@stackframe/stack-shared 2.6.21 → 2.6.24

package/dist/interface/crud/team-permissions.js

@@ -3,11 +3,11 @@ import * as schemaFields from "../../schema-fields";
 import { yupMixed, yupObject } from "../../schema-fields";
 // =============== Team permissions =================
 export const teamPermissionsCrudClientReadSchema = yupObject({
-    id: schemaFields.teamPermissionDefinitionIdSchema.required(),
-    user_id: schemaFields.userIdSchema.required(),
-    team_id: schemaFields.teamIdSchema.required(),
-}).required();
-export const teamPermissionsCrudServerCreateSchema = yupObject({}).required();
+    id: schemaFields.teamPermissionDefinitionIdSchema.defined(),
+    user_id: schemaFields.userIdSchema.defined(),
+    team_id: schemaFields.teamIdSchema.defined(),
+}).defined();
+export const teamPermissionsCrudServerCreateSchema = yupObject({}).defined();
 export const teamPermissionsCrudServerDeleteSchema = yupMixed();
 export const teamPermissionsCrud = createCrud({
     clientReadSchema: teamPermissionsCrudClientReadSchema,
@@ -38,20 +38,20 @@ export const teamPermissionsCrud = createCrud({
 });
 // =============== Team permission definitions =================
 export const teamPermissionDefinitionsCrudAdminReadSchema = yupObject({
-    id: schemaFields.teamPermissionDefinitionIdSchema.required(),
+    id: schemaFields.teamPermissionDefinitionIdSchema.defined(),
     description: schemaFields.teamPermissionDescriptionSchema.optional(),
-    contained_permission_ids: schemaFields.containedPermissionIdsSchema.required()
-}).required();
+    contained_permission_ids: schemaFields.containedPermissionIdsSchema.defined()
+}).defined();
 export const teamPermissionDefinitionsCrudAdminCreateSchema = yupObject({
-    id: schemaFields.customTeamPermissionDefinitionIdSchema.required(),
+    id: schemaFields.customTeamPermissionDefinitionIdSchema.defined(),
     description: schemaFields.teamPermissionDescriptionSchema.optional(),
     contained_permission_ids: schemaFields.containedPermissionIdsSchema.optional()
-}).required();
+}).defined();
 export const teamPermissionDefinitionsCrudAdminUpdateSchema = yupObject({
     id: schemaFields.customTeamPermissionDefinitionIdSchema.optional(),
     description: schemaFields.teamPermissionDescriptionSchema.optional(),
     contained_permission_ids: schemaFields.containedPermissionIdsSchema.optional()
-}).required();
+}).defined();
 export const teamPermissionDefinitionsCrudAdminDeleteSchema = yupMixed();
 export const teamPermissionDefinitionsCrud = createCrud({
     adminReadSchema: teamPermissionDefinitionsCrudAdminReadSchema,

package/dist/interface/crud/teams.js

@@ -3,35 +3,35 @@ import * as fieldSchema from "../../schema-fields";
 import { yupObject } from "../../schema-fields";
 // Read
 export const teamsCrudClientReadSchema = yupObject({
-    id: fieldSchema.teamIdSchema.required(),
-    display_name: fieldSchema.teamDisplayNameSchema.required(),
+    id: fieldSchema.teamIdSchema.defined(),
+    display_name: fieldSchema.teamDisplayNameSchema.defined(),
     profile_image_url: fieldSchema.teamProfileImageUrlSchema.nullable().defined(),
     client_metadata: fieldSchema.teamClientMetadataSchema.optional(),
     client_read_only_metadata: fieldSchema.teamClientReadOnlyMetadataSchema.optional(),
-}).required();
+}).defined();
 export const teamsCrudServerReadSchema = teamsCrudClientReadSchema.concat(yupObject({
-    created_at_millis: fieldSchema.teamCreatedAtMillisSchema.required(),
+    created_at_millis: fieldSchema.teamCreatedAtMillisSchema.defined(),
     server_metadata: fieldSchema.teamServerMetadataSchema.optional(),
-}).required());
+}).defined());
 // Update
 export const teamsCrudClientUpdateSchema = yupObject({
     display_name: fieldSchema.teamDisplayNameSchema.optional(),
     profile_image_url: fieldSchema.teamProfileImageUrlSchema.nullable().optional(),
     client_metadata: fieldSchema.teamClientMetadataSchema.optional(),
-}).required();
+}).defined();
 export const teamsCrudServerUpdateSchema = teamsCrudClientUpdateSchema.concat(yupObject({
     client_read_only_metadata: fieldSchema.teamClientReadOnlyMetadataSchema.optional(),
     server_metadata: fieldSchema.teamServerMetadataSchema.optional(),
-}).required());
+}).defined());
 // Create
 export const teamsCrudClientCreateSchema = teamsCrudClientUpdateSchema.concat(yupObject({
-    display_name: fieldSchema.teamDisplayNameSchema.required(),
+    display_name: fieldSchema.teamDisplayNameSchema.defined(),
     creator_user_id: fieldSchema.teamCreatorUserIdSchema.optional(),
-}).required());
+}).defined());
 export const teamsCrudServerCreateSchema = teamsCrudServerUpdateSchema.concat(yupObject({
-    display_name: fieldSchema.teamDisplayNameSchema.required(),
+    display_name: fieldSchema.teamDisplayNameSchema.defined(),
     creator_user_id: fieldSchema.teamCreatorUserIdSchema.optional(),
-}).required());
+}).defined());
 // Delete
 export const teamsCrudClientDeleteSchema = fieldSchema.yupMixed();
 export const teamsCrudServerDeleteSchema = teamsCrudClientDeleteSchema;
@@ -118,8 +118,8 @@ export const teamUpdatedWebhookEvent = {
     },
 };
 const webhookTeamDeletedSchema = fieldSchema.yupObject({
-    id: fieldSchema.userIdSchema.required(),
-}).required();
+    id: fieldSchema.userIdSchema.defined(),
+}).defined();
 export const teamDeletedWebhookEvent = {
     type: "team.deleted",
     schema: webhookTeamDeletedSchema,

package/dist/interface/crud/users.d.ts

@@ -31,8 +31,8 @@ export declare const usersCrudServerUpdateSchema: import("yup").ObjectSchema<{
 export declare const usersCrudServerReadSchema: import("yup").ObjectSchema<{
     id: string;
     primary_email: string | null;
-    primary_email_verified: NonNullable<boolean | undefined>;
-    primary_email_auth_enabled: NonNullable<boolean | undefined>;
+    primary_email_verified: boolean;
+    primary_email_auth_enabled: boolean;
     display_name: string | null;
     selected_team: {
         client_metadata?: {} | null | undefined;
@@ -46,9 +46,9 @@ export declare const usersCrudServerReadSchema: import("yup").ObjectSchema<{
     selected_team_id: string | null;
     profile_image_url: string | null;
     signed_up_at_millis: number;
-    has_password: NonNullable<boolean | undefined>;
-    otp_auth_enabled: NonNullable<boolean | undefined>;
-    passkey_auth_enabled: NonNullable<boolean | undefined>;
+    has_password: boolean;
+    otp_auth_enabled: boolean;
+    passkey_auth_enabled: boolean;
     client_metadata: {} | null;
     client_read_only_metadata: {} | null;
     server_metadata: {} | null;
@@ -58,8 +58,8 @@ export declare const usersCrudServerReadSchema: import("yup").ObjectSchema<{
         id: string;
         account_id: string;
     }[];
-    auth_with_email: NonNullable<boolean | undefined>;
-    requires_totp_mfa: NonNullable<boolean | undefined>;
+    auth_with_email: boolean;
+    requires_totp_mfa: boolean;
 }, import("yup").AnyObject, {
     id: undefined;
     primary_email: undefined;
@@ -129,8 +129,8 @@ export declare const usersCrud: import("../../crud").CrudSchemaFromOptions<{
     serverReadSchema: import("yup").ObjectSchema<{
         id: string;
         primary_email: string | null;
-        primary_email_verified: NonNullable<boolean | undefined>;
-        primary_email_auth_enabled: NonNullable<boolean | undefined>;
+        primary_email_verified: boolean;
+        primary_email_auth_enabled: boolean;
         display_name: string | null;
         selected_team: {
             client_metadata?: {} | null | undefined;
@@ -144,9 +144,9 @@ export declare const usersCrud: import("../../crud").CrudSchemaFromOptions<{
         selected_team_id: string | null;
         profile_image_url: string | null;
         signed_up_at_millis: number;
-        has_password: NonNullable<boolean | undefined>;
-        otp_auth_enabled: NonNullable<boolean | undefined>;
-        passkey_auth_enabled: NonNullable<boolean | undefined>;
+        has_password: boolean;
+        otp_auth_enabled: boolean;
+        passkey_auth_enabled: boolean;
         client_metadata: {} | null;
         client_read_only_metadata: {} | null;
         server_metadata: {} | null;
@@ -156,8 +156,8 @@ export declare const usersCrud: import("../../crud").CrudSchemaFromOptions<{
             id: string;
             account_id: string;
         }[];
-        auth_with_email: NonNullable<boolean | undefined>;
-        requires_totp_mfa: NonNullable<boolean | undefined>;
+        auth_with_email: boolean;
+        requires_totp_mfa: boolean;
     }, import("yup").AnyObject, {
         id: undefined;
         primary_email: undefined;
@@ -286,8 +286,8 @@ export declare const userCreatedWebhookEvent: {
     schema: import("yup").ObjectSchema<{
         id: string;
         primary_email: string | null;
-        primary_email_verified: NonNullable<boolean | undefined>;
-        primary_email_auth_enabled: NonNullable<boolean | undefined>;
+        primary_email_verified: boolean;
+        primary_email_auth_enabled: boolean;
         display_name: string | null;
         selected_team: {
             client_metadata?: {} | null | undefined;
@@ -301,9 +301,9 @@ export declare const userCreatedWebhookEvent: {
         selected_team_id: string | null;
         profile_image_url: string | null;
         signed_up_at_millis: number;
-        has_password: NonNullable<boolean | undefined>;
-        otp_auth_enabled: NonNullable<boolean | undefined>;
-        passkey_auth_enabled: NonNullable<boolean | undefined>;
+        has_password: boolean;
+        otp_auth_enabled: boolean;
+        passkey_auth_enabled: boolean;
         client_metadata: {} | null;
         client_read_only_metadata: {} | null;
         server_metadata: {} | null;
@@ -313,8 +313,8 @@ export declare const userCreatedWebhookEvent: {
             id: string;
             account_id: string;
         }[];
-        auth_with_email: NonNullable<boolean | undefined>;
-        requires_totp_mfa: NonNullable<boolean | undefined>;
+        auth_with_email: boolean;
+        requires_totp_mfa: boolean;
     }, import("yup").AnyObject, {
         id: undefined;
         primary_email: undefined;
@@ -355,8 +355,8 @@ export declare const userUpdatedWebhookEvent: {
     schema: import("yup").ObjectSchema<{
         id: string;
         primary_email: string | null;
-        primary_email_verified: NonNullable<boolean | undefined>;
-        primary_email_auth_enabled: NonNullable<boolean | undefined>;
+        primary_email_verified: boolean;
+        primary_email_auth_enabled: boolean;
         display_name: string | null;
         selected_team: {
             client_metadata?: {} | null | undefined;
@@ -370,9 +370,9 @@ export declare const userUpdatedWebhookEvent: {
         selected_team_id: string | null;
         profile_image_url: string | null;
         signed_up_at_millis: number;
-        has_password: NonNullable<boolean | undefined>;
-        otp_auth_enabled: NonNullable<boolean | undefined>;
-        passkey_auth_enabled: NonNullable<boolean | undefined>;
+        has_password: boolean;
+        otp_auth_enabled: boolean;
+        passkey_auth_enabled: boolean;
         client_metadata: {} | null;
         client_read_only_metadata: {} | null;
         server_metadata: {} | null;
@@ -382,8 +382,8 @@ export declare const userUpdatedWebhookEvent: {
             id: string;
             account_id: string;
         }[];
-        auth_with_email: NonNullable<boolean | undefined>;
-        requires_totp_mfa: NonNullable<boolean | undefined>;
+        auth_with_email: boolean;
+        requires_totp_mfa: boolean;
     }, import("yup").AnyObject, {
         id: undefined;
         primary_email: undefined;

