Scoped OAuth 2 tokens

https://feedback.yaak.app/p/using-inherited-api-key-causes-a-question-mark-to-be

.github/workflows/release.yml

@@ -72,9 +72,6 @@ jobs:
         with:
           repo-token: ${{ secrets.GITHUB_TOKEN }}
 
-      - name: Run JS build
-        run: npm run build
-
       - name: Run lint
         run: npm run lint
 

eslint.config.cjs

@@ -80,6 +80,7 @@ module.exports = defineConfig([
   globalIgnores([
     '**/node_modules/',
     '**/dist/',
+    '**/build/',
     '**/.eslintrc.cjs',
     '**/.prettierrc.cjs',
     'src-web/postcss.config.cjs',

package.json

@@ -10,11 +10,13 @@
     "packages/plugin-runtime",
     "packages/plugin-runtime-types",
     "packages/common-lib",
+    "plugins/auth-apikey",
     "plugins/auth-basic",
     "plugins/auth-bearer",
     "plugins/auth-jwt",
     "plugins/auth-oauth2",
-    "plugins/exporter-curl",
+    "plugins/action-copy-curl",
+    "plugins/action-copy-grpcurl",
     "plugins/filter-jsonpath",
     "plugins/filter-xpath",
     "plugins/importer-curl",
@@ -23,6 +25,7 @@
     "plugins/importer-postman",
     "plugins/importer-yaak",
     "plugins/template-function-cookie",
+    "plugins/template-function-timestamp",
     "plugins/template-function-encode",
     "plugins/template-function-fs",
     "plugins/template-function-hash",
@@ -33,6 +36,7 @@
     "plugins/template-function-response",
     "plugins/template-function-uuid",
     "plugins/template-function-xml",
+    "plugins/themes-yaak",
     "src-tauri/yaak-crypto",
     "src-tauri/yaak-git",
     "src-tauri/yaak-fonts",
@@ -73,7 +77,7 @@
     "@tauri-apps/cli": "2.4.1",
     "@typescript-eslint/eslint-plugin": "^8.27.0",
     "@typescript-eslint/parser": "^8.27.0",
-    "@yaakapp/cli": "^0.1.5",
+    "@yaakapp/cli": "^0.2.7",
     "eslint": "^9.29.0",
     "eslint-config-prettier": "^10.1.5",
     "eslint-plugin-import": "^2.32.0",
@@ -84,6 +88,7 @@
     "npm-run-all": "^4.1.5",
     "prettier": "^3.4.2",
     "typescript": "^5.8.3",
+    "vitest": "^3.2.4",
     "workspaces-run": "^1.0.2"
   }
 }

packages/plugin-runtime-types/README.md

@@ -24,5 +24,5 @@ the [Quick Start Guide](https://feedback.yaak.app/help/articles/6911763-plugins-
 If you prefer starting from scratch, manually install the types package:
 
 ```shell
-npm install @yaakapp/api
+npm install -D @yaakapp/api
 ```

packages/plugin-runtime-types/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@yaakapp/api",
-  "version": "0.6.4",
+  "version": "0.6.6",
   "keywords": [
     "api-client",
     "insomnia-alternative",
@@ -31,7 +31,7 @@
     "prepublishOnly": "npm run build"
   },
   "dependencies": {
-    "@types/node": "^22.5.4"
+    "@types/node": "^24.0.13"
   },
   "devDependencies": {
     "cpy-cli": "^5.0.0"

packages/plugin-runtime-types/src/bindings/gen_events.ts

@@ -6,6 +6,10 @@ export type BootRequest = { dir: string, watch: boolean, };
 
 export type BootResponse = { name: string, version: string, };
 
+export type CallGrpcRequestActionArgs = { grpcRequest: GrpcRequest, protoFiles: Array<string>, };
+
+export type CallGrpcRequestActionRequest = { index: number, pluginRefId: string, args: CallGrpcRequestActionArgs, };
+
 export type CallHttpAuthenticationActionArgs = { contextId: string, values: { [key in string]?: JsonPrimitive }, };
 
 export type CallHttpAuthenticationActionRequest = { index: number, pluginRefId: string, args: CallHttpAuthenticationActionArgs, };
@@ -17,7 +21,12 @@ export type CallHttpAuthenticationResponse = {
  * HTTP headers to add to the request. Existing headers will be replaced, while
  * new headers will be added.
  */
-setHeaders: Array<HttpHeader>, };
+setHeaders?: Array<HttpHeader>, 
+/**
+ * Query parameters to add to the request. Existing params will be replaced, while
+ * new params will be added.
+ */
+setQueryParameters?: Array<HttpHeader>, };
 
 export type CallHttpRequestActionArgs = { httpRequest: HttpRequest, };
 
@@ -27,7 +36,7 @@ export type CallTemplateFunctionArgs = { purpose: RenderPurpose, values: { [key
 
 export type CallTemplateFunctionRequest = { name: string, args: CallTemplateFunctionArgs, };
 
-export type CallTemplateFunctionResponse = { value: string | null, };
+export type CallTemplateFunctionResponse = { value: string | null, error?: string, };
 
 export type CloseWindowRequest = { label: string, };
 
@@ -61,7 +70,7 @@ extensions: Array<string>, };
 
 export type FilterRequest = { content: string, filter: string, };
 
-export type FilterResponse = { content: string, };
+export type FilterResponse = { content: string, error?: string, };
 
 export type FindHttpResponsesRequest = { requestId: string, limit?: number, };
 
@@ -336,14 +345,14 @@ export type GetCookieValueRequest = { name: string, };
 
 export type GetCookieValueResponse = { value: string | null, };
 
+export type GetGrpcRequestActionsResponse = { actions: Array<GrpcRequestAction>, pluginRefId: string, };
+
 export type GetHttpAuthenticationConfigRequest = { contextId: string, values: { [key in string]?: JsonPrimitive }, };
 
 export type GetHttpAuthenticationConfigResponse = { args: Array<FormInput>, pluginRefId: string, actions?: Array<HttpAuthenticationAction>, };
 
 export type GetHttpAuthenticationSummaryResponse = { name: string, label: string, shortLabel: string, };
 
-export type GetHttpRequestActionsRequest = Record<string, never>;
-
 export type GetHttpRequestActionsResponse = { actions: Array<HttpRequestAction>, pluginRefId: string, };
 
 export type GetHttpRequestByIdRequest = { id: string, };
@@ -356,6 +365,12 @@ export type GetKeyValueResponse = { value?: string, };
 
 export type GetTemplateFunctionsResponse = { functions: Array<TemplateFunction>, pluginRefId: string, };
 
+export type GetThemesRequest = Record<string, never>;
+
+export type GetThemesResponse = { themes: Array<Theme>, };
+
+export type GrpcRequestAction = { label: string, icon?: Icon, };
+
 export type HttpAuthenticationAction = { label: string, icon?: Icon, };
 
 export type HttpHeader = { name: string, value: string, };
@@ -372,7 +387,7 @@ export type ImportResponse = { resources: ImportResources, };
 
 export type InternalEvent = { id: string, pluginRefId: string, pluginName: string, replyId: string | null, windowContext: PluginWindowContext, payload: InternalEventPayload, };
 
-export type InternalEventPayload = { "type": "boot_request" } & BootRequest | { "type": "boot_response" } & BootResponse | { "type": "reload_request" } & EmptyPayload | { "type": "reload_response" } & BootResponse | { "type": "terminate_request" } | { "type": "terminate_response" } | { "type": "import_request" } & ImportRequest | { "type": "import_response" } & ImportResponse | { "type": "filter_request" } & FilterRequest | { "type": "filter_response" } & FilterResponse | { "type": "export_http_request_request" } & ExportHttpRequestRequest | { "type": "export_http_request_response" } & ExportHttpRequestResponse | { "type": "send_http_request_request" } & SendHttpRequestRequest | { "type": "send_http_request_response" } & SendHttpRequestResponse | { "type": "list_cookie_names_request" } & ListCookieNamesRequest | { "type": "list_cookie_names_response" } & ListCookieNamesResponse | { "type": "get_cookie_value_request" } & GetCookieValueRequest | { "type": "get_cookie_value_response" } & GetCookieValueResponse | { "type": "get_http_request_actions_request" } & EmptyPayload | { "type": "get_http_request_actions_response" } & GetHttpRequestActionsResponse | { "type": "call_http_request_action_request" } & CallHttpRequestActionRequest | { "type": "get_template_functions_request" } | { "type": "get_template_functions_response" } & GetTemplateFunctionsResponse | { "type": "call_template_function_request" } & CallTemplateFunctionRequest | { "type": "call_template_function_response" } & CallTemplateFunctionResponse | { "type": "get_http_authentication_summary_request" } & EmptyPayload | { "type": "get_http_authentication_summary_response" } & GetHttpAuthenticationSummaryResponse | { "type": "get_http_authentication_config_request" } & GetHttpAuthenticationConfigRequest | { "type": "get_http_authentication_config_response" } & GetHttpAuthenticationConfigResponse | { "type": "call_http_authentication_request" } & CallHttpAuthenticationRequest | { "type": "call_http_authentication_response" } & CallHttpAuthenticationResponse | { "type": "call_http_authentication_action_request" } & CallHttpAuthenticationActionRequest | { "type": "call_http_authentication_action_response" } & EmptyPayload | { "type": "copy_text_request" } & CopyTextRequest | { "type": "copy_text_response" } & EmptyPayload | { "type": "render_http_request_request" } & RenderHttpRequestRequest | { "type": "render_http_request_response" } & RenderHttpRequestResponse | { "type": "get_key_value_request" } & GetKeyValueRequest | { "type": "get_key_value_response" } & GetKeyValueResponse | { "type": "set_key_value_request" } & SetKeyValueRequest | { "type": "set_key_value_response" } & SetKeyValueResponse | { "type": "delete_key_value_request" } & DeleteKeyValueRequest | { "type": "delete_key_value_response" } & DeleteKeyValueResponse | { "type": "open_window_request" } & OpenWindowRequest | { "type": "window_navigate_event" } & WindowNavigateEvent | { "type": "window_close_event" } | { "type": "close_window_request" } & CloseWindowRequest | { "type": "template_render_request" } & TemplateRenderRequest | { "type": "template_render_response" } & TemplateRenderResponse | { "type": "show_toast_request" } & ShowToastRequest | { "type": "show_toast_response" } & EmptyPayload | { "type": "prompt_text_request" } & PromptTextRequest | { "type": "prompt_text_response" } & PromptTextResponse | { "type": "get_http_request_by_id_request" } & GetHttpRequestByIdRequest | { "type": "get_http_request_by_id_response" } & GetHttpRequestByIdResponse | { "type": "find_http_responses_request" } & FindHttpResponsesRequest | { "type": "find_http_responses_response" } & FindHttpResponsesResponse | { "type": "empty_response" } & EmptyPayload | { "type": "error_response" } & ErrorResponse;
+export type InternalEventPayload = { "type": "boot_request" } & BootRequest | { "type": "boot_response" } & BootResponse | { "type": "reload_request" } & EmptyPayload | { "type": "reload_response" } & BootResponse | { "type": "terminate_request" } | { "type": "terminate_response" } | { "type": "import_request" } & ImportRequest | { "type": "import_response" } & ImportResponse | { "type": "filter_request" } & FilterRequest | { "type": "filter_response" } & FilterResponse | { "type": "export_http_request_request" } & ExportHttpRequestRequest | { "type": "export_http_request_response" } & ExportHttpRequestResponse | { "type": "send_http_request_request" } & SendHttpRequestRequest | { "type": "send_http_request_response" } & SendHttpRequestResponse | { "type": "list_cookie_names_request" } & ListCookieNamesRequest | { "type": "list_cookie_names_response" } & ListCookieNamesResponse | { "type": "get_cookie_value_request" } & GetCookieValueRequest | { "type": "get_cookie_value_response" } & GetCookieValueResponse | { "type": "get_http_request_actions_request" } & EmptyPayload | { "type": "get_http_request_actions_response" } & GetHttpRequestActionsResponse | { "type": "call_http_request_action_request" } & CallHttpRequestActionRequest | { "type": "get_grpc_request_actions_request" } & EmptyPayload | { "type": "get_grpc_request_actions_response" } & GetGrpcRequestActionsResponse | { "type": "call_grpc_request_action_request" } & CallGrpcRequestActionRequest | { "type": "get_template_functions_request" } | { "type": "get_template_functions_response" } & GetTemplateFunctionsResponse | { "type": "call_template_function_request" } & CallTemplateFunctionRequest | { "type": "call_template_function_response" } & CallTemplateFunctionResponse | { "type": "get_http_authentication_summary_request" } & EmptyPayload | { "type": "get_http_authentication_summary_response" } & GetHttpAuthenticationSummaryResponse | { "type": "get_http_authentication_config_request" } & GetHttpAuthenticationConfigRequest | { "type": "get_http_authentication_config_response" } & GetHttpAuthenticationConfigResponse | { "type": "call_http_authentication_request" } & CallHttpAuthenticationRequest | { "type": "call_http_authentication_response" } & CallHttpAuthenticationResponse | { "type": "call_http_authentication_action_request" } & CallHttpAuthenticationActionRequest | { "type": "call_http_authentication_action_response" } & EmptyPayload | { "type": "copy_text_request" } & CopyTextRequest | { "type": "copy_text_response" } & EmptyPayload | { "type": "render_http_request_request" } & RenderHttpRequestRequest | { "type": "render_http_request_response" } & RenderHttpRequestResponse | { "type": "render_grpc_request_request" } & RenderGrpcRequestRequest | { "type": "render_grpc_request_response" } & RenderGrpcRequestResponse | { "type": "get_key_value_request" } & GetKeyValueRequest | { "type": "get_key_value_response" } & GetKeyValueResponse | { "type": "set_key_value_request" } & SetKeyValueRequest | { "type": "set_key_value_response" } & SetKeyValueResponse | { "type": "delete_key_value_request" } & DeleteKeyValueRequest | { "type": "delete_key_value_response" } & DeleteKeyValueResponse | { "type": "open_window_request" } & OpenWindowRequest | { "type": "window_navigate_event" } & WindowNavigateEvent | { "type": "window_close_event" } | { "type": "close_window_request" } & CloseWindowRequest | { "type": "template_render_request" } & TemplateRenderRequest | { "type": "template_render_response" } & TemplateRenderResponse | { "type": "show_toast_request" } & ShowToastRequest | { "type": "show_toast_response" } & EmptyPayload | { "type": "prompt_text_request" } & PromptTextRequest | { "type": "prompt_text_response" } & PromptTextResponse | { "type": "get_http_request_by_id_request" } & GetHttpRequestByIdRequest | { "type": "get_http_request_by_id_response" } & GetHttpRequestByIdResponse | { "type": "find_http_responses_request" } & FindHttpResponsesRequest | { "type": "find_http_responses_response" } & FindHttpResponsesResponse | { "type": "get_themes_request" } & GetThemesRequest | { "type": "get_themes_response" } & GetThemesResponse | { "type": "empty_response" } & EmptyPayload | { "type": "error_response" } & ErrorResponse;
 
 export type JsonPrimitive = string | number | boolean | null;
 
@@ -404,6 +419,10 @@ required?: boolean, };
 
 export type PromptTextResponse = { value: string | null, };
 
+export type RenderGrpcRequestRequest = { grpcRequest: GrpcRequest, purpose: RenderPurpose, };
+
+export type RenderGrpcRequestResponse = { grpcRequest: GrpcRequest, };
+
 export type RenderHttpRequestRequest = { httpRequest: HttpRequest, purpose: RenderPurpose, };
 
 export type RenderHttpRequestResponse = { httpRequest: HttpRequest, };
@@ -436,6 +455,32 @@ export type TemplateRenderRequest = { data: JsonValue, purpose: RenderPurpose, }
 
 export type TemplateRenderResponse = { data: JsonValue, };
 
+export type Theme = { 
+/**
+ * How the theme is identified. This should never be changed
+ */
+id: string, 
+/**
+ * The friendly name of the theme to be displayed to the user
+ */
+label: string, 
+/**
+ * Whether the theme will be used for dark or light appearance
+ */
+dark: boolean, 
+/**
+ * The default top-level colors for the theme
+ */
+base: ThemeComponentColors, 
+/**
+ * Optionally override theme for individual UI components for more control
+ */
+components?: ThemeComponents, };
+
+export type ThemeComponentColors = { surface?: string, surfaceHighlight?: string, surfaceActive?: string, text?: string, textSubtle?: string, textSubtlest?: string, border?: string, borderSubtle?: string, borderFocus?: string, shadow?: string, backdrop?: string, selection?: string, primary?: string, secondary?: string, info?: string, success?: string, notice?: string, warning?: string, danger?: string, };
+
+export type ThemeComponents = { dialog?: ThemeComponentColors, menu?: ThemeComponentColors, toast?: ThemeComponentColors, sidebar?: ThemeComponentColors, responsePane?: ThemeComponentColors, appHeader?: ThemeComponentColors, button?: ThemeComponentColors, banner?: ThemeComponentColors, templateTag?: ThemeComponentColors, urlBar?: ThemeComponentColors, editor?: ThemeComponentColors, input?: ThemeComponentColors, };
+
 export type WindowNavigateEvent = { url: string, };
 
 export type WindowSize = { width: number, height: number, };

packages/plugin-runtime-types/src/bindings/gen_search.ts

@@ -2,4 +2,4 @@
 
 export type PluginMetadata = { version: string, name: string, displayName: string, description: string | null, homepageUrl: string | null, repositoryUrl: string | null, };
 
-export type PluginVersion = { id: string, version: string, description: string | null, name: string, displayName: string, homepageUrl: string | null, repositoryUrl: string | null, checksum: string, readme: string | null, yanked: boolean, };
+export type PluginVersion = { id: string, version: string, url: string, description: string | null, name: string, displayName: string, homepageUrl: string | null, repositoryUrl: string | null, checksum: string, readme: string | null, yanked: boolean, };

packages/plugin-runtime-types/src/plugins/Context.ts

@@ -9,14 +9,16 @@ import type {
   OpenWindowRequest,
   PromptTextRequest,
   PromptTextResponse,
+  RenderGrpcRequestRequest,
+  RenderGrpcRequestResponse,
   RenderHttpRequestRequest,
   RenderHttpRequestResponse,
   SendHttpRequestRequest,
   SendHttpRequestResponse,
   ShowToastRequest,
   TemplateRenderRequest,
-  TemplateRenderResponse,
 } from '../bindings/gen_events.ts';
+import { JsonValue } from '../bindings/serde_json/JsonValue';
 
 export interface Context {
   clipboard: {
@@ -45,6 +47,9 @@ export interface Context {
     listNames(): Promise<ListCookieNamesResponse['names']>;
     getValue(args: GetCookieValueRequest): Promise<GetCookieValueResponse['value']>;
   };
+  grpcRequest: {
+    render(args: RenderGrpcRequestRequest): Promise<RenderGrpcRequestResponse['grpcRequest']>;
+  };
   httpRequest: {
     send(args: SendHttpRequestRequest): Promise<SendHttpRequestResponse['httpResponse']>;
     getById(args: GetHttpRequestByIdRequest): Promise<GetHttpRequestByIdResponse['httpRequest']>;
@@ -54,6 +59,6 @@ export interface Context {
     find(args: FindHttpResponsesRequest): Promise<FindHttpResponsesResponse['httpResponses']>;
   };
   templates: {
-    render(args: TemplateRenderRequest): Promise<TemplateRenderResponse['data']>;
+    render<T extends JsonValue>(args: TemplateRenderRequest & { data: T }): Promise<T>;
   };
 }

packages/plugin-runtime-types/src/plugins/FilterPlugin.ts

@@ -1,12 +1,11 @@
+import { FilterResponse } from '../bindings/gen_events';
 import type { Context } from './Context';
 
-type FilterPluginResponse = { filtered: string };
-
 export type FilterPlugin = {
   name: string;
   description?: string;
   onFilter(
     ctx: Context,
     args: { payload: string; filter: string; mimeType: string },
-  ): Promise<FilterPluginResponse> | FilterPluginResponse;
+  ): Promise<FilterResponse> | FilterResponse;
 };

packages/plugin-runtime-types/src/plugins/GrpcRequestActionPlugin.ts

@@ -0,0 +1,6 @@
+import { CallGrpcRequestActionArgs, GrpcRequestAction } from '../bindings/gen_events';
+import type { Context } from './Context';
+
+export type GrpcRequestActionPlugin = GrpcRequestAction & {
+  onSelect(ctx: Context, args: CallGrpcRequestActionArgs): Promise<void> | void;
+};

packages/plugin-runtime-types/src/plugins/ImporterPlugin.ts

@@ -1,5 +1,5 @@
 import { ImportResources } from '../bindings/gen_events';
-import { AtLeast } from '../helpers';
+import { AtLeast, MaybePromise } from '../helpers';
 import type { Context } from './Context';
 
 type RootFields = 'name' | 'id' | 'model';
@@ -21,5 +21,8 @@ export type ImportPluginResponse = null | {
 export type ImporterPlugin = {
   name: string;
   description?: string;
-  onImport(ctx: Context, args: { text: string }): Promise<ImportPluginResponse>;
+  onImport(
+    ctx: Context,
+    args: { text: string },
+  ): MaybePromise<ImportPluginResponse | null | undefined>;
 };

packages/plugin-runtime-types/src/plugins/ThemePlugin.ts

@@ -1,8 +1,3 @@
-import { Index } from "../themes";
-import { Context } from "./Context";
+import { Theme } from '../bindings/gen_events';
 
-export type ThemePlugin = {
-  name: string;
-  description?: string;
-  getTheme(ctx: Context, fileContents: string): Promise<Index>;
-};
+export type ThemePlugin = Theme;

packages/plugin-runtime-types/src/plugins/index.ts

@@ -1,5 +1,6 @@
 import { AuthenticationPlugin } from './AuthenticationPlugin';
 import type { FilterPlugin } from './FilterPlugin';
+import { GrpcRequestActionPlugin } from './GrpcRequestActionPlugin';
 import type { HttpRequestActionPlugin } from './HttpRequestActionPlugin';
 import type { ImporterPlugin } from './ImporterPlugin';
 import type { TemplateFunctionPlugin } from './TemplateFunctionPlugin';
@@ -12,9 +13,10 @@ export type { Context } from './Context';
  */
 export type PluginDefinition = {
   importer?: ImporterPlugin;
-  theme?: ThemePlugin;
+  themes?: ThemePlugin[];
   filter?: FilterPlugin;
   authentication?: AuthenticationPlugin;
   httpRequestActions?: HttpRequestActionPlugin[];
+  grpcRequestActions?: GrpcRequestActionPlugin[];
   templateFunctions?: TemplateFunctionPlugin[];
 };

packages/plugin-runtime-types/tsconfig.json

@@ -2,12 +2,17 @@
   "compilerOptions": {
     "module": "node16",
     "target": "es6",
-    "lib": ["es2021"],
+    "lib": [
+      "es2021",
+      "dom"
+    ],
     "declaration": true,
     "declarationDir": "./lib",
     "outDir": "./lib",
     "strict": true,
-    "types": ["node"]
+    "types": [
+      "node"
+    ]
   },
   "files": [
     "src/index.ts"

packages/plugin-runtime/src/PluginInstance.ts

@@ -8,6 +8,7 @@ import {
   GetCookieValueResponse,
   GetHttpRequestByIdResponse,
   GetKeyValueResponse,
+  GrpcRequestAction,
   HttpAuthenticationAction,
   HttpRequestAction,
   InternalEvent,
@@ -15,6 +16,7 @@ import {
   ListCookieNamesResponse,
   PluginWindowContext,
   PromptTextResponse,
+  RenderGrpcRequestResponse,
   RenderHttpRequestResponse,
   SendHttpRequestResponse,
   TemplateFunction,
@@ -137,9 +139,23 @@ export class PluginInstance {
           payload: payload.content,
           mimeType: payload.type,
         });
+        this.#sendPayload(windowContext, { type: 'filter_response', ...reply }, replyId);
+        return;
+      }
+
+      if (
+        payload.type === 'get_grpc_request_actions_request' &&
+        Array.isArray(this.#mod?.grpcRequestActions)
+      ) {
+        const reply: GrpcRequestAction[] = this.#mod.grpcRequestActions.map((a) => ({
+          ...a,
+          // Add everything except onSelect
+          onSelect: undefined,
+        }));
         const replyPayload: InternalEventPayload = {
-          type: 'filter_response',
-          content: reply.filtered,
+          type: 'get_grpc_request_actions_response',
+          pluginRefId: this.#workerData.pluginRefId,
+          actions: reply,
         };
         this.#sendPayload(windowContext, replyPayload, replyId);
         return;
@@ -163,6 +179,15 @@ export class PluginInstance {
         return;
       }
 
+      if (payload.type === 'get_themes_request' && Array.isArray(this.#mod?.themes)) {
+        const replyPayload: InternalEventPayload = {
+          type: 'get_themes_response',
+          themes: this.#mod.themes,
+        };
+        this.#sendPayload(windowContext, replyPayload, replyId);
+        return;
+      }
+
       if (
         payload.type === 'get_template_functions_request' &&
         Array.isArray(this.#mod?.templateFunctions)
@@ -199,13 +224,12 @@ export class PluginInstance {
       if (payload.type === 'get_http_authentication_config_request' && this.#mod?.authentication) {
         const { args, actions } = this.#mod.authentication;
         const resolvedArgs: FormInput[] = [];
-        for (let i = 0; i < args.length; i++) {
-          let v = args[i];
-          if ('dynamic' in v) {
+        for (const v of args) {
+          if (v && 'dynamic' in v) {
             const dynamicAttrs = await v.dynamic(ctx, payload);
             const { dynamic, ...other } = v;
             resolvedArgs.push({ ...other, ...dynamicAttrs } as FormInput);
-          } else {
+          } else if (v) {
             resolvedArgs.push(v);
           }
         }
@@ -229,12 +253,11 @@ export class PluginInstance {
         const auth = this.#mod.authentication;
         if (typeof auth?.onApply === 'function') {
           applyFormInputDefaults(auth.args, payload.values);
-          const result = await auth.onApply(ctx, payload);
           this.#sendPayload(
             windowContext,
             {
               type: 'call_http_authentication_response',
-              setHeaders: result.setHeaders,
+              ...(await auth.onApply(ctx, payload)),
             },
             replyId,
           );
@@ -266,6 +289,18 @@ export class PluginInstance {
         }
       }
 
+      if (
+        payload.type === 'call_grpc_request_action_request' &&
+        Array.isArray(this.#mod.grpcRequestActions)
+      ) {
+        const action = this.#mod.grpcRequestActions[payload.index];
+        if (typeof action?.onSelect === 'function') {
+          await action.onSelect(ctx, payload.args);
+          this.#sendEmpty(windowContext, replyId);
+          return;
+        }
+      }
+
       if (
         payload.type === 'call_template_function_request' &&
         Array.isArray(this.#mod?.templateFunctions)
@@ -273,15 +308,27 @@ export class PluginInstance {
         const fn = this.#mod.templateFunctions.find((a) => a.name === payload.name);
         if (typeof fn?.onRender === 'function') {
           applyFormInputDefaults(fn.args, payload.args.values);
-          const result = await fn.onRender(ctx, payload.args);
-          this.#sendPayload(
-            windowContext,
-            {
-              type: 'call_template_function_response',
-              value: result ?? null,
-            },
-            replyId,
-          );
+          try {
+            const result = await fn.onRender(ctx, payload.args);
+            this.#sendPayload(
+              windowContext,
+              {
+                type: 'call_template_function_response',
+                value: result ?? null,
+              },
+              replyId,
+            );
+          } catch (err) {
+            this.#sendPayload(
+              windowContext,
+              {
+                type: 'call_template_function_response',
+                value: null,
+                error: `${err}`.replace(/^Error:\s*/g, ''),
+              },
+              replyId,
+            );
+          }
           return;
         }
       }
@@ -463,6 +510,19 @@ export class PluginInstance {
           return httpResponses;
         },
       },
+      grpcRequest: {
+        render: async (args) => {
+          const payload = {
+            type: 'render_grpc_request_request',
+            ...args,
+          } as const;
+          const { grpcRequest } = await this.#sendAndWaitForReply<RenderGrpcRequestResponse>(
+            event.windowContext,
+            payload,
+          );
+          return grpcRequest;
+        },
+      },
       httpRequest: {
         getById: async (args) => {
           const payload = {
@@ -530,7 +590,7 @@ export class PluginInstance {
             event.windowContext,
             payload,
           );
-          return result.data;
+          return result.data as any;
         },
       },
       store: {
@@ -587,20 +647,20 @@ function applyFormInputDefaults(
   }
 }
 
-const watchedFiles: Record<string, Stats> = {};
+const watchedFiles: Record<string, Stats | null> = {};
 
 /**
- * Watch a file and trigger callback on change.
+ * Watch a file and trigger a callback on change.
  *
  * We also track the stat for each file because fs.watch() will
- * trigger a "change" event when the access date changes
+ * trigger a "change" event when the access date changes.
  */
-function watchFile(filepath: string, cb: (filepath: string) => void) {
+function watchFile(filepath: string, cb: () => void) {
   watch(filepath, () => {
-    const stat = statSync(filepath);
-    if (stat.mtimeMs !== watchedFiles[filepath]?.mtimeMs) {
-      cb(filepath);
+    const stat = statSync(filepath, { throwIfNoEntry: false });
+    if (stat == null || stat.mtimeMs !== watchedFiles[filepath]?.mtimeMs) {
+      watchedFiles[filepath] = stat ?? null;
+      cb();
     }
-    watchedFiles[filepath] = stat;
   });
 }

packages/plugin-runtime/src/index.ts

@@ -53,3 +53,7 @@ async function handleIncoming(msg: string) {
 
   plugin.sendToWorker(pluginEvent);
 }
+
+process.on('unhandledRejection', (reason, promise) => {
+  console.error('Unhandled Rejection at:', promise, 'reason:', reason);
+});

plugins/action-copy-curl/README.md

@@ -0,0 +1,68 @@
+# Copy as cUrl
+
+A request action plugin for Yaak that converts HTTP requests into [curl](https://curl.se)
+commands, making it easy to share, debug, and execute requests outside Yaak.
+
+![Screenshot of context menu](screenshot.png)
+
+## Overview
+
+This plugin adds a 'Copy as Curl' action to HTTP requests, converting any request into its
+equivalent curl command. This is useful for debugging, sharing requests with team members,
+and executing requests in terminal environments where `curl` is available.
+
+## How It Works
+
+The plugin analyzes the given HTTP request and generates a properly formatted curl command
+that includes:
+
+- HTTP method (GET, POST, PUT, DELETE, etc.)
+- Request URL with query parameters
+- Headers (including authentication headers)
+- Request body (for POST, PUT, PATCH requests)
+- Authentication credentials
+
+## Usage
+
+1. Configure an HTTP request as usual in Yaak
+2. Right-click on the request in the sidebar
+3. Select 'Copy as Curl'
+4. The command is copied to your clipboard
+5. Share or execute the command
+
+## Generated Curl Examples
+
+### Simple GET Request
+
+```bash
+curl -X GET 'https://api.example.com/users' \
+  --header 'Accept: application/json'
+```
+
+### POST Request with JSON Data
+
+```bash
+curl -X POST 'https://api.example.com/users' \
+  --header 'Content-Type: application/json' \
+  --header 'Accept: application/json' \
+  --data '{
+    "name": "John Doe",
+    "email": "john@example.com"
+  }'
+```
+
+### Request with Multi-part Form Data
+
+```bash
+curl -X POST 'yaak.app' \
+  --header 'Content-Type: multipart/form-data' \
+  --form 'hello=world' \
+  --form file=@/path/to/file.json
+```
+
+### Request with Authentication
+
+```bash
+curl -X GET 'https://api.example.com/protected' \
+  --user 'username:password'
+```

plugins/action-copy-curl/package.json

@@ -0,0 +1,17 @@
+{
+  "name": "@yaak/action-copy-curl",
+  "displayName": "Copy as Curl",
+  "description": "Copy request as a curl command",
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/mountain-loop/yaak.git",
+    "directory": "plugins/action-copy-curl"
+  },
+  "private": true,
+  "version": "0.1.0",
+  "scripts": {
+    "build": "yaakcli build",
+    "dev": "yaakcli dev",
+    "lint": "eslint . --ext .ts,.tsx"
+  }
+}

plugins/action-copy-curl/src/index.ts

@@ -1,18 +1,27 @@
-import { HttpRequest, PluginDefinition } from '@yaakapp/api';
+import type { HttpRequest, PluginDefinition } from '@yaakapp/api';
 
 const NEWLINE = '\\\n ';
 
 export const plugin: PluginDefinition = {
-  httpRequestActions: [{
-    label: 'Copy as Curl',
-    icon: 'copy',
-    async onSelect(ctx, args) {
-      const rendered_request = await ctx.httpRequest.render({ httpRequest: args.httpRequest, purpose: 'preview' });
-      const data = await convertToCurl(rendered_request);
-      await ctx.clipboard.copyText(data);
-      await ctx.toast.show({ message: 'Curl copied to clipboard', icon: 'copy', color: 'success' });
+  httpRequestActions: [
+    {
+      label: 'Copy as Curl',
+      icon: 'copy',
+      async onSelect(ctx, args) {
+        const rendered_request = await ctx.httpRequest.render({
+          httpRequest: args.httpRequest,
+          purpose: 'preview',
+        });
+        const data = await convertToCurl(rendered_request);
+        await ctx.clipboard.copyText(data);
+        await ctx.toast.show({
+          message: 'Command copied to clipboard',
+          icon: 'copy',
+          color: 'success',
+        });
+      },
     },
-  }],
+  ],
 };
 
 export async function convertToCurl(request: Partial<HttpRequest>) {
@@ -20,17 +29,23 @@ export async function convertToCurl(request: Partial<HttpRequest>) {
 
   // Add method and URL all on first line
   if (request.method) xs.push('-X', request.method);
-  if (request.url) xs.push(quote(request.url));
 
-
-  xs.push(NEWLINE);
-
-  // Add URL params
-  for (const p of (request.urlParameters ?? []).filter(onlyEnabled)) {
-    xs.push('--url-query', quote(`${p.name}=${p.value}`));
-    xs.push(NEWLINE);
+  // Build final URL with parameters (compatible with old curl)
+  let finalUrl = request.url || '';
+  const urlParams = (request.urlParameters ?? []).filter(onlyEnabled);
+  if (urlParams.length > 0) {
+    // Build url 
+    const [base, hash] = finalUrl.split('#');
+    const separator = base!.includes('?') ? '&' : '?';
+    const queryString = urlParams
+      .map(p => `${encodeURIComponent(p.name)}=${encodeURIComponent(p.value)}`)
+      .join('&');
+    finalUrl = base + separator + queryString + (hash ? `#${hash}` : '');
   }
-
+  
+  xs.push(quote(finalUrl));
+  xs.push(NEWLINE);
+  
   // Add headers
   for (const h of (request.headers ?? []).filter(onlyEnabled)) {
     xs.push('--header', quote(`${h.name}: ${h.value}`));
@@ -51,11 +66,14 @@ export async function convertToCurl(request: Partial<HttpRequest>) {
       xs.push(NEWLINE);
     }
   } else if (typeof request.body?.query === 'string') {
-    const body = { query: request.body.query || '', variables: maybeParseJSON(request.body.variables, undefined) };
-    xs.push('--data-raw', `${quote(JSON.stringify(body))}`);
+    const body = {
+      query: request.body.query || '',
+      variables: maybeParseJSON(request.body.variables, undefined),
+    };
+    xs.push('--data', quote(JSON.stringify(body)));
     xs.push(NEWLINE);
   } else if (typeof request.body?.text === 'string') {
-    xs.push('--data-raw', `${quote(request.body.text)}`);
+    xs.push('--data', quote(request.body.text));
     xs.push(NEWLINE);
   }
 
