spaps-sdk 1.10.1 → 1.10.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +6 -0
- package/README.md +39 -3
- package/dist/index.d.mts +147 -4
- package/dist/index.d.ts +147 -4
- package/dist/index.js +156 -3
- package/dist/index.mjs +156 -3
- package/package.json +3 -3
package/CHANGELOG.md
CHANGED
|
@@ -8,6 +8,12 @@ The format follows [Keep a Changelog](https://keepachangelog.com/en/1.1.0/) and
|
|
|
8
8
|
|
|
9
9
|
### Added
|
|
10
10
|
|
|
11
|
+
- Added `issueReporting.getAttachmentAccess(attachmentId)` as the canonical screenshot access helper while keeping `getAttachmentAccessUrl` as a backward-compatible alias.
|
|
12
|
+
|
|
13
|
+
## [1.10.1] - 2026-05-16
|
|
14
|
+
|
|
15
|
+
### Added
|
|
16
|
+
|
|
11
17
|
- Added issue-reporting screenshot attachment helpers for private upload, list, access URL, delete, and attach-by-ID create/update/reply flows.
|
|
12
18
|
|
|
13
19
|
## [1.10.0] - 2026-05-11
|
package/README.md
CHANGED
|
@@ -23,7 +23,7 @@ This package targets `Node.js >=14`.
|
|
|
23
23
|
|
|
24
24
|
| Need | Package gives you |
|
|
25
25
|
| --- | --- |
|
|
26
|
-
| One client for many SPAPS surfaces | `auth`, `payments`, `sessions`, `secureMessages`, `issueReporting`, `appLinks`, `email`, `entitlements`, `usage`, `skillEvals`, `dayrate`, `admin`, and `cfo` namespaces |
|
|
26
|
+
| One client for many SPAPS surfaces | `auth`, `payments`, `sessions`, `secureMessages`, `issueReporting`, `appLinks`, `marketing`, `email`, `entitlements`, `usage`, `skillEvals`, `dayrate`, `admin`, and `cfo` namespaces |
|
|
27
27
|
| Local development without extra config | Localhost URLs automatically enable local mode |
|
|
28
28
|
| Browser and server usage | `publishableKey`, `secretKey`, or legacy `apiKey` support |
|
|
29
29
|
| Shared contracts | Re-exports a large slice of `spaps-types` |
|
|
@@ -86,6 +86,7 @@ Relevant environment variables:
|
|
|
86
86
|
| `secureMessages` | Secure-message create/list helpers |
|
|
87
87
|
| `issueReporting` | Status, history, create, update, reply, voice-token, and private screenshot attachment flows |
|
|
88
88
|
| `appLinks` | Authenticated create and public resolve helpers for application-scoped short links |
|
|
89
|
+
| `marketing` | Browser-safe attribution/experiment event emission and server-side experiment results |
|
|
89
90
|
| `email` | Template lookup, preview, and send helpers |
|
|
90
91
|
| `entitlements` | User and resource entitlement queries |
|
|
91
92
|
| `usage` | Secret-key usage authorization and immutable usage recording |
|
|
@@ -149,7 +150,7 @@ const issue = await spaps.issueReporting.create({
|
|
|
149
150
|
attachment_ids: [attachment.id],
|
|
150
151
|
});
|
|
151
152
|
|
|
152
|
-
const access = await spaps.issueReporting.
|
|
153
|
+
const access = await spaps.issueReporting.getAttachmentAccess(attachment.id);
|
|
153
154
|
console.log(issue.id, access.expires_in_seconds);
|
|
154
155
|
```
|
|
155
156
|
|
|
@@ -174,6 +175,41 @@ const link = await spaps.appLinks.create({
|
|
|
174
175
|
});
|
|
175
176
|
|
|
176
177
|
console.log(`/${link.app_slug}/${link.username}/${link.slug}`);
|
|
178
|
+
|
|
179
|
+
await spaps.appLinks.update(link.username, link.slug, {
|
|
180
|
+
metadata: { diagram_state: "pako:new-state" },
|
|
181
|
+
});
|
|
182
|
+
```
|
|
183
|
+
|
|
184
|
+
### Marketing Events
|
|
185
|
+
|
|
186
|
+
Use `marketing.emit` in the browser with a publishable key for anonymous
|
|
187
|
+
attribution touches or experiment exposures. Use `marketing.getExperimentResults`
|
|
188
|
+
from a trusted server or agent with a secret key to read revenue-backed results
|
|
189
|
+
and the conservative stop signal.
|
|
190
|
+
|
|
191
|
+
```ts
|
|
192
|
+
const browserSpaps = new SPAPSClient({
|
|
193
|
+
apiUrl: "https://api.example.test",
|
|
194
|
+
publishableKey: "spaps_pub_example",
|
|
195
|
+
});
|
|
196
|
+
|
|
197
|
+
await browserSpaps.marketing.emit({
|
|
198
|
+
anon_id: "anon_01HY...",
|
|
199
|
+
event_type: "experiment_exposure",
|
|
200
|
+
experiment_id: "landing-hero-copy",
|
|
201
|
+
variant_id: "treatment",
|
|
202
|
+
dedupe_key: "landing-hero-copy:anon_01HY:treatment",
|
|
203
|
+
timestamp: new Date().toISOString(),
|
|
204
|
+
});
|
|
205
|
+
|
|
206
|
+
const serverSpaps = new SPAPSClient({
|
|
207
|
+
apiUrl: "https://api.example.test",
|
|
208
|
+
secretKey: process.env.SPAPS_SECRET_KEY,
|
|
209
|
+
});
|
|
210
|
+
|
|
211
|
+
const results = await serverSpaps.marketing.getExperimentResults("landing-hero-copy");
|
|
212
|
+
console.log(results.decision.recommendation, results.decision.winner_variant_id);
|
|
177
213
|
```
|
|
178
214
|
|
|
179
215
|
### Server-Side Usage Control
|
|
@@ -448,7 +484,7 @@ npm run test:readme
|
|
|
448
484
|
## Metadata
|
|
449
485
|
|
|
450
486
|
- `package_name`: `spaps-sdk`
|
|
451
|
-
- `latest_version`: `1.10.
|
|
487
|
+
- `latest_version`: `1.10.1`
|
|
452
488
|
- `minimum_runtime`: `Node.js >=14.0.0`
|
|
453
489
|
- `api_base_url`: `https://api.sweetpotato.dev`
|
|
454
490
|
|
package/dist/index.d.mts
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
import * as spaps_types from 'spaps-types';
|
|
2
|
-
import { ResourceType, Entitlement, CreateProductRequest, Product, UpdateProductRequest, CreatePriceRequest, Price, ProductSyncResult, CryptoReconcileRequest, CreateSecureMessageRequest, SecureMessage, IssueReportScope, IssueReportStatusResult, IssueReportStatus, IssueReportListResult, IssueReport, CreateIssueReportRequest, IssueReportAttachmentOut, ListIssueReportAttachmentsResponse, IssueReportAttachmentAccessResponse, IssueReportingVoiceTokenResult, UpdateIssueReportRequest, ReplyIssueReportRequest, CreateAppLinkRequest, AppLink, AuthResponse, User as User$1, CreateCryptoInvoiceRequest, CryptoInvoiceStatusSnapshot, CheckoutSession, X402ResourceStatusResponse, X402ActionResponse, X402ReceiptResponse, X402ReceiptListResponse, X402HandoffVerification, DayrateAvailabilityResponse, DayrateBookingRequest, DayrateBookingResponse, DayrateMultiBookingRequest, DayrateMultiBookingResponse, DayrateX402BookingRequest, DayrateX402BookingResponse, DayrateCheckoutStatusResponse, UsageControlFeaturesResponse, UsageControlStatusRequest, UsageControlStatusResponse, UsageControlAuthorizeRequest, UsageControlAuthorizeResponse, UsageControlRecordRequest, UsageControlRecordResponse, UsageControlHistoryRequest, UsageControlHistoryResponse, Subscription, VerifyCryptoWebhookSignatureOptions } from 'spaps-types';
|
|
3
|
-
export { AdminPermission, AdminRole, AdminUser, ApiResponse, AppLink, AuthResponse, CheckoutSession, CreateAppLinkRequest, CreateCryptoInvoiceRequest, CreateIssueReportRequest, CreatePriceRequest, CreateProductRequest, CreateSecureMessageInput, CreateSecureMessageRequest, CryptoInvoice, CryptoInvoiceResponse, CryptoInvoiceStatusSnapshot, CryptoReconcileRequest, DayrateAvailabilityResponse, DayrateAvailableSlot, DayrateBookingRequest, DayrateBookingResponse, DayrateCheckoutStatus, DayrateCheckoutStatusBooking, DayrateCheckoutStatusResponse, DayrateDayOfWeek, DayrateMultiBookingRequest, DayrateMultiBookingResponse, DayratePriceBreakdown, DayrateSlotType, DayrateX402BookingRequest, DayrateX402BookingResponse, Entitlement, IssueReport, IssueReportAttachmentAccessResponse, IssueReportAttachmentOut, IssueReportListResult, IssueReportStatus, IssueReportStatusResult, IssueReportTarget, IssueReportingInputMode, IssueReportingVoiceProvider, IssueReportingVoiceTokenResult, LinkedIssueReportCase, ListIssueReportAttachmentsResponse, Price, Product, ProductSyncResult, ReplyIssueReportRequest, ResourceType, SecureMessage, SecureMessageOutput, Subscription, TokenPair, UpdateIssueReportRequest, UpdateProductRequest, UsageControlAuthorizeRequest, UsageControlAuthorizeResponse, UsageControlDecision, UsageControlDimensions, UsageControlError, UsageControlErrorCode, UsageControlFeaturesResponse, UsageControlHistoryRequest, UsageControlHistoryResponse, UsageControlLedgerEvent, UsageControlRecordRequest, UsageControlRecordResponse, UsageControlRecordStatus, UsageControlStatusRequest, UsageControlStatusResponse, User, UserProfile, UserRole, UserWallet, VerifyCryptoWebhookSignatureOptions, X402ActionFreeResponse, X402ActionOutcome, X402ActionPendingResponse, X402ActionReplayedResponse, X402ActionResponse, X402ActionSettledResponse, X402ExecuteActionRequest, X402HandoffAuthorization, X402HandoffVerification, X402HandoffVerifyRequest, X402PaymentAccept, X402PaymentRequirement, X402ProjectionStatus, X402Receipt, X402ReceiptListResponse, X402ReceiptResponse, X402ReceiptStatus, X402Resource, X402ResourceStatus, X402ResourceStatusResponse, atomicToMoneyUnits, createSecureMessageRequestSchema, isX402PaymentRequired, isX402ResourceStatus, moneyUnitsToAtomic, roundHalfToPositiveInfinity, secureMessageMetadataSchema, secureMessageSchema, validatePositiveAmountAtomic } from 'spaps-types';
|
|
2
|
+
import { ResourceType, Entitlement, CreateProductRequest, Product, UpdateProductRequest, CreatePriceRequest, Price, ProductSyncResult, CryptoReconcileRequest, CreateSecureMessageRequest, SecureMessage, IssueReportScope, IssueReportStatusResult, IssueReportStatus, IssueReportListResult, IssueReport, CreateIssueReportRequest, IssueReportAttachmentOut, ListIssueReportAttachmentsResponse, IssueReportAttachmentAccessResponse, IssueReportingVoiceTokenResult, UpdateIssueReportRequest, ReplyIssueReportRequest, ListIssueReportMessagesResponse, CreateReporterMessageRequest, IssueReportMessage, CreateOperatorMessageRequest, RetractOperatorMessageRequest, CreateAppLinkRequest, AppLink, UpdateAppLinkRequest, AuthResponse, User as User$1, CreateCryptoInvoiceRequest, CryptoInvoiceStatusSnapshot, CheckoutSession, X402ResourceStatusResponse, X402ActionResponse, X402ReceiptResponse, X402ReceiptListResponse, X402HandoffVerification, DayrateAvailabilityResponse, DayrateBookingRequest, DayrateBookingResponse, DayrateMultiBookingRequest, DayrateMultiBookingResponse, DayrateX402BookingRequest, DayrateX402BookingResponse, DayrateCheckoutStatusResponse, UsageControlFeaturesResponse, UsageControlStatusRequest, UsageControlStatusResponse, UsageControlAuthorizeRequest, UsageControlAuthorizeResponse, UsageControlRecordRequest, UsageControlRecordResponse, UsageControlHistoryRequest, UsageControlHistoryResponse, Subscription, VerifyCryptoWebhookSignatureOptions } from 'spaps-types';
|
|
3
|
+
export { AdminPermission, AdminRole, AdminUser, ApiResponse, AppLink, AuthResponse, CheckoutSession, CreateAppLinkRequest, CreateCryptoInvoiceRequest, CreateIssueReportRequest, CreateOperatorMessageRequest, CreatePriceRequest, CreateProductRequest, CreateReporterMessageRequest, CreateSecureMessageInput, CreateSecureMessageRequest, CryptoInvoice, CryptoInvoiceResponse, CryptoInvoiceStatusSnapshot, CryptoReconcileRequest, DayrateAvailabilityResponse, DayrateAvailableSlot, DayrateBookingRequest, DayrateBookingResponse, DayrateCheckoutStatus, DayrateCheckoutStatusBooking, DayrateCheckoutStatusResponse, DayrateDayOfWeek, DayrateMultiBookingRequest, DayrateMultiBookingResponse, DayratePriceBreakdown, DayrateSlotType, DayrateX402BookingRequest, DayrateX402BookingResponse, Entitlement, IssueReport, IssueReportAttachmentAccessResponse, IssueReportAttachmentOut, IssueReportListResult, IssueReportMessage, IssueReportStatus, IssueReportStatusResult, IssueReportTarget, IssueReportingInputMode, IssueReportingVoiceProvider, IssueReportingVoiceTokenResult, LinkedIssueReportCase, ListIssueReportAttachmentsResponse, ListIssueReportMessagesResponse, Price, Product, ProductSyncResult, ReplyIssueReportRequest, ResourceType, RetractOperatorMessageRequest, SecureMessage, SecureMessageOutput, Subscription, TokenPair, UpdateAppLinkRequest, UpdateIssueReportRequest, UpdateProductRequest, UsageControlAuthorizeRequest, UsageControlAuthorizeResponse, UsageControlDecision, UsageControlDimensions, UsageControlError, UsageControlErrorCode, UsageControlFeaturesResponse, UsageControlHistoryRequest, UsageControlHistoryResponse, UsageControlLedgerEvent, UsageControlRecordRequest, UsageControlRecordResponse, UsageControlRecordStatus, UsageControlStatusRequest, UsageControlStatusResponse, User, UserProfile, UserRole, UserWallet, VerifyCryptoWebhookSignatureOptions, X402ActionFreeResponse, X402ActionOutcome, X402ActionPendingResponse, X402ActionReplayedResponse, X402ActionResponse, X402ActionSettledResponse, X402ExecuteActionRequest, X402HandoffAuthorization, X402HandoffVerification, X402HandoffVerifyRequest, X402PaymentAccept, X402PaymentRequirement, X402ProjectionStatus, X402Receipt, X402ReceiptListResponse, X402ReceiptResponse, X402ReceiptStatus, X402Resource, X402ResourceStatus, X402ResourceStatusResponse, atomicToMoneyUnits, createSecureMessageRequestSchema, isX402PaymentRequired, isX402ResourceStatus, moneyUnitsToAtomic, roundHalfToPositiveInfinity, secureMessageMetadataSchema, secureMessageSchema, validatePositiveAmountAtomic } from 'spaps-types';
|
|
4
4
|
|
|
5
5
|
/**
|
|
6
6
|
* Permission checking utilities for SPAPS SDK
|
|
@@ -336,6 +336,73 @@ interface EmailTemplatePreview {
|
|
|
336
336
|
html: string;
|
|
337
337
|
text?: string;
|
|
338
338
|
}
|
|
339
|
+
type MarketingEventType = 'attribution_touch' | 'experiment_exposure';
|
|
340
|
+
type MarketingExperimentRecommendation = 'continue' | 'continue_srm_warning' | 'stop_for_winner';
|
|
341
|
+
type MarketingExperimentSrmStatus = 'pass' | 'warning' | 'not_applicable';
|
|
342
|
+
interface MarketingEventIngestRequest {
|
|
343
|
+
application_id?: string;
|
|
344
|
+
anon_id: string;
|
|
345
|
+
event_type: MarketingEventType;
|
|
346
|
+
experiment_id?: string | null;
|
|
347
|
+
variant_id?: string | null;
|
|
348
|
+
variant?: string | null;
|
|
349
|
+
metadata?: Record<string, unknown> | null;
|
|
350
|
+
dedupe_key?: string | null;
|
|
351
|
+
timestamp?: string | null;
|
|
352
|
+
observed_at?: string | null;
|
|
353
|
+
}
|
|
354
|
+
interface MarketingEventIngestResponse {
|
|
355
|
+
id: string;
|
|
356
|
+
application_id: string;
|
|
357
|
+
anon_id: string;
|
|
358
|
+
event_type: MarketingEventType;
|
|
359
|
+
experiment_id?: string | null;
|
|
360
|
+
variant?: string | null;
|
|
361
|
+
dedupe_key: string;
|
|
362
|
+
ts: string;
|
|
363
|
+
created_at: string;
|
|
364
|
+
}
|
|
365
|
+
interface MarketingExperimentVariantResult {
|
|
366
|
+
variant_id: string | null;
|
|
367
|
+
exposures: number;
|
|
368
|
+
conversions: number;
|
|
369
|
+
conversion_rate: number;
|
|
370
|
+
revenue: Record<string, number>;
|
|
371
|
+
}
|
|
372
|
+
interface MarketingExperimentMinSampleDecision {
|
|
373
|
+
met: boolean;
|
|
374
|
+
min_exposures_per_variant: number;
|
|
375
|
+
min_total_conversions: number;
|
|
376
|
+
observed_min_exposures: number;
|
|
377
|
+
observed_total_conversions: number;
|
|
378
|
+
}
|
|
379
|
+
interface MarketingExperimentSrmDecision {
|
|
380
|
+
status: MarketingExperimentSrmStatus;
|
|
381
|
+
expected_share?: number | null;
|
|
382
|
+
max_share_ratio?: number | null;
|
|
383
|
+
min_share_ratio?: number | null;
|
|
384
|
+
}
|
|
385
|
+
interface MarketingExperimentEffectDecision {
|
|
386
|
+
leader_variant_id?: string | null;
|
|
387
|
+
runner_up_variant_id?: string | null;
|
|
388
|
+
absolute_lift?: number | null;
|
|
389
|
+
relative_lift?: number | null;
|
|
390
|
+
}
|
|
391
|
+
interface MarketingExperimentDecision {
|
|
392
|
+
decisive: boolean;
|
|
393
|
+
recommendation: MarketingExperimentRecommendation;
|
|
394
|
+
winner_variant_id?: string | null;
|
|
395
|
+
reason_codes: string[];
|
|
396
|
+
min_sample: MarketingExperimentMinSampleDecision;
|
|
397
|
+
srm: MarketingExperimentSrmDecision;
|
|
398
|
+
effect: MarketingExperimentEffectDecision;
|
|
399
|
+
}
|
|
400
|
+
interface MarketingExperimentResultsResponse {
|
|
401
|
+
application_id: string;
|
|
402
|
+
experiment_id: string;
|
|
403
|
+
variants: MarketingExperimentVariantResult[];
|
|
404
|
+
decision: MarketingExperimentDecision;
|
|
405
|
+
}
|
|
339
406
|
interface EntitlementListParams {
|
|
340
407
|
/** Filter by entitlement key */
|
|
341
408
|
key?: string;
|
|
@@ -708,7 +775,7 @@ declare class SPAPSClient<SecureMessageMetadata extends Record<string, any> = Re
|
|
|
708
775
|
* Note: For publishable key contexts, only `resource_type=user` is permitted.
|
|
709
776
|
* Non-user resource types will return a 403 error (enforced server-side).
|
|
710
777
|
*
|
|
711
|
-
* @param resourceType - The resource type (e.g. "user", "company", "org", "system").
|
|
778
|
+
* @param resourceType - The resource type (e.g. "user", "company", "org", "system", "project").
|
|
712
779
|
* @param resourceId - Optional specific resource ID.
|
|
713
780
|
*/
|
|
714
781
|
listByResource: (resourceType: ResourceType, resourceId?: string) => Promise<Entitlement[]>;
|
|
@@ -744,6 +811,12 @@ declare class SPAPSClient<SecureMessageMetadata extends Record<string, any> = Re
|
|
|
744
811
|
/**
|
|
745
812
|
* Return a short-lived private attachment access URL.
|
|
746
813
|
*/
|
|
814
|
+
getAttachmentAccess: (attachmentId: string) => Promise<IssueReportAttachmentAccessResponse>;
|
|
815
|
+
/**
|
|
816
|
+
* Return a short-lived private attachment access URL.
|
|
817
|
+
*
|
|
818
|
+
* @deprecated Use getAttachmentAccess(attachmentId).
|
|
819
|
+
*/
|
|
747
820
|
getAttachmentAccessUrl: (attachmentId: string) => Promise<IssueReportAttachmentAccessResponse>;
|
|
748
821
|
/**
|
|
749
822
|
* Soft-delete one owned screenshot attachment.
|
|
@@ -761,6 +834,46 @@ declare class SPAPSClient<SecureMessageMetadata extends Record<string, any> = Re
|
|
|
761
834
|
* Reply to a resolved or ignored issue report and reopen the linked case.
|
|
762
835
|
*/
|
|
763
836
|
reply: (issueReportId: string, payload: ReplyIssueReportRequest) => Promise<IssueReport>;
|
|
837
|
+
/**
|
|
838
|
+
* List the chronological, reporter-visible message thread for one owned
|
|
839
|
+
* issue report. Only active, reporter-visible rows are returned; retracted
|
|
840
|
+
* or superseded operator messages are excluded and raw audit payloads are
|
|
841
|
+
* never exposed. `needs_response` badges an open clarification request.
|
|
842
|
+
*/
|
|
843
|
+
listMessages: (issueReportId: string) => Promise<ListIssueReportMessagesResponse>;
|
|
844
|
+
/**
|
|
845
|
+
* Submit a reporter clarification response on one owned issue report. This
|
|
846
|
+
* does NOT reopen a closed case (use `reply` for that). Idempotent on
|
|
847
|
+
* `idempotency_key`: same key + same body returns the existing message,
|
|
848
|
+
* same key + different body returns 409 ISSUE_REPORT_MESSAGE_CONFLICT.
|
|
849
|
+
*/
|
|
850
|
+
submitMessage: (issueReportId: string, payload: CreateReporterMessageRequest) => Promise<IssueReportMessage>;
|
|
851
|
+
/**
|
|
852
|
+
* Triage-operator message commands. These require a secret key context and a
|
|
853
|
+
* triage role/capability; publishable browser contexts are rejected by the
|
|
854
|
+
* server. Provide the secret key as the SDK's API key.
|
|
855
|
+
*/
|
|
856
|
+
triage: {
|
|
857
|
+
/**
|
|
858
|
+
* List all projection rows for an app-scoped report (including corrected
|
|
859
|
+
* rows) for authorized triage operators.
|
|
860
|
+
*/
|
|
861
|
+
listMessages: (issueReportId: string) => Promise<ListIssueReportMessagesResponse>;
|
|
862
|
+
/**
|
|
863
|
+
* Post a clarification_request or final_response reporter-visible message
|
|
864
|
+
* as a triage operator. Idempotent on `idempotency_key`; a key reused with
|
|
865
|
+
* a different body returns 409. A final_response can drive a terminal
|
|
866
|
+
* lifecycle transition via `resolve_case`; the internal resolution_note is
|
|
867
|
+
* never auto-displayed to reporters.
|
|
868
|
+
*/
|
|
869
|
+
postMessage: (issueReportId: string, payload: CreateOperatorMessageRequest) => Promise<IssueReportMessage>;
|
|
870
|
+
/**
|
|
871
|
+
* Retract an operator-authored message. The body is retained; the row's
|
|
872
|
+
* state is marked `retracted`. Retracting an already-retracted message is
|
|
873
|
+
* a safe no-op.
|
|
874
|
+
*/
|
|
875
|
+
retractMessage: (issueReportId: string, messageId: string, payload?: RetractOperatorMessageRequest) => Promise<IssueReportMessage>;
|
|
876
|
+
};
|
|
764
877
|
};
|
|
765
878
|
/**
|
|
766
879
|
* Application-scoped short links for browser apps that need stable public URLs.
|
|
@@ -770,6 +883,10 @@ declare class SPAPSClient<SecureMessageMetadata extends Record<string, any> = Re
|
|
|
770
883
|
* Create a short link owned by the authenticated user.
|
|
771
884
|
*/
|
|
772
885
|
create: (payload: CreateAppLinkRequest) => Promise<AppLink>;
|
|
886
|
+
/**
|
|
887
|
+
* Update a short link owned by the authenticated user.
|
|
888
|
+
*/
|
|
889
|
+
update: (username: string, slug: string, payload: UpdateAppLinkRequest) => Promise<AppLink>;
|
|
773
890
|
/**
|
|
774
891
|
* Resolve a public short link for the active application.
|
|
775
892
|
*/
|
|
@@ -777,6 +894,30 @@ declare class SPAPSClient<SecureMessageMetadata extends Record<string, any> = Re
|
|
|
777
894
|
track?: boolean;
|
|
778
895
|
}) => Promise<AppLink>;
|
|
779
896
|
};
|
|
897
|
+
/**
|
|
898
|
+
* Marketing events and experiment results.
|
|
899
|
+
*
|
|
900
|
+
* Use a publishable key for browser-side event emission. Use a secret key
|
|
901
|
+
* from a trusted server or agent process when reading experiment results.
|
|
902
|
+
*/
|
|
903
|
+
marketing: {
|
|
904
|
+
/**
|
|
905
|
+
* Emit one anonymous attribution touch or experiment exposure.
|
|
906
|
+
*/
|
|
907
|
+
emit: (payload: MarketingEventIngestRequest) => Promise<MarketingEventIngestResponse>;
|
|
908
|
+
/**
|
|
909
|
+
* Alias for emit(), matching the backend ingest endpoint language.
|
|
910
|
+
*/
|
|
911
|
+
ingest: (payload: MarketingEventIngestRequest) => Promise<MarketingEventIngestResponse>;
|
|
912
|
+
/**
|
|
913
|
+
* Read per-variant experiment results and the conservative stop signal.
|
|
914
|
+
*/
|
|
915
|
+
getExperimentResults: (experimentId: string) => Promise<MarketingExperimentResultsResponse>;
|
|
916
|
+
/**
|
|
917
|
+
* Short alias for getExperimentResults().
|
|
918
|
+
*/
|
|
919
|
+
getResults: (experimentId: string) => Promise<MarketingExperimentResultsResponse>;
|
|
920
|
+
};
|
|
780
921
|
private static envVar;
|
|
781
922
|
constructor(config?: SPAPSConfig);
|
|
782
923
|
/** Raw API request helper that returns an ApiResponse-like shape */
|
|
@@ -1154,6 +1295,8 @@ declare class SPAPSClient<SecureMessageMetadata extends Record<string, any> = Re
|
|
|
1154
1295
|
recordUsage(payload: UsageControlRecordRequest): Promise<UsageControlRecordResponse>;
|
|
1155
1296
|
getUsageStatus(query: UsageControlStatusRequest): Promise<UsageControlStatusResponse>;
|
|
1156
1297
|
listUsageHistory(query?: UsageControlHistoryRequest): Promise<UsageControlHistoryResponse>;
|
|
1298
|
+
emitMarketingEvent(payload: MarketingEventIngestRequest): Promise<MarketingEventIngestResponse>;
|
|
1299
|
+
getMarketingExperimentResults(experimentId: string): Promise<MarketingExperimentResultsResponse>;
|
|
1157
1300
|
private createSecureMessage;
|
|
1158
1301
|
private listSecureMessages;
|
|
1159
1302
|
/**
|
|
@@ -1335,4 +1478,4 @@ declare function createServerClient(secretKey: string, options?: Omit<SPAPSConfi
|
|
|
1335
1478
|
*/
|
|
1336
1479
|
declare function detectKeyType(key: string): ApiKeyType | null;
|
|
1337
1480
|
|
|
1338
|
-
export { type AdminConfig, type ApiKeyType, type CheckoutLineItem, type CheckoutLineItemPriceData, type CreateCheckoutSessionPayload, type CreateSkillEvalCaseRequest, type CreateSkillEvalGovernanceSnapshotRequest, DEFAULT_ADMIN_ACCOUNTS, type EmailSendOptions, type EmailSendResult, type EmailTemplate, type EmailTemplatePreview, type EntitlementCheckResult, type EntitlementListParams, type FeatureContext, type FeatureDefinition, FeatureEvaluator, type HeaderProvider, type ImportSkillEvalGovernanceOutcomeRequest, type IssueReportAttachmentUploadOptions, type IssueReportListParams, type IssueReportStatusParams, type PermissionCheckResult, PermissionChecker, type RespondToSkillEvalReviewRequest, type RevealSkillEvalEvidenceRequest, RoleHierarchy, SPAPSClient as SPAPS, SPAPSClient, type SPAPSConfig, type SPAPSEnvelope, type SkillEvalAccessMode, type SkillEvalActorAccess, type SkillEvalCandidateInput, type SkillEvalCandidateResponse, type SkillEvalCasePolicy, type SkillEvalCaseResponse, type SkillEvalConfidence, type SkillEvalCreateOptions, type SkillEvalDisclosurePolicy, type SkillEvalEligibilitySource, type SkillEvalGovernanceOutcomeResult, type SkillEvalGovernancePurpose, type SkillEvalGovernanceSnapshotResult, type SkillEvalInsight, type SkillEvalInsightsResponse, type SkillEvalModelEffort, type SkillEvalMutationOptions, type SkillEvalPosterResponse, type SkillEvalPosterResponseResult, type SkillEvalRevealField, type SkillEvalRevealResult, type SkillEvalReviewMarkInput, type SkillEvalReviewMarkKind, type SkillEvalReviewResponse, type SkillEvalReviewRoom, type SkillEvalReviewerEligibilityInput, type SkillEvalRewardEvent, type SubmitSkillEvalReviewRequest, type TemplateVariable, TokenManager, WalletUtils, WebSocketAuthHelper, type WebSocketAuthHelperConfig, type X402ExecuteActionOptions, X402PaymentRequiredSDKError, type X402ReceiptListParams, type X402VerifyHandoffOptions, canAccessAdmin, createBrowserClient, createPermissionChecker, createServerClient, SPAPSClient as default, defaultPermissionChecker, detectKeyType, getRoleAwareErrorMessage, getUserDisplay, getUserRole, hasPermission, isAdminAccount, isEnvelope, isErrorEnvelope, isSuccessEnvelope, unwrapEnvelope, unwrapNestedData, verifyCryptoWebhookSignature };
|
|
1481
|
+
export { type AdminConfig, type ApiKeyType, type CheckoutLineItem, type CheckoutLineItemPriceData, type CreateCheckoutSessionPayload, type CreateSkillEvalCaseRequest, type CreateSkillEvalGovernanceSnapshotRequest, DEFAULT_ADMIN_ACCOUNTS, type EmailSendOptions, type EmailSendResult, type EmailTemplate, type EmailTemplatePreview, type EntitlementCheckResult, type EntitlementListParams, type FeatureContext, type FeatureDefinition, FeatureEvaluator, type HeaderProvider, type ImportSkillEvalGovernanceOutcomeRequest, type IssueReportAttachmentUploadOptions, type IssueReportListParams, type IssueReportStatusParams, type MarketingEventIngestRequest, type MarketingEventIngestResponse, type MarketingEventType, type MarketingExperimentDecision, type MarketingExperimentEffectDecision, type MarketingExperimentMinSampleDecision, type MarketingExperimentRecommendation, type MarketingExperimentResultsResponse, type MarketingExperimentSrmDecision, type MarketingExperimentSrmStatus, type MarketingExperimentVariantResult, type PermissionCheckResult, PermissionChecker, type RespondToSkillEvalReviewRequest, type RevealSkillEvalEvidenceRequest, RoleHierarchy, SPAPSClient as SPAPS, SPAPSClient, type SPAPSConfig, type SPAPSEnvelope, type SkillEvalAccessMode, type SkillEvalActorAccess, type SkillEvalCandidateInput, type SkillEvalCandidateResponse, type SkillEvalCasePolicy, type SkillEvalCaseResponse, type SkillEvalConfidence, type SkillEvalCreateOptions, type SkillEvalDisclosurePolicy, type SkillEvalEligibilitySource, type SkillEvalGovernanceOutcomeResult, type SkillEvalGovernancePurpose, type SkillEvalGovernanceSnapshotResult, type SkillEvalInsight, type SkillEvalInsightsResponse, type SkillEvalModelEffort, type SkillEvalMutationOptions, type SkillEvalPosterResponse, type SkillEvalPosterResponseResult, type SkillEvalRevealField, type SkillEvalRevealResult, type SkillEvalReviewMarkInput, type SkillEvalReviewMarkKind, type SkillEvalReviewResponse, type SkillEvalReviewRoom, type SkillEvalReviewerEligibilityInput, type SkillEvalRewardEvent, type SubmitSkillEvalReviewRequest, type TemplateVariable, TokenManager, WalletUtils, WebSocketAuthHelper, type WebSocketAuthHelperConfig, type X402ExecuteActionOptions, X402PaymentRequiredSDKError, type X402ReceiptListParams, type X402VerifyHandoffOptions, canAccessAdmin, createBrowserClient, createPermissionChecker, createServerClient, SPAPSClient as default, defaultPermissionChecker, detectKeyType, getRoleAwareErrorMessage, getUserDisplay, getUserRole, hasPermission, isAdminAccount, isEnvelope, isErrorEnvelope, isSuccessEnvelope, unwrapEnvelope, unwrapNestedData, verifyCryptoWebhookSignature };
|
package/dist/index.d.ts
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
import * as spaps_types from 'spaps-types';
|
|
2
|
-
import { ResourceType, Entitlement, CreateProductRequest, Product, UpdateProductRequest, CreatePriceRequest, Price, ProductSyncResult, CryptoReconcileRequest, CreateSecureMessageRequest, SecureMessage, IssueReportScope, IssueReportStatusResult, IssueReportStatus, IssueReportListResult, IssueReport, CreateIssueReportRequest, IssueReportAttachmentOut, ListIssueReportAttachmentsResponse, IssueReportAttachmentAccessResponse, IssueReportingVoiceTokenResult, UpdateIssueReportRequest, ReplyIssueReportRequest, CreateAppLinkRequest, AppLink, AuthResponse, User as User$1, CreateCryptoInvoiceRequest, CryptoInvoiceStatusSnapshot, CheckoutSession, X402ResourceStatusResponse, X402ActionResponse, X402ReceiptResponse, X402ReceiptListResponse, X402HandoffVerification, DayrateAvailabilityResponse, DayrateBookingRequest, DayrateBookingResponse, DayrateMultiBookingRequest, DayrateMultiBookingResponse, DayrateX402BookingRequest, DayrateX402BookingResponse, DayrateCheckoutStatusResponse, UsageControlFeaturesResponse, UsageControlStatusRequest, UsageControlStatusResponse, UsageControlAuthorizeRequest, UsageControlAuthorizeResponse, UsageControlRecordRequest, UsageControlRecordResponse, UsageControlHistoryRequest, UsageControlHistoryResponse, Subscription, VerifyCryptoWebhookSignatureOptions } from 'spaps-types';
|
|
3
|
-
export { AdminPermission, AdminRole, AdminUser, ApiResponse, AppLink, AuthResponse, CheckoutSession, CreateAppLinkRequest, CreateCryptoInvoiceRequest, CreateIssueReportRequest, CreatePriceRequest, CreateProductRequest, CreateSecureMessageInput, CreateSecureMessageRequest, CryptoInvoice, CryptoInvoiceResponse, CryptoInvoiceStatusSnapshot, CryptoReconcileRequest, DayrateAvailabilityResponse, DayrateAvailableSlot, DayrateBookingRequest, DayrateBookingResponse, DayrateCheckoutStatus, DayrateCheckoutStatusBooking, DayrateCheckoutStatusResponse, DayrateDayOfWeek, DayrateMultiBookingRequest, DayrateMultiBookingResponse, DayratePriceBreakdown, DayrateSlotType, DayrateX402BookingRequest, DayrateX402BookingResponse, Entitlement, IssueReport, IssueReportAttachmentAccessResponse, IssueReportAttachmentOut, IssueReportListResult, IssueReportStatus, IssueReportStatusResult, IssueReportTarget, IssueReportingInputMode, IssueReportingVoiceProvider, IssueReportingVoiceTokenResult, LinkedIssueReportCase, ListIssueReportAttachmentsResponse, Price, Product, ProductSyncResult, ReplyIssueReportRequest, ResourceType, SecureMessage, SecureMessageOutput, Subscription, TokenPair, UpdateIssueReportRequest, UpdateProductRequest, UsageControlAuthorizeRequest, UsageControlAuthorizeResponse, UsageControlDecision, UsageControlDimensions, UsageControlError, UsageControlErrorCode, UsageControlFeaturesResponse, UsageControlHistoryRequest, UsageControlHistoryResponse, UsageControlLedgerEvent, UsageControlRecordRequest, UsageControlRecordResponse, UsageControlRecordStatus, UsageControlStatusRequest, UsageControlStatusResponse, User, UserProfile, UserRole, UserWallet, VerifyCryptoWebhookSignatureOptions, X402ActionFreeResponse, X402ActionOutcome, X402ActionPendingResponse, X402ActionReplayedResponse, X402ActionResponse, X402ActionSettledResponse, X402ExecuteActionRequest, X402HandoffAuthorization, X402HandoffVerification, X402HandoffVerifyRequest, X402PaymentAccept, X402PaymentRequirement, X402ProjectionStatus, X402Receipt, X402ReceiptListResponse, X402ReceiptResponse, X402ReceiptStatus, X402Resource, X402ResourceStatus, X402ResourceStatusResponse, atomicToMoneyUnits, createSecureMessageRequestSchema, isX402PaymentRequired, isX402ResourceStatus, moneyUnitsToAtomic, roundHalfToPositiveInfinity, secureMessageMetadataSchema, secureMessageSchema, validatePositiveAmountAtomic } from 'spaps-types';
|
|
2
|
+
import { ResourceType, Entitlement, CreateProductRequest, Product, UpdateProductRequest, CreatePriceRequest, Price, ProductSyncResult, CryptoReconcileRequest, CreateSecureMessageRequest, SecureMessage, IssueReportScope, IssueReportStatusResult, IssueReportStatus, IssueReportListResult, IssueReport, CreateIssueReportRequest, IssueReportAttachmentOut, ListIssueReportAttachmentsResponse, IssueReportAttachmentAccessResponse, IssueReportingVoiceTokenResult, UpdateIssueReportRequest, ReplyIssueReportRequest, ListIssueReportMessagesResponse, CreateReporterMessageRequest, IssueReportMessage, CreateOperatorMessageRequest, RetractOperatorMessageRequest, CreateAppLinkRequest, AppLink, UpdateAppLinkRequest, AuthResponse, User as User$1, CreateCryptoInvoiceRequest, CryptoInvoiceStatusSnapshot, CheckoutSession, X402ResourceStatusResponse, X402ActionResponse, X402ReceiptResponse, X402ReceiptListResponse, X402HandoffVerification, DayrateAvailabilityResponse, DayrateBookingRequest, DayrateBookingResponse, DayrateMultiBookingRequest, DayrateMultiBookingResponse, DayrateX402BookingRequest, DayrateX402BookingResponse, DayrateCheckoutStatusResponse, UsageControlFeaturesResponse, UsageControlStatusRequest, UsageControlStatusResponse, UsageControlAuthorizeRequest, UsageControlAuthorizeResponse, UsageControlRecordRequest, UsageControlRecordResponse, UsageControlHistoryRequest, UsageControlHistoryResponse, Subscription, VerifyCryptoWebhookSignatureOptions } from 'spaps-types';
|
|
3
|
+
export { AdminPermission, AdminRole, AdminUser, ApiResponse, AppLink, AuthResponse, CheckoutSession, CreateAppLinkRequest, CreateCryptoInvoiceRequest, CreateIssueReportRequest, CreateOperatorMessageRequest, CreatePriceRequest, CreateProductRequest, CreateReporterMessageRequest, CreateSecureMessageInput, CreateSecureMessageRequest, CryptoInvoice, CryptoInvoiceResponse, CryptoInvoiceStatusSnapshot, CryptoReconcileRequest, DayrateAvailabilityResponse, DayrateAvailableSlot, DayrateBookingRequest, DayrateBookingResponse, DayrateCheckoutStatus, DayrateCheckoutStatusBooking, DayrateCheckoutStatusResponse, DayrateDayOfWeek, DayrateMultiBookingRequest, DayrateMultiBookingResponse, DayratePriceBreakdown, DayrateSlotType, DayrateX402BookingRequest, DayrateX402BookingResponse, Entitlement, IssueReport, IssueReportAttachmentAccessResponse, IssueReportAttachmentOut, IssueReportListResult, IssueReportMessage, IssueReportStatus, IssueReportStatusResult, IssueReportTarget, IssueReportingInputMode, IssueReportingVoiceProvider, IssueReportingVoiceTokenResult, LinkedIssueReportCase, ListIssueReportAttachmentsResponse, ListIssueReportMessagesResponse, Price, Product, ProductSyncResult, ReplyIssueReportRequest, ResourceType, RetractOperatorMessageRequest, SecureMessage, SecureMessageOutput, Subscription, TokenPair, UpdateAppLinkRequest, UpdateIssueReportRequest, UpdateProductRequest, UsageControlAuthorizeRequest, UsageControlAuthorizeResponse, UsageControlDecision, UsageControlDimensions, UsageControlError, UsageControlErrorCode, UsageControlFeaturesResponse, UsageControlHistoryRequest, UsageControlHistoryResponse, UsageControlLedgerEvent, UsageControlRecordRequest, UsageControlRecordResponse, UsageControlRecordStatus, UsageControlStatusRequest, UsageControlStatusResponse, User, UserProfile, UserRole, UserWallet, VerifyCryptoWebhookSignatureOptions, X402ActionFreeResponse, X402ActionOutcome, X402ActionPendingResponse, X402ActionReplayedResponse, X402ActionResponse, X402ActionSettledResponse, X402ExecuteActionRequest, X402HandoffAuthorization, X402HandoffVerification, X402HandoffVerifyRequest, X402PaymentAccept, X402PaymentRequirement, X402ProjectionStatus, X402Receipt, X402ReceiptListResponse, X402ReceiptResponse, X402ReceiptStatus, X402Resource, X402ResourceStatus, X402ResourceStatusResponse, atomicToMoneyUnits, createSecureMessageRequestSchema, isX402PaymentRequired, isX402ResourceStatus, moneyUnitsToAtomic, roundHalfToPositiveInfinity, secureMessageMetadataSchema, secureMessageSchema, validatePositiveAmountAtomic } from 'spaps-types';
|
|
4
4
|
|
|
5
5
|
/**
|
|
6
6
|
* Permission checking utilities for SPAPS SDK
|
|
@@ -336,6 +336,73 @@ interface EmailTemplatePreview {
|
|
|
336
336
|
html: string;
|
|
337
337
|
text?: string;
|
|
338
338
|
}
|
|
339
|
+
type MarketingEventType = 'attribution_touch' | 'experiment_exposure';
|
|
340
|
+
type MarketingExperimentRecommendation = 'continue' | 'continue_srm_warning' | 'stop_for_winner';
|
|
341
|
+
type MarketingExperimentSrmStatus = 'pass' | 'warning' | 'not_applicable';
|
|
342
|
+
interface MarketingEventIngestRequest {
|
|
343
|
+
application_id?: string;
|
|
344
|
+
anon_id: string;
|
|
345
|
+
event_type: MarketingEventType;
|
|
346
|
+
experiment_id?: string | null;
|
|
347
|
+
variant_id?: string | null;
|
|
348
|
+
variant?: string | null;
|
|
349
|
+
metadata?: Record<string, unknown> | null;
|
|
350
|
+
dedupe_key?: string | null;
|
|
351
|
+
timestamp?: string | null;
|
|
352
|
+
observed_at?: string | null;
|
|
353
|
+
}
|
|
354
|
+
interface MarketingEventIngestResponse {
|
|
355
|
+
id: string;
|
|
356
|
+
application_id: string;
|
|
357
|
+
anon_id: string;
|
|
358
|
+
event_type: MarketingEventType;
|
|
359
|
+
experiment_id?: string | null;
|
|
360
|
+
variant?: string | null;
|
|
361
|
+
dedupe_key: string;
|
|
362
|
+
ts: string;
|
|
363
|
+
created_at: string;
|
|
364
|
+
}
|
|
365
|
+
interface MarketingExperimentVariantResult {
|
|
366
|
+
variant_id: string | null;
|
|
367
|
+
exposures: number;
|
|
368
|
+
conversions: number;
|
|
369
|
+
conversion_rate: number;
|
|
370
|
+
revenue: Record<string, number>;
|
|
371
|
+
}
|
|
372
|
+
interface MarketingExperimentMinSampleDecision {
|
|
373
|
+
met: boolean;
|
|
374
|
+
min_exposures_per_variant: number;
|
|
375
|
+
min_total_conversions: number;
|
|
376
|
+
observed_min_exposures: number;
|
|
377
|
+
observed_total_conversions: number;
|
|
378
|
+
}
|
|
379
|
+
interface MarketingExperimentSrmDecision {
|
|
380
|
+
status: MarketingExperimentSrmStatus;
|
|
381
|
+
expected_share?: number | null;
|
|
382
|
+
max_share_ratio?: number | null;
|
|
383
|
+
min_share_ratio?: number | null;
|
|
384
|
+
}
|
|
385
|
+
interface MarketingExperimentEffectDecision {
|
|
386
|
+
leader_variant_id?: string | null;
|
|
387
|
+
runner_up_variant_id?: string | null;
|
|
388
|
+
absolute_lift?: number | null;
|
|
389
|
+
relative_lift?: number | null;
|
|
390
|
+
}
|
|
391
|
+
interface MarketingExperimentDecision {
|
|
392
|
+
decisive: boolean;
|
|
393
|
+
recommendation: MarketingExperimentRecommendation;
|
|
394
|
+
winner_variant_id?: string | null;
|
|
395
|
+
reason_codes: string[];
|
|
396
|
+
min_sample: MarketingExperimentMinSampleDecision;
|
|
397
|
+
srm: MarketingExperimentSrmDecision;
|
|
398
|
+
effect: MarketingExperimentEffectDecision;
|
|
399
|
+
}
|
|
400
|
+
interface MarketingExperimentResultsResponse {
|
|
401
|
+
application_id: string;
|
|
402
|
+
experiment_id: string;
|
|
403
|
+
variants: MarketingExperimentVariantResult[];
|
|
404
|
+
decision: MarketingExperimentDecision;
|
|
405
|
+
}
|
|
339
406
|
interface EntitlementListParams {
|
|
340
407
|
/** Filter by entitlement key */
|
|
341
408
|
key?: string;
|
|
@@ -708,7 +775,7 @@ declare class SPAPSClient<SecureMessageMetadata extends Record<string, any> = Re
|
|
|
708
775
|
* Note: For publishable key contexts, only `resource_type=user` is permitted.
|
|
709
776
|
* Non-user resource types will return a 403 error (enforced server-side).
|
|
710
777
|
*
|
|
711
|
-
* @param resourceType - The resource type (e.g. "user", "company", "org", "system").
|
|
778
|
+
* @param resourceType - The resource type (e.g. "user", "company", "org", "system", "project").
|
|
712
779
|
* @param resourceId - Optional specific resource ID.
|
|
713
780
|
*/
|
|
714
781
|
listByResource: (resourceType: ResourceType, resourceId?: string) => Promise<Entitlement[]>;
|
|
@@ -744,6 +811,12 @@ declare class SPAPSClient<SecureMessageMetadata extends Record<string, any> = Re
|
|
|
744
811
|
/**
|
|
745
812
|
* Return a short-lived private attachment access URL.
|
|
746
813
|
*/
|
|
814
|
+
getAttachmentAccess: (attachmentId: string) => Promise<IssueReportAttachmentAccessResponse>;
|
|
815
|
+
/**
|
|
816
|
+
* Return a short-lived private attachment access URL.
|
|
817
|
+
*
|
|
818
|
+
* @deprecated Use getAttachmentAccess(attachmentId).
|
|
819
|
+
*/
|
|
747
820
|
getAttachmentAccessUrl: (attachmentId: string) => Promise<IssueReportAttachmentAccessResponse>;
|
|
748
821
|
/**
|
|
749
822
|
* Soft-delete one owned screenshot attachment.
|
|
@@ -761,6 +834,46 @@ declare class SPAPSClient<SecureMessageMetadata extends Record<string, any> = Re
|
|
|
761
834
|
* Reply to a resolved or ignored issue report and reopen the linked case.
|
|
762
835
|
*/
|
|
763
836
|
reply: (issueReportId: string, payload: ReplyIssueReportRequest) => Promise<IssueReport>;
|
|
837
|
+
/**
|
|
838
|
+
* List the chronological, reporter-visible message thread for one owned
|
|
839
|
+
* issue report. Only active, reporter-visible rows are returned; retracted
|
|
840
|
+
* or superseded operator messages are excluded and raw audit payloads are
|
|
841
|
+
* never exposed. `needs_response` badges an open clarification request.
|
|
842
|
+
*/
|
|
843
|
+
listMessages: (issueReportId: string) => Promise<ListIssueReportMessagesResponse>;
|
|
844
|
+
/**
|
|
845
|
+
* Submit a reporter clarification response on one owned issue report. This
|
|
846
|
+
* does NOT reopen a closed case (use `reply` for that). Idempotent on
|
|
847
|
+
* `idempotency_key`: same key + same body returns the existing message,
|
|
848
|
+
* same key + different body returns 409 ISSUE_REPORT_MESSAGE_CONFLICT.
|
|
849
|
+
*/
|
|
850
|
+
submitMessage: (issueReportId: string, payload: CreateReporterMessageRequest) => Promise<IssueReportMessage>;
|
|
851
|
+
/**
|
|
852
|
+
* Triage-operator message commands. These require a secret key context and a
|
|
853
|
+
* triage role/capability; publishable browser contexts are rejected by the
|
|
854
|
+
* server. Provide the secret key as the SDK's API key.
|
|
855
|
+
*/
|
|
856
|
+
triage: {
|
|
857
|
+
/**
|
|
858
|
+
* List all projection rows for an app-scoped report (including corrected
|
|
859
|
+
* rows) for authorized triage operators.
|
|
860
|
+
*/
|
|
861
|
+
listMessages: (issueReportId: string) => Promise<ListIssueReportMessagesResponse>;
|
|
862
|
+
/**
|
|
863
|
+
* Post a clarification_request or final_response reporter-visible message
|
|
864
|
+
* as a triage operator. Idempotent on `idempotency_key`; a key reused with
|
|
865
|
+
* a different body returns 409. A final_response can drive a terminal
|
|
866
|
+
* lifecycle transition via `resolve_case`; the internal resolution_note is
|
|
867
|
+
* never auto-displayed to reporters.
|
|
868
|
+
*/
|
|
869
|
+
postMessage: (issueReportId: string, payload: CreateOperatorMessageRequest) => Promise<IssueReportMessage>;
|
|
870
|
+
/**
|
|
871
|
+
* Retract an operator-authored message. The body is retained; the row's
|
|
872
|
+
* state is marked `retracted`. Retracting an already-retracted message is
|
|
873
|
+
* a safe no-op.
|
|
874
|
+
*/
|
|
875
|
+
retractMessage: (issueReportId: string, messageId: string, payload?: RetractOperatorMessageRequest) => Promise<IssueReportMessage>;
|
|
876
|
+
};
|
|
764
877
|
};
|
|
765
878
|
/**
|
|
766
879
|
* Application-scoped short links for browser apps that need stable public URLs.
|
|
@@ -770,6 +883,10 @@ declare class SPAPSClient<SecureMessageMetadata extends Record<string, any> = Re
|
|
|
770
883
|
* Create a short link owned by the authenticated user.
|
|
771
884
|
*/
|
|
772
885
|
create: (payload: CreateAppLinkRequest) => Promise<AppLink>;
|
|
886
|
+
/**
|
|
887
|
+
* Update a short link owned by the authenticated user.
|
|
888
|
+
*/
|
|
889
|
+
update: (username: string, slug: string, payload: UpdateAppLinkRequest) => Promise<AppLink>;
|
|
773
890
|
/**
|
|
774
891
|
* Resolve a public short link for the active application.
|
|
775
892
|
*/
|
|
@@ -777,6 +894,30 @@ declare class SPAPSClient<SecureMessageMetadata extends Record<string, any> = Re
|
|
|
777
894
|
track?: boolean;
|
|
778
895
|
}) => Promise<AppLink>;
|
|
779
896
|
};
|
|
897
|
+
/**
|
|
898
|
+
* Marketing events and experiment results.
|
|
899
|
+
*
|
|
900
|
+
* Use a publishable key for browser-side event emission. Use a secret key
|
|
901
|
+
* from a trusted server or agent process when reading experiment results.
|
|
902
|
+
*/
|
|
903
|
+
marketing: {
|
|
904
|
+
/**
|
|
905
|
+
* Emit one anonymous attribution touch or experiment exposure.
|
|
906
|
+
*/
|
|
907
|
+
emit: (payload: MarketingEventIngestRequest) => Promise<MarketingEventIngestResponse>;
|
|
908
|
+
/**
|
|
909
|
+
* Alias for emit(), matching the backend ingest endpoint language.
|
|
910
|
+
*/
|
|
911
|
+
ingest: (payload: MarketingEventIngestRequest) => Promise<MarketingEventIngestResponse>;
|
|
912
|
+
/**
|
|
913
|
+
* Read per-variant experiment results and the conservative stop signal.
|
|
914
|
+
*/
|
|
915
|
+
getExperimentResults: (experimentId: string) => Promise<MarketingExperimentResultsResponse>;
|
|
916
|
+
/**
|
|
917
|
+
* Short alias for getExperimentResults().
|
|
918
|
+
*/
|
|
919
|
+
getResults: (experimentId: string) => Promise<MarketingExperimentResultsResponse>;
|
|
920
|
+
};
|
|
780
921
|
private static envVar;
|
|
781
922
|
constructor(config?: SPAPSConfig);
|
|
782
923
|
/** Raw API request helper that returns an ApiResponse-like shape */
|
|
@@ -1154,6 +1295,8 @@ declare class SPAPSClient<SecureMessageMetadata extends Record<string, any> = Re
|
|
|
1154
1295
|
recordUsage(payload: UsageControlRecordRequest): Promise<UsageControlRecordResponse>;
|
|
1155
1296
|
getUsageStatus(query: UsageControlStatusRequest): Promise<UsageControlStatusResponse>;
|
|
1156
1297
|
listUsageHistory(query?: UsageControlHistoryRequest): Promise<UsageControlHistoryResponse>;
|
|
1298
|
+
emitMarketingEvent(payload: MarketingEventIngestRequest): Promise<MarketingEventIngestResponse>;
|
|
1299
|
+
getMarketingExperimentResults(experimentId: string): Promise<MarketingExperimentResultsResponse>;
|
|
1157
1300
|
private createSecureMessage;
|
|
1158
1301
|
private listSecureMessages;
|
|
1159
1302
|
/**
|
|
@@ -1335,4 +1478,4 @@ declare function createServerClient(secretKey: string, options?: Omit<SPAPSConfi
|
|
|
1335
1478
|
*/
|
|
1336
1479
|
declare function detectKeyType(key: string): ApiKeyType | null;
|
|
1337
1480
|
|
|
1338
|
-
export { type AdminConfig, type ApiKeyType, type CheckoutLineItem, type CheckoutLineItemPriceData, type CreateCheckoutSessionPayload, type CreateSkillEvalCaseRequest, type CreateSkillEvalGovernanceSnapshotRequest, DEFAULT_ADMIN_ACCOUNTS, type EmailSendOptions, type EmailSendResult, type EmailTemplate, type EmailTemplatePreview, type EntitlementCheckResult, type EntitlementListParams, type FeatureContext, type FeatureDefinition, FeatureEvaluator, type HeaderProvider, type ImportSkillEvalGovernanceOutcomeRequest, type IssueReportAttachmentUploadOptions, type IssueReportListParams, type IssueReportStatusParams, type PermissionCheckResult, PermissionChecker, type RespondToSkillEvalReviewRequest, type RevealSkillEvalEvidenceRequest, RoleHierarchy, SPAPSClient as SPAPS, SPAPSClient, type SPAPSConfig, type SPAPSEnvelope, type SkillEvalAccessMode, type SkillEvalActorAccess, type SkillEvalCandidateInput, type SkillEvalCandidateResponse, type SkillEvalCasePolicy, type SkillEvalCaseResponse, type SkillEvalConfidence, type SkillEvalCreateOptions, type SkillEvalDisclosurePolicy, type SkillEvalEligibilitySource, type SkillEvalGovernanceOutcomeResult, type SkillEvalGovernancePurpose, type SkillEvalGovernanceSnapshotResult, type SkillEvalInsight, type SkillEvalInsightsResponse, type SkillEvalModelEffort, type SkillEvalMutationOptions, type SkillEvalPosterResponse, type SkillEvalPosterResponseResult, type SkillEvalRevealField, type SkillEvalRevealResult, type SkillEvalReviewMarkInput, type SkillEvalReviewMarkKind, type SkillEvalReviewResponse, type SkillEvalReviewRoom, type SkillEvalReviewerEligibilityInput, type SkillEvalRewardEvent, type SubmitSkillEvalReviewRequest, type TemplateVariable, TokenManager, WalletUtils, WebSocketAuthHelper, type WebSocketAuthHelperConfig, type X402ExecuteActionOptions, X402PaymentRequiredSDKError, type X402ReceiptListParams, type X402VerifyHandoffOptions, canAccessAdmin, createBrowserClient, createPermissionChecker, createServerClient, SPAPSClient as default, defaultPermissionChecker, detectKeyType, getRoleAwareErrorMessage, getUserDisplay, getUserRole, hasPermission, isAdminAccount, isEnvelope, isErrorEnvelope, isSuccessEnvelope, unwrapEnvelope, unwrapNestedData, verifyCryptoWebhookSignature };
|
|
1481
|
+
export { type AdminConfig, type ApiKeyType, type CheckoutLineItem, type CheckoutLineItemPriceData, type CreateCheckoutSessionPayload, type CreateSkillEvalCaseRequest, type CreateSkillEvalGovernanceSnapshotRequest, DEFAULT_ADMIN_ACCOUNTS, type EmailSendOptions, type EmailSendResult, type EmailTemplate, type EmailTemplatePreview, type EntitlementCheckResult, type EntitlementListParams, type FeatureContext, type FeatureDefinition, FeatureEvaluator, type HeaderProvider, type ImportSkillEvalGovernanceOutcomeRequest, type IssueReportAttachmentUploadOptions, type IssueReportListParams, type IssueReportStatusParams, type MarketingEventIngestRequest, type MarketingEventIngestResponse, type MarketingEventType, type MarketingExperimentDecision, type MarketingExperimentEffectDecision, type MarketingExperimentMinSampleDecision, type MarketingExperimentRecommendation, type MarketingExperimentResultsResponse, type MarketingExperimentSrmDecision, type MarketingExperimentSrmStatus, type MarketingExperimentVariantResult, type PermissionCheckResult, PermissionChecker, type RespondToSkillEvalReviewRequest, type RevealSkillEvalEvidenceRequest, RoleHierarchy, SPAPSClient as SPAPS, SPAPSClient, type SPAPSConfig, type SPAPSEnvelope, type SkillEvalAccessMode, type SkillEvalActorAccess, type SkillEvalCandidateInput, type SkillEvalCandidateResponse, type SkillEvalCasePolicy, type SkillEvalCaseResponse, type SkillEvalConfidence, type SkillEvalCreateOptions, type SkillEvalDisclosurePolicy, type SkillEvalEligibilitySource, type SkillEvalGovernanceOutcomeResult, type SkillEvalGovernancePurpose, type SkillEvalGovernanceSnapshotResult, type SkillEvalInsight, type SkillEvalInsightsResponse, type SkillEvalModelEffort, type SkillEvalMutationOptions, type SkillEvalPosterResponse, type SkillEvalPosterResponseResult, type SkillEvalRevealField, type SkillEvalRevealResult, type SkillEvalReviewMarkInput, type SkillEvalReviewMarkKind, type SkillEvalReviewResponse, type SkillEvalReviewRoom, type SkillEvalReviewerEligibilityInput, type SkillEvalRewardEvent, type SubmitSkillEvalReviewRequest, type TemplateVariable, TokenManager, WalletUtils, WebSocketAuthHelper, type WebSocketAuthHelperConfig, type X402ExecuteActionOptions, X402PaymentRequiredSDKError, type X402ReceiptListParams, type X402VerifyHandoffOptions, canAccessAdmin, createBrowserClient, createPermissionChecker, createServerClient, SPAPSClient as default, defaultPermissionChecker, detectKeyType, getRoleAwareErrorMessage, getUserDisplay, getUserRole, hasPermission, isAdminAccount, isEnvelope, isErrorEnvelope, isSuccessEnvelope, unwrapEnvelope, unwrapNestedData, verifyCryptoWebhookSignature };
|
package/dist/index.js
CHANGED
|
@@ -672,7 +672,7 @@ var SPAPSClient = class _SPAPSClient {
|
|
|
672
672
|
* @param userId - Optional user ID override (secret key contexts only).
|
|
673
673
|
*/
|
|
674
674
|
check: async (key, userId) => {
|
|
675
|
-
const q = new URLSearchParams({ key });
|
|
675
|
+
const q = new URLSearchParams({ entitlement_key: key });
|
|
676
676
|
if (userId) q.append("user_id", userId);
|
|
677
677
|
const res = await this.client.get(
|
|
678
678
|
`/api/entitlements/check?${q.toString()}`,
|
|
@@ -686,7 +686,7 @@ var SPAPSClient = class _SPAPSClient {
|
|
|
686
686
|
* Note: For publishable key contexts, only `resource_type=user` is permitted.
|
|
687
687
|
* Non-user resource types will return a 403 error (enforced server-side).
|
|
688
688
|
*
|
|
689
|
-
* @param resourceType - The resource type (e.g. "user", "company", "org", "system").
|
|
689
|
+
* @param resourceType - The resource type (e.g. "user", "company", "org", "system", "project").
|
|
690
690
|
* @param resourceId - Optional specific resource ID.
|
|
691
691
|
*/
|
|
692
692
|
listByResource: async (resourceType, resourceId) => {
|
|
@@ -793,7 +793,7 @@ var SPAPSClient = class _SPAPSClient {
|
|
|
793
793
|
/**
|
|
794
794
|
* Return a short-lived private attachment access URL.
|
|
795
795
|
*/
|
|
796
|
-
|
|
796
|
+
getAttachmentAccess: async (attachmentId) => {
|
|
797
797
|
const res = await this.client.get(
|
|
798
798
|
`/api/v1/issue-reports/attachments/${encodeURIComponent(attachmentId)}/access`,
|
|
799
799
|
this.accessToken ? { headers: { Authorization: `Bearer ${this.accessToken}` } } : void 0
|
|
@@ -803,6 +803,14 @@ var SPAPSClient = class _SPAPSClient {
|
|
|
803
803
|
"Failed to get issue report attachment access URL"
|
|
804
804
|
);
|
|
805
805
|
},
|
|
806
|
+
/**
|
|
807
|
+
* Return a short-lived private attachment access URL.
|
|
808
|
+
*
|
|
809
|
+
* @deprecated Use getAttachmentAccess(attachmentId).
|
|
810
|
+
*/
|
|
811
|
+
getAttachmentAccessUrl: async (attachmentId) => {
|
|
812
|
+
return this.issueReporting.getAttachmentAccess(attachmentId);
|
|
813
|
+
},
|
|
806
814
|
/**
|
|
807
815
|
* Soft-delete one owned screenshot attachment.
|
|
808
816
|
*/
|
|
@@ -844,6 +852,82 @@ var SPAPSClient = class _SPAPSClient {
|
|
|
844
852
|
this.accessToken ? { headers: { Authorization: `Bearer ${this.accessToken}` } } : void 0
|
|
845
853
|
);
|
|
846
854
|
return this.unwrapApiResponse(res, "Failed to reply to issue report");
|
|
855
|
+
},
|
|
856
|
+
/**
|
|
857
|
+
* List the chronological, reporter-visible message thread for one owned
|
|
858
|
+
* issue report. Only active, reporter-visible rows are returned; retracted
|
|
859
|
+
* or superseded operator messages are excluded and raw audit payloads are
|
|
860
|
+
* never exposed. `needs_response` badges an open clarification request.
|
|
861
|
+
*/
|
|
862
|
+
listMessages: async (issueReportId) => {
|
|
863
|
+
const res = await this.client.get(
|
|
864
|
+
`/api/v1/issue-reports/${issueReportId}/messages`,
|
|
865
|
+
this.accessToken ? { headers: { Authorization: `Bearer ${this.accessToken}` } } : void 0
|
|
866
|
+
);
|
|
867
|
+
return this.unwrapApiResponse(res, "Failed to list issue report messages");
|
|
868
|
+
},
|
|
869
|
+
/**
|
|
870
|
+
* Submit a reporter clarification response on one owned issue report. This
|
|
871
|
+
* does NOT reopen a closed case (use `reply` for that). Idempotent on
|
|
872
|
+
* `idempotency_key`: same key + same body returns the existing message,
|
|
873
|
+
* same key + different body returns 409 ISSUE_REPORT_MESSAGE_CONFLICT.
|
|
874
|
+
*/
|
|
875
|
+
submitMessage: async (issueReportId, payload) => {
|
|
876
|
+
const res = await this.client.post(
|
|
877
|
+
`/api/v1/issue-reports/${issueReportId}/messages`,
|
|
878
|
+
payload,
|
|
879
|
+
this.accessToken ? { headers: { Authorization: `Bearer ${this.accessToken}` } } : void 0
|
|
880
|
+
);
|
|
881
|
+
return this.unwrapApiResponse(res, "Failed to submit issue report message");
|
|
882
|
+
},
|
|
883
|
+
/**
|
|
884
|
+
* Triage-operator message commands. These require a secret key context and a
|
|
885
|
+
* triage role/capability; publishable browser contexts are rejected by the
|
|
886
|
+
* server. Provide the secret key as the SDK's API key.
|
|
887
|
+
*/
|
|
888
|
+
triage: {
|
|
889
|
+
/**
|
|
890
|
+
* List all projection rows for an app-scoped report (including corrected
|
|
891
|
+
* rows) for authorized triage operators.
|
|
892
|
+
*/
|
|
893
|
+
listMessages: async (issueReportId) => {
|
|
894
|
+
const res = await this.client.get(
|
|
895
|
+
`/api/v1/issue-reports/triage/${issueReportId}/messages`,
|
|
896
|
+
this.accessToken ? { headers: { Authorization: `Bearer ${this.accessToken}` } } : void 0
|
|
897
|
+
);
|
|
898
|
+
return this.unwrapApiResponse(
|
|
899
|
+
res,
|
|
900
|
+
"Failed to list triage issue report messages"
|
|
901
|
+
);
|
|
902
|
+
},
|
|
903
|
+
/**
|
|
904
|
+
* Post a clarification_request or final_response reporter-visible message
|
|
905
|
+
* as a triage operator. Idempotent on `idempotency_key`; a key reused with
|
|
906
|
+
* a different body returns 409. A final_response can drive a terminal
|
|
907
|
+
* lifecycle transition via `resolve_case`; the internal resolution_note is
|
|
908
|
+
* never auto-displayed to reporters.
|
|
909
|
+
*/
|
|
910
|
+
postMessage: async (issueReportId, payload) => {
|
|
911
|
+
const res = await this.client.post(
|
|
912
|
+
`/api/v1/issue-reports/triage/${issueReportId}/messages`,
|
|
913
|
+
payload,
|
|
914
|
+
this.accessToken ? { headers: { Authorization: `Bearer ${this.accessToken}` } } : void 0
|
|
915
|
+
);
|
|
916
|
+
return this.unwrapApiResponse(res, "Failed to post triage issue report message");
|
|
917
|
+
},
|
|
918
|
+
/**
|
|
919
|
+
* Retract an operator-authored message. The body is retained; the row's
|
|
920
|
+
* state is marked `retracted`. Retracting an already-retracted message is
|
|
921
|
+
* a safe no-op.
|
|
922
|
+
*/
|
|
923
|
+
retractMessage: async (issueReportId, messageId, payload = {}) => {
|
|
924
|
+
const res = await this.client.post(
|
|
925
|
+
`/api/v1/issue-reports/triage/${issueReportId}/messages/${messageId}/retract`,
|
|
926
|
+
payload,
|
|
927
|
+
this.accessToken ? { headers: { Authorization: `Bearer ${this.accessToken}` } } : void 0
|
|
928
|
+
);
|
|
929
|
+
return this.unwrapApiResponse(res, "Failed to retract triage issue report message");
|
|
930
|
+
}
|
|
847
931
|
}
|
|
848
932
|
};
|
|
849
933
|
/**
|
|
@@ -861,6 +945,17 @@ var SPAPSClient = class _SPAPSClient {
|
|
|
861
945
|
);
|
|
862
946
|
return this.unwrapApiResponse(res, "Failed to create app link");
|
|
863
947
|
},
|
|
948
|
+
/**
|
|
949
|
+
* Update a short link owned by the authenticated user.
|
|
950
|
+
*/
|
|
951
|
+
update: async (username, slug, payload) => {
|
|
952
|
+
const res = await this.client.patch(
|
|
953
|
+
`/api/v1/app-links/${encodeURIComponent(username)}/${encodeURIComponent(slug)}`,
|
|
954
|
+
payload,
|
|
955
|
+
this.accessToken ? { headers: { Authorization: `Bearer ${this.accessToken}` } } : void 0
|
|
956
|
+
);
|
|
957
|
+
return this.unwrapApiResponse(res, "Failed to update app link");
|
|
958
|
+
},
|
|
864
959
|
/**
|
|
865
960
|
* Resolve a public short link for the active application.
|
|
866
961
|
*/
|
|
@@ -875,6 +970,58 @@ var SPAPSClient = class _SPAPSClient {
|
|
|
875
970
|
return this.unwrapApiResponse(res, "Failed to get app link");
|
|
876
971
|
}
|
|
877
972
|
};
|
|
973
|
+
/**
|
|
974
|
+
* Marketing events and experiment results.
|
|
975
|
+
*
|
|
976
|
+
* Use a publishable key for browser-side event emission. Use a secret key
|
|
977
|
+
* from a trusted server or agent process when reading experiment results.
|
|
978
|
+
*/
|
|
979
|
+
marketing = {
|
|
980
|
+
/**
|
|
981
|
+
* Emit one anonymous attribution touch or experiment exposure.
|
|
982
|
+
*/
|
|
983
|
+
emit: async (payload) => {
|
|
984
|
+
if (payload.event_type === "experiment_exposure") {
|
|
985
|
+
if (!payload.experiment_id?.trim()) {
|
|
986
|
+
throw new Error("experiment_id is required for experiment_exposure events");
|
|
987
|
+
}
|
|
988
|
+
const variant = payload.variant_id ?? payload.variant;
|
|
989
|
+
if (!variant?.trim()) {
|
|
990
|
+
throw new Error("variant_id or variant is required for experiment_exposure events");
|
|
991
|
+
}
|
|
992
|
+
}
|
|
993
|
+
const res = await this.client.post("/api/marketing-events/ingest", payload);
|
|
994
|
+
return this.unwrapApiResponse(
|
|
995
|
+
res,
|
|
996
|
+
"Failed to emit marketing event"
|
|
997
|
+
);
|
|
998
|
+
},
|
|
999
|
+
/**
|
|
1000
|
+
* Alias for emit(), matching the backend ingest endpoint language.
|
|
1001
|
+
*/
|
|
1002
|
+
ingest: async (payload) => {
|
|
1003
|
+
return this.marketing.emit(payload);
|
|
1004
|
+
},
|
|
1005
|
+
/**
|
|
1006
|
+
* Read per-variant experiment results and the conservative stop signal.
|
|
1007
|
+
*/
|
|
1008
|
+
getExperimentResults: async (experimentId) => {
|
|
1009
|
+
const encodedExperimentId = encodeURIComponent(experimentId);
|
|
1010
|
+
const res = await this.client.get(
|
|
1011
|
+
`/api/marketing/experiments/${encodedExperimentId}/results`
|
|
1012
|
+
);
|
|
1013
|
+
return this.unwrapApiResponse(
|
|
1014
|
+
res,
|
|
1015
|
+
"Failed to get marketing experiment results"
|
|
1016
|
+
);
|
|
1017
|
+
},
|
|
1018
|
+
/**
|
|
1019
|
+
* Short alias for getExperimentResults().
|
|
1020
|
+
*/
|
|
1021
|
+
getResults: async (experimentId) => {
|
|
1022
|
+
return this.marketing.getExperimentResults(experimentId);
|
|
1023
|
+
}
|
|
1024
|
+
};
|
|
878
1025
|
static envVar(name) {
|
|
879
1026
|
if (typeof process !== "undefined" && process.env) {
|
|
880
1027
|
return process.env[name];
|
|
@@ -1763,6 +1910,12 @@ var SPAPSClient = class _SPAPSClient {
|
|
|
1763
1910
|
async listUsageHistory(query = {}) {
|
|
1764
1911
|
return this.usage.listHistory(query);
|
|
1765
1912
|
}
|
|
1913
|
+
async emitMarketingEvent(payload) {
|
|
1914
|
+
return this.marketing.emit(payload);
|
|
1915
|
+
}
|
|
1916
|
+
async getMarketingExperimentResults(experimentId) {
|
|
1917
|
+
return this.marketing.getExperimentResults(experimentId);
|
|
1918
|
+
}
|
|
1766
1919
|
// Secure Messaging Methods
|
|
1767
1920
|
async createSecureMessage(payload) {
|
|
1768
1921
|
const response = await this.client.post("/api/secure-messages", payload);
|
package/dist/index.mjs
CHANGED
|
@@ -637,7 +637,7 @@ var SPAPSClient = class _SPAPSClient {
|
|
|
637
637
|
* @param userId - Optional user ID override (secret key contexts only).
|
|
638
638
|
*/
|
|
639
639
|
check: async (key, userId) => {
|
|
640
|
-
const q = new URLSearchParams({ key });
|
|
640
|
+
const q = new URLSearchParams({ entitlement_key: key });
|
|
641
641
|
if (userId) q.append("user_id", userId);
|
|
642
642
|
const res = await this.client.get(
|
|
643
643
|
`/api/entitlements/check?${q.toString()}`,
|
|
@@ -651,7 +651,7 @@ var SPAPSClient = class _SPAPSClient {
|
|
|
651
651
|
* Note: For publishable key contexts, only `resource_type=user` is permitted.
|
|
652
652
|
* Non-user resource types will return a 403 error (enforced server-side).
|
|
653
653
|
*
|
|
654
|
-
* @param resourceType - The resource type (e.g. "user", "company", "org", "system").
|
|
654
|
+
* @param resourceType - The resource type (e.g. "user", "company", "org", "system", "project").
|
|
655
655
|
* @param resourceId - Optional specific resource ID.
|
|
656
656
|
*/
|
|
657
657
|
listByResource: async (resourceType, resourceId) => {
|
|
@@ -758,7 +758,7 @@ var SPAPSClient = class _SPAPSClient {
|
|
|
758
758
|
/**
|
|
759
759
|
* Return a short-lived private attachment access URL.
|
|
760
760
|
*/
|
|
761
|
-
|
|
761
|
+
getAttachmentAccess: async (attachmentId) => {
|
|
762
762
|
const res = await this.client.get(
|
|
763
763
|
`/api/v1/issue-reports/attachments/${encodeURIComponent(attachmentId)}/access`,
|
|
764
764
|
this.accessToken ? { headers: { Authorization: `Bearer ${this.accessToken}` } } : void 0
|
|
@@ -768,6 +768,14 @@ var SPAPSClient = class _SPAPSClient {
|
|
|
768
768
|
"Failed to get issue report attachment access URL"
|
|
769
769
|
);
|
|
770
770
|
},
|
|
771
|
+
/**
|
|
772
|
+
* Return a short-lived private attachment access URL.
|
|
773
|
+
*
|
|
774
|
+
* @deprecated Use getAttachmentAccess(attachmentId).
|
|
775
|
+
*/
|
|
776
|
+
getAttachmentAccessUrl: async (attachmentId) => {
|
|
777
|
+
return this.issueReporting.getAttachmentAccess(attachmentId);
|
|
778
|
+
},
|
|
771
779
|
/**
|
|
772
780
|
* Soft-delete one owned screenshot attachment.
|
|
773
781
|
*/
|
|
@@ -809,6 +817,82 @@ var SPAPSClient = class _SPAPSClient {
|
|
|
809
817
|
this.accessToken ? { headers: { Authorization: `Bearer ${this.accessToken}` } } : void 0
|
|
810
818
|
);
|
|
811
819
|
return this.unwrapApiResponse(res, "Failed to reply to issue report");
|
|
820
|
+
},
|
|
821
|
+
/**
|
|
822
|
+
* List the chronological, reporter-visible message thread for one owned
|
|
823
|
+
* issue report. Only active, reporter-visible rows are returned; retracted
|
|
824
|
+
* or superseded operator messages are excluded and raw audit payloads are
|
|
825
|
+
* never exposed. `needs_response` badges an open clarification request.
|
|
826
|
+
*/
|
|
827
|
+
listMessages: async (issueReportId) => {
|
|
828
|
+
const res = await this.client.get(
|
|
829
|
+
`/api/v1/issue-reports/${issueReportId}/messages`,
|
|
830
|
+
this.accessToken ? { headers: { Authorization: `Bearer ${this.accessToken}` } } : void 0
|
|
831
|
+
);
|
|
832
|
+
return this.unwrapApiResponse(res, "Failed to list issue report messages");
|
|
833
|
+
},
|
|
834
|
+
/**
|
|
835
|
+
* Submit a reporter clarification response on one owned issue report. This
|
|
836
|
+
* does NOT reopen a closed case (use `reply` for that). Idempotent on
|
|
837
|
+
* `idempotency_key`: same key + same body returns the existing message,
|
|
838
|
+
* same key + different body returns 409 ISSUE_REPORT_MESSAGE_CONFLICT.
|
|
839
|
+
*/
|
|
840
|
+
submitMessage: async (issueReportId, payload) => {
|
|
841
|
+
const res = await this.client.post(
|
|
842
|
+
`/api/v1/issue-reports/${issueReportId}/messages`,
|
|
843
|
+
payload,
|
|
844
|
+
this.accessToken ? { headers: { Authorization: `Bearer ${this.accessToken}` } } : void 0
|
|
845
|
+
);
|
|
846
|
+
return this.unwrapApiResponse(res, "Failed to submit issue report message");
|
|
847
|
+
},
|
|
848
|
+
/**
|
|
849
|
+
* Triage-operator message commands. These require a secret key context and a
|
|
850
|
+
* triage role/capability; publishable browser contexts are rejected by the
|
|
851
|
+
* server. Provide the secret key as the SDK's API key.
|
|
852
|
+
*/
|
|
853
|
+
triage: {
|
|
854
|
+
/**
|
|
855
|
+
* List all projection rows for an app-scoped report (including corrected
|
|
856
|
+
* rows) for authorized triage operators.
|
|
857
|
+
*/
|
|
858
|
+
listMessages: async (issueReportId) => {
|
|
859
|
+
const res = await this.client.get(
|
|
860
|
+
`/api/v1/issue-reports/triage/${issueReportId}/messages`,
|
|
861
|
+
this.accessToken ? { headers: { Authorization: `Bearer ${this.accessToken}` } } : void 0
|
|
862
|
+
);
|
|
863
|
+
return this.unwrapApiResponse(
|
|
864
|
+
res,
|
|
865
|
+
"Failed to list triage issue report messages"
|
|
866
|
+
);
|
|
867
|
+
},
|
|
868
|
+
/**
|
|
869
|
+
* Post a clarification_request or final_response reporter-visible message
|
|
870
|
+
* as a triage operator. Idempotent on `idempotency_key`; a key reused with
|
|
871
|
+
* a different body returns 409. A final_response can drive a terminal
|
|
872
|
+
* lifecycle transition via `resolve_case`; the internal resolution_note is
|
|
873
|
+
* never auto-displayed to reporters.
|
|
874
|
+
*/
|
|
875
|
+
postMessage: async (issueReportId, payload) => {
|
|
876
|
+
const res = await this.client.post(
|
|
877
|
+
`/api/v1/issue-reports/triage/${issueReportId}/messages`,
|
|
878
|
+
payload,
|
|
879
|
+
this.accessToken ? { headers: { Authorization: `Bearer ${this.accessToken}` } } : void 0
|
|
880
|
+
);
|
|
881
|
+
return this.unwrapApiResponse(res, "Failed to post triage issue report message");
|
|
882
|
+
},
|
|
883
|
+
/**
|
|
884
|
+
* Retract an operator-authored message. The body is retained; the row's
|
|
885
|
+
* state is marked `retracted`. Retracting an already-retracted message is
|
|
886
|
+
* a safe no-op.
|
|
887
|
+
*/
|
|
888
|
+
retractMessage: async (issueReportId, messageId, payload = {}) => {
|
|
889
|
+
const res = await this.client.post(
|
|
890
|
+
`/api/v1/issue-reports/triage/${issueReportId}/messages/${messageId}/retract`,
|
|
891
|
+
payload,
|
|
892
|
+
this.accessToken ? { headers: { Authorization: `Bearer ${this.accessToken}` } } : void 0
|
|
893
|
+
);
|
|
894
|
+
return this.unwrapApiResponse(res, "Failed to retract triage issue report message");
|
|
895
|
+
}
|
|
812
896
|
}
|
|
813
897
|
};
|
|
814
898
|
/**
|
|
@@ -826,6 +910,17 @@ var SPAPSClient = class _SPAPSClient {
|
|
|
826
910
|
);
|
|
827
911
|
return this.unwrapApiResponse(res, "Failed to create app link");
|
|
828
912
|
},
|
|
913
|
+
/**
|
|
914
|
+
* Update a short link owned by the authenticated user.
|
|
915
|
+
*/
|
|
916
|
+
update: async (username, slug, payload) => {
|
|
917
|
+
const res = await this.client.patch(
|
|
918
|
+
`/api/v1/app-links/${encodeURIComponent(username)}/${encodeURIComponent(slug)}`,
|
|
919
|
+
payload,
|
|
920
|
+
this.accessToken ? { headers: { Authorization: `Bearer ${this.accessToken}` } } : void 0
|
|
921
|
+
);
|
|
922
|
+
return this.unwrapApiResponse(res, "Failed to update app link");
|
|
923
|
+
},
|
|
829
924
|
/**
|
|
830
925
|
* Resolve a public short link for the active application.
|
|
831
926
|
*/
|
|
@@ -840,6 +935,58 @@ var SPAPSClient = class _SPAPSClient {
|
|
|
840
935
|
return this.unwrapApiResponse(res, "Failed to get app link");
|
|
841
936
|
}
|
|
842
937
|
};
|
|
938
|
+
/**
|
|
939
|
+
* Marketing events and experiment results.
|
|
940
|
+
*
|
|
941
|
+
* Use a publishable key for browser-side event emission. Use a secret key
|
|
942
|
+
* from a trusted server or agent process when reading experiment results.
|
|
943
|
+
*/
|
|
944
|
+
marketing = {
|
|
945
|
+
/**
|
|
946
|
+
* Emit one anonymous attribution touch or experiment exposure.
|
|
947
|
+
*/
|
|
948
|
+
emit: async (payload) => {
|
|
949
|
+
if (payload.event_type === "experiment_exposure") {
|
|
950
|
+
if (!payload.experiment_id?.trim()) {
|
|
951
|
+
throw new Error("experiment_id is required for experiment_exposure events");
|
|
952
|
+
}
|
|
953
|
+
const variant = payload.variant_id ?? payload.variant;
|
|
954
|
+
if (!variant?.trim()) {
|
|
955
|
+
throw new Error("variant_id or variant is required for experiment_exposure events");
|
|
956
|
+
}
|
|
957
|
+
}
|
|
958
|
+
const res = await this.client.post("/api/marketing-events/ingest", payload);
|
|
959
|
+
return this.unwrapApiResponse(
|
|
960
|
+
res,
|
|
961
|
+
"Failed to emit marketing event"
|
|
962
|
+
);
|
|
963
|
+
},
|
|
964
|
+
/**
|
|
965
|
+
* Alias for emit(), matching the backend ingest endpoint language.
|
|
966
|
+
*/
|
|
967
|
+
ingest: async (payload) => {
|
|
968
|
+
return this.marketing.emit(payload);
|
|
969
|
+
},
|
|
970
|
+
/**
|
|
971
|
+
* Read per-variant experiment results and the conservative stop signal.
|
|
972
|
+
*/
|
|
973
|
+
getExperimentResults: async (experimentId) => {
|
|
974
|
+
const encodedExperimentId = encodeURIComponent(experimentId);
|
|
975
|
+
const res = await this.client.get(
|
|
976
|
+
`/api/marketing/experiments/${encodedExperimentId}/results`
|
|
977
|
+
);
|
|
978
|
+
return this.unwrapApiResponse(
|
|
979
|
+
res,
|
|
980
|
+
"Failed to get marketing experiment results"
|
|
981
|
+
);
|
|
982
|
+
},
|
|
983
|
+
/**
|
|
984
|
+
* Short alias for getExperimentResults().
|
|
985
|
+
*/
|
|
986
|
+
getResults: async (experimentId) => {
|
|
987
|
+
return this.marketing.getExperimentResults(experimentId);
|
|
988
|
+
}
|
|
989
|
+
};
|
|
843
990
|
static envVar(name) {
|
|
844
991
|
if (typeof process !== "undefined" && process.env) {
|
|
845
992
|
return process.env[name];
|
|
@@ -1728,6 +1875,12 @@ var SPAPSClient = class _SPAPSClient {
|
|
|
1728
1875
|
async listUsageHistory(query = {}) {
|
|
1729
1876
|
return this.usage.listHistory(query);
|
|
1730
1877
|
}
|
|
1878
|
+
async emitMarketingEvent(payload) {
|
|
1879
|
+
return this.marketing.emit(payload);
|
|
1880
|
+
}
|
|
1881
|
+
async getMarketingExperimentResults(experimentId) {
|
|
1882
|
+
return this.marketing.getExperimentResults(experimentId);
|
|
1883
|
+
}
|
|
1731
1884
|
// Secure Messaging Methods
|
|
1732
1885
|
async createSecureMessage(payload) {
|
|
1733
1886
|
const response = await this.client.post("/api/secure-messages", payload);
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "spaps-sdk",
|
|
3
|
-
"version": "1.10.
|
|
3
|
+
"version": "1.10.2",
|
|
4
4
|
"description": "Sweet Potato Authentication & Payment Service SDK - Zero-config client with built-in permission checking, role-based access control, and dayrate scheduling",
|
|
5
5
|
"main": "dist/index.js",
|
|
6
6
|
"types": "dist/index.d.ts",
|
|
@@ -51,7 +51,7 @@
|
|
|
51
51
|
"dependencies": {
|
|
52
52
|
"axios": "^1.15.1",
|
|
53
53
|
"cross-fetch": "^4.0.0",
|
|
54
|
-
"spaps-types": "^1.4.
|
|
54
|
+
"spaps-types": "^1.4.2"
|
|
55
55
|
},
|
|
56
56
|
"devDependencies": {
|
|
57
57
|
"@types/node": "^20.10.0",
|
|
@@ -81,4 +81,4 @@
|
|
|
81
81
|
"engines": {
|
|
82
82
|
"node": ">=14.0.0"
|
|
83
83
|
}
|
|
84
|
-
}
|
|
84
|
+
}
|