Skip to content

feat: SDK update for version 22.3.0#334

Merged
ChiragAgg5k merged 1 commit into
masterfrom
dev
Jun 25, 2026
Merged

feat: SDK update for version 22.3.0#334
ChiragAgg5k merged 1 commit into
masterfrom
dev

Conversation

@ChiragAgg5k

@ChiragAgg5k ChiragAgg5k commented Jun 25, 2026

Copy link
Copy Markdown
Member

This PR contains updates to the SDK for version 22.3.0.

What's Changed

  • Added: Regional cloud endpoints are now derived from your configured endpoint in init and push
  • Added: push creates a default function proxy rule when an existing function is missing one
  • Added: push aborts and asks you to re-run when tablesDB deletions change the config
  • Fixed: Unauthorized sessions now retry an OAuth token refresh before logging out
  • Fixed: Auth security policies limit, sessionsLimit, and passwordHistory now accept null for unlimited
  • Updated: push applies service, protocol, auth method, and policy updates concurrently
  • Updated: Verbose error logs now include code, type, and response details

@ChiragAgg5k ChiragAgg5k changed the title feat: Command Line SDK update for version 22.3.0 feat: SDK update for version 22.3.0 Jun 25, 2026
@greptile-apps

greptile-apps Bot commented Jun 25, 2026

Copy link
Copy Markdown

Greptile Summary

This PR bumps the CLI SDK to version 22.3.0 and ships several functional improvements: regional cloud endpoints are now derived from the user's configured endpoint rather than a hardcoded default; push detects and creates missing proxy rules for existing functions; settings/protocol/auth-method updates are now issued concurrently; auth security policy fields (limit, sessionsLimit, passwordHistory) accept null for unlimited; and verbose error logs now include code, type, and response fields.

  • Auth retry: getCurrentAccount now attempts an OAuth token refresh before removing a session on 401, with the refresh path silently swallowing all errors (including transient ones) before calling removeCurrentSession().
  • Concurrent push: pushSettings now fans out service, protocol, auth-method, and mock-number updates with Promise.all instead of sequential awaits.
  • Function proxy rule: createDefaultFunctionRule is refactored into a shared helper used for both new and pre-existing functions, with a regional domain rewrite applied when the endpoint is a known cloud region.

Confidence Score: 3/5

The PR is mostly safe, but the auth retry path in login.ts can silently remove a freshly-refreshed session whenever the subsequent Account.get() call fails for any reason other than auth failure.

The auth recovery block in login.ts swallows all errors from the post-refresh Account.get() call and unconditionally proceeds to removeCurrentSession(). A transient 500 or network timeout after a successful token refresh will silently log the user out, even though their token is now valid. The rest of the changes — concurrent push, nullable policy totals, regional endpoint derivation, and the function proxy rule helper — are straightforward and well-handled.

lib/auth/login.ts deserves a close look at the inner catch block and when removeCurrentSession() should and should not be reached after a successful token refresh.

Important Files Changed

Filename Overview
lib/auth/login.ts Adds OAuth token refresh retry before logging out; any error on the post-refresh Account.get() call (not just auth errors) causes unintended session removal.
lib/commands/push.ts Large refactor: concurrency for settings updates, function proxy rule creation for existing functions, sites prompt moved inside pushResources, error formatting, and tablesDB resync gate.
lib/commands/init.ts Regional endpoint now derived from the user's configured endpoint instead of always using the hardcoded DEFAULT_ENDPOINT; logic is correct.
lib/utils.ts Adds getCloudEndpointRegion and getCloudConsoleHostname; policyTotal now maps 0 to null for the "unlimited" representation; all logic is correct.
lib/parser.ts Adds formatErrorForLog to include code/type/response fields in verbose stack traces; straightforward and safe.
lib/sdks.ts getValidAccessToken gains an optional forceRefresh flag to bypass the cached-token early return; sdkForConsole gains organizationId forwarding.
lib/commands/config.ts Adds .nullable() to limit, sessionsLimit, and passwordHistory in the Zod schema to allow null for unlimited values.
lib/config.ts _addDBEntity now creates a shallow copy of the entities array before mutation rather than relying on in-place mutation of the stored reference; safe refactor.

Comments Outside Diff (1)

  1. lib/auth/login.ts, line 87-101 (link)

    P1 Silent session removal on any post-refresh error

    After getValidAccessToken successfully obtains a new token (step 1 of the recovery), if new Account(refreshedClient).get() fails for any non-auth reason — a 500, a timeout, a DNS hiccup — the catch (_refreshError) block swallows the error and execution falls through to removeCurrentSession(). This removes a now-valid session, silently logging the user out due to a transient server/network issue. The session should only be removed if the failure on the post-refresh Account.get() call is itself an unauthorized error, not for all errors.

Reviews (1): Last reviewed commit: "chore: update Command Line SDK to 22.3.0" | Re-trigger Greptile

Comment thread lib/commands/push.ts
Comment on lines +829 to +833
const domains = variables["_APP_DOMAIN_FUNCTIONS"]
.split(",")
.map((value) => value.trim())
.filter((value) => value.length > 0);

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P2 Unguarded property access on _APP_DOMAIN_FUNCTIONS

If the console variables response does not include _APP_DOMAIN_FUNCTIONS (e.g., on a self-hosted instance that hasn't set it), variables["_APP_DOMAIN_FUNCTIONS"] is undefined, and calling .split(",") on it immediately throws a TypeError. This is caught by the surrounding try/catch, but the logged message "Error fetching console variables." obscures the actual cause. A null/undefined check before .split would produce a much clearer "_APP_DOMAIN_FUNCTIONS is not configured." error via the existing guard on domains.length === 0.

@ChiragAgg5k ChiragAgg5k merged commit 3b8166a into master Jun 25, 2026
2 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants