feat(clerk-js,types): Add support for ticket sign-ins and sign-ups #6806
Conversation
🦋 Changeset detectedLatest commit: ab0d83c The changes in this PR will be included in the next version bump. This PR includes changesets to release 22 packages
Not sure what this means? Click here to learn what changesets are. Click here if you're a maintainer who wants to add another changeset to this PR |
|
The latest updates on your projects. Learn more about Vercel for GitHub.
|
WalkthroughAdds experimental ticket-based sign-in and sign-up flows: new Changes
Sequence Diagram(s)sequenceDiagram
autonumber
actor U as User
participant C as App Code
participant SF as SignInFuture
participant API as Backend
Note over C,SF: Sign-in via ticket (new)
U->>C: Initiate sign-in
C->>SF: call ticket(params?) or SF reads __clerk_ticket
SF->>API: POST /create { ticket }
alt Success
API-->>SF: { error: null }
SF-->>C: resolved Promise
else Error
API-->>SF: { error }
SF-->>C: Promise with { error }
end
sequenceDiagram
autonumber
actor U as User
participant C as App Code
participant SUF as SignUpFuture
participant API as Backend
Note over C,SUF: Sign-up via ticket (new)
U->>C: Initiate sign-up
C->>SUF: call ticket(params?) or SUF reads __clerk_ticket
SUF->>API: POST /create { ticket }
alt Success
API-->>SUF: { error: null }
SUF-->>C: resolved Promise
else Error
API-->>SUF: { error }
SUF-->>C: Promise with { error }
end
Estimated code review effort🎯 3 (Moderate) | ⏱️ ~20 minutes Poem
Pre-merge checks and finishing touches✅ Passed checks (3 passed)
✨ Finishing touches
🧪 Generate unit tests
Comment |
@clerk/agent-toolkit
@clerk/astro
@clerk/backend
@clerk/chrome-extension
@clerk/clerk-js
@clerk/dev-cli
@clerk/elements
@clerk/clerk-expo
@clerk/expo-passkeys
@clerk/express
@clerk/fastify
@clerk/localizations
@clerk/nextjs
@clerk/nuxt
@clerk/clerk-react
@clerk/react-router
@clerk/remix
@clerk/shared
@clerk/tanstack-react-start
@clerk/testing
@clerk/themes
@clerk/types
@clerk/upgrade
@clerk/vue
commit: |
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
There was a problem hiding this comment.
Actionable comments posted: 4
Caution
Some comments are outside the diff and can’t be posted inline due to platform limitations.
⚠️ Outside diff range comments (1)
packages/clerk-js/src/core/resources/SignUp.ts (1)
597-629: Add ticket to SignUpFuture.create POST bodysignUp.__internal_future.ticket({ ticket }) calls this.create({ ticket }) but SignUpFuture.create does not forward params.ticket to the POST body — ticket sign-up is broken.
File: packages/clerk-js/src/core/resources/SignUp.ts — SignUpFuture.create (lines ~597–629)
async create(params: SignUpFutureCreateParams): Promise<{ error: unknown }> { return runAsyncResourceTask(this.resource, async () => { const { captchaToken, captchaWidgetType, captchaError } = await this.getCaptchaToken(); const body: Record<string, unknown> = { transfer: params.transfer, captchaToken, captchaWidgetType, captchaError, }; + if (params.ticket) { + body.ticket = params.ticket; + }Add an integration test asserting the POST to /client/sign_ups includes ticket when signUp.__internal_future.ticket({ ticket }) is called.
🧹 Nitpick comments (6)
.changeset/two-mangos-rest.md (1)
1-6: Clarify the experimental API and list the new public methods explicitly.Please add bullets naming the new APIs and their optional param behavior, e.g., “SignInFuture.ticket(params?)” and “SignUpFuture.ticket(params?)”, and mention the
__clerk_ticketfallback. This helps downstream release notes and docs automation.packages/types/src/signInFuture.ts (2)
13-14: Document and constrainticketusage in create params.Add JSDoc explaining precedence vs.
identifier/strategyand consider a discriminated union soticketcannot be combined with other strategies accidentally.export interface SignInFutureCreateParams { identifier?: string; strategy?: OAuthStrategy | 'saml' | 'enterprise_sso'; redirectUrl?: string; actionCompleteRedirectUrl?: string; transfer?: boolean; - ticket?: string; + /** + * Ticket token for ticket-based sign-in. When provided, do not pass identifier/strategy. + */ + ticket?: string; }
114-116: Add JSDoc forSignInFutureTicketParams.Briefly describe what a ticket is and expected shape (opaque string from backend), plus an example.
packages/clerk-js/src/core/resources/SignIn.ts (1)
1-1: Import ofinBrowseralready present — reuse inticket().packages/types/src/signUpFuture.ts (2)
14-15: Documentticketand expected interplay with captcha.Add JSDoc explaining whether ticket-based sign-up should bypass captcha (product decision). If bypass is intended, reflect that in clerk-js.
export interface SignUpFutureCreateParams extends SignUpFutureAdditionalParams { transfer?: boolean; - ticket?: string; + /** + * Ticket token for ticket-based sign-up. When provided, should other fields be optional and should captcha be bypassed? + */ + ticket?: string; }
54-57: Add JSDoc forSignUpFutureTicketParamsand justify extending AdditionalParams.If extra fields (firstName/metadata/legalAccepted) are intended to be honored during ticket sign-up, call it out; otherwise remove the extension to avoid confusion.
📜 Review details
Configuration used: Path: .coderabbit.yaml
Review profile: CHILL
Plan: Pro
Disabled knowledge base sources:
- Linear integration is disabled by default for public repositories
You can enable these sources in your CodeRabbit configuration.
📒 Files selected for processing (5)
.changeset/two-mangos-rest.md(1 hunks)packages/clerk-js/src/core/resources/SignIn.ts(2 hunks)packages/clerk-js/src/core/resources/SignUp.ts(3 hunks)packages/types/src/signInFuture.ts(3 hunks)packages/types/src/signUpFuture.ts(3 hunks)
🧰 Additional context used
📓 Path-based instructions (7)
.changeset/**
📄 CodeRabbit inference engine (.cursor/rules/monorepo.mdc)
Automated releases must use Changesets.
Files:
.changeset/two-mangos-rest.md
**/*.{js,jsx,ts,tsx}
📄 CodeRabbit inference engine (.cursor/rules/development.mdc)
**/*.{js,jsx,ts,tsx}: All code must pass ESLint checks with the project's configuration
Follow established naming conventions (PascalCase for components, camelCase for variables)
Maintain comprehensive JSDoc comments for public APIs
Use dynamic imports for optional features
All public APIs must be documented with JSDoc
Provide meaningful error messages to developers
Include error recovery suggestions where applicable
Log errors appropriately for debugging
Lazy load components and features when possible
Implement proper caching strategies
Use efficient data structures and algorithms
Profile and optimize critical paths
Validate all inputs and sanitize outputs
Implement proper logging with different levels
Files:
packages/types/src/signUpFuture.tspackages/types/src/signInFuture.tspackages/clerk-js/src/core/resources/SignUp.tspackages/clerk-js/src/core/resources/SignIn.ts
**/*.{js,jsx,ts,tsx,json,css,scss,md,yaml,yml}
📄 CodeRabbit inference engine (.cursor/rules/development.mdc)
Use Prettier for consistent code formatting
Files:
packages/types/src/signUpFuture.tspackages/types/src/signInFuture.tspackages/clerk-js/src/core/resources/SignUp.tspackages/clerk-js/src/core/resources/SignIn.ts
packages/**/*.{ts,tsx}
📄 CodeRabbit inference engine (.cursor/rules/development.mdc)
TypeScript is required for all packages
Files:
packages/types/src/signUpFuture.tspackages/types/src/signInFuture.tspackages/clerk-js/src/core/resources/SignUp.tspackages/clerk-js/src/core/resources/SignIn.ts
packages/**/*.{ts,tsx,d.ts}
📄 CodeRabbit inference engine (.cursor/rules/development.mdc)
Packages should export TypeScript types alongside runtime code
Files:
packages/types/src/signUpFuture.tspackages/types/src/signInFuture.tspackages/clerk-js/src/core/resources/SignUp.tspackages/clerk-js/src/core/resources/SignIn.ts
**/*.{ts,tsx}
📄 CodeRabbit inference engine (.cursor/rules/development.mdc)
Use proper TypeScript error types
**/*.{ts,tsx}: Always define explicit return types for functions, especially public APIs
Use proper type annotations for variables and parameters where inference isn't clear
Avoidanytype - preferunknownwhen type is uncertain, then narrow with type guards
Useinterfacefor object shapes that might be extended
Usetypefor unions, primitives, and computed types
Preferreadonlyproperties for immutable data structures
Useprivatefor internal implementation details
Useprotectedfor inheritance hierarchies
Usepublicexplicitly for clarity in public APIs
Preferreadonlyfor properties that shouldn't change after construction
Prefer composition and interfaces over deep inheritance chains
Use mixins for shared behavior across unrelated classes
Implement dependency injection for loose coupling
Let TypeScript infer when types are obvious
Useconst assertionsfor literal types:as const
Usesatisfiesoperator for type checking without widening
Use mapped types for transforming object types
Use conditional types for type-level logic
Leverage template literal types for string manipulation
Use ES6 imports/exports consistently
Use default exports sparingly, prefer named exports
Use type-only imports:import type { ... } from ...
Noanytypes without justification
Proper error handling with typed errors
Consistent use ofreadonlyfor immutable data
Proper generic constraints
No unused type parameters
Proper use of utility types instead of manual type construction
Type-only imports where possible
Proper tree-shaking friendly exports
No circular dependencies
Efficient type computations (avoid deep recursion)
Files:
packages/types/src/signUpFuture.tspackages/types/src/signInFuture.tspackages/clerk-js/src/core/resources/SignUp.tspackages/clerk-js/src/core/resources/SignIn.ts
**/*.{js,ts,tsx,jsx}
📄 CodeRabbit inference engine (.cursor/rules/monorepo.mdc)
Support multiple Clerk environment variables (CLERK_, NEXT_PUBLIC_CLERK_, etc.) for configuration.
Files:
packages/types/src/signUpFuture.tspackages/types/src/signInFuture.tspackages/clerk-js/src/core/resources/SignUp.tspackages/clerk-js/src/core/resources/SignIn.ts
🧬 Code graph analysis (2)
packages/clerk-js/src/core/resources/SignUp.ts (3)
packages/types/src/signUpFuture.ts (1)
SignUpFutureTicketParams(54-56)packages/clerk-js/src/core/resources/SignIn.ts (1)
ticket(918-921)packages/clerk-js/src/utils/getClerkQueryParam.ts (1)
getClerkQueryParam(37-40)
packages/clerk-js/src/core/resources/SignIn.ts (3)
packages/types/src/signInFuture.ts (1)
SignInFutureTicketParams(114-116)packages/clerk-js/src/core/resources/SignUp.ts (1)
ticket(778-781)packages/clerk-js/src/utils/getClerkQueryParam.ts (1)
getClerkQueryParam(37-40)
⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (6)
- GitHub Check: Build Packages
- GitHub Check: Formatting | Dedupe | Changeset
- GitHub Check: semgrep/ci
- GitHub Check: Analyze (javascript-typescript)
- GitHub Check: semgrep-cloud-platform/scan
- GitHub Check: semgrep-cloud-platform/scan
🔇 Additional comments (5)
packages/clerk-js/src/core/resources/SignIn.ts (2)
47-47: Type-only import looks good.
70-75: ImportinggetClerkQueryParamhere is appropriate.packages/clerk-js/src/core/resources/SignUp.ts (3)
28-29: Type import added correctly.
48-53: OK to source ticket from query viagetClerkQueryParam.
151-176: Captcha policy for ticket-based sign-up: confirm intent.
SignUp.createruns captcha unconditionally; with a valid ticket this might be unnecessary friction. If ticket-based sign-up should bypass captcha, add a conditional here (or ingetCaptchaToken) whenparams.ticketis present.
| async ticket(params?: SignInFutureTicketParams): Promise<{ error: unknown }> { | ||
| const ticket = params?.ticket ?? getClerkQueryParam('__clerk_ticket'); | ||
| return this.create({ ticket: ticket ?? undefined }); | ||
| } |
There was a problem hiding this comment.
🧩 Analysis chain
SSR safety and empty-ticket guard for signIn.ticket().
Calling this on the server with no param will access window. Guard SSR and provide a clear error when a ticket isn’t available.
