@heroku/heroku-cli-util 8.0.14 → 9.0.0-beta.0

package/package.json

@@ -1,70 +1,69 @@
 {
+  "type": "commonjs",
   "name": "@heroku/heroku-cli-util",
+  "version": "9.0.0-beta.0",
   "description": "Set of helpful CLI utilities",
-  "version": "8.0.14",
   "author": "Heroku",
-  "bugs": {
-    "url": "https://github.com/heroku/heroku-cli-util/issues"
+  "license": "ISC",
+  "main": "dist/index.js",
+  "types": "dist/index.d.ts",
+  "files": [
+    "dist"
+  ],
+  "devDependencies": {
+    "@heroku-cli/schema": "^2.0.0",
+    "@types/chai": "^4.3.13",
+    "@types/debug": "^4.1.12",
+    "@types/mocha": "^10.0.10",
+    "@types/node": "^22.15.3",
+    "@types/sinon": "^17.0.4",
+    "@types/tunnel-ssh": "4.1.1",
+    "chai": "^4.4.1",
+    "eslint": "^8.57.0",
+    "eslint-config-oclif": "^5.0.0",
+    "eslint-config-oclif-typescript": "^3.1.14",
+    "eslint-plugin-import": "^2.31.0",
+    "eslint-plugin-mocha": "^10.4.3",
+    "mocha": "^10.8.2",
+    "nyc": "^17.1.0",
+    "sinon": "^18.0.1",
+    "strip-ansi": "^6",
+    "ts-node": "^10.9.2",
+    "tsconfig-paths": "^4.2.0",
+    "tsheredoc": "^1.0.1",
+    "typescript": "^5.4.0"
   },
   "dependencies": {
-    "@heroku-cli/color": "^1.1.3",
-    "ansi-escapes": "^3.1.0",
-    "ansi-styles": "^3.2.1",
-    "cardinal": "^2.0.1",
-    "chalk": "^2.4.1",
-    "got": "^11.8.6",
-    "heroku-client": "^3.1.0",
-    "lodash": "^4.17.10",
-    "netrc-parser": "^3.1.4",
-    "opn": "^3.0.3",
-    "strip-ansi": "^4.0.0",
-    "supports-color": "^9.4.0",
-    "tslib": "^1.9.0",
-    "tunnel-agent": "^0.6.0"
-  },
-  "devDependencies": {
-    "chai": "^4.1.2",
-    "co": "^4.6.0",
-    "hook-std": "^0.4.0",
-    "mocha": "^10.2.0",
-    "mocha-junit-reporter": "^2.2.1",
-    "nock": "^11.9.1",
-    "nyc": "^15.1.0",
-    "proxyquire": "^1.7.11",
-    "sinon": "^18.0.0",
-    "standard": "^12.0.1",
-    "tmp": "^0.0.33",
-    "unexpected": "^13.2.1"
+    "@oclif/core": "^2.16.0",
+    "@heroku/http-call": "^5.4.0",
+    "@heroku-cli/color": "^2.0.4",
+    "@heroku-cli/command": "^11.5.0",
+    "debug": "^4.4.0",
+    "nock": "^13.2.9",
+    "tunnel-ssh": "4.1.6"
   },
   "engines": {
-    "node": ">= 14"
+    "node": ">=20"
   },
-  "files": [
-    "lib",
-    "index.js"
-  ],
-  "homepage": "https://github.com/heroku/heroku-cli-util",
-  "license": "ISC",
-  "main": "index.js",
   "mocha": {
     "require": [
-      "./test/init"
-    ]
+      "ts-node/register",
+      "source-map-support/register"
+    ],
+    "file": [
+      "src/test-helpers/stub-output.ts"
+    ],
+    "watch-extensions": "ts",
+    "recursive": true,
+    "reporter": "spec",
+    "timeout": 360000
   },
-  "nyc": {
-    "exclude": [
-      "lib/linewrap.js"
-    ]
-  },
-  "repository": "heroku/heroku-cli-util",
   "scripts": {
-    "test": "mocha",
-    "posttest": "standard"
-  },
-  "standard": {
-    "env": "mocha",
-    "ignore": [
-      "lib/linewrap.js"
-    ]
+    "build": "tsc",
+    "clean": "rm -rf dist",
+    "lint": "eslint . --ext .ts --config .eslintrc.js",
+    "prepare": "npm run clean && npm run build",
+    "test": "nyc mocha  --forbid-only \"test/**/*.test.ts\"",
+    "test:local": "mocha \"test/**/*.test.ts\""
   }
 }

package/index.js

@@ -1,40 +0,0 @@
-'use strict'
-
-exports.color = require('@heroku-cli/color').default
-
-var console = require('./lib/console')
-var errors = require('./lib/errors')
-var prompt = require('./lib/prompt')
-var styled = require('./lib/styled')
-
-exports.hush = console.hush
-exports.log = console.log.bind(console)
-exports.formatDate = require('./lib/date').formatDate
-exports.error = errors.error
-exports.action = require('./lib/action')
-exports.warn = exports.action.warn
-exports.errorHandler = errors.errorHandler
-exports.console = console
-exports.yubikey = require('./lib/yubikey')
-exports.prompt = prompt.prompt
-exports.confirmApp = prompt.confirmApp
-exports.preauth = require('./lib/preauth')
-exports.command = require('./lib/command')
-exports.debug = console.debug
-exports.mockConsole = console.mock
-exports.table = require('./lib/table')
-exports.stdout = ''
-exports.stderr = ''
-exports.styledHeader = styled.styledHeader
-exports.styledObject = styled.styledObject
-exports.styledHash = styled.styledObject
-exports.styledNameValues = styled.styledNameValues
-exports.styledJSON = styled.styledJSON
-exports.open = require('./lib/open')
-exports.got = require('./lib/got')
-exports.linewrap = require('./lib/linewrap')
-exports.Spinner = require('./lib/spinner')
-exports.exit = require('./lib/exit').exit
-exports.auth = require('./lib/auth')
-exports.login = exports.auth.login
-exports.logout = exports.auth.logout

package/lib/action.js

@@ -1,54 +0,0 @@
-'use strict'
-
-let cli = require('..')
-let errors = require('./errors')
-
-function start (message, options) {
-  if (!options) options = {}
-  module.exports.task = {
-    spinner: new cli.Spinner({ spinner: options.spinner, text: `${message}...` }),
-    stream: options.stream
-  }
-  module.exports.task.spinner.start()
-}
-
-function action (message, options, promise) {
-  if (options.then) [options, promise] = [{}, options]
-  start(message, options)
-  return promise.then(function (result) {
-    if (options.success !== false) done(options.success || 'done', options)
-    else done(null, options)
-    return result
-  }).catch(function (err) {
-    if (err.body && err.body.id === 'two_factor') done(cli.color.yellow.bold('!'), options)
-    else done(cli.color.red.bold('!'), options)
-    throw err
-  })
-}
-
-function warn (msg) {
-  let task = module.exports.task
-  if (task) task.spinner.warn(msg)
-  else errors.warn(msg)
-}
-
-function status (status) {
-  let task = module.exports.task
-  if (task) task.spinner.status = status
-}
-
-function done (msg, options) {
-  options = options || {}
-  let task = module.exports.task
-  if (task) {
-    task.spinner.stop(msg)
-    module.exports.task = null
-    if (options.clear) task.spinner.clear()
-  }
-}
-
-module.exports = action
-module.exports.start = start
-module.exports.warn = warn
-module.exports.status = status
-module.exports.done = done

