@veloxts/client 0.6.88 → 0.6.90

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (2) hide show
  1. package/CHANGELOG.md +12 -11
  2. package/package.json +9 -9
package/CHANGELOG.md CHANGED
@@ -1,5 +1,17 @@
1
1
  # @veloxts/client
2
2
 
3
+ ## 0.6.90
4
+
5
+ ### Patch Changes
6
+
7
+ - Dependencies updates – fix critical and high severity vulnerabilities
8
+
9
+ ## 0.6.89
10
+
11
+ ### Patch Changes
12
+
13
+ - expand preset system with server config, auth presets, and security validation
14
+
3
15
  ## 0.6.88
4
16
 
5
17
  ### Patch Changes
@@ -115,7 +127,6 @@
115
127
  - ### feat(auth): Unified Adapter-Only Architecture
116
128
 
117
129
  **New Features:**
118
-
119
130
  - Add `JwtAdapter` implementing the `AuthAdapter` interface for unified JWT authentication
120
131
  - Add `jwtAuth()` convenience function for direct adapter usage with optional built-in routes (`/api/auth/refresh`, `/api/auth/logout`)
121
132
  - Add `AuthContext` discriminated union (`NativeAuthContext | AdapterAuthContext`) for type-safe auth mode handling
@@ -123,24 +134,20 @@
123
134
  - Add shared decoration utilities (`decorateAuth`, `setRequestAuth`, `checkDoubleRegistration`)
124
135
 
125
136
  **Architecture Changes:**
126
-
127
137
  - `authPlugin` now uses `JwtAdapter` internally - all authentication flows through the adapter pattern
128
138
  - Single code path for authentication (no more dual native/adapter modes)
129
139
  - `authContext.authMode` is now always `'adapter'` with `providerId='jwt'` when using `authPlugin`
130
140
 
131
141
  **Breaking Changes:**
132
-
133
142
  - Remove deprecated `LegacySessionConfig` interface (use `sessionMiddleware` instead)
134
143
  - Remove deprecated `session` field from `AuthConfig`
135
144
  - `User` interface no longer has index signature (extend via declaration merging)
136
145
 
137
146
  **Type Safety Improvements:**
138
-
139
147
  - `AuthContext` discriminated union enables exhaustive type narrowing based on `authMode`
140
148
  - Export `NativeAuthContext` and `AdapterAuthContext` types for explicit typing
141
149
 
142
150
  **Migration:**
143
-
144
151
  - Existing `authPlugin` usage remains backward-compatible
145
152
  - If checking `authContext.token`, use `authContext.session` instead (token stored in session for adapter mode)
146
153
 
@@ -155,12 +162,10 @@
155
162
  Addresses 9 user feedback items to improve DX, reduce boilerplate, and eliminate template duplications.
156
163
 
157
164
  ### Phase 1: Validation Helpers (`@veloxts/validation`)
158
-
159
165
  - Add `prismaDecimal()`, `prismaDecimalNullable()`, `prismaDecimalOptional()` for Prisma Decimal → number conversion
160
166
  - Add `dateToIso`, `dateToIsoNullable`, `dateToIsoOptional` aliases for consistency
161
167
 
162
168
  ### Phase 2: Template Deduplication (`@veloxts/auth`)
163
-
164
169
  - Export `createEnhancedTokenStore()` with token revocation and refresh token reuse detection
165
170
  - Export `parseUserRoles()` and `DEFAULT_ALLOWED_ROLES`
166
171
  - Fix memory leak: track pending timeouts for proper cleanup on `destroy()`
@@ -168,20 +173,17 @@
168
173
  - Fix jwtManager singleton pattern in templates
169
174
 
170
175
  ### Phase 3: Router Helpers (`@veloxts/router`)
171
-
172
176
  - Add `createRouter()` returning `{ collections, router }` for DRY setup
173
177
  - Add `toRouter()` for router-only use cases
174
178
  - Update all router templates to use `createRouter()`
175
179
 
176
180
  ### Phase 4: Guard Type Narrowing - Experimental (`@veloxts/auth`, `@veloxts/router`)
177
-
178
181
  - Add `NarrowingGuard` interface with phantom `_narrows` type
179
182
  - Add `authenticatedNarrow` and `hasRoleNarrow()` guards
180
183
  - Add `guardNarrow()` method to `ProcedureBuilder` for context narrowing
181
184
  - Enables `ctx.user` to be non-null after guard passes
182
185
 
183
186
  ### Phase 5: Documentation (`@veloxts/router`)
184
-
185
187
  - Document `.rest()` override patterns
186
188
  - Document `createRouter()` helper usage
187
189
  - Document `guardNarrow()` experimental API
@@ -796,7 +798,6 @@
796
798
  ### Patch Changes
797
799
 
798
800
  - Fix Prisma client generation in scaffolder
799
-
800
801
  - Added automatic Prisma client generation after dependency installation in create-velox-app
801
802
  - Fixed database template to validate DATABASE_URL environment variable
802
803
  - Added alpha release warning to all package READMEs
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@veloxts/client",
3
- "version": "0.6.88",
3
+ "version": "0.6.90",
4
4
  "description": "Type-safe frontend API client for VeloxTS framework",
5
5
  "type": "module",
6
6
  "main": "dist/index.js",
@@ -35,17 +35,17 @@
35
35
  }
36
36
  },
37
37
  "devDependencies": {
38
- "@tanstack/react-query": "5.90.12",
38
+ "@tanstack/react-query": "5.90.20",
39
39
  "@testing-library/jest-dom": "6.9.1",
40
- "@testing-library/react": "16.3.1",
41
- "@types/react": "19.2.7",
40
+ "@testing-library/react": "16.3.2",
41
+ "@types/react": "19.2.10",
42
42
  "@types/react-dom": "19.2.3",
43
- "@vitest/coverage-v8": "4.0.16",
44
- "jsdom": "27.3.0",
45
- "react": "19.2.3",
46
- "react-dom": "19.2.3",
43
+ "@vitest/coverage-v8": "4.0.18",
44
+ "jsdom": "27.4.0",
45
+ "react": "19.2.4",
46
+ "react-dom": "19.2.4",
47
47
  "typescript": "5.9.3",
48
- "vitest": "4.0.16"
48
+ "vitest": "4.0.18"
49
49
  },
50
50
  "keywords": [
51
51
  "velox",