vesant-sdk 1.1.1 → 1.3.0

package/dist/{client-i5QtnFIa.d.ts → client-B6fUFAUM.d.mts}

@@ -1,4 +1,5 @@
-import { b as Logger, P as PaginationParams, B as BaseClient, R as RequestOptions } from './types-BpKxSXGF.js';
+import { L as Logger, B as BaseClient, R as RequestOptions } from './client-DzElM7u-.mjs';
+import { P as PaginationParams } from './types-DZHongaK.mjs';
 
 interface DeviceFingerprintRequest {
     device_id: string;
@@ -73,6 +74,10 @@ type CipherTextReason = 'registration' | 'login' | 'transaction' | 'interval_che
 interface CipherTextOptions {
     /** Reason for collection (required) */
     reason: CipherTextReason;
+    /** Public signing key (pk_) for HMAC signing (produces v02 signed cipherText) */
+    signingKey?: string;
+    /** @deprecated Use signingKey instead. API key for HMAC signing (backward compat) */
+    apiKey?: string;
     /** Request GPS location (default: false) */
     requestLocation?: boolean;
     /** GPS timeout in milliseconds (default: 10000) */
@@ -449,6 +454,8 @@ interface GeolocationConfigResponse {
         registration: boolean;
         transaction: boolean;
     };
+    /** Public signing key (pk_) for client-side HMAC signing */
+    signing_key?: string;
 }
 interface GeolocationClientConfig {
     /** Base URL of the API Gateway (e.g., "https://api.example.com") */
@@ -736,6 +743,7 @@ interface UseLocationCaptureResult {
  * transient failures gracefully.
  */
 declare class GeolocationClient extends BaseClient {
+    private cachedSigningKey?;
     constructor(config: GeolocationClientConfig);
     /**
      * Verify an IP address and check compliance
@@ -964,6 +972,23 @@ declare class GeolocationClient extends BaseClient {
      * ```
      */
     captureLocation(token: string, capture: LocationCaptureRequest, requestOptions?: RequestOptions): Promise<LocationCaptureResponse>;
+    /**
+     * Generate a signed cipherText containing device and location data.
+     *
+     * Automatically passes the client's API key for HMAC signing (v02 format).
+     * If no API key is configured, falls back to unsigned v01 format.
+     *
+     * @param options - Options for cipherText generation
+     * @param gpsConfig - Optional GPS config (from getGPSConfig)
+     * @returns CipherText result with the signed string
+     *
+     * @example
+     * ```typescript
+     * const result = await client.generateCipherText({ reason: 'login' });
+     * console.log(result.cipherText); // v02 signed cipherText
+     * ```
+     */
+    generateCipherText(options: Omit<CipherTextOptions, 'apiKey' | 'signingKey'>, gpsConfig?: GeolocationConfigResponse): Promise<CipherTextResult>;
 }
 
 export { type UseLocationRequestsOptions as $, type AlertStatus as A, type APIError as B, type CipherTextPayload as C, type DeviceFingerprintRequest as D, type GeolocationConfigResponse as E, type GeolocationClientConfig as F, GeolocationClient as G, type UseGeolocationOptions as H, type UseGeolocationResult as I, type JurisdictionConfig as J, type UseAlertsOptions as K, type LocationVerification as L, type UseAlertsResult as M, type LocationRequestStatus as N, type LocationRequestChannel as O, type LocationRequest as P, type CreateLocationRequestRequest as Q, type LocationRequestResult as R, type LocationRequestFilters as S, type LocationRequestListResponse as T, type UpdateJurisdictionRequest as U, type ValidateCipherTextRequest as V, type ResendLocationRequestRequest as W, type WiFiNetwork as X, type LocationCaptureRequest as Y, type LocationShareInfo as Z, type LocationCaptureResponse as _, type CipherTextReason as a, type UseLocationRequestsResult as a0, type UseLocationCaptureOptions as a1, type UseLocationCaptureResult as a2, type CipherTextOptions as b, type CipherTextResult as c, type DecryptedCipherText as d, type CipherTextCustomerData as e, type ValidateCipherTextResponse as f, type VerifyIPRequest as g, type GeoIPResult as h, type GeofenceEvaluation as i, type DeviceFingerprint as j, type DeviceTrustResult as k, type ComplianceCheckResponse as l, type AlertSeverity as m, type AlertType as n, type GeolocationAlert as o, type AlertFilters as p, type AlertListResponse as q, type DashboardMetrics as r, type CreateJurisdictionRequest as s, type GeofenceRuleType as t, type GeofenceAction as u, type GeofenceRule as v, type CreateGeofenceRuleRequest as w, type UpdateGeofenceRuleRequest as x, type UpdateDeviceTrustRequest as y, type GeolocationRecord as z };

package/dist/{client-BfeDYmrZ.d.mts → client-DoczGA6L.d.ts}

@@ -1,4 +1,5 @@
-import { b as Logger, P as PaginationParams, B as BaseClient, R as RequestOptions } from './types-BpKxSXGF.mjs';
+import { L as Logger, B as BaseClient, R as RequestOptions } from './client-DzElM7u-.js';
+import { P as PaginationParams } from './types-DZHongaK.js';
 
 interface DeviceFingerprintRequest {
     device_id: string;
@@ -73,6 +74,10 @@ type CipherTextReason = 'registration' | 'login' | 'transaction' | 'interval_che
 interface CipherTextOptions {
     /** Reason for collection (required) */
     reason: CipherTextReason;
+    /** Public signing key (pk_) for HMAC signing (produces v02 signed cipherText) */
+    signingKey?: string;
+    /** @deprecated Use signingKey instead. API key for HMAC signing (backward compat) */
+    apiKey?: string;
     /** Request GPS location (default: false) */
     requestLocation?: boolean;
     /** GPS timeout in milliseconds (default: 10000) */
@@ -449,6 +454,8 @@ interface GeolocationConfigResponse {
         registration: boolean;
         transaction: boolean;
     };
+    /** Public signing key (pk_) for client-side HMAC signing */
+    signing_key?: string;
 }
 interface GeolocationClientConfig {
     /** Base URL of the API Gateway (e.g., "https://api.example.com") */
@@ -736,6 +743,7 @@ interface UseLocationCaptureResult {
  * transient failures gracefully.
  */
 declare class GeolocationClient extends BaseClient {
+    private cachedSigningKey?;
     constructor(config: GeolocationClientConfig);
     /**
      * Verify an IP address and check compliance
@@ -964,6 +972,23 @@ declare class GeolocationClient extends BaseClient {
      * ```
      */
     captureLocation(token: string, capture: LocationCaptureRequest, requestOptions?: RequestOptions): Promise<LocationCaptureResponse>;
+    /**
+     * Generate a signed cipherText containing device and location data.
+     *
+     * Automatically passes the client's API key for HMAC signing (v02 format).
+     * If no API key is configured, falls back to unsigned v01 format.
+     *
+     * @param options - Options for cipherText generation
+     * @param gpsConfig - Optional GPS config (from getGPSConfig)
+     * @returns CipherText result with the signed string
+     *
+     * @example
+     * ```typescript
+     * const result = await client.generateCipherText({ reason: 'login' });
+     * console.log(result.cipherText); // v02 signed cipherText
+     * ```
+     */
+    generateCipherText(options: Omit<CipherTextOptions, 'apiKey' | 'signingKey'>, gpsConfig?: GeolocationConfigResponse): Promise<CipherTextResult>;
 }
 
