npm - includio-cms - Versions diffs - 0.15.0 → 0.15.2 - Mend

includio-cms 0.15.0 → 0.15.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (83) hide show

package/CHANGELOG.md +61 -0
package/DOCS.md +231 -1
package/ROADMAP.md +7 -2
package/dist/admin/client/shop/shipping-method-edit-page.svelte +1 -0
package/dist/admin/client/shop/shipping-method-form.svelte +89 -21
package/dist/admin/client/shop/shipping-method-form.svelte.d.ts +8 -1
package/dist/admin/client/shop/shipping-method-new-page.svelte +1 -0
package/dist/admin/client/shop/shipping-methods-list-page.svelte +7 -4
package/dist/admin/client/shop/shop-products-list-page.svelte +2 -2
package/dist/admin/components/fields/shop-field.svelte +63 -22
package/dist/admin/remote/shop.remote.d.ts +16 -56
package/dist/admin/remote/shop.remote.js +6 -4
package/dist/cli/scaffold/admin.js +32 -0
package/dist/db-postgres/schema/shop/order.d.ts +34 -0
package/dist/db-postgres/schema/shop/order.js +2 -0
package/dist/db-postgres/schema/shop/product.d.ts +4 -4
package/dist/db-postgres/schema/shop/product.js +3 -2
package/dist/db-postgres/schema/shop/productVariant.d.ts +4 -4
package/dist/db-postgres/schema/shop/productVariant.js +3 -2
package/dist/db-postgres/schema/shop/shippingMethod.d.ts +23 -4
package/dist/db-postgres/schema/shop/shippingMethod.js +4 -2
package/dist/shop/adapters/payu/client.d.ts +22 -0
package/dist/shop/adapters/payu/client.js +78 -0
package/dist/shop/adapters/payu/index.d.ts +24 -0
package/dist/shop/adapters/payu/index.js +88 -0
package/dist/shop/adapters/payu/payload.d.ts +48 -0
package/dist/shop/adapters/payu/payload.js +48 -0
package/dist/shop/adapters/payu/signature.d.ts +12 -0
package/dist/shop/adapters/payu/signature.js +50 -0
package/dist/shop/adapters/payu/status-map.d.ts +3 -0
package/dist/shop/adapters/payu/status-map.js +14 -0
package/dist/shop/cart/order-token-cookie.d.ts +9 -0
package/dist/shop/cart/order-token-cookie.js +40 -0
package/dist/shop/client/index.d.ts +64 -1
package/dist/shop/client/index.js +9 -0
package/dist/shop/client/use-order.svelte.d.ts +32 -0
package/dist/shop/client/use-order.svelte.js +105 -0
package/dist/shop/http/checkout-handler.js +47 -4
package/dist/shop/http/index.d.ts +4 -0
package/dist/shop/http/index.js +4 -0
package/dist/shop/http/order-handler.d.ts +4 -0
package/dist/shop/http/order-handler.js +85 -0
package/dist/shop/http/refresh-payment-handler.d.ts +4 -0
package/dist/shop/http/refresh-payment-handler.js +73 -0
package/dist/shop/http/retry-payment-handler.d.ts +4 -0
package/dist/shop/http/retry-payment-handler.js +99 -0
package/dist/shop/http/retry-payment-logic.d.ts +2 -0
package/dist/shop/http/retry-payment-logic.js +4 -0
package/dist/shop/http/shipping-handler.js +2 -1
package/dist/shop/http/webhook-handler.d.ts +4 -0
package/dist/shop/http/webhook-handler.js +73 -0
package/dist/shop/http/webhook-logic.d.ts +4 -0
package/dist/shop/http/webhook-logic.js +21 -0
package/dist/shop/index.d.ts +3 -1
package/dist/shop/index.js +3 -1
package/dist/shop/pricing.d.ts +4 -0
package/dist/shop/pricing.js +18 -0
package/dist/shop/server/cart-hydrate.js +6 -3
package/dist/shop/server/email.js +18 -2
package/dist/shop/server/order-access-url.d.ts +7 -0
package/dist/shop/server/order-access-url.js +6 -0
package/dist/shop/server/orders.d.ts +1 -0
package/dist/shop/server/orders.js +12 -0
package/dist/shop/server/payment-compat.d.ts +5 -0
package/dist/shop/server/payment-compat.js +9 -0
package/dist/shop/server/populate.d.ts +2 -0
package/dist/shop/server/shipping.d.ts +12 -4
package/dist/shop/server/shipping.js +24 -14
package/dist/shop/server/shop-data.d.ts +8 -2
package/dist/shop/server/shop-data.js +18 -10
package/dist/shop/svelte/OrderStatus.svelte +368 -0
package/dist/shop/svelte/OrderStatus.svelte.d.ts +14 -0
package/dist/shop/svelte/index.d.ts +3 -0
package/dist/shop/svelte/index.js +2 -0
package/dist/shop/svelte/labels.d.ts +25 -0
package/dist/shop/svelte/labels.js +41 -0
package/dist/shop/types.d.ts +19 -1
package/dist/updates/0.15.1/index.d.ts +2 -0
package/dist/updates/0.15.1/index.js +27 -0
package/dist/updates/0.15.2/index.d.ts +2 -0
package/dist/updates/0.15.2/index.js +18 -0
package/dist/updates/index.js +3 -1
package/package.json +5 -1

