@cognite/dune 0.3.1 → 0.3.2

package/bin/auth/authentication-flow.js

@@ -4,11 +4,13 @@
  * Orchestrates the complete OAuth 2.0 authentication flow with PKCE.
  */
 
-import open from "open";
-import { CryptoUtils } from "../utils/crypto.js";
-import { CallbackServer } from "./callback-server.js";
-import { CertificateManager } from "./certificate-manager.js";
-import { OAuthClient } from "./oauth-client.js";
+import open from 'open';
+
+import { CryptoUtils } from '../utils/crypto.js';
+
+import { CallbackServer } from './callback-server.js';
+import { CertificateManager } from './certificate-manager.js';
+import { OAuthClient } from './oauth-client.js';
 
 export class AuthenticationFlow {
   /**
@@ -25,10 +27,10 @@ export class AuthenticationFlow {
    * @throws {Error} If configuration is invalid
    */
   validateConfig() {
-    if (this.config.clientId === "your-client-id" || !this.config.clientId) {
+    if (this.config.clientId === 'your-client-id' || !this.config.clientId) {
       throw new Error(
-        "Please set the CDF_CLIENT_ID environment variable\n" +
-          "  Example: export CDF_CLIENT_ID=<your-client-id>"
+        'Please set the CDF_CLIENT_ID environment variable\n' +
+          '  Example: export CDF_CLIENT_ID=<your-client-id>'
       );
     }
   }
@@ -39,7 +41,7 @@ export class AuthenticationFlow {
    * @returns {Promise<Object>} Access tokens
    */
   async login(organization) {
-    console.log("🔐 Starting CDF login flow...\n");
+    console.log('🔐 Starting CDF login flow...\n');
 
     this.validateConfig();
 
@@ -70,15 +72,15 @@ export class AuthenticationFlow {
     if (organization) {
       console.log(`🏢 Organization: ${organization}`);
     }
-    console.log("🚀 Opening browser for authentication...\n");
+    console.log('🚀 Opening browser for authentication...\n');
 
     try {
       await open(authUrl);
-    } catch (error) {
-      console.error("❌ Failed to open browser automatically.");
-      console.error("Please open this URL manually:\n");
+    } catch (_error) {
+      console.error('❌ Failed to open browser automatically.');
+      console.error('Please open this URL manually:\n');
       console.error(authUrl);
-      console.error("");
+      console.error('');
     }
 
     // Wait for callback

package/bin/auth/callback-server.js

@@ -4,8 +4,8 @@
  * HTTPS server that handles OAuth 2.0 authorization callbacks.
  */
 
-import https from "node:https";
-import { parse } from "node:url";
+import https from 'node:https';
+import { parse } from 'node:url';
 
 export class CallbackServer {
   /**
@@ -31,7 +31,7 @@ export class CallbackServer {
    */
   static generateHtml(type, title, message) {
     const animation =
-      type === "success"
+      type === 'success'
         ? `
       <style>
         @keyframes checkmark {
@@ -42,7 +42,7 @@ export class CallbackServer {
         h1 { animation: checkmark 0.5s ease-out; }
       </style>
     `
-        : "";
+        : '';
 
     return `
       <html>
@@ -68,9 +68,9 @@ export class CallbackServer {
   async handleCallback(req, res, expectedState, codeVerifier, oauthClient) {
     const parsedUrl = parse(req.url, true);
 
-    if (parsedUrl.pathname !== "/") {
+    if (parsedUrl.pathname !== '/') {
       res.writeHead(404);
-      res.end("Not found");
+      res.end('Not found');
       return { shouldClose: false };
     }
 
@@ -78,8 +78,8 @@ export class CallbackServer {
 
     // Handle authentication error
     if (error) {
-      res.writeHead(400, { "Content-Type": "text/html" });
-      res.end(CallbackServer.generateHtml("error", "Authentication Error", String(error)));
+      res.writeHead(400, { 'Content-Type': 'text/html' });
+      res.end(CallbackServer.generateHtml('error', 'Authentication Error', String(error)));
       return {
         shouldClose: true,
         error: new Error(`Authentication error: ${error}`),
@@ -88,20 +88,20 @@ export class CallbackServer {
 
     // Validate state to prevent CSRF
     if (returnedState !== expectedState) {
-      res.writeHead(400, { "Content-Type": "text/html" });
+      res.writeHead(400, { 'Content-Type': 'text/html' });
       res.end(
         CallbackServer.generateHtml(
-          "security",
-          "Security Error",
-          "State mismatch. Possible CSRF attack."
+          'security',
+          'Security Error',
+          'State mismatch. Possible CSRF attack.'
         )
       );
-      return { shouldClose: true, error: new Error("State mismatch") };
+      return { shouldClose: true, error: new Error('State mismatch') };
     }
 
     // Exchange code for tokens
     try {
-      console.log("🔄 Exchanging authorization code for tokens...");
+      console.log('🔄 Exchanging authorization code for tokens...');
       const openIdConfig = await oauthClient.fetchOpenIdConfiguration();
       const tokens = await oauthClient.exchangeCodeForTokens(
         openIdConfig.token_endpoint,
@@ -109,19 +109,19 @@ export class CallbackServer {
         codeVerifier
       );
 
-      res.writeHead(200, { "Content-Type": "text/html" });
+      res.writeHead(200, { 'Content-Type': 'text/html' });
       res.end(
         CallbackServer.generateHtml(
-          "success",
-          "Login Successful!",
-          "You can close this window and return to the terminal."
+          'success',
+          'Login Successful!',
+          'You can close this window and return to the terminal.'
         )
       );
 
       return { shouldClose: true, tokens };
     } catch (err) {
-      res.writeHead(500, { "Content-Type": "text/html" });
-      res.end(CallbackServer.generateHtml("error", "Token Exchange Failed", err.message));
+      res.writeHead(500, { 'Content-Type': 'text/html' });
+      res.end(CallbackServer.generateHtml('error', 'Token Exchange Failed', err.message));
       return { shouldClose: true, error: err };
     }
   }
@@ -155,8 +155,8 @@ export class CallbackServer {
       });
 
       // Handle server errors
-      this.server.on("error", (error) => {
-        if (error.code === "EADDRINUSE") {
+      this.server.on('error', (error) => {
+        if (error.code === 'EADDRINUSE') {
           console.error(
             `❌ Port ${this.config.port} is already in use. Please close the other application.`
           );
@@ -174,7 +174,7 @@ export class CallbackServer {
       // Setup timeout
       setTimeout(() => {
         this.server.close();
-        reject(new Error("Login timeout - no response received within 5 minutes"));
+        reject(new Error('Login timeout - no response received within 5 minutes'));
       }, this.config.loginTimeout);
     });
   }

package/bin/auth/certificate-manager.js

@@ -5,9 +5,9 @@
  * for the local HTTPS OAuth callback server.
  */
 
-import { execSync } from "node:child_process";
-import fs from "node:fs";
-import path from "node:path";
+import { execSync } from 'node:child_process';
+import fs from 'node:fs';
+import path from 'node:path';
 
 export class CertificateManager {
   /**
@@ -15,8 +15,8 @@ export class CertificateManager {
    */
   constructor(certDir) {
     this.certDir = certDir;
-    this.keyPath = path.join(certDir, "localhost-key.pem");
-    this.certPath = path.join(certDir, "localhost-cert.pem");
+    this.keyPath = path.join(certDir, 'localhost-key.pem');
+    this.certPath = path.join(certDir, 'localhost-cert.pem');
   }
 
   /**
@@ -44,7 +44,7 @@ export class CertificateManager {
    * @throws {Error} If OpenSSL is not available or certificate generation fails
    */
   generateCertificate() {
-    console.log("🔐 Generating self-signed certificate for HTTPS...");
+    console.log('🔐 Generating self-signed certificate for HTTPS...');
 
     // Ensure directory exists
     if (!fs.existsSync(this.certDir)) {
@@ -54,16 +54,16 @@ export class CertificateManager {
     try {
       const cmd = `openssl req -x509 -newkey rsa:2048 -nodes -sha256 -subj '/CN=localhost' -keyout "${this.keyPath}" -out "${this.certPath}" -days 365 2>/dev/null`;
 
-      execSync(cmd, { stdio: "pipe" });
-      console.log("✅ Certificate generated and saved to ~/.cdf-login/\n");
+      execSync(cmd, { stdio: 'pipe' });
+      console.log('✅ Certificate generated and saved to ~/.cdf-login/\n');
 
       return this.loadCertificates();
-    } catch (error) {
+    } catch (_error) {
       throw new Error(
-        "Failed to generate self-signed certificate. Make sure openssl is installed.\n" +
-          "  On macOS: openssl is pre-installed\n" +
-          "  On Linux: sudo apt-get install openssl\n" +
-          "  On Windows: Install OpenSSL or use WSL"
+        'Failed to generate self-signed certificate. Make sure openssl is installed.\n' +
+          '  On macOS: openssl is pre-installed\n' +
+          '  On Linux: sudo apt-get install openssl\n' +
+          '  On Windows: Install OpenSSL or use WSL'
       );
     }
   }

package/bin/auth/client-credentials.js

@@ -4,19 +4,19 @@
  * @returns {string} Cluster name like "aw-dub-gp-001"
  */
 function extractClusterFromUrl(url) {
-  if (!url) return "";
+  if (!url) return '';
 
   try {
     const urlObj = new URL(url);
     const hostname = urlObj.hostname;
     // Remove .cognitedata.com suffix
-    return hostname.replace(/\.cognitedata\.com$/, "");
-  } catch (error) {
+    return hostname.replace(/\.cognitedata\.com$/, '');
+  } catch (_error) {
     // Fallback to simple string manipulation
-    let cluster = url.replace(/^https?:\/\//, "");
-    cluster = cluster.split("/")[0]; // Remove path
-    cluster = cluster.split(":")[0]; // Remove port
-    cluster = cluster.replace(/\.cognitedata\.com$/, "");
+    let cluster = url.replace(/^https?:\/\//, '');
+    cluster = cluster.split('/')[0]; // Remove path
+    cluster = cluster.split(':')[0]; // Remove port
+    cluster = cluster.replace(/\.cognitedata\.com$/, '');
     return cluster;
   }
 }
@@ -28,7 +28,6 @@ function extractClusterFromUrl(url) {
  * Supports both CDF and Entra ID authentication providers.
  */
 
-// biome-ignore lint/complexity/noStaticOnlyClass: <explanation>
 export class ClientCredentialsAuth {
   /**
    * Get access token using client credentials (CDF provider)
@@ -38,23 +37,23 @@ export class ClientCredentialsAuth {
    */
   static async getTokenCdf(clientId, clientSecret) {
     if (!clientId || !clientSecret) {
-      throw new Error("CLIENT_ID and CLIENT_SECRET must be provided");
+      throw new Error('CLIENT_ID and CLIENT_SECRET must be provided');
     }
 
-    const credentials = Buffer.from(`${clientId}:${clientSecret}`).toString("base64");
+    const credentials = Buffer.from(`${clientId}:${clientSecret}`).toString('base64');
     const header = `Basic ${credentials}`;
 
-    console.log("🔑 Authenticating with CDF client credentials...");
+    console.log('🔑 Authenticating with CDF client credentials...');
 
     try {
-      const response = await fetch("https://auth.cognite.com/oauth2/token", {
-        method: "POST",
+      const response = await fetch('https://auth.cognite.com/oauth2/token', {
+        method: 'POST',
         headers: {
           Authorization: header,
-          "Content-Type": "application/x-www-form-urlencoded",
+          'Content-Type': 'application/x-www-form-urlencoded',
         },
         body: new URLSearchParams({
-          grant_type: "client_credentials",
+          grant_type: 'client_credentials',
         }),
       });
 
