The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Actions	Updated (UTC)
clerk-js-sandbox	Ready	Preview, Comment	Jun 15, 2026 6:23pm
swingset	Ready	Preview, Comment	Jun 15, 2026 6:23pm

🦋 Changeset detected

Latest commit: cbe883d

The changes in this PR will be included in the next version bump.

Not sure what this means? Click here to learn what changesets are.

Click here if you're a maintainer who wants to add another changeset to this PR

No actionable comments were generated in the recent review. 🎉

sequenceDiagram
  participant User
  participant OrganizationSecurityPage
  participant SecuritySsoSection
  participant ConfigureSSOWizard
  participant EnterpriseConnectionMutations

  User->>OrganizationSecurityPage: navigates to Security page
  OrganizationSecurityPage->>SecuritySsoSection: renders overview (view='overview')
  SecuritySsoSection->>User: shows status badge + detail rows + actions menu

  alt Start/Continue/Edit clicked
    User->>SecuritySsoSection: clicks configure button or Edit
    SecuritySsoSection->>OrganizationSecurityPage: setView('wizard')
    OrganizationSecurityPage->>ConfigureSSOWizard: renders wizard
  else Activate/Deactivate clicked
    User->>SecuritySsoSection: clicks Activate or Deactivate
    SecuritySsoSection->>SecuritySsoSection: sets optimistic status override
    SecuritySsoSection->>EnterpriseConnectionMutations: updateConnection(active)
    EnterpriseConnectionMutations-->>SecuritySsoSection: settled (success or error)
    SecuritySsoSection->>SecuritySsoSection: clears optimistic override (or rollback)
  else Remove clicked
    User->>SecuritySsoSection: clicks Remove
    SecuritySsoSection->>SecuritySsoSection: opens ResetConnectionDialog
    User->>SecuritySsoSection: types confirmation
    SecuritySsoSection->>EnterpriseConnectionMutations: deleteConnection(id)
    EnterpriseConnectionMutations-->>SecuritySsoSection: resolved
    SecuritySsoSection->>OrganizationSecurityPage: connection removed
  end

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

Open in StackBlitz

npm i https://pkg.pr.new/@clerk/astro@8813

npm i https://pkg.pr.new/@clerk/backend@8813

npm i https://pkg.pr.new/@clerk/chrome-extension@8813

npm i https://pkg.pr.new/@clerk/clerk-js@8813

npm i https://pkg.pr.new/@clerk/expo@8813

npm i https://pkg.pr.new/@clerk/expo-passkeys@8813

npm i https://pkg.pr.new/@clerk/express@8813

npm i https://pkg.pr.new/@clerk/fastify@8813

npm i https://pkg.pr.new/@clerk/hono@8813

npm i https://pkg.pr.new/@clerk/localizations@8813

npm i https://pkg.pr.new/@clerk/nextjs@8813

npm i https://pkg.pr.new/@clerk/nuxt@8813

npm i https://pkg.pr.new/@clerk/react@8813

npm i https://pkg.pr.new/@clerk/react-router@8813

npm i https://pkg.pr.new/@clerk/shared@8813

npm i https://pkg.pr.new/@clerk/tanstack-react-start@8813

npm i https://pkg.pr.new/@clerk/testing@8813

npm i https://pkg.pr.new/@clerk/ui@8813

npm i https://pkg.pr.new/@clerk/upgrade@8813

npm i https://pkg.pr.new/@clerk/vue@8813

commit: cbe883d

API Changes Report

Generated by Break Check on 2026-06-15T18:26:09.148Z

Summary

🤖 This report was reviewed by claude-sonnet-4-6.

Note
Break Check could not snapshot 3 subpaths; the diff below excludes them.

• @clerk/astro ./env: ambient declaration file (no top-level import or export): API Extractor can only analyze module entry points, so this global-augmentation surface cannot be snapshotted; add "@clerk/astro#./env" to ignoreSubpaths to acknowledge it (API Extractor: Unable to determine module for: /home/runner/_work/javascript/javascript/packages/astro/env.d.ts)
• @clerk/shared ./cookie: the shipped declarations reference the type name "Cookies", which cannot be resolved from the entry point; the published types are likely broken for consumers (often a dropped import or a types package that is only a devDependency); fix the published types, or add "@clerk/shared#./cookie" to ignoreSubpaths as a stopgap (API Extractor: Unable to follow symbol for "Cookies")
• @clerk/testing ./cypress: the shipped declarations reference the type name "Cypress", which cannot be resolved from the entry point; the published types are likely broken for consumers (often a dropped import or a types package that is only a devDependency); fix the published types, or add "@clerk/testing#./cypress" to ignoreSubpaths as a stopgap (API Extractor: Symbol not found for identifier: Cypress)

@clerk/shared

Current version: 4.17.1
Recommended bump: MINOR → 4.18.0

Subpath ./types

🟡 Non-breaking Changes (3)

Modified: __internal_LocalizationResource

// ... 1037 unchanged lines elided ...
        messageLine2: LocalizationValue;
        successMessage: LocalizationValue;
      };
+     securityPage: {
+       title: LocalizationValue;
+       removeDialog: {
+         title: LocalizationValue;
+         subtitle: LocalizationValue;
+         confirmButton: LocalizationValue;
+       };
+       ssoSection: {
+         title: LocalizationValue;
+         badge__unconfigured: LocalizationValue;
+         badge__inProgress: LocalizationValue;
+         badge__active: LocalizationValue;
+         badge__inactive: LocalizationValue;
+         descriptionLine1: LocalizationValue;
+         descriptionLine2: LocalizationValue<'role'>;
+         descriptionLine2__noRole: LocalizationValue;
+         primaryButton__startConfiguration: LocalizationValue;
+         primaryButton__continueConfiguration: LocalizationValue;
+         providerLabel: LocalizationValue;
+         domainLabel: LocalizationValue;
+         signOnUrlLabel: LocalizationValue;
+         issuerLabel: LocalizationValue;
+         certificateLabel: LocalizationValue;
+         menuAction__edit: LocalizationValue;
+         menuAction__activate: LocalizationValue;
+         menuAction__deactivate: LocalizationValue;
+         menuAction__remove: LocalizationValue;
+       };
+     };
      membersPage: {
        detailsTitle__emptyRow: LocalizationValue;
        action__invite: LocalizationValue;
// ... 881 unchanged lines elided ...

Static analyzer: Breaking change in type alias __internal_LocalizationResource: Type changed: {locale:string;maintenanceMode:import("@clerk/shared").LocalizationValue;roles:{[r:string]:import("@clerk/shared").Loca… → {locale:string;maintenanceMode:import("@clerk/shared").LocalizationValue;roles:{[r:string]:import("@clerk/shared").Loca…

🤖 AI review (reclassified as non-breaking) (70%): The before and after snippets show the same structure at the visible boundaries; the difference is in elided lines (1844 vs 1873), indicating new fields were added. __internal_LocalizationResource is used as the basis for LocalizationResource which extends DeepPartial<DeepLocalizationWithoutObjects<__internal_LocalizationResource>>, meaning consumers only read/construct LocalizationResource (an output/partial type), so adding new fields to the internal source type does not break existing consumers.

Modified: ProfilePageId

- type ProfilePageId = 'account' | 'security' | 'organizationGeneral' | 'organizationMembers' | 'billing';
+ type ProfilePageId = 'account' | 'security' | 'organizationGeneral' | 'organizationMembers' | 'organizationSecurity' | 'billing';

Static analyzer: Breaking change in type alias ProfilePageId: Type changed: 'account'|'billing'|'organizationGeneral'|'organizationMembers'|'security' → 'account'|'billing'|'organizationGeneral'|'organizationMembers'|'organizationSecurity'|'security'

🤖 AI review (reclassified as non-breaking) (85%): A new variant 'organizationSecurity' was added to the ProfilePageId union; existing code that exhaustively switches or assigns this union may not handle the new variant, but adding a union member to an output/discriminated type is an additive change. However, if consumers use this as an input type (e.g., passing a value of this type), widening the union is non-breaking for inputs. The addition of a new member does not invalidate existing members.

Modified: ProfileSectionId

- type ProfileSectionId = 'profile' | 'username' | 'emailAddresses' | 'phoneNumbers' | 'connectedAccounts' | 'enterpriseAccounts' | 'web3Wallets' | 'password' | 'passkeys' | 'mfa' | 'danger' | 'activeDevices' | 'organizationProfile' | 'organizationDanger' | 'organizationDomains' | 'manageVerifiedDomains' | 'subscriptionsList' | 'paymentMethods' | 'ssoStatus' | 'enableSso' | 'ssoDomain' | 'ssoConfiguration' | 'configureAgain' | 'resetSso' | 'testSsoUrl' | 'testResults';
+ type ProfileSectionId = 'profile' | 'username' | 'emailAddresses' | 'phoneNumbers' | 'connectedAccounts' | 'enterpriseAccounts' | 'web3Wallets' | 'password' | 'passkeys' | 'mfa' | 'danger' | 'activeDevices' | 'organizationProfile' | 'organizationDanger' | 'organizationDomains' | 'manageVerifiedDomains' | 'subscriptionsList' | 'paymentMethods' | 'sso' | 'ssoStatus' | 'enableSso' | 'ssoDomain' | 'ssoConfiguration' | 'configureAgain' | 'resetSso' | 'testSsoUrl' | 'testResults';

Static analyzer: Breaking change in type alias ProfileSectionId: Type changed: 'activeDevices'|'configureAgain'|'connectedAccounts'|'danger'|'emailAddresses'|'enableSso'|'enterpriseAccounts'|'manage… → 'activeDevices'|'configureAgain'|'connectedAccounts'|'danger'|'emailAddresses'|'enableSso'|'enterpriseAccounts'|'manage…

🤖 AI review (reclassified as non-breaking) (80%): A new variant 'sso' was added to the ProfileSectionId union; existing members are all preserved, so no previously valid value is removed. Adding a new union member to an output type used in MenuId is an additive change and does not break existing consumers who handle only previously existing members.

@clerk/ui

Current version: 1.16.1
Recommended bump: MINOR → 1.17.0

Subpath ./internal

🟡 Non-breaking Changes (1)

Modified: ElementsConfig

// ... 182 unchanged lines elided ...
    organizationSwitcherPopoverFooter: WithOptions;
    organizationProfileMembersSearchInputIcon: WithOptions;
    organizationProfileMembersSearchInput: WithOptions;
+   organizationProfileSecuritySsoBadge: WithOptions<string>;
+   organizationProfileSecuritySsoDescription: WithOptions;
+   organizationProfileSecuritySsoConfigureButton: WithOptions<string>;
+   organizationProfileSecuritySsoDetailRows: WithOptions;
+   organizationProfileSecuritySsoDetailRow: WithOptions<string>;
+   organizationProfileSecuritySsoDetailRowLabel: WithOptions<string>;
+   organizationProfileSecuritySsoDetailRowChip: WithOptions<string>;
+   organizationProfileSecuritySsoDetailRowLink: WithOptions<string>;
+   organizationProfileSecuritySsoProviderIcon: WithOptions;
    organizationListPreviewItems: WithOptions;
    organizationListPreviewItem: WithOptions;
    organizationListPreviewButton: WithOptions;
// ... 343 unchanged lines elided ...

Static analyzer: Breaking change in type alias ElementsConfig: Type changed: {button:import("@clerk/ui").~WithOptions<string>;input:import("@clerk/ui").~WithOptions;checkbox:import("@clerk/ui").~W… → {button:import("@clerk/ui").~WithOptions<string>;input:import("@clerk/ui").~WithOptions;checkbox:import("@clerk/ui").~W…

🤖 AI review (reclassified as non-breaking) (85%): The change adds new properties to ElementsConfig (9 more lines elided in the after-snippet), and ElementsConfig is used only as a mapped-type source for the output type Elements — consumers only read Elements values, they do not construct ElementsConfig objects — so adding new keys is non-breaking.

Report generated by Break Check

_{Last ran on cbe883d.}

Is this horizontal padding expected or do we expect the divider to take the whole space?

"Let members sign in through your identity provider using their domain email" -> "domain email" reads weirdly... I think it should be email domain instead but waiting on confirmation