@vercel/slack-bolt 1.4.0 → 1.4.2

package/dist/preview-DeqpNNn_.js

@@ -0,0 +1,794 @@
+//#region \0rolldown/runtime.js
+var __create = Object.create;
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __getProtoOf = Object.getPrototypeOf;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __commonJSMin = (cb, mod) => () => (mod || cb((mod = { exports: {} }).exports, mod), mod.exports);
+var __copyProps = (to, from, except, desc) => {
+	if (from && typeof from === "object" || typeof from === "function") for (var keys = __getOwnPropNames(from), i = 0, n = keys.length, key; i < n; i++) {
+		key = keys[i];
+		if (!__hasOwnProp.call(to, key) && key !== except) __defProp(to, key, {
+			get: ((k) => from[k]).bind(null, key),
+			enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable
+		});
+	}
+	return to;
+};
+var __toESM = (mod, isNodeMode, target) => (target = mod != null ? __create(__getProtoOf(mod)) : {}, __copyProps(isNodeMode || !mod || !mod.__esModule ? __defProp(target, "default", {
+	value: mod,
+	enumerable: true
+}) : target, mod));
+//#endregion
+let node_fs = require("node:fs");
+node_fs = __toESM(node_fs);
+let node_path = require("node:path");
+node_path = __toESM(node_path);
+let yaml = require("yaml");
+let node_crypto = require("node:crypto");
+node_crypto = __toESM(node_crypto);
+//#region src/internal/manifest/index.ts
+function rewriteUrl(originalUrl, branchUrl, bypassSecret) {
+	const pathStart = originalUrl.indexOf("/", originalUrl.indexOf("//") + 2);
+	const pathAndQuery = pathStart !== -1 ? originalUrl.slice(pathStart) : "/";
+	const url = new URL(pathAndQuery, `https://${branchUrl}`);
+	if (bypassSecret) url.searchParams.set("x-vercel-protection-bypass", bypassSecret);
+	return url.toString();
+}
+function createManifestDescription(params) {
+	const shortSha = params.commitSha?.slice(0, 7) ?? "unknown";
+	const safeCommitMsg = params.commitMessage ?? "";
+	const safeCommitAuthor = params.commitAuthor ?? "unknown";
+	const deploymentInfo = `\n:globe_with_meridians: *Deployment URL:* ${params.branchUrl}\n:seedling: *Branch:* ${params.branch}\n:technologist: *Commit:* ${shortSha} ${safeCommitMsg}\n:bust_in_silhouette: *Last updated by:* ${safeCommitAuthor}\n\n_Automatically created by ▲ Vercel_\n`;
+	const maxLongDesc = 4e3;
+	const combined = params.existingDescription + deploymentInfo;
+	let longDescription;
+	if (combined.length > maxLongDesc) {
+		const available = Math.max(0, maxLongDesc - deploymentInfo.length);
+		longDescription = (params.existingDescription.slice(0, available) + deploymentInfo).slice(0, maxLongDesc);
+	} else longDescription = combined;
+	const maxDisplayName = 35;
+	const cleanBranch = params.branch.replace(/^refs\/heads\//, "").replace(/\//g, "-");
+	let displayName = `${params.existingName} (${cleanBranch})`;
+	if (displayName.length > maxDisplayName) {
+		const prefix = `${params.existingName} (`;
+		const suffix = ")";
+		const availableForBranch = maxDisplayName - prefix.length - 1;
+		displayName = availableForBranch > 0 ? `${prefix}${cleanBranch.slice(0, availableForBranch)}${suffix}` : displayName.slice(0, maxDisplayName);
+	}
+	return {
+		longDescription,
+		displayName
+	};
+}
+function createNewManifest(params) {
+	const manifest = structuredClone(params.originalManifest);
+	if (manifest.settings?.event_subscriptions?.request_url) manifest.settings.event_subscriptions.request_url = rewriteUrl(manifest.settings.event_subscriptions.request_url, params.branchUrl, params.bypassSecret);
+	if (manifest.settings?.interactivity?.request_url) manifest.settings.interactivity.request_url = rewriteUrl(manifest.settings.interactivity.request_url, params.branchUrl, params.bypassSecret);
+	if (manifest.features?.slash_commands) {
+		for (const cmd of manifest.features.slash_commands) if (cmd.url) cmd.url = rewriteUrl(cmd.url, params.branchUrl, params.bypassSecret);
+	}
+	if (manifest.oauth_config?.redirect_urls) manifest.oauth_config.redirect_urls = manifest.oauth_config.redirect_urls.map((originalUrl) => rewriteUrl(originalUrl, params.branchUrl));
+	const { longDescription, displayName } = createManifestDescription({
+		existingDescription: manifest.display_information.long_description ?? "",
+		existingName: manifest.features?.bot_user?.display_name ?? manifest.display_information.name,
+		branchUrl: params.branchUrl,
+		branch: params.branch,
+		commitSha: params.commitSha,
+		commitMessage: params.commitMessage,
+		commitAuthor: params.commitAuthor
+	});
+	manifest.display_information.long_description = longDescription;
+	manifest.display_information.name = displayName;
+	if (manifest.features?.bot_user) manifest.features.bot_user.display_name = displayName;
+	return manifest;
+}
+//#endregion
+//#region src/internal/manifest/parse.ts
+function isYaml(filePath) {
+	const ext = node_path.default.extname(filePath).toLowerCase();
+	return ext === ".yaml" || ext === ".yml";
+}
+function parseManifest(raw, filePath) {
+	if (isYaml(filePath)) return (0, yaml.parse)(raw);
+	return JSON.parse(raw);
+}
+function stringifyManifest(manifest, filePath) {
+	if (isYaml(filePath)) return (0, yaml.stringify)(manifest);
+	return JSON.stringify(manifest, null, 2);
+}
+//#endregion
+//#region src/internal/vercel/errors.ts
+var HTTPError = class HTTPError extends Error {
+	constructor(message, status, statusText, body) {
+		const parts = [`${message}: ${status} ${statusText}`];
+		if (body) parts.push(body);
+		super(parts.join(" - "));
+		this.status = status;
+		this.statusText = statusText;
+		this.body = body;
+	}
+	static async fromResponse(message, response) {
+		let body;
+		try {
+			const text = await response.text();
+			if (text) body = text;
+		} catch {}
+		return new HTTPError(message, response.status, response.statusText, body);
+	}
+};
+//#endregion
+//#region src/internal/slack/errors.ts
+var SlackManifestCreateError = class extends Error {
+	constructor(message, errors) {
+		super(message);
+		this.errors = errors;
+	}
+};
+var SlackManifestUpdateError = class extends Error {
+	constructor(message, errors) {
+		super(message);
+		this.errors = errors;
+	}
+};
+var SlackManifestExportError = class extends Error {};
+//#endregion
+//#region src/internal/slack/index.ts
+async function createSlackApp({ token, manifest }) {
+	const response = await fetch("https://slack.com/api/apps.manifest.create", {
+		method: "POST",
+		headers: {
+			Authorization: `Bearer ${token}`,
+			"Content-Type": "application/json; charset=utf-8"
+		},
+		body: JSON.stringify({ manifest: JSON.stringify(manifest) })
+	});
+	if (!response.ok) throw new HTTPError("Failed to create Slack app", response.status, response.statusText);
+	const data = await response.json();
+	if (!data.ok) throw new SlackManifestCreateError(data?.error ?? "Unknown error", data?.errors);
+	return data;
+}
+async function updateSlackApp({ token, appId, manifest }) {
+	const response = await fetch("https://slack.com/api/apps.manifest.update", {
+		method: "POST",
+		headers: {
+			Authorization: `Bearer ${token}`,
+			"Content-Type": "application/json; charset=utf-8"
+		},
+		body: JSON.stringify({
+			app_id: appId,
+			manifest: JSON.stringify(manifest)
+		})
+	});
+	if (!response.ok) throw new HTTPError("Failed to update Slack app", response.status, response.statusText);
+	const data = await response.json();
+	if (!data.ok) throw new SlackManifestUpdateError(data?.error ?? "Unknown error", data?.errors);
+	return data;
+}
+async function exportSlackApp({ token, appId }) {
+	const response = await fetch("https://slack.com/api/apps.manifest.export", {
+		method: "POST",
+		headers: {
+			Authorization: `Bearer ${token}`,
+			"Content-Type": "application/json; charset=utf-8"
+		},
+		body: JSON.stringify({ app_id: appId })
+	});
+	if (!response.ok) throw new HTTPError("Failed to export Slack app", response.status, response.statusText);
+	const data = await response.json();
+	if (!data.ok) throw new SlackManifestExportError(data?.error ?? "Unknown error");
+	return data;
+}
+async function upsertSlackApp({ token, appId, manifest }) {
+	if (appId) try {
+		await exportSlackApp({
+			token,
+			appId
+		});
+		return {
+			isNew: false,
+			app: await updateSlackApp({
+				token,
+				appId,
+				manifest
+			})
+		};
+	} catch {}
+	return {
+		isNew: true,
+		app: await createSlackApp({
+			token,
+			manifest
+		})
+	};
+}
+async function deleteSlackApp({ token, appId }) {
+	const response = await fetch("https://slack.com/api/apps.manifest.delete", {
+		method: "POST",
+		headers: {
+			Authorization: `Bearer ${token}`,
+			"Content-Type": "application/json; charset=utf-8"
+		},
+		body: JSON.stringify({ app_id: appId })
+	});
+	if (!response.ok) throw new HTTPError("Failed to delete Slack app", response.status, response.statusText);
+	const data = await response.json();
+	if (!data.ok) throw new Error(data.error ?? "Unknown error");
+}
+async function rotateConfigToken({ refreshToken }) {
+	const response = await fetch("https://slack.com/api/tooling.tokens.rotate", {
+		method: "POST",
+		headers: { "Content-Type": "application/x-www-form-urlencoded" },
+		body: new URLSearchParams({ refresh_token: refreshToken })
+	});
+	if (!response.ok) throw new HTTPError("Failed to rotate configuration token", response.status, response.statusText);
+	const data = await response.json();
+	if (!data.ok || !data.token || !data.refresh_token) throw new Error(data.error ?? "Unknown error rotating token");
+	return {
+		token: data.token,
+		refreshToken: data.refresh_token,
+		exp: data.exp ?? 0
+	};
+}
+async function authTest({ token }) {
+	const response = await fetch("https://slack.com/api/auth.test", {
+		method: "POST",
+		headers: {
+			Authorization: `Bearer ${token}`,
+			"Content-Type": "application/json; charset=utf-8"
+		}
+	});
+	if (!response.ok) throw new HTTPError("Auth test failed", response.status, response.statusText);
+	const data = await response.json();
+	if (!data.ok) throw new Error(data.error ?? "Unknown error");
+	return {
+		userId: data.user_id ?? "",
+		teamId: data.team_id ?? ""
+	};
+}
+async function verifyServiceTokenAccess(params) {
+	try {
+		await exportSlackApp({
+			token: params.serviceToken,
+			appId: params.appId
+		});
+		return { hasAccess: true };
+	} catch {
+		return { hasAccess: false };
+	}
+}
+async function installApp(params) {
+	const { serviceToken, appId, botScopes, outgoingDomains } = params;
+	if (!serviceToken) return { status: "missing_service_token" };
+	const response = await fetch("https://slack.com/api/apps.developerInstall", {
+		method: "POST",
+		headers: {
+			Authorization: `Bearer ${serviceToken}`,
+			"Content-Type": "application/json; charset=utf-8"
+		},
+		body: JSON.stringify({
+			app_id: appId,
+			bot_scopes: botScopes,
+			outgoing_domains: outgoingDomains ?? []
+		})
+	});
+	if (!response.ok) return {
+		status: "slack_api_error",
+		error: response.statusText
+	};
+	const data = await response.json();
+	if (data.error) switch (data.error) {
+		case "app_approval_request_eligible": return { status: "app_approval_request_eligible" };
+		case "app_approval_request_pending": return { status: "app_approval_request_pending" };
+		case "app_approval_request_denied": return { status: "app_approval_request_denied" };
+		case "invalid_app_id":
+			if (serviceToken) {
+				const { hasAccess } = await verifyServiceTokenAccess({
+					serviceToken,
+					appId
+				});
+				if (!hasAccess) return { status: "no_access" };
+			}
+			return { status: "invalid_app_id" };
+		default: return { status: "unknown_error" };
+	}
+	return {
+		status: "installed",
+		botToken: data.api_access_tokens?.bot,
+		appLevelToken: data.api_access_tokens?.app_level,
+		userToken: data.api_access_tokens?.user
+	};
+}
+//#endregion
+//#region src/internal/vercel/index.ts
+async function getProject({ projectId, token, teamId }) {
+	const url = new URL(`https://api.vercel.com/v9/projects/${encodeURIComponent(projectId)}`);
+	if (teamId) url.searchParams.set("teamId", teamId);
+	const response = await fetch(url, {
+		method: "GET",
+		headers: { Authorization: `Bearer ${token}` }
+	});
+	if (!response.ok) throw await HTTPError.fromResponse("Failed to access Vercel project", response);
+}
+async function updateProtectionBypass({ projectId, token, teamId }) {
+	const newSecret = node_crypto.default.randomBytes(16).toString("hex");
+	const note = "Created by @vercel/slack-bolt";
+	const url = new URL(`https://api.vercel.com/v1/projects/${encodeURIComponent(projectId)}/protection-bypass`);
+	if (teamId) url.searchParams.set("teamId", teamId);
+	const response = await fetch(url, {
+		method: "PATCH",
+		headers: {
+			Authorization: `Bearer ${token}`,
+			"Content-Type": "application/json"
+		},
+		body: JSON.stringify({ generate: {
+			secret: newSecret,
+			note
+		} })
+	});
+	if (!response.ok) throw await HTTPError.fromResponse("Failed to update protection bypass", response);
+	return newSecret;
+}
+async function addEnvironmentVariables({ projectId, token, teamId, envs, upsert = true }) {
+	const url = new URL(`https://api.vercel.com/v10/projects/${encodeURIComponent(projectId)}/env`);
+	if (teamId) url.searchParams.set("teamId", teamId);
+	if (upsert) url.searchParams.set("upsert", "true");
+	const response = await fetch(url, {
+		method: "POST",
+		headers: {
+			Authorization: `Bearer ${token}`,
+			"Content-Type": "application/json"
+		},
+		body: JSON.stringify(envs)
+	});
+	if (!response.ok) throw await HTTPError.fromResponse("Failed to create environment variables", response);
+	return response.json();
+}
+async function cancelDeployment({ deploymentId, token, teamId }) {
+	const url = new URL(`https://api.vercel.com/v12/deployments/${encodeURIComponent(deploymentId)}/cancel`);
+	if (teamId) url.searchParams.set("teamId", teamId);
+	const response = await fetch(url, {
+		method: "PATCH",
+		headers: { Authorization: `Bearer ${token}` }
+	});
+	if (!response.ok) throw await HTTPError.fromResponse("Failed to cancel deployment", response);
+}
+async function createDeployment({ deploymentId, projectId, token, teamId }) {
+	const url = new URL("https://api.vercel.com/v13/deployments");
+	if (teamId) url.searchParams.set("teamId", teamId);
+	url.searchParams.set("forceNew", "1");
+	const response = await fetch(url, {
+		method: "POST",
+		headers: {
+			Authorization: `Bearer ${token}`,
+			"Content-Type": "application/json"
+		},
+		body: JSON.stringify({
+			deploymentId,
+			name: projectId,
+			project: projectId
+		})
+	});
+	if (!response.ok) throw await HTTPError.fromResponse("Failed to create deployment", response);
+	const data = await response.json();
+	return {
+		id: data.id,
+		url: data.url
+	};
+}
+async function getActiveBranches({ projectId, token, teamId }) {
+	const params = new URLSearchParams({
+		active: "1",
+		limit: "100"
+	});
+	if (teamId) params.set("teamId", teamId);
+	const response = await fetch(`https://api.vercel.com/v5/projects/${encodeURIComponent(projectId)}/branches?${params}`, { headers: { Authorization: `Bearer ${token}` } });
+	if (!response.ok) throw await HTTPError.fromResponse("Failed to fetch active branches", response);
+	const data = await response.json();
+	return new Set(data.branches?.map((b) => b.branch) ?? []);
+}
+async function getEnvironmentVariables({ projectId, token, teamId }) {
+	const url = new URL(`https://api.vercel.com/v9/projects/${encodeURIComponent(projectId)}/env`);
+	if (teamId) url.searchParams.set("teamId", teamId);
+	const response = await fetch(url, { headers: { Authorization: `Bearer ${token}` } });
+	if (!response.ok) throw await HTTPError.fromResponse("Failed to fetch environment variables", response);
+	return (await response.json()).envs ?? [];
+}
+async function getEnvironmentVariable({ projectId, envId, token, teamId }) {
+	const url = new URL(`https://api.vercel.com/v9/projects/${encodeURIComponent(projectId)}/env/${encodeURIComponent(envId)}`);
+	if (teamId) url.searchParams.set("teamId", teamId);
+	const response = await fetch(url, { headers: { Authorization: `Bearer ${token}` } });
+	if (!response.ok) throw await HTTPError.fromResponse("Failed to fetch environment variable", response);
+	return (await response.json()).value ?? null;
+}
+async function deleteEnvironmentVariable({ projectId, envId, token, teamId }) {
+	const url = new URL(`https://api.vercel.com/v9/projects/${encodeURIComponent(projectId)}/env/${encodeURIComponent(envId)}`);
+	if (teamId) url.searchParams.set("teamId", teamId);
+	const response = await fetch(url, {
+		method: "DELETE",
+		headers: { Authorization: `Bearer ${token}` }
+	});
+	if (!response.ok) throw await HTTPError.fromResponse("Failed to delete environment variable", response);
+}
+//#endregion
+//#region src/logger.ts
+function isDebug() {
+	return process.env.VERCEL_SLACK_DEBUG === "1" || process.env.VERCEL_SLACK_DEBUG === "true";
+}
+const BOLD = "\x1B[1m";
+const RESET = "\x1B[0m";
+const DIM = "\x1B[2m";
+const GREEN = "\x1B[32m";
+const YELLOW = "\x1B[33m";
+const log = {
+	step: (msg) => console.log(`  ${msg} ...`),
+	success: (msg) => console.log(`${GREEN}✓${RESET} ${msg}`),
+	info: (msg) => console.log(`  ${msg}`),
+	warning: (msg) => console.log(`${YELLOW}⚠${RESET} ${msg}`),
+	error: (...args) => console.error(...args),
+	debug: (...args) => {
+		if (isDebug()) {
+			const msg = args.map((a) => typeof a === "string" ? a : String(a)).join(" ");
+			console.debug(`${DIM}${msg}${RESET}`);
+		}
+	}
+};
+const REDACTED_HEADERS = new Set(["authorization"]);
+/**
+* Keys whose values should be redacted when logging request/response bodies.
+* Matches are case-insensitive and checked against the lowercased key.
+*/
+const SENSITIVE_BODY_KEYS = new Set([
+	"token",
+	"bot",
+	"app_level",
+	"user",
+	"secret",
+	"client_secret",
+	"signing_secret",
+	"verification_token",
+	"bot_token",
+	"user_token",
+	"app_level_token",
+	"value",
+	"access_token",
+	"refresh_token",
+	"password"
+]);
+/**
+* Key name fragments — if any of these appear in a key name (case-insensitive),
+* the value is redacted.
+*/
+const SENSITIVE_KEY_PATTERNS = [
+	"token",
+	"secret",
+	"password",
+	"credential"
+];
+function isSensitiveKey(key) {
+	const lower = key.toLowerCase();
+	if (SENSITIVE_BODY_KEYS.has(lower)) return true;
+	return SENSITIVE_KEY_PATTERNS.some((pattern) => lower.includes(pattern));
+}
+function redactValue(value) {
+	if (value.length <= 4) return "****";
+	return `****${value.slice(-4)}`;
+}
+function redactSensitiveFields(obj) {
+	if (Array.isArray(obj)) return obj.map((item) => redactSensitiveFields(item));
+	if (obj !== null && typeof obj === "object") {
+		const result = {};
+		for (const [key, val] of Object.entries(obj)) if (isSensitiveKey(key) && typeof val === "string") result[key] = redactValue(val);
+		else result[key] = redactSensitiveFields(val);
+		return result;
+	}
+	return obj;
+}
+function redactBody(body) {
+	try {
+		const redacted = redactSensitiveFields(JSON.parse(body));
+		return JSON.stringify(redacted);
+	} catch {
+		return `<non-JSON body, ${body.length} bytes>`;
+	}
+}
+function formatHeaders(headers) {
+	const redacted = (headers instanceof Headers ? [...headers.entries()] : Object.entries(headers ?? {})).map(([k, v]) => REDACTED_HEADERS.has(k.toLowerCase()) ? [k, `****${v.slice(-4)}`] : [k, v]);
+	return JSON.stringify(Object.fromEntries(redacted));
+}
+function enableFetchDebugLogging() {
+	if (globalThis.fetch.__debugPatched) return;
+	const originalFetch = globalThis.fetch;
+	const patched = async (input, init) => {
+		const method = init?.method ?? "GET";
+		const url = input instanceof Request ? input.url : input.toString();
+		const start = performance.now();
+		log.debug(`-> ${method} ${url}`);
+		log.debug(`   headers: ${formatHeaders(init?.headers)}`);
+		if (typeof init?.body === "string") log.debug(`   body: ${redactBody(init.body)}`);
+		const response = await originalFetch(input, init);
+		const ms = (performance.now() - start).toFixed(0);
+		log.debug(`<- ${response.status} ${response.statusText} (${ms}ms)`);
+		log.debug(`   headers: ${formatHeaders(response.headers)}`);
+		const clone = response.clone();
+		try {
+			const body = await clone.text();
+			if (body) log.debug(`   body: ${redactBody(body)}`);
+		} catch {}
+		return response;
+	};
+	patched.__debugPatched = true;
+	globalThis.fetch = patched;
+}
+const startMessage = (version, branch, commit, appId) => {
+	const lines = [`▲ @vercel/slack-bolt ${version ?? ""}`];
+	if (branch) lines.push(`  - Branch: ${branch}`);
+	if (commit) lines.push(`  - Commit: ${commit.slice(0, 7)}`);
+	if (appId) lines.push(`  - App ID: ${appId}`);
+	return `${BOLD}${lines.join("\n")}${RESET}\n`;
+};
+//#endregion
+//#region src/preview.ts
+const preview = async (params, context) => {
+	const { branch, projectId, deploymentUrl, teamId, commitAuthor, commitMessage: commitMsg, commitSha, slackAppId, slackConfigurationToken, slackServiceToken, manifestPath, vercelApiToken } = params;
+	const cli = context === "cli";
+	const branchUrl = params.branchUrl ?? deploymentUrl;
+	let bypassSecret = params.automationBypassSecret;
+	if (!bypassSecret) {
+		if (cli) log.step("Generating automation bypass secret");
+		bypassSecret = await updateProtectionBypass({
+			projectId,
+			token: vercelApiToken,
+			teamId
+		});
+		if (cli) log.success("Automation bypass secret generated");
+	}
+	if (cli) log.step(`Reading manifest from ${manifestPath}`);
+	const manifest = parseManifest(node_fs.default.readFileSync(node_path.default.join(process.cwd(), manifestPath), "utf8"), manifestPath);
+	const newManifest = createNewManifest({
+		originalManifest: manifest,
+		branchUrl,
+		bypassSecret,
+		branch,
+		commitSha,
+		commitMessage: commitMsg,
+		commitAuthor
+	});
+	node_fs.default.writeFileSync(node_path.default.join(process.cwd(), manifestPath), stringifyManifest(newManifest, manifestPath), "utf8");
+	if (cli) log.success(`Manifest updated for ${branchUrl}`);
+	if (cli) log.step("Creating or updating Slack app");
+	const { isNew, app } = await upsertSlackApp({
+		token: slackConfigurationToken,
+		appId: slackAppId,
+		manifest: newManifest
+	});
+	if (isNew) {
+		const credentialEnvs = [];
+		if (app.app_id) credentialEnvs.push({
+			key: "SLACK_APP_ID",
+			value: app.app_id,
+			type: "encrypted",
+			target: ["preview"],
+			gitBranch: branch,
+			comment: `Created by @vercel/slack-bolt for app ${app.app_id} on branch ${branch}`
+		});
+		if (app.credentials?.client_id) credentialEnvs.push({
+			key: "SLACK_CLIENT_ID",
+			value: app.credentials.client_id,
+			type: "encrypted",
+			target: ["preview"],
+			gitBranch: branch,
+			comment: `Created by @vercel/slack-bolt for app ${app.app_id} on branch ${branch}`
+		});
+		if (app.credentials?.client_secret) credentialEnvs.push({
+			key: "SLACK_CLIENT_SECRET",
+			value: app.credentials.client_secret,
+			type: "encrypted",
+			target: ["preview"],
+			gitBranch: branch,
+			comment: `Created by @vercel/slack-bolt for app ${app.app_id} on branch ${branch}`
+		});
+		if (app.credentials?.signing_secret) credentialEnvs.push({
+			key: "SLACK_SIGNING_SECRET",
+			value: app.credentials.signing_secret,
+			type: "encrypted",
+			target: ["preview"],
+			gitBranch: branch,
+			comment: `Created by @vercel/slack-bolt for app ${app.app_id} on branch ${branch}`
+		});
+		if (credentialEnvs.length > 0) await addEnvironmentVariables({
+			projectId,
+			token: vercelApiToken,
+			teamId,
+			envs: credentialEnvs
+		});
+	}
+	if (cli) log.success(`${isNew ? "Created" : "Updated"} Slack app ${app.app_id}`);
+	if (cli) log.step("Installing Slack app");
+	const { status, botToken, appLevelToken, userToken } = await installApp({
+		serviceToken: slackServiceToken,
+		appId: app.app_id,
+		botScopes: manifest.oauth_config?.scopes?.bot ?? []
+	});
+	if (isNew) {
+		const tokenEnvs = [];
+		if (botToken) tokenEnvs.push({
+			key: "SLACK_BOT_TOKEN",
+			value: botToken,
+			type: "encrypted",
+			target: ["preview"],
+			gitBranch: branch,
+			comment: `Created by @vercel/slack-bolt for app ${app.app_id} on branch ${branch}`
+		});
+		if (appLevelToken) tokenEnvs.push({
+			key: "SLACK_APP_LEVEL_TOKEN",
+			value: appLevelToken,
+			type: "encrypted",
+			target: ["preview"],
+			gitBranch: branch,
+			comment: `Created by @vercel/slack-bolt for app ${app.app_id} on branch ${branch}`
+		});
+		if (userToken) tokenEnvs.push({
+			key: "SLACK_USER_TOKEN",
+			value: userToken,
+			type: "encrypted",
+			target: ["preview"],
+			gitBranch: branch,
+			comment: `Created by @vercel/slack-bolt for app ${app.app_id} on branch ${branch}`
+		});
+		if (tokenEnvs.length > 0) await addEnvironmentVariables({
+			projectId,
+			token: vercelApiToken,
+			teamId,
+			envs: tokenEnvs
+		});
+	}
+	if (cli) {
+		switch (status) {
+			case "missing_service_token":
+				log.warning("SLACK_SERVICE_TOKEN is not set — app must be installed manually");
+				log.info("https://docs.slack.dev/authentication/tokens/#service");
+				break;
+			case "installed":
+				log.success(`Installed Slack app ${app.app_id}`);
+				break;
+			case "app_approval_request_eligible":
+				log.warning("App requires approval before it can be installed");
+				break;
+			case "app_approval_request_pending":
+				log.warning("App is pending approval before it can be installed");
+				break;
+			case "app_approval_request_denied":
+				log.warning("App approval request was denied");
+				break;
+			case "no_access":
+				log.warning(`SLACK_SERVICE_TOKEN does not have access to app ${app.app_id}. This usually means the service token and configuration token were created by different users. Ensure both tokens are generated by the same Slack user.
+https://docs.slack.dev/authentication/tokens/#service`);
+				break;
+			case "invalid_app_id":
+				log.warning("Invalid app ID. This is a bug in the @vercel/slack-bolt package. Please open an issue at https://github.com/vercel/slack-bolt/issues");
+				break;
+			case "slack_api_error":
+				log.warning("Slack API error while installing the app");
+				break;
+			case "unknown_error":
+				log.warning("Unknown error while installing the app");
+				break;
+		}
+		console.log();
+		if (app.app_id) log.info(`View app: https://api.slack.com/apps/${app.app_id}`);
+		if (isNew && app.oauth_authorize_url) log.info(`Install URL: ${app.oauth_authorize_url}`);
+		console.log();
+	}
+	return {
+		isNew,
+		installStatus: status,
+		app
+	};
+};
+//#endregion
+Object.defineProperty(exports, "__commonJSMin", {
+	enumerable: true,
+	get: function() {
+		return __commonJSMin;
+	}
+});
+Object.defineProperty(exports, "__toESM", {
+	enumerable: true,
+	get: function() {
+		return __toESM;
+	}
+});
+Object.defineProperty(exports, "addEnvironmentVariables", {
+	enumerable: true,
+	get: function() {
+		return addEnvironmentVariables;
+	}
+});
+Object.defineProperty(exports, "authTest", {
+	enumerable: true,
+	get: function() {
+		return authTest;
+	}
+});
+Object.defineProperty(exports, "cancelDeployment", {
+	enumerable: true,
+	get: function() {
+		return cancelDeployment;
+	}
+});
+Object.defineProperty(exports, "createDeployment", {
+	enumerable: true,
+	get: function() {
+		return createDeployment;
+	}
+});
+Object.defineProperty(exports, "deleteEnvironmentVariable", {
+	enumerable: true,
+	get: function() {
+		return deleteEnvironmentVariable;
+	}
+});
+Object.defineProperty(exports, "deleteSlackApp", {
+	enumerable: true,
+	get: function() {
+		return deleteSlackApp;
+	}
+});
+Object.defineProperty(exports, "enableFetchDebugLogging", {
+	enumerable: true,
+	get: function() {
+		return enableFetchDebugLogging;
+	}
+});
+Object.defineProperty(exports, "getActiveBranches", {
+	enumerable: true,
+	get: function() {
+		return getActiveBranches;
+	}
+});
+Object.defineProperty(exports, "getEnvironmentVariable", {
+	enumerable: true,
+	get: function() {
+		return getEnvironmentVariable;
+	}
+});
+Object.defineProperty(exports, "getEnvironmentVariables", {
+	enumerable: true,
+	get: function() {
+		return getEnvironmentVariables;
+	}
+});
+Object.defineProperty(exports, "getProject", {
+	enumerable: true,
+	get: function() {
+		return getProject;
+	}
+});
+Object.defineProperty(exports, "log", {
+	enumerable: true,
+	get: function() {
+		return log;
+	}
+});
+Object.defineProperty(exports, "preview", {
+	enumerable: true,
+	get: function() {
+		return preview;
+	}
+});
+Object.defineProperty(exports, "rotateConfigToken", {
+	enumerable: true,
+	get: function() {
+		return rotateConfigToken;
+	}
+});
+Object.defineProperty(exports, "startMessage", {
+	enumerable: true,
+	get: function() {
+		return startMessage;
+	}
+});
+
+//# sourceMappingURL=preview-DeqpNNn_.js.map