Skip to content

feat: SDK update for version 22.5.0#336

Merged
ChiragAgg5k merged 2 commits into
masterfrom
dev
Jul 9, 2026
Merged

feat: SDK update for version 22.5.0#336
ChiragAgg5k merged 2 commits into
masterfrom
dev

Conversation

@ChiragAgg5k

@ChiragAgg5k ChiragAgg5k commented Jul 9, 2026

Copy link
Copy Markdown
Member

This PR contains updates to the SDK for version 22.5.0.

Built against @appwrite.io/console@15.3.0-rc.1 (preview published from preview-1.9.x-rc under the next npm tag).

What's Changed

  • Updated: tablesdb create now takes --specification instead of --dedicated-database-id
  • Updated: Removed health get-queue-logs command
  • Added: notifications command group for console notifications
  • Added: organization get, update, and delete commands
  • Added: organization list-memberships, create-membership, get-membership, update-membership, and delete-membership commands
  • Added: tablesdb list-migrations, create-migration, get-migration, and delete-migration commands for dedicated database migrations
  • Added: oauth2 create-par, list-organizations, and list-projects commands
  • Added: --request-_uri option on oauth2 authorize; client ID, redirect URI, and response type are now optional
  • Added: projects list-addons, get-addon, delete-addon, confirm-addon-payment, and get-addon-price commands
  • Added: create-premium-geo-db-addon command on projects and organizations
  • Added: account list-logs, teams list-logs, and users list-logs commands
  • Added: health get-geo and get-geo-premium commands
  • Added: --new-specification option on backups create-restoration
  • Added: --prompt and --max-age options on project update-o-auth-2-oidc
  • Fixed: Project config validation now sends the X-Appwrite-Project header, fixing 401 errors for guest sessions
  • Fixed: Update check now reads the latest version from the Homebrew tap instead of stale local metadata

@ChiragAgg5k ChiragAgg5k changed the title feat: Command Line SDK update for version 22.5.0 feat: SDK update for version 22.5.0 Jul 9, 2026
@greptile-apps

greptile-apps Bot commented Jul 9, 2026

Copy link
Copy Markdown

Greptile Summary

This is the CLI SDK release for Appwrite version 22.5.0, adding new commands across several services and bumping the @appwrite.io/console dependency. The changes are primarily generated SDK surface — new service commands, option additions, and one deletion.

  • New commands added: notifications list/update, full org CRUD and membership management under organization, billing addon operations under projects, OAuth2 PAR (create-par, list-organizations, list-projects), TablesDB migration CRUD, health get-geo / get-geo-premium, account/teams/users list-logs, plus a --request-_uri option on oauth2 authorize and --specification replacing --dedicated-database-id on tablesdb create.
  • Infrastructure changes: lib/utils.ts now fetches the latest Homebrew formula version directly from the tap's GitHub raw URL (with fallback); lib/config-filters.ts adds the missing X-Appwrite-Project: console header; .github/workflows/publish.yml adds a pre-publish lockfile drift check and npm audit.
  • Dependency concern: @appwrite.io/console was changed from \"^15.1.1\" to the exact pre-release pin \"15.3.0-rc.1\", which ships an RC into the published npm package and prevents automatic adoption of a GA release.

Confidence Score: 3/5

Safe to merge for the command additions, but publishing to npm with an RC pre-release dependency means every end-user install will pull in that RC — if it is deprecated or removed before a stable pin is committed, installs of the published package will break.

The bulk of the change is generated SDK surface (new CLI commands, option additions, one removal) and looks correct. The lib/config-filters.ts header fix and the Homebrew remote-fetch fallback are both well-handled. The main concern is @appwrite.io/console being pinned to an RC version in the published package — an RC that gets yanked or left un-promoted would break all installs of this CLI release without a patch.

package.json — the @appwrite.io/console RC pin needs to be resolved to a stable release before this is published. .github/workflows/publish.yml — the lockfile drift check is fragile across npm versions.