 export { type UseLocationRequestsOptions as $, type AlertStatus as A, type APIError as B, type CipherTextPayload as C, type DeviceFingerprintRequest as D, type GeolocationConfigResponse as E, type GeolocationClientConfig as F, GeolocationClient as G, type UseGeolocationOptions as H, type UseGeolocationResult as I, type JurisdictionConfig as J, type UseAlertsOptions as K, type LocationVerification as L, type UseAlertsResult as M, type LocationRequestStatus as N, type LocationRequestChannel as O, type LocationRequest as P, type CreateLocationRequestRequest as Q, type LocationRequestResult as R, type LocationRequestFilters as S, type LocationRequestListResponse as T, type UpdateJurisdictionRequest as U, type ValidateCipherTextRequest as V, type ResendLocationRequestRequest as W, type WiFiNetwork as X, type LocationCaptureRequest as Y, type LocationShareInfo as Z, type LocationCaptureResponse as _, type CipherTextReason as a, type UseLocationRequestsResult as a0, type UseLocationCaptureOptions as a1, type UseLocationCaptureResult as a2, type CipherTextOptions as b, type CipherTextResult as c, type DecryptedCipherText as d, type CipherTextCustomerData as e, type ValidateCipherTextResponse as f, type VerifyIPRequest as g, type GeoIPResult as h, type GeofenceEvaluation as i, type DeviceFingerprint as j, type DeviceTrustResult as k, type ComplianceCheckResponse as l, type AlertSeverity as m, type AlertType as n, type GeolocationAlert as o, type AlertFilters as p, type AlertListResponse as q, type DashboardMetrics as r, type CreateJurisdictionRequest as s, type GeofenceRuleType as t, type GeofenceAction as u, type GeofenceRule as v, type CreateGeofenceRuleRequest as w, type UpdateGeofenceRuleRequest as x, type UpdateDeviceTrustRequest as y, type GeolocationRecord as z };

package/dist/client-DzElM7u-.d.mts

@@ -0,0 +1,238 @@
+/**
+ * Circuit breaker pattern for resilient HTTP requests.
+ *
+ * States: closed (normal) -> open (failing) -> half-open (testing) -> closed
+ */
+type CircuitBreakerState = 'closed' | 'open' | 'half-open';
+interface CircuitBreakerConfig {
+    /** Number of consecutive failures before opening the circuit (default: 5) */
+    failureThreshold?: number;
+    /** Time in ms to wait before transitioning from open to half-open (default: 30000) */
+    resetTimeout?: number;
+    /** Number of successes in half-open state before closing (default: 1) */
+    successThreshold?: number;
+}
+interface CircuitBreakerStatus {
+    state: CircuitBreakerState;
+    failures: number;
+    successes: number;
+    lastFailureTime: number | null;
+    nextRetryTime: number | null;
+}
+declare class CircuitBreaker {
+    private state;
+    private failures;
+    private successes;
+    private lastFailureTime;
+    private readonly failureThreshold;
+    private readonly resetTimeout;
+    private readonly successThreshold;
+    constructor(config?: CircuitBreakerConfig);
+    /**
+     * Check if a request can proceed through the circuit breaker.
+     */
+    canExecute(): boolean;
+    /**
+     * Record a successful request.
+     */
+    onSuccess(): void;
+    /**
+     * Record a failed request.
+     */
+    onFailure(): void;
+    /**
+     * Get current circuit breaker status.
+     */
+    getStatus(): CircuitBreakerStatus;
+    /**
+     * Reset the circuit breaker to its initial closed state.
+     */
+    reset(): void;
+}
+
+/**
+ * Configuration types for Vesant SDK clients
+ */
+
+interface Logger {
+    debug(message: string, meta?: Record<string, unknown>): void;
+    info(message: string, meta?: Record<string, unknown>): void;
+    warn(message: string, meta?: Record<string, unknown>): void;
+    error(message: string, meta?: Record<string, unknown>): void;
+}
+interface RequestOptions {
+    signal?: AbortSignal;
+    /** Idempotency key for POST/PUT/PATCH requests */
+    idempotencyKey?: string;
+}
+interface RequestInterceptor {
+    /** Called before each request. Can modify headers or options. */
+    onRequest?: (url: string, options: RequestInit) => RequestInit | Promise<RequestInit>;
+    /** Called after a successful response. Can inspect or transform data. */
+    onResponse?: (url: string, data: unknown) => unknown | Promise<unknown>;
+    /** Called when a request fails. Can handle or re-throw. */
+    onError?: (url: string, error: Error) => void | Promise<void>;
+}
+interface BaseClientConfig {
+    /** Base URL for the service */
+    baseURL: string;
+    /** Tenant ID for multi-tenancy */
+    tenantId: string;
+    /** Optional API key for authentication */
+    apiKey?: string;
+    /** Custom headers to include in all requests */
+    headers?: Record<string, string>;
+    /** Request timeout in milliseconds (default: 10000) */
+    timeout?: number;
+    /** Number of retry attempts (default: 3) */
+    retries?: number;
+    /** Enable debug logging (default: false) */
+    debug?: boolean;
+    /** Request/response interceptors */
+    interceptors?: RequestInterceptor[];
+    /** Custom logger instance */
+    logger?: Logger;
+    /** Environment mode (default: 'production') */
+    environment?: 'production' | 'sandbox';
+    /** Base URL to use in sandbox mode */
+    sandboxBaseURL?: string;
+    /** Circuit breaker configuration */
+    circuitBreaker?: CircuitBreakerConfig;
+    /** Enable rate limit header tracking (default: false) */
+    enableRateLimitTracking?: boolean;
+}
+interface CGSConfig {
+    /** Base URL for the Vesant API */
+    baseURL: string;
+    /** Tenant ID for multi-tenancy */
+    tenantId: string;
+    /** Optional API key for authentication */
+    apiKey?: string;
+    /** Custom headers to include in all requests */
+    headers?: Record<string, string>;
+    /** Request timeout in milliseconds (default: 10000) */
+    timeout?: number;
+    /** Number of retry attempts for failed requests (default: 3) */
+    retries?: number;
+    /** Enable debug logging (default: false) */
+    debug?: boolean;
+    /** Automatically create customer profiles on geolocation verification (default: true) */
+    autoCreateProfiles?: boolean;
+    /** Sync mode: 'async' uses events, 'sync' uses direct API calls (default: 'sync') */
+    syncMode?: 'async' | 'sync';
+    /** Request/response interceptors */
+    interceptors?: RequestInterceptor[];
+    /** Custom logger instance */
+    logger?: Logger;
+    /** Environment mode (default: 'production') */
+    environment?: 'production' | 'sandbox';
+    /** Base URL to use in sandbox mode */
+    sandboxBaseURL?: string;
+    /** Circuit breaker configuration */
+    circuitBreaker?: CircuitBreakerConfig;
+    /** Enable rate limit header tracking (default: false) */
+    enableRateLimitTracking?: boolean;
+}
+/** CGSConfig with core fields required, enterprise features remain optional */
+type RequiredCGSConfig = Required<Pick<CGSConfig, 'baseURL' | 'tenantId' | 'apiKey' | 'headers' | 'timeout' | 'retries' | 'debug' | 'autoCreateProfiles' | 'syncMode' | 'interceptors' | 'logger'>> & Pick<CGSConfig, 'environment' | 'sandboxBaseURL' | 'circuitBreaker' | 'enableRateLimitTracking'>;
+/** BaseClientConfig with core fields required, enterprise features remain optional */
+type RequiredBaseClientConfig = Required<Pick<BaseClientConfig, 'baseURL' | 'tenantId' | 'apiKey' | 'headers' | 'timeout' | 'retries' | 'debug' | 'interceptors' | 'logger'>> & Pick<BaseClientConfig, 'environment' | 'sandboxBaseURL' | 'circuitBreaker' | 'enableRateLimitTracking'>;
+
+/**
+ * Rate limit tracking from API response headers.
+ *
+ * Tracks X-RateLimit-* headers to enable pre-flight checks
+ * before making requests.
+ */
+interface RateLimitStatus {
+    /** Maximum requests allowed in the window */
+    limit: number | null;
+    /** Remaining requests in the current window */
+    remaining: number | null;
+    /** Unix timestamp (seconds) when the rate limit resets */
+    reset: number | null;
+    /** Seconds until the rate limit resets */
+    retryAfter: number | null;
+}
+declare class RateLimitTracker {
+    private limit;
+    private remaining;
+    private reset;
+    private retryAfter;
+    /**
+     * Extract rate limit information from response headers.
+     */
+    updateFromHeaders(headers: Headers): void;
+    /**
+     * Check if the rate limit has been exceeded based on tracked headers.
+     */
+    isLimitExceeded(): boolean;
+    /**
+     * Get current rate limit status.
+     */
+    getStatus(): RateLimitStatus;
+}
+
+/**
+ * Base HTTP client for all CGS SDK clients
+ *
+ * Provides common functionality:
+ * - Request/response handling
+ * - Error handling
+ * - Retry logic with exponential backoff
+ * - Timeout management
+ * - Debug logging
+ */
+
+declare abstract class BaseClient {
+    protected config: BaseClientConfig & {
+        timeout: number;
+        retries: number;
+    };
+    protected logger: Logger;
+    private interceptors;
+    private circuitBreaker;
+    private rateLimitTracker;
+    constructor(config: BaseClientConfig);
+    /**
+     * Make an HTTP request with timeout and error handling
+     */
+    protected request<T>(endpoint: string, options?: RequestInit, serviceURL?: string, requestOptions?: RequestOptions): Promise<T>;
+    /**
+     * Make an HTTP request with retry logic
+     */
+    protected requestWithRetry<T>(endpoint: string, options?: RequestInit, serviceURL?: string, retries?: number, requestOptions?: RequestOptions): Promise<T>;
+    /**
+     * Handle error responses from API
+     */
+    protected handleErrorResponse(status: number, data: Record<string, unknown>, requestId?: string): never;
+    /**
+     * Build query string from parameters
+     */
+    protected buildQueryString(params: Record<string, unknown>): string;
+    /**
+     * Update client configuration
+     */
+    updateConfig(config: Partial<BaseClientConfig>): void;
+    /**
+     * Get current configuration (readonly)
+     */
+    getConfig(): Readonly<BaseClientConfig>;
+    /**
+     * Get rate limit status from tracked response headers.
+     */
+    getRateLimitStatus(): RateLimitStatus | null;
+    /**
+     * Get circuit breaker status.
+     */
+    getCircuitBreakerStatus(): CircuitBreakerStatus | null;
+    /**
+     * Health check endpoint
+     */
+    healthCheck(): Promise<{
+        status: string;
+        timestamp: string;
+    }>;
+}
+
+export { BaseClient as B, type CircuitBreakerConfig as C, type Logger as L, type RequestOptions as R, type RequestInterceptor as a, type BaseClientConfig as b, type CGSConfig as c, type RequiredCGSConfig as d, type RequiredBaseClientConfig as e, type CircuitBreakerState as f, type CircuitBreakerStatus as g, CircuitBreaker as h, type RateLimitStatus as i, RateLimitTracker as j };

package/dist/client-DzElM7u-.d.ts

@@ -0,0 +1,238 @@
+/**
+ * Circuit breaker pattern for resilient HTTP requests.
+ *
+ * States: closed (normal) -> open (failing) -> half-open (testing) -> closed
+ */
+type CircuitBreakerState = 'closed' | 'open' | 'half-open';
+interface CircuitBreakerConfig {
+    /** Number of consecutive failures before opening the circuit (default: 5) */
+    failureThreshold?: number;
+    /** Time in ms to wait before transitioning from open to half-open (default: 30000) */
+    resetTimeout?: number;
+    /** Number of successes in half-open state before closing (default: 1) */
+    successThreshold?: number;
+}
+interface CircuitBreakerStatus {
+    state: CircuitBreakerState;
+    failures: number;
+    successes: number;
+    lastFailureTime: number | null;
+    nextRetryTime: number | null;
+}
+declare class CircuitBreaker {
+    private state;
+    private failures;
+    private successes;
+    private lastFailureTime;
+    private readonly failureThreshold;
+    private readonly resetTimeout;
+    private readonly successThreshold;
+    constructor(config?: CircuitBreakerConfig);
+    /**
+     * Check if a request can proceed through the circuit breaker.
+     */
+    canExecute(): boolean;
+    /**
+     * Record a successful request.
+     */
+    onSuccess(): void;
+    /**
+     * Record a failed request.
+     */
+    onFailure(): void;
+    /**
+     * Get current circuit breaker status.
+     */
+    getStatus(): CircuitBreakerStatus;
+    /**
+     * Reset the circuit breaker to its initial closed state.
+     */
+    reset(): void;
+}
+
+/**
+ * Configuration types for Vesant SDK clients
+ */
+
+interface Logger {
+    debug(message: string, meta?: Record<string, unknown>): void;
+    info(message: string, meta?: Record<string, unknown>): void;
+    warn(message: string, meta?: Record<string, unknown>): void;
+    error(message: string, meta?: Record<string, unknown>): void;
+}
+interface RequestOptions {
+    signal?: AbortSignal;
+    /** Idempotency key for POST/PUT/PATCH requests */
+    idempotencyKey?: string;
+}
+interface RequestInterceptor {
+    /** Called before each request. Can modify headers or options. */
+    onRequest?: (url: string, options: RequestInit) => RequestInit | Promise<RequestInit>;
+    /** Called after a successful response. Can inspect or transform data. */
+    onResponse?: (url: string, data: unknown) => unknown | Promise<unknown>;
+    /** Called when a request fails. Can handle or re-throw. */
+    onError?: (url: string, error: Error) => void | Promise<void>;
+}
+interface BaseClientConfig {
+    /** Base URL for the service */
+    baseURL: string;
+    /** Tenant ID for multi-tenancy */
+    tenantId: string;
+    /** Optional API key for authentication */
+    apiKey?: string;
+    /** Custom headers to include in all requests */
+    headers?: Record<string, string>;
+    /** Request timeout in milliseconds (default: 10000) */
+    timeout?: number;
+    /** Number of retry attempts (default: 3) */
+    retries?: number;
+    /** Enable debug logging (default: false) */
+    debug?: boolean;
+    /** Request/response interceptors */
+    interceptors?: RequestInterceptor[];
+    /** Custom logger instance */
+    logger?: Logger;
+    /** Environment mode (default: 'production') */
+    environment?: 'production' | 'sandbox';
+    /** Base URL to use in sandbox mode */
+    sandboxBaseURL?: string;
+    /** Circuit breaker configuration */
+    circuitBreaker?: CircuitBreakerConfig;
+    /** Enable rate limit header tracking (default: false) */
+    enableRateLimitTracking?: boolean;
+}
+interface CGSConfig {
+    /** Base URL for the Vesant API */
+    baseURL: string;
+    /** Tenant ID for multi-tenancy */
+    tenantId: string;
+    /** Optional API key for authentication */
+    apiKey?: string;
+    /** Custom headers to include in all requests */
+    headers?: Record<string, string>;
+    /** Request timeout in milliseconds (default: 10000) */
+    timeout?: number;
+    /** Number of retry attempts for failed requests (default: 3) */
+    retries?: number;
+    /** Enable debug logging (default: false) */
+    debug?: boolean;
+    /** Automatically create customer profiles on geolocation verification (default: true) */
+    autoCreateProfiles?: boolean;
+    /** Sync mode: 'async' uses events, 'sync' uses direct API calls (default: 'sync') */
+    syncMode?: 'async' | 'sync';
+    /** Request/response interceptors */
+    interceptors?: RequestInterceptor[];
+    /** Custom logger instance */
+    logger?: Logger;
+    /** Environment mode (default: 'production') */
+    environment?: 'production' | 'sandbox';
+    /** Base URL to use in sandbox mode */
+    sandboxBaseURL?: string;
+    /** Circuit breaker configuration */
+    circuitBreaker?: CircuitBreakerConfig;
+    /** Enable rate limit header tracking (default: false) */
+    enableRateLimitTracking?: boolean;
+}
+/** CGSConfig with core fields required, enterprise features remain optional */
+type RequiredCGSConfig = Required<Pick<CGSConfig, 'baseURL' | 'tenantId' | 'apiKey' | 'headers' | 'timeout' | 'retries' | 'debug' | 'autoCreateProfiles' | 'syncMode' | 'interceptors' | 'logger'>> & Pick<CGSConfig, 'environment' | 'sandboxBaseURL' | 'circuitBreaker' | 'enableRateLimitTracking'>;
+/** BaseClientConfig with core fields required, enterprise features remain optional */
+type RequiredBaseClientConfig = Required<Pick<BaseClientConfig, 'baseURL' | 'tenantId' | 'apiKey' | 'headers' | 'timeout' | 'retries' | 'debug' | 'interceptors' | 'logger'>> & Pick<BaseClientConfig, 'environment' | 'sandboxBaseURL' | 'circuitBreaker' | 'enableRateLimitTracking'>;
+
+/**
+ * Rate limit tracking from API response headers.
+ *
+ * Tracks X-RateLimit-* headers to enable pre-flight checks
+ * before making requests.
+ */
+interface RateLimitStatus {
+    /** Maximum requests allowed in the window */
+    limit: number | null;
+    /** Remaining requests in the current window */
+    remaining: number | null;
+    /** Unix timestamp (seconds) when the rate limit resets */
+    reset: number | null;
+    /** Seconds until the rate limit resets */
+    retryAfter: number | null;
+}
+declare class RateLimitTracker {
+    private limit;
+    private remaining;
+    private reset;
+    private retryAfter;
+    /**
+     * Extract rate limit information from response headers.
+     */
+    updateFromHeaders(headers: Headers): void;
+    /**
+     * Check if the rate limit has been exceeded based on tracked headers.
+     */
+    isLimitExceeded(): boolean;
+    /**
+     * Get current rate limit status.
+     */
+    getStatus(): RateLimitStatus;
+}
+
+/**
+ * Base HTTP client for all CGS SDK clients
+ *
+ * Provides common functionality:
+ * - Request/response handling
+ * - Error handling
+ * - Retry logic with exponential backoff
+ * - Timeout management
+ * - Debug logging
+ */
+
+declare abstract class BaseClient {
+    protected config: BaseClientConfig & {
+        timeout: number;
+        retries: number;
+    };
+    protected logger: Logger;
+    private interceptors;
+    private circuitBreaker;
+    private rateLimitTracker;
+    constructor(config: BaseClientConfig);
+    /**
+     * Make an HTTP request with timeout and error handling
+     */
+    protected request<T>(endpoint: string, options?: RequestInit, serviceURL?: string, requestOptions?: RequestOptions): Promise<T>;
+    /**
+     * Make an HTTP request with retry logic
+     */
+    protected requestWithRetry<T>(endpoint: string, options?: RequestInit, serviceURL?: string, retries?: number, requestOptions?: RequestOptions): Promise<T>;
+    /**
+     * Handle error responses from API
+     */
+    protected handleErrorResponse(status: number, data: Record<string, unknown>, requestId?: string): never;
+    /**
+     * Build query string from parameters
+     */
+    protected buildQueryString(params: Record<string, unknown>): string;
+    /**
+     * Update client configuration
+     */
+    updateConfig(config: Partial<BaseClientConfig>): void;
+    /**
+     * Get current configuration (readonly)
+     */
+    getConfig(): Readonly<BaseClientConfig>;
+    /**
+     * Get rate limit status from tracked response headers.
+     */
+    getRateLimitStatus(): RateLimitStatus | null;
+    /**
+     * Get circuit breaker status.
+     */
+    getCircuitBreakerStatus(): CircuitBreakerStatus | null;
+    /**
+     * Health check endpoint
+     */
+    healthCheck(): Promise<{
+        status: string;
+        timestamp: string;
+    }>;
+}
+
+export { BaseClient as B, type CircuitBreakerConfig as C, type Logger as L, type RequestOptions as R, type RequestInterceptor as a, type BaseClientConfig as b, type CGSConfig as c, type RequiredCGSConfig as d, type RequiredBaseClientConfig as e, type CircuitBreakerState as f, type CircuitBreakerStatus as g, CircuitBreaker as h, type RateLimitStatus as i, RateLimitTracker as j };

package/dist/compliance/index.d.mts

@@ -1,8 +1,9 @@
-import { D as DeviceFingerprintRequest, L as LocationVerification, P as LocationRequest, G as GeolocationClient, S as LocationRequestFilters, T as LocationRequestListResponse } from '../client-BfeDYmrZ.mjs';
-export { Q as CreateLocationRequestRequest, Y as LocationCaptureRequest, _ as LocationCaptureResponse, O as LocationRequestChannel, R as LocationRequestResult, N as LocationRequestStatus, Z as LocationShareInfo, W as ResendLocationRequestRequest } from '../client-BfeDYmrZ.mjs';
+import { D as DeviceFingerprintRequest, L as LocationVerification, P as LocationRequest, G as GeolocationClient, S as LocationRequestFilters, T as LocationRequestListResponse } from '../client-B6fUFAUM.mjs';
+export { Q as CreateLocationRequestRequest, Y as LocationCaptureRequest, _ as LocationCaptureResponse, O as LocationRequestChannel, R as LocationRequestResult, N as LocationRequestStatus, Z as LocationShareInfo, W as ResendLocationRequestRequest } from '../client-B6fUFAUM.mjs';
 import { RiskProfileClient } from '../risk-profile/index.mjs';
-import { E as EntityType, e as CGSConfig, R as RequestOptions, P as PaginationParams } from '../types-BpKxSXGF.mjs';
-import { C as CustomerProfile } from '../types-DKCQN4C5.mjs';
+import { c as CGSConfig, R as RequestOptions } from '../client-DzElM7u-.mjs';
+import { C as CustomerProfile } from '../types-jaLuzruy.mjs';
+import { E as EntityType, P as PaginationParams } from '../types-DZHongaK.mjs';
 
 interface RegistrationVerificationRequest {
     customerId: string;

package/dist/compliance/index.d.ts

@@ -1,8 +1,9 @@
-import { D as DeviceFingerprintRequest, L as LocationVerification, P as LocationRequest, G as GeolocationClient, S as LocationRequestFilters, T as LocationRequestListResponse } from '../client-i5QtnFIa.js';
-export { Q as CreateLocationRequestRequest, Y as LocationCaptureRequest, _ as LocationCaptureResponse, O as LocationRequestChannel, R as LocationRequestResult, N as LocationRequestStatus, Z as LocationShareInfo, W as ResendLocationRequestRequest } from '../client-i5QtnFIa.js';
+import { D as DeviceFingerprintRequest, L as LocationVerification, P as LocationRequest, G as GeolocationClient, S as LocationRequestFilters, T as LocationRequestListResponse } from '../client-DoczGA6L.js';
+export { Q as CreateLocationRequestRequest, Y as LocationCaptureRequest, _ as LocationCaptureResponse, O as LocationRequestChannel, R as LocationRequestResult, N as LocationRequestStatus, Z as LocationShareInfo, W as ResendLocationRequestRequest } from '../client-DoczGA6L.js';
 import { RiskProfileClient } from '../risk-profile/index.js';
-import { E as EntityType, e as CGSConfig, R as RequestOptions, P as PaginationParams } from '../types-BpKxSXGF.js';
-import { C as CustomerProfile } from '../types-DfHLp_tz.js';
+import { c as CGSConfig, R as RequestOptions } from '../client-DzElM7u-.js';
+import { C as CustomerProfile } from '../types-DLC7Sfy5.js';
+import { E as EntityType, P as PaginationParams } from '../types-DZHongaK.js';
 
 interface RegistrationVerificationRequest {
     customerId: string;