auth0-deploy-cli 8.21.0 → 8.23.0

package/.circleci/config.yml

@@ -6,7 +6,7 @@ orbs:
 jobs:
   e2e_test_as_node_module:
     docker:
-      - image: cimg/node:22.4.1
+      - image: cimg/node:22.12.0
     working_directory: ~/repo
     steps:
       - checkout
@@ -15,7 +15,7 @@ jobs:
 
   e2e_test_as_cli:
     docker:
-      - image: cimg/node:22.4.1
+      - image: cimg/node:22.12.0
     working_directory: ~/repo
     steps:
       - checkout
@@ -66,15 +66,42 @@ jobs:
           name: Publish package
           command: npm publish
 
+  deploy_beta:
+    parameters:
+      v:
+        type: string
+        default: "lts"
+    docker:
+      - image: cimg/node:<< parameters.v >>
+    working_directory: ~/repo
+    steps:
+      - attach_workspace:
+          at: ~/repo
+      - run:
+          name: Authenticate with registry
+          command: echo "//registry.npmjs.org/:_authToken=$NPM_TOKEN" > ~/repo/.npmrc
+      - run:
+          name: Publish beta package
+          command: npm publish --tag beta
+
   does_typescript_compile:
     docker:
-      - image: cimg/node:22.4.1
+      - image: cimg/node:22.12.0
     working_directory: ~/repo
     steps:
       - checkout
       - run: npm ci
       - run: npx tsc --noEmit
 
+  does_lint_pass:
+    docker:
+      - image: cimg/node:22.12.0
+    working_directory: ~/repo
+    steps:
+      - checkout
+      - run: npm ci
+      - run: npm run lint
+
 workflows:
   version: 2
 
@@ -92,12 +119,14 @@ workflows:
     jobs:
       - does_typescript_compile:
           name: Does Typescript compile?
+      - does_lint_pass:
+          name: Does lint pass?
       - unit_test:
           name: Unit tests with Node LTS
           v: "lts"
       - unit_test:
           name: Unit tests with Node current
-          v: "22.4.1"
+          v: "22.12.0"
 
   test_and_deploy:
     jobs:
@@ -118,6 +147,29 @@ workflows:
             branches:
               ignore: /.*/
             tags:
-              only: /^v.*/
+              only: /^v[0-9]+\.[0-9]+\.[0-9]+$/
+          context:
+            - publish-npm
+
+  test_and_deploy_beta:
+    jobs:
+      - unit_test:
+          name: Unit tests with Node LTS (Beta)
+          v: "lts"
+          filters:
+            branches:
+              only: beta
+            tags:
+              only: /^v[0-9]+\.[0-9]+\.[0-9]+-beta\.[0-9]+$/
+      - deploy_beta:
+          name: Publish Beta to NPM
+          v: "lts"
+          requires:
+            - Unit tests with Node LTS (Beta)
+          filters:
+            branches:
+              ignore: /.*/
+            tags:
+              only: /^v[0-9]+\.[0-9]+\.[0-9]+-beta\.[0-9]+$/
           context:
             - publish-npm

package/CHANGELOG.md

@@ -7,6 +7,33 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [Unreleased]
 
+## [8.23.0] - 2025-12-16
+
+### Added
+
+- Add support for `brute-force-protection` in prompts custom-text. [#1221]
+- Add support for `phoneTemplates`. [#1224]
+- Add support for `tokenExchangeProfiles`. [#1232]
+
+### Changed
+
+- Upgrading `node-auth0` from v4 to v5. [#1207]
+
+### Fixed
+
+- Fix `improved_signup_bot_detection_in_classic` is added in allowed `tenant` flags. [#1231]
+
+## [8.22.0] - 2025-12-10
+
+### Added
+
+- Add `AUTH0_EXCLUDE_THIRD_PARTY_CLIENTS` config property to exclude third-party `clients`. [#1212]
+
+### Fixed
+
+- Fix managing `Auth0 My Account API` in `resourceServers`. [#1229]
+- Fix `cross_origin_auth` is deprecated and migrated to `cross_origin_authentication` in `clients`. [#1223]
+
 ## [8.21.0] - 2025-11-21
 
 ### Added
@@ -19,6 +46,12 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 - Fix handle responses when paginating custom domains. [#1214]
 
+## [8.20.4-beta.0] - 2025-12-02
+
+### Changed
+
+- Upgrading node-auth0 from v4 to v5 [beta]. [#1207]
+
 ## [8.20.3] - 2025-11-14
 
 ### Fixed
@@ -1524,11 +1557,22 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 [#1200]: https://github.com/auth0/auth0-deploy-cli/issues/1200
 [#1203]: https://github.com/auth0/auth0-deploy-cli/issues/1203
 [#1204]: https://github.com/auth0/auth0-deploy-cli/issues/1204
+[#1207]: https://github.com/auth0/auth0-deploy-cli/issues/1207
 [#1209]: https://github.com/auth0/auth0-deploy-cli/issues/1209
 [#1211]: https://github.com/auth0/auth0-deploy-cli/issues/1211
+[#1212]: https://github.com/auth0/auth0-deploy-cli/issues/1212
 [#1214]: https://github.com/auth0/auth0-deploy-cli/issues/1214
-[Unreleased]: https://github.com/auth0/auth0-deploy-cli/compare/v8.21.0...HEAD
-[8.21.0]: https://github.com/auth0/auth0-deploy-cli/compare/v8.20.3...v8.21.0
+[#1221]: https://github.com/auth0/auth0-deploy-cli/issues/1221
+[#1223]: https://github.com/auth0/auth0-deploy-cli/issues/1223
+[#1224]: https://github.com/auth0/auth0-deploy-cli/issues/1224
+[#1229]: https://github.com/auth0/auth0-deploy-cli/issues/1229
+[#1231]: https://github.com/auth0/auth0-deploy-cli/issues/1231
+[#1232]: https://github.com/auth0/auth0-deploy-cli/issues/1232
+[Unreleased]: https://github.com/auth0/auth0-deploy-cli/compare/v8.23.0...HEAD
+[8.23.0]: https://github.com/auth0/auth0-deploy-cli/compare/v8.22.0...v8.23.0
+[8.22.0]: https://github.com/auth0/auth0-deploy-cli/compare/v8.21.0...v8.22.0
+[8.21.0]: https://github.com/auth0/auth0-deploy-cli/compare/v8.20.4-beta.0...v8.21.0
+[8.20.4-beta.0]: https://github.com/auth0/auth0-deploy-cli/compare/v8.20.3...v8.20.4-beta.0
 [8.20.3]: https://github.com/auth0/auth0-deploy-cli/compare/v8.20.2...v8.20.3
 [8.20.2]: https://github.com/auth0/auth0-deploy-cli/compare/v8.20.1...v8.20.2
 [8.20.1]: https://github.com/auth0/auth0-deploy-cli/compare/v8.20.0...v8.20.1

package/README.md

@@ -48,7 +48,7 @@ This guide will help you to a working implementation of the Deploy CLI tool used
 
 ### Prerequisites
 
-- [Node](https://nodejs.dev/) version 20(v20.18.1) or greater
+- [Node](https://nodejs.dev/) version 20(v20.19.0) or greater
 - [Auth0 Tenant](https://auth0.com/)
 
 ### Install the Deploy CLI

package/eslint.config.js

@@ -0,0 +1,131 @@
+const js = require('@eslint/js');
+const tsParser = require('@typescript-eslint/parser');
+const tsEslint = require('@typescript-eslint/eslint-plugin');
+const importPlugin = require('eslint-plugin-import');
+const globals = require('globals');
+const eslintConfigPrettier = require('eslint-config-prettier');
+
+const baseRecommended = js.configs.recommended;
+
+module.exports = [
+  {
+    ignores: [
+      'coverage/**',
+      'examples/**',
+      'local/**',
+      'node_modules/**',
+      'lib/**',
+      'test/e2e/testdata/**',
+      'webpack/**',
+    ],
+  },
+  {
+    ...baseRecommended,
+    files: ['**/*.{js,ts,cjs,mjs}'],
+    linterOptions: {
+      reportUnusedDisableDirectives: 'off',
+    },
+    languageOptions: {
+      ...(baseRecommended.languageOptions ?? {}),
+      parser: tsParser,
+      parserOptions: {
+        ...(baseRecommended.languageOptions?.parserOptions ?? {}),
+        ecmaVersion: 2020,
+        sourceType: 'module',
+      },
+      globals: {
+        ...(baseRecommended.languageOptions?.globals ?? {}),
+        ...globals.es2020,
+        ...globals.node,
+        ...globals.mocha,
+      },
+    },
+    plugins: {
+      ...(baseRecommended.plugins ?? {}),
+      import: importPlugin,
+      '@typescript-eslint': tsEslint,
+    },
+    settings: {
+      'import/resolver': {
+        node: {
+          extensions: ['.js', '.ts', '.mjs', '.cjs'],
+        },
+      },
+    },
+    rules: {
+      ...(baseRecommended.rules ?? {}),
+      'max-len': 'off',
+      'class-methods-use-this': 'off',
+      'comma-dangle': 'off',
+      'eol-last': ['error', 'always'],
+      indent: [
+        'error',
+        2,
+        {
+          SwitchCase: 1,
+        },
+      ],
+      'import/no-extraneous-dependencies': [
+        'error',
+        {
+          devDependencies: true,
+        },
+      ],
+      'import/no-dynamic-require': 'off',
+      'prefer-arrow-callback': 'off',
+      'object-shorthand': 'off',
+      'prefer-template': 'off',
+      'func-names': 'off',
+      'new-cap': 'off',
+      'no-await-in-loop': 'off',
+      'no-param-reassign': 'off',
+      'no-multiple-empty-lines': [
+        'error',
+        {
+          max: 1,
+          maxEOF: 0,
+        },
+      ],
+      'no-plusplus': 'off',
+      'no-extra-boolean-cast': 'off',
+      'no-useless-escape': 'off',
+      'no-redeclare': 'off',
+      'no-unused-vars': 'off',
+      'no-console': 'warn',
+      '@typescript-eslint/no-unused-vars': [
+        'error',
+        {
+          argsIgnorePattern: '^_',
+          varsIgnorePattern: '^_',
+          caughtErrors: 'none',
+          ignoreRestSiblings: true,
+        },
+      ],
+      '@typescript-eslint/no-redeclare': 'off',
+      '@typescript-eslint/no-explicit-any': 'off',
+      'no-var': 'off',
+      'object-curly-spacing': ['error', 'always'],
+      quotes: [
+        'error',
+        'single',
+        {
+          avoidEscape: true,
+        },
+      ],
+      semi: ['error', 'always'],
+      strict: 'off',
+      'space-before-blocks': ['error', 'always'],
+      'import/extensions': [
+        'error',
+        'ignorePackages',
+        {
+          js: 'never',
+          ts: 'never',
+          mjs: 'never',
+          cjs: 'never',
+        },
+      ],
+    },
+  },
+  eslintConfigPrettier,
+];

package/lib/args.js

@@ -100,4 +100,3 @@ function getParams() {
 exports.default = {
     getParams,
 };
-//# sourceMappingURL=args.js.map

package/lib/commands/export.js

@@ -1,13 +1,4 @@
 "use strict";
-var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
-    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
-    return new (P || (P = Promise))(function (resolve, reject) {
-        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
-        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
-        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
-        step((generator = generator.apply(thisArg, _arguments || [])).next());
-    });
-};
 var __importDefault = (this && this.__importDefault) || function (mod) {
     return (mod && mod.__esModule) ? mod : { "default": mod };
 };
@@ -19,44 +10,45 @@ const mkdirp_1 = __importDefault(require("mkdirp"));
 const logger_1 = __importDefault(require("../logger"));
 const utils_1 = require("../utils");
 const index_1 = require("../context/index");
-function exportCMD(params) {
-    return __awaiter(this, void 0, void 0, function* () {
-        const { output_folder: outputFolder, base_path: basePath, config_file: configFile, config: configObj, export_ids: exportIds, secret: clientSecret, env: shouldInheritEnv = false, experimental_ea: experimentalEA, } = params;
-        if (shouldInheritEnv) {
-            nconf_1.default.env().use('memory');
-        }
-        if (configFile) {
-            nconf_1.default.file(configFile);
-        }
-        const overrides = Object.assign({ AUTH0_INPUT_FILE: outputFolder, AUTH0_BASE_PATH: basePath }, (configObj || {}));
-        // Prepare configuration by initializing nconf, then passing that as the provider to the config object
-        // Allow passed in secret to override the configured one
-        if (clientSecret) {
-            overrides.AUTH0_CLIENT_SECRET = clientSecret;
-        }
-        // Allow passed in export_ids to override the configured one
-        if (exportIds) {
-            overrides.AUTH0_EXPORT_IDENTIFIERS = exportIds;
-        }
-        // Overrides AUTH0_INCLUDE_EXPERIMENTAL_EA is experimental_ea passed in command line
-        if (experimentalEA) {
-            overrides.AUTH0_EXPERIMENTAL_EA = experimentalEA;
-            // nconf.overrides() sometimes doesn't work, so we need to set it manually to ensure it's set
-            nconf_1.default.set('AUTH0_EXPERIMENTAL_EA', experimentalEA);
-        }
-        // Check output folder
-        if (!(0, utils_1.isDirectory)(outputFolder)) {
-            logger_1.default.info(`Creating ${outputFolder}`);
-            mkdirp_1.default.sync(outputFolder);
-        }
-        if (params.format === 'yaml') {
-            overrides.AUTH0_INPUT_FILE = path_1.default.join(outputFolder, 'tenant.yaml');
-        }
-        nconf_1.default.overrides(overrides);
-        // Setup context and load
-        const context = yield (0, index_1.setupContext)(nconf_1.default.get(), 'export');
-        yield context.dump();
-        logger_1.default.info('Export Successful');
-    });
+async function exportCMD(params) {
+    const { output_folder: outputFolder, base_path: basePath, config_file: configFile, config: configObj, export_ids: exportIds, secret: clientSecret, env: shouldInheritEnv = false, experimental_ea: experimentalEA, } = params;
+    if (shouldInheritEnv) {
+        nconf_1.default.env().use('memory');
+    }
+    if (configFile) {
+        nconf_1.default.file(configFile);
+    }
+    const overrides = {
+        AUTH0_INPUT_FILE: outputFolder,
+        AUTH0_BASE_PATH: basePath,
+        ...(configObj || {}),
+    };
+    // Prepare configuration by initializing nconf, then passing that as the provider to the config object
+    // Allow passed in secret to override the configured one
+    if (clientSecret) {
+        overrides.AUTH0_CLIENT_SECRET = clientSecret;
+    }
+    // Allow passed in export_ids to override the configured one
+    if (exportIds) {
+        overrides.AUTH0_EXPORT_IDENTIFIERS = exportIds;
+    }
+    // Overrides AUTH0_INCLUDE_EXPERIMENTAL_EA is experimental_ea passed in command line
+    if (experimentalEA) {
+        overrides.AUTH0_EXPERIMENTAL_EA = experimentalEA;
+        // nconf.overrides() sometimes doesn't work, so we need to set it manually to ensure it's set
+        nconf_1.default.set('AUTH0_EXPERIMENTAL_EA', experimentalEA);
+    }
+    // Check output folder
+    if (!(0, utils_1.isDirectory)(outputFolder)) {
+        logger_1.default.info(`Creating ${outputFolder}`);
+        mkdirp_1.default.sync(outputFolder);
+    }
+    if (params.format === 'yaml') {
+        overrides.AUTH0_INPUT_FILE = path_1.default.join(outputFolder, 'tenant.yaml');
+    }
+    nconf_1.default.overrides(overrides);
+    // Setup context and load
+    const context = await (0, index_1.setupContext)(nconf_1.default.get(), 'export');
+    await context.dump();
+    logger_1.default.info('Export Successful');
 }
-//# sourceMappingURL=export.js.map

package/lib/commands/import.js

@@ -1,13 +1,4 @@
 "use strict";
-var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
-    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
-    return new (P || (P = Promise))(function (resolve, reject) {
-        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
-        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
-        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
-        step((generator = generator.apply(thisArg, _arguments || [])).next());
-    });
-};
 var __importDefault = (this && this.__importDefault) || function (mod) {
     return (mod && mod.__esModule) ? mod : { "default": mod };
 };
@@ -18,38 +9,40 @@ const configFactory_1 = require("../configFactory");
 const tools_1 = require("../tools");
 const logger_1 = __importDefault(require("../logger"));
 const context_1 = require("../context");
-function importCMD(params) {
-    return __awaiter(this, void 0, void 0, function* () {
-        const { input_file: inputFile, base_path: basePath, config_file: configFile, config: configObj, env: shouldInheritEnv = false, secret: clientSecret, experimental_ea: experimentalEA, } = params;
-        if (shouldInheritEnv) {
-            nconf_1.default.env().use('memory');
-            const mappings = nconf_1.default.get('AUTH0_KEYWORD_REPLACE_MAPPINGS') || {};
-            nconf_1.default.set('AUTH0_KEYWORD_REPLACE_MAPPINGS', Object.assign(mappings, process.env));
-        }
-        if (configFile) {
-            nconf_1.default.file(configFile);
-        }
-        const overrides = Object.assign({ AUTH0_INPUT_FILE: inputFile, AUTH0_BASE_PATH: basePath, AUTH0_KEYWORD_REPLACE_MAPPINGS: {} }, (configObj || {}));
-        // Prepare configuration by initializing nconf, then passing that as the provider to the config object
-        // Allow passed in secret to override the configured one
-        if (clientSecret) {
-            overrides.AUTH0_CLIENT_SECRET = clientSecret;
-        }
-        // Overrides AUTH0_INCLUDE_EXPERIMENTAL_EA is experimental_ea passed in command line
-        if (experimentalEA) {
-            overrides.AUTH0_EXPERIMENTAL_EA = experimentalEA;
-            // nconf.overrides() sometimes doesn't work, so we need to set it manually to ensure it's set
-            nconf_1.default.set('AUTH0_EXPERIMENTAL_EA', experimentalEA);
-        }
-        nconf_1.default.overrides(overrides);
-        // Setup context and load
-        const context = yield (0, context_1.setupContext)(nconf_1.default.get(), 'import');
-        yield context.loadAssetsFromLocal();
-        const config = (0, configFactory_1.configFactory)();
-        config.setProvider((key) => nconf_1.default.get(key));
-        //@ts-ignore because context and assets still need to be typed TODO: type assets and type context
-        yield (0, tools_1.deploy)(context.assets, context.mgmtClient, config);
-        logger_1.default.info('Import Successful');
-    });
+async function importCMD(params) {
+    const { input_file: inputFile, base_path: basePath, config_file: configFile, config: configObj, env: shouldInheritEnv = false, secret: clientSecret, experimental_ea: experimentalEA, } = params;
+    if (shouldInheritEnv) {
+        nconf_1.default.env().use('memory');
+        const mappings = nconf_1.default.get('AUTH0_KEYWORD_REPLACE_MAPPINGS') || {};
+        nconf_1.default.set('AUTH0_KEYWORD_REPLACE_MAPPINGS', Object.assign(mappings, process.env));
+    }
+    if (configFile) {
+        nconf_1.default.file(configFile);
+    }
+    const overrides = {
+        AUTH0_INPUT_FILE: inputFile,
+        AUTH0_BASE_PATH: basePath,
+        AUTH0_KEYWORD_REPLACE_MAPPINGS: {},
+        ...(configObj || {}),
+    };
+    // Prepare configuration by initializing nconf, then passing that as the provider to the config object
+    // Allow passed in secret to override the configured one
+    if (clientSecret) {
+        overrides.AUTH0_CLIENT_SECRET = clientSecret;
+    }
+    // Overrides AUTH0_INCLUDE_EXPERIMENTAL_EA is experimental_ea passed in command line
+    if (experimentalEA) {
+        overrides.AUTH0_EXPERIMENTAL_EA = experimentalEA;
+        // nconf.overrides() sometimes doesn't work, so we need to set it manually to ensure it's set
+        nconf_1.default.set('AUTH0_EXPERIMENTAL_EA', experimentalEA);
+    }
+    nconf_1.default.overrides(overrides);
+    // Setup context and load
+    const context = await (0, context_1.setupContext)(nconf_1.default.get(), 'import');
+    await context.loadAssetsFromLocal();
+    const config = (0, configFactory_1.configFactory)();
+    config.setProvider((key) => nconf_1.default.get(key));
+    //@ts-ignore because context and assets still need to be typed TODO: type assets and type context
+    await (0, tools_1.deploy)(context.assets, context.mgmtClient, config);
+    logger_1.default.info('Import Successful');
 }
-//# sourceMappingURL=import.js.map

package/lib/commands/index.js

@@ -11,4 +11,3 @@ exports.default = {
     deploy: import_1.default,
     dump: export_1.default,
 };
-//# sourceMappingURL=index.js.map

package/lib/configFactory.js

@@ -22,4 +22,3 @@ const configFactory = () => {
     return config;
 };
 exports.configFactory = configFactory;
-//# sourceMappingURL=configFactory.js.map

package/lib/context/defaults.d.ts

@@ -1,6 +1,7 @@
 import { AttackProtection } from '../tools/auth0/handlers/attackProtection';
 export declare function emailProviderDefaults(emailProvider: any): any;
 export declare function phoneProviderDefaults(phoneProvider: any): any;
+export declare function phoneTemplatesDefaults(phoneTemplate: any): any;
 export declare function connectionDefaults(connection: any): any;
 export declare function logStreamDefaults(logStreams: any): any;
 export declare function attackProtectionDefaults(attackProtection: AttackProtection): AttackProtection;

package/lib/context/defaults.js

@@ -2,6 +2,7 @@
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.emailProviderDefaults = emailProviderDefaults;
 exports.phoneProviderDefaults = phoneProviderDefaults;
+exports.phoneTemplatesDefaults = phoneTemplatesDefaults;
 exports.connectionDefaults = connectionDefaults;
 exports.logStreamDefaults = logStreamDefaults;
 exports.attackProtectionDefaults = attackProtectionDefaults;
@@ -9,33 +10,55 @@ const utils_1 = require("../tools/utils");
 // eslint-disable-next-line import/prefer-default-export
 function emailProviderDefaults(emailProvider) {
     // eslint-disable-line
-    const updated = Object.assign({}, emailProvider);
+    const updated = { ...emailProvider };
     const apiKeyProviders = ['mailgun', 'mandrill', 'sendgrid', 'sparkpost'];
     // Add placeholder for credentials as they cannot be exported
     const { name } = updated;
     if (apiKeyProviders.includes(name)) {
-        updated.credentials = Object.assign({ api_key: `##${name.toUpperCase()}_API_KEY##` }, (updated.credentials || {}));
+        updated.credentials = {
+            api_key: `##${name.toUpperCase()}_API_KEY##`,
+            ...(updated.credentials || {}),
+        };
     }
     if (name === 'smtp') {
         // This is to mask smtp_user to '##SMTP_USER##'
         if (updated.credentials && 'smtp_user' in updated.credentials) {
             delete updated.credentials.smtp_user;
         }
-        updated.credentials = Object.assign({ smtp_host: '##SMTP_HOSTNAME##', smtp_port: '##SMTP_PORT##', smtp_user: '##SMTP_USER##', smtp_pass: '##SMTP_PASS##' }, (updated.credentials || {}));
+        updated.credentials = {
+            smtp_host: '##SMTP_HOSTNAME##',
+            smtp_port: '##SMTP_PORT##',
+            smtp_user: '##SMTP_USER##',
+            smtp_pass: '##SMTP_PASS##',
+            ...(updated.credentials || {}),
+        };
     }
     if (name === 'ses') {
-        updated.credentials = Object.assign({ accessKeyId: '##SES_ACCESS_KEY_ID##', secretAccessKey: '##SES_ACCESS_SECRET_KEY##', region: '##SES_AWS_REGION##' }, (updated.credentials || {}));
+        updated.credentials = {
+            accessKeyId: '##SES_ACCESS_KEY_ID##',
+            secretAccessKey: '##SES_ACCESS_SECRET_KEY##',
+            region: '##SES_AWS_REGION##',
+            ...(updated.credentials || {}),
+        };
     }
     if (name === 'azure_cs') {
-        updated.credentials = Object.assign({ connectionString: '##AZURE_CS_CONNECTION_KEY##' }, (updated.credentials || {}));
+        updated.credentials = {
+            connectionString: '##AZURE_CS_CONNECTION_KEY##',
+            ...(updated.credentials || {}),
+        };
     }
     if (name === 'ms365') {
-        updated.credentials = Object.assign({ tenantId: '##MS365_TENANT_ID##', clientId: '##MS365_CLIENT_ID##', clientSecret: '##MS365_CLIENT_SECRET##' }, (updated.credentials || {}));
+        updated.credentials = {
+            tenantId: '##MS365_TENANT_ID##',
+            clientId: '##MS365_CLIENT_ID##',
+            clientSecret: '##MS365_CLIENT_SECRET##',
+            ...(updated.credentials || {}),
+        };
     }
     return updated;
 }
 function phoneProviderDefaults(phoneProvider) {
-    const updated = Object.assign({}, phoneProvider);
+    const updated = { ...phoneProvider };
     const removeKeysFromOutput = [
         'id',
         'created_at',
@@ -59,6 +82,24 @@ function phoneProviderDefaults(phoneProvider) {
     }
     return updated;
 }
+function phoneTemplatesDefaults(phoneTemplate) {
+    const updated = { ...phoneTemplate };
+    // Strip read-only fields that are returned by the API but should not be included in exported config
+    const removeKeysFromOutput = [
+        'id',
+        'channel',
+        'customizable',
+        'tenant',
+        'created_at',
+        'updated_at',
+    ];
+    removeKeysFromOutput.forEach((key) => {
+        if (key in updated) {
+            delete updated[key];
+        }
+    });
+    return updated;
+}
 function connectionDefaults(connection) {
     if (connection.options) {
         // Mask secret for key: connection.options.client_secret
@@ -103,14 +144,20 @@ function attackProtectionDefaults(attackProtection) {
         const providersWithSecrets = ['arkose', 'hcaptcha', 'friendly_captcha', 'recaptcha_v2'];
         providersWithSecrets.forEach((provider) => {
             if (captcha[provider]) {
-                captcha[provider] = Object.assign(Object.assign({}, captcha[provider]), { secret: `##CAPTCHA_${provider.toUpperCase()}_SECRET##` });
+                captcha[provider] = {
+                    ...captcha[provider],
+                    secret: `##CAPTCHA_${provider.toUpperCase()}_SECRET##`,
+                };
             }
         });
         if ('recaptcha_enterprise' in captcha) {
-            captcha.recaptcha_enterprise = Object.assign(Object.assign({}, captcha.recaptcha_enterprise), { api_key: '##CAPTCHA_RECAPTCHA_ENTERPRISE_API_KEY##', project_id: '##CAPTCHA_RECAPTCHA_ENTERPRISE_PROJECT_ID##' });
+            captcha.recaptcha_enterprise = {
+                ...captcha.recaptcha_enterprise,
+                api_key: '##CAPTCHA_RECAPTCHA_ENTERPRISE_API_KEY##',
+                project_id: '##CAPTCHA_RECAPTCHA_ENTERPRISE_PROJECT_ID##',
+            };
         }
         attackProtection.captcha = captcha;
     }
     return attackProtection;
 }
-//# sourceMappingURL=defaults.js.map