fix: use octokit in getSourceInfo() to prevent "rate limit"

[Hagith]

Octokit uses GITHUB_TOKEN to make authenticated request to github.

[socket-security]

New dependencies detected. Learn more about Socket for GitHub ↗︎

Package	New capabilities	Transitives	Size	Publisher
npm/@octokit/[email protected]	None	+13	6.15 MB	octokitbot

View full report↗︎

[tolu]

Thanks for the PR 🙏

I do however like to keep the module as small as possible and seeing octokit adding 6.5mb just to get at the token seems a lot in my mind.
I'd presume you could equally easy read the GITHUB_TOKEN from process.env and add the header in request.js instead.

I think that'd be a neater solution if you'd care to update the PR 😊

[Hagith]

Hello, thank you for the review.
I made this just by copying the same solution from vite-plugin-mkcert :)
IMHO additional 6.5mb in package used only as CLI tool is not as bad as it looks - I would definitely agree for the browser package :)
On the other hand using oficial GitHub API client feels more bulletproof from the long-term perspective.