fix(clerk-js,localizations,backend): Rename passwordUntrusted to passwordCompromised (#7352)

Author: octoper

.changeset/honest-pigs-move.md

@@ -0,0 +1,5 @@
+---
+'@clerk/backend': patch
+---
+
+Rename `__experimental_passwordUntrusted` to `__experimental_passwordCompromised`

.changeset/moody-dryers-serve.md

@@ -0,0 +1,5 @@
+---
+'@clerk/localizations': patch
+---
+
+Deprecating `passwordUntrusted` in favour of `passwordCompromised` and `form_password_untrusted__sign_in` to `form_password_compromised__sign_in`

.changeset/some-phones-report.md

@@ -0,0 +1,6 @@
+---
+'@clerk/clerk-js': patch
+'@clerk/shared': patch
+---
+
+Rename internal `isPasswordUntrustedError` to `isPasswordCompromisedError`

integration/testUtils/usersService.ts

@@ -76,7 +76,7 @@ export type UserService = {
   createFakeOrganization: (userId: string) => Promise<FakeOrganization>;
   getUser: (opts: { id?: string; email?: string }) => Promise<User | undefined>;
   createFakeAPIKey: (userId: string) => Promise<FakeAPIKey>;
-  passwordUntrusted: (userId: string) => Promise<void>;
+  passwordCompromised: (userId: string) => Promise<void>;
 };
 
 /**
@@ -211,8 +211,8 @@ export const createUserService = (clerkClient: ClerkClient) => {
         revoke: () => clerkClient.apiKeys.revoke({ apiKeyId: apiKey.id, revocationReason: 'For testing purposes' }),
       } satisfies FakeAPIKey;
     },
-    passwordUntrusted: async (userId: string) => {
-      await clerkClient.users.__experimental_passwordUntrusted(userId);
+    passwordCompromised: async (userId: string) => {
+      await clerkClient.users.__experimental_passwordCompromised(userId);
     },
   };
 

integration/tests/session-tasks-sign-in-reset-password.test.ts

@@ -19,7 +19,7 @@ testAgainstRunningApps({ withEnv: [appConfigs.envs.withSessionTasksResetPassword
       const user = u.services.users.createFakeUser();
       const createdUser = await u.services.users.createBapiUser(user);
 
-      await u.services.users.passwordUntrusted(createdUser.id);
+      await u.services.users.passwordCompromised(createdUser.id);
 
       // Performs sign-in
       await u.po.signIn.goTo();
@@ -66,7 +66,7 @@ testAgainstRunningApps({ withEnv: [appConfigs.envs.withSessionTasksResetPassword
       const user = u.services.users.createFakeUser();
       const createdUser = await u.services.users.createBapiUser(user);
 
-      await u.services.users.passwordUntrusted(createdUser.id);
+      await u.services.users.passwordCompromised(createdUser.id);
       const fakeOrganization = u.services.organizations.createFakeOrganization();
       await u.services.organizations.createBapiOrganization({
         name: fakeOrganization.name,

packages/backend/src/api/endpoints/UserApi.ts

@@ -448,11 +448,11 @@ export class UserAPI extends AbstractAPI {
     });
   }
 
-  public async __experimental_passwordUntrusted(userId: string) {
+  public async __experimental_passwordCompromised(userId: string) {
     this.requireId(userId);
     return this.request<User>({
       method: 'POST',
-      path: joinPaths(basePath, userId, 'password_untrusted'),
+      path: joinPaths(basePath, userId, 'password_compromised'),
       bodyParams: {
         revokeAllSessions: false,
       },

packages/clerk-js/src/ui/components/SignIn/AlternativeMethods.tsx

@@ -18,7 +18,7 @@ import { SignInSocialButtons } from './SignInSocialButtons';
 import { useResetPasswordFactor } from './useResetPasswordFactor';
 import { withHavingTrouble } from './withHavingTrouble';
 
-export type AlternativeMethodsMode = 'forgot' | 'pwned' | 'passwordUntrusted' | 'default';
+export type AlternativeMethodsMode = 'forgot' | 'pwned' | 'passwordCompromised' | 'default';
 
 export type AlternativeMethodsProps = {
   onBackLinkClick: React.MouseEventHandler | undefined;
@@ -55,7 +55,7 @@ const AlternativeMethodsList = (props: AlternativeMethodListProps) => {
         <Card.Content>
           <Header.Root showLogo>
             <Header.Title localizationKey={cardTitleKey} />
-            {!isReset && mode !== 'passwordUntrusted' && (
+            {!isReset && mode !== 'passwordCompromised' && (
               <Header.Subtitle localizationKey={localizationKeys('signIn.alternativeMethods.subtitle')} />
             )}
           </Header.Root>
@@ -185,8 +185,8 @@ function determineFlowPart(mode: AlternativeMethodsMode) {
       return 'forgotPasswordMethods';
     case 'pwned':
       return 'passwordPwnedMethods';
-    case 'passwordUntrusted':
-      return 'passwordUntrustedMethods';
+    case 'passwordCompromised':
+      return 'passwordCompromisedMethods';
     default:
       return 'alternativeMethods';
   }
@@ -198,8 +198,8 @@ function determineTitle(mode: AlternativeMethodsMode): LocalizationKey {
       return localizationKeys('signIn.forgotPasswordAlternativeMethods.title');
     case 'pwned':
       return localizationKeys('signIn.passwordPwned.title');
-    case 'passwordUntrusted':
-      return localizationKeys('signIn.passwordPwned.title');
+    case 'passwordCompromised':
+      return localizationKeys('signIn.passwordCompromised.title');
     default:
       return localizationKeys('signIn.alternativeMethods.title');
   }
@@ -210,7 +210,7 @@ function determineIsReset(mode: AlternativeMethodsMode): boolean {
     case 'forgot':
     case 'pwned':
       return true;
-    case 'passwordUntrusted':
+    case 'passwordCompromised':
       return false;
     default:
       return false;

packages/clerk-js/src/ui/components/SignIn/SignInFactorOne.tsx

@@ -55,8 +55,8 @@ function determineAlternativeMethodsMode(
     return 'pwned';
   }
 
-  if (passwordErrorCode === 'untrusted') {
-    return 'passwordUntrusted';
+  if (passwordErrorCode === 'compromised') {
+    return 'passwordCompromised';
   }
 
   return 'forgot';

packages/clerk-js/src/ui/components/SignIn/SignInFactorOnePasswordCard.tsx

@@ -1,4 +1,4 @@
-import { isPasswordPwnedError, isPasswordUntrustedError, isUserLockedError } from '@clerk/shared/error';
+import { isPasswordCompromisedError, isPasswordPwnedError, isUserLockedError } from '@clerk/shared/error';
 import { useClerk } from '@clerk/shared/react';
 import React from 'react';
 
@@ -18,7 +18,7 @@ import { useRouter } from '../../router/RouteContext';
 import { HavingTrouble } from './HavingTrouble';
 import { useResetPasswordFactor } from './useResetPasswordFactor';
 
-export type PasswordErrorCode = 'untrusted' | 'pwned';
+export type PasswordErrorCode = 'compromised' | 'pwned';
 
 type SignInFactorOnePasswordProps = {
   onForgotPasswordMethodClick: React.MouseEventHandler | undefined;
@@ -101,9 +101,9 @@ export const SignInFactorOnePasswordCard = (props: SignInFactorOnePasswordProps)
             return;
           }
 
-          if (isPasswordUntrustedError(err)) {
-            card.setError({ ...err.errors[0], code: 'form_password_untrusted__sign_in' });
-            onPasswordError('untrusted');
+          if (isPasswordCompromisedError(err)) {
+            card.setError({ ...err.errors[0], code: 'form_password_compromised__sign_in' });
+            onPasswordError('compromised');
             return;
           }
         }

packages/clerk-js/src/ui/components/SignIn/__tests__/SignInFactorOne.test.tsx

@@ -353,7 +353,7 @@ describe('SignInFactorOne', () => {
         ).not.toBeInTheDocument();
       });
 
-      it('using an untrusted password should show the untrusted password screen', async () => {
+      it('using an compromised password should show the compromised password screen', async () => {
         const { wrapper, fixtures } = await createFixtures(f => {
           f.withEmailAddress();
           f.withPassword();
@@ -367,7 +367,7 @@ describe('SignInFactorOne', () => {
         fixtures.signIn.prepareFirstFactor.mockReturnValueOnce(Promise.resolve({} as SignInResource));
 
         const errJSON = {
-          code: 'form_password_untrusted',
+          code: 'form_password_compromised',
           long_message:
             "Your password appears to have been compromised or it's no longer trusted and cannot be used. Please use another method to continue.",
           message:
@@ -393,7 +393,7 @@ describe('SignInFactorOne', () => {
         await screen.findByText('Email code to hello@clerk.com');
       });
 
-      it('Prompts the user to use a different method if the password is untrusted', async () => {
+      it('Prompts the user to use a different method if the password is compromised', async () => {
         const { wrapper, fixtures } = await createFixtures(f => {
           f.withEmailAddress();
           f.withPassword();
@@ -408,7 +408,7 @@ describe('SignInFactorOne', () => {
         fixtures.signIn.prepareFirstFactor.mockReturnValueOnce(Promise.resolve({} as SignInResource));
 
         const errJSON = {
-          code: 'form_password_untrusted',
+          code: 'form_password_compromised',
           long_message:
             "Your password appears to have been compromised or it's no longer trusted and cannot be used. Please use another method to continue.",
           message: