@setzkasten-cms/astro-admin 1.4.6 → 1.5.0

package/src/api-routes/history.ts

@@ -1,9 +1,9 @@
+import { type CommitInfo, parseCoAuthorTrailers } from '@setzkasten-cms/core'
 import type { APIRoute } from 'astro'
-import { resolveStorageConfigForRequest } from './_storage-config'
-import { resolveGitHubTokenForRequest } from './_github-token'
 import { requireAdmin } from './_auth-guard'
-import { parseCoAuthorTrailers, type CommitInfo } from '@setzkasten-cms/core'
 import { cachedFetch } from './_github-cache'
+import { resolveGitHubTokenForRequest } from './_github-token'
+import { resolveStorageConfigForRequest } from './_storage-config'
 
 /**
  * GET /api/setzkasten/history?path=<contentPath>&before=<sha>

package/src/api-routes/icons-local.ts

@@ -1,11 +1,11 @@
-import type { APIRoute } from 'astro'
 import {
   LOCAL_ICONS_DISCOVERY_PATHS,
   resolveLocalIconsPaths,
   sanitizeSvg,
 } from '@setzkasten-cms/core'
-import { resolveStorageConfigForRequest, prefixPath } from './_storage-config'
+import type { APIRoute } from 'astro'
 import { resolveGitHubTokenForRequest } from './_github-token'
+import { prefixPath, resolveStorageConfigForRequest } from './_storage-config'
 
 /**
  * GET /api/setzkasten/icons/local

package/src/api-routes/init-add-section.ts

@@ -1,11 +1,18 @@
-import type { APIRoute } from 'astro'
+import { isSafeKey } from '@setzkasten-cms/core'
 import type { InferredSection } from '@setzkasten-cms/core/init'
 import { addSectionToConfig } from '@setzkasten-cms/core/init'
-import { prefixPath, resolveStorageConfigForRequest } from './_storage-config'
-import { patchTemplateForFields, stripTemplateFallbacks, detectChildImports, patchChildComponentForFieldPrefix } from '../init/template-patcher-v2'
+import type { APIRoute } from 'astro'
 import type { RepeatedGroup } from '../init/analyzer-types'
+import {
+  detectChildImports,
+  patchChildComponentForFieldPrefix,
+  patchTemplateForFields,
+  stripTemplateFallbacks,
+} from '../init/template-patcher-v2'
+import { requireAdmin } from './_auth-guard'
 import { withTrailers } from './_commit-trailers'
 import { resolveGitHubTokenForRequest } from './_github-token'
+import { prefixPath, resolveStorageConfigForRequest } from './_storage-config'
 
 /**
  * POST /api/setzkasten/init/add-section
@@ -17,10 +24,8 @@ import { resolveGitHubTokenForRequest } from './_github-token'
  * Body: { owner, repo, branch?, projectRoot, section, pageKey, contentPath? }
  */
 export const POST: APIRoute = async ({ request, cookies }) => {
-  const session = cookies.get('setzkasten_session')?.value
-  if (!session) {
-    return new Response('Unauthorized', { status: 401 })
-  }
+  const denied = requireAdmin(cookies.get('setzkasten_session')?.value)
+  if (denied) return denied
 
   const tokenResult = await resolveGitHubTokenForRequest(request)
   if (!tokenResult.ok) {
@@ -29,7 +34,7 @@ export const POST: APIRoute = async ({ request, cookies }) => {
   const githubToken = tokenResult.value
 
   try {
-    const body = await request.json() as {
+    const body = (await request.json()) as {
       owner?: string
       repo?: string
       branch?: string
@@ -42,7 +47,12 @@ export const POST: APIRoute = async ({ request, cookies }) => {
 
     const storage = await resolveStorageConfigForRequest(request, body)
     if (!storage) {
-      return Response.json({ error: 'Could not resolve owner/repo. Set SETZKASTEN_OWNER and SETZKASTEN_REPO env vars.' }, { status: 400 })
+      return Response.json(
+        {
+          error: 'Could not resolve owner/repo. Set SETZKASTEN_OWNER and SETZKASTEN_REPO env vars.',
+        },
+        { status: 400 },
+      )
     }
     const { owner, repo, branch, projectPrefix } = storage
     const serverConfig = (globalThis as any).__SETZKASTEN_CONFIG__
@@ -52,6 +62,12 @@ export const POST: APIRoute = async ({ request, cookies }) => {
     if (!section || !pageKey) {
       return Response.json({ error: 'section and pageKey are required' }, { status: 400 })
     }
+    if (!isSafeKey(pageKey)) {
+      return Response.json({ error: 'invalid pageKey' }, { status: 400 })
+    }
+    if (!isSafeKey(section.key)) {
+      return Response.json({ error: 'invalid section key' }, { status: 400 })
+    }
 
     const headers = {
       Authorization: `Bearer ${githubToken}`,
@@ -67,7 +83,12 @@ export const POST: APIRoute = async ({ request, cookies }) => {
     const existingConfig = await fetchFileContent(owner, repo, branch, configPath, githubToken)
 
     if (existingConfig) {
-      const updatedConfig = addSectionToConfig(existingConfig, section.key, section, section.allFields)
+      const updatedConfig = addSectionToConfig(
+        existingConfig,
+        section.key,
+        section,
+        section.allFields,
+      )
       if (updatedConfig) {
         filesToCommit.push({ path: configPath, content: updatedConfig })
       }
@@ -75,13 +96,21 @@ export const POST: APIRoute = async ({ request, cookies }) => {
 
     // 2. Generate content JSON — merge new fields into existing data (if any)
     const sectionJsonPath = `${contentPath}/_sections/${section.key}.json`
-    const existingSectionJson = await fetchFileContent(owner, repo, branch, sectionJsonPath, githubToken)
+    const existingSectionJson = await fetchFileContent(
+      owner,
+      repo,
+      branch,
+      sectionJsonPath,
+      githubToken,
+    )
 
     let sectionData: Record<string, unknown> = {}
     if (existingSectionJson) {
       try {
         sectionData = JSON.parse(existingSectionJson)
-      } catch { /* start fresh if invalid */ }
+      } catch {
+        /* start fresh if invalid */
+      }
     }
 
     // Only add values for fields that don't already exist
@@ -94,7 +123,7 @@ export const POST: APIRoute = async ({ request, cookies }) => {
     }
 
     // Reorder JSON keys to match template order (allFields if available, else fields)
-    const orderedKeys = (section.allFields ?? section.fields).map(f => f.key)
+    const orderedKeys = (section.allFields ?? section.fields).map((f) => f.key)
     const orderedData: Record<string, unknown> = {}
     for (const key of orderedKeys) {
       if (key in sectionData) {
@@ -116,7 +145,13 @@ export const POST: APIRoute = async ({ request, cookies }) => {
     // 3. Update page config (add section to the end)
     const configKey = '_' + pageKey.replace(/\//g, '_')
     const pageConfigPath = `${contentPath}/pages/${configKey}.json`
-    const existingPageConfig = await fetchFileContent(owner, repo, branch, pageConfigPath, githubToken)
+    const existingPageConfig = await fetchFileContent(
+      owner,
+      repo,
+      branch,
+      pageConfigPath,
+      githubToken,
+    )
 
     let pageConfig: { sections: Array<{ key: string; enabled: boolean }> }
     if (existingPageConfig) {
@@ -154,9 +189,13 @@ export const POST: APIRoute = async ({ request, cookies }) => {
         if (pageSource) resolvedPagePath = indexPath
       }
       if (pageSource) {
-        const repeatedGroups: RepeatedGroup[] = (section as any)._analyzerResult?.repeatedGroups ?? []
+        const repeatedGroups: RepeatedGroup[] =
+          (section as any)._analyzerResult?.repeatedGroups ?? []
         let patchedSource = await patchTemplateForFields(
-          pageSource, section.key, section.allFields ?? section.fields, repeatedGroups,
+          pageSource,
+          section.key,
+          section.allFields ?? section.fields,
+          repeatedGroups,
           { mode: 'page' },
         )
 