package/dist/interface/crud/users.js

@@ -15,45 +15,45 @@ export const usersCrudServerUpdateSchema = fieldSchema.yupObject({
     otp_auth_enabled: fieldSchema.userOtpAuthEnabledMutationSchema.optional(),
     totp_secret_base64: fieldSchema.userTotpSecretMutationSchema.optional(),
     selected_team_id: fieldSchema.selectedTeamIdSchema.nullable().optional(),
-}).required();
+}).defined();
 export const usersCrudServerReadSchema = fieldSchema.yupObject({
-    id: fieldSchema.userIdSchema.required(),
+    id: fieldSchema.userIdSchema.defined(),
     primary_email: fieldSchema.primaryEmailSchema.nullable().defined(),
-    primary_email_verified: fieldSchema.primaryEmailVerifiedSchema.required(),
-    primary_email_auth_enabled: fieldSchema.primaryEmailAuthEnabledSchema.required(),
+    primary_email_verified: fieldSchema.primaryEmailVerifiedSchema.defined(),
+    primary_email_auth_enabled: fieldSchema.primaryEmailAuthEnabledSchema.defined(),
     display_name: fieldSchema.userDisplayNameSchema.nullable().defined(),
     selected_team: teamsCrudServerReadSchema.nullable().defined(),
     selected_team_id: fieldSchema.selectedTeamIdSchema.nullable().defined(),
     profile_image_url: fieldSchema.profileImageUrlSchema.nullable().defined(),
-    signed_up_at_millis: fieldSchema.signedUpAtMillisSchema.required(),
-    has_password: fieldSchema.userHasPasswordSchema.required(),
-    otp_auth_enabled: fieldSchema.userOtpAuthEnabledSchema.required(),
-    passkey_auth_enabled: fieldSchema.userOtpAuthEnabledSchema.required(),
+    signed_up_at_millis: fieldSchema.signedUpAtMillisSchema.defined(),
+    has_password: fieldSchema.userHasPasswordSchema.defined(),
+    otp_auth_enabled: fieldSchema.userOtpAuthEnabledSchema.defined(),
+    passkey_auth_enabled: fieldSchema.userOtpAuthEnabledSchema.defined(),
     client_metadata: fieldSchema.userClientMetadataSchema,
     client_read_only_metadata: fieldSchema.userClientReadOnlyMetadataSchema,
     server_metadata: fieldSchema.userServerMetadataSchema,
-    last_active_at_millis: fieldSchema.userLastActiveAtMillisSchema.required(),
+    last_active_at_millis: fieldSchema.userLastActiveAtMillisSchema.nonNullable().defined(),
     oauth_providers: fieldSchema.yupArray(fieldSchema.yupObject({
-        id: fieldSchema.yupString().required(),
-        account_id: fieldSchema.yupString().required(),
+        id: fieldSchema.yupString().defined(),
+        account_id: fieldSchema.yupString().defined(),
         email: fieldSchema.yupString().nullable(),
-    }).required()).required().meta({ openapiField: { hidden: true } }),
+    }).defined()).defined().meta({ openapiField: { hidden: true } }),
     /**
      * @deprecated
      */
-    auth_with_email: fieldSchema.yupBoolean().required().meta({ openapiField: { hidden: true, description: 'Whether the user can authenticate with their primary e-mail. If set to true, the user can log-in with credentials and/or magic link, if enabled in the project settings.', exampleValue: true } }),
+    auth_with_email: fieldSchema.yupBoolean().defined().meta({ openapiField: { hidden: true, description: 'Whether the user can authenticate with their primary e-mail. If set to true, the user can log-in with credentials and/or magic link, if enabled in the project settings.', exampleValue: true } }),
     /**
      * @deprecated
      */
-    requires_totp_mfa: fieldSchema.yupBoolean().required().meta({ openapiField: { hidden: true, description: 'Whether the user is required to use TOTP MFA to sign in', exampleValue: false } }),
-}).required();
+    requires_totp_mfa: fieldSchema.yupBoolean().defined().meta({ openapiField: { hidden: true, description: 'Whether the user is required to use TOTP MFA to sign in', exampleValue: false } }),
+}).defined();
 export const usersCrudServerCreateSchema = usersCrudServerUpdateSchema.omit(['selected_team_id']).concat(fieldSchema.yupObject({
     oauth_providers: fieldSchema.yupArray(fieldSchema.yupObject({
-        id: fieldSchema.yupString().required(),
-        account_id: fieldSchema.yupString().required(),
+        id: fieldSchema.yupString().defined(),
+        account_id: fieldSchema.yupString().defined(),
         email: fieldSchema.yupString().nullable().defined().default(null),
-    }).required()).optional().meta({ openapiField: { hidden: true } }),
-}).required());
+    }).defined()).optional().meta({ openapiField: { hidden: true } }),
+}).defined());
 export const usersCrudServerDeleteSchema = fieldSchema.yupMixed();
 export const usersCrud = createCrud({
     serverReadSchema: usersCrudServerReadSchema,
@@ -107,11 +107,11 @@ export const userUpdatedWebhookEvent = {
     },
 };
 const webhookUserDeletedSchema = fieldSchema.yupObject({
-    id: fieldSchema.userIdSchema.required(),
+    id: fieldSchema.userIdSchema.defined(),
     teams: fieldSchema.yupArray(fieldSchema.yupObject({
-        id: fieldSchema.yupString().required(),
-    })).required(),
-}).required();
+        id: fieldSchema.yupString().defined(),
+    })).defined(),
+}).defined();
 export const userDeletedWebhookEvent = {
     type: "user.deleted",
     schema: webhookUserDeletedSchema,

