Skip to content

Add secret/connection usages SDK surface#516

Open
RhysSullivan wants to merge 1 commit intomainfrom
rs/normalize-secret-refs
Open

Add secret/connection usages SDK surface#516
RhysSullivan wants to merge 1 commit intomainfrom
rs/normalize-secret-refs

Conversation

@RhysSullivan
Copy link
Copy Markdown
Owner

@RhysSullivan RhysSullivan commented May 4, 2026

Summary

  • Plugins gain optional usagesForSecret / usagesForConnection callbacks. The executor fans out across them via executor.secrets.usages(id) / executor.connections.usages(id), returning a flat list of Usage rows that describe where a given secret or connection is referenced.
  • secrets.remove / connections.remove are now RESTRICT — they refuse with SecretInUseError / ConnectionInUseError when any plugin reports the id as in use, surfacing the count to the caller.
  • API exposes GET /scopes/:scopeId/secrets/:secretId/usages and the connection equivalent. React atoms + a "Used by …" footer on each row in the Secrets and Connections tabs round out the surface.

No plugin implements usagesFor* yet, so the footer is empty everywhere and remove still succeeds for everything. This is the foundation for follow-up commits that move secret/connection refs out of plugin-private JSON columns into normalized columns/child tables; once those land, the footer populates and remove starts blocking real usages.

Test plan

  • bunx --bun turbo typecheck --filter='!@executor-js/local' — 33/33 packages clean
  • bunx --bun vitest run in the SDK package — 172/172 pass
  • Manual: open Secrets and Connections tabs in the local app, confirm rows render unchanged (no usage rows yet)

@cloudflare-workers-and-pages
Copy link
Copy Markdown

cloudflare-workers-and-pages Bot commented May 4, 2026
edited
Loading

Deploying with  Cloudflare Workers  Cloudflare Workers

The latest updates on your project. Learn more about integrating Git with Workers.

Status Name Latest Commit Preview URL Updated (UTC)
✅ Deployment successful!
View logs		 executor-marketing d488f51 Commit Preview URL

Branch Preview URL		 May 04 2026, 07:51 PM

@cloudflare-workers-and-pages
Copy link
Copy Markdown

cloudflare-workers-and-pages Bot commented May 4, 2026
edited
Loading

Deploying with  Cloudflare Workers  Cloudflare Workers

The latest updates on your project. Learn more about integrating Git with Workers.

Status Name Latest Commit Updated (UTC)
✅ Deployment successful!
View logs		 executor-cloud d488f51 May 04 2026, 07:51 PM

@pkg-pr-new
Copy link
Copy Markdown

pkg-pr-new Bot commented May 4, 2026
edited
Loading

Open in StackBlitz

@executor-js/cli

npm i https://pkg.pr.new/@executor-js/cli@516

@executor-js/config

npm i https://pkg.pr.new/@executor-js/config@516

@executor-js/execution

npm i https://pkg.pr.new/@executor-js/execution@516

@executor-js/sdk

npm i https://pkg.pr.new/@executor-js/sdk@516

@executor-js/storage-core

npm i https://pkg.pr.new/@executor-js/storage-core@516

@executor-js/codemode-core

npm i https://pkg.pr.new/@executor-js/codemode-core@516

@executor-js/runtime-quickjs

npm i https://pkg.pr.new/@executor-js/runtime-quickjs@516

@executor-js/plugin-file-secrets

npm i https://pkg.pr.new/@executor-js/plugin-file-secrets@516

@executor-js/plugin-google-discovery

npm i https://pkg.pr.new/@executor-js/plugin-google-discovery@516

@executor-js/plugin-graphql

npm i https://pkg.pr.new/@executor-js/plugin-graphql@516

@executor-js/plugin-keychain

npm i https://pkg.pr.new/@executor-js/plugin-keychain@516

@executor-js/plugin-mcp

npm i https://pkg.pr.new/@executor-js/plugin-mcp@516

@executor-js/plugin-onepassword

npm i https://pkg.pr.new/@executor-js/plugin-onepassword@516

@executor-js/plugin-openapi

npm i https://pkg.pr.new/@executor-js/plugin-openapi@516

executor

npm i https://pkg.pr.new/executor@516

commit: d488f51

This was referenced May 4, 2026
Draft
Draft
Draft
@RhysSullivan Graphite App
Copy link
Copy Markdown
Owner Author

RhysSullivan commented May 4, 2026
edited
Loading

This stack of pull requests is managed by Graphite. Learn more about stacking.

@RhysSullivan RhysSullivan mentioned this pull request May 4, 2026
Draft
@RhysSullivan
Add secret/connection usages SDK surface + UI placeholder
d488f51 
Plugins gain optional `usagesForSecret` / `usagesForConnection` callbacks
that the executor fans out across via `executor.secrets.usages(id)` and
`executor.connections.usages(id)`. Secret/connection removal is now
RESTRICT — refuses with `SecretInUseError` / `ConnectionInUseError` when
any plugin reports the id as in use, surfacing the count to the caller.

API gains GET `/secrets/:id/usages` and `/connections/:id/usages`
endpoints. React atoms and a small "Used by …" footer on each row in
the Secrets and Connections tabs round out the surface.

No plugin implements `usagesForSecret`/`usagesForConnection` yet, so
the footer renders nothing and remove still succeeds for everything.
Plugin migration lands in follow-up commits.
@RhysSullivan RhysSullivan force-pushed the rs/normalize-secret-refs branch from e0a2079 to d488f51 Compare May 4, 2026 19:50
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@RhysSullivan