npm - pkg-track - Versions diffs - 1.0.2 → 2.0.0 - Mend

pkg-track 1.0.2 → 2.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

package/README.md CHANGED Viewed

@@ -54,51 +54,21 @@ npm install -g git+https://github.com/vvanessaww/pkg-track.git
 > ⚠️ **Installing from git requires build tools** for compiling native modules (better-sqlite3). On macOS, install Xcode Command Line Tools: `xcode-select --install`. On Ubuntu/Debian: `sudo apt-get install build-essential python3`
-### 2. One-Time Gmail Setup (~5 minutes)
-**Quick Google Cloud setup** (sounds scary, but it's just clicking through):
-```bash
-# 1. Create the config directory
-mkdir -p ~/.pkg-tracker
-# 2. Follow these steps to get your credentials:
-```
-**Google Cloud Console** (one-time):
-1. Go to https://console.cloud.google.com/apis/credentials
-2. **Create Project** → Name: `pkg-track` (or anything) → **Create**
-3. **Enable APIs** → Search **"Gmail API"** → **Enable**
-4. **Configure Consent Screen**:
-   - User Type: **External** → **Create**
-   - App name: `pkg-track`
-   - User support email: (your email)
-   - Developer contact: (your email)
-   - **Save and Continue** (skip scopes/test users)
-5. **Credentials** → **Create Credentials** → **OAuth client ID**:
-   - Application type: **Desktop app**
-   - Name: `pkg-track`
-   - **Create**
-6. **Download JSON** (click the download icon ⬇️)
-7. **Move the file**:
-   ```bash
-   mv ~/Downloads/client_secret_*.json ~/.pkg-tracker/credentials.json
-   ```
-**Why this setup?** Google requires each user to create their own OAuth app for Gmail access. This ensures your data stays private and you control the permissions. Your credentials never leave your computer.
-### 3. Initialize
+### 2. Initialize
 ```bash
 pkg init
 ```
-This will:
-- Open your browser for Gmail authorization
-- Save access token locally
-- Create local database
+**What happens:**
+1. Opens your browser to a secure authorization page
+2. You click "Sign in with Gmail"
+3. Grant read-only access to your Gmail
+4. Token is saved locally on your computer
+**That's it!** Simple one-click setup, no Google Cloud configuration needed.
-**That's it!** You only need to do this once.
+**Privacy:** We use read-only Gmail access (`gmail.readonly` scope). Your credentials and package data stay on your computer. You can revoke access anytime at https://myaccount.google.com/permissions
 ## Usage
@@ -256,20 +226,6 @@ If you want to stop using pkg-track:
 **Why it's safe:** You created the OAuth credentials yourself - it's YOUR app accessing YOUR Gmail. No one else has access.
-### "Gmail credentials not found"
-**Problem:** You see `⚠️ Gmail OAuth credentials not found.`
-**Solution:**
-1. Make sure you've created OAuth credentials in Google Cloud Console (see [Quick Start](#-quick-start))
-2. Download the credentials JSON file
-3. Save it to the correct location:
-   ```bash
-   mkdir -p ~/.pkg-tracker
-   mv ~/Downloads/client_secret_*.json ~/.pkg-tracker/credentials.json
-   ```
-4. Run `pkg init` again
 ### "Gmail not authorized"
 **Problem:** Error says Gmail not authorized or token missing
@@ -384,6 +340,23 @@ pkg sync
    - Visit: https://github.com/vvanessaww/pkg-track/issues
    - Include: OS, Node.js version, error message, steps to reproduce
+## Known Issues
+### npm deprecation warning during installation
+**What you might see:**
+```
+npm warn deprecated prebuild-install@7.1.3: No longer maintained
+```
+**What it means:**
+- This warning comes from a dependency (`better-sqlite3`) that we use for local database storage
+- It's a cosmetic warning and **does not affect functionality**
+- The package works perfectly fine
+- We're waiting for the upstream maintainer to update their dependencies
+**Action required:** None. You can safely ignore this warning.
 ## Roadmap
 - [ ] **Live tracking updates** via AfterShip/TrackingMore API

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "pkg-track",
-  "version": "1.0.2",
+  "version": "2.0.0",
   "description": "Track all your packages in one place - UPS, FedEx, USPS, Amazon. Interactive CLI with Gmail integration.",
   "main": "src/index.js",
   "bin": {

package/src/gmail-old.js ADDED Viewed

@@ -0,0 +1,397 @@
+const { google } = require('googleapis');
+const fs = require('fs');
+const path = require('path');
+const os = require('os');
+const open = require('open');
+const chalk = require('chalk');
+const ora = require('ora');
+const http = require('http');
+const url = require('url');
+const { extractTrackingNumbers, detectRetailer, extractShippedDate, extractProductDetails } = require('./parser');
+const { upsertPackage } = require('./db');
+const CONFIG_DIR = path.join(os.homedir(), '.pkg-tracker');
+const TOKEN_PATH = path.join(CONFIG_DIR, 'gmail-token.json');
+const CREDENTIALS_PATH = path.join(CONFIG_DIR, 'credentials.json');
+const SCOPES = ['https://www.googleapis.com/auth/gmail.readonly'];
+/**
+ * Initialize Gmail OAuth
+ */
+async function initGmail() {
+  console.log(chalk.blue('\n📧 Gmail OAuth Setup\n'));
+  console.log(chalk.gray('Secure, read-only access to scan your email for shipping confirmations'));
+  console.log(chalk.gray('Your credentials are stored locally - no data leaves your computer\n'));
+  // Check if credentials exist
+  if (!fs.existsSync(CREDENTIALS_PATH)) {
+    console.log(chalk.yellow('⚠️  Gmail OAuth credentials not found.'));
+    console.log('\nTo set up Gmail access:');
+    console.log('1. Go to https://console.cloud.google.com/apis/credentials');
+    console.log('2. Create OAuth 2.0 Client ID (Desktop app)');
+    console.log('3. Download the JSON file');
+    console.log(`4. Save it as: ${CREDENTIALS_PATH}\n`);
+    // Ensure directory exists with secure permissions
+    if (!fs.existsSync(CONFIG_DIR)) {
+      fs.mkdirSync(CONFIG_DIR, { recursive: true, mode: 0o700 });
+    }
+    throw new Error('Please set up Gmail credentials first');
+  }
+  const credentials = JSON.parse(fs.readFileSync(CREDENTIALS_PATH, 'utf8'));
+  // Handle different credential formats
+  let clientInfo;
+  if (credentials.installed) {
+    clientInfo = credentials.installed;
+  } else if (credentials.web) {
+    clientInfo = credentials.web;
+  } else {
+    // Direct format (sometimes happens with newer Google Cloud Console)
+    clientInfo = credentials;
+  }
+  const { client_secret, client_id, redirect_uris } = clientInfo;
+  if (!client_secret || !client_id || !redirect_uris || !redirect_uris[0]) {
+    throw new Error('Invalid credentials.json format. Please download a fresh OAuth client credentials file from Google Cloud Console.');
+  }
+  // Parse the redirect URI to get the port
+  const redirectUri = redirect_uris[0];
+  const redirectUrl = new URL(redirectUri);
+  const port = parseInt(redirectUrl.port) || 3000;
+  const oAuth2Client = new google.auth.OAuth2(client_id, client_secret, redirectUri);
+  // Generate auth URL
+  const authUrl = oAuth2Client.generateAuthUrl({
+    access_type: 'offline',
+    scope: SCOPES,
+  });
+  console.log(chalk.blue('Opening browser for Gmail authorization...'));
+  console.log(chalk.gray(`Starting local server on port ${port}...\n`));
+  // Create a promise that resolves when we get the code
+  const code = await new Promise((resolve, reject) => {
+    const server = http.createServer(async (req, res) => {
+      try {
+        console.log(chalk.gray(`Received request: ${req.url}`));
+        const queryParams = url.parse(req.url, true).query;
+        if (queryParams.code) {
+          // Send success page
+          res.writeHead(200, { 'Content-Type': 'text/html' });
+          res.end(`
+            <!DOCTYPE html>
+            <html>
+              <head>
+                <meta charset="UTF-8">
+                <title>Authorization Successful</title>
+                <style>
+                  body {
+                    font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', sans-serif;
+                    display: flex;
+                    align-items: center;
+                    justify-content: center;
+                    height: 100vh;
+                    margin: 0;
+                    background: #f5f5f5;
+                  }
+                  .container {
+                    text-align: center;
+                    background: white;
+                    padding: 3rem;
+                    border-radius: 12px;
+                    box-shadow: 0 4px 12px rgba(0,0,0,0.1);
+                  }
+                  h1 { color: #22c55e; margin: 0 0 1rem; }
+                  p { color: #666; margin: 0; }
+                </style>
+              </head>
+              <body>
+                <div class="container">
+                  <h1>✓ Authorization Successful!</h1>
+                  <p>You can close this window and return to the terminal.</p>
+                </div>
+              </body>
+            </html>
+          `);
+          console.log(chalk.green('\n✓ Received authorization code'));
+          // Give time for response to be sent
+          setTimeout(() => {
+            server.close();
+            resolve(queryParams.code);
+          }, 100);
+        } else if (queryParams.error) {
+          res.writeHead(400, { 'Content-Type': 'text/html' });
+          res.end(`
+            <!DOCTYPE html>
+            <html>
+              <head>
+                <meta charset="UTF-8">
+                <title>Authorization Failed</title>
+                <style>
+                  body {
+                    font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', sans-serif;
+                    display: flex;
+                    align-items: center;
+                    justify-content: center;
+                    height: 100vh;
+                    margin: 0;
+                    background: #f5f5f5;
+                  }
+                  .container {
+                    text-align: center;
+                    background: white;
+                    padding: 3rem;
+                    border-radius: 12px;
+                    box-shadow: 0 4px 12px rgba(0,0,0,0.1);
+                  }
+                  h1 { color: #ef4444; margin: 0 0 1rem; }
+                  p { color: #666; margin: 0; }
+                </style>
+              </head>
+              <body>
+                <div class="container">
+                  <h1>✗ Authorization Failed</h1>
+                  <p>Error: ${queryParams.error}</p>
+                </div>
+              </body>
+            </html>
+          `);
+          setTimeout(() => {
+            server.close();
+            reject(new Error(`OAuth error: ${queryParams.error}`));
+          }, 100);
+        }
+      } catch (err) {
+        server.close();
+        reject(err);
+      }
+    });
+    // Handle server errors
+    server.on('error', (err) => {
+      if (err.code === 'EADDRINUSE') {
+        console.log(chalk.red(`\n✗ Port ${port} is already in use`));
+        console.log(chalk.yellow('Please close any other applications using this port and try again.\n'));
+      }
+      reject(err);
+    });
+    server.listen(port, '127.0.0.1', () => {
+      console.log(chalk.green(`✓ Server listening on http://127.0.0.1:${port}`));
+      console.log(chalk.gray('Opening browser...\n'));
+      // Wait a bit for server to be fully ready, then open browser
+      setTimeout(() => {
+        open(authUrl);
+      }, 500);
+    });
+    // Timeout after 5 minutes
+    setTimeout(() => {
+      server.close();
+      reject(new Error('Authorization timeout - no response received after 5 minutes'));
+    }, 5 * 60 * 1000);
+  });
+  const { tokens } = await oAuth2Client.getToken(code);
+  oAuth2Client.setCredentials(tokens);
+  // Save token with secure permissions (user read/write only)
+  fs.writeFileSync(TOKEN_PATH, JSON.stringify(tokens), { mode: 0o600 });
+  console.log(chalk.green('\n✓ Gmail access granted and saved!'));
+}
+/**
+ * Get authorized Gmail client
+ */
+function getGmailClient() {
+  if (!fs.existsSync(CREDENTIALS_PATH)) {
+    throw new Error('Gmail credentials not found. Run `pkg init` first.');
+  }
+  if (!fs.existsSync(TOKEN_PATH)) {
+    throw new Error('Gmail not authorized. Run `pkg init` first.');
+  }
+  const credentials = JSON.parse(fs.readFileSync(CREDENTIALS_PATH, 'utf8'));
+  const tokens = JSON.parse(fs.readFileSync(TOKEN_PATH, 'utf8'));
+  // Handle different credential formats
+  let clientInfo;
+  if (credentials.installed) {
+    clientInfo = credentials.installed;
+  } else if (credentials.web) {
+    clientInfo = credentials.web;
+  } else {
+    clientInfo = credentials;
+  }
+  const { client_secret, client_id, redirect_uris } = clientInfo;
+  const oAuth2Client = new google.auth.OAuth2(client_id, client_secret, redirect_uris[0]);
+  oAuth2Client.setCredentials(tokens);
+  return google.gmail({ version: 'v1', auth: oAuth2Client });
+}
+/**
+ * Sync packages from Gmail
+ */
+async function syncPackages(days = 30) {
+  console.log(chalk.blue('\n📧 Gmail Package Scanner\n'));
+  console.log(chalk.gray('Securely scanning your Gmail for shipping confirmations...'));
+  console.log(chalk.gray(`Searching the last ${days} days for packages from UPS, FedEx, USPS, and Amazon`));
+  console.log(chalk.gray('💡 Tip: Use --days <number> to customize the date range (max 30 days)\n'));
+  const spinner = ora('Scanning Gmail for shipping confirmations...').start();
+  try {
+    const gmail = getGmailClient();
+    // Expanded search for shipping-related emails
+    // Search both subject and body for common shipping terms
+    const query = `(
+      shipped OR
+      "has shipped" OR
+      tracking OR
+      delivered OR
+      "out for delivery" OR
+      "order confirmation" OR
+      "shipment confirmation" OR
+      "your order" OR
+      "on its way" OR
+      "package update" OR
+      "delivery update" OR
+      "1Z" OR
+      "TBA" OR
+      "fedex" OR
+      "usps" OR
+      "ups" OR
+      "amazon"
+    ) newer_than:${days}d`.replace(/\s+/g, ' ');
+    console.log(chalk.gray(`\nSearch query: ${query.substring(0, 100)}...`));
+    const response = await gmail.users.messages.list({
+      userId: 'me',
+      q: query,
+      maxResults: 200, // Increased from 100
+    });
+    const messages = response.data.messages || [];
+    if (messages.length === 0) {
+      spinner.succeed(chalk.yellow('No shipping emails found'));
+      return;
+    }
+    spinner.text = `Found ${messages.length} emails, extracting tracking numbers...`;
+    console.log(chalk.gray(`Processing ${messages.length} emails (last ${days} days)...\n`));
+    let foundCount = 0;
+    let emailsWithTracking = 0;
+    const skippedEmails = [];
+    for (const message of messages) {
+      const msg = await gmail.users.messages.get({
+        userId: 'me',
+        id: message.id,
+        format: 'full',
+      });
+      // Extract headers
+      const headers = msg.data.payload.headers;
+      const subject = headers.find(h => h.name === 'Subject')?.value || '';
+      const from = headers.find(h => h.name === 'From')?.value || '';
+      const date = headers.find(h => h.name === 'Date')?.value || '';
+      // Get email body
+      let body = '';
+      if (msg.data.payload.body.data) {
+        body = Buffer.from(msg.data.payload.body.data, 'base64').toString();
+      } else if (msg.data.payload.parts) {
+        const textPart = msg.data.payload.parts.find(p => p.mimeType === 'text/plain');
+        if (textPart && textPart.body.data) {
+          body = Buffer.from(textPart.body.data, 'base64').toString();
+        }
+      }
+      // Extract tracking numbers
+      const trackingNumbers = extractTrackingNumbers(subject + ' ' + body);
+      if (trackingNumbers.length > 0) {
+        emailsWithTracking++;
+        const emailData = { from, subject, body, date };
+        const retailer = detectRetailer(emailData);
+        const shippedDate = extractShippedDate(emailData);
+        const productDetails = extractProductDetails(emailData);
+        // Parse email date to timestamp
+        let emailTimestamp = null;
+        try {
+          if (date) {
+            emailTimestamp = Math.floor(new Date(date).getTime() / 1000);
+          }
+        } catch (e) {
+          // Use current time if parsing fails
+          emailTimestamp = Math.floor(Date.now() / 1000);
+        }
+        for (const { trackingNumber, carrier } of trackingNumbers) {
+          upsertPackage({
+            trackingNumber,
+            carrier,
+            retailer,
+            description: productDetails,
+            emailId: message.id,
+            shippedDate,
+            lastEmailDate: emailTimestamp,
+          });
+          foundCount++;
+        }
+      } else {
+        // Track emails without tracking numbers for debugging
+        skippedEmails.push({ subject, from });
+      }
+    }
+    spinner.succeed(chalk.green(`✓ Found ${foundCount} tracking numbers from ${emailsWithTracking}/${messages.length} emails`));
+    if (foundCount > 0) {
+      console.log(chalk.gray(`\n💡 Run ${chalk.cyan('pkg open')} to track your packages\n`));
+    }
+    // Show sample of skipped emails if verbose
+    if (skippedEmails.length > 0 && skippedEmails.length < 10) {
+      console.log(chalk.yellow(`⚠️  ${skippedEmails.length} emails had no tracking numbers:`));
+      skippedEmails.forEach(({ subject, from }) => {
+        console.log(chalk.gray(`  - ${subject.substring(0, 60)}...`));
+        console.log(chalk.gray(`    from: ${from.substring(0, 40)}`));
+      });
+      console.log();
+    } else if (skippedEmails.length >= 10) {
+      console.log(chalk.gray(`${skippedEmails.length} emails had no tracking numbers (likely order confirmations)\n`));
+    }
+  } catch (error) {
+    spinner.fail(chalk.red('Failed to sync'));
+    throw error;
+  }
+}
+module.exports = {
+  initGmail,
+  syncPackages,
+  getGmailClient,
+};

package/src/gmail.js CHANGED Viewed

@@ -7,67 +7,57 @@ const chalk = require('chalk');
 const ora = require('ora');
 const http = require('http');
 const url = require('url');
+const net = require('net');
 const { extractTrackingNumbers, detectRetailer, extractShippedDate, extractProductDetails } = require('./parser');
 const { upsertPackage } = require('./db');
 const CONFIG_DIR = path.join(os.homedir(), '.pkg-tracker');
 const TOKEN_PATH = path.join(CONFIG_DIR, 'gmail-token.json');
-const CREDENTIALS_PATH = path.join(CONFIG_DIR, 'credentials.json');
+// Web-based OAuth URL
+const AUTH_WEB_URL = process.env.PKG_TRACK_AUTH_URL || 'https://pkg-track-auth.vercel.app';
 const SCOPES = ['https://www.googleapis.com/auth/gmail.readonly'];
 /**
- * Initialize Gmail OAuth
+ * Find an available port
+ */
+async function getAvailablePort() {
+  return new Promise((resolve, reject) => {
+    const server = net.createServer();
+    server.listen(0, '127.0.0.1', () => {
+      const port = server.address().port;
+      server.close(() => resolve(port));
+    });
+    server.on('error', reject);
+  });
+}
+/**
+ * Initialize Gmail OAuth using web-based flow
  */
 async function initGmail() {
   console.log(chalk.blue('\n📧 Gmail OAuth Setup\n'));
   console.log(chalk.gray('Secure, read-only access to scan your email for shipping confirmations'));
   console.log(chalk.gray('Your credentials are stored locally - no data leaves your computer\n'));
-  // Check if credentials exist
-  if (!fs.existsSync(CREDENTIALS_PATH)) {
-    console.log(chalk.yellow('⚠️  Gmail OAuth credentials not found.'));
-    console.log('\nTo set up Gmail access:');
-    console.log('1. Go to https://console.cloud.google.com/apis/credentials');
-    console.log('2. Create OAuth 2.0 Client ID (Desktop app)');
-    console.log('3. Download the JSON file');
-    console.log(`4. Save it as: ${CREDENTIALS_PATH}\n`);
-    // Ensure directory exists with secure permissions
-    if (!fs.existsSync(CONFIG_DIR)) {
-      fs.mkdirSync(CONFIG_DIR, { recursive: true, mode: 0o700 });
-    }
-    throw new Error('Please set up Gmail credentials first');
+  // Ensure config directory exists with secure permissions
+  if (!fs.existsSync(CONFIG_DIR)) {
+    fs.mkdirSync(CONFIG_DIR, { recursive: true, mode: 0o700 });
   }
-  const credentials = JSON.parse(fs.readFileSync(CREDENTIALS_PATH, 'utf8'));
-  const { client_secret, client_id, redirect_uris } = credentials.installed || credentials.web;
-  // Parse the redirect URI to get the port
-  const redirectUri = redirect_uris[0];
-  const redirectUrl = new URL(redirectUri);
-  const port = parseInt(redirectUrl.port) || 3000;
-  const oAuth2Client = new google.auth.OAuth2(client_id, client_secret, redirectUri);
-  // Generate auth URL
-  const authUrl = oAuth2Client.generateAuthUrl({
-    access_type: 'offline',
-    scope: SCOPES,
-  });
+  // Start local callback server
+  const port = await getAvailablePort();
+  console.log(chalk.green(`✓ Starting local callback server on port ${port}`));
-  console.log(chalk.blue('Opening browser for Gmail authorization...'));
-  console.log(chalk.gray(`Starting local server on port ${port}...\n`));
-  // Create a promise that resolves when we get the code
-  const code = await new Promise((resolve, reject) => {
-    const server = http.createServer(async (req, res) => {
+  const tokens = await new Promise((resolve, reject) => {
+    const server = http.createServer((req, res) => {
       try {
-        console.log(chalk.gray(`Received request: ${req.url}`));
         const queryParams = url.parse(req.url, true).query;
-        if (queryParams.code) {
+        if (queryParams.token) {
+          const tokens = JSON.parse(queryParams.token);
           // Send success page
           res.writeHead(200, { 'Content-Type': 'text/html' });
           res.end(`
@@ -99,57 +89,22 @@ async function initGmail() {
               </head>
               <body>
                 <div class="container">
-                  <h1>✓ Authorization Successful!</h1>
+                  <h1>✓ Authorization Complete!</h1>
                   <p>You can close this window and return to the terminal.</p>
                 </div>
               </body>
             </html>
           `);
-          console.log(chalk.green('\n✓ Received authorization code'));
+          console.log(chalk.green('\n✓ Received authorization token'));
-          // Give time for response to be sent
           setTimeout(() => {
             server.close();
-            resolve(queryParams.code);
+            resolve(tokens);
           }, 100);
         } else if (queryParams.error) {
-          res.writeHead(400, { 'Content-Type': 'text/html' });
-          res.end(`
-            <!DOCTYPE html>
-            <html>
-              <head>
-                <meta charset="UTF-8">
-                <title>Authorization Failed</title>
-                <style>
-                  body {
-                    font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', sans-serif;
-                    display: flex;
-                    align-items: center;
-                    justify-content: center;
-                    height: 100vh;
-                    margin: 0;
-                    background: #f5f5f5;
-                  }
-                  .container {
-                    text-align: center;
-                    background: white;
-                    padding: 3rem;
-                    border-radius: 12px;
-                    box-shadow: 0 4px 12px rgba(0,0,0,0.1);
-                  }
-                  h1 { color: #ef4444; margin: 0 0 1rem; }
-                  p { color: #666; margin: 0; }
-                </style>
-              </head>
-              <body>
-                <div class="container">
-                  <h1>✗ Authorization Failed</h1>
-                  <p>Error: ${queryParams.error}</p>
-                </div>
-              </body>
-            </html>
-          `);
+          res.writeHead(400, { 'Content-Type': 'text/plain' });
+          res.end('Authorization failed');
           setTimeout(() => {
             server.close();
@@ -162,20 +117,20 @@ async function initGmail() {
       }
     });
-    // Handle server errors
     server.on('error', (err) => {
       if (err.code === 'EADDRINUSE') {
         console.log(chalk.red(`\n✗ Port ${port} is already in use`));
-        console.log(chalk.yellow('Please close any other applications using this port and try again.\n'));
+        console.log(chalk.yellow('Please try again in a moment.\n'));
       }
       reject(err);
     });
     server.listen(port, '127.0.0.1', () => {
-      console.log(chalk.green(`✓ Server listening on http://127.0.0.1:${port}`));
-      console.log(chalk.gray('Opening browser...\n'));
+      console.log(chalk.blue('Opening browser for Gmail authorization...\n'));
+      // Open web app with callback port
+      const authUrl = `${AUTH_WEB_URL}/?port=${port}`;
-      // Wait a bit for server to be fully ready, then open browser
       setTimeout(() => {
         open(authUrl);
       }, 500);
@@ -188,10 +143,7 @@ async function initGmail() {
     }, 5 * 60 * 1000);
   });
-  const { tokens } = await oAuth2Client.getToken(code);
-  oAuth2Client.setCredentials(tokens);
-  // Save token with secure permissions (user read/write only)
+  // Save tokens with secure permissions
   fs.writeFileSync(TOKEN_PATH, JSON.stringify(tokens), { mode: 0o600 });
   console.log(chalk.green('\n✓ Gmail access granted and saved!'));
 }
@@ -200,20 +152,15 @@ async function initGmail() {
  * Get authorized Gmail client
  */
 function getGmailClient() {
-  if (!fs.existsSync(CREDENTIALS_PATH)) {
-    throw new Error('Gmail credentials not found. Run `pkg init` first.');
-  }
   if (!fs.existsSync(TOKEN_PATH)) {
     throw new Error('Gmail not authorized. Run `pkg init` first.');
   }
-  const credentials = JSON.parse(fs.readFileSync(CREDENTIALS_PATH, 'utf8'));
   const tokens = JSON.parse(fs.readFileSync(TOKEN_PATH, 'utf8'));
-  const { client_secret, client_id, redirect_uris } = credentials.installed || credentials.web;
-  const oAuth2Client = new google.auth.OAuth2(client_id, client_secret, redirect_uris[0]);
+  // Create a temporary OAuth client just for making API calls
+  // We don't need client_id/secret after we have the tokens
+  const oAuth2Client = new google.auth.OAuth2();
   oAuth2Client.setCredentials(tokens);
   return google.gmail({ version: 'v1', auth: oAuth2Client });
@@ -234,7 +181,6 @@ async function syncPackages(days = 30) {
     const gmail = getGmailClient();
     // Expanded search for shipping-related emails
-    // Search both subject and body for common shipping terms
     const query = `(
       shipped OR
       "has shipped" OR
@@ -255,12 +201,10 @@ async function syncPackages(days = 30) {
       "amazon"
     ) newer_than:${days}d`.replace(/\s+/g, ' ');
-    console.log(chalk.gray(`\nSearch query: ${query.substring(0, 100)}...`));
     const response = await gmail.users.messages.list({
       userId: 'me',
       q: query,
-      maxResults: 200, // Increased from 100
+      maxResults: 200,
     });
     const messages = response.data.messages || [];
@@ -271,7 +215,6 @@ async function syncPackages(days = 30) {
     }
     spinner.text = `Found ${messages.length} emails, extracting tracking numbers...`;
-    console.log(chalk.gray(`Processing ${messages.length} emails (last ${days} days)...\n`));
     let foundCount = 0;
     let emailsWithTracking = 0;
@@ -318,7 +261,6 @@ async function syncPackages(days = 30) {
             emailTimestamp = Math.floor(new Date(date).getTime() / 1000);
           }
         } catch (e) {
-          // Use current time if parsing fails
           emailTimestamp = Math.floor(Date.now() / 1000);
         }
@@ -335,7 +277,6 @@ async function syncPackages(days = 30) {
           foundCount++;
         }
       } else {
-        // Track emails without tracking numbers for debugging
         skippedEmails.push({ subject, from });
       }
     }
@@ -346,7 +287,6 @@ async function syncPackages(days = 30) {
       console.log(chalk.gray(`\n💡 Run ${chalk.cyan('pkg open')} to track your packages\n`));
     }
-    // Show sample of skipped emails if verbose
     if (skippedEmails.length > 0 && skippedEmails.length < 10) {
       console.log(chalk.yellow(`⚠️  ${skippedEmails.length} emails had no tracking numbers:`));
       skippedEmails.forEach(({ subject, from }) => {