60 Commits

Author	SHA1	Message	Date
BilalG1	c14a9dd3d0	feat(hexclave): PR 5 — internal symbol/path/package renames + brand strings (#1547) ... ## Stack Auth → Hexclave rename — PR 5 (internal symbols, paths, packages, brand strings) PR 5 finishes the **internal / non-wire** half of the Stack→Hexclave rename. It only touches things where nothing outside the repo depends on the exact name: internal symbols, file/dir names, the `@stackframe/template` package, and residual brand strings. Plan + progress are in `HEXCLAVE-RENAME-PR5-PLAN.md`. Every step was verified green (`pnpm typecheck` + `pnpm lint`, 28/28) and committed as its own checkpoint, then a fan-out of review agents audited all commits and the findings were fixed. ### What changed - **Internal symbols** (`@hexclave/shared`, `packages/template`, apps): `stack*`/`Stack*` → `hexclave*`/`Hexclave*` — incl. `stackGlobalsSymbol`, the `_Stack*AppImpl` classes, `stackAppInternalsSymbol`, `StackContext`, `getStackStripe`, etc. The `stack*App` local-variable convention (`stackServerApp`/`stackClientApp`/…) was renamed across 175 source/example/doc files. - **File renames**: `hexclave-handler/provider/context.tsx`, `backend/hexclave.tsx`, `internal-tool/hexclave.ts`, `hexclave-app-internals.ts`. - **Directory renames**: `lib/hexclave-app`, `hexclave-companion`, `[...hexclave]` route segment, `skills/hexclave`, `dashboard/src/hexclave`, and the package dirs **`packages/{next,shared,ui,sc,cli}`** (dropping the `stack-` prefix to match the `@hexclave/*` npm names). - **Packages**: `@stackframe/template` → `@hexclave/template`; **deleted `packages/init-stack`** (onboarding lives in `@hexclave/cli init`; the published npm package is untouched). - **Brand strings**: reworded `Stack Auth`/`Stack dashboard` prose in code + docs-mintlify, renamed `hexclave-app.mdx`/`use-hexclave-app.mdx` with redirects, regenerated OpenAPI, updated coupled e2e assertions; `doctor`/`init` now prefer `hexclave.config.ts`. ### Intentionally kept (verified, not oversights) Wire/compat identifiers (`x-stack-*` headers, `stack-*` cookies, `STACK_*` env names, `*.stack-auth.com`, `stackauth_`, `ask_stack_auth`, query params), public `Stack*` SDK aliases, crypto/JWT/vault domain-separation tags, `*-brand-sentinel`s, the `Symbol.for("StackAuth--…")` string, `_stack_sync_metadata`, Postgres `stackframe` / docker image names, the `stack-auth-logo*.svg` (used by the rebrand modal), and `migration.mdx` / "formerly known as Stack Auth" notes. False positives (Phosphor `StackIcon`/`StackSimple`, `TanStack`, `OrbStack`, `stackable`/`Stacked` charts) left alone. ### Review pass Six review agents audited all commits. Found + fixed one real bug — a build script (`bundle-type-definitions.ts`) hardcoded the old `lib/stack-app` glob path (not an import, so typecheck/lint were blind), silently emptying the dashboard AI type bundle — plus stale comments, a dead CI env var, and stale `.gitignore`/`.dockerignore` entries. Cross-cutting audit confirmed **zero wire-compat identifiers were accidentally renamed**. ### ⚠️ Verification note `typecheck` + `lint` are fully green locally. The **e2e suite was not run** (needs a live backend+DB), so the brand-string assertion + OpenAPI-regen changes are verified by grep/codegen only — please let CI exercise e2e to confirm. ### Base-branch note This branch was forked from the local-only `cl/friendly-lewin-72293f` (not on origin, no separate PR), so this PR against `dev` also carries that branch's ~11 preceding Hexclave-rename commits (config-file rename, env-var dual-read, AI setup-prompt rebrand). If those should land separately, re-parent before merge. <!-- This is an auto-generated description by cubic. --> --- ## Summary by cubic Finishes the internal Stack Auth → Hexclave rename and cleans up remaining stragglers, including dev-tool and prompt copy. All changes are internal-only; public/wire APIs remain unchanged. Re-merged `dev` and resolved the payments create-purchase-url conflict. - **Refactors** - Internal symbols: stack*/Stack* → hexclave*/Hexclave* (e.g., `getHexclaveServerApp` via `@/hexclave`, `getHexclaveStripe`, `hexclaveAppInternalsSymbol`, `hexclaveSchemaInfo`, Prisma `__hexclave_*`, `data-hexclave-handler-page`, Stripe mock `hexclavePortPrefix`). - Files/dirs: moved to `lib/hexclave-app`; handler route `[...hexclave]`; backend entry `src/hexclave.tsx`; dashboard internals `hexclave-app-internals`; companion `hexclave-companion`; dropped `stack-` prefix across package dirs (`packages/{shared,ui,sc,cli,next}`); workflows/emulator paths now `packages/cli`; Quetzal codegen env at `packages/next/.env.local`. - Packages/docs: `@stackframe/template` → `@hexclave/template`; removed `packages/init-stack`; regenerated OpenAPI and updated docs slugs/redirects for hexclave-app/use-hexclave-app. - Brand strings/prompts: reworded remaining “Stack” dashboard strings to Hexclave; updated dev-tool copy and prompts; `doctor/init` now prefer `hexclave.config.ts`. Kept all wire-compat identifiers and public aliases (`x-stack-*`, `stack-*` cookies, `STACK_*` env, `*.stack-auth.com`, `Stack*` SDK names). - Rebased/merged onto latest `dev`: retained `@hexclave/template`, kept `src` in published files, refreshed setup-prompt imports and docs JSON, adopted 1.0.5 version bumps, and re-merged `dev` again (resolved `create-purchase-url` with `getHexclaveStripe`). - **Bug Fixes** - Restored dashboard AI type bundle by pointing the glob to `packages/template/src/lib/hexclave-app`. - Addressed rename leftovers: updated lingering `@/stack` imports and CSS selector, fixed schema/meta and port-prefix expansions, and aligned emulator commands to `packages/cli`. - CI/build: removed a dead env var and stale ignore entries; fixed Docker by renaming `STACK_SKIP_TEMPLATE_GENERATION` → `HEXCLAVE_SKIP_TEMPLATE_GENERATION`. <sup>Written for commit 3c1af3bff3. Summary will update on new commits.</sup> <a href="https://cubic.dev/pr/hexclave/hexclave/pull/1547?utm_source=github" target="_blank" rel="noopener noreferrer" data-no-image-dialog="true"><picture><source media="(prefers-color-scheme: dark)" srcset="https://cubic.dev/buttons/review-in-cubic-dark.svg"><source media="(prefers-color-scheme: light)" srcset="https://cubic.dev/buttons/review-in-cubic-light.svg"><img alt="Review in cubic" src="https://cubic.dev/buttons/review-in-cubic-dark.svg"></picture></a> <!-- End of auto-generated description by cubic. -->	2026-06-03 18:57:09 -07:00
BilalG1	501ae9fe61	PR 4: Rename Stack -> Hexclave: examples config module, app-internal symbols, crypto docs (#1534) ... ## What Continues the **Stack Auth → Hexclave** rename for a set of safe, internal-only surfaces. This intentionally avoids public-contract names. ### Changes - **Examples** — renamed the user-facing config module `stack.ts`/`stack.tsx` (and the `convex` / `lovable` `stack/` directories) to `hexclave`, and updated every importer across `.ts`/`.tsx`/`.jsx`. The public `app/handler/[...stack]/` route segment is left unchanged. - **apps/{dashboard,backend,internal-tool}** — renamed app-local SDK-init symbols `stackClientApp → hexclaveClientApp` and `getStackServerApp → getHexclaveServerApp`, and the dashboard `StackCompanion` component → `HexclaveCompanion` (incl. `useStackCompanion`, context types). The public `StackClientApp`/`StackServerApp` SDK classes are **unchanged**. - **packages/stack-shared** — added comments to the crypto / JWT / vault `stack-*` literals documenting that they must **not** be renamed (key derivation / JWKS / KMS-alias stability). The literals are byte-identical. ### Deliberately excluded - **`STACK_*` → `HEXCLAVE_*` env-var rename** — `HEXCLAVE_*` already resolves via the dual-read layers (SDK env, dashboard `_inlineEnvVars`, `getEnvVariable`). The remaining holdout is the docker post-build sentinel path, which the codebase authors explicitly deferred and which is tightly coupled to `entrypoint.sh` + untestable here. A blind rename there risks silently breaking self-host/emulator bootstrap for ~zero functional gain. - **All public-contract names** — SDK class names, env vars, HTTP headers (`x-stack-*`), and the `/handler` route convention. ## Verification - `pnpm lint` — **29/29 passing**. - `pnpm typecheck` — **28/29 passing**; the only failure is `@hexclave/docs` (pre-existing missing fumadocs `.source` codegen, untouched by this PR). - Two rounds of adversarial multi-agent review; findings fixed: string-literal collateral from the symbol sweep (CLI test fixtures + an AI-prompt template) reverted, and a missed `.jsx` importer in `examples/cjs-test` corrected. ## Notes - Based on a `dev` snapshot from when the branch was cut (a couple commits behind tip); the diff contains only the changes above. <!-- This is an auto-generated description by cubic. --> --- ## Summary by cubic Complete the internal “Stack” → “Hexclave” rename across examples, app-local code, config tooling, and setup docs, and standardize env output to HEXCLAVE_* with correct default API URL handling. Public SDK classes, handler routes, and legacy env names keep working. - **Refactors** - Examples/config: `stack.*` files and `stack/` dirs → `hexclave.