v1.4.0 - React Native toolkit and Expo Basic example both complete

v1.4.0 - React Native toolkit and Expo Basic example both complete

What's New

@relaya-chat/react-native is now production-ready with a complete auth model:

• useRelayaAuth rewritten to the AT/RT (access/refresh token) model. Handles OTP sign-in, token refresh, and sign-out. Stores tokens in AsyncStorage via an injected adapter so consumers control the storage implementation.
• useRelayaChat updated to AT/RT model — WebSocket connections attach a fresh access token on each connect attempt; auth failures close the socket cleanly for a re-auth cycle.
• Expo Basic example app (packages/react-native/examples/expo-basic): a runnable demo with sign-in, message list, message composer, and presence bar.

Fixed

• Re-render loop in useRelayaAuth caused by an unstabilised callback reference inside a useEffect dependency array.
• JWT decode path and tsconfig corrections in the Expo Basic example.
• New Architecture (newArchEnabled: true) enabled in Expo Basic app.json to suppress Expo Go warnings.

Documentation

• Server minimum-version requirements added to all three package READMEs.
• React Native package README rewritten to reflect the AT/RT auth model.

v1.3.0 - Fix Auth Session Corruption in Multi-tab Sessions

Fixed

Multi-tab token refresh coordination (@relaya-chat/react)

When several browser tabs are open simultaneously, each tab previously ran its own refresh timer — causing two tabs to call /auth/refresh with the same token at once. One tab would invalidate the other's newly rotated tokens, triggering spurious re-authentication. A localStorage lease now elects a single leader tab to perform each refresh; a BroadcastChannel propagates the new tokens to all other tabs. Falls back to race-aware refresh where BroadcastChannel is unavailable.

Race-aware token refresh (@relaya-chat/react)

clearStoredRefreshTokenIfCurrent() prevents a "losing" tab from wiping a "winning" tab's freshly rotated refresh token. On a 401, the SDK now re-reads localStorage before giving up — if another tab has already succeeded, it retries with the new token rather than ending the session. Authenticated WebSocket connections now call ensureFreshToken() before the upgrade, preventing a stuck reconnect loop caused by sending an expired access token on the initial WS handshake.

Scroll-to-bottom reliability (@relaya-chat/react)

Removed scroll-behavior: smooth from the message list container and the isProgrammaticScrollRef / 500 ms suppression workaround. The initial jump to the bottom is now instant; smooth scrolling is preserved for new messages arriving while the view is already at the bottom. Resolves the ↓ button vanishing in active chats.

v1.2.0 — Expanded Theming, Dark Mode, Space Display Name & Guest Count

What's New

Dark mode support — theme prop (@relaya-chat/react)

Pass theme="light" or theme="dark" to <RelayaChat> to override auto-detection
from prefers-color-scheme. Wire it to your app's theme context to stay in sync:

// e.g. next-themes
<RelayaChat theme={resolvedTheme as 'light' | 'dark'} ... />

Expanded theming API — headerIconColor / --sp-header-icon-color (@relaya-chat/react)

The SpaceTheme interface gains optional headerIconColor, surfaced as the
--sp-header-icon-color CSS custom property. Controls icon/button tint in the header
bar. Defaults to white (suitable for dark headers); set to a dark value for light
titleBg backgrounds:

const myTheme: SpaceTheme = {
  ...DEFAULT_THEME,
  titleBg: '#f0f0f0',
  headerIconColor: '#333333',
};

Configurable space display name — SpaceHeaderNameAdmin (@relaya-chat/react)

New admin component, exported from @relaya-chat/react/admin. Admins can set a
cosmetic override for the name shown in the chat header bar — independent of the
space slug and billing records. Leaving it blank reverts to the official space name.

Anonymous guest count in the user list (@relaya-chat/react)

UserListModal now shows a "N guests" row for non-authenticated listeners. The
header count includes both named users and anonymous guests in the total.

Fixed

Reliable initial scroll-to-bottom (@relaya-chat/react)

First load now uses double requestAnimationFrame + behavior: 'instant'. Prevents
the scroll-to-bottom button appearing spuriously before layout is finalised — most
noticeable in iframe embed contexts where parent-page layout delays dimension calc.

For Integrators — New: PRIVACY.md

@relaya-chat/react now ships PRIVACY.md (also at
node_modules/@relaya-chat/react/PRIVACY.md in your install). It describes what
user data Relaya collects on your behalf: email (OTP sign-in), display name,
messages, avatar, and IP address for abuse/geo enforcement (not stored per message).
Browser storage: a localStorage refresh token only — no cookies, no third-party
tracking. Includes a ready-to-adapt paragraph for your own privacy policy.

Informational, not legal advice. You are the data controller; Relaya is the
data processor.

v1.1.4 - CSS Scoping and WebSocket Stability

Fixed

• @relaya-chat/react — CSS resets are now scoped to .relaya-root to prevent styles from leaking into the host application.
• @relaya-chat/react — WebSocket disconnect on tab hide is now delayed to reduce spurious connect/disconnect churn when users briefly switch tabs.

---

Packages updated: @relaya-chat/core, @relaya-chat/react, @relaya-chat/react-native → 1.1.4

v1.1.3 - React 19 ref type fix

React 19 ref type compatibility fix for StickerPickerDialog.

v1.1.2 - OTP UX, type declarations, OIDC publish

What's Fixed

• OTP entry UX (@relaya-chat/react) — The login code entry screen now suggests checking the spam folder when the code doesn't arrive.
• Type declarations in build (@relaya-chat/react) — .d.ts files are now correctly generated and included in the published package output, fixing TypeScript consumers who were missing type information.

What's Changed

• npm publish workflow — Switched to OIDC Trusted Publishing; no long-lived npm token required.

v1.1.1 - Cross-origin avatar settings fix

What's Fixed

@relaya-chat/react — Avatar settings (gravatar gallery fetch + avatar preference PATCH) now use serverUrl as the request base. Previously these used hardcoded relative paths in MessageItem and GravatarStyleModal, silently failing for all cross-origin SDK embedders.

Affected endpoints

• GET /api/chat/:slug/me/gravatar/gallery — Gravatar photo gallery
• PATCH /api/chat/:slug/me/avatar/preference — Set default Gravatar, use initials, or select gallery photo

Packages updated

• @relaya-chat/core@1.1.1
• @relaya-chat/react@1.1.1
• @relaya-chat/react-native@1.1.1

v1.1.0 - Cross-Origin REST Routing and Auth Fixes

What's Changed

Fixed

• Cross-origin REST routing — All REST API calls (messages, stickers, sounds, moderation, geo restrictions, auth, exports) now correctly route to serverUrl when set. Previously, 13 hooks and components used a hard-coded same-origin base URL, causing 404s when <RelayaChat> was embedded in a third-party host app. RelayaServerContext now distributes serverUrl through the React tree automatically.

• Cross-origin auth popup — The login popup URL was built from window.location.origin (the host app's domain) instead of serverUrl's origin. For cross-origin embedders, this opened the popup on a domain with no auth route, breaking login entirely. The postMessage origin check had the same problem. Both are fixed: they now use new URL(serverUrl).origin when serverUrl is set.

• Font-face CSS warning — Removed a broken @font-face declaration that referenced a missing asset and generated a console warning on every load.

Changed

• buildWsUrl() JSDoc now explicitly notes this helper is for same-origin / iframe use only. Cross-origin SDK consumers should derive their WebSocket URL from serverUrl (replace https:// with wss://).

Removed

• API_BASE_URL constant removed from config.ts — it was always "" and became dead code after the cross-origin REST routing fix.

Documentation

• CHANGELOG.md created with entries for all releases.
• serverUrl prop documentation clarifies it covers both REST and WebSocket connections; Troubleshooting section added for cross-origin 404 errors.
• Added @relaya-chat/react-native package README.
• Corrected prop name typos in root README Quick Start examples.

Upgrade Notes

If you are embedding <RelayaChat serverUrl="https://api.relaya.chat" spaceSlug="your-space" /> in a third-party React app, upgrade to v1.1.0 immediately — previous versions silently routed all REST calls and the auth popup to the host app's origin, resulting in 404 errors and broken login.

No API changes — this is a drop-in upgrade.

v1.0.1 - React 19 type compatibility

Patch release with React 19 type compatibility fixes.

• @relaya-chat/react@1.0.1 — Fixed null-guard and RefObject<T|null> types for React 18/19 compatibility in useRelayaAuth and StickerPickerDialog
• @relaya-chat/core@1.0.0 — Unchanged

v1.0.0 - Initial public release

Initial public release of the Relaya Chat SDK.

• @relaya-chat/core@1.0.0 — Core WebSocket client, auth, and shared types
• @relaya-chat/react@1.0.0 — React component library for embedding Relaya Chat

Both packages extracted from the private batsonjay/relaya monorepo and published under the @relaya-chat npm scope with MIT license.