@usesocial/cli 0.11.0 → 0.11.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/CHANGELOG.md CHANGED
@@ -1,5 +1,11 @@
1
1
  # @usesocial/cli
2
2
 
3
+ ## 0.11.1
4
+
5
+ ### Patch Changes
6
+
7
+ - [#45](https://github.com/usesocial/monorepo/pull/45) [`940ff35`](https://github.com/usesocial/monorepo/commit/940ff356c07cd1f1a01be059b022eafcb5a82a1b) Thanks [@CyrusNuevoDia](https://github.com/CyrusNuevoDia)! - Create the server-side CLI session grant after non-TTY device login approval so read/write device sessions are not reported locally as write-capable while the API still treats them as read-only.
8
+
3
9
  ## 0.11.0
4
10
 
5
11
  ### Minor Changes
package/dist/index.mjs CHANGED
@@ -21414,7 +21414,7 @@ function createEnv(opts) {
21414
21414
  }
21415
21415
  //#endregion
21416
21416
  //#region package.json
21417
- var version$1 = "0.11.0";
21417
+ var version$1 = "0.11.1";
21418
21418
  //#endregion
21419
21419
  //#region src/lib/env.ts
21420
21420
  const URLWithTrailingSlash = url().transform(ensureTrailingSlash);
@@ -28783,13 +28783,16 @@ const errorOutput = (error) => ({
28783
28783
  const isInteractiveTerminal = () => process.stdin.isTTY === true && process.stdout.isTTY === true;
28784
28784
  const nextCommands = ["social account connect linkedin", "social account connect x"];
28785
28785
  const deviceExpiredMessage = "Sign-in expired before approval. Run `social account login` again to restart.";
28786
+ const scopeUpgradeRequiresReauthorization = "Existing CLI session is read-only. Run `social account logout`, then `social account login` to approve a new write-capable session.";
28787
+ const scopeAliasIncludes = (granted, requested) => granted === requested || granted === "read,write";
28786
28788
  /**
28787
28789
  * Drive one step of the non-TTY device-authorization login and map it onto the
28788
28790
  * login output union. The first call starts the device flow and returns
28789
28791
  * `pending_approval`; later calls poll until `logged_in` or `expired`.
28790
28792
  */
28791
- const deviceLoginOutput = async (loginArgs) => {
28792
- const state = await advanceDeviceLogin(parseScopeAlias(loginArgs.scope));
28793
+ const deviceLoginOutput = async (client, loginArgs) => {
28794
+ const scope = parseScopeAlias(loginArgs.scope);
28795
+ const state = await advanceDeviceLogin(scope);
28793
28796
  switch (state.status) {
28794
28797
  case "pending_approval": return {
28795
28798
  status: "pending_approval",
@@ -28801,7 +28804,10 @@ const deviceLoginOutput = async (loginArgs) => {
28801
28804
  };
28802
28805
  case "logged_in": return {
28803
28806
  status: "logged_in",
28804
- account: state.account,
28807
+ account: {
28808
+ ...state.account,
28809
+ scope: (await client.cli.session.upsert({ scopeAlias: scope })).scopeAlias
28810
+ },
28805
28811
  nextCommands
28806
28812
  };
28807
28813
  case "expired": return {
@@ -28891,23 +28897,30 @@ const loginCommand = defineCommand({
28891
28897
  try {
28892
28898
  const client = createORPCAPIClient();
28893
28899
  const existing = await readExistingAuthSession(client);
28894
- if (existing.kind === "existing") if (billingReady(await client.billing.status())) output = alreadyLoggedInOutput(existing.session);
28895
- else if (isInteractiveTerminal()) output = await runLogin({
28896
- ui: createUI(true),
28897
- client,
28898
- args: loginArgs
28899
- }, [{
28900
- name: "seat",
28901
- run: seatPhase
28902
- }], { authenticated: true });
28903
- else output = alreadyLoggedInOutput(existing.session);
28904
- else if (existing.kind === "offline") output = offlineOutput();
28900
+ if (existing.kind === "existing") {
28901
+ const requestedScope = parseScopeAlias(loginArgs.scope);
28902
+ if (!scopeAliasIncludes(existing.session.session.scope, requestedScope)) output = {
28903
+ status: "error",
28904
+ code: "scope_upgrade_requires_reauthorization",
28905
+ message: scopeUpgradeRequiresReauthorization
28906
+ };
28907
+ else if (billingReady(await client.billing.status())) output = alreadyLoggedInOutput(existing.session);
28908
+ else if (isInteractiveTerminal()) output = await runLogin({
28909
+ ui: createUI(true),
28910
+ client,
28911
+ args: loginArgs
28912
+ }, [{
28913
+ name: "seat",
28914
+ run: seatPhase
28915
+ }], { authenticated: true });
28916
+ else output = alreadyLoggedInOutput(existing.session);
28917
+ } else if (existing.kind === "offline") output = offlineOutput();
28905
28918
  else if (isInteractiveTerminal()) output = await runLogin({
28906
28919
  ui: createUI(true),
28907
28920
  client,
28908
28921
  args: loginArgs
28909
28922
  });
28910
- else output = await deviceLoginOutput(loginArgs);
28923
+ else output = await deviceLoginOutput(client, loginArgs);
28911
28924
  } catch (error) {
28912
28925
  output = errorOutput(error);
28913
28926
  exitCode = exitCodeFor(error);