feat(iam): user management

[designcode]

Note

Low Risk
Lint-only configuration change; affects developer tooling and CI lint behavior but not runtime code.

Overview
Migrates ESLint configuration from legacy .eslintrc.json to the ESLint v10 flat config format via a new eslint.config.js.

The new config keeps the same TypeScript and core rule set while switching ignore patterns to glob-based ignores entries.

^{Written by Cursor Bugbot for commit e9a50a0. This will update automatically on new commits. Configure here.}

[greptile-apps]

Greptile Summary

This PR adds comprehensive user management functionality to the IAM package, including inviting users, listing users/invitations, updating roles, and deleting users/invitations. The implementation includes proper validation to prevent accidental removal or demotion of organization owners.

• Added management endpoint support (mgmtEndpoint) alongside existing IAM endpoint
• Implemented 5 new user management operations with consistent API patterns
• Added organization owner protection in deleteUser and updateUserRole to prevent removing/demoting owners
• Proper API response transformation from snake_case to camelCase
• Consistent error handling across all operations

One issue found: config.ts removed the default fallback for iamEndpoint when loading from env vars, which could cause undefined values (though http-client.ts still provides a fallback).

Confidence Score: 4/5

• This PR is safe to merge with minimal risk after addressing the config default value issue
• The implementation is well-structured with proper validation and error handling. The only issue is the removed default fallback in config.ts which could lead to undefined values, though there's still a fallback in http-client.ts. All new functionality follows existing patterns and includes owner protection logic.
• Pay close attention to packages/iam/src/lib/config.ts - verify the removed default fallback doesn't break existing deployments

Important Files Changed

Filename	Overview
packages/iam/src/lib/config.ts	Removed unused error handling utilities and added mgmtEndpoint configuration. Removed default fallback for iamEndpoint which could cause issues if env var is not set.
packages/iam/src/lib/users/list.ts	Implements user and invitation listing with proper API response transformation and null-safe handling.
packages/iam/src/lib/users/delete.ts	Implements user deletion with organization owner protection logic to prevent accidental removal of owners.
packages/iam/src/lib/users/update-role.ts	Implements role updates with validation to prevent demoting organization owners from admin role.

_{Last reviewed commit: 27680ca}

[greptile-apps]

_{10 files reviewed, 1 comment}

_{Edit Code Review Agent Settings | Greptile}

[github-actions]

🎉 This PR is included in version 1.3.0 🎉

The release is available on:

• GitHub release
• npm package (@latest dist-tag)

Your semantic-release bot 📦🚀

[github-actions]

🎉 This PR is included in version 2.14.0 🎉

The release is available on:

• GitHub release
• npm package (@latest dist-tag)

Your semantic-release bot 📦🚀