feat: disable nodeIntegration in renderer mainWindow, remove Node import check tooling

.github/workflows/test.yml

@@ -47,15 +47,20 @@ jobs:
       - name: Lint
         run: npm run lint
 
-      - name: Check renderer Node import baseline
-        run: npm run check:renderer-node-imports
-
       - name: Type checks
         run: npm run type-check
 
       - name: Unit Tests
         run: npm test
 
+      - name: Check autocomplete snippets are up to date
+        run: |
+          npm run generate:autocomplete -w insomnia-scripting-environment
+          if ! git diff --exit-code packages/insomnia-scripting-environment/src/autocomplete-snippets.json; then
+            echo "::error::autocomplete-snippets.json is out of date. Run 'npm run generate:autocomplete -w insomnia-scripting-environment' and commit the result."
+            exit 1
+          fi
+
       - name: Checkout base branch (cycle comparison)
         if: github.event_name == 'pull_request' && always()
         uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2

package.json

@@ -27,7 +27,6 @@
   "scripts": {
     "dev": "npm start -w insomnia",
     "dev:autoRestart": "npm run start:autoRestart -w insomnia",
-    "check:renderer-node-imports": "npm run check:renderer-node-imports -w insomnia",
     "lint": "npm run lint --workspaces --if-present",
     "type-check": "npm run type-check --workspaces --if-present",
     "test": "npm run test --workspaces --if-present",

packages/insomnia-inso/esbuild.ts

@@ -1,11 +1,22 @@
 import fs from 'node:fs';
+import path from 'node:path';
 
-import { analyzeMetafile, build, type BuildOptions, context } from 'esbuild';
+import { analyzeMetafile, build, type BuildOptions, context, type Plugin } from 'esbuild';
 
 const isProd = Boolean(process.env.NODE_ENV === 'production');
 const watch = Boolean(process.env.ESBUILD_WATCH);
 const isDebug = Boolean(process.env.DEBUG);
 const version = process.env.VERSION || 'dev';
+// Redirects *.renderer imports to their *.node equivalents for node/CLI builds.
+const rendererToNodePlugin: Plugin = {
+  name: 'renderer-to-node',
+  setup(build) {
+    build.onResolve({ filter: /\.renderer$/ }, args => ({
+      path: path.resolve(args.resolveDir, args.path.replace('.renderer', '.node') + '.ts'),
+    }));
+  },
+};
+
 const config: BuildOptions = {
   outfile: './dist/index.js',
   bundle: true,
@@ -20,6 +31,7 @@ const config: BuildOptions = {
     electron: '../insomnia/send-request/electron',
   },
   plugins: [
+    rendererToNodePlugin,
     // taken from https://github.com/tjx666/awesome-vscode-extension-boilerplate/blob/main/scripts/esbuild.ts
     {
       name: 'umd2esm',

packages/insomnia-inso/src/cli.ts

@@ -23,7 +23,8 @@ import type {
 import { initServices, models } from 'insomnia-data';
 import { deserializeNDJSON } from 'insomnia-data/common';
 import { servicesNodeImpl } from 'insomnia-data/node';
-import { generate, runTestsCli } from 'insomnia-testing';
+import { generate } from 'insomnia-testing/src/generate/generate';
+import { runTestsCli } from 'insomnia-testing/src/run/run';
 import orderedJSON from 'json-order';
 import { parseArgsStringToArgv } from 'string-argv';
 import { v4 as uuidv4 } from 'uuid';

packages/insomnia-inso/src/commands/__mocks__/insomnia-testing.ts

@@ -1,6 +1,5 @@
 import { vi } from 'vitest';
 
 export const generate = vi.fn();
-export const generateToFile = vi.fn();
 export const runTests = vi.fn();
 export const runTestsCli = vi.fn();

packages/insomnia-scripting-environment/esbuild-runner.config.js

@@ -0,0 +1,5 @@
+module.exports = {
+  esbuild: {
+    external: ['@getinsomnia/node-libcurl', 'electron'],
+  },
+};

packages/insomnia-scripting-environment/package.json

@@ -8,7 +8,8 @@
   "scripts": {
     "lint": "eslint . --ext .js,.ts,.tsx --cache",
     "test": "vitest run",
-    "type-check": "tsc --project tsconfig.json"
+    "type-check": "tsc --project tsconfig.json",
+    "generate:autocomplete": "esr scripts/generate-autocomplete.ts"
   },
   "repository": {
     "type": "git",

packages/insomnia-scripting-environment/scripts/generate-autocomplete.ts

@@ -0,0 +1,129 @@
+// Regenerate src/autocomplete-snippets.json from the live scripting API.
+// Run from the package root: npm run generate:autocomplete
+//
+// This script instantiates the scripting classes in Node.js (where tough-cookie is fine)
+// and walks the object graph to derive autocomplete snippets. The output is committed as a
+// static JSON file so the renderer never has to import the scripting classes.
+//
+// Re-run this script whenever the public scripting API surface changes.
+
+import { writeFileSync } from 'node:fs';
+import path from 'node:path';
+
+// Import directly from source files to avoid pulling in send-request.ts (which
+// transitively imports the Electron-only libcurl native addon via the main package).
+const { CookieObject } = require('../src/objects/cookies.ts');
+const { Environment, Variables, Vault } = require('../src/objects/environments.ts');
+const { Execution } = require('../src/objects/execution.ts');
+const { InsomniaObject } = require('../src/objects/insomnia.ts');
+const { Request: ScriptRequest } = require('../src/objects/request.ts');
+const { RequestInfo } = require('../src/objects/request-info.ts');
+const { Response: ScriptResponse } = require('../src/objects/response.ts');
+const { Url } = require('../src/objects/urls.ts');
+const { ParentFolders } = require('../src/objects/folders.ts');
+
+interface Snippet {
+  displayValue: string;
+  name: string;
+  value: string;
+}
+
+function walk(obj: object, path: string): Snippet[] {
+  let snippets: Snippet[] = [];
+  const refs = new Set<unknown>();
+  const record = obj as Record<string, unknown>;
+
+  for (const key in obj) {
+    if (key.startsWith('_')) {
+      continue;
+    }
+
+    const value = record[key];
+
+    if (typeof value === 'object' && value !== null) {
+      if (refs.has(value)) {
+        continue;
+      }
+      refs.add(value);
+    }
+
+    if (typeof value === 'string' || typeof value === 'number' || typeof value === 'boolean') {
+      snippets.push({ displayValue: `${path}.${value}`, name: `${path}.${key}`, value: `${path}.${key}` });
+    } else if (typeof value === 'function') {
+      snippets.push({ displayValue: `${path}.${key}()`, name: `${path}.${key}()`, value: `${path}.${key}()` });
+    } else if (Array.isArray(value)) {
+      for (const item of value) {
+        snippets = snippets.concat(walk(item, `${path}.${key}`));
+      }
+    } else if (value !== null && typeof value === 'object') {
+      snippets = snippets.concat(walk(value as object, `${path}.${key}`));
+    }
+  }
+
+  return snippets;
+}
+
+const settings: any = { enableVaultInScripts: true };
+const req = new ScriptRequest({ url: new Url('http://placeholder.com') });
+
+const insomnia = new InsomniaObject({
+  globals: new Environment('globals', {}),
+  baseGlobals: new Environment('baseGlobals', {}),
+  iterationData: new Environment('iterationData', {}),
+  environment: new Environment('environment', {}),
+  baseEnvironment: new Environment('baseEnvironment', {}),
+  variables: new Variables({
+    baseGlobalVars: new Environment('baseGlobals', {}),
+    globalVars: new Environment('globals', {}),
+    environmentVars: new Environment('environment', {}),
+    collectionVars: new Environment('collection', {}),
+    iterationDataVars: new Environment('data', {}),
+    folderLevelVars: [],
+    localVars: new Environment('data', {}),
+  }),
+  vault: new Vault('vault', {}, true),
+  request: req,
+  response: new ScriptResponse({
+    code: 200,
+    reason: 'OK',
+    header: [
+      { key: 'header1', value: 'val1' },
+      { key: 'header2', value: 'val2' },
+    ],
+    cookie: [
+      { key: 'header1', value: 'val1' },
+      { key: 'header2', value: 'val2' },
+    ],
+    body: '{"key": 888}',
+    stream: undefined,
+    responseTime: 100,
+    originalRequest: req,
+  }),
+  settings,
+  clientCertificates: [],
+  cookies: new CookieObject({
+    _id: '',
+    type: 'CookieJar',
+    parentId: '',
+    modified: 0,
+    created: 0,
+    isPrivate: false,
+    name: '',
+    cookies: [],
+  }),
+  requestInfo: new RequestInfo({
+    eventName: 'prerequest',
+    iteration: 1,
+    iterationCount: 1,
+    requestName: '',
+    requestId: '',
+  }),
+  execution: new Execution({ location: ['path'] }),
+  parentFolders: new ParentFolders([]),
+});
+
+const snippets = walk(insomnia, 'insomnia');
+
+const outputPath = path.join(__dirname, '../src/autocomplete-snippets.json');
+writeFileSync(outputPath, JSON.stringify(snippets, null, 2) + '\n');
+console.log(`Wrote ${snippets.length} snippets to src/autocomplete-snippets.json`);