@yahoo/uds 2.2.0 → 2.2.1

package/cli/cli.ts

@@ -12,10 +12,9 @@ const EXEMPT_FROM_AUTH = ['login'];
 
 async function main() {
   if (process.env.CI !== '1') {
-    updateNotifier({
+    await updateNotifier({
       pkg: packageJson,
       shouldNotifyInNpmScript: true,
-      alwaysRun: true,
     });
   }
 

package/cli/utils/auth.ts

@@ -1,179 +1,47 @@
+import child_process from 'node:child_process';
 import { unlink } from 'node:fs/promises';
 import path from 'node:path';
+import util from 'node:util';
 
-import { print, red } from 'bluebun';
+import { ask, print, red } from 'bluebun';
 import Bun from 'bun';
-import { getApps, initializeApp } from 'firebase/app';
-import {
-  connectAuthEmulator,
-  getAuth,
-  GoogleAuthProvider,
-  signInWithCredential,
-} from 'firebase/auth';
-import { google, oauth2_v2 } from 'googleapis';
-import http from 'http';
-import open from 'open';
 import { type FirebaseUser } from 'root/database/firebase';
 import { v5 as uuidv5 } from 'uuid';
 
-import clientSecrets from './client_secrets.json';
+const exec = util.promisify(child_process.exec);
 
-type User = oauth2_v2.Schema$Userinfo | FirebaseUser;
-type LoginProvider = 'google' | 'firebase' | 'configurator';
-
-const LOGIN_PROVIDER: LoginProvider =
-  (process.env.LOGIN_PROVIDER as LoginProvider) ?? 'configurator';
-
-const REDIRECT_URL = clientSecrets.web.redirect_uris[0];
-const { port: PORT, origin: SERVER_ORIGIN } = new URL(REDIRECT_URL);
-
-const configuratorUrlOrigin =
-  process.env.NODE_ENV === 'development' ? 'http://localhost:4001' : 'https://config.uds.build';
+type User = Partial<FirebaseUser>;
 
 const CACHE_FILEPATH = '.uds/user.json';
 const DEFAULT_CLI_PATH = path.resolve(import.meta.dir, '..');
 const CACHED_USER_FILE = path.resolve(DEFAULT_CLI_PATH, CACHE_FILEPATH);
 
-const isEmulator = process.env.EMULATOR || process.env.NEXT_PUBLIC_EMULATOR;
-
-// TODO: consolidate with the firebase config and setup in database/firebase.ts
-const firebaseConfig = !isEmulator
-  ? clientSecrets.firebaseConfig
-  : {
-      projectId: 'uds-poc',
-      apiKey: 'DUMMY_API_KEY',
-      authDomain: 'uds-poc.firebaseapp.com',
-    };
-
-const firebaseApp = getApps().length === 0 ? initializeApp(firebaseConfig) : getApps()[0];
-const auth = getAuth(firebaseApp);
-
-if (isEmulator) {
-  connectAuthEmulator(auth, 'http://127.0.0.1:9099');
-}
-
-// Credentials can be found in https://console.cloud.google.com/apis/credentials/oauthclient/700524957090-6uju02gp6i0rlm3p17nt1v6vbrretfka.apps.googleusercontent.com?project=uds-poc.
-const oauth2Client = new google.auth.OAuth2(
-  clientSecrets.web.client_id,
-  clientSecrets.web.client_secret,
-  REDIRECT_URL,
-);
-
-function isYahooEmployee(user?: User) {
-  return user?.email?.endsWith('@yahooinc.com');
-}
-
-function getAuthorizeUrl(loginProvider = LOGIN_PROVIDER) {
-  if (loginProvider === 'configurator') {
-    return `${configuratorUrlOrigin}/login?continue=${REDIRECT_URL}`;
-  }
-
-  return oauth2Client.generateAuthUrl({
-    access_type: 'offline',
-    scope: [
-      'https://www.googleapis.com/auth/userinfo.profile',
-      'https://www.googleapis.com/auth/userinfo.email',
-    ].join(' '),
-    hd: 'yahooinc.com',
-    include_granted_scopes: true,
-  });
-}
-
-function onPostHandler(
-  this: http.Server,
-  req: http.IncomingMessage,
-  res: http.ServerResponse,
-  resolve: (user: User) => void,
-  reject: (reason?: unknown) => void,
-) {
-  const corsHeaders = {
-    'Access-Control-Allow-Origin': configuratorUrlOrigin,
-    'Access-Control-Allow-Methods': 'OPTIONS, POST',
-    'Access-Control-Allow-Headers': '*',
-    'Access-Control-Request-Method': '*',
-  };
-
-  for (const [header, value] of Object.entries(corsHeaders)) {
-    res.setHeader(header, value);
-  }
-
-  if (req.headers.origin !== configuratorUrlOrigin) {
-    res.writeHead(405).end(`Request origin not allowed.`);
-    reject(`Request origin not allowed.`);
-    return;
-  }
-
-  if (req.method === 'OPTIONS') {
-    res.writeHead(204).end();
-    return;
-  }
-
-  if (req.method !== 'POST') {
-    // Set the 405 status and Allow header
-    res.writeHead(405, { Allow: 'POST' }).end('Method Not Allowed');
-    reject('Method Not Allowed');
-    return;
-  }
-
-  let data = '';
-
-  req.on('data', (chunk) => {
-    data += chunk.toString();
-  });
-
-  req.on('error', (err: NodeJS.ErrnoException) => {
-    reject(err);
-  });
+async function getGitEmail(scope: 'local' | 'global' | 'system' = 'global') {
+  let email;
+  try {
+    const { stdout, stderr } = await exec(`git config --${scope} user.email`);
 
-  req.on('end', () => {
-    try {
-      const user: FirebaseUser = JSON.parse(data);
-      res.end('Authentication successful! Please close this window.');
-      resolve(user);
-    } catch (err) {
-      reject(err);
-    } finally {
-      this.close();
+    if (stderr) {
+      throw new Error(`Git config error: ${stderr}`);
     }
-  });
-}
-
-async function onGETHandler(
-  this: http.Server,
-  req: http.IncomingMessage,
-  res: http.ServerResponse,
-  resolve: (user: User) => void,
-  reject: (reason?: unknown) => void,
-) {
-  try {
-    const code = new URL(req.url || '', SERVER_ORIGIN).searchParams.get('code');
-    if (!code) {
-      res.end('There was no code parameter on the url.');
-      this.close();
-      return;
+    email = stdout.trim();
+    if (!isYahooEmployee({ email })) {
+      throw new Error(`Git config email is not a @yahooinc.com email address.`);
     }
+  } catch {
+    email = await ask('Please enter your @yahooinc.com email address:', {
+      validation: (answer) => {
+        const warning = red(`🚨 Email was not a @yahooinc.com address.`);
+        return isYahooEmployee({ email: answer }) || warning;
+      },
+    });
+  }
 
-    res.end('Authentication successful! Please close this window.');
-    this.close();
-
-    const { tokens } = await oauth2Client.getToken(code);
-    oauth2Client.setCredentials(tokens);
-
-    let user: User;
-
-    if (LOGIN_PROVIDER === 'firebase') {
-      // Build Firebase credential using the Google ID token.
-      const credential = GoogleAuthProvider.credential(tokens.id_token);
-      user = (await signInWithCredential(auth, credential)).user;
-    } else {
-      const oauth2 = google.oauth2({ version: 'v2', auth: oauth2Client });
-      user = (await oauth2.userinfo.get()).data;
-    }
+  return email ?? buildCIUser().email; // fallback to CI user if don't have an email for some reason.
+}
 
-    resolve(user);
-  } catch (err) {
-    reject(err);
-  }
+function isYahooEmployee(user?: User) {
+  return Boolean(user?.email?.endsWith('@yahooinc.com'));
 }
 
 /**
@@ -182,41 +50,14 @@ async function onGETHandler(
  * @returns
  */
 async function authenticateUser(): Promise<User> {
-  return new Promise((resolve, reject) => {
-    // TODO: If port (3000) is already in use, this will fail.
-    // Setup https://www.npmjs.com/package/find-free-ports, but that won't
-    // play well with the pre-configured redirect_uris in the Google Cloud Console.
-    const server = http.createServer();
-
-    server.listen(PORT, async () => {
-      const authorizeUrl = getAuthorizeUrl();
-
-      print(`Please visit the following URL if it didn't open automatically:\n${authorizeUrl}`);
-
-      const childProcess = await open(authorizeUrl, { wait: false });
-      childProcess.unref();
-
-      process.on('SIGINT', () => {
-        server.close();
-        reject('Received SIGINT.');
-      });
-    });
-
-    server.on('error', (err: NodeJS.ErrnoException) => {
-      if (err.code && err.code.includes('EADDRINUSE')) {
-        print(
-          red(`🚨 Port ${PORT} already in use. Cannot start local server to handle OAuth flow.`),
-        );
-        server.close();
-      }
-    });
+  // Fetch firebase user data from the configurator.
+  const email = await getGitEmail('local');
+  const resp = await Bun.fetch(`https://config.uds.build/api/cli-analytics?email=${email}`);
+  if (resp.status !== 200) {
+    throw new Error(`Failed to fetch firebase user data from endpoint. Status ${resp.status}`);
+  }
 
-    if (LOGIN_PROVIDER === 'configurator') {
-      server.on('request', (req, res) => onPostHandler.call(server, req, res, resolve, reject));
-    } else {
-      server.on('request', (req, res) => onGETHandler.call(server, req, res, resolve, reject));
-    }
-  });
+  return (await resp.json()) as User;
 }
 
 async function logout(cachePath?: string) {
@@ -242,8 +83,7 @@ async function login() {
       user = await authenticateUser();
       await Bun.write(CACHED_USER_FILE, JSON.stringify(user, null, 2));
     } catch (err) {
-      console.error('Error:', err);
-      throw err;
+      console.error((err as NodeJS.ErrnoException).message);
     }
   }
 
@@ -251,16 +91,16 @@ async function login() {
 }
 
 /**
- * Builds a FirebaseUser object for a Continuous Integration (CI) user.
+ * Builds a firebase user object for a Continuous Integration (CI) user.
  *
  * This function generates a CI user with an email based on the UDS_TEAM_SLUG
  * environment variable. If the UDS_TEAM_SLUG is not defined, it defaults to 'unknown'.
  * The generated user has a predefined first name, display name, and an empty avatar.
  * The analytics context includes the team and a role set to 'other'.
  *
- * @returns {FirebaseUser} The generated CI user object.
+ * @returns {user} The generated CI user object.
  */
-function buildCIUser(): FirebaseUser {
+function buildCIUser(): User {
   const team = process.env.UDS_TEAM_SLUG;
 
   if (!team) {
@@ -325,14 +165,11 @@ async function getAuthenticatedUser(cliPath = DEFAULT_CLI_PATH): Promise<User |
 export {
   authenticateUser,
   buildCIUser,
-  configuratorUrlOrigin,
+  exec,
   getAuthenticatedUser,
-  getAuthorizeUrl,
+  getGitEmail,
   isYahooEmployee,
   login,
-  type LoginProvider,
   logout,
-  onGETHandler,
-  onPostHandler,
   type User,
 };

package/dist/fixtures.cjs

@@ -1414,7 +1414,7 @@ var buttonMotionProperties = [
     "at",
     "isWellFormed",
     "toWellFormed",
-    "__@iterator@53"
+    "__@iterator@54"
 ];
 exports.buttonMotionProperties = buttonMotionProperties;
 var buttonMotionEffects = [

package/dist/fixtures.js

@@ -1366,7 +1366,7 @@ var buttonMotionProperties = [
     "at",
     "isWellFormed",
     "toWellFormed",
-    "__@iterator@53"
+    "__@iterator@54"
 ];
 var buttonMotionEffects = [
     "none",

