@hot-updater/cloudflare 0.12.7 → 0.13.0

package/worker/dist/index.js

@@ -895,6 +895,9 @@ var process_default = _process;
 // ../../node_modules/.pnpm/wrangler@4.0.0_@cloudflare+workers-types@4.20250317.0/node_modules/wrangler/_virtual_unenv_global_polyfill-@cloudflare-unenv-preset-node-process
 globalThis.process = process_default;
 
+// ../../packages/core/dist/index.js
+var NIL_UUID = "00000000-0000-0000-0000-000000000000";
+
 // ../js/dist/index.js
 var __webpack_modules__ = {
   "../../node_modules/.pnpm/semver@7.6.3/node_modules/semver/classes/comparator.js": /* @__PURE__ */ __name(function(module, __unused_webpack_exports, __webpack_require__2) {
@@ -1040,7 +1043,7 @@ var __webpack_modules__ = {
       parseRange(range) {
         const memoOpts = (this.options.includePrerelease && FLAG_INCLUDE_PRERELEASE) | (this.options.loose && FLAG_LOOSE);
         const memoKey = memoOpts + ":" + range;
-        const cached = cache.get(memoKey);
+        const cached = cache2.get(memoKey);
         if (cached) return cached;
         const loose = this.options.loose;
         const hr = loose ? re[t.HYPHENRANGELOOSE] : re[t.HYPHENRANGE];
@@ -1070,7 +1073,7 @@ var __webpack_modules__ = {
         const result = [
           ...rangeMap.values()
         ];
-        cache.set(memoKey, result);
+        cache2.set(memoKey, result);
         return result;
       }
       intersects(range, options) {
@@ -1090,7 +1093,7 @@ var __webpack_modules__ = {
     }
     module.exports = Range;
     const LRU = __webpack_require__2("../../node_modules/.pnpm/semver@7.6.3/node_modules/semver/internal/lrucache.js");
-    const cache = new LRU();
+    const cache2 = new LRU();
     const parseOptions = __webpack_require__2("../../node_modules/.pnpm/semver@7.6.3/node_modules/semver/internal/parse-options.js");
     const Comparator = __webpack_require__2("../../node_modules/.pnpm/semver@7.6.3/node_modules/semver/classes/comparator.js");
     const debug3 = __webpack_require__2("../../node_modules/.pnpm/semver@7.6.3/node_modules/semver/internal/debug.js");
@@ -2265,131 +2268,3017 @@ var filterCompatibleAppVersions = /* @__PURE__ */ __name((targetAppVersionList,
   const compatibleAppVersionList = targetAppVersionList.filter((version2) => semverSatisfies(version2, currentVersion));
   return compatibleAppVersionList.sort((a, b) => b.localeCompare(a));
 }, "filterCompatibleAppVersions");
-
-// worker/src/getUpdateInfo.ts
-var getUpdateInfo = /* @__PURE__ */ __name(async (DB, {
-  platform: platform2,
-  appVersion,
-  bundleId
-}) => {
-  const appVersionList = await DB.prepare(
-    /* sql */
-    `
-    SELECT 
-      target_app_version
-    FROM bundles
-    WHERE platform = ?
-    GROUP BY target_app_version
-  `
-  ).bind(platform2).all();
-  const targetAppVersionList = filterCompatibleAppVersions(
-    appVersionList.results.map((group3) => group3.target_app_version),
-    appVersion
-  );
-  const sql = (
-    /* sql */
-    `
-  WITH input AS (
-    SELECT 
-      ? AS app_platform,       -- \uC608: 'ios' \uB610\uB294 'android'
-      ? AS app_version,        -- \uC608: '1.2.3'
-      ? AS bundle_id,          -- \uD604\uC7AC \uBC88\uB4E4 ID (\uBB38\uC790\uC5F4)
-      '00000000-0000-0000-0000-000000000000' AS nil_uuid
-  ),
-  update_candidate AS (
-    SELECT 
-      b.id,
-      b.should_force_update,
-      b.file_url,
-      b.file_hash,
-      'UPDATE' AS status
-    FROM bundles b, input
-    WHERE b.enabled = 1
-      AND b.platform = input.app_platform
-      AND b.id >= input.bundle_id
-      AND b.target_app_version IN (${targetAppVersionList.map((version2) => `'${version2}'`).join(",")})
-    ORDER BY b.id DESC 
-    LIMIT 1
-  ),
-  rollback_candidate AS (
-    SELECT 
-      b.id,
-      1 AS should_force_update,
-      b.file_url,
-      b.file_hash,
-      'ROLLBACK' AS status
-    FROM bundles b, input
-    WHERE b.enabled = 1
-      AND b.platform = input.app_platform
-      AND b.id < input.bundle_id
-    ORDER BY b.id DESC
-    LIMIT 1
-  ),
-  final_result AS (
-    SELECT * FROM update_candidate
-    UNION ALL
-    SELECT * FROM rollback_candidate
-    WHERE NOT EXISTS (SELECT 1 FROM update_candidate)
-  )
-  SELECT id, should_force_update, file_url, file_hash, status
-  FROM final_result, input
-  WHERE id <> bundle_id
-  
-  UNION ALL
-  
-  SELECT 
-    nil_uuid AS id,
-    1 AS should_force_update,
-    NULL AS file_url,
-    NULL AS file_hash,
-    'ROLLBACK' AS status
-  FROM input
-  WHERE (SELECT COUNT(*) FROM final_result) = 0
-    AND bundle_id <> nil_uuid;
-  `
-  );
-  const result = await DB.prepare(sql).bind(platform2, appVersion, bundleId).first();
-  if (!result) {
-    return null;
+var encoder = new TextEncoder();
+var decoder = new TextDecoder();
+function concat(...buffers) {
+  const size = buffers.reduce((acc, { length }) => acc + length, 0);
+  const buf = new Uint8Array(size);
+  let i = 0;
+  for (const buffer of buffers) {
+    buf.set(buffer, i);
+    i += buffer.length;
+  }
+  return buf;
+}
+__name(concat, "concat");
+function encodeBase64(input) {
+  if (Uint8Array.prototype.toBase64) return input.toBase64();
+  const CHUNK_SIZE = 32768;
+  const arr = [];
+  for (let i = 0; i < input.length; i += CHUNK_SIZE) arr.push(String.fromCharCode.apply(null, input.subarray(i, i + CHUNK_SIZE)));
+  return btoa(arr.join(""));
+}
+__name(encodeBase64, "encodeBase64");
+function decodeBase64(encoded) {
+  if (Uint8Array.fromBase64) return Uint8Array.fromBase64(encoded);
+  const binary = atob(encoded);
+  const bytes = new Uint8Array(binary.length);
+  for (let i = 0; i < binary.length; i++) bytes[i] = binary.charCodeAt(i);
+  return bytes;
+}
+__name(decodeBase64, "decodeBase64");
+function decode(input) {
+  if (Uint8Array.fromBase64) return Uint8Array.fromBase64("string" == typeof input ? input : decoder.decode(input), {
+    alphabet: "base64url"
+  });
+  let encoded = input;
+  if (encoded instanceof Uint8Array) encoded = decoder.decode(encoded);
+  encoded = encoded.replace(/-/g, "+").replace(/_/g, "/").replace(/\s/g, "");
+  try {
+    return decodeBase64(encoded);
+  } catch {
+    throw new TypeError("The input to be decoded is not correctly encoded.");
+  }
+}
+__name(decode, "decode");
+function encode(input) {
+  let unencoded = input;
+  if ("string" == typeof unencoded) unencoded = encoder.encode(unencoded);
+  if (Uint8Array.prototype.toBase64) return unencoded.toBase64({
+    alphabet: "base64url",
+    omitPadding: true
+  });
+  return encodeBase64(unencoded).replace(/=/g, "").replace(/\+/g, "-").replace(/\//g, "_");
+}
+__name(encode, "encode");
+var JOSEError = class extends Error {
+  static {
+    __name(this, "JOSEError");
+  }
+  static code = "ERR_JOSE_GENERIC";
+  code = "ERR_JOSE_GENERIC";
+  constructor(message, options) {
+    super(message, options);
+    this.name = this.constructor.name;
+    Error.captureStackTrace?.(this, this.constructor);
+  }
+};
+var JWTClaimValidationFailed = class extends JOSEError {
+  static {
+    __name(this, "JWTClaimValidationFailed");
+  }
+  static code = "ERR_JWT_CLAIM_VALIDATION_FAILED";
+  code = "ERR_JWT_CLAIM_VALIDATION_FAILED";
+  claim;
+  reason;
+  payload;
+  constructor(message, payload, claim = "unspecified", reason = "unspecified") {
+    super(message, {
+      cause: {
+        claim,
+        reason,
+        payload
+      }
+    });
+    this.claim = claim;
+    this.reason = reason;
+    this.payload = payload;
+  }
+};
+var JWTExpired = class extends JOSEError {
+  static {
+    __name(this, "JWTExpired");
+  }
+  static code = "ERR_JWT_EXPIRED";
+  code = "ERR_JWT_EXPIRED";
+  claim;
+  reason;
+  payload;
+  constructor(message, payload, claim = "unspecified", reason = "unspecified") {
+    super(message, {
+      cause: {
+        claim,
+        reason,
+        payload
+      }
+    });
+    this.claim = claim;
+    this.reason = reason;
+    this.payload = payload;
+  }
+};
+var JOSEAlgNotAllowed = class extends JOSEError {
+  static {
+    __name(this, "JOSEAlgNotAllowed");
+  }
+  static code = "ERR_JOSE_ALG_NOT_ALLOWED";
+  code = "ERR_JOSE_ALG_NOT_ALLOWED";
+};
+var JOSENotSupported = class extends JOSEError {
+  static {
+    __name(this, "JOSENotSupported");
+  }
+  static code = "ERR_JOSE_NOT_SUPPORTED";
+  code = "ERR_JOSE_NOT_SUPPORTED";
+};
+var JWSInvalid = class extends JOSEError {
+  static {
+    __name(this, "JWSInvalid");
+  }
+  static code = "ERR_JWS_INVALID";
+  code = "ERR_JWS_INVALID";
+};
+var JWTInvalid = class extends JOSEError {
+  static {
+    __name(this, "JWTInvalid");
+  }
+  static code = "ERR_JWT_INVALID";
+  code = "ERR_JWT_INVALID";
+};
+var JWSSignatureVerificationFailed = class extends JOSEError {
+  static {
+    __name(this, "JWSSignatureVerificationFailed");
+  }
+  static code = "ERR_JWS_SIGNATURE_VERIFICATION_FAILED";
+  code = "ERR_JWS_SIGNATURE_VERIFICATION_FAILED";
+  constructor(message = "signature verification failed", options) {
+    super(message, options);
+  }
+};
+var subtle_dsa = /* @__PURE__ */ __name((alg, algorithm) => {
+  const hash = `SHA-${alg.slice(-3)}`;
+  switch (alg) {
+    case "HS256":
+    case "HS384":
+    case "HS512":
+      return {
+        hash,
+        name: "HMAC"
+      };
+    case "PS256":
+    case "PS384":
+    case "PS512":
+      return {
+        hash,
+        name: "RSA-PSS",
+        saltLength: parseInt(alg.slice(-3), 10) >> 3
+      };
+    case "RS256":
+    case "RS384":
+    case "RS512":
+      return {
+        hash,
+        name: "RSASSA-PKCS1-v1_5"
+      };
+    case "ES256":
+    case "ES384":
+    case "ES512":
+      return {
+        hash,
+        name: "ECDSA",
+        namedCurve: algorithm.namedCurve
+      };
+    case "Ed25519":
+    case "EdDSA":
+      return {
+        name: "Ed25519"
+      };
+    default:
+      throw new JOSENotSupported(`alg ${alg} is not supported either by JOSE or your javascript runtime`);
+  }
+}, "subtle_dsa");
+var check_key_length = /* @__PURE__ */ __name((alg, key) => {
+  if (alg.startsWith("RS") || alg.startsWith("PS")) {
+    const { modulusLength } = key.algorithm;
+    if ("number" != typeof modulusLength || modulusLength < 2048) throw new TypeError(`${alg} requires key modulusLength to be 2048 bits or larger`);
+  }
+}, "check_key_length");
+function unusable(name, prop = "algorithm.name") {
+  return new TypeError(`CryptoKey does not support this operation, its ${prop} must be ${name}`);
+}
+__name(unusable, "unusable");
+function isAlgorithm(algorithm, name) {
+  return algorithm.name === name;
+}
+__name(isAlgorithm, "isAlgorithm");
+function getHashLength(hash) {
+  return parseInt(hash.name.slice(4), 10);
+}
+__name(getHashLength, "getHashLength");
+function getNamedCurve(alg) {
+  switch (alg) {
+    case "ES256":
+      return "P-256";
+    case "ES384":
+      return "P-384";
+    case "ES512":
+      return "P-521";
+    default:
+      throw new Error("unreachable");
+  }
+}
+__name(getNamedCurve, "getNamedCurve");
+function checkUsage(key, usage) {
+  if (usage && !key.usages.includes(usage)) throw new TypeError(`CryptoKey does not support this operation, its usages must include ${usage}.`);
+}
+__name(checkUsage, "checkUsage");
+function checkSigCryptoKey(key, alg, usage) {
+  switch (alg) {
+    case "HS256":
+    case "HS384":
+    case "HS512": {
+      if (!isAlgorithm(key.algorithm, "HMAC")) throw unusable("HMAC");
+      const expected = parseInt(alg.slice(2), 10);
+      const actual = getHashLength(key.algorithm.hash);
+      if (actual !== expected) throw unusable(`SHA-${expected}`, "algorithm.hash");
+      break;
+    }
+    case "RS256":
+    case "RS384":
+    case "RS512": {
+      if (!isAlgorithm(key.algorithm, "RSASSA-PKCS1-v1_5")) throw unusable("RSASSA-PKCS1-v1_5");
+      const expected = parseInt(alg.slice(2), 10);
+      const actual = getHashLength(key.algorithm.hash);
+      if (actual !== expected) throw unusable(`SHA-${expected}`, "algorithm.hash");
+      break;
+    }
+    case "PS256":
+    case "PS384":
+    case "PS512": {
+      if (!isAlgorithm(key.algorithm, "RSA-PSS")) throw unusable("RSA-PSS");
+      const expected = parseInt(alg.slice(2), 10);
+      const actual = getHashLength(key.algorithm.hash);
+      if (actual !== expected) throw unusable(`SHA-${expected}`, "algorithm.hash");
+      break;
+    }
+    case "Ed25519":
+    case "EdDSA":
+      if (!isAlgorithm(key.algorithm, "Ed25519")) throw unusable("Ed25519");
+      break;
+    case "ES256":
+    case "ES384":
+    case "ES512": {
+      if (!isAlgorithm(key.algorithm, "ECDSA")) throw unusable("ECDSA");
+      const expected = getNamedCurve(alg);
+      const actual = key.algorithm.namedCurve;
+      if (actual !== expected) throw unusable(expected, "algorithm.namedCurve");
+      break;
+    }
+    default:
+      throw new TypeError("CryptoKey does not support this operation");
+  }
+  checkUsage(key, usage);
+}
+__name(checkSigCryptoKey, "checkSigCryptoKey");
+function invalid_key_input_message(msg, actual, ...types) {
+  types = types.filter(Boolean);
+  if (types.length > 2) {
+    const last = types.pop();
+    msg += `one of type ${types.join(", ")}, or ${last}.`;
+  } else if (2 === types.length) msg += `one of type ${types[0]} or ${types[1]}.`;
+  else msg += `of type ${types[0]}.`;
+  if (null == actual) msg += ` Received ${actual}`;
+  else if ("function" == typeof actual && actual.name) msg += ` Received function ${actual.name}`;
