Skip to content

chore(auth): route browser-flow prompts + diagnostics to stderr#98

Open
crowlbot wants to merge 1 commit into
mainfrom
feat/agent-stdio-discipline
Open

chore(auth): route browser-flow prompts + diagnostics to stderr#98
crowlbot wants to merge 1 commit into
mainfrom
feat/agent-stdio-discipline

Conversation

@crowlbot
Copy link
Copy Markdown
Contributor

@crowlbot crowlbot commented May 13, 2026

Summary

Stacked on #96. Small stdio-discipline pass that routes four sites in `auth.ts` from stdout → stderr, so `--json` callers (and anyone piping the CLI's stdout) stop seeing human chatter mixed into the machine-readable stream.

Touched sites

  • `getAuth` browser prompt: `"Visit to authorize deploying your project."` — this is directed at the human at the terminal; on stderr it doesn't corrupt a piped JSON payload.
  • `tokenExchange` success message: `"Authorization successful. Authenticated as "` — status, not data; stderr.
  • `authedFetch` 401 fallback: the response body it logs is a diagnostic; now gated on `--debug` and emitted to stderr (was unconditional stdout).
  • `retryLink` debug dump: `console.log(opts)` → `console.error(opts)`. The only debug write in `auth.ts` that was still on stdout.

The keychain-unavailable warning was already moved to stderr in #91.

What's intentionally NOT in this PR

  • `publish.ts` progress text ("Generated hashes", upload progress) — already suppressed in `--json` mode; moving it on the human path would be a behavior change for existing shell scripts piping `deno deploy publish`. Leaving for a separate audit.
  • `setup-cloud.ts` decorative gray text — same reasoning.

Test plan

  • `deno fmt` / `deno lint` / `deno check` clean.
  • `deno test -A tests/agent.test.ts` — 7/7 pass.
  • No new stdout writes. Existing `--json` envelope tests still pass.

🤖 Generated with Claude Code

@crowlbot crowlbot mentioned this pull request May 13, 2026
Closed
3 tasks
@crowlbot @claude
chore(auth): route browser-flow prompts + diagnostics to stderr
4976b32 
Move four log sites from stdout to stderr so that `--json` callers
(and anyone piping the CLI's stdout) stop seeing human/diagnostic
chatter mixed into machine-readable output:

- The OAuth browser-flow prompt ("Visit ... to authorize ..."): this
  is a prompt directed at the human at the terminal; it belongs on
  stderr, not on stdout where it would corrupt a piped JSON payload.
- "Authorization successful. Authenticated as ...": status message,
  not data; stderr.
- The 401 response body that `authedFetch` logs when re-authenticating:
  always a diagnostic; gated on `--debug` and emitted to stderr.
- The retry-link's `console.log(opts)` debug dump: stderr (was the
  only stdout debug write in auth.ts).

The keychain-unavailable warning was already moved to stderr in #91.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
@crowlbot crowlbot force-pushed the feat/agent-stdio-discipline branch from 79cac20 to 4976b32 Compare May 29, 2026 13:54
@crowlbot crowlbot changed the base branch from feat/agent-docs to main May 29, 2026 13:54
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@crowlbot