@@ -68,7 +67,7 @@ export class ClientCredentialsAuth {
       const data = await response.json();
 
       if (!data.access_token) {
-        throw new Error("No access token returned from authentication");
+        throw new Error('No access token returned from authentication');
       }
 
       return data.access_token;
@@ -88,23 +87,23 @@ export class ClientCredentialsAuth {
   static async getTokenEntra(clientId, clientSecret, tokenUrl, scope) {
     if (!clientId || !clientSecret || !tokenUrl || !scope) {
       throw new Error(
-        "CLIENT_ID, CLIENT_SECRET, TOKEN_URL, and SCOPES must be provided for Entra ID"
+        'CLIENT_ID, CLIENT_SECRET, TOKEN_URL, and SCOPES must be provided for Entra ID'
       );
     }
 
-    console.log("🔑 Authenticating with Entra ID client credentials...");
+    console.log('🔑 Authenticating with Entra ID client credentials...');
 
     try {
       const response = await fetch(tokenUrl, {
-        method: "POST",
+        method: 'POST',
         headers: {
-          "Content-Type": "application/x-www-form-urlencoded",
+          'Content-Type': 'application/x-www-form-urlencoded',
         },
         body: new URLSearchParams({
           client_id: clientId,
           client_secret: clientSecret,
           scope: scope,
-          grant_type: "client_credentials",
+          grant_type: 'client_credentials',
         }),
       });
 
@@ -118,7 +117,7 @@ export class ClientCredentialsAuth {
       const data = await response.json();
 
       if (!data.access_token) {
-        throw new Error("No access token returned from authentication");
+        throw new Error('No access token returned from authentication');
       }
 
       return data.access_token;
@@ -140,12 +139,12 @@ export class ClientCredentialsAuth {
    * @returns {Promise<string>} Access token
    */
   static async getToken(config) {
-    const provider = (config.provider || "cdf").toLowerCase();
+    const provider = (config.provider || 'cdf').toLowerCase();
 
-    if (provider === "cdf") {
+    if (provider === 'cdf') {
       return ClientCredentialsAuth.getTokenCdf(config.clientId, config.clientSecret);
     }
-    if (provider === "entra") {
+    if (provider === 'entra') {
       const tokenUrl = ClientCredentialsAuth.buildEntraTokenUrl(config.tenantId, config.tokenUrl);
       const scope = ClientCredentialsAuth.buildEntraScope(config.cluster, config.scopes);
 
@@ -171,7 +170,7 @@ export class ClientCredentialsAuth {
     }
 
     if (!tenantId) {
-      throw new Error("TENANT_ID is required for Entra ID authentication (or provide TOKEN_URL)");
+      throw new Error('TENANT_ID is required for Entra ID authentication (or provide TOKEN_URL)');
     }
 
     return `https://login.microsoftonline.com/${tenantId}/oauth2/v2.0/token`;
@@ -188,7 +187,7 @@ export class ClientCredentialsAuth {
 
     if (!cluster) {
       throw new Error(
-        "Cluster information is required to auto-generate scopes (or provide SCOPES)"
+        'Cluster information is required to auto-generate scopes (or provide SCOPES)'
       );
     }
 
@@ -200,13 +199,13 @@ export class ClientCredentialsAuth {
    * @returns {Object} Configuration object with provider and credentials
    */
   static loadFromEnv() {
-    const provider = (process.env.PROVIDER || "cdf").toLowerCase();
+    const provider = (process.env.PROVIDER || 'cdf').toLowerCase();
     const clientId = process.env.CLIENT_ID;
     const clientSecret = process.env.CLIENT_SECRET;
 
     if (!clientId || !clientSecret) {
       throw new Error(
-        "Missing required environment variables: CLIENT_ID and CLIENT_SECRET must be set"
+        'Missing required environment variables: CLIENT_ID and CLIENT_SECRET must be set'
       );
     }
 
@@ -217,21 +216,21 @@ export class ClientCredentialsAuth {
     };
 
     // Load provider-specific configuration
-    if (provider === "entra") {
+    if (provider === 'entra') {
       config.tenantId = process.env.TENANT_ID;
       config.tokenUrl = process.env.TOKEN_URL;
       config.scopes = process.env.SCOPES;
 