+  else if ("object" == typeof actual && null != actual) {
+    if (actual.constructor?.name) msg += ` Received an instance of ${actual.constructor.name}`;
+  }
+  return msg;
+}
+__name(invalid_key_input_message, "invalid_key_input_message");
+var invalid_key_input = /* @__PURE__ */ __name((actual, ...types) => invalid_key_input_message("Key must be ", actual, ...types), "invalid_key_input");
+function withAlg(alg, actual, ...types) {
+  return invalid_key_input_message(`Key for the ${alg} algorithm must be `, actual, ...types);
+}
+__name(withAlg, "withAlg");
+var get_sign_verify_key = /* @__PURE__ */ __name(async (alg, key, usage) => {
+  if (key instanceof Uint8Array) {
+    if (!alg.startsWith("HS")) throw new TypeError(invalid_key_input(key, "CryptoKey", "KeyObject", "JSON Web Key"));
+    return crypto.subtle.importKey("raw", key, {
+      hash: `SHA-${alg.slice(-3)}`,
+      name: "HMAC"
+    }, false, [
+      usage
+    ]);
+  }
+  checkSigCryptoKey(key, alg, usage);
+  return key;
+}, "get_sign_verify_key");
+var sign = /* @__PURE__ */ __name(async (alg, key, data) => {
+  const cryptoKey = await get_sign_verify_key(alg, key, "sign");
+  check_key_length(alg, cryptoKey);
+  const signature = await crypto.subtle.sign(subtle_dsa(alg, cryptoKey.algorithm), cryptoKey, data);
+  return new Uint8Array(signature);
+}, "sign");
+var is_disjoint = /* @__PURE__ */ __name((...headers) => {
+  const sources = headers.filter(Boolean);
+  if (0 === sources.length || 1 === sources.length) return true;
+  let acc;
+  for (const header of sources) {
+    const parameters = Object.keys(header);
+    if (!acc || 0 === acc.size) {
+      acc = new Set(parameters);
+      continue;
+    }
+    for (const parameter of parameters) {
+      if (acc.has(parameter)) return false;
+      acc.add(parameter);
+    }
+  }
+  return true;
+}, "is_disjoint");
+function isCryptoKey(key) {
+  return key?.[Symbol.toStringTag] === "CryptoKey";
+}
+__name(isCryptoKey, "isCryptoKey");
+function isKeyObject(key) {
+  return key?.[Symbol.toStringTag] === "KeyObject";
+}
+__name(isKeyObject, "isKeyObject");
+var is_key_like = /* @__PURE__ */ __name((key) => isCryptoKey(key) || isKeyObject(key), "is_key_like");
+function isObjectLike(value) {
+  return "object" == typeof value && null !== value;
+}
+__name(isObjectLike, "isObjectLike");
+var is_object = /* @__PURE__ */ __name((input) => {
+  if (!isObjectLike(input) || "[object Object]" !== Object.prototype.toString.call(input)) return false;
+  if (null === Object.getPrototypeOf(input)) return true;
+  let proto = input;
+  while (null !== Object.getPrototypeOf(proto)) proto = Object.getPrototypeOf(proto);
+  return Object.getPrototypeOf(input) === proto;
+}, "is_object");
+function isJWK(key) {
+  return is_object(key) && "string" == typeof key.kty;
+}
+__name(isJWK, "isJWK");
+function isPrivateJWK(key) {
+  return "oct" !== key.kty && "string" == typeof key.d;
+}
+__name(isPrivateJWK, "isPrivateJWK");
+function isPublicJWK(key) {
+  return "oct" !== key.kty && void 0 === key.d;
+}
+__name(isPublicJWK, "isPublicJWK");
+function isSecretJWK(key) {
+  return "oct" === key.kty && "string" == typeof key.k;
+}
+__name(isSecretJWK, "isSecretJWK");
+var tag = /* @__PURE__ */ __name((key) => key?.[Symbol.toStringTag], "tag");
+var jwkMatchesOp = /* @__PURE__ */ __name((alg, key, usage) => {
+  if (void 0 !== key.use) {
+    let expected;
+    switch (usage) {
+      case "sign":
+      case "verify":
+        expected = "sig";
+        break;
+      case "encrypt":
+      case "decrypt":
+        expected = "enc";
+        break;
+    }
+    if (key.use !== expected) throw new TypeError(`Invalid key for this operation, its "use" must be "${expected}" when present`);
+  }
+  if (void 0 !== key.alg && key.alg !== alg) throw new TypeError(`Invalid key for this operation, its "alg" must be "${alg}" when present`);
+  if (Array.isArray(key.key_ops)) {
+    let expectedKeyOp;
+    switch (true) {
+      case ("sign" === usage || "verify" === usage):
+      case "dir" === alg:
+      case alg.includes("CBC-HS"):
+        expectedKeyOp = usage;
+        break;
+      case alg.startsWith("PBES2"):
+        expectedKeyOp = "deriveBits";
+        break;
+      case /^A\d{3}(?:GCM)?(?:KW)?$/.test(alg):
+        expectedKeyOp = !alg.includes("GCM") && alg.endsWith("KW") ? "encrypt" === usage ? "wrapKey" : "unwrapKey" : usage;
+        break;
+      case ("encrypt" === usage && alg.startsWith("RSA")):
+        expectedKeyOp = "wrapKey";
+        break;
+      case "decrypt" === usage:
+        expectedKeyOp = alg.startsWith("RSA") ? "unwrapKey" : "deriveBits";
+        break;
+    }
+    if (expectedKeyOp && key.key_ops?.includes?.(expectedKeyOp) === false) throw new TypeError(`Invalid key for this operation, its "key_ops" must include "${expectedKeyOp}" when present`);
+  }
+  return true;
+}, "jwkMatchesOp");
+var symmetricTypeCheck = /* @__PURE__ */ __name((alg, key, usage) => {
+  if (key instanceof Uint8Array) return;
+  if (isJWK(key)) {
+    if (isSecretJWK(key) && jwkMatchesOp(alg, key, usage)) return;
+    throw new TypeError('JSON Web Key for symmetric algorithms must have JWK "kty" (Key Type) equal to "oct" and the JWK "k" (Key Value) present');
+  }
+  if (!is_key_like(key)) throw new TypeError(withAlg(alg, key, "CryptoKey", "KeyObject", "JSON Web Key", "Uint8Array"));
+  if ("secret" !== key.type) throw new TypeError(`${tag(key)} instances for symmetric algorithms must be of type "secret"`);
+}, "symmetricTypeCheck");
+var asymmetricTypeCheck = /* @__PURE__ */ __name((alg, key, usage) => {
+  if (isJWK(key)) switch (usage) {
+    case "decrypt":
+    case "sign":
+      if (isPrivateJWK(key) && jwkMatchesOp(alg, key, usage)) return;
+      throw new TypeError("JSON Web Key for this operation be a private JWK");
+    case "encrypt":
+    case "verify":
+      if (isPublicJWK(key) && jwkMatchesOp(alg, key, usage)) return;
+      throw new TypeError("JSON Web Key for this operation be a public JWK");
+  }
+  if (!is_key_like(key)) throw new TypeError(withAlg(alg, key, "CryptoKey", "KeyObject", "JSON Web Key"));
+  if ("secret" === key.type) throw new TypeError(`${tag(key)} instances for asymmetric algorithms must not be of type "secret"`);
+  if ("public" === key.type) switch (usage) {
+    case "sign":
+      throw new TypeError(`${tag(key)} instances for asymmetric algorithm signing must be of type "private"`);
+    case "decrypt":
+      throw new TypeError(`${tag(key)} instances for asymmetric algorithm decryption must be of type "private"`);
+    default:
+      break;
+  }
+  if ("private" === key.type) switch (usage) {
+    case "verify":
+      throw new TypeError(`${tag(key)} instances for asymmetric algorithm verifying must be of type "public"`);
+    case "encrypt":
+      throw new TypeError(`${tag(key)} instances for asymmetric algorithm encryption must be of type "public"`);
+    default:
+      break;
+  }
+}, "asymmetricTypeCheck");
+var check_key_type = /* @__PURE__ */ __name((alg, key, usage) => {
+  const symmetric = alg.startsWith("HS") || "dir" === alg || alg.startsWith("PBES2") || /^A(?:128|192|256)(?:GCM)?(?:KW)?$/.test(alg) || /^A(?:128|192|256)CBC-HS(?:256|384|512)$/.test(alg);
+  if (symmetric) symmetricTypeCheck(alg, key, usage);
+  else asymmetricTypeCheck(alg, key, usage);
+}, "check_key_type");
+var validate_crit = /* @__PURE__ */ __name((Err, recognizedDefault, recognizedOption, protectedHeader, joseHeader) => {
+  if (void 0 !== joseHeader.crit && protectedHeader?.crit === void 0) throw new Err('"crit" (Critical) Header Parameter MUST be integrity protected');
+  if (!protectedHeader || void 0 === protectedHeader.crit) return /* @__PURE__ */ new Set();
+  if (!Array.isArray(protectedHeader.crit) || 0 === protectedHeader.crit.length || protectedHeader.crit.some((input) => "string" != typeof input || 0 === input.length)) throw new Err('"crit" (Critical) Header Parameter MUST be an array of non-empty strings when present');
+  let recognized;
+  recognized = void 0 !== recognizedOption ? new Map([
+    ...Object.entries(recognizedOption),
+    ...recognizedDefault.entries()
+  ]) : recognizedDefault;
+  for (const parameter of protectedHeader.crit) {
+    if (!recognized.has(parameter)) throw new JOSENotSupported(`Extension Header Parameter "${parameter}" is not recognized`);
+    if (void 0 === joseHeader[parameter]) throw new Err(`Extension Header Parameter "${parameter}" is missing`);
+    if (recognized.get(parameter) && void 0 === protectedHeader[parameter]) throw new Err(`Extension Header Parameter "${parameter}" MUST be integrity protected`);
+  }
+  return new Set(protectedHeader.crit);
+}, "validate_crit");
+function subtleMapping(jwk) {
+  let algorithm;
+  let keyUsages;
+  switch (jwk.kty) {
+    case "RSA":
+      switch (jwk.alg) {
+        case "PS256":
+        case "PS384":
+        case "PS512":
+          algorithm = {
+            name: "RSA-PSS",
+            hash: `SHA-${jwk.alg.slice(-3)}`
+          };
+          keyUsages = jwk.d ? [
+            "sign"
+          ] : [
+            "verify"
+          ];
+          break;
+        case "RS256":
+        case "RS384":
+        case "RS512":
+          algorithm = {
+            name: "RSASSA-PKCS1-v1_5",
+            hash: `SHA-${jwk.alg.slice(-3)}`
+          };
+          keyUsages = jwk.d ? [
+            "sign"
+          ] : [
+            "verify"
+          ];
+          break;
+        case "RSA-OAEP":
+        case "RSA-OAEP-256":
+        case "RSA-OAEP-384":
+        case "RSA-OAEP-512":
+          algorithm = {
+            name: "RSA-OAEP",
+            hash: `SHA-${parseInt(jwk.alg.slice(-3), 10) || 1}`
+          };
+          keyUsages = jwk.d ? [
+            "decrypt",
+            "unwrapKey"
+          ] : [
+            "encrypt",
+            "wrapKey"
+          ];
+          break;
+        default:
+          throw new JOSENotSupported('Invalid or unsupported JWK "alg" (Algorithm) Parameter value');
+      }
+      break;
+    case "EC":
+      switch (jwk.alg) {
+        case "ES256":
+          algorithm = {
+            name: "ECDSA",
+            namedCurve: "P-256"
+          };
+          keyUsages = jwk.d ? [
+            "sign"
+          ] : [
+            "verify"
+          ];
+          break;
+        case "ES384":
+          algorithm = {
+            name: "ECDSA",
+            namedCurve: "P-384"
+          };
+          keyUsages = jwk.d ? [
+            "sign"
+          ] : [
+            "verify"
+          ];
+          break;
+        case "ES512":
+          algorithm = {
+            name: "ECDSA",
+            namedCurve: "P-521"
+          };
+          keyUsages = jwk.d ? [
+            "sign"
+          ] : [
+            "verify"
+          ];
+          break;
+        case "ECDH-ES":
+        case "ECDH-ES+A128KW":
+        case "ECDH-ES+A192KW":
+        case "ECDH-ES+A256KW":
+          algorithm = {
+            name: "ECDH",
+            namedCurve: jwk.crv
+          };
+          keyUsages = jwk.d ? [
+            "deriveBits"
+          ] : [];
+          break;
+        default:
+          throw new JOSENotSupported('Invalid or unsupported JWK "alg" (Algorithm) Parameter value');
+      }
+      break;
+    case "OKP":
+      switch (jwk.alg) {
+        case "Ed25519":
+        case "EdDSA":
+          algorithm = {
+            name: "Ed25519"
+          };
+          keyUsages = jwk.d ? [
+            "sign"
+          ] : [
+            "verify"
+          ];
+          break;
+        case "ECDH-ES":
+        case "ECDH-ES+A128KW":
+        case "ECDH-ES+A192KW":
+        case "ECDH-ES+A256KW":
+          algorithm = {
+            name: jwk.crv
+          };
+          keyUsages = jwk.d ? [
+            "deriveBits"
+          ] : [];
+          break;
+        default:
+          throw new JOSENotSupported('Invalid or unsupported JWK "alg" (Algorithm) Parameter value');
+      }
+      break;
+    default:
+      throw new JOSENotSupported('Invalid or unsupported JWK "kty" (Key Type) Parameter value');
   }
   return {
-    id: result.id,
-    shouldForceUpdate: Boolean(result.should_force_update),
-    fileUrl: result.file_url,
-    fileHash: result.file_hash,
-    status: result.status
+    algorithm,
+    keyUsages
   };
-}, "getUpdateInfo");
-
-// worker/src/index.ts
-var index_default = {
-  async fetch(request, env2, ctx) {
-    const url = new URL(request.url);
-    if (url.pathname !== "/api/check-update") {
-      return new Response("Not found", { status: 404 });
-    }
-    const bundleId = request.headers.get("x-bundle-id");
-    const appPlatform = request.headers.get("x-app-platform");
-    const appVersion = request.headers.get("x-app-version");
-    if (!bundleId || !appPlatform || !appVersion) {
-      return new Response(
-        JSON.stringify({
-          error: "Missing bundleId, appPlatform, or appVersion"
-        }),
-        { status: 400 }
-      );
-    }
-    const updateInfo = await getUpdateInfo(env2.DB, {
-      appVersion,
-      bundleId,
-      platform: appPlatform
-    });
-    return new Response(JSON.stringify(updateInfo), {
-      headers: { "Content-Type": "application/json" },
-      status: 200
+}
+__name(subtleMapping, "subtleMapping");
+var jwk_to_key = /* @__PURE__ */ __name(async (jwk) => {
+  if (!jwk.alg) throw new TypeError('"alg" argument is required when "jwk.alg" is not present');
+  const { algorithm, keyUsages } = subtleMapping(jwk);
+  const keyData = {
+    ...jwk
+  };
+  delete keyData.alg;
+  delete keyData.use;
+  return crypto.subtle.importKey("jwk", keyData, algorithm, jwk.ext ?? !jwk.d, jwk.key_ops ?? keyUsages);
+}, "jwk_to_key");
+var cache;
+var handleJWK = /* @__PURE__ */ __name(async (key, jwk, alg, freeze = false) => {
+  cache ||= /* @__PURE__ */ new WeakMap();
+  let cached = cache.get(key);
+  if (cached?.[alg]) return cached[alg];
+  const cryptoKey = await jwk_to_key({
+    ...jwk,
+    alg
+  });
+  if (freeze) Object.freeze(key);
+  if (cached) cached[alg] = cryptoKey;
+  else cache.set(key, {
+    [alg]: cryptoKey
+  });
+  return cryptoKey;
+}, "handleJWK");
+var handleKeyObject = /* @__PURE__ */ __name((keyObject, alg) => {
+  cache ||= /* @__PURE__ */ new WeakMap();
+  let cached = cache.get(keyObject);
+  if (cached?.[alg]) return cached[alg];
+  const isPublic = "public" === keyObject.type;
+  const extractable = !!isPublic;
+  let cryptoKey;
+  if ("x25519" === keyObject.asymmetricKeyType) {
+    switch (alg) {
+      case "ECDH-ES":
+      case "ECDH-ES+A128KW":
+      case "ECDH-ES+A192KW":
+      case "ECDH-ES+A256KW":
+        break;
+      default:
+        throw new TypeError("given KeyObject instance cannot be used for this algorithm");
+    }
+    cryptoKey = keyObject.toCryptoKey(keyObject.asymmetricKeyType, extractable, isPublic ? [] : [
+      "deriveBits"
+    ]);
+  }
+  if ("ed25519" === keyObject.asymmetricKeyType) {
+    if ("EdDSA" !== alg && "Ed25519" !== alg) throw new TypeError("given KeyObject instance cannot be used for this algorithm");
+    cryptoKey = keyObject.toCryptoKey(keyObject.asymmetricKeyType, extractable, [
+      isPublic ? "verify" : "sign"
+    ]);
+  }
+  if ("rsa" === keyObject.asymmetricKeyType) {
+    let hash;
+    switch (alg) {
+      case "RSA-OAEP":
+        hash = "SHA-1";
+        break;
+      case "RS256":
+      case "PS256":
+      case "RSA-OAEP-256":
+        hash = "SHA-256";
+        break;
+      case "RS384":
+      case "PS384":
+      case "RSA-OAEP-384":
+        hash = "SHA-384";
+        break;
+      case "RS512":
+      case "PS512":
+      case "RSA-OAEP-512":
+        hash = "SHA-512";
+        break;
+      default:
+        throw new TypeError("given KeyObject instance cannot be used for this algorithm");
+    }
+    if (alg.startsWith("RSA-OAEP")) return keyObject.toCryptoKey({
+      name: "RSA-OAEP",
+      hash
+    }, extractable, isPublic ? [
+      "encrypt"
+    ] : [
+      "decrypt"
+    ]);
+    cryptoKey = keyObject.toCryptoKey({
+      name: alg.startsWith("PS") ? "RSA-PSS" : "RSASSA-PKCS1-v1_5",
+      hash
+    }, extractable, [
+      isPublic ? "verify" : "sign"
+    ]);
+  }
+  if ("ec" === keyObject.asymmetricKeyType) {
+    const nist = /* @__PURE__ */ new Map([
+      [
+        "prime256v1",
+        "P-256"
+      ],
+      [
+        "secp384r1",
+        "P-384"
+      ],
+      [
+        "secp521r1",
+        "P-521"
+      ]
+    ]);
+    const namedCurve = nist.get(keyObject.asymmetricKeyDetails?.namedCurve);
+    if (!namedCurve) throw new TypeError("given KeyObject instance cannot be used for this algorithm");
+    if ("ES256" === alg && "P-256" === namedCurve) cryptoKey = keyObject.toCryptoKey({
+      name: "ECDSA",
+      namedCurve
+    }, extractable, [
+      isPublic ? "verify" : "sign"
+    ]);
+    if ("ES384" === alg && "P-384" === namedCurve) cryptoKey = keyObject.toCryptoKey({
+      name: "ECDSA",
+      namedCurve
+    }, extractable, [
+      isPublic ? "verify" : "sign"
+    ]);
+    if ("ES512" === alg && "P-521" === namedCurve) cryptoKey = keyObject.toCryptoKey({
+      name: "ECDSA",
+      namedCurve
+    }, extractable, [
+      isPublic ? "verify" : "sign"
+    ]);
+    if (alg.startsWith("ECDH-ES")) cryptoKey = keyObject.toCryptoKey({
+      name: "ECDH",
+      namedCurve
+    }, extractable, isPublic ? [] : [
+      "deriveBits"
+    ]);
+  }
+  if (!cryptoKey) throw new TypeError("given KeyObject instance cannot be used for this algorithm");
+  if (cached) cached[alg] = cryptoKey;
+  else cache.set(keyObject, {
+    [alg]: cryptoKey
+  });
+  return cryptoKey;
+}, "handleKeyObject");
+var normalize_key = /* @__PURE__ */ __name(async (key, alg) => {
+  if (key instanceof Uint8Array) return key;
+  if (isCryptoKey(key)) return key;
+  if (isKeyObject(key)) {
+    if ("secret" === key.type) return key.export();
+    if ("toCryptoKey" in key && "function" == typeof key.toCryptoKey) try {
+      return handleKeyObject(key, alg);
+    } catch (err) {
+      if (err instanceof TypeError) throw err;
+    }
+    let jwk = key.export({
+      format: "jwk"
     });
+    return handleJWK(key, jwk, alg);
+  }
+  if (isJWK(key)) {
+    if (key.k) return decode(key.k);
+    return handleJWK(key, key, alg, true);
+  }
+  throw new Error("unreachable");
+}, "normalize_key");
+var FlattenedSign = class {
+  static {
+    __name(this, "FlattenedSign");
+  }
+  #payload;
+  #protectedHeader;
+  #unprotectedHeader;
+  constructor(payload) {
+    if (!(payload instanceof Uint8Array)) throw new TypeError("payload must be an instance of Uint8Array");
+    this.#payload = payload;
+  }
+  setProtectedHeader(protectedHeader) {
+    if (this.#protectedHeader) throw new TypeError("setProtectedHeader can only be called once");
+    this.#protectedHeader = protectedHeader;
+    return this;
+  }
+  setUnprotectedHeader(unprotectedHeader) {
+    if (this.#unprotectedHeader) throw new TypeError("setUnprotectedHeader can only be called once");
+    this.#unprotectedHeader = unprotectedHeader;
+    return this;
+  }
+  async sign(key, options) {
+    if (!this.#protectedHeader && !this.#unprotectedHeader) throw new JWSInvalid("either setProtectedHeader or setUnprotectedHeader must be called before #sign()");
+    if (!is_disjoint(this.#protectedHeader, this.#unprotectedHeader)) throw new JWSInvalid("JWS Protected and JWS Unprotected Header Parameter names must be disjoint");
+    const joseHeader = {
+      ...this.#protectedHeader,
+      ...this.#unprotectedHeader
+    };
+    const extensions = validate_crit(JWSInvalid, /* @__PURE__ */ new Map([
+      [
+        "b64",
+        true
+      ]
+    ]), options?.crit, this.#protectedHeader, joseHeader);
+    let b64 = true;
+    if (extensions.has("b64")) {
+      b64 = this.#protectedHeader.b64;
+      if ("boolean" != typeof b64) throw new JWSInvalid('The "b64" (base64url-encode payload) Header Parameter must be a boolean');
+    }
+    const { alg } = joseHeader;
+    if ("string" != typeof alg || !alg) throw new JWSInvalid('JWS "alg" (Algorithm) Header Parameter missing or invalid');
+    check_key_type(alg, key, "sign");
+    let payload = this.#payload;
+    if (b64) payload = encoder.encode(encode(payload));
+    let protectedHeader;
+    protectedHeader = this.#protectedHeader ? encoder.encode(encode(JSON.stringify(this.#protectedHeader))) : encoder.encode("");
+    const data = concat(protectedHeader, encoder.encode("."), payload);
+    const k = await normalize_key(key, alg);
+    const signature = await sign(alg, k, data);
+    const jws = {
+      signature: encode(signature),
+      payload: ""
+    };
+    if (b64) jws.payload = decoder.decode(payload);
+    if (this.#unprotectedHeader) jws.header = this.#unprotectedHeader;
+    if (this.#protectedHeader) jws.protected = decoder.decode(protectedHeader);
+    return jws;
+  }
+};
+var CompactSign = class {
+  static {
+    __name(this, "CompactSign");
+  }
+  #flattened;
+  constructor(payload) {
+    this.#flattened = new FlattenedSign(payload);
+  }
+  setProtectedHeader(protectedHeader) {
+    this.#flattened.setProtectedHeader(protectedHeader);
+    return this;
+  }
+  async sign(key, options) {
+    const jws = await this.#flattened.sign(key, options);
+    if (void 0 === jws.payload) throw new TypeError("use the flattened module for creating JWS with b64: false");
+    return `${jws.protected}.${jws.payload}.${jws.signature}`;
+  }
+};
+var epoch = /* @__PURE__ */ __name((date) => Math.floor(date.getTime() / 1e3), "epoch");
+var minute = 60;
+var hour = 60 * minute;
+var day = 24 * hour;
+var week = 7 * day;
+var year = 365.25 * day;
+var REGEX = /^(\+|\-)? ?(\d+|\d+\.\d+) ?(seconds?|secs?|s|minutes?|mins?|m|hours?|hrs?|h|days?|d|weeks?|w|years?|yrs?|y)(?: (ago|from now))?$/i;
+var secs = /* @__PURE__ */ __name((str) => {
+  const matched = REGEX.exec(str);
+  if (!matched || matched[4] && matched[1]) throw new TypeError("Invalid time period format");
+  const value = parseFloat(matched[2]);
+  const unit = matched[3].toLowerCase();
+  let numericDate;
+  switch (unit) {
+    case "sec":
+    case "secs":
+    case "second":
+    case "seconds":
+    case "s":
+      numericDate = Math.round(value);
+      break;
+    case "minute":
+    case "minutes":
+    case "min":
+    case "mins":
+    case "m":
+      numericDate = Math.round(value * minute);
+      break;
+    case "hour":
+    case "hours":
+    case "hr":
+    case "hrs":
+    case "h":
+      numericDate = Math.round(value * hour);
+      break;
+    case "day":
+    case "days":
+    case "d":
+      numericDate = Math.round(value * day);
+      break;
+    case "week":
+    case "weeks":
+    case "w":
+      numericDate = Math.round(value * week);
+      break;
+    default:
+      numericDate = Math.round(value * year);
+      break;
+  }
+  if ("-" === matched[1] || "ago" === matched[4]) return -numericDate;
+  return numericDate;
+}, "secs");
+function validateInput(label, input) {
+  if (!Number.isFinite(input)) throw new TypeError(`Invalid ${label} input`);
+  return input;
+}
+__name(validateInput, "validateInput");
+var normalizeTyp = /* @__PURE__ */ __name((value) => value.toLowerCase().replace(/^application\//, ""), "normalizeTyp");
+var checkAudiencePresence = /* @__PURE__ */ __name((audPayload, audOption) => {
+  if ("string" == typeof audPayload) return audOption.includes(audPayload);
+  if (Array.isArray(audPayload)) return audOption.some(Set.prototype.has.bind(new Set(audPayload)));
+  return false;
+}, "checkAudiencePresence");
+function validateClaimsSet(protectedHeader, encodedPayload, options = {}) {
+  let payload;
+  try {
+    payload = JSON.parse(decoder.decode(encodedPayload));
+  } catch {
+  }
+  if (!is_object(payload)) throw new JWTInvalid("JWT Claims Set must be a top-level JSON object");
+  const { typ } = options;
+  if (typ && ("string" != typeof protectedHeader.typ || normalizeTyp(protectedHeader.typ) !== normalizeTyp(typ))) throw new JWTClaimValidationFailed('unexpected "typ" JWT header value', payload, "typ", "check_failed");
+  const { requiredClaims = [], issuer, subject, audience, maxTokenAge } = options;
+  const presenceCheck = [
+    ...requiredClaims
+  ];
+  if (void 0 !== maxTokenAge) presenceCheck.push("iat");
+  if (void 0 !== audience) presenceCheck.push("aud");
+  if (void 0 !== subject) presenceCheck.push("sub");
+  if (void 0 !== issuer) presenceCheck.push("iss");
+  for (const claim of new Set(presenceCheck.reverse())) if (!(claim in payload)) throw new JWTClaimValidationFailed(`missing required "${claim}" claim`, payload, claim, "missing");
+  if (issuer && !(Array.isArray(issuer) ? issuer : [
+    issuer
+  ]).includes(payload.iss)) throw new JWTClaimValidationFailed('unexpected "iss" claim value', payload, "iss", "check_failed");
+  if (subject && payload.sub !== subject) throw new JWTClaimValidationFailed('unexpected "sub" claim value', payload, "sub", "check_failed");
+  if (audience && !checkAudiencePresence(payload.aud, "string" == typeof audience ? [
+    audience
+  ] : audience)) throw new JWTClaimValidationFailed('unexpected "aud" claim value', payload, "aud", "check_failed");
+  let tolerance;
+  switch (typeof options.clockTolerance) {
+    case "string":
+      tolerance = secs(options.clockTolerance);
+      break;
+    case "number":
+      tolerance = options.clockTolerance;
+      break;
+    case "undefined":
+      tolerance = 0;
+      break;
+    default:
+      throw new TypeError("Invalid clockTolerance option type");
+  }
+  const { currentDate } = options;
+  const now = epoch(currentDate || /* @__PURE__ */ new Date());
+  if ((void 0 !== payload.iat || maxTokenAge) && "number" != typeof payload.iat) throw new JWTClaimValidationFailed('"iat" claim must be a number', payload, "iat", "invalid");
+  if (void 0 !== payload.nbf) {
+    if ("number" != typeof payload.nbf) throw new JWTClaimValidationFailed('"nbf" claim must be a number', payload, "nbf", "invalid");
+    if (payload.nbf > now + tolerance) throw new JWTClaimValidationFailed('"nbf" claim timestamp check failed', payload, "nbf", "check_failed");
+  }
+  if (void 0 !== payload.exp) {
+    if ("number" != typeof payload.exp) throw new JWTClaimValidationFailed('"exp" claim must be a number', payload, "exp", "invalid");
+    if (payload.exp <= now - tolerance) throw new JWTExpired('"exp" claim timestamp check failed', payload, "exp", "check_failed");
+  }
+  if (maxTokenAge) {
+    const age = now - payload.iat;
+    const max = "number" == typeof maxTokenAge ? maxTokenAge : secs(maxTokenAge);
+    if (age - tolerance > max) throw new JWTExpired('"iat" claim timestamp check failed (too far in the past)', payload, "iat", "check_failed");
+    if (age < 0 - tolerance) throw new JWTClaimValidationFailed('"iat" claim timestamp check failed (it should be in the past)', payload, "iat", "check_failed");
+  }
+  return payload;
+}
+__name(validateClaimsSet, "validateClaimsSet");
+var JWTClaimsBuilder = class {
+  static {
+    __name(this, "JWTClaimsBuilder");
+  }
+  #payload;
+  constructor(payload) {
+    if (!is_object(payload)) throw new TypeError("JWT Claims Set MUST be an object");
+    this.#payload = structuredClone(payload);
+  }
+  data() {
+    return encoder.encode(JSON.stringify(this.#payload));
+  }
+  get iss() {
+    return this.#payload.iss;
+  }
+  set iss(value) {
+    this.#payload.iss = value;
+  }
+  get sub() {
+    return this.#payload.sub;
+  }
+  set sub(value) {
+    this.#payload.sub = value;
+  }
+  get aud() {
+    return this.#payload.aud;
+  }
+  set aud(value) {
+    this.#payload.aud = value;
+  }
+  set jti(value) {
+    this.#payload.jti = value;
+  }
+  set nbf(value) {
+    if ("number" == typeof value) this.#payload.nbf = validateInput("setNotBefore", value);
+    else if (value instanceof Date) this.#payload.nbf = validateInput("setNotBefore", epoch(value));
+    else this.#payload.nbf = epoch(/* @__PURE__ */ new Date()) + secs(value);
+  }
+  set exp(value) {
+    if ("number" == typeof value) this.#payload.exp = validateInput("setExpirationTime", value);
+    else if (value instanceof Date) this.#payload.exp = validateInput("setExpirationTime", epoch(value));
+    else this.#payload.exp = epoch(/* @__PURE__ */ new Date()) + secs(value);
+  }
+  set iat(value) {
+    if (void 0 === value) this.#payload.iat = epoch(/* @__PURE__ */ new Date());
+    else if (value instanceof Date) this.#payload.iat = validateInput("setIssuedAt", epoch(value));
+    else if ("string" == typeof value) this.#payload.iat = validateInput("setIssuedAt", epoch(/* @__PURE__ */ new Date()) + secs(value));
+    else this.#payload.iat = validateInput("setIssuedAt", value);
   }
 };
+var SignJWT = class {
+  static {
+    __name(this, "SignJWT");
+  }
+  #protectedHeader;
+  #jwt;
+  constructor(payload = {}) {
+    this.#jwt = new JWTClaimsBuilder(payload);
+  }
+  setIssuer(issuer) {
+    this.#jwt.iss = issuer;
+    return this;
+  }
+  setSubject(subject) {
+    this.#jwt.sub = subject;
+    return this;
+  }
+  setAudience(audience) {
+    this.#jwt.aud = audience;
+    return this;
+  }
+  setJti(jwtId) {
+    this.#jwt.jti = jwtId;
+    return this;
+  }
+  setNotBefore(input) {
+    this.#jwt.nbf = input;
+    return this;
+  }
+  setExpirationTime(input) {
+    this.#jwt.exp = input;
+    return this;
+  }
+  setIssuedAt(input) {
+    this.#jwt.iat = input;
+    return this;
+  }
+  setProtectedHeader(protectedHeader) {
+    this.#protectedHeader = protectedHeader;
+    return this;
+  }
+  async sign(key, options) {
+    const sig = new CompactSign(this.#jwt.data());
+    sig.setProtectedHeader(this.#protectedHeader);
+    if (Array.isArray(this.#protectedHeader?.crit) && this.#protectedHeader.crit.includes("b64") && false === this.#protectedHeader.b64) throw new JWTInvalid("JWTs MUST NOT use unencoded payload");
+    return sig.sign(key, options);
+  }
+};
+var withJwtSignedUrl = /* @__PURE__ */ __name(async ({ data, reqUrl, jwtSecret }) => {
+  if (!data) return null;
+  if (data.id === NIL_UUID) return {
+    ...data,
+    fileUrl: null
+  };
+  const key = `${data.id}/bundle.zip`;
+  const token = await signToken(key, jwtSecret);
+  const url = new URL(reqUrl);
+  url.pathname = `/${key}`;
+  url.searchParams.set("token", token);
+  return {
+    ...data,
+    fileUrl: url.toString()
+  };
+}, "withJwtSignedUrl");
+var signToken = /* @__PURE__ */ __name(async (key, jwtSecret) => {
+  const secretKey = new TextEncoder().encode(jwtSecret);
+  const token = await new SignJWT({
+    key
+  }).setProtectedHeader({
+    alg: "HS256"
+  }).setExpirationTime("60s").sign(secretKey);
+  return token;
+}, "signToken");
+var verify = /* @__PURE__ */ __name(async (alg, key, signature, data) => {
+  const cryptoKey = await get_sign_verify_key(alg, key, "verify");
+  check_key_length(alg, cryptoKey);
+  const algorithm = subtle_dsa(alg, cryptoKey.algorithm);
+  try {
+    return await crypto.subtle.verify(algorithm, cryptoKey, signature, data);
+  } catch {
+    return false;
+  }
+}, "verify");
+var validate_algorithms = /* @__PURE__ */ __name((option, algorithms) => {
+  if (void 0 !== algorithms && (!Array.isArray(algorithms) || algorithms.some((s) => "string" != typeof s))) throw new TypeError(`"${option}" option must be an array of strings`);
+  if (!algorithms) return;
+  return new Set(algorithms);
+}, "validate_algorithms");
+async function flattenedVerify(jws, key, options) {
+  if (!is_object(jws)) throw new JWSInvalid("Flattened JWS must be an object");
+  if (void 0 === jws.protected && void 0 === jws.header) throw new JWSInvalid('Flattened JWS must have either of the "protected" or "header" members');
+  if (void 0 !== jws.protected && "string" != typeof jws.protected) throw new JWSInvalid("JWS Protected Header incorrect type");
+  if (void 0 === jws.payload) throw new JWSInvalid("JWS Payload missing");
+  if ("string" != typeof jws.signature) throw new JWSInvalid("JWS Signature missing or incorrect type");
+  if (void 0 !== jws.header && !is_object(jws.header)) throw new JWSInvalid("JWS Unprotected Header incorrect type");
+  let parsedProt = {};
+  if (jws.protected) try {
+    const protectedHeader = decode(jws.protected);
+    parsedProt = JSON.parse(decoder.decode(protectedHeader));
+  } catch {
+    throw new JWSInvalid("JWS Protected Header is invalid");
+  }
+  if (!is_disjoint(parsedProt, jws.header)) throw new JWSInvalid("JWS Protected and JWS Unprotected Header Parameter names must be disjoint");
+  const joseHeader = {
+    ...parsedProt,
+    ...jws.header
+  };
+  const extensions = validate_crit(JWSInvalid, /* @__PURE__ */ new Map([
+    [
+      "b64",
+      true
+    ]
+  ]), options?.crit, parsedProt, joseHeader);
+  let b64 = true;
+  if (extensions.has("b64")) {
+    b64 = parsedProt.b64;
+    if ("boolean" != typeof b64) throw new JWSInvalid('The "b64" (base64url-encode payload) Header Parameter must be a boolean');
+  }
+  const { alg } = joseHeader;
+  if ("string" != typeof alg || !alg) throw new JWSInvalid('JWS "alg" (Algorithm) Header Parameter missing or invalid');
+  const algorithms = options && validate_algorithms("algorithms", options.algorithms);
+  if (algorithms && !algorithms.has(alg)) throw new JOSEAlgNotAllowed('"alg" (Algorithm) Header Parameter value not allowed');
+  if (b64) {
+    if ("string" != typeof jws.payload) throw new JWSInvalid("JWS Payload must be a string");
+  } else if ("string" != typeof jws.payload && !(jws.payload instanceof Uint8Array)) throw new JWSInvalid("JWS Payload must be a string or an Uint8Array instance");
+  let resolvedKey = false;
+  if ("function" == typeof key) {
+    key = await key(parsedProt, jws);
+    resolvedKey = true;
+  }
+  check_key_type(alg, key, "verify");
+  const data = concat(encoder.encode(jws.protected ?? ""), encoder.encode("."), "string" == typeof jws.payload ? encoder.encode(jws.payload) : jws.payload);
+  let signature;
+  try {
+    signature = decode(jws.signature);
+  } catch {
+    throw new JWSInvalid("Failed to base64url decode the signature");
+  }
+  const k = await normalize_key(key, alg);
+  const verified = await verify(alg, k, signature, data);
+  if (!verified) throw new JWSSignatureVerificationFailed();
+  let payload;
+  if (b64) try {
+    payload = decode(jws.payload);
+  } catch {
+    throw new JWSInvalid("Failed to base64url decode the payload");
+  }
+  else payload = "string" == typeof jws.payload ? encoder.encode(jws.payload) : jws.payload;
+  const result = {
+    payload
+  };
+  if (void 0 !== jws.protected) result.protectedHeader = parsedProt;
+  if (void 0 !== jws.header) result.unprotectedHeader = jws.header;
+  if (resolvedKey) return {
+    ...result,
+    key: k
+  };
+  return result;
+}
+__name(flattenedVerify, "flattenedVerify");
+async function compactVerify(jws, key, options) {
+  if (jws instanceof Uint8Array) jws = decoder.decode(jws);
+  if ("string" != typeof jws) throw new JWSInvalid("Compact JWS must be a string or Uint8Array");
+  const { 0: protectedHeader, 1: payload, 2: signature, length } = jws.split(".");
+  if (3 !== length) throw new JWSInvalid("Invalid Compact JWS");
+  const verified = await flattenedVerify({
+    payload,
+    protected: protectedHeader,
+    signature
+  }, key, options);
+  const result = {
+    payload: verified.payload,
+    protectedHeader: verified.protectedHeader
+  };
+  if ("function" == typeof key) return {
+    ...result,
+    key: verified.key
+  };
+  return result;
+}
+__name(compactVerify, "compactVerify");
+async function jwtVerify(jwt, key, options) {
+  const verified = await compactVerify(jwt, key, options);
+  if (verified.protectedHeader.crit?.includes("b64") && false === verified.protectedHeader.b64) throw new JWTInvalid("JWTs MUST NOT use unencoded payload");
+  const payload = validateClaimsSet(verified.protectedHeader, verified.payload, options);
+  const result = {
+    payload,
+    protectedHeader: verified.protectedHeader
+  };
+  if ("function" == typeof key) return {
+    ...result,
+    key: verified.key
+  };
+  return result;
+}
+__name(jwtVerify, "jwtVerify");
+var verifyJwtToken = /* @__PURE__ */ __name(async ({ path, token, jwtSecret }) => {
+  const key = path.replace(/^\/+/, "");
+  if (!token) return {
+    valid: false,
+    error: "Missing token"
+  };
+  try {
+    const secretKey = new TextEncoder().encode(jwtSecret);
+    const { payload } = await jwtVerify(token, secretKey);
+    if (!payload || payload.key !== key) return {
+      valid: false,
+      error: "Token does not match requested file"
+    };
+    return {
+      valid: true,
+      key
+    };
+  } catch (error3) {
+    return {
+      valid: false,
+      error: "Invalid or expired token"
+    };
+  }
+}, "verifyJwtToken");
+var getFileResponse = /* @__PURE__ */ __name(async ({ key, handler }) => {
+  const object = await handler(key);
+  if (!object) return {
+    status: 404,
+    error: "File not found"
+  };
+  const pathParts = key.split("/");
+  const fileName = pathParts[pathParts.length - 1];
+  const headers = {
+    "Content-Type": object.contentType || "application/octet-stream",
+    "Content-Disposition": `attachment; filename=${fileName}`
+  };
+  return {
+    status: 200,
+    responseHeaders: headers,
+    responseBody: object.body
+  };
+}, "getFileResponse");
+var verifyJwtSignedUrl = /* @__PURE__ */ __name(async ({ path, token, jwtSecret, handler }) => {
+  const result = await verifyJwtToken({
+    path,
+    token,
+    jwtSecret
+  });
+  if (!result.valid) {
+    if ("Missing token" === result.error) return {
+      status: 400,
+      error: result.error
+    };
+    return {
+      status: 403,
+      error: result.error || "Unauthorized"
+    };
+  }
+  return getFileResponse({
+    key: result.key,
+    handler
+  });
+}, "verifyJwtSignedUrl");
+
+// ../../node_modules/.pnpm/hono@4.6.3/node_modules/hono/dist/utils/body.js
+var parseBody = /* @__PURE__ */ __name(async (request, options = /* @__PURE__ */ Object.create(null)) => {
+  const { all = false, dot = false } = options;
+  const headers = request instanceof HonoRequest ? request.raw.headers : request.headers;
+  const contentType = headers.get("Content-Type");
+  if (contentType?.startsWith("multipart/form-data") || contentType?.startsWith("application/x-www-form-urlencoded")) {
+    return parseFormData(request, { all, dot });
+  }
+  return {};
+}, "parseBody");
+async function parseFormData(request, options) {
+  const formData = await request.formData();
+  if (formData) {
+    return convertFormDataToBodyData(formData, options);
+  }
+  return {};
+}
+__name(parseFormData, "parseFormData");
+function convertFormDataToBodyData(formData, options) {
+  const form = /* @__PURE__ */ Object.create(null);
+  formData.forEach((value, key) => {
+    const shouldParseAllValues = options.all || key.endsWith("[]");
+    if (!shouldParseAllValues) {
+      form[key] = value;
+    } else {
+      handleParsingAllValues(form, key, value);
+    }
+  });
+  if (options.dot) {
+    Object.entries(form).forEach(([key, value]) => {
+      const shouldParseDotValues = key.includes(".");
+      if (shouldParseDotValues) {
+        handleParsingNestedValues(form, key, value);
+        delete form[key];
+      }
+    });
+  }
+  return form;
+}
+__name(convertFormDataToBodyData, "convertFormDataToBodyData");
+var handleParsingAllValues = /* @__PURE__ */ __name((form, key, value) => {
+  if (form[key] !== void 0) {
+    if (Array.isArray(form[key])) {
+      ;
+      form[key].push(value);
+    } else {
+      form[key] = [form[key], value];
+    }
+  } else {
+    form[key] = value;
+  }
+}, "handleParsingAllValues");
+var handleParsingNestedValues = /* @__PURE__ */ __name((form, key, value) => {
+  let nestedForm = form;
+  const keys = key.split(".");
+  keys.forEach((key2, index) => {
+    if (index === keys.length - 1) {
+      nestedForm[key2] = value;
+    } else {
+      if (!nestedForm[key2] || typeof nestedForm[key2] !== "object" || Array.isArray(nestedForm[key2]) || nestedForm[key2] instanceof File) {
+        nestedForm[key2] = /* @__PURE__ */ Object.create(null);
+      }
+      nestedForm = nestedForm[key2];
+    }
+  });
+}, "handleParsingNestedValues");
+
+// ../../node_modules/.pnpm/hono@4.6.3/node_modules/hono/dist/utils/url.js
+var splitPath = /* @__PURE__ */ __name((path) => {
+  const paths = path.split("/");
+  if (paths[0] === "") {
+    paths.shift();
+  }
+  return paths;
+}, "splitPath");
+var splitRoutingPath = /* @__PURE__ */ __name((routePath) => {
+  const { groups, path } = extractGroupsFromPath(routePath);
+  const paths = splitPath(path);
+  return replaceGroupMarks(paths, groups);
+}, "splitRoutingPath");
+var extractGroupsFromPath = /* @__PURE__ */ __name((path) => {
+  const groups = [];
+  path = path.replace(/\{[^}]+\}/g, (match, index) => {
+    const mark = `@${index}`;
+    groups.push([mark, match]);
+    return mark;
+  });
+  return { groups, path };
+}, "extractGroupsFromPath");
+var replaceGroupMarks = /* @__PURE__ */ __name((paths, groups) => {
+  for (let i = groups.length - 1; i >= 0; i--) {
+    const [mark] = groups[i];
+    for (let j = paths.length - 1; j >= 0; j--) {
+      if (paths[j].includes(mark)) {
+        paths[j] = paths[j].replace(mark, groups[i][1]);
+        break;
+      }
+    }
+  }
+  return paths;
+}, "replaceGroupMarks");
+var patternCache = {};
+var getPattern = /* @__PURE__ */ __name((label) => {
+  if (label === "*") {
+    return "*";
+  }
+  const match = label.match(/^\:([^\{\}]+)(?:\{(.+)\})?$/);
+  if (match) {
+    if (!patternCache[label]) {
+      if (match[2]) {
+        patternCache[label] = [label, match[1], new RegExp("^" + match[2] + "$")];
+      } else {
+        patternCache[label] = [label, match[1], true];
+      }
+    }
+    return patternCache[label];
+  }
+  return null;
+}, "getPattern");
+var tryDecodeURI = /* @__PURE__ */ __name((str) => {
+  try {
+    return decodeURI(str);
+  } catch {
+    return str.replace(/(?:%[0-9A-Fa-f]{2})+/g, (match) => {
+      try {
+        return decodeURI(match);
+      } catch {
+        return match;
+      }
+    });
+  }
+}, "tryDecodeURI");
+var getPath = /* @__PURE__ */ __name((request) => {
+  const url = request.url;
+  const start = url.indexOf("/", 8);
+  let i = start;
+  for (; i < url.length; i++) {
+    const charCode = url.charCodeAt(i);
+    if (charCode === 37) {
+      const queryIndex = url.indexOf("?", i);
+      const path = url.slice(start, queryIndex === -1 ? void 0 : queryIndex);
+      return tryDecodeURI(path.includes("%25") ? path.replace(/%25/g, "%2525") : path);
+    } else if (charCode === 63) {
+      break;
+    }
+  }
+  return url.slice(start, i);
+}, "getPath");
+var getPathNoStrict = /* @__PURE__ */ __name((request) => {
+  const result = getPath(request);
+  return result.length > 1 && result[result.length - 1] === "/" ? result.slice(0, -1) : result;
+}, "getPathNoStrict");
+var mergePath = /* @__PURE__ */ __name((...paths) => {
+  let p = "";
+  let endsWithSlash = false;
+  for (let path of paths) {
+    if (p[p.length - 1] === "/") {
+      p = p.slice(0, -1);
+      endsWithSlash = true;
+    }
+    if (path[0] !== "/") {
+      path = `/${path}`;
+    }
+    if (path === "/" && endsWithSlash) {
+      p = `${p}/`;
+    } else if (path !== "/") {
+      p = `${p}${path}`;
+    }
+    if (path === "/" && p === "") {
+      p = "/";
+    }
+  }
+  return p;
+}, "mergePath");
+var checkOptionalParameter = /* @__PURE__ */ __name((path) => {
+  if (!path.match(/\:.+\?$/)) {
+    return null;
+  }
+  const segments = path.split("/");
+  const results = [];
+  let basePath = "";
+  segments.forEach((segment) => {
+    if (segment !== "" && !/\:/.test(segment)) {
+      basePath += "/" + segment;
+    } else if (/\:/.test(segment)) {
+      if (/\?/.test(segment)) {
+        if (results.length === 0 && basePath === "") {
+          results.push("/");
+        } else {
+          results.push(basePath);
+        }
+        const optionalSegment = segment.replace("?", "");
+        basePath += "/" + optionalSegment;
+        results.push(basePath);
+      } else {
+        basePath += "/" + segment;
+      }
+    }
+  });
+  return results.filter((v, i, a) => a.indexOf(v) === i);
+}, "checkOptionalParameter");
+var _decodeURI = /* @__PURE__ */ __name((value) => {
+  if (!/[%+]/.test(value)) {
+    return value;
+  }
+  if (value.indexOf("+") !== -1) {
+    value = value.replace(/\+/g, " ");
+  }
+  return /%/.test(value) ? decodeURIComponent_(value) : value;
+}, "_decodeURI");
+var _getQueryParam = /* @__PURE__ */ __name((url, key, multiple) => {
+  let encoded;
+  if (!multiple && key && !/[%+]/.test(key)) {
+    let keyIndex2 = url.indexOf(`?${key}`, 8);
+    if (keyIndex2 === -1) {
+      keyIndex2 = url.indexOf(`&${key}`, 8);
+    }
+    while (keyIndex2 !== -1) {
+      const trailingKeyCode = url.charCodeAt(keyIndex2 + key.length + 1);
+      if (trailingKeyCode === 61) {
+        const valueIndex = keyIndex2 + key.length + 2;
+        const endIndex = url.indexOf("&", valueIndex);
+        return _decodeURI(url.slice(valueIndex, endIndex === -1 ? void 0 : endIndex));
+      } else if (trailingKeyCode == 38 || isNaN(trailingKeyCode)) {
+        return "";
+      }
+      keyIndex2 = url.indexOf(`&${key}`, keyIndex2 + 1);
+    }
+    encoded = /[%+]/.test(url);
+    if (!encoded) {
+      return void 0;
+    }
+  }
+  const results = {};
+  encoded ??= /[%+]/.test(url);
+  let keyIndex = url.indexOf("?", 8);
+  while (keyIndex !== -1) {
+    const nextKeyIndex = url.indexOf("&", keyIndex + 1);
+    let valueIndex = url.indexOf("=", keyIndex);
+    if (valueIndex > nextKeyIndex && nextKeyIndex !== -1) {
+      valueIndex = -1;
+    }
+    let name = url.slice(
+      keyIndex + 1,
+      valueIndex === -1 ? nextKeyIndex === -1 ? void 0 : nextKeyIndex : valueIndex
+    );
+    if (encoded) {
+      name = _decodeURI(name);
+    }
+    keyIndex = nextKeyIndex;
+    if (name === "") {
+      continue;
+    }
+    let value;
+    if (valueIndex === -1) {
+      value = "";
+    } else {
+      value = url.slice(valueIndex + 1, nextKeyIndex === -1 ? void 0 : nextKeyIndex);
+      if (encoded) {
+        value = _decodeURI(value);
+      }
+    }
+    if (multiple) {
+      if (!(results[name] && Array.isArray(results[name]))) {
+        results[name] = [];
+      }
+      ;
+      results[name].push(value);
+    } else {
+      results[name] ??= value;
+    }
+  }
+  return key ? results[key] : results;
+}, "_getQueryParam");
+var getQueryParam = _getQueryParam;
+var getQueryParams = /* @__PURE__ */ __name((url, key) => {
+  return _getQueryParam(url, key, true);
+}, "getQueryParams");
+var decodeURIComponent_ = decodeURIComponent;
+
+// ../../node_modules/.pnpm/hono@4.6.3/node_modules/hono/dist/request.js
+var HonoRequest = class {
+  static {
+    __name(this, "HonoRequest");
+  }
+  raw;
+  #validatedData;
+  #matchResult;
+  routeIndex = 0;
+  path;
+  bodyCache = {};
+  constructor(request, path = "/", matchResult = [[]]) {
+    this.raw = request;
+    this.path = path;
+    this.#matchResult = matchResult;
+    this.#validatedData = {};
+  }
+  param(key) {
+    return key ? this.getDecodedParam(key) : this.getAllDecodedParams();
+  }
+  getDecodedParam(key) {
+    const paramKey = this.#matchResult[0][this.routeIndex][1][key];
+    const param = this.getParamValue(paramKey);
+    return param ? /\%/.test(param) ? decodeURIComponent_(param) : param : void 0;
+  }
+  getAllDecodedParams() {
+    const decoded = {};
+    const keys = Object.keys(this.#matchResult[0][this.routeIndex][1]);
+    for (const key of keys) {
+      const value = this.getParamValue(this.#matchResult[0][this.routeIndex][1][key]);
+      if (value && typeof value === "string") {
+        decoded[key] = /\%/.test(value) ? decodeURIComponent_(value) : value;
+      }
+    }
+    return decoded;
+  }
+  getParamValue(paramKey) {
+    return this.#matchResult[1] ? this.#matchResult[1][paramKey] : paramKey;
+  }
+  query(key) {
+    return getQueryParam(this.url, key);
+  }
+  queries(key) {
+    return getQueryParams(this.url, key);
+  }
+  header(name) {
+    if (name) {
+      return this.raw.headers.get(name.toLowerCase()) ?? void 0;
+    }
+    const headerData = {};
+    this.raw.headers.forEach((value, key) => {
+      headerData[key] = value;
+    });
+    return headerData;
+  }
+  async parseBody(options) {
+    return this.bodyCache.parsedBody ??= await parseBody(this, options);
+  }
+  cachedBody = /* @__PURE__ */ __name((key) => {
+    const { bodyCache, raw: raw2 } = this;
+    const cachedBody = bodyCache[key];
+    if (cachedBody) {
+      return cachedBody;
+    }
+    const anyCachedKey = Object.keys(bodyCache)[0];
+    if (anyCachedKey) {
+      return bodyCache[anyCachedKey].then((body) => {
+        if (anyCachedKey === "json") {
+          body = JSON.stringify(body);
+        }
+        return new Response(body)[key]();
+      });
+    }
+    return bodyCache[key] = raw2[key]();
+  }, "cachedBody");
+  json() {
+    return this.cachedBody("json");
+  }
+  text() {
+    return this.cachedBody("text");
+  }
+  arrayBuffer() {
+    return this.cachedBody("arrayBuffer");
+  }
+  blob() {
+    return this.cachedBody("blob");
+  }
+  formData() {
+    return this.cachedBody("formData");
+  }
+  addValidatedData(target, data) {
+    this.#validatedData[target] = data;
+  }
+  valid(target) {
+    return this.#validatedData[target];
+  }
+  get url() {
+    return this.raw.url;
+  }
+  get method() {
+    return this.raw.method;
+  }
+  get matchedRoutes() {
+    return this.#matchResult[0].map(([[, route]]) => route);
+  }
+  get routePath() {
+    return this.#matchResult[0].map(([[, route]]) => route)[this.routeIndex].path;
+  }
+};
+
+// ../../node_modules/.pnpm/hono@4.6.3/node_modules/hono/dist/utils/html.js
+var HtmlEscapedCallbackPhase = {
+  Stringify: 1,
+  BeforeStream: 2,
+  Stream: 3
+};
+var raw = /* @__PURE__ */ __name((value, callbacks) => {
+  const escapedString = new String(value);
+  escapedString.isEscaped = true;
+  escapedString.callbacks = callbacks;
+  return escapedString;
+}, "raw");
+var resolveCallback = /* @__PURE__ */ __name(async (str, phase, preserveCallbacks, context2, buffer) => {
+  if (typeof str === "object" && !(str instanceof String)) {
+    if (!(str instanceof Promise)) {
+      str = str.toString();
+    }
+    if (str instanceof Promise) {
+      str = await str;
+    }
+  }
+  const callbacks = str.callbacks;
+  if (!callbacks?.length) {
+    return Promise.resolve(str);
+  }
+  if (buffer) {
+    buffer[0] += str;
+  } else {
+    buffer = [str];
+  }
+  const resStr = Promise.all(callbacks.map((c) => c({ phase, buffer, context: context2 }))).then(
+    (res) => Promise.all(
+      res.filter(Boolean).map((str2) => resolveCallback(str2, phase, false, context2, buffer))
+    ).then(() => buffer[0])
+  );
+  if (preserveCallbacks) {
+    return raw(await resStr, callbacks);
+  } else {
+    return resStr;
+  }
+}, "resolveCallback");
+
+// ../../node_modules/.pnpm/hono@4.6.3/node_modules/hono/dist/context.js
+var TEXT_PLAIN = "text/plain; charset=UTF-8";
+var setHeaders = /* @__PURE__ */ __name((headers, map = {}) => {
+  Object.entries(map).forEach(([key, value]) => headers.set(key, value));
+  return headers;
+}, "setHeaders");
+var Context = class {
+  static {
+    __name(this, "Context");
+  }
+  #rawRequest;
+  #req;
+  env = {};
+  #var;
+  finalized = false;
+  error;
+  #status = 200;
+  #executionCtx;
+  #headers;
+  #preparedHeaders;
+  #res;
+  #isFresh = true;
+  #layout;
+  #renderer;
+  #notFoundHandler;
+  #matchResult;
+  #path;
+  constructor(req, options) {
+    this.#rawRequest = req;
+    if (options) {
+      this.#executionCtx = options.executionCtx;
+      this.env = options.env;
+      this.#notFoundHandler = options.notFoundHandler;
+      this.#path = options.path;
+      this.#matchResult = options.matchResult;
+    }
+  }
+  get req() {
+    this.#req ??= new HonoRequest(this.#rawRequest, this.#path, this.#matchResult);
+    return this.#req;
+  }
+  get event() {
+    if (this.#executionCtx && "respondWith" in this.#executionCtx) {
+      return this.#executionCtx;
+    } else {
+      throw Error("This context has no FetchEvent");
+    }
+  }
+  get executionCtx() {
+    if (this.#executionCtx) {
+      return this.#executionCtx;
+    } else {
+      throw Error("This context has no ExecutionContext");
+    }
+  }
+  get res() {
+    this.#isFresh = false;
+    return this.#res ||= new Response("404 Not Found", { status: 404 });
+  }
+  set res(_res) {
+    this.#isFresh = false;
+    if (this.#res && _res) {
+      try {
+        for (const [k, v] of this.#res.headers.entries()) {
+          if (k === "content-type") {
+            continue;
+          }
+          if (k === "set-cookie") {
+            const cookies = this.#res.headers.getSetCookie();
+            _res.headers.delete("set-cookie");
+            for (const cookie of cookies) {
+              _res.headers.append("set-cookie", cookie);
+            }
+          } else {
+            _res.headers.set(k, v);
+          }
+        }
+      } catch (e) {
+        if (e instanceof TypeError && e.message.includes("immutable")) {
+          this.res = new Response(_res.body, {
+            headers: _res.headers,
+            status: _res.status
+          });
+          return;
+        } else {
+          throw e;
+        }
+      }
+    }
+    this.#res = _res;
+    this.finalized = true;
+  }
+  render = /* @__PURE__ */ __name((...args) => {
+    this.#renderer ??= (content) => this.html(content);
+    return this.#renderer(...args);
+  }, "render");
+  setLayout = /* @__PURE__ */ __name((layout) => this.#layout = layout, "setLayout");
+  getLayout = /* @__PURE__ */ __name(() => this.#layout, "getLayout");
+  setRenderer = /* @__PURE__ */ __name((renderer) => {
+    this.#renderer = renderer;
+  }, "setRenderer");
+  header = /* @__PURE__ */ __name((name, value, options) => {
+    if (value === void 0) {
+      if (this.#headers) {
+        this.#headers.delete(name);
+      } else if (this.#preparedHeaders) {
+        delete this.#preparedHeaders[name.toLocaleLowerCase()];
+      }
+      if (this.finalized) {
+        this.res.headers.delete(name);
+      }
+      return;
+    }
+    if (options?.append) {
+      if (!this.#headers) {
+        this.#isFresh = false;
+        this.#headers = new Headers(this.#preparedHeaders);
+        this.#preparedHeaders = {};
+      }
+      this.#headers.append(name, value);
+    } else {
+      if (this.#headers) {
+        this.#headers.set(name, value);
+      } else {
+        this.#preparedHeaders ??= {};
+        this.#preparedHeaders[name.toLowerCase()] = value;
+      }
+    }
+    if (this.finalized) {
+      if (options?.append) {
+        this.res.headers.append(name, value);
+      } else {
+        this.res.headers.set(name, value);
+      }
+    }
+  }, "header");
+  status = /* @__PURE__ */ __name((status) => {
+    this.#isFresh = false;
+    this.#status = status;
+  }, "status");
+  set = /* @__PURE__ */ __name((key, value) => {
+    this.#var ??= /* @__PURE__ */ new Map();
+    this.#var.set(key, value);
+  }, "set");
+  get = /* @__PURE__ */ __name((key) => {
+    return this.#var ? this.#var.get(key) : void 0;
+  }, "get");
+  get var() {
+    if (!this.#var) {
+      return {};
+    }
+    return Object.fromEntries(this.#var);
+  }
+  newResponse = /* @__PURE__ */ __name((data, arg, headers) => {
+    if (this.#isFresh && !headers && !arg && this.#status === 200) {
+      return new Response(data, {
+        headers: this.#preparedHeaders
+      });
+    }
+    if (arg && typeof arg !== "number") {
+      const header = new Headers(arg.headers);
+      if (this.#headers) {
+        this.#headers.forEach((v, k) => {
+          if (k === "set-cookie") {
+            header.append(k, v);
+          } else {
+            header.set(k, v);
+          }
+        });
+      }
+      const headers2 = setHeaders(header, this.#preparedHeaders);
+      return new Response(data, {
+        headers: headers2,
+        status: arg.status ?? this.#status
+      });
+    }
+    const status = typeof arg === "number" ? arg : this.#status;
+    this.#preparedHeaders ??= {};
+    this.#headers ??= new Headers();
+    setHeaders(this.#headers, this.#preparedHeaders);
+    if (this.#res) {
+      this.#res.headers.forEach((v, k) => {
+        if (k === "set-cookie") {
+          this.#headers?.append(k, v);
+        } else {
+          this.#headers?.set(k, v);
+        }
+      });
+      setHeaders(this.#headers, this.#preparedHeaders);
+    }
+    headers ??= {};
+    for (const [k, v] of Object.entries(headers)) {
+      if (typeof v === "string") {
+        this.#headers.set(k, v);
+      } else {
+        this.#headers.delete(k);
+        for (const v2 of v) {
+          this.#headers.append(k, v2);
+        }
+      }
+    }
+    return new Response(data, {
+      status,
+      headers: this.#headers
+    });
+  }, "newResponse");
+  body = /* @__PURE__ */ __name((data, arg, headers) => {
+    return typeof arg === "number" ? this.newResponse(data, arg, headers) : this.newResponse(data, arg);
+  }, "body");
+  text = /* @__PURE__ */ __name((text, arg, headers) => {
+    if (!this.#preparedHeaders) {
+      if (this.#isFresh && !headers && !arg) {
+        return new Response(text);
+      }
+      this.#preparedHeaders = {};
+    }
+    this.#preparedHeaders["content-type"] = TEXT_PLAIN;
+    return typeof arg === "number" ? this.newResponse(text, arg, headers) : this.newResponse(text, arg);
+  }, "text");
+  json = /* @__PURE__ */ __name((object, arg, headers) => {
+    const body = JSON.stringify(object);
+    this.#preparedHeaders ??= {};
+    this.#preparedHeaders["content-type"] = "application/json; charset=UTF-8";
+    return typeof arg === "number" ? this.newResponse(body, arg, headers) : this.newResponse(body, arg);
+  }, "json");
+  html = /* @__PURE__ */ __name((html, arg, headers) => {
+    this.#preparedHeaders ??= {};
+    this.#preparedHeaders["content-type"] = "text/html; charset=UTF-8";
+    if (typeof html === "object") {
+      return resolveCallback(html, HtmlEscapedCallbackPhase.Stringify, false, {}).then((html2) => {
+        return typeof arg === "number" ? this.newResponse(html2, arg, headers) : this.newResponse(html2, arg);
+      });
+    }
+    return typeof arg === "number" ? this.newResponse(html, arg, headers) : this.newResponse(html, arg);
+  }, "html");
+  redirect = /* @__PURE__ */ __name((location, status) => {
+    this.#headers ??= new Headers();
+    this.#headers.set("Location", location);
+    return this.newResponse(null, status ?? 302);
+  }, "redirect");
+  notFound = /* @__PURE__ */ __name(() => {
+    this.#notFoundHandler ??= () => new Response();
+    return this.#notFoundHandler(this);
+  }, "notFound");
+};
+
+// ../../node_modules/.pnpm/hono@4.6.3/node_modules/hono/dist/compose.js
+var compose = /* @__PURE__ */ __name((middleware, onError, onNotFound) => {
+  return (context2, next) => {
+    let index = -1;
+    return dispatch(0);
+    async function dispatch(i) {
+      if (i <= index) {
+        throw new Error("next() called multiple times");
+      }
+      index = i;
+      let res;
+      let isError = false;
+      let handler;
+      if (middleware[i]) {
+        handler = middleware[i][0][0];
+        if (context2 instanceof Context) {
+          context2.req.routeIndex = i;
+        }
+      } else {
+        handler = i === middleware.length && next || void 0;
+      }
+      if (!handler) {
+        if (context2 instanceof Context && context2.finalized === false && onNotFound) {
+          res = await onNotFound(context2);
+        }
+      } else {
+        try {
+          res = await handler(context2, () => {
+            return dispatch(i + 1);
+          });
+        } catch (err) {
+          if (err instanceof Error && context2 instanceof Context && onError) {
+            context2.error = err;
+            res = await onError(err, context2);
+            isError = true;
+          } else {
+            throw err;
+          }
+        }
+      }
+      if (res && (context2.finalized === false || isError)) {
+        context2.res = res;
+      }
+      return context2;
+    }
+    __name(dispatch, "dispatch");
+  };
+}, "compose");
+
+// ../../node_modules/.pnpm/hono@4.6.3/node_modules/hono/dist/router.js
+var METHOD_NAME_ALL = "ALL";
+var METHOD_NAME_ALL_LOWERCASE = "all";
+var METHODS = ["get", "post", "put", "delete", "options", "patch"];
+var MESSAGE_MATCHER_IS_ALREADY_BUILT = "Can not add a route since the matcher is already built.";
+var UnsupportedPathError = class extends Error {
+  static {
+    __name(this, "UnsupportedPathError");
+  }
+};
+
+// ../../node_modules/.pnpm/hono@4.6.3/node_modules/hono/dist/hono-base.js
+var COMPOSED_HANDLER = Symbol("composedHandler");
+var notFoundHandler = /* @__PURE__ */ __name((c) => {
+  return c.text("404 Not Found", 404);
+}, "notFoundHandler");
+var errorHandler = /* @__PURE__ */ __name((err, c) => {
+  if ("getResponse" in err) {
+    return err.getResponse();
+  }
+  console.error(err);
+  return c.text("Internal Server Error", 500);
+}, "errorHandler");
+var Hono = class {
+  static {
+    __name(this, "Hono");
+  }
+  get;
+  post;
+  put;
+  delete;
+  options;
+  patch;
+  all;
+  on;
+  use;
+  router;
+  getPath;
+  _basePath = "/";
+  #path = "/";
+  routes = [];
+  constructor(options = {}) {
+    const allMethods = [...METHODS, METHOD_NAME_ALL_LOWERCASE];
+    allMethods.forEach((method) => {
+      this[method] = (args1, ...args) => {
+        if (typeof args1 === "string") {
+          this.#path = args1;
+        } else {
+          this.addRoute(method, this.#path, args1);
+        }
+        args.forEach((handler) => {
+          if (typeof handler !== "string") {
+            this.addRoute(method, this.#path, handler);
+          }
+        });
+        return this;
+      };
+    });
+    this.on = (method, path, ...handlers) => {
+      for (const p of [path].flat()) {
+        this.#path = p;
+        for (const m of [method].flat()) {
+          handlers.map((handler) => {
+            this.addRoute(m.toUpperCase(), this.#path, handler);
+          });
+        }
+      }
+      return this;
+    };
+    this.use = (arg1, ...handlers) => {
+      if (typeof arg1 === "string") {
+        this.#path = arg1;
+      } else {
+        this.#path = "*";
+        handlers.unshift(arg1);
+      }
+      handlers.forEach((handler) => {
+        this.addRoute(METHOD_NAME_ALL, this.#path, handler);
+      });
+      return this;
+    };
+    const strict = options.strict ?? true;
+    delete options.strict;
+    Object.assign(this, options);
+    this.getPath = strict ? options.getPath ?? getPath : getPathNoStrict;
+  }
+  clone() {
+    const clone = new Hono({
+      router: this.router,
+      getPath: this.getPath
+    });
+    clone.routes = this.routes;
+    return clone;
+  }
+  notFoundHandler = notFoundHandler;
+  errorHandler = errorHandler;
+  route(path, app2) {
+    const subApp = this.basePath(path);
+    app2.routes.map((r) => {
+      let handler;
+      if (app2.errorHandler === errorHandler) {
+        handler = r.handler;
+      } else {
+        handler = /* @__PURE__ */ __name(async (c, next) => (await compose([], app2.errorHandler)(c, () => r.handler(c, next))).res, "handler");
+        handler[COMPOSED_HANDLER] = r.handler;
+      }
+      subApp.addRoute(r.method, r.path, handler);
+    });
+    return this;
+  }
+  basePath(path) {
+    const subApp = this.clone();
+    subApp._basePath = mergePath(this._basePath, path);
+    return subApp;
+  }
+  onError = /* @__PURE__ */ __name((handler) => {
+    this.errorHandler = handler;
+    return this;
+  }, "onError");
+  notFound = /* @__PURE__ */ __name((handler) => {
+    this.notFoundHandler = handler;
+    return this;
+  }, "notFound");
+  mount(path, applicationHandler, options) {
+    let replaceRequest;
+    let optionHandler;
+    if (options) {
+      if (typeof options === "function") {
+        optionHandler = options;
+      } else {
+        optionHandler = options.optionHandler;
+        replaceRequest = options.replaceRequest;
+      }
+    }
+    const getOptions = optionHandler ? (c) => {
+      const options2 = optionHandler(c);
+      return Array.isArray(options2) ? options2 : [options2];
+    } : (c) => {
+      let executionContext = void 0;
+      try {
+        executionContext = c.executionCtx;
+      } catch {
+      }
+      return [c.env, executionContext];
+    };
+    replaceRequest ||= (() => {
+      const mergedPath = mergePath(this._basePath, path);
+      const pathPrefixLength = mergedPath === "/" ? 0 : mergedPath.length;
+      return (request) => {
+        const url = new URL(request.url);
+        url.pathname = url.pathname.slice(pathPrefixLength) || "/";
+        return new Request(url, request);
+      };
+    })();
+    const handler = /* @__PURE__ */ __name(async (c, next) => {
+      const res = await applicationHandler(replaceRequest(c.req.raw), ...getOptions(c));
+      if (res) {
+        return res;
+      }
+      await next();
+    }, "handler");
+    this.addRoute(METHOD_NAME_ALL, mergePath(path, "*"), handler);
+    return this;
+  }
+  addRoute(method, path, handler) {
+    method = method.toUpperCase();
+    path = mergePath(this._basePath, path);
+    const r = { path, method, handler };
+    this.router.add(method, path, [handler, r]);
+    this.routes.push(r);
+  }
+  matchRoute(method, path) {
+    return this.router.match(method, path);
+  }
+  handleError(err, c) {
+    if (err instanceof Error) {
+      return this.errorHandler(err, c);
+    }
+    throw err;
+  }
+  dispatch(request, executionCtx, env2, method) {
+    if (method === "HEAD") {
+      return (async () => new Response(null, await this.dispatch(request, executionCtx, env2, "GET")))();
+    }
+    const path = this.getPath(request, { env: env2 });
+    const matchResult = this.matchRoute(method, path);
+    const c = new Context(request, {
+      path,
+      matchResult,
+      env: env2,
+      executionCtx,
+      notFoundHandler: this.notFoundHandler
+    });
+    if (matchResult[0].length === 1) {
+      let res;
+      try {
+        res = matchResult[0][0][0][0](c, async () => {
+          c.res = await this.notFoundHandler(c);
+        });
+      } catch (err) {
+        return this.handleError(err, c);
+      }
+      return res instanceof Promise ? res.then(
+        (resolved) => resolved || (c.finalized ? c.res : this.notFoundHandler(c))
+      ).catch((err) => this.handleError(err, c)) : res ?? this.notFoundHandler(c);
+    }
+    const composed = compose(matchResult[0], this.errorHandler, this.notFoundHandler);
+    return (async () => {
+      try {
+        const context2 = await composed(c);
+        if (!context2.finalized) {
+          throw new Error(
+            "Context is not finalized. Did you forget to return a Response object or `await next()`?"
+          );
+        }
+        return context2.res;
+      } catch (err) {
+        return this.handleError(err, c);
+      }
+    })();
+  }
+  fetch = /* @__PURE__ */ __name((request, ...rest) => {
+    return this.dispatch(request, rest[1], rest[0], request.method);
+  }, "fetch");
+  request = /* @__PURE__ */ __name((input, requestInit, Env, executionCtx) => {
+    if (input instanceof Request) {
+      if (requestInit !== void 0) {
+        input = new Request(input, requestInit);
+      }
+      return this.fetch(input, Env, executionCtx);
+    }
+    input = input.toString();
+    const path = /^https?:\/\//.test(input) ? input : `http://localhost${mergePath("/", input)}`;
+    const req = new Request(path, requestInit);
+    return this.fetch(req, Env, executionCtx);
+  }, "request");
+  fire = /* @__PURE__ */ __name(() => {
+    addEventListener("fetch", (event) => {
+      event.respondWith(this.dispatch(event.request, event, void 0, event.request.method));
+    });
+  }, "fire");
+};
+
+// ../../node_modules/.pnpm/hono@4.6.3/node_modules/hono/dist/router/reg-exp-router/node.js
+var LABEL_REG_EXP_STR = "[^/]+";
+var ONLY_WILDCARD_REG_EXP_STR = ".*";
+var TAIL_WILDCARD_REG_EXP_STR = "(?:|/.*)";
+var PATH_ERROR = Symbol();
+var regExpMetaChars = new Set(".\\+*[^]$()");
+function compareKey(a, b) {
+  if (a.length === 1) {
+    return b.length === 1 ? a < b ? -1 : 1 : -1;
+  }
+  if (b.length === 1) {
+    return 1;
+  }
+  if (a === ONLY_WILDCARD_REG_EXP_STR || a === TAIL_WILDCARD_REG_EXP_STR) {
+    return 1;
+  } else if (b === ONLY_WILDCARD_REG_EXP_STR || b === TAIL_WILDCARD_REG_EXP_STR) {
+    return -1;
+  }
+  if (a === LABEL_REG_EXP_STR) {
+    return 1;
+  } else if (b === LABEL_REG_EXP_STR) {
+    return -1;
+  }
+  return a.length === b.length ? a < b ? -1 : 1 : b.length - a.length;
+}
+__name(compareKey, "compareKey");
+var Node = class {
+  static {
+    __name(this, "Node");
+  }
+  index;
+  varIndex;
+  children = /* @__PURE__ */ Object.create(null);
+  insert(tokens, index, paramMap, context2, pathErrorCheckOnly) {
+    if (tokens.length === 0) {
+      if (this.index !== void 0) {
+        throw PATH_ERROR;
+      }
+      if (pathErrorCheckOnly) {
+        return;
+      }
+      this.index = index;
+      return;
+    }
+    const [token, ...restTokens] = tokens;
+    const pattern = token === "*" ? restTokens.length === 0 ? ["", "", ONLY_WILDCARD_REG_EXP_STR] : ["", "", LABEL_REG_EXP_STR] : token === "/*" ? ["", "", TAIL_WILDCARD_REG_EXP_STR] : token.match(/^\:([^\{\}]+)(?:\{(.+)\})?$/);
+    let node;
+    if (pattern) {
+      const name = pattern[1];
+      let regexpStr = pattern[2] || LABEL_REG_EXP_STR;
+      if (name && pattern[2]) {
+        regexpStr = regexpStr.replace(/^\((?!\?:)(?=[^)]+\)$)/, "(?:");
+        if (/\((?!\?:)/.test(regexpStr)) {
+          throw PATH_ERROR;
+        }
+      }
+      node = this.children[regexpStr];
+      if (!node) {
+        if (Object.keys(this.children).some(
+          (k) => k !== ONLY_WILDCARD_REG_EXP_STR && k !== TAIL_WILDCARD_REG_EXP_STR
+        )) {
+          throw PATH_ERROR;
+        }
+        if (pathErrorCheckOnly) {
+          return;
+        }
+        node = this.children[regexpStr] = new Node();
+        if (name !== "") {
+          node.varIndex = context2.varIndex++;
+        }
+      }
+      if (!pathErrorCheckOnly && name !== "") {
+        paramMap.push([name, node.varIndex]);
+      }
+    } else {
+      node = this.children[token];
+      if (!node) {
+        if (Object.keys(this.children).some(
+          (k) => k.length > 1 && k !== ONLY_WILDCARD_REG_EXP_STR && k !== TAIL_WILDCARD_REG_EXP_STR
+        )) {
+          throw PATH_ERROR;
+        }
+        if (pathErrorCheckOnly) {
+          return;
+        }
+        node = this.children[token] = new Node();
+      }
+    }
+    node.insert(restTokens, index, paramMap, context2, pathErrorCheckOnly);
+  }
+  buildRegExpStr() {
+    const childKeys = Object.keys(this.children).sort(compareKey);
+    const strList = childKeys.map((k) => {
+      const c = this.children[k];
+      return (typeof c.varIndex === "number" ? `(${k})@${c.varIndex}` : regExpMetaChars.has(k) ? `\\${k}` : k) + c.buildRegExpStr();
+    });
+    if (typeof this.index === "number") {
+      strList.unshift(`#${this.index}`);
+    }
+    if (strList.length === 0) {
+      return "";
+    }
+    if (strList.length === 1) {
+      return strList[0];
+    }
+    return "(?:" + strList.join("|") + ")";
+  }
+};
+
+// ../../node_modules/.pnpm/hono@4.6.3/node_modules/hono/dist/router/reg-exp-router/trie.js
+var Trie = class {
+  static {
+    __name(this, "Trie");
+  }
+  context = { varIndex: 0 };
+  root = new Node();
+  insert(path, index, pathErrorCheckOnly) {
+    const paramAssoc = [];
+    const groups = [];
+    for (let i = 0; ; ) {
+      let replaced = false;
+      path = path.replace(/\{[^}]+\}/g, (m) => {
+        const mark = `@\\${i}`;
+        groups[i] = [mark, m];
+        i++;
+        replaced = true;
+        return mark;
+      });
+      if (!replaced) {
+        break;
+      }
+    }
+    const tokens = path.match(/(?::[^\/]+)|(?:\/\*$)|./g) || [];
+    for (let i = groups.length - 1; i >= 0; i--) {
+      const [mark] = groups[i];
+      for (let j = tokens.length - 1; j >= 0; j--) {
+        if (tokens[j].indexOf(mark) !== -1) {
+          tokens[j] = tokens[j].replace(mark, groups[i][1]);
+          break;
+        }
+      }
+    }
+    this.root.insert(tokens, index, paramAssoc, this.context, pathErrorCheckOnly);
+    return paramAssoc;
+  }
+  buildRegExp() {
+    let regexp = this.root.buildRegExpStr();
+    if (regexp === "") {
+      return [/^$/, [], []];
+    }
+    let captureIndex = 0;
+    const indexReplacementMap = [];
+    const paramReplacementMap = [];
+    regexp = regexp.replace(/#(\d+)|@(\d+)|\.\*\$/g, (_, handlerIndex, paramIndex) => {
+      if (typeof handlerIndex !== "undefined") {
+        indexReplacementMap[++captureIndex] = Number(handlerIndex);
+        return "$()";
+      }
+      if (typeof paramIndex !== "undefined") {
+        paramReplacementMap[Number(paramIndex)] = ++captureIndex;
+        return "";
+      }
+      return "";
+    });
+    return [new RegExp(`^${regexp}`), indexReplacementMap, paramReplacementMap];
+  }
+};
+
+// ../../node_modules/.pnpm/hono@4.6.3/node_modules/hono/dist/router/reg-exp-router/router.js
+var emptyParam = [];
+var nullMatcher = [/^$/, [], /* @__PURE__ */ Object.create(null)];
+var wildcardRegExpCache = /* @__PURE__ */ Object.create(null);
+function buildWildcardRegExp(path) {
+  return wildcardRegExpCache[path] ??= new RegExp(
+    path === "*" ? "" : `^${path.replace(
+      /\/\*$|([.\\+*[^\]$()])/g,
+      (_, metaChar) => metaChar ? `\\${metaChar}` : "(?:|/.*)"
+    )}$`
+  );
+}
+__name(buildWildcardRegExp, "buildWildcardRegExp");
+function clearWildcardRegExpCache() {
+  wildcardRegExpCache = /* @__PURE__ */ Object.create(null);
+}
+__name(clearWildcardRegExpCache, "clearWildcardRegExpCache");
+function buildMatcherFromPreprocessedRoutes(routes) {
+  const trie = new Trie();
+  const handlerData = [];
+  if (routes.length === 0) {
+    return nullMatcher;
+  }
+  const routesWithStaticPathFlag = routes.map(
+    (route) => [!/\*|\/:/.test(route[0]), ...route]
+  ).sort(
+    ([isStaticA, pathA], [isStaticB, pathB]) => isStaticA ? 1 : isStaticB ? -1 : pathA.length - pathB.length
+  );
+  const staticMap = /* @__PURE__ */ Object.create(null);
+  for (let i = 0, j = -1, len = routesWithStaticPathFlag.length; i < len; i++) {
+    const [pathErrorCheckOnly, path, handlers] = routesWithStaticPathFlag[i];
+    if (pathErrorCheckOnly) {
+      staticMap[path] = [handlers.map(([h]) => [h, /* @__PURE__ */ Object.create(null)]), emptyParam];
+    } else {
+      j++;
+    }
+    let paramAssoc;
+    try {
+      paramAssoc = trie.insert(path, j, pathErrorCheckOnly);
+    } catch (e) {
+      throw e === PATH_ERROR ? new UnsupportedPathError(path) : e;
+    }
+    if (pathErrorCheckOnly) {
+      continue;
+    }
+    handlerData[j] = handlers.map(([h, paramCount]) => {
+      const paramIndexMap = /* @__PURE__ */ Object.create(null);
+      paramCount -= 1;
+      for (; paramCount >= 0; paramCount--) {
+        const [key, value] = paramAssoc[paramCount];
+        paramIndexMap[key] = value;
+      }
+      return [h, paramIndexMap];
+    });
+  }
+  const [regexp, indexReplacementMap, paramReplacementMap] = trie.buildRegExp();
+  for (let i = 0, len = handlerData.length; i < len; i++) {
+    for (let j = 0, len2 = handlerData[i].length; j < len2; j++) {
+      const map = handlerData[i][j]?.[1];
+      if (!map) {
+        continue;
+      }
+      const keys = Object.keys(map);
+      for (let k = 0, len3 = keys.length; k < len3; k++) {
+        map[keys[k]] = paramReplacementMap[map[keys[k]]];
+      }
+    }
+  }
+  const handlerMap = [];
+  for (const i in indexReplacementMap) {
+    handlerMap[i] = handlerData[indexReplacementMap[i]];
+  }
+  return [regexp, handlerMap, staticMap];
+}
+__name(buildMatcherFromPreprocessedRoutes, "buildMatcherFromPreprocessedRoutes");
+function findMiddleware(middleware, path) {
+  if (!middleware) {
+    return void 0;
+  }
+  for (const k of Object.keys(middleware).sort((a, b) => b.length - a.length)) {
+    if (buildWildcardRegExp(k).test(path)) {
+      return [...middleware[k]];
+    }
+  }
+  return void 0;
+}
+__name(findMiddleware, "findMiddleware");
+var RegExpRouter = class {
+  static {
+    __name(this, "RegExpRouter");
+  }
+  name = "RegExpRouter";
+  middleware;
+  routes;
+  constructor() {
+    this.middleware = { [METHOD_NAME_ALL]: /* @__PURE__ */ Object.create(null) };
+    this.routes = { [METHOD_NAME_ALL]: /* @__PURE__ */ Object.create(null) };
+  }
+  add(method, path, handler) {
+    const { middleware, routes } = this;
+    if (!middleware || !routes) {
+      throw new Error(MESSAGE_MATCHER_IS_ALREADY_BUILT);
+    }
+    if (!middleware[method]) {
+      ;
+      [middleware, routes].forEach((handlerMap) => {
+        handlerMap[method] = /* @__PURE__ */ Object.create(null);
+        Object.keys(handlerMap[METHOD_NAME_ALL]).forEach((p) => {
+          handlerMap[method][p] = [...handlerMap[METHOD_NAME_ALL][p]];
+        });
+      });
+    }
+    if (path === "/*") {
+      path = "*";
+    }
+    const paramCount = (path.match(/\/:/g) || []).length;
+    if (/\*$/.test(path)) {
+      const re = buildWildcardRegExp(path);
+      if (method === METHOD_NAME_ALL) {
+        Object.keys(middleware).forEach((m) => {
+          middleware[m][path] ||= findMiddleware(middleware[m], path) || findMiddleware(middleware[METHOD_NAME_ALL], path) || [];
+        });
+      } else {
+        middleware[method][path] ||= findMiddleware(middleware[method], path) || findMiddleware(middleware[METHOD_NAME_ALL], path) || [];
+      }
+      Object.keys(middleware).forEach((m) => {
+        if (method === METHOD_NAME_ALL || method === m) {
+          Object.keys(middleware[m]).forEach((p) => {
+            re.test(p) && middleware[m][p].push([handler, paramCount]);
+          });
+        }
+      });
+      Object.keys(routes).forEach((m) => {
+        if (method === METHOD_NAME_ALL || method === m) {
+          Object.keys(routes[m]).forEach(
+            (p) => re.test(p) && routes[m][p].push([handler, paramCount])
+          );
+        }
+      });
+      return;
+    }
+    const paths = checkOptionalParameter(path) || [path];
+    for (let i = 0, len = paths.length; i < len; i++) {
+      const path2 = paths[i];
+      Object.keys(routes).forEach((m) => {
+        if (method === METHOD_NAME_ALL || method === m) {
+          routes[m][path2] ||= [
+            ...findMiddleware(middleware[m], path2) || findMiddleware(middleware[METHOD_NAME_ALL], path2) || []
+          ];
+          routes[m][path2].push([handler, paramCount - len + i + 1]);
+        }
+      });
+    }
+  }
+  match(method, path) {
+    clearWildcardRegExpCache();
+    const matchers = this.buildAllMatchers();
+    this.match = (method2, path2) => {
+      const matcher = matchers[method2] || matchers[METHOD_NAME_ALL];
+      const staticMatch = matcher[2][path2];
+      if (staticMatch) {
+        return staticMatch;
+      }
+      const match = path2.match(matcher[0]);
+      if (!match) {
+        return [[], emptyParam];
+      }
+      const index = match.indexOf("", 1);
+      return [matcher[1][index], match];
+    };
+    return this.match(method, path);
+  }
+  buildAllMatchers() {
+    const matchers = /* @__PURE__ */ Object.create(null);
+    [...Object.keys(this.routes), ...Object.keys(this.middleware)].forEach((method) => {
