@hexclave/tanstack-start 1.0.24 → 1.0.25

package/src/dev-tool/dev-tool-core.ts

@@ -638,11 +638,6 @@ function createOverviewTab(app: StackClientApp<true>): TabResult {
 
   const actions = h('div', { className: 'sdt-ov-actions' });
   const toast = h('div', { className: 'sdt-ov-toast', style: { display: 'none' } });
-  const emailRow = h('div', { className: 'sdt-ov-email-input' });
-  const emailInput = h('input', { type: 'email', placeholder: 'Sign in as email\u2026' }) as HTMLInputElement;
-  const emailBtn = h('button', null);
-  setHtml(emailBtn, '<svg width="12" height="12" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2.5" stroke-linecap="round" stroke-linejoin="round"><line x1="5" y1="12" x2="19" y2="12"/><polyline points="12 5 19 12 12 19"/></svg>');
-  emailRow.append(emailInput, emailBtn);
 
   function isBestEffortOverviewError(error: unknown) {
     if (error instanceof DOMException && error.name === 'AbortError') {
@@ -704,15 +699,14 @@ function createOverviewTab(app: StackClientApp<true>): TabResult {
       });
       actions.append(signOutBtn, randomBtn);
     } else {
-      const quickBtn = h('button', { className: 'sdt-ov-btn sdt-ov-btn-primary sdt-ov-btn-wide' }, loading ? 'Working\u2026' : 'Quick Sign In');
+      const quickBtn = h('button', { className: 'sdt-ov-btn sdt-ov-btn-primary sdt-ov-btn-wide' }, loading ? 'Working\u2026' : 'Quick Sign Up');
       quickBtn.disabled = loading;
       quickBtn.addEventListener('click', () => {
         runAsynchronously(doQuickSignIn());
       });
       actions.appendChild(quickBtn);
     }
-    emailInput.placeholder = currentUser ? 'Switch to email\u2026' : 'Sign in as email\u2026';
-    actions.appendChild(emailRow);
+
   }
 
   async function doQuickSignIn() {
@@ -744,54 +738,6 @@ function createOverviewTab(app: StackClientApp<true>): TabResult {
     await refreshUser();
   }
 
-  async function doSignInAs(targetEmail: string) {
-    if (!targetEmail.trim()) return;
-    if (!isLocalhost(window.location.href)) {
-      showToast('Quick sign-in is only available on localhost', 'error');
-      return;
-    }
-    loading = true;
-    rebuildActions();
-    const trimmed = targetEmail.trim();
-    try {
-      const signInResult = await app.signInWithCredential({ email: trimmed, password: trimmed, noRedirect: true });
-      if (signInResult.status === 'ok') {
-        showToast(`Signed in as ${trimmed}`, 'success');
-        emailInput.value = '';
-        loading = false;
-        await refreshUser();
-        return;
-      }
-      const signUpResult = await app.signUpWithCredential({ email: trimmed, password: trimmed, noRedirect: true } as any);
-      if (signUpResult.status === 'error') {
-        showToast(`Failed: ${signUpResult.error.message}`, 'error');
-        loading = false;
-        rebuildActions();
-        return;
-      }
-      const retryResult = await app.signInWithCredential({ email: trimmed, password: trimmed, noRedirect: true });
-      if (retryResult.status === 'error') {
-        showToast(`Sign in failed: ${retryResult.error.message}`, 'error');
-      } else {
-        showToast(`Signed in as ${trimmed}`, 'success');
-        emailInput.value = '';
-      }
-    } catch (e: any) {
-      showToast(e.message || 'Unknown error', 'error');
-    }
-    loading = false;
-    await refreshUser();
-  }
-
-  emailBtn.addEventListener('click', () => {
-    runAsynchronously(doSignInAs(emailInput.value));
-  });
-  emailInput.addEventListener('keydown', (e) => {
-    if (e.key === 'Enter') {
-      runAsynchronously(doSignInAs(emailInput.value));
-    }
-  });
-
   heroCard.append(actions, toast);
 
   // ── Auth methods card ──────────────────────────────────────────────────────
@@ -855,7 +801,7 @@ function createOverviewTab(app: StackClientApp<true>): TabResult {
   function buildChecklist() {
     checksCard.innerHTML = '';
     const currentUserCheck = hasPersistentTokenStore
-      ? { ok: !!currentUser, label: 'Sign in a test user', hint: 'Use \u201cQuick Sign In\u201d above \u2192' }
+      ? { ok: !!currentUser, label: 'Sign in a test user', hint: 'Use \u201cQuick Sign Up\u201d above \u2192' }
       : { ok: true, label: 'Current-user tools unavailable', hint: null };
     const checks = [
       { ok: !!projectId && projectId !== 'default', label: 'Project configured', hint: null },
@@ -925,7 +871,7 @@ function createOverviewTab(app: StackClientApp<true>): TabResult {
         } else {
           avatar.textContent = initials;
         }
-        userName.textContent = currentUser.displayName || 'Anonymous';
+        userName.textContent = currentUser.displayName || '(No display name)';
         userEmail.textContent = currentUser.primaryEmail || 'No email';
         authIndicator.style.display = '';
       } else {

package/src/lib/hexclave-app/apps/implementations/admin-app-impl.ts

@@ -200,6 +200,12 @@ export class _HexclaveAdminAppImplIncomplete<HasTokenStore extends boolean, Proj
       logoFullUrl: data.logo_full_url,
       logoDarkModeUrl: data.logo_dark_mode_url,
       logoFullDarkModeUrl: data.logo_full_dark_mode_url,
+      pushedConfigError: data.pushed_config_error == null ? null : {
+        message: data.pushed_config_error.message,
+      },
+      configWarnings: data.config_warnings.map((warning) => ({
+        message: warning.message,
+      })),
       config: {
         signUpEnabled: data.config.sign_up_enabled,
         credentialEnabled: data.config.credential_enabled,

package/src/lib/hexclave-app/apps/implementations/client-app-impl.ts

@@ -2,8 +2,7 @@
 //===========================================
 // THIS FILE IS AUTO-GENERATED FROM TEMPLATE. DO NOT EDIT IT DIRECTLY UNLESS YOU ALSO EDIT THE CORRESPONDING FILE IN packages/template
 //===========================================
-import { WebAuthnError, startAuthentication, startRegistration } from "@simplewebauthn/browser";
-import { KnownError, KnownErrors, HexclaveClientInterface } from "@hexclave/shared";
+import { HexclaveClientInterface, KnownError, KnownErrors } from "@hexclave/shared";
 import type { RequestListener } from "@hexclave/shared/dist/interface/client-interface";
 import { ContactChannelsCrud } from "@hexclave/shared/dist/interface/crud/contact-channels";
 import { CurrentUserCrud } from "@hexclave/shared/dist/interface/crud/current-user";
@@ -42,14 +41,15 @@ import { BotChallengeExecutionFailedError, BotChallengeUserCancelledError, withB
 import { createUrlIfValid, getRelativePart, isRelative } from "@hexclave/shared/dist/utils/urls";
 import { generateUuid } from "@hexclave/shared/dist/utils/uuids";
 import * as tanstackStartServerContext from "@hexclave/tanstack-start/tanstack-start-server-context"; // THIS_LINE_PLATFORM tanstack-start
+import { WebAuthnError, startAuthentication, startRegistration } from "@simplewebauthn/browser";
 import * as TanStackRouter from "@tanstack/react-router"; // THIS_LINE_PLATFORM tanstack-start
 import * as cookie from "cookie";
 import React, { useCallback, useMemo } from "react"; // THIS_LINE_PLATFORM react-like
 import type * as yup from "yup";
+import { envVars } from "../../../../generated/env";
 import { constructRedirectUrl } from "../../../../utils/url";
 import { callOAuthCallback, getNewOAuthProviderOrScopeUrl } from "../../../auth";
 import { CookieHelper, createBrowserCookieHelper, createCookieHelper, createPlaceholderCookieHelper, deleteCookie, deleteCookieClient, getCookieClient, isSecure as isSecureCookieContext, saveVerifierAndState, setOrDeleteCookie, setOrDeleteCookieClient } from "../../../cookie";
-import { envVars } from "../../../../generated/env";
 import { ApiKey, ApiKeyCreationOptions, ApiKeyUpdateOptions, apiKeyCreationOptionsToCrud } from "../../api-keys";
 import { ConvexCtx, GetCurrentPartialUserOptions, GetCurrentUserOptions, HandlerUrlOptions, HandlerUrls, OAuthScopesOnSignIn, RedirectMethod, RedirectToOptions, RequestLike, ResolvedHandlerUrls, TokenStoreInit, hexclaveAppInternalsSymbol } from "../../common";
 import { DeprecatedOAuthConnection, OAuthConnection } from "../../connected-accounts";
@@ -73,6 +73,7 @@ import { AnalyticsOptions, SessionRecorder, analyticsOptionsFromJson, analyticsO
 import { useAsyncCache } from "./common";
 import { mountClickmapOverlay } from "../../../../clickmap";
 import { mountDevTool } from "../../../../dev-tool";
+import { mountPushedConfigErrorOverlay } from "../../../../pushed-config-error-overlay";
 
 let isReactServer = false;
 
@@ -742,6 +743,7 @@ export class _HexclaveClientAppImplIncomplete<HasTokenStore extends boolean, Pro
       // when a dashboard-minted token is handed over, so the listener is
       // mounted unconditionally (the heavy UI is lazy-loaded on demand).
       mountClickmapOverlay(this as any);
+      mountPushedConfigErrorOverlay(this as any);
     }
   }
 
@@ -1636,6 +1638,12 @@ export class _HexclaveClientAppImplIncomplete<HasTokenStore extends boolean, Pro
     return {
       id: crud.id,
       displayName: crud.display_name,
+      pushedConfigError: crud.pushed_config_error == null ? null : {
+        message: crud.pushed_config_error.message,
+      },
+      configWarnings: crud.config_warnings.map((warning) => ({
+        message: warning.message,
+      })),
       config: {
         signUpEnabled: crud.config.sign_up_enabled,
         credentialEnabled: crud.config.credential_enabled,

package/src/lib/hexclave-app/apps/implementations/event-tracker.test.ts

@@ -391,6 +391,39 @@ describe("EventTracker", () => {
     }
   });
 
+  it("silently ignores network errors caused by ad blockers", async () => {
+    vi.useFakeTimers();
+    document.body.innerHTML = "<button>Click me</button>";
+
+    const warnSpy = vi.spyOn(console, "warn").mockImplementation(() => {});
+    const sentBodies: string[] = [];
+    const tracker = new EventTracker({
+      projectId: "internal",
+      sendBatch: async (body) => {
+        sentBodies.push(body);
+        return Result.error(new TypeError("Failed to fetch"));
+      },
+    });
+
+    try {
+      tracker.start();
+
+      await advancePastFlush();
+      expect(sentBodies).toHaveLength(1);
+      expect(warnSpy).not.toHaveBeenCalled();
+
+      // Unlike ANALYTICS_NOT_ENABLED, ad blocker errors do NOT disable the
+      // tracker — subsequent flushes continue attempting delivery.
+      document.querySelector("button")?.dispatchEvent(new MouseEvent("click", { bubbles: true }));
+      await advancePastFlush();
+      expect(sentBodies).toHaveLength(2);
+      expect(warnSpy).not.toHaveBeenCalled();
+    } finally {
+      tracker.stop();
+      warnSpy.mockRestore();
+    }
+  });
+
   it("silently disables when client interface returns ANALYTICS_NOT_ENABLED as an error", async () => {
     vi.useFakeTimers();
     document.body.innerHTML = "<button>Click me</button>";

package/src/lib/hexclave-app/apps/implementations/event-tracker.ts

@@ -8,7 +8,7 @@ import { cssEscapeIdent } from "@hexclave/shared/dist/utils/dom";
 import { buildElementsChain, ELEMENTS_CHAIN_MAX_DEPTH } from "@hexclave/shared/dist/utils/elements-chain";
 import { runAsynchronously } from "@hexclave/shared/dist/utils/promises";
 import { Result } from "@hexclave/shared/dist/utils/results";
-import { generateUuid, isAnalyticsNotEnabledError } from "./session-replay";
+import { generateUuid, isAdBlockerNetworkError, isAnalyticsNotEnabledError } from "./session-replay";
 
 const FLUSH_INTERVAL_MS = 10_000;
 const MAX_EVENTS_PER_BATCH = 50;
@@ -511,6 +511,11 @@ export class EventTracker {
         this._disable();
         return;
       }
+      // Ad blockers commonly block analytics endpoints, causing network
+      // errors. These are expected and should not pollute the console.
+      if (isAdBlockerNetworkError(res.error)) {
+        return;
+      }
       console.warn("EventTracker flush failed:", res.error);
       return;
     }

package/src/lib/hexclave-app/apps/implementations/session-replay.test.ts

@@ -49,6 +49,58 @@ describe("analytics option JSON conversion", () => {
 });
 
 describe("SessionRecorder flush", () => {
+  it("silently ignores network errors caused by ad blockers", async () => {
+    vi.useFakeTimers();
+
+    const storageKey = `hexclave:session-replay:v1:test-project`;
+    localStorage.setItem(storageKey, JSON.stringify({
+      session_id: "test-session",
+      created_at_ms: Date.now(),
+      last_activity_ms: Date.now(),
+    }));
+
+    const sentBodies: string[] = [];
+    const recorder = new SessionRecorder(
+      {
+        projectId: "test-project",
+        sendBatch: async (body) => {
+          sentBodies.push(body);
+          return Result.error(new TypeError("Failed to fetch"));
+        },
+      },
+      {},
+    );
+
+    const warnSpy = vi.spyOn(console, "warn").mockImplementation(() => {});
+
+    try {
+      // eslint-disable-next-line @typescript-eslint/no-unsafe-member-access
+      (recorder as any)._events = [{ type: 2, timestamp: Date.now(), data: {} }];
+
+      // eslint-disable-next-line @typescript-eslint/no-unsafe-member-access, @typescript-eslint/no-unsafe-call
+      (recorder as any)._tick();
+      await vi.advanceTimersByTimeAsync(0);
+
+      expect(sentBodies).toHaveLength(1);
+      expect(warnSpy).not.toHaveBeenCalled();
+
+      // Unlike ANALYTICS_NOT_ENABLED, ad blocker errors do NOT disable the
+      // recorder — subsequent flushes continue attempting delivery.
+      // eslint-disable-next-line @typescript-eslint/no-unsafe-member-access
+      (recorder as any)._events = [{ type: 3, timestamp: Date.now(), data: {} }];
+      // eslint-disable-next-line @typescript-eslint/no-unsafe-member-access, @typescript-eslint/no-unsafe-call
+      (recorder as any)._tick();
+      await vi.advanceTimersByTimeAsync(0);
+      expect(sentBodies).toHaveLength(2);
+      expect(warnSpy).not.toHaveBeenCalled();
+    } finally {
+      recorder.stop();
+      warnSpy.mockRestore();
+      localStorage.removeItem(storageKey);
+      vi.useRealTimers();
+    }
+  });
+
   it("silently disables when client interface returns ANALYTICS_NOT_ENABLED as an error", async () => {
     vi.useFakeTimers();
 

package/src/lib/hexclave-app/apps/implementations/session-replay.ts

@@ -170,6 +170,21 @@ export function isAnalyticsNotEnabledError(error: unknown): boolean {
   return KnownErrors.AnalyticsNotEnabled.isInstance(error);
 }
 
+/**
+ * Whether the error looks like a network failure caused by an ad blocker or
+ * similar extension blocking analytics requests. These are expected in
+ * production and should be silently ignored rather than logged as warnings.
+ */
+export function isAdBlockerNetworkError(error: unknown): boolean {
+  if (error instanceof Error) {
+    return error.message.includes("Failed to fetch")
+      || error.message.includes("NetworkError")
+      || error.message.includes("Load failed")
+      || error.message.includes("network connection");
+  }
+  return false;
+}
+
 export class SessionRecorder {
   private _started = false;
   private _cancelled = false;
@@ -278,6 +293,11 @@ export class SessionRecorder {
           this._disable();
           return;
         }
+        // Ad blockers commonly block analytics endpoints, causing network
+        // errors. These are expected and should not pollute the console.
+        if (isAdBlockerNetworkError(res.error)) {
+          return;
+        }
         captureWarning("SessionRecorder.flush", res.error);
         return;
       }

package/src/lib/hexclave-app/projects/index.ts

@@ -30,6 +30,8 @@ export type PushConfigOptions = {
 export type Project = {
   readonly id: string,
   readonly displayName: string,
+  readonly pushedConfigError: { message: string } | null,
+  readonly configWarnings: { message: string }[],
   readonly config: ProjectConfig,
 };