@coana-tech/cli 14.12.131 → 14.12.133

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (15) hide show
  1. package/cli.mjs +741 -605
  2. package/package.json +1 -1
  3. package/reachability-analyzers-cli.mjs +5 -4
  4. package/repos/coana-tech/goana/bin/goana-darwin-amd64.gz +0 -0
  5. package/repos/coana-tech/goana/bin/goana-darwin-arm64.gz +0 -0
  6. package/repos/coana-tech/goana/bin/goana-linux-amd64.gz +0 -0
  7. package/repos/coana-tech/goana/bin/goana-linux-arm64.gz +0 -0
  8. package/repos/coana-tech/javap-service/javap-service.jar +0 -0
  9. package/repos/coana-tech/jelly-private/dist/bundle/approx.js +3 -3
  10. package/repos/coana-tech/jelly-private/dist/bundle/{chunk-NNOCQRBG.js → chunk-K5LIJ7OH.js} +8 -6
  11. package/repos/coana-tech/jelly-private/dist/bundle/{chunk-XK6IPQRH.js → chunk-MZDUAIIH.js} +2 -2
  12. package/repos/coana-tech/jelly-private/dist/bundle/{chunk-L7Z5ACXW.js → chunk-PYSMGG45.js} +2 -2
  13. package/repos/coana-tech/jelly-private/dist/bundle/{chunk-D4F3MOY5.js → chunk-QPIPGSUC.js} +2 -2
  14. package/repos/coana-tech/jelly-private/dist/bundle/hooks.js +3 -3
  15. package/repos/coana-tech/jelly-private/dist/bundle/jelly.js +64 -19
package/cli.mjs CHANGED
@@ -14560,8 +14560,8 @@ var require_follow_redirects = __commonJS({
14560
14560
  }
14561
14561
  return parsed;
14562
14562
  }
14563
- function resolveUrl(relative23, base) {
14564
- return useNativeURL ? new URL3(relative23, base) : parseUrl(url2.resolve(base, relative23));
14563
+ function resolveUrl(relative22, base) {
14564
+ return useNativeURL ? new URL3(relative22, base) : parseUrl(url2.resolve(base, relative22));
14565
14565
  }
14566
14566
  function validateUrl(input) {
14567
14567
  if (/^\[/.test(input.hostname) && !/^\[[:0-9a-f]+\]$/i.test(input.hostname)) {
@@ -17749,7 +17749,7 @@ var require_safe_stable_stringify = __commonJS({
17749
17749
  return circularValue;
17750
17750
  }
17751
17751
  let res = "";
17752
- let join32 = ",";
17752
+ let join33 = ",";
17753
17753
  const originalIndentation = indentation;
17754
17754
  if (Array.isArray(value2)) {
17755
17755
  if (value2.length === 0) {
@@ -17763,7 +17763,7 @@ var require_safe_stable_stringify = __commonJS({
17763
17763
  indentation += spacer;
17764
17764
  res += `
17765
17765
  ${indentation}`;
17766
- join32 = `,
17766
+ join33 = `,
17767
17767
  ${indentation}`;
17768
17768
  }
17769
17769
  const maximumValuesToStringify = Math.min(value2.length, maximumBreadth);
@@ -17771,13 +17771,13 @@ ${indentation}`;
17771
17771
  for (; i7 < maximumValuesToStringify - 1; i7++) {
17772
17772
  const tmp2 = stringifyFnReplacer(String(i7), value2, stack2, replacer, spacer, indentation);
17773
17773
  res += tmp2 !== void 0 ? tmp2 : "null";
17774
- res += join32;
17774
+ res += join33;
17775
17775
  }
17776
17776
  const tmp = stringifyFnReplacer(String(i7), value2, stack2, replacer, spacer, indentation);
17777
17777
  res += tmp !== void 0 ? tmp : "null";
17778
17778
  if (value2.length - 1 > maximumBreadth) {
17779
17779
  const removedKeys = value2.length - maximumBreadth - 1;
17780
- res += `${join32}"... ${getItemCount(removedKeys)} not stringified"`;
17780
+ res += `${join33}"... ${getItemCount(removedKeys)} not stringified"`;
17781
17781
  }
17782
17782
  if (spacer !== "") {
17783
17783
  res += `
@@ -17798,7 +17798,7 @@ ${originalIndentation}`;
17798
17798
  let separator = "";
17799
17799
  if (spacer !== "") {
17800
17800
  indentation += spacer;
17801
- join32 = `,
17801
+ join33 = `,
17802
17802
  ${indentation}`;
17803
17803
  whitespace2 = " ";
17804
17804
  }
@@ -17812,13 +17812,13 @@ ${indentation}`;
17812
17812
  const tmp = stringifyFnReplacer(key2, value2, stack2, replacer, spacer, indentation);
17813
17813
  if (tmp !== void 0) {
17814
17814
  res += `${separator}${strEscape(key2)}:${whitespace2}${tmp}`;
17815
- separator = join32;
17815
+ separator = join33;
17816
17816
  }
17817
17817
  }
17818
17818
  if (keyLength > maximumBreadth) {
17819
17819
  const removedKeys = keyLength - maximumBreadth;
17820
17820
  res += `${separator}"...":${whitespace2}"${getItemCount(removedKeys)} not stringified"`;
17821
- separator = join32;
17821
+ separator = join33;
17822
17822
  }
17823
17823
  if (spacer !== "" && separator.length > 1) {
17824
17824
  res = `
@@ -17859,7 +17859,7 @@ ${originalIndentation}`;
17859
17859
  }
17860
17860
  const originalIndentation = indentation;
17861
17861
  let res = "";
17862
- let join32 = ",";
17862
+ let join33 = ",";
17863
17863
  if (Array.isArray(value2)) {
17864
17864
  if (value2.length === 0) {
17865
17865
  return "[]";
@@ -17872,7 +17872,7 @@ ${originalIndentation}`;
17872
17872
  indentation += spacer;
17873
17873
  res += `
17874
17874
  ${indentation}`;
17875
- join32 = `,
17875
+ join33 = `,
17876
17876
  ${indentation}`;
17877
17877
  }
17878
17878
  const maximumValuesToStringify = Math.min(value2.length, maximumBreadth);
@@ -17880,13 +17880,13 @@ ${indentation}`;
17880
17880
  for (; i7 < maximumValuesToStringify - 1; i7++) {
17881
17881
  const tmp2 = stringifyArrayReplacer(String(i7), value2[i7], stack2, replacer, spacer, indentation);
17882
17882
  res += tmp2 !== void 0 ? tmp2 : "null";
17883
- res += join32;
17883
+ res += join33;
17884
17884
  }
17885
17885
  const tmp = stringifyArrayReplacer(String(i7), value2[i7], stack2, replacer, spacer, indentation);
17886
17886
  res += tmp !== void 0 ? tmp : "null";
17887
17887
  if (value2.length - 1 > maximumBreadth) {
17888
17888
  const removedKeys = value2.length - maximumBreadth - 1;
17889
- res += `${join32}"... ${getItemCount(removedKeys)} not stringified"`;
17889
+ res += `${join33}"... ${getItemCount(removedKeys)} not stringified"`;
17890
17890
  }
17891
17891
  if (spacer !== "") {
17892
17892
  res += `
@@ -17899,7 +17899,7 @@ ${originalIndentation}`;
17899
17899
  let whitespace2 = "";
17900
17900
  if (spacer !== "") {
17901
17901
  indentation += spacer;
17902
- join32 = `,
17902
+ join33 = `,
17903
17903
  ${indentation}`;
17904
17904
  whitespace2 = " ";
17905
17905
  }
@@ -17908,7 +17908,7 @@ ${indentation}`;
17908
17908
  const tmp = stringifyArrayReplacer(key2, value2[key2], stack2, replacer, spacer, indentation);
17909
17909
  if (tmp !== void 0) {
17910
17910
  res += `${separator}${strEscape(key2)}:${whitespace2}${tmp}`;
17911
- separator = join32;
17911
+ separator = join33;
17912
17912
  }
17913
17913
  }
17914
17914
  if (spacer !== "" && separator.length > 1) {
@@ -17966,20 +17966,20 @@ ${originalIndentation}`;
17966
17966
  indentation += spacer;
17967
17967
  let res2 = `
17968
17968
  ${indentation}`;
17969
- const join33 = `,
17969
+ const join34 = `,
17970
17970
  ${indentation}`;
17971
17971
  const maximumValuesToStringify = Math.min(value2.length, maximumBreadth);
17972
17972
  let i7 = 0;
17973
17973
  for (; i7 < maximumValuesToStringify - 1; i7++) {
17974
17974
  const tmp2 = stringifyIndent(String(i7), value2[i7], stack2, spacer, indentation);
17975
17975
  res2 += tmp2 !== void 0 ? tmp2 : "null";
17976
- res2 += join33;
17976
+ res2 += join34;
17977
17977
  }
17978
17978
  const tmp = stringifyIndent(String(i7), value2[i7], stack2, spacer, indentation);
17979
17979
  res2 += tmp !== void 0 ? tmp : "null";
17980
17980
  if (value2.length - 1 > maximumBreadth) {
17981
17981
  const removedKeys = value2.length - maximumBreadth - 1;
17982
- res2 += `${join33}"... ${getItemCount(removedKeys)} not stringified"`;
17982
+ res2 += `${join34}"... ${getItemCount(removedKeys)} not stringified"`;
17983
17983
  }
17984
17984
  res2 += `
17985
17985
  ${originalIndentation}`;
@@ -17995,16 +17995,16 @@ ${originalIndentation}`;
17995
17995
  return '"[Object]"';
17996
17996
  }
17997
17997
  indentation += spacer;
17998
- const join32 = `,
17998
+ const join33 = `,
17999
17999
  ${indentation}`;
18000
18000
  let res = "";
18001
18001
  let separator = "";
18002
18002
  let maximumPropertiesToStringify = Math.min(keyLength, maximumBreadth);
18003
18003
  if (isTypedArrayWithEntries(value2)) {
18004
- res += stringifyTypedArray(value2, join32, maximumBreadth);
18004
+ res += stringifyTypedArray(value2, join33, maximumBreadth);
18005
18005
  keys = keys.slice(value2.length);
18006
18006
  maximumPropertiesToStringify -= value2.length;
18007
- separator = join32;
18007
+ separator = join33;
18008
18008
  }
18009
18009
  if (deterministic) {
18010
18010
  keys = insertSort(keys);
@@ -18015,13 +18015,13 @@ ${indentation}`;
18015
18015
  const tmp = stringifyIndent(key2, value2[key2], stack2, spacer, indentation);
18016
18016
  if (tmp !== void 0) {
18017
18017
  res += `${separator}${strEscape(key2)}: ${tmp}`;
18018
- separator = join32;
18018
+ separator = join33;
18019
18019
  }
18020
18020
  }
18021
18021
  if (keyLength > maximumBreadth) {
18022
18022
  const removedKeys = keyLength - maximumBreadth;
18023
18023
  res += `${separator}"...": "${getItemCount(removedKeys)} not stringified"`;
18024
- separator = join32;
18024
+ separator = join33;
18025
18025
  }
18026
18026
  if (separator !== "") {
18027
18027
  res = `
@@ -19588,7 +19588,7 @@ var require_buffer_list = __commonJS({
19588
19588
  }
19589
19589
  }, {
19590
19590
  key: "join",
19591
- value: function join32(s6) {
19591
+ value: function join33(s6) {
19592
19592
  if (this.length === 0) return "";
19593
19593
  var p3 = this.head;
19594
19594
  var ret = "" + p3.data;
@@ -30822,7 +30822,7 @@ var require_lodash = __commonJS({
30822
30822
  }
30823
30823
  return mapped.length && mapped[0] === arrays[0] ? baseIntersection(mapped, undefined2, comparator) : [];
30824
30824
  });
30825
- function join32(array, separator) {
30825
+ function join33(array, separator) {
30826
30826
  return array == null ? "" : nativeJoin.call(array, separator);
30827
30827
  }
30828
30828
  function last2(array) {
@@ -32741,7 +32741,7 @@ var require_lodash = __commonJS({
32741
32741
  lodash16.isUndefined = isUndefined2;
32742
32742
  lodash16.isWeakMap = isWeakMap;
32743
32743
  lodash16.isWeakSet = isWeakSet;
32744
- lodash16.join = join32;
32744
+ lodash16.join = join33;
32745
32745
  lodash16.kebabCase = kebabCase;
32746
32746
  lodash16.last = last2;
32747
32747
  lodash16.lastIndexOf = lastIndexOf;
@@ -46375,7 +46375,7 @@ var require_builder = __commonJS({
46375
46375
  }
46376
46376
  };
46377
46377
  exports2.SeqBuilder = SeqBuilder;
46378
- function join32(first2, second, ...others) {
46378
+ function join33(first2, second, ...others) {
46379
46379
  const seq = new SeqBuilder(first2, second);
46380
46380
  if (!others.length) {
46381
46381
  return seq;
@@ -46384,7 +46384,7 @@ var require_builder = __commonJS({
46384
46384
  return res.join(query);
46385
46385
  }, seq);
46386
46386
  }
46387
- exports2.join = join32;
46387
+ exports2.join = join33;
46388
46388
  var SymBuilder = class extends AbstractBuilder {
46389
46389
  constructor(opts) {
46390
46390
  super();
@@ -55218,7 +55218,7 @@ var require_cjs2 = __commonJS({
55218
55218
  var require_lib12 = __commonJS({
55219
55219
  "../../node_modules/.pnpm/write-file-atomic@5.0.1/node_modules/write-file-atomic/lib/index.js"(exports2, module2) {
55220
55220
  "use strict";
55221
- module2.exports = writeFile16;
55221
+ module2.exports = writeFile15;
55222
55222
  module2.exports.sync = writeFileSync4;
55223
55223
  module2.exports._getTmpname = getTmpname;
55224
55224
  module2.exports._cleanupOnExit = cleanupOnExit;
@@ -55343,7 +55343,7 @@ var require_lib12 = __commonJS({
55343
55343
  }
55344
55344
  }
55345
55345
  }
55346
- async function writeFile16(filename, data2, options, callback) {
55346
+ async function writeFile15(filename, data2, options, callback) {
55347
55347
  if (options instanceof Function) {
55348
55348
  callback = options;
55349
55349
  options = {};
@@ -70309,16 +70309,16 @@ var require_lockfile = __commonJS({
70309
70309
  if (process.platform === "win32") {
70310
70310
  yield fsSymlink(src, dest, "junction");
70311
70311
  } else {
70312
- let relative23;
70312
+ let relative22;
70313
70313
  try {
70314
- relative23 = (_path2 || _load_path()).default.relative((_fs || _load_fs()).default.realpathSync((_path2 || _load_path()).default.dirname(dest)), (_fs || _load_fs()).default.realpathSync(src));
70314
+ relative22 = (_path2 || _load_path()).default.relative((_fs || _load_fs()).default.realpathSync((_path2 || _load_path()).default.dirname(dest)), (_fs || _load_fs()).default.realpathSync(src));
70315
70315
  } catch (err) {
70316
70316
  if (err.code !== "ENOENT") {
70317
70317
  throw err;
70318
70318
  }
70319
- relative23 = (_path2 || _load_path()).default.relative((_path2 || _load_path()).default.dirname(dest), src);
70319
+ relative22 = (_path2 || _load_path()).default.relative((_path2 || _load_path()).default.dirname(dest), src);
70320
70320
  }
70321
- yield fsSymlink(relative23 || ".", dest);
70321
+ yield fsSymlink(relative22 || ".", dest);
70322
70322
  }
70323
70323
  });
70324
70324
  return function symlink2(_x24, _x25) {
@@ -70345,17 +70345,17 @@ var require_lockfile = __commonJS({
70345
70345
  _ref28 = _i14.value;
70346
70346
  }
70347
70347
  const name2 = _ref28;
70348
- const relative23 = relativeDir ? (_path2 || _load_path()).default.join(relativeDir, name2) : name2;
70348
+ const relative22 = relativeDir ? (_path2 || _load_path()).default.join(relativeDir, name2) : name2;
70349
70349
  const loc = (_path2 || _load_path()).default.join(dir, name2);
70350
70350
  const stat6 = yield lstat3(loc);
70351
70351
  files.push({
70352
- relative: relative23,
70352
+ relative: relative22,
70353
70353
  basename: name2,
70354
70354
  absolute: loc,
70355
70355
  mtime: +stat6.mtime
70356
70356
  });
70357
70357
  if (stat6.isDirectory()) {
70358
- files = files.concat(yield walk(loc, relative23, ignoreBasenames));
70358
+ files = files.concat(yield walk(loc, relative22, ignoreBasenames));
70359
70359
  }
70360
70360
  }
70361
70361
  return files;
@@ -70400,7 +70400,7 @@ var require_lockfile = __commonJS({
70400
70400
  if (eol !== "\n") {
70401
70401
  data2 = data2.replace(/\n/g, eol);
70402
70402
  }
70403
- yield writeFile16(path9, data2);
70403
+ yield writeFile15(path9, data2);
70404
70404
  });
70405
70405
  return function writeFilePreservingEol2(_x30, _x31) {
70406
70406
  return _ref31.apply(this, arguments);
@@ -70412,7 +70412,7 @@ var require_lockfile = __commonJS({
70412
70412
  const file = (_path2 || _load_path()).default.join(dir, filename);
70413
70413
  const fileLink = (_path2 || _load_path()).default.join(dir, filename + "-link");
70414
70414
  try {
70415
- yield writeFile16(file, "test");
70415
+ yield writeFile15(file, "test");
70416
70416
  yield link(file, fileLink);
70417
70417
  } catch (err) {
70418
70418
  return false;
@@ -70562,7 +70562,7 @@ var require_lockfile = __commonJS({
70562
70562
  const lockQueue = exports3.lockQueue = new (_blockingQueue || _load_blockingQueue()).default("fs lock");
70563
70563
  const readFileBuffer = exports3.readFileBuffer = (0, (_promise2 || _load_promise2()).promisify)((_fs || _load_fs()).default.readFile);
70564
70564
  const open = exports3.open = (0, (_promise2 || _load_promise2()).promisify)((_fs || _load_fs()).default.open);
70565
- const writeFile16 = exports3.writeFile = (0, (_promise2 || _load_promise2()).promisify)((_fs || _load_fs()).default.writeFile);
70565
+ const writeFile15 = exports3.writeFile = (0, (_promise2 || _load_promise2()).promisify)((_fs || _load_fs()).default.writeFile);
70566
70566
  const readlink2 = exports3.readlink = (0, (_promise2 || _load_promise2()).promisify)((_fs || _load_fs()).default.readlink);
70567
70567
  const realpath2 = exports3.realpath = (0, (_promise2 || _load_promise2()).promisify)((_fs || _load_fs()).default.realpath);
70568
70568
  const readdir7 = exports3.readdir = (0, (_promise2 || _load_promise2()).promisify)((_fs || _load_fs()).default.readdir);
@@ -123168,7 +123168,7 @@ var require_summary = __commonJS({
123168
123168
  exports2.summary = exports2.markdownSummary = exports2.SUMMARY_DOCS_URL = exports2.SUMMARY_ENV_VAR = void 0;
123169
123169
  var os_1 = __require("os");
123170
123170
  var fs_1 = __require("fs");
123171
- var { access: access5, appendFile, writeFile: writeFile16 } = fs_1.promises;
123171
+ var { access: access5, appendFile, writeFile: writeFile15 } = fs_1.promises;
123172
123172
  exports2.SUMMARY_ENV_VAR = "GITHUB_STEP_SUMMARY";
123173
123173
  exports2.SUMMARY_DOCS_URL = "https://docs.github.com/actions/using-workflows/workflow-commands-for-github-actions#adding-a-job-summary";
123174
123174
  var Summary = class {
@@ -123226,7 +123226,7 @@ var require_summary = __commonJS({
123226
123226
  return __awaiter(this, void 0, void 0, function* () {
123227
123227
  const overwrite = !!(options === null || options === void 0 ? void 0 : options.overwrite);
123228
123228
  const filePath = yield this.filePath();
123229
- const writeFunc = overwrite ? writeFile16 : appendFile;
123229
+ const writeFunc = overwrite ? writeFile15 : appendFile;
123230
123230
  yield writeFunc(filePath, this._buffer, { encoding: "utf8" });
123231
123231
  return this.emptyBuffer();
123232
123232
  });
@@ -201554,9 +201554,9 @@ var {
201554
201554
  } = import_index.default;
201555
201555
 
201556
201556
  // dist/index.js
201557
- import { mkdir as mkdir7, mkdtemp as mkdtemp2, readFile as readFile34, rm as rm3, writeFile as writeFile15 } from "fs/promises";
201557
+ import { mkdir as mkdir7, mkdtemp as mkdtemp2, readFile as readFile34, rm as rm3, writeFile as writeFile14 } from "fs/promises";
201558
201558
  import { tmpdir as tmpdir3 } from "os";
201559
- import { dirname as dirname26, join as join31, resolve as resolve44 } from "path";
201559
+ import { dirname as dirname26, join as join32, resolve as resolve44 } from "path";
201560
201560
 
201561
201561
  // ../../node_modules/.pnpm/remeda@2.14.0/node_modules/remeda/dist/chunk-ANXBDSUI.js
201562
201562
  var s = { done: false, hasNext: false };
@@ -205600,10 +205600,10 @@ function purlNPMToString(purl) {
205600
205600
  return `pkg:npm/${purl.namespace ? encodeURIComponent(purl.namespace) + "/" : ""}${purl.name ? encodeURIComponent(purl.name) : ""}${purl.version ? "@" + encodeURI(purl.version) : ""}`;
