attlaz-client 1.48.1 → 1.48.3

package/dist/Helper/LoadAllHelper.js

@@ -9,9 +9,14 @@ export class LoadAllHelper {
             firstPagination.limit = limit;
             firstPagination.startingAfter = lastRef;
             const data = await call(firstPagination);
-            for (const record of data.getData()) {
-                totalResult.push(record);
-                lastRef = record.id.toString();
+            const records = data.getData();
+            // Spread is faster than a per-element loop but can exceed the call stack for very large collections (50k+)
+            if (totalResult.length + records.length > 50_000) {
+                throw new Error('loadAll exceeded 50,000 records (' + (totalResult.length + records.length) + '). This method is not intended for large datasets.');
+            }
+            totalResult.push(...records);
+            if (records.length > 0) {
+                lastRef = records[records.length - 1].id.toString();
             }
             hasMore = data.hasMore;
         }

package/dist/Http/ClientError.js

@@ -14,6 +14,7 @@ export class ClientError extends Error {
         if (error instanceof AxiosError) {
             if (error.code === 'ECONNREFUSED' || error.code === 'ERR_NETWORK') {
                 clientError.httpStatus = HttpStatus.HTTP_UNAVAILABLE;
+                // clientError.code = 'Service not available';
                 clientError.message = 'Service not available';
                 return clientError;
             }

package/dist/Http/Transport/DirectTransport.d.ts

@@ -8,13 +8,18 @@ export interface DirectTransportRoute {
  * Transport for internal service-to-service calls that bypasses Gateway OAuth.
  * Authenticates via HMAC-signed session headers instead of an OAuth token.
  *
+ * The caller is responsible for computing the HMAC signature (since this requires
+ * node:crypto which is not available in browser environments).
+ *
  * Usage:
- *   const transport = new DirectTransport('http://core-api:5728', process.env.api_secret);
+ *   import {createHmac} from 'node:crypto';
+ *   const sessionPayload = DirectTransport.createSessionPayload();
+ *   const sessionSignature = createHmac('sha256', apiSecret).update(sessionPayload).digest('hex');
+ *   const transport = new DirectTransport('http://core-api:5728', sessionPayload, sessionSignature);
  *   const client = Client.withTransport(transport);
- *   client.getFlowEndpoint().getById(id);
  *
  * With multiple backends:
- *   const transport = new DirectTransport('http://core-api:5728', secret, [
+ *   const transport = new DirectTransport('http://core-api:5728', sessionPayload, sessionSignature, [
  *     { prefix: '/products', baseUrl: 'http://products-api:5730' },
  *     { prefix: '/services', baseUrl: 'http://services-api:5731' },
  *   ]);
@@ -22,7 +27,11 @@ export interface DirectTransportRoute {
 export declare class DirectTransport implements ITransport {
     private readonly clients;
     private readonly sortedRoutes;
-    constructor(defaultBaseUrl: string, apiSecret: string, routes?: DirectTransportRoute[]);
+    /**
+     * Creates the default session payload for internal service-to-service calls.
+     */
+    static createSessionPayload(): string;
+    constructor(defaultBaseUrl: string, sessionPayload: string, sessionSignature: string, routes?: DirectTransportRoute[]);
     request<T>(action: string, parameters?: Parameters, method?: string, _signWithOauthToken?: boolean): Promise<T>;
     private resolveClient;
     isDebugEnabled(): boolean;

package/dist/Http/Transport/DirectTransport.js

@@ -1,17 +1,21 @@
-import { createHmac } from 'node:crypto';
 import { OAuthClientOptions } from '../OAuthClientOptions.js';
 import { OAuthClient } from './OAuthClient.js';
 /**
  * Transport for internal service-to-service calls that bypasses Gateway OAuth.
  * Authenticates via HMAC-signed session headers instead of an OAuth token.
  *
+ * The caller is responsible for computing the HMAC signature (since this requires
+ * node:crypto which is not available in browser environments).
+ *
  * Usage:
- *   const transport = new DirectTransport('http://core-api:5728', process.env.api_secret);
+ *   import {createHmac} from 'node:crypto';
+ *   const sessionPayload = DirectTransport.createSessionPayload();
+ *   const sessionSignature = createHmac('sha256', apiSecret).update(sessionPayload).digest('hex');
+ *   const transport = new DirectTransport('http://core-api:5728', sessionPayload, sessionSignature);
  *   const client = Client.withTransport(transport);
- *   client.getFlowEndpoint().getById(id);
  *
  * With multiple backends:
- *   const transport = new DirectTransport('http://core-api:5728', secret, [
+ *   const transport = new DirectTransport('http://core-api:5728', sessionPayload, sessionSignature, [
  *     { prefix: '/products', baseUrl: 'http://products-api:5730' },
  *     { prefix: '/services', baseUrl: 'http://services-api:5731' },
  *   ]);
@@ -19,9 +23,11 @@ import { OAuthClient } from './OAuthClient.js';
 export class DirectTransport {
     clients = new Map();
     sortedRoutes;
-    constructor(defaultBaseUrl, apiSecret, routes = []) {
-        // TODO: do we need to define user, client and ip?
-        const sessionPayload = JSON.stringify({
+    /**
+     * Creates the default session payload for internal service-to-service calls.
+     */
+    static createSessionPayload() {
+        return JSON.stringify({
             api_version: 'latest',
             user: null,
             client: null,
@@ -30,7 +36,8 @@ export class DirectTransport {
             scopes: [],
             access_token: null,
         });
-        const sessionSignature = createHmac('sha256', apiSecret).update(sessionPayload).digest('hex');
+    }
+    constructor(defaultBaseUrl, sessionPayload, sessionSignature, routes = []) {
         // All routes plus the catch-all default, sorted by prefix length descending (most specific first)
         this.sortedRoutes = [...routes, { prefix: '', baseUrl: defaultBaseUrl }]
             .sort((a, b) => b.prefix.length - a.prefix.length);

package/dist/Service/Endpoint.js

@@ -114,6 +114,11 @@ export class Endpoint {
             }
             throw this.toApiError(error);
         }
+        // TODO: add errors
+        /**
+         * Parse errors
+         */
+        // TODO: temporary check until we know the API is fully upgraded
         if (requestResponse === null || requestResponse === undefined) {
             throw new ApiError('Unable to parse object: response is empty for action `[' + method + '] ' + action + '`', HttpStatus.HTTP_INTERNAL_SERVER_ERROR);
         }
@@ -165,6 +170,7 @@ export class Endpoint {
         return data;
     }
     parseObject(rawObject, parser) {
+        // TODO: is it interesting to keep this wrapper, or only in develop mode?
         const wrappedData = ObjectWrapper.wrap(rawObject);
         try {
             return parser(wrappedData);

package/dist/Service/HealthAlertEndpoint.d.ts

@@ -1,7 +1,7 @@
-import { Endpoint } from './Endpoint.js';
+import { EntityType } from '../Model/EntityType.js';
 import { HealthAlert } from '../Model/HealthAlert/HealthAlert.js';
 import { CollectionResult } from '../Model/Result/CollectionResult.js';
-import { EntityType } from '../Model/EntityType.js';
+import { Endpoint } from './Endpoint.js';
 export declare class HealthAlertEndpoint extends Endpoint {
-    getLatestByScope(scopeType: EntityType, scopeId: string, parentScopeId: string | null): Promise<CollectionResult<HealthAlert>>;
+    getCurrentAlertsByScope(scopeType: EntityType, scopeId: string, parentScopeId: string | null): Promise<CollectionResult<HealthAlert>>;
 }

package/dist/Service/HealthAlertEndpoint.js

@@ -1,10 +1,10 @@
-import { Endpoint } from './Endpoint.js';
-import { HealthAlert } from '../Model/HealthAlert/HealthAlert.js';
 import { QueryString } from '../Http/Data/QueryString.js';
+import { HealthAlert } from '../Model/HealthAlert/HealthAlert.js';
+import { Endpoint } from './Endpoint.js';
 export class HealthAlertEndpoint extends Endpoint {
-    async getLatestByScope(scopeType, scopeId, parentScopeId) {
+    async getCurrentAlertsByScope(scopeType, scopeId, parentScopeId) {
         try {
-            const q = new QueryString('/health/' + scopeType + '/' + scopeId + '');
+            const q = new QueryString('/health/' + scopeType + '/' + scopeId);
             if (parentScopeId !== null) {
                 q.set('parentScopeId', parentScopeId);
             }

package/dist/version.d.ts

@@ -1 +1 @@
-export declare const VERSION = "1.48.1";
+export declare const VERSION = "1.48.3";

package/dist/version.js

@@ -1 +1 @@
-export const VERSION = "1.48.1";
+export const VERSION = "1.48.3";

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "attlaz-client",
-  "version": "1.48.1",
+  "version": "1.48.3",
   "description": "Javascript Client to access Attlaz API",
   "types": "./dist/index.d.ts",
   "main": "./dist/index.js",
@@ -54,18 +54,18 @@
   },
   "devDependencies": {
     "@types/jest": "^30.0.0",
-    "@types/node": "^24.10.15",
+    "@types/node": "^24.12.0",
     "@typescript-eslint/eslint-plugin": "^8.1.0",
     "@typescript-eslint/parser": "^8.1.0",
     "dotenv": "^17.3.1",
-    "eslint": "^9.39.3",
+    "eslint": "^9.39.4",
     "eslint-config-attlaz-base": "^1.5.2",
     "eslint-import-resolver-typescript": "^4.4.4",
     "eslint-plugin-import": "^2.32.0",
     "eslint-plugin-jsdoc": "^51.4.1",
     "eslint-plugin-prefer-arrow": "^1.2.3",
     "eslint-plugin-promise": "^7.2.1",
-    "jest": "^30.2.0",
+    "jest": "^30.3.0",
     "rimraf": "^6.1.3",
     "rollup-plugin-commonjs": "^10.1.0",
     "rollup-plugin-node-resolve": "^5.2.0",