85453da49f
regression / regression-shards (style-16-prod style-9-prod style-17-prod iframe-render-compat variables-prod mp4-h265-sdr, shard-4) (push) Has been cancelled
regression / regression-shards (style-4-prod style-11-prod style-2-prod animejs-adapter typegpu-adapter parallel-capture-regression, shard-5) (push) Has been cancelled
regression / regression-shards (style-7-prod style-8-prod style-10-prod css-spinner-render-compat webm-transparency mp4-h264-sdr webm-vp9, shard-3) (push) Has been cancelled
regression / regression-shards (sub-composition-video style-18-prod raf-ball-render-compat font-variant-numeric sub-comp-t0 sub-comp-id-selector, shard-7) (push) Has been cancelled
Windows render verification / Detect changes (push) Has been cancelled
Windows render verification / Preflight (lint + format) (push) Has been cancelled
Windows render verification / Render on windows-latest (push) Has been cancelled
Windows render verification / Tests on windows-latest (push) Has been cancelled
CI / Detect changes (push) Has been cancelled
CI / Build (push) Has been cancelled
CI / Lint (push) Has been cancelled
CI / Fallow audit (push) Has been cancelled
CI / Format (push) Has been cancelled
CI / Typecheck (push) Has been cancelled
CI / Test (push) Has been cancelled
CI / Producer: integration tests (push) Has been cancelled
CI / Producer: unit tests (push) Has been cancelled
CI / File size check (push) Has been cancelled
CI / Test: skills (push) Has been cancelled
CI / Skills: manifest in sync (push) Has been cancelled
CI / CLI: npx shim (macos-latest) (push) Has been cancelled
CI / CLI: npx shim (ubuntu-latest) (push) Has been cancelled
CI / CLI: npx shim (windows-latest) (push) Has been cancelled
CI / SDK: unit + contract + smoke (push) Has been cancelled
CI / Test: runtime contract (push) Has been cancelled
CI / Studio: load smoke (push) Has been cancelled
CI / Smoke: global install (push) Has been cancelled
CI / CLI smoke (required) (push) Has been cancelled
CI / Semantic PR title (push) Has been cancelled
Player perf / Detect changes (push) Has been cancelled
Player perf / Preflight (lint + format) (push) Has been cancelled
Player perf / player-perf (push) Has been cancelled
Player perf / Perf: drift (push) Has been cancelled
Player perf / Perf: fps (push) Has been cancelled
Player perf / Perf: parity (push) Has been cancelled
Player perf / Perf: scrub (push) Has been cancelled
Player perf / Perf: load (push) Has been cancelled
preview-regression / Detect changes (push) Has been cancelled
preview-regression / Preflight (lint + format) (push) Has been cancelled
preview-regression / Preview parity (push) Has been cancelled
preview-regression / preview-regression (push) Has been cancelled
regression / regression (push) Has been cancelled
regression / Detect changes (push) Has been cancelled
regression / Preflight (lint + format) (push) Has been cancelled
regression / regression-shards (hdr-regression style-5-prod style-3-prod mov-prores, shard-1) (push) Has been cancelled
regression / regression-shards (overlay-montage-prod style-12-prod chat missing-host-comp-id png-sequence portrait-edge-bleed, shard-6) (push) Has been cancelled
regression / regression-shards (style-13-prod style-6-prod vignelli-stacking gsap-letters-render-compat audio-mux-parity, shard-8) (push) Has been cancelled
regression / regression-shards (style-15-prod hdr-hlg-regression style-1-prod many-cuts vfr-screen-recording render-symlinked-assets, shard-2) (push) Has been cancelled
CodeQL / Analyze (actions) (push) Has been cancelled
CodeQL / Analyze (javascript-typescript) (push) Has been cancelled
CodeQL / Analyze (python) (push) Has been cancelled
Docs / Validate docs (push) Has been cancelled
Sync skills to ClawHub / Publish changed skills (push) Has been cancelled
398 lines
15 KiB
TypeScript
398 lines
15 KiB
TypeScript
import type { FigmaAssetFormat, FigmaRef } from "./types";
|
|
|
|
/** Typed capability/transport failures per design spec §4.4. */
|
|
export type FigmaClientErrorCode =
|
|
| "NO_TOKEN"
|
|
| "BAD_TOKEN"
|
|
| "FORBIDDEN"
|
|
| "REQUIRES_ENTERPRISE"
|
|
| "RATE_LIMITED"
|
|
| "RENDER_FAILED"
|
|
| "NODE_NOT_FOUND"
|
|
| "HTTP_ERROR";
|
|
|
|
export class FigmaClientError extends Error {
|
|
readonly code: FigmaClientErrorCode;
|
|
readonly status?: number;
|
|
|
|
constructor(code: FigmaClientErrorCode, message: string, status?: number) {
|
|
super(message);
|
|
this.name = "FigmaClientError";
|
|
this.code = code;
|
|
this.status = status;
|
|
}
|
|
}
|
|
|
|
/** Injectable fetch so tests never touch the network. */
|
|
export type FigmaFetch = (
|
|
url: string,
|
|
init?: { headers?: Record<string, string> },
|
|
) => Promise<Response>;
|
|
|
|
export interface RenderNodeOptions {
|
|
format: FigmaAssetFormat;
|
|
scale?: number;
|
|
}
|
|
|
|
export interface RenderedNode {
|
|
/** short-lived figma CDN url — freeze it immediately */
|
|
url: string;
|
|
ext: FigmaAssetFormat;
|
|
}
|
|
|
|
export interface FigmaVariablePayload {
|
|
name: string;
|
|
key?: string;
|
|
resolvedType?: string;
|
|
valuesByMode?: Record<string, unknown>;
|
|
variableCollectionId?: string;
|
|
}
|
|
|
|
export interface FigmaVariablesResult {
|
|
variables: Record<string, FigmaVariablePayload>;
|
|
variableCollections: Record<string, unknown>;
|
|
}
|
|
|
|
export interface FigmaStyleMeta {
|
|
key: string;
|
|
name: string;
|
|
style_type: string;
|
|
node_id?: string;
|
|
description?: string;
|
|
}
|
|
|
|
/** Raw figma node document from GET /v1/files/:key/nodes. Field-level shape
|
|
* is consumed by nodeToHtml; kept loose here on purpose — consumers narrow
|
|
* children/fills/etc themselves. */
|
|
export interface FigmaNodeDocument {
|
|
id: string;
|
|
name: string;
|
|
type: string;
|
|
[field: string]: unknown;
|
|
}
|
|
|
|
export interface FigmaFileVersion {
|
|
version: string;
|
|
lastModified: string;
|
|
}
|
|
|
|
/** One batch render result — url is null when figma couldn't render that
|
|
* node (a bad node id in the batch shouldn't fail the whole call). */
|
|
export interface BatchRenderedNode {
|
|
nodeId: string;
|
|
url: string | null;
|
|
ext: FigmaAssetFormat;
|
|
}
|
|
|
|
export interface FigmaClient {
|
|
renderNode(ref: FigmaRef, opts: RenderNodeOptions): Promise<RenderedNode>;
|
|
/** Batch render many nodes of ONE file in a single /v1/images call — the
|
|
* documented rate-limit workaround (comma-separated ids). Per-node
|
|
* failures come back as url:null rather than throwing the batch. */
|
|
renderNodes(
|
|
fileKey: string,
|
|
nodeIds: string[],
|
|
opts: RenderNodeOptions,
|
|
): Promise<BatchRenderedNode[]>;
|
|
imageFills(fileKey: string): Promise<Map<string, string>>;
|
|
variables(fileKey: string): Promise<FigmaVariablesResult>;
|
|
styles(fileKey: string): Promise<FigmaStyleMeta[]>;
|
|
nodeTree(ref: FigmaRef): Promise<FigmaNodeDocument>;
|
|
fileVersion(fileKey: string): Promise<FigmaFileVersion>;
|
|
}
|
|
|
|
export interface FigmaClientOptions {
|
|
token: string;
|
|
fetch?: FigmaFetch;
|
|
baseUrl?: string;
|
|
/** Injectable delay for 429 backoff — tests pass a no-op so retries don't
|
|
* actually wait. Defaults to a real timer. */
|
|
sleep?: (ms: number) => Promise<void>;
|
|
/** Max 429 retries before giving up. Default 3. */
|
|
maxRetries?: number;
|
|
}
|
|
|
|
/** Read scope each endpoint needs, named exactly as figma's PAT settings UI
|
|
* lists them — so a 403 tells the user which checkbox to tick, not just
|
|
* "some read scope". The styles endpoint's `library_content:read` is the one
|
|
* the setup docs used to omit (it 403s even with file content + metadata). */
|
|
const SCOPE_HINTS = {
|
|
fileContent: "File content: Read-only",
|
|
fileMetadata: "File metadata: Read-only",
|
|
libraryContent: "Library content: Read-only (library_content:read)",
|
|
} as const;
|
|
|
|
/** Longest we'll auto-wait on a single Retry-After before giving up — past a
|
|
* minute the user is better off cancelling and reducing batch size (the
|
|
* RATE_LIMITED message says so) than watching the CLI block silently. */
|
|
const MAX_RETRY_WAIT_MS = 60_000;
|
|
|
|
/** Parse a Retry-After header (figma sends integer seconds; the HTTP spec
|
|
* also allows a date) into ms, capped at MAX_RETRY_WAIT_MS, or null when
|
|
* absent/unparseable. The cap keeps a spec-legal `Retry-After: 3600` (tier
|
|
* quota exhaustion) from silently blocking the CLI for an hour. */
|
|
function retryAfterMs(res: Response): number | null {
|
|
const raw = res.headers.get("retry-after");
|
|
if (raw === null) return null;
|
|
const secs = Number(raw);
|
|
if (Number.isFinite(secs)) return Math.min(MAX_RETRY_WAIT_MS, Math.max(0, secs * 1000));
|
|
const date = Date.parse(raw);
|
|
if (Number.isNaN(date)) return null;
|
|
return Math.min(MAX_RETRY_WAIT_MS, Math.max(0, date - Date.now()));
|
|
}
|
|
|
|
/** Figma's error bodies are precise — "Invalid token", or "Invalid scope(s):
|
|
* … requires the X scope" — and worth surfacing verbatim instead of a
|
|
* generic guess. The message lives under `err` on most endpoints but
|
|
* `message` on /variables; read both. Returns null when unparseable. */
|
|
async function readFigmaErrorMessage(res: Response): Promise<string | null> {
|
|
let text: string;
|
|
try {
|
|
text = await res.text();
|
|
} catch {
|
|
return null;
|
|
}
|
|
try {
|
|
const body: unknown = JSON.parse(text);
|
|
if (isRecord(body)) {
|
|
if (typeof body.err === "string") return body.err;
|
|
if (typeof body.message === "string") return body.message;
|
|
}
|
|
} catch {
|
|
// non-JSON body — fall through
|
|
}
|
|
return text.trim() === "" ? null : text.trim();
|
|
}
|
|
|
|
function requireNodeId(ref: FigmaRef): string {
|
|
if (!ref.nodeId) throw new Error(`figma ref ${ref.fileKey} has no nodeId`);
|
|
return ref.nodeId;
|
|
}
|
|
|
|
function isRecord(value: unknown): value is Record<string, unknown> {
|
|
return typeof value === "object" && value !== null;
|
|
}
|
|
|
|
function optionalString(value: unknown): string | undefined {
|
|
return typeof value === "string" ? value : undefined;
|
|
}
|
|
|
|
function toVariablePayload(payload: unknown): FigmaVariablePayload | null {
|
|
if (!isRecord(payload) || typeof payload.name !== "string") return null;
|
|
return {
|
|
name: payload.name,
|
|
key: optionalString(payload.key),
|
|
resolvedType: optionalString(payload.resolvedType),
|
|
valuesByMode: isRecord(payload.valuesByMode) ? payload.valuesByMode : undefined,
|
|
variableCollectionId: optionalString(payload.variableCollectionId),
|
|
};
|
|
}
|
|
|
|
export function createFigmaClient(options: FigmaClientOptions): FigmaClient {
|
|
const token = options.token.trim();
|
|
if (token === "") {
|
|
throw new FigmaClientError(
|
|
"NO_TOKEN",
|
|
[
|
|
"FIGMA_TOKEN is missing. One-time setup:",
|
|
" 1. figma.com/settings → Security → Personal access tokens → Generate new token",
|
|
" 2. Scopes (read-only is all this integration ever needs — it never writes to figma):",
|
|
" File content: Read-only · File metadata: Read-only",
|
|
" Library content: Read-only (needed for the `tokens` published-styles fallback)",
|
|
" Variables: Read-only (optional — brand variables, requires figma Enterprise;",
|
|
" without it `tokens` falls back to published styles)",
|
|
' 3. export FIGMA_TOKEN="figd_…" — add it to your shell profile or the project .env',
|
|
" so future sessions skip this step",
|
|
"Then re-run this command.",
|
|
].join("\n"),
|
|
);
|
|
}
|
|
const doFetch: FigmaFetch = options.fetch ?? ((url, init) => fetch(url, init));
|
|
const base = options.baseUrl ?? "https://api.figma.com";
|
|
const sleep = options.sleep ?? ((ms: number) => new Promise((r) => setTimeout(r, ms)));
|
|
const maxRetries = options.maxRetries ?? 3;
|
|
|
|
interface GetOptions {
|
|
/** 403 → REQUIRES_ENTERPRISE (variables) rather than FORBIDDEN. */
|
|
enterpriseGated?: boolean;
|
|
/** scope named in a FORBIDDEN message so the user knows which to add. */
|
|
scopeHint?: string;
|
|
}
|
|
|
|
/** Map a 403 to the right typed error using figma's own response body:
|
|
* "Invalid token" is a bad PAT (figma returns 403, NOT 401, for these on
|
|
* file endpoints), "Invalid scope(s) … requires X" is a missing scope
|
|
* surfaced verbatim. Falls back to the endpoint's scopeHint when the body
|
|
* is silent. */
|
|
function forbiddenError(body: string | null, opts: GetOptions): FigmaClientError {
|
|
// Every branch RETURNS the error (the caller throws once) — no mixed
|
|
// throw/return, so a future caller that wraps the result gets consistent
|
|
// behavior across all three cases.
|
|
if (body && /invalid token/i.test(body))
|
|
return new FigmaClientError(
|
|
"BAD_TOKEN",
|
|
"figma rejected the token (403 Invalid token) — it is invalid, expired, or revoked. Re-mint at figma.com/settings → Security, then update FIGMA_TOKEN.",
|
|
403,
|
|
);
|
|
if (opts.enterpriseGated)
|
|
return new FigmaClientError(
|
|
"REQUIRES_ENTERPRISE",
|
|
"figma variables require an Enterprise plan (403) — fall back to styles",
|
|
403,
|
|
);
|
|
if (body && /scope/i.test(body))
|
|
return new FigmaClientError(
|
|
"FORBIDDEN",
|
|
`figma denied access (403): ${body} — add the named scope at figma.com/settings → Security → Personal access tokens.`,
|
|
403,
|
|
);
|
|
const scopeLine = opts.scopeHint
|
|
? `This endpoint needs the "${opts.scopeHint}" scope — add it at figma.com/settings → Security → Personal access tokens.`
|
|
: "The token is missing a read scope, or your account can't view this file. Check File content: Read-only + File metadata: Read-only at figma.com/settings → Security.";
|
|
return new FigmaClientError(
|
|
"FORBIDDEN",
|
|
`figma denied access (403). ${scopeLine} Also confirm the file is visible to your account.`,
|
|
403,
|
|
);
|
|
}
|
|
|
|
/** Throw the typed error for a non-ok response (no-op when res.ok). */
|
|
async function throwForStatus(res: Response, path: string, opts: GetOptions): Promise<void> {
|
|
if (res.ok) return;
|
|
if (res.status === 401)
|
|
throw new FigmaClientError(
|
|
"BAD_TOKEN",
|
|
"figma rejected the token (401) — it is expired or revoked. Re-mint at figma.com/settings → Security, then update FIGMA_TOKEN.",
|
|
401,
|
|
);
|
|
if (res.status === 403) throw forbiddenError(await readFigmaErrorMessage(res), opts);
|
|
if (res.status === 429)
|
|
throw new FigmaClientError(
|
|
"RATE_LIMITED",
|
|
`figma rate limit hit (429) and still limited after ${maxRetries} retries — wait a minute and re-run, or import fewer nodes per call.`,
|
|
429,
|
|
);
|
|
throw new FigmaClientError(
|
|
"HTTP_ERROR",
|
|
`figma request failed: HTTP ${res.status} ${path}`,
|
|
res.status,
|
|
);
|
|
}
|
|
|
|
async function get(path: string, opts: GetOptions = {}): Promise<unknown> {
|
|
// Retry 429 with backoff before surfacing RATE_LIMITED — figma's limit is
|
|
// per-minute, so a couple of imports in quick succession hit it and a
|
|
// short wait clears it. Honor Retry-After when present, else exponential.
|
|
let res: Response;
|
|
for (let attempt = 0; ; attempt += 1) {
|
|
res = await doFetch(`${base}${path}`, { headers: { "X-Figma-Token": token } });
|
|
if (res.status !== 429 || attempt >= maxRetries) break;
|
|
const wait = retryAfterMs(res) ?? 1000 * 2 ** attempt;
|
|
await sleep(wait);
|
|
}
|
|
await throwForStatus(res, path, opts);
|
|
return res.json();
|
|
}
|
|
|
|
return {
|
|
async renderNode(ref, opts) {
|
|
const nodeId = requireNodeId(ref);
|
|
const [result] = await this.renderNodes(ref.fileKey, [nodeId], opts);
|
|
if (!result || result.url === null)
|
|
throw new FigmaClientError(
|
|
"RENDER_FAILED",
|
|
`figma could not render node ${nodeId} as ${opts.format}`,
|
|
);
|
|
return { url: result.url, ext: opts.format };
|
|
},
|
|
|
|
async renderNodes(fileKey, nodeIds, opts) {
|
|
if (nodeIds.length === 0) return [];
|
|
// /v1/images accepts comma-separated ids — one call for the whole batch,
|
|
// which is figma's own answer to the per-minute rate limit.
|
|
const params = new URLSearchParams({ ids: nodeIds.join(","), format: opts.format });
|
|
if (opts.scale !== undefined) params.set("scale", String(opts.scale));
|
|
const body = await get(`/v1/images/${fileKey}?${params}`, {
|
|
scopeHint: SCOPE_HINTS.fileContent,
|
|
});
|
|
const images = isRecord(body) && isRecord(body.images) ? body.images : {};
|
|
return nodeIds.map((nodeId) => {
|
|
const url = images[nodeId];
|
|
return {
|
|
nodeId,
|
|
url: typeof url === "string" && url !== "" ? url : null,
|
|
ext: opts.format,
|
|
};
|
|
});
|
|
},
|
|
|
|
async imageFills(fileKey) {
|
|
const body = await get(`/v1/files/${fileKey}/images`, { scopeHint: SCOPE_HINTS.fileContent });
|
|
const meta = isRecord(body) && isRecord(body.meta) ? body.meta : {};
|
|
const images = isRecord(meta.images) ? meta.images : {};
|
|
const out = new Map<string, string>();
|
|
for (const [ref, url] of Object.entries(images)) {
|
|
if (typeof url === "string") out.set(ref, url);
|
|
}
|
|
return out;
|
|
},
|
|
|
|
async variables(fileKey) {
|
|
const body = await get(`/v1/files/${fileKey}/variables/local`, { enterpriseGated: true });
|
|
const meta = isRecord(body) && isRecord(body.meta) ? body.meta : {};
|
|
const variables = isRecord(meta.variables) ? meta.variables : {};
|
|
const collections = isRecord(meta.variableCollections) ? meta.variableCollections : {};
|
|
const typed: Record<string, FigmaVariablePayload> = {};
|
|
for (const [id, payload] of Object.entries(variables)) {
|
|
const v = toVariablePayload(payload);
|
|
if (v) typed[id] = v;
|
|
}
|
|
return { variables: typed, variableCollections: collections };
|
|
},
|
|
|
|
async styles(fileKey) {
|
|
const body = await get(`/v1/files/${fileKey}/styles`, {
|
|
scopeHint: SCOPE_HINTS.libraryContent,
|
|
});
|
|
const meta = isRecord(body) && isRecord(body.meta) ? body.meta : {};
|
|
const styles = Array.isArray(meta.styles) ? meta.styles : [];
|
|
return styles.filter(
|
|
(s): s is FigmaStyleMeta =>
|
|
isRecord(s) &&
|
|
typeof s.key === "string" &&
|
|
typeof s.name === "string" &&
|
|
typeof s.style_type === "string",
|
|
);
|
|
},
|
|
|
|
async nodeTree(ref) {
|
|
const nodeId = requireNodeId(ref);
|
|
const params = new URLSearchParams({ ids: nodeId, geometry: "paths" });
|
|
const body = await get(`/v1/files/${ref.fileKey}/nodes?${params}`, {
|
|
scopeHint: SCOPE_HINTS.fileContent,
|
|
});
|
|
const nodes = isRecord(body) && isRecord(body.nodes) ? body.nodes : {};
|
|
const entry = nodes[nodeId];
|
|
const doc = isRecord(entry) ? entry.document : undefined;
|
|
if (
|
|
!isRecord(doc) ||
|
|
typeof doc.id !== "string" ||
|
|
typeof doc.name !== "string" ||
|
|
typeof doc.type !== "string"
|
|
)
|
|
throw new FigmaClientError("NODE_NOT_FOUND", `node ${nodeId} not found in ${ref.fileKey}`);
|
|
return { ...doc, id: doc.id, name: doc.name, type: doc.type };
|
|
},
|
|
|
|
async fileVersion(fileKey) {
|
|
const body = await get(`/v1/files/${fileKey}?depth=1`, {
|
|
scopeHint: SCOPE_HINTS.fileMetadata,
|
|
});
|
|
const version = isRecord(body) && typeof body.version === "string" ? body.version : "";
|
|
const lastModified =
|
|
isRecord(body) && typeof body.lastModified === "string" ? body.lastModified : "";
|
|
return { version, lastModified };
|
|
},
|
|
};
|
|
}
|