Feature/enhanced payment features

.env.example

@@ -0,0 +1,14 @@
+# Example .env file for local E2E tests
+# Copy this file to .env.local and insert your real values
+
+# IMPORTANT: E2E tests require pre-configured keys
+# The activation code must NOT be included because it can only be used once
+# Generate the keys manually using: npx satispay-keygen
+
+# Satispay authentication keys (REQUIRED for E2E tests)
+SATISPAY_PUBLIC_KEY="-----BEGIN PUBLIC KEY-----\nyour_public_key_here\n-----END PUBLIC KEY-----"
+SATISPAY_PRIVATE_KEY="-----BEGIN PRIVATE KEY-----\nyour_private_key_here\n-----END PRIVATE KEY-----"
+SATISPAY_KEY_ID=your_key_id_here
+
+# NOTE: The environment is forced to 'staging' for security
+# It cannot be modified in E2E tests

.github/workflows/build.yml

@@ -0,0 +1,36 @@
+name: Build library
+
+on:
+    workflow_call:
+
+jobs:
+    build:
+        runs-on: ubuntu-latest
+        steps:
+            - uses: actions/checkout@v4
+
+            - uses: pnpm/action-setup@v4
+
+            - name: Use Node.js ${{ matrix.node-version }}
+              uses: actions/setup-node@v4
+              with:
+                  node-version: ${{ matrix.node-version }}
+                  cache: 'pnpm'
+
+            - name: Install dependencies
+              run: pnpm install --no-frozen-lockfile
+
+            - name: Build release
+              run: pnpm build
+
+            - name: Bump version with release tag name
+              run: pnpm version --no-git-tag-version ${{ github.event.release.tag_name }}
+
+            - name: Pack package
+              run: pnpm pack
+
+            - name: Upload artifact
+              uses: actions/upload-artifact@v4
+              with:
+                  name: package
+                  path: 'volverjs-satispay-node-sdk-*.tgz'

.github/workflows/main.yml

@@ -0,0 +1,57 @@
+name: Main pipeline
+
+on:
+    #  Runs on release publish
+    release:
+        types: [published]
+
+jobs:
+    analysis:
+        uses: ./.github/workflows/sonarcloud.yml
+        secrets: inherit
+
+    build:
+        uses: ./.github/workflows/build.yml
+
+    test:
+        needs: build
+        uses: ./.github/workflows/test.yml
+
+    publish-npm:
+        needs: [test, analysis]
+        runs-on: ubuntu-latest
+        steps:
+            - name: Download artifact
+              uses: actions/download-artifact@v4
+              with:
+                  name: package
+
+            - uses: actions/setup-node@v4
+              with:
+                  node-version: 20
+                  registry-url: https://registry.npmjs.org/
+
+            - run: npm publish $(ls *.tgz) --access=public --tag ${{ github.event.release.prerelease && 'next' || 'latest'}}
+              env:
+                  NODE_AUTH_TOKEN: ${{secrets.NPM_TOKEN}}
+
+    publish-gpr:
+        needs: [test, analysis]
+        runs-on: ubuntu-latest
+        permissions:
+            contents: read
+            packages: write
+        steps:
+            - name: Download artifact
+              uses: actions/download-artifact@v4
+              with:
+                  name: package
+
+            - uses: actions/setup-node@v4
+              with:
+                  node-version: 20
+                  registry-url: https://npm.pkg.github.com/
+
+            - run: npm publish $(ls *.tgz) --access=public --tag ${{ github.event.release.prerelease && 'next' || 'latest'}}
+              env:
+                  NODE_AUTH_TOKEN: ${{secrets.GITHUB_TOKEN}}

.github/workflows/pr-check-suite.yml

@@ -0,0 +1,26 @@
+name: Check PR
+
+on:
+    # Run on pull request
+    pull_request:
+        branches: [main, develop]
+
+# Sets permissions of the GITHUB_TOKEN
+permissions:
+    contents: write
+    pages: write
+    id-token: write
+    pull-requests: write
+
+jobs:
+    analysis:
+        uses: ./.github/workflows/sonarcloud.yml
+        secrets: inherit
+
+    build:
+        uses: ./.github/workflows/build.yml
+
+    test:
+        needs: build
+        uses: ./.github/workflows/test.yml
+

