<!--
Make sure you've read the CONTRIBUTING.md guidelines:
https://github.com/stack-auth/stack-auth/blob/dev/CONTRIBUTING.md
-->
<!-- RECURSEML_SUMMARY:START -->
## High-level PR Summary
This PR updates the peer dependency requirements across multiple
package.json files to remove support for React 18.2 and only specify
React 19.0.0-rc.0 or newer as the minimum required version. The change
affects React, React DOM, and their corresponding TypeScript type
packages.
⏱️ Estimated Review Time: 5-15 minutes
<details>
<summary>💡 Review Order Suggestion</summary>
| Order | File Path |
|-------|-----------|
| 1 | `packages/react/package.json` |
| 2 | `packages/stack/package.json` |
| 3 | `packages/template/package-template.json` |
| 4 | `packages/template/package.json` |
</details>
[](https://discord.gg/n3SsVDAW6U)
<!-- RECURSEML_SUMMARY:END -->
<!-- ELLIPSIS_HIDDEN -->
----
> [!IMPORTANT]
> Update peer dependencies to require React 19.0.0 or newer across
multiple packages.
>
> - **Peer Dependencies**:
> - Updated minimum peer dependency to React 19.0.0 for `react`,
`react-dom`, `@types/react`, and `@types/react-dom` in
`packages/react/package.json`, `packages/stack/package.json`, and
`packages/template/package.json`.
> - Removed support for React 18.2 in peer dependencies across all
affected `package.json` files.
> - **Dev Dependencies**:
> - Updated development dependencies to React 19.0.0 in
`packages/react/package.json`, `packages/stack/package.json`, and
`packages/template/package.json`.
> - **Misc**:
> - No runtime behavior changes; only stricter dependency constraints.
>
> <sup>This description was created by </sup>[<img alt="Ellipsis"
src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup>
for fa6ee35f32. You can
[customize](https://app.ellipsis.dev/stack-auth/settings/summaries) this
summary. It will automatically update as commits are pushed.</sup>
----
<!-- ELLIPSIS_HIDDEN -->
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Chores**
* Raised peer dependency minimums to React 19.0.0 for react, react-dom,
@types/react, and @types/react-dom across packages.
* Bumped development dependencies used for building and testing to React
19.x.
* Applies to templates, stack packages, UI/shared packages, and
development tooling; no runtime behavior changes—only stricter
dependency requirements.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
---------
Co-authored-by: Konsti Wohlwend <n2d4xc@gmail.com>
<!--
Make sure you've read the CONTRIBUTING.md guidelines:
https://github.com/stack-auth/stack-auth/blob/dev/CONTRIBUTING.md
-->
<!-- RECURSEML_SUMMARY:START -->
## High-level PR Summary
This PR implements a comprehensive renaming of "offer" to "product" and
"offer group" to "product catalog" throughout the codebase. The changes
include database migrations, schema updates, API compatibility layers,
function renames, and updates to client and server implementations.
Backwards compatibility is maintained through migration layers that
handle requests using the old terminology, translating them to the new
terminology before processing. The PR includes documentation of this
approach in CLAUDE-KNOWLEDGE.md. This rename affects multiple parts of
the system including the database schema, API endpoints, error types,
and SDK interfaces.
⏱️ Estimated Review Time: 1-3 hours
<details>
<summary>💡 Review Order Suggestion</summary>
| Order | File Path |
|-------|-----------|
| 1 |
`apps/backend/prisma/migrations/20250923191615_rename_offers_to_products/migration.sql`
|
| 2 |
`apps/backend/src/app/api/migrations/v2beta1/payments/purchases/offers-compat.ts`
|
| 3 |
`apps/backend/src/app/api/migrations/v2beta1/payments/purchases/create-purchase-url/route.ts`
|
| 4 |
`apps/backend/src/app/api/migrations/v2beta1/payments/purchases/validate-code/route.ts`
|
| 5 | `apps/backend/src/lib/payments.tsx` |
| 6 | `.claude/CLAUDE-KNOWLEDGE.md` |
| 7 | `packages/stack-shared/src/schema-fields.ts` |
| 8 | `packages/stack-shared/src/known-errors.tsx` |
| 9 | `packages/stack-shared/src/config/schema.ts` |
| 10 | `packages/template/src/lib/stack-app/customers/index.ts` |
| 11 |
`packages/template/src/lib/stack-app/apps/implementations/client-app-impl.ts`
|
| 12 |
`packages/template/src/lib/stack-app/apps/implementations/server-app-impl.ts`
|
</details>
[](https://discord.gg/n3SsVDAW6U)
<!-- RECURSEML_SUMMARY:END -->
<!-- ELLIPSIS_HIDDEN -->
----
> [!IMPORTANT]
> Renames 'offer' to 'product' and 'offer group' to 'product catalog'
across the codebase, updating database schema, API endpoints, and
application logic for consistency and backward compatibility.
>
> - **Database**:
> - Rename columns `offer` to `product` and `offerId` to `productId` in
`OneTimePurchase` and `Subscription` tables in `migration.sql`.
> - **API & Migrations**:
> - Update API endpoints to accept `product_id`/`product_inline` instead
of `offer_id`/`offer_inline`.
> - Add `v2beta5` compatibility layer to map legacy `offer` fields to
`product` equivalents.
> - **Shared Schemas**:
> - Rename `offerSchema` to `productSchema` and related schemas in
`schema-fields.ts`.
> - **Server Implementation**:
> - Update `createCheckoutUrl` method in `server-app-impl.ts` to use
`productId`/`InlineProduct`.
> - **Tests**:
> - Update tests to reflect renaming in `backend-helpers.ts` and other
test files.
> - **Miscellaneous**:
> - Remove dummy data related to offers in `dummy-data.tsx`.
> - Update documentation and comments to reflect terminology changes.
>
> <sup>This description was created by </sup>[<img alt="Ellipsis"
src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup>
for e3227bcbd2. You can
[customize](https://app.ellipsis.dev/stack-auth/settings/summaries) this
summary. It will automatically update as commits are pushed.</sup>
----
<!-- ELLIPSIS_HIDDEN -->
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Backwards-compatibility: legacy offer_id/offer_inline requests are
accepted, normalized, and routed to product-based handlers.
* **Refactor**
* Global rename from Offer/Group → Product/Catalog across UI, APIs,
types, client/server interfaces, and error codes.
* **Bug Fixes**
* Responses, webhooks and UI consistently surface product_display_name
and product-related metadata.
* **Documentation**
* Migration notes and docs updated to explain compatibility and
parameter changes.
* **Tests**
* Unit and E2E suites updated to cover product/catalog flows.
* **Chores**
* Database schema migration, seed and config updates applied.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
<!-- CURSOR_SUMMARY -->
---
> [!NOTE]
> Renames offers→products and groups→catalogs end-to-end (DB, APIs,
schemas, UI, SDK, docs), adding v2beta5 compatibility to accept legacy
offer fields while updating all internals.
>
> - **Backend/DB**:
> - Prisma migration: rename `offer`/`offerId`→`product`/`productId` in
`OneTimePurchase` and `Subscription`.
> - Update Stripe webhook, purchase-session, and internal test-mode
flows to use `product*` metadata/fields.
> - **API & Migrations**:
> - Latest endpoints now accept `product_id`/`product_inline`.
> - Add `v2beta5` compat layer mapping legacy `offer_id`/`offer_inline`
to product equivalents; responses alias conflicting products.
> - **Shared Schemas/Errors/Config**:
> - `offerSchema`→`productSchema`,
`inlineOfferSchema`→`inlineProductSchema`, prices/types renamed.
> - KnownErrors renamed (e.g., `PRODUCT_DOES_NOT_EXIST`).
> - Config: `groups`→`catalogs`, defaults/migrations updated; improved
override validation messages; ID regex loosened; formatter tweaks; add
schema fuzzer tests.
> - **Payments Lib**:
> - Rename APIs and logic (`offers`→`products`, `groupId`→`catalogId`),
subscription and item-quantity computation updated.
> - **Dashboard/UI**:
> - Routes, dialogs, editors, tables, and code samples switched to
products/catalogs; removed offers dummy data.
> - **SDK/Template**:
> - Client/server `createCheckoutUrl` now uses
`productId`/`InlineProduct`.
> - **Tests/Docs/Utilities**:
> - E2E and unit tests updated; add legacy (pre-rename) tests.
> - Docs and knowledge base revised; minor script tweaks (recent-first,
limits).
>
> <sup>Written by [Cursor
Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit
e6e20ecd72. This will update automatically
on new commits. Configure
[here](https://cursor.com/dashboard?tab=bugbot).</sup>
<!-- /CURSOR_SUMMARY -->
---------
Co-authored-by: BilalG1 <bg2002@gmail.com>
<!--
Make sure you've read the CONTRIBUTING.md guidelines:
https://github.com/stack-auth/stack-auth/blob/dev/CONTRIBUTING.md
-->
<!-- RECURSEML_SUMMARY:START -->
## High-level PR Summary
This PR fixes test issues by making two primary changes: 1) In the API
keys test, replacing `Date {}` with actual date strings in test
snapshots to make them deterministic, and 2) Adding "react-dom" to the
node modules list in the email rendering component. These changes likely
address test failures that were occurring due to non-deterministic date
serialization in snapshots and a missing dependency.
⏱️ Estimated Review Time: 5-15 minutes
<details>
<summary>💡 Review Order Suggestion</summary>
| Order | File Path |
|-------|-----------|
| 1 | `apps/e2e/tests/js/api-keys.test.ts` |
| 2 | `apps/backend/src/lib/email-rendering.tsx` |
</details>
[](https://discord.gg/n3SsVDAW6U)
<!-- RECURSEML_SUMMARY:END -->
<!-- ELLIPSIS_HIDDEN -->
----
> [!IMPORTANT]
> Fixes inline snapshot for `expiresAt` in `api-keys.test.ts` and adds
`react-dom` to dependencies in `email-rendering.tsx`.
>
> - **Tests**:
> - Fixes inline snapshot for `expiresAt` in `api-keys.test.ts` by using
a constant `expiresAt` variable.
> - Updates `expiresAt` field in three inline snapshots to use
`expiresAt.toISOString()`.
> - **Dependencies**:
> - Adds `react-dom` version "19.1.1" to `nodeModules` in
`email-rendering.tsx`.
>
> <sup>This description was created by </sup>[<img alt="Ellipsis"
src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup>
for 290a6a2cf9. You can
[customize](https://app.ellipsis.dev/stack-auth/settings/summaries) this
summary. It will automatically update as commits are pushed.</sup>
<!-- ELLIPSIS_HIDDEN -->
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Bug Fixes**
* Improved reliability of email template rendering, ensuring content
that relies on DOM behavior renders correctly during Freestyle
executions.
* **Tests**
* Unified expiration timestamps in API key tests for consistency and
updated related snapshots.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
<!--
Make sure you've read the CONTRIBUTING.md guidelines:
https://github.com/stack-auth/stack-auth/blob/dev/CONTRIBUTING.md
-->
Adds JWT docs and JWT viewer component to docs
<img width="1182" height="668" alt="image"
src="https://github.com/user-attachments/assets/f4196dd9-e159-420e-9d78-a3928983f126"
/>
<!-- RECURSEML_SUMMARY:START -->
## High-level PR Summary
This PR adds comprehensive JWT (JSON Web Token) documentation and an
interactive JWT viewer component to the Stack Auth documentation. The
main additions are a new documentation page explaining JWT concepts,
structure, and usage within Stack Auth, along with a React component
that allows users to decode and inspect JWT tokens. The JWT viewer can
automatically load the current user's session token if they are signed
in, or accept manually pasted tokens. The documentation provides
examples of both client-side and server-side JWT usage, security
considerations, troubleshooting guidance, and best practices. The PR
also includes necessary updates to metadata files and component exports
to integrate the new content into the documentation platform.
⏱️ Estimated Review Time: 15-30 minutes
<details>
<summary>💡 Review Order Suggestion</summary>
| Order | File Path |
|-------|-----------|
| 1 | `docs/templates/concepts/jwt.mdx` |
| 2 | `docs/src/components/mdx/jwt-viewer.tsx` |
| 3 | `docs/docs-platform.yml` |
| 4 | `docs/src/components/mdx/index.ts` |
| 5 | `docs/src/mdx-components.tsx` |
| 6 | `docs/templates/meta.json` |
| 7 | `docs/templates-python/meta.json` |
</details>
<!-- RECURSEML_SUMMARY:END -->
<!-- ELLIPSIS_HIDDEN -->
----
> [!IMPORTANT]
> Adds a new JWT concepts page and an interactive `JWTViewer` component,
integrating it into MDX and navigation, with `jose` added for decoding.
>
> - **Docs**:
> - Add `concepts/jwt.mdx` with JWT structure, claims, examples,
verification, security, and best practices.
> - Include JWT page in navigation: `docs-platform.yml`,
`templates/meta.json`, and Python `templates-python/meta.json`.
> - **UI Component**:
> - Add `JWTViewer` in `docs/src/components/mdx/jwt-viewer.tsx` to
decode JWTs (header, payload, signature), show time-based indicators,
and load current user token via `useUser()`.
> - Export and register in MDX: `docs/src/components/mdx/index.ts`,
`docs/src/mdx-components.tsx`.
> - **Dependencies**:
> - Add `jose` to `docs/package.json` (lockfile updated).
>
> <sup>This description was created by </sup>[<img alt="Ellipsis"
src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup>
for f25e369599. You can
[customize](https://app.ellipsis.dev/stack-auth/settings/summaries) this
summary. It will automatically update as commits are pushed.</sup>
----
<!-- ELLIPSIS_HIDDEN -->
<!-- RECURSEML_ANALYSIS:START -->
## Review by RecurseML
_🔍 Review performed on
[ad34cfe..a135bbd](ad34cfecc2...a135bbdd77)_
✨ No bugs found, your code is sparkling clean
<details>
<summary>✅ Files analyzed, no issues (3)</summary>
• `docs/src/components/mdx/jwt-viewer.tsx`
• `docs/src/mdx-components.tsx`
• `docs/src/components/mdx/index.ts`
</details>
<details>
<summary>⏭️ Files skipped (trigger manually) (4)</summary>
| Locations | Trigger Analysis |
|-----------|:------------------:|
`docs/docs-platform.yml` |
[
`docs/templates-python/meta.json` |
[
`docs/templates/concepts/jwt.mdx` |
[
`docs/templates/meta.json` |
[
</details>
[](https://discord.gg/n3SsVDAW6U)
<!-- RECURSEML_ANALYSIS:END -->
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Interactive JWT Viewer in the docs: paste or auto-load a token to
inspect header, payload, signature with live decoding, validity/time
indicators, per-field copy controls, and "load my token".
* **Documentation**
* New "JWT" concept page covering structure, claims, examples,
client/server/manual usage, security, troubleshooting, and best
practices.
* JWT page added to site navigation and enabled across Next, React, JS,
and Python docs.
* **Chores**
* Added runtime dependency to support JWT decoding in the docs.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
<!-- CURSOR_SUMMARY -->
---
> [!NOTE]
> Adds a new JWT concepts page and an interactive `JWTViewer` component,
integrating it into MDX and navigation, with `jose` added for decoding.
>
> - **Docs**:
> - Add `concepts/jwt.mdx` with JWT structure, claims, examples,
verification, security, and best practices.
> - Include JWT page in navigation: `docs-platform.yml`,
`templates/meta.json`, and Python `templates-python/meta.json`.
> - **UI Component**:
> - Add `JWTViewer` in `docs/src/components/mdx/jwt-viewer.tsx` to
decode JWTs (header, payload, signature), show time-based indicators,
and load current user token via `useUser()`.
> - Export and register in MDX: `docs/src/components/mdx/index.ts`,
`docs/src/mdx-components.tsx`.
> - **Dependencies**:
> - Add `jose` to `docs/package.json` (lockfile updated).
>
> <sup>Written by [Cursor
Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit
837fffb848. This will update automatically
on new commits. Configure
[here](https://cursor.com/dashboard?tab=bugbot).</sup>
<!-- /CURSOR_SUMMARY -->
---------
Co-authored-by: Konsti Wohlwend <n2d4xc@gmail.com>
<!--
Make sure you've read the CONTRIBUTING.md guidelines:
https://github.com/stack-auth/stack-auth/blob/dev/CONTRIBUTING.md
-->
<img width="324" height="252" alt="image"
src="https://github.com/user-attachments/assets/b7096a0c-9764-4fe7-b521-458d6e1d47b5"
/>
<!-- RECURSEML_SUMMARY:START -->
## High-level PR Summary
This PR adds two new interactive components to the documentation pages:
a "Copy Markdown" button that allows users to copy the raw markdown
content of a page, and an "Open" dropdown menu that provides options to
open the current page in various AI tools (Scira AI, ChatGPT, Claude,
and T3 Chat). The implementation includes a new `page-actions.tsx`
component file with the `LLMCopyButton` and `ViewOptions` components,
and updates the documentation page layout to incorporate these new
buttons in the header alongside the page title.
⏱️ Estimated Review Time: 5-15 minutes
<details>
<summary>💡 Review Order Suggestion</summary>
| Order | File Path |
|-------|-----------|
| 1 | `docs/src/components/page-actions.tsx` |
| 2 | `docs/src/app/docs/[[...slug]]/page.tsx` |
</details>
<!-- RECURSEML_SUMMARY:END -->
<!-- ELLIPSIS_HIDDEN -->
----
> [!IMPORTANT]
> Adds `LLMCopyButton` and `ViewOptions` to documentation pages for
copying markdown and opening in AI tools.
>
> - **New Features**:
> - Added `LLMCopyButton` in `page-actions.tsx` to copy markdown content
to clipboard.
> - Added `ViewOptions` in `page-actions.tsx` to open pages in AI tools
(Scira AI, ChatGPT, Claude, T3 Chat).
> - **Integration**:
> - Integrated `LLMCopyButton` and `ViewOptions` into `page.tsx` header
layout.
> - Adjusted header layout in `page.tsx` to align title and new buttons.
>
> <sup>This description was created by </sup>[<img alt="Ellipsis"
src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup>
for b51bb98d4e. You can
[customize](https://app.ellipsis.dev/stack-auth/settings/summaries) this
summary. It will automatically update as commits are pushed.</sup>
----
<!-- ELLIPSIS_HIDDEN -->
<!-- RECURSEML_ANALYSIS:START -->
## Review by RecurseML
_🔍 Review performed on
[e48ffa6..3cbe5a5](e48ffa67ee...3cbe5a5861)_
✨ No bugs found, your code is sparkling clean
<details>
<summary>✅ Files analyzed, no issues (2)</summary>
• `docs/src/components/page-actions.tsx`
• `docs/src/app/docs/[[...slug]]/page.tsx`
</details>
[](https://discord.gg/n3SsVDAW6U)
<!-- RECURSEML_ANALYSIS:END -->
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Added header actions on docs pages: a button to copy the page Markdown
to clipboard and an “Open” menu to launch external AI chat tools or view
the source.
* **Documentation**
* Updated docs page header layout so the title is left-aligned with
action controls on the right for easier access.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
<!-- CURSOR_SUMMARY -->
---
> [!NOTE]
> Adds header actions to docs pages: copy raw Markdown and open the page
in external AI tools.
>
> - **Docs UI**:
> - **New components** in `docs/src/components/page-actions.tsx`:
> - `LLMCopyButton`: copies raw Markdown to clipboard with simple
caching.
> - `ViewOptions`: popover with links to external AI tools (Scira,
ChatGPT, Claude, T3 Chat).
> - **Integration** in `docs/src/app/docs/[[...slug]]/page.tsx`:
> - Wraps `DocsTitle` with a header row and adds `LLMCopyButton` and
`ViewOptions`.
> - Passes `markdownUrl` as ``${page.url}.mdx`` for both actions.
>
> <sup>Written by [Cursor
Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit
5578cc9d37. This will update automatically
on new commits. Configure
[here](https://cursor.com/dashboard?tab=bugbot).</sup>
<!-- /CURSOR_SUMMARY -->
---------
Co-authored-by: Konsti Wohlwend <n2d4xc@gmail.com>
<!--
Make sure you've read the CONTRIBUTING.md guidelines:
https://github.com/stack-auth/stack-auth/blob/dev/CONTRIBUTING.md
-->
<!-- RECURSEML_SUMMARY:START -->
## High-level PR Summary
This PR enhances the initialization script for Stack Auth by adding
support for `projectId` and `publishableClientKey` (pck) parameters when
initializing a Next.js client application. The changes include: 1)
Adding logic to pass these parameters from environment variables or
directly from arguments to the Next.js client configuration, 2) Updating
the layout template to use the client-side Stack app instead of the
server-side app in the provider component, and 3) Improving Bun lock
file detection by checking for both `bun.lockb` and `bun.lock` formats.
These changes ensure proper configuration of Next.js client applications
with the required Stack Auth credentials.
⏱️ Estimated Review Time: 5-15 minutes
<details>
<summary>💡 Review Order Suggestion</summary>
| Order | File Path |
|-------|-----------|
| 1 | `packages/init-stack/src/index.ts` |
</details>
<!-- RECURSEML_SUMMARY:END -->
<!-- ELLIPSIS_HIDDEN -->
----
> [!IMPORTANT]
> Enhances Stack Auth init script with `projectId` and
`publishableClientKey` support, updates Next.js layout, and improves Bun
detection.
>
> - **Behavior**:
> - Adds `projectId` and `publishableClientKey` support to Next.js
client configuration in `index.ts`.
> - Updates layout template to use client-side Stack app in
`getUpdatedLayout()`.
> - Improves Bun lock file detection in `promptPackageManager()`.
> - **Options**:
> - Introduces `--on-question` option to control interactive prompts in
`index.ts`.
> - **Scripts**:
> - Standardizes test scripts to use `--on-question error` in
`package.json`.
>
> <sup>This description was created by </sup>[<img alt="Ellipsis"
src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup>
for 67a98f5aba. You can
[customize](https://app.ellipsis.dev/stack-auth/settings/summaries) this
summary. It will automatically update as commits are pushed.</sup>
----
<!-- ELLIPSIS_HIDDEN -->
<!-- RECURSEML_ANALYSIS:START -->
## Review by RecurseML
_🔍 Review performed on
[7a0bf86..0b443e4](7a0bf86cb3...0b443e460f)_
✨ No bugs found, your code is sparkling clean
<details>
<summary>✅ Files analyzed, no issues (1)</summary>
• `packages/init-stack/src/index.ts`
</details>
[](https://discord.gg/n3SsVDAW6U)
<!-- RECURSEML_ANALYSIS:END -->
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Added a new --on-question option to control interactive prompt
behavior; client-oriented layout generation now emits client-side config
(public env keys supported).
