v6.1.3

🛠️ v6.1.3 — Release Pipeline & Bundler Compatibility Fixes

TL;DR — v6.1.2 shipped a broken tarball: it was missing all nitrogen/generated/ native bindings (breaking pod install with cannot load such file -- nitrogen/generated/ios/SensitiveInfo+autolinking.rb) and its exports map could not be resolved by some bundlers (Re.Pack/rspack), causing Cannot find module 'react-native-sensitive-info/hooks' at build time.

v6.1.3 is a pure release-tooling fix — no runtime/API changes. Upgrade and rebuild.

---

🚑 Bug Fixes

📦 Restore missing iOS / Android native bindings in the published tarball

v6.1.2 was published without any nitrogen/generated/ output because:

• nitrogen/ is gitignored (it's a build artifact).
• The previous release-it before:init hook only ran typecheck + bob build, not nitrogen codegen.
• So when CI checked out a clean tree, the nitrogen/ directory never existed at publish time.

Symptom on consumer side:

[!] Invalid Podfile file: [!] Invalid SensitiveInfo.podspec file:
cannot load such file -- nitrogen/generated/ios/SensitiveInfo+autolinking.rb.

Fix: the release pipeline now always regenerates nitrogen artifacts (via npm run codegen) before packing/publishing, and aborts the release if any expected artifact is missing.

🔌 Fix Cannot find module 'react-native-sensitive-info/hooks' under Re.Pack / rspack

Some bundlers (notably Re.Pack/rspack, and certain Metro configurations) don't resolve the package exports map for subpath imports, so import { useSecret } from 'react-native-sensitive-info/hooks' failed at build time even though the files were physically present in node_modules.

Fix: added classic subpath proxy directories (hooks/, errors/) following the same pattern used by date-fns, lodash, react-router, and @reduxjs/toolkit. They expose main / module / react-native / types fields pointing into lib/..., so any bundler that falls back to filesystem resolution can find them. Modern bundlers continue to use the exports map — both paths resolve to the same files.

// hooks/package.json (shipped in the tarball)
{
  "main":         "../lib/commonjs/hooks/index.js",
  "module":       "../lib/module/hooks/index.js",
  "react-native": "../lib/module/hooks/index.js",
  "types":        "../lib/typescript/commonjs/src/hooks/index.d.ts",
  "sideEffects":  false
}

---

✅ Release Pipeline Hardening

To make sure this kind of regression can never ship again, release-it's before:init hook now runs a single release:prepare script that performs three sequential checks. Any failure aborts the publish + git push.

#	Step	What it guarantees
1	🏗️ npm run codegen	Regenerates nitrogen/ (iOS/Android autolinking, shared C++ headers) and runs bob build.
2	🔍 verify-release-artifacts.js	Fast filesystem check for 11 critical artifacts in the workspace. Fails fast with an actionable message.
3	🚀 smoke-test-release.js	Full end-to-end consumer simulation: npm pack → install into a sandbox → resolve every documented subpath via both the exports map and the legacy proxy fields → ruby -c on the podspec + autolinking.rb to catch parse errors.

If v6.1.2 had been gated by this pipeline, the release would have been blocked at step 3 with a clear error pointing at the missing nitrogen/generated/ios/SensitiveInfo+autolinking.rb.

---

🧰 What you need to do

Just bump the version — no code changes are required:

npm install react-native-sensitive-info@^6.1.3
# then on iOS:
cd ios && pod install

If you were stuck on v6.1.2 due to the pod install or Cannot find module 'react-native-sensitive-info/hooks' errors, both are resolved.

---

📁 Files changed

• package.json — added release:prepare script; before:init now runs it; hooks/ and errors/ added to files.
• hooks/package.json (new) — subpath proxy for bundlers without exports support.
• errors/package.json (new) — subpath proxy for bundlers without exports support.
• scripts/verify-release-artifacts.js (new) — workspace-level artifact check.
• scripts/smoke-test-release.js (new) — end-to-end pack/install/resolve smoke test.