From f7abde6f21d65ba05ca1eeb60fadff8ec7d0625d Mon Sep 17 00:00:00 2001
From: BenKalsky <ben@digitizer.co.il>
Date: Fri, 1 May 2026 18:27:43 +0300
Subject: [PATCH] fix: publish package under godigitizer npm scope

---
 CLAUDE.md                      |  6 +++---
 README.md                      | 30 +++++++++++++++---------------
 package.json                   |  6 +++---
 pnpm-lock.yaml                 | 12 ++++++------
 src/next/createChargeRoute.ts  |  4 ++--
 src/next/createWebhookRoute.ts |  4 ++--
 6 files changed, 31 insertions(+), 31 deletions(-)

diff --git a/CLAUDE.md b/CLAUDE.md
index f3f3f08..7c6dd4d 100644
--- a/CLAUDE.md
+++ b/CLAUDE.md
@@ -4,9 +4,9 @@ Guidance for AI assistants working in this repository.
 
 ## Project
 
-`@digitizers/sumit-react` — React component (`<SumitCheckout />`), checkout state hook (`useSumitCheckout`), and Next.js route helpers (`createSumitChargeRoute`, `createSumitWebhookRoute`) for SUMIT / OfficeGuy / Upay payments.
+`@godigitizer/sumit-react` — React component (`<SumitCheckout />`), checkout state hook (`useSumitCheckout`), and Next.js route helpers (`createSumitChargeRoute`, `createSumitWebhookRoute`) for SUMIT / OfficeGuy / Upay payments.
 
-Companion package: [`@digitizers/sumit-api`](https://github.com/Digitizers/sumit-api) (peer dependency).
+Companion package: [`@godigitizer/sumit-api`](https://github.com/Digitizers/sumit-api) (peer dependency).
 
 ## Architecture
 
@@ -34,7 +34,7 @@ This package handles payments. Three rules:
 2. **Webhook verification is constant-time AND length-independent.** `verifySumitSharedSecret` hashes both the candidate and the secret to a fixed-length digest before comparing — a length-dependent path leaks the secret's byte-length via response timing.
 3. **Tokenization is single-flight.** `<SumitCheckout />` uses a synchronous `useRef` guard so two rapid submits cannot both fire `CreateToken` (a stale-closure on `useState` would let the second slip through).
 
-All payloads forwarded to clients pass through `redactSumitPayload` from `@digitizers/sumit-api`.
+All payloads forwarded to clients pass through `redactSumitPayload` from `@godigitizer/sumit-api`.
 
 ## Workflow
 
diff --git a/README.md b/README.md
index 8f9f70d..6ca6d7c 100644
--- a/README.md
+++ b/README.md
@@ -1,12 +1,12 @@
-# @digitizers/sumit-react
+# @godigitizer/sumit-react
 
-[![npm](https://img.shields.io/npm/v/@digitizers/sumit-react.svg)](https://www.npmjs.com/package/@digitizers/sumit-react)
-[![types](https://img.shields.io/npm/types/@digitizers/sumit-react.svg)](https://www.npmjs.com/package/@digitizers/sumit-react)
-[![license](https://img.shields.io/npm/l/@digitizers/sumit-react.svg)](LICENSE)
+[![npm](https://img.shields.io/npm/v/@godigitizer/sumit-react.svg)](https://www.npmjs.com/package/@godigitizer/sumit-react)
+[![types](https://img.shields.io/npm/types/@godigitizer/sumit-react.svg)](https://www.npmjs.com/package/@godigitizer/sumit-react)
+[![license](https://img.shields.io/npm/l/@godigitizer/sumit-react.svg)](LICENSE)
 [![react](https://img.shields.io/badge/react-%E2%89%A518-61DAFB?logo=react&logoColor=white)](package.json)
 [![next](https://img.shields.io/badge/next.js-app%20router-000000?logo=next.js&logoColor=white)](https://nextjs.org)
 
-> React components and Next.js route helpers for [SUMIT / OfficeGuy / Upay](https://sumit.co.il) payments. The companion to [`@digitizers/sumit-api`](https://github.com/Digitizers/sumit-api).
+> React components and Next.js route helpers for [SUMIT / OfficeGuy / Upay](https://sumit.co.il) payments. The companion to [`@godigitizer/sumit-api`](https://github.com/Digitizers/sumit-api).
 
 Ship a working SUMIT checkout flow in a React or Next.js app with two files: a Client Component and a route handler.
 
@@ -38,7 +38,7 @@ Ship a working SUMIT checkout flow in a React or Next.js app with two files: a C
 ## Install
 
 ```bash
-pnpm add @digitizers/sumit-react @digitizers/sumit-api
+pnpm add @godigitizer/sumit-react @godigitizer/sumit-api
 ```
 
 `react` (and optionally `next`) are peer dependencies of your app. SUMIT's `payments.js` is loaded from `https://app.sumit.co.il/scripts/payments.js` at runtime.
@@ -50,7 +50,7 @@ pnpm add @digitizers/sumit-react @digitizers/sumit-api
 ```tsx
 "use client";
 
-import { SumitCheckout, useSumitCheckout } from "@digitizers/sumit-react/client";
+import { SumitCheckout, useSumitCheckout } from "@godigitizer/sumit-react/client";
 
 export function Checkout() {
   const checkout = useSumitCheckout();
@@ -100,7 +100,7 @@ The component renders the inputs SUMIT expects (`og-ccnum`, `og-expmonth`, `og-e
 
 ```ts
 // app/api/sumit/charge/route.ts
-import { createSumitChargeRoute } from "@digitizers/sumit-react/next";
+import { createSumitChargeRoute } from "@godigitizer/sumit-react/next";
 
 export const POST = createSumitChargeRoute({
   companyId: Number(process.env.SUMIT_COMPANY_ID),
@@ -118,7 +118,7 @@ What the handler does:
 | Step      | Behaviour                                                                                                |
 | --------- | -------------------------------------------------------------------------------------------------------- |
 | Validate  | Checks the JSON body shape (`singleUseToken`, `customer`, `item`).                                       |
-| Build     | Calls `buildRecurringChargePayload` from `@digitizers/sumit-api`.                                        |
+| Build     | Calls `buildRecurringChargePayload` from `@godigitizer/sumit-api`.                                        |
 | Send      | `POST`s to `https://api.sumit.co.il/billing/recurring/charge/`.                                          |
 | Normalize | Calls `normalizeRecurringChargeResponse`.                                                                |
 | Respond   | `200` success, `402` declined, `400` bad input, `502` upstream failure — sensitive fields **redacted**.  |
@@ -129,7 +129,7 @@ What the handler does:
 
 ```ts
 // app/api/sumit/webhook/route.ts
-import { createSumitWebhookRoute, verifySumitSharedSecret } from "@digitizers/sumit-react/next";
+import { createSumitWebhookRoute, verifySumitSharedSecret } from "@godigitizer/sumit-react/next";
 
 export const POST = createSumitWebhookRoute({
   verify: verifySumitSharedSecret(process.env.SUMIT_WEBHOOK_SECRET!),
@@ -173,14 +173,14 @@ Header verification is preferred because query strings are commonly stored in ac
 | **Server credential leakage** | The full `apiKey` lives only in `createSumitChargeRoute`; `./client` and `./next` are separate exports so client bundles cannot transitively pull the server secret. |
 | **Webhook spoofing** | `verifySumitSharedSecret` checks the `x-sumit-secret` header by default and hashes both the candidate and the secret to a fixed 32-byte digest before comparing — the comparison is constant-time **and** length-independent, so response timing leaks neither secret content nor secret length. Query-string secrets are opt-in only because URLs commonly land in logs. |
 | **Double-submit / token reuse** | `<SumitCheckout />` uses a synchronous ref guard so two rapid submits cannot both fire `CreateToken` (single-use tokens are exactly that — single-use). |
-| **Logging sensitive data** | Every event the route helpers return passes through `redactSumitPayload` from `@digitizers/sumit-api`. |
+| **Logging sensitive data** | Every event the route helpers return passes through `redactSumitPayload` from `@godigitizer/sumit-api`. |
 
 ---
 
 ## API surface
 
 ```ts
-// from @digitizers/sumit-react/client
+// from @godigitizer/sumit-react/client
 SumitCheckout(props): JSX.Element
   props.companyId, apiPublicKey, environment?, language?
   props.requireCvv?, requireCitizenId?
@@ -190,7 +190,7 @@ useSumitCheckout(): { ref, status, error, token, submit, reset, handleToken, han
 loadSumitPayments(env?): Promise<SumitPaymentsSdk>
 createSingleUseToken(settings): Promise<string>
 
-// from @digitizers/sumit-react/next
+// from @godigitizer/sumit-react/next
 createSumitChargeRoute(config): (request: Request) => Promise<Response>
 createSumitWebhookRoute(config): (request: Request) => Promise<Response>
 verifySumitSharedSecret(secret, options?): SumitWebhookVerifier
@@ -200,7 +200,7 @@ verifySumitSharedSecret(secret, options?): SumitWebhookVerifier
 
 ## Local development
 
-This package has `@digitizers/sumit-api` as a peer dependency. While `sumit-api` is being published to npm, the dev dependency in this repo points at `file:../sumit-api`, so cloning both repos as siblings is the supported local setup:
+This package has `@godigitizer/sumit-api` as a peer dependency. While `sumit-api` is being published to npm, the dev dependency in this repo points at `file:../sumit-api`, so cloning both repos as siblings is the supported local setup:
 
 ```text
 ~/code/
@@ -217,7 +217,7 @@ pnpm test         # vitest run
 pnpm build        # tsc → dist/
 ```
 
-Once `@digitizers/sumit-api` is published, the dev dependency will switch to a regular semver range and CI will install it from the registry.
+Once `@godigitizer/sumit-api` is published, the dev dependency will switch to a regular semver range and CI will install it from the registry.
 
 ---
 
diff --git a/package.json b/package.json
index d71c7ee..932d8f6 100644
--- a/package.json
+++ b/package.json
@@ -1,5 +1,5 @@
 {
-  "name": "@digitizers/sumit-react",
+  "name": "@godigitizer/sumit-react",
   "version": "0.1.1",
   "description": "React components and Next.js route helpers for SUMIT/OfficeGuy/Upay payments.",
   "license": "MIT",
@@ -48,11 +48,11 @@
     "typecheck": "tsc --noEmit"
   },
   "peerDependencies": {
-    "@digitizers/sumit-api": ">=0.1.0",
+    "@godigitizer/sumit-api": ">=0.1.0",
     "react": ">=18.0.0"
   },
   "devDependencies": {
-    "@digitizers/sumit-api": "file:../sumit-api",
+    "@godigitizer/sumit-api": "file:../sumit-api",
     "@testing-library/react": "^16.1.0",
     "@types/node": "^20.19.35",
     "@types/react": "^19.0.0",
diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml
index 7df3592..c474b01 100644
--- a/pnpm-lock.yaml
+++ b/pnpm-lock.yaml
@@ -8,7 +8,7 @@ importers:
 
   .:
     devDependencies:
-      '@digitizers/sumit-api':
+      '@godigitizer/sumit-api':
         specifier: file:../sumit-api
         version: file:../sumit-api
       '@testing-library/react':
@@ -50,9 +50,6 @@ packages:
     resolution: {integrity: sha512-JiDShH45zKHWyGe4ZNVRrCjBz8Nh9TMmZG1kh4QTK8hCBTWBi8Da+i7s1fJw7/lYpM4ccepSNfqzZ/QvABBi5g==}
     engines: {node: '>=6.9.0'}
 
-  '@digitizers/sumit-api@file:../sumit-api':
-    resolution: {directory: ../sumit-api, type: directory}
-
   '@emnapi/core@1.10.0':
     resolution: {integrity: sha512-yq6OkJ4p82CAfPl0u9mQebQHKPJkY7WrIuk205cTYnYe+k2Z8YBh11FrbRG/H6ihirqcacOgl2BIO8oyMQLeXw==}
 
@@ -62,6 +59,9 @@ packages:
   '@emnapi/wasi-threads@1.2.1':
     resolution: {integrity: sha512-uTII7OYF+/Mes/MrcIOYp5yOtSMLBWSIoLPpcgwipoiKbli6k322tcoFsxoIIxPDqW01SQGAgko4EzZi2BNv2w==}
 
+  '@godigitizer/sumit-api@file:../sumit-api':
+    resolution: {directory: ../sumit-api, type: directory}
+
   '@jridgewell/sourcemap-codec@1.5.5':
     resolution: {integrity: sha512-cYQ9310grqxueWbl+WuIUIaiUaDcj7WOq5fVhEljNVgRfOUhY9fy2zTvfoqWsnebh8Sl70VScFbICvJnLKB0Og==}
 
@@ -590,8 +590,6 @@ snapshots:
 
   '@babel/runtime@7.29.2': {}
 
-  '@digitizers/sumit-api@file:../sumit-api': {}
-
   '@emnapi/core@1.10.0':
     dependencies:
       '@emnapi/wasi-threads': 1.2.1
@@ -608,6 +606,8 @@ snapshots:
       tslib: 2.8.1
     optional: true
 
+  '@godigitizer/sumit-api@file:../sumit-api': {}
+
   '@jridgewell/sourcemap-codec@1.5.5': {}
 
   '@napi-rs/wasm-runtime@1.1.4(@emnapi/core@1.10.0)(@emnapi/runtime@1.10.0)':
diff --git a/src/next/createChargeRoute.ts b/src/next/createChargeRoute.ts
index fb39232..f33100e 100644
--- a/src/next/createChargeRoute.ts
+++ b/src/next/createChargeRoute.ts
@@ -2,12 +2,12 @@ import {
   buildRecurringChargePayload,
   normalizeRecurringChargeResponse,
   redactSumitPayload,
-} from "@digitizers/sumit-api";
+} from "@godigitizer/sumit-api";
 import type {
   BuildRecurringChargePayloadParams,
   NormalizedSumitEvent,
   SumitCurrency,
-} from "@digitizers/sumit-api";
+} from "@godigitizer/sumit-api";
 
 const DEFAULT_BASE_URL = "https://api.sumit.co.il";
 const DEFAULT_PATH = "/billing/recurring/charge/";
diff --git a/src/next/createWebhookRoute.ts b/src/next/createWebhookRoute.ts
index ad9de17..87702a5 100644
--- a/src/next/createWebhookRoute.ts
+++ b/src/next/createWebhookRoute.ts
@@ -1,5 +1,5 @@
-import { normalizeSumitIncomingPayload, redactSumitPayload } from "@digitizers/sumit-api";
-import type { NormalizedSumitEvent } from "@digitizers/sumit-api";
+import { normalizeSumitIncomingPayload, redactSumitPayload } from "@godigitizer/sumit-api";
+import type { NormalizedSumitEvent } from "@godigitizer/sumit-api";
 
 export type SumitWebhookVerifier = (request: Request) => boolean | Promise<boolean>;