fix: restore web build after dependency upgrades (#7425)

2026-03-06 18:39:28 -06:00 · 2026-03-05 23:42:03 +01:00
parent 6c257cc1b6
commit a98f3a5806
6 changed files with 78 additions and 95 deletions
--- a/apps/web/modules/auth/lib/totp.ts
+++ b/apps/web/modules/auth/lib/totp.ts
@@ -1,15 +1,7 @@
-import { OTP, type OTPVerifyOptions } from "otplib";
-
-type TOTPAuthenticatorOptions = {
-  window?: number | [number, number];
-  period?: OTPVerifyOptions["period"];
-  epoch?: OTPVerifyOptions["epoch"];
-  t0?: OTPVerifyOptions["t0"];
-  algorithm?: OTPVerifyOptions["algorithm"];
-  digits?: OTPVerifyOptions["digits"];
-};
-
-const createTotp = () => new OTP({ strategy: "totp" });
+import { Authenticator } from "@otplib/core";
+import type { AuthenticatorOptions } from "@otplib/core/authenticator";
+import { createDigest, createRandomBytes } from "@otplib/plugin-crypto";
+import { keyDecoder, keyEncoder } from "@otplib/plugin-thirty-two";

 /**
 * Checks the validity of a TOTP token using a base32-encoded secret.
@@ -22,19 +14,16 @@ const createTotp = () => new OTP({ strategy: "totp" });
 export const totpAuthenticatorCheck = (
  token: string,
  secret: string,
-  opts: TOTPAuthenticatorOptions = {}
+  opts: Partial<AuthenticatorOptions> = {}
 ) => {
-  const { window = [1, 0], period = 30, ...rest } = opts;
-  const [pastWindow, futureWindow] = Array.isArray(window) ? window : [window, window];
-  const totp = createTotp();
-
-  const result = totp.verifySync({
-    token,
-    secret,
-    period,
-    epochTolerance: [pastWindow * period, futureWindow * period],
+  const { window = [1, 0], ...rest } = opts;
+  const authenticator = new Authenticator({
+    createDigest,
+    createRandomBytes,
+    keyDecoder,
+    keyEncoder,
+    window,
    ...rest,
  });
-
-  return result.valid;
+  return authenticator.check(token, secret);
 };
--- a/apps/web/modules/ee/billing/api/lib/is-subscription-cancelled.ts
+++ b/apps/web/modules/ee/billing/api/lib/is-subscription-cancelled.ts
@@ -29,9 +29,10 @@ export const isSubscriptionCancelled = async (

    for (const subscription of subscriptions.data) {
      if (subscription.cancel_at_period_end) {
+        const periodEndTimestamp = subscription.cancel_at ?? subscription.items.data[0]?.current_period_end;
        return {
          cancelled: true,
-          date: new Date(subscription.current_period_end * 1000),
+          date: periodEndTimestamp ? new Date(periodEndTimestamp * 1000) : null,
        };
      }
    }
--- a/apps/web/modules/ee/two-factor-auth/lib/two-factor-auth.ts
+++ b/apps/web/modules/ee/two-factor-auth/lib/two-factor-auth.ts
@@ -1,5 +1,5 @@
 import crypto from "crypto";
-import { generateSecret, generateURI } from "otplib";
+import { authenticator } from "otplib";
 import qrcode from "qrcode";
 import { prisma } from "@formbricks/database";
 import { InvalidInputError, ResourceNotFoundError } from "@formbricks/types/errors";
@@ -19,7 +19,7 @@ export const setupTwoFactorAuth = async (
 }> => {
  // This generates a secret 32 characters in length. Do not modify the number of
  // bytes without updating the sanity checks in the enable and login endpoints.
-  const secret = generateSecret({ length: 20 });
+  const secret = authenticator.generateSecret(20);

  // generate backup codes with 10 character length
  const backupCodes = Array.from(Array(10), () => crypto.randomBytes(5).toString("hex"));
@@ -64,7 +64,7 @@ export const setupTwoFactorAuth = async (
  });

  const name = user.email || user.name || user.id.toString();
-  const keyUri = generateURI({ label: name, issuer: "Formbricks", secret });
+  const keyUri = authenticator.keyuri(name, "Formbricks", secret);
  const dataUri = await qrcode.toDataURL(keyUri);

  return { secret, keyUri, dataUri, backupCodes };
--- a/apps/web/package.json
+++ b/apps/web/package.json
@@ -51,7 +51,7 @@
    "@opentelemetry/sdk-node": "0.213.0",
    "@opentelemetry/sdk-trace-base": "2.6.0",
    "@opentelemetry/semantic-conventions": "1.40.0",
-    "@paralleldrive/cuid2": "3.3.0",
+    "@paralleldrive/cuid2": "2.3.1",
    "@prisma/client": "6.19.2",
    "@prisma/instrumentation": "6.19.2",
    "@radix-ui/react-checkbox": "1.3.3",
@@ -100,7 +100,7 @@
    "next-safe-action": "8.1.5",
    "node-fetch": "3.3.2",
    "nodemailer": "8.0.1",
-    "otplib": "13.3.0",
+    "otplib": "12.0.1",
    "papaparse": "5.5.3",
    "prismjs": "1.30.0",
    "qr-code-styling": "1.9.2",
--- a/packages/database/package.json
+++ b/packages/database/package.json
@@ -48,7 +48,7 @@
  },
  "dependencies": {
    "@formbricks/logger": "workspace:*",
-    "@paralleldrive/cuid2": "3.3.0",
+    "@paralleldrive/cuid2": "2.3.1",
    "@prisma/client": "6.19.2",
    "bcryptjs": "3.0.3",
    "uuid": "13.0.0",
--- a/pnpm-lock.yaml
+++ b/pnpm-lock.yaml
@@ -207,8 +207,8 @@ importers:
        specifier: 1.40.0
        version: 1.40.0
      '@paralleldrive/cuid2':
-        specifier: 3.3.0
-        version: 3.3.0
+        specifier: 2.3.1
+        version: 2.3.1
      '@prisma/client':
        specifier: 6.19.2
        version: 6.19.2(prisma@7.4.2(@types/react@19.2.14)(magicast@0.3.5)(react-dom@19.2.4(react@19.2.4))(react@19.2.4)(typescript@5.9.3))(typescript@5.9.3)
@@ -354,8 +354,8 @@ importers:
        specifier: 8.0.1
        version: 8.0.1
      otplib:
-        specifier: 13.3.0
-        version: 13.3.0
+        specifier: 12.0.1
+        version: 12.0.1
      papaparse:
        specifier: 5.5.3
        version: 5.5.3
@@ -608,8 +608,8 @@ importers:
        specifier: workspace:*
        version: link:../logger
      '@paralleldrive/cuid2':
-        specifier: 3.3.0
-        version: 3.3.0
+        specifier: 2.3.1
+        version: 2.3.1
      '@prisma/client':
        specifier: 6.19.2
        version: 6.19.2(prisma@6.19.2(magicast@0.3.5)(typescript@5.9.3))(typescript@5.9.3)
@@ -2709,6 +2709,10 @@ packages:
  '@nicolo-ribaudo/eslint-scope-5-internals@5.1.1-v1':
    resolution: {integrity: sha512-54/JRvkLIzzDWshCWfuhadfrfZVPiElY8Fcgmg1HroEly/EDSszzhBAsarCux+D/kOslTRquNzuyGSmUSTTHGg==}

+  '@noble/hashes@1.8.0':
+    resolution: {integrity: sha512-jCs9ldd7NwzpgXDIf6P3+NrHh9/sD6CQdxHyjQI+h/6rDNo88ypBxxz45UDuZHz9r3tNz7N/VInSVoVdtXEI4A==}
+    engines: {node: ^14.21.3 || >=16}
+
  '@noble/hashes@2.0.1':
    resolution: {integrity: sha512-XlOlEbQcE9fmuXxrVTXCTlG2nlRXa9Rj3rr5Ue/+tX+nmkgbX720YHh0VR3hBF9xDvwnb8D2shVGOwNx+ulArw==}
    engines: {node: '>= 20.19.0'}
@@ -3508,30 +3512,29 @@ packages:
    peerDependencies:
      '@opentelemetry/api': ^1.1.0

-  '@otplib/core@13.3.0':
-    resolution: {integrity: sha512-pnQDOuCmFVeF/XnboJq9TOJgLoo2idNPJKMymOF8vGqJJ+ReKRYM9bUGjNPRWC0tHjMwu1TXbnzyBp494JgRag==}
+  '@otplib/core@12.0.1':
+    resolution: {integrity: sha512-4sGntwbA/AC+SbPhbsziRiD+jNDdIzsZ3JUyfZwjtKyc/wufl1pnSIaG4Uqx8ymPagujub0o92kgBnB89cuAMA==}

-  '@otplib/hotp@13.3.0':
-    resolution: {integrity: sha512-XJMZGz2bg4QJwK7ulvl1GUI2VMn/flaIk/E/BTKAejHsX2kUtPF1bRhlZ2+elq8uU5Fs9Z9FHcQK2CPZNQbbUQ==}
+  '@otplib/plugin-crypto@12.0.1':
+    resolution: {integrity: sha512-qPuhN3QrT7ZZLcLCyKOSNhuijUi9G5guMRVrxq63r9YNOxxQjPm59gVxLM+7xGnHnM6cimY57tuKsjK7y9LM1g==}
+    deprecated: Please upgrade to v13 of otplib. Refer to otplib docs for migration paths

-  '@otplib/plugin-base32-scure@13.3.0':
-    resolution: {integrity: sha512-/jYbL5S6GB0Ie3XGEWtLIr9s5ZICl/BfmNL7+8/W7usZaUU4GiyLd2S+JGsNCslPyqNekSudD864nDAvRI0s8w==}
+  '@otplib/plugin-thirty-two@12.0.1':
+    resolution: {integrity: sha512-MtT+uqRso909UkbrrYpJ6XFjj9D+x2Py7KjTO9JDPhL0bJUYVu5kFP4TFZW4NFAywrAtFRxOVY261u0qwb93gA==}
+    deprecated: Please upgrade to v13 of otplib. Refer to otplib docs for migration paths

-  '@otplib/plugin-crypto-noble@13.3.0':
-    resolution: {integrity: sha512-wmV+jBVncepgwv99G7Plrdzd0tHfbpXk2U+OD7MO7DzpDqOYEgOPi+IIneksJSTL8QvWdfi+uQEuhnER4fKouA==}
+  '@otplib/preset-default@12.0.1':
+    resolution: {integrity: sha512-xf1v9oOJRyXfluBhMdpOkr+bsE+Irt+0D5uHtvg6x1eosfmHCsCC6ej/m7FXiWqdo0+ZUI6xSKDhJwc8yfiOPQ==}
+    deprecated: Please upgrade to v13 of otplib. Refer to otplib docs for migration paths

-  '@otplib/totp@13.3.0':
-    resolution: {integrity: sha512-XfjGNoN8d9S3Ove2j7AwkVV7+QDFsV7Lm7YwSiezNaHffkWtJ60aJYpmf+01dARdPST71U2ptueMsRJso4sq4A==}
-
-  '@otplib/uri@13.3.0':
-    resolution: {integrity: sha512-3oh6nBXy+cm3UX9cxEAGZiDrfxHU2gfelYFV+XNCx+8dq39VaQVymwlU2yjPZiMAi/3agaUeEftf2RwM5F+Cyg==}
+  '@otplib/preset-v11@12.0.1':
+    resolution: {integrity: sha512-9hSetMI7ECqbFiKICrNa4w70deTUfArtwXykPUvSHWOdzOlfa9ajglu7mNCntlvxycTiOAXkQGwjQCzzDEMRMg==}

  '@panva/hkdf@1.2.1':
    resolution: {integrity: sha512-6oclG6Y3PiDFcoyk8srjLfVKyMfVCKJ27JwNPViuXziFpmdz+MZnZN/aKY0JGXgYuO/VghU0jcOAZgWXZ1Dmrw==}

-  '@paralleldrive/cuid2@3.3.0':
-    resolution: {integrity: sha512-OqiFvSOF0dBSesELYY2CAMa4YINvlLpvKOz/rv6NeZEqiyttlHgv98Juwv4Ch+GrEV7IZ8jfI2VcEoYUjXXCjw==}
-    hasBin: true
+  '@paralleldrive/cuid2@2.3.1':
+    resolution: {integrity: sha512-XO7cAxhnTZl0Yggq6jOgjiOHhbgcO4NqFqwSmQpjK3b6TEE6Uj/jfSk6wzYyemh3+I0sHirKSetjQwn5cZktFw==}

  '@pinojs/redact@0.4.0':
    resolution: {integrity: sha512-k2ENnmBugE/rzQfEcdWHcCY+/FM3VLzH9cYEsbdsoqrvzAKRhUZeRNhAZvB8OitQJ1TBed3yqWtdjzS6wJKBwg==}
@@ -4726,9 +4729,6 @@ packages:
  '@rushstack/ts-command-line@5.3.3':
    resolution: {integrity: sha512-c+ltdcvC7ym+10lhwR/vWiOhsrm/bP3By2VsFcs5qTKv+6tTmxgbVrtJ5NdNjANiV5TcmOZgUN+5KYQ4llsvEw==}

-  '@scure/base@2.0.0':
-    resolution: {integrity: sha512-3E1kpuZginKkek01ovG8krQ0Z44E3DHPjc5S2rjJw9lZn3KSQOs8S7wqikF/AH7iRanHypj85uGyxk0XAyC37w==}
-
  '@selderee/plugin-htmlparser2@0.11.0':
    resolution: {integrity: sha512-P33hHGdldxGabLFjPPpaTxVolMrzrcegejx+0GxjrIb9Zv48D8yAIA/QTDR2dFl7Uz7urX8aX6+5bCZslr+gWQ==}

@@ -7318,9 +7318,6 @@ packages:
  err-code@2.0.3:
    resolution: {integrity: sha512-2bmlRpNKBxT/CRmPOlyISQpNj+qSeYvcym/uT0Jx2bMOlKLtSy1ZmLuVxSEKKyor/N5yhvp/ZiG1oE3DEYMSFA==}

-  error-causes@3.0.2:
-    resolution: {integrity: sha512-i0B8zq1dHL6mM85FGoxaJnVtx6LD5nL2v0hlpGdntg5FOSyzQ46c9lmz5qx0xRS2+PWHGOHcYxGIBC5Le2dRMw==}
-
  error-ex@1.3.4:
    resolution: {integrity: sha512-sqQamAnR14VgCr1A618A3sGrygcpK+HEbenA/HiEAkkUwcZIIB/tgWqHFxWgOyDh4nB4JCRimh79dR5Ywc9MDQ==}

@@ -9306,8 +9303,8 @@ packages:
  otlp-logger@2.0.0:
    resolution: {integrity: sha512-QINdS45wkraRxz3+bGoKEWJjlCUYCVxrFThP4iwoh6mU1BvCFXU+VLnGxteatBb9iol9+Dj0WQfL+isPilnMZQ==}

-  otplib@13.3.0:
-    resolution: {integrity: sha512-VYMKyyDG8yt2q+z58sz54/EIyTh7+tyMrjeemR44iVh5+dkKtIs57irTqxjH+IkAL1uMmG1JIFhG5CxTpqdU5g==}
+  otplib@12.0.1:
+    resolution: {integrity: sha512-xDGvUOQjop7RDgxTQ+o4pOol0/3xSZzawTiPKRrHnQWAy0WjhNs/5HdIDJCrqC4MBynmjXgULc6YfioaxZeFgg==}

  own-keys@1.0.1:
    resolution: {integrity: sha512-qFOyK5PjiWZd+QQIh+1jhdb9LpxTF0qs7Pm8o5QHYZ0M3vKqSqzsZaEB6oWlxZ+q2sJBMI/Ktgd2N5ZwQoRHfg==}
@@ -10663,6 +10660,10 @@ packages:
  thenify@3.3.1:
    resolution: {integrity: sha512-RVZSIV5IG10Hk3enotrhvz0T9em6cyHBLkH/YAZuKqd8hRkKhSfCGIcP2KUY0EPxndzANBmNllzWPwak+bheSw==}

+  thirty-two@1.0.2:
+    resolution: {integrity: sha512-OEI0IWCe+Dw46019YLl6V10Us5bi574EvlJEOcAkB29IzQ/mYD1A6RyNHLjZPiHCmuodxvgF6U+vZO1L15lxVA==}
+    engines: {node: '>=0.2.6'}
+
  thread-stream@4.0.0:
    resolution: {integrity: sha512-4iMVL6HAINXWf1ZKZjIPcz5wYaOdPhtO8ATvZ+Xqp3BTdaqtAwQkNmKORqcIo5YkQqGXq5cwfswDwMqqQNrpJA==}
    engines: {node: '>=20'}
@@ -13845,7 +13846,10 @@ snapshots:
    dependencies:
      eslint-scope: 5.1.1

