npm - heroku - Versions diffs - 10.15.1-beta.0 → 10.15.2-beta.0 - Mend

heroku 10.15.1-beta.0 → 10.15.2-beta.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (6) hide show

package/lib/lib/run/dyno.js +9 -1
package/lib/lib/run/helpers.d.ts +15 -0
package/lib/lib/run/helpers.js +100 -1
package/lib/lib/run/log-displayer.js +34 -10
package/oclif.manifest.json +1 -1
package/package.json +2 -2

package/lib/lib/run/dyno.js CHANGED Viewed

@@ -182,6 +182,14 @@ class Dyno extends stream_1.Duplex {
             const r = https.request(options);
             r.end();
             r.on('error', this.reject);
+            r.on('response', response => {
+                var _a;
+                const statusCode = response.statusCode;
+                if (statusCode === 403) {
+                    r.destroy();
+                    (_a = this.reject) === null || _a === void 0 ? void 0 : _a.call(this, new Error("You can't access this space from your IP address. Contact your team admin."));
+                }
+            });
             r.on('upgrade', (_, remote) => {
                 const s = net.createServer(client => {
                     client.on('end', () => {
@@ -241,7 +249,7 @@ class Dyno extends stream_1.Duplex {
                 lastErr = data.toString();
                 // suppress host key and permission denied messages
                 const messages = [
-                    "Warning: Permanently added '[127.0.0.1]"
+                    "Warning: Permanently added '[127.0.0.1]",
                 ];
                 const killMessages = [
                     'too many authentication failures',

package/lib/lib/run/helpers.d.ts CHANGED Viewed

@@ -11,3 +11,18 @@ export declare function shouldPrependLauncher(heroku: APIClient, appName: string
  * Builds the command string, automatically deciding whether to prepend `launcher`.
  */
 export declare function buildCommandWithLauncher(heroku: APIClient, appName: string, args: string[], disableLauncher: boolean): Promise<string>;
+/**
+ * Fetches the response body from an HTTP request when the response body isn't available
+ * from the error object (e.g., EventSource doesn't expose response bodies).
+ *
+ * Uses native fetch API with a custom https.Agent to handle staging SSL certificates
+ * (rejectUnauthorized: false).
+ *
+ * Note: Node.js native fetch doesn't support custom agents directly, so we use
+ * https.request when rejectUnauthorized is needed, but structure the code with
+ *
+ * @param url - The URL to fetch the response body from
+ * @param expectedStatusCode - Only return body if status code matches (default: 403)
+ * @returns The response body as a string, or empty string if unavailable or status doesn't match
+ */
+export declare function fetchHttpResponseBody(url: string, expectedStatusCode?: number): Promise<string>;

package/lib/lib/run/helpers.js CHANGED Viewed

@@ -1,8 +1,10 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.buildCommandWithLauncher = exports.shouldPrependLauncher = exports.buildEnvFromFlag = exports.buildCommand = exports.revertSortedArgs = void 0;
+exports.fetchHttpResponseBody = exports.buildCommandWithLauncher = exports.shouldPrependLauncher = exports.buildEnvFromFlag = exports.buildCommand = exports.revertSortedArgs = void 0;
 /* eslint-disable @typescript-eslint/ban-ts-comment */
 const core_1 = require("@oclif/core");
+const https = require("https");
+const url_1 = require("url");
 // this function exists because oclif sorts argv
 // and to capture all non-flag command inputs
 function revertSortedArgs(processArgs, argv) {
@@ -77,3 +79,100 @@ async function buildCommandWithLauncher(heroku, appName, args, disableLauncher)
     return buildCommand(args, prependLauncher);
 }
 exports.buildCommandWithLauncher = buildCommandWithLauncher;
+/**
+ * Fetches the response body from an HTTP request when the response body isn't available
+ * from the error object (e.g., EventSource doesn't expose response bodies).
+ *
+ * Uses native fetch API with a custom https.Agent to handle staging SSL certificates
+ * (rejectUnauthorized: false).
+ *
+ * Note: Node.js native fetch doesn't support custom agents directly, so we use
+ * https.request when rejectUnauthorized is needed, but structure the code with
+ *
+ * @param url - The URL to fetch the response body from
+ * @param expectedStatusCode - Only return body if status code matches (default: 403)
+ * @returns The response body as a string, or empty string if unavailable or status doesn't match
+ */
+async function fetchHttpResponseBody(url, expectedStatusCode = 403) {
+    const controller = new AbortController();
+    const timeoutId = setTimeout(() => controller.abort(), 5000); // 5 second timeout
+    try {
+        const parsedUrl = new url_1.URL(url);
+        const userAgent = process.env.HEROKU_DEBUG_USER_AGENT || 'heroku-run';
+        // Note: Native fetch in Node.js doesn't support custom https.Agent for SSL certificate handling.
+        // We use https.request when rejectUnauthorized: false is needed (staging environments).
+        // This maintains compatibility while using modern async/await and AbortController patterns.
+        if (parsedUrl.protocol !== 'https:') {
+            // For non-HTTPS URLs, use native fetch
+            const response = await fetch(url, {
+                method: 'GET',
+                headers: {
+                    'User-Agent': userAgent,
+                    Accept: 'text/plain',
+                },
+                signal: controller.signal,
+            });
+            clearTimeout(timeoutId);
+            if (response.status === expectedStatusCode) {
+                return await response.text();
+            }
+            return '';
+        }
+        // For HTTPS with rejectUnauthorized: false (staging), use https.request
+        // This is the same pattern as dyno.ts - necessary for staging SSL certs
+        return await new Promise(resolve => {
+            const cleanup = () => {
+                clearTimeout(timeoutId);
+                controller.abort();
+            };
+            const options = {
+                hostname: parsedUrl.hostname,
+                port: parsedUrl.port || 443,
+                path: parsedUrl.pathname + parsedUrl.search,
+                method: 'GET',
+                headers: {
+                    'User-Agent': userAgent,
+                    Accept: 'text/plain',
+                },
+                rejectUnauthorized: false, // Allow staging self-signed certificates
+            };
+            const req = https.request(options, res => {
+                let body = '';
+                res.setEncoding('utf8');
+                res.on('data', chunk => {
+                    body += chunk;
+                });
+                res.on('end', () => {
+                    cleanup();
+                    if (res.statusCode === expectedStatusCode) {
+                        resolve(body);
+                    }
+                    else {
+                        resolve('');
+                    }
+                });
+            });
+            req.on('error', () => {
+                cleanup();
+                resolve('');
+            });
+            // Abort on timeout
+            controller.signal.addEventListener('abort', () => {
+                req.destroy();
+                resolve('');
+            }, { once: true });
+            req.end();
+        });
+    }
+    catch (error) {
+        clearTimeout(timeoutId);
+        // AbortError is expected on timeout - return empty string
+        if (error instanceof Error && error.name === 'AbortError') {
+            return '';
+        }
+        // For other errors, return empty string for graceful degradation
+        // This matches the previous behavior where errors returned empty string
+        return '';
+    }
+}
+exports.fetchHttpResponseBody = fetchHttpResponseBody;

package/lib/lib/run/log-displayer.js CHANGED Viewed

@@ -15,25 +15,49 @@ function readLogs(logplexURL, isTail, recreateSessionTimeout) {
                 'User-Agent': userAgent,
             },
         });
-        es.addEventListener('error', function (err) {
-            if (err && (err.status || err.message)) {
-                const msg = (isTail && (err.status === 404 || err.status === 403)) ?
-                    'Log stream timed out. Please try again.' :
-                    `Logs eventsource failed with: ${err.status}${err.message ? ` ${err.message}` : ''}`;
-                reject(new Error(msg));
+        let isResolved = false;
+        let hasReceivedMessages = false;
+        const safeReject = (error) => {
+            if (!isResolved) {
+                isResolved = true;
                 es.close();
+                reject(error);
             }
-            if (!isTail) {
-                resolve();
+        };
+        const safeResolve = () => {
+            if (!isResolved) {
+                isResolved = true;
                 es.close();
+                resolve();
             }
-            // should only land here if --tail and no error status or message
-        });
+        };
         es.addEventListener('message', function (e) {
+            hasReceivedMessages = true;
             e.data.trim().split(/\n+/).forEach(line => {
                 core_1.ux.log((0, colorize_1.default)(line));
             });
         });
+        es.addEventListener('error', function (err) {
+            if (err && (err.status || err.message)) {
+                let msg;
+                if (err.status === 403) {
+                    msg = hasReceivedMessages ?
+                        'Log stream access expired. Please try again.' :
+                        "You can't access this space from your IP address. Contact your team admin.";
+                }
+                else if (err.status === 404 && isTail) {
+                    msg = 'Log stream access expired. Please try again.';
+                }
+                else {
+                    msg = `Logs eventsource failed with: ${err.status}${err.message ? ` ${err.message}` : ''}`;
+                }
+                safeReject(new Error(msg));
+            }
+            else if (!isTail) {
+                safeResolve();
+            }
+            // should only land here if --tail and no error status or message
+        });
         if (isTail && recreateSessionTimeout) {
             setTimeout(() => {
                 reject(new Error('Fir log stream timeout'));

package/oclif.manifest.json CHANGED Viewed

@@ -15015,5 +15015,5 @@
       ]
     }
   },
-  "version": "10.15.1-beta.0"
+  "version": "10.15.2-beta.0"
 }

package/package.json CHANGED Viewed

@@ -1,7 +1,7 @@
 {
   "name": "heroku",
   "description": "CLI to interact with Heroku",
-  "version": "10.15.1-beta.0",
+  "version": "10.15.2-beta.0",
   "author": "Heroku",
   "bin": "./bin/run",
   "bugs": "https://github.com/heroku/cli/issues",
@@ -397,5 +397,5 @@
     "version": "oclif readme --multi && git add README.md ../../docs"
   },
   "types": "lib/index.d.ts",
-  "gitHead": "88abd3605aca5bf74fa0a8400230ad52c3951476"
+  "gitHead": "ed1c1a07c328d6b18d1feee24c3ff6ebf0153187"
 }