@zapier/zapier-sdk 0.50.0 → 0.52.0

package/dist/experimental.cjs

@@ -150,6 +150,21 @@ function parseIntEnvVar(name) {
 }
 var ZAPIER_MAX_NETWORK_RETRIES = parseIntEnvVar("ZAPIER_MAX_NETWORK_RETRIES") ?? 3;
 var ZAPIER_MAX_NETWORK_RETRY_DELAY_MS = parseIntEnvVar("ZAPIER_MAX_NETWORK_RETRY_DELAY_MS") ?? 6e4;
+var MAX_CONCURRENCY_LIMIT = 1e4;
+function parseConcurrencyEnvVar(name) {
+  const value = globalThis.process?.env?.[name];
+  if (!value) return void 0;
+  if (value === "Infinity") return Infinity;
+  if (/^[1-9]\d*$/.test(value)) {
+    const parsed = parseInt(value, 10);
+    if (parsed <= MAX_CONCURRENCY_LIMIT) return parsed;
+  }
+  console.warn(
+    `[zapier-sdk] Invalid value for ${name}: "${value}" (expected positive integer 1-${MAX_CONCURRENCY_LIMIT} or "Infinity")`
+  );
+  return void 0;
+}
+var ZAPIER_MAX_CONCURRENT_REQUESTS = parseConcurrencyEnvVar("ZAPIER_MAX_CONCURRENT_REQUESTS") ?? 200;
 function getZapierApprovalMode() {
   const value = globalThis.process?.env?.ZAPIER_APPROVAL_MODE;
   if (value === "disabled" || value === "poll" || value === "throw")
@@ -1836,33 +1851,40 @@ function getAuthorizationHeader(token) {
   }
   return `Bearer ${token}`;
 }
-function extractUserIdsFromJwt(token) {
+function readJwtPayload(token) {
   const parts = parseJwt(token);
-  if (!parts) {
-    return { customuser_id: null, account_id: null };
-  }
+  if (!parts) return null;
+  let payload;
   try {
-    const payload = JSON.parse(
-      Buffer.from(parts[1], "base64url").toString("utf-8")
-    );
-    let actualPayload = payload;
-    if (payload.sub_type === "service" && payload.njwt) {
-      const nestedParts = payload.njwt.split(".");
-      if (nestedParts.length === 3) {
-        actualPayload = JSON.parse(
+    payload = JSON.parse(Buffer.from(parts[1], "base64url").toString("utf-8"));
+  } catch {
+    return null;
+  }
+  if (payload["sub_type"] === "service" && typeof payload["njwt"] === "string") {
+    const nestedParts = parseJwt(payload["njwt"]);
+    if (nestedParts) {
+      try {
+        return JSON.parse(
           Buffer.from(nestedParts[1], "base64url").toString("utf-8")
         );
+      } catch {
       }
     }
-    const accountId = actualPayload["zap:acc"] != null ? parseInt(String(actualPayload["zap:acc"]), 10) : null;
-    const customUserId = actualPayload.sub_type === "customuser" && actualPayload.sub != null ? parseInt(String(actualPayload.sub), 10) : null;
-    return {
-      customuser_id: customUserId !== null && !isNaN(customUserId) ? customUserId : null,
-      account_id: accountId !== null && !isNaN(accountId) ? accountId : null
-    };
-  } catch {
+  }
+  return payload;
+}
+function extractUserIdsFromJwt(token) {
+  const payload = readJwtPayload(token);
+  if (!payload) {
     return { customuser_id: null, account_id: null };
   }
+  const accRaw = payload["zap:acc"];
+  const accountId = accRaw != null ? parseInt(String(accRaw), 10) : null;
+  const customUserId = payload["sub_type"] === "customuser" && payload["sub"] != null ? parseInt(String(payload["sub"]), 10) : null;
+  return {
+    customuser_id: customUserId !== null && !isNaN(customUserId) ? customUserId : null,
+    account_id: accountId !== null && !isNaN(accountId) ? accountId : null
+  };
 }
 
 // src/api/debug.ts
@@ -2170,6 +2192,83 @@ async function pollUntilComplete(options) {
     }
   }
 }
+
+// src/api/concurrency.ts
+var NO_OP_RELEASE = () => {
+};
+var NO_OP_SEMAPHORE = {
+  acquire: async () => NO_OP_RELEASE,
+  tryAcquire: () => NO_OP_RELEASE
+};
+function createSemaphore(maxPermits) {
+  if (maxPermits === Infinity) {
+    return NO_OP_SEMAPHORE;
+  }
+  if (!Number.isInteger(maxPermits) || maxPermits <= 0) {
+    throw new Error(
+      `maxPermits must be a positive integer or Infinity, got: ${maxPermits}`
+    );
+  }
+  let permits = maxPermits;
+  const waiters = [];
+  const release = () => {
+    const next = waiters.shift();
+    if (next) {
+      next.grant();
+    } else {
+      permits++;
+    }
+  };
+  const makeReleaseOnce = () => {
+    let released = false;
+    return () => {
+      if (released) return;
+      released = true;
+      release();
+    };
+  };
+  return {
+    tryAcquire() {
+      if (permits > 0) {
+        permits--;
+        return makeReleaseOnce();
+      }
+      return null;
+    },
+    async acquire(signal) {
+      if (signal?.aborted) {
+        throw signal.reason ?? new DOMException("Aborted", "AbortError");
+      }
+      if (permits > 0) {
+        permits--;
+        return makeReleaseOnce();
+      }
+      return new Promise((resolve2, reject) => {
+        const onAbort = () => {
+          const idx = waiters.indexOf(waiter);
+          if (idx !== -1) {
+            waiters.splice(idx, 1);
+            waiter.cancel(
+              signal?.reason ?? new DOMException("Aborted", "AbortError")
+            );
+          }
+        };
+        const waiter = {
+          grant: () => {
+            signal?.removeEventListener("abort", onAbort);
+            resolve2(makeReleaseOnce());
+          },
+          cancel: (reason) => {
+            signal?.removeEventListener("abort", onAbort);
+            reject(reason);
+          }
+        };
+        signal?.addEventListener("abort", onAbort);
+        waiters.push(waiter);
+      });
+    }
+  };
+}
 var ClientCredentialsObjectSchema = zod.z.object({
   type: zod.z.enum(["client_credentials"]).optional().meta({ internal: true }),
   clientId: zod.z.string().describe("OAuth client ID for authentication.").meta({ valueHint: "id" }),
@@ -2211,6 +2310,19 @@ function isCredentialsFunction(credentials) {
   return typeof credentials === "function";
 }
 
+// src/utils/telemetry.ts
+var emittedOnce = /* @__PURE__ */ new WeakMap();
+function emitOnce(onEvent, event) {
+  if (!emittedOnce.has(onEvent)) {
+    emittedOnce.set(onEvent, /* @__PURE__ */ new Set());
+  }
+  const fired = emittedOnce.get(onEvent);
+  if (!fired.has(event.type)) {
+    fired.add(event.type);
+    onEvent(event);
+  }
+}
+
 // src/utils/url-utils.ts
 function getZapierBaseUrl(baseUrl) {
   if (!baseUrl) {
@@ -2433,8 +2545,10 @@ async function resolveCache(options) {
   if (cliLogin?.createCache) {
     try {
       const cache = cliLogin.createCache();
-      cachedDefaultCache = cache;
-      return cache;
+      if (cache) {
+        cachedDefaultCache = cache;
+        return cache;
+      }
     } catch {
     }
   }
@@ -2446,6 +2560,11 @@ function entryIsValid(entry) {
   if (entry.expiresAt === void 0) return true;
   return entry.expiresAt > Date.now() + TOKEN_EXPIRATION_BUFFER_MS;
 }
+async function readCachedToken(cacheKey, cache) {
+  const cached = await cache.get(cacheKey);
+  if (cached && entryIsValid(cached)) return cached.value;
+  return void 0;
+}
 async function invalidateCachedToken(options) {
   const cacheKey = buildCacheKey(options);
   pendingExchanges.delete(cacheKey);
@@ -2559,11 +2678,76 @@ function isCliLoginAvailable() {
   if (cachedCliLogin === void 0) return void 0;
   return cachedCliLogin !== false;
 }
+function emitAuthResolved(onEvent, mechanism) {
+  if (onEvent) {
+    emitOnce(onEvent, {
+      type: "auth_resolved",
+      payload: { mechanism },
+      timestamp: Date.now()
+    });
+  }
+}
+async function getActiveCredentialsFromCli(baseUrl) {
+  const cliLogin = await getCliLogin();
+  return cliLogin?.getActiveCredentials?.({ baseUrl });
+}
+async function getStoredClientCredentialsFromCli(baseUrl) {
+  const cliLogin = await getCliLogin();
+  return cliLogin?.getStoredClientCredentials?.({ baseUrl });
+}
 async function getTokenFromCliLogin(options) {
   const cliLogin = await getCliLogin();
   if (!cliLogin) return void 0;
   return await cliLogin.getToken(options);
 }
+async function tryStoredClientCredentialToken(options) {
+  const activeCredential = await getActiveCredentialsFromCli(options.baseUrl);
+  if (!activeCredential) return void 0;
+  const resolvedBaseUrl = activeCredential.baseUrl || options.baseUrl || DEFAULT_AUTH_BASE_URL;
+  const mergedScopes = mergeScopes(
+    activeCredential.scopes.join(" "),
+    options.requiredScopes
+  );
+  const cacheKey = buildCacheKey({
+    clientId: activeCredential.clientId,
+    scopes: mergedScopes,
+    baseUrl: resolvedBaseUrl
+  });
+  const cache = await resolveCache(options);
+  const pending = pendingExchanges.get(cacheKey);
+  if (pending) return pending;
+  const cached = await readCachedToken(cacheKey, cache);
+  if (cached !== void 0) {
+    if (options.debug)
+      console.log(
+        `[auth] Using cached token (clientId: ${activeCredential.clientId})`
+      );
+    emitAuthResolved(options.onEvent, "client_credentials");
+    return cached;
+  }
+  const storedCredential = await getStoredClientCredentialsFromCli(resolvedBaseUrl);
+  if (!storedCredential) {
+    await invalidateCachedToken({
+      clientId: activeCredential.clientId,
+      scopes: activeCredential.scopes,
+      baseUrl: resolvedBaseUrl,
+      cache: options.cache
+    });
+    throw new ZapierAuthenticationError(
+      `Stored client credential is missing its secret (clientId: ${activeCredential.clientId}). Run \`zapier-sdk login\` to recreate it.`
+    );
+  }
+  if (options.debug)
+    console.log(
+      `[auth] Using stored client credential (clientId: ${storedCredential.clientId})`
+    );
+  const token = await resolveAuthTokenFromCredentials(
+    storedCredential,
+    options
+  );
+  emitAuthResolved(options.onEvent, "client_credentials");
+  return token;
+}
 async function resolveAuthToken(options = {}) {
   const credentials = await resolveCredentials({
     credentials: options.credentials,
@@ -2573,14 +2757,24 @@ async function resolveAuthToken(options = {}) {
   if (credentials !== void 0) {
     return resolveAuthTokenFromCredentials(credentials, options);
   }
-  return getTokenFromCliLogin({
+  const storedToken = await tryStoredClientCredentialToken(options);
+  if (storedToken !== void 0) return storedToken;
+  if (options.debug) {
+    console.log("[auth] Using JWT (no stored client credential found)");
+  }
+  const jwtToken = await getTokenFromCliLogin({
     onEvent: options.onEvent,
     fetch: options.fetch,
     debug: options.debug
   });
+  if (jwtToken !== void 0) {
+    emitAuthResolved(options.onEvent, "jwt");
+  }
+  return jwtToken;
 }
 async function resolveAuthTokenFromCredentials(credentials, options) {
   if (typeof credentials === "string") {
+    emitAuthResolved(options.onEvent, "token");
     return credentials;
   }
   if (isClientCredentials(credentials)) {
@@ -2593,15 +2787,25 @@ async function resolveAuthTokenFromCredentials(credentials, options) {
       baseUrl: resolvedBaseUrl
     });
     const cache = await resolveCache(options);
-    const cached = await cache.get(cacheKey);
-    if (cached && entryIsValid(cached)) {
-      return cached.value;
+    const cached = await readCachedToken(cacheKey, cache);
+    if (cached !== void 0) {
+      if (options.debug) {
+        console.log(`[auth] Using cached token (clientId: ${clientId})`);
+      }
+      return cached;
     }
     const pending = pendingExchanges.get(cacheKey);
     if (pending) return pending;
     const runLocked = async () => {
-      const recheck = await cache.get(cacheKey);
-      if (recheck && entryIsValid(recheck)) return recheck.value;
+      const recheck = await readCachedToken(cacheKey, cache);
+      if (recheck !== void 0) {
+        if (options.debug) {
+          console.log(
+            `[auth] Using cached token (clientId: ${clientId}, locked recheck)`
+          );
+        }
+        return recheck;
+      }
       const { accessToken, expiresIn } = await exchangeClientCredentials({
         clientId: credentials.clientId,
         clientSecret: credentials.clientSecret,
@@ -2659,7 +2863,7 @@ async function invalidateCredentialsToken(options) {
 }
 
 // src/sdk-version.ts
-var SDK_VERSION = (typeof process !== "undefined" && process.env ? "0.50.0" : void 0) || "unknown";
+var SDK_VERSION = (typeof process !== "undefined" && process.env ? "0.52.0" : void 0) || "unknown";
 
 // src/utils/open-url.ts
 var nodePrefix = "node:";
@@ -2869,9 +3073,61 @@ var ZapierApiClient = class {
         await sleep(delayMs, init?.signal ?? void 0);
       }
     };
+    /**
+     * Wrap an outbound HTTP call with the concurrency semaphore. Used by both
+     * `rawFetch` (path-based) and the approval-poll path (absolute URL); each
+     * caller acquires per-attempt, so 429 retry sleep is held but the gap
+     * between approval polls and the human-approval wait are not.
+     *
+     * The release is registered in a finally that wraps the entire post-
+     * acquire flow — including the `wait_end` event emission — so a throwing
+     * `onEvent` handler can never leak a permit.
+     *
+     * Slot lifetime is intentionally tied to "fetch resolves" (headers
+     * received), NOT to "response body fully consumed". WHATWG `fetch()`
+     * resolves once headers are in; the body is still streaming. We rely on
+     * that boundary so streaming responses (SSE, long-running chunked reads)
+     * don't pin a permit for the lifetime of the stream — a single SSE
+     * consumer would otherwise hold one of N slots for as long as the
+     * connection stays open. Do not move the release into a path that awaits
+     * body consumption (e.g. `parseResult` / `response.text()`); doing so
+     * would silently break streaming consumers without failing any of the
+     * short-request tests.
+     */
+    this.withSemaphore = async (context, fn) => {
+      const fastRelease = this.semaphore.tryAcquire();
+      let waitStart = null;
+      let release = fastRelease;
+      if (release === null) {
+        waitStart = Date.now();
+        this.emitEvent("api:concurrency_wait_start", {
+          url: context.url,
+          method: context.method
+        });
+        release = await this.semaphore.acquire(context.signal ?? void 0);
+      }
+      const acquiredRelease = release;
+      try {
+        if (waitStart !== null) {
+          this.emitEvent("api:concurrency_wait_end", {
+            url: context.url,
+            method: context.method,
+            waitedMs: Date.now() - waitStart
+          });
+        }
+        return await fn();
+      } finally {
+        acquiredRelease();
+      }
+    };
     /**
      * Perform a request with auth, header merging, and rate-limit (429) retries.
      * Does NOT handle 403 approval_required — that's routed by `fetch`.
+     *
+     * Concurrency: a semaphore slot is held across the entire call, including
+     * the 429 retry sleep inside `rawFetchUrl`. That keeps backpressure
+     * coherent — when the server is rate-limiting us, we don't dump more
+     * parallelism into the queue.
      */
     this.rawFetch = async (path, init) => {
       if (!path.startsWith("/")) {
@@ -2880,7 +3136,10 @@ var ZapierApiClient = class {
         );
       }
       const { url, pathConfig: pathConfig2 } = this.buildUrl(path, init?.searchParams);
-      return this.rawFetchUrl(url, init, pathConfig2);
+      return this.withSemaphore(
+        { url, method: init?.method ?? "GET", signal: init?.signal },
+        () => this.rawFetchUrl(url, init, pathConfig2)
+      );
     };
     /**
      * Approval-aware HTTP fetch.
@@ -2988,6 +3247,15 @@ var ZapierApiClient = class {
     };
     this.maxNetworkRetries = options.maxNetworkRetries ?? ZAPIER_MAX_NETWORK_RETRIES;
     this.maxNetworkRetryDelayMs = options.maxNetworkRetryDelayMs ?? ZAPIER_MAX_NETWORK_RETRY_DELAY_MS;
+    const requested = options.maxConcurrentRequests;
+    const limit = requested === void 0 || Number.isNaN(requested) ? ZAPIER_MAX_CONCURRENT_REQUESTS : requested;
+    if (limit !== Infinity && (!Number.isInteger(limit) || limit < 1 || limit > MAX_CONCURRENCY_LIMIT)) {
+      throw new ZapierConfigurationError(
+        `Invalid maxConcurrentRequests: ${limit} (expected positive integer 1-${MAX_CONCURRENCY_LIMIT} or Infinity)`,
+        { configType: "maxConcurrentRequests" }
+      );
+    }
+    this.semaphore = createSemaphore(limit);
   }
   // Emit an event if onEvent handler is configured
   emitEvent(type, payload) {
@@ -3240,7 +3508,9 @@ var ZapierApiClient = class {
     if (data && typeof data === "object") {
       headers["Content-Type"] = "application/json";
     }
-    const wasMissingAuthToken = options.authRequired && await this.getAuthToken({ requiredScopes: options.requiredScopes }) == null;
+    const wasMissingAuthToken = options.authRequired && await this.getAuthToken({
+      requiredScopes: options.requiredScopes
+    }) == null;
     const response = await this.fetch(path, {
       ...options,
       method,
@@ -3363,10 +3633,16 @@ var ZapierApiClient = class {
         // poll_url is an absolute URL supplied by the server, so we use
         // rawFetchUrl directly (skipping path resolution) but still share
         // auth + interactive-header + 429-retry with the rest of the SDK.
-        fetchPoll: () => this.rawFetchUrl(approval.poll_url, {
-          method: "GET",
-          headers: { Accept: "application/json" }
-        }),
+        // Each individual poll request goes through the concurrency
+        // semaphore — but we deliberately do not hold a slot across the
+        // sleep between polls or across the human-approval wait.
+        fetchPoll: () => this.withSemaphore(
+          { url: approval.poll_url, method: "GET" },
+          () => this.rawFetchUrl(approval.poll_url, {
+            method: "GET",
+            headers: { Accept: "application/json" }
+          })
+        ),
         timeoutMs,
         isPending: (body2) => {
           const parsed = PollApprovalResponseSchema.safeParse(body2);
@@ -3434,6 +3710,28 @@ var createZapierApi = (options) => {
   });
 };
 
+// src/api/index.ts
+function getOrCreateApiClient(config) {
+  const {
+    baseUrl = ZAPIER_BASE_URL,
+    credentials,
+    token,
+    api: providedApi,
+    debug = false,
+    fetch: customFetch
+  } = config;
+  if (providedApi) {
+    return providedApi;
+  }
+  return createZapierApi({
+    baseUrl,
+    credentials,
+    token,
+    debug,
+    fetch: customFetch
+  });
+}
+
 // src/plugins/api/index.ts
 var apiPlugin = definePlugin(
   (sdk) => {
@@ -3446,6 +3744,7 @@ var apiPlugin = definePlugin(
       debug = false,
       maxNetworkRetries = ZAPIER_MAX_NETWORK_RETRIES,
       maxNetworkRetryDelayMs = ZAPIER_MAX_NETWORK_RETRY_DELAY_MS,
+      maxConcurrentRequests = ZAPIER_MAX_CONCURRENT_REQUESTS,
       approvalTimeoutMs,
       maxApprovalRetries,
       approvalMode,
@@ -3460,6 +3759,7 @@ var apiPlugin = definePlugin(
       onEvent,
       maxNetworkRetries,
       maxNetworkRetryDelayMs,
+      maxConcurrentRequests,
       approvalTimeoutMs,
       maxApprovalRetries,
       approvalMode,
@@ -10165,6 +10465,24 @@ var BaseSdkOptionsSchema = zod.z.object({
    * Default is 60000 (60 seconds).
    */
   maxNetworkRetryDelayMs: zod.z.number().optional().describe("Max delay in ms to wait for retry (default: 60000).").meta({ valueHint: "ms" }),
+  /**
+   * Maximum number of concurrent in-flight HTTP requests per client.
+   * Requests beyond this limit queue in FIFO order until a slot frees.
+   * Pass `Infinity` to disable. Default: 200.
+   *
+   * The description and meta are duplicated across the outer wrapper and
+   * the inner numeric branch because the SDK and CLI doc generators walk
+   * the schema differently — the SDK reader looks at wrappers only, while
+   * the CLI reader recurses into union branches.
+   */
+  maxConcurrentRequests: zod.z.union([
+    zod.z.number().int().min(1).max(MAX_CONCURRENCY_LIMIT).describe(
+      `Max concurrent in-flight HTTP requests (default: 200, max: ${MAX_CONCURRENCY_LIMIT}).`
+    ).meta({ valueHint: "count" }),
+    zod.z.literal(Infinity)
+  ]).optional().describe(
+    `Max concurrent in-flight HTTP requests (default: 200, max: ${MAX_CONCURRENCY_LIMIT}).`
+  ).meta({ valueHint: "count" }),
   approvalTimeoutMs: zod.z.number().optional().describe("Timeout in ms for approval polling. Default: 600000 (10 min).").meta({ valueHint: "ms" }),
   maxApprovalRetries: zod.z.number().optional().describe(
     "Maximum number of sequential approval rounds per request (one per gating policy) before giving up. Default: 2."
@@ -10234,6 +10552,7 @@ exports.LeaseLimitPropertySchema = LeaseLimitPropertySchema;
 exports.LeasePropertySchema = LeasePropertySchema;
 exports.LeaseSecondsPropertySchema = LeaseSecondsPropertySchema;
 exports.LimitPropertySchema = LimitPropertySchema;
+exports.MAX_CONCURRENCY_LIMIT = MAX_CONCURRENCY_LIMIT;
 exports.MAX_PAGE_LIMIT = MAX_PAGE_LIMIT;
 exports.OffsetPropertySchema = OffsetPropertySchema;
 exports.OutputPropertySchema = OutputPropertySchema;
@@ -10249,6 +10568,7 @@ exports.TablesPropertySchema = TablesPropertySchema;
 exports.TriggerInboxNamePropertySchema = TriggerInboxNamePropertySchema;
 exports.TriggerInboxPropertySchema = TriggerInboxPropertySchema;
 exports.ZAPIER_BASE_URL = ZAPIER_BASE_URL;
+exports.ZAPIER_MAX_CONCURRENT_REQUESTS = ZAPIER_MAX_CONCURRENT_REQUESTS;
 exports.ZAPIER_MAX_NETWORK_RETRIES = ZAPIER_MAX_NETWORK_RETRIES;
 exports.ZAPIER_MAX_NETWORK_RETRY_DELAY_MS = ZAPIER_MAX_NETWORK_RETRY_DELAY_MS;
 exports.ZapierAbortDrainSignal = ZapierAbortDrainSignal;
@@ -10301,6 +10621,7 @@ exports.createSdk = createSdk;
 exports.createTableFieldsPlugin = createTableFieldsPlugin;
 exports.createTablePlugin = createTablePlugin;
 exports.createTableRecordsPlugin = createTableRecordsPlugin;
+exports.createZapierApi = createZapierApi;
 exports.createZapierSdk = createZapierSdk2;
 exports.createZapierSdkWithoutRegistry = createZapierSdkWithoutRegistry;
 exports.definePlugin = definePlugin;
@@ -10324,6 +10645,7 @@ exports.getConnectionPlugin = getConnectionPlugin;
 exports.getCpuTime = getCpuTime;
 exports.getCurrentTimestamp = getCurrentTimestamp;
 exports.getMemoryUsage = getMemoryUsage;
+exports.getOrCreateApiClient = getOrCreateApiClient;
 exports.getOsInfo = getOsInfo;
 exports.getPlatformVersions = getPlatformVersions;
 exports.getPreferredManifestEntryKey = getPreferredManifestEntryKey;
@@ -10358,6 +10680,7 @@ exports.listTableRecordsPlugin = listTableRecordsPlugin;
 exports.listTablesPlugin = listTablesPlugin;
 exports.logDeprecation = logDeprecation;
 exports.manifestPlugin = manifestPlugin;
+exports.parseConcurrencyEnvVar = parseConcurrencyEnvVar;
 exports.readManifestFromFile = readManifestFromFile;
 exports.registryPlugin = registryPlugin;
 exports.requestPlugin = requestPlugin;