shopify 3.93.0 → 3.93.2

package/dist/{ui-QBSPD4RX.js → ui-GZ7DOSHP.js}

@@ -1 +1 @@
-import{Ac as l,Bc as m,Cc as n,Dc as o,Ec as p,Fc as q,Gc as r,ec as a,fc as b,rc as c,sc as d,tc as e,uc as f,vc as g,wc as h,xc as i,yc as j,zc as k}from"./chunk-DLK7L2KZ.js";import"./chunk-P3ASN7B5.js";import"./chunk-XV44IQDO.js";import"./chunk-QJEBL3WX.js";import"./chunk-EENHXSWU.js";import"./chunk-NOSKVZWJ.js";import"./chunk-T4M5CWAO.js";import"./chunk-PRVQAHWI.js";import"./chunk-QUTQDXSL.js";import"./chunk-VPRTJUIN.js";export{b as handleCtrlC,r as isTTY,q as keypress,a as render,k as renderAutocompletePrompt,c as renderConcurrent,j as renderConfirmationPrompt,p as renderDangerousConfirmationPrompt,g as renderError,h as renderFatalError,d as renderInfo,i as renderSelectPrompt,n as renderSingleTask,e as renderSuccess,l as renderTable,m as renderTasks,o as renderTextPrompt,f as renderWarning};
+import{Ac as l,Bc as m,Cc as n,Dc as o,Ec as p,Fc as q,Gc as r,ec as a,fc as b,rc as c,sc as d,tc as e,uc as f,vc as g,wc as h,xc as i,yc as j,zc as k}from"./chunk-4QL77VYJ.js";import"./chunk-XVFYDYZA.js";import"./chunk-FYQIRCLV.js";import"./chunk-QJEBL3WX.js";import"./chunk-EENHXSWU.js";import"./chunk-NOSKVZWJ.js";import"./chunk-T4M5CWAO.js";import"./chunk-PRVQAHWI.js";import"./chunk-QUTQDXSL.js";import"./chunk-VPRTJUIN.js";export{b as handleCtrlC,r as isTTY,q as keypress,a as render,k as renderAutocompletePrompt,c as renderConcurrent,j as renderConfirmationPrompt,p as renderDangerousConfirmationPrompt,g as renderError,h as renderFatalError,d as renderInfo,i as renderSelectPrompt,n as renderSingleTask,e as renderSuccess,l as renderTable,m as renderTasks,o as renderTextPrompt,f as renderWarning};

package/dist/{workerd-QSZBPNES.js → workerd-LJU6AVMQ.js}

@@ -1,4 +1,4 @@
-import{Ua as b,Va as k,Wa as E,X as v,Xa as A,Ya as I,Za as L,_a as x,mb as s,ob as B,pb as O}from"./chunk-MYTB32VB.js";import"./chunk-KADPE3PY.js";import"./chunk-O6CC6JKI.js";import"./chunk-U7JC7ESX.js";import"./chunk-PRKBO42R.js";import"./chunk-SBSUITP6.js";import{Gd as q,Jc as R,Qa as g,ic as N,tc as w,va as y}from"./chunk-DLK7L2KZ.js";import"./chunk-P3ASN7B5.js";import"./chunk-XV44IQDO.js";import"./chunk-QJEBL3WX.js";import"./chunk-EENHXSWU.js";import{d as h,g as f}from"./chunk-NOSKVZWJ.js";import"./chunk-T4M5CWAO.js";import"./chunk-PRVQAHWI.js";import"./chunk-QUTQDXSL.js";import{g as p}from"./chunk-VPRTJUIN.js";p();import{createRequire as C}from"node:module";async function ee({root:c,appPort:D,inspectorPort:P,assetsPort:S,debug:U=!1,watch:W=!1,buildPathWorkerFile:$,buildPathClient:M,env:l}){let{createMiniOxygen:F,Response:u}=await v("@shopify/mini-oxygen",c).catch(L);k({Response:u});async function _(){let r=C(import.meta.url).resolve("@shopify/hydrogen/customer-account.schema.json");return new u(g(r),{headers:{"Content-Type":"application/json"}})}let t="hydrogen",o=h(c,$),m=()=>y(o).catch(e=>{throw new R(`Could not read worker file.
+import{$a as x,Va as b,Wa as k,Xa as E,Y as v,Ya as A,Za as I,_a as L,nb as s,pb as B,qb as O}from"./chunk-5FCKEHCK.js";import"./chunk-KADPE3PY.js";import"./chunk-IG47ZDRU.js";import"./chunk-4VZV4LQX.js";import"./chunk-PRKBO42R.js";import"./chunk-MX6WWR5F.js";import{Gd as q,Jc as R,Qa as g,ic as N,tc as w,va as y}from"./chunk-4QL77VYJ.js";import"./chunk-XVFYDYZA.js";import"./chunk-FYQIRCLV.js";import"./chunk-QJEBL3WX.js";import"./chunk-EENHXSWU.js";import{d as h,g as f}from"./chunk-NOSKVZWJ.js";import"./chunk-T4M5CWAO.js";import"./chunk-PRVQAHWI.js";import"./chunk-QUTQDXSL.js";import{g as p}from"./chunk-VPRTJUIN.js";p();import{createRequire as C}from"node:module";async function ee({root:c,appPort:D,inspectorPort:P,assetsPort:S,debug:U=!1,watch:W=!1,buildPathWorkerFile:$,buildPathClient:M,env:l}){let{createMiniOxygen:F,Response:u}=await v("@shopify/mini-oxygen",c).catch(L);k({Response:u});async function _(){let r=C(import.meta.url).resolve("@shopify/hydrogen/customer-account.schema.json");return new u(g(r),{headers:{"Content-Type":"application/json"}})}let t="hydrogen",o=h(c,$),m=()=>y(o).catch(e=>{throw new R(`Could not read worker file.
 
 `+e.stack,"Did you build the project?")}),i=F({debug:U,port:D,host:"localhost",liveReload:W,requestHook:x,inspectorPort:P,inspectWorkerName:t,assets:{port:S,directory:M},workers:[{name:"hydrogen:middleware",modules:!0,script:`export default { fetch: (request, env) => {
           const url = new URL(request.url);

package/oclif.manifest.json

@@ -4426,7 +4426,7 @@
       ],
       "args": {
         "routeName": {
-          "description": "The route to generate. One of home,page,cart,products,collections,policies,blogs,account,search,robots,sitemap,tokenlessApi,all.",
+          "description": "The route to generate. One of home,page,cart,products,collections,policies,blogs,account,search,robots,sitemap,all.",
           "name": "routeName",
           "options": [
             "home",
@@ -4440,7 +4440,6 @@
             "search",
             "robots",
             "sitemap",
-            "tokenlessApi",
             "all"
           ],
           "required": true
@@ -5743,9 +5742,19 @@
       "descriptionWithMarkdown": "Authenticates the app against the specified store for store commands and stores an online access token for later reuse.\n\nRe-run this command if the stored token is missing, expires, or no longer has the scopes you need.",
       "enableJsonFlag": false,
       "examples": [
-        "<%= config.bin %> <%= command.id %> --store shop.myshopify.com --scopes read_products,write_products"
+        "<%= config.bin %> <%= command.id %> --store shop.myshopify.com --scopes read_products,write_products",
+        "<%= config.bin %> <%= command.id %> --store shop.myshopify.com --scopes read_products,write_products --json"
       ],
       "flags": {
+        "json": {
+          "allowNo": false,
+          "char": "j",
+          "description": "Output the result as JSON. Automatically disables color output.",
+          "env": "SHOPIFY_FLAG_JSON",
+          "hidden": false,
+          "name": "json",
+          "type": "boolean"
+        },
         "no-color": {
           "allowNo": false,
           "description": "Disable color output.",
@@ -5803,7 +5812,8 @@
       "examples": [
         "<%= config.bin %> <%= command.id %> --store shop.myshopify.com --query \"query { shop { name } }\"",
         "<%= config.bin %> <%= command.id %> --store shop.myshopify.com --query-file ./operation.graphql --variables '{\"id\":\"gid://shopify/Product/1\"}'",
-        "<%= config.bin %> <%= command.id %> --store shop.myshopify.com --query \"mutation { shop { id } }\" --allow-mutations"
+        "<%= config.bin %> <%= command.id %> --store shop.myshopify.com --query \"mutation { shop { id } }\" --allow-mutations",
+        "<%= config.bin %> <%= command.id %> --store shop.myshopify.com --query \"query { shop { name } }\" --json"
       ],
       "flags": {
         "allow-mutations": {
@@ -5813,6 +5823,15 @@
           "name": "allow-mutations",
           "type": "boolean"
         },
+        "json": {
+          "allowNo": false,
+          "char": "j",
+          "description": "Output the result as JSON. Automatically disables color output.",
+          "env": "SHOPIFY_FLAG_JSON",
+          "hidden": false,
+          "name": "json",
+          "type": "boolean"
+        },
         "no-color": {
           "allowNo": false,
           "description": "Disable color output.",
@@ -8380,5 +8399,5 @@
       "summary": "Trigger delivery of a sample webhook topic payload to a designated address."
     }
   },
-  "version": "3.93.0"
+  "version": "3.93.2"
 }

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "shopify",
-  "version": "3.93.0",
+  "version": "3.93.2",
   "private": false,
   "description": "A CLI tool to build for the Shopify platform",
   "keywords": [
@@ -49,12 +49,12 @@
     "@oclif/core": "4.5.3",
     "@oclif/plugin-commands": "4.1.33",
     "@oclif/plugin-plugins": "5.4.47",
-    "@shopify/app": "3.93.0",
-    "@shopify/cli-kit": "3.93.0",
-    "@shopify/plugin-cloudflare": "3.93.0",
-    "@shopify/plugin-did-you-mean": "3.93.0",
-    "@shopify/theme": "3.93.0",
-    "@shopify/cli-hydrogen": "11.1.10",
+    "@shopify/app": "3.93.2",
+    "@shopify/cli-kit": "3.93.2",
+    "@shopify/plugin-cloudflare": "3.93.2",
+    "@shopify/plugin-did-you-mean": "3.93.2",
+    "@shopify/theme": "3.93.2",
+    "@shopify/cli-hydrogen": "11.1.14",
     "@types/global-agent": "3.0.0",
     "@vitest/coverage-istanbul": "^3.1.4",
     "esbuild-plugin-copy": "^2.1.1"

package/dist/assets/hydrogen/starter/app/routes/api.$version.[graphql.json].tsx

@@ -1,14 +0,0 @@
-import type {Route} from './+types/api.$version.[graphql.json]';
-
-export async function action({params, context, request}: Route.ActionArgs) {
-  const response = await fetch(
-    `https://${context.env.PUBLIC_CHECKOUT_DOMAIN}/api/${params.version}/graphql.json`,
-    {
-      method: 'POST',
-      body: request.body,
-      headers: request.headers,
-    },
-  );
-
-  return new Response(response.body, {headers: new Headers(response.headers)});
-}

package/dist/cli/services/store/admin-graphql-context.js

@@ -1,103 +0,0 @@
-import { fetchApiVersions } from '@shopify/cli-kit/node/api/admin';
-import { AbortError } from '@shopify/cli-kit/node/error';
-import { fetch } from '@shopify/cli-kit/node/http';
-import { outputContent, outputDebug, outputToken } from '@shopify/cli-kit/node/output';
-import { maskToken, STORE_AUTH_APP_CLIENT_ID } from './auth-config.js';
-import { createStoredStoreAuthError, reauthenticateStoreAuthError } from './auth-recovery.js';
-import { clearStoredStoreAppSession, getStoredStoreAppSession, isSessionExpired, setStoredStoreAppSession, } from './session.js';
-async function refreshStoreToken(session) {
-    if (!session.refreshToken) {
-        throw reauthenticateStoreAuthError(`No refresh token stored for ${session.store}.`, session.store, session.scopes.join(','));
-    }
-    const endpoint = `https://${session.store}/admin/oauth/access_token`;
-    outputDebug(outputContent `Refreshing expired token for ${outputToken.raw(session.store)} (expired at ${outputToken.raw(session.expiresAt ?? 'unknown')}, refresh_token=${outputToken.raw(maskToken(session.refreshToken))})`);
-    const response = await fetch(endpoint, {
-        method: 'POST',
-        headers: { 'Content-Type': 'application/json' },
-        body: JSON.stringify({
-            client_id: STORE_AUTH_APP_CLIENT_ID,
-            grant_type: 'refresh_token',
-            refresh_token: session.refreshToken,
-        }),
-    });
-    const body = await response.text();
-    if (!response.ok) {
-        outputDebug(outputContent `Token refresh failed with HTTP ${outputToken.raw(String(response.status))}: ${outputToken.raw(body.slice(0, 300))}`);
-        clearStoredStoreAppSession(session.store, session.userId);
-        throw reauthenticateStoreAuthError(`Token refresh failed for ${session.store} (HTTP ${response.status}).`, session.store, session.scopes.join(','));
-    }
-    let data;
-    try {
-        data = JSON.parse(body);
-    }
-    catch {
-        clearStoredStoreAppSession(session.store, session.userId);
-        throw new AbortError('Received an invalid refresh response from Shopify.');
-    }
-    if (!data.access_token) {
-        clearStoredStoreAppSession(session.store, session.userId);
-        throw reauthenticateStoreAuthError(`Token refresh returned an invalid response for ${session.store}.`, session.store, session.scopes.join(','));
-    }
-    const now = Date.now();
-    const expiresAt = data.expires_in ? new Date(now + data.expires_in * 1000).toISOString() : session.expiresAt;
-    const refreshedSession = {
-        ...session,
-        accessToken: data.access_token,
-        refreshToken: data.refresh_token ?? session.refreshToken,
-        expiresAt,
-        refreshTokenExpiresAt: data.refresh_token_expires_in
-            ? new Date(now + data.refresh_token_expires_in * 1000).toISOString()
-            : session.refreshTokenExpiresAt,
-        acquiredAt: new Date(now).toISOString(),
-    };
-    outputDebug(outputContent `Token refresh succeeded for ${outputToken.raw(session.store)}: ${outputToken.raw(maskToken(session.accessToken))} → ${outputToken.raw(maskToken(refreshedSession.accessToken))}, new expiry ${outputToken.raw(expiresAt ?? 'unknown')}`);
-    setStoredStoreAppSession(refreshedSession);
-    return refreshedSession;
-}
-async function loadStoredStoreSession(store) {
-    let session = getStoredStoreAppSession(store);
-    if (!session) {
-        throw createStoredStoreAuthError(store);
-    }
-    outputDebug(outputContent `Loaded stored session for ${outputToken.raw(store)}: token=${outputToken.raw(maskToken(session.accessToken))}, expires=${outputToken.raw(session.expiresAt ?? 'unknown')}`);
-    if (isSessionExpired(session)) {
-        session = await refreshStoreToken(session);
-    }
-    return session;
-}
-async function resolveApiVersion(options) {
-    const { session, adminSession, userSpecifiedVersion } = options;
-    if (userSpecifiedVersion === 'unstable')
-        return userSpecifiedVersion;
-    let availableVersions;
-    try {
-        availableVersions = await fetchApiVersions(adminSession);
-    }
-    catch (error) {
-        if (error instanceof AbortError &&
-            error.message.includes(`Error connecting to your store ${adminSession.storeFqdn}:`) &&
-            /\b(?:401|404)\b/.test(error.message)) {
-            clearStoredStoreAppSession(session.store, session.userId);
-            throw reauthenticateStoreAuthError(`Stored app authentication for ${session.store} is no longer valid.`, session.store, session.scopes.join(','));
-        }
-        throw error;
-    }
-    if (!userSpecifiedVersion) {
-        const supportedVersions = availableVersions.filter((version) => version.supported).map((version) => version.handle);
-        return supportedVersions.sort().reverse()[0];
-    }
-    const versionList = availableVersions.map((version) => version.handle);
-    if (versionList.includes(userSpecifiedVersion))
-        return userSpecifiedVersion;
-    throw new AbortError(`Invalid API version: ${userSpecifiedVersion}`, `Allowed versions: ${versionList.join(', ')}`);
-}
-export async function prepareAdminStoreGraphQLContext(input) {
-    const session = await loadStoredStoreSession(input.store);
-    const adminSession = {
-        token: session.accessToken,
-        storeFqdn: session.store,
-    };
-    const version = await resolveApiVersion({ session, adminSession, userSpecifiedVersion: input.userSpecifiedVersion });
-    return { adminSession, version, sessionUserId: session.userId };
-}
-//# sourceMappingURL=admin-graphql-context.js.map

package/dist/cli/services/store/admin-graphql-transport.d.ts

@@ -1,9 +0,0 @@
-import { AdminSession } from '@shopify/cli-kit/node/session';
-import { PreparedStoreExecuteRequest } from './execute-request.js';
-export declare function runAdminStoreGraphQLOperation(input: {
-    store: string;
-    adminSession: AdminSession;
-    sessionUserId: string;
-    version: string;
-    request: PreparedStoreExecuteRequest;
-}): Promise<unknown>;

package/dist/cli/services/store/auth.d.ts

@@ -1,61 +0,0 @@
-import { openURL } from '@shopify/cli-kit/node/system';
-interface StoreAuthInput {
-    store: string;
-    scopes: string;
-}
-interface StoreTokenResponse {
-    access_token: string;
-    token_type?: string;
-    scope?: string;
-    expires_in?: number;
-    refresh_token?: string;
-    refresh_token_expires_in?: number;
-    associated_user_scope?: string;
-    associated_user?: {
-        id: number;
-        first_name?: string;
-        last_name?: string;
-        email?: string;
-        account_owner?: boolean;
-        locale?: string;
-        collaborator?: boolean;
-        email_verified?: boolean;
-    };
-}
-interface WaitForAuthCodeOptions {
-    store: string;
-    state: string;
-    port: number;
-    timeoutMs?: number;
-    onListening?: () => void | Promise<void>;
-}
-export declare function generateCodeVerifier(): string;
-export declare function computeCodeChallenge(verifier: string): string;
-export declare function parseStoreAuthScopes(input: string): string[];
-export declare function buildStoreAuthUrl(options: {
-    store: string;
-    scopes: string[];
-    state: string;
-    redirectUri: string;
-    codeChallenge: string;
-}): string;
-export declare function waitForStoreAuthCode({ store, state, port, timeoutMs, onListening, }: WaitForAuthCodeOptions): Promise<string>;
-export declare function exchangeStoreAuthCodeForToken(options: {
-    store: string;
-    code: string;
-    codeVerifier: string;
-    redirectUri: string;
-}): Promise<StoreTokenResponse>;
-interface StoreAuthPresenter {
-    openingBrowser: () => void;
-    manualAuthUrl: (authorizationUrl: string) => void;
-    success: (store: string, email?: string) => void;
-}
-interface StoreAuthDependencies {
-    openURL: typeof openURL;
-    waitForStoreAuthCode: typeof waitForStoreAuthCode;
-    exchangeStoreAuthCodeForToken: typeof exchangeStoreAuthCodeForToken;
-    presenter: StoreAuthPresenter;
-}
-export declare function authenticateStoreWithApp(input: StoreAuthInput, dependencies?: StoreAuthDependencies): Promise<void>;
-export {};

package/dist/cli/services/store/auth.js

@@ -1,326 +0,0 @@
-import { DEFAULT_STORE_AUTH_PORT, STORE_AUTH_APP_CLIENT_ID, STORE_AUTH_CALLBACK_PATH, maskToken, storeAuthRedirectUri } from './auth-config.js';
-import { retryStoreAuthWithPermanentDomainError } from './auth-recovery.js';
-import { setStoredStoreAppSession } from './session.js';
-import { normalizeStoreFqdn } from '@shopify/cli-kit/node/context/fqdn';
-import { randomUUID } from '@shopify/cli-kit/node/crypto';
-import { AbortError } from '@shopify/cli-kit/node/error';
-import { fetch } from '@shopify/cli-kit/node/http';
-import { outputCompleted, outputContent, outputDebug, outputInfo, outputToken } from '@shopify/cli-kit/node/output';
-import { openURL } from '@shopify/cli-kit/node/system';
-import { createHash, randomBytes, timingSafeEqual } from 'crypto';
-import { createServer } from 'http';
-export function generateCodeVerifier() {
-    return randomBytes(32).toString('base64url');
-}
-export function computeCodeChallenge(verifier) {
-    return createHash('sha256').update(verifier).digest('base64url');
-}
-export function parseStoreAuthScopes(input) {
-    const scopes = input
-        .split(',')
-        .map((scope) => scope.trim())
-        .filter(Boolean);
-    if (scopes.length === 0) {
-        throw new AbortError('At least one scope is required.', 'Pass --scopes as a comma-separated list.');
-    }
-    return [...new Set(scopes)];
-}
-function expandImpliedStoreScopes(scopes) {
-    const expandedScopes = new Set(scopes);
-    for (const scope of scopes) {
-        const matches = scope.match(/^(unauthenticated_)?write_(.*)$/);
-        if (matches) {
-            expandedScopes.add(`${matches[1] ?? ''}read_${matches[2]}`);
-        }
-    }
-    return expandedScopes;
-}
-function resolveGrantedScopes(tokenResponse, requestedScopes) {
-    if (!tokenResponse.scope) {
-        outputDebug(outputContent `Token response did not include scope; falling back to requested scopes`);
-        return requestedScopes;
-    }
-    const grantedScopes = parseStoreAuthScopes(tokenResponse.scope);
-    const expandedGrantedScopes = expandImpliedStoreScopes(grantedScopes);
-    const missingScopes = requestedScopes.filter((scope) => !expandedGrantedScopes.has(scope));
-    if (missingScopes.length > 0) {
-        throw new AbortError('Shopify granted fewer scopes than were requested.', `Missing scopes: ${missingScopes.join(', ')}.`, [
-            'Update the app or store installation scopes.',
-            'See https://shopify.dev/app/scopes',
-            'Re-run shopify store auth.',
-        ]);
-    }
-    return grantedScopes;
-}
-export function buildStoreAuthUrl(options) {
-    const params = new URLSearchParams();
-    params.set('client_id', STORE_AUTH_APP_CLIENT_ID);
-    params.set('scope', options.scopes.join(','));
-    params.set('redirect_uri', options.redirectUri);
-    params.set('state', options.state);
-    params.set('response_type', 'code');
-    params.set('code_challenge', options.codeChallenge);
-    params.set('code_challenge_method', 'S256');
-    return `https://${options.store}/admin/oauth/authorize?${params.toString()}`;
-}
-function renderAuthCallbackPage(title, message) {
-    const safeTitle = title
-        .replace(/&/g, '&')
-        .replace(/</g, '&lt;')
-        .replace(/>/g, '&gt;')
-        .replace(/"/g, '&quot;');
-    const safeMessage = message
-        .replace(/&/g, '&amp;')
-        .replace(/</g, '&lt;')
-        .replace(/>/g, '&gt;')
-        .replace(/"/g, '&quot;');
-    return `<!doctype html>
-<html lang="en">
-  <head>
-    <meta charset="utf-8" />
-    <meta name="viewport" content="width=device-width, initial-scale=1" />
-    <title>${safeTitle}</title>
-  </head>
-  <body style="margin:0;background:#f6f6f7;color:#202223;font-family:-apple-system,BlinkMacSystemFont,'Segoe UI',sans-serif;">
-    <main style="max-width:32rem;margin:12vh auto;padding:0 1rem;">
-      <section style="background:#fff;border:1px solid #e1e3e5;border-radius:12px;padding:1.5rem 1.25rem;box-shadow:0 1px 3px rgba(0,0,0,0.06);">
-        <h1 style="margin:0 0 0.75rem 0;font-size:1.375rem;line-height:1.2;">${safeTitle}</h1>
-        <p style="margin:0;font-size:1rem;line-height:1.5;">${safeMessage}</p>
-      </section>
-    </main>
-  </body>
-</html>`;
-}
-export async function waitForStoreAuthCode({ store, state, port, timeoutMs = 5 * 60 * 1000, onListening, }) {
-    const normalizedStore = normalizeStoreFqdn(store);
-    return new Promise((resolve, reject) => {
-        let settled = false;
-        let isListening = false;
-        const timeout = setTimeout(() => {
-            settleWithError(new AbortError('Timed out waiting for OAuth callback.'));
-        }, timeoutMs);
-        const server = createServer((req, res) => {
-            const requestUrl = new URL(req.url ?? '/', `http://127.0.0.1:${port}`);
-            if (requestUrl.pathname !== STORE_AUTH_CALLBACK_PATH) {
-                res.statusCode = 404;
-                res.end('Not found');
-                return;
-            }
-            const { searchParams } = requestUrl;
-            const fail = (error, tryMessage) => {
-                const abortError = typeof error === 'string' ? new AbortError(error, tryMessage) : error;
-                res.statusCode = 400;
-                res.setHeader('Content-Type', 'text/html');
-                res.setHeader('Connection', 'close');
-                res.once('finish', () => settleWithError(abortError));
-                res.end(renderAuthCallbackPage('Authentication failed', abortError.message));
-            };
-            const returnedStore = searchParams.get('shop');
-            outputDebug(outputContent `Received OAuth callback for shop ${outputToken.raw(returnedStore ?? 'unknown')}`);
-            if (!returnedStore) {
-                fail('OAuth callback store does not match the requested store.');
-                return;
-            }
-            const normalizedReturnedStore = normalizeStoreFqdn(returnedStore);
-            if (normalizedReturnedStore !== normalizedStore) {
-                fail(retryStoreAuthWithPermanentDomainError(normalizedReturnedStore));
-                return;
-            }
-            const returnedState = searchParams.get('state');
-            if (!returnedState || !constantTimeEqual(returnedState, state)) {
-                fail('OAuth callback state does not match the original request.');
-                return;
-            }
-            const error = searchParams.get('error');
-            if (error) {
-                fail(`Shopify returned an OAuth error: ${error}`);
-                return;
-            }
-            const code = searchParams.get('code');
-            if (!code) {
-                fail('OAuth callback did not include an authorization code.');
-                return;
-            }
-            outputDebug(outputContent `Received authorization code ${outputToken.raw(maskToken(code))}`);
-            res.statusCode = 200;
-            res.setHeader('Content-Type', 'text/html');
-            res.setHeader('Connection', 'close');
-            res.once('finish', () => settle(() => resolve(code)));
-            res.end(renderAuthCallbackPage('Authentication succeeded', 'You can close this window and return to the terminal.'));
-        });
-        const settle = (callback) => {
-            if (settled)
-                return;
-            settled = true;
-            clearTimeout(timeout);
-            const finalize = () => {
-                callback();
-            };
-            if (!isListening) {
-                finalize();
-                return;
-            }
-            server.close(() => {
-                isListening = false;
-                finalize();
-            });
-            server.closeIdleConnections?.();
-        };
-        const settleWithError = (error) => {
-            settle(() => reject(error));
-        };
-        server.on('error', (error) => {
-            if (error.code === 'EADDRINUSE') {
-                settleWithError(new AbortError(`Port ${port} is already in use.`, `Free port ${port} and re-run ${outputToken.genericShellCommand(`shopify store auth --store ${store} --scopes <comma-separated-scopes>`).value}. Ensure that redirect URI is allowed in the app configuration.`));
-                return;
-            }
-            settleWithError(error);
-        });
-        server.listen(port, '127.0.0.1', async () => {
-            isListening = true;
-            outputDebug(outputContent `PKCE callback server listening on http://127.0.0.1:${outputToken.raw(String(port))}${outputToken.raw(STORE_AUTH_CALLBACK_PATH)}`);
-            if (!onListening)
-                return;
-            try {
-                await onListening();
-            }
-            catch (error) {
-                settleWithError(error instanceof Error ? error : new Error(String(error)));
-            }
-        });
-    });
-}
-function constantTimeEqual(a, b) {
-    if (a.length !== b.length)
-        return false;
-    return timingSafeEqual(Buffer.from(a, 'utf8'), Buffer.from(b, 'utf8'));
-}
-export async function exchangeStoreAuthCodeForToken(options) {
-    const endpoint = `https://${options.store}/admin/oauth/access_token`;
-    outputDebug(outputContent `Exchanging authorization code for token at ${outputToken.raw(endpoint)}`);
-    const response = await fetch(endpoint, {
-        method: 'POST',
-        headers: { 'Content-Type': 'application/json' },
-        body: JSON.stringify({
-            client_id: STORE_AUTH_APP_CLIENT_ID,
-            code: options.code,
-            code_verifier: options.codeVerifier,
-            redirect_uri: options.redirectUri,
-        }),
-    });
-    const body = await response.text();
-    if (!response.ok) {
-        outputDebug(outputContent `Token exchange failed with HTTP ${outputToken.raw(String(response.status))}: ${outputToken.raw(body.slice(0, 300))}`);
-        throw new AbortError(`Failed to exchange OAuth code for an access token (HTTP ${response.status}).`, body || response.statusText);
-    }
-    let parsed;
-    try {
-        parsed = JSON.parse(body);
-    }
-    catch {
-        throw new AbortError('Received an invalid token response from Shopify.');
-    }
-    outputDebug(outputContent `Token exchange succeeded: access_token=${outputToken.raw(maskToken(parsed.access_token))}, refresh_token=${outputToken.raw(parsed.refresh_token ? maskToken(parsed.refresh_token) : 'none')}, expires_in=${outputToken.raw(String(parsed.expires_in ?? 'unknown'))}s, user=${outputToken.raw(String(parsed.associated_user?.id ?? 'unknown'))} (${outputToken.raw(parsed.associated_user?.email ?? 'no email')})`);
-    return parsed;
-}
-const defaultStoreAuthPresenter = {
-    openingBrowser() {
-        outputInfo('Shopify CLI will open the app authorization page in your browser.');
-        outputInfo('');
-    },
-    manualAuthUrl(authorizationUrl) {
-        outputInfo('Browser did not open automatically. Open this URL manually:');
-        outputInfo(outputContent `${outputToken.link(authorizationUrl)}`);
-        outputInfo('');
-    },
-    success(store, email) {
-        const displayName = email ? ` as ${email}` : '';
-        outputCompleted('Logged in.');
-        outputCompleted(`Authenticated${displayName} against ${store}.`);
-        outputInfo('');
-        outputInfo('To verify that authentication worked, run:');
-        outputInfo(`shopify store execute --store ${store} --query 'query { shop { name id } }'`);
-    },
-};
-const defaultStoreAuthDependencies = {
-    openURL,
-    waitForStoreAuthCode,
-    exchangeStoreAuthCodeForToken,
-    presenter: defaultStoreAuthPresenter,
-};
-function createPkceBootstrap(input, exchangeCodeForToken) {
-    const store = normalizeStoreFqdn(input.store);
-    const scopes = parseStoreAuthScopes(input.scopes);
-    const port = DEFAULT_STORE_AUTH_PORT;
-    const state = randomUUID();
-    const redirectUri = storeAuthRedirectUri(port);
-    const codeVerifier = generateCodeVerifier();
-    const codeChallenge = computeCodeChallenge(codeVerifier);
-    const authorizationUrl = buildStoreAuthUrl({ store, scopes, state, redirectUri, codeChallenge });
-    outputDebug(outputContent `Starting PKCE auth for ${outputToken.raw(store)} with scopes ${outputToken.raw(scopes.join(','))} (redirect_uri=${outputToken.raw(redirectUri)})`);
-    return {
-        authorization: {
-            store,
-            scopes,
-            state,
-            port,
-            redirectUri,
-            authorizationUrl,
-            codeVerifier,
-        },
-        waitForAuthCodeOptions: {
-            store,
-            state,
-            port,
-        },
-        exchangeCodeForToken: (code) => exchangeCodeForToken({ store, code, codeVerifier, redirectUri }),
-    };
-}
-export async function authenticateStoreWithApp(input, dependencies = defaultStoreAuthDependencies) {
-    const bootstrap = createPkceBootstrap(input, dependencies.exchangeStoreAuthCodeForToken);
-    const { authorization: { store, scopes, redirectUri, authorizationUrl }, } = bootstrap;
-    dependencies.presenter.openingBrowser();
-    const code = await dependencies.waitForStoreAuthCode({
-        ...bootstrap.waitForAuthCodeOptions,
-        onListening: async () => {
-            const opened = await dependencies.openURL(authorizationUrl);
-            if (!opened)
-                dependencies.presenter.manualAuthUrl(authorizationUrl);
-        },
-    });
-    const tokenResponse = await bootstrap.exchangeCodeForToken(code);
-    const userId = tokenResponse.associated_user?.id?.toString();
-    if (!userId) {
-        throw new AbortError('Shopify did not return associated user information for the online access token.');
-    }
-    const now = Date.now();
-    const expiresAt = tokenResponse.expires_in ? new Date(now + tokenResponse.expires_in * 1000).toISOString() : undefined;
-    setStoredStoreAppSession({
-        store,
-        clientId: STORE_AUTH_APP_CLIENT_ID,
-        userId,
-        accessToken: tokenResponse.access_token,
-        refreshToken: tokenResponse.refresh_token,
-        // Store the raw scopes returned by Shopify. Validation may treat implied
-        // write_* -> read_* permissions as satisfied, so callers should not assume
-        // session.scopes is an expanded/effective permission set.
-        scopes: resolveGrantedScopes(tokenResponse, scopes),
-        acquiredAt: new Date(now).toISOString(),
-        expiresAt,
-        refreshTokenExpiresAt: tokenResponse.refresh_token_expires_in
-            ? new Date(now + tokenResponse.refresh_token_expires_in * 1000).toISOString()
-            : undefined,
-        associatedUser: tokenResponse.associated_user
-            ? {
-                id: tokenResponse.associated_user.id,
-                email: tokenResponse.associated_user.email,
-                firstName: tokenResponse.associated_user.first_name,
-                lastName: tokenResponse.associated_user.last_name,
-                accountOwner: tokenResponse.associated_user.account_owner,
-            }
-            : undefined,
-    });
-    outputDebug(outputContent `Session persisted for ${outputToken.raw(store)} (user ${outputToken.raw(userId)}, expires ${outputToken.raw(expiresAt ?? 'unknown')})`);
-    dependencies.presenter.success(store, tokenResponse.associated_user?.email);
-}
-//# sourceMappingURL=auth.js.map

package/dist/cli/services/store/execute-result.d.ts

@@ -1 +0,0 @@
-export declare function writeOrOutputStoreExecuteResult(result: unknown, outputFile?: string): Promise<void>;

package/dist/cli/services/store/execute-result.js

@@ -1,18 +0,0 @@
-import { writeFile } from '@shopify/cli-kit/node/fs';
-import { outputResult } from '@shopify/cli-kit/node/output';
-import { renderSuccess } from '@shopify/cli-kit/node/ui';
-export async function writeOrOutputStoreExecuteResult(result, outputFile) {
-    const resultString = JSON.stringify(result, null, 2);
-    if (outputFile) {
-        await writeFile(outputFile, resultString);
-        renderSuccess({
-            headline: 'Operation succeeded.',
-            body: `Results written to ${outputFile}`,
-        });
-    }
-    else {
-        renderSuccess({ headline: 'Operation succeeded.' });
-        outputResult(resultString);
-    }
-}
-//# sourceMappingURL=execute-result.js.map