@lizardbyte/contribkit 2025.922.2626 → 2026.518.124816

package/dist/shared/{contribkit.DAlakhwL.mjs → contribkit.DYospa65.mjs}

@@ -196,12 +196,18 @@ function loadEnv() {
       token: process.env.CONTRIBKIT_CROWDIN_TOKEN,
       projectId: Number(process.env.CONTRIBKIT_CROWDIN_PROJECT_ID),
       minTranslations: Number(process.env.CONTRIBKIT_CROWDIN_MIN_TRANSLATIONS) || 1
+    },
+    githubContributions: {
+      login: process.env.CONTRIBKIT_GITHUB_CONTRIBUTIONS_LOGIN,
+      token: process.env.CONTRIBKIT_GITHUB_CONTRIBUTIONS_TOKEN,
+      maxContributions: Number(process.env.CONTRIBKIT_GITHUB_CONTRIBUTIONS_MAX) || void 0,
+      logarithmicScaling: process.env.CONTRIBKIT_GITHUB_CONTRIBUTIONS_LOGARITHMIC === "true"
     }
   };
   return JSON.parse(JSON.stringify(config));
 }
 
-const version = "2025.922.2626";
+const version = "2026.518.124816";
 
 async function fetchImage(url) {
   const arrayBuffer = await $fetch(url, {
@@ -345,7 +351,8 @@ function partitionTiers(sponsors, tiers, includePastSponsors) {
 }
 
 function genSvgImage(x, y, size, radius, base64Image, imageFormat) {
-  const cropId = `c${crypto.createHash("md5").update(base64Image).digest("hex").slice(0, 6)}`;
+  const hashInput = `${x}:${y}:${size}:${radius}:${base64Image}`;
+  const cropId = `c${crypto.createHash("sha256").update(hashInput).digest("hex").slice(0, 6)}`;
   return `
   <clipPath id="${cropId}">
     <rect x="${x}" y="${y}" width="${size}" height="${size}" rx="${size * radius}" ry="${size * radius}" />
@@ -588,7 +595,23 @@ async function fetchCrowdinContributors(token, projectId, minTranslations = 1) {
 const DATA_URL_DEFAULT_MIME_TYPE = 'text/plain';
 const DATA_URL_DEFAULT_CHARSET = 'us-ascii';
 
-const testParameter = (name, filters) => filters.some(filter => filter instanceof RegExp ? filter.test(name) : filter === name);
+const encodedReservedCharactersPattern = '%(?:3A|2F|3F|23|5B|5D|40|21|24|26|27|28|29|2A|2B|2C|3B|3D)';
+const temporaryEncodedReservedTokenBase = '__normalize_url_encoded_reserved__';
+const temporaryEncodedReservedTokenPattern = /__normalize_url_encoded_reserved__(\d+)__/g;
+const hasEncodedReservedCharactersRegex = new RegExp(encodedReservedCharactersPattern, 'i');
+const encodedReservedCharactersRegex = new RegExp(encodedReservedCharactersPattern, 'gi');
+
+const testParameter = (name, filters) => Array.isArray(filters) && filters.some(filter => {
+	if (filter instanceof RegExp) {
+		if (filter.flags.includes('g') || filter.flags.includes('y')) {
+			return new RegExp(filter.source, filter.flags.replaceAll(/[gy]/g, '')).test(name);
+		}
+
+		return filter.test(name);
+	}
+
+	return filter === name;
+});
 
 const supportedProtocols = new Set([
 	'https:',
@@ -596,16 +619,155 @@ const supportedProtocols = new Set([
 	'file:',
 ]);
 
-const hasCustomProtocol = urlString => {
+const normalizeCustomProtocolOption = protocol => {
+	if (typeof protocol !== 'string') {
+		return undefined;
+	}
+
+	const normalizedProtocol = protocol.trim().toLowerCase().replace(/:$/, '');
+	return normalizedProtocol === '' ? undefined : `${normalizedProtocol}:`;
+};
+
+const getCustomProtocol = urlString => {
 	try {
 		const {protocol} = new URL(urlString);
+		const hasAuthority = urlString.slice(0, protocol.length + 2).toLowerCase() === `${protocol}//`;
 
