@hexclave/next 1.0.0 → 1.0.2

package/dist/lib/stack-app/apps/implementations/client-app-impl.js

@@ -1,31 +1,31 @@
 Object.defineProperty(exports, Symbol.toStringTag, { value: 'Module' });
 const require_chunk = require('../../../../chunk-BE-pF4vm.js');
-let _stackframe_stack_shared_dist_utils_errors = require("@hexclave/shared/dist/utils/errors");
-let _stackframe_stack_shared_dist_utils_promises = require("@hexclave/shared/dist/utils/promises");
+let _hexclave_shared_dist_utils_errors = require("@hexclave/shared/dist/utils/errors");
+let _hexclave_shared_dist_utils_promises = require("@hexclave/shared/dist/utils/promises");
 let react = require("react");
 react = require_chunk.__toESM(react);
-let _stackframe_stack_shared = require("@hexclave/shared");
-let _stackframe_stack_shared_dist_utils_urls = require("@hexclave/shared/dist/utils/urls");
-let _stackframe_stack_shared_dist_utils_react = require("@hexclave/shared/dist/utils/react");
-let _stackframe_stack_shared_dist_utils_objects = require("@hexclave/shared/dist/utils/objects");
+let _hexclave_shared = require("@hexclave/shared");
+let _hexclave_shared_dist_utils_react = require("@hexclave/shared/dist/utils/react");
+let _hexclave_shared_dist_utils_objects = require("@hexclave/shared/dist/utils/objects");
+let _hexclave_shared_dist_utils_urls = require("@hexclave/shared/dist/utils/urls");
 let next_navigation = require("next/navigation");
 next_navigation = require_chunk.__toESM(next_navigation);
-let _stackframe_stack_shared_dist_utils_strings = require("@hexclave/shared/dist/utils/strings");
-let _stackframe_stack_shared_dist_utils_results = require("@hexclave/shared/dist/utils/results");
-let _stackframe_stack_shared_dist_utils_env = require("@hexclave/shared/dist/utils/env");
+let _hexclave_shared_dist_utils_results = require("@hexclave/shared/dist/utils/results");
+let _hexclave_shared_dist_utils_strings = require("@hexclave/shared/dist/utils/strings");
+let _hexclave_shared_dist_utils_env = require("@hexclave/shared/dist/utils/env");
 let __common_js = require("./common.js");
-let _stackframe_stack_shared_dist_utils_redirect_urls = require("@hexclave/shared/dist/utils/redirect-urls");
-let _stackframe_stack_shared_dist_utils_bytes = require("@hexclave/shared/dist/utils/bytes");
+let _hexclave_shared_dist_utils_redirect_urls = require("@hexclave/shared/dist/utils/redirect-urls");
+let _hexclave_shared_dist_utils_bytes = require("@hexclave/shared/dist/utils/bytes");
 let ______common_js = require("../../common.js");
 let ______projects_index_js = require("../../projects/index.js");
 let _simplewebauthn_browser = require("@simplewebauthn/browser");
-let _stackframe_stack_shared_dist_sessions = require("@hexclave/shared/dist/sessions");
-let _stackframe_stack_shared_dist_utils_compile_time = require("@hexclave/shared/dist/utils/compile-time");
-let _stackframe_stack_shared_dist_utils_json = require("@hexclave/shared/dist/utils/json");
-let _stackframe_stack_shared_dist_utils_maps = require("@hexclave/shared/dist/utils/maps");
-let _stackframe_stack_shared_dist_utils_stores = require("@hexclave/shared/dist/utils/stores");
-let _stackframe_stack_shared_dist_utils_turnstile_flow = require("@hexclave/shared/dist/utils/turnstile-flow");
-let _stackframe_stack_shared_dist_utils_uuids = require("@hexclave/shared/dist/utils/uuids");
+let _hexclave_shared_dist_sessions = require("@hexclave/shared/dist/sessions");
+let _hexclave_shared_dist_utils_compile_time = require("@hexclave/shared/dist/utils/compile-time");
+let _hexclave_shared_dist_utils_json = require("@hexclave/shared/dist/utils/json");
+let _hexclave_shared_dist_utils_maps = require("@hexclave/shared/dist/utils/maps");
+let _hexclave_shared_dist_utils_stores = require("@hexclave/shared/dist/utils/stores");
+let _hexclave_shared_dist_utils_turnstile_flow = require("@hexclave/shared/dist/utils/turnstile-flow");
+let _hexclave_shared_dist_utils_uuids = require("@hexclave/shared/dist/utils/uuids");
 let cookie = require("cookie");
 cookie = require_chunk.__toESM(cookie);
 let ____________utils_url_js = require("../../../../utils/url.js");
@@ -42,13 +42,13 @@ let __redirect_page_urls_js = require("./redirect-page-urls.js");
 let __session_refresh_subscription_js = require("./session-refresh-subscription.js");
 let __session_replay_js = require("./session-replay.js");
 let ____________dev_tool_index_js = require("../../../../dev-tool/index.js");
-let _stackframe_stack_sc = require("@hexclave/sc");
-_stackframe_stack_sc = require_chunk.__toESM(_stackframe_stack_sc);
+let _hexclave_sc = require("@hexclave/sc");
+_hexclave_sc = require_chunk.__toESM(_hexclave_sc);
 
 //#region src/lib/stack-app/apps/implementations/client-app-impl.ts
 let isReactServer = false;
-isReactServer = _stackframe_stack_sc.isReactServer;
-const NextNavigation = (0, _stackframe_stack_shared_dist_utils_compile_time.scrambleDuringCompileTime)(next_navigation);
+isReactServer = _hexclave_sc.isReactServer;
+const NextNavigation = (0, _hexclave_shared_dist_utils_compile_time.scrambleDuringCompileTime)(next_navigation);
 const prefetchedCrossDomainHandoffTtlMs = 3300 * 1e3;
 const nestedCrossDomainAuthQueryParams = {
 	refreshTokenId: "stack_nested_cross_domain_auth_refresh_token_id",
@@ -73,7 +73,7 @@ const STACK_AUTHORIZATION_VALUE_PREFIX = "stackauth_";
 const HEXCLAVE_AUTHORIZATION_VALUE_PREFIX = "hexclave_";
 function getAuthorizationHeaderValueFromAuthJson(authJson) {
 	if (authJson.accessToken == null && authJson.refreshToken == null) return null;
-	return `Bearer ${STACK_AUTHORIZATION_VALUE_PREFIX}${(0, _stackframe_stack_shared_dist_utils_bytes.encodeBase64)(new TextEncoder().encode(JSON.stringify(authJson)))}`;
+	return `Bearer ${STACK_AUTHORIZATION_VALUE_PREFIX}${(0, _hexclave_shared_dist_utils_bytes.encodeBase64)(new TextEncoder().encode(JSON.stringify(authJson)))}`;
 }
 function getAuthJsonFromAuthorizationHeaderValue(authorizationHeaderValue) {
 	const match = authorizationHeaderValue.match(/^Bearer\s+(.+)$/i);
@@ -85,7 +85,7 @@ function getAuthJsonFromAuthorizationHeaderValue(authorizationHeaderValue) {
 	if (encodedAuthJson.length === 0) throw new Error("Invalid Authorization header format. Expected `Bearer stackauth_<base64(getAuthJson())>`.");
 	let parsed;
 	try {
-		const decodedAuthJson = new TextDecoder().decode((0, _stackframe_stack_shared_dist_utils_bytes.decodeBase64)(encodedAuthJson));
+		const decodedAuthJson = new TextDecoder().decode((0, _hexclave_shared_dist_utils_bytes.decodeBase64)(encodedAuthJson));
 		parsed = JSON.parse(decodedAuthJson);
 	} catch (e) {
 		throw new Error("Invalid stackauth authorization header.", { cause: e });
@@ -107,7 +107,7 @@ function getHeaderValueFromRequestLikeHeaders(headers, name) {
 	return null;
 }
 async function getServerRequestHost() {
-	return (await _stackframe_stack_sc.headers?.())?.get("host") ?? null;
+	return (await _hexclave_sc.headers?.())?.get("host") ?? null;
 }
 var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 	static {
@@ -125,7 +125,7 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 		if (!user || !user.oauth_providers.find((p) => p.id === options.providerId)) hasConnection = false;
 		if (!await options.getOrWaitOAuthToken()) hasConnection = false;
 		if (!hasConnection && options.redirect) {
-			if (!options.session) throw new Error(_stackframe_stack_shared_dist_utils_strings.deindent`
+			if (!options.session) throw new Error(_hexclave_shared_dist_utils_strings.deindent`
           Cannot add new scopes to a user that is not a CurrentUser. Please ensure that you are calling this function on a CurrentUser object, or remove the 'or: redirect' option.
 
           Often, you can solve this by calling this function in the browser instead, or by removing the 'or: redirect' option and dealing with the case where the user doesn't have enough permissions.
@@ -134,10 +134,10 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 				provider: options.providerId,
 				redirectUrl: this._getOAuthCallbackRedirectUri(),
 				errorRedirectUrl: this.urls.error,
-				providerScope: (0, _stackframe_stack_shared_dist_utils_strings.mergeScopeStrings)(options.scope || "", (this._oauthScopesOnSignIn[options.providerId] ?? []).join(" "))
+				providerScope: (0, _hexclave_shared_dist_utils_strings.mergeScopeStrings)(options.scope || "", (this._oauthScopesOnSignIn[options.providerId] ?? []).join(" "))
 			}, options.session);
 			await this._redirectTo({ url: location });
-			return await (0, _stackframe_stack_shared_dist_utils_promises.neverResolve)();
+			return await (0, _hexclave_shared_dist_utils_promises.neverResolve)();
 		} else if (!hasConnection) return null;
 		const providerAccountId = user.oauth_providers.find((p) => p.id === options.providerId)?.account_id ?? "";
 		return {
@@ -146,12 +146,12 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 			providerAccountId,
 			async getAccessToken() {
 				const result = await options.getOrWaitOAuthToken();
-				if (!result) throw new _stackframe_stack_shared_dist_utils_errors.HexclaveAssertionError(`Failed to retrieve an access token for this connected account (provider: ${options.providerId}). This usually means the OAuth refresh token has been revoked or expired. The user needs to re-authorize by calling \`linkConnectedAccount\` or using \`getOrLinkConnectedAccount\`.`);
+				if (!result) throw new _hexclave_shared_dist_utils_errors.HexclaveAssertionError(`Failed to retrieve an access token for this connected account (provider: ${options.providerId}). This usually means the OAuth refresh token has been revoked or expired. The user needs to re-authorize by calling \`linkConnectedAccount\` or using \`getOrLinkConnectedAccount\`.`);
 				return result;
 			},
 			useAccessToken() {
 				const result = options.useOAuthToken();
-				if (!result) throw new _stackframe_stack_shared_dist_utils_errors.HexclaveAssertionError(`Failed to retrieve an access token for this connected account (provider: ${options.providerId}). This usually means the OAuth refresh token has been revoked or expired. The user needs to re-authorize by calling \`linkConnectedAccount\` or using \`getOrLinkConnectedAccount\`.`);
+				if (!result) throw new _hexclave_shared_dist_utils_errors.HexclaveAssertionError(`Failed to retrieve an access token for this connected account (provider: ${options.providerId}). This usually means the OAuth refresh token has been revoked or expired. The user needs to re-authorize by calling \`linkConnectedAccount\` or using \`getOrLinkConnectedAccount\`.`);
 				return result;
 			}
 		};
@@ -166,7 +166,7 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 			providerAccountId,
 			async getAccessToken(options) {
 				const scopeString = options?.scopes?.join(" ") ?? "";
-				const result = _stackframe_stack_shared_dist_utils_results.Result.orThrow(await app._currentUserOAuthConnectionAccessTokensByAccountCache.getOrWait([
+				const result = _hexclave_shared_dist_utils_results.Result.orThrow(await app._currentUserOAuthConnectionAccessTokensByAccountCache.getOrWait([
 					session,
 					providerId,
 					providerAccountId,
@@ -174,9 +174,9 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 				], "write-only"));
 				if (!result) {
 					const scopeDetail = scopeString ? `The requested scopes [${scopeString}] are not available on the existing token.` : "The OAuth refresh token has likely been revoked or expired.";
-					return _stackframe_stack_shared_dist_utils_results.Result.error(new _stackframe_stack_shared.KnownErrors.OAuthAccessTokenNotAvailable(providerId, `${scopeDetail} The user needs to re-authorize by calling \`linkConnectedAccount\` or using \`getOrLinkConnectedAccount\`.`));
+					return _hexclave_shared_dist_utils_results.Result.error(new _hexclave_shared.KnownErrors.OAuthAccessTokenNotAvailable(providerId, `${scopeDetail} The user needs to re-authorize by calling \`linkConnectedAccount\` or using \`getOrLinkConnectedAccount\`.`));
 				}
-				return _stackframe_stack_shared_dist_utils_results.Result.ok(result);
+				return _hexclave_shared_dist_utils_results.Result.ok(result);
 			},
 			useAccessToken(options) {
 				const scopeString = options?.scopes?.join(" ") ?? "";
@@ -188,9 +188,9 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 				], "connection.useAccessToken()");
 				if (!result) {
 					const scopeDetail = scopeString ? `The requested scopes [${scopeString}] are not available on the existing token.` : "The OAuth refresh token has likely been revoked or expired.";
-					return _stackframe_stack_shared_dist_utils_results.Result.error(new _stackframe_stack_shared.KnownErrors.OAuthAccessTokenNotAvailable(providerId, `${scopeDetail} The user needs to re-authorize by calling \`linkConnectedAccount\` or using \`getOrLinkConnectedAccount\`.`));
+					return _hexclave_shared_dist_utils_results.Result.error(new _hexclave_shared.KnownErrors.OAuthAccessTokenNotAvailable(providerId, `${scopeDetail} The user needs to re-authorize by calling \`linkConnectedAccount\` or using \`getOrLinkConnectedAccount\`.`));
 				}
-				return _stackframe_stack_shared_dist_utils_results.Result.ok(result);
+				return _hexclave_shared_dist_utils_results.Result.ok(result);
 			}
 		};
 	}
@@ -199,14 +199,14 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 		this._sessionRecorder = null;
 		this._eventTracker = null;
 		this.__DEMO_ENABLE_SLIGHT_FETCH_DELAY = false;
-		this._ownedAdminApps = new _stackframe_stack_shared_dist_utils_maps.DependenciesMap();
+		this._ownedAdminApps = new _hexclave_shared_dist_utils_maps.DependenciesMap();
 		this._currentUserCache = (0, __common_js.createCacheBySession)(async (session) => {
-			if (this.__DEMO_ENABLE_SLIGHT_FETCH_DELAY) await (0, _stackframe_stack_shared_dist_utils_promises.wait)(2e3);
+			if (this.__DEMO_ENABLE_SLIGHT_FETCH_DELAY) await (0, _hexclave_shared_dist_utils_promises.wait)(2e3);
 			if (session.isKnownToBeInvalid()) return null;
 			return await this._interface.getClientUserByToken(session);
 		});
 		this._currentProjectCache = (0, __common_js.createCache)(async () => {
-			return _stackframe_stack_shared_dist_utils_results.Result.orThrow(await this._interface.getClientProject());
+			return _hexclave_shared_dist_utils_results.Result.orThrow(await this._interface.getClientProject());
 		});
 		this._ownedProjectsCache = (0, __common_js.createCacheBySession)(async (session) => {
 			return await this._interface.listProjects(session);
@@ -227,14 +227,14 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 			try {
 				return { accessToken: (await this._interface.createProviderAccessToken(providerId, scope || "", session)).access_token };
 			} catch (err) {
-				if (!(_stackframe_stack_shared.KnownErrors.OAuthAccessTokenNotAvailable.isInstance(err) || _stackframe_stack_shared.KnownErrors.OAuthConnectionDoesNotHaveRequiredScope.isInstance(err) || _stackframe_stack_shared.KnownErrors.OAuthConnectionNotConnectedToUser.isInstance(err))) throw err;
+				if (!(_hexclave_shared.KnownErrors.OAuthAccessTokenNotAvailable.isInstance(err) || _hexclave_shared.KnownErrors.OAuthConnectionDoesNotHaveRequiredScope.isInstance(err) || _hexclave_shared.KnownErrors.OAuthConnectionNotConnectedToUser.isInstance(err))) throw err;
 			}
 			return null;
 		});
 		this._currentUserOAuthConnectionCache = (0, __common_js.createCacheBySession)(async (session, [providerId, scope, redirect]) => {
 			return await this._getUserOAuthConnectionCacheFn({
-				getUser: async () => _stackframe_stack_shared_dist_utils_results.Result.orThrow(await this._currentUserCache.getOrWait([session], "write-only")),
-				getOrWaitOAuthToken: async () => _stackframe_stack_shared_dist_utils_results.Result.orThrow(await this._currentUserOAuthConnectionAccessTokensCache.getOrWait([
+				getUser: async () => _hexclave_shared_dist_utils_results.Result.orThrow(await this._currentUserCache.getOrWait([session], "write-only")),
+				getOrWaitOAuthToken: async () => _hexclave_shared_dist_utils_results.Result.orThrow(await this._currentUserOAuthConnectionAccessTokensCache.getOrWait([
 					session,
 					providerId,
 					scope || ""
@@ -257,22 +257,22 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 			try {
 				return { accessToken: (await this._interface.createProviderAccessTokenByAccount(providerId, providerAccountId, scope, session)).access_token };
 			} catch (err) {
-				if (_stackframe_stack_shared.KnownErrors.OAuthAccessTokenNotAvailable.isInstance(err) || _stackframe_stack_shared.KnownErrors.OAuthConnectionDoesNotHaveRequiredScope.isInstance(err) || _stackframe_stack_shared.KnownErrors.OAuthConnectionNotConnectedToUser.isInstance(err)) return null;
+				if (_hexclave_shared.KnownErrors.OAuthAccessTokenNotAvailable.isInstance(err) || _hexclave_shared.KnownErrors.OAuthConnectionDoesNotHaveRequiredScope.isInstance(err) || _hexclave_shared.KnownErrors.OAuthConnectionNotConnectedToUser.isInstance(err)) return null;
 				throw err;
 			}
 		});
 		this._currentUserValidConnectedAccountForProviderCache = (0, __common_js.createCacheBySession)(async (session, [provider, scopeString]) => {
-			const matchingAccounts = _stackframe_stack_shared_dist_utils_results.Result.orThrow(await this._currentUserConnectedAccountsCache.getOrWait([session], "write-only")).filter((a) => a.provider === provider);
+			const matchingAccounts = _hexclave_shared_dist_utils_results.Result.orThrow(await this._currentUserConnectedAccountsCache.getOrWait([session], "write-only")).filter((a) => a.provider === provider);
 			const scopes = scopeString ? scopeString.split(" ") : void 0;
 			for (const account of matchingAccounts) if ((await account.getAccessToken({ scopes })).status === "ok") return account;
 			const location = await (0, _________auth_js.getNewOAuthProviderOrScopeUrl)(this._interface, {
 				provider,
 				redirectUrl: this._getOAuthCallbackRedirectUri(),
 				errorRedirectUrl: this.urls.error,
-				providerScope: (0, _stackframe_stack_shared_dist_utils_strings.mergeScopeStrings)(scopeString, (this._oauthScopesOnSignIn[provider] ?? []).join(" "))
+				providerScope: (0, _hexclave_shared_dist_utils_strings.mergeScopeStrings)(scopeString, (this._oauthScopesOnSignIn[provider] ?? []).join(" "))
 			}, session);
 			await this._redirectTo({ url: location });
-			return await (0, _stackframe_stack_shared_dist_utils_promises.neverResolve)();
+			return await (0, _hexclave_shared_dist_utils_promises.neverResolve)();
 		});
 		this._teamMemberProfilesCache = (0, __common_js.createCacheBySession)(async (session, [teamId]) => {
 			return await this._interface.listTeamMemberProfiles({ teamId }, session);
@@ -380,7 +380,7 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 		this._sessionsByTokenStoreAndSessionKey = /* @__PURE__ */ new WeakMap();
 		this._botChallengeSiteKeysWarned = false;
 		const resolvedOptions = (0, __common_js.resolveConstructorOptions)(options);
-		if (!_StackClientAppImplIncomplete.LazyStackAdminAppImpl.value) throw new _stackframe_stack_shared_dist_utils_errors.HexclaveAssertionError("Admin app implementation not initialized. Did you import the _StackClientApp from stack-app/apps/implementations/index.ts? You can't import it directly from ./apps/implementations/client-app-impl.ts as that causes a circular dependency (see the comment at _LazyStackAdminAppImpl for more details).");
+		if (!_StackClientAppImplIncomplete.LazyStackAdminAppImpl.value) throw new _hexclave_shared_dist_utils_errors.HexclaveAssertionError("Admin app implementation not initialized. Did you import the _StackClientApp from stack-app/apps/implementations/index.ts? You can't import it directly from ./apps/implementations/client-app-impl.ts as that causes a circular dependency (see the comment at _LazyStackAdminAppImpl for more details).");
 		this._options = resolvedOptions;
 		this._extraOptions = extraOptions;
 		const projectId = resolvedOptions.projectId ?? (0, __common_js.getDefaultProjectId)();
@@ -389,7 +389,7 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 		if (extraOptions && extraOptions.interface) this._interface = extraOptions.interface;
 		else {
 			const apiUrls = (0, __common_js.resolveApiUrls)(resolvedOptions.baseUrl);
-			this._interface = new _stackframe_stack_shared.HexclaveClientInterface({
+			this._interface = new _hexclave_shared.HexclaveClientInterface({
 				getBaseUrl: () => apiUrls()[0],
 				getAnalyticsBaseUrl: () => (0, __common_js.getAnalyticsBaseUrl)(apiUrls()[0]),
 				getApiUrls: apiUrls,
@@ -398,17 +398,17 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 				clientVersion: __common_js.clientVersion,
 				...publishableClientKey != null ? { publishableClientKey } : {},
 				prepareRequest: async () => {
-					await _stackframe_stack_sc.cookies?.();
+					await _hexclave_sc.cookies?.();
 				}
 			});
 		}
 		this._tokenStoreInit = resolvedOptions.tokenStore;
-		this._redirectMethod = resolvedOptions.redirectMethod || ((0, _stackframe_stack_shared_dist_utils_env.isBrowserLike)() ? "window" : "none");
+		this._redirectMethod = resolvedOptions.redirectMethod || ((0, _hexclave_shared_dist_utils_env.isBrowserLike)() ? "window" : "none");
 		this._redirectMethod = resolvedOptions.redirectMethod || "nextjs";
 		this._urlOptions = resolvedOptions.urls ?? {};
 		this._oauthScopesOnSignIn = resolvedOptions.oauthScopesOnSignIn ?? {};
-		if ((0, _stackframe_stack_shared_dist_utils_env.isBrowserLike)() && (resolvedOptions.tokenStore === "cookie" || resolvedOptions.tokenStore === "nextjs-cookie")) {
-			(0, _stackframe_stack_shared_dist_utils_promises.runAsynchronously)(this._trustedParentDomainCache.getOrWait([window.location.hostname], "write-only"));
+		if ((0, _hexclave_shared_dist_utils_env.isBrowserLike)() && (resolvedOptions.tokenStore === "cookie" || resolvedOptions.tokenStore === "nextjs-cookie")) {
+			(0, _hexclave_shared_dist_utils_promises.runAsynchronously)(this._trustedParentDomainCache.getOrWait([window.location.hostname], "write-only"));
 			this._ensureCrossSubdomainCookieExists();
 		}
 		if (extraOptions && extraOptions.uniqueIdentifier) {
@@ -425,7 +425,7 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 			return (await this.getUser({ or: "anonymous" }))._internalSession;
 		};
 		const analyticsEnabled = this._analyticsOptions?.enabled !== false;
-		if (analyticsEnabled && (0, _stackframe_stack_shared_dist_utils_env.isBrowserLike)() && this._hasPersistentTokenStore() && this._analyticsOptions?.replays?.enabled === true) {
+		if (analyticsEnabled && (0, _hexclave_shared_dist_utils_env.isBrowserLike)() && this._hasPersistentTokenStore() && this._analyticsOptions?.replays?.enabled === true) {
 			this._sessionRecorder = new __session_replay_js.SessionRecorder({
 				projectId: this.projectId,
 				sendBatch: async (body, opts) => {
@@ -434,7 +434,7 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 			}, this._analyticsOptions.replays);
 			this._sessionRecorder.start();
 		}
-		if (analyticsEnabled && (0, _stackframe_stack_shared_dist_utils_env.isBrowserLike)() && this._hasPersistentTokenStore()) {
+		if (analyticsEnabled && (0, _hexclave_shared_dist_utils_env.isBrowserLike)() && this._hasPersistentTokenStore()) {
 			this._eventTracker = new __event_tracker_js.EventTracker({
 				projectId: this.projectId,
 				sendBatch: async (body, opts) => {
@@ -443,17 +443,17 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 			});
 			this._eventTracker.start();
 		}
-		if ((0, _stackframe_stack_shared_dist_utils_env.isBrowserLike)() && this._isOAuthCallbackUrlHosted() && this._currentUrlLooksLikeStackOAuthCallback()) this._trackPendingAuthResolution(async () => {
-			if ((0, _stackframe_stack_shared_dist_utils_env.isBrowserLike)()) await this.callOAuthCallback({ dontWarnAboutMissingQueryParams: true });
+		if ((0, _hexclave_shared_dist_utils_env.isBrowserLike)() && this._isOAuthCallbackUrlHosted() && this._currentUrlLooksLikeStackOAuthCallback()) this._trackPendingAuthResolution(async () => {
+			if ((0, _hexclave_shared_dist_utils_env.isBrowserLike)()) await this.callOAuthCallback({ dontWarnAboutMissingQueryParams: true });
 		});
-		if ((0, _stackframe_stack_shared_dist_utils_env.isBrowserLike)()) this._trackPendingAuthResolution(async () => {
+		if ((0, _hexclave_shared_dist_utils_env.isBrowserLike)()) this._trackPendingAuthResolution(async () => {
 			await this._maybeHandleNestedCrossDomainAuth();
 		});
-		if ((0, _stackframe_stack_shared_dist_utils_env.isBrowserLike)() && resolvedOptions.devTool !== false) (0, ____________dev_tool_index_js.mountDevTool)(this);
+		if ((0, _hexclave_shared_dist_utils_env.isBrowserLike)() && resolvedOptions.devTool !== false) (0, ____________dev_tool_index_js.mountDevTool)(this);
 	}
 	_initUniqueIdentifier() {
-		if (!this._uniqueIdentifier) throw new _stackframe_stack_shared_dist_utils_errors.HexclaveAssertionError("Unique identifier not initialized");
-		if (allClientApps.has(this._uniqueIdentifier)) throw new _stackframe_stack_shared_dist_utils_errors.HexclaveAssertionError("A Stack client app with the same unique identifier already exists");
+		if (!this._uniqueIdentifier) throw new _hexclave_shared_dist_utils_errors.HexclaveAssertionError("Unique identifier not initialized");
+		if (allClientApps.has(this._uniqueIdentifier)) throw new _hexclave_shared_dist_utils_errors.HexclaveAssertionError("A Stack client app with the same unique identifier already exists");
