opal-security 2.3.0 → 2.3.2

package/README.md

@@ -22,7 +22,7 @@ $ npm install -g opal-security
 $ opal COMMAND
 running command...
 $ opal (--version)
-opal-security/2.3.0 darwin-arm64 node-v18.19.0
+opal-security/2.3.2 darwin-arm64 node-v18.19.0
 $ opal --help [COMMAND]
 USAGE
   $ opal COMMAND
@@ -99,7 +99,7 @@ EXAMPLES
   $ opal aws:identity
 ```
 
-_See code: [src/commands/aws/identity.ts](https://github.com/opalsecurity/opal-cli/blob/v2.3.0/src/commands/aws/identity.ts)_
+_See code: [src/commands/aws/identity.ts](https://github.com/opalsecurity/opal-cli/blob/v2.3.2/src/commands/aws/identity.ts)_
 
 ## `opal curl-example`
 
@@ -116,7 +116,7 @@ DESCRIPTION
   Prints out an example cURL command containing the parameters the CLI uses to query the Opal server.
 ```
 
-_See code: [src/commands/curl-example.ts](https://github.com/opalsecurity/opal-cli/blob/v2.3.0/src/commands/curl-example.ts)_
+_See code: [src/commands/curl-example.ts](https://github.com/opalsecurity/opal-cli/blob/v2.3.2/src/commands/curl-example.ts)_
 
 ## `opal help [COMMANDS]`
 
@@ -166,7 +166,7 @@ EXAMPLES
   $ opal iam-roles:start --id 51f7176b-0464-4a6f-8369-e951e187b398 --profileName "custom-profile"
 ```
 
-_See code: [src/commands/iam-roles/start.ts](https://github.com/opalsecurity/opal-cli/blob/v2.3.0/src/commands/iam-roles/start.ts)_
+_See code: [src/commands/iam-roles/start.ts](https://github.com/opalsecurity/opal-cli/blob/v2.3.2/src/commands/iam-roles/start.ts)_
 
 ## `opal kube-roles:start`
 
@@ -197,7 +197,7 @@ EXAMPLES
   $ opal kube-roles:start --id 51f7176b-0464-4a6f-8369-e951e187b398 --accessLevelRemoteId "arn:aws:iam::712234975475:role/acme-eks-cluster-admin-role"
 ```
 
-_See code: [src/commands/kube-roles/start.ts](https://github.com/opalsecurity/opal-cli/blob/v2.3.0/src/commands/kube-roles/start.ts)_
+_See code: [src/commands/kube-roles/start.ts](https://github.com/opalsecurity/opal-cli/blob/v2.3.2/src/commands/kube-roles/start.ts)_
 
 ## `opal login`
 
@@ -218,7 +218,7 @@ EXAMPLES
   $ opal login
 ```
 
-_See code: [src/commands/login.ts](https://github.com/opalsecurity/opal-cli/blob/v2.3.0/src/commands/login.ts)_
+_See code: [src/commands/login.ts](https://github.com/opalsecurity/opal-cli/blob/v2.3.2/src/commands/login.ts)_
 
 ## `opal logout`
 
@@ -238,7 +238,7 @@ EXAMPLES
   $ opal logout
 ```
 
-_See code: [src/commands/logout.ts](https://github.com/opalsecurity/opal-cli/blob/v2.3.0/src/commands/logout.ts)_
+_See code: [src/commands/logout.ts](https://github.com/opalsecurity/opal-cli/blob/v2.3.2/src/commands/logout.ts)_
 
 ## `opal migrate-creds`
 
@@ -255,7 +255,7 @@ DESCRIPTION
   Migrates credentials from old keystore to new store. Should only need to be run once
 ```
 
-_See code: [src/commands/migrate-creds.ts](https://github.com/opalsecurity/opal-cli/blob/v2.3.0/src/commands/migrate-creds.ts)_
+_See code: [src/commands/migrate-creds.ts](https://github.com/opalsecurity/opal-cli/blob/v2.3.2/src/commands/migrate-creds.ts)_
 
 ## `opal postgres-instances:start`
 
@@ -293,7 +293,7 @@ EXAMPLES
   $ opal postgres-instances:start --id 51f7176b-0464-4a6f-8369-e951e187b398 --accessLevelRemoteId fullaccess --action view
 ```
 
-_See code: [src/commands/postgres-instances/start.ts](https://github.com/opalsecurity/opal-cli/blob/v2.3.0/src/commands/postgres-instances/start.ts)_
+_See code: [src/commands/postgres-instances/start.ts](https://github.com/opalsecurity/opal-cli/blob/v2.3.2/src/commands/postgres-instances/start.ts)_
 
 ## `opal resources:get`
 
@@ -314,7 +314,7 @@ EXAMPLES
   $ opal resources:get --id 54052a3e-5375-4392-aeaf-0c6c44c131d4
 ```
 
-_See code: [src/commands/resources/get.ts](https://github.com/opalsecurity/opal-cli/blob/v2.3.0/src/commands/resources/get.ts)_
+_See code: [src/commands/resources/get.ts](https://github.com/opalsecurity/opal-cli/blob/v2.3.2/src/commands/resources/get.ts)_
 
 ## `opal set-custom-header`
 
@@ -335,7 +335,7 @@ EXAMPLES
   $ opal set-custom-header --header 'cf-access-token: $TOKEN'
 ```
 
-_See code: [src/commands/set-custom-header.ts](https://github.com/opalsecurity/opal-cli/blob/v2.3.0/src/commands/set-custom-header.ts)_
+_See code: [src/commands/set-custom-header.ts](https://github.com/opalsecurity/opal-cli/blob/v2.3.2/src/commands/set-custom-header.ts)_
 
 ## `opal set-token`
 
@@ -355,7 +355,7 @@ EXAMPLES
   $ opal set-token
 ```
 
-_See code: [src/commands/set-token.ts](https://github.com/opalsecurity/opal-cli/blob/v2.3.0/src/commands/set-token.ts)_
+_See code: [src/commands/set-token.ts](https://github.com/opalsecurity/opal-cli/blob/v2.3.2/src/commands/set-token.ts)_
 
 ## `opal set-url [URL]`
 
@@ -379,7 +379,7 @@ EXAMPLES
   $ opal set-url
 ```
 
-_See code: [src/commands/set-url.ts](https://github.com/opalsecurity/opal-cli/blob/v2.3.0/src/commands/set-url.ts)_
+_See code: [src/commands/set-url.ts](https://github.com/opalsecurity/opal-cli/blob/v2.3.2/src/commands/set-url.ts)_
 
 ## `opal ssh:copyFrom`
 
@@ -410,7 +410,7 @@ EXAMPLES
   $ opal ssh:copyFrom --src instance/dir --dest my/dir --id 51f7176b-0464-4a6f-8369-e951e187b398
 ```
 
-_See code: [src/commands/ssh/copyFrom.ts](https://github.com/opalsecurity/opal-cli/blob/v2.3.0/src/commands/ssh/copyFrom.ts)_
+_See code: [src/commands/ssh/copyFrom.ts](https://github.com/opalsecurity/opal-cli/blob/v2.3.2/src/commands/ssh/copyFrom.ts)_
 
 ## `opal ssh:copyTo`
 
@@ -441,7 +441,7 @@ EXAMPLES
   $ opal ssh:copyTo --src my/dir --dest instance/dir --id 51f7176b-0464-4a6f-8369-e951e187b398
 ```
 
-_See code: [src/commands/ssh/copyTo.ts](https://github.com/opalsecurity/opal-cli/blob/v2.3.0/src/commands/ssh/copyTo.ts)_
+_See code: [src/commands/ssh/copyTo.ts](https://github.com/opalsecurity/opal-cli/blob/v2.3.2/src/commands/ssh/copyTo.ts)_
 
 ## `opal ssh:start`
 
@@ -468,7 +468,7 @@ EXAMPLES
   $ opal ssh:start --id 51f7176b-0464-4a6f-8369-e951e187b398
 ```
 
-_See code: [src/commands/ssh/start.ts](https://github.com/opalsecurity/opal-cli/blob/v2.3.0/src/commands/ssh/start.ts)_
+_See code: [src/commands/ssh/start.ts](https://github.com/opalsecurity/opal-cli/blob/v2.3.2/src/commands/ssh/start.ts)_
 
 ## `opal version`
 
@@ -488,5 +488,5 @@ FLAG DESCRIPTIONS
     Additionally shows the architecture, node version, operating system, and versions of plugins that the CLI is using.
 ```
 
-_See code: [@oclif/plugin-version](https://github.com/oclif/plugin-version/blob/v2.0.11/src/commands/version.ts)_
+_See code: [@oclif/plugin-version](https://github.com/oclif/plugin-version/blob/v2.0.12/src/commands/version.ts)_
 <!-- commandsstop -->

package/lib/commands/login.js

@@ -58,23 +58,21 @@ class Login extends core_1.Command {
     async run() {
         var _a, _b, _c, _d, _e, _f, _g;
         try {
-            await (0, apollo_1.initClient)(this);
+            await (0, apollo_1.initClient)(this, false);
             const { flags } = await this.parse(Login);
             const configDir = this.config.configDir;
             const configData = (0, config_1.getOrCreateConfigData)(configDir);
             let email = flags.email;
             let organizationID;
             let clientIdCandidate;
-            const existingCreds = await (0, credentials_1.getOpalCredentials)(this);
-            if (existingCreds.accessToken) {
-                // Only use the previous email + organizationID if email isn't explicitly specified.
-                if (!email) {
-                    email = existingCreds.email;
-                    organizationID = existingCreds.organizationID;
-                    clientIdCandidate = existingCreds.clientIDCandidate;
-                }
-                await (0, credentials_1.removeOpalCredentials)(this);
+            const existingCreds = await (0, credentials_1.getOpalCredentials)(this, false);
+            // Only use the previous email + organizationID if email isn't explicitly specified.
+            if (!email) {
+                email = existingCreds.email;
+                organizationID = existingCreds.organizationID;
+                clientIdCandidate = existingCreds.clientIDCandidate;
             }
+            await (0, credentials_1.removeOpalCredentials)(this);
             this.log('Welcome to Opal! ⚡️\n');
             this.log('Connecting to Opal server URL:', configData[config_1.urlKey]);
             this.log('If this is incorrect, please run `opal set-url --help`\n');

package/lib/commands/set-token.js

@@ -11,7 +11,7 @@ class SetToken extends core_1.Command {
     async run() {
         var _a, _b, _c;
         try {
-            await (0, apollo_1.initClient)(this);
+            await (0, apollo_1.initClient)(this, false);
             const { apiToken } = await inquirer.prompt([
                 {
                     name: 'apiToken',
@@ -23,7 +23,7 @@ class SetToken extends core_1.Command {
             // Overwrite previously-stored credentials from keychain if they exist
             let email;
             let organizationID;
-            const existingCreds = await (0, credentials_1.getOpalCredentials)(this);
+            const existingCreds = await (0, credentials_1.getOpalCredentials)(this, false);
             await (0, credentials_1.setOpalCredentials)(this, existingCreds === null || existingCreds === void 0 ? void 0 : existingCreds.email, (existingCreds === null || existingCreds === void 0 ? void 0 : existingCreds.organizationID) || 'unset-org-id', existingCreds === null || existingCreds === void 0 ? void 0 : existingCreds.clientIDCandidate, apiToken || '');
             // "Representative" authenticated call to check the log-in worked as expected.
             const { resp: authCheckResp, error: authCheckErr } = await (0, handler_1.runQuery)({

package/lib/lib/apollo.d.ts

@@ -3,4 +3,4 @@ import { Command } from '@oclif/core';
 export declare let client: ApolloClient<NormalizedCacheObject> | null;
 export declare const printResponse: (command: Command, resp: any) => void;
 export declare const handleError: (command: Command, err: any, resp?: any) => void;
-export declare const initClient: (command: Command) => Promise<void>;
+export declare const initClient: (command: Command, fetchAccessToken?: boolean) => Promise<void>;

package/lib/lib/apollo.js

@@ -52,11 +52,11 @@ const handleError = (command, err, resp) => {
     process.exit(1);
 };
 exports.handleError = handleError;
-const initClient = async (command) => {
+const initClient = async (command, fetchAccessToken = true) => {
     const configDir = command.config.configDir;
     const currentCLIVersion = command.config.version;
     const configData = (0, config_1.getOrCreateConfigData)(configDir);
-    const opalCreds = await (0, credentials_1.getOpalCredentials)(command);
+    const opalCreds = await (0, credentials_1.getOpalCredentials)(command, fetchAccessToken);
     const accessToken = opalCreds === null || opalCreds === void 0 ? void 0 : opalCreds.accessToken;
     const organizationID = opalCreds === null || opalCreds === void 0 ? void 0 : opalCreds.organizationID;
     const httpsAgent = new https.Agent({

package/lib/lib/credentials/index.d.ts

@@ -6,6 +6,6 @@ interface OpalCredentials {
     accessToken?: string;
 }
 export declare const setOpalCredentials: (command: Command, email: string | undefined, organizationID: string, clientIDCandidate: string | undefined | null, accessToken: string) => Promise<void>;
-export declare const getOpalCredentials: (command: Command) => Promise<OpalCredentials>;
+export declare const getOpalCredentials: (command: Command, includeAccessToken?: boolean) => Promise<OpalCredentials>;
 export declare const removeOpalCredentials: (command: Command) => Promise<void>;
 export {};

package/lib/lib/credentials/index.js

@@ -21,9 +21,12 @@ const setOpalCredentials = async (command, email, organizationID, clientIDCandid
     }
 };
 exports.setOpalCredentials = setOpalCredentials;
-const getOpalCredentials = async (command) => {
+const getOpalCredentials = async (command, includeAccessToken = true) => {
     var _a, _b;
     let creds = (_b = (_a = (0, config_1.getOrCreateConfigData)(command.config.configDir)) === null || _a === void 0 ? void 0 : _a.creds) !== null && _b !== void 0 ? _b : {};
+    if (!includeAccessToken) {
+        return creds;
+    }
     let accessToken = null;
     if (process.platform === "darwin") {
         accessToken = await (0, keychain_1.getTokenFromKeychain)((creds === null || creds === void 0 ? void 0 : creds.email) || 'email-unset');

package/oclif.manifest.json

@@ -427,6 +427,46 @@
         "start.js"
       ]
     },
+    "resources:get": {
+      "aliases": [],
+      "args": {},
+      "description": "Get resource info for a particular resource.",
+      "examples": [
+        "opal resources:get --id 54052a3e-5375-4392-aeaf-0c6c44c131d4"
+      ],
+      "flags": {
+        "help": {
+          "char": "h",
+          "description": "Show CLI help.",
+          "name": "help",
+          "allowNo": false,
+          "type": "boolean"
+        },
+        "id": {
+          "char": "i",
+          "description": "The Opal ID of the resource. You can find this from the URL, e.g. https://opal.dev/resources/[ID]",
+          "name": "id",
+          "hasDynamicHelp": false,
+          "multiple": false,
+          "type": "option"
+        }
+      },
+      "hasDynamicHelp": false,
+      "hiddenAliases": [],
+      "id": "resources:get",
+      "pluginAlias": "opal-security",
+      "pluginName": "opal-security",
+      "pluginType": "core",
+      "strict": true,
+      "enableJsonFlag": false,
+      "isESM": false,
+      "relativePath": [
+        "lib",
+        "commands",
+        "resources",
+        "get.js"
+      ]
+    },
     "postgres-instances:start": {
       "aliases": [],
       "args": {},
@@ -505,46 +545,6 @@
         "start.js"
       ]
     },
-    "resources:get": {
-      "aliases": [],
-      "args": {},
-      "description": "Get resource info for a particular resource.",
-      "examples": [
-        "opal resources:get --id 54052a3e-5375-4392-aeaf-0c6c44c131d4"
-      ],
-      "flags": {
-        "help": {
-          "char": "h",
-          "description": "Show CLI help.",
-          "name": "help",
-          "allowNo": false,
-          "type": "boolean"
-        },
-        "id": {
-          "char": "i",
-          "description": "The Opal ID of the resource. You can find this from the URL, e.g. https://opal.dev/resources/[ID]",
-          "name": "id",
-          "hasDynamicHelp": false,
-          "multiple": false,
-          "type": "option"
-        }
-      },
-      "hasDynamicHelp": false,
-      "hiddenAliases": [],
-      "id": "resources:get",
-      "pluginAlias": "opal-security",
-      "pluginName": "opal-security",
-      "pluginType": "core",
-      "strict": true,
-      "enableJsonFlag": false,
-      "isESM": false,
-      "relativePath": [
-        "lib",
-        "commands",
-        "resources",
-        "get.js"
-      ]
-    },
     "ssh:copyFrom": {
       "aliases": [],
       "args": {},
@@ -752,5 +752,5 @@
       ]
     }
   },
-  "version": "2.3.0"
+  "version": "2.3.2"
 }

package/package.json

@@ -1,21 +1,18 @@
 {
   "name": "opal-security",
   "description": "Opal allows you to centrally manage access to all of your sensitive systems.",
-  "version": "2.3.0",
+  "version": "2.3.2",
   "author": "Stephen Cobbe",
   "bin": {
     "opal": "./bin/run"
   },
   "bugs": "https://github.com/opalsecurity/opal-cli/issues",
   "dependencies": {
-    "@apollo/client": "^3.9.1",
-    "@graphql-codegen/cli": "^2.16.5",
-    "@graphql-codegen/near-operation-file-preset": "^1.18.6",
-    "@graphql-codegen/typescript": "^1.21.1",
-    "@graphql-codegen/typescript-oclif": "^1.17.9",
+    "@apollo/client": "^3.9.5",
+    "@oclif/core": "^3.19.3",
     "@oclif/plugin-autocomplete": "^1.4.6",
     "@oclif/plugin-help": "^5.2.20",
-    "@oclif/plugin-version": "^2.0.11",
+    "@oclif/plugin-version": "^2.0.12",
     "@types/prettyjson": "0.0.29",
     "argon2": "^0.31.2",
     "chalk": "^2.4.2",
@@ -34,7 +31,10 @@
     "tslib": "^1.14.1"
   },
   "devDependencies": {
-    "@oclif/core": "^3.18.2",
+    "@graphql-codegen/cli": "^5.0.2",
+    "@graphql-codegen/near-operation-file-preset": "^3.0.0",
+    "@graphql-codegen/typescript": "^4.0.5",
+    "@graphql-codegen/typescript-oclif": "^3.0.0",
     "@oclif/test": "^3",
     "@types/chai": "^4.2.16",
     "@types/inquirer": "^8.2.10",
@@ -43,15 +43,17 @@
     "@types/mocha": "^5.2.7",
     "@types/node": "^18.11.9",
     "@types/semver": "^7.3.8",
-    "@typescript-eslint/eslint-plugin": "^5.31.0",
+    "@typescript-eslint/eslint-plugin": "^7.0.2",
+    "better-npm-audit": "^3.7.3",
     "chai": "^4.3.4",
-    "eslint": "^8.17.0",
-    "eslint-config-oclif": "^5.0.0",
-    "eslint-config-oclif-typescript": "^3.0.41",
+    "eslint-config-oclif": "^5.0.2",
+    "eslint-config-oclif-typescript": "^3.0.48",
+    "eslint-plugin-simple-import-sort": "^12.0.0",
+    "eslint-plugin-unused-imports": "^3.1.0",
     "globby": "^10.0.2",
     "mocha": "^10.0.0",
     "nyc": "^15.1.0",
-    "oclif": "^4.4.2",
+    "oclif": "^4.4.16",
     "ts-node": "^8.10.2",
     "typescript": "^5.3.3"
   },