@veloris/stripe 1.0.0

package/README.md

@@ -0,0 +1,241 @@
+# @veloris/stripe
+
+Veloris Shield + Stripe integration for React and Node.js.
+
+Evaluates every transaction with [Veloris Shield](https://veloris.app) before confirming a Stripe PaymentIntent — blocking fraud before it incurs interchange fees.
+
+## Install
+
+```bash
+npm install @veloris/stripe
+# or
+yarn add @veloris/stripe
+```
+
+## How it works
+
+```
+Browser
+  1. Shield.js collects device fingerprint
+  2. Stripe.js collects card → PaymentMethod
+  3. POST { paymentMethodId, fingerprint } to your backend
+
+Your backend
+  4. POST /shield/evaluate  →  verdict (APPROVE / FLAG / CHALLENGE / DECLINE)
+  5. APPROVE/FLAG  →  confirm Stripe PaymentIntent
+  6. CHALLENGE     →  confirm with request_three_d_secure: 'any'
+  7. DECLINE       →  return error; never charge Stripe
+```
+
+Your secret key (`vsk_…`) stays on the server. The publishable key (`vpk_…`) is safe in the browser.
+
+---
+
+## React usage
+
+### 1. Wrap your checkout with the provider
+
+```tsx
+import { loadStripe } from '@stripe/stripe-js';
+import { Elements } from '@stripe/react-stripe-js';
+import { VelorisStripeProvider } from '@veloris/stripe/react';
+
+const stripePromise = loadStripe('pk_live_…');
+
+export default function App() {
+  const stripe = useStripe(); // or pass the resolved Stripe instance
+
+  return (
+    <Elements stripe={stripePromise}>
+      <StripeInner />
+    </Elements>
+  );
+}
+
+function StripeInner() {
+  const stripe   = useStripe();
+  const elements = useElements();
+
+  if (!stripe || !elements) return null;
+
+  return (
+    <VelorisStripeProvider options={{ publicKey: 'vpk_…', stripe, elements }}>
+      <CheckoutForm />
+    </VelorisStripeProvider>
+  );
+}
+```
+
+### 2. Use the hook in your checkout form
+
+```tsx
+import { useVelorisStripe } from '@veloris/stripe/react';
+import { useStripe, useElements, CardElement } from '@stripe/react-stripe-js';
+
+export function CheckoutForm() {
+  const stripe              = useStripe();
+  const elements            = useElements();
+  const { ready, getPayload } = useVelorisStripe();
+  const [error, setError]   = useState('');
+
+  async function handleSubmit(e: React.FormEvent) {
+    e.preventDefault();
+
+    const [{ fingerprint }, { paymentMethod, error: pmError }] = await Promise.all([
+      getPayload(),
+      stripe!.createPaymentMethod({ type: 'card', card: elements!.getElement(CardElement)! }),
+    ]);
+
+    if (pmError) { setError(pmError.message); return; }
+
+    const res = await fetch('/checkout', {
+      method: 'POST',
+      headers: { 'Content-Type': 'application/json' },
+      body: JSON.stringify({ paymentMethodId: paymentMethod!.id, fingerprint }),
+    });
+
+    const data = await res.json();
+    if (!res.ok) setError(data.error);
+  }
+
+  return (
+    <form onSubmit={handleSubmit}>
+      <CardElement />
+      {error && <p>{error}</p>}
+      <button type="submit" disabled={!ready}>Pay</button>
+    </form>
+  );
+}
+```
+
+### Alternative: useVelorisAutoHook
+
+For a lower-boilerplate option, `useVelorisAutoHook` intercepts the form submit event automatically:
+
+```tsx
+import { useVelorisAutoHook } from '@veloris/stripe/react';
+
+function CheckoutForm() {
+  const formRef = useRef<HTMLFormElement>(null);
+
+  useVelorisAutoHook({
+    formRef,
+    handler: async ({ paymentMethodId, fingerprint }) => {
+      await fetch('/checkout', {
+        method: 'POST',
+        headers: { 'Content-Type': 'application/json' },
+        body: JSON.stringify({ paymentMethodId, fingerprint }),
+      });
+    },
+  });
+
+  return (
+    <form ref={formRef}>
+      <CardElement />
+      <button type="submit">Pay</button>
+    </form>
+  );
+}
+```
+
+---
+
+## Vanilla JS / Next.js (no provider)
+
+```ts
+import { VelorisStripe } from '@veloris/stripe';
+
+const veloris = new VelorisStripe({
+  publicKey: 'vpk_…',
+  stripe,      // Stripe instance
+  elements,    // Stripe Elements instance
+});
+
+// Option A: get payload manually
+const { fingerprint } = await veloris.getPayload();
+
+// Option B: hook into form submit automatically
+veloris.autoHook(formEl, async ({ paymentMethodId, fingerprint }) => {
+  await fetch('/checkout', {
+    method: 'POST',
+    body: JSON.stringify({ paymentMethodId, fingerprint }),
+  });
+});
+```
+
+---
+
+## Backend — Node.js example
+
+```js
+const Stripe = require('stripe');
+const axios  = require('axios');
+
+const stripe = Stripe(process.env.STRIPE_SECRET_KEY);
+
+app.post('/checkout', async (req, res) => {
+  const { paymentMethodId, fingerprint, orderId, amount, currency, email } = req.body;
+
+  // 1. Evaluate with Shield
+  const { data } = await axios.post(
+    'https://api.veloris.app/v1/shield/evaluate',
+    {
+      order_id: orderId,
+      amount,
+      currency,
+      customer: { email },
+      device:   { ip_address: req.ip, fingerprint },
+    },
+    { headers: { 'X-Veloris-API-Key': process.env.VELORIS_SECRET_KEY } }
+  );
+
+  if (data.verdict === 'DECLINE') {
+    return res.status(402).json({ error: 'Transaction declined.' });
+  }
+
+  // 2. Confirm with Stripe
+  const intent = await stripe.paymentIntents.create({
+    amount,
+    currency:       currency.toLowerCase(),
+    payment_method: paymentMethodId,
+    confirm:        true,
+    payment_method_options: {
+      card: { request_three_d_secure: data.verdict === 'CHALLENGE' ? 'any' : 'automatic' },
+    },
+    metadata: { veloris_evaluation_id: data.evaluation_id },
+  });
+
+  res.json({ clientSecret: intent.client_secret });
+});
+```
+
+---
+
+## API reference
+
+### `new VelorisStripe(options)`
+
+| Option | Type | Required | Description |
+|---|---|---|---|
+| `publicKey` | `string` | ✓ | Publishable key (`vpk_…`) from your Veloris dashboard |
+| `stripe` | `Stripe` | ✓ | Stripe.js instance |
+| `elements` | `StripeElements` | For `autoHook` | Stripe Elements instance |
+| `onVerdict` | `fn(verdict, evaluationId)` | | Called after each verdict |
+| `debug` | `boolean` | | Log debug info to console |
+
+### `.init()` → `Promise<void>`
+Loads Shield.js and initialises signal collection. Called automatically by `getPayload()`.
+
+### `.getPayload()` → `Promise<{ fingerprint, fp_version }>`
+Returns the device fingerprint. Safe to call multiple times.
+
+### `.autoHook(formEl, handler, billingDetails?)` → `void`
+Intercepts form submit, collects fingerprint + PaymentMethod, calls `handler({ paymentMethodId, fingerprint, fp_version })`.
+
+---
+
+## Links
+
+- [Veloris Dashboard](https://dashboard.veloris.app)
+- [Full documentation](https://veloris.app/docs/stripe)
+- [API reference](https://veloris.app/docs/api)

package/dist/index.cjs

@@ -0,0 +1,2 @@
+"use strict";exports.VelorisStripe=class{constructor(e){if(this.shield=null,this.initPromise=null,!e.publicKey)throw new Error("[VelorisStripe] publicKey is required");if(!e.stripe)throw new Error("[VelorisStripe] stripe instance is required");this.publicKey=e.publicKey,this.stripe=e.stripe,this.elements=e.elements,this.onVerdict=e.onVerdict,this.debug=e.debug??!1}log(...e){this.debug&&console.log("[VelorisStripe]",...e)}init(){return this.initPromise||(this.initPromise=(e="https://dashboard.veloris.app/shield.min.js",new Promise((i,t)=>{if("undefined"==typeof document)return void i();if(document.querySelector(`script[src="${e}"]`))return void i();const r=document.createElement("script");r.src=e,r.onload=()=>i(),r.onerror=()=>t(new Error(`Failed to load ${e}`)),document.head.appendChild(r)})).then(()=>{if(!window.VelorisShield)throw new Error("Shield.js did not load");return this.shield=new window.VelorisShield.VelorisShield({publicKey:this.publicKey}),this.shield.init()}).then(()=>{this.log("ready")})),this.initPromise;var e}async getPayload(){await this.init();try{const e=await this.shield.getAPIPayload(),i={fingerprint:e.fingerprint??null,fp_version:e.fp_version??"0.1.0"};return this.log("payload",i),i}catch(e){return this.log("getPayload error (non-fatal):",e),{fingerprint:null,fp_version:"0.1.0"}}}autoHook(e,i,t){if(!e)throw new Error("[VelorisStripe] autoHook: formEl is required");if(!i)throw new Error("[VelorisStripe] autoHook: handler is required");if(!this.elements)throw new Error("[VelorisStripe] autoHook: pass elements via options.elements");this.init().catch(e=>this.log("init error:",e)),e.addEventListener("submit",r=>{r.preventDefault();const o=e.querySelector("[type=submit]");o&&(o.disabled=!0),Promise.all([this.getPayload(),this.stripe.createPaymentMethod({type:"card",card:this.elements.getElement("card")??this.elements.getElement("cardNumber"),billing_details:t??{}})]).then(([e,t])=>{if(t.error)throw new Error(t.error.message);return i({paymentMethodId:t.paymentMethod.id,fingerprint:e.fingerprint,fp_version:e.fp_version})}).catch(i=>{this.log("autoHook error:",i),o&&(o.disabled=!1),e.dispatchEvent(new CustomEvent("veloris:error",{detail:{message:i.message},bubbles:!0}))})}),this.log("autoHook attached to",e)}};
+//# sourceMappingURL=index.cjs.map

package/dist/index.cjs.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.cjs","sources":["../src/index.ts"],"sourcesContent":["const SHIELD_SDK_URL = 'https://dashboard.veloris.app/shield.min.js';\n\n// ── Types ─────────────────────────────────────────────────────────────────────\n\nexport interface VelorisStripeOptions {\n  /** Publishable key (vpk_…) from your Veloris dashboard */\n  publicKey: string;\n  /** Stripe.js instance returned by loadStripe() or window.Stripe() */\n  stripe: Stripe;\n  /** Stripe Elements instance (required for autoHook) */\n  elements?: StripeElements;\n  /** Called after every evaluation with verdict and evaluation_id */\n  onVerdict?: (verdict: string, evaluationId: string) => void;\n  /** Log debug info to console */\n  debug?: boolean;\n}\n\nexport interface VelorisPayload {\n  fingerprint: string | null;\n  fp_version:  string;\n}\n\nexport interface AutoHookPayload {\n  paymentMethodId: string;\n  fingerprint:     string | null;\n  fp_version:      string;\n}\n\n// Minimal Stripe typings so consumers don't need @stripe/stripe-js as a dep\ninterface Stripe {\n  createPaymentMethod(opts: Record<string, unknown>): Promise<{ paymentMethod?: { id: string }; error?: { message: string } }>;\n}\ninterface StripeElements {\n  getElement(type: string): unknown;\n}\n\n// Shield.js global\ninterface VelorisShieldSDK {\n  new(opts: { publicKey: string }): {\n    init(): Promise<void>;\n    getAPIPayload(): Promise<{ fingerprint?: string; fp_version?: string }>;\n  };\n}\ndeclare global {\n  interface Window {\n    VelorisShield?: { VelorisShield: VelorisShieldSDK };\n  }\n}\n\n// ── Loader ────────────────────────────────────────────────────────────────────\n\nfunction loadScript(src: string): Promise<void> {\n  return new Promise((resolve, reject) => {\n    if (typeof document === 'undefined') { resolve(); return; }\n    if (document.querySelector(`script[src=\"${src}\"]`)) { resolve(); return; }\n    const s       = document.createElement('script');\n    s.src         = src;\n    s.onload      = () => resolve();\n    s.onerror     = () => reject(new Error(`Failed to load ${src}`));\n    document.head.appendChild(s);\n  });\n}\n\n// ── VelorisStripe class ───────────────────────────────────────────────────────\n\nexport class VelorisStripe {\n  private readonly publicKey:  string;\n  private readonly stripe:     Stripe;\n  private readonly elements?:  StripeElements;\n  private readonly onVerdict?: (verdict: string, evaluationId: string) => void;\n  private readonly debug:      boolean;\n\n  private shield:      InstanceType<VelorisShieldSDK> | null = null;\n  private initPromise: Promise<void> | null                  = null;\n\n  constructor(options: VelorisStripeOptions) {\n    if (!options.publicKey) throw new Error('[VelorisStripe] publicKey is required');\n    if (!options.stripe)    throw new Error('[VelorisStripe] stripe instance is required');\n\n    this.publicKey  = options.publicKey;\n    this.stripe     = options.stripe;\n    this.elements   = options.elements;\n    this.onVerdict  = options.onVerdict;\n    this.debug      = options.debug ?? false;\n  }\n\n  private log(...args: unknown[]): void {\n    if (this.debug) console.log('[VelorisStripe]', ...args);\n  }\n\n  /**\n   * Load Shield.js and initialise signal collection.\n   * Safe to call multiple times — returns the same promise.\n   */\n  init(): Promise<void> {\n    if (this.initPromise) return this.initPromise;\n    this.initPromise = loadScript(SHIELD_SDK_URL).then(() => {\n      if (!window.VelorisShield) throw new Error('Shield.js did not load');\n      this.shield = new window.VelorisShield.VelorisShield({ publicKey: this.publicKey });\n      return this.shield.init();\n    }).then(() => {\n      this.log('ready');\n    });\n    return this.initPromise;\n  }\n\n  /**\n   * Returns the device fingerprint payload to send to your backend.\n   * Call this just before submitting the order.\n   */\n  async getPayload(): Promise<VelorisPayload> {\n    await this.init();\n    try {\n      const p = await this.shield!.getAPIPayload();\n      const payload: VelorisPayload = {\n        fingerprint: p.fingerprint ?? null,\n        fp_version:  p.fp_version  ?? '0.1.0',\n      };\n      this.log('payload', payload);\n      return payload;\n    } catch (err) {\n      this.log('getPayload error (non-fatal):', err);\n      return { fingerprint: null, fp_version: '0.1.0' };\n    }\n  }\n\n  /**\n   * Intercepts a checkout form's submit event.\n   * Collects fingerprint and Stripe PaymentMethod in parallel, then calls\n   * handler({ paymentMethodId, fingerprint, fp_version }).\n   *\n   * Your handler should POST to your backend, which calls /shield/evaluate\n   * then confirms the Stripe PaymentIntent.\n   */\n  autoHook(\n    formEl: HTMLFormElement,\n    handler: (payload: AutoHookPayload) => Promise<void>,\n    billingDetails?: Record<string, unknown>,\n  ): void {\n    if (!formEl)    throw new Error('[VelorisStripe] autoHook: formEl is required');\n    if (!handler)   throw new Error('[VelorisStripe] autoHook: handler is required');\n    if (!this.elements) throw new Error('[VelorisStripe] autoHook: pass elements via options.elements');\n\n    // Warm up Shield.js immediately\n    this.init().catch(e => this.log('init error:', e));\n\n    formEl.addEventListener('submit', (e: Event) => {\n      e.preventDefault();\n      const submitBtn = formEl.querySelector<HTMLButtonElement>('[type=submit]');\n      if (submitBtn) submitBtn.disabled = true;\n\n      Promise.all([\n        this.getPayload(),\n        this.stripe.createPaymentMethod({\n          type: 'card',\n          card: this.elements!.getElement('card') ?? this.elements!.getElement('cardNumber'),\n          billing_details: billingDetails ?? {},\n        }),\n      ]).then(([velorisPayload, pmResult]) => {\n        if (pmResult.error) throw new Error(pmResult.error.message);\n        return handler({\n          paymentMethodId: pmResult.paymentMethod!.id,\n          fingerprint:     velorisPayload.fingerprint,\n          fp_version:      velorisPayload.fp_version,\n        });\n      }).catch(err => {\n        this.log('autoHook error:', err);\n        if (submitBtn) submitBtn.disabled = false;\n        formEl.dispatchEvent(\n          new CustomEvent('veloris:error', { detail: { message: (err as Error).message }, bubbles: true })\n        );\n      });\n    });\n\n    this.log('autoHook attached to', formEl);\n  }\n}\n"],"names":["constructor","options","this","shield","initPromise","publicKey","Error","stripe","elements","onVerdict","debug","log","args","console","init","src","Promise","resolve","reject","document","querySelector","s","createElement","onload","onerror","head","appendChild","then","window","VelorisShield","getPayload","p","getAPIPayload","payload","fingerprint","fp_version","err","autoHook","formEl","handler","billingDetails","catch","e","addEventListener","preventDefault","submitBtn","disabled","all","createPaymentMethod","type","card","getElement","billing_details","velorisPayload","pmResult","error","message","paymentMethodId","paymentMethod","id","dispatchEvent","CustomEvent","detail","bubbles"],"mappings":"yCA2EE,WAAAA,CAAYC,GACV,GAJMC,KAAAC,OAAqD,KACrDD,KAAAE,YAAqD,MAGtDH,EAAQI,UAAW,MAAM,IAAIC,MAAM,yCACxC,IAAKL,EAAQM,OAAW,MAAM,IAAID,MAAM,+CAExCJ,KAAKG,UAAaJ,EAAQI,UAC1BH,KAAKK,OAAaN,EAAQM,OAC1BL,KAAKM,SAAaP,EAAQO,SAC1BN,KAAKO,UAAaR,EAAQQ,UAC1BP,KAAKQ,MAAaT,EAAQS,QAAS,CACrC,CAEQ,GAAAC,IAAOC,GACTV,KAAKQ,OAAOG,QAAQF,IAAI,qBAAsBC,EACpD,CAMA,IAAAE,GACE,OAAIZ,KAAKE,cACTF,KAAKE,aA7CWW,EAnDG,8CAoDd,IAAIC,QAAQ,CAACC,EAASC,KAC3B,GAAwB,oBAAbC,SAAuC,YAAXF,IACvC,GAAIE,SAASC,cAAc,eAAeL,OAAuB,YAAXE,IACtD,MAAMI,EAAUF,SAASG,cAAc,UACvCD,EAAEN,IAAcA,EAChBM,EAAEE,OAAc,IAAMN,IACtBI,EAAEG,QAAc,IAAMN,EAAO,IAAIZ,MAAM,kBAAkBS,MACzDI,SAASM,KAAKC,YAAYL,MAqCoBM,KAAK,KACjD,IAAKC,OAAOC,cAAe,MAAM,IAAIvB,MAAM,0BAE3C,OADAJ,KAAKC,OAAS,IAAIyB,OAAOC,cAAcA,cAAc,CAAExB,UAAWH,KAAKG,YAChEH,KAAKC,OAAOW,SAClBa,KAAK,KACNzB,KAAKS,IAAI,YANkBT,KAAKE,YA5CtC,IAAoBW,CAqDlB,CAMA,gBAAMe,SACE5B,KAAKY,OACX,IACE,MAAMiB,QAAU7B,KAAKC,OAAQ6B,gBACvBC,EAA0B,CAC9BC,YAAaH,EAAEG,aAAe,KAC9BC,WAAaJ,EAAEI,YAAe,SAGhC,OADAjC,KAAKS,IAAI,UAAWsB,GACbA,CACT,CAAE,MAAOG,GAEP,OADAlC,KAAKS,IAAI,gCAAiCyB,GACnC,CAAEF,YAAa,KAAMC,WAAY,QAC1C,CACF,CAUA,QAAAE,CACEC,EACAC,EACAC,GAEA,IAAKF,EAAW,MAAM,IAAIhC,MAAM,gDAChC,IAAKiC,EAAW,MAAM,IAAIjC,MAAM,iDAChC,IAAKJ,KAAKM,SAAU,MAAM,IAAIF,MAAM,gEAGpCJ,KAAKY,OAAO2B,MAAMC,GAAKxC,KAAKS,IAAI,cAAe+B,IAE/CJ,EAAOK,iBAAiB,SAAWD,IACjCA,EAAEE,iBACF,MAAMC,EAAYP,EAAOlB,cAAiC,iBACtDyB,IAAWA,EAAUC,UAAW,GAEpC9B,QAAQ+B,IAAI,CACV7C,KAAK4B,aACL5B,KAAKK,OAAOyC,oBAAoB,CAC9BC,KAAM,OACNC,KAAMhD,KAAKM,SAAU2C,WAAW,SAAWjD,KAAKM,SAAU2C,WAAW,cACrEC,gBAAiBZ,GAAkB,CAAA,MAEpCb,KAAK,EAAE0B,EAAgBC,MACxB,GAAIA,EAASC,MAAO,MAAM,IAAIjD,MAAMgD,EAASC,MAAMC,SACnD,OAAOjB,EAAQ,CACbkB,gBAAiBH,EAASI,cAAeC,GACzCzB,YAAiBmB,EAAenB,YAChCC,WAAiBkB,EAAelB,eAEjCM,MAAML,IACPlC,KAAKS,IAAI,kBAAmByB,GACxBS,IAAWA,EAAUC,UAAW,GACpCR,EAAOsB,cACL,IAAIC,YAAY,gBAAiB,CAAEC,OAAQ,CAAEN,QAAUpB,EAAcoB,SAAWO,SAAS,SAK/F7D,KAAKS,IAAI,uBAAwB2B,EACnC"}

package/dist/index.d.ts

@@ -0,0 +1,83 @@
+export interface VelorisStripeOptions {
+    /** Publishable key (vpk_…) from your Veloris dashboard */
+    publicKey: string;
+    /** Stripe.js instance returned by loadStripe() or window.Stripe() */
+    stripe: Stripe;
+    /** Stripe Elements instance (required for autoHook) */
+    elements?: StripeElements;
+    /** Called after every evaluation with verdict and evaluation_id */
+    onVerdict?: (verdict: string, evaluationId: string) => void;
+    /** Log debug info to console */
+    debug?: boolean;
+}
+export interface VelorisPayload {
+    fingerprint: string | null;
+    fp_version: string;
+}
+export interface AutoHookPayload {
+    paymentMethodId: string;
+    fingerprint: string | null;
+    fp_version: string;
+}
+interface Stripe {
+    createPaymentMethod(opts: Record<string, unknown>): Promise<{
+        paymentMethod?: {
+            id: string;
+        };
+        error?: {
+            message: string;
+        };
+    }>;
+}
+interface StripeElements {
+    getElement(type: string): unknown;
+}
+interface VelorisShieldSDK {
+    new (opts: {
+        publicKey: string;
+    }): {
+        init(): Promise<void>;
+        getAPIPayload(): Promise<{
+            fingerprint?: string;
+            fp_version?: string;
+        }>;
+    };
+}
+declare global {
+    interface Window {
+        VelorisShield?: {
+            VelorisShield: VelorisShieldSDK;
+        };
+    }
+}
+export declare class VelorisStripe {
+    private readonly publicKey;
+    private readonly stripe;
+    private readonly elements?;
+    private readonly onVerdict?;
+    private readonly debug;
+    private shield;
+    private initPromise;
+    constructor(options: VelorisStripeOptions);
+    private log;
+    /**
+     * Load Shield.js and initialise signal collection.
+     * Safe to call multiple times — returns the same promise.
+     */
+    init(): Promise<void>;
+    /**
+     * Returns the device fingerprint payload to send to your backend.
+     * Call this just before submitting the order.
+     */
+    getPayload(): Promise<VelorisPayload>;
+    /**
+     * Intercepts a checkout form's submit event.
+     * Collects fingerprint and Stripe PaymentMethod in parallel, then calls
+     * handler({ paymentMethodId, fingerprint, fp_version }).
+     *
+     * Your handler should POST to your backend, which calls /shield/evaluate
+     * then confirms the Stripe PaymentIntent.
+     */
+    autoHook(formEl: HTMLFormElement, handler: (payload: AutoHookPayload) => Promise<void>, billingDetails?: Record<string, unknown>): void;
+}
+export {};

package/dist/index.js

@@ -0,0 +1,2 @@
+class e{constructor(e){if(this.shield=null,this.initPromise=null,!e.publicKey)throw new Error("[VelorisStripe] publicKey is required");if(!e.stripe)throw new Error("[VelorisStripe] stripe instance is required");this.publicKey=e.publicKey,this.stripe=e.stripe,this.elements=e.elements,this.onVerdict=e.onVerdict,this.debug=e.debug??!1}log(...e){this.debug&&console.log("[VelorisStripe]",...e)}init(){return this.initPromise||(this.initPromise=(e="https://dashboard.veloris.app/shield.min.js",new Promise((i,t)=>{if("undefined"==typeof document)return void i();if(document.querySelector(`script[src="${e}"]`))return void i();const r=document.createElement("script");r.src=e,r.onload=()=>i(),r.onerror=()=>t(new Error(`Failed to load ${e}`)),document.head.appendChild(r)})).then(()=>{if(!window.VelorisShield)throw new Error("Shield.js did not load");return this.shield=new window.VelorisShield.VelorisShield({publicKey:this.publicKey}),this.shield.init()}).then(()=>{this.log("ready")})),this.initPromise;var e}async getPayload(){await this.init();try{const e=await this.shield.getAPIPayload(),i={fingerprint:e.fingerprint??null,fp_version:e.fp_version??"0.1.0"};return this.log("payload",i),i}catch(e){return this.log("getPayload error (non-fatal):",e),{fingerprint:null,fp_version:"0.1.0"}}}autoHook(e,i,t){if(!e)throw new Error("[VelorisStripe] autoHook: formEl is required");if(!i)throw new Error("[VelorisStripe] autoHook: handler is required");if(!this.elements)throw new Error("[VelorisStripe] autoHook: pass elements via options.elements");this.init().catch(e=>this.log("init error:",e)),e.addEventListener("submit",r=>{r.preventDefault();const o=e.querySelector("[type=submit]");o&&(o.disabled=!0),Promise.all([this.getPayload(),this.stripe.createPaymentMethod({type:"card",card:this.elements.getElement("card")??this.elements.getElement("cardNumber"),billing_details:t??{}})]).then(([e,t])=>{if(t.error)throw new Error(t.error.message);return i({paymentMethodId:t.paymentMethod.id,fingerprint:e.fingerprint,fp_version:e.fp_version})}).catch(i=>{this.log("autoHook error:",i),o&&(o.disabled=!1),e.dispatchEvent(new CustomEvent("veloris:error",{detail:{message:i.message},bubbles:!0}))})}),this.log("autoHook attached to",e)}}export{e as VelorisStripe};
+//# sourceMappingURL=index.js.map

package/dist/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sources":["../src/index.ts"],"sourcesContent":["const SHIELD_SDK_URL = 'https://dashboard.veloris.app/shield.min.js';\n\n// ── Types ─────────────────────────────────────────────────────────────────────\n\nexport interface VelorisStripeOptions {\n  /** Publishable key (vpk_…) from your Veloris dashboard */\n  publicKey: string;\n  /** Stripe.js instance returned by loadStripe() or window.Stripe() */\n  stripe: Stripe;\n  /** Stripe Elements instance (required for autoHook) */\n  elements?: StripeElements;\n  /** Called after every evaluation with verdict and evaluation_id */\n  onVerdict?: (verdict: string, evaluationId: string) => void;\n  /** Log debug info to console */\n  debug?: boolean;\n}\n\nexport interface VelorisPayload {\n  fingerprint: string | null;\n  fp_version:  string;\n}\n\nexport interface AutoHookPayload {\n  paymentMethodId: string;\n  fingerprint:     string | null;\n  fp_version:      string;\n}\n\n// Minimal Stripe typings so consumers don't need @stripe/stripe-js as a dep\ninterface Stripe {\n  createPaymentMethod(opts: Record<string, unknown>): Promise<{ paymentMethod?: { id: string }; error?: { message: string } }>;\n}\ninterface StripeElements {\n  getElement(type: string): unknown;\n}\n\n// Shield.js global\ninterface VelorisShieldSDK {\n  new(opts: { publicKey: string }): {\n    init(): Promise<void>;\n    getAPIPayload(): Promise<{ fingerprint?: string; fp_version?: string }>;\n  };\n}\ndeclare global {\n  interface Window {\n    VelorisShield?: { VelorisShield: VelorisShieldSDK };\n  }\n}\n\n// ── Loader ────────────────────────────────────────────────────────────────────\n\nfunction loadScript(src: string): Promise<void> {\n  return new Promise((resolve, reject) => {\n    if (typeof document === 'undefined') { resolve(); return; }\n    if (document.querySelector(`script[src=\"${src}\"]`)) { resolve(); return; }\n    const s       = document.createElement('script');\n    s.src         = src;\n    s.onload      = () => resolve();\n    s.onerror     = () => reject(new Error(`Failed to load ${src}`));\n    document.head.appendChild(s);\n  });\n}\n\n// ── VelorisStripe class ───────────────────────────────────────────────────────\n\nexport class VelorisStripe {\n  private readonly publicKey:  string;\n  private readonly stripe:     Stripe;\n  private readonly elements?:  StripeElements;\n  private readonly onVerdict?: (verdict: string, evaluationId: string) => void;\n  private readonly debug:      boolean;\n\n  private shield:      InstanceType<VelorisShieldSDK> | null = null;\n  private initPromise: Promise<void> | null                  = null;\n\n  constructor(options: VelorisStripeOptions) {\n    if (!options.publicKey) throw new Error('[VelorisStripe] publicKey is required');\n    if (!options.stripe)    throw new Error('[VelorisStripe] stripe instance is required');\n\n    this.publicKey  = options.publicKey;\n    this.stripe     = options.stripe;\n    this.elements   = options.elements;\n    this.onVerdict  = options.onVerdict;\n    this.debug      = options.debug ?? false;\n  }\n\n  private log(...args: unknown[]): void {\n    if (this.debug) console.log('[VelorisStripe]', ...args);\n  }\n\n  /**\n   * Load Shield.js and initialise signal collection.\n   * Safe to call multiple times — returns the same promise.\n   */\n  init(): Promise<void> {\n    if (this.initPromise) return this.initPromise;\n    this.initPromise = loadScript(SHIELD_SDK_URL).then(() => {\n      if (!window.VelorisShield) throw new Error('Shield.js did not load');\n      this.shield = new window.VelorisShield.VelorisShield({ publicKey: this.publicKey });\n      return this.shield.init();\n    }).then(() => {\n      this.log('ready');\n    });\n    return this.initPromise;\n  }\n\n  /**\n   * Returns the device fingerprint payload to send to your backend.\n   * Call this just before submitting the order.\n   */\n  async getPayload(): Promise<VelorisPayload> {\n    await this.init();\n    try {\n      const p = await this.shield!.getAPIPayload();\n      const payload: VelorisPayload = {\n        fingerprint: p.fingerprint ?? null,\n        fp_version:  p.fp_version  ?? '0.1.0',\n      };\n      this.log('payload', payload);\n      return payload;\n    } catch (err) {\n      this.log('getPayload error (non-fatal):', err);\n      return { fingerprint: null, fp_version: '0.1.0' };\n    }\n  }\n\n  /**\n   * Intercepts a checkout form's submit event.\n   * Collects fingerprint and Stripe PaymentMethod in parallel, then calls\n   * handler({ paymentMethodId, fingerprint, fp_version }).\n   *\n   * Your handler should POST to your backend, which calls /shield/evaluate\n   * then confirms the Stripe PaymentIntent.\n   */\n  autoHook(\n    formEl: HTMLFormElement,\n    handler: (payload: AutoHookPayload) => Promise<void>,\n    billingDetails?: Record<string, unknown>,\n  ): void {\n    if (!formEl)    throw new Error('[VelorisStripe] autoHook: formEl is required');\n    if (!handler)   throw new Error('[VelorisStripe] autoHook: handler is required');\n    if (!this.elements) throw new Error('[VelorisStripe] autoHook: pass elements via options.elements');\n\n    // Warm up Shield.js immediately\n    this.init().catch(e => this.log('init error:', e));\n\n    formEl.addEventListener('submit', (e: Event) => {\n      e.preventDefault();\n      const submitBtn = formEl.querySelector<HTMLButtonElement>('[type=submit]');\n      if (submitBtn) submitBtn.disabled = true;\n\n      Promise.all([\n        this.getPayload(),\n        this.stripe.createPaymentMethod({\n          type: 'card',\n          card: this.elements!.getElement('card') ?? this.elements!.getElement('cardNumber'),\n          billing_details: billingDetails ?? {},\n        }),\n      ]).then(([velorisPayload, pmResult]) => {\n        if (pmResult.error) throw new Error(pmResult.error.message);\n        return handler({\n          paymentMethodId: pmResult.paymentMethod!.id,\n          fingerprint:     velorisPayload.fingerprint,\n          fp_version:      velorisPayload.fp_version,\n        });\n      }).catch(err => {\n        this.log('autoHook error:', err);\n        if (submitBtn) submitBtn.disabled = false;\n        formEl.dispatchEvent(\n          new CustomEvent('veloris:error', { detail: { message: (err as Error).message }, bubbles: true })\n        );\n      });\n    });\n\n    this.log('autoHook attached to', formEl);\n  }\n}\n"],"names":["VelorisStripe","constructor","options","this","shield","initPromise","publicKey","Error","stripe","elements","onVerdict","debug","log","args","console","init","src","Promise","resolve","reject","document","querySelector","s","createElement","onload","onerror","head","appendChild","then","window","VelorisShield","getPayload","p","getAPIPayload","payload","fingerprint","fp_version","err","autoHook","formEl","handler","billingDetails","catch","e","addEventListener","preventDefault","submitBtn","disabled","all","createPaymentMethod","type","card","getElement","billing_details","velorisPayload","pmResult","error","message","paymentMethodId","paymentMethod","id","dispatchEvent","CustomEvent","detail","bubbles"],"mappings":"MAiEaA,EAUX,WAAAC,CAAYC,GACV,GAJMC,KAAAC,OAAqD,KACrDD,KAAAE,YAAqD,MAGtDH,EAAQI,UAAW,MAAM,IAAIC,MAAM,yCACxC,IAAKL,EAAQM,OAAW,MAAM,IAAID,MAAM,+CAExCJ,KAAKG,UAAaJ,EAAQI,UAC1BH,KAAKK,OAAaN,EAAQM,OAC1BL,KAAKM,SAAaP,EAAQO,SAC1BN,KAAKO,UAAaR,EAAQQ,UAC1BP,KAAKQ,MAAaT,EAAQS,QAAS,CACrC,CAEQ,GAAAC,IAAOC,GACTV,KAAKQ,OAAOG,QAAQF,IAAI,qBAAsBC,EACpD,CAMA,IAAAE,GACE,OAAIZ,KAAKE,cACTF,KAAKE,aA7CWW,EAnDG,8CAoDd,IAAIC,QAAQ,CAACC,EAASC,KAC3B,GAAwB,oBAAbC,SAAuC,YAAXF,IACvC,GAAIE,SAASC,cAAc,eAAeL,OAAuB,YAAXE,IACtD,MAAMI,EAAUF,SAASG,cAAc,UACvCD,EAAEN,IAAcA,EAChBM,EAAEE,OAAc,IAAMN,IACtBI,EAAEG,QAAc,IAAMN,EAAO,IAAIZ,MAAM,kBAAkBS,MACzDI,SAASM,KAAKC,YAAYL,MAqCoBM,KAAK,KACjD,IAAKC,OAAOC,cAAe,MAAM,IAAIvB,MAAM,0BAE3C,OADAJ,KAAKC,OAAS,IAAIyB,OAAOC,cAAcA,cAAc,CAAExB,UAAWH,KAAKG,YAChEH,KAAKC,OAAOW,SAClBa,KAAK,KACNzB,KAAKS,IAAI,YANkBT,KAAKE,YA5CtC,IAAoBW,CAqDlB,CAMA,gBAAMe,SACE5B,KAAKY,OACX,IACE,MAAMiB,QAAU7B,KAAKC,OAAQ6B,gBACvBC,EAA0B,CAC9BC,YAAaH,EAAEG,aAAe,KAC9BC,WAAaJ,EAAEI,YAAe,SAGhC,OADAjC,KAAKS,IAAI,UAAWsB,GACbA,CACT,CAAE,MAAOG,GAEP,OADAlC,KAAKS,IAAI,gCAAiCyB,GACnC,CAAEF,YAAa,KAAMC,WAAY,QAC1C,CACF,CAUA,QAAAE,CACEC,EACAC,EACAC,GAEA,IAAKF,EAAW,MAAM,IAAIhC,MAAM,gDAChC,IAAKiC,EAAW,MAAM,IAAIjC,MAAM,iDAChC,IAAKJ,KAAKM,SAAU,MAAM,IAAIF,MAAM,gEAGpCJ,KAAKY,OAAO2B,MAAMC,GAAKxC,KAAKS,IAAI,cAAe+B,IAE/CJ,EAAOK,iBAAiB,SAAWD,IACjCA,EAAEE,iBACF,MAAMC,EAAYP,EAAOlB,cAAiC,iBACtDyB,IAAWA,EAAUC,UAAW,GAEpC9B,QAAQ+B,IAAI,CACV7C,KAAK4B,aACL5B,KAAKK,OAAOyC,oBAAoB,CAC9BC,KAAM,OACNC,KAAMhD,KAAKM,SAAU2C,WAAW,SAAWjD,KAAKM,SAAU2C,WAAW,cACrEC,gBAAiBZ,GAAkB,CAAA,MAEpCb,KAAK,EAAE0B,EAAgBC,MACxB,GAAIA,EAASC,MAAO,MAAM,IAAIjD,MAAMgD,EAASC,MAAMC,SACnD,OAAOjB,EAAQ,CACbkB,gBAAiBH,EAASI,cAAeC,GACzCzB,YAAiBmB,EAAenB,YAChCC,WAAiBkB,EAAelB,eAEjCM,MAAML,IACPlC,KAAKS,IAAI,kBAAmByB,GACxBS,IAAWA,EAAUC,UAAW,GACpCR,EAAOsB,cACL,IAAIC,YAAY,gBAAiB,CAAEC,OAAQ,CAAEN,QAAUpB,EAAcoB,SAAWO,SAAS,SAK/F7D,KAAKS,IAAI,uBAAwB2B,EACnC"}

package/dist/react.cjs

@@ -0,0 +1,2 @@
+"use strict";var e=require("react/jsx-runtime"),t=require("react");class r{constructor(e){if(this.shield=null,this.initPromise=null,!e.publicKey)throw new Error("[VelorisStripe] publicKey is required");if(!e.stripe)throw new Error("[VelorisStripe] stripe instance is required");this.publicKey=e.publicKey,this.stripe=e.stripe,this.elements=e.elements,this.onVerdict=e.onVerdict,this.debug=e.debug??!1}log(...e){this.debug&&console.log("[VelorisStripe]",...e)}init(){return this.initPromise||(this.initPromise=(e="https://dashboard.veloris.app/shield.min.js",new Promise((t,r)=>{if("undefined"==typeof document)return void t();if(document.querySelector(`script[src="${e}"]`))return void t();const i=document.createElement("script");i.src=e,i.onload=()=>t(),i.onerror=()=>r(new Error(`Failed to load ${e}`)),document.head.appendChild(i)})).then(()=>{if(!window.VelorisShield)throw new Error("Shield.js did not load");return this.shield=new window.VelorisShield.VelorisShield({publicKey:this.publicKey}),this.shield.init()}).then(()=>{this.log("ready")})),this.initPromise;var e}async getPayload(){await this.init();try{const e=await this.shield.getAPIPayload(),t={fingerprint:e.fingerprint??null,fp_version:e.fp_version??"0.1.0"};return this.log("payload",t),t}catch(e){return this.log("getPayload error (non-fatal):",e),{fingerprint:null,fp_version:"0.1.0"}}}autoHook(e,t,r){if(!e)throw new Error("[VelorisStripe] autoHook: formEl is required");if(!t)throw new Error("[VelorisStripe] autoHook: handler is required");if(!this.elements)throw new Error("[VelorisStripe] autoHook: pass elements via options.elements");this.init().catch(e=>this.log("init error:",e)),e.addEventListener("submit",i=>{i.preventDefault();const o=e.querySelector("[type=submit]");o&&(o.disabled=!0),Promise.all([this.getPayload(),this.stripe.createPaymentMethod({type:"card",card:this.elements.getElement("card")??this.elements.getElement("cardNumber"),billing_details:r??{}})]).then(([e,r])=>{if(r.error)throw new Error(r.error.message);return t({paymentMethodId:r.paymentMethod.id,fingerprint:e.fingerprint,fp_version:e.fp_version})}).catch(t=>{this.log("autoHook error:",t),o&&(o.disabled=!1),e.dispatchEvent(new CustomEvent("veloris:error",{detail:{message:t.message},bubbles:!0}))})}),this.log("autoHook attached to",e)}}const i=t.createContext({instance:null,ready:!1});exports.VelorisStripe=r,exports.VelorisStripeProvider=function({options:o,children:n}){const[s,l]=t.useState(!1),a=t.useRef(null);return t.useEffect(()=>{const e=new r(o);a.current=e,e.init().then(()=>l(!0)).catch(()=>l(!0))},[]),e.jsx(i.Provider,{value:{instance:a.current,ready:s},children:n})},exports.useVelorisAutoHook=function({formRef:e,handler:r,billingDetails:o}){const{instance:n,ready:s}=t.useContext(i);t.useEffect(()=>{s&&n&&e.current&&n.autoHook(e.current,r,o)},[s,n])},exports.useVelorisStripe=function(){const{instance:e,ready:r}=t.useContext(i);return{ready:r,getPayload:t.useCallback(async()=>e?e.getPayload():{fingerprint:null,fp_version:"0.1.0"},[e]),instance:e}};
+//# sourceMappingURL=react.cjs.map

package/dist/react.cjs.map

@@ -0,0 +1 @@
+{"version":3,"file":"react.cjs","sources":["../src/index.ts","../src/react.tsx"],"sourcesContent":["const SHIELD_SDK_URL = 'https://dashboard.veloris.app/shield.min.js';\n\n// ── Types ─────────────────────────────────────────────────────────────────────\n\nexport interface VelorisStripeOptions {\n  /** Publishable key (vpk_…) from your Veloris dashboard */\n  publicKey: string;\n  /** Stripe.js instance returned by loadStripe() or window.Stripe() */\n  stripe: Stripe;\n  /** Stripe Elements instance (required for autoHook) */\n  elements?: StripeElements;\n  /** Called after every evaluation with verdict and evaluation_id */\n  onVerdict?: (verdict: string, evaluationId: string) => void;\n  /** Log debug info to console */\n  debug?: boolean;\n}\n\nexport interface VelorisPayload {\n  fingerprint: string | null;\n  fp_version:  string;\n}\n\nexport interface AutoHookPayload {\n  paymentMethodId: string;\n  fingerprint:     string | null;\n  fp_version:      string;\n}\n\n// Minimal Stripe typings so consumers don't need @stripe/stripe-js as a dep\ninterface Stripe {\n  createPaymentMethod(opts: Record<string, unknown>): Promise<{ paymentMethod?: { id: string }; error?: { message: string } }>;\n}\ninterface StripeElements {\n  getElement(type: string): unknown;\n}\n\n// Shield.js global\ninterface VelorisShieldSDK {\n  new(opts: { publicKey: string }): {\n    init(): Promise<void>;\n    getAPIPayload(): Promise<{ fingerprint?: string; fp_version?: string }>;\n  };\n}\ndeclare global {\n  interface Window {\n    VelorisShield?: { VelorisShield: VelorisShieldSDK };\n  }\n}\n\n// ── Loader ────────────────────────────────────────────────────────────────────\n\nfunction loadScript(src: string): Promise<void> {\n  return new Promise((resolve, reject) => {\n    if (typeof document === 'undefined') { resolve(); return; }\n    if (document.querySelector(`script[src=\"${src}\"]`)) { resolve(); return; }\n    const s       = document.createElement('script');\n    s.src         = src;\n    s.onload      = () => resolve();\n    s.onerror     = () => reject(new Error(`Failed to load ${src}`));\n    document.head.appendChild(s);\n  });\n}\n\n// ── VelorisStripe class ───────────────────────────────────────────────────────\n\nexport class VelorisStripe {\n  private readonly publicKey:  string;\n  private readonly stripe:     Stripe;\n  private readonly elements?:  StripeElements;\n  private readonly onVerdict?: (verdict: string, evaluationId: string) => void;\n  private readonly debug:      boolean;\n\n  private shield:      InstanceType<VelorisShieldSDK> | null = null;\n  private initPromise: Promise<void> | null                  = null;\n\n  constructor(options: VelorisStripeOptions) {\n    if (!options.publicKey) throw new Error('[VelorisStripe] publicKey is required');\n    if (!options.stripe)    throw new Error('[VelorisStripe] stripe instance is required');\n\n    this.publicKey  = options.publicKey;\n    this.stripe     = options.stripe;\n    this.elements   = options.elements;\n    this.onVerdict  = options.onVerdict;\n    this.debug      = options.debug ?? false;\n  }\n\n  private log(...args: unknown[]): void {\n    if (this.debug) console.log('[VelorisStripe]', ...args);\n  }\n\n  /**\n   * Load Shield.js and initialise signal collection.\n   * Safe to call multiple times — returns the same promise.\n   */\n  init(): Promise<void> {\n    if (this.initPromise) return this.initPromise;\n    this.initPromise = loadScript(SHIELD_SDK_URL).then(() => {\n      if (!window.VelorisShield) throw new Error('Shield.js did not load');\n      this.shield = new window.VelorisShield.VelorisShield({ publicKey: this.publicKey });\n      return this.shield.init();\n    }).then(() => {\n      this.log('ready');\n    });\n    return this.initPromise;\n  }\n\n  /**\n   * Returns the device fingerprint payload to send to your backend.\n   * Call this just before submitting the order.\n   */\n  async getPayload(): Promise<VelorisPayload> {\n    await this.init();\n    try {\n      const p = await this.shield!.getAPIPayload();\n      const payload: VelorisPayload = {\n        fingerprint: p.fingerprint ?? null,\n        fp_version:  p.fp_version  ?? '0.1.0',\n      };\n      this.log('payload', payload);\n      return payload;\n    } catch (err) {\n      this.log('getPayload error (non-fatal):', err);\n      return { fingerprint: null, fp_version: '0.1.0' };\n    }\n  }\n\n  /**\n   * Intercepts a checkout form's submit event.\n   * Collects fingerprint and Stripe PaymentMethod in parallel, then calls\n   * handler({ paymentMethodId, fingerprint, fp_version }).\n   *\n   * Your handler should POST to your backend, which calls /shield/evaluate\n   * then confirms the Stripe PaymentIntent.\n   */\n  autoHook(\n    formEl: HTMLFormElement,\n    handler: (payload: AutoHookPayload) => Promise<void>,\n    billingDetails?: Record<string, unknown>,\n  ): void {\n    if (!formEl)    throw new Error('[VelorisStripe] autoHook: formEl is required');\n    if (!handler)   throw new Error('[VelorisStripe] autoHook: handler is required');\n    if (!this.elements) throw new Error('[VelorisStripe] autoHook: pass elements via options.elements');\n\n    // Warm up Shield.js immediately\n    this.init().catch(e => this.log('init error:', e));\n\n    formEl.addEventListener('submit', (e: Event) => {\n      e.preventDefault();\n      const submitBtn = formEl.querySelector<HTMLButtonElement>('[type=submit]');\n      if (submitBtn) submitBtn.disabled = true;\n\n      Promise.all([\n        this.getPayload(),\n        this.stripe.createPaymentMethod({\n          type: 'card',\n          card: this.elements!.getElement('card') ?? this.elements!.getElement('cardNumber'),\n          billing_details: billingDetails ?? {},\n        }),\n      ]).then(([velorisPayload, pmResult]) => {\n        if (pmResult.error) throw new Error(pmResult.error.message);\n        return handler({\n          paymentMethodId: pmResult.paymentMethod!.id,\n          fingerprint:     velorisPayload.fingerprint,\n          fp_version:      velorisPayload.fp_version,\n        });\n      }).catch(err => {\n        this.log('autoHook error:', err);\n        if (submitBtn) submitBtn.disabled = false;\n        formEl.dispatchEvent(\n          new CustomEvent('veloris:error', { detail: { message: (err as Error).message }, bubbles: true })\n        );\n      });\n    });\n\n    this.log('autoHook attached to', formEl);\n  }\n}\n","import {\n  createContext,\n  useCallback,\n  useContext,\n  useEffect,\n  useRef,\n  useState,\n} from 'react';\nimport type { ReactNode } from 'react';\nimport { VelorisStripe } from './index.js';\nimport type { VelorisStripeOptions, VelorisPayload, AutoHookPayload } from './index.js';\n\n// ── Context ───────────────────────────────────────────────────────────────────\n\ninterface VelorisContextValue {\n  instance: VelorisStripe | null;\n  ready:    boolean;\n}\n\nconst VelorisContext = createContext<VelorisContextValue>({ instance: null, ready: false });\n\n// ── Provider ──────────────────────────────────────────────────────────────────\n\nexport interface VelorisStripeProviderProps {\n  options:  VelorisStripeOptions;\n  children: ReactNode;\n}\n\n/**\n * Wrap your checkout tree with this provider. It initialises Shield.js once\n * and makes the VelorisStripe instance available to child components.\n *\n * @example\n * <VelorisStripeProvider options={{ publicKey: 'vpk_…', stripe }}>\n *   <CheckoutForm />\n * </VelorisStripeProvider>\n */\nexport function VelorisStripeProvider({ options, children }: VelorisStripeProviderProps) {\n  const [ready, setReady]       = useState(false);\n  const instanceRef             = useRef<VelorisStripe | null>(null);\n\n  useEffect(() => {\n    const v = new VelorisStripe(options);\n    instanceRef.current = v;\n    v.init()\n      .then(() => setReady(true))\n      .catch(() => setReady(true)); // fail open\n  // eslint-disable-next-line react-hooks/exhaustive-deps\n  }, []);\n\n  return (\n    <VelorisContext.Provider value={{ instance: instanceRef.current, ready }}>\n      {children}\n    </VelorisContext.Provider>\n  );\n}\n\n// ── useVelorisStripe hook ─────────────────────────────────────────────────────\n\nexport interface UseVelorisStripeReturn {\n  /** True once Shield.js has initialised */\n  ready: boolean;\n  /** Collect fingerprint — call just before submitting the order */\n  getPayload: () => Promise<VelorisPayload>;\n  /** Full VelorisStripe instance (null until mounted) */\n  instance: VelorisStripe | null;\n}\n\n/**\n * Access the Veloris Shield instance inside any component wrapped by\n * VelorisStripeProvider.\n *\n * @example\n * const { ready, getPayload } = useVelorisStripe();\n *\n * async function handleSubmit() {\n *   const { fingerprint } = await getPayload();\n *   const { paymentMethod } = await stripe.createPaymentMethod({ … });\n *   await fetch('/checkout', {\n *     method: 'POST',\n *     body: JSON.stringify({ paymentMethodId: paymentMethod.id, fingerprint }),\n *   });\n * }\n */\nexport function useVelorisStripe(): UseVelorisStripeReturn {\n  const { instance, ready } = useContext(VelorisContext);\n\n  const getPayload = useCallback(async (): Promise<VelorisPayload> => {\n    if (!instance) return { fingerprint: null, fp_version: '0.1.0' };\n    return instance.getPayload();\n  }, [instance]);\n\n  return { ready, getPayload, instance };\n}\n\n// ── useVelorisAutoHook ────────────────────────────────────────────────────────\n\nexport interface UseVelorisAutoHookOptions {\n  formRef:        React.RefObject<HTMLFormElement>;\n  handler:        (payload: AutoHookPayload) => Promise<void>;\n  billingDetails?: Record<string, unknown>;\n}\n\n/**\n * Attach autoHook to a form ref. Runs once when the form mounts and the\n * instance is ready.\n *\n * @example\n * const formRef = useRef<HTMLFormElement>(null);\n * useVelorisAutoHook({ formRef, handler: async ({ paymentMethodId, fingerprint }) => {\n *   await fetch('/checkout', { method: 'POST', body: JSON.stringify({ paymentMethodId, fingerprint }) });\n * }});\n * return <form ref={formRef}>…</form>;\n */\nexport function useVelorisAutoHook({ formRef, handler, billingDetails }: UseVelorisAutoHookOptions): void {\n  const { instance, ready } = useContext(VelorisContext);\n\n  useEffect(() => {\n    if (!ready || !instance || !formRef.current) return;\n    instance.autoHook(formRef.current, handler, billingDetails);\n  // eslint-disable-next-line react-hooks/exhaustive-deps\n  }, [ready, instance]);\n}\n\n// Re-export core for convenience\nexport { VelorisStripe } from './index.js';\nexport type { VelorisStripeOptions, VelorisPayload, AutoHookPayload } from './index.js';\n"],"names":["VelorisStripe","constructor","options","this","shield","initPromise","publicKey","Error","stripe","elements","onVerdict","debug","log","args","console","init","src","Promise","resolve","reject","document","querySelector","s","createElement","onload","onerror","head","appendChild","then","window","VelorisShield","getPayload","p","getAPIPayload","payload","fingerprint","fp_version","err","autoHook","formEl","handler","billingDetails","catch","e","addEventListener","preventDefault","submitBtn","disabled","all","createPaymentMethod","type","card","getElement","billing_details","velorisPayload","pmResult","error","message","paymentMethodId","paymentMethod","id","dispatchEvent","CustomEvent","detail","bubbles","VelorisContext","createContext","instance","ready","children","setReady","useState","instanceRef","useRef","useEffect","v","current","_jsx","Provider","value","formRef","useContext","useCallback","async"],"mappings":"yEAiEaA,EAUX,WAAAC,CAAYC,GACV,GAJMC,KAAAC,OAAqD,KACrDD,KAAAE,YAAqD,MAGtDH,EAAQI,UAAW,MAAM,IAAIC,MAAM,yCACxC,IAAKL,EAAQM,OAAW,MAAM,IAAID,MAAM,+CAExCJ,KAAKG,UAAaJ,EAAQI,UAC1BH,KAAKK,OAAaN,EAAQM,OAC1BL,KAAKM,SAAaP,EAAQO,SAC1BN,KAAKO,UAAaR,EAAQQ,UAC1BP,KAAKQ,MAAaT,EAAQS,QAAS,CACrC,CAEQ,GAAAC,IAAOC,GACTV,KAAKQ,OAAOG,QAAQF,IAAI,qBAAsBC,EACpD,CAMA,IAAAE,GACE,OAAIZ,KAAKE,cACTF,KAAKE,aA7CWW,EAnDG,8CAoDd,IAAIC,QAAQ,CAACC,EAASC,KAC3B,GAAwB,oBAAbC,SAAuC,YAAXF,IACvC,GAAIE,SAASC,cAAc,eAAeL,OAAuB,YAAXE,IACtD,MAAMI,EAAUF,SAASG,cAAc,UACvCD,EAAEN,IAAcA,EAChBM,EAAEE,OAAc,IAAMN,IACtBI,EAAEG,QAAc,IAAMN,EAAO,IAAIZ,MAAM,kBAAkBS,MACzDI,SAASM,KAAKC,YAAYL,MAqCoBM,KAAK,KACjD,IAAKC,OAAOC,cAAe,MAAM,IAAIvB,MAAM,0BAE3C,OADAJ,KAAKC,OAAS,IAAIyB,OAAOC,cAAcA,cAAc,CAAExB,UAAWH,KAAKG,YAChEH,KAAKC,OAAOW,SAClBa,KAAK,KACNzB,KAAKS,IAAI,YANkBT,KAAKE,YA5CtC,IAAoBW,CAqDlB,CAMA,gBAAMe,SACE5B,KAAKY,OACX,IACE,MAAMiB,QAAU7B,KAAKC,OAAQ6B,gBACvBC,EAA0B,CAC9BC,YAAaH,EAAEG,aAAe,KAC9BC,WAAaJ,EAAEI,YAAe,SAGhC,OADAjC,KAAKS,IAAI,UAAWsB,GACbA,CACT,CAAE,MAAOG,GAEP,OADAlC,KAAKS,IAAI,gCAAiCyB,GACnC,CAAEF,YAAa,KAAMC,WAAY,QAC1C,CACF,CAUA,QAAAE,CACEC,EACAC,EACAC,GAEA,IAAKF,EAAW,MAAM,IAAIhC,MAAM,gDAChC,IAAKiC,EAAW,MAAM,IAAIjC,MAAM,iDAChC,IAAKJ,KAAKM,SAAU,MAAM,IAAIF,MAAM,gEAGpCJ,KAAKY,OAAO2B,MAAMC,GAAKxC,KAAKS,IAAI,cAAe+B,IAE/CJ,EAAOK,iBAAiB,SAAWD,IACjCA,EAAEE,iBACF,MAAMC,EAAYP,EAAOlB,cAAiC,iBACtDyB,IAAWA,EAAUC,UAAW,GAEpC9B,QAAQ+B,IAAI,CACV7C,KAAK4B,aACL5B,KAAKK,OAAOyC,oBAAoB,CAC9BC,KAAM,OACNC,KAAMhD,KAAKM,SAAU2C,WAAW,SAAWjD,KAAKM,SAAU2C,WAAW,cACrEC,gBAAiBZ,GAAkB,CAAA,MAEpCb,KAAK,EAAE0B,EAAgBC,MACxB,GAAIA,EAASC,MAAO,MAAM,IAAIjD,MAAMgD,EAASC,MAAMC,SACnD,OAAOjB,EAAQ,CACbkB,gBAAiBH,EAASI,cAAeC,GACzCzB,YAAiBmB,EAAenB,YAChCC,WAAiBkB,EAAelB,eAEjCM,MAAML,IACPlC,KAAKS,IAAI,kBAAmByB,GACxBS,IAAWA,EAAUC,UAAW,GACpCR,EAAOsB,cACL,IAAIC,YAAY,gBAAiB,CAAEC,OAAQ,CAAEN,QAAUpB,EAAcoB,SAAWO,SAAS,SAK/F7D,KAAKS,IAAI,uBAAwB2B,EACnC,EC5JF,MAAM0B,EAAiBC,EAAAA,cAAmC,CAAEC,SAAU,KAAMC,OAAO,oEAkB7ClE,QAAEA,EAAOmE,SAAEA,IAC/C,MAAOD,EAAOE,GAAkBC,EAAAA,UAAS,GACnCC,EAA0BC,EAAAA,OAA6B,MAW7D,OATAC,EAAAA,UAAU,KACR,MAAMC,EAAI,IAAI3E,EAAcE,GAC5BsE,EAAYI,QAAUD,EACtBA,EAAE5D,OACCa,KAAK,IAAM0C,GAAS,IACpB5B,MAAM,IAAM4B,GAAS,KAEvB,IAGDO,EAAAA,IAACZ,EAAea,SAAQ,CAACC,MAAO,CAAEZ,SAAUK,EAAYI,QAASR,SAAOC,SACrEA,GAGP,6BA2DM,UAA6BW,QAAEA,EAAOxC,QAAEA,EAAOC,eAAEA,IACrD,MAAM0B,SAAEA,EAAQC,MAAEA,GAAUa,EAAAA,WAAWhB,GAEvCS,EAAAA,UAAU,KACHN,GAAUD,GAAaa,EAAQJ,SACpCT,EAAS7B,SAAS0C,EAAQJ,QAASpC,EAASC,IAE3C,CAAC2B,EAAOD,GACb,sCArCE,MAAMA,SAAEA,EAAQC,MAAEA,GAAUa,EAAAA,WAAWhB,GAOvC,MAAO,CAAEG,QAAOrC,WALGmD,EAAAA,YAAYC,SACxBhB,EACEA,EAASpC,aADM,CAAEI,YAAa,KAAMC,WAAY,SAEtD,CAAC+B,IAEwBA,WAC9B"}

package/dist/react.d.ts

@@ -0,0 +1,61 @@
+import type { ReactNode } from 'react';
+import { VelorisStripe } from './index.js';
+import type { VelorisStripeOptions, VelorisPayload, AutoHookPayload } from './index.js';
+export interface VelorisStripeProviderProps {
+    options: VelorisStripeOptions;
+    children: ReactNode;
+}
+/**
+ * Wrap your checkout tree with this provider. It initialises Shield.js once
+ * and makes the VelorisStripe instance available to child components.
+ *
+ * @example
+ * <VelorisStripeProvider options={{ publicKey: 'vpk_…', stripe }}>
+ *   <CheckoutForm />
+ * </VelorisStripeProvider>
+ */
+export declare function VelorisStripeProvider({ options, children }: VelorisStripeProviderProps): import("react").JSX.Element;
+export interface UseVelorisStripeReturn {
+    /** True once Shield.js has initialised */
+    ready: boolean;
+    /** Collect fingerprint — call just before submitting the order */
+    getPayload: () => Promise<VelorisPayload>;
+    /** Full VelorisStripe instance (null until mounted) */
+    instance: VelorisStripe | null;
+}
+/**
+ * Access the Veloris Shield instance inside any component wrapped by
+ * VelorisStripeProvider.
+ *
+ * @example
+ * const { ready, getPayload } = useVelorisStripe();
+ *
+ * async function handleSubmit() {
+ *   const { fingerprint } = await getPayload();
+ *   const { paymentMethod } = await stripe.createPaymentMethod({ … });
+ *   await fetch('/checkout', {
+ *     method: 'POST',
+ *     body: JSON.stringify({ paymentMethodId: paymentMethod.id, fingerprint }),
+ *   });
+ * }
+ */
+export declare function useVelorisStripe(): UseVelorisStripeReturn;
+export interface UseVelorisAutoHookOptions {
+    formRef: React.RefObject<HTMLFormElement>;
+    handler: (payload: AutoHookPayload) => Promise<void>;
+    billingDetails?: Record<string, unknown>;
+}
+/**
+ * Attach autoHook to a form ref. Runs once when the form mounts and the
+ * instance is ready.
+ *
+ * @example
+ * const formRef = useRef<HTMLFormElement>(null);
+ * useVelorisAutoHook({ formRef, handler: async ({ paymentMethodId, fingerprint }) => {
+ *   await fetch('/checkout', { method: 'POST', body: JSON.stringify({ paymentMethodId, fingerprint }) });
+ * }});
+ * return <form ref={formRef}>…</form>;
+ */
+export declare function useVelorisAutoHook({ formRef, handler, billingDetails }: UseVelorisAutoHookOptions): void;
+export { VelorisStripe } from './index.js';
+export type { VelorisStripeOptions, VelorisPayload, AutoHookPayload } from './index.js';

