X bubble

[zhubzy]

No description provided.

[zhubzy]

Suggested PR title from Pearl

Title: feat(x-twitter): introduce X (Twitter) service integration

Body:
We're thrilled to roll out a highly anticipated integration: the new X (Twitter) service bubble! This addition significantly expands Bubble Lab's capabilities, empowering developers to build sophisticated social media automation and agentic workflows directly within our platform.

This PR delivers a robust, TypeScript-first X (Twitter) integration, enabling a suite of powerful operations:

• Post Tweets: Programmatically publish new tweets, including replies, with full control over content.
• Retrieve Tweets: Fetch specific tweets by ID, accessing detailed metadata like author, creation time, and public metrics.
• Get User Information: Access comprehensive user profiles by username or ID, including bios, public metrics (followers, following, tweet count), and verification status.
• Fetch User Tweets: Easily retrieve a user's recent tweet history, perfect for analysis or content monitoring.

Built on a Secure, Developer-First Foundation:

True to Bubble Lab's commitment to transparency and developer ownership, this integration is built with:

• OAuth 2.0 with PKCE: Ensuring secure and modern authentication with X (Twitter).
• End-to-End Type-Safety: Leveraging our TypeScript foundation for reliable and predictable interactions with the X API.
• Code-First Workflows: All operations are exposed through a clear, auditable code interface, allowing developers to own and extend their social media logic line by line.

This integration aligns perfectly with our mission to provide an open, transparent, and developer-first platform for agentic workflows. Now, you can seamlessly connect your Bubble Lab automations to the pulse of social media, from automated content publishing to real-time data analysis. We believe this will unlock a new realm of possibilities for our community to build something truly great! 🚀

---

🚀 "Build in Public" Social Media Content

Google Doc Created: View Document

Suggested X Post:
Super excited to drop our new X (Twitter) integration! 🎉 Now you can craft powerful social media automations & agentic workflows right in Bubble Lab. Built with transparency, type-safety, and developer ownership in mind. What magic will you build first? 👇

#BuildInPublic #OpenSource #BubbleLab #Developers

Suggested LinkedIn Post:
Thrilled to announce a highly anticipated addition to Bubble Lab: our new X (Twitter) service integration is officially LIVE! 🚀 This is a game-changer for developers looking to build sophisticated social media automation and agentic workflows directly within our platform.

No more manual tweeting or complex external scripts! With this integration, you can now:

• Programmatically Post Tweets (including replies!)
• Retrieve Tweets by ID with detailed metadata
• Access comprehensive User Information (bios, metrics)
• Easily Fetch User Tweets for analysis or monitoring

True to our #DeveloperFirst commitment, this integration is built on a robust foundation:
✨ OAuth 2.0 with PKCE for secure authentication
✨ End-to-End Type-Safety leveraging our TypeScript core
✨ Code-First Workflows giving you full ownership and auditable logic line by line.

This isn't just a new feature; it's a statement of principles. We believe the future of agentic systems is being written in #TypeScript, and this integration perfectly aligns with our mission to provide an open, transparent, and developer-first platform. It unlocks a whole new realm of possibilities for our community to build something truly great!

What kind of innovative X (Twitter) workflows are you excited to build? Let us know in the comments! 👇

#BubbleLab #AI #Workflows #Automation #XIntegration #TwitterAPI #OpenSource #BuildInPublic #TypeScript

[Copilot]

Pull Request Overview

This PR adds X (Twitter) integration to the BubbleLab system, enabling users to authenticate with X OAuth 2.0 and perform operations like posting tweets, retrieving tweets, and getting user information.

• Adds X Twitter OAuth 2.0 support with PKCE authentication
• Implements XTwitterBubble service with four operations: post_tweet, get_tweet, get_user_info, and get_user_tweets
• Updates schema definitions, credential configurations, and UI components to support X Twitter

Reviewed Changes

Copilot reviewed 10 out of 11 changed files in this pull request and generated 7 comments.

Show a summary per file

File	Description
packages/bubble-shared-schemas/src/types.ts	Adds X_TWITTER_CRED credential type and 'x-twitter' bubble name
packages/bubble-shared-schemas/src/credential-schema.ts	Configures OAuth provider for X with PKCE support and default scopes
packages/bubble-core/src/bubbles/service-bubble/x-twitter.ts	Implements XTwitterBubble class with four Twitter API operations
packages/bubble-core/src/bubble-factory.ts	Registers XTwitterBubble in the factory
apps/bubblelab-api/src/services/oauth-service.ts	Adds X OAuth 2.0 client with PKCE code verifier generation and token exchange
apps/bubblelab-api/src/config/env.ts	Adds X_OAUTH_CLIENT_ID and X_OAUTH_CLIENT_SECRET environment variables
apps/bubble-studio/src/pages/CredentialsPage.tsx	Adds UI configuration for X Twitter credentials
apps/bubble-studio/src/lib/integrations.ts	Adds X Twitter logo mappings and documentation aliases

[Copilot]

The error field in all result schemas should be .optional() since it's only present when success is false. Currently it's marked as required which means successful responses must provide an empty string for error, which is redundant.

[Copilot]

This exported helper type lacks documentation. Add a JSDoc comment explaining its purpose for extracting operation-specific result types.

Suggested change

	// Helper type to get the result type for a specific operation
	/**
	* Helper type to extract the result type for a specific X Twitter operation.
	* Given an operation name, returns the corresponding result type from XTwitterResult.
	*/

[Copilot]

The use of any for both the body parameter and return type reduces type safety. Consider using generic types or more specific type definitions for API request/response bodies.

[Copilot]

Logging the PKCE code_verifier generation could expose sensitive authentication flow information in production logs. This log statement should be removed or converted to a debug-level log that's disabled in production.

Suggested change

console.log(`Generated PKCE code_verifier for X OAuth`);

[Copilot]

The refresh token warning check appears to be incomplete in the diff context. Ensure this warning is properly logged for X OAuth, as refresh tokens are critical for the 'offline.access' scope.

[Copilot]

[nitpick] While the comment explains PKCE is handled automatically, it would be helpful to note that X requires PKCE (not optional) unlike Google OAuth which doesn't use it.

Suggested change

	// X uses PKCE which is handled automatically by @badgateway/oauth2-client
	// X (Twitter) requires PKCE (not optional), which is handled automatically by @badgateway/oauth2-client.
	// Note: Google OAuth does not use PKCE.

[Copilot]

[nitpick] The alias 'twitter' should have a comment explaining its purpose, especially since the service is branded as 'X (Twitter)' throughout the codebase.

Suggested change

	`;
	`;
	// Alias retained as 'twitter' for backward compatibility and user familiarity,
	// despite official rebranding to 'X (Twitter)' throughout the codebase.