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@yahoo/uds",
   "description": "Yahoo Universal System",
-  "version": "2.2.0",
+  "version": "2.2.1",
   "type": "module",
   "bin": {
     "uds": "./cli/uds-cli"
@@ -9,6 +9,7 @@
   "files": [
     "cli/**",
     "!cli/**/*.test.*",
+    "!cli/README.md",
     "dist/**",
     "fonts/**"
   ],
@@ -116,7 +117,7 @@
   },
   "scripts": {
     "build": "bun run ./scripts/build.ts",
-    "build:cli": "bun run ./cli/utils/secrets.ts decrypt && bun ./cli/compile.ts",
+    "build:cli": "bun ./cli/compile.ts",
     "ci:publish": "bun semantic-release -e semantic-release-monorepo",
     "clean": "rm -rf .turbo && rm -rf node_modules && rm -rf dist && rm -rf .coverage && rm -rf cli/bin",
     "dev": "concurrently bun:dev:*",
@@ -144,12 +145,9 @@
     "@ariakit/react": "^0.4.12",
     "bluebun": "^0.0.34",
     "clsx": "^2.1.1",
-    "firebase": "^11.0.0",
     "framer-motion": "^11.11.4",
-    "googleapis": "^144.0.0",
     "imurmurhash": "^0.1.4",
     "lodash-es": "^4.17.21",
-    "open": "^10.1.0",
     "prompts": "^2.4.2",
     "react-toastify": "^11.0.2",
     "semver": "^7.6.3",
@@ -170,7 +168,6 @@
     "autoprefixer": "^10.4.20",
     "chalk": "^5.3.0",
     "concurrently": "^9.0.1",
-    "node-mocks-http": "^1.16.1",
     "postcss": "^8.4.47",
     "tailwindcss": "^3.4.13",
     "terser": "^5.34.1",

package/cli/README.md

@@ -1,208 +0,0 @@
-import { DocTabs } from '~/components/DocTabs';
-import { Box, VStack } from '@yahoo/uds';
-import { RequiredChip } from '~/components/RequiredChip';
-import { DocImage } from '~/components/DocImage';
-import { PACKAGE_MANAGERS, CommandSnippet } from '~/components/CommandSnippet';
-import { toPageTitle } from '~/utils/toPageTitle';
-
-export const metadata = {
-title: toPageTitle({ title: 'CLI', category: 'Tools' }),
-};
-
-# Universal CLI
-
-> **Update**: The CLI tool no longer requires Bun. You can use any node package manager to run the CLI (e.g. `npx uds sync`).
-
-The Universal CLI is available as command, `uds`. The tool was created with [Bluebun](https://github.com/jamonholmgren/bluebun/) (inspired by [Gluegun](https://github.com/infinitered/gluegun)). The UDS CLI is a standalone binary that doesn't require having Bun installed locally in order to use it.
-
-<Box justifyContent="center">
-  <DocImage light={{ src: '/images/cli-screenshot.png', width: 500, height: 356 }} />
-</Box>
-
-## Requirements
-
-1. To use the CLI, first [install](/docs/getting-started/quick-start#installation) the `@yahoo/uds` package as a dependency in your package.json, which has the UDS CLI as a binary.
-
-2. Log in to the CLI
-
-<VStack spacingBottom="2">
-  <DocTabs
-    items={PACKAGE_MANAGERS.map((packageManager) => ({
-      label: packageManager,
-      content: <CommandSnippet name={packageManager} command="bun uds login" />,
-    }))}
-  />
-</VStack>
-
-## Commands
-
-> **Note**: If you are _not_ running the CLI from a package.json script you will need to call your package manager execute command before the binary in order to run it directly. i.e. `npx uds purge`
-
-<VStack spacingBottom="2">
-  <DocTabs
-    items={PACKAGE_MANAGERS.map((packageManager) => ({
-      label: packageManager,
-      content: <CommandSnippet name={packageManager} command="bunx uds purge" />,
-    }))}
-  />
-</VStack>
-
-The following command are available after installing `@yahoo/uds`:
-
-### Sync
-
-The `uds sync` command fetches the latest design config from the [Configurator](/docs/getting-started/using-configurator) and writes it to a file in your project.
-
-#### Flags
-
-| Flag      | Description                 | Default         | Required         |
-| --------- | --------------------------- | --------------- | ---------------- |
-| `id`      | ID from the Configurator    |                 | <RequiredChip /> |
-| `outFile` | File to write the output to | ./uds.config.ts |                  |
-
-**Example:**
-
-```shell
-uds sync --id [id] --outFile [path]
-uds sync --id [id]
-uds sync --id [id] --outFile=uds.config.js # pass a file with a JS extension if you are using Javascript
-```
-
-#### Environment variables
-
-Alternatively, you can use environment variables instead of flags.
-
-| Variable       | Description                 | Default         | Required         |
-| -------------- | --------------------------- | --------------- | ---------------- |
-| `UDS_ID`       | ID from the Configurator    |                 | <RequiredChip /> |
-| `UDS_OUT_FILE` | File to write the output to | ./uds.config.ts |                  |
-
-**Example:**
-
-```shell
-UDS_ID=[id] UDS_OUT_FILE=[path] uds sync
-```
-
-### Purge
-
-The `uds purge` command is used to optimize and reduce the amount of CSS produced by your app.
-
-Running this command produces a `./dist/safelist.ts` file in the root of your project. This file imported in your `tailwind.config.js` and passed to the `safelist` configuration option.
-
-```typescript
-/** @type {import('tailwindcss').Config} */
-const { safelist } = require(`${__dirname}/dist/safelist.ts`);
-
-module.exports = {
-  content: ['./pages/**/*.{html,jsx,tsx}', './components/**/*.{html,jsx,tsx}'],
-  safelist,
-  // ...
-};
-```
-
-For more information about safelisting classes in Tailwind, visit the [official documentation](https://tailwindcss.com/docs/content-configuration#safelisting-classes)
-
-**Example:**
-
-```shell
-uds purge
-```
-
-#### Flags
-
-| Flag     | Description                 | Default            | Required |
-| -------- | --------------------------- | ------------------ | -------- |
-| `entry`  | The entry to source files   | ./src/             |          |
-| `output` | Output path of the safelist | ./dist/safelist.ts |          |
-| `config` | UDS config                  | ./uds.config.ts    |          |
-
-**Example:**
-
-```shell
-uds purge --output output/dir
-```
-
-#### Environment variables
-
-| Variable                        | Description                                 | Default | Required |
-| ------------------------------- | ------------------------------------------- | ------- | -------- |
-| `ENABLED_SCALE_AND_COLOR_MODES` | Selects which color and scale modes to keep | all     |          |
-
-**Example:**
-
-```shell
-ENABLED_SCALE_AND_COLOR_MODES="dark,large" uds purge
-```
-
-### Codemod
-
-The `uds codemod` command is here to help you run one-off codemods. In the future, we'll likely apply codemodes via `uds migrate` for you, but this will provide more fine grained control over applying codemods to help you deal with breaking changes to our system. We're flying fast right now, and investing too much energy in full blown migrations is silly as things will just keep changing, but this is a step into an _easy_ migration future!
-
-Any file added to commands/codemod will be available in prompt land.
-
-```shell
-uds codemod
-```
-
-### Login
-
-The `uds login` command is used to authenticate the user to the CLI. We use
-Google's OAuth2 flow, which is the same login flow used by the [Configurator](/docs/getting-started/using-configurator) and the documentation site. Logging in to the CLI helps us identify and track CLI usage and metrics.
-
-### Circumventing Login
-
-There may be situations (such as CI runs) where you can't authenticate your personal account with the CLI. For this case, providing the `CI=true` and `UDS_TEAM_SLUG` env variables is required when using the CLI in a CI environment:
-
-```env
-CI=true
-UDS_TEAM_SLUG=<your-team-slug> uds <command>
-```
-
-Your team slug can be found in your team's Configurator URL path:
-
-<DocImage light={{ src: '/images/team-slug-screenshot.png' }} />
-
-### Expo (WIP)
-
-The `uds expo` command is for building and launching React Native apps using Expo.
-This command is still a WIP and is only used internally at the moment.
-
-```shell
-uds expo build --profile [profile] --platform [ios|android]
-uds expo dev --profile [profile] --platform [ios|android]
-uds expo launch --profile [profile] --platform [ios|android]
-uds expo update --profile [profile] --platform [ios|android]
-uds expo --help
-```
-
-## Development
-
-The CLI is created with [Bluebun](https://github.com/jamonholmgren/bluebun/) (inspired by [Gluegun](https://github.com/infinitered/gluegun)), but specifically designed to be used with [Bun](https://bun.sh). Bluebun relies on Bun APIs and is designed to be extremely fast, with no-dependencies.
-
-### Adding a command
-
-Commands are organized in a tree structure in `uds/cli/commands`. The root command is the name of the CLI (`uds`) and in `uds.ts`, which subcommand being in its own file. See the Bluebun [Command docs](https://github.com/jamonholmgren/bluebun/blob/main/docs/commands.md) for more information on usage docs and creating command files.
-
-**Important note:**
-
-Adding nested commands, i.e. `uds expo dev` does work correctly when UDS is consumed from npm. As a workaround, please see code for expo/expo.ts for re-routing sub-commands from the root command file. To verify your CLI command works correctly you should run `npm pack` within the packages/uds directory. Once you have your generated tarball you should copy that tarball to a test application such as https://github.com/yahoo-uds/uds-nextjs-demo, then add `"@yahoo/uds": "file:./tarball-generated-from-npm-pack.tgz` to it's dependencies and run an install. Now you should be able to run `bun uds [your command name]` to test your functionality.
-
-### Testing the login flow
-
-To test the login flow, the CLI starts a web server and opens browser window to
-a login page in Configurator. In prod, it opens https://config.uds.build/login.
-In local dev, http://localhost:4001/login is opened.
-
-In the root of the UDS monorepo, run the following commands:
-
-```
-# Start configurator app web server:
-turbo --filter uds-configurator dev
-
-# Run the CLI login command:
-bun run --cwd packages/uds uds login
-```
-
-### API Reference
-
-Bluebun comes with a number of built-in utilities that are exported from the main `bluebun` package. See [reference guide](https://github.com/jamonholmgren/bluebun/blob/main/docs/reference.md) for more.

package/cli/utils/client_secrets.json

@@ -1,23 +0,0 @@
-{
-  "web": {
-    "client_id": "700524957090-6uju02gp6i0rlm3p17nt1v6vbrretfka.apps.googleusercontent.com",
-    "project_id": "uds-poc",
-    "auth_uri": "https://accounts.google.com/o/oauth2/auth",
-    "token_uri": "https://oauth2.googleapis.com/token",
-    "auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs",
-    "client_secret": "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",
-    "redirect_uris": [
-      "http://localhost:3000/oauth2callback",
-      "https://uds.build/oauth2callback",
-      "https://config.uds.build/oauth2callback"
-    ]
-  },
-  "firebaseConfig": {
-    "apiKey": "AIzaSyDZEsm1GQ1lkK7T8NxJ9D_Pqmcz5u5D2hc",
-    "authDomain": "uds-poc.firebaseapp.com",
-    "projectId": "uds-poc",
-    "storageBucket": "uds-poc.appspot.com",
-    "messagingSenderId": "700524957090",
-    "appId": "1:700524957090:web:b4b5cdba42f694bb5cf6fb"
-  }
-}

package/cli/utils/secrets.ts

@@ -1,40 +0,0 @@
-import path from 'node:path';
-
-// eslint-disable-next-line n/no-unpublished-import
-import { loadEnvConfig } from '@next/env';
-import { $ } from 'bun';
-
-loadEnvConfig(process.cwd());
-
-const secretsFile = path.resolve(import.meta.dir, 'client_secrets.json');
-const encryptedFilename = `${secretsFile}.enc`;
-
-async function encrypt() {
-  await $`openssl enc -aes-256-cbc -in ${secretsFile} -out ${encryptedFilename}`;
-}
-
-async function decrypt() {
-  const f = Bun.file(secretsFile);
-  if (!(await f.exists())) {
-    await $`openssl enc -aes-256-cbc -in ${encryptedFilename} -out ${secretsFile} -d -pass env:UDS_CLI_SECRETS_PW`;
-  }
-}
-
-async function main() {
-  if (!process.env.UDS_CLI_SECRETS_PW) {
-    console.error('Please set the UDS_CLI_SECRETS_PW env variable. The password is in LastPass.');
-    process.exitCode = 1;
-    return;
-  }
-
-  const cmd = Bun.argv[2];
-  if (cmd === 'encrypt') {
-    await encrypt();
-    console.log(`Secrets file encrypted to ${encryptedFilename}`);
-  } else if (cmd === 'decrypt') {
-    await decrypt();
-    console.log(`Secrets file saved to ${secretsFile}`);
-  }
-}
-
-main();