includio-cms 0.15.2 → 0.15.3

package/dist/shop/adapters/inpost/payload.js

@@ -0,0 +1,85 @@
+const SIZE_TO_TEMPLATE = {
+    A: 'small',
+    B: 'medium',
+    C: 'large',
+    small: 'small',
+    medium: 'medium',
+    large: 'large'
+};
+export function mapParcelSize(size) {
+    if (!size)
+        return 'small';
+    return SIZE_TO_TEMPLATE[size] ?? 'small';
+}
+export function splitFullName(full) {
+    if (!full)
+        return {};
+    const trimmed = full.trim();
+    if (!trimmed)
+        return {};
+    const parts = trimmed.split(/\s+/);
+    if (parts.length === 1)
+        return { firstName: parts[0] };
+    return { firstName: parts[0], lastName: parts.slice(1).join(' ') };
+}
+/**
+ * Build a ShipX `POST /shipments` body for a given order. Locker services attach
+ * `custom_attributes.target_point` (paczkomat code from `carrierRef`); courier
+ * services use the receiver address from the order's shipping_address instead.
+ */
+export function buildShipmentPayload(opts) {
+    const { input, sender, additionalServices } = opts;
+    const isLocker = input.serviceType.startsWith('inpost_locker_');
+    const isCourier = input.serviceType.startsWith('inpost_courier_');
+    const names = splitFullName(input.order.customerName);
+    const receiver = {
+        first_name: names.firstName ?? input.order.customerEmail,
+        last_name: names.lastName ?? '—',
+        email: input.order.customerEmail,
+        phone: input.order.customerPhone ?? undefined
+    };
+    if (isCourier) {
+        const addr = input.shippingAddress ?? {};
+        receiver.address = {
+            street: addr.street ?? addr.line1 ?? '',
+            building_number: addr.buildingNumber ?? addr.building_number ?? '',
+            city: addr.city ?? '',
+            post_code: addr.postCode ?? addr.post_code ?? addr.zip ?? '',
+            country_code: addr.countryCode ?? addr.country_code ?? 'PL'
+        };
+    }
+    const payload = {
+        receiver,
+        parcels: [{ template: mapParcelSize(input.parcelSize) }],
+        service: input.serviceType,
+        reference: input.order.number
+    };
+    if (isLocker && input.carrierRef) {
+        payload.custom_attributes = { target_point: input.carrierRef };
+    }
+    if (sender) {
+        payload.sender = {
+            name: sender.name,
+            company_name: sender.company,
+            email: sender.email,
+            phone: sender.phone,
+            address: {
+                street: sender.street,
+                building_number: sender.buildingNumber,
+                city: sender.city,
+                post_code: sender.postCode,
+                country_code: sender.countryCode ?? 'PL'
+            }
+        };
+    }
+    if (input.insuranceAmount && input.insuranceAmount > 0) {
+        payload.insurance = { amount: input.insuranceAmount, currency: 'PLN' };
+    }
+    if (input.cod && input.cod > 0) {
+        payload.cod = { amount: input.cod, currency: 'PLN' };
+    }
+    if (additionalServices && additionalServices.length > 0) {
+        payload.additional_services = additionalServices;
+    }
+    return payload;
+}

package/dist/shop/adapters/inpost/points-api.d.ts

@@ -0,0 +1,17 @@
+/**
+ * InPost Points API — public, no auth required. Used to validate that a parcel
+ * locker code (e.g. "KRA01M") refers to a real, currently operating point.
+ *
+ * https://api-shipx-pl.easypack24.net/v1/points/{name}
+ */
+export type InpostEnvironment = 'production' | 'sandbox';
+export interface PointsApiOptions {
+    environment?: InpostEnvironment;
+    fetch?: typeof fetch;
+    cacheTtlMs?: number;
+}
+export interface PointsValidator {
+    validate(code: string): Promise<boolean>;
+    clearCache(): void;
+}
+export declare function createPointsValidator(opts?: PointsApiOptions): PointsValidator;

package/dist/shop/adapters/inpost/points-api.js

@@ -0,0 +1,55 @@
+/**
+ * InPost Points API — public, no auth required. Used to validate that a parcel
+ * locker code (e.g. "KRA01M") refers to a real, currently operating point.
+ *
+ * https://api-shipx-pl.easypack24.net/v1/points/{name}
+ */
+const POINTS_BASE_URL = {
+    production: 'https://api-shipx-pl.easypack24.net',
+    sandbox: 'https://sandbox-api-shipx-pl.easypack24.net'
+};
+export function createPointsValidator(opts = {}) {
+    const env = opts.environment ?? 'production';
+    const fetchFn = opts.fetch ?? globalThis.fetch.bind(globalThis);
+    const cacheTtl = opts.cacheTtlMs ?? 5 * 60 * 1000;
+    const cache = new Map();
+    async function validate(code) {
+        const trimmed = code.trim();
+        if (!trimmed)
+            return false;
+        const now = Date.now();
+        const cached = cache.get(trimmed);
+        if (cached && cached.expiresAt > now)
+            return cached.value;
+        const url = `${POINTS_BASE_URL[env]}/v1/points/${encodeURIComponent(trimmed)}`;
+        let ok = false;
+        try {
+            const res = await fetchFn(url, {
+                method: 'GET',
+                headers: { Accept: 'application/json' }
+            });
+            if (res.status === 404) {
+                ok = false;
+            }
+            else if (res.ok) {
+                const data = (await res.json());
+                ok = data.status === 'Operating';
+            }
+            else {
+                // Transient/server error — fail open to avoid blocking checkout.
+                // Skip caching so a retry can succeed.
+                return true;
+            }
+        }
+        catch {
+            // Network failure — fail open. Don't cache.
+            return true;
+        }
+        cache.set(trimmed, { value: ok, expiresAt: now + cacheTtl });
+        return ok;
+    }
+    function clearCache() {
+        cache.clear();
+    }
+    return { validate, clearCache };
+}

package/dist/shop/adapters/inpost/shipx-client.d.ts

@@ -0,0 +1,56 @@
+import type { InpostEnvironment } from './points-api.js';
+export interface ShipxClientOptions {
+    token: string;
+    organizationId: string;
+    environment?: InpostEnvironment;
+    fetch?: typeof fetch;
+}
+export interface ShipxOffer {
+    id: number | string;
+    carrier_id?: string;
+    service_id?: string;
+    status?: string;
+    rate?: number;
+    [key: string]: unknown;
+}
+export interface ShipxShipment {
+    id: number | string;
+    status: string;
+    tracking_number?: string | null;
+    created_at?: string;
+    selected_offer?: ShipxOffer | null;
+    offers?: ShipxOffer[];
+    [key: string]: unknown;
+}
+export declare class ShipxApiError extends Error {
+    readonly status: number;
+    readonly body?: unknown | undefined;
+    constructor(message: string, status: number, body?: unknown | undefined);
+}
+export declare class ShipxClient {
+    private readonly base;
+    private readonly orgPath;
+    private readonly headers;
+    private readonly fetchFn;
+    constructor(opts: ShipxClientOptions);
+    createShipment(payload: Record<string, unknown>): Promise<ShipxShipment>;
+    getShipment(id: string | number): Promise<ShipxShipment>;
+    cancelShipment(id: string | number): Promise<void>;
+    /**
+     * Confirm/buy a specific offer for the shipment. Required when the account
+     * is not configured for fully-automatic offer payment (typical on sandbox).
+     * After this, status moves from `offer_selected` → `confirmed`.
+     *
+     * `offerId` is taken from `shipment.selected_offer.id` (or `offers[0].id`).
+     */
+    buyShipment(id: string | number, offerId: string | number): Promise<ShipxShipment>;
+    getLabel(id: string | number, opts?: {
+        format?: 'Pdf' | 'ZebraLP';
+        type?: 'A4' | 'A6';
+    }): Promise<{
+        contentType: string;
+        body: Uint8Array;
+    }>;
+    private request;
+    private requestRaw;
+}

package/dist/shop/adapters/inpost/shipx-client.js

@@ -0,0 +1,95 @@
+const SHIPX_BASE_URL = {
+    production: 'https://api-shipx-pl.easypack24.net',
+    sandbox: 'https://sandbox-api-shipx-pl.easypack24.net'
+};
+export class ShipxApiError extends Error {
+    status;
+    body;
+    constructor(message, status, body) {
+        super(message);
+        this.status = status;
+        this.body = body;
+        this.name = 'ShipxApiError';
+    }
+}
+export class ShipxClient {
+    base;
+    orgPath;
+    headers;
+    fetchFn;
+    constructor(opts) {
+        if (!opts.token)
+            throw new Error('ShipxClient: token required.');
+        if (!opts.organizationId)
+            throw new Error('ShipxClient: organizationId required.');
+        const env = opts.environment ?? 'production';
+        this.base = SHIPX_BASE_URL[env];
+        this.orgPath = `/v1/organizations/${encodeURIComponent(opts.organizationId)}`;
+        this.headers = {
+            Authorization: `Bearer ${opts.token}`,
+            'Content-Type': 'application/json',
+            Accept: 'application/json'
+        };
+        this.fetchFn = opts.fetch ?? globalThis.fetch.bind(globalThis);
+    }
+    async createShipment(payload) {
+        return this.request('POST', `${this.orgPath}/shipments`, payload);
+    }
+    async getShipment(id) {
+        return this.request('GET', `/v1/shipments/${encodeURIComponent(String(id))}`);
+    }
+    async cancelShipment(id) {
+        await this.requestRaw('DELETE', `/v1/shipments/${encodeURIComponent(String(id))}`);
+    }
+    /**
+     * Confirm/buy a specific offer for the shipment. Required when the account
+     * is not configured for fully-automatic offer payment (typical on sandbox).
+     * After this, status moves from `offer_selected` → `confirmed`.
+     *
+     * `offerId` is taken from `shipment.selected_offer.id` (or `offers[0].id`).
+     */
+    async buyShipment(id, offerId) {
+        return this.request('POST', `/v1/shipments/${encodeURIComponent(String(id))}/buy`, { offer_id: typeof offerId === 'string' ? Number(offerId) : offerId });
+    }
+    async getLabel(id, opts = {}) {
+        const format = opts.format ?? 'Pdf';
+        const type = opts.type ?? 'A6';
+        const url = `${this.base}/v1/shipments/${encodeURIComponent(String(id))}/label?format=${format}&type=${type}`;
+        const res = await this.fetchFn(url, {
+            method: 'GET',
+            headers: { Authorization: this.headers.Authorization, Accept: 'application/pdf' }
+        });
+        if (!res.ok) {
+            const text = await res.text().catch(() => '');
+            throw new ShipxApiError(`ShipX label fetch failed (${res.status}): ${text || res.statusText}`, res.status, text);
+        }
+        const buf = new Uint8Array(await res.arrayBuffer());
+        return { contentType: res.headers.get('content-type') ?? 'application/pdf', body: buf };
+    }
+    async request(method, path, body) {
+        const res = await this.requestRaw(method, path, body);
+        if (res.status === 204)
+            return undefined;
+        const text = await res.text();
+        if (!text)
+            return undefined;
+        try {
+            return JSON.parse(text);
+        }
+        catch {
+            throw new ShipxApiError(`ShipX returned non-JSON response (${res.status})`, res.status, text);
+        }
+    }
+    async requestRaw(method, path, body) {
+        const res = await this.fetchFn(`${this.base}${path}`, {
+            method,
+            headers: this.headers,
+            body: body ? JSON.stringify(body) : undefined
+        });
+        if (!res.ok) {
+            const errBody = await res.text().catch(() => '');
+            throw new ShipxApiError(`ShipX ${method} ${path} failed (${res.status}): ${errBody || res.statusText}`, res.status, errBody);
+        }
+        return res;
+    }
+}

package/dist/shop/adapters/inpost/status-map.d.ts

@@ -0,0 +1,9 @@
+import type { CarrierEvent } from '../../types.js';
+/**
+ * Map a ShipX shipment status (from webhook payload or polling) to our domain
+ * OrderStatus. Returns `unknown` for transient/intermediate states the order
+ * lifecycle doesn't track — caller can ignore those.
+ *
+ * Reference: https://dokumentacja-inpost.atlassian.net/wiki/spaces/PL/pages/28639231
+ */
+export declare function mapShipxStatus(status: string): CarrierEvent['status'];

package/dist/shop/adapters/inpost/status-map.js

@@ -0,0 +1,46 @@
+/**
+ * Map a ShipX shipment status (from webhook payload or polling) to our domain
+ * OrderStatus. Returns `unknown` for transient/intermediate states the order
+ * lifecycle doesn't track — caller can ignore those.
+ *
+ * Reference: https://dokumentacja-inpost.atlassian.net/wiki/spaces/PL/pages/28639231
+ */
+export function mapShipxStatus(status) {
+    switch (status) {
+        case 'created':
+        case 'offers_prepared':
+        case 'offer_selected':
+        case 'confirmed':
+        case 'dispatched_by_sender_to_pok':
+        case 'dispatched_by_sender':
+        case 'collected_from_sender':
+        case 'taken_by_courier_from_pok':
+            return 'preparing';
+        case 'taken_by_courier':
+        case 'adopted_at_source_branch':
+        case 'sent_from_source_branch':
+        case 'adopted_at_sorting_center':
+        case 'sent_from_sorting_center':
+        case 'adopted_at_target_branch':
+        case 'out_for_delivery':
+        case 'ready_to_pickup':
+        case 'pickup_reminder_sent':
+        case 'pickup_time_expired':
+        case 'oversized':
+        case 'redirect_to_box':
+            return 'sent';
+        case 'delivered':
+            return 'done';
+        case 'canceled':
+        case 'cancelled':
+        case 'returned_to_sender':
+        case 'rejected':
+        case 'avizo':
+        case 'undelivered':
+        case 'unstored':
+        case 'claimed':
+            return 'cancelled';
+        default:
+            return 'unknown';
+    }
+}