 		allClientApps.set(this._uniqueIdentifier, [this._extraOptions?.checkString ?? void 0, this]);
 	}
 	_trackPendingAuthResolution(callback) {
@@ -462,11 +462,11 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 			try {
 				await callback();
 			} catch (error) {
-				(0, _stackframe_stack_shared_dist_utils_errors.captureError)("pending-auth-resolution-failed", error);
+				(0, _hexclave_shared_dist_utils_errors.captureError)("pending-auth-resolution-failed", error);
 			}
 		})();
 		this._pendingAuthResolutionPromises.push(promise);
-		(0, _stackframe_stack_shared_dist_utils_promises.runAsynchronously)(async () => {
+		(0, _hexclave_shared_dist_utils_promises.runAsynchronously)(async () => {
 			try {
 				await promise;
 			} finally {
@@ -480,7 +480,7 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 	}
 	_usePendingAuthResolutions(overrideTokenStoreInit) {
 		if (overrideTokenStoreInit !== void 0 || !this._hasPersistentTokenStore() || this._pendingAuthResolutionPromises.length === 0) return;
-		(0, _stackframe_stack_shared_dist_utils_react.use)(Promise.all(this._pendingAuthResolutionPromises));
+		(0, _hexclave_shared_dist_utils_react.use)(Promise.all(this._pendingAuthResolutionPromises));
 	}
 	_isOAuthCallbackUrlHosted() {
 		const oauthCallbackTarget = this._urlOptions.oauthCallback ?? this._urlOptions.default;
@@ -500,7 +500,7 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 	}
 	_getOAuthCallbackRedirectUri() {
 		if (!this._isOAuthCallbackUrlHosted()) return this.urls.oauthCallback;
-		if (typeof window === "undefined") throw new _stackframe_stack_shared_dist_utils_errors.HexclaveAssertionError("Hosted OAuth callback URLs require a browser environment to use the current URL as the redirect URI");
+		if (typeof window === "undefined") throw new _hexclave_shared_dist_utils_errors.HexclaveAssertionError("Hosted OAuth callback URLs require a browser environment to use the current URL as the redirect URI");
 		const currentUrl = new URL(window.location.href);
 		for (const param of oauthCallbackResponseQueryParams) currentUrl.searchParams.delete(param);
 		return currentUrl.toString();
@@ -532,13 +532,13 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 		const state = currentUrl.searchParams.get(nestedCrossDomainAuthQueryParams.state);
 		const codeChallenge = currentUrl.searchParams.get(nestedCrossDomainAuthQueryParams.codeChallenge);
 		if (redirectUri != null || state != null || codeChallenge != null) {
-			if (redirectUri == null || state == null || codeChallenge == null) throw new _stackframe_stack_shared_dist_utils_errors.HexclaveAssertionError("Nested cross-domain auth callback URL is missing OAuth request parameters", {
+			if (redirectUri == null || state == null || codeChallenge == null) throw new _hexclave_shared_dist_utils_errors.HexclaveAssertionError("Nested cross-domain auth callback URL is missing OAuth request parameters", {
 				redirectUri,
 				state,
 				codeChallenge
 			});
-			if ((currentUrl.searchParams.get(nestedCrossDomainAuthQueryParams.codeChallengeMethod) ?? "S256") !== "S256") throw new _stackframe_stack_shared_dist_utils_errors.HexclaveAssertionError("Nested cross-domain auth only supports S256 PKCE");
-			if ((0, _stackframe_stack_shared_dist_utils_urls.isRelative)(redirectUri)) throw new Error("Nested cross-domain auth redirect URI must be absolute.");
+			if ((currentUrl.searchParams.get(nestedCrossDomainAuthQueryParams.codeChallengeMethod) ?? "S256") !== "S256") throw new _hexclave_shared_dist_utils_errors.HexclaveAssertionError("Nested cross-domain auth only supports S256 PKCE");
+			if ((0, _hexclave_shared_dist_utils_urls.isRelative)(redirectUri)) throw new Error("Nested cross-domain auth redirect URI must be absolute.");
 			const redirectUriUrl = new URL(redirectUri);
 			if (!await this._isTrusted(redirectUriUrl.toString())) throw new Error(`Nested cross-domain auth redirect URI ${redirectUri} is not trusted.`);
 			const afterCallbackRedirectUrlString = currentUrl.searchParams.get(nestedCrossDomainAuthQueryParams.afterCallbackRedirectUrl);
@@ -559,16 +559,29 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 		}
 		if (await this._getCurrentRefreshTokenIdIfSignedIn({ awaitPendingAuthResolutions: false }) === refreshTokenId) return false;
 		const callbackUrlString = currentUrl.searchParams.get(nestedCrossDomainAuthQueryParams.callbackUrl);
-		if (callbackUrlString == null) throw new _stackframe_stack_shared_dist_utils_errors.HexclaveAssertionError("Nested cross-domain auth URL is missing callback URL");
-		if ((0, _stackframe_stack_shared_dist_utils_urls.isRelative)(callbackUrlString)) throw new Error("Nested cross-domain auth callback URL must be absolute.");
+		if (callbackUrlString == null) throw new _hexclave_shared_dist_utils_errors.HexclaveAssertionError("Nested cross-domain auth URL is missing callback URL");
+		if ((0, _hexclave_shared_dist_utils_urls.isRelative)(callbackUrlString)) throw new Error("Nested cross-domain auth callback URL must be absolute.");
 		const callbackUrl = new URL(callbackUrlString);
 		if (!await this._isTrusted(callbackUrl.toString())) throw new Error(`Nested cross-domain auth callback URL ${callbackUrlString} is not trusted.`);
 		const afterCallbackRedirectUrl = new URL(currentUrl);
 		afterCallbackRedirectUrl.searchParams.delete(nestedCrossDomainAuthQueryParams.refreshTokenId);
 		afterCallbackRedirectUrl.searchParams.delete(nestedCrossDomainAuthQueryParams.callbackUrl);
-		const { state: newState, codeChallenge: newCodeChallenge } = await this._getCrossDomainHandoffParamsForRedirect(currentUrl);
+		const { state: newState, codeChallenge: newCodeChallenge } = await this._getNestedCrossDomainAuthParamsForRedirect();
+		const nestedRedirectUri = new URL(this._getOAuthCallbackRedirectUri(), currentUrl);
+		nestedRedirectUri.searchParams.delete(nestedCrossDomainAuthQueryParams.refreshTokenId);
+		nestedRedirectUri.searchParams.delete(nestedCrossDomainAuthQueryParams.callbackUrl);
+		for (const param of [
+			"after_auth_return_to",
+			__redirect_page_urls_js.crossDomainAuthQueryParams.marker,
+			__redirect_page_urls_js.crossDomainAuthQueryParams.state,
+			__redirect_page_urls_js.crossDomainAuthQueryParams.codeChallenge,
+			__redirect_page_urls_js.crossDomainAuthQueryParams.afterCallbackRedirectUrl
+		]) {
+			const value = currentUrl.searchParams.get(param);
+			if (value != null && !nestedRedirectUri.searchParams.has(param)) nestedRedirectUri.searchParams.set(param, value);
+		}
 		callbackUrl.searchParams.set(nestedCrossDomainAuthQueryParams.refreshTokenId, refreshTokenId);
-		callbackUrl.searchParams.set(nestedCrossDomainAuthQueryParams.redirectUri, new URL(this._getOAuthCallbackRedirectUri(), currentUrl).toString());
+		callbackUrl.searchParams.set(nestedCrossDomainAuthQueryParams.redirectUri, nestedRedirectUri.toString());
 		callbackUrl.searchParams.set(nestedCrossDomainAuthQueryParams.state, newState);
 		callbackUrl.searchParams.set(nestedCrossDomainAuthQueryParams.codeChallenge, newCodeChallenge);
 		callbackUrl.searchParams.set(nestedCrossDomainAuthQueryParams.codeChallengeMethod, "S256");
@@ -579,6 +592,9 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 		});
 		return true;
 	}
+	async _getNestedCrossDomainAuthParamsForRedirect() {
+		return await (0, _________cookie_js.saveVerifierAndState)();
+	}
 	/**
 	* Cloudflare workers does not allow use of randomness on the global scope (on which the Stack app is probably
 	* initialized). For that reason, we generate the unique identifier lazily when it is first needed instead of in the
@@ -586,7 +602,7 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 	*/
 	_getUniqueIdentifier() {
 		if (!this._uniqueIdentifier) {
-			this._uniqueIdentifier = (0, _stackframe_stack_shared_dist_utils_uuids.generateUuid)();
+			this._uniqueIdentifier = (0, _hexclave_shared_dist_utils_uuids.generateUuid)();
 			this._initUniqueIdentifier();
 		}
 		return this._uniqueIdentifier;
@@ -598,8 +614,8 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 		});
 	}
 	_useCheckFeatureSupport(name, options) {
-		(0, _stackframe_stack_shared_dist_utils_promises.runAsynchronously)(this._checkFeatureSupport(name, options));
-		throw new _stackframe_stack_shared_dist_utils_errors.HexclaveAssertionError(`${name} is not currently supported. Please reach out to Stack support for more information.`);
+		(0, _hexclave_shared_dist_utils_promises.runAsynchronously)(this._checkFeatureSupport(name, options));
+		throw new _hexclave_shared_dist_utils_errors.HexclaveAssertionError(`${name} is not currently supported. Please reach out to Stack support for more information.`);
 	}
 	get _legacyRefreshTokenCookieName() {
 		return `stack-refresh-${this.projectId}`;
@@ -611,7 +627,7 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 		return `${secure ? "__Host-" : ""}${this._refreshTokenCookieName}--default`;
 	}
 	_getCustomRefreshCookieName(domain) {
-		const encoded = (0, _stackframe_stack_shared_dist_utils_bytes.encodeBase32)(new TextEncoder().encode(domain.toLowerCase()));
+		const encoded = (0, _hexclave_shared_dist_utils_bytes.encodeBase32)(new TextEncoder().encode(domain.toLowerCase()));
 		return `${this._refreshTokenCookieName}--custom-${encoded}`;
 	}
 	_getDomainFromCustomRefreshCookieName(name) {
@@ -619,7 +635,7 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 			const prefix = `${base}--custom-`;
 			if (!name.startsWith(prefix)) continue;
 			try {
-				return new TextDecoder().decode((0, _stackframe_stack_shared_dist_utils_bytes.decodeBase32)(name.slice(prefix.length)));
+				return new TextDecoder().decode((0, _hexclave_shared_dist_utils_bytes.decodeBase32)(name.slice(prefix.length)));
 			} catch {
 				return null;
 			}
@@ -637,7 +653,7 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 	}
 	_parseStructuredRefreshCookie(value) {
 		if (!value) return null;
-		const parsed = (0, _stackframe_stack_shared_dist_utils_json.parseJson)(value);
+		const parsed = (0, _hexclave_shared_dist_utils_json.parseJson)(value);
 		if (parsed.status !== "ok" || typeof parsed.data !== "object" || parsed.data === null) {
 			console.warn("Failed to parse structured refresh cookie");
 			return null;
@@ -696,7 +712,7 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 		const accessTokenCookie = cookies[this._accessTokenCookieName] ?? cookies[this._legacyAccessTokenCookieName] ?? null;
 		let accessToken = null;
 		if (accessTokenCookie && accessTokenCookie.startsWith("[\"")) {
-			const parsed = (0, _stackframe_stack_shared_dist_utils_json.parseJson)(accessTokenCookie);
+			const parsed = (0, _hexclave_shared_dist_utils_json.parseJson)(accessTokenCookie);
 			if (parsed.status === "ok" && typeof parsed.data === "object" && parsed.data !== null && Array.isArray(parsed.data) && parsed.data.length === 2 && typeof parsed.data[0] === "string" && typeof parsed.data[1] === "string") {
 				if (parsed.data[0] === refreshToken) accessToken = parsed.data[1];
 			} else console.warn("Access token cookie has invalid format");
@@ -713,7 +729,7 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 		return `stack-access`;
 	}
 	_getAllBrowserCookies() {
-		if (!(0, _stackframe_stack_shared_dist_utils_env.isBrowserLike)()) throw new _stackframe_stack_shared_dist_utils_errors.HexclaveAssertionError("Cannot get browser cookies on the server!");
+		if (!(0, _hexclave_shared_dist_utils_env.isBrowserLike)()) throw new _hexclave_shared_dist_utils_errors.HexclaveAssertionError("Cannot get browser cookies on the server!");
 		return cookie.parseCookie(document.cookie || "");
 	}
 	_getRefreshTokenCookieNamePatterns() {
@@ -746,7 +762,7 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 		};
 	}
 	_ensureCrossSubdomainCookieExists() {
-		(0, _stackframe_stack_shared_dist_utils_promises.runAsynchronously)(async () => {
+		(0, _hexclave_shared_dist_utils_promises.runAsynchronously)(async () => {
 			const hostname = window.location.hostname;
 			const domain = await this._trustedParentDomainCache.getOrWait([hostname], "read-write");
 			if (domain.status === "error" || !domain.data) return;
@@ -761,11 +777,11 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 		});
 	}
 	_queueCustomRefreshCookieUpdate(refreshToken, updatedAt, context) {
-		(0, _stackframe_stack_shared_dist_utils_promises.runAsynchronously)(async () => {
+		(0, _hexclave_shared_dist_utils_promises.runAsynchronously)(async () => {
 			this._mostRecentQueuedCookieRefreshIndex++;
 			const updateIndex = this._mostRecentQueuedCookieRefreshIndex;
 			let hostname;
-			if ((0, _stackframe_stack_shared_dist_utils_env.isBrowserLike)()) hostname = window.location.hostname;
+			if ((0, _hexclave_shared_dist_utils_env.isBrowserLike)()) hostname = window.location.hostname;
 			else hostname = await getServerRequestHost();
 			if (!hostname) {
 				console.warn("No hostname found when queueing custom refresh cookie update");
@@ -795,7 +811,7 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 		});
 	}
 	async _getTrustedRedirectConfig() {
-		const project = _stackframe_stack_shared_dist_utils_results.Result.orThrow(await this._currentProjectCache.getOrWait([], "write-only"));
+		const project = _hexclave_shared_dist_utils_results.Result.orThrow(await this._currentProjectCache.getOrWait([], "write-only"));
 		return {
 			allowLocalhost: project.config.allow_localhost,
 			trustedDomains: [...project.config.domains.map((d) => d.domain), new URL((0, ______url_targets_js.getHostedHandlerUrl)({
@@ -805,10 +821,10 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 		};
 	}
 	async _getTrustedParentDomain(currentDomain) {
-		return (0, _stackframe_stack_shared_dist_utils_redirect_urls.getTrustedParentDomain)(currentDomain, (await this._getTrustedRedirectConfig()).trustedDomains);
+		return (0, _hexclave_shared_dist_utils_redirect_urls.getTrustedParentDomain)(currentDomain, (await this._getTrustedRedirectConfig()).trustedDomains);
 	}
 	_getBrowserCookieTokenStore() {
-		if (!(0, _stackframe_stack_shared_dist_utils_env.isBrowserLike)()) throw new Error("Cannot use cookie token store on the server!");
+		if (!(0, _hexclave_shared_dist_utils_env.isBrowserLike)()) throw new Error("Cannot use cookie token store on the server!");
 		if (this._storedBrowserCookieTokenStore === null) {
 			const getCurrentValue = (old) => {
 				const tokens = this._getTokensFromCookies(this._getAllBrowserCookies());
@@ -817,13 +833,13 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 					accessToken: tokens.accessToken ?? (old?.refreshToken === tokens.refreshToken ? old.accessToken : null)
 				};
 			};
-			this._storedBrowserCookieTokenStore = new _stackframe_stack_shared_dist_utils_stores.Store(getCurrentValue(null));
+			this._storedBrowserCookieTokenStore = new _hexclave_shared_dist_utils_stores.Store(getCurrentValue(null));
 			let hasSucceededInWriting = true;
 			setInterval(() => {
 				if (hasSucceededInWriting) {
 					const oldValue = this._storedBrowserCookieTokenStore.get();
 					const currentValue = getCurrentValue(oldValue);
-					if (!(0, _stackframe_stack_shared_dist_utils_objects.deepPlainEquals)(currentValue, oldValue)) this._storedBrowserCookieTokenStore.set(currentValue);
+					if (!(0, _hexclave_shared_dist_utils_objects.deepPlainEquals)(currentValue, oldValue)) this._storedBrowserCookieTokenStore.set(currentValue);
 				}
 			}, 100);
 			this._storedBrowserCookieTokenStore.onChange((value) => {
@@ -844,7 +860,7 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 					this._queueCustomRefreshCookieUpdate(refreshToken, updatedAt, "browser");
 					hasSucceededInWriting = true;
 				} catch (e) {
-					if (!(0, _stackframe_stack_shared_dist_utils_env.isBrowserLike)()) hasSucceededInWriting = false;
+					if (!(0, _hexclave_shared_dist_utils_env.isBrowserLike)()) hasSucceededInWriting = false;
 					else throw e;
 				}
 			});
@@ -855,11 +871,11 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 		const tokenStoreInit = overrideTokenStoreInit === void 0 ? this._tokenStoreInit : overrideTokenStoreInit;
 		switch (tokenStoreInit) {
 			case "cookie": return this._getBrowserCookieTokenStore();
-			case "nextjs-cookie": if ((0, _stackframe_stack_shared_dist_utils_env.isBrowserLike)()) return this._getBrowserCookieTokenStore();
+			case "nextjs-cookie": if ((0, _hexclave_shared_dist_utils_env.isBrowserLike)()) return this._getBrowserCookieTokenStore();
 			else {
-				const store = new _stackframe_stack_shared_dist_utils_stores.Store(this._getTokensFromCookies(cookieHelper.getAll()));
+				const store = new _hexclave_shared_dist_utils_stores.Store(this._getTokensFromCookies(cookieHelper.getAll()));
 				store.onChange((value) => {
-					(0, _stackframe_stack_shared_dist_utils_promises.runAsynchronously)(async () => {
+					(0, _hexclave_shared_dist_utils_promises.runAsynchronously)(async () => {
 						const refreshToken = value.refreshToken;
 						const secure = await (0, _________cookie_js.isSecure)();
 						const defaultName = this._getRefreshTokenDefaultCookieNameForSecure(secure);
@@ -892,7 +908,7 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 					if (authorizationHeader) {
 						const authJson = getAuthJsonFromAuthorizationHeaderValue(authorizationHeader);
 						if (authJson != null) {
-							const tokenStore = new _stackframe_stack_shared_dist_utils_stores.Store({
+							const tokenStore = new _hexclave_shared_dist_utils_stores.Store({
 								accessToken: authJson.accessToken,
 								refreshToken: authJson.refreshToken
 							});
@@ -917,10 +933,10 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 					}
 					const cookieHeader = getHeaderValueFromRequestLikeHeaders(tokenStoreInit.headers, "cookie");
 					const parsed = cookie.parseCookie(cookieHeader || "");
-					const res = new _stackframe_stack_shared_dist_utils_stores.Store(this._getTokensFromCookies(parsed));
+					const res = new _hexclave_shared_dist_utils_stores.Store(this._getTokensFromCookies(parsed));
 					this._requestTokenStores.set(tokenStoreInit, res);
 					return res;
-				} else if ("accessToken" in tokenStoreInit || "refreshToken" in tokenStoreInit) return new _stackframe_stack_shared_dist_utils_stores.Store({
+				} else if ("accessToken" in tokenStoreInit || "refreshToken" in tokenStoreInit) return new _hexclave_shared_dist_utils_stores.Store({
 					refreshToken: tokenStoreInit.refreshToken,
 					accessToken: tokenStoreInit.accessToken
 				});
@@ -928,13 +944,13 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 		}
 	}
 	_useTokenStore(overrideTokenStoreInit) {
-		(0, _stackframe_stack_shared_dist_utils_react.suspendIfSsr)();
+		(0, _hexclave_shared_dist_utils_react.suspendIfSsr)();
 		const cookieHelper = (0, _________cookie_js.createBrowserCookieHelper)();
 		return this._getOrCreateTokenStore(cookieHelper, overrideTokenStoreInit);
 	}
 	_getSessionFromTokenStore(tokenStore) {
 		const tokenObj = tokenStore.get();
-		const sessionKey = _stackframe_stack_shared_dist_sessions.InternalSession.calculateSessionKey(tokenObj);
+		const sessionKey = _hexclave_shared_dist_sessions.InternalSession.calculateSessionKey(tokenObj);
 		const existing = sessionKey ? this._sessionsByTokenStoreAndSessionKey.get(tokenStore)?.get(sessionKey) : null;
 		if (existing) return existing;
 		const session = this._interface.createSession({
@@ -978,7 +994,7 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 		return react.default.useSyncExternalStore(subscribe, getSnapshot, getSnapshot);
 	}
 	async _signInToAccountWithTokens(tokens) {
-		if (!("accessToken" in tokens) || !("refreshToken" in tokens)) throw new _stackframe_stack_shared_dist_utils_errors.HexclaveAssertionError("Invalid tokens object; can't sign in with this", { tokens });
+		if (!("accessToken" in tokens) || !("refreshToken" in tokens)) throw new _hexclave_shared_dist_utils_errors.HexclaveAssertionError("Invalid tokens object; can't sign in with this", { tokens });
 		const tokenStore = this._getOrCreateTokenStore(await this._createCookieHelper());
 		tokenStore.set(tokens);
 		const newSession = this._getSessionFromTokenStore(tokenStore);
@@ -1118,13 +1134,13 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 				await app._teamInvitationsCache.refresh([session, crud.id]);
 			},
 			async listUsers() {
-				return _stackframe_stack_shared_dist_utils_results.Result.orThrow(await app._teamMemberProfilesCache.getOrWait([session, crud.id], "write-only")).map((crud) => app._clientTeamUserFromCrud(crud));
+				return _hexclave_shared_dist_utils_results.Result.orThrow(await app._teamMemberProfilesCache.getOrWait([session, crud.id], "write-only")).map((crud) => app._clientTeamUserFromCrud(crud));
 			},
 			useUsers() {
 				return (0, __common_js.useAsyncCache)(app._teamMemberProfilesCache, [session, crud.id], "team.useUsers()").map((crud) => app._clientTeamUserFromCrud(crud));
 			},
 			async listInvitations() {
-				return _stackframe_stack_shared_dist_utils_results.Result.orThrow(await app._teamInvitationsCache.getOrWait([session, crud.id], "write-only")).map((crud) => app._clientSentTeamInvitationFromCrud(session, crud));
+				return _hexclave_shared_dist_utils_results.Result.orThrow(await app._teamInvitationsCache.getOrWait([session, crud.id], "write-only")).map((crud) => app._clientSentTeamInvitationFromCrud(session, crud));
 			},
 			useInvitations() {
 				return (0, __common_js.useAsyncCache)(app._teamInvitationsCache, [session, crud.id], "team.useInvitations()").map((crud) => app._clientSentTeamInvitationFromCrud(session, crud));
@@ -1144,7 +1160,7 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 				return (0, __common_js.useAsyncCache)(app._teamApiKeysCache, [session, crud.id], "team.useApiKeys()").map((crud) => app._clientApiKeyFromCrud(session, crud));
 			},
 			async listApiKeys() {
-				return _stackframe_stack_shared_dist_utils_results.Result.orThrow(await app._teamApiKeysCache.getOrWait([session, crud.id], "write-only")).map((crud) => app._clientApiKeyFromCrud(session, crud));
+				return _hexclave_shared_dist_utils_results.Result.orThrow(await app._teamApiKeysCache.getOrWait([session, crud.id], "write-only")).map((crud) => app._clientApiKeyFromCrud(session, crud));
 			},
 			async createApiKey(options) {
 				const result = await app._interface.createProjectApiKey(await (0, ______api_keys_index_js.apiKeyCreationOptionsToCrud)("team", crud.id, options), session, "client");
@@ -1204,9 +1220,9 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 						allow_connected_accounts: data.allowConnectedAccounts
 					}, session);
 					await Promise.all([app._currentUserOAuthProvidersCache.refresh([session]), app._currentUserConnectedAccountsCache.refresh([session])]);
-					return _stackframe_stack_shared_dist_utils_results.Result.ok(void 0);
+					return _hexclave_shared_dist_utils_results.Result.ok(void 0);
 				} catch (error) {
-					if (_stackframe_stack_shared.KnownErrors.OAuthProviderAccountIdAlreadyUsedForSignIn.isInstance(error)) return _stackframe_stack_shared_dist_utils_results.Result.error(error);
+					if (_hexclave_shared.KnownErrors.OAuthProviderAccountIdAlreadyUsedForSignIn.isInstance(error)) return _hexclave_shared_dist_utils_results.Result.error(error);
 					throw error;
 				}
 			},
@@ -1286,7 +1302,7 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 						return session.isKnownToBeInvalid() ? null : session.getAccessTokenIfNotExpiredYet(2e4, 75e3)?.token ?? null;
 					}, [session]);
 					let accessToken = react.default.useSyncExternalStore(subscribe, getSnapshot, getSnapshot);
-					if (accessToken === null && !session.isKnownToBeInvalid()) accessToken = (0, _stackframe_stack_shared_dist_utils_react.use)(session.getOrFetchLikelyValidTokens(2e4, 75e3))?.accessToken.token ?? null;
+					if (accessToken === null && !session.isKnownToBeInvalid()) accessToken = (0, _hexclave_shared_dist_utils_react.use)(session.getOrFetchLikelyValidTokens(2e4, 75e3))?.accessToken.token ?? null;
 					return {
 						accessToken,
 						refreshToken: session.getRefreshToken()?.token ?? null
@@ -1376,11 +1392,11 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 			const scopeString = options?.scopes?.join(" ") ?? "";
 			if (typeof idOrAccount === "object" && "provider" in idOrAccount && "providerAccountId" in idOrAccount) {
 				const { provider, providerAccountId } = idOrAccount;
-				const found = _stackframe_stack_shared_dist_utils_results.Result.orThrow(await app._currentUserConnectedAccountsCache.getOrWait([session], "write-only")).find((a) => a.provider === provider && a.providerAccountId === providerAccountId);
+				const found = _hexclave_shared_dist_utils_results.Result.orThrow(await app._currentUserConnectedAccountsCache.getOrWait([session], "write-only")).find((a) => a.provider === provider && a.providerAccountId === providerAccountId);
 				if (!found) return null;
 				return found;
 			}
-			return _stackframe_stack_shared_dist_utils_results.Result.orThrow(await app._currentUserOAuthConnectionCache.getOrWait([
+			return _hexclave_shared_dist_utils_results.Result.orThrow(await app._currentUserOAuthConnectionCache.getOrWait([
 				session,
 				idOrAccount,
 				scopeString,
@@ -1419,7 +1435,7 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 			getConnectedAccount,
 			useConnectedAccount,
 			async listConnectedAccounts() {
-				return _stackframe_stack_shared_dist_utils_results.Result.orThrow(await app._currentUserConnectedAccountsCache.getOrWait([session], "write-only"));
+				return _hexclave_shared_dist_utils_results.Result.orThrow(await app._currentUserConnectedAccountsCache.getOrWait([session], "write-only"));
 			},
 			useConnectedAccounts() {
 				return (0, __common_js.useAsyncCache)(app._currentUserConnectedAccountsCache, [session], "user.useConnectedAccounts()");
@@ -1430,16 +1446,16 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 					provider,
 					redirectUrl: app._getOAuthCallbackRedirectUri(),
 					errorRedirectUrl: app.urls.error,
-					providerScope: (0, _stackframe_stack_shared_dist_utils_strings.mergeScopeStrings)(scopeString, (app._oauthScopesOnSignIn[provider] ?? []).join(" "))
+					providerScope: (0, _hexclave_shared_dist_utils_strings.mergeScopeStrings)(scopeString, (app._oauthScopesOnSignIn[provider] ?? []).join(" "))
 				}, session);
 				await app._redirectTo({ url: location });
-				return await (0, _stackframe_stack_shared_dist_utils_promises.neverResolve)();
+				return await (0, _hexclave_shared_dist_utils_promises.neverResolve)();
 			},
 			async getOrLinkConnectedAccount(provider, options) {
-				const matchingAccounts = _stackframe_stack_shared_dist_utils_results.Result.orThrow(await app._currentUserConnectedAccountsCache.getOrWait([session], "write-only")).filter((a) => a.provider === provider);
+				const matchingAccounts = _hexclave_shared_dist_utils_results.Result.orThrow(await app._currentUserConnectedAccountsCache.getOrWait([session], "write-only")).filter((a) => a.provider === provider);
 				for (const account of matchingAccounts) if ((await account.getAccessToken({ scopes: options?.scopes })).status === "ok") return account;
 				await this.linkConnectedAccount(provider, options);
-				return await (0, _stackframe_stack_shared_dist_utils_promises.neverResolve)();
+				return await (0, _hexclave_shared_dist_utils_promises.neverResolve)();
 			},
 			useOrLinkConnectedAccount(provider, options) {
 				const scopeString = options?.scopes?.join(" ") ?? "";
@@ -1459,7 +1475,7 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 				}, [teams, teamId]);
 			},
 			async listTeams() {
-				return _stackframe_stack_shared_dist_utils_results.Result.orThrow(await app._currentUserTeamsCache.getOrWait([session], "write-only")).map((crud) => app._clientTeamFromCrud(crud, session));
+				return _hexclave_shared_dist_utils_results.Result.orThrow(await app._currentUserTeamsCache.getOrWait([session], "write-only")).map((crud) => app._clientTeamFromCrud(crud, session));
 			},
 			useTeams() {
 				const teams = (0, __common_js.useAsyncCache)(app._currentUserTeamsCache, [session], "user.useTeams()");
@@ -1475,7 +1491,7 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 				await app._interface.leaveTeam(team.id, session);
 			},
 			async listTeamInvitations() {
-				return _stackframe_stack_shared_dist_utils_results.Result.orThrow(await app._currentUserTeamInvitationsCache.getOrWait([session], "write-only")).map((crud) => app._clientReceivedTeamInvitationFromCrud(session, crud));
+				return _hexclave_shared_dist_utils_results.Result.orThrow(await app._currentUserTeamInvitationsCache.getOrWait([session], "write-only")).map((crud) => app._clientReceivedTeamInvitationFromCrud(session, crud));
 			},
 			useTeamInvitations() {
 				const invitations = (0, __common_js.useAsyncCache)(app._currentUserTeamInvitationsCache, [session], "user.useTeamInvitations()");
@@ -1485,14 +1501,14 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 				if (scopeOrOptions && "id" in scopeOrOptions) {
 					const scope = scopeOrOptions;
 					const recursive = options?.recursive ?? true;
-					return _stackframe_stack_shared_dist_utils_results.Result.orThrow(await app._currentUserPermissionsCache.getOrWait([
+					return _hexclave_shared_dist_utils_results.Result.orThrow(await app._currentUserPermissionsCache.getOrWait([
 						session,
 						scope.id,
 						recursive
 					], "write-only")).map((crud) => app._clientPermissionFromCrud(crud));
 				} else {
 					const recursive = scopeOrOptions?.recursive ?? true;
-					return _stackframe_stack_shared_dist_utils_results.Result.orThrow(await app._currentUserProjectPermissionsCache.getOrWait([session, recursive], "write-only")).map((crud) => app._clientPermissionFromCrud(crud));
+					return _hexclave_shared_dist_utils_results.Result.orThrow(await app._currentUserProjectPermissionsCache.getOrWait([session, recursive], "write-only")).map((crud) => app._clientPermissionFromCrud(crud));
 				}
 			},
 			usePermissions(scopeOrOptions, options) {
@@ -1544,7 +1560,7 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 				return await app._updateClientUser(update, session);
 			},
 			async sendVerificationEmail(options) {
-				if (!crud.primary_email) throw new _stackframe_stack_shared_dist_utils_errors.HexclaveAssertionError("User does not have a primary email");
+				if (!crud.primary_email) throw new _hexclave_shared_dist_utils_errors.HexclaveAssertionError("User does not have a primary email");
 				return await app._interface.sendVerificationEmail(crud.primary_email, options?.callbackUrl ?? (0, ____________utils_url_js.constructRedirectUrl)(app.urls.emailVerification, "callbackUrl"), session);
 			},
 			async updatePassword(options) {
@@ -1559,7 +1575,7 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 			},
 			selectedTeam: crud.selected_team && this._clientTeamFromCrud(crud.selected_team, session),
 			async getTeamProfile(team) {
-				const result = _stackframe_stack_shared_dist_utils_results.Result.orThrow(await app._currentUserTeamProfileCache.getOrWait([session, team.id], "write-only"));
+				const result = _hexclave_shared_dist_utils_results.Result.orThrow(await app._currentUserTeamProfileCache.getOrWait([session, team.id], "write-only"));
 				return app._editableTeamProfileFromCrud(result, session);
 			},
 			useTeamProfile(team) {
@@ -1571,7 +1587,7 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 				session.markInvalid();
 			},
 			async listContactChannels() {
-				return _stackframe_stack_shared_dist_utils_results.Result.orThrow(await app._clientContactChannelsCache.getOrWait([session], "write-only")).map((crud) => app._clientContactChannelFromCrud(crud, session));
+				return _hexclave_shared_dist_utils_results.Result.orThrow(await app._clientContactChannelsCache.getOrWait([session], "write-only")).map((crud) => app._clientContactChannelFromCrud(crud, session));
 			},
 			useContactChannels() {
 				return (0, __common_js.useAsyncCache)(app._clientContactChannelsCache, [session], "user.useContactChannels()").map((crud) => app._clientContactChannelFromCrud(crud, session));
@@ -1585,7 +1601,7 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 				return (0, __common_js.useAsyncCache)(app._notificationCategoriesCache, [session], "user.useNotificationCategories()").map((crud) => app._clientNotificationCategoryFromCrud(crud, session));
 			},
 			async listNotificationCategories() {
-				return _stackframe_stack_shared_dist_utils_results.Result.orThrow(await app._notificationCategoriesCache.getOrWait([session], "write-only")).map((crud) => app._clientNotificationCategoryFromCrud(crud, session));
+				return _hexclave_shared_dist_utils_results.Result.orThrow(await app._notificationCategoriesCache.getOrWait([session], "write-only")).map((crud) => app._clientNotificationCategoryFromCrud(crud, session));
 			},
 			useApiKeys() {
 				return (0, __common_js.useAsyncCache)(app._userApiKeysCache, [session], "user.useApiKeys()").map((crud) => app._clientApiKeyFromCrud(session, crud));
@@ -1602,7 +1618,7 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 				return (0, __common_js.useAsyncCache)(app._currentUserOAuthProvidersCache, [session], "user.useOAuthProviders()").map((crud) => app._clientOAuthProviderFromCrud(crud, session));
 			},
 			async listOAuthProviders() {
-				return _stackframe_stack_shared_dist_utils_results.Result.orThrow(await app._currentUserOAuthProvidersCache.getOrWait([session], "write-only")).map((crud) => app._clientOAuthProviderFromCrud(crud, session));
+				return _hexclave_shared_dist_utils_results.Result.orThrow(await app._currentUserOAuthProvidersCache.getOrWait([session], "write-only")).map((crud) => app._clientOAuthProviderFromCrud(crud, session));
 			},
 			useOAuthProvider(id) {
 				const providers = this.useOAuthProviders();
@@ -1613,20 +1629,20 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 			},
 			async registerPasskey(options) {
 				const hostname = (await app._getCurrentUrl())?.hostname;
-				if (!hostname) throw new _stackframe_stack_shared_dist_utils_errors.HexclaveAssertionError("hostname must be provided if the Stack App does not have a redirect method");
+				if (!hostname) throw new _hexclave_shared_dist_utils_errors.HexclaveAssertionError("hostname must be provided if the Stack App does not have a redirect method");
 				const initiationResult = await app._interface.initiatePasskeyRegistration({}, session);
-				if (initiationResult.status !== "ok") return _stackframe_stack_shared_dist_utils_results.Result.error(new _stackframe_stack_shared.KnownErrors.PasskeyRegistrationFailed("Failed to get initiation options for passkey registration"));
+				if (initiationResult.status !== "ok") return _hexclave_shared_dist_utils_results.Result.error(new _hexclave_shared.KnownErrors.PasskeyRegistrationFailed("Failed to get initiation options for passkey registration"));
 				const { options_json, code } = initiationResult.data;
-				if (options_json.rp.id !== "THIS_VALUE_WILL_BE_REPLACED.example.com") throw new _stackframe_stack_shared_dist_utils_errors.HexclaveAssertionError(`Expected returned RP ID from server to equal sentinel, but found ${options_json.rp.id}`);
+				if (options_json.rp.id !== "THIS_VALUE_WILL_BE_REPLACED.example.com") throw new _hexclave_shared_dist_utils_errors.HexclaveAssertionError(`Expected returned RP ID from server to equal sentinel, but found ${options_json.rp.id}`);
 				options_json.rp.id = hostname;
 				let attResp;
 				try {
 					attResp = await (0, _simplewebauthn_browser.startRegistration)({ optionsJSON: options_json });
 				} catch (error) {
-					if (error instanceof _simplewebauthn_browser.WebAuthnError) return _stackframe_stack_shared_dist_utils_results.Result.error(new _stackframe_stack_shared.KnownErrors.PasskeyWebAuthnError(error.message, error.name));
+					if (error instanceof _simplewebauthn_browser.WebAuthnError) return _hexclave_shared_dist_utils_results.Result.error(new _hexclave_shared.KnownErrors.PasskeyWebAuthnError(error.message, error.name));
 					else {
-						(0, _stackframe_stack_shared_dist_utils_errors.captureError)("passkey-registration-failed", error);
-						return _stackframe_stack_shared_dist_utils_results.Result.error(new _stackframe_stack_shared.KnownErrors.PasskeyRegistrationFailed("Failed to start passkey registration due to unknown error"));
+						(0, _hexclave_shared_dist_utils_errors.captureError)("passkey-registration-failed", error);
+						return _hexclave_shared_dist_utils_results.Result.error(new _hexclave_shared.KnownErrors.PasskeyRegistrationFailed("Failed to start passkey registration due to unknown error"));
 					}
 				}
 				const registrationResult = await app._interface.registerPasskey({
@@ -1663,7 +1679,7 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 		const customerOptions = type === "user" ? { userId: userIdOrTeamId } : { teamId: userIdOrTeamId };
 		return {
 			async getBilling() {
-				const response = _stackframe_stack_shared_dist_utils_results.Result.orThrow(await app._customerBillingCache.getOrWait([
+				const response = _hexclave_shared_dist_utils_results.Result.orThrow(await app._customerBillingCache.getOrWait([
 					effectiveSession,
 					type,
 					userIdOrTeamId
@@ -1755,17 +1771,17 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 	async getItem(options) {
 		const session = await this._getSession();
 		let crud;
-		if ("userId" in options) crud = _stackframe_stack_shared_dist_utils_results.Result.orThrow(await this._userItemCache.getOrWait([
+		if ("userId" in options) crud = _hexclave_shared_dist_utils_results.Result.orThrow(await this._userItemCache.getOrWait([
 			session,
 			options.userId,
 			options.itemId
 		], "write-only"));
-		else if ("teamId" in options) crud = _stackframe_stack_shared_dist_utils_results.Result.orThrow(await this._teamItemCache.getOrWait([
+		else if ("teamId" in options) crud = _hexclave_shared_dist_utils_results.Result.orThrow(await this._teamItemCache.getOrWait([
 			session,
 			options.teamId,
 			options.itemId
 		], "write-only"));
-		else crud = _stackframe_stack_shared_dist_utils_results.Result.orThrow(await this._customItemCache.getOrWait([
+		else crud = _hexclave_shared_dist_utils_results.Result.orThrow(await this._customItemCache.getOrWait([
 			session,
 			options.customCustomerId,
 			options.itemId
@@ -1785,7 +1801,7 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 	async listProducts(options) {
 		const session = (await this.getUser())?._internalSession ?? await this._getSession();
 		if ("userId" in options) {
-			const response = _stackframe_stack_shared_dist_utils_results.Result.orThrow(await this._userProductsCache.getOrWait([
+			const response = _hexclave_shared_dist_utils_results.Result.orThrow(await this._userProductsCache.getOrWait([
 				session,
 				options.userId,
 				options.cursor ?? null,
@@ -1793,7 +1809,7 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 			], "write-only"));
 			return this._customerProductsFromResponse(response);
 		} else if ("teamId" in options) {
-			const response = _stackframe_stack_shared_dist_utils_results.Result.orThrow(await this._teamProductsCache.getOrWait([
+			const response = _hexclave_shared_dist_utils_results.Result.orThrow(await this._teamProductsCache.getOrWait([
 				session,
 				options.teamId,
 				options.cursor ?? null,
@@ -1801,7 +1817,7 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 			], "write-only"));
 			return this._customerProductsFromResponse(response);
 		}
-		const response = _stackframe_stack_shared_dist_utils_results.Result.orThrow(await this._customProductsCache.getOrWait([
+		const response = _hexclave_shared_dist_utils_results.Result.orThrow(await this._customProductsCache.getOrWait([
 			session,
 			options.customCustomerId,
 			options.cursor ?? null,
@@ -1812,7 +1828,7 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 	async listInvoices(options) {
 		const session = await this._getSession();
 		if ("userId" in options) {
-			const response = _stackframe_stack_shared_dist_utils_results.Result.orThrow(await this._userInvoicesCache.getOrWait([
+			const response = _hexclave_shared_dist_utils_results.Result.orThrow(await this._userInvoicesCache.getOrWait([
 				session,
 				options.userId,
 				options.cursor ?? null,
@@ -1820,7 +1836,7 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 			], "write-only"));
 			return this._customerInvoicesFromResponse(response);
 		}
-		const response = _stackframe_stack_shared_dist_utils_results.Result.orThrow(await this._teamInvoicesCache.getOrWait([
+		const response = _hexclave_shared_dist_utils_results.Result.orThrow(await this._teamInvoicesCache.getOrWait([
 			session,
 			options.teamId,
 			options.cursor ?? null,
@@ -1831,7 +1847,7 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 	async cancelSubscription(options) {
 		const session = await this._getSession();
 		const user = await this.getUser();
-		if (!user) throw new _stackframe_stack_shared.KnownErrors.UserAuthenticationRequired();
+		if (!user) throw new _hexclave_shared.KnownErrors.UserAuthenticationRequired();
 		const customerType = "teamId" in options ? "team" : "user";
 		const customerId = "teamId" in options ? options.teamId : user.id;
 		await this._interface.cancelSubscription({
@@ -1900,7 +1916,7 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 		return __common_js.clientVersion;
 	}
 	_getBotChallengeSiteKeys() {
-		if (!(0, _stackframe_stack_shared_dist_utils_env.isBrowserLike)()) return null;
+		if (!(0, _hexclave_shared_dist_utils_env.isBrowserLike)()) return null;
 		const visibleSiteKey = _________env_js.envVars.NEXT_PUBLIC_STACK_BOT_CHALLENGE_SITE_KEY;
 		if (!visibleSiteKey) {
 			if (!this._botChallengeSiteKeysWarned) {
@@ -1915,23 +1931,23 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 		};
 	}
 	_getBotChallengeFlowFailure(error) {
-		if (error instanceof _stackframe_stack_shared_dist_utils_turnstile_flow.BotChallengeUserCancelledError) return {
+		if (error instanceof _hexclave_shared_dist_utils_turnstile_flow.BotChallengeUserCancelledError) return {
 			type: "cancelled",
-			knownError: new _stackframe_stack_shared.KnownErrors.BotChallengeFailed("Bot challenge cancelled by user")
+			knownError: new _hexclave_shared.KnownErrors.BotChallengeFailed("Bot challenge cancelled by user")
 		};
-		if (error instanceof _stackframe_stack_shared_dist_utils_turnstile_flow.BotChallengeExecutionFailedError) return {
+		if (error instanceof _hexclave_shared_dist_utils_turnstile_flow.BotChallengeExecutionFailedError) return {
 			type: "failed",
-			knownError: new _stackframe_stack_shared.KnownErrors.BotChallengeFailed(error.message)
+			knownError: new _hexclave_shared.KnownErrors.BotChallengeFailed(error.message)
 		};
 		return null;
 	}
 	_normalizeBotChallengeResult(result) {
 		if (result.status === "ok") return result;
-		if (_stackframe_stack_shared.KnownErrors.BotChallengeRequired.isInstance(result.error)) {
-			(0, _stackframe_stack_shared_dist_utils_errors.captureError)("bot-challenge-unexpected-after-flow", result.error);
-			return _stackframe_stack_shared_dist_utils_results.Result.error(new _stackframe_stack_shared.KnownErrors.BotChallengeFailed("Unexpected bot challenge after flow completion"));
+		if (_hexclave_shared.KnownErrors.BotChallengeRequired.isInstance(result.error)) {
+			(0, _hexclave_shared_dist_utils_errors.captureError)("bot-challenge-unexpected-after-flow", result.error);
+			return _hexclave_shared_dist_utils_results.Result.error(new _hexclave_shared.KnownErrors.BotChallengeFailed("Unexpected bot challenge after flow completion"));
 		}
-		return _stackframe_stack_shared_dist_utils_results.Result.error(result.error);
+		return _hexclave_shared_dist_utils_results.Result.error(result.error);
 	}
 	_toInterfaceBotChallengeInput(challenge) {
 		if (challenge.unavailable) return { phase: "visible" };
@@ -1944,25 +1960,25 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 		const siteKeys = this._getBotChallengeSiteKeys();
 		let result;
 		try {
-			if (siteKeys) result = await (0, _stackframe_stack_shared_dist_utils_turnstile_flow.withBotChallengeFlow)({
+			if (siteKeys) result = await (0, _hexclave_shared_dist_utils_turnstile_flow.withBotChallengeFlow)({
 				...siteKeys,
 				action: options.action,
 				execute: options.execute,
 				isChallengeRequired: (flowResult) => {
-					return flowResult.status === "error" && _stackframe_stack_shared.KnownErrors.BotChallengeRequired.isInstance(flowResult.error);
+					return flowResult.status === "error" && _hexclave_shared.KnownErrors.BotChallengeRequired.isInstance(flowResult.error);
 				}
 			});
 			else result = await options.execute({});
 		} catch (e) {
 			const flowFailure = this._getBotChallengeFlowFailure(e);
-			if (flowFailure) return _stackframe_stack_shared_dist_utils_results.Result.error(flowFailure.knownError);
+			if (flowFailure) return _hexclave_shared_dist_utils_results.Result.error(flowFailure.knownError);
 			throw e;
 		}
 		return this._normalizeBotChallengeResult(result);
 	}
 	async _isTrusted(url) {
-		if ((0, _stackframe_stack_shared_dist_utils_urls.isRelative)(url)) return true;
-		const parsedUrl = (0, _stackframe_stack_shared_dist_utils_urls.createUrlIfValid)(url);
+		if ((0, _hexclave_shared_dist_utils_urls.isRelative)(url)) return true;
+		const parsedUrl = (0, _hexclave_shared_dist_utils_urls.createUrlIfValid)(url);
 		if (parsedUrl == null) return false;
 		if (typeof window !== "undefined" && window.location.origin === parsedUrl.origin) return true;
 		if ((0, ______url_targets_js.isHostedHandlerUrlForProject)({
@@ -1970,7 +1986,7 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 			projectId: this.projectId
 		})) return true;
 		const trustedRedirectConfig = await this._getTrustedRedirectConfig();
-		return (0, _stackframe_stack_shared_dist_utils_redirect_urls.validateRedirectUrl)(parsedUrl, {
+		return (0, _hexclave_shared_dist_utils_redirect_urls.validateRedirectUrl)(parsedUrl, {
 			allowLocalhost: trustedRedirectConfig.allowLocalhost,
 			trustedDomains: trustedRedirectConfig.trustedDomains
 		});
@@ -1980,11 +1996,11 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 	}
 	_prefetchCrossDomainHandoffParamsIfNeeded() {
 		const canWriteOauthVerifierCookie = this._tokenStoreInit === "cookie" || this._tokenStoreInit === "nextjs-cookie";
-		if (!(0, _stackframe_stack_shared_dist_utils_env.isBrowserLike)() || !canWriteOauthVerifierCookie || this._isPrefetchingCrossDomainHandoffParams || this._getFreshPrefetchedCrossDomainHandoffParams() != null) return;
+		if (!(0, _hexclave_shared_dist_utils_env.isBrowserLike)() || !canWriteOauthVerifierCookie || this._isPrefetchingCrossDomainHandoffParams || this._getFreshPrefetchedCrossDomainHandoffParams() != null) return;
 		this._isPrefetchingCrossDomainHandoffParams = true;
-		(0, _stackframe_stack_shared_dist_utils_promises.runAsynchronously)(async () => {
+		(0, _hexclave_shared_dist_utils_promises.runAsynchronously)(async () => {
 			try {
-				if (!(0, _stackframe_stack_shared_dist_utils_env.isBrowserLike)()) return;
+				if (!(0, _hexclave_shared_dist_utils_env.isBrowserLike)()) return;
 				const { state, codeChallenge } = await (0, _________cookie_js.saveVerifierAndState)();
 				this._prefetchedCrossDomainHandoffParams = {
 					state,
@@ -2046,10 +2062,10 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 		}, session);
 		if (!response.ok) {
 			const responseBody = await response.text();
-			throw new _stackframe_stack_shared_dist_utils_errors.HexclaveAssertionError(`Cross-domain authorization endpoint failed: ${response.status} ${responseBody}`);
+			throw new _hexclave_shared_dist_utils_errors.HexclaveAssertionError(`Cross-domain authorization endpoint failed: ${response.status} ${responseBody}`);
 		}
 		const result = await response.json();
-		if (!("redirect_url" in result) || typeof result.redirect_url !== "string") throw new _stackframe_stack_shared_dist_utils_errors.HexclaveAssertionError("Cross-domain authorization endpoint returned an invalid payload", { result });
+		if (!("redirect_url" in result) || typeof result.redirect_url !== "string") throw new _hexclave_shared_dist_utils_errors.HexclaveAssertionError("Cross-domain authorization endpoint returned an invalid payload", { result });
 		return result.redirect_url;
 	}
 	_getFreshPrefetchedCrossDomainHandoffParams() {
@@ -2071,7 +2087,7 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 		else if (typeof this._redirectMethod === "object" && this._redirectMethod.navigate) this._redirectMethod.navigate(options.url.toString());
 		else if (options.replace) window.location.replace(options.url);
 		else window.location.assign(options.url);
-		await (0, _stackframe_stack_shared_dist_utils_promises.wait)(2e3);
+		await (0, _hexclave_shared_dist_utils_promises.wait)(2e3);
 	}
 	useNavigate() {
 		if (typeof this._redirectMethod === "object") return this._redirectMethod.useNavigate();
@@ -2211,8 +2227,8 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 			code,
 			session: await this._getSession()
 		});
-		if (result.status === "ok") return _stackframe_stack_shared_dist_utils_results.Result.ok(void 0);
-		else return _stackframe_stack_shared_dist_utils_results.Result.error(result.error);
+		if (result.status === "ok") return _hexclave_shared_dist_utils_results.Result.ok(void 0);
+		else return _hexclave_shared_dist_utils_results.Result.error(result.error);
 	}
 	async getTeamInvitationDetails(code) {
 		const result = await this._interface.acceptTeamInvitation({
@@ -2220,8 +2236,8 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 			code,
 			session: await this._getSession()
 		});
-		if (result.status === "ok") return _stackframe_stack_shared_dist_utils_results.Result.ok({ teamDisplayName: result.data.team_display_name });
-		else return _stackframe_stack_shared_dist_utils_results.Result.error(result.error);
+		if (result.status === "ok") return _hexclave_shared_dist_utils_results.Result.ok({ teamDisplayName: result.data.team_display_name });
+		else return _hexclave_shared_dist_utils_results.Result.error(result.error);
 	}
 	async verifyEmail(code) {
 		const result = await this._interface.verifyEmail(code);
@@ -2233,7 +2249,7 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 		if (options?.or === "anonymous" && options.includeRestricted === false) throw new Error("Cannot use { or: 'anonymous' } with { includeRestricted: false }. Anonymous users implicitly include restricted users.");
 		this._ensurePersistentTokenStore(options?.tokenStore);
 		const session = await this._getSession(options?.tokenStore);
-		let crud = _stackframe_stack_shared_dist_utils_results.Result.orThrow(await this._currentUserCache.getOrWait([session], "write-only"));
+		let crud = _hexclave_shared_dist_utils_results.Result.orThrow(await this._currentUserCache.getOrWait([session], "write-only"));
 		const includeAnonymous = options?.or === "anonymous" || options?.or === "anonymous-if-exists[deprecated]";
 		const includeRestricted = options?.includeRestricted === true || includeAnonymous;
 		if (crud === null || crud.is_anonymous && !includeAnonymous || crud.is_restricted && !includeRestricted) switch (options?.or) {
@@ -2248,7 +2264,7 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 					tokenStore: tokens,
 					or: "anonymous-if-exists[deprecated]",
 					includeRestricted: true
-				}) ?? (0, _stackframe_stack_shared_dist_utils_errors.throwErr)("Something went wrong while signing up anonymously");
+				}) ?? (0, _hexclave_shared_dist_utils_errors.throwErr)("Something went wrong while signing up anonymously");
 			}
 			case void 0:
 			case "anonymous-if-exists[deprecated]":
@@ -2266,18 +2282,18 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 		if (crud === null || crud.is_anonymous && !includeAnonymous || crud.is_restricted && !includeRestricted) switch (options?.or) {
 			case "redirect":
 				if (!crud?.is_anonymous && crud?.is_restricted) {
-					if (!this._redirectToHandlerDuringRender("onboarding", { replace: true })) (0, _stackframe_stack_shared_dist_utils_promises.runAsynchronously)(this.redirectToOnboarding({ replace: true }));
-				} else if (!this._redirectToHandlerDuringRender("signIn", { replace: true })) (0, _stackframe_stack_shared_dist_utils_promises.runAsynchronously)(this.redirectToSignIn({ replace: true }));
-				(0, _stackframe_stack_shared_dist_utils_react.suspend)();
-				throw new _stackframe_stack_shared_dist_utils_errors.HexclaveAssertionError("suspend should never return");
+					if (!this._redirectToHandlerDuringRender("onboarding", { replace: true })) (0, _hexclave_shared_dist_utils_promises.runAsynchronously)(this.redirectToOnboarding({ replace: true }));
+				} else if (!this._redirectToHandlerDuringRender("signIn", { replace: true })) (0, _hexclave_shared_dist_utils_promises.runAsynchronously)(this.redirectToSignIn({ replace: true }));
+				(0, _hexclave_shared_dist_utils_react.suspend)();
+				throw new _hexclave_shared_dist_utils_errors.HexclaveAssertionError("suspend should never return");
 			case "throw": throw new Error("User is not signed in but useUser was called with { or: 'throw' }");
 			case "anonymous":
-				(0, _stackframe_stack_shared_dist_utils_promises.runAsynchronously)(async () => {
+				(0, _hexclave_shared_dist_utils_promises.runAsynchronously)(async () => {
 					await this._signUpAnonymously();
 					if (typeof window !== "undefined") window.location.reload();
 				});
-				(0, _stackframe_stack_shared_dist_utils_react.suspend)();
-				throw new _stackframe_stack_shared_dist_utils_errors.HexclaveAssertionError("suspend should never return");
+				(0, _hexclave_shared_dist_utils_react.suspend)();
+				throw new _hexclave_shared_dist_utils_errors.HexclaveAssertionError("suspend should never return");
 			case void 0:
 			case "anonymous-if-exists[deprecated]":
 			case "return-null":
@@ -2383,12 +2399,12 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 		};
 		let authorizeResult;
 		try {
-			if (siteKeys) authorizeResult = await (0, _stackframe_stack_shared_dist_utils_turnstile_flow.withBotChallengeFlow)({
+			if (siteKeys) authorizeResult = await (0, _hexclave_shared_dist_utils_turnstile_flow.withBotChallengeFlow)({
 				...siteKeys,
 				action: "oauth_authenticate",
 				execute: executeOAuth,
 				isChallengeRequired: (result) => {
-					return result.status === "error" && _stackframe_stack_shared.KnownErrors.BotChallengeRequired.isInstance(result.error);
+					return result.status === "error" && _hexclave_shared.KnownErrors.BotChallengeRequired.isInstance(result.error);
 				}
 			});
 			else authorizeResult = await executeOAuth({});
@@ -2398,17 +2414,17 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 			if (flowFailure?.type === "failed") throw flowFailure.knownError;
 			throw e;
 		}
-		const location = _stackframe_stack_shared_dist_utils_results.Result.orThrow(authorizeResult);
+		const location = _hexclave_shared_dist_utils_results.Result.orThrow(authorizeResult);
 		await this._redirectTo({ url: location });
-		await (0, _stackframe_stack_shared_dist_utils_promises.neverResolve)();
+		await (0, _hexclave_shared_dist_utils_promises.neverResolve)();
 	}
 	/**
 	* Handles MFA verification by redirecting to the OTP page
 	*/
 	async _experimentalMfa(error, session) {
-		if (typeof window !== "undefined") window.sessionStorage.setItem("hexclave_mfa_attempt_code", error.details?.attempt_code ?? (0, _stackframe_stack_shared_dist_utils_errors.throwErr)("attempt code missing"));
+		if (typeof window !== "undefined") window.sessionStorage.setItem("hexclave_mfa_attempt_code", error.details?.attempt_code ?? (0, _hexclave_shared_dist_utils_errors.throwErr)("attempt code missing"));
 		await this.redirectToMfa();
-		throw new _stackframe_stack_shared_dist_utils_errors.HexclaveAssertionError("we should have redirected in redirectToMfa()");
+		throw new _hexclave_shared_dist_utils_errors.HexclaveAssertionError("we should have redirected in redirectToMfa()");
 	}
 	/**
 	* @deprecated
@@ -2418,7 +2434,7 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 		try {
 			return await callback();
 		} catch (e) {
-			if (_stackframe_stack_shared.KnownErrors.MultiFactorAuthenticationRequired.isInstance(e)) return _stackframe_stack_shared_dist_utils_results.Result.ok(await this._experimentalMfa(e, await this._getSession(void 0, { awaitPendingAuthResolutions: false })));
+			if (_hexclave_shared.KnownErrors.MultiFactorAuthenticationRequired.isInstance(e)) return _hexclave_shared_dist_utils_results.Result.ok(await this._experimentalMfa(e, await this._getSession(void 0, { awaitPendingAuthResolutions: false })));
 			throw e;
 		}
 	}
@@ -2431,25 +2447,25 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 				return await this._interface.signInWithCredential(options.email, options.password, session);
 			});
 		} catch (e) {
-			if (_stackframe_stack_shared.KnownErrors.InvalidTotpCode.isInstance(e)) return _stackframe_stack_shared_dist_utils_results.Result.error(e);
+			if (_hexclave_shared.KnownErrors.InvalidTotpCode.isInstance(e)) return _hexclave_shared_dist_utils_results.Result.error(e);
 			throw e;
 		}
 		if (result.status === "ok") {
 			await this._signInToAccountWithTokens(result.data);
 			if (!options.noRedirect) await this._redirectToHandler("afterSignIn", { replace: true }, { overrideTokenStoreInit: this._getTokenStoreInitForFreshTokens(result.data) });
-			return _stackframe_stack_shared_dist_utils_results.Result.ok(void 0);
-		} else return _stackframe_stack_shared_dist_utils_results.Result.error(result.error);
+			return _hexclave_shared_dist_utils_results.Result.ok(void 0);
+		} else return _hexclave_shared_dist_utils_results.Result.error(result.error);
 	}
 	async signUpWithCredential(options) {
-		if (options.noVerificationCallback && options.verificationCallbackUrl) throw new _stackframe_stack_shared_dist_utils_errors.HexclaveAssertionError("verificationCallbackUrl is not allowed when noVerificationCallback is true");
+		if (options.noVerificationCallback && options.verificationCallbackUrl) throw new _hexclave_shared_dist_utils_errors.HexclaveAssertionError("verificationCallbackUrl is not allowed when noVerificationCallback is true");
 		this._ensurePersistentTokenStore();
 		const session = await this._getSession();
 		const emailVerificationRedirectUrl = options.noVerificationCallback ? void 0 : options.verificationCallbackUrl ?? (0, ____________utils_url_js.constructRedirectUrl)(this.urls.emailVerification, "verificationCallbackUrl");
 		const executeSignUp = async (challenge) => {
 			let result = await this._interface.signUpWithCredential(options.email, options.password, emailVerificationRedirectUrl, session, this._toInterfaceBotChallengeInput(challenge));
-			if (result.status === "error" && result.error instanceof _stackframe_stack_shared.KnownErrors.RedirectUrlNotWhitelisted && emailVerificationRedirectUrl !== void 0) {
+			if (result.status === "error" && result.error instanceof _hexclave_shared.KnownErrors.RedirectUrlNotWhitelisted && emailVerificationRedirectUrl !== void 0) {
 				if (!options.verificationCallbackUrl) {
-					(0, _stackframe_stack_shared_dist_utils_errors.captureError)("signup-verification-url-not-whitelisted", new _stackframe_stack_shared_dist_utils_errors.HexclaveAssertionError("The auto-constructed verification callback URL is not whitelisted; proceeding without email verification", { emailVerificationRedirectUrl }));
+					(0, _hexclave_shared_dist_utils_errors.captureError)("signup-verification-url-not-whitelisted", new _hexclave_shared_dist_utils_errors.HexclaveAssertionError("The auto-constructed verification callback URL is not whitelisted; proceeding without email verification", { emailVerificationRedirectUrl }));
 					result = await this._interface.signUpWithCredential(options.email, options.password, void 0, session, this._toInterfaceBotChallengeInput(challenge));
 				}
 			}
@@ -2463,8 +2479,8 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 		if (result.status === "ok") {
 			await this._signInToAccountWithTokens(result.data);
 			if (!options.noRedirect) await this._redirectToHandler("afterSignUp", { replace: true }, { overrideTokenStoreInit: this._getTokenStoreInitForFreshTokens(result.data) });
-			return _stackframe_stack_shared_dist_utils_results.Result.ok(void 0);
-		} else return _stackframe_stack_shared_dist_utils_results.Result.error(result.error);
+			return _hexclave_shared_dist_utils_results.Result.ok(void 0);
+		} else return _hexclave_shared_dist_utils_results.Result.error(result.error);
 	}
 	async _signUpAnonymously() {
 		this._ensurePersistentTokenStore();
@@ -2473,7 +2489,7 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 			const session = await this._getSession();
 			const result = await this._interface.signUpAnonymously(session);
 			if (result.status === "ok") await this._signInToAccountWithTokens(result.data);
-			else throw new _stackframe_stack_shared_dist_utils_errors.HexclaveAssertionError("signUpAnonymously() should never return an error");
+			else throw new _hexclave_shared_dist_utils_errors.HexclaveAssertionError("signUpAnonymously() should never return an error");
 			this._anonymousSignUpInProgress = null;
 			return result.data;
 		})();
@@ -2488,7 +2504,7 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 				return await this._interface.signInWithMagicLink(code, session);
 			});
 		} catch (e) {
-			if (_stackframe_stack_shared.KnownErrors.InvalidTotpCode.isInstance(e)) return _stackframe_stack_shared_dist_utils_results.Result.error(e);
+			if (_hexclave_shared.KnownErrors.InvalidTotpCode.isInstance(e)) return _hexclave_shared_dist_utils_results.Result.error(e);
 			throw e;
 		}
 		if (result.status === "ok") {
@@ -2501,8 +2517,8 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 				awaitPendingAuthResolutions: false,
 				overrideTokenStoreInit: this._getTokenStoreInitForFreshTokens(result.data)
 			});
-			return _stackframe_stack_shared_dist_utils_results.Result.ok(void 0);
-		} else return _stackframe_stack_shared_dist_utils_results.Result.error(result.error);
+			return _hexclave_shared_dist_utils_results.Result.ok(void 0);
+		} else return _hexclave_shared_dist_utils_results.Result.error(result.error);
 	}
 	/**
 	* Initiates a CLI authentication process that allows a command line application
@@ -2533,7 +2549,7 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 				...options.anonRefreshToken != null ? { anon_refresh_token: options.anonRefreshToken } : {}
 			})
 		}, null);
-		if (!response.ok) return _stackframe_stack_shared_dist_utils_results.Result.error(new _stackframe_stack_shared.KnownErrors.CliAuthError(`Failed to initiate CLI auth: ${response.status} ${await response.text()}`));
+		if (!response.ok) return _hexclave_shared_dist_utils_results.Result.error(new _hexclave_shared.KnownErrors.CliAuthError(`Failed to initiate CLI auth: ${response.status} ${await response.text()}`));
 		const initResult = await response.json();
 		const pollingCode = initResult.polling_code;
 		const loginCode = initResult.login_code;
@@ -2555,18 +2571,18 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 				headers: { "Content-Type": "application/json" },
 				body: JSON.stringify({ polling_code: pollingCode })
 			}, null);
-			if (!pollResponse.ok) return _stackframe_stack_shared_dist_utils_results.Result.error(new _stackframe_stack_shared.KnownErrors.CliAuthError(`Failed to initiate CLI auth: ${pollResponse.status} ${await pollResponse.text()}`));
+			if (!pollResponse.ok) return _hexclave_shared_dist_utils_results.Result.error(new _hexclave_shared.KnownErrors.CliAuthError(`Failed to initiate CLI auth: ${pollResponse.status} ${await pollResponse.text()}`));
 			const pollResult = await pollResponse.json();
-			if (pollResponse.status === 201 && pollResult.status === "success") return _stackframe_stack_shared_dist_utils_results.Result.ok(pollResult.refresh_token);
+			if (pollResponse.status === 201 && pollResult.status === "success") return _hexclave_shared_dist_utils_results.Result.ok(pollResult.refresh_token);
 			if (pollResult.status === "waiting") {
-				await (0, _stackframe_stack_shared_dist_utils_promises.wait)(options.waitTimeMillis ?? 2e3);
+				await (0, _hexclave_shared_dist_utils_promises.wait)(options.waitTimeMillis ?? 2e3);
 				continue;
 			}
-			if (pollResult.status === "expired") return _stackframe_stack_shared_dist_utils_results.Result.error(new _stackframe_stack_shared.KnownErrors.CliAuthExpiredError("CLI authentication request expired. Please try again."));
-			if (pollResult.status === "used") return _stackframe_stack_shared_dist_utils_results.Result.error(new _stackframe_stack_shared.KnownErrors.CliAuthUsedError("This authentication token has already been used."));
-			return _stackframe_stack_shared_dist_utils_results.Result.error(new _stackframe_stack_shared.KnownErrors.CliAuthError(`Unexpected status from CLI auth polling: ${pollResult.status}`));
+			if (pollResult.status === "expired") return _hexclave_shared_dist_utils_results.Result.error(new _hexclave_shared.KnownErrors.CliAuthExpiredError("CLI authentication request expired. Please try again."));
+			if (pollResult.status === "used") return _hexclave_shared_dist_utils_results.Result.error(new _hexclave_shared.KnownErrors.CliAuthUsedError("This authentication token has already been used."));
+			return _hexclave_shared_dist_utils_results.Result.error(new _hexclave_shared.KnownErrors.CliAuthError(`Unexpected status from CLI auth polling: ${pollResult.status}`));
 		}
-		return _stackframe_stack_shared_dist_utils_results.Result.error(new _stackframe_stack_shared.KnownErrors.CliAuthError("Timed out waiting for CLI authentication."));
+		return _hexclave_shared_dist_utils_results.Result.error(new _hexclave_shared.KnownErrors.CliAuthError("Timed out waiting for CLI authentication."));
 	}
 	async signInWithMfa(totp, code, options) {
 		this._ensurePersistentTokenStore();
@@ -2577,16 +2593,16 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 				return await this._interface.signInWithMfa(totp, code, session);
 			});
 		} catch (e) {
-			if (e instanceof _stackframe_stack_shared.KnownErrors.InvalidTotpCode) return _stackframe_stack_shared_dist_utils_results.Result.error(e);
+			if (e instanceof _hexclave_shared.KnownErrors.InvalidTotpCode) return _hexclave_shared_dist_utils_results.Result.error(e);
 			throw e;
 		}
 		if (result.status === "ok") {
 			await this._signInToAccountWithTokens(result.data);
 			if (!options?.noRedirect) if (result.data.newUser) await this._redirectToHandler("afterSignUp", { replace: true }, { overrideTokenStoreInit: this._getTokenStoreInitForFreshTokens(result.data) });
 			else await this._redirectToHandler("afterSignIn", { replace: true }, { overrideTokenStoreInit: this._getTokenStoreInitForFreshTokens(result.data) });
-			return _stackframe_stack_shared_dist_utils_results.Result.ok(void 0);
+			return _hexclave_shared_dist_utils_results.Result.ok(void 0);
 		}
-		return _stackframe_stack_shared_dist_utils_results.Result.error(result.error);
+		return _hexclave_shared_dist_utils_results.Result.error(result.error);
 	}
 	async signInWithPasskey() {
 		this._ensurePersistentTokenStore();
@@ -2595,9 +2611,9 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 		try {
 			result = await this._catchMfaRequiredError(async () => {
 				const initiationResult = await this._interface.initiatePasskeyAuthentication({}, session);
-				if (initiationResult.status !== "ok") return _stackframe_stack_shared_dist_utils_results.Result.error(new _stackframe_stack_shared.KnownErrors.PasskeyAuthenticationFailed("Failed to get initiation options for passkey authentication"));
+				if (initiationResult.status !== "ok") return _hexclave_shared_dist_utils_results.Result.error(new _hexclave_shared.KnownErrors.PasskeyAuthenticationFailed("Failed to get initiation options for passkey authentication"));
 				const { options_json, code } = initiationResult.data;
-				if (options_json.rpId !== "THIS_VALUE_WILL_BE_REPLACED.example.com") throw new _stackframe_stack_shared_dist_utils_errors.HexclaveAssertionError(`Expected returned RP ID from server to equal sentinel, but found ${options_json.rpId}`);
+				if (options_json.rpId !== "THIS_VALUE_WILL_BE_REPLACED.example.com") throw new _hexclave_shared_dist_utils_errors.HexclaveAssertionError(`Expected returned RP ID from server to equal sentinel, but found ${options_json.rpId}`);
 				options_json.rpId = window.location.hostname;
 				const authentication_response = await (0, _simplewebauthn_browser.startAuthentication)({ optionsJSON: options_json });
 				return await this._interface.signInWithPasskey({
@@ -2606,14 +2622,14 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 				}, session);
 			});
 		} catch (error) {
-			if (error instanceof _simplewebauthn_browser.WebAuthnError) return _stackframe_stack_shared_dist_utils_results.Result.error(new _stackframe_stack_shared.KnownErrors.PasskeyWebAuthnError(error.message, error.name));
-			else return _stackframe_stack_shared_dist_utils_results.Result.error(new _stackframe_stack_shared.KnownErrors.PasskeyAuthenticationFailed("Failed to sign in with passkey"));
+			if (error instanceof _simplewebauthn_browser.WebAuthnError) return _hexclave_shared_dist_utils_results.Result.error(new _hexclave_shared.KnownErrors.PasskeyWebAuthnError(error.message, error.name));
+			else return _hexclave_shared_dist_utils_results.Result.error(new _hexclave_shared.KnownErrors.PasskeyAuthenticationFailed("Failed to sign in with passkey"));
 		}
 		if (result.status === "ok") {
 			await this._signInToAccountWithTokens(result.data);
 			await this._redirectToHandler("afterSignIn", { replace: true }, { overrideTokenStoreInit: this._getTokenStoreInitForFreshTokens(result.data) });
-			return _stackframe_stack_shared_dist_utils_results.Result.ok(void 0);
-		} else return _stackframe_stack_shared_dist_utils_results.Result.error(result.error);
+			return _hexclave_shared_dist_utils_results.Result.ok(void 0);
+		} else return _hexclave_shared_dist_utils_results.Result.error(result.error);
 	}
 	async callOAuthCallback(options) {
 		if (typeof window === "undefined") throw new Error("callOAuthCallback can currently only be called in a browser environment");
@@ -2631,7 +2647,7 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 				return await (0, _________auth_js.callOAuthCallback)(this._interface, oauthCallbackRedirectUri, options);
 			});
 		} catch (e) {
-			if (_stackframe_stack_shared.KnownErrors.InvalidTotpCode.isInstance(e)) {
+			if (_hexclave_shared.KnownErrors.InvalidTotpCode.isInstance(e)) {
 				alert("Invalid TOTP code. Please try signing in again.");
 				return false;
 			} else throw e;
@@ -2664,7 +2680,7 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 	async _signOut(session, options) {
 		this._eventTracker?.clearBuffer();
 		this._sessionRecorder?.clearBuffer();
-		await _stackframe_stack_shared_dist_utils_stores.storeLock.withWriteLock(async () => {
+		await _hexclave_shared_dist_utils_stores.storeLock.withWriteLock(async () => {
 			await this._interface.signOut(session);
 			if (options?.redirectUrl) await this._redirectTo({
 				url: options.redirectUrl,
@@ -2726,7 +2742,7 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 		};
 	}
 	async getProject() {
-		const crud = _stackframe_stack_shared_dist_utils_results.Result.orThrow(await this._currentProjectCache.getOrWait([], "write-only"));
+		const crud = _hexclave_shared_dist_utils_results.Result.orThrow(await this._currentProjectCache.getOrWait([], "write-only"));
 		return this._clientProjectFromCrud(crud);
 	}
 	useProject() {
@@ -2735,7 +2751,7 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 	}
 	async _listOwnedProjects(session) {
 		this._ensureInternalProject();
-		return _stackframe_stack_shared_dist_utils_results.Result.orThrow(await this._ownedProjectsCache.getOrWait([session], "write-only")).map((j) => this._getOwnedAdminApp(j.id, session)._adminOwnedProjectFromCrud(j, () => this._refreshOwnedProjects(session)));
+		return _hexclave_shared_dist_utils_results.Result.orThrow(await this._ownedProjectsCache.getOrWait([session], "write-only")).map((j) => this._getOwnedAdminApp(j.id, session)._adminOwnedProjectFromCrud(j, () => this._refreshOwnedProjects(session)));
 	}
 	_useOwnedProjects(session) {
 		this._ensureInternalProject();
@@ -2765,17 +2781,17 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 	}
 	static get [______common_js.stackAppInternalsSymbol]() {
 		return { fromClientJson: (json) => {
-			const providedCheckString = JSON.stringify((0, _stackframe_stack_shared_dist_utils_objects.omit)(json, []));
+			const providedCheckString = JSON.stringify((0, _hexclave_shared_dist_utils_objects.omit)(json, []));
 			const existing = allClientApps.get(json.uniqueIdentifier);
 			if (existing) {
 				const [existingCheckString, clientApp] = existing;
-				if (existingCheckString !== void 0 && existingCheckString !== providedCheckString) throw new _stackframe_stack_shared_dist_utils_errors.HexclaveAssertionError("The provided app JSON does not match the configuration of the existing client app with the same unique identifier", {
+				if (existingCheckString !== void 0 && existingCheckString !== providedCheckString) throw new _hexclave_shared_dist_utils_errors.HexclaveAssertionError("The provided app JSON does not match the configuration of the existing client app with the same unique identifier", {
 					providedObj: json,
 					existingString: existingCheckString
 				});
 				return clientApp;
 			}
-			const { analytics, ...restJson } = (0, _stackframe_stack_shared_dist_utils_objects.omit)(json, ["uniqueIdentifier"]);
+			const { analytics, ...restJson } = (0, _hexclave_shared_dist_utils_objects.omit)(json, ["uniqueIdentifier"]);
 			return new _StackClientAppImplIncomplete({
 				...restJson,
 				analytics: (0, __session_replay_js.analyticsOptionsFromJson)(analytics)
@@ -2788,7 +2804,7 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 	get [______common_js.stackAppInternalsSymbol]() {
 		return {
 			toClientJson: () => {
-				if (typeof this._redirectMethod !== "string") throw new _stackframe_stack_shared_dist_utils_errors.HexclaveAssertionError("Cannot serialize to JSON from an application with a non-string redirect method");
+				if (typeof this._redirectMethod !== "string") throw new _hexclave_shared_dist_utils_errors.HexclaveAssertionError("Cannot serialize to JSON from an application with a non-string redirect method");
 				const publishableClientKey = "publishableClientKey" in this._interface.options ? this._interface.options.publishableClientKey : void 0;
 				return {
 					baseUrl: this._options.baseUrl,
@@ -2805,8 +2821,8 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 				};
 			},
 			setCurrentUser: (userJsonPromise) => {
-				(0, _stackframe_stack_shared_dist_utils_promises.runAsynchronously)(async () => {
-					await this._currentUserCache.forceSetCachedValueAsync([await this._getSession()], _stackframe_stack_shared_dist_utils_results.Result.fromPromise(userJsonPromise));
+				(0, _hexclave_shared_dist_utils_promises.runAsynchronously)(async () => {
+					await this._currentUserCache.forceSetCachedValueAsync([await this._getSession()], _hexclave_shared_dist_utils_results.Result.fromPromise(userJsonPromise));
 				});
 			},
 			getConstructorOptions: () => this._options,
@@ -2822,7 +2838,7 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 			sendRequest: async (path, requestOptions, requestType = "client") => {
 				return await this._interface.sendClientRequest(path, requestOptions, await this._getSession(), requestType);
 			},
-			getRedirectMethod: () => this._redirectMethod ?? (0, _stackframe_stack_shared_dist_utils_errors.throwErr)("Redirect method should have been initialized in the Stack client app constructor"),
+			getRedirectMethod: () => this._redirectMethod ?? (0, _hexclave_shared_dist_utils_errors.throwErr)("Redirect method should have been initialized in the Stack client app constructor"),
 			redirectToUrl: async (url, options) => {
 				await this._redirectTo({
 					url,