chore(release): bump package versions

[halvaradop]

Description

This pull request publishes new releases of the packages to both npm and JSR registries:

• @aura-stack/auth@0.7.2
• @aura-stack/elysia@0.1.0
• @aura-stack/express@0.1.0
• @aura-stack/hono@0.1.0
• @aura-stack/react@0.1.0
• @aura-stack/react-router@0.1.0
• @aura-stack/next@0.1.0

NPM

• https://www.npmjs.com/package/@aura-stack/auth
• https://www.npmjs.com/package/@aura-stack/elysia
• https://www.npmjs.com/package/@aura-stack/express
• https://www.npmjs.com/package/@aura-stack/hono
• https://www.npmjs.com/package/@aura-stack/react
• https://www.npmjs.com/package/@aura-stack/react-router
• https://www.npmjs.com/package/@aura-stack/next

JSR

• https://jsr.io/@aura-stack/auth
• https://jsr.io/@aura-stack/elysia
• https://jsr.io/@aura-stack/express
• https://jsr.io/@aura-stack/hono
• https://jsr.io/@aura-stack/react
• https://jsr.io/@aura-stack/react-router
• https://jsr.io/@aura-stack/next

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

1 Skipped Deployment

Project	Deployment	Actions	Updated (UTC)
auth	Skipped		Jun 6, 2026 12:56am

[coderabbitai]

Need the big picture first? Review this PR in Change Stack to see what changed before going file by file.

Warning

Review limit reached

@halvaradop, we couldn't start this review because you've reached your PR review rate limit.

More reviews will be available in 28 minutes and 51 seconds. Learn how PR review limits work.

Your organization has run out of usage credits. Purchase more in the billing tab.

⌛ How to resolve this issue?

After more reviews become available, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans include higher PR review limits than trial, open-source, and free plans. In all cases, reviews become available again over time. During sustained high-volume PR review activity, CodeRabbit may temporarily slow when the next review becomes available.

Please see our Fair Usage Limits Policy for further information.

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: a7206e70-ad62-4fbd-ad4b-6855b578bc6e

📥 Commits

Reviewing files that changed from the base of the PR and between f23bc73 and d1c60ae.

📒 Files selected for processing (12)

• packages/elysia/deno.json
• packages/elysia/package.json
• packages/express/deno.json
• packages/express/package.json
• packages/hono/deno.json
• packages/hono/package.json
• packages/integration/deno.json
• packages/next/package.json
• packages/react-router/package.json
• packages/react/CHANGELOG.md
• packages/react/deno.json
• packages/react/package.json

📝 Walkthrough

Walkthrough

This PR coordinates a multi-package version release across the aura-stack monorepo: @aura-stack/auth core advances to v0.7.2, while framework integration packages (elysia, express, hono, react, react-router, next) advance to v0.1.0. All packages receive expanded OAuth provider entry points and updated dependency pinning. The workspace configuration excludes packages/integration from Deno's workspace glob.

Changes

Multi-package release v0.7.2–v0.1.0 with OAuth expansion

Layer / File(s)	Summary
Workspace configuration deno.json	Root deno.json workspace field adds explicit exclusion for packages/integration while preserving the packages/** inclusion pattern.
Core package release v0.7.2 packages/core/CHANGELOG.md, packages/core/deno.json, packages/core/package.json	Core @aura-stack/auth version bumped from 0.7.0 to 0.7.2 with @aura-stack/router dependency synchronized to ^0.7.2. Changelog documents the router synchronization fix and prior 0.7.1 additions (new /cookies entry module and TypeBox inference removal).
Framework packages v0.1.0 release packages/elysia/*, packages/express/*, packages/hono/*	Elysia, Express, and Hono packages bumped to v0.1.0 with expanded exports maps to include OAuth provider subpaths (./oauth/atlassian, ./oauth/github, etc.), new @aura-stack/auth@^0.7.1 imports, broadened publish.include to ship src/_core and src/oauth, and changelog entries documenting /cookies entry module.
React ecosystem packages v0.1.0 release packages/react/*, packages/react-router/*, packages/next/*	React, React-Router, and Next packages bumped to v0.1.0 with expanded OAuth provider subpath exports, export path corrections (./context.tsx), explicit react and react-router version pinning (react@19.2.3, react-router@7.12.0), and new @aura-stack/react dependency additions. Changelog entries document /cookies entry module and AuthProvider redirect function support.
Integration package imports wiring packages/integration/deno.json	Integration package imports map expanded to expose comprehensive OAuth provider-specific alias entries under ./src/oauth/* (atlassian, github, x, etc.) alongside core module aliases.

🎯 2 (Simple) | ⏱️ ~10 minutes

Possibly related PRs

• aura-stack-ts/auth#167: Both PRs update packages/core/deno.json with @aura-stack/router dependency changes in the 0.7.x version range.
• aura-stack-ts/auth#149: Both PRs modify packages/core/deno.json and packages/core/package.json as part of coordinated @aura-stack/auth version management.
• aura-stack-ts/auth#104: Both PRs update the root deno.json workspace configuration glob patterns.

Suggested labels

release

Poem

🐰 Bouncing through manifests with a spring in my paws,
OAuth providers springing to life with OAuth-clause,
Versions hop up, from zero to one and beyond,
Each package now dancing in release-harmony bond,
Cookies and routers all synchronized tight,
The monorepo hops forward with version-bump might!

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title accurately summarizes the main objective of the pull request, which is to bump package versions across multiple packages in the monorepo.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch release/bump-packages

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 3

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)

packages/react/CHANGELOG.md (1)

9-24: ⚠️ Potential issue | 🟡 Minor | ⚡ Quick win

Add [0.1.0] section to align with other packages.

The Express and Hono packages both include a [0.1.0] - 2026-06-05 section in their changelogs to document the first release. Since this package is also releasing version 0.1.0 (as shown in package.json line 3), the changelog should follow the same structure for consistency.

Consider moving the recent additions from [Unreleased] into a new [0.1.0] - 2026-06-05 section, and keep [Unreleased] as an empty placeholder for future changes, following the pattern used in the other packages.

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@packages/react/CHANGELOG.md` around lines 9 - 24, Update the changelog by
creating a new release section header "[0.1.0] - 2026-06-05" and move the
current entries under "## [Unreleased]" (the Added bullets about /cookies,
AuthProvider redirect, BroadcastChannel, updated hooks, removed exports, new
entry points, and React integration) into that new "[0.1.0] - 2026-06-05"
section; leave "## [Unreleased]" present but empty as a placeholder to match the
other packages' changelog structure.

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@packages/elysia/deno.json`:
- Line 33: The deno import for the dependency "`@aura-stack/auth`" is pinned to
^0.7.1 which mismatches the bumped core version 0.7.2; update the version string
in packages/elysia/deno.json (the entry containing "`@aura-stack/auth`":
"npm:`@aura-stack/auth`@^0.7.1") to the matching ^0.7.2 so the Elysia package uses
the latest core release.

In `@packages/express/deno.json`:
- Line 33: The `@aura-stack/auth` dependency in the manifest is pinned to ^0.7.1
causing a mismatch with core 0.7.2; update the dependency entry string
"`@aura-stack/auth`": "npm:`@aura-stack/auth`@^0.7.1" to use ^0.7.2 so it reads
"`@aura-stack/auth`": "npm:`@aura-stack/auth`@^0.7.2" to align versions and ensure
the Express package uses the latest core release.

In `@packages/integration/deno.json`:
- Line 13: The import-map entry for the specifier "./cookies" currently targets
"src/_core/cookies.ts" (a non-relative specifier); update the mapping value to
use a relative path by changing the target to "./src/_core/cookies.ts" so the
"./cookies" entry resolves consistently with the other "./src/..." entries in
the import-map.

---

Outside diff comments:
In `@packages/react/CHANGELOG.md`:
- Around line 9-24: Update the changelog by creating a new release section
header "[0.1.0] - 2026-06-05" and move the current entries under "##
[Unreleased]" (the Added bullets about /cookies, AuthProvider redirect,
BroadcastChannel, updated hooks, removed exports, new entry points, and React
integration) into that new "[0.1.0] - 2026-06-05" section; leave "##
[Unreleased]" present but empty as a placeholder to match the other packages'
changelog structure.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: be425c72-97cd-40d0-8489-0abe12e9894c

📥 Commits

Reviewing files that changed from the base of the PR and between a54e654 and f23bc73.

⛔ Files ignored due to path filters (2)

• bun.lock is excluded by !**/*.lock
• deno.lock is excluded by !**/*.lock

📒 Files selected for processing (23)

• deno.json
• packages/core/CHANGELOG.md
• packages/core/deno.json
• packages/core/package.json
• packages/elysia/CHANGELOG.md
• packages/elysia/deno.json
• packages/elysia/package.json
• packages/express/CHANGELOG.md
• packages/express/deno.json
• packages/express/package.json
• packages/hono/CHANGELOG.md
• packages/hono/deno.json
• packages/hono/package.json
• packages/integration/deno.json
• packages/next/CHANGELOG.md
• packages/next/deno.json
• packages/next/package.json
• packages/react-router/CHANGELOG.md
• packages/react-router/deno.json
• packages/react-router/package.json
• packages/react/CHANGELOG.md
• packages/react/deno.json
• packages/react/package.json