Chrome Web Store Rejection - MV3 Remote Code Loading Issue

[LevanKvirkvelia]

Preliminary Checks

• I have reviewed the documentation: https://clerk.com/docs

• I have searched for existing issues: https://github.com/clerk/javascript/issues

• I have not already reached out to Clerk support via email or Discord (if you have, no need to open an issue here)

• This issue is not a question, general help request, or anything other than a bug report directly related to Clerk. Please ask questions in our Discord community: https://clerk.com/discord.

Reproduction

Publishable key

Description

The Chrome Web Store rejected my extension that uses @clerk/chrome-extension due to remotely hosted code in Manifest V3, which violates Chrome's security policies.

Rejection Message from Chrome Web Store:

Including remotely hosted code in a Manifest V3 item.
* Violating Content:
   * Code snippet: sidepanel.aa9c292a.js: https://${c}/npm/@clerk/clerk-js@${d}/dist/clerk.${u}browser.js ...

Steps to reproduce:

1. Create a new Chrome extension using Manifest V3
2. Install and implement @clerk/chrome-extension
3. Build and submit to Chrome Web Store
4. Receive rejection due to remote code loading

Expected behavior:

• The Clerk authentication should work in Chrome extension without loading remote code

Actual behavior:

• The bundled code contains references to remote URLs (in sidepanel.aa9c292a.js), which violates Chrome's MV3 policies
• These URLs appear to be coming from the bundled @clerk/clerk-js package itself

Environment

-

[LekoArts]

Hi!

I'm looking into the issue and will put up a PR to fix it