You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
fix(plaidlogin,cli,config): reject team switch without force in same environment
When a user has full sandbox credentials for TeamA and runs
, the command
now returns PLAID_CREDENTIALS_OVERWRITE_REQUIRED (exit code 10)
instead of letting the OAuth flow complete and then failing with an
opaque CONFIG_WRITE_FAILED.
Changes:
- login.go: add explicit mismatch-team check before write; use
LoadProviderConfig so only plaid errors surface.
- login.go: set effectiveForce=true when any existing credential is
present so ConfigureProvider overwrites instead of conflict-error.
- config.go: add LoadProviderConfig to resolve one provider block
without requiring full config validity.
- cli.go: map PLAID_CREDENTIALS_OVERWRITE_REQUIRED to safety/10.
- errors.go: add ErrorPlaidCredentialsOverwriteRequired constant.
- tests: add TestRunLoginOverwritesRotatedSecretForSameTeamAndEnvironment
and update existing mismatch-team test to assert the correct code.
- CONTRACTS.md: document the new error code.
This closes the review comment from PR #3 about same-environment
team switches silently ending in CONFIG_WRITE_FAILED.
0 commit comments