@zapier/zapier-sdk-cli 0.54.1 → 0.54.2

package/dist/index.mjs

@@ -7,7 +7,7 @@ import crypto, { createHash } from 'crypto';
 import * as path from 'path';
 import { resolve, join, dirname, basename, relative, extname } from 'path';
 import * as lockfile from 'proper-lockfile';
-import { definePlugin, createPluginMethod, OutputPropertySchema, ZapierBundleError, DEFAULT_CONFIG_PATH, ZapierValidationError, ZapierUnknownError, ZapierReleaseTriggerMessageSignal, injectCliLogin, getOrCreateApiClient, invalidateCachedToken, batch, toSnakeCase, ZapierAbortDrainSignal, isCredentialsObject, buildApplicationLifecycleEvent, ZapierAuthenticationError, ZapierError, createZapierSdkStack, addPlugin, getOsInfo, getPlatformVersions, getCiPlatform, isCi, getReleaseId, getCurrentTimestamp, generateEventId } from '@zapier/zapier-sdk';
+import { definePlugin, createPluginMethod, OutputPropertySchema, ZapierBundleError, DEFAULT_CONFIG_PATH, ZapierValidationError, ZapierUnknownError, ZapierReleaseTriggerMessageSignal, injectCliLogin, getOrCreateApiClient, isPermanentHttpError, invalidateCachedToken, batch, toSnakeCase, ZapierAbortDrainSignal, isCredentialsObject, buildApplicationLifecycleEvent, ZapierAuthenticationError, ZapierError, createZapierSdkStack, addPlugin, getOsInfo, getPlatformVersions, getCiPlatform, isCi, getReleaseId, getCurrentTimestamp, generateEventId } from '@zapier/zapier-sdk';
 import { z } from 'zod';
 import { hostname } from 'os';
 import inquirer from 'inquirer';
@@ -777,7 +777,8 @@ function sleep(ms) {
 async function withRetry({
   action,
   attempts = 3,
-  initialDelayMs = 100
+  initialDelayMs = 100,
+  shouldRetry = () => true
 }) {
   if (attempts <= 0) {
     throw new Error("withRetry: attempts must be greater than 0");
@@ -788,9 +789,8 @@ async function withRetry({
       return await action();
     } catch (err) {
       lastError = err;
-      if (i < attempts - 1) {
-        await sleep(initialDelayMs * 2 ** i);
-      }
+      if (!shouldRetry(err) || i >= attempts - 1) break;
+      await sleep(initialDelayMs * 2 ** i);
     }
   }
   throw lastError;
@@ -810,32 +810,50 @@ function getStatusCode(err) {
   }
   return void 0;
 }
+var REVOKE_WARNING_TAIL = "Local state will be cleared, but the credential may still be active. Verify or revoke via `list-client-credentials` or `delete-client-credentials`.";
+var REVOKE_REJECTED_WARNING = "Could not revoke the credential on the server: the request was rejected (your current credentials may lack permission to revoke it). Local state has been cleared, but the credential may still be active on the server \u2014 run `login` to re-authenticate, then `delete-client-credentials` to remove it.";
 async function revokeCredentials({
   api: api2,
   credentials,
-  onEvent
+  onEvent,
+  alwaysClearLocalState = false
 }) {
-  await withRetry({
-    action: async () => {
-      try {
-        await api2.delete(
-          `/api/v0/client-credentials/${credentials.clientId}`,
-          void 0,
-          { authRequired: true, requiredScopes: ["credentials"] }
-        );
-      } catch (err) {
-        const status = getStatusCode(err);
-        if (status === 404) return;
-        if (status === 401) {
-          console.warn(
-            "Could not revoke credentials on the server (unauthorized). Local state will be cleared, but the credential may still be active. Verify or revoke via `list-client-credentials` or `delete-client-credentials`."
+  try {
+    await withRetry({
+      // Permanent errors (403/400) won't change on retry — fail fast instead of
+      // burning the backoff budget. The outer catch then rethrows (re-login) or
+      // swallows and clears local state (logout) per `alwaysClearLocalState`.
+      shouldRetry: (err) => !isPermanentHttpError(err),
+      action: async () => {
+        try {
+          await api2.delete(
+            `/api/v0/client-credentials/${credentials.clientId}`,
+            void 0,
+            { authRequired: true, requiredScopes: ["credentials"] }
           );
-          return;
+        } catch (err) {
+          const status = getStatusCode(err);
+          if (status === 404) return;
+          if (status === 401) {
+            console.warn(
+              "Could not revoke credentials on the server (unauthorized). " + REVOKE_WARNING_TAIL
+            );
+            return;
+          }
+          throw err;
         }
-        throw err;
       }
+    });
+  } catch (err) {
+    if (!alwaysClearLocalState) throw err;
+    if (isPermanentHttpError(err)) {
+      console.warn(REVOKE_REJECTED_WARNING);
+    } else {
+      console.warn(
+        "Could not revoke credentials on the server. " + REVOKE_WARNING_TAIL
+      );
     }
-  });
+  }
   try {
     await deleteStoredClientCredentials({
       name: credentials.name,
@@ -1961,7 +1979,8 @@ var logoutPlugin = definePlugin(
       await revokeCredentials({
         api: sdk2.context.api,
         credentials: activeCredentials,
-        onEvent
+        onEvent,
+        alwaysClearLocalState: true
       });
       console.log("\u2705 Successfully logged out");
     }
@@ -4469,7 +4488,7 @@ definePlugin(
 // package.json with { type: 'json' }
 var package_default = {
   name: "@zapier/zapier-sdk-cli",
-  version: "0.54.1"};
+  version: "0.54.2"};
 
 // src/sdk.ts
 injectCliLogin(login_exports);
@@ -4497,7 +4516,7 @@ function createZapierCliSdk(options = {}) {
 
 // package.json
 var package_default2 = {
-  version: "0.54.1"};
+  version: "0.54.2"};
 
 // src/telemetry/builders.ts
 function createCliBaseEvent(context = {}) {

package/dist/package.json

@@ -1,6 +1,6 @@
 {
     "name": "@zapier/zapier-sdk-cli",
-    "version": "0.54.1",
+    "version": "0.54.2",
     "description": "Command line interface for Zapier SDK",
     "main": "dist/index.cjs",
     "module": "dist/index.mjs",

package/dist/src/login/credentials-revoke.d.ts

@@ -6,8 +6,9 @@ export type LogoutEventEmitter = (event: {
     timestamp: number;
 }) => void;
 export declare function emitAuthLogout(onEvent: LogoutEventEmitter | undefined): void;
-export declare function revokeCredentials({ api, credentials, onEvent, }: {
+export declare function revokeCredentials({ api, credentials, onEvent, alwaysClearLocalState, }: {
     api: ApiClient;
     credentials: CredentialsEntry;
     onEvent?: LogoutEventEmitter;
+    alwaysClearLocalState?: boolean;
 }): Promise<void>;

package/dist/src/login/credentials-revoke.js

@@ -1,4 +1,4 @@
-import { invalidateCachedToken } from "@zapier/zapier-sdk";
+import { invalidateCachedToken, isPermanentHttpError, } from "@zapier/zapier-sdk";
 import { clearLegacyJwtState } from "./legacy-jwt";
 import { deleteStoredClientCredentials, } from "./credentials-store";
 import { withRetry } from "../utils/retry";
@@ -15,27 +15,67 @@ function getStatusCode(err) {
     }
     return undefined;
 }
+const REVOKE_WARNING_TAIL = "Local state will be cleared, but the credential may still be active. " +
+    "Verify or revoke via `list-client-credentials` or `delete-client-credentials`.";
+// Shown only when `logout` tears down local state after the server *rejected*
+// revocation (a permanent 4xx). Retrying won't help, and `list-`/`delete-client-
+// credentials` would hit the same refusal until the user re-authenticates — so we
+// send them through `login`, which restores the ability to manage credentials.
+const REVOKE_REJECTED_WARNING = "Could not revoke the credential on the server: the request was rejected " +
+    "(your current credentials may lack permission to revoke it). Local state has " +
+    "been cleared, but the credential may still be active on the server — run " +
+    "`login` to re-authenticate, then `delete-client-credentials` to remove it.";
 // Re-login flows pass no emitter so credential rotation stays silent.
-export async function revokeCredentials({ api, credentials, onEvent, }) {
-    await withRetry({
-        action: async () => {
-            try {
-                await api.delete(`/api/v0/client-credentials/${credentials.clientId}`, undefined, { authRequired: true, requiredScopes: ["credentials"] });
-            }
-            catch (err) {
-                const status = getStatusCode(err);
-                if (status === 404)
-                    return;
-                if (status === 401) {
-                    console.warn("Could not revoke credentials on the server (unauthorized). " +
-                        "Local state will be cleared, but the credential may still be active. " +
-                        "Verify or revoke via `list-client-credentials` or `delete-client-credentials`.");
-                    return;
+export async function revokeCredentials({ api, credentials, onEvent, alwaysClearLocalState = false, }) {
+    try {
+        await withRetry({
+            // Permanent errors (403/400) won't change on retry — fail fast instead of
+            // burning the backoff budget. The outer catch then rethrows (re-login) or
+            // swallows and clears local state (logout) per `alwaysClearLocalState`.
+            shouldRetry: (err) => !isPermanentHttpError(err),
+            action: async () => {
+                try {
+                    await api.delete(`/api/v0/client-credentials/${credentials.clientId}`, undefined, { authRequired: true, requiredScopes: ["credentials"] });
                 }
-                throw err;
-            }
-        },
-    });
+                catch (err) {
+                    const status = getStatusCode(err);
+                    if (status === 404)
+                        return;
+                    if (status === 401) {
+                        console.warn("Could not revoke credentials on the server (unauthorized). " +
+                            REVOKE_WARNING_TAIL);
+                        return;
+                    }
+                    throw err;
+                }
+            },
+        });
+    }
+    catch (err) {
+        // Re-login leaves `alwaysClearLocalState` false because it wants the throw:
+        // any revoke failure (permanent OR transient) must surface so it can confirm
+        // before replacing creds (see `account-auth.ts`). Only `logout` sets the flag
+        // — it is teardown, so it swallows the failure and clears local state rather
+        // than strand the user behind a revoke they can never complete.
+        if (!alwaysClearLocalState)
+            throw err;
+        if (isPermanentHttpError(err)) {
+            // A permanent client rejection (4xx except the 401/404 the action handles
+            // above — e.g. a 403 when the token lacks the `credentials` scope) is the
+            // server's definitive "you may not revoke this". Retrying won't help, and
+            // there's no dashboard fallback; `delete-client-credentials` needs the same
+            // refused `credentials` scope, so the message routes the user through `login`
+            // (which restores that scope) first, then `delete-client-credentials`.
+            console.warn(REVOKE_REJECTED_WARNING);
+        }
+        else {
+            // Transient 5xx/429, a network failure, or an auth-resolution throw that
+            // never built the request (e.g. a missing keychain secret): revocation never
+            // reached a verdict, so a later `delete-client-credentials` could still
+            // succeed once things recover.
+            console.warn("Could not revoke credentials on the server. " + REVOKE_WARNING_TAIL);
+        }
+    }
     try {
         await deleteStoredClientCredentials({
             name: credentials.name,

package/dist/src/plugins/logout/index.js

@@ -20,10 +20,13 @@ export const logoutPlugin = definePlugin((sdk) => createPluginMethod(sdk, {
             console.log("✅ Successfully logged out");
             return;
         }
+        // Logout is teardown: clear local state even if the server refuses to
+        // revoke the credential, so a permanent 4xx can't strand the user.
         await revokeCredentials({
             api: sdk.context.api,
             credentials: activeCredentials,
             onEvent,
+            alwaysClearLocalState: true,
         });
         console.log("✅ Successfully logged out");
     },

package/dist/src/utils/retry.d.ts

@@ -1,5 +1,6 @@
-export declare function withRetry<T>({ action, attempts, initialDelayMs, }: {
+export declare function withRetry<T>({ action, attempts, initialDelayMs, shouldRetry, }: {
     action: () => Promise<T>;
     attempts?: number;
     initialDelayMs?: number;
+    shouldRetry?: (err: unknown) => boolean;
 }): Promise<T>;

package/dist/src/utils/retry.js

@@ -1,7 +1,7 @@
 function sleep(ms) {
     return new Promise((resolve) => setTimeout(resolve, ms));
 }
-export async function withRetry({ action, attempts = 3, initialDelayMs = 100, }) {
+export async function withRetry({ action, attempts = 3, initialDelayMs = 100, shouldRetry = () => true, }) {
     if (attempts <= 0) {
         throw new Error("withRetry: attempts must be greater than 0");
     }
@@ -12,9 +12,9 @@ export async function withRetry({ action, attempts = 3, initialDelayMs = 100, })
         }
         catch (err) {
             lastError = err;
-            if (i < attempts - 1) {
-                await sleep(initialDelayMs * 2 ** i);
-            }
+            if (!shouldRetry(err) || i >= attempts - 1)
+                break;
+            await sleep(initialDelayMs * 2 ** i);
         }
     }
     throw lastError;