chore: update versions (#2724)

This PR was opened by the [Changesets
release](https://github.com/changesets/action) GitHub action. When
you're ready to do a release, you can merge this and the packages will
be published to npm automatically. If you're not ready to do a release
yet, that's fine, whenever you add more changesets to main, this PR will
be updated.


# Releases
## @nhost/apollo@7.1.2

### Patch Changes

-   @nhost/nhost-js@3.1.5

## @nhost/react-apollo@12.0.2

### Patch Changes

-   @nhost/apollo@7.1.2
-   @nhost/react@3.5.2

## @nhost/react-urql@9.0.2

### Patch Changes

-   @nhost/react@3.5.2

## @nhost/hasura-auth-js@2.5.2

### Patch Changes

- a03fb2c: fix: deep clone machine context to prevent mutations in
nested objects during initial session setup

## @nhost/nextjs@2.1.16

### Patch Changes

-   @nhost/react@3.5.2

## @nhost/nhost-js@3.1.5

### Patch Changes

-   Updated dependencies [a03fb2c]
    -   @nhost/hasura-auth-js@2.5.2

## @nhost/react@3.5.2

### Patch Changes

-   @nhost/nhost-js@3.1.5

## @nhost/vue@2.6.2

### Patch Changes

-   @nhost/nhost-js@3.1.5

## @nhost/docs@2.13.0

### Minor Changes

-   6fb0cc2: fix: minor improvements to compute resources' docs
-   66bd450: chore: various improvements

## @nhost/dashboard@1.16.3

### Patch Changes

- 87a37cf: fix: remove unnecessary isPlatform check from verify button
disable logic on custom domains
    -   @nhost/react-apollo@12.0.2
    -   @nhost/nextjs@2.1.16

## @nhost-examples/cli@0.3.7

### Patch Changes

-   @nhost/nhost-js@3.1.5

## @nhost-examples/codegen-react-apollo@0.4.7

### Patch Changes

-   @nhost/react@3.5.2
-   @nhost/react-apollo@12.0.2

## @nhost-examples/codegen-react-query@0.4.7

### Patch Changes

-   @nhost/react@3.5.2

## @nhost-examples/codegen-react-urql@0.3.7

### Patch Changes

-   @nhost/react@3.5.2
-   @nhost/react-urql@9.0.2

## @nhost-examples/multi-tenant-one-to-many@2.2.7

### Patch Changes

-   @nhost/nhost-js@3.1.5

## @nhost-examples/nextjs@0.3.7

### Patch Changes

-   @nhost/react@3.5.2
-   @nhost/react-apollo@12.0.2
-   @nhost/nextjs@2.1.16

## @nhost-examples/node-storage@0.2.7

### Patch Changes

-   @nhost/nhost-js@3.1.5

## @nhost-examples/nextjs-server-components@0.4.7

### Patch Changes

-   @nhost/nhost-js@3.1.5

## @nhost-examples/react-apollo@0.8.7

### Patch Changes

-   @nhost/react@3.5.2
-   @nhost/react-apollo@12.0.2

## @nhost-examples/react-gqty@1.2.7

### Patch Changes

-   @nhost/react@3.5.2

## @nhost-examples/vue-apollo@0.6.7

### Patch Changes

-   @nhost/nhost-js@3.1.5
-   @nhost/apollo@7.1.2
-   @nhost/vue@2.6.2

## @nhost-examples/vue-quickstart@0.2.7

### Patch Changes

-   @nhost/apollo@7.1.2
-   @nhost/vue@2.6.2

Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>

dashboard/CHANGELOG.md

@@ -1,5 +1,13 @@
 # @nhost/dashboard
 
+## 1.16.3
+
+### Patch Changes
+
+- 87a37cf: fix: remove unnecessary isPlatform check from verify button disable logic on custom domains
+  - @nhost/react-apollo@12.0.2
+  - @nhost/nextjs@2.1.16
+
 ## 1.16.2
 
 ### Patch Changes

dashboard/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@nhost/dashboard",
-  "version": "1.16.2",
+  "version": "1.16.3",
   "private": true,
   "scripts": {
     "preinstall": "npx only-allow pnpm",

dashboard/src/features/projects/custom-domains/settings/components/VerifyDomain/VerifyDomain.tsx

@@ -131,7 +131,7 @@ export default function VerifyDomain({
         </div>
         {isPlatform ? (
           <Button
-            disabled={loading || !hostname || isPlatform}
+            disabled={loading || !hostname}
             onClick={handleVerifyDomain}
             className="mt-4 sm:absolute sm:bottom-0 sm:right-0 sm:mt-0"
           >

docs/CHANGELOG.md

@@ -1,5 +1,12 @@
 # @nhost/docs
 
+## 2.13.0
+
+### Minor Changes
+
+- 6fb0cc2: fix: minor improvements to compute resources' docs
+- 66bd450: chore: various improvements
+
 ## 2.12.0
 
 ### Minor Changes

docs/guides/auth/custom-jwts.mdx

@@ -0,0 +1,176 @@
+---
+title: Custom JWTs
+description: Creating custom JWTs
+icon: ghost
+---
+
+In some cases it is necessary to act on behalf of a user. While the Auth service doesn't allow that it is not difficult to implement such functionality as a serverless function. Below you can find an example of a function that can generate a valid access token for your application with customized values. For details read the docstring in the function itself.
+
+Feel free to adapt to your needs.
+
+### Dependencies
+
+```
+npm install jsonwebtoken
+```
+
+### Function
+
+Create a file under `functions` (for instance `/functions/custom-jwts.ts`), with the following contents:
+
+```js
+import { Request, Response } from 'express'
+import process from 'process'
+import jwt from 'jsonwebtoken'
+
+// function to extract jwt from the request
+const getJwt = (req: Request): string | null => {
+    const authHeader = req.headers.authorization
+    if (!authHeader) {
+        return null
+    }
+
+    const parts = authHeader.split(' ')
+    if (parts.length !== 2) {
+        return null
+    }
+
+    const [scheme, token] = parts
+    if (!/^Bearer$/i.test(scheme)) {
+        return null
+    }
+
+    return token
+}
+
+// validate jwt token is valid and caller is either an admin or an operator
+const jwtIsAuthorized = (req: Request, key: string): string => {
+    const token = getJwt(req)
+    if (!token) {
+        return ""
+    }
+
+    try {
+        const decoded = jwt.verify(token, key)
+
+        const claims = decoded['https://hasura.io/jwt/claims']
+        if ( !claims || !claims['x-hasura-allowed-roles'] ) {
+            return ""
+        }
+
+        if (
+            claims['x-hasura-allowed-roles'].includes('admin') ||
+            claims['x-hasura-allowed-roles'].includes('operator')
+        ) {
+            return decoded.sub
+        }
+
+        return ""
+    } catch (e) {
+        return ""
+    }
+}
+
+/*
+This is a sample function that generates a JWT token to impersonate users.
+
+Authorization:
+
+- send a valid JWT token with the request. The token should have the `admin` or `operator` role.
+- send the `x-hasura-admin-secret` header with the request
+
+Body:
+
+A json object with the following keys:
+
+- `userId` (string): the user id for which the token is generated
+- `defaultRole` (string): the default role for the userId
+- `allowedRoles` (array of strings): the roles that the userId can assume
+
+Returns:
+
+A json object with the following keys:
+
+- `accessToken` (string) - The generated access token
+
+
+In addition to the typical JWT claims generated by Nhost, the token generated by this function will have the following claims:
+
