zh-web-sdk 2.16.0 → 2.17.0

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "zh-web-sdk",
-  "version": "2.16.0",
+  "version": "2.17.0",
   "private": false,
   "description": "ZeroHash Web SDK",
   "homepage": "https://github.com/seedcx/zh-web-sdk",
@@ -8,6 +8,11 @@
   "module": "dist/index.js",
   "types": "dist/index.d.ts",
   "keywords": [],
+  "files": [
+    "dist/",
+    "README.md",
+    "CHANGELOG.md"
+  ],
   "author": "support@zerohash.com",
   "license": "MIT",
   "scripts": {
@@ -49,7 +54,7 @@
     "braces": "3.0.3"
   },
   "dependencies": {
-    "@connect-xyz/auth-react": "^0.32.0",
+    "@connect-xyz/auth-react": "^0.46.0",
     "@worldcoin/minikit-js": "^1.9.6",
     "react": "^18.2.0",
     "react-dom": "^18.2.0",

package/.eslintrc.js

@@ -1,12 +0,0 @@
-module.exports = {
-  env: { browser: true, es2020: true },
-  extends: [
-    'eslint:recommended',
-    'plugin:@typescript-eslint/recommended',
-    'plugin:react-hooks/recommended',
-  ],
-  parser: '@typescript-eslint/parser',
-  parserOptions: { ecmaVersion: 'latest', sourceType: 'module' },
-  plugins: ['react-refresh'],
-  rules: {},
-}

package/.github/CHANGELOG_TEMPLATE.md

@@ -1,73 +0,0 @@
-# Changelog Entry Template
-
-Use this template when adding a new version to CHANGELOG.md
-
----
-
-## [X.Y.Z] - YYYY-MM-DD
-
-### Added
-- New feature that allows users to [describe user benefit] [#PR_NUMBER]
-- Another feature description focusing on customer value
-
-### Changed
-- Updated [feature/behavior] to [improvement description]
-- [Behavior change] now [new behavior] instead of [old behavior]
-
-### Deprecated
-- [Feature name] is deprecated and will be removed in version [X.Y.Z]
-- Migration path: Use [alternative approach] instead
-- See [documentation link] for details
-
-### Removed
-- Removed [feature name] (deprecated since version [X.Y.Z])
-- See [migration guide link] for alternatives
-
-### Fixed
-- Fixed issue where [problem description] [#PR_NUMBER]
-- Resolved [bug description] affecting [user impact]
-
-### Security
-- Updated [dependency name] to address [vulnerability type]
-- Fixed [security issue description]
-
----
-
-## Guidelines
-
-### Writing Tips
-
-1. **Focus on User Impact**
-   - ✅ Good: "Fixed SDK positioning to prevent scrolling issues"
-   - ❌ Avoid: "Refactored internal positioning logic"
-
-2. **Be Specific and Clear**
-   - ✅ Good: "Added bank account linking feature for direct deposits"
-   - ❌ Avoid: "Added new feature"
-
-
-### Breaking Changes
-
-For MAJOR version releases, clearly mark breaking changes:
-
-```markdown
-## [3.0.0] - 2026-XX-XX
-
-### Changed
-- ⚠️ **BREAKING**: Renamed `cryptoBuyJWT` parameter to `jwt` in SDK configuration
-
-**Migration Guide:**
-\`\`\`typescript
-// Before (v2.x)
-const sdk = new ZeroHashSDK({
-  cryptoBuyJWT: token
-})
-
-// After (v3.x)
-const sdk = new ZeroHashSDK({
-  jwt: token
-})
-\`\`\`
-
-See [Migration Guide v2 to v3](link) for full details.
-```

package/.github/PULL_REQUEST_TEMPLATE.md

@@ -1,10 +0,0 @@
-## Description
-
-## Solution
-
-## Result
-
-## Checklist
-
-- [ ] CHANGELOG.md has been updated
-- [ ] Official docs have been updated

package/.github/backup/publish-tag.yaml

@@ -1,14 +0,0 @@
-name: "Reusable NPM Publish tag"
-
-on:
-  push:
-    tags:
-      - "v*"
-  workflow_dispatch:
-
-jobs:
-  from_reusable:
-    uses: seedcx/composite-actions/.github/workflows/rw-npm-publish-public-oidc.yml@main
-    secrets: inherit
-    with:
-      NODE_VERSION: "22.21.1"

package/.github/workflows/build.yaml

@@ -1,13 +0,0 @@
-name: "Reusable NPM Build"
-
-on:
-  pull_request:
-    branches: [ main, master ]
-
-jobs:
-  from_reusable:
-    uses: seedcx/composite-actions/.github/workflows/rw-npm-build.yml@main
-    secrets: inherit
-    with:
-      NODE_VERSION: "22.22.0"
-      NPM_VERSION: "9"

package/.github/workflows/pr.yaml

@@ -1,14 +0,0 @@
-name: "Pull Request"
-
-on:
-  pull_request:
-    branches: [main]
-
-jobs:
-  from_reusable:
-    uses: seedcx/composite-actions/.github/workflows/rw-node-pull-request.yml@main
-    secrets: inherit
-    with:
-      NODE_VERSION: "22.22.0"
-      TEST_PLATFORM: 'npm'
-      TEST_REPORTER: 'jest-junit'

package/.github/workflows/publish.yaml

@@ -1,13 +0,0 @@
-name: "Reusable NPM Publish"
-
-on:
-  push:
-    tags:
-      - "*"
-
-jobs:
-  from_reusable:
-    uses: seedcx/composite-actions/.github/workflows/rw-npm-publish-public.yml@main
-    secrets: inherit
-    with:
-      NODE_VERSION: "22.22.0"

package/.github/workflows/security.yml

@@ -1,15 +0,0 @@
-name: 'Security Workflow'
-
-on:
-  workflow_dispatch:
-  pull_request:
-    branches: [main]
-  schedule:
-    - cron: '0 16 * * 2'
-
-jobs:
-  security:
-    uses: seedcx/composite-actions/.github/workflows/rw-security.yml@main
-    with:
-      NODE_VERSION: 22.12.0
-    secrets: inherit

package/.github/workflows/tag.yaml

@@ -1,14 +0,0 @@
-name: 'Tag New Version'
-
-on:
-  push:
-    branches:
-      - main
-  workflow_dispatch:
-
-jobs:
-  from_reusable:
-    uses: seedcx/composite-actions/.github/workflows/rw-npm-tag.yml@main
-    secrets: inherit
-    with:
-      NODE_VERSION: "22.22.0"

package/RELEASING.md

@@ -1,39 +0,0 @@
-# Release Process
-
-This document describes the process for releasing new versions of the zerohash Web SDK.
-
-## Release Steps
-
-### 1. Update CHANGELOG.md
-
-Add a new version section at the top of `CHANGELOG.md`:
-
-```markdown
-## [X.Y.Z] - YYYY-MM-DD
-
-### Added
-- New feature description [#PR_NUMBER]
-
-### Fixed
-- Bug fix description [#PR_NUMBER]
-
-### Changed
-- Behavior change description
-```
-
-See `.github/CHANGELOG_TEMPLATE.md` for detailed guidelines.
-
-**Commit the changelog:**
-
-```bash
-git add CHANGELOG.md
-git commit -m "docs: update CHANGELOG for vX.Y.Z"
-git push origin main
-```
-
-### 2. Update ReadMe Changelog
-
-1. Go to ReadMe dashboard: https://dash.readme.com/
-2. Navigate to the Changelog section
-3. Create new changelog entry with content from `CHANGELOG.md`
-4. Publish the entry

package/jest.config.js

@@ -1,8 +0,0 @@
-module.exports = {
-  testEnvironment: "jsdom",
-  transform: {
-    "^.+.tsx?$": ["ts-jest",{}],
-  },
-  modulePathIgnorePatterns: ["<rootDir>/dist/", "<rootDir>/build/", "<rootDir>/node_modules/"],
-  setupFiles: ["<rootDir>/jest.setup.js"],
-};

package/jest.setup.js

@@ -1,24 +0,0 @@
-/* eslint-disable @typescript-eslint/no-unused-vars */
-/* eslint-disable @typescript-eslint/no-var-requires */
-/* eslint-disable no-undef */
-
-const { TextEncoder, TextDecoder } = require('util');
-
-Object.assign(global, { TextDecoder, TextEncoder })
-global.CSS = {
-  supports: (k, v) => true,
-}
-
-Object.defineProperty(window, 'matchMedia', {
-  writable: true,
-  value: jest.fn().mockImplementation(query => ({
-    matches: false,
-    media: query,
-    onchange: null,
-    addListener: jest.fn(), // Deprecated
-    removeListener: jest.fn(), // Deprecated
-    addEventListener: jest.fn(),
-    removeEventListener: jest.fn(),
-    dispatchEvent: jest.fn(),
-  })),
-});

package/scripts/build.js

@@ -1,34 +0,0 @@
-const esbuild = require("esbuild");
-const {name, version} = require("../package.json");
-
-const build = async () => {
-    console.log(`Building ${name}@${version}`);
-
-    const outputDir = "./dist/";
-    const minFileName = `${outputDir}zerohash_sdk.min.js`;
-    const bundleFileName = `${outputDir}zerohash_sdk.js`;
-
-    // Build minified dist
-    await esbuild
-        .build({
-            entryPoints: ['src/index.tsx'],
-            outdir: 'dist',
-            bundle: true,
-            sourcemap: true,
-            minify: true,
-            splitting: false,
-            format: 'esm',
-            target: ['esnext']
-        })
-        .catch(err => {
-            console.error('Error: build failed - unable to build minified dist');
-            throw err;
-        });
-}
-
-build()
-    .then(() => console.log("successfully built"))
-    .catch(err => {
-        console.error(err);
-        process.exit(1);
-    });

package/scripts/zip.js

@@ -1,49 +0,0 @@
-const fs = require("fs");
-const archiver = require("archiver");
-const {name, version} = require("../package.json");
-
-const zip = async () => {
-    const zipFile = `./build/zh_web_sdk_v${version}.zip`;
-    console.log(`Zipping to ${zipFile}`);
-
-    // create the directory forcibly
-    fs.mkdirSync("./build", {recursive: true});
-
-    // zip output as a package
-    const output = fs.createWriteStream(zipFile);
-    const archive = archiver('zip', {
-        zlib: { level: 9 }
-    });
-    output.on('close', () => {
-        console.log(archive.pointer() + ' total bytes');
-        console.log('archiver has been finalized and the output file descriptor has closed.');
-    });
-    output.on('end', () => {
-        console.log('Data has been drained');
-    });
-    archive.on('warning', (err) => {
-        if (err.code === "ENOENT") {
-            console.warn("ENOENT: ", err);
-        } else {
-            console.error(err);
-            throw err;
-        }
-    });
-    archive.on('error', (err) => {
-        console.error(err);
-        throw err;
-    });
-    archive.pipe(output);
-    archive.file("README.md");
-    archive.file("package.json");
-    archive.file("package-lock.json");
-    archive.directory("./dist/");
-    await archive.finalize();
-}
-
-zip()
-    .then(() => console.log("successfully zipped"))
-    .catch(err => {
-        console.error(err);
-        process.exit(1);
-    });

