update dependency

.prettierignore

@@ -8,18 +8,11 @@ node_modules
 !.env.example
 /.vscode
 /.auri/*.md
-/test-apps/**/.svelte-kit
-/test-apps/**/.next
-/test-apps/**/.nuxt
-/examples/**/.svelte-kit
-/examples/**/.next
-/examples/**/.nuxt
-/examples/**/.solid
-/packages/**/dist
-/documentation/dist
+
+docs/dist
+packages/*/dist
 
 # Ignore files for PNPM, NPM and YARN
 pnpm-lock.yaml
 package-lock.json
 yarn.lock
-

docs/pages/basics/users.md

@@ -24,10 +24,10 @@ await db.createUser({
 });
 ```
 
-Use Oslo's [`generateRandomString()`](https://oslo.js.org/reference/random/generateRandomString) if you're looking for a more customizable option.
+Use Oslo's [`generateRandomString()`](https://oslo.js.org/reference/crypto/generateRandomString) if you're looking for a more customizable option.
 
 ```ts
-import { generateRandomString, alphabet } from "oslo/random";
+import { generateRandomString, alphabet } from "oslo/crypto";
 
 await db.createUser({
 	id: generateRandomString(15, alphabet("a-z", "A-Z", "0-9"))

docs/pages/guides/email-and-password/email-verification-codes.md

@@ -56,7 +56,7 @@ The code should be valid for few minutes and linked to a single email.
 
 ```ts
 import { TimeSpan, createDate } from "oslo";
-import { generateRandomString, alphabet } from "oslo/random";
+import { generateRandomString, alphabet } from "oslo/crypto";
 
 async function generateEmailVerificationCode(userId: string, email: string): Promise<string> {
 	await db.table("email_verification_code").where("user_id", "=", userId).deleteAll();

docs/pages/guides/validate-session-cookies/index.md

@@ -16,7 +16,7 @@ This guide is also available for:
 - [SolidStart](/guides/validate-session-cookies/solidstart)
 - [SvelteKit](/guides/validate-session-cookies/sveltekit)
 
-**CSRF protection must be implemented when using cookies and forms.** This can be easily done by comparing the `Origin` and `Host` header. 
+**CSRF protection must be implemented when using cookies and forms.** This can be easily done by comparing the `Origin` and `Host` header.
 
 For non-GET requests, check the request origin. You can use `readSessionCookie()` to get the session cookie from a HTTP `Cookie` header, and validate it with `Lucia.validateSession()`. Make sure to delete the session cookie if it's invalid and create a new session cookie when the expiration gets extended, which is indicated by `Session.fresh`.
 

docs/pages/guides/validate-session-cookies/sveltekit.md

@@ -60,7 +60,7 @@ import type { Actions, PageServerLoad } from "./$types";
 
 export const load: PageServerLoad = async (event) => {
 	if (!event.locals.user) {
-		 redirect("/login");
+		redirect("/login");
 	}
 	// ...
 };

docs/pages/reference/main/generateId.md

@@ -19,7 +19,7 @@ function generateId(length: number): string;
 ## Example
 
 ```ts
-import { generateId } from "oslo/random";
+import { generateId } from "lucia";
 
 // 10-characters long string
 generateId(10);

docs/pages/tutorials/github-oauth/sveltekit.md

@@ -118,7 +118,7 @@ export async function GET(event: RequestEvent): Promise<Response> {
 		sameSite: "lax"
 	});
 
-	 redirect(302, url.toString());
+	redirect(302, url.toString());
 }
 ```
 
@@ -210,7 +210,7 @@ You can validate requests by checking `locals.user`. The field `user.username` i
 import type { PageServerLoad, Actions } from "./$types";
 
 export const load: PageServerLoad = async (event) => {
-	if (!event.locals.user)  redirect(302, "/login");
+	if (!event.locals.user) redirect(302, "/login");
 	return {
 		username: event.locals.user.username
 	};
@@ -243,7 +243,7 @@ export const actions: Actions = {
 			path: ".",
 			...sessionCookie.attributes
 		});
-		 redirect(302, "/login");
+		redirect(302, "/login");
 	}
 };
 ```

docs/pages/upgrade-v3/prisma/postgresql.md

@@ -8,7 +8,6 @@ The v3 Prisma adapter now requires all fields to be `camelCase`.
 
 **Migration must be handled manually or else you will lose all your data**. **Do NOT use Prisma's migration tools as is**. Read this guide carefully as some parts depend on your current structure (**especially the table names**), and feel free to ask questions on our Discord server if you have any questions.
 
-
 ## Update session table
 
 The main change to the session table is that the `idle_expires` and `active_expires` fields are replaced with a single `expiresAt` field. Unlike the previous columns, it's a `DateTime` type. Update the `Session` model. Make sure to add any custom attributes you previously had.

packages/adapter-test/package.json

@@ -41,6 +41,6 @@
 	},
 	"dependencies": {
 		"mocha": "^10.2.0",
-		"oslo": "^0.16.0"
+		"oslo": "0.28.2"
 	}
 }

packages/adapter-test/src/index.ts

@@ -1,5 +1,5 @@
 import { Adapter, DatabaseSession, DatabaseUser } from "lucia";
-import { generateRandomString, alphabet } from "oslo/random";
+import { generateRandomString, alphabet } from "oslo/crypto";
 import assert from "node:assert/strict";
 
 export const databaseUser: DatabaseUser = {

packages/lucia/package.json

@@ -35,6 +35,6 @@
 		"vitest": "^0.33.0"
 	},
 	"dependencies": {
-		"oslo": "0.28.1"
+		"oslo": "0.28.2"
 	}
 }

packages/lucia/src/crypto.ts

@@ -1,7 +1,6 @@
 import { encodeHex, decodeHex } from "oslo/encoding";
-import { constantTimeEqual } from "oslo/crypto";
+import { constantTimeEqual, generateRandomString, alphabet } from "oslo/crypto";
 import { scrypt } from "./scrypt/index.js";
-import { alphabet, generateRandomString } from "oslo/random";
 
 import type { PasswordHashingAlgorithm } from "oslo/password";
 

packages/lucia/src/scrypt/index.test.ts

@@ -1,7 +1,7 @@
 import { expect, test } from "vitest";
 import { scrypt } from "./index.js";
 import { scryptSync as nodeScrypt } from "node:crypto";
-import { generateRandomString, alphabet } from "oslo/random";
+import { generateRandomString, alphabet } from "oslo/crypto";
 import { encodeHex } from "oslo/encoding";
 
 test("scrypt() output matches crypto", async () => {