Important Files Changed

Filename Overview
package.json Bumps @appwrite.io/console from ^15.1.1 to the exact pre-release 15.3.0-rc.1; removes version range flexibility and ships an RC into the production npm package
lib/utils.ts Adds remote Homebrew formula fetch to get the latest version directly from GitHub raw URL, with fallback to local brew info; error handling is correct but fetch reuses the command timeout for network I/O
lib/constants.ts Version bumped to 22.5.0 and new HOMEBREW_TAP_FORMULA_URL constant added for the tap formula raw URL
lib/config-filters.ts Adds missing X-Appwrite-Project: console header to the project config fetch request
.github/workflows/publish.yml Adds a pre-publish step that verifies package-lock.json is not drifted from package.json and runs npm audit --audit-level=high; will fail if lockfile needs regeneration across npm versions
lib/commands/services/oauth-2.ts Adds PAR support: new create-par, list-organizations, list-projects commands; authorize params loosened from required to optional to support --request-_uri PAR flow
lib/commands/services/notifications.ts New service module implementing list and update commands for console user notifications
lib/commands/services/organization.ts Adds get, update, delete, and full membership CRUD commands to the single-organization service
lib/commands/services/projects.ts Adds billing addon commands: list-addons, create-premium-geo-db-addon, get-addon, delete-addon, confirm-addon-payment, and get-addon-price
lib/commands/services/tables-db.ts Renames --dedicated-database-id option to --specification in create command; adds migration CRUD commands for TablesDB
lib/commands/services/health.ts Adds get-geo and get-geo-premium commands; removes the deprecated get-queue-logs command

Fix All in Claude Code Fix All in Codex

Prompt To Fix All With AI
Fix the following 3 code review issues. Work through them one at a time, proposing concise fixes.

---

### Issue 1 of 3
package.json:54
**RC pre-release pinned as production dependency**

`@appwrite.io/console` is pinned to `15.3.0-rc.1`, a pre-release release candidate, without a caret. When `appwrite-cli@22.5.0` is published to npm, every `npm install appwrite-cli` will pull in this RC. If `15.3.0-rc.1` is deprecated, unpublished, or yanked before a stable version is pinned here, fresh installs of `22.5.0` will fail. And since there is no caret, a final `15.3.0` GA release will not be picked up automatically — the lockfile and `package.json` would need a manual bump.

### Issue 2 of 3
lib/utils.ts:354-356
**Network timeout shared with CLI command timeout**

`AbortSignal.timeout(options.timeoutMs ?? DEFAULT_HOMEBREW_COMMAND_TIMEOUT_MS)` reuses the Homebrew CLI execution timeout for an outbound network request to GitHub. The defaults for a CLI subprocess call and a GitHub raw-content fetch are often very different — network latency on slow connections could exhaust a timeout that was calibrated for a local process, causing the version check to silently fall through more often than intended. Consider a dedicated, shorter timeout constant (e.g. 3–5 s) for the remote fetch.

### Issue 3 of 3
.github/workflows/publish.yml:146-151
**Lock-drift check may produce false failures across npm versions**

`npm install --package-lock-only` regenerates `package-lock.json` using the npm version present on the runner. If CI uses a different npm version than the one used to commit the lockfile (e.g. a developer on npm 10 vs the runner on npm 9 or vice-versa), the regenerated lockfile will differ in formatting or resolved fields and `git diff --exit-code` will fail — blocking the publish even when there is no real drift. Pinning the npm version in this step (e.g. `npm install -g npm@<version>`) or documenting the exact required npm version would avoid spurious failures.

Reviews (1): Last reviewed commit: "(build): pin @appwrite.io/console to 15...." | Re-trigger Greptile

Comment thread package.json
},
"dependencies": {
"@appwrite.io/console": "^15.1.1",
"@appwrite.io/console": "15.3.0-rc.1",

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P1 RC pre-release pinned as production dependency

@appwrite.io/console is pinned to 15.3.0-rc.1, a pre-release release candidate, without a caret. When appwrite-cli@22.5.0 is published to npm, every npm install appwrite-cli will pull in this RC. If 15.3.0-rc.1 is deprecated, unpublished, or yanked before a stable version is pinned here, fresh installs of 22.5.0 will fail. And since there is no caret, a final 15.3.0 GA release will not be picked up automatically — the lockfile and package.json would need a manual bump.

Prompt To Fix With AI
This is a comment left during a code review.
Path: package.json
Line: 54

Comment:
**RC pre-release pinned as production dependency**

`@appwrite.io/console` is pinned to `15.3.0-rc.1`, a pre-release release candidate, without a caret. When `appwrite-cli@22.5.0` is published to npm, every `npm install appwrite-cli` will pull in this RC. If `15.3.0-rc.1` is deprecated, unpublished, or yanked before a stable version is pinned here, fresh installs of `22.5.0` will fail. And since there is no caret, a final `15.3.0` GA release will not be picked up automatically — the lockfile and `package.json` would need a manual bump.

How can I resolve this? If you propose a fix, please make it concise.

Fix in Claude Code Fix in Codex

Comment thread lib/utils.ts
Comment on lines +354 to +356
const signal = AbortSignal.timeout(
options.timeoutMs ?? DEFAULT_HOMEBREW_COMMAND_TIMEOUT_MS,
);

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P2 Network timeout shared with CLI command timeout

AbortSignal.timeout(options.timeoutMs ?? DEFAULT_HOMEBREW_COMMAND_TIMEOUT_MS) reuses the Homebrew CLI execution timeout for an outbound network request to GitHub. The defaults for a CLI subprocess call and a GitHub raw-content fetch are often very different — network latency on slow connections could exhaust a timeout that was calibrated for a local process, causing the version check to silently fall through more often than intended. Consider a dedicated, shorter timeout constant (e.g. 3–5 s) for the remote fetch.

Prompt To Fix With AI
This is a comment left during a code review.
Path: lib/utils.ts
Line: 354-356

Comment:
**Network timeout shared with CLI command timeout**

`AbortSignal.timeout(options.timeoutMs ?? DEFAULT_HOMEBREW_COMMAND_TIMEOUT_MS)` reuses the Homebrew CLI execution timeout for an outbound network request to GitHub. The defaults for a CLI subprocess call and a GitHub raw-content fetch are often very different — network latency on slow connections could exhaust a timeout that was calibrated for a local process, causing the version check to silently fall through more often than intended. Consider a dedicated, shorter timeout constant (e.g. 3–5 s) for the remote fetch.

How can I resolve this? If you propose a fix, please make it concise.

Note: If this suggestion doesn't match your team's coding style, reply to this and let me know. I'll remember it for next time!

Fix in Claude Code Fix in Codex

Comment on lines +146 to +151
run: |
# CLI builds with Bun, but npm audit reads package-lock.json.
# update-lockfiles.sh updates both lockfiles; this catches npm lock drift.
npm install --package-lock-only --ignore-scripts
git diff --exit-code package-lock.json
npm audit --audit-level=high --omit=dev

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P2 Lock-drift check may produce false failures across npm versions

npm install --package-lock-only regenerates package-lock.json using the npm version present on the runner. If CI uses a different npm version than the one used to commit the lockfile (e.g. a developer on npm 10 vs the runner on npm 9 or vice-versa), the regenerated lockfile will differ in formatting or resolved fields and git diff --exit-code will fail — blocking the publish even when there is no real drift. Pinning the npm version in this step (e.g. npm install -g npm@<version>) or documenting the exact required npm version would avoid spurious failures.

Prompt To Fix With AI
This is a comment left during a code review.
Path: .github/workflows/publish.yml
Line: 146-151

Comment:
**Lock-drift check may produce false failures across npm versions**

`npm install --package-lock-only` regenerates `package-lock.json` using the npm version present on the runner. If CI uses a different npm version than the one used to commit the lockfile (e.g. a developer on npm 10 vs the runner on npm 9 or vice-versa), the regenerated lockfile will differ in formatting or resolved fields and `git diff --exit-code` will fail — blocking the publish even when there is no real drift. Pinning the npm version in this step (e.g. `npm install -g npm@<version>`) or documenting the exact required npm version would avoid spurious failures.

How can I resolve this? If you propose a fix, please make it concise.

Fix in Claude Code Fix in Codex

@ChiragAgg5k ChiragAgg5k merged commit 048ffff into master Jul 9, 2026
2 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants