@vercel/sandbox 2.0.0-beta.2 → 2.0.0-beta.20

package/dist/utils/array.js

@@ -1,19 +1,16 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.array = array;
+//#region src/utils/array.ts
 /**
- * Returns an array from the given item. If the  item is an array it will be
- * returned as a it is, otherwise it will be returned as a single item array.
- * If the item is undefined or null an empty array will be returned.
- *
- * @param item The item to convert to an array.
- * @returns An array.
- */
+* Returns an array from the given item. If the  item is an array it will be
+* returned as a it is, otherwise it will be returned as a single item array.
+* If the item is undefined or null an empty array will be returned.
+*
+* @param item The item to convert to an array.
+* @returns An array.
+*/
 function array(item) {
-    return item !== undefined && item !== null
-        ? Array.isArray(item)
-            ? item
-            : [item]
-        : [];
+	return item !== void 0 && item !== null ? Array.isArray(item) ? item : [item] : [];
 }
+
+//#endregion
+export { array };
 //# sourceMappingURL=array.js.map

package/dist/utils/array.js.map

@@ -1 +1 @@
-{"version":3,"file":"array.js","sourceRoot":"","sources":["../../src/utils/array.ts"],"names":[],"mappings":";;AAQA,sBAMC;AAdD;;;;;;;GAOG;AACH,SAAgB,KAAK,CAAI,IAAqB;IAC5C,OAAO,IAAI,KAAK,SAAS,IAAI,IAAI,KAAK,IAAI;QACxC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC;YACnB,CAAC,CAAC,IAAI;YACN,CAAC,CAAC,CAAC,IAAI,CAAC;QACV,CAAC,CAAC,EAAE,CAAC;AACT,CAAC"}
+{"version":3,"file":"array.js","names":[],"sources":["../../src/utils/array.ts"],"sourcesContent":["/**\n * Returns an array from the given item. If the  item is an array it will be\n * returned as a it is, otherwise it will be returned as a single item array.\n * If the item is undefined or null an empty array will be returned.\n *\n * @param item The item to convert to an array.\n * @returns An array.\n */\nexport function array<T>(item?: null | T | T[]): T[] {\n  return item !== undefined && item !== null\n    ? Array.isArray(item)\n      ? item\n      : [item]\n    : [];\n}\n"],"mappings":";;;;;;;;;AAQA,SAAgB,MAAS,MAA4B;AACnD,QAAO,SAAS,UAAa,SAAS,OAClC,MAAM,QAAQ,KAAK,GACjB,OACA,CAAC,KAAK,GACR,EAAE"}

package/dist/utils/consume-readable.cjs

@@ -0,0 +1,18 @@
+
+//#region src/utils/consume-readable.ts
+/**
+* Consumes a readable entirely concatenating all content in a single Buffer
+* @param readable A Readable stream
+*/
+function consumeReadable(readable) {
+	return new Promise((resolve, reject) => {
+		const chunks = [];
+		readable.on("error", (err) => reject(err));
+		readable.on("data", (chunk) => chunks.push(chunk));
+		readable.on("end", () => resolve(Buffer.concat(chunks)));
+	});
+}
+
+//#endregion
+exports.consumeReadable = consumeReadable;
+//# sourceMappingURL=consume-readable.cjs.map

package/dist/utils/consume-readable.cjs.map

@@ -0,0 +1 @@
+{"version":3,"file":"consume-readable.cjs","names":["chunks: Buffer[]"],"sources":["../../src/utils/consume-readable.ts"],"sourcesContent":["/**\n * Consumes a readable entirely concatenating all content in a single Buffer\n * @param readable A Readable stream\n */\nexport function consumeReadable(readable: NodeJS.ReadableStream) {\n  return new Promise<Buffer>((resolve, reject) => {\n    const chunks: Buffer[] = [];\n    readable.on(\"error\", (err) => reject(err));\n    readable.on(\"data\", (chunk) => chunks.push(chunk));\n    readable.on(\"end\", () => resolve(Buffer.concat(chunks)));\n  });\n}\n"],"mappings":";;;;;;AAIA,SAAgB,gBAAgB,UAAiC;AAC/D,QAAO,IAAI,SAAiB,SAAS,WAAW;EAC9C,MAAMA,SAAmB,EAAE;AAC3B,WAAS,GAAG,UAAU,QAAQ,OAAO,IAAI,CAAC;AAC1C,WAAS,GAAG,SAAS,UAAU,OAAO,KAAK,MAAM,CAAC;AAClD,WAAS,GAAG,aAAa,QAAQ,OAAO,OAAO,OAAO,CAAC,CAAC;GACxD"}

package/dist/utils/consume-readable.js

@@ -1,16 +1,17 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.consumeReadable = consumeReadable;
+//#region src/utils/consume-readable.ts
 /**
- * Consumes a readable entirely concatenating all content in a single Buffer
- * @param readable A Readable stream
- */
+* Consumes a readable entirely concatenating all content in a single Buffer
+* @param readable A Readable stream
+*/
 function consumeReadable(readable) {
-    return new Promise((resolve, reject) => {
-        const chunks = [];
-        readable.on("error", (err) => reject(err));
-        readable.on("data", (chunk) => chunks.push(chunk));
-        readable.on("end", () => resolve(Buffer.concat(chunks)));
-    });
+	return new Promise((resolve, reject) => {
+		const chunks = [];
+		readable.on("error", (err) => reject(err));
+		readable.on("data", (chunk) => chunks.push(chunk));
+		readable.on("end", () => resolve(Buffer.concat(chunks)));
+	});
 }
+
+//#endregion
+export { consumeReadable };
 //# sourceMappingURL=consume-readable.js.map

package/dist/utils/consume-readable.js.map

@@ -1 +1 @@
-{"version":3,"file":"consume-readable.js","sourceRoot":"","sources":["../../src/utils/consume-readable.ts"],"names":[],"mappings":";;AAIA,0CAOC;AAXD;;;GAGG;AACH,SAAgB,eAAe,CAAC,QAA+B;IAC7D,OAAO,IAAI,OAAO,CAAS,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;QAC7C,MAAM,MAAM,GAAa,EAAE,CAAC;QAC5B,QAAQ,CAAC,EAAE,CAAC,OAAO,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC;QAC3C,QAAQ,CAAC,EAAE,CAAC,MAAM,EAAE,CAAC,KAAK,EAAE,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC;QACnD,QAAQ,CAAC,EAAE,CAAC,KAAK,EAAE,GAAG,EAAE,CAAC,OAAO,CAAC,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;IAC3D,CAAC,CAAC,CAAC;AACL,CAAC"}
+{"version":3,"file":"consume-readable.js","names":["chunks: Buffer[]"],"sources":["../../src/utils/consume-readable.ts"],"sourcesContent":["/**\n * Consumes a readable entirely concatenating all content in a single Buffer\n * @param readable A Readable stream\n */\nexport function consumeReadable(readable: NodeJS.ReadableStream) {\n  return new Promise<Buffer>((resolve, reject) => {\n    const chunks: Buffer[] = [];\n    readable.on(\"error\", (err) => reject(err));\n    readable.on(\"data\", (chunk) => chunks.push(chunk));\n    readable.on(\"end\", () => resolve(Buffer.concat(chunks)));\n  });\n}\n"],"mappings":";;;;;AAIA,SAAgB,gBAAgB,UAAiC;AAC/D,QAAO,IAAI,SAAiB,SAAS,WAAW;EAC9C,MAAMA,SAAmB,EAAE;AAC3B,WAAS,GAAG,UAAU,QAAQ,OAAO,IAAI,CAAC;AAC1C,WAAS,GAAG,SAAS,UAAU,OAAO,KAAK,MAAM,CAAC;AAClD,WAAS,GAAG,aAAa,QAAQ,OAAO,OAAO,OAAO,CAAC,CAAC;GACxD"}

package/dist/utils/decode-base64-url.cjs

@@ -0,0 +1,15 @@
+
+//#region src/utils/decode-base64-url.ts
+/**
+* Decode a Base64 URL-encoded string into a JSON object.
+*
+* @param base64Url - The Base64 URL-encoded string to decode.
+* @returns The decoded JSON object or null if decoding fails.
+*/
+function decodeBase64Url(base64Url) {
+	return JSON.parse(Buffer.from(base64Url.replace(/-/g, "+").replace(/_/g, "/"), "base64").toString("utf8"));
+}
+
+//#endregion
+exports.decodeBase64Url = decodeBase64Url;
+//# sourceMappingURL=decode-base64-url.cjs.map

package/dist/utils/decode-base64-url.cjs.map

@@ -0,0 +1 @@
+{"version":3,"file":"decode-base64-url.cjs","names":[],"sources":["../../src/utils/decode-base64-url.ts"],"sourcesContent":["/**\n * Decode a Base64 URL-encoded string into a JSON object.\n *\n * @param base64Url - The Base64 URL-encoded string to decode.\n * @returns The decoded JSON object or null if decoding fails.\n */\nexport function decodeBase64Url(base64Url: string) {\n  return JSON.parse(\n    Buffer.from(\n      base64Url.replace(/-/g, \"+\").replace(/_/g, \"/\"),\n      \"base64\",\n    ).toString(\"utf8\"),\n  );\n}\n"],"mappings":";;;;;;;;AAMA,SAAgB,gBAAgB,WAAmB;AACjD,QAAO,KAAK,MACV,OAAO,KACL,UAAU,QAAQ,MAAM,IAAI,CAAC,QAAQ,MAAM,IAAI,EAC/C,SACD,CAAC,SAAS,OAAO,CACnB"}

package/dist/utils/decode-base64-url.js

@@ -1,13 +1,14 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.decodeBase64Url = decodeBase64Url;
+//#region src/utils/decode-base64-url.ts
 /**
- * Decode a Base64 URL-encoded string into a JSON object.
- *
- * @param base64Url - The Base64 URL-encoded string to decode.
- * @returns The decoded JSON object or null if decoding fails.
- */
+* Decode a Base64 URL-encoded string into a JSON object.
+*
+* @param base64Url - The Base64 URL-encoded string to decode.
+* @returns The decoded JSON object or null if decoding fails.
+*/
 function decodeBase64Url(base64Url) {
-    return JSON.parse(Buffer.from(base64Url.replace(/-/g, "+").replace(/_/g, "/"), "base64").toString("utf8"));
+	return JSON.parse(Buffer.from(base64Url.replace(/-/g, "+").replace(/_/g, "/"), "base64").toString("utf8"));
 }
+
+//#endregion
+export { decodeBase64Url };
 //# sourceMappingURL=decode-base64-url.js.map

package/dist/utils/decode-base64-url.js.map

@@ -1 +1 @@
-{"version":3,"file":"decode-base64-url.js","sourceRoot":"","sources":["../../src/utils/decode-base64-url.ts"],"names":[],"mappings":";;AAMA,0CAOC;AAbD;;;;;GAKG;AACH,SAAgB,eAAe,CAAC,SAAiB;IAC/C,OAAO,IAAI,CAAC,KAAK,CACf,MAAM,CAAC,IAAI,CACT,SAAS,CAAC,OAAO,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,GAAG,CAAC,EAC/C,QAAQ,CACT,CAAC,QAAQ,CAAC,MAAM,CAAC,CACnB,CAAC;AACJ,CAAC"}
+{"version":3,"file":"decode-base64-url.js","names":[],"sources":["../../src/utils/decode-base64-url.ts"],"sourcesContent":["/**\n * Decode a Base64 URL-encoded string into a JSON object.\n *\n * @param base64Url - The Base64 URL-encoded string to decode.\n * @returns The decoded JSON object or null if decoding fails.\n */\nexport function decodeBase64Url(base64Url: string) {\n  return JSON.parse(\n    Buffer.from(\n      base64Url.replace(/-/g, \"+\").replace(/_/g, \"/\"),\n      \"base64\",\n    ).toString(\"utf8\"),\n  );\n}\n"],"mappings":";;;;;;;AAMA,SAAgB,gBAAgB,WAAmB;AACjD,QAAO,KAAK,MACV,OAAO,KACL,UAAU,QAAQ,MAAM,IAAI,CAAC,QAAQ,MAAM,IAAI,EAC/C,SACD,CAAC,SAAS,OAAO,CACnB"}

package/dist/utils/dev-credentials.cjs

@@ -0,0 +1,142 @@
+const require_rolldown_runtime = require('../_virtual/rolldown_runtime.cjs');
+const require_log = require('./log.cjs');
+let picocolors = require("picocolors");
+picocolors = require_rolldown_runtime.__toESM(picocolors);
+let ms = require("ms");
+ms = require_rolldown_runtime.__toESM(ms);
+
+//#region src/utils/dev-credentials.ts
+async function importAuth() {
+	return await Promise.resolve().then(() => require("../auth/index.cjs"));
+}
+function shouldPromptForCredentials() {
+	return process.env.NODE_ENV !== "production" && !["1", "true"].includes(process.env.CI || "") && process.stdout.isTTY && process.stdin.isTTY;
+}
+/**
+* Returns cached credentials for the given team/project combination.
+*
+* @remarks
+* The cache is keyed by `teamId` and `projectId`. A new credential generation
+* is triggered only when these values change or when a previous attempt failed.
+*
+* **Important:** Successfully resolved credentials are cached indefinitely and
+* will not be refreshed even if the token expires. Cache invalidation only occurs
+* on rejection (error). This is intentional for development use cases where
+* short-lived sessions don't require proactive token refresh.
+*/
+const cachedGenerateCredentials = (() => {
+	let cache = null;
+	return async (opts) => {
+		if (!cache || cache[0].teamId !== opts.teamId || cache[0].projectId !== opts.projectId) cache = [opts, generateCredentials(opts).catch((err) => {
+			cache = null;
+			throw err;
+		})];
+		const v = await cache[1];
+		require_log.write("warn", `using inferred credentials team=${v.teamId} project=${v.projectId}`);
+		return v;
+	};
+})();
+/**
+* Generates credentials by authenticating and inferring scope.
+*
+* @internal This is exported for testing purposes. Consider using
+* {@link cachedGenerateCredentials} instead, which caches the result
+* to avoid redundant authentication flows.
+*/
+async function generateCredentials(opts) {
+	const { OAuth, pollForToken, getAuth, updateAuthConfig, inferScope } = await importAuth();
+	let auth = getAuth();
+	if (!auth?.token) {
+		const timeout = process.env.VERCEL_URL ? "1 minute" : "5 minutes";
+		auth = await signInAndGetToken({
+			OAuth,
+			pollForToken,
+			getAuth
+		}, timeout);
+	}
+	if (auth?.refreshToken && auth.expiresAt && auth.expiresAt.getTime() <= Date.now()) {
+		const newToken = await (await OAuth()).refreshToken(auth.refreshToken);
+		auth = {
+			expiresAt: new Date(Date.now() + newToken.expires_in * 1e3),
+			token: newToken.access_token,
+			refreshToken: newToken.refresh_token || auth.refreshToken
+		};
+		updateAuthConfig(auth);
+	}
+	if (!auth?.token) throw new Error([
+		`Failed to retrieve authentication token.`,
+		`${picocolors.default.bold("hint:")} Set VERCEL_OIDC_TOKEN or provide a Vercel API token.`,
+		"├▶ Sandbox docs: https://vercel.com/docs/vercel-sandbox",
+		"╰▶ Access tokens: https://vercel.com/kb/guide/how-do-i-use-a-vercel-api-access-token"
+	].join("\n"));
+	if (opts.teamId && opts.projectId) return {
+		token: auth.token,
+		teamId: opts.teamId,
+		projectId: opts.projectId
+	};
+	const scope = await inferScope({
+		teamId: opts.teamId,
+		token: auth.token
+	});
+	if (scope.created) require_log.write("info", `Created default project "${scope.projectId}" in team "${scope.teamId}".`);
+	return {
+		token: auth.token,
+		teamId: opts.teamId || scope.teamId,
+		projectId: opts.projectId || scope.projectId
+	};
+}
+async function signInAndGetToken(auth, timeout) {
+	require_log.write("warn", [
+		`No VERCEL_OIDC_TOKEN environment variable found, initiating device authorization flow...`,
+		`│  ${picocolors.default.bold("help:")} this flow only happens on development environment.`,
+		`│  In production, make sure to set up a proper token, or set up Vercel OIDC [https://vercel.com/docs/oidc].`
+	]);
+	const oauth = await auth.OAuth();
+	const request = await oauth.deviceAuthorizationRequest();
+	require_log.write("info", [
+		`╰▶ To authenticate, visit: ${request.verification_uri_complete}`,
+		`   or visit ${picocolors.default.italic(request.verification_uri)} and type ${picocolors.default.bold(request.user_code)}`,
+		`   Press ${picocolors.default.bold("<return>")} to open in your browser`
+	]);
+	let error;
+	const generator = auth.pollForToken({
+		request,
+		oauth
+	});
+	let done = false;
+	let spawnedTimeout = setTimeout(() => {
+		if (done) return;
+		const message = [
+			`Authentication flow timed out after ${timeout}.`,
+			`│  Make sure to provide a token to avoid prompting an interactive flow.`,
+			`╰▶ ${picocolors.default.bold("help:")} Link your project with ${require_log.code("npx vercel link")} to refresh OIDC token automatically.`
+		].join("\n");
+		error = new Error(message);
+		generator.return();
+	}, (0, ms.default)(timeout));
+	try {
+		for await (const event of generator) switch (event._tag) {
+			case "SlowDown":
+			case "Timeout":
+			case "Response": break;
+			case "Error":
+				error = event.error;
+				break;
+			default: throw new Error(`Unknown event type: ${JSON.stringify(event)}`);
+		}
+	} finally {
+		done = true;
+		clearTimeout(spawnedTimeout);
+	}
+	if (error) {
+		require_log.write("error", `${picocolors.default.bold("error:")} Authentication failed: ${error.message}`);
+		throw error;
+	}
+	require_log.write("success", `${picocolors.default.bold("done!")} Authenticated successfully!`);
+	return auth.getAuth();
+}
+
+//#endregion
+exports.cachedGenerateCredentials = cachedGenerateCredentials;
+exports.shouldPromptForCredentials = shouldPromptForCredentials;
+//# sourceMappingURL=dev-credentials.cjs.map

package/dist/utils/dev-credentials.cjs.map

@@ -0,0 +1 @@
+{"version":3,"file":"dev-credentials.cjs","names":["cache:\n    | [{ teamId?: string; projectId?: string }, Promise<Credentials>]\n    | null","timeout: ms.StringValue","pico","error: Error | undefined"],"sources":["../../src/utils/dev-credentials.ts"],"sourcesContent":["import pico from \"picocolors\";\nimport type { Credentials } from \"./get-credentials.js\";\nimport ms from \"ms\";\nimport * as Log from \"./log.js\";\n\nasync function importAuth() {\n  const auth = await import(\"../auth/index.js\");\n  return auth;\n}\n\nexport function shouldPromptForCredentials(): boolean {\n  return (\n    process.env.NODE_ENV !== \"production\" &&\n    ![\"1\", \"true\"].includes(process.env.CI || \"\") &&\n    process.stdout.isTTY &&\n    process.stdin.isTTY\n  );\n}\n\n/**\n * Returns cached credentials for the given team/project combination.\n *\n * @remarks\n * The cache is keyed by `teamId` and `projectId`. A new credential generation\n * is triggered only when these values change or when a previous attempt failed.\n *\n * **Important:** Successfully resolved credentials are cached indefinitely and\n * will not be refreshed even if the token expires. Cache invalidation only occurs\n * on rejection (error). This is intentional for development use cases where\n * short-lived sessions don't require proactive token refresh.\n */\nexport const cachedGenerateCredentials = (() => {\n  let cache:\n    | [{ teamId?: string; projectId?: string }, Promise<Credentials>]\n    | null = null;\n  return async (opts: { projectId?: string; teamId?: string }) => {\n    if (\n      !cache ||\n      cache[0].teamId !== opts.teamId ||\n      cache[0].projectId !== opts.projectId\n    ) {\n      const promise = generateCredentials(opts).catch((err) => {\n        cache = null;\n        throw err;\n      });\n      cache = [opts, promise];\n    }\n    const v = await cache[1];\n    Log.write(\n      \"warn\",\n      `using inferred credentials team=${v.teamId} project=${v.projectId}`,\n    );\n    return v;\n  };\n})();\n\n/**\n * Generates credentials by authenticating and inferring scope.\n *\n * @internal This is exported for testing purposes. Consider using\n * {@link cachedGenerateCredentials} instead, which caches the result\n * to avoid redundant authentication flows.\n */\nexport async function generateCredentials(opts: {\n  teamId?: string;\n  projectId?: string;\n}): Promise<Credentials> {\n  const { OAuth, pollForToken, getAuth, updateAuthConfig, inferScope } =\n    await importAuth();\n  let auth = getAuth();\n  if (!auth?.token) {\n    const timeout: ms.StringValue = process.env.VERCEL_URL\n      ? /* when deployed to vercel we don't want to have a long timeout */ \"1 minute\"\n      : \"5 minutes\";\n    auth = await signInAndGetToken({ OAuth, pollForToken, getAuth }, timeout);\n  }\n  if (\n    auth?.refreshToken &&\n    auth.expiresAt &&\n    auth.expiresAt.getTime() <= Date.now()\n  ) {\n    const oauth = await OAuth();\n    const newToken = await oauth.refreshToken(auth.refreshToken);\n    auth = {\n      expiresAt: new Date(Date.now() + newToken.expires_in * 1000),\n      token: newToken.access_token,\n      refreshToken: newToken.refresh_token || auth.refreshToken,\n    };\n    updateAuthConfig(auth);\n  }\n\n  if (!auth?.token) {\n    throw new Error(\n      [\n        `Failed to retrieve authentication token.`,\n        `${pico.bold(\"hint:\")} Set VERCEL_OIDC_TOKEN or provide a Vercel API token.`,\n        \"├▶ Sandbox docs: https://vercel.com/docs/vercel-sandbox\",\n        \"╰▶ Access tokens: https://vercel.com/kb/guide/how-do-i-use-a-vercel-api-access-token\",\n      ].join(\"\\n\"),\n    );\n  }\n\n  if (opts.teamId && opts.projectId) {\n    return {\n      token: auth.token,\n      teamId: opts.teamId,\n      projectId: opts.projectId,\n    };\n  }\n\n  const scope = await inferScope({ teamId: opts.teamId, token: auth.token });\n\n  if (scope.created) {\n    Log.write(\n      \"info\",\n      `Created default project \"${scope.projectId}\" in team \"${scope.teamId}\".`,\n    );\n  }\n\n  return {\n    token: auth.token,\n    teamId: opts.teamId || scope.teamId,\n    projectId: opts.projectId || scope.projectId,\n  };\n}\n\nexport async function signInAndGetToken(\n  auth: Pick<\n    Awaited<ReturnType<typeof importAuth>>,\n    \"OAuth\" | \"getAuth\" | \"pollForToken\"\n  >,\n  timeout: ms.StringValue,\n) {\n  Log.write(\"warn\", [\n    `No VERCEL_OIDC_TOKEN environment variable found, initiating device authorization flow...`,\n    `│  ${pico.bold(\"help:\")} this flow only happens on development environment.`,\n    `│  In production, make sure to set up a proper token, or set up Vercel OIDC [https://vercel.com/docs/oidc].`,\n  ]);\n  const oauth = await auth.OAuth();\n  const request = await oauth.deviceAuthorizationRequest();\n  Log.write(\"info\", [\n    `╰▶ To authenticate, visit: ${request.verification_uri_complete}`,\n    `   or visit ${pico.italic(request.verification_uri)} and type ${pico.bold(request.user_code)}`,\n    `   Press ${pico.bold(\"<return>\")} to open in your browser`,\n  ]);\n\n  let error: Error | undefined;\n  const generator = auth.pollForToken({ request, oauth });\n  let done = false;\n  let spawnedTimeout = setTimeout(() => {\n    if (done) return;\n    const message = [\n      `Authentication flow timed out after ${timeout}.`,\n      `│  Make sure to provide a token to avoid prompting an interactive flow.`,\n      `╰▶ ${pico.bold(\"help:\")} Link your project with ${Log.code(\"npx vercel link\")} to refresh OIDC token automatically.`,\n    ].join(\"\\n\");\n    error = new Error(message);\n    // Note: generator.return() initiates cooperative cancellation. The generator's\n    // finally block will abort pending setTimeout calls, but any in-flight HTTP\n    // request will complete before the generator terminates. This is acceptable\n    // for this dev-only timeout scenario.\n    generator.return();\n  }, ms(timeout));\n  try {\n    for await (const event of generator) {\n      switch (event._tag) {\n        case \"SlowDown\":\n        case \"Timeout\":\n        case \"Response\":\n          break;\n        case \"Error\":\n          error = event.error;\n          break;\n        default:\n          throw new Error(\n            `Unknown event type: ${JSON.stringify(event satisfies never)}`,\n          );\n      }\n    }\n  } finally {\n    done = true;\n    clearTimeout(spawnedTimeout);\n  }\n\n  if (error) {\n    Log.write(\n      \"error\",\n      `${pico.bold(\"error:\")} Authentication failed: ${error.message}`,\n    );\n    throw error;\n  }\n\n  Log.write(\"success\", `${pico.bold(\"done!\")} Authenticated successfully!`);\n  const stored = auth.getAuth();\n  return stored;\n}\n"],"mappings":";;;;;;;;AAKA,eAAe,aAAa;AAE1B,QADa,2CAAM;;AAIrB,SAAgB,6BAAsC;AACpD,QACE,QAAQ,IAAI,aAAa,gBACzB,CAAC,CAAC,KAAK,OAAO,CAAC,SAAS,QAAQ,IAAI,MAAM,GAAG,IAC7C,QAAQ,OAAO,SACf,QAAQ,MAAM;;;;;;;;;;;;;;AAgBlB,MAAa,mCAAmC;CAC9C,IAAIA,QAEO;AACX,QAAO,OAAO,SAAkD;AAC9D,MACE,CAAC,SACD,MAAM,GAAG,WAAW,KAAK,UACzB,MAAM,GAAG,cAAc,KAAK,UAM5B,SAAQ,CAAC,MAJO,oBAAoB,KAAK,CAAC,OAAO,QAAQ;AACvD,WAAQ;AACR,SAAM;IACN,CACqB;EAEzB,MAAM,IAAI,MAAM,MAAM;AACtB,oBACE,QACA,mCAAmC,EAAE,OAAO,WAAW,EAAE,YAC1D;AACD,SAAO;;IAEP;;;;;;;;AASJ,eAAsB,oBAAoB,MAGjB;CACvB,MAAM,EAAE,OAAO,cAAc,SAAS,kBAAkB,eACtD,MAAM,YAAY;CACpB,IAAI,OAAO,SAAS;AACpB,KAAI,CAAC,MAAM,OAAO;EAChB,MAAMC,UAA0B,QAAQ,IAAI,aAC2B,aACnE;AACJ,SAAO,MAAM,kBAAkB;GAAE;GAAO;GAAc;GAAS,EAAE,QAAQ;;AAE3E,KACE,MAAM,gBACN,KAAK,aACL,KAAK,UAAU,SAAS,IAAI,KAAK,KAAK,EACtC;EAEA,MAAM,WAAW,OADH,MAAM,OAAO,EACE,aAAa,KAAK,aAAa;AAC5D,SAAO;GACL,WAAW,IAAI,KAAK,KAAK,KAAK,GAAG,SAAS,aAAa,IAAK;GAC5D,OAAO,SAAS;GAChB,cAAc,SAAS,iBAAiB,KAAK;GAC9C;AACD,mBAAiB,KAAK;;AAGxB,KAAI,CAAC,MAAM,MACT,OAAM,IAAI,MACR;EACE;EACA,GAAGC,mBAAK,KAAK,QAAQ,CAAC;EACtB;EACA;EACD,CAAC,KAAK,KAAK,CACb;AAGH,KAAI,KAAK,UAAU,KAAK,UACtB,QAAO;EACL,OAAO,KAAK;EACZ,QAAQ,KAAK;EACb,WAAW,KAAK;EACjB;CAGH,MAAM,QAAQ,MAAM,WAAW;EAAE,QAAQ,KAAK;EAAQ,OAAO,KAAK;EAAO,CAAC;AAE1E,KAAI,MAAM,QACR,mBACE,QACA,4BAA4B,MAAM,UAAU,aAAa,MAAM,OAAO,IACvE;AAGH,QAAO;EACL,OAAO,KAAK;EACZ,QAAQ,KAAK,UAAU,MAAM;EAC7B,WAAW,KAAK,aAAa,MAAM;EACpC;;AAGH,eAAsB,kBACpB,MAIA,SACA;AACA,mBAAU,QAAQ;EAChB;EACA,MAAMA,mBAAK,KAAK,QAAQ,CAAC;EACzB;EACD,CAAC;CACF,MAAM,QAAQ,MAAM,KAAK,OAAO;CAChC,MAAM,UAAU,MAAM,MAAM,4BAA4B;AACxD,mBAAU,QAAQ;EAChB,8BAA8B,QAAQ;EACtC,eAAeA,mBAAK,OAAO,QAAQ,iBAAiB,CAAC,YAAYA,mBAAK,KAAK,QAAQ,UAAU;EAC7F,YAAYA,mBAAK,KAAK,WAAW,CAAC;EACnC,CAAC;CAEF,IAAIC;CACJ,MAAM,YAAY,KAAK,aAAa;EAAE;EAAS;EAAO,CAAC;CACvD,IAAI,OAAO;CACX,IAAI,iBAAiB,iBAAiB;AACpC,MAAI,KAAM;EACV,MAAM,UAAU;GACd,uCAAuC,QAAQ;GAC/C;GACA,MAAMD,mBAAK,KAAK,QAAQ,CAAC,2CAAmC,kBAAkB,CAAC;GAChF,CAAC,KAAK,KAAK;AACZ,UAAQ,IAAI,MAAM,QAAQ;AAK1B,YAAU,QAAQ;oBACd,QAAQ,CAAC;AACf,KAAI;AACF,aAAW,MAAM,SAAS,UACxB,SAAQ,MAAM,MAAd;GACE,KAAK;GACL,KAAK;GACL,KAAK,WACH;GACF,KAAK;AACH,YAAQ,MAAM;AACd;GACF,QACE,OAAM,IAAI,MACR,uBAAuB,KAAK,UAAU,MAAsB,GAC7D;;WAGC;AACR,SAAO;AACP,eAAa,eAAe;;AAG9B,KAAI,OAAO;AACT,oBACE,SACA,GAAGA,mBAAK,KAAK,SAAS,CAAC,0BAA0B,MAAM,UACxD;AACD,QAAM;;AAGR,mBAAU,WAAW,GAAGA,mBAAK,KAAK,QAAQ,CAAC,8BAA8B;AAEzE,QADe,KAAK,SAAS"}