strapi-plugin-firebase-authentication 1.2.0 → 1.2.3

package/dist/server/index.mjs

@@ -13,7 +13,7 @@ import require$$0$8 from "constants";
 import "node:stream";
 import admin$1 from "firebase-admin";
 import CryptoJS from "crypto-js";
-import * as fs$6 from "fs/promises";
+import * as fs$8 from "fs/promises";
 async function migrateFirebaseUserData(strapi2, dryRun = false) {
   strapi2.log.info("=== Firebase User Data Migration ===");
   strapi2.log.info(`Mode: ${dryRun ? "DRY RUN (no changes)" : "LIVE (will modify database)"}`);
@@ -369,293 +369,6 @@ const contentTypes = {
   "firebase-authentication-configuration": { schema: firebaseAuthenticationConfiguration },
   "firebase-user-data": { schema: firebaseUserData }
 };
-const pluginName = "firebase-authentication";
-const PLUGIN_NAME = "firebase-authentication";
-const PLUGIN_UID = `plugin::${PLUGIN_NAME}`;
-const CONFIG_CONTENT_TYPE = `${PLUGIN_UID}.firebase-authentication-configuration`;
-const DEFAULT_PASSWORD_RESET_URL = "http://localhost:3000/reset-password";
-const DEFAULT_PASSWORD_REGEX = "^.{6,}$";
-const DEFAULT_PASSWORD_MESSAGE = "Password must be at least 6 characters long";
-const DEFAULT_RESET_EMAIL_SUBJECT = "Reset Your Password";
-const ERROR_MESSAGES = {
-  FIREBASE_NOT_INITIALIZED: "Firebase is not initialized. Please upload Firebase service account configuration via Settings → Firebase Authentication.",
-  INVALID_JSON: "Invalid JSON format. Please ensure you copied the entire JSON content correctly.",
-  MISSING_DATA: "data is missing",
-  SOMETHING_WENT_WRONG: "Something went wrong",
-  AUTHENTICATION_FAILED: "Authentication failed",
-  TOKEN_MISSING: "idToken is missing!",
-  EMAIL_PASSWORD_REQUIRED: "Email and password are required",
-  PASSWORD_REQUIRED: "Password is required",
-  AUTHORIZATION_REQUIRED: "Authorization token is required",
-  INVALID_TOKEN: "Invalid or expired token",
-  USER_NOT_FOUND: "User not found",
-  USER_NO_EMAIL: "User does not have an email address",
-  FIREBASE_LINK_FAILED: "Failed to generate Firebase reset link",
-  CONFIG_NOT_FOUND: "No config found",
-  INVALID_SERVICE_ACCOUNT: "Invalid service account JSON",
-  WEB_API_NOT_CONFIGURED: "Email/password authentication is not available. Web API Key is not configured.",
-  RESET_URL_NOT_CONFIGURED: "Password reset URL is not configured",
-  RESET_URL_MUST_BE_HTTPS: "Password reset URL must use HTTPS in production",
-  RESET_URL_INVALID_FORMAT: "Password reset URL is not a valid URL format",
-  USER_NOT_LINKED_FIREBASE: "User is not linked to Firebase authentication",
-  OVERRIDE_USER_ID_REQUIRED: "Override user ID is required",
-  EITHER_EMAIL_OR_PHONE_REQUIRED: "Either email or phoneNumber is required",
-  DELETION_NO_CONFIG: "No Firebase configs exists for deletion"
-};
-const SUCCESS_MESSAGES = {
-  FIREBASE_INITIALIZED: "Firebase successfully initialized",
-  FIREBASE_CONFIG_DELETED: "Firebase config deleted and reinitialized",
-  PASSWORD_RESET_EMAIL_SENT: "If an account with that email exists, a password reset link has been sent.",
-  SERVER_RESTARTING: "SERVER IS RESTARTING"
-};
-const CONFIG_KEYS = {
-  ENCRYPTION_KEY: `${PLUGIN_UID}.FIREBASE_JSON_ENCRYPTION_KEY`
-};
-const REQUIRED_FIELDS = {
-  SERVICE_ACCOUNT: ["private_key", "client_email", "project_id", "type"],
-  WEB_CONFIG: ["apiKey", "authDomain"]
-  // These indicate wrong JSON type
-};
-const VALIDATION_MESSAGES = {
-  INVALID_SERVICE_ACCOUNT: "Invalid Service Account JSON. Missing required fields:",
-  WRONG_JSON_TYPE: "You uploaded a Web App Config (SDK snippet) instead of a Service Account JSON. Please go to Firebase Console → Service Accounts tab → Generate New Private Key to download the correct file.",
-  SERVICE_ACCOUNT_HELP: "Please download the correct JSON from Firebase Console → Service Accounts → Generate New Private Key. Do NOT use the Web App Config (SDK snippet) - that is a different file!"
-};
-const firebaseController = {
-  async validateToken(ctx) {
-    strapi.log.debug("validateToken called");
-    try {
-      const { idToken, profileMetaData } = ctx.request.body || {};
-      const populate2 = ctx.request.query.populate || [];
-      if (!idToken) {
-        return ctx.badRequest(ERROR_MESSAGES.TOKEN_MISSING);
-      }
-      const result = await strapi.plugin(pluginName).service("firebaseService").validateFirebaseToken(idToken, profileMetaData, populate2);
-      ctx.body = result;
-    } catch (error2) {
-      strapi.log.error(`validateToken controller error: ${error2.message}`);
-      if (error2.name === "ValidationError") {
-        return ctx.badRequest(error2.message);
-      }
-      if (error2.name === "UnauthorizedError") {
-        return ctx.unauthorized(error2.message);
-      }
-      throw error2;
-    }
-  },
-  async deleteByEmail(email2) {
-    const user = await strapi.firebase.auth().getUserByEmail(email2);
-    await strapi.plugin(pluginName).service("firebaseService").delete(user.toJSON().uid);
-    return user.toJSON();
-  },
-  async overrideAccess(ctx) {
-    try {
-      const { overrideUserId } = ctx.request.body || {};
-      const populate2 = ctx.request.query.populate || [];
-      const result = await strapi.plugin(pluginName).service("firebaseService").overrideFirebaseAccess(overrideUserId, populate2);
-      ctx.body = result;
-    } catch (error2) {
-      if (error2.name === "ValidationError") {
-        return ctx.badRequest(error2.message);
-      }
-      if (error2.name === "NotFoundError") {
-        return ctx.notFound(error2.message);
-      }
-      throw error2;
-    }
-  },
-  /**
-   * Controller method for email/password authentication
-   * Handles the `/api/firebase-authentication/emailLogin` endpoint
-   *
-   * @param ctx - Koa context object
-   * @returns Promise that sets ctx.body with user data and JWT or error message
-   *
-   * @remarks
-   * This controller acts as a proxy to Firebase's Identity Toolkit API,
-   * allowing users to authenticate with email/password and receive a Strapi JWT.
-   *
-   * HTTP Status Codes:
-   * - `400`: Validation errors (missing credentials, invalid email/password)
-   * - `500`: Server errors (missing configuration, Firebase API issues)
-   */
-  async emailLogin(ctx) {
-    strapi.log.debug("emailLogin controller");
-    try {
-      const { email: email2, password } = ctx.request.body || {};
-      const populate2 = ctx.request.query.populate || [];
-      const result = await strapi.plugin(pluginName).service("firebaseService").emailLogin(email2, password, populate2);
-      ctx.body = result;
-    } catch (error2) {
-      strapi.log.error("emailLogin controller error:", error2);
-      if (error2.name === "ValidationError") {
-        ctx.status = 400;
-      } else if (error2.name === "ApplicationError") {
-        ctx.status = 500;
-      } else {
-        ctx.status = 500;
-      }
-      ctx.body = { error: error2.message };
-    }
-  },
-  /**
-   * Forgot password - sends reset email
-   * POST /api/firebase-authentication/forgotPassword
-   * Public endpoint - no authentication required
-   */
-  async forgotPassword(ctx) {
-    strapi.log.debug("forgotPassword endpoint called");
-    try {
-      const { email: email2 } = ctx.request.body || {};
-      ctx.body = await strapi.plugin(pluginName).service("firebaseService").forgotPassword(email2);
-    } catch (error2) {
-      strapi.log.error("forgotPassword controller error:", error2);
-      if (error2.name === "ValidationError") {
-        ctx.status = 400;
-      } else if (error2.name === "NotFoundError") {
-        ctx.status = 404;
-      } else {
-        ctx.status = 500;
-      }
-      ctx.body = { error: error2.message };
-    }
-  },
-  /**
-   * Reset password - authenticated password change
-   * POST /api/firebase-authentication/resetPassword
-   * Public endpoint - requires valid JWT in Authorization header
-   * Used for admin-initiated resets or user self-service password changes
-   * NOT used for forgot password email flow (which uses Firebase's hosted UI)
-   */
-  async resetPassword(ctx) {
-    strapi.log.debug("resetPassword endpoint called");
-    try {
-      const { password } = ctx.request.body || {};
-      const token = ctx.request.headers.authorization?.replace("Bearer ", "");
-      const populate2 = ctx.request.query.populate || [];
-      ctx.body = await strapi.plugin(pluginName).service("firebaseService").resetPassword(password, token, populate2);
-    } catch (error2) {
-      strapi.log.error("resetPassword controller error:", error2);
-      if (error2.name === "ValidationError" || error2.name === "UnauthorizedError") {
-        ctx.status = 401;
-      } else {
-        ctx.status = 500;
-      }
-      ctx.body = { error: error2.message };
-    }
-  },
-  async requestMagicLink(ctx) {
-    try {
-      const { email: email2 } = ctx.request.body || {};
-      const result = await strapi.plugin("firebase-authentication").service("firebaseService").requestMagicLink(email2);
-      ctx.body = result;
-    } catch (error2) {
-      if (error2.name === "ValidationError" || error2.name === "ApplicationError") {
-        throw error2;
-      }
-      strapi.log.error("requestMagicLink controller error:", error2);
-      ctx.body = {
-        success: false,
-        message: "An error occurred while processing your request"
-      };
-    }
-  },
-  /**
-   * Reset password using custom JWT token
-   * POST /api/firebase-authentication/resetPasswordWithToken
-   * Public endpoint - token provides authentication
-   *
-   * @param ctx - Koa context with { token, newPassword } in body
-   * @returns { success: true, message: "Password has been reset successfully" }
-   */
-  async resetPasswordWithToken(ctx) {
-    strapi.log.debug("resetPasswordWithToken endpoint called");
-    try {
-      const { token, newPassword } = ctx.request.body || {};
-      if (!token) {
-        ctx.status = 400;
-        ctx.body = { error: "Token is required" };
-        return;
-      }
-      if (!newPassword) {
-        ctx.status = 400;
-        ctx.body = { error: "New password is required" };
-        return;
-      }
-      const result = await strapi.plugin(pluginName).service("userService").resetPasswordWithToken(token, newPassword);
-      ctx.body = result;
-    } catch (error2) {
-      strapi.log.error("resetPasswordWithToken controller error:", error2);
-      if (error2.name === "ValidationError") {
-        ctx.status = 400;
-        ctx.body = { error: error2.message };
-        return;
-      }
-      if (error2.name === "NotFoundError") {
-        ctx.status = 404;
-        ctx.body = { error: error2.message };
-        return;
-      }
-      ctx.status = 500;
-      ctx.body = { error: "An error occurred while resetting your password" };
-    }
-  },
-  /**
-   * Send email verification - public endpoint
-   * POST /api/firebase-authentication/sendVerificationEmail
-   * Public endpoint - no authentication required
-   */
-  async sendVerificationEmail(ctx) {
-    strapi.log.debug("sendVerificationEmail endpoint called");
-    try {
-      const { email: email2 } = ctx.request.body || {};
-      ctx.body = await strapi.plugin(pluginName).service("firebaseService").sendVerificationEmail(email2);
-    } catch (error2) {
-      strapi.log.error("sendVerificationEmail controller error:", error2);
-      if (error2.name === "ValidationError") {
-        ctx.status = 400;
-      } else {
-        ctx.status = 500;
-      }
-      ctx.body = { error: error2.message };
-    }
-  },
-  /**
-   * Verify email using custom JWT token
-   * POST /api/firebase-authentication/verifyEmail
-   * Public endpoint - token provides authentication
-   *
-   * @param ctx - Koa context with { token } in body
-   * @returns { success: true, message: "Email verified successfully" }
-   */
-  async verifyEmail(ctx) {
-    strapi.log.debug("verifyEmail endpoint called");
-    try {
-      const { token } = ctx.request.body || {};
-      if (!token) {
-        ctx.status = 400;
-        ctx.body = { error: "Token is required" };
-        return;
-      }
