feat: initial release

Author: macropygia

.github/DISCUSSION_TEMPLATE/bug-reports.yml

@@ -0,0 +1,86 @@
+# name: "Bug reports"
+# title:
+# description: Use Q&A if you cannot fill out the form
+labels:
+  - bug
+# assignees:
+#   - macropygia
+body:
+  - type: markdown
+    attributes:
+      value: ⚠ Please write in plain English. (Repository owner is not a native English speaker.) ※日本語可
+  - type: checkboxes
+    id: checklist
+    attributes:
+      label: Checklist
+      description: Do all of the following conditions apply?
+      options:
+        - label: Using the latest version of `elysia-openid-client`.
+          required: true
+        - label: Using the latest version of Bun within the range specified in `engines`.
+          required: true
+        - label: Using the latest version of ElysiaJS within the range specified in `peerDependencies`.
+          required: true
+        - label: It is not due to dependencies, but rather the logic of `elysia-openid-client`.
+          required: true
+        - label: It is not due to the OpenID Provider violating the OpenID Connect specification.
+          required: true
+        - label: I will provide a minimal reproducible example.
+          required: true
+  - type: input
+    id: bun-version
+    attributes:
+      label: What version of Bun are you using?
+      placeholder: 1.0.0
+    validations:
+      required: true
+  - type: input
+    id: elysia-version
+    attributes:
+      label: What version of ElysiaJS are you using?
+      placeholder: 1.0.0
+    validations:
+      required: true
+  - type: input
+    id: issuer
+    attributes:
+      label: OpenID Provider (URL or name)
+      placeholder: https://example.com
+  - type: checkboxes
+    id: category
+    attributes:
+      label: Category
+      description: You may select more than one.
+      options:
+        - label: Endpoints
+        - label: Hooks
+        - label: Data Adapters
+        - label: Logic (other than above)
+        - label: Other
+  - type: textarea
+    id: description
+    attributes:
+      label: Describe the bug
+      description: A clear and concise description of what the bug is.
+    validations:
+      required: true
+  - type: textarea
+    id: expectation
+    attributes:
+      label: What's the expected result?
+      description: Describe what you expect to happen.
+    validations:
+      required: true
+  - type: textarea
+    id: reproduction
+    attributes:
+      label: Write or link to minimal reproducible example
+      description: Recommended to create a [minimal reproduction](https://github.com/renovatebot/renovate/blob/main/docs/development/minimal-reproductions.md) and link to it.
+    validations:
+      required: true
+  - type: checkboxes
+    id: will-pr
+    attributes:
+      label: Participation
+      options:
+        - label: I am willing to create a pull request for this issue.

.github/DISCUSSION_TEMPLATE/feature-requests.yml

@@ -0,0 +1,59 @@
+# name: "Feature requests"
+# title:
+# description: Use General if you cannot fill out the form
+labels:
+  - enhancement
+# assignees:
+#   - macropygia
+body:
+  - type: markdown
+    attributes:
+      value: ⚠ Please write in plain English. (Repository owner is not a native English speaker.) ※日本語可
+  - type: checkboxes
+    id: checklist
+    attributes:
+      label: Checklist
+      description: Do all of the following conditions apply?
+      options:
+        - label: It does not attempt to support OpenID Connect specification not supported by [`openid-client`](https://github.com/panva/node-openid-client)."
+          required: true
+        - label: It does not intend to add support for OpenID Provider that violate the OpenID Connect specification.
+          required: true
+        - label: Custom data adapter is not a solution.
+          required: true
+        - label: Custom logger is not a solution.
+          required: true
+        - label: Feasibility is verified.
+          required: true
+  - type: checkboxes
+    id: category
+    attributes:
+      label: Category
+      description: You may select more than one.
+      options:
+        - label: Endpoints
+        - label: Hooks
+        - label: Data Adapters
+        - label: Logic (other than above)
+        - label: Documentation
+        - label: Tests
+        - label: Security/Vulnerability
+        - label: Other
+  - type: textarea
+    id: description
+    attributes:
+      label: Description
+      description: A clear and concise description of the request.
+    validations:
+      required: true
+  - type: input
+    id: additional-dependencies
+    attributes:
+      label: Additional dependencies
+      description: If needed.
+  - type: checkboxes
+    id: will-pr
+    attributes:
+      label: Participation
+      options:
+        - label: I am willing to create a pull request for this issue.

.github/ISSUE_TEMPLATE/config.yml

@@ -0,0 +1,5 @@
+blank_issues_enabled: false
+contact_links:
+  - name: Start a discussion
+    url: https://github.com/macropygia/elysia-openid-client/discussions/new/choose
+    about: Any questions or suggestions about features or behavior.

.github/PULL_REQUEST_TEMPLATE.md

@@ -0,0 +1,11 @@
+## Changes
+
+## Context
+
+## Testing status (must select at least one)
+
+- [ ] Existing tests covered or no need to test
+- [ ] Code inspection only
+- [ ] Added or modified unit tests
+- [ ] Modified integration tests
+- [ ] Ran on a real project that could be an alternative to E2E tests

.github/release-drafter.yml

@@ -0,0 +1,24 @@
+name-template: "v$RESOLVED_VERSION"
+tag-template: "v$RESOLVED_VERSION"
+version-resolver:
+  major:
+    labels:
+      - "release:major"
+  minor:
+    labels:
+      - "release:minor"
+  patch:
+    labels:
+      - "release:patch"
+      - "release:silent"
+  default: patch
+exclude-labels:
+  - "release:silent"
+exclude-contributors:
+  - "macropygia"
+template: |
+  ## Changes
+
+  $CHANGES
+
+  **Full Changelog**: https://github.com/$OWNER/$REPOSITORY/compare/$PREVIOUS_TAG...v$RESOLVED_VERSION

.github/utils/token.sh

@@ -0,0 +1,41 @@
+#!/usr/bin/env bash
+
+base64url() {
+  openssl enc -base64 -A | tr '+/' '-_' | tr -d '='
+}
+
+sign() {
+  openssl dgst -binary -sha256 -sign <(printf '%s' "${PRIVATE_KEY}")
+}
+
+header="$(printf '{"alg":"RS256","typ":"JWT"}' | base64url)"
+now="$(date '+%s')"
+iat="$((now - 60))"
+exp="$((now + (3 * 60)))"
+template='{"iss":"%s","iat":%s,"exp":%s}'
+payload="$(printf "${template}" "${APP_ID}" "${iat}" "${exp}" | base64url)"
+echo "::add-mask::${payload}"
+signature="$(printf '%s' "${header}.${payload}" | sign | base64url)"
+echo "::add-mask::${signature}"
+jwt="${header}.${payload}.${signature}"
+echo "::add-mask::${jwt}"
+
+installation_id="$(curl --location --silent --request GET \
+  --url "${GITHUB_API_URL}/repos/${GITHUB_REPOSITORY}/installation" \
+  --header "Accept: application/vnd.github+json" \
+  --header "X-GitHub-Api-Version: 2022-11-28" \
+  --header "Authorization: Bearer ${jwt}" \
+  | jq -r '.id'
+)"
+
+repo_name="$(echo "${GITHUB_REPOSITORY}" | cut -d '/' -f 2)"
+token="$(curl --location --silent --request POST \
+  --url "${GITHUB_API_URL}/app/installations/${installation_id}/access_tokens" \
+  --header "Accept: application/vnd.github+json" \
+  --header "X-GitHub-Api-Version: 2022-11-28" \
+  --header "Authorization: Bearer ${jwt}" \
+  --data "$(printf '{"repositories":["%s"]}' "${repo_name}")" \
+  | jq -r '.token'
+)"
+echo "::add-mask::${token}"
+echo "token=${token}" >>"${GITHUB_OUTPUT}"

.github/workflows/checks-pr.yml

@@ -0,0 +1,35 @@
+name: Checks (PR)
+
+on:
+  push:
+    branches:
+      - main
+    paths:
+      - '**.ts'
+      - 'biome.json'
+      - 'package.json'
+      - 'tsconfig.json'
+      - '!**/.github/**'
+      - '!**/.vscode/**'
+      - '!**/examples/**'
+      - '!**/*.config.ts'
+      - '!./build.ts'
+  pull_request:
+    branches:
+      - main
+    types: [opened, reopened, synchronize]
+
+defaults:
+  run:
+    shell: bash
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - uses: oven-sh/setup-bun@v1
+      - run: bun install
+      - run: bun check:apply
+      - run: bun type-check
+      - run: bun test

.github/workflows/publish-dry-run.yml

@@ -0,0 +1,29 @@
+name: Publish (Manual/Dry-run)
+
+on:
+  workflow_dispatch:
+
+defaults:
+  run:
+    shell: bash
+
+permissions:
+  contents: write
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - uses: oven-sh/setup-bun@v1
+        with:
+          registry-url: 'https://registry.npmjs.org'
+      - run: bun install
+      - run: bun check:apply
+      - run: bun type-check
+      - run: bun test --coverage
+      - run: bun docs
+      - run: bun run build
+      - run: npm publish --dry-run
+        env:
+          NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}

.github/workflows/publish.yml

@@ -0,0 +1,68 @@
+name: Publish
+
+on:
+  release:
+    types: [released]
+
+defaults:
+  run:
+    shell: bash
+
+permissions:
+  contents: write
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Verify that tag and package.json match.
+        run: |
+          TAGGED_VERSION=$(echo "${{ github.ref_name }}" | grep -oP "[0-9]+\.[0-9]+\.[0-9]$")
+          PUBLISH_VERSION=$(jq --raw-output .version package.json)
+          if [ "$TAGGED_VERSION" != "$PUBLISH_VERSION" ]; then
+            exit 1
+          fi
+
+      - name: Build
+        uses: oven-sh/setup-bun@v1
+        with:
+          registry-url: 'https://registry.npmjs.org'
+      - run: bun install
+      - run: bun check:apply
+      - run: bun type-check
+      - run: bun test
+      - run: bun docs
+      - run: bun run build
+
+      - name: Publish
+        run: npm publish
+        env:
+          NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
+
+      # - uses: actions/setup-node@v4
+      #   with:
+      #     registry-url: 'https://npm.pkg.github.com'
+      # - run: npm publish
+      #   env:
+      #     NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Generate docs
+        uses: actions/upload-pages-artifact@v3
+        with:
+          path: ./docs
+
+  deploy:
+    needs: build
+    permissions:
+      pages: write
+      id-token: write
+    environment:
+      name: github-pages
+      url: ${{ steps.deployment.outputs.page_url }}
+    runs-on: ubuntu-latest
+    steps:
+      - name: Deploy docs to GitHub Pages
+        id: deployment
+        uses: actions/deploy-pages@v4

.github/workflows/release-drafter-pr.yml

@@ -0,0 +1,27 @@
+name: Release Drafter (PR)
+
+on:
+  pull_request:
+    branches:
+      - main
+    types: [opened, reopened, synchronize]
+
+defaults:
+  run:
+    shell: bash
+
+permissions:
+  contents: read
+
+jobs:
+  update_release_draft:
+    permissions:
+      contents: write
+      pull-requests: write
+    runs-on: ubuntu-latest
+    steps:
+      - uses: release-drafter/release-drafter@v6
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        with:
+          commitish: "main"