@@ -84,7 +102,7 @@ export async function convertToCurl(request: Partial<HttpRequest>) {
 }
 
 function quote(arg: string): string {
-  const escaped = arg.replace(/'/g, '\\\'');
+  const escaped = arg.replace(/'/g, "\\'");
   return `'${escaped}'`;
 }
 
@@ -92,10 +110,10 @@ function onlyEnabled(v: { name?: string; enabled?: boolean }): boolean {
   return v.enabled !== false && !!v.name;
 }
 
-function maybeParseJSON(v: any, fallback: any): string {
+function maybeParseJSON<T>(v: string, fallback: T) {
   try {
     return JSON.parse(v);
-  } catch (err) {
+  } catch {
     return fallback;
   }
-}
+}

plugins/action-copy-curl/tests/index.test.ts

@@ -13,7 +13,22 @@ describe('exporter-curl', () => {
         ],
       }),
     ).toEqual(
-      [`curl 'https://yaak.app'`, `--url-query 'a=aaa'`, `--url-query 'b=bbb'`].join(` \\\n  `),
+      [`curl 'https://yaak.app/?a=aaa&b=bbb'`].join(` \\n  `),
+    );
+  });
+
+  test('Exports GET with params and hash', async () => {
+    expect(
+      await convertToCurl({
+        url: 'https://yaak.app/path#section',
+        urlParameters: [
+          { name: 'a', value: 'aaa' },
+          { name: 'b', value: 'bbb', enabled: true },
+          { name: 'c', value: 'ccc', enabled: false },
+        ],
+      }),
+    ).toEqual(
+      [`curl 'https://yaak.app/path?a=aaa&b=bbb#section'`].join(` \\n  `),
     );
   });
   test('Exports POST with url form data', async () => {
@@ -47,7 +62,7 @@ describe('exporter-curl', () => {
         },
       }),
     ).toEqual(
-      [`curl -X POST 'https://yaak.app'`, `--data-raw '{"query":"{foo,bar}","variables":{"a":"aaa","b":"bbb"}}'`].join(` \\\n  `),
+      [`curl -X POST 'https://yaak.app'`, `--data '{"query":"{foo,bar}","variables":{"a":"aaa","b":"bbb"}}'`].join(` \\\n  `),
     );
   });
 
@@ -62,7 +77,7 @@ describe('exporter-curl', () => {
         },
       }),
     ).toEqual(
-      [`curl -X POST 'https://yaak.app'`, `--data-raw '{"query":"{foo,bar}"}'`].join(` \\\n  `),
+      [`curl -X POST 'https://yaak.app'`, `--data '{"query":"{foo,bar}"}'`].join(` \\\n  `),
     );
   });
 
@@ -106,7 +121,7 @@ describe('exporter-curl', () => {
       [
         `curl -X POST 'https://yaak.app'`,
         `--header 'Content-Type: application/json'`,
-        `--data-raw '{"foo":"bar\\'s"}'`,
+        `--data '{"foo":"bar\\'s"}'`,
       ].join(` \\\n  `),
     );
   });
@@ -126,7 +141,7 @@ describe('exporter-curl', () => {
       [
         `curl -X POST 'https://yaak.app'`,
         `--header 'Content-Type: application/json'`,
-        `--data-raw '{"foo":"bar",\n"baz":"qux"}'`,
+        `--data '{"foo":"bar",\n"baz":"qux"}'`,
       ].join(` \\\n  `),
     );
   });
@@ -140,7 +155,7 @@ describe('exporter-curl', () => {
           { name: 'c', value: 'ccc', enabled: false },
         ],
       }),
-    ).toEqual([`curl`, `--header 'a: aaa'`, `--header 'b: bbb'`].join(` \\\n  `));
+    ).toEqual([`curl ''`, `--header 'a: aaa'`, `--header 'b: bbb'`].join(` \\\n  `));
   });
 
   test('Basic auth', async () => {
@@ -203,4 +218,4 @@ describe('exporter-curl', () => {
       }),
     ).toEqual([`curl 'https://yaak.app'`, `--header 'Authorization: Bearer '`].join(` \\\n  `));
   });
-});
+});

plugins/action-copy-curl/tsconfig.json

@@ -0,0 +1,3 @@
+{
+  "extends": "../../tsconfig.json"
+}

plugins/action-copy-grpcurl/README.md

@@ -0,0 +1,76 @@
+# Copy as gRPCurl
+
+An HTTP request action plugin that converts gRPC requests
+into [gRPCurl](https://github.com/fullstorydev/grpcurl) commands, enabling easy sharing,
+debugging, and execution of gRPC calls outside Yaak.
+
+![Screenshot of context menu](screenshot.png)
+
+## Overview
+
+This plugin adds a "Copy as gRPCurl" action to gRPC requests, converting any gRPC request
+into its equivalent executable command. This is useful for debugging gRPC services,
+sharing requests with team members, or executing gRPC calls in terminal environments where
+`grpcurl` is available.
+
+## How It Works
+
+The plugin analyzes your gRPC request configuration and generates a properly formatted
+`grpcurl` command that includes:
+
+- gRPC service and method names
+- Server address and port
+- Request message data (JSON format)
+- Metadata (headers)
+- Authentication credentials
+- Protocol buffer definitions
+
+## Usage
+
+1. Configure a gRPC request as usual in Yaak
+2. Right-click on the request sidebar item
+3. Select "Copy as gRPCurl" from the available actions
+4. The command is copied to your clipboard
+5. Share or execute the command
+
+## Generated gRPCurl Examples
+
+### Simple Unary Call
+
+
+```bash
+grpcurl -plaintext \
+  -d '{"name": "John Doe"}' \
+  localhost:9090 \
+  user.UserService/GetUser
+```
+
+### Call with Metadata
+
+```bash
+grpcurl -plaintext \
+  -H "authorization: Bearer my-token" \
+  -H "x-api-version: v1" \
+  -d '{"user_id": "12345"}' \
+  api.example.com:443 \
+  user.UserService/GetUserProfile
+```
+
+### Call with TLS
+
+```bash
+grpcurl \
+  -d '{"query": "search term"}' \
+  secure-api.example.com:443 \
+  search.SearchService/Search
+```
+
+### Call with Proto Files
+
+```bash
+grpcurl -import-path /path/to/protos \
+  -proto /other/path/to/user.proto \
+  -d '{"email": "user@example.com"}' \
+  localhost:9090 \
+  user.UserService/CreateUser
+```

plugins/action-copy-grpcurl/package.json

@@ -0,0 +1,17 @@
+{
+  "name": "@yaak/action-copy-grpcurl",
+  "displayName": "Copy as gRPCurl",
+  "description": "Copy gRPC request as a grpcurl command",
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/mountain-loop/yaak.git",
+    "directory": "plugins/action-copy-grpcurl"
+  },
+  "private": true,
+  "version": "0.1.0",
+  "scripts": {
+    "build": "yaakcli build",
+    "dev": "yaakcli dev",
+    "lint": "eslint . --ext .ts,.tsx"
+  }
+}

plugins/action-copy-grpcurl/src/index.ts

@@ -0,0 +1,134 @@
+import type { GrpcRequest, PluginDefinition } from '@yaakapp/api';
+import path from 'node:path';
+
+const NEWLINE = '\\\n ';
+
+export const plugin: PluginDefinition = {
+  grpcRequestActions: [
+    {
+      label: 'Copy as gRPCurl',
+      icon: 'copy',
+      async onSelect(ctx, args) {
+        const rendered_request = await ctx.grpcRequest.render({
+          grpcRequest: args.grpcRequest,
+          purpose: 'preview',
+        });
+        const data = await convert(rendered_request, args.protoFiles);
+        await ctx.clipboard.copyText(data);
+        await ctx.toast.show({
+          message: 'Command copied to clipboard',
+          icon: 'copy',
+          color: 'success',
+        });
+      },
+    },
+  ],
+};
+
+export async function convert(request: Partial<GrpcRequest>, allProtoFiles: string[]) {
+  const xs = ['grpcurl'];
+
+  if (request.url?.startsWith('http://')) {
+    xs.push('-plaintext');
+  }
+
+  const protoIncludes = allProtoFiles.filter((f) => !f.endsWith('.proto'));
+  const protoFiles = allProtoFiles.filter((f) => f.endsWith('.proto'));
+
+  const inferredIncludes = new Set<string>();
+  for (const f of protoFiles) {
+    const protoDir = findParentProtoDir(f);
+    if (protoDir) {
+      inferredIncludes.add(protoDir);
+    } else {
+      inferredIncludes.add(path.join(f, '..'));
+      inferredIncludes.add(path.join(f, '..', '..'));
+    }
+  }
+
+  for (const f of protoIncludes) {
+    xs.push('-import-path', quote(f));
+    xs.push(NEWLINE);
+  }
+
+  for (const f of inferredIncludes.values()) {
+    xs.push('-import-path', quote(f));
+    xs.push(NEWLINE);
+  }
+
+  for (const f of protoFiles) {
+    xs.push('-proto', quote(f));
+    xs.push(NEWLINE);
+  }
+
+  // Add headers
+  for (const h of (request.metadata ?? []).filter(onlyEnabled)) {
+    xs.push('-H', quote(`${h.name}: ${h.value}`));
+    xs.push(NEWLINE);
+  }
+
+  // Add basic authentication
+  if (request.authenticationType === 'basic') {
+    const user = request.authentication?.username ?? '';
+    const pass = request.authentication?.password ?? '';
+    const encoded = btoa(`${user}:${pass}`);
+    xs.push('-H', quote(`Authorization: Basic ${encoded}`));
+    xs.push(NEWLINE);
+  } else if (request.authenticationType === 'bearer') {
+    // Add bearer authentication
+    xs.push('-H', quote(`Authorization: Bearer ${request.authentication?.token ?? ''}`));
+    xs.push(NEWLINE);
+  }
+
+  // Add form params
+  if (request.message) {
+    xs.push('-d', `${quote(JSON.stringify(JSON.parse(request.message)))}`);
+    xs.push(NEWLINE);
+  }
+
+  // Add the server address
+  if (request.url) {
+    const server = request.url.replace(/^https?:\/\//, ''); // remove protocol
+    xs.push(server);
+    xs.push(NEWLINE);
+  }
+
+  // Add service + method
+  if (request.service && request.method) {
+    xs.push(`${request.service}/${request.method}`);
+    xs.push(NEWLINE);
+  }
+
+  // Remove trailing newline
+  if (xs[xs.length - 1] === NEWLINE) {
+    xs.splice(xs.length - 1, 1);
+  }
+
+  return xs.join(' ');
+}
+
+function quote(arg: string): string {
+  const escaped = arg.replace(/'/g, "\\'");
+  return `'${escaped}'`;
+}
+
+function onlyEnabled(v: { name?: string; enabled?: boolean }): boolean {
+  return v.enabled !== false && !!v.name;
+}
+
+function findParentProtoDir(startPath: string): string | null {
+  let dir = path.resolve(startPath);
+
+  while (true) {
+    if (path.basename(dir) === 'proto') {
+      return dir;
+    }
+
+    const parent = path.dirname(dir);
+    if (parent === dir) {
+      return null; // Reached root
+    }
+
+    dir = parent;
+  }
+}

plugins/action-copy-grpcurl/tests/index.test.ts

@@ -0,0 +1,110 @@
+import { describe, expect, test } from 'vitest';
+import { convert } from '../src';
+
+describe('exporter-curl', () => {
+  test('Simple example', async () => {
+    expect(
+      await convert(
+        {
+          url: 'https://yaak.app',
+        },
+        [],
+      ),
+    ).toEqual([`grpcurl yaak.app`].join(` \\\n  `));
+  });
+  test('Basic metadata', async () => {
+    expect(
+      await convert(
+        {
+          url: 'https://yaak.app',
+          metadata: [
+            { name: 'aaa', value: 'AAA' },
+            { enabled: true, name: 'bbb', value: 'BBB' },
+            { enabled: false, name: 'disabled', value: 'ddd' },
+          ],
+        },
+        [],
+      ),
+    ).toEqual([`grpcurl -H 'aaa: AAA'`, `-H 'bbb: BBB'`, `yaak.app`].join(` \\\n  `));
+  });
+  test('Single proto file', async () => {
+    expect(await convert({ url: 'https://yaak.app' }, ['/foo/bar/baz.proto'])).toEqual(
+      [
+        `grpcurl -import-path '/foo/bar'`,
+        `-import-path '/foo'`,
+        `-proto '/foo/bar/baz.proto'`,
+        `yaak.app`,
+      ].join(` \\\n  `),
+    );
+  });
+  test('Multiple proto files, same dir', async () => {
+    expect(
+      await convert({ url: 'https://yaak.app' }, ['/foo/bar/aaa.proto', '/foo/bar/bbb.proto']),
+    ).toEqual(
+      [
+        `grpcurl -import-path '/foo/bar'`,
+        `-import-path '/foo'`,
+        `-proto '/foo/bar/aaa.proto'`,
+        `-proto '/foo/bar/bbb.proto'`,
+        `yaak.app`,
+      ].join(` \\\n  `),
+    );
+  });
+  test('Multiple proto files, different dir', async () => {
+    expect(
+      await convert({ url: 'https://yaak.app' }, ['/aaa/bbb/ccc.proto', '/xxx/yyy/zzz.proto']),
+    ).toEqual(
+      [
+        `grpcurl -import-path '/aaa/bbb'`,
+        `-import-path '/aaa'`,
+        `-import-path '/xxx/yyy'`,
+        `-import-path '/xxx'`,
+        `-proto '/aaa/bbb/ccc.proto'`,
+        `-proto '/xxx/yyy/zzz.proto'`,
+        `yaak.app`,
+      ].join(` \\\n  `),
+    );
+  });
+  test('Single include dir', async () => {
+    expect(await convert({ url: 'https://yaak.app' }, ['/aaa/bbb'])).toEqual(
+      [`grpcurl -import-path '/aaa/bbb'`, `yaak.app`].join(` \\\n  `),
+    );
+  });
+  test('Multiple include dir', async () => {
+    expect(await convert({ url: 'https://yaak.app' }, ['/aaa/bbb', '/xxx/yyy'])).toEqual(
+      [`grpcurl -import-path '/aaa/bbb'`, `-import-path '/xxx/yyy'`, `yaak.app`].join(` \\\n  `),
+    );
+  });
+  test('Mixed proto and dirs', async () => {
+    expect(
+      await convert({ url: 'https://yaak.app' }, ['/aaa/bbb', '/xxx/yyy', '/foo/bar.proto']),
+    ).toEqual(
+      [
+        `grpcurl -import-path '/aaa/bbb'`,
+        `-import-path '/xxx/yyy'`,
+        `-import-path '/foo'`,
+        `-import-path '/'`,
+        `-proto '/foo/bar.proto'`,
+        `yaak.app`,
+      ].join(` \\\n  `),
+    );
+  });
+  test('Sends data', async () => {
+    expect(
+      await convert(
+        {
+          url: 'https://yaak.app',
+          message: JSON.stringify({ foo: 'bar', baz: 1.0 }, null, 2),
+        },
+        ['/foo.proto'],
+      ),
+    ).toEqual(
+      [
+        `grpcurl -import-path '/'`,
+        `-proto '/foo.proto'`,
+        `-d '{"foo":"bar","baz":1}'`,
+        `yaak.app`,
+      ].join(` \\\n  `),
+    );
+  });
+});

plugins/action-copy-grpcurl/tsconfig.json

@@ -0,0 +1,3 @@
+{
+  "extends": "../../tsconfig.json"
+}

plugins/auth-apikey/package.json

@@ -0,0 +1,17 @@
+{
+  "name": "@yaak/auth-apikey",
+  "displayName": "API Key Authentication",
+  "description": "Authenticate requests using an API key",
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/mountain-loop/yaak.git",
+    "directory": "plugins/auth-apikey"
+  },
+  "private": true,
+  "version": "0.1.0",
+  "scripts": {
+    "build": "yaakcli build",
+    "dev": "yaakcli dev",
+    "lint": "eslint . --ext .ts,.tsx"
+  }
+}

plugins/auth-apikey/src/index.ts

@@ -0,0 +1,53 @@
+import type { PluginDefinition } from '@yaakapp/api';
+
+export const plugin: PluginDefinition = {
+  authentication: {
+    name: 'apikey',
+    label: 'API Key',
+    shortLabel: 'API Key',
+    args: [
+      {
+        type: 'select',
+        name: 'location',
+        label: 'Behavior',
+        defaultValue: 'header',
+        options: [
+          { label: 'Insert Header', value: 'header' },
+          { label: 'Append Query Parameter', value: 'query' },
+        ],
+      },
+      {
+        type: 'text',
+        name: 'key',
+        label: 'Key',
+        dynamic: (_ctx, { values }) => {
+          return values.location === 'query' ? {
+            label: 'Parameter Name',
+            description: 'The name of the query parameter to add to the request',
+          } : {
+            label: 'Header Name',
+            description: 'The name of the header to add to the request',
+          };
+        },
+      },
+      {
+        type: 'text',
+        name: 'value',
+        label: 'API Key',
+        optional: true,
+        password: true,
+      },
+    ],
+    async onApply(_ctx, { values }) {
+      const key = String(values.key ?? '');
+      const value = String(values.value ?? '');
+      const location = String(values.location);
+
+      if (location === 'query') {
+        return { setQueryParameters: [{ name: key, value }] };
+      } else {
+        return { setHeaders: [{ name: key, value }] };
+      }
+    },
+  },
+};

plugins/auth-apikey/tsconfig.json

@@ -0,0 +1,3 @@
+{
+  "extends": "../../tsconfig.json"
+}

plugins/auth-basic/README.md

@@ -0,0 +1,44 @@
+# Basic Authentication 
+
+A simple Basic Authentication plugin that implements HTTP Basic Auth according
+to [RFC 7617](https://datatracker.ietf.org/doc/html/rfc7617), enabling secure
+authentication with username and password credentials.
+
+![Screenshot of basic auth UI](screenshot.png)
+
+## Overview
+
+This plugin provides HTTP Basic Authentication support for API requests in Yaak. Basic
+Auth is one of the most widely supported authentication methods, making it ideal for APIs
+that require simple username/password authentication without the complexity of OAuth
+flows.
+
+## How Basic Authentication Works
+
+Basic Authentication encodes your username and password credentials using Base64 encoding
+and sends them in the `Authorization` header with each request. The format is:
+
+```
+Authorization: Basic <base64-encoded-credentials>
+```
+
+Where `<base64-encoded-credentials>` is the Base64 encoding of `username:password`.
+
+## Configuration
+
+The plugin presents two fields:
+
+- **Username**: Username or user identifier
+- **Password**: Password or authentication token
+
+## Usage
+
+1. Configure the request, folder, or workspace to use Basic Authentication
+2. Enter your username and password in the authentication configuration
+3. The plugin will automatically add the proper `Authorization` header to your requests
+
+## Troubleshooting
+
+- **401 Unauthorized**: Verify your username and password are correct
+- **403 Forbidden**: Check if your account has the necessary permissions
+- **Connection Issues**: Ensure you're using HTTPS for secure transmission

plugins/auth-basic/package.json

@@ -1,9 +1,17 @@
 {
-  "name": "@yaakapp/auth-basic",
+  "name": "@yaak/auth-basic",
+  "displayName": "Basic Authentication",
+  "description": "Authenticate requests using Basic Auth",
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/mountain-loop/yaak.git",
+    "directory": "plugins/auth-basic"
+  },
   "private": true,
-  "version": "0.0.1",
+  "version": "0.1.0",
   "scripts": {
-    "build": "yaakcli build ./src/index.ts",
-    "dev": "yaakcli dev ./src/index.js"
+    "build": "yaakcli build",
+    "dev": "yaakcli dev",
+    "lint": "eslint . --ext .ts,.tsx"
   }
 }

plugins/auth-basic/src/index.ts

@@ -1,4 +1,4 @@
-import { PluginDefinition } from '@yaakapp/api';
+import type { PluginDefinition } from '@yaakapp/api';
 
 export const plugin: PluginDefinition = {
   authentication: {

plugins/auth-basic/tsconfig.json

@@ -0,0 +1,3 @@
+{
+  "extends": "../../tsconfig.json"
+}

plugins/auth-bearer/README.md

@@ -0,0 +1,47 @@
+# Bearer Token Authentication Plugin
+
+A Bearer Token authentication plugin for Yaak that
+implements [RFC 6750](https://datatracker.ietf.org/doc/html/rfc6750), enabling secure API
+access using tokens, API keys, and other bearer credentials.
+
+![Screenshot of bearer auth UI](screenshot.png)
+
+## Overview
+
+This plugin provides Bearer Token authentication support for your API requests in Yaak.
+Bearer Token authentication is widely used in modern APIs, especially those following REST
+principles and OAuth 2.0 standards. It's the preferred method for APIs that issue access
+tokens, API keys, or other bearer credentials.
+
+## How Bearer Token Authentication Works
+
+Bearer Token authentication sends your token in the `Authorization` header with each
+request using the Bearer scheme:
+
+```
+Authorization: Bearer <your-token>
+```
+
+The token is transmitted as-is without any additional encoding, making it simple and
+efficient for API authentication.
+
+## Configuration
+
+The plugin requires only one field:
+
+- **Token**: Your bearer token, access token, API key, or other credential
+- **Prefix**: The prefix to use for the Authorization header, which will be of the
+  format "<PREFIX> <TOKEN>"
+
+## Usage
+
+1. Configure the request, folder, or workspace to use Bearer Authentication
+2. Enter the token and optional prefix in the authentication configuration
+3. The plugin will automatically add the proper `Authorization` header to your requests
+
+## Troubleshooting
+
+- **401 Unauthorized**: Verify your token is valid and not expired
+- **403 Forbidden**: Check if your token has the necessary permissions/scopes
+- **Invalid Token Format**: Ensure you're using the complete token without truncation
+- **Token Expiration**: Refresh or regenerate expired tokens

plugins/auth-bearer/package.json

@@ -1,9 +1,17 @@
 {
-  "name": "@yaakapp/auth-bearer",
+  "name": "@yaak/auth-bearer",
+  "displayName": "Bearer Authentication",
+  "description": "Authenticate requests using bearer authentication",
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/mountain-loop/yaak.git",
+    "directory": "plugins/auth-bearer"
+  },
   "private": true,
-  "version": "0.0.1",
+  "version": "0.1.0",
   "scripts": {
-    "build": "yaakcli build ./src/index.ts",
-    "dev": "yaakcli dev ./src/index.js"
+    "build": "yaakcli build",
+    "dev": "yaakcli dev",
+    "lint": "eslint . --ext .ts,.tsx"
   }
 }

plugins/auth-bearer/src/index.ts

@@ -1,21 +1,39 @@
-import { PluginDefinition } from '@yaakapp/api';
+import type { CallHttpAuthenticationRequest } from '@yaakapp-internal/plugins';
+import type { PluginDefinition } from '@yaakapp/api';
 
 export const plugin: PluginDefinition = {
   authentication: {
     name: 'bearer',
     label: 'Bearer Token',
     shortLabel: 'Bearer',
-    args: [{
-      type: 'text',
-      name: 'token',
-      label: 'Token',
-      optional: true,
-      password: true,
-    }],
+    args: [
+      {
+        type: 'text',
+        name: 'token',
+        label: 'Token',
+        optional: true,
+        password: true,
+      },
+      {
+        type: 'text',
+        name: 'prefix',
+        label: 'Prefix',
+        optional: true,
+        placeholder: '',
+        defaultValue: 'Bearer',
+        description:
+          'The prefix to use for the Authorization header, which will be of the format "<PREFIX> <TOKEN>".',
+      },
+    ],
     async onApply(_ctx, { values }) {
-      const { token } = values;
-      const value = `Bearer ${token}`.trim();
-      return { setHeaders: [{ name: 'Authorization', value }] };
+      return { setHeaders: [generateAuthorizationHeader(values)] };
     },
   },
 };
+
+function generateAuthorizationHeader(values: CallHttpAuthenticationRequest['values']) {
+  const token = String(values.token || '').trim();
+  const prefix = String(values.prefix || '').trim();
+  const value = `${prefix} ${token}`.trim();
+  return { name: 'Authorization', value };
+}

plugins/auth-bearer/tests/index.test.ts

@@ -0,0 +1,67 @@
+import type { Context } from '@yaakapp/api';
+import { describe, expect, test } from 'vitest';
+import { plugin } from '../src';
+
+const ctx = {} as Context;
+
+describe('auth-bearer', () => {
+  test('No values', async () => {
+    expect(
+      await plugin.authentication!.onApply(ctx, {
+        values: {},
+        headers: [],
+        url: 'https://yaak.app',
+        method: 'POST',
+        contextId: '111',
+      }),
+    ).toEqual({ setHeaders: [{ name: 'Authorization', value: '' }] });
+  });
+
+  test('Only token', async () => {
+    expect(
+      await plugin.authentication!.onApply(ctx, {
+        values: { token: 'my-token' },
+        headers: [],
+        url: 'https://yaak.app',
+        method: 'POST',
+        contextId: '111',
+      }),
+    ).toEqual({ setHeaders: [{ name: 'Authorization', value: 'my-token' }] });
+  });
+
+  test('Only prefix', async () => {
+    expect(
+      await plugin.authentication!.onApply(ctx, {
+        values: { prefix: 'Hello' },
+        headers: [],
+        url: 'https://yaak.app',
+        method: 'POST',
+        contextId: '111',
+      }),
+    ).toEqual({ setHeaders: [{ name: 'Authorization', value: 'Hello' }] });
+  });
+
+  test('Prefix and token', async () => {
+    expect(
+      await plugin.authentication!.onApply(ctx, {
+        values: { prefix: 'Hello', token: 'my-token' },
+        headers: [],
+        url: 'https://yaak.app',
+        method: 'POST',
+        contextId: '111',
+      }),
+    ).toEqual({ setHeaders: [{ name: 'Authorization', value: 'Hello my-token' }] });
+  });
+
+  test('Extra spaces', async () => {
+    expect(
+      await plugin.authentication!.onApply(ctx, {
+        values: { prefix: '\t Hello  ', token: ' \nmy-token  ' },
+        headers: [],
+        url: 'https://yaak.app',
+        method: 'POST',
+        contextId: '111',
+      }),
+    ).toEqual({ setHeaders: [{ name: 'Authorization', value: 'Hello my-token' }] });
+  });
+});

plugins/auth-bearer/tsconfig.json

@@ -0,0 +1,3 @@
+{
+  "extends": "../../tsconfig.json"
+}

plugins/auth-jwt/README.md

@@ -0,0 +1,53 @@
+# JSON Web Token (JWT) Authentication
+
+A [JSON Web Token](https://datatracker.ietf.org/doc/html/rfc7519) (JWT) authentication
+plugin that supports token generation, signing, and automatic header management.
+
+![Screenshot of JWT auth UI](screenshot.png)
+
+## Overview
+
+This plugin provides JWT authentication support for API requests. JWT is a compact,
+URL-safe means of representing claims between two parties, commonly used for
+authentication and information exchange in modern web applications and APIs.
+
+## How JWT Authentication Works
+
+JWT authentication involves creating a signed token containing claims about the user or
+application. The token is sent in the `Authorization` header:
+
+```
+Authorization: Bearer <jwt-token>
+```
+
+A JWT consists of three parts separated by dots:
+
+- **Header**: Contains the token type and signing algorithm
+- **Payload**: Contains the claims (user data, permissions, expiration, etc.)
+- **Signature**: Ensures the token hasn't been tampered with
+
+## Usage
+
+1. Configure the request, folder, or workspace to use JWT Authentication
+2. Set up your signing algorithm and secret/key
+3. Configure the required claims for your JWT
+4. The plugin will generate, sign, and include the JWT in your requests
+
+## Common Use Cases
+
+JWT authentication is commonly used for:
+
+- **Microservices Authentication**: Service-to-service communication
+- **API Gateway Integration**: Authenticating with API gateways
+- **Single Sign-On (SSO)**: Sharing authentication across applications
+- **Stateless Authentication**: No server-side session storage required
+- **Mobile App APIs**: Secure authentication for mobile applications
+- **Third-party Integrations**: Authenticating with external services
+
+## Troubleshooting
+
+- **Invalid Signature**: Check your secret/key and algorithm configuration
+- **Token Expired**: Verify expiration time settings
+- **Invalid Claims**: Ensure required claims are properly configured
+- **Algorithm Mismatch**: Verify the algorithm matches what the API expects
+- **Key Format Issues**: Ensure RSA keys are in the correct PEM format

plugins/auth-jwt/package.json

@@ -1,10 +1,18 @@
 {
-  "name": "@yaakapp/auth-jwt",
+  "name": "@yaak/auth-jwt",
+  "displayName": "JSON Web Tokens",
+  "description": "Authenticate requests using JSON web tokens (JWT)",
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/mountain-loop/yaak.git",
+    "directory": "plugins/auth-jwt"
+  },
   "private": true,
-  "version": "0.0.1",
+  "version": "0.1.0",
   "scripts": {
-    "build": "yaakcli build ./src/index.ts",
-    "dev": "yaakcli dev ./src/index.js"
+    "build": "yaakcli build",
+    "dev": "yaakcli dev",
+    "lint": "eslint . --ext .ts,.tsx"
   },
   "dependencies": {
     "jsonwebtoken": "^9.0.2"

plugins/auth-jwt/src/index.ts

@@ -1,4 +1,4 @@
-import { PluginDefinition } from '@yaakapp/api';
+import type { PluginDefinition } from '@yaakapp/api';
 import jwt from 'jsonwebtoken';
 
 const algorithms = [
@@ -20,49 +20,49 @@ const algorithms = [
 const defaultAlgorithm = algorithms[0];
 
 export const plugin: PluginDefinition = {
-    authentication: {
-      name: 'jwt',
-      label: 'JWT Bearer',
-      shortLabel: 'JWT',
-      args: [
-        {
-          type: 'select',
-          name: 'algorithm',
-          label: 'Algorithm',
-          hideLabel: true,
-          defaultValue: defaultAlgorithm,
-          options: algorithms.map(value => ({ label: value === 'none' ? 'None' : value, value })),
-        },
-        {
-          type: 'text',
-          name: 'secret',
-          label: 'Secret or Private Key',
-          password: true,
-          optional: true,
-          multiLine: true,
-        },
-        {
-          type: 'checkbox',
-          name: 'secretBase64',
-          label: 'Secret is base64 encoded',
-        },
-        {
-          type: 'editor',
-          name: 'payload',
-          label: 'Payload',
-          language: 'json',
-          defaultValue: '{\n  "foo": "bar"\n}',
-          placeholder: '{ }',
-        },
-      ],
-      async onApply(_ctx, { values }) {
-        const { algorithm, secret: _secret, secretBase64, payload } = values;
-        const secret = secretBase64 ? Buffer.from(`${_secret}`, 'base64') : `${_secret}`;
-        const token = jwt.sign(`${payload}`, secret, { algorithm: algorithm as any });
-        const value = `Bearer ${token}`;
-        return { setHeaders: [{ name: 'Authorization', value }] };
-      }
-      ,
+  authentication: {
+    name: 'jwt',
+    label: 'JWT Bearer',
+    shortLabel: 'JWT',
+    args: [
+      {
+        type: 'select',
+        name: 'algorithm',
+        label: 'Algorithm',
+        hideLabel: true,
+        defaultValue: defaultAlgorithm,
+        options: algorithms.map((value) => ({ label: value === 'none' ? 'None' : value, value })),
+      },
+      {
+        type: 'text',
+        name: 'secret',
+        label: 'Secret or Private Key',
+        password: true,
+        optional: true,
+        multiLine: true,
+      },
+      {
+        type: 'checkbox',
+        name: 'secretBase64',
+        label: 'Secret is base64 encoded',
+      },
+      {
+        type: 'editor',
+        name: 'payload',
+        label: 'Payload',
+        language: 'json',
+        defaultValue: '{\n  "foo": "bar"\n}',
+        placeholder: '{ }',
+      },
+    ],
+    async onApply(_ctx, { values }) {
+      const { algorithm, secret: _secret, secretBase64, payload } = values;
+      const secret = secretBase64 ? Buffer.from(`${_secret}`, 'base64') : `${_secret}`;
+      const token = jwt.sign(`${payload}`, secret, {
+        algorithm: algorithm as (typeof algorithms)[number],
+      });
+      const value = `Bearer ${token}`;
+      return { setHeaders: [{ name: 'Authorization', value }] };
     },
-  }
-;
+  },
+};

plugins/auth-jwt/tsconfig.json

@@ -0,0 +1,3 @@
+{
+  "extends": "../../tsconfig.json"
+}

plugins/auth-oauth2/README.md

@@ -0,0 +1,72 @@
+# OAuth 2.0 Authentication
+
+An [OAuth 2.0](https://datatracker.ietf.org/doc/html/rfc6749) authentication plugin that
+supports multiple grant types and flows, enabling secure API authentication with OAuth 2.0
+providers.
+
+![Screenshot of OAuth 2.0 auth UI](screenshot.png)
+
+## Overview
+
+This plugin implements OAuth 2.0 authentication for requests, supporting the most common
+OAuth 2.0 grant types used in modern API integrations. It handles token management,
+automatic refresh, and [PKCE](https://datatracker.ietf.org/doc/html/rfc7636) (Proof Key
+for Code Exchange) for enhanced security.
+
+## Supported Grant Types
+
+### Authorization Code Flow
+
+The most secure and commonly used OAuth 2.0 flow for web applications.
+
+- Standard Authorization Code flow
+- Optional PKCE (Proof Key for Code Exchange) for enhanced security
+- Supports automatic token refresh
+
+### Client Credentials Flow
+
+Ideal for server-to-server authentication where no user interaction is required. 
+
+### Implicit Flow
+
+Legacy flow for single-page applications (deprecated but still supported):
+
+- Direct access token retrieval
+- No refresh token support
+- Suitable for legacy integrations
+
+### Resource Owner Password Credentials Flow
+
+Direct username/password authentication.
+
+- User credentials are exchanged directly for tokens
+- Should only be used with trusted applications
+- Supports automatic token refresh
+
+## Features
+
+- **Automatic Token Management**: Handles token storage, expiration, and refresh
+  automatically
+- **PKCE Support**: Enhanced security for Authorization Code flow
+- **Token Persistence**: Stores tokens between sessions
+- **Flexible Configuration**: Supports custom authorization and token endpoints
+- **Scope Management**: Configure required OAuth scopes for your API
+- **Error Handling**: Comprehensive error handling and user feedback
+
+## Usage
+
+1. Configure the request, folder, or workspace to use OAuth 2.0 Authentication
+2. Select the appropriate grant type for your use case
+3. Fill in the required OAuth 2.0 parameters from your API provider
+4. The plugin will handle the authentication flow and token management automatically
+
+## Compatibility
+
+This plugin is compatible with OAuth 2.0 providers including:
+
+- Google APIs
+- Microsoft Graph
+- GitHub API
+- Auth0
+- Okta
+- And many other OAuth 2.0 compliant services

plugins/auth-oauth2/package.json

@@ -1,9 +1,17 @@
 {
-  "name": "@yaakapp/auth-oauth2",
+  "name": "@yaak/auth-oauth2",
+  "displayName": "OAuth 2.0",
+  "description": "Authenticate requests using OAuth 2.0",
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/mountain-loop/yaak.git",
+    "directory": "plugins/auth-oauth2"
+  },
   "private": true,
-  "version": "0.0.1",
+  "version": "0.1.0",
   "scripts": {
-    "build": "yaakcli build ./src/index.ts",
-    "dev": "yaakcli dev ./src/index.js"
+    "build": "yaakcli build",
+    "dev": "yaakcli dev",
+    "lint": "eslint . --ext .ts,.tsx"
   }
 }

plugins/auth-oauth2/src/fetchAccessToken.ts

@@ -1,8 +1,8 @@
-import { Context, HttpRequest, HttpUrlParameter } from '@yaakapp/api';
+import type { Context, HttpRequest, HttpUrlParameter } from '@yaakapp/api';
 import { readFileSync } from 'node:fs';
-import { AccessTokenRawResponse } from './store';
+import type { AccessTokenRawResponse } from './store';
 
-export async function getAccessToken(
+export async function fetchAccessToken(
   ctx: Context,
   {
     accessTokenUrl,

plugins/auth-oauth2/src/getOrRefreshAccessToken.ts

@@ -1,29 +1,34 @@
-import { Context, HttpRequest } from '@yaakapp/api';
+import type { Context, HttpRequest } from '@yaakapp/api';
 import { readFileSync } from 'node:fs';
-import { AccessToken, AccessTokenRawResponse, deleteToken, getToken, storeToken } from './store';
+import type { AccessToken, AccessTokenRawResponse, TokenStoreArgs } from './store';
+import { deleteToken, getToken, storeToken } from './store';
+import { isTokenExpired } from './util';
 
-export async function getOrRefreshAccessToken(ctx: Context, contextId: string, {
-  scope,
-  accessTokenUrl,
-  credentialsInBody,
-  clientId,
-  clientSecret,
-  forceRefresh,
-}: {
-  scope: string | null;
-  accessTokenUrl: string;
-  credentialsInBody: boolean;
-  clientId: string;
-  clientSecret: string;
-  forceRefresh?: boolean;
-}): Promise<AccessToken | null> {
-  const token = await getToken(ctx, contextId);
+export async function getOrRefreshAccessToken(
+  ctx: Context,
+  tokenArgs: TokenStoreArgs,
+  {
+    scope,
+    accessTokenUrl,
+    credentialsInBody,
+    clientId,
+    clientSecret,
+    forceRefresh,
+  }: {
+    scope: string | null;
+    accessTokenUrl: string;
+    credentialsInBody: boolean;
+    clientId: string;
+    clientSecret: string;
+    forceRefresh?: boolean;
+  },
+): Promise<AccessToken | null> {
+  const token = await getToken(ctx, tokenArgs);
   if (token == null) {
     return null;
   }
 
-  const now = Date.now();
-  const isExpired = token.expiresAt && now > token.expiresAt;
+  const isExpired = isTokenExpired(token);
 
   // Return the current access token if it's still valid
   if (!isExpired && !forceRefresh) {
@@ -70,7 +75,7 @@ export async function getOrRefreshAccessToken(ctx: Context, contextId: string, {
     // Bad refresh token, so we'll force it to fetch a fresh access token by deleting
     // and returning null;
     console.log('[oauth2] Unauthorized refresh_token request');
-    await deleteToken(ctx, contextId);
+    await deleteToken(ctx, tokenArgs);
     return null;
   }
 
@@ -79,7 +84,9 @@ export async function getOrRefreshAccessToken(ctx: Context, contextId: string, {
   console.log('[oauth2] Got refresh token response', resp.status);
 
   if (resp.status < 200 || resp.status >= 300) {
-    throw new Error('Failed to refresh access token with status=' + resp.status + ' and body=' + body);
+    throw new Error(
+      'Failed to refresh access token with status=' + resp.status + ' and body=' + body,
+    );
   }
 
   let response;
@@ -90,7 +97,9 @@ export async function getOrRefreshAccessToken(ctx: Context, contextId: string, {
   }
 
   if (response.error) {
-    throw new Error(`Failed to fetch access token with ${response.error} -> ${response.error_description}`);
+    throw new Error(
+      `Failed to fetch access token with ${response.error} -> ${response.error_description}`,
+    );
   }
 
   const newResponse: AccessTokenRawResponse = {
@@ -99,5 +108,5 @@ export async function getOrRefreshAccessToken(ctx: Context, contextId: string, {
     refresh_token: response.refresh_token ?? token.response.refresh_token,
   };
 
-  return storeToken(ctx, contextId, newResponse);
+  return storeToken(ctx, tokenArgs, newResponse);
 }

plugins/auth-oauth2/src/grants/authorizationCode.ts

@@ -1,8 +1,9 @@
-import { Context } from '@yaakapp/api';
+import type { Context } from '@yaakapp/api';
 import { createHash, randomBytes } from 'node:crypto';
-import { getAccessToken } from '../getAccessToken';
+import { fetchAccessToken } from '../fetchAccessToken';
 import { getOrRefreshAccessToken } from '../getOrRefreshAccessToken';
-import { AccessToken, getDataDirKey, storeToken } from '../store';
+import type { AccessToken, TokenStoreArgs } from '../store';
+import { getDataDirKey, storeToken } from '../store';
 
 export const PKCE_SHA256 = 'S256';
 export const PKCE_PLAIN = 'plain';
@@ -34,13 +35,20 @@ export async function getAuthorizationCode(
     audience: string | null;
     credentialsInBody: boolean;
     pkce: {
-      challengeMethod: string | null;
-      codeVerifier: string | null;
+      challengeMethod: string;
+      codeVerifier: string;
     } | null;
     tokenName: 'access_token' | 'id_token';
   },
 ): Promise<AccessToken> {
-  const token = await getOrRefreshAccessToken(ctx, contextId, {
+  const tokenArgs: TokenStoreArgs = {
+    contextId,
+    clientId,
+    accessTokenUrl,
+    authorizationUrl: authorizationUrlRaw,
+  };
+
+  const token = await getOrRefreshAccessToken(ctx, tokenArgs, {
     accessTokenUrl,
     scope,
     clientId,
@@ -51,7 +59,12 @@ export async function getAuthorizationCode(
     return token;
   }
 
-  const authorizationUrl = new URL(`${authorizationUrlRaw ?? ''}`);
+  let authorizationUrl: URL;
+  try {
+    authorizationUrl = new URL(`${authorizationUrlRaw ?? ''}`);
+  } catch {
+    throw new Error(`Invalid authorization URL "${authorizationUrlRaw}"`);
+  }
   authorizationUrl.searchParams.set('response_type', 'code');
   authorizationUrl.searchParams.set('client_id', clientId);
   if (redirectUri) authorizationUrl.searchParams.set('redirect_uri', redirectUri);
@@ -59,26 +72,25 @@ export async function getAuthorizationCode(
   if (state) authorizationUrl.searchParams.set('state', state);
   if (audience) authorizationUrl.searchParams.set('audience', audience);
   if (pkce) {
-    const verifier = pkce.codeVerifier || createPkceCodeVerifier();
-    const challengeMethod = pkce.challengeMethod || DEFAULT_PKCE_METHOD;
     authorizationUrl.searchParams.set(
       'code_challenge',
-      createPkceCodeChallenge(verifier, challengeMethod),
+      pkceCodeChallenge(pkce.codeVerifier, pkce.challengeMethod),
     );
-    authorizationUrl.searchParams.set('code_challenge_method', challengeMethod);
+    authorizationUrl.searchParams.set('code_challenge_method', pkce.challengeMethod);
   }
 
-  return new Promise(async (resolve, reject) => {
-    const authorizationUrlStr = authorizationUrl.toString();
-    const logsEnabled = (await ctx.store.get('enable_logs')) ?? false;
-    console.log('[oauth2] Authorizing', authorizationUrlStr);
+  const logsEnabled = (await ctx.store.get('enable_logs')) ?? false;
+  const dataDirKey = await getDataDirKey(ctx, contextId);
+  const authorizationUrlStr = authorizationUrl.toString();
+  console.log('[oauth2] Authorizing', authorizationUrlStr);
 
+  // eslint-disable-next-line no-async-promise-executor
+  const code = await new Promise<string>(async (resolve, reject) => {
     let foundCode = false;
-
-    let { close } = await ctx.window.openUrl({
+    const { close } = await ctx.window.openUrl({
       url: authorizationUrlStr,
       label: 'oauth-authorization-url',
-      dataDirKey: await getDataDirKey(ctx, contextId),
+      dataDirKey,
       async onClose() {
         if (!foundCode) {
           reject(new Error('Authorization window closed'));
@@ -89,6 +101,7 @@ export async function getAuthorizationCode(
         if (logsEnabled) console.log('[oauth2] Navigated to', urlStr);
 
         if (url.searchParams.has('error')) {
+          close();
           return reject(new Error(`Failed to authorize: ${url.searchParams.get('error')}`));
         }
 
@@ -101,37 +114,35 @@ export async function getAuthorizationCode(
         // Close the window here, because we don't need it anymore!
         foundCode = true;
         close();
-
-        console.log('[oauth2] Code found');
-        const response = await getAccessToken(ctx, {
-          grantType: 'authorization_code',
-          accessTokenUrl,
-          clientId,
-          clientSecret,
-          scope,
-          audience,
-          credentialsInBody,
-          params: [
-            { name: 'code', value: code },
-            ...(redirectUri ? [{ name: 'redirect_uri', value: redirectUri }] : []),
-          ],
-        });
-
-        try {
-          resolve(await storeToken(ctx, contextId, response, tokenName));
-        } catch (err) {
-          reject(err);
-        }
+        resolve(code);
       },
     });
   });
+
+  console.log('[oauth2] Code found');
+  const response = await fetchAccessToken(ctx, {
+    grantType: 'authorization_code',
+    accessTokenUrl,
+    clientId,
+    clientSecret,
+    scope,
+    audience,
+    credentialsInBody,
+    params: [
+      { name: 'code', value: code },
+      ...(pkce ? [{ name: 'code_verifier', value: pkce.codeVerifier }] : []),
+      ...(redirectUri ? [{ name: 'redirect_uri', value: redirectUri }] : []),
+    ],
+  });
+
+  return storeToken(ctx, tokenArgs, response, tokenName);
 }
 
-function createPkceCodeVerifier() {
+export function genPkceCodeVerifier() {
   return encodeForPkce(randomBytes(32));
 }
 
-function createPkceCodeChallenge(verifier: string, method: string) {
+function pkceCodeChallenge(verifier: string, method: string) {
   if (method === 'plain') {
     return verifier;
   }

plugins/auth-oauth2/src/grants/clientCredentials.ts

@@ -1,6 +1,8 @@
-import { Context } from '@yaakapp/api';
-import { getAccessToken } from '../getAccessToken';
+import type { Context } from '@yaakapp/api';
+import { fetchAccessToken } from '../fetchAccessToken';
+import type { TokenStoreArgs } from '../store';
 import { getToken, storeToken } from '../store';
+import { isTokenExpired } from '../util';
 
 export async function getClientCredentials(
   ctx: Context,
@@ -21,14 +23,18 @@ export async function getClientCredentials(
     credentialsInBody: boolean;
   },
 ) {
-  const token = await getToken(ctx, contextId);
-  if (token) {
-    // resolve(token.response.access_token);
-    // TODO: Refresh token if expired
-    // return;
+  const tokenArgs: TokenStoreArgs = {
+    contextId,
+    clientId,
+    accessTokenUrl,
+    authorizationUrl: null,
+  };
+  const token = await getToken(ctx, tokenArgs);
+  if (token && !isTokenExpired(token)) {
+    return token;
   }
 
-  const response = await getAccessToken(ctx, {
+  const response = await fetchAccessToken(ctx, {
     grantType: 'client_credentials',
     accessTokenUrl,
     audience,
@@ -39,5 +45,5 @@ export async function getClientCredentials(
     params: [],
   });
 
-  return storeToken(ctx, contextId, response);
+  return storeToken(ctx, tokenArgs, response);
 }

plugins/auth-oauth2/src/grants/implicit.ts

@@ -1,7 +1,9 @@
-import { Context } from '@yaakapp/api';
-import { AccessToken, AccessTokenRawResponse, getToken, storeToken } from '../store';
+import type { Context } from '@yaakapp/api';
+import type { AccessToken, AccessTokenRawResponse } from '../store';
+import { getToken, storeToken } from '../store';
+import { isTokenExpired } from '../util';
 
-export function getImplicit(
+export async function getImplicit(
   ctx: Context,
   contextId: string,
   {
@@ -24,31 +26,41 @@ export function getImplicit(
     tokenName: 'access_token' | 'id_token';
   },
 ): Promise<AccessToken> {
-  return new Promise(async (resolve, reject) => {
-    const token = await getToken(ctx, contextId);
-    if (token) {
-      // resolve(token.response.access_token);
-      // TODO: Refresh token if expired
-      // return;
-    }
+  const tokenArgs = {
+    contextId,
+    clientId,
+    accessTokenUrl: null,
+    authorizationUrl: authorizationUrlRaw,
+  };
+  const token = await getToken(ctx, tokenArgs);
+  if (token != null && !isTokenExpired(token)) {
+    return token;
+  }
 
-    const authorizationUrl = new URL(`${authorizationUrlRaw ?? ''}`);
-    authorizationUrl.searchParams.set('response_type', 'token');
-    authorizationUrl.searchParams.set('client_id', clientId);
-    if (redirectUri) authorizationUrl.searchParams.set('redirect_uri', redirectUri);
-    if (scope) authorizationUrl.searchParams.set('scope', scope);
-    if (state) authorizationUrl.searchParams.set('state', state);
-    if (audience) authorizationUrl.searchParams.set('audience', audience);
-    if (responseType.includes('id_token')) {
-      authorizationUrl.searchParams.set(
-        'nonce',
-        String(Math.floor(Math.random() * 9999999999999) + 1),
-      );
-    }
+  let authorizationUrl: URL;
+  try {
+    authorizationUrl = new URL(`${authorizationUrlRaw ?? ''}`);
+  } catch {
+    throw new Error(`Invalid authorization URL "${authorizationUrlRaw}"`);
+  }
+  authorizationUrl.searchParams.set('response_type', 'token');
+  authorizationUrl.searchParams.set('client_id', clientId);
+  if (redirectUri) authorizationUrl.searchParams.set('redirect_uri', redirectUri);
+  if (scope) authorizationUrl.searchParams.set('scope', scope);
+  if (state) authorizationUrl.searchParams.set('state', state);
+  if (audience) authorizationUrl.searchParams.set('audience', audience);
+  if (responseType.includes('id_token')) {
+    authorizationUrl.searchParams.set(
+      'nonce',
+      String(Math.floor(Math.random() * 9999999999999) + 1),
+    );
+  }
 
-    const authorizationUrlStr = authorizationUrl.toString();
+  // eslint-disable-next-line no-async-promise-executor
+  const newToken = await new Promise<AccessToken>(async (resolve, reject) => {
     let foundAccessToken = false;
-    let { close } = await ctx.window.openUrl({
+    const authorizationUrlStr = authorizationUrl.toString();
+    const { close } = await ctx.window.openUrl({
       url: authorizationUrlStr,
       label: 'oauth-authorization-url',
       async onClose() {
@@ -76,11 +88,13 @@ export function getImplicit(
 
         const response = Object.fromEntries(params) as unknown as AccessTokenRawResponse;
         try {
-          resolve(await storeToken(ctx, contextId, response));
+          resolve(storeToken(ctx, tokenArgs, response));
         } catch (err) {
           reject(err);
         }
       },
     });
   });
+
+  return newToken;
 }

plugins/auth-oauth2/src/grants/password.ts

@@ -1,7 +1,8 @@
-import { Context } from '@yaakapp/api';
-import { getAccessToken } from '../getAccessToken';
+import type { Context } from '@yaakapp/api';
+import { fetchAccessToken } from '../fetchAccessToken';
 import { getOrRefreshAccessToken } from '../getOrRefreshAccessToken';
-import { AccessToken, storeToken } from '../store';
+import type { AccessToken, TokenStoreArgs } from '../store';
+import { storeToken } from '../store';
 
 export async function getPassword(
   ctx: Context,
@@ -26,7 +27,13 @@ export async function getPassword(
     credentialsInBody: boolean;
   },
 ): Promise<AccessToken> {
-  const token = await getOrRefreshAccessToken(ctx, contextId, {
+  const tokenArgs: TokenStoreArgs = {
+    contextId,
+    clientId,
+    accessTokenUrl,
+    authorizationUrl: null,
+  };
+  const token = await getOrRefreshAccessToken(ctx, tokenArgs, {
     accessTokenUrl,
     scope,
     clientId,
@@ -37,7 +44,7 @@ export async function getPassword(
     return token;
   }
 
-  const response = await getAccessToken(ctx, {
+  const response = await fetchAccessToken(ctx, {
     accessTokenUrl,
     clientId,
     clientSecret,
@@ -51,5 +58,5 @@ export async function getPassword(
     ],
   });
 
