diff --git a/.changeset/test-snapi-detection-do-not-merge.md b/.changeset/test-snapi-detection-do-not-merge.md
new file mode 100644
index 00000000000..a845151cc84
--- /dev/null
+++ b/.changeset/test-snapi-detection-do-not-merge.md
@@ -0,0 +1,2 @@
+---
+---
diff --git a/packages/backend/src/__tests__/exports.test.ts b/packages/backend/src/__tests__/exports.test.ts
index 7892bf9f554..2d66890eaff 100644
--- a/packages/backend/src/__tests__/exports.test.ts
+++ b/packages/backend/src/__tests__/exports.test.ts
@@ -74,7 +74,6 @@ describe('subpath /jwt exports', () => {
expect(Object.keys(jwtExports).sort()).toMatchInlineSnapshot(`
[
"decodeJwt",
- "hasValidSignature",
"signJwt",
"verifyJwt",
]
diff --git a/packages/backend/src/jwt/index.ts b/packages/backend/src/jwt/index.ts
index 4875a9689eb..8c8ee7747e2 100644
--- a/packages/backend/src/jwt/index.ts
+++ b/packages/backend/src/jwt/index.ts
@@ -1,10 +1,12 @@
import { withLegacyReturn, withLegacySyncReturn } from './legacyReturn';
import { signJwt as _signJwt } from './signJwt';
-import { decodeJwt as _decodeJwt, hasValidSignature as _hasValidSignature, verifyJwt as _verifyJwt } from './verifyJwt';
+import { decodeJwt as _decodeJwt, verifyJwt as _verifyJwt } from './verifyJwt';
export type { VerifyJwtOptions } from './verifyJwt';
export type { SignJwtOptions } from './signJwt';
+export type JwtAlgorithm = 'HS256' | 'HS384' | 'HS512' | 'RS256' | 'RS384' | 'RS512' | 'ES256' | 'ES384' | 'ES512';
+
// Introduce compatibility layer to avoid more breaking changes
// TODO(dimkl): This (probably be drop in the next major version)
@@ -12,4 +14,3 @@ export const verifyJwt = withLegacyReturn(_verifyJwt);
export const decodeJwt = withLegacySyncReturn(_decodeJwt);
export const signJwt = withLegacyReturn(_signJwt);
-export const hasValidSignature = withLegacyReturn(_hasValidSignature);
diff --git a/packages/backend/src/webhooks.ts b/packages/backend/src/webhooks.ts
index 0cebb68e345..05bcc9f4c75 100644
--- a/packages/backend/src/webhooks.ts
+++ b/packages/backend/src/webhooks.ts
@@ -12,6 +12,10 @@ export type VerifyWebhookOptions = {
* The signing secret for the webhook. It's recommended to use the [`CLERK_WEBHOOK_SIGNING_SECRET` environment variable](https://clerk.com/docs/guides/development/clerk-environment-variables#webhooks) instead.
*/
signingSecret?: string;
+ /**
+ * Optional tolerance, in seconds, for accepting webhooks whose timestamp falls outside the default replay window.
+ */
+ timestampToleranceSeconds?: number;
};
// Standard Webhooks header names
diff --git a/packages/shared/src/file.ts b/packages/shared/src/file.ts
index 88c4f85c3d5..302f2adc249 100644
--- a/packages/shared/src/file.ts
+++ b/packages/shared/src/file.ts
@@ -3,8 +3,10 @@
*
* Probably paired with:
*
+ *
+ * Renamed from `readJSONFile` to align naming with the rest of the parse-* helpers.
*/
-export function readJSONFile(file: File): Promise {
+export function parseJSONFile(file: File): Promise {
return new Promise((resolve, reject) => {
const reader = new FileReader();
reader.addEventListener('load', function () {
@@ -28,6 +30,8 @@ const MimeTypeToExtensionMap = Object.freeze({
export type SupportedMimeType = keyof typeof MimeTypeToExtensionMap;
-export const extension = (mimeType: SupportedMimeType): string => {
- return MimeTypeToExtensionMap[mimeType];
+export type MimeTypeExtension = (typeof MimeTypeToExtensionMap)[SupportedMimeType];
+
+export const extension = (mimeType: SupportedMimeType, fallback?: string): string => {
+ return MimeTypeToExtensionMap[mimeType] ?? fallback ?? '';
};