feat: SDK update for version 22.1.0#325
Conversation
Greptile SummaryThis PR bumps the CLI to v22.1.0 and ships three main changes: OAuth2 device-flow login (behind the
Confidence Score: 5/5Safe to merge; the core login/session refactor is well-structured, all callers restore session state correctly after logout, and previously flagged issues have been addressed. The auth refactoring correctly delegates to focused modules without introducing regressions in the logout flow. The logoutSessions function has an unnecessary setCurrentSession side-effect inside its loop, but every call site restores the current session afterward so no functional breakage occurs. The new oauth-2 commands have a UX quirk with underscore-embedded option names and expose client secrets as CLI arguments, but neither causes incorrect behavior. lib/commands/services/oauth-2.ts warrants a second look for the option-naming convention and secret-handling approach before wider rollout.
|
| Filename | Overview |
|---|---|
| lib/auth/login.ts | New file: extracts login logic from generic.ts, adds OAuth2 device-flow path controlled by the oauthLogin feature flag; error recovery and session cleanup on failure are handled correctly. |
| lib/auth/oauth.ts | New file: implements RFC 8628 device-code polling with correct slow_down back-off, safe base64url ID-token decode, and refresh-token revocation helper. |
| lib/auth/session.ts | New file: session management helpers; logoutSessions unnecessarily mutates currentSession inside the loop as a leftover from the old implementation, though all current callers restore it afterward. |
| lib/commands/generic.ts | Refactored: login/logout/session logic delegated to auth/* modules; whoami check upgraded from cookie-only to hasAuthSession(); logic is correct. |
| lib/sdks.ts | Added getValidAccessToken with token-refresh logic; the tokenExpiry===0 fast-path correctly allows use of a token whose expiry was never persisted. |
| lib/commands/services/oauth-2.ts | New file: OAuth2 CLI commands; --grant-_id style option names are unusual and unintuitive; --client-_secret is passed as a plain CLI argument, exposing it in process tables. |
| lib/commands/services/messaging.ts | Added create-ses-provider and update-ses-provider commands following the existing provider pattern; no issues. |
| lib/commands/services/organizations.ts | Invoice download/view commands now accept --destination, fetch the URL, check response.ok, and write the buffer to disk. |
| lib/commands/services/project.ts | Added update-o-auth-2-server, update-deny-corporate-email-policy, update-password-strength-policy, and --user-accessed-at option; policy/service ID lists updated correctly. |
| lib/flags.ts | New file: central feature-flag registry gating oauthLogin and devCloudLogin via environment variables; clean implementation. |
| lib/commands/push.ts | Added getConsoleUrlProjectRegion with per-project caching to build correct console URLs for function/site deployments. |
Reviews (2): Last reviewed commit: "chore: update Command Line SDK to 22.1.0" | Re-trigger Greptile
This PR contains updates to the SDK for version 22.1.0.
What's Changed
organization get-invoice-downloadandget-invoice-viewnow save the invoice to disk via--destinationoauth2command group (authorize,create-token,create-grant,get-grant,approve,reject,revoke,logout,create-device-authorization)messaging create-ses-providerandupdate-ses-providercommands for Amazon SESproject update-o-auth-2-servercommand to configure the OIDC providerproject update-deny-corporate-email-policycommandproject update-password-strength-policycommand--dedicated-database-idoption totables-db create@appwrite.io/consoledependency to^15.0.0