Refactor/general improvements

[mCodex]

This pull request introduces several improvements and new features for Expo and documentation, as well as project-wide configuration enhancements. The main changes include a new Expo config plugin for handling platform-specific permissions and new architecture flags, comprehensive documentation for both the Expo integration and the overall package architecture, and clarifications in the React hook usage documentation. Additionally, a project-wide .editorconfig file has been added for consistent code formatting.

Expo config plugin and tests:

• Added a new Expo config plugin (app.plugin.js) that:
  • Configures New Architecture flags for both iOS and Android.
  • Sets the NSFaceIDUsageDescription in iOS Info.plist, with support for custom or skipped values.
  • Adds both USE_BIOMETRIC and legacy USE_FINGERPRINT permissions to AndroidManifest.xml, ensuring idempotency and correct version targeting.
  • Allows plugin options for customizing Face ID permission text and toggling New Architecture flags. [1] [2]
• Added comprehensive unit tests for the Expo config plugin, covering all supported options, idempotency, and correct permission handling.

Documentation improvements:

• Added docs/EXPO.md with detailed installation, configuration, and troubleshooting instructions for Expo users, including a compatibility matrix and plugin options.
• Added docs/ARCHITECTURE.md documenting the overall package structure, naming conventions, cache strategy, and tree-shaking approach.
• Updated docs/HOOKS.md to clarify that hook caching is per-instance (not global), improved code examples, and explained best practices for sharing capability data between components. [1] [2] [3] [4]

Project configuration:

• Added a .editorconfig file to enforce consistent code style (indentation, charset, line endings, etc.) across the project, with overrides for markdown and data files.

[Copilot]

Pull request overview

This PR improves the library’s developer experience and Expo compatibility by adding an Expo config plugin, strengthening TS-side validation/error reporting, and stabilizing hook return identities. It also adds extensive new documentation and standardizes formatting via .editorconfig.

Changes:

• Add an Expo config plugin (+ tests) to configure New Architecture flags and required iOS/Android permissions.
• Introduce TS-side input validation (InvalidArgumentError) and wire it into the core storage API.
• Refactor hooks to reduce re-renders via structural option caching and useMemo-wrapped results; expand docs.

Reviewed changes

Copilot reviewed 31 out of 34 changed files in this pull request and generated 5 comments.

Show a summary per file

File	Description
tsconfig.json	Enable declarationMap / exactOptionalPropertyTypes, adjust excludes.
src/internal/validate.ts	Add TS-side key/service/value validation with byte-size limits.
src/internal/native.ts	Lazy-load Nitro constructor and throw a friendlier error when missing (Expo Go).
src/index.ts	Re-export InvalidArgumentError and isInvalidArgumentError.
src/hooks/useStableOptions.ts	Replace JSON serialization caching with structural equality via deepEqual.
src/hooks/useSecurityAvailability.ts	Memoize returned result object; clarify per-instance caching behavior.
src/hooks/useSecureStorage.ts	Stabilize empty list identity and memoize return object; stabilize mutation options.
src/hooks/useSecureOperation.ts	Memoize returned result object.
src/hooks/useSecret.ts	Memoize returned result object.
src/hooks/useMutation.ts	Switch to reducer-based state machine; memoize returned API.
src/hooks/useKeyRotation.ts	Memoize returned result object.
src/hooks/useAsync.ts	Switch to reducer-based state machine; memoize returned API; preserve data on error option.
src/hooks/types.ts	Adjust optional types for exactOptionalPropertyTypes.
src/hooks/internal/deepEqual.ts	Add structural equality helper used to stabilize options.
src/hooks/index.ts	Re-export initial state factories.
src/errors.ts	Add InvalidArgumentError + predicate and marker mapping.
src/core/storage.ts	Call TS-side validators and throw typed errors from native boundary.
src/tests/internal.validate.test.ts	Add unit tests for validation helpers.
src/tests/hooks.useSecret.test.tsx	Adjust typings for exact optional semantics in tests.
src/tests/mocks/fixtures.ts	Remove explicit value: undefined to match exact optional semantics.
package.json	Add lint:fix and a Biome-only guard via prelint.
jest.config.js	Expand testMatch to include root __tests__.
example/src/components/useAsyncAction.ts	Remove custom async wrapper hook from example.
example/src/components/StorageCard.tsx	Migrate example actions to useSecureOperation; memoize storage options.
docs/THREAT_MODEL.md	Add threat model documentation.
docs/PERFORMANCE.md	Add performance/bundle policy documentation.
docs/MIGRATION.md	Add migration guide from 5.6 → 6.x.
docs/HOOKS.md	Clarify hook caching semantics; fix import paths to /hooks.
docs/EXPO.md	Add Expo integration guide and plugin options.
docs/ARCHITECTURE.md	Add architecture overview and conventions.
app.plugin.js	Add Expo config plugin for new arch flags, Face ID usage string, and Android permissions.
app.plugin.d.ts	Add TS typings for the Expo config plugin options.
tests/app.plugin.test.ts	Add unit tests for the Expo config plugin behavior/idempotency.
.editorconfig	Add project-wide formatting defaults and per-filetype overrides.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

