@stackframe/stack-shared 2.7.14 → 2.7.16

package/CHANGELOG.md

@@ -1,5 +1,19 @@
 # @stackframe/stack-shared
 
+## 2.7.16
+
+### Patch Changes
+
+- Various changes
+  - @stackframe/stack-sc@2.7.16
+
+## 2.7.15
+
+### Patch Changes
+
+- Various changes
+  - @stackframe/stack-sc@2.7.15
+
 ## 2.7.14
 
 ### Patch Changes

package/dist/helpers/password.js

@@ -1,6 +1,6 @@
 import { KnownErrors } from "..";
 const minLength = 8;
-const maxLength = 256;
+const maxLength = 70;
 export function getPasswordError(password) {
     if (password.length < minLength) {
         return new KnownErrors.PasswordTooShort(minLength);

package/dist/interface/clientInterface.d.ts

@@ -13,7 +13,7 @@ import { TeamPermissionsCrud } from './crud/team-permissions';
 import { TeamsCrud } from './crud/teams';
 export type ClientInterfaceOptions = {
     clientVersion: string;
-    baseUrl: string;
+    getBaseUrl: () => string;
     projectId: string;
 } & ({
     publishableClientKey: string;

package/dist/interface/clientInterface.js

@@ -19,7 +19,7 @@ export class StackClientInterface {
         return this.options.projectId;
     }
     getApiUrl() {
-        return this.options.baseUrl + "/api/v1";
+        return this.options.getBaseUrl() + "/api/v1";
     }
     async runNetworkDiagnostics(session, requestType) {
         const tryRequest = async (cb) => {
@@ -101,7 +101,7 @@ export class StackClientInterface {
             throw new Error("Admin session token is currently not supported for fetching new access token. Did you try to log in on a StackApp initiated with the admin session?");
         }
         const as = {
-            issuer: this.options.baseUrl,
+            issuer: this.options.getBaseUrl(),
             algorithm: 'oauth2',
             token_endpoint: this.getApiUrl() + '/auth/oauth/token',
         };
@@ -168,7 +168,10 @@ export class StackClientInterface {
         let adminTokenObj = adminSession ? await adminSession.getOrFetchLikelyValidTokens(20000) : null;
         // all requests should be dynamic to prevent Next.js caching
         await cookies?.();
-        const url = this.getApiUrl() + path;
+        let url = this.getApiUrl() + path;
+        if (url.endsWith("/")) {
+            url = url.slice(0, -1);
+        }
         const params = {
             /**
              * This fetch may be cross-origin, in which case we don't want to send cookies of the
@@ -277,7 +280,7 @@ export class StackClientInterface {
         }
         else {
             const error = await res.text();
-            const errorObj = new StackAssertionError(`Failed to send request to ${url}: ${res.status} ${error}`, { request: params, res });
+            const errorObj = new StackAssertionError(`Failed to send request to ${url}: ${res.status} ${error}`, { request: params, res, path });
             if (res.status === 508 && error.includes("INFINITE_LOOP_DETECTED")) {
                 // Some Vercel deployments seem to have an odd infinite loop bug. In that case, retry.
                 // See: https://github.com/stack-auth/stack/issues/319
@@ -652,7 +655,7 @@ export class StackClientInterface {
             throw new Error("Admin session token is currently not supported for OAuth");
         }
         const as = {
-            issuer: this.options.baseUrl,
+            issuer: this.options.getBaseUrl(),
             algorithm: 'oauth2',
             token_endpoint: this.getApiUrl() + '/auth/oauth/token',
         };

package/dist/interface/crud/teams.d.ts

@@ -59,7 +59,7 @@ export declare const teamsCrudClientCreateSchema: import("yup").ObjectSchema<{
     client_metadata: {} | null | undefined;
 } & {
     display_name: string;
-    creator_user_id: string | undefined;
+    creator_user_id: string;
 }, import("yup").AnyObject, {
     display_name: undefined;
     profile_image_url: undefined;
@@ -114,7 +114,7 @@ export declare const teamsCrud: import("../../crud").CrudSchemaFromOptions<{
         client_metadata: {} | null | undefined;
     } & {
         display_name: string;
-        creator_user_id: string | undefined;
+        creator_user_id: string;
     }, import("yup").AnyObject, {
         display_name: undefined;
         profile_image_url: undefined;

package/dist/interface/crud/teams.js

@@ -26,7 +26,7 @@ export const teamsCrudServerUpdateSchema = teamsCrudClientUpdateSchema.concat(yu
 // Create
 export const teamsCrudClientCreateSchema = teamsCrudClientUpdateSchema.concat(yupObject({
     display_name: fieldSchema.teamDisplayNameSchema.defined(),
-    creator_user_id: fieldSchema.teamCreatorUserIdSchema.optional(),
+    creator_user_id: fieldSchema.teamCreatorUserIdSchema.defined(),
 }).defined());
 export const teamsCrudServerCreateSchema = teamsCrudServerUpdateSchema.concat(yupObject({
     display_name: fieldSchema.teamDisplayNameSchema.defined(),

package/dist/known-errors.js

@@ -260,7 +260,7 @@ const ProviderRejected = createKnownErrorConstructor(RefreshTokenError, "PROVIDE
     "The provider refused to refresh their token. This usually means that the provider used to authenticate the user no longer regards this session as valid, and the user must re-authenticate.",
 ], () => []);
 const UserEmailAlreadyExists = createKnownErrorConstructor(KnownError, "USER_EMAIL_ALREADY_EXISTS", () => [
-    400,
+    409,
     "User email already exists.",
 ], () => []);
 const CannotGetOwnUserWithoutUser = createKnownErrorConstructor(KnownError, "CANNOT_GET_OWN_USER_WITHOUT_USER", () => [
@@ -346,7 +346,7 @@ const VerificationCodeExpired = createKnownErrorConstructor(VerificationCodeErro
     "The verification code has expired.",
 ], () => []);
 const VerificationCodeAlreadyUsed = createKnownErrorConstructor(VerificationCodeError, "VERIFICATION_CODE_ALREADY_USED", () => [
-    400,
+    409,
     "The verification link has already been used.",
 ], () => []);
 const VerificationCodeMaxAttemptsReached = createKnownErrorConstructor(VerificationCodeError, "VERIFICATION_CODE_MAX_ATTEMPTS_REACHED", () => [
@@ -358,7 +358,7 @@ const PasswordConfirmationMismatch = createKnownErrorConstructor(KnownError, "PA
     "Passwords do not match.",
 ], () => []);
 const EmailAlreadyVerified = createKnownErrorConstructor(KnownError, "EMAIL_ALREADY_VERIFIED", () => [
-    400,
+    409,
     "The e-mail is already verified.",
 ], () => []);
 const EmailNotAssociatedWithUser = createKnownErrorConstructor(KnownError, "EMAIL_NOT_ASSOCIATED_WITH_USER", () => [
@@ -411,7 +411,7 @@ const TeamNotFound = createKnownErrorConstructor(KnownError, "TEAM_NOT_FOUND", (
     },
 ], (json) => [json.team_id]);
 const TeamAlreadyExists = createKnownErrorConstructor(KnownError, "TEAM_ALREADY_EXISTS", (teamId) => [
-    400,
+    409,
     `Team ${teamId} already exists.`,
     {
         team_id: teamId,
@@ -426,7 +426,7 @@ const TeamMembershipNotFound = createKnownErrorConstructor(KnownError, "TEAM_MEM
     },
 ], (json) => [json.team_id, json.user_id]);
 const EmailTemplateAlreadyExists = createKnownErrorConstructor(KnownError, "EMAIL_TEMPLATE_ALREADY_EXISTS", () => [
-    400,
+    409,
     "Email template already exists.",
 ], () => []);
 const OAuthConnectionNotConnectedToUser = createKnownErrorConstructor(KnownError, "OAUTH_CONNECTION_NOT_CONNECTED_TO_USER", () => [
@@ -434,7 +434,7 @@ const OAuthConnectionNotConnectedToUser = createKnownErrorConstructor(KnownError
     "The OAuth connection is not connected to any user.",
 ], () => []);
 const OAuthConnectionAlreadyConnectedToAnotherUser = createKnownErrorConstructor(KnownError, "OAUTH_CONNECTION_ALREADY_CONNECTED_TO_ANOTHER_USER", () => [
-    400,
+    409,
     "The OAuth connection is already connected to another user.",
 ], () => []);
 const OAuthConnectionDoesNotHaveRequiredScope = createKnownErrorConstructor(KnownError, "OAUTH_CONNECTION_DOES_NOT_HAVE_REQUIRED_SCOPE", () => [
@@ -461,7 +461,7 @@ const InvalidScope = createKnownErrorConstructor(KnownError, "INVALID_SCOPE", (s
     `The scope "${scope}" is not a valid OAuth scope for Stack.`,
 ], (json) => [json.scope]);
 const UserAlreadyConnectedToAnotherOAuthConnection = createKnownErrorConstructor(KnownError, "USER_ALREADY_CONNECTED_TO_ANOTHER_OAUTH_CONNECTION", () => [
-    400,
+    409,
     "The user is already connected to another OAuth account. Did you maybe selected the wrong account?",
 ], () => []);
 const OuterOAuthTimeout = createKnownErrorConstructor(KnownError, "OUTER_OAUTH_TIMEOUT", () => [
@@ -488,7 +488,7 @@ const UserAuthenticationRequired = createKnownErrorConstructor(KnownError, "USER
     "User authentication required for this endpoint.",
 ], () => []);
 const TeamMembershipAlreadyExists = createKnownErrorConstructor(KnownError, "TEAM_MEMBERSHIP_ALREADY_EXISTS", () => [
-    400,
+    409,
     "Team membership already exists.",
 ], () => []);
 const TeamPermissionRequired = createKnownErrorConstructor(KnownError, "TEAM_PERMISSION_REQUIRED", (teamId, userId, permissionId) => [
@@ -532,7 +532,7 @@ const OAuthProviderAccessDenied = createKnownErrorConstructor(KnownError, "OAUTH
     "The OAuth provider denied access to the user.",
 ], () => []);
 const ContactChannelAlreadyUsedForAuthBySomeoneElse = createKnownErrorConstructor(KnownError, "CONTACT_CHANNEL_ALREADY_USED_FOR_AUTH_BY_SOMEONE_ELSE", (type) => [
-    400,
+    409,
     `This ${type} is already used for authentication by another account.`,
     { type },
 ], (json) => [json.type]);

package/dist/utils/env.d.ts

@@ -5,3 +5,27 @@ export declare function isBrowserLike(): boolean;
 export declare function getEnvVariable(name: string, defaultValue?: string | undefined): string;
 export declare function getNextRuntime(): string;
 export declare function getNodeEnvironment(): string;
+declare const _inlineEnvVars: {
+    readonly NEXT_PUBLIC_STACK_API_URL: {
+        readonly default: string | undefined;
+        readonly client: string | undefined;
+        readonly server: string | undefined;
+    };
+    readonly NEXT_PUBLIC_STACK_DASHBOARD_URL: {
+        readonly default: string | undefined;
+        readonly client: string | undefined;
+        readonly server: string | undefined;
+    };
+    readonly NEXT_PUBLIC_POSTHOG_KEY: string | undefined;
+    readonly NEXT_PUBLIC_STACK_SVIX_SERVER_URL: string | undefined;
+    readonly NEXT_PUBLIC_SENTRY_DSN: string | undefined;
+    readonly NEXT_PUBLIC_VERSION_ALERTER_SEVERE_ONLY: string | undefined;
+    readonly NEXT_PUBLIC_STACK_EMULATOR_ENABLED: string | undefined;
+    readonly NEXT_PUBLIC_STACK_EMULATOR_PROJECT_ID: string | undefined;
+    readonly NEXT_PUBLIC_STACK_PROJECT_ID: string | undefined;
+    readonly NEXT_PUBLIC_STACK_PUBLISHABLE_CLIENT_KEY: string | undefined;
+    readonly NEXT_PUBLIC_STACK_URL: string | undefined;
+    readonly NEXT_PUBLIC_STACK_INBUCKET_WEB_URL: string | undefined;
+};
+export declare function getPublicEnvVar(name: keyof typeof _inlineEnvVars): string | undefined;
+export {};

package/dist/utils/env.js

@@ -57,3 +57,82 @@ export function getNextRuntime() {
 export function getNodeEnvironment() {
     return getEnvVariable("NODE_ENV", "");
 }
+// ===================== Hack to use dynamic env vars in docker build =====================
+const _inlineEnvVars = {
+    NEXT_PUBLIC_STACK_API_URL: {
+        'default': process.env.NEXT_PUBLIC_STACK_API_URL,
+        'client': process.env.NEXT_PUBLIC_CLIENT_STACK_API_URL,
+        'server': process.env.NEXT_PUBLIC_SERVER_STACK_API_URL,
+    },
+    NEXT_PUBLIC_STACK_DASHBOARD_URL: {
+        'default': process.env.NEXT_PUBLIC_STACK_DASHBOARD_URL,
+        'client': process.env.NEXT_PUBLIC_CLIENT_STACK_DASHBOARD_URL,
+        'server': process.env.NEXT_PUBLIC_SERVER_STACK_DASHBOARD_URL,
+    },
+    NEXT_PUBLIC_POSTHOG_KEY: process.env.NEXT_PUBLIC_POSTHOG_KEY,
+    NEXT_PUBLIC_STACK_SVIX_SERVER_URL: process.env.NEXT_PUBLIC_STACK_SVIX_SERVER_URL,
+    NEXT_PUBLIC_SENTRY_DSN: process.env.NEXT_PUBLIC_SENTRY_DSN,
+    NEXT_PUBLIC_VERSION_ALERTER_SEVERE_ONLY: process.env.NEXT_PUBLIC_VERSION_ALERTER_SEVERE_ONLY,
+    NEXT_PUBLIC_STACK_EMULATOR_ENABLED: process.env.NEXT_PUBLIC_STACK_EMULATOR_ENABLED,
+    NEXT_PUBLIC_STACK_EMULATOR_PROJECT_ID: process.env.NEXT_PUBLIC_STACK_EMULATOR_PROJECT_ID,
+    NEXT_PUBLIC_STACK_PROJECT_ID: process.env.NEXT_PUBLIC_STACK_PROJECT_ID,
+    NEXT_PUBLIC_STACK_PUBLISHABLE_CLIENT_KEY: process.env.NEXT_PUBLIC_STACK_PUBLISHABLE_CLIENT_KEY,
+    NEXT_PUBLIC_STACK_URL: process.env.NEXT_PUBLIC_STACK_URL,
+    NEXT_PUBLIC_STACK_INBUCKET_WEB_URL: process.env.NEXT_PUBLIC_STACK_INBUCKET_WEB_URL,
+};
+// This will be replaced with the actual env vars after a docker build
+const _postBuildEnvVars = {
+    NEXT_PUBLIC_STACK_API_URL: {
+        'default': 'STACK_ENV_VAR_SENTINEL_NEXT_PUBLIC_STACK_API_URL',
+        'client': 'STACK_ENV_VAR_SENTINEL_NEXT_PUBLIC_CLIENT_STACK_API_URL',
+        'server': 'STACK_ENV_VAR_SENTINEL_NEXT_PUBLIC_SERVER_STACK_API_URL',
+    },
+    NEXT_PUBLIC_STACK_DASHBOARD_URL: {
+        'default': 'STACK_ENV_VAR_SENTINEL_NEXT_PUBLIC_STACK_DASHBOARD_URL',
+        'client': 'STACK_ENV_VAR_SENTINEL_NEXT_PUBLIC_CLIENT_STACK_DASHBOARD_URL',
+        'server': 'STACK_ENV_VAR_SENTINEL_NEXT_PUBLIC_SERVER_STACK_DASHBOARD_URL',
+    },
+    NEXT_PUBLIC_STACK_PROJECT_ID: "STACK_ENV_VAR_SENTINEL_NEXT_PUBLIC_STACK_PROJECT_ID",
+    NEXT_PUBLIC_POSTHOG_KEY: "STACK_ENV_VAR_SENTINEL_NEXT_PUBLIC_POSTHOG_KEY",
+    NEXT_PUBLIC_STACK_SVIX_SERVER_URL: "STACK_ENV_VAR_SENTINEL_NEXT_PUBLIC_STACK_SVIX_SERVER_URL",
+    NEXT_PUBLIC_SENTRY_DSN: "STACK_ENV_VAR_SENTINEL_NEXT_PUBLIC_SENTRY_DSN",
+    NEXT_PUBLIC_VERSION_ALERTER_SEVERE_ONLY: "STACK_ENV_VAR_SENTINEL_NEXT_PUBLIC_VERSION_ALERTER_SEVERE_ONLY",
+    NEXT_PUBLIC_STACK_EMULATOR_ENABLED: "STACK_ENV_VAR_SENTINEL_NEXT_PUBLIC_STACK_EMULATOR_ENABLED",
+    NEXT_PUBLIC_STACK_EMULATOR_PROJECT_ID: "STACK_ENV_VAR_SENTINEL_NEXT_PUBLIC_STACK_EMULATOR_PROJECT_ID",
+    NEXT_PUBLIC_STACK_PUBLISHABLE_CLIENT_KEY: "STACK_ENV_VAR_SENTINEL_NEXT_PUBLIC_STACK_PUBLISHABLE_CLIENT_KEY",
+    NEXT_PUBLIC_STACK_URL: "STACK_ENV_VAR_SENTINEL_NEXT_PUBLIC_STACK_URL",
+    NEXT_PUBLIC_STACK_INBUCKET_WEB_URL: "STACK_ENV_VAR_SENTINEL_NEXT_PUBLIC_STACK_INBUCKET_WEB_URL",
+};
+// If this is not replaced with "true", then we will not use inline env vars
+const _usePostBuildEnvVars = 'STACK_ENV_VAR_SENTINEL_USE_INLINE_ENV_VARS';
+export function getPublicEnvVar(name) {
+    // This is a hack to force the compiler not to do any smart optimizations
+    const _ = _usePostBuildEnvVars.toString() + _inlineEnvVars.toString(); // Force runtime evaluation
+    const value = _usePostBuildEnvVars.slice(0) === 'true' ? _postBuildEnvVars[name] : _inlineEnvVars[name];
+    // Helper function to check if a value is a sentinel
+    const isSentinel = (str) => {
+        return _usePostBuildEnvVars.slice(0) === 'true' && str && str.startsWith('STACK_ENV_VAR_SENTINEL');
+    };
+    // If it's a dictionary with client/server values
+    if (typeof value === 'object') {
+        const preferredValue = isBrowserLike() ? value.client : value.server;
+        // Check for sentinel values
+        if (isSentinel(preferredValue)) {
+            return isSentinel(value.default) ? undefined : value.default;
+        }
+        if (isSentinel(value.default)) {
+            return undefined;
+        }
+        return preferredValue || value.default;
+    }
+    else if (typeof value === 'string') {
+        if (isSentinel(value)) {
+            return undefined;
+        }
+        return value;
+    }
+    else {
+        return undefined;
+    }
+}
+// ======================================================================

package/dist/utils/strings.d.ts

@@ -40,7 +40,7 @@ export declare function trimLines(s: string): string;
  *
  * Useful for implementing your own template literal tags.
  */
-export declare function templateIdentity(strings: TemplateStringsArray | readonly string[], ...values: any[]): string;
+export declare function templateIdentity(strings: TemplateStringsArray | readonly string[], ...values: string[]): string;
 export declare function deindent(code: string): string;
 export declare function deindent(strings: TemplateStringsArray | readonly string[], ...values: any[]): string;
 export declare function extractScopes(scope: string, removeDuplicates?: boolean): string[];

package/dist/utils/strings.js

@@ -61,21 +61,51 @@ export function trimEmptyLinesEnd(s) {
 export function trimLines(s) {
     return trimEmptyLinesEnd(trimEmptyLinesStart(s));
 }
+import.meta.vitest?.test("trimLines", ({ expect }) => {
+    expect(trimLines("")).toBe("");
+    expect(trimLines(" ")).toBe("");
+    expect(trimLines(" \n ")).toBe("");
+    expect(trimLines(" abc ")).toBe(" abc ");
+    expect(trimLines("\n  \nLine1\nLine2\n \n")).toBe("Line1\nLine2");
+    expect(trimLines("Line1\n   \nLine2")).toBe("Line1\n   \nLine2");
+    expect(trimLines(" \n    \n\t")).toBe("");
+    expect(trimLines("   Hello World")).toBe("   Hello World");
+    expect(trimLines("\n")).toBe("");
+    expect(trimLines("\t \n\t\tLine1 \n \nLine2\t\t\n\t  ")).toBe("\t\tLine1 \n \nLine2\t\t");
+});
 /**
  * A template literal tag that returns the same string as the template literal without a tag.
  *
  * Useful for implementing your own template literal tags.
  */
 export function templateIdentity(strings, ...values) {
+    if (values.length !== strings.length - 1)
+        throw new StackAssertionError("Invalid number of values; must be one less than strings", { strings, values });
     return strings.reduce((result, str, i) => result + str + (values[i] ?? ''), '');
 }
+import.meta.vitest?.test("templateIdentity", ({ expect }) => {
+    expect(templateIdentity `Hello World`).toBe("Hello World");
+    expect(templateIdentity `${"Hello"}`).toBe("Hello");
+    const greeting = "Hello";
+    const subject = "World";
+    expect(templateIdentity `${greeting}, ${subject}!`).toBe("Hello, World!");
+    expect(templateIdentity `${"A"}${"B"}${"C"}`).toBe("ABC");
+    expect(templateIdentity `Start${""}Middle${""}End`).toBe("StartMiddleEnd");
+    expect(templateIdentity ``).toBe("");
+    expect(templateIdentity `Line1
+Line2`).toBe("Line1\nLine2");
+    expect(templateIdentity(["a ", " scientific ", "gun"], "certain", "rail")).toBe("a certain scientific railgun");
+    expect(templateIdentity(["only one part"])).toBe("only one part");
+    expect(() => templateIdentity(["a ", "b", "c"], "only one")).toThrow("Invalid number of values");
+    expect(() => templateIdentity(["a", "b"], "x", "y")).toThrow("Invalid number of values");
+});
 export function deindent(strings, ...values) {
     if (typeof strings === "string")
         return deindent([strings]);
     if (strings.length === 0)
         return "";
     if (values.length !== strings.length - 1)
-        throw new Error("Invalid number of values; must be one less than strings");
+        throw new StackAssertionError("Invalid number of values; must be one less than strings", { strings, values });
     const trimmedStrings = [...strings];
     trimmedStrings[0] = trimEmptyLinesStart(trimmedStrings[0]);
     trimmedStrings[trimmedStrings.length - 1] = trimEmptyLinesEnd(trimmedStrings[trimmedStrings.length - 1]);

package/dist/utils/strings.test.d.ts

@@ -0,0 +1 @@
+export {};

package/dist/utils/strings.test.js

@@ -0,0 +1,26 @@
+import { describe, expect, it } from "vitest";
+import { templateIdentity } from "./strings";
+describe("templateIdentity", () => {
+    it("should be equivalent to a regular template string", () => {
+        const adjective = "scientific";
+        const noun = "railgun";
+        expect(templateIdentity `a certain scientific railgun`).toBe("a certain scientific railgun");
+        expect(templateIdentity `a certain ${adjective} railgun`).toBe(`a certain scientific railgun`);
+        expect(templateIdentity `a certain ${adjective} ${noun}`).toBe(`a certain scientific railgun`);
+        expect(templateIdentity `${adjective}${noun}`).toBe(`scientificrailgun`);
+    });
+    it("should work with empty strings", () => {
+        expect(templateIdentity ``).toBe("");
+        expect(templateIdentity `${""}`).toBe("");
+        expect(templateIdentity `${""}${""}`).toBe("");
+    });
+    it("should work with normal arrays", () => {
+        expect(templateIdentity(["a ", " scientific ", "gun"], "certain", "rail")).toBe("a certain scientific railgun");
+        expect(templateIdentity(["a"])).toBe("a");
+    });
+    it("should throw an error with wrong number of value arguments", () => {
+        expect(() => templateIdentity([])).toThrow();
+        expect(() => templateIdentity(["a", "b"])).toThrow();
+        expect(() => templateIdentity(["a", "b", "c"], "a", "b", "c")).toThrow();
+    });
+});

package/dist/utils/urls.d.ts

@@ -1,5 +1,6 @@
 export declare function createUrlIfValid(...args: ConstructorParameters<typeof URL>): URL | null;
 export declare function isValidUrl(url: string): boolean;
+export declare function isValidHostname(hostname: string): boolean;
 export declare function isLocalhost(urlOrString: string | URL): boolean;
 export declare function isRelative(url: string): boolean;
 export declare function getRelativePart(url: URL): string;

package/dist/utils/urls.js

@@ -11,6 +11,12 @@ export function createUrlIfValid(...args) {
 export function isValidUrl(url) {
     return !!createUrlIfValid(url);
 }
+export function isValidHostname(hostname) {
+    const url = createUrlIfValid(`https://${hostname}`);
+    if (!url)
+        return false;
+    return url.hostname === hostname;
+}
 export function isLocalhost(urlOrString) {
     const url = createUrlIfValid(urlOrString);
     if (!url)
@@ -49,5 +55,5 @@ export function url(strings, ...values) {
  * Any values passed are encoded.
  */
 export function urlString(strings, ...values) {
-    return templateIdentity(strings, values.map(encodeURIComponent));
+    return templateIdentity(strings, ...values.map(encodeURIComponent));
 }

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@stackframe/stack-shared",
-  "version": "2.7.14",
+  "version": "2.7.16",
   "main": "./dist/index.js",
   "types": "./dist/index.d.ts",
   "type": "module",
@@ -52,7 +52,7 @@
     "oauth4webapi": "^2.10.3",
     "semver": "^7.6.3",
     "uuid": "^9.0.1",
-    "@stackframe/stack-sc": "2.7.14"
+    "@stackframe/stack-sc": "2.7.16"
   },
   "devDependencies": {
     "@sentry/nextjs": "^8.40.0",
@@ -69,6 +69,7 @@
   "scripts": {
     "build": "tsc",
     "typecheck": "tsc --noEmit",
+    "test": "vitest run",
     "clean": "rimraf dist && rimraf node_modules",
     "dev": "tsc -w --preserveWatchOutput --declarationMap",
     "lint": "eslint --ext .tsx,.ts ."