package/dist/shop/svelte/OrderStatus.svelte ADDED Viewed

@@ -0,0 +1,368 @@
+<script lang="ts">
+	import { onMount, onDestroy } from 'svelte';
+	import {
+		createOrderState,
+		type OrderDetailResponse,
+		type OrderState
+	} from '../client/index.js';
+	import { DEFAULT_LABELS_PL, type OrderStatusLabels } from './labels.js';
+	interface Props {
+		number: string;
+		token?: string;
+		initialData?: OrderDetailResponse | null;
+		labels?: Partial<OrderStatusLabels>;
+		autoPoll?: boolean;
+		onPaid?: (data: OrderDetailResponse) => void;
+		class?: string;
+	}
+	const {
+		number,
+		token,
+		initialData = null,
+		labels: labelOverrides,
+		autoPoll = true,
+		onPaid,
+		class: className = ''
+	}: Props = $props();
+	const labels: OrderStatusLabels = $derived({
+		...DEFAULT_LABELS_PL,
+		...labelOverrides,
+		title: { ...DEFAULT_LABELS_PL.title, ...labelOverrides?.title },
+		intro: { ...DEFAULT_LABELS_PL.intro, ...labelOverrides?.intro },
+		totals: { ...DEFAULT_LABELS_PL.totals, ...labelOverrides?.totals },
+		actions: { ...DEFAULT_LABELS_PL.actions, ...labelOverrides?.actions },
+		errors: { ...DEFAULT_LABELS_PL.errors, ...labelOverrides?.errors }
+	});
+	const order: OrderState = createOrderState({ number, token, initialData });
+	let lastSeenStatus: string | null = $state(initialData?.order.status ?? null);
+	$effect(() => {
+		const current = order.data?.order.status ?? null;
+		if (current && current !== lastSeenStatus) {
+			if (current === 'paid' && order.data && onPaid) onPaid(order.data);
+			lastSeenStatus = current;
+		}
+	});
+	onMount(async () => {
+		if (!order.data) await order.load();
+		if (autoPoll && (order.status === 'awaitingPayment' || order.status === 'new')) {
+			order.startPolling();
+		}
+	});
+	onDestroy(() => order.dispose());
+	async function handleRetry() {
+		const redirectUrl = await order.retry();
+		if (redirectUrl && typeof window !== 'undefined') {
+			window.location.href = redirectUrl;
+		}
+	}
+	async function handleRefresh() {
+		await order.refreshPayment();
+	}
+	function fmt(cents: number, currency: string): string {
+		return new Intl.NumberFormat('pl-PL', {
+			style: 'currency',
+			currency,
+			minimumFractionDigits: 2
+		}).format(cents / 100);
+	}
+	function fmtDate(iso: string): string {
+		const d = new Date(iso);
+		return d.toLocaleString('pl-PL');
+	}
+	function productName(snapshot: { product?: string; variant?: string } | null | undefined): string {
+		if (!snapshot) return '—';
+		const product = snapshot.product ?? '';
+		const variant = snapshot.variant;
+		return variant ? `${product} — ${variant}` : product || '—';
+	}
+	const canRetry = $derived(
+		order.data?.order.status === 'awaitingPayment' ||
+			order.data?.order.status === 'paymentRejected'
+	);
+	const isErrorState = $derived(
+		order.data?.order.status === 'paymentRejected' ||
+			order.data?.order.status === 'cancelled'
+	);
+	const isSuccessState = $derived(
+		order.data?.order.status === 'paid' ||
+			order.data?.order.status === 'preparing' ||
+			order.data?.order.status === 'sent' ||
