@stackframe/stack-shared 2.7.13 → 2.7.16

package/CHANGELOG.md

@@ -1,5 +1,26 @@
 # @stackframe/stack-shared
 
+## 2.7.16
+
+### Patch Changes
+
+- Various changes
+  - @stackframe/stack-sc@2.7.16
+
+## 2.7.15
+
+### Patch Changes
+
+- Various changes
+  - @stackframe/stack-sc@2.7.15
+
+## 2.7.14
+
+### Patch Changes
+
+- Various changes
+  - @stackframe/stack-sc@2.7.14
+
 ## 2.7.13
 
 ### Patch Changes

package/dist/helpers/password.js

@@ -1,6 +1,6 @@
 import { KnownErrors } from "..";
 const minLength = 8;
-const maxLength = 256;
+const maxLength = 70;
 export function getPasswordError(password) {
     if (password.length < minLength) {
         return new KnownErrors.PasswordTooShort(minLength);

package/dist/interface/clientInterface.d.ts

@@ -13,7 +13,7 @@ import { TeamPermissionsCrud } from './crud/team-permissions';
 import { TeamsCrud } from './crud/teams';
 export type ClientInterfaceOptions = {
     clientVersion: string;
-    baseUrl: string;
+    getBaseUrl: () => string;
     projectId: string;
 } & ({
     publishableClientKey: string;

package/dist/interface/clientInterface.js

@@ -19,7 +19,7 @@ export class StackClientInterface {
         return this.options.projectId;
     }
     getApiUrl() {
-        return this.options.baseUrl + "/api/v1";
+        return this.options.getBaseUrl() + "/api/v1";
     }
     async runNetworkDiagnostics(session, requestType) {
         const tryRequest = async (cb) => {
@@ -101,7 +101,7 @@ export class StackClientInterface {
             throw new Error("Admin session token is currently not supported for fetching new access token. Did you try to log in on a StackApp initiated with the admin session?");
         }
         const as = {
-            issuer: this.options.baseUrl,
+            issuer: this.options.getBaseUrl(),
             algorithm: 'oauth2',
             token_endpoint: this.getApiUrl() + '/auth/oauth/token',
         };
@@ -168,7 +168,10 @@ export class StackClientInterface {
         let adminTokenObj = adminSession ? await adminSession.getOrFetchLikelyValidTokens(20000) : null;
         // all requests should be dynamic to prevent Next.js caching
         await cookies?.();
-        const url = this.getApiUrl() + path;
+        let url = this.getApiUrl() + path;
+        if (url.endsWith("/")) {
+            url = url.slice(0, -1);
+        }
         const params = {
             /**
              * This fetch may be cross-origin, in which case we don't want to send cookies of the
@@ -277,7 +280,7 @@ export class StackClientInterface {
         }
         else {
             const error = await res.text();
-            const errorObj = new StackAssertionError(`Failed to send request to ${url}: ${res.status} ${error}`, { request: params, res });
+            const errorObj = new StackAssertionError(`Failed to send request to ${url}: ${res.status} ${error}`, { request: params, res, path });
             if (res.status === 508 && error.includes("INFINITE_LOOP_DETECTED")) {
                 // Some Vercel deployments seem to have an odd infinite loop bug. In that case, retry.
                 // See: https://github.com/stack-auth/stack/issues/319
@@ -652,7 +655,7 @@ export class StackClientInterface {
             throw new Error("Admin session token is currently not supported for OAuth");
         }
         const as = {
-            issuer: this.options.baseUrl,
+            issuer: this.options.getBaseUrl(),
             algorithm: 'oauth2',
             token_endpoint: this.getApiUrl() + '/auth/oauth/token',
         };

package/dist/interface/crud/projects.js

@@ -45,7 +45,9 @@ export const emailConfigSchema = yupObject({
     }),
 });
 const domainSchema = yupObject({
-    domain: schemaFields.projectTrustedDomainSchema.defined(),
+    domain: schemaFields.urlSchema.defined()
+        .matches(/^https?:\/\//, 'URL must start with http:// or https://')
+        .meta({ openapiField: { description: 'URL. Must start with http:// or https://', exampleValue: 'https://example.com' } }),
     handler_path: schemaFields.handlerPathSchema.defined(),
 });
 export const projectsCrudAdminReadSchema = yupObject({

package/dist/interface/crud/teams.d.ts

@@ -59,7 +59,7 @@ export declare const teamsCrudClientCreateSchema: import("yup").ObjectSchema<{
     client_metadata: {} | null | undefined;
 } & {
     display_name: string;
-    creator_user_id: string | undefined;
+    creator_user_id: string;
 }, import("yup").AnyObject, {
     display_name: undefined;
     profile_image_url: undefined;
@@ -114,7 +114,7 @@ export declare const teamsCrud: import("../../crud").CrudSchemaFromOptions<{
         client_metadata: {} | null | undefined;
     } & {
         display_name: string;
-        creator_user_id: string | undefined;
+        creator_user_id: string;
     }, import("yup").AnyObject, {
         display_name: undefined;
         profile_image_url: undefined;

package/dist/interface/crud/teams.js

@@ -26,7 +26,7 @@ export const teamsCrudServerUpdateSchema = teamsCrudClientUpdateSchema.concat(yu
 // Create
 export const teamsCrudClientCreateSchema = teamsCrudClientUpdateSchema.concat(yupObject({
     display_name: fieldSchema.teamDisplayNameSchema.defined(),
-    creator_user_id: fieldSchema.teamCreatorUserIdSchema.optional(),
+    creator_user_id: fieldSchema.teamCreatorUserIdSchema.defined(),
 }).defined());
 export const teamsCrudServerCreateSchema = teamsCrudServerUpdateSchema.concat(yupObject({
     display_name: fieldSchema.teamDisplayNameSchema.defined(),

