@xh/hoist 64.0.0 → 64.0.3

package/CHANGELOG.md

@@ -1,5 +1,29 @@
 # Changelog
 
+## 64.0.3 - 2024-05-31
+
+### 🐞 Bug Fixes
+
+* Restore disabling of Blueprint animations on popovers and tooltips (corrects regression in v63.0.0)
+
+### ⚙️ Technical
+
+* Adjustments to API of (beta) `BaseOAuthClient`, `MsaClient`, and `AuthZeroClient`.
+
+## 64.0.2 - 2024-05-23
+
+### ⚙️ Technical
+
+* Adjustments to API of (beta) `BaseOAuthClient`.
+* `FetchService.addDefaultHeaders()` now supports async functions.
+
+## 64.0.1 - 2024-05-19
+
+### ⚙️ Technical
+
+* Adjustments to loading of ID Tokens and API of `BaseOAuthClient`.  (Note that
+  this package remains in Beta for v64 and is subject to change.)
+
 ## 64.0.0 - 2024-05-17
 
 ### 💥 Breaking Changes (upgrade difficulty: 🟠 MEDIUM - major Hoist Core = AG Grid updates)

package/admin/tabs/monitor/MonitorTab.ts

@@ -13,6 +13,7 @@ import {relativeTimestamp} from '@xh/hoist/cmp/relativetimestamp';
 import {creates, hoistCmp, XH} from '@xh/hoist/core';
 import {button} from '@xh/hoist/desktop/cmp/button';
 import {errorMessage} from '@xh/hoist/desktop/cmp/error';
+import {switchInput} from '@xh/hoist/desktop/cmp/input';
 import {panel} from '@xh/hoist/desktop/cmp/panel';
 import {toolbar, toolbarSep} from '@xh/hoist/desktop/cmp/toolbar';
 import {Icon} from '@xh/hoist/icon';
@@ -75,6 +76,11 @@ const tbar = hoistCmp.factory<MonitorTabModel>(({model}) => {
             icon: Icon.gear(),
             onClick: () => (model.showEditorDialog = true)
         }),
+        '-',
+        switchInput({
+            label: 'Show inactive',
+            bind: 'showInactive'
+        }),
         hbox({
             className: getClassName(!failed),
             items: [

package/admin/tabs/monitor/MonitorTabModel.ts

@@ -5,7 +5,7 @@
  * Copyright © 2024 Extremely Heavy Industries Inc.
  */
 import {MonitorResults, MonitorStatus} from '@xh/hoist/admin/tabs/monitor/Types';
-import {HoistModel, LoadSpec, managed, XH} from '@xh/hoist/core';
+import {HoistModel, LoadSpec, managed, persist, XH} from '@xh/hoist/core';
 import {Icon} from '@xh/hoist/icon';
 import {action, bindable, computed, makeObservable, observable} from '@xh/hoist/mobx';
 import {Timer} from '@xh/hoist/utils/async';
@@ -14,10 +14,13 @@ import {pluralize} from '@xh/hoist/utils/js';
 import {filter, isEqual, minBy, sortBy} from 'lodash';
 
 export class MonitorTabModel extends HoistModel {
+    override persistWith = {localStorageKey: 'xhAdminClientMonitorState'};
+
     @observable.ref results: MonitorResults[] = [];
     @observable lastRun: number = null;
     @managed timer: Timer = null;
 
+    @bindable @persist showInactive = false;
     @bindable showEditorDialog = false;
 
     @computed
@@ -55,11 +58,17 @@ export class MonitorTabModel extends HoistModel {
     constructor() {
         super();
         makeObservable(this);
+
         this.timer = Timer.create({
             runFn: () => this.autoRefreshAsync(),
             interval: 5 * SECONDS,
             delay: true
         });
+
+        this.addReaction({
+            track: () => this.showInactive,
+            run: () => this.refreshAsync()
+        });
     }
 
     override async doLoadAsync(loadSpec: LoadSpec) {
@@ -88,6 +97,10 @@ export class MonitorTabModel extends HoistModel {
     //-------------------
     @action
     private installResults(results: MonitorResults[]) {
+        if (!this.showInactive) {
+            results = results.filter(it => it.status !== 'INACTIVE');
+        }
+
         const prevCounts = this.countsByStatus;
         this.results = sortBy(results, 'sortOrder');
         this.lastRun = minBy(results, 'dateComputed')?.dateComputed ?? null;

package/appcontainer/AppContainerModel.ts

@@ -161,7 +161,7 @@ export class AppContainerModel extends HoistModel {
         }
 
         try {
-            await installServicesAsync([FetchService, LocalStorageService]);
+            await installServicesAsync([FetchService]);
 
             // consult (optional) pre-auth init for app
             const modelClass: any = this.appSpec.modelClass;
@@ -205,7 +205,7 @@ export class AppContainerModel extends HoistModel {
 
             // Complete initialization process
             this.setAppState('INITIALIZING');
-            await installServicesAsync([ConfigService]);
+            await installServicesAsync([ConfigService, LocalStorageService]);
             await installServicesAsync(TrackService);
             await installServicesAsync([EnvironmentService, PrefService, JsonBlobService]);
 

package/build/types/admin/tabs/monitor/MonitorTabModel.d.ts

@@ -2,9 +2,13 @@ import { MonitorResults, MonitorStatus } from '@xh/hoist/admin/tabs/monitor/Type
 import { HoistModel, LoadSpec } from '@xh/hoist/core';
 import { Timer } from '@xh/hoist/utils/async';
 export declare class MonitorTabModel extends HoistModel {
+    persistWith: {
+        localStorageKey: string;
+    };
     results: MonitorResults[];
     lastRun: number;
     timer: Timer;
+    showInactive: boolean;
     showEditorDialog: boolean;
     get passed(): number;
     get warned(): number;

package/build/types/core/types/Types.d.ts

@@ -15,6 +15,7 @@ export type HAlign = 'left' | 'right' | 'center';
 export type VAlign = 'top' | 'bottom' | 'center';
 /** Convenience type for common pattern of accepting a single T, or an array of Ts. */
 export type Some<T> = T | T[];
+export type NonEmptyArray<T> = [T, ...T[]];
 export type Thunkable<T> = T | (() => T);
 export type Awaitable<T> = Promise<T> | T;
 /** Convenience type for a "plain", string-keyed object holding any kind of values. */

package/build/types/security/BaseOAuthClient.d.ts

@@ -1,6 +1,7 @@
-import { BannerSpec, HoistBase, PlainObject } from '@xh/hoist/core';
-import { TokenInfo } from '@xh/hoist/security/TokenInfo';
-export interface BaseOAuthClientConfig {
+import { HoistBase } from '@xh/hoist/core';
+import { Token, TokenMap } from '@xh/hoist/security/Token';
+export type LoginMethod = 'REDIRECT' | 'POPUP';
+export interface BaseOAuthClientConfig<S> {
     /** Client ID (GUID) of your app registered with your Oauth provider. */
     clientId: string;
     /**
@@ -15,20 +16,31 @@ export interface BaseOAuthClientConfig {
      */
     postLogoutRedirectUrl?: 'APP_BASE_URL' | string;
     /** The method used for logging in on desktop. Default is 'REDIRECT'. */
-    loginMethodDesktop?: 'REDIRECT' | 'POPUP';
+    loginMethodDesktop?: LoginMethod;
     /** The method used for logging in on mobile. Default is 'REDIRECT'. */
-    loginMethodMobile?: 'REDIRECT' | 'POPUP';
+    loginMethodMobile?: LoginMethod;
     /**
-     * When the remaining token lifetime is below this threshold, try to refresh the token.
-     * Should be substantially shorter than the lifetime of the tokens, but long enough so that
-     * there is ample time to complete the refresh, including retries.  Default is 10 minutes.
+     * Governs an optional refresh timer that will work to keep the tokens fresh.
+     *
+     * A typical refresh will use the underlying provider cache, and should not result in
+     * network activity. However, if any token lifetime falls below`autoRefreshSkipCacheSecs`,
+     * this client will force a call to the underlying provider to get the token.
+     *
+     * In order to allow aging tokens to be replaced in a timely manner, this value should be
+     * significantly shorter than both the minimum token lifetime that will be
+     * returned by the underlying API and `autoRefreshSkipCacheSecs`.
+     *
+     * Default is -1, disabling this behavior.
      */
-    tokenRefreshThresholdMins?: number;
+    autoRefreshSecs?: number;
     /**
-     * Governs how frequently we attempt to refresh aging tokens. Should be short enough to allow
-     * multiple attempts during `tokenRefreshThresholdMins`. Default is 30 seconds.
+     * During auto-refresh, if the remaining lifetime for any token is below this threshold,
+     * force the provider to skip the local cache and go directly to the underlying provider for
+     * new tokens and refresh tokens.
+     *
+     * Default is -1, disabling this behavior.
      */
-    tokenRefreshCheckSecs?: number;
+    autoRefreshSkipCacheSecs?: number;
     /**
      * Scopes to request - if any - beyond the core `['openid', 'email']` scopes, which
      * this client will always request.
@@ -44,17 +56,12 @@ export interface BaseOAuthClientConfig {
      *
      * Use this map to gain targeted access tokens for different back-end resources.
      */
-    accessTokens?: Record<string, PlainObject>;
-    /**
-     * True to display a warning banner to the user if tokens expire. May be specified as a boolean
-     * or a partial banner spec. Defaults to false.
-     */
-    expiryWarning?: boolean | Partial<BannerSpec>;
+    accessTokens?: Record<string, S>;
 }
 /**
  * Implementations of this class coordinate OAuth-based login and token provision. Apps can use a
- * suitable concrete implementation to power a client-side OauthService - see Toolbox for an
- * example using `Auth0Client`.
+ * suitable concrete implementation to power a client-side OauthService. See `MsalClient` and
+ * `AuthZeroClient`
  *
  * Initialize such a service and this client within the `preAuthInitAsync()` lifecycle method of
  * `AppModel` to use the tokens it acquires to authenticate with the Hoist server. (Note this
@@ -62,42 +69,62 @@ export interface BaseOAuthClientConfig {
  * actually resolve the user.) On init, the client implementation will initiate a pop-up or redirect
  * flow as necessary.
  */
-export declare abstract class BaseOAuthClient<T extends BaseOAuthClientConfig> extends HoistBase {
+export declare abstract class BaseOAuthClient<C extends BaseOAuthClientConfig<S>, S> extends HoistBase {
     /** Config loaded from UI server + init method. */
-    protected config: T;
-    /** Scopes */
+    protected config: C;
+    /** Id Scopes */
     protected idScopes: string[];
-    protected _idToken: TokenInfo;
-    protected _accessTokens: Record<string, TokenInfo>;
+    /** Specification for Access Tokens **/
+    protected accessSpecs: Record<string, S>;
     private timer;
-    private expiryWarningDisplayed;
     private lastRefreshAttempt;
     private TIMER_INTERVAL;
-    /**
-     * ID token in JWT format. Observable.
-     */
-    get idToken(): string;
-    /**
-     * Get a configured Access token in JWT format. Observable.
-     */
-    getAccessToken(key: string): string;
-    constructor(config: T);
+    constructor(config: C);
     /**
      * Main entry point for this object.
      */
     initAsync(): Promise<void>;
+    /**
+     * Request an interactive login with the underlying OAuth provider.
+     */
+    loginAsync(method?: LoginMethod): Promise<void>;
     /**
      * Request a full logout from the underlying OAuth provider.
      */
     logoutAsync(): Promise<void>;
-    protected abstract doInitAsync(): Promise<void>;
+    /**
+     * Get an ID token.
+     */
+    getIdTokenAsync(): Promise<Token>;
+    /**
+     * Get a Access token.
+     */
+    getAccessTokenAsync(key: string): Promise<Token>;
+    /**
+     * Get all available tokens.
+     */
+    getAllTokensAsync(): Promise<TokenMap>;
+    /**
+     * The last authenticated OAuth username.
+     *
+     * Provided to facilitate more efficient re-login via SSO or otherwise.  Cleared on logout.
+     * Note: not necessarily a currently authenticated user, and not necessarily the Hoist username.
+     */
+    getSelectedUsername(): string;
+    /**
+     *  Set the last authenticated OAuth username.
+     *  See `getSelectedUsername()`.
+     */
+    setSelectedUsername(username: string): void;
+    protected abstract doInitAsync(): Promise<TokenMap>;
+    protected abstract doLoginPopupAsync(): Promise<void>;
+    protected abstract doLoginRedirectAsync(): Promise<void>;
+    protected abstract fetchIdTokenAsync(useCache: boolean): Promise<Token>;
+    protected abstract fetchAccessTokenAsync(spec: S, useCache: boolean): Promise<Token>;
     protected abstract doLogoutAsync(): Promise<void>;
-    protected abstract getIdTokenAsync(useCache: boolean): Promise<string>;
-    protected abstract getAccessTokenAsync(spec: PlainObject, useCache: boolean): Promise<string>;
     protected get redirectUrl(): string;
     protected get postLogoutRedirectUrl(): string;
-    protected get loginMethod(): 'REDIRECT' | 'POPUP';
-    protected get usesRedirect(): boolean;
+    protected get loginMethod(): LoginMethod;
     protected get baseUrl(): string;
     protected popupBlockerErrorMessage: String;
     protected defaultErrorMsg: String;
@@ -114,13 +141,10 @@ export declare abstract class BaseOAuthClient<T extends BaseOAuthClientConfig> e
      * @param key - key for re-accessing this state, as round-tripped with redirect.
      */
     protected restoreRedirectState(key: string): void;
-    /**
-     * Load tokens from provider.
-     *
-     * @param useCache - true (default) to use local cache if available, or false to force a
-     *      network request to fetch a fresh token.
-     */
-    protected loadTokensAsync(useCache?: boolean): Promise<void>;
+    protected fetchAllTokensAsync(useCache?: boolean): Promise<TokenMap>;
+    protected getLocalStorage(key: string, defaultValue?: any): any;
+    protected setLocalStorage(key: string, value: any): void;
+    private fetchIdTokenSafeAsync;
     private onTimerAsync;
-    private updateWarning;
+    private logTokensDebug;
 }

package/build/types/security/Token.d.ts

@@ -0,0 +1,12 @@
+import { PlainObject } from '@xh/hoist/core';
+export type TokenMap = Record<string, Token>;
+export declare class Token {
+    readonly value: string;
+    readonly decoded: PlainObject;
+    readonly expiry: number;
+    constructor(value: string);
+    expiresWithin(interval: number): boolean;
+    get formattedExpiry(): string;
+    get forLog(): PlainObject;
+    equals(other: Token): boolean;
+}

package/build/types/security/authzero/AuthZeroClient.d.ts

@@ -1,9 +1,18 @@
-import { PlainObject } from '@xh/hoist/core';
+import { Token, TokenMap } from '@xh/hoist/security/Token';
 import { BaseOAuthClient, BaseOAuthClientConfig } from '../BaseOAuthClient';
-export interface AuthZeroClientConfig extends BaseOAuthClientConfig {
+export interface AuthZeroClientConfig extends BaseOAuthClientConfig<AuthZeroTokenSpec> {
     /** Domain of your app registered with Auth0 */
     domain: string;
-    /** Audience (i.e. API) identifier for AccessToken.  Must be registered with Auth0*/
+}
+export interface AuthZeroTokenSpec {
+    /** Scopes for the desired access token.*/
+    scopes: string[];
+    /**
+     * Audience (i.e. API) identifier for AccessToken.  Must be registered with Auth0.
+     *
+     * Note that this is required to ensure that issued token is a JWT and not
+     * an opaque string.
+     */
     audience: string;
 }
 /**
@@ -11,15 +20,20 @@ export interface AuthZeroClientConfig extends BaseOAuthClientConfig {
  * via Google, GitHub, Microsoft, and various other OAuth providers *or* via a username/password
  * combo stored and managed within Auth0's own database. Supported options will depend on the
  * configuration of your Auth0 app.
+ *
+ * Note: If developing on localhost and using Access Tokens will need to configure your browser to
+ * allow third-party cookies.
  */
-export declare class AuthZeroClient extends BaseOAuthClient<AuthZeroClientConfig> {
+export declare class AuthZeroClient extends BaseOAuthClient<AuthZeroClientConfig, AuthZeroTokenSpec> {
     private client;
-    doInitAsync(): Promise<void>;
-    getIdTokenAsync(useCache?: boolean): Promise<string>;
-    getAccessTokenAsync(spec: PlainObject, useCache?: boolean): Promise<string>;
-    doLogoutAsync(): Promise<void>;
+    protected doInitAsync(): Promise<TokenMap>;
+    protected doLoginRedirectAsync(): Promise<void>;
+    protected doLoginPopupAsync(): Promise<void>;
+    protected fetchIdTokenAsync(useCache?: boolean): Promise<Token>;
+    protected fetchAccessTokenAsync(spec: AuthZeroTokenSpec, useCache?: boolean): Promise<Token>;
+    protected doLogoutAsync(): Promise<void>;
     private createClient;
-    private completeViaRedirectAsync;
-    private completeViaPopupAsync;
     private get loginScope();
+    private returningFromRedirect;
+    private noteUserAuthenticatedAsync;
 }

package/build/types/security/authzero/index.d.ts

@@ -0,0 +1 @@
+export * from './AuthZeroClient';

