@component-compass/cli 0.1.1 → 0.1.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/auth/browser.d.ts +13 -0
- package/dist/auth/browser.js +21 -0
- package/dist/auth/browser.js.map +1 -0
- package/dist/auth/client.d.ts +48 -0
- package/dist/auth/client.js +89 -0
- package/dist/auth/client.js.map +1 -0
- package/dist/auth/paths.d.ts +2 -0
- package/dist/auth/paths.js +14 -0
- package/dist/auth/paths.js.map +1 -0
- package/dist/auth/session.d.ts +38 -0
- package/dist/auth/session.js +88 -0
- package/dist/auth/session.js.map +1 -0
- package/dist/auth/store.d.ts +16 -0
- package/dist/auth/store.js +37 -0
- package/dist/auth/store.js.map +1 -0
- package/dist/auth/upload-auth.d.ts +19 -0
- package/dist/auth/upload-auth.js +34 -0
- package/dist/auth/upload-auth.js.map +1 -0
- package/dist/cli.js +13 -15
- package/dist/cli.js.map +1 -1
- package/dist/commands/auth.d.ts +26 -0
- package/dist/commands/auth.js +156 -0
- package/dist/commands/auth.js.map +1 -0
- package/dist/commands/db-import.js +12 -7
- package/dist/commands/db-import.js.map +1 -1
- package/dist/commands/scan.d.ts +0 -3
- package/dist/commands/scan.js +19 -38
- package/dist/commands/scan.js.map +1 -1
- package/dist/manifest/lazy-resolver.d.ts +0 -8
- package/dist/manifest/lazy-resolver.js +1 -31
- package/dist/manifest/lazy-resolver.js.map +1 -1
- package/dist/reporter/index.d.ts +9 -16
- package/dist/reporter/index.js +7 -11
- package/dist/reporter/index.js.map +1 -1
- package/dist/rollup.d.ts +1 -4
- package/dist/rollup.js.map +1 -1
- package/dist/seeds.d.ts +10 -13
- package/dist/seeds.js +9 -10
- package/dist/seeds.js.map +1 -1
- package/dist/upload.d.ts +0 -8
- package/dist/upload.js +0 -13
- package/dist/upload.js.map +1 -1
- package/dist/walker/resolve-import.d.ts +7 -0
- package/dist/walker/resolve-import.js +7 -2
- package/dist/walker/resolve-import.js.map +1 -1
- package/dist/walker/workspace-exports.d.ts +3 -0
- package/dist/walker/workspace-exports.js +56 -0
- package/dist/walker/workspace-exports.js.map +1 -0
- package/dist/workspace/types.d.ts +1 -0
- package/package.json +8 -10
- package/dist/manifest/derived-manifest-stub.d.ts +0 -18
- package/dist/manifest/derived-manifest-stub.js +0 -47
- package/dist/manifest/derived-manifest-stub.js.map +0 -1
|
@@ -0,0 +1,13 @@
|
|
|
1
|
+
type SpawnLike = (cmd: string, args: string[], opts: {
|
|
2
|
+
stdio: "ignore";
|
|
3
|
+
detached: boolean;
|
|
4
|
+
}) => {
|
|
5
|
+
on(event: "error", listener: () => void): unknown;
|
|
6
|
+
unref(): void;
|
|
7
|
+
};
|
|
8
|
+
/** Best-effort: open `url` in the user's browser. Never throws; returns whether spawn was attempted. */
|
|
9
|
+
export declare function openBrowser(url: string, deps?: {
|
|
10
|
+
platform?: NodeJS.Platform;
|
|
11
|
+
spawnFn?: SpawnLike;
|
|
12
|
+
}): boolean;
|
|
13
|
+
export {};
|
|
@@ -0,0 +1,21 @@
|
|
|
1
|
+
import { spawn } from "node:child_process";
|
|
2
|
+
/** Best-effort: open `url` in the user's browser. Never throws; returns whether spawn was attempted. */
|
|
3
|
+
export function openBrowser(url, deps = {}) {
|
|
4
|
+
const platform = deps.platform ?? process.platform;
|
|
5
|
+
const spawnFn = deps.spawnFn ?? spawn;
|
|
6
|
+
const [cmd, args] = platform === "darwin"
|
|
7
|
+
? ["open", [url]]
|
|
8
|
+
: platform === "win32"
|
|
9
|
+
? ["cmd", ["/c", "start", "", url]]
|
|
10
|
+
: ["xdg-open", [url]];
|
|
11
|
+
try {
|
|
12
|
+
const child = spawnFn(cmd, [...args], { stdio: "ignore", detached: true });
|
|
13
|
+
child.on("error", () => { });
|
|
14
|
+
child.unref();
|
|
15
|
+
return true;
|
|
16
|
+
}
|
|
17
|
+
catch {
|
|
18
|
+
return false;
|
|
19
|
+
}
|
|
20
|
+
}
|
|
21
|
+
//# sourceMappingURL=browser.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"browser.js","sourceRoot":"","sources":["../../src/auth/browser.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,EAAE,MAAM,oBAAoB,CAAC;AAQ3C,wGAAwG;AACxG,MAAM,UAAU,WAAW,CACzB,GAAW,EACX,OAA4D,EAAE;IAE9D,MAAM,QAAQ,GAAG,IAAI,CAAC,QAAQ,IAAI,OAAO,CAAC,QAAQ,CAAC;IACnD,MAAM,OAAO,GAAG,IAAI,CAAC,OAAO,IAAK,KAA8B,CAAC;IAChE,MAAM,CAAC,GAAG,EAAE,IAAI,CAAC,GACf,QAAQ,KAAK,QAAQ;QACnB,CAAC,CAAE,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAW;QAC5B,CAAC,CAAC,QAAQ,KAAK,OAAO;YACpB,CAAC,CAAE,CAAC,KAAK,EAAE,CAAC,IAAI,EAAE,OAAO,EAAE,EAAE,EAAE,GAAG,CAAC,CAAW;YAC9C,CAAC,CAAE,CAAC,UAAU,EAAE,CAAC,GAAG,CAAC,CAAW,CAAC;IACvC,IAAI,CAAC;QACH,MAAM,KAAK,GAAG,OAAO,CAAC,GAAG,EAAE,CAAC,GAAG,IAAI,CAAC,EAAE,EAAE,KAAK,EAAE,QAAQ,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAC;QAC3E,KAAK,CAAC,EAAE,CAAC,OAAO,EAAE,GAAG,EAAE,GAAE,CAAC,CAAC,CAAC;QAC5B,KAAK,CAAC,KAAK,EAAE,CAAC;QACd,OAAO,IAAI,CAAC;IACd,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAC;IACf,CAAC;AACH,CAAC"}
|
|
@@ -0,0 +1,48 @@
|
|
|
1
|
+
export type DeviceCodeResponse = {
|
|
2
|
+
deviceCode: string;
|
|
3
|
+
userCode: string;
|
|
4
|
+
verificationUri: string;
|
|
5
|
+
verificationUriComplete: string;
|
|
6
|
+
expiresIn: number;
|
|
7
|
+
interval: number;
|
|
8
|
+
};
|
|
9
|
+
export type TokenPair = {
|
|
10
|
+
accessToken: string;
|
|
11
|
+
refreshToken: string;
|
|
12
|
+
expiresIn: number;
|
|
13
|
+
/** Present on login (`token`), absent on `refresh`. */
|
|
14
|
+
email?: string;
|
|
15
|
+
};
|
|
16
|
+
export type PollResult = {
|
|
17
|
+
kind: "tokens";
|
|
18
|
+
tokens: TokenPair;
|
|
19
|
+
} | {
|
|
20
|
+
kind: "pending";
|
|
21
|
+
} | {
|
|
22
|
+
kind: "slow_down";
|
|
23
|
+
} | {
|
|
24
|
+
kind: "expired";
|
|
25
|
+
} | {
|
|
26
|
+
kind: "denied";
|
|
27
|
+
};
|
|
28
|
+
export type RefreshResult = {
|
|
29
|
+
kind: "tokens";
|
|
30
|
+
tokens: TokenPair;
|
|
31
|
+
} | {
|
|
32
|
+
kind: "terminal";
|
|
33
|
+
error: string;
|
|
34
|
+
} | {
|
|
35
|
+
kind: "transient";
|
|
36
|
+
error: string;
|
|
37
|
+
};
|
|
38
|
+
export declare class AuthHttpError extends Error {
|
|
39
|
+
status: number;
|
|
40
|
+
constructor(status: number, message: string);
|
|
41
|
+
}
|
|
42
|
+
export declare function requestDeviceCode(base: string): Promise<DeviceCodeResponse>;
|
|
43
|
+
export declare function pollToken(base: string, deviceCode: string): Promise<PollResult>;
|
|
44
|
+
export declare function refreshTokens(base: string, refreshToken: string): Promise<RefreshResult>;
|
|
45
|
+
export declare function whoami(base: string, accessToken: string): Promise<{
|
|
46
|
+
userId: string;
|
|
47
|
+
email: string | null;
|
|
48
|
+
} | null>;
|
|
@@ -0,0 +1,89 @@
|
|
|
1
|
+
export class AuthHttpError extends Error {
|
|
2
|
+
status;
|
|
3
|
+
constructor(status, message) {
|
|
4
|
+
super(message);
|
|
5
|
+
this.status = status;
|
|
6
|
+
}
|
|
7
|
+
}
|
|
8
|
+
function endpoint(base, path) {
|
|
9
|
+
return `${base.replace(/\/+$/, "")}${path}`;
|
|
10
|
+
}
|
|
11
|
+
async function readError(res) {
|
|
12
|
+
const body = (await res.json().catch(() => ({})));
|
|
13
|
+
return body.error ?? "unknown_error";
|
|
14
|
+
}
|
|
15
|
+
function toTokenPair(body) {
|
|
16
|
+
return {
|
|
17
|
+
accessToken: body.access_token,
|
|
18
|
+
refreshToken: body.refresh_token,
|
|
19
|
+
expiresIn: body.expires_in,
|
|
20
|
+
...(body.email !== undefined ? { email: body.email } : {}),
|
|
21
|
+
};
|
|
22
|
+
}
|
|
23
|
+
export async function requestDeviceCode(base) {
|
|
24
|
+
const res = await fetch(endpoint(base, "/api/auth/cli/device-code"), { method: "POST" });
|
|
25
|
+
if (!res.ok)
|
|
26
|
+
throw new AuthHttpError(res.status, `device-code failed: ${await readError(res)}`);
|
|
27
|
+
const b = (await res.json());
|
|
28
|
+
return {
|
|
29
|
+
deviceCode: b.device_code,
|
|
30
|
+
userCode: b.user_code,
|
|
31
|
+
verificationUri: b.verification_uri,
|
|
32
|
+
verificationUriComplete: b.verification_uri_complete,
|
|
33
|
+
expiresIn: b.expires_in,
|
|
34
|
+
interval: b.interval,
|
|
35
|
+
};
|
|
36
|
+
}
|
|
37
|
+
export async function pollToken(base, deviceCode) {
|
|
38
|
+
const res = await fetch(endpoint(base, "/api/auth/cli/token"), {
|
|
39
|
+
method: "POST",
|
|
40
|
+
headers: { "Content-Type": "application/json" },
|
|
41
|
+
body: JSON.stringify({ device_code: deviceCode }),
|
|
42
|
+
});
|
|
43
|
+
if (res.ok) {
|
|
44
|
+
return { kind: "tokens", tokens: toTokenPair((await res.json())) };
|
|
45
|
+
}
|
|
46
|
+
const error = await readError(res);
|
|
47
|
+
switch (error) {
|
|
48
|
+
case "authorization_pending":
|
|
49
|
+
return { kind: "pending" };
|
|
50
|
+
case "slow_down":
|
|
51
|
+
return { kind: "slow_down" };
|
|
52
|
+
case "expired_token":
|
|
53
|
+
return { kind: "expired" };
|
|
54
|
+
case "access_denied":
|
|
55
|
+
return { kind: "denied" };
|
|
56
|
+
default:
|
|
57
|
+
throw new AuthHttpError(res.status, `token poll failed: ${error}`);
|
|
58
|
+
}
|
|
59
|
+
}
|
|
60
|
+
export async function refreshTokens(base, refreshToken) {
|
|
61
|
+
let res;
|
|
62
|
+
try {
|
|
63
|
+
res = await fetch(endpoint(base, "/api/auth/cli/refresh"), {
|
|
64
|
+
method: "POST",
|
|
65
|
+
headers: { "Content-Type": "application/json" },
|
|
66
|
+
body: JSON.stringify({ refresh_token: refreshToken }),
|
|
67
|
+
});
|
|
68
|
+
}
|
|
69
|
+
catch (err) {
|
|
70
|
+
// Network/DNS failure — treat as transient so we never discard a session.
|
|
71
|
+
return { kind: "transient", error: err instanceof Error ? err.message : "network_error" };
|
|
72
|
+
}
|
|
73
|
+
if (res.ok)
|
|
74
|
+
return { kind: "tokens", tokens: toTokenPair((await res.json())) };
|
|
75
|
+
const error = await readError(res);
|
|
76
|
+
const terminal = res.status === 401 && ["invalid_token", "sso_revoked", "not_authorized"].includes(error);
|
|
77
|
+
return terminal ? { kind: "terminal", error } : { kind: "transient", error };
|
|
78
|
+
}
|
|
79
|
+
export async function whoami(base, accessToken) {
|
|
80
|
+
const res = await fetch(endpoint(base, "/api/auth/cli/whoami"), {
|
|
81
|
+
headers: { Authorization: `Bearer ${accessToken}` },
|
|
82
|
+
});
|
|
83
|
+
if (res.status === 401)
|
|
84
|
+
return null;
|
|
85
|
+
if (!res.ok)
|
|
86
|
+
throw new AuthHttpError(res.status, `whoami failed: ${await readError(res)}`);
|
|
87
|
+
return (await res.json());
|
|
88
|
+
}
|
|
89
|
+
