,eAAAA,mBAAmB,6BAA6B,IAAI,IAAI,KAAK;CACzE;AACF;;;;;;AAOA,eAAsB,WACpB,IACA,KACmB;CACnB,KAAK,IAAI,UAAU,GAAG,WAAW,gBAAgB,WAAW;EAC1D,IAAI;EACJ,IAAI;GACF,MAAM,MAAM,GAAG,IAAI,GAAG;EACxB,SAAS,OAAO;GACd,MAAM,IAAIA,eAAAA,mBAAmB,2BAA2B,IAAI,IAAI,KAAK;EACvE;EACA,IAAI,QAAQ,MAAM,OAAO,KAAK,MAAM,GAAG;EACvC,IAAI,UAAU,gBAAgB,MAAM,MAAM,cAAc;CAC1D;CACA,OAAO;AACT;;AAGA,eAAsB,cACpB,IACA,KACe;CACf,IAAI;EACF,MAAM,GAAG,OAAO,GAAG;CACrB,SAAS,OAAO;EACd,MAAM,IAAIA,eAAAA,mBAAmB,6BAA6B,IAAI,IAAI,KAAK;CACzE;AACF"}