+			order.data?.order.status === 'done'
+	);
+</script>
+<div class="aria-order-status {className}" part="root">
+	{#if order.loading && !order.data}
+		<div class="state-loading" part="loading" role="status" aria-live="polite">…</div>
+	{:else if order.error && !order.data}
+		<div class="state-error" part="error" role="alert">
+			{order.error.message.includes('Forbidden')
+				? labels.errors.forbidden
+				: labels.errors.loadFailed}
+		</div>
+	{:else if order.data}
+		{@const o = order.data.order}
+		<article
+			class="card"
+			class:is-success={isSuccessState}
+			class:is-error={isErrorState}
+			part="card"
+		>
+			<header class="header" part="header">
+				<span class="status-badge" part="status-badge">{o.status}</span>
+				<h1 class="title" part="title">{labels.title[o.status]}</h1>
+				<p class="intro" part="intro">{labels.intro[o.status]}</p>
+			</header>
+			<section class="summary" part="summary">
+				<div class="summary-row">
+					<span class="summary-label">{labels.orderNumber}</span>
+					<span class="summary-value">{o.number}</span>
+				</div>
+				<div class="summary-row">
+					<span class="summary-label">Email</span>
+					<span class="summary-value">{o.customerEmail}</span>
+				</div>
+				<div class="summary-row">
+					<span class="summary-label">{labels.totals.gross}</span>
+					<span class="summary-value">{fmt(o.totalGross, o.currency)}</span>
+				</div>
+			</section>
+			{#if order.data.items.length > 0}
+				<section class="items" part="items">
+					<h2 class="section-title">{labels.items}</h2>
+					<ul class="items-list">
+						{#each order.data.items as item (item.id)}
+							<li class="item-row" part="item">
+								<span class="item-name">{productName(item.nameSnapshot)}</span>
+								<span class="item-qty">×{item.qty}</span>
+								<span class="item-price">
+									{fmt(item.priceGrossSnapshot * item.qty, o.currency)}
+								</span>
+							</li>
+						{/each}
+					</ul>
+				</section>
+			{/if}
+			{#if canRetry || order.status === 'awaitingPayment'}
+				<section class="actions" part="actions">
+					{#if canRetry}
+						<button
+							type="button"
+							class="btn btn-primary"
+							part="btn-retry"
+							onclick={handleRetry}
+							disabled={order.phase === 'retrying'}
+						>
+							{order.phase === 'retrying' ? labels.actions.retrying : labels.actions.retry}
+						</button>
+					{/if}
+					{#if order.status === 'awaitingPayment'}
+						<button
+							type="button"
+							class="btn btn-secondary"
+							part="btn-refresh"
+							onclick={handleRefresh}
+							disabled={order.phase === 'refreshing'}
+						>
+							{order.phase === 'refreshing' ? labels.actions.refreshing : labels.actions.refresh}
+						</button>
+					{/if}
+				</section>
+			{/if}
+			{#if order.data.statusHistory.length > 0}
+				<section class="history" part="history">
+					<h2 class="section-title">{labels.statusHistory}</h2>
+					<ol class="history-list">
+						{#each order.data.statusHistory as h, i (i)}
+							<li class="history-row" part="history-item">
+								<span class="history-status">{h.status}</span>
+								<span class="history-date">{fmtDate(h.changedAt)}</span>
+								{#if h.note}<span class="history-note">{h.note}</span>{/if}
+							</li>
+						{/each}
+					</ol>
+				</section>
+			{/if}
+		</article>
+	{/if}
+</div>
+<style>
+	.aria-order-status {
+		--shop-bg: #fafafe;
+		--shop-fg: #1a1a2e;
+		--shop-muted: #555566;
+		--shop-accent: #5b4a9e;
+		--shop-success: #3a8a5c;
+		--shop-error: #c44b4b;
+		--shop-border: #e2dff0;
+		--shop-radius: 12px;
+		--shop-font-display: inherit;
+		--shop-font-body: inherit;
+		background: var(--shop-bg);
+		color: var(--shop-fg);
+		font-family: var(--shop-font-body);
+	}
+	.state-loading,
+	.state-error {
+		padding: 2rem;
+		text-align: center;
+		color: var(--shop-muted);
+	}
+	.card {
+		max-width: 640px;
+		margin: 0 auto;
+		padding: 2rem;
+		border: 1px solid var(--shop-border);
+		border-radius: var(--shop-radius);
+		background: var(--shop-bg);
+	}
+	.card.is-success {
+		border-color: var(--shop-success);
+	}
+	.card.is-error {
+		border-color: var(--shop-error);
+	}
+	.header {
+		margin-bottom: 1.5rem;
+	}
+	.status-badge {
+		display: inline-block;
+		font-size: 0.75rem;
+		letter-spacing: 0.05em;
+		text-transform: uppercase;
+		color: var(--shop-muted);
+	}
+	.title {
+		font-family: var(--shop-font-display);
+		font-size: 1.75rem;
+		font-weight: 800;
+		margin: 0.25rem 0 0.5rem;
+	}
+	.intro {
+		color: var(--shop-muted);
+		margin: 0;
+		line-height: 1.6;
+	}
+	.summary,
+	.items,
+	.actions,
+	.history {
+		margin-top: 1.5rem;
+		padding-top: 1.5rem;
+		border-top: 1px solid var(--shop-border);
+	}
+	.section-title {
+		font-size: 0.875rem;
+		font-weight: 600;
+		text-transform: uppercase;
+		letter-spacing: 0.05em;
+		color: var(--shop-muted);
+		margin: 0 0 0.75rem;
+	}
+	.summary-row,
+	.history-row {
+		display: flex;
+		justify-content: space-between;
+		gap: 1rem;
+		padding: 0.4rem 0;
+		font-size: 0.9rem;
+	}
+	.summary-label,
+	.history-date {
+		color: var(--shop-muted);
+	}
+	.items-list {
+		list-style: none;
+		padding: 0;
+		margin: 0;
+	}
+	.item-row {
+		display: grid;
+		grid-template-columns: 1fr auto auto;
+		gap: 0.75rem;
+		padding: 0.4rem 0;
+		font-size: 0.9rem;
+	}
+	.actions {
+		display: flex;
+		gap: 0.75rem;
+		flex-wrap: wrap;
+	}
+	.btn {
+		font-family: inherit;
+		font-size: 0.95rem;
+		font-weight: 600;
+		padding: 0.65rem 1.2rem;
+		border-radius: calc(var(--shop-radius) - 4px);
+		cursor: pointer;
+		border: 1px solid transparent;
+		transition: opacity 0.15s;
+	}
+	.btn:disabled {
+		opacity: 0.6;
+		cursor: wait;
+	}
+	.btn-primary {
+		background: var(--shop-accent);
+		color: #fff;
+	}
+	.btn-secondary {
+		background: transparent;
+		color: var(--shop-accent);
+		border-color: var(--shop-accent);
+	}
+	.history-list {
+		list-style: none;
+		padding: 0;
+		margin: 0;
+	}
+	.history-status {
+		font-weight: 600;
+	}
+	.history-note {
+		flex-basis: 100%;
+		color: var(--shop-muted);
+		font-size: 0.8rem;
+	}
+</style>

package/dist/shop/svelte/OrderStatus.svelte.d.ts ADDED Viewed

@@ -0,0 +1,14 @@
+import { type OrderDetailResponse } from '../client/index.js';
+import { type OrderStatusLabels } from './labels.js';
+interface Props {
+    number: string;
+    token?: string;
+    initialData?: OrderDetailResponse | null;
+    labels?: Partial<OrderStatusLabels>;
+    autoPoll?: boolean;
+    onPaid?: (data: OrderDetailResponse) => void;
+    class?: string;
+}
+declare const OrderStatus: import("svelte").Component<Props, {}, "">;
+type OrderStatus = ReturnType<typeof OrderStatus>;
+export default OrderStatus;

package/dist/shop/svelte/index.d.ts ADDED Viewed

@@ -0,0 +1,3 @@
+export { default as OrderStatus } from './OrderStatus.svelte';
+export { DEFAULT_LABELS_PL } from './labels.js';
+export type { OrderStatusLabels } from './labels.js';

package/dist/shop/svelte/index.js ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ export { default as OrderStatus } from './OrderStatus.svelte';
2	+ export { DEFAULT_LABELS_PL } from './labels.js';

package/dist/shop/svelte/labels.d.ts ADDED Viewed

@@ -0,0 +1,25 @@
+import type { OrderStatus } from '../types.js';
+export interface OrderStatusLabels {
+    title: Record<OrderStatus, string>;
+    intro: Record<OrderStatus, string>;
+    orderNumber: string;
+    items: string;
+    totals: {
+        net: string;
+        vat: string;
+        gross: string;
+        shipping: string;
+    };
+    actions: {
+        retry: string;
+        refresh: string;
+        refreshing: string;
+        retrying: string;
+    };
+    errors: {
+        loadFailed: string;
+        forbidden: string;
+    };
+    statusHistory: string;
+}
+export declare const DEFAULT_LABELS_PL: OrderStatusLabels;

package/dist/shop/svelte/labels.js ADDED Viewed

@@ -0,0 +1,41 @@
+export const DEFAULT_LABELS_PL = {
+    title: {
+        new: 'Zamówienie przyjęte',
+        awaitingPayment: 'Oczekujemy na płatność',
+        paid: 'Dziękujemy!',
+        preparing: 'Zamówienie w przygotowaniu',
+        sent: 'Zamówienie wysłane',
+        done: 'Zamówienie zrealizowane',
+        cancelled: 'Zamówienie anulowane',
+        paymentRejected: 'Płatność nieudana'
+    },
+    intro: {
+        new: 'Otrzymaliśmy Twoje zamówienie.',
+        awaitingPayment: 'Czekamy na potwierdzenie płatności. To zwykle trwa kilka sekund, ale czasem dłużej.',
+        paid: 'Płatność została zaksięgowana. Przekazujemy zamówienie do realizacji.',
+        preparing: 'Pakujemy Twoje zamówienie.',
+        sent: 'Zamówienie zostało wysłane.',
+        done: 'Zamówienie zostało zakończone. Dziękujemy za zakupy!',
+        cancelled: 'To zamówienie zostało anulowane.',
+        paymentRejected: 'Płatność nie doszła do skutku. Możesz spróbować ponownie.'
+    },
+    orderNumber: 'Numer zamówienia',
+    items: 'Pozycje',
+    totals: {
+        net: 'Netto',
+        vat: 'VAT',
+        gross: 'Razem',
+        shipping: 'Wysyłka'
+    },
+    actions: {
+        retry: 'Zapłać ponownie',
+        refresh: 'Sprawdź status',
+        refreshing: 'Sprawdzanie…',
+        retrying: 'Przekierowuję…'
+    },
+    errors: {
+        loadFailed: 'Nie udało się pobrać zamówienia.',
+        forbidden: 'Link wygasł lub jest nieprawidłowy.'
+    },
+    statusHistory: 'Historia statusów'
+};

package/dist/shop/types.d.ts CHANGED Viewed

@@ -22,11 +22,21 @@ export interface ConsentConfig {
     required: boolean;
     labelI18n: I18nText;
 }
+export interface PaymentCreateContext {
+    customerIp?: string;
+    language?: string | null;
+}
 export interface PaymentAdapter {
     id: string;
     label: I18nText;
-    createPayment(order: OrderRef): Promise<PaymentCreateResult>;
+    createPayment(order: OrderRef, ctx?: PaymentCreateContext): Promise<PaymentCreateResult>;
     handleWebhook?(req: Request): Promise<PaymentEvent>;
+    /**
+     * Poll the provider for the latest payment status. Used as a fallback
+     * when a webhook is lost. `providerRef` is the external id the adapter
+     * returned as `PaymentCreateResult.providerRef`.
+     */
+    getStatus?(providerRef: string): Promise<PaymentEvent>;
 }
 export interface CarrierAdapter {
     id: string;
@@ -63,10 +73,18 @@ export interface ShopConfig {
     rateLimit?: ShopRateLimit;
     consents?: ConsentConfig[];
     languages?: Language[];
+    /**
+     * URL template used to build a customer-facing order view link.
+     * Supported placeholders: {orderNumber}, {orderId}, {accessToken}, {language}.
+     * May be absolute (used in emails) or relative (used in redirects).
+     * Default when omitted: `/shop/order/{orderNumber}?token={accessToken}`.
+     */
+    orderViewUrl?: string;
 }
 export interface ResolvedShopConfig extends ShopConfig {
     features: Required<ShopFeatures>;
     rateLimit: Required<ShopRateLimit>;
     carriers: CarrierAdapter[];
     consents: ConsentConfig[];
+    orderViewUrl: string;
 }

package/dist/updates/0.15.1/index.d.ts ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ import type { CmsUpdate } from '../index.js';
2	+ export declare const update: CmsUpdate;

package/dist/updates/0.15.1/index.js ADDED Viewed

@@ -0,0 +1,27 @@
+export const update = {
+    version: '0.15.1',
+    date: '2026-04-15',
+    description: 'Shop: PayU payment adapter + secure order access (token-gated view API, email link).',
+    features: [
+        'Orders now carry an `accessToken` — public order-view API is gated by this token (no enumeration by order number).',
+        'New `createOrderHandler()` in `includio-cms/shop/http` — `GET /api/shop/orders/[number]?token=...` returns order + items + status history; accepts cookie fallback `aria_shop_order` written on checkout (30-min httpOnly).',
+        '`ShopConfig.orderViewUrl` template — placeholders `{orderNumber}`, `{orderId}`, `{accessToken}`, `{language}`. Default: `/shop/order/{orderNumber}?token={accessToken}`. When set to an absolute URL, status emails include a "View order" button.',
+        'New `createPaymentWebhookHandler()` — mount at `/api/shop/webhooks/[provider]/+server.ts`. Dispatches to the matching `PaymentAdapter.handleWebhook`, maps payment event to order status, and is idempotent (terminal orders ack 200 no-op — safe against provider retries). 400 on bad signature, 200 on unknown order.',
+        'Checkout now calls `PaymentAdapter.createPayment()` after the order is created. The response exposes `paymentStatus`, `requiresPaymentRedirect`, `redirectUrl`, and `accessToken` so the frontend can redirect to the gateway and deep-link back to the order view.',
+        'Orders store `paymentProviderRef` — the external id returned by the payment adapter (e.g. PayU orderId). Used to correlate webhooks and future refunds/status polls.',
+        'New `payuAdapter()` — OAuth token caching, create order (REST v2.1), MD5 `OpenPayU-Signature` verification on webhooks, full PayU status mapping (including REJECTED and WAITING_FOR_CONFIRMATION). Import from `includio-cms/shop`.',
+        '`PaymentAdapter.createPayment()` receives an optional `{ customerIp, language }` context, threaded from the SvelteKit request in the built-in checkout handler.',
+        'Shipping ↔ payment compatibility: `shop_shipping_methods.allowed_payment_methods` (jsonb string[] | null). Null/empty = any payment method allowed; otherwise checkout rejects the order when the chosen payment is not in the list (e.g. disable COD for paczkomat). The shipping-methods API exposes the list so the frontend can filter payment options per shipping choice.',
+        'Admin: shipping method form now exposes an "allowed payment methods" section with a restrict toggle + multi-select of configured payment adapters. `getShopConfig` remote returns the payment adapter list (id + i18n label).',
+        'New optional `PaymentAdapter.getStatus(providerRef)` for provider-side polling, plus `createRefreshPaymentHandler()` mounted at `/api/shop/orders/[number]/refresh-payment`. Token-gated (same as order view). Used as a safety net when a webhook is lost — PayU adapter implements it out of the box.',
+        'Retry payment — `createRetryPaymentHandler()` at `POST /api/shop/orders/[number]/retry-payment`. Reuses the same order, creates a fresh payment session via the adapter, stores the new `paymentProviderRef`. Status `paymentRejected` is rolled back to `awaitingPayment`. Terminal states return 409.',
+        'Shop SDK: new `orders` namespace on `createShopClient()` — `get(number, token)`, `refreshPayment(number, token)`, `retryPayment(number, token)`. All response types exported from `includio-cms/shop/client`.',
+        'Headless Svelte 5 helper `createOrderState({ number, token, initialData? })` — reactive state class with `data/loading/error/phase`, `load()`, `refreshPayment()`, `retry()`, `startPolling()/stopPolling()`. Supports SSR via `initialData`.',
+        'Generic `<OrderStatus />` Svelte component — drop-in order view with awaiting/success/rejected states, auto-polling, retry button, status timeline. Full theming via CSS custom properties and `::part()`. Import from `includio-cms/shop/svelte`.',
+        'Docs: new section covering the shop module, order view patterns (generic vs headless), and retry lifecycle.'
+    ],
+    fixes: [],
+    breakingChanges: [],
+    sql: "ALTER TABLE shop_orders ADD COLUMN access_token uuid NOT NULL DEFAULT gen_random_uuid();\nALTER TABLE shop_orders ADD COLUMN payment_provider_ref text;\nALTER TABLE shop_shipping_methods ADD COLUMN allowed_payment_methods jsonb;",
+    notes: 'Requires `gen_random_uuid()` (pgcrypto or Postgres 13+). Existing orders get a fresh random token on migration — pre-existing customer links keep working because order view links were not shipped before this version.'
+};

package/dist/updates/0.15.2/index.d.ts ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ import type { CmsUpdate } from '../index.js';
2	+ export declare const update: CmsUpdate;

