From d4f6f587351753392d90d6d4d836fffd2c76218e Mon Sep 17 00:00:00 2001 From: Bilal Godil Date: Sat, 23 May 2026 17:35:08 -0700 Subject: [PATCH 1/2] =?UTF-8?q?feat(hexclave):=20PR=202=20=E2=80=94=20visi?= =?UTF-8?q?ble=20rebrand=20to=20Hexclave?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Rebased onto dev after PR 1475 (cl/hexclave-pr1) was squash-merged. Squashes the original 46-commit branch (including PR1-duplicate commits that arrived via cherry-picks/merges) into a single commit containing only PR2's net delta over dev. Original PR 1481 head: 94872de407873a1cabd4085deb21b69afe8d7699 (kept locally at backup/cl-romantic-mendel-5a2c25-pre-rebase) --- .../references/capture-patterns.md | 2 +- .../scripts/detect_dev_server.sh | 4 +- .devcontainer/README.md | 4 +- .devcontainer/devcontainer.json | 2 +- .github/SECURITY.md | 8 +- .github/pull_request_template.md | 2 +- .github/workflows/npm-publish.yaml | 26 + AGENTS.md | 6 +- CHANGELOG.md | 2 +- CLAUDE.md | 2 +- CONTRIBUTING.md | 16 +- LICENSE | 2 +- README.md | 56 +- RENAME-TO-HEXCLAVE.md | 4 +- apps/backend/.env | 6 +- apps/backend/.env.development | 4 +- apps/backend/package.json | 2 +- .../migration.sql | 14 + apps/backend/prisma/seed.ts | 6 +- .../scripts/backfill-internal-free-plans.ts | 2 +- .../scripts/generate-openapi-fumadocs.ts | 4 +- .../regen-internal-subscriptions-to-latest.ts | 2 +- .../app/api/latest/(api-keys)/handlers.tsx | 8 +- .../initiate-passkey-registration/route.tsx | 4 +- .../src/app/api/latest/check-version/route.ts | 4 +- .../access-token-helpers.tsx | 6 +- .../app/api/latest/contact-channels/README.md | 2 +- .../ai-proxy/[[...path]]/route.ts | 2 +- .../src/app/api/latest/integrations/idp.ts | 9 +- .../internal/backend-urls/route.test.tsx | 22 +- .../latest/internal/backend-urls/route.tsx | 4 +- .../latest/internal/email-drafts/route.tsx | 2 +- .../email-templates/[templateId]/route.tsx | 4 +- .../internal/failed-emails-digest/route.ts | 10 +- .../internal/feature-requests/route.tsx | 2 +- .../api/latest/internal/feedback/route.tsx | 6 +- .../payments/transactions/refund/route.tsx | 2 +- .../latest/internal/send-test-email/route.tsx | 4 +- .../[customer_id]/setup-intent/route.ts | 2 +- .../[customer_id]/[product_id]/route.ts | 2 +- apps/backend/src/app/api/latest/route.ts | 30 +- apps/backend/src/app/health/email/route.tsx | 2 +- apps/backend/src/app/layout.tsx | 4 +- apps/backend/src/app/page.tsx | 6 +- apps/backend/src/lib/ai/models.ts | 2 +- apps/backend/src/lib/ai/prompts.ts | 148 ++--- apps/backend/src/lib/ai/qa-reviewer.ts | 4 +- .../src/lib/ai/tools/create-email-draft.ts | 4 +- .../src/lib/ai/tools/create-email-template.ts | 4 +- apps/backend/src/lib/ai/tools/docs.ts | 6 +- apps/backend/src/lib/ai/verified-qa.ts | 2 +- apps/backend/src/lib/email-rendering.test.tsx | 4 +- apps/backend/src/lib/email-rendering.tsx | 9 +- apps/backend/src/lib/end-users.tsx | 2 +- apps/backend/src/lib/external-db-sync.ts | 2 +- .../src/lib/internal-feedback-emails.tsx | 8 +- apps/backend/src/lib/openapi.tsx | 11 +- apps/backend/src/lib/plan-entitlements.ts | 4 +- apps/backend/src/lib/stripe.tsx | 2 +- apps/backend/src/lib/tokens.tsx | 3 + apps/backend/src/oauth/providers/base.tsx | 2 +- apps/backend/src/prisma-client.tsx | 4 +- .../src/route-handlers/not-found-handler.tsx | 4 +- apps/backend/src/stack.tsx | 2 +- apps/dashboard/.env | 2 +- apps/dashboard/DESIGN-GUIDE.md | 2 +- apps/dashboard/package.json | 2 +- .../page-client-parts/components.tsx | 2 +- .../link-existing-onboarding-workflow.test.ts | 2 +- .../link-existing-onboarding-workflow.ts | 6 +- .../link-existing-onboarding.tsx | 24 +- .../project-onboarding-wizard.test.tsx | 2 +- .../project-onboarding-wizard.tsx | 10 +- .../(outside-dashboard)/projects/footer.tsx | 6 +- .../projects/page-client.tsx | 2 +- .../app/(main)/(protected)/layout-client.tsx | 2 +- .../[projectId]/(overview)/setup-page.tsx | 164 +++--- .../[projectId]/api-keys-app/page-client.tsx | 6 +- .../[projectId]/auth-methods/providers.tsx | 2 +- .../projects/[projectId]/convex/page.tsx | 2 +- .../stores/[storeId]/page-client.tsx | 6 +- .../design-language/page-client.tsx | 2 +- .../email-sent/domain-reputation-card.tsx | 2 +- .../email-settings/domain-settings.tsx | 4 +- .../[projectId]/emails/page-client.tsx | 8 +- .../launch-checklist/page-client.tsx | 18 +- .../projects/[projectId]/payments/layout.tsx | 6 +- .../project-settings/page-client.tsx | 4 +- .../session-replays/page-client.tsx | 2 +- .../teams/[teamId]/page-client.tsx | 2 +- .../users/[userId]/page-client.tsx | 2 +- .../[projectId]/users/page-client.tsx | 2 +- .../[projectId]/vercel/page-client.tsx | 8 +- .../integrations/custom/confirm/page.tsx | 2 +- .../integrations/featurebase/sso/page.tsx | 4 +- .../neon-transfer-confirm-page.tsx | 6 +- .../(main)/integrations/neon/confirm/page.tsx | 2 +- .../app/(main)/integrations/neon/layout.tsx | 2 +- .../integrations/oauth-confirm-card.tsx | 4 +- .../app/(main)/wizard-congrats/actions.tsx | 2 +- apps/dashboard/src/app/api/[...any]/route.tsx | 2 +- .../config/apply-update/route.ts | 2 +- apps/dashboard/src/app/layout-client.tsx | 2 +- apps/dashboard/src/app/layout.tsx | 14 +- .../src/components/cmdk-commands.tsx | 2 +- apps/dashboard/src/components/cmdk-search.tsx | 2 +- .../dashboard-sandbox-host.tsx | 4 + apps/dashboard/src/components/env-keys.tsx | 8 +- .../src/components/feedback-form.tsx | 6 +- apps/dashboard/src/components/navbar.tsx | 2 +- .../project-transfer-confirm-view.tsx | 6 +- .../stack-companion/ai-chat-widget.tsx | 2 +- .../stack-companion/changelog-widget.tsx | 2 +- .../stack-companion/feature-request-board.tsx | 4 +- .../stack-companion/unified-docs-widget.tsx | 16 +- apps/dashboard/src/components/user-dialog.tsx | 2 +- .../components/vibe-coding/code-editor.tsx | 59 +- apps/dashboard/src/instrumentation.ts | 2 +- .../src/lib/ai-dashboard/shared-prompt.ts | 4 +- apps/dashboard/src/lib/api-headers.ts | 2 +- apps/dashboard/src/lib/apps-frontend.tsx | 10 +- apps/dashboard/src/lib/config-update.tsx | 8 +- .../src/lib/github-config-push.test.ts | 2 +- apps/dashboard/src/lib/github-config-push.ts | 6 +- .../api-base-url.test.ts | 12 +- .../api-base-url.ts | 2 +- apps/dashboard/src/lib/version-check.ts | 6 +- apps/dev-launchpad/package.json | 2 +- apps/dev-launchpad/public/index.html | 14 +- apps/e2e/package.json | 2 +- .../endpoints/api/migration-tests.test.ts | 4 +- .../backend/endpoints/api/v1/ai-query.test.ts | 4 +- .../api/v1/auth/oauth/authorize.test.ts | 4 +- .../api/v1/auth/oauth/callback.test.ts | 4 +- .../auth/oauth/callback/apple-native.test.ts | 2 +- .../auth/oauth/cross-domain-authorize.test.ts | 4 +- .../auth/oauth/exact-domain-matching.test.ts | 10 +- .../v1/auth/oauth/wildcard-domains.test.ts | 8 +- .../api/v1/auth/otp/send-sign-in-code.test.ts | 6 +- .../api/v1/auth/password/reset.test.ts | 2 +- .../v1/auth/password/send-reset-code.test.ts | 14 +- .../api/v1/auth/password/sign-up.test.ts | 6 +- .../api/v1/auth/sessions/index.test.ts | 2 +- .../legacy-send-verification-code.test.ts | 8 +- .../send-verification-code.test.ts | 8 +- .../endpoints/api/v1/email-themes.test.ts | 4 +- .../backend/endpoints/api/v1/index.test.ts | 20 +- .../api/v1/integrations/custom/oauth.test.ts | 2 +- .../custom/projects/transfer.test.ts | 4 +- .../api/v1/integrations/neon/api-keys.test.ts | 6 +- .../api/v1/integrations/neon/oauth.test.ts | 2 +- .../neon/projects/transfer.test.ts | 4 +- .../endpoints/api/v1/internal-metrics.test.ts | 2 +- .../api/v1/internal-user-activity.test.ts | 2 +- .../api/v1/internal/api-keys.test.ts | 6 +- .../endpoints/api/v1/internal/config.test.ts | 8 +- .../api/v1/internal/email-drafts.test.ts | 2 +- .../endpoints/api/v1/internal/email.test.ts | 2 +- .../v1/internal/failed-emails-digest.test.ts | 12 +- .../api/v1/internal/feedback.test.ts | 12 +- .../internal/managed-email-onboarding.test.ts | 4 +- .../endpoints/api/v1/internal/mcp.test.ts | 4 +- .../internal/payments/method-configs.test.ts | 10 +- .../api/v1/internal/payments/setup.test.ts | 8 +- .../payments/stripe/account-info.test.ts | 8 +- .../api/v1/internal/projects.test.ts | 4 +- .../v1/internal/sign-up-rules-stats.test.ts | 8 +- .../outdated--create-purchase-url.test.ts | 2 +- .../v1/payments/create-purchase-url.test.ts | 4 +- .../endpoints/api/v1/payments/items.test.ts | 4 +- .../api/v1/payments/products.test.ts | 6 +- .../api/v1/payments/validate-code.test.ts | 2 +- .../backend/endpoints/api/v1/projects.test.ts | 18 +- .../endpoints/api/v1/send-email.test.ts | 2 +- .../endpoints/api/v1/session-replays.test.ts | 8 +- .../endpoints/api/v1/team-invitations.test.ts | 2 +- .../endpoints/api/v1/team-memberships.test.ts | 2 +- .../backend/endpoints/api/v1/users.test.ts | 14 +- .../tests/backend/payment-quota-helpers.ts | 2 +- apps/e2e/tests/general/cli.test.ts | 16 +- apps/e2e/tests/js/app.test.ts | 4 +- apps/hosted-components/src/routes/__root.tsx | 2 +- apps/internal-tool/.env | 2 +- apps/internal-tool/src/app/layout.tsx | 2 +- apps/internal-tool/src/app/questions/page.tsx | 4 +- .../src/components/AddManualQa.tsx | 2 +- apps/internal-tool/src/stack.ts | 2 +- apps/mcp/.env.example | 2 +- apps/mcp/package.json | 2 +- apps/mcp/src/mcp-handler.ts | 8 +- apps/mcp/src/setup-page.ts | 10 +- apps/mock-oauth-server/package.json | 2 +- apps/skills/package.json | 2 +- apps/skills/src/app/route.ts | 82 +-- docker/local-emulator/Dockerfile | 4 +- .../generate-env-development.mjs | 2 +- docker/local-emulator/qemu/README.md | 6 +- .../qemu/cloud-init/emulator/user-data | 2 +- docker/local-emulator/supervisord.conf | 2 +- docs-mintlify/api/overview.mdx | 16 +- docs-mintlify/docs.json | 56 +- .../guides/apps/analytics/overview.mdx | 12 +- .../guides/apps/api-keys/overview.mdx | 86 +-- .../apps/authentication/auth-providers.mdx | 8 +- .../authentication/auth-providers/apple.mdx | 18 +- .../auth-providers/bitbucket.mdx | 12 +- .../authentication/auth-providers/discord.mdx | 14 +- .../auth-providers/facebook.mdx | 14 +- .../authentication/auth-providers/github.mdx | 20 +- .../authentication/auth-providers/gitlab.mdx | 12 +- .../authentication/auth-providers/google.mdx | 14 +- .../auth-providers/linkedin.mdx | 12 +- .../auth-providers/microsoft.mdx | 14 +- .../authentication/auth-providers/passkey.mdx | 20 +- .../authentication/auth-providers/spotify.mdx | 14 +- .../authentication/auth-providers/twitch.mdx | 12 +- .../auth-providers/two-factor-auth.mdx | 26 +- .../auth-providers/x-twitter.mdx | 12 +- .../authentication/cli-authentication.mdx | 10 +- .../authentication/connected-accounts.mdx | 8 +- .../guides/apps/authentication/jwts.mdx | 66 +-- .../guides/apps/authentication/overview.mdx | 2 +- .../apps/authentication/user-onboarding.mdx | 4 +- .../guides/apps/data-vault/overview.mdx | 12 +- docs-mintlify/guides/apps/emails/overview.mdx | 28 +- .../guides/apps/launch-checklist/overview.mdx | 18 +- .../guides/apps/payments/overview.mdx | 20 +- docs-mintlify/guides/apps/rbac/overview.mdx | 8 +- .../guides/apps/teams/team-selection.mdx | 6 +- docs-mintlify/guides/faq.mdx | 6 +- .../guides/getting-started/ai-integration.mdx | 62 +-- .../guides/getting-started/setup.mdx | 514 +++++++++--------- .../getting-started/user-fundamentals.mdx | 68 +-- .../going-further/backend-integration.mdx | 22 +- docs-mintlify/guides/going-further/cli.mdx | 16 +- .../going-further/local-development.mdx | 54 +- .../guides/going-further/local-emulator.mdx | 34 +- .../guides/going-further/stack-app.mdx | 12 +- .../guides/going-further/user-metadata.mdx | 4 +- .../guides/integrations/convex/overview.mdx | 28 +- .../guides/integrations/supabase/overview.mdx | 18 +- .../integrations/tanstack-start/overview.mdx | 42 +- .../guides/integrations/vercel/overview.mdx | 10 +- docs-mintlify/guides/other/known-errors.mdx | 6 +- docs-mintlify/guides/other/self-host.mdx | 44 +- docs-mintlify/guides/other/showcase.mdx | 2 +- .../build-a-saas-with-stack-auth.mdx | 44 +- .../tutorials/build-a-team-based-app.mdx | 22 +- .../tutorials/ship-production-ready-auth.mdx | 10 +- docs-mintlify/index.mdx | 12 +- docs-mintlify/migration.mdx | 68 +++ docs-mintlify/openapi/admin.json | 330 ++++++----- docs-mintlify/openapi/client.json | 272 +++++---- docs-mintlify/openapi/server.json | 310 +++++++---- docs-mintlify/openapi/webhooks.json | 22 +- docs-mintlify/sdk/hooks/use-stack-app.mdx | 12 +- docs-mintlify/sdk/hooks/use-user.mdx | 4 +- docs-mintlify/sdk/objects/stack-app.mdx | 60 +- docs-mintlify/sdk/overview.mdx | 10 +- docs-mintlify/sdk/types/api-key.mdx | 2 +- docs-mintlify/sdk/types/customer.mdx | 4 +- docs-mintlify/sdk/types/email.mdx | 6 +- docs-mintlify/sdk/types/item.mdx | 4 +- docs-mintlify/sdk/types/user.mdx | 2 +- docs-mintlify/snippets/home-prompt-island.jsx | 2 +- examples/cjs-test/.env.development | 2 +- examples/cjs-test/package.json | 2 +- examples/convex/.env.development | 2 +- examples/convex/package.json | 2 +- examples/demo/.env.development | 2 +- examples/demo/cli-sim.mjs | 4 +- examples/demo/package.json | 2 +- examples/demo/src/app/page-client.tsx | 4 +- examples/demo/src/app/payments-demo/page.tsx | 2 +- examples/demo/src/app/tokens-demo/page.tsx | 4 +- examples/demo/src/components/header.tsx | 2 +- examples/docs-examples/.env.development | 2 +- examples/docs-examples/package.json | 2 +- examples/e-commerce/.env.development | 2 +- examples/e-commerce/package.json | 2 +- examples/e-commerce/src/app/layout.tsx | 6 +- examples/js-example/.env.development | 2 +- examples/js-example/index.html | 4 +- examples/js-example/package.json | 2 +- .../lovable-react-18-example/.cursor/mcp.json | 2 +- .../lovable-react-18-example/.env.development | 2 +- examples/lovable-react-18-example/.mcp.json | 2 +- .../lovable-react-18-example/package.json | 2 +- examples/middleware/.env.development | 2 +- examples/middleware/package.json | 2 +- examples/middleware/src/app/layout.tsx | 2 +- examples/react-example/.env.development | 2 +- examples/react-example/index.html | 2 +- examples/react-example/package.json | 2 +- examples/supabase/.env.development | 2 +- examples/supabase/package.json | 2 +- examples/supabase/utils/actions.ts | 2 +- examples/tanstack-start-demo/package.json | 4 +- .../src/components/auth-demo-card.tsx | 4 +- .../tanstack-start-demo/src/routes/__root.tsx | 4 +- .../tanstack-start-demo/src/routes/client.tsx | 4 +- .../tanstack-start-demo/src/routes/index.tsx | 2 +- .../src/routes/protected.tsx | 2 +- .../tanstack-start-demo/src/routes/ssr.tsx | 6 +- package.json | 2 +- packages/dashboard-ui-components/package.json | 2 +- packages/init-stack/README.md | 10 +- packages/init-stack/package.json | 6 +- packages/init-stack/src/index.ts | 96 ++-- packages/init-stack/src/mcp.ts | 2 +- packages/init-stack/src/telegram.ts | 2 +- packages/js/package.json | 4 +- packages/react/package.json | 4 +- packages/stack-cli/package.json | 6 +- packages/stack-cli/src/commands/dev.ts | 24 +- packages/stack-cli/src/commands/doctor.ts | 6 +- packages/stack-cli/src/commands/emulator.ts | 4 +- packages/stack-cli/src/commands/exec.ts | 4 +- packages/stack-cli/src/commands/fix.ts | 12 +- packages/stack-cli/src/commands/init.ts | 30 +- packages/stack-cli/src/commands/login.ts | 2 +- packages/stack-cli/src/commands/logout.ts | 2 +- packages/stack-cli/src/commands/whoami.ts | 2 +- packages/stack-cli/src/index.ts | 2 +- packages/stack-cli/src/lib/auth.ts | 4 +- packages/stack-cli/src/lib/claude-agent.ts | 4 +- .../stack-cli/src/lib/dev-env-state.test.ts | 2 +- packages/stack-sc/package.json | 2 +- packages/stack-shared/package.json | 2 +- packages/stack-shared/src/ai/prompts.ts | 248 ++++----- packages/stack-shared/src/apps/apps-config.ts | 4 +- packages/stack-shared/src/config/README.md | 10 +- packages/stack-shared/src/config/format.ts | 3 +- .../stack-shared/src/helpers/init-prompt.ts | 58 +- .../src/interface/client-interface.ts | 8 +- .../src/interface/page-component-versions.ts | 16 +- packages/stack-shared/src/known-errors.tsx | 22 +- packages/stack-shared/src/local-emulator.ts | 2 +- packages/stack-shared/src/plans.ts | 2 +- .../src/utils/dev-env-state-path.ts | 2 +- packages/stack-shared/src/utils/errors.tsx | 2 +- .../stack-shared/src/utils/featurebase.tsx | 8 +- packages/stack-shared/src/utils/react.tsx | 2 +- packages/stack-shared/src/utils/urls.tsx | 9 + packages/stack-ui/package.json | 2 +- packages/stack/package.json | 4 +- packages/tanstack-start/package.json | 4 +- packages/template/README.md | 18 +- packages/template/package-template.json | 4 +- packages/template/package.json | 4 +- .../template/src/dev-tool/dev-tool-core.ts | 26 +- packages/template/src/dev-tool/index.ts | 2 +- packages/template/src/index.ts | 25 +- .../integrations/convex/component/README.md | 20 +- .../src/internal/deprecation-warning.ts | 52 ++ .../stack-app/apps/implementations/common.ts | 10 +- .../template/src/lib/stack-app/apps/index.ts | 2 + .../stack-app/apps/interfaces/client-app.ts | 4 +- packages/template/src/lib/stack-app/index.ts | 38 +- .../src/lib/stack-app/url-targets.test.ts | 2 +- .../template/src/lib/stack-app/url-targets.ts | 2 +- .../template/src/lib/stack-app/users/index.ts | 2 +- .../template/src/utils/browser-script.tsx | 2 +- scripts/generate-setup-prompt-docs.ts | 4 +- scripts/rewrite-packages-to-hexclave.ts | 208 +++++++ .../swift/Examples/StackAuthMacOS/README.md | 8 +- .../StackAuthMacOS/StackAuthMacOSApp.swift | 2 +- .../swift/Examples/StackAuthiOS/README.md | 8 +- sdks/implementations/swift/README.md | 4 +- .../swift/Sources/StackAuth/APIClient.swift | 2 +- .../swift/Sources/StackAuth/Errors.swift | 4 +- .../Sources/StackAuth/StackClientApp.swift | 8 +- .../Sources/StackAuth/StackServerApp.swift | 4 +- sdks/implementations/swift/package.json | 2 +- sdks/spec/README.md | 6 +- sdks/spec/package.json | 2 +- sdks/spec/src/_utilities.spec.md | 6 +- sdks/spec/src/apps/client-app.spec.md | 8 +- sdks/spec/src/apps/server-app.spec.md | 2 +- skills/stack-auth/SKILL.md | 18 +- 380 files changed, 3109 insertions(+), 2371 deletions(-) create mode 100644 apps/backend/prisma/migrations/20260523000000_rename_internal_project_to_hexclave/migration.sql create mode 100644 docs-mintlify/migration.mdx create mode 100644 packages/template/src/internal/deprecation-warning.ts create mode 100644 scripts/rewrite-packages-to-hexclave.ts diff --git a/.agents/skills/pr-visual-writeup/references/capture-patterns.md b/.agents/skills/pr-visual-writeup/references/capture-patterns.md index bca9963c8d..0aa9e21ac1 100644 --- a/.agents/skills/pr-visual-writeup/references/capture-patterns.md +++ b/.agents/skills/pr-visual-writeup/references/capture-patterns.md @@ -108,7 +108,7 @@ Return contract: Why the two-consecutive-stable-reads check: a single `ready` flicker can land between a skeleton disappearing and the real content swapping in. Two consecutive 250ms ticks with identical body HTML length means the DOM has actually settled. -Tune the skeleton selector list for your codebase. The Stack Auth dashboard uses Tailwind `.animate-pulse` extensively for loading rows — that's the highest-signal one. Inspect the diff or the running app once and add any project-specific