Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(clerk-js): Render @clerk/ui #4114

Open
wants to merge 55 commits into
base: main
Choose a base branch
from
Open

feat(clerk-js): Render @clerk/ui #4114

wants to merge 55 commits into from
+593 −106

Conversation

BRKalow
Copy link
Member

@BRKalow BRKalow commented Sep 5, 2024

Description

Checklist

  • npm test runs as expected.
  • npm run build runs as expected.
  • (If applicable) JSDoc comments have been added or updated for any package exports
  • (If applicable) Documentation has been updated

Type of change

  • 🐛 Bug fix
  • 🌟 New feature
  • 🔨 Breaking change
  • 📖 Refactoring / dependency upgrade / documentation
  • other:

@changeset-bot changeset-bot
Copy link

changeset-bot bot commented Sep 5, 2024
edited
Loading

🦋 Changeset detected

Latest commit: 5035d98

The changes in this PR will be included in the next version bump.

This PR includes changesets to release 18 packages
Name Type
@clerk/elements Minor
@clerk/clerk-js Minor
@clerk/nextjs Minor
@clerk/shared Minor
@clerk/types Minor
@clerk/chrome-extension Patch
@clerk/clerk-expo Patch
@clerk/astro Patch
@clerk/backend Patch
@clerk/express Patch
@clerk/fastify Patch
@clerk/clerk-react Patch
@clerk/remix Patch
@clerk/clerk-sdk-node Patch
@clerk/tanstack-start Patch
@clerk/testing Patch
@clerk/localizations Patch
@clerk/themes Patch

Not sure what this means? Click here to learn what changesets are.

Click here if you're a maintainer who wants to add another changeset to this PR

@dstaley dstaley mentioned this pull request Sep 20, 2024
Merged
9 tasks
@dstaley
Copy link
Member

dstaley commented Oct 4, 2024

!snapshot

@clerk-cookie
Copy link
Collaborator

Hey @dstaley - the snapshot version command generated the following package versions:

Package Version
@clerk/astro 1.3.13-snapshot.v6bae6c3
@clerk/backend 1.13.9-snapshot.v6bae6c3
@clerk/chrome-extension 1.3.16-snapshot.v6bae6c3
@clerk/clerk-js 5.27.0-snapshot.v6bae6c3
@clerk/elements 0.16.0-snapshot.v6bae6c3
@clerk/clerk-expo 2.2.22-snapshot.v6bae6c3
@clerk/express 1.2.2-snapshot.v6bae6c3
@clerk/fastify 1.0.52-snapshot.v6bae6c3
@clerk/localizations 3.2.0-snapshot.v6bae6c3
@clerk/nextjs 5.8.0-snapshot.v6bae6c3
@clerk/clerk-react 5.11.1-snapshot.v6bae6c3
@clerk/remix 4.2.36-snapshot.v6bae6c3
@clerk/clerk-sdk-node 5.0.49-snapshot.v6bae6c3
@clerk/shared 2.10.0-snapshot.v6bae6c3
@clerk/tanstack-start 0.4.12-snapshot.v6bae6c3
@clerk/testing 1.3.10-snapshot.v6bae6c3
@clerk/themes 2.1.36-snapshot.v6bae6c3
@clerk/types 4.26.0-snapshot.v6bae6c3

Tip: Use the snippet copy button below to quickly install the required packages.
@clerk/astro

npm i @clerk/astro@1.3.13-snapshot.v6bae6c3 --save-exact

@clerk/backend

npm i @clerk/backend@1.13.9-snapshot.v6bae6c3 --save-exact

@clerk/chrome-extension

npm i @clerk/chrome-extension@1.3.16-snapshot.v6bae6c3 --save-exact

@clerk/clerk-js

npm i @clerk/clerk-js@5.27.0-snapshot.v6bae6c3 --save-exact

@clerk/elements

npm i @clerk/elements@0.16.0-snapshot.v6bae6c3 --save-exact

@clerk/clerk-expo

npm i @clerk/clerk-expo@2.2.22-snapshot.v6bae6c3 --save-exact

@clerk/express

npm i @clerk/express@1.2.2-snapshot.v6bae6c3 --save-exact

@clerk/fastify

npm i @clerk/fastify@1.0.52-snapshot.v6bae6c3 --save-exact

@clerk/localizations

npm i @clerk/localizations@3.2.0-snapshot.v6bae6c3 --save-exact

@clerk/nextjs

npm i @clerk/nextjs@5.8.0-snapshot.v6bae6c3 --save-exact

@clerk/clerk-react

npm i @clerk/clerk-react@5.11.1-snapshot.v6bae6c3 --save-exact

@clerk/remix

npm i @clerk/remix@4.2.36-snapshot.v6bae6c3 --save-exact

@clerk/clerk-sdk-node

npm i @clerk/clerk-sdk-node@5.0.49-snapshot.v6bae6c3 --save-exact

@clerk/shared

npm i @clerk/shared@2.10.0-snapshot.v6bae6c3 --save-exact

@clerk/tanstack-start

npm i @clerk/tanstack-start@0.4.12-snapshot.v6bae6c3 --save-exact

@clerk/testing

npm i @clerk/testing@1.3.10-snapshot.v6bae6c3 --save-exact

@clerk/themes

npm i @clerk/themes@2.1.36-snapshot.v6bae6c3 --save-exact

@clerk/types

npm i @clerk/types@4.26.0-snapshot.v6bae6c3 --save-exact

@dstaley
Copy link
Member

dstaley commented Oct 7, 2024

!snapshot

@clerk-cookie
Copy link
Collaborator

Hey @dstaley - the snapshot version command generated the following package versions:

Package Version
@clerk/astro 1.3.13-snapshot.v63f97d3
@clerk/backend 1.13.9-snapshot.v63f97d3
@clerk/chrome-extension 1.3.16-snapshot.v63f97d3
@clerk/clerk-js 5.27.0-snapshot.v63f97d3
@clerk/elements 0.16.0-snapshot.v63f97d3
@clerk/clerk-expo 2.2.22-snapshot.v63f97d3
@clerk/express 1.2.2-snapshot.v63f97d3
@clerk/fastify 1.0.52-snapshot.v63f97d3
@clerk/localizations 3.2.0-snapshot.v63f97d3
@clerk/nextjs 5.8.0-snapshot.v63f97d3
@clerk/clerk-react 5.11.1-snapshot.v63f97d3
@clerk/remix 4.2.36-snapshot.v63f97d3
@clerk/clerk-sdk-node 5.0.49-snapshot.v63f97d3
@clerk/shared 2.10.0-snapshot.v63f97d3
@clerk/tanstack-start 0.4.12-snapshot.v63f97d3
@clerk/testing 1.3.10-snapshot.v63f97d3
@clerk/themes 2.1.36-snapshot.v63f97d3
@clerk/types 4.26.0-snapshot.v63f97d3

Tip: Use the snippet copy button below to quickly install the required packages.
@clerk/astro

npm i @clerk/astro@1.3.13-snapshot.v63f97d3 --save-exact

@clerk/backend

npm i @clerk/backend@1.13.9-snapshot.v63f97d3 --save-exact

@clerk/chrome-extension

npm i @clerk/chrome-extension@1.3.16-snapshot.v63f97d3 --save-exact

@clerk/clerk-js

npm i @clerk/clerk-js@5.27.0-snapshot.v63f97d3 --save-exact

@clerk/elements

npm i @clerk/elements@0.16.0-snapshot.v63f97d3 --save-exact

@clerk/clerk-expo

npm i @clerk/clerk-expo@2.2.22-snapshot.v63f97d3 --save-exact

@clerk/express

npm i @clerk/express@1.2.2-snapshot.v63f97d3 --save-exact

@clerk/fastify

npm i @clerk/fastify@1.0.52-snapshot.v63f97d3 --save-exact

@clerk/localizations

npm i @clerk/localizations@3.2.0-snapshot.v63f97d3 --save-exact

@clerk/nextjs

npm i @clerk/nextjs@5.8.0-snapshot.v63f97d3 --save-exact

@clerk/clerk-react

npm i @clerk/clerk-react@5.11.1-snapshot.v63f97d3 --save-exact

@clerk/remix

npm i @clerk/remix@4.2.36-snapshot.v63f97d3 --save-exact

@clerk/clerk-sdk-node

npm i @clerk/clerk-sdk-node@5.0.49-snapshot.v63f97d3 --save-exact

@clerk/shared

npm i @clerk/shared@2.10.0-snapshot.v63f97d3 --save-exact

@clerk/tanstack-start

npm i @clerk/tanstack-start@0.4.12-snapshot.v63f97d3 --save-exact

@clerk/testing

npm i @clerk/testing@1.3.10-snapshot.v63f97d3 --save-exact

@clerk/themes

npm i @clerk/themes@2.1.36-snapshot.v63f97d3 --save-exact

@clerk/types

npm i @clerk/types@4.26.0-snapshot.v63f97d3 --save-exact

@dstaley
Copy link
Member

dstaley commented Oct 8, 2024

!snapshot

@clerk-cookie
Copy link
Collaborator

Hey @dstaley - the snapshot version command generated the following package versions:

Package Version
@clerk/astro 1.3.13-snapshot.vc65ea96
@clerk/backend 1.13.9-snapshot.vc65ea96
@clerk/chrome-extension 1.3.17-snapshot.vc65ea96
@clerk/clerk-js 5.27.0-snapshot.vc65ea96
@clerk/elements 0.16.0-snapshot.vc65ea96
@clerk/clerk-expo 2.2.23-snapshot.vc65ea96
@clerk/express 1.2.2-snapshot.vc65ea96
@clerk/fastify 2.0.0-snapshot.vc65ea96
@clerk/localizations 3.2.1-snapshot.vc65ea96
@clerk/nextjs 5.8.0-snapshot.vc65ea96
@clerk/clerk-react 5.11.1-snapshot.vc65ea96
@clerk/remix 4.2.36-snapshot.vc65ea96
@clerk/clerk-sdk-node 5.0.49-snapshot.vc65ea96
@clerk/shared 2.10.0-snapshot.vc65ea96
@clerk/tanstack-start 0.4.12-snapshot.vc65ea96
@clerk/testing 1.3.10-snapshot.vc65ea96
@clerk/themes 2.1.36-snapshot.vc65ea96
@clerk/types 4.26.0-snapshot.vc65ea96

Tip: Use the snippet copy button below to quickly install the required packages.
@clerk/astro

npm i @clerk/astro@1.3.13-snapshot.vc65ea96 --save-exact

@clerk/backend

npm i @clerk/backend@1.13.9-snapshot.vc65ea96 --save-exact

@clerk/chrome-extension

npm i @clerk/chrome-extension@1.3.17-snapshot.vc65ea96 --save-exact

@clerk/clerk-js

npm i @clerk/clerk-js@5.27.0-snapshot.vc65ea96 --save-exact

@clerk/elements

npm i @clerk/elements@0.16.0-snapshot.vc65ea96 --save-exact

@clerk/clerk-expo

npm i @clerk/clerk-expo@2.2.23-snapshot.vc65ea96 --save-exact

@clerk/express

npm i @clerk/express@1.2.2-snapshot.vc65ea96 --save-exact

@clerk/fastify

npm i @clerk/fastify@2.0.0-snapshot.vc65ea96 --save-exact

@clerk/localizations

npm i @clerk/localizations@3.2.1-snapshot.vc65ea96 --save-exact

@clerk/nextjs

npm i @clerk/nextjs@5.8.0-snapshot.vc65ea96 --save-exact

@clerk/clerk-react

npm i @clerk/clerk-react@5.11.1-snapshot.vc65ea96 --save-exact

@clerk/remix

npm i @clerk/remix@4.2.36-snapshot.vc65ea96 --save-exact

@clerk/clerk-sdk-node

npm i @clerk/clerk-sdk-node@5.0.49-snapshot.vc65ea96 --save-exact

@clerk/shared

npm i @clerk/shared@2.10.0-snapshot.vc65ea96 --save-exact

@clerk/tanstack-start

npm i @clerk/tanstack-start@0.4.12-snapshot.vc65ea96 --save-exact

@clerk/testing

npm i @clerk/testing@1.3.10-snapshot.vc65ea96 --save-exact

@clerk/themes

npm i @clerk/themes@2.1.36-snapshot.vc65ea96 --save-exact

@clerk/types

npm i @clerk/types@4.26.0-snapshot.vc65ea96 --save-exact

semgrep-app[bot]
semgrep-app bot reviewed Oct 15, 2024
View reviewed changes
packages/nextjs/src/pages/ClerkProvider.tsx
canUseWindowHistoryAPIs ? window.history.pushState(null, '', path) : router.push(path, {});
},
pathname: () => window.location.pathname,
searchParams: () => new URLSearchParams(window.location.search),
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Risk: Affected versions of next are vulnerable to Acceptance of Extraneous Untrusted Data With Trusted Data / Authorization Bypass Through User-Controlled Key.

Fix: Upgrade this library to at least version 14.2.10 at javascript/package-lock.json:45227.

Reference(s): GHSA-gp8f-8m3g-qvj9, CVE-2024-46982

Ignore this finding from ssc-adb055b9-fed0-4d70-a57d-eb9825b09449.

semgrep-app[bot]
semgrep-app bot reviewed Oct 15, 2024
View reviewed changes
packages/nextjs/src/pages/ClerkProvider.tsx
shallowPush(path: string) {
canUseWindowHistoryAPIs ? window.history.pushState(null, '', path) : router.push(path, {});
},
pathname: () => window.location.pathname,
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Risk: Affected versions of next are vulnerable to Acceptance of Extraneous Untrusted Data With Trusted Data / Authorization Bypass Through User-Controlled Key.

Fix: Upgrade this library to at least version 14.2.10 at javascript/package-lock.json:45227.

Reference(s): GHSA-gp8f-8m3g-qvj9, CVE-2024-46982

Ignore this finding from ssc-adb055b9-fed0-4d70-a57d-eb9825b09449.

semgrep-app[bot]
semgrep-app bot reviewed Oct 15, 2024
View reviewed changes
packages/nextjs/src/pages/ClerkProvider.tsx
push: (path: string) => router.push(path),
replace: (path: string) =>
canUseWindowHistoryAPIs ? window.history.replaceState(null, '', path) : router.replace(path),
shallowPush(path: string) {
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Risk: Affected versions of next are vulnerable to Acceptance of Extraneous Untrusted Data With Trusted Data / Authorization Bypass Through User-Controlled Key.

Fix: Upgrade this library to at least version 14.2.10 at javascript/package-lock.json:45227.

Reference(s): GHSA-gp8f-8m3g-qvj9, CVE-2024-46982

Ignore this finding from ssc-adb055b9-fed0-4d70-a57d-eb9825b09449.

semgrep-app[bot]
semgrep-app bot reviewed Oct 15, 2024
View reviewed changes
packages/nextjs/src/pages/ClerkProvider.tsx
mode: 'path',
name: 'NextRouter',
push: (path: string) => router.push(path),
replace: (path: string) =>
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Risk: Affected versions of next are vulnerable to Acceptance of Extraneous Untrusted Data With Trusted Data / Authorization Bypass Through User-Controlled Key.

Fix: Upgrade this library to at least version 14.2.10 at javascript/package-lock.json:45227.

Reference(s): GHSA-gp8f-8m3g-qvj9, CVE-2024-46982

Ignore this finding from ssc-adb055b9-fed0-4d70-a57d-eb9825b09449.

semgrep-app[bot]
semgrep-app bot reviewed Oct 15, 2024
View reviewed changes
packages/nextjs/src/pages/ClerkProvider.tsx
return {
mode: 'path',
name: 'NextRouter',
push: (path: string) => router.push(path),
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Risk: Affected versions of next are vulnerable to Acceptance of Extraneous Untrusted Data With Trusted Data / Authorization Bypass Through User-Controlled Key.

Fix: Upgrade this library to at least version 14.2.10 at javascript/package-lock.json:45227.

Reference(s): GHSA-gp8f-8m3g-qvj9, CVE-2024-46982

Ignore this finding from ssc-adb055b9-fed0-4d70-a57d-eb9825b09449.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dstaley dstaley dstaley left review comments

@jacekradko jacekradko jacekradko left review comments

@panteliselef panteliselef panteliselef left review comments

@colinclerk colinclerk colinclerk left review comments

@semgrep-app semgrep-app[bot] semgrep-app[bot] left review comments

@nikosdouvlis nikosdouvlis nikosdouvlis approved these changes

Assignees

@BRKalow BRKalow

Labels
clerk-js elements nextjs types
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
8 participants
@BRKalow @nikosdouvlis @dstaley @clerk-cookie @jacekradko @panteliselef @colinclerk @alexcarpenter