*`/`hexclave/`; imports updated; keep `app/handler/[...stack]` route. - Apps: backend/dashboard/internal-tool now use `getHexclaveServerApp` and `hexclaveClientApp`; dashboard `StackCompanion` → `HexclaveCompanion`. Public `StackClientApp`/`StackServerApp` unchanged. - Env/setup: Next.js and CLI generators write HEXCLAVE_* and omit API URL when using https://api.stack-auth.com; CLI `doctor` and auth resolution prefer HEXCLAVE_* (e.g. `HEXCLAVE_SECRET_SERVER_KEY`, `HEXCLAVE_PROJECT_ID`) with `STACK_*` fallback. - Config tooling: `stack-config-file` → `hexclave-config-file`, emitting `HexclaveConfig`; imports updated across backend/dashboard/tooling. - Shared/docs: added “do not rename” notes for crypto/JWT/vault `stack-*` literals; regenerated setup prompt/docs to use `hexclave.config.ts`, `hexclave dev`, and `src/hexclave/`. - Tests: updated snapshots/assertions to expect `HexclaveConfig` and HEXCLAVE_* env names. - **Migration** - No action required. SDK and CLI read both HEXCLAVE_* and STACK_*. <sup>Written for commit 8a891b4f6c. Summary will update on new commits.</sup> <a href="https://cubic.dev/pr/hexclave/hexclave/pull/1534?utm_source=github" target="_blank" rel="noopener noreferrer" data-no-image-dialog="true"><picture><source media="(prefers-color-scheme: dark)" srcset="https://cubic.dev/buttons/review-in-cubic-dark.svg"><source media="(prefers-color-scheme: light)" srcset="https://cubic.dev/buttons/review-in-cubic-light.svg"><img alt="Review in cubic" src="https://cubic.dev/buttons/review-in-cubic-dark.svg"></picture></a> <!-- End of auto-generated description by cubic. --> <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **Refactor** * Renamed internal app/client/server instances and companion/provider components to the new product name across backend, dashboard, examples, and tooling; imports updated accordingly. * Updated generated environment variable names and CLI init/doctor outputs to prefer the new product prefix. * **Documentation** * Added clarifying notes about vault/encryption and JWT/key labels to avoid breaking existing encrypted data. <!-- end of auto-generated comment: release notes by coderabbit.ai -->	2026-06-03 12:09:20 -07:00
Konstantin Wohlwend	2e1bfecb5f	Fix types	2026-06-01 16:25:49 -07:00
BilalG1	609579abab	feat(hexclave): PR 3 — native @hexclave/* source rename + delete dual-publish wiring (#1482)	2026-05-29 15:21:59 -07:00
Konsti Wohlwend	7aafa8fd87	Fix Hexclave logo SVGs: convert wordmark text to outlined paths (#1517)	2026-05-28 17:53:56 -07:00
BilalG1	57ff5d3ce9	feat(hexclave): PR 2 — visible rebrand (Hexclave brand goes public) (#1481) ... ## Summary **Stacked on [#1475](https://github.com/hexclave/stack-auth/pull/1475)** (`cl/hexclave-pr1`, the invisible compatibility layer). Diff vs that base = the actual PR 2 code. This is **PR 2 of the Stack Auth → Hexclave rebrand: the visible flip**. Old wire identifiers (cookies, request/response headers, Bearer prefix, JWT issuers, MCP tool name) keep working indefinitely via PR 1's dual-accept. This PR flips every user-visible surface — package names taught in docs, SDK class names in code examples, dashboard setup snippets, page titles, error messages, email content, CLI binary, default base URLs, GitHub repo slug, contributor guidance — to the Hexclave brand. See [`RENAME-TO-HEXCLAVE.md`](./RENAME-TO-HEXCLAVE.md) → *"PR 2: Rebrand to Hexclave (visible)"* for the full per-work-area spec. ## What's implemented (per the plan's PR 2 scope) - **SDK base URLs** flipped: `defaultBaseUrl` and `defaultAnalyticsBaseUrl` in [common.ts](packages/template/src/lib/stack-app/apps/implementations/common.ts:127) → `https://api.hexclave.com` / `https://r.hexclave.com`. PR 1's [`getHardcodedFallbackUrls`](packages/stack-shared/src/utils/urls.tsx:199) table now keys on the Hexclave domain. - **Domain inventory sweep** (16 subdomains from the plan): every `api/app/docs/discord/demo/mcp/skill/feedback/test/preview/r/api2/api.staging/idp-jwk-audience/built-with.stack-auth.com` reference in production code, docs-mintlify, examples, READMEs, and contributor guidance flipped to `*.hexclave.com`. Carve-outs: PR 1's intentional JWT issuer dual-accept table in [tokens.tsx](apps/backend/src/lib/tokens.tsx), the legacy `./docs/` folder, the `unified-docs-widget` allowlist (deliberately accepts both during DNS transition), and `url-targets.ts` hosted-component default (baked into existing customer deploys). - **`@deprecated` JSDoc** on every `Stack*` public export ([packages/template/src/lib/stack-app/index.ts](packages/template/src/lib/stack-app/index.ts) + [packages/template/src/index.ts](packages/template/src/index.ts)) — `StackClientApp`, `StackServerApp`, `StackAdminApp` + every constructor/options/JSON type, `StackHandler`, `StackProvider`, `StackTheme`, `useStackApp`, `defineStackConfig`, `StackConfig`. Hexclave\* aliases are now canonical. - **Runtime `console.warn`** ([packages/template/src/internal/deprecation-warning.ts](packages/template/src/internal/deprecation-warning.ts)) — once-per-process when the SDK is loaded from a `@stackframe/*` artifact. Detection uses the existing `STACK_COMPILE_TIME_CLIENT_PACKAGE_VERSION_SENTINEL` (rewritten at build time to e.g. `js @stackframe/stack@2.8.92` or `js @hexclave/next@1.0.0`); `@hexclave/*` mirror artifacts short-circuit the warning. - **Tier 3 data migration**: new idempotent SQL migration [`20260523000000_rename_internal_project_to_hexclave`](apps/backend/prisma/migrations/20260523000000_rename_internal_project_to_hexclave/migration.sql) — updates the internal Project `displayName` 'Stack Dashboard' → 'Hexclave Dashboard' and `description` only if both still hold the pre-rebrand defaults. Operator-renamed projects untouched, missing row no-ops, re-runs are no-ops. [`seed.ts`](apps/backend/prisma/seed.ts:87) default flipped. `getSharedEmailConfig("Stack Auth")` → `("Hexclave")`. - **Tier 4 brand strings** (mechanical sweep, ~340 files): - Page + OpenAPI titles (Hexclave API / Dashboard / REST API / Webhooks API / Documentation). OpenAPI `info.description` documents `X-Hexclave-*` headers as canonical with compat note on `X-Stack-*`. - `HexclaveAssertionError` message text ([errors.tsx:71](packages/stack-shared/src/utils/errors.tsx:71)) — "an error in Stack." → "an error in Hexclave." - Known-error message templates ([known-errors.tsx](packages/stack-shared/src/known-errors.tsx)) flipped to lead with `x-hexclave-*` + the new `docs.hexclave.com` URL; legacy `x-stack-*` mentioned as compat aliases. **25 e2e test files updated in lockstep**. - Email content: failed-emails-digest body, sendTestEmail recipient (now `sent-with-hexclave.com`), test-email-recipient default. - `CHANGELOG.md` title → "Hexclave Changelog". - `AGENTS.md` env var convention: new vars prefix `HEXCLAVE_` / `NEXT_PUBLIC_HEXCLAVE_` for Category A/B; legacy `STACK_*` explicitly noted as accepted via PR 1's dual-read. - **CLI / init wizard**: - Every dashboard setup snippet, init-stack template, and docs-mintlify page teaches `npx @hexclave/cli@latest init` (was `@stackframe/stack-cli`). [setup-page.tsx](apps/dashboard/src/app/(main)/(protected)/projects/[projectId]/(overview)/setup-page.tsx) + [link-existing-onboarding](apps/dashboard/src/app/(main)/(protected)/(outside-dashboard)/new-project/page-client-parts/link-existing-onboarding.tsx). - [init-stack](packages/init-stack/src/index.ts:634) `STACK_*_INSTALL_PACKAGE_NAME_OVERRIDE` defaults flipped to `@hexclave/*`. - Generated `stack/client.ts` / `stack/server.ts` import from `@hexclave/next` and reference `HexclaveClientApp` / `HexclaveServerApp`. - Internal `StackAuthKeys` dashboard component renamed to `HexclaveKeys`. - **docs-mintlify rewrite** (legacy `./docs/` intentionally untouched per scoping decision): - **78 MDX files swept**. `@stackframe/{react,stack,js,tanstack-start,...}` → `@hexclave/{react,stack,js,...}` in install snippets and code blocks; `Stack*` SDK class names → `Hexclave*` in all code examples; 'Stack Auth' brand phrase → 'Hexclave'. - `openapi/{server,admin,client,webhooks}.json` titles → 'Hexclave REST API' / 'Hexclave Webhooks API'. - **Generators flipped before regeneration**: - [`packages/stack-shared/src/helpers/init-prompt.ts`](packages/stack-shared/src/helpers/init-prompt.ts), [`/ai/prompts.ts`](packages/stack-shared/src/ai/prompts.ts), [`apps/backend/src/lib/ai/prompts.ts`](apps/backend/src/lib/ai/prompts.ts), [`apps/backend/src/lib/ai/tools/create-email-{template,draft}.ts`](apps/backend/src/lib/ai/tools/create-email-template.ts), [`apps/skills/src/app/route.ts`](apps/skills/src/app/route.ts) (taught MCP tool → `ask_hexclave` with compat note; CLI binary teach → `hexclave`), [`docs-mintlify/snippets/home-prompt-island.jsx`](docs-mintlify/snippets/home-prompt-island.jsx), [`packages/template/README.md`](packages/template/README.md) + integrations/convex/component/README.md. - `generate-sdks` propagated changes to `packages/{react,stack,js}`. - **OpenAPI dual-documentation**: [`apps/backend/src/app/api/latest/route.ts`](apps/backend/src/app/api/latest/route.ts) now lists `X-Hexclave-*` headers as primary documented schemas with `X-Stack-*` duplicates marked `.optional()` (both accepted at runtime by PR 1's normalize-at-proxy shim). - **`@stackframe/emails` virtual module**: dual-aliased to `@hexclave/emails` at the bundler boundary ([email-rendering.tsx:89](apps/backend/src/lib/email-rendering.tsx:89)). Stored email templates continue to import from either name; new AI-generated templates and the system prompt teach `@hexclave/emails`. - **Tier 2 mirror-publish wiring** (new this PR, lays the groundwork for `@hexclave/*` first publish): - [`scripts/rewrite-packages-to-hexclave.ts`](scripts/rewrite-packages-to-hexclave.ts) — rewrites 9 publishable `@stackframe/*` → `@hexclave/*` `package.json` files (reads `HEXCLAVE_VERSION` env or `--version=` flag), pins cross-deps to the shared `@hexclave` version, registers `hexclave` bin alongside `stack` for `@hexclave/cli`. - [`.github/workflows/npm-publish.yaml`](.github/workflows/npm-publish.yaml) appended with rewrite-then-republish step. `pnpm publish` skips already-on-npm versions so reruns are safe. - **Sender email domain**: `noreply@stackframe.co` → `noreply@sent-with-hexclave.com` (the dedicated transactional-sender domain split per the plan, to isolate bulk deliverability from `hexclave.com` reputation); `security@` / `team@stack-auth.com` inbound mailboxes → `@hexclave.com`. - **Self-host docs**: docker network / container names in the bash examples flipped from `stack-auth` to `hexclave` (`hexclave-postgres`, `hexclave-clickhouse`, `hexclave.env`). The docker image tag `stackauth/server:latest` stays per the plan's locked decision. - **GitHub repo slug**: `hexclave/stack-auth` → `hexclave/hexclave` in every `package.json` `repository` field, README link, CHANGELOG raw-asset URL. ## Carve-outs (deliberately untouched) - **[`apps/backend/src/lib/tokens.tsx`](apps/backend/src/lib/tokens.tsx)** JWT issuer dual-accept table — PR 1 intentional infrastructure, kept indefinitely. - **Legacy `./docs/` folder** — per scoping decision (only `docs-mintlify/` rewritten). - **`unified-docs-widget` hostname allowlist** — accepts both `.hexclave.com` (canonical) and `.stack-auth.com` (transition window) for DNS rollout. - **`url-targets.ts`** hosted-domain default `.built-with-stack-auth.com` — wire identifier baked into existing customer deploys; indefinite read-fallback. - **Binary visual assets** (logos, favicons, OG images, README screenshots) — out of scope for this PR. Need design work; tracked separately. ## Verification - **`pnpm typecheck`** on `packages/{template,stack-shared,react,stack,js}` + `apps/dashboard`: **all green**. The remaining backend / e-commerce-demo typecheck errors are pre-existing (Prisma codegen output + `./generated/api-versions.json` not present in fresh worktrees without `pnpm run codegen-prisma` + a live DB) and unrelated to this diff. - **`pnpm lint`** on the same 6 packages: all green. - **Final grep** for residual `Stack Auth` / `stack-auth.com` / `@stackframe/stack-cli@latest` references: zero outside the intentional carve-outs above. - **25 e2e test files updated in lockstep** with the known-error message changes (asserted strings flipped to match the new x-hexclave-* + compat-note messages). ## Deploy blockers (ops sequencing before this rebrand goes live) This PR is code-complete, but the rebrand's visible surfaces (SDK default URLs, dashboard links, npm READMEs, REST error messages, runtime deprecation warning) all point at `*.hexclave.com` / `@hexclave/*` resources that don't exist yet. None of these are fixable from a PR — they're ops/registrar/npm work that has to be sequenced before merging this to a release tag. Suggested ordering, hardest blockers first: ### Tier 1 — required before customer-facing deploy (everything below this line *will visibly break customers on day 1* if skipped) 1. **DNS + TLS for `api.hexclave.com` + `api1./api2.hexclave.com`** → must point at the same backend that serves `api.stack-auth.com` (or a backend that mirrors PR 1's dual-accept). The SDK's new `defaultBaseUrl` is `https://api.hexclave.com`; every customer that relied on the old default and upgrades to a post-PR2 SDK build sends API requests here. Until this resolves, every default-config customer's API call NXDOMAINs. 2. **DNS for `app.hexclave.com`** → the dashboard. Referenced in the SDK's default-error messages ("Please create a project on the Hexclave dashboard at https://app.hexclave.com"), the init-stack flow's `wizard-congrats` redirect, and the OAuth dashboard handoff. 3. **DNS for `docs.hexclave.com`** + Mintlify deploy → the SDK runtime deprecation warning (`https://docs.hexclave.com/migration`), every README, every "Learn more" link in the dashboard, and every REST API error body (`/api/overview#authentication`) points here. The MDX is in this PR; the docs build target needs DNS. 4. **DNS for `mcp.hexclave.com`** → the MCP server endpoint that every taught agent integration (`claude mcp add ...`, `cursor`, `codex`, `vscode`) registers. Until this resolves, every `npx @hexclave/cli@latest init` MCP-registration step fails. 5. **Reserve the `@hexclave` npm scope + set repo variable `HEXCLAVE_VERSION`** → the mirror-publish step in `.github/workflows/npm-publish.yaml` is gated on this variable. Without it, the entire taught onboarding command `npx @hexclave/cli@latest init` 404s from the npm registry, *and* every README that says "install `@hexclave/next`" leads to install failure. Pick the initial version intentionally (`1.0.0` or aligned to `@stackframe/stack`); don't accept a silent default. ### Tier 2 — required before announcing the rebrand publicly (lookalike or low-traffic surfaces, but visibly broken) 6. **DNS for `r.hexclave.com`** → the analytics beacon `defaultAnalyticsBaseUrl`. Silent failure if missing (analytics drops), but should land alongside Tier 1. 7. **Register `sent-with-hexclave.com` + full email auth (SPF / DKIM / DMARC)** → the new default sender domain for shared-sender transactional emails. Without it the dashboard "send test email" path emits bounces, and shared-sender flows (`getSharedEmailConfig("Hexclave")`) deliver to spam at best. 8. **MX + SPF / DMARC for `hexclave.com`** → `team@hexclave.com` and `security@hexclave.com` mailboxes. The security disclosure mailbox is referenced in [`.github/SECURITY.md`](.github/SECURITY.md); `team@hexclave.com` is the actual recipient of internal feedback emails sent at runtime by [`apps/backend/src/lib/internal-feedback-emails.tsx`](apps/backend/src/lib/internal-feedback-emails.tsx). Today, every runtime feedback email bounces. 9. **DNS for `skill.hexclave.com`** → the canonical AI-agent skill fetch URL (the agent bootstrap pivot). Without it, the entire "agent downloads `SKILL.md` from a known URL" flow taught in [`packages/stack-shared/src/helpers/init-prompt.ts`](packages/stack-shared/src/helpers/init-prompt.ts) fails. 10. **Create `github.com/hexclave/hexclave` as a public repo** (even as a redirect to `hexclave/stack-auth`) **OR** rewrite every `package.json` `"repository"` field + dashboard footer "view on GitHub" link to point at `hexclave/stack-auth` (which already exists). Currently every npm package page's "Repository" link is dead, and the dashboard's GitHub button + dev-tool repo link are dead. ### Tier 3 — broken but low-visibility / low-traffic 11. **DNS for `discord.hexclave.com`** → Discord invite redirect, used in every README's chip and the dashboard footer. 12. **DNS for `demo.hexclave.com`** → "✨ Demo" badge in every npm package README. Broken-image badge on the package page. 13. **DNS + TLS for `built-with-hexclave.com`** → optional hosted-handler domain (the default reverted to `.built-with-stack-auth.com` in this PR's carve-outs, so this only matters for projects that manually flip). ## Other follow-ups (not deploy-blocking) - **E2E snapshot regen across the full suite** for the dual-emitted `x-hexclave-*` response headers (PR 1 follow-up; `vitest -u` in CI absorbs). - **Binary visual assets** — logos, favicons, OG images, README screenshots; need design pass. - **Backend OpenAPI fumadocs regen** in CI flow — the JSON files in `docs-mintlify/openapi/` are committed but regen runs in CI. Verify the workflow that does this still works against the post-PR2 source. - **Backend typecheck infra debt** — needs `codegen-prisma` + `codegen-route-info` to clear; pre-existing, unaffected by this PR. ## Test plan - [ ] CI runs full e2e suite (with `vitest -u` to absorb residual snapshot deltas, then committed back). - [ ] Spot-check: new `@hexclave/cli init` (once published) generates `hexclave.config.ts` and works against a fresh project. - [ ] Spot-check: existing customer with `@stackframe/stack` import sees the once-per-process `console.warn` recommending `@hexclave/next` on SDK init. - [ ] Manual: dashboard setup page renders the `npx @hexclave/cli@latest init` snippet and the `x-hexclave-publishable-client-key` API header in the curl example. - [ ] Manual: a fresh `pnpm run prisma migrate` against a clean DB sets the internal project displayName to 'Hexclave Dashboard'. --------- Co-authored-by: Konstantin Wohlwend <n2d4xc@gmail.com>	2026-05-26 19:18:20 -07:00
BilalG1	f7e389809e	feat(hexclave): PR 1 — wire compatibility layer (invisible) (#1475) ... ## Summary **Stacked on #1468** (`docs/hexclave-rename-plan` — the plan doc). Diff vs that base = the actual PR 1 code. This is **PR 1 of the Hexclave rebrand: the invisible compatibility layer**. Everything is additive. Old SDKs, old wire identifiers, and old env var names keep working unchanged. The backend dual-accepts and dual-emits; new SDK code emits `x-hexclave-*` headers and the `hexclave_` Bearer prefix; cookies dual-write; env vars dual-read across every category. **No user-visible rebranding lands here** — that's PR 2. See [`RENAME-TO-HEXCLAVE.md`](./RENAME-TO-HEXCLAVE.md) → *"PR 1 implementation guide"* for the full per-work-area spec, file pointers, and chosen approach. ## What's implemented (all 14 PR-1 work-areas) - **SDK export aliases** — `Hexclave*` aliases for the user-facing `Stack*` exports added in `packages/template`; codegen propagates them to `@stackframe/{js,stack,react,tanstack-start}`. React-only aliases correctly excluded from `@stackframe/js`. (`e60550a2`) - **JWT issuer dual-accept** — `decodeAccessToken` accepts both `api.stack-auth.com` and `api.hexclave.com` issuers. Signing unchanged. (`fc781def`) - **Request-header dual-accept** — backend + dashboard proxies normalize `x-hexclave-*` → `x-stack-*` at the existing empty proxy hook (so `smart-request.tsx` and every route schema keep working unchanged); CORS allowlists extended via a derive-once helper. (`2a056eac`) - **MCP `ask_hexclave`** — registered alongside `ask_stack_auth` via a shared helper; `ask_stack_auth` behavior byte-identical. (`30ffd604`) - **Dev-tool** — DOM ids + header emit switched. `window.HexclaveDevTool` exposed alongside `window.StackDevTool`. (`32131ea7`) - **The big consolidated commit** (`7fed864a`): - **Env vars** — central `getEnvVariable` prefix-transform (HEXCLAVE first, STACK fallback); dashboard + template client env files dual-read; `turbo.json` globalEnv; `NEXT_PUBLIC_STACK_PORT_PREFIX` renamed outright across ~82 files including docker. - **Cookies** — dual-write/dual-read auth (`stack-access`/`-refresh-*` and custom-domain variants), OAuth-state (`stack-oauth-{inner,outer}-*`), and low-risk cookies (`stack-is-https`, `stack-last-seen-changelog-version`). Bypass sites patched (backend OAuth callback, dashboard remote-dev auth route, impersonation snippets, snapshot serializer). - **Bearer prefix** — SDK token parser accepts both `stackauth_` and `hexclave_`; emits `hexclave_`. Discovery correction: this is purely SDK-internal — the backend never parses it. - **Response headers** — backend dual-emits `x-hexclave-{request-id,actual-status,known-error}`; SDKs dual-read (new first, stack fallback). - **SDK request-header emit switch** — `client/server/admin-interface.ts` + dashboard `api-headers.ts` + `internal-project-headers.ts` + `feedback-form.tsx` switched to `x-hexclave-*`. Plus `stack_response_mode` query param. - **Storage keys** — dev-tool / cli-auth / oauth-button / docs keys renamed (straight); `stack:session-replay:v1` dual-read so in-progress recordings survive SDK upgrades; `stack_mfa_attempt_code` dual-read. - **Query params** — cross-domain params dual-emit/dual-accept via shared helpers; backend `oauth/authorize` accepts `hexclave_response_mode` and `stack_response_mode`; `stack-init-id` renamed. - **`Symbol.for`** — app-internals symbol gets a parallel `Symbol.for("Hexclave--app-internals")` getter on each attach site (no read-site churn — old symbol still attached). 3 file-private symbols renamed outright. - **Config discovery** — prefer `hexclave.config.ts`, fall back to `stack.config.ts` at every discovery site (CLI / dashboard / backend / local-emulator); `init` writes the new filename; CLI credentials path migrates. - **Internal renames** — `StackAssertionError`, `StackClient/Server/AdminInterface` renamed outright (no alias, per the "internal-only → rename" rule). ~264 files touched. - **Review-pass fixes** (`21217fbe`) — three real bugs found by parallel review agents and fixed: - `snapshot-serializer.ts` was interpolating the whole `keyedCookieNamePrefixes` array (`${arr}`) — adding a second prefix would have corrupted **every** OAuth-cookie snapshot, not just new ones. - **Docker port-prefix producer/consumer mismatch** — `entrypoint.sh`/`run-emulator.sh`/cloud-init `user-data` were still producing `NEXT_PUBLIC_STACK_PORT_PREFIX` while the dashboard sentinel + consumers had been renamed; silent self-host regression (custom port prefix would be ignored). - **Missing `hexclave-oauth-inner-*` dual-write** in the OAuth authorize route — callback's fallback masked it but the dual-write was specified by the plan. - Plus: `mcp.test.ts` tool-list assertions updated to include `ask_hexclave`; two dashboard header-emit sites switched to `x-hexclave-*` for consistency. - **E2E snapshot serializer follow-up** (`4b16cc5d`) — `x-hexclave-request-id` added to the hidden-headers list (mirroring `x-stack-request-id` treatment), and 2 sample inline snapshots regenerated in `projects.test.ts` to include the new dual-emitted headers. ## Verification - **`pnpm typecheck`** — clean (the fresh-worktree `@/.source` / Prisma codegen gap in `stack-docs` is pre-existing and unrelated). - **`pnpm lint`** — 29/29 packages green. - **`pnpm exec turbo run build --filter=./packages/*`** — 13/13 packages build (including `@stackframe/stack-cli` once the dashboard standalone is present). - **Live E2E** against a running backend on `cl/hexclave-pr1`: - `pnpm test run apps/e2e/tests/backend/endpoints/api/v1/internal/mcp.test.ts` — **6/6 pass** (verifies the new `ask_hexclave` tool — the hand-written inline snapshot matched actual MCP server output). - `pnpm test run apps/e2e/tests/backend/endpoints/api/v1/internal/projects.test.ts` — **11/11 pass** (verifies wire dual-accept + dual-emit end-to-end; the snapshot serializer fix was found and applied during this check). A four-agent parallel **review pass** also audited the full diff for logic/runtime bugs across the work-areas (wire headers + JWT, cookies + bearer + symbols, env vars, query params + config + MCP + aliases). All in-slice review verdicts were ✓ except the three bugs listed above, which are now fixed. ## Known follow-ups (out of scope for this PR) - **E2E snapshots across the rest of the suite** — backend now dual-emits `x-hexclave-{known-error,actual-status}` alongside `x-stack-*`, which legitimately appears in inline snapshots throughout `apps/e2e`. Two were regenerated here as a sample; the rest should regen with `vitest -u` in CI. - **Docker shell env vars beyond `PORT_PREFIX`** — `entrypoint.sh` still reads `STACK_*` env vars directly (the JS-side `getEnvVariable` transform doesn't help the shell). JS consumers dual-read so it works in practice; full shell-level dual-read is a deeper self-host follow-up. - **`@stackframe/stack-cli` build ordering** — pre-existing; needs `build:rde-standalone` first. Not affected by this PR. ## Test plan - [ ] CI runs full e2e suite (with `vitest -u` to absorb dual-emit snapshot deltas, then committed back) - [ ] Spot-check: an old SDK build (emitting only `x-stack-*`) still authenticates against the new backend - [ ] Spot-check: a new SDK (emitting `x-hexclave-*` / `Bearer hexclave_*`) still authenticates against an old backend during deploy ordering - [ ] Manual: `npx @stackframe/stack-cli@latest init` (new onboarding entrypoint) generates `hexclave.config.ts` - [ ] Manual: existing `stack.config.ts`-only project still resolves (no migration required) --------- Co-authored-by: bilal <bilal@stack-auth.com>	2026-05-23 17:24:55 -07:00
Konsti Wohlwend	c6d59d0288	Cross domain handoffs (#1458)	2026-05-21 17:15:12 -07:00
Armaan Jain	e42ec65c88	Payments app design fixes (#1375) ... <!-- Make sure you've read the CONTRIBUTING.md guidelines: https://github.com/stack-auth/stack-auth/blob/dev/CONTRIBUTING.md --> ## Summary This PR brings the Payments dashboard surfaces in line with the shared design system: product creation, product-line / included-item dialogs, auth-method toggles, payments empty states, and related layout polish. Dialogs migrate from raw shadcn `Dialog` to `DesignDialog` with consistent headers, footers, inputs, and selector dropdowns. **Base:** `dev` → **Head:** `Payments-app-design-fixes` **Scope:** 31 files, ~+1.4k / −1.3k lines **Captured on:** local dev server (`internal` project), signed in as `admin@example.com` ## Screenshots Captured from `http://localhost:8101` (viewport: **1920×1200** standard, **2560×1440** widescreen). Assets hosted in [this gist](https://gist.github.com/mantrakp04/ca3483d2b66b8e28f0872488df573ccf). > Red outlines on the **after** shots mark the new or changed UI introduced by this PR. ### Create Product — payments form redesign | | Before | After | | --- | --- | --- | | Light |  |  | | Dark |  |  | Widescreen: | | Before | After | | --- | --- | --- | | Light |  |  | | Dark |  |  | ### Product Lines onboarding — vertical centering fix | | Before | After | | --- | --- | --- | | Light |  |  | | Dark |  |  | ### Create Product Line dialog — `DesignDialog` migration | | Before | After | | --- | --- | --- | | Light | *(legacy shadcn dialog on `dev` — open via Product Line → Create new)* |  | | Dark | |  | ### Auth Methods — toggle row accessibility | | Before | After | | --- | --- | --- | | Light |  |  | | Dark |  |  | ### Other migrated surfaces (after only) | Page | Light | Dark | | --- | --- | --- | | Payments settings |  |  | | Sign-up rules |  |  | | Projects list (Create Project button) |  |  | | Playground / DesignDialog |  |  | | Included Item dialog |  |  | ### Scroll behaviour — Sign-up Rules | | Light | Dark | | --- | --- | --- | | Scroll |  |  | ## What's new - **`DesignDialog`** extended with `customHeader`, `noBodyPadding`, and section `className` hooks; Playground updated to showcase them. - **Payments