Skip to content

[codex] Upgrade Clerk stack#3821

Merged
juliusmarminge merged 1 commit into
mainfrom
t3code/bump-clerk-stack
Jul 9, 2026
Merged

[codex] Upgrade Clerk stack#3821
juliusmarminge merged 1 commit into
mainfrom
t3code/bump-clerk-stack

Conversation

@juliusmarminge

@juliusmarminge juliusmarminge commented Jul 9, 2026

Copy link
Copy Markdown
Member

Summary

Upgrade the Clerk packages used across the relay, web, desktop, and mobile applications to the versions published by clerk/javascript PR #9108.

The repository catalog was still pinned to the preceding Clerk patch release, so consumers would not receive the latest shared package fixes or the updated native Clerk SDKs bundled by @clerk/expo. This updates the catalog and supply-chain age exclusions together, then regenerates the pnpm lockfile so every workspace resolves a consistent Clerk stack.

@clerk/electron-passkeys remains at 0.0.3 because that release did not publish a newer version of the package.

Upstream release: clerk/javascript#9108

Validation

  • vp check
  • vp run typecheck
  • vp run lint:mobile
  • git diff --check
  • pnpm lockfile supply-chain verification

Note

Medium Risk
Touches authentication SDKs used on relay, web, desktop, and mobile; risk is limited to patch bumps with no local code changes, but auth/session behavior should be smoke-tested.

Overview
Bumps the Clerk packages in the pnpm catalog and matching minimumReleaseAgeExclude entries so relay, web, desktop, and mobile all resolve one aligned stack: @clerk/backend 3.11.2, @clerk/clerk-js 6.25.1, @clerk/electron 0.0.11, @clerk/expo 3.7.2, @clerk/react 6.12.1, and @clerk/shared 4.25.1. pnpm-lock.yaml is regenerated so workspace overrides and per-app lock entries reflect those pins.

@clerk/electron-passkeys is unchanged at 0.0.3. There are no application source edits—consumers already depend on catalog:.

Reviewed by Cursor Bugbot for commit 1c5bc90. Bugbot is set up for automated code reviews on this repo. Configure here.

Note

Upgrade Clerk packages to latest patch versions

Bumps @clerk/backend, @clerk/clerk-js, @clerk/electron, @clerk/expo, @clerk/react, and @clerk/shared to their latest patch releases in pnpm-workspace.yaml. The minimumReleaseAgeExclude entries are updated to match the new versions.

Macroscope summarized 1c5bc90.

Co-authored-by: codex <codex@users.noreply.github.com>
@juliusmarminge juliusmarminge marked this pull request as ready for review July 9, 2026 05:49
@github-actions github-actions Bot added vouch:trusted PR author is trusted by repo permissions or the VOUCHED list. size:L 100-499 changed lines (additions + deletions). labels Jul 9, 2026
@coderabbitai

coderabbitai Bot commented Jul 9, 2026

Copy link
Copy Markdown

Important

Review skipped

Auto reviews are disabled on this repository. Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

⚙️ Run configuration

Configuration used: Repository UI

Review profile: CHILL

Plan: Pro

Run ID: 8349fff7-6fab-49c2-9d37-f6797b8ea18c

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Use the checkbox below for a quick retry:

  • 🔍 Trigger review
✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch t3code/bump-clerk-stack

Comment @coderabbitai help to get the list of available commands.

@macroscopeapp

macroscopeapp Bot commented Jul 9, 2026

Copy link
Copy Markdown
Contributor

Approvability

Verdict: Approved

Routine patch-level dependency upgrade for Clerk packages. Changes are limited to lock files and workspace configuration with no application code modifications.

You can customize Macroscope's approvability policy. Learn more.

@juliusmarminge juliusmarminge merged commit e912765 into main Jul 9, 2026
18 of 20 checks passed
@juliusmarminge juliusmarminge deleted the t3code/bump-clerk-stack branch July 9, 2026 05:54
eyeveil added a commit to eyeveil/t3code that referenced this pull request Jul 9, 2026
… + desktop packaging)

Merge upstream/main into the fork. Notable upstream changes: Clerk stack
upgrade (pingdotgg#3821), mobile offline persistence + preferences refactor (pingdotgg#3795),
mobile PR number badges + a11y (pingdotgg#3827, pingdotgg#3828), font embedding (pingdotgg#3823),
worktree metadata preservation during branch sync (pingdotgg#3822), codex reasoning
labels (pingdotgg#3824), desktop native optional dependency packaging (pingdotgg#3816).

Preserved fork features across conflicts: iOS personal-team build support,
Material3 dynamic accent theming, verbose work-log, mobile visible queue,
MarkdownCodeBlock, native Android composer/header layout, and the fork's
asar:false + afterPack/afterSign node_modules copy hooks for desktop packaging.
Lockfile regenerated on pnpm 11 (upstream lock as base).
adamfgr pushed a commit to agriffiths-bots/t3code that referenced this pull request Jul 10, 2026
* Fix desktop native optional dependency packaging (pingdotgg#3816)

* [codex] Upgrade Clerk stack (pingdotgg#3821)

Co-authored-by: codex <codex@users.noreply.github.com>

* [codex] Preserve worktree metadata during branch sync (pingdotgg#3822)

Co-authored-by: codex <codex@users.noreply.github.com>

* feat(client): persist offline environment data and mobile preferences (pingdotgg#3795)

Co-authored-by: Julius Marminge <julius@mac.lan>
Co-authored-by: codex <codex@users.noreply.github.com>

* [codex] Label max and ultra reasoning (pingdotgg#3824)

Co-authored-by: codex <codex@users.noreply.github.com>

* fix(mobile): embed fonts and render project favicons reliably (pingdotgg#3823)

Co-authored-by: codex <codex@users.noreply.github.com>

* Show compact PR number badges in mobile thread rows (pingdotgg#3827)

Co-authored-by: codex <codex@users.noreply.github.com>

* Expose mobile PR indicator labels to accessibility (pingdotgg#3828)

Co-authored-by: codex <codex@users.noreply.github.com>

* test(client-runtime): stub new EnvironmentCacheStore methods in shell-sync mocks

Upstream pingdotgg#3795 expanded the EnvironmentCacheStore interface with
loadServerConfig/saveServerConfig/loadVcsRefs/saveVcsRefs; add those
stubs to the fork-local shell-sync mock stores so typecheck passes.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>

* fix(client-runtime): pass heartbeat opt-in from offline server-config subscription

Upstream pingdotgg#3795's makeEnvironmentServerConfigState subscribed to
subscribeServerConfig with {} instead of the fork-local shared
SERVER_CONFIG_SUBSCRIPTION_INPUT ({ supportsHeartbeat: true }). That
opts the quiet offline-persistence subscription out of the server's
keepalive frames (and diverges from the shared subscription key), so
idle transports/proxies could drop it and leave provider/model metadata
stale. Hoist the const above makeEnvironmentServerConfigState and pass
it at the subscription site so every consumer shares the same input.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>

---------

Co-authored-by: Patricio Gómez Meneses <107218376+Prgm-code@users.noreply.github.com>
Co-authored-by: Julius Marminge <julius0216@outlook.com>
Co-authored-by: codex <codex@users.noreply.github.com>
Co-authored-by: Julius Marminge <julius@mac.lan>
Co-authored-by: wizzoapp[bot] <254688279+wizzoapp[bot]@users.noreply.github.com>
Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

size:L 100-499 changed lines (additions + deletions). vouch:trusted PR author is trusted by repo permissions or the VOUCHED list.

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant