Fix the issue that prevents password-protected storefronts with an ampersand & from logging in

[karreiro]

WHY are these changes introduced?

Fixes #4597 and improves the password prompt message (used in shopify theme console/shopify theme dev/shopify app dev) to clarify which password the prompt refers to.

WHAT is this pull request doing?

This PR fixes the issue by encoding passwords when checking if they are valid.

How to test your changes?

• Update your store to use an ampersand & in the password.
• Run git cherry-pick 3f5c201cc7d2c23259ffcccd2e217a3ba3b94644 (this will clear your password, so you will be able to see the prompt even if your password is cached).
• Run shopify theme console.
• Notice you can log in and use the command.
• Notice as well that messages present the password page, so there's no more ambiguity about the password being asked.

Post-release steps

N/A

Measuring impact

How do we know this change was effective? Please choose one:

• n/a - this doesn't need measurement, e.g. a linting rule or a bug-fix
• Existing analytics will cater for this addition
• PR includes analytics changes to measure impact

Checklist

• I've considered possible cross-platform impacts (Mac, Linux, Windows)
• I've considered possible documentation changes

[github-actions]

Differences in type declarations

We detected differences in the type declarations generated by Typescript for this branch compared to the baseline ('main' branch). Please, review them to ensure they are backward-compatible. Here are some important things to keep in mind:

• Some seemingly private modules might be re-exported through public modules.
• If the branch is behind main you might see odd diffs, rebase main into this branch.

New type declarations

We found no new type declarations in this PR

Existing type declarations

packages/cli-kit/dist/public/node/themes/urls.d.ts

@@ -3,4 +3,5 @@ import { AdminSession } from '@shopify/cli-kit/node/session';
 export declare function themePreviewUrl(theme: Theme, session: AdminSession): string;
 export declare function themeEditorUrl(theme: Theme, session: AdminSession): string;
 export declare function codeEditorUrl(theme: Theme, session: AdminSession): string;
-export declare function storeAdminUrl(session: AdminSession): string;
\ No newline at end of file
+export declare function storeAdminUrl(session: AdminSession): string;
+export declare function storePasswordPage(store: AdminSession['storeFqdn']): string;
\ No newline at end of file

packages/cli-kit/dist/private/node/ui/components/TextPrompt.d.ts

@@ -2,7 +2,7 @@ import { InlineToken, TokenItem } from './TokenizedText.js';
 import { AbortSignal } from '../../../../public/node/abort.js';
 import { FunctionComponent } from 'react';
 export interface TextPromptProps {
-    message: string;
+    message: TokenItem;
     onSubmit: (value: string) => void;
     defaultValue?: string;
     password?: boolean;

[github-actions]

Coverage report

St.❔	Category	Percentage	Covered / Total
🟡	Statements	72.51% (+0.01% 🔼)	8365/11537
🟡	Branches	69.15% (+0.02% 🔼)	4105/5936
🟡	Functions	71.78% (+0.01% 🔼)	2187/3047
🟡	Lines	72.8% (+0.01% 🔼)	7908/10862

Test suite run success

1904 tests passing in 866 suites.

Report generated by 🧪jest coverage report action from 1fe7024

[EvilGenius13]

Awesome. Thank you for the fix! 👍

[jamesmengo]

🎩 LGTM!

Looks much cleaner in terminals that support hyperlinks.

I wonder if there's a way to control the whitespace / new lines when rendering. Probably part of cli-kit 🤔

Either way, thanks for this!

[jamesmengo]

❤️

[frandiox]

Nice catch 😄

[karreiro]

@Shopify/app-inner-loop Could you please approve this PR?