package/dist/interface/webhooks.d.ts

@@ -13,8 +13,8 @@ export declare const webhookEvents: readonly [{
     schema: yup.ObjectSchema<{
         id: string;
         primary_email: string | null;
-        primary_email_verified: NonNullable<boolean | undefined>;
-        primary_email_auth_enabled: NonNullable<boolean | undefined>;
+        primary_email_verified: boolean;
+        primary_email_auth_enabled: boolean;
         display_name: string | null;
         selected_team: {
             client_metadata?: {} | null | undefined;
@@ -28,9 +28,9 @@ export declare const webhookEvents: readonly [{
         selected_team_id: string | null;
         profile_image_url: string | null;
         signed_up_at_millis: number;
-        has_password: NonNullable<boolean | undefined>;
-        otp_auth_enabled: NonNullable<boolean | undefined>;
-        passkey_auth_enabled: NonNullable<boolean | undefined>;
+        has_password: boolean;
+        otp_auth_enabled: boolean;
+        passkey_auth_enabled: boolean;
         client_metadata: {} | null;
         client_read_only_metadata: {} | null;
         server_metadata: {} | null;
@@ -40,8 +40,8 @@ export declare const webhookEvents: readonly [{
             id: string;
             account_id: string;
         }[];
-        auth_with_email: NonNullable<boolean | undefined>;
-        requires_totp_mfa: NonNullable<boolean | undefined>;
+        auth_with_email: boolean;
+        requires_totp_mfa: boolean;
     }, yup.AnyObject, {
         id: undefined;
         primary_email: undefined;
@@ -81,8 +81,8 @@ export declare const webhookEvents: readonly [{
     schema: yup.ObjectSchema<{
         id: string;
         primary_email: string | null;
-        primary_email_verified: NonNullable<boolean | undefined>;
-        primary_email_auth_enabled: NonNullable<boolean | undefined>;
+        primary_email_verified: boolean;
+        primary_email_auth_enabled: boolean;
         display_name: string | null;
         selected_team: {
             client_metadata?: {} | null | undefined;
@@ -96,9 +96,9 @@ export declare const webhookEvents: readonly [{
         selected_team_id: string | null;
         profile_image_url: string | null;
         signed_up_at_millis: number;
-        has_password: NonNullable<boolean | undefined>;
-        otp_auth_enabled: NonNullable<boolean | undefined>;
-        passkey_auth_enabled: NonNullable<boolean | undefined>;
+        has_password: boolean;
+        otp_auth_enabled: boolean;
+        passkey_auth_enabled: boolean;
         client_metadata: {} | null;
         client_read_only_metadata: {} | null;
         server_metadata: {} | null;
@@ -108,8 +108,8 @@ export declare const webhookEvents: readonly [{
             id: string;
             account_id: string;
         }[];
-        auth_with_email: NonNullable<boolean | undefined>;
-        requires_totp_mfa: NonNullable<boolean | undefined>;
+        auth_with_email: boolean;
+        requires_totp_mfa: boolean;
     }, yup.AnyObject, {
         id: undefined;
         primary_email: undefined;

package/dist/known-errors.js

@@ -338,7 +338,7 @@ const EmailPasswordMismatch = createKnownErrorConstructor(KnownError, "EMAIL_PAS
 ], () => []);
 const RedirectUrlNotWhitelisted = createKnownErrorConstructor(KnownError, "REDIRECT_URL_NOT_WHITELISTED", () => [
     400,
-    "Redirect URL not whitelisted.",
+    "Redirect URL not whitelisted. Did you forget to add this domain to the trusted domains list on the Stack Auth dashboard?",
 ], () => []);
 const PasswordRequirementsNotMet = createKnownErrorConstructor(KnownError, "PASSWORD_REQUIREMENTS_NOT_MET", "inherit", "inherit");
 const PasswordTooShort = createKnownErrorConstructor(PasswordRequirementsNotMet, "PASSWORD_TOO_SHORT", (minLength) => [

