@capraconsulting/cals-cli 3.13.0 → 3.14.0

package/lib/index.js

@@ -1,162 +1,15 @@
 import fs from 'node:fs';
-import path from 'node:path';
-import process$1 from 'node:process';
-import readline from 'node:readline';
-import chalk from 'chalk';
-import 'node:util';
-import https from 'node:https';
-import os from 'node:os';
-import cachedir from 'cachedir';
 import AJV from 'ajv';
 import yaml from 'js-yaml';
 import { Buffer } from 'node:buffer';
 import { performance } from 'node:perf_hooks';
+import * as process from 'node:process';
+import process__default from 'node:process';
 import { Octokit } from '@octokit/rest';
-import fetch from 'node-fetch';
 import pLimit from 'p-limit';
-import * as process from 'process';
 import keytar from 'keytar';
-import { strict } from 'node:assert';
-import { Transform } from 'node:stream';
-import { execa } from 'execa';
-import { read } from 'read';
 
-var version = "3.13.0";
-
-class CacheProvider {
-    constructor(config) {
-        this.config = config;
-    }
-    mustValidate = false;
-    config;
-    defaultCacheTime = 1800;
-    /**
-     * Retrieve cache if existent, ignoring the time.
-     *
-     * The caller is responsible for handling proper validation,
-     */
-    retrieveJson(cachekey) {
-        const cachefile = path.join(this.config.cacheDir, `${cachekey}.json`);
-        if (!fs.existsSync(cachefile)) {
-            return undefined;
-        }
-        const data = fs.readFileSync(cachefile, "utf-8");
-        return {
-            cacheTime: fs.statSync(cachefile).mtime.getTime(),
-            data: (data === "undefined" ? undefined : JSON.parse(data)),
-        };
-    }
-    /**
-     * Save data to cache.
-     */
-    storeJson(cachekey, data) {
-        const cachefile = path.join(this.config.cacheDir, `${cachekey}.json`);
-        if (!fs.existsSync(this.config.cacheDir)) {
-            fs.mkdirSync(this.config.cacheDir, { recursive: true });
-        }
-        fs.writeFileSync(cachefile, data === undefined ? "undefined" : JSON.stringify(data));
-    }
-    async json(cachekey, block, cachetime = this.defaultCacheTime) {
-        const cacheItem = this.mustValidate
-            ? undefined
-            : this.retrieveJson(cachekey);
-        const expire = new Date(Date.now() - cachetime * 1000).getTime();
-        if (cacheItem !== undefined && cacheItem.cacheTime > expire) {
-            return cacheItem.data;
-        }
-        const result = await block();
-        this.storeJson(cachekey, result);
-        return result;
-    }
-    /**
-     * Delete all cached data.
-     */
-    cleanup() {
-        fs.rmSync(this.config.cacheDir, { recursive: true, force: true });
-    }
-}
-
-const CLEAR_WHOLE_LINE = 0;
-function clearLine(stdout) {
-    readline.clearLine(stdout, CLEAR_WHOLE_LINE);
-    readline.cursorTo(stdout, 0);
-}
-class Reporter {
-    constructor(opts = {}) {
-        this.nonInteractive = !!opts.nonInteractive;
-        this.isVerbose = !!opts.verbose;
-    }
-    stdout = process$1.stdout;
-    stderr = process$1.stderr;
-    nonInteractive;
-    isVerbose;
-    format = chalk;
-    error(msg) {
-        clearLine(this.stderr);
-        this.stderr.write(`${this.format.red("error")} ${msg}\n`);
-    }
-    log(msg) {
-        clearLine(this.stdout);
-        this.stdout.write(`${msg}\n`);
-    }
-    warn(msg) {
-        clearLine(this.stderr);
-        this.stderr.write(`${this.format.yellow("warning")} ${msg}\n`);
-    }
-    info(msg) {
-        clearLine(this.stdout);
-        this.stdout.write(`${this.format.blue("info")} ${msg}\n`);
-    }
-}
-
-class Config {
-    cwd = path.resolve(process$1.cwd());
-    configFile = path.join(os.homedir(), ".cals-config.json");
-    cacheDir = cachedir("cals-cli");
-    agent = new https.Agent({
-        keepAlive: true,
-    });
-    configCached = undefined;
-    get config() {
-        const existingConfig = this.configCached;
-        if (existingConfig !== undefined) {
-            return existingConfig;
-        }
-        const config = this.readConfig();
-        this.configCached = config;
-        return config;
-    }
-    readConfig() {
-        if (!fs.existsSync(this.configFile)) {
-            return {};
-        }
-        try {
-            return JSON.parse(fs.readFileSync(this.configFile, "utf-8"));
-        }
-        catch (e) {
-            console.error("Failed", e);
-            throw new Error("Failed to read config");
-        }
-    }
-    getConfig(key) {
-        return this.config[key];
-    }
-    requireConfig(key) {
-        const result = this.config[key];
-        if (result === undefined) {
-            throw Error(`Configuration for ${key} missing. Add manually to ${this.configFile}`);
-        }
-        return result;
-    }
-    updateConfig(key, value) {
-        const updatedConfig = {
-            ...this.readConfig(),
-            [key]: value, // undefined will remove
-        };
-        fs.writeFileSync(this.configFile, JSON.stringify(updatedConfig, null, "  "));
-        this.configCached = updatedConfig;
-    }
-}
+var version = "3.14.0";
 
 function uniq(array) {
     return Array.from(new Set(array));
@@ -164,53 +17,6 @@ function uniq(array) {
 
 var type = "object";
 var properties = {
-	snyk: {
-		type: "object",
-		properties: {
-			accountId: {
-				type: "string"
-			}
-		},
-		required: [
-			"accountId"
-		]
-	},
-	github: {
-		type: "object",
-		properties: {
-			users: {
-				type: "array",
-				items: {
-					$ref: "#/definitions/User"
-				}
-			},
-			teams: {
-				type: "array",
-				items: {
-					type: "object",
-					properties: {
-						organization: {
-							type: "string"
-						},
-						teams: {
-							type: "array",
-							items: {
-								$ref: "#/definitions/Team"
-							}
-						}
-					},
-					required: [
-						"organization",
-						"teams"
-					]
-				}
-			}
-		},
-		required: [
-			"teams",
-			"users"
-		]
-	},
 	projects: {
 		type: "array",
 		items: {
@@ -219,105 +25,9 @@ var properties = {
 	}
 };
 var required = [
-	"github",
 	"projects"
 ];
 var definitions = {
-	User: {
-		anyOf: [
-			{
-				$ref: "#/definitions/UserBot"
-			},
-			{
-				$ref: "#/definitions/UserEmployee"
-			},
-			{
-				$ref: "#/definitions/UserExternal"
-			}
-		]
-	},
-	UserBot: {
-		type: "object",
-		properties: {
-			type: {
-				type: "string",
-				"const": "bot"
-			},
-			login: {
-				type: "string"
-			},
-			name: {
-				type: "string"
-			}
-		},
-		required: [
-			"login",
-			"name",
-			"type"
-		]
-	},
-	UserEmployee: {
-		type: "object",
-		properties: {
-			type: {
-				type: "string",
-				"const": "employee"
-			},
-			login: {
-				type: "string"
-			},
-			capraUsername: {
-				type: "string"
-			},
-			name: {
-				type: "string"
-			}
-		},
-		required: [
-			"capraUsername",
-			"login",
-			"name",
-			"type"
-		]
-	},
-	UserExternal: {
-		type: "object",
-		properties: {
-			type: {
-				type: "string",
-				"const": "external"
-			},
-			login: {
-				type: "string"
-			},
-			name: {
-				type: "string"
-			}
-		},
-		required: [
-			"login",
-			"name",
-			"type"
-		]
-	},
-	Team: {
-		type: "object",
-		properties: {
-			name: {
-				type: "string"
-			},
-			members: {
-				type: "array",
-				items: {
-					type: "string"
-				}
-			}
-		},
-		required: [
-			"members",
-			"name"
-		]
-	},
 	Project: {
 		type: "object",
 		properties: {
@@ -337,12 +47,6 @@ var definitions = {
 							items: {
 								$ref: "#/definitions/DefinitionRepo"
 							}
-						},
-						teams: {
-							type: "array",
-							items: {
-								$ref: "#/definitions/RepoTeam"
-							}
 						}
 					},
 					required: [
@@ -355,10 +59,6 @@ var definitions = {
 				items: {
 					type: "string"
 				}
-			},
-			responsible: {
-				description: "Some external-defined entity being responsible for the project.",
-				type: "string"
 			}
 		},
 		required: [
@@ -380,28 +80,6 @@ var definitions = {
 			},
 			archived: {
 				type: "boolean"
-			},
-			issues: {
-				type: "boolean"
-			},
-			wiki: {
-				type: "boolean"
-			},
-			teams: {
-				type: "array",
-				items: {
-					$ref: "#/definitions/RepoTeam"
-				}
-			},
-			snyk: {
-				type: "boolean"
-			},
-			"public": {
-				type: "boolean"
-			},
-			responsible: {
-				description: "Some external-defined entity being responsible for the repository.\n\nWill override the project-defined responsible.",
-				type: "string"
 			}
 		},
 		required: [
@@ -422,29 +100,6 @@ var definitions = {
 			"name",
 			"project"
 		]
-	},
-	RepoTeam: {
-		type: "object",
-		properties: {
-			name: {
-				type: "string"
-			},
-			permission: {
-				$ref: "#/definitions/Permission"
-			}
-		},
-		required: [
-			"name",
-			"permission"
-		]
-	},
-	Permission: {
-		"enum": [
-			"admin",
-			"pull",
-			"push"
-		],
-		type: "string"
 	}
 };
 var $schema = "http://json-schema.org/draft-07/schema#";
@@ -456,9 +111,6 @@ var schema = {
 	$schema: $schema
 };
 
-function getTeamId(org, teamName) {
-    return `${org}/${teamName}`;
-}
 function getRepoId(orgName, repoName) {
     return `${orgName}/${repoName}`;
 }
@@ -470,33 +122,6 @@ function checkAgainstSchema(value) {
         : { error: ajv.errorsText() ?? "Unknown error" };
 }
 function requireValidDefinition(definition) {
-    // Verify no duplicates in users and extract known logins.
-    const loginList = definition.github.users.reduce((acc, user) => {
-        if (acc.includes(user.login)) {
-            throw new Error(`Duplicate login: ${user.login}`);
-        }
-        return [...acc, user.login];
-    }, []);
-    // Verify no duplicates in teams and extract team names.
-    const teamIdList = definition.github.teams.reduce((acc, orgTeams) => {
-        return orgTeams.teams.reduce((acc1, team) => {
-            const id = getTeamId(orgTeams.organization, team.name);
-            if (acc1.includes(id)) {
-                throw new Error(`Duplicate team: ${id}`);
-            }
-            return [...acc1, id];
-        }, acc);
-    }, []);
-    // Verify team members exists as users.
-    definition.github.teams
-        .flatMap((it) => it.teams)
-        .forEach((team) => {
-        team.members.forEach((login) => {
-            if (!loginList.includes(login)) {
-                throw new Error(`Team member ${login} in team ${team.name} is not registered in user list`);
-            }
-        });
-    });
     // Verify no duplicates in project names.
     definition.projects.reduce((acc, project) => {
         if (acc.includes(project.name)) {
@@ -504,25 +129,6 @@ function requireValidDefinition(definition) {
         }
         return [...acc, project.name];
     }, []);
-    definition.projects.forEach((project) => {
-        project.github.forEach((org) => {
-            (org.teams || []).forEach((team) => {
-                const id = getTeamId(org.organization, team.name);
-                if (!teamIdList.includes(id)) {
-                    throw new Error(`Project team ${id} in project ${project.name} is not registered in team list`);
-                }
-            }) // Verify repo teams exists as teams.
-            ;
-            (org.repos || []).forEach((repo) => {
-                (repo.teams || []).forEach((team) => {
-                    const id = getTeamId(org.organization, team.name);
-                    if (!teamIdList.includes(id)) {
-                        throw new Error(`Repo team ${id} for repo ${repo.name} in project ${project.name} is not registered in team list`);
-                    }
-                });
-            });
-        });
-    });
     // Verify no duplicates in repos.
     definition.projects
         .flatMap((project) => project.github.flatMap((org) => (org.repos || []).map((repo) => getRepoId(org.organization, repo.name))))
@@ -571,7 +177,7 @@ function getGitHubOrgs(definition) {
     return uniq(githubOrganizations);
 }
 
-var index$3 = /*#__PURE__*/Object.freeze({
+var index$1 = /*#__PURE__*/Object.freeze({
   __proto__: null,
   DefinitionFile: DefinitionFile,
   getGitHubOrgs: getGitHubOrgs,
@@ -580,23 +186,16 @@ var index$3 = /*#__PURE__*/Object.freeze({
   parseDefinition: parseDefinition
 });
 
-function createReporter(argv) {
-    return new Reporter({
-        verbose: !!argv.verbose,
-        nonInteractive: !!argv.nonInteractive,
-    });
-}
-
 class GitHubTokenCliProvider {
     keyringService = "cals";
     keyringAccount = "github-token";
     async getToken() {
-        if (process$1.env.CALS_GITHUB_TOKEN) {
-            return process$1.env.CALS_GITHUB_TOKEN;
+        if (process__default.env.CALS_GITHUB_TOKEN) {
+            return process__default.env.CALS_GITHUB_TOKEN;
         }
         const result = await keytar.getPassword(this.keyringService, this.keyringAccount);
         if (result == null) {
-            process$1.stderr.write("No token found. Register using `cals github set-token`\n");
+            process__default.stderr.write("No token found. Register using `cals github set-token`\n");
             return undefined;
         }
         return result;
@@ -609,26 +208,12 @@ class GitHubTokenCliProvider {
     }
 }
 
-async function undefinedForNotFound(value) {
-    try {
-        return await value;
-    }
-    catch (e) {
-        if (e.name === "HttpError" && e.status === 404) {
-            return undefined;
-        }
-        throw e;
-    }
-}
-
 class GitHubService {
-    config;
     octokit;
     cache;
     tokenProvider;
     semaphore;
     constructor(props) {
-        this.config = props.config;
         this.octokit = props.octokit;
         this.cache = props.cache;
         this.tokenProvider = props.tokenProvider;
@@ -636,7 +221,6 @@ class GitHubService {
         // can maximize concurrency all other places.
         this.semaphore = pLimit(6);
         this.octokit.hook.wrap("request", async (request, options) => {
-            this._requestCount++;
             if (options.method !== "GET") {
                 return this.semaphore(() => request(options));
             }
@@ -696,10 +280,6 @@ class GitHubService {
             return response;
         });
     }
-    _requestCount = 0;
-    get requestCount() {
-        return this._requestCount;
-    }
     async runGraphqlQuery(query) {
         const token = await this.tokenProvider.getToken();
         if (token === undefined) {
@@ -716,7 +296,6 @@ class GitHubService {
                 method: "POST",
                 headers,
                 body: JSON.stringify({ query }),
-                agent: this.config.agent,
             });
             requestDuration = performance.now() - requestStart;
             return result;
@@ -796,987 +375,28 @@ class GitHubService {
             return repos.sort((a, b) => a.name.localeCompare(b.name));
         });
     }
-    async getOrgMembersList(org) {
-        const options = this.octokit.orgs.listMembers.endpoint.merge({
-            org,
-        });
-        return ((await undefinedForNotFound(this.octokit.paginate(options))) || []);
-    }
-    async getOrgMembersInvitedList(org) {
-        const options = this.octokit.orgs.listPendingInvitations.endpoint.merge({
-            org,
-        });
-        return ((await undefinedForNotFound(this.octokit.paginate(options))) || []);
-    }
-    async getOrgMembersListIncludingInvited(org) {
-        return [
-            ...(await this.getOrgMembersList(org)).map((it) => ({
-                type: "member",
-                login: it.login,
-                data: it,
-            })),
-            ...(await this.getOrgMembersInvitedList(org)).map((it) => ({
-                type: "invited",
-                // TODO: Fix ?? case properly
-                login: it.login ?? "invalid",
-                data: it,
-            })),
-        ];
-    }
-    async getRepository(owner, repo) {
-        return this.cache.json(`get-repository-${owner}-${repo}`, async () => {
-            const response = await undefinedForNotFound(this.octokit.repos.get({
-                owner,
-                repo,
-            }));
-            return response === undefined ? undefined : response.data;
-        });
-    }
-    async getRepositoryTeamsList(repo) {
-        return this.cache.json(`repository-teams-list-${repo.id}`, async () => {
-            const options = this.octokit.repos.listTeams.endpoint.merge({
-                owner: repo.owner.login,
-                repo: repo.name,
-            });
-            return ((await undefinedForNotFound(this.octokit.paginate(options))) || []);
-        });
-    }
-    async getRepositoryHooks(owner, repo) {
-        return this.cache.json(`repository-hooks-${owner}-${repo}`, async () => {
-            const options = this.octokit.repos.listWebhooks.endpoint.merge({
-                owner,
-                repo,
-            });
-            return ((await undefinedForNotFound(this.octokit.paginate(options))) || []);
-        });
-    }
-    async getOrg(org) {
-        const orgResponse = await this.octokit.orgs.get({
-            org,
-        });
-        return orgResponse.data;
-    }
-    async getTeamList(org) {
-        return this.cache.json(`team-list-${org.login}`, async () => {
-            const options = this.octokit.teams.list.endpoint.merge({
-                org: org.login,
-            });
-            return (await this.octokit.paginate(options));
-        });
-    }
-    async getTeamMemberList(org, team) {
-        return this.cache.json(`team-member-list-${team.id}`, async () => {
-            const options = this.octokit.teams.listMembersInOrg.endpoint.merge({
-                org: org.login,
-                team_slug: team.slug,
-            });
-            return (await this.octokit.paginate(options));
-        });
-    }
-    async getTeamMemberInvitedList(org, team) {
-        return this.cache.json(`team-member-invited-list-${team.id}`, async () => {
-            const options = this.octokit.teams.listPendingInvitationsInOrg.endpoint.merge({
-                org: org.login,
-                team_slug: team.slug,
-            });
-            return (await this.octokit.paginate(options));
-        });
-    }
-    async getTeamMemberListIncludingInvited(org, team) {
-        return [
-            ...(await this.getTeamMemberList(org, team)).map((it) => ({
-                type: "member",
-                login: it.login,
-                data: it,
-            })),
-            ...(await this.getTeamMemberInvitedList(org, team)).map((it) => ({
-                type: "invited",
-                // TODO: Fix ?? case properly
-                login: it.login ?? "invalid",
-                data: it,
-            })),
-        ];
-    }
-    async getSearchedPullRequestList(owner) {
-        // NOTE: Changes to this must by synced with SearchedPullRequestListQueryResult.
-        const getQuery = (after) => `{
-  search(
-    query: "is:open is:pr user:${owner} owner:${owner} archived:false",
-    type: ISSUE,
-    first: 50${after === null
-            ? ""
-            : `,
-    after: "${after}"`}
-  ) {
-    pageInfo {
-      hasNextPage
-      endCursor
-    }
-    edges {
-      node {
-        __typename
-        ... on PullRequest {
-          number
-          baseRepository {
-            name
-            owner {
-              login
-            }
-            defaultBranchRef {
-              name
-            }
-          }
-          author {
-            login
-          }
-          title
-          commits(first: 3) {
-            nodes {
-              commit {
-                messageHeadline
-              }
-            }
-          }
-          createdAt
-          updatedAt
-        }
-      }
-    }
-  }
-}`;
-        const pulls = [];
-        let after = null;
-        while (true) {
-            const query = getQuery(after);
-            const res = await this.runGraphqlQuery(query);
-            pulls.push(...res.search.edges.map((it) => it.node));
-            if (!res.search.pageInfo.hasNextPage) {
-                break;
-            }
-            after = res.search.pageInfo.endCursor;
-        }
-        return pulls.sort((a, b) => a.createdAt.localeCompare(b.createdAt));
-    }
-    async getHasVulnerabilityAlertsEnabled(owner, repo) {
-        try {
-            const response = await this.octokit.repos.checkVulnerabilityAlerts({
-                owner: owner,
-                repo: repo,
-            });
-            if (response.status !== 204) {
-                console.log(response);
-                throw new Error("Unknown response - see previous log line");
-            }
-            return true;
-        }
-        catch (e) {
-            if (e.status === 404) {
-                return false;
-            }
-            throw e;
-        }
-    }
-    async enableVulnerabilityAlerts(owner, repo) {
-        await this.octokit.repos.enableVulnerabilityAlerts({
-            owner: owner,
-            repo: repo,
-        });
-    }
-    /**
-     * Get the vulnerability alerts for a repository.
-     */
-    async getVulnerabilityAlerts(owner, repo) {
-        // NOTE: Changes to this must by synced with VulnerabilityAlertsQueryResult.
-        const getQuery = (after) => `{
-  repository(owner: "${owner}", name: "${repo}") {
-    vulnerabilityAlerts(first: 100${after === null ? "" : `, after: "${after}"`}) {
-      pageInfo {
-        hasNextPage
-        endCursor
-      }
-      edges {
-        node {
-          state
-          dismissReason
-          vulnerableManifestFilename
-          vulnerableManifestPath
-          vulnerableRequirements
-          securityAdvisory {
-            description
-            identifiers { type value }
-            references { url }
-            severity
-          }
-          securityVulnerability {
-            package { name ecosystem }
-            firstPatchedVersion { identifier }
-            vulnerableVersionRange
-          }
-        }
-      }
-    }
-  }
-}`;
-        return this.cache.json(`vulnerability-alerts-${owner}-${repo}`, async () => {
-            const result = [];
-            let after = null;
-            while (true) {
-                const query = getQuery(after);
-                const res = await this.runGraphqlQuery(query);
-                result.push(...(res.repository?.vulnerabilityAlerts.edges?.map((it) => it.node) ?? []));
-                if (!res.repository?.vulnerabilityAlerts.pageInfo.hasNextPage) {
-                    break;
-                }
-                after = res.repository?.vulnerabilityAlerts.pageInfo.endCursor;
-            }
-            return result;
-        });
-    }
-    /**
-     * Get the Renovate Dependency Dashboard issue.
-     */
-    async getRenovateDependencyDashboardIssue(owner, repo) {
-        // NOTE: Changes to this must by synced with RenovateDependencyDashboardIssueQueryResult.
-        const getQuery = (after) => `{
-  repository(owner: "${owner}", name: "${repo}") {
-    issues(
-      orderBy: {field: UPDATED_AT, direction: DESC},
-      filterBy: {createdBy: "renovate[bot]"},
-      states: [OPEN],
-      first: 100${after === null ? "" : `, after: "${after}"`}
-    ) {
-      pageInfo {
-        hasNextPage
-        endCursor
-      }
-      edges {
-        node {
-          number
-          state
-          title
-          body
-          userContentEdits(first: 5) {
-            nodes {
-              createdAt
-              editor {
-                login
-              }
-            }
-          }
-        }
-      }
-    }
-  }
-}`;
-        const issues = await this.cache.json(`renovate-bot-issues-${owner}-${repo}`, async () => {
-            const result = [];
-            let after = null;
-            while (true) {
-                const query = getQuery(after);
-                const res = await this.runGraphqlQuery(query);
-                const nodes = res.repository?.issues.edges?.map((it) => it.node) ?? [];
-                result.push(...nodes
-                    .filter((it) => it.title === "Dependency Dashboard")
-                    .map((it) => ({
-                    number: it.number,
-                    body: it.body,
-                    lastUpdatedByRenovate: it.userContentEdits?.nodes?.filter((it) => it.editor?.login === "renovate")?.[0]?.createdAt ?? null,
-                })));
-                if (!res.repository?.issues.pageInfo.hasNextPage) {
-                    break;
-                }
-                after = res.repository?.issues.pageInfo.endCursor;
-            }
-            return result;
-        });
-        if (issues.length == 0) {
-            return undefined;
-        }
-        return issues[0];
-    }
 }
-async function createOctokit(config, tokenProvider) {
+async function createOctokit(tokenProvider) {
     return new Octokit({
         auth: await tokenProvider.getToken(),
-        request: {
-            agent: config.agent,
-        },
     });
 }
 async function createGitHubService(props) {
     const tokenProvider = props.tokenProvider ?? new GitHubTokenCliProvider();
     return new GitHubService({
-        config: props.config,
-        octokit: await createOctokit(props.config, tokenProvider),
+        octokit: await createOctokit(tokenProvider),
         cache: props.cache,
         tokenProvider,
     });
 }
 
-var index$2 = /*#__PURE__*/Object.freeze({
+var index = /*#__PURE__*/Object.freeze({
   __proto__: null,
   GitHubService: GitHubService,
   createGitHubService: createGitHubService
 });
 
-class SnykTokenCliProvider {
-    keyringService = "cals";
-    keyringAccount = "snyk-token";
-    async getToken() {
-        if (process$1.env.CALS_SNYK_TOKEN) {
-            return process$1.env.CALS_SNYK_TOKEN;
-        }
-        const result = await keytar.getPassword(this.keyringService, this.keyringAccount);
-        if (result == null) {
-            process$1.stderr.write("No token found. Register using `cals snyk set-token`\n");
-            return undefined;
-        }
-        return result;
-    }
-    async markInvalid() {
-        await keytar.deletePassword(this.keyringService, this.keyringAccount);
-    }
-    async setToken(value) {
-        await keytar.setPassword(this.keyringService, this.keyringAccount, value);
-    }
-}
-
-class SnykService {
-    config;
-    tokenProvider;
-    constructor(props) {
-        this.config = props.config;
-        this.tokenProvider = props.tokenProvider;
-    }
-    async getProjects(definition) {
-        const snykAccountId = definition.snyk?.accountId;
-        if (snykAccountId === undefined) {
-            return [];
-        }
-        return this.getProjectsByAccountId(snykAccountId);
-    }
-    async getProjectsByAccountId(snykAccountId, 
-    /**
-     * The slug name of a Snyk organization.
-     *
-     * NOTE: This is only used to construct the browsable URL for a given project, and is not being used
-     * in API calls to Snyk.
-     *
-     * @default - the slug corresponding to Lifligs Snyk organization ("it").
-     */
-    snykOrgSlugId) {
-        const token = await this.tokenProvider.getToken();
-        if (token === undefined) {
-            throw new Error("Missing token for Snyk");
-        }
-        let backportedProjects = [];
-        const snykRestApiVersion = "2025-11-05";
-        let nextUrl = `/rest/orgs/${encodeURIComponent(snykAccountId)}/projects?version=${snykRestApiVersion}&meta.latest_dependency_total=true&meta.latest_issue_counts=true&limit=100`;
-        /* The Snyk REST API only allows us to retrieve 100 projects at a time.
-         * The "links.next" value in the response gives us a pointer to the next 100 results.
-         * We continue calling the Snyk API and retrieving more projects until links.next is null
-         * */
-        while (nextUrl) {
-            const response = await fetch(`https://api.snyk.io${nextUrl}`, {
-                method: "GET",
-                headers: {
-                    Accept: "application/json",
-                    Authorization: `token ${token}`,
-                },
-                agent: this.config.agent,
-            });
-            if (response.status === 401) {
-                process$1.stderr.write("Unauthorized - removing token\n");
-                await this.tokenProvider.markInvalid();
-            }
-            if (!response.ok) {
-                throw new Error(`Response from Snyk not OK (${response.status}): ${JSON.stringify(response)}`);
-            }
-            // Check if the Sunset header is present in the response
-            const sunsetHeader = response.headers.get("Sunset") || response.headers.get("sunset");
-            if (sunsetHeader) {
-                console.warn(`Snyk endpoint with version ${snykRestApiVersion} has been marked as deprecated with deprecation date ${sunsetHeader}`);
-            }
-            const jsonResponse = (await response.json());
-            /* We transform the data to a standard format that we used for data from Snyk API v1 in order for
-             the data to be backover compatible with existing consuments */
-            backportedProjects = [
-                ...backportedProjects,
-                ...jsonResponse.data.map((project) => {
-                    return {
-                        id: project.id,
-                        name: project.attributes.name,
-                        type: project.attributes.type,
-                        created: project.attributes.created,
-                        origin: project.attributes.origin,
-                        testFrequency: project.attributes.settings.recurring_tests.frequency,
-                        isMonitored: project.attributes.status === "active",
-                        totalDependencies: project.meta.latest_dependency_total.total,
-                        issueCountsBySeverity: project.meta.latest_issue_counts,
-                        lastTestedDate: project.meta.latest_dependency_total.updated_at,
-                        browseUrl: `https://app.snyk.io/org/${snykOrgSlugId ?? "it"}/project/${project.id}`,
-                    };
-                }),
-            ];
-            /* Update nextUrl with pointer to the next page of results based
-             * on the "links.next" field in the JSON response */
-            nextUrl = jsonResponse.links.next;
-        }
-        return backportedProjects;
-    }
-}
-function createSnykService(props) {
-    return new SnykService({
-        config: props.config,
-        tokenProvider: props.tokenProvider ?? new SnykTokenCliProvider(),
-    });
-}
-
-function getGitHubRepo(snykProject) {
-    if (snykProject.origin === "github") {
-        const match = /^([^/]+)\/([^:]+)(:(.+))?$/.exec(snykProject.name);
-        if (match === null) {
-            throw Error(`Could not extract components from Snyk project name: ${snykProject.name} (id: ${snykProject.id})`);
-        }
-        return {
-            owner: match[1],
-            name: match[2],
-        };
-    }
-    if (snykProject.origin === "cli" && snykProject.remoteRepoUrl != null) {
-        // The remoteRepoUrl can be overridden when using the CLI, so don't
-        // fail if we cannot extract the value.