-		return protocol.endsWith(':')
-			&& !protocol.includes('.')
-			&& !supportedProtocols.has(protocol);
+		if (protocol.endsWith(':')
+			&& (!protocol.includes('.') || hasAuthority)
+			&& !supportedProtocols.has(protocol)) {
+			return protocol;
+		}
+	} catch {}
+
+	return undefined;
+};
+
+const decodeQueryKey = value => {
+	try {
+		return decodeURIComponent(value.replaceAll('+', '%20'));
 	} catch {
-		return false;
+		// Match URLSearchParams behavior for malformed percent-encoding.
+		return new URLSearchParams(`${value}=`).keys().next().value;
+	}
+};
+
+const getKeysWithoutEquals = search => {
+	const keys = new Set();
+	if (!search) {
+		return keys;
+	}
+
+	for (const part of search.slice(1).split('&')) {
+		if (part && !part.includes('=')) {
+			keys.add(decodeQueryKey(part));
+		}
+	}
+
+	return keys;
+};
+
+const getTemporaryEncodedReservedTokenPrefix = search => {
+	let decodedSearch = search;
+
+	try {
+		decodedSearch = decodeURIComponent(search);
+	} catch {
+		decodedSearch = new URLSearchParams(search).toString();
+	}
+
+	const getUsedTokenIndexes = value => {
+		const indexes = new Set();
+
+		for (const match of value.matchAll(temporaryEncodedReservedTokenPattern)) {
+			indexes.add(Number.parseInt(match[1], 10));
+		}
+
+		return indexes;
+	};
+
+	const usedTokenIndexes = getUsedTokenIndexes(search);
+	for (const tokenIndex of getUsedTokenIndexes(decodedSearch)) {
+		usedTokenIndexes.add(tokenIndex);
+	}
+
+	let tokenIndex = 0;
+	while (usedTokenIndexes.has(tokenIndex)) {
+		tokenIndex++;
 	}
+
+	return `${temporaryEncodedReservedTokenBase}${tokenIndex}__`;
+};
+
+const sortSearchParameters = (searchParameters, encodedReservedTokenRegex) => {
+	if (!encodedReservedTokenRegex) {
+		searchParameters.sort();
+		return searchParameters.toString();
+	}
+
+	const getSortableKey = key => key.replace(encodedReservedTokenRegex, (_, hexCode) => String.fromCodePoint(Number.parseInt(hexCode, 16)));
+	const entries = [...searchParameters.entries()];
+	entries.sort(([leftKey], [rightKey]) => {
+		const left = getSortableKey(leftKey);
+		const right = getSortableKey(rightKey);
+		return left < right ? -1 : (left > right ? 1 : 0);
+	});
+
+	return new URLSearchParams(entries).toString();
+};
+
+const decodeReservedTokens = (value, encodedReservedTokenRegex) => {
+	if (!encodedReservedTokenRegex) {
+		return value;
+	}
+
+	return value.replace(encodedReservedTokenRegex, (_, hexCode) => String.fromCodePoint(Number.parseInt(hexCode, 16)));
+};
+
+const normalizeEmptyQueryParameters = (search, emptyQueryValue, originalSearch) => {
+	const isAlways = emptyQueryValue === 'always';
+	const isNever = emptyQueryValue === 'never';
+	const keysWithoutEquals = (isAlways || isNever) ? undefined : getKeysWithoutEquals(originalSearch);
+
+	const normalizeKey = key => key.replaceAll('+', '%20');
+	const formatEmptyValue = normalizedKey => {
+		if (isAlways) {
+			return `${normalizedKey}=`;
+		}
+
+		if (isNever) {
+			return normalizedKey;
+		}
+
+		return keysWithoutEquals.has(decodeQueryKey(normalizedKey)) ? normalizedKey : `${normalizedKey}=`;
+	};
+
+	const normalizeParameter = parameter => {
+		const equalIndex = parameter.indexOf('=');
+
+		if (equalIndex === -1) {
+			// Normalize + to %20 (+ means space in query strings)
+			return formatEmptyValue(normalizeKey(parameter));
+		}
+
+		const key = parameter.slice(0, equalIndex);
+		const value = parameter.slice(equalIndex + 1);
+
+		if (value === '') {
+			if (key === '') {
+				return '=';
+			}
+
+			// Normalize + to %20 (+ means space in query strings)
+			return formatEmptyValue(normalizeKey(key));
+		}
+
+		// Normalize + to %20 in key.
+		return `${normalizeKey(key)}=${value}`;
+	};
+
+	const parameters = search.slice(1).split('&').filter(Boolean);
+	return parameters.length === 0 ? '' : `?${parameters.map(x => normalizeParameter(x)).join('&')}`;
 };
 
