gdc-sdk-front-ts 0.2.1 → 0.3.0

package/README.md

@@ -1,118 +1,316 @@
 # gdc-sdk-front-ts
 
-Target frontend runtime package for the converged GDC SDK family.
+Frontend runtime package for consuming the shared GDC SDK contracts in web or
+mobile apps.
 
-Key docs:
+Use this package when your frontend needs to:
 
-- [CHANGELOG.md](CHANGELOG.md)
-- [SECURITY.md](SECURITY.md)
-- [SDK_INTEGRATION_101.md](SDK_INTEGRATION_101.md)
-- [../gdc-common-utils-ts/docs/CONSENT_ACCESS_101.md](../gdc-common-utils-ts/docs/CONSENT_ACCESS_101.md)
+- build UI flows on top of GDC shared contracts
+- manage session/profile state
+- prepare consent-aware requests
+- consume the shared invitation, OTP, and relationship-PIN flows
+- work with communication drafts and local outbox patterns
 
-Current status:
+This package is frontend-facing. It should explain app flows, not gateway route
+details.
 
-- package created
-- build/test baseline created
-- migration target from `gdc-sdk-client-ts` declared
-- frontend runtime contract skeleton declared
-- shared core identity/discovery/bootstrap contracts are now available for frontend wiring
+## Start Here
 
-Why `front` and not `expo`:
+If you are integrating this package for the first time, open these in order:
 
-- the SDK architecture is frontend-agnostic
-- Expo is one runtime, not the product boundary
-- the same package family should later support web portal and Expo/mobile adapters
+1. [docs/SDK_INTEGRATION_101.md](./docs/SDK_INTEGRATION_101.md)
+   Real frontend/native setup, imports, `new ClientSDK(...)`,
+   `initializeCommunicationIdentity(...)`, provider discovery, and
+   `initializeSession(...)`.
+2. [gdc-sdk-core-ts/docs/SDK_FLOWS_101.md](https://github.com/Global-DataCare/gdc-sdk-core-ts/blob/main/docs/SDK_FLOWS_101.md)
+   Shared business-flow map by actor family.
+3. [gdc-common-utils-ts/src/examples/frontend-session.ts](https://github.com/Global-DataCare/gdc-common-utils-ts/blob/main/src/examples/frontend-session.ts)
+   Shared profile/session payload source of truth.
+4. [gdc-common-utils-ts/docs/LIFECYCLE_101.md](https://github.com/Global-DataCare/gdc-common-utils-ts/blob/main/docs/LIFECYCLE_101.md)
+   Canonical lifecycle semantics and reusable placeholders for UI and portal flows.
 
-Not migrated yet:
+If you need the shortest path:
 
-- `ClientSDK`
-- `ProfileManager`
-- `roleRegistry`
-- `capabilityMapper`
-- app-facing session bootstrap
-- Expo/web adapter implementations
-- provider/operator/ICA discovery facade wiring
-- explicit device/actor/provider identity store wiring
-- controller bootstrap helper for `_activate` with `vp_token + controller.*`
+- app identity required by GW CORE:
+  `appId` mandatory, `appVersion` optional with default `v1.0`
+- frontend technical identity:
+  [`initializeCommunicationIdentity(...)`](./docs/SDK_INTEGRATION_101.md)
+- main runtime class:
+  [`ClientSDK`](src/ClientSDK.ts)
+- profile/session bootstrap:
+  [`initializeSession(...)`](./docs/SDK_INTEGRATION_101.md)
 
-Role in the transition:
+## Executable Usage Examples
 
-- `gdc-sdk-core-ts` will own shared actor/capability contracts
-- `gdc-sdk-front-ts` will own frontend-facing runtime adapters and session/profile orchestration
-- `gdc-sdk-client-ts` is now the legacy source repo for migration, not the final name
+Open these tests when you want to see exact frontend calls and exact inputs:
 
-Reusable payload source of truth:
+- [tests/client-sdk.test.mjs](tests/client-sdk.test.mjs)
+  `ClientSDK` bootstrap, provider metadata, and session-facing behavior.
+- [tests/actor-session.test.mjs](tests/actor-session.test.mjs)
+  Actor-session descriptors and facade expansion.
+- [tests/individual-service.test.mjs](tests/individual-service.test.mjs)
+  Individual-facing service composition.
+- [tests/profile-registry.test.mjs](tests/profile-registry.test.mjs)
+  Profile registry and persistence behavior.
+- [tests/session-descriptor.test.mjs](tests/session-descriptor.test.mjs)
+  Session descriptor shaping for UI/runtime code.
+
+## Actor Split And UI Scope
+
+The frontend package must also start from actor families, because screens and
+permissions differ:
+
+- organization controller
+- organization employee / professional member
+- individual controller
+- individual member / self
+- related person
+- professional with consented access
+
+Frontend concerns include:
+
+- actor/session bootstrap
+- invitation and acceptance UX
+- permission management UX
+- notification / permission-request UX
+- communication draft and submission UX
+- clinical read/write UX constrained by evaluated permissions
+
+## Flow Families
+
+- organization onboarding and employee invitation screens
+- individual onboarding and order/offer confirmation screens
+- permission creation, edit, deactivation, and grouped views
+- invitation acceptance and relationship activation
+- permission-request notification review
+- document/resource import into the subject index
+- subject-scoped communication and search flows
+
+## Main Flows
+
+### 1. Controller invites another actor to connect with a subject
+
+Typical frontend sequence:
+
+1. collect invitee data
+2. build invitation payload using shared helpers
+3. send it through your frontend/backend integration
+4. show invitation state to the user
+
+The frontend should only care about the shared contract:
+
+- actor kind
+- delivery channel
+- delivery target
+- subject id
+- purpose
+
+It should not care about gateway path families.
+
+### 2. Invitee accepts the invitation
+
+Typical frontend sequence:
+
+1. enter invitation or activation details
+2. start OTP challenge
+3. confirm OTP
+4. set relationship PIN if required
+5. activate the relationship locally in UI/session state
+
+Shared builders for this flow come from `gdc-sdk-core-ts`.
+
+### 3. Consent-aware communication UI
+
+Use this package when the frontend needs to:
+
+- evaluate whether access is already covered
+- show missing permissions
+- prepare a permission-request `Communication`
+- build local communication drafts before sending
+
+## What This Package Owns
+
+- frontend runtime config
+- session/profile-facing helpers
+- app-facing composition over shared SDK contracts
+
+## What This Package Does Not Own
+
+- canonical shared invitation/consent contract definitions
+- Node GW runtime execution
+- UNID-specific reminder/task runtime
+
+Those belong to:
+
+- `gdc-sdk-core-ts`
+- `gdc-sdk-node-ts`
+- product/runtime extension layers
+
+## Minimal Examples
+
+### Build invitation and OTP payloads in frontend code
+
+```ts
+import {
+  createRelationshipChannelInvitationInput,
+  createRelationshipChannelOtpStartInput,
+  RelationshipAccessActorKinds,
+  RelationshipEnrollmentChannels,
+  RelationshipOtpDeliveryChannels,
+  RelationshipSubjectKinds,
+  type RelationshipChannelInvitationInput,
+  type RelationshipChannelOtpStartInput,
+} from 'gdc-sdk-core-ts';
+import {
+  buildIndividualDidWeb,
+  HealthcareConsentPurposes,
+} from 'gdc-common-utils-ts';
+
+const tenantId = 'acme-id';
+const jurisdiction = 'ES';
+const sector = 'health-care';
+const providerOrganizationDid = activeSubjectProfile.organizationDid;
+const subjectLocalId = activeSubjectProfile.subjectId;
+const subjectId = buildIndividualDidWeb({
+  organizationDidWeb: providerOrganizationDid,
+  subjectId: subjectLocalId,
+});
+const actorIdentifier = relatedPersonForm.email;
+const deliveryTarget = actorIdentifier;
+
+const invitationInput: RelationshipChannelInvitationInput = {
+  tenantId,
+  jurisdiction,
+  sector,
+  subjectId,
+  subjectKind: RelationshipSubjectKinds.Person,
+  actorKind: RelationshipAccessActorKinds.RelatedPerson,
+  actorIdentifier,
+  relationshipLabel: 'daughter',
+  deliveryChannel: RelationshipEnrollmentChannels.Email,
+  deliveryTarget,
+  purpose: HealthcareConsentPurposes.CareManagement,
+  phonePinOptional: true,
+};
+
+const invitation = createRelationshipChannelInvitationInput(invitationInput);
+
+const invitationId = 'rel-invite-001';
+
+const otpStartInput: RelationshipChannelOtpStartInput = {
+  invitationId,
+  deliveryChannel: RelationshipOtpDeliveryChannels.Email,
+  locale: 'es-ES',
+};
+
+const otpStart = createRelationshipChannelOtpStartInput(otpStartInput);
+```
+
+### Build permission-request communication
+
+```ts
+import {
+  buildPermissionRequestCommunication,
+  getMissingPermissions,
+} from 'gdc-sdk-core-ts';
+import {
+  EXAMPLE_EMAIL_PROFESSIONAL,
+  EXAMPLE_INDIVIDUAL_DID_WEB,
+} from 'gdc-common-utils-ts/examples/consent-access';
+import { HealthcareActorRoles } from 'gdc-common-utils-ts/constants/healthcare';
+
+const individualDidWeb = EXAMPLE_INDIVIDUAL_DID_WEB;
+const emailProfessional = EXAMPLE_EMAIL_PROFESSIONAL;
+const missing = getMissingPermissions(evaluation);
+
+const communication = buildPermissionRequestCommunication({
+  subject: individualDidWeb,
+  requester: { actorKind: 'professional', email: emailProfessional },
+  requesterRole: HealthcareActorRoles.Physician,
+  missing,
+});
+```
+
+## Shared Contract Sources
+
+- [gdc-sdk-core-ts/README.md](https://github.com/Global-DataCare/gdc-sdk-core-ts/blob/main/README.md)
+- [gdc-common-utils-ts/docs/CONSENT_ACCESS_101.md](https://github.com/Global-DataCare/gdc-common-utils-ts/blob/main/docs/CONSENT_ACCESS_101.md)
+
+Reusable payload examples:
 
 - `gdc-common-utils-ts/examples/frontend-session`
-  - session/profile bootstrap examples
 - `gdc-common-utils-ts/examples/professional`
-  - lightweight communication/search request examples reused by frontend services
-  - reusable professional role/permission scenarios by section and expected FHIR types
-  - reusable consent-vs-smart matrices for actor targeting by email, organization, or jurisdiction
+- `gdc-common-utils-ts/examples/lifecycle`
 - `gdc-common-utils-ts/examples/api-flow-examples`
-  - preferred compatibility aggregator when one import surface is needed without using the overloaded term `contract`
 
-CORE vs extension note:
+## API Index
 
-- CORE shared examples model provider and actor identities with DID/email-first semantics
-- phone-only subject/controller fields are compatibility or product-extension concerns, not required CORE GW inputs
-- individual/family bootstrap uses `org.schema.Organization.owner.*` claims for the owner/controller of the subject index
-- legal organization activation uses `Person` representative semantics plus VC `memberOf` / `hasOccupation`
+## Full Public Surface
 
-## API Index
+This package exports the full `gdc-sdk-core-ts` surface plus the frontend
+runtime modules below.
+
+- [`src/runtime-contracts.ts`](src/runtime-contracts.ts)
+  - types/constants: `LegacyFrontSourcePackage`, `FrontRuntimeKind`, `FrontFetchLike`, `FrontRuntimeConfig`, `FrontPackageStatus`, `GDC_SDK_FRONT_STATUS`
+- [`src/actor-session.ts`](src/actor-session.ts)
+  - re-exports actor-session descriptor helpers for frontend consumption
+- [`src/session-descriptor.ts`](src/session-descriptor.ts)
+  - types: `FrontActorFlags`, `FrontSessionDescriptorInput`
+  - functions: `describeFrontActorSession(...)`, `describeFrontActorFacades(...)`
+- [`src/types.ts`](src/types.ts)
+  - types: `SdkConfig`, `FrontDateRange`, `FrontBundleSearchQuery`, `FrontCommunicationInput`
+  - re-exported shared types: `AppInfo`, `InitializeSessionParams`, `Profile`, `ProfileRegistryEntry`, `VaultQueryCondition`, `VaultQuery`, `IVaultRepository`, `IApiConfig`, `INetwork`, `IVerifier`
+- [`src/services.ts`](src/services.ts)
+  - classes: `CommonAuthService`, `OrgAdminService`, `FamilyAdminService`, `IndividualService`, `PhysicianService`, `ParamedicService`
+- [`src/roleRegistry.ts`](src/roleRegistry.ts)
+  - interfaces: `OrgAdminServices`, `FamilyAdminServices`, `IndividualServices`, `ProfessionalServices`, `CommonServices`
+- [`src/capabilityMapper.ts`](src/capabilityMapper.ts)
+  - function: `mapCapabilitiesToServices(...)`
+- [`src/VerifierService.ts`](src/VerifierService.ts)
+  - class: `VerifierService`
+- [`src/ProfileManager.ts`](src/ProfileManager.ts)
+  - class: `ProfileManager`
+  - compatibility export: `ActorSession`
+- [`src/ProfileRegistry.ts`](src/ProfileRegistry.ts)
+  - class: `ProfileRegistry`
+- [`src/ClientSDK.ts`](src/ClientSDK.ts)
+  - class: `ClientSDK`
+  - re-exported session/profile types from shared contracts
 
-The canonical API contract should live in JSDoc on exported code. The README is the linked index.
-
-### Core draft/document helpers re-exported from `gdc-sdk-core-ts`
-
-- [`createCommunicationDraft(...)`](../gdc-sdk-core-ts/src/communication-draft.ts)
-  - Starts an in-memory communication draft.
-- [`addFhirResourceToDraft(...)`](../gdc-sdk-core-ts/src/communication-draft.ts)
-  - Appends a concrete FHIR resource or document.
-- [`addClaimsResourceToDraft(...)`](../gdc-sdk-core-ts/src/communication-draft.ts)
-  - Appends a claims-only pseudo-resource.
-- [`createOutboxJobFromDraft(...)`](../gdc-sdk-core-ts/src/communication-draft.ts)
-  - Freezes the draft into a transport-oriented outbox job.
-- [`updateOutboxJobStatus(...)`](../gdc-sdk-core-ts/src/communication-draft.ts)
-  - Updates the outbox job status in memory.
-- [`IOutboxRepository`](../gdc-sdk-core-ts/src/communication-outbox.ts)
-- [`OutboxRepositoryMemory`](../gdc-sdk-core-ts/src/communication-outbox.ts)
-- [`createCommunicationFacade()`](../gdc-sdk-core-ts/src/communication-document-facade.ts)
-  - Resolves documents from FHIR `Communication`.
-- [`createHeartRateObservation(...)`](../gdc-sdk-core-ts/src/vital-signs.ts)
-- [`createBodyTemperatureObservation(...)`](../gdc-sdk-core-ts/src/vital-signs.ts)
-- [`createBloodPressureObservation(...)`](../gdc-sdk-core-ts/src/vital-signs.ts)
-
-### Consent access helpers re-exported from `gdc-sdk-core-ts`
-
-- [`groupConsentsForControllerView(...)`](../gdc-sdk-core-ts/src/consent-access.ts)
-- [`evaluateRequestedAccess(...)`](../gdc-sdk-core-ts/src/consent-access.ts)
-- [`getMissingPermissions(...)`](../gdc-sdk-core-ts/src/consent-access.ts)
-- [`buildPermissionRequestCommunication(...)`](../gdc-sdk-core-ts/src/consent-access.ts)
-- [`buildPermissionRequestCommunicationLookupQuery(...)`](../gdc-sdk-core-ts/src/consent-access.ts)
-
-Use these helpers when the frontend needs to:
-
-- show the controller which active permissions exist by target
-- detect whether a SMART request is fully covered
-- prepare the canonical permission-request `Communication`
-- recover that request by identifier, thread id, or linked CID
-
-Consent precedence in the shared model is documented as:
-
-1. explicit deny for a concrete email
-2. explicit permit for a concrete email
-3. organization decision
-4. jurisdiction decision
-5. default deny
-
-### Runtime configuration
+The runtime-facing meaning of these exports is:
+
+- `ClientSDK`, `ProfileManager`, `ProfileRegistry`, `VerifierService`
+  - app/session orchestration
+- `services.ts`
+  - app-facing domain services
+- `session-descriptor.ts` and `actor-session.ts`
+  - actor-role expansion for frontend use
+- `capabilityMapper.ts` and `roleRegistry.ts`
+  - capability-to-service wiring
+
+### Re-exported shared helpers from `gdc-sdk-core-ts`
+
+- consent access helpers
+- relationship invitation/acceptance builders
+- communication draft helpers
+- document facade helpers
+- vital-sign helpers
+
+### Frontend runtime configuration
 
 - [`FrontRuntimeConfig`](src/runtime-contracts.ts)
-  - Includes `persistencePolicy?` and `outboxRepositoryFactory?` so frontend runtimes can disable local persistence on shared devices or use secure local storage on confidential devices.
 
-### Documentation rule
+### Frontend runtime services
+
+- [`ClientSDK`](src/ClientSDK.ts)
+- [`ProfileManager`](src/ProfileManager.ts)
+- [`ProfileRegistry`](src/ProfileRegistry.ts)
+- [`VerifierService`](src/VerifierService.ts)
+- [`describeFrontActorSession(...)`](src/actor-session.ts)
+- [`describeFrontActorFacades(...)`](src/actor-session.ts)
+
+## Documentation Rule
 
-- JSDoc on exported code is canonical.
-- README entries should link to source and summarize the main parameters.
-- If a payload shape is shown in docs or validated by tests, keep its reusable source in the relevant module under `gdc-common-utils-ts/examples`.
+- README should explain app flows first.
+- Shared contract definitions should stay in `gdc-sdk-core-ts`.
+- Frontend consumers should not need UNID runtime knowledge to understand this package.

package/dist/ClientSDK.d.ts

@@ -1,6 +1,7 @@
 import { ProfileManager } from './ProfileManager.js';
 import { ProfileRegistry } from './ProfileRegistry.js';
 import type { AppInfo, InitializeSessionParams, IVerifier, IVaultRepository, ProfileRegistryEntry, SdkConfig } from './types.js';
+import { type ResolvedAppInfo } from 'gdc-sdk-core-ts';
 /**
  * Frontend-facing SDK entry point for profile/session bootstrapping, lightweight
  * provider discovery, and role-scoped session creation.
@@ -19,16 +20,44 @@ export declare class ClientSDK {
     private readonly _verifier;
     private readonly _icaDid?;
     private readonly mockDidDocuments;
+    private readonly resolvedAppInfo;
     currentSession: ProfileManager | null;
     profileRegistry: ProfileRegistry | null;
     /**
      * @param sdkConfig Frontend runtime adapters such as fetch/network/api.
-     * @param appInfo Information about the host app.
+     * @param appInfo Information about the host app. `appId` is mandatory and
+     * may be a reverse-DNS string or a URL/domain. `appVersion` is optional and
+     * defaults to `v1.0`.
+     *
+     * @example
+     * ```ts
+     * const sdk = new ClientSDK(
+     *   { network, api, fetcher: fetch },
+     *   {
+     *     appId: 'https://globaldatacare.es/portal',
+     *     appType: 'Family',
+     *     sector: 'health-care',
+     *   },
+     *   wallet,
+     *   verifier,
+     * );
+     *
+     * console.log(sdk.getAppHeaders());
+     * // { AppId: 'es.globaldatacare', AppVersion: 'v1.0' }
+     * ```
      * @param _wallet Reserved wallet/provider dependency.
      * @param _verifier DID/VC verifier dependency.
      * @param _icaDid Optional bootstrap ICA DID used by the host app.
      */
     constructor(sdkConfig: SdkConfig, appInfo: AppInfo, _wallet: unknown, _verifier: IVerifier, _icaDid?: string | undefined);
+    /**
+     * Returns the canonical GW CORE app identity resolved by the SDK.
+     */
+    getResolvedAppInfo(): ResolvedAppInfo;
+    /**
+     * Returns the standard GW CORE headers added by the SDK to outbound requests.
+     */
+    getAppHeaders(): Record<'AppId' | 'AppVersion', string>;
     /**
      * Registers a mock DID document for local/demo discovery flows.
      */

package/dist/ClientSDK.js

@@ -1,6 +1,7 @@
 // Copyright 2026 Antifraud Services Inc. under the Apache License, Version 2.0.
 import { ProfileManager } from './ProfileManager.js';
 import { ProfileRegistry } from './ProfileRegistry.js';
+import { buildAppHeaders, resolveAppInfo, } from 'gdc-sdk-core-ts';
 /**
  * Frontend-facing SDK entry point for profile/session bootstrapping, lightweight
  * provider discovery, and role-scoped session creation.
@@ -15,7 +16,26 @@ import { ProfileRegistry } from './ProfileRegistry.js';
 export class ClientSDK {
     /**
      * @param sdkConfig Frontend runtime adapters such as fetch/network/api.
-     * @param appInfo Information about the host app.
+     * @param appInfo Information about the host app. `appId` is mandatory and
+     * may be a reverse-DNS string or a URL/domain. `appVersion` is optional and
+     * defaults to `v1.0`.
+     *
+     * @example
+     * ```ts
+     * const sdk = new ClientSDK(
+     *   { network, api, fetcher: fetch },
+     *   {
+     *     appId: 'https://globaldatacare.es/portal',
+     *     appType: 'Family',
+     *     sector: 'health-care',
+     *   },
+     *   wallet,
+     *   verifier,
+     * );
+     *
+     * console.log(sdk.getAppHeaders());
+     * // { AppId: 'es.globaldatacare', AppVersion: 'v1.0' }
+     * ```
      * @param _wallet Reserved wallet/provider dependency.
      * @param _verifier DID/VC verifier dependency.
      * @param _icaDid Optional bootstrap ICA DID used by the host app.
@@ -29,6 +49,19 @@ export class ClientSDK {
         this.mockDidDocuments = new Map();
         this.currentSession = null;
         this.profileRegistry = null;
+        this.resolvedAppInfo = resolveAppInfo(appInfo);
+    }
+    /**
+     * Returns the canonical GW CORE app identity resolved by the SDK.
+     */
+    getResolvedAppInfo() {
+        return { ...this.resolvedAppInfo };
+    }
+    /**
+     * Returns the standard GW CORE headers added by the SDK to outbound requests.
+     */
+    getAppHeaders() {
+        return buildAppHeaders(this.resolvedAppInfo);
     }
     /**
      * Registers a mock DID document for local/demo discovery flows.
@@ -41,7 +74,9 @@ export class ClientSDK {
      */
     async fetchWellKnownApiConfig(source) {
         const baseUrl = await this.resolveBaseUrl(source);
-        const response = await this.sdkConfig.fetcher(new URL('.well-known/api-config.json', baseUrl).href);
+        const response = await this.sdkConfig.fetcher(new URL('.well-known/api-config.json', baseUrl).href, {
+            headers: this.getAppHeaders(),
+        });
         if (!response.ok) {
             throw new Error(`Failed to load API config (${response.status}).`);
         }
@@ -52,7 +87,9 @@ export class ClientSDK {
      */
     async fetchSupportedFields(source) {
         const baseUrl = await this.resolveBaseUrl(source);
-        const response = await this.sdkConfig.fetcher(new URL('.well-known/supported-fields.json', baseUrl).href);
+        const response = await this.sdkConfig.fetcher(new URL('.well-known/supported-fields.json', baseUrl).href, {
+            headers: this.getAppHeaders(),
+        });
         if (!response.ok)
             return [];
         const body = await response.json();

package/dist/actor-session.d.ts

@@ -1,2 +1,2 @@
-export type { ActorFacadeDescriptor, ActorKind, ActorSessionDescriptor, Capability, } from '../../gdc-sdk-core-ts/dist/index.js';
-export { expandActorSessionDescriptorToFacades, filterCapabilitiesForActor, } from '../../gdc-sdk-core-ts/dist/index.js';
+export type { ActorFacadeDescriptor, ActorKind, ActorSessionDescriptor, Capability, } from 'gdc-sdk-core-ts';
+export { expandActorSessionDescriptorToFacades, filterCapabilitiesForActor, } from 'gdc-sdk-core-ts';

package/dist/actor-session.js

@@ -1,2 +1,2 @@
 // Copyright 2026 Antifraud Services Inc. under the Apache License, Version 2.0.
-export { expandActorSessionDescriptorToFacades, filterCapabilitiesForActor, } from '../../gdc-sdk-core-ts/dist/index.js';
+export { expandActorSessionDescriptorToFacades, filterCapabilitiesForActor, } from 'gdc-sdk-core-ts';

package/dist/index.d.ts

@@ -1,4 +1,4 @@
-export * from '../../gdc-sdk-core-ts/dist/index.js';
+export * from 'gdc-sdk-core-ts';
 export * from './runtime-contracts.js';
 export * from './actor-session.js';
 export * from './session-descriptor.js';

