Conversation
…chema fix(sdk): validate auth user profile types
…d-helpers refactor(codemod): share ast-grep helpers
# Conflicts: # packages/create-sdk/CHANGELOG.md # packages/create-sdk/package.json # packages/sdk/CHANGELOG.md # packages/sdk/docs/cli/setup.md # packages/sdk/docs/runtime.md # packages/sdk/docs/testing.md # packages/sdk/knip.json # packages/sdk/package.json # packages/sdk/src/cli/commands/api.test.ts # packages/sdk/src/cli/commands/deploy/resolver.test.ts # packages/sdk/src/cli/commands/deploy/resolver.ts # packages/sdk/src/cli/commands/function/logs.test.ts # packages/sdk/src/cli/commands/generate/service.test.ts # packages/sdk/src/cli/commands/setup/check.ts # packages/sdk/src/cli/commands/setup/index.ts # packages/sdk/src/cli/commands/setup/lock.test.ts # packages/sdk/src/cli/crashreport/sanitize.test.ts # packages/sdk/src/cli/crashreport/sender.test.ts # packages/sdk/src/cli/services/auth/bundler.test.ts # packages/sdk/src/cli/services/tailordb/hooks-validate-bundler.ts # packages/sdk/src/cli/services/workflow/ast-transformer.test.ts # packages/sdk/src/cli/services/workflow/bundler.test.ts # packages/sdk/src/cli/services/workflow/trigger-transformer.ts # packages/sdk/src/cli/shared/context.test.ts # packages/sdk/src/cli/shared/context.ts # packages/sdk/src/cli/shared/function-script-download.test.ts # packages/sdk/src/cli/shared/runtime-exprs.test.ts # packages/sdk/src/cli/shared/type-generator.test.ts # packages/sdk/src/cli/shared/type-generator.ts # packages/sdk/src/configure/services/auth/index.test.ts # packages/sdk/src/configure/services/resolver/resolver.test.ts # packages/sdk/src/configure/services/tailordb/schema.test.ts # packages/sdk/src/configure/services/workflow/job.test.ts # packages/sdk/src/configure/services/workflow/job.ts # packages/sdk/src/configure/types/type.test.ts # packages/sdk/src/parser/service/tailordb/field.ts # packages/sdk/src/runtime/file.test.ts # packages/sdk/src/runtime/globals.ts # packages/sdk/src/vitest/workflow-runtime.ts # packages/sdk/tsdown.config.ts
# Conflicts: # example/package.json # package.json # packages/create-sdk/package.json # packages/sdk-codemod/package.json # packages/sdk/CHANGELOG.md # packages/sdk/src/cli/commands/login.test.ts # packages/sdk/src/cli/commands/login.ts # packages/sdk/src/cli/commands/profile/update.ts # packages/sdk/src/cli/commands/user/pat/list.test.ts # packages/sdk/src/cli/commands/user/pat/user.ts # packages/sdk/src/cli/commands/user/switch.test.ts # packages/sdk/src/cli/commands/user/switch.ts # packages/sdk/src/cli/shared/context.test.ts # packages/sdk/src/cli/shared/context.ts # packages/sdk/src/cli/shared/type-generator.ts # packages/sdk/src/configure/services/auth/types.ts # packages/sdk/src/configure/services/tailordb/schema.ts # packages/sdk/tsdown.config.ts # pnpm-lock.yaml
# Conflicts: # packages/create-sdk/CHANGELOG.md # packages/create-sdk/package.json # packages/sdk/CHANGELOG.md # packages/sdk/docs/cli/application.md # packages/sdk/package.json # packages/sdk/src/cli/commands/deploy/deploy.ts # packages/sdk/src/cli/commands/deploy/executor.ts # packages/sdk/src/cli/commands/deploy/index.ts
Running `tailor <name>` for an unknown subcommand execs an external `tailor-<name>` binary resolved from the project's node_modules/.bin (nearest first) or PATH, forwarding all following args. Works for unknown subcommands nested under a known command too (`tailor tailordb erd` -> `tailor-tailordb-erd`). Builtins always take precedence, matching stops at the first unknown segment, and a command that defines its own run is never replaced. Before dispatching, the CLI injects the current platform context as env so plugins do not re-implement auth or re-resolve the active workspace: TAILOR_PLATFORM_TOKEN, TAILOR_PLATFORM_URL, TAILOR_PLATFORM_OAUTH2_CLIENT_ID, TAILOR_PLATFORM_WORKSPACE_ID, TAILOR_PLATFORM_USER, TAILOR_CONFIG_PATH, TAILOR_VERSION, and TAILOR_BIN. Token, workspace, and user are best-effort so auth-free plugins still run when not logged in. Adds `tailor auth token` (print a valid access token, refreshing it if expired, for plugins/scripts) and `tailor plugin list` (list discovered plugins and where they resolve from). The root --help notes point users to `tailor plugin list`.