package/lib/auth.js

@@ -1,207 +0,0 @@
-'use strict'
-
-const cli = require('..')
-const vars = require('./vars')
-
-function basicAuth (username, password) {
-  let auth = [username, password].join(':')
-  auth = Buffer.from(auth).toString('base64')
-  return `Basic ${auth}`
-}
-
-function createOAuthToken (username, password, expiresIn, secondFactor) {
-  const os = require('os')
-
-  let headers = {
-    Authorization: basicAuth(username, password)
-  }
-
-  if (secondFactor) headers['Heroku-Two-Factor-Code'] = secondFactor
-
-  return cli.heroku.post('/oauth/authorizations', {
-    headers,
-    body: {
-      scope: ['global'],
-      description: `Heroku CLI login from ${os.hostname()} at ${new Date()}`,
-      expires_in: expiresIn || 60 * 60 * 24 * 365 // 1 year
-    }
-  }).then(function (auth) {
-    return { token: auth.access_token.token, email: auth.user.email, expires_in: auth.access_token.expires_in }
-  })
-}
-
-function saveToken ({ email, token }) {
-  const netrc = require('netrc-parser').default
-  netrc.loadSync()
-  const hosts = [vars.apiHost, vars.httpGitHost]
-  hosts.forEach(host => {
-    if (!netrc.machines[host]) netrc.machines[host] = {}
-    netrc.machines[host].login = email
-    netrc.machines[host].password = token
-  })
-  if (netrc.machines._tokens) {
-    netrc.machines._tokens.forEach(token => {
-      if (hosts.includes(token.host)) {
-        token.internalWhitespace = '\n  '
-      }
-    })
-  }
-  netrc.saveSync()
-}
-
-async function loginUserPass ({ save, expires_in: expiresIn }) {
-  const { prompt } = require('./prompt')
-
-  cli.log('Enter your Heroku credentials:')
-  let email = await prompt('Email')
-  let password = await prompt('Password', { hide: true })
-
-  let auth
-  try {
-    auth = await createOAuthToken(email, password, expiresIn)
-  } catch (err) {
-    if (!err.body || err.body.id !== 'two_factor') throw err
-    let secondFactor = await prompt('Two-factor code', { mask: true })
-    auth = await createOAuthToken(email, password, expiresIn, secondFactor)
-  }
-  if (save) saveToken(auth)
-  return auth
-}
-
-async function loginSSO ({ save, browser }) {
-  const { prompt } = require('./prompt')
-
-  let url = process.env['SSO_URL']
-  if (!url) {
-    let org = process.env['HEROKU_ORGANIZATION']
-    if (!org) {
-      org = await prompt('Enter your organization name')
-    }
-    url = `https://sso.heroku.com/saml/${encodeURIComponent(org)}/init?cli=true`
-  }
-
-  const open = require('./open')
-
-  let openError
-  await cli.action('Opening browser for login', open(url, browser)
-    .catch(function (err) {
-      openError = err
-    })
-  )
-
-  if (openError) {
-    cli.console.error(openError.message)
-  }
-
-  let token = await prompt('Enter your access token (typing will be hidden)', { hide: true })
-
-  let account = await cli.heroku.get('/account', {
-    headers: {
-      Authorization: `Bearer ${token}`
-    }
-  })
-
-  if (save) saveToken({ token, email: account.email })
-  return { token: token, email: account.email }
-}
-
-async function logout () {
-  let token = cli.heroku.options.token
-  if (token) {
-    // for SSO logins we delete the session since those do not show up in
-    // authorizations because they are created a trusted client
-    let sessionsP = cli.heroku.delete('/oauth/sessions/~')
-      .catch(err => {
-        if (err.statusCode === 404 && err.body && err.body.id === 'not_found' && err.body.resource === 'session') {
-          return null
-        }
-        if (err.statusCode === 401 && err.body && err.body.id === 'unauthorized') {
-          return null
-        }
-        throw err
-      })
-
-    // grab the default authorization because that is the token shown in the
-    // dashboard as API Key and they may be using it for something else and we
-    // would unwittingly break an integration that they are depending on
-    let defaultAuthorizationP = cli.heroku.get('/oauth/authorizations/~')
-      .catch(err => {
-        if (err.statusCode === 404 && err.body && err.body.id === 'not_found' && err.body.resource === 'authorization') {
-          return null
-        }
-        if (err.statusCode === 401 && err.body && err.body.id === 'unauthorized') {
-          return null
-        }
-        throw err
-      })
-
-    // grab all the authorizations so that we can delete the token they are
-    // using in the CLI.  we have to do this rather than delete ~ because
-    // the ~ is the API Key, not the authorization that is currently requesting
-    let authorizationsP = cli.heroku.get('/oauth/authorizations')
-      .catch(err => {
-        if (err.statusCode === 401 && err.body && err.body.id === 'unauthorized') {
-          return []
-        }
-        throw err
-      })
-
-    let [, defaultAuthorization, authorizations] = await Promise.all([sessionsP, defaultAuthorizationP, authorizationsP])
-
-    if (accessToken(defaultAuthorization) !== token) {
-      for (let authorization of authorizations) {
-        if (accessToken(authorization) === token) {
-          // remove the matching access token from core services
-          await cli.heroku.delete(`/oauth/authorizations/${authorization.id}`)
-        }
-      }
-    }
-  }
-
-  const netrc = require('netrc-parser').default
-  netrc.loadSync()
-  if (netrc.machines[vars.apiHost]) {
-    netrc.machines[vars.apiHost] = undefined
-  }
-  if (netrc.machines[vars.httpGitHost]) {
-    netrc.machines[vars.httpGitHost] = undefined
-  }
-  netrc.saveSync()
-}
-
-function accessToken (authorization) {
-  return authorization && authorization.access_token && authorization.access_token.token
-}
-
-async function login (options = {}) {
-  if (!options.skipLogout) await logout()
-
-  try {
-    if (options['sso']) {
-      return await loginSSO(options)
-    } else {
-      return await loginUserPass(options)
-    }
-  } catch (e) {
-    const { PromptMaskError } = require('./prompt')
-    const os = require('os')
-    if (e instanceof PromptMaskError && os.platform() === 'win32') {
-      throw new PromptMaskError('Login is currently incompatible with git bash/Cygwin/MinGW')
-    } else {
-      throw e
-    }
-  }
-}
-
-function token () {
-  const netrc = require('netrc-parser').default
-  netrc.loadSync()
-  if (process.env.HEROKU_API_KEY) return process.env.HEROKU_API_KEY
-  return netrc.machines[vars.apiHost] && netrc.machines[vars.apiHost].password
-}
-
-module.exports = {
-  login: login,
-  logout: logout,
-  token
-}

package/lib/command.js

@@ -1,171 +0,0 @@
-'use strict'
-
-const Heroku = require('heroku-client')
-const cli = require('..')
-const auth = require('./auth')
-const vars = require('./vars')
-const Mutex = require('./mutex')
-
-function twoFactorWrapper (options, preauths, context) {
-  return function (res, buffer) {
-    let body
-    try {
-      body = this.parseBody(buffer)
-    } catch (e) {
-      this._handleFailure(res, buffer)
-    }
-
-    // safety check for if we have already seen this request for preauthing
-    // this prevents an infinite loop in case some preauth fails silently
-    // and we continue to get two_factor failures
-
-    // this might be better done with a timer in case a command takes too long
-    // and the preauthorization runs out, but that seemed unlikely
-    if (res.statusCode === 403 && body.id === 'two_factor' && !preauths.requests.includes(this)) {
-      let self = this
-      // default preauth to always happen unless explicitly disabled
-      if (options.preauth === false || !body.app) {
-        twoFactorPrompt(options, preauths, context)
-          .then(function (secondFactor) {
-            self.options.headers = Object.assign({}, self.options.headers, { 'Heroku-Two-Factor-Code': secondFactor })
-            self.request()
-          })
-          .catch(function (err) {
-            self.reject(err)
-          })
-      } else {
-        preauths.requests.push(self)
-
-        // if multiple requests are run in parallel for the same app, we should
-        // only preauth for the first so save the fact we already preauthed
-        if (!preauths.promises[body.app.name]) {
-          preauths.promises[body.app.name] = twoFactorPrompt(options, preauths, context)
-            .then(function (secondFactor) {
-              return cli.preauth(body.app.name, heroku(context), secondFactor)
-            })
-        }
-
-        preauths.promises[body.app.name].then(function () {
-          self.request()
-        })
-          .catch(function (err) {
-            self.reject(err)
-          })
-      }
-    } else {
-      this._handleFailure(res, buffer)
-    }
-  }
-}
-
-function apiMiddleware (options, preauths, context) {
-  let twoFactor = twoFactorWrapper(options, preauths, context)
-  return function (response, cb) {
-    let warning = response.headers['x-heroku-warning'] || response.headers['warning-message']
-    if (warning) cli.action.warn(warning)
-
-    // override the _handleFailure for this request
-    if (!this._handleFailure) {
-      this._handleFailure = this.handleFailure
-      this.handleFailure = twoFactor.bind(this)
-    }
-
-    cb()
-  }
-}
-
-function heroku (context, options) {
-  let host = context.apiUrl || vars.apiUrl || 'https://api.heroku.com'
-
-  let preauths = {
-    promises: {},
-    requests: [],
-    twoFactorMutex: new Mutex()
-  }
-
-  let opts = {
-    userAgent: context.version,
-    debug: context.debug,
-    debugHeaders: context.debugHeaders,
-    token: context.auth ? context.auth.password : null,
-    host: host,
-    headers: {},
-    rejectUnauthorized: !(process.env.HEROKU_SSL_VERIFY === 'disable' || host.endsWith('herokudev.com')),
-    middleware: apiMiddleware(options, preauths, context)
-  }
-  if (process.env.HEROKU_HEADERS) {
-    Object.assign(opts.headers, JSON.parse(process.env.HEROKU_HEADERS))
-  }
-  if (context.secondFactor) {
-    Object.assign(opts.headers, { 'Heroku-Two-Factor-Code': context.secondFactor })
-  }
-  if (context.reason) {
-    Object.assign(opts.headers, { 'X-Heroku-Sudo-Reason': context.reason })
-  }
-  cli.heroku = new Heroku(opts)
-  return cli.heroku
-}
-
-let httpsProxy = process.env.HTTPS_PROXY || process.env.https_proxy || process.env.HTTP_PROXY || process.env.http_proxy
-
-function setupHttpProxy () {
-  const url = require('url')
-  cli.hush(`proxy set to ${httpsProxy}`)
-  let proxy = url.parse(httpsProxy)
-  process.env.HEROKU_HTTP_PROXY_HOST = proxy.hostname
-  process.env.HEROKU_HTTP_PROXY_PORT = proxy.port
-  process.env.HEROKU_HTTP_PROXY_AUTH = proxy.auth
-}
-
-function relogin () {
-  if (process.env.HEROKU_LOGIN_REDIRECT === '1') return auth.login({ save: true })
-  process.env.HEROKU_LOGIN_REDIRECT = '1'
-  require('child_process').execSync('heroku login', { stdio: 'inherit' })
-  return Promise.resolve()
-}
-
-function twoFactorPrompt (options, preauths, context) {
-  cli.yubikey.enable()
-  return preauths.twoFactorMutex.synchronize(function () {
-    return cli.prompt('Two-factor code', { mask: true })
-      .catch(function (err) {
-        cli.yubikey.disable()
-        throw err
-      })
-      .then(function (secondFactor) {
-        cli.yubikey.disable()
-        return secondFactor
-      })
-  })
-}
-
-function reasonPrompt (context) {
-  return cli.prompt('Reason')
-    .then(function (reason) {
-      context.reason = reason
-    })
-}
-
-module.exports = function command (options, fn) {
-  return function (context) {
-    if (typeof options === 'function') [fn, options] = [options, {}]
-    if (httpsProxy) setupHttpProxy()
-    cli.color.enabled = context.supportsColor
-    let handleErr = cli.errorHandler({ debug: context.debug })
-    let run = function () {
-      context.auth = { password: auth.token() }
-      let p = fn(context, heroku(context, options))
-      if (!p.catch) return
-      return p.catch(function (err) {
-        if (err && err.body && err.body.id === 'unauthorized') {
-          cli.error(err.body.message || 'Unauthorized')
-          return relogin().then(run).catch(handleErr)
-        } else if (err && err.body && err.body.id === 'sudo_reason_required') {
-          cli.warn(err.body.message)
-          return reasonPrompt(context).then(run).catch(handleErr)
-        } else throw err
-      }).catch(handleErr)
-    }
-    return run()
-  }
-}

package/lib/console.js

@@ -1,105 +0,0 @@
-'use strict'
-
-var cli = require('..')
-const stripAnsi = require('strip-ansi')
-
-var mocking
-
-function concatArguments (args) {
-  return Array.prototype.map.call(args, function (arg) {
-    return arg + ''
-  }).join(' ')
-}
-
-/**
- * log is a wrapper for console.log() but can be mocked
- *
- * @param {...Object} obj - objects to be printed to stdout
- */
-function log () {
-  if (mocking) {
-    cli.stdout += stripAnsi(concatArguments(arguments) + '\n')
-  } else {
-    console.log.apply(null, arguments)
-  }
-}
-
-/**
- * writeLog is a wrapper for process.stdout.write() but can be mocked
- *
- * @param {...Object} obj - objects to be printed to stdout
- */
-function writeLog () {
-  if (mocking) {
-    cli.stdout += stripAnsi(concatArguments(arguments))
-  } else {
-    process.stdout.write.apply(process.stdout, arguments)
-  }
-}
-
-function hush () {
-  let debug = process.env.HEROKU_DEBUG
-  if (debug && (debug === '1' || debug.toUpperCase() === 'TRUE')) {
-    console.error.apply(null, arguments)
-  }
-}
-
-/**
- * error is a wrapper for console.error() but can be mocked
- *
- * @param {...Object} obj - objects to be printed to stderr
- */
-function error () {
-  if (mocking) {
-    cli.stderr += stripAnsi(concatArguments(arguments) + '\n')
-  } else {
-    console.error.apply(null, arguments)
-  }
-}
-
-/**
- * writeError is a wrapper for process.stderr.write() but can be mocked
- *
- * @param {...Object} obj - objects to be printed to stderr
- */
-function writeError () {
-  if (mocking) {
-    cli.stderr += stripAnsi(concatArguments(arguments))
-  } else {
-    process.stderr.write.apply(process.stderr, arguments)
-  }
-}
-
-/**
- * mock will make {@link log} and {@link error}
- * stop printing to stdout and stderr and start writing to the
- * stdout and stderr strings.
- */
-function mock (mock) {
-  if (mock === false) {
-    mocking = false
-  } else {
-    mocking = true
-    cli.stderr = ''
-    cli.stdout = ''
-  }
-}
-
-/**
- * debug pretty prints an object.
- * It simply calls console.dir with color enabled.
- *
- * @param {Object} obj - object to be printed
- */
-function debug (obj) {
-  console.dir(obj, { colors: true })
-}
-
-exports.hush = hush
-exports.log = log
-exports.writeLog = writeLog
-exports.error = error
-exports.writeError = writeError
-exports.mock = mock
-exports.mocking = () => mocking
-exports.debug = debug