zudoku 0.78.0 → 0.78.2

package/src/app/adapters/node.ts

@@ -0,0 +1,32 @@
+import { dirname } from "node:path";
+import { fileURLToPath } from "node:url";
+import { serveStatic as defaultServeStatic } from "@hono/node-server/serve-static";
+import type { Adapter } from "../adapter.js";
+import type { protectChunks } from "../protectChunks.js";
+
+type ProtectChunksOpts = Parameters<typeof protectChunks>[0];
+type ServeStaticFactory = Extract<
+  ProtectChunksOpts,
+  { serveStatic: unknown }
+>["serveStatic"];
+
+export type NodeAdapterOptions = {
+  serverDir?: string;
+  serveStatic?: ServeStaticFactory;
+};
+
+export const node = (opts: NodeAdapterOptions = {}): Adapter => ({
+  setup: (app, ctx) => {
+    const serverDir = opts.serverDir ?? dirname(fileURLToPath(import.meta.url));
+    const serveStatic = opts.serveStatic ?? defaultServeStatic;
+    app.all("/server/*", (c) => c.notFound());
+    app.use(
+      ctx.protectChunks({
+        basePath: ctx.basePath,
+        serverDir,
+        serveStatic,
+      }),
+    );
+    app.use("*", serveStatic({ root: dirname(serverDir) }));
+  },
+});

package/src/app/adapters/vercel.ts

@@ -0,0 +1,39 @@
+import path from "node:path";
+import { fileURLToPath } from "node:url";
+import { serveStatic as defaultServeStatic } from "@hono/node-server/serve-static";
+import { handle } from "hono/vercel";
+import type { Adapter } from "../adapter.js";
+import type { protectChunks } from "../protectChunks.js";
+
+type ProtectChunksOpts = Parameters<typeof protectChunks>[0];
+type ServeStaticFactory = Extract<
+  ProtectChunksOpts,
+  { serveStatic: unknown }
+>["serveStatic"];
+
+export type VercelAdapterOptions = {
+  serverDir?: string;
+  staticDir?: string;
+  serveStatic?: ServeStaticFactory;
+};
+
+export const vercel = (
+  opts: VercelAdapterOptions = {},
+): Adapter<ReturnType<typeof handle>> => ({
+  setup: (app, ctx) => {
+    const serverDir =
+      opts.serverDir ?? path.dirname(fileURLToPath(import.meta.url));
+    const staticDir = opts.staticDir ?? path.join(serverDir, "..");
+    const serveStatic = opts.serveStatic ?? defaultServeStatic;
+    app.all("/server/*", (c) => c.notFound());
+    app.use(
+      ctx.protectChunks({
+        basePath: ctx.basePath,
+        serverDir,
+        serveStatic,
+      }),
+    );
+    app.use("*", serveStatic({ root: staticDir }));
+  },
+  finalize: (app) => handle(app),
+});

package/src/app/demo.tsx

@@ -2,7 +2,7 @@ import logger from "loglevel";
 import { createRoot } from "react-dom/client";
 import { createBrowserRouter } from "react-router";
 import type { ZudokuConfig } from "../config/validators/ZudokuConfig.js";
-import { Bootstrap } from "../lib/components/Bootstrap.js";
+import { BootstrapClient } from "../lib/components/Bootstrap.js";
 import DemoAnnouncement from "../lib/demo/DemoAnnouncement.js";
 import "../lib/util/logInit.js";
 import "./main.css";
@@ -74,4 +74,4 @@ const routes = getRoutesByConfig(config);
 const router = createBrowserRouter(routes, {
   basename: window.location.pathname,
 });
-createRoot(root).render(<Bootstrap router={router} />);
+createRoot(root).render(<BootstrapClient router={router} />);

package/src/app/entry.client.tsx

@@ -1,14 +1,22 @@
+import type { DehydratedState } from "@tanstack/react-query";
 import { createRoot, hydrateRoot } from "react-dom/client";
 import {
   createBrowserRouter,
   matchRoutes,
   type RouteObject,
 } from "react-router";
-import config from "virtual:zudoku-config";
 import "vite/modulepreload-polyfill";
-import { Bootstrap } from "../lib/components/Bootstrap.js";
+import config from "virtual:zudoku-config";
+import { setupCookieSync } from "../lib/authentication/cookie-sync.js";
+import { authState } from "../lib/authentication/state.js";
+import { BootstrapClient } from "../lib/components/Bootstrap.js";
+import { joinUrl } from "../lib/util/joinUrl.js";
 import { getRoutesByConfig, shikiReady } from "./main.js";
 
+if (import.meta.env.ZUDOKU_HAS_SERVER) {
+  setupCookieSync(authState, joinUrl(config.basePath, "/__z/auth/session"));
+}
+
 const routes = getRoutesByConfig(config);
 // biome-ignore lint/style/noNonNullAssertion: We know the root element exists
 const root = document.getElementById("root")!;
@@ -16,6 +24,7 @@ const root = document.getElementById("root")!;
 declare global {
   interface Window {
     ZUDOKU_VERSION: string;
+    ZUDOKU_DATA?: DehydratedState;
   }
 }
 
@@ -96,7 +105,7 @@ function render(routes: RouteObject[]) {
   const router = createBrowserRouter(routes, {
     basename: config.basePath,
   });
-  createRoot(root).render(<Bootstrap router={router} />);
+  createRoot(root).render(<BootstrapClient router={router} />);
 }
 
 async function hydrate(routes: RouteObject[]) {
@@ -106,13 +115,16 @@ async function hydrate(routes: RouteObject[]) {
     basename: config.basePath,
   });
 
-  hydrateRoot(root, <Bootstrap hydrate router={router} />);
+  hydrateRoot(root, <BootstrapClient hydrate router={router} />);
 }
 
-// This is a workaround to avoid version skewing
-// See https://vite.dev/guide/build.html#load-error-handling
-// TODO: Implement a more advanced solution if there are CDN urls or e.g. Vercel Skew Protection
+// Reload on chunk preload failures to recover from version skew.
+// Throttled so a non-recoverable error (e.g. auth-gated chunk 401) doesn't loop infinitely.
+// https://vite.dev/guide/build.html#load-error-handling
 window.addEventListener("vite:preloadError", (e) => {
   e.preventDefault();
+  const last = Number(sessionStorage.getItem("zudoku:preload-reload-ts") ?? 0);
+  if (Date.now() - last < 30_000) return;
+  sessionStorage.setItem("zudoku:preload-reload-ts", String(Date.now()));
   window.location.reload();
 });

package/src/app/entry.server.tsx

@@ -1,5 +1,7 @@
 import { dehydrate, QueryClient } from "@tanstack/react-query";
 import type { HelmetData } from "@zudoku/react-helmet-async";
+import { Hono } from "hono";
+import { compress } from "hono/compress";
 import logger from "loglevel";
 import { renderToReadableStream, renderToStaticMarkup } from "react-dom/server";
 import {
@@ -9,12 +11,73 @@ import {
   type RouteObject,
 } from "react-router";
 import "vite/modulepreload-polyfill";
+import { configuredAuthProvider } from "virtual:zudoku-auth";
+import config from "virtual:zudoku-config";
+import { parseCookies } from "../lib/authentication/cookies.js";
+import { createSessionHandler } from "../lib/authentication/session-handler.js";
+import { cachedVerifyAccessToken } from "../lib/authentication/verify-cache.js";
 import { BootstrapStatic } from "../lib/components/Bootstrap.js";
 import { NO_DEHYDRATE } from "../lib/components/cache.js";
+import type { SSRAuthState } from "../lib/components/context/RenderContext.js";
 import { ServerError } from "../lib/errors/ServerError.js";
+import { buildManifest } from "../lib/manifest.js";
 import { highlighterPromise } from "../lib/shiki.js";
+import type { Adapter } from "./adapter.js";
 import { getRoutesByConfig } from "./main.js";
+import { protectChunks as rawProtectChunks } from "./protectChunks.js";
+import { wrapProtectedRoutes } from "./wrapProtectedRoutes.js";
+
 export { getRoutesByConfig };
+export type { Adapter, AdapterContext } from "./adapter.js";
+
+// Shared cached verifier for session handler, SSR render, and protected-chunk gate.
+const verifier = configuredAuthProvider?.verifyAccessToken
+  ? (token: string) =>
+      cachedVerifyAccessToken(
+        // biome-ignore lint/style/noNonNullAssertion: verifyAccessToken is guaranteed to be defined
+        configuredAuthProvider!.verifyAccessToken!.bind(configuredAuthProvider),
+        token,
+      )
+  : undefined;
+
+// Wire verifier here so adapters remain auth-agnostic.
+export const protectChunks: typeof rawProtectChunks = (opts) =>
+  rawProtectChunks({
+    ...opts,
+    verifyAccessToken: opts.verifyAccessToken ?? verifier,
+  });
+
+const safeSerialize = (data: unknown) =>
+  JSON.stringify(data)
+    .replace(/</g, "\\u003c")
+    .replace(/>/g, "\\u003e")
+    .replace(/\u2028/g, "\\u2028")
+    .replace(/\u2029/g, "\\u2029");
+
+// Profile must come from the verifier so a forged cookie can't render
+// protected HTML. SSG has no runtime cookie and short-circuits.
+const resolveSsrAuth = async (
+  request: Request,
+): Promise<SSRAuthState | undefined> => {
+  if (!import.meta.env.ZUDOKU_HAS_SERVER || !configuredAuthProvider) return;
+
+  const { accessToken } = parseCookies(request);
+  if (!accessToken || !verifier)
+    return { accessToken: undefined, profile: null };
+
+  try {
+    const verified = await verifier(accessToken);
+    return verified
+      ? { accessToken, profile: verified.profile }
+      : { accessToken: undefined, profile: null };
+  } catch (error) {
+    logger.error(
+      `SSR auth verifier error (${request.method} ${request.url}):`,
+      error,
+    );
+    return { accessToken: undefined, profile: null };
+  }
+};
 
 // Statically importing shiki.ts here ensures it's in the SSR bundle.
 // main.tsx dynamically imports it instead to enable lazy loading on the client.
@@ -37,7 +100,18 @@ export const handleRequest = async ({
   basePath?: string;
   bypassProtection?: boolean;
 }): Promise<Response> => {
-  const { query, dataRoutes } = createStaticHandler(routes, {
+  const ssrAuth = await resolveSsrAuth(request);
+
+  // No-op lazy() on protected subtrees for unauthed requests so loaders
+  // don't run for a 401 render.
+  const effectiveRoutes = wrapProtectedRoutes(
+    routes,
+    config.protectedRoutes,
+    !!ssrAuth?.profile,
+    basePath,
+  );
+
+  const { query, dataRoutes } = createStaticHandler(effectiveRoutes, {
     basename: basePath,
   });
   const queryClient = new QueryClient();
@@ -67,6 +141,7 @@ export const handleRequest = async ({
   const renderContext = {
     status: 200,
     bypassProtection: bypassProtection ?? false,
+    ssrAuth,
   };
 
   const App = (
@@ -84,9 +159,7 @@ export const handleRequest = async ({
     const reactStream = await renderToReadableStream(App, {
       onError(error) {
         status = 500;
-        if (import.meta.env.PROD) {
-          logger.error("SSR Error:", error);
-        }
+        logger.error(`SSR Error (${request.method} ${request.url}):`, error);
       },
     });
 
@@ -124,9 +197,6 @@ export const handleRequest = async ({
           const dehydrated = dehydrate(queryClient, {
             shouldDehydrateQuery: (q) => !q.queryKey.includes(NO_DEHYDRATE),
           });
-          const serialized = JSON.stringify(dehydrated)
-            .replace(/</g, "\\u003c")
-            .replace(/>/g, "\\u003e");
 
           const closingTag = "</body>";
           const idx = htmlEnd.lastIndexOf(closingTag);
@@ -135,8 +205,14 @@ export const handleRequest = async ({
             controller.enqueue(encoder.encode(htmlEnd));
           } else {
             controller.enqueue(encoder.encode(htmlEnd.slice(0, idx)));
+            const scripts = [`window.ZUDOKU_DATA=${safeSerialize(dehydrated)}`];
+            if (ssrAuth) {
+              scripts.push(
+                `window.ZUDOKU_SSR_AUTH=${safeSerialize({ profile: ssrAuth.profile })}`,
+              );
+            }
             controller.enqueue(
-              encoder.encode(`<script>window.DATA=${serialized}</script>`),
+              encoder.encode(`<script>${scripts.join(";")}</script>`),
             );
             controller.enqueue(encoder.encode(htmlEnd.slice(idx)));
           }
@@ -146,11 +222,24 @@ export const handleRequest = async ({
       },
     });
 
+    const headers: HeadersInit = {
+      "Content-Type": "text/html; charset=utf-8",
+    };
+    // Only suppress caching for pages that embed a per-user profile.
+    // Anonymous renders (auth configured but no session) stay cacheable.
+    if (ssrAuth?.profile) {
+      headers["Cache-Control"] = "private, no-store";
+    }
+
     return new Response(stream, {
       status: renderContext.status !== 200 ? renderContext.status : status,
-      headers: { "Content-Type": "text/html; charset=utf-8" },
+      headers,
     });
   } catch (error) {
+    logger.error(
+      `SSR fatal render error (${request.method} ${request.url}):`,
+      error,
+    );
     const html = renderToStaticMarkup(<ServerError error={error} />);
     return new Response(html, {
       status: 500,
@@ -158,3 +247,38 @@ export const handleRequest = async ({
     });
   }
 };
+
+export const manifest = buildManifest({
+  basePath: config.basePath,
+  protectedRoutes: config.protectedRoutes,
+});
+
+export const createApp = () => new Hono();
+
+export type MountOptions<T = Hono> = {
+  adapter?: Adapter<T>;
+  template?: string;
+};
+
+declare const __ZUDOKU_TEMPLATE__: string;
+
+export const mount = <T = Hono>(
+  app: Hono,
+  options: MountOptions<T> = {},
+): T => {
+  const template = options.template ?? __ZUDOKU_TEMPLATE__;
+  const basePath = config.basePath;
+  const routes = getRoutesByConfig(config);
+
+  app.use(compress());
+  app.route(manifest.auth.sessionEndpoint, createSessionHandler(verifier));
+  options.adapter?.setup?.(app, { basePath, manifest, protectChunks });
+  app.all("*", (c) =>
+    handleRequest({ template, request: c.req.raw, routes, basePath }),
+  );
+
+  return (options.adapter?.finalize?.(app) ?? app) as T;
+};
+
+export const createServer = <T = Hono>(options: MountOptions<T> = {}): T =>
+  mount(createApp(), options);

package/src/app/main.tsx

@@ -18,11 +18,12 @@ import "virtual:zudoku-theme.css";
 import { Zudoku } from "zudoku/components";
 import { Outlet } from "zudoku/router";
 import type { ZudokuConfig } from "../config/config.js";
+import { authState } from "../lib/authentication/state.js";
 import { BuildCheck } from "../lib/components/BuildCheck.js";
-import "./main.css";
 import { Meta } from "../lib/components/Meta.js";
-import "./polyfills.js";
+import "./main.css";
 import { StatusPage } from "../lib/components/StatusPage.js";
+import "./polyfills.js";
 import { isNavigationPlugin } from "../lib/core/plugins.js";
 import { RouteGuard } from "../lib/core/RouteGuard.js";
 import type { ZudokuContextOptions } from "../lib/core/ZudokuContext.js";
@@ -30,6 +31,10 @@ import { RouterError } from "../lib/errors/RouterError.js";
 import { ZuploEnv } from "./env.js";
 import { processRoutes } from "./processRoutes.js";
 import { createRedirectRoutes } from "./utils/createRedirectRoutes.js";
+import {
+  warnInlineProtectedRoutes,
+  wrapProtectedRoutes,
+} from "./wrapProtectedRoutes.js";
 
 export const shikiReady: Promise<HighlighterCore> =
   import("../lib/shiki.js").then(async ({ highlighterPromise }) => {
@@ -122,6 +127,10 @@ export const getRoutesByConfig = (config: ZudokuConfig): RouteObject[] => {
     import.meta.env.IS_ZUPLO || config.enableStatusPages,
   );
 
+  if (import.meta.env.DEV && typeof window !== "undefined") {
+    warnInlineProtectedRoutes(routes, config.protectedRoutes, config.basePath);
+  }
+
   return [
     ...createRedirectRoutes(config.redirects),
     {
@@ -142,7 +151,16 @@ export const getRoutesByConfig = (config: ZudokuConfig): RouteObject[] => {
             </Meta>
           ),
           errorElement: <RouterError />,
-          children: processRoutes(routes),
+          // Chunk-gate protected routes only in SSR; SSG has no 401 to avoid.
+          children:
+            typeof window === "undefined" || !import.meta.env.ZUDOKU_HAS_SERVER
+              ? processRoutes(routes)
+              : wrapProtectedRoutes(
+                  processRoutes(routes),
+                  config.protectedRoutes,
+                  authState.getState().isAuthenticated,
+                  config.basePath,
+                ),
         },
       ],
     },

package/src/app/protectChunks.ts

@@ -0,0 +1,64 @@
+import type { Context, MiddlewareHandler } from "hono";
+import logger from "loglevel";
+import { parseCookies } from "../lib/authentication/cookies.js";
+import { PROTECTED_CHUNK_DIR } from "../lib/manifest.js";
+import { joinUrl } from "../lib/util/joinUrl.js";
+
+// Shape of @hono/node-server's serveStatic used by filesystem adapters.
+// Typed structurally so app/ doesn't import the node-server package.
+type ServeStaticFactory = (opts: {
+  root: string;
+  rewriteRequestPath?: (p: string) => string;
+}) => MiddlewareHandler;
+
+type FilesystemServe = { serverDir: string; serveStatic: ServeStaticFactory };
+type CustomServe = { serve: MiddlewareHandler };
+
+// Adapter-agnostic guard for /_protected/* chunks. Handles both filesystem ({ serverDir, serveStatic }) and custom serve ({ serve }) options.
+// If verifyAccessToken is provided, re-validates the access token cookie. Any falsy or thrown result denies access.
+export const protectChunks = (
+  opts: {
+    basePath?: string;
+    verifyAccessToken?: (token: string) => Promise<unknown>;
+  } & (FilesystemServe | CustomServe),
+): MiddlewareHandler => {
+  const prefix = joinUrl(opts.basePath, PROTECTED_CHUNK_DIR);
+
+  const serve: MiddlewareHandler =
+    "serve" in opts
+      ? opts.serve
+      : opts.serveStatic({
+          root: `${opts.serverDir}/${PROTECTED_CHUNK_DIR}`,
+          rewriteRequestPath: (p) => p.slice(prefix.length) || "/",
+        });
+
+  const sendUnauthorized = (c: Context) =>
+    c.text("Unauthorized", 401, {
+      "Cache-Control": "private, no-store",
+      Vary: "Cookie",
+    });
+
+  return async (c, next) => {
+    if (!c.req.path.startsWith(`${prefix}/`)) return next();
+
+    const { accessToken } = parseCookies(c.req.raw);
+    if (!accessToken) return sendUnauthorized(c);
+
+    if (opts.verifyAccessToken) {
+      try {
+        const verified = await opts.verifyAccessToken(accessToken);
+        if (!verified) return sendUnauthorized(c);
+      } catch (error) {
+        logger.error(
+          `protectChunks: verifyAccessToken threw for ${c.req.path}:`,
+          error,
+        );
+        return sendUnauthorized(c);
+      }
+    }
+
+    c.header("Cache-Control", "private, no-store");
+    c.header("Vary", "Cookie");
+    return serve(c, next);
+  };
+};

package/src/app/standalone.tsx

@@ -1,7 +1,7 @@
 import { createRoot } from "react-dom/client";
 import { createBrowserRouter } from "react-router";
 import type { ZudokuConfig } from "../config/validators/ZudokuConfig.js";
-import { Bootstrap } from "../lib/components/Bootstrap.js";
+import { BootstrapClient } from "../lib/components/Bootstrap.js";
 import { openApiPlugin } from "../lib/plugins/openapi/index.js";
 import "../lib/util/logInit.js";
 import "./main.css";
@@ -57,4 +57,4 @@ const routes = getRoutesByConfig(config);
 const router = createBrowserRouter(routes, {
   basename: window.location.pathname,
 });
-createRoot(root).render(<Bootstrap router={router} />);
+createRoot(root).render(<BootstrapClient router={router} />);

package/src/app/wrapProtectedRoutes.ts

@@ -0,0 +1,82 @@
+import type { RouteObject } from "react-router";
+import type { ProtectedRoutesInput } from "../config/validators/ProtectedRoutesSchema.js";
+import { normalizeProtectedRoutes } from "../lib/core/ZudokuContext.js";
+import { joinUrl } from "../lib/util/joinUrl.js";
+import {
+  matchesAnyProtectedPattern,
+  matchesProtectedPattern,
+} from "../lib/util/url.js";
+
+type Visitor = (route: RouteObject, fullPath: string) => RouteObject;
+
+const visitRoutes = (
+  rs: RouteObject[],
+  visit: Visitor,
+  parent = "",
+): RouteObject[] =>
+  rs.map((r) => {
+    const fullPath = r.path ? joinUrl(parent, r.path) : parent;
+    const next = visit(r, fullPath);
+
+    return next.children
+      ? { ...next, children: visitRoutes(next.children, visit, fullPath) }
+      : next;
+  });
+
+const noop: RouteObject["lazy"] = async () => ({ element: null });
+
+// Stub lazy() on routes matching a protected pattern when unauthed so the
+// gated chunk doesn't fetch. Public routes stay intact. RouteGuard renders
+// the sign-in UI.
+export const wrapProtectedRoutes = (
+  routes: RouteObject[],
+  protectedRoutes: ProtectedRoutesInput,
+  isAuthenticated: boolean,
+  basePath?: string,
+): RouteObject[] => {
+  const patterns = Object.keys(normalizeProtectedRoutes(protectedRoutes) ?? {});
+  if (patterns.length === 0 || isAuthenticated) return routes;
+
+  const fullPatterns = patterns.map((p) => joinUrl(basePath, p));
+
+  return visitRoutes(routes, (r, fullPath) => {
+    if (typeof r.lazy !== "function") return r;
+    return matchesAnyProtectedPattern(fullPatterns, fullPath)
+      ? { ...r, lazy: noop }
+      : r;
+  });
+};
+
+// Inline elements can't be chunk-isolated; RouteGuard still blocks render,
+// but the JS ships in the main bundle. Only meaningful in dev.
+export const warnInlineProtectedRoutes = (
+  routes: RouteObject[],
+  protectedRoutes: ProtectedRoutesInput,
+  basePath?: string,
+) => {
+  const patterns = Object.keys(normalizeProtectedRoutes(protectedRoutes) ?? {});
+  if (patterns.length === 0) return;
+
+  const fullPatterns = patterns.map((p) => joinUrl(basePath, p));
+
+  visitRoutes(routes, (r, fullPath) => {
+    const isInline =
+      (r.element != null || r.Component != null) &&
+      typeof r.lazy !== "function";
+
+    if (!r.path || !isInline) return r;
+
+    const matched = fullPatterns.find((p) =>
+      matchesProtectedPattern(p, fullPath),
+    );
+
+    if (!matched) return r;
+
+    // biome-ignore lint/suspicious/noConsole: dev-only advisory
+    console.warn(
+      `[zudoku] Route "${fullPath}" matches protected pattern "${matched}" but uses an inline element instead of lazy(). RouteGuard blocks rendering, but the JS ships in the main bundle. Use \`lazy: () => import(...)\` to gate at the chunk level.`,
+    );
+
+    return r;
+  });
+};

package/src/config/validators/icon-types.ts

@@ -138,6 +138,7 @@ export const IconNames = [
   "arrows-up-from-line",
   "asterisk",
   "asterisk-square",
+  "astroid",
   "at-sign",
   "atom",
   "audio-lines",
@@ -205,6 +206,7 @@ export const IconNames = [
   "beer",
   "beer-off",
   "bell",
+  "bell-check",
   "bell-dot",
   "bell-electric",
   "bell-minus",
@@ -226,6 +228,7 @@ export const IconNames = [
   "birdhouse",
   "bitcoin",
   "blend",
+  "blender",
   "blinds",
   "blocks",
   "bluetooth",
@@ -291,6 +294,7 @@ export const IconNames = [
   "briefcase-conveyor-belt",
   "briefcase-medical",
   "bring-to-front",
+  "broccoli",
   "brush",
   "brush-cleaning",
   "bubbles",
@@ -783,6 +787,7 @@ export const IconNames = [
   "fold-vertical",
   "folder",
   "folder-archive",
+  "folder-bookmark",
   "folder-check",
   "folder-clock",
   "folder-closed",
@@ -932,6 +937,7 @@ export const IconNames = [
   "heart-off",
   "heart-plus",
   "heart-pulse",
+  "heart-x",
   "heater",
   "helicopter",
   "help-circle",
@@ -1009,6 +1015,7 @@ export const IconNames = [
   "layers",
   "layers-2",
   "layers-3",
+  "layers-minus",
   "layers-plus",
   "layout",
   "layout-dashboard",
@@ -1417,6 +1424,7 @@ export const IconNames = [
   "repeat",
   "repeat-1",
   "repeat-2",
+  "repeat-off",
   "replace",
   "replace-all",
   "reply",
@@ -1676,6 +1684,12 @@ export const IconNames = [
   "stethoscope",
   "sticker",
   "sticky-note",
+  "sticky-note-check",
+  "sticky-note-minus",
+  "sticky-note-off",
+  "sticky-note-plus",
+  "sticky-note-x",
+  "sticky-notes",
   "stone",
   "stop-circle",
   "store",
@@ -1756,6 +1770,7 @@ export const IconNames = [
   "ticket-x",
   "tickets",
   "tickets-plane",
+  "timeline",
   "timer",
   "timer-off",
   "timer-reset",
@@ -1895,7 +1910,9 @@ export const IconNames = [
   "waves",
   "waves-arrow-down",
   "waves-arrow-up",
+  "waves-horizontal",
   "waves-ladder",
+  "waves-vertical",
   "waypoints",
   "webcam",
   "webhook",