package/dist/interface/crud/users.js

@@ -7,7 +7,7 @@ export const usersCrudServerUpdateSchema = fieldSchema.yupObject({
     client_metadata: fieldSchema.userClientMetadataSchema.optional(),
     client_read_only_metadata: fieldSchema.userClientReadOnlyMetadataSchema.optional(),
     server_metadata: fieldSchema.userServerMetadataSchema.optional(),
-    primary_email: fieldSchema.primaryEmailSchema.nullable().optional(),
+    primary_email: fieldSchema.primaryEmailSchema.nullable().optional().nonEmpty(),
     primary_email_verified: fieldSchema.primaryEmailVerifiedSchema.optional(),
     primary_email_auth_enabled: fieldSchema.primaryEmailAuthEnabledSchema.optional(),
     passkey_auth_enabled: fieldSchema.userOtpAuthEnabledSchema.optional(),

package/dist/interface/serverInterface.js

@@ -2,6 +2,7 @@ import { KnownErrors } from "../known-errors";
 import { StackAssertionError } from "../utils/errors";
 import { filterUndefined } from "../utils/objects";
 import { Result } from "../utils/results";
+import { urlString } from "../utils/urls";
 import { StackClientInterface } from "./clientInterface";
 export class StackServerInterface extends StackClientInterface {
     constructor(options) {
@@ -57,35 +58,35 @@ export class StackServerInterface extends StackClientInterface {
         return user;
     }
     async getServerUserById(userId) {
-        const response = await this.sendServerRequest(`/users/${userId}`, {}, null);
+        const response = await this.sendServerRequest(urlString `/users/${userId}`, {}, null);
         const user = await response.json();
         if (!user)
             return Result.error(new Error("Failed to get user"));
         return Result.ok(user);
     }
     async listServerTeamInvitations(options) {
-        const response = await this.sendServerRequest("/team-invitations?team_id=" + options.teamId, {}, null);
+        const response = await this.sendServerRequest(urlString `/team-invitations?team_id=${options.teamId}`, {}, null);
         const result = await response.json();
         return result.items;
     }
     async revokeServerTeamInvitation(invitationId, teamId) {
-        await this.sendServerRequest(`/team-invitations/${invitationId}?team_id=${teamId}`, { method: "DELETE" }, null);
+        await this.sendServerRequest(urlString `/team-invitations/${invitationId}?team_id=${teamId}`, { method: "DELETE" }, null);
     }
     async listServerTeamMemberProfiles(options) {
-        const response = await this.sendServerRequest("/team-member-profiles?team_id=" + options.teamId, {}, null);
+        const response = await this.sendServerRequest(urlString `/team-member-profiles?team_id=${options.teamId}`, {}, null);
         const result = await response.json();
         return result.items;
     }
     async getServerTeamMemberProfile(options) {
-        const response = await this.sendServerRequest(`/team-member-profiles/${options.teamId}/${options.userId}`, {}, null);
+        const response = await this.sendServerRequest(urlString `/team-member-profiles/${options.teamId}/${options.userId}`, {}, null);
         return await response.json();
     }
     async listServerTeamPermissions(options, session) {
-        const response = await this.sendServerRequest("/team-permissions?" + new URLSearchParams(filterUndefined({
+        const response = await this.sendServerRequest(`/team-permissions?${new URLSearchParams(filterUndefined({
             user_id: options.userId,
             team_id: options.teamId,
             recursive: options.recursive.toString(),
-        })), {}, session);
+        }))}`, {}, session);
         const result = await response.json();
         return result.items;
     }
@@ -107,9 +108,9 @@ export class StackServerInterface extends StackClientInterface {
         return await response.json();
     }
     async listServerTeams(options) {
-        const response = await this.sendServerRequest("/teams?" + new URLSearchParams(filterUndefined({
+        const response = await this.sendServerRequest(`/teams?${new URLSearchParams(filterUndefined({
             user_id: options?.userId,
-        })), {}, null);
+        }))}`, {}, null);
         const result = await response.json();
         return result.items;
     }
@@ -130,7 +131,7 @@ export class StackServerInterface extends StackClientInterface {
         return await response.json();
     }
     async updateServerTeam(teamId, data) {
-        const response = await this.sendServerRequest(`/teams/${teamId}`, {
+        const response = await this.sendServerRequest(urlString `/teams/${teamId}`, {
             method: "PATCH",
             headers: {
                 "content-type": "application/json",
@@ -140,10 +141,10 @@ export class StackServerInterface extends StackClientInterface {
         return await response.json();
     }
     async deleteServerTeam(teamId) {
-        await this.sendServerRequest(`/teams/${teamId}`, { method: "DELETE" }, null);
+        await this.sendServerRequest(urlString `/teams/${teamId}`, { method: "DELETE" }, null);
     }
     async addServerUserToTeam(options) {
-        const response = await this.sendServerRequest(`/team-memberships/${options.teamId}/${options.userId}`, {
+        const response = await this.sendServerRequest(urlString `/team-memberships/${options.teamId}/${options.userId}`, {
             method: "POST",
             headers: {
                 "content-type": "application/json",
@@ -153,7 +154,7 @@ export class StackServerInterface extends StackClientInterface {
         return await response.json();
     }
     async removeServerUserFromTeam(options) {
-        await this.sendServerRequest(`/team-memberships/${options.teamId}/${options.userId}`, {
+        await this.sendServerRequest(urlString `/team-memberships/${options.teamId}/${options.userId}`, {
             method: "DELETE",
             headers: {
                 "content-type": "application/json",
@@ -162,7 +163,7 @@ export class StackServerInterface extends StackClientInterface {
         }, null);
     }
     async updateServerUser(userId, update) {
-        const response = await this.sendServerRequest(`/users/${userId}`, {
+        const response = await this.sendServerRequest(urlString `/users/${userId}`, {
             method: "PATCH",
             headers: {
                 "content-type": "application/json",
@@ -172,7 +173,7 @@ export class StackServerInterface extends StackClientInterface {
         return await response.json();
     }
     async createServerProviderAccessToken(userId, provider, scope) {
-        const response = await this.sendServerRequest(`/connected-accounts/${userId}/${provider}/access-token`, {
+        const response = await this.sendServerRequest(urlString `/connected-accounts/${userId}/${provider}/access-token`, {
             method: "POST",
             headers: {
                 "content-type": "application/json",
@@ -199,7 +200,7 @@ export class StackServerInterface extends StackClientInterface {
         };
     }
     async leaveServerTeam(options) {
-        await this.sendClientRequest(`/team-memberships/${options.teamId}/${options.userId}`, {
+        await this.sendClientRequest(urlString `/team-memberships/${options.teamId}/${options.userId}`, {
             method: "DELETE",
             headers: {
                 "content-type": "application/json",
@@ -208,7 +209,7 @@ export class StackServerInterface extends StackClientInterface {
         }, null);
     }
     async updateServerTeamMemberProfile(options) {
-        await this.sendServerRequest(`/team-member-profiles/${options.teamId}/${options.userId}`, {
+        await this.sendServerRequest(urlString `/team-member-profiles/${options.teamId}/${options.userId}`, {
             method: "PATCH",
             headers: {
                 "content-type": "application/json",
@@ -217,7 +218,7 @@ export class StackServerInterface extends StackClientInterface {
         }, null);
     }
     async grantServerTeamUserPermission(teamId, userId, permissionId) {
-        await this.sendServerRequest(`/team-permissions/${teamId}/${userId}/${permissionId}`, {
+        await this.sendServerRequest(urlString `/team-permissions/${teamId}/${userId}/${permissionId}`, {
             method: "POST",
             headers: {
                 "content-type": "application/json",
@@ -226,7 +227,7 @@ export class StackServerInterface extends StackClientInterface {
         }, null);
     }
     async revokeServerTeamUserPermission(teamId, userId, permissionId) {
-        await this.sendServerRequest(`/team-permissions/${teamId}/${userId}/${permissionId}`, {
+        await this.sendServerRequest(urlString `/team-permissions/${teamId}/${userId}/${permissionId}`, {
             method: "DELETE",
             headers: {
                 "content-type": "application/json",
@@ -235,7 +236,7 @@ export class StackServerInterface extends StackClientInterface {
         }, null);
     }
     async deleteServerServerUser(userId) {
-        await this.sendServerRequest(`/users/${userId}`, {
+        await this.sendServerRequest(urlString `/users/${userId}`, {
             method: "DELETE",
             headers: {
                 "content-type": "application/json",
@@ -254,7 +255,7 @@ export class StackServerInterface extends StackClientInterface {
         return await response.json();
     }
     async updateServerContactChannel(userId, contactChannelId, data) {
-        const response = await this.sendServerRequest(`/contact-channels/${userId}/${contactChannelId}`, {
+        const response = await this.sendServerRequest(urlString `/contact-channels/${userId}/${contactChannelId}`, {
             method: "PATCH",
             headers: {
                 "content-type": "application/json",
@@ -264,19 +265,19 @@ export class StackServerInterface extends StackClientInterface {
         return await response.json();
     }
     async deleteServerContactChannel(userId, contactChannelId) {
-        await this.sendServerRequest(`/contact-channels/${userId}/${contactChannelId}`, {
+        await this.sendServerRequest(urlString `/contact-channels/${userId}/${contactChannelId}`, {
             method: "DELETE",
         }, null);
     }
     async listServerContactChannels(userId) {
-        const response = await this.sendServerRequest(`/contact-channels?user_id=${userId}`, {
+        const response = await this.sendServerRequest(urlString `/contact-channels?user_id=${userId}`, {
             method: "GET",
         }, null);
         const json = await response.json();
         return json.items;
     }
     async sendServerContactChannelVerificationEmail(userId, contactChannelId, callbackUrl) {
-        await this.sendServerRequest(`/contact-channels/${userId}/${contactChannelId}/send-verification-code`, {
+        await this.sendServerRequest(urlString `/contact-channels/${userId}/${contactChannelId}/send-verification-code`, {
             method: "POST",
             headers: {
                 "content-type": "application/json",

package/dist/known-errors.js

@@ -260,7 +260,7 @@ const ProviderRejected = createKnownErrorConstructor(RefreshTokenError, "PROVIDE
     "The provider refused to refresh their token. This usually means that the provider used to authenticate the user no longer regards this session as valid, and the user must re-authenticate.",
 ], () => []);
 const UserEmailAlreadyExists = createKnownErrorConstructor(KnownError, "USER_EMAIL_ALREADY_EXISTS", () => [
-    400,
+    409,
     "User email already exists.",
 ], () => []);
 const CannotGetOwnUserWithoutUser = createKnownErrorConstructor(KnownError, "CANNOT_GET_OWN_USER_WITHOUT_USER", () => [
@@ -346,7 +346,7 @@ const VerificationCodeExpired = createKnownErrorConstructor(VerificationCodeErro
     "The verification code has expired.",
 ], () => []);
 const VerificationCodeAlreadyUsed = createKnownErrorConstructor(VerificationCodeError, "VERIFICATION_CODE_ALREADY_USED", () => [
-    400,
+    409,
     "The verification link has already been used.",
 ], () => []);
 const VerificationCodeMaxAttemptsReached = createKnownErrorConstructor(VerificationCodeError, "VERIFICATION_CODE_MAX_ATTEMPTS_REACHED", () => [
@@ -358,7 +358,7 @@ const PasswordConfirmationMismatch = createKnownErrorConstructor(KnownError, "PA
     "Passwords do not match.",
 ], () => []);
 const EmailAlreadyVerified = createKnownErrorConstructor(KnownError, "EMAIL_ALREADY_VERIFIED", () => [
-    400,
+    409,
     "The e-mail is already verified.",
 ], () => []);
 const EmailNotAssociatedWithUser = createKnownErrorConstructor(KnownError, "EMAIL_NOT_ASSOCIATED_WITH_USER", () => [
@@ -411,7 +411,7 @@ const TeamNotFound = createKnownErrorConstructor(KnownError, "TEAM_NOT_FOUND", (
     },
 ], (json) => [json.team_id]);
 const TeamAlreadyExists = createKnownErrorConstructor(KnownError, "TEAM_ALREADY_EXISTS", (teamId) => [
-    400,
+    409,
     `Team ${teamId} already exists.`,
     {
         team_id: teamId,
@@ -426,7 +426,7 @@ const TeamMembershipNotFound = createKnownErrorConstructor(KnownError, "TEAM_MEM
     },
 ], (json) => [json.team_id, json.user_id]);
 const EmailTemplateAlreadyExists = createKnownErrorConstructor(KnownError, "EMAIL_TEMPLATE_ALREADY_EXISTS", () => [
-    400,
+    409,
     "Email template already exists.",
 ], () => []);
 const OAuthConnectionNotConnectedToUser = createKnownErrorConstructor(KnownError, "OAUTH_CONNECTION_NOT_CONNECTED_TO_USER", () => [
@@ -434,7 +434,7 @@ const OAuthConnectionNotConnectedToUser = createKnownErrorConstructor(KnownError
     "The OAuth connection is not connected to any user.",
 ], () => []);
 const OAuthConnectionAlreadyConnectedToAnotherUser = createKnownErrorConstructor(KnownError, "OAUTH_CONNECTION_ALREADY_CONNECTED_TO_ANOTHER_USER", () => [
-    400,
+    409,
     "The OAuth connection is already connected to another user.",
 ], () => []);
 const OAuthConnectionDoesNotHaveRequiredScope = createKnownErrorConstructor(KnownError, "OAUTH_CONNECTION_DOES_NOT_HAVE_REQUIRED_SCOPE", () => [
@@ -461,7 +461,7 @@ const InvalidScope = createKnownErrorConstructor(KnownError, "INVALID_SCOPE", (s
     `The scope "${scope}" is not a valid OAuth scope for Stack.`,
 ], (json) => [json.scope]);
 const UserAlreadyConnectedToAnotherOAuthConnection = createKnownErrorConstructor(KnownError, "USER_ALREADY_CONNECTED_TO_ANOTHER_OAUTH_CONNECTION", () => [
-    400,
+    409,
     "The user is already connected to another OAuth account. Did you maybe selected the wrong account?",
 ], () => []);
 const OuterOAuthTimeout = createKnownErrorConstructor(KnownError, "OUTER_OAUTH_TIMEOUT", () => [
@@ -488,7 +488,7 @@ const UserAuthenticationRequired = createKnownErrorConstructor(KnownError, "USER
     "User authentication required for this endpoint.",
 ], () => []);
 const TeamMembershipAlreadyExists = createKnownErrorConstructor(KnownError, "TEAM_MEMBERSHIP_ALREADY_EXISTS", () => [
-    400,
+    409,
     "Team membership already exists.",
 ], () => []);
 const TeamPermissionRequired = createKnownErrorConstructor(KnownError, "TEAM_PERMISSION_REQUIRED", (teamId, userId, permissionId) => [
@@ -532,7 +532,7 @@ const OAuthProviderAccessDenied = createKnownErrorConstructor(KnownError, "OAUTH
     "The OAuth provider denied access to the user.",
 ], () => []);
 const ContactChannelAlreadyUsedForAuthBySomeoneElse = createKnownErrorConstructor(KnownError, "CONTACT_CHANNEL_ALREADY_USED_FOR_AUTH_BY_SOMEONE_ELSE", (type) => [
-    400,
+    409,
     `This ${type} is already used for authentication by another account.`,
     { type },
 ], (json) => [json.type]);

package/dist/schema-fields.d.ts

@@ -79,7 +79,6 @@ export declare const emailPortSchema: yup.NumberSchema<number | undefined, yup.A
 export declare const emailUsernameSchema: yup.StringSchema<string | undefined, yup.AnyObject, undefined, "">;
 export declare const emailSenderEmailSchema: yup.StringSchema<string | undefined, yup.AnyObject, undefined, "">;
 export declare const emailPasswordSchema: yup.StringSchema<string | undefined, yup.AnyObject, undefined, "">;
-export declare const projectTrustedDomainSchema: yup.StringSchema<string | undefined, yup.AnyObject, undefined, "">;
 export declare const handlerPathSchema: yup.StringSchema<string | undefined, yup.AnyObject, undefined, "">;
 export declare class ReplaceFieldWithOwnUserId extends Error {
     readonly path: string;

package/dist/schema-fields.js

@@ -248,12 +248,11 @@ export const oauthMicrosoftTenantIdSchema = yupString().meta({ openapiField: { d
 export const emailTypeSchema = yupString().oneOf(['shared', 'standard']).meta({ openapiField: { description: 'Email provider type, one of shared, standard. "shared" uses Stack shared email provider and it is only meant for development. "standard" uses your own email server and will have your email address as the sender.', exampleValue: 'standard' } });
 export const emailSenderNameSchema = yupString().meta({ openapiField: { description: 'Email sender name. Needs to be specified when using type="standard"', exampleValue: 'Stack' } });
 export const emailHostSchema = yupString().meta({ openapiField: { description: 'Email host. Needs to be specified when using type="standard"', exampleValue: 'smtp.your-domain.com' } });
-export const emailPortSchema = yupNumber().meta({ openapiField: { description: 'Email port. Needs to be specified when using type="standard"', exampleValue: 587 } });
+export const emailPortSchema = yupNumber().min(0).max(65535).meta({ openapiField: { description: 'Email port. Needs to be specified when using type="standard"', exampleValue: 587 } });
 export const emailUsernameSchema = yupString().meta({ openapiField: { description: 'Email username. Needs to be specified when using type="standard"', exampleValue: 'smtp-email' } });
 export const emailSenderEmailSchema = emailSchema.meta({ openapiField: { description: 'Email sender email. Needs to be specified when using type="standard"', exampleValue: 'example@your-domain.com' } });
 export const emailPasswordSchema = passwordSchema.meta({ openapiField: { description: 'Email password. Needs to be specified when using type="standard"', exampleValue: 'your-email-password' } });
 // Project domain config
-export const projectTrustedDomainSchema = urlSchema.test('is-https', 'Trusted domain must start with https://', (value) => value?.startsWith('https://')).meta({ openapiField: { description: 'Your domain URL. Make sure you own and trust this domain. Needs to start with https://', exampleValue: 'https://example.com' } });
 export const handlerPathSchema = yupString().test('is-handler-path', 'Handler path must start with /', (value) => value?.startsWith('/')).meta({ openapiField: { description: 'Handler path. If you did not setup a custom handler path, it should be "/handler" by default. It needs to start with /', exampleValue: '/handler' } });
 // Users
 export class ReplaceFieldWithOwnUserId extends Error {

package/dist/utils/caches.d.ts

@@ -17,16 +17,16 @@ export declare class AsyncCache<D extends any[], T> {
     refreshWhere(predicate: (dependencies: D) => boolean): Promise<void>;
     readonly isCacheAvailable: (key: D) => boolean;
     readonly getIfCached: (key: D) => ({
+        status: "error";
+        error: unknown;
+    } & {
+        status: "error";
+    }) | ({
         status: "pending";
     } & {
         progress: void;
     } & {
         status: "pending";
-    }) | ({
-        status: "error";
-        error: unknown;
-    } & {
-        status: "error";
     }) | ({
         status: "ok";
         data: T;
@@ -57,16 +57,16 @@ declare class AsyncValueCache<T> {
     });
     isCacheAvailable(): boolean;
     getIfCached(): ({
+        status: "error";
+        error: unknown;
+    } & {
+        status: "error";
+    }) | ({
         status: "pending";
     } & {
         progress: void;
     } & {
         status: "pending";
-    }) | ({
-        status: "error";
-        error: unknown;
-    } & {
-        status: "error";
     }) | ({
         status: "ok";
         data: T;

package/dist/utils/env.d.ts

@@ -5,3 +5,27 @@ export declare function isBrowserLike(): boolean;
 export declare function getEnvVariable(name: string, defaultValue?: string | undefined): string;
 export declare function getNextRuntime(): string;
 export declare function getNodeEnvironment(): string;
+declare const _inlineEnvVars: {
+    readonly NEXT_PUBLIC_STACK_API_URL: {
+        readonly default: string | undefined;
+        readonly client: string | undefined;
+        readonly server: string | undefined;
+    };
+    readonly NEXT_PUBLIC_STACK_DASHBOARD_URL: {
+        readonly default: string | undefined;
+        readonly client: string | undefined;
+        readonly server: string | undefined;
+    };
+    readonly NEXT_PUBLIC_POSTHOG_KEY: string | undefined;
+    readonly NEXT_PUBLIC_STACK_SVIX_SERVER_URL: string | undefined;
+    readonly NEXT_PUBLIC_SENTRY_DSN: string | undefined;
+    readonly NEXT_PUBLIC_VERSION_ALERTER_SEVERE_ONLY: string | undefined;
+    readonly NEXT_PUBLIC_STACK_EMULATOR_ENABLED: string | undefined;
+    readonly NEXT_PUBLIC_STACK_EMULATOR_PROJECT_ID: string | undefined;
+    readonly NEXT_PUBLIC_STACK_PROJECT_ID: string | undefined;
+    readonly NEXT_PUBLIC_STACK_PUBLISHABLE_CLIENT_KEY: string | undefined;
+    readonly NEXT_PUBLIC_STACK_URL: string | undefined;
+    readonly NEXT_PUBLIC_STACK_INBUCKET_WEB_URL: string | undefined;
+};
+export declare function getPublicEnvVar(name: keyof typeof _inlineEnvVars): string | undefined;
+export {};

package/dist/utils/env.js

@@ -57,3 +57,82 @@ export function getNextRuntime() {
 export function getNodeEnvironment() {
     return getEnvVariable("NODE_ENV", "");
 }
+// ===================== Hack to use dynamic env vars in docker build =====================
+const _inlineEnvVars = {
+    NEXT_PUBLIC_STACK_API_URL: {
+        'default': process.env.NEXT_PUBLIC_STACK_API_URL,
+        'client': process.env.NEXT_PUBLIC_CLIENT_STACK_API_URL,
+        'server': process.env.NEXT_PUBLIC_SERVER_STACK_API_URL,
+    },
+    NEXT_PUBLIC_STACK_DASHBOARD_URL: {
+        'default': process.env.NEXT_PUBLIC_STACK_DASHBOARD_URL,
+        'client': process.env.NEXT_PUBLIC_CLIENT_STACK_DASHBOARD_URL,
+        'server': process.env.NEXT_PUBLIC_SERVER_STACK_DASHBOARD_URL,
+    },
+    NEXT_PUBLIC_POSTHOG_KEY: process.env.NEXT_PUBLIC_POSTHOG_KEY,
+    NEXT_PUBLIC_STACK_SVIX_SERVER_URL: process.env.NEXT_PUBLIC_STACK_SVIX_SERVER_URL,
+    NEXT_PUBLIC_SENTRY_DSN: process.env.NEXT_PUBLIC_SENTRY_DSN,
+    NEXT_PUBLIC_VERSION_ALERTER_SEVERE_ONLY: process.env.NEXT_PUBLIC_VERSION_ALERTER_SEVERE_ONLY,
+    NEXT_PUBLIC_STACK_EMULATOR_ENABLED: process.env.NEXT_PUBLIC_STACK_EMULATOR_ENABLED,
+    NEXT_PUBLIC_STACK_EMULATOR_PROJECT_ID: process.env.NEXT_PUBLIC_STACK_EMULATOR_PROJECT_ID,
+    NEXT_PUBLIC_STACK_PROJECT_ID: process.env.NEXT_PUBLIC_STACK_PROJECT_ID,
+    NEXT_PUBLIC_STACK_PUBLISHABLE_CLIENT_KEY: process.env.NEXT_PUBLIC_STACK_PUBLISHABLE_CLIENT_KEY,
+    NEXT_PUBLIC_STACK_URL: process.env.NEXT_PUBLIC_STACK_URL,
+    NEXT_PUBLIC_STACK_INBUCKET_WEB_URL: process.env.NEXT_PUBLIC_STACK_INBUCKET_WEB_URL,
+};
+// This will be replaced with the actual env vars after a docker build
+const _postBuildEnvVars = {
+    NEXT_PUBLIC_STACK_API_URL: {
+        'default': 'STACK_ENV_VAR_SENTINEL_NEXT_PUBLIC_STACK_API_URL',
+        'client': 'STACK_ENV_VAR_SENTINEL_NEXT_PUBLIC_CLIENT_STACK_API_URL',
+        'server': 'STACK_ENV_VAR_SENTINEL_NEXT_PUBLIC_SERVER_STACK_API_URL',
+    },
+    NEXT_PUBLIC_STACK_DASHBOARD_URL: {
+        'default': 'STACK_ENV_VAR_SENTINEL_NEXT_PUBLIC_STACK_DASHBOARD_URL',
+        'client': 'STACK_ENV_VAR_SENTINEL_NEXT_PUBLIC_CLIENT_STACK_DASHBOARD_URL',
+        'server': 'STACK_ENV_VAR_SENTINEL_NEXT_PUBLIC_SERVER_STACK_DASHBOARD_URL',
+    },
+    NEXT_PUBLIC_STACK_PROJECT_ID: "STACK_ENV_VAR_SENTINEL_NEXT_PUBLIC_STACK_PROJECT_ID",
+    NEXT_PUBLIC_POSTHOG_KEY: "STACK_ENV_VAR_SENTINEL_NEXT_PUBLIC_POSTHOG_KEY",
+    NEXT_PUBLIC_STACK_SVIX_SERVER_URL: "STACK_ENV_VAR_SENTINEL_NEXT_PUBLIC_STACK_SVIX_SERVER_URL",
+    NEXT_PUBLIC_SENTRY_DSN: "STACK_ENV_VAR_SENTINEL_NEXT_PUBLIC_SENTRY_DSN",
+    NEXT_PUBLIC_VERSION_ALERTER_SEVERE_ONLY: "STACK_ENV_VAR_SENTINEL_NEXT_PUBLIC_VERSION_ALERTER_SEVERE_ONLY",
+    NEXT_PUBLIC_STACK_EMULATOR_ENABLED: "STACK_ENV_VAR_SENTINEL_NEXT_PUBLIC_STACK_EMULATOR_ENABLED",
+    NEXT_PUBLIC_STACK_EMULATOR_PROJECT_ID: "STACK_ENV_VAR_SENTINEL_NEXT_PUBLIC_STACK_EMULATOR_PROJECT_ID",
+    NEXT_PUBLIC_STACK_PUBLISHABLE_CLIENT_KEY: "STACK_ENV_VAR_SENTINEL_NEXT_PUBLIC_STACK_PUBLISHABLE_CLIENT_KEY",
+    NEXT_PUBLIC_STACK_URL: "STACK_ENV_VAR_SENTINEL_NEXT_PUBLIC_STACK_URL",
+    NEXT_PUBLIC_STACK_INBUCKET_WEB_URL: "STACK_ENV_VAR_SENTINEL_NEXT_PUBLIC_STACK_INBUCKET_WEB_URL",
+};
+// If this is not replaced with "true", then we will not use inline env vars
+const _usePostBuildEnvVars = 'STACK_ENV_VAR_SENTINEL_USE_INLINE_ENV_VARS';
+export function getPublicEnvVar(name) {
+    // This is a hack to force the compiler not to do any smart optimizations
+    const _ = _usePostBuildEnvVars.toString() + _inlineEnvVars.toString(); // Force runtime evaluation
+    const value = _usePostBuildEnvVars.slice(0) === 'true' ? _postBuildEnvVars[name] : _inlineEnvVars[name];
+    // Helper function to check if a value is a sentinel
+    const isSentinel = (str) => {
+        return _usePostBuildEnvVars.slice(0) === 'true' && str && str.startsWith('STACK_ENV_VAR_SENTINEL');
+    };
+    // If it's a dictionary with client/server values
+    if (typeof value === 'object') {
+        const preferredValue = isBrowserLike() ? value.client : value.server;
+        // Check for sentinel values
+        if (isSentinel(preferredValue)) {
+            return isSentinel(value.default) ? undefined : value.default;
+        }
+        if (isSentinel(value.default)) {
+            return undefined;
+        }
+        return preferredValue || value.default;
+    }
+    else if (typeof value === 'string') {
+        if (isSentinel(value)) {
+            return undefined;
+        }
+        return value;
+    }
+    else {
+        return undefined;
+    }
+}
+// ======================================================================

package/dist/utils/promises.js

@@ -1,3 +1,4 @@
+import { KnownError } from "..";
 import { StackAssertionError, captureError, concatStacktraces } from "./errors";
 import { DependenciesMap } from "./maps";
 import { Result } from "./results";
@@ -105,7 +106,12 @@ export function runAsynchronouslyWithAlert(...args) {
     return runAsynchronously(args[0], {
         ...args[1],
         onError: error => {
-            alert(`An unhandled error occurred. Please ${process.env.NODE_ENV === "development" ? `check the browser console for the full error.` : "report this to the developer."}\n\n${error}`);
+            if (error instanceof KnownError && process.env.NODE_ENV.includes("production")) {
+                alert(error.message);
+            }
+            else {
+                alert(`An unhandled error occurred. Please ${process.env.NODE_ENV === "development" ? `check the browser console for the full error.` : "report this to the developer."}\n\n${error}`);
+            }
             args[1]?.onError?.(error);
         },
     }, ...args.slice(2));

package/dist/utils/stores.d.ts

@@ -60,12 +60,6 @@ export declare class AsyncStore<T> implements ReadonlyAsyncStore<T> {
     isAvailable(): boolean;
     isRejected(): boolean;
     get(): ({
-        status: "pending";
-    } & {
-        progress: void;
-    } & {
-        status: "pending";
-    }) | ({
         status: "error";
         error: unknown;
     } & {
@@ -75,6 +69,12 @@ export declare class AsyncStore<T> implements ReadonlyAsyncStore<T> {
         data: T;
     } & {
         status: "ok";
+    }) | ({
+        status: "pending";
+    } & {
+        progress: void;
+    } & {
+        status: "pending";
     });
     getOrWait(): ReactPromise<T>;
     _setIfLatest(result: Result<T>, curCounter: number): boolean;

package/dist/utils/strings.d.ts

@@ -40,7 +40,7 @@ export declare function trimLines(s: string): string;
  *
  * Useful for implementing your own template literal tags.
  */
-export declare function templateIdentity(strings: TemplateStringsArray | readonly string[], ...values: any[]): string;
+export declare function templateIdentity(strings: TemplateStringsArray | readonly string[], ...values: string[]): string;
 export declare function deindent(code: string): string;
 export declare function deindent(strings: TemplateStringsArray | readonly string[], ...values: any[]): string;
 export declare function extractScopes(scope: string, removeDuplicates?: boolean): string[];

package/dist/utils/strings.js

@@ -61,25 +61,51 @@ export function trimEmptyLinesEnd(s) {
 export function trimLines(s) {
     return trimEmptyLinesEnd(trimEmptyLinesStart(s));
 }
+import.meta.vitest?.test("trimLines", ({ expect }) => {
+    expect(trimLines("")).toBe("");
+    expect(trimLines(" ")).toBe("");
+    expect(trimLines(" \n ")).toBe("");
+    expect(trimLines(" abc ")).toBe(" abc ");
+    expect(trimLines("\n  \nLine1\nLine2\n \n")).toBe("Line1\nLine2");
+    expect(trimLines("Line1\n   \nLine2")).toBe("Line1\n   \nLine2");
+    expect(trimLines(" \n    \n\t")).toBe("");
+    expect(trimLines("   Hello World")).toBe("   Hello World");
+    expect(trimLines("\n")).toBe("");
+    expect(trimLines("\t \n\t\tLine1 \n \nLine2\t\t\n\t  ")).toBe("\t\tLine1 \n \nLine2\t\t");
+});
 /**
  * A template literal tag that returns the same string as the template literal without a tag.
  *
  * Useful for implementing your own template literal tags.
  */
 export function templateIdentity(strings, ...values) {
-    if (strings.length === 0)
-        return "";
     if (values.length !== strings.length - 1)
-        throw new Error("Invalid number of values; must be one less than strings");
-    return strings.slice(1).reduce((result, string, i) => `${result}${values[i] ?? "n/a"}${string}`, strings[0]);
+        throw new StackAssertionError("Invalid number of values; must be one less than strings", { strings, values });
+    return strings.reduce((result, str, i) => result + str + (values[i] ?? ''), '');
 }
+import.meta.vitest?.test("templateIdentity", ({ expect }) => {
+    expect(templateIdentity `Hello World`).toBe("Hello World");
+    expect(templateIdentity `${"Hello"}`).toBe("Hello");
+    const greeting = "Hello";
+    const subject = "World";
+    expect(templateIdentity `${greeting}, ${subject}!`).toBe("Hello, World!");
+    expect(templateIdentity `${"A"}${"B"}${"C"}`).toBe("ABC");
+    expect(templateIdentity `Start${""}Middle${""}End`).toBe("StartMiddleEnd");
+    expect(templateIdentity ``).toBe("");
+    expect(templateIdentity `Line1
+Line2`).toBe("Line1\nLine2");
+    expect(templateIdentity(["a ", " scientific ", "gun"], "certain", "rail")).toBe("a certain scientific railgun");
+    expect(templateIdentity(["only one part"])).toBe("only one part");
+    expect(() => templateIdentity(["a ", "b", "c"], "only one")).toThrow("Invalid number of values");
+    expect(() => templateIdentity(["a", "b"], "x", "y")).toThrow("Invalid number of values");
+});
 export function deindent(strings, ...values) {
     if (typeof strings === "string")
         return deindent([strings]);
     if (strings.length === 0)
         return "";
     if (values.length !== strings.length - 1)
-        throw new Error("Invalid number of values; must be one less than strings");
+        throw new StackAssertionError("Invalid number of values; must be one less than strings", { strings, values });
     const trimmedStrings = [...strings];
     trimmedStrings[0] = trimEmptyLinesStart(trimmedStrings[0]);
     trimmedStrings[trimmedStrings.length - 1] = trimEmptyLinesEnd(trimmedStrings[trimmedStrings.length - 1]);

package/dist/utils/strings.test.d.ts

@@ -0,0 +1 @@
+export {};

package/dist/utils/strings.test.js

@@ -0,0 +1,26 @@
+import { describe, expect, it } from "vitest";
+import { templateIdentity } from "./strings";
+describe("templateIdentity", () => {
+    it("should be equivalent to a regular template string", () => {
+        const adjective = "scientific";
+        const noun = "railgun";
+        expect(templateIdentity `a certain scientific railgun`).toBe("a certain scientific railgun");
+        expect(templateIdentity `a certain ${adjective} railgun`).toBe(`a certain scientific railgun`);
+        expect(templateIdentity `a certain ${adjective} ${noun}`).toBe(`a certain scientific railgun`);
+        expect(templateIdentity `${adjective}${noun}`).toBe(`scientificrailgun`);
+    });
+    it("should work with empty strings", () => {
+        expect(templateIdentity ``).toBe("");
+        expect(templateIdentity `${""}`).toBe("");
+        expect(templateIdentity `${""}${""}`).toBe("");
+    });
+    it("should work with normal arrays", () => {
+        expect(templateIdentity(["a ", " scientific ", "gun"], "certain", "rail")).toBe("a certain scientific railgun");
+        expect(templateIdentity(["a"])).toBe("a");
+    });
+    it("should throw an error with wrong number of value arguments", () => {
+        expect(() => templateIdentity([])).toThrow();
+        expect(() => templateIdentity(["a", "b"])).toThrow();
+        expect(() => templateIdentity(["a", "b", "c"], "a", "b", "c")).toThrow();
+    });
+});

package/dist/utils/urls.d.ts

@@ -1,5 +1,18 @@
 export declare function createUrlIfValid(...args: ConstructorParameters<typeof URL>): URL | null;
 export declare function isValidUrl(url: string): boolean;
+export declare function isValidHostname(hostname: string): boolean;
 export declare function isLocalhost(urlOrString: string | URL): boolean;
 export declare function isRelative(url: string): boolean;
 export declare function getRelativePart(url: URL): string;
+/**
+ * A template literal tag that returns a URL.
+ *
+ * Any values passed are encoded.
+ */
+export declare function url(strings: TemplateStringsArray | readonly string[], ...values: (string | number | boolean)[]): URL;
+/**
+ * A template literal tag that returns a URL string.
+ *
+ * Any values passed are encoded.
+ */
+export declare function urlString(strings: TemplateStringsArray | readonly string[], ...values: (string | number | boolean)[]): string;

package/dist/utils/urls.js

@@ -1,4 +1,5 @@
 import { generateSecureRandomString } from "./crypto";
+import { templateIdentity } from "./strings";
 export function createUrlIfValid(...args) {
     try {
         return new URL(...args);
@@ -10,6 +11,12 @@ export function createUrlIfValid(...args) {
 export function isValidUrl(url) {
     return !!createUrlIfValid(url);
 }
+export function isValidHostname(hostname) {
+    const url = createUrlIfValid(`https://${hostname}`);
+    if (!url)
+        return false;
+    return url.hostname === hostname;
+}
 export function isLocalhost(urlOrString) {
     const url = createUrlIfValid(urlOrString);
     if (!url)
@@ -34,3 +41,19 @@ export function isRelative(url) {
 export function getRelativePart(url) {
     return url.pathname + url.search + url.hash;
 }
+/**
+ * A template literal tag that returns a URL.
+ *
+ * Any values passed are encoded.
+ */
+export function url(strings, ...values) {
+    return new URL(urlString(strings, ...values));
+}
+/**
+ * A template literal tag that returns a URL string.
+ *
+ * Any values passed are encoded.
+ */
+export function urlString(strings, ...values) {
+    return templateIdentity(strings, ...values.map(encodeURIComponent));
+}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@stackframe/stack-shared",
-  "version": "2.7.13",
+  "version": "2.7.16",
   "main": "./dist/index.js",
   "types": "./dist/index.d.ts",
   "type": "module",
@@ -52,7 +52,7 @@
     "oauth4webapi": "^2.10.3",
     "semver": "^7.6.3",
     "uuid": "^9.0.1",
-    "@stackframe/stack-sc": "2.7.13"
+    "@stackframe/stack-sc": "2.7.16"
   },
   "devDependencies": {
     "@sentry/nextjs": "^8.40.0",
@@ -69,6 +69,7 @@
   "scripts": {
     "build": "tsc",
     "typecheck": "tsc --noEmit",
+    "test": "vitest run",
     "clean": "rimraf dist && rimraf node_modules",
     "dev": "tsc -w --preserveWatchOutput --declarationMap",
     "lint": "eslint --ext .tsx,.ts ."