-  '@noble/hashes@2.0.1': {}
+  '@noble/hashes@1.8.0': {}
+
+  '@noble/hashes@2.0.1':
+    optional: true

  '@nodelib/fs.scandir@2.1.5':
    dependencies:
@@ -14967,40 +14971,34 @@ snapshots:
      '@opentelemetry/api': 1.9.0
      '@opentelemetry/core': 2.6.0(@opentelemetry/api@1.9.0)

-  '@otplib/core@13.3.0': {}
+  '@otplib/core@12.0.1': {}

-  '@otplib/hotp@13.3.0':
+  '@otplib/plugin-crypto@12.0.1':
    dependencies:
-      '@otplib/core': 13.3.0
-      '@otplib/uri': 13.3.0
+      '@otplib/core': 12.0.1

-  '@otplib/plugin-base32-scure@13.3.0':
+  '@otplib/plugin-thirty-two@12.0.1':
    dependencies:
-      '@otplib/core': 13.3.0
-      '@scure/base': 2.0.0
+      '@otplib/core': 12.0.1
+      thirty-two: 1.0.2

-  '@otplib/plugin-crypto-noble@13.3.0':
+  '@otplib/preset-default@12.0.1':
    dependencies:
-      '@noble/hashes': 2.0.1
-      '@otplib/core': 13.3.0
+      '@otplib/core': 12.0.1
+      '@otplib/plugin-crypto': 12.0.1
+      '@otplib/plugin-thirty-two': 12.0.1

-  '@otplib/totp@13.3.0':
+  '@otplib/preset-v11@12.0.1':
    dependencies:
-      '@otplib/core': 13.3.0
-      '@otplib/hotp': 13.3.0
-      '@otplib/uri': 13.3.0
-
-  '@otplib/uri@13.3.0':
-    dependencies:
-      '@otplib/core': 13.3.0
+      '@otplib/core': 12.0.1
+      '@otplib/plugin-crypto': 12.0.1
+      '@otplib/plugin-thirty-two': 12.0.1

  '@panva/hkdf@1.2.1': {}

-  '@paralleldrive/cuid2@3.3.0':
+  '@paralleldrive/cuid2@2.3.1':
    dependencies:
-      '@noble/hashes': 2.0.1
-      bignumber.js: 9.3.1
-      error-causes: 3.0.2
+      '@noble/hashes': 1.8.0

  '@pinojs/redact@0.4.0': {}

@@ -16112,8 +16110,6 @@ snapshots:
    transitivePeerDependencies:
      - '@types/node'

-  '@scure/base@2.0.0': {}
-
  '@selderee/plugin-htmlparser2@0.11.0':
    dependencies:
      domhandler: 5.0.3
@@ -19138,8 +19134,6 @@ snapshots:
  err-code@2.0.3:
    optional: true

-  error-causes@3.0.2: {}
-
  error-ex@1.3.4:
    dependencies:
      is-arrayish: 0.2.1
@@ -21511,14 +21505,11 @@ snapshots:
    transitivePeerDependencies:
      - '@opentelemetry/api'

-  otplib@13.3.0:
+  otplib@12.0.1:
    dependencies:
-      '@otplib/core': 13.3.0
-      '@otplib/hotp': 13.3.0
-      '@otplib/plugin-base32-scure': 13.3.0
-      '@otplib/plugin-crypto-noble': 13.3.0
-      '@otplib/totp': 13.3.0
-      '@otplib/uri': 13.3.0
+      '@otplib/core': 12.0.1
+      '@otplib/preset-default': 12.0.1
+      '@otplib/preset-v11': 12.0.1

  own-keys@1.0.1:
    dependencies:
@@ -23089,6 +23080,8 @@ snapshots:
    dependencies:
      any-promise: 1.3.0

+  thirty-two@1.0.2: {}
+
  thread-stream@4.0.0:
    dependencies:
      real-require: 0.2.0