zapier-platform-core 17.7.0 → 17.7.1

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "zapier-platform-core",
-  "version": "17.7.0",
+  "version": "17.7.1",
   "description": "The core SDK for CLI apps in the Zapier Developer Platform.",
   "repository": "zapier/zapier-platform",
   "homepage": "https://platform.zapier.com/",
@@ -63,7 +63,7 @@
     "node-fetch": "2.7.0",
     "oauth-sign": "0.9.0",
     "semver": "7.7.1",
-    "zapier-platform-schema": "17.7.0"
+    "zapier-platform-schema": "17.7.1"
   },
   "devDependencies": {
     "@types/node-fetch": "^2.6.11",

package/src/http-middlewares/after/prepare-response.js

@@ -2,19 +2,44 @@
 
 const _ = require('lodash');
 const querystring = require('querystring');
+
+const { scrub, findSensitiveValues } = require('@zapier/secret-scrubber');
+
 const { replaceHeaders } = require('./middleware-utils');
 const { FORM_TYPE } = require('../../tools/http');
 const errors = require('../../errors');
+const {
+  findSensitiveValuesFromAuthData,
+} = require('../../tools/secret-scrubber');
 
-const _throwForStatus = (response) => {
+const buildSensitiveValues = (bundle) => {
+  const authData = bundle?.authData || {};
+  const result = [
+    ...findSensitiveValuesFromAuthData(authData),
+    ...findSensitiveValues(process.env),
+  ];
+  return [...new Set(result)];
+};
+
+const _throwForStatus = (response, bundle) => {
   // calling this always throws, regardless of the skipThrowForStatus value
   // eslint-disable-next-line yoda
   if (400 <= response.status && response.status < 600) {
+    // Create a cleaned version of the response to avoid sensitive data leaks
+    try {
+      // Find sensitive values from environment variables and bundle authData
+      const sensitiveValues = buildSensitiveValues(bundle);
+      if (sensitiveValues.length > 0 && response?.request?.url) {
+        response.request.url = scrub(response.request.url, sensitiveValues);
+      }
+    } catch (err) {
+      // don't fail the whole request if we can't scrub for some reason
+    }
     throw new errors.ResponseError(response);
   }
 };
 
-const prepareRawResponse = (resp, request) => {
+const prepareRawResponse = (resp, request, bundle) => {
   // TODO: if !2xx should we go ahead and get response.content for them?
   // retain the response signature for raw control
   const extendedResp = {
@@ -24,7 +49,7 @@ const prepareRawResponse = (resp, request) => {
   const outResp = _.extend(resp, extendedResp, replaceHeaders(resp));
 
   outResp.throwForStatus = () => {
-    _throwForStatus(outResp);
+    _throwForStatus(outResp, bundle);
   };
 
   Object.defineProperty(outResp, 'content', {
@@ -39,7 +64,7 @@ const prepareRawResponse = (resp, request) => {
   return outResp;
 };
 
-const prepareContentResponse = async (resp, request) => {
+const prepareContentResponse = async (resp, request, bundle) => {
   // TODO: does it make sense to not trim the signature? more equivalence to raw...
   const content = await resp.text();
 
@@ -67,14 +92,14 @@ const prepareContentResponse = async (resp, request) => {
   } catch (_e) {}
 
   outResp.throwForStatus = () => {
-    _throwForStatus(outResp);
+    _throwForStatus(outResp, bundle);
   };
 
   return outResp;
 };
 
 // Provide a standardized plain JS responseObj for common consumption, or raw response for streaming.
-const prepareResponse = (resp) => {
+const prepareResponse = (resp, z, bundle) => {
   const request = resp.input;
   delete resp.input;
 
@@ -82,7 +107,7 @@ const prepareResponse = (resp) => {
     ? prepareRawResponse
     : prepareContentResponse;
 
-  return responseFunc(resp, request);
+  return responseFunc(resp, request, bundle);
 };
 
 module.exports = prepareResponse;

package/src/tools/create-logger.js

@@ -15,16 +15,8 @@ const {
   SAFE_LOG_KEYS,
 } = require('../constants');
 const { unheader } = require('./http');
-const {
-  scrub,
-  findSensitiveValues,
-  recurseExtract,
-} = require('@zapier/secret-scrubber');
-// not really a public function, but it came from here originally
-const {
-  isUrlWithSecrets,
-  isSensitiveKey,
-} = require('@zapier/secret-scrubber/lib/convenience');
+const { scrub, findSensitiveValues } = require('@zapier/secret-scrubber');
+const { findSensitiveValuesFromAuthData } = require('./secret-scrubber');
 
 // The payload size per request to stream logs. This should be slighly lower
 // than the limit (16 MB) on the server side.
@@ -32,70 +24,8 @@ const LOG_STREAM_BYTES_LIMIT = 15 * 1024 * 1024;
 
 const DEFAULT_LOGGER_TIMEOUT = 200;
 
-// Will be initialized lazily
-const SAFE_AUTH_DATA_KEYS = new Set();
-
 const sleep = promisify(setTimeout);
 
-const initSafeAuthDataKeys = () => {
-  // An authData key in (safePrefixes x safeSuffixes) is considered safe to log
-  // uncensored
-  const safePrefixes = [
-    'account',
-    'bot_user',
-    'cloud',
-    'cloud_site',
-    'company',
-    'domain',
-    'email',
-    'environment',
-    'location',
-    'org',
-    'organization',
-    'project',
-    'region',
-    'scope',
-    'scopes',
-    'site',
-    'subdomain',
-    'team',
-    'token_type',
-    'user',
-    'workspace',
-  ];
-  const safeSuffixes = ['', '_id', '_name', 'id', 'name'];
-  for (const prefix of safePrefixes) {
-    for (const suffix of safeSuffixes) {
-      SAFE_AUTH_DATA_KEYS.add(prefix + suffix);
-    }
-  }
-};
-
-const isUrl = (value) => {
-  if (!value || typeof value !== 'string') {
-    return false;
-  }
-  const commonProtocols = [
-    'https://',
-    'http://',
-    'ftp://',
-    'ftps://',
-    'file://',
-  ];
-  for (const protocol of commonProtocols) {
-    if (value.startsWith(protocol)) {
-      try {
-        // eslint-disable-next-line no-new
-        new URL(value);
-        return true;
-      } catch (e) {
-        return false;
-      }
-    }
-  }
-  return false;
-};
-
 const MAX_LENGTH = 3500;
 const truncateString = (str) => simpleTruncate(str, MAX_LENGTH, ' [...]');
 
@@ -188,35 +118,12 @@ const attemptFindSecretsInStr = (s, isGettingNewSecret) => {
   return findSensitiveValues(parsedRespContent);
 };
 
-const isSafeAuthDataKey = (key) => {
-  if (SAFE_AUTH_DATA_KEYS.size === 0) {
-    initSafeAuthDataKeys();
-  }
-  return SAFE_AUTH_DATA_KEYS.has(key.toLowerCase());
-};
-
 const buildSensitiveValues = (event, data) => {
   const bundle = event.bundle || {};
   const authData = bundle.authData || {};
-  // for the most part, we should censor all the values from authData
-  // the exception is safe urls, which should be filtered out - we want those to be logged
-  // but, we _should_ censor-no-matter-what sensitive keys, even if their value is a safe url
-  // this covers the case where someone's password is a valid url ¯\_(ツ)_/¯
-  const sensitiveAuthData = recurseExtract(authData, (key, value) => {
-    if (isSensitiveKey(key)) {
-      return true;
-    }
-    if (isSafeAuthDataKey(key)) {
-      return false;
-    }
-    if (isUrl(value) && !isUrlWithSecrets(value)) {
-      return false;
-    }
-    return true;
-  });
 
   const result = [
-    ...sensitiveAuthData,
+    ...findSensitiveValuesFromAuthData(authData),
     ...findSensitiveValues(process.env),
     ...findSensitiveValues(data),
   ];

package/src/tools/secret-scrubber.js

@@ -0,0 +1,98 @@
+'use strict';
+
+const { recurseExtract } = require('@zapier/secret-scrubber');
+const {
+  isUrlWithSecrets,
+  isSensitiveKey,
+} = require('@zapier/secret-scrubber/lib/convenience');
+
+// Will be initialized lazily
+const SAFE_AUTH_DATA_KEYS = new Set();
+
+const initSafeAuthDataKeys = () => {
+  // An authData key in (safePrefixes x safeSuffixes) is considered safe to log
+  // uncensored
+  const safePrefixes = [
+    'account',
+    'bot_user',
+    'cloud',
+    'cloud_site',
+    'company',
+    'domain',
+    'email',
+    'environment',
+    'location',
+    'org',
+    'organization',
+    'project',
+    'region',
+    'scope',
+    'scopes',
+    'site',
+    'subdomain',
+    'team',
+    'token_type',
+    'user',
+    'workspace',
+  ];
+  const safeSuffixes = ['', '_id', '_name', 'id', 'name'];
+  for (const prefix of safePrefixes) {
+    for (const suffix of safeSuffixes) {
+      SAFE_AUTH_DATA_KEYS.add(prefix + suffix);
+    }
+  }
+};
+
+const isSafeAuthDataKey = (key) => {
+  if (SAFE_AUTH_DATA_KEYS.size === 0) {
+    initSafeAuthDataKeys();
+  }
+  return SAFE_AUTH_DATA_KEYS.has(key.toLowerCase());
+};
+
+const isUrl = (value) => {
+  if (!value || typeof value !== 'string') {
+    return false;
+  }
+  const commonProtocols = [
+    'https://',
+    'http://',
+    'ftp://',
+    'ftps://',
+    'file://',
+  ];
+  for (const protocol of commonProtocols) {
+    if (value.startsWith(protocol)) {
+      try {
+        // eslint-disable-next-line no-new
+        new URL(value);
+        return true;
+      } catch (e) {
+        return false;
+      }
+    }
+  }
+  return false;
+};
+
+const findSensitiveValuesFromAuthData = (authData) =>
+  recurseExtract(authData, (key, value) => {
+    // for the most part, we should censor all the values from authData
+    // the exception is safe urls, which should be filtered out - we want those to be logged
+    // but, we _should_ censor-no-matter-what sensitive keys, even if their value is a safe url
+    // this covers the case where someone's password is a valid url ¯\_(ツ)_/¯
+    if (isSensitiveKey(key)) {
+      return true;
+    }
+    if (isSafeAuthDataKey(key)) {
+      return false;
+    }
+    if (isUrl(value) && !isUrlWithSecrets(value)) {
+      return false;
+    }
+    return true;
+  });
+
+module.exports = {
+  findSensitiveValuesFromAuthData,
+};

package/types/schemas.generated.d.ts

@@ -4,7 +4,7 @@
  * files, and/or the schema-to-ts tool and run its CLI to regenerate
  * these typings.
  *
- * zapier-platform-schema version: 17.6.0
+ * zapier-platform-schema version: 17.7.1
  *  schema-to-ts compiler version: 0.1.0
  */
 import type {
@@ -131,7 +131,8 @@ export interface BaseApp {
 
 /**
  * Represents a simplified semver string, from `0.0.0` to
- * `999.999.999`.
+ * `999.999.999` with optional simplified label. They need to be
+ * case-insensitive unique.
  */
 export type Version = string;
 
@@ -938,6 +939,12 @@ export interface BasicPollingOperation<
    * for the window is exceeded.
    */
   throttle?: ThrottleObject;
+
+  /**
+   * (Experimental) Should empty strings, `null`, `undefined`, and
+   * empty Arrays or objects be removed from `inputData`?
+   */
+  skipCleanArrayInputData?: boolean;
 }
 
 /**
@@ -1027,6 +1034,12 @@ export interface BasicHookOperation<
    * this belongs to a resource that has a top-level sample
    */
   sample?: Record<string, unknown>;
+
+  /**
+   * (Experimental) Should empty strings, `null`, `undefined`, and
+   * empty Arrays or objects be removed from `inputData`?
+   */
+  skipCleanArrayInputData?: boolean;
 }
 
 /**
@@ -1088,6 +1101,12 @@ export interface BasicHookToPollOperation<
    */
   sample?: Record<string, unknown>;
 
+  /**
+   * (Experimental) Should empty strings, `null`, `undefined`, and
+   * empty Arrays or objects be removed from `inputData`?
+   */
+  skipCleanArrayInputData?: boolean;
+
   /**
    * The maximum amount of time to wait between polling requests in
    * seconds. Minimum value is 20s and will default to 20 if not set,
@@ -1159,6 +1178,12 @@ export interface BasicActionOperation {
    * for the window is exceeded.
    */
   throttle?: ThrottleObject;
+
+  /**
+   * (Experimental) Should empty strings, `null`, `undefined`, and
+   * empty Arrays or objects be removed from `inputData`?
+   */
+  skipCleanArrayInputData?: boolean;
 }
 
 /** Represents the fundamental mechanics of a search. */
@@ -1229,6 +1254,12 @@ export interface BasicSearchOperation<
    * for the window is exceeded.
    */
   throttle?: ThrottleObject;
+
+  /**
+   * (Experimental) Should empty strings, `null`, `undefined`, and
+   * empty Arrays or objects be removed from `inputData`?
+   */
+  skipCleanArrayInputData?: boolean;
 }
 
 /** Represents the fundamental mechanics of a create. */
@@ -1299,6 +1330,12 @@ export interface BasicCreateOperation<
    */
   throttle?: ThrottleObject;
 
+  /**
+   * (Experimental) Should empty strings, `null`, `undefined`, and
+   * empty Arrays or objects be removed from `inputData`?
+   */
+  skipCleanArrayInputData?: boolean;
+
   /**
    * Currently an **internal-only** feature. Zapier uses this
    * configuration for creating objects in bulk with `performBuffer`.
@@ -1382,6 +1419,12 @@ export interface BasicOperation {
    * for the window is exceeded.
    */
   throttle?: ThrottleObject;
+
+  /**
+   * (Experimental) Should empty strings, `null`, `undefined`, and
+   * empty Arrays or objects be removed from `inputData`?
+   */
+  skipCleanArrayInputData?: boolean;
 }
 
 /**
@@ -1466,11 +1509,7 @@ export interface PlainOutputField {
 }
 
 /** An array or collection of input field groups. */
-export type InputFieldGroups = {
-  key: Key;
-  label: string;
-  emphasize: boolean;
-}[];
+export type InputFieldGroups = InputFieldGroup[];
 
 /**
  * Zapier uses this configuration to ensure this action is performed
@@ -1681,6 +1720,18 @@ export interface PlainInputField {
   group?: Key;
 }
 
+/** Object for visual grouping of input fields. */
+export interface InputFieldGroup {
+  /** The unique identifier for this group. */
+  key: Key;
+
+  /** The human-readable name for the group. */
+  label?: string;
+
+  /** Whether this group should be visually emphasized in the UI. */
+  emphasize?: boolean;
+}
+
 /**
  * Reference a resource by key and the data it returns. In the
  * format of: `{resource_key}.{foreign_key}(.{human_label_key})`.