+- `x-hasura-on-behalf-of`: the user id of the caller or `admin` if the caller used the `x-hasura-admin-secret` header
+
+You are free to modify this function to suit your needs.
+*/
+export default (req: Request, res: Response) => {
+    let authorizedCaller = ""
+    if (req.headers['x-hasura-admin-secret'] === process.env.HASURA_GRAPHQL_ADMIN_SECRET) {
+        authorizedCaller = "admin"
+    }
+
+    const jwtSecret = JSON.parse(process.env.NHOST_JWT_SECRET)
+    if (!authorizedCaller) {
+        authorizedCaller = jwtIsAuthorized(req, jwtSecret.key)
+    }
+
+    if (!authorizedCaller) {
+        return res.status(401).json({ message: 'Unauthorized' })
+    }
+
+    // extract from json in the body
+    const {userId, defaultRole, allowedRoles} = req.body
+    if (!userId || !defaultRole || !allowedRoles) {
+        return res.status(400).json({ message: 'Bad request' })
+    }
+
+    let token = jwt.sign({
+      "exp": Math.floor(Date.now() / 1000) + 60 * 60, // 1 hour
+      "https://hasura.io/jwt/claims": {
+        "x-hasura-allowed-roles": allowedRoles,
+        "x-hasura-default-role": defaultRole,
+        "x-hasura-user-id": userId,
+        "x-hasura-user-is-anonymous": "false",
+        "x-hasura-on-behalf-of": authorizedCaller
+      },
+      "iat": Math.floor(Date.now() / 1000),
+      "iss": "custom-lambda",
+      "sub": userId,
+    }, jwtSecret.key);
+
+    res.status(200).json(
+        {
+            accessToken: token,
+        },
+    )
+}
+```
+
+Now you can call it like:
+
+```
+curl -X POST \
+    -H "Content-Type: application/json" \
+    -H "x-hasura-admin-secret: nhost-admin-secret" \
+    -d '{"userId": "FFAB5354-C5EB-42C1-8BC3-AD21D2297883", "defaultRole": "user", "allowedRoles": ["user", "me"]}' \
+    https://local.functions.nhost.run/v1/custom-jwt
+{"accessToken":"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE3MTcxNDIyMTMsImh0dHBzOi8vaGFzdXJhLmlvL2p3dC9jbGFpbXMiOnsieC1oYXN1cmEtYWxsb3dlZC1yb2xlcyI6WyJ1c2VyIiwibWUiXSwieC1oYXN1cmEtZGVmYXVsdC1yb2xlIjoidXNlciIsIngtaGFzdXJhLXVzZXItaWQiOiJGRkFCNTM1NC1DNUVCLTQyQzEtOEJDMy1BRDIxRDIyOTc4ODMiLCJ4LWhhc3VyYS11c2VyLWlzLWFub255bW91cyI6ImZhbHNlIiwieC1oYXN1cmEtb24tYmVoYWxmLW9mIjoiYWRtaW4ifSwiaWF0IjoxNzE3MTM4NjEzLCJpc3MiOiJjdXN0b20tbGFtYmRhIiwic3ViIjoiRkZBQjUzNTQtQzVFQi00MkMxLThCQzMtQUQyMUQyMjk3ODgzIn0.bRhzJvXMdkQA8aXPH95uMT17WHED2rSRq3gE21Vp3Ak"}
+```
+
+The new token should be a valid token for your application with the custom values requested:
+
+```json
+{
+  "exp": 1717141288,
+  "https://hasura.io/jwt/claims": {
+    "x-hasura-allowed-roles": [
+      "a",
+      "b"
+    ],
+    "x-hasura-default-role": "user",
+    "x-hasura-user-id": "FFAB5354-C5EB-42C1-8BC3-AD21D2297883",
+    "x-hasura-user-is-anonymous": "false",
+    "x-hasura-on-behalf-of": "admin"
+  },
+  "iat": 1717137688,
+  "iss": "custom-lambda",
+  "sub": "FFAB5354-C5EB-42C1-8BC3-AD21D2297883"
+}
+```

docs/guides/auth/social/sign-in-apple.mdx

@@ -93,3 +93,7 @@ nhost.auth.signIn({
   provider: 'apple'
 })
 ```
+
+<Note>
+To use your own domain for the callback URL refer to the [custom domains](/platform/custom-domains) documentation.
+</Note>

docs/guides/auth/social/sign-in-discord.mdx

@@ -41,3 +41,7 @@ nhost.auth.signIn({
   provider: 'discord'
 })
 ```
+
+<Note>
+To use your own domain for the callback URL refer to the [custom domains](/platform/custom-domains) documentation.
+</Note>