loading markers (`Spinner` component class, etc.) to the selector list in the subagent prompt rather than guessing. +Tune the skeleton selector list for your codebase. The Hexclave dashboard uses Tailwind `.animate-pulse` extensively for loading rows — that's the highest-signal one. Inspect the diff or the running app once and add any project-specific loading markers (`Spinner` component class, etc.) to the selector list in the subagent prompt rather than guessing. After `wait-for-ready` returns `ok`, still sleep ~300ms before screenshotting so any final animations (slide-in, fade, etc.) land on their resting frame. diff --git a/.agents/skills/pr-visual-writeup/scripts/detect_dev_server.sh b/.agents/skills/pr-visual-writeup/scripts/detect_dev_server.sh index d1fe410ac5..b3509b077b 100755 --- a/.agents/skills/pr-visual-writeup/scripts/detect_dev_server.sh +++ b/.agents/skills/pr-visual-writeup/scripts/detect_dev_server.sh @@ -4,8 +4,8 @@ # # Output (one per line): \t\t<url> # Example: -# 8101 Stack Auth Dashboard http://localhost:8101 -# 8102 Stack Auth API http://localhost:8102 +# 8101 Hexclave Dashboard http://localhost:8101 +# 8102 Hexclave API http://localhost:8102 # # Use the output to pick the right port for screenshotting. A common convention # is that the "dashboard" / "app" is the one you want; the API/docs/OAuth servers diff --git a/.devcontainer/README.md b/.devcontainer/README.md index e8822d0315..770bfbf2a8 100644 --- a/.devcontainer/README.md +++ b/.devcontainer/README.md @@ -1,6 +1,6 @@ -# Stack Auth Development Container +# Hexclave Development Container -This development container provides a standardized development environment for working on Stack Auth. +This development container provides a standardized development environment for working on Hexclave. ## Getting Started diff --git a/.devcontainer/devcontainer.json b/.devcontainer/devcontainer.json index 9819dad736..7fcf9e8318 100644 --- a/.devcontainer/devcontainer.json +++ b/.devcontainer/devcontainer.json @@ -1,5 +1,5 @@ { - "name": "Stack Auth Development", + "name": "Hexclave Development", "image": "mcr.microsoft.com/devcontainers/base:ubuntu", "features": { "ghcr.io/devcontainers/features/node:1": { diff --git a/.github/SECURITY.md b/.github/SECURITY.md index 7b930d4ad0..f295ec217c 100644 --- a/.github/SECURITY.md +++ b/.github/SECURITY.md @@ -2,14 +2,14 @@ ## Supported Versions -Only the latest versions of Stack Auth's server and client packages are supported. We do not provide security updates for older versions. +Only the latest versions of Hexclave's server and client packages are supported. We do not provide security updates for older versions. -If you would like to get security consulting regarding older versions of on-prem or self-hosted deployments of Stack Auth, please [contact us](mailto:team@stack-auth.com). +If you would like to get security consulting regarding older versions of on-prem or self-hosted deployments of Hexclave, please [contact us](mailto:team@hexclave.com). ## Reporting a Vulnerability -Stack Auth practices [responsible disclosure](https://en.wikipedia.org/wiki/Coordinated_vulnerability_disclosure). This helps us protect our users, but requires your cooperation. +Hexclave practices [responsible disclosure](https://en.wikipedia.org/wiki/Coordinated_vulnerability_disclosure). This helps us protect our users, but requires your cooperation. -Please disclose security vulnerabilities responsibly by emailing us at security@stack-auth.com. In this case, we will get back to you within 96 hours, and aim to get a fix released as soon as possible. We will disclose the issue publicly after at most 90 days. +Please disclose security vulnerabilities responsibly by emailing us at security@hexclave.com. In this case, we will get back to you within 96 hours, and aim to get a fix released as soon as possible. We will disclose the issue publicly after at most 90 days. Hence, we ask you not to publicize issues until the 90 days deadline is over. Also, please do not create GitHub issues with security vulnerabilities; instead, email us directly at the address above. diff --git a/.github/pull_request_template.md b/.github/pull_request_template.md index 1f2c096d9a..c210fb0d38 100644 --- a/.github/pull_request_template.md +++ b/.github/pull_request_template.md @@ -1,5 +1,5 @@ <!-- -Make sure you've read the CONTRIBUTING.md guidelines: https://github.com/hexclave/stack-auth/blob/dev/CONTRIBUTING.md +Make sure you've read the CONTRIBUTING.md guidelines: https://github.com/hexclave/hexclave/blob/dev/CONTRIBUTING.md --> diff --git a/.github/workflows/npm-publish.yaml b/.github/workflows/npm-publish.yaml index aa0d781f50..3a52c29835 100644 --- a/.github/workflows/npm-publish.yaml +++ b/.github/workflows/npm-publish.yaml @@ -88,3 +88,29 @@ jobs: git commit -m "chore: update package versions" git push origin dev + + # Hexclave rebrand mirror publish (Tier 2). Each publishable `@stackframe/*` + # package is re-published as `@hexclave/*` with all cross-deps pinned to one + # shared `@hexclave` version. Built artifacts (`dist/`) are also rewritten by + # the script so cross-package require()/import specifiers + the build-time + # package-version sentinel point at `@hexclave/*` instead of `@stackframe/*`. + # + # Hardcoded to 1.0.0 — `pnpm publish` skips versions already on npm, so + # after the first successful run on main this becomes a no-op. PR 3 in + # the rebrand sequence renames the source packages natively to + # `@hexclave/*` and deletes this entire mirror flow; until then, 1.0.0 + # is the one-shot cutover version. + # + # Runs AFTER `Update package versions on dev` because that step asserts a + # clean working tree (`git diff --exit-code HEAD`); the rewrite below + # mutates package.json files in-place and would trip that assertion. + - name: Checkout main for Hexclave mirror rewrite + run: git checkout main + + - name: Rewrite package names to @hexclave/* + run: pnpm tsx scripts/rewrite-packages-to-hexclave.ts --version=1.0.0 + + - name: Publish @hexclave/* mirror packages + run: pnpm publish -r --no-git-checks --access public + env: + NPM_CONFIG_PROVENANCE: true diff --git a/AGENTS.md b/AGENTS.md index 8feddfe47e..77626849cd 100644 --- a/AGENTS.md +++ b/AGENTS.md @@ -31,7 +31,7 @@ You should ALWAYS add new E2E tests when you change the API or SDK interface. Ge ## Architecture Overview -Stack Auth is a monorepo using Turbo for build orchestration. The main components are: +Hexclave is a monorepo using Turbo for build orchestration. The main components are: ### Apps (`/apps`) - **backend** (`/apps/backend`): Next.js API backend running on port `${NEXT_PUBLIC_STACK_PORT_PREFIX:-81}02` (defaults to 8102) @@ -82,7 +82,7 @@ To see all development ports, refer to the index.html of `apps/dev-launchpad/pub - Whenever you make backwards-incompatible changes to the config schema, you must update the migration functions in `packages/stack-shared/src/config/schema.ts`! - NEVER try-catch-all, NEVER void a promise, and NEVER .catch(console.error) (or similar). In most cases you don't actually need to be asynchronous, especially when UI is involved (instead, use a loading indicator! eg. our <Button> component already takes an async callback for onClick and sets its loading state accordingly — if whatever component doesn't do that, update the component instead). If you really do need things to be asynchronous, use `runAsynchronously` or `runAsynchronouslyWithAlert` instead as it deals with error logging. - WHENEVER you create hover transitions, avoid hover-enter transitions, and just use hover-exit transitions. For example, `transition-colors hover:transition-none`. -- Any environment variables you create should be prefixed with `STACK_` (or NEXT_PUBLIC_STACK_ if they are public). This ensures that their changes are picked up by Turborepo (and helps readability). +- Any environment variables you create should be prefixed with `HEXCLAVE_` (or `NEXT_PUBLIC_HEXCLAVE_` if they are public) for new customer-facing or framework-internal vars. This ensures that their changes are picked up by Turborepo (and helps readability). Self-host operator vars (e.g. `STACK_DATABASE_CONNECTION_STRING`) and build/dev/test vars (e.g. `NEXT_PUBLIC_STACK_API_URL` in dev fixtures) stay `STACK_`-prefixed for now — the dual-read shim accepts both. The Hexclave SDK reads both prefixes; new names take precedence when both are set. - NEVER just silently use fallback values or whatever when you don't know how to fix type errors. If there is a state that should never happen because of higher-level logic, and the type system doesn't represent that, either update the types or throw an error. Stuff like `?? 0` or `?? ""` is often code smell when `?? throwErr("this should never happen because XYZ")` would be better. - Code defensively. Prefer `?? throwErr(...)` over non-null assertions, with good error messages explicitly stating the assumption that must've been violated for the error to be thrown. - Try to avoid the `any` type. Whenever you need to use `any`, leave a comment explaining why you're using it (optimally it explains why the type system fails here, and how you can be certain that any errors in that code path would still be flagged at compile-, test-, or runtime). @@ -92,7 +92,7 @@ To see all development ports, refer to the index.html of `apps/dev-launchpad/pub - IMPORTANT: Any assumption you make should either be validated through type system (preferred), assertions, or tests. Optimally, two out of three. - If there is an external browser tool connected, use it to test changes you make to the frontend when possible. - Whenever you update an SDK implementation in `sdks/implementations`, make sure to update the specs accordingly in `sdks/specs` such that if you reimplemented the entire SDK from the specs again, you would get the same implementation. (For example, if the specs are not precise enough to describe a change you made, make the specs more precise.) -- When building internal tools for Stack Auth developers (eg. internal interfaces like the WAL info log etc.): Make the interfaces look very concise, assume the user is a pro-user. This only applies to internal tools that are used primarily by Stack Auth developers. +- When building internal tools for Hexclave developers (eg. internal interfaces like the WAL info log etc.): Make the interfaces look very concise, assume the user is a pro-user. This only applies to internal tools that are used primarily by Hexclave developers. - The dev server already builds the packages in the background whenever you update a file. If you run into issues with typechecking or linting in a dependency after updating something in a package, just wait a few seconds, and then try again, and they will likely be resolved. - When asked to review PR comments, you can use `gh pr status` to get the current pull request you're working on. - NEVER EVER AUTOMATICALLY COMMIT OR STAGE ANY CHANGES — DON'T MODIFY GIT WITHOUT USER CONSENT! if its already staged and you didnt do it then dont unstage it. diff --git a/CHANGELOG.md b/CHANGELOG.md index c21e624327..bd800d5847 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,4 +1,4 @@ -# Stack Auth Changelog +# Hexclave Changelog --- diff --git a/CLAUDE.md b/CLAUDE.md index dc54ebb389..3241b24fdb 100644 --- a/CLAUDE.md +++ b/CLAUDE.md @@ -1,4 +1,4 @@ -# Stack Auth +# Hexclave ## Commands - **Lint**: `pnpm lint` diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 13d47e61ed..6f6184c313 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -1,6 +1,6 @@ -# Contributing to Stack Auth +# Contributing to Hexclave -Welcome to Stack Auth! +Welcome to Hexclave! Due to the nature of authentication, this may not be the easiest project to contribute to, so if you are looking for projects to help gain programming experience, we may not be a great match. If you're looking for projects for beginners, check out [Awesome First PR Opportunities](https://github.com/MunGell/awesome-for-beginners). @@ -19,18 +19,18 @@ Due to the nature of authentication, this may not be the easiest project to cont ## How to contribute -If you think Stack Auth is a good fit for you, follow these steps: +If you think Hexclave is a good fit for you, follow these steps: -1. Join [our Discord](https://discord.stack-auth.com) -2. [Use Stack Auth](https://docs.stack-auth.com/). The best way to understand the project is to use it. Build an application on top of Stack Auth, and post it on GitHub or write a blog post about how you built it. This also lets us assess your skills and understand where you could best help the project. +1. Join [our Discord](https://discord.hexclave.com) +2. [Use Hexclave](https://docs.hexclave.com/). The best way to understand the project is to use it. Build an application on top of Hexclave, and post it on GitHub or write a blog post about how you built it. This also lets us assess your skills and understand where you could best help the project. 3. Give us feedback on Discord or GitHub; let us know where you got stuck, and which things you wish were easier. (We appreciate contributions most when they solve problems the authors encountered themselves in real usage.) -4. Contribute to the [documentation](https://docs.stack-auth.com) and create examples & guides. This way, you can share your knowledge and expertise with everyone else who's just getting started. +4. Contribute to the [documentation](https://docs.hexclave.com) and create examples & guides. This way, you can share your knowledge and expertise with everyone else who's just getting started. 5. Only then, start [contributing to the codebase](README.md#-development--contribution). Coordinate with us on Discord beforehand to ensure we are not working on the same thing already, and to make sure a task is not more difficult than it seems. ## Security & bug bounties -For any security-related concerns & bug bounties, please email us at [security@stack-auth.com](mailto:security@stack-auth.com). +For any security-related concerns & bug bounties, please email us at [security@hexclave.com](mailto:security@hexclave.com). ## Vibecoding setup @@ -47,7 +47,7 @@ For vibecoding, it can help to have multiple parallel copies of the codebase ope eval "$(/path/to/direnv hook <bash|zsh>)" eval "$(/path/to/direnv export <bash|zsh>)" ``` -3. Now, create a `.envrc` file in the root of Stack Auth's codebase with the following content: +3. Now, create a `.envrc` file in the root of Hexclave's codebase with the following content: ```sh # .envrc # make sure to install direnv and add it to your shell rc file (e.g. ~/.bashrc or ~/.zshrc) diff --git a/LICENSE b/LICENSE index ec56a714f5..ce279295fb 100644 --- a/LICENSE +++ b/LICENSE @@ -2,4 +2,4 @@ Stack is licensed per-package, and 100% open-source. Generally speaking, client code and examples are licensed under an open-source MIT license, while server components are licensed under an open-source AGPLv3 license. Please refer to each package's `LICENSE` files for more information. -We also have enterprise licenses available, if you prefer; please contact [enterprise@stack-auth.com](mailto:enterprise@stack-auth.com). +We also have enterprise licenses available, if you prefer; please contact [enterprise@hexclave.com](mailto:enterprise@hexclave.com). diff --git a/README.md b/README.md index 32f2d87400..46c9711969 100644 --- a/README.md +++ b/README.md @@ -1,22 +1,22 @@ -[![Stack Logo](/.github/assets/logo.png)](https://stack-auth.com) +[![Stack Logo](/.github/assets/logo.png)](https://hexclave.com) <h3 align="center"> - <a href="https://docs.stack-auth.com">📘 Docs</a> - | <a href="https://stack-auth.com/">☁️ Hosted Version</a> - | <a href="https://demo.stack-auth.com/">✨ Demo</a> - | <a href="https://discord.stack-auth.com">🎮 Discord</a> + <a href="https://docs.hexclave.com">📘 Docs</a> + | <a href="https://hexclave.com/">☁️ Hosted Version</a> + | <a href="https://demo.hexclave.com/">✨ Demo</a> + | <a href="https://discord.hexclave.com">🎮 Discord</a> </h4> -# Stack Auth: The open-source auth platform +# Hexclave: The open-source auth platform -Stack Auth is a managed user authentication solution. It is developer-friendly and fully open-source (licensed under MIT and AGPL). +Hexclave is a managed user authentication solution. It is developer-friendly and fully open-source (licensed under MIT and AGPL). -Stack Auth gets you started in just five minutes, after which you'll be ready to use all of its features as you grow your project. Our managed service is completely optional and you can export your user data and self-host, for free, at any time. +Hexclave gets you started in just five minutes, after which you'll be ready to use all of its features as you grow your project. Our managed service is completely optional and you can export your user data and self-host, for free, at any time. -We support Next.js, React, and JavaScript frontends, along with any backend that can use our [REST API](https://docs.stack-auth.com/api/overview). Check out our [setup guide](https://docs.stack-auth.com/docs/next/getting-started/setup) to get started. +We support Next.js, React, and JavaScript frontends, along with any backend that can use our [REST API](https://docs.hexclave.com/api/overview). Check out our [setup guide](https://docs.hexclave.com/docs/next/getting-started/setup) to get started. <div align="center"> -<img alt="Stack Auth Setup" src=".github/assets/create-project.gif" width="400" /> +<img alt="Hexclave Setup" src=".github/assets/create-project.gif" width="400" /> </div> ## Table of contents @@ -27,7 +27,7 @@ We support Next.js, React, and JavaScript frontends, along with any backend that - [How is this different from X?](#how-is-this-different-from-x) - [✨ Features](#-features) - [📦 Installation & Setup](#-installation--setup) -- [🌱 Some community projects built with Stack Auth](#-some-community-projects-built-with-stack-auth) +- [🌱 Some community projects built with Hexclave](#-some-community-projects-built-with-hexclave) - [Templates](#templates) - [Examples](#examples) - [🏗 Development & Contribution](#-development--contribution) @@ -46,7 +46,7 @@ Ask yourself about `X`: - Is `X` developer-friendly, well-documented, and lets you get started in minutes? - Besides authentication, does `X` also do authorization and user management (see feature list below)? -If you answered "no" to any of these questions, then that's how Stack Auth is different from `X`. +If you answered "no" to any of these questions, then that's how Hexclave is different from `X`. ## ✨ Features @@ -60,25 +60,25 @@ To get notified first when we add new features, please subscribe to [our newslet | <h3>Account settings</h3> Lets users update their profile, verify their e-mail, or change their password. No setup required. | <img alt="Account settings component" src=".github/assets/account-settings.png" width="300px"> | | <h3>Multi-tenancy & teams</h3> Manage B2B customers with an organization structure that makes sense and scales to millions. | <img alt="Selected team switcher