 const normalizeDataURL = (urlString, {stripHash}) => {
@@ -615,18 +777,16 @@ const normalizeDataURL = (urlString, {stripHash}) => {
 		throw new Error(`Invalid URL: ${urlString}`);
 	}
 
-	let {type, data, hash} = match.groups;
+	const {type, data, hash} = match.groups;
 	const mediaType = type.split(';');
-	hash = stripHash ? '' : hash;
 
-	let isBase64 = false;
-	if (mediaType[mediaType.length - 1] === 'base64') {
+	const isBase64 = mediaType.at(-1) === 'base64';
+	if (isBase64) {
 		mediaType.pop();
-		isBase64 = true;
 	}
 
 	// Lowercase MIME type
-	const mimeType = mediaType.shift()?.toLowerCase() ?? '';
+	const mimeType = mediaType.shift().toLowerCase();
 	const attributes = mediaType
 		.map(attribute => {
 			let [key, value = ''] = attribute.split('=').map(string => string.trim());
@@ -644,9 +804,7 @@ const normalizeDataURL = (urlString, {stripHash}) => {
 		})
 		.filter(Boolean);
 
-	const normalizedMediaType = [
-		...attributes,
-	];
+	const normalizedMediaType = [...attributes];
 
 	if (isBase64) {
 		normalizedMediaType.push('base64');
@@ -656,7 +814,8 @@ const normalizeDataURL = (urlString, {stripHash}) => {
 		normalizedMediaType.unshift(mimeType);
 	}
 
-	return `data:${normalizedMediaType.join(';')},${isBase64 ? data.trim() : data}${hash ? `#${hash}` : ''}`;
+	const hashPart = stripHash || !hash ? '' : `#${hash}`;
+	return `data:${normalizedMediaType.join(';')},${isBase64 ? data.trim() : data}${hashPart}`;
 };
 
 function normalizeUrl$1(urlString, options) {
@@ -677,6 +836,7 @@ function normalizeUrl$1(urlString, options) {
 		sortQueryParameters: true,
 		removePath: false,
 		transformPath: false,
+		emptyQueryValue: 'preserve',
 		...options,
 	};
 
@@ -692,7 +852,13 @@ function normalizeUrl$1(urlString, options) {
 		return normalizeDataURL(urlString, options);
 	}
 
-	if (hasCustomProtocol(urlString)) {
+	const customProtocols = Array.isArray(options.customProtocols) ? options.customProtocols : [];
+	const normalizedCustomProtocols = new Set(customProtocols
+		.map(protocol => normalizeCustomProtocolOption(protocol))
+		.filter(Boolean));
+
+	const customProtocol = getCustomProtocol(urlString);
+	if (customProtocol && !normalizedCustomProtocols.has(customProtocol)) {
 		return urlString;
 	}
 
@@ -700,7 +866,7 @@ function normalizeUrl$1(urlString, options) {
 	const isRelativeUrl = !hasRelativeProtocol && /^\.*\//.test(urlString);
 
 	// Prepend protocol
-	if (!isRelativeUrl) {
+	if (!isRelativeUrl && !customProtocol) {
 		urlString = urlString.replace(/^(?!(?:\w+:)?\/\/)|^\/\//, options.defaultProtocol);
 	}
 
@@ -755,13 +921,13 @@ function normalizeUrl$1(urlString, options) {
 			const protocolAtIndex = match.index;
 			const intermediate = urlObject.pathname.slice(lastIndex, protocolAtIndex);
 
-			result += intermediate.replace(/\/{2,}/g, '/');
+			result += intermediate.replaceAll(/\/{2,}/g, '/');
 			result += protocol;
 			lastIndex = protocolAtIndex + protocol.length;
 		}
 
-		const remnant = urlObject.pathname.slice(lastIndex, urlObject.pathname.length);
-		result += remnant.replace(/\/{2,}/g, '/');
+		const remnant = urlObject.pathname.slice(lastIndex);
+		result += remnant.replaceAll(/\/{2,}/g, '/');
 
 		urlObject.pathname = result;
 	}
@@ -769,7 +935,7 @@ function normalizeUrl$1(urlString, options) {
 	// Decode URI octets
 	if (urlObject.pathname) {
 		try {
-			urlObject.pathname = decodeURI(urlObject.pathname).replace(/\\/g, '%5C');
+			urlObject.pathname = decodeURI(urlObject.pathname).replaceAll('\\', '%5C');
 		} catch {}
 	}
 
@@ -779,12 +945,12 @@ function normalizeUrl$1(urlString, options) {
 	}
 
 	if (Array.isArray(options.removeDirectoryIndex) && options.removeDirectoryIndex.length > 0) {
-		let pathComponents = urlObject.pathname.split('/');
-		const lastComponent = pathComponents[pathComponents.length - 1];
+		const pathComponents = urlObject.pathname.split('/').filter(Boolean);
+		const lastComponent = pathComponents.at(-1);
 
-		if (testParameter(lastComponent, options.removeDirectoryIndex)) {
-			pathComponents = pathComponents.slice(0, -1);
-			urlObject.pathname = pathComponents.slice(1).join('/') + '/';
+		if (lastComponent && testParameter(lastComponent, options.removeDirectoryIndex)) {
+			pathComponents.pop();
+			urlObject.pathname = pathComponents.length > 0 ? `/${pathComponents.join('/')}/` : '/';
 		}
 	}
 
@@ -814,49 +980,61 @@ function normalizeUrl$1(urlString, options) {
 		}
 	}
 
+	// Capture original query params format before any searchParams modifications
+	const originalSearch = urlObject.search;
+	let encodedReservedTokenRegex;
+
+	if (options.sortQueryParameters && hasEncodedReservedCharactersRegex.test(originalSearch)) {
+		const encodedReservedTokenPrefix = getTemporaryEncodedReservedTokenPrefix(originalSearch);
+		urlObject.search = originalSearch.replaceAll(encodedReservedCharactersRegex, match => `${encodedReservedTokenPrefix}${match.slice(1).toUpperCase()}`);
+		encodedReservedTokenRegex = new RegExp(`${encodedReservedTokenPrefix}([0-9A-F]{2})`, 'g');
+	}
+
+	const hasKeepQueryParameters = Array.isArray(options.keepQueryParameters);
+	const {searchParams} = urlObject;
+
 	// Remove query unwanted parameters
-	if (Array.isArray(options.removeQueryParameters)) {
+	if (!hasKeepQueryParameters && Array.isArray(options.removeQueryParameters) && options.removeQueryParameters.length > 0) {
 		// eslint-disable-next-line unicorn/no-useless-spread -- We are intentionally spreading to get a copy.
-		for (const key of [...urlObject.searchParams.keys()]) {
-			if (testParameter(key, options.removeQueryParameters)) {
-				urlObject.searchParams.delete(key);
+		for (const key of [...searchParams.keys()]) {
+			if (testParameter(decodeReservedTokens(key, encodedReservedTokenRegex), options.removeQueryParameters)) {
+				searchParams.delete(key);
 			}
 		}
 	}
 
-	if (!Array.isArray(options.keepQueryParameters) && options.removeQueryParameters === true) {
+	if (!hasKeepQueryParameters && options.removeQueryParameters === true) {
 		urlObject.search = '';
 	}
 