package/dist/schema-fields.d.ts

@@ -1,4 +1,9 @@
 import * as yup from "yup";
+declare module "yup" {
+    interface StringSchema<TType, TContext, TDefault, TFlags> {
+        nonEmpty(message?: string): StringSchema<TType, TContext, TDefault, TFlags>;
+    }
+}
 export declare function yupValidate<S extends yup.ISchema<any>>(schema: S, obj: unknown, options?: yup.ValidateOptions & {
     currentUserId?: string | null;
 }): Promise<yup.InferType<S>>;
@@ -15,6 +20,9 @@ export declare function yupMixed<A extends {}>(...args: Parameters<typeof yup.mi
 export declare function yupArray<A extends yup.Maybe<yup.AnyObject> = yup.AnyObject, B = any>(...args: Parameters<typeof yup.array<A, B>>): yup.ArraySchema<B[] | undefined, A, undefined, "">;
 export declare function yupTuple<T extends [unknown, ...unknown[]]>(...args: Parameters<typeof yup.tuple<T>>): yup.TupleSchema<T | undefined, yup.AnyObject, undefined, "">;
 export declare function yupObject<A extends yup.Maybe<yup.AnyObject>, B extends yup.ObjectShape>(...args: Parameters<typeof yup.object<A, B>>): yup.ObjectSchema<yup.TypeFromShape<B, yup.AnyObject> extends infer T ? T extends yup.TypeFromShape<B, yup.AnyObject> ? T extends {} ? { [k in keyof T]: T[k]; } : T : never : never, yup.AnyObject, yup.DefaultFromShape<B> extends infer T_1 ? T_1 extends yup.DefaultFromShape<B> ? T_1 extends {} ? { [k_1 in keyof T_1]: T_1[k_1]; } : T_1 : never : never, "">;
+/**
+ * Note that the .defined() on unions is implicit.
+ */
 export declare function yupUnion<T extends yup.ISchema<any>[]>(...args: T): yup.ISchema<yup.InferType<T[number]>>;
 export declare const adaptSchema: yup.MixedSchema<typeof StackAdaptSentinel | undefined, yup.AnyObject, undefined, "">;
 /**
@@ -76,7 +84,7 @@ export declare const userClientReadOnlyMetadataSchema: yup.MixedSchema<{} | null
 export declare const userServerMetadataSchema: yup.MixedSchema<{} | null, yup.AnyObject, undefined, "">;
 export declare const userOAuthProviderSchema: yup.ObjectSchema<{
     id: string;
-    type: NonNullable<"google" | "github" | "microsoft" | "spotify" | "facebook" | "discord" | "gitlab" | "bitbucket" | "linkedin" | "apple" | "x" | undefined>;
+    type: "google" | "github" | "microsoft" | "spotify" | "facebook" | "discord" | "gitlab" | "bitbucket" | "linkedin" | "apple" | "x";
     provider_user_id: string;
 }, yup.AnyObject, {
     id: undefined;
@@ -98,7 +106,7 @@ export declare const refreshTokenResponseSchema: yup.StringSchema<string | undef
 export declare const signInResponseSchema: yup.ObjectSchema<{
     refresh_token: string;
     access_token: string;
-    is_new_user: NonNullable<boolean | undefined>;
+    is_new_user: boolean;
     user_id: string;
 }, yup.AnyObject, {
     refresh_token: undefined;
@@ -129,5 +137,5 @@ export declare const contactChannelValueSchema: yup.StringSchema<string | undefi
 export declare const contactChannelUsedForAuthSchema: yup.BooleanSchema<boolean | undefined, yup.AnyObject, undefined, "">;
 export declare const contactChannelIsVerifiedSchema: yup.BooleanSchema<boolean | undefined, yup.AnyObject, undefined, "">;
 export declare const contactChannelIsPrimarySchema: yup.BooleanSchema<boolean | undefined, yup.AnyObject, undefined, "">;
-export declare function yupRequiredWhen<S extends yup.AnyObject>(schema: S, triggerName: string, isValue: any): S;
+export declare function yupDefinedWhen<S extends yup.AnyObject>(schema: S, triggerName: string, isValue: any): S;
 export {};

package/dist/schema-fields.js

@@ -5,6 +5,12 @@ import { StackAssertionError } from "./utils/errors";
 import { allProviders } from "./utils/oauth";
 import { deepPlainClone, omit } from "./utils/objects";
 import { isUuid } from "./utils/uuids";
+// eslint-disable-next-line no-restricted-syntax
+yup.addMethod(yup.string, "nonEmpty", function (message) {
+    return this.test("non-empty", message ?? "String must not be empty", (value) => {
+        return value !== "";
+    });
+});
 export async function yupValidate(schema, obj, options) {
     try {
         return await schema.validate(obj, {
@@ -64,32 +70,39 @@ const _createdAtMillisDescription = (identify) => `The time the ${identify} was
 const _signedUpAtMillisDescription = `The time the user signed up ${_atMillisDescription}`;
 const _lastActiveAtMillisDescription = `The time the user was last active ${_atMillisDescription}`;
 // Built-in replacements
-/* eslint-disable no-restricted-syntax */
 export function yupString(...args) {
+    // eslint-disable-next-line no-restricted-syntax
     return yup.string(...args);
 }
 export function yupNumber(...args) {
+    // eslint-disable-next-line no-restricted-syntax
     return yup.number(...args);
 }
 export function yupBoolean(...args) {
+    // eslint-disable-next-line no-restricted-syntax
     return yup.boolean(...args);
 }
 /**
  * @deprecated, use number of milliseconds since epoch instead
  */
 export function yupDate(...args) {
+    // eslint-disable-next-line no-restricted-syntax
     return yup.date(...args);
 }
 export function yupMixed(...args) {
+    // eslint-disable-next-line no-restricted-syntax
     return yup.mixed(...args);
 }
 export function yupArray(...args) {
+    // eslint-disable-next-line no-restricted-syntax
     return yup.array(...args);
 }
 export function yupTuple(...args) {
+    // eslint-disable-next-line no-restricted-syntax
     return yup.tuple(...args);
 }
 export function yupObject(...args) {
+    // eslint-disable-next-line no-restricted-syntax
     const object = yup.object(...args).test('no-unknown-object-properties', ({ path }) => `${path} contains unknown properties`, (value, context) => {
         if (context.options.context?.noUnknownPathPrefixes?.some((prefix) => context.path.startsWith(prefix))) {
             if (context.schema.spec.noUnknown !== false) {
@@ -110,7 +123,9 @@ export function yupObject(...args) {
     // we don't want to update the type of `object` to have a default flag
     return object.default(undefined);
 }
-/* eslint-enable no-restricted-syntax */
+/**
+ * Note that the .defined() on unions is implicit.
+ */
 export function yupUnion(...args) {
     if (args.length === 0)
         throw new Error('yupUnion must have at least one schema');
@@ -121,7 +136,7 @@ export function yupUnion(...args) {
         if (desc.type !== firstDesc.type)
             throw new StackAssertionError(`yupUnion must have schemas of the same type (got: ${firstDesc.type} and ${desc.type})`, { first, schema, firstDesc, desc });
     }
-    return yupMixed().required().test('is-one-of', 'Invalid value', async (value, context) => {
+    return yupMixed().defined().test('is-one-of', 'Invalid value', async (value, context) => {
         const errors = [];
         for (const schema of args) {
             try {
@@ -259,9 +274,9 @@ export const userClientMetadataSchema = jsonSchema.meta({ openapiField: { descri
 export const userClientReadOnlyMetadataSchema = jsonSchema.meta({ openapiField: { description: _clientReadOnlyMetaDataDescription('user'), exampleValue: { key: 'value' } } });
 export const userServerMetadataSchema = jsonSchema.meta({ openapiField: { description: _serverMetaDataDescription('user'), exampleValue: { key: 'value' } } });
 export const userOAuthProviderSchema = yupObject({
-    id: yupString().required(),
-    type: yupString().oneOf(allProviders).required(),
-    provider_user_id: yupString().required(),
+    id: yupString().defined(),
+    type: yupString().oneOf(allProviders).defined(),
+    provider_user_id: yupString().defined(),
 });
 export const userLastActiveAtMillisSchema = yupNumber().nullable().meta({ openapiField: { description: _lastActiveAtMillisDescription, exampleValue: 1630000000000 } });
 export const userPasskeyAuthEnabledSchema = yupBoolean().meta({ openapiField: { hidden: true, description: 'Whether the user has passkeys enabled', exampleValue: false } });
@@ -277,10 +292,10 @@ export const emailVerificationCallbackUrlSchema = urlSchema.meta({ openapiField:
 export const accessTokenResponseSchema = yupString().meta({ openapiField: { description: 'Short-lived access token that can be used to authenticate the user', exampleValue: 'eyJhmMiJB2TO...diI4QT' } });
 export const refreshTokenResponseSchema = yupString().meta({ openapiField: { description: 'Long-lived refresh token that can be used to obtain a new access token', exampleValue: 'i8ns3aq2...14y' } });
 export const signInResponseSchema = yupObject({
-    refresh_token: refreshTokenResponseSchema.required(),
-    access_token: accessTokenResponseSchema.required(),
-    is_new_user: yupBoolean().meta({ openapiField: { description: 'Whether the user is a new user', exampleValue: true } }).required(),
-    user_id: userIdSchema.required(),
+    refresh_token: refreshTokenResponseSchema.defined(),
+    access_token: accessTokenResponseSchema.defined(),
+    is_new_user: yupBoolean().meta({ openapiField: { description: 'Whether the user is a new user', exampleValue: true } }).defined(),
+    user_id: userIdSchema.defined(),
 });
 // Permissions
 export const teamSystemPermissions = [
@@ -305,7 +320,7 @@ export const customTeamPermissionDefinitionIdSchema = yupString()
     .matches(/^[a-z0-9_:]+$/, 'Only lowercase letters, numbers, ":", "_" are allowed')
     .meta({ openapiField: { description: 'The permission ID used to uniquely identify a permission. Can only contain lowercase letters, numbers, ":", and "_" characters', exampleValue: 'read_secret_info' } });
 export const teamPermissionDescriptionSchema = yupString().meta({ openapiField: { description: 'A human-readable description of the permission', exampleValue: 'Read secret information' } });
-export const containedPermissionIdsSchema = yupArray(teamPermissionDefinitionIdSchema.required()).meta({ openapiField: { description: 'The IDs of the permissions that are contained in this permission', exampleValue: ['read_public_info'] } });
+export const containedPermissionIdsSchema = yupArray(teamPermissionDefinitionIdSchema.defined()).meta({ openapiField: { description: 'The IDs of the permissions that are contained in this permission', exampleValue: ['read_public_info'] } });
 // Teams
 export const teamIdSchema = yupString().uuid().meta({ openapiField: { description: _idDescription('team'), exampleValue: 'ad962777-8244-496a-b6a2-e0c6a449c79e' } });
 export const teamDisplayNameSchema = yupString().meta({ openapiField: { description: _displayNameDescription('team'), exampleValue: 'My Team' } });
@@ -331,10 +346,10 @@ export const contactChannelUsedForAuthSchema = yupBoolean().meta({ openapiField:
 export const contactChannelIsVerifiedSchema = yupBoolean().meta({ openapiField: { description: 'Whether the contact channel has been verified. If this is set to `true`, the contact channel has been verified to belong to the user.', exampleValue: true } });
 export const contactChannelIsPrimarySchema = yupBoolean().meta({ openapiField: { description: 'Whether the contact channel is the primary contact channel. If this is set to `true`, it will be used for authentication and notifications by default.', exampleValue: true } });
 // Utils
-export function yupRequiredWhen(schema, triggerName, isValue) {
+export function yupDefinedWhen(schema, triggerName, isValue) {
     return schema.when(triggerName, {
         is: isValue,
-        then: (schema) => schema.required(),
+        then: (schema) => schema.defined(),
         otherwise: (schema) => schema.optional()
     });
 }

package/dist/utils/ips.d.ts

@@ -0,0 +1,4 @@
+export type Ipv4Address = `${number}.${number}.${number}.${number}`;
+export type Ipv6Address = string;
+export declare function isIpAddress(ip: string): ip is Ipv4Address | Ipv6Address;
+export declare function assertIpAddress(ip: string): asserts ip is Ipv4Address | Ipv6Address;

package/dist/utils/ips.js

@@ -0,0 +1,9 @@
+import ipRegex from "ip-regex";
+export function isIpAddress(ip) {
+    return ipRegex({ exact: true }).test(ip);
+}
+export function assertIpAddress(ip) {
+    if (!isIpAddress(ip)) {
+        throw new Error(`Invalid IP address: ${ip}`);
+    }
+}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@stackframe/stack-shared",
-  "version": "2.6.21",
+  "version": "2.6.24",
   "main": "./dist/index.js",
   "types": "./dist/index.d.ts",
   "files": [
@@ -20,11 +20,11 @@
     }
   },
   "peerDependencies": {
-    "react": ">=18.2",
-    "react-dom": ">=18.2",
-    "@types/react": ">=18.2",
-    "@types/react-dom": ">=18.2",
-    "next": ">=14.1.0",
+    "react": ">=18.2 || >=19.0.0-rc.0",
+    "react-dom": ">=18.2 || >=19.0.0-rc.0",
+    "@types/react": ">=18.2 || >=19.0.0-rc.0",
+    "@types/react-dom": ">=18.2 || >=19.0.0-rc.0",
+    "next": ">=14.1.0 || >=15.0.0-rc.0",
     "yup": "^1.4.0"
   },
   "peerDependenciesMeta": {
@@ -46,10 +46,11 @@
     "bcrypt": "^5.1.1",
     "elliptic": "^6.5.7",
     "jose": "^5.2.2",
+    "ip-regex": "^5.0.0",
     "oauth4webapi": "^2.10.3",
     "semver": "^7.6.3",
     "uuid": "^9.0.1",
-    "@stackframe/stack-sc": "2.6.21"
+    "@stackframe/stack-sc": "2.6.24"
   },
   "devDependencies": {
     "@simplewebauthn/types": "^11.0.0",