@sanity/client 6.28.3 → 6.28.4-beta.0

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@sanity/client",
-  "version": "6.28.3",
+  "version": "6.28.4-beta.0",
   "description": "Client for retrieving, creating and patching data from Sanity.io",
   "keywords": [
     "sanity",

package/src/config.ts

@@ -122,7 +122,15 @@ export const initConfig = (
   const isBrowser = typeof window !== 'undefined' && window.location && window.location.hostname
   const isLocalhost = isBrowser && isLocal(window.location.hostname)
 
-  if (isBrowser && isLocalhost && newConfig.token && newConfig.ignoreBrowserTokenWarning !== true) {
+  const hasToken = Boolean(newConfig.token)
+  let withCredentials = Boolean(newConfig.withCredentials)
+
+  if (withCredentials && hasToken) {
+    warnings.printCredentialedTokenWarning()
+    withCredentials = false
+  }
+
+  if (isBrowser && isLocalhost && hasToken && newConfig.ignoreBrowserTokenWarning !== true) {
     warnings.printBrowserTokenWarning()
   } else if (typeof newConfig.useCdn === 'undefined') {
     warnings.printCdnWarning()
@@ -146,12 +154,12 @@ export const initConfig = (
   newConfig.apiVersion = `${newConfig.apiVersion}`.replace(/^v/, '')
   newConfig.isDefaultApi = newConfig.apiHost === defaultConfig.apiHost
 
-  if (newConfig.useCdn === true && newConfig.withCredentials) {
+  if (newConfig.useCdn === true && withCredentials) {
     warnings.printCdnAndWithCredentialsWarning()
   }
 
   // If `useCdn` is undefined, we treat it as `true`
-  newConfig.useCdn = newConfig.useCdn !== false && !newConfig.withCredentials
+  newConfig.useCdn = newConfig.useCdn !== false && !withCredentials
 
   validateApiVersion(newConfig.apiVersion)
 

package/src/data/listen.ts

@@ -84,7 +84,7 @@ export function _listen<R extends Record<string, Any> = Record<string, Any>>(
   const listenFor = options.events ? options.events : ['mutation']
 
   const esOptions: EventSourceInit & {headers?: Record<string, string>} = {}
-  if (token || withCredentials) {
+  if (withCredentials) {
     esOptions.withCredentials = true
   }
 

package/src/http/requestOptions.ts

@@ -18,7 +18,7 @@ export function requestOptions(config: Any, overrides: Any = {}): Omit<RequestOp
 
   const withCredentials = Boolean(
     typeof overrides.withCredentials === 'undefined'
-      ? config.token || config.withCredentials
+      ? config.withCredentials
       : overrides.withCredentials,
   )
 

package/src/util/shareReplayLatest.ts

@@ -62,7 +62,10 @@ function _shareReplayLatest<T>(config: ShareReplayLatestConfig<T>): MonoTypeOper
     )
     const emitLatest = new Observable<T>((subscriber) => {
       if (emitted) {
-        subscriber.next(latest)
+        subscriber.next(
+          // this cast is safe because of the emitted check which asserts that we got T from the source
+          latest as T,
+        )
       }
       subscriber.complete()
     })

package/src/warnings.ts

@@ -33,6 +33,11 @@ export const printBrowserTokenWarning = createWarningPrinter([
   )} for more information and how to hide this warning.`,
 ])
 
+export const printCredentialedTokenWarning = createWarningPrinter([
+  'You have configured Sanity client to use a token, but also provided `withCredentials: true`.',
+  'This is no longer supported - only token will be used - remove `withCredentials: true`.',
+])
+
 export const printNoApiVersionSpecifiedWarning = createWarningPrinter([
   'Using the Sanity client without specifying an API version is deprecated.',
   `See ${generateHelpUrl('js-client-api-version')}`,

package/umd/sanityClient.js

@@ -1465,11 +1465,13 @@
       return !!obj && (obj instanceof Observable || (isFunction(obj.lift) && isFunction(obj.subscribe)));
   }
 
-  var EmptyError = createErrorClass(function (_super) { return function EmptyErrorImpl() {
-      _super(this);
-      this.name = 'EmptyError';
-      this.message = 'no elements in sequence';
-  }; });
+  var EmptyError = createErrorClass(function (_super) {
+      return function EmptyErrorImpl() {
+          _super(this);
+          this.name = 'EmptyError';
+          this.message = 'no elements in sequence';
+      };
+  });
 
   function lastValueFrom(source, config) {
       return new Promise(function (resolve, reject) {
@@ -2086,6 +2088,9 @@
     `See ${generateHelpUrl(
     "js-client-browser-token"
   )} for more information and how to hide this warning.`
+  ]), printCredentialedTokenWarning = createWarningPrinter([
+    "You have configured Sanity client to use a token, but also provided `withCredentials: true`.",
+    "This is no longer supported - only token will be used - remove `withCredentials: true`."
   ]), printNoApiVersionSpecifiedWarning = createWarningPrinter([
     "Using the Sanity client without specifying an API version is deprecated.",
     `See ${generateHelpUrl("js-client-api-version")}`
@@ -2156,8 +2161,9 @@
       throw new Error(
         `stega.studioUrl must be a string or a function, received ${newConfig.stega.studioUrl}`
       );
-    const isBrowser = typeof window < "u" && window.location && window.location.hostname, isLocalhost = isBrowser && isLocal(window.location.hostname);
-    isBrowser && isLocalhost && newConfig.token && newConfig.ignoreBrowserTokenWarning !== true ? printBrowserTokenWarning() : typeof newConfig.useCdn > "u" && printCdnWarning(), projectBased && projectId(newConfig.projectId), newConfig.dataset && dataset(newConfig.dataset), "requestTagPrefix" in newConfig && (newConfig.requestTagPrefix = newConfig.requestTagPrefix ? requestTag(newConfig.requestTagPrefix).replace(/\.+$/, "") : void 0), newConfig.apiVersion = `${newConfig.apiVersion}`.replace(/^v/, ""), newConfig.isDefaultApi = newConfig.apiHost === defaultConfig.apiHost, newConfig.useCdn === true && newConfig.withCredentials && printCdnAndWithCredentialsWarning(), newConfig.useCdn = newConfig.useCdn !== false && !newConfig.withCredentials, validateApiVersion(newConfig.apiVersion);
+    const isBrowser = typeof window < "u" && window.location && window.location.hostname, isLocalhost = isBrowser && isLocal(window.location.hostname), hasToken = !!newConfig.token;
+    let withCredentials = !!newConfig.withCredentials;
+    withCredentials && hasToken && (printCredentialedTokenWarning(), withCredentials = false), isBrowser && isLocalhost && hasToken && newConfig.ignoreBrowserTokenWarning !== true ? printBrowserTokenWarning() : typeof newConfig.useCdn > "u" && printCdnWarning(), projectBased && projectId(newConfig.projectId), newConfig.dataset && dataset(newConfig.dataset), "requestTagPrefix" in newConfig && (newConfig.requestTagPrefix = newConfig.requestTagPrefix ? requestTag(newConfig.requestTagPrefix).replace(/\.+$/, "") : void 0), newConfig.apiVersion = `${newConfig.apiVersion}`.replace(/^v/, ""), newConfig.isDefaultApi = newConfig.apiHost === defaultConfig.apiHost, newConfig.useCdn === true && withCredentials && printCdnAndWithCredentialsWarning(), newConfig.useCdn = newConfig.useCdn !== false && !withCredentials, validateApiVersion(newConfig.apiVersion);
     const hostParts = newConfig.apiHost.split("://", 2), protocol = hostParts[0], host = hostParts[1], cdnHost = newConfig.isDefaultApi ? defaultCdnHost : host;
     return newConfig.useProjectHostname ? (newConfig.url = `${protocol}://${newConfig.projectId}.${host}/v${newConfig.apiVersion}`, newConfig.cdnUrl = `${protocol}://${newConfig.projectId}.${cdnHost}/v${newConfig.apiVersion}`) : (newConfig.url = `${newConfig.apiHost}/v${newConfig.apiVersion}`, newConfig.cdnUrl = newConfig.url), newConfig;
   };
@@ -2605,7 +2611,7 @@ ${selectionOpts}`);
   function requestOptions(config, overrides = {}) {
     const headers = {}, token = overrides.token || config.token;
     token && (headers.Authorization = `Bearer ${token}`), !overrides.useGlobalApi && !config.useProjectHostname && config.projectId && (headers[projectHeader] = config.projectId);
-    const withCredentials = !!(typeof overrides.withCredentials > "u" ? config.token || config.withCredentials : overrides.withCredentials), timeout = typeof overrides.timeout > "u" ? config.timeout : overrides.timeout;
+    const withCredentials = !!(typeof overrides.withCredentials > "u" ? config.withCredentials : overrides.withCredentials), timeout = typeof overrides.timeout > "u" ? config.timeout : overrides.timeout;
     return Object.assign({}, overrides, {
       headers: Object.assign({}, headers, overrides.headers || {}),
       timeout: typeof timeout > "u" ? 5 * 60 * 1e3 : timeout,
@@ -2915,7 +2921,7 @@ ${selectionOpts}`);
     if (uri.length > MAX_URL_LENGTH)
       return throwError(() => new Error("Query too large for listener"));
     const listenFor = options.events ? options.events : ["mutation"], esOptions = {};
-    return (token || withCredentials) && (esOptions.withCredentials = true), token && (esOptions.headers = {
+    return withCredentials && (esOptions.withCredentials = true), token && (esOptions.headers = {
       Authorization: `Bearer ${token}`
     }), connectEventSource(() => (
       // use polyfill if there is no global EventSource or if we need to set headers
@@ -2948,7 +2954,10 @@ ${selectionOpts}`);
         }),
         share(shareConfig)
       ), emitLatest = new Observable((subscriber) => {
-        emitted && subscriber.next(latest), subscriber.complete();
+        emitted && subscriber.next(
+          // this cast is safe because of the emitted check which asserts that we got T from the source
+          latest
+        ), subscriber.complete();
       });
       return merge(wrapped, emitLatest);
     };