@@ -175,14 +214,19 @@ export const POST: APIRoute = async ({ request, cookies }) => {
             // analyzer's text-only defaultValue.
             const existingIsPlain = typeof existing === 'string' && !/<[a-z]/.test(existing)
             const newIsHtml = typeof value === 'string' && /<[a-z]/.test(value as string)
-            if (!(key in sectionData) || existing === '' || existing === null || (existingIsPlain && newIsHtml)) {
+            if (
+              !(key in sectionData) ||
+              existing === '' ||
+              existing === null ||
+              (existingIsPlain && newIsHtml)
+            ) {
               sectionData[key] = value
               jsonUpdated = true
             }
           }
           // Update the content JSON entry if we added values
           if (jsonUpdated) {
-            const jsonIdx = filesToCommit.findIndex(f => f.path === sectionJsonPath)
+            const jsonIdx = filesToCommit.findIndex((f) => f.path === sectionJsonPath)
             if (jsonIdx !== -1) {
               filesToCommit[jsonIdx]!.content = JSON.stringify(sectionData, null, 2)
             }
@@ -209,10 +253,12 @@ export const POST: APIRoute = async ({ request, cookies }) => {
         // Update content JSON with any _classN fields from patcher
         const fields = section.allFields ?? section.fields
         for (const g of repeatedGroups) {
-          const topField = fields.find(f => f.key === g.fieldKey)
+          const topField = fields.find((f) => f.key === g.fieldKey)
           if (!topField || !Array.isArray(topField.defaultValue)) continue
-          sectionData[g.fieldKey] = (topField.defaultValue as unknown[]).filter(item => item != null)
-          const jsonIdx = filesToCommit.findIndex(f => f.path === sectionJsonPath)
+          sectionData[g.fieldKey] = (topField.defaultValue as unknown[]).filter(
+            (item) => item != null,
+          )
+          const jsonIdx = filesToCommit.findIndex((f) => f.path === sectionJsonPath)
           if (jsonIdx !== -1) {
             filesToCommit[jsonIdx]!.content = JSON.stringify(sectionData, null, 2)
           }
@@ -220,10 +266,22 @@ export const POST: APIRoute = async ({ request, cookies }) => {
       }
       // No patchPageFile / SECTION_COMPONENTS for page-level sections
     } else if (section.componentPath) {
-      const componentSource = await fetchFileContent(owner, repo, branch, section.componentPath, githubToken)
+      const componentSource = await fetchFileContent(
+        owner,
+        repo,
+        branch,
+        section.componentPath,
+        githubToken,
+      )
       if (componentSource) {
-        const repeatedGroups: RepeatedGroup[] = (section as any)._analyzerResult?.repeatedGroups ?? []
-        const patchedSource = await patchTemplateForFields(componentSource, section.key, section.allFields ?? section.fields, repeatedGroups)
+        const repeatedGroups: RepeatedGroup[] =
+          (section as any)._analyzerResult?.repeatedGroups ?? []
+        const patchedSource = await patchTemplateForFields(
+          componentSource,
+          section.key,
+          section.allFields ?? section.fields,
+          repeatedGroups,
+        )
         if (patchedSource !== componentSource) {
           filesToCommit.push({ path: section.componentPath, content: patchedSource })
         }
@@ -233,15 +291,17 @@ export const POST: APIRoute = async ({ request, cookies }) => {
         // Re-read the now-mutated fields and update the content JSON entry.
         const fields = section.allFields ?? section.fields
         for (const g of repeatedGroups) {
-          const topField = fields.find(f => f.key === g.fieldKey)
+          const topField = fields.find((f) => f.key === g.fieldKey)
           if (!topField || !Array.isArray(topField.defaultValue)) continue
-          const items = (topField.defaultValue as Array<Record<string, unknown>>).filter(item => item != null)
+          const items = (topField.defaultValue as Array<Record<string, unknown>>).filter(
+            (item) => item != null,
+          )
 
           // Update sectionData with the enriched items array
           sectionData[g.fieldKey] = items
 
           // Rebuild and replace the content JSON in filesToCommit
-          const jsonIdx = filesToCommit.findIndex(f => f.path === sectionJsonPath)
+          const jsonIdx = filesToCommit.findIndex((f) => f.path === sectionJsonPath)
           if (jsonIdx !== -1) {
             filesToCommit[jsonIdx]!.content = JSON.stringify(sectionData, null, 2)
           }
@@ -257,7 +317,13 @@ export const POST: APIRoute = async ({ request, cookies }) => {
           const sectionDir = section.componentPath.replace(/\/[^/]+$/, '')
           const resolvedChildPath = resolveRelativePath(sectionDir, child.importPath)
           if (!resolvedChildPath) continue
-          const childSource = await fetchFileContent(owner, repo, branch, resolvedChildPath, githubToken)
+          const childSource = await fetchFileContent(
+            owner,
+            repo,
+            branch,
+            resolvedChildPath,
+            githubToken,
+          )
           if (!childSource) continue
           const patchedChild = patchChildComponentForFieldPrefix(childSource, child.innerFields)
           if (patchedChild !== childSource) {
@@ -271,7 +337,13 @@ export const POST: APIRoute = async ({ request, cookies }) => {
         const fullPagePath = prefixPath(body.pagePath, projectPrefix)
         const pageSource = await fetchFileContent(owner, repo, branch, fullPagePath, githubToken)
         if (pageSource) {
-          const patched = patchPageFile(pageSource, section.key, section.componentName, section.componentPath, body.pagePath)
+          const patched = patchPageFile(
+            pageSource,
+            section.key,
+            section.componentName,
+            section.componentPath,
+            body.pagePath,
+          )
           if (patched && patched !== pageSource) {
             filesToCommit.push({ path: fullPagePath, content: patched })
           }
@@ -282,7 +354,13 @@ export const POST: APIRoute = async ({ request, cookies }) => {
         const previewPath = prefixPath(`${pageDir}/sk-preview/[...page].astro`, projectPrefix)
         const previewSource = await fetchFileContent(owner, repo, branch, previewPath, githubToken)
         if (previewSource) {
-          const patchedPreview = patchPageFile(previewSource, section.key, section.componentName, section.componentPath, `${pageDir}/sk-preview/[...page].astro`)
+          const patchedPreview = patchPageFile(
+            previewSource,
+            section.key,
+            section.componentName,
+            section.componentPath,
+            `${pageDir}/sk-preview/[...page].astro`,
+          )
           if (patchedPreview && patchedPreview !== previewSource) {
             filesToCommit.push({ path: previewPath, content: patchedPreview })
           }
@@ -300,9 +378,11 @@ export const POST: APIRoute = async ({ request, cookies }) => {
       repo,
       branch,
       filesToCommit,
-      withTrailers(existingSectionJson
-        ? `content: update ${section.key} section — add new fields`
-        : `content: add ${section.key} section to Setzkasten`),
+      withTrailers(
+        existingSectionJson
+          ? `content: update ${section.key} section — add new fields`
+          : `content: add ${section.key} section to Setzkasten`,
+      ),
       headers,
     )
 
@@ -332,15 +412,24 @@ export const POST: APIRoute = async ({ request, cookies }) => {
 
 function getDefaultValue(fieldType: string): unknown {
   switch (fieldType) {
-    case 'text': return ''
-    case 'number': return 0
-    case 'boolean': return false
-    case 'image': return { path: '', alt: '' }
-    case 'array': return []
-    case 'color': return '#000000'
-    case 'date': return ''
-    case 'icon': return ''
-    default: return ''
+    case 'text':
+      return ''
+    case 'number':
+      return 0
+    case 'boolean':
+      return false
+    case 'image':
+      return { path: '', alt: '' }
+    case 'array':
+      return []
+    case 'color':
+      return '#000000'
+    case 'date':
+      return ''
+    case 'icon':
+      return ''
+    default:
+      return ''
   }
 }
 
