2.23.0: Enforce Policies API for invitations and creating accounts; added WeakPassword handling; Fix dialog open/closed states (#439)

* chore: bump version to 2.22.1 and update dependencies

- Updated application version from 2.22.0 to 2.22.1 in package.json.
- Updated various dependencies including @marsidev/react-turnstile to 1.4.1, @stripe/react-stripe-js to 5.4.1, @stripe/stripe-js to 8.6.1, and react-hook-form to 7.70.0.
- Adjusted lucide-react version to be referenced from the catalog across multiple package.json files.
- Enhanced consistency in pnpm-lock.yaml and pnpm-workspace.yaml with updated package versions.

* chore: bump version to 2.23.0 and update dependencies

- Updated application version from 2.22.1 to 2.23.0 in package.json.
- Upgraded turbo dependency from 2.7.1 to 2.7.3 in package.json and pnpm-lock.yaml.
- Enhanced end-to-end testing documentation in AGENTS.md and CLAUDE.md with instructions for running tests.
- Updated AuthPageObject to use a new secret for user creation in auth.po.ts.
- Refactored team ownership transfer and member role update dialogs to close on success.
- Improved error handling for weak passwords in AuthErrorAlert component.
- Adjusted database schemas and tests to reflect changes in invitation policies and role management.

packages/features/auth/package.json

@@ -27,13 +27,13 @@
     "@kit/supabase": "workspace:*",
     "@kit/tsconfig": "workspace:*",
     "@kit/ui": "workspace:*",
-    "@marsidev/react-turnstile": "^1.4.0",
+    "@marsidev/react-turnstile": "catalog:",
     "@radix-ui/react-icons": "^1.3.2",
     "@supabase/supabase-js": "catalog:",
     "@tanstack/react-query": "catalog:",
     "@types/node": "catalog:",
     "@types/react": "catalog:",
-    "lucide-react": "^0.562.0",
+    "lucide-react": "catalog:",
     "next": "catalog:",
     "react-hook-form": "catalog:",
     "react-i18next": "catalog:",

packages/features/auth/src/components/auth-error-alert.tsx

@@ -1,8 +1,16 @@
 import { ExclamationTriangleIcon } from '@radix-ui/react-icons';
 
+import {
+  WeakPasswordError,
+  WeakPasswordReason,
+} from '@kit/supabase/hooks/use-sign-up-with-email-password';
 import { Alert, AlertDescription, AlertTitle } from '@kit/ui/alert';
 import { Trans } from '@kit/ui/trans';
 
+function isWeakPasswordError(error: unknown): error is WeakPasswordError {
+  return error instanceof Error && error.name === 'WeakPasswordError';
+}
+
 /**
  * @name AuthErrorAlert
  * @param error This error comes from Supabase as the code returned on errors
@@ -20,6 +28,11 @@ export function AuthErrorAlert({
     return null;
   }
 
+  // Handle weak password errors specially
+  if (isWeakPasswordError(error)) {
+    return <WeakPasswordErrorAlert reasons={error.reasons} />;
+  }
+
   const DefaultError = <Trans i18nKey="auth:errors.default" />;
   const errorCode = error instanceof Error ? error.message : error;
 
@@ -41,3 +54,36 @@ export function AuthErrorAlert({
     </Alert>
   );
 }
+
+function WeakPasswordErrorAlert({
+  reasons,
+}: {
+  reasons: WeakPasswordReason[];
+}) {
+  return (
+    <Alert variant={'destructive'}>
+      <ExclamationTriangleIcon className={'w-4'} />
+
+      <AlertTitle>
+        <Trans i18nKey={'auth:errors.weakPassword.title'} />
+      </AlertTitle>
+
+      <AlertDescription data-test={'auth-error-message'}>
+        <Trans i18nKey={'auth:errors.weakPassword.description'} />
+
+        {reasons.length > 0 && (
+          <ul className="mt-2 list-inside list-disc space-y-1 text-xs">
+            {reasons.map((reason) => (
+              <li key={reason}>
+                <Trans
+                  i18nKey={`auth:errors.weakPassword.reasons.${reason}`}
+                  defaults={reason}
+                />
+              </li>
+            ))}
+          </ul>
+        )}
+      </AlertDescription>
+    </Alert>
+  );
+}