//# sourceMappingURL=client.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"client.js","sourceRoot":"","sources":["../../src/auth/client.ts"],"names":[],"mappings":"AA6BA,MAAM,OAAO,aAAc,SAAQ,KAAK;IAE7B;IADT,YACS,MAAc,EACrB,OAAe;QAEf,KAAK,CAAC,OAAO,CAAC,CAAC;QAHR,WAAM,GAAN,MAAM,CAAQ;IAIvB,CAAC;CACF;AAED,SAAS,QAAQ,CAAC,IAAY,EAAE,IAAY;IAC1C,OAAO,GAAG,IAAI,CAAC,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC,GAAG,IAAI,EAAE,CAAC;AAC9C,CAAC;AAED,KAAK,UAAU,SAAS,CAAC,GAAa;IACpC,MAAM,IAAI,GAAG,CAAC,MAAM,GAAG,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC,CAAuB,CAAC;IACxE,OAAO,IAAI,CAAC,KAAK,IAAI,eAAe,CAAC;AACvC,CAAC;AAID,SAAS,WAAW,CAAC,IAAuB;IAC1C,OAAO;QACL,WAAW,EAAE,IAAI,CAAC,YAAY;QAC9B,YAAY,EAAE,IAAI,CAAC,aAAa;QAChC,SAAS,EAAE,IAAI,CAAC,UAAU;QAC1B,GAAG,CAAC,IAAI,CAAC,KAAK,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,KAAK,EAAE,IAAI,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;KAC3D,CAAC;AACJ,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,iBAAiB,CAAC,IAAY;IAClD,MAAM,GAAG,GAAG,MAAM,KAAK,CAAC,QAAQ,CAAC,IAAI,EAAE,2BAA2B,CAAC,EAAE,EAAE,MAAM,EAAE,MAAM,EAAE,CAAC,CAAC;IACzF,IAAI,CAAC,GAAG,CAAC,EAAE;QAAE,MAAM,IAAI,aAAa,CAAC,GAAG,CAAC,MAAM,EAAE,uBAAuB,MAAM,SAAS,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;IAChG,MAAM,CAAC,GAAG,CAAC,MAAM,GAAG,CAAC,IAAI,EAAE,CAO1B,CAAC;IACF,OAAO;QACL,UAAU,EAAE,CAAC,CAAC,WAAW;QACzB,QAAQ,EAAE,CAAC,CAAC,SAAS;QACrB,eAAe,EAAE,CAAC,CAAC,gBAAgB;QACnC,uBAAuB,EAAE,CAAC,CAAC,yBAAyB;QACpD,SAAS,EAAE,CAAC,CAAC,UAAU;QACvB,QAAQ,EAAE,CAAC,CAAC,QAAQ;KACrB,CAAC;AACJ,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,SAAS,CAAC,IAAY,EAAE,UAAkB;IAC9D,MAAM,GAAG,GAAG,MAAM,KAAK,CAAC,QAAQ,CAAC,IAAI,EAAE,qBAAqB,CAAC,EAAE;QAC7D,MAAM,EAAE,MAAM;QACd,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE;QAC/C,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,WAAW,EAAE,UAAU,EAAE,CAAC;KAClD,CAAC,CAAC;IACH,IAAI,GAAG,CAAC,EAAE,EAAE,CAAC;QACX,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,MAAM,EAAE,WAAW,CAAC,CAAC,MAAM,GAAG,CAAC,IAAI,EAAE,CAAsB,CAAC,EAAE,CAAC;IAC1F,CAAC;IACD,MAAM,KAAK,GAAG,MAAM,SAAS,CAAC,GAAG,CAAC,CAAC;IACnC,QAAQ,KAAK,EAAE,CAAC;QACd,KAAK,uBAAuB;YAC1B,OAAO,EAAE,IAAI,EAAE,SAAS,EAAE,CAAC;QAC7B,KAAK,WAAW;YACd,OAAO,EAAE,IAAI,EAAE,WAAW,EAAE,CAAC;QAC/B,KAAK,eAAe;YAClB,OAAO,EAAE,IAAI,EAAE,SAAS,EAAE,CAAC;QAC7B,KAAK,eAAe;YAClB,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,CAAC;QAC5B;YACE,MAAM,IAAI,aAAa,CAAC,GAAG,CAAC,MAAM,EAAE,sBAAsB,KAAK,EAAE,CAAC,CAAC;IACvE,CAAC;AACH,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,aAAa,CAAC,IAAY,EAAE,YAAoB;IACpE,IAAI,GAAa,CAAC;IAClB,IAAI,CAAC;QACH,GAAG,GAAG,MAAM,KAAK,CAAC,QAAQ,CAAC,IAAI,EAAE,uBAAuB,CAAC,EAAE;YACzD,MAAM,EAAE,MAAM;YACd,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE;YAC/C,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,aAAa,EAAE,YAAY,EAAE,CAAC;SACtD,CAAC,CAAC;IACL,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,0EAA0E;QAC1E,OAAO,EAAE,IAAI,EAAE,WAAW,EAAE,KAAK,EAAE,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe,EAAE,CAAC;IAC5F,CAAC;IACD,IAAI,GAAG,CAAC,EAAE;QAAE,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,MAAM,EAAE,WAAW,CAAC,CAAC,MAAM,GAAG,CAAC,IAAI,EAAE,CAAsB,CAAC,EAAE,CAAC;IACpG,MAAM,KAAK,GAAG,MAAM,SAAS,CAAC,GAAG,CAAC,CAAC;IACnC,MAAM,QAAQ,GAAG,GAAG,CAAC,MAAM,KAAK,GAAG,IAAI,CAAC,eAAe,EAAE,aAAa,EAAE,gBAAgB,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;IAC1G,OAAO,QAAQ,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE,UAAU,EAAE,KAAK,EAAE,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE,WAAW,EAAE,KAAK,EAAE,CAAC;AAC/E,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,MAAM,CAC1B,IAAY,EACZ,WAAmB;IAEnB,MAAM,GAAG,GAAG,MAAM,KAAK,CAAC,QAAQ,CAAC,IAAI,EAAE,sBAAsB,CAAC,EAAE;QAC9D,OAAO,EAAE,EAAE,aAAa,EAAE,UAAU,WAAW,EAAE,EAAE;KACpD,CAAC,CAAC;IACH,IAAI,GAAG,CAAC,MAAM,KAAK,GAAG;QAAE,OAAO,IAAI,CAAC;IACpC,IAAI,CAAC,GAAG,CAAC,EAAE;QAAE,MAAM,IAAI,aAAa,CAAC,GAAG,CAAC,MAAM,EAAE,kBAAkB,MAAM,SAAS,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;IAC3F,OAAO,CAAC,MAAM,GAAG,CAAC,IAAI,EAAE,CAA6C,CAAC;AACxE,CAAC"}
|
|
@@ -0,0 +1,14 @@
|
|
|
1
|
+
import { homedir } from "node:os";
|
|
2
|
+
import { join } from "node:path";
|
|
3
|
+
/** Directory holding the compass CLI config (XDG-aware). */
|
|
4
|
+
function configDir(env = process.env) {
|
|
5
|
+
// biome-ignore lint/complexity/useLiteralKeys: env access
|
|
6
|
+
const xdg = env["XDG_CONFIG_HOME"];
|
|
7
|
+
const base = xdg && xdg.trim() !== "" ? xdg : join(homedir(), ".config");
|
|
8
|
+
return join(base, "compass");
|
|
9
|
+
}
|
|
10
|
+
/** Absolute path to the hosts.json token store. */
|
|
11
|
+
export function hostsFilePath(env = process.env) {
|
|
12
|
+
return join(configDir(env), "hosts.json");
|
|
13
|
+
}
|
|
14
|
+
//# sourceMappingURL=paths.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"paths.js","sourceRoot":"","sources":["../../src/auth/paths.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,SAAS,CAAC;AAClC,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;AAEjC,4DAA4D;AAC5D,SAAS,SAAS,CAAC,MAAyB,OAAO,CAAC,GAAG;IACrD,0DAA0D;IAC1D,MAAM,GAAG,GAAG,GAAG,CAAC,iBAAiB,CAAC,CAAC;IACnC,MAAM,IAAI,GAAG,GAAG,IAAI,GAAG,CAAC,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,EAAE,EAAE,SAAS,CAAC,CAAC;IACzE,OAAO,IAAI,CAAC,IAAI,EAAE,SAAS,CAAC,CAAC;AAC/B,CAAC;AAED,mDAAmD;AACnD,MAAM,UAAU,aAAa,CAAC,MAAyB,OAAO,CAAC,GAAG;IAChE,OAAO,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,EAAE,YAAY,CAAC,CAAC;AAC5C,CAAC"}
|
|
@@ -0,0 +1,38 @@
|
|
|
1
|
+
import { type Store } from "./store.js";
|
|
2
|
+
export declare class NotSignedInError extends Error {
|
|
3
|
+
host: string;
|
|
4
|
+
constructor(host: string);
|
|
5
|
+
}
|
|
6
|
+
export declare class ReloginRequiredError extends Error {
|
|
7
|
+
host: string;
|
|
8
|
+
constructor(host: string);
|
|
9
|
+
}
|
|
10
|
+
export declare class IdpUnavailableError extends Error {
|
|
11
|
+
host: string;
|
|
12
|
+
reason: string;
|
|
13
|
+
constructor(host: string, reason: string);
|
|
14
|
+
}
|
|
15
|
+
/** Host precedence: flag → repo config → COMPASS_HOST → stored default. Returns a normalized base URL. */
|
|
16
|
+
export declare function resolveHost(opts: {
|
|
17
|
+
flagHost?: string;
|
|
18
|
+
configHost?: string;
|
|
19
|
+
env?: NodeJS.ProcessEnv;
|
|
20
|
+
store: Store;
|
|
21
|
+
}): string;
|
|
22
|
+
/**
|
|
23
|
+
* Return a valid access token for `host`, silently refreshing when near expiry
|
|
24
|
+
* (or when `force` is set). Persists the rotated pair. Throws:
|
|
25
|
+
* - NotSignedInError — no stored entry
|
|
26
|
+
* - ReloginRequiredError — terminal refresh failure (tokens cleared)
|
|
27
|
+
* - IdpUnavailableError — transient refresh failure (tokens kept)
|
|
28
|
+
*/
|
|
29
|
+
export declare function getAccessToken(host: string, deps?: {
|
|
30
|
+
force?: boolean;
|
|
31
|
+
now?: () => number;
|
|
32
|
+
filePath?: string;
|
|
33
|
+
}): Promise<{
|
|
34
|
+
accessToken: string;
|
|
35
|
+
userEmail: string;
|
|
36
|
+
}>;
|
|
37
|
+
/** Map an auth error to friendly copy, or null if it is not an auth error. */
|
|
38
|
+
export declare function formatAuthError(err: unknown): string | null;
|
|
@@ -0,0 +1,88 @@
|
|
|
1
|
+
import { loadStore, saveStore, normalizeHost } from "./store.js";
|
|
2
|
+
import { refreshTokens } from "./client.js";
|
|
3
|
+
/** Refresh this many ms before the recorded expiry. */
|
|
4
|
+
const EXPIRY_SKEW_MS = 60_000;
|
|
5
|
+
export class NotSignedInError extends Error {
|
|
6
|
+
host;
|
|
7
|
+
constructor(host) {
|
|
8
|
+
super(`Not signed in to ${host}. Run \`compass auth login --host ${host}\`.`);
|
|
9
|
+
this.host = host;
|
|
10
|
+
}
|
|
11
|
+
}
|
|
12
|
+
export class ReloginRequiredError extends Error {
|
|
13
|
+
host;
|
|
14
|
+
constructor(host) {
|
|
15
|
+
super(`Session for ${host} expired or was revoked. Run \`compass auth login --host ${host}\`.`);
|
|
16
|
+
this.host = host;
|
|
17
|
+
}
|
|
18
|
+
}
|
|
19
|
+
export class IdpUnavailableError extends Error {
|
|
20
|
+
host;
|
|
21
|
+
reason;
|
|
22
|
+
constructor(host, reason) {
|
|
23
|
+
super(`Could not reach the identity provider to refresh credentials for ${host} (${reason}). Check your network and retry.`);
|
|
24
|
+
this.host = host;
|
|
25
|
+
this.reason = reason;
|
|
26
|
+
}
|
|
27
|
+
}
|
|
28
|
+
/** Host precedence: flag → repo config → COMPASS_HOST → stored default. Returns a normalized base URL. */
|
|
29
|
+
export function resolveHost(opts) {
|
|
30
|
+
const env = opts.env ?? process.env;
|
|
31
|
+
// biome-ignore lint/complexity/useLiteralKeys: env access
|
|
32
|
+
const raw = opts.flagHost ?? opts.configHost ?? env["COMPASS_HOST"] ?? opts.store.default;
|
|
33
|
+
if (!raw) {
|
|
34
|
+
throw new Error("No upload host configured. Pass --host, set COMPASS_HOST, add `host` to component-compass.config.json, or run `compass auth login --host <url>`.");
|
|
35
|
+
}
|
|
36
|
+
return normalizeHost(raw);
|
|
37
|
+
}
|
|
38
|
+
/**
|
|
39
|
+
* Return a valid access token for `host`, silently refreshing when near expiry
|
|
40
|
+
* (or when `force` is set). Persists the rotated pair. Throws:
|
|
41
|
+
* - NotSignedInError — no stored entry
|
|
42
|
+
* - ReloginRequiredError — terminal refresh failure (tokens cleared)
|
|
43
|
+
* - IdpUnavailableError — transient refresh failure (tokens kept)
|
|
44
|
+
*/
|
|
45
|
+
export async function getAccessToken(host, deps = {}) {
|
|
46
|
+
const now = deps.now ?? Date.now;
|
|
47
|
+
const base = normalizeHost(host);
|
|
48
|
+
const store = await loadStore(deps.filePath);
|
|
49
|
+
const entry = store.hosts[base];
|
|
50
|
+
if (!entry)
|
|
51
|
+
throw new NotSignedInError(base);
|
|
52
|
+
const stillValid = Date.parse(entry.expiresAt) - now() > EXPIRY_SKEW_MS;
|
|
53
|
+
if (stillValid && !deps.force) {
|
|
54
|
+
return { accessToken: entry.accessToken, userEmail: entry.userEmail };
|
|
55
|
+
}
|
|
56
|
+
const result = await refreshTokens(base, entry.refreshToken);
|
|
57
|
+
if (result.kind === "tokens") {
|
|
58
|
+
const updated = {
|
|
59
|
+
accessToken: result.tokens.accessToken,
|
|
60
|
+
refreshToken: result.tokens.refreshToken,
|
|
61
|
+
userEmail: result.tokens.email ?? entry.userEmail,
|
|
62
|
+
expiresAt: new Date(now() + result.tokens.expiresIn * 1000).toISOString(),
|
|
63
|
+
};
|
|
64
|
+
store.hosts[base] = updated;
|
|
65
|
+
await saveStore(store, deps.filePath);
|
|
66
|
+
return { accessToken: updated.accessToken, userEmail: updated.userEmail };
|
|
67
|
+
}
|
|
68
|
+
if (result.kind === "terminal") {
|
|
69
|
+
const { [base]: _removed, ...remainingHosts } = store.hosts;
|
|
70
|
+
const cleared = {
|
|
71
|
+
hosts: remainingHosts,
|
|
72
|
+
...(store.default && store.default !== base ? { default: store.default } : {}),
|
|
73
|
+
};
|
|
74
|
+
await saveStore(cleared, deps.filePath);
|
|
75
|
+
throw new ReloginRequiredError(base);
|
|
76
|
+
}
|
|
77
|
+
throw new IdpUnavailableError(base, result.error);
|
|
78
|
+
}
|
|
79
|
+
/** Map an auth error to friendly copy, or null if it is not an auth error. */
|
|
80
|
+
export function formatAuthError(err) {
|
|
81
|
+
if (err instanceof NotSignedInError ||
|
|
82
|
+
err instanceof ReloginRequiredError ||
|
|
83
|
+
err instanceof IdpUnavailableError) {
|
|
84
|
+
return err.message;
|
|
85
|
+
}
|
|
86
|
+
return null;
|
|
87
|
+
}
|
|
88
|
+
//# sourceMappingURL=session.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"session.js","sourceRoot":"","sources":["../../src/auth/session.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,SAAS,EAAE,aAAa,EAA8B,MAAM,YAAY,CAAC;AAC7F,OAAO,EAAE,aAAa,EAAE,MAAM,aAAa,CAAC;AAE5C,uDAAuD;AACvD,MAAM,cAAc,GAAG,MAAM,CAAC;AAE9B,MAAM,OAAO,gBAAiB,SAAQ,KAAK;IACtB;IAAnB,YAAmB,IAAY;QAC7B,KAAK,CAAC,oBAAoB,IAAI,qCAAqC,IAAI,KAAK,CAAC,CAAC;QAD7D,SAAI,GAAJ,IAAI,CAAQ;IAE/B,CAAC;CACF;AACD,MAAM,OAAO,oBAAqB,SAAQ,KAAK;IAC1B;IAAnB,YAAmB,IAAY;QAC7B,KAAK,CAAC,eAAe,IAAI,4DAA4D,IAAI,KAAK,CAAC,CAAC;QAD/E,SAAI,GAAJ,IAAI,CAAQ;IAE/B,CAAC;CACF;AACD,MAAM,OAAO,mBAAoB,SAAQ,KAAK;IAEnC;IACA;IAFT,YACS,IAAY,EACZ,MAAc;QAErB,KAAK,CAAC,oEAAoE,IAAI,KAAK,MAAM,kCAAkC,CAAC,CAAC;QAHtH,SAAI,GAAJ,IAAI,CAAQ;QACZ,WAAM,GAAN,MAAM,CAAQ;IAGvB,CAAC;CACF;AAED,0GAA0G;AAC1G,MAAM,UAAU,WAAW,CAAC,IAK3B;IACC,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,IAAI,OAAO,CAAC,GAAG,CAAC;IACpC,0DAA0D;IAC1D,MAAM,GAAG,GAAG,IAAI,CAAC,QAAQ,IAAI,IAAI,CAAC,UAAU,IAAI,GAAG,CAAC,cAAc,CAAC,IAAI,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC;IAC1F,IAAI,CAAC,GAAG,EAAE,CAAC;QACT,MAAM,IAAI,KAAK,CACb,kJAAkJ,CACnJ,CAAC;IACJ,CAAC;IACD,OAAO,aAAa,CAAC,GAAG,CAAC,CAAC;AAC5B,CAAC;AAED;;;;;;GAMG;AACH,MAAM,CAAC,KAAK,UAAU,cAAc,CAClC,IAAY,EACZ,OAAmE,EAAE;IAErE,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,IAAI,IAAI,CAAC,GAAG,CAAC;IACjC,MAAM,IAAI,GAAG,aAAa,CAAC,IAAI,CAAC,CAAC;IACjC,MAAM,KAAK,GAAG,MAAM,SAAS,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;IAC7C,MAAM,KAAK,GAAG,KAAK,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAChC,IAAI,CAAC,KAAK;QAAE,MAAM,IAAI,gBAAgB,CAAC,IAAI,CAAC,CAAC;IAE7C,MAAM,UAAU,GAAG,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,SAAS,CAAC,GAAG,GAAG,EAAE,GAAG,cAAc,CAAC;IACxE,IAAI,UAAU,IAAI,CAAC,IAAI,CAAC,KAAK,EAAE,CAAC;QAC9B,OAAO,EAAE,WAAW,EAAE,KAAK,CAAC,WAAW,EAAE,SAAS,EAAE,KAAK,CAAC,SAAS,EAAE,CAAC;IACxE,CAAC;IAED,MAAM,MAAM,GAAG,MAAM,aAAa,CAAC,IAAI,EAAE,KAAK,CAAC,YAAY,CAAC,CAAC;IAC7D,IAAI,MAAM,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;QAC7B,MAAM,OAAO,GAAc;YACzB,WAAW,EAAE,MAAM,CAAC,MAAM,CAAC,WAAW;YACtC,YAAY,EAAE,MAAM,CAAC,MAAM,CAAC,YAAY;YACxC,SAAS,EAAE,MAAM,CAAC,MAAM,CAAC,KAAK,IAAI,KAAK,CAAC,SAAS;YACjD,SAAS,EAAE,IAAI,IAAI,CAAC,GAAG,EAAE,GAAG,MAAM,CAAC,MAAM,CAAC,SAAS,GAAG,IAAI,CAAC,CAAC,WAAW,EAAE;SAC1E,CAAC;QACF,KAAK,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,OAAO,CAAC;QAC5B,MAAM,SAAS,CAAC,KAAK,EAAE,IAAI,CAAC,QAAQ,CAAC,CAAC;QACtC,OAAO,EAAE,WAAW,EAAE,OAAO,CAAC,WAAW,EAAE,SAAS,EAAE,OAAO,CAAC,SAAS,EAAE,CAAC;IAC5E,CAAC;IAED,IAAI,MAAM,CAAC,IAAI,KAAK,UAAU,EAAE,CAAC;QAC/B,MAAM,EAAE,CAAC,IAAI,CAAC,EAAE,QAAQ,EAAE,GAAG,cAAc,EAAE,GAAG,KAAK,CAAC,KAAK,CAAC;QAC5D,MAAM,OAAO,GAAU;YACrB,KAAK,EAAE,cAAc;YACrB,GAAG,CAAC,KAAK,CAAC,OAAO,IAAI,KAAK,CAAC,OAAO,KAAK,IAAI,CAAC,CAAC,CAAC,EAAE,OAAO,EAAE,KAAK,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;SAC/E,CAAC;QACF,MAAM,SAAS,CAAC,OAAO,EAAE,IAAI,CAAC,QAAQ,CAAC,CAAC;QACxC,MAAM,IAAI,oBAAoB,CAAC,IAAI,CAAC,CAAC;IACvC,CAAC;IAED,MAAM,IAAI,mBAAmB,CAAC,IAAI,EAAE,MAAM,CAAC,KAAK,CAAC,CAAC;AACpD,CAAC;AAED,8EAA8E;AAC9E,MAAM,UAAU,eAAe,CAAC,GAAY;IAC1C,IACE,GAAG,YAAY,gBAAgB;QAC/B,GAAG,YAAY,oBAAoB;QACnC,GAAG,YAAY,mBAAmB,EAClC,CAAC;QACD,OAAO,GAAG,CAAC,OAAO,CAAC;IACrB,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC"}
|
|
@@ -0,0 +1,16 @@
|
|
|
1
|
+
export type HostEntry = {
|
|
2
|
+
accessToken: string;
|
|
3
|
+
refreshToken: string;
|
|
4
|
+
userEmail: string;
|
|
5
|
+
/** ISO 8601 access-token expiry. */
|
|
6
|
+
expiresAt: string;
|
|
7
|
+
};
|
|
8
|
+
export type Store = {
|
|
9
|
+
/** Normalized base URL of the default host, if any. */
|
|
10
|
+
default?: string;
|
|
11
|
+
hosts: Record<string, HostEntry>;
|
|
12
|
+
};
|
|
13
|
+
/** Canonical base URL: prepend https:// when no scheme, strip trailing slashes. */
|
|
14
|
+
export declare function normalizeHost(input: string): string;
|
|
15
|
+
export declare function loadStore(filePath?: string): Promise<Store>;
|
|
16
|
+
export declare function saveStore(store: Store, filePath?: string): Promise<void>;
|
|
@@ -0,0 +1,37 @@
|
|
|
1
|
+
import { mkdir, readFile, writeFile, chmod } from "node:fs/promises";
|
|
2
|
+
import { dirname } from "node:path";
|
|
3
|
+
import { hostsFilePath } from "./paths.js";
|
|
4
|
+
/** Canonical base URL: prepend https:// when no scheme, strip trailing slashes. */
|
|
5
|
+
export function normalizeHost(input) {
|
|
6
|
+
const trimmed = input.trim();
|
|
7
|
+
if (trimmed === "")
|
|
8
|
+
throw new Error("Host must not be empty.");
|
|
9
|
+
const withScheme = /^[a-z][a-z0-9+.-]*:\/\//i.test(trimmed) ? trimmed : `https://${trimmed}`;
|
|
10
|
+
return withScheme.replace(/\/+$/, "");
|
|
11
|
+
}
|
|
12
|
+
export async function loadStore(filePath = hostsFilePath()) {
|
|
13
|
+
let raw;
|
|
14
|
+
try {
|
|
15
|
+
raw = await readFile(filePath, "utf8");
|
|
16
|
+
}
|
|
17
|
+
catch (err) {
|
|
18
|
+
if (err.code === "ENOENT")
|
|
19
|
+
return { hosts: {} };
|
|
20
|
+
throw err;
|
|
21
|
+
}
|
|
22
|
+
let parsed;
|
|
23
|
+
try {
|
|
24
|
+
parsed = JSON.parse(raw);
|
|
25
|
+
}
|
|
26
|
+
catch {
|
|
27
|
+
throw new Error(`Token store at ${filePath} contains invalid JSON. Delete it and run \`compass auth login\` again.`);
|
|
28
|
+
}
|
|
29
|
+
return { ...(parsed.default ? { default: parsed.default } : {}), hosts: parsed.hosts ?? {} };
|
|
30
|
+
}
|
|
31
|
+
export async function saveStore(store, filePath = hostsFilePath()) {
|
|
32
|
+
await mkdir(dirname(filePath), { recursive: true, mode: 0o700 });
|
|
33
|
+
await writeFile(filePath, `${JSON.stringify(store, null, 2)}\n`, { mode: 0o600 });
|
|
34
|
+
// writeFile's mode is ignored when the file already exists; force it.
|
|
35
|
+
await chmod(filePath, 0o600);
|
|
36
|
+
}
|
|
37
|
+
//# sourceMappingURL=store.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"store.js","sourceRoot":"","sources":["../../src/auth/store.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,EAAE,QAAQ,EAAE,SAAS,EAAE,KAAK,EAAE,MAAM,kBAAkB,CAAC;AACrE,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AACpC,OAAO,EAAE,aAAa,EAAE,MAAM,YAAY,CAAC;AAgB3C,mFAAmF;AACnF,MAAM,UAAU,aAAa,CAAC,KAAa;IACzC,MAAM,OAAO,GAAG,KAAK,CAAC,IAAI,EAAE,CAAC;IAC7B,IAAI,OAAO,KAAK,EAAE;QAAE,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAC;IAC/D,MAAM,UAAU,GAAG,0BAA0B,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,WAAW,OAAO,EAAE,CAAC;IAC7F,OAAO,UAAU,CAAC,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC;AACxC,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,SAAS,CAAC,QAAQ,GAAG,aAAa,EAAE;IACxD,IAAI,GAAW,CAAC;IAChB,IAAI,CAAC;QACH,GAAG,GAAG,MAAM,QAAQ,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAC;IACzC,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,IAAK,GAA6B,CAAC,IAAI,KAAK,QAAQ;YAAE,OAAO,EAAE,KAAK,EAAE,EAAE,EAAE,CAAC;QAC3E,MAAM,GAAG,CAAC;IACZ,CAAC;IACD,IAAI,MAAsB,CAAC;IAC3B,IAAI,CAAC;QACH,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAmB,CAAC;IAC7C,CAAC;IAAC,MAAM,CAAC;QACP,MAAM,IAAI,KAAK,CAAC,kBAAkB,QAAQ,yEAAyE,CAAC,CAAC;IACvH,CAAC;IACD,OAAO,EAAE,GAAG,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,OAAO,EAAE,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,KAAK,EAAE,MAAM,CAAC,KAAK,IAAI,EAAE,EAAE,CAAC;AAC/F,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,SAAS,CAAC,KAAY,EAAE,QAAQ,GAAG,aAAa,EAAE;IACtE,MAAM,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC;IACjE,MAAM,SAAS,CAAC,QAAQ,EAAE,GAAG,IAAI,CAAC,SAAS,CAAC,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC;IAClF,sEAAsE;IACtE,MAAM,KAAK,CAAC,QAAQ,EAAE,KAAK,CAAC,CAAC;AAC/B,CAAC"}
|
|
@@ -0,0 +1,19 @@
|
|
|
1
|
+
import { type UploadResult } from "../upload.js";
|
|
2
|
+
export type AuthedUploader = {
|
|
3
|
+
/** Normalized base URL uploads are sent to. */
|
|
4
|
+
base: string;
|
|
5
|
+
/** Upload one artifact, refreshing + retrying once on a 401. */
|
|
6
|
+
upload: (artifactJson: string) => Promise<UploadResult>;
|
|
7
|
+
};
|
|
8
|
+
/**
|
|
9
|
+
* Resolve the host from precedence, obtain an access token (silent refresh if
|
|
10
|
+
* stale), and return an uploader that injects the token and retries once on 401.
|
|
11
|
+
* Throws NotSignedInError / ReloginRequiredError / IdpUnavailableError up front.
|
|
12
|
+
*/
|
|
13
|
+
export declare function createAuthedUploader(opts: {
|
|
14
|
+
flagHost?: string;
|
|
15
|
+
configHost?: string;
|
|
16
|
+
store?: {
|
|
17
|
+
filePath?: string;
|
|
18
|
+
};
|
|
19
|
+
}): Promise<AuthedUploader>;
|
|
@@ -0,0 +1,34 @@
|
|
|
1
|
+
import { loadStore } from "./store.js";
|
|
2
|
+
import { resolveHost, getAccessToken } from "./session.js";
|
|
3
|
+
import { uploadArtifact, UploadError } from "../upload.js";
|
|
4
|
+
/**
|
|
5
|
+
* Resolve the host from precedence, obtain an access token (silent refresh if
|
|
6
|
+
* stale), and return an uploader that injects the token and retries once on 401.
|
|
7
|
+
* Throws NotSignedInError / ReloginRequiredError / IdpUnavailableError up front.
|
|
8
|
+
*/
|
|
9
|
+
export async function createAuthedUploader(opts) {
|
|
10
|
+
const filePath = opts.store?.filePath;
|
|
11
|
+
const store = await loadStore(filePath);
|
|
12
|
+
const base = resolveHost({
|
|
13
|
+
...(opts.flagHost !== undefined ? { flagHost: opts.flagHost } : {}),
|
|
14
|
+
...(opts.configHost !== undefined ? { configHost: opts.configHost } : {}),
|
|
15
|
+
store,
|
|
16
|
+
});
|
|
17
|
+
let token = (await getAccessToken(base, filePath !== undefined ? { filePath } : {})).accessToken;
|
|
18
|
+
return {
|
|
19
|
+
base,
|
|
20
|
+
async upload(artifactJson) {
|
|
21
|
+
try {
|
|
22
|
+
return await uploadArtifact({ host: base, token, artifactJson });
|
|
23
|
+
}
|
|
24
|
+
catch (err) {
|
|
25
|
+
if (err instanceof UploadError && err.code === 401) {
|
|
26
|
+
token = (await getAccessToken(base, { force: true, ...(filePath !== undefined ? { filePath } : {}) })).accessToken;
|
|
27
|
+
return await uploadArtifact({ host: base, token, artifactJson });
|
|
28
|
+
}
|
|
29
|
+
throw err;
|
|
30
|
+
}
|
|
31
|
+
},
|
|
32
|
+
};
|
|
33
|
+
}
|
|
34
|
+
//# sourceMappingURL=upload-auth.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"upload-auth.js","sourceRoot":"","sources":["../../src/auth/upload-auth.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,MAAM,YAAY,CAAC;AACvC,OAAO,EAAE,WAAW,EAAE,cAAc,EAAE,MAAM,cAAc,CAAC;AAC3D,OAAO,EAAE,cAAc,EAAE,WAAW,EAAqB,MAAM,cAAc,CAAC;AAS9E;;;;GAIG;AACH,MAAM,CAAC,KAAK,UAAU,oBAAoB,CAAC,IAI1C;IACC,MAAM,QAAQ,GAAG,IAAI,CAAC,KAAK,EAAE,QAAQ,CAAC;IACtC,MAAM,KAAK,GAAG,MAAM,SAAS,CAAC,QAAQ,CAAC,CAAC;IAExC,MAAM,IAAI,GAAG,WAAW,CAAC;QACvB,GAAG,CAAC,IAAI,CAAC,QAAQ,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,QAAQ,EAAE,IAAI,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QACnE,GAAG,CAAC,IAAI,CAAC,UAAU,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,UAAU,EAAE,IAAI,CAAC,UAAU,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QACzE,KAAK;KACN,CAAC,CAAC;IACH,IAAI,KAAK,GAAG,CAAC,MAAM,cAAc,CAAC,IAAI,EAAE,QAAQ,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,QAAQ,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,WAAW,CAAC;IAEjG,OAAO;QACL,IAAI;QACJ,KAAK,CAAC,MAAM,CAAC,YAAoB;YAC/B,IAAI,CAAC;gBACH,OAAO,MAAM,cAAc,CAAC,EAAE,IAAI,EAAE,IAAI,EAAE,KAAK,EAAE,YAAY,EAAE,CAAC,CAAC;YACnE,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,IAAI,GAAG,YAAY,WAAW,IAAI,GAAG,CAAC,IAAI,KAAK,GAAG,EAAE,CAAC;oBACnD,KAAK,GAAG,CAAC,MAAM,cAAc,CAAC,IAAI,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,GAAG,CAAC,QAAQ,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,QAAQ,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC,WAAW,CAAC;oBACnH,OAAO,MAAM,cAAc,CAAC,EAAE,IAAI,EAAE,IAAI,EAAE,KAAK,EAAE,YAAY,EAAE,CAAC,CAAC;gBACnE,CAAC;gBACD,MAAM,GAAG,CAAC;YACZ,CAAC;QACH,CAAC;KACF,CAAC;AACJ,CAAC"}
|
package/dist/cli.js
CHANGED
|
@@ -9,6 +9,7 @@ const HELP = `component-compass <command> [options]
|
|
|
9
9
|
Commands:
|
|
10
10
|
scan Scan repo and write component-compass.json
|
|
11
11
|
init Scaffold component-compass.config.json
|
|
12
|
+
auth Sign in / out of a Component Compass host (login | logout | status)
|
|
12
13
|
db import Backfill ~/.cc-artifacts/ (or <dir>) into a deployed host
|
|
13
14
|
|
|
14
15
|
Scan options:
|
|
@@ -17,11 +18,14 @@ Scan options:
|
|
|
17
18
|
--capture-values Force capture literal prop values
|
|
18
19
|
--quiet Suppress STDOUT summary
|
|
19
20
|
--json Print JSON to stdout (implies --quiet)
|
|
20
|
-
--fail-on <metric> CI gate (e.g. deprecated-usage)
|
|
21
|
-
--strict Exit non-zero if any warning-severity diagnostics fire
|
|
22
21
|
--repo-id <value> Override repo identifier in the artifact (else env COMPONENT_COMPASS_REPO_ID, git remote, package.json name, or cwd hash)
|
|
23
22
|
--upload Also POST the scan to the configured host
|
|
24
|
-
--host <url> Override host URL (else
|
|
23
|
+
--host <url> Override host URL (else COMPASS_HOST env, else config.host)
|
|
24
|
+
|
|
25
|
+
Auth:
|
|
26
|
+
auth login [--host URL] Device-flow browser login; stores tokens in ~/.config/compass/hosts.json
|
|
27
|
+
auth logout [--host URL] Remove stored tokens for a host
|
|
28
|
+
auth status [--host URL] Show the signed-in identity
|
|
25
29
|
|
|
26
30
|
Other:
|
|
27
31
|
--help, -h
|
|
@@ -47,22 +51,19 @@ async function main(argv) {
|
|
|
47
51
|
const scanOpts = {
|
|
48
52
|
configPath: flags.config ?? "./component-compass.config.json",
|
|
49
53
|
quiet: Boolean(flags.quiet || flags.json),
|
|
50
|
-
strict: Boolean(flags.strict),
|
|
51
54
|
};
|
|
52
55
|
if (flags.output)
|
|
53
56
|
scanOpts.outputOverride = flags.output;
|
|
54
57
|
if (flags.captureValues)
|
|
55
58
|
scanOpts.captureValuesOverride = true;
|
|
56
|
-
if (flags.failOn)
|
|
57
|
-
scanOpts.failOn = flags.failOn;
|
|
58
59
|
if (flags.repoId)
|
|
59
60
|
scanOpts.repoId = flags.repoId;
|
|
60
61
|
if (flags.upload)
|
|
61
62
|
scanOpts.upload = true;
|
|
62
63
|
if (flags.host)
|
|
63
64
|
scanOpts.hostOverride = flags.host;
|
|
64
|
-
const
|
|
65
|
-
return
|
|
65
|
+
const result = await runScan(scanOpts);
|
|
66
|
+
return result.output === null ? 2 : 0;
|
|
66
67
|
}
|
|
67
68
|
if (cmd === "init") {
|
|
68
69
|
try {
|
|
@@ -74,6 +75,10 @@ async function main(argv) {
|
|
|
74
75
|
return 1;
|
|
75
76
|
}
|
|
76
77
|
}
|
|
78
|
+
if (cmd === "auth") {
|
|
79
|
+
const { runAuth } = await import("./commands/auth.js");
|
|
80
|
+
return runAuth(rest);
|
|
81
|
+
}
|
|
77
82
|
if (cmd === "db") {
|
|
78
83
|
const [sub, ...subRest] = rest;
|
|
79
84
|
if (sub === "import") {
|
|
@@ -114,13 +119,6 @@ function parseFlags(args) {
|
|
|
114
119
|
out.quiet = true;
|
|
115
120
|
else if (a === "--json")
|
|
116
121
|
out.json = true;
|
|
117
|
-
else if (a === "--strict")
|
|
118
|
-
out.strict = true;
|
|
119
|
-
else if (a === "--fail-on") {
|
|
120
|
-
const next = args[++i];
|
|
121
|
-
if (next)
|
|
122
|
-
out.failOn = next;
|
|
123
|
-
}
|
|
124
122
|
else if (a === "--repo-id") {
|
|
125
123
|
const next = args[++i];
|
|
126
124
|
if (next)
|
package/dist/cli.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"cli.js","sourceRoot":"","sources":["../src/cli.ts"],"names":[],"mappings":";AACA,OAAO,EAAE,OAAO,EAAE,MAAM,oBAAoB,CAAC;AAC7C,OAAO,EAAE,OAAO,EAAE,MAAM,oBAAoB,CAAC;AAC7C,OAAO,EAAE,MAAM,EAAE,MAAM,eAAe,CAAC;AACvC,OAAO,EAAE,UAAU,EAAE,MAAM,8BAA8B,CAAC;AAG1D,MAAM,OAAO,GAAG,OAAO,CAAC;AAExB,MAAM,IAAI,GAAG
|
|
1
|
+
{"version":3,"file":"cli.js","sourceRoot":"","sources":["../src/cli.ts"],"names":[],"mappings":";AACA,OAAO,EAAE,OAAO,EAAE,MAAM,oBAAoB,CAAC;AAC7C,OAAO,EAAE,OAAO,EAAE,MAAM,oBAAoB,CAAC;AAC7C,OAAO,EAAE,MAAM,EAAE,MAAM,eAAe,CAAC;AACvC,OAAO,EAAE,UAAU,EAAE,MAAM,8BAA8B,CAAC;AAG1D,MAAM,OAAO,GAAG,OAAO,CAAC;AAExB,MAAM,IAAI,GAAG;;;;;;;;;;;;;;;;;;;;;;;;;;CA0BZ,CAAC;AAEF,KAAK,UAAU,IAAI,CAAC,IAAc;IAChC,MAAM,GAAG,GAAG,IAAI,MAAM,CAAC,KAAK,CAAC,CAAC;IAC9B,IAAI,IAAI,CAAC,QAAQ,CAAC,WAAW,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;QACtD,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,GAAG,OAAO,IAAI,CAAC,CAAC;QACrC,OAAO,CAAC,CAAC;IACX,CAAC;IACD,IAAI,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;QACnD,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QAC3B,OAAO,CAAC,CAAC;IACX,CAAC;IAED,MAAM,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,GAAG,IAAI,CAAC;IAC5B,IAAI,CAAC,GAAG,EAAE,CAAC;QACT,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QAC3B,OAAO,CAAC,CAAC;IACX,CAAC;IAED,IAAI,GAAG,KAAK,MAAM,EAAE,CAAC;QACnB,MAAM,KAAK,GAAG,UAAU,CAAC,IAAI,CAAC,CAAC;QAC/B,MAAM,QAAQ,GAAgB;YAC5B,UAAU,EAAE,KAAK,CAAC,MAAM,IAAI,iCAAiC;YAC7D,KAAK,EAAE,OAAO,CAAC,KAAK,CAAC,KAAK,IAAI,KAAK,CAAC,IAAI,CAAC;SAC1C,CAAC;QACF,IAAI,KAAK,CAAC,MAAM;YAAE,QAAQ,CAAC,cAAc,GAAG,KAAK,CAAC,MAAM,CAAC;QACzD,IAAI,KAAK,CAAC,aAAa;YAAE,QAAQ,CAAC,qBAAqB,GAAG,IAAI,CAAC;QAC/D,IAAI,KAAK,CAAC,MAAM;YAAE,QAAQ,CAAC,MAAM,GAAG,KAAK,CAAC,MAAM,CAAC;QACjD,IAAI,KAAK,CAAC,MAAM;YAAE,QAAQ,CAAC,MAAM,GAAG,IAAI,CAAC;QACzC,IAAI,KAAK,CAAC,IAAI;YAAE,QAAQ,CAAC,YAAY,GAAG,KAAK,CAAC,IAAI,CAAC;QACnD,MAAM,MAAM,GAAG,MAAM,OAAO,CAAC,QAAQ,CAAC,CAAC;QACvC,OAAO,MAAM,CAAC,MAAM,KAAK,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IACxC,CAAC;IAED,IAAI,GAAG,KAAK,MAAM,EAAE,CAAC;QACnB,IAAI,CAAC;YACH,MAAM,OAAO,CAAC,EAAE,GAAG,EAAE,OAAO,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC;YACtC,OAAO,CAAC,CAAC;QACX,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,gBAAgB,UAAU,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;YAC1D,OAAO,CAAC,CAAC;QACX,CAAC;IACH,CAAC;IAED,IAAI,GAAG,KAAK,MAAM,EAAE,CAAC;QACnB,MAAM,EAAE,OAAO,EAAE,GAAG,MAAM,MAAM,CAAC,oBAAoB,CAAC,CAAC;QACvD,OAAO,OAAO,CAAC,IAAI,CAAC,CAAC;IACvB,CAAC;IAED,IAAI,GAAG,KAAK,IAAI,EAAE,CAAC;QACjB,MAAM,CAAC,GAAG,EAAE,GAAG,OAAO,CAAC,GAAG,IAAI,CAAC;QAC/B,IAAI,GAAG,KAAK,QAAQ,EAAE,CAAC;YACrB,MAAM,KAAK,GAAG,UAAU,CAAC,OAAO,CAAC,CAAC;YAClC,MAAM,EAAE,WAAW,EAAE,GAAG,MAAM,MAAM,CAAC,yBAAyB,CAAC,CAAC;YAChE,MAAM,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,CAAC,KAAK,QAAQ,CAAC,CAAC;YACzE,MAAM,CAAC,GAAG,MAAM,WAAW,CAAC;gBAC1B,GAAG,CAAC,MAAM,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,GAAG,EAAE,MAAM,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;gBAChD,GAAG,CAAC,KAAK,CAAC,IAAI,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,YAAY,EAAE,KAAK,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;aAClE,CAAC,CAAC;YACH,OAAO,CAAC,CAAC,QAAQ,CAAC;QACpB,CAAC;QACD,GAAG,CAAC,KAAK,CAAC,0BAA0B,GAAG,KAAK,IAAI,EAAE,CAAC,CAAC;QACpD,OAAO,CAAC,CAAC;IACX,CAAC;IAED,GAAG,CAAC,KAAK,CAAC,oBAAoB,GAAG,KAAK,IAAI,EAAE,CAAC,CAAC;IAC9C,OAAO,CAAC,CAAC;AACX,CAAC;AAaD,SAAS,UAAU,CAAC,IAAc;IAChC,MAAM,GAAG,GAAU,EAAE,CAAC;IACtB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACrC,MAAM,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,IAAI,CAAC,KAAK,SAAS;YAAE,SAAS;QAC9B,IAAI,CAAC,KAAK,UAAU,EAAE,CAAC;YACrB,MAAM,IAAI,GAAG,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC;YACvB,IAAI,IAAI;gBAAE,GAAG,CAAC,MAAM,GAAG,IAAI,CAAC;QAC9B,CAAC;aAAM,IAAI,CAAC,KAAK,UAAU,EAAE,CAAC;YAC5B,MAAM,IAAI,GAAG,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC;YACvB,IAAI,IAAI;gBAAE,GAAG,CAAC,MAAM,GAAG,IAAI,CAAC;QAC9B,CAAC;aAAM,IAAI,CAAC,KAAK,kBAAkB;YAAE,GAAG,CAAC,aAAa,GAAG,IAAI,CAAC;aACzD,IAAI,CAAC,KAAK,SAAS;YAAE,GAAG,CAAC,KAAK,GAAG,IAAI,CAAC;aACtC,IAAI,CAAC,KAAK,QAAQ;YAAE,GAAG,CAAC,IAAI,GAAG,IAAI,CAAC;aACpC,IAAI,CAAC,KAAK,WAAW,EAAE,CAAC;YAC3B,MAAM,IAAI,GAAG,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC;YACvB,IAAI,IAAI;gBAAE,GAAG,CAAC,MAAM,GAAG,IAAI,CAAC;QAC9B,CAAC;aAAM,IAAI,CAAC,KAAK,UAAU;YAAE,GAAG,CAAC,MAAM,GAAG,IAAI,CAAC;aAC1C,IAAI,CAAC,KAAK,QAAQ,EAAE,CAAC;YACxB,MAAM,IAAI,GAAG,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC;YACvB,IAAI,IAAI;gBAAE,GAAG,CAAC,IAAI,GAAG,IAAI,CAAC;QAC5B,CAAC;IACH,CAAC;IACD,OAAO,GAAG,CAAC;AACb,CAAC;AAED,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAC9B,CAAC,IAAI,EAAE,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,EAC5B,CAAC,GAAG,EAAE,EAAE;IACN,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,oBAAoB,UAAU,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;IAC9D,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;AAClB,CAAC,CACF,CAAC"}
|
|
@@ -0,0 +1,26 @@
|
|
|
1
|
+
type StoreOpt = {
|
|
2
|
+
filePath?: string;
|
|
3
|
+
};
|
|
4
|
+
export declare function runAuthLogin(opts: {
|
|
5
|
+
host: string;
|
|
6
|
+
store?: StoreOpt;
|
|
7
|
+
sleep?: (ms: number) => Promise<void>;
|
|
8
|
+
now?: () => number;
|
|
9
|
+
}): Promise<number>;
|
|
10
|
+
export declare function runAuthStatus(opts: {
|
|
11
|
+
host?: string;
|
|
12
|
+
store?: StoreOpt;
|
|
13
|
+
env?: NodeJS.ProcessEnv;
|
|
14
|
+
write?: (s: string) => void;
|
|
15
|
+
}): Promise<number>;
|
|
16
|
+
export declare function runAuthLogout(opts: {
|
|
17
|
+
host?: string;
|
|
18
|
+
store?: StoreOpt;
|
|
19
|
+
env?: NodeJS.ProcessEnv;
|
|
20
|
+
write?: (s: string) => void;
|
|
21
|
+
}): Promise<number>;
|
|
22
|
+
export declare function runAuth(argv: string[], deps?: {
|
|
23
|
+
env?: NodeJS.ProcessEnv;
|
|
24
|
+
store?: StoreOpt;
|
|
25
|
+
}): Promise<number>;
|
|
26
|
+
export {};
|