feat(clerk-js): Hide passkeys section when enterprise account disables additional identifications #6585
Conversation
🦋 Changeset detectedLatest commit: 25b0ce8 The changes in this PR will be included in the next version bump. This PR includes changesets to release 3 packages
Not sure what this means? Click here to learn what changesets are. Click here if you're a maintainer who wants to add another changeset to this PR |
|
The latest updates on your projects. Learn more about Vercel for GitHub.
|
NicolasLopes7
changed the title
📝 WalkthroughWalkthroughAdds a changeset for a patch release. Introduces shouldAllowIdentificationCreation on the UserProfile context (exported on UserProfileContextType), computed from enterprise SSO settings and enterprise accounts. SecurityPage now requires shouldAllowIdentificationCreation in addition to attributes.passkey?.enabled to display the Passkeys section. AccountPage reads shouldAllowIdentificationCreation from context and forwards it to EmailsSection, PhoneSection, ConnectedAccountsSection, and Web3Section. Tests updated: passkey fixture no longer includes credential_id and new tests cover passkeys visibility for enterprise and non-enterprise scenarios. bundlewatch maxSize thresholds updated. Estimated code review effort🎯 3 (Moderate) | ⏱️ ~25 minutes 🪧 TipsChatThere are 3 ways to chat with CodeRabbit:
SupportNeed help? Create a ticket on our support page for assistance with any issues or questions. CodeRabbit Commands (Invoked using PR/Issue comments)Type Other keywords and placeholders
CodeRabbit Configuration File (
|
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
There was a problem hiding this comment.
Actionable comments posted: 1
🧹 Nitpick comments (3)
packages/clerk-js/src/ui/components/UserProfile/PasskeySection.tsx (1)
90-90: Add explicit props and return type for the public component.Small type clarity improvement; keeps API intent clear and satisfies our TS guidelines on explicit return types for public exports.
Apply this diff:
-export const PasskeySection = ({ shouldAllowCreation = true }: { shouldAllowCreation?: boolean }) => { +export const PasskeySection = ({ shouldAllowCreation = true }: PasskeySectionProps): JSX.Element | null => {And add this near the top-level exports in the file:
export type PasskeySectionProps = { readonly shouldAllowCreation?: boolean; };packages/clerk-js/src/ui/components/UserProfile/SecurityPage.tsx (2)
24-25: Coerce to a boolean for clarity.Make the intent explicit; avoids a truthy UserResource value flowing through this flag.
-const showEnterpriseAccounts = user && enterpriseSSO.enabled; +const showEnterpriseAccounts = !!user && enterpriseSSO.enabled;
26-31: Logic reads well; optional defensive tweak for robustness.The “deny if any active enterprise account disables additional identifications” logic is correct. If there’s any risk of enterpriseAccounts being undefined, consider optional chaining to avoid edge-case runtime errors (fixture builders likely normalize this already).
- !user.enterpriseAccounts.some( + !user?.enterpriseAccounts?.some( enterpriseAccount => enterpriseAccount.active && enterpriseAccount.enterpriseConnection?.disableAdditionalIdentifications, );Alternatively, for readability:
const hasEnterpriseRestriction = !!user && enterpriseSSO.enabled && (user.enterpriseAccounts ?? []).some( ea => ea.active && ea.enterpriseConnection?.disableAdditionalIdentifications, ); const shouldAllowIdentificationCreation = !hasEnterpriseRestriction;
📜 Review details
Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro
💡 Knowledge Base configuration:
- MCP integration is disabled by default for public repositories
- Jira integration is disabled
- Linear integration is disabled by default for public repositories
You can enable these sources in your CodeRabbit configuration.
📒 Files selected for processing (4)
.changeset/rotten-baths-wish.md(1 hunks)packages/clerk-js/src/ui/components/UserProfile/PasskeySection.tsx(1 hunks)packages/clerk-js/src/ui/components/UserProfile/SecurityPage.tsx(2 hunks)packages/clerk-js/src/ui/components/UserProfile/__tests__/SecurityPage.test.tsx(1 hunks)
🧰 Additional context used
📓 Path-based instructions (15)
packages/clerk-js/src/ui/**/*.{ts,tsx}
📄 CodeRabbit Inference Engine (.cursor/rules/clerk-js-ui.mdc)
packages/clerk-js/src/ui/**/*.{ts,tsx}: Element descriptors should always be camelCase
Use element descriptors in UI components to enable consistent theming and styling via appearance.elements
Element descriptors should generate unique, stable CSS classes for theming
Element descriptors should handle state classes (e.g., cl-loading, cl-active, cl-error, cl-open) automatically based on component state
Do not render hard-coded values; all user-facing strings must be localized using provided localization methods
Use the useLocalizations hook and localizationKeys utility for all text and error messages
Use the styled system (sx prop, theme tokens, responsive values) for custom component styling
Use useCardState for card-level state, useFormState for form-level state, and useLoadingStatus for loading states
Always use handleError utility for API errors and use translateError for localized error messages
Use useFormControl for form field state, implement proper validation, and handle loading and error states in forms
Use localization keys for all form labels and placeholders
Use element descriptors for consistent styling and follow the theme token system
Use the Card and FormContainer patterns for consistent UI structure
Files:
packages/clerk-js/src/ui/components/UserProfile/PasskeySection.tsxpackages/clerk-js/src/ui/components/UserProfile/__tests__/SecurityPage.test.tsxpackages/clerk-js/src/ui/components/UserProfile/SecurityPage.tsx
**/*.{js,jsx,ts,tsx}
📄 CodeRabbit Inference Engine (.cursor/rules/development.mdc)
**/*.{js,jsx,ts,tsx}: All code must pass ESLint checks with the project's configuration
Follow established naming conventions (PascalCase for components, camelCase for variables)
Maintain comprehensive JSDoc comments for public APIs
Use dynamic imports for optional features
All public APIs must be documented with JSDoc
Provide meaningful error messages to developers
Include error recovery suggestions where applicable
Log errors appropriately for debugging
Lazy load components and features when possible
Implement proper caching strategies
Use efficient data structures and algorithms
Profile and optimize critical paths
Validate all inputs and sanitize outputs
Implement proper logging with different levels
Files:
packages/clerk-js/src/ui/components/UserProfile/PasskeySection.tsxpackages/clerk-js/src/ui/components/UserProfile/__tests__/SecurityPage.test.tsxpackages/clerk-js/src/ui/components/UserProfile/SecurityPage.tsx
**/*.{js,jsx,ts,tsx,json,css,scss,md,yaml,yml}
📄 CodeRabbit Inference Engine (.cursor/rules/development.mdc)
Use Prettier for consistent code formatting
Files:
packages/clerk-js/src/ui/components/UserProfile/PasskeySection.tsxpackages/clerk-js/src/ui/components/UserProfile/__tests__/SecurityPage.test.tsxpackages/clerk-js/src/ui/components/UserProfile/SecurityPage.tsx
packages/**/*.{ts,tsx}
📄 CodeRabbit Inference Engine (.cursor/rules/development.mdc)
TypeScript is required for all packages
Files:
packages/clerk-js/src/ui/components/UserProfile/PasskeySection.tsxpackages/clerk-js/src/ui/components/UserProfile/__tests__/SecurityPage.test.tsxpackages/clerk-js/src/ui/components/UserProfile/SecurityPage.tsx
packages/**/*.{ts,tsx,d.ts}
📄 CodeRabbit Inference Engine (.cursor/rules/development.mdc)
Packages should export TypeScript types alongside runtime code
Files:
packages/clerk-js/src/ui/components/UserProfile/PasskeySection.tsxpackages/clerk-js/src/ui/components/UserProfile/__tests__/SecurityPage.test.tsxpackages/clerk-js/src/ui/components/UserProfile/SecurityPage.tsx
**/*.{ts,tsx}
📄 CodeRabbit Inference Engine (.cursor/rules/development.mdc)
Use proper TypeScript error types
**/*.{ts,tsx}: Always define explicit return types for functions, especially public APIs
Use proper type annotations for variables and parameters where inference isn't clear
Avoidanytype - preferunknownwhen type is uncertain, then narrow with type guards
Useinterfacefor object shapes that might be extended
Usetypefor unions, primitives, and computed types
Preferreadonlyproperties for immutable data structures
Useprivatefor internal implementation details
Useprotectedfor inheritance hierarchies
Usepublicexplicitly for clarity in public APIs
Preferreadonlyfor properties that shouldn't change after construction
Prefer composition and interfaces over deep inheritance chains
Use mixins for shared behavior across unrelated classes
Implement dependency injection for loose coupling
Let TypeScript infer when types are obvious
Useconst assertionsfor literal types:as const
Usesatisfiesoperator for type checking without widening
Use mapped types for transforming object types
Use conditional types for type-level logic
Leverage template literal types for string manipulation
Use ES6 imports/exports consistently
Use default exports sparingly, prefer named exports
Use type-only imports:import type { ... } from ...
Noanytypes without justification
Proper error handling with typed errors
Consistent use ofreadonlyfor immutable data
Proper generic constraints
No unused type parameters
Proper use of utility types instead of manual type construction
Type-only imports where possible
Proper tree-shaking friendly exports
No circular dependencies
Efficient type computations (avoid deep recursion)
Files:
packages/clerk-js/src/ui/components/UserProfile/PasskeySection.tsxpackages/clerk-js/src/ui/components/UserProfile/__tests__/SecurityPage.test.tsxpackages/clerk-js/src/ui/components/UserProfile/SecurityPage.tsx
**/*.{jsx,tsx}
📄 CodeRabbit Inference Engine (.cursor/rules/development.mdc)
**/*.{jsx,tsx}: Use error boundaries in React components
Minimize re-renders in React components
**/*.{jsx,tsx}: Always use functional components with hooks instead of class components
Follow PascalCase naming for components:UserProfile,NavigationMenu
Keep components focused on a single responsibility - split large components
Limit component size to 150-200 lines; extract logic into custom hooks
Use composition over inheritance - prefer smaller, composable components
Export components as named exports for better tree-shaking
One component per file with matching filename and component name
Use useState for simple state management
Use useReducer for complex state logic
Implement proper state initialization
Use proper state updates with callbacks
Implement proper state cleanup
Use Context API for theme/authentication
Implement proper state selectors
Use proper state normalization
Implement proper state persistence
Use React.memo for expensive components
Implement proper useCallback for handlers
Use proper useMemo for expensive computations
Implement proper virtualization for lists
Use proper code splitting with React.lazy
Implement proper cleanup in useEffect
Use proper refs for DOM access
Implement proper event listener cleanup
Use proper abort controllers for fetch
Implement proper subscription cleanup
Use proper HTML elements
Implement proper ARIA attributes
Use proper heading hierarchy
Implement proper form labels
Use proper button types
Implement proper focus management
Use proper keyboard shortcuts
Implement proper tab order
Use proper skip links
Implement proper focus traps
Implement proper error boundaries
Use proper error logging
Implement proper error recovery
Use proper error messages
Implement proper error fallbacks
Use proper form validation
Implement proper error states
Use proper error messages
Implement proper form submission
Use proper form reset
Use proper component naming
Implement proper file naming
Use proper prop naming
Implement proper...