@@ -396,7 +485,11 @@ export function patchPageFile(
       // Find the last entry and add after it
       const lastEntryMatch = registryContent.match(/.*\w+Section,?\s*$/m)
       if (lastEntryMatch && lastEntryMatch.index !== undefined) {
-        const insertPos = registryMatch.index! + registryMatch[0].indexOf(registryContent) + lastEntryMatch.index + lastEntryMatch[0].length
+        const insertPos =
+          registryMatch.index! +
+          registryMatch[0].indexOf(registryContent) +
+          lastEntryMatch.index +
+          lastEntryMatch[0].length
         const newEntry = `\n  '${sectionKey}': ${componentName},`
         patched = patched.slice(0, insertPos) + newEntry + patched.slice(insertPos)
       }
@@ -419,7 +512,11 @@ export function calculateRelativePath(fromDir: string, toPath: string): string {
 
   // Find common prefix length
   let common = 0
-  while (common < fromParts.length && common < toParts.length && fromParts[common] === toParts[common]) {
+  while (
+    common < fromParts.length &&
+    common < toParts.length &&
+    fromParts[common] === toParts[common]
+  ) {
     common++
   }
 
@@ -440,7 +537,10 @@ function resolveRelativePath(baseDir: string, relativePath: string): string | nu
   const parts = [...baseDir.split('/').filter(Boolean)]
   for (const segment of relativePath.split('/')) {
     if (segment === '.') continue
-    if (segment === '..') { parts.pop(); continue }
+    if (segment === '..') {
+      parts.pop()
+      continue
+    }
     parts.push(segment)
   }
   const resolved = parts.join('/')
@@ -468,7 +568,7 @@ async function fetchFileContent(
       },
     )
     if (!response.ok) return null
-    const data = await response.json() as { content: string; encoding: string }
+    const data = (await response.json()) as { content: string; encoding: string }
     return data.encoding === 'base64'
       ? Buffer.from(data.content, 'base64').toString('utf-8')
       : data.content
@@ -492,7 +592,7 @@ async function batchCommit(
       { headers },
     )
     if (!refRes.ok) return { ok: false, error: `Failed to get HEAD: ${refRes.status}` }
-    const refData = await refRes.json() as { object: { sha: string } }
+    const refData = (await refRes.json()) as { object: { sha: string } }
     const headSha = refData.object.sha
 
     // 2. Get base tree
@@ -501,43 +601,38 @@ async function batchCommit(
       { headers },
     )
     if (!commitRes.ok) return { ok: false, error: `Failed to get commit: ${commitRes.status}` }
-    const commitData = await commitRes.json() as { tree: { sha: string } }
+    const commitData = (await commitRes.json()) as { tree: { sha: string } }
 
     // 3. Create new tree
-    const treeRes = await fetch(
-      `https://api.github.com/repos/${owner}/${repo}/git/trees`,
-      {
-        method: 'POST',
-        headers,
-        body: JSON.stringify({
-          base_tree: commitData.tree.sha,
-          tree: files.map((f) => ({
-            path: f.path,
-            mode: '100644',
-            type: 'blob',
-            content: f.content,
-          })),
-        }),
-      },
-    )
+    const treeRes = await fetch(`https://api.github.com/repos/${owner}/${repo}/git/trees`, {
+      method: 'POST',
+      headers,
+      body: JSON.stringify({
+        base_tree: commitData.tree.sha,
+        tree: files.map((f) => ({
+          path: f.path,
+          mode: '100644',
+          type: 'blob',
+          content: f.content,
+        })),
+      }),
+    })
     if (!treeRes.ok) return { ok: false, error: `Failed to create tree: ${treeRes.status}` }
-    const treeData = await treeRes.json() as { sha: string }
+    const treeData = (await treeRes.json()) as { sha: string }
 
     // 4. Create commit
-    const newCommitRes = await fetch(
-      `https://api.github.com/repos/${owner}/${repo}/git/commits`,
-      {
-        method: 'POST',
-        headers,
-        body: JSON.stringify({
-          tree: treeData.sha,
-          parents: [headSha],
-          message,
-        }),
-      },
-    )
-    if (!newCommitRes.ok) return { ok: false, error: `Failed to create commit: ${newCommitRes.status}` }
-    const newCommitData = await newCommitRes.json() as { sha: string }
+    const newCommitRes = await fetch(`https://api.github.com/repos/${owner}/${repo}/git/commits`, {
+      method: 'POST',
+      headers,
+      body: JSON.stringify({
+        tree: treeData.sha,
+        parents: [headSha],
+        message,
+      }),
+    })
+    if (!newCommitRes.ok)
+      return { ok: false, error: `Failed to create commit: ${newCommitRes.status}` }
+    const newCommitData = (await newCommitRes.json()) as { sha: string }
 
     // 5. Update ref
     const updateRes = await fetch(

package/src/api-routes/init-apply.ts

@@ -1,7 +1,12 @@
+import {
+  type ConfigGeneratorInput,
+  type InferredSection,
+  generateConfigFile,
+} from '@setzkasten-cms/core/init'
 import type { APIRoute } from 'astro'
-import { generateConfigFile, type InferredSection, type ConfigGeneratorInput } from '@setzkasten-cms/core/init'
 import { patchAstroConfig } from '../init/astro-config-patcher'
 import { patchTemplateForFields } from '../init/template-patcher-v2'
+import { requireAdmin } from './_auth-guard'
 import { withTrailers } from './_commit-trailers'
 import { resolveGitHubTokenForRequest } from './_github-token'
 
@@ -31,11 +36,8 @@ interface FileToCommit {
  * Body: ApplyRequest
  */
 export const POST: APIRoute = async ({ request, cookies }) => {
-  // Verify session
-  const session = cookies.get('setzkasten_session')?.value
-  if (!session) {
-    return new Response('Unauthorized', { status: 401 })
-  }
+  const denied = requireAdmin(cookies.get('setzkasten_session')?.value)
+  if (denied) return denied
 
   const tokenResult = await resolveGitHubTokenForRequest(request)
   if (!tokenResult.ok) {
@@ -44,7 +46,7 @@ export const POST: APIRoute = async ({ request, cookies }) => {
   const githubToken = tokenResult.value
 
   try {
-    const body = await request.json() as ApplyRequest
+    const body = (await request.json()) as ApplyRequest
     const { owner, repo, branch = 'main', projectRoot, astroConfigPath, sections, pages } = body
     const contentPath = body.contentPath ?? 'content'
 
@@ -62,7 +64,13 @@ export const POST: APIRoute = async ({ request, cookies }) => {
 
     // 2. Patch astro.config if needed
     if (astroConfigPath) {
-      const astroConfigSource = await fetchFileContent(owner, repo, branch, astroConfigPath, githubToken)
+      const astroConfigSource = await fetchFileContent(
+        owner,
+        repo,
+        branch,
+        astroConfigPath,
+        githubToken,
+      )
       if (astroConfigSource) {
         const patched = patchAstroConfig(astroConfigSource)
         if (patched) {
@@ -87,7 +95,13 @@ export const POST: APIRoute = async ({ request, cookies }) => {
     // 4. Patch component templates — add data-sk-field + CMS variables
     for (const section of sections) {
       if (!section.componentPath) continue
-      const componentSource = await fetchFileContent(owner, repo, branch, section.componentPath, githubToken)
+      const componentSource = await fetchFileContent(
+        owner,
+        repo,
+        branch,
+        section.componentPath,
+        githubToken,
+      )
       if (!componentSource) continue
       const patched = await patchTemplateForFields(componentSource, section.key, section.fields)
       if (patched !== componentSource) {
@@ -123,10 +137,7 @@ export const POST: APIRoute = async ({ request, cookies }) => {
     )
 
     if (!commitResult.ok) {
-      return Response.json(
-        { error: commitResult.error },
-        { status: 500 },
-      )
+      return Response.json({ error: commitResult.error }, { status: 500 })
     }
 
     return Response.json({
@@ -145,15 +156,24 @@ export const POST: APIRoute = async ({ request, cookies }) => {
 