component" src=".github/assets/team-switcher.png" width="400px"> | | <h3>Role-based access control</h3> Define an arbitrary permission graph and assign it to users. Organizations can create org-specific roles. | <img alt="RBAC" src=".github/assets/permissions.png" width="400px"> | -| <h3>OAuth Connections</h3>Beyond login, Stack Auth can also manage access tokens for third-party APIs, such as Outlook and Google Calendar. It handles refreshing tokens and controlling scope, making access tokens accessible via a single function call. | <img alt="OAuth tokens" src=".github/assets/connected-accounts.png" width="250px"> | +| <h3>OAuth Connections</h3>Beyond login, Hexclave can also manage access tokens for third-party APIs, such as Outlook and Google Calendar. It handles refreshing tokens and controlling scope, making access tokens accessible via a single function call. | <img alt="OAuth tokens" src=".github/assets/connected-accounts.png" width="250px"> | | <h3>Passkeys</h3> Support for passwordless authentication using passkeys, allowing users to sign in securely with biometrics or security keys across all their devices. | <img alt="OAuth tokens" src=".github/assets/passkeys.png" width="400px"> | | <h3>Impersonation</h3> Impersonate users for debugging and support, logging into their account as if you were them. | <img alt="Webhooks" src=".github/assets/impersonate.png" width="350px"> | | <h3>Webhooks</h3> Get notified when users use your product, built on Svix. | <img alt="Webhooks" src=".github/assets/stack-webhooks.png" width="300px"> | | <h3>Automatic emails</h3> Send customizable emails on triggers such as sign-up, password reset, and email verification, editable with a WYSIWYG editor. | <img alt="Email templates" src=".github/assets/email-editor.png" width="400px"> | -| <h3>User session & JWT handling</h3> Stack Auth manages refresh and access tokens, JWTs, and cookies, resulting in the best performance at no implementation cost. | <img alt="User button" src=".github/assets/user-button.png" width="400px"> | +| <h3>User session & JWT handling</h3> Hexclave manages refresh and access tokens, JWTs, and cookies, resulting in the best performance at no implementation cost. | <img alt="User button" src=".github/assets/user-button.png" width="400px"> | | <h3>M2M authentication</h3> Use short-lived access tokens to authenticate your machines to other machines. | <img src=".github/assets/m2m-auth.png" alt="M2M authentication" width="400px"> | ## 📦 Installation & Setup -To install Stack Auth in your Next.js project (for React, JavaScript, or other frameworks, see our [complete documentation](https://docs.stack-auth.com)): +To install Hexclave in your Next.js project (for React, JavaScript, or other frameworks, see our [complete documentation](https://docs.hexclave.com)): -1. Run Stack Auth's installation wizard with the following command: +1. Run Hexclave's installation wizard with the following command: ```bash - npx @stackframe/stack-cli@latest init + npx @hexclave/cli@latest init ``` -2. Then, create an account on the [Stack Auth dashboard](https://app.stack-auth.com/projects), create a new project with an API key, and copy its environment variables into the .env.local file of your Next.js project: +2. Then, create an account on the [Hexclave dashboard](https://app.hexclave.com/projects), create a new project with an API key, and copy its environment variables into the .env.local file of your Next.js project: ``` NEXT_PUBLIC_STACK_PROJECT_ID=<your-project-id> NEXT_PUBLIC_STACK_PUBLISHABLE_CLIENT_KEY=<your-publishable-client-key> @@ -86,27 +86,27 @@ To install Stack Auth in your Next.js project (for React, JavaScript, or other f ``` 3. That's it! You can run your app with `npm run dev` and go to [http://localhost:3000/handler/signup](http://localhost:3000/handler/signup) to see the sign-up page. You can also check out the account settings page at [http://localhost:3000/handler/account-settings](http://localhost:3000/handler/account-settings). -Check out the [documentation](https://docs.stack-auth.com/getting-started/setup) for a more detailed guide. +Check out the [documentation](https://docs.hexclave.com/getting-started/setup) for a more detailed guide. -## 🌱 Some community projects built with Stack Auth +## 🌱 Some community projects built with Hexclave -Have your own? Happy to feature it if you create a PR or message us on [Discord](https://discord.stack-auth.com). +Have your own? Happy to feature it if you create a PR or message us on [Discord](https://discord.hexclave.com). ### Templates -- [Stack Auth Template by Stack Auth Team](https://github.com/hexclave/stack-auth-template) +- [Hexclave Template by Hexclave Team](https://github.com/hexclave/hexclave-template) - [Next SaaSkit by wolfgunblood](https://github.com/wolfgunblood/nextjs-saaskit) - [SaaS Boilerplate by Robin Faraj](https://github.com/robinfaraj/saas-boilerplate) ### Examples -- [Stack Auth Example by career-tokens](https://github.com/career-tokens/StackYCAuth) -- [Stack Auth Demo by the Stack Auth team](https://github.com/hexclave/stack-auth/tree/dev/examples/demo) -- [Stack Auth E-Commerce Example by the Stack Auth team](https://github.com/hexclave/stack-auth/tree/dev/examples/e-commerce) +- [Hexclave Example by career-tokens](https://github.com/career-tokens/StackYCAuth) +- [Hexclave Demo by the Hexclave team](https://github.com/hexclave/hexclave/tree/dev/examples/demo) +- [Hexclave E-Commerce Example by the Hexclave team](https://github.com/hexclave/hexclave/tree/dev/examples/e-commerce) ## 🏗 Development & Contribution -This is for you if you want to contribute to the Stack Auth project or run the Stack Auth dashboard locally. +This is for you if you want to contribute to the Hexclave project or run the Hexclave dashboard locally. -**Important**: Please read the [contribution guidelines](CONTRIBUTING.md) carefully and join [our Discord](https://discord.stack-auth.com) if you'd like to help. +**Important**: Please read the [contribution guidelines](CONTRIBUTING.md) carefully and join [our Discord](https://discord.hexclave.com) if you'd like to help. ### Requirements @@ -191,6 +191,6 @@ Note: When working with AI, you should keep a terminal tab with the dev server o ## ❤ Contributors -<a href="https://github.com/hexclave/stack-auth/graphs/contributors"> +<a href="https://github.com/hexclave/hexclave/graphs/contributors"> <img src="https://contrib.rocks/image?repo=stack-auth/stack&columns=9" width="100%" /> </a> diff --git a/RENAME-TO-HEXCLAVE.md b/RENAME-TO-HEXCLAVE.md index f0eac2df13..b2ecf6c3d8 100644 --- a/RENAME-TO-HEXCLAVE.md +++ b/RENAME-TO-HEXCLAVE.md @@ -449,7 +449,7 @@ Notes: | Old (kept) | New (mirrored) | |---|---| | `@stackframe/react` | `@hexclave/react` | -| `@stackframe/stack` | `@hexclave/stack` | +| `@stackframe/stack` | `@hexclave/next` | | `@stackframe/js` | `@hexclave/js` | | `@stackframe/stack-shared` | `@hexclave/shared` | | `@stackframe/stack-ui` | `@hexclave/ui` | @@ -950,7 +950,7 @@ Compatibility-sensitive enough to be part of the implementation plan, not implic ### Packages - [ ] `npm install @stackframe/stack` → imports `StackClientApp` AND `HexclaveClientApp` -- [ ] `npm install @hexclave/stack` → same, both aliases available +- [ ] `npm install @hexclave/next` → same, both aliases available - [ ] Generated `.d.ts` exposes both names - [ ] Source maps resolve - [ ] Both packages can be installed side-by-side without conflicts diff --git a/apps/backend/.env b/apps/backend/.env index cceae5f704..9aa8a0d8d6 100644 --- a/apps/backend/.env +++ b/apps/backend/.env @@ -1,6 +1,6 @@ # Basic -NEXT_PUBLIC_STACK_API_URL=# the base URL of Stack's backend/API. For local development, this is `http://localhost:8102`; for the managed service, this is `https://api.stack-auth.com`. -NEXT_PUBLIC_STACK_DASHBOARD_URL=# the URL of Stack's dashboard. For local development, this is `http://localhost:8101`; for the managed service, this is `https://app.stack-auth.com`. +NEXT_PUBLIC_STACK_API_URL=# the base URL of Stack's backend/API. For local development, this is `http://localhost:8102`; for the managed service, this is `https://api.hexclave.com`. +NEXT_PUBLIC_STACK_DASHBOARD_URL=# the URL of Stack's dashboard. For local development, this is `http://localhost:8101`; for the managed service, this is `https://app.hexclave.com`. NEXT_PUBLIC_STACK_IS_LOCAL_EMULATOR=# set to true to enable local emulator-only behaviors (internal local emulator endpoints, read-only environment config overrides, and local emulator auth UX) STACK_SECRET_SERVER_KEY=# a random, unguessable secret key generated by `pnpm generate-keys` @@ -34,7 +34,7 @@ STACK_SPOTIFY_CLIENT_SECRET=# client secret STACK_ALLOW_SHARED_OAUTH_ACCESS_TOKENS=# allow shared oauth provider to also use connected account access token, this should only be used for development and testing -STACK_DISABLE_PLAN_LIMITS=# set to "true" to bypass enforcement of Stack Auth's own internal-tenancy plan limits (analytics_events, session_replays, emails_per_month, dashboard_admins seat cap, auth_users soft cap, analytics_timeout_seconds). Default unset/false preserves enforcement. Intended as a temporary cutover safety net while the plan-limits infrastructure rolls out — customer projects' own item APIs are unaffected by this flag. +STACK_DISABLE_PLAN_LIMITS=# set to "true" to bypass enforcement of Hexclave's own internal-tenancy plan limits (analytics_events, session_replays, emails_per_month, dashboard_admins seat cap, auth_users soft cap, analytics_timeout_seconds). Default unset/false preserves enforcement. Intended as a temporary cutover safety net while the plan-limits infrastructure rolls out — customer projects' own item APIs are unaffected by this flag. # Email # For local development, you can spin up a local SMTP server like inbucket diff --git a/apps/backend/.env.development b/apps/backend/.env.development index ff9ea83dfb..5372d1a9b1 100644 --- a/apps/backend/.env.development +++ b/apps/backend/.env.development @@ -4,7 +4,7 @@ NEXT_PUBLIC_STACK_HOSTED_HANDLER_DOMAIN_SUFFIX=.localhost:${NEXT_PUBLIC_HEXCLAVE NEXT_PUBLIC_STACK_IS_LOCAL_EMULATOR=false STACK_SERVER_SECRET=23-wuNpik0gIW4mruTz25rbIvhuuvZFrLOLtL7J4tyo -STACK_CHANGELOG_URL=https://raw.githubusercontent.com/stack-auth/stack-auth/refs/heads/dev/CHANGELOG.md +STACK_CHANGELOG_URL=https://raw.githubusercontent.com/hexclave/hexclave/refs/heads/dev/CHANGELOG.md STACK_SEED_ENABLE_DUMMY_PROJECT=true STACK_SEED_INTERNAL_PROJECT_SIGN_UP_ENABLED=true @@ -97,7 +97,7 @@ STACK_EMAIL_MONITOR_SECRET_TOKEN=this-secret-token-is-for-local-development-only STACK_EMAILABLE_API_KEY= -STACK_INTERNAL_FEEDBACK_RECIPIENTS=team@stack-auth.com +STACK_INTERNAL_FEEDBACK_RECIPIENTS=team@hexclave.com # S3 Configuration for local development using s3mock STACK_S3_ENDPOINT=http://localhost:${NEXT_PUBLIC_HEXCLAVE_PORT_PREFIX:-81}21 diff --git a/apps/backend/package.json b/apps/backend/package.json index 8b2926e4fd..581cc1ef6d 100644 --- a/apps/backend/package.json +++ b/apps/backend/package.json @@ -1,7 +1,7 @@ { "name": "@stackframe/backend", "version": "2.8.103", - "repository": "https://github.com/hexclave/stack-auth", + "repository": "https://github.com/hexclave/hexclave", "private": true, "type": "module", "scripts": { diff --git a/apps/backend/prisma/migrations/20260523000000_rename_internal_project_to_hexclave/migration.sql b/apps/backend/prisma/migrations/20260523000000_rename_internal_project_to_hexclave/migration.sql new file mode 100644 index 0000000000..b7e56ea2e6 --- /dev/null +++ b/apps/backend/prisma/migrations/20260523000000_rename_internal_project_to_hexclave/migration.sql @@ -0,0 +1,14 @@ +-- Rebrand: rename the internal-project display name and description from +-- "Stack Dashboard" / "Stack's admin dashboard" to "Hexclave Dashboard" / +-- "Hexclave's admin dashboard". Idempotent: only updates the row if it still +-- holds the pre-rebrand defaults for BOTH fields, so any operator who renamed +-- the internal project themselves (or even just one field) is left untouched. +-- Re-running the migration after the rename is a no-op. Missing row (fresh +-- install before seed) is also a no-op. + +UPDATE "Project" +SET "displayName" = 'Hexclave Dashboard', + "description" = 'Hexclave''s admin dashboard' +WHERE "id" = 'internal' + AND "displayName" = 'Stack Dashboard' + AND "description" = 'Stack''s admin dashboard'; diff --git a/apps/backend/prisma/seed.ts b/apps/backend/prisma/seed.ts index 7e582d841e..ea8d7a18d5 100644 --- a/apps/backend/prisma/seed.ts +++ b/apps/backend/prisma/seed.ts @@ -84,9 +84,9 @@ export async function seed() { type: 'create', projectId: 'internal', data: { - display_name: 'Stack Dashboard', + display_name: 'Hexclave Dashboard', owner_team_id: internalTeamId, - description: 'Stack\'s admin dashboard', + description: 'Hexclave\'s admin dashboard', is_production_mode: false, config: { allow_localhost: true, @@ -310,7 +310,7 @@ export async function seed() { // internal project, but the internal team itself is written directly above // (bypassing that code path), so it would otherwise end up with zero // entitlements and trip the plan-limit enforcement. Grant it the Growth plan - // so Stack Auth employees using the dashboard get full quotas. Idempotent — + // so Hexclave employees using the dashboard get full quotas. Idempotent — // skipped if an active Growth subscription already exists. // // We create the subscription with raw Prisma (matching seed-dummy-data.ts) diff --git a/apps/backend/scripts/backfill-internal-free-plans.ts b/apps/backend/scripts/backfill-internal-free-plans.ts index c0cc4a866d..323aee1804 100644 --- a/apps/backend/scripts/backfill-internal-free-plans.ts +++ b/apps/backend/scripts/backfill-internal-free-plans.ts @@ -1,5 +1,5 @@ /** - * Grants the `free` plan to every billing team on Stack Auth's own + * Grants the `free` plan to every billing team on Hexclave's own * billing project that doesn't already have a plan. Runs at deploy / * db init time. * diff --git a/apps/backend/scripts/generate-openapi-fumadocs.ts b/apps/backend/scripts/generate-openapi-fumadocs.ts index 6b55da252c..9bdc8d5b9b 100644 --- a/apps/backend/scripts/generate-openapi-fumadocs.ts +++ b/apps/backend/scripts/generate-openapi-fumadocs.ts @@ -61,8 +61,8 @@ async function main() { // Update server URL for Fumadocs openApiSchemaObject.servers = [{ - url: 'https://api.stack-auth.com/api/v1', - description: 'Stack REST API', + url: 'https://api.hexclave.com/api/v1', + description: 'Hexclave REST API', }]; console.log(`Generated ${Object.keys(openApiSchemaObject.paths || {}).length} endpoints for ${audience} audience`); diff --git a/apps/backend/scripts/regen-internal-subscriptions-to-latest.ts b/apps/backend/scripts/regen-internal-subscriptions-to-latest.ts index 757a406b90..3223420fa1 100644 --- a/apps/backend/scripts/regen-internal-subscriptions-to-latest.ts +++ b/apps/backend/scripts/regen-internal-subscriptions-to-latest.ts @@ -1,5 +1,5 @@ /** - * Brings every active subscription on Stack Auth's own billing project up + * Brings every active subscription on Hexclave's own billing project up * to the latest version of its plan. Runs at deploy / db init time. * * Why we need it: each Subscription stores a frozen JSON copy of the plan diff --git a/apps/backend/src/app/api/latest/(api-keys)/handlers.tsx b/apps/backend/src/app/api/latest/(api-keys)/handlers.tsx index 53ea28f464..b177e2b3a9 100644 --- a/apps/backend/src/app/api/latest/(api-keys)/handlers.tsx +++ b/apps/backend/src/app/api/latest/(api-keys)/handlers.tsx @@ -187,7 +187,13 @@ function createApiKeyHandlers<Type extends "user" | "team">(type: Type) { throw new HexclaveAssertionError("userPrefix must contain only alphanumeric characters and underscores. This is so we can register the API key with security scanners. This should've been checked in the creation schema"); } */ - const isCloudVersion = new URL(url).hostname === "api.stack-auth.com"; // we only want to enable secret scanning on the cloud version + // Cloud production serves from both api.hexclave.com (canonical) and + // api.stack-auth.com (legacy compat, kept indefinitely). Either host + // counts as cloud — keys minted against the legacy host must still + // carry the secret-scanning marker bit so GitHub's scanner detects + // them when committed by accident. + const cloudHostname = new URL(url).hostname; + const isCloudVersion = cloudHostname === "api.hexclave.com" || cloudHostname === "api.stack-auth.com"; const isPublic = body.is_public ?? false; const apiKeyId = generateUuid(); diff --git a/apps/backend/src/app/api/latest/auth/passkey/initiate-passkey-registration/route.tsx b/apps/backend/src/app/api/latest/auth/passkey/initiate-passkey-registration/route.tsx index 1cd78ba7fe..6b801e0bd7 100644 --- a/apps/backend/src/app/api/latest/auth/passkey/initiate-passkey-registration/route.tsx +++ b/apps/backend/src/app/api/latest/auth/passkey/initiate-passkey-registration/route.tsx @@ -44,9 +44,9 @@ export const POST = createSmartRouteHandler({ rpID: "THIS_VALUE_WILL_BE_REPLACED.example.com", // HACK: will be overridden in the frontend to be the actual domain, this is a temporary solution until we have a primary authentication domain // Here we set the userId to the user's id, this will cause to have the browser always store only one passkey per user! (browser stores one passkey per userId/rpID pair) userID: isoUint8Array.fromUTF8String(user.id), - userName: user.display_name || user.primary_email || "Stack Auth User", + userName: user.display_name || user.primary_email || "Hexclave User", challenge: getEnvVariable("STACK_ENABLE_HARDCODED_PASSKEY_CHALLENGE_FOR_TESTING", "") ? isoUint8Array.fromUTF8String("MOCK") : undefined, - userDisplayName: user.display_name || user.primary_email || "Stack Auth User", + userDisplayName: user.display_name || user.primary_email || "Hexclave User", // Force passkey (discoverable/resident) authenticatorSelection: { residentKey: 'required', diff --git a/apps/backend/src/app/api/latest/check-version/route.ts b/apps/backend/src/app/api/latest/check-version/route.ts index 7e95402e25..33bf6a1b64 100644 --- a/apps/backend/src/app/api/latest/check-version/route.ts +++ b/apps/backend/src/app/api/latest/check-version/route.ts @@ -52,10 +52,10 @@ export const POST = createSmartRouteHandler({ return err(true, `YOUR VERSION OF STACK AUTH IS SEVERELY OUTDATED. YOU SHOULD UPDATE IT AS SOON AS POSSIBLE. WE CAN'T APPLY SECURITY UPDATES IF YOU DON'T UPDATE STACK AUTH REGULARLY. (your version is v${clientVersion}; the current version is v${serverVersion}).`); } if (semver.lt(clientVersion, serverVersion)) { - return err(false, `You are running an outdated version of Stack Auth (v${clientVersion}; the current version is v${serverVersion}). Please update to the latest version as soon as possible to ensure that you get the latest feature and security updates.`); + return err(false, `You are running an outdated version of Hexclave (v${clientVersion}; the current version is v${serverVersion}). Please update to the latest version as soon as possible to ensure that you get the latest feature and security updates.`); } if (!semver.gt(clientVersion, serverVersion) && clientVersion !== serverVersion) { - return err(true, `You are running a version of Stack Auth that is not the same as the newest known version (v${clientVersion} !== v${serverVersion}). Please update to the latest version as soon as possible to ensure that you get the latest feature and security updates.`); + return err(true, `You are running a version of Hexclave that is not the same as the newest known version (v${clientVersion} !== v${serverVersion}). Please update to the latest version as soon as possible to ensure that you get the latest feature and security updates.`); } return { diff --git a/apps/backend/src/app/api/latest/connected-accounts/access-token-helpers.tsx b/apps/backend/src/app/api/latest/connected-accounts/access-token-helpers.tsx index 9286f1baa3..0042977a05 100644 --- a/apps/backend/src/app/api/latest/connected-accounts/access-token-helpers.tsx +++ b/apps/backend/src/app/api/latest/connected-accounts/access-token-helpers.tsx @@ -32,8 +32,8 @@ function captureOAuthAccessTokenRefreshIssue(options: { } /** - * Access tokens minted under Stack Auth's shared OAuth apps must not be handed - * to clients — they carry Stack Auth's brand at the provider. Only allowed when + * Access tokens minted under Hexclave's shared OAuth apps must not be handed + * to clients — they carry Hexclave's brand at the provider. Only allowed when * the deployer explicitly opts in via STACK_ALLOW_SHARED_OAUTH_ACCESS_TOKENS. * NOT gated on NODE_ENV — the env-var opt-in is the only escape hatch. */ @@ -185,7 +185,7 @@ export async function retrieveOrRefreshAccessToken(options: { errorContext, refreshError: tokenSetResult.error, }); - throw new StatusError(400, `Invalid client credentials for this OAuth provider. Please ensure the configuration in the Stack Auth dashboard is correct.`); + throw new StatusError(400, `Invalid client credentials for this OAuth provider. Please ensure the configuration in the Hexclave dashboard is correct.`); } case "unexpected": { captureOAuthAccessTokenRefreshIssue({ diff --git a/apps/backend/src/app/api/latest/contact-channels/README.md b/apps/backend/src/app/api/latest/contact-channels/README.md index 2a0f66401d..d25e934d59 100644 --- a/apps/backend/src/app/api/latest/contact-channels/README.md +++ b/apps/backend/src/app/api/latest/contact-channels/README.md @@ -4,7 +4,7 @@ This document explains the relationship between `primary_email` on user objects ## Overview -In Stack Auth, users can have multiple **contact channels** (currently only email type is supported). One of these can be designated as the **primary email**, which is the main email address associated with the user account. +In Hexclave, users can have multiple **contact channels** (currently only email type is supported). One of these can be designated as the **primary email**, which is the main email address associated with the user account. ### Key Concepts diff --git a/apps/backend/src/app/api/latest/integrations/ai-proxy/[[...path]]/route.ts b/apps/backend/src/app/api/latest/integrations/ai-proxy/[[...path]]/route.ts index a45d49cc6e..6ed8304e50 100644 --- a/apps/backend/src/app/api/latest/integrations/ai-proxy/[[...path]]/route.ts +++ b/apps/backend/src/app/api/latest/integrations/ai-proxy/[[...path]]/route.ts @@ -6,7 +6,7 @@ import { StatusError } from "@stackframe/stack-shared/dist/utils/errors"; import { NextRequest } from "next/server"; const OPENROUTER_BASE_URL = "https://openrouter.ai/api"; -const PRODUCTION_PROXY_BASE_URL = "https://api.stack-auth.com/api/latest/integrations/ai-proxy"; +const PRODUCTION_PROXY_BASE_URL = "https://api.hexclave.com/api/latest/integrations/ai-proxy"; const OPENROUTER_DEFAULT_MODEL = "anthropic/claude-sonnet-4.6"; function sanitizeBody(raw: ArrayBuffer): Uint8Array { diff --git a/apps/backend/src/app/api/latest/integrations/idp.ts b/apps/backend/src/app/api/latest/integrations/idp.ts index a1908493a7..f18ea952f2 100644 --- a/apps/backend/src/app/api/latest/integrations/idp.ts +++ b/apps/backend/src/app/api/latest/integrations/idp.ts @@ -163,6 +163,13 @@ function createPrismaAdapter(idpId: string) { } export async function createOidcProvider(options: { id: string, baseUrl: string, clientInteractionUrl: string }) { + // NOTE: this `audience` string is an OPAQUE key-derivation salt mixed into the + // SHA-256 that produces the per-audience signing secret + kid in + // `getPrivateJwks` (see packages/stack-shared/src/utils/jwt.tsx:114-115). It is + // never exposed to OIDC clients (the actual OIDC `aud` claim is set elsewhere). + // Changing this string rotates ALL outstanding JWT signing keys and invalidates + // every cached client JWKS — so it is intentionally pinned to the pre-rebrand + // domain. Carve-out per RENAME-TO-HEXCLAVE.md ("internal opaque identifiers"). const privateJwks = await getPrivateJwks({ audience: `https://idp-jwk-audience.stack-auth.com/${encodeURIComponent(options.id)}`, }); @@ -259,7 +266,7 @@ export async function createOidcProvider(options: { id: string, baseUrl: string, ctx.body = ` <html> <head> - <title>Redirecting... — Stack Auth + Redirecting... — Hexclave -

Stack Auth Dev Launchpad

+

Hexclave Dev Launchpad

@@ -149,7 +149,7 @@

Background services

portSuffix: "01", description: [ "Src: ./apps/dashboard", - "Prod: https://app.stack-auth.com", + "Prod: https://app.hexclave.com", ], img: "https://www.svgrepo.com/show/507260/dashboard.svg", importance: 2, @@ -159,7 +159,7 @@

Background services

portSuffix: "02", description: [ "Src: ./apps/backend", - "Prod: https://api.stack-auth.com", + "Prod: https://api.hexclave.com", ], img: "https://www.svgrepo.com/show/340122/datastore.svg", importance: 2, @@ -169,7 +169,7 @@

Background services

portSuffix: "42", description: [ "Src: ./apps/mcp", - "Prod: https://mcp.stack-auth.com/mcp", + "Prod: https://mcp.hexclave.com/mcp", ], importance: 2, }, @@ -178,7 +178,7 @@

Background services

portSuffix: "03", description: [ "Src: ./examples/demo", - "Prod: https://demo.stack-auth.com", + "Prod: https://demo.hexclave.com", ], importance: 2, }, @@ -197,7 +197,7 @@

Background services

portSuffix: "26", description: [ "Src: ./docs", - "Prod: https://docs.stack-auth.com", + "Prod: https://docs.hexclave.com", ], img: "https://www.svgrepo.com/show/448400/docs.svg", importance: 2, diff --git a/apps/e2e/package.json b/apps/e2e/package.json index e53ad886a2..22ea133a09 100644 --- a/apps/e2e/package.json +++ b/apps/e2e/package.json @@ -1,7 +1,7 @@ { "name": "@stackframe/e2e-tests", "version": "2.8.103", - "repository": "https://github.com/hexclave/stack-auth", + "repository": "https://github.com/hexclave/hexclave", "private": true, "type": "module", "scripts": { diff --git a/apps/e2e/tests/backend/endpoints/api/migration-tests.test.ts b/apps/e2e/tests/backend/endpoints/api/migration-tests.test.ts index 3a32009c75..0787f15987 100644 --- a/apps/e2e/tests/backend/endpoints/api/migration-tests.test.ts +++ b/apps/e2e/tests/backend/endpoints/api/migration-tests.test.ts @@ -18,9 +18,9 @@ describe("SmartRouteHandler", () => { NiceResponse { "status": 404, "body": deindent\` - 404 — this page does not exist in Stack Auth's API. + 404 — this page does not exist in Hexclave's API. - Please see the API documentation at https://docs.stack-auth.com, or visit the Stack Auth dashboard at https://app.stack-auth.com. + Please see the API documentation at https://docs.hexclave.com, or visit the Hexclave dashboard at https://app.hexclave.com. URL: http://localhost:<$NEXT_PUBLIC_HEXCLAVE_PORT_PREFIX>02/api/v1/migration-tests/smart-route-handler \`, diff --git a/apps/e2e/tests/backend/endpoints/api/v1/ai-query.test.ts b/apps/e2e/tests/backend/endpoints/api/v1/ai-query.test.ts index 1bb42cef4e..5b66f7e775 100644 --- a/apps/e2e/tests/backend/endpoints/api/v1/ai-query.test.ts +++ b/apps/e2e/tests/backend/endpoints/api/v1/ai-query.test.ts @@ -506,8 +506,8 @@ describeWithAi("AI Query Endpoint - Message Formats", () => { tools: [], systemPrompt: "command-center-ask-ai", messages: [ - { role: "user", content: "What is Stack Auth?" }, - { role: "assistant", content: "Stack Auth is an authentication platform." }, + { role: "user", content: "What is Hexclave?" }, + { role: "assistant", content: "Hexclave is an authentication platform." }, { role: "user", content: "How do I get started?" }, ], }, diff --git a/apps/e2e/tests/backend/endpoints/api/v1/auth/oauth/authorize.test.ts b/apps/e2e/tests/backend/endpoints/api/v1/auth/oauth/authorize.test.ts index 6c8d5110f5..1fe010c55a 100644 --- a/apps/e2e/tests/backend/endpoints/api/v1/auth/oauth/authorize.test.ts +++ b/apps/e2e/tests/backend/endpoints/api/v1/auth/oauth/authorize.test.ts @@ -281,7 +281,7 @@ it("should fail if an untrusted after_callback_redirect_url is provided", async "status": 400, "body": { "code": "REDIRECT_URL_NOT_WHITELISTED", - "error": "Redirect URL not whitelisted. Did you forget to add this domain to the trusted domains list on the Stack Auth dashboard?", + "error": "Redirect URL not whitelisted. Did you forget to add this domain to the trusted domains list on the Hexclave dashboard?", }, "headers": Headers { "x-stack-known-error": "REDIRECT_URL_NOT_WHITELISTED", @@ -293,7 +293,7 @@ it("should fail if an untrusted after_callback_redirect_url is provided", async // Regression: provider_scope against a shared provider must be rejected on // every authorize path — not only when a link token is present. A malicious -// client would otherwise request elevated scopes under Stack Auth's shared +// client would otherwise request elevated scopes under Hexclave's shared // OAuth app on a plain sign-in. it("should reject provider_scope on shared provider for plain sign-in (no link token)", async ({ expect }) => { const response = await niceBackendFetch("/api/v1/auth/oauth/authorize/spotify", { diff --git a/apps/e2e/tests/backend/endpoints/api/v1/auth/oauth/callback.test.ts b/apps/e2e/tests/backend/endpoints/api/v1/auth/oauth/callback.test.ts index eaf09429f4..3d33450b1f 100644 --- a/apps/e2e/tests/backend/endpoints/api/v1/auth/oauth/callback.test.ts +++ b/apps/e2e/tests/backend/endpoints/api/v1/auth/oauth/callback.test.ts @@ -188,7 +188,7 @@ it("should fail if an untrusted redirect URL is provided", async ({ expect }) => "status": 400, "body": { "code": "REDIRECT_URL_NOT_WHITELISTED", - "error": "Redirect URL not whitelisted. Did you forget to add this domain to the trusted domains list on the Stack Auth dashboard?", + "error": "Redirect URL not whitelisted. Did you forget to add this domain to the trusted domains list on the Hexclave dashboard?", }, "headers": Headers { "set-cookie": ' at path '/'>, @@ -228,7 +228,7 @@ it("should fail if an untrusted redirect URL is provided that is similar to a tr "status": 400, "body": { "code": "REDIRECT_URL_NOT_WHITELISTED", - "error": "Redirect URL not whitelisted. Did you forget to add this domain to the trusted domains list on the Stack Auth dashboard?", + "error": "Redirect URL not whitelisted. Did you forget to add this domain to the trusted domains list on the Hexclave dashboard?", }, "headers": Headers { "set-cookie": ' at path '/'>, diff --git a/apps/e2e/tests/backend/endpoints/api/v1/auth/oauth/callback/apple-native.test.ts b/apps/e2e/tests/backend/endpoints/api/v1/auth/oauth/callback/apple-native.test.ts index 60ae235015..584e71901b 100644 --- a/apps/e2e/tests/backend/endpoints/api/v1/auth/oauth/callback/apple-native.test.ts +++ b/apps/e2e/tests/backend/endpoints/api/v1/auth/oauth/callback/apple-native.test.ts @@ -57,7 +57,7 @@ describe("Native Apple Sign In", () => { expect(response.body).toMatchInlineSnapshot(` { "code": "APPLE_BUNDLE_ID_NOT_CONFIGURED", - "error": "Apple Sign In is enabled, but no Bundle IDs are configured. Please add your app's Bundle ID in the Stack Auth dashboard under OAuth Providers > Apple > Apple Bundle IDs.", + "error": "Apple Sign In is enabled, but no Bundle IDs are configured. Please add your app's Bundle ID in the Hexclave dashboard under OAuth Providers > Apple > Apple Bundle IDs.", } `); }); diff --git a/apps/e2e/tests/backend/endpoints/api/v1/auth/oauth/cross-domain-authorize.test.ts b/apps/e2e/tests/backend/endpoints/api/v1/auth/oauth/cross-domain-authorize.test.ts index c27ea32d49..1a4f411ef6 100644 --- a/apps/e2e/tests/backend/endpoints/api/v1/auth/oauth/cross-domain-authorize.test.ts +++ b/apps/e2e/tests/backend/endpoints/api/v1/auth/oauth/cross-domain-authorize.test.ts @@ -151,7 +151,7 @@ it("rejects untrusted redirect URLs before issuing a code", async ({ expect }) = "status": 400, "body": { "code": "REDIRECT_URL_NOT_WHITELISTED", - "error": "Redirect URL not whitelisted. Did you forget to add this domain to the trusted domains list on the Stack Auth dashboard?", + "error": "Redirect URL not whitelisted. Did you forget to add this domain to the trusted domains list on the Hexclave dashboard?", }, "headers": Headers { "x-stack-known-error": "REDIRECT_URL_NOT_WHITELISTED", @@ -172,7 +172,7 @@ it("rejects untrusted after-callback redirect URLs before issuing a code", async "status": 400, "body": { "code": "REDIRECT_URL_NOT_WHITELISTED", - "error": "Redirect URL not whitelisted. Did you forget to add this domain to the trusted domains list on the Stack Auth dashboard?", + "error": "Redirect URL not whitelisted. Did you forget to add this domain to the trusted domains list on the Hexclave dashboard?", }, "headers": Headers { "x-stack-known-error": "REDIRECT_URL_NOT_WHITELISTED", diff --git a/apps/e2e/tests/backend/endpoints/api/v1/auth/oauth/exact-domain-matching.test.ts b/apps/e2e/tests/backend/endpoints/api/v1/auth/oauth/exact-domain-matching.test.ts index 2cc2017b85..0def7dd5f3 100644 --- a/apps/e2e/tests/backend/endpoints/api/v1/auth/oauth/exact-domain-matching.test.ts +++ b/apps/e2e/tests/backend/endpoints/api/v1/auth/oauth/exact-domain-matching.test.ts @@ -70,7 +70,7 @@ describe("OAuth with exact domain matching", () => { "status": 400, "body": { "code": "REDIRECT_URL_NOT_WHITELISTED", - "error": "Redirect URL not whitelisted. Did you forget to add this domain to the trusted domains list on the Stack Auth dashboard?", + "error": "Redirect URL not whitelisted. Did you forget to add this domain to the trusted domains list on the Hexclave dashboard?", }, "headers": Headers { "set-cookie": ' at path '/'>, @@ -115,7 +115,7 @@ describe("OAuth with exact domain matching", () => { "status": 400, "body": { "code": "REDIRECT_URL_NOT_WHITELISTED", - "error": "Redirect URL not whitelisted. Did you forget to add this domain to the trusted domains list on the Stack Auth dashboard?", + "error": "Redirect URL not whitelisted. Did you forget to add this domain to the trusted domains list on the Hexclave dashboard?", }, "headers": Headers { "set-cookie": ' at path '/'>, @@ -160,7 +160,7 @@ describe("OAuth with exact domain matching", () => { "status": 400, "body": { "code": "REDIRECT_URL_NOT_WHITELISTED", - "error": "Redirect URL not whitelisted. Did you forget to add this domain to the trusted domains list on the Stack Auth dashboard?", + "error": "Redirect URL not whitelisted. Did you forget to add this domain to the trusted domains list on the Hexclave dashboard?", }, "headers": Headers { "set-cookie": ' at path '/'>, @@ -205,7 +205,7 @@ describe("OAuth with exact domain matching", () => { "status": 400, "body": { "code": "REDIRECT_URL_NOT_WHITELISTED", - "error": "Redirect URL not whitelisted. Did you forget to add this domain to the trusted domains list on the Stack Auth dashboard?", + "error": "Redirect URL not whitelisted. Did you forget to add this domain to the trusted domains list on the Hexclave dashboard?", }, "headers": Headers { "set-cookie": ' at path '/'>, @@ -330,7 +330,7 @@ describe("OAuth with exact domain matching", () => { "status": 400, "body": { "code": "REDIRECT_URL_NOT_WHITELISTED", - "error": "Redirect URL not whitelisted. Did you forget to add this domain to the trusted domains list on the Stack Auth dashboard?", + "error": "Redirect URL not whitelisted. Did you forget to add this domain to the trusted domains list on the Hexclave dashboard?", }, "headers": Headers { "set-cookie": ' at path '/'>, diff --git a/apps/e2e/tests/backend/endpoints/api/v1/auth/oauth/wildcard-domains.test.ts b/apps/e2e/tests/backend/endpoints/api/v1/auth/oauth/wildcard-domains.test.ts index b656a4e20c..41e89bd04b 100644 --- a/apps/e2e/tests/backend/endpoints/api/v1/auth/oauth/wildcard-domains.test.ts +++ b/apps/e2e/tests/backend/endpoints/api/v1/auth/oauth/wildcard-domains.test.ts @@ -72,7 +72,7 @@ describe("OAuth with wildcard domains", () => { "status": 400, "body": { "code": "REDIRECT_URL_NOT_WHITELISTED", - "error": "Redirect URL not whitelisted. Did you forget to add this domain to the trusted domains list on the Stack Auth dashboard?", + "error": "Redirect URL not whitelisted. Did you forget to add this domain to the trusted domains list on the Hexclave dashboard?", }, "headers": Headers { "set-cookie": ' at path '/'>, @@ -149,7 +149,7 @@ describe("OAuth with wildcard domains", () => { "status": 400, "body": { "code": "REDIRECT_URL_NOT_WHITELISTED", - "error": "Redirect URL not whitelisted. Did you forget to add this domain to the trusted domains list on the Stack Auth dashboard?", + "error": "Redirect URL not whitelisted. Did you forget to add this domain to the trusted domains list on the Hexclave dashboard?", }, "headers": Headers { "set-cookie": ' at path '/'>, @@ -226,7 +226,7 @@ describe("OAuth with wildcard domains", () => { "status": 400, "body": { "code": "REDIRECT_URL_NOT_WHITELISTED", - "error": "Redirect URL not whitelisted. Did you forget to add this domain to the trusted domains list on the Stack Auth dashboard?", + "error": "Redirect URL not whitelisted. Did you forget to add this domain to the trusted domains list on the Hexclave dashboard?", }, "headers": Headers { "set-cookie": ' at path '/'>, @@ -303,7 +303,7 @@ describe("OAuth with wildcard domains", () => { "status": 400, "body": { "code": "REDIRECT_URL_NOT_WHITELISTED", - "error": "Redirect URL not whitelisted. Did you forget to add this domain to the trusted domains list on the Stack Auth dashboard?", + "error": "Redirect URL not whitelisted. Did you forget to add this domain to the trusted domains list on the Hexclave dashboard?", }, "headers": Headers { "set-cookie": ' at path '/'>, diff --git a/apps/e2e/tests/backend/endpoints/api/v1/auth/otp/send-sign-in-code.test.ts b/apps/e2e/tests/backend/endpoints/api/v1/auth/otp/send-sign-in-code.test.ts index 7464b8cfb6..d8d3b6b62d 100644 --- a/apps/e2e/tests/backend/endpoints/api/v1/auth/otp/send-sign-in-code.test.ts +++ b/apps/e2e/tests/backend/endpoints/api/v1/auth/otp/send-sign-in-code.test.ts @@ -7,8 +7,8 @@ it("should send a sign-in code per e-mail", async ({ expect }) => { expect(messages).toMatchInlineSnapshot(` [ MailboxMessage { - "from": "Stack Dashboard ", - "subject": "Sign in to Stack Dashboard: Your code is ", + "from": "Hexclave Dashboard ", + "subject": "Sign in to Hexclave Dashboard: Your code is ", "to": ["@stack-generated.example.com>"],