dialogs** (`CreateProductLineDialog`, `IncludedItemDialog`, price edit, item dialog) migrated to design-system components. - **Create Product** page uses `DesignButton`, `DesignInput`, `DesignSelectorDropdown`, and refreshed header actions. - **Auth Methods** toggle rows use semantic `<Label htmlFor>` instead of click-capture divs. - **Payments layout** empty-state card centers correctly; product-lines onboarding slideshow vertically centers. - **Backend** seed invariant for Growth product price; removed unused import in product switch route. ## Notes for reviewers - Dialog migrations preserve validation + async error handling (`runAsynchronouslyWithAlert` where applicable). - Included-item dialog uses a sentinel value for “Create new item” to avoid colliding with real item IDs. - `packages/stack` / `packages/js` are untouched; template + dashboard-ui-components carry SDK-facing dialog changes. ## Test plan - [x] Visual capture on `internal` project (`admin@example.com`) — light/dark, standard + widescreen - [ ] Create product flow: customer type → product line dropdown → create line dialog - [ ] Add included item dialog from create/edit product - [ ] Auth Methods toggles (label click + switch) - [ ] Payments product-lines onboarding slideshow at varied viewport heights - [ ] `pnpm typecheck` / `pnpm lint` / targeted E2E if API surface changed --------- Co-authored-by: nams1570 <amanganapathy@gmail.com> Co-authored-by: mantrakp04 <mantrakp@gmail.com> Co-authored-by: Mantra <87142457+mantrakp04@users.noreply.github.com>	2026-05-21 14:48:56 -07:00
Aman Ganapathy	a9623d976a	[Refactor] [Fix] Remove default prod creation (#1350) ... With the new bulldozer rework we dont support default products anymore. Users are encouraged to currently manually handle granting products to their end users. We block api requests and new product creations that attempt to set no price, and we remove any options to set include-by-default. We also migrate users' existing product snapshots in `Subscriptions`, `OneTimePurchases`, and `ProductVersions` to have no price set if it's an include-by-default product. This will make it so that next time a user goes onto their products page, they will be informed that the pricing is invalid and it is no longer delivered by default. Note, however, that these products will still be providing items and the like to the users who have them. <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **Bug Fixes** * Migrated legacy product snapshots so missing included-items no longer break readers. * Removed deprecated "include-by-default" pricing sentinel; pricing now requires explicit price entries and write validation rejects the old sentinel. * **Chores** * Simplified dashboard pricing flows: create/edit/save now use explicit prices and surface an alert when a formerly implicit free plan needs an explicit $0 price. * Config overrides and stored data are auto-normalized to explicit price objects. * **Tests** * Updated and added tests covering migration, validation, and switching behavior for explicit prices. <!-- end of auto-generated comment: release notes by coderabbit.ai --> --------- Co-authored-by: mantrakp04 <mantrakp@gmail.com> Co-authored-by: Mantra <87142457+mantrakp04@users.noreply.github.com>	2026-05-15 10:38:33 -07:00
Konsti Wohlwend	765b0f4e29	New setup (#1413)	2026-05-06 12:03:06 -07:00
Mantra	7f8e3df852	feat: add anonRefreshToken to CLI auth flow and enhance session management (#1303) ... - Extended `CliAuthAttempt` with `anonRefreshToken` and a migration. - CLI `POST /auth/cli` accepts optional `anon_refresh_token` (must be an anonymous user's refresh token for the current project). - `POST /auth/cli/complete` supports `mode` `check` (anonymous vs none), `claim-anon-session` (issue tokens for the linked anonymous session), and `complete` (bind the browser session's refresh token to the attempt). Completing clears `anonRefreshToken` on the row. We do **not** merge anonymous account data into the signed-in user (that behavior was removed as a security risk; the anonymous user remains unchanged). - Template CLI confirmation page, stack-cli optional `STACK_CLI_ANON_REFRESH_TOKEN`, SDK/spec updates, and e2e coverage. <!-- Make sure you've read the CONTRIBUTING.md guidelines: https://github.com/stack-auth/stack-auth/blob/dev/CONTRIBUTING.md --> <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **New Features** * CLI login supports attaching anonymous sessions and a multi-mode confirm/claim/check flow; CLI tools now surface login codes and remove anon token after use. * Added interactive CLI auth demo page and a CLI simulator script. * Client libraries: prompt flow accepts an optional anon token and a promptLink(url, loginCode) callback. * **Tests** * Expanded end-to-end coverage for anonymous CLI sessions, claim/complete/poll flows, upgrades, and error cases. * **Documentation** * Updated prompt CLI docs/spec to describe new options and callback signature. <!-- end of auto-generated comment: release notes by coderabbit.ai -->	2026-04-14 02:09:35 +00:00
BilalG1	b3ed56ee0c	Fix session recorder and even tracker access token fetch (#1331) ... The gate delayed flushes until an access token resolved, but sendBatch already resolves the session itself via _getSession() at send time, so _lastKnownAccessToken was a redundant readiness check that caused head-of-session events to be silently dropped on slow auth init and suppressed uploads entirely when token fetch failed. <!-- Make sure you've read the CONTRIBUTING.md guidelines: https://github.com/stack-auth/stack-auth/blob/dev/CONTRIBUTING.md --> <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **Refactor** * Simplified analytics, session-replay, and event-tracking to stop periodic background access-token refreshes; flushing now occurs based on buffered data and lifecycle triggers. * **Bug Fixes** * Anonymous-user fallback tightened: anonymous identity is only applied when explicitly requested as "anonymous-if-exists," preventing unintended anonymous attribution. * **Tests** * Updated timing helper and removed token callback from test setups to align with the new flush behavior. <!-- end of auto-generated comment: release notes by coderabbit.ai -->	2026-04-13 18:32:24 -07:00
Mantra	55b14bb409	dev tool indicator (#1272) ... - Updated package versions for '@supabase/*' libraries to 2.99.2 and '@supabase/ssr' to 0.9.0. - Added new devDependencies for 'rimraf' and 'framer-motion' in the pnpm-lock file. - Modified Next.js configuration to conditionally omit 'X-Frame-Options' in development mode for better integration with Stack Auth dev tools. - Refactored component exports in the template package to include tracking for dev tools. - Introduced new dev tool components and context for improved logging and state management. - Added styles for the dev tool indicator and panel, ensuring a consistent dark theme. - Implemented fetch interception to log API calls and user authentication events in the dev tool. <!-- Make sure you've read the CONTRIBUTING.md guidelines: https://github.com/stack-auth/stack-auth/blob/dev/CONTRIBUTING.md --> <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit ## Release Notes * **New Features** * Added comprehensive Developer Tools interface with tabs for Overview, Components, AI Chat, Console, Dashboard, and Support. * Integrated AI Chat assistant within Developer Tools for enhanced debugging. * Added component version tracking and update notifications. * Implemented API request logging and event monitoring. * Enhanced feedback system with support for bug reports and feature requests. * **Bug Fixes** * Fixed Content Security Policy headers for local development environments. * **Dependencies** * Added AI SDK integration packages. <!-- end of auto-generated comment: release notes by coderabbit.ai --> --------- Co-authored-by: Konstantin Wohlwend <n2d4xc@gmail.com>	2026-04-13 17:43:03 -07:00
Mantra	bb277d33c9	Backend fallback (cloud run) (#1306) ... - Added support for `@opentelemetry/sdk-node` in the backend. - Updated various dependencies including AWS SDK and OpenTelemetry packages. - Implemented graceful shutdown handling for non-Vercel runtimes in `prisma-client.tsx`. - Enhanced AWS credentials retrieval to support GCP Workload Identity Federation. - Introduced a Dockerfile for Cloud Run deployment, optimizing the backend build process. - Updated `.gitignore` to include Terraform runtime files and secrets. This commit improves the backend's observability and deployment flexibility, particularly for Cloud Run environments. <!-- Make sure you've read the CONTRIBUTING.md guidelines: https://github.com/stack-auth/stack-auth/blob/dev/CONTRIBUTING.md --> <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **New Features** * OpenTelemetry observability with dynamic provider selection per deployment. * Cloud Run trusted-proxy support for accurate client IP handling. * Graceful shutdown that waits for in-flight background work. * New background-task handling to improve async webhook/email delivery reliability. * AWS credential providers added (Vercel OIDC & GCP Workload Identity Federation). * Dockerized backend image for Cloud Run / self-host deployments. * **Chores** * Updated dependencies for OpenTelemetry and AWS SDK support. <!-- end of auto-generated comment: release notes by coderabbit.ai --> --------- Co-authored-by: Konstantin Wohlwend <n2d4xc@gmail.com>	2026-04-11 00:57:37 +00:00
Mantra	ce49eae155	emu with a q stuff (#1266) ... commit 5d43722575b826a8ed8dbb6b828f48eae4bca02c Author: mantrakp04 <mantrakp@gmail.com> Date: Wed Mar 18 12:27:01 2026 -0700 Add QEMU emulator snapshot functionality and reset command - Introduced a new `emulator-qemu:reset` command in package.json to clear snapshots and force a fresh boot of the emulator. - Enhanced the `run-emulator.sh` script to support saving and restoring snapshots, significantly reducing restart time from ~62s to ~4s. - Implemented logic to check for existing snapshots and restore them during startup, improving the emulator's efficiency. - Updated documentation in CLAUDE-KNOWLEDGE.md to explain the new snapshot restore process and its benefits. These changes enhance the QEMU emulator's performance and usability for developers, providing a more efficient workflow during development. commit 3877445bdd83cb8690da18c8520bf260d2795172 Author: mantrakp04 <mantrakp@gmail.com> Date: Wed Mar 18 11:55:18 2026 -0700 Enhance QEMU emulator performance and configuration management - Added optimizations to the QEMU emulator's app container startup process, reducing startup time from ~92s to ~62s by using qcow2 backing files and setting the working directory to /app. - Updated the build-image.sh script to conditionally wait for background processes, improving robustness. - Modified the run-emulator.sh script to create the disk image using qcow2 format instead of copying, enhancing efficiency. - Adjusted the cloud-init user-data to set STACK_RUNTIME_WORK_DIR to /app, streamlining file operations during container initialization. - Improved the entrypoint script to avoid unnecessary file copying when the working directory is set to /app. These changes significantly enhance the performance and usability of the QEMU emulator for developers. commit e0b86d3f1d5c08e46d0d343bc632e2a8c5777845 Author: mantrakp04 <mantrakp@gmail.com> Date: Wed Mar 18 11:07:55 2026 -0700 Refactor local emulator configuration management and enhance Docker setup - Removed redundant comments and improved code clarity in the local emulator's route handling. - Streamlined the Dockerfile and docker-compose.yaml for better readability and maintenance. - Updated entrypoint and initialization scripts to enhance service startup processes. - Introduced a new common script for QEMU emulator to centralize architecture detection and firmware handling. - Enhanced error handling in the host file bridge for improved robustness. - Removed obsolete country code utilities to clean up the codebase. These changes significantly improve the local emulator's configuration management and overall setup experience for developers. commit 4fb0f93c6cc4f749a14acf0228c261e180875609 Author: mantrakp04 <mantrakp@gmail.com> Date: Wed Mar 18 10:24:53 2026 -0700 Implement local emulator file bridge for enhanced configuration management - Introduced a new host file bridge to facilitate reading and writing configuration files between the local emulator and the host system. - Refactored the local-emulator module to utilize the file bridge for file operations, improving error handling and response validation. - Added tests to ensure the file bridge functionality works as expected, including handling of non-existent files and writing configurations. - Updated the run-emulator script to start the file bridge automatically, ensuring seamless integration during emulator startup. - Enhanced documentation to reflect the new file bridge capabilities and usage instructions. These changes significantly improve the local emulator's ability to manage configuration files, enhancing the development experience. commit 3d18a7ce5bbf00a62a40a3f48f27856e79ecc62f Author: mantrakp04 <mantrakp@gmail.com> Date: Tue Mar 17 22:36:46 2026 -0700 Refactor QEMU local emulator setup and enhance app bundle handling - Introduced a new script for packaging Docker images into a compressed app bundle, improving the emulator's deployment process. - Updated build-image.sh to create a runtime configuration ISO, ensuring better management of environment settings. - Enhanced cloud-init user-data scripts for both dev-server and deps guests, streamlining service setup and configuration. - Improved the run-emulator.sh script to facilitate better handling of runtime configurations and dependencies. - Adjusted the .gitignore to include .DS_Store and removed obsolete entries, cleaning up the repository. These changes significantly enhance the local emulator's functionality and reliability for developers. commit 8a35fb1ce79898d73e2259e256c11b6fd9b0a584 Author: mantrakp04 <mantrakp@gmail.com> Date: Tue Mar 17 21:52:24 2026 -0700 Enhance local emulator functionality and configuration - Updated package.json to improve the start-emulator command, providing clearer dashboard and backend URLs. - Added a new wait-until-emulator-is-ready command to ensure the emulator is fully operational before proceeding. - Refactored the local-emulator project route to streamline file existence checks and default config creation. - Enhanced user guidance in the dashboard for local Stack config file handling. - Updated tests to reflect changes in config file handling, ensuring non-existent files are created with default settings. - Improved Docker configurations for the local emulator, including new environment variables and service dependencies. These changes significantly enhance the local development experience and emulator reliability. commit 3910ed4bc40bbb37340c1c316c24c2826ba372bd Author: mantrakp04 <mantrakp@gmail.com> Date: Tue Mar 17 19:59:36 2026 -0700 Remove unused stash-0.patch file to clean up the repository. commit 74146d974458037a7a9590120a524629a1a6a162 Author: mantrakp04 <mantrakp@gmail.com> Date: Tue Mar 17 19:58:46 2026 -0700 Enhance QEMU local emulator with app bundle support and runtime configuration - Introduced a new script to package the backend and dashboard assets into a standalone app bundle for the QEMU emulator. - Updated the build-image.sh script to create an ISO containing the app bundle, ensuring the guest image includes the full runtime. - Modified cloud-init user-data to handle the new app bundle and runtime configuration, improving the setup process for local development. - Enhanced the run-emulator.sh script to prepare and mount the runtime configuration ISO, facilitating better environment management for the emulator. - Updated the user-data to include necessary environment variables for the stack application, ensuring seamless integration during startup. These changes significantly improve the local emulator's functionality and ease of use for developers. commit 9e865a1cf524398bc58f00e0836278775c4ae936 Author: mantrakp04 <mantrakp@gmail.com> Date: Tue Mar 17 16:50:45 2026 -0700 Enhance local emulator setup with new services and configurations - Added Docker support for a local emulator, integrating PostgreSQL, Redis, Inbucket, Svix, ClickHouse, MinIO, and QStash. - Introduced new scripts for managing the emulator lifecycle, including build and run commands. - Implemented cloud-init provisioning for automatic service setup on first boot. - Updated package.json with new commands for emulator management and added dotenv-cli for environment variable management. - Added tests for OAuth authorization flow to return JSON responses. - Included configuration files for ClickHouse and user management. This commit significantly improves the local development experience by providing a comprehensive emulator environment. <!-- Make sure you've read the CONTRIBUTING.md guidelines: https://github.com/stack-auth/stack-auth/blob/dev/CONTRIBUTING.md --> <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit ## Release Notes * **New Features** * Introduced a local QEMU-based emulator for development with bundled services (PostgreSQL, Redis, ClickHouse, MinIO, Inbucket, Svix, QStash). * Added CLI commands to manage the emulator (start, stop, reset, status, pull images). * Added emulator status dashboard to monitor service health. * Introduced new configuration system via `stack.config.ts`. * **Tests** * Added configuration read/write tests for the emulator. * Added emulator CLI validation tests. * **Documentation** * Added emulator setup and usage guide. <!-- end of auto-generated comment: release notes by coderabbit.ai -->	2026-04-04 00:33:52 +00:00
Konsti Wohlwend	5bfe1a79ce	New { type: "hosted" } for page URLs (#1261) ... Other minor redirect URL changes: - app.urls.* is now deprecated - redirectToSignOut now sets and preserves after_auth_return_to - OAuth sign-in after_auth_return_to now carries callback-return context <!-- CURSOR_SUMMARY --> --- > [!NOTE] > **High Risk** > High risk because it changes OAuth authorization/token issuance, redirect URL validation, and introduces a new cross-domain handoff endpoint plus a DB migration linking authorization codes to refresh tokens, which can affect login/session security and reliability. > > **Overview** > Adds **hosted URL targets** for SDK `urls` resolution (new `{ type: "hosted" }`/`{ type: "handler-component" }`/`{ type: "custom" }` options), including env-driven hosted handler domain/template support and fallback routing for unknown `/handler/*` paths. > > Implements a **cross-domain OAuth PKCE handoff**: a new `/auth/oauth/cross-domain/authorize` endpoint issues one-time authorization-code redirects bound to the caller’s session refresh token; authorization codes now persist `grantedRefreshTokenId` and token issuance reuses/validates ownership of that refresh token. Redirect planning for `redirectTo*` (and OAuth callback handling) is refactored into `redirect-page-urls.ts` to preserve `after_auth_return_to` and cross-domain handoff params. > > Tightens redirect safety (e.g., `after_callback_redirect_url` is validated/whitelisted), centralizes SDK env var reads via `envVars` with lint enforcement, hardens `EventTracker` startup for partial DOM test environments, and adds unit/E2E coverage plus a demo page for manual cross-domain verification. > > <sup>Written by [Cursor Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit 9197d4f32b. This will update automatically on new commits. Configure [here](https://cursor.com/dashboard?tab=bugbot).</sup> <!-- /CURSOR_SUMMARY --> <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **New Features** * Cross-domain OAuth PKCE handoff flow (client + server) for hosted sign-in. * Hosted handler URL templating with local development domain suffix support. * Demo UI page to exercise hosted cross-domain sign-in/out and OAuth flows. * Authorization codes now preserve an associated refresh-token id to support cross-domain exchanges. * **Bug Fixes** * Stricter redirect-URL validation and stronger refresh-token ownership checks. * More robust event-tracker startup guards in partial DOM environments. * **Tests** * New E2E and unit tests covering cross-domain authorize, callback validation, and handoff flows. <!-- end of auto-generated comment: release notes by coderabbit.ai -->	2026-03-27 14:48:01 -07:00
Mantra	d22593d535	private files n sm build shit (#1276) ... - Introduced a fallback mechanism for the private sign-up risk engine, allowing for zero-score assessments when the primary engine is unavailable. - Updated Next.js configuration to support dynamic resolution of the private risk engine, including aliasing for both Turbopack and Webpack. - Added a new fallback implementation in `private-sign-up-risk-engine-fallback.ts` to ensure consistent behavior during builds. - Adjusted `risk-scores.tsx` to utilize the new compiled engine, improving error handling and logging for risk assessment failures. This update improves the robustness of the sign-up risk scoring system and enhances the development experience by streamlining engine resolution. <!-- Make sure you've read the CONTRIBUTING.md guidelines: https://github.com/stack-auth/stack-auth/blob/dev/CONTRIBUTING.md --> <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **Improvements** * Sign-up risk engine is initialized and validated at startup for more predictable performance. * If the risk engine is unavailable or invalid, the system immediately returns safe zero-risk scores to avoid runtime failures. * **Tests** * End-to-end tests updated to match the new engine initialization and detection behavior. <!-- end of auto-generated comment: release notes by coderabbit.ai --> --------- Co-authored-by: Konstantin Wohlwend <n2d4xc@gmail.com>	2026-03-23 12:31:36 -07:00
Mantra	e59a70783e	Turnstile integration for fraud protection (#1239) ... Enhances sign-up process with Turnstile integration for fraud protection. Builds on top of fraud-protection-temp-emails. Made with [Cursor](https://cursor.com) <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **New Features** * Cloudflare Turnstile bot-protection across signup/sign-in flows (including SDK JSON mode). * Email deliverability checks via Emailable. * Sign-up risk scoring with persisted risk metrics and country code tracking. * UI: country-code selector, risk-score editing in user details, users list refresh button, and Turnstile signup demo pages. * **Bug Fixes** * Use actual sign-up timestamp for reporting/metrics. * **Documentation** * Expanded knowledge base on Turnstile, risk scoring, and env configuration. <!-- end of auto-generated comment: release notes by coderabbit.ai --> --------- Co-authored-by: Konstantin Wohlwend <n2d4xc@gmail.com> Co-authored-by: BilalG1 <bg2002@gmail.com> Co-authored-by: Armaan Jain <84474476+Developing-Gamer@users.noreply.github.com> Co-authored-by: nams1570 <amanganapathy@gmail.com>	2026-03-20 21:26:45 +00:00
Konsti Wohlwend	9b5a188e4e	More connected accounts (#1165)	2026-02-18 15:19:35 -08:00
Konsti Wohlwend	1618f89c46	Onboarding app & restricted users (#1069) ... - restricted users - onboarding app - waitlist app - fixed an exception when setting primary email - automatically update the JWT token on the client when the user object changes	2026-01-11 17:22:14 -08:00
Konstantin Wohlwend	d373db5ebf	small fixes	2025-12-12 10:43:39 -08:00
Konstantin Wohlwend	c96757173d	currentSession.useTokens hook	2025-12-09 15:53:41 -08:00
Konsti Wohlwend	284d85247a	Improved anonymous users (#857)	2025-08-24 11:36:01 -07:00
BilalG1	9e538a08e5	project owner team (#835) ... <img width="1920" height="968" alt="Screenshot 2025-08-12 at 10 44 41 AM" src="https://github.com/user-attachments/assets/3fb59810-45d8-46e1-9cfd-5a1a34936887" /> <!-- ELLIPSIS_HIDDEN --> > [!IMPORTANT] > Introduces team-based project ownership, refactoring existing user-based model, and updates UI, backend, and tests to support this feature. > > - **Behavior**: > - Introduced team-based ownership for projects, replacing user-based ownership. > - Updated project creation, transfer, and deletion flows to use team ownership. > - Added team selection UI during project creation in the dashboard. > - Projects now display owning team's name and include "owner team" field in API responses. > - **Refactor**: > - Enhanced backend and schema for team-based project management. > - Removed legacy user metadata updates related to project ownership. > - Modified project listing and management to rely on team associations. > - Streamlined failed emails digest and contact channel queries to resolve contacts via team membership. > - **Tests**: > - Updated tests to validate team ownership and project-user association handling. > - Adjusted test snapshots and assertions for non-null selected team data. > - Improved test flows for authentication and project deletion with team context. > - **Chores**: > - Minor improvements to logging and code clarity. > > <sup>This description was created by </sup>[<img alt="Ellipsis" src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup> for e457b13b69. You can [customize](https://app.ellipsis.dev/stack-auth/settings/summaries) this summary. It will automatically update as commits are pushed.</sup> ---- <!-- ELLIPSIS_HIDDEN --> > [!IMPORTANT] > Introduces team-based project ownership, refactoring existing user-based model, and updates UI, backend, and tests to support this feature. > > - **Behavior**: > - Introduced team-based project ownership, replacing user-based ownership. > - Updated project creation, transfer, and deletion flows to use team ownership. > - Added team selection UI during project creation in the dashboard. > - Projects now display owning team's name and include "owner team" field in API responses. > - **Refactor**: > - Enhanced backend and schema for team-based project management. > - Removed legacy user metadata updates related to project ownership. > - Modified project listing and management to rely on team associations. > - Streamlined failed emails digest and contact channel queries to resolve contacts via team membership. > - **Tests**: > - Updated tests to validate team ownership and project-user association handling. > - Adjusted test snapshots and assertions for non-null selected team data. > - Improved test flows for authentication and project deletion with team context. > - **Chores**: > - Minor improvements to logging and code clarity. > > <sup>This description was created by </sup>[<img alt="Ellipsis" src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup> for 0f6f12b5dc. You can [customize](https://app.ellipsis.dev/stack-auth/settings/summaries) this summary. It will automatically update as commits are pushed.</sup> ---- <!-- ELLIPSIS_HIDDEN --> <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **New Features** * Team-based project ownership: teams can own projects; UI to pick a team when creating projects; dashboard groups projects by team; TeamSwitcher component added. * **Improvements** * API and responses now include owner_team_id and populated selected_team/selected_team_id; provisioning and transfer flows assign teams for ownership; seeds create internal/emulator owner teams. * **Tests** * E2E and backend tests updated to reflect team ownership and enriched team fields. <!-- end of auto-generated comment: release notes by coderabbit.ai --> --------- Co-authored-by: Konsti Wohlwend <n2d4xc@gmail.com>	2025-08-19 11:42:11 -07:00
Konstantin Wohlwend	ffdfbffeea	Gmail demo	2025-08-19 10:24:32 -07:00
Konstantin Wohlwend	d0b49aa124	Fix lint	2025-08-12 18:50:53 -07:00
Konsti Wohlwend	a7ef394be4	Source of Truth (#660) ... Co-authored-by: Zai Shi <zaishi00@outlook.com>	2025-07-11 17:59:03 -07:00
Konsti Wohlwend	c19bb3ac66	Revert "Demo floating window" (#692) ... Reverts stack-auth/stack-auth#678	2025-05-19 17:56:56 -07:00
Zai Shi	4205c1109c	Demo floating window (#678) ... <!-- Make sure you've read the CONTRIBUTING.md guidelines: https://github.com/stack-auth/stack-auth/blob/dev/CONTRIBUTING.md --> <img width="474" alt="image" src="https://github.com/user-attachments/assets/5fb5a632-d605-49ed-89d6-b26533d84a2f" /> <!-- ELLIPSIS_HIDDEN --> ---- > [!IMPORTANT] > Adds `DemoFloatingWindow` component for development, integrated into demo layout and stack initialization, providing user actions like sign-in and account settings. > > - **Behavior**: > - Adds `DemoFloatingWindow` component in `demo-floating-window.tsx`, visible only in development mode. > - Provides user actions: sign-in, sign-out, account settings. > - **Integration**: > - Integrates `DemoFloatingWindow` into `layout.tsx` within the `StackProvider` and `StackTheme`. > - Updates `getUpdatedLayout()` in `index.ts` to include `DemoFloatingWindow` in the layout. > - **Exports**: > - Exports `DemoFloatingWindow` in `index.ts` for external use. > > <sup>This description was created by </sup>[<img alt="Ellipsis" src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup> for 98aa609882. You can [customize](https://app.ellipsis.dev/stack-auth/settings/summaries) this summary. It will automatically update as commits are pushed.</sup> <!-- ELLIPSIS_HIDDEN --> --------- Co-authored-by: Konsti Wohlwend <n2d4xc@gmail.com> Co-authored-by: ellipsis-dev[bot] <65095814+ellipsis-dev[bot]@users.noreply.github.com>	2025-05-15 23:56:40 +02:00
Konstantin Wohlwend	d9acb302ab	Fix build	2025-04-22 16:46:18 -07:00
CactusBlue	573a3d964a	Reworked Stack Auth demo (#624) ...  <!-- ELLIPSIS_HIDDEN --> ---- > [!IMPORTANT] > Reworked Stack Auth demo with UI enhancements and code refactoring for improved user experience and maintainability. > > - **UI Enhancements**: > - Updated `global.css` to change background colors for light and dark themes. > - Added `Image` components in `page-client.tsx` and `header.tsx` for visual elements. > - Refactored `page-client.tsx` to use `Card`, `CardContent`, `CardFooter`, and `CardHeader` for user information display. > - **Code Refactoring**: > - Removed `stack-scope` class from `SelectTrigger` in `select.tsx`. > - Updated button layout and text in `page-client.tsx` for sign-in/sign-up and user information. > - Enhanced header layout in `header.tsx` with logo and theme toggle improvements. > > <sup>This description was created by </sup>[<img alt="Ellipsis" src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup> for c7a9f30371. It will automatically update as commits are pushed.</sup> <!-- ELLIPSIS_HIDDEN -->	2025-04-15 02:03:07 +00:00
Moritz Schneider	592d259dde	Api Keys (#590) ... <!-- Make sure you've read the CONTRIBUTING.md guidelines: https://github.com/stack-auth/stack-auth/blob/dev/CONTRIBUTING.md --> <img width="1510" alt="image" src="https://github.com/user-attachments/assets/99619123-6be5-4788-aebe-5fc2a9a36245" /> <img width="1510" alt="image" src="https://github.com/user-attachments/assets/660677bf-f19a-4673-94c8-59ac50eb6ae5" /> <img width="1510" alt="image" src="https://github.com/user-attachments/assets/11ae63c4-5813-4fd8-aa01-fa580d2103be" /> <!-- ELLIPSIS_HIDDEN --> ---- > [!IMPORTANT] > Introduces API key management for users and teams, integrating with existing project configurations and permissions, and adds comprehensive tests and examples. > > - **API Key Management**: > - Introduces `ProjectApiKey` model in `schema.prisma` for managing API keys. > - Adds `createApiKeyHandlers` in `handlers.tsx` to handle API key CRUD operations. > - Implements API key creation, revocation, and validation logic. > - **Permissions and Configurations**: > - Adds `allowUserApiKeys` and `allowTeamApiKeys` to `ProjectConfig` in `schema.prisma`. > - Updates `TeamSystemPermission` enum to include `MANAGE_API_KEYS`. > - Ensures API key operations respect project configurations and user/team permissions. > - **Testing and Examples**: > - Adds extensive tests in `api-keys.test.ts` to cover various API key scenarios. > - Updates example projects to demonstrate API key usage. > - **Miscellaneous**: > - Refactors existing code to integrate API key functionalities. > - Updates documentation and type definitions to reflect new API key features. > > <sup>This description was created by </sup>[<img alt="Ellipsis" src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup> for 96f60c57f0. It will automatically update as commits are pushed.</sup> <!-- ELLIPSIS_HIDDEN --> --------- Co-authored-by: Konsti Wohlwend <n2d4xc@gmail.com>	2025-04-04 13:03:10 -07:00
Konstantin Wohlwend	57957f1587	Don't use anonymous accounts on demo	2025-04-04 10:10:48 -07:00
Konsti Wohlwend	a99b04ac6c	Anonymous users (#566)	2025-03-20 18:24:19 -07:00
Moritz Schneider	7eab7b3ddf	Fix #522 (#524) ... * fix bug * highlight correct item when no hash * fix demo app page missing flex * remove unused stuff in SidebarLayout --------- Co-authored-by: Konsti Wohlwend <n2d4xc@gmail.com>	2025-03-09 16:02:20 -07:00
Zai Shi	da1b95ec3b	React SDK (#462)	2025-02-27 01:55:45 +01:00
Konstantin Wohlwend	4199f929bf	object-curly-spacing rule	2024-12-23 19:37:05 -08:00
Konstantin Wohlwend	032bc7c63a	Browser compat debug info	2024-12-11 15:31:19 -08:00
Konstantin Wohlwend	0a3a962780	Translation overrides	2024-11-19 00:15:58 +01:00
Konsti Wohlwend	c2bc80bda5	Support create-next-app@15 with the setup wizard (#340)	2024-11-13 13:58:42 +01:00
Konsti Wohlwend	057dac1a66	Next.js 15 support (#315) ... Updates `examples/demo` to Next.js 15 and adds Next.js 15 support to `packages/stack`. The other packages and apps are still running on Next.js 14 to ensure compatibility.	2024-11-08 03:12:31 +01:00
Zai Shi	ad5efd947a	Fixed custom account setting page routing problems (#305) ... Use hash routing for account setting page	2024-10-18 20:28:29 +02:00
Konstantin Wohlwend	9da481b2cd	Require newline at the end of each file	2024-10-13 13:06:38 -07:00
Konsti Wohlwend	7f4537aec5	Consistent app url	2024-10-12 14:34:16 -07:00
Zai Shi	e1f207453b	removed old code (#216)	2024-09-01 03:18:44 +02:00
Konstantin Wohlwend	9bdfb29c80	Allow multiple outer OAuth logins at the same time	2024-08-31 17:18:39 -07:00
Zai Shi	df9dd2c4dd	UI fixes (#190) ... * improved team setting UI * fixed demo header style	2024-08-16 01:47:56 +02:00
Zai Shi	e5965cf977	Team frontend components (#178) ... * Team invitation (#171) * team invitation wip * implemented handler * team invitation callback wip * added team invitation frontend * fixed listCurrentUserTeamPermissions * added team invitation email template * fixed bugs * fixed verification code handler * added more checks to team invitation verification * fixed team invitation page * restructured verification code handler * fixed frontend * fixed team invitation tests * added more team invitation test * fixed bug * added migration file * removed unused code * Allow Next.js version `latest` in package.json * Fix typo * Update error message * Remove unnecessary console.warn * Updated "edit this page" button * Hide unsupported properties from docs * OAuth token tests * Fix typo * added create user button * added create user button (#173) * added basic team settings * Create SECURITY.md * added editable text * added more team settings * Export button in tables * Export all pages of tables * Update security policy * Fix docs typo * More docs typos * Improved user creation handlers * added list users on client * updated team-settings * hide team setting component for now * Fix: Improve error handling for Server API (#170) * Added entity checks to provide better errors in API for 'server' access type * Removed 'ensureUserTeamPermissionExist', changed permissionId type to string in 'ensureUserHasTeamPermission' * added different error types for user team permission --------- Co-authored-by: Fahad Khan <fahad.khan@net-mon.net> Co-authored-by: Zai Shi <zaishi00@outlook.com> * added ensureClientUserAuthenticated * improved error handling * removed unused imports * fixed bug * added member list * Sign up restriction button on dashboard Fix #66, #74 * moved data table to stack-ui * added remove user modal * fixed chokidar * updated ui * fixed merge * fixed merge * fixed merge * updated settings component * improved mobile styles * added user invitation ui * added team creation page * added team creation to team component * added setting icon to team switcher * added settings sections * added client_team_creation_enabled * added frontend team creation enabled checks * updated demo page * added member profile update * fixed profile editing * added leave team button * added create/delete team redirect * fixed column header, updated team setting * fixed account setting padding * updated tests --------- Co-authored-by: Stan Wohlwend <n2d4xc@gmail.com> Co-authored-by: Fahad Khan <62707456+kfahad5607@users.noreply.github.com> Co-authored-by: Fahad Khan <fahad.khan@net-mon.net>	2024-08-12 02:11:42 +02:00
Zai Shi	4bbead0ef9	Team invitation (#171) ... * team invitation wip * implemented handler * team invitation callback wip * added team invitation frontend * fixed listCurrentUserTeamPermissions * added team invitation email template * fixed bugs * fixed verification code handler * added more checks to team invitation verification * fixed team invitation page * restructured verification code handler * fixed frontend * fixed team invitation tests * added more team invitation test * fixed bug * added migration file * removed unused code	2024-08-10 09:45:47 -07:00