npm - ksef-client-ts - Versions diffs - 0.5.2 → 0.6.0 - Mend

ksef-client-ts 0.5.2 → 0.6.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (10) hide show

package/dist/cli.js CHANGED Viewed

@@ -281,8 +281,8 @@ function isRetryableError(error, policy) {
   if (code && RETRYABLE_ERROR_CODES.has(code)) return true;
   return false;
 }
-function isRetryableStatus(status6, policy) {
-  return policy.retryableStatusCodes.includes(status6);
+function isRetryableStatus(status7, policy) {
+  return policy.retryableStatusCodes.includes(status7);
 }
 function sleep(ms) {
   return new Promise((resolve2) => setTimeout(resolve2, ms));
@@ -508,9 +508,9 @@ var init_rest_client = __esm({
         return response;
       }
       buildUrl(request) {
-        const path9 = this.routeBuilder.build(request.path);
+        const path10 = this.routeBuilder.build(request.path);
         const base = this.options.baseUrl;
-        const url2 = new URL(`${base}${path9}`);
+        const url2 = new URL(`${base}${path10}`);
         const query2 = request.getQuery();
         for (const [key, value] of query2) {
           url2.searchParams.append(key, value);
@@ -681,21 +681,21 @@ var init_rest_request = __esm({
       _query = [];
       _presigned = false;
       _skipAuthRetry = false;
-      constructor(method, path9) {
+      constructor(method, path10) {
         this.method = method;
-        this.path = path9;
+        this.path = path10;
       }
-      static get(path9) {
-        return new _RestRequest("GET", path9);
+      static get(path10) {
+        return new _RestRequest("GET", path10);
       }
-      static post(path9) {
-        return new _RestRequest("POST", path9);
+      static post(path10) {
+        return new _RestRequest("POST", path10);
       }
-      static put(path9) {
-        return new _RestRequest("PUT", path9);
+      static put(path10) {
+        return new _RestRequest("PUT", path10);
       }
-      static delete(path9) {
-        return new _RestRequest("DELETE", path9);
+      static delete(path10) {
+        return new _RestRequest("DELETE", path10);
       }
       body(data) {
         this._body = data;
@@ -1094,8 +1094,8 @@ var init_session_status = __esm({
           if (filter.dateModifiedFrom) req.query("dateModifiedFrom", filter.dateModifiedFrom);
           if (filter.dateModifiedTo) req.query("dateModifiedTo", filter.dateModifiedTo);
           if (filter.statuses) {
-            for (const status6 of filter.statuses) {
-              req.query("statuses", status6);
+            for (const status7 of filter.statuses) {
+              req.query("statuses", status7);
             }
           }
         }
@@ -1469,20 +1469,20 @@ var init_lighthouse = __esm({
         this.lighthouseUrl = options.lighthouseUrl;
         this.timeout = options.timeout;
       }
-      async fetchJson(path9) {
+      async fetchJson(path10) {
         if (!this.lighthouseUrl) {
           throw new KSeFError(
             "Lighthouse API is not available for the DEMO environment. Use TEST or PROD instead."
           );
         }
-        const response = await fetch(`${this.lighthouseUrl}${path9}`, {
+        const response = await fetch(`${this.lighthouseUrl}${path10}`, {
           headers: { Accept: "application/json" },
           signal: AbortSignal.timeout(this.timeout)
         });
         if (!response.ok) {
           const body = await response.text();
           throw new KSeFError(
-            `Lighthouse ${path9} failed: HTTP ${response.status} \u2014 ${body}`
+            `Lighthouse ${path10} failed: HTTP ${response.status} \u2014 ${body}`
           );
         }
         return await response.json();
@@ -2087,12 +2087,450 @@ var init_auth_xml_builder = __esm({
   }
 });
+// src/offline/deadline.ts
+function getDefaultReason(mode) {
+  switch (mode) {
+    case "offline24":
+      return "PLANNED";
+    case "offline":
+      return "SYSTEM_UNAVAILABLE";
+    case "awaryjny":
+      return "EMERGENCY";
+    case "awaria_calkowita":
+      return "TOTAL_FAILURE";
+  }
+}
+function nextBusinessDay(from) {
+  const d = new Date(from);
+  d.setUTCDate(d.getUTCDate() + 1);
+  while (d.getUTCDay() === 0 || d.getUTCDay() === 6) {
+    d.setUTCDate(d.getUTCDate() + 1);
+  }
+  return d;
+}
+function addBusinessDays(from, days) {
+  if (!Number.isInteger(days) || days < 0) {
+    throw new Error(`days must be a non-negative integer, got ${days}`);
+  }
+  const d = new Date(from);
+  let remaining = days;
+  while (remaining > 0) {
+    d.setUTCDate(d.getUTCDate() + 1);
+    if (d.getUTCDay() !== 0 && d.getUTCDay() !== 6) {
+      remaining--;
+    }
+  }
+  return d;
+}
+function endOfDay(d) {
+  const result = new Date(d);
+  result.setUTCHours(23, 59, 59, 999);
+  return result;
+}
+function getMaintenanceEndFallback(mw) {
+  if (mw.endTime) {
+    return new Date(mw.endTime);
+  }
+  const start = new Date(mw.startTime);
+  start.setUTCDate(start.getUTCDate() + 7);
+  return start;
+}
+function calculateOfflineDeadline(mode, invoiceDate, maintenanceWindow) {
+  const date = typeof invoiceDate === "string" ? new Date(invoiceDate) : invoiceDate;
+  switch (mode) {
+    case "offline24": {
+      return endOfDay(nextBusinessDay(date));
+    }
+    case "offline": {
+      const base = maintenanceWindow ? getMaintenanceEndFallback(maintenanceWindow) : date;
+      return endOfDay(nextBusinessDay(base));
+    }
+    case "awaryjny": {
+      const base = maintenanceWindow ? getMaintenanceEndFallback(maintenanceWindow) : date;
+      return endOfDay(addBusinessDays(base, 7));
+    }
+    case "awaria_calkowita": {
+      return new Date(FAR_FUTURE);
+    }
+  }
+}
+function isExpired(submitBy) {
+  const deadline = typeof submitBy === "string" ? new Date(submitBy) : submitBy;
+  return Date.now() > deadline.getTime();
+}
+var FAR_FUTURE;
+var init_deadline = __esm({
+  "src/offline/deadline.ts"() {
+    "use strict";
+    FAR_FUTURE = /* @__PURE__ */ new Date("9999-12-31T23:59:59Z");
+  }
+});
+// src/models/document-structures/types.ts
+var SystemCode, FORM_CODES, DEFAULT_FORM_CODE, INVOICE_TYPES_BY_SYSTEM_CODE, FORM_CODE_KEYS;
+var init_types = __esm({
+  "src/models/document-structures/types.ts"() {
+    "use strict";
+    SystemCode = {
+      FA_2: "FA (2)",
+      FA_3: "FA (3)",
+      PEF_3: "PEF (3)",
+      PEF_KOR_3: "PEF_KOR (3)",
+      FA_RR_1: "FA_RR (1)"
+    };
+    FORM_CODES = {
+      FA_2: { systemCode: "FA (2)", schemaVersion: "1-0E", value: "FA" },
+      FA_3: { systemCode: "FA (3)", schemaVersion: "1-0E", value: "FA" },
+      PEF_3: { systemCode: "PEF (3)", schemaVersion: "2-1", value: "PEF" },
+      PEF_KOR_3: { systemCode: "PEF_KOR (3)", schemaVersion: "2-1", value: "PEF" },
+      FA_RR_1_LEGACY: { systemCode: "FA_RR (1)", schemaVersion: "1-0E", value: "RR" },
+      FA_RR_1_TRANSITION: { systemCode: "FA_RR (1)", schemaVersion: "1-1E", value: "RR" },
+      FA_RR_1: { systemCode: "FA_RR (1)", schemaVersion: "1-1E", value: "FA_RR" }
+    };
+    DEFAULT_FORM_CODE = FORM_CODES.FA_3;
+    INVOICE_TYPES_BY_SYSTEM_CODE = {
+      [SystemCode.FA_2]: ["Vat", "Zal", "Kor", "Roz", "Upr", "KorZal", "KorRoz"],
+      [SystemCode.FA_3]: ["Vat", "Zal", "Kor", "Roz", "Upr", "KorZal", "KorRoz"],
+      [SystemCode.PEF_3]: ["VatPef", "VatPefSp", "KorPef"],
+      [SystemCode.PEF_KOR_3]: ["KorPef"],
+      [SystemCode.FA_RR_1]: ["VatRr", "KorVatRr"]
+    };
+    FORM_CODE_KEYS = {
+      FA2: FORM_CODES.FA_2,
+      FA3: FORM_CODES.FA_3,
+      PEF3: FORM_CODES.PEF_3,
+      PEFKOR3: FORM_CODES.PEF_KOR_3,
+      FARR1: FORM_CODES.FA_RR_1
+    };
+  }
+});
+// src/models/document-structures/helpers.ts
+function validateFormCodeForSession(formCode, sessionType) {
+  if (sessionType === "online") return true;
+  return !BATCH_DISALLOWED_SYSTEM_CODES.has(formCode.systemCode);
+}
+var SYSTEM_CODE_TO_FORM_CODE, ALL_FORM_CODES, BATCH_DISALLOWED_SYSTEM_CODES;
+var init_helpers = __esm({
+  "src/models/document-structures/helpers.ts"() {
+    "use strict";
+    init_types();
+    SYSTEM_CODE_TO_FORM_CODE = {
+      [SystemCode.FA_2]: FORM_CODES.FA_2,
+      [SystemCode.FA_3]: FORM_CODES.FA_3,
+      [SystemCode.PEF_3]: FORM_CODES.PEF_3,
+      [SystemCode.PEF_KOR_3]: FORM_CODES.PEF_KOR_3,
+      [SystemCode.FA_RR_1]: FORM_CODES.FA_RR_1
+    };
+    ALL_FORM_CODES = Object.values(FORM_CODES);
+    BATCH_DISALLOWED_SYSTEM_CODES = /* @__PURE__ */ new Set([
+      SystemCode.PEF_3,
+      SystemCode.PEF_KOR_3
+    ]);
+  }
+});
+// src/models/document-structures/index.ts
+var init_document_structures = __esm({
+  "src/models/document-structures/index.ts"() {
+    "use strict";
+    init_types();
+    init_helpers();
+  }
+});
+// src/workflows/offline-invoice-workflow.ts
+import crypto3 from "crypto";
+var OfflineInvoiceWorkflow;
+var init_offline_invoice_workflow = __esm({
+  "src/workflows/offline-invoice-workflow.ts"() {
+    "use strict";
+    init_ksef_api_error();
+    init_deadline();
+    init_document_structures();
+    OfflineInvoiceWorkflow = class {
+      constructor(qrService) {
+        this.qrService = qrService;
+      }
+      async generate(input, options) {
+        if (!input.invoiceXml || input.invoiceXml.trim().length === 0) {
+          throw new Error("invoiceXml must not be empty");
+        }
+        if (!input.invoiceNumber) {
+          throw new Error("invoiceNumber is required");
+        }
+        if (!input.sellerNip) {
+          throw new Error("sellerNip is required");
+        }
+        const mode = options?.mode ?? "offline24";
+        const reason = getDefaultReason(mode);
+        const invoiceHashBase64 = crypto3.createHash("sha256").update(input.invoiceXml).digest("base64");
+        const kod1Url = this.qrService.buildInvoiceVerificationUrl(
+          input.sellerNip,
+          input.invoiceDate,
+          invoiceHashBase64
+        );
+        let kod2Url;
+        if (options?.certificate) {
+          kod2Url = this.qrService.buildCertificateVerificationUrl(
+            input.sellerIdentifier.type,
+            input.sellerIdentifier.value,
+            input.sellerNip,
+            options.certificate.certificateSerial,
+            invoiceHashBase64,
+            options.certificate.privateKeyPem
+          );
+        }
+        const submitBy = options?.customDeadline ? typeof options.customDeadline === "string" ? options.customDeadline : options.customDeadline.toISOString() : calculateOfflineDeadline(mode, input.invoiceDate, options?.maintenanceWindow).toISOString();
+        const metadata = {
+          id: crypto3.randomUUID(),
+          mode,
+          reason,
+          status: "GENERATED",
+          invoiceNumber: input.invoiceNumber,
+          invoiceDate: input.invoiceDate,
+          invoiceXml: input.invoiceXml,
+          sellerNip: input.sellerNip,
+          sellerIdentifier: input.sellerIdentifier,
+          buyerIdentifier: input.buyerIdentifier,
+          totalAmount: input.totalAmount,
+          currency: input.currency,
+          kod1Url,
+          kod2Url,
+          generatedAt: (/* @__PURE__ */ new Date()).toISOString(),
+          submitBy,
+          maintenanceWindowId: options?.maintenanceWindow?.id
+        };
+        if (options?.storage) {
+          await options.storage.save(metadata);
+        }
+        return metadata;
+      }
+      async submit(client, options) {
+        const { storage, checkExpiry = true } = options;
+        let invoices2;
+        if (options.invoiceIds) {
+          invoices2 = [];
+          const notFound = [];
+          for (const id of options.invoiceIds) {
+            const inv = await storage.get(id);
+            if (inv) {
+              invoices2.push(inv);
+            } else {
+              notFound.push(id);
+            }
+          }
+          if (notFound.length > 0) {
+            throw new Error(`Offline invoice(s) not found: ${notFound.join(", ")}`);
+          }
+        } else {
+          invoices2 = await storage.list({ status: ["GENERATED", "QUEUED", "SUBMITTED"] });
+        }
+        const result = {
+          total: invoices2.length,
+          submitted: 0,
+          accepted: 0,
+          rejected: 0,
+          failed: 0,
+          expired: 0,
+          results: []
+        };
+        if (invoices2.length === 0) return result;
+        const pending = [];
+        for (const inv of invoices2) {
+          if (checkExpiry && isExpired(inv.submitBy)) {
+            await storage.update(inv.id, { status: "EXPIRED" });
+            result.expired++;
+            result.results.push({
+              invoiceId: inv.id,
+              invoiceNumber: inv.invoiceNumber,
+              status: "EXPIRED"
+            });
+          } else {
+            pending.push(inv);
+          }
+        }
+        if (pending.length === 0) return result;
+        await client.crypto.init();
+        const encData = client.crypto.getEncryptionData();
+        const formCode = options.formCode ?? DEFAULT_FORM_CODE;
+        const openResp = await client.onlineSession.openSession(
+          { formCode, encryption: encData.encryptionInfo }
+        );
+        const sessionRef = openResp.referenceNumber;
+        try {
+          for (const inv of pending) {
+            await storage.update(inv.id, { status: "QUEUED" });
+            try {
+              const data = new TextEncoder().encode(inv.invoiceXml);
+              const plainMeta = client.crypto.getFileMetadata(data);
+              const encrypted = client.crypto.encryptAES256(data, encData.cipherKey, encData.cipherIv);
+              const encMeta = client.crypto.getFileMetadata(encrypted);
+              await storage.update(inv.id, { status: "SUBMITTED", submittedAt: (/* @__PURE__ */ new Date()).toISOString() });
+              const resp = await client.onlineSession.sendInvoice(sessionRef, {
+                invoiceHash: plainMeta.hashSHA,
+                invoiceSize: plainMeta.fileSize,
+                encryptedInvoiceHash: encMeta.hashSHA,
+                encryptedInvoiceSize: encMeta.fileSize,
+                encryptedInvoiceContent: Buffer.from(encrypted).toString("base64"),
+                offlineMode: true
+              });
+              await storage.update(inv.id, {
+                status: "ACCEPTED",
+                acceptedAt: (/* @__PURE__ */ new Date()).toISOString(),
+                ksefReferenceNumber: resp.referenceNumber
+              });
+              result.submitted++;
+              result.accepted++;
+              result.results.push({
+                invoiceId: inv.id,
+                invoiceNumber: inv.invoiceNumber,
+                status: "ACCEPTED",
+                ksefReferenceNumber: resp.referenceNumber
+              });
+            } catch (err) {
+              const message = err instanceof Error ? err.message : String(err);
+              if (err instanceof KSeFApiError) {
+                await storage.update(inv.id, {
+                  status: "REJECTED",
+                  error: { code: err.statusCode, message }
+                });
+                result.submitted++;
+                result.rejected++;
+                result.results.push({
+                  invoiceId: inv.id,
+                  invoiceNumber: inv.invoiceNumber,
+                  status: "REJECTED",
+                  error: { code: err.statusCode, message }
+                });
+              } else {
+                await storage.update(inv.id, {
+                  status: "QUEUED",
+                  error: { code: 0, message }
+                });
+                result.failed++;
+                result.results.push({
+                  invoiceId: inv.id,
+                  invoiceNumber: inv.invoiceNumber,
+                  status: "QUEUED",
+                  error: { code: 0, message }
+                });
+              }
+            }
+          }
+        } finally {
+          try {
+            await client.onlineSession.closeSession(sessionRef);
+          } catch {
+          }
+        }
+        return result;
+      }
+      // TODO(perf): Each correction opens a separate KSeF session.
+      // For batch corrections, consider a correctBatch() sharing one session (like submit()).
+      async correct(client, options) {
+        const { storage, rejectedInvoiceId, correctedInvoiceXml } = options;
+        const original = await storage.get(rejectedInvoiceId);
+        if (!original) {
+          throw new Error(`Offline invoice not found: ${rejectedInvoiceId}`);
+        }
+        if (original.status !== "REJECTED") {
+          throw new Error(
+            original.status === "CORRECTED" ? `Invoice ${rejectedInvoiceId} has already been corrected (by ${original.correctedBy})` : `Only rejected invoices can be corrected (current status: ${original.status})`
+          );
+        }
+        const originalHash = crypto3.createHash("sha256").update(original.invoiceXml).digest("base64");
+        await client.crypto.init();
+        const encData = client.crypto.getEncryptionData();
+        const formCode = options.formCode ?? DEFAULT_FORM_CODE;
+        const openResp = await client.onlineSession.openSession(
+          { formCode, encryption: encData.encryptionInfo }
+        );
+        const sessionRef = openResp.referenceNumber;
+        try {
+          const data = new TextEncoder().encode(correctedInvoiceXml);
+          const plainMeta = client.crypto.getFileMetadata(data);
+          const encrypted = client.crypto.encryptAES256(data, encData.cipherKey, encData.cipherIv);
+          const encMeta = client.crypto.getFileMetadata(encrypted);
+          const correctionId = crypto3.randomUUID();
+          const submittedAt = (/* @__PURE__ */ new Date()).toISOString();
+          const correctedHashBase64 = crypto3.createHash("sha256").update(correctedInvoiceXml).digest("base64");
+          const kod1Url = this.qrService.buildInvoiceVerificationUrl(
+            original.sellerNip,
+            original.invoiceDate,
+            correctedHashBase64
+          );
+          let kod2Url;
+          if (options.certificate) {
+            kod2Url = this.qrService.buildCertificateVerificationUrl(
+              original.sellerIdentifier.type,
+              original.sellerIdentifier.value,
+              original.sellerNip,
+              options.certificate.certificateSerial,
+              correctedHashBase64,
+              options.certificate.privateKeyPem
+            );
+          }
+          const correctionMetadata = {
+            id: correctionId,
+            mode: original.mode,
+            reason: original.reason,
+            status: "SUBMITTED",
+            invoiceNumber: original.invoiceNumber,
+            invoiceDate: original.invoiceDate,
+            invoiceXml: correctedInvoiceXml,
+            sellerNip: original.sellerNip,
+            sellerIdentifier: original.sellerIdentifier,
+            buyerIdentifier: original.buyerIdentifier,
+            kod1Url,
+            kod2Url,
+            generatedAt: submittedAt,
+            submitBy: original.submitBy,
+            submittedAt,
+            correctedInvoiceId: rejectedInvoiceId
+          };
+          await storage.save(correctionMetadata);
+          const resp = await client.onlineSession.sendInvoice(sessionRef, {
+            invoiceHash: plainMeta.hashSHA,
+            invoiceSize: plainMeta.fileSize,
+            encryptedInvoiceHash: encMeta.hashSHA,
+            encryptedInvoiceSize: encMeta.fileSize,
+            encryptedInvoiceContent: Buffer.from(encrypted).toString("base64"),
+            offlineMode: true,
+            hashOfCorrectedInvoice: originalHash
+          });
+          await storage.update(correctionId, {
+            status: "ACCEPTED",
+            acceptedAt: (/* @__PURE__ */ new Date()).toISOString(),
+            ksefReferenceNumber: resp.referenceNumber
+          });
+          await storage.update(rejectedInvoiceId, {
+            status: "CORRECTED",
+            correctedBy: correctionId
+          });
+          return {
+            invoiceId: correctionId,
+            invoiceNumber: correctionMetadata.invoiceNumber,
+            status: "ACCEPTED",
+            ksefReferenceNumber: resp.referenceNumber
+          };
+        } finally {
+          try {
+            await client.onlineSession.closeSession(sessionRef);
+          } catch {
+          }
+        }
+      }
+    };
+  }
+});
 // src/crypto/signature-service.ts
 var signature_service_exports = {};
 __export(signature_service_exports, {
   SignatureService: () => SignatureService
 });
-import * as crypto3 from "crypto";
+import * as crypto4 from "crypto";
 import { ExclusiveCanonicalization } from "xml-crypto";
 import { DOMParser, XMLSerializer } from "@xmldom/xmldom";
 function extractDerFromPem(pem) {
@@ -2112,7 +2550,7 @@ function canonicalize(elem) {
 function computeRootDigest(doc) {
   const root = doc.documentElement;
   const canonical = canonicalize(root);
-  return crypto3.createHash("sha256").update(canonical, "utf-8").digest("base64");
+  return crypto4.createHash("sha256").update(canonical, "utf-8").digest("base64");
 }
 function computeSignedPropertiesDigest(qualifyingPropertiesXml) {
   const parser = new DOMParser();