package/build/types/security/msal/MsalClient.d.ts

@@ -1,7 +1,7 @@
-import { LogLevel } from '@azure/msal-common';
-import { PlainObject } from '@xh/hoist/core';
+import { LogLevel } from '@azure/msal-browser';
+import { Token, TokenMap } from '@xh/hoist/security/Token';
 import { BaseOAuthClient, BaseOAuthClientConfig } from '../BaseOAuthClient';
-export interface MsalClientConfig extends BaseOAuthClientConfig {
+export interface MsalClientConfig extends BaseOAuthClientConfig<MsalTokenSpec> {
     /** Tenant ID (GUID) of your organization */
     tenantId: string;
     /**
@@ -10,23 +10,80 @@ export interface MsalClientConfig extends BaseOAuthClientConfig {
      * MSAL Browser Lib defaults authority to "https://login.microsoftonline.com/common"
      */
     authority?: string;
-    /** The log level of MSAL. Default is LogLevel.Info (2). */
+    /**
+     * A hint about the tenant or domain that the user should use to sign in.
+     * The value of the domain hint is a registered domain for the tenant.
+     */
+    domainHint?: string;
+    /**
+     * If specified, the client will use this value when initializing the app to enforce a minimum
+     * amount of time during which no further auth flow with the provider should be necessary.
+     *
+     * Use this argument to front-load any necessary auth flow to the apps initialization stage
+     * thereby minimizing disruption to user activity during application use.
+     *
+     * This value may be set to anything up to 86400 (24 hours), the maximum lifetime
+     * of an Azure refresh token.  Set to -1 to disable (default).
+     *
+     * Note that setting to *any* non-disabled amount will require the app to do *some* communication
+     * with the login provider at *every* app load. This may just involve loading new tokens via
+     * fetch, however, setting to higher values will increase the frequency with which
+     * a new refresh token will also need to be requested via a hidden iframe/redirect/popup. This
+     * can be time-consuming and potentially disruptive and applications should therefore use with
+     * care and typically set to some value significantly less than the max.
+     *
+     * See https://github.com/AzureAD/microsoft-authentication-library-for-js/blob/dev/lib/msal-browser/docs/token-lifetimes.md
+     */
+    initRefreshTokenExpirationOffsetSecs?: number;
+    /** The log level of MSAL. Default is LogLevel.Warning. */
     msalLogLevel?: LogLevel;
 }
+export interface MsalTokenSpec {
+    /** Scopes for the desired access token. */
+    scopes: string[];
+    /**
+     * Scopes to be added to the scopes requested during interactive and SSO logins.
+     * See the `scopes` property on  `PopupRequest`, `RedirectRequest`, and `SSORequest`
+     * for more info.
+     */
+    loginScopes?: string[];
+    /**
+     * Scopes to be added to the scopes requested during interactive and SSO login.
+     *
+     * See the `extraScopesToConsent` property on  `PopupRequest`, `RedirectRequest`, and
+     * `SSORequest` for more info.
+     */
+    extraScopesToConsent?: string[];
+}
 /**
  * Service to implement OAuth authentication via MSAL.
+ *
+ * See the following helpful information relevant to our use of this tricky API --
+ * https://github.com/AzureAD/microsoft-authentication-library-for-js/blob/dev/lib/msal-browser/docs/
+ * https://github.com/AzureAD/microsoft-authentication-library-for-js/blob/dev/lib/msal-browser/docs/token-lifetimes.md
+ * https://github.com/AzureAD/microsoft-authentication-library-for-js/blob/dev/lib/msal-browser/docs/login-user.md
+ *
+ *  TODO: The handling of `ssoSilent` and `initRefreshTokenExpirationOffsetSecs` in this library
+ * require 3rd party cookies to be enabled in the browser so that MSAL can load contact in a
+ * hidden iFrame  If its *not* enabled, we may be doing extra work.  Consider checking 3rd party
+ * cookie support and adding conditional behavior?
  */
-export declare class MsalClient extends BaseOAuthClient<MsalClientConfig> {
+export declare class MsalClient extends BaseOAuthClient<MsalClientConfig, MsalTokenSpec> {
     private client;
     private account;
-    doInitAsync(): Promise<void>;
-    getIdTokenAsync(useCache?: boolean): Promise<string>;
-    getAccessTokenAsync(spec: PlainObject, useCache?: boolean): Promise<string>;
-    doLogoutAsync(): Promise<void>;
+    private initialTokenLoad;
+    constructor(config: MsalClientConfig);
+    protected doInitAsync(): Promise<TokenMap>;
+    protected doLoginPopupAsync(): Promise<void>;
+    protected doLoginRedirectAsync(): Promise<void>;
+    protected fetchIdTokenAsync(useCache?: boolean): Promise<Token>;
+    protected fetchAccessTokenAsync(spec: MsalTokenSpec, useCache?: boolean): Promise<Token>;
+    protected doLogoutAsync(): Promise<void>;
+    private loginSsoAsync;
     private createClientAsync;
-    private completeViaRedirectAsync;
-    private completeViaPopupAsync;
     private logFromMsal;
     private get loginScopes();
-    private get loginExtraScopes();
+    private get loginExtraScopesToConsent();
+    private get refreshOffsetArgs();
+    private noteUserAuthenticated;
 }

package/build/types/security/msal/index.d.ts

@@ -0,0 +1 @@
+export * from './MsalClient';

package/build/types/svc/FetchService.d.ts

@@ -1,4 +1,4 @@
-import { FetchResponse, HoistService, LoadSpec, PlainObject } from '@xh/hoist/core';
+import { Awaitable, FetchResponse, HoistService, LoadSpec, PlainObject } from '@xh/hoist/core';
 import { PromiseTimeoutSpec } from '@xh/hoist/promise';
 import { StatusCodes } from 'http-status-codes';
 import { IStringifyOptions } from 'qs';
@@ -26,19 +26,19 @@ export declare class FetchService extends HoistService {
     static instance: FetchService;
     NO_JSON_RESPONSES: StatusCodes[];
     private autoAborters;
-    defaultHeaders: (PlainObject | ((arg: FetchOptions) => PlainObject))[];
+    defaultHeaders: (PlainObject | ((arg: FetchOptions) => Awaitable<PlainObject>))[];
     defaultTimeout: any;
     /**
      * Set default headers to be sent with all subsequent requests.
      * @param headers - to be sent with all fetch requests, or a function to generate.
      * @deprecated use addDefaultHeaders instead.
      */
-    setDefaultHeaders(headers: PlainObject | ((arg: FetchOptions) => PlainObject)): void;
+    setDefaultHeaders(headers: PlainObject | ((arg: FetchOptions) => Awaitable<PlainObject>)): void;
     /**
      * Add default headers to be sent with all subsequent requests.
      * @param headers - to be sent with all fetch requests, or a function to generate.
      */
-    addDefaultHeaders(headers: PlainObject | ((arg: FetchOptions) => PlainObject)): void;
+    addDefaultHeaders(headers: PlainObject | ((arg: FetchOptions) => Awaitable<PlainObject>)): void;
     /**
      * Set the timeout (default 30 seconds) to be used for all requests made via this service that
      * do not themselves spec a custom timeout.
@@ -84,7 +84,7 @@ export declare class FetchService extends HoistService {
      * @returns false if no request pending for the given key.
      */
     abort(autoAbortKey: string): boolean;
-    private withDefaults;
+    private withDefaultsAsync;
     private managedFetchAsync;
     private fetchInternalAsync;
     private sendJsonInternalAsync;

package/core/types/Types.ts

@@ -26,6 +26,7 @@ export type VAlign = 'top' | 'bottom' | 'center';
 
 /** Convenience type for common pattern of accepting a single T, or an array of Ts. */
 export type Some<T> = T | T[];
+export type NonEmptyArray<T> = [T, ...T[]];
 
 export type Thunkable<T> = T | (() => T);
 export type Awaitable<T> = Promise<T> | T;

package/kit/blueprint/styles.scss

@@ -57,24 +57,37 @@
   background-color: var(--xh-backdrop-bg);
 }
 
-// Squelch popover scale transition - unlike Dialog with its `transitionName` prop, Popover
-// does not appear to provide a way to turn off its transition without also losing the (often
-// desirable) arrow pointing to its target. Variables below required for the include to function.
-$pt-transition-ease: cubic-bezier(0.4, 1, 0.75, 0.9) !default;
-$pt-transition-ease-bounce: cubic-bezier(0.54, 1.12, 0.38, 1.11) !default;
-$pt-transition-duration: 100ms !default;
-
-.bp5-popover {
-  // This override is taken from the popover source SCSS - there it is scoped under the minimal class.
-  // https://github.com/palantir/blueprint/blob/1bfd1e42303d2626bfc3923eec2195ab4dc696d2/packages/core/src/components/popover/_popover.scss#L54
-  @include react-transition(
-    'bp5-popover',
-    (
-      transform: scale(1) scale(1)
-    ),
-    $duration: 0,
-    $after: '> &'
-  );
+// On Popover and Tooltip components, squelch scale & opacity transition - unlike Dialog with its `transitionName` prop,
+// Popover, and consequently Tooltip, do not appear to provide a way to turn off
+// their transitions without also losing the (often desirable) arrow pointing to their targets.
+// These rules override the scale and opacity starting values of enter and exit classes by setting them to
+// their final 'end of transition' values, which has the effect of preventing/short circuiting transitions.
+// BlueprintJs' own Popover.minimal uses this same approach to disable its transitions.
+// (it appears from testing that overriding these rules with any value will squelch the transition, but
+// we might as well use the final values to be explicit.)
+.bp5-popover-transition-container {
+  &.bp5-popover-enter,
+  &.bp5-popover-appear {
+    opacity: 1;
+  }
+
+  &.bp5-popover-exit {
+    opacity: 0;
+  }
+
+  &.bp5-popover-enter,
+  &.bp5-popover-appear {
+    > .bp5-popover {
+      transform: scale(1);
+    }
+  }
+
+  &.bp5-popover-exit-active,
+  &.bp5-popover-exit {
+    > .bp5-popover {
+      transform: scale(0);
+    }
+  }
 }
 
 //------------------------

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@xh/hoist",
-  "version": "64.0.0",
+  "version": "64.0.3",
   "description": "Hoist add-on for building and deploying React Applications.",
   "repository": "github:xh/hoist-react",
   "homepage": "https://xh.io",