🚀 feat(_route): add dev to origin

node_modules/.pnpm/universal-github-app-jwt@1.2.0/node_modules/@types/jsonwebtoken

@@ -0,0 +1 @@
+../../../@types+jsonwebtoken@9.0.7/node_modules/@types/jsonwebtoken

node_modules/.pnpm/universal-github-app-jwt@1.2.0/node_modules/jsonwebtoken

@@ -0,0 +1 @@
+../../jsonwebtoken@9.0.2/node_modules/jsonwebtoken

node_modules/.pnpm/universal-github-app-jwt@1.2.0/node_modules/universal-github-app-jwt/LICENSE

@@ -0,0 +1,21 @@
+The MIT License
+
+Copyright (c) 2019 Gregor Martynus
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.

node_modules/.pnpm/universal-github-app-jwt@1.2.0/node_modules/universal-github-app-jwt/README.md

@@ -0,0 +1,185 @@
+# universal-github-app-jwt
+
+> Calculate GitHub App bearer tokens for Node & modern browsers
+
+[![@latest](https://img.shields.io/npm/v/universal-github-app-jwt.svg)](https://www.npmjs.com/package/universal-github-app-jwt)
+![Build status](https://github.com/gr2m/universal-github-app-jwt/workflows/Test/badge.svg)
+[![Greenkeeper](https://badges.greenkeeper.io/gr2m/universal-github-app-jwt.svg)](https://greenkeeper.io/)
+
+⚠ The private keys provide by GitHub are in `PKCS#1` format, but the WebCrypto API only supports `PKCS#8`. You can see the difference in the first line, `PKCS#1` format starts with `-----BEGIN RSA PRIVATE KEY-----` while `PKCS#8` starts with `-----BEGIN PRIVATE KEY-----`. You can convert one format to the other using `oppenssl`:
+
+```
+openssl pkcs8 -topk8 -inform PEM -outform PEM -nocrypt -in private-key.pem -out private-key-pkcs8.key
+```
+
+It's also possible to convert the formats with JavaScript, e.g. using [node-rsa](https://github.com/rzcoder/node-rsa), but it turns a 4kb to a 200kb+ built. I'm looking for help to create a minimal `PKCS#1` to `PKCS#8` convert library that I can recommend people to use before passing the private key to `githubAppJwt`. Please create an issue if you'd like to help.
+
+The way it works with `node-rsa` is this
+
+```js
+const PRIVATE_KEY = `-----BEGIN RSA PRIVATE KEY-----
+...
+-----END RSA PRIVATE KEY-----`;
+
+const key = new NodeRSA(PRIVATE_KEY);
+const privateKeyPkcs8 = key.exportKey("pkcs8-private-pem");
+
+// privateKeyPkcs8 is now
+// -----BEGIN PRIVATE KEY-----
+// ...
+// -----END PRIVATE KEY-----
+```
+
+When using a node, a conversion is not necessary, the implementation is agnostic to either format.
+
+## Usage
+
+<table>
+<tbody valign=top align=left>
+<tr><th>
+Browsers
+</th><td width=100%>
+
+Load `universal-github-app-jwt` directly from [cdn.pika.dev](https://cdn.pika.dev)
+
+```html
+<script type="module">
+  import { githubAppJwt } from "https://cdn.pika.dev/universal-github-app-jwt";
+</script>
+```
+
+</td></tr>
+<tr><th>
+Node
+</th><td>
+
+Install with <code>npm install universal-github-app-jwt</code>
+
+```js
