CodeCow/stack
1
0
Fork 0
mirror of https://github.com/stack-auth/stack.git synced 2026-06-21 21:09:49 +08:00
Code Issues Actions 29 Packages Projects Releases Wiki Activity
3,346 Commits 161 Branches 77 Tags 108 MiB
f97d3f5af9
Commit Graph

67 Commits

Author SHA1 Message Date
github-actions[bot]
eabbc05a49 chore: update package versions
Some checks failed
all-good: Did all the other checks pass? / all-good (push) Has been cancelled
Details
Ensure Prisma migrations are in sync with the schema / check_prisma_migrations (22.x) (push) Has been cancelled
Details
Docker Server Build and Push / Docker Build and Push Server (push) Has been cancelled
Details
Docker Server Build and Run / docker (push) Has been cancelled
Details
Runs E2E API Tests (Local Emulator) / E2E Tests (Local Emulator, Node ${{ matrix.node-version }}) (22.x) (push) Has been cancelled
Details
Runs E2E API Tests / E2E Tests (Node ${{ matrix.node-version }}, Freestyle ${{ matrix.freestyle-mode }}) (mock, 22.x) (push) Has been cancelled
Details
Runs E2E API Tests / E2E Tests (Node ${{ matrix.node-version }}, Freestyle ${{ matrix.freestyle-mode }}) (prod, 22.x) (push) Has been cancelled
Details
Runs E2E API Tests with custom port prefix / build (22.x) (push) Has been cancelled
Details
Runs E2E Fallback Tests / E2E Fallback Tests (Node ${{ matrix.node-version }}) (22.x) (push) Has been cancelled
Details
Lint & build / lint_and_build (24) (push) Has been cancelled
Details
Publish npm packages / publish (push) Has been cancelled
Details
Publish Swift SDK to prerelease repo / publish (push) Has been cancelled
Details
TOC Generator / TOC Generator (push) Has been cancelled
Details
2026-06-15 23:49:50 +00:00
github-actions[bot]
47b9a3a431 chore: update package versions 2026-06-15 22:30:42 +00:00
github-actions[bot]
e07c509f81 chore: update package versions 2026-06-15 19:57:58 +00:00
Armaan Jain
3c89bb8c19
Hosted components redesigned (#1573) 
## Summary

Redesigns the hosted components app (`apps/hosted-components`) with a
new Tailwind-based UI: rebuilt auth pages (sign-in, sign-up, magic link,
forgot/reset password, MFA, email verification, team invitation, CLI
auth confirm) and a full hosted Account Settings suite (profile, emails
& auth, notifications, active sessions, API keys, payments, teams),
with dark mode support.

Also fixes found along the way: form error clearing in
forgot-password/password-reset, `runAsynchronouslyWithAlert` for the
notifications switch, a `CopyButton` DOM prop leak, a bogus
mobile-session icon check, and imports the app stylesheet in the root
route so the app's Tailwind styles actually apply.

## Before / after screenshots

Captured on the local dev setup (`internal` project). Onboarding is not
shown since it redirects without standalone UI in this setup.

<details>
<summary><b>Sign in</b></summary>

| | Before | After |
|---|---|---|
| Light | ![sign-in before
light](https://app.devin.ai/api/presigned_proxy?token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJvcmdfaWQiOiJvcmdfaGwzT2d1STVWMXBYcTUwUCIsInVzZXJfaWQiOm51bGwsImJ1Y2tldF9uYW1lIjoiZGV2aW5hdHRhY2htZW50cyIsImJ1Y2tldF9rZXkiOiJhdHRhY2htZW50c19wcml2YXRlL29yZ19obDNPZ3VJNVYxcFhxNTBQL2VmMDljMzE3LTIzN2QtNGYzOC05ZDczLWI5ZmRiMGVmMWZjOSIsImlhdCI6MTc4MTEzNzkxMCwiZXhwIjoxNzgxNzQyNzEwLCJmaWxlbmFtZSI6InNpZ24taW4tYmVmb3JlLWxpZ2h0LnBuZyJ9.IMnk1DN0rLl_iW2Fgy99rVMeazQeii-DUTM0bXQsNfo)
| ![sign-in after
light](https://app.devin.ai/api/presigned_proxy?token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJvcmdfaWQiOiJvcmdfaGwzT2d1STVWMXBYcTUwUCIsInVzZXJfaWQiOm51bGwsImJ1Y2tldF9uYW1lIjoiZGV2aW5hdHRhY2htZW50cyIsImJ1Y2tldF9rZXkiOiJhdHRhY2htZW50c19wcml2YXRlL29yZ19obDNPZ3VJNVYxcFhxNTBQL2FjZDQ4OTJlLTFkM2YtNGM1Ni1iMmYxLTZjNTAwMDBkNzAwYSIsImlhdCI6MTc4MTEzNzkxMCwiZXhwIjoxNzgxNzQyNzEwLCJmaWxlbmFtZSI6InNpZ24taW4tYWZ0ZXItbGlnaHQucG5nIn0.KdtHe6KxQQ3aY-J5Q2tTCDaUQIsJg1WI0J-Knp1zKMg)
|
| Dark | ![sign-in before
dark](https://app.devin.ai/api/presigned_proxy?token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJvcmdfaWQiOiJvcmdfaGwzT2d1STVWMXBYcTUwUCIsInVzZXJfaWQiOm51bGwsImJ1Y2tldF9uYW1lIjoiZGV2aW5hdHRhY2htZW50cyIsImJ1Y2tldF9rZXkiOiJhdHRhY2htZW50c19wcml2YXRlL29yZ19obDNPZ3VJNVYxcFhxNTBQLzZkNTFkY2E5LTUzNTAtNDExMC04ZjYzLTNlZDA3MjUyMTJiMCIsImlhdCI6MTc4MTEzNzkxMCwiZXhwIjoxNzgxNzQyNzEwLCJmaWxlbmFtZSI6InNpZ24taW4tYmVmb3JlLWRhcmsucG5nIn0.SLd1PJv0lj__533lN6YUElnAO5vtKeyokwv4EbngQHw)
| ![sign-in after
dark](https://app.devin.ai/api/presigned_proxy?token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJvcmdfaWQiOiJvcmdfaGwzT2d1STVWMXBYcTUwUCIsInVzZXJfaWQiOm51bGwsImJ1Y2tldF9uYW1lIjoiZGV2aW5hdHRhY2htZW50cyIsImJ1Y2tldF9rZXkiOiJhdHRhY2htZW50c19wcml2YXRlL29yZ19obDNPZ3VJNVYxcFhxNTBQL2E2ODkyZTUzLTU1YmEtNGRkNi1iYzQ4LTgzMmI0YzVmZDk2MyIsImlhdCI6MTc4MTEzNzkxMCwiZXhwIjoxNzgxNzQyNzEwLCJmaWxlbmFtZSI6InNpZ24taW4tYWZ0ZXItZGFyay5wbmcifQ.7MA8WAeZI6pgErTZ52wvkNvRBMhJUKf0SFoIenWLSLk)
|

</details>

<details>
<summary><b>Sign up</b></summary>

| | Before | After |
|---|---|---|
| Light | ![sign-up before
light](https://app.devin.ai/api/presigned_proxy?token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJvcmdfaWQiOiJvcmdfaGwzT2d1STVWMXBYcTUwUCIsInVzZXJfaWQiOm51bGwsImJ1Y2tldF9uYW1lIjoiZGV2aW5hdHRhY2htZW50cyIsImJ1Y2tldF9rZXkiOiJhdHRhY2htZW50c19wcml2YXRlL29yZ19obDNPZ3VJNVYxcFhxNTBQLzlhMGU4YTYwLWNkNDAtNDAwZi1hNjAxLTZlOTBhMzc4ODAzNyIsImlhdCI6MTc4MTEzNzkxMSwiZXhwIjoxNzgxNzQyNzExLCJmaWxlbmFtZSI6InNpZ24tdXAtYmVmb3JlLWxpZ2h0LnBuZyJ9._LcowDPO6d2FrWOBIAtSMha2QnoyV1pAp6O58ufrJ_M)
| ![sign-up after
light](https://app.devin.ai/api/presigned_proxy?token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJvcmdfaWQiOiJvcmdfaGwzT2d1STVWMXBYcTUwUCIsInVzZXJfaWQiOm51bGwsImJ1Y2tldF9uYW1lIjoiZGV2aW5hdHRhY2htZW50cyIsImJ1Y2tldF9rZXkiOiJhdHRhY2htZW50c19wcml2YXRlL29yZ19obDNPZ3VJNVYxcFhxNTBQLzgzNjMyZmZkLTg5ZWUtNDU2Yy05YjMzLWZjYTc3NThhZDM3MSIsImlhdCI6MTc4MTEzNzkxMSwiZXhwIjoxNzgxNzQyNzExLCJmaWxlbmFtZSI6InNpZ24tdXAtYWZ0ZXItbGlnaHQucG5nIn0.Tpa1eJ_I09lRhEfG1-kbZIGHenGKTo6vomTKsbjSRwg)
|
| Dark | ![sign-up before
dark](https://app.devin.ai/api/presigned_proxy?token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJvcmdfaWQiOiJvcmdfaGwzT2d1STVWMXBYcTUwUCIsInVzZXJfaWQiOm51bGwsImJ1Y2tldF9uYW1lIjoiZGV2aW5hdHRhY2htZW50cyIsImJ1Y2tldF9rZXkiOiJhdHRhY2htZW50c19wcml2YXRlL29yZ19obDNPZ3VJNVYxcFhxNTBQLzkyYzc3ODYzLWNmOTItNDNiZC1hZjNkLWE5ZDYyYzMyYTAxYiIsImlhdCI6MTc4MTEzNzkxMSwiZXhwIjoxNzgxNzQyNzExLCJmaWxlbmFtZSI6InNpZ24tdXAtYmVmb3JlLWRhcmsucG5nIn0.QYYKXyNHQr83EFIHcttgweFWrPe_9BeEuNtlnJLlgYU)
| ![sign-up after
dark](https://app.devin.ai/api/presigned_proxy?token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJvcmdfaWQiOiJvcmdfaGwzT2d1STVWMXBYcTUwUCIsInVzZXJfaWQiOm51bGwsImJ1Y2tldF9uYW1lIjoiZGV2aW5hdHRhY2htZW50cyIsImJ1Y2tldF9rZXkiOiJhdHRhY2htZW50c19wcml2YXRlL29yZ19obDNPZ3VJNVYxcFhxNTBQL2UyY2U3ZTI5LTRlOGQtNGI0Mi1iYjI2LTllNDU2MjA3NGU2ZCIsImlhdCI6MTc4MTEzNzkxMSwiZXhwIjoxNzgxNzQyNzExLCJmaWxlbmFtZSI6InNpZ24tdXAtYWZ0ZXItZGFyay5wbmcifQ.rO5HQURSI1MWI5gDYqQj40gNR4UXCajbzw3K8ns6S6o)
|

</details>

<details>
<summary><b>Forgot password</b></summary>

| | Before | After |
|---|---|---|
| Light | ![forgot-password before
light](https://app.devin.ai/api/presigned_proxy?token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJvcmdfaWQiOiJvcmdfaGwzT2d1STVWMXBYcTUwUCIsInVzZXJfaWQiOm51bGwsImJ1Y2tldF9uYW1lIjoiZGV2aW5hdHRhY2htZW50cyIsImJ1Y2tldF9rZXkiOiJhdHRhY2htZW50c19wcml2YXRlL29yZ19obDNPZ3VJNVYxcFhxNTBQLzdkZmM5MjkwLWU1MDgtNGMyOS04MWRlLTRiY2RiMTY2M2EyYiIsImlhdCI6MTc4MTEzNzkxMSwiZXhwIjoxNzgxNzQyNzExLCJmaWxlbmFtZSI6ImZvcmdvdC1wYXNzd29yZC1iZWZvcmUtbGlnaHQucG5nIn0.DYyid0bzNTRW6RTdXJlP9Wfxuc_cR9BTlC0iFK5aitA)
| ![forgot-password after
light](https://app.devin.ai/api/presigned_proxy?token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJvcmdfaWQiOiJvcmdfaGwzT2d1STVWMXBYcTUwUCIsInVzZXJfaWQiOm51bGwsImJ1Y2tldF9uYW1lIjoiZGV2aW5hdHRhY2htZW50cyIsImJ1Y2tldF9rZXkiOiJhdHRhY2htZW50c19wcml2YXRlL29yZ19obDNPZ3VJNVYxcFhxNTBQLzQyYTQzZWMxLTVhYWMtNDQ5ZS04YzgyLWE2M2UwYjk4MjVhYSIsImlhdCI6MTc4MTEzNzkxMSwiZXhwIjoxNzgxNzQyNzExLCJmaWxlbmFtZSI6ImZvcmdvdC1wYXNzd29yZC1hZnRlci1saWdodC5wbmcifQ.ZwFKelHXn-8wq_uY5nrpIg811b_plgXgA0BdBJifUSs)
|
| Dark | ![forgot-password before
dark](https://app.devin.ai/api/presigned_proxy?token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJvcmdfaWQiOiJvcmdfaGwzT2d1STVWMXBYcTUwUCIsInVzZXJfaWQiOm51bGwsImJ1Y2tldF9uYW1lIjoiZGV2aW5hdHRhY2htZW50cyIsImJ1Y2tldF9rZXkiOiJhdHRhY2htZW50c19wcml2YXRlL29yZ19obDNPZ3VJNVYxcFhxNTBQLzU5MDY3ZDkzLWJjMjEtNDZhYy1hZDkzLTNjYzQyNGFhMDI2MiIsImlhdCI6MTc4MTEzNzkxMSwiZXhwIjoxNzgxNzQyNzExLCJmaWxlbmFtZSI6ImZvcmdvdC1wYXNzd29yZC1iZWZvcmUtZGFyay5wbmcifQ.lOHX4XqjhCExM7dL86O4BngKiSXYNaAvC0LH-AXHhlg)
| ![forgot-password after
dark](https://app.devin.ai/api/presigned_proxy?token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJvcmdfaWQiOiJvcmdfaGwzT2d1STVWMXBYcTUwUCIsInVzZXJfaWQiOm51bGwsImJ1Y2tldF9uYW1lIjoiZGV2aW5hdHRhY2htZW50cyIsImJ1Y2tldF9rZXkiOiJhdHRhY2htZW50c19wcml2YXRlL29yZ19obDNPZ3VJNVYxcFhxNTBQLzkxYTBkODk5LTk2OWUtNGU2Ni04ODE1LWU4NDA1ODhlYmQzNyIsImlhdCI6MTc4MTEzNzkxMSwiZXhwIjoxNzgxNzQyNzExLCJmaWxlbmFtZSI6ImZvcmdvdC1wYXNzd29yZC1hZnRlci1kYXJrLnBuZyJ9.hvhoTYUq_cx3y9BrI03kyqA28MkXE46mv-hxSpeDuOg)
|

</details>

<details>
<summary><b>Password reset</b></summary>

| | Before | After |
|---|---|---|
| Light | ![password-reset before
light](https://app.devin.ai/api/presigned_proxy?token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJvcmdfaWQiOiJvcmdfaGwzT2d1STVWMXBYcTUwUCIsInVzZXJfaWQiOm51bGwsImJ1Y2tldF9uYW1lIjoiZGV2aW5hdHRhY2htZW50cyIsImJ1Y2tldF9rZXkiOiJhdHRhY2htZW50c19wcml2YXRlL29yZ19obDNPZ3VJNVYxcFhxNTBQL2Q1MDk3ZGUzLTM5MGItNDMwNS1hM2YzLTgzMDU2Yzg4NDNlZiIsImlhdCI6MTc4MTEzNzkxMSwiZXhwIjoxNzgxNzQyNzExLCJmaWxlbmFtZSI6InBhc3N3b3JkLXJlc2V0LWJlZm9yZS1saWdodC5wbmcifQ.PX_M155ZtvVqq7lVyL7LidY1GAoZkOd-6u508R0xvqU)
| ![password-reset after
light](https://app.devin.ai/api/presigned_proxy?token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJvcmdfaWQiOiJvcmdfaGwzT2d1STVWMXBYcTUwUCIsInVzZXJfaWQiOm51bGwsImJ1Y2tldF9uYW1lIjoiZGV2aW5hdHRhY2htZW50cyIsImJ1Y2tldF9rZXkiOiJhdHRhY2htZW50c19wcml2YXRlL29yZ19obDNPZ3VJNVYxcFhxNTBQLzZhOWU5YTE2LTFlODEtNDRjZC1hNDY5LTc3NTg4ZGM0MDlmNCIsImlhdCI6MTc4MTEzNzkxMSwiZXhwIjoxNzgxNzQyNzExLCJmaWxlbmFtZSI6InBhc3N3b3JkLXJlc2V0LWFmdGVyLWxpZ2h0LnBuZyJ9.Pg7t4tmTGIs5sZLnR69460qpaAajpfUnp7IyrxYS7TI)
|
| Dark | ![password-reset before
dark](https://app.devin.ai/api/presigned_proxy?token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJvcmdfaWQiOiJvcmdfaGwzT2d1STVWMXBYcTUwUCIsInVzZXJfaWQiOm51bGwsImJ1Y2tldF9uYW1lIjoiZGV2aW5hdHRhY2htZW50cyIsImJ1Y2tldF9rZXkiOiJhdHRhY2htZW50c19wcml2YXRlL29yZ19obDNPZ3VJNVYxcFhxNTBQLzFiODMwYjQwLTZkMjEtNDdkYy1iNmIzLWE4YmU5MmE5NmYxMyIsImlhdCI6MTc4MTEzNzkxMSwiZXhwIjoxNzgxNzQyNzExLCJmaWxlbmFtZSI6InBhc3N3b3JkLXJlc2V0LWJlZm9yZS1kYXJrLnBuZyJ9.DHpL8T-8OCF3UY9GObvqXPIqtShwSftgtjopKGzulww)
| ![password-reset after
dark](https://app.devin.ai/api/presigned_proxy?token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJvcmdfaWQiOiJvcmdfaGwzT2d1STVWMXBYcTUwUCIsInVzZXJfaWQiOm51bGwsImJ1Y2tldF9uYW1lIjoiZGV2aW5hdHRhY2htZW50cyIsImJ1Y2tldF9rZXkiOiJhdHRhY2htZW50c19wcml2YXRlL29yZ19obDNPZ3VJNVYxcFhxNTBQLzU4MTI3Y2ZkLTc3MGYtNGQzNS1hZTQ0LTEwMWVkYWVjNjM2NyIsImlhdCI6MTc4MTEzNzkxMiwiZXhwIjoxNzgxNzQyNzEyLCJmaWxlbmFtZSI6InBhc3N3b3JkLXJlc2V0LWFmdGVyLWRhcmsucG5nIn0.USTT-ErYoVs_ua7y6i6YyvMZD3r-WI3Ag1OPxXfijHM)
|

</details>

<details>
<summary><b>Email verification</b></summary>

| | Before | After |
|---|---|---|
| Light | ![email-verification before
light](https://app.devin.ai/api/presigned_proxy?token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJvcmdfaWQiOiJvcmdfaGwzT2d1STVWMXBYcTUwUCIsInVzZXJfaWQiOm51bGwsImJ1Y2tldF9uYW1lIjoiZGV2aW5hdHRhY2htZW50cyIsImJ1Y2tldF9rZXkiOiJhdHRhY2htZW50c19wcml2YXRlL29yZ19obDNPZ3VJNVYxcFhxNTBQLzczMDlhNDM0LTZjZDItNGI0OS1hYTQ5LTM4NmY1YWZjZDMxOCIsImlhdCI6MTc4MTEzNzkxMiwiZXhwIjoxNzgxNzQyNzEyLCJmaWxlbmFtZSI6ImVtYWlsLXZlcmlmaWNhdGlvbi1iZWZvcmUtbGlnaHQucG5nIn0.kcRSuETM4LLSH0RWJWbXmA8_5tFstGTcIZqwudyWvQs)
| ![email-verification after
light](https://app.devin.ai/api/presigned_proxy?token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJvcmdfaWQiOiJvcmdfaGwzT2d1STVWMXBYcTUwUCIsInVzZXJfaWQiOm51bGwsImJ1Y2tldF9uYW1lIjoiZGV2aW5hdHRhY2htZW50cyIsImJ1Y2tldF9rZXkiOiJhdHRhY2htZW50c19wcml2YXRlL29yZ19obDNPZ3VJNVYxcFhxNTBQLzhkMTdlMjNjLTkzNTItNGJiOS1iODMxLWM2ZDhmMzUxNDMwMiIsImlhdCI6MTc4MTEzNzkxMiwiZXhwIjoxNzgxNzQyNzEyLCJmaWxlbmFtZSI6ImVtYWlsLXZlcmlmaWNhdGlvbi1hZnRlci1saWdodC5wbmcifQ.WeUG_VTG4P2fsMNwXPrXn1VdNCAJfA-kM92mix2F8M0)
|
| Dark | ![email-verification before
dark](https://app.devin.ai/api/presigned_proxy?token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJvcmdfaWQiOiJvcmdfaGwzT2d1STVWMXBYcTUwUCIsInVzZXJfaWQiOm51bGwsImJ1Y2tldF9uYW1lIjoiZGV2aW5hdHRhY2htZW50cyIsImJ1Y2tldF9rZXkiOiJhdHRhY2htZW50c19wcml2YXRlL29yZ19obDNPZ3VJNVYxcFhxNTBQL2M2YWQzODAzLTgzMTUtNGE0NS05MzAxLWI2N2JkYzAwMmQ1NSIsImlhdCI6MTc4MTEzNzkxMiwiZXhwIjoxNzgxNzQyNzEyLCJmaWxlbmFtZSI6ImVtYWlsLXZlcmlmaWNhdGlvbi1iZWZvcmUtZGFyay5wbmcifQ.Xouj4wlz7IvNPPSb-c6owaC0orbtDG3N4lOe0899qZI)
| ![email-verification after
dark](https://app.devin.ai/api/presigned_proxy?token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJvcmdfaWQiOiJvcmdfaGwzT2d1STVWMXBYcTUwUCIsInVzZXJfaWQiOm51bGwsImJ1Y2tldF9uYW1lIjoiZGV2aW5hdHRhY2htZW50cyIsImJ1Y2tldF9rZXkiOiJhdHRhY2htZW50c19wcml2YXRlL29yZ19obDNPZ3VJNVYxcFhxNTBQLzI3OTIzYWM0LTMxMDAtNDEzYi05OTNkLWZmN2IwMGI5ZDliYyIsImlhdCI6MTc4MTEzNzkxMiwiZXhwIjoxNzgxNzQyNzEyLCJmaWxlbmFtZSI6ImVtYWlsLXZlcmlmaWNhdGlvbi1hZnRlci1kYXJrLnBuZyJ9.c9B6VWiHpZ2odb13_td4jc6lnXXvsjx9J3e4dqIwtkI)
|

</details>

<details>
<summary><b>MFA</b></summary>

| | Before | After |
|---|---|---|
| Light | ![mfa before
light](https://app.devin.ai/api/presigned_proxy?token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJvcmdfaWQiOiJvcmdfaGwzT2d1STVWMXBYcTUwUCIsInVzZXJfaWQiOm51bGwsImJ1Y2tldF9uYW1lIjoiZGV2aW5hdHRhY2htZW50cyIsImJ1Y2tldF9rZXkiOiJhdHRhY2htZW50c19wcml2YXRlL29yZ19obDNPZ3VJNVYxcFhxNTBQLzIxY2Q2NjUzLTgwM2EtNDJmMi1hN2M3LWIyOGEwYWU4NTY2YyIsImlhdCI6MTc4MTEzNzkxMiwiZXhwIjoxNzgxNzQyNzEyLCJmaWxlbmFtZSI6Im1mYS1iZWZvcmUtbGlnaHQucG5nIn0.5IumrPBua_uTQq5gtUozGDkxuEM1dHjPV9mBUoWYKaM)
| ![mfa after
light](https://app.devin.ai/api/presigned_proxy?token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJvcmdfaWQiOiJvcmdfaGwzT2d1STVWMXBYcTUwUCIsInVzZXJfaWQiOm51bGwsImJ1Y2tldF9uYW1lIjoiZGV2aW5hdHRhY2htZW50cyIsImJ1Y2tldF9rZXkiOiJhdHRhY2htZW50c19wcml2YXRlL29yZ19obDNPZ3VJNVYxcFhxNTBQL2Y4NWJkMzc1LWQ5NjEtNDBjOS04NzZmLTNlZmUxMWQ5YjdiOSIsImlhdCI6MTc4MTEzNzkxMiwiZXhwIjoxNzgxNzQyNzEyLCJmaWxlbmFtZSI6Im1mYS1hZnRlci1saWdodC5wbmcifQ.2yPq0cX2FkFgwAWm7iJ7PragpDSCEIITLcHceTKCriY)
|
| Dark | ![mfa before
dark](https://app.devin.ai/api/presigned_proxy?token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJvcmdfaWQiOiJvcmdfaGwzT2d1STVWMXBYcTUwUCIsInVzZXJfaWQiOm51bGwsImJ1Y2tldF9uYW1lIjoiZGV2aW5hdHRhY2htZW50cyIsImJ1Y2tldF9rZXkiOiJhdHRhY2htZW50c19wcml2YXRlL29yZ19obDNPZ3VJNVYxcFhxNTBQL2M4NmJmMTI1LWNhNzMtNDEwNi1hOGY2LTVjOTY3OTViZDUwNyIsImlhdCI6MTc4MTEzNzkxMiwiZXhwIjoxNzgxNzQyNzEyLCJmaWxlbmFtZSI6Im1mYS1iZWZvcmUtZGFyay5wbmcifQ.nmbD5lOLRjf-G4cnxByrwpymVNVGEIlVpYkbvSz9nB0)
| ![mfa after
dark](https://app.devin.ai/api/presigned_proxy?token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJvcmdfaWQiOiJvcmdfaGwzT2d1STVWMXBYcTUwUCIsInVzZXJfaWQiOm51bGwsImJ1Y2tldF9uYW1lIjoiZGV2aW5hdHRhY2htZW50cyIsImJ1Y2tldF9rZXkiOiJhdHRhY2htZW50c19wcml2YXRlL29yZ19obDNPZ3VJNVYxcFhxNTBQLzA3MzMwNzIwLTI3YmUtNGRlNy1hMDA1LWJiOGY1NzI3NmY2NSIsImlhdCI6MTc4MTEzNzkxMiwiZXhwIjoxNzgxNzQyNzEyLCJmaWxlbmFtZSI6Im1mYS1hZnRlci1kYXJrLnBuZyJ9.zcxkCgWPnOqqv0v17JqF0eFlkpBMu_skiAq9cQAJNXY)
|

</details>

<details>
<summary><b>Error</b></summary>

| | Before | After |
|---|---|---|
| Light | ![error before
light](https://app.devin.ai/api/presigned_proxy?token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJvcmdfaWQiOiJvcmdfaGwzT2d1STVWMXBYcTUwUCIsInVzZXJfaWQiOm51bGwsImJ1Y2tldF9uYW1lIjoiZGV2aW5hdHRhY2htZW50cyIsImJ1Y2tldF9rZXkiOiJhdHRhY2htZW50c19wcml2YXRlL29yZ19obDNPZ3VJNVYxcFhxNTBQLzAyY2Q5MWUzLWI0YzktNDRmNi1iOWE0LTY4ZmIyMjZhOGYyYSIsImlhdCI6MTc4MTEzNzkxMywiZXhwIjoxNzgxNzQyNzEzLCJmaWxlbmFtZSI6ImVycm9yLWJlZm9yZS1saWdodC5wbmcifQ.qVgMnd8c_VI82JIH9jVednhDKiVNlxv_K60eCb9UbTA)
| ![error after
light](https://app.devin.ai/api/presigned_proxy?token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJvcmdfaWQiOiJvcmdfaGwzT2d1STVWMXBYcTUwUCIsInVzZXJfaWQiOm51bGwsImJ1Y2tldF9uYW1lIjoiZGV2aW5hdHRhY2htZW50cyIsImJ1Y2tldF9rZXkiOiJhdHRhY2htZW50c19wcml2YXRlL29yZ19obDNPZ3VJNVYxcFhxNTBQLzk0MzBlN2U0LWY1YjUtNDA5Ni1iZDRlLWM1YzQ3YTgwZDRjZiIsImlhdCI6MTc4MTEzNzkxMywiZXhwIjoxNzgxNzQyNzEzLCJmaWxlbmFtZSI6ImVycm9yLWFmdGVyLWxpZ2h0LnBuZyJ9.612VxQuYtoittB4t-GJ8SkNaNDu5CqKierhWoJ5uA-o)
|
| Dark | ![error before
dark](https://app.devin.ai/api/presigned_proxy?token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJvcmdfaWQiOiJvcmdfaGwzT2d1STVWMXBYcTUwUCIsInVzZXJfaWQiOm51bGwsImJ1Y2tldF9uYW1lIjoiZGV2aW5hdHRhY2htZW50cyIsImJ1Y2tldF9rZXkiOiJhdHRhY2htZW50c19wcml2YXRlL29yZ19obDNPZ3VJNVYxcFhxNTBQLzBkZDBhYzdkLTc3NzItNDkwNS04MmEwLWUwMmZkYzMzOTg1MyIsImlhdCI6MTc4MTEzNzkxMywiZXhwIjoxNzgxNzQyNzEzLCJmaWxlbmFtZSI6ImVycm9yLWJlZm9yZS1kYXJrLnBuZyJ9.UaM45CkfbiEpCZWHCt3IbgAoN_QcK6tBgPnAH85vb4k)
| ![error after
dark](https://app.devin.ai/api/presigned_proxy?token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJvcmdfaWQiOiJvcmdfaGwzT2d1STVWMXBYcTUwUCIsInVzZXJfaWQiOm51bGwsImJ1Y2tldF9uYW1lIjoiZGV2aW5hdHRhY2htZW50cyIsImJ1Y2tldF9rZXkiOiJhdHRhY2htZW50c19wcml2YXRlL29yZ19obDNPZ3VJNVYxcFhxNTBQL2U5NWMxYzZlLWRkNTUtNDBjMS1hYWMyLTE5MTRmYzdhZDRmZSIsImlhdCI6MTc4MTEzNzkxMywiZXhwIjoxNzgxNzQyNzEzLCJmaWxlbmFtZSI6ImVycm9yLWFmdGVyLWRhcmsucG5nIn0.r3qiOPZKyNgpnDQJMPc6exaxzQnKm8wH3Jg5WcQTRCQ)
|

</details>

<details>
<summary><b>Team invitation</b></summary>

| | Before | After |
|---|---|---|
| Light | ![team-invitation before
light](https://app.devin.ai/api/presigned_proxy?token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJvcmdfaWQiOiJvcmdfaGwzT2d1STVWMXBYcTUwUCIsInVzZXJfaWQiOm51bGwsImJ1Y2tldF9uYW1lIjoiZGV2aW5hdHRhY2htZW50cyIsImJ1Y2tldF9rZXkiOiJhdHRhY2htZW50c19wcml2YXRlL29yZ19obDNPZ3VJNVYxcFhxNTBQL2RkYmQ0YzMzLWFkYTctNGVlOS1iZWI5LTYyYWUxMWNlZDA5MSIsImlhdCI6MTc4MTEzNzkxMywiZXhwIjoxNzgxNzQyNzEzLCJmaWxlbmFtZSI6InRlYW0taW52aXRhdGlvbi1iZWZvcmUtbGlnaHQucG5nIn0.KdNBx7LdUFquws4L8YE5bVsrtNh06hDLPcFqOVz7CD4)
| ![team-invitation after
light](https://app.devin.ai/api/presigned_proxy?token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJvcmdfaWQiOiJvcmdfaGwzT2d1STVWMXBYcTUwUCIsInVzZXJfaWQiOm51bGwsImJ1Y2tldF9uYW1lIjoiZGV2aW5hdHRhY2htZW50cyIsImJ1Y2tldF9rZXkiOiJhdHRhY2htZW50c19wcml2YXRlL29yZ19obDNPZ3VJNVYxcFhxNTBQLzg2N2EwZmE2LWM4YzEtNDhkZi1iMTEwLTBmOGZiZDhiMjdiNyIsImlhdCI6MTc4MTEzNzkxMywiZXhwIjoxNzgxNzQyNzEzLCJmaWxlbmFtZSI6InRlYW0taW52aXRhdGlvbi1hZnRlci1saWdodC5wbmcifQ.HLbHcxwjxObirriFXwTtY6jTiMNhKC6s-IafsG2irHA)
|
| Dark | ![team-invitation before
dark](https://app.devin.ai/api/presigned_proxy?token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJvcmdfaWQiOiJvcmdfaGwzT2d1STVWMXBYcTUwUCIsInVzZXJfaWQiOm51bGwsImJ1Y2tldF9uYW1lIjoiZGV2aW5hdHRhY2htZW50cyIsImJ1Y2tldF9rZXkiOiJhdHRhY2htZW50c19wcml2YXRlL29yZ19obDNPZ3VJNVYxcFhxNTBQLzNiZTAwMTZiLWIwZmQtNGRhMS05NmY1LTliMzIzY2IyNzdkNiIsImlhdCI6MTc4MTEzNzkxMywiZXhwIjoxNzgxNzQyNzEzLCJmaWxlbmFtZSI6InRlYW0taW52aXRhdGlvbi1iZWZvcmUtZGFyay5wbmcifQ.W3Bout2l1fTdbBRKp_ztfUindfR2cZEJ0UTP5kmFPBg)
| ![team-invitation after
dark](https://app.devin.ai/api/presigned_proxy?token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJvcmdfaWQiOiJvcmdfaGwzT2d1STVWMXBYcTUwUCIsInVzZXJfaWQiOm51bGwsImJ1Y2tldF9uYW1lIjoiZGV2aW5hdHRhY2htZW50cyIsImJ1Y2tldF9rZXkiOiJhdHRhY2htZW50c19wcml2YXRlL29yZ19obDNPZ3VJNVYxcFhxNTBQLzhiZTJjODc4LTg0YzMtNDNjYy05OWRhLTI3ZmVkYmQwNWIzOCIsImlhdCI6MTc4MTEzNzkxMywiZXhwIjoxNzgxNzQyNzEzLCJmaWxlbmFtZSI6InRlYW0taW52aXRhdGlvbi1hZnRlci1kYXJrLnBuZyJ9.m6G5vmWLFAh_yClcbg768rSiMZGkIyov8gHnNVLU95A)
|

</details>

<details>
<summary><b>CLI auth confirm</b></summary>

| | Before | After |
|---|---|---|
| Light | ![cli-auth-confirm before
light](https://app.devin.ai/api/presigned_proxy?token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJvcmdfaWQiOiJvcmdfaGwzT2d1STVWMXBYcTUwUCIsInVzZXJfaWQiOm51bGwsImJ1Y2tldF9uYW1lIjoiZGV2aW5hdHRhY2htZW50cyIsImJ1Y2tldF9rZXkiOiJhdHRhY2htZW50c19wcml2YXRlL29yZ19obDNPZ3VJNVYxcFhxNTBQLzY4ZDA2YzdjLWFkN2ItNDE2ZS05N2E1LTZiZDI2ZDFmYmY1ZSIsImlhdCI6MTc4MTEzNzkxMywiZXhwIjoxNzgxNzQyNzEzLCJmaWxlbmFtZSI6ImNsaS1hdXRoLWNvbmZpcm0tYmVmb3JlLWxpZ2h0LnBuZyJ9.0kGQpHc8RZc53_wKC8jJIhuXztp_4keASpMR24HtcK0)
| ![cli-auth-confirm after
light](https://app.devin.ai/api/presigned_proxy?token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJvcmdfaWQiOiJvcmdfaGwzT2d1STVWMXBYcTUwUCIsInVzZXJfaWQiOm51bGwsImJ1Y2tldF9uYW1lIjoiZGV2aW5hdHRhY2htZW50cyIsImJ1Y2tldF9rZXkiOiJhdHRhY2htZW50c19wcml2YXRlL29yZ19obDNPZ3VJNVYxcFhxNTBQLzY4ZGU1M2VjLWU3YzItNDY5My1iZjgzLTM0OWVlYjZjY2M0ZiIsImlhdCI6MTc4MTEzNzkxMywiZXhwIjoxNzgxNzQyNzEzLCJmaWxlbmFtZSI6ImNsaS1hdXRoLWNvbmZpcm0tYWZ0ZXItbGlnaHQucG5nIn0.sHm69r1KOP72z8wdKVzo38QTPp1GUIAUXVtac8IL-zM)
|
| Dark | ![cli-auth-confirm before
dark](https://app.devin.ai/api/presigned_proxy?token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJvcmdfaWQiOiJvcmdfaGwzT2d1STVWMXBYcTUwUCIsInVzZXJfaWQiOm51bGwsImJ1Y2tldF9uYW1lIjoiZGV2aW5hdHRhY2htZW50cyIsImJ1Y2tldF9rZXkiOiJhdHRhY2htZW50c19wcml2YXRlL29yZ19obDNPZ3VJNVYxcFhxNTBQLzVlMzVhNTQ0LTUxYjItNDFiYy1iYWNhLTA4YjcyMWQ2NzhkYSIsImlhdCI6MTc4MTEzNzkxMywiZXhwIjoxNzgxNzQyNzEzLCJmaWxlbmFtZSI6ImNsaS1hdXRoLWNvbmZpcm0tYmVmb3JlLWRhcmsucG5nIn0.MxJtvrhplMERLWTmm0KklvROBLjH90CB6FsVyQsB8ak)
| ![cli-auth-confirm after
dark](https://app.devin.ai/api/presigned_proxy?token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJvcmdfaWQiOiJvcmdfaGwzT2d1STVWMXBYcTUwUCIsInVzZXJfaWQiOm51bGwsImJ1Y2tldF9uYW1lIjoiZGV2aW5hdHRhY2htZW50cyIsImJ1Y2tldF9rZXkiOiJhdHRhY2htZW50c19wcml2YXRlL29yZ19obDNPZ3VJNVYxcFhxNTBQL2IxZDQxZjI3LWM0YmQtNGM5OC05OTU1LTkxOGMzNTJiN2NjMiIsImlhdCI6MTc4MTEzNzkxNCwiZXhwIjoxNzgxNzQyNzE0LCJmaWxlbmFtZSI6ImNsaS1hdXRoLWNvbmZpcm0tYWZ0ZXItZGFyay5wbmcifQ.cyjPDer_-G8i_uQWSD4ESYEZmk32VfAF73zuUf-KHPw)
|

</details>

<details>
<summary><b>Account settings — Profile</b></summary>

| | Before | After |
|---|---|---|
| Light | ![account-settings-profile before
light](https://app.devin.ai/api/presigned_proxy?token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJvcmdfaWQiOiJvcmdfaGwzT2d1STVWMXBYcTUwUCIsInVzZXJfaWQiOm51bGwsImJ1Y2tldF9uYW1lIjoiZGV2aW5hdHRhY2htZW50cyIsImJ1Y2tldF9rZXkiOiJhdHRhY2htZW50c19wcml2YXRlL29yZ19obDNPZ3VJNVYxcFhxNTBQL2Q5ZTQzZjZlLWIwZGMtNDE3Yi04Njc3LWFiMzVhYjE5Mjg4MiIsImlhdCI6MTc4MTEzNzkxNCwiZXhwIjoxNzgxNzQyNzE0LCJmaWxlbmFtZSI6ImFjY291bnQtc2V0dGluZ3MtcHJvZmlsZS1iZWZvcmUtbGlnaHQucG5nIn0.lmgOIaj7IllT7txfIpzMKEo_iz1DLp00a_odsn9IW1s)
| ![account-settings-profile after
light](https://app.devin.ai/api/presigned_proxy?token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJvcmdfaWQiOiJvcmdfaGwzT2d1STVWMXBYcTUwUCIsInVzZXJfaWQiOm51bGwsImJ1Y2tldF9uYW1lIjoiZGV2aW5hdHRhY2htZW50cyIsImJ1Y2tldF9rZXkiOiJhdHRhY2htZW50c19wcml2YXRlL29yZ19obDNPZ3VJNVYxcFhxNTBQLzM0YWEzNzI4LWU4MDMtNDA4Ny04NDliLTg5NWQxZjdlZWQzMiIsImlhdCI6MTc4MTEzNzkxNCwiZXhwIjoxNzgxNzQyNzE0LCJmaWxlbmFtZSI6ImFjY291bnQtc2V0dGluZ3MtcHJvZmlsZS1hZnRlci1saWdodC5wbmcifQ.512uIE8QjTWDlyrbvOqOw2QPV01_VyHUXxcdbdmr5CI)
|
| Dark | ![account-settings-profile before
dark](https://app.devin.ai/api/presigned_proxy?token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJvcmdfaWQiOiJvcmdfaGwzT2d1STVWMXBYcTUwUCIsInVzZXJfaWQiOm51bGwsImJ1Y2tldF9uYW1lIjoiZGV2aW5hdHRhY2htZW50cyIsImJ1Y2tldF9rZXkiOiJhdHRhY2htZW50c19wcml2YXRlL29yZ19obDNPZ3VJNVYxcFhxNTBQLzQyMzhjYmZmLWZlZTMtNDkwYS05NjE3LTdiYzU2MDY3ZDliYiIsImlhdCI6MTc4MTEzNzkxNCwiZXhwIjoxNzgxNzQyNzE0LCJmaWxlbmFtZSI6ImFjY291bnQtc2V0dGluZ3MtcHJvZmlsZS1iZWZvcmUtZGFyay5wbmcifQ.NWNH23YBwn67auhDQJNbR1jvP5BiW_QKWH0X-9ZB1wQ)
| ![account-settings-profile after
dark](https://app.devin.ai/api/presigned_proxy?token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJvcmdfaWQiOiJvcmdfaGwzT2d1STVWMXBYcTUwUCIsInVzZXJfaWQiOm51bGwsImJ1Y2tldF9uYW1lIjoiZGV2aW5hdHRhY2htZW50cyIsImJ1Y2tldF9rZXkiOiJhdHRhY2htZW50c19wcml2YXRlL29yZ19obDNPZ3VJNVYxcFhxNTBQLzhlODgxNDYzLWNmMDgtNDA1Ny04ZThkLTdhMjQ0NTkxYzQwZSIsImlhdCI6MTc4MTEzNzkxNCwiZXhwIjoxNzgxNzQyNzE0LCJmaWxlbmFtZSI6ImFjY291bnQtc2V0dGluZ3MtcHJvZmlsZS1hZnRlci1kYXJrLnBuZyJ9.2Nfs2UXmq4pgFhULizgIHxYuISFtkb24KKGr2hveTkM)
|

