feat(clerk-js,ui,shared,localizations): Support passkey as a second factor#9127
feat(clerk-js,ui,shared,localizations): Support passkey as a second factor#9127dmoerner wants to merge 1 commit into
Conversation
…actor
The Clerk backend can now offer passkey in a sign-in's (and session
reverification's) supported_second_factors when the instance allows
passkeys to satisfy the second factor and the user has a registered
passkey. This adds client support end to end:
- Types: passkey variants in SignInSecondFactor,
Prepare/AttemptSecondFactorParams, SessionVerificationSecondFactor,
and the session verify param unions.
- signIn.authenticateWithPasskey() detects needs_second_factor (and
needs_client_trust) and runs the prepare/attempt second-factor flow
against the in-progress sign-in instead of creating a new one; the
flow param is ignored there. attemptSecondFactor serializes the
WebAuthn credential like attemptFirstFactor. The future API gains
mfa.passkey().
- session.verifyWithPasskey({ level: 'second_factor' }) completes a
multi-factor step-up with a passkey.
- Prebuilt UI: passkey cards for the sign-in factor-two and
user-verification factor-two steps, offered via the existing
totp/phone-first ladder (passkey is only the starting factor when it
is the sole option), listed under "Use another method", and hidden
when WebAuthn is unsupported. Fixes the alternative-methods label
switch that threw on unknown second-factor strategies.
- New signIn.passkeyMfa / reverification.passkeyMfa localization keys.
Part of USER-3966
Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
🦋 Changeset detectedLatest commit: 707e4ad The changes in this PR will be included in the next version bump. This PR includes changesets to release 23 packages
Not sure what this means? Click here to learn what changesets are. Click here if you're a maintainer who wants to add another changeset to this PR |
|
The latest updates on your projects. Learn more about Vercel for GitHub.
|
📝 WalkthroughWalkthroughPasskey second-factor support is added to sign-in and session reverification APIs, shared types, prebuilt sign-in and user-verification UIs, tests, localization resources, and release metadata. ChangesPasskey second-factor support
Estimated code review effort: 4 (Complex) | ~60 minutes Sequence Diagram(s)sequenceDiagram
participant User
participant PasskeyCard
participant ClerkResource
participant WebAuthn
User->>PasskeyCard: Select passkey second factor
PasskeyCard->>ClerkResource: prepare second-factor verification
ClerkResource-->>PasskeyCard: return passkey nonce
PasskeyCard->>WebAuthn: request credential
WebAuthn-->>PasskeyCard: return publicKeyCredential
PasskeyCard->>ClerkResource: attempt second-factor verification
ClerkResource-->>PasskeyCard: return verification response
Poem
🚥 Pre-merge checks | ✅ 5✅ Passed checks (5 passed)
✨ Finishing Touches📝 Generate docstrings
Comment |
@clerk/astro
@clerk/backend
@clerk/chrome-extension
@clerk/clerk-js
@clerk/electron
@clerk/electron-passkeys
@clerk/eslint-plugin
@clerk/expo
@clerk/expo-passkeys
@clerk/express
@clerk/fastify
@clerk/hono
@clerk/localizations
@clerk/nextjs
@clerk/nuxt
@clerk/react
@clerk/react-router
@clerk/shared
@clerk/tanstack-react-start
@clerk/testing
@clerk/ui
@clerk/upgrade
@clerk/vue
commit: |
API Changes Report
Summary
@clerk/sharedCurrent version: 4.25.2 Subpath
|
There was a problem hiding this comment.
Actionable comments posted: 5
🧹 Nitpick comments (1)
packages/ui/src/components/SignIn/__tests__/SignInFactorTwo.test.tsx (1)
407-424: 🎯 Functional Correctness | 🔵 Trivial | ⚡ Quick winTest may pass for the wrong reason — wrap in
mockWebAuthnto test priority ordering.Without
mockWebAuthn,isWebAuthnSupported()likely returns false in the test environment, so passkey is excluded from candidacy regardless of priority sorting against TOTP. This test currently can't distinguish "TOTP wins on priority" from "passkey is filtered out due to no WebAuthn support." Wrapping this inmockWebAuthn(() => { ... })(as done for the sibling tests below) would ensure the sorting/priority logic is actually exercised.🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the rest with a brief reason, keep changes minimal, and validate. In `@packages/ui/src/components/SignIn/__tests__/SignInFactorTwo.test.tsx` around lines 407 - 424, Update the Passkey test “is never the starting factor when another second factor is available” to wrap its fixture setup, render, and assertions in mockWebAuthn, matching the sibling tests below. Keep supportTotp and supportPasskey enabled so the test validates priority ordering rather than passkey being excluded by unsupported WebAuthn.
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
Inline comments:
In `@packages/clerk-js/src/core/resources/__tests__/SignIn.test.ts`:
- Around line 261-264: Restore direct static assignments in the passkey test
suites: update the authenticateWithPasskey and mfa.passkey cleanup to save the
original BaseResource._fetch and SignIn.clerk values before stubbing, then
reassign those originals in afterEach alongside vi.clearAllMocks() and
vi.unstubAllGlobals().
In `@packages/clerk-js/src/core/resources/Session.ts`:
- Around line 320-329: The verifyWithPasskey method silently treats invalid
levels as first-factor verification. Default level with nullish coalescing, then
explicitly validate that it is either 'first_factor' or 'second_factor' and
reject any other value before calling prepareFirstFactorVerification or
prepareSecondFactorVerification.
- Around line 320-329: Document the public verifyWithPasskey API with JSDoc
directly above the verifyWithPasskey method in Session, describing the
params.level options and default, the returned SessionVerificationResource, and
possible error behavior; flag the contract change for Docs-team review or
accompanying generated documentation updates.
In `@packages/clerk-js/src/core/resources/SignIn.ts`:
- Around line 575-610: Add or update JSDoc for the public
authenticateWithPasskey method to document that needs_second_factor and
needs_client_trust sign-ins reuse the in-progress sign-in via the second-factor
flow, and that the flow option is ignored in those states. Include the API
behavior change clearly and mark the documentation for Docs-team review.
In `@packages/ui/src/components/UserVerification/UVFactorTwoPasskeyCard.tsx`:
- Around line 32-41: Update handlePasskeysAttempt to guard against concurrent
passkey attempts: set the card’s loading state before calling verifyWithPasskey,
clear it in a finally handler regardless of success or failure, and disable the
passkey button while loading so additional clicks cannot abort the in-flight
ceremony.
---
Nitpick comments:
In `@packages/ui/src/components/SignIn/__tests__/SignInFactorTwo.test.tsx`:
- Around line 407-424: Update the Passkey test “is never the starting factor
when another second factor is available” to wrap its fixture setup, render, and
assertions in mockWebAuthn, matching the sibling tests below. Keep supportTotp
and supportPasskey enabled so the test validates priority ordering rather than
passkey being excluded by unsupported WebAuthn.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: Repository YAML (base), Repository UI (inherited)
Review profile: CHILL
Plan: Pro Plus
Run ID: c030f53b-d9cd-46b4-8a0f-e7f81cb887a2
📒 Files selected for processing (73)
