npm - @hexclave/tanstack-start - Versions diffs - 1.0.0 → 1.0.2 - Mend

@hexclave/tanstack-start 1.0.0 → 1.0.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (369) hide show

package/dist/lib/stack-app/apps/implementations/client-app-impl.js CHANGED Viewed

@@ -1,30 +1,30 @@
 Object.defineProperty(exports, Symbol.toStringTag, { value: 'Module' });
 const require_chunk = require('../../../../chunk-BE-pF4vm.js');
-let _stackframe_stack_shared_dist_utils_errors = require("@hexclave/shared/dist/utils/errors");
-let _stackframe_stack_shared_dist_utils_promises = require("@hexclave/shared/dist/utils/promises");
+let _hexclave_shared_dist_utils_errors = require("@hexclave/shared/dist/utils/errors");
+let _hexclave_shared_dist_utils_promises = require("@hexclave/shared/dist/utils/promises");
 let react = require("react");
 react = require_chunk.__toESM(react);
-let _stackframe_stack_shared = require("@hexclave/shared");
-let _stackframe_stack_shared_dist_utils_urls = require("@hexclave/shared/dist/utils/urls");
-let _stackframe_stack_shared_dist_utils_react = require("@hexclave/shared/dist/utils/react");
-let _stackframe_stack_shared_dist_utils_objects = require("@hexclave/shared/dist/utils/objects");
-let _stackframe_stack_shared_dist_utils_results = require("@hexclave/shared/dist/utils/results");
-let _stackframe_stack_shared_dist_utils_strings = require("@hexclave/shared/dist/utils/strings");
-let _stackframe_stack_shared_dist_utils_env = require("@hexclave/shared/dist/utils/env");
-let _stackframe_tanstack_start_tanstack_start_server_context = require("@hexclave/tanstack-start/tanstack-start-server-context");
-_stackframe_tanstack_start_tanstack_start_server_context = require_chunk.__toESM(_stackframe_tanstack_start_tanstack_start_server_context);
+let _hexclave_shared = require("@hexclave/shared");
+let _hexclave_shared_dist_utils_react = require("@hexclave/shared/dist/utils/react");
+let _hexclave_shared_dist_utils_objects = require("@hexclave/shared/dist/utils/objects");
+let _hexclave_shared_dist_utils_urls = require("@hexclave/shared/dist/utils/urls");
+let _hexclave_shared_dist_utils_results = require("@hexclave/shared/dist/utils/results");
+let _hexclave_shared_dist_utils_strings = require("@hexclave/shared/dist/utils/strings");
+let _hexclave_shared_dist_utils_env = require("@hexclave/shared/dist/utils/env");
+let _hexclave_tanstack_start_tanstack_start_server_context = require("@hexclave/tanstack-start/tanstack-start-server-context");
+_hexclave_tanstack_start_tanstack_start_server_context = require_chunk.__toESM(_hexclave_tanstack_start_tanstack_start_server_context);
 let __common_js = require("./common.js");
-let _stackframe_stack_shared_dist_utils_redirect_urls = require("@hexclave/shared/dist/utils/redirect-urls");
-let _stackframe_stack_shared_dist_utils_bytes = require("@hexclave/shared/dist/utils/bytes");
+let _hexclave_shared_dist_utils_redirect_urls = require("@hexclave/shared/dist/utils/redirect-urls");
+let _hexclave_shared_dist_utils_bytes = require("@hexclave/shared/dist/utils/bytes");
 let ______common_js = require("../../common.js");
 let ______projects_index_js = require("../../projects/index.js");
 let _simplewebauthn_browser = require("@simplewebauthn/browser");
-let _stackframe_stack_shared_dist_sessions = require("@hexclave/shared/dist/sessions");
-let _stackframe_stack_shared_dist_utils_json = require("@hexclave/shared/dist/utils/json");
-let _stackframe_stack_shared_dist_utils_maps = require("@hexclave/shared/dist/utils/maps");
-let _stackframe_stack_shared_dist_utils_stores = require("@hexclave/shared/dist/utils/stores");
-let _stackframe_stack_shared_dist_utils_turnstile_flow = require("@hexclave/shared/dist/utils/turnstile-flow");
-let _stackframe_stack_shared_dist_utils_uuids = require("@hexclave/shared/dist/utils/uuids");
+let _hexclave_shared_dist_sessions = require("@hexclave/shared/dist/sessions");
+let _hexclave_shared_dist_utils_json = require("@hexclave/shared/dist/utils/json");
+let _hexclave_shared_dist_utils_maps = require("@hexclave/shared/dist/utils/maps");
+let _hexclave_shared_dist_utils_stores = require("@hexclave/shared/dist/utils/stores");
+let _hexclave_shared_dist_utils_turnstile_flow = require("@hexclave/shared/dist/utils/turnstile-flow");
+let _hexclave_shared_dist_utils_uuids = require("@hexclave/shared/dist/utils/uuids");
 let _tanstack_react_router = require("@tanstack/react-router");
 _tanstack_react_router = require_chunk.__toESM(_tanstack_react_router);
 let cookie = require("cookie");
@@ -69,7 +69,7 @@ const STACK_AUTHORIZATION_VALUE_PREFIX = "stackauth_";
 const HEXCLAVE_AUTHORIZATION_VALUE_PREFIX = "hexclave_";
 function getAuthorizationHeaderValueFromAuthJson(authJson) {
 	if (authJson.accessToken == null && authJson.refreshToken == null) return null;
-	return `Bearer ${STACK_AUTHORIZATION_VALUE_PREFIX}${(0, _stackframe_stack_shared_dist_utils_bytes.encodeBase64)(new TextEncoder().encode(JSON.stringify(authJson)))}`;
+	return `Bearer ${STACK_AUTHORIZATION_VALUE_PREFIX}${(0, _hexclave_shared_dist_utils_bytes.encodeBase64)(new TextEncoder().encode(JSON.stringify(authJson)))}`;
 }
 function getAuthJsonFromAuthorizationHeaderValue(authorizationHeaderValue) {
 	const match = authorizationHeaderValue.match(/^Bearer\s+(.+)$/i);
@@ -81,7 +81,7 @@ function getAuthJsonFromAuthorizationHeaderValue(authorizationHeaderValue) {
 	if (encodedAuthJson.length === 0) throw new Error("Invalid Authorization header format. Expected `Bearer stackauth_<base64(getAuthJson())>`.");
 	let parsed;
 	try {
-		const decodedAuthJson = new TextDecoder().decode((0, _stackframe_stack_shared_dist_utils_bytes.decodeBase64)(encodedAuthJson));
+		const decodedAuthJson = new TextDecoder().decode((0, _hexclave_shared_dist_utils_bytes.decodeBase64)(encodedAuthJson));
 		parsed = JSON.parse(decodedAuthJson);
 	} catch (e) {
 		throw new Error("Invalid stackauth authorization header.", { cause: e });
@@ -103,8 +103,8 @@ function getHeaderValueFromRequestLikeHeaders(headers, name) {
 	return null;
 }
 function getTanStackStartRequestHeader(name) {
-	const { getRequestHeader } = _stackframe_tanstack_start_tanstack_start_server_context;
-	if (getRequestHeader == null) throw new _stackframe_stack_shared_dist_utils_errors.HexclaveAssertionError("TanStack Start request headers are only available during server rendering");
+	const { getRequestHeader } = _hexclave_tanstack_start_tanstack_start_server_context;
+	if (getRequestHeader == null) throw new _hexclave_shared_dist_utils_errors.HexclaveAssertionError("TanStack Start request headers are only available during server rendering");
 	return getRequestHeader(name) ?? null;
 }
 async function getServerRequestHost() {
@@ -126,7 +126,7 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 		if (!user || !user.oauth_providers.find((p) => p.id === options.providerId)) hasConnection = false;
 		if (!await options.getOrWaitOAuthToken()) hasConnection = false;
 		if (!hasConnection && options.redirect) {
-			if (!options.session) throw new Error(_stackframe_stack_shared_dist_utils_strings.deindent`
+			if (!options.session) throw new Error(_hexclave_shared_dist_utils_strings.deindent`
           Cannot add new scopes to a user that is not a CurrentUser. Please ensure that you are calling this function on a CurrentUser object, or remove the 'or: redirect' option.
           Often, you can solve this by calling this function in the browser instead, or by removing the 'or: redirect' option and dealing with the case where the user doesn't have enough permissions.
@@ -135,10 +135,10 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 				provider: options.providerId,
 				redirectUrl: this._getOAuthCallbackRedirectUri(),
 				errorRedirectUrl: this.urls.error,
-				providerScope: (0, _stackframe_stack_shared_dist_utils_strings.mergeScopeStrings)(options.scope || "", (this._oauthScopesOnSignIn[options.providerId] ?? []).join(" "))
+				providerScope: (0, _hexclave_shared_dist_utils_strings.mergeScopeStrings)(options.scope || "", (this._oauthScopesOnSignIn[options.providerId] ?? []).join(" "))
 			}, options.session);
 			await this._redirectTo({ url: location });
-			return await (0, _stackframe_stack_shared_dist_utils_promises.neverResolve)();
+			return await (0, _hexclave_shared_dist_utils_promises.neverResolve)();
 		} else if (!hasConnection) return null;
 		const providerAccountId = user.oauth_providers.find((p) => p.id === options.providerId)?.account_id ?? "";
 		return {
@@ -147,12 +147,12 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 			providerAccountId,
 			async getAccessToken() {
 				const result = await options.getOrWaitOAuthToken();
-				if (!result) throw new _stackframe_stack_shared_dist_utils_errors.HexclaveAssertionError(`Failed to retrieve an access token for this connected account (provider: ${options.providerId}). This usually means the OAuth refresh token has been revoked or expired. The user needs to re-authorize by calling \`linkConnectedAccount\` or using \`getOrLinkConnectedAccount\`.`);
+				if (!result) throw new _hexclave_shared_dist_utils_errors.HexclaveAssertionError(`Failed to retrieve an access token for this connected account (provider: ${options.providerId}). This usually means the OAuth refresh token has been revoked or expired. The user needs to re-authorize by calling \`linkConnectedAccount\` or using \`getOrLinkConnectedAccount\`.`);
 				return result;
 			},
 			useAccessToken() {
 				const result = options.useOAuthToken();
-				if (!result) throw new _stackframe_stack_shared_dist_utils_errors.HexclaveAssertionError(`Failed to retrieve an access token for this connected account (provider: ${options.providerId}). This usually means the OAuth refresh token has been revoked or expired. The user needs to re-authorize by calling \`linkConnectedAccount\` or using \`getOrLinkConnectedAccount\`.`);
+				if (!result) throw new _hexclave_shared_dist_utils_errors.HexclaveAssertionError(`Failed to retrieve an access token for this connected account (provider: ${options.providerId}). This usually means the OAuth refresh token has been revoked or expired. The user needs to re-authorize by calling \`linkConnectedAccount\` or using \`getOrLinkConnectedAccount\`.`);
 				return result;
 			}
 		};
@@ -167,7 +167,7 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 			providerAccountId,
 			async getAccessToken(options) {
 				const scopeString = options?.scopes?.join(" ") ?? "";
-				const result = _stackframe_stack_shared_dist_utils_results.Result.orThrow(await app._currentUserOAuthConnectionAccessTokensByAccountCache.getOrWait([
+				const result = _hexclave_shared_dist_utils_results.Result.orThrow(await app._currentUserOAuthConnectionAccessTokensByAccountCache.getOrWait([
 					session,
 					providerId,
 					providerAccountId,
@@ -175,9 +175,9 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 				], "write-only"));
 				if (!result) {
 					const scopeDetail = scopeString ? `The requested scopes [${scopeString}] are not available on the existing token.` : "The OAuth refresh token has likely been revoked or expired.";
-					return _stackframe_stack_shared_dist_utils_results.Result.error(new _stackframe_stack_shared.KnownErrors.OAuthAccessTokenNotAvailable(providerId, `${scopeDetail} The user needs to re-authorize by calling \`linkConnectedAccount\` or using \`getOrLinkConnectedAccount\`.`));
+					return _hexclave_shared_dist_utils_results.Result.error(new _hexclave_shared.KnownErrors.OAuthAccessTokenNotAvailable(providerId, `${scopeDetail} The user needs to re-authorize by calling \`linkConnectedAccount\` or using \`getOrLinkConnectedAccount\`.`));
 				}
-				return _stackframe_stack_shared_dist_utils_results.Result.ok(result);
+				return _hexclave_shared_dist_utils_results.Result.ok(result);
 			},
 			useAccessToken(options) {
 				const scopeString = options?.scopes?.join(" ") ?? "";
@@ -189,9 +189,9 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 				], "connection.useAccessToken()");
 				if (!result) {
 					const scopeDetail = scopeString ? `The requested scopes [${scopeString}] are not available on the existing token.` : "The OAuth refresh token has likely been revoked or expired.";
-					return _stackframe_stack_shared_dist_utils_results.Result.error(new _stackframe_stack_shared.KnownErrors.OAuthAccessTokenNotAvailable(providerId, `${scopeDetail} The user needs to re-authorize by calling \`linkConnectedAccount\` or using \`getOrLinkConnectedAccount\`.`));
+					return _hexclave_shared_dist_utils_results.Result.error(new _hexclave_shared.KnownErrors.OAuthAccessTokenNotAvailable(providerId, `${scopeDetail} The user needs to re-authorize by calling \`linkConnectedAccount\` or using \`getOrLinkConnectedAccount\`.`));
 				}
-				return _stackframe_stack_shared_dist_utils_results.Result.ok(result);
+				return _hexclave_shared_dist_utils_results.Result.ok(result);
 			}
 		};
 	}
@@ -200,14 +200,14 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 		this._sessionRecorder = null;
 		this._eventTracker = null;
 		this.__DEMO_ENABLE_SLIGHT_FETCH_DELAY = false;
-		this._ownedAdminApps = new _stackframe_stack_shared_dist_utils_maps.DependenciesMap();
+		this._ownedAdminApps = new _hexclave_shared_dist_utils_maps.DependenciesMap();
 		this._currentUserCache = (0, __common_js.createCacheBySession)(async (session) => {
-			if (this.__DEMO_ENABLE_SLIGHT_FETCH_DELAY) await (0, _stackframe_stack_shared_dist_utils_promises.wait)(2e3);
+			if (this.__DEMO_ENABLE_SLIGHT_FETCH_DELAY) await (0, _hexclave_shared_dist_utils_promises.wait)(2e3);
 			if (session.isKnownToBeInvalid()) return null;
 			return await this._interface.getClientUserByToken(session);
 		});
 		this._currentProjectCache = (0, __common_js.createCache)(async () => {
-			return _stackframe_stack_shared_dist_utils_results.Result.orThrow(await this._interface.getClientProject());
+			return _hexclave_shared_dist_utils_results.Result.orThrow(await this._interface.getClientProject());
 		});
 		this._ownedProjectsCache = (0, __common_js.createCacheBySession)(async (session) => {
 			return await this._interface.listProjects(session);
@@ -228,14 +228,14 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 			try {
 				return { accessToken: (await this._interface.createProviderAccessToken(providerId, scope || "", session)).access_token };
 			} catch (err) {
-				if (!(_stackframe_stack_shared.KnownErrors.OAuthAccessTokenNotAvailable.isInstance(err) || _stackframe_stack_shared.KnownErrors.OAuthConnectionDoesNotHaveRequiredScope.isInstance(err) || _stackframe_stack_shared.KnownErrors.OAuthConnectionNotConnectedToUser.isInstance(err))) throw err;
+				if (!(_hexclave_shared.KnownErrors.OAuthAccessTokenNotAvailable.isInstance(err) || _hexclave_shared.KnownErrors.OAuthConnectionDoesNotHaveRequiredScope.isInstance(err) || _hexclave_shared.KnownErrors.OAuthConnectionNotConnectedToUser.isInstance(err))) throw err;
 			}
 			return null;
 		});
 		this._currentUserOAuthConnectionCache = (0, __common_js.createCacheBySession)(async (session, [providerId, scope, redirect]) => {
 			return await this._getUserOAuthConnectionCacheFn({
-				getUser: async () => _stackframe_stack_shared_dist_utils_results.Result.orThrow(await this._currentUserCache.getOrWait([session], "write-only")),
-				getOrWaitOAuthToken: async () => _stackframe_stack_shared_dist_utils_results.Result.orThrow(await this._currentUserOAuthConnectionAccessTokensCache.getOrWait([
+				getUser: async () => _hexclave_shared_dist_utils_results.Result.orThrow(await this._currentUserCache.getOrWait([session], "write-only")),
+				getOrWaitOAuthToken: async () => _hexclave_shared_dist_utils_results.Result.orThrow(await this._currentUserOAuthConnectionAccessTokensCache.getOrWait([
 					session,
 					providerId,
 					scope || ""
@@ -258,22 +258,22 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 			try {
 				return { accessToken: (await this._interface.createProviderAccessTokenByAccount(providerId, providerAccountId, scope, session)).access_token };
 			} catch (err) {
-				if (_stackframe_stack_shared.KnownErrors.OAuthAccessTokenNotAvailable.isInstance(err) || _stackframe_stack_shared.KnownErrors.OAuthConnectionDoesNotHaveRequiredScope.isInstance(err) || _stackframe_stack_shared.KnownErrors.OAuthConnectionNotConnectedToUser.isInstance(err)) return null;
+				if (_hexclave_shared.KnownErrors.OAuthAccessTokenNotAvailable.isInstance(err) || _hexclave_shared.KnownErrors.OAuthConnectionDoesNotHaveRequiredScope.isInstance(err) || _hexclave_shared.KnownErrors.OAuthConnectionNotConnectedToUser.isInstance(err)) return null;
 				throw err;
 			}
 		});
 		this._currentUserValidConnectedAccountForProviderCache = (0, __common_js.createCacheBySession)(async (session, [provider, scopeString]) => {
-			const matchingAccounts = _stackframe_stack_shared_dist_utils_results.Result.orThrow(await this._currentUserConnectedAccountsCache.getOrWait([session], "write-only")).filter((a) => a.provider === provider);
+			const matchingAccounts = _hexclave_shared_dist_utils_results.Result.orThrow(await this._currentUserConnectedAccountsCache.getOrWait([session], "write-only")).filter((a) => a.provider === provider);
 			const scopes = scopeString ? scopeString.split(" ") : void 0;
 			for (const account of matchingAccounts) if ((await account.getAccessToken({ scopes })).status === "ok") return account;
 			const location = await (0, _________auth_js.getNewOAuthProviderOrScopeUrl)(this._interface, {
 				provider,
 				redirectUrl: this._getOAuthCallbackRedirectUri(),
 				errorRedirectUrl: this.urls.error,
-				providerScope: (0, _stackframe_stack_shared_dist_utils_strings.mergeScopeStrings)(scopeString, (this._oauthScopesOnSignIn[provider] ?? []).join(" "))
+				providerScope: (0, _hexclave_shared_dist_utils_strings.mergeScopeStrings)(scopeString, (this._oauthScopesOnSignIn[provider] ?? []).join(" "))
 			}, session);
 			await this._redirectTo({ url: location });
-			return await (0, _stackframe_stack_shared_dist_utils_promises.neverResolve)();
+			return await (0, _hexclave_shared_dist_utils_promises.neverResolve)();
 		});
 		this._teamMemberProfilesCache = (0, __common_js.createCacheBySession)(async (session, [teamId]) => {
 			return await this._interface.listTeamMemberProfiles({ teamId }, session);
@@ -381,7 +381,7 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 		this._sessionsByTokenStoreAndSessionKey = /* @__PURE__ */ new WeakMap();
 		this._botChallengeSiteKeysWarned = false;
 		const resolvedOptions = (0, __common_js.resolveConstructorOptions)(options);
-		if (!_StackClientAppImplIncomplete.LazyStackAdminAppImpl.value) throw new _stackframe_stack_shared_dist_utils_errors.HexclaveAssertionError("Admin app implementation not initialized. Did you import the _StackClientApp from stack-app/apps/implementations/index.ts? You can't import it directly from ./apps/implementations/client-app-impl.ts as that causes a circular dependency (see the comment at _LazyStackAdminAppImpl for more details).");
+		if (!_StackClientAppImplIncomplete.LazyStackAdminAppImpl.value) throw new _hexclave_shared_dist_utils_errors.HexclaveAssertionError("Admin app implementation not initialized. Did you import the _StackClientApp from stack-app/apps/implementations/index.ts? You can't import it directly from ./apps/implementations/client-app-impl.ts as that causes a circular dependency (see the comment at _LazyStackAdminAppImpl for more details).");
 		this._options = resolvedOptions;
 		this._extraOptions = extraOptions;
 		const projectId = resolvedOptions.projectId ?? (0, __common_js.getDefaultProjectId)();
@@ -390,7 +390,7 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 		if (extraOptions && extraOptions.interface) this._interface = extraOptions.interface;
 		else {
 			const apiUrls = (0, __common_js.resolveApiUrls)(resolvedOptions.baseUrl);
-			this._interface = new _stackframe_stack_shared.HexclaveClientInterface({
+			this._interface = new _hexclave_shared.HexclaveClientInterface({
 				getBaseUrl: () => apiUrls()[0],
 				getAnalyticsBaseUrl: () => (0, __common_js.getAnalyticsBaseUrl)(apiUrls()[0]),
 				getApiUrls: apiUrls,
@@ -402,12 +402,12 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 			});
 		}
 		this._tokenStoreInit = resolvedOptions.tokenStore;
-		this._redirectMethod = resolvedOptions.redirectMethod || ((0, _stackframe_stack_shared_dist_utils_env.isBrowserLike)() ? "window" : "none");
+		this._redirectMethod = resolvedOptions.redirectMethod || ((0, _hexclave_shared_dist_utils_env.isBrowserLike)() ? "window" : "none");
 		this._redirectMethod = resolvedOptions.redirectMethod || "tanstack-start";
 		this._urlOptions = resolvedOptions.urls ?? {};
 		this._oauthScopesOnSignIn = resolvedOptions.oauthScopesOnSignIn ?? {};
-		if ((0, _stackframe_stack_shared_dist_utils_env.isBrowserLike)() && (resolvedOptions.tokenStore === "cookie" || resolvedOptions.tokenStore === "nextjs-cookie")) {
-			(0, _stackframe_stack_shared_dist_utils_promises.runAsynchronously)(this._trustedParentDomainCache.getOrWait([window.location.hostname], "write-only"));
+		if ((0, _hexclave_shared_dist_utils_env.isBrowserLike)() && (resolvedOptions.tokenStore === "cookie" || resolvedOptions.tokenStore === "nextjs-cookie")) {
+			(0, _hexclave_shared_dist_utils_promises.runAsynchronously)(this._trustedParentDomainCache.getOrWait([window.location.hostname], "write-only"));
 			this._ensureCrossSubdomainCookieExists();
 		}
 		if (extraOptions && extraOptions.uniqueIdentifier) {
@@ -424,7 +424,7 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 			return (await this.getUser({ or: "anonymous" }))._internalSession;
 		};
 		const analyticsEnabled = this._analyticsOptions?.enabled !== false;
-		if (analyticsEnabled && (0, _stackframe_stack_shared_dist_utils_env.isBrowserLike)() && this._hasPersistentTokenStore() && this._analyticsOptions?.replays?.enabled === true) {
+		if (analyticsEnabled && (0, _hexclave_shared_dist_utils_env.isBrowserLike)() && this._hasPersistentTokenStore() && this._analyticsOptions?.replays?.enabled === true) {
 			this._sessionRecorder = new __session_replay_js.SessionRecorder({
 				projectId: this.projectId,
 				sendBatch: async (body, opts) => {
@@ -433,7 +433,7 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 			}, this._analyticsOptions.replays);
 			this._sessionRecorder.start();
 		}
-		if (analyticsEnabled && (0, _stackframe_stack_shared_dist_utils_env.isBrowserLike)() && this._hasPersistentTokenStore()) {
+		if (analyticsEnabled && (0, _hexclave_shared_dist_utils_env.isBrowserLike)() && this._hasPersistentTokenStore()) {
 			this._eventTracker = new __event_tracker_js.EventTracker({
 				projectId: this.projectId,
 				sendBatch: async (body, opts) => {
@@ -442,17 +442,17 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 			});
 			this._eventTracker.start();
 		}
-		if ((0, _stackframe_stack_shared_dist_utils_env.isBrowserLike)() && this._isOAuthCallbackUrlHosted() && this._currentUrlLooksLikeStackOAuthCallback()) this._trackPendingAuthResolution(async () => {
-			if ((0, _stackframe_stack_shared_dist_utils_env.isBrowserLike)()) await this.callOAuthCallback({ dontWarnAboutMissingQueryParams: true });
+		if ((0, _hexclave_shared_dist_utils_env.isBrowserLike)() && this._isOAuthCallbackUrlHosted() && this._currentUrlLooksLikeStackOAuthCallback()) this._trackPendingAuthResolution(async () => {
+			if ((0, _hexclave_shared_dist_utils_env.isBrowserLike)()) await this.callOAuthCallback({ dontWarnAboutMissingQueryParams: true });
 		});
-		if ((0, _stackframe_stack_shared_dist_utils_env.isBrowserLike)()) this._trackPendingAuthResolution(async () => {
+		if ((0, _hexclave_shared_dist_utils_env.isBrowserLike)()) this._trackPendingAuthResolution(async () => {
 			await this._maybeHandleNestedCrossDomainAuth();
 		});
-		if ((0, _stackframe_stack_shared_dist_utils_env.isBrowserLike)() && resolvedOptions.devTool !== false) (0, ____________dev_tool_index_js.mountDevTool)(this);
+		if ((0, _hexclave_shared_dist_utils_env.isBrowserLike)() && resolvedOptions.devTool !== false) (0, ____________dev_tool_index_js.mountDevTool)(this);
 	}
 	_initUniqueIdentifier() {
-		if (!this._uniqueIdentifier) throw new _stackframe_stack_shared_dist_utils_errors.HexclaveAssertionError("Unique identifier not initialized");
-		if (allClientApps.has(this._uniqueIdentifier)) throw new _stackframe_stack_shared_dist_utils_errors.HexclaveAssertionError("A Stack client app with the same unique identifier already exists");
+		if (!this._uniqueIdentifier) throw new _hexclave_shared_dist_utils_errors.HexclaveAssertionError("Unique identifier not initialized");
+		if (allClientApps.has(this._uniqueIdentifier)) throw new _hexclave_shared_dist_utils_errors.HexclaveAssertionError("A Stack client app with the same unique identifier already exists");
 		allClientApps.set(this._uniqueIdentifier, [this._extraOptions?.checkString ?? void 0, this]);
 	}
 	_trackPendingAuthResolution(callback) {
@@ -461,11 +461,11 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 			try {
 				await callback();
 			} catch (error) {
-				(0, _stackframe_stack_shared_dist_utils_errors.captureError)("pending-auth-resolution-failed", error);
+				(0, _hexclave_shared_dist_utils_errors.captureError)("pending-auth-resolution-failed", error);
 			}
 		})();
 		this._pendingAuthResolutionPromises.push(promise);
-		(0, _stackframe_stack_shared_dist_utils_promises.runAsynchronously)(async () => {
+		(0, _hexclave_shared_dist_utils_promises.runAsynchronously)(async () => {
 			try {
 				await promise;
 			} finally {
@@ -479,7 +479,7 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 	}
 	_usePendingAuthResolutions(overrideTokenStoreInit) {
