@hexclave/tanstack-start 1.0.23 → 1.0.25

package/src/lib/hexclave-app/apps/implementations/client-app-impl.ts

@@ -2,8 +2,7 @@
 //===========================================
 // THIS FILE IS AUTO-GENERATED FROM TEMPLATE. DO NOT EDIT IT DIRECTLY UNLESS YOU ALSO EDIT THE CORRESPONDING FILE IN packages/template
 //===========================================
-import { WebAuthnError, startAuthentication, startRegistration } from "@simplewebauthn/browser";
-import { KnownError, KnownErrors, HexclaveClientInterface } from "@hexclave/shared";
+import { HexclaveClientInterface, KnownError, KnownErrors } from "@hexclave/shared";
 import type { RequestListener } from "@hexclave/shared/dist/interface/client-interface";
 import { ContactChannelsCrud } from "@hexclave/shared/dist/interface/crud/contact-channels";
 import { CurrentUserCrud } from "@hexclave/shared/dist/interface/crud/current-user";
@@ -42,14 +41,15 @@ import { BotChallengeExecutionFailedError, BotChallengeUserCancelledError, withB
 import { createUrlIfValid, getRelativePart, isRelative } from "@hexclave/shared/dist/utils/urls";
 import { generateUuid } from "@hexclave/shared/dist/utils/uuids";
 import * as tanstackStartServerContext from "@hexclave/tanstack-start/tanstack-start-server-context"; // THIS_LINE_PLATFORM tanstack-start
+import { WebAuthnError, startAuthentication, startRegistration } from "@simplewebauthn/browser";
 import * as TanStackRouter from "@tanstack/react-router"; // THIS_LINE_PLATFORM tanstack-start
 import * as cookie from "cookie";
 import React, { useCallback, useMemo } from "react"; // THIS_LINE_PLATFORM react-like
 import type * as yup from "yup";
+import { envVars } from "../../../../generated/env";
 import { constructRedirectUrl } from "../../../../utils/url";
 import { callOAuthCallback, getNewOAuthProviderOrScopeUrl } from "../../../auth";
 import { CookieHelper, createBrowserCookieHelper, createCookieHelper, createPlaceholderCookieHelper, deleteCookie, deleteCookieClient, getCookieClient, isSecure as isSecureCookieContext, saveVerifierAndState, setOrDeleteCookie, setOrDeleteCookieClient } from "../../../cookie";
-import { envVars } from "../../../../generated/env";
 import { ApiKey, ApiKeyCreationOptions, ApiKeyUpdateOptions, apiKeyCreationOptionsToCrud } from "../../api-keys";
 import { ConvexCtx, GetCurrentPartialUserOptions, GetCurrentUserOptions, HandlerUrlOptions, HandlerUrls, OAuthScopesOnSignIn, RedirectMethod, RedirectToOptions, RequestLike, ResolvedHandlerUrls, TokenStoreInit, hexclaveAppInternalsSymbol } from "../../common";
 import { DeprecatedOAuthConnection, OAuthConnection } from "../../connected-accounts";
@@ -73,6 +73,7 @@ import { AnalyticsOptions, SessionRecorder, analyticsOptionsFromJson, analyticsO
 import { useAsyncCache } from "./common";
 import { mountClickmapOverlay } from "../../../../clickmap";
 import { mountDevTool } from "../../../../dev-tool";
+import { mountPushedConfigErrorOverlay } from "../../../../pushed-config-error-overlay";
 
 let isReactServer = false;
 
@@ -742,6 +743,7 @@ export class _HexclaveClientAppImplIncomplete<HasTokenStore extends boolean, Pro
       // when a dashboard-minted token is handed over, so the listener is
       // mounted unconditionally (the heavy UI is lazy-loaded on demand).
       mountClickmapOverlay(this as any);
+      mountPushedConfigErrorOverlay(this as any);
     }
   }
 
@@ -1636,6 +1638,12 @@ export class _HexclaveClientAppImplIncomplete<HasTokenStore extends boolean, Pro
     return {
       id: crud.id,
       displayName: crud.display_name,
+      pushedConfigError: crud.pushed_config_error == null ? null : {
+        message: crud.pushed_config_error.message,
+      },
+      configWarnings: crud.config_warnings.map((warning) => ({
+        message: warning.message,
+      })),
       config: {
         signUpEnabled: crud.config.sign_up_enabled,
         credentialEnabled: crud.config.credential_enabled,

package/src/lib/hexclave-app/apps/implementations/event-tracker.test.ts

@@ -391,6 +391,39 @@ describe("EventTracker", () => {
     }
   });
 
+  it("silently ignores network errors caused by ad blockers", async () => {
+    vi.useFakeTimers();
+    document.body.innerHTML = "<button>Click me</button>";
+
+    const warnSpy = vi.spyOn(console, "warn").mockImplementation(() => {});
+    const sentBodies: string[] = [];
+    const tracker = new EventTracker({
+      projectId: "internal",
+      sendBatch: async (body) => {
+        sentBodies.push(body);
+        return Result.error(new TypeError("Failed to fetch"));
+      },
+    });
+
+    try {
+      tracker.start();
+
+      await advancePastFlush();
+      expect(sentBodies).toHaveLength(1);
+      expect(warnSpy).not.toHaveBeenCalled();
+
+      // Unlike ANALYTICS_NOT_ENABLED, ad blocker errors do NOT disable the
+      // tracker — subsequent flushes continue attempting delivery.
+      document.querySelector("button")?.dispatchEvent(new MouseEvent("click", { bubbles: true }));
+      await advancePastFlush();
+      expect(sentBodies).toHaveLength(2);
+      expect(warnSpy).not.toHaveBeenCalled();
+    } finally {
+      tracker.stop();
+      warnSpy.mockRestore();
+    }
+  });
+
   it("silently disables when client interface returns ANALYTICS_NOT_ENABLED as an error", async () => {
     vi.useFakeTimers();
     document.body.innerHTML = "<button>Click me</button>";

package/src/lib/hexclave-app/apps/implementations/event-tracker.ts

@@ -8,7 +8,7 @@ import { cssEscapeIdent } from "@hexclave/shared/dist/utils/dom";
 import { buildElementsChain, ELEMENTS_CHAIN_MAX_DEPTH } from "@hexclave/shared/dist/utils/elements-chain";
 import { runAsynchronously } from "@hexclave/shared/dist/utils/promises";
 import { Result } from "@hexclave/shared/dist/utils/results";
-import { generateUuid, isAnalyticsNotEnabledError } from "./session-replay";
+import { generateUuid, isAdBlockerNetworkError, isAnalyticsNotEnabledError } from "./session-replay";
 
 const FLUSH_INTERVAL_MS = 10_000;
 const MAX_EVENTS_PER_BATCH = 50;
@@ -511,6 +511,11 @@ export class EventTracker {
         this._disable();
         return;
       }
+      // Ad blockers commonly block analytics endpoints, causing network
+      // errors. These are expected and should not pollute the console.
+      if (isAdBlockerNetworkError(res.error)) {
+        return;
+      }
       console.warn("EventTracker flush failed:", res.error);
       return;
     }

package/src/lib/hexclave-app/apps/implementations/session-replay.test.ts

@@ -49,6 +49,58 @@ describe("analytics option JSON conversion", () => {
 });
 
