npm - @floomhq/skills - Versions diffs - 0.2.10 → 0.2.11 - Mend

@floomhq/skills 0.2.10 → 0.2.11

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

package/dist/index.js CHANGED Viewed

@@ -2395,7 +2395,7 @@ var AUTH_FILE = join3(CONFIG_DIR, "auth.json");
 var DEFAULT_APP_URL = "https://skills.floom.dev";
 var DEFAULT_API_URL = "https://skills.floom.dev/api/v1";
 var LEGACY_API_HOSTS = /* @__PURE__ */ new Set(["floom-v0.vercel.app", "skills.wasm.floom.dev"]);
-var TRUSTED_API_HOSTS = /* @__PURE__ */ new Set(["skills.floom.dev", "skills.wasm.floom.dev", "localhost", "127.0.0.1", "::1"]);
+var TRUSTED_API_HOSTS = /* @__PURE__ */ new Set(["skills.floom.dev", "skills.wasm.floom.dev"]);
 async function ensureDir() {
   await mkdir2(CONFIG_DIR, { recursive: true, mode: 448 });
 }
@@ -2484,7 +2484,7 @@ function isLegacyApiUrl(apiUrl) {
 }
 // src/version.ts
-var VERSION = "0.2.10";
+var VERSION = "0.2.11";
 // src/api-client.ts
 var DEFAULT_TIMEOUT_MS = 2e4;
@@ -2615,7 +2615,7 @@ async function loginCommand() {
   log.info(`Open this URL in your browser:`);
   log.info(`  ${session.verification_uri}`);
   log.info("");
-  log.info(`Your code: ${session.user_code}`);
+  log.info(`Confirm this code in the browser: ${session.user_code}`);
   log.info("");
   log.info("Waiting for approval in the browser. Press Ctrl+C to cancel.");
   openInBrowser(session.verification_uri).catch(() => {
@@ -2684,7 +2684,13 @@ async function whoamiCommand() {
   try {
     me = await api("/me", { authRequired: true });
   } catch (e) {
-    log.err(`Login is not accepted by the Floom API: ${e.message}`);
+    if (e instanceof FloomError && e.code === "TOKEN_EXPIRED") {
+      log.err("Login expired.");
+    } else if (e instanceof FloomError && e.code === "TOKEN_INVALID") {
+      log.err("Login revoked or unknown.");
+    } else {
+      log.err(`Login is not accepted by the Floom API: ${e.message}`);
+    }
     log.info("Run: floom login");
     process.exitCode = 1;
     return;
@@ -3414,12 +3420,19 @@ async function infoCommand(refStr) {
 }
 // src/commands/share.ts
+function isValidEmail(email) {
+  return /^[^\s@]+@[^\s@]+\.[^\s@]+$/.test(email);
+}
 async function shareCommand(refStr, email, opts = {}) {
   const ref = parseSkillRef(refStr);
   if (!ref) {
     log.err(`Invalid skill ref: ${refStr}`);
     process.exit(1);
   }
+  if (!isValidEmail(email)) {
+    log.err(`Invalid email: ${email}`);
+    process.exit(1);
+  }
   const role = opts.role ?? "viewer";
   const r = await api(`/skills/${ref.owner}/${ref.slug}/grants`, {
     method: "POST",
@@ -3435,6 +3448,10 @@ async function unshareCommand(refStr, email) {
     log.err(`Invalid skill ref: ${refStr}`);
     process.exit(1);
   }
+  if (!isValidEmail(email)) {
+    log.err(`Invalid email: ${email}`);
+    process.exit(1);
+  }
   const list = await api(`/skills/${ref.owner}/${ref.slug}/grants`, { authRequired: true });
   const grant = list.grants.find((g) => (g.email ?? "").toLowerCase() === email.toLowerCase());
   if (!grant) {
@@ -3446,6 +3463,9 @@ async function unshareCommand(refStr, email) {
 }
 // src/commands/library.ts
+function isValidEmail2(email) {
+  return /^[^\s@]+@[^\s@]+\.[^\s@]+$/.test(email);
+}
 async function libraryListCommand() {
   const resp = await api("/libraries", { authRequired: true });
   if (!resp.libraries.length) {
@@ -3461,6 +3481,10 @@ async function libraryCreateCommand(slug, name) {
   log.ok(`Created workspace ${resp.slug}`);
 }
 async function libraryInviteCommand(librarySlug, email, role = "viewer") {
+  if (!isValidEmail2(email)) {
+    log.err(`Invalid email: ${email}`);
+    process.exit(1);
+  }
   await api(`/libraries/${librarySlug}/pending-invites`, {
     method: "POST",
     authRequired: true,