@allstak/wizard 0.1.3 → 0.1.5

package/dist/security-snapshot/builder.js

@@ -0,0 +1,343 @@
+import { existsSync, readdirSync, readFileSync } from 'node:fs';
+import { basename, dirname, relative, resolve } from 'node:path';
+import { detectFramework, detectMonorepo, detectPackageManager } from '../detect/index.js';
+const PARSER_VERSION = '2026-05-08';
+const DEFAULT_MAX_DEPENDENCIES = 10_000;
+export function buildDependencySnapshot(opts = {}) {
+    const cwd = resolve(opts.cwd ?? process.cwd());
+    const projectRoot = findSnapshotRoot(cwd);
+    const detected = detectFramework(projectRoot);
+    const pm = detectPackageManager(projectRoot).pm;
+    const monorepo = detectMonorepo(cwd);
+    const packageDirs = discoverPackageDirs(projectRoot, cwd);
+    const dependencies = new Map();
+    const manifests = new Set();
+    const lockfiles = new Set();
+    let truncated = false;
+    for (const packageDir of packageDirs) {
+        const pkgPath = resolve(packageDir, 'package.json');
+        const pkg = readPackageJson(pkgPath);
+        if (pkg) {
+            manifests.add(rel(projectRoot, pkgPath));
+            addPackageJsonDependencies(dependencies, pkg, rel(projectRoot, pkgPath), rel(projectRoot, packageDir), pm);
+        }
+    }
+    const packageLock = resolve(projectRoot, 'package-lock.json');
+    if (existsSync(packageLock)) {
+        lockfiles.add('package-lock.json');
+        parsePackageLock(dependencies, packageLock, projectRoot, pm);
+    }
+    const pnpmLock = resolve(projectRoot, 'pnpm-lock.yaml');
+    if (existsSync(pnpmLock)) {
+        lockfiles.add('pnpm-lock.yaml');
+        parsePnpmLock(dependencies, pnpmLock, projectRoot, pm);
+    }
+    const yarnLock = resolve(projectRoot, 'yarn.lock');
+    if (existsSync(yarnLock)) {
+        lockfiles.add('yarn.lock');
+        parseYarnLock(dependencies, yarnLock, projectRoot, pm);
+    }
+    const pomFiles = discoverPomFiles(projectRoot, cwd);
+    for (const pomPath of pomFiles) {
+        manifests.add(rel(projectRoot, pomPath));
+        parsePomXml(dependencies, pomPath, projectRoot);
+    }
+    const max = opts.maxDependencies ?? DEFAULT_MAX_DEPENDENCIES;
+    let items = Array.from(dependencies.values())
+        .filter((dep) => dep.name && dep.version && !dep.version.includes('${'))
+        .sort((a, b) => `${a.ecosystem}:${a.name}:${a.version}`.localeCompare(`${b.ecosystem}:${b.name}:${b.version}`));
+    if (items.length > max) {
+        items = items.slice(0, max);
+        truncated = true;
+    }
+    return {
+        sourceType: opts.sourceType ?? 'wizard',
+        sourceRef: opts.sourceRef ?? workspaceName(packageDirs[0] ?? cwd) ?? undefined,
+        sourceCommitSha: opts.sourceCommitSha,
+        sourceBranch: opts.sourceBranch,
+        environment: opts.environment,
+        manifestCount: manifests.size,
+        dependencies: items,
+        metadata: {
+            framework: opts.framework ?? detected.candidates[0],
+            runtime: detected.candidates.includes('java') ? 'java' : detected.packageJson ? 'node' : undefined,
+            environment: opts.environment,
+            packageManager: pm,
+            nodeVersion: process.versions.node,
+            javaVersion: process.env.JAVA_VERSION,
+            monorepoTool: monorepo.tool,
+            workspaceName: workspaceName(packageDirs[0] ?? cwd),
+            lockfiles: Array.from(lockfiles),
+            manifests: Array.from(manifests).sort(),
+            parserVersion: PARSER_VERSION,
+            truncated,
+        },
+    };
+}
+function findSnapshotRoot(cwd) {
+    const monorepo = detectMonorepo(cwd);
+    if (monorepo.rootDir)
+        return monorepo.rootDir;
+    let dir = cwd;
+    while (true) {
+        if (existsSync(resolve(dir, 'package-lock.json')) || existsSync(resolve(dir, 'pnpm-lock.yaml')) || existsSync(resolve(dir, 'yarn.lock'))) {
+            return dir;
+        }
+        if (existsSync(resolve(dir, 'package.json')) || existsSync(resolve(dir, 'pom.xml')))
+            return dir;
+        const parent = dirname(dir);
+        if (parent === dir)
+            return cwd;
+        dir = parent;
+    }
+}
+function discoverPackageDirs(root, cwd) {
+    const dirs = new Set();
+    const rootPkg = readPackageJson(resolve(root, 'package.json'));
+    if (rootPkg)
+        dirs.add(root);
+    const patterns = workspacePatterns(rootPkg);
+    for (const pattern of patterns) {
+        for (const dir of expandWorkspacePattern(root, pattern))
+            dirs.add(dir);
+    }
+    const cwdPkg = readPackageJson(resolve(cwd, 'package.json'));
+    if (cwdPkg)
+        dirs.add(cwd);
+    return Array.from(dirs).sort();
+}
+function discoverPomFiles(root, cwd) {
+    const found = new Set();
+    for (const dir of [root, cwd]) {
+        const pom = resolve(dir, 'pom.xml');
+        if (existsSync(pom))
+            found.add(pom);
+    }
+    const modules = readPomModules(resolve(root, 'pom.xml'));
+    for (const mod of modules) {
+        const pom = resolve(root, mod, 'pom.xml');
+        if (existsSync(pom))
+            found.add(pom);
+    }
+    return Array.from(found).sort();
+}
+function readPackageJson(path) {
+    if (!existsSync(path))
+        return null;
+    try {
+        return JSON.parse(readFileSync(path, 'utf8'));
+    }
+    catch {
+        return null;
+    }
+}
+function addPackageJsonDependencies(out, pkg, sourceFile, packageDir, manager) {
+    const groups = [
+        ['production', pkg.dependencies],
+        ['development', pkg.devDependencies],
+        ['optional', pkg.optionalDependencies],
+        ['peer', pkg.peerDependencies],
+    ];
+    for (const [scope, deps] of groups) {
+        for (const [name, version] of Object.entries(deps ?? {})) {
+            add(out, {
+                ecosystem: 'npm',
+                name,
+                version: normalizeVersion(version),
+                scope,
+                direct: true,
+                sourceFile,
+                manager,
+                path: packageDir && packageDir !== '.' ? [packageDir] : undefined,
+            });
+        }
+    }
+}
+function parsePackageLock(out, lockPath, root, manager) {
+    try {
+        const lock = JSON.parse(readFileSync(lockPath, 'utf8'));
+        const rootPackage = lock.packages?.[''];
+        const directNames = new Set([
+            ...Object.keys(rootPackage?.dependencies ?? {}),
+            ...Object.keys(rootPackage?.devDependencies ?? {}),
+            ...Object.keys(rootPackage?.optionalDependencies ?? {}),
+            ...Object.keys(rootPackage?.peerDependencies ?? {}),
+        ]);
+        for (const [path, meta] of Object.entries(lock.packages ?? {})) {
+            if (!path.startsWith('node_modules/') || !meta.version)
+                continue;
+            const name = packageNameFromNodeModules(path);
+            if (!name)
+                continue;
+            add(out, {
+                ecosystem: 'npm',
+                name,
+                version: normalizeVersion(meta.version),
+                scope: meta.optional ? 'optional' : meta.peer ? 'peer' : meta.dev ? 'development' : 'production',
+                direct: directNames.has(name),
+                sourceFile: rel(root, lockPath),
+                manager,
+            });
+        }
+        for (const [name, meta] of Object.entries(lock.dependencies ?? {})) {
+            if (!meta.version)
+                continue;
+            add(out, {
+                ecosystem: 'npm',
+                name,
+                version: normalizeVersion(meta.version),
+                scope: meta.optional ? 'optional' : meta.dev ? 'development' : 'production',
+                direct: false,
+                sourceFile: rel(root, lockPath),
+                manager,
+            });
+        }
+    }
+    catch {
+        // Ignore malformed lockfiles; package.json fallback remains useful.
+    }
+}
+function parsePnpmLock(out, lockPath, root, manager) {
+    const text = readFileSync(lockPath, 'utf8');
+    const seen = new Set();
+    for (const line of text.split(/\r?\n/)) {
+        const match = line.match(/^\s{2}['"]?(?:\/)?((?:@[^/\s'"]+\/)?[^@\s'":]+)@([^'":\s(]+)(?:\([^'"]+\))?['"]?:\s*$/);
+        if (!match)
+            continue;
+        const [, name, version] = match;
+        if (!name || !version || name === 'lockfileVersion' || seen.has(`${name}@${version}`))
+            continue;
+        seen.add(`${name}@${version}`);
+        add(out, {
+            ecosystem: 'npm',
+            name,
+            version: normalizeVersion(version),
+            scope: 'unknown',
+            direct: false,
+            sourceFile: rel(root, lockPath),
+            manager,
+        });
+    }
+}
+function parseYarnLock(out, lockPath, root, manager) {
+    const lines = readFileSync(lockPath, 'utf8').split(/\r?\n/);
+    for (let i = 0; i < lines.length; i += 1) {
+        const header = lines[i] ?? '';
+        if (/^\s/.test(header) || !header.includes('@') || header.startsWith('#'))
+            continue;
+        const versionLine = lines.slice(i + 1, i + 8).find((line) => /^\s+version\s+/.test(line));
+        if (!versionLine)
+            continue;
+        const version = versionLine.replace(/^\s+version\s+/, '').replace(/"/g, '').trim();
+        for (const name of packageNamesFromYarnHeader(header)) {
+            add(out, {
+                ecosystem: 'npm',
+                name,
+                version: normalizeVersion(version),
+                scope: 'unknown',
+                direct: false,
+                sourceFile: rel(root, lockPath),
+                manager,
+            });
+        }
+    }
+}
+function parsePomXml(out, pomPath, root) {
+    const text = readFileSync(pomPath, 'utf8');
+    const dependencyBlocks = text.match(/<dependency>[\s\S]*?<\/dependency>/g) ?? [];
+    for (const block of dependencyBlocks) {
+        const groupId = xmlTag(block, 'groupId');
+        const artifactId = xmlTag(block, 'artifactId');
+        const version = xmlTag(block, 'version');
+        if (!groupId || !artifactId || !version)
+            continue;
+        const scope = xmlTag(block, 'scope');
+        add(out, {
+            ecosystem: 'maven',
+            name: `${groupId}:${artifactId}`,
+            version: normalizeVersion(version),
+            scope: scope === 'test' ? 'development' : scope === 'provided' ? 'peer' : 'production',
+            direct: true,
+            sourceFile: rel(root, pomPath),
+            manager: 'maven',
+        });
+    }
+}
+function readPomModules(pomPath) {
+    if (!existsSync(pomPath))
+        return [];
+    const text = readFileSync(pomPath, 'utf8');
+    return Array.from(text.matchAll(/<module>([^<]+)<\/module>/g)).map((match) => match[1].trim()).filter(Boolean);
+}
+function xmlTag(text, tag) {
+    const match = text.match(new RegExp(`<${tag}>\\s*([^<]+?)\\s*</${tag}>`));
+    return match?.[1]?.trim() ?? null;
+}
+function packageNameFromNodeModules(path) {
+    const parts = path.split('node_modules/').filter(Boolean);
+    const last = parts[parts.length - 1];
+    if (!last)
+        return null;
+    const segs = last.split('/');
+    return segs[0]?.startsWith('@') ? `${segs[0]}/${segs[1]}` : segs[0] ?? null;
+}
+function packageNamesFromYarnHeader(header) {
+    return header
+        .replace(/:$/, '')
+        .split(/,\s*/)
+        .map((entry) => entry.trim().replace(/^"|"$/g, ''))
+        .map((entry) => {
+        if (entry.startsWith('@')) {
+            const at = entry.indexOf('@', 1);
+            return at > 0 ? entry.slice(0, at) : entry;
+        }
+        const at = entry.indexOf('@');
+        return at > 0 ? entry.slice(0, at) : entry;
+    })
+        .filter(Boolean);
+}
+function add(out, dep) {
+    if (!dep.name || !dep.version || dep.version === '*' || dep.version.startsWith('file:') || dep.version.startsWith('workspace:'))
+        return;
+    const key = `${dep.ecosystem}:${dep.name}:${dep.version}`;
+    const existing = out.get(key);
+    if (!existing) {
+        out.set(key, dep);
+        return;
+    }
+    if (!existing.direct && dep.direct)
+        existing.direct = true;
+    if (existing.scope === 'unknown' && dep.scope !== 'unknown')
+        existing.scope = dep.scope;
+    if (!existing.sourceFile && dep.sourceFile)
+        existing.sourceFile = dep.sourceFile;
+}
+function normalizeVersion(version) {
+    return version.trim().replace(/^[~^=<> ]+/, '').replace(/^v/, '');
+}
+function workspacePatterns(pkg) {
+    if (!pkg?.workspaces)
+        return [];
+    if (Array.isArray(pkg.workspaces))
+        return pkg.workspaces;
+    return pkg.workspaces.packages ?? [];
+}
+function expandWorkspacePattern(root, pattern) {
+    if (!pattern.endsWith('/*'))
+        return [];
+    const base = resolve(root, pattern.slice(0, -2));
+    if (!existsSync(base))
+        return [];
+    return readdirSync(base, { withFileTypes: true })
+        .filter((entry) => entry.isDirectory())
+        .map((entry) => resolve(base, entry.name))
+        .filter((dir) => existsSync(resolve(dir, 'package.json')));
+}
+function workspaceName(dir) {
+    const pkg = readPackageJson(resolve(dir, 'package.json'));
+    return pkg?.name ?? basename(dir) ?? null;
+}
+function rel(root, path) {
+    return relative(root, path) || basename(path);
+}
+//# sourceMappingURL=builder.js.map

package/dist/security-snapshot/builder.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"builder.js","sourceRoot":"","sources":["../../src/security-snapshot/builder.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,WAAW,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AAChE,OAAO,EAAE,QAAQ,EAAE,OAAO,EAAE,QAAQ,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AACjE,OAAO,EAAE,eAAe,EAAE,cAAc,EAAE,oBAAoB,EAAE,MAAM,oBAAoB,CAAC;AAQ3F,MAAM,cAAc,GAAG,YAAY,CAAC;AACpC,MAAM,wBAAwB,GAAG,MAAM,CAAC;AAaxC,MAAM,UAAU,uBAAuB,CAAC,OAA6B,EAAE;IACrE,MAAM,GAAG,GAAG,OAAO,CAAC,IAAI,CAAC,GAAG,IAAI,OAAO,CAAC,GAAG,EAAE,CAAC,CAAC;IAC/C,MAAM,WAAW,GAAG,gBAAgB,CAAC,GAAG,CAAC,CAAC;IAC1C,MAAM,QAAQ,GAAG,eAAe,CAAC,WAAW,CAAC,CAAC;IAC9C,MAAM,EAAE,GAAG,oBAAoB,CAAC,WAAW,CAAC,CAAC,EAAE,CAAC;IAChD,MAAM,QAAQ,GAAG,cAAc,CAAC,GAAG,CAAC,CAAC;IACrC,MAAM,WAAW,GAAG,mBAAmB,CAAC,WAAW,EAAE,GAAG,CAAC,CAAC;IAC1D,MAAM,YAAY,GAAG,IAAI,GAAG,EAA8B,CAAC;IAC3D,MAAM,SAAS,GAAG,IAAI,GAAG,EAAU,CAAC;IACpC,MAAM,SAAS,GAAG,IAAI,GAAG,EAAU,CAAC;IACpC,IAAI,SAAS,GAAG,KAAK,CAAC;IAEtB,KAAK,MAAM,UAAU,IAAI,WAAW,EAAE,CAAC;QACrC,MAAM,OAAO,GAAG,OAAO,CAAC,UAAU,EAAE,cAAc,CAAC,CAAC;QACpD,MAAM,GAAG,GAAG,eAAe,CAAC,OAAO,CAAC,CAAC;QACrC,IAAI,GAAG,EAAE,CAAC;YACR,SAAS,CAAC,GAAG,CAAC,GAAG,CAAC,WAAW,EAAE,OAAO,CAAC,CAAC,CAAC;YACzC,0BAA0B,CAAC,YAAY,EAAE,GAAG,EAAE,GAAG,CAAC,WAAW,EAAE,OAAO,CAAC,EAAE,GAAG,CAAC,WAAW,EAAE,UAAU,CAAC,EAAE,EAAE,CAAC,CAAC;QAC7G,CAAC;IACH,CAAC;IAED,MAAM,WAAW,GAAG,OAAO,CAAC,WAAW,EAAE,mBAAmB,CAAC,CAAC;IAC9D,IAAI,UAAU,CAAC,WAAW,CAAC,EAAE,CAAC;QAC5B,SAAS,CAAC,GAAG,CAAC,mBAAmB,CAAC,CAAC;QACnC,gBAAgB,CAAC,YAAY,EAAE,WAAW,EAAE,WAAW,EAAE,EAAE,CAAC,CAAC;IAC/D,CAAC;IAED,MAAM,QAAQ,GAAG,OAAO,CAAC,WAAW,EAAE,gBAAgB,CAAC,CAAC;IACxD,IAAI,UAAU,CAAC,QAAQ,CAAC,EAAE,CAAC;QACzB,SAAS,CAAC,GAAG,CAAC,gBAAgB,CAAC,CAAC;QAChC,aAAa,CAAC,YAAY,EAAE,QAAQ,EAAE,WAAW,EAAE,EAAE,CAAC,CAAC;IACzD,CAAC;IAED,MAAM,QAAQ,GAAG,OAAO,CAAC,WAAW,EAAE,WAAW,CAAC,CAAC;IACnD,IAAI,UAAU,CAAC,QAAQ,CAAC,EAAE,CAAC;QACzB,SAAS,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC;QAC3B,aAAa,CAAC,YAAY,EAAE,QAAQ,EAAE,WAAW,EAAE,EAAE,CAAC,CAAC;IACzD,CAAC;IAED,MAAM,QAAQ,GAAG,gBAAgB,CAAC,WAAW,EAAE,GAAG,CAAC,CAAC;IACpD,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;QAC/B,SAAS,CAAC,GAAG,CAAC,GAAG,CAAC,WAAW,EAAE,OAAO,CAAC,CAAC,CAAC;QACzC,WAAW,CAAC,YAAY,EAAE,OAAO,EAAE,WAAW,CAAC,CAAC;IAClD,CAAC;IAED,MAAM,GAAG,GAAG,IAAI,CAAC,eAAe,IAAI,wBAAwB,CAAC;IAC7D,IAAI,KAAK,GAAG,KAAK,CAAC,IAAI,CAAC,YAAY,CAAC,MAAM,EAAE,CAAC;SAC1C,MAAM,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,IAAI,IAAI,GAAG,CAAC,OAAO,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;SACvE,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,SAAS,IAAI,CAAC,CAAC,IAAI,IAAI,CAAC,CAAC,OAAO,EAAE,CAAC,aAAa,CAAC,GAAG,CAAC,CAAC,SAAS,IAAI,CAAC,CAAC,IAAI,IAAI,CAAC,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC;IAClH,IAAI,KAAK,CAAC,MAAM,GAAG,GAAG,EAAE,CAAC;QACvB,KAAK,GAAG,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;QAC5B,SAAS,GAAG,IAAI,CAAC;IACnB,CAAC;IAED,OAAO;QACL,UAAU,EAAE,IAAI,CAAC,UAAU,IAAI,QAAQ;QACvC,SAAS,EAAE,IAAI,CAAC,SAAS,IAAI,aAAa,CAAC,WAAW,CAAC,CAAC,CAAC,IAAI,GAAG,CAAC,IAAI,SAAS;QAC9E,eAAe,EAAE,IAAI,CAAC,eAAe;QACrC,YAAY,EAAE,IAAI,CAAC,YAAY;QAC/B,WAAW,EAAE,IAAI,CAAC,WAAW;QAC7B,aAAa,EAAE,SAAS,CAAC,IAAI;QAC7B,YAAY,EAAE,KAAK;QACnB,QAAQ,EAAE;YACR,SAAS,EAAE,IAAI,CAAC,SAAS,IAAI,QAAQ,CAAC,UAAU,CAAC,CAAC,CAAC;YACnD,OAAO,EAAE,QAAQ,CAAC,UAAU,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS;YAClG,WAAW,EAAE,IAAI,CAAC,WAAW;YAC7B,cAAc,EAAE,EAAE;YAClB,WAAW,EAAE,OAAO,CAAC,QAAQ,CAAC,IAAI;YAClC,WAAW,EAAE,OAAO,CAAC,GAAG,CAAC,YAAY;YACrC,YAAY,EAAE,QAAQ,CAAC,IAAI;YAC3B,aAAa,EAAE,aAAa,CAAC,WAAW,CAAC,CAAC,CAAC,IAAI,GAAG,CAAC;YACnD,SAAS,EAAE,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC;YAChC,SAAS,EAAE,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,IAAI,EAAE;YACvC,aAAa,EAAE,cAAc;YAC7B,SAAS;SACV;KACF,CAAC;AACJ,CAAC;AAED,SAAS,gBAAgB,CAAC,GAAW;IACnC,MAAM,QAAQ,GAAG,cAAc,CAAC,GAAG,CAAC,CAAC;IACrC,IAAI,QAAQ,CAAC,OAAO;QAAE,OAAO,QAAQ,CAAC,OAAO,CAAC;IAC9C,IAAI,GAAG,GAAG,GAAG,CAAC;IACd,OAAO,IAAI,EAAE,CAAC;QACZ,IAAI,UAAU,CAAC,OAAO,CAAC,GAAG,EAAE,mBAAmB,CAAC,CAAC,IAAI,UAAU,CAAC,OAAO,CAAC,GAAG,EAAE,gBAAgB,CAAC,CAAC,IAAI,UAAU,CAAC,OAAO,CAAC,GAAG,EAAE,WAAW,CAAC,CAAC,EAAE,CAAC;YACzI,OAAO,GAAG,CAAC;QACb,CAAC;QACD,IAAI,UAAU,CAAC,OAAO,CAAC,GAAG,EAAE,cAAc,CAAC,CAAC,IAAI,UAAU,CAAC,OAAO,CAAC,GAAG,EAAE,SAAS,CAAC,CAAC;YAAE,OAAO,GAAG,CAAC;QAChG,MAAM,MAAM,GAAG,OAAO,CAAC,GAAG,CAAC,CAAC;QAC5B,IAAI,MAAM,KAAK,GAAG;YAAE,OAAO,GAAG,CAAC;QAC/B,GAAG,GAAG,MAAM,CAAC;IACf,CAAC;AACH,CAAC;AAED,SAAS,mBAAmB,CAAC,IAAY,EAAE,GAAW;IACpD,MAAM,IAAI,GAAG,IAAI,GAAG,EAAU,CAAC;IAC/B,MAAM,OAAO,GAAG,eAAe,CAAC,OAAO,CAAC,IAAI,EAAE,cAAc,CAAC,CAAC,CAAC;IAC/D,IAAI,OAAO;QAAE,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;IAC5B,MAAM,QAAQ,GAAG,iBAAiB,CAAC,OAAO,CAAC,CAAC;IAC5C,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;QAC/B,KAAK,MAAM,GAAG,IAAI,sBAAsB,CAAC,IAAI,EAAE,OAAO,CAAC;YAAE,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;IACzE,CAAC;IACD,MAAM,MAAM,GAAG,eAAe,CAAC,OAAO,CAAC,GAAG,EAAE,cAAc,CAAC,CAAC,CAAC;IAC7D,IAAI,MAAM;QAAE,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;IAC1B,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE,CAAC;AACjC,CAAC;AAED,SAAS,gBAAgB,CAAC,IAAY,EAAE,GAAW;IACjD,MAAM,KAAK,GAAG,IAAI,GAAG,EAAU,CAAC;IAChC,KAAK,MAAM,GAAG,IAAI,CAAC,IAAI,EAAE,GAAG,CAAC,EAAE,CAAC;QAC9B,MAAM,GAAG,GAAG,OAAO,CAAC,GAAG,EAAE,SAAS,CAAC,CAAC;QACpC,IAAI,UAAU,CAAC,GAAG,CAAC;YAAE,KAAK,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;IACtC,CAAC;IACD,MAAM,OAAO,GAAG,cAAc,CAAC,OAAO,CAAC,IAAI,EAAE,SAAS,CAAC,CAAC,CAAC;IACzD,KAAK,MAAM,GAAG,IAAI,OAAO,EAAE,CAAC;QAC1B,MAAM,GAAG,GAAG,OAAO,CAAC,IAAI,EAAE,GAAG,EAAE,SAAS,CAAC,CAAC;QAC1C,IAAI,UAAU,CAAC,GAAG,CAAC;YAAE,KAAK,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;IACtC,CAAC;IACD,OAAO,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,IAAI,EAAE,CAAC;AAClC,CAAC;AAED,SAAS,eAAe,CAAC,IAAY;IACnC,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC;QAAE,OAAO,IAAI,CAAC;IACnC,IAAI,CAAC;QACH,OAAO,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,IAAI,EAAE,MAAM,CAAC,CAAgB,CAAC;IAC/D,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC;AAED,SAAS,0BAA0B,CACjC,GAAoC,EACpC,GAAgB,EAChB,UAAkB,EAClB,UAAkB,EAClB,OAAe;IAEf,MAAM,MAAM,GAAiE;QAC3E,CAAC,YAAY,EAAE,GAAG,CAAC,YAAY,CAAC;QAChC,CAAC,aAAa,EAAE,GAAG,CAAC,eAAe,CAAC;QACpC,CAAC,UAAU,EAAE,GAAG,CAAC,oBAAoB,CAAC;QACtC,CAAC,MAAM,EAAE,GAAG,CAAC,gBAAgB,CAAC;KAC/B,CAAC;IACF,KAAK,MAAM,CAAC,KAAK,EAAE,IAAI,CAAC,IAAI,MAAM,EAAE,CAAC;QACnC,KAAK,MAAM,CAAC,IAAI,EAAE,OAAO,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,IAAI,IAAI,EAAE,CAAC,EAAE,CAAC;YACzD,GAAG,CAAC,GAAG,EAAE;gBACP,SAAS,EAAE,KAAK;gBAChB,IAAI;gBACJ,OAAO,EAAE,gBAAgB,CAAC,OAAO,CAAC;gBAClC,KAAK;gBACL,MAAM,EAAE,IAAI;gBACZ,UAAU;gBACV,OAAO;gBACP,IAAI,EAAE,UAAU,IAAI,UAAU,KAAK,GAAG,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,SAAS;aAClE,CAAC,CAAC;QACL,CAAC;IACH,CAAC;AACH,CAAC;AAED,SAAS,gBAAgB,CAAC,GAAoC,EAAE,QAAgB,EAAE,IAAY,EAAE,OAAe;IAC7G,IAAI,CAAC;QACH,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,QAAQ,EAAE,MAAM,CAAC,CAGrD,CAAC;QACF,MAAM,WAAW,GAAG,IAAI,CAAC,QAAQ,EAAE,CAAC,EAAE,CAAC,CAAC;QACxC,MAAM,WAAW,GAAG,IAAI,GAAG,CAAC;YAC1B,GAAG,MAAM,CAAC,IAAI,CAAC,WAAW,EAAE,YAAY,IAAI,EAAE,CAAC;YAC/C,GAAG,MAAM,CAAC,IAAI,CAAC,WAAW,EAAE,eAAe,IAAI,EAAE,CAAC;YAClD,GAAG,MAAM,CAAC,IAAI,CAAC,WAAW,EAAE,oBAAoB,IAAI,EAAE,CAAC;YACvD,GAAG,MAAM,CAAC,IAAI,CAAC,WAAW,EAAE,gBAAgB,IAAI,EAAE,CAAC;SACpD,CAAC,CAAC;QACH,KAAK,MAAM,CAAC,IAAI,EAAE,IAAI,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,QAAQ,IAAI,EAAE,CAAC,EAAE,CAAC;YAC/D,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,eAAe,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO;gBAAE,SAAS;YACjE,MAAM,IAAI,GAAG,0BAA0B,CAAC,IAAI,CAAC,CAAC;YAC9C,IAAI,CAAC,IAAI;gBAAE,SAAS;YACpB,GAAG,CAAC,GAAG,EAAE;gBACP,SAAS,EAAE,KAAK;gBAChB,IAAI;gBACJ,OAAO,EAAE,gBAAgB,CAAC,IAAI,CAAC,OAAO,CAAC;gBACvC,KAAK,EAAE,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,aAAa,CAAC,CAAC,CAAC,YAAY;gBAChG,MAAM,EAAE,WAAW,CAAC,GAAG,CAAC,IAAI,CAAC;gBAC7B,UAAU,EAAE,GAAG,CAAC,IAAI,EAAE,QAAQ,CAAC;gBAC/B,OAAO;aACR,CAAC,CAAC;QACL,CAAC;QACD,KAAK,MAAM,CAAC,IAAI,EAAE,IAAI,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,YAAY,IAAI,EAAE,CAAC,EAAE,CAAC;YACnE,IAAI,CAAC,IAAI,CAAC,OAAO;gBAAE,SAAS;YAC5B,GAAG,CAAC,GAAG,EAAE;gBACP,SAAS,EAAE,KAAK;gBAChB,IAAI;gBACJ,OAAO,EAAE,gBAAgB,CAAC,IAAI,CAAC,OAAO,CAAC;gBACvC,KAAK,EAAE,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,aAAa,CAAC,CAAC,CAAC,YAAY;gBAC3E,MAAM,EAAE,KAAK;gBACb,UAAU,EAAE,GAAG,CAAC,IAAI,EAAE,QAAQ,CAAC;gBAC/B,OAAO;aACR,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAAC,MAAM,CAAC;QACP,oEAAoE;IACtE,CAAC;AACH,CAAC;AAED,SAAS,aAAa,CAAC,GAAoC,EAAE,QAAgB,EAAE,IAAY,EAAE,OAAe;IAC1G,MAAM,IAAI,GAAG,YAAY,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAC;IAC5C,MAAM,IAAI,GAAG,IAAI,GAAG,EAAU,CAAC;IAC/B,KAAK,MAAM,IAAI,IAAI,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,EAAE,CAAC;QACvC,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,uFAAuF,CAAC,CAAC;QAClH,IAAI,CAAC,KAAK;YAAE,SAAS;QACrB,MAAM,CAAC,EAAE,IAAI,EAAE,OAAO,CAAC,GAAG,KAAK,CAAC;QAChC,IAAI,CAAC,IAAI,IAAI,CAAC,OAAO,IAAI,IAAI,KAAK,iBAAiB,IAAI,IAAI,CAAC,GAAG,CAAC,GAAG,IAAI,IAAI,OAAO,EAAE,CAAC;YAAE,SAAS;QAChG,IAAI,CAAC,GAAG,CAAC,GAAG,IAAI,IAAI,OAAO,EAAE,CAAC,CAAC;QAC/B,GAAG,CAAC,GAAG,EAAE;YACP,SAAS,EAAE,KAAK;YAChB,IAAI;YACJ,OAAO,EAAE,gBAAgB,CAAC,OAAO,CAAC;YAClC,KAAK,EAAE,SAAS;YAChB,MAAM,EAAE,KAAK;YACb,UAAU,EAAE,GAAG,CAAC,IAAI,EAAE,QAAQ,CAAC;YAC/B,OAAO;SACR,CAAC,CAAC;IACL,CAAC;AACH,CAAC;AAED,SAAS,aAAa,CAAC,GAAoC,EAAE,QAAgB,EAAE,IAAY,EAAE,OAAe;IAC1G,MAAM,KAAK,GAAG,YAAY,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;IAC5D,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC;QACzC,MAAM,MAAM,GAAG,KAAK,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;QAC9B,IAAI,KAAK,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,GAAG,CAAC,IAAI,MAAM,CAAC,UAAU,CAAC,GAAG,CAAC;YAAE,SAAS;QACpF,MAAM,WAAW,GAAG,KAAK,CAAC,KAAK,CAAC,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,gBAAgB,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;QAC1F,IAAI,CAAC,WAAW;YAAE,SAAS;QAC3B,MAAM,OAAO,GAAG,WAAW,CAAC,OAAO,CAAC,gBAAgB,EAAE,EAAE,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC;QACnF,KAAK,MAAM,IAAI,IAAI,0BAA0B,CAAC,MAAM,CAAC,EAAE,CAAC;YACtD,GAAG,CAAC,GAAG,EAAE;gBACP,SAAS,EAAE,KAAK;gBAChB,IAAI;gBACJ,OAAO,EAAE,gBAAgB,CAAC,OAAO,CAAC;gBAClC,KAAK,EAAE,SAAS;gBAChB,MAAM,EAAE,KAAK;gBACb,UAAU,EAAE,GAAG,CAAC,IAAI,EAAE,QAAQ,CAAC;gBAC/B,OAAO;aACR,CAAC,CAAC;QACL,CAAC;IACH,CAAC;AACH,CAAC;AAED,SAAS,WAAW,CAAC,GAAoC,EAAE,OAAe,EAAE,IAAY;IACtF,MAAM,IAAI,GAAG,YAAY,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;IAC3C,MAAM,gBAAgB,GAAG,IAAI,CAAC,KAAK,CAAC,qCAAqC,CAAC,IAAI,EAAE,CAAC;IACjF,KAAK,MAAM,KAAK,IAAI,gBAAgB,EAAE,CAAC;QACrC,MAAM,OAAO,GAAG,MAAM,CAAC,KAAK,EAAE,SAAS,CAAC,CAAC;QACzC,MAAM,UAAU,GAAG,MAAM,CAAC,KAAK,EAAE,YAAY,CAAC,CAAC;QAC/C,MAAM,OAAO,GAAG,MAAM,CAAC,KAAK,EAAE,SAAS,CAAC,CAAC;QACzC,IAAI,CAAC,OAAO,IAAI,CAAC,UAAU,IAAI,CAAC,OAAO;YAAE,SAAS;QAClD,MAAM,KAAK,GAAG,MAAM,CAAC,KAAK,EAAE,OAAO,CAAC,CAAC;QACrC,GAAG,CAAC,GAAG,EAAE;YACP,SAAS,EAAE,OAAO;YAClB,IAAI,EAAE,GAAG,OAAO,IAAI,UAAU,EAAE;YAChC,OAAO,EAAE,gBAAgB,CAAC,OAAO,CAAC;YAClC,KAAK,EAAE,KAAK,KAAK,MAAM,CAAC,CAAC,CAAC,aAAa,CAAC,CAAC,CAAC,KAAK,KAAK,UAAU,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,YAAY;YACtF,MAAM,EAAE,IAAI;YACZ,UAAU,EAAE,GAAG,CAAC,IAAI,EAAE,OAAO,CAAC;YAC9B,OAAO,EAAE,OAAO;SACjB,CAAC,CAAC;IACL,CAAC;AACH,CAAC;AAED,SAAS,cAAc,CAAC,OAAe;IACrC,IAAI,CAAC,UAAU,CAAC,OAAO,CAAC;QAAE,OAAO,EAAE,CAAC;IACpC,MAAM,IAAI,GAAG,YAAY,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;IAC3C,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,4BAA4B,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,CAAC,CAAE,CAAC,IAAI,EAAE,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;AAClH,CAAC;AAED,SAAS,MAAM,CAAC,IAAY,EAAE,GAAW;IACvC,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,MAAM,CAAC,IAAI,GAAG,sBAAsB,GAAG,GAAG,CAAC,CAAC,CAAC;IAC1E,OAAO,KAAK,EAAE,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE,IAAI,IAAI,CAAC;AACpC,CAAC;AAED,SAAS,0BAA0B,CAAC,IAAY;IAC9C,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,eAAe,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;IAC1D,MAAM,IAAI,GAAG,KAAK,CAAC,KAAK,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;IACrC,IAAI,CAAC,IAAI;QAAE,OAAO,IAAI,CAAC;IACvB,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IAC7B,OAAO,IAAI,CAAC,CAAC,CAAC,EAAE,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,IAAI,CAAC;AAC9E,CAAC;AAED,SAAS,0BAA0B,CAAC,MAAc;IAChD,OAAO,MAAM;SACV,OAAO,CAAC,IAAI,EAAE,EAAE,CAAC;SACjB,KAAK,CAAC,MAAM,CAAC;SACb,GAAG,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,IAAI,EAAE,CAAC,OAAO,CAAC,QAAQ,EAAE,EAAE,CAAC,CAAC;SAClD,GAAG,CAAC,CAAC,KAAK,EAAE,EAAE;QACb,IAAI,KAAK,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;YAC1B,MAAM,EAAE,GAAG,KAAK,CAAC,OAAO,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC;YACjC,OAAO,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC;QAC7C,CAAC;QACD,MAAM,EAAE,GAAG,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;QAC9B,OAAO,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC;IAC7C,CAAC,CAAC;SACD,MAAM,CAAC,OAAO,CAAC,CAAC;AACrB,CAAC;AAED,SAAS,GAAG,CAAC,GAAoC,EAAE,GAAuB;IACxE,IAAI,CAAC,GAAG,CAAC,IAAI,IAAI,CAAC,GAAG,CAAC,OAAO,IAAI,GAAG,CAAC,OAAO,KAAK,GAAG,IAAI,GAAG,CAAC,OAAO,CAAC,UAAU,CAAC,OAAO,CAAC,IAAI,GAAG,CAAC,OAAO,CAAC,UAAU,CAAC,YAAY,CAAC;QAAE,OAAO;IACxI,MAAM,GAAG,GAAG,GAAG,GAAG,CAAC,SAAS,IAAI,GAAG,CAAC,IAAI,IAAI,GAAG,CAAC,OAAO,EAAE,CAAC;IAC1D,MAAM,QAAQ,GAAG,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;IAC9B,IAAI,CAAC,QAAQ,EAAE,CAAC;QACd,GAAG,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;QAClB,OAAO;IACT,CAAC;IACD,IAAI,CAAC,QAAQ,CAAC,MAAM,IAAI,GAAG,CAAC,MAAM;QAAE,QAAQ,CAAC,MAAM,GAAG,IAAI,CAAC;IAC3D,IAAI,QAAQ,CAAC,KAAK,KAAK,SAAS,IAAI,GAAG,CAAC,KAAK,KAAK,SAAS;QAAE,QAAQ,CAAC,KAAK,GAAG,GAAG,CAAC,KAAK,CAAC;IACxF,IAAI,CAAC,QAAQ,CAAC,UAAU,IAAI,GAAG,CAAC,UAAU;QAAE,QAAQ,CAAC,UAAU,GAAG,GAAG,CAAC,UAAU,CAAC;AACnF,CAAC;AAED,SAAS,gBAAgB,CAAC,OAAe;IACvC,OAAO,OAAO,CAAC,IAAI,EAAE,CAAC,OAAO,CAAC,YAAY,EAAE,EAAE,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC;AACpE,CAAC;AAED,SAAS,iBAAiB,CAAC,GAAuB;IAChD,IAAI,CAAC,GAAG,EAAE,UAAU;QAAE,OAAO,EAAE,CAAC;IAChC,IAAI,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC;QAAE,OAAO,GAAG,CAAC,UAAU,CAAC;IACzD,OAAO,GAAG,CAAC,UAAU,CAAC,QAAQ,IAAI,EAAE,CAAC;AACvC,CAAC;AAED,SAAS,sBAAsB,CAAC,IAAY,EAAE,OAAe;IAC3D,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC;QAAE,OAAO,EAAE,CAAC;IACvC,MAAM,IAAI,GAAG,OAAO,CAAC,IAAI,EAAE,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;IACjD,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC;QAAE,OAAO,EAAE,CAAC;IACjC,OAAO,WAAW,CAAC,IAAI,EAAE,EAAE,aAAa,EAAE,IAAI,EAAE,CAAC;SAC9C,MAAM,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,WAAW,EAAE,CAAC;SACtC,GAAG,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,OAAO,CAAC,IAAI,EAAE,KAAK,CAAC,IAAI,CAAC,CAAC;SACzC,MAAM,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,UAAU,CAAC,OAAO,CAAC,GAAG,EAAE,cAAc,CAAC,CAAC,CAAC,CAAC;AAC/D,CAAC;AAED,SAAS,aAAa,CAAC,GAAW;IAChC,MAAM,GAAG,GAAG,eAAe,CAAC,OAAO,CAAC,GAAG,EAAE,cAAc,CAAC,CAAC,CAAC;IAC1D,OAAO,GAAG,EAAE,IAAI,IAAI,QAAQ,CAAC,GAAG,CAAC,IAAI,IAAI,CAAC;AAC5C,CAAC;AAED,SAAS,GAAG,CAAC,IAAY,EAAE,IAAY;IACrC,OAAO,QAAQ,CAAC,IAAI,EAAE,IAAI,CAAC,IAAI,QAAQ,CAAC,IAAI,CAAC,CAAC;AAChD,CAAC"}

package/dist/security-snapshot/client.d.ts

@@ -0,0 +1,3 @@
+import type { BuiltDependencySnapshot, SecuritySnapshotUploadResult } from './types.js';
+export declare function uploadSecuritySnapshot(host: string, accessToken: string, projectId: string, snapshot: BuiltDependencySnapshot): Promise<SecuritySnapshotUploadResult>;
+//# sourceMappingURL=client.d.ts.map

package/dist/security-snapshot/client.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"client.d.ts","sourceRoot":"","sources":["../../src/security-snapshot/client.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,uBAAuB,EAAE,4BAA4B,EAAiC,MAAM,YAAY,CAAC;AAiBvH,wBAAsB,sBAAsB,CAC1C,IAAI,EAAE,MAAM,EACZ,WAAW,EAAE,MAAM,EACnB,SAAS,EAAE,MAAM,EACjB,QAAQ,EAAE,uBAAuB,GAChC,OAAO,CAAC,4BAA4B,CAAC,CA+BvC"}

package/dist/security-snapshot/client.js

@@ -0,0 +1,38 @@
+import { apiRequest } from '../api/http.js';
+export async function uploadSecuritySnapshot(host, accessToken, projectId, snapshot) {
+    const payload = { projectId, ...snapshot };
+    const res = await apiRequest(host, {
+        method: 'POST',
+        path: '/api/v1/security/dependency-snapshots',
+        body: payload,
+        auth: { kind: 'bearer', token: accessToken },
+        timeoutMs: 12_000,
+    });
+    const uploaded = unwrap(res.data);
+    let vulnerabilityCount = null;
+    try {
+        const summary = await apiRequest(host, {
+            method: 'GET',
+            path: '/api/v1/security/risk-summary',
+            query: { projectId },
+            auth: { kind: 'bearer', token: accessToken },
+            timeoutMs: 8_000,
+        });
+        vulnerabilityCount = unwrap(summary.data).open ?? null;
+    }
+    catch {
+        vulnerabilityCount = null;
+    }
+    return {
+        snapshotId: uploaded.id,
+        dependencyCount: uploaded.dependencyCount ?? snapshot.dependencies.length,
+        vulnerabilityCount,
+        processingStatus: uploaded.processingStatus,
+    };
+}
+function unwrap(body) {
+    if (body && typeof body === 'object' && 'data' in body)
+        return body.data;
+    return body;
+}
+//# sourceMappingURL=client.js.map

package/dist/security-snapshot/client.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"client.js","sourceRoot":"","sources":["../../src/security-snapshot/client.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,gBAAgB,CAAC;AAkB5C,MAAM,CAAC,KAAK,UAAU,sBAAsB,CAC1C,IAAY,EACZ,WAAmB,EACnB,SAAiB,EACjB,QAAiC;IAEjC,MAAM,OAAO,GAAkC,EAAE,SAAS,EAAE,GAAG,QAAQ,EAAE,CAAC;IAC1E,MAAM,GAAG,GAAG,MAAM,UAAU,CAAmD,IAAI,EAAE;QACnF,MAAM,EAAE,MAAM;QACd,IAAI,EAAE,uCAAuC;QAC7C,IAAI,EAAE,OAAO;QACb,IAAI,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,KAAK,EAAE,WAAW,EAAE;QAC5C,SAAS,EAAE,MAAM;KAClB,CAAC,CAAC;IAEH,MAAM,QAAQ,GAAG,MAAM,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;IAClC,IAAI,kBAAkB,GAAkB,IAAI,CAAC;IAC7C,IAAI,CAAC;QACH,MAAM,OAAO,GAAG,MAAM,UAAU,CAAyD,IAAI,EAAE;YAC7F,MAAM,EAAE,KAAK;YACb,IAAI,EAAE,+BAA+B;YACrC,KAAK,EAAE,EAAE,SAAS,EAAE;YACpB,IAAI,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,KAAK,EAAE,WAAW,EAAE;YAC5C,SAAS,EAAE,KAAK;SACjB,CAAC,CAAC;QACH,kBAAkB,GAAG,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,IAAI,IAAI,IAAI,CAAC;IACzD,CAAC;IAAC,MAAM,CAAC;QACP,kBAAkB,GAAG,IAAI,CAAC;IAC5B,CAAC;IAED,OAAO;QACL,UAAU,EAAE,QAAQ,CAAC,EAAE;QACvB,eAAe,EAAE,QAAQ,CAAC,eAAe,IAAI,QAAQ,CAAC,YAAY,CAAC,MAAM;QACzE,kBAAkB;QAClB,gBAAgB,EAAE,QAAQ,CAAC,gBAAgB;KAC5C,CAAC;AACJ,CAAC;AAED,SAAS,MAAM,CAAI,IAAwB;IACzC,IAAI,IAAI,IAAI,OAAO,IAAI,KAAK,QAAQ,IAAI,MAAM,IAAI,IAAI;QAAE,OAAQ,IAAuB,CAAC,IAAS,CAAC;IAClG,OAAO,IAAS,CAAC;AACnB,CAAC"}

package/dist/security-snapshot/index.d.ts

@@ -0,0 +1,4 @@
+export { buildDependencySnapshot } from './builder.js';
+export { uploadSecuritySnapshot } from './client.js';
+export type { BuildSnapshotOptions, BuiltDependencySnapshot, DependencyScope, SecuritySnapshotUploadResult, SnapshotDependency, SnapshotEcosystem, SnapshotRuntimeMetadata, UploadSecuritySnapshotRequest, } from './types.js';
+//# sourceMappingURL=index.d.ts.map

package/dist/security-snapshot/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/security-snapshot/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,uBAAuB,EAAE,MAAM,cAAc,CAAC;AACvD,OAAO,EAAE,sBAAsB,EAAE,MAAM,aAAa,CAAC;AACrD,YAAY,EACV,oBAAoB,EACpB,uBAAuB,EACvB,eAAe,EACf,4BAA4B,EAC5B,kBAAkB,EAClB,iBAAiB,EACjB,uBAAuB,EACvB,6BAA6B,GAC9B,MAAM,YAAY,CAAC"}

package/dist/security-snapshot/index.js

@@ -0,0 +1,3 @@
+export { buildDependencySnapshot } from './builder.js';
+export { uploadSecuritySnapshot } from './client.js';
+//# sourceMappingURL=index.js.map

package/dist/security-snapshot/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/security-snapshot/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,uBAAuB,EAAE,MAAM,cAAc,CAAC;AACvD,OAAO,EAAE,sBAAsB,EAAE,MAAM,aAAa,CAAC"}

package/dist/security-snapshot/types.d.ts

@@ -0,0 +1,57 @@
+export type DependencyScope = 'production' | 'development' | 'optional' | 'peer' | 'unknown';
+export type SnapshotEcosystem = 'npm' | 'maven';
+export interface SnapshotDependency {
+    ecosystem: SnapshotEcosystem;
+    name: string;
+    version: string;
+    scope: DependencyScope;
+    direct: boolean;
+    sourceFile: string;
+    manager?: string;
+    path?: string[];
+}
+export interface SnapshotRuntimeMetadata {
+    framework?: string;
+    runtime?: string;
+    environment?: string;
+    packageManager?: string;
+    nodeVersion?: string;
+    javaVersion?: string;
+    monorepoTool?: string | null;
+    workspaceName?: string | null;
+}
+export interface BuiltDependencySnapshot {
+    sourceType: 'wizard' | 'ci';
+    sourceRef?: string;
+    sourceCommitSha?: string;
+    sourceBranch?: string;
+    environment?: string;
+    manifestCount: number;
+    dependencies: SnapshotDependency[];
+    metadata: SnapshotRuntimeMetadata & {
+        lockfiles: string[];
+        manifests: string[];
+        parserVersion: string;
+        truncated: boolean;
+    };
+}
+export interface BuildSnapshotOptions {
+    cwd?: string;
+    sourceType?: 'wizard' | 'ci';
+    environment?: string;
+    sourceRef?: string;
+    sourceCommitSha?: string;
+    sourceBranch?: string;
+    framework?: string;
+    maxDependencies?: number;
+}
+export interface UploadSecuritySnapshotRequest extends BuiltDependencySnapshot {
+    projectId: string;
+}
+export interface SecuritySnapshotUploadResult {
+    snapshotId?: string;
+    dependencyCount: number;
+    vulnerabilityCount: number | null;
+    processingStatus?: string;
+}
+//# sourceMappingURL=types.d.ts.map

package/dist/security-snapshot/types.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../src/security-snapshot/types.ts"],"names":[],"mappings":"AAAA,MAAM,MAAM,eAAe,GAAG,YAAY,GAAG,aAAa,GAAG,UAAU,GAAG,MAAM,GAAG,SAAS,CAAC;AAC7F,MAAM,MAAM,iBAAiB,GAAG,KAAK,GAAG,OAAO,CAAC;AAEhD,MAAM,WAAW,kBAAkB;IACjC,SAAS,EAAE,iBAAiB,CAAC;IAC7B,IAAI,EAAE,MAAM,CAAC;IACb,OAAO,EAAE,MAAM,CAAC;IAChB,KAAK,EAAE,eAAe,CAAC;IACvB,MAAM,EAAE,OAAO,CAAC;IAChB,UAAU,EAAE,MAAM,CAAC;IACnB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,IAAI,CAAC,EAAE,MAAM,EAAE,CAAC;CACjB;AAED,MAAM,WAAW,uBAAuB;IACtC,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,YAAY,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAC7B,aAAa,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;CAC/B;AAED,MAAM,WAAW,uBAAuB;IACtC,UAAU,EAAE,QAAQ,GAAG,IAAI,CAAC;IAC5B,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,aAAa,EAAE,MAAM,CAAC;IACtB,YAAY,EAAE,kBAAkB,EAAE,CAAC;IACnC,QAAQ,EAAE,uBAAuB,GAAG;QAClC,SAAS,EAAE,MAAM,EAAE,CAAC;QACpB,SAAS,EAAE,MAAM,EAAE,CAAC;QACpB,aAAa,EAAE,MAAM,CAAC;QACtB,SAAS,EAAE,OAAO,CAAC;KACpB,CAAC;CACH;AAED,MAAM,WAAW,oBAAoB;IACnC,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,UAAU,CAAC,EAAE,QAAQ,GAAG,IAAI,CAAC;IAC7B,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,eAAe,CAAC,EAAE,MAAM,CAAC;CAC1B;AAED,MAAM,WAAW,6BAA8B,SAAQ,uBAAuB;IAC5E,SAAS,EAAE,MAAM,CAAC;CACnB;AAED,MAAM,WAAW,4BAA4B;IAC3C,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,eAAe,EAAE,MAAM,CAAC;IACxB,kBAAkB,EAAE,MAAM,GAAG,IAAI,CAAC;IAClC,gBAAgB,CAAC,EAAE,MAAM,CAAC;CAC3B"}

package/dist/security-snapshot/types.js

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=types.js.map

package/dist/security-snapshot/types.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.js","sourceRoot":"","sources":["../../src/security-snapshot/types.ts"],"names":[],"mappings":""}

package/dist/sourcemaps/next.js

@@ -1,7 +1,7 @@
 import { existsSync, readFileSync } from 'node:fs';
 import { resolve } from 'node:path';
 import { appendManagedBlock, removeManagedSourceBlock } from '../patchers/source-block.js';
-const PKG = '@allstak/js/next';
+const PKG = '@allstak/next';
 function locate(projectRoot) {
     for (const c of ['next.config.ts', 'next.config.mjs', 'next.config.js']) {
         const full = resolve(projectRoot, c);
@@ -23,8 +23,8 @@ export const nextSourceMapProvider = {
             return;
         await appendManagedBlock(tx, cfg, [
             `// allstak-wizard: enable browser source maps to unblock symbolication.`,
-            `//   const { withAllStak } = require('${PKG}');`,
-            `//   module.exports = withAllStak({ ...nextConfig, productionBrowserSourceMaps: true });`,
+            `//   Install ${PKG} and initialize it from instrumentation.ts.`,
+            `//   Keep productionBrowserSourceMaps: true in your Next config if browser symbolication is needed.`,
         ].join('\n'), { style: 'slash', validateJs: true });
     },
     async unwire(_ctx, tx) {

package/dist/sourcemaps/next.js.map

@@ -1 +1 @@
-{"version":3,"file":"next.js","sourceRoot":"","sources":["../../src/sourcemaps/next.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AACnD,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAEpC,OAAO,EAAE,kBAAkB,EAAE,wBAAwB,EAAE,MAAM,6BAA6B,CAAC;AAE3F,MAAM,GAAG,GAAG,kBAAkB,CAAC;AAE/B,SAAS,MAAM,CAAC,WAAmB;IACjC,KAAK,MAAM,CAAC,IAAI,CAAC,gBAAgB,EAAE,iBAAiB,EAAE,gBAAgB,CAAC,EAAE,CAAC;QACxE,MAAM,IAAI,GAAG,OAAO,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC;QACrC,IAAI,UAAU,CAAC,IAAI,CAAC;YAAE,OAAO,IAAI,CAAC;IACpC,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED,MAAM,CAAC,MAAM,qBAAqB,GAAsB;IACtD,EAAE,EAAE,MAAM;IACV,KAAK,EAAE,2BAA2B;IAClC,aAAa,EAAE,GAAG;IAElB,KAAK,CAAC,MAAM,CAAC,GAAG;QACd,OAAO,MAAM,CAAC,GAAG,CAAC,WAAW,CAAC,KAAK,IAAI,CAAC;IAC1C,CAAC;IAED,KAAK,CAAC,IAAI,CAAC,IAAI,EAAE,EAAE;QACjB,MAAM,GAAG,GAAG,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;QACrC,IAAI,CAAC,GAAG;YAAE,OAAO;QACjB,MAAM,kBAAkB,CACtB,EAAE,EACF,GAAG,EACH;YACE,yEAAyE;YACzE,yCAAyC,GAAG,KAAK;YACjD,0FAA0F;SAC3F,CAAC,IAAI,CAAC,IAAI,CAAC,EACZ,EAAE,KAAK,EAAE,OAAO,EAAE,UAAU,EAAE,IAAI,EAAE,CACrC,CAAC;IACJ,CAAC;IAED,KAAK,CAAC,MAAM,CAAC,IAAI,EAAE,EAAE;QACnB,MAAM,GAAG,GAAG,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;QACrC,IAAI,CAAC,GAAG;YAAE,OAAO;QACjB,MAAM,wBAAwB,CAAC,EAAE,EAAE,GAAG,EAAE,OAAO,CAAC,CAAC;IACnD,CAAC;IAED,KAAK,CAAC,MAAM,CAAC,GAAG;QACd,MAAM,GAAG,GAAG,MAAM,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC;QACpC,IAAI,CAAC,GAAG;YAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,EAAE,KAAK,EAAE,SAAS,EAAE,UAAU,EAAE,IAAI,EAAE,CAAC;QAC1E,MAAM,GAAG,GAAG,YAAY,CAAC,GAAG,EAAE,MAAM,CAAC,CAAC;QACtC,OAAO,GAAG,CAAC,QAAQ,CAAC,gBAAgB,CAAC;YACnC,CAAC,CAAC,EAAE,QAAQ,EAAE,MAAM,EAAE,KAAK,EAAE,OAAO,EAAE,UAAU,EAAE,GAAG,EAAE;YACvD,CAAC,CAAC,EAAE,QAAQ,EAAE,MAAM,EAAE,KAAK,EAAE,SAAS,EAAE,UAAU,EAAE,GAAG,EAAE,CAAC;IAC9D,CAAC;CACF,CAAC"}
+{"version":3,"file":"next.js","sourceRoot":"","sources":["../../src/sourcemaps/next.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AACnD,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAEpC,OAAO,EAAE,kBAAkB,EAAE,wBAAwB,EAAE,MAAM,6BAA6B,CAAC;AAE3F,MAAM,GAAG,GAAG,eAAe,CAAC;AAE5B,SAAS,MAAM,CAAC,WAAmB;IACjC,KAAK,MAAM,CAAC,IAAI,CAAC,gBAAgB,EAAE,iBAAiB,EAAE,gBAAgB,CAAC,EAAE,CAAC;QACxE,MAAM,IAAI,GAAG,OAAO,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC;QACrC,IAAI,UAAU,CAAC,IAAI,CAAC;YAAE,OAAO,IAAI,CAAC;IACpC,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED,MAAM,CAAC,MAAM,qBAAqB,GAAsB;IACtD,EAAE,EAAE,MAAM;IACV,KAAK,EAAE,2BAA2B;IAClC,aAAa,EAAE,GAAG;IAElB,KAAK,CAAC,MAAM,CAAC,GAAG;QACd,OAAO,MAAM,CAAC,GAAG,CAAC,WAAW,CAAC,KAAK,IAAI,CAAC;IAC1C,CAAC;IAED,KAAK,CAAC,IAAI,CAAC,IAAI,EAAE,EAAE;QACjB,MAAM,GAAG,GAAG,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;QACrC,IAAI,CAAC,GAAG;YAAE,OAAO;QACjB,MAAM,kBAAkB,CACtB,EAAE,EACF,GAAG,EACH;YACE,yEAAyE;YACzE,gBAAgB,GAAG,6CAA6C;YAChE,qGAAqG;SACtG,CAAC,IAAI,CAAC,IAAI,CAAC,EACZ,EAAE,KAAK,EAAE,OAAO,EAAE,UAAU,EAAE,IAAI,EAAE,CACrC,CAAC;IACJ,CAAC;IAED,KAAK,CAAC,MAAM,CAAC,IAAI,EAAE,EAAE;QACnB,MAAM,GAAG,GAAG,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;QACrC,IAAI,CAAC,GAAG;YAAE,OAAO;QACjB,MAAM,wBAAwB,CAAC,EAAE,EAAE,GAAG,EAAE,OAAO,CAAC,CAAC;IACnD,CAAC;IAED,KAAK,CAAC,MAAM,CAAC,GAAG;QACd,MAAM,GAAG,GAAG,MAAM,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC;QACpC,IAAI,CAAC,GAAG;YAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,EAAE,KAAK,EAAE,SAAS,EAAE,UAAU,EAAE,IAAI,EAAE,CAAC;QAC1E,MAAM,GAAG,GAAG,YAAY,CAAC,GAAG,EAAE,MAAM,CAAC,CAAC;QACtC,OAAO,GAAG,CAAC,QAAQ,CAAC,gBAAgB,CAAC;YACnC,CAAC,CAAC,EAAE,QAAQ,EAAE,MAAM,EAAE,KAAK,EAAE,OAAO,EAAE,UAAU,EAAE,GAAG,EAAE;YACvD,CAAC,CAAC,EAAE,QAAQ,EAAE,MAAM,EAAE,KAAK,EAAE,SAAS,EAAE,UAAU,EAAE,GAAG,EAAE,CAAC;IAC9D,CAAC;CACF,CAAC"}

package/dist/sourcemaps/vite.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"vite.d.ts","sourceRoot":"","sources":["../../src/sourcemaps/vite.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,iBAAiB,EAAmB,MAAM,eAAe,CAAC;AAexE,eAAO,MAAM,qBAAqB,EAAE,iBAiDnC,CAAC"}
+{"version":3,"file":"vite.d.ts","sourceRoot":"","sources":["../../src/sourcemaps/vite.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,iBAAiB,EAAmB,MAAM,eAAe,CAAC;AAgBxE,eAAO,MAAM,qBAAqB,EAAE,iBA8DnC,CAAC"}