Lines 25-66javascript
25var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
26 function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
27 return new (P || (P = Promise))(function (resolve, reject) {
28 function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
29 function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
30 function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
31 step((generator = generator.apply(thisArg, _arguments || [])).next());
34var __importDefault = (this && this.__importDefault) || function (mod) {
35 return (mod && mod.__esModule) ? mod : { "default": mod };
38Object.defineProperty(exports, "__esModule", { value: true });
39exports.STORE_URL = void 0;
40exports.openBrowser = openBrowser;
41exports.getStoredAuth = getStoredAuth;
43exports.logout = logout;
44exports.requireAuth = requireAuth;
45exports.getOrAuthorizeGitHub = getOrAuthorizeGitHub;
46const http = __importStar(require("http"));
47const child_process_1 = require("child_process");
48const chalk_1 = __importDefault(require("chalk"));
HighChild Process
Package source references child process execution.
dist/cli/lib/auth.jsView on unpkg · L46 49const ora_1 = __importDefault(require("ora"));
50const KEYCHAIN_SERVICE = 'asyar-cli';
51const KEY_STORE_TOKEN = 'store-session-token';
52const KEY_GITHUB_TOKEN = 'github-token';
53const KEY_GITHUB_USERNAME = 'github-username';
55exports.STORE_URL = (_a = process.env.ASYAR_STORE_URL) !== null && _a !== void 0 ? _a : 'https://asyar.org';
56function openBrowser(rawUrl) {
HighSame File Env Network Execution
A single source file combines environment access, network access, and code or shell execution; review context before blocking.
dist/cli/lib/auth.jsView on unpkg · L45 HighSandbox Evasion Gated Capability
Source gates dangerous network, credential, or execution behavior behind CI, host, platform, time, or geo fingerprint checks.
dist/cli/lib/auth.jsView on unpkg · L45 57 // Untrusted input (env var / GitHub response): allow only normalized
58 // http(s) URLs, spawn the opener without a shell. Callers print the URL
59 // as a manual fallback, so refusing is safe.
62 parsed = new URL(rawUrl);