Files:
packages/clerk-js/src/ui/components/UserProfile/PasskeySection.tsxpackages/clerk-js/src/ui/components/UserProfile/__tests__/SecurityPage.test.tsxpackages/clerk-js/src/ui/components/UserProfile/SecurityPage.tsx
**/*.{js,ts,tsx,jsx}
📄 CodeRabbit Inference Engine (.cursor/rules/monorepo.mdc)
Support multiple Clerk environment variables (CLERK_, NEXT_PUBLIC_CLERK_, etc.) for configuration.
Files:
packages/clerk-js/src/ui/components/UserProfile/PasskeySection.tsxpackages/clerk-js/src/ui/components/UserProfile/__tests__/SecurityPage.test.tsxpackages/clerk-js/src/ui/components/UserProfile/SecurityPage.tsx
**/*.tsx
📄 CodeRabbit Inference Engine (.cursor/rules/react.mdc)
**/*.tsx: Use proper type definitions for props and state
Leverage TypeScript's type inference where possible
Use proper event types for handlers
Implement proper generic types for reusable components
Use proper type guards for conditional rendering
Files:
packages/clerk-js/src/ui/components/UserProfile/PasskeySection.tsxpackages/clerk-js/src/ui/components/UserProfile/__tests__/SecurityPage.test.tsxpackages/clerk-js/src/ui/components/UserProfile/SecurityPage.tsx
**/*
⚙️ CodeRabbit Configuration File
If there are no tests added or modified as part of the PR, please suggest that tests be added to cover the changes.
Files:
packages/clerk-js/src/ui/components/UserProfile/PasskeySection.tsxpackages/clerk-js/src/ui/components/UserProfile/__tests__/SecurityPage.test.tsxpackages/clerk-js/src/ui/components/UserProfile/SecurityPage.tsx
.changeset/**
📄 CodeRabbit Inference Engine (.cursor/rules/monorepo.mdc)
Automated releases must use Changesets.
Files:
.changeset/rotten-baths-wish.md
packages/**/*.{test,spec}.{js,jsx,ts,tsx}
📄 CodeRabbit Inference Engine (.cursor/rules/monorepo.mdc)
Unit tests should use Jest or Vitest as the test runner.
Files:
packages/clerk-js/src/ui/components/UserProfile/__tests__/SecurityPage.test.tsx
packages/{clerk-js,elements,themes}/**/*.{test,spec}.{js,jsx,ts,tsx}
📄 CodeRabbit Inference Engine (.cursor/rules/monorepo.mdc)
Visual regression testing should be performed for UI components.
Files:
packages/clerk-js/src/ui/components/UserProfile/__tests__/SecurityPage.test.tsx
**/*.test.{jsx,tsx}
📄 CodeRabbit Inference Engine (.cursor/rules/react.mdc)
**/*.test.{jsx,tsx}: Use React Testing Library
Test component behavior, not implementation
Use proper test queries
Implement proper test isolation
Use proper test coverage
Test component interactions
Use proper test data
Implement proper test setup
Use proper test cleanup
Implement proper test assertions
Use proper test structure
Files:
packages/clerk-js/src/ui/components/UserProfile/__tests__/SecurityPage.test.tsx
**/__tests__/**/*.{ts,tsx}
📄 CodeRabbit Inference Engine (.cursor/rules/typescript.mdc)
**/__tests__/**/*.{ts,tsx}: Create type-safe test builders/factories
Use branded types for test isolation
Implement proper mock types that match interfaces
Files:
packages/clerk-js/src/ui/components/UserProfile/__tests__/SecurityPage.test.tsx
🧬 Code Graph Analysis (2)
packages/clerk-js/src/ui/components/UserProfile/__tests__/SecurityPage.test.tsx (1)
packages/clerk-js/src/ui/components/UserProfile/SecurityPage.tsx (1)
SecurityPage(16-58)
packages/clerk-js/src/ui/components/UserProfile/SecurityPage.tsx (2)
packages/clerk-js/src/ui/components/UserProfile/utils.ts (1)
getSecondFactors(19-29)packages/clerk-js/src/ui/components/UserProfile/PasskeySection.tsx (1)
PasskeySection(90-138)
🪛 LanguageTool
.changeset/rotten-baths-wish.md
[grammar] ~5-~5: There might be a mistake here.
Context: ...s': major --- Hide add passkeys button when user have an enteprise account with dis...
(QB_NEW_EN)
[grammar] ~5-~5: Ensure spelling is correct
Context: ...e add passkeys button when user have an enteprise account with disable additional identif...
(QB_NEW_EN_ORTHOGRAPHY_ERROR_IDS_1)
[grammar] ~5-~5: There might be a mistake here.
Context: ...ount with disable additional identifiers
(QB_NEW_EN)
🔇 Additional comments (6)
packages/clerk-js/src/ui/components/UserProfile/PasskeySection.tsx (1)
94-96: LGTM: Section visibility now correctly gated.Returning null when there is no user or when creation isn’t allowed matches the product requirement to hide the Passkeys section under enterprise restrictions (as exercised by the updated tests).
packages/clerk-js/src/ui/components/UserProfile/SecurityPage.tsx (2)
17-17: LGTM: Pulling enterpriseSSO from userSettings is appropriate.This follows the existing pattern in the page for deriving feature visibility.
51-51: LGTM: New prop correctly plumbed to PasskeySection.Keeps existing showPasskey gating, while adding the enterprise restriction gate.
packages/clerk-js/src/ui/components/UserProfile/__tests__/SecurityPage.test.tsx (3)
87-159: Good: Positive-path coverage with active enterprise connection.Verifies that the Passkeys section and items render when passkeys are enabled and enterprise does not disable additional identifications. Solid fixture setup and assertions.
161-231: Good: Negative-path coverage when enterprise disables additional identifications.Confirms the Passkeys section is hidden end-to-end under the restriction. Matches the intended behavior from the implementation.
234-273: Good: Coverage without enterprise connection.Asserts both visibility when enabled and absence when not enabled. This completes the matrix for the new gating logic.
@clerk/agent-toolkit
@clerk/astro
@clerk/backend
@clerk/chrome-extension
@clerk/clerk-js
@clerk/dev-cli
@clerk/elements
@clerk/clerk-expo
@clerk/expo-passkeys
@clerk/express
@clerk/fastify
@clerk/localizations
@clerk/nextjs
@clerk/nuxt
@clerk/clerk-react
@clerk/react-router
@clerk/remix
@clerk/shared
@clerk/tanstack-react-start
@clerk/testing
@clerk/themes
@clerk/types
@clerk/upgrade
@clerk/vue
commit: |
There was a problem hiding this comment.
Actionable comments posted: 1
♻️ Duplicate comments (1)
.changeset/rotten-baths-wish.md (1)
5-5: Fix wording, spelling, and reflect actual behavior (hide Passkeys section, not just the button).Aligns with the implementation that hides the entire section when the enterprise connection disables additional identifications.
Apply this diff:
-Hide add passkeys button when user have an enteprise account with disable additional identifiers +Hide the Passkeys section when the user has an active enterprise connection that disables additional identifications + +BREAKING: Remove `credential_id` from the public Passkey type
📜 Review details
Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro
💡 Knowledge Base configuration:
- MCP integration is disabled by default for public repositories
- Jira integration is disabled
- Linear integration is disabled by default for public repositories
You can enable these sources in your CodeRabbit configuration.
📒 Files selected for processing (1)
.changeset/rotten-baths-wish.md(1 hunks)
🧰 Additional context used
📓 Path-based instructions (1)
.changeset/**
📄 CodeRabbit Inference Engine (.cursor/rules/monorepo.mdc)
Automated releases must use Changesets.
Files:
.changeset/rotten-baths-wish.md
🪛 LanguageTool
.changeset/rotten-baths-wish.md
[grammar] ~5-~5: There might be a mistake here.
Context: ...js': bump --- Hide add passkeys button when user have an enteprise account with dis...
(QB_NEW_EN)
[grammar] ~5-~5: Ensure spelling is correct
Context: ...e add passkeys button when user have an enteprise account with disable additional identif...
(QB_NEW_EN_ORTHOGRAPHY_ERROR_IDS_1)
[grammar] ~5-~5: There might be a mistake here.
Context: ...ount with disable additional identifiers
(QB_NEW_EN)
⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (6)
- GitHub Check: Build Packages
- GitHub Check: Formatting | Dedupe | Changeset
- GitHub Check: semgrep/ci
- GitHub Check: Analyze (javascript-typescript)
- GitHub Check: semgrep-cloud-platform/scan
- GitHub Check: semgrep-cloud-platform/scan
| const showDelete = user?.deleteSelfEnabled; | ||
| const showEnterpriseAccounts = user && enterpriseSSO.enabled; | ||
|
|
||
| const shouldAllowIdentificationCreation = |
There was a problem hiding this comment.
We should pass this logic of shouldAllowIdentificationCreation to the user profile context (useUserProfileContext) in order to not keep repeating in every single inner page/component.
panteliselef
left a comment
panteliselef
left a comment
There was a problem hiding this comment.
The changeset does not match the changes.
| <Card.Alert>{card.error}</Card.Alert> | ||
| {showPassword && <PasswordSection />} | ||
| {showPasskey && <PasskeySection />} | ||
| {showPasskey && <PasskeySection shouldAllowCreation={shouldAllowIdentificationCreation} />} |
There was a problem hiding this comment.
If in the case of shouldAllowIdentificationCreation being false, we don't want to list existing passkeys, I think it is better to do const showPasskey = attributes.passkey?.enabled && shouldAllowIdentificationCreation and drop the additional prop.
The current solution hides the entire section, but the changeset suggests that only the button should be hidden.
NicolasLopes7
force-pushed
the
nicolas/fix-passkeys-with-disable-additional-identifiers
branch
from
16a7ce5 to
1445031
Compare
There was a problem hiding this comment.
Actionable comments posted: 0
♻️ Duplicate comments (1)
.changeset/rotten-baths-wish.md (1)
5-5: Clarify and correct the changeset wording; align to behavior and property naming.Prefer “active enterprise connection” and “identifications” to match the code (disableAdditionalIdentifications) and actual behavior (hide the entire Passkeys section).
Apply this diff:
-Hide passkeys section when user has an enterprise account with the disable additional identifiers setting enabled +Hide the Passkeys section when the user has an active enterprise connection that disables additional identifications
🧹 Nitpick comments (2)
packages/clerk-js/src/ui/contexts/components/UserProfile.ts (2)
23-24: Document the new context field for clarity.Add a short JSDoc so downstream consumers understand the semantics.
Apply this diff:
export type UserProfileContextType = UserProfileCtx & { queryParams: ParsedQueryString; authQueryString: string | null; pages: PagesType; + /** + * Whether the UI should allow creating new identifications (email, phone, passkeys, web3) + * for the current user, based on enterprise SSO settings and active enterprise connections. + */ shouldAllowIdentificationCreation: boolean; };
45-57: Simplify boolean logic for shouldAllowIdentificationCreation.Early returns improve readability and avoid truthy object-to-boolean coercion.
Apply this diff:
- const shouldAllowIdentificationCreation = useMemo(() => { - const { enterpriseSSO } = environment.userSettings; - const showEnterpriseAccounts = user && enterpriseSSO.enabled; - - return ( - !showEnterpriseAccounts || - !user?.enterpriseAccounts.some( - enterpriseAccount => - enterpriseAccount.active && enterpriseAccount.enterpriseConnection?.disableAdditionalIdentifications, - ) - ); - }, [user, environment.userSettings.enterpriseSSO]); + const shouldAllowIdentificationCreation = useMemo(() => { + const { enterpriseSSO } = environment.userSettings; + if (!user || !enterpriseSSO.enabled) { + return true; + } + return !user.enterpriseAccounts.some( + ea => ea.active && ea.enterpriseConnection?.disableAdditionalIdentifications, + ); + }, [user, environment.userSettings.enterpriseSSO]);
📜 Review details
Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro
💡 Knowledge Base configuration:
- MCP integration is disabled by default for public repositories
- Jira integration is disabled
- Linear integration is disabled by default for public repositories
You can enable these sources in your CodeRabbit configuration.
📒 Files selected for processing (4)
.changeset/rotten-baths-wish.md(1 hunks)packages/clerk-js/src/ui/components/UserProfile/AccountPage.tsx(2 hunks)packages/clerk-js/src/ui/components/UserProfile/SecurityPage.tsx(2 hunks)packages/clerk-js/src/ui/contexts/components/UserProfile.ts(4 hunks)
🧰 Additional context used
📓 Path-based instructions (11)
packages/clerk-js/src/ui/**/*.{ts,tsx}
📄 CodeRabbit Inference Engine (.cursor/rules/clerk-js-ui.mdc)
packages/clerk-js/src/ui/**/*.{ts,tsx}: Element descriptors should always be camelCase
Use element descriptors in UI components to enable consistent theming and styling via appearance.elements
Element descriptors should generate unique, stable CSS classes for theming
Element descriptors should handle state classes (e.g., cl-loading, cl-active, cl-error, cl-open) automatically based on component state
Do not render hard-coded values; all user-facing strings must be localized using provided localization methods
Use the useLocalizations hook and localizationKeys utility for all text and error messages
Use the styled system (sx prop, theme tokens, responsive values) for custom component styling
Use useCardState for card-level state, useFormState for form-level state, and useLoadingStatus for loading states
Always use handleError utility for API errors and use translateError for localized error messages
Use useFormControl for form field state, implement proper validation, and handle loading and error states in forms
Use localization keys for all form labels and placeholders
Use element descriptors for consistent styling and follow the theme token system
Use the Card and FormContainer patterns for consistent UI structure
Files:
packages/clerk-js/src/ui/components/UserProfile/AccountPage.tsxpackages/clerk-js/src/ui/components/UserProfile/SecurityPage.tsxpackages/clerk-js/src/ui/contexts/components/UserProfile.ts
**/*.{js,jsx,ts,tsx}
📄 CodeRabbit Inference Engine (.cursor/rules/development.mdc)
**/*.{js,jsx,ts,tsx}: All code must pass ESLint checks with the project's configuration
Follow established naming conventions (PascalCase for components, camelCase for variables)
Maintain comprehensive JSDoc comments for public APIs
Use dynamic imports for optional features
All public APIs must be documented with JSDoc
Provide meaningful error messages to developers
Include error recovery suggestions where applicable
Log errors appropriately for debugging
Lazy load components and features when possible
Implement proper caching strategies
Use efficient data structures and algorithms
Profile and optimize critical paths
Validate all inputs and sanitize outputs
Implement proper logging with different levels
Files:
packages/clerk-js/src/ui/components/UserProfile/AccountPage.tsxpackages/clerk-js/src/ui/components/UserProfile/SecurityPage.tsxpackages/clerk-js/src/ui/contexts/components/UserProfile.ts
**/*.{js,jsx,ts,tsx,json,css,scss,md,yaml,yml}
📄 CodeRabbit Inference Engine (.cursor/rules/development.mdc)
Use Prettier for consistent code formatting
Files:
packages/clerk-js/src/ui/components/UserProfile/AccountPage.tsxpackages/clerk-js/src/ui/components/UserProfile/SecurityPage.tsxpackages/clerk-js/src/ui/contexts/components/UserProfile.ts
packages/**/*.{ts,tsx}
📄 CodeRabbit Inference Engine (.cursor/rules/development.mdc)
TypeScript is required for all packages
Files:
packages/clerk-js/src/ui/components/UserProfile/AccountPage.tsxpackages/clerk-js/src/ui/components/UserProfile/SecurityPage.tsxpackages/clerk-js/src/ui/contexts/components/UserProfile.ts
packages/**/*.{ts,tsx,d.ts}
📄 CodeRabbit Inference Engine (.cursor/rules/development.mdc)
Packages should export TypeScript types alongside runtime code
Files:
packages/clerk-js/src/ui/components/UserProfile/AccountPage.tsxpackages/clerk-js/src/ui/components/UserProfile/SecurityPage.tsxpackages/clerk-js/src/ui/contexts/components/UserProfile.ts
**/*.{ts,tsx}
📄 CodeRabbit Inference Engine (.cursor/rules/development.mdc)
Use proper TypeScript error types
**/*.{ts,tsx}: Always define explicit return types for functions, especially public APIs
Use proper type annotations for variables and parameters where inference isn't clear
Avoidanytype - preferunknownwhen type is uncertain, then narrow with type guards
Useinterfacefor object shapes that might be extended
Usetypefor unions, primitives, and computed types
Preferreadonlyproperties for immutable data structures
Useprivatefor internal implementation details
Useprotectedfor inheritance hierarchies
Usepublicexplicitly for clarity in public APIs
Preferreadonlyfor properties that shouldn't change after construction
Prefer composition and interfaces over deep inheritance chains
Use mixins for shared behavior across unrelated classes
Implement dependency injection for loose coupling
Let TypeScript infer when types are obvious
Useconst assertionsfor literal types:as const
Usesatisfiesoperator for type checking without widening
Use mapped types for transforming object types
Use conditional types for type-level logic
Leverage template literal types for string manipulation
Use ES6 imports/exports consistently
Use default exports sparingly, prefer named exports
Use type-only imports:import type { ... } from ...
Noanytypes without justification
Proper error handling with typed errors
Consistent use ofreadonlyfor immutable data
Proper generic constraints
No unused type parameters
Proper use of utility types instead of manual type construction
Type-only imports where possible
Proper tree-shaking friendly exports
No circular dependencies
Efficient type computations (avoid deep recursion)
Files:
packages/clerk-js/src/ui/components/UserProfile/AccountPage.tsxpackages/clerk-js/src/ui/components/UserProfile/SecurityPage.tsxpackages/clerk-js/src/ui/contexts/components/UserProfile.ts
**/*.{jsx,tsx}
📄 CodeRabbit Inference Engine (.cursor/rules/development.mdc)
**/*.{jsx,tsx}: Use error boundaries in React components
Minimize re-renders in React components
**/*.{jsx,tsx}: Always use functional components with hooks instead of class components
Follow PascalCase naming for components:UserProfile,NavigationMenu
Keep components focused on a single responsibility - split large components
Limit component size to 150-200 lines; extract logic into custom hooks
Use composition over inheritance - prefer smaller, composable components
Export components as named exports for better tree-shaking
One component per file with matching filename and component name
Use useState for simple state management
Use useReducer for complex state logic
Implement proper state initialization
Use proper state updates with callbacks
Implement proper state cleanup
Use Context API for theme/authentication
Implement proper state selectors
Use proper state normalization
Implement proper state persistence
Use React.memo for expensive components
Implement proper useCallback for handlers
Use proper useMemo for expensive computations
Implement proper virtualization for lists
Use proper code splitting with React.lazy
Implement proper cleanup in useEffect
Use proper refs for DOM access
Implement proper event listener cleanup
Use proper abort controllers for fetch
Implement proper subscription cleanup
Use proper HTML elements
Implement proper ARIA attributes
Use proper heading hierarchy
Implement proper form labels
Use proper button types
Implement proper focus management
Use proper keyboard shortcuts
Implement proper tab order
Use proper skip links
Implement proper focus traps
Implement proper error boundaries
Use proper error logging
Implement proper error recovery
Use proper error messages
Implement proper error fallbacks
Use proper form validation
Implement proper error states
Use proper error messages
Implement proper form submission
Use proper form reset
Use proper component naming
Implement proper file naming
Use proper prop naming
Implement proper...
Files:
packages/clerk-js/src/ui/components/UserProfile/AccountPage.tsxpackages/clerk-js/src/ui/components/UserProfile/SecurityPage.tsx
**/*.{js,ts,tsx,jsx}
📄 CodeRabbit Inference Engine (.cursor/rules/monorepo.mdc)
Support multiple Clerk environment variables (CLERK_, NEXT_PUBLIC_CLERK_, etc.) for configuration.
Files:
packages/clerk-js/src/ui/components/UserProfile/AccountPage.tsxpackages/clerk-js/src/ui/components/UserProfile/SecurityPage.tsxpackages/clerk-js/src/ui/contexts/components/UserProfile.ts
**/*.tsx
📄 CodeRabbit Inference Engine (.cursor/rules/react.mdc)
**/*.tsx: Use proper type definitions for props and state
Leverage TypeScript's type inference where possible
Use proper event types for handlers
Implement proper generic types for reusable components
Use proper type guards for conditional rendering
Files:
packages/clerk-js/src/ui/components/UserProfile/AccountPage.tsxpackages/clerk-js/src/ui/components/UserProfile/SecurityPage.tsx
**/*
⚙️ CodeRabbit Configuration File
If there are no tests added or modified as part of the PR, please suggest that tests be added to cover the changes.
Files:
packages/clerk-js/src/ui/components/UserProfile/AccountPage.tsxpackages/clerk-js/src/ui/components/UserProfile/SecurityPage.tsxpackages/clerk-js/src/ui/contexts/components/UserProfile.ts
.changeset/**
📄 CodeRabbit Inference Engine (.cursor/rules/monorepo.mdc)
Automated releases must use Changesets.
Files:
.changeset/rotten-baths-wish.md
🧬 Code Graph Analysis (2)
packages/clerk-js/src/ui/components/UserProfile/AccountPage.tsx (1)
packages/clerk-js/src/ui/contexts/components/UserProfile.ts (1)
useUserProfileContext(28-66)
packages/clerk-js/src/ui/components/UserProfile/SecurityPage.tsx (2)
packages/clerk-js/src/ui/contexts/components/UserProfile.ts (1)
useUserProfileContext(28-66)packages/clerk-js/src/core/resources/UserSettings.ts (1)
instanceIsPasswordBased(193-195)
🪛 LanguageTool
.changeset/rotten-baths-wish.md
[grammar] ~4-~4: There might be a mistake here.
Context: --- '@clerk/clerk-js': patch --- Hide passkeys section when user has an enter...
(QB_NEW_EN)
[grammar] ~5-~5: There might be a mistake here.
Context: ...k-js': patch --- Hide passkeys section when user has an enterprise account with the...
(QB_NEW_EN)
⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (10)
- GitHub Check: Integration Tests (nuxt, chrome)
- GitHub Check: Integration Tests (elements, chrome)
- GitHub Check: Integration Tests (tanstack-react-start, chrome)
- GitHub Check: Integration Tests (tanstack-react-router, chrome)
- GitHub Check: Integration Tests (sessions, chrome)
- GitHub Check: Integration Tests (generic, chrome)
- GitHub Check: Publish with pkg-pr-new
- GitHub Check: Static analysis
- GitHub Check: Unit Tests (18, --filter=@clerk/astro --filter=@clerk/backend --filter=@clerk/express --filter=@c...
- GitHub Check: Unit Tests (22, **)
🔇 Additional comments (5)
.changeset/rotten-baths-wish.md (1)
2-2: Release type looks correct."patch" is a valid Changesets type and is appropriate here given the backward-compatible UI gating and context field addition.
packages/clerk-js/src/ui/components/UserProfile/SecurityPage.tsx (1)
20-23: Passkeys gated by enterprise restriction — LGTM.Using shouldAllowIdentificationCreation from context to compute showPasskey cleanly centralizes the policy and correctly hides the entire section.
packages/clerk-js/src/ui/contexts/components/UserProfile.ts (1)
64-65: Context return shape update — LGTM.Exposing shouldAllowIdentificationCreation here keeps consumers consistent and avoids duplication across pages.
packages/clerk-js/src/ui/components/UserProfile/AccountPage.tsx (2)
21-21: Consume centralized gating from context — LGTM.Pulling shouldAllowIdentificationCreation from useUserProfileContext removes duplication and aligns with SecurityPage.
51-58: Consider adding tests for identification creation gating on Account sections.SecurityPage is covered, but AccountPage now propagates shouldAllowCreation to Emails/Phone/ConnectedAccounts/Web3. Add/extend tests to assert:
- When an active enterprise connection has disableAdditionalIdentifications=true, add flows are hidden/disabled.
- When enterpriseSSO is disabled or no active enterprise accounts exist, add flows remain available.
There was a problem hiding this comment.
Actionable comments posted: 1
🧹 Nitpick comments (4)
.changeset/rotten-baths-wish.md (1)
5-5: Tighten wording and align terminology with the actual flag (“identifications”).Clearer, grammatically correct, and matches the code property
disable_additional_identifications.Apply this diff:
-Hide passkeys section when user has an enterprise account with the disable additional identifiers setting enabled +Hide the Passkeys section when the user has an active enterprise connection that disables additional identificationspackages/clerk-js/src/ui/components/UserProfile/AccountPage.tsx (1)
27-27: Ensure boolean typing forshowEnterpriseAccounts.
user && enterpriseSSO.enabledcan beUser | false. Coerce to boolean for clarity and type safety.- const showEnterpriseAccounts = user && enterpriseSSO.enabled; + const showEnterpriseAccounts = !!user && enterpriseSSO.enabled;packages/clerk-js/src/ui/components/UserProfile/__tests__/SecurityPage.test.tsx (2)
153-157: UsemockResolvedValuefor brevity and readability.Minor Jest ergonomics improvement; avoids explicit
Promise.resolve.Example diff (apply similarly to other occurrences in this file):
- fixtures.clerk.user?.getSessions.mockReturnValue(Promise.resolve([])); + fixtures.clerk.user?.getSessions.mockResolvedValue([]);Also applies to: 225-231, 253-259
87-232: Consider adding a test for inactive enterprise accounts not gating Passkeys.Edge case: presence of an enterprise account that’s not active should not hide Passkeys. This guards the
some(ea => ea.active && ea.enterpriseConnection?.disableAdditionalIdentifications)logic.If helpful, I can draft the additional test case.
📜 Review details
Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro
💡 Knowledge Base configuration:
- MCP integration is disabled by default for public repositories
- Jira integration is disabled
- Linear integration is disabled by default for public repositories
You can enable these sources in your CodeRabbit configuration.
📒 Files selected for processing (5)
.changeset/rotten-baths-wish.md(1 hunks)packages/clerk-js/src/ui/components/UserProfile/AccountPage.tsx(2 hunks)packages/clerk-js/src/ui/components/UserProfile/SecurityPage.tsx(2 hunks)packages/clerk-js/src/ui/components/UserProfile/__tests__/SecurityPage.test.tsx(1 hunks)packages/clerk-js/src/ui/contexts/components/UserProfile.ts(4 hunks)
🚧 Files skipped from review as they are similar to previous changes (2)
- packages/clerk-js/src/ui/components/UserProfile/SecurityPage.tsx
- packages/clerk-js/src/ui/contexts/components/UserProfile.ts
🧰 Additional context used
📓 Path-based instructions (15)
packages/clerk-js/src/ui/**/*.{ts,tsx}
📄 CodeRabbit Inference Engine (.cursor/rules/clerk-js-ui.mdc)
packages/clerk-js/src/ui/**/*.{ts,tsx}: Element descriptors should always be camelCase
Use element descriptors in UI components to enable consistent theming and styling via appearance.elements
Element descriptors should generate unique, stable CSS classes for theming
Element descriptors should handle state classes (e.g., cl-loading, cl-active, cl-error, cl-open) automatically based on component state
Do not render hard-coded values; all user-facing strings must be localized using provided localization methods
Use the useLocalizations hook and localizationKeys utility for all text and error messages
Use the styled system (sx prop, theme tokens, responsive values) for custom component styling
Use useCardState for card-level state, useFormState for form-level state, and useLoadingStatus for loading states
Always use handleError utility for API errors and use translateError for localized error messages
Use useFormControl for form field state, implement proper validation, and handle loading and error states in forms
Use localization keys for all form labels and placeholders
Use element descriptors for consistent styling and follow the theme token system
Use the Card and FormContainer patterns for consistent UI structure
Files:
packages/clerk-js/src/ui/components/UserProfile/AccountPage.tsxpackages/clerk-js/src/ui/components/UserProfile/__tests__/SecurityPage.test.tsx
**/*.{js,jsx,ts,tsx}
📄 CodeRabbit Inference Engine (.cursor/rules/development.mdc)
**/*.{js,jsx,ts,tsx}: All code must pass ESLint checks with the project's configuration
Follow established naming conventions (PascalCase for components, camelCase for variables)
Maintain comprehensive JSDoc comments for public APIs
Use dynamic imports for optional features
All public APIs must be documented with JSDoc
Provide meaningful error messages to developers
Include error recovery suggestions where applicable
Log errors appropriately for debugging
Lazy load components and features when possible
Implement proper caching strategies
Use efficient data structures and algorithms
Profile and optimize critical paths
Validate all inputs and sanitize outputs
Implement proper logging with different levels
Files:
packages/clerk-js/src/ui/components/UserProfile/AccountPage.tsxpackages/clerk-js/src/ui/components/UserProfile/__tests__/SecurityPage.test.tsx
**/*.{js,jsx,ts,tsx,json,css,scss,md,yaml,yml}
📄 CodeRabbit Inference Engine (.cursor/rules/development.mdc)
Use Prettier for consistent code formatting
Files:
packages/clerk-js/src/ui/components/UserProfile/AccountPage.tsxpackages/clerk-js/src/ui/components/UserProfile/__tests__/SecurityPage.test.tsx
packages/**/*.{ts,tsx}
📄 CodeRabbit Inference Engine (.cursor/rules/development.mdc)
TypeScript is required for all packages
Files:
packages/clerk-js/src/ui/components/UserProfile/AccountPage.tsxpackages/clerk-js/src/ui/components/UserProfile/__tests__/SecurityPage.test.tsx
packages/**/*.{ts,tsx,d.ts}
📄 CodeRabbit Inference Engine (.cursor/rules/development.mdc)
Packages should export TypeScript types alongside runtime code
Files:
packages/clerk-js/src/ui/components/UserProfile/AccountPage.tsxpackages/clerk-js/src/ui/components/UserProfile/__tests__/SecurityPage.test.tsx
**/*.{ts,tsx}
📄 CodeRabbit Inference Engine (.cursor/rules/development.mdc)
Use proper TypeScript error types
**/*.{ts,tsx}: Always define explicit return types for functions, especially public APIs
Use proper type annotations for variables and parameters where inference isn't clear
Avoidanytype - preferunknownwhen type is uncertain, then narrow with type guards
Useinterfacefor object shapes that might be extended
Usetypefor unions, primitives, and computed types
Preferreadonlyproperties for immutable data structures
Useprivatefor internal implementation details
Useprotectedfor inheritance hierarchies
Usepublicexplicitly for clarity in public APIs
Preferreadonlyfor properties that shouldn't change after construction
Prefer composition and interfaces over deep inheritance chains
Use mixins for shared behavior across unrelated classes
Implement dependency injection for loose coupling
Let TypeScript infer when types are obvious
Useconst assertionsfor literal types:as const
Usesatisfiesoperator for type checking without widening
Use mapped types for transforming object types
Use conditional types for type-level logic
Leverage template literal types for string manipulation
Use ES6 imports/exports consistently
Use default exports sparingly, prefer named exports
Use type-only imports:import type { ... } from ...