package/dist/updates/0.15.2/index.js ADDED Viewed

@@ -0,0 +1,18 @@
+export const update = {
+    version: '0.15.2',
+    date: '2026-04-15',
+    description: 'Shop: cena przechowywana jako numeric(20,6) — eliminacja driftu brutto/netto po reload; toggle netto/brutto per wariant.',
+    features: [
+        'Warianty produktu mają teraz toggle netto/brutto obok pola "Zmiana ceny" — spójne z toggle\'em ceny bazowej. Delta zapisywana kanonicznie jako netto.'
+    ],
+    fixes: [
+        'Shop: po wpisaniu ceny brutto (np. 65,00 zł przy VAT 23%) i refreshu, cena nie "ucieka" o ±1 grosz. Wartości przechowywane są jako PLN z 6 miejscami po przecinku (wzorzec PrestaShop), zamiast jednostek groszy — brutto zawsze odtwarzane z netto bez utraty informacji.',
+        'Shipping: ta sama poprawka dla ceny metody wysyłki (stored jako netto PLN z 6dp).'
+    ],
+    breakingChanges: [
+        'Kolumny `shop_products.base_price`, `shop_product_variants.price_delta`, `shop_shipping_methods.price` zmieniły typ z `integer` (grosze) na `numeric(20,6)` (PLN). Snapshot zamówienia (`shop_orders.*`, `shop_order_items.price_*_snapshot`) pozostaje w groszach (`integer`) — KSeF-compatible.',
+        'Publiczne typy `ShopDataWithVariants.basePrice`, `VariantRow.priceDelta`, `ShippingMethodRow.price` — wartość dalej `number`, ale wyrażona w PLN (nie groszach). Dla konsumentów SDK/populate: mnożenie × 100 jeśli potrzebujesz groszy.'
+    ],
+    sql: 'ALTER TABLE shop_products ALTER COLUMN base_price TYPE numeric(20,6) USING (base_price::numeric / 100);\nALTER TABLE shop_product_variants ALTER COLUMN price_delta TYPE numeric(20,6) USING (price_delta::numeric / 100);\nALTER TABLE shop_shipping_methods ALTER COLUMN price TYPE numeric(20,6) USING (price::numeric / 100);',
+    notes: 'Migrację SQL trzeba uruchomić RAZ, PRZED `db:push` — dzieli istniejące wartości ÷100, bo stare dane były w groszach, a nowy typ przechowuje PLN. Po migracji `db:push` tylko zsynchronizuje schemat (bez zmiany danych).'
+};

package/dist/updates/index.js CHANGED Viewed

@@ -45,7 +45,9 @@ import { update as update0144 } from './0.14.4/index.js';
 import { update as update0145 } from './0.14.5/index.js';
 import { update as update0146 } from './0.14.6/index.js';
 import { update as update0150 } from './0.15.0/index.js';
-export const updates = [update0065, update0066, update0067, update0068, update0069, update010, update011, update012, update013, update014, update015, update020, update022, update050, update051, update052, update053, update054, update055, update056, update057, update058, update060, update061, update062, update070, update071, update072, update073, update080, update090, update0100, update0110, update0120, update0130, update0131, update0132, update0133, update0134, update0140, update0141, update0142, update0143, update0144, update0145, update0146, update0150];
+import { update as update0151 } from './0.15.1/index.js';
+import { update as update0152 } from './0.15.2/index.js';
+export const updates = [update0065, update0066, update0067, update0068, update0069, update010, update011, update012, update013, update014, update015, update020, update022, update050, update051, update052, update053, update054, update055, update056, update057, update058, update060, update061, update062, update070, update071, update072, update073, update080, update090, update0100, update0110, update0120, update0130, update0131, update0132, update0133, update0134, update0140, update0141, update0142, update0143, update0144, update0145, update0146, update0150, update0151, update0152];
 export const getUpdatesFrom = (fromVersion) => {
     const fromParts = fromVersion.split('.').map(Number);
     return updates.filter((update) => {

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
 	"name": "includio-cms",
-	"version": "0.15.0",
+	"version": "0.15.2",
 	"scripts": {
 		"dev": "vite dev",
 		"build": "vite build && npm run prepack",
@@ -151,6 +151,10 @@
 			"types": "./dist/shop/http/index.d.ts",
 			"node": "./dist/shop/http/index.js"
 		},
+		"./shop/svelte": {
+			"types": "./dist/shop/svelte/index.d.ts",
+			"svelte": "./dist/shop/svelte/index.js"
+		},
 		"./files-local": {
 			"types": "./dist/files-local/index.d.ts",
 			"node": "./dist/files-local/index.js"