package/dist/index.js

@@ -1,5 +1,5 @@
 // Copyright 2026 Antifraud Services Inc. under the Apache License, Version 2.0.
-export * from '../../gdc-sdk-core-ts/dist/index.js';
+export * from 'gdc-sdk-core-ts';
 export * from './runtime-contracts.js';
 export * from './actor-session.js';
 export * from './session-descriptor.js';

package/dist/lifecycle-examples.d.ts

@@ -0,0 +1,6 @@
+/**
+ * Re-export canonical lifecycle examples for frontend consumers.
+ *
+ * Frontend code should render or adapt these examples, not fork them.
+ */
+export * from 'gdc-common-utils-ts/examples/lifecycle';

package/dist/lifecycle-examples.js

@@ -0,0 +1,7 @@
+// Copyright 2026 Antifraud Services Inc. under the Apache License, Version 2.0.
+/**
+ * Re-export canonical lifecycle examples for frontend consumers.
+ *
+ * Frontend code should render or adapt these examples, not fork them.
+ */
+export * from 'gdc-common-utils-ts/examples/lifecycle';

package/dist/runtime-contracts.d.ts

@@ -1,4 +1,4 @@
-import type { DataPersistencePolicy } from '../../gdc-sdk-core-ts/dist/index.js';
+import type { DataPersistencePolicy } from 'gdc-sdk-core-ts';
 export type LegacyFrontSourcePackage = never;
 export type FrontRuntimeKind = 'expo' | 'web' | 'react-native';
 export type FrontFetchLike = typeof fetch;

package/dist/session-descriptor.d.ts

@@ -1,4 +1,4 @@
-import type { ActorFlags, ActorFacadeDescriptor, ActorSessionDescriptor } from '../../gdc-sdk-core-ts/dist/index.js';
+import type { ActorFlags, ActorFacadeDescriptor, ActorSessionDescriptor } from 'gdc-sdk-core-ts';
 export type FrontActorFlags = ActorFlags;
 export type FrontSessionDescriptorInput = {
     appType: 'Organization' | 'Family';

package/dist/session-descriptor.js

@@ -1,5 +1,5 @@
 // Copyright 2026 Antifraud Services Inc. under the Apache License, Version 2.0.
-import { buildActorSessionDescriptorFromActorFlags, expandActorSessionDescriptorToFacades, } from '../../gdc-sdk-core-ts/dist/index.js';
+import { buildActorSessionDescriptorFromActorFlags, expandActorSessionDescriptorToFacades, } from 'gdc-sdk-core-ts';
 export function describeFrontActorSession(input) {
     return buildActorSessionDescriptorFromActorFlags(input);
 }

package/dist/types.d.ts

@@ -1,5 +1,5 @@
-import type { IApiConfig, INetwork, BundleSearchQuery, CommunicationInput, DateRange } from '../../gdc-sdk-core-ts/dist/index.js';
-export type { AppInfo, InitializeSessionParams, Profile, ProfileRegistryEntry, VaultQueryCondition, VaultQuery, IVaultRepository, IApiConfig, INetwork, IVerifier } from '../../gdc-sdk-core-ts/dist/index.js';
+import type { IApiConfig, INetwork, BundleSearchQuery, CommunicationInput, DateRange } from 'gdc-sdk-core-ts';
+export type { AppInfo, ResolvedAppInfo, InitializeSessionParams, Profile, ProfileRegistryEntry, VaultQueryCondition, VaultQuery, IVaultRepository, IApiConfig, INetwork, IVerifier } from 'gdc-sdk-core-ts';
 export type SdkConfig = {
     crypto?: unknown;
     network: INetwork;

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "gdc-sdk-front-ts",
-  "version": "0.2.1",
+  "version": "0.3.0",
   "description": "Next-generation frontend runtime package for the GDC SDK family",
   "license": "Apache-2.0",
   "author": "Antifraud Services Inc.",
@@ -17,7 +17,8 @@
   },
   "dependencies": {
     "@babel/runtime": "^7.28.4",
-    "gdc-common-utils-ts": "^1.5.1"
+    "gdc-common-utils-ts": "^1.6.0",
+    "gdc-sdk-core-ts": "^0.3.0"
   },
   "devDependencies": {
     "@types/node": "^20.14.10",