## Summary
- Bare `process.env.X` accesses in `stack-shared` throw `ReferenceError:
process is not defined` when the package is bundled into a browser app
without a `process` shim (e.g. a plain Vite app). The most reachable
offenders are in `StackAssertionError`'s constructor and
`schema-fields.ts`'s Neon Basic-auth validator, both of which can run on
the client during normal sign-in flows with `@stackframe/react`.
- Extracted a zero-dependency `getProcessEnv` helper at
`packages/stack-shared/src/utils/process-env.tsx` and routed the bare
references through it. Returns `undefined` when `process` is not
defined; otherwise behaves like a normal `process.env[name]` read, so
Next.js/webpack inlining is unchanged on the server.
- Touched: `schema-fields.ts:884` (`STACK_INTEGRATION_CLIENTS_CONFIG`),
`utils/errors.tsx:81` (`NEXT_PUBLIC_STACK_DEBUGGER_ON_ASSERTION_ERROR`),
`utils/promises.tsx` (`NODE_ENV` in `runAsynchronouslyWithAlert`),
`utils/esbuild.tsx:16` (`NODE_ENV`, also reordered the `typeof process`
guard so the env access is unreachable in browsers).
## Why a separate helper module
`utils/env.tsx` already exists but its `getEnvVariable` explicitly
throws in the browser, so it can't be reused here. The new module has
zero imports so it can be safely consumed from low-level utilities like
`errors.tsx` without creating a cycle (env.tsx ↔ errors.tsx).
## Test plan
- [x] `pnpm lint` passes
- [x] `pnpm typecheck` passes
- [ ] Reproduced the original failure in a Vite + `@stackframe/react`
app: sign-in flow logged `ReferenceError: process is not defined` from
`StackAssertionError`, plus `clientSecret must not be empty` cascading
from the same path
- [ ] Verify the same flow in a Vite app no longer throws once
`@stackframe/react` is rebuilt against this `stack-shared` change
- [ ] Confirm Next.js consumer behavior is unchanged (env vars still
inlined at build time for `NEXT_PUBLIC_*`)
🤖 Generated with [Claude Code](https://claude.com/claude-code)
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
## Release Notes
* **Refactor**
* Improved environment variable handling across shared utilities for
enhanced browser compatibility and safety. Introduced a new utility for
dynamic, browser-safe environment variable access that prevents errors
in non-Node.js environments.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
---------
Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
* added organizations route
* added orgganizations/[orgId] and orgganizations/[orgId]/users routes
* added more routes
* restructured dashboard pages, added organization page
* fixed redirect bug
* updated sidebar
* added mock orgnizations
* fixed breadcrumbs
* added edit org modal
* added memeber table
* added permission table
* Orgs & perms backend
* Fix build errors
* updated permission ui
* org -> team for frontend
* added enable team UI
* Stack App for teams
* formatted schema
* renamed all orgs to teams
* fixed docusaurus bug
* disabled docusaurus build progress bar
* added member profile and direct permission to profile
* removed dead code, memberProfile -> member
* removed teams attribute from the user object
* added /teams endpoint
* added create team endpoint
* added add-user endpoint
* moved add-user
* added server side get teams
* updated schema formatting
* added team enabled endpoints
* fixed type error
* moved get current teams to current-user/teams
* improved interface
* added create team
* hooked up team to frontend
* added hooked up team name with team member page
* added list team users
* added useUsers to team object
* fixed list team user bug
* added team update
* added list permissions and use permission on app
* added create permission
* list permission
* added permission list
* added inherited permission list
* add edit permission model
* restructured permission graph
* updated style
* added delete permission
* fixed delete permission bug
* added inheritence update
* fixed await bug
* fixed selection bug
* added permission update
* fixed update bug
* fixed team update refresh
* added remove user from team
* restructured permission and permission definition
* updated permission definition structure
* updated list permissions and grant permissions
* fixed list user permissions
* added grant permission
* fixed list permission
* added direct option to list team use permission
* fixed bugs
* fixed bugs
* added revoke permission
* inherited from -> contains
* added client list permission
* restructured stack-app teams and permissions
* fixed server teams and permissions
* fixed bug
* fixed bugs
* added teams pages to demo
* added styled component compiler
* added list teams
* added join and leave teams
* fixed prisma onDelete
* fixed type bugs
* removed on permission change for now
* added member
* fixed user and server user
* fixed imports
* added create team
* added more content to demo
* fixed recursion bug
* fixed recursion stack out of bound bug
* removed teamsEnabled
* added create team on sign-up options
* added create team on signup
* queriable -> queryable, fixed migration file
* fixed migration file
* fixed demo build error
* fixed license accidental change
* fixed tab styling
* added required to create permission id
* added more ui error hints
* fixed seed wrong setting
* default team name
* improved permission list ui
* improved demo display
* Update README.md
---------
Co-authored-by: Zai Shi <zaishi00@outlook.com>
