Skip to content

feat(clerk-js): Add _clerk_skip_cache query param to token requests #7155

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 5 commits into
base: main
Choose a base branch
from
Open

feat(clerk-js): Add _clerk_skip_cache query param to token requests #7155

wants to merge 5 commits into from

Conversation

@jacekradko
Copy link
Member

@jacekradko jacekradko commented Nov 5, 2025
edited
Loading

Description

Adding _clerk_skip_cache=true query string param to token requests that are explicitly invoked with skipCache option

Checklist

  • pnpm test runs as expected.
  • pnpm build runs as expected.
  • (If applicable) JSDoc comments have been added or updated for any package exports
  • (If applicable) Documentation has been updated

Type of change

  • 🐛 Bug fix
  • 🌟 New feature
  • 🔨 Breaking change
  • 📖 Refactoring / dependency upgrade / documentation
  • other:

Summary by CodeRabbit

  • New Features

    • Added an optional cache-skip capability for token creation, plus a new flag exposed for signaling cache-skipping in token requests.

  • Tests

    • Expanded test coverage for token creation cache-skip behavior: successful creation, default behavior, skip-enabled, and skip-disabled scenarios.
@changeset-bot
Copy link

changeset-bot bot commented Nov 5, 2025
edited
Loading

🦋 Changeset detected

Latest commit: f616575

The changes in this PR will be included in the next version bump.

This PR includes changesets to release 3 packages
Name Type
@clerk/clerk-js Patch
@clerk/chrome-extension Patch
@clerk/clerk-expo Patch

Not sure what this means? Click here to learn what changesets are.

Click here if you're a maintainer who wants to add another changeset to this PR
@vercel
Copy link

vercel bot commented Nov 5, 2025
edited
Loading

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Preview Comments Updated (UTC)
clerk-js-sandbox Ready Ready Preview Comment Nov 6, 2025 4:06am
@coderabbitai
Copy link
Contributor

coderabbitai bot commented Nov 5, 2025
edited
Loading

Walkthrough

A new CLERK_SKIP_CACHE constant is added and Token.create gained an optional skipCache parameter; when true it appends a _clerk_skip_cache query param to token requests. Session.create now forwards skipCache and tests were added to cover the behavior.

Changes

Cohort / File(s) Summary
Cache Constant
packages/clerk-js/src/core/constants.ts		 Added export const CLERK_SKIP_CACHE = '_clerk_skip_cache';. Existing constants retained.
Token Resource
packages/clerk-js/src/core/resources/Token.ts		 Token.create(path, body, skipCache) optional parameter added; when true builds a search query with CLERK_SKIP_CACHE=true and passes it to the fetch call.
Session Flow
packages/clerk-js/src/core/resources/Session.ts		 Calls to Token.create updated to forward skipCache from the caller.
Tests
packages/clerk-js/src/core/resources/__tests__/Token.test.ts		 Added tests covering successful creation and skipCache behaviors (default, true, false).
Changeset
.changeset/old-wombats-tease.md		 Added changeset noting addition of _clerk_skip_cache query param for token requests.
Manifest
package.json		 Manifest updated (patch release entry reflected by changeset).

Sequence Diagram(s)

sequenceDiagram participant Caller participant Session participant Token participant API Caller->>Session: requestToken(..., skipCache?) activate Session Session->>Token: create(path, body, skipCache) deactivate Session activate Token alt skipCache == true Token->>Token: build search with CLERK_SKIP_CACHE=true Token->>API: POST /path?_clerk_skip_cache=true (body) else skipCache == false or undefined Token->>API: POST /path (body) end deactivate Token activate API API-->>Token: TokenResource deactivate API Token-->>Caller: TokenResource
Loading

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

  • Areas to inspect closely:
    • Ensure the query param name and encoding match API expectations (_clerk_skip_cache).
    • Verify Token.create callers besides Session (if any) correctly handle the new optional parameter.
    • Test assertions around URL construction and search params.

