Skip to content

feat: use accountPrivate for starterpack verification#2486

Merged
broody merged 3 commits intomainfrom
feat/accountprivate-starterpack-verification
Mar 13, 2026
Merged

feat: use accountPrivate for starterpack verification#2486
broody merged 3 commits intomainfrom
feat/accountprivate-starterpack-verification

Conversation

@broody
Copy link
Contributor

@broody broody commented Mar 13, 2026

Summary

Move starterpack Apple Pay phone verification off me and onto the authenticated accountPrivate query.
Update the starterpack verification and onchain checkout flows to use accountPrivate.phoneNumber and accountPrivate.phoneNumberVerifiedAt while keeping email checks on me.
Regenerate the keychain GraphQL API types for the new query.

Validation

pnpm --filter @cartridge/keychain exec prettier --check src/components/purchasenew/checkout/onchain/index.tsx src/components/purchasenew/verification/index.tsx
read_lints on the touched starterpack files

@vercel
Copy link

vercel bot commented Mar 13, 2026
edited
Loading

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Actions Updated (UTC)
controller-example-next Ready Ready Preview Mar 13, 2026 9:46pm
keychain Ready Ready Preview Mar 13, 2026 9:46pm
keychain-storybook Ready Ready Preview Mar 13, 2026 9:46pm

Request Review

@broody broody merged commit 7570485 into main Mar 13, 2026
12 checks passed
@broody broody deleted the feat/accountprivate-starterpack-verification branch March 13, 2026 22:47
@claude
Copy link
Contributor

claude bot commented Mar 13, 2026
edited
Loading

Claude finished @broody's task —— View job

Analyzing PR for documentation updates

  • Analyze PR changes to determine if user-facing behavior changed
  • Search docs for related content
  • Update docs if needed or confirm no changes required

Analysis Complete

No documentation updates needed.

This PR is an internal refactor that moves phone number verification data from the me GraphQL query to the more secure accountPrivate query. This is an implementation detail that:

  1. Does not change user-facing behavior: The starterpack Apple Pay verification flow works exactly the same from the user's perspective
  2. Is an internal security improvement: Moving sensitive phone number data to an authenticated query is a backend architecture change
  3. No public API changes: The openStarterPack() method and its behavior remain unchanged

The documentation in docs-repo/src/pages/controller/starter-packs.md correctly describes the purchase and verification flows from the user's perspective. Since no user-facing behavior changed, no documentation updates are required.

Per the documentation rules: "DEFAULT TO NO CHANGES. Most code PRs do not need docs updates. Internal refactors, test changes, CI changes, and dependency bumps need nothing."

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@broody