package/src/__tests__/jwt-auth-detection.test.ts

@@ -1,96 +0,0 @@
-import { decodeJWT } from "../api/convert-token";
-
-describe("JWT Auth Detection", () => {
-  describe("decodeJWT", () => {
-    it("should decode a valid JWT with Connect issuer", () => {
-      // JWT with iss: "https://connect-xyz.us.auth0.com/"
-      const jwt = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJodHRwczovL2Nvbm5lY3QueHl6L29yZ2FuaXphdGlvbiI6eyJpZCI6ImY0NDZmMTRjLTQwMzUtNDEwNS04OTJiLTE2NDliZmYxNjQyNCJ9LCJodHRwczovL2Nvbm5lY3QueHl6L2FjY291bnQiOnsiaWQiOiI1MzVhNzEyYS0wZmE0LTRjNmMtYjc4Zi01M2NiYTM1NmRkY2QiLCJyZWZlcmVuY2VJZCI6InJlZl8xNzY4MjYzNjg1NTM2X3ExM2tmdXc2ciJ9LCJodHRwczovL2Nvbm5lY3QueHl6L3VzZXIiOnsiaWQiOiJjZWU5ZmMzZS1lNjRmLTQ1OTItODQzZS1kN2ZhNzY2OWVmNGYifSwiaHR0cHM6Ly9jb25uZWN0Lnh5ei9zZXNzaW9uIjp7ImNyZWF0ZWRBdCI6IjIwMjYtMDEtMTNUMDA6MjE6MjZaIiwiaWQiOiI2MGQzZjkyYS1kNDlhLTQzM2EtOGU2OC1iMmZiNjE5ZDlmNTAiLCJtZXRhZGF0YSI6eyJ0ZXN0IjoidGVzdCJ9LCJzY29wZXMiOlsidXNlcjpkZXBvc2l0OnNlbmQiXSwic2V0dGluZ3MiOnsiemVyb19oYXNoIjp7ImVuYWJsZWQiOmZhbHNlfX19LCJpc3MiOiJodHRwczovL2Nvbm5lY3QteHl6LnVzLmF1dGgwLmNvbS8iLCJzdWIiOiJuTHBXSjU3U0Foa2JIODFST1ZKT0p3WVVYeDE5cjdYTkBjbGllbnRzIiwiYXVkIjoiaHR0cHM6Ly91c2Vycy5jZXJ0LmNvbm5lY3QueHl6IiwiaWF0IjoxNzY4MjYzNjg2LCJleHAiOjE3NjgzNTAwODYsImd0eSI6ImNsaWVudC1jcmVkZW50aWFscyIsImF6cCI6Im5McFdKNTdTQWhrYkg4MVJPVkpPSndZVVh4MTlyN1hOIn0.test";
-
-      const payload = decodeJWT(jwt);
-
-      expect(payload).toBeDefined();
-      expect(payload?.iss).toBe("https://connect-xyz.us.auth0.com/");
-      expect(payload?.iss).toContain("connect");
-    });
-
-    it("should decode a valid JWT without Connect issuer", () => {
-      // JWT with iss: "https://zerohash.com/"
-      const jwt = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJodHRwczovL3plcm9oYXNoLmNvbS8iLCJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.test";
-
-      const payload = decodeJWT(jwt);
-
-      expect(payload).toBeDefined();
-      expect(payload?.iss).toBe("https://zerohash.com/");
-      expect(payload?.iss).not.toContain("connect");
-    });
-
-    it("should return null for invalid JWT format", () => {
-      const invalidJwt = "invalid.jwt";
-
-      const payload = decodeJWT(invalidJwt);
-
-      expect(payload).toBeNull();
-    });
-
-    it("should return null for malformed JWT", () => {
-      const malformedJwt = "header.payload.signature.extra";
-
-      const payload = decodeJWT(malformedJwt);
-
-      expect(payload).toBeNull();
-    });
-  });
-
-  describe("useAuth determination logic", () => {
-    it("should determine useAuth=true when JWT has Connect issuer", () => {
-      const jwt = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJodHRwczovL2Nvbm5lY3QteHl6LnVzLmF1dGgwLmNvbS8ifQ.test";
-      const payload = decodeJWT(jwt);
-
-      const useAuth = payload && payload.iss && typeof payload.iss === 'string' && payload.iss.includes('connect');
-
-      expect(useAuth).toBe(true);
-    });
-
-    it("should determine useAuth=false when JWT does not have Connect issuer", () => {
-      const jwt = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJodHRwczovL3plcm9oYXNoLmNvbS8ifQ.test";
-      const payload = decodeJWT(jwt);
-
-      const useAuth = payload && payload.iss && typeof payload.iss === 'string' && payload.iss.includes('connect');
-
-      expect(useAuth).toBe(false);
-    });
-
-    it("should determine useAuth=false when JWT has no issuer", () => {
-      const jwt = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIn0.test";
-      const payload = decodeJWT(jwt);
-
-      const useAuth = payload && payload.iss && typeof payload.iss === 'string' && payload.iss.includes('connect');
-
-      expect(useAuth).toBeFalsy();
-    });
-
-    it("should determine useAuth=false when JWT is invalid", () => {
-      const jwt = "invalid";
-      const payload = decodeJWT(jwt);
-
-      const useAuth = payload && payload.iss && typeof payload.iss === 'string' && payload.iss.includes('connect');
-
-      expect(useAuth).toBeFalsy();
-    });
-
-    it("should match Connect issuer variations", () => {
-      const testCases = [
-        { jwt: "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJodHRwczovL2Nvbm5lY3QteHl6LnVzLmF1dGgwLmNvbS8ifQ.test", expected: true },
-        { jwt: "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJodHRwczovL2Nvbm5lY3QteHl6LmV1LmF1dGgwLmNvbS8ifQ.test", expected: true },
-        { jwt: "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJodHRwczovL2Nvbm5lY3QueHl6L2FwaS8ifQ.test", expected: true },
-        { jwt: "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJodHRwczovL3plcm9oYXNoLmNvbS8ifQ.test", expected: false },
-      ];
-
-      testCases.forEach(({ jwt, expected }) => {
-        const payload = decodeJWT(jwt);
-        const useAuth = payload && payload.iss && typeof payload.iss === 'string' && payload.iss.includes('connect');
-        expect(useAuth).toBe(expected);
-      });
-    });
-  });
-});

package/src/api/convert-token.ts

@@ -1,23 +0,0 @@
-export interface JWTPayload {
-  auth_embedded?: boolean;
-  reference_id?: string;
-  [key: string]: unknown;
-}
-
-export function decodeJWT(token: string): JWTPayload | null {
-  try {
-    const parts = token.split('.');
-    if (parts.length !== 3) {
-      console.error('[zh-web-sdk] Invalid JWT format');
-      return null;
-    }
-
-    const payload = parts[1];
-    const decoded = atob(payload.replace(/-/g, '+').replace(/_/g, '/'));
-    return JSON.parse(decoded);
-  } catch (error) {
-    console.error('[zh-web-sdk] Error decoding JWT:', error);
-    return null;
-  }
-}
-

package/src/constants.ts

@@ -1,2 +0,0 @@
-export const DEFAULT_ZH_APPS_URL = "https://web-sdk.zerohash.com/";
-export const DEFAULT_ROOT_ID_PREFIX = "zerohash"

package/src/hooks/__tests__/use-window-size.test.tsx

@@ -1,26 +0,0 @@
-import {useWindowSize} from "../use-window-size";
-import {act, renderHook, waitFor} from "@testing-library/react";
-
-describe("useWindowSize", () => {
-  it("Returns correct window dimensions on redirect", async () => {
-    const { result } = renderHook(() => useWindowSize());
-
-    // Asset initial values.
-    expect(result.current.height).toBe(768);
-    expect(result.current.width).toBe(1024);
-
-
-    // Change the viewport to 500px.
-    global.innerWidth = 500;
-    global.innerHeight = 500;
-
-    act(() => {
-      global.dispatchEvent(new Event('resize'));
-    })
-
-    await waitFor(() => {
-      expect(result.current.width).toBe(500);
-      expect(result.current.height).toBe(500);
-    })
-  })
-})

package/src/hooks/use-window-size.ts

@@ -1,19 +0,0 @@
-import {useLayoutEffect, useState} from "react";
-
-export const useWindowSize = () => {
-  const [height, setHeight] = useState(0);
-  const [width, setWidth] = useState(0);
-  useLayoutEffect(() => {
-    function updateSize() {
-      setWidth(window.innerWidth);
-      setHeight(window.innerHeight);
-    }
-    window.addEventListener('resize', updateSize);
-    updateSize();
-    return () => window.removeEventListener('resize', updateSize);
-  }, []);
-  return {
-    height,
-    width
-  };
-}