Adapts CLI plugin support to v2's refactored client API (getPlatformBaseUrl/getOAuth2ClientId) and docs template format, and marks the plugin feature as beta in the CLI help, docs, and changeset.
Resolve conflicts from parallel test refactors on v2: reconcile test.each table-driven rewrites with this branch's UUIDString/ DateString/Timestamp scalar tightening, restoring date/datetime edge-case coverage that the v2 shrink pass had dropped.
…e-types feat(sdk): tighten Tailor field output types
buildPluginEnv now resolves the active profile's platform URL and OAuth2 client ID (via loadPlatformClientConfig) so a plugin dispatched under a profile targeting a non-default platform receives a consistent URL/token/workspace instead of the default endpoint. Also hardens Windows executable handling: buildSpawnTarget runs .com like a native .exe and dispatches .ps1 through PowerShell, isExecutable rejects files whose extension is not in PATHEXT (so data files are not listed as plugins), and the PATHEXT fallback includes .COM.
resolvePlugin now rejects plugin names containing path separators or NUL before joining them into a filesystem path, so a name like `../evil` cannot escape the `<cli>-` prefix and resolve an unintended executable. Also enables the plugin test suites on Windows (cross-platform capture fixture using a `.cmd` wrapper) and adds a dedicated `Plugin tests (Windows)` CI job, since the main SDK unit suite only runs on Linux and the Windows PATHEXT/`.cmd`/`.ps1` dispatch branches were previously untested. Corrects the auth/token readonly-guard comment to note it may refresh via the OAuth server and persist tokens locally, without mutating workspace/platform state.
node:fs globSync yields backslash paths on Windows, which vitest treats as invalid include globs (backslash is an escape in the matcher), so the Plugin tests (Windows) job resolved zero files and exited 1. Normalize the classified unit-test paths to forward slashes so discovery and the vitest run <file> filter work on win32 (no-op on POSIX).
Replace the separator-sensitive positional file filter (which resolved zero files on Windows) with a dedicated "unit-plugin" vitest project that includes only the CLI plugin test. The Windows CI job selects it with --project unit-plugin, and the unit* glob still runs it on Linux; it is excluded from the general unit split so it does not run twice. Reverts the earlier forward-slash include normalization, now unnecessary.
feat(cli): plugin dispatch with shared auth (root & nested)
Register the v2/strict-scalar-strings migration guidance for the strict UUID/date/datetime/time/decimal field string types introduced on v2. The entry documents the new scalar shapes and is*/parse*/assert*String helpers in the generated migration guide, and flags likely-affected files (getDB / toISOString / mockIdp usage and old "mock-id" fixtures) for LLM-assisted review during tailor upgrade.
Pattern-scoped review flags miss projects whose only breakage does not mention getDB / toISOString / mockIdp (e.g. invalid id fixtures), so drop the suspicious patterns and let the runner emit the prompt as project-wide guidance.
feat(codemod): add v2 strict scalar strings migration entry
# Conflicts: # .github/workflows/changeset-check.yml # docs/getting-started.md # llm-challenge/package.json # package.json # packages/create-sdk/CHANGELOG.md # packages/create-sdk/package.json # packages/sdk-codemod/CHANGELOG.md # packages/sdk-codemod/package.json # packages/sdk/CHANGELOG.md # packages/sdk/package.json # packages/sdk/src/cli/commands/deploy/resolver.ts # packages/sdk/src/configure/services/tailordb/schema.ts # packages/sdk/src/configure/types/type.ts # pnpm-lock.yaml
Field and type-level hooks and validators are now compiled into a single per-type create/update script. Hooks receive a `now` (Date) shared across every field hooked in the same operation, so multiple fields can be stamped with one identical timestamp.
… preserve Create-input optionality The platform derives GraphQL Create-input optionality from the presence of a field-level create hook, not from type_hook. Emit a passthrough create hook (`_value`) per field so required hooked fields stay optional in input; the real shared-now logic in type_hook runs afterward and overwrites the value.
…oto field Add .default() builder method for TailorDBField with TypeLevelError type guards. Regenerate proto bindings to use optionalOnCreate instead of field-level hook placeholder, resolving type_hook coexistence conflict.
…y field validators
- Add type-level validate function form to .validate() accepting (args, issues) callback
- Field validators now return string (error) | void (pass) instead of [fn, message] tuple
- Type-safe field path autocomplete for issues() via DottedPaths utility type
- Full pipeline: configure -> parser -> bundler -> snapshot -> manifest
- Hook functions use newRecord/oldRecord args matching platform _input/_oldRecord variables
- Field validators receive { newValue, oldValue } only
…to single function
Replace Hooks<F> (per-field mapping) with TypeHook<F> ({ create?, update? })
where each function receives { input, oldRecord, invoker, now } and returns
partial field overrides. Also rename HookFn parameter from newRecord to input
since hooks operate on pre-record input.
- Add TypeHookFn and TypeHook types to configure/services/tailordb/types.ts
- Change .hooks() builder to store _typeHook instead of distributing to fields
- Add typeHook to Zod schema and regenerate types
- Update createTailorDBHook test helper to apply type-level hooks
- Update buildTypeScripts to accept options object with typeHookExpr
- Update example and template code to new hooks API
…ge pattern PENDING_USAGE_PATTERN only allowed \s* after the colon in `prereleaseUntil: V2_NEXT_PENDING,`, not before it, so a manual edit like `prereleaseUntil : V2_NEXT_PENDING,` would fail to match.
Address review feedback: deleting the whole SDK output directory also removes deploy state (secrets-state/, *.context.json) that existing secrets and Auth Connections depend on. Narrow the notice and changeset to recommend deleting only the listed legacy artifacts.
…before checkout With commitMode: "github-api", changesets/action's pushChanges() calls commitChangesSinceBase() to push the version-bump diff to the remote release PR branch via the API, but never commits or cleans up the local worktree — changeset version's file edits (package.json bumps, CHANGELOG.md, consumed .changeset/*.md deletions) are left dirty locally. gh pr checkout then fails with "local changes would be overwritten" on every run that actually creates or updates a release PR, regardless of whether there's a pending codemod to resolve. Reproduced locally: dirtying a tracked file and checking out a different commit fails the same way; running git reset --hard --quiet first (discarding the leftover diff, since the same content already lives on the remote PR branch we're about to check out) lets it succeed. Reported by dqn in review.
The lint-clean rationale was wrong: reachesCodemodBoundary, effectiveCodemodBoundary, and assertCodemodBoundaries already reference V2_NEXT_PENDING unconditionally, so it's never actually unused regardless of whether a codemod entry sets it. The real reason it's exported is so registry.test.ts can reference the sentinel directly.
resolvePendingBoundaries() required resolvedVersion to be a 2.0.0-next.N prerelease whenever a pending boundary exists, so a release that skips straight from prerelease to stable 2.0.0 would throw and fail the release workflow step. That's a valid outcome though: reachesCodemodBoundary() in registry.ts already treats a pending codemod as reached once the target hits the stable until boundary, so no concrete V2_NEXT_N constant is needed for it to keep working. Treat it as a no-op instead. Also allow the V2_NEXT_PENDING declaration (and its preceding JSDoc) to be indented, not just column-0, for the same formatting-robustness reason as the earlier whitespace tolerance fixes.
…fined Workflow.start required an explicit undefined argument when the main job's input type was undefined, inconsistent with WorkflowJob.start (where the input parameter becomes optional in that case) and unable to type-check workflow.start() with zero arguments. Mirror WorkflowJob's conditional-optional signature so Workflow.start follows the same rule. Add a regression test verifying workflow.start() type-checks and runs when the main job takes no input.
…rerelease Neither v2/workflow-trigger-rename nor v2/workflow-start-rename declared prereleaseUntil, so a migration run targeting the actual prerelease this change ships in (2.0.0-next.6) would select neither entry at all until the final stable 2.0.0 release. Add prereleaseUntil: V2_NEXT_6, matching the sibling v2/generate-watch-flag entry landing in the same release window. Both entries also fell back to the default TS-only filePatterns, so .js/.mjs call sites were never scanned. Override with the JS-inclusive glob used by other runtime codemods.
…l options When a triggerWorkflow(...) call's third argument was a variable or an object literal spreading one, the codemod still renamed the method call. This silently erased the triggerWorkflow token that legacyPatterns relies on to flag the call for manual review, while an invoker key hidden in that argument would now be silently ignored at runtime instead of renamed to authInvoker. Skip the rename entirely for such calls, leaving triggerWorkflow in place so the call fails loudly at compile time (the method no longer exists) and remains flaggable by the residual-pattern scan. Add a fixture covering both the variable and spread cases.
Version Packages (next)
Rename @tailor-platform/sdk-tailordb-erd-plugin to @tailor-platform/sdk-plugin-tailordb-erd (eslint-plugin-* naming convention), including the package directory, workspace/lockfile references, CLI plugin-resolution messages, docs, changesets, and CI workflow paths. The published bin name (tailor-tailordb-erd) is unaffected.
The two changesets that originally covered the plugin extraction and the sdk removal were already consumed by the prior Version Packages release (0.1.0-next.0), so pre.json tracks them as applied and editing their text has no effect on versioning. Add fresh changesets covering the rename itself: a minor bump for the renamed plugin package, and a patch bump for the sdk's updated install-hint message.
refactor(cli): remove legacy bundle artifact cleanup shim
fix(workflow): remove trigger* aliases, rename .trigger() to .start()
fix(codemod): align v2 prerelease codemod boundaries and auto-resolve them in CI
chore: rename sdk-tailordb-erd-plugin package to sdk-plugin-tailordb-erd
🦋 Changeset detectedLatest commit: 9d8ce53 The changes in this PR will be included in the next version bump. This PR includes changesets to release 1 package
Not sure what this means? Click here to learn what changesets are. Click here if you're a maintainer who wants to add another changeset to this PR |
# Conflicts: # .agents/skills/e2e-setup/SKILL.md # .github/workflows/changeset-check.yml # .github/workflows/pkg-pr-new.yml # .gitignore # packages/create-sdk/scripts/prepare-templates.js # packages/create-sdk/templates/inventory-management/src/executor/checkInventory.ts # packages/sdk/docs/services/auth.md # packages/sdk/knip.ts # packages/sdk/package.json # packages/sdk/src/cli/commands/generate/service.ts # packages/sdk/src/cli/commands/generate/watch/index.test.ts # packages/sdk/src/cli/commands/generate/watch/index.ts # packages/sdk/src/cli/index.ts # packages/sdk/src/cli/lib.ts # packages/sdk/src/cli/services/application.ts # packages/sdk/src/cli/services/auth/bundler.ts # packages/sdk/src/cli/services/resolver/bundler.ts # packages/sdk/src/cli/services/tailordb/service.ts # packages/sdk/src/cli/services/workflow/bundler.test.ts # packages/sdk/src/cli/services/workflow/bundler.ts # packages/sdk/src/cli/shared/start-context.ts # packages/sdk/src/cli/shared/type-generator.test.ts # packages/sdk/src/cli/shared/type-generator.ts # packages/sdk/src/configure/services/auth/types.ts # packages/sdk/src/parser/service/auth/schema.ts # packages/sdk/tsdown.config.ts # pnpm-lock.yaml
commit: |
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
…kout changesets/action's github-api commit mode leaves a first-release package's CHANGELOG.md as an untracked file, which the release PR branch tracks — so gh pr checkout aborted with 'untracked working tree files would be overwritten' once eslint-plugin-sdk entered the release. Clean untracked files after the hard reset before switching branches.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
… ships The Workflow/WorkflowJob .trigger() -> .start() rename lands in the next prerelease, not 2.0.0-next.6 — next.6 has no .start() method, so surfacing the migration guidance for next.6 targets would point users at an API that does not exist there. Use the V2_NEXT_PENDING sentinel so the release workflow resolves the boundary to the version the rename actually ships in.
This comment has been minimized.
This comment has been minimized.
Code Metrics Report (packages/sdk)
Details | | main (4675aa4) | v2 (9d8ce53) | +/- |
|--------------------|----------------|--------------|-------|
+ | Coverage | 74.5% | 77.0% | +2.5% |
| Files | 457 | 443 | -14 |
| Lines | 16953 | 16478 | -475 |
+ | Covered | 12636 | 12703 | +67 |
+ | Code to Test Ratio | 1:0.4 | 1:0.4 | +0.0 |
| Code | 113445 | 115376 | +1931 |
+ | Test | 52708 | 54814 | +2106 |Code coverage of files in pull request scope (70.0% → 73.9%)Skip file coverages because there are too many files (267) SDK Configure Bundle Size
Runtime Performance
Type Performance (instantiations)
Reported by octocov |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
v2release line (SDK2.0.0-next.xprereleases, published to thenextdist-tag) intomain, so the stable2.0.0ships frommain.v2was a long-lived branch.Pre-merge checklist
Branch sync & CI
origin/mainintov2(currently ~101 commits behind, e.g. chore(e2e): reorganize secure test skill #1794, feat: mirror field optionality in machine user attributes #1800) and resolve conflicts so this PR is mergeable.ci,generate,generate-summary,test-summary,deploy-result).Release & versioning
changeset-release/main): publish a final 1.x release before merging, or close it.changeset-release/v2) so no release PR is in flight when the merge happens.v1maintenance branch from the currentmaintip before merging, so 1.x patch releases stay possible (@tailor-platform/sdkis at1.79.0onmain).pnpm changeset pre exit, which removes.changeset/pre.json) so the first release frommainpublishes the stable2.0.0to thelatestdist-tag. Decide whether to run it onv2right before merging or onmainimmediately after.pnpm codemod:resolve-pending) behaves correctly for the first stable (non-next) release. No codemod currently usesV2_NEXT_PENDING, but any codemod added before the stable release will..changeset/v2-baseline.md— it still says prereleases are published to thenextdist-tag; the stable 2.0.0 changelog entry should describe the stable install/upgrade path instead.@tailor-platform/sdk-plugin-tailordb-erd(0.1.0-next.0) is ready to leave prerelease — it exits pre mode together with the SDK.CI workflow cleanup (in this PR or immediately after merge)
v2from branch triggers:test.yml,ci.yml,release.yml,pkg-pr-new.yml,erd-schema.yml,lockfile-audit.yml,check-license.yml,template-tests.yml,skills-sync-check.yml,sdk-metrics.yml.branches: [main]filter onsdk-metrics.yml'spull_requesttrigger (removed so it ran for v2-based PRs).changeset-check.yml's skip condition back fromstartsWith(head.ref, 'changeset-release/')to the exactchangeset-release/main(it was broadened for the v2 release branch).link-check.ymlexclusion forexample/resolvers/startWorkflow.ts— the file exists onmainonce this merges.tailor-platform/actions
erd-schema-export/erd-schema-preview/erd-schema-commentinerd-schema.yml(currently pinned to the unreleased v2-branch SHA0bd69a0f…) and remove the# pinact:skip-filemarker.tailor setup(ACTIONS_SHA/ACTIONS_VERSION=v1.7.0inpackages/sdk/src/cli/commands/setup/templates.ts) works with the renamedtailorCLI; bump once a v2-compatible actions release exists.erd-schema.yml(pnpm bin-linking workaround for the workspace plugin package) once the plugin install story settles.Docs (after the stable publish)
@nextinstall instructions with the stable tag:packages/sdk-plugin-tailordb-erd/README.md,packages/sdk/docs/cli/tailordb.md+tailordb.template.md,packages/sdk/docs/github-actions.md(then runpnpm docs:update).packages/sdk/docs/migration/v2.md(pnpm codemod:docs:update) once all codemod version boundaries are final.Repo housekeeping (after merge)
main(feat(sdk)!: extract seed execution into a CLI plugin package #1807).v2branch and announce that v2 development continues onmain.Notes
main, and the release workflow relies on the consumed-changeset history staying intact.