package/dist/react.js

@@ -0,0 +1,2 @@
+import{jsx as e}from"react/jsx-runtime";import{createContext as t,useState as r,useRef as i,useEffect as n,useContext as o,useCallback as s}from"react";class l{constructor(e){if(this.shield=null,this.initPromise=null,!e.publicKey)throw new Error("[VelorisStripe] publicKey is required");if(!e.stripe)throw new Error("[VelorisStripe] stripe instance is required");this.publicKey=e.publicKey,this.stripe=e.stripe,this.elements=e.elements,this.onVerdict=e.onVerdict,this.debug=e.debug??!1}log(...e){this.debug&&console.log("[VelorisStripe]",...e)}init(){return this.initPromise||(this.initPromise=(e="https://dashboard.veloris.app/shield.min.js",new Promise((t,r)=>{if("undefined"==typeof document)return void t();if(document.querySelector(`script[src="${e}"]`))return void t();const i=document.createElement("script");i.src=e,i.onload=()=>t(),i.onerror=()=>r(new Error(`Failed to load ${e}`)),document.head.appendChild(i)})).then(()=>{if(!window.VelorisShield)throw new Error("Shield.js did not load");return this.shield=new window.VelorisShield.VelorisShield({publicKey:this.publicKey}),this.shield.init()}).then(()=>{this.log("ready")})),this.initPromise;var e}async getPayload(){await this.init();try{const e=await this.shield.getAPIPayload(),t={fingerprint:e.fingerprint??null,fp_version:e.fp_version??"0.1.0"};return this.log("payload",t),t}catch(e){return this.log("getPayload error (non-fatal):",e),{fingerprint:null,fp_version:"0.1.0"}}}autoHook(e,t,r){if(!e)throw new Error("[VelorisStripe] autoHook: formEl is required");if(!t)throw new Error("[VelorisStripe] autoHook: handler is required");if(!this.elements)throw new Error("[VelorisStripe] autoHook: pass elements via options.elements");this.init().catch(e=>this.log("init error:",e)),e.addEventListener("submit",i=>{i.preventDefault();const n=e.querySelector("[type=submit]");n&&(n.disabled=!0),Promise.all([this.getPayload(),this.stripe.createPaymentMethod({type:"card",card:this.elements.getElement("card")??this.elements.getElement("cardNumber"),billing_details:r??{}})]).then(([e,r])=>{if(r.error)throw new Error(r.error.message);return t({paymentMethodId:r.paymentMethod.id,fingerprint:e.fingerprint,fp_version:e.fp_version})}).catch(t=>{this.log("autoHook error:",t),n&&(n.disabled=!1),e.dispatchEvent(new CustomEvent("veloris:error",{detail:{message:t.message},bubbles:!0}))})}),this.log("autoHook attached to",e)}}const a=t({instance:null,ready:!1});function d({options:t,children:o}){const[s,d]=r(!1),c=i(null);return n(()=>{const e=new l(t);c.current=e,e.init().then(()=>d(!0)).catch(()=>d(!0))},[]),e(a.Provider,{value:{instance:c.current,ready:s},children:o})}function c(){const{instance:e,ready:t}=o(a);return{ready:t,getPayload:s(async()=>e?e.getPayload():{fingerprint:null,fp_version:"0.1.0"},[e]),instance:e}}function h({formRef:e,handler:t,billingDetails:r}){const{instance:i,ready:s}=o(a);n(()=>{s&&i&&e.current&&i.autoHook(e.current,t,r)},[s,i])}export{l as VelorisStripe,d as VelorisStripeProvider,h as useVelorisAutoHook,c as useVelorisStripe};
+//# sourceMappingURL=react.js.map

package/dist/react.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"react.js","sources":["../src/index.ts","../src/react.tsx"],"sourcesContent":["const SHIELD_SDK_URL = 'https://dashboard.veloris.app/shield.min.js';\n\n// ── Types ─────────────────────────────────────────────────────────────────────\n\nexport interface VelorisStripeOptions {\n  /** Publishable key (vpk_…) from your Veloris dashboard */\n  publicKey: string;\n  /** Stripe.js instance returned by loadStripe() or window.Stripe() */\n  stripe: Stripe;\n  /** Stripe Elements instance (required for autoHook) */\n  elements?: StripeElements;\n  /** Called after every evaluation with verdict and evaluation_id */\n  onVerdict?: (verdict: string, evaluationId: string) => void;\n  /** Log debug info to console */\n  debug?: boolean;\n}\n\nexport interface VelorisPayload {\n  fingerprint: string | null;\n  fp_version:  string;\n}\n\nexport interface AutoHookPayload {\n  paymentMethodId: string;\n  fingerprint:     string | null;\n  fp_version:      string;\n}\n\n// Minimal Stripe typings so consumers don't need @stripe/stripe-js as a dep\ninterface Stripe {\n  createPaymentMethod(opts: Record<string, unknown>): Promise<{ paymentMethod?: { id: string }; error?: { message: string } }>;\n}\ninterface StripeElements {\n  getElement(type: string): unknown;\n}\n\n// Shield.js global\ninterface VelorisShieldSDK {\n  new(opts: { publicKey: string }): {\n    init(): Promise<void>;\n    getAPIPayload(): Promise<{ fingerprint?: string; fp_version?: string }>;\n  };\n}\ndeclare global {\n  interface Window {\n    VelorisShield?: { VelorisShield: VelorisShieldSDK };\n  }\n}\n\n// ── Loader ────────────────────────────────────────────────────────────────────\n\nfunction loadScript(src: string): Promise<void> {\n  return new Promise((resolve, reject) => {\n    if (typeof document === 'undefined') { resolve(); return; }\n    if (document.querySelector(`script[src=\"${src}\"]`)) { resolve(); return; }\n    const s       = document.createElement('script');\n    s.src         = src;\n    s.onload      = () => resolve();\n    s.onerror     = () => reject(new Error(`Failed to load ${src}`));\n    document.head.appendChild(s);\n  });\n}\n\n// ── VelorisStripe class ───────────────────────────────────────────────────────\n\nexport class VelorisStripe {\n  private readonly publicKey:  string;\n  private readonly stripe:     Stripe;\n  private readonly elements?:  StripeElements;\n  private readonly onVerdict?: (verdict: string, evaluationId: string) => void;\n  private readonly debug:      boolean;\n\n  private shield:      InstanceType<VelorisShieldSDK> | null = null;\n  private initPromise: Promise<void> | null                  = null;\n\n  constructor(options: VelorisStripeOptions) {\n    if (!options.publicKey) throw new Error('[VelorisStripe] publicKey is required');\n    if (!options.stripe)    throw new Error('[VelorisStripe] stripe instance is required');\n\n    this.publicKey  = options.publicKey;\n    this.stripe     = options.stripe;\n    this.elements   = options.elements;\n    this.onVerdict  = options.onVerdict;\n    this.debug      = options.debug ?? false;\n  }\n\n  private log(...args: unknown[]): void {\n    if (this.debug) console.log('[VelorisStripe]', ...args);\n  }\n\n  /**\n   * Load Shield.js and initialise signal collection.\n   * Safe to call multiple times — returns the same promise.\n   */\n  init(): Promise<void> {\n    if (this.initPromise) return this.initPromise;\n    this.initPromise = loadScript(SHIELD_SDK_URL).then(() => {\n      if (!window.VelorisShield) throw new Error('Shield.js did not load');\n      this.shield = new window.VelorisShield.VelorisShield({ publicKey: this.publicKey });\n      return this.shield.init();\n    }).then(() => {\n      this.log('ready');\n    });\n    return this.initPromise;\n  }\n\n  /**\n   * Returns the device fingerprint payload to send to your backend.\n   * Call this just before submitting the order.\n   */\n  async getPayload(): Promise<VelorisPayload> {\n    await this.init();\n    try {\n      const p = await this.shield!.getAPIPayload();\n      const payload: VelorisPayload = {\n        fingerprint: p.fingerprint ?? null,\n        fp_version:  p.fp_version  ?? '0.1.0',\n      };\n      this.log('payload', payload);\n      return payload;\n    } catch (err) {\n      this.log('getPayload error (non-fatal):', err);\n      return { fingerprint: null, fp_version: '0.1.0' };\n    }\n  }\n\n  /**\n   * Intercepts a checkout form's submit event.\n   * Collects fingerprint and Stripe PaymentMethod in parallel, then calls\n   * handler({ paymentMethodId, fingerprint, fp_version }).\n   *\n   * Your handler should POST to your backend, which calls /shield/evaluate\n   * then confirms the Stripe PaymentIntent.\n   */\n  autoHook(\n    formEl: HTMLFormElement,\n    handler: (payload: AutoHookPayload) => Promise<void>,\n    billingDetails?: Record<string, unknown>,\n  ): void {\n    if (!formEl)    throw new Error('[VelorisStripe] autoHook: formEl is required');\n    if (!handler)   throw new Error('[VelorisStripe] autoHook: handler is required');\n    if (!this.elements) throw new Error('[VelorisStripe] autoHook: pass elements via options.elements');\n\n    // Warm up Shield.js immediately\n    this.init().catch(e => this.log('init error:', e));\n\n    formEl.addEventListener('submit', (e: Event) => {\n      e.preventDefault();\n      const submitBtn = formEl.querySelector<HTMLButtonElement>('[type=submit]');\n      if (submitBtn) submitBtn.disabled = true;\n\n      Promise.all([\n        this.getPayload(),\n        this.stripe.createPaymentMethod({\n          type: 'card',\n          card: this.elements!.getElement('card') ?? this.elements!.getElement('cardNumber'),\n          billing_details: billingDetails ?? {},\n        }),\n      ]).then(([velorisPayload, pmResult]) => {\n        if (pmResult.error) throw new Error(pmResult.error.message);\n        return handler({\n          paymentMethodId: pmResult.paymentMethod!.id,\n          fingerprint:     velorisPayload.fingerprint,\n          fp_version:      velorisPayload.fp_version,\n        });\n      }).catch(err => {\n        this.log('autoHook error:', err);\n        if (submitBtn) submitBtn.disabled = false;\n        formEl.dispatchEvent(\n          new CustomEvent('veloris:error', { detail: { message: (err as Error).message }, bubbles: true })\n        );\n      });\n    });\n\n    this.log('autoHook attached to', formEl);\n  }\n}\n","import {\n  createContext,\n  useCallback,\n  useContext,\n  useEffect,\n  useRef,\n  useState,\n} from 'react';\nimport type { ReactNode } from 'react';\nimport { VelorisStripe } from './index.js';\nimport type { VelorisStripeOptions, VelorisPayload, AutoHookPayload } from './index.js';\n\n// ── Context ───────────────────────────────────────────────────────────────────\n\ninterface VelorisContextValue {\n  instance: VelorisStripe | null;\n  ready:    boolean;\n}\n\nconst VelorisContext = createContext<VelorisContextValue>({ instance: null, ready: false });\n\n// ── Provider ──────────────────────────────────────────────────────────────────\n\nexport interface VelorisStripeProviderProps {\n  options:  VelorisStripeOptions;\n  children: ReactNode;\n}\n\n/**\n * Wrap your checkout tree with this provider. It initialises Shield.js once\n * and makes the VelorisStripe instance available to child components.\n *\n * @example\n * <VelorisStripeProvider options={{ publicKey: 'vpk_…', stripe }}>\n *   <CheckoutForm />\n * </VelorisStripeProvider>\n */\nexport function VelorisStripeProvider({ options, children }: VelorisStripeProviderProps) {\n  const [ready, setReady]       = useState(false);\n  const instanceRef             = useRef<VelorisStripe | null>(null);\n\n  useEffect(() => {\n    const v = new VelorisStripe(options);\n    instanceRef.current = v;\n    v.init()\n      .then(() => setReady(true))\n      .catch(() => setReady(true)); // fail open\n  // eslint-disable-next-line react-hooks/exhaustive-deps\n  }, []);\n\n  return (\n    <VelorisContext.Provider value={{ instance: instanceRef.current, ready }}>\n      {children}\n    </VelorisContext.Provider>\n  );\n}\n\n// ── useVelorisStripe hook ─────────────────────────────────────────────────────\n\nexport interface UseVelorisStripeReturn {\n  /** True once Shield.js has initialised */\n  ready: boolean;\n  /** Collect fingerprint — call just before submitting the order */\n  getPayload: () => Promise<VelorisPayload>;\n  /** Full VelorisStripe instance (null until mounted) */\n  instance: VelorisStripe | null;\n}\n\n/**\n * Access the Veloris Shield instance inside any component wrapped by\n * VelorisStripeProvider.\n *\n * @example\n * const { ready, getPayload } = useVelorisStripe();\n *\n * async function handleSubmit() {\n *   const { fingerprint } = await getPayload();\n *   const { paymentMethod } = await stripe.createPaymentMethod({ … });\n *   await fetch('/checkout', {\n *     method: 'POST',\n *     body: JSON.stringify({ paymentMethodId: paymentMethod.id, fingerprint }),\n *   });\n * }\n */\nexport function useVelorisStripe(): UseVelorisStripeReturn {\n  const { instance, ready } = useContext(VelorisContext);\n\n  const getPayload = useCallback(async (): Promise<VelorisPayload> => {\n    if (!instance) return { fingerprint: null, fp_version: '0.1.0' };\n    return instance.getPayload();\n  }, [instance]);\n\n  return { ready, getPayload, instance };\n}\n\n// ── useVelorisAutoHook ────────────────────────────────────────────────────────\n\nexport interface UseVelorisAutoHookOptions {\n  formRef:        React.RefObject<HTMLFormElement>;\n  handler:        (payload: AutoHookPayload) => Promise<void>;\n  billingDetails?: Record<string, unknown>;\n}\n\n/**\n * Attach autoHook to a form ref. Runs once when the form mounts and the\n * instance is ready.\n *\n * @example\n * const formRef = useRef<HTMLFormElement>(null);\n * useVelorisAutoHook({ formRef, handler: async ({ paymentMethodId, fingerprint }) => {\n *   await fetch('/checkout', { method: 'POST', body: JSON.stringify({ paymentMethodId, fingerprint }) });\n * }});\n * return <form ref={formRef}>…</form>;\n */\nexport function useVelorisAutoHook({ formRef, handler, billingDetails }: UseVelorisAutoHookOptions): void {\n  const { instance, ready } = useContext(VelorisContext);\n\n  useEffect(() => {\n    if (!ready || !instance || !formRef.current) return;\n    instance.autoHook(formRef.current, handler, billingDetails);\n  // eslint-disable-next-line react-hooks/exhaustive-deps\n  }, [ready, instance]);\n}\n\n// Re-export core for convenience\nexport { VelorisStripe } from './index.js';\nexport type { VelorisStripeOptions, VelorisPayload, AutoHookPayload } from './index.js';\n"],"names":["VelorisStripe","constructor","options","this","shield","initPromise","publicKey","Error","stripe","elements","onVerdict","debug","log","args","console","init","src","Promise","resolve","reject","document","querySelector","s","createElement","onload","onerror","head","appendChild","then","window","VelorisShield","getPayload","p","getAPIPayload","payload","fingerprint","fp_version","err","autoHook","formEl","handler","billingDetails","catch","e","addEventListener","preventDefault","submitBtn","disabled","all","createPaymentMethod","type","card","getElement","billing_details","velorisPayload","pmResult","error","message","paymentMethodId","paymentMethod","id","dispatchEvent","CustomEvent","detail","bubbles","VelorisContext","createContext","instance","ready","VelorisStripeProvider","children","setReady","useState","instanceRef","useRef","useEffect","v","current","_jsx","Provider","value","useVelorisStripe","useContext","useCallback","async","useVelorisAutoHook","formRef"],"mappings":"8JAiEaA,EAUX,WAAAC,CAAYC,GACV,GAJMC,KAAAC,OAAqD,KACrDD,KAAAE,YAAqD,MAGtDH,EAAQI,UAAW,MAAM,IAAIC,MAAM,yCACxC,IAAKL,EAAQM,OAAW,MAAM,IAAID,MAAM,+CAExCJ,KAAKG,UAAaJ,EAAQI,UAC1BH,KAAKK,OAAaN,EAAQM,OAC1BL,KAAKM,SAAaP,EAAQO,SAC1BN,KAAKO,UAAaR,EAAQQ,UAC1BP,KAAKQ,MAAaT,EAAQS,QAAS,CACrC,CAEQ,GAAAC,IAAOC,GACTV,KAAKQ,OAAOG,QAAQF,IAAI,qBAAsBC,EACpD,CAMA,IAAAE,GACE,OAAIZ,KAAKE,cACTF,KAAKE,aA7CWW,EAnDG,8CAoDd,IAAIC,QAAQ,CAACC,EAASC,KAC3B,GAAwB,oBAAbC,SAAuC,YAAXF,IACvC,GAAIE,SAASC,cAAc,eAAeL,OAAuB,YAAXE,IACtD,MAAMI,EAAUF,SAASG,cAAc,UACvCD,EAAEN,IAAcA,EAChBM,EAAEE,OAAc,IAAMN,IACtBI,EAAEG,QAAc,IAAMN,EAAO,IAAIZ,MAAM,kBAAkBS,MACzDI,SAASM,KAAKC,YAAYL,MAqCoBM,KAAK,KACjD,IAAKC,OAAOC,cAAe,MAAM,IAAIvB,MAAM,0BAE3C,OADAJ,KAAKC,OAAS,IAAIyB,OAAOC,cAAcA,cAAc,CAAExB,UAAWH,KAAKG,YAChEH,KAAKC,OAAOW,SAClBa,KAAK,KACNzB,KAAKS,IAAI,YANkBT,KAAKE,YA5CtC,IAAoBW,CAqDlB,CAMA,gBAAMe,SACE5B,KAAKY,OACX,IACE,MAAMiB,QAAU7B,KAAKC,OAAQ6B,gBACvBC,EAA0B,CAC9BC,YAAaH,EAAEG,aAAe,KAC9BC,WAAaJ,EAAEI,YAAe,SAGhC,OADAjC,KAAKS,IAAI,UAAWsB,GACbA,CACT,CAAE,MAAOG,GAEP,OADAlC,KAAKS,IAAI,gCAAiCyB,GACnC,CAAEF,YAAa,KAAMC,WAAY,QAC1C,CACF,CAUA,QAAAE,CACEC,EACAC,EACAC,GAEA,IAAKF,EAAW,MAAM,IAAIhC,MAAM,gDAChC,IAAKiC,EAAW,MAAM,IAAIjC,MAAM,iDAChC,IAAKJ,KAAKM,SAAU,MAAM,IAAIF,MAAM,gEAGpCJ,KAAKY,OAAO2B,MAAMC,GAAKxC,KAAKS,IAAI,cAAe+B,IAE/CJ,EAAOK,iBAAiB,SAAWD,IACjCA,EAAEE,iBACF,MAAMC,EAAYP,EAAOlB,cAAiC,iBACtDyB,IAAWA,EAAUC,UAAW,GAEpC9B,QAAQ+B,IAAI,CACV7C,KAAK4B,aACL5B,KAAKK,OAAOyC,oBAAoB,CAC9BC,KAAM,OACNC,KAAMhD,KAAKM,SAAU2C,WAAW,SAAWjD,KAAKM,SAAU2C,WAAW,cACrEC,gBAAiBZ,GAAkB,CAAA,MAEpCb,KAAK,EAAE0B,EAAgBC,MACxB,GAAIA,EAASC,MAAO,MAAM,IAAIjD,MAAMgD,EAASC,MAAMC,SACnD,OAAOjB,EAAQ,CACbkB,gBAAiBH,EAASI,cAAeC,GACzCzB,YAAiBmB,EAAenB,YAChCC,WAAiBkB,EAAelB,eAEjCM,MAAML,IACPlC,KAAKS,IAAI,kBAAmByB,GACxBS,IAAWA,EAAUC,UAAW,GACpCR,EAAOsB,cACL,IAAIC,YAAY,gBAAiB,CAAEC,OAAQ,CAAEN,QAAUpB,EAAcoB,SAAWO,SAAS,SAK/F7D,KAAKS,IAAI,uBAAwB2B,EACnC,EC5JF,MAAM0B,EAAiBC,EAAmC,CAAEC,SAAU,KAAMC,OAAO,aAkBnEC,GAAsBnE,QAAEA,EAAOoE,SAAEA,IAC/C,MAAOF,EAAOG,GAAkBC,GAAS,GACnCC,EAA0BC,EAA6B,MAW7D,OATAC,EAAU,KACR,MAAMC,EAAI,IAAI5E,EAAcE,GAC5BuE,EAAYI,QAAUD,EACtBA,EAAE7D,OACCa,KAAK,IAAM2C,GAAS,IACpB7B,MAAM,IAAM6B,GAAS,KAEvB,IAGDO,EAACb,EAAec,SAAQ,CAACC,MAAO,CAAEb,SAAUM,EAAYI,QAAST,SAAOE,SACrEA,GAGP,UA6BgBW,IACd,MAAMd,SAAEA,EAAQC,MAAEA,GAAUc,EAAWjB,GAOvC,MAAO,CAAEG,QAAOrC,WALGoD,EAAYC,SACxBjB,EACEA,EAASpC,aADM,CAAEI,YAAa,KAAMC,WAAY,SAEtD,CAAC+B,IAEwBA,WAC9B,CAqBM,SAAUkB,GAAmBC,QAAEA,EAAO9C,QAAEA,EAAOC,eAAEA,IACrD,MAAM0B,SAAEA,EAAQC,MAAEA,GAAUc,EAAWjB,GAEvCU,EAAU,KACHP,GAAUD,GAAamB,EAAQT,SACpCV,EAAS7B,SAASgD,EAAQT,QAASrC,EAASC,IAE3C,CAAC2B,EAAOD,GACb"}

package/package.json

@@ -0,0 +1,57 @@
+{
+  "name": "@veloris/stripe",
+  "version": "1.0.0",
+  "description": "Veloris Shield + Stripe integration for React and Node.js",
+  "type": "module",
+  "main": "./dist/index.cjs",
+  "module": "./dist/index.js",
+  "types": "./dist/index.d.ts",
+  "exports": {
+    ".": {
+      "import": "./dist/index.js",
+      "require": "./dist/index.cjs",
+      "types": "./dist/index.d.ts"
+    },
+    "./react": {
+      "import": "./dist/react.js",
+      "require": "./dist/react.cjs",
+      "types": "./dist/react.d.ts"
+    }
+  },
+  "scripts": {
+    "build": "rollup -c",
+    "prepublishOnly": "npm run build"
+  },
+  "keywords": [
+    "veloris",
+    "shield",
+    "stripe",
+    "fraud",
+    "woocommerce",
+    "payments"
+  ],
+  "author": "Veloris <hello@veloris.app>",
+  "license": "MIT",
+  "peerDependencies": {
+    "react": ">=18.0.0",
+    "react-dom": ">=18.0.0"
+  },
+  "peerDependenciesMeta": {
+    "react": {
+      "optional": true
+    },
+    "react-dom": {
+      "optional": true
+    }
+  },
+  "devDependencies": {
+    "@rollup/plugin-node-resolve": "^15.0.0",
+    "@rollup/plugin-terser": "^0.4.4",
+    "@rollup/plugin-typescript": "^12.0.0",
+    "@types/react": "^19.2.17",
+    "@types/react-dom": "^19.2.3",
+    "rollup": "^4.24.0",
+    "tslib": "^2.6.0",
+    "typescript": "^5.0.0"
+  }
+}

package/rollup.config.js

@@ -0,0 +1,36 @@
+import resolve    from '@rollup/plugin-node-resolve';
+import typescript from '@rollup/plugin-typescript';
+import terser     from '@rollup/plugin-terser';
+
+const external = ['react', 'react/jsx-runtime', 'react-dom'];
+
+export default [
+  // Core — ESM + declarations
+  {
+    input: 'src/index.ts',
+    external,
+    plugins: [resolve(), typescript({ declaration: true, declarationDir: './dist', outDir: './dist' }), terser()],
+    output: { file: 'dist/index.js', format: 'es', sourcemap: true },
+  },
+  // Core — CJS (no declarations needed)
+  {
+    input: 'src/index.ts',
+    external,
+    plugins: [resolve(), typescript(), terser()],
+    output: { file: 'dist/index.cjs', format: 'cjs', sourcemap: true },
+  },
+  // React — ESM + declarations
+  {
+    input: 'src/react.tsx',
+    external,
+    plugins: [resolve(), typescript({ declaration: true, declarationDir: './dist', outDir: './dist' }), terser()],
+    output: { file: 'dist/react.js', format: 'es', sourcemap: true },
+  },
+  // React — CJS
+  {
+    input: 'src/react.tsx',
+    external,
+    plugins: [resolve(), typescript(), terser()],
+    output: { file: 'dist/react.cjs', format: 'cjs', sourcemap: true },
+  },
+];

package/src/index.ts

@@ -0,0 +1,177 @@
+const SHIELD_SDK_URL = 'https://dashboard.veloris.app/shield.min.js';
+
+// ── Types ─────────────────────────────────────────────────────────────────────
+
+export interface VelorisStripeOptions {
+  /** Publishable key (vpk_…) from your Veloris dashboard */
+  publicKey: string;
+  /** Stripe.js instance returned by loadStripe() or window.Stripe() */
+  stripe: Stripe;
+  /** Stripe Elements instance (required for autoHook) */
+  elements?: StripeElements;
+  /** Called after every evaluation with verdict and evaluation_id */
+  onVerdict?: (verdict: string, evaluationId: string) => void;
+  /** Log debug info to console */
+  debug?: boolean;
+}
+
+export interface VelorisPayload {
+  fingerprint: string | null;
+  fp_version:  string;
+}
+
+export interface AutoHookPayload {
+  paymentMethodId: string;
+  fingerprint:     string | null;
+  fp_version:      string;
+}
+
+// Minimal Stripe typings so consumers don't need @stripe/stripe-js as a dep
+interface Stripe {
+  createPaymentMethod(opts: Record<string, unknown>): Promise<{ paymentMethod?: { id: string }; error?: { message: string } }>;
+}
+interface StripeElements {
+  getElement(type: string): unknown;
+}
+
+// Shield.js global
+interface VelorisShieldSDK {
+  new(opts: { publicKey: string }): {
+    init(): Promise<void>;
+    getAPIPayload(): Promise<{ fingerprint?: string; fp_version?: string }>;
+  };
+}
+declare global {
+  interface Window {
+    VelorisShield?: { VelorisShield: VelorisShieldSDK };
+  }
+}
+
+// ── Loader ────────────────────────────────────────────────────────────────────
+
+function loadScript(src: string): Promise<void> {
+  return new Promise((resolve, reject) => {
+    if (typeof document === 'undefined') { resolve(); return; }
+    if (document.querySelector(`script[src="${src}"]`)) { resolve(); return; }
+    const s       = document.createElement('script');
+    s.src         = src;
+    s.onload      = () => resolve();
+    s.onerror     = () => reject(new Error(`Failed to load ${src}`));
+    document.head.appendChild(s);
+  });
+}
+
+// ── VelorisStripe class ───────────────────────────────────────────────────────
+
+export class VelorisStripe {
+  private readonly publicKey:  string;
+  private readonly stripe:     Stripe;
+  private readonly elements?:  StripeElements;
+  private readonly onVerdict?: (verdict: string, evaluationId: string) => void;
+  private readonly debug:      boolean;
+
+  private shield:      InstanceType<VelorisShieldSDK> | null = null;
+  private initPromise: Promise<void> | null                  = null;
+
+  constructor(options: VelorisStripeOptions) {
+    if (!options.publicKey) throw new Error('[VelorisStripe] publicKey is required');
+    if (!options.stripe)    throw new Error('[VelorisStripe] stripe instance is required');
+
+    this.publicKey  = options.publicKey;
+    this.stripe     = options.stripe;
+    this.elements   = options.elements;
+    this.onVerdict  = options.onVerdict;
+    this.debug      = options.debug ?? false;
+  }
+
+  private log(...args: unknown[]): void {
+    if (this.debug) console.log('[VelorisStripe]', ...args);
+  }
+
+  /**
+   * Load Shield.js and initialise signal collection.
+   * Safe to call multiple times — returns the same promise.
+   */
+  init(): Promise<void> {
+    if (this.initPromise) return this.initPromise;
+    this.initPromise = loadScript(SHIELD_SDK_URL).then(() => {
+      if (!window.VelorisShield) throw new Error('Shield.js did not load');
+      this.shield = new window.VelorisShield.VelorisShield({ publicKey: this.publicKey });
+      return this.shield.init();
+    }).then(() => {
+      this.log('ready');
+    });
+    return this.initPromise;
+  }
+
+  /**
+   * Returns the device fingerprint payload to send to your backend.
+   * Call this just before submitting the order.
+   */
+  async getPayload(): Promise<VelorisPayload> {
+    await this.init();
+    try {
+      const p = await this.shield!.getAPIPayload();
+      const payload: VelorisPayload = {
+        fingerprint: p.fingerprint ?? null,
+        fp_version:  p.fp_version  ?? '0.1.0',
+      };
+      this.log('payload', payload);
+      return payload;
+    } catch (err) {
+      this.log('getPayload error (non-fatal):', err);
+      return { fingerprint: null, fp_version: '0.1.0' };
+    }
+  }
+
+  /**
+   * Intercepts a checkout form's submit event.
+   * Collects fingerprint and Stripe PaymentMethod in parallel, then calls
+   * handler({ paymentMethodId, fingerprint, fp_version }).
+   *
+   * Your handler should POST to your backend, which calls /shield/evaluate
+   * then confirms the Stripe PaymentIntent.
+   */
+  autoHook(
+    formEl: HTMLFormElement,
+    handler: (payload: AutoHookPayload) => Promise<void>,
+    billingDetails?: Record<string, unknown>,
+  ): void {
+    if (!formEl)    throw new Error('[VelorisStripe] autoHook: formEl is required');
+    if (!handler)   throw new Error('[VelorisStripe] autoHook: handler is required');
+    if (!this.elements) throw new Error('[VelorisStripe] autoHook: pass elements via options.elements');
+
+    // Warm up Shield.js immediately
+    this.init().catch(e => this.log('init error:', e));
+
+    formEl.addEventListener('submit', (e: Event) => {
+      e.preventDefault();
+      const submitBtn = formEl.querySelector<HTMLButtonElement>('[type=submit]');
+      if (submitBtn) submitBtn.disabled = true;
+
+      Promise.all([
+        this.getPayload(),
+        this.stripe.createPaymentMethod({
+          type: 'card',
+          card: this.elements!.getElement('card') ?? this.elements!.getElement('cardNumber'),
+          billing_details: billingDetails ?? {},
+        }),
+      ]).then(([velorisPayload, pmResult]) => {
+        if (pmResult.error) throw new Error(pmResult.error.message);
+        return handler({
+          paymentMethodId: pmResult.paymentMethod!.id,
+          fingerprint:     velorisPayload.fingerprint,
+          fp_version:      velorisPayload.fp_version,
+        });
+      }).catch(err => {
+        this.log('autoHook error:', err);
+        if (submitBtn) submitBtn.disabled = false;
+        formEl.dispatchEvent(
+          new CustomEvent('veloris:error', { detail: { message: (err as Error).message }, bubbles: true })
+        );
+      });
+    });
+
+    this.log('autoHook attached to', formEl);
+  }
+}

package/src/react.tsx

@@ -0,0 +1,127 @@
+import {
+  createContext,
+  useCallback,
+  useContext,
+  useEffect,
+  useRef,
+  useState,
+} from 'react';
+import type { ReactNode } from 'react';
+import { VelorisStripe } from './index.js';
+import type { VelorisStripeOptions, VelorisPayload, AutoHookPayload } from './index.js';
+
+// ── Context ───────────────────────────────────────────────────────────────────
+
+interface VelorisContextValue {
+  instance: VelorisStripe | null;
+  ready:    boolean;
+}
+
+const VelorisContext = createContext<VelorisContextValue>({ instance: null, ready: false });
+
+// ── Provider ──────────────────────────────────────────────────────────────────
+
+export interface VelorisStripeProviderProps {
+  options:  VelorisStripeOptions;
+  children: ReactNode;
+}
+
+/**
+ * Wrap your checkout tree with this provider. It initialises Shield.js once
+ * and makes the VelorisStripe instance available to child components.
+ *
+ * @example
+ * <VelorisStripeProvider options={{ publicKey: 'vpk_…', stripe }}>
+ *   <CheckoutForm />
+ * </VelorisStripeProvider>
+ */
+export function VelorisStripeProvider({ options, children }: VelorisStripeProviderProps) {
+  const [ready, setReady]       = useState(false);
+  const instanceRef             = useRef<VelorisStripe | null>(null);
+
+  useEffect(() => {
+    const v = new VelorisStripe(options);
+    instanceRef.current = v;
+    v.init()
+      .then(() => setReady(true))
+      .catch(() => setReady(true)); // fail open
+  // eslint-disable-next-line react-hooks/exhaustive-deps
+  }, []);
+
+  return (
+    <VelorisContext.Provider value={{ instance: instanceRef.current, ready }}>
+      {children}
+    </VelorisContext.Provider>
+  );
+}
+
+// ── useVelorisStripe hook ─────────────────────────────────────────────────────
+
+export interface UseVelorisStripeReturn {
+  /** True once Shield.js has initialised */
+  ready: boolean;
+  /** Collect fingerprint — call just before submitting the order */
+  getPayload: () => Promise<VelorisPayload>;
+  /** Full VelorisStripe instance (null until mounted) */
+  instance: VelorisStripe | null;
+}
+
+/**
+ * Access the Veloris Shield instance inside any component wrapped by
+ * VelorisStripeProvider.
+ *
+ * @example
+ * const { ready, getPayload } = useVelorisStripe();
+ *
+ * async function handleSubmit() {
+ *   const { fingerprint } = await getPayload();
+ *   const { paymentMethod } = await stripe.createPaymentMethod({ … });
+ *   await fetch('/checkout', {
+ *     method: 'POST',
+ *     body: JSON.stringify({ paymentMethodId: paymentMethod.id, fingerprint }),
+ *   });
+ * }
+ */
+export function useVelorisStripe(): UseVelorisStripeReturn {
+  const { instance, ready } = useContext(VelorisContext);
+
+  const getPayload = useCallback(async (): Promise<VelorisPayload> => {
+    if (!instance) return { fingerprint: null, fp_version: '0.1.0' };
+    return instance.getPayload();
+  }, [instance]);
+
+  return { ready, getPayload, instance };
+}
+
+// ── useVelorisAutoHook ────────────────────────────────────────────────────────
+
+export interface UseVelorisAutoHookOptions {
+  formRef:        React.RefObject<HTMLFormElement>;
+  handler:        (payload: AutoHookPayload) => Promise<void>;
+  billingDetails?: Record<string, unknown>;
+}
+
+/**
+ * Attach autoHook to a form ref. Runs once when the form mounts and the
+ * instance is ready.
+ *
+ * @example
+ * const formRef = useRef<HTMLFormElement>(null);
+ * useVelorisAutoHook({ formRef, handler: async ({ paymentMethodId, fingerprint }) => {
+ *   await fetch('/checkout', { method: 'POST', body: JSON.stringify({ paymentMethodId, fingerprint }) });
+ * }});
+ * return <form ref={formRef}>…</form>;
+ */
+export function useVelorisAutoHook({ formRef, handler, billingDetails }: UseVelorisAutoHookOptions): void {
+  const { instance, ready } = useContext(VelorisContext);
+
+  useEffect(() => {
+    if (!ready || !instance || !formRef.current) return;
+    instance.autoHook(formRef.current, handler, billingDetails);
+  // eslint-disable-next-line react-hooks/exhaustive-deps
+  }, [ready, instance]);
+}
+
+// Re-export core for convenience
+export { VelorisStripe } from './index.js';
+export type { VelorisStripeOptions, VelorisPayload, AutoHookPayload } from './index.js';

package/tsconfig.json

@@ -0,0 +1,12 @@
+{
+  "compilerOptions": {
+    "target":           "ES2020",
+    "module":           "ESNext",
+    "moduleResolution": "bundler",
+    "strict":           true,
+    "esModuleInterop":  true,
+    "skipLibCheck":     true,
+    "jsx":              "react-jsx"
+  },
+  "include": ["src"]
+}