firebase-tools 14.15.2 → 14.16.0

package/lib/mcp/prompts/crashlytics/connect.js

@@ -0,0 +1,114 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.connect = void 0;
+const prompt_1 = require("../../prompt");
+exports.connect = (0, prompt_1.prompt)({
+    name: "connect",
+    omitPrefix: false,
+    description: "Access a Firebase application's Crashlytics data.",
+    annotations: {
+        title: "Access Crashlytics data",
+    },
+}, async (unused, { accountEmail }) => {
+    return [
+        {
+            role: "user",
+            content: {
+                type: "text",
+                text: `
+You are going to help a developer prioritize and fix issues in their
+mobile application by accessing their Firebase Crashlytics data.
+
+Active user: ${accountEmail || "<NONE>"}
+
+## Required first steps! Absolutely required! Incredibly important!
+
+  1. **Make sure the user is logged in. No Crashlytics tools will work if the user is not logged in.**
+    a. Use the \`firebase_get_environment\` tool to verify that the user is logged in,
+       and find the active Firebase project.
+    b. If the Firebase 'Active user' is set to <NONE>, instruct the user to run \`firebase login\` 
+       before continuing. 
+
+  2. **Get the app_id for the Firebase application.** 
+    a. If this is an Android app, read the mobilesdk_app_id value specified in the 
+       google-services.json file. If there are multiple files or multiple app ids in a 
+       single file, ask the user to choose one by providing a numbered list of all the package names.
+    b. If this is an iOS app, read the GOOGLE_APP_ID from GoogleService-Info.plist file. 
+       If there are multiple files or multiple app ids in single file, ask the user to 
+       choose one by providing a numbered list of all the bundle names.
+    c. If you can't find either of the above, just ask the user for the app id.
+
+## Next steps
+
+Once you have confirmed that the user is logged in to Firebase, and confirmed the
+id for the application that they want to access, then you can ask the user what actions
+they would like to perform. Here are some possibilities and instructions follow below:
+
+  1. Prioritize the most impactful stability issues
+  2. Diagnose and propose a fix for a crash
+
+## Instructions for Using Crashlytics Data
+
+### How to prioritize issues
+
+Follow these steps to fetch issues and prioritize them.
+
+  1. Use the 'crashlytics_list_top_issues' tool to fetch up to 20 issues.
+  2. Use the 'crashlytics_list_top_versions' tool to fetch the top versions for this app.
+  3. If the user instructions include statements about prioritization, use those instructions.
+  4. If the user instructions do not include statements about prioritization, 
+  then prioritize the returned issues using the following criteria:
+    4a. The app versions for the issue include the most recent version of the app.
+    4b. The number of users experiencing the issue across variants
+    4c. The volume of crashes
+  5. Return the top 5 issues, with a brief description each in a numerical list with the following format: 
+    1. Issue <issue id>
+        * <the issue title>
+        * <the issue subtitle>
+        * **Description:** <a discription of the issue based on information from the tool response>
+        * **Rationale:** <the reason this issue was prioritized in the way it was>
+
+### How to diagnose and fix issues
+
+Follow these steps to diagnose and fix issues.
+
+  1. Make sure you have a good understanding of the code structure and where different functionality exists
+  2. Use the 'crashlytics_get_issue_details' tool to get more context on the issue.
+  3. Use the 'crashlytics_get_sample_crash_for_issue' tool to get 3 example crashes for this issue.
+  4. Read the files that exist in the stack trace of the issue to understand the crash deeply.
+  5. Determine the root cause of the crash.
+  6. Write out a plan using the following criteria:
+    6a. Write out a description of the issue and including
+        * A brief description of the cause of the issue
+        * A determination of your level of confidence in the cause of the issue
+        * A determination of which library is at fault, this codebase or a dependent library
+        * A determination for how complex the fix will be
+    6b. The plan should include relevant files to change
+    6c. The plan should include a test plan to verify the fix
+    6d. Use the following format for the plan:
+
+    ## Cause
+    <A description of the root cause leading to the issue>
+      - **Fault**: <a determination of whether this code base is at fault or a dependent library is at fault>
+      - **Complexity**: <one of "simple", "moderately simple", "moderately hard", "hard", "oof, I don't know where to start">
+    
+    ## Fix
+    <A description of the fix for this issue and a break down of the changes.>
+      1. <Step 1>
+      2. <Step 2>
+
+    ## Test
+    <A plan for how to test that the issue has been fixed and protect against regressions>
+      1. <Test case 1>
+      2. <Test case 2>
+      
+  7. Present the plan to the user and get approval before making the change.
+  8. Fix the issue.
+    8a. Be mindful of API contracts and do not add fields to resources without a clear way to populate those fields
+    8b. If there is not enough information in the crash report to find a root cause, describe why you cannot fix the issue instead of making a guess.
+  9. Ask the developer if they would like you to test the fix for them.
+`.trim(),
+            },
+        },
+    ];
+});

package/lib/mcp/prompts/crashlytics/index.js

@@ -1,6 +1,5 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.crashlyticsPrompts = void 0;
-const fix_issue_1 = require("./fix_issue");
-const prioritize_issues_1 = require("./prioritize_issues");
-exports.crashlyticsPrompts = [fix_issue_1.fix_issue, prioritize_issues_1.prioritize_issues];
+const connect_1 = require("./connect");
+exports.crashlyticsPrompts = [connect_1.connect];

package/lib/mcp/tools/auth/disable_user.js

@@ -24,7 +24,7 @@ exports.disable_user = (0, tool_1.tool)({
 }, async ({ uid, disabled }, { projectId }) => {
     const res = await (0, auth_1.disableUser)(projectId, uid, disabled);
     if (res) {
-        return (0, util_1.toContent)(`User ${uid} as been ${disabled ? "disabled" : "enabled"}`);
+        return (0, util_1.toContent)(`User ${uid} has been ${disabled ? "disabled" : "enabled"}`);
     }
     return (0, util_1.toContent)(`Failed to ${disabled ? "disable" : "enable"} user ${uid}`);
 });

package/lib/mcp/tools/auth/get_user.js

@@ -32,7 +32,14 @@ exports.get_user = (0, tool_1.tool)({
     },
 }, async ({ email, phone_number, uid }, { projectId }) => {
     if (email === undefined && phone_number === undefined && uid === undefined) {
-        return (0, util_1.mcpError)(`No user identifier supplied in auth_get_user tool`);
+        return (0, util_1.mcpError)("No user identifier supplied in auth_get_user tool");
     }
-    return (0, util_1.toContent)(await (0, auth_1.findUser)(projectId, email, phone_number, uid));
+    let user;
+    try {
+        user = await (0, auth_1.findUser)(projectId, email, phone_number, uid);
+    }
+    catch (err) {
+        return (0, util_1.mcpError)("Unable to find user");
+    }
+    return (0, util_1.toContent)(user);
 });

package/lib/mcp/tools/core/index.js

@@ -13,7 +13,11 @@ const get_environment_1 = require("./get_environment");
 const update_environment_1 = require("./update_environment");
 const list_projects_1 = require("./list_projects");
 const consult_assistant_1 = require("./consult_assistant");
+const login_1 = require("./login");
+const logout_1 = require("./logout");
 exports.coreTools = [
+    login_1.login,
+    logout_1.logout,
     get_project_1.get_project,
     list_apps_1.list_apps,
     get_admin_sdk_config_1.get_admin_sdk_config,

package/lib/mcp/tools/core/init.js

@@ -6,6 +6,7 @@ const tool_1 = require("../../tool");
 const util_1 = require("../../util");
 const database_1 = require("../../../init/features/database");
 const index_1 = require("../../../init/index");
+const freeTrial_1 = require("../../../dataconnect/freeTrial");
 exports.init = (0, tool_1.tool)({
     name: "init",
     description: "Initializes selected Firebase features in the workspace (Firestore, Data Connect, Realtime Database). All features are optional; provide only the products you wish to set up. " +
@@ -70,12 +71,19 @@ exports.init = (0, tool_1.tool)({
                 cloudsql_instance_id: zod_1.z
                     .string()
                     .optional()
-                    .describe("The GCP Cloud SQL instance ID to use in the Firebase Data Connect service. By default, use <serviceId>-fdc."),
+                    .describe("The GCP Cloud SQL instance ID to use in the Firebase Data Connect service. By default, use <serviceId>-fdc. " +
+                    "\nSet `provision_cloudsql` to true to start Cloud SQL provisioning."),
                 cloudsql_database: zod_1.z
                     .string()
                     .optional()
                     .default("fdcdb")
                     .describe("The Postgres database ID to use in the Firebase Data Connect service."),
+                provision_cloudsql: zod_1.z
+                    .boolean()
+                    .optional()
+                    .default(false)
+                    .describe("If true, provision the Cloud SQL instance if `cloudsql_instance_id` does not exist already. " +
+                    `\nThe first Cloud SQL instance in the project will use the Data Connect no-cost trial. See its terms of service: ${(0, freeTrial_1.freeTrialTermsLink)()}.`),
             })
                 .optional()
                 .describe("Provide this object to initialize Firebase Data Connect with Cloud SQL Postgres in this project directory.\n" +
@@ -138,6 +146,7 @@ exports.init = (0, tool_1.tool)({
             locationId: features.dataconnect.location_id || "",
             cloudSqlInstanceId: features.dataconnect.cloudsql_instance_id || "",
             cloudSqlDatabase: features.dataconnect.cloudsql_database || "",
+            shouldProvisionCSQL: !!features.dataconnect.provision_cloudsql,
         };
         featureInfo.dataconnectSdk = {
             apps: [],
@@ -155,7 +164,7 @@ exports.init = (0, tool_1.tool)({
     config.writeProjectFile("firebase.json", setup.config);
     config.writeProjectFile(".firebaserc", setup.rcfile);
     if (featureInfo.dataconnectSdk && !featureInfo.dataconnectSdk.apps.length) {
-        setup.instructions.push(`No app is found in the current folder. We recommend you create an app (web, ios, android) first, then re-run the 'firebase_init' MCP tool to add Data Connect SDKs to your apps.
+        setup.instructions.push(`No app is found in the current folder. We recommend you create an app (web, ios, android) first, then re-run the 'firebase_init' MCP tool with the same input without app_description to add Data Connect SDKs to your apps.
   Consider popular commands like 'npx create-react-app my-app', 'npx create-next-app my-app', 'flutter create my-app', etc`);
     }
     return (0, util_1.toContent)(`Successfully setup those features: ${featuresList.join(", ")}

package/lib/mcp/tools/core/login.js

@@ -0,0 +1,46 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.login = void 0;
+const zod_1 = require("zod");
+const tool_1 = require("../../tool");
+const auth_1 = require("../../../auth");
+const util_1 = require("../../util");
+const LoginInputSchema = zod_1.z.object({
+    authCode: zod_1.z.string().optional().describe("The authorization code from the login flow"),
+});
+exports.login = (0, tool_1.tool)({
+    name: "login",
+    description: "Logs the user into the Firebase CLI and MCP server.",
+    inputSchema: LoginInputSchema,
+    _meta: {
+        requiresAuth: false,
+    },
+}, async (input, ctx) => {
+    const { authCode } = input;
+    const serverWithState = ctx.host;
+    if (authCode) {
+        if (!serverWithState.authorize) {
+            return (0, util_1.mcpError)("Login flow not started. Please call this tool without the authCode argument first to get a login URI.");
+        }
+        try {
+            const creds = await serverWithState.authorize(authCode);
+            delete serverWithState.authorize;
+            const user = creds.user;
+            return (0, util_1.toContent)(`Successfully logged in as ${user.email}`);
+        }
+        catch (e) {
+            delete serverWithState.authorize;
+            return (0, util_1.mcpError)(`Login failed: ${e.message}`);
+        }
+    }
+    else {
+        const prototyper = await (0, auth_1.loginPrototyper)();
+        serverWithState.authorize = prototyper.authorize;
+        const result = {
+            uri: prototyper.uri,
+            sessionId: prototyper.sessionId,
+        };
+        const humanReadable = `Please visit this URL to login: ${result.uri}\nYour session ID is: ${result.sessionId}\nInstruct the use to copy the authorization code from that link, and paste it into chat.\nThen, run this tool again with that as the authCode argument to complete the login.`;
+        return (0, util_1.toContent)(humanReadable);
+    }
+});

package/lib/mcp/tools/core/logout.js

@@ -0,0 +1,62 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.logout = void 0;
+const zod_1 = require("zod");
+const clc = require("colorette");
+const tool_1 = require("../../tool");
+const util_1 = require("../../util");
+const auth_1 = require("../../../auth");
+const logger_1 = require("../../../logger");
+exports.logout = (0, tool_1.tool)({
+    name: "logout",
+    description: "Log the CLI out of Firebase",
+    inputSchema: zod_1.z.object({
+        email: zod_1.z
+            .string()
+            .optional()
+            .describe("The email of the account to log out. If not provided, all accounts will be logged out."),
+    }),
+    _meta: {
+        requiresAuth: false,
+        requiresProject: false,
+    },
+}, async ({ email }) => {
+    const allAccounts = (0, auth_1.getAllAccounts)();
+    if (allAccounts.length === 0) {
+        return (0, util_1.toContent)("No need to log out, not logged in");
+    }
+    const defaultAccount = (0, auth_1.getGlobalDefaultAccount)();
+    const additionalAccounts = (0, auth_1.getAdditionalAccounts)();
+    const accountsToLogOut = email
+        ? allAccounts.filter((a) => a.user.email === email)
+        : allAccounts;
+    if (email && accountsToLogOut.length === 0) {
+        return (0, util_1.toContent)(`No account matches ${email}, can't log out.`);
+    }
+    const logoutDefault = email === (defaultAccount === null || defaultAccount === void 0 ? void 0 : defaultAccount.user.email);
+    let newDefaultAccount = undefined;
+    if (logoutDefault && additionalAccounts.length > 0) {
+        newDefaultAccount = additionalAccounts[0];
+    }
+    const logoutMessages = [];
+    for (const account of accountsToLogOut) {
+        const token = account.tokens.refresh_token;
+        if (token) {
+            try {
+                await (0, auth_1.logout)(token);
+                logoutMessages.push(`Logged out from ${clc.bold(account.user.email)}`);
+            }
+            catch (e) {
+                if (e instanceof Error) {
+                    logger_1.logger.debug(e.message);
+                }
+                logoutMessages.push(`Could not deauthorize ${account.user.email}, assuming already deauthorized.`);
+            }
+        }
+    }
+    if (newDefaultAccount) {
+        (0, auth_1.setGlobalDefaultAccount)(newDefaultAccount);
+        logoutMessages.push(`Setting default account to "${newDefaultAccount.user.email}"`);
+    }
+    return (0, util_1.toContent)(logoutMessages.join("\n"));
+});

package/lib/mcp/tools/dataconnect/index.js

@@ -3,13 +3,13 @@ Object.defineProperty(exports, "__esModule", { value: true });
 exports.dataconnectTools = void 0;
 const generate_operation_1 = require("./generate_operation");
 const generate_schema_1 = require("./generate_schema");
-const info_1 = require("./info");
+const list_services_1 = require("./list_services");
 const compile_1 = require("./compile");
 const execute_1 = require("./execute");
 exports.dataconnectTools = [
     compile_1.compile,
     generate_schema_1.generate_schema,
     generate_operation_1.generate_operation,
-    info_1.info,
+    list_services_1.list_services,
     execute_1.execute,
 ];

package/lib/mcp/tools/dataconnect/{info.js → list_services.js}

@@ -1,6 +1,6 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.info = void 0;
+exports.list_services = void 0;
 const zod_1 = require("zod");
 const path = require("path");
 const tool_1 = require("../../tool");
@@ -9,12 +9,12 @@ const client = require("../../../dataconnect/client");
 const load_1 = require("../../../dataconnect/load");
 const js_yaml_1 = require("js-yaml");
 const logger_1 = require("../../../logger");
-exports.info = (0, tool_1.tool)({
-    name: "info",
-    description: "Get information about the Firebase Data Connect local and deployed resources.",
+exports.list_services = (0, tool_1.tool)({
+    name: "list_services",
+    description: "List existing local and backend Firebase Data Connect services",
     inputSchema: zod_1.z.object({}),
     annotations: {
-        title: "Get information about Firebase Data Connect",
+        title: "List existing Firebase Data Connect services",
         readOnlyHint: true,
     },
     _meta: {

package/lib/mcp/util.js

@@ -1,9 +1,7 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.cleanSchema = exports.checkFeatureActive = exports.commandExistsSync = exports.mcpError = exports.toContent = void 0;
-const child_process_1 = require("child_process");
+exports.cleanSchema = exports.checkFeatureActive = exports.mcpError = exports.toContent = void 0;
 const js_yaml_1 = require("js-yaml");
-const os_1 = require("os");
 const api_1 = require("../api");
 const ensureApiEnabled_1 = require("../ensureApiEnabled");
 const timeout_1 = require("../timeout");
@@ -41,20 +39,6 @@ function mcpError(message, code) {
     };
 }
 exports.mcpError = mcpError;
-function commandExistsSync(command) {
-    try {
-        const isWindows = (0, os_1.platform)() === "win32";
-        const commandToCheck = isWindows
-            ? `where "${command}" > nul 2> nul`
-            : `which "${command}" > /dev/null 2> /dev/null`;
-        (0, child_process_1.execSync)(commandToCheck);
-        return true;
-    }
-    catch (error) {
-        return false;
-    }
-}
-exports.commandExistsSync = commandExistsSync;
 const SERVER_FEATURE_APIS = {
     core: "",
     firestore: (0, api_1.firestoreOrigin)(),

package/lib/serve/functions.js

@@ -21,11 +21,12 @@ class FunctionsServer {
         const config = projectConfig.normalizeAndValidate(options.config.src.functions);
         const backends = [];
         for (const cfg of config) {
-            const functionsDir = path.join(options.config.projectDir, cfg.source);
+            const localCfg = projectConfig.requireLocal(cfg, "Remote sources are not supported in the Functions emulator.");
+            const functionsDir = path.join(options.config.projectDir, localCfg.source);
             backends.push({
                 functionsDir,
-                codebase: cfg.codebase,
-                runtime: cfg.runtime,
+                codebase: localCfg.codebase,
+                runtime: localCfg.runtime,
                 env: {},
                 secretEnv: [],
             });

package/lib/unzip.js

@@ -57,6 +57,9 @@ const extractEntriesFromBuffer = async (data, outputDir) => {
         logger_1.logger.debug(`[unzip] Entry: ${entry.fileName} (compressed_size=${entry.compressedSize} bytes, uncompressed_size=${entry.uncompressedSize} bytes)`);
         entry.fileName = entry.fileName.replace(/\//g, path.sep);
         const outputFilePath = path.normalize(path.join(outputDir, entry.fileName));
+        if (!isChildDir(outputDir, outputFilePath)) {
+            throw new error_1.FirebaseError(`ZIP contained an entry for ${outputFilePath},  a path outside of ${outputDir}`);
+        }
         logger_1.logger.debug(`[unzip] Processing entry: ${entry.fileName}`);
         if (entry.fileName.endsWith(path.sep)) {
             logger_1.logger.debug(`[unzip] mkdir: ${outputFilePath}`);
@@ -82,6 +85,16 @@ const extractEntriesFromBuffer = async (data, outputDir) => {
         position += entry.headerSize + entry.compressedSize + dataDescriptorSize;
     }
 };
+function isChildDir(parentDir, potentialChild) {
+    try {
+        const resolvedParent = path.resolve(parentDir);
+        const resolvedChild = path.resolve(potentialChild);
+        return resolvedChild.startsWith(resolvedParent) && resolvedChild !== resolvedParent;
+    }
+    catch (error) {
+        return false;
+    }
+}
 const unzip = async (inputPath, outputDir) => {
     const data = await fs.promises.readFile(inputPath);
     await extractEntriesFromBuffer(data, outputDir);

package/lib/utils.js

@@ -1,7 +1,7 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.openInBrowserPopup = exports.openInBrowser = exports.connectableHostname = exports.randomInt = exports.debounce = exports.last = exports.cloneDeep = exports.groupBy = exports.assertIsStringOrUndefined = exports.assertIsNumber = exports.assertIsString = exports.thirtyDaysFromNow = exports.isRunningInWSL = exports.isCloudEnvironment = exports.datetimeString = exports.createDestroyer = exports.sleep = exports.promiseWithSpinner = exports.tryParse = exports.promiseProps = exports.withTimeout = exports.promiseWhile = exports.promiseAllSettled = exports.getFunctionsEventProvider = exports.endpoint = exports.makeActiveProject = exports.streamToString = exports.stringToStream = exports.explainStdin = exports.allSettled = exports.reject = exports.logLabeledError = exports.logLabeledWarning = exports.logWarningToStderr = exports.logWarning = exports.logLabeledBullet = exports.logBullet = exports.logLabeledSuccess = exports.logSuccess = exports.addSubdomain = exports.addDatabaseNamespace = exports.getDatabaseViewDataUrl = exports.getDatabaseUrl = exports.envOverride = exports.setVSCodeEnvVars = exports.getInheritedOption = exports.consoleUrl = exports.vscodeEnvVars = exports.envOverrides = exports.IS_WINDOWS = void 0;
-exports.newUniqueId = exports.deepEqual = exports.promptForDirectory = exports.updateOrCreateGitignore = exports.readSecretValue = exports.generatePassword = exports.generateId = exports.wrappedSafeLoad = exports.readFileFromDirectory = exports.getHostnameFromUrl = void 0;
+exports.commandExistsSync = exports.newUniqueId = exports.deepEqual = exports.promptForDirectory = exports.updateOrCreateGitignore = exports.readSecretValue = exports.generatePassword = exports.generateId = exports.wrappedSafeLoad = exports.readFileFromDirectory = exports.getHostnameFromUrl = void 0;
 const fs = require("fs-extra");
 const tty = require("tty");
 const path = require("node:path");
@@ -24,6 +24,8 @@ const prompt_1 = require("./prompt");
 const templates_1 = require("./templates");
 const vsCodeUtils_1 = require("./vsCodeUtils");
 const fsutils_1 = require("./fsutils");
+const node_os_1 = require("node:os");
+const node_child_process_1 = require("node:child_process");
 exports.IS_WINDOWS = process.platform === "win32";
 const SUCCESS_CHAR = exports.IS_WINDOWS ? "+" : "✔";
 const WARNING_CHAR = exports.IS_WINDOWS ? "!" : "⚠";
@@ -657,3 +659,17 @@ function newUniqueId(recommended, existingIDs) {
     return id;
 }
 exports.newUniqueId = newUniqueId;
+function commandExistsSync(command) {
+    try {
+        const isWindows = (0, node_os_1.platform)() === "win32";
+        const commandToCheck = isWindows
+            ? `where "${command}" > nul 2> nul`
+            : `which "${command}" > /dev/null 2> /dev/null`;
+        (0, node_child_process_1.execSync)(commandToCheck);
+        return true;
+    }
+    catch (error) {
+        return false;
+    }
+}
+exports.commandExistsSync = commandExistsSync;

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "firebase-tools",
-  "version": "14.15.2",
+  "version": "14.16.0",
   "description": "Command-Line Interface for Firebase",
   "main": "./lib/index.js",
   "bin": {