-  return storeToken(ctx, contextId, response);
+  return storeToken(ctx, tokenArgs, response);
 }

plugins/auth-oauth2/src/index.ts

@@ -1,4 +1,4 @@
-import {
+import type {
   Context,
   FormInputSelectOption,
   GetHttpAuthenticationConfigRequest,
@@ -6,6 +6,7 @@ import {
   PluginDefinition,
 } from '@yaakapp/api';
 import {
+  genPkceCodeVerifier,
   DEFAULT_PKCE_METHOD,
   getAuthorizationCode,
   PKCE_PLAIN,
@@ -14,7 +15,8 @@ import {
 import { getClientCredentials } from './grants/clientCredentials';
 import { getImplicit } from './grants/implicit';
 import { getPassword } from './grants/password';
-import { AccessToken, deleteToken, getToken, resetDataDirKey } from './store';
+import type { AccessToken, TokenStoreArgs } from './store';
+import { deleteToken, getToken, resetDataDirKey } from './store';
 
 type GrantType = 'authorization_code' | 'implicit' | 'password' | 'client_credentials';
 
@@ -81,8 +83,14 @@ export const plugin: PluginDefinition = {
     actions: [
       {
         label: 'Copy Current Token',
-        async onSelect(ctx, { contextId }) {
-          const token = await getToken(ctx, contextId);
+        async onSelect(ctx, { contextId, values }) {
+          const tokenArgs: TokenStoreArgs = {
+            contextId,
+            authorizationUrl: stringArg(values, 'authorizationUrl'),
+            accessTokenUrl: stringArg(values, 'accessTokenUrl'),
+            clientId: stringArg(values, 'clientId'),
+          };
+          const token = await getToken(ctx, tokenArgs);
           if (token == null) {
             await ctx.toast.show({ message: 'No token to copy', color: 'warning' });
           } else {
@@ -97,8 +105,14 @@ export const plugin: PluginDefinition = {
       },
       {
         label: 'Delete Token',
-        async onSelect(ctx, { contextId }) {
-          if (await deleteToken(ctx, contextId)) {
+        async onSelect(ctx, { contextId, values }) {
+          const tokenArgs: TokenStoreArgs = {
+            contextId,
+            authorizationUrl: stringArg(values, 'authorizationUrl'),
+            accessTokenUrl: stringArg(values, 'accessTokenUrl'),
+            clientId: stringArg(values, 'clientId'),
+          };
+          if (await deleteToken(ctx, tokenArgs)) {
             await ctx.toast.show({ message: 'Token deleted', color: 'success' });
           } else {
             await ctx.toast.show({ message: 'No token to delete', color: 'warning' });
@@ -219,9 +233,9 @@ export const plugin: PluginDefinition = {
       },
       {
         type: 'text',
-        name: 'pkceCodeVerifier',
+        name: 'pkceCodeChallenge',
         label: 'Code Verifier',
-        placeholder: 'Automatically generated if not provided',
+        placeholder: 'Automatically generated when not set',
         optional: true,
         dynamic: hiddenIfNot(['authorization_code'], ({ usePkce }) => !!usePkce),
       },
@@ -279,8 +293,14 @@ export const plugin: PluginDefinition = {
       {
         type: 'accordion',
         label: 'Access Token Response',
-        async dynamic(ctx, { contextId }) {
-          const token = await getToken(ctx, contextId);
+        async dynamic(ctx, { contextId, values }) {
+          const tokenArgs: TokenStoreArgs = {
+            contextId,
+            authorizationUrl: stringArg(values, 'authorizationUrl'),
+            accessTokenUrl: stringArg(values, 'accessTokenUrl'),
+            clientId: stringArg(values, 'clientId'),
+          };
+          const token = await getToken(ctx, tokenArgs);
           if (token == null) {
             return { hidden: true };
           }
@@ -310,12 +330,14 @@ export const plugin: PluginDefinition = {
         const authorizationUrl = stringArg(values, 'authorizationUrl');
         const accessTokenUrl = stringArg(values, 'accessTokenUrl');
         token = await getAuthorizationCode(ctx, contextId, {
-          accessTokenUrl: accessTokenUrl.match(/^https?:\/\//)
-            ? accessTokenUrl
-            : `https://${accessTokenUrl}`,
-          authorizationUrl: authorizationUrl.match(/^https?:\/\//)
-            ? authorizationUrl
-            : `https://${authorizationUrl}`,
+          accessTokenUrl:
+            accessTokenUrl === '' || accessTokenUrl.match(/^https?:\/\//)
+              ? accessTokenUrl
+              : `https://${accessTokenUrl}`,
+          authorizationUrl:
+            authorizationUrl === '' || authorizationUrl.match(/^https?:\/\//)
+              ? authorizationUrl
+              : `https://${authorizationUrl}`,
           clientId: stringArg(values, 'clientId'),
           clientSecret: stringArg(values, 'clientSecret'),
           redirectUri: stringArgOrNull(values, 'redirectUri'),
@@ -325,8 +347,8 @@ export const plugin: PluginDefinition = {
           credentialsInBody,
           pkce: values.usePkce
             ? {
-                challengeMethod: stringArg(values, 'pkceChallengeMethod'),
-                codeVerifier: stringArgOrNull(values, 'pkceCodeVerifier'),
+                challengeMethod: stringArg(values, 'pkceChallengeMethod') || DEFAULT_PKCE_METHOD,
+                codeVerifier: stringArg(values, 'pkceCodeVerifier') || genPkceCodeVerifier(),
               }
             : null,
           tokenName: tokenName,

plugins/auth-oauth2/src/store.ts

@@ -1,8 +1,9 @@
-import { Context } from '@yaakapp/api';
+import type { Context } from '@yaakapp/api';
+import { createHash } from 'node:crypto';
 
 export async function storeToken(
   ctx: Context,
-  contextId: string,
+  args: TokenStoreArgs,
   response: AccessTokenRawResponse,
   tokenName: 'access_token' | 'id_token' = 'access_token',
 ) {
@@ -15,16 +16,16 @@ export async function storeToken(
     response,
     expiresAt,
   };
-  await ctx.store.set<AccessToken>(tokenStoreKey(contextId), token);
+  await ctx.store.set<AccessToken>(tokenStoreKey(args), token);
   return token;
 }
 
-export async function getToken(ctx: Context, contextId: string) {
-  return ctx.store.get<AccessToken>(tokenStoreKey(contextId));
+export async function getToken(ctx: Context, args: TokenStoreArgs) {
+  return ctx.store.get<AccessToken>(tokenStoreKey(args));
 }
 
-export async function deleteToken(ctx: Context, contextId: string) {
-  return ctx.store.delete(tokenStoreKey(contextId));
+export async function deleteToken(ctx: Context, args: TokenStoreArgs) {
+  return ctx.store.delete(tokenStoreKey(args));
 }
 
 export async function resetDataDirKey(ctx: Context, contextId: string) {
@@ -37,8 +38,25 @@ export async function getDataDirKey(ctx: Context, contextId: string) {
   return `${contextId}::${key}`;
 }
 
-function tokenStoreKey(contextId: string) {
-  return ['token', contextId].join('::');
+export interface TokenStoreArgs {
+  contextId: string;
+  clientId: string;
+  accessTokenUrl: string | null;
+  authorizationUrl: string | null;
+}
+
+/**
+ * Generate a store key to use based on some arguments. The arguments will be normalized a bit to
+ * account for slight variations (like domains with and without a protocol scheme).
+ */
+function tokenStoreKey(args: TokenStoreArgs) {
+  const hash = createHash('md5');
+  if (args.contextId) hash.update(args.contextId.trim());
+  if (args.clientId) hash.update(args.clientId.trim());
+  if (args.accessTokenUrl) hash.update(args.accessTokenUrl.trim().replace(/^https?:\/\//, ''));
+  if (args.authorizationUrl) hash.update(args.authorizationUrl.trim().replace(/^https?:\/\//, ''));
+  const key = hash.digest('hex');
+  return ['token', key].join('::');
 }
 
 function dataDirStoreKey(contextId: string) {

plugins/auth-oauth2/src/util.ts

@@ -0,0 +1,5 @@
+import type { AccessToken } from './store';
+
+export function isTokenExpired(token: AccessToken) {
+  return token.expiresAt && Date.now() > token.expiresAt;
+}

plugins/auth-oauth2/tsconfig.json

@@ -0,0 +1,3 @@
+{
+  "extends": "../../tsconfig.json"
+}

plugins/exporter-curl/package.json

@@ -1,9 +0,0 @@
-{
-  "name": "@yaakapp/exporter-curl",
-  "private": true,
-  "version": "0.0.1",
-  "scripts": {
-    "build": "yaakcli build ./src/index.js",
-    "dev": "yaakcli dev ./src/index.js"
-  }
-}

plugins/filter-jsonpath/README.md

@@ -0,0 +1,59 @@
+# JSONPath
+
+A filter plugin that enables [JSONPath](https://en.wikipedia.org/wiki/JSONPath)
+extraction and filtering for JSON responses, making it easy to extract specific values
+from complex JSON structures.
+
+![Screenshot of JSONPath filtering](screenshot.png)
+
+## Overview
+
+This plugin provides JSONPath filtering for responses in Yaak. JSONPath is a query
+language for JSON, similar to XPath for XML, that provides the ability to extract data
+from JSON documents using a simple, expressive syntax. This is useful for working with
+complex API responses where you need to only view a small subset of response data.
+
+## How JSONPath Works
+
+JSONPath uses a dot-notation syntax to navigate JSON structures:
+
+- `$` - Root element
+- `.` - Child element
+- `..` - Recursive descent
+- `*` - Wildcard
+- `[]` - Array index or filter
+
+## JSONPath Syntax Examples
+
+### Basic Navigation
+
+```
+$.store.book[0].title          # First book title
+$.store.book[*].author         # All book authors
+$.store.book[-1]               # Last book
+$.store.book[0,1]              # First two books
+$.store.book[0:2]              # First two books (slice)
+```
+
+### Filtering
+
+```
+$.store.book[?(@.price < 10)]           # Books under $10
+$.store.book[?(@.author == 'Tolkien')]  # Books by Tolkien
+$.store.book[?(@.category == 'fiction')] # Fiction books
+```
+
+### Recursive Search
+
+```
+$..author                      # All authors anywhere in the document
+$..book[2]                     # Third book anywhere
+$..price                       # All prices in the document
+```
+
+## Usage
+
+1. Make an API request that returns JSON data
+2. Below the response body, click the filter icon
+3. Enter a JSONPath expression
+4. View the extracted data in the results panel

plugins/filter-jsonpath/package.json

@@ -1,10 +1,18 @@
 {
-  "name": "@yaakapp/filter-jsonpath",
+  "name": "@yaak/filter-jsonpath",
+  "displayName": "JSONPath Filter",
+  "description": "Filter JSON response data using JSONPath expressions",
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/mountain-loop/yaak.git",
+    "directory": "plugins/filter-jsonpath"
+  },
   "private": true,
-  "version": "0.0.1",
+  "version": "0.1.0",
   "scripts": {
-    "build": "yaakcli build ./src/index.ts",
-    "dev": "yaakcli dev ./src/index.js"
+    "build": "yaakcli build",
+    "dev": "yaakcli dev",
+    "lint": "eslint . --ext .ts,.tsx"
   },
   "dependencies": {
     "jsonpath-plus": "^10.3.0"

plugins/filter-jsonpath/src/index.ts

@@ -1,4 +1,4 @@
-import { PluginDefinition } from '@yaakapp/api';
+import type { PluginDefinition } from '@yaakapp/api';
 import { JSONPath } from 'jsonpath-plus';
 
 export const plugin: PluginDefinition = {
@@ -7,8 +7,12 @@ export const plugin: PluginDefinition = {
     description: 'Filter JSONPath',
     onFilter(_ctx, args) {
       const parsed = JSON.parse(args.payload);
-      const filtered = JSONPath({ path: args.filter, json: parsed });
-      return { filtered: JSON.stringify(filtered, null, 2) };
+      try {
+        const filtered = JSONPath({ path: args.filter, json: parsed });
+        return { content: JSON.stringify(filtered, null, 2) };
+      } catch (err) {
+        return { content: '', error: `Invalid filter: ${err}` };
+      }
     },
   },
 };

plugins/filter-jsonpath/tsconfig.json

@@ -0,0 +1,3 @@
+{
+  "extends": "../../tsconfig.json"
+}

plugins/filter-xpath/package.json

@@ -1,13 +1,16 @@
 {
-  "name": "@yaakapp/filter-xpath",
+  "name": "@yaak/filter-xpath",
+  "displayName": "XPath Filter",
+  "description": "Filter response XML data using XPath expressions",
   "private": true,
-  "version": "0.0.1",
+  "version": "0.1.0",
   "scripts": {
-    "build": "yaakcli build ./src/index.js",
-    "dev": "yaakcli dev ./src/index.js"
+    "build": "yaakcli build",
+    "dev": "yaakcli dev",
+    "lint": "eslint . --ext .ts,.tsx"
   },
   "dependencies": {
-    "@xmldom/xmldom": "^0.8.10",
+    "@xmldom/xmldom": "^0.9.8",
     "xpath": "^0.0.34"
   }
 }

plugins/filter-xpath/src/index.ts

@@ -1,5 +1,5 @@
 import { DOMParser } from '@xmldom/xmldom';
-import { PluginDefinition } from '@yaakapp/api';
+import type { PluginDefinition } from '@yaakapp/api';
 import xpath from 'xpath';
 
 export const plugin: PluginDefinition = {
@@ -7,14 +7,18 @@ export const plugin: PluginDefinition = {
     name: 'XPath',
     description: 'Filter XPath',
     onFilter(_ctx, args) {
-      const doc = new DOMParser().parseFromString(args.payload, 'text/xml');
-      const result = xpath.select(args.filter, doc, false);
-
-      if (Array.isArray(result)) {
-        return { filtered: result.map(r => String(r)).join('\n') };
-      } else {
-        // Not sure what cases this happens in (?)
-        return { filtered: String(result) };
+      // eslint-disable-next-line @typescript-eslint/no-explicit-any
+      const doc: any = new DOMParser().parseFromString(args.payload, 'text/xml');
+      try {
+        const result = xpath.select(args.filter, doc, false);
+        if (Array.isArray(result)) {
+          return { content: result.map((r) => String(r)).join('\n') };
+        } else {
+          // Not sure what cases this happens in (?)
+          return { content: String(result) };
+        }
+      } catch (err) {
+        return { content: '', error: `Invalid filter: ${err}` };
       }
     },
   },

plugins/filter-xpath/tsconfig.json

@@ -0,0 +1,3 @@
+{
+  "extends": "../../tsconfig.json"
+}

plugins/importer-curl/package.json

@@ -1,10 +1,13 @@
 {
-  "name": "@yaakapp/importer-curl",
+  "name": "@yaak/importer-curl",
+  "displayName": "cURL Importer",
+  "description": "Import requests from cURL commands",
   "private": true,
-  "version": "0.0.1",
+  "version": "0.1.0",
   "scripts": {
-    "build": "yaakcli build ./src/index.js",
-    "dev": "yaakcli dev ./src/index.js"
+    "build": "yaakcli build",
+    "dev": "yaakcli dev",
+    "lint": "eslint . --ext .ts,.tsx"
   },
   "dependencies": {
     "shell-quote": "^1.8.1"

plugins/importer-curl/src/index.ts

@@ -1,5 +1,6 @@
-import { Context, Environment, Folder, HttpRequest, HttpUrlParameter, PluginDefinition, Workspace } from '@yaakapp/api';
-import { ControlOperator, parse, ParseEntry } from 'shell-quote';
+import type { Context, Environment, Folder, HttpRequest, HttpUrlParameter, PluginDefinition, Workspace } from '@yaakapp/api';
+import type { ControlOperator, ParseEntry } from 'shell-quote';
+import { parse } from 'shell-quote';
 
 type AtLeast<T, K extends keyof T> = Partial<T> & Pick<T, K>;
 
@@ -40,6 +41,7 @@ export const plugin: PluginDefinition = {
     name: 'cURL',
     description: 'Import cURL commands',
     onImport(_ctx: Context, args: { text: string }) {
+      // eslint-disable-next-line @typescript-eslint/no-explicit-any
       return convertCurl(args.text) as any;
     },
   },
@@ -177,19 +179,15 @@ function importCommand(parseEntries: ParseEntry[], workspaceId: string) {
   // Build the request //
   // ~~~~~~~~~~~~~~~~~ //
 
-  // Url and Parameters
-  let urlParameters: HttpUrlParameter[];
-  let url: string;
-
   const urlArg = getPairValue(flagsByName, (singletons[0] as string) || '', ['url']);
   const [baseUrl, search] = splitOnce(urlArg, '?');
-  urlParameters =
+  const urlParameters: HttpUrlParameter[] =
     search?.split('&').map((p) => {
       const v = splitOnce(p, '=');
       return { name: decodeURIComponent(v[0] ?? ''), value: decodeURIComponent(v[1] ?? ''), enabled: true };
     }) ?? [];
 
-  url = baseUrl ?? urlArg;
+  const url = baseUrl ?? urlArg;
 
   // Query params
   for (const p of flagsByName['url-query'] ?? []) {
@@ -375,7 +373,7 @@ interface DataParameter {
 }
 
 function pairsToDataParameters(keyedPairs: FlagsByName): DataParameter[] {
-  let dataParameters: DataParameter[] = [];
+  const dataParameters: DataParameter[] = [];
 
   for (const flagName of DATA_FLAGS) {
     const pairs = keyedPairs[flagName];
@@ -386,9 +384,9 @@ function pairsToDataParameters(keyedPairs: FlagsByName): DataParameter[] {
 
     for (const p of pairs) {
       if (typeof p !== 'string') continue;
-      let params = p.split("&");
+      const params = p.split("&");
       for (const param of params) {
-        const [name, value] = param.split('=');
+        const [name, value] = splitOnce(param, '=');
         if (param.startsWith('@')) {
           // Yaak doesn't support files in url-encoded data, so
           dataParameters.push({

plugins/importer-curl/tests/index.test.ts

@@ -1,4 +1,4 @@
-import { HttpRequest, Workspace } from '@yaakapp/api';
+import type { HttpRequest, Workspace } from '@yaakapp/api';
 import { describe, expect, test } from 'vitest';
 import { convertCurl } from '../src';
 
@@ -221,20 +221,20 @@ describe('importer-curl', () => {
   });
 
   test('Imports post data into URL', () => {
-    expect(
-      convertCurl('curl -G https://api.stripe.com/v1/payment_links -d limit=3'),
-    ).toEqual({
+    expect(convertCurl('curl -G https://api.stripe.com/v1/payment_links -d limit=3')).toEqual({
       resources: {
         workspaces: [baseWorkspace()],
         httpRequests: [
           baseRequest({
             method: 'GET',
             url: 'https://api.stripe.com/v1/payment_links',
-            urlParameters: [{
-              enabled: true,
-              name: 'limit',
-              value: '3',
-            }],
+            urlParameters: [
+              {
+                enabled: true,
+                name: 'limit',
+                value: '3',
+              },
+            ],
           }),
         ],
       },
@@ -243,7 +243,9 @@ describe('importer-curl', () => {
 
   test('Imports multi-line JSON', () => {
     expect(
-      convertCurl(`curl -H Content-Type:application/json -d $'{\n  "foo":"bar"\n}' https://yaak.app`),
+      convertCurl(
+        `curl -H Content-Type:application/json -d $'{\n  "foo":"bar"\n}' https://yaak.app`,
+      ),
     ).toEqual({
       resources: {
         workspaces: [baseWorkspace()],
@@ -364,6 +366,31 @@ describe('importer-curl', () => {
       },
     });
   });
+
+  test('Imports weird body', () => {
+    expect(convertCurl(`curl 'https://yaak.app' -X POST --data-raw 'foo=bar=baz'`)).toEqual({
+      resources: {
+        workspaces: [baseWorkspace()],
+        httpRequests: [
+          baseRequest({
+            url: 'https://yaak.app',
+            method: "POST",
+            bodyType: 'application/x-www-form-urlencoded',
+            body: {
+              form: [{ name: 'foo', value: 'bar=baz', enabled: true }],
+            },
+            headers: [
+              {
+                enabled: true,
+                name: 'Content-Type',
+                value: 'application/x-www-form-urlencoded',
+              },
+            ],
+          }),
+        ],
+      },
+    });
+  });
 });
 
 const idCount: Partial<Record<string, number>> = {};

plugins/importer-curl/tsconfig.json

@@ -0,0 +1,3 @@
+{
+  "extends": "../../tsconfig.json"
+}

plugins/importer-insomnia/package.json

@@ -1,10 +1,13 @@
 {
-  "name": "@yaakapp/importer-insomnia",
+  "name": "@yaak/importer-insomnia",
+  "displayName": "Insomnia Importer",
+  "description": "Import data from Insomnia",
   "private": true,
-  "version": "0.0.1",
+  "version": "0.1.0",
   "scripts": {
-    "build": "yaakcli build ./src/index.js",
-    "dev": "yaakcli dev ./src/index.js"
+    "build": "yaakcli build",
+    "dev": "yaakcli dev",
+    "lint": "eslint . --ext .ts,.tsx"
   },
   "dependencies": {
     "yaml": "^2.4.2"

plugins/importer-insomnia/src/common.ts

@@ -4,11 +4,11 @@ export function convertSyntax(variable: string): string {
   return variable.replaceAll(/{{\s*(_\.)?([^}]+)\s*}}/g, '${[$2]}');
 }
 
-export function isJSObject(obj: any) {
+export function isJSObject(obj: unknown) {
   return Object.prototype.toString.call(obj) === '[object Object]';
 }
 
-export function isJSString(obj: any) {
+export function isJSString(obj: unknown) {
   return Object.prototype.toString.call(obj) === '[object String]';
 }
 

plugins/importer-insomnia/src/index.ts

@@ -1,4 +1,4 @@
-import { Context, PluginDefinition } from '@yaakapp/api';
+import type { Context, PluginDefinition } from '@yaakapp/api';
 import YAML from 'yaml';
 import { deleteUndefinedAttrs, isJSObject } from './common';
 import { convertInsomniaV4 } from './v4';
@@ -15,16 +15,18 @@ export const plugin: PluginDefinition = {
 };
 
 export function convertInsomnia(contents: string) {
-  let parsed: any;
+  let parsed: unknown;
 
   try {
     parsed = JSON.parse(contents);
-  } catch (e) {
+  } catch {
+    // Fall through
   }
 
   try {
     parsed = parsed ?? YAML.parse(contents);
-  } catch (e) {
+  } catch {
+    // Fall through
   }
 
   if (!isJSObject(parsed)) return null;

plugins/importer-insomnia/src/v4.ts

@@ -1,7 +1,8 @@
-import { PartialImportResources } from '@yaakapp/api';
+/* eslint-disable @typescript-eslint/no-explicit-any */
+import type { PartialImportResources } from '@yaakapp/api';
 import { convertId, convertSyntax, isJSObject } from './common';
 
-export function convertInsomniaV4(parsed: Record<string, any>) {
+export function convertInsomniaV4(parsed: any) {
   if (!Array.isArray(parsed.resources)) return null;
 
   const resources: PartialImportResources = {
@@ -14,7 +15,9 @@ export function convertInsomniaV4(parsed: Record<string, any>) {
   };
 
   // Import workspaces
-  const workspacesToImport = parsed.resources.filter(r => isJSObject(r) && r._type === 'workspace');
+  const workspacesToImport = parsed.resources.filter(
+    (r: any) => isJSObject(r) && r._type === 'workspace',
+  );
   for (const w of workspacesToImport) {
     resources.workspaces.push({
       id: convertId(w._id),
@@ -40,13 +43,9 @@ export function convertInsomniaV4(parsed: Record<string, any>) {
           resources.folders.push(importFolder(child, w._id));
           nextFolder(child._id);
         } else if (child._type === 'request') {
-          resources.httpRequests.push(
-            importHttpRequest(child, w._id),
-          );
+          resources.httpRequests.push(importHttpRequest(child, w._id));
         } else if (child._type === 'grpc_request') {
-          resources.grpcRequests.push(
-            importGrpcRequest(child, w._id),
-          );
+          resources.grpcRequests.push(importGrpcRequest(child, w._id));
         }
       }
     };
@@ -64,10 +63,7 @@ export function convertInsomniaV4(parsed: Record<string, any>) {
   return { resources };
 }
 
-function importHttpRequest(
-  r: any,
-  workspaceId: string,
-): PartialImportResources['httpRequests'][0] {
+function importHttpRequest(r: any, workspaceId: string): PartialImportResources['httpRequests'][0] {
   let bodyType: string | null = null;
   let body = {};
   if (r.body.mimeType === 'application/octet-stream') {
@@ -141,10 +137,7 @@ function importHttpRequest(
   };
 }
 
-function importGrpcRequest(
-  r: any,
-  workspaceId: string,
-): PartialImportResources['grpcRequests'][0] {
+function importGrpcRequest(r: any, workspaceId: string): PartialImportResources['grpcRequests'][0] {
   const parts = r.protoMethodName.split('/').filter((p: any) => p !== '');
   const service = parts[0] ?? null;
   const method = parts[1] ?? null;
@@ -186,13 +179,18 @@ function importFolder(f: any, workspaceId: string): PartialImportResources['fold
   };
 }
 
-function importEnvironment(e: any, workspaceId: string, isParent?: boolean): PartialImportResources['environments'][0] {
+function importEnvironment(
+  e: any,
+  workspaceId: string,
+  isParent?: boolean,
+): PartialImportResources['environments'][0] {
   return {
     id: convertId(e._id),
     createdAt: e.created ? new Date(e.created).toISOString().replace('Z', '') : undefined,
     updatedAt: e.modified ? new Date(e.modified).toISOString().replace('Z', '') : undefined,
     workspaceId: convertId(workspaceId),
-    // @ts-ignore
+    // eslint-disable-next-line @typescript-eslint/ban-ts-comment
+    // @ts-expect-error
     sortPriority: e.metaSortKey, // Will be added to Yaak later
     base: isParent ?? e.parentId === workspaceId,
     model: 'environment',

plugins/importer-insomnia/src/v5.ts

@@ -1,8 +1,16 @@
-import { PartialImportResources } from '@yaakapp/api';
+/* eslint-disable @typescript-eslint/no-explicit-any */
+import type { PartialImportResources } from '@yaakapp/api';
 import { convertId, convertSyntax, isJSObject } from './common';
 
-export function convertInsomniaV5(parsed: Record<string, any>) {
-  if (!Array.isArray(parsed.collection)) return null;
+export function convertInsomniaV5(parsed: any) {
+  // Assert parsed is object
+  if (parsed == null || typeof parsed !== 'object') {
+    return null;
+  }
+
+  if (!('collection' in parsed) || !Array.isArray(parsed.collection)) {
+    return null;
+  }
 
   const resources: PartialImportResources = {
     environments: [],
@@ -14,7 +22,7 @@ export function convertInsomniaV5(parsed: Record<string, any>) {
   };
 
   // Import workspaces
-  const meta: Record<string, any> = parsed.meta ?? {};
+  const meta = ('meta' in parsed ? parsed.meta : {}) as Record<string, any>;
   resources.workspaces.push({
     id: convertId(meta.id ?? 'collection'),
     createdAt: meta.created ? new Date(meta.created).toISOString().replace('Z', '') : undefined,
@@ -36,17 +44,11 @@ export function convertInsomniaV5(parsed: Record<string, any>) {
         resources.folders.push(importFolder(child, meta.id, parentId));
         nextFolder(child.children, child.meta.id);
       } else if (child.method) {
-        resources.httpRequests.push(
-          importHttpRequest(child, meta.id, parentId),
-        );
+        resources.httpRequests.push(importHttpRequest(child, meta.id, parentId));
       } else if (child.protoFileId) {
-        resources.grpcRequests.push(
-          importGrpcRequest(child, meta.id, parentId),
-        );
+        resources.grpcRequests.push(importGrpcRequest(child, meta.id, parentId));
       } else if (child.url) {
-        resources.websocketRequests.push(
-          importWebsocketRequest(child, meta.id, parentId),
-        );
+        resources.websocketRequests.push(importWebsocketRequest(child, meta.id, parentId));
       }
     }
   };
@@ -219,7 +221,11 @@ function importAuthentication(r: any) {
   return { authenticationType, authentication } as const;
 }
 
-function importFolder(f: any, workspaceId: string, parentId: string): PartialImportResources['folders'][0] {
+function importFolder(
+  f: any,
+  workspaceId: string,
+  parentId: string,
+): PartialImportResources['folders'][0] {
   const id = f.meta?.id ?? f._id;
   const created = f.meta?.created ?? f.created;
   const updated = f.meta?.modified ?? f.updated;
@@ -238,8 +244,11 @@ function importFolder(f: any, workspaceId: string, parentId: string): PartialImp
   };
 }
 
-
-function importEnvironment(e: any, workspaceId: string, isParent?: boolean): PartialImportResources['environments'][0] {
+function importEnvironment(
+  e: any,
+  workspaceId: string,
+  isParent?: boolean,
+): PartialImportResources['environments'][0] {
   const id = e.meta?.id ?? e._id;
   const created = e.meta?.created ?? e.created;
   const updated = e.meta?.modified ?? e.updated;
@@ -251,7 +260,8 @@ function importEnvironment(e: any, workspaceId: string, isParent?: boolean): Par
     updatedAt: updated ? new Date(updated).toISOString().replace('Z', '') : undefined,
     workspaceId: convertId(workspaceId),
     public: !e.isPrivate,
-    // @ts-ignore
+    // eslint-disable-next-line @typescript-eslint/ban-ts-comment
+    // @ts-expect-error
     sortPriority: sortKey, // Will be added to Yaak later
     base: isParent ?? e.parentId === workspaceId,
     model: 'environment',

plugins/importer-insomnia/tsconfig.json

@@ -0,0 +1,3 @@
+{
+  "extends": "../../tsconfig.json"
+}

plugins/importer-openapi/package.json

@@ -1,16 +1,19 @@
 {
-  "name": "@yaakapp/importer-openapi",
+  "name": "@yaak/importer-openapi",
+  "displayName": "OpenAPI Importer",
+  "description": "Import API specifications from OpenAPI/Swagger format",
   "private": true,
-  "version": "0.0.1",
+  "version": "0.1.0",
   "scripts": {
-    "build": "yaakcli build ./src/index.js",
-    "dev": "yaakcli dev ./src/index.js"
+    "build": "yaakcli build",
+    "dev": "yaakcli dev",
+    "lint": "eslint . --ext .ts,.tsx"
   },
   "dependencies": {
     "openapi-to-postmanv2": "^5.0.0",
     "yaml": "^2.4.2"
   },
   "devDependencies": {
-    "@types/openapi-to-postmanv2": "^3.2.4"
+    "@types/openapi-to-postmanv2": "^5.0.0"
   }
 }

plugins/importer-openapi/src/index.ts

@@ -1,32 +1,23 @@
-import { Context, Environment, Folder, HttpRequest, PluginDefinition, Workspace } from '@yaakapp/api';
+import { convertPostman } from '@yaak/importer-postman/src';
+import type { Context, PluginDefinition } from '@yaakapp/api';
+import type { ImportPluginResponse } from '@yaakapp/api/lib/plugins/ImporterPlugin';
 import { convert } from 'openapi-to-postmanv2';
-import { convertPostman } from '@yaakapp/importer-postman/src';
-
-type AtLeast<T, K extends keyof T> = Partial<T> & Pick<T, K>;
-
-interface ExportResources {
-  workspaces: AtLeast<Workspace, 'name' | 'id' | 'model'>[];
-  environments: AtLeast<Environment, 'name' | 'id' | 'model' | 'workspaceId'>[];
-  httpRequests: AtLeast<HttpRequest, 'name' | 'id' | 'model' | 'workspaceId'>[];
-  folders: AtLeast<Folder, 'name' | 'id' | 'model' | 'workspaceId'>[];
-}
 
 export const plugin: PluginDefinition = {
   importer: {
     name: 'OpenAPI',
     description: 'Import OpenAPI collections',
     onImport(_ctx: Context, args: { text: string }) {
-      return convertOpenApi(args.text) as any;
+      return convertOpenApi(args.text);
     },
   },
 };
 
-export async function convertOpenApi(
-  contents: string,
-): Promise<{ resources: ExportResources } | undefined> {
+export async function convertOpenApi(contents: string): Promise<ImportPluginResponse | undefined> {
   let postmanCollection;
   try {
     postmanCollection = await new Promise((resolve, reject) => {
+      // eslint-disable-next-line @typescript-eslint/no-explicit-any
       convert({ type: 'string', data: contents }, {}, (err, result: any) => {
         if (err != null) reject(err);
 
@@ -35,7 +26,7 @@ export async function convertOpenApi(
         }
       });
     });
-  } catch (err) {
+  } catch {
     // Probably not an OpenAPI file, so skip it
     return undefined;
   }

plugins/importer-openapi/tsconfig.json

@@ -0,0 +1,3 @@
+{
+  "extends": "../../tsconfig.json"
+}

plugins/importer-postman/package.json

@@ -1,10 +1,13 @@
 {
-  "name": "@yaakapp/importer-postman",
+  "name": "@yaak/importer-postman",
+  "displayName": "Postman Importer",
+  "description": "Import collections from Postman",
   "private": true,
-  "version": "0.0.1",
+  "version": "0.1.0",
   "main": "./build/index.js",
   "scripts": {
-    "build": "yaakcli build ./src/index.js",
-    "dev": "yaakcli dev ./src/index.js"
+    "build": "yaakcli build",
+    "dev": "yaakcli dev",
+    "lint": "eslint . --ext .ts,.tsx"
   }
 }

plugins/importer-postman/src/index.ts

@@ -1,13 +1,15 @@
-import {
+import type {
   Context,
   Environment,
   Folder,
   HttpRequest,
   HttpRequestHeader,
   HttpUrlParameter,
+  PartialImportResources,
   PluginDefinition,
   Workspace,
 } from '@yaakapp/api';
+import type { ImportPluginResponse } from '@yaakapp/api/lib/plugins/ImporterPlugin';
 
 const POSTMAN_2_1_0_SCHEMA = 'https://schema.getpostman.com/json/collection/v2.1.0/collection.json';
 const POSTMAN_2_0_0_SCHEMA = 'https://schema.getpostman.com/json/collection/v2.0.0/collection.json';
@@ -27,19 +29,19 @@ export const plugin: PluginDefinition = {
     name: 'Postman',
     description: 'Import postman collections',
     onImport(_ctx: Context, args: { text: string }) {
-      return convertPostman(args.text) as any;
+      return convertPostman(args.text);
     },
   },
 };
 
-export function convertPostman(
-  contents: string,
-): { resources: ExportResources } | undefined {
+export function convertPostman(contents: string): ImportPluginResponse | undefined {
   const root = parseJSONToRecord(contents);
   if (root == null) return;
 
   const info = toRecord(root.info);
-  const isValidSchema = VALID_SCHEMAS.includes(info.schema);
+  const isValidSchema = VALID_SCHEMAS.includes(
+    typeof info.schema === 'string' ? info.schema : 'n/a',
+  );
   if (!isValidSchema || !Array.isArray(root.item)) {
     return;
   }
@@ -53,11 +55,17 @@ export function convertPostman(
     folders: [],
   };
 
+  const rawDescription = info.description;
+  const description =
+    typeof rawDescription === 'object' && rawDescription !== null && 'content' in rawDescription
+      ? String(rawDescription.content)
+      : String(rawDescription);
+
   const workspace: ExportResources['workspaces'][0] = {
     model: 'workspace',
     id: generateId('workspace'),
-    name: info.name || 'Postman Import',
-    description: info.description?.content ?? info.description,
+    name: info.name ? String(info.name) : 'Postman Import',
+    description,
   };
   exportResources.workspaces.push(workspace);
 
@@ -68,17 +76,19 @@ export function convertPostman(
     name: 'Global Variables',
     workspaceId: workspace.id,
     variables:
-      root.variable?.map((v: any) => ({
+      toArray<{ key: string; value: string }>(root.variable).map((v) => ({
         name: v.key,
         value: v.value,
       })) ?? [],
   };
   exportResources.environments.push(environment);
 
-  const importItem = (v: Record<string, any>, folderId: string | null = null) => {
+  let sortPriorityIndex = 0;
+  const importItem = (v: Record<string, unknown>, folderId: string | null = null) => {
     if (typeof v.name === 'string' && Array.isArray(v.item)) {
       const folder: ExportResources['folders'][0] = {
         model: 'folder',
+        sortPriority: sortPriorityIndex++,
         workspaceId: workspace.id,
         id: generateId('folder'),
         name: v.name,
@@ -94,7 +104,11 @@ export function convertPostman(
       const requestAuthPath = importAuth(r.auth);
       const authPatch = requestAuthPath.authenticationType == null ? globalAuth : requestAuthPath;
 
-      const headers: HttpRequestHeader[] = toArray(r.header).map((h) => {
+      const headers: HttpRequestHeader[] = toArray<{
+        key: string;
+        value: string;
+        disabled?: boolean;
+      }>(r.header).map((h) => {
         return {
           name: h.key,
           value: h.value,
@@ -104,7 +118,9 @@ export function convertPostman(
 
       // Add body headers only if they don't already exist
       for (const bodyPatchHeader of bodyPatch.headers) {
-        const existingHeader = headers.find(h => h.name.toLowerCase() === bodyPatchHeader.name.toLowerCase());
+        const existingHeader = headers.find(
+          (h) => h.name.toLowerCase() === bodyPatchHeader.name.toLowerCase(),
+        );
         if (existingHeader) {
           continue;
         }
@@ -119,14 +135,15 @@ export function convertPostman(
         workspaceId: workspace.id,
         folderId,
         name: v.name,
-        description: v.description || undefined,
-        method: r.method || 'GET',
+        description: r.description ? String(r.description) : undefined,
+        method: typeof r.method === 'string' ? r.method : 'GET',
         url,
         urlParameters,
         body: bodyPatch.body,
         bodyType: bodyPatch.bodyType,
         authentication: authPatch.authentication,
         authenticationType: authPatch.authenticationType,
+        sortPriority: sortPriorityIndex++,
         headers,
       };
       exportResources.httpRequests.push(request);
@@ -139,17 +156,19 @@ export function convertPostman(
     importItem(item);
   }
 
-  const resources = deleteUndefinedAttrs(convertTemplateSyntax(exportResources));
+  const resources = deleteUndefinedAttrs(
+    convertTemplateSyntax(exportResources),
+  ) as PartialImportResources;
 
   return { resources };
 }
 
-function convertUrl(url: string | any): Pick<HttpRequest, 'url' | 'urlParameters'> {
-  if (typeof url === 'string') {
-    return { url, urlParameters: [] };
+function convertUrl(rawUrl: string | unknown): Pick<HttpRequest, 'url' | 'urlParameters'> {
+  if (typeof rawUrl === 'string') {
+    return { url: rawUrl, urlParameters: [] };
   }
 
-  url = toRecord(url);
+  const url = toRecord(rawUrl);
 
   let v = '';
 
@@ -199,10 +218,8 @@ function convertUrl(url: string | any): Pick<HttpRequest, 'url' | 'urlParameters
   return { url: v, urlParameters: params };
 }
 
-function importAuth(
-  rawAuth: any,
-): Pick<HttpRequest, 'authentication' | 'authenticationType'> {
-  const auth = toRecord(rawAuth);
+function importAuth(rawAuth: unknown): Pick<HttpRequest, 'authentication' | 'authenticationType'> {
+  const auth = toRecord<{ username?: string; password?: string; token?: string }>(rawAuth);
   if ('basic' in auth) {
     return {
       authenticationType: 'basic',
@@ -223,8 +240,22 @@ function importAuth(
   }
 }
 
-function importBody(rawBody: any): Pick<HttpRequest, 'body' | 'bodyType' | 'headers'> {
-  const body = toRecord(rawBody);
+function importBody(rawBody: unknown): Pick<HttpRequest, 'body' | 'bodyType' | 'headers'> {
+  const body = toRecord(rawBody) as {
+    mode: string;
+    graphql: { query?: string; variables?: string };
+    urlencoded?: { key?: string; value?: string; disabled?: boolean }[];
+    formdata?: {
+      key?: string;
+      value?: string;
+      disabled?: boolean;
+      contentType?: string;
+      src?: string;
+    }[];
+    raw?: string;
+    options?: { raw?: { language?: string } };
+    file?: { src?: string };
+  };
   if (body.mode === 'graphql') {
     return {
       headers: [
@@ -237,7 +268,10 @@ function importBody(rawBody: any): Pick<HttpRequest, 'body' | 'bodyType' | 'head
       bodyType: 'graphql',
       body: {
         text: JSON.stringify(
-          { query: body.graphql.query, variables: parseJSONToRecord(body.graphql.variables) },
+          {
+            query: body.graphql?.query || '',
+            variables: parseJSONToRecord(body.graphql?.variables || '{}'),
+          },
           null,
           2,
         ),
@@ -254,7 +288,7 @@ function importBody(rawBody: any): Pick<HttpRequest, 'body' | 'bodyType' | 'head
       ],
       bodyType: 'application/x-www-form-urlencoded',
       body: {
-        form: toArray(body.urlencoded).map((f) => ({
+        form: toArray<NonNullable<typeof body.urlencoded>[0]>(body.urlencoded).map((f) => ({
           enabled: !f.disabled,
           name: f.key ?? '',
           value: f.value ?? '',
@@ -272,19 +306,19 @@ function importBody(rawBody: any): Pick<HttpRequest, 'body' | 'bodyType' | 'head
       ],
       bodyType: 'multipart/form-data',
       body: {
-        form: toArray(body.formdata).map((f) =>
+        form: toArray<NonNullable<typeof body.formdata>[0]>(body.formdata).map((f) =>
           f.src != null
             ? {
-              enabled: !f.disabled,
-              contentType: f.contentType ?? null,
-              name: f.key ?? '',
-              file: f.src ?? '',
-            }
+                enabled: !f.disabled,
+                contentType: f.contentType ?? null,
+                name: f.key ?? '',
+                file: f.src ?? '',
+              }
             : {
-              enabled: !f.disabled,
-              name: f.key ?? '',
-              value: f.value ?? '',
-            },
+                enabled: !f.disabled,
+                name: f.key ?? '',
+                value: f.value ?? '',
+              },
         ),
       },
     };
@@ -315,21 +349,23 @@ function importBody(rawBody: any): Pick<HttpRequest, 'body' | 'bodyType' | 'head
   }
 }
 
-function parseJSONToRecord(jsonStr: string): Record<string, any> | null {
+function parseJSONToRecord<T>(jsonStr: string): Record<string, T> | null {
   try {
     return toRecord(JSON.parse(jsonStr));
-  } catch (err) {
+  } catch {
+    return null;
   }
-  return null;
 }
 
-function toRecord(value: any): Record<string, any> {
-  if (Object.prototype.toString.call(value) === '[object Object]') return value;
-  else return {};
+function toRecord<T>(value: Record<string, T> | unknown): Record<string, T> {
+  if (value && typeof value === 'object' && !Array.isArray(value)) {
+    return value as Record<string, T>;
+  }
+  return {};
 }
 
-function toArray(value: any): any[] {
-  if (Object.prototype.toString.call(value) === '[object Array]') return value;
+function toArray<T>(value: unknown): T[] {
+  if (Object.prototype.toString.call(value) === '[object Array]') return value as T[];
   else return [];
 }
 

plugins/importer-postman/tsconfig.json

@@ -0,0 +1,3 @@
+{
+  "extends": "../../tsconfig.json"
+}

plugins/importer-yaak/package.json

@@ -1,9 +1,12 @@
 {
-  "name": "@yaakapp/importer-yaak",
+  "name": "@yaak/importer-yaak",
+  "displayName": "Yaak Importer",
+  "description": "Import data from Yaak export files",
   "private": true,
-  "version": "0.0.1",
+  "version": "0.1.0",
   "scripts": {
-    "build": "yaakcli build ./src/index.js",
-    "dev": "yaakcli dev ./src/index.js"
+    "build": "yaakcli build",
+    "dev": "yaakcli dev",
+    "lint": "eslint . --ext .ts,.tsx"
   }
 }

plugins/importer-yaak/src/index.ts

@@ -1,11 +1,11 @@
-import { Environment, PluginDefinition } from '@yaakapp/api';
+import type { Environment, PluginDefinition } from '@yaakapp/api';
 
 export const plugin: PluginDefinition = {
   importer: {
     name: 'Yaak',
     description: 'Yaak official format',
     onImport(_ctx, args) {
-      return migrateImport(args.text) as any;
+      return migrateImport(args.text);
     },
   },
 };
@@ -14,7 +14,7 @@ export function migrateImport(contents: string) {
   let parsed;
   try {
     parsed = JSON.parse(contents);
-  } catch (err) {
+  } catch {
     return undefined;
   }
 
@@ -69,6 +69,6 @@ export function migrateImport(contents: string) {
   return { resources: parsed.resources }; // Should already be in the correct format
 }
 
-function isJSObject(obj: any) {
+function isJSObject(obj: unknown) {
   return Object.prototype.toString.call(obj) === '[object Object]';
 }

plugins/importer-yaak/tsconfig.json

@@ -0,0 +1,3 @@
+{
+  "extends": "../../tsconfig.json"
+}

plugins/template-function-cookie/package.json

@@ -1,9 +1,12 @@
 {
-  "name": "@yaakapp/template-function-cookie",
+  "name": "@yaak/template-function-cookie",
+  "displayName": "Cookie Template Functions",
+  "description": "Template functions for working with cookies",
   "private": true,
-  "version": "0.0.1",
+  "version": "0.1.0",
   "scripts": {
-    "build": "yaakcli build ./src/index.ts",
-    "dev": "yaakcli dev ./src/index.js"
+    "build": "yaakcli build",
+    "dev": "yaakcli dev",
+    "lint": "eslint . --ext .ts,.tsx"
   }
 }

plugins/template-function-cookie/src/index.ts

@@ -1,4 +1,4 @@
-import { CallTemplateFunctionArgs, Context, PluginDefinition } from '@yaakapp/api';
+import type { CallTemplateFunctionArgs, Context, PluginDefinition } from '@yaakapp/api';
 
 export const plugin: PluginDefinition = {
   templateFunctions: [

plugins/template-function-cookie/tsconfig.json

@@ -0,0 +1,3 @@
+{
+  "extends": "../../tsconfig.json"
+}

plugins/template-function-encode/package.json

@@ -1,9 +1,12 @@
 {
-  "name": "@yaakapp/template-function-encode",
+  "name": "@yaak/template-function-encode",
+  "displayName": "Encoding Template Functions",
+  "description": "Template functions for encoding and decoding data",
   "private": true,
-  "version": "0.0.1",
+  "version": "0.1.0",
   "scripts": {
-    "build": "yaakcli build ./src/index.ts",
-    "dev": "yaakcli dev ./src/index.js"
+    "build": "yaakcli build",
+    "dev": "yaakcli dev",
+    "lint": "eslint . --ext .ts,.tsx"
   }
 }

plugins/template-function-encode/src/index.ts

@@ -1,4 +1,4 @@
-import { CallTemplateFunctionArgs, Context, PluginDefinition } from '@yaakapp/api';
+import type { CallTemplateFunctionArgs, Context, PluginDefinition } from '@yaakapp/api';
 
 export const plugin: PluginDefinition = {
   templateFunctions: [
@@ -7,7 +7,7 @@ export const plugin: PluginDefinition = {
       description: 'Encode a value to base64',
       args: [{ label: 'Plain Text', type: 'text', name: 'value', multiLine: true }],
       async onRender(_ctx: Context, args: CallTemplateFunctionArgs): Promise<string | null> {
-        return Buffer.from(args.values.value ?? '').toString('base64');
+        return Buffer.from(String(args.values.value ?? '')).toString('base64');
       },
     },
     {
@@ -15,7 +15,7 @@ export const plugin: PluginDefinition = {
       description: 'Decode a value from base64',
       args: [{ label: 'Encoded Value', type: 'text', name: 'value', multiLine: true }],
       async onRender(_ctx: Context, args: CallTemplateFunctionArgs): Promise<string | null> {
-        return Buffer.from(args.values.value ?? '', 'base64').toString('utf-8');
+        return Buffer.from(String(args.values.value ?? ''), 'base64').toString('utf-8');
       },
     },
     {
@@ -23,7 +23,7 @@ export const plugin: PluginDefinition = {
       description: 'Encode a value for use in a URL (percent-encoding)',
       args: [{ label: 'Plain Text', type: 'text', name: 'value', multiLine: true }],
       async onRender(_ctx: Context, args: CallTemplateFunctionArgs): Promise<string | null> {
-        return encodeURIComponent(args.values.value ?? '');
+        return encodeURIComponent(String(args.values.value ?? ''));
       },
     },
     {
@@ -32,7 +32,7 @@ export const plugin: PluginDefinition = {
       args: [{ label: 'Encoded Value', type: 'text', name: 'value', multiLine: true }],
       async onRender(_ctx: Context, args: CallTemplateFunctionArgs): Promise<string | null> {
         try {
-          return decodeURIComponent(args.values.value ?? '');
+          return decodeURIComponent(String(args.values.value ?? ''));
         } catch {
           return '';
         }

plugins/template-function-encode/tsconfig.json

@@ -0,0 +1,3 @@
+{
+  "extends": "../../tsconfig.json"
+}

plugins/template-function-fs/package.json

@@ -1,9 +1,12 @@
 {
-  "name": "@yaakapp/template-function-fs",
+  "name": "@yaak/template-function-fs",
+  "displayName": "File System Template Functions",
+  "description": "Template functions for working with the file system",
   "private": true,
-  "version": "0.0.1",
+  "version": "0.1.0",
   "scripts": {
-    "build": "yaakcli build ./src/index.ts",
-    "dev": "yaakcli dev ./src/index.js"
+    "build": "yaakcli build",
+    "dev": "yaakcli dev",
+    "lint": "eslint . --ext .ts,.tsx"
   }
 }

plugins/template-function-fs/src/index.ts

@@ -1,19 +1,21 @@
-import { CallTemplateFunctionArgs, Context, PluginDefinition } from '@yaakapp/api';
+import type { CallTemplateFunctionArgs, Context, PluginDefinition } from '@yaakapp/api';
 import fs from 'node:fs';
 
 export const plugin: PluginDefinition = {
-  templateFunctions: [{
-    name: 'fs.readFile',
-    description: 'Read the contents of a file as utf-8',
-    args: [{ title: 'Select File', type: 'file', name: 'path', label: 'File' }],
-    async onRender(_ctx: Context, args: CallTemplateFunctionArgs): Promise<string | null> {
-      if (!args.values.path) return null;
+  templateFunctions: [
+    {
+      name: 'fs.readFile',
+      description: 'Read the contents of a file as utf-8',
+      args: [{ title: 'Select File', type: 'file', name: 'path', label: 'File' }],
+      async onRender(_ctx: Context, args: CallTemplateFunctionArgs): Promise<string | null> {
+        if (!args.values.path) return null;
 
-      try {
-        return fs.promises.readFile(args.values.path, 'utf-8');
-      } catch (err) {
-        return null;
-      }
+        try {
+          return fs.promises.readFile(String(args.values.path ?? ''), 'utf-8');
+        } catch {
+          return null;
+        }
+      },
     },
-  }],
+  ],
 };

plugins/template-function-fs/tsconfig.json

@@ -0,0 +1,3 @@
+{
+  "extends": "../../tsconfig.json"
+}

plugins/template-function-hash/package.json

@@ -1,9 +1,12 @@
 {
-  "name": "@yaakapp/template-function-hash",
+  "name": "@yaak/template-function-hash",
+  "displayName": "Hash Template Functions",
+  "description": "Template functions for generating hash values",
   "private": true,
-  "version": "0.0.1",
+  "version": "0.1.0",
   "scripts": {
-    "build": "yaakcli build ./src/index.ts",
-    "dev": "yaakcli dev ./src/index.js"
+    "build": "yaakcli build",
+    "dev": "yaakcli dev",
+    "lint": "eslint . --ext .ts,.tsx"
   }
 }

plugins/template-function-hash/src/index.ts

@@ -1,4 +1,4 @@
-import { CallTemplateFunctionArgs, Context, PluginDefinition } from '@yaakapp/api';
+import type { CallTemplateFunctionArgs, Context, PluginDefinition } from '@yaakapp/api';
 import { createHash, createHmac } from 'node:crypto';
 
 const algorithms = ['md5', 'sha1', 'sha256', 'sha512'] as const;