From 585f61f1a1529977024ceab54bffc69cb38e3401 Mon Sep 17 00:00:00 2001 From: Justin Poehnelt Date: Wed, 25 Jun 2025 13:43:24 -0700 Subject: [PATCH 1/4] fix: additional sensitive/restricted scopes --- src/scopes.ts | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/scopes.ts b/src/scopes.ts index c788cb6..3e04e9f 100644 --- a/src/scopes.ts +++ b/src/scopes.ts @@ -140,6 +140,8 @@ const SENSITIVE_SCOPES = [ "https://www.googleapis.com/auth/chat.app.spaces.create", "https://www.googleapis.com/auth/chat.customemojis", "https://www.googleapis.com/auth/chat.customemojis.readonly", + "https://www.googleapis.com/auth/documents", + "https://www.googleapis.com/auth/documents.readonly", "https://www.googleapis.com/auth/chat.memberships", "https://www.googleapis.com/auth/chat.memberships.app", "https://www.googleapis.com/auth/chat.memberships.readonly", From fa3c5a43a79e0c87a0f52d53280b6b41d2a5bab2 Mon Sep 17 00:00:00 2001 From: Justin Poehnelt Date: Wed, 25 Jun 2025 13:43:54 -0700 Subject: [PATCH 2/4] feat: show suggested scopes --- src/scopes.ts | 42 ++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 42 insertions(+) diff --git a/src/scopes.ts b/src/scopes.ts index 3e04e9f..9371c1f 100644 --- a/src/scopes.ts +++ b/src/scopes.ts @@ -194,6 +194,40 @@ export function getScopeMarkdown(id: string): string { content.push( `This scope is ${scope.classification.toLowerCase()}. See [OAuth2 Verification](https://support.google.com/cloud/answer/13463073) for more information.`, ); + + const suggestions: { id: string; sharedPrefix: string }[] = []; + + for (const [altId, alt] of SCOPES) { + if ( + alt.classification === ScopeClassification.SENSITIVE || + alt.classification === ScopeClassification.RESTRICTED + ) { + continue; + } + + const sharedPrefix = getSharedPrefix(id, altId); + + if (sharedPrefix.length < id.length) { + continue; + } + + suggestions.push({ + id: altId, + sharedPrefix, + }); + } + + suggestions.sort(); + + if (suggestions.length > 0) { + content.push("Consider these scopes:"); + + for (const { id } of suggestions) { + content.push( + `- \`${id.replace("https://www.googleapis.com/auth/", "")}\` ${SCOPES.get(id)?.description ?? ""}`, + ); + } + } } if (scope.apis.length > 0) { @@ -208,3 +242,11 @@ export function getScopeMarkdown(id: string): string { return content.join("\n\n"); } + +function getSharedPrefix(a: string, b: string): string { + let i = 0; + while (i < a.length && i < b.length && a[i] === b[i]) { + i++; + } + return a.slice(0, i); +} From a296229579295862e35acd072ece83e9b0db1c31 Mon Sep 17 00:00:00 2001 From: Justin Poehnelt Date: Wed, 25 Jun 2025 13:44:34 -0700 Subject: [PATCH 3/4] chore: add changeset --- .changeset/eager-colts-peel.md | 5 +++++ 1 file changed, 5 insertions(+) create mode 100644 .changeset/eager-colts-peel.md diff --git a/.changeset/eager-colts-peel.md b/.changeset/eager-colts-peel.md new file mode 100644 index 0000000..44b9ece --- /dev/null +++ b/.changeset/eager-colts-peel.md @@ -0,0 +1,5 @@ +--- +"google-workspace-developer-tools": minor +--- + +Show alternative nonsensitive scopes. From eabd41a9ca986c0395e474f9590b289580505b6f Mon Sep 17 00:00:00 2001 From: Justin Poehnelt Date: Wed, 25 Jun 2025 14:46:40 -0600 Subject: [PATCH 4/4] fix: use comparator Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> --- src/scopes.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/scopes.ts b/src/scopes.ts index 9371c1f..d19c1f7 100644 --- a/src/scopes.ts +++ b/src/scopes.ts @@ -217,7 +217,7 @@ export function getScopeMarkdown(id: string): string { }); } - suggestions.sort(); + suggestions.sort((a, b) => b.sharedPrefix.length - a.sharedPrefix.length); if (suggestions.length > 0) { content.push("Consider these scopes:");