+const { githubAppJwt } = require("universal-github-app-jwt");
+// or: import { githubAppJwt } from "universal-github-app-jwt";
+```
+
+</td></tr>
+</tbody>
+</table>
+
+```js
+(async () => {
+  const { token, appId, expiration } = await githubAppJwt({
+    id: APP_ID,
+    privateKey: PRIVATE_KEY,
+  });
+})();
+```
+
+The retrieved `token` can now be used in Authorization request header, e.g. with [`@octokit/request`](https://github.com/octokit/request.js/#readme):
+
+```js
+request("GET /app", {
+  headers: {
+    authorization: `bearer ${token}`,
+  },
+});
+```
+
+For a complete implementation of GitHub App authentication strategies, see [`@octokit/auth-app.js`](https://github.com/octokit/auth-app.js/#readme).
+
+## `githubAppJwt(options)`
+
+<table width="100%">
+  <thead align=left>
+    <tr>
+      <th width=150>
+        name
+      </th>
+      <th width=70>
+        type
+      </th>
+      <th>
+        description
+      </th>
+    </tr>
+  </thead>
+  <tbody align=left valign=top>
+    <tr>
+      <th>
+        <code>options.id</code>
+      </th>
+      <th>
+        <code>number | string</code>
+      </th>
+      <td>
+        <strong>Required</strong>. The GitHub App's ID or Client ID. For <code>github.com</code> and GHES 3.14+, it is recommended to use the Client ID.
+      </td>
+    </tr>
+    <tr>
+      <th>
+        <code>options.privateKey</code>
+      </th>
+      <th>
+        <code>string</code>
+      </th>
+      <td>
+        <strong>Required</strong>. Content of the <code>*.pem</code> file you downloaded from the app’s about page. You can generate a new private key if needed. Make sure to preserve the line breaks.
+      </td>
+    </tr>
+  </tbody>
+</table>
+
+`githubAppJwt(options)` resolves with an object with the following keys
+
+<table width="100%">
+  <thead align=left>
+    <tr>
+      <th width=150>
+        name
+      </th>
+      <th width=70>
+        type
+      </th>
+      <th>
+        description
+      </th>
+    </tr>
+  </thead>
+  <tbody align=left valign=top>
+    <tr>
+      <th>
+        <code>token</code>
+      </th>
+      <th>
+        <code>string</code>
+      </th>
+      <td>
+        The JSON Web Token (JWT) to authenticate as the app.
+      </td>
+    </tr>
+    <tr>
+      <th>
+        <code>appId</code>
+      </th>
+      <th>
+        <code>number</code>
+      </th>
+      <td>
+        The GitHub App database ID or Client ID passed in <code>options.id</code>.
+      </td>
+    </tr>
+    <tr>
+      <th>
+        <code>expiration</code>
+      </th>
+      <th>
+        <code>number</code>
+      </th>
+      <td>
+        Timestamp as UNIX epoch, e.g. <code>1530922170</code>. A Date object can be created using <code>new Date(authentication.expiration)</code>.
+      </td>
+    </tr>
+  </tbody>
+</table>
+
+## License
+
+[MIT](LICENSE)

node_modules/.pnpm/universal-github-app-jwt@1.2.0/node_modules/universal-github-app-jwt/dist-node/index.js

@@ -0,0 +1,46 @@
+'use strict';
+
+Object.defineProperty(exports, '__esModule', { value: true });
+
+function _interopDefault (ex) { return (ex && (typeof ex === 'object') && 'default' in ex) ? ex['default'] : ex; }
+
+var jsonwebtoken = _interopDefault(require('jsonwebtoken'));
+
+async function getToken({
+  privateKey,
+  payload
+}) {
+  return jsonwebtoken.sign(payload, privateKey, {
+    algorithm: "RS256"
+  });
+}
+
+async function githubAppJwt({
+  id,
+  privateKey,
+  now = Math.floor(Date.now() / 1000)
+}) {
+  // When creating a JSON Web Token, it sets the "issued at time" (iat) to 30s
+  // in the past as we have seen people running situations where the GitHub API
+  // claimed the iat would be in future. It turned out the clocks on the
+  // different machine were not in sync.
+  const nowWithSafetyMargin = now - 30;
+  const expiration = nowWithSafetyMargin + 60 * 10; // JWT expiration time (10 minute maximum)
+  const payload = {
+    iat: nowWithSafetyMargin,
+    exp: expiration,
+    iss: id
+  };
+  const token = await getToken({
+    privateKey,
+    payload
+  });
+  return {
+    appId: id,
+    expiration,
+    token
+  };
+}
+
+exports.githubAppJwt = githubAppJwt;
+//# sourceMappingURL=index.js.map