 function getDefaultValue(fieldType: string): unknown {
   switch (fieldType) {
-    case 'text': return ''
-    case 'number': return 0
-    case 'boolean': return false
-    case 'image': return { path: '', alt: '' }
-    case 'array': return []
-    case 'color': return '#000000'
-    case 'date': return ''
-    case 'icon': return ''
-    default: return ''
+    case 'text':
+      return ''
+    case 'number':
+      return 0
+    case 'boolean':
+      return false
+    case 'image':
+      return { path: '', alt: '' }
+    case 'array':
+      return []
+    case 'color':
+      return '#000000'
+    case 'date':
+      return ''
+    case 'icon':
+      return ''
+    default:
+      return ''
   }
 }
 
@@ -176,7 +196,7 @@ async function fetchFileContent(
       },
     )
     if (!response.ok) return null
-    const data = await response.json() as { content: string; encoding: string }
+    const data = (await response.json()) as { content: string; encoding: string }
     return data.encoding === 'base64'
       ? Buffer.from(data.content, 'base64').toString('utf-8')
       : data.content
@@ -207,7 +227,7 @@ async function batchCommit(
       { headers },
     )
     if (!refRes.ok) return { ok: false, error: `Failed to get HEAD: ${refRes.status}` }
-    const refData = await refRes.json() as { object: { sha: string } }
+    const refData = (await refRes.json()) as { object: { sha: string } }
     const headSha = refData.object.sha
 
     // 2. Get base tree
@@ -216,44 +236,39 @@ async function batchCommit(
       { headers },
     )
     if (!commitRes.ok) return { ok: false, error: `Failed to get commit: ${commitRes.status}` }
-    const commitData = await commitRes.json() as { tree: { sha: string } }
+    const commitData = (await commitRes.json()) as { tree: { sha: string } }
     const baseTreeSha = commitData.tree.sha
 
     // 3. Create new tree
-    const treeRes = await fetch(
-      `https://api.github.com/repos/${owner}/${repo}/git/trees`,
-      {
-        method: 'POST',
-        headers,
-        body: JSON.stringify({
-          base_tree: baseTreeSha,
-          tree: files.map((f) => ({
-            path: f.path,
-            mode: '100644',
-            type: 'blob',
-            content: f.content,
-          })),
-        }),
-      },
-    )
+    const treeRes = await fetch(`https://api.github.com/repos/${owner}/${repo}/git/trees`, {
+      method: 'POST',
+      headers,
+      body: JSON.stringify({
+        base_tree: baseTreeSha,
+        tree: files.map((f) => ({
+          path: f.path,
+          mode: '100644',
+          type: 'blob',
+          content: f.content,
+        })),
+      }),
+    })
     if (!treeRes.ok) return { ok: false, error: `Failed to create tree: ${treeRes.status}` }
-    const treeData = await treeRes.json() as { sha: string }
+    const treeData = (await treeRes.json()) as { sha: string }
 
     // 4. Create commit
-    const newCommitRes = await fetch(
-      `https://api.github.com/repos/${owner}/${repo}/git/commits`,
-      {
-        method: 'POST',
-        headers,
-        body: JSON.stringify({
-          tree: treeData.sha,
-          parents: [headSha],
-          message,
-        }),
-      },
-    )
-    if (!newCommitRes.ok) return { ok: false, error: `Failed to create commit: ${newCommitRes.status}` }
-    const newCommitData = await newCommitRes.json() as { sha: string }
+    const newCommitRes = await fetch(`https://api.github.com/repos/${owner}/${repo}/git/commits`, {
+      method: 'POST',
+      headers,
+      body: JSON.stringify({
+        tree: treeData.sha,
+        parents: [headSha],
+        message,
+      }),
+    })
+    if (!newCommitRes.ok)
+      return { ok: false, error: `Failed to create commit: ${newCommitRes.status}` }
+    const newCommitData = (await newCommitRes.json()) as { sha: string }
 
     // 5. Update ref
     const updateRes = await fetch(