- async ticket(params?: SignInFutureTicketParams): Promise<{ error: unknown }> {
- const ticket = params?.ticket ?? getClerkQueryParam('__clerk_ticket');
- return this.create({ ticket: ticket ?? undefined });
- }
+ async ticket(params?: SignInFutureTicketParams): Promise<{ error: unknown }> {
+ const ticketFromUrl = inBrowser() ? getClerkQueryParam('__clerk_ticket') : null;
+ const ticket = params?.ticket ?? ticketFromUrl ?? undefined;
+ if (!ticket && !inBrowser()) {
+ throw new Error('signIn.ticket() requires a `ticket` param when called outside the browser.');
+ }
+ return this.create({ ticket });
+ }Add unit tests for:
- param provided
- URL param provided (browser)
- SSR call without param throws
🏁 Script executed:
#!/bin/bash
# Show the ticket method and its surrounding context
sed -n '880,950p' packages/clerk-js/src/core/resources/SignIn.ts
# Verify imports for inBrowser and getClerkQueryParam
rg -nP 'import\s+{\s*inBrowser' -g 'packages/clerk-js/src/core/resources/SignIn.ts'
rg -nP 'import\s+{\s*getClerkQueryParam' -g 'packages/clerk-js/src/core/resources/SignIn.ts'
# Locate implementations to confirm SSR behavior of these helpers
rg -n 'export function inBrowser' -g 'packages/clerk-js/src'
rg -n 'export function getClerkQueryParam' -g 'packages/clerk-js/src'Length of output: 2998
🏁 Script executed:
#!/bin/bash
set -euo pipefail
echo "==== SignIn.ts top imports (lines 1-120) ===="
sed -n '1,120p' packages/clerk-js/src/core/resources/SignIn.ts || true
echo
echo "==== Search for occurrences of getClerkQueryParam ===="
rg -n --hidden --no-ignore "getClerkQueryParam" || true
echo
echo "==== Files containing getClerkQueryParam (show up to 200 lines) ===="
rg -n --hidden --no-ignore "getClerkQueryParam" | cut -d: -f1 | sort -u | while read -r f; do
echo "---- $f ----"
sed -n '1,200p' "$f" || true
done
echo
echo "==== Search for inBrowser implementation/exports ===="
rg -n --hidden --no-ignore "export .*inBrowser|function inBrowser" -S || true
echo
echo "==== Files referencing inBrowser (show up to 200 lines) ===="
rg -n --hidden --no-ignore "inBrowser" | cut -d: -f1 | sort -u | while read -r f; do
echo "---- $f ----"
sed -n '1,200p' "$f" || true
doneLength of output: 113138
SSR guard + empty-ticket validation for signIn.ticket() (apply same to signUp.ticket())
getClerkQueryParam reads window.location.href and will throw during SSR — guard with inBrowser() and throw a clear error when no ticket is provided.
- async ticket(params?: SignInFutureTicketParams): Promise<{ error: unknown }> {
- const ticket = params?.ticket ?? getClerkQueryParam('__clerk_ticket');
- return this.create({ ticket: ticket ?? undefined });
- }
+ async ticket(params?: SignInFutureTicketParams): Promise<{ error: unknown }> {
+ const ticketFromUrl = inBrowser() ? getClerkQueryParam('__clerk_ticket') : null;
+ const ticket = params?.ticket ?? ticketFromUrl ?? undefined;
+ if (!ticket && !inBrowser()) {
+ throw new Error('signIn.ticket() requires a `ticket` param when called outside the browser.');
+ }
+ return this.create({ ticket });
+ }Actions:
- Apply above change to packages/clerk-js/src/core/resources/SignIn.ts (ticket method).
- Apply the same SSR guard + error to packages/clerk-js/src/core/resources/SignUp.ts (ticket method) and add the inBrowser import if missing.
- Add unit tests (Vitest) for each method:
- param provided (returns/create called)
- URL param provided (simulate browser window.search with __clerk_ticket)
- SSR call without param throws
| async ticket(params?: SignUpFutureTicketParams): Promise<{ error: unknown }> { | ||
| const ticket = params?.ticket ?? getClerkQueryParam('__clerk_ticket'); | ||
| return this.create({ ticket: ticket ?? undefined }); | ||
| } |
There was a problem hiding this comment.
SSR safety and pass-through of additional params for signUp.ticket().
- Accessing
windowon the server will throw; guard SSR. - If
SignUpFutureTicketParamsextends AdditionalParams, pass those through tocreate.
- async ticket(params?: SignUpFutureTicketParams): Promise<{ error: unknown }> {
- const ticket = params?.ticket ?? getClerkQueryParam('__clerk_ticket');
- return this.create({ ticket: ticket ?? undefined });
- }
+ async ticket(params?: SignUpFutureTicketParams): Promise<{ error: unknown }> {
+ const ticketFromUrl = inBrowser() ? getClerkQueryParam('__clerk_ticket') : null;
+ const ticket = params?.ticket ?? ticketFromUrl ?? undefined;
+ if (!ticket && !inBrowser()) {
+ throw new Error('signUp.ticket() requires a `ticket` param when called outside the browser.');
+ }
+ const { ticket: _t, ...rest } = params ?? {};
+ return this.create({ ...rest, ticket });
+ }Note: import inBrowser at top if not already present:
+import { inBrowser } from '@clerk/shared/browser';📝 Committable suggestion
‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.
| async ticket(params?: SignUpFutureTicketParams): Promise<{ error: unknown }> { | |
| const ticket = params?.ticket ?? getClerkQueryParam('__clerk_ticket'); | |
| return this.create({ ticket: ticket ?? undefined }); | |
| } | |
| import { inBrowser } from '@clerk/shared/browser'; | |
| async ticket(params?: SignUpFutureTicketParams): Promise<{ error: unknown }> { | |
| const ticketFromUrl = inBrowser() ? getClerkQueryParam('__clerk_ticket') : null; | |
| const ticket = params?.ticket ?? ticketFromUrl ?? undefined; | |
| if (!ticket && !inBrowser()) { | |
| throw new Error('signUp.ticket() requires a `ticket` param when called outside the browser.'); | |
| } | |
| const { ticket: _t, ...rest } = params ?? {}; | |
| return this.create({ ...rest, ticket }); | |
| } |
🤖 Prompt for AI Agents
In packages/clerk-js/src/core/resources/SignUp.ts around lines 778 to 781, the
ticket method currently reads the __clerk_ticket query param unguarded (which
will break SSR by accessing window) and drops any extra fields on
SignUpFutureTicketParams; update it to use inBrowser to read getClerkQueryParam
only in the browser (e.g. const ticket = params?.ticket ?? (inBrowser ?
getClerkQueryParam('__clerk_ticket') : undefined)) and call this.create with the
rest of params passed through (e.g. return this.create({ ...(params as
AdditionalParams), ticket: ticket ?? undefined })) so additional params are
preserved; also add an import for inBrowser at the top if it’s not already
imported.
| * Used to perform a ticket-based sign-up. | ||
| */ | ||
| ticket: (params: SignUpFutureTicketParams) => Promise<{ error: unknown }>; | ||
|
|
There was a problem hiding this comment.
Make params optional to match runtime behavior and URL fallback.
Update the interface to params? and note the __clerk_ticket fallback.
- ticket: (params: SignUpFutureTicketParams) => Promise<{ error: unknown }>;
+ ticket: (params?: SignUpFutureTicketParams) => Promise<{ error: unknown }>;📝 Committable suggestion
‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.
| * Used to perform a ticket-based sign-up. | |
| */ | |
| ticket: (params: SignUpFutureTicketParams) => Promise<{ error: unknown }>; | |
| * Used to perform a ticket-based sign-up. | |
| */ | |
| ticket: (params?: SignUpFutureTicketParams) => Promise<{ error: unknown }>; |
🤖 Prompt for AI Agents
In packages/types/src/signUpFuture.ts around lines 124 to 127, the ticket
method's params parameter should be optional to reflect runtime behavior and the
URL fallback; change the signature to accept params?: SignUpFutureTicketParams
(or params?: SignUpFutureTicketParams | undefined) and update the JSDoc to
mention the __clerk_ticket URL fallback so callers know the param can be
omitted.
There was a problem hiding this comment.
Actionable comments posted: 0
🧹 Nitpick comments (2)
packages/react/src/stateProxy.ts (2)
94-95: Ticket method wired with SSR gating — LGTM; consider grouping with top‑level methods for consistencyMatches existing gateMethod usage. Minor nit: place
ticketalongsidecreate/sso/password/finalize(like SignUp) to keep the API surface coherent.finalize: this.gateMethod(target, 'finalize'), + ticket: this.gateMethod(target, 'ticket'), - emailCode: this.wrapMethods(() => target().emailCode, ['sendCode', 'verifyCode'] as const), + emailCode: this.wrapMethods(() => target().emailCode, ['sendCode', 'verifyCode'] as const), @@ - ] as const), - ticket: this.gateMethod(target, 'ticket'), + ] as const),
161-173: Type tweak: avoid nested Promise in gateMethod with AwaitedSmall typing improvement; keeps external type
Fthe same but makes the inner async signature precise.- return (async (...args: Parameters<F>): Promise<ReturnType<F>> => { + return (async (...args: Parameters<F>): Promise<Awaited<ReturnType<F>>> => {
📜 Review details
Configuration used: Path: .coderabbit.yaml
Review profile: CHILL
Plan: Pro
Disabled knowledge base sources:
- Linear integration is disabled by default for public repositories
You can enable these sources in your CodeRabbit configuration.
📒 Files selected for processing (1)
packages/react/src/stateProxy.ts(2 hunks)
🧰 Additional context used
📓 Path-based instructions (6)
**/*.{js,jsx,ts,tsx}
📄 CodeRabbit inference engine (.cursor/rules/development.mdc)
**/*.{js,jsx,ts,tsx}: All code must pass ESLint checks with the project's configuration
Follow established naming conventions (PascalCase for components, camelCase for variables)
Maintain comprehensive JSDoc comments for public APIs
Use dynamic imports for optional features
All public APIs must be documented with JSDoc
Provide meaningful error messages to developers
Include error recovery suggestions where applicable
Log errors appropriately for debugging
Lazy load components and features when possible
Implement proper caching strategies
Use efficient data structures and algorithms
Profile and optimize critical paths
Validate all inputs and sanitize outputs
Implement proper logging with different levels
Files:
packages/react/src/stateProxy.ts
**/*.{js,jsx,ts,tsx,json,css,scss,md,yaml,yml}
📄 CodeRabbit inference engine (.cursor/rules/development.mdc)
Use Prettier for consistent code formatting
Files:
packages/react/src/stateProxy.ts
packages/**/*.{ts,tsx}
📄 CodeRabbit inference engine (.cursor/rules/development.mdc)
TypeScript is required for all packages
Files:
packages/react/src/stateProxy.ts
packages/**/*.{ts,tsx,d.ts}
📄 CodeRabbit inference engine (.cursor/rules/development.mdc)
Packages should export TypeScript types alongside runtime code
Files:
packages/react/src/stateProxy.ts
**/*.{ts,tsx}
📄 CodeRabbit inference engine (.cursor/rules/development.mdc)
Use proper TypeScript error types
**/*.{ts,tsx}: Always define explicit return types for functions, especially public APIs
Use proper type annotations for variables and parameters where inference isn't clear
Avoidanytype - preferunknownwhen type is uncertain, then narrow with type guards
Useinterfacefor object shapes that might be extended
Usetypefor unions, primitives, and computed types
Preferreadonlyproperties for immutable data structures
Useprivatefor internal implementation details
Useprotectedfor inheritance hierarchies
Usepublicexplicitly for clarity in public APIs
Preferreadonlyfor properties that shouldn't change after construction
Prefer composition and interfaces over deep inheritance chains
Use mixins for shared behavior across unrelated classes
Implement dependency injection for loose coupling
Let TypeScript infer when types are obvious
Useconst assertionsfor literal types:as const
Usesatisfiesoperator for type checking without widening
Use mapped types for transforming object types
Use conditional types for type-level logic
Leverage template literal types for string manipulation
Use ES6 imports/exports consistently
Use default exports sparingly, prefer named exports
Use type-only imports:import type { ... } from ...
Noanytypes without justification
Proper error handling with typed errors
Consistent use ofreadonlyfor immutable data
Proper generic constraints
No unused type parameters
Proper use of utility types instead of manual type construction
Type-only imports where possible
Proper tree-shaking friendly exports
No circular dependencies
Efficient type computations (avoid deep recursion)
Files:
packages/react/src/stateProxy.ts
**/*.{js,ts,tsx,jsx}
📄 CodeRabbit inference engine (.cursor/rules/monorepo.mdc)
Support multiple Clerk environment variables (CLERK_, NEXT_PUBLIC_CLERK_, etc.) for configuration.
Files:
packages/react/src/stateProxy.ts
🔇 Additional comments (2)
packages/react/src/stateProxy.ts (2)
119-125: SignUp.ticket exposure is correctGated consistently with other methods; no issues.
94-95: Types + JSDoc verified — no action requiredSignIn/SignUp future resources include ticket params and ticket() methods with JSDoc (packages/types/src/signInFuture.ts, packages/types/src/signUpFuture.ts); State references SignInFutureResource/SignUpFutureResource in packages/types/src/state.ts.
There was a problem hiding this comment.
Actionable comments posted: 0
♻️ Duplicate comments (1)
packages/types/src/signInFuture.ts (1)
274-276: Great: runtime/types now align with optionalparams.This addresses the earlier mismatch;
params?matches clerk-js behavior. Please extend the JSDoc to mention the__clerk_ticketfallback and precedence when both are present./** - * Used to perform a ticket-based sign-in. + * Used to perform a ticket-based sign-in. + * + * If `params` is omitted or `params.ticket` is absent, the implementation will read the + * `__clerk_ticket` query parameter from `window.location.search` (if available). + * When both are present, `params.ticket` takes precedence. + * + * Example: + * ```ts + * await signIn.ticket(); // reads from ?__clerk_ticket=... + * await signIn.ticket({ ticket: 'tkt_...' }); // explicit ticket + * ``` */ ticket: (params?: SignInFutureTicketParams) => Promise<{ error: unknown }>;
🧹 Nitpick comments (2)
packages/types/src/signInFuture.ts (2)
13-14: Document the newticketfield and clarify precedence.Add JSDoc explaining that
ticketenables ticket-based sign-in viacreate({ ticket }), that it falls back tosignIn.ticket(), and clarify what happens ifticketis combined with other fields.Minimal doc addition:
export interface SignInFutureCreateParams { identifier?: string; strategy?: OAuthStrategy | 'saml' | 'enterprise_sso'; redirectUrl?: string; actionCompleteRedirectUrl?: string; transfer?: boolean; - ticket?: string; + /** + * One-time ticket for ticket-based sign-in. Equivalent to calling `signIn.ticket({ ticket })`. + * If provided, other fields are ignored by the runtime. + */ + ticket?: string; }Optional stronger typing to prevent ambiguous combos:
-export interface SignInFutureCreateParams { - identifier?: string; - strategy?: OAuthStrategy | 'saml' | 'enterprise_sso'; - redirectUrl?: string; - actionCompleteRedirectUrl?: string; - transfer?: boolean; - ticket?: string; -} +export type SignInFutureCreateParams = + | { ticket: string } + | { + identifier?: string; + strategy?: OAuthStrategy | 'saml' | 'enterprise_sso'; + redirectUrl?: string; + actionCompleteRedirectUrl?: string; + transfer?: boolean; + };
114-116: Add JSDoc and considerreadonlyfor params object.Briefly document the param and mark it readonly to align with immutable input guidance.
-export interface SignInFutureTicketParams { - ticket: string; -} +/** + * Parameters for ticket-based sign-in. + */ +export interface SignInFutureTicketParams { + /** One-time ticket value used to authenticate the sign-in. */ + readonly ticket: string; +}
📜 Review details
Configuration used: Path: .coderabbit.yaml
Review profile: CHILL
Plan: Pro
Disabled knowledge base sources:
- Linear integration is disabled by default for public repositories
You can enable these sources in your CodeRabbit configuration.
📒 Files selected for processing (3)
packages/clerk-js/src/core/resources/SignUp.ts(3 hunks)packages/types/src/signInFuture.ts(3 hunks)packages/types/src/signUpFuture.ts(3 hunks)
🚧 Files skipped from review as they are similar to previous changes (2)
- packages/clerk-js/src/core/resources/SignUp.ts
- packages/types/src/signUpFuture.ts
🧰 Additional context used
📓 Path-based instructions (6)
**/*.{js,jsx,ts,tsx}
📄 CodeRabbit inference engine (.cursor/rules/development.mdc)
**/*.{js,jsx,ts,tsx}: All code must pass ESLint checks with the project's configuration
Follow established naming conventions (PascalCase for components, camelCase for variables)
Maintain comprehensive JSDoc comments for public APIs
Use dynamic imports for optional features
All public APIs must be documented with JSDoc
Provide meaningful error messages to developers
Include error recovery suggestions where applicable
Log errors appropriately for debugging
Lazy load components and features when possible
Implement proper caching strategies
Use efficient data structures and algorithms
Profile and optimize critical paths
Validate all inputs and sanitize outputs
Implement proper logging with different levels
Files:
packages/types/src/signInFuture.ts
**/*.{js,jsx,ts,tsx,json,css,scss,md,yaml,yml}
📄 CodeRabbit inference engine (.cursor/rules/development.mdc)
Use Prettier for consistent code formatting
Files:
packages/types/src/signInFuture.ts
packages/**/*.{ts,tsx}
📄 CodeRabbit inference engine (.cursor/rules/development.mdc)
TypeScript is required for all packages
Files:
packages/types/src/signInFuture.ts
packages/**/*.{ts,tsx,d.ts}
📄 CodeRabbit inference engine (.cursor/rules/development.mdc)
Packages should export TypeScript types alongside runtime code
Files:
packages/types/src/signInFuture.ts
**/*.{ts,tsx}
📄 CodeRabbit inference engine (.cursor/rules/development.mdc)
Use proper TypeScript error types
**/*.{ts,tsx}: Always define explicit return types for functions, especially public APIs
Use proper type annotations for variables and parameters where inference isn't clear
Avoidanytype - preferunknownwhen type is uncertain, then narrow with type guards
Useinterfacefor object shapes that might be extended
Usetypefor unions, primitives, and computed types
Preferreadonlyproperties for immutable data structures
Useprivatefor internal implementation details
Useprotectedfor inheritance hierarchies
Usepublicexplicitly for clarity in public APIs
Preferreadonlyfor properties that shouldn't change after construction
Prefer composition and interfaces over deep inheritance chains
Use mixins for shared behavior across unrelated classes
Implement dependency injection for loose coupling
Let TypeScript infer when types are obvious
Useconst assertionsfor literal types:as const
Usesatisfiesoperator for type checking without widening
Use mapped types for transforming object types
Use conditional types for type-level logic
Leverage template literal types for string manipulation
Use ES6 imports/exports consistently
Use default exports sparingly, prefer named exports
Use type-only imports:import type { ... } from ...
Noanytypes without justification
Proper error handling with typed errors
Consistent use ofreadonlyfor immutable data
Proper generic constraints
No unused type parameters
Proper use of utility types instead of manual type construction
Type-only imports where possible
Proper tree-shaking friendly exports
No circular dependencies
Efficient type computations (avoid deep recursion)
Files:
packages/types/src/signInFuture.ts
**/*.{js,ts,tsx,jsx}
📄 CodeRabbit inference engine (.cursor/rules/monorepo.mdc)
Support multiple Clerk environment variables (CLERK_, NEXT_PUBLIC_CLERK_, etc.) for configuration.
Files:
packages/types/src/signInFuture.ts
⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (6)
- GitHub Check: Integration Tests (localhost, chrome)
- GitHub Check: Integration Tests (express, chrome)
- GitHub Check: Static analysis
- GitHub Check: Unit Tests (22, **)
- GitHub Check: semgrep-cloud-platform/scan
- GitHub Check: semgrep-cloud-platform/scan
🔇 Additional comments (2)
packages/types/src/signInFuture.ts (2)
278-283: LGTM on finalize docs/signature.No issues; consistent with existing API surface.
274-276: Verified — ticket(params?) and { ticket } are consistent across surfaces. SignInFuture/SignUpFuture types declare ticket as optional; clerk-js SignIn.ts (async ticket) and SignUp.ts (async ticket) use params?.ticket ?? getClerkQueryParam('__clerk_ticket') and pass ticket into create(); react stateProxy exposes ticket via gateMethod.
Description
This PR adds support for the
signIn.ticket()andsignUp.ticket()methods to our Signal API.Checklist
pnpm testruns as expected.pnpm buildruns as expected.Type of change
Summary by CodeRabbit