One-command GitHub App onboarding — the manifest flow
Bring-your-own GitHub App · no central app · no persistent server
The CLI assembles a GitHub App manifest (name, minimal permissions, no webhook) and
starts a one-shot 127.0.0.1 callback listener — the gh auth login pattern.
A tiny locally-served HTML page auto-submits a form, POSTing the manifest to GitHub's create-app URL. The user doesn't fill anything in.
GitHub renders a pre-filled confirmation from the manifest. The user clicks once to create the App under their own account/org — loopy owns nothing.
Owned by acme-labs · private · no webhook
GitHub redirects to the local callback with a temporary ?code=. The CLI
exchanges it for the App's permanent credentials.
The app id and private key are merged into the existing loopy.env. The
key is stored inline (newlines escaped) rather than referenced by a file path, so
credential loading never depends on which --root a later command uses;
loopy.env is added to .gitignore since it now holds the key.
The CLI prints (and optionally opens) the install URL so the user chooses exactly which repos the App can touch.
Where do you want to install this app?
Best-effort: the CLI mints a scoped installation token from the stored key and reports what it can see.
long-lived secret lives here, only here
loopy.env) — the App private keyonly ephemeral, repo-scoped creds enter