<!--
Make sure you've read the CONTRIBUTING.md guidelines:
https://github.com/stack-auth/stack-auth/blob/dev/CONTRIBUTING.md
-->
# 🔒 Hidden Internal Endpoints from Public API Docs
Internal endpoints were incorrectly appearing in public API
documentation. Added hidden: true metadata to:
- /internal/init-script-callback - Telegram notification callback
- /internal/send-sign-in-invitation - Team invitation endpoint (public
equivalent: /team-invitations/send-code)
- /internal/projects/current - Internal project CRUD (adminRead,
adminUpdate, adminDelete)
- /internal/emails - Internal emails CRUD (adminList)
# 🏷️ Fixed Endpoint Categorization (moved from "Others")
Several endpoints were appearing in the "Others" category instead of
their proper sections:
- /emails/send-email -> Added tags: ["Emails"]
- Notification preferences CRUD -> Added complete docs with tags:
["Emails"]
- OAuth providers CRUD -> Changed tag from "OAuth Providers" → "Oauth"
to match naming convention; added missing clientUpdate docs
# 📝 API Documentation Improvements
- Fixed duplicate API Key titles: Updated handlers to use dynamic
summary (Create ${type} API key) instead of hardcoded "Create API key"
for both user and team keys
- Fixed empty Request section: API playground now only renders the
Request panel when there are actual parameters or request body fields to
display
# 🎨 UserButton Component Fixes
### Component (packages/template/src/components/user-button.tsx):
- Fixed hover effect centering (removed w-12 constraint, added p-1.5
padding)
- Fixed showUserInfo not displaying (changed flex-grow w-0 → min-w-0)
- Updated text styling with proper font sizes and theme-aware colors
- Added hover:transition-none for snappy UX
### Documentation Demo
(docs/src/components/stack-auth/stack-user-button-demo.tsx):
- Added not-prose class to fix avatar not rendering in MDX context
<img width="482" height="190" alt="image"
src="https://github.com/user-attachments/assets/c7c847c8-3ca5-4a40-bb33-f89949b6dbad"
/>
| Old | New |
|-----|-----|
| <img
src="https://github.com/user-attachments/assets/b0f2afe4-1499-49c0-946a-618a29876479"
width="180" /> | <img
src="https://github.com/user-attachments/assets/a358499c-f7e6-42c0-a0a0-2e6ad21728d2"
width="180" /> |
| Old | New |
|-----|-----|
| <img width="176" height="73" alt="image"
src="https://github.com/user-attachments/assets/1e17d77e-e4df-484d-adf4-19fcdaa0b471"
/> | <img width="198" height="76" alt="image"
src="https://github.com/user-attachments/assets/61d95ca8-61e5-48db-8fd8-75335751622f"
/> |
<!--
Make sure you've read the CONTRIBUTING.md guidelines:
https://github.com/stack-auth/stack-auth/blob/dev/CONTRIBUTING.md
-->
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Bug Fixes**
* Fixed email template retention: custom templates are now only
preserved when using dedicated email servers, not shared configurations.
* **Tests**
* Added end-to-end test coverage for email template behavior across
different server configurations.
<sub>✏️ Tip: You can customize this high-level summary in your review
settings.</sub>
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
https://www.loom.com/share/7628a0b5f14e4367bcde93e4817a50e8
<img width="811" height="437" alt="image"
src="https://github.com/user-attachments/assets/6b02aae0-c723-43d4-92ab-a26e97623d9c"
/>
<!--
Make sure you've read the CONTRIBUTING.md guidelines:
https://github.com/stack-auth/stack-auth/blob/dev/CONTRIBUTING.md
-->
<!-- ELLIPSIS_HIDDEN -->
----
> [!IMPORTANT]
> Enhance email templates with project branding and dark-mode support,
update schemas and API responses for new logo fields.
>
> - **Behavior**:
> - Email templates now support project branding with compact/full logos
and dark-mode variants in `email-rendering.tsx` and `emails.ts`.
> - Project name displays beside logos in Light and Dark themes in
`email-rendering.tsx`.
> - Email rendering groups branding and unsubscribe data for consistent
theming.
> - **API Changes**:
> - Project payloads and admin/project schemas rename `full_logo` to
`logo_full` and add dark-mode logo fields in `projects.ts` and
`schema-fields.ts`.
> - Updates to `projects.tsx` and `page-client.tsx` to handle new logo
fields.
> - **Style**:
> - Improved unsubscribe link contrast in Dark theme in `emails.ts`.
> - **Database**:
> - Adds `logoFullUrl`, `logoDarkModeUrl`, and `logoFullDarkModeUrl`
columns to `Project` table in `migration.sql`.
>
> <sup>This description was created by </sup>[<img alt="Ellipsis"
src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup>
for 0fbb79db5c. You can
[customize](https://app.ellipsis.dev/stack-auth/settings/summaries) this
summary. It will automatically update as commits are pushed.</sup>
----
<!-- ELLIPSIS_HIDDEN -->
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Added dark‑mode logo support for projects with separate logo and
full‑logo variants.
* Email themes/templates now render project logos and automatically
select light/dark variants with fallbacks.
* **Refactor**
* Project logo fields and public payloads renamed/reorganized to support
the new dark‑mode variants and consistent naming.
* **Tests**
* Updated test snapshots to reflect the new project logo fields.
* **Chores**
* Database migration applied to add/rename logo columns.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
<!-- CURSOR_SUMMARY -->
---
> [!NOTE]
> Adds light/dark logo variants, renames full-logo fields, and passes
project logos into email themes; updates DB, schemas, API, UI, and
tests.
>
> - **Database/Prisma**:
> - Rename `Project.fullLogoUrl` to `logoFullUrl`; add `logoDarkModeUrl`
and `logoFullDarkModeUrl`.
> - **Backend**:
> - Email rendering now accepts `themeProps` with `projectLogos` and
spreads into `EmailTheme` (single/batched).
> - Provide project logo URLs to email render/send and internal template
preview routes.
> - Add `@stackframe/emails` components (`Logo`, `FullLogo`,
`ProjectLogo`) with light/dark fallbacks.
> - Projects CRUD: map/upload new logo fields; rename API fields to
`logo_full_url` and add dark-mode fields.
> - **Emails (themes)**:
> - Light/Dark themes render `<ProjectLogo>`; improve dark-theme
unsubscribe link contrast.
> - **Dashboard/UI**:
> - Project settings support `logoFullUrl`, `logoDarkModeUrl`,
`logoFullDarkModeUrl` uploads.
> - Code editor types: add `ThemeProps.projectLogos`, relax TS option,
and Tailwind DTS fix.
> - **Shared Schemas/Types**:
> - Update `schema-fields` and CRUD read/update models to new/extra logo
fields; propagate through template app types.
> - **Tests**:
> - Update snapshots for new project logo fields and theme source
output.
>
> <sup>Written by [Cursor
Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit
4d97561839. This will update automatically
on new commits. Configure
[here](https://cursor.com/dashboard?tab=bugbot).</sup>
<!-- /CURSOR_SUMMARY -->
---------
Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com>
Co-authored-by: ellipsis-dev[bot] <65095814+ellipsis-dev[bot]@users.noreply.github.com>
Co-authored-by: Konsti Wohlwend <n2d4xc@gmail.com>
Co-authored-by: Bilal Godil <bg2002@gmail.com>
<!--
Make sure you've read the CONTRIBUTING.md guidelines:
https://github.com/stack-auth/stack-auth/blob/dev/CONTRIBUTING.md
-->
<img width="216" height="245" alt="image"
src="https://github.com/user-attachments/assets/f59f754f-b9d7-4e82-a552-8e407878eb01"
/>
<img width="940" height="564" alt="image"
src="https://github.com/user-attachments/assets/3218914e-5128-4cff-a183-29637adfb9f2"
/>
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Documentation**
* New "Apps" section with dedicated pages for API Keys, Emails, OAuth,
Permissions (RBAC), Orgs & Teams, Auth Providers, and Webhooks; API Keys
content moved into this section.
* New API Keys guide and updated overview content including an Apps grid
and app tiles.
* Added redirects from old concept pages to new Apps pages.
* **Style**
* Sidebar now shows icons for docs links; improved hover animations and
tile styling across docs.
* **New Features**
* App tile/card components added for displaying apps in docs.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
<!-- CURSOR_SUMMARY -->
---
> [!NOTE]
> Introduces a new “Apps” docs section (API Keys, Emails, OAuth, RBAC,
Orgs & Teams, Webhooks), adds reusable app UI components, updates
navigation, and removes the old API Keys concept doc.
>
> - **Docs**:
> - **Apps section**: Add `docs/content/docs/(guides)/apps/*` (API Keys,
Emails, OAuth, RBAC Permissions, Orgs & Teams, Webhooks) with icons and
examples; remove `concepts/api-keys.mdx` and update related links (e.g.,
JWT).
> - **Overview & Nav**: Insert AppGrid on `overview`, add “Apps” pages
to `meta.json`, add “Welcome” nav item, and refine “Guides” active-state
logic.
> - **Code examples**: Wire `docs/code-examples/index.ts` to load
`apps/api-keys` examples.
> - **UI/Components**:
> - Add `AppCard`/`AppGrid` in `docs/src/components/mdx/app-card.tsx`
and register in `mdx-components`.
> - Tweak homepage hover card styles (`iconHover.tsx`) and sidebar links
to support icons.
> - **Shared**:
> - Add `packages/stack-shared/src/apps/apps-ui.tsx` with `AppIcon` and
sizing constants; note UI export guidance in `stack-shared` `index.ts`.
> - **Styling/Infra**:
> - Add Tailwind `@source` in global CSS; minor layout/link icon
plumbing.
>
> <sup>Written by [Cursor
Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit
2487b877aa. This will update automatically
on new commits. Configure
[here](https://cursor.com/dashboard?tab=bugbot).</sup>
<!-- /CURSOR_SUMMARY -->
---------
Co-authored-by: Konsti Wohlwend <n2d4xc@gmail.com>
https://www.loom.com/share/ade557d34b674ecb9ae1d703b5332c9d
<!--
Make sure you've read the CONTRIBUTING.md guidelines:
https://github.com/stack-auth/stack-auth/blob/dev/CONTRIBUTING.md
-->
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Added support for inline webhook configuration portal rendering when
available
* Enhanced webhooks page with improved theming support
* **Refactor**
* Updated webhook token API to return structured data including optional
server URL alongside token
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
<!-- CURSOR_SUMMARY -->
---
> [!NOTE]
> Enables embedded Svix portal on the Webhooks page when available,
updating the token API and shared types to return an optional portal URL
and wiring it through the admin app.
>
> - **Frontend (Dashboard Webhooks page)**:
> - Conditionally render Svix `AppPortal` when `svixToken.url` is
provided; otherwise fall back to `SvixProvider` with token.
> - Integrate theme support (`next-themes`) for portal `darkMode`;
import `svix-react` styles.
> - **Backend (API)**:
> - Update `POST /api/latest/webhooks/svix-token` to return `{ token,
url? }`, deriving `url` only when no `STACK_SVIX_SERVER_URL` is set.
> - **Shared Types/SDK**:
> - Extend `svixTokenAdminReadSchema` to include optional `url`.
> - Change admin app `useSvixToken()` to return `{ token, url }` and
propagate through implementation.
>
> <sup>Written by [Cursor
Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit
9f5dc52ecf. This will update automatically
on new commits. Configure
[here](https://cursor.com/dashboard?tab=bugbot).</sup>
<!-- /CURSOR_SUMMARY -->
Co-authored-by: Konsti Wohlwend <n2d4xc@gmail.com>
<!--
Make sure you've read the CONTRIBUTING.md guidelines:
https://github.com/stack-auth/stack-auth/blob/dev/CONTRIBUTING.md
-->
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
- **New Features**
- Projects now expose a domains field in the client API.
- Cookie API expanded: domain and secure options added, plus getAll and
isSecure helpers.
- **Refactor**
- Domain-aware cookie and token handling for cross-domain refresh flows.
- Minor signature/formatting tweaks to IP and URL utilities.
- **Tests**
- E2E coverage added: refresh-cookie scenarios and a project scaffolding
test.
- Backend snapshot updated to include domains.
- **Chores**
- Added a new dependency for domain parsing.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
---------
Co-authored-by: Konsti Wohlwend <n2d4xc@gmail.com>
https://www.loom.com/share/abbd19d1deaa4b3d8f8ae9c1f2f9b098?sid=d105ee21-f380-4c37-85f1-a58610cfff9d
<!--
Make sure you've read the CONTRIBUTING.md guidelines:
https://github.com/stack-auth/stack-auth/blob/dev/CONTRIBUTING.md
-->
<!-- RECURSEML_SUMMARY:START -->
## High-level PR Summary
This PR adds webhook testing functionality to the dashboard, allowing
users to send test events to their configured webhook endpoints and
verify they're working correctly. The implementation adds a new backend
API endpoint that creates a `stack.test` event via Svix, verifies
successful delivery, and provides clear feedback. The dashboard UI is
enhanced with a test dialog that shows a preview of the test payload and
displays success or error messages, with the test action accessible both
from the endpoint creation flow and the action menu for existing
endpoints.
⏱️ Estimated Review Time: 15-30 minutes
<details>
<summary>💡 Review Order Suggestion</summary>
| Order | File Path |
|-------|-----------|
| 1 | `packages/stack-shared/src/interface/admin-interface.ts` |
| 2 | `packages/template/src/lib/stack-app/apps/interfaces/admin-app.ts`
|
| 3 |
`packages/template/src/lib/stack-app/apps/implementations/admin-app-impl.ts`
|
| 4 |
`apps/backend/src/app/api/latest/internal/send-test-webhook/route.tsx` |
| 5 |
`apps/dashboard/src/app/(main)/(protected)/projects/[projectId]/webhooks/page-client.tsx`
|
</details>
[](https://discord.gg/n3SsVDAW6U)
[
<!-- RECURSEML_SUMMARY:END -->
<!-- ELLIPSIS_HIDDEN -->
----
> [!IMPORTANT]
> Add functionality to test webhooks from the dashboard, including
backend route and frontend UI updates.
>
> - **Backend**:
> - Adds `POST` route in `send-test-webhook/route.tsx` to handle test
webhook requests.
> - Validates request and response schemas using `yup`.
> - Implements logic to send test webhook using `svix` and handle
success/error cases.
> - **Frontend**:
> - Updates `page-client.tsx` to include a dialog for creating and
testing endpoints.
> - Adds `TestEndpointDialog` component to handle the test webhook UI.
> - Modifies `CreateDialog` and `ActionMenu` to support triggering the
test webhook.
> - **Admin Interface**:
> - Adds `sendTestWebhook` method to `StackAdminInterface` in
`admin-interface.ts`.
> - Implements `sendTestWebhook` in `_StackAdminAppImplIncomplete` in
`admin-app-impl.ts`.
> - Updates `StackAdminApp` interface in `admin-app.ts` to include
`sendTestWebhook` method.
>
> <sup>This description was created by </sup>[<img alt="Ellipsis"
src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup>
for c9bc00cb50. You can
[customize](https://app.ellipsis.dev/stack-auth/settings/summaries) this
summary. It will automatically update as commits are pushed.</sup>
<!-- ELLIPSIS_HIDDEN -->
Co-authored-by: Konsti Wohlwend <n2d4xc@gmail.com>
<!--
Make sure you've read the CONTRIBUTING.md guidelines:
https://github.com/stack-auth/stack-auth/blob/dev/CONTRIBUTING.md
-->
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Sign-up accepts an optional verification callback URL and a new
opt-out flag to disable email verification; when opted-out or absent,
URL checks and verification emails are skipped.
* Client APIs and runtime validation updated to forbid providing a
callback URL when opting out. Sign-up now retries without a callback if
a redirect URL is not whitelisted.
* **Tests**
* End-to-end tests added for sign-up without verification and for
conflicting verification settings.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
---------
Co-authored-by: Konsti Wohlwend <n2d4xc@gmail.com>
Co-authored-by: claude[bot] <209825114+claude[bot]@users.noreply.github.com>
Co-authored-by: Konsti Wohlwend <N2D4@users.noreply.github.com>
<!--
Make sure you've read the CONTRIBUTING.md guidelines:
https://github.com/stack-auth/stack-auth/blob/dev/CONTRIBUTING.md
-->
<!-- RECURSEML_SUMMARY:START -->
## High-level PR Summary
This PR adds support for custom `metadata` to inline products in the
payments system. The change allows developers to attach arbitrary
metadata to products created inline (without pre-configuration), which
Stack Auth will store and return with the product. This enables
applications to associate custom data such as feature flags, reference
IDs, or other application-specific attributes with products. The
implementation adds a new `productSchemaWithMetadata` schema, updates
the product type handling in the backend, and includes comprehensive e2e
tests verifying metadata is persisted and returned correctly through
purchase creation, validation, and listing endpoints.
⏱️ Estimated Review Time: 15-30 minutes
<details>
<summary>💡 Review Order Suggestion</summary>
| Order | File Path |
|-------|-----------|
| 1 | `packages/stack-shared/src/schema-fields.ts` |
| 2 | `apps/backend/src/lib/payments.tsx` |
| 3 |
`apps/e2e/tests/backend/endpoints/api/v1/payments/purchase-session.test.ts`
|
| 4 |
`apps/e2e/tests/backend/endpoints/api/v1/payments/create-purchase-url.test.ts`
|
| 5 |
`apps/e2e/tests/backend/endpoints/api/v1/payments/products.test.ts` |
</details>
[](https://discord.gg/n3SsVDAW6U)
[
<!-- RECURSEML_SUMMARY:END -->
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Products now support custom metadata (client, client read-only, and
server) and expose these fields in inline product representations.
* Metadata is preserved and propagated through purchase creation,
validation, grants, and owned-product listings so it’s available after
purchase.
* **Tests**
* Added end-to-end tests verifying metadata is accepted, persisted, and
returned in purchase creation, validation, grant, and listing flows.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
<!-- ELLIPSIS_HIDDEN -->
----
> [!IMPORTANT]
> Adds support for custom metadata in inline products, updating schemas
and functions to handle metadata, with comprehensive tests verifying the
changes.
>
> - **Behavior**:
> - Adds support for custom metadata in inline products, allowing
arbitrary metadata attachment.
> - Updates `ensureProductIdOrInlineProduct()` and
`productToInlineProduct()` in `payments.tsx` to handle metadata.
> - Metadata is preserved and returned in purchase creation, validation,
and listing endpoints.
> - **Schemas**:
> - Adds `productSchemaWithMetadata` in `schema-fields.ts` to include
`clientMetadata`, `clientReadOnlyMetadata`, and `serverMetadata`.
> - Updates `inlineProductSchema` to support metadata fields.
> - **Tests**:
> - Adds e2e tests in `purchase-session.test.ts`,
`create-purchase-url.test.ts`, and `products.test.ts` to verify metadata
handling.
>
> <sup>This description was created by </sup>[<img alt="Ellipsis"
src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup>
for 1b5601c991. You can
[customize](https://app.ellipsis.dev/stack-auth/settings/summaries) this
summary. It will automatically update as commits are pushed.</sup>
<!-- ELLIPSIS_HIDDEN -->
---------
Co-authored-by: Konsti Wohlwend <n2d4xc@gmail.com>
<!--
ONTRIBUTING.md guidelines:
https://github.com/stack-auth/stack-auth/blob/dev/CONTRIBUTING.md
-->
<!-- RECURSEML_SUMMARY:START -->
## High-level PR Summary
This PR changes the default development ports for several background
services to avoid conflicts. PostgreSQL moves from port `5432` to
`8128`, Inbucket SMTP from `2500` to `8129`, Inbucket POP3 from `1100`
to `8130`, and the OpenTelemetry collector from `4318` to `8131`. All
references across configuration files, Docker Compose setups,
environment files, CI/CD workflows, test files, and documentation have
been updated to reflect these new port assignments. A knowledge base
document has been added to document the new port mappings.
⏱️ Estimated Review Time: 15-30 minutes
<details>
<summary>💡 Review Order Suggestion</summary>
| Order | File Path |
| --- | --- |
| 1 | `claude/CLAUDE-KNOWLEDGE.md` |
| 2 | `apps/dev-launchpad/public/index.html` |
| 3 | `docker/dependencies/docker.compose.yaml` |
| 4 | `docker/emulator/docker.compose.yaml` |
| 5 | `apps/backend/.env` |
| 6 | `apps/backend/.env.development` |
| 7 | `docker/server/.env.example` |
| 8 | `package.json` |
| 9 | `.devcontainer/devcontainer.json` |
| 10 | `apps/e2e/.env.development` |
| 11 | `.github/workflows/check-prisma-migrations.yaml` |
| 12 | `.github/workflows/docker-server-test.yaml` |
| 13 | `.github/workflows/e2e-api-tests.yaml` |
| 14 | `.github/workflows/e2e-source-of-truth-api-tests.yaml` |
| 15 | `.github/workflows/restart-dev-and-test.yaml` |
| 16 |
`apps/e2e/tests/backend/endpoints/api/v1/internal/email-drafts.test.ts`
|
| 17 | `apps/e2e/tests/backend/endpoints/api/v1/internal/email.test.ts`
|
| 18 | `apps/e2e/tests/backend/endpoints/api/v1/send-email.test.ts` |
| 19 |
`apps/e2e/tests/backend/endpoints/api/v1/unsubscribe-link.test.ts` |
| 20 | `apps/e2e/tests/backend/workflows.test.ts` |
| 21 | `docs/templates/others/self-host.mdx` |
</details>
[](https://discord.gg/n3SsVDAW6U)
[
<!-- RECURSEML_SUMMARY:END -->
<!-- ELLIPSIS_HIDDEN -->
----
> [!IMPORTANT]
> This PR introduces customizable development ports using
`NEXT_PUBLIC_STACK_PORT_PREFIX`, updating configurations, documentation,
and tests accordingly.
>
> - **Behavior**:
> - Default development ports for services are now customizable via
`NEXT_PUBLIC_STACK_PORT_PREFIX`.
> - PostgreSQL port changed from `5432` to
`${NEXT_PUBLIC_STACK_PORT_PREFIX:-81}28`.
> - Inbucket SMTP port changed from `2500` to
`${NEXT_PUBLIC_STACK_PORT_PREFIX:-81}29`.
> - Inbucket POP3 port changed from `1100` to
`${NEXT_PUBLIC_STACK_PORT_PREFIX:-81}30`.
> - OpenTelemetry collector port changed from `4318` to
`${NEXT_PUBLIC_STACK_PORT_PREFIX:-81}31`.
> - **Configuration**:
> - Updated `docker.compose.yaml` to use new port variables for services
like PostgreSQL, Inbucket, and OpenTelemetry.
> - Environment files in `apps/backend`, `apps/dashboard`, and
`apps/e2e` updated to use `NEXT_PUBLIC_STACK_PORT_PREFIX`.
> - `package.json` scripts updated to reflect new port configurations.
> - **Documentation**:
> - Added `CLAUDE-KNOWLEDGE.md` to document new port mappings.
> - Updated `self-host.mdx` to reflect new port configurations.
> - **Testing**:
> - Updated test files in `apps/e2e/tests` to use new port
configurations.
> - Added `helpers/ports.ts` for port-related utilities in tests.
>
> <sup>This description was created by </sup>[<img alt="Ellipsis"
src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup>
for 76ef55f58f. You can
[customize](https://app.ellipsis.dev/stack-auth/settings/summaries) this
summary. It will automatically update as commits are pushed.</sup>
----
<!-- ELLIPSIS_HIDDEN -->
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
- **New Features**
- Enable configurable development ports via a
NEXT_PUBLIC_STACK_PORT_PREFIX, allowing parallel local environments with
custom port prefixes.
- **Bug Fixes**
- Updated local service port mappings and CI/workflow settings so
tooling and tests use the new prefixed ports consistently.
- **Documentation**
- Added docs and contributor guidance for running multiple parallel
workspaces with custom port prefixes.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
---------
Co-authored-by: N2D4 <N2D4@users.noreply.github.com>
<!--
Make sure you've read the CONTRIBUTING.md guidelines:
https://github.com/stack-auth/stack-auth/blob/dev/CONTRIBUTING.md
-->
<!-- RECURSEML_SUMMARY:START -->
## High-level PR Summary
This PR fixes payment test mode behavior by changing the default test
mode setting to `true` and refactoring the test mode bypass UI. The
bypass functionality is moved from a floating card in the purchase page
into the checkout form itself, providing a cleaner and more integrated
experience. Additionally, the database migration configuration is
updated to increase the `maxWait` timeout to handle concurrent migration
attempts more gracefully in high-contention scenarios like CI
environments.
⏱️ Estimated Review Time: 5-15 minutes
<details>
<summary>💡 Review Order Suggestion</summary>
| Order | File Path |
|-------|-----------|
| 1 | `packages/stack-shared/src/config/schema.ts` |
| 2 | `apps/dashboard/src/app/(main)/purchase/[code]/page-client.tsx` |
| 3 | `apps/dashboard/src/components/payments/checkout.tsx` |
| 4 | `apps/backend/src/auto-migrations/index.tsx` |
</details>
<details>
<summary>⚠️ Inconsistent Changes Detected</summary>
| File Path | Warning |
|-----------|---------|
| `apps/backend/src/auto-migrations/index.tsx` | Database migration
timeout configuration changes appear unrelated to payment test mode
fixes, which is the stated purpose of this PR |
</details>
[](https://discord.gg/n3SsVDAW6U)
[
<!-- RECURSEML_SUMMARY:END -->
<!-- ELLIPSIS_HIDDEN -->
----
> [!IMPORTANT]
> Sets payment test mode to default true, integrates test mode bypass
into checkout form, and updates migration timeout.
>
> - **Behavior**:
> - Default `testMode` set to `true` in `schema.ts`.
> - Integrates test mode bypass into `CheckoutForm` in `checkout.tsx`.
> - Removes separate bypass panel from `page-client.tsx`.
> - **Database**:
> - Increases `maxWait` timeout in `index.tsx` to handle concurrent
migration attempts.
> - **Tests**:
> - Updates tests in `backend-helpers.ts` and `validate-code.test.ts` to
reflect test mode behavior.
>
> <sup>This description was created by </sup>[<img alt="Ellipsis"
src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup>
for 6313c0bfed. You can
[customize](https://app.ellipsis.dev/stack-auth/settings/summaries) this
summary. It will automatically update as commits are pushed.</sup>
----
<!-- ELLIPSIS_HIDDEN -->
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Added a test-mode checkout path with a “Complete test purchase” action
when test mode is active.
* **Refactor**
* Consolidated test-mode bypass into the checkout component and removed
the separate bypass UI.
* **Bug Fixes**
* Improved reliability of database migrations by extending the
transaction wait window, reducing timeout errors under load.
* **Chores**
* Payments now default to test mode enabled.
* **Tests**
* Updated tests and payload expectations to reflect test mode defaults
and behavior.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
https://www.loom.com/share/2767f799df9d48519c737a1d082fc3f4?sid=967802e9-5bfb-438d-96cd-2f6fcbd2f69b
<!--
Make sure you've read the CONTRIBUTING.md guidelines:
https://github.com/stack-auth/stack-auth/blob/dev/CONTRIBUTING.md
-->
<!-- RECURSEML_SUMMARY:START -->
## High-level PR Summary
This PR adds a "Grant Product" feature to the dashboard's customer page,
allowing administrators to manually grant products to users, teams, or
custom customers. The UI has been updated to rename "Items" to
"Customers" in the navigation, and the page now includes a dialog for
selecting a product and quantity (for stackable products) to grant.
Additionally, the backend payment logic has been enhanced to properly
set `currentPeriodEnd` and `cancelAtPeriodEnd` when canceling
conflicting subscriptions during product grants.
⏱️ Estimated Review Time: 15-30 minutes
<details>
<summary>💡 Review Order Suggestion</summary>
| Order | File Path |
|-------|-----------|
| 1 |
`apps/dashboard/src/app/(main)/(protected)/projects/[projectId]/sidebar-layout.tsx`
|
| 2 |
`apps/dashboard/src/app/(main)/(protected)/projects/[projectId]/payments/customers/page.tsx`
|
| 3 |
`apps/dashboard/src/app/(main)/(protected)/projects/[projectId]/payments/customers/page-client.tsx`
|
| 4 | `apps/backend/src/lib/payments.tsx` |
| 5 |
`packages/template/src/lib/stack-app/apps/implementations/server-app-impl.ts`
|
</details>
<details>
<summary>⚠️ Inconsistent Changes Detected</summary>
| File Path | Warning |
|-----------|---------|
|
`packages/template/src/lib/stack-app/apps/implementations/server-app-impl.ts`
| This appears to be a simple variable rename (cache to itemsCache) that
seems unrelated to adding grant product functionality to the dashboard |
</details>
[](https://discord.gg/n3SsVDAW6U)
[
<!-- RECURSEML_SUMMARY:END -->
<!-- ELLIPSIS_HIDDEN -->
----
> [!IMPORTANT]
> Adds "Grant Product" feature to dashboard, enabling admins to grant
products to customers, with new API endpoints, UI updates, and backend
logic enhancements.
>
> - **Behavior**:
> - Adds "Grant Product" feature to dashboard's customer page, allowing
admins to grant products to users, teams, or custom customers.
> - Updates UI to rename "Items" to "Customers" in navigation and adds
dialogs for product selection and quantity.
> - Enhances backend payment logic to set `currentPeriodEnd` and
`cancelAtPeriodEnd` when canceling conflicting subscriptions.
> - **API**:
> - New endpoints in `route.ts` for listing customer products and
granting products.
> - Implements `grantProductToCustomer()` in `payments.tsx` to handle
product grants.
> - **SDK**:
> - Adds `grantProduct` (server) and `listProducts` (client/server)
methods.
> - Updates `client-app-impl.ts` and `server-app-impl.ts` to support new
product functionalities.
> - **Models**:
> - Adds `CustomerProduct` and `CustomerProductsList` types in
`customers/index.ts`.
> - **Misc**:
> - Introduces `PRODUCT_ALREADY_GRANTED` error in `known-errors.tsx`.
> - Updates tests in `products.test.ts` and other test files to cover
new product grant scenarios.
>
> <sup>This description was created by </sup>[<img alt="Ellipsis"
src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup>
for f0d112f578. You can
[customize](https://app.ellipsis.dev/stack-auth/settings/summaries) this
summary. It will automatically update as commits are pushed.</sup>
----
<!-- ELLIPSIS_HIDDEN -->
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
- **New Features**
- Dashboard: New "Customers" page to view customers, grant products, and
manage items with dialogs and selectors for users, teams, or custom IDs.
- API/SDK: Endpoints and client/server SDK methods to list a customer’s
products (paginated) and to grant products.
- **Improvements**
- Error responses for already-owned non-stackable products are now
structured with clear codes and headers.
- Product payloads include server_only, included_items, and new
stackable support.
- **UI**
- Team search table and clickable team rows for faster navigation.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
---------
Co-authored-by: Konsti Wohlwend <n2d4xc@gmail.com>
…or non stackable offer
<!--
Make sure you've read the CONTRIBUTING.md guidelines:
https://github.com/stack-auth/stack-auth/blob/dev/CONTRIBUTING.md
-->
<!-- RECURSEML_SUMMARY:START -->
## High-level PR Summary
This PR improves error messaging in the payments system by addressing
two main issues: (1) providing clearer error messages when an item ID is
mistakenly used as a product ID, including distinguishing between
non-existent products, server-only products, and cases where an item
exists with that ID, and (2) preventing checkout creation for
non-stackable products that a customer already owns by adding an early
validation check. The changes update the `ProductDoesNotExist` known
error to include contextual information, introduce a new
`getCustomerPurchaseContext` helper function to check existing
purchases, and update related test snapshots to reflect the improved
error messages.
⏱️ Estimated Review Time: 15-30 minutes
<details>
<summary>💡 Review Order Suggestion</summary>
| Order | File Path |
|-------|-----------|
| 1 | `packages/stack-shared/src/known-errors.tsx` |
| 2 | `apps/backend/src/lib/payments.tsx` |
| 3 |
`apps/backend/src/app/api/latest/payments/purchases/create-purchase-url/route.ts`
|
| 4 |
`apps/e2e/tests/backend/endpoints/api/v1/payments/create-purchase-url.test.ts`
|
| 5 |
`apps/e2e/tests/backend/endpoints/api/v1/payments/before-offer-to-product-rename/outdated--create-purchase-url.test.ts`
|
</details>
[](https://discord.gg/n3SsVDAW6U)
[
<!-- RECURSEML_SUMMARY:END -->
<!-- ELLIPSIS_HIDDEN -->
----
> [!IMPORTANT]
> Enhances payment error handling by adding context to error messages
and preventing duplicate purchases of non-stackable products.
>
> - **Behavior**:
> - Adds early validation in `create-purchase-url/route.ts` to prevent
checkout for non-stackable products already owned by the customer.
> - Updates `ensureProductIdOrInlineProduct` in `payments.tsx` to
include context in `ProductDoesNotExist` error.
> - Introduces `getCustomerPurchaseContext` in `payments.tsx` to check
existing purchases.
> - **Errors**:
> - Modifies `ProductDoesNotExist` in `known-errors.tsx` to include
`context` (null, server_only, item_exists).
> - **Tests**:
> - Updates test cases in `create-purchase-url.test.ts`,
`purchase-session.test.ts`, and `validate-code.test.ts` to reflect new
error messages and behavior.
> - Adds tests for blocking repeat purchases of non-stackable products.
>
> <sup>This description was created by </sup>[<img alt="Ellipsis"
src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup>
for 5495b9c269. You can
[customize](https://app.ellipsis.dev/stack-auth/settings/summaries) this
summary. It will automatically update as commits are pushed.</sup>
----
<!-- ELLIPSIS_HIDDEN -->
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
- New Features
- Blocks creating a purchase URL when a customer already owns a
non-stackable product, preventing duplicate checkouts.
- Bug Fixes
- Standardized error responses for missing or server-only products with
consistent codes, messages, and structured details.
- Error payloads now include details.context (null, server_only, or
item_exists) instead of access_type.
- Tests
- Added and updated tests to cover blocking repeat purchases and the new
standardized error format (including inline snapshot updates).
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
---------
Co-authored-by: Konsti Wohlwend <n2d4xc@gmail.com>
https://www.loom.com/share/59ff826f88324a61bb2fefc51769f840?sid=3fe23444-c56e-46c8-a402-8df38a69403c
<!--
Make sure you've read the CONTRIBUTING.md guidelines:
https://github.com/stack-auth/stack-auth/blob/dev/CONTRIBUTING.md
-->
<!-- RECURSEML_SUMMARY:START -->
## High-level PR Summary
This PR improves the payment products UI by relocating the save/cancel
buttons from the top to the bottom of the product card and replacing the
generic `EditableInput` component with a custom `ProductEditableInput`
component that better handles the specific styling and interaction
patterns needed for product fields. The changes include better visual
feedback during editing and improved layout alignment for the price
input field.
⏱️ Estimated Review Time: 15-30 minutes
<details>
<summary>💡 Review Order Suggestion</summary>
| Order | File Path |
|-------|-----------|
| 1 |
`apps/dashboard/src/app/(main)/(protected)/projects/[projectId]/payments/products/page-client-catalogs-view.tsx`
|
</details>
[](https://discord.gg/n3SsVDAW6U)
[
<!-- RECURSEML_SUMMARY:END -->
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* New Features
- Unified editable product input with read-only and inline editing
modes, placeholder support, and explicit Cancel/Save actions.
* Style
- Improved price-editing layout: aligned currency symbol, spacing, and
input visuals for clearer monetary entry.
- Polished input appearance for consistent look and feel across product
views.
* Refactor
- Replaced scattered editable fields with a single reusable input
component across product editing screens for consistency.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
<!-- ELLIPSIS_HIDDEN -->
----
> [!IMPORTANT]
> Move save/cancel buttons to bottom and replace `EditableInput` with
`ProductEditableInput` for improved UI in
`page-client-catalogs-view.tsx`.
>
> - **UI Changes**:
> - Move save/cancel buttons to the bottom of the product card in
`ProductCard`.
> - Replace `EditableInput` with `ProductEditableInput` for better
styling and interaction in `ProductCard`.
> - **Component Changes**:
> - Add `ProductEditableInput` component to handle product-specific
input styling and behavior.
> - Update `ProductPriceRow` to improve price input layout and visuals.
> - **Misc**:
> - Remove unused import of `EditableInput`.
>
> <sup>This description was created by </sup>[<img alt="Ellipsis"
src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup>
for c09cb54306. You can
[customize](https://app.ellipsis.dev/stack-auth/settings/summaries) this
summary. It will automatically update as commits are pushed.</sup>
<!-- ELLIPSIS_HIDDEN -->
<!--
Make sure you've read the CONTRIBUTING.md guidelines:
https://github.com/stack-auth/stack-auth/blob/dev/CONTRIBUTING.md
-->
<!-- RECURSEML_SUMMARY:START -->
## High-level PR Summary
This PR updates the peer dependency requirements across multiple
package.json files to remove support for React 18.2 and only specify
React 19.0.0-rc.0 or newer as the minimum required version. The change
affects React, React DOM, and their corresponding TypeScript type
packages.
⏱️ Estimated Review Time: 5-15 minutes
<details>
<summary>💡 Review Order Suggestion</summary>
| Order | File Path |
|-------|-----------|
| 1 | `packages/react/package.json` |
| 2 | `packages/stack/package.json` |
| 3 | `packages/template/package-template.json` |
| 4 | `packages/template/package.json` |
</details>
[](https://discord.gg/n3SsVDAW6U)
<!-- RECURSEML_SUMMARY:END -->
<!-- ELLIPSIS_HIDDEN -->
----
> [!IMPORTANT]
> Update peer dependencies to require React 19.0.0 or newer across
multiple packages.
>
> - **Peer Dependencies**:
> - Updated minimum peer dependency to React 19.0.0 for `react`,
`react-dom`, `@types/react`, and `@types/react-dom` in
`packages/react/package.json`, `packages/stack/package.json`, and
`packages/template/package.json`.
> - Removed support for React 18.2 in peer dependencies across all
affected `package.json` files.
> - **Dev Dependencies**:
> - Updated development dependencies to React 19.0.0 in
`packages/react/package.json`, `packages/stack/package.json`, and
`packages/template/package.json`.
> - **Misc**:
> - No runtime behavior changes; only stricter dependency constraints.
>
> <sup>This description was created by </sup>[<img alt="Ellipsis"
src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup>
for fa6ee35f32. You can
[customize](https://app.ellipsis.dev/stack-auth/settings/summaries) this
summary. It will automatically update as commits are pushed.</sup>
----
<!-- ELLIPSIS_HIDDEN -->
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Chores**
* Raised peer dependency minimums to React 19.0.0 for react, react-dom,
@types/react, and @types/react-dom across packages.
* Bumped development dependencies used for building and testing to React
19.x.
* Applies to templates, stack packages, UI/shared packages, and
development tooling; no runtime behavior changes—only stricter
dependency requirements.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
---------
Co-authored-by: Konsti Wohlwend <n2d4xc@gmail.com>
<!--
Make sure you've read the CONTRIBUTING.md guidelines:
https://github.com/stack-auth/stack-auth/blob/dev/CONTRIBUTING.md
-->
<!-- RECURSEML_SUMMARY:START -->
## High-level PR Summary
This PR implements a comprehensive renaming of "offer" to "product" and
"offer group" to "product catalog" throughout the codebase. The changes
include database migrations, schema updates, API compatibility layers,
function renames, and updates to client and server implementations.
Backwards compatibility is maintained through migration layers that
handle requests using the old terminology, translating them to the new
terminology before processing. The PR includes documentation of this
approach in CLAUDE-KNOWLEDGE.md. This rename affects multiple parts of
the system including the database schema, API endpoints, error types,
and SDK interfaces.
⏱️ Estimated Review Time: 1-3 hours
<details>
<summary>💡 Review Order Suggestion</summary>
| Order | File Path |
|-------|-----------|
| 1 |
`apps/backend/prisma/migrations/20250923191615_rename_offers_to_products/migration.sql`
|
| 2 |
`apps/backend/src/app/api/migrations/v2beta1/payments/purchases/offers-compat.ts`
|
| 3 |
`apps/backend/src/app/api/migrations/v2beta1/payments/purchases/create-purchase-url/route.ts`
|
| 4 |
`apps/backend/src/app/api/migrations/v2beta1/payments/purchases/validate-code/route.ts`
|
| 5 | `apps/backend/src/lib/payments.tsx` |
| 6 | `.claude/CLAUDE-KNOWLEDGE.md` |
| 7 | `packages/stack-shared/src/schema-fields.ts` |
| 8 | `packages/stack-shared/src/known-errors.tsx` |
| 9 | `packages/stack-shared/src/config/schema.ts` |
| 10 | `packages/template/src/lib/stack-app/customers/index.ts` |
| 11 |
`packages/template/src/lib/stack-app/apps/implementations/client-app-impl.ts`
|
| 12 |
`packages/template/src/lib/stack-app/apps/implementations/server-app-impl.ts`
|
</details>
[](https://discord.gg/n3SsVDAW6U)
<!-- RECURSEML_SUMMARY:END -->
<!-- ELLIPSIS_HIDDEN -->
----
> [!IMPORTANT]
> Renames 'offer' to 'product' and 'offer group' to 'product catalog'
across the codebase, updating database schema, API endpoints, and
application logic for consistency and backward compatibility.
>
> - **Database**:
> - Rename columns `offer` to `product` and `offerId` to `productId` in
`OneTimePurchase` and `Subscription` tables in `migration.sql`.
> - **API & Migrations**:
> - Update API endpoints to accept `product_id`/`product_inline` instead
of `offer_id`/`offer_inline`.
> - Add `v2beta5` compatibility layer to map legacy `offer` fields to
`product` equivalents.
> - **Shared Schemas**:
> - Rename `offerSchema` to `productSchema` and related schemas in
`schema-fields.ts`.
> - **Server Implementation**:
> - Update `createCheckoutUrl` method in `server-app-impl.ts` to use
`productId`/`InlineProduct`.
> - **Tests**:
> - Update tests to reflect renaming in `backend-helpers.ts` and other
test files.
> - **Miscellaneous**:
> - Remove dummy data related to offers in `dummy-data.tsx`.
> - Update documentation and comments to reflect terminology changes.
>
> <sup>This description was created by </sup>[<img alt="Ellipsis"
src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup>
for e3227bcbd2. You can
[customize](https://app.ellipsis.dev/stack-auth/settings/summaries) this
summary. It will automatically update as commits are pushed.</sup>
----
<!-- ELLIPSIS_HIDDEN -->
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Backwards-compatibility: legacy offer_id/offer_inline requests are
accepted, normalized, and routed to product-based handlers.
* **Refactor**
* Global rename from Offer/Group → Product/Catalog across UI, APIs,
types, client/server interfaces, and error codes.
* **Bug Fixes**
* Responses, webhooks and UI consistently surface product_display_name
and product-related metadata.
* **Documentation**
* Migration notes and docs updated to explain compatibility and
parameter changes.
* **Tests**
* Unit and E2E suites updated to cover product/catalog flows.
* **Chores**
* Database schema migration, seed and config updates applied.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
<!-- CURSOR_SUMMARY -->
---
> [!NOTE]
> Renames offers→products and groups→catalogs end-to-end (DB, APIs,
schemas, UI, SDK, docs), adding v2beta5 compatibility to accept legacy
offer fields while updating all internals.
>
> - **Backend/DB**:
> - Prisma migration: rename `offer`/`offerId`→`product`/`productId` in
`OneTimePurchase` and `Subscription`.
> - Update Stripe webhook, purchase-session, and internal test-mode
flows to use `product*` metadata/fields.
> - **API & Migrations**:
> - Latest endpoints now accept `product_id`/`product_inline`.
> - Add `v2beta5` compat layer mapping legacy `offer_id`/`offer_inline`
to product equivalents; responses alias conflicting products.
> - **Shared Schemas/Errors/Config**:
> - `offerSchema`→`productSchema`,
`inlineOfferSchema`→`inlineProductSchema`, prices/types renamed.
> - KnownErrors renamed (e.g., `PRODUCT_DOES_NOT_EXIST`).
> - Config: `groups`→`catalogs`, defaults/migrations updated; improved
override validation messages; ID regex loosened; formatter tweaks; add
schema fuzzer tests.
> - **Payments Lib**:
> - Rename APIs and logic (`offers`→`products`, `groupId`→`catalogId`),
subscription and item-quantity computation updated.
> - **Dashboard/UI**:
> - Routes, dialogs, editors, tables, and code samples switched to
products/catalogs; removed offers dummy data.
> - **SDK/Template**:
> - Client/server `createCheckoutUrl` now uses
`productId`/`InlineProduct`.
> - **Tests/Docs/Utilities**:
> - E2E and unit tests updated; add legacy (pre-rename) tests.
> - Docs and knowledge base revised; minor script tweaks (recent-first,
limits).
>
> <sup>Written by [Cursor
Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit
e6e20ecd72. This will update automatically
on new commits. Configure
[here](https://cursor.com/dashboard?tab=bugbot).</sup>
<!-- /CURSOR_SUMMARY -->
---------
Co-authored-by: BilalG1 <bg2002@gmail.com>
<!--
Make sure you've read the CONTRIBUTING.md guidelines:
https://github.com/stack-auth/stack-auth/blob/dev/CONTRIBUTING.md
-->
<!-- ELLIPSIS_HIDDEN -->
----
> [!IMPORTANT]
> Add Convex integration with new auth helpers, update access token
handling, and include documentation, examples, and tests for the new
features.
>
> - **Features**:
> - Add Convex integration with new auth helpers for Convex clients and
HTTP in `client-app-impl.ts` and `server-app-impl.ts`.
> - Support for Convex context in user APIs and partial user retrieval.
> - Access tokens now include `is_anonymous` for better anonymous
handling in `tokens.tsx`.
> - **Documentation**:
> - Add Convex integration guide in `docs/templates/others/convex.mdx`.
> - Update docs navigation in `docs/docs-platform.yml` and
`docs/templates/meta.json`.
> - **Examples**:
> - Add Convex + Next.js example app in `examples/convex` with auth
wiring, functions, schema, and UI.
> - **Tests**:
> - Add E2E tests for Convex auth flows in `convex.test.ts`.
> - Update JWT payload checks in `backend-helpers.ts` and
`anonymous-comprehensive.test.ts`.
> - **Chores**:
> - Add Convex dependencies in `package.json` files.
> - Update CI steps for example environments in `e2e-api-tests.yaml` and
`e2e-source-of-truth-api-tests.yaml`.
>
> <sup>This description was created by </sup>[<img alt="Ellipsis"
src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup>
for aa0983a8b7. You can
[customize](https://app.ellipsis.dev/stack-auth/settings/summaries) this
summary. It will automatically update as commits are pushed.</sup>
----
<!-- ELLIPSIS_HIDDEN -->
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
- **New Features**
- Convex integration: auth helpers for Convex clients/HTTP, Convex-aware
user APIs, and partial-user retrieval (token/convex).
- Access tokens now surface is_anonymous for clearer anonymous handling.
- **Documentation**
- Added Convex integration guide and nav entries.
- **Examples**
- New Convex + Next.js example app with auth wiring, backend functions,
schema, and UI.
- **Tests**
- Added E2E tests covering Convex auth flows and JWT payload checks.
- **Chores**
- Added Convex deps, CI env steps, and workspace/test config updates.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
---------
Co-authored-by: Konstantin Wohlwend <n2d4xc@gmail.com>
<!--
Make sure you've read the CONTRIBUTING.md guidelines:
https://github.com/stack-auth/stack-auth/blob/dev/CONTRIBUTING.md
-->
<!-- RECURSEML_SUMMARY:START -->
## High-level PR Summary
This PR adds a new `priceId` field to the `OneTimePurchase` and
`Subscription` models in the database to store Stripe price identifiers.
The change includes database schema updates, corresponding migration
files, and modifications to payment processing logic to properly track
and store price IDs throughout the purchase flow. The implementation
consistently propagates the price ID from Stripe's API responses through
various payment processing endpoints and webhooks handlers, ensuring the
data is properly stored and synced with the database models.
⏱️ Estimated Review Time: 15-30 minutes
<details>
<summary>💡 Review Order Suggestion</summary>
| Order | File Path |
|-------|-----------|
| 1 | `apps/backend/prisma/schema.prisma` |
| 2 |
`apps/backend/prisma/migrations/20250917193043_store_price_id/migration.sql`
|
| 3 | `apps/backend/src/lib/stripe.tsx` |
| 4 |
`apps/backend/src/app/api/latest/payments/purchases/purchase-session/route.tsx`
|
| 5 |
`apps/backend/src/app/api/latest/internal/payments/test-mode-purchase-session/route.tsx`
|
| 6 |
`apps/backend/src/app/api/latest/integrations/stripe/webhooks/route.tsx`
|
| 7 | `apps/e2e/tests/backend/endpoints/api/v1/stripe-webhooks.test.ts`
|
</details>
<!-- RECURSEML_SUMMARY:END -->
<!-- ELLIPSIS_HIDDEN -->
----
> [!IMPORTANT]
> Add `priceId` field to track Stripe price identifiers in purchase and
subscription models, updating schema, payment logic, and tests.
>
> - **Database Changes**:
> - Add `priceId` field to `OneTimePurchase` and `Subscription` models
in `schema.prisma`.
> - Update database schema with migration
`20250917193043_store_price_id/migration.sql`.
> - **Payment Processing**:
> - Update `processStripeWebhookEvent()` in `webhooks/route.tsx` to
handle `priceId`.
> - Modify `POST` handlers in `purchase-session/route.tsx` and
`test-mode-purchase-session/route.tsx` to include `priceId` in metadata.
> - Update `syncStripeSubscriptions()` in `stripe.tsx` to sync
`priceId`.
> - **Testing**:
> - Add tests in `stripe-webhooks.test.ts` to validate `priceId`
handling in webhook and purchase flows.
>
> <sup>This description was created by </sup>[<img alt="Ellipsis"
src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup>
for 4950494d62. You can
[customize](https://app.ellipsis.dev/stack-auth/settings/summaries) this
summary. It will automatically update as commits are pushed.</sup>
----
<!-- ELLIPSIS_HIDDEN -->
<!-- RECURSEML_ANALYSIS:START -->
## Review by RecurseML
_🔍 Review performed on
[e48ffa6..4950494](e48ffa67ee...4950494d62)_
| Severity | Location | Issue
| Delete |
|:----------:|----------|-------|:--------:|
|  |
[apps/e2e/tests/backend/endpoints/api/v1/stripe-webhooks.test.ts:153](https://github.com/stack-auth/stack-auth/pull/900#discussion_r2356623574)
| The field `priceId` uses camelCase instead of the required snake_case
for API parameters |
[
|
|  |
[apps/e2e/tests/backend/endpoints/api/v1/stripe-webhooks.test.ts:245](https://github.com/stack-auth/stack-auth/pull/900#discussion_r2356623664)
| The field `priceId` uses camelCase instead of the required snake_case
for API parameters |
[
|
|  |
[apps/e2e/tests/backend/endpoints/api/v1/stripe-webhooks.test.ts:358](https://github.com/stack-auth/stack-auth/pull/900#discussion_r2356623721)
| The field `priceId` uses camelCase instead of the required snake_case
for API parameters |
[
|
<details>
<summary>✅ Files analyzed, no issues (4)</summary>
• `apps/backend/src/lib/stripe.tsx`
•
`apps/backend/src/app/api/latest/payments/purchases/purchase-session/route.tsx`
•
`apps/backend/src/app/api/latest/integrations/stripe/webhooks/route.tsx`
•
`apps/backend/src/app/api/latest/internal/payments/test-mode-purchase-session/route.tsx`
</details>
<details>
<summary>⏭️ Files skipped (trigger manually) (2)</summary>
| Locations | Trigger Analysis |
|-----------|:------------------:|
`apps/backend/prisma/migrations/20250917193043_store_price_id/migration.sql`
|
[
`apps/backend/prisma/schema.prisma` |
[
</details>
[](https://discord.gg/n3SsVDAW6U)
<!-- RECURSEML_ANALYSIS:END -->
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
- New Features
- Persist the selected price ID with one-time purchases and
subscriptions.
- Carry the price ID through payment flows and Stripe metadata for
better tracking and reporting.
- Test mode purchases now also record the price ID.
- Chores
- Database migration adds a price ID field to purchase and subscription
records.
- Tests
- Updated end-to-end tests to validate price ID handling in webhook and
purchase flows.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
<!--
Make sure you've read the CONTRIBUTING.md guidelines:
https://github.com/stack-auth/stack-auth/blob/dev/CONTRIBUTING.md
-->
<!-- ELLIPSIS_HIDDEN -->
----
> [!IMPORTANT]
> Implement batch email rendering and sending with enhanced processing
and error handling.
>
> - **Behavior**:
> - Implement batch email rendering and sending in `route.tsx` using
`renderEmailsWithTemplateBatched()` and `sendEmailResendBatched()`.
> - Add per-recipient notification category resolution and unsubscribe
link generation.
> - Support templates from IDs, raw HTML, or drafts with dynamic theme
handling.
> - Enhanced result reporting, including users without primary emails.
> - **Functions**:
> - Add `renderEmailsWithTemplateBatched()` in `email-rendering.tsx` for
batch email rendering.
> - Add `sendEmailResendBatched()` in `emails.tsx` for batch email
sending.
> - Add `getChunks()` in `arrays.tsx` to split arrays into chunks.
> - **Tests**:
> - Add timed waits in `send-email.test.ts` and
`unsubscribe-link.test.ts` to stabilize email delivery checks.
> - **Dependencies**:
> - Add `@react-email/render` and `resend` to `package.json` for email
rendering and sending.
>
> <sup>This description was created by </sup>[<img alt="Ellipsis"
src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup>
for ff1dea6c31. You can
[customize](https://app.ellipsis.dev/stack-auth/settings/summaries) this
summary. It will automatically update as commits are pushed.</sup>
----
<!-- ELLIPSIS_HIDDEN -->
<!-- RECURSEML_SUMMARY:START -->
## Review by RecurseML
_🔍 Review performed on
[3c34140..1267879](3c34140aba...1267879cfd)_
| Severity | Location | Issue |
|----------|----------|-------|
|  |
[apps/e2e/tests/backend/endpoints/api/v1/send-email.test.ts:593](https://github.com/stack-auth/stack-auth/pull/875#discussion_r2317293698)
| Asynchronous wait function not wrapped with runAsynchronously |
|  |
[apps/e2e/tests/backend/endpoints/api/v1/send-email.test.ts:743](https://github.com/stack-auth/stack-auth/pull/875#discussion_r2317293796)
| Asynchronous wait function not wrapped with runAsynchronously |
<details>
<summary>✅ Files analyzed, no issues (4)</summary>
• `apps/backend/src/app/api/latest/emails/send-email/route.tsx`
• `apps/backend/src/lib/email-rendering.tsx`
• `apps/backend/src/lib/emails.tsx`
• `packages/stack-shared/src/utils/arrays.tsx`
</details>
<details>
<summary>⏭️ Files skipped (low suspicion) (2)</summary>
• `apps/backend/package.json`
• `pnpm-lock.yaml`
</details>
[](https://discord.gg/n3SsVDAW6U)
<!-- RECURSEML_SUMMARY:END -->
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
- New Features
- Batch email rendering and sending to multiple recipients with
background processing.
- Per-recipient notification category resolution and unsubscribe link
generation.
- Support for templates from IDs, raw HTML, or drafts with dynamic theme
handling.
- Enhanced result reporting, including users without primary emails.
- Chores
- Added dependencies for email rendering and bulk sending.
- Tests
- Stabilized email delivery checks with timed waits across relevant e2e
tests.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
---------
Co-authored-by: Konsti Wohlwend <n2d4xc@gmail.com>
https://www.loom.com/share/11affd2a119549c18a4056ad5db34cb6?sid=c86dd093-b8ca-4600-afb1-dda78e40b6a5
<!--
Make sure you've read the CONTRIBUTING.md guidelines:
https://github.com/stack-auth/stack-auth/blob/dev/CONTRIBUTING.md
-->
<!-- ELLIPSIS_HIDDEN -->
----
> [!IMPORTANT]
> Adds support for 'resend' email provider, updating configurations,
schemas, and UI components to handle the new provider.
>
> - **Behavior**:
> - Adds support for 'resend' email provider in
`createOrUpdateProjectWithLegacyConfig()` in `projects.tsx`.
> - Updates `PageClient` in `page-client.tsx` to handle 'resend'
provider in email configuration.
> - Modifies `EditEmailServerDialog` to include 'resend' option and
handle its configuration.
> - **Schema**:
> - Updates `environmentConfigSchema` in `schema.ts` to include 'resend'
as a valid provider.
> - Modifies `AdminEmailConfig` type to include 'resend' in
`project-configs/index.ts`.
> - **UI**:
> - Updates `SendEmailDialog` and `TestSendingDialog` in
`page-client.tsx` to handle 'resend' provider.
> - Adjusts form fields in `EditEmailServerDialog` to support 'resend'
specific fields like API Key.
>
> <sup>This description was created by </sup>[<img alt="Ellipsis"
src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup>
for 615fd72518. You can
[customize](https://app.ellipsis.dev/stack-auth/settings/summaries) this
summary. It will automatically update as commits are pushed.</sup>
<!-- ELLIPSIS_HIDDEN -->
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
- New Features
- Added support for Resend email provider alongside Shared and Custom
SMTP.
- Introduced an in-app test to verify email settings before saving.
- New Shared Email Server dialog with guidance and warnings.
- Improvements
- Streamlined email configuration with a type dropdown and conditional
fields.
- Clearer defaults and display text, including noreply@stackframe.co for
Shared setups.
- Enhanced validation tailored to each email mode.
- Chores
- Updated configuration schema to include a provider field for email
servers.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
---------
Co-authored-by: Konsti Wohlwend <n2d4xc@gmail.com>
https://www.loom.com/share/cc379c5372244a169f3ae1d2cc91eae5?sid=ec5bc438-56d8-4cca-9bbc-6cf6c6d313ad
<!-- ELLIPSIS_HIDDEN -->
----
> [!IMPORTANT]
> Introduce email draft functionality with AI assistance, including
creation, editing, and sending capabilities, and update APIs and UI
components accordingly.
>
> - **Features**:
> - Add email draft functionality: create, list, edit, preview, and send
drafts.
> - Integrate AI-assisted draft generation with `emailDraftAdapter` in
`email-draft-adapter.ts`.
> - Update `send-email` and `render-email` APIs to support drafts.
> - **Backend**:
> - Add `EmailDraft` model in `schema.prisma`.
> - Implement draft CRUD operations in `email-drafts/route.tsx` and
`email-drafts/[id]/route.tsx`.
> - Update `render-email/route.tsx` and `send-email/route.tsx` to handle
draft inputs.
> - **Frontend**:
> - Add email draft UI in `email-drafts/page-client.tsx` and
`email-drafts/[draftId]/page-client.tsx`.
> - Implement theme selection with `EmailThemeSelector` in
`email-theme-selector.tsx`.
> - Update sidebar navigation in `sidebar-layout.tsx` to include drafts.
> - **Tests**:
> - Add E2E tests for draft lifecycle and sending in
`email-drafts.test.ts` and `send-email.test.ts`.
> - **Misc**:
> - Update `admin-interface.ts` and `server-interface.ts` to support
draft operations.
> - Add `XOR` type utility in `types.tsx` for exclusive option handling.
>
> <sup>This description was created by </sup>[<img alt="Ellipsis"
src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup>
for c7ebb00ac5. You can
[customize](https://app.ellipsis.dev/stack-auth/settings/summaries) this
summary. It will automatically update as commits are pushed.</sup>
----
<!-- ELLIPSIS_HIDDEN -->
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Email Drafts: create, list, edit, preview, theme-select, AI-assisted
draft generation, send (marks draft as sent) and dashboard UI for
drafting + recipient selection.
* **Improvements**
* Send/render APIs accept html, template, or draft inputs and an
all-users option; per-recipient delivery/reporting, unified theme
selector, expanded chat context for drafts, clearer schema validation
errors, breadcrumb updates.
* **Tests**
* E2E coverage for draft lifecycle, draft-based send, all-users flow,
and updated schema-validation snapshots.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
---------
Co-authored-by: Konsti Wohlwend <n2d4xc@gmail.com>
<!--
Make sure you've read the CONTRIBUTING.md guidelines:
https://github.com/stack-auth/stack-auth/blob/dev/CONTRIBUTING.md
-->
<!-- ELLIPSIS_HIDDEN -->
----
> [!IMPORTANT]
> Add OAuth provider client and dashboard with UI components, server and
client interface updates, schema enhancements, and new tests.
>
> - **New Features**:
> - Add UI components in `page-client.tsx` for viewing, adding, editing,
toggling, and removing OAuth providers.
> - Implement `OAuthProviderDialog` and `OAuthProvidersSection` for
managing OAuth providers.
> - **Server and Client Interfaces**:
> - Update `StackServerInterface` and `StackClientInterface` to include
CRUD operations for OAuth providers.
> - Add `createServerOAuthProvider`, `listServerOAuthProviders`,
`updateServerOAuthProvider`, and `deleteServerOAuthProvider` methods.
> - **Schema and Types**:
> - Add `provider_config_id` to OAuth provider schemas in
`oauth-providers.ts` and `schema-fields.ts`.
> - Define `OAuthProvider` and `ServerOAuthProvider` types in
`users/index.ts`.
> - **Tests**:
> - Add `oauth-providers.test.ts` for client-side OAuth provider
functionality.
> - Update existing tests to include `provider_config_id` assertions.
> - **Miscellaneous**:
> - Update `server-app-impl.ts` and `client-app-impl.ts` to handle OAuth
provider operations.
> - Enhance error handling for account-ID conflicts in OAuth provider
operations.
>
> <sup>This description was created by </sup>[<img alt="Ellipsis"
src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup>
for cd0ceb8ccb. You can
[customize](https://app.ellipsis.dev/stack-auth/settings/summaries) this
summary. It will automatically update as commits are pushed.</sup>
----
<!-- ELLIPSIS_HIDDEN -->
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* User UI to view, add, edit, toggle, and remove OAuth providers; client
& server APIs, hooks, and caching to manage providers.
* **Improvements**
* OAuth provider responses now include a provider_config_id field for
clearer provider identification.
* Better client/server APIs for managing providers and improved
user-facing error handling for account-ID conflicts.
* **Bug Fixes**
* Tests updated to assert presence of provider_config_id.
* **Documentation**
* Added types/interfaces for OAuth provider entities and user methods.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
---------
Co-authored-by: Konsti Wohlwend <n2d4xc@gmail.com>
Takes `stripeAccountId` out of the schema, adds a new endpoint for
getting a user's account ifo, and adds a new notification banner for
un-onboarded accounts.
<img width="1203" height="524" alt="Screenshot 2025-08-25 at 16 40 18"
src="https://github.com/user-attachments/assets/a2b0626d-dc86-4090-b221-0969ec34f124"
/>
<!-- ELLIPSIS_HIDDEN -->
----
> [!IMPORTANT]
> Enhances payments UX with new UI components, refactors, and expanded
tests, while introducing breaking changes and improved error handling.
>
> - **Behavior**:
> - Removes `stripeAccountId` from schema and adds new endpoint in
`route.ts` for user account info.
> - Adds notification banner for un-onboarded accounts in `layout.tsx`.
> - Updates `createCheckoutUrl` to expect options object.
> - **UI Componets**:
> - Adds `CreateGroupDialog`, `IncludedItemDialog`, `ItemDialog`,
`OfferDialog`, `PriceDialog`, and `ListSection` in `payments` directory.
> - Implements `Stepper` component in `stepper.tsx` for multi-step
processes.
> - Adds `IllustratedInfo` component in `illustrated-info.tsx`.
> - **Refactor**:
> - Refactors `use-hover.tsx` to improve hover detection.
> - Updates `admin-interface.ts` to handle known errors more robustly.
> - Removes feature gating from Payments and Offers pages.
> - **Tests**:
> - Expands E2E and unit tests in `internal-metrics.test.ts` to cover
new payment flows and error handling.
> - **Misc**:
> - Updates `mapProperty` and `removeProperty` functions in `schema.ts`
for better property handling.
> - Adds `StripeAccountInfoNotFound` error in `known-errors.tsx`.
>
> <sup>This description was created by </sup>[<img alt="Ellipsis"
src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup>
for aed61b5857. You can
[customize](https://app.ellipsis.dev/stack-auth/settings/summaries) this
summary. It will automatically update as commits are pushed.</sup>
----
<!-- ELLIPSIS_HIDDEN -->
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Stripe onboarding UI, account-status display, and in-app setup flow.
* Quantity support across checkout, test-mode purchases, and purchase
flows.
* Payments dashboard revamp: Offers/Items management, groups, add‑ons,
price editor, included-item dialogs, visual connections, and welcome/DEV
modes.
* **Refactor**
* Stripe account stored per-project and resolved asynchronously;
subscription sync made more robust.
* Payments and Offers pages no longer feature-gated.
* **Breaking Changes**
* createCheckoutUrl now expects an options object ({ offerId }).
* **Tests**
* Expanded E2E and unit tests covering payments, onboarding, and
purchase flows.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
---------
Co-authored-by: Bilal Godil <bg2002@gmail.com>
<!--
Make sure you've read the CONTRIBUTING.md guidelines:
https://github.com/stack-auth/stack-auth/blob/dev/CONTRIBUTING.md
-->
<!-- ELLIPSIS_HIDDEN -->
----
> [!IMPORTANT]
> Enhances payments system with stackable items, Stripe account
management, and improved purchase flow, including schema updates and new
tests.
>
> - **Behavior**:
> - Adds quantity support for stackable offers in
`apps/backend/src/lib/payments.tsx` and
`apps/backend/src/app/api/latest/payments/purchases/purchase-session/route.tsx`.
> - Introduces Stripe account info viewing and onboarding in
`apps/backend/src/app/api/latest/internal/payments/stripe/account-info/route.ts`.
> - Implements "Include by default" pricing and "Plans" group in
`apps/backend/prisma/seed.ts`.
> - **Schema Changes**:
> - Adds `quantity` and `offerId` columns to `Subscription` table in
`apps/backend/prisma/migrations/20250821212828_subscription_quantity/migration.sql`
and
`apps/backend/prisma/migrations/20250822203223_subscription_offer_id/migration.sql`.
> - Adds `stripeAccountId` column to `Project` table in
`apps/backend/prisma/migrations/20250825221947_stripe_account_id/migration.sql`.
> - **Improvements**:
> - Enhances purchase flow to return Stripe `client_secret` and handle
subscription upgrades/downgrades in
`apps/backend/src/app/api/latest/payments/purchases/purchase-session/route.tsx`.
> - Updates item management with new actions and protections in
`apps/backend/src/app/api/latest/payments/items/[customer_type]/[customer_id]/[item_id]/update-quantity/route.ts`.
> - Tightens validation for customer type and offer conflicts in
`apps/backend/src/app/api/latest/payments/purchases/validate-code/route.ts`.
> - **Testing**:
> - Adds extensive tests for new payment features in
`apps/e2e/tests/backend/endpoints/api/v1/internal/payments/setup.test.ts`
and
`apps/e2e/tests/backend/endpoints/api/v1/payments/purchase-session.test.ts`.
> - **Misc**:
> - Removes unused `stripeAccountId` and `stripeAccountSetupComplete`
from `branchPaymentsSchema` in
`packages/stack-shared/src/config/schema.ts`.
> - Refactors currency constants into `currency-constants.tsx` in
`packages/stack-shared/src/utils`.
>
> <sup>This description was created by </sup>[<img alt="Ellipsis"
src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup>
for 264563541d. You can
[customize](https://app.ellipsis.dev/stack-auth/settings/summaries) this
summary. It will automatically update as commits are pushed.</sup>
----
<!-- ELLIPSIS_HIDDEN -->
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
- **New Features**
- Quantity support for stackable offers across checkout, test purchases,
and admin flows.
- View Stripe account info and interactive payments onboarding per
project.
- "Include-by-default" pricing and new "Plans" group (Free, Extra
Admins).
- **Improvements**
- Purchase flow returns Stripe client_secret and handles group-based
subscription upgrades/downgrades.
- Item management: Update Customer Quantity action, edit/delete
protections, and read-only form mode.
- Validation surfaces offer conflicts (already_bought_non_stackable,
conflicting_group_offers).
- **Changes**
- Default item quantities now start at 0 unless explicitly granted.
- Stripe account linkage is stored per project.
- **Tests**
- Expanded tests for quantities, stackable behavior, and group
transition scenarios.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
---------
Co-authored-by: Konstantin Wohlwend <n2d4xc@gmail.com>
<!--
Make sure you've read the CONTRIBUTING.md guidelines:
https://github.com/stack-auth/stack-auth/blob/dev/CONTRIBUTING.md
-->
<!-- ELLIPSIS_HIDDEN -->
----
> [!IMPORTANT]
> Introduces 'custom' customer type support across API, models, and
tests, updating methods and validation schemas accordingly.
>
> - **New Features**:
> - Added 'custom' customer type support in `schema.prisma`,
`payments.tsx`, and `server-app-impl.ts`.
> - **API Changes**:
> - Updated API endpoints in `route.ts` files to include `customer_type`
parameter.
> - Modified `createPurchaseUrl` and `updateItemQuantity` methods to
handle 'custom' type.
> - **Models**:
> - Added 'CUSTOM' to `CustomerType` enum in `schema.prisma`.
> - Changed `customerId` type to `TEXT` in `Subscription` and
`ItemQuantityChange` models.
> - **Validation**:
> - Updated `customerTypeSchema` in `schema-fields.ts` to include
'custom'.
> - **Tests**:
> - Added and updated tests in `payments.test.ts` and `items.test.ts`
for 'custom' type scenarios.
> - **Misc**:
> - Removed `createPurchaseUrl` method from `admin-interface.ts`.
> - Updated `client-app-impl.ts` and `server-app-impl.ts` to support
'custom' type in item-related methods.
>
> <sup>This description was created by </sup>[<img alt="Ellipsis"
src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup>
for 509762d716. You can
[customize](https://app.ellipsis.dev/stack-auth/settings/summaries) this
summary. It will automatically update as commits are pushed.</sup>
----
<!-- ELLIPSIS_HIDDEN -->
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Added universal "custom" customer type; test-mode purchase flow for
admins.
* **API Changes**
* Routes and payloads now include customer_type and accept non‑UUID
customer identifiers; validation and error responses updated.
* **Breaking Changes**
* SDK/Admin interfaces updated (new payload shapes, removed
createPurchaseUrl, added testModePurchase); item quantity routes now
include customer_type.
* **Dashboard/UI**
* New Offers and Items pages, dialogs, and ConnectPayments integration;
customerType options include "custom".
* **Tests**
* E2E and unit tests updated/added for custom and test‑mode flows.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
---------
Co-authored-by: Konsti Wohlwend <n2d4xc@gmail.com>
<img width="1920" height="968" alt="Screenshot 2025-08-12 at 10 44
41 AM"
src="https://github.com/user-attachments/assets/3fb59810-45d8-46e1-9cfd-5a1a34936887"
/>
<!--
ELLIPSIS_HIDDEN -->
> [!IMPORTANT]
> Introduces team-based project ownership, refactoring existing
user-based model, and updates UI, backend, and tests to support this
feature.
>
> - **Behavior**:
> - Introduced team-based ownership for projects, replacing user-based
ownership.
> - Updated project creation, transfer, and deletion flows to use team
ownership.
> - Added team selection UI during project creation in the dashboard.
> - Projects now display owning team's name and include "owner team"
field in API responses.
> - **Refactor**:
> - Enhanced backend and schema for team-based project management.
> - Removed legacy user metadata updates related to project ownership.
> - Modified project listing and management to rely on team
associations.
> - Streamlined failed emails digest and contact channel queries to
resolve contacts via team membership.
> - **Tests**:
> - Updated tests to validate team ownership and project-user
association handling.
> - Adjusted test snapshots and assertions for non-null selected team
data.
> - Improved test flows for authentication and project deletion with
team context.
> - **Chores**:
> - Minor improvements to logging and code clarity.
>
> <sup>This description was created by </sup>[<img alt="Ellipsis"
src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup>
for e457b13b69. You can
[customize](https://app.ellipsis.dev/stack-auth/settings/summaries) this
summary. It will automatically update as commits are pushed.</sup>
----
<!-- ELLIPSIS_HIDDEN -->
> [!IMPORTANT]
> Introduces team-based project ownership, refactoring existing
user-based model, and updates UI, backend, and tests to support this
feature.
>
> - **Behavior**:
> - Introduced team-based project ownership, replacing user-based
ownership.
> - Updated project creation, transfer, and deletion flows to use team
ownership.
> - Added team selection UI during project creation in the dashboard.
> - Projects now display owning team's name and include "owner team"
field in API responses.
> - **Refactor**:
> - Enhanced backend and schema for team-based project management.
> - Removed legacy user metadata updates related to project ownership.
> - Modified project listing and management to rely on team
associations.
> - Streamlined failed emails digest and contact channel queries to
resolve contacts via team membership.
> - **Tests**:
> - Updated tests to validate team ownership and project-user
association handling.
> - Adjusted test snapshots and assertions for non-null selected team
data.
> - Improved test flows for authentication and project deletion with
team context.
> - **Chores**:
> - Minor improvements to logging and code clarity.
>
> <sup>This description was created by </sup>[<img alt="Ellipsis"
src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup>
for 0f6f12b5dc. You can
[customize](https://app.ellipsis.dev/stack-auth/settings/summaries) this
summary. It will automatically update as commits are pushed.</sup>
----
<!-- ELLIPSIS_HIDDEN -->
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Team-based project ownership: teams can own projects; UI to pick a
team when creating projects; dashboard groups projects by team;
TeamSwitcher component added.
* **Improvements**
* API and responses now include owner_team_id and populated
selected_team/selected_team_id; provisioning and transfer flows assign
teams for ownership; seeds create internal/emulator owner teams.
* **Tests**
* E2E and backend tests updated to reflect team ownership and enriched
team fields.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
---------
Co-authored-by: Konsti Wohlwend <n2d4xc@gmail.com>
<!--
Make sure you've read the CONTRIBUTING.md guidelines:
https://github.com/stack-auth/stack-auth/blob/dev/CONTRIBUTING.md
-->
<!-- ELLIPSIS_HIDDEN -->
----
> [!IMPORTANT]
> Add support for uploading and managing project logos with image
compression and validation in project settings.
>
> - **Behavior**:
> - Added support for uploading and managing project logos (`logoUrl`,
`fullLogoUrl`) in `Project` model.
> - New `LogoUpload` component in `logo-upload.tsx` for image upload
with compression and validation.
> - Projects display and store logo URLs for branding.
> - **Database**:
> - Added `logoUrl` and `fullLogoUrl` columns to `Project` table in
`migration.sql`.
> - Updated `schema.prisma` to include new fields in `Project` model.
> - **Backend**:
> - Updated `createOrUpdateProjectWithLegacyConfig()` in `projects.tsx`
to handle logo uploads.
> - Increased max image upload size to 1 MB in `images.tsx` and
`s3.tsx`.
> - Added `browser-image-compression` dependency in `package.json`.
> - **Frontend**:
> - Integrated `LogoUpload` component in `page-client.tsx` for project
settings.
> - Updated `AdminProject` type in `projects/index.ts` to include logo
URLs.
> - **Tests**:
> - Updated e2e tests in `projects.test.ts` and others to verify logo
upload functionality.
>
> <sup>This description was created by </sup>[<img alt="Ellipsis"
src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup>
for 1b0cdbf123. You can
[customize](https://app.ellipsis.dev/stack-auth/settings/summaries) this
summary. It will automatically update as commits are pushed.</sup>
----
<!-- ELLIPSIS_HIDDEN -->
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Added support for uploading and managing project logos, including both
square and full (with text) logos, in the project settings page.
* Introduced a new logo upload component with image compression, size
validation, and removal functionality.
* Projects now display and store logo URLs, allowing for enhanced
branding and customization.
* **Improvements**
* Increased maximum allowed image upload size to 1 MB for project logos.
* Added clear image size constraints and unified image validation across
the app.
* **Dependencies**
* Added "browser-image-compression" library to support client-side image
compression.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
---------
Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com>
Co-authored-by: Konsti Wohlwend <n2d4xc@gmail.com>
<!--
Make sure you've read the CONTRIBUTING.md guidelines:
https://github.com/stack-auth/stack-auth/blob/dev/CONTRIBUTING.md
-->
<!-- ELLIPSIS_HIDDEN -->
----
> [!IMPORTANT]
> Introduces Stack Companion with a right-side panel for docs, feature
requests, changelog, and support, along with a new feedback form and
improved feature request handling.
>
> - **New Features**:
> - Adds `StackCompanion` component for right-side panel with Docs,
Feature Requests, Changelog, and Support in `sidebar-layout.tsx` and
`stack-companion.tsx`.
> - Introduces `FeedbackForm` component in `feedback-form.tsx` with
success/error states and contact links.
> - **Feature Requests**:
> - Implements `GET`, `POST`, and `upvote` routes in `route.tsx` and
`[featureRequestId]/upvote/route.tsx` for feature requests with SSO and
upvote syncing.
> - Adds `FeatureRequestBoard` component in `feature-request-board.tsx`
for managing feature requests.
> - **Changelog**:
> - Adds `ChangelogWidget` component in `changelog-widget.tsx` to
display recent updates.
> - **Version Checking**:
> - Refactors version checking logic into `version-check.ts` and updates
`VersionAlerter` in `version-alerter.tsx`.
> - **Miscellaneous**:
> - Allows remote images from `featurebase-attachments.com` in
`next.config.mjs`.
> - Removes old `FeedbackDialog` and `docs/middleware.ts`.
>
> <sup>This description was created by </sup>[<img alt="Ellipsis"
src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup>
for 8baf5e1a0f. You can
[customize](https://app.ellipsis.dev/stack-auth/settings/summaries) this
summary. It will automatically update as commits are pushed.</sup>
----
<!-- ELLIPSIS_HIDDEN -->
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
- New Features
- Right-side Stack Companion panel: Docs, Feature Requests (browse,
submit, upvote), Changelog, and Support.
- In-app Feedback form with success/error states and contact links.
- Improvements
- Feature Requests: SSO integration and upvote syncing with backend.
- Changelog viewer: loads and formats recent entries.
- Remote images allowed from featurebase-attachments.com.
- Consolidated version-checking for streamlined alerts.
- Removals
- Old Feedback dialog and docs middleware removed.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
---------
Co-authored-by: GitButler <gitbutler@gitbutler.com>
Co-authored-by: Konsti Wohlwend <n2d4xc@gmail.com>
Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com>
<!--
Make sure you've read the CONTRIBUTING.md guidelines:
https://github.com/stack-auth/stack-auth/blob/dev/CONTRIBUTING.md
-->
<!-- ELLIPSIS_HIDDEN -->
----
> [!IMPORTANT]
> Introduce comprehensive payment and subscription management with
Stripe integration, including new models, API endpoints, UI components,
and extensive tests.
>
> - **Features**:
> - Add Stripe integration for payments and subscriptions in
`apps/backend/src/lib/stripe.tsx` and
`apps/backend/src/app/api/latest/integrations/stripe/webhooks/route.tsx`.
> - Implement payment offers and items management in
`apps/backend/src/app/api/latest/payments`.
> - Add UI components for payment management in
`apps/dashboard/src/app/(main)/(protected)/projects/[projectId]/payments`.
> - **Models**:
> - Add `Subscription` model in `prisma/schema.prisma` and
`prisma/migrations/20250805195319_subscriptions/migration.sql`.
> - **Tests**:
> - Add end-to-end tests for payment APIs in
`apps/e2e/tests/backend/endpoints/api/v1/payments`.
> - **Configuration**:
> - Update environment variables in `.env.development` and
`docker.compose.yaml` for Stripe.
> - **Misc**:
> - Add new known errors related to payments in `known-errors.tsx`.
>
> <sup>This description was created by </sup>[<img alt="Ellipsis"
src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup>
for 972c24854f. You can
[customize](https://app.ellipsis.dev/stack-auth/settings/summaries) this
summary. It will automatically update as commits are pushed.</sup>
----
<!-- ELLIPSIS_HIDDEN -->
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Introduced comprehensive payments and subscriptions management with
Stripe integration.
* Added UI for managing payment offers, items, and purchase URLs in the
dashboard.
* Implemented Stripe onboarding, purchase sessions, and return flow
handling.
* Added Stripe Connect and Elements integration with theme-aware UI
components.
* **Bug Fixes**
* Enhanced validation and error handling for payments APIs and
customer/item type consistency.
* **Tests**
* Added extensive end-to-end and backend tests for payments and
purchase-related endpoints.
* **Chores**
* Updated environment variables and dependencies for Stripe support.
* Added Stripe mock service to development Docker Compose.
* **Documentation**
* Extended schemas and types for payment offers, prices, items, and
customer types.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
---------
Co-authored-by: Konstantin Wohlwend <n2d4xc@gmail.com>
Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>
Co-authored-by: Claude <noreply@anthropic.com>
<!--
Make sure you've read the CONTRIBUTING.md guidelines:
https://github.com/stack-auth/stack-auth/blob/dev/CONTRIBUTING.md
-->
<!-- ELLIPSIS_HIDDEN -->
----
> [!IMPORTANT]
> Enhances email sending API with template support, improved error
handling, and new interfaces, while adding comprehensive tests and
updating rendering logic.
>
> - **Behavior**:
> - Adds support for sending emails using templates with variables and
optional theming in `send-email/route.tsx`.
> - Introduces per-user notification category checks before sending
emails.
> - Adds optional unsubscribe link in email themes.
> - **Error Handling**:
> - Refines error handling in `send-email/route.tsx` for missing
content, non-existent user IDs, and shared email server configurations.
> - Uses `KnownErrors` for specific error cases.
> - **API Changes**:
> - Adds new interfaces and methods for email sending in
`server-interface.ts` and `admin-interface.ts`.
> - Removes deprecated email sending methods from admin interfaces.
> - **Testing**:
> - Adds e2e tests in `email.test.ts` for various email sending
scenarios, including HTML content, templates, and error cases.
> - **Misc**:
> - Updates email rendering logic in `email-rendering.tsx` to handle new
template and theme options.
> - Simplifies import statements and cleans up code structure across
multiple files.
>
> <sup>This description was created by </sup>[<img alt="Ellipsis"
src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup>
for 1d5a056699. You can
[customize](https://app.ellipsis.dev/stack-auth/settings/summaries) this
summary. It will automatically update as commits are pushed.</sup>
----
<!-- ELLIPSIS_HIDDEN -->
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Enhanced email sending to support both raw HTML and template-based
emails with variables and optional theming.
* Added per-user notification category checks before sending emails.
* Email themes now support an optional unsubscribe link in the footer.
* **Improvements**
* Updated email rendering to pass the unsubscribe link as a prop to
themes.
* Refined error handling for email sending.
* Improved flexibility of email sending options and result reporting.
* **API Changes**
* Introduced new interfaces and methods for sending emails on the server
side, including detailed result reporting.
* Removed deprecated admin-side email sending methods and interfaces.
* Added new types for email sending options and results.
* **Bug Fixes**
* Fixed navigation and property naming inconsistencies in dashboard
email template editing and sending flows.
* **Chores**
* Simplified import statements and cleaned up internal code structure.
* Updated Docker environment for freestyle mock service to use Bun
runtime and adjusted port mappings.
* **Tests**
* Added comprehensive tests covering email sending scenarios, including
error handling and multi-user support.
* Updated existing tests to reflect refined email subjects, template
rendering, and unsubscribe link features.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
---------
Co-authored-by: Konsti Wohlwend <n2d4xc@gmail.com>
<!--
Make sure you've read the CONTRIBUTING.md guidelines:
https://github.com/stack-auth/stack-auth/blob/dev/CONTRIBUTING.md
-->
<!-- ELLIPSIS_HIDDEN -->
----
> [!IMPORTANT]
> Add admin-only API endpoints and UI support for project configuration
overrides, with comprehensive tests and documentation updates.
>
> - **New Features**:
> - Added admin-only API endpoints for reading and updating project
configuration overrides in `config/crud.tsx` and
`config/override/crud.tsx`.
> - Admin app supports fetching, caching, and updating configuration
overrides with new React hooks in `admin-app-impl.ts`.
> - **Bug Fixes**:
> - Validation and error handling for OAuth providers, duplicate IDs,
and invalid config fields in `oauth-providers/crud.tsx`.
> - **Tests**:
> - Added end-to-end tests for configuration management and validation
errors in `config.test.ts` and `js/config.test.ts`.
> - **Documentation**:
> - Updated API documentation for new config override endpoints in
`config.ts`.
>
> <sup>This description was created by </sup>[<img alt="Ellipsis"
src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup>
for 3d20abc092. You can
[customize](https://app.ellipsis.dev/stack-auth/settings/summaries) this
summary. It will automatically update as commits are pushed.</sup>
----
<!-- ELLIPSIS_HIDDEN -->
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Added the ability for admins to view and update project configuration
overrides through new internal API endpoints.
* Extended the admin app to support fetching, updating, and caching
configuration overrides, including React hook support for real-time
config usage.
* Introduced new admin interface methods for retrieving and updating
configuration.
* **Bug Fixes**
* Improved validation and error handling for configuration updates,
including checks for duplicate or invalid OAuth provider entries and
non-existent configuration fields.
* **Tests**
* Added comprehensive end-to-end tests covering configuration retrieval,
updates, access control, OAuth provider management, and domain
management.
* **Documentation**
* Enhanced API documentation for configuration management endpoints and
operations.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
---------
Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com>
Co-authored-by: Konsti Wohlwend <n2d4xc@gmail.com>
<!--
Make sure you've read the CONTRIBUTING.md guidelines:
https://github.com/stack-auth/stack-auth/blob/dev/CONTRIBUTING.md
-->
<!-- ELLIPSIS_HIDDEN -->
----
> [!IMPORTANT]
> This PR adds default email templates and themes, updates schema and
components, and introduces a migration tool for email templates.
>
> - **Behavior**:
> - Adds default email templates and themes, including `Email
Verification`, `Password Reset`, `Magic Link/OTP`, `Team Invitation`,
and `Sign In Invitation`.
> - Updates `render-email` and `send-email` routes to use `themes` and
`templates` instead of `themeList` and `templateList`.
> - Introduces migration tool for email templates in `page-client.tsx`
and `page.tsx`.
> - **Schema**:
> - Updates `branchConfigSchema` and `organizationConfigDefaults` to use
`selectedThemeId`, `themes`, and `templates`.
> - Adds `templateThemeIdSchema` to `schema-fields.ts`.
> - **Components**:
> - Replaces `ThemePreview` with `EmailPreview` in various components.
> - Adds `ResizableContainer` for email preview resizing.
> - **Tests**:
> - Updates e2e tests for email themes and templates to reflect new
schema and behavior.
> - **Misc**:
> - Renames `themeList` to `themes` and `templateList` to `templates` in
multiple files.
> - Adds new email template metadata in `utils.tsx`.
>
> <sup>This description was created by </sup>[<img alt="Ellipsis"
src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup>
for 49554ca03d. You can
[customize](https://app.ellipsis.dev/stack-auth/settings/summaries) this
summary. It will automatically update as commits are pushed.</sup>
<!-- ELLIPSIS_HIDDEN -->
https://www.loom.com/share/950f16dbbda0481ba1dea0cf593f347e?sid=51ed6cc3-5f48-4145-9a65-a6a80a45cab0
<!--
Make sure you've read the CONTRIBUTING.md guidelines:
https://github.com/stack-auth/stack-auth/blob/dev/CONTRIBUTING.md
-->
<!-- ELLIPSIS_HIDDEN -->
----
> [!IMPORTANT]
> Refactor email rendering and theme management using TypeScript and
esbuild, updating backend routes, frontend components, and tests.
>
> - **Backend Changes**:
> - Updated `render-email` route in `route.tsx` to handle
`theme_tsx_source` and `template_tsx_source`.
> - Modified `email-templates` and `email-themes` routes to use new
theme and template handling logic.
> - Updated `email-template-adapter.ts` to use
`renderEmailWithTemplate`.
> - Enhanced `renderEmailWithTemplate` in `email-themes.tsx` to use
esbuild for bundling.
> - **Frontend Changes**:
> - Updated `page-client.tsx` in email templates and themes to use
`ThemePreview` with `tsxSource`.
> - Modified `CodeEditor` in `code-editor.tsx` to support TypeScript and
JSX with esbuild.
> - Added `use-debounce` to `package.json` for debouncing input changes.
> - **Testing**:
> - Added tests in `email-themes.test.ts` and `render-email.test.ts` to
cover new email rendering logic.
> - Updated `unsubscribe-link.test.ts` to verify unsubscribe
functionality with new email rendering.
> - **Miscellaneous**:
> - Updated `helpers/emails.ts` to export `LightEmailTheme` and
`DarkEmailTheme` as functions.
> - Adjusted `admin-interface.ts` and `admin-app-impl.ts` to support new
email theme and template operations.
>
> <sup>This description was created by </sup>[<img alt="Ellipsis"
src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup>
for 891ff8ebf7. You can
[customize](https://app.ellipsis.dev/stack-auth/settings/summaries) this
summary. It will automatically update as commits are pushed.</sup>
<!-- ELLIPSIS_HIDDEN -->
---------
Co-authored-by: Konsti Wohlwend <n2d4xc@gmail.com>
<!--
Make sure you've read the CONTRIBUTING.md guidelines:
https://github.com/stack-auth/stack-auth/blob/dev/CONTRIBUTING.md
-->
<!-- ELLIPSIS_HIDDEN -->
----
> [!IMPORTANT]
> Fixes unknown theme error by adding fallback to default theme and
updates theme display names.
>
> - **Behavior**:
> - In `route.tsx`, added fallback to `DEFAULT_EMAIL_THEME_ID` if
current theme is unknown.
> - Updates active theme in `tenancy.completeConfig.emails` if unknown.
> - **Display Name Updates**:
> - Changed `displayName` from `default-light` to `Default Light` and
`default-dark` to `Default Dark` in `emails.ts` and `schema-fields.ts`.
> - **Tests**:
> - Updated test cases in `email-themes.test.ts` to reflect new display
names.
>
> <sup>This description was created by </sup>[<img alt="Ellipsis"
src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup>
for 8d2b9f75e2. You can
[customize](https://app.ellipsis.dev/stack-auth/settings/summaries) this
summary. It will automatically update as commits are pushed.</sup>
<!-- ELLIPSIS_HIDDEN -->
---------
Co-authored-by: Konsti Wohlwend <n2d4xc@gmail.com>
<!-- ELLIPSIS_HIDDEN -->
> [!IMPORTANT]
> Add Twitch as a new OAuth provider, updating backend logic and UI
components to support Twitch authentication.
>
> - **Behavior**:
> - Add `TwitchProvider` class in `providers/twitch.tsx` to handle OAuth
with Twitch, including user info post-processing.
> - Update `_providers` in `index.tsx` to include `TwitchProvider`.
> - Add `TWITCH` to `StandardOAuthProviderType` enum in `schema.prisma`.
> - **UI Components**:
> - Add Twitch icon and color in `brand-icons.tsx` and `BRAND_COLORS`.
> - Update `ProviderIcon`, `ProviderSettingDialog`, and `OAuthButton` to
support Twitch in `providers.tsx` and `oauth-button.tsx`.
> - **Misc**:
> - Add `twitch` to `standardProviders` in `oauth.tsx`.
>
> <sup>This description was created by </sup>[<img alt="Ellipsis"
src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup>
for 08c0de5762. You can
[customize](https://app.ellipsis.dev/stack-auth/settings/summaries) this
summary. It will automatically update as commits are pushed.</sup>
<!-- ELLIPSIS_HIDDEN -->
---------
Co-authored-by: Zai Shi <zaishi00@outlook.com>
> [!IMPORTANT]
> Add CRUD operations for OAuth providers, update schemas and error
handling, and include tests for new functionality.
>
> - **Behavior**:
> - Adds CRUD operations for OAuth providers in `client-interface.ts`
and `server-interface.ts`.
> - Introduces `oauthProviderCrud` in `oauth-providers.ts` for managing
OAuth provider data.
> - Updates `schema-fields.ts` to include new schemas for OAuth provider
attributes.
> - Adds error handling for OAuth provider operations in
`known-errors.tsx`.
> - **Schema**:
> - Defines `oauthProviderCrudClientUpdateSchema`,
`oauthProviderCrudServerUpdateSchema`, and
`oauthProviderCrudServerCreateSchema` in `oauth-providers.ts`.
> - Updates `projects.ts` to include `oauthProviderReadSchema` and
`oauthProviderWriteSchema`.
> - **Tests**:
> - Adds tests for OAuth provider CRUD operations in
`oauth-providers.test.ts`.
> - **Misc**:
> - Renames `oauth.ts` to `connected-accounts.ts` in `crud` directory.
> - Updates `projects.test.ts` to include `provider_config_id` in OAuth
provider configurations.
>
> <sup>This description was created by </sup>[<img alt="Ellipsis"
src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup>
for bca9bcf12b. You can
[customize](https://app.ellipsis.dev/stack-auth/settings/summaries) this
summary. It will automatically update as commits are pushed.</sup>
<!-- ELLIPSIS_HIDDEN -->
----
> [!IMPORTANT]
> Add CRUD operations for OAuth providers, update schemas, handle
errors, and include tests.
>
> - **Behavior**:
> - Adds CRUD operations for OAuth providers in `client-interface.ts`
and `server-interface.ts`.
> - Introduces `oauthProviderCrud` in `oauth-providers.ts` for managing
OAuth provider data.
> - Updates `schema-fields.ts` to include new schemas for OAuth provider
attributes.
> - Adds error handling for OAuth provider operations in
`known-errors.tsx`.
> - **Schema**:
> - Defines `oauthProviderCrudClientUpdateSchema`,
`oauthProviderCrudServerUpdateSchema`, and
`oauthProviderCrudServerCreateSchema` in `oauth-providers.ts`.
> - Updates `projects.ts` to include `oauthProviderReadSchema` and
`oauthProviderWriteSchema`.
> - **Tests**:
> - Adds tests for OAuth provider CRUD operations in
`oauth-providers.test.ts`.
> - **Misc**:
> - Renames `oauth.ts` to `connected-accounts.ts` in `crud` directory.
> - Updates `projects.test.ts` to include `provider_config_id` in OAuth
provider configurations.
>
> <sup>This description was created by </sup>[<img alt="Ellipsis"
src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup>
for aaa55f7d5c. You can
[customize](https://app.ellipsis.dev/stack-auth/settings/summaries) this
summary. It will automatically update as commits are pushed.</sup>
<!-- ELLIPSIS_HIDDEN -->
---------
Co-authored-by: Konsti Wohlwend <n2d4xc@gmail.com>
<img width="890" alt="image"
src="https://github.com/user-attachments/assets/1e317987-0a09-4f7c-850a-ac2bddec9390"
/>
<!--
Make sure you've read the CONTRIBUTING.md guidelines:
https://github.com/stack-auth/stack-auth/blob/dev/CONTRIBUTING.md
-->
<!-- ELLIPSIS_HIDDEN -->
----
> [!IMPORTANT]
> Add functionality to send sign-in invitation emails, including backend
API, frontend UI, and email template support.
>
> - **Backend**:
> - Add `SIGN_IN_INVITATION` to `EmailTemplateType` in `schema.prisma`
and `migration.sql`.
> - New API route `send-sign-in-invitation/route.tsx` to handle sending
sign-in invitation emails.
> - Implement `sendSignInInvitationEmail()` in `admin-interface.ts`.
> - **Frontend**:
> - Update `page-client.tsx` to include sign-in invitation template
management.
> - Add `SendSignInInvitationDialog` in `page-client.tsx` for sending
invitations.
> - Modify `user-table.tsx` to include sign-in invitation actions.
> - **Email Templates**:
> - Add `sign-in-invitation.tsx` template.
> - Update `utils.tsx` to include metadata for sign-in invitation
emails.
>
> <sup>This description was created by </sup>[<img alt="Ellipsis"
src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup>
for c69530229f. You can
[customize](https://app.ellipsis.dev/stack-auth/settings/summaries) this
summary. It will automatically update as commits are pushed.</sup>
<!-- ELLIPSIS_HIDDEN -->
---------
Co-authored-by: Konsti Wohlwend <n2d4xc@gmail.com>
<!--
Make sure you've read the CONTRIBUTING.md guidelines:
https://github.com/stack-auth/stack-auth/blob/dev/CONTRIBUTING.md
-->
<!-- ELLIPSIS_HIDDEN -->
----
> [!IMPORTANT]
> This pull request adds support for custom integrations alongside Neon,
including environment updates, database schema changes, new API
endpoints, and comprehensive tests.
>
> - **Environment**:
> - Renamed `STACK_NEON_INTEGRATION_CLIENTS_CONFIG` to
`STACK_INTEGRATION_CLIENTS_CONFIG` in `.env.development`.
> - Added `custom-local` client configuration to
`STACK_INTEGRATION_CLIENTS_CONFIG`.
> - **Database**:
> - Renamed `NeonProvisionedProject` table to `ProvisionedProject` and
updated related constraints and columns in `migration.sql`.
> - Updated `schema.prisma` to reflect table and column renames.
> - **API Endpoints**:
> - Added CRUD operations for custom domains in `domains/`.
> - Implemented OAuth authorization and token exchange for custom
integrations in `oauth/`.
> - Added project provisioning and transfer endpoints for custom
integrations in `projects/`.
> - **IDP**:
> - Updated `createOidcProvider` to handle both Neon and custom
integrations in `idp.ts`.
> - **Tests**:
> - Added e2e tests for custom domain, OAuth, project provisioning, and
transfer in `e2e/tests/backend/endpoints/api/v1/integrations/custom/`.
> - Updated snapshot serializer to handle custom integration paths in
`snapshot-serializer.ts`.
>
> <sup>This description was created by </sup>[<img alt="Ellipsis"
src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup>
for 7da89c38eb. You can
[customize](https://app.ellipsis.dev/stack-auth/settings/summaries) this
summary. It will automatically update as commits are pushed.</sup>
<!-- ELLIPSIS_HIDDEN -->
---------
Co-authored-by: ellipsis-dev[bot] <65095814+ellipsis-dev[bot]@users.noreply.github.com>
Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com>
Co-authored-by: Konsti Wohlwend <n2d4xc@gmail.com>
<!--
Make sure you've read the CONTRIBUTING.md guidelines:
https://github.com/stack-auth/stack-auth/blob/dev/CONTRIBUTING.md
-->
<!-- ELLIPSIS_HIDDEN -->
----
> [!IMPORTANT]
> Update dependencies, add bundle analyzer, and enhance
`ProfileImageEditor` with `react-easy-crop`.
>
> - **Dependencies**:
> - Update `lucide-react` to `^0.508.0` in
`apps/dashboard/package.json`, `packages/stack-emails/package.json`, and
`packages/stack-ui/package.json`.
> - Replace `react-avatar-editor` with `react-easy-crop` in
`packages/react/package.json`, `packages/stack/package.json`, and
`packages/template/package-template.json`.
> - Add `@next/bundle-analyzer` to `examples/demo/package.json`.
> - **Build Configuration**:
> - Add bundle analyzer configuration to `examples/demo/next.config.js`.
> - Add `analyze` script to `examples/demo/package.json`.
> - **Component Changes**:
> - Replace `AvatarEditor` with `Cropper` in `ProfileImageEditor` in
`packages/template/src/components/profile-image-editor.tsx`.
> - Update `Calendar` component styles in
`packages/stack-ui/src/components/ui/calendar.tsx`.
> - **Utility Functions**:
> - Update `isBase32`, `isBase64`, and `isBase64Url` test cases in
`bytes.tsx` to handle specific edge cases.
>
> <sup>This description was created by </sup>[<img alt="Ellipsis"
src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup>
for ae4574dba0. You can
[customize](https://app.ellipsis.dev/stack-auth/settings/summaries) this
summary. It will automatically update as commits are pushed.</sup>
<!-- ELLIPSIS_HIDDEN -->
---------
Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com>
Co-authored-by: Konsti Wohlwend <n2d4xc@gmail.com>
<!--
Make sure you've read the CONTRIBUTING.md guidelines:
https://github.com/stack-auth/stack-auth/blob/dev/CONTRIBUTING.md
-->
<!-- ELLIPSIS_HIDDEN -->
----
> [!IMPORTANT]
> Fixes ESM import issue by adding a plugin for implicit `index.js` and
renames interface files for consistency.
>
> - **Behavior**:
> - Adds `fixImportExtensions` plugin in `configs/tsup/js-library.ts` to
handle ESM imports with implicit `index.js`.
> - **Renames**:
> - Renames `adminInterface.ts` to `admin-interface.ts` and updates
imports in `index.ts` and `admin-app-impl.ts`.
> - Renames `clientInterface.ts` to `client-interface.ts` and updates
imports in `server-interface.ts`.
> - Renames `serverInterface.ts` to `server-interface.ts` and updates
imports in `adminInterface.ts`.
>
> <sup>This description was created by </sup>[<img alt="Ellipsis"
src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup>
for 1fcd668be4. You can
[customize](https://app.ellipsis.dev/stack-auth/settings/summaries) this
summary. It will automatically update as commits are pushed.</sup>
<!-- ELLIPSIS_HIDDEN -->
---------
Co-authored-by: ellipsis-dev[bot] <65095814+ellipsis-dev[bot]@users.noreply.github.com>
Co-authored-by: Konsti Wohlwend <n2d4xc@gmail.com>
<!--
Make sure you've read the CONTRIBUTING.md guidelines:
https://github.com/stack-auth/stack-auth/blob/dev/CONTRIBUTING.md
-->
<!-- ELLIPSIS_HIDDEN -->
----
> [!IMPORTANT]
> Fix Apple OAuth by updating response status codes and adding ngrok
compatibility.
>
> - **Behavior**:
> - Update `statusCode` in `route.tsx` to accept 303 in addition to 307
for OAuth responses.
> - Modify `oauthResponseToSmartResponse()` in `oauth-helpers.tsx` to
map 302 to 303.
> - Add `ngrok-skip-browser-warning` header in `middleware.tsx` and
`clientInterface.ts` for ngrok compatibility.
> - **Tests**:
> - Update expected status to 303 in `backend-helpers.ts` for OAuth
tests.
>
> <sup>This description was created by </sup>[<img alt="Ellipsis"
src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup>
for ae3ec66e96. You can
[customize](https://app.ellipsis.dev/stack-auth/settings/summaries) this
summary. It will automatically update as commits are pushed.</sup>
<!-- ELLIPSIS_HIDDEN -->
---------
Co-authored-by: Konsti Wohlwend <n2d4xc@gmail.com>
<!--
Make sure you've read the CONTRIBUTING.md guidelines:
https://github.com/stack-auth/stack-auth/blob/dev/CONTRIBUTING.md
-->
<!-- ELLIPSIS_HIDDEN -->
----
> [!IMPORTANT]
> Enable Docker build by removing fail step and switch from `bcrypt` to
`bcryptjs` for password hashing.
>
> - **Docker Workflow**:
> - Removed temporary fail step in
`.github/workflows/docker-server-build.yaml` to enable Docker build
process.
> - **Dependencies**:
> - Replaced `bcrypt` with `bcryptjs` in `package.json` and `hashes.tsx`
for password hashing.
> - Updated `@types/bcrypt` to `@types/bcryptjs` in `package.json`.
> - **Documentation**:
> - Added `docker/README.md` with instructions for building and running
Docker containers for server and emulator.
>
> <sup>This description was created by </sup>[<img alt="Ellipsis"
src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup>
for c7a3ed9f11. You can
[customize](https://app.ellipsis.dev/stack-auth/settings/summaries) this
summary. It will automatically update as commits are pushed.</sup>
<!-- ELLIPSIS_HIDDEN -->
### Issues
<img width="937" alt="Screenshot 2568-04-18 at 00 45 30"
src="https://github.com/user-attachments/assets/6a94ceb6-d83f-489d-8ee5-26cbf7a7d287"
/>
<img width="937" alt="Screenshot 2568-04-18 at 00 46 40"
src="https://github.com/user-attachments/assets/0b12a962-f8c9-4009-bed6-62ae16778ee7"
/>
<!--
Make sure you've read the CONTRIBUTING.md guidelines:
https://github.com/stack-auth/stack-auth/blob/dev/CONTRIBUTING.md
-->
<!-- ELLIPSIS_HIDDEN -->
----
> [!IMPORTANT]
> Add methods for handling project permissions and update existing
methods to support both team and project permissions.
>
> - **Behavior**:
> - Add `grantProjectPermission` and `revokeProjectPermission` methods
to `StackServerInterface` for handling project permissions.
> - Update `grantPermission` and `revokePermission` methods in
`_StackServerAppImplIncomplete` to handle both team and project
permissions.
> - **Methods**:
> - Add `grantServerProjectPermission()` and
`revokeServerProjectPermission()` in `serverInterface.ts`.
> - Modify `grantPermission()` and `revokePermission()` in
`server-app-impl.ts` to support project permissions.
> - **Misc**:
> - Update `operationIDs` in `index.ts` to include project permission
endpoints.
>
> <sup>This description was created by </sup>[<img alt="Ellipsis"
src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup>
for c3f61d1b46. It will automatically
update as commits are pushed.</sup>
<!-- ELLIPSIS_HIDDEN -->
Init API Keys docs updates.
<!-- ELLIPSIS_HIDDEN -->
----
> [!IMPORTANT]
> Add documentation and API handlers for creating and managing user and
team API keys.
>
> - **API Handlers**:
> - Updated `createApiKeyHandlers` in `handlers.tsx` to include metadata
for API key creation and validation.
> - `create` and `check` handlers now have descriptions, summaries, and
tags for API keys.
> - **Documentation**:
> - Added `api-keys.mdx` to explain API key creation, management, and
usage for users and teams.
> - Updated `docs-template.yml` to include API Keys in the navigation.
> - Added `sdk/types/api-key.mdx` for detailed API key type definitions
and usage.
> - Updated `sdk/types/team.mdx` and `sdk/types/user.mdx` to include API
key functions for teams and users.
>
> <sup>This description was created by </sup>[<img alt="Ellipsis"
src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup>
for 369b06e7a4. You can
[customize](https://app.ellipsis.dev/stack-auth/settings/summaries) this
summary. It will automatically update as commits are pushed.</sup>
<!-- ELLIPSIS_HIDDEN -->
---------
Co-authored-by: Konsti Wohlwend <n2d4xc@gmail.com>
<!-- ELLIPSIS_HIDDEN -->
> [!IMPORTANT]
> Adds CLI authentication for NodeJS with new error handling and updates
dependencies.
>
> - **CLI Authentication**:
> - Adds `promptCliLogin()` method in `_StackClientAppImplIncomplete` to
handle CLI authentication, returning a refresh token or error.
> - Handles errors `CliAuthError`, `CliAuthExpiredError`, and
`CliAuthUsedError`.
> - **Error Handling**:
> - Adds `CliAuthError`, `CliAuthExpiredError`, and `CliAuthUsedError`
to `known-errors.tsx`.
> - **Dependencies**:
> - Adds `open` to `dependencies` in `package.json`.
>
> <sup>This description was created by </sup>[<img alt="Ellipsis"
src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup>
for 98b0ccd0d2. It will automatically
update as commits are pushed.</sup>
<!-- ELLIPSIS_HIDDEN -->
---------
Co-authored-by: Konsti Wohlwend <n2d4xc@gmail.com>
<!--
Make sure you've read the CONTRIBUTING.md guidelines:
https://github.com/stack-auth/stack-auth/blob/dev/CONTRIBUTING.md
-->
<!-- ELLIPSIS_HIDDEN -->
----
> [!IMPORTANT]
> Add API endpoint to revoke API keys found through credential scanning,
with email notifications and error handling.
>
> - **Behavior**:
> - Adds `POST` endpoint in `route.tsx` to revoke API keys found through
credential scanning.
> - Handles errors for non-existent, public, expired, and already
revoked API keys.
> - Sends email notifications to affected users or team members.
> - **Email**:
> - Adds `getSharedEmailConfig()` in `emails.tsx` for shared email
configuration.
> - **Testing**:
> - Adds tests in `revoke.test.ts` for user and team API key revocation,
including email notifications and error handling for non-existent and
already revoked keys.
> - **Errors**:
> - Adds `PublicApiKeyCannotBeRevoked` error in `known-errors.tsx`.
>
> <sup>This description was created by </sup>[<img alt="Ellipsis"
src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup>
for a67021bf47. It will automatically
update as commits are pushed.</sup>
<!-- ELLIPSIS_HIDDEN -->
---------
Co-authored-by: Konsti Wohlwend <n2d4xc@gmail.com>
- Added new config json schema and helper functions
- Separated the internal project and client project so we can later
change the internal project APIs without breaking backward compatibility
- Added database to config json and config json to project type so we
can test and compare the result in production
Co-authored-by: Konsti Wohlwend <n2d4xc@gmail.com>
<!--
Make sure you've read the CONTRIBUTING.md guidelines:
https://github.com/stack-auth/stack-auth/blob/dev/CONTRIBUTING.md
-->
<img width="1510" alt="image"
src="https://github.com/user-attachments/assets/99619123-6be5-4788-aebe-5fc2a9a36245"
/>
<img width="1510" alt="image"
src="https://github.com/user-attachments/assets/660677bf-f19a-4673-94c8-59ac50eb6ae5"
/>
<img width="1510" alt="image"
src="https://github.com/user-attachments/assets/11ae63c4-5813-4fd8-aa01-fa580d2103be"
/>
<!-- ELLIPSIS_HIDDEN -->
----
> [!IMPORTANT]
> Introduces API key management for users and teams, integrating with
existing project configurations and permissions, and adds comprehensive
tests and examples.
>
> - **API Key Management**:
> - Introduces `ProjectApiKey` model in `schema.prisma` for managing API
keys.
> - Adds `createApiKeyHandlers` in `handlers.tsx` to handle API key CRUD
operations.
> - Implements API key creation, revocation, and validation logic.
> - **Permissions and Configurations**:
> - Adds `allowUserApiKeys` and `allowTeamApiKeys` to `ProjectConfig` in
`schema.prisma`.
> - Updates `TeamSystemPermission` enum to include `MANAGE_API_KEYS`.
> - Ensures API key operations respect project configurations and
user/team permissions.
> - **Testing and Examples**:
> - Adds extensive tests in `api-keys.test.ts` to cover various API key
scenarios.
> - Updates example projects to demonstrate API key usage.
> - **Miscellaneous**:
> - Refactors existing code to integrate API key functionalities.
> - Updates documentation and type definitions to reflect new API key
features.
>
> <sup>This description was created by </sup>[<img alt="Ellipsis"
src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup>
for 96f60c57f0. It will automatically
update as commits are pushed.</sup>
<!-- ELLIPSIS_HIDDEN -->
---------
Co-authored-by: Konsti Wohlwend <n2d4xc@gmail.com>
<!-- ELLIPSIS_HIDDEN -->
> [!IMPORTANT]
> Enhance permission management by adding unique constraints, handling
duplicate ID errors, and updating frontend and backend logic with
comprehensive tests.
>
> - **Database**:
> - Add unique constraint on `Permission` table for `[tenancyId,
queryableId]` in `migration.sql`.
> - Update `schema.prisma` to reflect new unique constraints.
> - **Backend**:
> - Update `crud.tsx` files to handle `PERMISSION_ID_ALREADY_EXISTS`
error using `isErrorForNonUniquePermission()`.
> - Add `isPrismaUniqueConstraintViolation()` in `prisma-client.tsx` to
identify unique constraint violations.
> - Add `PermissionIdAlreadyExists` error in `known-errors.tsx`.
> - **Frontend**:
> - Update `page-client.tsx` and `permission-table.tsx` to check for
duplicate permission IDs before creation.
> - **Tests**:
> - Add tests in `project-permission-definitions.test.ts` and
`team-permission-definitions.test.ts` to verify duplicate ID handling.
> - Ensure permissions cannot be created with duplicate IDs across
project and team contexts.
>
> <sup>This description was created by </sup>[<img alt="Ellipsis"
src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup>
for b3ccd15bca. It will automatically
update as commits are pushed.</sup>
<!-- ELLIPSIS_HIDDEN -->
---------
Co-authored-by: Konsti Wohlwend <n2d4xc@gmail.com>
Co-authored-by: Zai Shi <zaishi00@outlook.com>
<!-- ELLIPSIS_HIDDEN -->
> [!IMPORTANT]
> Renamed user-related permissions to project-related permissions across
the codebase, affecting enums, schemas, APIs, models, and tests.
>
> - **Behavior**:
> - Renamed `USER` to `PROJECT` in `PermissionScope` enum in
`schema.prisma` and `migration.sql`.
> - Updated `isDefaultUserPermission` to `isDefaultProjectPermission` in
`schema.prisma` and `migration.sql`.
> - Removed `jwks.json/route.ts` file.
> - **API Changes**:
> - Renamed `user-permission-definitions` and `user-permissions`
endpoints to `project-permission-definitions` and `project-permissions`
in `route.tsx` files.
> - Updated CRUD handlers in `crud.tsx` files to reflect new naming.
> - **Models**:
> - Updated models in `permissions.tsx` to use `ProjectPermission` and
`AdminProjectPermission`.
> - Updated `KnownErrors` to use `ProjectPermissionRequired`.
> - **Tests**:
> - Renamed test files and updated test cases in
`e2e/tests/backend/endpoints/api/v1` to reflect new naming.
> - **Misc**:
> - Updated `admin-app-impl.ts`, `client-app-impl.ts`, and
`server-app-impl.ts` to use new project permission naming.
> - Updated `schema-fields.ts` to reflect new permission ID schema.
>
> <sup>This description was created by </sup>[<img alt="Ellipsis"
src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup>
for 08924f5241. It will automatically
update as commits are pushed.</sup>
<!-- ELLIPSIS_HIDDEN -->
---------
Co-authored-by: Konsti Wohlwend <n2d4xc@gmail.com>
<!-- ELLIPSIS_HIDDEN -->
> [!IMPORTANT]
> Adds user permissions management, including models, API endpoints, and
tests, alongside existing team permissions.
>
> - **Behavior**:
> - Adds user permissions alongside team permissions, allowing for
user-specific permission management.
> - Introduces `ProjectUserDirectPermission` model in `schema.prisma`
for direct user permissions.
> - Updates `PermissionScope` enum from `GLOBAL` to `USER`.
> - **API**:
> - Adds CRUD endpoints for user permissions in `user-permissions` and
`user-permission-definitions`.
> - Updates existing team permission endpoints to support user
permissions.
> - **Tests**:
> - Adds e2e tests for user permissions in `user-permissions.test.ts`
and `user-permission-definitions.test.ts`.
> - Updates existing tests to include user permissions where applicable.
> - **Misc**:
> - Updates `adminInterface.ts` and `server-app-impl.ts` to handle user
permissions.
> - Modifies `known-errors.tsx` to include `UserPermissionRequired`
error.
> - Adjusts `project-configs` and `projects` to include user default
permissions.
>
> <sup>This description was created by </sup>[<img alt="Ellipsis"
src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup>
for 8b73e668e2. It will automatically
update as commits are pushed.</sup>
<!-- ELLIPSIS_HIDDEN -->
<!--
Make sure you've read the CONTRIBUTING.md guidelines:
https://github.com/stack-auth/stack-auth/blob/dev/CONTRIBUTING.md
-->
<!-- ELLIPSIS_HIDDEN -->
----
> [!IMPORTANT]
> Adds `updatePassword` method to `StackServerInterface` and updates
`_StackServerAppImplIncomplete` to use it for password updates.
>
> - **Behavior**:
> - Adds `updatePassword` method to `StackServerInterface` in
`serverInterface.ts` to update user passwords via POST to
`/auth/password/update`.
> - Handles `PasswordConfirmationMismatch` and
`PasswordRequirementsNotMet` errors.
> - **Implementation**:
> - Updates `updatePassword` method in `_StackServerAppImplIncomplete`
in `server-app-impl.ts` to use `StackServerInterface.updatePassword`.
> - Requires `oldPassword` in `updatePassword` options.
>
> <sup>This description was created by </sup>[<img alt="Ellipsis"
src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup>
for 5dd07df3ee. It will automatically
update as commits are pushed.</sup>
<!-- ELLIPSIS_HIDDEN -->
<!-- ELLIPSIS_HIDDEN -->
> [!IMPORTANT]
> Enhance email configuration handling, add email listing endpoint and
tests, and update schemas for improved security and functionality.
>
> - **Email Configuration**:
> - Refactor `prismaModelToCrud` in `crud.tsx` to expand `sender_config`
into detailed fields.
> - Use `emailConfigWithoutPasswordSchema` in `emails.ts` for
`sender_config`.
> - **API Changes**:
> - Update `internalEmailsCrudHandlers` in `crud.tsx` to use
`auth.tenancy.id` for filtering emails and limit results to 100.
> - Add `route.tsx` to export `GET` handler for listing emails.
> - **Testing**:
> - Add `email.test.ts` to test email listing, project isolation, and
admin access restrictions.
> - Add `resetContext` function in `backend-helpers.ts` to reset test
context.
> - **Miscellaneous**:
> - Implement `emailConfigWithoutPasswordSchema` in `projects.ts` to
exclude password from email config.
> - Update `snapshot-serializer.ts` to strip `sent_at_millis` field.
>
> <sup>This description was created by </sup>[<img alt="Ellipsis"
src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup>
for 6721f4e13a. It will automatically
update as commits are pushed.</sup>
<!-- ELLIPSIS_HIDDEN -->
<!--
Make sure you've read the CONTRIBUTING.md guidelines:
https://github.com/stack-auth/stack-auth/blob/dev/CONTRIBUTING.md
-->
<!-- ELLIPSIS_HIDDEN -->
----
> [!IMPORTANT]
> Add webhooks for team permission creation and deletion, updating CRUD
operations and tests to support this functionality.
>
> - **Webhooks**:
> - Add `sendTeamPermissionCreatedWebhook` and
`sendTeamPermissionDeletedWebhook` in `webhooks.tsx`.
> - Trigger `sendTeamPermissionCreatedWebhook` on permission creation in
`team-memberships/crud.tsx` and `team-permissions/crud.tsx`.
> - Trigger `sendTeamPermissionDeletedWebhook` on permission deletion in
`team-permissions/crud.tsx`.
> - **CRUD Operations**:
> - Modify `addUserToTeam` in `team-memberships/crud.tsx` to return
permission IDs.
> - Update `onCreate` and `onDelete` handlers in
`team-permissions/crud.tsx` to handle webhooks.
> - **Tests**:
> - Add tests in `team-memberships.test.ts` and
`team-permissions.test.ts` to verify webhook triggers for permission
creation and deletion.
>
> <sup>This description was created by </sup>[<img alt="Ellipsis"
src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup>
for 5067753761. It will automatically
update as commits are pushed.</sup>
<!-- ELLIPSIS_HIDDEN -->
---------
Co-authored-by: Konsti Wohlwend <n2d4xc@gmail.com>
Add some buttons to user details page
<img width="1443" alt="image"
src="https://github.com/user-attachments/assets/1c8fa865-29bc-43e7-ab77-f8ef55f934a4"
/>
<!--
Make sure you've read the CONTRIBUTING.md guidelines:
https://github.com/stack-auth/stack-auth/blob/dev/CONTRIBUTING.md
-->
<!-- ELLIPSIS_HIDDEN -->
----
> [!IMPORTANT]
> Add impersonate and delete functionalities to user details page with
new dialogs and error handling.
>
> - **User Interface**:
> - Added `Impersonate` and `Delete` buttons to user details page in
`page-client.tsx`.
> - Introduced `DropdownMenu` for user actions in `page-client.tsx`.
> - **Dialogs**:
> - Moved `DeleteUserDialog` and `ImpersonateUserDialog` to
`user-dialogs.tsx`.
> - Updated `DeleteUserDialog` to redirect after deletion.
> - **Server Interface**:
> - Updated `getServerUserById()` in `serverInterface.ts` to handle
`UserNotFound` error.
>
> <sup>This description was created by </sup>[<img alt="Ellipsis"
src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup>
for 0576c20f76. It will automatically
update as commits are pushed.</sup>
<!-- ELLIPSIS_HIDDEN -->
---------
Co-authored-by: Zai Shi <zaishi00@outlook.com>
<!-- ELLIPSIS_HIDDEN -->
----
> [!IMPORTANT]
> Add SentEmails dashboard table with backend API and frontend
components to display email logs.
>
> - **Backend**:
> - Add `crud.tsx` to define CRUD operations for `SentEmail` using
`prismaClient`.
> - Add `route.tsx` to expose `GET` endpoint for listing sent emails.
> - **Frontend**:
> - Update `page-client.tsx` to include `EmailSendDataTable` component
displaying email logs.
> - Define `emailTableColumns` for `DataTable` in `page-client.tsx`.
> - **Shared Interfaces**:
> - Add `InternalEmailsCrud` and `sentEmailReadSchema` in `emails.ts`.
> - Extend `StackAdminApp` to include `listSentEmails()` method.
> - Define `AdminSentEmail` type in `email/index.ts` and export it in
`index.ts`.
>
> <sup>This description was created by </sup>[<img alt="Ellipsis"
src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup>
for fe32ecbc33. It will automatically
update as commits are pushed.</sup>
<!-- ELLIPSIS_HIDDEN -->
---------
Co-authored-by: devin-ai-integration[bot] <158243242+devin-ai-integration[bot]@users.noreply.github.com>
Co-authored-by: ryan@stack-auth.com <ryan@stack-auth.com>
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: Konsti Wohlwend <n2d4xc@gmail.com>
<img width="1443" alt="image"
src="https://github.com/user-attachments/assets/611ede72-4d46-41dc-adea-9546c04b199a"
/>
Adds new active sessions page to settings
<!-- ELLIPSIS_HIDDEN -->
----
> [!IMPORTANT]
> Adds an active sessions page to settings, enabling users to view and
manage their sessions, with backend support for session listing and
deletion.
>
> - **Active Sessions Page**:
> - Adds `ActiveSessionsPage` component in `account-settings.tsx` to
display active sessions.
> - Allows revoking individual sessions or all sessions except the
current one.
> - **Backend Changes**:
> - Adds `sessionsCrudHandlers` in `crud.tsx` for session management
(list, delete).
> - Updates `ProjectUserRefreshToken` model in `schema.prisma` to
include `id` and `isImpersonation` fields.
> - Implements session listing and deletion in `serverInterface.ts` and
`client-app-impl.ts`.
> - **Error Handling**:
> - Introduces `CannotDeleteCurrentSession` error in `known-errors.tsx`.
> - **Testing**:
> - Adds tests for session management in
`endpoints/api/v1/auth/sessions` tests.
>
> <sup>This description was created by </sup>[<img alt="Ellipsis"
src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup>
for ba78df0928. It will automatically
update as commits are pushed.</sup>
<!-- ELLIPSIS_HIDDEN -->
---------
Co-authored-by: TheCactusBlue <thecactusblue@gmail.com>
Co-authored-by: Konsti Wohlwend <n2d4xc@gmail.com>
Co-authored-by: ellipsis-dev[bot] <65095814+ellipsis-dev[bot]@users.noreply.github.com>
* Add in-source unit tests to stack-shared utilities
Co-Authored-By: Konstantin Wohlwend <n2d4xc@gmail.com>
* Fix type checking and linting issues
Co-Authored-By: Konstantin Wohlwend <n2d4xc@gmail.com>
* Fix lint errors in results.tsx
Co-Authored-By: Konstantin Wohlwend <n2d4xc@gmail.com>
* Fix remaining lint errors in results.tsx
Co-Authored-By: Konstantin Wohlwend <n2d4xc@gmail.com>
* Fix lint warnings in results.tsx
Co-Authored-By: Konstantin Wohlwend <n2d4xc@gmail.com>
* Fix wait function mocking in results.tsx
Co-Authored-By: Konstantin Wohlwend <n2d4xc@gmail.com>
* Fix retry function test in results.tsx
Co-Authored-By: Konstantin Wohlwend <n2d4xc@gmail.com>
* Fix React.forwardRef mock in react.tsx test
Co-Authored-By: Konstantin Wohlwend <n2d4xc@gmail.com>
* Fix trailing spaces in react.tsx and results.tsx
Co-Authored-By: Konstantin Wohlwend <n2d4xc@gmail.com>
* Revert to DependenciesMap and wrap rejected promise in ignoreUnhandledRejection
Co-Authored-By: Konstantin Wohlwend <n2d4xc@gmail.com>
* Fix
* Revert changes to known-errors.tsx constructor
Co-Authored-By: Konstantin Wohlwend <n2d4xc@gmail.com>
* Make rotateRight call rotateLeft per review feedback
Co-Authored-By: Konstantin Wohlwend <n2d4xc@gmail.com>
* Remove redundant @ts-expect-error directive in known-errors.tsx
Co-Authored-By: Konstantin Wohlwend <n2d4xc@gmail.com>
* Fix import order in promises.tsx
Co-Authored-By: Konstantin Wohlwend <n2d4xc@gmail.com>
* Fix
* Fix CI failures: add back @ts-expect-error in known-errors.tsx and revert mapResult implementation in results.tsx
Co-Authored-By: Konstantin Wohlwend <n2d4xc@gmail.com>
* Remove unused @ts-expect-error directive in known-errors.tsx
Co-Authored-By: Konstantin Wohlwend <n2d4xc@gmail.com>
* Add back @ts-expect-error directive with explanation in known-errors.tsx
Co-Authored-By: Konstantin Wohlwend <n2d4xc@gmail.com>
* Change @ts-expect-error to @ts-ignore in known-errors.tsx
Co-Authored-By: Konstantin Wohlwend <n2d4xc@gmail.com>
* be honest
* vocabulary
---------
Co-authored-by: Devin AI <158243242+devin-ai-integration[bot]@users.noreply.github.com>
Co-authored-by: Konstantin Wohlwend <n2d4xc@gmail.com>
