npm - kasy-cli - Versions diffs - 1.31.0 → 1.31.1 - Mend

kasy-cli 1.31.0 → 1.31.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (9) hide show

package/lib/scaffold/backends/supabase/deploy.js CHANGED Viewed

@@ -188,17 +188,18 @@ async function getProjectKeys(projectRef) {
 }
 // The Supabase CLI stores its access token via go-keyring under the service
-// "Supabase CLI" with the key/user "access-token". Each OS keeps that in a
-// different vault, so reading it back is per-OS. Used by the Management API
+// "Supabase CLI". The account/key has varied across CLI versions (e.g.
+// "supabase", "access-token"), so we DON'T hardcode it — we read by service
+// only. Each OS keeps this in a different vault. Used by the Management API
 // calls below (auth providers), which the CLI itself has no command for.
 const SUPABASE_KEYRING_SERVICE = 'Supabase CLI';
-const SUPABASE_KEYRING_USER = 'access-token';
-// Read a generic credential out of the Windows Credential Manager. go-keyring's
-// wincred backend names the target "<service>:<user>" and stores the secret as a
-// raw blob (UTF-8 or UTF-16LE depending on version), so we return the base64 of
-// the blob and let the caller pick the right decoding.
-async function readWindowsCredentialBase64(target) {
+// Read the Supabase token out of the Windows Credential Manager. go-keyring's
+// wincred backend names the target "<service>:<user>", but since the user part
+// differs by CLI version we ENUMERATE every credential whose target starts with
+// the service name and return the first non-empty blob as base64 — the caller
+// picks the decoding. Robust to the account name we can't see from here.
+async function readWindowsSupabaseTokenBase64() {
   const ps = `
 $ErrorActionPreference = 'Stop'
 $sig = @"
@@ -206,7 +207,7 @@ using System;
 using System.Runtime.InteropServices;
 public class KasyCred {
   [DllImport("advapi32.dll", CharSet=CharSet.Unicode, SetLastError=true)]
-  public static extern bool CredRead(string target, int type, int flags, out IntPtr cred);
+  public static extern bool CredEnumerate(string filter, int flag, out int count, out IntPtr creds);
   [DllImport("advapi32.dll")] public static extern void CredFree(IntPtr cred);
   [StructLayout(LayoutKind.Sequential)] public struct CREDENTIAL {
     public int Flags; public int Type; public IntPtr TargetName; public IntPtr Comment;
@@ -217,13 +218,18 @@ public class KasyCred {
 }
 "@
 Add-Type $sig | Out-Null
-$ptr = [IntPtr]::Zero
-if ([KasyCred]::CredRead('${target}', 1, 0, [ref]$ptr)) {
-  $c = [System.Runtime.InteropServices.Marshal]::PtrToStructure($ptr, [type]([KasyCred+CREDENTIAL]))
-  $bytes = New-Object byte[] $c.CredentialBlobSize
-  [System.Runtime.InteropServices.Marshal]::Copy($c.CredentialBlob, $bytes, 0, $c.CredentialBlobSize)
-  [KasyCred]::CredFree($ptr)
-  [Convert]::ToBase64String($bytes)
+$count = 0; $ptr = [IntPtr]::Zero
+if ([KasyCred]::CredEnumerate('${SUPABASE_KEYRING_SERVICE}*', 0, [ref]$count, [ref]$ptr)) {
+  for ($i = 0; $i -lt $count; $i++) {
+    $credPtr = [System.Runtime.InteropServices.Marshal]::ReadIntPtr($ptr, $i * [IntPtr]::Size)
+    $c = [System.Runtime.InteropServices.Marshal]::PtrToStructure($credPtr, [type]([KasyCred+CREDENTIAL]))
+    if ($c.CredentialBlobSize -gt 0) {
+      $bytes = New-Object byte[] $c.CredentialBlobSize
+      [System.Runtime.InteropServices.Marshal]::Copy($c.CredentialBlob, $bytes, 0, $c.CredentialBlobSize)
+      [Convert]::ToBase64String($bytes)
+      break
+    }
+  }
 }
 `;
   const encoded = Buffer.from(ps, 'utf16le').toString('base64');
@@ -265,7 +271,7 @@ async function getSupabaseAccessToken() {
   if (process.platform === 'win32') {
     try {
-      const b64 = await readWindowsCredentialBase64(`${SUPABASE_KEYRING_SERVICE}:${SUPABASE_KEYRING_USER}`);
+      const b64 = await readWindowsSupabaseTokenBase64();
       if (!b64) return null;
       const buf = Buffer.from(b64, 'base64');
       // UTF-16LE blobs have a NUL after most bytes; UTF-8 blobs don't.
@@ -277,15 +283,20 @@ async function getSupabaseAccessToken() {
     }
   }
-  // Linux (libsecret).
-  try {
-    const { stdout } = await execAsync(
-      `secret-tool lookup service "${SUPABASE_KEYRING_SERVICE}" username "${SUPABASE_KEYRING_USER}"`,
-    );
-    return decodeKeyring(stdout);
-  } catch {
-    return null;
+  // Linux (libsecret). The account key has varied by CLI version, so try the
+  // ones we've seen before giving up.
+  for (const user of ['supabase', 'access-token']) {
+    try {
+      const { stdout } = await execAsync(
+        `secret-tool lookup service "${SUPABASE_KEYRING_SERVICE}" username "${user}"`,
+      );
+      const token = decodeKeyring(stdout);
+      if (token) return token;
+    } catch {
+      // try next
+    }
   }
+  return null;
 }
 /**

package/lib/scaffold/shared/fcm-service-account.js CHANGED Viewed

@@ -97,7 +97,7 @@ async function createFcmServiceAccountKey(projectId) {
   // the discover+grant with backoff before giving up.
   let saEmail = '';
   let lastErr = 'Firebase Admin SDK service account not found';
-  for (let attempt = 1; attempt <= 5; attempt++) {
+  for (let attempt = 1; attempt <= 7; attempt++) {
     const saResult = await findFirebaseAdminSdkSA(projectId.trim());
     if (saResult.ok) {
       const roleResult = await grantFcmAdminRole(projectId.trim(), saResult.email);
@@ -109,7 +109,7 @@ async function createFcmServiceAccountKey(projectId) {
     } else {
       lastErr = saResult.error;
     }
-    if (attempt < 5) await sleep(8000);
+    if (attempt < 7) await sleep(10000);
   }
   if (!saEmail) {
     return { ok: false, error: lastErr };

package/lib/scaffold/shared/post-build.js CHANGED Viewed

@@ -38,7 +38,11 @@ async function run(cmd, cwd, timeout) {
 }
 async function pubGet(projectDir) {
-  return run('flutter pub get', projectDir, 300_000); // 5 min
+  // 15 min: the FIRST `flutter pub get` on a fresh machine downloads the whole
+  // dependency tree (this template pulls in firebase, supabase, revenuecat,
+  // stripe, sentry…), which timed out at the old 5-min cap on slower Windows
+  // connections. It's a ceiling, not a wait — a warm cache still returns fast.
+  return run('flutter pub get', projectDir, 900_000);
 }
 async function slangGenerate(projectDir) {

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "kasy-cli",
-  "version": "1.31.0",
+  "version": "1.31.1",
   "description": "CLI for scaffolding production-ready Flutter SaaS apps with Firebase, Supabase, or API REST backends.",
   "bin": {
     "kasy": "./bin/kasy.js"

package/templates/firebase/lib/core/bottom_menu/active_tab_notifier.dart ADDED Viewed

@@ -0,0 +1,14 @@
+import 'package:flutter/foundation.dart';
+/// The bottom-bar tab the user last opened, held at top level so it outlives the
+/// [BottomMenu] remount that happens whenever the responsive layout flips
+/// small↔large (e.g. toggling the web device preview, which renders the app in a
+/// phone-width frame). Persisting it lets the bottom bar restore the tab instead
+/// of snapping back to the first one on remount or hard reload (F5).
+///
+/// It lives in its own dependency-free file so both [BottomMenu] and the logout
+/// flow can touch it without an import cycle. Cleared on logout so a fresh login
+/// always lands on the default tab. Null until the user opens a tab.
+final ValueNotifier<String?> activeTabRouteNotifier = ValueNotifier<String?>(
+  null,
+);

package/templates/firebase/lib/core/bottom_menu/bottom_menu.dart CHANGED Viewed

@@ -4,6 +4,7 @@ import 'package:flutter/material.dart';
 import 'package:flutter/services.dart';
 import 'package:flutter_riverpod/flutter_riverpod.dart';
 import 'package:kasy_kit/components/kasy_sidebar.dart';
+import 'package:kasy_kit/core/bottom_menu/active_tab_notifier.dart';
 import 'package:kasy_kit/core/bottom_menu/bottom_router.dart';
 import 'package:kasy_kit/core/bottom_menu/kasy_bottom_bar_factory.dart';
 import 'package:kasy_kit/core/bottom_menu/web_content_wrapper.dart';
@@ -15,19 +16,8 @@ import 'package:kasy_kit/core/widgets/responsive_layout.dart';
 import 'package:kasy_kit/features/settings/ui/widgets/kasy_user_avatar.dart';
 import 'package:kasy_kit/i18n/translations.g.dart';
-/// The bottom-bar tab the user last opened, held at top level so it outlives the
-/// [BottomMenu] remount that happens whenever the responsive layout flips
-/// small↔large. Toggling the web device preview does exactly that: the app
-/// renders inside a phone-width frame when on and at full desktop width when
-/// off, so each toggle rebuilds [bart.BartScaffold] from scratch (its index
-/// notifier starts at 0). Persisting the tab here lets [BottomMenu] restore it
-/// instead of snapping back to the first tab. Null until the user opens a tab.
-final ValueNotifier<String?> activeTabRouteNotifier = ValueNotifier<String?>(
-  null,
-);
 /// Records the active tab so it survives the next remount. Wired to
-/// [bart.BartScaffold.onRouteChanged].
+/// [bart.BartScaffold.onRouteChanged]. See [activeTabRouteNotifier].
 void _rememberActiveTab(bart.BartMenuRoute route) {
   activeTabRouteNotifier.value = route.path;
 }

package/templates/firebase/lib/core/states/user_state_notifier.dart CHANGED Viewed

@@ -1,6 +1,7 @@
 import 'dart:async';
 import 'package:flutter/foundation.dart';
+import 'package:kasy_kit/core/bottom_menu/active_tab_notifier.dart';
 import 'package:kasy_kit/core/config/features.dart';
 import 'package:kasy_kit/core/data/models/entitlement.dart';
 import 'package:kasy_kit/core/data/models/subscription.dart';
@@ -139,6 +140,9 @@ class UserStateNotifier extends _$UserStateNotifier implements OnStartService {
     // Biometric lock is a per-account preference, not a device-wide one.
     // The next user signing in on this install should start without it set.
     await ref.read(sharedPreferencesProvider).setBiometricEnabled(false);
+    // Forget the last bottom-bar tab so the next login lands on the default tab
+    // (Home) instead of wherever the previous account left off.
+    activeTabRouteNotifier.value = null;
     state = const UserState(user: User.anonymous());
     if (mode == AuthenticationMode.anonymous) {
       await _loadAnonymousState();

package/templates/firebase/lib/core/web_device_preview/web_device_preview.dart CHANGED Viewed

@@ -13,7 +13,10 @@ import 'package:provider/provider.dart';
 import 'package:shared_preferences/shared_preferences.dart';
 import 'package:universal_html/html.dart' as html;
-const String webDevicePreviewEnabledPrefKey = 'web_device_preview_enabled';
+// Suffixed `_v2` because the default flipped from OFF to ON. Values saved under
+// the old key were written while the default was OFF, so we ignore them and
+// start fresh — every install now gets the new ON default until it's toggled.
+const String webDevicePreviewEnabledPrefKey = 'web_device_preview_enabled_v2';
 const String _platformPrefKey = 'web_device_preview_platform';
 const String _iosIndexPrefKey = 'web_device_preview_ios_index';
 const String _androidIndexPrefKey = 'web_device_preview_android_index';

package/templates/firebase/pubspec.yaml CHANGED Viewed

@@ -16,7 +16,7 @@ publish_to: 'none' # Remove this line if you wish to publish to pub.dev
 # https://developer.apple.com/library/archive/documentation/General/Reference/InfoPlistKeyReference/Articles/CoreFoundationKeys.html
 # In Windows, build-name is used as the major, minor, and patch parts
 # of the product and file versions while build-number is used as the build suffix.
-version: 1.0.0+34
+version: 1.0.0+35
 environment:
   sdk: ^3.11.0