zapier-platform-core 17.0.1 → 17.0.3

package/index.mjs

@@ -0,0 +1,21 @@
+import zapier from './src/index.js';
+import packageJson from './package.json' with { type: 'json' };
+import _tools from './src/tools/exported.js';
+zapier.version = packageJson.version;
+zapier.tools = _tools;
+// Allows `import { ... } from 'zapier-platform-core'`
+export const {
+  createAppHandler,
+  createAppTester,
+  defineApp,
+  defineCreate,
+  defineInputField,
+  defineInputFields,
+  defineSearch,
+  defineTrigger,
+  integrationTestHandler,
+  tools,
+  version,
+} = zapier;
+// Allows `import zapier from 'zapier-platform-core'`
+export default zapier;

package/package.json

@@ -1,16 +1,26 @@
 {
   "name": "zapier-platform-core",
-  "version": "17.0.1",
+  "version": "17.0.3",
   "description": "The core SDK for CLI apps in the Zapier Developer Platform.",
   "repository": "zapier/zapier-platform",
   "homepage": "https://platform.zapier.com/",
   "author": "Zapier Engineering <contact@zapier.com>",
   "license": "SEE LICENSE IN LICENSE",
-  "main": "index.js",
   "types": "types/index.d.ts",
+  "exports": {
+    ".": {
+      "require": "./index.js",
+      "import": "./index.mjs",
+      "types": "./types/index.d.ts"
+    },
+    "./src/*": {
+      "require": "./src/*.js"
+    }
+  },
   "files": [
     "/include/",
     "/index.js",
+    "/index.mjs",
     "/src/",
     "/types/"
   ],
@@ -52,7 +62,7 @@
     "node-fetch": "2.7.0",
     "oauth-sign": "0.9.0",
     "semver": "7.7.1",
-    "zapier-platform-schema": "17.0.1"
+    "zapier-platform-schema": "17.0.3"
   },
   "devDependencies": {
     "@types/node-fetch": "^2.6.11",

package/src/constants.js

@@ -23,7 +23,11 @@ const RENDER_ONLY_METHODS = [
   'authentication.oauth1Config.authorizeUrl',
 ];
 
-const REQUEST_OBJECT_SHORTHAND_OPTIONS = { isShorthand: true, replace: true };
+const REPLACE_CURLIES = Symbol('replaceCurlies');
+
+const REQUEST_OBJECT_SHORTHAND_OPTIONS = {
+  [REPLACE_CURLIES]: true,
+};
 
 const DEFAULT_LOGGING_HTTP_ENDPOINT = 'https://httplogger.zapier.com/input';
 const DEFAULT_LOGGING_HTTP_API_KEY = 'R24hzu86v3jntwtX2DtYECeWAB'; // It's ok, this isn't PROD
@@ -65,13 +69,14 @@ module.exports = {
   IS_TESTING,
   KILL_MAX_LIMIT,
   KILL_MIN_LIMIT,
+  NON_STREAM_UPLOAD_MAX_SIZE,
   PACKAGE_NAME,
   PACKAGE_VERSION,
   RENDER_ONLY_METHODS,
+  REPLACE_CURLIES,
   REQUEST_OBJECT_SHORTHAND_OPTIONS,
   RESPONSE_SIZE_LIMIT,
   SAFE_LOG_KEYS,
   STATUSES,
   UPLOAD_MAX_SIZE,
-  NON_STREAM_UPLOAD_MAX_SIZE,
 };

package/src/execute-request.js

@@ -10,7 +10,6 @@ const executeRequest = (input) => {
   if (!options.url) {
     throw new Error('Missing url for request');
   }
-  options.replace = true;
   return input.z.request(options).then(responseCleaner);
 };
 

package/src/execute.js

@@ -10,18 +10,15 @@ const prepareRequest = require('./http-middlewares/before/prepare-request');
 const constants = require('./constants');
 
 const executeHttpRequest = (input, options) => {
-  options = _.extend(
-    {},
+  options = {
     // shorthand requests should always throw _unless_ the object specifically opts out
     // this covers godzilla devs who use shorthand requests (most of them) that rely on the throwing behavior
     // when we set the app-wide skip for everyone, we don't want their behavior to change
     // so, this line takes precedence over the global setting, but not the local one (`options`)
-    {
-      skipThrowForStatus: false,
-    },
-    options,
-    constants.REQUEST_OBJECT_SHORTHAND_OPTIONS,
-  );
+    skipThrowForStatus: false,
+    ...options,
+    ...constants.REQUEST_OBJECT_SHORTHAND_OPTIONS,
+  };
   return input.z.request(options).then((response) => {
     if (response.data === undefined) {
       throw new Error(
@@ -83,11 +80,10 @@ const execute = (app, input) => {
   } else if (_.isObject(method) && method.url) {
     const options = method;
     if (isRenderOnly(methodName)) {
-      const requestWithInput = _.extend(
-        {},
-        injectInput(input)(options),
-        constants.REQUEST_OBJECT_SHORTHAND_OPTIONS,
-      );
+      const requestWithInput = {
+        ...injectInput(input)(options),
+        ...constants.REQUEST_OBJECT_SHORTHAND_OPTIONS,
+      };
       const preparedRequest = addQueryParams(prepareRequest(requestWithInput));
       return preparedRequest.url;
     }

package/src/http-middlewares/before/inject-input.js

@@ -1,7 +1,5 @@
 'use strict';
 
-const _ = require('lodash');
-
 /*
    Creates HTTP before middleware that adds some app context
    to HTTP request options, including the app and event.
@@ -9,7 +7,9 @@ const _ = require('lodash');
    Useful for HTTP middlewares that need stuff from the app or event.
  */
 const injectInput = (input) => {
-  return (req) => _.extend({}, req, { input });
+  return (req) => {
+    return { ...req, input };
+  };
 };
 
 module.exports = injectInput;

package/src/http-middlewares/before/prepare-request.js

@@ -16,6 +16,8 @@ const {
   JSON_TYPE_UTF8,
 } = require('../../tools/http');
 
+const { REPLACE_CURLIES } = require('../../constants');
+
 const isStream = (obj) => obj instanceof stream.Stream;
 const isPromise = (obj) => obj && typeof obj.then === 'function';
 
@@ -50,6 +52,7 @@ const coerceBody = (req) => {
 
   // auto coerce form if header says so
   if (contentType === FORM_TYPE && req.body && !_.isString(req.body)) {
+    normalizeEmptyBodyFields(req);
     req.body = querystring.stringify(req.body).replace(/%20/g, '+');
   }
 
@@ -108,8 +111,9 @@ const throwForCurlies = (value, path) => {
     if (/{{\s*(bundle|process)\.[^}]*}}/.test(value)) {
       throw new Error(
         'z.request() no longer supports {{bundle.*}} or {{process.*}} as of v17 ' +
-          "unless it's used in a shorthand request. " +
-          'Use JavaScript template literals instead. ' +
+          "unless it's used in a shorthand request defined by the integration. " +
+          'Zapier Customers: Remove "{{curly braces}}" from your request. ' +
+          'Developers: Use JavaScript template literals instead. ' +
           `Value in violation: "${value}" in attribute "${path.join('.')}".`,
       );
     }
@@ -145,33 +149,44 @@ const prepareRequest = function (req) {
 
   req = sugarBody(req);
 
-  // apply app requestTemplate to request
-  if (req.merge) {
-    const requestTemplate = (input._zapier?.app || {}).requestTemplate;
-    req = requestMerge(requestTemplate, req);
-  }
-
-  const replaceable = {
-    url: req.url,
-    headers: req.headers,
-    params: req.params,
-    body: req.body,
-  };
-
-  if (req.replace) {
-    // replace {{curlies}} in the request
+  if (req[REPLACE_CURLIES] || req.merge) {
     const bank = createBundleBank(
-      input._zapier.app,
-      input._zapier.event,
+      input?._zapier?.event || {},
       req.serializeValueForCurlies,
     );
-    req = {
-      ...req,
-      ...recurseReplaceBank(replaceable, bank),
+
+    const requestReplaceable = {
+      url: req.url,
+      headers: req.headers,
+      params: req.params,
+      body: req.body,
     };
-  } else {
-    // throw if there's {{curlies}} in the request
-    throwForCurlies(replaceable);
+    if (req[REPLACE_CURLIES]) {
+      // replace {{curlies}} in the request
+      req = {
+        ...req,
+        ...recurseReplaceBank(requestReplaceable, bank),
+      };
+    } else {
+      // throw if there's {{curlies}} in the request
+      throwForCurlies(requestReplaceable);
+    }
+
+    if (req.merge) {
+      // Always replace {{curlies}} in reqeustTemplate regardless of
+      // req[REPLACE_CURLIES]
+      const requestTemplate = input._zapier?.app?.requestTemplate || {};
+      const templateReplaceable = {
+        url: requestTemplate.url,
+        headers: requestTemplate.headers,
+        params: requestTemplate.params,
+        body: requestTemplate.body,
+      };
+      const renderedTemplate = recurseReplaceBank(templateReplaceable, bank);
+
+      // Apply app.requestTemplate to request
+      req = requestMerge(renderedTemplate, req);
+    }
   }
 
   req = coerceBody(req);

package/src/tools/cleaner.js

@@ -43,66 +43,96 @@ const recurseCleanFuncs = (obj, path) => {
   return obj;
 };
 
+const findNextCurlies = (str) => {
+  const start = str.indexOf('{{');
+  if (start < 0) {
+    return {
+      start: -1,
+      end: -1,
+    };
+  }
+
+  const end = str.indexOf('}}', start + 2);
+  if (end < 0) {
+    return {
+      start: -1,
+      end: -1,
+    };
+  }
+
+  return {
+    start,
+    end: end + 2,
+  };
+};
+
 // Recurse a nested object replace all instances of keys->vals in the bank.
 const recurseReplaceBank = (obj, bank = {}) => {
-  const matchesCurlies = /({{.*?}})/;
-  const matchesKeyRegexMap = Object.keys(bank).reduce((acc, key) => {
-    // Escape characters (ex. {{foo}} => \\{\\{foo\\}\\} )
-    acc[key] = new RegExp(key.replace(/[-[\]/{}()\\*+?.^$|]/g, '\\$&'), 'g');
-    return acc;
-  }, {});
-  const replacer = (out) => {
-    if (!['string', 'number'].includes(typeof out)) {
-      return out;
+  const replacer = (input) => {
+    if (typeof input !== 'string') {
+      return input;
     }
 
-    // whatever leaves this function replaces values in the calling object
-    // so, we don't want to return a different data type unless it's a censored string
-    const originalValue = out;
-    const originalValueStr = String(out);
-    let maybeChangedString = originalValueStr;
-
-    Object.keys(bank).forEach((key) => {
-      const matchesKey = matchesKeyRegexMap[key];
-      // RegExp.test modifies internal state of the regex object
-      // since we're re-using regexes, we have to reset that state between calls
-      // or the second time in a row that the key should match, it misses instead
-      // see: https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/RegExp/lastIndex
-      matchesKey.lastIndex = 0;
-      if (!matchesKey.test(maybeChangedString)) {
-        return;
+    const outputItems = [];
+    let inputString = input;
+
+    // 1000 iterations is just a static upper bound to make infinite loops
+    // impossible. Who would have 1000 {{curlies}} in a string... right?
+    const MAX_ITERATIONS = 1000;
+    for (let i = 0; i < MAX_ITERATIONS; i++) {
+      const { start, end } = findNextCurlies(inputString);
+      if (start < 0) {
+        outputItems.push(inputString);
+        break;
+      }
+
+      const head = inputString.slice(0, start);
+      const key = inputString.slice(start, end);
+      const tail = inputString.slice(end);
+
+      if (head) {
+        outputItems.push(head);
       }
 
-      const valueParts = maybeChangedString
-        .split(matchesCurlies)
-        .filter(Boolean);
       const replacementValue = bank[key];
-      const isPartOfString =
-        !matchesCurlies.test(maybeChangedString) || valueParts.length > 1;
-      const shouldThrowTypeError =
-        isPartOfString &&
-        (Array.isArray(replacementValue) || _.isPlainObject(replacementValue));
-
-      if (shouldThrowTypeError) {
-        const bareKey = _.trimEnd(_.trimStart(key, '{'), '}');
-        throw new TypeError(
-          'Cannot reliably interpolate objects or arrays into a string. ' +
-            `Variable \`${bareKey}\` is an ${getObjectType(
-              replacementValue,
-            )}:\n"${replacementValue}"`,
-        );
+      if (replacementValue == null) {
+        // No match in the bank
+        outputItems.push(key);
+      } else {
+        const isPartOfString = head || tail;
+        if (
+          isPartOfString &&
+          (Array.isArray(replacementValue) || _.isPlainObject(replacementValue))
+        ) {
+          const bareKey = key.slice(2, -2); // '{{key}}' -> 'key'
+          throw new TypeError(
+            'Cannot reliably interpolate objects or arrays into a string. ' +
+              `Variable \`${bareKey}\` is an ${getObjectType(
+                replacementValue,
+              )}:\n"${replacementValue}"`,
+          );
+        } else {
+          outputItems.push(replacementValue);
+        }
       }
 
-      maybeChangedString = isPartOfString
-        ? valueParts.join('').replace(matchesKey, replacementValue)
-        : replacementValue;
-    });
+      inputString = tail;
+      if (!inputString) {
+        break;
+      }
+
+      if (i === MAX_ITERATIONS - 1) {
+        // The input string does have more than 1000 {{curlies}}, just return
+        // the rest of the string without replacing.
+        outputItems.push(inputString);
+      }
+    }
 
-    if (originalValueStr === maybeChangedString) {
-      // we didn't censor or replace the value, so return the original
-      return originalValue;
+    if (outputItems.length === 1 && typeof outputItems[0] !== 'string') {
+      return outputItems[0];
+    } else {
+      return outputItems.join('');
     }
-    return maybeChangedString;
   };
   return recurseReplace(obj, replacer);
 };
@@ -113,7 +143,7 @@ const finalizeBundle = pipe(
 );
 
 // Takes a raw app and bundle and composes a bank of {{key}}->val
-const createBundleBank = (appRaw, event = {}, serializeFunc = (x) => x) => {
+const createBundleBank = (event = {}, serializeFunc = (x) => x) => {
   const bank = {
     bundle: finalizeBundle(event.bundle),
     process: {

package/src/tools/create-http-patch.js

@@ -110,7 +110,7 @@ const createHttpPatch = (event) => {
           } else {
             const responseBody = _.map(chunks, (chunk) =>
               chunk.toString(),
-            ).join('\n');
+            ).join('');
             sendToLogger(responseBody);
           }
         };

package/src/tools/request-merge.js

@@ -3,6 +3,7 @@
 const _ = require('lodash');
 
 const requestClean = require('./request-clean');
+const { REPLACE_CURLIES } = require('../constants');
 
 // Do a merge with case-insensitive keys in the .header, and drop empty .header keys
 const caseInsensitiveMerge = (requestOne, requestTwo, requestThree) => {
@@ -14,6 +15,12 @@ const caseInsensitiveMerge = (requestOne, requestTwo, requestThree) => {
   // This is a very quick & efficient merge for all of request's properties
   const mergedRequest = _.merge(requestOne, requestTwo, requestThree);
 
+  // _.merge() ignores symbols. REPLACE_CURLIES is a symbol, so we need to add
+  // it back
+  if (requestThree[REPLACE_CURLIES]) {
+    mergedRequest[REPLACE_CURLIES] = requestThree[REPLACE_CURLIES];
+  }
+
   // Now to cleanup headers, we start on the last request (the one with priority) and work backwards to add the keys that don't already exist
   // NOTE: This is done "manually" instead of a _.merge or Object.assign() because we need case-insensitivity
   const mergedRequestHeaders = requestThree.headers || {};

package/types/schemas.generated.d.ts

@@ -4,7 +4,7 @@
  * files, and/or the schema-to-ts tool and run its CLI to regenerate
  * these typings.
  *
- * zapier-platform-schema version: 17.0.0
+ * zapier-platform-schema version: 17.0.3
  *  schema-to-ts compiler version: 0.1.0
  */
 import type {