The plugin options table lists faceIDPermission twice (once as string and once as null). Consider merging into a single row with type string | null and describing the null behavior in the same row to avoid confusion.

Suggested change

	| Prop | Type | Default | Effect |
	| ----------------------- | --------- | --------------------------------------------- | --------------------------------------------------------------------------------------------------------- |
	| `faceIDPermission` | `string` | `"Authenticate to access your secure data."` | Written to `NSFaceIDUsageDescription` if missing. A pre-existing value in your Info.plist is preserved. |
	| `faceIDPermission` | `null` | — | Skips the Info.plist modifier entirely (use when another plugin owns the key). |
	| `enableNewArchitecture` | `boolean` | `true` | Writes `newArchEnabled` (Android) and `RCT_NEW_ARCH_ENABLED` (iOS) flags. |
	| Prop | Type | Default | Effect |
	| ----------------------- | ----------------- | --------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------- |
	| `faceIDPermission` | `string \| null` | `"Authenticate to access your secure data."` | If a string is provided, it is written to `NSFaceIDUsageDescription` if missing; a pre-existing value in your Info.plist is preserved. If `null`, the Info.plist modifier is skipped entirely (use when another plugin owns the key). |
	| `enableNewArchitecture` | `boolean` | `true` | Writes `newArchEnabled` (Android) and `RCT_NEW_ARCH_ENABLED` (iOS) flags. |

[Copilot]

Given the surrogate-pair handling in utf8ByteLength(), it would be good to add a regression test for malformed/unpaired surrogate code units (e.g. a lone high surrogate, or a high surrogate followed by a non-low surrogate). The current implementation can miscount and skip characters in those cases, so a test would prevent reintroducing that bug once fixed.

Suggested change

	})
	})
	it('handles a lone high surrogate without skipping or miscounting bytes', () => {
	// Unpaired surrogates are encoded as the replacement character in UTF-8 (3 bytes).
	const atLimit = 'x'.repeat(MAX_VALUE_BYTES - 3) + '\uD83D'
	const tooBig = 'x'.repeat(MAX_VALUE_BYTES - 2) + '\uD83D'
	expect(() => validateValue(atLimit)).not.toThrow()
	expect(() => validateValue(tooBig)).toThrow(InvalidArgumentError)
	})
	it('handles a high surrogate followed by a non-low surrogate without skipping the next character', () => {
	// '\uD83D' is unpaired here (3 bytes in UTF-8) and 'a' is 1 byte.
	const atLimit = 'x'.repeat(MAX_VALUE_BYTES - 4) + '\uD83Da'
	const tooBig = 'x'.repeat(MAX_VALUE_BYTES - 3) + '\uD83Da'
	expect(() => validateValue(atLimit)).not.toThrow()
	expect(() => validateValue(tooBig)).toThrow(InvalidArgumentError)
	})

[Copilot]

utf8ByteLength() treats any high surrogate as the start of a surrogate pair: it always adds 4 bytes and increments i. For unpaired or malformed surrogates (high surrogate at end, or not followed by a low surrogate), this will undercount and can skip counting the next code unit entirely. Please check that the next code unit is a low surrogate before counting 4 bytes / advancing i; otherwise count the current code unit as a 3-byte sequence and continue normally.

[Copilot]

deepEqual() is used by hooks for stability, and useStableOptions' docs claim circular references "do not throw". As implemented, deepEqual will recurse infinitely on circular arrays/objects and eventually stack overflow. Either add cycle detection (e.g., track seen pairs) so circular structures return false safely, or update the hook/docs to explicitly state circular references are unsupported.

[Copilot]

withFaceIDUsageDescription() checks if (!modConfig.modResults.NSFaceIDUsageDescription), which will overwrite a user-provided empty string (or other falsy values). If the intent is to only fill when the key is missing, check specifically for undefined/null instead of falsiness so existing values are always preserved.

Suggested change

	if (!modConfig.modResults.NSFaceIDUsageDescription) {
	if (modConfig.modResults.NSFaceIDUsageDescription == null) {