 		if (overrideTokenStoreInit !== void 0 || !this._hasPersistentTokenStore() || this._pendingAuthResolutionPromises.length === 0) return;
-		(0, _stackframe_stack_shared_dist_utils_react.use)(Promise.all(this._pendingAuthResolutionPromises));
+		(0, _hexclave_shared_dist_utils_react.use)(Promise.all(this._pendingAuthResolutionPromises));
 	}
 	_isOAuthCallbackUrlHosted() {
 		const oauthCallbackTarget = this._urlOptions.oauthCallback ?? this._urlOptions.default;
@@ -499,7 +499,7 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 	}
 	_getOAuthCallbackRedirectUri() {
 		if (!this._isOAuthCallbackUrlHosted()) return this.urls.oauthCallback;
-		if (typeof window === "undefined") throw new _stackframe_stack_shared_dist_utils_errors.HexclaveAssertionError("Hosted OAuth callback URLs require a browser environment to use the current URL as the redirect URI");
+		if (typeof window === "undefined") throw new _hexclave_shared_dist_utils_errors.HexclaveAssertionError("Hosted OAuth callback URLs require a browser environment to use the current URL as the redirect URI");
 		const currentUrl = new URL(window.location.href);
 		for (const param of oauthCallbackResponseQueryParams) currentUrl.searchParams.delete(param);
 		return currentUrl.toString();
@@ -531,13 +531,13 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 		const state = currentUrl.searchParams.get(nestedCrossDomainAuthQueryParams.state);
 		const codeChallenge = currentUrl.searchParams.get(nestedCrossDomainAuthQueryParams.codeChallenge);
 		if (redirectUri != null || state != null || codeChallenge != null) {
-			if (redirectUri == null || state == null || codeChallenge == null) throw new _stackframe_stack_shared_dist_utils_errors.HexclaveAssertionError("Nested cross-domain auth callback URL is missing OAuth request parameters", {
+			if (redirectUri == null || state == null || codeChallenge == null) throw new _hexclave_shared_dist_utils_errors.HexclaveAssertionError("Nested cross-domain auth callback URL is missing OAuth request parameters", {
 				redirectUri,
 				state,
 				codeChallenge
 			});
-			if ((currentUrl.searchParams.get(nestedCrossDomainAuthQueryParams.codeChallengeMethod) ?? "S256") !== "S256") throw new _stackframe_stack_shared_dist_utils_errors.HexclaveAssertionError("Nested cross-domain auth only supports S256 PKCE");
-			if ((0, _stackframe_stack_shared_dist_utils_urls.isRelative)(redirectUri)) throw new Error("Nested cross-domain auth redirect URI must be absolute.");
+			if ((currentUrl.searchParams.get(nestedCrossDomainAuthQueryParams.codeChallengeMethod) ?? "S256") !== "S256") throw new _hexclave_shared_dist_utils_errors.HexclaveAssertionError("Nested cross-domain auth only supports S256 PKCE");
+			if ((0, _hexclave_shared_dist_utils_urls.isRelative)(redirectUri)) throw new Error("Nested cross-domain auth redirect URI must be absolute.");
 			const redirectUriUrl = new URL(redirectUri);
 			if (!await this._isTrusted(redirectUriUrl.toString())) throw new Error(`Nested cross-domain auth redirect URI ${redirectUri} is not trusted.`);
 			const afterCallbackRedirectUrlString = currentUrl.searchParams.get(nestedCrossDomainAuthQueryParams.afterCallbackRedirectUrl);
@@ -558,16 +558,29 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 		}
 		if (await this._getCurrentRefreshTokenIdIfSignedIn({ awaitPendingAuthResolutions: false }) === refreshTokenId) return false;
 		const callbackUrlString = currentUrl.searchParams.get(nestedCrossDomainAuthQueryParams.callbackUrl);
-		if (callbackUrlString == null) throw new _stackframe_stack_shared_dist_utils_errors.HexclaveAssertionError("Nested cross-domain auth URL is missing callback URL");
-		if ((0, _stackframe_stack_shared_dist_utils_urls.isRelative)(callbackUrlString)) throw new Error("Nested cross-domain auth callback URL must be absolute.");
+		if (callbackUrlString == null) throw new _hexclave_shared_dist_utils_errors.HexclaveAssertionError("Nested cross-domain auth URL is missing callback URL");
+		if ((0, _hexclave_shared_dist_utils_urls.isRelative)(callbackUrlString)) throw new Error("Nested cross-domain auth callback URL must be absolute.");
 		const callbackUrl = new URL(callbackUrlString);
 		if (!await this._isTrusted(callbackUrl.toString())) throw new Error(`Nested cross-domain auth callback URL ${callbackUrlString} is not trusted.`);
 		const afterCallbackRedirectUrl = new URL(currentUrl);
 		afterCallbackRedirectUrl.searchParams.delete(nestedCrossDomainAuthQueryParams.refreshTokenId);
 		afterCallbackRedirectUrl.searchParams.delete(nestedCrossDomainAuthQueryParams.callbackUrl);
-		const { state: newState, codeChallenge: newCodeChallenge } = await this._getCrossDomainHandoffParamsForRedirect(currentUrl);
+		const { state: newState, codeChallenge: newCodeChallenge } = await this._getNestedCrossDomainAuthParamsForRedirect();
+		const nestedRedirectUri = new URL(this._getOAuthCallbackRedirectUri(), currentUrl);
+		nestedRedirectUri.searchParams.delete(nestedCrossDomainAuthQueryParams.refreshTokenId);
+		nestedRedirectUri.searchParams.delete(nestedCrossDomainAuthQueryParams.callbackUrl);
+		for (const param of [
+			"after_auth_return_to",
+			__redirect_page_urls_js.crossDomainAuthQueryParams.marker,
+			__redirect_page_urls_js.crossDomainAuthQueryParams.state,
+			__redirect_page_urls_js.crossDomainAuthQueryParams.codeChallenge,
+			__redirect_page_urls_js.crossDomainAuthQueryParams.afterCallbackRedirectUrl
+		]) {
+			const value = currentUrl.searchParams.get(param);
+			if (value != null && !nestedRedirectUri.searchParams.has(param)) nestedRedirectUri.searchParams.set(param, value);
+		}
 		callbackUrl.searchParams.set(nestedCrossDomainAuthQueryParams.refreshTokenId, refreshTokenId);
-		callbackUrl.searchParams.set(nestedCrossDomainAuthQueryParams.redirectUri, new URL(this._getOAuthCallbackRedirectUri(), currentUrl).toString());
+		callbackUrl.searchParams.set(nestedCrossDomainAuthQueryParams.redirectUri, nestedRedirectUri.toString());
 		callbackUrl.searchParams.set(nestedCrossDomainAuthQueryParams.state, newState);
 		callbackUrl.searchParams.set(nestedCrossDomainAuthQueryParams.codeChallenge, newCodeChallenge);
 		callbackUrl.searchParams.set(nestedCrossDomainAuthQueryParams.codeChallengeMethod, "S256");
@@ -578,6 +591,9 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 		});
 		return true;
 	}
+	async _getNestedCrossDomainAuthParamsForRedirect() {
+		return await (0, _________cookie_js.saveVerifierAndState)();
+	}
 	/**
 	* Cloudflare workers does not allow use of randomness on the global scope (on which the Stack app is probably
 	* initialized). For that reason, we generate the unique identifier lazily when it is first needed instead of in the
@@ -585,7 +601,7 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 	*/
 	_getUniqueIdentifier() {
 		if (!this._uniqueIdentifier) {
-			this._uniqueIdentifier = (0, _stackframe_stack_shared_dist_utils_uuids.generateUuid)();
+			this._uniqueIdentifier = (0, _hexclave_shared_dist_utils_uuids.generateUuid)();
 			this._initUniqueIdentifier();
 		}
 		return this._uniqueIdentifier;
@@ -597,8 +613,8 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 		});
 	}
 	_useCheckFeatureSupport(name, options) {
-		(0, _stackframe_stack_shared_dist_utils_promises.runAsynchronously)(this._checkFeatureSupport(name, options));
-		throw new _stackframe_stack_shared_dist_utils_errors.HexclaveAssertionError(`${name} is not currently supported. Please reach out to Stack support for more information.`);
+		(0, _hexclave_shared_dist_utils_promises.runAsynchronously)(this._checkFeatureSupport(name, options));
+		throw new _hexclave_shared_dist_utils_errors.HexclaveAssertionError(`${name} is not currently supported. Please reach out to Stack support for more information.`);
 	}
 	get _legacyRefreshTokenCookieName() {
 		return `stack-refresh-${this.projectId}`;
@@ -610,7 +626,7 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 		return `${secure ? "__Host-" : ""}${this._refreshTokenCookieName}--default`;
 	}
 	_getCustomRefreshCookieName(domain) {
-		const encoded = (0, _stackframe_stack_shared_dist_utils_bytes.encodeBase32)(new TextEncoder().encode(domain.toLowerCase()));
+		const encoded = (0, _hexclave_shared_dist_utils_bytes.encodeBase32)(new TextEncoder().encode(domain.toLowerCase()));
 		return `${this._refreshTokenCookieName}--custom-${encoded}`;
 	}
 	_getDomainFromCustomRefreshCookieName(name) {
@@ -618,7 +634,7 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 			const prefix = `${base}--custom-`;
 			if (!name.startsWith(prefix)) continue;
 			try {
-				return new TextDecoder().decode((0, _stackframe_stack_shared_dist_utils_bytes.decodeBase32)(name.slice(prefix.length)));
+				return new TextDecoder().decode((0, _hexclave_shared_dist_utils_bytes.decodeBase32)(name.slice(prefix.length)));
 			} catch {
 				return null;
 			}
@@ -636,7 +652,7 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 	}
 	_parseStructuredRefreshCookie(value) {
 		if (!value) return null;
-		const parsed = (0, _stackframe_stack_shared_dist_utils_json.parseJson)(value);
+		const parsed = (0, _hexclave_shared_dist_utils_json.parseJson)(value);
 		if (parsed.status !== "ok" || typeof parsed.data !== "object" || parsed.data === null) {
 			console.warn("Failed to parse structured refresh cookie");
 			return null;
@@ -695,7 +711,7 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 		const accessTokenCookie = cookies[this._accessTokenCookieName] ?? cookies[this._legacyAccessTokenCookieName] ?? null;
 		let accessToken = null;
 		if (accessTokenCookie && accessTokenCookie.startsWith("[\"")) {
-			const parsed = (0, _stackframe_stack_shared_dist_utils_json.parseJson)(accessTokenCookie);
+			const parsed = (0, _hexclave_shared_dist_utils_json.parseJson)(accessTokenCookie);
 			if (parsed.status === "ok" && typeof parsed.data === "object" && parsed.data !== null && Array.isArray(parsed.data) && parsed.data.length === 2 && typeof parsed.data[0] === "string" && typeof parsed.data[1] === "string") {
 				if (parsed.data[0] === refreshToken) accessToken = parsed.data[1];
 			} else console.warn("Access token cookie has invalid format");
@@ -712,7 +728,7 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 		return `stack-access`;
 	}
 	_getAllBrowserCookies() {
-		if (!(0, _stackframe_stack_shared_dist_utils_env.isBrowserLike)()) throw new _stackframe_stack_shared_dist_utils_errors.HexclaveAssertionError("Cannot get browser cookies on the server!");
+		if (!(0, _hexclave_shared_dist_utils_env.isBrowserLike)()) throw new _hexclave_shared_dist_utils_errors.HexclaveAssertionError("Cannot get browser cookies on the server!");
 		return cookie.parseCookie(document.cookie || "");
 	}
 	_getRefreshTokenCookieNamePatterns() {
@@ -745,7 +761,7 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 		};
 	}
 	_ensureCrossSubdomainCookieExists() {
-		(0, _stackframe_stack_shared_dist_utils_promises.runAsynchronously)(async () => {
+		(0, _hexclave_shared_dist_utils_promises.runAsynchronously)(async () => {
 			const hostname = window.location.hostname;
 			const domain = await this._trustedParentDomainCache.getOrWait([hostname], "read-write");
 			if (domain.status === "error" || !domain.data) return;
@@ -760,11 +776,11 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 		});
 	}
 	_queueCustomRefreshCookieUpdate(refreshToken, updatedAt, context) {
-		(0, _stackframe_stack_shared_dist_utils_promises.runAsynchronously)(async () => {
+		(0, _hexclave_shared_dist_utils_promises.runAsynchronously)(async () => {
 			this._mostRecentQueuedCookieRefreshIndex++;
 			const updateIndex = this._mostRecentQueuedCookieRefreshIndex;
 			let hostname;
-			if ((0, _stackframe_stack_shared_dist_utils_env.isBrowserLike)()) hostname = window.location.hostname;
+			if ((0, _hexclave_shared_dist_utils_env.isBrowserLike)()) hostname = window.location.hostname;
 			else hostname = await getServerRequestHost();
 			if (!hostname) {
 				console.warn("No hostname found when queueing custom refresh cookie update");
@@ -794,7 +810,7 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 		});
 	}
 	async _getTrustedRedirectConfig() {
-		const project = _stackframe_stack_shared_dist_utils_results.Result.orThrow(await this._currentProjectCache.getOrWait([], "write-only"));
+		const project = _hexclave_shared_dist_utils_results.Result.orThrow(await this._currentProjectCache.getOrWait([], "write-only"));
 		return {
 			allowLocalhost: project.config.allow_localhost,
 			trustedDomains: [...project.config.domains.map((d) => d.domain), new URL((0, ______url_targets_js.getHostedHandlerUrl)({
@@ -804,10 +820,10 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 		};
 	}
 	async _getTrustedParentDomain(currentDomain) {
-		return (0, _stackframe_stack_shared_dist_utils_redirect_urls.getTrustedParentDomain)(currentDomain, (await this._getTrustedRedirectConfig()).trustedDomains);
+		return (0, _hexclave_shared_dist_utils_redirect_urls.getTrustedParentDomain)(currentDomain, (await this._getTrustedRedirectConfig()).trustedDomains);
 	}
 	_getBrowserCookieTokenStore() {
-		if (!(0, _stackframe_stack_shared_dist_utils_env.isBrowserLike)()) throw new Error("Cannot use cookie token store on the server!");
+		if (!(0, _hexclave_shared_dist_utils_env.isBrowserLike)()) throw new Error("Cannot use cookie token store on the server!");
 		if (this._storedBrowserCookieTokenStore === null) {
 			const getCurrentValue = (old) => {
 				const tokens = this._getTokensFromCookies(this._getAllBrowserCookies());
@@ -816,13 +832,13 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 					accessToken: tokens.accessToken ?? (old?.refreshToken === tokens.refreshToken ? old.accessToken : null)
 				};
 			};
-			this._storedBrowserCookieTokenStore = new _stackframe_stack_shared_dist_utils_stores.Store(getCurrentValue(null));
+			this._storedBrowserCookieTokenStore = new _hexclave_shared_dist_utils_stores.Store(getCurrentValue(null));
 			let hasSucceededInWriting = true;
 			setInterval(() => {
 				if (hasSucceededInWriting) {
 					const oldValue = this._storedBrowserCookieTokenStore.get();
 					const currentValue = getCurrentValue(oldValue);
-					if (!(0, _stackframe_stack_shared_dist_utils_objects.deepPlainEquals)(currentValue, oldValue)) this._storedBrowserCookieTokenStore.set(currentValue);
+					if (!(0, _hexclave_shared_dist_utils_objects.deepPlainEquals)(currentValue, oldValue)) this._storedBrowserCookieTokenStore.set(currentValue);
 				}
 			}, 100);
 			this._storedBrowserCookieTokenStore.onChange((value) => {
@@ -843,7 +859,7 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 					this._queueCustomRefreshCookieUpdate(refreshToken, updatedAt, "browser");
 					hasSucceededInWriting = true;
 				} catch (e) {
-					if (!(0, _stackframe_stack_shared_dist_utils_env.isBrowserLike)()) hasSucceededInWriting = false;
+					if (!(0, _hexclave_shared_dist_utils_env.isBrowserLike)()) hasSucceededInWriting = false;
 					else throw e;
 				}
 			});
@@ -854,13 +870,13 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 		const tokenStoreInit = overrideTokenStoreInit === void 0 ? this._tokenStoreInit : overrideTokenStoreInit;
 		switch (tokenStoreInit) {
 			case "cookie":
-				if (!(0, _stackframe_stack_shared_dist_utils_env.isBrowserLike)()) return this._getOrCreateTokenStore(cookieHelper, "nextjs-cookie");
+				if (!(0, _hexclave_shared_dist_utils_env.isBrowserLike)()) return this._getOrCreateTokenStore(cookieHelper, "nextjs-cookie");
 				return this._getBrowserCookieTokenStore();
-			case "nextjs-cookie": if ((0, _stackframe_stack_shared_dist_utils_env.isBrowserLike)()) return this._getBrowserCookieTokenStore();
+			case "nextjs-cookie": if ((0, _hexclave_shared_dist_utils_env.isBrowserLike)()) return this._getBrowserCookieTokenStore();
 			else {
-				const store = new _stackframe_stack_shared_dist_utils_stores.Store(this._getTokensFromCookies(cookieHelper.getAll()));
+				const store = new _hexclave_shared_dist_utils_stores.Store(this._getTokensFromCookies(cookieHelper.getAll()));
 				store.onChange((value) => {
-					(0, _stackframe_stack_shared_dist_utils_promises.runAsynchronously)(async () => {
+					(0, _hexclave_shared_dist_utils_promises.runAsynchronously)(async () => {
 						const refreshToken = value.refreshToken;
 						const secure = await (0, _________cookie_js.isSecure)();
 						const defaultName = this._getRefreshTokenDefaultCookieNameForSecure(secure);
@@ -893,7 +909,7 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 					if (authorizationHeader) {
 						const authJson = getAuthJsonFromAuthorizationHeaderValue(authorizationHeader);
 						if (authJson != null) {
-							const tokenStore = new _stackframe_stack_shared_dist_utils_stores.Store({
+							const tokenStore = new _hexclave_shared_dist_utils_stores.Store({
 								accessToken: authJson.accessToken,
 								refreshToken: authJson.refreshToken
 							});
@@ -918,10 +934,10 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 					}
 					const cookieHeader = getHeaderValueFromRequestLikeHeaders(tokenStoreInit.headers, "cookie");
 					const parsed = cookie.parseCookie(cookieHeader || "");
-					const res = new _stackframe_stack_shared_dist_utils_stores.Store(this._getTokensFromCookies(parsed));
+					const res = new _hexclave_shared_dist_utils_stores.Store(this._getTokensFromCookies(parsed));
 					this._requestTokenStores.set(tokenStoreInit, res);
 					return res;
-				} else if ("accessToken" in tokenStoreInit || "refreshToken" in tokenStoreInit) return new _stackframe_stack_shared_dist_utils_stores.Store({
+				} else if ("accessToken" in tokenStoreInit || "refreshToken" in tokenStoreInit) return new _hexclave_shared_dist_utils_stores.Store({
 					refreshToken: tokenStoreInit.refreshToken,
 					accessToken: tokenStoreInit.accessToken
 				});
@@ -929,14 +945,14 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 		}
 	}
 	_useTokenStore(overrideTokenStoreInit) {
-		if (!(0, _stackframe_stack_shared_dist_utils_env.isBrowserLike)()) return this._getOrCreateTokenStore((0, _stackframe_stack_shared_dist_utils_react.use)((0, _________cookie_js.createCookieHelper)()), overrideTokenStoreInit);
-		(0, _stackframe_stack_shared_dist_utils_react.suspendIfSsr)();
+		if (!(0, _hexclave_shared_dist_utils_env.isBrowserLike)()) return this._getOrCreateTokenStore((0, _hexclave_shared_dist_utils_react.use)((0, _________cookie_js.createCookieHelper)()), overrideTokenStoreInit);
+		(0, _hexclave_shared_dist_utils_react.suspendIfSsr)();
 		const cookieHelper = (0, _________cookie_js.createBrowserCookieHelper)();
 		return this._getOrCreateTokenStore(cookieHelper, overrideTokenStoreInit);
 	}
 	_getSessionFromTokenStore(tokenStore) {
 		const tokenObj = tokenStore.get();
-		const sessionKey = _stackframe_stack_shared_dist_sessions.InternalSession.calculateSessionKey(tokenObj);
+		const sessionKey = _hexclave_shared_dist_sessions.InternalSession.calculateSessionKey(tokenObj);
 		const existing = sessionKey ? this._sessionsByTokenStoreAndSessionKey.get(tokenStore)?.get(sessionKey) : null;
 		if (existing) return existing;
 		const session = this._interface.createSession({
@@ -980,7 +996,7 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 		return react.default.useSyncExternalStore(subscribe, getSnapshot, getSnapshot);
 	}
 	async _signInToAccountWithTokens(tokens) {
-		if (!("accessToken" in tokens) || !("refreshToken" in tokens)) throw new _stackframe_stack_shared_dist_utils_errors.HexclaveAssertionError("Invalid tokens object; can't sign in with this", { tokens });
+		if (!("accessToken" in tokens) || !("refreshToken" in tokens)) throw new _hexclave_shared_dist_utils_errors.HexclaveAssertionError("Invalid tokens object; can't sign in with this", { tokens });
 		const tokenStore = this._getOrCreateTokenStore(await this._createCookieHelper());
 		tokenStore.set(tokens);
 		const newSession = this._getSessionFromTokenStore(tokenStore);
@@ -1120,13 +1136,13 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 				await app._teamInvitationsCache.refresh([session, crud.id]);
 			},
 			async listUsers() {
-				return _stackframe_stack_shared_dist_utils_results.Result.orThrow(await app._teamMemberProfilesCache.getOrWait([session, crud.id], "write-only")).map((crud) => app._clientTeamUserFromCrud(crud));
+				return _hexclave_shared_dist_utils_results.Result.orThrow(await app._teamMemberProfilesCache.getOrWait([session, crud.id], "write-only")).map((crud) => app._clientTeamUserFromCrud(crud));
 			},
 			useUsers() {
 				return (0, __common_js.useAsyncCache)(app._teamMemberProfilesCache, [session, crud.id], "team.useUsers()").map((crud) => app._clientTeamUserFromCrud(crud));
 			},
 			async listInvitations() {
-				return _stackframe_stack_shared_dist_utils_results.Result.orThrow(await app._teamInvitationsCache.getOrWait([session, crud.id], "write-only")).map((crud) => app._clientSentTeamInvitationFromCrud(session, crud));
+				return _hexclave_shared_dist_utils_results.Result.orThrow(await app._teamInvitationsCache.getOrWait([session, crud.id], "write-only")).map((crud) => app._clientSentTeamInvitationFromCrud(session, crud));
 			},
 			useInvitations() {
 				return (0, __common_js.useAsyncCache)(app._teamInvitationsCache, [session, crud.id], "team.useInvitations()").map((crud) => app._clientSentTeamInvitationFromCrud(session, crud));
@@ -1146,7 +1162,7 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 				return (0, __common_js.useAsyncCache)(app._teamApiKeysCache, [session, crud.id], "team.useApiKeys()").map((crud) => app._clientApiKeyFromCrud(session, crud));
 			},
 			async listApiKeys() {
-				return _stackframe_stack_shared_dist_utils_results.Result.orThrow(await app._teamApiKeysCache.getOrWait([session, crud.id], "write-only")).map((crud) => app._clientApiKeyFromCrud(session, crud));
+				return _hexclave_shared_dist_utils_results.Result.orThrow(await app._teamApiKeysCache.getOrWait([session, crud.id], "write-only")).map((crud) => app._clientApiKeyFromCrud(session, crud));
 			},
 			async createApiKey(options) {
 				const result = await app._interface.createProjectApiKey(await (0, ______api_keys_index_js.apiKeyCreationOptionsToCrud)("team", crud.id, options), session, "client");
@@ -1206,9 +1222,9 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 						allow_connected_accounts: data.allowConnectedAccounts
 					}, session);
 					await Promise.all([app._currentUserOAuthProvidersCache.refresh([session]), app._currentUserConnectedAccountsCache.refresh([session])]);
-					return _stackframe_stack_shared_dist_utils_results.Result.ok(void 0);
+					return _hexclave_shared_dist_utils_results.Result.ok(void 0);
 				} catch (error) {
-					if (_stackframe_stack_shared.KnownErrors.OAuthProviderAccountIdAlreadyUsedForSignIn.isInstance(error)) return _stackframe_stack_shared_dist_utils_results.Result.error(error);
+					if (_hexclave_shared.KnownErrors.OAuthProviderAccountIdAlreadyUsedForSignIn.isInstance(error)) return _hexclave_shared_dist_utils_results.Result.error(error);
 					throw error;
 				}
 			},
@@ -1288,7 +1304,7 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 						return session.isKnownToBeInvalid() ? null : session.getAccessTokenIfNotExpiredYet(2e4, 75e3)?.token ?? null;
 					}, [session]);
 					let accessToken = react.default.useSyncExternalStore(subscribe, getSnapshot, getSnapshot);
-					if (accessToken === null && !session.isKnownToBeInvalid()) accessToken = (0, _stackframe_stack_shared_dist_utils_react.use)(session.getOrFetchLikelyValidTokens(2e4, 75e3))?.accessToken.token ?? null;
+					if (accessToken === null && !session.isKnownToBeInvalid()) accessToken = (0, _hexclave_shared_dist_utils_react.use)(session.getOrFetchLikelyValidTokens(2e4, 75e3))?.accessToken.token ?? null;
 					return {
 						accessToken,
 						refreshToken: session.getRefreshToken()?.token ?? null
@@ -1378,11 +1394,11 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 			const scopeString = options?.scopes?.join(" ") ?? "";
 			if (typeof idOrAccount === "object" && "provider" in idOrAccount && "providerAccountId" in idOrAccount) {
 				const { provider, providerAccountId } = idOrAccount;
-				const found = _stackframe_stack_shared_dist_utils_results.Result.orThrow(await app._currentUserConnectedAccountsCache.getOrWait([session], "write-only")).find((a) => a.provider === provider && a.providerAccountId === providerAccountId);
+				const found = _hexclave_shared_dist_utils_results.Result.orThrow(await app._currentUserConnectedAccountsCache.getOrWait([session], "write-only")).find((a) => a.provider === provider && a.providerAccountId === providerAccountId);
 				if (!found) return null;
 				return found;
 			}
-			return _stackframe_stack_shared_dist_utils_results.Result.orThrow(await app._currentUserOAuthConnectionCache.getOrWait([
+			return _hexclave_shared_dist_utils_results.Result.orThrow(await app._currentUserOAuthConnectionCache.getOrWait([
 				session,
 				idOrAccount,
 				scopeString,
@@ -1421,7 +1437,7 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 			getConnectedAccount,
 			useConnectedAccount,
 			async listConnectedAccounts() {
-				return _stackframe_stack_shared_dist_utils_results.Result.orThrow(await app._currentUserConnectedAccountsCache.getOrWait([session], "write-only"));
+				return _hexclave_shared_dist_utils_results.Result.orThrow(await app._currentUserConnectedAccountsCache.getOrWait([session], "write-only"));
 			},
 			useConnectedAccounts() {
 				return (0, __common_js.useAsyncCache)(app._currentUserConnectedAccountsCache, [session], "user.useConnectedAccounts()");
@@ -1432,16 +1448,16 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 					provider,
 					redirectUrl: app._getOAuthCallbackRedirectUri(),
 					errorRedirectUrl: app.urls.error,
-					providerScope: (0, _stackframe_stack_shared_dist_utils_strings.mergeScopeStrings)(scopeString, (app._oauthScopesOnSignIn[provider] ?? []).join(" "))
+					providerScope: (0, _hexclave_shared_dist_utils_strings.mergeScopeStrings)(scopeString, (app._oauthScopesOnSignIn[provider] ?? []).join(" "))
 				}, session);
 				await app._redirectTo({ url: location });
-				return await (0, _stackframe_stack_shared_dist_utils_promises.neverResolve)();
+				return await (0, _hexclave_shared_dist_utils_promises.neverResolve)();
 			},
 			async getOrLinkConnectedAccount(provider, options) {
-				const matchingAccounts = _stackframe_stack_shared_dist_utils_results.Result.orThrow(await app._currentUserConnectedAccountsCache.getOrWait([session], "write-only")).filter((a) => a.provider === provider);
+				const matchingAccounts = _hexclave_shared_dist_utils_results.Result.orThrow(await app._currentUserConnectedAccountsCache.getOrWait([session], "write-only")).filter((a) => a.provider === provider);
 				for (const account of matchingAccounts) if ((await account.getAccessToken({ scopes: options?.scopes })).status === "ok") return account;
 				await this.linkConnectedAccount(provider, options);
-				return await (0, _stackframe_stack_shared_dist_utils_promises.neverResolve)();
+				return await (0, _hexclave_shared_dist_utils_promises.neverResolve)();
 			},
 			useOrLinkConnectedAccount(provider, options) {
 				const scopeString = options?.scopes?.join(" ") ?? "";
@@ -1461,7 +1477,7 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 				}, [teams, teamId]);
 			},
 			async listTeams() {
-				return _stackframe_stack_shared_dist_utils_results.Result.orThrow(await app._currentUserTeamsCache.getOrWait([session], "write-only")).map((crud) => app._clientTeamFromCrud(crud, session));
+				return _hexclave_shared_dist_utils_results.Result.orThrow(await app._currentUserTeamsCache.getOrWait([session], "write-only")).map((crud) => app._clientTeamFromCrud(crud, session));
 			},
 			useTeams() {
 				const teams = (0, __common_js.useAsyncCache)(app._currentUserTeamsCache, [session], "user.useTeams()");
@@ -1477,7 +1493,7 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 				await app._interface.leaveTeam(team.id, session);
 			},
 			async listTeamInvitations() {
-				return _stackframe_stack_shared_dist_utils_results.Result.orThrow(await app._currentUserTeamInvitationsCache.getOrWait([session], "write-only")).map((crud) => app._clientReceivedTeamInvitationFromCrud(session, crud));
+				return _hexclave_shared_dist_utils_results.Result.orThrow(await app._currentUserTeamInvitationsCache.getOrWait([session], "write-only")).map((crud) => app._clientReceivedTeamInvitationFromCrud(session, crud));
 			},
 			useTeamInvitations() {
 				const invitations = (0, __common_js.useAsyncCache)(app._currentUserTeamInvitationsCache, [session], "user.useTeamInvitations()");
@@ -1487,14 +1503,14 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 				if (scopeOrOptions && "id" in scopeOrOptions) {
 					const scope = scopeOrOptions;
 					const recursive = options?.recursive ?? true;
-					return _stackframe_stack_shared_dist_utils_results.Result.orThrow(await app._currentUserPermissionsCache.getOrWait([
+					return _hexclave_shared_dist_utils_results.Result.orThrow(await app._currentUserPermissionsCache.getOrWait([
 						session,
 						scope.id,
 						recursive
 					], "write-only")).map((crud) => app._clientPermissionFromCrud(crud));
 				} else {
 					const recursive = scopeOrOptions?.recursive ?? true;
-					return _stackframe_stack_shared_dist_utils_results.Result.orThrow(await app._currentUserProjectPermissionsCache.getOrWait([session, recursive], "write-only")).map((crud) => app._clientPermissionFromCrud(crud));
+					return _hexclave_shared_dist_utils_results.Result.orThrow(await app._currentUserProjectPermissionsCache.getOrWait([session, recursive], "write-only")).map((crud) => app._clientPermissionFromCrud(crud));
 				}
 			},
 			usePermissions(scopeOrOptions, options) {
@@ -1546,7 +1562,7 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 				return await app._updateClientUser(update, session);
 			},
 			async sendVerificationEmail(options) {
-				if (!crud.primary_email) throw new _stackframe_stack_shared_dist_utils_errors.HexclaveAssertionError("User does not have a primary email");
+				if (!crud.primary_email) throw new _hexclave_shared_dist_utils_errors.HexclaveAssertionError("User does not have a primary email");
 				return await app._interface.sendVerificationEmail(crud.primary_email, options?.callbackUrl ?? (0, ____________utils_url_js.constructRedirectUrl)(app.urls.emailVerification, "callbackUrl"), session);
 			},
 			async updatePassword(options) {
@@ -1561,7 +1577,7 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 			},
 			selectedTeam: crud.selected_team && this._clientTeamFromCrud(crud.selected_team, session),
 			async getTeamProfile(team) {
-				const result = _stackframe_stack_shared_dist_utils_results.Result.orThrow(await app._currentUserTeamProfileCache.getOrWait([session, team.id], "write-only"));
+				const result = _hexclave_shared_dist_utils_results.Result.orThrow(await app._currentUserTeamProfileCache.getOrWait([session, team.id], "write-only"));
 				return app._editableTeamProfileFromCrud(result, session);
 			},
 			useTeamProfile(team) {
@@ -1573,7 +1589,7 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 				session.markInvalid();
 			},
 			async listContactChannels() {
-				return _stackframe_stack_shared_dist_utils_results.Result.orThrow(await app._clientContactChannelsCache.getOrWait([session], "write-only")).map((crud) => app._clientContactChannelFromCrud(crud, session));
+				return _hexclave_shared_dist_utils_results.Result.orThrow(await app._clientContactChannelsCache.getOrWait([session], "write-only")).map((crud) => app._clientContactChannelFromCrud(crud, session));
 			},
 			useContactChannels() {
 				return (0, __common_js.useAsyncCache)(app._clientContactChannelsCache, [session], "user.useContactChannels()").map((crud) => app._clientContactChannelFromCrud(crud, session));
@@ -1587,7 +1603,7 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 				return (0, __common_js.useAsyncCache)(app._notificationCategoriesCache, [session], "user.useNotificationCategories()").map((crud) => app._clientNotificationCategoryFromCrud(crud, session));
 			},
 			async listNotificationCategories() {
-				return _stackframe_stack_shared_dist_utils_results.Result.orThrow(await app._notificationCategoriesCache.getOrWait([session], "write-only")).map((crud) => app._clientNotificationCategoryFromCrud(crud, session));
+				return _hexclave_shared_dist_utils_results.Result.orThrow(await app._notificationCategoriesCache.getOrWait([session], "write-only")).map((crud) => app._clientNotificationCategoryFromCrud(crud, session));
 			},
 			useApiKeys() {
 				return (0, __common_js.useAsyncCache)(app._userApiKeysCache, [session], "user.useApiKeys()").map((crud) => app._clientApiKeyFromCrud(session, crud));
@@ -1604,7 +1620,7 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 				return (0, __common_js.useAsyncCache)(app._currentUserOAuthProvidersCache, [session], "user.useOAuthProviders()").map((crud) => app._clientOAuthProviderFromCrud(crud, session));
 			},
 			async listOAuthProviders() {
-				return _stackframe_stack_shared_dist_utils_results.Result.orThrow(await app._currentUserOAuthProvidersCache.getOrWait([session], "write-only")).map((crud) => app._clientOAuthProviderFromCrud(crud, session));
+				return _hexclave_shared_dist_utils_results.Result.orThrow(await app._currentUserOAuthProvidersCache.getOrWait([session], "write-only")).map((crud) => app._clientOAuthProviderFromCrud(crud, session));
 			},
 			useOAuthProvider(id) {
 				const providers = this.useOAuthProviders();
@@ -1615,20 +1631,20 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 			},
 			async registerPasskey(options) {
 				const hostname = (await app._getCurrentUrl())?.hostname;
-				if (!hostname) throw new _stackframe_stack_shared_dist_utils_errors.HexclaveAssertionError("hostname must be provided if the Stack App does not have a redirect method");
+				if (!hostname) throw new _hexclave_shared_dist_utils_errors.HexclaveAssertionError("hostname must be provided if the Stack App does not have a redirect method");
 				const initiationResult = await app._interface.initiatePasskeyRegistration({}, session);
-				if (initiationResult.status !== "ok") return _stackframe_stack_shared_dist_utils_results.Result.error(new _stackframe_stack_shared.KnownErrors.PasskeyRegistrationFailed("Failed to get initiation options for passkey registration"));
+				if (initiationResult.status !== "ok") return _hexclave_shared_dist_utils_results.Result.error(new _hexclave_shared.KnownErrors.PasskeyRegistrationFailed("Failed to get initiation options for passkey registration"));
 				const { options_json, code } = initiationResult.data;
-				if (options_json.rp.id !== "THIS_VALUE_WILL_BE_REPLACED.example.com") throw new _stackframe_stack_shared_dist_utils_errors.HexclaveAssertionError(`Expected returned RP ID from server to equal sentinel, but found ${options_json.rp.id}`);
+				if (options_json.rp.id !== "THIS_VALUE_WILL_BE_REPLACED.example.com") throw new _hexclave_shared_dist_utils_errors.HexclaveAssertionError(`Expected returned RP ID from server to equal sentinel, but found ${options_json.rp.id}`);
 				options_json.rp.id = hostname;
 				let attResp;
 				try {
 					attResp = await (0, _simplewebauthn_browser.startRegistration)({ optionsJSON: options_json });
 				} catch (error) {
-					if (error instanceof _simplewebauthn_browser.WebAuthnError) return _stackframe_stack_shared_dist_utils_results.Result.error(new _stackframe_stack_shared.KnownErrors.PasskeyWebAuthnError(error.message, error.name));
+					if (error instanceof _simplewebauthn_browser.WebAuthnError) return _hexclave_shared_dist_utils_results.Result.error(new _hexclave_shared.KnownErrors.PasskeyWebAuthnError(error.message, error.name));
 					else {
-						(0, _stackframe_stack_shared_dist_utils_errors.captureError)("passkey-registration-failed", error);
-						return _stackframe_stack_shared_dist_utils_results.Result.error(new _stackframe_stack_shared.KnownErrors.PasskeyRegistrationFailed("Failed to start passkey registration due to unknown error"));
+						(0, _hexclave_shared_dist_utils_errors.captureError)("passkey-registration-failed", error);
+						return _hexclave_shared_dist_utils_results.Result.error(new _hexclave_shared.KnownErrors.PasskeyRegistrationFailed("Failed to start passkey registration due to unknown error"));
 					}
 				}
 				const registrationResult = await app._interface.registerPasskey({
@@ -1665,7 +1681,7 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 		const customerOptions = type === "user" ? { userId: userIdOrTeamId } : { teamId: userIdOrTeamId };
 		return {
 			async getBilling() {
-				const response = _stackframe_stack_shared_dist_utils_results.Result.orThrow(await app._customerBillingCache.getOrWait([
+				const response = _hexclave_shared_dist_utils_results.Result.orThrow(await app._customerBillingCache.getOrWait([
 					effectiveSession,
 					type,
 					userIdOrTeamId
@@ -1757,17 +1773,17 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 	async getItem(options) {
 		const session = await this._getSession();
 		let crud;
-		if ("userId" in options) crud = _stackframe_stack_shared_dist_utils_results.Result.orThrow(await this._userItemCache.getOrWait([
+		if ("userId" in options) crud = _hexclave_shared_dist_utils_results.Result.orThrow(await this._userItemCache.getOrWait([
 			session,
 			options.userId,
 			options.itemId
 		], "write-only"));
-		else if ("teamId" in options) crud = _stackframe_stack_shared_dist_utils_results.Result.orThrow(await this._teamItemCache.getOrWait([
+		else if ("teamId" in options) crud = _hexclave_shared_dist_utils_results.Result.orThrow(await this._teamItemCache.getOrWait([
 			session,
 			options.teamId,
 			options.itemId
 		], "write-only"));
-		else crud = _stackframe_stack_shared_dist_utils_results.Result.orThrow(await this._customItemCache.getOrWait([
+		else crud = _hexclave_shared_dist_utils_results.Result.orThrow(await this._customItemCache.getOrWait([
 			session,
 			options.customCustomerId,
 			options.itemId
@@ -1787,7 +1803,7 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 	async listProducts(options) {
 		const session = (await this.getUser())?._internalSession ?? await this._getSession();
 		if ("userId" in options) {
-			const response = _stackframe_stack_shared_dist_utils_results.Result.orThrow(await this._userProductsCache.getOrWait([
+			const response = _hexclave_shared_dist_utils_results.Result.orThrow(await this._userProductsCache.getOrWait([
 				session,
 				options.userId,
 				options.cursor ?? null,
@@ -1795,7 +1811,7 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 			], "write-only"));
 			return this._customerProductsFromResponse(response);
 		} else if ("teamId" in options) {
-			const response = _stackframe_stack_shared_dist_utils_results.Result.orThrow(await this._teamProductsCache.getOrWait([
+			const response = _hexclave_shared_dist_utils_results.Result.orThrow(await this._teamProductsCache.getOrWait([
 				session,
 				options.teamId,
 				options.cursor ?? null,
@@ -1803,7 +1819,7 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 			], "write-only"));
 			return this._customerProductsFromResponse(response);
 		}
-		const response = _stackframe_stack_shared_dist_utils_results.Result.orThrow(await this._customProductsCache.getOrWait([
+		const response = _hexclave_shared_dist_utils_results.Result.orThrow(await this._customProductsCache.getOrWait([
 			session,
 			options.customCustomerId,
 			options.cursor ?? null,
@@ -1814,7 +1830,7 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 	async listInvoices(options) {
 		const session = await this._getSession();
 		if ("userId" in options) {
-			const response = _stackframe_stack_shared_dist_utils_results.Result.orThrow(await this._userInvoicesCache.getOrWait([
+			const response = _hexclave_shared_dist_utils_results.Result.orThrow(await this._userInvoicesCache.getOrWait([
 				session,
 				options.userId,
 				options.cursor ?? null,
@@ -1822,7 +1838,7 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 			], "write-only"));
 			return this._customerInvoicesFromResponse(response);
 		}
-		const response = _stackframe_stack_shared_dist_utils_results.Result.orThrow(await this._teamInvoicesCache.getOrWait([
+		const response = _hexclave_shared_dist_utils_results.Result.orThrow(await this._teamInvoicesCache.getOrWait([
 			session,
 			options.teamId,
 			options.cursor ?? null,
@@ -1833,7 +1849,7 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 	async cancelSubscription(options) {
 		const session = await this._getSession();
 		const user = await this.getUser();
-		if (!user) throw new _stackframe_stack_shared.KnownErrors.UserAuthenticationRequired();
+		if (!user) throw new _hexclave_shared.KnownErrors.UserAuthenticationRequired();
 		const customerType = "teamId" in options ? "team" : "user";
 		const customerId = "teamId" in options ? options.teamId : user.id;
 		await this._interface.cancelSubscription({
@@ -1902,7 +1918,7 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 		return __common_js.clientVersion;
 	}
 	_getBotChallengeSiteKeys() {
-		if (!(0, _stackframe_stack_shared_dist_utils_env.isBrowserLike)()) return null;
+		if (!(0, _hexclave_shared_dist_utils_env.isBrowserLike)()) return null;
 		const visibleSiteKey = _________env_js.envVars.NEXT_PUBLIC_STACK_BOT_CHALLENGE_SITE_KEY;
 		if (!visibleSiteKey) {
 			if (!this._botChallengeSiteKeysWarned) {
@@ -1917,23 +1933,23 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 		};
 	}
 	_getBotChallengeFlowFailure(error) {
-		if (error instanceof _stackframe_stack_shared_dist_utils_turnstile_flow.BotChallengeUserCancelledError) return {
+		if (error instanceof _hexclave_shared_dist_utils_turnstile_flow.BotChallengeUserCancelledError) return {
 			type: "cancelled",
-			knownError: new _stackframe_stack_shared.KnownErrors.BotChallengeFailed("Bot challenge cancelled by user")
+			knownError: new _hexclave_shared.KnownErrors.BotChallengeFailed("Bot challenge cancelled by user")
 		};
-		if (error instanceof _stackframe_stack_shared_dist_utils_turnstile_flow.BotChallengeExecutionFailedError) return {
+		if (error instanceof _hexclave_shared_dist_utils_turnstile_flow.BotChallengeExecutionFailedError) return {
 			type: "failed",
-			knownError: new _stackframe_stack_shared.KnownErrors.BotChallengeFailed(error.message)
+			knownError: new _hexclave_shared.KnownErrors.BotChallengeFailed(error.message)
 		};
 		return null;
 	}
 	_normalizeBotChallengeResult(result) {
 		if (result.status === "ok") return result;
-		if (_stackframe_stack_shared.KnownErrors.BotChallengeRequired.isInstance(result.error)) {
-			(0, _stackframe_stack_shared_dist_utils_errors.captureError)("bot-challenge-unexpected-after-flow", result.error);
-			return _stackframe_stack_shared_dist_utils_results.Result.error(new _stackframe_stack_shared.KnownErrors.BotChallengeFailed("Unexpected bot challenge after flow completion"));
+		if (_hexclave_shared.KnownErrors.BotChallengeRequired.isInstance(result.error)) {
+			(0, _hexclave_shared_dist_utils_errors.captureError)("bot-challenge-unexpected-after-flow", result.error);
+			return _hexclave_shared_dist_utils_results.Result.error(new _hexclave_shared.KnownErrors.BotChallengeFailed("Unexpected bot challenge after flow completion"));
 		}
-		return _stackframe_stack_shared_dist_utils_results.Result.error(result.error);
+		return _hexclave_shared_dist_utils_results.Result.error(result.error);
 	}
 	_toInterfaceBotChallengeInput(challenge) {
 		if (challenge.unavailable) return { phase: "visible" };
@@ -1946,25 +1962,25 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 		const siteKeys = this._getBotChallengeSiteKeys();
 		let result;
 		try {
-			if (siteKeys) result = await (0, _stackframe_stack_shared_dist_utils_turnstile_flow.withBotChallengeFlow)({
+			if (siteKeys) result = await (0, _hexclave_shared_dist_utils_turnstile_flow.withBotChallengeFlow)({
 				...siteKeys,
 				action: options.action,
 				execute: options.execute,
 				isChallengeRequired: (flowResult) => {
-					return flowResult.status === "error" && _stackframe_stack_shared.KnownErrors.BotChallengeRequired.isInstance(flowResult.error);
+					return flowResult.status === "error" && _hexclave_shared.KnownErrors.BotChallengeRequired.isInstance(flowResult.error);
 				}
 			});
 			else result = await options.execute({});
 		} catch (e) {
 			const flowFailure = this._getBotChallengeFlowFailure(e);
-			if (flowFailure) return _stackframe_stack_shared_dist_utils_results.Result.error(flowFailure.knownError);
+			if (flowFailure) return _hexclave_shared_dist_utils_results.Result.error(flowFailure.knownError);
 			throw e;
 		}
 		return this._normalizeBotChallengeResult(result);
 	}
 	async _isTrusted(url) {
-		if ((0, _stackframe_stack_shared_dist_utils_urls.isRelative)(url)) return true;
-		const parsedUrl = (0, _stackframe_stack_shared_dist_utils_urls.createUrlIfValid)(url);
+		if ((0, _hexclave_shared_dist_utils_urls.isRelative)(url)) return true;
+		const parsedUrl = (0, _hexclave_shared_dist_utils_urls.createUrlIfValid)(url);
 		if (parsedUrl == null) return false;
 		if (typeof window !== "undefined" && window.location.origin === parsedUrl.origin) return true;
 		if ((0, ______url_targets_js.isHostedHandlerUrlForProject)({
@@ -1972,7 +1988,7 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 			projectId: this.projectId
 		})) return true;
 		const trustedRedirectConfig = await this._getTrustedRedirectConfig();
-		return (0, _stackframe_stack_shared_dist_utils_redirect_urls.validateRedirectUrl)(parsedUrl, {
+		return (0, _hexclave_shared_dist_utils_redirect_urls.validateRedirectUrl)(parsedUrl, {
 			allowLocalhost: trustedRedirectConfig.allowLocalhost,
 			trustedDomains: trustedRedirectConfig.trustedDomains
 		});
@@ -1982,11 +1998,11 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 	}
 	_prefetchCrossDomainHandoffParamsIfNeeded() {
 		const canWriteOauthVerifierCookie = this._tokenStoreInit === "cookie" || this._tokenStoreInit === "nextjs-cookie";
-		if (!(0, _stackframe_stack_shared_dist_utils_env.isBrowserLike)() || !canWriteOauthVerifierCookie || this._isPrefetchingCrossDomainHandoffParams || this._getFreshPrefetchedCrossDomainHandoffParams() != null) return;
+		if (!(0, _hexclave_shared_dist_utils_env.isBrowserLike)() || !canWriteOauthVerifierCookie || this._isPrefetchingCrossDomainHandoffParams || this._getFreshPrefetchedCrossDomainHandoffParams() != null) return;
 		this._isPrefetchingCrossDomainHandoffParams = true;
-		(0, _stackframe_stack_shared_dist_utils_promises.runAsynchronously)(async () => {
+		(0, _hexclave_shared_dist_utils_promises.runAsynchronously)(async () => {
 			try {
-				if (!(0, _stackframe_stack_shared_dist_utils_env.isBrowserLike)()) return;
+				if (!(0, _hexclave_shared_dist_utils_env.isBrowserLike)()) return;
 				const { state, codeChallenge } = await (0, _________cookie_js.saveVerifierAndState)();
 				this._prefetchedCrossDomainHandoffParams = {
 					state,
@@ -2048,10 +2064,10 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 		}, session);
 		if (!response.ok) {
 			const responseBody = await response.text();
-			throw new _stackframe_stack_shared_dist_utils_errors.HexclaveAssertionError(`Cross-domain authorization endpoint failed: ${response.status} ${responseBody}`);
+			throw new _hexclave_shared_dist_utils_errors.HexclaveAssertionError(`Cross-domain authorization endpoint failed: ${response.status} ${responseBody}`);
 		}
 		const result = await response.json();
-		if (!("redirect_url" in result) || typeof result.redirect_url !== "string") throw new _stackframe_stack_shared_dist_utils_errors.HexclaveAssertionError("Cross-domain authorization endpoint returned an invalid payload", { result });
+		if (!("redirect_url" in result) || typeof result.redirect_url !== "string") throw new _hexclave_shared_dist_utils_errors.HexclaveAssertionError("Cross-domain authorization endpoint returned an invalid payload", { result });
 		return result.redirect_url;
 	}
 	_getFreshPrefetchedCrossDomainHandoffParams() {
@@ -2069,14 +2085,14 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 	}
 	async _redirectTo(options) {
 		if (this._redirectMethod === "none") return;
-		else if (this._redirectMethod === "tanstack-start" && !(0, _stackframe_stack_shared_dist_utils_env.isBrowserLike)()) throw _tanstack_react_router.redirect({
+		else if (this._redirectMethod === "tanstack-start" && !(0, _hexclave_shared_dist_utils_env.isBrowserLike)()) throw _tanstack_react_router.redirect({
 			href: options.url.toString(),
 			replace: options.replace
 		});
 		else if (typeof this._redirectMethod === "object" && this._redirectMethod.navigate) this._redirectMethod.navigate(options.url.toString());
 		else if (options.replace) window.location.replace(options.url);
 		else window.location.assign(options.url);
-		await (0, _stackframe_stack_shared_dist_utils_promises.wait)(2e3);
+		await (0, _hexclave_shared_dist_utils_promises.wait)(2e3);
 	}
 	useNavigate() {
 		if (typeof this._redirectMethod === "object") return this._redirectMethod.useNavigate();
@@ -2127,7 +2143,7 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 		await this._redirectIfTrusted(redirectUrl, options);
 	}
 	_redirectToHandlerDuringRender(handlerName, options) {
-		if (this._redirectMethod === "tanstack-start" && !(0, _stackframe_stack_shared_dist_utils_env.isBrowserLike)()) {
+		if (this._redirectMethod === "tanstack-start" && !(0, _hexclave_shared_dist_utils_env.isBrowserLike)()) {
 			const rawHandlerUrl = (0, __common_js.getUrls)(this._urlOptions, { projectId: this.projectId })[handlerName];
 			if (!rawHandlerUrl) throw new Error(`No URL for handler name ${handlerName}`);
 			throw _tanstack_react_router.redirect({
@@ -2222,8 +2238,8 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 			code,
 			session: await this._getSession()
 		});
-		if (result.status === "ok") return _stackframe_stack_shared_dist_utils_results.Result.ok(void 0);
-		else return _stackframe_stack_shared_dist_utils_results.Result.error(result.error);
+		if (result.status === "ok") return _hexclave_shared_dist_utils_results.Result.ok(void 0);
+		else return _hexclave_shared_dist_utils_results.Result.error(result.error);
 	}
 	async getTeamInvitationDetails(code) {
 		const result = await this._interface.acceptTeamInvitation({
@@ -2231,8 +2247,8 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 			code,
 			session: await this._getSession()
 		});
-		if (result.status === "ok") return _stackframe_stack_shared_dist_utils_results.Result.ok({ teamDisplayName: result.data.team_display_name });
-		else return _stackframe_stack_shared_dist_utils_results.Result.error(result.error);
+		if (result.status === "ok") return _hexclave_shared_dist_utils_results.Result.ok({ teamDisplayName: result.data.team_display_name });
+		else return _hexclave_shared_dist_utils_results.Result.error(result.error);
 	}
 	async verifyEmail(code) {
 		const result = await this._interface.verifyEmail(code);
@@ -2244,7 +2260,7 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 		if (options?.or === "anonymous" && options.includeRestricted === false) throw new Error("Cannot use { or: 'anonymous' } with { includeRestricted: false }. Anonymous users implicitly include restricted users.");
 		this._ensurePersistentTokenStore(options?.tokenStore);
 		const session = await this._getSession(options?.tokenStore);
-		let crud = _stackframe_stack_shared_dist_utils_results.Result.orThrow(await this._currentUserCache.getOrWait([session], "write-only"));
+		let crud = _hexclave_shared_dist_utils_results.Result.orThrow(await this._currentUserCache.getOrWait([session], "write-only"));
 		const includeAnonymous = options?.or === "anonymous" || options?.or === "anonymous-if-exists[deprecated]";
 		const includeRestricted = options?.includeRestricted === true || includeAnonymous;
 		if (crud === null || crud.is_anonymous && !includeAnonymous || crud.is_restricted && !includeRestricted) switch (options?.or) {
@@ -2259,7 +2275,7 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 					tokenStore: tokens,
 					or: "anonymous-if-exists[deprecated]",
 					includeRestricted: true
-				}) ?? (0, _stackframe_stack_shared_dist_utils_errors.throwErr)("Something went wrong while signing up anonymously");
+				}) ?? (0, _hexclave_shared_dist_utils_errors.throwErr)("Something went wrong while signing up anonymously");
 			}
 			case void 0:
 			case "anonymous-if-exists[deprecated]":
@@ -2277,18 +2293,18 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 		if (crud === null || crud.is_anonymous && !includeAnonymous || crud.is_restricted && !includeRestricted) switch (options?.or) {
 			case "redirect":
 				if (!crud?.is_anonymous && crud?.is_restricted) {
-					if (!this._redirectToHandlerDuringRender("onboarding", { replace: true })) (0, _stackframe_stack_shared_dist_utils_promises.runAsynchronously)(this.redirectToOnboarding({ replace: true }));
-				} else if (!this._redirectToHandlerDuringRender("signIn", { replace: true })) (0, _stackframe_stack_shared_dist_utils_promises.runAsynchronously)(this.redirectToSignIn({ replace: true }));
-				(0, _stackframe_stack_shared_dist_utils_react.suspend)();
-				throw new _stackframe_stack_shared_dist_utils_errors.HexclaveAssertionError("suspend should never return");
+					if (!this._redirectToHandlerDuringRender("onboarding", { replace: true })) (0, _hexclave_shared_dist_utils_promises.runAsynchronously)(this.redirectToOnboarding({ replace: true }));
+				} else if (!this._redirectToHandlerDuringRender("signIn", { replace: true })) (0, _hexclave_shared_dist_utils_promises.runAsynchronously)(this.redirectToSignIn({ replace: true }));
+				(0, _hexclave_shared_dist_utils_react.suspend)();
+				throw new _hexclave_shared_dist_utils_errors.HexclaveAssertionError("suspend should never return");
 			case "throw": throw new Error("User is not signed in but useUser was called with { or: 'throw' }");
 			case "anonymous":
-				(0, _stackframe_stack_shared_dist_utils_promises.runAsynchronously)(async () => {
+				(0, _hexclave_shared_dist_utils_promises.runAsynchronously)(async () => {
 					await this._signUpAnonymously();
 					if (typeof window !== "undefined") window.location.reload();
 				});
-				(0, _stackframe_stack_shared_dist_utils_react.suspend)();
-				throw new _stackframe_stack_shared_dist_utils_errors.HexclaveAssertionError("suspend should never return");
+				(0, _hexclave_shared_dist_utils_react.suspend)();
+				throw new _hexclave_shared_dist_utils_errors.HexclaveAssertionError("suspend should never return");
 			case void 0:
 			case "anonymous-if-exists[deprecated]":
 			case "return-null":
@@ -2394,12 +2410,12 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 		};
 		let authorizeResult;
 		try {
-			if (siteKeys) authorizeResult = await (0, _stackframe_stack_shared_dist_utils_turnstile_flow.withBotChallengeFlow)({
+			if (siteKeys) authorizeResult = await (0, _hexclave_shared_dist_utils_turnstile_flow.withBotChallengeFlow)({
 				...siteKeys,
 				action: "oauth_authenticate",
 				execute: executeOAuth,
 				isChallengeRequired: (result) => {
-					return result.status === "error" && _stackframe_stack_shared.KnownErrors.BotChallengeRequired.isInstance(result.error);
+					return result.status === "error" && _hexclave_shared.KnownErrors.BotChallengeRequired.isInstance(result.error);
 				}
 			});
 			else authorizeResult = await executeOAuth({});
@@ -2409,17 +2425,17 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 			if (flowFailure?.type === "failed") throw flowFailure.knownError;
 			throw e;
 		}
-		const location = _stackframe_stack_shared_dist_utils_results.Result.orThrow(authorizeResult);
+		const location = _hexclave_shared_dist_utils_results.Result.orThrow(authorizeResult);
 		await this._redirectTo({ url: location });
-		await (0, _stackframe_stack_shared_dist_utils_promises.neverResolve)();
+		await (0, _hexclave_shared_dist_utils_promises.neverResolve)();
 	}
 	/**
 	* Handles MFA verification by redirecting to the OTP page
 	*/
 	async _experimentalMfa(error, session) {
-		if (typeof window !== "undefined") window.sessionStorage.setItem("hexclave_mfa_attempt_code", error.details?.attempt_code ?? (0, _stackframe_stack_shared_dist_utils_errors.throwErr)("attempt code missing"));
+		if (typeof window !== "undefined") window.sessionStorage.setItem("hexclave_mfa_attempt_code", error.details?.attempt_code ?? (0, _hexclave_shared_dist_utils_errors.throwErr)("attempt code missing"));
 		await this.redirectToMfa();
-		throw new _stackframe_stack_shared_dist_utils_errors.HexclaveAssertionError("we should have redirected in redirectToMfa()");
+		throw new _hexclave_shared_dist_utils_errors.HexclaveAssertionError("we should have redirected in redirectToMfa()");
 	}
 	/**
 	* @deprecated
@@ -2429,7 +2445,7 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 		try {
 			return await callback();
 		} catch (e) {
-			if (_stackframe_stack_shared.KnownErrors.MultiFactorAuthenticationRequired.isInstance(e)) return _stackframe_stack_shared_dist_utils_results.Result.ok(await this._experimentalMfa(e, await this._getSession(void 0, { awaitPendingAuthResolutions: false })));
+			if (_hexclave_shared.KnownErrors.MultiFactorAuthenticationRequired.isInstance(e)) return _hexclave_shared_dist_utils_results.Result.ok(await this._experimentalMfa(e, await this._getSession(void 0, { awaitPendingAuthResolutions: false })));
 			throw e;
 		}
 	}
@@ -2442,25 +2458,25 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 				return await this._interface.signInWithCredential(options.email, options.password, session);
 			});
 		} catch (e) {
-			if (_stackframe_stack_shared.KnownErrors.InvalidTotpCode.isInstance(e)) return _stackframe_stack_shared_dist_utils_results.Result.error(e);
+			if (_hexclave_shared.KnownErrors.InvalidTotpCode.isInstance(e)) return _hexclave_shared_dist_utils_results.Result.error(e);
 			throw e;
 		}
 		if (result.status === "ok") {
 			await this._signInToAccountWithTokens(result.data);
 			if (!options.noRedirect) await this._redirectToHandler("afterSignIn", { replace: true }, { overrideTokenStoreInit: this._getTokenStoreInitForFreshTokens(result.data) });
-			return _stackframe_stack_shared_dist_utils_results.Result.ok(void 0);
-		} else return _stackframe_stack_shared_dist_utils_results.Result.error(result.error);
+			return _hexclave_shared_dist_utils_results.Result.ok(void 0);
+		} else return _hexclave_shared_dist_utils_results.Result.error(result.error);
 	}
 	async signUpWithCredential(options) {
-		if (options.noVerificationCallback && options.verificationCallbackUrl) throw new _stackframe_stack_shared_dist_utils_errors.HexclaveAssertionError("verificationCallbackUrl is not allowed when noVerificationCallback is true");
+		if (options.noVerificationCallback && options.verificationCallbackUrl) throw new _hexclave_shared_dist_utils_errors.HexclaveAssertionError("verificationCallbackUrl is not allowed when noVerificationCallback is true");
 		this._ensurePersistentTokenStore();
 		const session = await this._getSession();
 		const emailVerificationRedirectUrl = options.noVerificationCallback ? void 0 : options.verificationCallbackUrl ?? (0, ____________utils_url_js.constructRedirectUrl)(this.urls.emailVerification, "verificationCallbackUrl");
 		const executeSignUp = async (challenge) => {
 			let result = await this._interface.signUpWithCredential(options.email, options.password, emailVerificationRedirectUrl, session, this._toInterfaceBotChallengeInput(challenge));
-			if (result.status === "error" && result.error instanceof _stackframe_stack_shared.KnownErrors.RedirectUrlNotWhitelisted && emailVerificationRedirectUrl !== void 0) {
+			if (result.status === "error" && result.error instanceof _hexclave_shared.KnownErrors.RedirectUrlNotWhitelisted && emailVerificationRedirectUrl !== void 0) {
 				if (!options.verificationCallbackUrl) {
-					(0, _stackframe_stack_shared_dist_utils_errors.captureError)("signup-verification-url-not-whitelisted", new _stackframe_stack_shared_dist_utils_errors.HexclaveAssertionError("The auto-constructed verification callback URL is not whitelisted; proceeding without email verification", { emailVerificationRedirectUrl }));
+					(0, _hexclave_shared_dist_utils_errors.captureError)("signup-verification-url-not-whitelisted", new _hexclave_shared_dist_utils_errors.HexclaveAssertionError("The auto-constructed verification callback URL is not whitelisted; proceeding without email verification", { emailVerificationRedirectUrl }));
 					result = await this._interface.signUpWithCredential(options.email, options.password, void 0, session, this._toInterfaceBotChallengeInput(challenge));
 				}
 			}
@@ -2474,8 +2490,8 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 		if (result.status === "ok") {
 			await this._signInToAccountWithTokens(result.data);
 			if (!options.noRedirect) await this._redirectToHandler("afterSignUp", { replace: true }, { overrideTokenStoreInit: this._getTokenStoreInitForFreshTokens(result.data) });
-			return _stackframe_stack_shared_dist_utils_results.Result.ok(void 0);
-		} else return _stackframe_stack_shared_dist_utils_results.Result.error(result.error);
+			return _hexclave_shared_dist_utils_results.Result.ok(void 0);
+		} else return _hexclave_shared_dist_utils_results.Result.error(result.error);
 	}
 	async _signUpAnonymously() {
 		this._ensurePersistentTokenStore();
@@ -2484,7 +2500,7 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 			const session = await this._getSession();
 			const result = await this._interface.signUpAnonymously(session);
 			if (result.status === "ok") await this._signInToAccountWithTokens(result.data);
-			else throw new _stackframe_stack_shared_dist_utils_errors.HexclaveAssertionError("signUpAnonymously() should never return an error");
+			else throw new _hexclave_shared_dist_utils_errors.HexclaveAssertionError("signUpAnonymously() should never return an error");
 			this._anonymousSignUpInProgress = null;
 			return result.data;
 		})();
@@ -2499,7 +2515,7 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 				return await this._interface.signInWithMagicLink(code, session);
 			});
 		} catch (e) {
-			if (_stackframe_stack_shared.KnownErrors.InvalidTotpCode.isInstance(e)) return _stackframe_stack_shared_dist_utils_results.Result.error(e);
+			if (_hexclave_shared.KnownErrors.InvalidTotpCode.isInstance(e)) return _hexclave_shared_dist_utils_results.Result.error(e);
 			throw e;
 		}
 		if (result.status === "ok") {
@@ -2512,8 +2528,8 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 				awaitPendingAuthResolutions: false,
 				overrideTokenStoreInit: this._getTokenStoreInitForFreshTokens(result.data)
 			});
-			return _stackframe_stack_shared_dist_utils_results.Result.ok(void 0);
-		} else return _stackframe_stack_shared_dist_utils_results.Result.error(result.error);
+			return _hexclave_shared_dist_utils_results.Result.ok(void 0);
+		} else return _hexclave_shared_dist_utils_results.Result.error(result.error);
 	}
 	/**
 	* Initiates a CLI authentication process that allows a command line application
@@ -2544,7 +2560,7 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 				...options.anonRefreshToken != null ? { anon_refresh_token: options.anonRefreshToken } : {}
 			})
 		}, null);
-		if (!response.ok) return _stackframe_stack_shared_dist_utils_results.Result.error(new _stackframe_stack_shared.KnownErrors.CliAuthError(`Failed to initiate CLI auth: ${response.status} ${await response.text()}`));
+		if (!response.ok) return _hexclave_shared_dist_utils_results.Result.error(new _hexclave_shared.KnownErrors.CliAuthError(`Failed to initiate CLI auth: ${response.status} ${await response.text()}`));
 		const initResult = await response.json();
 		const pollingCode = initResult.polling_code;
 		const loginCode = initResult.login_code;
@@ -2566,18 +2582,18 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 				headers: { "Content-Type": "application/json" },
 				body: JSON.stringify({ polling_code: pollingCode })
 			}, null);
-			if (!pollResponse.ok) return _stackframe_stack_shared_dist_utils_results.Result.error(new _stackframe_stack_shared.KnownErrors.CliAuthError(`Failed to initiate CLI auth: ${pollResponse.status} ${await pollResponse.text()}`));
+			if (!pollResponse.ok) return _hexclave_shared_dist_utils_results.Result.error(new _hexclave_shared.KnownErrors.CliAuthError(`Failed to initiate CLI auth: ${pollResponse.status} ${await pollResponse.text()}`));
 			const pollResult = await pollResponse.json();
-			if (pollResponse.status === 201 && pollResult.status === "success") return _stackframe_stack_shared_dist_utils_results.Result.ok(pollResult.refresh_token);
+			if (pollResponse.status === 201 && pollResult.status === "success") return _hexclave_shared_dist_utils_results.Result.ok(pollResult.refresh_token);
 			if (pollResult.status === "waiting") {
-				await (0, _stackframe_stack_shared_dist_utils_promises.wait)(options.waitTimeMillis ?? 2e3);
+				await (0, _hexclave_shared_dist_utils_promises.wait)(options.waitTimeMillis ?? 2e3);
 				continue;
 			}
-			if (pollResult.status === "expired") return _stackframe_stack_shared_dist_utils_results.Result.error(new _stackframe_stack_shared.KnownErrors.CliAuthExpiredError("CLI authentication request expired. Please try again."));
-			if (pollResult.status === "used") return _stackframe_stack_shared_dist_utils_results.Result.error(new _stackframe_stack_shared.KnownErrors.CliAuthUsedError("This authentication token has already been used."));
-			return _stackframe_stack_shared_dist_utils_results.Result.error(new _stackframe_stack_shared.KnownErrors.CliAuthError(`Unexpected status from CLI auth polling: ${pollResult.status}`));
+			if (pollResult.status === "expired") return _hexclave_shared_dist_utils_results.Result.error(new _hexclave_shared.KnownErrors.CliAuthExpiredError("CLI authentication request expired. Please try again."));
+			if (pollResult.status === "used") return _hexclave_shared_dist_utils_results.Result.error(new _hexclave_shared.KnownErrors.CliAuthUsedError("This authentication token has already been used."));
+			return _hexclave_shared_dist_utils_results.Result.error(new _hexclave_shared.KnownErrors.CliAuthError(`Unexpected status from CLI auth polling: ${pollResult.status}`));
 		}
-		return _stackframe_stack_shared_dist_utils_results.Result.error(new _stackframe_stack_shared.KnownErrors.CliAuthError("Timed out waiting for CLI authentication."));
+		return _hexclave_shared_dist_utils_results.Result.error(new _hexclave_shared.KnownErrors.CliAuthError("Timed out waiting for CLI authentication."));
 	}
 	async signInWithMfa(totp, code, options) {
 		this._ensurePersistentTokenStore();
@@ -2588,16 +2604,16 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 				return await this._interface.signInWithMfa(totp, code, session);
 			});
 		} catch (e) {
-			if (e instanceof _stackframe_stack_shared.KnownErrors.InvalidTotpCode) return _stackframe_stack_shared_dist_utils_results.Result.error(e);
+			if (e instanceof _hexclave_shared.KnownErrors.InvalidTotpCode) return _hexclave_shared_dist_utils_results.Result.error(e);
 			throw e;
 		}
 		if (result.status === "ok") {
 			await this._signInToAccountWithTokens(result.data);
 			if (!options?.noRedirect) if (result.data.newUser) await this._redirectToHandler("afterSignUp", { replace: true }, { overrideTokenStoreInit: this._getTokenStoreInitForFreshTokens(result.data) });
 			else await this._redirectToHandler("afterSignIn", { replace: true }, { overrideTokenStoreInit: this._getTokenStoreInitForFreshTokens(result.data) });
-			return _stackframe_stack_shared_dist_utils_results.Result.ok(void 0);
+			return _hexclave_shared_dist_utils_results.Result.ok(void 0);
 		}
-		return _stackframe_stack_shared_dist_utils_results.Result.error(result.error);
+		return _hexclave_shared_dist_utils_results.Result.error(result.error);
 	}
 	async signInWithPasskey() {
 		this._ensurePersistentTokenStore();
@@ -2606,9 +2622,9 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 		try {
 			result = await this._catchMfaRequiredError(async () => {
 				const initiationResult = await this._interface.initiatePasskeyAuthentication({}, session);
-				if (initiationResult.status !== "ok") return _stackframe_stack_shared_dist_utils_results.Result.error(new _stackframe_stack_shared.KnownErrors.PasskeyAuthenticationFailed("Failed to get initiation options for passkey authentication"));
+				if (initiationResult.status !== "ok") return _hexclave_shared_dist_utils_results.Result.error(new _hexclave_shared.KnownErrors.PasskeyAuthenticationFailed("Failed to get initiation options for passkey authentication"));
 				const { options_json, code } = initiationResult.data;
-				if (options_json.rpId !== "THIS_VALUE_WILL_BE_REPLACED.example.com") throw new _stackframe_stack_shared_dist_utils_errors.HexclaveAssertionError(`Expected returned RP ID from server to equal sentinel, but found ${options_json.rpId}`);
+				if (options_json.rpId !== "THIS_VALUE_WILL_BE_REPLACED.example.com") throw new _hexclave_shared_dist_utils_errors.HexclaveAssertionError(`Expected returned RP ID from server to equal sentinel, but found ${options_json.rpId}`);
 				options_json.rpId = window.location.hostname;
 				const authentication_response = await (0, _simplewebauthn_browser.startAuthentication)({ optionsJSON: options_json });
 				return await this._interface.signInWithPasskey({
@@ -2617,14 +2633,14 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 				}, session);
 			});
 		} catch (error) {
-			if (error instanceof _simplewebauthn_browser.WebAuthnError) return _stackframe_stack_shared_dist_utils_results.Result.error(new _stackframe_stack_shared.KnownErrors.PasskeyWebAuthnError(error.message, error.name));
-			else return _stackframe_stack_shared_dist_utils_results.Result.error(new _stackframe_stack_shared.KnownErrors.PasskeyAuthenticationFailed("Failed to sign in with passkey"));
+			if (error instanceof _simplewebauthn_browser.WebAuthnError) return _hexclave_shared_dist_utils_results.Result.error(new _hexclave_shared.KnownErrors.PasskeyWebAuthnError(error.message, error.name));
+			else return _hexclave_shared_dist_utils_results.Result.error(new _hexclave_shared.KnownErrors.PasskeyAuthenticationFailed("Failed to sign in with passkey"));
 		}
 		if (result.status === "ok") {
 			await this._signInToAccountWithTokens(result.data);
 			await this._redirectToHandler("afterSignIn", { replace: true }, { overrideTokenStoreInit: this._getTokenStoreInitForFreshTokens(result.data) });
-			return _stackframe_stack_shared_dist_utils_results.Result.ok(void 0);
-		} else return _stackframe_stack_shared_dist_utils_results.Result.error(result.error);
+			return _hexclave_shared_dist_utils_results.Result.ok(void 0);
+		} else return _hexclave_shared_dist_utils_results.Result.error(result.error);
 	}
 	async callOAuthCallback(options) {
 		if (typeof window === "undefined") throw new Error("callOAuthCallback can currently only be called in a browser environment");
@@ -2642,7 +2658,7 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 				return await (0, _________auth_js.callOAuthCallback)(this._interface, oauthCallbackRedirectUri, options);
 			});
 		} catch (e) {
-			if (_stackframe_stack_shared.KnownErrors.InvalidTotpCode.isInstance(e)) {
+			if (_hexclave_shared.KnownErrors.InvalidTotpCode.isInstance(e)) {
 				alert("Invalid TOTP code. Please try signing in again.");
 				return false;
 			} else throw e;
@@ -2675,7 +2691,7 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 	async _signOut(session, options) {
 		this._eventTracker?.clearBuffer();
 		this._sessionRecorder?.clearBuffer();
-		await _stackframe_stack_shared_dist_utils_stores.storeLock.withWriteLock(async () => {
+		await _hexclave_shared_dist_utils_stores.storeLock.withWriteLock(async () => {
 			await this._interface.signOut(session);
 			if (options?.redirectUrl) await this._redirectTo({
 				url: options.redirectUrl,
@@ -2737,7 +2753,7 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 		};
 	}
 	async getProject() {
-		const crud = _stackframe_stack_shared_dist_utils_results.Result.orThrow(await this._currentProjectCache.getOrWait([], "write-only"));
+		const crud = _hexclave_shared_dist_utils_results.Result.orThrow(await this._currentProjectCache.getOrWait([], "write-only"));
 		return this._clientProjectFromCrud(crud);
 	}
 	useProject() {
@@ -2746,7 +2762,7 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 	}
 	async _listOwnedProjects(session) {
 		this._ensureInternalProject();
-		return _stackframe_stack_shared_dist_utils_results.Result.orThrow(await this._ownedProjectsCache.getOrWait([session], "write-only")).map((j) => this._getOwnedAdminApp(j.id, session)._adminOwnedProjectFromCrud(j, () => this._refreshOwnedProjects(session)));
+		return _hexclave_shared_dist_utils_results.Result.orThrow(await this._ownedProjectsCache.getOrWait([session], "write-only")).map((j) => this._getOwnedAdminApp(j.id, session)._adminOwnedProjectFromCrud(j, () => this._refreshOwnedProjects(session)));
 	}
 	_useOwnedProjects(session) {
 		this._ensureInternalProject();
@@ -2776,17 +2792,17 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 	}
 	static get [______common_js.stackAppInternalsSymbol]() {
 		return { fromClientJson: (json) => {
-			const providedCheckString = JSON.stringify((0, _stackframe_stack_shared_dist_utils_objects.omit)(json, []));
+			const providedCheckString = JSON.stringify((0, _hexclave_shared_dist_utils_objects.omit)(json, []));
 			const existing = allClientApps.get(json.uniqueIdentifier);
 			if (existing) {
 				const [existingCheckString, clientApp] = existing;
-				if (existingCheckString !== void 0 && existingCheckString !== providedCheckString) throw new _stackframe_stack_shared_dist_utils_errors.HexclaveAssertionError("The provided app JSON does not match the configuration of the existing client app with the same unique identifier", {
+				if (existingCheckString !== void 0 && existingCheckString !== providedCheckString) throw new _hexclave_shared_dist_utils_errors.HexclaveAssertionError("The provided app JSON does not match the configuration of the existing client app with the same unique identifier", {
 					providedObj: json,
 					existingString: existingCheckString
 				});
 				return clientApp;
 			}
-			const { analytics, ...restJson } = (0, _stackframe_stack_shared_dist_utils_objects.omit)(json, ["uniqueIdentifier"]);
+			const { analytics, ...restJson } = (0, _hexclave_shared_dist_utils_objects.omit)(json, ["uniqueIdentifier"]);
 			return new _StackClientAppImplIncomplete({
 				...restJson,
 				analytics: (0, __session_replay_js.analyticsOptionsFromJson)(analytics)
@@ -2799,7 +2815,7 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 	get [______common_js.stackAppInternalsSymbol]() {
 		return {
 			toClientJson: () => {
-				if (typeof this._redirectMethod !== "string") throw new _stackframe_stack_shared_dist_utils_errors.HexclaveAssertionError("Cannot serialize to JSON from an application with a non-string redirect method");
+				if (typeof this._redirectMethod !== "string") throw new _hexclave_shared_dist_utils_errors.HexclaveAssertionError("Cannot serialize to JSON from an application with a non-string redirect method");
 				const publishableClientKey = "publishableClientKey" in this._interface.options ? this._interface.options.publishableClientKey : void 0;
 				return {
 					baseUrl: this._options.baseUrl,
@@ -2816,8 +2832,8 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 				};
 			},
 			setCurrentUser: (userJsonPromise) => {
-				(0, _stackframe_stack_shared_dist_utils_promises.runAsynchronously)(async () => {
-					await this._currentUserCache.forceSetCachedValueAsync([await this._getSession()], _stackframe_stack_shared_dist_utils_results.Result.fromPromise(userJsonPromise));
+				(0, _hexclave_shared_dist_utils_promises.runAsynchronously)(async () => {
+					await this._currentUserCache.forceSetCachedValueAsync([await this._getSession()], _hexclave_shared_dist_utils_results.Result.fromPromise(userJsonPromise));
 				});
 			},
 			getConstructorOptions: () => this._options,
@@ -2833,7 +2849,7 @@ var _StackClientAppImplIncomplete = class _StackClientAppImplIncomplete {
 			sendRequest: async (path, requestOptions, requestType = "client") => {
 				return await this._interface.sendClientRequest(path, requestOptions, await this._getSession(), requestType);
 			},
-			getRedirectMethod: () => this._redirectMethod ?? (0, _stackframe_stack_shared_dist_utils_errors.throwErr)("Redirect method should have been initialized in the Stack client app constructor"),
+			getRedirectMethod: () => this._redirectMethod ?? (0, _hexclave_shared_dist_utils_errors.throwErr)("Redirect method should have been initialized in the Stack client app constructor"),
 			redirectToUrl: async (url, options) => {
 				await this._redirectTo({
 					url,