.github/workflows/release-tag.yml

@@ -0,0 +1,26 @@
+on:
+    push:
+        tags:
+            - 'v*' # Push events to matching v*, i.e. v1.0, v20.15.10
+
+name: Create Release
+
+jobs:
+    build:
+        permissions:
+            contents: write # to create release (yyx990803/release-tag)
+
+        name: Create Release
+        runs-on: ubuntu-latest
+        steps:
+            - name: Checkout code
+              uses: actions/checkout@master
+            - name: Create Release for Tag
+              id: release_tag
+              uses: yyx990803/release-tag@master
+              env:
+                  GITHUB_TOKEN: ${{ secrets.RELEASE_TAG_GITHUB_TOKEN }}
+              with:
+                  tag_name: ${{ github.ref }}
+                  body: |
+                      Please refer to [CHANGELOG.md](https://github.com/volverjs/satispay-node-sdk/blob/${{ contains(github.ref, 'beta') && 'develop' || 'main'}}/CHANGELOG.md) for details.

.github/workflows/sonarcloud.yml

@@ -0,0 +1,22 @@
+name: SonarCloud analysis
+
+on:
+    workflow_call:
+
+jobs:
+    sonarcloud:
+        name: SonarCloud
+        runs-on: ubuntu-latest
+        steps:
+            - uses: actions/checkout@v4
+              if: env.SONAR_TOKEN
+              env:
+                  SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+              with:
+                  fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis
+            - name: SonarCloud Scan
+              if: env.SONAR_TOKEN
+              uses: SonarSource/sonarcloud-github-action@master
+              env:
+                  GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Needed to get PR information, if any
+                  SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}

.github/workflows/test.yml

@@ -0,0 +1,49 @@
+name: Run library test
+
+on:
+    workflow_call:
+
+jobs:
+    vitest:
+        timeout-minutes: 60
+        runs-on: ubuntu-latest
+        steps:
+            - uses: actions/checkout@v4
+
+            - uses: actions/setup-node@v4
+              with:
+                  node-version: 20
+
+            - uses: pnpm/action-setup@v4
+
+            - name: Use Node.js ${{ matrix.node-version }}
+              uses: actions/setup-node@v4
+              with:
+                  node-version: ${{ matrix.node-version }}
+                  cache: 'pnpm'
+
+            - name: Install dependencies
+              run: pnpm install --no-frozen-lockfile
+
+            - name: Test
+              run: pnpm test
+              env:
+                SATISPAY_PUBLIC_KEY: ${{ secrets.SATISPAY_PUBLIC_KEY }}
+                SATISPAY_PRIVATE_KEY: ${{ secrets.SATISPAY_PRIVATE_KEY }}
+                SATISPAY_KEY_ID: ${{ secrets.SATISPAY_KEY_ID }}
+
+            - name: Test Coverage
+              run: pnpm test:coverage
+              env:
+                SATISPAY_PUBLIC_KEY: ${{ secrets.SATISPAY_PUBLIC_KEY }}
+                SATISPAY_PRIVATE_KEY: ${{ secrets.SATISPAY_PRIVATE_KEY }}
+                SATISPAY_KEY_ID: ${{ secrets.SATISPAY_KEY_ID }}
+
+            - name: Upload coverage to Codecov
+              uses: codecov/codecov-action@v4
+              if: matrix.os == 'ubuntu-latest' && matrix.node-version == '20.x'
+              with:
+                token: ${{ secrets.CODECOV_TOKEN }}
+                files: ./coverage/coverage-final.json
+                flags: unittests
+                name: codecov-umbrella

.gitignore

@@ -2,4 +2,4 @@ examples/authentication.json
 node_modules
 dist
 coverage
-*.env.local
+*.local

CHANGELOG.md

@@ -5,67 +5,36 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
-## [Unreleased]
-
-### Added
-- Comprehensive test suite with 66 tests and 72% coverage
-- GitHub Actions CI/CD workflows for automated testing and npm publishing
-- Vitest test framework with UI and coverage reporting
-- Support for multiple runtimes: Node.js 18+, Deno 1.30+, Bun 1.0+
-
-### Changed
-- Migrated build system from TypeScript compiler to Vite
-- Improved TypeScript declaration generation with vite-plugin-dts
-- Tests moved to dedicated `tests/` folder for better organization
-
-### Fixed
-- TypeScript declaration files output to correct location in dist/
-
-## [0.0.1] - TBD
+## [0.0.1] - 2025-12-01
 
 ### Added
 - Initial implementation of Satispay GBusiness Node.js SDK
-- Api class for configuration and environment management
-- ApiAuthentication for token-based authentication
-- Payment operations (create, get, list, update)
-- Consumer operations (get consumer details)
-- DailyClosure operations (get daily closure reports)
-- PreAuthorizedPaymentToken operations (create, get, list, accept, reject)
-- Request class for HTTP operations with automatic signing
-- RSA service for key generation and cryptographic operations
-- Support for both Node.js crypto and Web Crypto API
-- CLI tool `satispay-keygen` for generating RSA key pairs
-- Comprehensive examples for common operations
-- Zero runtime dependencies
-
-### API Methods
-
-#### Authentication
-- `Api.authenticateWithToken(token: string)` - Generate keys and authenticate
-
-#### Configuration
-- `Api.setEnv(env: Environment)` - Set environment (staging/production)
-- `Api.setKeys(keyId: string, privateKey: string)` - Set authentication keys
-- `Api.setPlatformHeader(value: string)` - Set platform identification header
-
-#### Payment Operations
-- `Payment.create(options)` - Create a new payment
-- `Payment.get(id: string)` - Get payment details
-- `Payment.list(options)` - List payments with filters
-- `Payment.update(id: string, options)` - Update payment metadata
-
-#### Consumer Operations
-- `Consumer.get(id: string)` - Get consumer details
-
-#### Daily Closure Operations
-- `DailyClosure.get(date: Date)` - Get daily closure report
+- Zero runtime dependencies - uses only native APIs (fetch, crypto)
+- Multi-runtime support: Node.js 18+, Deno 1.30+, Bun 1.0+
+- Complete TypeScript definitions with full type safety
+
+#### API Classes
+- `Api` - Configuration and environment management
+- `ApiAuthentication` - Token-based authentication and key generation
+- `Payment` - Create, retrieve, list, and update payments (including meal vouchers and fringe benefits)
+- `Consumer` - Retrieve consumer information
+- `DailyClosure` - Get daily closure reports
+- `PreAuthorizedPaymentToken` - Manage pre-authorized payment tokens
+- `Report` - Generate and retrieve payment reports (CSV, PDF, XLSX)
+- `Session` - POS integration for fund lock payments with incremental charging
+- `Request` - HTTP operations with automatic RSA-SHA256 signing
+- `RSAService` - Key generation and cryptographic operations
+
+#### Tools & Testing
+- CLI tool `satispay-keygen` for RSA key pair generation
+- Comprehensive test suite with 163 tests using Vitest
+- E2E tests for integration testing with staging environment
+- GitHub Actions CI/CD workflows for automated testing and npm publishing
+- Vite-based build system with optimized TypeScript declaration generation
 
-#### Pre-Authorized Payment Tokens
-- `PreAuthorizedPaymentToken.create(options)` - Create token
-- `PreAuthorizedPaymentToken.get(token: string)` - Get token details
-- `PreAuthorizedPaymentToken.list()` - List tokens
-- `PreAuthorizedPaymentToken.accept(token: string)` - Accept token
-- `PreAuthorizedPaymentToken.reject(token: string)` - Reject token
+#### Documentation & Examples
+- Complete API documentation in README
+- Example files for all major operations (payments, reports, sessions, webhooks, etc.)
+- Runtime-specific examples for Node.js, Deno, and Bun
 
-[Unreleased]: https://github.com/volverjs/satispay-node-sdk/compare/v0.0.1...HEAD
 [0.0.1]: https://github.com/volverjs/satispay-node-sdk/releases/tag/v0.0.1