Found 2 elements with non-unique id (#_ajax_nonce) and (#_wpnonce)

Ali, as mentioned in the comments here’s the method I’d use to save. As you can see, it sets out the assorted fields and then runs the save process a single time, rather than setting the logic over and over for each field.

function save_book_meta_data( $post_id ) {
    if( !current_user_can( 'edit_post', $post_id ) ) {
            return $post_id;
        }
        if( !isset( $_POST['book_cpt_nonce'] ) || !wp_verify_nonce( $_POST['book_cpt_nonce'], basename( __FILE__ ) ) ) {
            return $post_id;
        }
        $ali_book_meta['book-author-key']       = esc_textarea( $_POST['book-author-key'] );
        $ali_book_meta['book-year-key']         = esc_textarea( $_POST['book-year-key'] );
        foreach( $ali_book_meta as $key => $value ) :
            if( 'revision' === $post->post_type ) {
                return;
            }
            if( get_post_meta( $post_id, $key, false ) ) {
                update_post_meta( $post_id, $key, $value );
            } else {
                add_post_meta( $post_id, $key, $value);
            }
            if( !$value ) {
                delete_post_meta( $post_id, $key );
            }
        endforeach;
}
add_action( 'save_post', 'save_book_meta_data', 1, 2 );

I don’t know if that addresses your actual issue but you could give it a try and see what happens.

It does ensure that only users with edit capabilities can make changes and avoids updating revisions because they shouldn’t be updated, otherwise they wouldn’t be revisions, they’d just be clones.

tech