Noanytypes without justification
Proper error handling with typed errors
Consistent use ofreadonlyfor immutable data
Proper generic constraints
No unused type parameters
Proper use of utility types instead of manual type construction
Type-only imports where possible
Proper tree-shaking friendly exports
No circular dependencies
Efficient type computations (avoid deep recursion)
Files:
packages/clerk-js/src/ui/components/UserProfile/AccountPage.tsxpackages/clerk-js/src/ui/components/UserProfile/__tests__/SecurityPage.test.tsx
**/*.{jsx,tsx}
📄 CodeRabbit Inference Engine (.cursor/rules/development.mdc)
**/*.{jsx,tsx}: Use error boundaries in React components
Minimize re-renders in React components
**/*.{jsx,tsx}: Always use functional components with hooks instead of class components
Follow PascalCase naming for components:UserProfile,NavigationMenu
Keep components focused on a single responsibility - split large components
Limit component size to 150-200 lines; extract logic into custom hooks
Use composition over inheritance - prefer smaller, composable components
Export components as named exports for better tree-shaking
One component per file with matching filename and component name
Use useState for simple state management
Use useReducer for complex state logic
Implement proper state initialization
Use proper state updates with callbacks
Implement proper state cleanup
Use Context API for theme/authentication
Implement proper state selectors
Use proper state normalization
Implement proper state persistence
Use React.memo for expensive components
Implement proper useCallback for handlers
Use proper useMemo for expensive computations
Implement proper virtualization for lists
Use proper code splitting with React.lazy
Implement proper cleanup in useEffect
Use proper refs for DOM access
Implement proper event listener cleanup
Use proper abort controllers for fetch
Implement proper subscription cleanup
Use proper HTML elements
Implement proper ARIA attributes
Use proper heading hierarchy
Implement proper form labels
Use proper button types
Implement proper focus management
Use proper keyboard shortcuts
Implement proper tab order
Use proper skip links
Implement proper focus traps
Implement proper error boundaries
Use proper error logging
Implement proper error recovery
Use proper error messages
Implement proper error fallbacks
Use proper form validation
Implement proper error states
Use proper error messages
Implement proper form submission
Use proper form reset
Use proper component naming
Implement proper file naming
Use proper prop naming
Implement proper...
Files:
packages/clerk-js/src/ui/components/UserProfile/AccountPage.tsxpackages/clerk-js/src/ui/components/UserProfile/__tests__/SecurityPage.test.tsx
**/*.{js,ts,tsx,jsx}
📄 CodeRabbit Inference Engine (.cursor/rules/monorepo.mdc)
Support multiple Clerk environment variables (CLERK_, NEXT_PUBLIC_CLERK_, etc.) for configuration.
Files:
packages/clerk-js/src/ui/components/UserProfile/AccountPage.tsxpackages/clerk-js/src/ui/components/UserProfile/__tests__/SecurityPage.test.tsx
**/*.tsx
📄 CodeRabbit Inference Engine (.cursor/rules/react.mdc)
**/*.tsx: Use proper type definitions for props and state
Leverage TypeScript's type inference where possible
Use proper event types for handlers
Implement proper generic types for reusable components
Use proper type guards for conditional rendering
Files:
packages/clerk-js/src/ui/components/UserProfile/AccountPage.tsxpackages/clerk-js/src/ui/components/UserProfile/__tests__/SecurityPage.test.tsx
**/*
⚙️ CodeRabbit Configuration File
If there are no tests added or modified as part of the PR, please suggest that tests be added to cover the changes.
Files:
packages/clerk-js/src/ui/components/UserProfile/AccountPage.tsxpackages/clerk-js/src/ui/components/UserProfile/__tests__/SecurityPage.test.tsx
packages/**/*.{test,spec}.{js,jsx,ts,tsx}
📄 CodeRabbit Inference Engine (.cursor/rules/monorepo.mdc)
Unit tests should use Jest or Vitest as the test runner.
Files:
packages/clerk-js/src/ui/components/UserProfile/__tests__/SecurityPage.test.tsx
packages/{clerk-js,elements,themes}/**/*.{test,spec}.{js,jsx,ts,tsx}
📄 CodeRabbit Inference Engine (.cursor/rules/monorepo.mdc)
Visual regression testing should be performed for UI components.
Files:
packages/clerk-js/src/ui/components/UserProfile/__tests__/SecurityPage.test.tsx
**/*.test.{jsx,tsx}
📄 CodeRabbit Inference Engine (.cursor/rules/react.mdc)
**/*.test.{jsx,tsx}: Use React Testing Library
Test component behavior, not implementation
Use proper test queries
Implement proper test isolation
Use proper test coverage
Test component interactions
Use proper test data
Implement proper test setup
Use proper test cleanup
Implement proper test assertions
Use proper test structure
Files:
packages/clerk-js/src/ui/components/UserProfile/__tests__/SecurityPage.test.tsx
**/__tests__/**/*.{ts,tsx}
📄 CodeRabbit Inference Engine (.cursor/rules/typescript.mdc)
**/__tests__/**/*.{ts,tsx}: Create type-safe test builders/factories
Use branded types for test isolation
Implement proper mock types that match interfaces
Files:
packages/clerk-js/src/ui/components/UserProfile/__tests__/SecurityPage.test.tsx
.changeset/**
📄 CodeRabbit Inference Engine (.cursor/rules/monorepo.mdc)
Automated releases must use Changesets.
Files:
.changeset/rotten-baths-wish.md
🧬 Code Graph Analysis (2)
packages/clerk-js/src/ui/components/UserProfile/AccountPage.tsx (1)
packages/clerk-js/src/ui/contexts/components/UserProfile.ts (1)
useUserProfileContext(28-66)
packages/clerk-js/src/ui/components/UserProfile/__tests__/SecurityPage.test.tsx (1)
packages/clerk-js/src/ui/components/UserProfile/SecurityPage.tsx (1)
SecurityPage(16-51)
🪛 LanguageTool
.changeset/rotten-baths-wish.md
[grammar] ~4-~4: There might be a mistake here.
Context: --- '@clerk/clerk-js': patch --- Hide passkeys section when user has an enter...
(QB_NEW_EN)
[grammar] ~5-~5: There might be a mistake here.
Context: ...k-js': patch --- Hide passkeys section when user has an enterprise account with the...
(QB_NEW_EN)
⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (10)
- GitHub Check: Integration Tests (nextjs, chrome, 14)
- GitHub Check: Integration Tests (quickstart, chrome)
- GitHub Check: Integration Tests (billing, chrome)
- GitHub Check: Integration Tests (machine, chrome)
- GitHub Check: Integration Tests (nextjs, chrome, 15)
- GitHub Check: Integration Tests (ap-flows, chrome)
- GitHub Check: Integration Tests (sessions, chrome)
- GitHub Check: Integration Tests (localhost, chrome)
- GitHub Check: Integration Tests (astro, chrome)
- GitHub Check: Integration Tests (generic, chrome)
🔇 Additional comments (3)
packages/clerk-js/src/ui/components/UserProfile/AccountPage.tsx (2)
7-7: Good move: centralizing creation gating via UserProfile context.This removes duplication and ensures a single source of truth across pages/sections.
Also applies to: 21-21
51-58: All sections properly gate creation flows based onshouldAllowCreation.
Verified that EmailsSection, PhoneSection, ConnectedAccountsSection, and Web3Section only render “add” controls (and, when empty, the entire section) whenshouldAllowCreationis true. No changes required.packages/clerk-js/src/ui/components/UserProfile/__tests__/SecurityPage.test.tsx (1)
87-232: Solid coverage for enterprise-gated Passkeys visibility.The matrix of scenarios (with/without enterprise connection, flag on/off) is clear and robust. Nice touch verifying existing passkeys are hidden when the enterprise flag disables additional identifications.
| @@ -0,0 +1,5 @@ | |||
| --- | |||
| '@clerk/clerk-js': patch | |||
There was a problem hiding this comment.
💡 Verification agent
🧩 Analysis chain
Double-check release type (patch vs. minor/major) given public surface changes.
If this PR only gates visibility and doesn’t change public types/APIs, “patch” is fine. If UserProfileContextType gained a new exported field or public Passkey types changed (e.g., credential_id removal), consider “minor” or “major” depending on breakage. Please verify.
Run this script to spot potential public-facing changes and usages that might warrant a higher bump:
🏁 Script executed:
#!/bin/bash
set -euo pipefail
echo "Searching for new context field 'shouldAllowIdentificationCreation' exports and usages:"
rg -nP -C2 '\bshouldAllowIdentificationCreation\b'
echo
echo "Checking for usage of 'credential_id' that might indicate a breaking type change:"
rg -nP -C2 '\bcredential_id\b' --type=ts --type=tsx || true
echo
echo "List all changesets for @clerk/clerk-js to ensure consistency:"
rg -nP -C1 "^'@clerk/clerk-js':\s*(major|minor|patch)\b" .changeset
echo
echo "Confirm package name exists:"
fd package.json | xargs -I{} jq -r '.name + " :: " + input_filename' {} | rg -n '@clerk/clerk-js'Length of output: 5925
Bump @clerk/clerk-js to minor
The new shouldAllowIdentificationCreation field was added to the exported UserProfileContextType, which expands the public API in a backwards-compatible way. This requires a minor version bump, not a patch.
• File: .changeset/rotten-baths-wish.md
– Change line 2 from
'@clerk/clerk-js': patch
to
'@clerk/clerk-js': minor
🤖 Prompt for AI Agents
In .changeset/rotten-baths-wish.md around line 2, the release type for
'@clerk/clerk-js' is set to "patch" but should be "minor"; open that file and
change the second line from `'@clerk/clerk-js': patch` to `'@clerk/clerk-js':
minor`, save, and commit the updated changeset.
…s additional identifications - Add `shouldAllowCreation` prop to PasskeySection component to control visibility - Update SecurityPage to check enterprise account restrictions and pass shouldAllowCreation prop - Hide entire PasskeySection when user has active enterprise account with disableAdditionalIdentifications flag This change prevents users from adding passkeys when their enterprise connection explicitly disables additional identification methods, maintaining security policies set by enterprise administrators. This commit follows a simillar pattern introduced earlier on this PR: #4211
LauraBeatris
force-pushed
the
nicolas/fix-passkeys-with-disable-additional-identifiers
branch
from
030cbac to
25b0ce8
Compare
There was a problem hiding this comment.
Actionable comments posted: 0
♻️ Duplicate comments (3)
.changeset/rotten-baths-wish.md (2)
5-5: Polish the wording to reflect actual behavior and fix grammar.Be explicit that the whole section is hidden and use correct phrasing.
Apply this diff:
-Hide passkeys section when user has an enterprise account with the disable additional identifiers setting enabled +Hide the Passkeys section when the user has an active enterprise connection that disables additional identifications
2-2: Use a minor release for the public API expansion.This PR adds an exported field to the public
UserProfileContextType, which is a backwards-compatible API expansion and requires a minor bump, not a patch.Apply this diff:
-'@clerk/clerk-js': patch +'@clerk/clerk-js': minorpackages/clerk-js/src/ui/contexts/components/UserProfile.ts (1)
23-24: Public context surface expanded; ensure versioning reflects this.Adding
shouldAllowIdentificationCreationto the exportedUserProfileContextTypeis a public API addition. Confirm the Changeset uses a minor bump (see my comment in the changeset file).
🧹 Nitpick comments (1)
packages/clerk-js/src/ui/contexts/components/UserProfile.ts (1)
45-56: Safer optional chaining, clearer naming, and more explicit deps.
- Guard against potential
enterpriseAccountsbeing undefined by chaining?.on it and defaulting with?? false.- Rename
showEnterpriseAccountsto convey it checks the SSO gating condition, not a display action.- Make the dependency array precise to avoid depending on the entire object identity.
Apply this diff:
- const shouldAllowIdentificationCreation = useMemo(() => { - const { enterpriseSSO } = environment.userSettings; - const showEnterpriseAccounts = user && enterpriseSSO.enabled; - - return ( - !showEnterpriseAccounts || - !user?.enterpriseAccounts.some( - enterpriseAccount => - enterpriseAccount.active && enterpriseAccount.enterpriseConnection?.disableAdditionalIdentifications, - ) - ); - }, [user, environment.userSettings.enterpriseSSO]); + const shouldAllowIdentificationCreation = useMemo(() => { + const { enterpriseSSO } = environment.userSettings; + const isEnterpriseSSOEnabled = Boolean(user) && enterpriseSSO.enabled; + const hasActiveRestrictedEnterprise = + user?.enterpriseAccounts?.some( + ea => ea.active && ea.enterpriseConnection?.disableAdditionalIdentifications, + ) ?? false; + + return !isEnterpriseSSOEnabled || !hasActiveRestrictedEnterprise; + }, [user, environment.userSettings.enterpriseSSO.enabled]);
📜 Review details
Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro
💡 Knowledge Base configuration:
- MCP integration is disabled by default for public repositories
- Jira integration is disabled
- Linear integration is disabled by default for public repositories
You can enable these sources in your CodeRabbit configuration.
📒 Files selected for processing (6)
.changeset/rotten-baths-wish.md(1 hunks)packages/clerk-js/bundlewatch.config.json(1 hunks)packages/clerk-js/src/ui/components/UserProfile/AccountPage.tsx(2 hunks)packages/clerk-js/src/ui/components/UserProfile/SecurityPage.tsx(2 hunks)packages/clerk-js/src/ui/components/UserProfile/__tests__/SecurityPage.test.tsx(1 hunks)packages/clerk-js/src/ui/contexts/components/UserProfile.ts(4 hunks)
🚧 Files skipped from review as they are similar to previous changes (4)
- packages/clerk-js/src/ui/components/UserProfile/tests/SecurityPage.test.tsx
- packages/clerk-js/src/ui/components/UserProfile/AccountPage.tsx
- packages/clerk-js/bundlewatch.config.json
- packages/clerk-js/src/ui/components/UserProfile/SecurityPage.tsx
🧰 Additional context used
📓 Path-based instructions (9)
packages/clerk-js/src/ui/**/*.{ts,tsx}
📄 CodeRabbit Inference Engine (.cursor/rules/clerk-js-ui.mdc)
packages/clerk-js/src/ui/**/*.{ts,tsx}: Element descriptors should always be camelCase
Use element descriptors in UI components to enable consistent theming and styling via appearance.elements
Element descriptors should generate unique, stable CSS classes for theming
Element descriptors should handle state classes (e.g., cl-loading, cl-active, cl-error, cl-open) automatically based on component state
Do not render hard-coded values; all user-facing strings must be localized using provided localization methods
Use the useLocalizations hook and localizationKeys utility for all text and error messages
Use the styled system (sx prop, theme tokens, responsive values) for custom component styling
Use useCardState for card-level state, useFormState for form-level state, and useLoadingStatus for loading states
Always use handleError utility for API errors and use translateError for localized error messages
Use useFormControl for form field state, implement proper validation, and handle loading and error states in forms
Use localization keys for all form labels and placeholders
Use element descriptors for consistent styling and follow the theme token system
Use the Card and FormContainer patterns for consistent UI structure
Files:
packages/clerk-js/src/ui/contexts/components/UserProfile.ts
**/*.{js,jsx,ts,tsx}
📄 CodeRabbit Inference Engine (.cursor/rules/development.mdc)
**/*.{js,jsx,ts,tsx}: All code must pass ESLint checks with the project's configuration
Follow established naming conventions (PascalCase for components, camelCase for variables)
Maintain comprehensive JSDoc comments for public APIs
Use dynamic imports for optional features
All public APIs must be documented with JSDoc
Provide meaningful error messages to developers
Include error recovery suggestions where applicable
Log errors appropriately for debugging
Lazy load components and features when possible
Implement proper caching strategies
Use efficient data structures and algorithms
Profile and optimize critical paths
Validate all inputs and sanitize outputs
Implement proper logging with different levels
Files:
packages/clerk-js/src/ui/contexts/components/UserProfile.ts
**/*.{js,jsx,ts,tsx,json,css,scss,md,yaml,yml}
📄 CodeRabbit Inference Engine (.cursor/rules/development.mdc)
Use Prettier for consistent code formatting
Files:
packages/clerk-js/src/ui/contexts/components/UserProfile.ts
packages/**/*.{ts,tsx}
📄 CodeRabbit Inference Engine (.cursor/rules/development.mdc)
TypeScript is required for all packages
Files:
packages/clerk-js/src/ui/contexts/components/UserProfile.ts
packages/**/*.{ts,tsx,d.ts}
📄 CodeRabbit Inference Engine (.cursor/rules/development.mdc)
Packages should export TypeScript types alongside runtime code
Files:
packages/clerk-js/src/ui/contexts/components/UserProfile.ts
**/*.{ts,tsx}
📄 CodeRabbit Inference Engine (.cursor/rules/development.mdc)
Use proper TypeScript error types
**/*.{ts,tsx}: Always define explicit return types for functions, especially public APIs
Use proper type annotations for variables and parameters where inference isn't clear
Avoidanytype - preferunknownwhen type is uncertain, then narrow with type guards
Useinterfacefor object shapes that might be extended
Usetypefor unions, primitives, and computed types
Preferreadonlyproperties for immutable data structures
Useprivatefor internal implementation details
Useprotectedfor inheritance hierarchies
Usepublicexplicitly for clarity in public APIs
Preferreadonlyfor properties that shouldn't change after construction
Prefer composition and interfaces over deep inheritance chains
Use mixins for shared behavior across unrelated classes
Implement dependency injection for loose coupling
Let TypeScript infer when types are obvious
Useconst assertionsfor literal types:as const
Usesatisfiesoperator for type checking without widening
Use mapped types for transforming object types
Use conditional types for type-level logic
Leverage template literal types for string manipulation
Use ES6 imports/exports consistently
Use default exports sparingly, prefer named exports
Use type-only imports:import type { ... } from ...
Noanytypes without justification
Proper error handling with typed errors
Consistent use ofreadonlyfor immutable data
Proper generic constraints
No unused type parameters
Proper use of utility types instead of manual type construction
Type-only imports where possible
Proper tree-shaking friendly exports
No circular dependencies
Efficient type computations (avoid deep recursion)
Files:
packages/clerk-js/src/ui/contexts/components/UserProfile.ts
**/*.{js,ts,tsx,jsx}
📄 CodeRabbit Inference Engine (.cursor/rules/monorepo.mdc)
Support multiple Clerk environment variables (CLERK_, NEXT_PUBLIC_CLERK_, etc.) for configuration.
Files:
packages/clerk-js/src/ui/contexts/components/UserProfile.ts
**/*
⚙️ CodeRabbit Configuration File
If there are no tests added or modified as part of the PR, please suggest that tests be added to cover the changes.
Files:
packages/clerk-js/src/ui/contexts/components/UserProfile.ts
.changeset/**
📄 CodeRabbit Inference Engine (.cursor/rules/monorepo.mdc)
Automated releases must use Changesets.
Files:
.changeset/rotten-baths-wish.md
🪛 LanguageTool
.changeset/rotten-baths-wish.md
[grammar] ~4-~4: There might be a mistake here.
Context: --- '@clerk/clerk-js': patch --- Hide passkeys section when user has an enter...
(QB_NEW_EN)
[grammar] ~5-~5: There might be a mistake here.
Context: ...k-js': patch --- Hide passkeys section when user has an enterprise account with the...
(QB_NEW_EN)
⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (25)
- GitHub Check: Integration Tests (vue, chrome)
- GitHub Check: Integration Tests (react-router, chrome)
- GitHub Check: Integration Tests (tanstack-react-start, chrome)
- GitHub Check: Integration Tests (nextjs, chrome, 14)
- GitHub Check: Integration Tests (tanstack-react-router, chrome)
- GitHub Check: Integration Tests (localhost, chrome)
- GitHub Check: Integration Tests (sessions, chrome)
- GitHub Check: Integration Tests (machine, chrome)
- GitHub Check: Integration Tests (nuxt, chrome)
- GitHub Check: Integration Tests (astro, chrome)
- GitHub Check: Integration Tests (nextjs, chrome, 15)
- GitHub Check: Integration Tests (expo-web, chrome)
- GitHub Check: Integration Tests (billing, chrome)
- GitHub Check: Integration Tests (quickstart, chrome)
- GitHub Check: Integration Tests (elements, chrome)
- GitHub Check: Integration Tests (generic, chrome)
- GitHub Check: Integration Tests (ap-flows, chrome)
- GitHub Check: Publish with pkg-pr-new
- GitHub Check: Unit Tests (18, --filter=@clerk/astro --filter=@clerk/backend --filter=@clerk/express --filter=@c...
- GitHub Check: Unit Tests (22, **)
- GitHub Check: Static analysis
- GitHub Check: semgrep/ci
- GitHub Check: Analyze (javascript-typescript)
- GitHub Check: semgrep-cloud-platform/scan
- GitHub Check: semgrep-cloud-platform/scan
🔇 Additional comments (3)
packages/clerk-js/src/ui/contexts/components/UserProfile.ts (3)
1-1: LGTM: Added useUser import is appropriate.
33-33: LGTM: Using useUser to compute policy flags locally is sound.
64-65: LGTM: Exposing shouldAllowIdentificationCreation via the hook is consistent.Additive surface area; no breaking changes here.
There was a problem hiding this comment.
Actionable comments posted: 0
♻️ Duplicate comments (2)
.changeset/rotten-baths-wish.md (2)
2-2: Use “minor” instead of “patch” (public API surface expanded).Adding an exported field to
UserProfileContextTypeis a backwards-compatible API addition and warrants a minor bump.Apply this diff:
-'@clerk/clerk-js': patch +'@clerk/clerk-js': minorTo double-check that a major isn’t needed (in case public types dropped
credential_id), run:#!/bin/bash set -euo pipefail echo "1) Confirm the new exported context field is present (expect matches):" rg -nP -C2 '\bexport\s+(interface|type)\s+UserProfileContextType\b' --type=ts rg -nP -C1 '\bshouldAllowIdentificationCreation\b' --type=ts echo echo "2) Scan for 'credential_id' references that might indicate a breaking change (expect none in public types):" # Look in source and type declaration files rg -nP -C2 '\bcredential_id\b' --type=ts --type=tsx || true
5-5: Polish release note: grammar, precision, and terminology (“identifications,” not “identifiers”).The behavior hides the whole section, and the gating is tied to the enterprise connection setting.
Apply this diff:
-Hide passkeys section when user has an enterprise account with the disable additional identifiers setting enabled +Hide the Passkeys section when the user has an active enterprise connection that disables additional identifications
🧹 Nitpick comments (4)
packages/clerk-js/src/ui/components/UserProfile/__tests__/SecurityPage.test.tsx (4)
155-159: Stabilize assertions: await the UI with findByText to avoid flakiness.Use async queries to prevent race conditions between render and assertions.
Apply this diff:
- render(<SecurityPage />, { wrapper }); - await waitFor(() => expect(fixtures.clerk.user?.getSessions).toHaveBeenCalled()); - screen.getByText('Passkeys'); - screen.getByText('Chrome on Mac'); + render(<SecurityPage />, { wrapper }); + await waitFor(() => expect(fixtures.clerk.user?.getSessions).toHaveBeenCalled()); + await screen.findByText('Passkeys'); + await screen.findByText('Chrome on Mac');
234-259: Good non-enterprise path coverage; minor stability tweak recommended.The positive case (no enterprise connection, passkeys enabled) is covered. Consider awaiting the rendered text.
Apply this diff:
- render(<SecurityPage />, { wrapper }); - await waitFor(() => expect(fixtures.clerk.user?.getSessions).toHaveBeenCalled()); - screen.getByText('Passkeys'); - screen.getByText('Chrome on Mac'); + render(<SecurityPage />, { wrapper }); + await waitFor(() => expect(fixtures.clerk.user?.getSessions).toHaveBeenCalled()); + await screen.findByText('Passkeys'); + await screen.findByText('Chrome on Mac');
261-272: Negative assertion looks fine; optional: wrap in waitFor for extra robustness.Not required, but wrapping the negative assertion in a short
waitForcan reduce test flakiness in slower CI environments.Example:
await waitFor(() => { expect(screen.queryByText('Passkeys')).not.toBeInTheDocument(); });
87-274: Reduce duplication with small local fixtures for passkeys and enterprise accounts.The same passkey and enterprise account shapes are repeated. Extracting minimal builders improves readability and maintenance.
You could add these helpers near the top of the file:
const makePasskey = (overrides: Partial<any> = {}) => ({ object: 'passkey', id: '1234', name: 'Chrome on Mac', created_at: Date.now(), last_used_at: Date.now(), verification: null, updated_at: Date.now(), ...overrides, }); const makeEnterpriseAccount = (overrides: Partial<any> = {}) => ({ object: 'enterprise_account', active: true, first_name: 'Laura', last_name: 'Serafim', protocol: 'saml', provider_user_id: null, public_metadata: {}, email_address: '[email protected]', provider: 'saml_okta', enterprise_connection: { object: 'enterprise_connection', provider: 'saml_okta', name: 'Okta Workforce', id: 'ent_123', active: true, allow_idp_initiated: false, allow_subdomains: false, disable_additional_identifications: false, sync_user_attributes: false, domain: 'foocorp.com', created_at: 123, updated_at: 123, logo_public_url: null, protocol: 'saml', }, verification: { status: 'verified', strategy: 'saml', verified_at_client: 'foo', attempts: 0, error: { code: 'identifier_already_signed_in', long_message: "You're already signed in", message: "You're already signed in", }, expire_at: 123, id: 'ver_123', object: 'verification', }, id: 'eac_123', ...overrides, });Then use:
f.withUser({ email_addresses: ['[email protected]'], passkeys: [makePasskey()], enterprise_accounts: [makeEnterpriseAccount({ enterprise_connection: { ...makeEnterpriseAccount().enterprise_connection, disable_additional_identifications: true } })], });
📜 Review details
Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro
💡 Knowledge Base configuration:
- MCP integration is disabled by default for public repositories
- Jira integration is disabled
- Linear integration is disabled by default for public repositories
You can enable these sources in your CodeRabbit configuration.
📒 Files selected for processing (6)
.changeset/rotten-baths-wish.md(1 hunks)packages/clerk-js/bundlewatch.config.json(1 hunks)packages/clerk-js/src/ui/components/UserProfile/AccountPage.tsx(2 hunks)packages/clerk-js/src/ui/components/UserProfile/SecurityPage.tsx(2 hunks)packages/clerk-js/src/ui/components/UserProfile/__tests__/SecurityPage.test.tsx(1 hunks)packages/clerk-js/src/ui/contexts/components/UserProfile.ts(4 hunks)
🚧 Files skipped from review as they are similar to previous changes (4)
- packages/clerk-js/src/ui/components/UserProfile/SecurityPage.tsx
- packages/clerk-js/bundlewatch.config.json
- packages/clerk-js/src/ui/components/UserProfile/AccountPage.tsx
- packages/clerk-js/src/ui/contexts/components/UserProfile.ts
🧰 Additional context used
📓 Path-based instructions (15)
packages/clerk-js/src/ui/**/*.{ts,tsx}
📄 CodeRabbit Inference Engine (.cursor/rules/clerk-js-ui.mdc)
packages/clerk-js/src/ui/**/*.{ts,tsx}: Element descriptors should always be camelCase
Use element descriptors in UI components to enable consistent theming and styling via appearance.elements
Element descriptors should generate unique, stable CSS classes for theming
Element descriptors should handle state classes (e.g., cl-loading, cl-active, cl-error, cl-open) automatically based on component state
Do not render hard-coded values; all user-facing strings must be localized using provided localization methods
Use the useLocalizations hook and localizationKeys utility for all text and error messages
Use the styled system (sx prop, theme tokens, responsive values) for custom component styling
Use useCardState for card-level state, useFormState for form-level state, and useLoadingStatus for loading states
Always use handleError utility for API errors and use translateError for localized error messages
Use useFormControl for form field state, implement proper validation, and handle loading and error states in forms
Use localization keys for all form labels and placeholders
Use element descriptors for consistent styling and follow the theme token system
Use the Card and FormContainer patterns for consistent UI structure
Files:
packages/clerk-js/src/ui/components/UserProfile/__tests__/SecurityPage.test.tsx
**/*.{js,jsx,ts,tsx}
📄 CodeRabbit Inference Engine (.cursor/rules/development.mdc)
**/*.{js,jsx,ts,tsx}: All code must pass ESLint checks with the project's configuration
Follow established naming conventions (PascalCase for components, camelCase for variables)
Maintain comprehensive JSDoc comments for public APIs
Use dynamic imports for optional features
All public APIs must be documented with JSDoc
Provide meaningful error messages to developers
Include error recovery suggestions where applicable
Log errors appropriately for debugging
Lazy load components and features when possible
Implement proper caching strategies
Use efficient data structures and algorithms
Profile and optimize critical paths
Validate all inputs and sanitize outputs
Implement proper logging with different levels
Files:
packages/clerk-js/src/ui/components/UserProfile/__tests__/SecurityPage.test.tsx
**/*.{js,jsx,ts,tsx,json,css,scss,md,yaml,yml}
📄 CodeRabbit Inference Engine (.cursor/rules/development.mdc)
Use Prettier for consistent code formatting
Files:
packages/clerk-js/src/ui/components/UserProfile/__tests__/SecurityPage.test.tsx
packages/**/*.{ts,tsx}
📄 CodeRabbit Inference Engine (.cursor/rules/development.mdc)
TypeScript is required for all packages
Files:
packages/clerk-js/src/ui/components/UserProfile/__tests__/SecurityPage.test.tsx
packages/**/*.{ts,tsx,d.ts}
📄 CodeRabbit Inference Engine (.cursor/rules/development.mdc)
Packages should export TypeScript types alongside runtime code
Files:
packages/clerk-js/src/ui/components/UserProfile/__tests__/SecurityPage.test.tsx
**/*.{ts,tsx}
📄 CodeRabbit Inference Engine (.cursor/rules/development.mdc)
Use proper TypeScript error types
**/*.{ts,tsx}: Always define explicit return types for functions, especially public APIs
Use proper type annotations for variables and parameters where inference isn't clear
Avoidanytype - preferunknownwhen type is uncertain, then narrow with type guards
Useinterfacefor object shapes that might be extended
Usetypefor unions, primitives, and computed types
Preferreadonlyproperties for immutable data structures
Useprivatefor internal implementation details
Useprotectedfor inheritance hierarchies
Usepublicexplicitly for clarity in public APIs
Preferreadonlyfor properties that shouldn't change after construction
Prefer composition and interfaces over deep inheritance chains
Use mixins for shared behavior across unrelated classes
Implement dependency injection for loose coupling
Let TypeScript infer when types are obvious
Useconst assertionsfor literal types:as const
Usesatisfiesoperator for type checking without widening
Use mapped types for transforming object types
Use conditional types for type-level logic
Leverage template literal types for string manipulation
Use ES6 imports/exports consistently
Use default exports sparingly, prefer named exports
Use type-only imports:import type { ... } from ...
Noanytypes without justification
Proper error handling with typed errors
Consistent use ofreadonlyfor immutable data
Proper generic constraints
No unused type parameters
Proper use of utility types instead of manual type construction
Type-only imports where possible
Proper tree-shaking friendly exports
No circular dependencies
Efficient type computations (avoid deep recursion)
Files:
packages/clerk-js/src/ui/components/UserProfile/__tests__/SecurityPage.test.tsx
**/*.{jsx,tsx}
📄 CodeRabbit Inference Engine (.cursor/rules/development.mdc)
**/*.{jsx,tsx}: Use error boundaries in React components
Minimize re-renders in React components
**/*.{jsx,tsx}: Always use functional components with hooks instead of class components
Follow PascalCase naming for components:UserProfile,NavigationMenu
Keep components focused on a single responsibility - split large components
Limit component size to 150-200 lines; extract logic into custom hooks
Use composition over inheritance - prefer smaller, composable components
Export components as named exports for better tree-shaking
One component per file with matching filename and component name
Use useState for simple state management
Use useReducer for complex state logic
Implement proper state initialization
Use proper state updates with callbacks
Implement proper state cleanup
Use Context API for theme/authentication
Implement proper state selectors
Use proper state normalization
Implement proper state persistence
Use React.memo for expensive components
Implement proper useCallback for handlers
Use proper useMemo for expensive computations
Implement proper virtualization for lists
Use proper code splitting with React.lazy
Implement proper cleanup in useEffect
Use proper refs for DOM access
Implement proper event listener cleanup
Use proper abort controllers for fetch
Implement proper subscription cleanup
Use proper HTML elements
Implement proper ARIA attributes
Use proper heading hierarchy
Implement proper form labels
Use proper button types
Implement proper focus management
Use proper keyboard shortcuts
Implement proper tab order
Use proper skip links
Implement proper focus traps
Implement proper error boundaries
Use proper error logging
Implement proper error recovery
Use proper error messages
Implement proper error fallbacks
Use proper form validation
Implement proper error states
Use proper error messages
Implement proper form submission
Use proper form reset
Use proper component naming
Implement proper file naming
Use proper prop naming
Implement proper...
Files:
packages/clerk-js/src/ui/components/UserProfile/__tests__/SecurityPage.test.tsx
packages/**/*.{test,spec}.{js,jsx,ts,tsx}
📄 CodeRabbit Inference Engine (.cursor/rules/monorepo.mdc)
Unit tests should use Jest or Vitest as the test runner.
Files:
packages/clerk-js/src/ui/components/UserProfile/__tests__/SecurityPage.test.tsx
packages/{clerk-js,elements,themes}/**/*.{test,spec}.{js,jsx,ts,tsx}
📄 CodeRabbit Inference Engine (.cursor/rules/monorepo.mdc)
Visual regression testing should be performed for UI components.
Files:
packages/clerk-js/src/ui/components/UserProfile/__tests__/SecurityPage.test.tsx
**/*.{js,ts,tsx,jsx}
📄 CodeRabbit Inference Engine (.cursor/rules/monorepo.mdc)
Support multiple Clerk environment variables (CLERK_, NEXT_PUBLIC_CLERK_, etc.) for configuration.
Files:
packages/clerk-js/src/ui/components/UserProfile/__tests__/SecurityPage.test.tsx
**/*.tsx
📄 CodeRabbit Inference Engine (.cursor/rules/react.mdc)
**/*.tsx: Use proper type definitions for props and state
Leverage TypeScript's type inference where possible
Use proper event types for handlers
Implement proper generic types for reusable components
Use proper type guards for conditional rendering
Files:
packages/clerk-js/src/ui/components/UserProfile/__tests__/SecurityPage.test.tsx
**/*.test.{jsx,tsx}
📄 CodeRabbit Inference Engine (.cursor/rules/react.mdc)
**/*.test.{jsx,tsx}: Use React Testing Library
Test component behavior, not implementation
Use proper test queries
Implement proper test isolation
Use proper test coverage
Test component interactions
Use proper test data
Implement proper test setup
Use proper test cleanup
Implement proper test assertions
Use proper test structure
Files:
packages/clerk-js/src/ui/components/UserProfile/__tests__/SecurityPage.test.tsx
**/__tests__/**/*.{ts,tsx}
📄 CodeRabbit Inference Engine (.cursor/rules/typescript.mdc)
**/__tests__/**/*.{ts,tsx}: Create type-safe test builders/factories
Use branded types for test isolation
Implement proper mock types that match interfaces
Files:
packages/clerk-js/src/ui/components/UserProfile/__tests__/SecurityPage.test.tsx
**/*
⚙️ CodeRabbit Configuration File
If there are no tests added or modified as part of the PR, please suggest that tests be added to cover the changes.
Files:
packages/clerk-js/src/ui/components/UserProfile/__tests__/SecurityPage.test.tsx
.changeset/**
📄 CodeRabbit Inference Engine (.cursor/rules/monorepo.mdc)
Automated releases must use Changesets.
Files:
.changeset/rotten-baths-wish.md
🧬 Code Graph Analysis (1)
packages/clerk-js/src/ui/components/UserProfile/__tests__/SecurityPage.test.tsx (1)
packages/clerk-js/src/ui/components/UserProfile/SecurityPage.tsx (1)
SecurityPage(16-51)
🪛 LanguageTool
.changeset/rotten-baths-wish.md
[grammar] ~4-~4: There might be a mistake here.
Context: --- '@clerk/clerk-js': patch --- Hide passkeys section when user has an enter...
(QB_NEW_EN)
[grammar] ~5-~5: There might be a mistake here.
Context: ...k-js': patch --- Hide passkeys section when user has an enterprise account with the...
(QB_NEW_EN)
⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (6)
- GitHub Check: Integration Tests (nextjs, chrome, 14)
- GitHub Check: Integration Tests (sessions, chrome)
- GitHub Check: Integration Tests (nextjs, chrome, 15)
- GitHub Check: Integration Tests (billing, chrome)
- GitHub Check: Integration Tests (elements, chrome)
- GitHub Check: Integration Tests (generic, chrome)
🔇 Additional comments (2)
packages/clerk-js/src/ui/components/UserProfile/__tests__/SecurityPage.test.tsx (2)
87-151: Good coverage: shows Passkeys with active enterprise connection when allowed.This test correctly exercises the enterprise gating path and validates section visibility plus an existing passkey item.
161-231: Correctly hides Passkeys when enterprise connection disables additional identifications.The test name and expectations match the intended gating. Verifies that both the section header and passkey items are absent.
LauraBeatris
deleted the
nicolas/fix-passkeys-with-disable-additional-identifiers
branch
shouldAllowCreationprop to PasskeySection component to control visibilityThis change prevents users from adding passkeys when their enterprise connection explicitly disables additional identification methods, maintaining security policies set by enterprise administrators.
This commit follows a simillar pattern introduced earlier on this PR: #4211
Description
Checklist
pnpm testruns as expected.pnpm buildruns as expected.Type of change
Summary by CodeRabbit
New Features
Tests
Chores