-      const result = await strapi.plugin(pluginName).service("firebaseService").verifyEmail(token);
-      ctx.body = result;
-    } catch (error2) {
-      strapi.log.error("verifyEmail controller error:", error2);
-      if (error2.name === "ValidationError") {
-        ctx.status = 400;
-        ctx.body = { error: error2.message };
-        return;
-      }
-      if (error2.name === "NotFoundError") {
-        ctx.status = 404;
-        ctx.body = { error: error2.message };
-        return;
-      }
-      ctx.status = 500;
-      ctx.body = { error: "An error occurred while verifying your email" };
-    }
-  }
-};
 var commonjsGlobal = typeof globalThis !== "undefined" ? globalThis : typeof window !== "undefined" ? window : typeof global !== "undefined" ? global : typeof self !== "undefined" ? self : {};
 function getDefaultExportFromCjs(x) {
   return x && x.__esModule && Object.prototype.hasOwnProperty.call(x, "default") ? x["default"] : x;
@@ -670,7 +383,7 @@ var lodash = { exports: {} };
  * Copyright Jeremy Ashkenas, DocumentCloud and Investigative Reporters & Editors
  */
 lodash.exports;
-(function(module, exports) {
+(function(module, exports$1) {
   (function() {
     var undefined$1;
     var VERSION = "4.17.21";
@@ -998,7 +711,7 @@ lodash.exports;
     var freeGlobal2 = typeof commonjsGlobal == "object" && commonjsGlobal && commonjsGlobal.Object === Object && commonjsGlobal;
     var freeSelf2 = typeof self == "object" && self && self.Object === Object && self;
     var root2 = freeGlobal2 || freeSelf2 || Function("return this")();
-    var freeExports = exports && !exports.nodeType && exports;
+    var freeExports = exports$1 && !exports$1.nodeType && exports$1;
     var freeModule = freeExports && true && module && !module.nodeType && module;
     var moduleExports = freeModule && freeModule.exports === freeExports;
     var freeProcess = moduleExports && freeGlobal2.process;
@@ -1269,9 +982,9 @@ lodash.exports;
     function hasUnicodeWord2(string2) {
       return reHasUnicodeWord2.test(string2);
     }
-    function iteratorToArray(iterator) {
+    function iteratorToArray(iterator2) {
       var data, result = [];
-      while (!(data = iterator.next()).done) {
+      while (!(data = iterator2.next()).done) {
         result.push(data.value);
       }
       return result;
@@ -6228,7 +5941,7 @@ var lodash_min = { exports: {} };
  * Copyright Jeremy Ashkenas, DocumentCloud and Investigative Reporters & Editors
  */
 lodash_min.exports;
-(function(module, exports) {
+(function(module, exports$1) {
   (function() {
     function n(n2, t3, r2) {
       switch (r2.length) {
@@ -6661,7 +6374,7 @@ lodash_min.exports;
       "œ": "oe",
       "ʼn": "'n",
       "ſ": "s"
-    }, Hr = { "&": "&amp;", "<": "&lt;", ">": "&gt;", '"': "&quot;", "'": "&#39;" }, Jr = { "&amp;": "&", "&lt;": "<", "&gt;": ">", "&quot;": '"', "&#39;": "'" }, Yr = { "\\": "\\", "'": "'", "\n": "n", "\r": "r", "\u2028": "u2028", "\u2029": "u2029" }, Qr = parseFloat, Xr = parseInt, ne = "object" == typeof commonjsGlobal && commonjsGlobal && commonjsGlobal.Object === Object && commonjsGlobal, te = "object" == typeof self && self && self.Object === Object && self, re2 = ne || te || Function("return this")(), ee = exports && !exports.nodeType && exports, ue = ee && true && module && !module.nodeType && module, ie = ue && ue.exports === ee, oe = ie && ne.process, fe = function() {
+    }, Hr = { "&": "&amp;", "<": "&lt;", ">": "&gt;", '"': "&quot;", "'": "&#39;" }, Jr = { "&amp;": "&", "&lt;": "<", "&gt;": ">", "&quot;": '"', "&#39;": "'" }, Yr = { "\\": "\\", "'": "'", "\n": "n", "\r": "r", "\u2028": "u2028", "\u2029": "u2029" }, Qr = parseFloat, Xr = parseInt, ne = "object" == typeof commonjsGlobal && commonjsGlobal && commonjsGlobal.Object === Object && commonjsGlobal, te = "object" == typeof self && self && self.Object === Object && self, re2 = ne || te || Function("return this")(), ee = exports$1 && !exports$1.nodeType && exports$1, ue = ee && true && module && !module.nodeType && module, ie = ue && ue.exports === ee, oe = ie && ne.process, fe = function() {
       try {
         var n2 = ue && ue.require && ue.require("util").types;
         return n2 ? n2 : oe && oe.binding && oe.binding("util");
@@ -9334,8 +9047,8 @@ lodash_min.exports;
 })(lodash_min, lodash_min.exports);
 var lodash_minExports = lodash_min.exports;
 var _mapping = {};
-(function(exports) {
-  exports.aliasToReal = {
+(function(exports$1) {
+  exports$1.aliasToReal = {
     // Lodash aliases.
     "each": "forEach",
     "eachRight": "forEachRight",
@@ -9400,7 +9113,7 @@ var _mapping = {};
     "whereEq": "isMatch",
     "zipObj": "zipObject"
   };
-  exports.aryMethod = {
+  exports$1.aryMethod = {
     "1": [
       "assignAll",
       "assignInAll",
@@ -9635,12 +9348,12 @@ var _mapping = {};
       "updateWith"
     ]
   };
-  exports.aryRearg = {
+  exports$1.aryRearg = {
     "2": [1, 0],
     "3": [2, 0, 1],
     "4": [3, 2, 0, 1]
   };
-  exports.iterateeAry = {
+  exports$1.iterateeAry = {
     "dropRightWhile": 1,
     "dropWhile": 1,
     "every": 1,
@@ -9678,11 +9391,11 @@ var _mapping = {};
     "times": 1,
     "transform": 2
   };
-  exports.iterateeRearg = {
+  exports$1.iterateeRearg = {
     "mapKeys": [1],
     "reduceRight": [1, 0]
   };
-  exports.methodRearg = {
+  exports$1.methodRearg = {
     "assignInAllWith": [1, 0],
     "assignInWith": [1, 2, 0],
     "assignAllWith": [1, 0],
@@ -9713,7 +9426,7 @@ var _mapping = {};
     "xorWith": [1, 2, 0],
     "zipWith": [1, 2, 0]
   };
-  exports.methodSpread = {
+  exports$1.methodSpread = {
     "assignAll": { "start": 0 },
     "assignAllWith": { "start": 0 },
     "assignInAll": { "start": 0 },
@@ -9729,7 +9442,7 @@ var _mapping = {};
     "without": { "start": 1 },
     "zipAll": { "start": 0 }
   };
-  exports.mutate = {
+  exports$1.mutate = {
     "array": {
       "fill": true,
       "pull": true,
@@ -9766,8 +9479,8 @@ var _mapping = {};
       "updateWith": true
     }
   };
-  exports.realToAlias = function() {
-    var hasOwnProperty2 = Object.prototype.hasOwnProperty, object2 = exports.aliasToReal, result = {};
+  exports$1.realToAlias = function() {
+    var hasOwnProperty2 = Object.prototype.hasOwnProperty, object2 = exports$1.aliasToReal, result = {};
     for (var key in object2) {
       var value = object2[key];
       if (hasOwnProperty2.call(result, value)) {
@@ -9778,7 +9491,7 @@ var _mapping = {};
     }
     return result;
   }();
-  exports.remap = {
+  exports$1.remap = {
     "assignAll": "assign",
     "assignAllWith": "assignWith",
     "assignInAll": "assignIn",
@@ -9812,7 +9525,7 @@ var _mapping = {};
     "trimCharsStart": "trimStart",
     "zipAll": "zip"
   };
-  exports.skipFixed = {
+  exports$1.skipFixed = {
     "castArray": true,
     "flow": true,
     "flowRight": true,
@@ -9821,7 +9534,7 @@ var _mapping = {};
     "rearg": true,
     "runInContext": true
   };
-  exports.skipRearg = {
+  exports$1.skipRearg = {
     "add": true,
     "assign": true,
     "assignIn": true,
@@ -9854,7 +9567,7 @@ var _mapping = {};
 })(_mapping);
 var placeholder = {};
 var mapping = _mapping, fallbackHolder = placeholder;
-var push = Array.prototype.push;
+var push$1 = Array.prototype.push;
 function baseArity(func, n) {
   return n == 2 ? function(a, b) {
     return func.apply(void 0, arguments);
@@ -9889,10 +9602,10 @@ function flatSpread(func, start) {
     }
     var array2 = args[start], otherArgs = args.slice(0, start);
     if (array2) {
-      push.apply(otherArgs, array2);
+      push$1.apply(otherArgs, array2);
     }
     if (start != lastIndex) {
-      push.apply(otherArgs, args.slice(start + 1));
+      push$1.apply(otherArgs, args.slice(start + 1));
     }
     return func.apply(this, otherArgs);
   };
@@ -10275,13 +9988,13 @@ const traverseEntity = async (visitor2, options2, entity) => {
     if (fp.isNil(value) || fp.isNil(attribute)) {
       continue;
     }
-    parent = {
-      schema: schema2,
-      key,
-      attribute,
-      path: newPath
-    };
     if (isRelationalAttribute(attribute)) {
+      parent = {
+        schema: schema2,
+        key,
+        attribute,
+        path: newPath
+      };
       const isMorphRelation = attribute.relation.toLowerCase().startsWith("morph");
       const method = isMorphRelation ? traverseMorphRelationTarget : traverseRelationTarget(getModel(attribute.target));
       if (fp.isArray(value)) {
@@ -10300,6 +10013,12 @@ const traverseEntity = async (visitor2, options2, entity) => {
       continue;
     }
     if (isMediaAttribute(attribute)) {
+      parent = {
+        schema: schema2,
+        key,
+        attribute,
+        path: newPath
+      };
       if (fp.isArray(value)) {
         const res = new Array(value.length);
         for (let i2 = 0; i2 < value.length; i2 += 1) {
@@ -10316,6 +10035,12 @@ const traverseEntity = async (visitor2, options2, entity) => {
       continue;
     }
     if (attribute.type === "component") {
+      parent = {
+        schema: schema2,
+        key,
+        attribute,
+        path: newPath
+      };
       const targetSchema = getModel(attribute.component);
       if (fp.isArray(value)) {
         const res = new Array(value.length);
@@ -10333,6 +10058,12 @@ const traverseEntity = async (visitor2, options2, entity) => {
       continue;
     }
     if (attribute.type === "dynamiczone" && fp.isArray(value)) {
+      parent = {
+        schema: schema2,
+        key,
+        attribute,
+        path: newPath
+      };
       const res = new Array(value.length);
       for (let i2 = 0; i2 < value.length; i2 += 1) {
         const arrayPath = {
@@ -10357,7 +10088,7 @@ const createVisitorUtils = ({ data }) => ({
 });
 fp.curry(traverseEntity);
 var dist = { exports: {} };
-(function(module, exports) {
+(function(module, exports$1) {
   !function(t2, n) {
     module.exports = n(require$$0$2, crypto$1);
   }(commonjsGlobal, function(t2, n) {
@@ -11905,9 +11636,9 @@ function stubFalse() {
 }
 var stubFalse_1 = stubFalse;
 isBuffer$2.exports;
-(function(module, exports) {
+(function(module, exports$1) {
   var root2 = _root, stubFalse2 = stubFalse_1;
-  var freeExports = exports && !exports.nodeType && exports;
+  var freeExports = exports$1 && !exports$1.nodeType && exports$1;
   var freeModule = freeExports && true && module && !module.nodeType && module;
   var moduleExports = freeModule && freeModule.exports === freeExports;
   var Buffer2 = moduleExports ? root2.Buffer : void 0;
@@ -11934,9 +11665,9 @@ function baseUnary$1(func) {
 var _baseUnary = baseUnary$1;
 var _nodeUtil = { exports: {} };
 _nodeUtil.exports;
-(function(module, exports) {
+(function(module, exports$1) {
   var freeGlobal2 = _freeGlobal;
-  var freeExports = exports && !exports.nodeType && exports;
+  var freeExports = exports$1 && !exports$1.nodeType && exports$1;
   var freeModule = freeExports && true && module && !module.nodeType && module;
   var moduleExports = freeModule && freeModule.exports === freeExports;
   var freeProcess = moduleExports && freeGlobal2.process;
@@ -12482,11 +12213,11 @@ function baseGet$2(object2, path2) {
 }
 var _baseGet = baseGet$2;
 var baseGet$1 = _baseGet;
-function get$1(object2, path2, defaultValue) {
+function get$2(object2, path2, defaultValue) {
   var result = object2 == null ? void 0 : baseGet$1(object2, path2);
   return result === void 0 ? defaultValue : result;
 }
-var get_1 = get$1;
+var get_1 = get$2;
 function baseHasIn$1(object2, key) {
   return object2 != null && key in Object(object2);
 }
@@ -12496,14 +12227,14 @@ function hasIn$1(object2, path2) {
   return object2 != null && hasPath(object2, path2, baseHasIn);
 }
 var hasIn_1 = hasIn$1;
-var baseIsEqual = _baseIsEqual, get = get_1, hasIn = hasIn_1, isKey$1 = _isKey, isStrictComparable = _isStrictComparable, matchesStrictComparable = _matchesStrictComparable, toKey$1 = _toKey;
+var baseIsEqual = _baseIsEqual, get$1 = get_1, hasIn = hasIn_1, isKey$1 = _isKey, isStrictComparable = _isStrictComparable, matchesStrictComparable = _matchesStrictComparable, toKey$1 = _toKey;
 var COMPARE_PARTIAL_FLAG = 1, COMPARE_UNORDERED_FLAG = 2;
 function baseMatchesProperty$1(path2, srcValue) {
   if (isKey$1(path2) && isStrictComparable(srcValue)) {
     return matchesStrictComparable(toKey$1(path2), srcValue);
   }
   return function(object2) {
-    var objValue = get(object2, path2);
+    var objValue = get$1(object2, path2);
     return objValue === void 0 && objValue === srcValue ? hasIn(object2, path2) : baseIsEqual(srcValue, objValue, COMPARE_PARTIAL_FLAG | COMPARE_UNORDERED_FLAG);
   };
 }
@@ -12799,7 +12530,7 @@ function createValidation(config2) {
   validate2.OPTIONS = config2;
   return validate2;
 }
-let trim = (part) => part.substr(0, part.length - 1).substr(1);
+let trim$1 = (part) => part.substr(0, part.length - 1).substr(1);
 function getIn(schema2, path2, value, context = value) {
   let parent, lastPart, lastPartDebug;
   if (!path2) return {
@@ -12808,7 +12539,7 @@ function getIn(schema2, path2, value, context = value) {
     schema: schema2
   };
   propertyExpr.forEach(path2, (_part, isBracket, isArray2) => {
-    let part = isBracket ? trim(_part) : _part;
+    let part = isBracket ? trim$1(_part) : _part;
     schema2 = schema2.resolve({
       context,
       parent,
@@ -14895,7 +14626,7 @@ function toIdentifier(str2) {
       Object.defineProperty(func, "name", desc);
     }
   }
-  function populateConstructorExports(exports, codes2, HttpError) {
+  function populateConstructorExports(exports$1, codes2, HttpError) {
     codes2.forEach(function forEachCode(code) {
       var CodeError;
       var name = toIdentifier2(statuses$1.message[code]);
@@ -14908,8 +14639,8 @@ function toIdentifier(str2) {
           break;
       }
       if (CodeError) {
-        exports[code] = CodeError;
-        exports[name] = CodeError;
+        exports$1[code] = CodeError;
+        exports$1[name] = CodeError;
       }
     });
   }
@@ -14931,7 +14662,7 @@ const formatYupErrors = (yupError) => ({
   message: yupError.message
 });
 let ApplicationError$2 = class ApplicationError extends Error {
-  constructor(message = "An application error occured", details = {}) {
+  constructor(message = "An application error occurred", details = {}) {
     super();
     this.name = "ApplicationError";
     this.message = message;
@@ -15195,7 +14926,7 @@ var pMap = async (iterable, mapper, {
     }
     const result = [];
     const errors2 = [];
-    const iterator = iterable[Symbol.iterator]();
+    const iterator2 = iterable[Symbol.iterator]();
     let isRejected = false;
     let isIterableDone = false;
     let resolvingCount = 0;
@@ -15204,7 +14935,7 @@ var pMap = async (iterable, mapper, {
       if (isRejected) {
         return;
       }
-      const nextItem = iterator.next();
+      const nextItem = iterator2.next();
       const index2 = currentIndex;
       currentIndex++;
       if (nextItem.done) {
@@ -16414,16 +16145,16 @@ var shebangCommand$1 = (string2 = "") => {
   }
   return argument ? `${binary2} ${argument}` : binary2;
 };
-const fs$5 = require$$0$4;
+const fs$7 = require$$0$4;
 const shebangCommand = shebangCommand$1;
 function readShebang$1(command2) {
   const size = 150;
   const buffer = Buffer.alloc(size);
   let fd;
   try {
-    fd = fs$5.openSync(command2, "r");
-    fs$5.readSync(fd, buffer, 0, size, 0);
-    fs$5.closeSync(fd);
+    fd = fs$7.openSync(command2, "r");
+    fs$7.readSync(fd, buffer, 0, size, 0);
+    fs$7.closeSync(fd);
   } catch (e) {
   }
   return shebangCommand(buffer.toString());
@@ -17434,9 +17165,9 @@ var bufferStream$1 = (options2) => {
 };
 const { constants: BufferConstants } = require$$0$7;
 const stream$1 = require$$0$6;
-const { promisify: promisify$3 } = require$$2$1;
+const { promisify: promisify$5 } = require$$2$1;
 const bufferStream = bufferStream$1;
-const streamPipelinePromisified = promisify$3(stream$1.pipeline);
+const streamPipelinePromisified = promisify$5(stream$1.pipeline);
 class MaxBufferError extends Error {
   constructor() {
     super("maxBuffer exceeded");
@@ -17972,11 +17703,11 @@ pLocate$4.exports = pLocate$3;
 pLocate$4.exports.default = pLocate$3;
 var pLocateExports = pLocate$4.exports;
 const path$4 = require$$0__default;
-const fs$4 = require$$0$4;
-const { promisify: promisify$2 } = require$$2$1;
+const fs$6 = require$$0$4;
+const { promisify: promisify$4 } = require$$2$1;
 const pLocate$2 = pLocateExports;
-const fsStat$1 = promisify$2(fs$4.stat);
-const fsLStat$1 = promisify$2(fs$4.lstat);
+const fsStat$1 = promisify$4(fs$6.stat);
+const fsLStat$1 = promisify$4(fs$6.lstat);
 const typeMappings$1 = {
   directory: "isDirectory",
   file: "isFile"
@@ -18014,7 +17745,7 @@ locatePath$1.exports.sync = (paths, options2) => {
     ...options2
   };
   checkType$1(options2);
-  const statFn = options2.allowSymlinks ? fs$4.statSync : fs$4.lstatSync;
+  const statFn = options2.allowSymlinks ? fs$6.statSync : fs$6.lstatSync;
   for (const path_ of paths) {
     try {
       const stat = statFn(path$4.resolve(options2.cwd, path_));
@@ -18026,31 +17757,31 @@ locatePath$1.exports.sync = (paths, options2) => {
   }
 };
 var locatePathExports$1 = locatePath$1.exports;
-var pathExists = { exports: {} };
-const fs$3 = require$$0$4;
-const { promisify: promisify$1 } = require$$2$1;
-const pAccess = promisify$1(fs$3.access);
-pathExists.exports = async (path2) => {
+var pathExists$2 = { exports: {} };
+const fs$5 = require$$0$4;
+const { promisify: promisify$3 } = require$$2$1;
+const pAccess$2 = promisify$3(fs$5.access);
+pathExists$2.exports = async (path2) => {
   try {
-    await pAccess(path2);
+    await pAccess$2(path2);
     return true;
   } catch (_2) {
     return false;
   }
 };
-pathExists.exports.sync = (path2) => {
+pathExists$2.exports.sync = (path2) => {
   try {
-    fs$3.accessSync(path2);
+    fs$5.accessSync(path2);
     return true;
   } catch (_2) {
     return false;
   }
 };
-var pathExistsExports = pathExists.exports;
+var pathExistsExports$1 = pathExists$2.exports;
 (function(module) {
   const path2 = require$$0__default;
   const locatePath2 = locatePathExports$1;
-  const pathExists2 = pathExistsExports;
+  const pathExists2 = pathExistsExports$1;
   const stop = Symbol("findUp.stop");
   module.exports = async (name, options2 = {}) => {
     let directory = path2.resolve(options2.cwd || "");
@@ -18127,8 +17858,8 @@ pkgDir$1.exports.sync = (cwd2) => {
 };
 var pkgDirExports = pkgDir$1.exports;
 var utils$8 = {};
-(function(exports) {
-  exports.isInteger = (num) => {
+(function(exports$1) {
+  exports$1.isInteger = (num) => {
     if (typeof num === "number") {
       return Number.isInteger(num);
     }
@@ -18137,13 +17868,13 @@ var utils$8 = {};
     }
     return false;
   };
-  exports.find = (node, type2) => node.nodes.find((node2) => node2.type === type2);
-  exports.exceedsLimit = (min, max, step = 1, limit) => {
+  exports$1.find = (node, type2) => node.nodes.find((node2) => node2.type === type2);
+  exports$1.exceedsLimit = (min, max, step = 1, limit) => {
     if (limit === false) return false;
-    if (!exports.isInteger(min) || !exports.isInteger(max)) return false;
+    if (!exports$1.isInteger(min) || !exports$1.isInteger(max)) return false;
     return (Number(max) - Number(min)) / Number(step) >= limit;
   };
-  exports.escapeNode = (block, n = 0, type2) => {
+  exports$1.escapeNode = (block, n = 0, type2) => {
     const node = block.nodes[n];
     if (!node) return;
     if (type2 && node.type === type2 || node.type === "open" || node.type === "close") {
@@ -18153,7 +17884,7 @@ var utils$8 = {};
       }
     }
   };
-  exports.encloseBrace = (node) => {
+  exports$1.encloseBrace = (node) => {
     if (node.type !== "brace") return false;
     if (node.commas >> 0 + node.ranges >> 0 === 0) {
       node.invalid = true;
@@ -18161,7 +17892,7 @@ var utils$8 = {};
     }
     return false;
   };
-  exports.isInvalidBrace = (block) => {
+  exports$1.isInvalidBrace = (block) => {
     if (block.type !== "brace") return false;
     if (block.invalid === true || block.dollar) return true;
     if (block.commas >> 0 + block.ranges >> 0 === 0) {
@@ -18174,18 +17905,18 @@ var utils$8 = {};
     }
     return false;
   };
-  exports.isOpenOrClose = (node) => {
+  exports$1.isOpenOrClose = (node) => {
     if (node.type === "open" || node.type === "close") {
       return true;
     }
     return node.open === true || node.close === true;
   };
-  exports.reduce = (nodes) => nodes.reduce((acc, node) => {
+  exports$1.reduce = (nodes) => nodes.reduce((acc, node) => {
     if (node.type === "text") acc.push(node.value);
     if (node.type === "range") node.type = "text";
     return acc;
   }, []);
-  exports.flatten = (...args) => {
+  exports$1.flatten = (...args) => {
     const result = [];
     const flat = (arr) => {
       for (let i = 0; i < arr.length; i++) {
@@ -19287,7 +19018,7 @@ var constants$5 = {
     return win32 === true ? WINDOWS_CHARS : POSIX_CHARS;
   }
 };
-(function(exports) {
+(function(exports$1) {
   const path2 = require$$0__default;
   const win32 = process.platform === "win32";
   const {
@@ -19296,36 +19027,36 @@ var constants$5 = {
     REGEX_SPECIAL_CHARS,
     REGEX_SPECIAL_CHARS_GLOBAL
   } = constants$5;
-  exports.isObject = (val) => val !== null && typeof val === "object" && !Array.isArray(val);
-  exports.hasRegexChars = (str2) => REGEX_SPECIAL_CHARS.test(str2);
-  exports.isRegexChar = (str2) => str2.length === 1 && exports.hasRegexChars(str2);
-  exports.escapeRegex = (str2) => str2.replace(REGEX_SPECIAL_CHARS_GLOBAL, "\\$1");
-  exports.toPosixSlashes = (str2) => str2.replace(REGEX_BACKSLASH, "/");
-  exports.removeBackslashes = (str2) => {
+  exports$1.isObject = (val) => val !== null && typeof val === "object" && !Array.isArray(val);
+  exports$1.hasRegexChars = (str2) => REGEX_SPECIAL_CHARS.test(str2);
+  exports$1.isRegexChar = (str2) => str2.length === 1 && exports$1.hasRegexChars(str2);
+  exports$1.escapeRegex = (str2) => str2.replace(REGEX_SPECIAL_CHARS_GLOBAL, "\\$1");
+  exports$1.toPosixSlashes = (str2) => str2.replace(REGEX_BACKSLASH, "/");
+  exports$1.removeBackslashes = (str2) => {
     return str2.replace(REGEX_REMOVE_BACKSLASH, (match) => {
       return match === "\\" ? "" : match;
     });
   };
-  exports.supportsLookbehinds = () => {
+  exports$1.supportsLookbehinds = () => {
     const segs = process.version.slice(1).split(".").map(Number);
     if (segs.length === 3 && segs[0] >= 9 || segs[0] === 8 && segs[1] >= 10) {
       return true;
     }
     return false;
   };
-  exports.isWindows = (options2) => {
+  exports$1.isWindows = (options2) => {
     if (options2 && typeof options2.windows === "boolean") {
       return options2.windows;
     }
     return win32 === true || path2.sep === "\\";
   };
-  exports.escapeLast = (input, char, lastIdx) => {
+  exports$1.escapeLast = (input, char, lastIdx) => {
     const idx = input.lastIndexOf(char, lastIdx);
     if (idx === -1) return input;
-    if (input[idx - 1] === "\\") return exports.escapeLast(input, char, idx - 1);
+    if (input[idx - 1] === "\\") return exports$1.escapeLast(input, char, idx - 1);
     return `${input.slice(0, idx)}\\${input.slice(idx)}`;
   };
-  exports.removePrefix = (input, state = {}) => {
+  exports$1.removePrefix = (input, state = {}) => {
     let output = input;
     if (output.startsWith("./")) {
       output = output.slice(2);
@@ -19333,7 +19064,7 @@ var constants$5 = {
     }
     return output;
   };
-  exports.wrapOutput = (input, state = {}, options2 = {}) => {
+  exports$1.wrapOutput = (input, state = {}, options2 = {}) => {
     const prepend = options2.contains ? "" : "^";
     const append2 = options2.contains ? "" : "$";
     let output = `${prepend}(?:${input})${append2}`;
@@ -20804,14 +20535,14 @@ const core_1 = core$1;
 core_1.findWorkspaceRoot;
 var findUp = { exports: {} };
 var locatePath = { exports: {} };
-class Node {
+let Node$1 = class Node {
   /// value;
   /// next;
   constructor(value) {
     this.value = value;
     this.next = void 0;
   }
-}
+};
 let Queue$1 = class Queue {
   // TODO: Use private class fields when targeting Node.js 12.
   // #_head;
@@ -20821,7 +20552,7 @@ let Queue$1 = class Queue {
     this.clear();
   }
   enqueue(value) {
-    const node = new Node(value);
+    const node = new Node$1(value);
     if (this._head) {
       this._tail.next = node;
       this._tail = node;
@@ -20943,11 +20674,11 @@ const pLocate$1 = async (iterable, tester, options2) => {
 };
 var pLocate_1 = pLocate$1;
 const path = require$$0__default;
-const fs$2 = require$$0$4;
-const { promisify } = require$$2$1;
+const fs$4 = require$$0$4;
+const { promisify: promisify$2 } = require$$2$1;
 const pLocate = pLocate_1;
-const fsStat = promisify(fs$2.stat);
-const fsLStat = promisify(fs$2.lstat);
+const fsStat = promisify$2(fs$4.stat);
+const fsLStat = promisify$2(fs$4.lstat);
 const typeMappings = {
   directory: "isDirectory",
   file: "isFile"
@@ -20985,7 +20716,7 @@ locatePath.exports.sync = (paths, options2) => {
     ...options2
   };
   checkType(options2);
-  const statFn = options2.allowSymlinks ? fs$2.statSync : fs$2.lstatSync;
+  const statFn = options2.allowSymlinks ? fs$4.statSync : fs$4.lstatSync;
   for (const path_ of paths) {
     try {
       const stat = statFn(path.resolve(options2.cwd, path_));
@@ -20997,6 +20728,27 @@ locatePath.exports.sync = (paths, options2) => {
   }
 };
 var locatePathExports = locatePath.exports;
+var pathExists$1 = { exports: {} };
+const fs$3 = require$$0$4;
+const { promisify: promisify$1 } = require$$2$1;
+const pAccess$1 = promisify$1(fs$3.access);
+pathExists$1.exports = async (path2) => {
+  try {
+    await pAccess$1(path2);
+    return true;
+  } catch (_2) {
+    return false;
+  }
+};
+pathExists$1.exports.sync = (path2) => {
+  try {
+    fs$3.accessSync(path2);
+    return true;
+  } catch (_2) {
+    return false;
+  }
+};
+var pathExistsExports = pathExists$1.exports;
 (function(module) {
   const path2 = require$$0__default;
   const locatePath2 = locatePathExports;
@@ -21062,6 +20814,26 @@ var locatePathExports = locatePath.exports;
   module.exports.sync.exists = pathExists2.sync;
   module.exports.stop = stop;
 })(findUp);
+var pathExists = { exports: {} };
+const fs$2 = require$$0$4;
+const { promisify } = require$$2$1;
+const pAccess = promisify(fs$2.access);
+pathExists.exports = async (path2) => {
+  try {
+    await pAccess(path2);
+    return true;
+  } catch (_2) {
+    return false;
+  }
+};
+pathExists.exports.sync = (path2) => {
+  try {
+    fs$2.accessSync(path2);
+    return true;
+  } catch (_2) {
+    return false;
+  }
+};
 var loadYamlFile = { exports: {} };
 var constants$2 = require$$0$8;
 var origCwd = process.cwd;
@@ -22888,6 +22660,18 @@ function charFromCodepoint(c) {
     (c - 65536 & 1023) + 56320
   );
 }
+function setProperty(object2, key, value) {
+  if (key === "__proto__") {
+    Object.defineProperty(object2, key, {
+      configurable: true,
+      enumerable: true,
+      writable: true,
+      value
+    });
+  } else {
+    object2[key] = value;
+  }
+}
 var simpleEscapeCheck = new Array(256);
 var simpleEscapeMap = new Array(256);
 for (var i = 0; i < 256; i++) {
@@ -22994,7 +22778,7 @@ function mergeMappings(state, destination, source, overridableKeys) {
   for (index2 = 0, quantity = sourceKeys.length; index2 < quantity; index2 += 1) {
     key = sourceKeys[index2];
     if (!_hasOwnProperty$1.call(destination, key)) {
-      destination[key] = source[key];
+      setProperty(destination, key, source[key]);
       overridableKeys[key] = true;
     }
   }
@@ -23033,7 +22817,7 @@ function storeMappingPair(state, _result, overridableKeys, keyTag, keyNode, valu
       state.position = startPos || state.position;
       throwError(state, "duplicated mapping key");
     }
-    _result[keyNode] = valueNode;
+    setProperty(_result, keyNode, valueNode);
     delete overridableKeys[keyNode];
   }
   return _result;
@@ -23877,17 +23661,17 @@ function loadDocuments(input, options2) {
   }
   return state.documents;
 }
-function loadAll(input, iterator, options2) {
-  if (iterator !== null && typeof iterator === "object" && typeof options2 === "undefined") {
-    options2 = iterator;
-    iterator = null;
+function loadAll(input, iterator2, options2) {
+  if (iterator2 !== null && typeof iterator2 === "object" && typeof options2 === "undefined") {
+    options2 = iterator2;
+    iterator2 = null;
   }
   var documents = loadDocuments(input, options2);
-  if (typeof iterator !== "function") {
+  if (typeof iterator2 !== "function") {
     return documents;
   }
   for (var index2 = 0, length = documents.length; index2 < length; index2 += 1) {
-    iterator(documents[index2]);
+    iterator2(documents[index2]);
   }
 }
 function load(input, options2) {
@@ -23899,12 +23683,12 @@ function load(input, options2) {
   }
   throw new YAMLException$1("expected a single document in the stream, but found more");
 }
-function safeLoadAll(input, iterator, options2) {
-  if (typeof iterator === "object" && iterator !== null && typeof options2 === "undefined") {
-    options2 = iterator;
-    iterator = null;
+function safeLoadAll(input, iterator2, options2) {
+  if (typeof iterator2 === "object" && iterator2 !== null && typeof options2 === "undefined") {
+    options2 = iterator2;
+    iterator2 = null;
   }
-  return loadAll(input, iterator, common$1.extend({ schema: DEFAULT_SAFE_SCHEMA$1 }, options2));
+  return loadAll(input, iterator2, common$1.extend({ schema: DEFAULT_SAFE_SCHEMA$1 }, options2));
 }
 function safeLoad(input, options2) {
   return load(input, common$1.extend({ schema: DEFAULT_SAFE_SCHEMA$1 }, options2));
@@ -28936,6 +28720,250 @@ _enum([
   "published"
 ]).describe("Filter by publication status");
 string().describe("Search query string");
+const pluginName = "firebase-authentication";
+const PLUGIN_NAME = "firebase-authentication";
+const PLUGIN_UID = `plugin::${PLUGIN_NAME}`;
+const CONFIG_CONTENT_TYPE = `${PLUGIN_UID}.firebase-authentication-configuration`;
+const DEFAULT_PASSWORD_RESET_URL = "http://localhost:3000/reset-password";
+const DEFAULT_PASSWORD_REGEX = "^.{6,}$";
+const DEFAULT_PASSWORD_MESSAGE = "Password must be at least 6 characters long";
+const DEFAULT_RESET_EMAIL_SUBJECT = "Reset Your Password";
+const ERROR_MESSAGES = {
+  FIREBASE_NOT_INITIALIZED: "Firebase is not initialized. Please upload Firebase service account configuration via Settings → Firebase Authentication.",
+  INVALID_JSON: "Invalid JSON format. Please ensure you copied the entire JSON content correctly.",
+  MISSING_DATA: "data is missing",
+  SOMETHING_WENT_WRONG: "Something went wrong",
+  AUTHENTICATION_FAILED: "Authentication failed",
+  TOKEN_MISSING: "idToken is missing!",
+  EMAIL_PASSWORD_REQUIRED: "Email and password are required",
+  PASSWORD_REQUIRED: "Password is required",
+  AUTHORIZATION_REQUIRED: "Authorization token is required",
+  INVALID_TOKEN: "Invalid or expired token",
+  USER_NOT_FOUND: "User not found",
+  USER_NO_EMAIL: "User does not have an email address",
+  FIREBASE_LINK_FAILED: "Failed to generate Firebase reset link",
+  CONFIG_NOT_FOUND: "No config found",
+  INVALID_SERVICE_ACCOUNT: "Invalid service account JSON",
+  WEB_API_NOT_CONFIGURED: "Email/password authentication is not available. Web API Key is not configured.",
+  RESET_URL_NOT_CONFIGURED: "Password reset URL is not configured",
+  RESET_URL_MUST_BE_HTTPS: "Password reset URL must use HTTPS in production",
+  RESET_URL_INVALID_FORMAT: "Password reset URL is not a valid URL format",
+  USER_NOT_LINKED_FIREBASE: "User is not linked to Firebase authentication",
+  OVERRIDE_USER_ID_REQUIRED: "Override user ID is required",
+  EITHER_EMAIL_OR_PHONE_REQUIRED: "Either email or phoneNumber is required",
+  DELETION_NO_CONFIG: "No Firebase configs exists for deletion"
+};
+const SUCCESS_MESSAGES = {
+  FIREBASE_INITIALIZED: "Firebase successfully initialized",
+  FIREBASE_CONFIG_DELETED: "Firebase config deleted and reinitialized",
+  PASSWORD_RESET_EMAIL_SENT: "If an account with that email exists, a password reset link has been sent.",
+  SERVER_RESTARTING: "SERVER IS RESTARTING"
+};
+const CONFIG_KEYS = {
+  ENCRYPTION_KEY: `${PLUGIN_UID}.FIREBASE_JSON_ENCRYPTION_KEY`
+};
+const REQUIRED_FIELDS = {
+  SERVICE_ACCOUNT: ["private_key", "client_email", "project_id", "type"],
+  WEB_CONFIG: ["apiKey", "authDomain"]
+  // These indicate wrong JSON type
+};
+const VALIDATION_MESSAGES = {
+  INVALID_SERVICE_ACCOUNT: "Invalid Service Account JSON. Missing required fields:",
+  WRONG_JSON_TYPE: "You uploaded a Web App Config (SDK snippet) instead of a Service Account JSON. Please go to Firebase Console → Service Accounts tab → Generate New Private Key to download the correct file.",
+  SERVICE_ACCOUNT_HELP: "Please download the correct JSON from Firebase Console → Service Accounts → Generate New Private Key. Do NOT use the Web App Config (SDK snippet) - that is a different file!"
+};
+const firebaseController = {
+  async validateToken(ctx) {
+    strapi.log.debug("validateToken called");
+    try {
+      const { idToken, profileMetaData } = ctx.request.body || {};
+      const populate2 = ctx.request.query.populate || [];
+      if (!idToken) {
+        return ctx.badRequest(ERROR_MESSAGES.TOKEN_MISSING);
+      }
+      const result = await strapi.plugin(pluginName).service("firebaseService").validateFirebaseToken(idToken, profileMetaData, populate2);
+      ctx.body = result;
+    } catch (error2) {
+      strapi.log.error(`validateToken controller error: ${error2.message}`);
+      if (error2.name === "ValidationError") {
+        return ctx.badRequest(error2.message);
+      }
+      if (error2.name === "UnauthorizedError") {
+        return ctx.unauthorized(error2.message);
+      }
+      throw error2;
+    }
+  },
+  async deleteByEmail(email2) {
+    try {
+      const user = await strapi.firebase.auth().getUserByEmail(email2);
+      await strapi.plugin(pluginName).service("firebaseService").delete(user.toJSON().uid);
+      return user.toJSON();
+    } catch (error2) {
+      strapi.log.error("deleteByEmail error:", error2);
+      throw error2;
+    }
+  },
+  async overrideAccess(ctx) {
+    try {
+      const { overrideUserId } = ctx.request.body || {};
+      const populate2 = ctx.request.query.populate || [];
+      const result = await strapi.plugin(pluginName).service("firebaseService").overrideFirebaseAccess(overrideUserId, populate2);
+      ctx.body = result;
+    } catch (error2) {
+      if (error2.name === "ValidationError") {
+        return ctx.badRequest(error2.message);
+      }
+      if (error2.name === "NotFoundError") {
+        return ctx.notFound(error2.message);
+      }
+      throw error2;
+    }
+  },
+  /**
+   * Controller method for email/password authentication
+   * Handles the `/api/firebase-authentication/emailLogin` endpoint
+   *
+   * @param ctx - Koa context object
+   * @returns Promise that sets ctx.body with user data and JWT or error message
+   *
+   * @remarks
+   * This controller acts as a proxy to Firebase's Identity Toolkit API,
+   * allowing users to authenticate with email/password and receive a Strapi JWT.
+   *
+   * HTTP Status Codes:
+   * - `400`: Validation errors (missing credentials, invalid email/password)
+   * - `500`: Server errors (missing configuration, Firebase API issues)
+   */
+  async emailLogin(ctx) {
+    strapi.log.debug("emailLogin controller");
+    try {
+      const { email: email2, password } = ctx.request.body || {};
+      const populate2 = ctx.request.query.populate || [];
+      const result = await strapi.plugin(pluginName).service("firebaseService").emailLogin(email2, password, populate2);
+      ctx.body = result;
+    } catch (error2) {
+      strapi.log.error("emailLogin controller error:", error2);
+      throw error2;
+    }
+  },
+  /**
+   * Forgot password - sends reset email
+   * POST /api/firebase-authentication/forgotPassword
+   * Public endpoint - no authentication required
+   */
+  async forgotPassword(ctx) {
+    strapi.log.debug("forgotPassword endpoint called");
+    try {
+      const { email: email2 } = ctx.request.body || {};
+      ctx.body = await strapi.plugin(pluginName).service("firebaseService").forgotPassword(email2);
+    } catch (error2) {
+      strapi.log.error("forgotPassword controller error:", error2);
+      throw error2;
+    }
+  },
+  /**
+   * Reset password - authenticated password change
+   * POST /api/firebase-authentication/resetPassword
+   * Authenticated endpoint - requires valid JWT (enforced by is-authenticated policy)
+   * Used for admin-initiated resets or user self-service password changes
+   * NOT used for forgot password email flow (which uses Firebase's hosted UI)
+   */
+  async resetPassword(ctx) {
+    strapi.log.debug("resetPassword endpoint called");
+    try {
+      const { password } = ctx.request.body || {};
+      const user = ctx.state.user;
+      const populate2 = ctx.request.query.populate || [];
+      ctx.body = await strapi.plugin(pluginName).service("firebaseService").resetPassword(password, user, populate2);
+    } catch (error2) {
+      strapi.log.error("resetPassword controller error:", error2);
+      throw error2;
+    }
+  },
+  async requestMagicLink(ctx) {
+    try {
+      const { email: email2 } = ctx.request.body || {};
+      const result = await strapi.plugin("firebase-authentication").service("firebaseService").requestMagicLink(email2);
+      ctx.body = result;
+    } catch (error2) {
+      if (error2.name === "ValidationError" || error2.name === "ApplicationError") {
+        throw error2;
+      }
+      strapi.log.error("requestMagicLink controller error:", error2);
+      ctx.body = {
+        success: false,
+        message: "An error occurred while processing your request"
+      };
+    }
+  },
+  /**
+   * Reset password using custom JWT token
+   * POST /api/firebase-authentication/resetPasswordWithToken
+   * Public endpoint - token provides authentication
+   *
+   * @param ctx - Koa context with { token, newPassword } in body
+   * @returns { success: true, message: "Password has been reset successfully" }
+   */
+  async resetPasswordWithToken(ctx) {
+    strapi.log.debug("resetPasswordWithToken endpoint called");
+    try {
+      const { token, newPassword } = ctx.request.body || {};
+      if (!token) {
+        throw new ValidationError$1("Token is required");
+      }
+      if (!newPassword) {
+        throw new ValidationError$1("New password is required");
+      }
+      const result = await strapi.plugin(pluginName).service("userService").resetPasswordWithToken(token, newPassword);
+      ctx.body = result;
+    } catch (error2) {
+      strapi.log.error("resetPasswordWithToken controller error:", error2);
+      throw error2;
+    }
+  },
+  /**
+   * Send email verification - public endpoint
+   * POST /api/firebase-authentication/sendVerificationEmail
+   * Authenticated endpoint - sends verification email to the logged-in user's email
+   */
+  async sendVerificationEmail(ctx) {
+    strapi.log.debug("sendVerificationEmail endpoint called");
+    try {
+      const user = ctx.state.user;
+      const email2 = user.email;
+      ctx.body = await strapi.plugin(pluginName).service("firebaseService").sendVerificationEmail(email2);
+    } catch (error2) {
+      strapi.log.error("sendVerificationEmail controller error:", error2);
+      throw error2;
+    }
+  },
+  /**
+   * Verify email using custom JWT token
+   * POST /api/firebase-authentication/verifyEmail
+   * Public endpoint - token provides authentication
+   *
+   * @param ctx - Koa context with { token } in body
+   * @returns { success: true, message: "Email verified successfully" }
+   */
+  async verifyEmail(ctx) {
+    strapi.log.debug("verifyEmail endpoint called");
+    try {
+      const { token } = ctx.request.body || {};
+      if (!token) {
+        return ctx.badRequest("Token is required");
+      }
+      const result = await strapi.plugin(pluginName).service("firebaseService").verifyEmail(token);
+      ctx.body = result;
+    } catch (error2) {
+      strapi.log.error("verifyEmail controller error:", error2);
+      if (error2.name === "ValidationError") {
+        return ctx.badRequest(error2.message);
+      }
+      throw error2;
+    }
+  }
+};
 const STRAPI_DESTINATION = "strapi";
 const FIREBASE_DESTINATION = "firebase";
 const userController = {
@@ -29197,7 +29225,16 @@ const controllers = {
   settingsController
 };
 const middlewares = {};
-const policies = {};
+const isAuthenticated = async (policyContext) => {
+  const user = policyContext.state.user;
+  if (!user) {
+    throw new UnauthorizedError("Authentication required");
+  }
+  return true;
+};
+const policies = {
+  "is-authenticated": isAuthenticated
+};
 const settingsRoute = [
   {
     method: "POST",
@@ -29347,9 +29384,7 @@ const contentApi = {
       path: "/resetPassword",
       handler: "firebaseController.resetPassword",
       config: {
-        auth: false,
-        // Public endpoint - authenticated password change, requires valid JWT in Authorization header
-        policies: []
+        policies: ["plugin::firebase-authentication.is-authenticated"]
       }
     },
     {
@@ -29387,9 +29422,7 @@ const contentApi = {
       path: "/sendVerificationEmail",
       handler: "firebaseController.sendVerificationEmail",
       config: {
-        auth: false,
-        // Public endpoint - sends email verification link
-        policies: []
+        policies: ["plugin::firebase-authentication.is-authenticated"]
       }
     },
     {
@@ -30898,20 +30931,17 @@ const firebaseService = ({ strapi: strapi2 }) => ({
    * 2. User-initiated password change (when already authenticated)
    *
    * NOT used for forgot password email flow - that now uses Firebase's hosted UI
+   *
+   * @param password - New password to set
+   * @param user - Authenticated user from ctx.state.user (populated by is-authenticated policy)
+   * @param populate - Fields to populate in response
    */
-  resetPassword: async (password, token, populate2) => {
+  resetPassword: async (password, user, populate2) => {
     if (!password) {
       throw new ValidationError$1("Password is required");
     }
-    if (!token) {
-      throw new UnauthorizedError("Authorization token is required");
-    }
-    let decoded;
-    try {
-      const jwtService = strapi2.plugin("users-permissions").service("jwt");
-      decoded = await jwtService.verify(token);
-    } catch (error2) {
-      throw new UnauthorizedError("Invalid or expired token");
+    if (!user || !user.id) {
+      throw new UnauthorizedError("Authentication required");
     }
     const config2 = await strapi2.plugin("firebase-authentication").service("settingsService").getFirebaseConfigJson();
     const passwordRegex = config2?.passwordRequirementsRegex || "^.{6,}$";
@@ -30922,8 +30952,7 @@ const firebaseService = ({ strapi: strapi2 }) => ({
     }
     try {
       const strapiUser = await strapi2.db.query("plugin::users-permissions.user").findOne({
-        where: { id: decoded.id }
-        // Use numeric id from JWT
+        where: { id: user.id }
       });
       if (!strapiUser) {
         throw new NotFoundError("User not found");
@@ -31126,6 +31155,22 @@ const firebaseService = ({ strapi: strapi2 }) => ({
     const tokenService2 = strapi2.plugin("firebase-authentication").service("tokenService");
     const validationResult = await tokenService2.validateVerificationToken(token);
     if (!validationResult.valid) {
+      if (validationResult.code === "TOKEN_ALREADY_USED" && validationResult.firebaseUID) {
+        try {
+          const firebaseUser = await strapi2.firebase.auth().getUser(validationResult.firebaseUID);
+          if (firebaseUser.emailVerified) {
+            strapi2.log.info(
+              `[verifyEmail] Token already used but email is verified for: ${firebaseUser.email}`
+            );
+            return {
+              success: true,
+              message: "This email has already been verified."
+            };
+          }
+        } catch (checkError) {
+          strapi2.log.warn(`[verifyEmail] Could not verify Firebase user status: ${checkError.message}`);
+        }
+      }
       strapi2.log.warn(`[verifyEmail] Token validation failed: ${validationResult.error}`);
       throw new ValidationError$1(validationResult.error || "Invalid verification link");
     }
@@ -31724,7 +31769,7 @@ class TemplateService {
     if (userTemplate.htmlFile) {
       try {
         const htmlPath = require$$0$1.resolve(userTemplate.htmlFile);
-        mergedTemplate.html = await fs$6.readFile(htmlPath, "utf-8");
+        mergedTemplate.html = await fs$8.readFile(htmlPath, "utf-8");
       } catch (error2) {
         strapi.log.warn(
           `Failed to load HTML template from ${userTemplate.htmlFile}: ${error2.message}. Using default template.`
@@ -31736,7 +31781,7 @@ class TemplateService {
     if (userTemplate.textFile) {
       try {
         const textPath = require$$0$1.resolve(userTemplate.textFile);
-        mergedTemplate.text = await fs$6.readFile(textPath, "utf-8");
+        mergedTemplate.text = await fs$8.readFile(textPath, "utf-8");
       } catch (error2) {
         strapi.log.warn(
           `Failed to load text template from ${userTemplate.textFile}: ${error2.message}. Using default template.`
@@ -32585,7 +32630,7 @@ var TokenExpiredError_1 = TokenExpiredError$1;
 var jws$3 = {};
 var safeBuffer = { exports: {} };
 /*! safe-buffer. MIT License. Feross Aboukhadijeh <https://feross.org/opensource> */
-(function(module, exports) {
+(function(module, exports$1) {
   var buffer = require$$0$7;
   var Buffer2 = buffer.Buffer;
   function copyProps(src, dst) {
@@ -32596,8 +32641,8 @@ var safeBuffer = { exports: {} };
   if (Buffer2.from && Buffer2.alloc && Buffer2.allocUnsafe && Buffer2.allocUnsafeSlow) {
     module.exports = buffer;
   } else {
-    copyProps(buffer, exports);
-    exports.Buffer = SafeBuffer;
+    copyProps(buffer, exports$1);
+    exports$1.Buffer = SafeBuffer;
   }
   function SafeBuffer(arg, encodingOrOffset, length) {
     return Buffer2(arg, encodingOrOffset, length);
@@ -33112,7 +33157,12 @@ function jwsSign(opts) {
   return util$1.format("%s.%s", securedInput, signature);
 }
 function SignStream$1(opts) {
-  var secret = opts.secret || opts.privateKey || opts.key;
+  var secret = opts.secret;
+  secret = secret == null ? opts.privateKey : secret;
+  secret = secret == null ? opts.key : secret;
+  if (/^hs/i.test(opts.header.alg) === true && secret == null) {
+    throw new TypeError("secret must be a string or buffer or a KeyObject");
+  }
   var secretStream = new DataStream$1(secret);
   this.readable = true;
   this.header = opts.header;
@@ -33218,7 +33268,12 @@ function jwsDecode(jwsSig, opts) {
 }
 function VerifyStream$1(opts) {
   opts = opts || {};
-  var secretOrKey = opts.secret || opts.publicKey || opts.key;
+  var secretOrKey = opts.secret;
+  secretOrKey = secretOrKey == null ? opts.publicKey : secretOrKey;
+  secretOrKey = secretOrKey == null ? opts.key : secretOrKey;
+  if (/^hs/i.test(opts.algorithm) === true && secretOrKey == null) {
+    throw new TypeError("secret must be a string or buffer or a KeyObject");
+  }
   var secretStream = new DataStream(secretOrKey);
   this.readable = true;
   this.algorithm = opts.algorithm;
@@ -33461,19 +33516,18 @@ var constants$1 = {
 const debug$1 = typeof process === "object" && process.env && process.env.NODE_DEBUG && /\bsemver\b/i.test(process.env.NODE_DEBUG) ? (...args) => console.error("SEMVER", ...args) : () => {
 };
 var debug_1 = debug$1;
-(function(module, exports) {
+(function(module, exports$1) {
   const {
     MAX_SAFE_COMPONENT_LENGTH: MAX_SAFE_COMPONENT_LENGTH2,
     MAX_SAFE_BUILD_LENGTH: MAX_SAFE_BUILD_LENGTH2,
     MAX_LENGTH: MAX_LENGTH2
   } = constants$1;
   const debug2 = debug_1;
-  exports = module.exports = {};
-  const re2 = exports.re = [];
-  const safeRe = exports.safeRe = [];
-  const src = exports.src = [];
-  const safeSrc = exports.safeSrc = [];
-  const t2 = exports.t = {};
+  exports$1 = module.exports = {};
+  const re2 = exports$1.re = [];
+  const safeRe = exports$1.safeRe = [];
+  const src = exports$1.src = [];
+  const t2 = exports$1.t = {};
   let R = 0;
   const LETTERDASHNUMBER = "[a-zA-Z0-9-]";
   const safeRegexReplacements = [
@@ -33493,7 +33547,6 @@ var debug_1 = debug$1;
     debug2(name, index2, value);
     t2[name] = index2;
     src[index2] = value;
-    safeSrc[index2] = safe;
     re2[index2] = new RegExp(value, isGlobal ? "g" : void 0);
     safeRe[index2] = new RegExp(safe, isGlobal ? "g" : void 0);
   };
@@ -33502,8 +33555,8 @@ var debug_1 = debug$1;
   createToken("NONNUMERICIDENTIFIER", `\\d*[a-zA-Z-]${LETTERDASHNUMBER}*`);
   createToken("MAINVERSION", `(${src[t2.NUMERICIDENTIFIER]})\\.(${src[t2.NUMERICIDENTIFIER]})\\.(${src[t2.NUMERICIDENTIFIER]})`);
   createToken("MAINVERSIONLOOSE", `(${src[t2.NUMERICIDENTIFIERLOOSE]})\\.(${src[t2.NUMERICIDENTIFIERLOOSE]})\\.(${src[t2.NUMERICIDENTIFIERLOOSE]})`);
-  createToken("PRERELEASEIDENTIFIER", `(?:${src[t2.NONNUMERICIDENTIFIER]}|${src[t2.NUMERICIDENTIFIER]})`);
-  createToken("PRERELEASEIDENTIFIERLOOSE", `(?:${src[t2.NONNUMERICIDENTIFIER]}|${src[t2.NUMERICIDENTIFIERLOOSE]})`);
+  createToken("PRERELEASEIDENTIFIER", `(?:${src[t2.NUMERICIDENTIFIER]}|${src[t2.NONNUMERICIDENTIFIER]})`);
+  createToken("PRERELEASEIDENTIFIERLOOSE", `(?:${src[t2.NUMERICIDENTIFIERLOOSE]}|${src[t2.NONNUMERICIDENTIFIER]})`);
   createToken("PRERELEASE", `(?:-(${src[t2.PRERELEASEIDENTIFIER]}(?:\\.${src[t2.PRERELEASEIDENTIFIER]})*))`);
   createToken("PRERELEASELOOSE", `(?:-?(${src[t2.PRERELEASEIDENTIFIERLOOSE]}(?:\\.${src[t2.PRERELEASEIDENTIFIERLOOSE]})*))`);
   createToken("BUILDIDENTIFIER", `${LETTERDASHNUMBER}+`);
@@ -33519,25 +33572,22 @@ var debug_1 = debug$1;
   createToken("XRANGEPLAINLOOSE", `[v=\\s]*(${src[t2.XRANGEIDENTIFIERLOOSE]})(?:\\.(${src[t2.XRANGEIDENTIFIERLOOSE]})(?:\\.(${src[t2.XRANGEIDENTIFIERLOOSE]})(?:${src[t2.PRERELEASELOOSE]})?${src[t2.BUILD]}?)?)?`);
   createToken("XRANGE", `^${src[t2.GTLT]}\\s*${src[t2.XRANGEPLAIN]}$`);
   createToken("XRANGELOOSE", `^${src[t2.GTLT]}\\s*${src[t2.XRANGEPLAINLOOSE]}$`);
-  createToken("COERCEPLAIN", `${"(^|[^\\d])(\\d{1,"}${MAX_SAFE_COMPONENT_LENGTH2}})(?:\\.(\\d{1,${MAX_SAFE_COMPONENT_LENGTH2}}))?(?:\\.(\\d{1,${MAX_SAFE_COMPONENT_LENGTH2}}))?`);
-  createToken("COERCE", `${src[t2.COERCEPLAIN]}(?:$|[^\\d])`);
-  createToken("COERCEFULL", src[t2.COERCEPLAIN] + `(?:${src[t2.PRERELEASE]})?(?:${src[t2.BUILD]})?(?:$|[^\\d])`);
+  createToken("COERCE", `${"(^|[^\\d])(\\d{1,"}${MAX_SAFE_COMPONENT_LENGTH2}})(?:\\.(\\d{1,${MAX_SAFE_COMPONENT_LENGTH2}}))?(?:\\.(\\d{1,${MAX_SAFE_COMPONENT_LENGTH2}}))?(?:$|[^\\d])`);
   createToken("COERCERTL", src[t2.COERCE], true);
-  createToken("COERCERTLFULL", src[t2.COERCEFULL], true);
   createToken("LONETILDE", "(?:~>?)");
   createToken("TILDETRIM", `(\\s*)${src[t2.LONETILDE]}\\s+`, true);
-  exports.tildeTrimReplace = "$1~";
+  exports$1.tildeTrimReplace = "$1~";
   createToken("TILDE", `^${src[t2.LONETILDE]}${src[t2.XRANGEPLAIN]}$`);
   createToken("TILDELOOSE", `^${src[t2.LONETILDE]}${src[t2.XRANGEPLAINLOOSE]}$`);
   createToken("LONECARET", "(?:\\^)");
   createToken("CARETTRIM", `(\\s*)${src[t2.LONECARET]}\\s+`, true);
-  exports.caretTrimReplace = "$1^";
+  exports$1.caretTrimReplace = "$1^";
   createToken("CARET", `^${src[t2.LONECARET]}${src[t2.XRANGEPLAIN]}$`);
   createToken("CARETLOOSE", `^${src[t2.LONECARET]}${src[t2.XRANGEPLAINLOOSE]}$`);
   createToken("COMPARATORLOOSE", `^${src[t2.GTLT]}\\s*(${src[t2.LOOSEPLAIN]})$|^$`);
   createToken("COMPARATOR", `^${src[t2.GTLT]}\\s*(${src[t2.FULLPLAIN]})$|^$`);
   createToken("COMPARATORTRIM", `(\\s*)${src[t2.GTLT]}\\s*(${src[t2.LOOSEPLAIN]}|${src[t2.XRANGEPLAIN]})`, true);
-  exports.comparatorTrimReplace = "$1$2$3";
+  exports$1.comparatorTrimReplace = "$1$2$3";
   createToken("HYPHENRANGE", `^\\s*(${src[t2.XRANGEPLAIN]})\\s+-\\s+(${src[t2.XRANGEPLAIN]})\\s*$`);
   createToken("HYPHENRANGELOOSE", `^\\s*(${src[t2.XRANGEPLAINLOOSE]})\\s+-\\s+(${src[t2.XRANGEPLAINLOOSE]})\\s*$`);
   createToken("STAR", "(<|>)?=?\\s*\\*");
@@ -33559,9 +33609,6 @@ const parseOptions$1 = (options2) => {
 var parseOptions_1 = parseOptions$1;
 const numeric = /^[0-9]+$/;
 const compareIdentifiers$1 = (a, b) => {
-  if (typeof a === "number" && typeof b === "number") {
-    return a === b ? 0 : a < b ? -1 : 1;
-  }
   const anum = numeric.test(a);
   const bnum = numeric.test(b);
   if (anum && bnum) {
@@ -33661,25 +33708,7 @@ let SemVer$d = class SemVer {
     if (!(other instanceof SemVer)) {
       other = new SemVer(other, this.options);
     }
-    if (this.major < other.major) {
-      return -1;
-    }
-    if (this.major > other.major) {
-      return 1;
-    }
-    if (this.minor < other.minor) {
-      return -1;
-    }
-    if (this.minor > other.minor) {
-      return 1;
-    }
-    if (this.patch < other.patch) {
-      return -1;
-    }
-    if (this.patch > other.patch) {
-      return 1;
-    }
-    return 0;
+    return compareIdentifiers(this.major, other.major) || compareIdentifiers(this.minor, other.minor) || compareIdentifiers(this.patch, other.patch);
   }
   comparePre(other) {
     if (!(other instanceof SemVer)) {
@@ -33718,7 +33747,7 @@ let SemVer$d = class SemVer {
     do {
       const a = this.build[i];
       const b = other.build[i];
-      debug("build compare", i, a, b);
+      debug("prerelease compare", i, a, b);
       if (a === void 0 && b === void 0) {
         return 0;
       } else if (b === void 0) {
@@ -33735,17 +33764,6 @@ let SemVer$d = class SemVer {
   // preminor will bump the version up to the next minor release, and immediately
   // down to pre-release. premajor and prepatch work the same way.
   inc(release, identifier, identifierBase) {
-    if (release.startsWith("pre")) {
-      if (!identifier && identifierBase === false) {
-        throw new Error("invalid increment argument: identifier is empty");
-      }
-      if (identifier) {
-        const match = `-${identifier}`.match(this.options.loose ? re$1[t$1.PRERELEASELOOSE] : re$1[t$1.PRERELEASE]);
-        if (!match || match[1] !== identifier) {
-          throw new Error(`invalid identifier: ${identifier}`);
-        }
-      }
-    }
     switch (release) {
       case "premajor":
         this.prerelease.length = 0;
@@ -33771,12 +33789,6 @@ let SemVer$d = class SemVer {
         }
         this.inc("pre", identifier, identifierBase);
         break;
-      case "release":
-        if (this.prerelease.length === 0) {
-          throw new Error(`version ${this.raw} is not a prerelease`);
-        }
-        this.prerelease.length = 0;
-        break;
       case "major":
         if (this.minor !== 0 || this.patch !== 0 || this.prerelease.length === 0) {
           this.major++;
@@ -33800,6 +33812,9 @@ let SemVer$d = class SemVer {
         break;
       case "pre": {
         const base = Number(identifierBase) ? 1 : 0;
+        if (!identifier && identifierBase === false) {
+          throw new Error("invalid increment argument: identifier is empty");
+        }
         if (this.prerelease.length === 0) {
           this.prerelease = [base];
         } else {
@@ -33904,12 +33919,13 @@ const diff$1 = (version1, version2) => {
     if (!lowVersion.patch && !lowVersion.minor) {
       return "major";
     }
-    if (lowVersion.compareMain(highVersion) === 0) {
-      if (lowVersion.minor && !lowVersion.patch) {
-        return "minor";
-      }
+    if (highVersion.patch) {
       return "patch";
     }
+    if (highVersion.minor) {
+      return "minor";
+    }
+    return "major";
   }
   const prefix = highHasPre ? "pre" : "";
   if (v1.major !== v2.major) {
@@ -34038,66 +34054,666 @@ const coerce$1 = (version2, options2) => {
   options2 = options2 || {};
   let match = null;
   if (!options2.rtl) {
-    match = version2.match(options2.includePrerelease ? re[t.COERCEFULL] : re[t.COERCE]);
+    match = version2.match(re[t.COERCE]);
   } else {
-    const coerceRtlRegex = options2.includePrerelease ? re[t.COERCERTLFULL] : re[t.COERCERTL];
     let next;
-    while ((next = coerceRtlRegex.exec(version2)) && (!match || match.index + match[0].length !== version2.length)) {
+    while ((next = re[t.COERCERTL].exec(version2)) && (!match || match.index + match[0].length !== version2.length)) {
       if (!match || next.index + next[0].length !== match.index + match[0].length) {
         match = next;
       }
-      coerceRtlRegex.lastIndex = next.index + next[1].length + next[2].length;
+      re[t.COERCERTL].lastIndex = next.index + next[1].length + next[2].length;
     }
-    coerceRtlRegex.lastIndex = -1;
+    re[t.COERCERTL].lastIndex = -1;
   }
   if (match === null) {
     return null;
   }
-  const major2 = match[2];
-  const minor2 = match[3] || "0";
-  const patch2 = match[4] || "0";
-  const prerelease2 = options2.includePrerelease && match[5] ? `-${match[5]}` : "";
-  const build = options2.includePrerelease && match[6] ? `+${match[6]}` : "";
-  return parse$1(`${major2}.${minor2}.${patch2}${prerelease2}${build}`, options2);
+  return parse$1(`${match[2]}.${match[3] || "0"}.${match[4] || "0"}`, options2);
 };
 var coerce_1 = coerce$1;
+var iterator;
+var hasRequiredIterator;
+function requireIterator() {
+  if (hasRequiredIterator) return iterator;
+  hasRequiredIterator = 1;
+  iterator = function(Yallist2) {
+    Yallist2.prototype[Symbol.iterator] = function* () {
+      for (let walker = this.head; walker; walker = walker.next) {
+        yield walker.value;
+      }
+    };
+  };
+  return iterator;
+}
+var yallist = Yallist$1;
+Yallist$1.Node = Node2;
+Yallist$1.create = Yallist$1;
+function Yallist$1(list) {
+  var self2 = this;
+  if (!(self2 instanceof Yallist$1)) {
+    self2 = new Yallist$1();
+  }
+  self2.tail = null;
+  self2.head = null;
+  self2.length = 0;
+  if (list && typeof list.forEach === "function") {
+    list.forEach(function(item) {
+      self2.push(item);
+    });
+  } else if (arguments.length > 0) {
+    for (var i = 0, l = arguments.length; i < l; i++) {
+      self2.push(arguments[i]);
+    }
+  }
+  return self2;
+}
+Yallist$1.prototype.removeNode = function(node) {
+  if (node.list !== this) {
+    throw new Error("removing node which does not belong to this list");
+  }
+  var next = node.next;
+  var prev = node.prev;
+  if (next) {
+    next.prev = prev;
+  }
+  if (prev) {
+    prev.next = next;
+  }
+  if (node === this.head) {
+    this.head = next;
+  }
+  if (node === this.tail) {
+    this.tail = prev;
+  }
+  node.list.length--;
+  node.next = null;
+  node.prev = null;
+  node.list = null;
+  return next;
+};
+Yallist$1.prototype.unshiftNode = function(node) {
+  if (node === this.head) {
+    return;
+  }
+  if (node.list) {
+    node.list.removeNode(node);
+  }
+  var head = this.head;
+  node.list = this;
+  node.next = head;
+  if (head) {
+    head.prev = node;
+  }
+  this.head = node;
+  if (!this.tail) {
+    this.tail = node;
+  }
+  this.length++;
+};
+Yallist$1.prototype.pushNode = function(node) {
+  if (node === this.tail) {
+    return;
+  }
+  if (node.list) {
+    node.list.removeNode(node);
+  }
+  var tail = this.tail;
+  node.list = this;
+  node.prev = tail;
+  if (tail) {
+    tail.next = node;
+  }
+  this.tail = node;
+  if (!this.head) {
+    this.head = node;
+  }
+  this.length++;
+};
+Yallist$1.prototype.push = function() {
+  for (var i = 0, l = arguments.length; i < l; i++) {
+    push(this, arguments[i]);
+  }
+  return this.length;
+};
+Yallist$1.prototype.unshift = function() {
+  for (var i = 0, l = arguments.length; i < l; i++) {
+    unshift(this, arguments[i]);
+  }
+  return this.length;
+};
+Yallist$1.prototype.pop = function() {
+  if (!this.tail) {
+    return void 0;
+  }
+  var res = this.tail.value;
+  this.tail = this.tail.prev;
+  if (this.tail) {
+    this.tail.next = null;
+  } else {
+    this.head = null;
+  }
+  this.length--;
+  return res;
+};
+Yallist$1.prototype.shift = function() {
+  if (!this.head) {
+    return void 0;
+  }
+  var res = this.head.value;
+  this.head = this.head.next;
+  if (this.head) {
+    this.head.prev = null;
+  } else {
+    this.tail = null;
+  }
+  this.length--;
+  return res;
+};
+Yallist$1.prototype.forEach = function(fn, thisp) {
+  thisp = thisp || this;
+  for (var walker = this.head, i = 0; walker !== null; i++) {
+    fn.call(thisp, walker.value, i, this);
+    walker = walker.next;
+  }
+};
+Yallist$1.prototype.forEachReverse = function(fn, thisp) {
+  thisp = thisp || this;
+  for (var walker = this.tail, i = this.length - 1; walker !== null; i--) {
+    fn.call(thisp, walker.value, i, this);
+    walker = walker.prev;
+  }
+};
+Yallist$1.prototype.get = function(n) {
+  for (var i = 0, walker = this.head; walker !== null && i < n; i++) {
+    walker = walker.next;
+  }
+  if (i === n && walker !== null) {
+    return walker.value;
+  }
+};
+Yallist$1.prototype.getReverse = function(n) {
+  for (var i = 0, walker = this.tail; walker !== null && i < n; i++) {
+    walker = walker.prev;
+  }
+  if (i === n && walker !== null) {
+    return walker.value;
+  }
+};
+Yallist$1.prototype.map = function(fn, thisp) {
+  thisp = thisp || this;
+  var res = new Yallist$1();
+  for (var walker = this.head; walker !== null; ) {
+    res.push(fn.call(thisp, walker.value, this));
+    walker = walker.next;
+  }
+  return res;
+};
+Yallist$1.prototype.mapReverse = function(fn, thisp) {
+  thisp = thisp || this;
+  var res = new Yallist$1();
+  for (var walker = this.tail; walker !== null; ) {
+    res.push(fn.call(thisp, walker.value, this));
+    walker = walker.prev;
+  }
+  return res;
+};
+Yallist$1.prototype.reduce = function(fn, initial) {
+  var acc;
+  var walker = this.head;
+  if (arguments.length > 1) {
+    acc = initial;
+  } else if (this.head) {
+    walker = this.head.next;
+    acc = this.head.value;
+  } else {
+    throw new TypeError("Reduce of empty list with no initial value");
+  }
+  for (var i = 0; walker !== null; i++) {
+    acc = fn(acc, walker.value, i);
+    walker = walker.next;
+  }
+  return acc;
+};
+Yallist$1.prototype.reduceReverse = function(fn, initial) {
+  var acc;
+  var walker = this.tail;
+  if (arguments.length > 1) {
+    acc = initial;
+  } else if (this.tail) {
+    walker = this.tail.prev;
+    acc = this.tail.value;
+  } else {
+    throw new TypeError("Reduce of empty list with no initial value");
+  }
+  for (var i = this.length - 1; walker !== null; i--) {
+    acc = fn(acc, walker.value, i);
+    walker = walker.prev;
+  }
+  return acc;
+};
+Yallist$1.prototype.toArray = function() {
+  var arr = new Array(this.length);
+  for (var i = 0, walker = this.head; walker !== null; i++) {
+    arr[i] = walker.value;
+    walker = walker.next;
+  }
+  return arr;
+};
+Yallist$1.prototype.toArrayReverse = function() {
+  var arr = new Array(this.length);
+  for (var i = 0, walker = this.tail; walker !== null; i++) {
+    arr[i] = walker.value;
+    walker = walker.prev;
+  }
+  return arr;
+};
+Yallist$1.prototype.slice = function(from, to) {
+  to = to || this.length;
+  if (to < 0) {
+    to += this.length;
+  }
+  from = from || 0;
+  if (from < 0) {
+    from += this.length;
+  }
+  var ret = new Yallist$1();
+  if (to < from || to < 0) {
+    return ret;
+  }
+  if (from < 0) {
+    from = 0;
+  }
+  if (to > this.length) {
+    to = this.length;
+  }
+  for (var i = 0, walker = this.head; walker !== null && i < from; i++) {
+    walker = walker.next;
+  }
+  for (; walker !== null && i < to; i++, walker = walker.next) {
+    ret.push(walker.value);
+  }
+  return ret;
+};
+Yallist$1.prototype.sliceReverse = function(from, to) {
+  to = to || this.length;
+  if (to < 0) {
+    to += this.length;
+  }
+  from = from || 0;
+  if (from < 0) {
+    from += this.length;
+  }
+  var ret = new Yallist$1();
+  if (to < from || to < 0) {
+    return ret;
+  }
+  if (from < 0) {
+    from = 0;
+  }
+  if (to > this.length) {
+    to = this.length;
+  }
+  for (var i = this.length, walker = this.tail; walker !== null && i > to; i--) {
+    walker = walker.prev;
+  }
+  for (; walker !== null && i > from; i--, walker = walker.prev) {
+    ret.push(walker.value);
+  }
+  return ret;
+};
+Yallist$1.prototype.splice = function(start, deleteCount, ...nodes) {
+  if (start > this.length) {
+    start = this.length - 1;
+  }
+  if (start < 0) {
+    start = this.length + start;
+  }
+  for (var i = 0, walker = this.head; walker !== null && i < start; i++) {
+    walker = walker.next;
+  }
+  var ret = [];
+  for (var i = 0; walker && i < deleteCount; i++) {
+    ret.push(walker.value);
+    walker = this.removeNode(walker);
+  }
+  if (walker === null) {
+    walker = this.tail;
+  }
+  if (walker !== this.head && walker !== this.tail) {
+    walker = walker.prev;
+  }
+  for (var i = 0; i < nodes.length; i++) {
+    walker = insert(this, walker, nodes[i]);
+  }
+  return ret;
+};
+Yallist$1.prototype.reverse = function() {
+  var head = this.head;
+  var tail = this.tail;
+  for (var walker = head; walker !== null; walker = walker.prev) {
+    var p = walker.prev;
+    walker.prev = walker.next;
+    walker.next = p;
+  }
+  this.head = tail;
+  this.tail = head;
+  return this;
+};
+function insert(self2, node, value) {
+  var inserted = node === self2.head ? new Node2(value, null, node, self2) : new Node2(value, node, node.next, self2);
+  if (inserted.next === null) {
+    self2.tail = inserted;
+  }
+  if (inserted.prev === null) {
+    self2.head = inserted;
+  }
+  self2.length++;
+  return inserted;
+}
+function push(self2, item) {
+  self2.tail = new Node2(item, self2.tail, null, self2);
+  if (!self2.head) {
+    self2.head = self2.tail;
+  }
+  self2.length++;
+}
+function unshift(self2, item) {
+  self2.head = new Node2(item, null, self2.head, self2);
+  if (!self2.tail) {
+    self2.tail = self2.head;
+  }
+  self2.length++;
+}
+function Node2(value, prev, next, list) {
+  if (!(this instanceof Node2)) {
+    return new Node2(value, prev, next, list);
+  }
+  this.list = list;
+  this.value = value;
+  if (prev) {
+    prev.next = this;
+    this.prev = prev;
+  } else {
+    this.prev = null;
+  }
+  if (next) {
+    next.prev = this;
+    this.next = next;
+  } else {
+    this.next = null;
+  }
+}
+try {
+  requireIterator()(Yallist$1);
+} catch (er) {
+}
+const Yallist = yallist;
+const MAX = Symbol("max");
+const LENGTH = Symbol("length");
+const LENGTH_CALCULATOR = Symbol("lengthCalculator");
+const ALLOW_STALE = Symbol("allowStale");
+const MAX_AGE = Symbol("maxAge");
+const DISPOSE = Symbol("dispose");
+const NO_DISPOSE_ON_SET = Symbol("noDisposeOnSet");
+const LRU_LIST = Symbol("lruList");
+const CACHE = Symbol("cache");
+const UPDATE_AGE_ON_GET = Symbol("updateAgeOnGet");
+const naiveLength = () => 1;
 class LRUCache {
-  constructor() {
-    this.max = 1e3;
-    this.map = /* @__PURE__ */ new Map();
+  constructor(options2) {
+    if (typeof options2 === "number")
+      options2 = { max: options2 };
+    if (!options2)
+      options2 = {};
+    if (options2.max && (typeof options2.max !== "number" || options2.max < 0))
+      throw new TypeError("max must be a non-negative number");
+    this[MAX] = options2.max || Infinity;
+    const lc = options2.length || naiveLength;
+    this[LENGTH_CALCULATOR] = typeof lc !== "function" ? naiveLength : lc;
+    this[ALLOW_STALE] = options2.stale || false;
+    if (options2.maxAge && typeof options2.maxAge !== "number")
+      throw new TypeError("maxAge must be a number");
+    this[MAX_AGE] = options2.maxAge || 0;
+    this[DISPOSE] = options2.dispose;
+    this[NO_DISPOSE_ON_SET] = options2.noDisposeOnSet || false;
+    this[UPDATE_AGE_ON_GET] = options2.updateAgeOnGet || false;
+    this.reset();
+  }
+  // resize the cache when the max changes.
+  set max(mL) {
+    if (typeof mL !== "number" || mL < 0)
+      throw new TypeError("max must be a non-negative number");
+    this[MAX] = mL || Infinity;
+    trim(this);
+  }
+  get max() {
+    return this[MAX];
+  }
+  set allowStale(allowStale) {
+    this[ALLOW_STALE] = !!allowStale;
+  }
+  get allowStale() {
+    return this[ALLOW_STALE];
+  }
+  set maxAge(mA) {
+    if (typeof mA !== "number")
+      throw new TypeError("maxAge must be a non-negative number");
+    this[MAX_AGE] = mA;
+    trim(this);
+  }
+  get maxAge() {
+    return this[MAX_AGE];
+  }
+  // resize the cache when the lengthCalculator changes.
+  set lengthCalculator(lC) {
+    if (typeof lC !== "function")
+      lC = naiveLength;
+    if (lC !== this[LENGTH_CALCULATOR]) {
+      this[LENGTH_CALCULATOR] = lC;
+      this[LENGTH] = 0;
+      this[LRU_LIST].forEach((hit) => {
+        hit.length = this[LENGTH_CALCULATOR](hit.value, hit.key);
+        this[LENGTH] += hit.length;
+      });
+    }
+    trim(this);
+  }
+  get lengthCalculator() {
+    return this[LENGTH_CALCULATOR];
+  }
+  get length() {
+    return this[LENGTH];
+  }
+  get itemCount() {
+    return this[LRU_LIST].length;
+  }
+  rforEach(fn, thisp) {
+    thisp = thisp || this;
+    for (let walker = this[LRU_LIST].tail; walker !== null; ) {
+      const prev = walker.prev;
+      forEachStep(this, fn, walker, thisp);
+      walker = prev;
+    }
+  }
+  forEach(fn, thisp) {
+    thisp = thisp || this;
+    for (let walker = this[LRU_LIST].head; walker !== null; ) {
+      const next = walker.next;
+      forEachStep(this, fn, walker, thisp);
+      walker = next;
+    }
+  }
+  keys() {
+    return this[LRU_LIST].toArray().map((k) => k.key);
+  }
+  values() {
+    return this[LRU_LIST].toArray().map((k) => k.value);
+  }
+  reset() {
+    if (this[DISPOSE] && this[LRU_LIST] && this[LRU_LIST].length) {
+      this[LRU_LIST].forEach((hit) => this[DISPOSE](hit.key, hit.value));
+    }
+    this[CACHE] = /* @__PURE__ */ new Map();
+    this[LRU_LIST] = new Yallist();
+    this[LENGTH] = 0;
+  }
+  dump() {
+    return this[LRU_LIST].map((hit) => isStale(this, hit) ? false : {
+      k: hit.key,
+      v: hit.value,
+      e: hit.now + (hit.maxAge || 0)
+    }).toArray().filter((h2) => h2);
+  }
+  dumpLru() {
+    return this[LRU_LIST];
+  }
+  set(key, value, maxAge) {
+    maxAge = maxAge || this[MAX_AGE];
+    if (maxAge && typeof maxAge !== "number")
+      throw new TypeError("maxAge must be a number");
+    const now = maxAge ? Date.now() : 0;
+    const len = this[LENGTH_CALCULATOR](value, key);
+    if (this[CACHE].has(key)) {
+      if (len > this[MAX]) {
+        del(this, this[CACHE].get(key));
+        return false;
+      }
+      const node = this[CACHE].get(key);
+      const item = node.value;
+      if (this[DISPOSE]) {
+        if (!this[NO_DISPOSE_ON_SET])
+          this[DISPOSE](key, item.value);
+      }
+      item.now = now;
+      item.maxAge = maxAge;
+      item.value = value;
+      this[LENGTH] += len - item.length;
+      item.length = len;
+      this.get(key);
+      trim(this);
+      return true;
+    }
+    const hit = new Entry(key, value, len, now, maxAge);
+    if (hit.length > this[MAX]) {
+      if (this[DISPOSE])
+        this[DISPOSE](key, value);
+      return false;
+    }
+    this[LENGTH] += hit.length;
+    this[LRU_LIST].unshift(hit);
+    this[CACHE].set(key, this[LRU_LIST].head);
+    trim(this);
+    return true;
+  }
+  has(key) {
+    if (!this[CACHE].has(key)) return false;
+    const hit = this[CACHE].get(key).value;
+    return !isStale(this, hit);
   }
   get(key) {
-    const value = this.map.get(key);
-    if (value === void 0) {
-      return void 0;
-    } else {
-      this.map.delete(key);
-      this.map.set(key, value);
-      return value;
+    return get(this, key, true);
+  }
+  peek(key) {
+    return get(this, key, false);
+  }
+  pop() {
+    const node = this[LRU_LIST].tail;
+    if (!node)
+      return null;
+    del(this, node);
+    return node.value;
+  }
+  del(key) {
+    del(this, this[CACHE].get(key));
+  }
+  load(arr) {
+    this.reset();
+    const now = Date.now();
+    for (let l = arr.length - 1; l >= 0; l--) {
+      const hit = arr[l];
+      const expiresAt = hit.e || 0;
+      if (expiresAt === 0)
+        this.set(hit.k, hit.v);
+      else {
+        const maxAge = expiresAt - now;
+        if (maxAge > 0) {
+          this.set(hit.k, hit.v, maxAge);
+        }
+      }
     }
   }
-  delete(key) {
-    return this.map.delete(key);
+  prune() {
+    this[CACHE].forEach((value, key) => get(this, key, false));
   }
-  set(key, value) {
-    const deleted = this.delete(key);
-    if (!deleted && value !== void 0) {
-      if (this.map.size >= this.max) {
-        const firstKey = this.map.keys().next().value;
-        this.delete(firstKey);
+}
+const get = (self2, key, doUse) => {
+  const node = self2[CACHE].get(key);
+  if (node) {
+    const hit = node.value;
+    if (isStale(self2, hit)) {
+      del(self2, node);
+      if (!self2[ALLOW_STALE])
+        return void 0;
+    } else {
+      if (doUse) {
+        if (self2[UPDATE_AGE_ON_GET])
+          node.value.now = Date.now();
+        self2[LRU_LIST].unshiftNode(node);
       }
-      this.map.set(key, value);
     }
-    return this;
+    return hit.value;
+  }
+};
+const isStale = (self2, hit) => {
+  if (!hit || !hit.maxAge && !self2[MAX_AGE])
+    return false;
+  const diff2 = Date.now() - hit.now;
+  return hit.maxAge ? diff2 > hit.maxAge : self2[MAX_AGE] && diff2 > self2[MAX_AGE];
+};
+const trim = (self2) => {
+  if (self2[LENGTH] > self2[MAX]) {
+    for (let walker = self2[LRU_LIST].tail; self2[LENGTH] > self2[MAX] && walker !== null; ) {
+      const prev = walker.prev;
+      del(self2, walker);
+      walker = prev;
+    }
+  }
+};
+const del = (self2, node) => {
+  if (node) {
+    const hit = node.value;
+    if (self2[DISPOSE])
+      self2[DISPOSE](hit.key, hit.value);
+    self2[LENGTH] -= hit.length;
+    self2[CACHE].delete(hit.key);
+    self2[LRU_LIST].removeNode(node);
+  }
+};
+class Entry {
+  constructor(key, value, length, now, maxAge) {
+    this.key = key;
+    this.value = value;
+    this.length = length;
+    this.now = now;
+    this.maxAge = maxAge || 0;
   }
 }
-var lrucache = LRUCache;
+const forEachStep = (self2, fn, node, thisp) => {
+  let hit = node.value;
+  if (isStale(self2, hit)) {
+    del(self2, node);
+    if (!self2[ALLOW_STALE])
+      hit = void 0;
+  }
+  if (hit)
+    fn.call(thisp, hit.value, hit.key, self2);
+};
+var lruCache = LRUCache;
 var range;
 var hasRequiredRange;
 function requireRange() {
   if (hasRequiredRange) return range;
   hasRequiredRange = 1;
-  const SPACE_CHARACTERS = /\s+/g;
   class Range2 {
     constructor(range2, options2) {
       options2 = parseOptions2(options2);
@@ -34111,13 +34727,13 @@ function requireRange() {
       if (range2 instanceof Comparator2) {
         this.raw = range2.value;
         this.set = [[range2]];
-        this.formatted = void 0;
+        this.format();
         return this;
       }
       this.options = options2;
       this.loose = !!options2.loose;
       this.includePrerelease = !!options2.includePrerelease;
-      this.raw = range2.trim().replace(SPACE_CHARACTERS, " ");
+      this.raw = range2.trim().split(/\s+/).join(" ");
       this.set = this.raw.split("||").map((r) => this.parseRange(r.trim())).filter((c) => c.length);
       if (!this.set.length) {
         throw new TypeError(`Invalid SemVer Range: ${this.raw}`);
@@ -34136,27 +34752,10 @@ function requireRange() {
           }
         }
       }
-      this.formatted = void 0;
-    }
-    get range() {
-      if (this.formatted === void 0) {
-        this.formatted = "";
-        for (let i = 0; i < this.set.length; i++) {
-          if (i > 0) {
-            this.formatted += "||";
-          }
-          const comps = this.set[i];
-          for (let k = 0; k < comps.length; k++) {
-            if (k > 0) {
-              this.formatted += " ";
-            }
-            this.formatted += comps[k].toString().trim();
-          }
-        }
-      }
-      return this.formatted;
+      this.format();
     }
     format() {
+      this.range = this.set.map((comps) => comps.join(" ").trim()).join("||").trim();
       return this.range;
     }
     toString() {
@@ -34237,8 +34836,8 @@ function requireRange() {
     }
   }
   range = Range2;
-  const LRU = lrucache;
-  const cache = new LRU();
+  const LRU = lruCache;
+  const cache = new LRU({ max: 1e3 });
   const parseOptions2 = parseOptions_1;
   const Comparator2 = requireComparator();
   const debug2 = debug_1;
@@ -34266,7 +34865,6 @@ function requireRange() {
     return result;
   };
   const parseComparator = (comp, options2) => {
-    comp = comp.replace(re2[t2.BUILD], "");
     debug2("comp", comp, options2);
     comp = replaceCarets(comp, options2);
     debug2("caret", comp);
@@ -34417,7 +35015,7 @@ function requireRange() {
     debug2("replaceGTE0", comp, options2);
     return comp.trim().replace(re2[options2.includePrerelease ? t2.GTE0PRE : t2.GTE0], "");
   };
-  const hyphenReplace = (incPr) => ($0, from, fM, fm, fp2, fpr, fb, to, tM, tm, tp, tpr) => {
+  const hyphenReplace = (incPr) => ($0, from, fM, fm, fp2, fpr, fb, to, tM, tm, tp, tpr, tb) => {
     if (isX(fM)) {
       from = "";
     } else if (isX(fm)) {
@@ -35740,9 +36338,10 @@ const tokenService = ({ strapi: strapi2 }) => {
         if (firebaseUserData2.verificationTokenHash !== tokenHash) {
           return {
             valid: false,
-            firebaseUserDataDocumentId: "",
-            firebaseUID: "",
-            error: "Verification link has already been used or is invalid"
+            firebaseUserDataDocumentId: firebaseUserData2.documentId,
+            firebaseUID: firebaseUserData2.firebaseUserID,
+            error: "Verification link has already been used or is invalid",
+            code: "TOKEN_ALREADY_USED"
           };
         }
         if (firebaseUserData2.verificationTokenExpiresAt) {