fix: allow @workos-inc/node v10 as peer dependency

[gjtorikian]

Summary

• Widen the @workos-inc/node peer dependency range from ^8.0.0 || ^9.0.0 to also include ^10.0.0.
• WorkOS published v10 of the Node SDK; this lets consumers on the new major install authkit-session without peer-dependency conflicts.
• Existing v8 and v9 users remain supported — the range is widened, not bumped.

c.f. #32

Test plan

• npm install against @workos-inc/node v10 resolves without peer-dependency warnings
• Existing test suite passes (npm test)
• No code changes required — packaging-only change

[greptile-apps]

Greptile Summary

This PR widens the @workos-inc/node peer dependency range in package.json from ^8.0.0 || ^9.0.0 to ^8.0.0 || ^9.0.0 || ^10.0.0, allowing consumers using the v10 Node SDK to install authkit-session without peer-dependency conflicts.

• The change is a single line in package.json — no library code is modified.
• The devDependencies entry for @workos-inc/node remains pinned at ^9.2.0, so the CI test suite runs against v9, not v10, leaving v10 API compatibility unverified by the test plan.

Confidence Score: 3/5

The peer dependency range is safely widened for consumers, but the library's own tests still run exclusively against v9 — if v10 introduced any breaking changes to the WorkOS constructor, auth response shape, or exported types, those would ship silently to consumers.

The only changed file is package.json. Widening the peer range is the correct approach for a new major SDK release, but the dev dependency is not updated to match, leaving the ^10.0.0 support claim unverified by any tests. Since @workos-inc/node v10 is already at v10.2.0 and follows SemVer for breaking changes, this gap is meaningful before advertising v10 support to consumers.

package.json — the devDependency should be reviewed alongside the peer range change.

Important Files Changed

Filename	Overview
package.json	Peer dependency widened to include ^10.0.0, but devDependency remains on ^9.2.0 — v10 compatibility is untested.

Sequence Diagram

sequenceDiagram
    participant Consumer as Consumer App
    participant NPM as npm/pnpm
    participant AKS as authkit-session
    participant WN as @workos-inc/node

    Consumer->>NPM: install authkit-session
    NPM->>AKS: resolve peerDependencies
    AKS-->>NPM: "@workos-inc/node": "^8.0.0 || ^9.0.0 || ^10.0.0"
    NPM->>WN: resolve v8, v9, or v10
    WN-->>NPM: satisfied (no peer conflict)
    NPM-->>Consumer: install successful

    Note over AKS,WN: devDependencies still pins ^9.2.0<br/>Tests run against v9 only

Loading

Comments Outside Diff (1)

1. package.json, line 48 (link)

   Dev dependency lags the widened peer range

   devDependencies pins @workos-inc/node at ^9.2.0, so the test suite only exercises v9. @workos-inc/node follows SemVer and v10 is already at v10.2.0 (latest as of the PR). Any v10 breaking changes that affect the WorkOS constructor shape, User/Impersonator types, or the authenticateWithCode/authenticateWithRefreshToken response structure would pass undetected here. Consider bumping the dev dependency to ^10.0.0 (or adding a v10 CI matrix job) before shipping v10 support to consumers.

   Note: If this suggestion doesn't match your team's coding style, reply to this and let me know. I'll remember it for next time!

_{Reviews (1): Last reviewed commit: "fix: allow @workos-inc/node v10 as peer ..." | Re-trigger Greptile}