</details>

<details>
<summary><b>Account settings — Notifications</b></summary>

| | Before | After |
|---|---|---|
| Light | ![account-settings-notifications before
light](https://app.devin.ai/api/presigned_proxy?token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJvcmdfaWQiOiJvcmdfaGwzT2d1STVWMXBYcTUwUCIsInVzZXJfaWQiOm51bGwsImJ1Y2tldF9uYW1lIjoiZGV2aW5hdHRhY2htZW50cyIsImJ1Y2tldF9rZXkiOiJhdHRhY2htZW50c19wcml2YXRlL29yZ19obDNPZ3VJNVYxcFhxNTBQLzIzZDk2NDQ4LTcwZWMtNDM5Ni1iNmNiLWEyZjI4MzU5Mjc2ZCIsImlhdCI6MTc4MTEzNzkxNCwiZXhwIjoxNzgxNzQyNzE0LCJmaWxlbmFtZSI6ImFjY291bnQtc2V0dGluZ3Mtbm90aWZpY2F0aW9ucy1iZWZvcmUtbGlnaHQucG5nIn0.2um6D6uKDsgOp8javP5PcyRdbLewxyb2vGk_qc2zeho)
| ![account-settings-notifications after
light](https://app.devin.ai/api/presigned_proxy?token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJvcmdfaWQiOiJvcmdfaGwzT2d1STVWMXBYcTUwUCIsInVzZXJfaWQiOm51bGwsImJ1Y2tldF9uYW1lIjoiZGV2aW5hdHRhY2htZW50cyIsImJ1Y2tldF9rZXkiOiJhdHRhY2htZW50c19wcml2YXRlL29yZ19obDNPZ3VJNVYxcFhxNTBQLzBlYjI0YTE4LTMzZGUtNDcxNC04NGQ5LTI2ODYwZjE0YWQ3NiIsImlhdCI6MTc4MTEzNzkxNCwiZXhwIjoxNzgxNzQyNzE0LCJmaWxlbmFtZSI6ImFjY291bnQtc2V0dGluZ3Mtbm90aWZpY2F0aW9ucy1hZnRlci1saWdodC5wbmcifQ.iIZM0PdMO_gavcUrYORGhnZ_oqjvoE1KHCnJwBGMAJQ)
|
| Dark | ![account-settings-notifications before
dark](https://app.devin.ai/api/presigned_proxy?token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJvcmdfaWQiOiJvcmdfaGwzT2d1STVWMXBYcTUwUCIsInVzZXJfaWQiOm51bGwsImJ1Y2tldF9uYW1lIjoiZGV2aW5hdHRhY2htZW50cyIsImJ1Y2tldF9rZXkiOiJhdHRhY2htZW50c19wcml2YXRlL29yZ19obDNPZ3VJNVYxcFhxNTBQL2Q2OGFjZmE3LTU5MTAtNDViNi1hOWQ1LTQ2MzU2YjUyNmFkMiIsImlhdCI6MTc4MTEzNzkxNCwiZXhwIjoxNzgxNzQyNzE0LCJmaWxlbmFtZSI6ImFjY291bnQtc2V0dGluZ3Mtbm90aWZpY2F0aW9ucy1iZWZvcmUtZGFyay5wbmcifQ.L1VCD8J7ySFj6n_OOAZFh8gCXBWuF5j7OLWvyfGqvOc)
| ![account-settings-notifications after
dark](https://app.devin.ai/api/presigned_proxy?token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJvcmdfaWQiOiJvcmdfaGwzT2d1STVWMXBYcTUwUCIsInVzZXJfaWQiOm51bGwsImJ1Y2tldF9uYW1lIjoiZGV2aW5hdHRhY2htZW50cyIsImJ1Y2tldF9rZXkiOiJhdHRhY2htZW50c19wcml2YXRlL29yZ19obDNPZ3VJNVYxcFhxNTBQL2VkYmQ1NDg0LTQzMGUtNDU2Ni1hNzJhLWE0YzlhNWIyOTM2YyIsImlhdCI6MTc4MTEzNzkxNCwiZXhwIjoxNzgxNzQyNzE0LCJmaWxlbmFtZSI6ImFjY291bnQtc2V0dGluZ3Mtbm90aWZpY2F0aW9ucy1hZnRlci1kYXJrLnBuZyJ9.JvPKISE9uWzn18CEEzOatR2Xp8CMOD4x978wFfT4ixA)
|

</details>

<details>
<summary><b>Account settings — Active sessions</b></summary>

| | Before | After |
|---|---|---|
| Light | ![account-settings-sessions before
light](https://app.devin.ai/api/presigned_proxy?token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJvcmdfaWQiOiJvcmdfaGwzT2d1STVWMXBYcTUwUCIsInVzZXJfaWQiOm51bGwsImJ1Y2tldF9uYW1lIjoiZGV2aW5hdHRhY2htZW50cyIsImJ1Y2tldF9rZXkiOiJhdHRhY2htZW50c19wcml2YXRlL29yZ19obDNPZ3VJNVYxcFhxNTBQL2NhNDQ5NjU1LWYyZDQtNGQ3Ny05YzBjLTI0MmM5ZTQ5MzdiOCIsImlhdCI6MTc4MTEzNzkxNCwiZXhwIjoxNzgxNzQyNzE0LCJmaWxlbmFtZSI6ImFjY291bnQtc2V0dGluZ3Mtc2Vzc2lvbnMtYmVmb3JlLWxpZ2h0LnBuZyJ9.A62xUZfvNQ-yCVUBvITnbPB19cUl9FsVHngITE2XfTI)
| ![account-settings-sessions after
light](https://app.devin.ai/api/presigned_proxy?token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJvcmdfaWQiOiJvcmdfaGwzT2d1STVWMXBYcTUwUCIsInVzZXJfaWQiOm51bGwsImJ1Y2tldF9uYW1lIjoiZGV2aW5hdHRhY2htZW50cyIsImJ1Y2tldF9rZXkiOiJhdHRhY2htZW50c19wcml2YXRlL29yZ19obDNPZ3VJNVYxcFhxNTBQLzI5YzlkY2JjLWQzM2EtNGViMC04NGUzLTY1ODIyMjQ2OGM1OCIsImlhdCI6MTc4MTEzNzkxNCwiZXhwIjoxNzgxNzQyNzE0LCJmaWxlbmFtZSI6ImFjY291bnQtc2V0dGluZ3Mtc2Vzc2lvbnMtYWZ0ZXItbGlnaHQucG5nIn0.JzIuAIuXxAOy4UWoaELGSkkwKx1MeUxeEBYWS1hLzeo)
|
| Dark | ![account-settings-sessions before
dark](https://app.devin.ai/api/presigned_proxy?token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJvcmdfaWQiOiJvcmdfaGwzT2d1STVWMXBYcTUwUCIsInVzZXJfaWQiOm51bGwsImJ1Y2tldF9uYW1lIjoiZGV2aW5hdHRhY2htZW50cyIsImJ1Y2tldF9rZXkiOiJhdHRhY2htZW50c19wcml2YXRlL29yZ19obDNPZ3VJNVYxcFhxNTBQL2IwNzkyNzcyLThmOGQtNDVhNi1iNTU3LTc0NjZlN2RhMDliMiIsImlhdCI6MTc4MTEzNzkxNSwiZXhwIjoxNzgxNzQyNzE1LCJmaWxlbmFtZSI6ImFjY291bnQtc2V0dGluZ3Mtc2Vzc2lvbnMtYmVmb3JlLWRhcmsucG5nIn0.TAFHH_d2vZzZouOAn8HQY_UpEHnaCNaCtDWWNGGzBZk)
| ![account-settings-sessions after
dark](https://app.devin.ai/api/presigned_proxy?token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJvcmdfaWQiOiJvcmdfaGwzT2d1STVWMXBYcTUwUCIsInVzZXJfaWQiOm51bGwsImJ1Y2tldF9uYW1lIjoiZGV2aW5hdHRhY2htZW50cyIsImJ1Y2tldF9rZXkiOiJhdHRhY2htZW50c19wcml2YXRlL29yZ19obDNPZ3VJNVYxcFhxNTBQL2I5MDNkZjU2LWE5NzYtNGRmZS1hMDZhLWM0ODJlNTBhODMyMyIsImlhdCI6MTc4MTEzNzkxNSwiZXhwIjoxNzgxNzQyNzE1LCJmaWxlbmFtZSI6ImFjY291bnQtc2V0dGluZ3Mtc2Vzc2lvbnMtYWZ0ZXItZGFyay5wbmcifQ.BS4vn6FHt0ILUGzzHkoenSg-ITTOdlCbiPI-k7wCpW0)
|

</details>

<details>
<summary><b>Account settings — API keys</b></summary>

| | Before | After |
|---|---|---|
| Light | ![account-settings-api-keys before
light](https://app.devin.ai/api/presigned_proxy?token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJvcmdfaWQiOiJvcmdfaGwzT2d1STVWMXBYcTUwUCIsInVzZXJfaWQiOm51bGwsImJ1Y2tldF9uYW1lIjoiZGV2aW5hdHRhY2htZW50cyIsImJ1Y2tldF9rZXkiOiJhdHRhY2htZW50c19wcml2YXRlL29yZ19obDNPZ3VJNVYxcFhxNTBQLzY0MDQ2YjExLWEwNzYtNDFjYi1hYzE3LTU2NjI0MDZhYzFjNyIsImlhdCI6MTc4MTEzNzkxNSwiZXhwIjoxNzgxNzQyNzE1LCJmaWxlbmFtZSI6ImFjY291bnQtc2V0dGluZ3MtYXBpLWtleXMtYmVmb3JlLWxpZ2h0LnBuZyJ9.gIiXz5bL0rVTFi8m4xjBwqDrXGdep6eTAtrBl8-Vk3s)
| ![account-settings-api-keys after
light](https://app.devin.ai/api/presigned_proxy?token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJvcmdfaWQiOiJvcmdfaGwzT2d1STVWMXBYcTUwUCIsInVzZXJfaWQiOm51bGwsImJ1Y2tldF9uYW1lIjoiZGV2aW5hdHRhY2htZW50cyIsImJ1Y2tldF9rZXkiOiJhdHRhY2htZW50c19wcml2YXRlL29yZ19obDNPZ3VJNVYxcFhxNTBQLzFmODUyMTEwLWM2YWQtNGVkOS04YWQ0LTAxOTVjNWMzOTkzYSIsImlhdCI6MTc4MTEzNzkxNSwiZXhwIjoxNzgxNzQyNzE1LCJmaWxlbmFtZSI6ImFjY291bnQtc2V0dGluZ3MtYXBpLWtleXMtYWZ0ZXItbGlnaHQucG5nIn0.9MQw8j0RH0nEvjWrCV478fIMeNnqhCKQr7yuUEx9HUM)
|
| Dark | ![account-settings-api-keys before
dark](https://app.devin.ai/api/presigned_proxy?token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJvcmdfaWQiOiJvcmdfaGwzT2d1STVWMXBYcTUwUCIsInVzZXJfaWQiOm51bGwsImJ1Y2tldF9uYW1lIjoiZGV2aW5hdHRhY2htZW50cyIsImJ1Y2tldF9rZXkiOiJhdHRhY2htZW50c19wcml2YXRlL29yZ19obDNPZ3VJNVYxcFhxNTBQLzIwNTA5ZWUzLTBjOTktNGUwNi1iODI0LTU4MjYwODA1NmJlOCIsImlhdCI6MTc4MTEzNzkxNSwiZXhwIjoxNzgxNzQyNzE1LCJmaWxlbmFtZSI6ImFjY291bnQtc2V0dGluZ3MtYXBpLWtleXMtYmVmb3JlLWRhcmsucG5nIn0.vQDdStoNd5qcCyW4jrqN5DrWjDmakmy1AG_7yjEhTVs)
| ![account-settings-api-keys after
dark](https://app.devin.ai/api/presigned_proxy?token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJvcmdfaWQiOiJvcmdfaGwzT2d1STVWMXBYcTUwUCIsInVzZXJfaWQiOm51bGwsImJ1Y2tldF9uYW1lIjoiZGV2aW5hdHRhY2htZW50cyIsImJ1Y2tldF9rZXkiOiJhdHRhY2htZW50c19wcml2YXRlL29yZ19obDNPZ3VJNVYxcFhxNTBQLzAxNDZiNWM2LWMwMDEtNDFiMy1hNDRiLTAzNmQ4OWJkMGE3MSIsImlhdCI6MTc4MTEzNzkxNSwiZXhwIjoxNzgxNzQyNzE1LCJmaWxlbmFtZSI6ImFjY291bnQtc2V0dGluZ3MtYXBpLWtleXMtYWZ0ZXItZGFyay5wbmcifQ.fET1gYmJX8TE_LAgEW_3mPgFMPQEf0gd3lm_SbN3CIQ)
|

</details>

<details>
<summary><b>Account settings — Payments</b></summary>

| | Before | After |
|---|---|---|
| Light | ![account-settings-payments before
light](https://app.devin.ai/api/presigned_proxy?token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJvcmdfaWQiOiJvcmdfaGwzT2d1STVWMXBYcTUwUCIsInVzZXJfaWQiOm51bGwsImJ1Y2tldF9uYW1lIjoiZGV2aW5hdHRhY2htZW50cyIsImJ1Y2tldF9rZXkiOiJhdHRhY2htZW50c19wcml2YXRlL29yZ19obDNPZ3VJNVYxcFhxNTBQLzg5MDc3NWI3LTVjMzItNDBjNS04NDIyLTExOTVmMTdhNTVmMCIsImlhdCI6MTc4MTEzNzkxNSwiZXhwIjoxNzgxNzQyNzE1LCJmaWxlbmFtZSI6ImFjY291bnQtc2V0dGluZ3MtcGF5bWVudHMtYmVmb3JlLWxpZ2h0LnBuZyJ9.1EHLx9Y5eE30pX5s95qrHI63eBEqwAM_imJIvVuSkJs)
| ![account-settings-payments after
light](https://app.devin.ai/api/presigned_proxy?token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJvcmdfaWQiOiJvcmdfaGwzT2d1STVWMXBYcTUwUCIsInVzZXJfaWQiOm51bGwsImJ1Y2tldF9uYW1lIjoiZGV2aW5hdHRhY2htZW50cyIsImJ1Y2tldF9rZXkiOiJhdHRhY2htZW50c19wcml2YXRlL29yZ19obDNPZ3VJNVYxcFhxNTBQLzc5YjEyYjkyLWEyZWUtNGIzMC1hYjRmLTEzZjk1N2FlZWI3ZSIsImlhdCI6MTc4MTEzNzkxNSwiZXhwIjoxNzgxNzQyNzE1LCJmaWxlbmFtZSI6ImFjY291bnQtc2V0dGluZ3MtcGF5bWVudHMtYWZ0ZXItbGlnaHQucG5nIn0.TRjKFdwfArHf5NSYH8OkKydxKWQKPcy-DbLmx641IxM)
|
| Dark | ![account-settings-payments before
dark](https://app.devin.ai/api/presigned_proxy?token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJvcmdfaWQiOiJvcmdfaGwzT2d1STVWMXBYcTUwUCIsInVzZXJfaWQiOm51bGwsImJ1Y2tldF9uYW1lIjoiZGV2aW5hdHRhY2htZW50cyIsImJ1Y2tldF9rZXkiOiJhdHRhY2htZW50c19wcml2YXRlL29yZ19obDNPZ3VJNVYxcFhxNTBQLzU0MjY1ZGI3LTJjOWYtNDZiNi05MzY2LTE2OWRjZTk5YjM2OSIsImlhdCI6MTc4MTEzNzkxNSwiZXhwIjoxNzgxNzQyNzE1LCJmaWxlbmFtZSI6ImFjY291bnQtc2V0dGluZ3MtcGF5bWVudHMtYmVmb3JlLWRhcmsucG5nIn0.E4qAaoYQ1_VM18WdRR0SndS1rNAy8Y_iiwZpG6XFmEA)
| ![account-settings-payments after
dark](https://app.devin.ai/api/presigned_proxy?token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJvcmdfaWQiOiJvcmdfaGwzT2d1STVWMXBYcTUwUCIsInVzZXJfaWQiOm51bGwsImJ1Y2tldF9uYW1lIjoiZGV2aW5hdHRhY2htZW50cyIsImJ1Y2tldF9rZXkiOiJhdHRhY2htZW50c19wcml2YXRlL29yZ19obDNPZ3VJNVYxcFhxNTBQL2E3NDUxYmQ4LTFhM2QtNDhjZC04MTdkLTEwYTc0ODNlYjdiZSIsImlhdCI6MTc4MTEzNzkxNSwiZXhwIjoxNzgxNzQyNzE1LCJmaWxlbmFtZSI6ImFjY291bnQtc2V0dGluZ3MtcGF5bWVudHMtYWZ0ZXItZGFyay5wbmcifQ.dSBbdK2uNNdQ3ZWm6wmF8B6vIldQ7C-BwuzyVkPbiTo)
|

</details>

<details>
<summary><b>Account settings — Emails &amp; auth</b></summary>

| | Before | After |
|---|---|---|
| Light | ![account-settings-email-auth before
light](https://app.devin.ai/api/presigned_proxy?token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJvcmdfaWQiOiJvcmdfaGwzT2d1STVWMXBYcTUwUCIsInVzZXJfaWQiOm51bGwsImJ1Y2tldF9uYW1lIjoiZGV2aW5hdHRhY2htZW50cyIsImJ1Y2tldF9rZXkiOiJhdHRhY2htZW50c19wcml2YXRlL29yZ19obDNPZ3VJNVYxcFhxNTBQL2M1MTNkZTFkLTY1Y2ItNGJlNi04MWEyLWZiZTJhNDk4MTllNCIsImlhdCI6MTc4MTEzNzkxNSwiZXhwIjoxNzgxNzQyNzE1LCJmaWxlbmFtZSI6ImFjY291bnQtc2V0dGluZ3MtZW1haWwtYXV0aC1iZWZvcmUtbGlnaHQucG5nIn0.lWxhJCuN0cwTBMnbM1by6-iZoBVHlOi4Pnv4NTCJ67c)
| ![account-settings-email-auth after
light](https://app.devin.ai/api/presigned_proxy?token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJvcmdfaWQiOiJvcmdfaGwzT2d1STVWMXBYcTUwUCIsInVzZXJfaWQiOm51bGwsImJ1Y2tldF9uYW1lIjoiZGV2aW5hdHRhY2htZW50cyIsImJ1Y2tldF9rZXkiOiJhdHRhY2htZW50c19wcml2YXRlL29yZ19obDNPZ3VJNVYxcFhxNTBQL2I0NzBlOTY3LWY5NTUtNDRkMy1iZDY3LWU1ZDJiZWNkYmQ2MCIsImlhdCI6MTc4MTEzNzkxNiwiZXhwIjoxNzgxNzQyNzE2LCJmaWxlbmFtZSI6ImFjY291bnQtc2V0dGluZ3MtZW1haWwtYXV0aC1hZnRlci1saWdodC5wbmcifQ.AH2FqUJJRBCFx5a08IkvNzScleqRd_ftlFFjbp_F3no)
|
| Dark | ![account-settings-email-auth before
dark](https://app.devin.ai/api/presigned_proxy?token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJvcmdfaWQiOiJvcmdfaGwzT2d1STVWMXBYcTUwUCIsInVzZXJfaWQiOm51bGwsImJ1Y2tldF9uYW1lIjoiZGV2aW5hdHRhY2htZW50cyIsImJ1Y2tldF9rZXkiOiJhdHRhY2htZW50c19wcml2YXRlL29yZ19obDNPZ3VJNVYxcFhxNTBQLzYwYjQ2MmFlLTkzMDItNGQ2MC1iZmNkLWVhNThlN2I2OWI5ZiIsImlhdCI6MTc4MTEzNzkxNiwiZXhwIjoxNzgxNzQyNzE2LCJmaWxlbmFtZSI6ImFjY291bnQtc2V0dGluZ3MtZW1haWwtYXV0aC1iZWZvcmUtZGFyay5wbmcifQ.PC9ll_6mOHvmd8aAlfL2IfgNBRGOL5K8QuyJoo7NpTs)
| ![account-settings-email-auth after
dark](https://app.devin.ai/api/presigned_proxy?token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJvcmdfaWQiOiJvcmdfaGwzT2d1STVWMXBYcTUwUCIsInVzZXJfaWQiOm51bGwsImJ1Y2tldF9uYW1lIjoiZGV2aW5hdHRhY2htZW50cyIsImJ1Y2tldF9rZXkiOiJhdHRhY2htZW50c19wcml2YXRlL29yZ19obDNPZ3VJNVYxcFhxNTBQLzQxMWUzY2M1LWViYWYtNGMzZi1hMDhkLTJlOTk0ZDdjMGU0ZCIsImlhdCI6MTc4MTEzNzkxNiwiZXhwIjoxNzgxNzQyNzE2LCJmaWxlbmFtZSI6ImFjY291bnQtc2V0dGluZ3MtZW1haWwtYXV0aC1hZnRlci1kYXJrLnBuZyJ9.OlTYac0GJEdImBtOMqFXHBG6_JQacZ9F5h3-GB7IKms)
|

</details>

Link to Devin session:
https://app.devin.ai/sessions/1d2380aa55694f2fb12ed96e200a32ad
Requested by: @Developing-Gamer

---------

Co-authored-by: Cursor <cursoragent@cursor.com>
Co-authored-by: armaan <armaan@stack-auth.com>
Co-authored-by: Devin AI <158243242+devin-ai-integration[bot]@users.noreply.github.com>
 2026-06-15 04:25:33 +05:30
github-actions[bot]
7063aa2df7 chore: update package versions 2026-06-13 01:26:27 +00:00
github-actions[bot]
6de253633f chore: update package versions 2026-06-13 00:25:03 +00:00
github-actions[bot]
5eedb484e1 chore: update package versions 2026-06-12 21:09:46 +00:00
github-actions[bot]
1999ad8be3 chore: update package versions 2026-06-11 17:19:24 +00:00
Armaan Jain
88ef2ce85f
Hosted Components Accounts Navigation bug (#1565) 
<!--

Make sure you've read the CONTRIBUTING.md guidelines:
https://github.com/hexclave/hexclave/blob/dev/CONTRIBUTING.md

-->

<!-- This is an auto-generated description by cubic. -->
---
## Summary by cubic
Fixes and hardens hosted components navigation. Restores Accounts tab
behavior without full-page reloads by using a validated, async navigate
adapter and migrating to `Hexclave*` components.

- **Bug Fixes**
- Replaced `redirectMethod` with `useHostedComponentsNavigate` to route
`#...` via `hash` and others via `href`, allowing only trusted targets
via `isRelative`/`validateRedirectUrl` with `trustedDomains:
[window.location.origin]`.
- Runs redirects with `runAsynchronously` from `@hexclave/shared` to
avoid race conditions.

- **Refactors**
- Migrated from `StackClientApp`/`StackProvider`/`StackTheme` to
`HexclaveClientApp`/`HexclaveProvider`/`HexclaveTheme` in
`@hexclave/react`.
- Regenerated Mintlify docs/snippets to use Hexclave naming and clarify
the Auth SDK `urls` option and `hexclave dev` env var injection.

<sup>Written for commit 41ba5d0b15.
Summary will update on new commits.</sup>

<a
href="https://cubic.dev/pr/hexclave/hexclave/pull/1565?utm_source=github"
target="_blank" rel="noopener noreferrer"
data-no-image-dialog="true"><picture><source
media="(prefers-color-scheme: dark)"
srcset="https://cubic.dev/buttons/review-in-cubic-dark.svg"><source
media="(prefers-color-scheme: light)"
srcset="https://cubic.dev/buttons/review-in-cubic-light.svg"><img
alt="Review in cubic"
src="https://cubic.dev/buttons/review-in-cubic-dark.svg"></picture></a>

<!-- End of auto-generated description by cubic. -->

<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit

* **Bug Fixes**
* Improved client-side navigation handling: allow hash navigation and
enforce/trust-check redirect targets to prevent unsafe external
navigation.

* **Refactor**
* Switched UI runtime to Hexclave-specific app, provider, and theme
components for consistent theming and behavior.

* **Documentation**
* Clarified setup: `hexclave dev` now auto-injects required environment
variables.
* Updated guidance for configuring auth/redirect URLs to ensure correct
post-auth navigation.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
 2026-06-10 23:44:38 +05:30
github-actions[bot]
3132de1cae chore: update package versions 2026-06-10 18:10:23 +00:00
github-actions[bot]
96273a9d65 chore: update package versions 2026-06-08 18:18:54 +00:00
github-actions[bot]
4fdd2b3831 chore: update package versions 2026-06-08 17:36:50 +00:00
github-actions[bot]
468a221379 chore: update package versions 2026-06-06 00:07:24 +00:00
github-actions[bot]
461b9acd68 chore: update package versions 2026-06-05 23:54:49 +00:00
github-actions[bot]
5cb50721bd chore: update package versions 2026-06-05 00:16:17 +00:00
Konsti Wohlwend
bc45117777
Support local dashboard in remote SSH and GH Codespaces (#1538) 2026-06-04 16:36:17 -07:00
BilalG1
c14a9dd3d0
feat(hexclave): PR 5 — internal symbol/path/package renames + brand strings (#1547) 
## Stack Auth → Hexclave rename — PR 5 (internal symbols, paths,
packages, brand strings)

PR 5 finishes the **internal / non-wire** half of the Stack→Hexclave
rename. It only touches things where nothing outside the repo depends on
the exact name: internal symbols, file/dir names, the
`@stackframe/template` package, and residual brand strings. Plan +
progress are in `HEXCLAVE-RENAME-PR5-PLAN.md`.

Every step was verified green (`pnpm typecheck` + `pnpm lint`, 28/28)
and committed as its own checkpoint, then a fan-out of review agents
audited all commits and the findings were fixed.

### What changed
- **Internal symbols** (`@hexclave/shared`, `packages/template`, apps):
`stack*`/`Stack*` → `hexclave*`/`Hexclave*` — incl.
`stackGlobalsSymbol`, the `_Stack*AppImpl` classes,
`stackAppInternalsSymbol`, `StackContext`, `getStackStripe`, etc. The
`stack*App` local-variable convention
(`stackServerApp`/`stackClientApp`/…) was renamed across 175
source/example/doc files.
- **File renames**: `hexclave-handler/provider/context.tsx`,
`backend/hexclave.tsx`, `internal-tool/hexclave.ts`,
`hexclave-app-internals.ts`.
- **Directory renames**: `lib/hexclave-app`, `hexclave-companion`,
`[...hexclave]` route segment, `skills/hexclave`,
`dashboard/src/hexclave`, and the package dirs
**`packages/{next,shared,ui,sc,cli}`** (dropping the `stack-` prefix to
match the `@hexclave/*` npm names).
- **Packages**: `@stackframe/template` → `@hexclave/template`; **deleted
`packages/init-stack`** (onboarding lives in `@hexclave/cli init`; the
published npm package is untouched).
- **Brand strings**: reworded `Stack Auth`/`Stack dashboard` prose in
code + docs-mintlify, renamed `hexclave-app.mdx`/`use-hexclave-app.mdx`
with redirects, regenerated OpenAPI, updated coupled e2e assertions;
`doctor`/`init` now prefer `hexclave.config.ts`.

### Intentionally kept (verified, not oversights)
Wire/compat identifiers (`x-stack-*` headers, `stack-*` cookies,
`STACK_*` env names, `*.stack-auth.com`, `stackauth_`, `ask_stack_auth`,
query params), public `Stack*` SDK aliases, crypto/JWT/vault
domain-separation tags, `*-brand-sentinel`s, the
`Symbol.for("StackAuth--…")` string, `_stack_sync_metadata`, Postgres
`stackframe` / docker image names, the `stack-auth-logo*.svg` (used by
the rebrand modal), and `migration.mdx` / "formerly known as Stack Auth"
notes. False positives (Phosphor `StackIcon`/`StackSimple`, `TanStack`,
`OrbStack`, `stackable`/`Stacked` charts) left alone.

### Review pass
Six review agents audited all commits. Found + fixed one real bug — a
build script (`bundle-type-definitions.ts`) hardcoded the old
`lib/stack-app` glob path (not an import, so typecheck/lint were blind),
silently emptying the dashboard AI type bundle — plus stale comments, a
dead CI env var, and stale `.gitignore`/`.dockerignore` entries.
Cross-cutting audit confirmed **zero wire-compat identifiers were
accidentally renamed**.

### ⚠️ Verification note
`typecheck` + `lint` are fully green locally. The **e2e suite was not
run** (needs a live backend+DB), so the brand-string assertion +
OpenAPI-regen changes are verified by grep/codegen only — please let CI
exercise e2e to confirm.

### Base-branch note
This branch was forked from the local-only `cl/friendly-lewin-72293f`
(not on origin, no separate PR), so this PR against `dev` also carries
that branch's ~11 preceding Hexclave-rename commits (config-file rename,
env-var dual-read, AI setup-prompt rebrand). If those should land
separately, re-parent before merge.

<!-- This is an auto-generated description by cubic. -->
---
## Summary by cubic
Finishes the internal Stack Auth → Hexclave rename and cleans up
remaining stragglers, including dev-tool and prompt copy. All changes
are internal-only; public/wire APIs remain unchanged. Re-merged `dev`
and resolved the payments create-purchase-url conflict.

- **Refactors**
- Internal symbols: stack*/Stack* → hexclave*/Hexclave* (e.g.,
`getHexclaveServerApp` via `@/hexclave`, `getHexclaveStripe`,
`hexclaveAppInternalsSymbol`, `hexclaveSchemaInfo`, Prisma
`__hexclave_*`, `data-hexclave-handler-page`, Stripe mock
`hexclavePortPrefix`).
- Files/dirs: moved to `lib/hexclave-app`; handler route
`[...hexclave]`; backend entry `src/hexclave.tsx`; dashboard internals
`hexclave-app-internals`; companion `hexclave-companion`; dropped
`stack-` prefix across package dirs
(`packages/{shared,ui,sc,cli,next}`); workflows/emulator paths now
`packages/cli`; Quetzal codegen env at `packages/next/.env.local`.
- Packages/docs: `@stackframe/template` → `@hexclave/template`; removed
`packages/init-stack`; regenerated OpenAPI and updated docs
slugs/redirects for hexclave-app/use-hexclave-app.
- Brand strings/prompts: reworded remaining “Stack” dashboard strings to
Hexclave; updated dev-tool copy and prompts; `doctor/init` now prefer
`hexclave.config.ts`. Kept all wire-compat identifiers and public
aliases (`x-stack-*`, `stack-*` cookies, `STACK_*` env,
`*.stack-auth.com`, `Stack*` SDK names).
- Rebased/merged onto latest `dev`: retained `@hexclave/template`, kept
`src` in published files, refreshed setup-prompt imports and docs JSON,
adopted 1.0.5 version bumps, and re-merged `dev` again (resolved
`create-purchase-url` with `getHexclaveStripe`).

- **Bug Fixes**
- Restored dashboard AI type bundle by pointing the glob to
`packages/template/src/lib/hexclave-app`.
- Addressed rename leftovers: updated lingering `@/stack` imports and
CSS selector, fixed schema/meta and port-prefix expansions, and aligned
emulator commands to `packages/cli`.
- CI/build: removed a dead env var and stale ignore entries; fixed
Docker by renaming `STACK_SKIP_TEMPLATE_GENERATION` →
`HEXCLAVE_SKIP_TEMPLATE_GENERATION`.

<sup>Written for commit 3c1af3bff3.
Summary will update on new commits.</sup>

<a
href="https://cubic.dev/pr/hexclave/hexclave/pull/1547?utm_source=github"
target="_blank" rel="noopener noreferrer"
data-no-image-dialog="true"><picture><source
media="(prefers-color-scheme: dark)"
srcset="https://cubic.dev/buttons/review-in-cubic-dark.svg"><source
media="(prefers-color-scheme: light)"
srcset="https://cubic.dev/buttons/review-in-cubic-light.svg"><img
alt="Review in cubic"
src="https://cubic.dev/buttons/review-in-cubic-dark.svg"></picture></a>

<!-- End of auto-generated description by cubic. -->
 2026-06-03 18:57:09 -07:00
github-actions[bot]
760cc4a826 chore: update package versions 2026-06-04 00:19:36 +00:00
github-actions[bot]
a21ba6b2f5 chore: update package versions 2026-06-03 18:09:27 +00:00
Konstantin Wohlwend
22718843f2 Fix unnecessary console.error in hosted components page 2026-06-03 11:08:33 -07:00
github-actions[bot]
fc7174d110 chore: update package versions 2026-06-03 01:10:42 +00:00
Konstantin Wohlwend
f9d081da09 Upgrade pnpm to v11.5.0 2026-06-01 15:33:25 -07:00
github-actions[bot]
64a38d0758 chore: update package versions 2026-06-01 21:41:58 +00:00
Konstantin Wohlwend
3961a9703e Bump package versions 2026-06-01 14:22:56 -07:00
BilalG1
609579abab
feat(hexclave): PR 3 — native @hexclave/* source rename + delete dual-publish wiring (#1482)
Some checks failed
all-good: Did all the other checks pass? / all-good (push) Has been cancelled
Details
Ensure Prisma migrations are in sync with the schema / check_prisma_migrations (22.x) (push) Has been cancelled
Details
DB migration compat / Check if migrations changed (push) Has been cancelled
Details
Docker Server Build and Push / Docker Build and Push Server (push) Has been cancelled
Details
Docker Server Build and Run / docker (push) Has been cancelled
Details
Runs E2E API Tests (Local Emulator) / E2E Tests (Local Emulator, Node ${{ matrix.node-version }}) (22.x) (push) Has been cancelled
Details
Runs E2E API Tests / E2E Tests (Node ${{ matrix.node-version }}, Freestyle ${{ matrix.freestyle-mode }}) (mock, 22.x) (push) Has been cancelled
Details
Runs E2E API Tests / E2E Tests (Node ${{ matrix.node-version }}, Freestyle ${{ matrix.freestyle-mode }}) (prod, 22.x) (push) Has been cancelled
Details
Runs E2E API Tests with custom port prefix / build (22.x) (push) Has been cancelled
Details
Runs E2E Fallback Tests / E2E Fallback Tests (Node ${{ matrix.node-version }}) (22.x) (push) Has been cancelled
Details
Lint & build / lint_and_build (24) (push) Has been cancelled
Details
TOC Generator / TOC Generator (push) Has been cancelled
Details
DB migration compat / Back-compat — Current branch migrations with ${{ needs.check-migrations-changed.outputs.base_branch }} branch code (push) Has been cancelled
Details
DB migration compat / Forward-compat — Current branch code with ${{ needs.check-migrations-changed.outputs.base_branch }} branch migrations (push) Has been cancelled
Details
DB migration compat / No migration changes (skipped) (push) Has been cancelled
Details
2026-05-29 15:21:59 -07:00
Konsti Wohlwend
bd61184bdc
Add LLM metadata endpoints (#1499) 2026-05-28 18:07:28 -07:00
BilalG1
57ff5d3ce9
feat(hexclave): PR 2 — visible rebrand (Hexclave brand goes public) (#1481)
Some checks failed
all-good: Did all the other checks pass? / all-good (push) Has been cancelled
Details
Ensure Prisma migrations are in sync with the schema / check_prisma_migrations (22.x) (push) Has been cancelled
Details
DB migration compat / Check if migrations changed (push) Has been cancelled
Details
Docker Server Build and Push / Docker Build and Push Server (push) Has been cancelled
Details
Docker Server Build and Run / docker (push) Has been cancelled
Details
Runs E2E API Tests (Local Emulator) / E2E Tests (Local Emulator, Node ${{ matrix.node-version }}) (22.x) (push) Has been cancelled
Details
Runs E2E API Tests / E2E Tests (Node ${{ matrix.node-version }}, Freestyle ${{ matrix.freestyle-mode }}) (mock, 22.x) (push) Has been cancelled
Details
Runs E2E API Tests / E2E Tests (Node ${{ matrix.node-version }}, Freestyle ${{ matrix.freestyle-mode }}) (prod, 22.x) (push) Has been cancelled
Details
Runs E2E API Tests with custom port prefix / build (22.x) (push) Has been cancelled
Details
Runs E2E Fallback Tests / E2E Fallback Tests (Node ${{ matrix.node-version }}) (22.x) (push) Has been cancelled
Details
Lint & build / lint_and_build (24) (push) Has been cancelled
Details
TOC Generator / TOC Generator (push) Has been cancelled
Details
DB migration compat / Back-compat — Current branch migrations with ${{ needs.check-migrations-changed.outputs.base_branch }} branch code (push) Has been cancelled
Details
DB migration compat / Forward-compat — Current branch code with ${{ needs.check-migrations-changed.outputs.base_branch }} branch migrations (push) Has been cancelled
Details
DB migration compat / No migration changes (skipped) (push) Has been cancelled
Details 
## Summary

**Stacked on [#1475](https://github.com/hexclave/stack-auth/pull/1475)**
(`cl/hexclave-pr1`, the invisible compatibility layer). Diff vs that
base = the actual PR 2 code.

This is **PR 2 of the Stack Auth → Hexclave rebrand: the visible flip**.
Old wire identifiers (cookies, request/response headers, Bearer prefix,
JWT issuers, MCP tool name) keep working indefinitely via PR 1's
dual-accept. This PR flips every user-visible surface — package names
taught in docs, SDK class names in code examples, dashboard setup
snippets, page titles, error messages, email content, CLI binary,
default base URLs, GitHub repo slug, contributor guidance — to the
Hexclave brand.

See [`RENAME-TO-HEXCLAVE.md`](./RENAME-TO-HEXCLAVE.md) → *"PR 2: Rebrand
to Hexclave (visible)"* for the full per-work-area spec.

## What's implemented (per the plan's PR 2 scope)

- **SDK base URLs** flipped: `defaultBaseUrl` and
`defaultAnalyticsBaseUrl` in
[common.ts](packages/template/src/lib/stack-app/apps/implementations/common.ts:127)
→ `https://api.hexclave.com` / `https://r.hexclave.com`. PR 1's
[`getHardcodedFallbackUrls`](packages/stack-shared/src/utils/urls.tsx:199)
table now keys on the Hexclave domain.

- **Domain inventory sweep** (16 subdomains from the plan): every
`api/app/docs/discord/demo/mcp/skill/feedback/test/preview/r/api2/api.staging/idp-jwk-audience/built-with.stack-auth.com`
reference in production code, docs-mintlify, examples, READMEs, and
contributor guidance flipped to `*.hexclave.com`. Carve-outs: PR 1's
intentional JWT issuer dual-accept table in
[tokens.tsx](apps/backend/src/lib/tokens.tsx), the legacy `./docs/`
folder, the `unified-docs-widget` allowlist (deliberately accepts both
during DNS transition), and `url-targets.ts` hosted-component default
(baked into existing customer deploys).

- **`@deprecated` JSDoc** on every `Stack*` public export
([packages/template/src/lib/stack-app/index.ts](packages/template/src/lib/stack-app/index.ts)
+ [packages/template/src/index.ts](packages/template/src/index.ts)) —
`StackClientApp`, `StackServerApp`, `StackAdminApp` + every
constructor/options/JSON type, `StackHandler`, `StackProvider`,
`StackTheme`, `useStackApp`, `defineStackConfig`, `StackConfig`.
Hexclave\* aliases are now canonical.

- **Runtime `console.warn`**
([packages/template/src/internal/deprecation-warning.ts](packages/template/src/internal/deprecation-warning.ts))
— once-per-process when the SDK is loaded from a `@stackframe/*`
artifact. Detection uses the existing
`STACK_COMPILE_TIME_CLIENT_PACKAGE_VERSION_SENTINEL` (rewritten at build
time to e.g. `js @stackframe/stack@2.8.92` or `js
@hexclave/next@1.0.0`); `@hexclave/*` mirror artifacts short-circuit the
warning.

- **Tier 3 data migration**: new idempotent SQL migration
[`20260523000000_rename_internal_project_to_hexclave`](apps/backend/prisma/migrations/20260523000000_rename_internal_project_to_hexclave/migration.sql)
— updates the internal Project `displayName` 'Stack Dashboard' →
'Hexclave Dashboard' and `description` only if both still hold the
pre-rebrand defaults. Operator-renamed projects untouched, missing row
no-ops, re-runs are no-ops. [`seed.ts`](apps/backend/prisma/seed.ts:87)
default flipped. `getSharedEmailConfig("Stack Auth")` → `("Hexclave")`.

- **Tier 4 brand strings** (mechanical sweep, ~340 files):
- Page + OpenAPI titles (Hexclave API / Dashboard / REST API / Webhooks
API / Documentation). OpenAPI `info.description` documents
`X-Hexclave-*` headers as canonical with compat note on `X-Stack-*`.
- `HexclaveAssertionError` message text
([errors.tsx:71](packages/stack-shared/src/utils/errors.tsx:71)) — "an
error in Stack." → "an error in Hexclave."
- Known-error message templates
([known-errors.tsx](packages/stack-shared/src/known-errors.tsx)) flipped
to lead with `x-hexclave-*` + the new `docs.hexclave.com` URL; legacy
`x-stack-*` mentioned as compat aliases. **25 e2e test files updated in
lockstep**.
- Email content: failed-emails-digest body, sendTestEmail recipient (now
`sent-with-hexclave.com`), test-email-recipient default.
  - `CHANGELOG.md` title → "Hexclave Changelog".
- `AGENTS.md` env var convention: new vars prefix `HEXCLAVE_` /
`NEXT_PUBLIC_HEXCLAVE_` for Category A/B; legacy `STACK_*` explicitly
noted as accepted via PR 1's dual-read.

- **CLI / init wizard**:
- Every dashboard setup snippet, init-stack template, and docs-mintlify
page teaches `npx @hexclave/cli@latest init` (was
`@stackframe/stack-cli`).
[setup-page.tsx](apps/dashboard/src/app/(main)/(protected)/projects/[projectId]/(overview)/setup-page.tsx)
+
[link-existing-onboarding](apps/dashboard/src/app/(main)/(protected)/(outside-dashboard)/new-project/page-client-parts/link-existing-onboarding.tsx).
- [init-stack](packages/init-stack/src/index.ts:634)
`STACK_*_INSTALL_PACKAGE_NAME_OVERRIDE` defaults flipped to
`@hexclave/*`.
- Generated `stack/client.ts` / `stack/server.ts` import from
`@hexclave/next` and reference `HexclaveClientApp` /
`HexclaveServerApp`.
- Internal `StackAuthKeys` dashboard component renamed to
`HexclaveKeys`.

- **docs-mintlify rewrite** (legacy `./docs/` intentionally untouched
per scoping decision):
- **78 MDX files swept**.
`@stackframe/{react,stack,js,tanstack-start,...}` →
`@hexclave/{react,stack,js,...}` in install snippets and code blocks;
`Stack*` SDK class names → `Hexclave*` in all code examples; 'Stack
Auth' brand phrase → 'Hexclave'.
- `openapi/{server,admin,client,webhooks}.json` titles → 'Hexclave REST
API' / 'Hexclave Webhooks API'.

- **Generators flipped before regeneration**:
-
[`packages/stack-shared/src/helpers/init-prompt.ts`](packages/stack-shared/src/helpers/init-prompt.ts),
[`/ai/prompts.ts`](packages/stack-shared/src/ai/prompts.ts),
[`apps/backend/src/lib/ai/prompts.ts`](apps/backend/src/lib/ai/prompts.ts),
[`apps/backend/src/lib/ai/tools/create-email-{template,draft}.ts`](apps/backend/src/lib/ai/tools/create-email-template.ts),
[`apps/skills/src/app/route.ts`](apps/skills/src/app/route.ts) (taught
MCP tool → `ask_hexclave` with compat note; CLI binary teach →
`hexclave`),
[`docs-mintlify/snippets/home-prompt-island.jsx`](docs-mintlify/snippets/home-prompt-island.jsx),
[`packages/template/README.md`](packages/template/README.md) +
integrations/convex/component/README.md.
  - `generate-sdks` propagated changes to `packages/{react,stack,js}`.

- **OpenAPI dual-documentation**:
[`apps/backend/src/app/api/latest/route.ts`](apps/backend/src/app/api/latest/route.ts)
now lists `X-Hexclave-*` headers as primary documented schemas with
`X-Stack-*` duplicates marked `.optional()` (both accepted at runtime by
PR 1's normalize-at-proxy shim).

- **`@stackframe/emails` virtual module**: dual-aliased to
`@hexclave/emails` at the bundler boundary
([email-rendering.tsx:89](apps/backend/src/lib/email-rendering.tsx:89)).
Stored email templates continue to import from either name; new
AI-generated templates and the system prompt teach `@hexclave/emails`.

- **Tier 2 mirror-publish wiring** (new this PR, lays the groundwork for
`@hexclave/*` first publish):
-
[`scripts/rewrite-packages-to-hexclave.ts`](scripts/rewrite-packages-to-hexclave.ts)
— rewrites 9 publishable `@stackframe/*` → `@hexclave/*` `package.json`
files (reads `HEXCLAVE_VERSION` env or `--version=` flag), pins
cross-deps to the shared `@hexclave` version, registers `hexclave` bin
alongside `stack` for `@hexclave/cli`.
-
[`.github/workflows/npm-publish.yaml`](.github/workflows/npm-publish.yaml)
appended with rewrite-then-republish step. `pnpm publish` skips
already-on-npm versions so reruns are safe.

- **Sender email domain**: `noreply@stackframe.co` →
`noreply@sent-with-hexclave.com` (the dedicated transactional-sender
domain split per the plan, to isolate bulk deliverability from
`hexclave.com` reputation); `security@` / `team@stack-auth.com` inbound
mailboxes → `@hexclave.com`.

- **Self-host docs**: docker network / container names in the bash
examples flipped from `stack-auth` to `hexclave` (`hexclave-postgres`,
`hexclave-clickhouse`, `hexclave.env`). The docker image tag
`stackauth/server:latest` stays per the plan's locked decision.

- **GitHub repo slug**: `hexclave/stack-auth` → `hexclave/hexclave` in
every `package.json` `repository` field, README link, CHANGELOG
raw-asset URL.

## Carve-outs (deliberately untouched)

-
**[`apps/backend/src/lib/tokens.tsx`](apps/backend/src/lib/tokens.tsx)**
JWT issuer dual-accept table — PR 1 intentional infrastructure, kept
indefinitely.
- **Legacy `./docs/` folder** — per scoping decision (only
`docs-mintlify/` rewritten).
- **`unified-docs-widget` hostname allowlist** — accepts both
`.hexclave.com` (canonical) and `.stack-auth.com` (transition window)
for DNS rollout.
- **`url-targets.ts`** hosted-domain default
`.built-with-stack-auth.com` — wire identifier baked into existing
customer deploys; indefinite read-fallback.
- **Binary visual assets** (logos, favicons, OG images, README
screenshots) — out of scope for this PR. Need design work; tracked
separately.

## Verification

- **`pnpm typecheck`** on
`packages/{template,stack-shared,react,stack,js}` + `apps/dashboard`:
**all green**. The remaining backend / e-commerce-demo typecheck errors
are pre-existing (Prisma codegen output +
`./generated/api-versions.json` not present in fresh worktrees without
`pnpm run codegen-prisma` + a live DB) and unrelated to this diff.
- **`pnpm lint`** on the same 6 packages: all green.
- **Final grep** for residual `Stack Auth` / `stack-auth.com` /
`@stackframe/stack-cli@latest` references: zero outside the intentional
carve-outs above.
- **25 e2e test files updated in lockstep** with the known-error message
changes (asserted strings flipped to match the new x-hexclave-* +
compat-note messages).

## Deploy blockers (ops sequencing before this rebrand goes live)

This PR is code-complete, but the rebrand's visible surfaces (SDK
default URLs, dashboard links, npm READMEs, REST error messages, runtime
deprecation warning) all point at `*.hexclave.com` / `@hexclave/*`
resources that don't exist yet. None of these are fixable from a PR —
they're ops/registrar/npm work that has to be sequenced before merging
this to a release tag.

Suggested ordering, hardest blockers first:

### Tier 1 — required before customer-facing deploy (everything below
this line *will visibly break customers on day 1* if skipped)

1. **DNS + TLS for `api.hexclave.com` + `api1./api2.hexclave.com`** →
must point at the same backend that serves `api.stack-auth.com` (or a
backend that mirrors PR 1's dual-accept). The SDK's new `defaultBaseUrl`
is `https://api.hexclave.com`; every customer that relied on the old
default and upgrades to a post-PR2 SDK build sends API requests here.
Until this resolves, every default-config customer's API call NXDOMAINs.
2. **DNS for `app.hexclave.com`** → the dashboard. Referenced in the
SDK's default-error messages ("Please create a project on the Hexclave
dashboard at https://app.hexclave.com"), the init-stack flow's
`wizard-congrats` redirect, and the OAuth dashboard handoff.
3. **DNS for `docs.hexclave.com`** + Mintlify deploy → the SDK runtime
deprecation warning (`https://docs.hexclave.com/migration`), every
README, every "Learn more" link in the dashboard, and every REST API
error body (`/api/overview#authentication`) points here. The MDX is in
this PR; the docs build target needs DNS.
4. **DNS for `mcp.hexclave.com`** → the MCP server endpoint that every
taught agent integration (`claude mcp add ...`, `cursor`, `codex`,
`vscode`) registers. Until this resolves, every `npx
@hexclave/cli@latest init` MCP-registration step fails.
5. **Reserve the `@hexclave` npm scope + set repo variable
`HEXCLAVE_VERSION`** → the mirror-publish step in
`.github/workflows/npm-publish.yaml` is gated on this variable. Without
it, the entire taught onboarding command `npx @hexclave/cli@latest init`
404s from the npm registry, *and* every README that says "install
`@hexclave/next`" leads to install failure. Pick the initial version
intentionally (`1.0.0` or aligned to `@stackframe/stack`); don't accept
a silent default.

### Tier 2 — required before announcing the rebrand publicly (lookalike
or low-traffic surfaces, but visibly broken)

6. **DNS for `r.hexclave.com`** → the analytics beacon
`defaultAnalyticsBaseUrl`. Silent failure if missing (analytics drops),
but should land alongside Tier 1.
7. **Register `sent-with-hexclave.com` + full email auth (SPF / DKIM /
DMARC)** → the new default sender domain for shared-sender transactional
emails. Without it the dashboard "send test email" path emits bounces,
and shared-sender flows (`getSharedEmailConfig("Hexclave")`) deliver to
spam at best.
8. **MX + SPF / DMARC for `hexclave.com`** → `team@hexclave.com` and
`security@hexclave.com` mailboxes. The security disclosure mailbox is
referenced in [`.github/SECURITY.md`](.github/SECURITY.md);
`team@hexclave.com` is the actual recipient of internal feedback emails
sent at runtime by
[`apps/backend/src/lib/internal-feedback-emails.tsx`](apps/backend/src/lib/internal-feedback-emails.tsx).
Today, every runtime feedback email bounces.
9. **DNS for `skill.hexclave.com`** → the canonical AI-agent skill fetch
URL (the agent bootstrap pivot). Without it, the entire "agent downloads
`SKILL.md` from a known URL" flow taught in
[`packages/stack-shared/src/helpers/init-prompt.ts`](packages/stack-shared/src/helpers/init-prompt.ts)
fails.
10. **Create `github.com/hexclave/hexclave` as a public repo** (even as
a redirect to `hexclave/stack-auth`) **OR** rewrite every `package.json`
`"repository"` field + dashboard footer "view on GitHub" link to point
at `hexclave/stack-auth` (which already exists). Currently every npm
package page's "Repository" link is dead, and the dashboard's GitHub
button + dev-tool repo link are dead.

### Tier 3 — broken but low-visibility / low-traffic

11. **DNS for `discord.hexclave.com`** → Discord invite redirect, used
in every README's chip and the dashboard footer.
12. **DNS for `demo.hexclave.com`** → " Demo" badge in every npm
package README. Broken-image badge on the package page.
13. **DNS + TLS for `built-with-hexclave.com`** → optional
hosted-handler domain (the default reverted to
`.built-with-stack-auth.com` in this PR's carve-outs, so this only
matters for projects that manually flip).

## Other follow-ups (not deploy-blocking)

- **E2E snapshot regen across the full suite** for the dual-emitted
`x-hexclave-*` response headers (PR 1 follow-up; `vitest -u` in CI
absorbs).
- **Binary visual assets** — logos, favicons, OG images, README
screenshots; need design pass.
- **Backend OpenAPI fumadocs regen** in CI flow — the JSON files in
`docs-mintlify/openapi/` are committed but regen runs in CI. Verify the
workflow that does this still works against the post-PR2 source.
- **Backend typecheck infra debt** — needs `codegen-prisma` +
`codegen-route-info` to clear; pre-existing, unaffected by this PR.

## Test plan

- [ ] CI runs full e2e suite (with `vitest -u` to absorb residual
snapshot deltas, then committed back).
- [ ] Spot-check: new `@hexclave/cli init` (once published) generates
`hexclave.config.ts` and works against a fresh project.
- [ ] Spot-check: existing customer with `@stackframe/stack` import sees
the once-per-process `console.warn` recommending `@hexclave/next` on SDK
init.
- [ ] Manual: dashboard setup page renders the `npx @hexclave/cli@latest
init` snippet and the `x-hexclave-publishable-client-key` API header in
the curl example.
- [ ] Manual: a fresh `pnpm run prisma migrate` against a clean DB sets
the internal project displayName to 'Hexclave Dashboard'.

---------

Co-authored-by: Konstantin Wohlwend <n2d4xc@gmail.com>
 2026-05-26 19:18:20 -07:00
github-actions[bot]
6a01c1bcc7 chore: update package versions 2026-05-26 22:26:55 +00:00
github-actions[bot]
18df895842 chore: update package versions 2026-05-26 21:59:38 +00:00
github-actions[bot]
5f3dc6d9ee chore: update package versions 2026-05-26 20:37:35 +00:00
github-actions[bot]
ad197de7fe chore: update package versions 2026-05-26 20:28:07 +00:00
github-actions[bot]
bef9452c95 chore: update package versions 2026-05-26 03:44:50 +00:00
github-actions[bot]
ed54832671 chore: update package versions 2026-05-26 00:59:48 +00:00
BilalG1
f7e389809e
feat(hexclave): PR 1 — wire compatibility layer (invisible) (#1475)
Some checks failed
all-good: Did all the other checks pass? / all-good (push) Has been cancelled
Details
Ensure Prisma migrations are in sync with the schema / check_prisma_migrations (22.x) (push) Has been cancelled
Details
DB migration compat / Check if migrations changed (push) Has been cancelled
Details
Docker Server Build and Push / Docker Build and Push Server (push) Has been cancelled
Details
Docker Server Build and Run / docker (push) Has been cancelled
Details
Runs E2E API Tests (Local Emulator) / E2E Tests (Local Emulator, Node ${{ matrix.node-version }}) (22.x) (push) Has been cancelled
Details
Runs E2E API Tests / E2E Tests (Node ${{ matrix.node-version }}, Freestyle ${{ matrix.freestyle-mode }}) (mock, 22.x) (push) Has been cancelled
Details
Runs E2E API Tests / E2E Tests (Node ${{ matrix.node-version }}, Freestyle ${{ matrix.freestyle-mode }}) (prod, 22.x) (push) Has been cancelled
Details
Runs E2E API Tests with custom port prefix / build (22.x) (push) Has been cancelled
Details
Runs E2E Fallback Tests / E2E Fallback Tests (Node ${{ matrix.node-version }}) (22.x) (push) Has been cancelled
Details
Lint & build / lint_and_build (24) (push) Has been cancelled
Details
TOC Generator / TOC Generator (push) Has been cancelled
Details
DB migration compat / Back-compat — Current branch migrations with ${{ needs.check-migrations-changed.outputs.base_branch }} branch code (push) Has been cancelled
Details
DB migration compat / Forward-compat — Current branch code with ${{ needs.check-migrations-changed.outputs.base_branch }} branch migrations (push) Has been cancelled
Details
DB migration compat / No migration changes (skipped) (push) Has been cancelled
Details 
## Summary

**Stacked on #1468** (`docs/hexclave-rename-plan` — the plan doc). Diff
vs that base = the actual PR 1 code.

This is **PR 1 of the Hexclave rebrand: the invisible compatibility
layer**. Everything is additive. Old SDKs, old wire identifiers, and old
env var names keep working unchanged. The backend dual-accepts and
dual-emits; new SDK code emits `x-hexclave-*` headers and the
`hexclave_` Bearer prefix; cookies dual-write; env vars dual-read across
every category. **No user-visible rebranding lands here** — that's PR 2.

See [`RENAME-TO-HEXCLAVE.md`](./RENAME-TO-HEXCLAVE.md) → *"PR 1
implementation guide"* for the full per-work-area spec, file pointers,
and chosen approach.

## What's implemented (all 14 PR-1 work-areas)

- **SDK export aliases** — `Hexclave*` aliases for the user-facing
`Stack*` exports added in `packages/template`; codegen propagates them
to `@stackframe/{js,stack,react,tanstack-start}`. React-only aliases
correctly excluded from `@stackframe/js`. (`e60550a2`)
- **JWT issuer dual-accept** — `decodeAccessToken` accepts both
`api.stack-auth.com` and `api.hexclave.com` issuers. Signing unchanged.
(`fc781def`)
- **Request-header dual-accept** — backend + dashboard proxies normalize
`x-hexclave-*` → `x-stack-*` at the existing empty proxy hook (so
`smart-request.tsx` and every route schema keep working unchanged); CORS
allowlists extended via a derive-once helper. (`2a056eac`)
- **MCP `ask_hexclave`** — registered alongside `ask_stack_auth` via a
shared helper; `ask_stack_auth` behavior byte-identical. (`30ffd604`)
- **Dev-tool** — DOM ids + header emit switched.
`window.HexclaveDevTool` exposed alongside `window.StackDevTool`.
(`32131ea7`)
- **The big consolidated commit** (`7fed864a`):
- **Env vars** — central `getEnvVariable` prefix-transform (HEXCLAVE
first, STACK fallback); dashboard + template client env files dual-read;
`turbo.json` globalEnv; `NEXT_PUBLIC_STACK_PORT_PREFIX` renamed outright
across ~82 files including docker.
- **Cookies** — dual-write/dual-read auth (`stack-access`/`-refresh-*`
and custom-domain variants), OAuth-state
(`stack-oauth-{inner,outer}-*`), and low-risk cookies (`stack-is-https`,
`stack-last-seen-changelog-version`). Bypass sites patched (backend
OAuth callback, dashboard remote-dev auth route, impersonation snippets,
snapshot serializer).
- **Bearer prefix** — SDK token parser accepts both `stackauth_` and
`hexclave_`; emits `hexclave_`. Discovery correction: this is purely
SDK-internal — the backend never parses it.
- **Response headers** — backend dual-emits
`x-hexclave-{request-id,actual-status,known-error}`; SDKs dual-read (new
first, stack fallback).
- **SDK request-header emit switch** —
`client/server/admin-interface.ts` + dashboard `api-headers.ts` +
`internal-project-headers.ts` + `feedback-form.tsx` switched to
`x-hexclave-*`. Plus `stack_response_mode` query param.
- **Storage keys** — dev-tool / cli-auth / oauth-button / docs keys
renamed (straight); `stack:session-replay:v1` dual-read so in-progress
recordings survive SDK upgrades; `stack_mfa_attempt_code` dual-read.
- **Query params** — cross-domain params dual-emit/dual-accept via
shared helpers; backend `oauth/authorize` accepts
`hexclave_response_mode` and `stack_response_mode`; `stack-init-id`
renamed.
- **`Symbol.for`** — app-internals symbol gets a parallel
`Symbol.for("Hexclave--app-internals")` getter on each attach site (no
read-site churn — old symbol still attached). 3 file-private symbols
renamed outright.
- **Config discovery** — prefer `hexclave.config.ts`, fall back to
`stack.config.ts` at every discovery site (CLI / dashboard / backend /
local-emulator); `init` writes the new filename; CLI credentials path
migrates.
- **Internal renames** — `StackAssertionError`,
`StackClient/Server/AdminInterface` renamed outright (no alias, per the
"internal-only → rename" rule). ~264 files touched.
- **Review-pass fixes** (`21217fbe`) — three real bugs found by parallel
review agents and fixed:
- `snapshot-serializer.ts` was interpolating the whole
`keyedCookieNamePrefixes` array (`${arr}`) — adding a second prefix
would have corrupted **every** OAuth-cookie snapshot, not just new ones.
- **Docker port-prefix producer/consumer mismatch** —
`entrypoint.sh`/`run-emulator.sh`/cloud-init `user-data` were still
producing `NEXT_PUBLIC_STACK_PORT_PREFIX` while the dashboard sentinel +
consumers had been renamed; silent self-host regression (custom port
prefix would be ignored).
- **Missing `hexclave-oauth-inner-*` dual-write** in the OAuth authorize
route — callback's fallback masked it but the dual-write was specified
by the plan.
- Plus: `mcp.test.ts` tool-list assertions updated to include
`ask_hexclave`; two dashboard header-emit sites switched to
`x-hexclave-*` for consistency.
- **E2E snapshot serializer follow-up** (`4b16cc5d`) —
`x-hexclave-request-id` added to the hidden-headers list (mirroring
`x-stack-request-id` treatment), and 2 sample inline snapshots
regenerated in `projects.test.ts` to include the new dual-emitted
headers.

## Verification

- **`pnpm typecheck`** — clean (the fresh-worktree `@/.source` / Prisma
codegen gap in `stack-docs` is pre-existing and unrelated).
- **`pnpm lint`** — 29/29 packages green.
- **`pnpm exec turbo run build --filter=./packages/*`** — 13/13 packages
build (including `@stackframe/stack-cli` once the dashboard standalone
is present).
- **Live E2E** against a running backend on `cl/hexclave-pr1`:
- `pnpm test run
apps/e2e/tests/backend/endpoints/api/v1/internal/mcp.test.ts` — **6/6
pass** (verifies the new `ask_hexclave` tool — the hand-written inline
snapshot matched actual MCP server output).
- `pnpm test run
apps/e2e/tests/backend/endpoints/api/v1/internal/projects.test.ts` —
**11/11 pass** (verifies wire dual-accept + dual-emit end-to-end; the
snapshot serializer fix was found and applied during this check).

A four-agent parallel **review pass** also audited the full diff for
logic/runtime bugs across the work-areas (wire headers + JWT, cookies +
bearer + symbols, env vars, query params + config + MCP + aliases). All
in-slice review verdicts were ✓ except the three bugs listed above,
which are now fixed.

## Known follow-ups (out of scope for this PR)

- **E2E snapshots across the rest of the suite** — backend now
dual-emits `x-hexclave-{known-error,actual-status}` alongside
`x-stack-*`, which legitimately appears in inline snapshots throughout
`apps/e2e`. Two were regenerated here as a sample; the rest should regen
with `vitest -u` in CI.
- **Docker shell env vars beyond `PORT_PREFIX`** — `entrypoint.sh` still
reads `STACK_*` env vars directly (the JS-side `getEnvVariable`
transform doesn't help the shell). JS consumers dual-read so it works in
practice; full shell-level dual-read is a deeper self-host follow-up.
- **`@stackframe/stack-cli` build ordering** — pre-existing; needs
`build:rde-standalone` first. Not affected by this PR.

## Test plan

- [ ] CI runs full e2e suite (with `vitest -u` to absorb dual-emit
snapshot deltas, then committed back)
- [ ] Spot-check: an old SDK build (emitting only `x-stack-*`) still
authenticates against the new backend
- [ ] Spot-check: a new SDK (emitting `x-hexclave-*` / `Bearer
hexclave_*`) still authenticates against an old backend during deploy
ordering
- [ ] Manual: `npx @stackframe/stack-cli@latest init` (new onboarding
entrypoint) generates `hexclave.config.ts`
- [ ] Manual: existing `stack.config.ts`-only project still resolves (no
migration required)

---------

Co-authored-by: bilal <bilal@stack-auth.com>
 2026-05-23 17:24:55 -07:00
github-actions[bot]
957a33a651 chore: update package versions 2026-05-23 18:13:12 +00:00
github-actions[bot]
6a0ded1340 chore: update package versions 2026-05-23 16:45:36 +00:00
github-actions[bot]
01948e2313 chore: update package versions 2026-05-23 03:30:16 +00:00
github-actions[bot]
62aa8616d5 chore: update package versions 2026-05-23 03:25:52 +00:00
github-actions[bot]
70999df64e chore: update package versions 2026-05-23 01:02:03 +00:00
github-actions[bot]
9355c8665c chore: update package versions 2026-05-22 23:02:49 +00:00
github-actions[bot]
cd29811456 chore: update package versions 2026-05-22 22:58:20 +00:00
github-actions[bot]
0c6e135c30 chore: update package versions
Some checks failed
all-good: Did all the other checks pass? / all-good (push) Has been cancelled
Details
Ensure Prisma migrations are in sync with the schema / check_prisma_migrations (22.x) (push) Has been cancelled
Details
DB migration compat / Check if migrations changed (push) Has been cancelled
Details
Docker Server Build and Push / Docker Build and Push Server (push) Has been cancelled
Details
Docker Server Build and Run / docker (push) Has been cancelled
Details
Runs E2E API Tests (Local Emulator) / E2E Tests (Local Emulator, Node ${{ matrix.node-version }}) (22.x) (push) Has been cancelled
Details
Runs E2E API Tests / E2E Tests (Node ${{ matrix.node-version }}, Freestyle ${{ matrix.freestyle-mode }}) (mock, 22.x) (push) Has been cancelled
Details
Runs E2E API Tests / E2E Tests (Node ${{ matrix.node-version }}, Freestyle ${{ matrix.freestyle-mode }}) (prod, 22.x) (push) Has been cancelled
Details
Runs E2E API Tests with custom port prefix / build (22.x) (push) Has been cancelled
Details
Runs E2E Fallback Tests / E2E Fallback Tests (Node ${{ matrix.node-version }}) (22.x) (push) Has been cancelled
Details
Lint & build / lint_and_build (24) (push) Has been cancelled
Details
TOC Generator / TOC Generator (push) Has been cancelled
Details
DB migration compat / Back-compat — Current branch migrations with ${{ needs.check-migrations-changed.outputs.base_branch }} branch code (push) Has been cancelled
Details
DB migration compat / Forward-compat — Current branch code with ${{ needs.check-migrations-changed.outputs.base_branch }} branch migrations (push) Has been cancelled
Details
DB migration compat / No migration changes (skipped) (push) Has been cancelled
Details
2026-05-22 01:35:39 +00:00
github-actions[bot]
d12968eb3d chore: update package versions 2026-05-22 00:46:34 +00:00
github-actions[bot]
03e7b61308 chore: update package versions 2026-05-21 23:29:36 +00:00
Konstantin Wohlwend
bf8d0ece28 chore: update package versions 2026-05-21 16:23:12 -07:00
Konstantin Wohlwend
4ff24dea9b chore: update package versions 2026-05-21 14:54:23 -07:00
Konstantin Wohlwend
90421431ee chore: update package versions 2026-05-20 11:58:44 -07:00
Konstantin Wohlwend
48acb8c640 chore: update package versions 2026-05-19 16:22:10 -07:00
Konstantin Wohlwend
80a26ca15d chore: update package versions 2026-05-11 10:10:47 -07:00
Konstantin Wohlwend
440c18c894 chore: update package versions 2026-05-06 11:43:03 -07:00