@sanity/cli 3.67.2-corel.454 → 3.68.0

package/lib/_chunks-cjs/cli.js

@@ -1,5 +1,5 @@
 "use strict";
-var fs$1 = require("node:fs"), os = require("node:os"), path$3 = require("node:path"), chalk = require("chalk"), loadEnv = require("./loadEnv.js"), require$$0$4 = require("path"), require$$1$2 = require("module"), require$$0$5 = require("fs"), telemetry = require("@sanity/telemetry"), childProcess = require("node:child_process"), fs = require("node:fs/promises"), util$4 = require("node:util"), require$$0$6 = require("os"), require$$0$c = require("url"), require$$1$3 = require("get-it"), require$$2$1 = require("get-it/middleware"), require$$0$7 = require("constants"), require$$0$8 = require("stream"), require$$0$a = require("util"), require$$0$9 = require("assert"), require$$0$b = require("events"), require$$6$1 = require("http"), semver = require("semver"), pkgDir = require("pkg-dir"), client$1 = require("@sanity/client"), require$$3$1 = require("crypto"), require$$1$4 = require("child_process"), require$$0$d = require("fs/promises"), require$$0$e = require("buffer"), silverFleece = require("silver-fleece"), getCliConfig = require("./getCliConfig.js"), journeyConfig = require("./journeyConfig.js"), Stream = require("node:stream"), promises$1 = require("node:stream/promises"), require$$2$2 = require("string_decoder"), require$$0$f = require("zlib"), require$$7$1 = require("process"), yaml = require("yaml"), http = require("node:http"), traverse = require("@babel/traverse"), node_url = require("node:url"), node_events = require("node:events"), node_string_decoder = require("node:string_decoder"), process$2 = require("node:process"), require$$2$3 = require("readline"), require$$0$g = require("tty");
+var fs$1 = require("node:fs"), os = require("node:os"), path$3 = require("node:path"), chalk = require("chalk"), loadEnv = require("./loadEnv.js"), require$$0$4 = require("path"), require$$1$2 = require("module"), require$$0$5 = require("fs"), telemetry = require("@sanity/telemetry"), childProcess = require("node:child_process"), fs = require("node:fs/promises"), util$4 = require("node:util"), require$$0$6 = require("os"), require$$0$c = require("url"), require$$1$3 = require("get-it"), require$$2$1 = require("get-it/middleware"), require$$0$7 = require("constants"), require$$0$8 = require("stream"), require$$0$a = require("util"), require$$0$9 = require("assert"), require$$0$b = require("events"), require$$6$1 = require("http"), semver = require("semver"), pkgDir = require("pkg-dir"), client$1 = require("@sanity/client"), require$$3$1 = require("crypto"), require$$1$4 = require("child_process"), require$$0$d = require("fs/promises"), require$$0$e = require("buffer"), silverFleece = require("silver-fleece"), getCliConfig = require("./getCliConfig.js"), journeyConfig = require("./journeyConfig.js"), Stream = require("node:stream"), promises$1 = require("node:stream/promises"), templateValidator = require("@sanity/template-validator"), require$$2$2 = require("string_decoder"), require$$0$f = require("zlib"), require$$7$1 = require("process"), http = require("node:http"), traverse = require("@babel/traverse"), node_url = require("node:url"), node_events = require("node:events"), node_string_decoder = require("node:string_decoder"), process$2 = require("node:process"), require$$2$3 = require("readline"), require$$0$g = require("tty");
 function _interopDefaultCompat(e) {
   return e && typeof e == "object" && "default" in e ? e : { default: e };
 }
@@ -9067,8 +9067,8 @@ var jsYaml$3, hasRequiredJsYaml$3;
 function requireJsYaml$3() {
   if (hasRequiredJsYaml$3) return jsYaml$3;
   hasRequiredJsYaml$3 = 1;
-  var yaml2 = requireJsYaml$4();
-  return jsYaml$3 = yaml2, jsYaml$3;
+  var yaml = requireJsYaml$4();
+  return jsYaml$3 = yaml, jsYaml$3;
 }
 var toml = {}, parse$2 = { exports: {} }, tomlParser = { exports: {} }, parser$2, hasRequiredParser$1;
 function requireParser$1() {
@@ -22413,14 +22413,14 @@ var jsYaml, hasRequiredJsYaml;
 function requireJsYaml() {
   if (hasRequiredJsYaml) return jsYaml;
   hasRequiredJsYaml = 1;
-  var yaml2 = requireJsYaml$1();
-  return jsYaml = yaml2, jsYaml;
+  var yaml = requireJsYaml$1();
+  return jsYaml = yaml, jsYaml;
 }
 var hasRequiredLoadYamlFile;
 function requireLoadYamlFile() {
   if (hasRequiredLoadYamlFile) return loadYamlFile.exports;
   hasRequiredLoadYamlFile = 1;
-  const fs2 = requireGracefulFs(), pify2 = requirePify(), stripBom2 = requireStripBom(), yaml2 = requireJsYaml(), parse3 = (data) => yaml2.safeLoad(stripBom2(data));
+  const fs2 = requireGracefulFs(), pify2 = requirePify(), stripBom2 = requireStripBom(), yaml = requireJsYaml(), parse3 = (data) => yaml.safeLoad(stripBom2(data));
   return loadYamlFile.exports = (fp) => pify2(fs2.readFile)(fp, "utf8").then((data) => parse3(data)), loadYamlFile.exports.sync = (fp) => parse3(fs2.readFileSync(fp, "utf8")), loadYamlFile.exports;
 }
 var whichPm, hasRequiredWhichPm;
@@ -26596,17 +26596,17 @@ function requireTar() {
   return hasRequiredTar || (hasRequiredTar = 1, tar.c = tar.create = requireCreate(), tar.r = tar.replace = requireReplace(), tar.t = tar.list = requireList$1(), tar.u = tar.update = requireUpdate(), tar.x = tar.extract = requireExtract(), tar.Pack = requirePack(), tar.Unpack = requireUnpack(), tar.Parse = requireParse(), tar.ReadEntry = requireReadEntry(), tar.WriteEntry = requireWriteEntry(), tar.Header = requireHeader(), tar.Pax = requirePax(), tar.types = requireTypes$1()), tar;
 }
 var tarExports = requireTar();
-const ENV_VAR = {
-  PROJECT_ID: /SANITY(?:_STUDIO)?_PROJECT_ID/,
-  // Matches SANITY_PROJECT_ID and SANITY_STUDIO_PROJECT_ID
-  DATASET: /SANITY(?:_STUDIO)?_DATASET/,
-  // Matches SANITY_DATASET and SANITY_STUDIO_DATASET
+const DISALLOWED_PATHS = [
+  // Prevent security risks from unknown GitHub Actions
+  "/.github/"
+], ENV_VAR = {
+  ...templateValidator.REQUIRED_ENV_VAR,
   READ_TOKEN: "SANITY_API_READ_TOKEN"
-}, ENV_FILE = {
-  TEMPLATE: ".env.template",
-  EXAMPLE: ".env.example",
-  LOCAL_EXAMPLE: ".env.local.example"
-}, ENV_TEMPLATE_FILES = [ENV_FILE.TEMPLATE, ENV_FILE.EXAMPLE, ENV_FILE.LOCAL_EXAMPLE];
+};
+function getGitHubRawContentUrl(repoInfo) {
+  const { username, name, branch, filePath } = repoInfo;
+  return `https://raw.githubusercontent.com/${username}/${name}/${branch}/${filePath}`;
+}
 function isGithubRepoShorthand(value) {
   return URL.canParse(value) ? !1 : /^[\w-]+\/[\w-.]+(\/[@\w-.]+)*$/.test(value);
 }
@@ -26682,134 +26682,29 @@ async function downloadAndExtractRepo(root2, { username, name, branch, filePath
           const pathSegments = posixPath.split(path$3.posix.sep);
           rootPath = pathSegments.length ? pathSegments[0] : null;
         }
+        for (const disallowedPath of DISALLOWED_PATHS)
+          if (posixPath.includes(disallowedPath)) return !1;
         return posixPath.startsWith(`${rootPath}${filePath ? `/${filePath}/` : "/"}`);
       }
     })
   );
 }
-async function getMonoRepo(repoInfo, bearerToken) {
-  const { username, name, branch, filePath } = repoInfo, baseUrl = `https://raw.githubusercontent.com/${username}/${name}/${branch}/${filePath}`, headers = {};
-  bearerToken && (headers.Authorization = `Bearer ${bearerToken}`);
-  const handlers = {
-    "package.json": {
-      check: (content) => {
-        try {
-          const pkg = JSON.parse(content);
-          return pkg.workspaces ? Array.isArray(pkg.workspaces) ? pkg.workspaces : pkg.workspaces.packages : void 0;
-        } catch {
-          return;
-        }
-      }
-    },
-    "pnpm-workspace.yaml": {
-      check: (content) => {
-        try {
-          return yaml.parse(content).packages;
-        } catch {
-          return;
-        }
-      }
-    },
-    "lerna.json": {
-      check: (content) => {
-        try {
-          return JSON.parse(content).packages;
-        } catch {
-          return;
-        }
-      }
-    },
-    "rush.json": {
-      check: (content) => {
-        try {
-          return JSON.parse(content).projects?.map((p) => p.packageName);
-        } catch {
-          return;
-        }
-      }
-    }
-  }, fileChecks = await Promise.all(
-    Object.keys(handlers).map(async (file) => {
-      const response = await fetch(`${baseUrl}/${file}`, { headers });
-      return { file, exists: response.status === 200, content: await response.text() };
-    })
-  );
-  for (const check of fileChecks) {
-    if (!check.exists) continue;
-    const result = handlers[check.file].check(check.content);
-    if (result) return result;
-  }
-}
-async function validatePackage(baseUrl, packagePath, headers) {
-  const packageUrl = packagePath ? `${baseUrl}/${packagePath}` : baseUrl, requiredFiles = [
-    "package.json",
-    "sanity.config.ts",
-    "sanity.config.js",
-    "sanity.cli.ts",
-    "sanity.cli.js",
-    ...ENV_TEMPLATE_FILES
-  ], fileChecks = await Promise.all(
-    requiredFiles.map(async (file) => {
-      const response = await fetch(`${packageUrl}/${file}`, { headers });
-      return { file, exists: response.status === 200, content: await response.text() };
-    })
-  ), packageJson = fileChecks.find((f) => f.file === "package.json");
-  if (!packageJson?.exists)
-    throw new Error(`Package at ${packagePath || "root"} must include a package.json file`);
-  let hasSanityDep = !1;
-  try {
-    const pkg = JSON.parse(packageJson.content);
-    hasSanityDep = !!(pkg.dependencies?.sanity || pkg.devDependencies?.sanity);
-  } catch {
-    throw new Error(`Invalid package.json file in ${packagePath || "root"}`);
-  }
-  const hasSanityConfig = fileChecks.some(
-    (f) => f.exists && (f.file === "sanity.config.ts" || f.file === "sanity.config.js")
-  ), hasSanityCli = fileChecks.some(
-    (f) => f.exists && (f.file === "sanity.cli.ts" || f.file === "sanity.cli.js")
-  ), envFile = fileChecks.find(
-    (f) => f.exists && ENV_TEMPLATE_FILES.includes(f.file)
-  );
-  if (envFile) {
-    const envContent = envFile.content, hasProjectId = envContent.match(ENV_VAR.PROJECT_ID), hasDataset = envContent.match(ENV_VAR.DATASET);
-    if (!hasProjectId || !hasDataset) {
-      const missing = [];
-      throw hasProjectId || missing.push("SANITY_PROJECT_ID or SANITY_STUDIO_PROJECT_ID"), hasDataset || missing.push("SANITY_DATASET or SANITY_STUDIO_DATASET"), new Error(
-        `Environment template in ${packagePath || "repo"} must include the following variables: ${missing.join(", ")}`
-      );
-    }
-  }
-  return {
-    hasSanityConfig,
-    hasSanityCli,
-    hasEnvFile: !!envFile,
-    hasSanityDep
-  };
+async function getPackages(repoInfo, bearerToken) {
+  const headers = {};
+  return bearerToken && (headers.Authorization = `Bearer ${bearerToken}`), templateValidator.getMonoRepo(getGitHubRawContentUrl(repoInfo), headers);
 }
 async function validateRemoteTemplate(repoInfo, packages = [""], bearerToken) {
-  const { username, name, branch, filePath } = repoInfo, baseUrl = `https://raw.githubusercontent.com/${username}/${name}/${branch}/${filePath}`, headers = {};
+  const headers = {};
   bearerToken && (headers.Authorization = `Bearer ${bearerToken}`);
-  const validations = await Promise.all(
-    packages.map((pkg) => validatePackage(baseUrl, pkg, headers))
-  );
-  if (!validations.some((v) => v.hasSanityDep))
-    throw new Error('At least one package must include "sanity" as a dependency in package.json');
-  if (!validations.some((v) => v.hasSanityConfig))
-    throw new Error("At least one package must include a sanity.config.js or sanity.config.ts file");
-  if (!validations.some((v) => v.hasSanityCli))
-    throw new Error("At least one package must include a sanity.cli.js or sanity.cli.ts file");
-  const missingEnvPackages = packages.filter((pkg, i) => !validations[i].hasEnvFile);
-  if (missingEnvPackages.length > 0)
-    throw new Error(
-      `The following packages are missing .env.template, .env.example, or .env.local.example files: ${missingEnvPackages.join(
-        ", "
-      )}`
-    );
+  const result = await templateValidator.validateSanityTemplate(getGitHubRawContentUrl(repoInfo), packages, headers);
+  if (!result.isValid)
+    throw new Error(result.errors.join(`
+`));
 }
 async function checkNeedsReadToken(root2) {
   try {
     const templatePath = await Promise.any(
-      ENV_TEMPLATE_FILES.map(async (file) => (await fs.access(path$3.join(root2, file)), file))
+      templateValidator.ENV_TEMPLATE_FILES.map(async (file) => (await fs.access(path$3.join(root2, file)), file))
     );
     return (await fs.readFile(path$3.join(root2, templatePath), "utf8")).includes(ENV_VAR.READ_TOKEN);
   } catch {
@@ -26818,7 +26713,7 @@ async function checkNeedsReadToken(root2) {
 }
 async function applyEnvVariables(root2, envData, targetName = ".env") {
   const templatePath = await Promise.any(
-    ENV_TEMPLATE_FILES.map(async (file) => (await fs.access(path$3.join(root2, file)), file))
+    templateValidator.ENV_TEMPLATE_FILES.map(async (file) => (await fs.access(path$3.join(root2, file)), file))
   ).catch(() => {
     throw new Error("Could not find .env.template, .env.example or .env.local.example file");
   });
@@ -26865,6 +26760,17 @@ async function generateSanityApiReadToken(label, projectId, apiClient) {
     }
   })).key;
 }
+async function setCorsOrigin(origin, projectId, apiClient) {
+  try {
+    await apiClient({ api: { projectId } }).request({
+      method: "POST",
+      url: "/cors",
+      body: { origin, allowCredentials: !1 }
+    });
+  } catch (error2) {
+    loadEnv.debug("Failed to set CORS origin", error2);
+  }
+}
 function canLaunchBrowser() {
   return ["win32", "darwin"].includes(os__default.default.platform()) ? !0 : !!(process.env.XDG_CURRENT_DESKTOP || process.env.GDMSESSION);
 }
@@ -47029,6 +46935,55 @@ ${chalk__default.default.yellow("\u26A0")} File "${filePath}" already exists, sk
 function toTypeScriptPath(originalPath) {
   return originalPath.replace(/\.js$/, ".ts");
 }
+const portMap = {
+  nextjs: 3e3,
+  blitzjs: 3e3,
+  gatsby: 8e3,
+  remix: 3e3,
+  astro: 3e3,
+  hexo: 4e3,
+  eleventy: 8080,
+  docusaurus: 3e3,
+  "docusaurus-2": 3e3,
+  preact: 8080,
+  solidstart: 3e3,
+  "solidstart-1": 3e3,
+  dojo: 3e3,
+  ember: 4200,
+  vue: 8080,
+  scully: 1668,
+  "ionic-angular": 4200,
+  angular: 4200,
+  polymer: 8081,
+  svelte: 5e3,
+  sveltekit: 5173,
+  "sveltekit-1": 5173,
+  "ionic-react": 3e3,
+  "create-react-app": 3e3,
+  gridsome: 8080,
+  umijs: 8e3,
+  saber: 3e3,
+  stencil: 3333,
+  nuxtjs: 3e3,
+  redwoodjs: 8910,
+  hugo: 1313,
+  jekyll: 4e3,
+  brunch: 3333,
+  middleman: 4567,
+  zola: 1111,
+  hydrogen: 3e3,
+  vite: 5173,
+  vitepress: 5173,
+  vuepress: 8080,
+  parcel: 1234,
+  fasthtml: 8e3,
+  sanity: 3333,
+  "sanity-v3": 3333,
+  storybook: 6006
+};
+function getDefaultPortForFramework(frameworkSlug) {
+  return portMap[frameworkSlug ?? ""] ?? 3e3;
+}
 var braceExpansionExports = requireBraceExpansion(), expand$2 = /* @__PURE__ */ loadEnv.getDefaultExportFromCjs(braceExpansionExports);
 const MAX_PATTERN_LENGTH = 1024 * 64, assertValidPattern = (pattern) => {
   if (typeof pattern != "string")
@@ -51896,7 +51851,7 @@ const INITIAL_COMMIT_MESSAGE = "Initial commit from Sanity CLI";
 async function bootstrapRemoteTemplate(opts, context) {
   const { outputPath, repoInfo, bearerToken, variables, packageName } = opts, { output, apiClient } = context, name = [repoInfo.username, repoInfo.name, repoInfo.filePath].filter(Boolean).join("/"), spinner = output.spinner(`Bootstrapping files from template "${name}"`).start();
   loadEnv.debug("Validating remote template");
-  const packages = await getMonoRepo(repoInfo, bearerToken);
+  const packages = await getPackages(repoInfo, bearerToken);
   await validateRemoteTemplate(repoInfo, packages, bearerToken), loadEnv.debug('Create new directory "%s"', outputPath), await fs.mkdir(outputPath, { recursive: !0 }), loadEnv.debug("Downloading and extracting repo to %s", outputPath), await downloadAndExtractRepo(outputPath, repoInfo, bearerToken), loadEnv.debug("Checking if template needs read token");
   const needsReadToken = await Promise.all(
     (packages ?? [""]).map((pkg) => checkNeedsReadToken(path$3.join(outputPath, pkg)))
@@ -51904,10 +51859,12 @@ async function bootstrapRemoteTemplate(opts, context) {
   loadEnv.debug("Applying environment variables");
   const readToken = needsReadToken ? await generateSanityApiReadToken("API Read Token", variables.projectId, apiClient) : void 0;
   for (const pkg of packages ?? [""]) {
-    const packagePath = path$3.join(outputPath, pkg), envName = (await distExports.detectFrameworkRecord({
+    const packagePath = path$3.join(outputPath, pkg), packageFramework = await distExports.detectFrameworkRecord({
       fs: new distExports.LocalFileSystemDetector(packagePath),
       frameworkList: frameworksExports.frameworks
-    }))?.slug === "nextjs" ? ".env.local" : ".env";
+    }), port = getDefaultPortForFramework(packageFramework?.slug);
+    loadEnv.debug("Setting CORS origin to http://localhost:%d", port), await setCorsOrigin(`http://localhost:${port}`, variables.projectId, apiClient), loadEnv.debug("Applying environment variables to %s", pkg);
+    const envName = packageFramework?.slug === "nextjs" ? ".env.local" : ".env";
     await applyEnvVariables(packagePath, { ...variables, readToken }, envName);
   }
   loadEnv.debug("Setting package name to %s", packageName), await tryApplyPackageName(outputPath, packageName), loadEnv.debug("Initializing git repository"), tryGitInit(outputPath, INITIAL_COMMIT_MESSAGE), loadEnv.debug("Updating initial template metadata"), await updateInitialTemplateMetadata(apiClient, variables.projectId, `external-${name}`), spinner.succeed();
@@ -55825,20 +55782,20 @@ var cliOutputter = {
   print(...args) {
     console.log(...args);
   },
-  success(...args) {
-    console.log(`${SYMBOL_CHECK} ${args.join(" ")}`);
+  success(firstPartOfMessage, ...args) {
+    console.log(`${SYMBOL_CHECK} ${firstPartOfMessage}`, ...args);
   },
-  warn(...args) {
-    console.warn(`${SYMBOL_WARN} ${args.join(" ")}`);
+  warn(firstPartOfMessage, ...args) {
+    console.warn(`${SYMBOL_WARN} ${firstPartOfMessage}`, ...args);
   },
-  error(...args) {
-    args[0] instanceof Error ? console.error(`${SYMBOL_FAIL} ${chalk__default.default.red(args[0].stack)}`) : console.error(`${SYMBOL_FAIL} ${args.join(" ")}`);
+  error(firstPartOfMessage, ...args) {
+    firstPartOfMessage instanceof Error ? console.error(`${SYMBOL_FAIL} ${chalk__default.default.red(firstPartOfMessage.stack)}`) : console.error(`${SYMBOL_FAIL} ${firstPartOfMessage}`, ...args);
   },
   clear: () => {
     process.stdout.write(isFirstClear ? "\x1Bc" : "\x1B[2J\x1B[0f"), isFirstClear = !1;
   },
   spinner(options2) {
-    const spinner = ora({ ...options2, spinner: "dots" });
+    const spinner = ora(options2);
     return spinner.succeed = (text) => spinner.stopAndPersist({ text, symbol: SYMBOL_CHECK }), spinner.warn = (text) => spinner.stopAndPersist({ text, symbol: SYMBOL_WARN }), spinner.fail = (text) => spinner.stopAndPersist({ text, symbol: SYMBOL_FAIL }), spinner;
   }
 }, inquirer$1 = { exports: {} }, escapeStringRegexp$1, hasRequiredEscapeStringRegexp$1;