@@ -2122,7 +2560,7 @@ function computeSignedPropertiesDigest(qualifyingPropertiesXml) {
     throw new Error("SignedProperties element not found in QualifyingProperties");
   }
   const canonical = canonicalize(signedProps);
-  return crypto3.createHash("sha256").update(canonical, "utf-8").digest("base64");
+  return crypto4.createHash("sha256").update(canonical, "utf-8").digest("base64");
 }
 function buildSignedInfo(signatureAlgorithm, rootDigest, signedPropertiesDigest) {
   return [
@@ -2153,12 +2591,12 @@ function computeSignatureValue(canonicalSignedInfo, privateKey, isEc) {
   const data = Buffer.from(canonicalSignedInfo, "utf-8");
   let signature;
   if (isEc) {
-    signature = crypto3.sign("sha256", data, {
+    signature = crypto4.sign("sha256", data, {
       key: privateKey,
       dsaEncoding: "ieee-p1363"
     });
   } else {
-    signature = crypto3.sign("sha256", data, privateKey);
+    signature = crypto4.sign("sha256", data, privateKey);
   }
   return signature.toString("base64");
 }
@@ -2258,11 +2696,11 @@ var init_signature_service = __esm({
         }
         const certDer = extractDerFromPem(certPem);
         const certBase64 = certDer.toString("base64");
-        const certDigest = crypto3.createHash("sha256").update(certDer).digest("base64");
-        const x5093 = new crypto3.X509Certificate(certPem);
+        const certDigest = crypto4.createHash("sha256").update(certDer).digest("base64");
+        const x5093 = new crypto4.X509Certificate(certPem);
         const issuerName = normalizeIssuerDn(x5093.issuer);
         const serialNumber = hexSerialToDecimal(x5093.serialNumber);
-        const privateKey = crypto3.createPrivateKey(
+        const privateKey = crypto4.createPrivateKey(
           passphrase ? { key: privateKeyPem, format: "pem", passphrase } : privateKeyPem
         );
         const isEc = privateKey.asymmetricKeyType === "ec";
@@ -2427,6 +2865,7 @@ var init_client = __esm({
     init_cryptography_service();
     init_verification_link_service();
     init_auth_xml_builder();
+    init_offline_invoice_workflow();
     KSeFClient = class {
       auth;
       activeSessions;
@@ -2445,6 +2884,7 @@ var init_client = __esm({
       qr;
       options;
       authManager;
+      _offline;
       constructor(options) {
         this.options = resolveOptions(options);
         const authManager = options?.authManager ?? new DefaultAuthManager(async () => {
@@ -2473,6 +2913,12 @@ var init_client = __esm({
         this.testData = new TestDataService(restClient, this.options.environmentName);
         this.qr = new VerificationLinkService(this.options.baseQrUrl);
       }
+      get offline() {
+        if (!this._offline) {
+          this._offline = new OfflineInvoiceWorkflow(this.qr);
+        }
+        return this._offline;
+      }
       async loginWithToken(token, nip) {
         const challenge2 = await this.auth.getChallenge();
         await this.crypto.init();
@@ -2507,10 +2953,10 @@ var init_client = __esm({
       }
       async awaitAuthReady(referenceNumber, authToken) {
         for (let i = 0; i < 30; i++) {
-          const status6 = await this.auth.getAuthStatus(referenceNumber, authToken);
-          if (status6.status.code === 200) return;
-          if (status6.status.code !== 100) {
-            throw new Error(`Authentication failed with status ${status6.status.code}: ${status6.status.description}`);
+          const status7 = await this.auth.getAuthStatus(referenceNumber, authToken);
+          if (status7.status.code === 200) return;
+          if (status7.status.code !== 100) {
+            throw new Error(`Authentication failed with status ${status7.status.code}: ${status7.status.description}`);
           }
           await new Promise((r) => setTimeout(r, 1e3));
         }
@@ -2545,79 +2991,6 @@ var init_polling = __esm({
   }
 });
-// src/models/document-structures/types.ts
-var SystemCode, FORM_CODES, DEFAULT_FORM_CODE, INVOICE_TYPES_BY_SYSTEM_CODE, FORM_CODE_KEYS;
-var init_types = __esm({
-  "src/models/document-structures/types.ts"() {
-    "use strict";
-    SystemCode = {
-      FA_2: "FA (2)",
-      FA_3: "FA (3)",
-      PEF_3: "PEF (3)",
-      PEF_KOR_3: "PEF_KOR (3)",
-      FA_RR_1: "FA_RR (1)"
-    };
-    FORM_CODES = {
-      FA_2: { systemCode: "FA (2)", schemaVersion: "1-0E", value: "FA" },
-      FA_3: { systemCode: "FA (3)", schemaVersion: "1-0E", value: "FA" },
-      PEF_3: { systemCode: "PEF (3)", schemaVersion: "2-1", value: "PEF" },
-      PEF_KOR_3: { systemCode: "PEF_KOR (3)", schemaVersion: "2-1", value: "PEF" },
-      FA_RR_1_LEGACY: { systemCode: "FA_RR (1)", schemaVersion: "1-0E", value: "RR" },
-      FA_RR_1_TRANSITION: { systemCode: "FA_RR (1)", schemaVersion: "1-1E", value: "RR" },
-      FA_RR_1: { systemCode: "FA_RR (1)", schemaVersion: "1-1E", value: "FA_RR" }
-    };
-    DEFAULT_FORM_CODE = FORM_CODES.FA_3;
-    INVOICE_TYPES_BY_SYSTEM_CODE = {
-      [SystemCode.FA_2]: ["Vat", "Zal", "Kor", "Roz", "Upr", "KorZal", "KorRoz"],
-      [SystemCode.FA_3]: ["Vat", "Zal", "Kor", "Roz", "Upr", "KorZal", "KorRoz"],
-      [SystemCode.PEF_3]: ["VatPef", "VatPefSp", "KorPef"],
-      [SystemCode.PEF_KOR_3]: ["KorPef"],
-      [SystemCode.FA_RR_1]: ["VatRr", "KorVatRr"]
-    };
-    FORM_CODE_KEYS = {
-      FA2: FORM_CODES.FA_2,
-      FA3: FORM_CODES.FA_3,
-      PEF3: FORM_CODES.PEF_3,
-      PEFKOR3: FORM_CODES.PEF_KOR_3,
-      FARR1: FORM_CODES.FA_RR_1
-    };
-  }
-});
-// src/models/document-structures/helpers.ts
-function validateFormCodeForSession(formCode, sessionType) {
-  if (sessionType === "online") return true;
-  return !BATCH_DISALLOWED_SYSTEM_CODES.has(formCode.systemCode);
-}
-var SYSTEM_CODE_TO_FORM_CODE, ALL_FORM_CODES, BATCH_DISALLOWED_SYSTEM_CODES;
-var init_helpers = __esm({
-  "src/models/document-structures/helpers.ts"() {
-    "use strict";
-    init_types();
-    SYSTEM_CODE_TO_FORM_CODE = {
-      [SystemCode.FA_2]: FORM_CODES.FA_2,
-      [SystemCode.FA_3]: FORM_CODES.FA_3,
-      [SystemCode.PEF_3]: FORM_CODES.PEF_3,
-      [SystemCode.PEF_KOR_3]: FORM_CODES.PEF_KOR_3,
-      [SystemCode.FA_RR_1]: FORM_CODES.FA_RR_1
-    };
-    ALL_FORM_CODES = Object.values(FORM_CODES);
-    BATCH_DISALLOWED_SYSTEM_CODES = /* @__PURE__ */ new Set([
-      SystemCode.PEF_3,
-      SystemCode.PEF_KOR_3
-    ]);
-  }
-});
-// src/models/document-structures/index.ts
-var init_document_structures = __esm({
-  "src/models/document-structures/index.ts"() {
-    "use strict";
-    init_types();
-    init_helpers();
-  }
-});
 // src/xml/upo-parser.ts
 import { XMLParser } from "fast-xml-parser";
 function isRecord(value) {
@@ -2742,11 +3115,58 @@ var init_upo_parser = __esm({
   }
 });
+// src/xml/invoice-field-extractor.ts
+import { XMLParser as XMLParser2 } from "fast-xml-parser";
+function extractInvoiceFields(xml) {
+  const parsed = invoiceParser.parse(xml);
+  const root = parsed?.Faktura;
+  if (!root || typeof root !== "object") {
+    throw new Error(
+      "Cannot extract invoice fields: missing <Faktura> root element. Ensure the XML is a valid KSeF invoice (FA_2, FA_3, or FA_RR)."
+    );
+  }
+  if (root.Fa && typeof root.Fa === "object") {
+    const invoiceDate = nonEmptyString(root.Fa.P_1);
+    const invoiceNumber = nonEmptyString(root.Fa.P_2);
+    if (invoiceDate && invoiceNumber) {
+      return { invoiceNumber, invoiceDate };
+    }
+  }
+  if (root.FakturaRR && typeof root.FakturaRR === "object") {
+    const invoiceDate = nonEmptyString(root.FakturaRR.P_4B);
+    const invoiceNumber = nonEmptyString(root.FakturaRR.P_4C);
+    if (invoiceDate && invoiceNumber) {
+      return { invoiceNumber, invoiceDate };
+    }
+  }
+  throw new Error(
+    "Cannot extract invoice number and date from XML. Expected <Fa><P_1>/<P_2> (FA format) or <FakturaRR><P_4B>/<P_4C> (RR format)."
+  );
+}
+function nonEmptyString(value) {
+  return typeof value === "string" && value.length > 0 ? value : void 0;
+}
+var invoiceParser;
+var init_invoice_field_extractor = __esm({
+  "src/xml/invoice-field-extractor.ts"() {
+    "use strict";
+    invoiceParser = new XMLParser2({
+      ignoreAttributes: false,
+      attributeNamePrefix: "@_",
+      parseTagValue: false,
+      parseAttributeValue: false,
+      removeNSPrefix: true,
+      trimValues: false
+    });
+  }
+});
 // src/xml/index.ts
 var init_xml = __esm({
   "src/xml/index.ts"() {
     "use strict";
     init_upo_parser();
+    init_invoice_field_extractor();
   }
 });
@@ -4488,11 +4908,11 @@ async function validateSchema(xml, options, _parsed) {
   const prefix = rootElement ? `/${rootElement}/` : "/";
   const validationErrors = result.error.issues.map((issue) => {
     const zodPath = issue.path.join("/");
-    const path9 = zodPath ? `${prefix}${zodPath}` : rootElement ? `/${rootElement}` : void 0;
+    const path10 = zodPath ? `${prefix}${zodPath}` : rootElement ? `/${rootElement}` : void 0;
     return {
       code: mapZodErrorCode(issue),
       message: issue.message,
-      path: path9
+      path: path10
     };
   });
   return { valid: false, schemaType, errors: validationErrors };
@@ -4532,9 +4952,9 @@ function validateBusinessRules(xml, _parsed) {
   collectDateErrors(object, rootElement, errors);
   return { valid: errors.length === 0, schemaType, errors };
 }
-function collectNipPeselErrors(obj, path9, errors) {
+function collectNipPeselErrors(obj, path10, errors) {
   for (const [key, value] of Object.entries(obj)) {
-    const currentPath = path9 ? `${path9}/${key}` : key;
+    const currentPath = path10 ? `${path10}/${key}` : key;
     if (key === "NIP" && typeof value === "string") {
       if (!isValidNip(value)) {
         errors.push({
@@ -4614,7 +5034,7 @@ var init_invoice_validator = __esm({
 });
 // src/builders/batch-file.ts
-import * as crypto4 from "crypto";
+import * as crypto5 from "crypto";
 function splitBuffer(data, maxPartSize) {
   if (data.length <= maxPartSize) {
     return [data];
@@ -4626,7 +5046,7 @@ function splitBuffer(data, maxPartSize) {
   return parts;
 }
 function sha256Base64(data) {
-  return crypto4.createHash("sha256").update(data).digest("base64");
+  return crypto5.createHash("sha256").update(data).digest("base64");
 }
 var BATCH_MAX_PART_SIZE, BATCH_MAX_TOTAL_SIZE, BATCH_MAX_PARTS, BatchFileBuilder;
 var init_batch_file = __esm({
@@ -4937,10 +5357,10 @@ var init_batch_session_workflow = __esm({
 });
 // src/cli/index.ts
-import { readFileSync as readFileSync8 } from "fs";
+import { readFileSync as readFileSync9 } from "fs";
 import { fileURLToPath } from "url";
 import { dirname as dirname2, resolve } from "path";
-import { defineCommand as defineCommand17, runMain } from "citty";
+import { defineCommand as defineCommand18, runMain } from "citty";
 // src/cli/commands/config.ts
 import { defineCommand } from "citty";
@@ -5506,13 +5926,13 @@ var login = defineCommand2({
       if (token) {
         await client.loginWithToken(token, nip);
       } else if (args.p12) {
-        const fs13 = await import("fs");
-        const p12Buffer = fs13.readFileSync(args.p12);
+        const fs15 = await import("fs");
+        const p12Buffer = fs15.readFileSync(args.p12);
         await client.loginWithPkcs12(p12Buffer, args["p12-password"] ?? "", nip);
       } else if (args.cert && args.key) {
-        const fs13 = await import("fs");
-        const certPem = fs13.readFileSync(args.cert, "utf-8");
-        const keyPem = fs13.readFileSync(args.key, "utf-8");
+        const fs15 = await import("fs");
+        const certPem = fs15.readFileSync(args.cert, "utf-8");
+        const keyPem = fs15.readFileSync(args.key, "utf-8");
         await client.loginWithCertificate(certPem, keyPem, nip, args["key-password"]);
       } else {
         throw new Error("Provide --token, --p12, or both --cert and --key for authentication.");
@@ -7616,12 +8036,12 @@ import fs10 from "fs";
 import path7 from "path";
 // src/crypto/certificate-service.ts
-import * as crypto5 from "crypto";
+import * as crypto6 from "crypto";
 import * as x5092 from "@peculiar/x509";
 var CertificateService = class {
   static getSha256Fingerprint(certPem) {
     const der = extractDerFromPem2(certPem);
-    return crypto5.createHash("sha256").update(der).digest("hex").toUpperCase();
+    return crypto6.createHash("sha256").update(der).digest("hex").toUpperCase();
   }
   static async generatePersonalCertificate(givenName, surname, serialNumber, commonName, method = "RSA") {
     const nameParts = [];
@@ -7644,7 +8064,7 @@ var CertificateService = class {
   }
 };
 async function generateSelfSigned(subject2, method) {
-  x5092.cryptoProvider.set(crypto5.webcrypto);
+  x5092.cryptoProvider.set(crypto6.webcrypto);
   let algorithm;
   let signingAlgorithm;
   if (method === "ECDSA") {
@@ -7659,7 +8079,7 @@ async function generateSelfSigned(subject2, method) {
     };
     signingAlgorithm = algorithm;
   }
-  const keys = await crypto5.webcrypto.subtle.generateKey(
+  const keys = await crypto6.webcrypto.subtle.generateKey(
     algorithm,
     true,
     ["sign", "verify"]
@@ -7676,9 +8096,9 @@ async function generateSelfSigned(subject2, method) {
     serialNumber: Date.now().toString(16)
   });
   const certPem = cert.toString("pem");
-  const pkcs8 = await crypto5.webcrypto.subtle.exportKey("pkcs8", keys.privateKey);
+  const pkcs8 = await crypto6.webcrypto.subtle.exportKey("pkcs8", keys.privateKey);
   const privateKeyPem = pemEncode2(new Uint8Array(pkcs8), "PRIVATE KEY");
-  const fingerprint = crypto5.createHash("sha256").update(Buffer.from(cert.rawData)).digest("hex").toUpperCase();
+  const fingerprint = crypto6.createHash("sha256").update(Buffer.from(cert.rawData)).digest("hex").toUpperCase();
   return { certificatePem: certPem, privateKeyPem, fingerprint };
 }
 function extractDerFromPem2(pem) {
@@ -8136,6 +8556,7 @@ var invoice2 = defineCommand9({
     format: { type: "string", description: "Output format: png or svg (default: png)" },
     size: { type: "string", description: "QR code size in pixels (default: 300)" },
     label: { type: "string", description: "Label text (SVG only)" },
+    offline: { type: "boolean", description: 'Use "OFFLINE" as label (SVG, overrides --label)' },
     o: { type: "string", description: "Output file path" },
     env: { type: "string", description: "Environment (test/demo/prod)" },
     json: { type: "boolean", description: "Output as JSON" },
@@ -8155,7 +8576,8 @@ var invoice2 = defineCommand9({
         return;
       }
       if (format === "svg") {
-        const svg = args.label ? await QrCodeService.generateQrCodeSvgWithLabel(url2, args.label, { width: size }) : await QrCodeService.generateQrCodeSvg(url2, { width: size });
+        const effectiveLabel = args.offline ? "OFFLINE" : args.label;
+        const svg = effectiveLabel ? await QrCodeService.generateQrCodeSvgWithLabel(url2, effectiveLabel, { width: size }) : await QrCodeService.generateQrCodeSvg(url2, { width: size });
         if (args.o) {
           fs11.writeFileSync(args.o, svg);
           outputSuccess(`QR code saved to ${args.o}
@@ -9022,11 +9444,11 @@ var doctorCommand = defineCommand14({
         const controller = new AbortController();
         const timeout = setTimeout(() => controller.abort(), 5e3);
         try {
-          const status6 = await client.lighthouse.getStatus();
+          const status7 = await client.lighthouse.getStatus();
           checks.push({
             name: "connectivity",
             status: "pass",
-            message: `API reachable (${status6.status})`
+            message: `API reachable (${status7.status})`
           });
         } finally {
           clearTimeout(timeout);
@@ -9470,11 +9892,474 @@ var setupCommand = defineCommand16({
   }
 });
+// src/cli/commands/offline.ts
+import * as fs14 from "fs";
+import { defineCommand as defineCommand17 } from "citty";
+import { consola as consola15 } from "consola";
+// src/offline/file-storage.ts
+import * as fs13 from "fs/promises";
+import * as path9 from "path";
+import * as os6 from "os";
+// src/offline/storage.ts
+function matchesFilter(invoice3, filter) {
+  if (filter.status !== void 0) {
+    const statuses = Array.isArray(filter.status) ? filter.status : [filter.status];
+    if (!statuses.includes(invoice3.status)) return false;
+  }
+  if (filter.mode !== void 0 && invoice3.mode !== filter.mode) return false;
+  if (filter.sellerNip !== void 0 && invoice3.sellerNip !== filter.sellerNip) return false;
+  if (filter.expiringBefore !== void 0) {
+    const cutoff = typeof filter.expiringBefore === "string" ? new Date(filter.expiringBefore).getTime() : filter.expiringBefore.getTime();
+    if (new Date(invoice3.submitBy).getTime() >= cutoff) return false;
+  }
+  return true;
+}
+// src/offline/file-storage.ts
+function resolveDir(dir) {
+  if (dir === "~" || dir.startsWith("~/")) {
+    return path9.join(os6.homedir(), dir.slice(1));
+  }
+  return dir;
+}
+var UUID_RE = /^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$/i;
+function validateId(id) {
+  if (!UUID_RE.test(id)) {
+    throw new Error(`Invalid invoice ID: ${id}`);
+  }
+}
+var FileOfflineInvoiceStorage = class {
+  dir;
+  constructor(directory) {
+    this.dir = resolveDir(directory ?? "~/.ksef/offline");
+  }
+  async ensureDir() {
+    await fs13.mkdir(this.dir, { recursive: true });
+  }
+  filePath(id) {
+    validateId(id);
+    return path9.join(this.dir, `${id}.json`);
+  }
+  async save(invoice3) {
+    await this.ensureDir();
+    const file = this.filePath(invoice3.id);
+    const tmp = `${file}.tmp`;
+    await fs13.writeFile(tmp, JSON.stringify(invoice3, null, 2));
+    await fs13.rename(tmp, file);
+  }
+  async get(id) {
+    const file = this.filePath(id);
+    try {
+      return JSON.parse(await fs13.readFile(file, "utf-8"));
+    } catch (err) {
+      if (err instanceof Error && "code" in err && err.code === "ENOENT") {
+        return null;
+      }
+      console.warn(`Warning: Failed to read offline invoice ${id}: ${err instanceof Error ? err.message : String(err)}`);
+      return null;
+    }
+  }
+  async list(filter) {
+    let files;
+    try {
+      files = (await fs13.readdir(this.dir)).filter((f) => f.endsWith(".json"));
+    } catch {
+      return [];
+    }
+    const results = [];
+    for (const file of files) {
+      try {
+        const data = JSON.parse(
+          await fs13.readFile(path9.join(this.dir, file), "utf-8")
+        );
+        if (!filter || matchesFilter(data, filter)) {
+          results.push(data);
+        }
+      } catch (err) {
+        console.warn(`Warning: Skipping corrupt offline invoice file ${file}: ${err instanceof Error ? err.message : String(err)}`);
+      }
+    }
+    return results;
+  }
+  /**
+   * Update invoice metadata (read-modify-write).
+   *
+   * Note: No file locking — concurrent updates to the same ID may cause
+   * lost writes. Acceptable for CLI (single process). Library consumers
+   * running parallel operations should use external locking.
+   */
+  async update(id, updates) {
+    const existing = await this.get(id);
+    if (!existing) throw new Error(`Offline invoice not found: ${id}`);
+    await this.save({ ...existing, ...updates });
+  }
+  async delete(id) {
+    const file = this.filePath(id);
+    try {
+      await fs13.unlink(file);
+    } catch (e) {
+      if (e instanceof Error && "code" in e && e.code !== "ENOENT") throw e;
+    }
+  }
+};
+// src/cli/commands/offline.ts
+init_invoice_field_extractor();
+function getGlobalOpts14(args) {
+  return {
+    env: args.env,
+    json: args.json,
+    verbose: args.verbose,
+    timeout: args.timeout,
+    nip: args.nip
+  };
+}
+function getStorage(args) {
+  return new FileOfflineInvoiceStorage(args["store-dir"]);
+}
+var globalArgs = {
+  env: { type: "string", description: "Environment (test/demo/prod)" },
+  json: { type: "boolean", description: "Output as JSON" },
+  verbose: { type: "boolean", description: "Verbose output" },
+  timeout: { type: "string", description: "Request timeout (ms)" },
+  nip: { type: "string", description: "NIP number" },
+  "store-dir": { type: "string", description: "Offline invoice store directory" }
+};
+var generate3 = defineCommand17({
+  meta: { name: "generate", description: "Generate offline invoice metadata with QR codes" },
+  args: {
+    ...globalArgs,
+    xml: { type: "positional", description: "Invoice XML file path", required: true },
+    mode: { type: "string", description: "Offline mode (offline24/offline/awaryjny)" },
+    key: { type: "string", description: "Private key PEM file for KOD II signing" },
+    "cert-serial": { type: "string", description: "Certificate serial number (hex)" },
+    "context-type": { type: "string", description: "Seller context type (default: Nip)" },
+    "context-id": { type: "string", description: "Seller context value" },
+    "qr-format": { type: "string", description: "QR format: png or svg (default: png)" },
+    "qr-out": { type: "string", description: "Directory to save QR images" },
+    "no-store": { type: "boolean", description: "Do not save to local store" }
+  },
+  run({ args }) {
+    return withErrorHandler(async () => {
+      const globalOpts = getGlobalOpts14(args);
+      const config = loadConfig();
+      const xmlPath = args.xml;
+      if (!fs14.existsSync(xmlPath)) {
+        throw new Error(`File not found: ${xmlPath}`);
+      }
+      const invoiceXml = fs14.readFileSync(xmlPath, "utf-8");
+      const sellerNip = args.nip ?? config.nip;
+      if (!sellerNip) {
+        throw new Error("NIP is required. Use --nip or set via `ksef config set --nip`");
+      }
+      const contextType = args["context-type"] ?? "Nip";
+      const contextId = args["context-id"] ?? sellerNip;
+      const client = createClient(globalOpts);
+      const workflow = client.offline;
+      if (args.key && !args["cert-serial"]) {
+        throw new Error("--cert-serial is required when using --key");
+      }
+      const certificate2 = args.key ? {
+        privateKeyPem: fs14.readFileSync(args.key, "utf-8"),
+        certificateSerial: args["cert-serial"]
+      } : void 0;
+      const validModes = ["offline24", "offline", "awaryjny", "awaria_calkowita"];
+      const modeArg = args.mode ?? "offline24";
+      if (!validModes.includes(modeArg)) {
+        throw new Error(`Invalid --mode "${modeArg}". Must be one of: ${validModes.join(", ")}`);
+      }
+      const storage = args["no-store"] ? void 0 : getStorage(args);
+      const { invoiceNumber, invoiceDate } = extractInvoiceFields(invoiceXml);
+      const metadata = await workflow.generate(
+        {
+          invoiceNumber,
+          invoiceDate,
+          invoiceXml,
+          sellerNip,
+          sellerIdentifier: { type: contextType, value: contextId }
+        },
+        {
+          mode: modeArg,
+          certificate: certificate2,
+          storage
+        }
+      );
+      if (args["qr-out"]) {
+        const outDir = args["qr-out"];
+        fs14.mkdirSync(outDir, { recursive: true });
+        const format = args["qr-format"] ?? "png";
+        if (format !== "png" && format !== "svg") {
+          throw new Error(`Invalid --qr-format "${format}". Must be one of: png, svg`);
+        }
+        const shortId = metadata.id.slice(0, 8);
+        if (format === "svg") {
+          const svg1 = await QrCodeService.generateQrCodeSvgWithLabel(metadata.kod1Url, "OFFLINE");
+          fs14.writeFileSync(`${outDir}/${shortId}-kod1.svg`, svg1);
+          if (metadata.kod2Url) {
+            const svg2 = await QrCodeService.generateQrCodeSvgWithLabel(metadata.kod2Url, "CERTYFIKAT");
+            fs14.writeFileSync(`${outDir}/${shortId}-kod2.svg`, svg2);
+          }
+        } else {
+          const png1 = await QrCodeService.generateQrCode(metadata.kod1Url);
+          fs14.writeFileSync(`${outDir}/${shortId}-kod1.png`, png1);
+          if (metadata.kod2Url) {
+            const png2 = await QrCodeService.generateQrCode(metadata.kod2Url);
+            fs14.writeFileSync(`${outDir}/${shortId}-kod2.png`, png2);
+          }
+        }
+        outputSuccess(`QR codes saved to ${outDir}/`);
+      }
+      if (!certificate2) {
+        outputWarning("No certificate provided \u2014 KOD II QR code was not generated. Use --key and --cert-serial for offline compliance.");
+      }
+      if (args.json) {
+        outputResult(metadata, { json: true });
+      } else {
+        outputKeyValue({
+          ID: metadata.id,
+          Mode: metadata.mode,
+          Status: metadata.status,
+          Deadline: metadata.submitBy,
+          "KOD I": metadata.kod1Url,
+          "KOD II": metadata.kod2Url ?? "(not generated)"
+        }, { json: false });
+      }
+    });
+  }
+});
+var list4 = defineCommand17({
+  meta: { name: "list", description: "List stored offline invoices" },
+  args: {
+    ...globalArgs,
+    status: { type: "string", description: "Filter by status" },
+    mode: { type: "string", description: "Filter by mode" },
+    expiring: { type: "boolean", description: "Show only invoices expiring within 24h" }
+  },
+  run({ args }) {
+    return withErrorHandler(async () => {
+      const storage = getStorage(args);
+      const filter = {};
+      if (args.status) filter.status = args.status;
+      if (args.mode) filter.mode = args.mode;
+      if (args.expiring) {
+        const cutoff = new Date(Date.now() + 24 * 60 * 60 * 1e3);
+        filter.expiringBefore = cutoff.toISOString();
+      }
+      const invoices2 = await storage.list(Object.keys(filter).length > 0 ? filter : void 0);
+      if (invoices2.length === 0) {
+        if (args.json) {
+          outputResult([], { json: true });
+        } else {
+          outputSuccess("No offline invoices found.");
+        }
+        return;
+      }
+      outputTable(
+        invoices2.map((i) => ({
+          id: i.id.slice(0, 8),
+          number: i.invoiceNumber,
+          mode: i.mode,
+          status: i.status,
+          deadline: i.submitBy.slice(0, 19),
+          nip: i.sellerNip
+        })),
+        [
+          { key: "id", label: "ID" },
+          { key: "number", label: "Number" },
+          { key: "mode", label: "Mode" },
+          { key: "status", label: "Status" },
+          { key: "deadline", label: "Deadline" },
+          { key: "nip", label: "NIP" }
+        ],
+        { json: args.json }
+      );
+    });
+  }
+});
+var status6 = defineCommand17({
+  meta: { name: "status", description: "Show offline invoice details" },
+  args: {
+    ...globalArgs,
+    id: { type: "positional", description: "Invoice ID", required: true }
+  },
+  run({ args }) {
+    return withErrorHandler(async () => {
+      const storage = getStorage(args);
+      const invoice3 = await storage.get(args.id);
+      if (!invoice3) {
+        throw new Error(`Offline invoice not found: ${args.id}`);
+      }
+      if (args.json) {
+        outputResult(invoice3, { json: true });
+      } else {
+        outputKeyValue({
+          ID: invoice3.id,
+          Number: invoice3.invoiceNumber,
+          Date: invoice3.invoiceDate,
+          Mode: invoice3.mode,
+          Reason: invoice3.reason,
+          Status: invoice3.status,
+          "Seller NIP": invoice3.sellerNip,
+          Deadline: invoice3.submitBy,
+          "Generated At": invoice3.generatedAt,
+          "Submitted At": invoice3.submittedAt ?? "-",
+          "KSeF Reference": invoice3.ksefReferenceNumber ?? "-",
+          "KOD I URL": invoice3.kod1Url,
+          "KOD II URL": invoice3.kod2Url ?? "-",
+          Error: invoice3.error ? `${invoice3.error.code}: ${invoice3.error.message}` : "-"
+        }, { json: false });
+      }
+    });
+  }
+});
+var submit = defineCommand17({
+  meta: { name: "submit", description: "Submit offline invoices to KSeF" },
+  args: {
+    ...globalArgs,
+    all: { type: "boolean", description: "Submit all pending invoices" },
+    "no-check-expiry": { type: "boolean", description: "Skip expiry check" },
+    ids: { type: "positional", description: "Invoice IDs to submit" }
+  },
+  run({ args }) {
+    return withErrorHandler(async () => {
+      const globalOpts = getGlobalOpts14(args);
+      const { client } = await requireSession(globalOpts);
+      const storage = getStorage(args);
+      const invoiceIds = args.ids ? args.ids.split(",").map((s) => s.trim()) : void 0;
+      if (args.all && invoiceIds) {
+        throw new Error("Cannot use --all together with specific invoice IDs. Use one or the other.");
+      }
+      if (!args.all && !invoiceIds) {
+        throw new Error("Specify invoice IDs or use --all to submit all pending invoices.");
+      }
+      const result = await client.offline.submit(client, {
+        storage,
+        invoiceIds: args.all ? void 0 : invoiceIds,
+        checkExpiry: !args["no-check-expiry"]
+      });
+      if (result.total === 0) {
+        outputSuccess("No pending invoices to submit.");
+        return;
+      }
+      if (args.json) {
+        outputResult(result, { json: true });
+      } else {
+        outputSuccess(
+          `Submitted: ${result.submitted}, Accepted: ${result.accepted}, Rejected: ${result.rejected}, Expired: ${result.expired}`
+        );
+        if (result.results.length > 0) {
+          outputTable(
+            result.results.map((r) => ({
+              id: r.invoiceId.slice(0, 8),
+              number: r.invoiceNumber,
+              status: r.status,
+              ref: r.ksefReferenceNumber ?? "-"
+            })),
+            [
+              { key: "id", label: "ID" },
+              { key: "number", label: "Number" },
+              { key: "status", label: "Status" },
+              { key: "ref", label: "KSeF Ref" }
+            ],
+            { json: false }
+          );
+        }
+      }
+    });
+  }
+});
+var correct = defineCommand17({
+  meta: { name: "correct", description: "Technical correction for rejected offline invoice" },
+  args: {
+    ...globalArgs,
+    id: { type: "positional", description: "Rejected invoice ID", required: true },
+    xml: { type: "positional", description: "Corrected XML file path", required: true }
+  },
+  run({ args }) {
+    return withErrorHandler(async () => {
+      const globalOpts = getGlobalOpts14(args);
+      const { client } = await requireSession(globalOpts);
+      const storage = getStorage(args);
+      const xmlPath = args.xml;
+      if (!fs14.existsSync(xmlPath)) {
+        throw new Error(`File not found: ${xmlPath}`);
+      }
+      const correctedXml = fs14.readFileSync(xmlPath, "utf-8");
+      const result = await client.offline.correct(client, {
+        rejectedInvoiceId: args.id,
+        correctedInvoiceXml: correctedXml,
+        storage
+      });
+      if (args.json) {
+        outputResult(result, { json: true });
+      } else {
+        outputSuccess(`Correction submitted. KSeF ref: ${result.ksefReferenceNumber ?? "pending"}`);
+      }
+    });
+  }
+});
+var del = defineCommand17({
+  meta: { name: "delete", description: "Delete offline invoice from local store" },
+  args: {
+    ...globalArgs,
+    id: { type: "positional", description: "Invoice ID to delete" },
+    expired: { type: "boolean", description: "Delete all expired invoices" },
+    force: { type: "boolean", description: "Skip confirmation prompt" }
+  },
+  run({ args }) {
+    return withErrorHandler(async () => {
+      const storage = getStorage(args);
+      if (args.expired) {
+        const expired = await storage.list({ status: "EXPIRED" });
+        if (expired.length === 0) {
+          outputSuccess("No expired invoices to delete.");
+          return;
+        }
+        if (!args.force) {
+          if (!process.stdin.isTTY) {
+            throw new Error(
+              `${expired.length} expired invoice(s) would be deleted. Use --force to confirm in non-interactive mode.`
+            );
+          }
+          const confirmed = await consola15.prompt(
+            `Delete ${expired.length} expired invoice(s)?`,
+            { type: "confirm", initial: false }
+          );
+          if (!confirmed) {
+            consola15.info("Cancelled.");
+            return;
+          }
+        }
+        for (const inv of expired) {
+          await storage.delete(inv.id);
+        }
+        outputSuccess(`Deleted ${expired.length} expired invoice(s).`);
+        return;
+      }
+      if (!args.id) {
+        throw new Error("Specify an invoice ID or use --expired to delete all expired invoices.");
+      }
+      const invoice3 = await storage.get(args.id);
+      if (!invoice3) {
+        throw new Error(`Offline invoice not found: ${args.id}`);
+      }
+      await storage.delete(args.id);
+      outputSuccess(`Deleted offline invoice ${args.id}`);
+    });
+  }
+});
+var offlineCommand = defineCommand17({
+  meta: { name: "offline", description: "Offline invoice management" },
+  subCommands: { generate: generate3, list: list4, status: status6, submit, correct, delete: del }
+});
 // src/cli/index.ts
 var __dirname = dirname2(fileURLToPath(import.meta.url));
-var pkg = JSON.parse(readFileSync8(resolve(__dirname, "..", "package.json"), "utf-8"));
+var pkg = JSON.parse(readFileSync9(resolve(__dirname, "..", "package.json"), "utf-8"));
 var version = pkg.version;
-var main = defineCommand17({
+var main = defineCommand18({
   meta: {
     name: "ksef",
     version,
@@ -9494,6 +10379,7 @@ var main = defineCommand17({
     limits: limitsCommand,
     peppol: peppolCommand,
     "test-data": testDataCommand,
+    offline: offlineCommand,
     doctor: doctorCommand,
     completion: completionCommand
   }