+      matchers[method] ||= this.buildMatcher(method);
+    });
+    this.middleware = this.routes = void 0;
+    return matchers;
+  }
+  buildMatcher(method) {
+    const routes = [];
+    let hasOwnRoute = method === METHOD_NAME_ALL;
+    [this.middleware, this.routes].forEach((r) => {
+      const ownRoute = r[method] ? Object.keys(r[method]).map((path) => [path, r[method][path]]) : [];
+      if (ownRoute.length !== 0) {
+        hasOwnRoute ||= true;
+        routes.push(...ownRoute);
+      } else if (method !== METHOD_NAME_ALL) {
+        routes.push(
+          ...Object.keys(r[METHOD_NAME_ALL]).map((path) => [path, r[METHOD_NAME_ALL][path]])
+        );
+      }
+    });
+    if (!hasOwnRoute) {
+      return null;
+    } else {
+      return buildMatcherFromPreprocessedRoutes(routes);
+    }
+  }
+};
+
+// ../../node_modules/.pnpm/hono@4.6.3/node_modules/hono/dist/router/smart-router/router.js
+var SmartRouter = class {
+  static {
+    __name(this, "SmartRouter");
+  }
+  name = "SmartRouter";
+  routers = [];
+  routes = [];
+  constructor(init) {
+    Object.assign(this, init);
+  }
+  add(method, path, handler) {
+    if (!this.routes) {
+      throw new Error(MESSAGE_MATCHER_IS_ALREADY_BUILT);
+    }
+    this.routes.push([method, path, handler]);
+  }
+  match(method, path) {
+    if (!this.routes) {
+      throw new Error("Fatal error");
+    }
+    const { routers, routes } = this;
+    const len = routers.length;
+    let i = 0;
+    let res;
+    for (; i < len; i++) {
+      const router = routers[i];
+      try {
+        routes.forEach((args) => {
+          router.add(...args);
+        });
+        res = router.match(method, path);
+      } catch (e) {
+        if (e instanceof UnsupportedPathError) {
+          continue;
+        }
+        throw e;
+      }
+      this.match = router.match.bind(router);
+      this.routers = [router];
+      this.routes = void 0;
+      break;
+    }
+    if (i === len) {
+      throw new Error("Fatal error");
+    }
+    this.name = `SmartRouter + ${this.activeRouter.name}`;
+    return res;
+  }
+  get activeRouter() {
+    if (this.routes || this.routers.length !== 1) {
+      throw new Error("No active router has been determined yet.");
+    }
+    return this.routers[0];
+  }
+};
+
+// ../../node_modules/.pnpm/hono@4.6.3/node_modules/hono/dist/router/trie-router/node.js
+var Node2 = class {
+  static {
+    __name(this, "Node");
+  }
+  methods;
+  children;
+  patterns;
+  order = 0;
+  name;
+  params = /* @__PURE__ */ Object.create(null);
+  constructor(method, handler, children) {
+    this.children = children || /* @__PURE__ */ Object.create(null);
+    this.methods = [];
+    this.name = "";
+    if (method && handler) {
+      const m = /* @__PURE__ */ Object.create(null);
+      m[method] = { handler, possibleKeys: [], score: 0, name: this.name };
+      this.methods = [m];
+    }
+    this.patterns = [];
+  }
+  insert(method, path, handler) {
+    this.name = `${method} ${path}`;
+    this.order = ++this.order;
+    let curNode = this;
+    const parts = splitRoutingPath(path);
+    const possibleKeys = [];
+    for (let i = 0, len = parts.length; i < len; i++) {
+      const p = parts[i];
+      if (Object.keys(curNode.children).includes(p)) {
+        curNode = curNode.children[p];
+        const pattern2 = getPattern(p);
+        if (pattern2) {
+          possibleKeys.push(pattern2[1]);
+        }
+        continue;
+      }
+      curNode.children[p] = new Node2();
+      const pattern = getPattern(p);
+      if (pattern) {
+        curNode.patterns.push(pattern);
+        possibleKeys.push(pattern[1]);
+      }
+      curNode = curNode.children[p];
+    }
+    if (!curNode.methods.length) {
+      curNode.methods = [];
+    }
+    const m = /* @__PURE__ */ Object.create(null);
+    const handlerSet = {
+      handler,
+      possibleKeys: possibleKeys.filter((v, i, a) => a.indexOf(v) === i),
+      name: this.name,
+      score: this.order
+    };
+    m[method] = handlerSet;
+    curNode.methods.push(m);
+    return curNode;
+  }
+  gHSets(node, method, nodeParams, params) {
+    const handlerSets = [];
+    for (let i = 0, len = node.methods.length; i < len; i++) {
+      const m = node.methods[i];
+      const handlerSet = m[method] || m[METHOD_NAME_ALL];
+      const processedSet = /* @__PURE__ */ Object.create(null);
+      if (handlerSet !== void 0) {
+        handlerSet.params = /* @__PURE__ */ Object.create(null);
+        handlerSet.possibleKeys.forEach((key) => {
+          const processed = processedSet[handlerSet.name];
+          handlerSet.params[key] = params[key] && !processed ? params[key] : nodeParams[key] ?? params[key];
+          processedSet[handlerSet.name] = true;
+        });
+        handlerSets.push(handlerSet);
+      }
+    }
+    return handlerSets;
+  }
+  search(method, path) {
+    const handlerSets = [];
+    this.params = /* @__PURE__ */ Object.create(null);
+    const curNode = this;
+    let curNodes = [curNode];
+    const parts = splitPath(path);
+    for (let i = 0, len = parts.length; i < len; i++) {
+      const part = parts[i];
+      const isLast = i === len - 1;
+      const tempNodes = [];
+      for (let j = 0, len2 = curNodes.length; j < len2; j++) {
+        const node = curNodes[j];
+        const nextNode = node.children[part];
+        if (nextNode) {
+          nextNode.params = node.params;
+          if (isLast === true) {
+            if (nextNode.children["*"]) {
+              handlerSets.push(
+                ...this.gHSets(nextNode.children["*"], method, node.params, /* @__PURE__ */ Object.create(null))
+              );
+            }
+            handlerSets.push(...this.gHSets(nextNode, method, node.params, /* @__PURE__ */ Object.create(null)));
+          } else {
+            tempNodes.push(nextNode);
+          }
+        }
+        for (let k = 0, len3 = node.patterns.length; k < len3; k++) {
+          const pattern = node.patterns[k];
+          const params = { ...node.params };
+          if (pattern === "*") {
+            const astNode = node.children["*"];
+            if (astNode) {
+              handlerSets.push(...this.gHSets(astNode, method, node.params, /* @__PURE__ */ Object.create(null)));
+              tempNodes.push(astNode);
+            }
+            continue;
+          }
+          if (part === "") {
+            continue;
+          }
+          const [key, name, matcher] = pattern;
+          const child = node.children[key];
+          const restPathString = parts.slice(i).join("/");
+          if (matcher instanceof RegExp && matcher.test(restPathString)) {
+            params[name] = restPathString;
+            handlerSets.push(...this.gHSets(child, method, node.params, params));
+            continue;
+          }
+          if (matcher === true || matcher instanceof RegExp && matcher.test(part)) {
+            if (typeof key === "string") {
+              params[name] = part;
+              if (isLast === true) {
+                handlerSets.push(...this.gHSets(child, method, params, node.params));
+                if (child.children["*"]) {
+                  handlerSets.push(...this.gHSets(child.children["*"], method, params, node.params));
+                }
+              } else {
+                child.params = params;
+                tempNodes.push(child);
+              }
+            }
+          }
+        }
+      }
+      curNodes = tempNodes;
+    }
+    const results = handlerSets.sort((a, b) => {
+      return a.score - b.score;
+    });
+    return [results.map(({ handler, params }) => [handler, params])];
+  }
+};
+
+// ../../node_modules/.pnpm/hono@4.6.3/node_modules/hono/dist/router/trie-router/router.js
+var TrieRouter = class {
+  static {
+    __name(this, "TrieRouter");
+  }
+  name = "TrieRouter";
+  node;
+  constructor() {
+    this.node = new Node2();
+  }
+  add(method, path, handler) {
+    const results = checkOptionalParameter(path);
+    if (results) {
+      for (const p of results) {
+        this.node.insert(method, p, handler);
+      }
+      return;
+    }
+    this.node.insert(method, path, handler);
+  }
+  match(method, path) {
+    return this.node.search(method, path);
+  }
+};
+
+// ../../node_modules/.pnpm/hono@4.6.3/node_modules/hono/dist/hono.js
+var Hono2 = class extends Hono {
+  static {
+    __name(this, "Hono");
+  }
+  constructor(options = {}) {
+    super(options);
+    this.router = options.router ?? new SmartRouter({
+      routers: [new RegExpRouter(), new TrieRouter()]
+    });
+  }
+};
+
+// worker/src/getUpdateInfo.ts
+var getUpdateInfo = /* @__PURE__ */ __name(async (DB, {
+  platform: platform2,
+  appVersion,
+  bundleId,
+  minBundleId = NIL_UUID,
+  channel: channel2 = "production"
+}) => {
+  const appVersionList = await DB.prepare(
+    /* sql */
+    `
+    SELECT 
+      target_app_version
+    FROM bundles
+    WHERE platform = ?
+    GROUP BY target_app_version
+  `
+  ).bind(platform2).all();
+  const targetAppVersionList = filterCompatibleAppVersions(
+    appVersionList.results.map((group3) => group3.target_app_version),
+    appVersion
+  );
+  const sql = (
+    /* sql */
+    `
+  WITH input AS (
+    SELECT 
+      ? AS app_platform,
+      ? AS app_version,
+      ? AS bundle_id,
+      ? AS min_bundle_id,
+      ? AS channel,
+      '00000000-0000-0000-0000-000000000000' AS nil_uuid
+  ),
+  update_candidate AS (
+    SELECT 
+      b.id,
+      b.should_force_update,
+      b.message,
+      'UPDATE' AS status
+    FROM bundles b, input
+    WHERE b.enabled = 1
+      AND b.platform = input.app_platform
+      AND b.id >= input.bundle_id
+      AND b.id >= input.min_bundle_id
+      AND b.channel = input.channel
+      AND b.target_app_version IN (${targetAppVersionList.map((version2) => `'${version2}'`).join(",")})
+    ORDER BY b.id DESC 
+    LIMIT 1
+  ),
+  rollback_candidate AS (
+    SELECT 
+      b.id,
+      1 AS should_force_update,
+      b.message,
+      'ROLLBACK' AS status
+    FROM bundles b, input
+    WHERE b.enabled = 1
+      AND b.platform = input.app_platform
+      AND b.id < input.bundle_id
+      AND b.id >= input.min_bundle_id
+    ORDER BY b.id DESC
+    LIMIT 1
+  ),
+  final_result AS (
+    SELECT * FROM update_candidate
+    UNION ALL
+    SELECT * FROM rollback_candidate
+    WHERE NOT EXISTS (SELECT 1 FROM update_candidate)
+  )
+  SELECT id, should_force_update, message, status
+  FROM final_result, input
+  WHERE id <> bundle_id
+  
+  UNION ALL
+  
+  SELECT 
+    nil_uuid AS id,
+    1 AS should_force_update,
+    NULL AS message,
+    'ROLLBACK' AS status
+  FROM input
+  WHERE (SELECT COUNT(*) FROM final_result) = 0
+    AND bundle_id > min_bundle_id;
+`
+  );
+  const result = await DB.prepare(sql).bind(platform2, appVersion, bundleId, minBundleId, channel2).first();
+  if (!result) {
+    return null;
+  }
+  return {
+    id: result.id,
+    shouldForceUpdate: Boolean(result.should_force_update),
+    status: result.status,
+    message: result.message
+  };
+}, "getUpdateInfo");
+
+// worker/src/index.ts
+var app = new Hono2();
+app.get("/api/check-update", async (c) => {
+  const bundleId = c.req.header("x-bundle-id");
+  const appPlatform = c.req.header("x-app-platform");
+  const appVersion = c.req.header("x-app-version");
+  const minBundleId = c.req.header("x-min-bundle-id");
+  const channel2 = c.req.header("x-channel");
+  if (!bundleId || !appPlatform || !appVersion) {
+    return c.json(
+      { error: "Missing bundleId, appPlatform, or appVersion" },
+      400
+    );
+  }
+  const updateInfo = await getUpdateInfo(c.env.DB, {
+    appVersion,
+    bundleId,
+    platform: appPlatform,
+    minBundleId: minBundleId || NIL_UUID,
+    channel: channel2 || "production"
+  });
+  const appUpdateInfo = await withJwtSignedUrl({
+    data: updateInfo,
+    reqUrl: c.req.url,
+    jwtSecret: c.env.JWT_SECRET
+  });
+  return c.json(appUpdateInfo, 200);
+});
+app.get("*", async (c) => {
+  const result = await verifyJwtSignedUrl({
+    path: c.req.path,
+    token: c.req.query("token"),
+    jwtSecret: c.env.JWT_SECRET,
+    handler: /* @__PURE__ */ __name(async (key) => {
+      const object = await c.env.BUCKET.get(key);
+      if (!object) {
+        return null;
+      }
+      return {
+        body: object.body,
+        contentType: object.httpMetadata?.contentType
+      };
+    }, "handler")
+  });
+  if (result.status !== 200) {
+    return c.json({ error: result.error }, result.status);
+  }
+  return c.body(result.responseBody, 200, result.responseHeaders);
+});
+var index_default = app;
 export {
   index_default as default
 };