.changeset/passkey-second-factor.mdpackages/clerk-js/src/core/resources/Session.tspackages/clerk-js/src/core/resources/SignIn.tspackages/clerk-js/src/core/resources/__tests__/Session.test.tspackages/clerk-js/src/core/resources/__tests__/SignIn.test.tspackages/localizations/src/ar-SA.tspackages/localizations/src/be-BY.tspackages/localizations/src/bg-BG.tspackages/localizations/src/bn-IN.tspackages/localizations/src/ca-ES.tspackages/localizations/src/cs-CZ.tspackages/localizations/src/da-DK.tspackages/localizations/src/de-DE.tspackages/localizations/src/el-GR.tspackages/localizations/src/en-GB.tspackages/localizations/src/en-US.tspackages/localizations/src/es-CR.tspackages/localizations/src/es-ES.tspackages/localizations/src/es-MX.tspackages/localizations/src/es-UY.tspackages/localizations/src/fa-IR.tspackages/localizations/src/fi-FI.tspackages/localizations/src/fr-FR.tspackages/localizations/src/he-IL.tspackages/localizations/src/hi-IN.tspackages/localizations/src/hr-HR.tspackages/localizations/src/hu-HU.tspackages/localizations/src/id-ID.tspackages/localizations/src/is-IS.tspackages/localizations/src/it-IT.tspackages/localizations/src/ja-JP.tspackages/localizations/src/kk-KZ.tspackages/localizations/src/ko-KR.tspackages/localizations/src/mn-MN.tspackages/localizations/src/ms-MY.tspackages/localizations/src/nb-NO.tspackages/localizations/src/nl-BE.tspackages/localizations/src/nl-NL.tspackages/localizations/src/pl-PL.tspackages/localizations/src/pt-BR.tspackages/localizations/src/pt-PT.tspackages/localizations/src/ro-RO.tspackages/localizations/src/ru-RU.tspackages/localizations/src/sk-SK.tspackages/localizations/src/sr-RS.tspackages/localizations/src/sv-SE.tspackages/localizations/src/ta-IN.tspackages/localizations/src/te-IN.tspackages/localizations/src/th-TH.tspackages/localizations/src/tr-TR.tspackages/localizations/src/uk-UA.tspackages/localizations/src/vi-VN.tspackages/localizations/src/zh-CN.tspackages/localizations/src/zh-TW.tspackages/shared/src/internal/clerk-js/errors.tspackages/shared/src/types/localization.tspackages/shared/src/types/session.tspackages/shared/src/types/sessionVerification.tspackages/shared/src/types/signInCommon.tspackages/shared/src/types/signInFuture.tspackages/ui/src/components/SignIn/SignInClientTrust.tsxpackages/ui/src/components/SignIn/SignInFactorTwo.tsxpackages/ui/src/components/SignIn/SignInFactorTwoAlternativeMethods.tsxpackages/ui/src/components/SignIn/SignInFactorTwoPasskeyCard.tsxpackages/ui/src/components/SignIn/__tests__/SignInFactorTwo.test.tsxpackages/ui/src/components/SignIn/shared.tspackages/ui/src/components/SignIn/utils.tspackages/ui/src/components/UserVerification/UVFactorTwoAlternativeMethods.tsxpackages/ui/src/components/UserVerification/UVFactorTwoPasskeyCard.tsxpackages/ui/src/components/UserVerification/UserVerificationFactorTwo.tsxpackages/ui/src/components/UserVerification/__tests__/UVFactorTwo.test.tsxpackages/ui/src/test/fixture-helpers.tspackages/ui/src/utils/factorSorting.ts
| afterEach(() => { | ||
| vi.clearAllMocks(); | ||
| vi.unstubAllGlobals(); | ||
| }); |
There was a problem hiding this comment.
📐 Maintainability & Code Quality | 🟡 Minor | ⚡ Quick win
🧩 Analysis chain
🏁 Script executed:
#!/bin/bash
ast-grep outline packages/clerk-js/src/core/resources/__tests__/SignIn.test.ts \
--items all --type function --match 'beforeEach|afterEach' --view expanded
rg -n -C4 \
'beforeEach\s*\(|afterEach\s*\(|BaseResource\._fetch\s*=|SignIn\.clerk\s*=' \
packages/clerk-js/src/core/resources/__tests__/SignIn.test.tsRepository: clerk/javascript
Length of output: 40759
🏁 Script executed:
#!/bin/bash
set -euo pipefail
echo "== Context around the first passkey suite =="
sed -n '220,360p' packages/clerk-js/src/core/resources/__tests__/SignIn.test.ts | cat -n
echo
echo "== Context around the mfa.passkey suite =="
sed -n '1880,2015p' packages/clerk-js/src/core/resources/__tests__/SignIn.test.ts | cat -n
echo
echo "== Search for global restore/cleanup in this test file =="
rg -n 'restoreAllMocks|resetAllMocks|clearAllMocks|unstubAllGlobals|BaseResource\._fetch =|SignIn\.clerk =|const originalFetch|const originalClerk|afterEach\(\s*\(\)\s*=>\s*\{' packages/clerk-js/src/core/resources/__tests__/SignIn.test.tsRepository: clerk/javascript
Length of output: 16958
🏁 Script executed:
#!/bin/bash
set -euo pipefail
echo "== Surrounding structure for authenticateWithPasskey and nested passkey suite =="
sed -n '150,340p' packages/clerk-js/src/core/resources/__tests__/SignIn.test.ts | cat -n
echo
echo "== Surrounding structure for authenticateWithPasskey's later nested suites =="
sed -n '1560,1995p' packages/clerk-js/src/core/resources/__tests__/SignIn.test.ts | cat -n
echo
echo "== AST outline for describe blocks in SignIn.test.ts =="
ast-grep outline packages/clerk-js/src/core/resources/__tests__/SignIn.test.ts --view expanded --match 'describe($_, $_)'Repository: clerk/javascript
Length of output: 24915
🏁 Script executed:
#!/bin/bash
set -euo pipefail
echo "== Top of SignIn.test.ts for file-level hooks =="
sed -n '1,120p' packages/clerk-js/src/core/resources/__tests__/SignIn.test.ts | cat -n
echo
echo "== Any restore/assignment hooks outside the target suites =="
rg -n -C2 'beforeEach\s*\(|afterEach\s*\(|BaseResource\._fetch =|SignIn\.clerk =' packages/clerk-js/src/core/resources/__tests__/SignIn.test.ts | sed -n '1,120p'Repository: clerk/javascript
Length of output: 8497
Restore the patched statics in these passkey suites
BaseResource._fetch and SignIn.clerk are assigned directly here, but afterEach only clears mocks and unstubs globals. Save the originals and restore them in afterEach for authenticateWithPasskey and mfa.passkey, or use a cleanup that restores direct assignments too.
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
In `@packages/clerk-js/src/core/resources/__tests__/SignIn.test.ts` around lines
261 - 264, Restore direct static assignments in the passkey test suites: update
the authenticateWithPasskey and mfa.passkey cleanup to save the original
BaseResource._fetch and SignIn.clerk values before stubbing, then reassign those
originals in afterEach alongside vi.clearAllMocks() and vi.unstubAllGlobals().
Source: Coding guidelines
| verifyWithPasskey = async (params?: SessionVerifyWithPasskeyParams): Promise<SessionVerificationResource> => { | ||
| const level = params?.level || 'first_factor'; | ||
|
|
||
| const { nonce = null } = prepareResponse.firstFactorVerification; | ||
| const prepareResponse = | ||
| level === 'second_factor' | ||
| ? await this.prepareSecondFactorVerification({ strategy: 'passkey' }) | ||
| : await this.prepareFirstFactorVerification({ strategy: 'passkey' }); | ||
|
|
||
| const { nonce = null } = | ||
| level === 'second_factor' ? prepareResponse.secondFactorVerification : prepareResponse.firstFactorVerification; |
There was a problem hiding this comment.
🔒 Security & Privacy | 🟠 Major | ⚡ Quick win
Reject invalid verification levels instead of silently downgrading.
Line 321 uses ||, while Lines 324-329 treat every value except 'second_factor' as first factor. Invalid JavaScript/config input can therefore request step-up verification but receive lower-assurance first-factor verification. Use ?? for the default and explicitly reject values outside the two supported levels.
As per coding guidelines, “Validate all inputs” and “Follow OWASP security best practices.”
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
In `@packages/clerk-js/src/core/resources/Session.ts` around lines 320 - 329, The
verifyWithPasskey method silently treats invalid levels as first-factor
verification. Default level with nullish coalescing, then explicitly validate
that it is either 'first_factor' or 'second_factor' and reject any other value
before calling prepareFirstFactorVerification or
prepareSecondFactorVerification.
Source: Coding guidelines
📐 Maintainability & Code Quality | 🟡 Minor | ⚡ Quick win
Document the new public verification-level contract.
Add JSDoc covering params.level, its default, return value, and error behavior. This API change may also require Docs-team review.
As per coding guidelines, “All public APIs must be documented with JSDoc” and “Update documentation for API changes.” As per path instructions, public API JSDoc is customer-facing generated documentation.
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
In `@packages/clerk-js/src/core/resources/Session.ts` around lines 320 - 329,
Document the public verifyWithPasskey API with JSDoc directly above the
verifyWithPasskey method in Session, describing the params.level options and
default, the returned SessionVerificationResource, and possible error behavior;
flag the contract change for Docs-team review or accompanying generated
documentation updates.
Sources: Coding guidelines, Path instructions
| // When the sign-in already awaits its second factor, the passkey acts as | ||
| // the second factor: run the discrete prepare/attempt second-factor flow | ||
| // against the in-progress sign-in. `flow` is ignored here — autofill and | ||
| // discoverable are identifier-first concepts, and their `create()` call | ||
| // would discard the in-progress sign-in. | ||
| const isSecondFactor = this.status === 'needs_second_factor' || this.status === 'needs_client_trust'; | ||
| if (isSecondFactor) { | ||
| const passkeySecondFactor = (this.supportedSecondFactors || []).find(f => f.strategy === 'passkey'); | ||
| if (!passkeySecondFactor) { | ||
| clerkMissingPasskeySecondFactor(); | ||
| } | ||
|
|
||
| await this.prepareSecondFactor({ strategy: 'passkey' }); | ||
|
|
||
| const { nonce: secondFactorNonce } = this.secondFactorVerification; | ||
| const secondFactorPublicKeyOptions = secondFactorNonce | ||
| ? convertJSONToPublicKeyRequestOptions(JSON.parse(secondFactorNonce)) | ||
| : null; | ||
| if (!secondFactorPublicKeyOptions) { | ||
| clerkMissingWebAuthnPublicKeyOptions('get'); | ||
| } | ||
|
|
||
| const { publicKeyCredential, error } = await webAuthnGetCredential({ | ||
| publicKeyOptions: secondFactorPublicKeyOptions, | ||
| conditionalUI: false, | ||
| }); | ||
| if (!publicKeyCredential) { | ||
| throw error; | ||
| } | ||
|
|
||
| return this.attemptSecondFactor({ | ||
| publicKeyCredential, | ||
| strategy: 'passkey', | ||
| }); | ||
| } | ||
|
|
There was a problem hiding this comment.
📐 Maintainability & Code Quality | 🟡 Minor | ⚡ Quick win
Document the new second-factor behavior of authenticateWithPasskey.
The public method now reuses in-progress second-factor/client-trust sign-ins and ignores flow in that state. Add JSDoc describing these semantics and request Docs-team review.
As per coding guidelines, “All public APIs must be documented with JSDoc” and “Update documentation for API changes.” As per path instructions, changed public API JSDoc may affect generated Clerk Docs.
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
In `@packages/clerk-js/src/core/resources/SignIn.ts` around lines 575 - 610, Add
or update JSDoc for the public authenticateWithPasskey method to document that
needs_second_factor and needs_client_trust sign-ins reuse the in-progress
sign-in via the second-factor flow, and that the flow option is ignored in those
states. Include the API behavior change clearly and mark the documentation for
Docs-team review.
Sources: Coding guidelines, Path instructions
| const handlePasskeysAttempt = () => { | ||
| session | ||
| ?.verifyWithPasskey({ level: 'second_factor' }) | ||
| .then(response => { | ||
| return handleVerificationResponse(response); | ||
| }) | ||
| .catch(err => handleError(err, [], card.setError)); | ||
|
|
||
| return; | ||
| }; |
There was a problem hiding this comment.
🩺 Stability & Availability | 🟠 Major | ⚡ Quick win
🧩 Analysis chain
🏁 Script executed:
set -euo pipefail
printf 'Repo root: '; pwd
git ls-files 'packages/ui/src/components/UserVerification/*passkey*' 'packages/ui/src/components/UserVerification/*Card.tsx' 'packages/ui/src/**/Button*' | sed 's#^`#-` #'Repository: clerk/javascript
Length of output: 672
🏁 Script executed:
set -euo pipefail
# Map relevant files and inspect their size before reading.
for f in \
packages/ui/src/components/UserVerification/UVFactorTwoPasskeyCard.tsx \
packages/ui/src/components/UserVerification/UVFactorSignInPasskeyCard.tsx \
packages/ui/src/components/UserVerification/UVFactorPasskeyCard.tsx \
packages/ui/src/components/UserVerification/*Passkey*Card.tsx \
packages/ui/src/components/Button.tsx \
packages/ui/src/components/**/Button.tsx
do
if [ -f "$f" ]; then
printf '\n== %s ==\n' "$f"
wc -l "$f"
fi
doneRepository: clerk/javascript
Length of output: 612
🏁 Script executed:
set -euo pipefail
echo '--- outline: UVFactorTwoPasskeyCard.tsx ---'
ast-grep outline packages/ui/src/components/UserVerification/UVFactorTwoPasskeyCard.tsx --view expanded || true
echo '--- outline: UVFactorOnePasskeysCard.tsx ---'
ast-grep outline packages/ui/src/components/UserVerification/UVFactorOnePasskeysCard.tsx --view expanded || true
echo '--- outline: Button.tsx ---'
ast-grep outline packages/ui/src/primitives/Button.tsx --view expanded || true
echo '--- targeted reads ---'
sed -n '1,140p' packages/ui/src/components/UserVerification/UVFactorTwoPasskeyCard.tsx
printf '\n====\n'
sed -n '1,140p' packages/ui/src/components/UserVerification/UVFactorOnePasskeysCard.tsx
printf '\n====\n'
sed -n '1,220p' packages/ui/src/primitives/Button.tsxRepository: clerk/javascript
Length of output: 13913
🏁 Script executed:
set -euo pipefail
echo '--- search card state loading usage ---'
rg -n "setLoading|isLoading|useCardState\(" packages/ui/src -g '!**/dist/**' -g '!**/build/**'
echo '--- locate useCardState definition ---'
rg -n "export .*useCardState|function useCardState|const useCardState" packages/ui/src
echo '--- inspect relevant contexts files ---'
fd -a "contexts" packages/ui/src | sed -n '1,80p'Repository: clerk/javascript
Length of output: 50372
🏁 Script executed:
set -euo pipefail
echo '--- SignInFactorTwoPasskeyCard.tsx outline ---'
ast-grep outline packages/ui/src/components/SignIn/SignInFactorTwoPasskeyCard.tsx --view expanded || true
echo '--- SignInFactorTwoPasskeyCard.tsx ---'
sed -n '1,220p' packages/ui/src/components/SignIn/SignInFactorTwoPasskeyCard.tsx
echo '--- card state context ---'
sed -n '1,140p' packages/ui/src/elements/contexts/index.tsxRepository: clerk/javascript
Length of output: 6458
🏁 Script executed:
set -euo pipefail
sed -n '1,220p' packages/ui/src/components/SignIn/shared.tsRepository: clerk/javascript
Length of output: 5560
packages/ui/src/components/UserVerification/UVFactorTwoPasskeyCard.tsx: add a loading guard before starting another passkey attempt. This card calls verifyWithPasskey() directly, so a second click can abort the in-flight ceremony and surface a passkey_operation_aborted error here. Set loading before the request, clear it in finally, and disable the button while the attempt is pending.
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
In `@packages/ui/src/components/UserVerification/UVFactorTwoPasskeyCard.tsx`
around lines 32 - 41, Update handlePasskeysAttempt to guard against concurrent
passkey attempts: set the card’s loading state before calling verifyWithPasskey,
clear it in a finally handler regardless of success or failure, and disable the
passkey button while loading so additional clicks cannot abort the in-flight
ceremony.
The Clerk backend can now offer passkey in a sign-in's (and session reverification's) supported_second_factors when the instance allows passkeys to satisfy the second factor and the user has a registered passkey. This adds client support end to end:
Part of USER-3966
Description
Checklist
pnpm testruns as expected.pnpm buildruns as expected.Type of change
Summary by CodeRabbit
New Features
Localization
Tests