-        const match = /github.com\/([^/]+)\/(.+)\.git$/.exec(snykProject.remoteRepoUrl);
-        if (match === null) {
-            return undefined;
-        }
-        return {
-            owner: match[1],
-            name: match[2],
-        };
-    }
-    return undefined;
-}
-function getGitHubRepoId(repo) {
-    return repo ? `${repo.owner}/${repo.name}` : undefined;
-}
-
-var index$1 = /*#__PURE__*/Object.freeze({
-  __proto__: null,
-  SnykService: SnykService,
-  createSnykService: createSnykService,
-  getGitHubRepo: getGitHubRepo,
-  getGitHubRepoId: getGitHubRepoId
-});
-
-class SonarCloudTokenCliProvider {
-    async getToken() {
-        if (process$1.env.CALS_SONARCLOUD_TOKEN) {
-            return Promise.resolve(process$1.env.CALS_SONARCLOUD_TOKEN);
-        }
-        process$1.stderr.write("No environmental variable found. Set variable `CALS_SONARCLOUD_TOKEN` to token value\n");
-        return undefined;
-    }
-    async markInvalid() {
-        await Promise.resolve();
-    }
-}
-
-class SonarCloudService {
-    config;
-    tokenProvider;
-    constructor(props) {
-        this.config = props.config;
-        this.tokenProvider = props.tokenProvider;
-    }
-    /**
-     * Returns metrics for project with given key.
-     * ONLY test coverage metrics are returned as of now
-     */
-    async getMetricsByProjectKey(sonarCloudProjectKey) {
-        const token = await this.tokenProvider.getToken();
-        if (token === undefined) {
-            throw new Error("Missing token for SonarCloud");
-        }
-        const response = await fetch(`https://sonarcloud.io/api/measures/component?component=${encodeURIComponent(sonarCloudProjectKey)}&metricKeys=coverage`, {
-            method: "GET",
-            headers: {
-                Accept: "application/json",
-                Authorization: `Basic ${Buffer.from(token.concat(":"), "utf8").toString("base64")}`,
-            },
-            agent: this.config.agent,
-        });
-        if (response.status === 401) {
-            process$1.stderr.write("Unauthorized - removing token\n");
-            await this.tokenProvider.markInvalid();
-        }
-        if (response.status === 404) {
-            process$1.stderr.write(`Project ${sonarCloudProjectKey} does not exist in SonarCloud\n`);
-            return undefined;
-        }
-        if (!response.ok) {
-            throw new Error(`Response from SonarCloud not OK (${response.status}): ${await response.text()}`);
-        }
-        return (await response.json());
-    }
-}
-function createSonarCloudService(props) {
-    return new SonarCloudService({
-        config: props.config,
-        tokenProvider: props.tokenProvider ?? new SonarCloudTokenCliProvider(),
-    });
-}
-
-var index = /*#__PURE__*/Object.freeze({
-  __proto__: null,
-  SonarCloudService: SonarCloudService,
-  SonarCloudTokenCliProvider: SonarCloudTokenCliProvider,
-  createSonarCloudService: createSonarCloudService
-});
-
-class TestExecutor {
-    shutdown = false;
-    cleanupTask = null;
-    usingWithCleanupTasks = false;
-    tasks = [];
-    /**
-     * Check if we are currently in shutdown state due to user
-     * asking to abort (Ctrl+C).
-     */
-    checkCanContinue() {
-        if (this.shutdown) {
-            throw new Error("In shutdown mode - aborting");
-        }
-    }
-    async runTasks() {
-        console.warn("Running cleanup tasks");
-        while (true) {
-            // We must run tasks in reverse order due to dependencies.
-            // E.g. we cannot delete a Docker network before deleting
-            // the container using it.
-            const task = this.tasks.pop();
-            if (task === undefined) {
-                return;
-            }
-            try {
-                await task();
-            }
-            catch (error) {
-                console.error(error);
-            }
-        }
-    }
-    /**
-     * Register a task that will be run during cleanup phase.
-     */
-    registerCleanupTask(task) {
-        if (!this.usingWithCleanupTasks) {
-            throw new Error("registerCleanupTask run outside runWithCleanupTasks");
-        }
-        this.tasks.push(task);
-        this.checkCanContinue();
-    }
-    /**
-     * Run the code block while ensuring we can run cleanup tasks
-     * after the execution or if the process is interrupted.
-     *
-     * The main method of the program should be executed by using
-     * this method.
-     */
-    async runWithCleanupTasks(body) {
-        try {
-            strict.strictEqual(this.usingWithCleanupTasks, false);
-            this.usingWithCleanupTasks = true;
-            // We capture Ctrl+C so that we can perform cleanup task,
-            // since the cleanup tasks involve async code which is not
-            // supported during NodeJS normal exit handling.
-            //
-            // This will not abort the running tasks until after
-            // we have completed the cleanup tasks. The running tasks
-            // can stop earlier by calling checkCanContinue.
-            process$1.on("SIGINT", () => {
-                console.warn("Caught interrupt signal - forcing termination");
-                if (this.cleanupTask != null) {
-                    return;
-                }
-                this.shutdown = true;
-                this.cleanupTask = this.runTasks().then(() => {
-                    process$1.exit(1);
-                });
-            });
-            await body(this);
-        }
-        catch (error) {
-            console.error(error.stack || error.message || error);
-            process$1.exitCode = 1;
-        }
-        finally {
-            console.log("Reached finally block");
-            this.usingWithCleanupTasks = false;
-            if (this.cleanupTask == null) {
-                this.cleanupTask = this.runTasks();
-            }
-            await this.cleanupTask;
-        }
-    }
-}
-function createTestExecutor() {
-    return new TestExecutor();
-}
-
-/**
- * Generate a value that can be used as part of resource names.
- *
- * Gives a value formatted as "yyyymmdd-xxxxxx", e.g. "20200523-3f2c87".
- */
-function generateRunId() {
-    const low = 0x100000;
-    const high = 0xffffff;
-    const range = high - low + 1;
-    const now = new Date();
-    return [
-        now.getUTCFullYear(),
-        (now.getUTCMonth() + 1).toString().padStart(2, "0"),
-        now.getUTCDate().toString().padStart(2, "0"),
-        "-",
-        (Math.floor(Math.random() * range) + low).toString(16),
-    ].join("");
-}
-/**
- * Generate a name that can be used for a resource.
- */
-function generateName(extra) {
-    const s = extra === undefined ? "" : `-${extra}`;
-    return `autotest-${generateRunId()}${s}`;
-}
-/**
- * Create a new Docker network.
- */
-async function createNetwork(executor) {
-    executor.checkCanContinue();
-    const networkName = generateName();
-    await execa("docker", ["network", "create", networkName]);
-    const lsRes = await execa("docker", [
-        "network",
-        "ls",
-        "-q",
-        "-f",
-        `name=${networkName}`,
-    ]);
-    const networkId = lsRes.stdout.trim();
-    console.log(`Network ${networkName} (${networkId}) created`);
-    executor.registerCleanupTask(async () => {
-        await execa("docker", ["network", "rm", networkId]);
-        console.log(`Network ${networkName} (${networkId}) deleted`);
-    });
-    return {
-        id: networkId,
-    };
-}
-/**
- * Execute curl within the Docker network.
- */
-async function curl(executor, network, ...args) {
-    executor.checkCanContinue();
-    const result = await execa("docker", [
-        "run",
-        "-i",
-        "--rm",
-        "--network",
-        network.id,
-        "byrnedo/alpine-curl",
-        ...args,
-    ]);
-    return result.stdout;
-}
-/**
- * Repeatedly check for a condition until timeout.
- *
- * The condition can throw an error without aborting the loop.
- * To abort the condition must return false.
- */
-async function pollForCondition({ container, attempts, waitIntervalSec, condition, }) {
-    function log(value) {
-        console.log(`${container.name} (poll): ${value}`);
-    }
-    container.executor.checkCanContinue();
-    log(`Waiting for condition.. Checking ${attempts} times by ${waitIntervalSec} sec`);
-    const start = performance.now();
-    const duration = () => {
-        const end = performance.now();
-        return Math.round((end - start) / 1000);
-    };
-    for (let i = 0; i < attempts; i++) {
-        container.executor.checkCanContinue();
-        if (!(await isRunning(container.executor, container))) {
-            throw new Error(`Container ${container.name} not running as expected`);
-        }
-        try {
-            const result = await condition();
-            if (!result) {
-                break;
-            }
-            log(`Took ${duration()} seconds for condition`);
-            return;
-        }
-        catch {
-            log("Still waiting...");
-            await new Promise((resolve) => setTimeout(resolve, waitIntervalSec * 1000));
-        }
-    }
-    throw new Error(`Failed to wait for container ${container.name}`);
-}
-async function waitForHttpOk({ container, url, attempts = 30, waitIntervalSec = 1, }) {
-    await pollForCondition({
-        container,
-        attempts,
-        waitIntervalSec,
-        condition: async () => {
-            await curl(container.executor, container.network, "-fsS", url);
-            return true;
-        },
-    });
-}
-async function waitForPostgresAvailable({ container, attempts = 30, waitIntervalSec = 1, username = "user", password = "password", dbname, }) {
-    await pollForCondition({
-        container,
-        attempts,
-        waitIntervalSec,
-        condition: async () => {
-            await execa("docker", [
-                "exec",
-                "-e",
-                `PGPASSWORD=${password}`,
-                container.name,
-                "psql",
-                "-h",
-                "localhost",
-                "-U",
-                username,
-                "-c",
-                "select 1",
-                dbname,
-            ]);
-            return true;
-        },
-    });
-}
-async function isRunning(executor, container) {
-    executor.checkCanContinue();
-    try {
-        await execa("docker", ["inspect", container.name]);
-        return true;
-    }
-    catch {
-        return false;
-    }
-}
-/**
- * A stream transform that injects a prefix into every line
- * and also forces every chunk to end with a newline so that
- * it can be interleaved with other output.
- */
-class OutputPrefixTransform extends Transform {
-    constructor(prefix) {
-        super({
-            objectMode: true,
-            transform: (chunk, encoding, callback) => {
-                let result = chunk.toString(encoding);
-                if (result.endsWith("\n")) {
-                    result = result.slice(0, -1);
-                }
-                // Some loggers emit newline then ANSI reset code causing
-                // blank lines if we do not remove the newline.
-                // TODO: Consider removing all ANSI escape codes as it causes
-                //  some confusing output when interleaved.
-                if (result.endsWith("\n\u001B[0m")) {
-                    result = result.slice(0, -5) + result.slice(-4);
-                }
-                result = `${prefix + result.replace(/\n/g, `\n${prefix}`)}\n`;
-                callback(null, result);
-            },
-        });
-    }
-}
-function pipeToConsole(result, name) {
-    result.stdout
-        ?.pipe(new OutputPrefixTransform(`${name}: `))
-        .pipe(process$1.stdout);
-    result.stderr
-        ?.pipe(new OutputPrefixTransform(`${name} (stderr): `))
-        .pipe(process$1.stderr);
-}
-function checkPidRunning(pid) {
-    try {
-        process$1.kill(pid, 0);
-        return true;
-    }
-    catch {
-        return false;
-    }
-}
-async function getContainerId({ executor, name, hasFailed, pid, }) {
-    function log(value) {
-        console.log(`${name} (get-container-id): ${value}`);
-    }
-    async function check() {
-        let result;
-        try {
-            result = (await execa("docker", ["inspect", name, "-f", "{{.Id}}"]))
-                .stdout;
-        }
-        catch {
-            result = null;
-        }
-        // Debugging to help us solve CALS-366.
-        const ps = execa("docker", ["ps"]);
-        pipeToConsole(ps, `${name} (ps)`);
-        await ps;
-        // Debugging to help us solve CALS-366.
-        if (!checkPidRunning(pid)) {
-            log("Process not running");
-        }
-        return result;
-    }
-    // If the container is not running, retry a few times to cover
-    // the initial starting where we might check before the container
-    // is running.
-    // Increased from 25 to 100 to see if it helps for solving CALS-366.
-    for (let i = 0; i < 100; i++) {
-        if (i > 0) {
-            // Delay a bit before checking again.
-            log("Retrying in a bit...");
-            await new Promise((resolve) => setTimeout(resolve, 200));
-        }
-        executor.checkCanContinue();
-        if (hasFailed()) {
-            break;
-        }
-        const id = await check();
-        if (id !== null) {
-            log(`Resolved to ${id}`);
-            return id;
-        }
-    }
-    throw new Error(`Could not find ID for container with name ${name}`);
-}
-async function pullImage({ imageId }) {
-    console.log(`Pulling ${imageId}`);
-    const process = execa("docker", ["pull", imageId]);
-    pipeToConsole(process, `pull-image (${imageId})`);
-    await process;
-}
-async function checkImageExistsLocally({ imageId, }) {
-    const result = await execa("docker", ["images", "-q", imageId]);
-    const found = result.stdout != "";
-    console.log(`image ${imageId} ${found ? "was present locally" : "was not found locally"}`);
-    return found;
-}
-async function startContainer({ executor, network, imageId, alias, env, dockerArgs = [], pull = false, }) {
-    executor.checkCanContinue();
-    const containerName = generateName(alias);
-    // Prefer pulling image here so that the call on getContainerId
-    // will not time out due to pulling the image.
-    // If pull is false, we will still fallback to pulling if we cannot
-    // find the image locally.
-    if (pull || !(await checkImageExistsLocally({ imageId }))) {
-        await pullImage({
-            imageId,
-        });
-    }
-    const args = [
-        "run",
-        "--rm",
-        "--network",
-        network.id,
-        "--name",
-        containerName,
-        ...dockerArgs,
-    ];
-    if (alias != null) {
-        args.push(`--network-alias=${alias}`);
-    }
-    if (env != null) {
-        for (const [key, value] of Object.entries(env)) {
-            args.push("-e", `${key}=${value}`);
-        }
-    }
-    args.push(imageId);
-    console.log(`Starting ${imageId}`);
-    const process = execa("docker", args);
-    pipeToConsole(process, alias ?? containerName);
-    let failed = false;
-    process.catch(() => {
-        failed = true;
-    });
-    if (!process.pid) {
-        throw new Error("No process identifier (PID) was returned for the process that was started when running trying to run Docker container");
-    }
-    const id = await getContainerId({
-        executor,
-        name: containerName,
-        hasFailed: () => failed,
-        pid: process.pid,
-    });
-    executor.registerCleanupTask(async () => {
-        console.log(`Stopping container ${containerName}`);
-        const r = execa("docker", ["stop", containerName]);
-        pipeToConsole(r, `${alias ?? containerName} (stop)`);
-        try {
-            await r;
-        }
-        catch (e) {
-            if (!(e.stderr || "").includes("No such container")) {
-                throw e;
-            }
-        }
-    });
-    return {
-        id,
-        name: containerName,
-        network,
-        process,
-        executor,
-    };
-}
-async function runNpmRunScript(name, options) {
-    const result = execa("npm", ["run", name], {
-        env: options?.env,
-    });
-    pipeToConsole(result, `npm run ${name}`);
-    await result;
-}
-/**
- * This likely does not cover all situations.
- */
-async function getDockerHostAddress() {
-    if (process$1.platform === "darwin" || process$1.platform === "win32") {
-        return "host.docker.internal";
-    }
-    if (fs.existsSync("/.dockerenv")) {
-        const process = execa("ip", ["route"]);
-        pipeToConsole(process, "ip route");
-        const res = await process;
-        try {
-            return res.stdout
-                .split("\n")
-                .filter((it) => it.includes("default via"))
-                .map((it) => /default via ([\d.]+) /.exec(it)[1])[0];
-        }
-        catch {
-            throw new Error("Failed to extract docker host address");
-        }
-    }
-    return "localhost";
-}
-async function waitForEnterToContinue(prompt = "Press enter to continue") {
-    await read({
-        prompt,
-        silent: true,
-    });
-}
-
 const VERSION = version;
 
-export { CacheProvider, Config, DefinitionFile, GitHubService, Reporter, TestExecutor, VERSION, createGitHubService, createNetwork, createReporter, createTestExecutor, curl, index$3 as definition, getDockerHostAddress, index$2 as github, pollForCondition, runNpmRunScript, index$1 as snyk, index as sonarCloud, startContainer, waitForEnterToContinue, waitForHttpOk, waitForPostgresAvailable };
+export { VERSION, index$1 as definition, index as github };
 //# sourceMappingURL=index.js.map