node_modules/.pnpm/universal-github-app-jwt@1.2.0/node_modules/universal-github-app-jwt/dist-node/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sources":["../dist-src/get-token.js","../dist-src/index.js"],"sourcesContent":["import jsonwebtoken from \"jsonwebtoken\";\nexport async function getToken({ privateKey, payload, }) {\n    return jsonwebtoken.sign(payload, privateKey, {\n        algorithm: \"RS256\",\n    });\n}\n","import { getToken } from \"./get-token\";\nexport async function githubAppJwt({ id, privateKey, now = Math.floor(Date.now() / 1000), }) {\n    // When creating a JSON Web Token, it sets the \"issued at time\" (iat) to 30s\n    // in the past as we have seen people running situations where the GitHub API\n    // claimed the iat would be in future. It turned out the clocks on the\n    // different machine were not in sync.\n    const nowWithSafetyMargin = now - 30;\n    const expiration = nowWithSafetyMargin + 60 * 10; // JWT expiration time (10 minute maximum)\n    const payload = {\n        iat: nowWithSafetyMargin,\n        exp: expiration,\n        iss: id,\n    };\n    const token = await getToken({\n        privateKey,\n        payload,\n    });\n    return {\n        appId: id,\n        expiration,\n        token,\n    };\n}\n"],"names":["getToken","privateKey","payload","jsonwebtoken","sign","algorithm","githubAppJwt","id","now","Math","floor","Date","nowWithSafetyMargin","expiration","iat","exp","iss","token","appId"],"mappings":";;;;;;;;AACO,eAAeA,QAAQ,CAAC;EAAEC,UAAU;EAAEC;AAAS,CAAC,EAAE;EACrD,OAAOC,YAAY,CAACC,IAAI,CAACF,OAAO,EAAED,UAAU,EAAE;IAC1CI,SAAS,EAAE;GACd,CAAC;AACN;;ACJO,eAAeC,YAAY,CAAC;EAAEC,EAAE;EAAEN,UAAU;EAAEO,GAAG,GAAGC,IAAI,CAACC,KAAK,CAACC,IAAI,CAACH,GAAG,EAAE,GAAG,IAAI;AAAG,CAAC,EAAE;;;;;EAKzF,MAAMI,mBAAmB,GAAGJ,GAAG,GAAG,EAAE;EACpC,MAAMK,UAAU,GAAGD,mBAAmB,GAAG,EAAE,GAAG,EAAE,CAAC;EACjD,MAAMV,OAAO,GAAG;IACZY,GAAG,EAAEF,mBAAmB;IACxBG,GAAG,EAAEF,UAAU;IACfG,GAAG,EAAET;GACR;EACD,MAAMU,KAAK,GAAG,MAAMjB,QAAQ,CAAC;IACzBC,UAAU;IACVC;GACH,CAAC;EACF,OAAO;IACHgB,KAAK,EAAEX,EAAE;IACTM,UAAU;IACVI;GACH;AACL;;;;"}

node_modules/.pnpm/universal-github-app-jwt@1.2.0/node_modules/universal-github-app-jwt/dist-src/get-token-browser.js

@@ -0,0 +1,19 @@
+import { getEncodedMessage, getDERfromPEM, string2ArrayBuffer, base64encode, } from "./utils";
+export const getToken = async ({ privateKey, payload, }) => {
+    // WebCrypto only supports PKCS#8, unfortunately
+    if (/BEGIN RSA PRIVATE KEY/.test(privateKey)) {
+        throw new Error("[universal-github-app-jwt] Private Key is in PKCS#1 format, but only PKCS#8 is supported. See https://github.com/gr2m/universal-github-app-jwt#readme");
+    }
+    const algorithm = {
+        name: "RSASSA-PKCS1-v1_5",
+        hash: { name: "SHA-256" },
+    };
+    const header = { alg: "RS256", typ: "JWT" };
+    const privateKeyDER = getDERfromPEM(privateKey);
+    const importedKey = await crypto.subtle.importKey("pkcs8", privateKeyDER, algorithm, false, ["sign"]);
+    const encodedMessage = getEncodedMessage(header, payload);
+    const encodedMessageArrBuf = string2ArrayBuffer(encodedMessage);
+    const signatureArrBuf = await crypto.subtle.sign(algorithm.name, importedKey, encodedMessageArrBuf);
+    const encodedSignature = base64encode(signatureArrBuf);
+    return `${encodedMessage}.${encodedSignature}`;
+};

node_modules/.pnpm/universal-github-app-jwt@1.2.0/node_modules/universal-github-app-jwt/dist-src/get-token.js

@@ -0,0 +1,6 @@
+import jsonwebtoken from "jsonwebtoken";
+export async function getToken({ privateKey, payload, }) {
+    return jsonwebtoken.sign(payload, privateKey, {
+        algorithm: "RS256",
+    });
+}

node_modules/.pnpm/universal-github-app-jwt@1.2.0/node_modules/universal-github-app-jwt/dist-src/index.js

@@ -0,0 +1,23 @@
+import { getToken } from "./get-token";
+export async function githubAppJwt({ id, privateKey, now = Math.floor(Date.now() / 1000), }) {
+    // When creating a JSON Web Token, it sets the "issued at time" (iat) to 30s
+    // in the past as we have seen people running situations where the GitHub API
+    // claimed the iat would be in future. It turned out the clocks on the
+    // different machine were not in sync.
+    const nowWithSafetyMargin = now - 30;
+    const expiration = nowWithSafetyMargin + 60 * 10; // JWT expiration time (10 minute maximum)
+    const payload = {
+        iat: nowWithSafetyMargin,
+        exp: expiration,
+        iss: id,
+    };
+    const token = await getToken({
+        privateKey,
+        payload,
+    });
+    return {
+        appId: id,
+        expiration,
+        token,
+    };
+}

node_modules/.pnpm/universal-github-app-jwt@1.2.0/node_modules/universal-github-app-jwt/dist-src/types.js

@@ -0,0 +1 @@
+export {};

node_modules/.pnpm/universal-github-app-jwt@1.2.0/node_modules/universal-github-app-jwt/dist-src/utils.js

@@ -0,0 +1,35 @@
+export function string2ArrayBuffer(str) {
+    const buf = new ArrayBuffer(str.length);
+    const bufView = new Uint8Array(buf);
+    for (let i = 0, strLen = str.length; i < strLen; i++) {
+        bufView[i] = str.charCodeAt(i);
+    }
+    return buf;
+}
+export function getDERfromPEM(pem) {
+    const pemB64 = pem
+        .trim()
+        .split("\n")
+        .slice(1, -1) // Remove the --- BEGIN / END PRIVATE KEY ---
+        .join("");
+    const decoded = atob(pemB64);
+    return string2ArrayBuffer(decoded);
+}
+export function getEncodedMessage(header, payload) {
+    return `${base64encodeJSON(header)}.${base64encodeJSON(payload)}`;
+}
+export function base64encode(buffer) {
+    var binary = "";
+    var bytes = new Uint8Array(buffer);
+    var len = bytes.byteLength;
+    for (var i = 0; i < len; i++) {
+        binary += String.fromCharCode(bytes[i]);
+    }
+    return fromBase64(btoa(binary));
+}
+function fromBase64(base64) {
+    return base64.replace(/=/g, "").replace(/\+/g, "-").replace(/\//g, "_");
+}
+function base64encodeJSON(obj) {
+    return fromBase64(btoa(JSON.stringify(obj)));
+}

node_modules/.pnpm/universal-github-app-jwt@1.2.0/node_modules/universal-github-app-jwt/dist-types/get-token-browser.d.ts

@@ -0,0 +1,2 @@
+import { GetTokenOptions, Token } from "./types";
+export declare const getToken: ({ privateKey, payload, }: GetTokenOptions) => Promise<Token>;

node_modules/.pnpm/universal-github-app-jwt@1.2.0/node_modules/universal-github-app-jwt/dist-types/get-token.d.ts

@@ -0,0 +1,2 @@
+import { GetTokenOptions, Token } from "./types";
+export declare function getToken({ privateKey, payload, }: GetTokenOptions): Promise<Token>;

node_modules/.pnpm/universal-github-app-jwt@1.2.0/node_modules/universal-github-app-jwt/dist-types/index.d.ts

@@ -0,0 +1,2 @@
+import { Options, Result } from "./types";
+export declare function githubAppJwt<T extends number | string = number>({ id, privateKey, now, }: Options<T>): Promise<Result<T>>;

node_modules/.pnpm/universal-github-app-jwt@1.2.0/node_modules/universal-github-app-jwt/dist-types/types.d.ts

@@ -0,0 +1,22 @@
+export type PrivateKey = string;
+export type Expiration = number;
+export type Token = string;
+export type Options<IdType extends number | string = number> = {
+    id: IdType;
+    privateKey: PrivateKey;
+    now?: number;
+};
+export type Result<IdType extends number | string = number> = {
+    appId: IdType;
+    expiration: Expiration;
+    token: Token;
+};
+export type Payload = {
+    iat: number;
+    exp: number;
+    iss: number | string;
+};
+export type GetTokenOptions = {
+    privateKey: PrivateKey;
+    payload: Payload;
+};

node_modules/.pnpm/universal-github-app-jwt@1.2.0/node_modules/universal-github-app-jwt/dist-types/utils.d.ts

@@ -0,0 +1,4 @@
+export declare function string2ArrayBuffer(str: string): ArrayBuffer;
+export declare function getDERfromPEM(pem: string): ArrayBuffer;
+export declare function getEncodedMessage(header: object, payload: object): string;
+export declare function base64encode(buffer: ArrayBuffer): string;

node_modules/.pnpm/universal-github-app-jwt@1.2.0/node_modules/universal-github-app-jwt/dist-web/index.bundled.js

@@ -0,0 +1,2 @@
+function t(t,n,r,e,i,a,o){try{var u=t[a](o),c=u.value}catch(t){return void r(t)}u.done?n(c):Promise.resolve(c).then(e,i)}function n(n){return function(){var r=this,e=arguments;return new Promise((function(i,a){var o=n.apply(r,e);function u(n){t(o,i,a,u,c,"next",n)}function c(n){t(o,i,a,u,c,"throw",n)}u(void 0)}))}}function r(t){for(var n=new ArrayBuffer(t.length),r=new Uint8Array(n),e=0,i=t.length;e<i;e++)r[e]=t.charCodeAt(e);return n}function e(t){return t.replace(/=/g,"").replace(/\+/g,"-").replace(/\//g,"_")}function i(t){return e(btoa(JSON.stringify(t)))}var a=function(){var t=n((function*(t){var{privateKey:n,payload:a}=t;if(/BEGIN RSA PRIVATE KEY/.test(n))throw new Error("[universal-github-app-jwt] Private Key is in PKCS#1 format, but only PKCS#8 is supported. See https://github.com/gr2m/universal-github-app-jwt#readme");var o,u={name:"RSASSA-PKCS1-v1_5",hash:{name:"SHA-256"}},c=(o=n.trim().split("\n").slice(1,-1).join(""),r(atob(o))),p=yield crypto.subtle.importKey("pkcs8",c,u,!1,["sign"]),f=function(t,n){return"".concat(i(t),".").concat(i(n))}({alg:"RS256",typ:"JWT"},a),l=r(f),s=function(t){for(var n="",r=new Uint8Array(t),i=r.byteLength,a=0;a<i;a++)n+=String.fromCharCode(r[a]);return e(btoa(n))}(yield crypto.subtle.sign(u.name,p,l));return"".concat(f,".").concat(s)}));return function(n){return t.apply(this,arguments)}}();function o(t){return u.apply(this,arguments)}function u(){return(u=n((function*(t){var{id:n,privateKey:r,now:e=Math.floor(Date.now()/1e3)}=t,i=e-30,o=i+600,u={iat:i,exp:o,iss:n};return{appId:n,expiration:o,token:yield a({privateKey:r,payload:u})}}))).apply(this,arguments)}export{o as githubAppJwt};
+//# sourceMappingURL=index.bundled.js.map

node_modules/.pnpm/universal-github-app-jwt@1.2.0/node_modules/universal-github-app-jwt/dist-web/index.bundled.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.bundled.js","sources":["index.js"],"sourcesContent":["function string2ArrayBuffer(str) {\n    const buf = new ArrayBuffer(str.length);\n    const bufView = new Uint8Array(buf);\n    for (let i = 0, strLen = str.length; i < strLen; i++) {\n        bufView[i] = str.charCodeAt(i);\n    }\n    return buf;\n}\nfunction getDERfromPEM(pem) {\n    const pemB64 = pem\n        .trim()\n        .split(\"\\n\")\n        .slice(1, -1) // Remove the --- BEGIN / END PRIVATE KEY ---\n        .join(\"\");\n    const decoded = atob(pemB64);\n    return string2ArrayBuffer(decoded);\n}\nfunction getEncodedMessage(header, payload) {\n    return `${base64encodeJSON(header)}.${base64encodeJSON(payload)}`;\n}\nfunction base64encode(buffer) {\n    var binary = \"\";\n    var bytes = new Uint8Array(buffer);\n    var len = bytes.byteLength;\n    for (var i = 0; i < len; i++) {\n        binary += String.fromCharCode(bytes[i]);\n    }\n    return fromBase64(btoa(binary));\n}\nfunction fromBase64(base64) {\n    return base64.replace(/=/g, \"\").replace(/\\+/g, \"-\").replace(/\\//g, \"_\");\n}\nfunction base64encodeJSON(obj) {\n    return fromBase64(btoa(JSON.stringify(obj)));\n}\n\nconst getToken = async ({ privateKey, payload, }) => {\n    // WebCrypto only supports PKCS#8, unfortunately\n    if (/BEGIN RSA PRIVATE KEY/.test(privateKey)) {\n        throw new Error(\"[universal-github-app-jwt] Private Key is in PKCS#1 format, but only PKCS#8 is supported. See https://github.com/gr2m/universal-github-app-jwt#readme\");\n    }\n    const algorithm = {\n        name: \"RSASSA-PKCS1-v1_5\",\n        hash: { name: \"SHA-256\" },\n    };\n    const header = { alg: \"RS256\", typ: \"JWT\" };\n    const privateKeyDER = getDERfromPEM(privateKey);\n    const importedKey = await crypto.subtle.importKey(\"pkcs8\", privateKeyDER, algorithm, false, [\"sign\"]);\n    const encodedMessage = getEncodedMessage(header, payload);\n    const encodedMessageArrBuf = string2ArrayBuffer(encodedMessage);\n    const signatureArrBuf = await crypto.subtle.sign(algorithm.name, importedKey, encodedMessageArrBuf);\n    const encodedSignature = base64encode(signatureArrBuf);\n    return `${encodedMessage}.${encodedSignature}`;\n};\n\nasync function githubAppJwt({ id, privateKey, now = Math.floor(Date.now() / 1000), }) {\n    // When creating a JSON Web Token, it sets the \"issued at time\" (iat) to 30s\n    // in the past as we have seen people running situations where the GitHub API\n    // claimed the iat would be in future. It turned out the clocks on the\n    // different machine were not in sync.\n    const nowWithSafetyMargin = now - 30;\n    const expiration = nowWithSafetyMargin + 60 * 10; // JWT expiration time (10 minute maximum)\n    const payload = {\n        iat: nowWithSafetyMargin,\n        exp: expiration,\n        iss: id,\n    };\n    const token = await getToken({\n        privateKey,\n        payload,\n    });\n    return {\n        appId: id,\n        expiration,\n        token,\n    };\n}\n\nexport { githubAppJwt };\n//# sourceMappingURL=index.js.map\n"],"names":["string2ArrayBuffer","str","buf","ArrayBuffer","length","bufView","Uint8Array","i","strLen","charCodeAt","fromBase64","base64","replace","base64encodeJSON","obj","btoa","JSON","stringify","pemB64","trim","split","slice","join","atob","header","payload","buffer","binary","bytes","len","byteLength","String","fromCharCode"],"mappings":"4TAAO,SAASA,EAAmBC,GAG/B,IAFA,IAAMC,EAAM,IAAIC,YAAYF,EAAIG,QAC1BC,EAAU,IAAIC,WAAWJ,GACtBK,EAAI,EAAGC,EAASP,EAAIG,OAAQG,EAAIC,EAAQD,IAC7CF,EAAQE,GAAKN,EAAIQ,WAAWF,GAEhC,OAAOL,EAuBX,SAASQ,EAAWC,GAChB,OAAOA,EAAOC,QAAQ,KAAM,IAAIA,QAAQ,MAAO,KAAKA,QAAQ,MAAO,KAEvE,SAASC,EAAiBC,GACtB,OAAOJ,EAAWK,KAAKC,KAAKC,UAAUH,0RAxBhCI,wDAAAA,IACDC,OACAC,MAAM,MACNC,MAAM,GAAI,GACVC,KAAK,IAEHtB,EADSuB,KAAKL,gEAGlB,SAA2BM,EAAQC,GACtC,gBAAUZ,EAAiBW,eAAWX,EAAiBY,yCAEpD,SAAsBC,GAIzB,IAHA,IAAIC,EAAS,GACTC,EAAQ,IAAItB,WAAWoB,GACvBG,EAAMD,EAAME,WACPvB,EAAI,EAAGA,EAAIsB,EAAKtB,IACrBoB,GAAUI,OAAOC,aAAaJ,EAAMrB,IAExC,OAAOG,EAAWK,KAAKY"}

node_modules/.pnpm/universal-github-app-jwt@1.2.0/node_modules/universal-github-app-jwt/dist-web/index.js

@@ -0,0 +1,80 @@
+function string2ArrayBuffer(str) {
+    const buf = new ArrayBuffer(str.length);
+    const bufView = new Uint8Array(buf);
+    for (let i = 0, strLen = str.length; i < strLen; i++) {
+        bufView[i] = str.charCodeAt(i);
+    }
+    return buf;
+}
+function getDERfromPEM(pem) {
+    const pemB64 = pem
+        .trim()
+        .split("\n")
+        .slice(1, -1) // Remove the --- BEGIN / END PRIVATE KEY ---
+        .join("");
+    const decoded = atob(pemB64);
+    return string2ArrayBuffer(decoded);
+}
+function getEncodedMessage(header, payload) {
+    return `${base64encodeJSON(header)}.${base64encodeJSON(payload)}`;
+}
+function base64encode(buffer) {
+    var binary = "";
+    var bytes = new Uint8Array(buffer);
+    var len = bytes.byteLength;
+    for (var i = 0; i < len; i++) {
+        binary += String.fromCharCode(bytes[i]);
+    }
+    return fromBase64(btoa(binary));
+}
+function fromBase64(base64) {
+    return base64.replace(/=/g, "").replace(/\+/g, "-").replace(/\//g, "_");
+}
+function base64encodeJSON(obj) {
+    return fromBase64(btoa(JSON.stringify(obj)));
+}
+
+const getToken = async ({ privateKey, payload, }) => {
+    // WebCrypto only supports PKCS#8, unfortunately
+    if (/BEGIN RSA PRIVATE KEY/.test(privateKey)) {
+        throw new Error("[universal-github-app-jwt] Private Key is in PKCS#1 format, but only PKCS#8 is supported. See https://github.com/gr2m/universal-github-app-jwt#readme");
+    }
+    const algorithm = {
+        name: "RSASSA-PKCS1-v1_5",
+        hash: { name: "SHA-256" },
+    };
+    const header = { alg: "RS256", typ: "JWT" };
+    const privateKeyDER = getDERfromPEM(privateKey);
+    const importedKey = await crypto.subtle.importKey("pkcs8", privateKeyDER, algorithm, false, ["sign"]);
+    const encodedMessage = getEncodedMessage(header, payload);
+    const encodedMessageArrBuf = string2ArrayBuffer(encodedMessage);
+    const signatureArrBuf = await crypto.subtle.sign(algorithm.name, importedKey, encodedMessageArrBuf);
+    const encodedSignature = base64encode(signatureArrBuf);
+    return `${encodedMessage}.${encodedSignature}`;
+};
+
+async function githubAppJwt({ id, privateKey, now = Math.floor(Date.now() / 1000), }) {
+    // When creating a JSON Web Token, it sets the "issued at time" (iat) to 30s
+    // in the past as we have seen people running situations where the GitHub API
+    // claimed the iat would be in future. It turned out the clocks on the
+    // different machine were not in sync.
+    const nowWithSafetyMargin = now - 30;
+    const expiration = nowWithSafetyMargin + 60 * 10; // JWT expiration time (10 minute maximum)
+    const payload = {
+        iat: nowWithSafetyMargin,
+        exp: expiration,
+        iss: id,
+    };
+    const token = await getToken({
+        privateKey,
+        payload,
+    });
+    return {
+        appId: id,
+        expiration,
+        token,
+    };
+}
+
+export { githubAppJwt };
+//# sourceMappingURL=index.js.map

node_modules/.pnpm/universal-github-app-jwt@1.2.0/node_modules/universal-github-app-jwt/package.json

@@ -0,0 +1,50 @@
+{
+  "name": "universal-github-app-jwt",
+  "description": "Calculate GitHub App bearer tokens for Node & modern browsers",
+  "version": "1.2.0",
+  "license": "MIT",
+  "files": [
+    "dist-*/",
+    "bin/"
+  ],
+  "pika": true,
+  "sideEffects": false,
+  "keywords": [
+    "github",
+    "authentication",
+    "app",
+    "jwt",
+    "webcrypto"
+  ],
+  "homepage": "https://github.com/gr2m/universal-github-app-jwt#readme",
+  "bugs": {
+    "url": "https://github.com/gr2m/universal-github-app-jwt/issues"
+  },
+  "repository": "https://github.com/gr2m/universal-github-app-jwt",
+  "dependencies": {
+    "@types/jsonwebtoken": "^9.0.0",
+    "jsonwebtoken": "^9.0.2"
+  },
+  "devDependencies": {
+    "@gr2m/pika-plugin-build-web": "^0.6.0-issue-84.1",
+    "@pika/pack": "^0.5.0",
+    "@pika/plugin-build-node": "^0.9.1",
+    "@pika/plugin-bundle-web": "^0.9.1",
+    "@pika/plugin-ts-standard-pkg": "^0.9.1",
+    "@types/jest": "^26.0.0",
+    "@types/lolex": "^5.1.0",
+    "jest": "^26.0.0",
+    "lolex": "^6.0.0",
+    "prettier": "^2.0.0",
+    "rollup-plugin-json": "^4.0.0",
+    "semantic-release": "^17.0.0",
+    "serve-handler": "^6.1.1",
+    "ts-jest": "^26.0.0",
+    "typescript": "^4.9.4"
+  },
+  "source": "dist-src/index.js",
+  "types": "dist-types/index.d.ts",
+  "main": "dist-node/index.js",
+  "module": "dist-web/index.js",
+  "browser": "dist-web/index.bundled.js"
+}