pesafy 0.4.3 → 0.5.1

package/CHANGELOG.md

@@ -0,0 +1,177 @@
+# pesafy
+
+## 0.5.1
+
+### Patch Changes
+
+- reduce size increase speed
+
+## 0.5.0
+
+### Minor Changes
+
+- migration to vite+
+
+## 0.4.3
+
+### Patch Changes
+
+- b2c functions added
+
+## 0.4.2
+
+### Patch Changes
+
+- fix the missing exports
+
+## 0.4.1
+
+### Patch Changes
+
+- added b2b express checkout capability
+
+## 0.4.0
+
+### Minor Changes
+
+- added tax-remittance
+
+## 0.3.13
+
+### Patch Changes
+
+- C2B URL registration panel with per-shortcode tracking (Paybill + Buy Goods), dual registration support, and session-persisted status badges"
+
+## 0.3.12
+
+### Patch Changes
+
+- 047c30f: The payload was always sending BillRefNumber: request.billRefNumber ?? "". For CustomerBuyGoodsOnline, Daraja treats any BillRefNumber field — even "" — as an invalid AccountReference and rejects the request (400 or 503). The fix conditionally includes the field only for Paybill
+- fix error handling and URLs only registered for 600977, never for 600000. The log shows registerC2BUrls shortCode=600977 but then simulateC2B shortCode=600000
+
+## 0.3.11
+
+### Patch Changes
+
+- add c2b feature
+
+## 0.3.10
+
+### Patch Changes
+
+- Added Dynamic QR Code support to the pesafy SDK as a new mpesa/dynamic-qr module. This introduces three new files — types.ts, generate.ts, and index.ts — under src/mpesa/dynamic-qr/, implementing the Safaricom Daraja POST /mpesa/qrcode/v1/generate endpoint. The Mpesa class gains a new generateDynamicQR() method that handles token retrieval and delegates to the internal generateDynamicQR function, which validates all inputs (merchant name, reference, amount, transaction code, CPI, and size) before dispatching the request via the existing httpRequest utility. Three new public types — DynamicQRRequest, DynamicQRResponse, and QRTransactionCode — are exported from the root src/index.ts. No breaking changes were introduced; all existing APIs remain untouched.
+
+## 0.3.9
+
+### Patch Changes
+
+- retry logic
+
+## 0.3.8
+
+### Patch Changes
+
+- Fixed four blocking TypeScript compilation errors before prepublish by extending the `ErrorCode` union to include `API_ERROR`, `NETWORK_ERROR`, and `TIMEOUT`, which resolved type assignment issues in the HTTP layer. Consolidated a duplicate `PesafyError` class (previously split between `index.ts` and `types.ts`) into a single authoritative implementation that preserves all fields, including `requestId`, `toJSON()`, and stack trace handling. Also corrected `x-forwarded-for` IP extraction in the Express webhook handler using safe optional chaining to prevent potential undefined access from the `split()` result.
+
+## 0.3.7
+
+### Patch Changes
+
+- add transaction status
+
+## 0.3.6
+
+### Patch Changes
+
+- add new version
+
+## 0.3.5
+
+### Patch Changes
+
+- d066c9c: conditional bill reference for bu goods
+
+## 0.3.4
+
+### Patch Changes
+
+- f983f64: The /v2/simulate path is the most critical bug — it will cause persistent 500.003.1001 errors in sandbox just like the /v2/registerurl issue you already fixed.
+
+## 0.3.3
+
+### Patch Changes
+
+- 2790c0f: The v2 path for registerurl does not exist on Daraja
+
+## 0.3.2
+
+### Patch Changes
+
+- 4115f0a: fix
+
+## 0.3.1
+
+### Patch Changes
+
+- **C2B module rewrite & phone utility refactor** — Fixed `simulateC2B` where `CommandID` was hardcoded to `CustomerPayBillOnline`, making `CustomerBuyGoodsOnline` (Till) payments impossible. Corrected `BillRefNumber` logic so the field is omitted entirely for BuyGoods requests rather than defaulting to the string `"default"`, which caused a `400` from Daraja. Fixed `Msisdn` being sent as a quoted string instead of a JSON number as the spec requires. Removed the phantom `ConversationID` field from both `C2BSimulateResponse` and `C2BRegisterUrlResponse` — Daraja never returns this field for C2B, only `OriginatorCoversationID`. Extracted phone formatting into a shared `src/utils/phone.ts` module with two intentionally separate formatters: `formatSafaricomPhone` (strict, Safaricom/Airtel only, for STK Push) and `formatKenyanMsisdn` (permissive, all Kenyan networks, for C2B and B2C), eliminating duplicated logic across modules. Added the `C2BCommandId` union type and full callback payload types — `C2BValidationPayload`, `C2BConfirmationPayload`, and `C2BCallbackPayload` — to enable type-safe webhook handlers.
+- fbfa311: fix url patch and add elemt accountref
+- aa9c176: **C2B module rewrite & phone utility refactor** — Fixed `simulateC2B` where `CommandID` was hardcoded to `CustomerPayBillOnline`, making `CustomerBuyGoodsOnline` (Till) payments impossible. Corrected `BillRefNumber` logic so the field is omitted entirely for BuyGoods requests rather than defaulting to the string `"default"`, which caused a `400` from Daraja. Fixed `Msisdn` being sent as a quoted string instead of a JSON number as the spec requires. Removed the phantom `ConversationID` field from both `C2BSimulateResponse` and `C2BRegisterUrlResponse` — Daraja never returns this field for C2B, only `OriginatorCoversationID`. Extracted phone formatting into a shared `src/utils/phone.ts` module with two intentionally separate formatters: `formatSafaricomPhone` (strict, Safaricom/Airtel only, for STK Push) and `formatKenyanMsisdn` (permissive, all Kenyan networks, for C2B and B2C), eliminating duplicated logic across modules. Added the `C2BCommandId` union type and full callback payload types — `C2BValidationPayload`, `C2BConfirmationPayload`, and `C2BCallbackPayload` — to enable type-safe webhook handlers.
+
+## 0.3.0
+
+### Minor Changes
+
+- fe95c2b: The C2B M-Pesa implementation in the pesafy package has been comprehensively overhauled for full Daraja C2B v2 compliance, including a complete rewrite of types.ts with all 13 callback fields (C2BCallbackPayload), validation responses, rejection codes, and command/response unions; fixes to register-url.ts ensuring ValidationURL is always sent (defaulting to confirmationUrl); enhanced simulate.ts supporting both CustomerPayBillOnline and CustomerBuyGoodsOnline with proper BillRefNumber handling, amount validation, and Msisdn casting; new c2b index exports; root index public exports; and improved http client error reporting. Dashboard updates add c2bRegisterUrls and c2bSimulate actions in mpesaActions.ts, fix http.ts webhook handlers with 6 missing fields (TransactionType, TransTime, etc.), upsert logic via createTransaction, a new getByShortCode query in businesses.ts, and a complete C2B tab in PaymentsPage.tsx featuring URL registration, simulation forms, and unified transactions—addressing prior gaps like hardcoded commands, missing UI, incomplete types, and non-upserting handlers.
+
+## 0.2.4
+
+### Patch Changes
+
+- 4a535ef: Request failed with status 500 but swallows the actual Daraja error body — it parses it into data but never includes it in the error message.
+
+## 0.2.3
+
+### Patch Changes
+
+- 16a7a59: error code fix
+
+## 0.2.2
+
+### Patch Changes
+
+- fix the missing pieces
+
+## 0.2.1
+
+### Patch Changes
+
+- fix versioning
+
+## 0.2.0
+
+### Minor Changes
+
+- Add M-Pesa Express (STK Push) support
+  - Add `processStkPush` to initiate STK Push payment prompts on a
+    customer's phone via POST /mpesa/stkpush/v1/processrequest
+  - Add `queryStkPush` to check the status of an STK Push transaction
+    via POST /mpesa/stkpushquery/v1/query
+  - Add `StkPushRequest`, `StkPushResponse`, `StkQueryRequest`,
+    `StkQueryResponse` and `TransactionType` types
+  - Add `formatPhoneNumber` utility to normalize Kenyan phone numbers
+    to 254 format
+  - Add `getStkPushPassword` to generate Base64(Shortcode+Passkey+Timestamp)
+  - Add `getTimestamp` helper for Daraja-formatted timestamps
+  - Export all STK Push types and utilities from the package root
+
+## 0.1.0
+
+### Minor Changes
+
+- d988767: ready for phase one
+
+## 0.0.1
+
+### Patch Changes
+
+- init changeset/cli

package/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2026 Lewis Odero
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.