Poem

🐰 A tiny constant hops into place,
Tokens skip caches and quicken their pace,
Tests cheer the change with a confident clap,
Queries now dance down a new little path,
Hooray for a skip — a rabbit's small clap! 🎉

Pre-merge checks and finishing touches

✅ Passed checks (2 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title check ✅ Passed The title clearly and specifically describes the main change: adding a _clerk_skip_cache query parameter to token requests, which aligns directly with the core functionality implemented across the modified files.
✨ Finishing touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Post copyable unit tests in a comment
  • Commit unit tests in branch feat/add-skip-cache-query-param

Comment @coderabbitai help to get the list of available commands and usage tips.
@jacekradko jacekradko requested a review from brkalow November 5, 2025 15:57
@pkg-pr-new
Copy link

pkg-pr-new bot commented Nov 5, 2025
edited
Loading

Open in StackBlitz

@clerk/agent-toolkit

npm i https://pkg.pr.new/@clerk/agent-toolkit@7155

@clerk/astro

npm i https://pkg.pr.new/@clerk/astro@7155

@clerk/backend

npm i https://pkg.pr.new/@clerk/backend@7155

@clerk/chrome-extension

npm i https://pkg.pr.new/@clerk/chrome-extension@7155

@clerk/clerk-js

npm i https://pkg.pr.new/@clerk/clerk-js@7155

@clerk/dev-cli

npm i https://pkg.pr.new/@clerk/dev-cli@7155

@clerk/elements

npm i https://pkg.pr.new/@clerk/elements@7155

@clerk/clerk-expo

npm i https://pkg.pr.new/@clerk/clerk-expo@7155

@clerk/expo-passkeys

npm i https://pkg.pr.new/@clerk/expo-passkeys@7155

@clerk/express

npm i https://pkg.pr.new/@clerk/express@7155

@clerk/fastify

npm i https://pkg.pr.new/@clerk/fastify@7155

@clerk/localizations

npm i https://pkg.pr.new/@clerk/localizations@7155

@clerk/nextjs

npm i https://pkg.pr.new/@clerk/nextjs@7155

@clerk/nuxt

npm i https://pkg.pr.new/@clerk/nuxt@7155

@clerk/clerk-react

npm i https://pkg.pr.new/@clerk/clerk-react@7155

@clerk/react-router

npm i https://pkg.pr.new/@clerk/react-router@7155

@clerk/remix

npm i https://pkg.pr.new/@clerk/remix@7155

@clerk/shared

npm i https://pkg.pr.new/@clerk/shared@7155

@clerk/tanstack-react-start

npm i https://pkg.pr.new/@clerk/tanstack-react-start@7155

@clerk/testing

npm i https://pkg.pr.new/@clerk/testing@7155

@clerk/themes

npm i https://pkg.pr.new/@clerk/themes@7155

@clerk/types

npm i https://pkg.pr.new/@clerk/types@7155

@clerk/upgrade

npm i https://pkg.pr.new/@clerk/upgrade@7155

@clerk/vue

npm i https://pkg.pr.new/@clerk/vue@7155

commit: f616575
@blacksmith-sh
Copy link

blacksmith-sh bot commented Nov 5, 2025
edited
Loading

Found 46 test failures on Blacksmith runners:

Test View Logs
[chrome] › integration/tests/
components.test.ts:102:9 › component smoke tests @generic › long-running--next.appRoute
r.withEmailCodes › OrganizationProfile supports fallback 		View Logs
[chrome] › integration/tests/elements/
next-sign-in.test.ts:174:7 › Next.js Sign-In Flow @elements › long-running--elements.ne
xt.appRouter › cannot sign in with wrong password but can sign in with email 		View Logs
[chrome] › integration/tests/elements/
next-sign-in.test.ts:33:7 › Next.js Sign-In Flow @elements › long-running--elements.nex
t.appRouter › sign in with email and password 		View Logs
[chrome] › integration/tests/elements/
next-sign-up.test.ts:13:7 › Next.js Sign-Up Flow @elements › long-running--elements.nex
t.appRouter › sign up with email and password 		View Logs
[chrome] › integration/tests/elements/
next-sign-up.test.ts:147:7 › Next.js Sign-Up Flow @elements › long-running--elements.ne
xt.appRouter › sign up, sign out and sign in again 		View Logs
[chrome] › integration/tests/elements/
next-sign-up.test.ts:66:7 › Next.js Sign-Up Flow @elements › long-running--elements.nex
t.appRouter › can't sign up with weak password 		View Logs
[chrome] › integration/tests/elements/
otp.test.ts:135:9 › OTP @elements › long-running--elements.next.appRouter › Type: segme
nted-otp › should replace selected segment with new input 		View Logs
[chrome] › integration/tests/elements/
otp.test.ts:196:9 › OTP @elements › long-running--elements.next.appRouter › Type: segme
nted-otp › should forward-delete char when pressing delete 		View Logs
[chrome] › integration/tests/
resiliency.test.ts:230:9 › resiliency @generic › long-running--react.vite.withEmailCode
s › Clerk.status › clerk-js environment fails and status degraded 		View Logs
[chrome] › integration/tests/
resiliency.test.ts:41:7 › resiliency @generic › long-running--react.vite.withEmailCodes
› signed in users can get a fresh session token when Client fails to load 		View Logs
[chrome] › integration/tests/
session-tasks-multi-session.test.ts:33:9 › session tasks multi-session flow @nextjs › l
ong-running--next.appRouter.withSessionTasks › when switching sessions, navigate to tas
k 		View Logs
[chrome] › integration/tests/session-token-cache/
multi-session.test.ts:54:9 › MemoryTokenCache Multi-Session Integration @nextjs › long-
running--next.appRouter.withSessionTasks › MemoryTokenCache multi-session - multiple us
ers in different tabs with separate token caches 		View Logs
[chrome] › integration/tests/session-token-cache/
multi-session.test.ts:54:9 › MemoryTokenCache Multi-Session Integration @nextjs › long-
running--next.appRouter.withSessionTasks › MemoryTokenCache multi-session - multiple us
ers in different tabs with separate token caches 		View Logs
[chrome] › integration/tests/session-token-cache/
multi-session.test.ts:54:9 › MemoryTokenCache Multi-Session Integration @nextjs › long-
running--next.appRouter.withSessionTasks › MemoryTokenCache multi-session - multiple us
ers in different tabs with separate token caches 		View Logs
[chrome] › integration/tests/
sign-in-flow.test.ts:101:7 › sign in flow @generic @nextjs › long-running--next.appRout
er.withEmailCodes › can reset password 		View Logs
[chrome] › integration/tests/
sign-in-flow.test.ts:101:7 › sign in flow @generic @nextjs › long-running--next.appRout
er.withEmailCodes › can reset password 		View Logs
[chrome] › integration/tests/
sign-in-flow.test.ts:101:7 › sign in flow @generic @nextjs › long-running--next.appRout
er.withEmailCodes › can reset password 		View Logs
[chrome] › integration/tests/
sign-in-flow.test.ts:136:7 › sign in flow @generic @nextjs › long-running--react.vite.w
ithEmailCodes › cannot sign in with wrong password but can sign in with email 		View Logs
[chrome] › integration/tests/
sign-in-flow.test.ts:26:7 › sign in flow @generic @nextjs › long-running--next.appRoute
r.withEmailCodes › sign in with email and password 		View Logs
[chrome] › integration/tests/
sign-in-flow.test.ts:26:7 › sign in flow @generic @nextjs › long-running--next.appRoute
r.withEmailCodes › sign in with email and password 		View Logs
[chrome] › integration/tests/
sign-in-flow.test.ts:26:7 › sign in flow @generic @nextjs › long-running--next.appRoute
r.withEmailCodes › sign in with email and password 		View Logs
[chrome] › integration/tests/
sign-in-flow.test.ts:26:7 › sign in flow @generic @nextjs › long-running--next.appRoute
r.withEmailCodes › sign in with email and password 		View Logs
[chrome] › integration/tests/
sign-in-flow.test.ts:26:7 › sign in flow @generic @nextjs › long-running--react.vite.wi
thEmailCodes › sign in with email and password 		View Logs
[chrome] › integration/tests/
sign-in-flow.test.ts:74:7 › sign in flow @generic @nextjs › long-running--next.appRoute
r.withEmailCodes › sign in only with phone number 		View Logs
[chrome] › integration/tests/
sign-in-flow.test.ts:74:7 › sign in flow @generic @nextjs › long-running--react.vite.wi
thEmailCodes › sign in only with phone number 		View Logs
[chrome] › integration/tests/
sign-in-or-up-flow.test.ts:29:9 › sign-in-or-up flow @nextjs › long-running--next.appRo
uter.withSignInOrUpFlow › sign-in › flows are combined 		View Logs
[chrome] › integration/tests/
sign-in-or-up-flow.test.ts:29:9 › sign-in-or-up flow @nextjs › long-running--next.appRo
uter.withSignInOrUpFlow › sign-in › flows are combined 		View Logs
[chrome] › integration/tests/
sign-in-or-up-flow.test.ts:88:9 › sign-in-or-up flow @nextjs › long-running--next.appRo
uter.withSignInOrUpFlow › sign-in › sign in only with phone number 		View Logs
[chrome] › integration/tests/
sign-up-flow.test.ts:124:7 › sign up flow @generic @nextjs › long-running--next.appRout
er.withEmailCodes › sign up with first name, last name, email, phone and password 		View Logs
[chrome] › integration/tests/
sign-up-flow.test.ts:124:7 › sign up flow @generic @nextjs › long-running--next.appRout
er.withEmailCodes › sign up with first name, last name, email, phone and password 		View Logs
[chrome] › integration/tests/
sign-up-flow.test.ts:13:7 › sign up flow @generic @nextjs › long-running--next.appRoute
r.withEmailCodes › sign up with email and password 		View Logs
[chrome] › integration/tests/
sign-up-flow.test.ts:163:7 › sign up flow @generic @nextjs › long-running--next.appRout
er.withEmailCodes › sign up, sign out and sign in again 		View Logs
[chrome] › integration/tests/
sign-up-flow.test.ts:163:7 › sign up flow @generic @nextjs › long-running--next.appRout
er.withEmailCodes › sign up, sign out and sign in again 		View Logs
[chrome] › integration/tests/
sign-up-flow.test.ts:163:7 › sign up flow @generic @nextjs › long-running--next.appRout
er.withEmailCodes › sign up, sign out and sign in again 		View Logs
[chrome] › integration/tests/
sign-up-flow.test.ts:163:7 › sign up flow @generic @nextjs › long-running--react.vite.w
ithEmailCodes › sign up, sign out and sign in again 		View Logs
[chrome] › integration/tests/
sign-up-flow.test.ts:39:7 › sign up flow @generic @nextjs › long-running--next.appRoute
r.withEmailCodes › can't sign up with weak password 		View Logs
[chrome] › integration/tests/
sign-up-flow.test.ts:39:7 › sign up flow @generic @nextjs › long-running--next.appRoute
r.withEmailCodes › can't sign up with weak password 		View Logs
[chrome] › integration/tests/
sign-up-flow.test.ts:65:7 › sign up flow @generic @nextjs › long-running--next.appRoute
r.withEmailCodes › can sign up with phone number 		View Logs
[chrome] › integration/tests/
sign-up-flow.test.ts:65:7 › sign up flow @generic @nextjs › long-running--next.appRoute
r.withEmailCodes › can sign up with phone number 		View Logs
[chrome] › integration/tests/
sign-up-flow.test.ts:93:7 › sign up flow @generic @nextjs › long-running--next.appRoute
r.withEmailCodes › (modal) can sign up with phone number 		View Logs
[chrome] › integration/tests/
sign-up-flow.test.ts:93:7 › sign up flow @generic @nextjs › long-running--next.appRoute
r.withEmailCodes › (modal) can sign up with phone number 		View Logs
[chrome] › integration/tests/
unsafeMetadata.test.ts:42:7 › unsafeMetadata @nextjs › long-running--next.appRouter.wit
hEmailCodes › combined sign up persists unsafeMetadata 		View Logs
[chrome] › integration/tests/
update-props.test.ts:25:7 › sign in flow @generic › long-running--react.vite.withEmailC
odes › updating props after initial loading does not override defaults set by Clerk.loa
d() 		View Logs
[chrome] › integration/tests/
user-avatar.test.ts:35:7 › UserAvatar component integration tests @generic › long-runni
ng--react.vite.withEmailCodes › UserAvatar loads and renders correctly when user is sig
ned in 		View Logs
[chrome] › integration/tests/
user-profile.test.ts:90:7 › user profile @generic › user profile with path routing 		View Logs
[setup] › integration/tests/
global.setup.ts:7:6 › start long running apps ─────────────────────		 View Logs


Fix in Cursor
coderabbitai[bot]
coderabbitai bot reviewed Nov 5, 2025
View reviewed changes
Copy link
Contributor

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 0

🧹 Nitpick comments (2)
.changeset/old-wombats-tease.md (2)

5-5: Remove unnecessary Markdown escape sequence.

The backslash before the underscore in \_clerk_skip_cache is not needed in changeset descriptions and will render as a literal backslash in release notes. The changeset parser treats this as plain text, not Markdown.

Apply this diff to remove the unnecessary escape:

-Added \_clerk_skip_cache query string param to token requests initiated with skipCache option +Added _clerk_skip_cache query string param to token requests initiated with skipCache option

5-5: Clarify description for release notes.

The change description could be more specific about when this parameter is added (i.e., when skipCache is true). This will help users understand the new behavior from release notes.

Consider updating to:

-Added _clerk_skip_cache query string param to token requests initiated with skipCache option +Added _clerk_skip_cache query string parameter to token requests when the skipCache option is set to true
📜 Review details

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Disabled knowledge base sources:

  • Linear integration is disabled by default for public repositories

You can enable these sources in your CodeRabbit configuration.

📥 Commits

Reviewing files that changed from the base of the PR and between 7037be5 and d8830bd.

📒 Files selected for processing (1)
  • .changeset/old-wombats-tease.md (1 hunks)
🧰 Additional context used
📓 Path-based instructions (1)
.changeset/**

📄 CodeRabbit inference engine (.cursor/rules/monorepo.mdc)

Automated releases must use Changesets.

Files:

  • .changeset/old-wombats-tease.md
⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (30)
  • GitHub Check: Integration Tests (tanstack-react-start, chrome)
  • GitHub Check: Integration Tests (quickstart, chrome, 15)
  • GitHub Check: Integration Tests (nextjs, chrome, 15)
  • GitHub Check: Integration Tests (custom, chrome)
  • GitHub Check: Integration Tests (billing, chrome)
  • GitHub Check: Integration Tests (nextjs, chrome, 14)
  • GitHub Check: Integration Tests (nextjs, chrome, 16)
  • GitHub Check: Integration Tests (handshake:staging, chrome)
  • GitHub Check: Integration Tests (express, chrome)
  • GitHub Check: Integration Tests (quickstart, chrome, 16)
  • GitHub Check: Integration Tests (astro, chrome)
  • GitHub Check: Integration Tests (machine, chrome)
  • GitHub Check: Integration Tests (expo-web, chrome)
  • GitHub Check: Integration Tests (nuxt, chrome)
  • GitHub Check: Integration Tests (localhost, chrome)
  • GitHub Check: Integration Tests (sessions:staging, chrome)
  • GitHub Check: Integration Tests (react-router, chrome)
  • GitHub Check: Integration Tests (vue, chrome)
  • GitHub Check: Integration Tests (handshake, chrome)
  • GitHub Check: Integration Tests (generic, chrome)
  • GitHub Check: Integration Tests (sessions, chrome)
  • GitHub Check: Integration Tests (ap-flows, chrome)
  • GitHub Check: Integration Tests (elements, chrome)
  • GitHub Check: Static analysis
  • GitHub Check: Publish with pkg-pr-new
  • GitHub Check: Unit Tests (22, **)
  • GitHub Check: Formatting | Dedupe | Changeset
  • GitHub Check: Analyze (javascript-typescript)
  • GitHub Check: semgrep-cloud-platform/scan
  • GitHub Check: semgrep-cloud-platform/scan
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

clerk-js do not merge

3 participants

@jacekradko @clerk-cookie