firebase-tools 9.19.0 → 9.20.0

package/lib/emulator/auth/state.js

@@ -283,7 +283,13 @@ class ProjectState {
     createRefreshTokenFor(userInfo, provider, { extraClaims = {}, secondFactor, } = {}) {
         const localId = userInfo.localId;
         const refreshToken = utils_1.randomBase64UrlStr(204);
-        this.refreshTokens.set(refreshToken, { localId, provider, extraClaims, secondFactor });
+        this.refreshTokens.set(refreshToken, {
+            localId,
+            provider,
+            extraClaims,
+            secondFactor,
+            tenantId: userInfo.tenantId,
+        });
         let refreshTokens = this.refreshTokensForLocalId.get(localId);
         if (!refreshTokens) {
             refreshTokens = new Set();
@@ -416,9 +422,9 @@ exports.ProjectState = ProjectState;
 class AgentProjectState extends ProjectState {
     constructor(projectId) {
         super(projectId);
-        this.tenantForTenantId = new Map();
         this._oneAccountPerEmail = true;
         this._usageMode = UsageMode.DEFAULT;
+        this.tenantProjectForTenantId = new Map();
         this._authCloudFunction = new cloudFunctions_1.AuthCloudFunction(this.projectId);
     }
     get authCloudFunction() {
@@ -436,27 +442,74 @@ class AgentProjectState extends ProjectState {
     set usageMode(usageMode) {
         this._usageMode = usageMode;
     }
-    getTenant() {
-        throw new errors_1.NotImplementedError("getTenant is not implemented yet.");
+    get allowPasswordSignup() {
+        return true;
+    }
+    get disableAuth() {
+        return false;
+    }
+    get mfaConfig() {
+        return { state: "ENABLED", enabledProviders: ["PHONE_SMS"] };
+    }
+    get enableAnonymousUser() {
+        return true;
     }
-    listTenants() {
-        throw new errors_1.NotImplementedError("listTenants is not implemented yet.");
+    get enableEmailLinkSignin() {
+        return true;
     }
-    createTenant() {
-        throw new errors_1.NotImplementedError("createTenant is not implemented yet.");
+    getTenantProject(tenantId) {
+        if (!this.tenantProjectForTenantId.has(tenantId)) {
+            this.createTenantWithTenantId(tenantId, { tenantId });
+        }
+        return this.tenantProjectForTenantId.get(tenantId);
     }
-    updateTenant() {
-        throw new errors_1.NotImplementedError("updateTenant is not implemented yet.");
+    listTenants(startToken) {
+        const tenantProjects = [];
+        for (const tenantProject of this.tenantProjectForTenantId.values()) {
+            if (!startToken || tenantProject.tenantId > startToken) {
+                tenantProjects.push(tenantProject);
+            }
+        }
+        tenantProjects.sort((a, b) => {
+            if (a.tenantId < b.tenantId) {
+                return -1;
+            }
+            else if (a.tenantId > b.tenantId) {
+                return 1;
+            }
+            return 0;
+        });
+        return tenantProjects.map((tenantProject) => tenantProject.tenantConfig);
+    }
+    createTenant(tenant) {
+        for (let i = 0; i < 10; i++) {
+            const tenantId = utils_1.randomId(28);
+            const createdTenant = this.createTenantWithTenantId(tenantId, tenant);
+            if (createdTenant) {
+                return createdTenant;
+            }
+        }
+        throw new Error("Could not generate a random unique tenantId after 10 tries");
+    }
+    createTenantWithTenantId(tenantId, tenant) {
+        if (this.tenantProjectForTenantId.has(tenantId)) {
+            return undefined;
+        }
+        tenant.name = `projects/${this.projectId}/tenants/${tenantId}`;
+        tenant.tenantId = tenantId;
+        this.tenantProjectForTenantId.set(tenantId, new TenantProjectState(this.projectId, tenantId, tenant, this));
+        return tenant;
     }
-    deleteTenant() {
-        throw new errors_1.NotImplementedError("deleteTenant is not implemented yet.");
+    deleteTenant(tenantId) {
+        this.tenantProjectForTenantId.delete(tenantId);
     }
 }
 exports.AgentProjectState = AgentProjectState;
 class TenantProjectState extends ProjectState {
-    constructor(projectId, tenantId, parentProject) {
+    constructor(projectId, tenantId, _tenantConfig, parentProject) {
         super(projectId);
         this.tenantId = tenantId;
+        this._tenantConfig = _tenantConfig;
         this.parentProject = parentProject;
     }
     get oneAccountPerEmail() {
@@ -468,6 +521,72 @@ class TenantProjectState extends ProjectState {
     get usageMode() {
         return this.parentProject.usageMode;
     }
+    get tenantConfig() {
+        return this._tenantConfig;
+    }
+    get allowPasswordSignup() {
+        var _a;
+        return (_a = this._tenantConfig.allowPasswordSignup) !== null && _a !== void 0 ? _a : true;
+    }
+    get disableAuth() {
+        var _a;
+        return (_a = this._tenantConfig.disableAuth) !== null && _a !== void 0 ? _a : false;
+    }
+    get mfaConfig() {
+        var _a;
+        return ((_a = this._tenantConfig.mfaConfig) !== null && _a !== void 0 ? _a : {
+            state: "ENABLED",
+            enabledProviders: ["PHONE_SMS"],
+        });
+    }
+    get enableAnonymousUser() {
+        var _a;
+        return (_a = this._tenantConfig.enableAnonymousUser) !== null && _a !== void 0 ? _a : true;
+    }
+    get enableEmailLinkSignin() {
+        var _a;
+        return (_a = this._tenantConfig.enableEmailLinkSignin) !== null && _a !== void 0 ? _a : true;
+    }
+    delete() {
+        this.parentProject.deleteTenant(this.tenantId);
+    }
+    updateTenant(update, updateMask) {
+        if (!updateMask) {
+            this._tenantConfig = Object.assign(Object.assign({}, update), { tenantId: this.tenantId, name: this.tenantConfig.name });
+            return this.tenantConfig;
+        }
+        const paths = updateMask.split(",");
+        for (const path of paths) {
+            const fields = path.split(".");
+            let updateField = update;
+            let existingField = this._tenantConfig;
+            let field;
+            for (let i = 0; i < fields.length - 1; i++) {
+                field = fields[i];
+                if (updateField[field] == null) {
+                    console.warn(`Unable to find field '${field}' in update '${updateField}`);
+                    break;
+                }
+                if (Array.isArray(updateField[field]) ||
+                    Object(updateField[field]) !== updateField[field]) {
+                    console.warn(`Field '${field}' is singular and cannot have sub-fields`);
+                    break;
+                }
+                if (!existingField[field]) {
+                    existingField[field] = {};
+                }
+                updateField = updateField[field];
+                existingField = existingField[field];
+            }
+            field = fields[fields.length - 1];
+            if (updateField[field] == null) {
+                console.warn(`Unable to find field '${field}' in update '${JSON.stringify(updateField)}`);
+                continue;
+            }
+            existingField[field] = updateField[field];
+        }
+        return this.tenantConfig;
+    }
 }
 exports.TenantProjectState = TenantProjectState;
 function getProviderEmailsForUser(user) {

package/lib/emulator/download.js

@@ -1,23 +1,21 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.downloadEmulator = void 0;
-const url_1 = require("url");
 const crypto = require("crypto");
 const fs = require("fs-extra");
 const path = require("path");
-const ProgressBar = require("progress");
 const tmp = require("tmp");
 const unzipper = require("unzipper");
-const apiv2_1 = require("../apiv2");
 const emulatorLogger_1 = require("./emulatorLogger");
 const error_1 = require("../error");
 const downloadableEmulators = require("./downloadableEmulators");
+const downloadUtils = require("../downloadUtils");
 tmp.setGracefulCleanup();
 async function downloadEmulator(name) {
     const emulator = downloadableEmulators.getDownloadDetails(name);
     emulatorLogger_1.EmulatorLogger.forEmulator(name).logLabeled("BULLET", name, `downloading ${path.basename(emulator.downloadPath)}...`);
     fs.ensureDirSync(emulator.opts.cacheDir);
-    const tmpfile = await downloadToTmp(emulator.opts.remoteUrl);
+    const tmpfile = await downloadUtils.downloadToTmp(emulator.opts.remoteUrl);
     if (!emulator.opts.skipChecksumAndSize) {
         await validateSize(tmpfile, emulator.opts.expectedSize);
         await validateChecksum(tmpfile, emulator.opts.expectedChecksum);
@@ -58,33 +56,6 @@ function removeOldFiles(name, emulator, removeAllVersions = false) {
         }
     }
 }
-async function downloadToTmp(remoteUrl) {
-    const u = new url_1.URL(remoteUrl);
-    const c = new apiv2_1.Client({ urlPrefix: u.origin, auth: false });
-    const tmpfile = tmp.fileSync();
-    const writeStream = fs.createWriteStream(tmpfile.name);
-    const res = await c.request({
-        method: "GET",
-        path: u.pathname,
-        queryParams: u.searchParams,
-        responseType: "stream",
-        resolveOnHTTPError: true,
-    });
-    if (res.status !== 200) {
-        throw new error_1.FirebaseError(`download failed, status ${res.status}`, { exit: 1 });
-    }
-    const total = parseInt(res.response.headers.get("content-length") || "0", 10);
-    const totalMb = Math.ceil(total / 1000000);
-    const bar = new ProgressBar(`Progress: :bar (:percent of ${totalMb}MB)`, { total, head: ">" });
-    res.body.on("data", (chunk) => {
-        bar.tick(chunk.length);
-    });
-    await new Promise((resolve) => {
-        writeStream.on("finish", resolve);
-        res.body.pipe(writeStream);
-    });
-    return tmpfile.name;
-}
 function validateSize(filepath, expectedSize) {
     return new Promise((resolve, reject) => {
         const stat = fs.statSync(filepath);

package/lib/emulator/functionsEmulatorRuntime.js

@@ -259,13 +259,35 @@ async function initializeFirebaseFunctionsStubs(frb) {
     };
     const onCallInnerMethodName = "_onCallWithOptions";
     const onCallMethodOriginal = httpsProvider[onCallInnerMethodName];
-    httpsProvider[onCallInnerMethodName] = (handler, opts) => {
-        const wrapped = wrapCallableHandler(handler);
-        const cf = onCallMethodOriginal(wrapped, opts);
-        return cf;
-    };
-    httpsProvider.onCall = (handler) => {
-        return httpsProvider[onCallInnerMethodName](handler, {});
+    if (onCallMethodOriginal.length === 3) {
+        httpsProvider[onCallInnerMethodName] = (opts, handler, deployOpts) => {
+            const wrapped = wrapCallableHandler(handler);
+            const cf = onCallMethodOriginal(opts, wrapped, deployOpts);
+            return cf;
+        };
+    }
+    else {
+        httpsProvider[onCallInnerMethodName] = (handler, opts) => {
+            const wrapped = wrapCallableHandler(handler);
+            const cf = onCallMethodOriginal(wrapped, opts);
+            return cf;
+        };
+    }
+    httpsProvider.onCall = function (optsOrHandler, handler) {
+        if (onCallMethodOriginal.length === 3) {
+            let opts;
+            if (arguments.length === 1) {
+                opts = {};
+                handler = optsOrHandler;
+            }
+            else {
+                opts = optsOrHandler;
+            }
+            return httpsProvider[onCallInnerMethodName](opts, handler, {});
+        }
+        else {
+            return httpsProvider[onCallInnerMethodName](optsOrHandler, {});
+        }
     };
 }
 function wrapCallableHandler(handler) {

package/lib/extensions/askUserForConsent.js

@@ -1,6 +1,6 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.promptForPublisherTOS = exports.displayRoles = exports.retrieveRoleInfo = exports.formatDescription = void 0;
+exports.promptForPublisherTOS = exports.displayApis = exports.displayRoles = exports.retrieveRoleInfo = exports.formatDescription = void 0;
 const _ = require("lodash");
 const clc = require("cli-color");
 const marked = require("marked");
@@ -35,6 +35,19 @@ async function displayRoles(extensionName, projectId, roles) {
     utils.logLabeledBullet(extensionsHelper_1.logPrefix, message);
 }
 exports.displayRoles = displayRoles;
+function displayApis(extensionName, projectId, apis) {
+    if (!apis.length) {
+        return;
+    }
+    const question = `${clc.bold(extensionName)} will enable the following APIs for project ${clc.bold(projectId)}`;
+    const results = apis.map((api) => {
+        return `- ${api.apiName}: ${api.reason}`;
+    });
+    results.unshift(question);
+    const message = results.join("\n");
+    utils.logLabeledBullet(extensionsHelper_1.logPrefix, message);
+}
+exports.displayApis = displayApis;
 async function promptForPublisherTOS() {
     const termsOfServiceMsg = "By registering as a publisher, you confirm that you have read the Firebase Extensions Publisher Terms and Conditions (linked below) and you, on behalf of yourself and the organization you represent, agree to comply with it.  Here is a brief summary of the highlights of our terms and conditions:\n" +
         "  - You ensure extensions you publish comply with all laws and regulations; do not include any viruses, spyware, Trojan horses, or other malicious code; and do not violate any person’s rights, including intellectual property, privacy, and security rights.\n" +

package/lib/extensions/askUserForParam.js

@@ -5,11 +5,18 @@ const _ = require("lodash");
 const clc = require("cli-color");
 const marked = require("marked");
 const extensionsApi_1 = require("./extensionsApi");
+const secretManagerApi = require("../gcp/secretManager");
+const secretsUtils = require("./secretsUtils");
 const extensionsHelper_1 = require("./extensionsHelper");
 const utils_1 = require("./utils");
 const logger_1 = require("../logger");
 const prompt_1 = require("../prompt");
 const utils = require("../utils");
+var SecretUpdateAction;
+(function (SecretUpdateAction) {
+    SecretUpdateAction[SecretUpdateAction["LEAVE"] = 0] = "LEAVE";
+    SecretUpdateAction[SecretUpdateAction["SET_NEW"] = 1] = "SET_NEW";
+})(SecretUpdateAction || (SecretUpdateAction = {}));
 function checkResponse(response, spec) {
     let valid = true;
     let responses;
@@ -48,7 +55,7 @@ function checkResponse(response, spec) {
     return valid;
 }
 exports.checkResponse = checkResponse;
-async function askForParam(paramSpec) {
+async function askForParam(projectId, instanceId, paramSpec, reconfiguring) {
     let valid = false;
     let response = "";
     const description = paramSpec.description || "";
@@ -89,6 +96,11 @@ async function askForParam(paramSpec) {
                     choices: utils_1.convertExtensionOptionToLabeledList(paramSpec.options),
                 });
                 break;
+            case extensionsApi_1.ParamType.SECRET:
+                response = reconfiguring
+                    ? await promptReconfigureSecret(projectId, instanceId, paramSpec)
+                    : await promptCreateSecret(projectId, instanceId, paramSpec);
+                break;
             default:
                 response = await prompt_1.promptOnce({
                     name: paramSpec.param,
@@ -102,6 +114,63 @@ async function askForParam(paramSpec) {
     return response;
 }
 exports.askForParam = askForParam;
+async function promptReconfigureSecret(projectId, instanceId, paramSpec) {
+    const action = await prompt_1.promptOnce({
+        type: "list",
+        message: `Choose what you would like to do with this secret:`,
+        choices: [
+            { name: "Leave unchanged", value: SecretUpdateAction.LEAVE },
+            { name: "Set new value", value: SecretUpdateAction.SET_NEW },
+        ],
+    });
+    switch (action) {
+        case SecretUpdateAction.SET_NEW:
+            let secret;
+            let secretName;
+            if (paramSpec.default) {
+                secret = secretManagerApi.parseSecretResourceName(paramSpec.default);
+                secretName = secret.name;
+            }
+            else {
+                secretName = await generateSecretName(projectId, instanceId, paramSpec.param);
+            }
+            const secretValue = await prompt_1.promptOnce({
+                name: paramSpec.param,
+                type: "password",
+                message: `This secret will be stored in Cloud Secret Manager as ${secretName}.\nEnter new value for ${paramSpec.label.trim()}:`,
+            });
+            if (!secret) {
+                secret = await secretManagerApi.createSecret(projectId, secretName, secretsUtils.getSecretLabels(instanceId));
+            }
+            return addNewSecretVersion(projectId, instanceId, secret, paramSpec, secretValue);
+        case SecretUpdateAction.LEAVE:
+        default:
+            return paramSpec.default || "";
+    }
+}
+async function promptCreateSecret(projectId, instanceId, paramSpec) {
+    const secretName = await generateSecretName(projectId, instanceId, paramSpec.param);
+    const secretValue = await prompt_1.promptOnce({
+        name: paramSpec.param,
+        type: "password",
+        default: paramSpec.default,
+        message: `This secret will be stored in Cloud Secret Manager (https://cloud.google.com/secret-manager/pricing) as ${secretName} and managed by Firebase Extensions (Firebase Extensions Service Agent will be granted Secret Admin role on this secret).\nEnter a value for ${paramSpec.label.trim()}:`,
+    });
+    const secret = await secretManagerApi.createSecret(projectId, secretName, secretsUtils.getSecretLabels(instanceId));
+    return addNewSecretVersion(projectId, instanceId, secret, paramSpec, secretValue);
+}
+async function generateSecretName(projectId, instanceId, paramName) {
+    let secretName = `ext-${instanceId}-${paramName}`;
+    while (await secretManagerApi.secretExists(projectId, secretName)) {
+        secretName += `-${utils_1.getRandomString(3)}`;
+    }
+    return secretName;
+}
+async function addNewSecretVersion(projectId, instanceId, secret, paramSpec, secretValue) {
+    const version = await secretManagerApi.addVersion(secret, secretValue);
+    await secretsUtils.grantFirexServiceAgentSecretAdminRole(secret);
+    return `projects/${version.secret.projectId}/secrets/${version.secret.name}/versions/${version.versionId}`;
+}
 function getInquirerDefault(options, def) {
     const defaultOption = _.find(options, (option) => {
         return option.value === def;
@@ -109,7 +178,7 @@ function getInquirerDefault(options, def) {
     return defaultOption ? defaultOption.label || defaultOption.value : "";
 }
 exports.getInquirerDefault = getInquirerDefault;
-async function ask(paramSpecs, firebaseProjectParams) {
+async function ask(projectId, instanceId, paramSpecs, firebaseProjectParams, reconfiguring) {
     if (_.isEmpty(paramSpecs)) {
         logger_1.logger.debug("No params were specified for this extension.");
         return {};
@@ -119,7 +188,7 @@ async function ask(paramSpecs, firebaseProjectParams) {
     const result = {};
     const promises = _.map(substituted, (paramSpec) => {
         return async () => {
-            result[paramSpec.param] = await askForParam(paramSpec);
+            result[paramSpec.param] = await askForParam(projectId, instanceId, paramSpec, reconfiguring);
         };
     });
     await promises.reduce((prev, cur) => prev.then(cur), Promise.resolve());

package/lib/extensions/extensionsApi.js

@@ -30,6 +30,7 @@ var ParamType;
     ParamType["STRING"] = "STRING";
     ParamType["SELECT"] = "SELECT";
     ParamType["MULTISELECT"] = "MULTISELECT";
+    ParamType["SECRET"] = "SECRET";
 })(ParamType = exports.ParamType || (exports.ParamType = {}));
 async function createInstanceHelper(projectId, instanceId, config) {
     const createRes = await api.request("POST", `/${VERSION}/projects/${projectId}/instances/`, {

package/lib/extensions/extensionsHelper.js

@@ -33,6 +33,7 @@ var SpecParamType;
     SpecParamType["MULTISELECT"] = "multiSelect";
     SpecParamType["STRING"] = "string";
     SpecParamType["SELECTRESOURCE"] = "selectResource";
+    SpecParamType["SECRET"] = "secret";
 })(SpecParamType = exports.SpecParamType || (exports.SpecParamType = {}));
 var SourceOrigin;
 (function (SourceOrigin) {

package/lib/extensions/paramHelper.js

@@ -48,7 +48,7 @@ async function getParams(args) {
     }
     else {
         const firebaseProjectParams = await extensionsHelper_1.getFirebaseProjectParams(args.projectId);
-        params = await askUserForParam.ask(args.paramSpecs, firebaseProjectParams);
+        params = await askUserForParam.ask(args.projectId, args.instanceId, args.paramSpecs, firebaseProjectParams, !!args.reconfiguring);
     }
     track("Extension Params", _.isEmpty(params) ? "Not Present" : "Present", _.size(params));
     return params;
@@ -81,6 +81,7 @@ async function getParamsForUpdate(args) {
             newSpec: args.newSpec,
             currentParams: args.currentParams,
             projectId: args.projectId,
+            instanceId: args.instanceId,
         });
     }
     track("Extension Params", _.isEmpty(params) ? "Not Present" : "Present", _.size(params));
@@ -106,7 +107,7 @@ async function promptForNewParams(args) {
     if (paramsDiffAdditions.length) {
         logger_1.logger.info("To update this instance, configure the following new parameters:");
         for (const param of paramsDiffAdditions) {
-            const chosenValue = await askUserForParam.askForParam(param);
+            const chosenValue = await askUserForParam.askForParam(args.projectId, args.instanceId, param, false);
             args.currentParams[param.param] = chosenValue;
         }
     }

package/lib/extensions/secretsUtils.js

@@ -0,0 +1,58 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.prettySecretName = exports.getSecretLabels = exports.getManagedSecrets = exports.grantFirexServiceAgentSecretAdminRole = exports.usesSecrets = exports.ensureSecretManagerApiEnabled = void 0;
+const getProjectNumber_1 = require("../getProjectNumber");
+const utils = require("../utils");
+const ensureApiEnabled_1 = require("../ensureApiEnabled");
+const projectUtils_1 = require("../projectUtils");
+const extensionsApi = require("./extensionsApi");
+const secretManagerApi = require("../gcp/secretManager");
+const logger_1 = require("../logger");
+const SECRET_LABEL = "firebase-extensions-managed";
+async function ensureSecretManagerApiEnabled(options) {
+    const projectId = projectUtils_1.needProjectId(options);
+    return await ensureApiEnabled_1.ensure(projectId, "secretmanager.googleapis.com", "extensions", options.markdown);
+}
+exports.ensureSecretManagerApiEnabled = ensureSecretManagerApiEnabled;
+function usesSecrets(spec) {
+    return spec.params && !!spec.params.find((p) => p.type == extensionsApi.ParamType.SECRET);
+}
+exports.usesSecrets = usesSecrets;
+async function grantFirexServiceAgentSecretAdminRole(secret) {
+    const projectNumber = await getProjectNumber_1.getProjectNumber({ projectId: secret.projectId });
+    const firexSaProjectId = utils.envOverride("FIREBASE_EXTENSIONS_SA_PROJECT_ID", "gcp-sa-firebasemods");
+    const saEmail = `service-${projectNumber}@${firexSaProjectId}.iam.gserviceaccount.com`;
+    return secretManagerApi.grantServiceAgentRole(secret, saEmail, "roles/secretmanager.admin");
+}
+exports.grantFirexServiceAgentSecretAdminRole = grantFirexServiceAgentSecretAdminRole;
+async function getManagedSecrets(instance) {
+    return (await Promise.all(getActiveSecrets(instance).map(async (secretResourceName) => {
+        const secret = secretManagerApi.parseSecretResourceName(secretResourceName);
+        const labels = await secretManagerApi.getSecretLabels(secret.projectId, secret.name);
+        if (labels && labels[SECRET_LABEL]) {
+            return secretResourceName;
+        }
+        return Promise.resolve("");
+    }))).filter((secretId) => !!secretId);
+}
+exports.getManagedSecrets = getManagedSecrets;
+function getActiveSecrets(instance) {
+    return instance.config.source.spec.params
+        .map((p) => p.type == extensionsApi.ParamType.SECRET && instance.config.params[p.param])
+        .filter((pv) => !!pv);
+}
+function getSecretLabels(instanceId) {
+    const labels = {};
+    labels[SECRET_LABEL] = instanceId;
+    return labels;
+}
+exports.getSecretLabels = getSecretLabels;
+function prettySecretName(secretResourceName) {
+    const nameTokens = secretResourceName.split("/");
+    if (nameTokens.length != 4 && nameTokens.length != 6) {
+        logger_1.logger.debug(`unable to parse secret secretResourceName: ${secretResourceName}`);
+        return secretResourceName;
+    }
+    return nameTokens.slice(0, 4).join("/");
+}
+exports.prettySecretName = prettySecretName;

package/lib/functional.js

@@ -1,6 +1,6 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.assertExhaustive = exports.zipIn = exports.zip = exports.reduceFlat = exports.flatten = exports.flattenArray = exports.flattenObject = void 0;
+exports.partition = exports.assertExhaustive = exports.zipIn = exports.zip = exports.reduceFlat = exports.flatten = exports.flattenArray = exports.flattenObject = void 0;
 function* flattenObject(obj) {
     function* helper(path, obj) {
         for (const [k, v] of Object.entries(obj)) {
@@ -55,3 +55,10 @@ function assertExhaustive(val) {
     throw new Error(`Never has a value (${val}). This should be impossible`);
 }
 exports.assertExhaustive = assertExhaustive;
+function partition(arr, callbackFn) {
+    return arr.reduce((acc, elem) => {
+        acc[callbackFn(elem) ? 0 : 1].push(elem);
+        return acc;
+    }, [[], []]);
+}
+exports.partition = partition;

package/lib/functions/env.js

@@ -1,6 +1,6 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.loadFirebaseEnvs = exports.loadUserEnvs = exports.hasUserEnvs = exports.validateKey = exports.parse = void 0;
+exports.loadFirebaseEnvs = exports.loadUserEnvs = exports.hasUserEnvs = exports.validateKey = exports.KeyValidationError = exports.parse = void 0;
 const clc = require("cli-color");
 const fs = require("fs");
 const path = require("path");
@@ -72,17 +72,23 @@ function parse(data) {
 }
 exports.parse = parse;
 class KeyValidationError extends Error {
+    constructor(key, message) {
+        super(`Failed to validate key ${key}: ${message}`);
+        this.key = key;
+        this.message = message;
+    }
 }
+exports.KeyValidationError = KeyValidationError;
 function validateKey(key) {
     if (RESERVED_KEYS.includes(key)) {
-        throw new KeyValidationError(`Key ${key} is reserved for internal use.`);
+        throw new KeyValidationError(key, `Key ${key} is reserved for internal use.`);
     }
     if (!/^[A-Z_][A-Z0-9_]*$/.test(key)) {
-        throw new KeyValidationError(`Key ${key} must start with an uppercase ASCII letter or underscore` +
+        throw new KeyValidationError(key, `Key ${key} must start with an uppercase ASCII letter or underscore` +
             ", and then consist of uppercase ASCII letters, digits, and underscores.");
     }
     if (key.startsWith("X_GOOGLE_") || key.startsWith("FIREBASE_")) {
-        throw new KeyValidationError(`Key ${key} starts with a reserved prefix (X_GOOGLE_ or FIREBASE_)`);
+        throw new KeyValidationError(key, `Key ${key} starts with a reserved prefix (X_GOOGLE_ or FIREBASE_)`);
     }
 }
 exports.validateKey = validateKey;