       // Validate required fields
       if (!config.tenantId && !config.tokenUrl) {
-        throw new Error("For Entra ID provider, either TENANT_ID or TOKEN_URL must be set");
+        throw new Error('For Entra ID provider, either TENANT_ID or TOKEN_URL must be set');
       }
 
       // Extract cluster from BASE_URL for scope generation
       if (process.env.BASE_URL) {
         config.cluster = extractClusterFromUrl(process.env.BASE_URL);
       } else if (!config.scopes) {
-        throw new Error("For Entra ID provider, either BASE_URL or SCOPES must be set");
+        throw new Error('For Entra ID provider, either BASE_URL or SCOPES must be set');
       }
     }
 

package/bin/auth/oauth-client.js

@@ -41,7 +41,7 @@ export class OAuthClient {
    */
   async exchangeCodeForTokens(tokenEndpoint, code, codeVerifier) {
     const params = new URLSearchParams({
-      grant_type: "authorization_code",
+      grant_type: 'authorization_code',
       client_id: this.config.clientId,
       code: code,
       redirect_uri: this.config.redirectUri,
@@ -49,9 +49,9 @@ export class OAuthClient {
     });
 
     const response = await fetch(tokenEndpoint, {
-      method: "POST",
+      method: 'POST',
       headers: {
-        "Content-Type": "application/x-www-form-urlencoded",
+        'Content-Type': 'application/x-www-form-urlencoded',
       },
       body: params.toString(),
     });
@@ -76,15 +76,15 @@ export class OAuthClient {
     const params = new URLSearchParams({
       client_id: this.config.clientId,
       redirect_uri: this.config.redirectUri,
-      response_type: "code",
-      scope: "openid profile email",
+      response_type: 'code',
+      scope: 'openid profile email',
       state: state,
       code_challenge: codeChallenge,
-      code_challenge_method: "S256",
+      code_challenge_method: 'S256',
     });
 
     if (organization) {
-      params.append("organization_hint", organization);
+      params.append('organization_hint', organization);
     }
 
     return `${authorizationEndpoint}?${params.toString()}`;

package/bin/cli.js

@@ -1,10 +1,11 @@
 #!/usr/bin/env node
 
-import { basename, dirname, normalize, resolve } from "node:path";
-import { fileURLToPath } from "node:url";
-import { Logger, runner } from "hygen";
+import { basename, dirname, normalize, resolve } from 'node:path';
+import { fileURLToPath } from 'node:url';
 
-const defaultTemplates = resolve(dirname(fileURLToPath(import.meta.url)), "..", "_templates");
+import { Logger, runner } from 'hygen';
+
+const defaultTemplates = resolve(dirname(fileURLToPath(import.meta.url)), '..', '_templates');
 
 /**
  * Creates a prompter function for hygen that handles useCurrentDir logic
@@ -23,7 +24,7 @@ export function createAppPrompter(isCurrentDir, dirName, enquirer, onAppName) {
       if (isCurrentDir) {
         const currentDirName = basename(process.cwd());
         const modifiedPrompts = prompts.map((p) => {
-          if (p.name === "name") {
+          if (p.name === 'name') {
             return {
               ...p,
               initial: currentDirName,
@@ -42,7 +43,7 @@ export function createAppPrompter(isCurrentDir, dirName, enquirer, onAppName) {
       if (dirName) {
         // Pre-fill the name prompt with directory name (user can change it)
         const modifiedPrompts = prompts.map((p) => {
-          if (p.name === "name") {
+          if (p.name === 'name') {
             return {
               ...p,
               initial: dirName,
@@ -72,19 +73,19 @@ async function main() {
   const command = args[0];
 
   // Handle different commands
-  if (command === "create" || command === "new" || !command || command === ".") {
+  if (command === 'create' || command === 'new' || !command || command === '.') {
     // TODO(DUNE-362): simplify directory resolution logic
     // Parse directory argument
     // Support: npx @cognite/dune create . or npx @cognite/dune .
     let dirArg;
-    if (command === ".") {
+    if (command === '.') {
       // If first arg is ".", treat it as directory argument with no command
-      dirArg = ".";
-    } else if (command === "create" || command === "new") {
+      dirArg = '.';
+    } else if (command === 'create' || command === 'new') {
       dirArg = args[1];
     }
     // When !command: no args, dirArg stays undefined (create app interactively)
-    const isCurrentDir = dirArg === "." || dirArg === "./";
+    const isCurrentDir = dirArg === '.' || dirArg === './';
 
     // Extract directory name from path (handles ./test-folder -> test-folder)
     let dirName = null;
@@ -94,10 +95,10 @@ async function main() {
     }
 
     // Run the app generator
-    const hygenArgs = ["app", "new"];
+    const hygenArgs = ['app', 'new'];
 
     try {
-      const enquirer = await import("enquirer");
+      const enquirer = await import('enquirer');
 
       // Track the app name from prompts
       let appName = null;
@@ -110,7 +111,7 @@ async function main() {
           appName = name;
         }),
         exec: async (action, body) => {
-          const { execa } = await import("execa");
+          const { execa } = await import('execa');
           const opts = body && body.length > 0 ? { input: body } : {};
           return execa(action, { shell: true, ...opts });
         },
@@ -118,9 +119,9 @@ async function main() {
       });
 
       // Print success message with next steps
-      const installAndDevSteps = "  pnpm install\n  pnpm dev";
-      const deployLabel = "To deploy your app:";
-      const deployCommand = "npx @cognite/dune deploy:interactive";
+      const installAndDevSteps = '  pnpm install\n  pnpm dev';
+      const deployLabel = 'To deploy your app:';
+      const deployCommand = 'npx @cognite/dune deploy:interactive';
 
       if (isCurrentDir) {
         console.log(`
@@ -133,7 +134,7 @@ ${deployLabel}
   ${deployCommand}
 `);
       } else {
-        const appDir = dirName || appName || "your-app";
+        const appDir = dirName || appName || 'your-app';
         console.log(`
 ✅ App created successfully!
 
@@ -151,32 +152,32 @@ ${deployLabel}
 
       // Pull AI skills into the new app
       try {
-        const { runSkillsCli, defaultPullArgs } = await import("./skills-command.js");
+        const { runSkillsCli, defaultPullArgs } = await import('./skills-command.js');
         const skillsCwd = isCurrentDir ? process.cwd() : resolve(process.cwd(), dirName || appName);
-        console.log("🧠 Pulling Dune skills...");
+        console.log('🧠 Pulling Dune skills...');
         runSkillsCli(defaultPullArgs(), {
           cwd: skillsCwd,
           timeout: 30_000,
         });
-        console.log("✅ Skills installed successfully");
+        console.log('✅ Skills installed successfully');
       } catch (error) {
         // Skills pull failure should never block app creation
-        console.warn("⚠️  Could not pull Dune skills:", error.message);
+        console.warn('⚠️  Could not pull Dune skills:', error.message);
       }
     } catch (error) {
-      console.error("Error:", error.message);
+      console.error('Error:', error.message);
       process.exit(1);
     }
-  } else if (command === "deploy") {
-    const { handleDeploy } = await import("./deploy-command.js");
+  } else if (command === 'deploy') {
+    const { handleDeploy } = await import('./deploy-command.js');
     await handleDeploy(args.slice(1));
-  } else if (command === "deploy:interactive") {
-    const { handleDeployInteractive } = await import("./deploy-interactive-command.js");
+  } else if (command === 'deploy:interactive') {
+    const { handleDeployInteractive } = await import('./deploy-interactive-command.js');
     await handleDeployInteractive(args.slice(1));
-  } else if (command === "skills") {
-    const { handleSkillsCommand } = await import("./skills-command.js");
+  } else if (command === 'skills') {
+    const { handleSkillsCommand } = await import('./skills-command.js');
     handleSkillsCommand(args.slice(1));
-  } else if (command === "help" || command === "--help" || command === "-h") {
+  } else if (command === 'help' || command === '--help' || command === '-h') {
     console.log(`
 @cognite/dune - Build and deploy React apps to Cognite Data Fusion