 describe("SessionRecorder flush", () => {
+  it("silently ignores network errors caused by ad blockers", async () => {
+    vi.useFakeTimers();
+
+    const storageKey = `hexclave:session-replay:v1:test-project`;
+    localStorage.setItem(storageKey, JSON.stringify({
+      session_id: "test-session",
+      created_at_ms: Date.now(),
+      last_activity_ms: Date.now(),
+    }));
+
+    const sentBodies: string[] = [];
+    const recorder = new SessionRecorder(
+      {
+        projectId: "test-project",
+        sendBatch: async (body) => {
+          sentBodies.push(body);
+          return Result.error(new TypeError("Failed to fetch"));
+        },
+      },
+      {},
+    );
+
+    const warnSpy = vi.spyOn(console, "warn").mockImplementation(() => {});
+
+    try {
+      // eslint-disable-next-line @typescript-eslint/no-unsafe-member-access
+      (recorder as any)._events = [{ type: 2, timestamp: Date.now(), data: {} }];
+
+      // eslint-disable-next-line @typescript-eslint/no-unsafe-member-access, @typescript-eslint/no-unsafe-call
+      (recorder as any)._tick();
+      await vi.advanceTimersByTimeAsync(0);
+
+      expect(sentBodies).toHaveLength(1);
+      expect(warnSpy).not.toHaveBeenCalled();
+
+      // Unlike ANALYTICS_NOT_ENABLED, ad blocker errors do NOT disable the
+      // recorder — subsequent flushes continue attempting delivery.
+      // eslint-disable-next-line @typescript-eslint/no-unsafe-member-access
+      (recorder as any)._events = [{ type: 3, timestamp: Date.now(), data: {} }];
+      // eslint-disable-next-line @typescript-eslint/no-unsafe-member-access, @typescript-eslint/no-unsafe-call
+      (recorder as any)._tick();
+      await vi.advanceTimersByTimeAsync(0);
+      expect(sentBodies).toHaveLength(2);
+      expect(warnSpy).not.toHaveBeenCalled();
+    } finally {
+      recorder.stop();
+      warnSpy.mockRestore();
+      localStorage.removeItem(storageKey);
+      vi.useRealTimers();
+    }
+  });
+
   it("silently disables when client interface returns ANALYTICS_NOT_ENABLED as an error", async () => {
     vi.useFakeTimers();
 

package/src/lib/hexclave-app/apps/implementations/session-replay.ts

@@ -170,6 +170,21 @@ export function isAnalyticsNotEnabledError(error: unknown): boolean {
   return KnownErrors.AnalyticsNotEnabled.isInstance(error);
 }
 
+/**
+ * Whether the error looks like a network failure caused by an ad blocker or
+ * similar extension blocking analytics requests. These are expected in
+ * production and should be silently ignored rather than logged as warnings.
+ */
+export function isAdBlockerNetworkError(error: unknown): boolean {
+  if (error instanceof Error) {
+    return error.message.includes("Failed to fetch")
+      || error.message.includes("NetworkError")
+      || error.message.includes("Load failed")
+      || error.message.includes("network connection");
+  }
+  return false;
+}
+
 export class SessionRecorder {
   private _started = false;
   private _cancelled = false;
@@ -278,6 +293,11 @@ export class SessionRecorder {
           this._disable();
           return;
         }
+        // Ad blockers commonly block analytics endpoints, causing network
+        // errors. These are expected and should not pollute the console.
+        if (isAdBlockerNetworkError(res.error)) {
+          return;
+        }
         captureWarning("SessionRecorder.flush", res.error);
         return;
       }

package/src/lib/hexclave-app/projects/index.ts

@@ -30,6 +30,8 @@ export type PushConfigOptions = {
 export type Project = {
   readonly id: string,
   readonly displayName: string,
+  readonly pushedConfigError: { message: string } | null,
+  readonly configWarnings: { message: string }[],
   readonly config: ProjectConfig,
 };
 

package/src/lib/hexclave-app/url-targets.test.ts

@@ -85,7 +85,7 @@ describe("handler URL targets", () => {
   });
 
   it("uses hosted defaults for unspecified URLs", () => {
-    vi.stubEnv("NEXT_PUBLIC_STACK_HOSTED_HANDLER_DOMAIN_SUFFIX", ".example-stack-hosted.test");
+    vi.stubEnv("NEXT_PUBLIC_HEXCLAVE_HOSTED_HANDLER_DOMAIN_SUFFIX", ".example-stack-hosted.test");
 
     const urls = resolveHandlerUrls({
       projectId: "project-id",
@@ -101,7 +101,7 @@ describe("handler URL targets", () => {
   });
 
   it("keeps redirect-only post-auth targets local even when the default target is hosted", () => {
-    vi.stubEnv("NEXT_PUBLIC_STACK_HOSTED_HANDLER_DOMAIN_SUFFIX", ".example-stack-hosted.test");
+    vi.stubEnv("NEXT_PUBLIC_HEXCLAVE_HOSTED_HANDLER_DOMAIN_SUFFIX", ".example-stack-hosted.test");
 
     const urls = resolveHandlerUrls({
       projectId: "project-id",
@@ -145,7 +145,7 @@ describe("handler URL targets", () => {
   });
 
   it("inherits a hosted default target for the OAuth callback", () => {
-    vi.stubEnv("NEXT_PUBLIC_STACK_HOSTED_HANDLER_DOMAIN_SUFFIX", ".example-stack-hosted.test");
+    vi.stubEnv("NEXT_PUBLIC_HEXCLAVE_HOSTED_HANDLER_DOMAIN_SUFFIX", ".example-stack-hosted.test");
 
     const urls = resolveHandlerUrls({
       projectId: "project-id",
@@ -183,7 +183,7 @@ describe("handler URL targets", () => {
   });
 
   it("uses default target for unknown /handler/* pages", () => {
-    vi.stubEnv("NEXT_PUBLIC_STACK_HOSTED_HANDLER_DOMAIN_SUFFIX", ".example-stack-hosted.test");
+    vi.stubEnv("NEXT_PUBLIC_HEXCLAVE_HOSTED_HANDLER_DOMAIN_SUFFIX", ".example-stack-hosted.test");
 
     const url = resolveUnknownHandlerPathFallbackUrl({
       defaultTarget: { type: "hosted" },
@@ -195,7 +195,7 @@ describe("handler URL targets", () => {
   });
 
   it("uses the full hosted handler URL template when configured", () => {
-    vi.stubEnv("NEXT_PUBLIC_STACK_HOSTED_HANDLER_URL_TEMPLATE", "http://{projectId}.localhost:${NEXT_PUBLIC_HEXCLAVE_PORT_PREFIX:-81}09/{hostedPath}");
+    vi.stubEnv("NEXT_PUBLIC_HEXCLAVE_HOSTED_HANDLER_URL_TEMPLATE", "http://{projectId}.localhost:${NEXT_PUBLIC_HEXCLAVE_PORT_PREFIX:-81}09/{hostedPath}");
     vi.stubEnv("NEXT_PUBLIC_HEXCLAVE_PORT_PREFIX", "93");
 
     const urls = resolveHandlerUrls({
@@ -210,7 +210,7 @@ describe("handler URL targets", () => {
   });
 
   it("validates the hosted handler URL template placeholders", () => {
-    vi.stubEnv("NEXT_PUBLIC_STACK_HOSTED_HANDLER_URL_TEMPLATE", "http://localhost:9309/{projectId}/handler");
+    vi.stubEnv("NEXT_PUBLIC_HEXCLAVE_HOSTED_HANDLER_URL_TEMPLATE", "http://localhost:9309/{projectId}/handler");
 
     expect(() => resolveHandlerUrls({
       projectId: "project-id",
@@ -221,7 +221,7 @@ describe("handler URL targets", () => {
   });
 
   it("rejects hosted handler URL templates that put the project ID in the path", () => {
-    vi.stubEnv("NEXT_PUBLIC_STACK_HOSTED_HANDLER_URL_TEMPLATE", "http://localhost:9309/{projectId}/{hostedPath}");
+    vi.stubEnv("NEXT_PUBLIC_HEXCLAVE_HOSTED_HANDLER_URL_TEMPLATE", "http://localhost:9309/{projectId}/{hostedPath}");
 
     expect(() => resolveHandlerUrls({
       projectId: "project-id",