 	// Keep wanted query parameters
-	if (Array.isArray(options.keepQueryParameters) && options.keepQueryParameters.length > 0) {
+	if (hasKeepQueryParameters && options.keepQueryParameters.length > 0) {
 		// eslint-disable-next-line unicorn/no-useless-spread -- We are intentionally spreading to get a copy.
-		for (const key of [...urlObject.searchParams.keys()]) {
-			if (!testParameter(key, options.keepQueryParameters)) {
-				urlObject.searchParams.delete(key);
+		for (const key of [...searchParams.keys()]) {
+			if (!testParameter(decodeReservedTokens(key, encodedReservedTokenRegex), options.keepQueryParameters)) {
+				searchParams.delete(key);
 			}
 		}
+	} else if (hasKeepQueryParameters) {
+		urlObject.search = '';
 	}
 
 	// Sort query parameters
 	if (options.sortQueryParameters) {
-		const originalSearch = urlObject.search;
-		urlObject.searchParams.sort();
+		urlObject.search = sortSearchParameters(urlObject.searchParams, encodedReservedTokenRegex);
 
-		// Calling `.sort()` encodes the search parameters, so we need to decode them again.
-		try {
-			urlObject.search = decodeURIComponent(urlObject.search);
-		} catch {}
+		// Sorting and serializing encode the search parameters, so we need to decode them again.
+		// Protect &%#? and %2B from decoding (would break URL structure or change meaning) by double-encoding them first.
+		urlObject.search = decodeURIComponent(urlObject.search.replaceAll(/%(?:26|23|3f|25|2b)/gi, match => `%25${match.slice(1)}`));
 
-		// Fix parameters that originally had no equals sign but got one added by URLSearchParams
-		const partsWithoutEquals = originalSearch.slice(1).split('&').filter(p => p && !p.includes('='));
-		for (const part of partsWithoutEquals) {
-			const decoded = decodeURIComponent(part);
-			// Only replace at word boundaries to avoid partial matches
-			urlObject.search = urlObject.search.replace(`?${decoded}=`, `?${decoded}`).replace(`&${decoded}=`, `&${decoded}`);
+		if (encodedReservedTokenRegex) {
+			urlObject.search = urlObject.search.replace(encodedReservedTokenRegex, '%$1');
 		}
 	}
 
+	// Normalize empty query parameter values
+	urlObject.search = normalizeEmptyQueryParameters(urlObject.search, options.emptyQueryValue, originalSearch);
+
 	if (options.removeTrailingSlash) {
 		urlObject.pathname = urlObject.pathname.replace(/\/$/, '');
 	}
@@ -1105,6 +1283,246 @@ async function fetchGitHubContributors(token, login, repo, minContributions = 1)
   }));
 }
 
+const GitHubContributionsProvider = {
+  name: "githubContributions",
+  fetchSponsors(config) {
+    if (!config.githubContributions?.login)
+      throw new Error("GitHub login is required for githubContributions provider");
+    return fetchGitHubContributions(
+      config.githubContributions?.token || config.token,
+      config.githubContributions.login,
+      config.githubContributions.maxContributions,
+      config.githubContributions.logarithmicScaling
+    );
+  }
+};
+function createGraphQLFetch(token) {
+  return async (body) => {
+    return await $fetch("https://api.github.com/graphql", {
+      method: "POST",
+      headers: {
+        Authorization: `bearer ${token}`,
+        "Content-Type": "application/json"
+      },
+      body
+    });
+  };
+}
+async function fetchUserCreationDate(graphqlFetch, login) {
+  const userInfoQuery = `
+    query($login: String!) {
+      user(login: $login) {
+        createdAt
+      }
+    }
+  `;
+  const userInfo = await graphqlFetch({
+    query: userInfoQuery,
+    variables: { login }
+  });
+  return new Date(userInfo.data.user.createdAt);
+}
+function generateYearRanges(accountCreated, now) {
+  const years = [];
+  for (let year = accountCreated.getFullYear(); year <= now.getFullYear(); year++) {
+    const from = year === accountCreated.getFullYear() ? accountCreated.toISOString() : `${year}-01-01T00:00:00Z`;
+    const to = year === now.getFullYear() ? now.toISOString() : `${year}-12-31T23:59:59Z`;
+    years.push({ from, to });
+  }
+  return years;
+}
+async function fetchContributionsForYear(graphqlFetch, login, from, to) {
+  const contributionsQuery = `
+    query($login: String!, $from: DateTime!, $to: DateTime!) {
+      user(login: $login) {
+        contributionsCollection(from: $from, to: $to) {
+          commitContributionsByRepository {
+            repository {
+              name
+              nameWithOwner
+              url
+              owner { login url avatarUrl __typename }
+            }
+          }
+        }
+      }
+    }
+  `;
+  const contributionsResp = await graphqlFetch({
+    query: contributionsQuery,
+    variables: { login, from, to }
+  });
+  return contributionsResp.data.user.contributionsCollection.commitContributionsByRepository.map((item) => item.repository).filter((repo) => repo?.nameWithOwner);
+}
+async function discoverReposFromContributions(graphqlFetch, login, repoMap) {
+  console.log(`[contribkit][githubContributions] fetching contribution timeline to discover more repos...`);
+  try {
+    const accountCreated = await fetchUserCreationDate(graphqlFetch, login);
+    const now = /* @__PURE__ */ new Date();
+    const years = generateYearRanges(accountCreated, now);
+    console.log(`[contribkit][githubContributions] querying contributions across ${years.length} years...`);
+    for (const { from, to } of years) {
+      try {
+        const repos = await fetchContributionsForYear(graphqlFetch, login, from, to);
+        for (const repo of repos) {
+          repoMap.set(repo.nameWithOwner, repo);
+        }
+      } catch (e) {
+        console.warn(`[contribkit][githubContributions] failed contributions query for ${from.slice(0, 4)}:`, e.message);
+      }
+    }
+  } catch (e) {
+    console.warn(`[contribkit][githubContributions] contribution timeline discovery failed:`, e.message);
+  }
+}
+async function discoverReposFromMergedPRs(graphqlFetch, login, repoMap) {
+  console.log(`[contribkit][githubContributions] searching for repos with merged PRs...`);
+  try {
+    const searchQueryBase = `is:pr is:merged author:${login}`;
+    let searchAfter = null;
+    let page = 0;
+    const maxPages = 10;
+    do {
+      const response = await graphqlFetch({
+        query: `
+          query($searchQuery: String!, $after: String) {
+            search(query: $searchQuery, type: ISSUE, first: 100, after: $after) {
+              pageInfo { hasNextPage endCursor }
+              edges { node { ... on PullRequest { repository { name nameWithOwner url owner { login url avatarUrl __typename } } } } }
+            }
+          }
+        `,
+        variables: { searchQuery: searchQueryBase, after: searchAfter }
+      });
+      for (const edge of response.data.search.edges) {
+        const r = edge.node.repository;
+        if (r?.nameWithOwner)
+          repoMap.set(r.nameWithOwner, r);
+      }
+      searchAfter = response.data.search.pageInfo.endCursor;
+      page++;
+      if (response.data.search.pageInfo.hasNextPage && page < maxPages)
+        console.log(`[contribkit][githubContributions] merged PR search page ${page}, ${repoMap.size} repos so far`);
+    } while (searchAfter && page < maxPages);
+  } catch (e) {
+    console.warn(`[contribkit][githubContributions] merged PR search failed:`, e.message);
+  }
+}
+async function fetchPRCountForRepo(graphqlFetch, repo, login) {
+  const searchQuery = `repo:${repo.nameWithOwner} is:pr is:merged author:${login}`;
+  try {
+    const response = await graphqlFetch({
+      query: `query($q: String!) { search(query: $q, type: ISSUE) { issueCount } }`,
+      variables: { q: searchQuery }
+    });
+    return response.data.search.issueCount;
+  } catch (e) {
+    console.warn(`[contribkit][githubContributions] failed PR count for ${repo.nameWithOwner}:`, e.message);
+    return 0;
+  }
+}
+async function fetchMergedPRCounts(graphqlFetch, allRepos, login) {
+  console.log(`[contribkit][githubContributions] fetching merged PR counts per repository...`);
+  const repoPRs = /* @__PURE__ */ new Map();
+  const batchSize = 10;
+  for (let i = 0; i < allRepos.length; i += batchSize) {
+    const batch = allRepos.slice(i, i + batchSize);
+    const counts = await Promise.all(batch.map((repo) => fetchPRCountForRepo(graphqlFetch, repo, login)));
+    for (let index = 0; index < batch.length; index++) {
+      const count = counts[index];
+      if (count > 0)
+        repoPRs.set(batch[index].nameWithOwner, count);
+    }
+    if (i + batchSize < allRepos.length)
+      console.log(`[contribkit][githubContributions] processed PR batches for ${Math.min(i + batchSize, allRepos.length)}/${allRepos.length} repos...`);
+  }
+  console.log(`[contribkit][githubContributions] found merged PR counts for ${repoPRs.size} repositories`);
+  return repoPRs;
+}
+function aggregateByOwner(results) {
+  const aggregated = /* @__PURE__ */ new Map();
+  for (const { repo, prs } of results) {
+    const key = `${repo.owner.__typename}:${repo.owner.login}`;
+    const existing = aggregated.get(key);
+    if (existing) {
+      existing.totalPRs += prs;
+      existing.repos.push({ repo, prs });
+    } else {
+      aggregated.set(key, { owner: repo.owner, totalPRs: prs, repos: [{ repo, prs }] });
+    }
+  }
+  return aggregated;
+}
+function logConsolidatedOwners(aggregated) {
+  const consolidated = Array.from(aggregated.values()).filter((a) => a.repos.length > 1);
+  if (consolidated.length) {
+    console.log(`[contribkit][githubContributions] consolidated ${consolidated.length} owners with multiple repos:`);
+    for (const { owner, repos, totalPRs } of consolidated.toSorted((a, b) => b.repos.length - a.repos.length).slice(0, 10))
+      console.log(`  - ${owner.login}: ${repos.length} repos, ${totalPRs} merged PRs`);
+    if (consolidated.length > 10)
+      console.log(`  ... and ${consolidated.length - 10} more`);
+  }
+}
+function applyContributionScaling(totalPRs, maxContributions, logarithmicScaling) {
+  let scaled = totalPRs;
+  if (logarithmicScaling && scaled > 0) {
+    scaled = Math.log10(scaled + 1) * 10;
+  }
+  if (maxContributions !== void 0 && scaled > maxContributions) {
+    scaled = maxContributions;
+  }
+  return scaled;
+}
+function convertToSponsorships(aggregated, maxContributions, logarithmicScaling) {
+  return Array.from(aggregated.values()).sort((a, b) => b.totalPRs - a.totalPRs).map(({ owner, totalPRs, repos }) => {
+    const scaledPRs = applyContributionScaling(totalPRs, maxContributions, logarithmicScaling);
+    const linkUrl = repos.length === 1 ? repos[0].repo.url : owner.url;
+    return {
+      sponsor: { type: owner.__typename, login: owner.login, name: owner.login, avatarUrl: owner.avatarUrl, linkUrl, socialLogins: { github: owner.login } },
+      isOneTime: false,
+      monthlyDollars: scaledPRs,
+      privacyLevel: "PUBLIC",
+      tierName: "Repository",
+      createdAt: (/* @__PURE__ */ new Date()).toISOString(),
+      provider: "githubContributions",
+      raw: { owner, totalPRs, scaledPRs, repoCount: repos.length }
+    };
+  });
+}
+async function fetchGitHubContributions(token, login, maxContributions, logarithmicScaling) {
+  if (!token)
+    throw new Error("GitHub token is required");
+  if (!login)
+    throw new Error("GitHub login is required");
+  const graphqlFetch = createGraphQLFetch(token);
+  console.log(`[contribkit][githubContributions] discovering repositories (sources: contributionsCollection + merged PR search)...`);
+  const repoMap = /* @__PURE__ */ new Map();
+  await discoverReposFromContributions(graphqlFetch, login, repoMap);
+  console.log(`[contribkit][githubContributions] found ${repoMap.size} repos after contribution timeline`);
+  await discoverReposFromMergedPRs(graphqlFetch, login, repoMap);
+  console.log(`[contribkit][githubContributions] found ${repoMap.size} repos after merged PR search`);
+  const allRepos = Array.from(repoMap.values());
+  console.log(`[contribkit][githubContributions] discovered ${allRepos.length} total unique repositories`);
+  const repoPRs = await fetchMergedPRCounts(graphqlFetch, allRepos, login);
+  const results = [];
+  for (const repo of allRepos) {
+    const prs = repoPRs.get(repo.nameWithOwner) || 0;
+    if (prs > 0)
+      results.push({ repo, prs });
+  }
+  console.log(`[contribkit][githubContributions] computed merged PR counts for ${results.length} repositories (from ${allRepos.length} total repos with PRs)`);
+  const aggregated = aggregateByOwner(results);
+  logConsolidatedOwners(aggregated);
+  const scalingInfo = [];
+  if (maxContributions !== void 0)
+    scalingInfo.push(`max cap: ${maxContributions}`);
+  if (logarithmicScaling)
+    scalingInfo.push("logarithmic scaling enabled");
+  if (scalingInfo.length > 0)
+    console.log(`[contribkit][githubContributions] applying contribution scaling: ${scalingInfo.join(", ")}`);
+  return convertToSponsorships(aggregated, maxContributions, logarithmicScaling);
+}
+
 const GitlabContributorsProvider = {
   name: "gitlabContributors",
   fetchSponsors(config) {
@@ -1665,6 +2083,7 @@ const ProvidersMap = {
   polar: PolarProvider,
   liberapay: LiberapayProvider,
   githubContributors: GitHubContributorsProvider,
+  githubContributions: GitHubContributionsProvider,
   gitlabContributors: GitlabContributorsProvider,
   crowdinContributors: CrowdinContributorsProvider
 };
@@ -1684,6 +2103,8 @@ function guessProviders(config) {
     items.push("liberapay");
   if (config.githubContributors?.login && config.githubContributors?.token)
     items.push("githubContributors");
+  if (config.githubContributions?.login && config.githubContributions?.token)
+    items.push("githubContributions");
   if (config.gitlabContributors?.token && config.gitlabContributors?.repoId)
     items.push("gitlabContributors");
   if (config.crowdinContributors?.token && config.crowdinContributors?.projectId)
@@ -1713,4 +2134,4 @@ async function fetchSponsors(config) {
 
 const outputFormats = ["svg", "png", "webp", "json"];
 
-export { FALLBACK_AVATAR as F, GitHubProvider as G, ProvidersMap as P, SvgComposer as S, defaultTiers as a, defaultInlineCSS as b, defaultConfig as c, defineConfig as d, presets as e, resizeImage as f, svgToWebp as g, genSvgImage as h, generateBadge as i, guessProviders as j, resolveProviders as k, loadConfig as l, fetchSponsors as m, fetchGitHubSponsors as n, makeQuery as o, partitionTiers as p, outputFormats as q, resolveAvatars as r, svgToPng as s, tierPresets as t, version as v };
+export { FALLBACK_AVATAR as F, GitHubProvider as G, ProvidersMap as P, SvgComposer as S, defaultInlineCSS as a, defaultTiers as b, defineConfig as c, defaultConfig as d, fetchSponsors as e, fetchGitHubSponsors as f, genSvgImage as g, generateBadge as h, guessProviders as i, presets as j, resolveAvatars as k, loadConfig as l, makeQuery as m, resolveProviders as n, outputFormats as o, partitionTiers as p, svgToWebp as q, resizeImage as r, svgToPng as s, tierPresets as t, version as v };