docs/guides/auth/social/sign-in-facebook.mdx

@@ -64,3 +64,7 @@ nhost.auth.signIn({
   provider: 'facebook'
 })
 ```
+
+<Note>
+To use your own domain for the callback URL refer to the [custom domains](/platform/custom-domains) documentation.
+</Note>

docs/guides/auth/social/sign-in-github.mdx

@@ -49,3 +49,7 @@ nhost.auth.signIn({
   provider: "github",
 });
 ```
+
+<Note>
+To use your own domain for the callback URL refer to the [custom domains](/platform/custom-domains) documentation.
+</Note>

docs/guides/auth/social/sign-in-google.mdx

@@ -73,3 +73,7 @@ nhost.auth.signIn({
   provider: 'google'
 })
 ```
+
+<Note>
+To use your own domain for the callback URL refer to the [custom domains](/platform/custom-domains) documentation.
+</Note>

docs/guides/auth/social/sign-in-linkedin.mdx

@@ -64,3 +64,7 @@ nhost.auth.signIn({
   provider: 'linkedin'
 })
 ```
+
+<Note>
+To use your own domain for the callback URL refer to the [custom domains](/platform/custom-domains) documentation.
+</Note>

docs/guides/auth/social/sign-in-spotify.mdx

@@ -49,3 +49,7 @@ nhost.auth.signIn({
   provider: 'spotify'
 })
 ```
+
+<Note>
+To use your own domain for the callback URL refer to the [custom domains](/platform/custom-domains) documentation.
+</Note>

docs/guides/auth/social/sign-in-twitch.mdx

@@ -43,3 +43,7 @@ nhost.auth.signIn({
   provider: 'twitch'
 })
 ```
+
+<Note>
+To use your own domain for the callback URL refer to the [custom domains](/platform/custom-domains) documentation.
+</Note>

docs/guides/auth/social/sign-in-workos.mdx

@@ -63,3 +63,7 @@ nhost.auth.signIn({
   provider: 'workos'
 })
 ```
+
+<Note>
+To use your own domain for the callback URL refer to the [custom domains](/platform/custom-domains) documentation.
+</Note>

docs/guides/database/performance.mdx

@@ -16,7 +16,7 @@ In case your Postgres service is not meeting your performance expectations, you
 
 4. Evaluate the usage of indexes in your database. Identify queries that could benefit from additional indexes and strategically add them to improve query performance.
 
-5. Increase the disk size to increase [disk performance](/platform/compute-resources#disk-performance). Keep in mind increasing the disk size isn't reversible and increasing the memory of the service may yield better results. This is mostly useful when your data is very volatile and the postgres cache can't work effectively. Only attempt to increase disk for performance reasons if your reads and writes are very high and increasing memory isn't effective.
+5. If the problem is related to IOPS, consider increasing [disk performance](/platform/compute-resources#disk-performance).
 
 By implementing these steps, you can effectively address performance concerns and enhance the overall performance of your Postgres service.
 

docs/mint.json

@@ -134,7 +134,8 @@
         "guides/auth/sign-in-phone-number",
         "guides/auth/sign-in-webauthn",
         "guides/auth/elevated-permissions",
-        "guides/auth/email-templates"
+        "guides/auth/email-templates",
+        "guides/auth/custom-jwts"
       ]
     },
     {

docs/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@nhost/docs",
-  "version": "2.12.0",
+  "version": "2.13.0",
   "private": true,
   "scripts": {
     "start": "mintlify dev"

docs/platform/compute-resources.mdx

@@ -72,6 +72,28 @@ To setup dedicated resources for your project, you can either use the Dashboard
   </Tab>
 </Tabs>
 
+### Bursting with Dedicated Compute
+
+When using dedicated compute we allow your application to use more than its alloted CPU resources if those resources are available. This means what we are calling dedicated compute is, in fact, guaranteed compute. For instance:
+
+<div align="center">
+<img width="300" src="/images/platform/compute-resources/guaranteed-resources.png" alt="resource allocation" />
+</div>
+
+In the graph above we can see three applications assigned to the same node, each with its own dedicated compute (the solid lines block). However, all applications are allowed to use the non-solid region of compute as long as the rest of the projects are not using it:
+
+<div align="center">
+<img width="300" src="/images/platform/compute-resources/resource-utilization.png" alt="resource utilization" />
+</div>
+
+Above we can see three different scenarios:
+
+- In scenario A the green application is barely using its alloted CPU so if the other applications need it, they can borrow it.
+- Similarly, in scenario B the green application can borrow resources if it needs it from other applications if those aren't using them.
+- In the case all applications need to use all of their resources, nobody can steal from each other as resources are guaranteed per application.
+
+This borrowing of resources is convenient in case of short and unexpected bursts, however, as those are not guaranteed you shouldn't rely on them for sustained usage.
+
 ## Disk Performance
 
 By default disks are provisioned with a capacity for 3000 IOPS and 125 Mbps of throughput. If you need higher performance don't hesitate to contact us.

docs/platform/custom-domains.mdx

@@ -18,7 +18,7 @@ The following examples assume we are configuring custom domains at `*.custom-dom
     1. Add a CNAME record in your DNS provider for each of the services you want a custom domain for, and click "Verify". The verification might take a few seconds to succeed.
     2. Once the verification succeeds, click "Save" to update your project.
 
-    ![Custom Domains](./images/platform/custom-domains/custom-domains.png)
+    ![Custom Domains](./images/platform/custom-domains/custom-domains-dashboard.png)
 
   </Tab>
 
@@ -62,3 +62,16 @@ fqdn = ['my-service.custom-domain.com']
   </Tab>
 </Tabs>
 
+
+<Note>
+After configuring your custom domains don't forget to update your Nhost client to make use of them. For instance, when using our [SDK](/reference/javascript/nhost-js/nhost-client):
+
+```js
+const nhost = new NhostClient({
+  authUrl: 'https://auth.custom-domain.com/v1',
+  storageUrl: 'https://subdomain.storage.region.nhost.run/v1',
+  graphqlUrl: 'https://hasura.custom-domain.com/v1/graphql',
+  functionsUrl: 'https://functions.custom-domain.com/v1'
+})
+```
+</Note>

examples/cli/CHANGELOG.md

@@ -1,5 +1,11 @@
 # @nhost-examples/cli
 
+## 0.3.7
+
+### Patch Changes
+
+- @nhost/nhost-js@3.1.5
+
 ## 0.3.6
 
 ### Patch Changes

examples/cli/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@nhost-examples/cli",
-  "version": "0.3.6",
+  "version": "0.3.7",
   "main": "src/index.mjs",
   "private": true,
   "scripts": {

examples/codegen-react-apollo/CHANGELOG.md

@@ -1,5 +1,12 @@
 # @nhost-examples/codegen-react-apollo
 
+## 0.4.7
+
+### Patch Changes
+
+- @nhost/react@3.5.2
+- @nhost/react-apollo@12.0.2
+
 ## 0.4.6
 
 ### Patch Changes

examples/codegen-react-apollo/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@nhost-examples/codegen-react-apollo",
-  "version": "0.4.6",
+  "version": "0.4.7",
   "private": true,
   "scripts": {
     "codegen": "graphql-codegen",

examples/codegen-react-query/CHANGELOG.md

@@ -1,5 +1,11 @@
 # @nhost-examples/codegen-react-query
 
+## 0.4.7
+
+### Patch Changes
+
+- @nhost/react@3.5.2
+
 ## 0.4.6
 
 ### Patch Changes

examples/codegen-react-query/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@nhost-examples/codegen-react-query",
-  "version": "0.4.6",
+  "version": "0.4.7",
   "private": true,
   "scripts": {
     "codegen": "graphql-codegen",

examples/codegen-react-urql/CHANGELOG.md

@@ -1,5 +1,12 @@
 # @nhost-examples/react-urql
 
+## 0.3.7
+
+### Patch Changes
+
+- @nhost/react@3.5.2
+- @nhost/react-urql@9.0.2
+
 ## 0.3.6
 
 ### Patch Changes

examples/codegen-react-urql/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@nhost-examples/codegen-react-urql",
   "private": true,
-  "version": "0.3.6",
+  "version": "0.3.7",
   "scripts": {
     "dev": "vite",
     "build": "tsc && vite build",

examples/multi-tenant-one-to-many/CHANGELOG.md

@@ -1,5 +1,11 @@
 # @nhost-examples/multi-tenant-one-to-many
 
+## 2.2.7
+
+### Patch Changes
+
+- @nhost/nhost-js@3.1.5
+
 ## 2.2.6
 
 ### Patch Changes

examples/multi-tenant-one-to-many/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@nhost-examples/multi-tenant-one-to-many",
   "private": true,
-  "version": "2.2.6",
+  "version": "2.2.7",
   "description": "",
   "main": "index.js",
   "scripts": {},

examples/nextjs/CHANGELOG.md

@@ -1,5 +1,13 @@
 # @nhost-examples/nextjs
 
+## 0.3.7
+
+### Patch Changes
+
+- @nhost/react@3.5.2
+- @nhost/react-apollo@12.0.2
+- @nhost/nextjs@2.1.16
+
 ## 0.3.6
 
 ### Patch Changes

examples/nextjs/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@nhost-examples/nextjs",
-  "version": "0.3.6",
+  "version": "0.3.7",
   "private": true,
   "scripts": {
     "dev": "next dev",

examples/node-storage/CHANGELOG.md

@@ -1,5 +1,11 @@
 # @nhost-examples/node-storage
 
+## 0.2.7
+
+### Patch Changes
+
+- @nhost/nhost-js@3.1.5
+
 ## 0.2.6
 
 ### Patch Changes

examples/node-storage/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@nhost-examples/node-storage",
-  "version": "0.2.6",
+  "version": "0.2.7",
   "private": true,
   "description": "This is an example of how to use the Storage with Node.js",
   "main": "src/index.mjs",

examples/quickstarts/nextjs-server-components/CHANGELOG.md

@@ -1,5 +1,11 @@
 # @nhost-examples/nextjs-server-components
 
+## 0.4.7
+
+### Patch Changes
+
+- @nhost/nhost-js@3.1.5
+
 ## 0.4.6
 
 ### Patch Changes

examples/quickstarts/nextjs-server-components/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@nhost-examples/nextjs-server-components",
-  "version": "0.4.6",
+  "version": "0.4.7",
   "private": true,
   "scripts": {
     "dev": "next dev",

examples/react-apollo/CHANGELOG.md

@@ -1,5 +1,12 @@
 # @nhost-examples/react-apollo
 
+## 0.8.7
+
+### Patch Changes
+
+- @nhost/react@3.5.2
+- @nhost/react-apollo@12.0.2
+
 ## 0.8.6
 
 ### Patch Changes

examples/react-apollo/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@nhost-examples/react-apollo",
-  "version": "0.8.6",
+  "version": "0.8.7",
   "private": true,
   "dependencies": {
     "@apollo/client": "^3.9.9",

examples/react-gqty/CHANGELOG.md

@@ -1,5 +1,11 @@
 # @nhost-examples/react-gqty
 
+## 1.2.7
+
+### Patch Changes
+
+- @nhost/react@3.5.2
+
 ## 1.2.6
 
 ### Patch Changes

examples/react-gqty/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@nhost-examples/react-gqty",
   "private": true,
-  "version": "1.2.6",
+  "version": "1.2.7",
   "type": "module",
   "scripts": {
     "dev": "vite",

examples/vue-apollo/CHANGELOG.md

@@ -1,5 +1,13 @@
 # @nhost-examples/vue-apollo
 
+## 0.6.7
+
+### Patch Changes
+
+- @nhost/nhost-js@3.1.5
+- @nhost/apollo@7.1.2
+- @nhost/vue@2.6.2
+
 ## 0.6.6
 
 ### Patch Changes

examples/vue-apollo/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@nhost-examples/vue-apollo",
   "private": true,
-  "version": "0.6.6",
+  "version": "0.6.7",
   "scripts": {
     "dev": "vite",
     "build": "vite build",

examples/vue-quickstart/CHANGELOG.md

@@ -1,5 +1,12 @@
 # @nhost-examples/vue-quickstart
 
+## 0.2.7
+
+### Patch Changes
+
+- @nhost/apollo@7.1.2
+- @nhost/vue@2.6.2
+
 ## 0.2.6
 
 ### Patch Changes

examples/vue-quickstart/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@nhost-examples/vue-quickstart",
-  "version": "0.2.6",
+  "version": "0.2.7",
   "private": true,
   "scripts": {
     "build": "vite build",

flake.lock

@@ -5,11 +5,11 @@
         "systems": "systems"
       },
       "locked": {
-        "lastModified": 1705309234,
-        "narHash": "sha256-uNRRNRKmJyCRC/8y1RqBkqWBLM034y4qN7EprSdmgyA=",
+        "lastModified": 1710146030,
+        "narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=",
         "owner": "numtide",
         "repo": "flake-utils",
-        "rev": "1ef2e671c3b0c19053962c07dbda38332dcebf26",
+        "rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a",
         "type": "github"
       },
       "original": {
@@ -20,11 +20,11 @@
     },
     "nix-filter": {
       "locked": {
-        "lastModified": 1705332318,
-        "narHash": "sha256-kcw1yFeJe9N4PjQji9ZeX47jg0p9A0DuU4djKvg1a7I=",
+        "lastModified": 1710156097,
+        "narHash": "sha256-1Wvk8UP7PXdf8bCCaEoMnOT1qe5/Duqgj+rL8sRQsSM=",
         "owner": "numtide",
         "repo": "nix-filter",
-        "rev": "3449dc925982ad46246cfc36469baf66e1b64f17",
+        "rev": "3342559a24e85fc164b295c3444e8a139924675b",
         "type": "github"
       },
       "original": {
@@ -40,11 +40,11 @@
         "nixpkgs": "nixpkgs"
       },
       "locked": {
-        "lastModified": 1709722688,
-        "narHash": "sha256-ng5a9klcxohFhs9xfNAcZWTveM4SlMWoRoWDYyXoECE=",
+        "lastModified": 1716813459,
+        "narHash": "sha256-kPV0JcxBO3krxLeGEAsk5tZ7GUo+DStD2Cg78iGm4v0=",
         "owner": "nhost",
         "repo": "nixops",
-        "rev": "919e405ab485c099a42d44a2936cab2d3b1bd444",
+        "rev": "981affa7a17fd064bb5096ccfec8ddd98b115ef5",
         "type": "github"
       },
       "original": {
@@ -55,11 +55,11 @@
     },
     "nixpkgs": {
       "locked": {
-        "lastModified": 1708943256,
-        "narHash": "sha256-K9VeHrhXsigdhNMZ8hqAk7jtRy4ollqhkYYNZqbfssg=",
+        "lastModified": 1716715802,
+        "narHash": "sha256-usk0vE7VlxPX8jOavrtpOqphdfqEQpf9lgedlY/r66c=",
         "owner": "NixOS",
         "repo": "nixpkgs",
-        "rev": "fcea2b6260dd566c28c894b4207a5f2b56c2cba3",
+        "rev": "e2dd4e18cc1c7314e24154331bae07df76eb582f",
         "type": "github"
       },
       "original": {

integrations/apollo/CHANGELOG.md

@@ -1,5 +1,11 @@
 # @nhost/apollo
 
+## 7.1.2
+
+### Patch Changes
+
+- @nhost/nhost-js@3.1.5
+
 ## 7.1.1
 
 ### Patch Changes

integrations/apollo/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@nhost/apollo",
-  "version": "7.1.1",
+  "version": "7.1.2",
   "description": "Nhost Apollo Client library",
   "license": "MIT",
   "keywords": [

integrations/react-apollo/CHANGELOG.md

@@ -1,5 +1,12 @@
 # @nhost/react-apollo
 
+## 12.0.2
+
+### Patch Changes
+
+- @nhost/apollo@7.1.2
+- @nhost/react@3.5.2
+
 ## 12.0.1
 
 ### Patch Changes

integrations/react-apollo/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@nhost/react-apollo",
-  "version": "12.0.1",
+  "version": "12.0.2",
   "description": "Nhost React Apollo client",
   "license": "MIT",
   "keywords": [

integrations/react-urql/CHANGELOG.md

@@ -1,5 +1,11 @@
 # @nhost/react-urql
 
+## 9.0.2
+
+### Patch Changes
+
+- @nhost/react@3.5.2
+
 ## 9.0.1
 
 ### Patch Changes

integrations/react-urql/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@nhost/react-urql",
-  "version": "9.0.1",
+  "version": "9.0.2",
   "description": "Nhost React URQL client",
   "license": "MIT",
   "keywords": [

packages/hasura-auth-js/CHANGELOG.md

@@ -1,5 +1,11 @@
 # @nhost/hasura-auth-js
 
+## 2.5.2
+
+### Patch Changes
+
+- a03fb2c: fix: deep clone machine context to prevent mutations in nested objects during initial session setup
+
 ## 2.5.1
 
 ### Patch Changes

packages/hasura-auth-js/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@nhost/hasura-auth-js",
-  "version": "2.5.1",
+  "version": "2.5.2",
   "description": "Hasura-auth client",
   "license": "MIT",
   "keywords": [

packages/hasura-auth-js/src/internal-client.ts

@@ -1,5 +1,11 @@
 import { interpret } from 'xstate'
-import { AuthInterpreter, AuthMachine, AuthMachineOptions, createAuthMachine } from './machines'
+import {
+  AuthContext,
+  AuthInterpreter,
+  AuthMachine,
+  AuthMachineOptions,
+  createAuthMachine
+} from './machines'
 import { NhostSession } from './types'
 import { isBrowser } from './utils'
 
@@ -87,7 +93,17 @@ export class AuthClient {
     initialSession,
     interpreter
   }: { interpreter?: AuthInterpreter; initialSession?: NhostSession; devTools?: boolean } = {}) {
-    const context = { ...this.machine.context }
+    // Create a deep copy of the machine context to ensure that nested objects (such as accessToken and refreshToken) are not mutated in the original context.
+    const context: AuthContext = {
+      ...this.machine.context,
+      accessToken: {
+        ...this.machine.context.accessToken
+      },
+      refreshToken: {
+        ...this.machine.context.refreshToken
+      }
+    }
+
     if (initialSession) {
       context.user = initialSession.user
       context.refreshToken.value = initialSession.refreshToken ?? null

packages/nextjs/CHANGELOG.md

@@ -1,5 +1,11 @@
 # @nhost/nextjs
 
+## 2.1.16
+
+### Patch Changes
+
+- @nhost/react@3.5.2
+
 ## 2.1.15
 
 ### Patch Changes

packages/nextjs/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@nhost/nextjs",
-  "version": "2.1.15",
+  "version": "2.1.16",
   "description": "Nhost NextJS library",
   "license": "MIT",
   "keywords": [

packages/nhost-js/CHANGELOG.md

@@ -1,5 +1,12 @@
 # @nhost/nhost-js
 
+## 3.1.5
+
+### Patch Changes
+
+- Updated dependencies [a03fb2c]
+  - @nhost/hasura-auth-js@2.5.2
+
 ## 3.1.4
 
 ### Patch Changes

packages/nhost-js/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@nhost/nhost-js",
-  "version": "3.1.4",
+  "version": "3.1.5",
   "description": "Nhost JavaScript SDK",
   "license": "MIT",
   "keywords": [

packages/react/CHANGELOG.md

@@ -1,5 +1,11 @@
 # @nhost/react
 
+## 3.5.2
+
+### Patch Changes
+
+- @nhost/nhost-js@3.1.5
+
 ## 3.5.1
 
 ### Patch Changes

packages/react/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@nhost/react",
-  "version": "3.5.1",
+  "version": "3.5.2",
   "description": "Nhost React library",
   "license": "MIT",
   "keywords": [

packages/vue/CHANGELOG.md

@@ -1,5 +1,11 @@
 # @nhost/vue
 
+## 2.6.2
+
+### Patch Changes
+
+- @nhost/nhost-js@3.1.5
+
 ## 2.6.1
 
 ### Patch Changes

packages/vue/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@nhost/vue",
-  "version": "2.6.1",
+  "version": "2.6.2",
   "description": "Nhost Vue library",
   "license": "MIT",
   "keywords": [