* **Bug Fixes**
* Improved Bun detection (recognizes both lockfile variants) and
clearer, mode-aware guidance for ambiguous project/package-manager
detection.
* **Chores**
* Test/init scripts updated to use --on-question error for deterministic
non-interactive runs.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
---------
Co-authored-by: Konsti Wohlwend <n2d4xc@gmail.com>
<!--
Make sure you've read the CONTRIBUTING.md guidelines:
https://github.com/stack-auth/stack-auth/blob/dev/CONTRIBUTING.md
-->
<!-- RECURSEML_SUMMARY:START -->
## High-level PR Summary
This PR fixes a test in the internal metrics endpoint by replacing a
simple wait timer with a more robust retry mechanism. Instead of waiting
for a fixed 3000ms delay to allow for asynchronous event logging, the PR
implements a `Result.retry` approach that attempts to fetch metrics up
to 5 times with exponential backoff, only proceeding when the metrics
response differs from the initial state. This change makes the test more
reliable by ensuring proper test conditions are met before assertions
are made rather than relying on an arbitrary timeout.
⏱️ Estimated Review Time: 5-15 minutes
<details>
<summary>💡 Review Order Suggestion</summary>
| Order | File Path |
|-------|-----------|
| 1 | `apps/e2e/tests/backend/endpoints/api/v1/internal-metrics.test.ts`
|
</details>
[](https://discord.gg/n3SsVDAW6U)
<!-- RECURSEML_SUMMARY:END -->
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Tests**
* Improved backend metrics verification with a retry-based approach to
handle eventual consistency, reducing test flakiness.
* Replaced static waits with structured retries for faster, more
reliable execution.
* Strengthened assertions on metrics fields (e.g., totals and recent
activity) for clearer validation.
* Maintains checks to ensure anonymous users remain excluded from
metrics.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
<!--
Make sure you've read the CONTRIBUTING.md guidelines:
https://github.com/stack-auth/stack-auth/blob/dev/CONTRIBUTING.md
-->
<!-- ELLIPSIS_HIDDEN -->
----
> [!IMPORTANT]
> Add Convex integration with new auth helpers, update access token
handling, and include documentation, examples, and tests for the new
features.
>
> - **Features**:
> - Add Convex integration with new auth helpers for Convex clients and
HTTP in `client-app-impl.ts` and `server-app-impl.ts`.
> - Support for Convex context in user APIs and partial user retrieval.
> - Access tokens now include `is_anonymous` for better anonymous
handling in `tokens.tsx`.
> - **Documentation**:
> - Add Convex integration guide in `docs/templates/others/convex.mdx`.
> - Update docs navigation in `docs/docs-platform.yml` and
`docs/templates/meta.json`.
> - **Examples**:
> - Add Convex + Next.js example app in `examples/convex` with auth
wiring, functions, schema, and UI.
> - **Tests**:
> - Add E2E tests for Convex auth flows in `convex.test.ts`.
> - Update JWT payload checks in `backend-helpers.ts` and
`anonymous-comprehensive.test.ts`.
> - **Chores**:
> - Add Convex dependencies in `package.json` files.
> - Update CI steps for example environments in `e2e-api-tests.yaml` and
`e2e-source-of-truth-api-tests.yaml`.
>
> <sup>This description was created by </sup>[<img alt="Ellipsis"
src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup>
for aa0983a8b7. You can
[customize](https://app.ellipsis.dev/stack-auth/settings/summaries) this
summary. It will automatically update as commits are pushed.</sup>
----
<!-- ELLIPSIS_HIDDEN -->
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
- **New Features**
- Convex integration: auth helpers for Convex clients/HTTP, Convex-aware
user APIs, and partial-user retrieval (token/convex).
- Access tokens now surface is_anonymous for clearer anonymous handling.
- **Documentation**
- Added Convex integration guide and nav entries.
- **Examples**
- New Convex + Next.js example app with auth wiring, backend functions,
schema, and UI.
- **Tests**
- Added E2E tests covering Convex auth flows and JWT payload checks.
- **Chores**
- Added Convex deps, CI env steps, and workspace/test config updates.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
---------
Co-authored-by: Konstantin Wohlwend <n2d4xc@gmail.com>
<!--
Make sure you've read the CONTRIBUTING.md guidelines:
https://github.com/stack-auth/stack-auth/blob/dev/CONTRIBUTING.md
-->
<!-- RECURSEML_SUMMARY:START -->
## High-level PR Summary
This PR adds a toggle switch feature for the payments offers page,
allowing users to switch between two different view modes: a catalog
view (card-based layout) and a list view. The original code from
`page-client.tsx` has been split into two separate files -
`page-client-catalogs-view.tsx` for the existing card-based catalog view
and `page-client-list-view.tsx` for the new list-based view. The main
`page-client.tsx` file now acts as a simple router between these two
views, maintaining a view state and rendering the appropriate component
based on the selected view. Both view components include a toggle switch
in their header to allow users to switch between views.
⏱️ Estimated Review Time: 15-30 minutes
<details>
<summary>💡 Review Order Suggestion</summary>
| Order | File Path |
|-------|-----------|
| 1 |
`apps/dashboard/src/app/(main)/(protected)/projects/[projectId]/payments/offers/page-client.tsx`
|
| 2 |
`apps/dashboard/src/app/(main)/(protected)/projects/[projectId]/payments/offers/page-client-catalogs-view.tsx`
|
| 3 |
`apps/dashboard/src/app/(main)/(protected)/projects/[projectId]/payments/offers/page-client-list-view.tsx`
|
</details>
<!-- RECURSEML_SUMMARY:END -->
<!-- RECURSEML_ANALYSIS:START -->
## Review by RecurseML
_🔍 Review performed on
[872174d..a5ad8d9](872174d5b7...a5ad8d9fd1)_
✨ No bugs found, your code is sparkling clean
<details>
<summary>✅ Files analyzed, no issues (3)</summary>
•
`apps/dashboard/src/app/(main)/(protected)/projects/[projectId]/payments/offers/page-client-catalogs-view.tsx`
•
`apps/dashboard/src/app/(main)/(protected)/projects/[projectId]/payments/offers/page-client-list-view.tsx`
•
`apps/dashboard/src/app/(main)/(protected)/projects/[projectId]/payments/offers/page-client.tsx`
</details>
[](https://discord.gg/n3SsVDAW6U)
<!-- RECURSEML_ANALYSIS:END -->
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
- New Features
- Added revamped Payments Offers management with two views: List and
Catalogs.
- Grouping and sorting of offers by customer type, addons, and price.
- Inline create/edit/duplicate/delete for offers, prices, and items with
dialogs and validations.
- Search, filters, and hover-based highlighting with visual connections
between offers and items.
- Responsive layout (desktop and mobile), tooltips, and helpful
empty-state onboarding.
- Refactor
- Simplified page into dedicated List and Catalogs views with seamless
switching for a clearer, faster experience.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
<!--
Make sure you've read the CONTRIBUTING.md guidelines:
https://github.com/stack-auth/stack-auth/blob/dev/CONTRIBUTING.md
-->
<!-- RECURSEML_SUMMARY:START -->
## High-level PR Summary
This PR adds a new `priceId` field to the `OneTimePurchase` and
`Subscription` models in the database to store Stripe price identifiers.
The change includes database schema updates, corresponding migration
files, and modifications to payment processing logic to properly track
and store price IDs throughout the purchase flow. The implementation
consistently propagates the price ID from Stripe's API responses through
various payment processing endpoints and webhooks handlers, ensuring the
data is properly stored and synced with the database models.
⏱️ Estimated Review Time: 15-30 minutes
<details>
<summary>💡 Review Order Suggestion</summary>
| Order | File Path |
|-------|-----------|
| 1 | `apps/backend/prisma/schema.prisma` |
| 2 |
`apps/backend/prisma/migrations/20250917193043_store_price_id/migration.sql`
|
| 3 | `apps/backend/src/lib/stripe.tsx` |
| 4 |
`apps/backend/src/app/api/latest/payments/purchases/purchase-session/route.tsx`
|
| 5 |
`apps/backend/src/app/api/latest/internal/payments/test-mode-purchase-session/route.tsx`
|
| 6 |
`apps/backend/src/app/api/latest/integrations/stripe/webhooks/route.tsx`
|
| 7 | `apps/e2e/tests/backend/endpoints/api/v1/stripe-webhooks.test.ts`
|
</details>
<!-- RECURSEML_SUMMARY:END -->
<!-- ELLIPSIS_HIDDEN -->
----
> [!IMPORTANT]
> Add `priceId` field to track Stripe price identifiers in purchase and
subscription models, updating schema, payment logic, and tests.
>
> - **Database Changes**:
> - Add `priceId` field to `OneTimePurchase` and `Subscription` models
in `schema.prisma`.
> - Update database schema with migration
`20250917193043_store_price_id/migration.sql`.
> - **Payment Processing**:
> - Update `processStripeWebhookEvent()` in `webhooks/route.tsx` to
handle `priceId`.
> - Modify `POST` handlers in `purchase-session/route.tsx` and
`test-mode-purchase-session/route.tsx` to include `priceId` in metadata.
> - Update `syncStripeSubscriptions()` in `stripe.tsx` to sync
`priceId`.
> - **Testing**:
> - Add tests in `stripe-webhooks.test.ts` to validate `priceId`
handling in webhook and purchase flows.
>
> <sup>This description was created by </sup>[<img alt="Ellipsis"
src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup>
for 4950494d62. You can
[customize](https://app.ellipsis.dev/stack-auth/settings/summaries) this
summary. It will automatically update as commits are pushed.</sup>
----
<!-- ELLIPSIS_HIDDEN -->
<!-- RECURSEML_ANALYSIS:START -->
## Review by RecurseML
_🔍 Review performed on
[e48ffa6..4950494](e48ffa67ee...4950494d62)_
| Severity | Location | Issue
| Delete |
|:----------:|----------|-------|:--------:|
|  |
[apps/e2e/tests/backend/endpoints/api/v1/stripe-webhooks.test.ts:153](https://github.com/stack-auth/stack-auth/pull/900#discussion_r2356623574)
| The field `priceId` uses camelCase instead of the required snake_case
for API parameters |
[
|
|  |
[apps/e2e/tests/backend/endpoints/api/v1/stripe-webhooks.test.ts:245](https://github.com/stack-auth/stack-auth/pull/900#discussion_r2356623664)
| The field `priceId` uses camelCase instead of the required snake_case
for API parameters |
[
|
|  |
[apps/e2e/tests/backend/endpoints/api/v1/stripe-webhooks.test.ts:358](https://github.com/stack-auth/stack-auth/pull/900#discussion_r2356623721)
| The field `priceId` uses camelCase instead of the required snake_case
for API parameters |
[
|
<details>
<summary>✅ Files analyzed, no issues (4)</summary>
• `apps/backend/src/lib/stripe.tsx`
•
`apps/backend/src/app/api/latest/payments/purchases/purchase-session/route.tsx`
•
`apps/backend/src/app/api/latest/integrations/stripe/webhooks/route.tsx`
•
`apps/backend/src/app/api/latest/internal/payments/test-mode-purchase-session/route.tsx`
</details>
<details>
<summary>⏭️ Files skipped (trigger manually) (2)</summary>
| Locations | Trigger Analysis |
|-----------|:------------------:|
`apps/backend/prisma/migrations/20250917193043_store_price_id/migration.sql`
|
[
`apps/backend/prisma/schema.prisma` |
[
</details>
[](https://discord.gg/n3SsVDAW6U)
<!-- RECURSEML_ANALYSIS:END -->
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
- New Features
- Persist the selected price ID with one-time purchases and
subscriptions.
- Carry the price ID through payment flows and Stripe metadata for
better tracking and reporting.
- Test mode purchases now also record the price ID.
- Chores
- Database migration adds a price ID field to purchase and subscription
records.
- Tests
- Updated end-to-end tests to validate price ID handling in webhook and
purchase flows.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
<!--
Make sure you've read the CONTRIBUTING.md guidelines:
https://github.com/stack-auth/stack-auth/blob/dev/CONTRIBUTING.md
-->
<!-- RECURSEML_SUMMARY:START -->
## High-level PR Summary
This PR adds an optional `returnTo` parameter to the `signInWithOAuth`
function in the Stack Auth SDK. This allows developers to specify a
custom redirect URL after OAuth authentication instead of always using
the default OAuth callback URL. The change updates both the interface
definition and the implementation to support this new optional
parameter.
⏱️ Estimated Review Time: 0h 15m
<details>
<summary>💡 Review Order Suggestion</summary>
| Order | File Path |
|-------|-----------|
| 1 |
`packages/template/src/lib/stack-app/apps/interfaces/client-app.ts` |
| 2 |
`packages/template/src/lib/stack-app/apps/implementations/client-app-impl.ts`
|
</details>
<!-- RECURSEML_SUMMARY:END -->
<!-- ELLIPSIS_HIDDEN -->
----
> [!IMPORTANT]
> Add optional `returnTo` parameter to `signInWithOAuth` for custom
redirect URLs in `client-app-impl.ts` and update interface in
`client-app.ts`.
>
> - **Behavior**:
> - `signInWithOAuth` in `client-app-impl.ts` now accepts an optional
`options` parameter with `returnTo` for custom redirect URLs.
> - Default redirect URL is `this.urls.oauthCallback` if `returnTo` is
not provided.
> - **Interfaces**:
> - Updated `signInWithOAuth` signature in `client-app.ts` to include
optional `options` parameter with `returnTo`.
>
> <sup>This description was created by </sup>[<img alt="Ellipsis"
src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup>
for eb748cbe77. You can
[customize](https://app.ellipsis.dev/stack-auth/settings/summaries) this
summary. It will automatically update as commits are pushed.</sup>
<!-- ELLIPSIS_HIDDEN -->
<!-- RECURSEML_ANALYSIS:START -->
## Review by RecurseML
_🔍 Review performed on
[2d2a6d7..eb748cb](2d2a6d7cd5...eb748cbe77)_
✨ No bugs found, your code is sparkling clean
<details>
<summary>✅ Files analyzed, no issues (2)</summary>
•
`packages/template/src/lib/stack-app/apps/implementations/client-app-impl.ts`
• `packages/template/src/lib/stack-app/apps/interfaces/client-app.ts`
</details>
[](https://discord.gg/n3SsVDAW6U)
<!-- RECURSEML_ANALYSIS:END -->
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* signInWithOAuth now accepts an optional options parameter with
returnTo, allowing apps to override the post-login redirect URL.
* Defaults remain unchanged; if returnTo isn’t provided, the existing
OAuth callback is used.
* Backwards compatible: existing calls without options continue to work.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
Co-authored-by: Konsti Wohlwend <n2d4xc@gmail.com>
<!--
Make sure you've read the CONTRIBUTING.md guidelines:
https://github.com/stack-auth/stack-auth/blob/dev/CONTRIBUTING.md
-->
<!-- RECURSEML_SUMMARY:START -->
## High-level PR Summary
This PR adds support for non-interactive initialization in the Stack
Auth initialization script. It introduces a `STACK_DISABLE_INTERACTIVE`
environment variable flag and makes appropriate changes throughout the
codebase to handle non-interactive flows. The changes include improving
type definitions, adding automatic determination of project type (JS vs
Next.js) and configuration (client vs server) when running in
non-interactive mode, and better error handling for cases where required
information is missing. These changes enable CI/CD scenarios and
automation for Stack Auth integration.
⏱️ Estimated Review Time: 0h 20m
<details>
<summary>💡 Review Order Suggestion</summary>
| Order | File Path |
|-------|-----------|
| 1 | `packages/init-stack/src/index.ts` |
</details>
<!-- RECURSEML_SUMMARY:END -->
<!-- RECURSEML_ANALYSIS:START -->
## Review by RecurseML
_🔍 Review performed on
[bba4db2..974e4fd](bba4db2ab0...974e4fda92)_
✨ No bugs found, your code is sparkling clean
<details>
<summary>✅ Files analyzed, no issues (1)</summary>
• `packages/init-stack/src/index.ts`
</details>
[](https://discord.gg/n3SsVDAW6U)
<!-- RECURSEML_ANALYSIS:END -->
<!-- ELLIPSIS_HIDDEN -->
----
> [!IMPORTANT]
> Adds non-interactive and React project initialization options to Stack
Auth setup script, updates tests and documentation.
>
> - **Behavior**:
> - Adds `--agent-mode` option in `index.ts` for non-interactive CLI
runs.
> - Adds `--react` option in `index.ts` for React project
initialization.
> - Updates `writeReactClientFile()` in `index.ts` to handle
React-specific setup.
> - **Scripts**:
> - Updates `package.json` to include `test-run-react` and
`test-run-react:manual` scripts.
> - Modifies existing test scripts in `package.json` to use
`--agent-mode`.
> - **Documentation**:
> - Updates `setup.mdx` to include React setup instructions and
wizard/manual tabs.
> - **Misc**:
> - Removes `STACK_DISABLE_INTERACTIVE` checks in `index.ts`.
> - Updates error handling and logging in `index.ts`.
>
> <sup>This description was created by </sup>[<img alt="Ellipsis"
src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup>
for f63a2a57ef. You can
[customize](https://app.ellipsis.dev/stack-auth/settings/summaries) this
summary. It will automatically update as commits are pushed.</sup>
----
<!-- ELLIPSIS_HIDDEN -->
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
- New Features
- First-class React project initialization (--react) with automatic
React client scaffolding.
- Added --agent-mode for fully non-interactive CLI runs and consistent
--no-browser behavior.
- Public env var for local React package override
(STACK_REACT_INSTALL_PACKAGE_NAME_OVERRIDE).
- Chores
- Standardized non-interactive flows across scripts (removed legacy
interactive gating).
- Tests
- Updated test scaffolding and run commands to use agent-mode and
browser-free execution.
- Documentation
- Converted setup docs to a wizard-style experience with consolidated
wizard/manual tabs.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
<!--
Make sure you've read the CONTRIBUTING.md guidelines:
https://github.com/stack-auth/stack-auth/blob/dev/CONTRIBUTING.md
-->
<img width="928" height="173" alt="image"
src="https://github.com/user-attachments/assets/bd277770-c200-42a6-8ed5-752becfbb178"
/>
<!-- ELLIPSIS_HIDDEN -->
----
> [!IMPORTANT]
> Fixes unclickable links in tabbed content by updating CSS and improves
readability in `production.mdx`.
>
> - **Behavior**:
> - Fixes unclickable links in `TabsContent` by adding
`before:pointer-events-none` to CSS in `tabs.tsx`.
> - **Documentation**:
> - Reformats callback URL sections in `production.mdx` for better
readability by adding line breaks and code blocks.
>
> <sup>This description was created by </sup>[<img alt="Ellipsis"
src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup>
for b4dba1dcbc. You can
[customize](https://app.ellipsis.dev/stack-auth/settings/summaries) this
summary. It will automatically update as commits are pushed.</sup>
<!-- ELLIPSIS_HIDDEN -->
<!-- RECURSEML_SUMMARY:START -->
## Review by RecurseML
_🔍 Review performed on
[9318e2b..b4dba1d](9318e2b6ce...b4dba1dcbc)_
✨ No bugs found, your code is sparkling clean
<details>
<summary>✅ Files analyzed, no issues (1)</summary>
• `docs/src/components/ui/tabs.tsx`
</details>
<details>
<summary>⏭️ Files skipped (trigger manually) (1)</summary>
| Locations | Trigger Analysis |
|-----------|------------------|
`docs/templates/getting-started/production.mdx` |
[
</details>
[](https://discord.gg/n3SsVDAW6U)
<!-- RECURSEML_SUMMARY:END -->
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* Bug Fixes
* Fixed an overlay issue in Tabs that blocked interactions, ensuring tab
content is clickable and responsive.
* Documentation
* Reformatted OAuth Callback URLs into clear code blocks across all
provider tabs (Google, GitHub, Facebook, Microsoft, Spotify, GitLab,
Bitbucket, LinkedIn, X).
* Updated select provider links for accuracy (including Google anchor
and GitHub canonical path).
* Improved readability and consistency of setup instructions without
changing behavior.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
---------
Co-authored-by: Konsti Wohlwend <n2d4xc@gmail.com>
<!--
Make sure you've read the CONTRIBUTING.md guidelines:
https://github.com/stack-auth/stack-auth/blob/dev/CONTRIBUTING.md
-->
<img width="228" height="304" alt="image"
src="https://github.com/user-attachments/assets/637ce1bb-6aa2-4948-806f-348966d6486d"
/>
<!-- ELLIPSIS_HIDDEN -->
----
> [!IMPORTANT]
> Update badge styling and colors in `api-sidebar.tsx` to match enhanced
API page.
>
> - **Styling Updates**:
> - Update `METHOD_COLORS` in `api-sidebar.tsx` to match
`enhanced-api-page.tsx` colors.
> - Change `HttpMethodBadge` component styles to use gradient
backgrounds and shadows.
> - **Misc**:
> - Update `EVENT` badge styling in `ApiSidebarContent` to use gradient
and shadow.
>
> <sup>This description was created by </sup>[<img alt="Ellipsis"
src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup>
for 55813428f8. You can
[customize](https://app.ellipsis.dev/stack-auth/settings/summaries) this
summary. It will automatically update as commits are pushed.</sup>
<!-- ELLIPSIS_HIDDEN -->
<!-- RECURSEML_SUMMARY:START -->
## Review by RecurseML
_🔍 Review performed on
[9318e2b..5581342](9318e2b6ce...55813428f8)_
✨ No bugs found, your code is sparkling clean
<details>
<summary>✅ Files analyzed, no issues (1)</summary>
• `docs/src/components/layouts/api/api-sidebar.tsx`
</details>
[](https://discord.gg/n3SsVDAW6U)
<!-- RECURSEML_SUMMARY:END -->
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
- New Features
- Distinct visual treatment for PATCH vs. PUT methods.
- Style
- Updated HTTP method color palette to align with the enhanced API page.
- Introduced gradient badges for methods and events with consistent
mono/bold typography.
- Per-method colored dots in the sidebar; graceful fallback for unknown
methods.
- Refined spacing and text sizing for improved readability.
- Refactor
- Consolidated method-to-color logic for consistent styling across
collapsed and expanded views.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
Co-authored-by: Konsti Wohlwend <n2d4xc@gmail.com>
<!--
Make sure you've read the CONTRIBUTING.md guidelines:
https://github.com/stack-auth/stack-auth/blob/dev/CONTRIBUTING.md
-->
Hides featurebase posts in feedback board that are marked as merged into
another post, or status completed.
<!-- ELLIPSIS_HIDDEN -->
----
> [!IMPORTANT]
> Filters out merged/completed feature requests in `GET` handler of
`route.tsx`, processing upvote status only for active requests.
>
> - **Behavior**:
> - Filters out feature requests marked as merged or completed in `GET`
handler in `route.tsx`.
> - Processes upvote status only for active feature requests, preventing
misleading indicators.
> - **Error Handling**:
> - Improved handling of missing status data to prevent display
inconsistencies.
>
> <sup>This description was created by </sup>[<img alt="Ellipsis"
src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup>
for f6a4256d99. You can
[customize](https://app.ellipsis.dev/stack-auth/settings/summaries) this
summary. It will automatically update as commits are pushed.</sup>
----
<!-- ELLIPSIS_HIDDEN -->
<!-- RECURSEML_SUMMARY:START -->
## Review by RecurseML
_🔍 Review performed on
[9318e2b..0c077ce](9318e2b6ce...0c077cec51)_
✨ No bugs found, your code is sparkling clean
<details>
<summary>✅ Files analyzed, no issues (1)</summary>
• `apps/backend/src/app/api/latest/internal/feature-requests/route.tsx`
</details>
[](https://discord.gg/n3SsVDAW6U)
<!-- RECURSEML_SUMMARY:END -->
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Bug Fixes**
* Only active feature requests are returned; items that were completed
or merged are now excluded from the listing.
* Upvote status is computed only for active requests, preventing upvote
indicators on completed or merged items.
* Improved handling of missing status information so listings and upvote
displays remain consistent and avoid errors.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
---------
Co-authored-by: Konsti Wohlwend <n2d4xc@gmail.com>
<!--
Make sure you've read the CONTRIBUTING.md guidelines:
https://github.com/stack-auth/stack-auth/blob/dev/CONTRIBUTING.md
-->
<!-- ELLIPSIS_HIDDEN -->
----
> [!IMPORTANT]
> Add support for one-time payments alongside subscriptions, including
database, API, and test updates.
>
> - **Behavior**:
> - Support for one-time purchases added alongside subscriptions.
> - Purchase sessions now accept a quantity parameter for both normal
and test-mode flows.
> - Dashboard checkout auto-selects payment or subscription mode based
on price.
> - **Database**:
> - New `OneTimePurchase` table created in `migration.sql`.
> - `PurchaseCreationSource` enum replaces `SubscriptionCreationSource`
in `schema.prisma`.
> - **API**:
> - `processStripeWebhookEvent()` in `route.tsx` handles one-time
purchase webhooks.
> - `purchase-session/route.tsx` and
`test-mode-purchase-session/route.tsx` updated for one-time purchases.
> - **Tests**:
> - E2E tests added for one-time payments, stackability, and webhook
handling in `purchase-session.test.ts` and `stripe-webhooks.test.ts`.
>
> <sup>This description was created by </sup>[<img alt="Ellipsis"
src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup>
for 726ebe2328. You can
[customize](https://app.ellipsis.dev/stack-auth/settings/summaries) this
summary. It will automatically update as commits are pushed.</sup>
----
<!-- ELLIPSIS_HIDDEN -->
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* One-time purchases persisted and supported end-to-end; purchase
sessions accept quantity (default 1). Dashboard checkout auto-selects
payment vs subscription mode.
* **Bug Fixes**
* Centralized Stripe webhook handling with deduplication for retried
payment intents. Improved conflict resolution when switching offers
within groups; add-on and group rules enforced.
* **Tests**
* Expanded E2E and unit tests covering one-time flows, stackability,
test-mode paths, and webhook scenarios.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
---------
Co-authored-by: Konstantin Wohlwend <n2d4xc@gmail.com>
<!--
Make sure you've read the CONTRIBUTING.md guidelines:
https://github.com/stack-auth/stack-auth/blob/dev/CONTRIBUTING.md
-->
<!-- RECURSEML_SUMMARY:START -->
## High-level PR Summary
This PR improves email testing in the end-to-end test suite by adding a
new `waitForMessagesWithSubject` helper method to the `Mailbox` class.
This method replaces the previous pattern of using arbitrary wait times
(e.g., `wait(2000)`) followed by fetching and finding messages, which
could lead to flaky tests. The new approach implements a polling
mechanism that waits until messages with the specified subject appear,
with a reasonable timeout. The PR updates all email-related tests to use
this new helper method, making the tests more reliable and less
dependent on timing assumptions.
⏱️ Estimated Review Time: 0h 15m
<details>
<summary>💡 Review Order Suggestion</summary>
| Order | File Path |
|-------|-----------|
| 1 | `apps/e2e/tests/helpers.ts` |
| 2 | `apps/e2e/tests/backend/endpoints/api/v1/send-email.test.ts` |
| 3 | `apps/e2e/tests/backend/endpoints/api/v1/unsubscribe-link.test.ts`
|
</details>
<!-- RECURSEML_SUMMARY:END -->
<!-- ELLIPSIS_HIDDEN -->
----
> [!IMPORTANT]
> Improves email test reliability by adding `waitForMessagesWithSubject`
in `Mailbox` and updating tests to use it.
>
> - **Behavior**:
> - Introduces `waitForMessagesWithSubject` in `Mailbox` class in
`helpers.ts` to replace arbitrary wait times with a polling mechanism.
> - Updates email-related tests in `send-email.test.ts` and
`unsubscribe-link.test.ts` to use `waitForMessagesWithSubject` for more
reliable email verification.
> - **Tests**:
> - Replaces `wait()` calls with `waitForMessagesWithSubject()` in
`send-email.test.ts` and `unsubscribe-link.test.ts`.
> - Ensures emails are verified by subject, reducing flakiness in tests.
> - **Misc**:
> - Minor refactoring in `helpers.ts` to support new functionality.
>
> <sup>This description was created by </sup>[<img alt="Ellipsis"
src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup>
for 90b7bdad01. You can
[customize](https://app.ellipsis.dev/stack-auth/settings/summaries) this
summary. It will automatically update as commits are pushed.</sup>
----
<!-- ELLIPSIS_HIDDEN -->
<!-- RECURSEML_ANALYSIS:START -->
## Review by RecurseML
_🔍 Review performed on
[d14317c..f42dfc5](d14317c787...f42dfc5351)_
| Severity | Location | Issue | Action |
|----------|----------|-------|--------|
|  |
[apps/e2e/tests/helpers.ts:235](https://github.com/stack-auth/stack-auth/pull/893#discussion_r2342704515)
| Async function call not wrapped with runAsynchronously |
[
|
<details>
<summary>✅ Files analyzed, no issues (2)</summary>
• `apps/e2e/tests/backend/endpoints/api/v1/send-email.test.ts`
• `apps/e2e/tests/backend/endpoints/api/v1/unsubscribe-link.test.ts`
</details>
[](https://discord.gg/n3SsVDAW6U)
<!-- RECURSEML_ANALYSIS:END -->
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Tests**
* More reliable email end-to-end tests by waiting for messages by
subject instead of fixed delays and manual polling.
* Multi-recipient scenarios now independently confirm delivery for each
user.
* Switched to snapshot-style assertions capturing full message metadata
for clearer, more stable verification.
* Unsubscribe email tests now wait deterministically for delivery before
validating links.
* **Chores**
* Mailbox handling improved to reduce flakiness and repeated network
calls.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
<!--
Make sure you've read the CONTRIBUTING.md guidelines:
https://github.com/stack-auth/stack-auth/blob/dev/CONTRIBUTING.md
-->
<!-- ELLIPSIS_HIDDEN -->
----
> [!IMPORTANT]
> Implement batch email rendering and sending with enhanced processing
and error handling.
>
> - **Behavior**:
> - Implement batch email rendering and sending in `route.tsx` using
`renderEmailsWithTemplateBatched()` and `sendEmailResendBatched()`.
> - Add per-recipient notification category resolution and unsubscribe
link generation.
> - Support templates from IDs, raw HTML, or drafts with dynamic theme
handling.
> - Enhanced result reporting, including users without primary emails.
> - **Functions**:
> - Add `renderEmailsWithTemplateBatched()` in `email-rendering.tsx` for
batch email rendering.
> - Add `sendEmailResendBatched()` in `emails.tsx` for batch email
sending.
> - Add `getChunks()` in `arrays.tsx` to split arrays into chunks.
> - **Tests**:
> - Add timed waits in `send-email.test.ts` and
`unsubscribe-link.test.ts` to stabilize email delivery checks.
> - **Dependencies**:
> - Add `@react-email/render` and `resend` to `package.json` for email
rendering and sending.
>
> <sup>This description was created by </sup>[<img alt="Ellipsis"
src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup>
for ff1dea6c31. You can
[customize](https://app.ellipsis.dev/stack-auth/settings/summaries) this
summary. It will automatically update as commits are pushed.</sup>
----
<!-- ELLIPSIS_HIDDEN -->
<!-- RECURSEML_SUMMARY:START -->
## Review by RecurseML
_🔍 Review performed on
[3c34140..1267879](3c34140aba...1267879cfd)_
| Severity | Location | Issue |
|----------|----------|-------|
|  |
[apps/e2e/tests/backend/endpoints/api/v1/send-email.test.ts:593](https://github.com/stack-auth/stack-auth/pull/875#discussion_r2317293698)
| Asynchronous wait function not wrapped with runAsynchronously |
|  |
[apps/e2e/tests/backend/endpoints/api/v1/send-email.test.ts:743](https://github.com/stack-auth/stack-auth/pull/875#discussion_r2317293796)
| Asynchronous wait function not wrapped with runAsynchronously |
<details>
<summary>✅ Files analyzed, no issues (4)</summary>
• `apps/backend/src/app/api/latest/emails/send-email/route.tsx`
• `apps/backend/src/lib/email-rendering.tsx`
• `apps/backend/src/lib/emails.tsx`
• `packages/stack-shared/src/utils/arrays.tsx`
</details>
<details>
<summary>⏭️ Files skipped (low suspicion) (2)</summary>
• `apps/backend/package.json`
• `pnpm-lock.yaml`
</details>
[](https://discord.gg/n3SsVDAW6U)
<!-- RECURSEML_SUMMARY:END -->
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
- New Features
- Batch email rendering and sending to multiple recipients with
background processing.
- Per-recipient notification category resolution and unsubscribe link
generation.
- Support for templates from IDs, raw HTML, or drafts with dynamic theme
handling.
- Enhanced result reporting, including users without primary emails.
- Chores
- Added dependencies for email rendering and bulk sending.
- Tests
- Stabilized email delivery checks with timed waits across relevant e2e
tests.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
---------
Co-authored-by: Konsti Wohlwend <n2d4xc@gmail.com>
https://www.loom.com/share/11affd2a119549c18a4056ad5db34cb6?sid=c86dd093-b8ca-4600-afb1-dda78e40b6a5
<!--
Make sure you've read the CONTRIBUTING.md guidelines:
https://github.com/stack-auth/stack-auth/blob/dev/CONTRIBUTING.md
-->
<!-- ELLIPSIS_HIDDEN -->
----
> [!IMPORTANT]
> Adds support for 'resend' email provider, updating configurations,
schemas, and UI components to handle the new provider.
>
> - **Behavior**:
> - Adds support for 'resend' email provider in
`createOrUpdateProjectWithLegacyConfig()` in `projects.tsx`.
> - Updates `PageClient` in `page-client.tsx` to handle 'resend'
provider in email configuration.
> - Modifies `EditEmailServerDialog` to include 'resend' option and
handle its configuration.
> - **Schema**:
> - Updates `environmentConfigSchema` in `schema.ts` to include 'resend'
as a valid provider.
> - Modifies `AdminEmailConfig` type to include 'resend' in
`project-configs/index.ts`.
> - **UI**:
> - Updates `SendEmailDialog` and `TestSendingDialog` in
`page-client.tsx` to handle 'resend' provider.
> - Adjusts form fields in `EditEmailServerDialog` to support 'resend'
specific fields like API Key.
>
> <sup>This description was created by </sup>[<img alt="Ellipsis"
src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup>
for 615fd72518. You can
[customize](https://app.ellipsis.dev/stack-auth/settings/summaries) this
summary. It will automatically update as commits are pushed.</sup>
<!-- ELLIPSIS_HIDDEN -->
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
- New Features
- Added support for Resend email provider alongside Shared and Custom
SMTP.
- Introduced an in-app test to verify email settings before saving.
- New Shared Email Server dialog with guidance and warnings.
- Improvements
- Streamlined email configuration with a type dropdown and conditional
fields.
- Clearer defaults and display text, including noreply@stackframe.co for
Shared setups.
- Enhanced validation tailored to each email mode.
- Chores
- Updated configuration schema to include a provider field for email
servers.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
---------
Co-authored-by: Konsti Wohlwend <n2d4xc@gmail.com>
<!--
Make sure you've read the CONTRIBUTING.md guidelines:
https://github.com/stack-auth/stack-auth/blob/dev/CONTRIBUTING.md
-->
Adds new team section on user profile pages in the dashboard.
<!-- ELLIPSIS_HIDDEN -->
----
> [!IMPORTANT]
> Adds a new `UserTeamsSection` to display user's teams on the profile
page in `page-client.tsx`.
>
> - **New Features**:
> - Adds `UserTeamsSection` component in `page-client.tsx` to display
user's teams on profile page.
> - Displays a table with Team ID, Display Name, Created At, and an
action to open each team in a new tab.
> - Shows an empty-state card when no teams are found.
> - Integrated the section after the `ContactChannelsSection` on the
user page.
>
> <sup>This description was created by </sup>[<img alt="Ellipsis"
src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup>
for e3080a923c. You can
[customize](https://app.ellipsis.dev/stack-auth/settings/summaries) this
summary. It will automatically update as commits are pushed.</sup>
----
<!-- ELLIPSIS_HIDDEN -->
<!-- RECURSEML_SUMMARY:START -->
## Review by RecurseML
_🔍 Review performed on
[9318e2b..7b9e098](9318e2b6ce...7b9e098b22)_
✨ No bugs found, your code is sparkling clean
<details>
<summary>✅ Files analyzed, no issues (1)</summary>
•
`apps/dashboard/src/app/(main)/(protected)/projects/[projectId]/users/[userId]/page-client.tsx`
</details>
[](https://discord.gg/n3SsVDAW6U)
<!-- RECURSEML_SUMMARY:END -->
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Added a "Teams" section to the user page showing teams the user
belongs to.
* Displays a table with Team ID, Display Name, Created At, and an action
to open each team in a new tab.
* Shows an empty-state card when no teams are found.
* Integrated the section after the Contact Channels area on the user
page.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
---------
Co-authored-by: Konsti Wohlwend <n2d4xc@gmail.com>