package/dist/shop/adapters/inpost/webhook.d.ts

@@ -0,0 +1,16 @@
+import type { CarrierEvent } from '../../types.js';
+export declare class WebhookSecretMismatchError extends Error {
+    constructor();
+}
+export interface ParseWebhookOptions {
+    /** Expected secret. When provided, the URL must carry `?secret=...` matching it. */
+    secret?: string;
+    /** Override query parameter name (default `secret`). */
+    secretParam?: string;
+}
+/**
+ * Parse a ShipX webhook request into a `CarrierEvent`. When `secret` is set the
+ * URL is checked first — mismatch throws `WebhookSecretMismatchError` so the
+ * caller can return 401 without parsing the body.
+ */
+export declare function parseShipxWebhook(req: Request, opts?: ParseWebhookOptions): Promise<CarrierEvent>;

package/dist/shop/adapters/inpost/webhook.js

@@ -0,0 +1,55 @@
+import { mapShipxStatus } from './status-map.js';
+/** Constant-time string compare, returns false on length mismatch. */
+function safeEqual(a, b) {
+    if (a.length !== b.length)
+        return false;
+    let mismatch = 0;
+    for (let i = 0; i < a.length; i++) {
+        mismatch |= a.charCodeAt(i) ^ b.charCodeAt(i);
+    }
+    return mismatch === 0;
+}
+export class WebhookSecretMismatchError extends Error {
+    constructor() {
+        super('Webhook secret mismatch.');
+        this.name = 'WebhookSecretMismatchError';
+    }
+}
+/**
+ * Parse a ShipX webhook request into a `CarrierEvent`. When `secret` is set the
+ * URL is checked first — mismatch throws `WebhookSecretMismatchError` so the
+ * caller can return 401 without parsing the body.
+ */
+export async function parseShipxWebhook(req, opts = {}) {
+    if (opts.secret) {
+        const url = new URL(req.url);
+        const provided = url.searchParams.get(opts.secretParam ?? 'secret') ?? '';
+        if (!safeEqual(provided, opts.secret)) {
+            throw new WebhookSecretMismatchError();
+        }
+    }
+    const text = await req.text();
+    let body;
+    try {
+        body = JSON.parse(text);
+    }
+    catch {
+        throw new Error('Webhook body is not valid JSON.');
+    }
+    const payload = body.payload ?? {
+        shipment_id: body.shipment_id,
+        status: body.status,
+        tracking_number: body.tracking_number ?? null
+    };
+    const shipmentId = payload.shipment_id;
+    const status = payload.status ?? '';
+    if (shipmentId === undefined || shipmentId === null) {
+        throw new Error('Webhook payload missing shipment_id.');
+    }
+    return {
+        shipmentId: String(shipmentId),
+        trackingNumber: payload.tracking_number ?? undefined,
+        status: mapShipxStatus(status),
+        raw: body
+    };
+}

package/dist/shop/client/index.d.ts

@@ -12,6 +12,9 @@ export interface ShippingMethodPublic {
     price: number;
     vatRate: number;
     carrierType: string;
+    carrierConfig: {
+        serviceType: string | null;
+    } | null;
     conditions: {
         freeAbove?: number;
     } | null;
@@ -61,6 +64,8 @@ export interface OrderDetailResponse {
         paymentMethod: string | null;
         carrierType: string | null;
         carrierRef: string | null;
+        trackingNumber: string | null;
+        trackingUrl: string | null;
         language: string | null;
         createdAt: string;
     };

package/dist/shop/http/carrier-handler.d.ts

@@ -0,0 +1,12 @@
+import { type RequestHandler } from '@sveltejs/kit';
+/**
+ * Public endpoint that returns front-end facing carrier widget descriptor for
+ * a given carrier id (e.g. `inpost`). The descriptor never contains private
+ * credentials — only what the browser needs to render the picker (e.g. public
+ * geowidget token + script URL).
+ *
+ * Mounted at `/api/shop/carriers/[id]`.
+ */
+export declare function createCarrierConfigHandler(): {
+    GET: RequestHandler;
+};

package/dist/shop/http/carrier-handler.js

@@ -0,0 +1,45 @@
+import { json } from '@sveltejs/kit';
+import { getCMS } from '../../core/cms.js';
+function shopEnabled() {
+    try {
+        return getCMS().shopConfig !== null;
+    }
+    catch {
+        return false;
+    }
+}
+/**
+ * Public endpoint that returns front-end facing carrier widget descriptor for
+ * a given carrier id (e.g. `inpost`). The descriptor never contains private
+ * credentials — only what the browser needs to render the picker (e.g. public
+ * geowidget token + script URL).
+ *
+ * Mounted at `/api/shop/carriers/[id]`.
+ */
+export function createCarrierConfigHandler() {
+    return {
+        GET: async ({ params }) => {
+            if (!shopEnabled())
+                return json({ error: 'Shop not enabled' }, { status: 404 });
+            const id = params.id;
+            if (!id)
+                return json({ error: 'Carrier id required' }, { status: 400 });
+            const shop = getCMS().shopConfig;
+            const carrier = shop?.carriers.find((c) => c.id === id);
+            if (!carrier)
+                return json({ error: 'Carrier not found' }, { status: 404 });
+            if (!carrier.widget) {
+                return json({ id: carrier.id, label: carrier.label ?? null, widget: null });
+            }
+            return json({
+                id: carrier.id,
+                label: carrier.label ?? null,
+                widget: {
+                    scriptUrl: carrier.widget.scriptUrl ?? null,
+                    stylesheetUrl: carrier.widget.stylesheetUrl ?? null,
+                    config: carrier.widget.config
+                }
+            });
+        }
+    };
+}

package/dist/shop/http/carrier-webhook-handler.d.ts

@@ -0,0 +1,13 @@
+import { type RequestHandler } from '@sveltejs/kit';
+/**
+ * Public webhook receiver for carrier events (e.g. ShipX `shipment_status_changed`).
+ * Carrier id (`inpost`, ...) is taken from the route param, looked up in
+ * `shop.carriers`, and the adapter's `handleWebhook` parses + verifies the
+ * request. Successful events are applied to the matching order (tracking +
+ * status). Unknown shipments still return 200 to avoid retry storms.
+ *
+ * Mounted at `POST /api/shop/carriers/[id]/webhook`.
+ */
+export declare function createCarrierWebhookHandler(): {
+    POST: RequestHandler;
+};

package/dist/shop/http/carrier-webhook-handler.js

@@ -0,0 +1,66 @@
+import { json } from '@sveltejs/kit';
+import { getCMS } from '../../core/cms.js';
+import { checkRateLimit, clientKey } from '../rate-limit.js';
+import { applyCarrierEvent } from '../server/shipments.js';
+function shopEnabled() {
+    try {
+        return getCMS().shopConfig !== null;
+    }
+    catch {
+        return false;
+    }
+}
+/**
+ * Public webhook receiver for carrier events (e.g. ShipX `shipment_status_changed`).
+ * Carrier id (`inpost`, ...) is taken from the route param, looked up in
+ * `shop.carriers`, and the adapter's `handleWebhook` parses + verifies the
+ * request. Successful events are applied to the matching order (tracking +
+ * status). Unknown shipments still return 200 to avoid retry storms.
+ *
+ * Mounted at `POST /api/shop/carriers/[id]/webhook`.
+ */
+export function createCarrierWebhookHandler() {
+    return {
+        POST: async ({ request, params }) => {
+            if (!shopEnabled())
+                return json({ error: 'Shop not enabled' }, { status: 404 });
+            const id = params.id;
+            if (!id)
+                return json({ error: 'Carrier id required' }, { status: 400 });
+            const shop = getCMS().shopConfig;
+            const adapter = shop?.carriers.find((c) => c.id === id);
+            if (!adapter)
+                return json({ error: 'Carrier not found' }, { status: 404 });
+            if (!adapter.handleWebhook) {
+                return json({ error: 'Carrier does not support webhooks' }, { status: 400 });
+            }
+            const rule = shop?.rateLimit.webhook ?? { limit: 60, windowSec: 60 };
+            const rl = checkRateLimit(clientKey(request, `webhook:${id}`), rule);
+            if (!rl.allowed) {
+                return json({ error: 'Rate limit exceeded' }, { status: 429 });
+            }
+            let event;
+            try {
+                event = await adapter.handleWebhook(request);
+            }
+            catch (err) {
+                const name = err instanceof Error ? err.name : '';
+                if (name === 'WebhookSecretMismatchError') {
+                    return json({ error: 'Unauthorized' }, { status: 401 });
+                }
+                const message = err instanceof Error ? err.message : 'Webhook parse error';
+                console.error(`[shop/carrier:${id}] webhook parse failed:`, err);
+                return json({ error: message }, { status: 400 });
+            }
+            try {
+                const result = await applyCarrierEvent(event);
+                return json({ ok: true, ...result });
+            }
+            catch (err) {
+                console.error(`[shop/carrier:${id}] applyCarrierEvent failed:`, err);
+                const message = err instanceof Error ? err.message : 'Apply event failed';
+                return json({ error: message }, { status: 500 });
+            }
+        }
+    };
+}

package/dist/shop/http/checkout-handler.js

@@ -3,6 +3,7 @@ import { getCMS } from '../../core/cms.js';
 import { readCartCookie, writeCartCookie } from '../cart/cookie.js';
 import { writeOrderTokenCookie } from '../cart/order-token-cookie.js';
 import { createOrderFromCart, setPaymentProviderRef } from '../server/orders.js';
+import { getShippingMethod } from '../server/shipping.js';
 import { checkRateLimit, clientKey } from '../rate-limit.js';
 import { requireShopConfig } from '../server/db.js';
 function shopEnabled() {
@@ -67,6 +68,27 @@ export function createCheckoutHandler() {
             if (cartItems.length === 0) {
                 return json({ error: 'Cart is empty' }, { status: 400 });
             }
+            const carrierRef = asString(body.carrierRef, 200);
+            // Carrier-side validation (e.g. paczkomat code → InPost Points API)
+            try {
+                const shippingMethod = await getShippingMethod(shippingMethodId);
+                if (shippingMethod && shippingMethod.carrierType !== 'none') {
+                    const shop = requireShopConfig();
+                    const carrier = shop.carriers.find((c) => c.id === shippingMethod.carrierType);
+                    if (carrier?.validateSelection) {
+                        const ok = await carrier.validateSelection(carrierRef ?? '', {
+                            serviceType: shippingMethod.carrierConfig?.serviceType
+                        });
+                        if (!ok) {
+                            return json({ error: 'Invalid carrier selection (e.g. paczkomat unavailable).' }, { status: 400 });
+                        }
+                    }
+                }
+            }
+            catch (err) {
+                console.error('[shop] carrier validateSelection failed:', err);
+                return json({ error: 'Carrier validation failed.' }, { status: 400 });
+            }
             try {
                 const result = await createOrderFromCart({
                     cartItems,
@@ -75,7 +97,7 @@ export function createCheckoutHandler() {
                     customerPhone: asString(body.customerPhone, 40),
                     shippingAddress: asStringRecord(body.shippingAddress),
                     shippingMethodId,
-                    carrierRef: asString(body.carrierRef, 200),
+                    carrierRef,
                     paymentMethod,
                     consents: asConsents(body.consents),
                     notes: asString(body.notes, 2000),

package/dist/shop/http/index.d.ts

@@ -5,3 +5,6 @@ export { createOrderHandler } from './order-handler.js';
 export { createPaymentWebhookHandler } from './webhook-handler.js';
 export { createRefreshPaymentHandler } from './refresh-payment-handler.js';
 export { createRetryPaymentHandler } from './retry-payment-handler.js';
+export { createCarrierConfigHandler } from './carrier-handler.js';
+export { createCarrierWebhookHandler } from './carrier-webhook-handler.js';
+export { createShipmentLabelHandler } from './shipment-label-handler.js';

package/dist/shop/http/index.js

@@ -5,3 +5,6 @@ export { createOrderHandler } from './order-handler.js';
 export { createPaymentWebhookHandler } from './webhook-handler.js';
 export { createRefreshPaymentHandler } from './refresh-payment-handler.js';
 export { createRetryPaymentHandler } from './retry-payment-handler.js';
+export { createCarrierConfigHandler } from './carrier-handler.js';
+export { createCarrierWebhookHandler } from './carrier-webhook-handler.js';
+export { createShipmentLabelHandler } from './shipment-label-handler.js';