205601
205601
  }
205602
205602
  function purlPYPIToString(purl) {
205603
- function canonicalizePyPIName2(name2) {
205603
+ function canonicalizePyPIName(name2) {
205604
205604
  return (name2 ?? "").trim().toLowerCase().replaceAll(/[-_.]+/gi, "-");
205605
205605
  }
205606
- return `pkg:pypi/${purl.name ? encodeURIComponent(canonicalizePyPIName2(purl.name)) : ""}${purl.version ? "@" + encodeURI(purl.version) : ""}${purl.artifactId ? "?artifact_id=" + encodeURIComponent(purl.artifactId) : purl.artifact_id ? "?artifact_id=" + encodeURIComponent(purl.artifact_id) : ""}`;
205606
+ return `pkg:pypi/${purl.name ? encodeURIComponent(canonicalizePyPIName(purl.name)) : ""}${purl.version ? "@" + encodeURI(purl.version) : ""}${purl.artifactId ? "?artifact_id=" + encodeURIComponent(purl.artifactId) : purl.artifact_id ? "?artifact_id=" + encodeURIComponent(purl.artifact_id) : ""}`;
205607
205607
  }
205608
205608
  function serializePURLQualifiers(qualifiers) {
205609
205609
  return Object.entries(qualifiers).map(
@@ -224579,10 +224579,10 @@ var Ignore = class {
224579
224579
  ignored(p3) {
224580
224580
  const fullpath = p3.fullpath();
224581
224581
  const fullpaths = `${fullpath}/`;
224582
- const relative23 = p3.relative() || ".";
224583
- const relatives = `${relative23}/`;
224582
+ const relative22 = p3.relative() || ".";
224583
+ const relatives = `${relative22}/`;
224584
224584
  for (const m4 of this.relative) {
224585
- if (m4.match(relative23) || m4.match(relatives))
224585
+ if (m4.match(relative22) || m4.match(relatives))
224586
224586
  return true;
224587
224587
  }
224588
224588
  for (const m4 of this.absolute) {
@@ -224593,9 +224593,9 @@ var Ignore = class {
224593
224593
  }
224594
224594
  childrenIgnored(p3) {
224595
224595
  const fullpath = p3.fullpath() + "/";
224596
- const relative23 = (p3.relative() || ".") + "/";
224596
+ const relative22 = (p3.relative() || ".") + "/";
224597
224597
  for (const m4 of this.relativeChildren) {
224598
- if (m4.match(relative23))
224598
+ if (m4.match(relative22))
224599
224599
  return true;
224600
224600
  }
224601
224601
  for (const m4 of this.absoluteChildren) {
@@ -229678,77 +229678,12 @@ ${newDependencyLine}`
229678
229678
  };
229679
229679
 
229680
229680
  // ../fixing-management/src/fixing-management/pip/pip-socket-upgrade-manager.ts
229681
- import { dirname as dirname20, relative as relative13, resolve as resolve32 } from "node:path";
229682
229681
  var import_picomatch8 = __toESM(require_picomatch2(), 1);
229682
+ import { dirname as dirname20, join as join17, resolve as resolve32 } from "node:path";
229683
229683
  import assert13 from "node:assert";
229684
- import { readFile as readFile25, writeFile as writeFile9 } from "node:fs/promises";
229684
+ import { readFile as readFile25 } from "node:fs/promises";
229685
229685
  var import_pip_requirements_js = __toESM(require_dist11(), 1);
229686
229686
 
229687
- // ../utils/src/pip-utils.ts
229688
- import { existsSync as existsSync15 } from "node:fs";
229689
- import { readFile as readFile24 } from "node:fs/promises";
229690
- import { dirname as dirname19, resolve as resolve31 } from "node:path";
229691
- import util4 from "node:util";
229692
-
229693
- // ../utils/src/python-versions-manager.ts
229694
- var import_lodash6 = __toESM(require_lodash(), 1);
229695
- var import_semver5 = __toESM(require_semver2(), 1);
229696
- import { execFileSync } from "child_process";
229697
- import { constants as constants3 } from "fs";
229698
- import { access as access3, readFile as readFile23 } from "fs/promises";
229699
- import { join as join16, resolve as resolve30 } from "path";
229700
- import util3 from "util";
229701
- var { once: once2 } = import_lodash6.default;
229702
- var systemPython = once2(() => {
229703
- try {
229704
- return execFileSync("which", ["python3"], { encoding: "utf8" }).trim();
229705
- } catch {
229706
- try {
229707
- return execFileSync("which", ["python"], { encoding: "utf8" }).trim();
229708
- } catch {
229709
- throw new Error("Couldn't find python3 or python. Please install Python 3.11 or higher.");
229710
- }
229711
- }
229712
- });
229713
- var hasPyenv = once2(async () => !(await execNeverFail2("which pyenv")).error);
229714
-
229715
- // ../utils/src/pip-utils.ts
229716
- var import_picomatch7 = __toESM(require_picomatch2(), 1);
229717
- async function isSetupPySetuptools(file) {
229718
- const content = await readFile24(file, "utf-8");
229719
- return content.includes("setup(") && (/^\s*from\s+(?:setuptools|distutils\.core)\s+import\s+.*setup/m.test(content) || /^\s*import\s+(?:setuptools|distutils\.core)/m.test(content));
229720
- }
229721
- async function getPyprojectTomlFilesForLockFile(rootDir, uvLockfile, pyprojectFiles) {
229722
- const lockDir = dirname19(uvLockfile);
229723
- const rootTomlFile = pyprojectFiles.find((file) => dirname19(file) === lockDir);
229724
- if (!rootTomlFile) return void 0;
229725
- const rootTomlContent = await readFile24(resolve31(rootDir, rootTomlFile), "utf-8");
229726
- const toml = parseTOML2(rootTomlContent);
229727
- if (!toml) return void 0;
229728
- const memberPatterns = [];
229729
- const excludePatterns = [];
229730
- const members = getNestedValue(toml, "tool.uv.workspace.members");
229731
- for (const member of members instanceof TOMLArray ? members : []) {
229732
- if (member instanceof TOMLScalar && typeof member[value] === "string") {
229733
- memberPatterns.push(member[value]);
229734
- }
229735
- }
229736
- const excludes = getNestedValue(toml, "tool.uv.workspace.exclude");
229737
- for (const exclude of excludes instanceof TOMLArray ? excludes : []) {
229738
- if (exclude instanceof TOMLScalar && typeof exclude[value] === "string") {
229739
- excludePatterns.push(exclude[value]);
229740
- }
229741
- }
229742
- if (memberPatterns.length === 0) {
229743
- return { rootTomlFile };
229744
- }
229745
- const matcher = (0, import_picomatch7.default)(memberPatterns, {
229746
- ignore: excludePatterns
229747
- });
229748
- const memberTomlFiles = pyprojectFiles.filter((file) => matcher(dirname19(file) || "."));
229749
- return { rootTomlFile, memberTomlFiles };
229750
- }
229751
-
229752
229687
  // ../utils/src/version-comparison/pip/pip-version-constraint.ts
229753
229688
  var OPERATORS_IN_ORDER3 = ["===", "~=", "!=", "==", "<=", ">=", "<", ">"];
229754
229689
  function parseOperatorAndVersion(comparison) {
@@ -229898,7 +229833,7 @@ function pipVersionSatisfiesConstraints(version4, constraints) {
229898
229833
  }
229899
229834
 
229900
229835
  // ../fixing-management/src/fixing-management/pip/pip-patch-utils.ts
229901
- function createPep508VersionPatches(file, idx, requirement, upgradeVersion, rangeStyle, baseOffset = 0) {
229836
+ function createPep508VersionPatches(file, idx, requirement, oldVersion, upgradeVersion, rangeStyle, baseOffset = 0) {
229902
229837
  const patches = [];
229903
229838
  if (rangeStyle === "pin") {
229904
229839
  if (requirement.data.versionSpec?.length) {
@@ -229938,29 +229873,16 @@ function createPep508VersionPatches(file, idx, requirement, upgradeVersion, rang
229938
229873
  text: `==${upgradeVersion}`
229939
229874
  });
229940
229875
  }
229941
- } else if (requirement.data.versionSpec?.length) {
229942
- let isLowerBounded = false;
229943
- for (let i7 = 0; i7 < requirement.data.versionSpec.length; i7++) {
229944
- const spec = requirement.data.versionSpec[i7];
229876
+ } else {
229877
+ for (const spec of requirement.data.versionSpec ?? []) {
229945
229878
  const operator = spec.data.operator.data;
229946
229879
  if (!spec.data.version) continue;
229947
- if (operator === ">") {
229948
- patches.push({
229949
- file,
229950
- offset: baseOffset + spec.data.operator.location.startIdx,
229951
- length: spec.data.operator.location.endIdx - spec.data.operator.location.startIdx,
229952
- artifacts: [idx],
229953
- text: ">="
229954
- });
229955
- patches.push({
229956
- file,
229957
- offset: baseOffset + spec.data.version.location.startIdx,
229958
- length: spec.data.version.location.endIdx - spec.data.version.location.startIdx,
229959
- artifacts: [idx],
229960
- text: upgradeVersion
229961
- });
229962
- isLowerBounded = true;
229963
- } else if (operator === "<" && pipCompareVersions(spec.data.version.data, upgradeVersion) <= 0) {
229880
+ const specVersion = spec.data.version.data;
229881
+ const constraint = `${operator}${specVersion}`;
229882
+ const matcher = parsePEP440Comparison(constraint);
229883
+ if (!matcher) return void 0;
229884
+ if (matcher(upgradeVersion)) continue;
229885
+ if (operator === "<") {
229964
229886
  patches.push({
229965
229887
  file,
229966
229888
  offset: baseOffset + spec.data.operator.location.startIdx,
@@ -229975,21 +229897,21 @@ function createPep508VersionPatches(file, idx, requirement, upgradeVersion, rang
229975
229897
  artifacts: [idx],
229976
229898
  text: upgradeVersion
229977
229899
  });
229978
- } else if (operator === "<=" && pipCompareVersions(spec.data.version.data, upgradeVersion) < 0) {
229900
+ } else if (operator === "!=") {
229979
229901
  patches.push({
229980
229902
  file,
229981
229903
  offset: baseOffset + spec.data.version.location.startIdx,
229982
229904
  length: spec.data.version.location.endIdx - spec.data.version.location.startIdx,
229983
229905
  artifacts: [idx],
229984
- text: upgradeVersion
229906
+ text: oldVersion
229985
229907
  });
229986
- } else if (operator === "!=" && pipCompareVersions(spec.data.version.data, upgradeVersion) === 0) {
229908
+ } else if (operator === ">") {
229987
229909
  patches.push({
229988
229910
  file,
229989
229911
  offset: baseOffset + spec.data.operator.location.startIdx,
229990
229912
  length: spec.data.operator.location.endIdx - spec.data.operator.location.startIdx,
229991
229913
  artifacts: [idx],
229992
- text: "=="
229914
+ text: ">="
229993
229915
  });
229994
229916
  patches.push({
229995
229917
  file,
@@ -229998,8 +229920,7 @@ function createPep508VersionPatches(file, idx, requirement, upgradeVersion, rang
229998
229920
  artifacts: [idx],
229999
229921
  text: upgradeVersion
230000
229922
  });
230001
- isLowerBounded = true;
230002
- } else if (["==", "===", "~=", ">="].includes(operator)) {
229923
+ } else {
230003
229924
  patches.push({
230004
229925
  file,
230005
229926
  offset: baseOffset + spec.data.version.location.startIdx,
@@ -230007,28 +229928,80 @@ function createPep508VersionPatches(file, idx, requirement, upgradeVersion, rang
230007
229928
  artifacts: [idx],
230008
229929
  text: upgradeVersion
230009
229930
  });
230010
- isLowerBounded = true;
230011
229931
  }
230012
229932
  }
230013
- if (!isLowerBounded) {
230014
- patches.push({
230015
- file,
230016
- offset: baseOffset + requirement.data.name.location.endIdx,
230017
- artifacts: [idx],
230018
- text: `>=${upgradeVersion},`
230019
- });
230020
- }
230021
- } else {
230022
- patches.push({
230023
- file,
230024
- offset: baseOffset + requirement.data.name.location.endIdx,
230025
- artifacts: [idx],
230026
- text: `==${upgradeVersion}`
230027
- });
230028
229933
  }
230029
229934
  return patches;
230030
229935
  }
230031
229936
 
229937
+ // ../utils/src/pip-utils.ts
229938
+ import { existsSync as existsSync15 } from "node:fs";
229939
+ import { readFile as readFile24 } from "node:fs/promises";
229940
+ import { dirname as dirname19, resolve as resolve31 } from "node:path";
229941
+ import util4 from "node:util";
229942
+
229943
+ // ../utils/src/python-versions-manager.ts
229944
+ var import_lodash6 = __toESM(require_lodash(), 1);
229945
+ var import_semver5 = __toESM(require_semver2(), 1);
229946
+ import { execFileSync } from "child_process";
229947
+ import { constants as constants3 } from "fs";
229948
+ import { access as access3, readFile as readFile23 } from "fs/promises";
229949
+ import { join as join16, resolve as resolve30 } from "path";
229950
+ import util3 from "util";
229951
+ var { once: once2 } = import_lodash6.default;
229952
+ var systemPython = once2(() => {
229953
+ try {
229954
+ return execFileSync("which", ["python3"], { encoding: "utf8" }).trim();
229955
+ } catch {
229956
+ try {
229957
+ return execFileSync("which", ["python"], { encoding: "utf8" }).trim();
229958
+ } catch {
229959
+ throw new Error("Couldn't find python3 or python. Please install Python 3.11 or higher.");
229960
+ }
229961
+ }
229962
+ });
229963
+ var hasPyenv = once2(async () => !(await execNeverFail2("which pyenv")).error);
229964
+
229965
+ // ../utils/src/pip-utils.ts
229966
+ var import_picomatch7 = __toESM(require_picomatch2(), 1);
229967
+ function normalizePackageName(packageName) {
229968
+ return packageName.replace(/[-_.]+/g, "-").toLowerCase();
229969
+ }
229970
+ async function isSetupPySetuptools(file) {
229971
+ const content = await readFile24(file, "utf-8");
229972
+ return content.includes("setup(") && (/^\s*from\s+(?:setuptools|distutils\.core)\s+import\s+.*setup/m.test(content) || /^\s*import\s+(?:setuptools|distutils\.core)/m.test(content));
229973
+ }
229974
+ async function getPyprojectTomlFilesForLockFile(rootDir, uvLockfile, pyprojectFiles) {
229975
+ const lockDir = dirname19(uvLockfile);
229976
+ const rootTomlFile = pyprojectFiles.find((file) => dirname19(file) === lockDir);
229977
+ if (!rootTomlFile) return void 0;
229978
+ const rootTomlContent = await readFile24(resolve31(rootDir, rootTomlFile), "utf-8");
229979
+ const toml = parseTOML2(rootTomlContent);
229980
+ if (!toml) return void 0;
229981
+ const memberPatterns = [];
229982
+ const excludePatterns = [];
229983
+ const members = getNestedValue(toml, "tool.uv.workspace.members");
229984
+ for (const member of members instanceof TOMLArray ? members : []) {
229985
+ if (member instanceof TOMLScalar && typeof member[value] === "string") {
229986
+ memberPatterns.push(member[value]);
229987
+ }
229988
+ }
229989
+ const excludes = getNestedValue(toml, "tool.uv.workspace.exclude");
229990
+ for (const exclude of excludes instanceof TOMLArray ? excludes : []) {
229991
+ if (exclude instanceof TOMLScalar && typeof exclude[value] === "string") {
229992
+ excludePatterns.push(exclude[value]);
229993
+ }
229994
+ }
229995
+ if (memberPatterns.length === 0) {
229996
+ return { rootTomlFile };
229997
+ }
229998
+ const matcher = (0, import_picomatch7.default)(memberPatterns, {
229999
+ ignore: excludePatterns
230000
+ });
230001
+ const memberTomlFiles = pyprojectFiles.filter((file) => matcher(dirname19(file) || "."));
230002
+ return { rootTomlFile, memberTomlFiles };
230003
+ }
230004
+
230032
230005
  // ../fixing-management/src/fixing-management/pip/pip-socket-upgrade-manager.ts
230033
230006
  var PipSocketUpgradeManager = class {
230034
230007
  constructor(rootDir) {
@@ -230043,87 +230016,81 @@ var PipSocketUpgradeManager = class {
230043
230016
  pyprojectTomlMatcher = (0, import_picomatch8.default)("pyproject.toml", { basename: true });
230044
230017
  uvLockMatcher = (0, import_picomatch8.default)("uv.lock", { basename: true });
230045
230018
  async applySocketArtifactUpgrades(ctxt) {
230046
- const pyprojectTomlfiles = ctxt.manifestFiles.filter((f6) => this.pyprojectTomlMatcher(f6));
230047
- const tomlToLock = /* @__PURE__ */ new Map();
230048
- await asyncForEach(
230049
- ctxt.manifestFiles.filter((mf) => this.uvLockMatcher(mf)),
230050
- async (lockFile) => {
230051
- const rootAndMemberTomlFiles = await getPyprojectTomlFilesForLockFile(
230052
- this.rootDir,
230053
- lockFile,
230054
- pyprojectTomlfiles
230055
- );
230056
- if (!rootAndMemberTomlFiles) return;
230057
- const { rootTomlFile, memberTomlFiles } = rootAndMemberTomlFiles;
230058
- tomlToLock.set(rootTomlFile, lockFile);
230059
- for (const tomlFile of memberTomlFiles ?? []) {
230060
- tomlToLock.set(tomlFile, lockFile);
230061
- }
230062
- }
230063
- );
230064
- const requirementsTxtPatches = [];
230065
- const directUvTomlPatches = [];
230066
- const transitiveUvTomlPatches = [];
230019
+ const pyprojectTomlFiles = ctxt.manifestFiles.filter((f6) => this.pyprojectTomlMatcher(f6));
230020
+ const patches = [];
230021
+ const uvLockFilesToValidate = /* @__PURE__ */ new Set();
230022
+ const lockFileToDepTree = /* @__PURE__ */ new Map();
230067
230023
  for (const [idx, upgradeVersion] of ctxt.upgrades) {
230068
230024
  const artifact = ctxt.artifacts[idx];
230069
230025
  assert13(artifact.name);
230070
230026
  assert13(artifact.version);
230071
- const directRequirementsTxts = new Set(
230072
- artifact.manifestFiles?.filter((mf) => this.requirementsTxtMatcher(mf.file)).map((mf) => mf.file) ?? []
230073
- );
230074
- const canonicalPackageName = canonicalizePyPIName(artifact.name);
230027
+ const packageName = normalizePackageName(artifact.name);
230028
+ const directRequirementsTxts = /* @__PURE__ */ new Set();
230075
230029
  for (const mf of artifact.manifestFiles ?? []) {
230076
230030
  if (this.requirementsTxtMatcher(mf.file)) {
230077
230031
  if (ctxt.wsFilter && !ctxt.wsFilter(dirname20(mf.file) || ".")) continue;
230078
- const patches = await this.createRequirementsTxtDirectDependencyPatches(mf, idx, upgradeVersion, ctxt);
230079
- requirementsTxtPatches.push(...patches);
230032
+ directRequirementsTxts.add(mf.file);
230033
+ patches.push(...await this.createRequirementsTxtDirectDependencyPatches(mf, idx, upgradeVersion, ctxt));
230080
230034
  } else if (this.uvLockMatcher(mf.file)) {
230081
- const rootAndMemberTomlFiles = await getPyprojectTomlFilesForLockFile(
230082
- this.rootDir,
230083
- mf.file,
230084
- pyprojectTomlfiles
230085
- );
230086
- if (!rootAndMemberTomlFiles) {
230035
+ const tomlFiles = await getPyprojectTomlFilesForLockFile(this.rootDir, mf.file, pyprojectTomlFiles);
230036
+ if (!tomlFiles) {
230087
230037
  ctxt.statusUpdater?.({
230088
230038
  status: "error",
230089
230039
  file: mf.file,
230090
230040
  artifacts: [idx],
230091
- message: "Could not find pyproject.toml files for lock file"
230041
+ message: "No pyproject.toml found for uv.lock"
230092
230042
  });
230093
230043
  continue;
230094
230044
  }
230095
- const { rootTomlFile, memberTomlFiles } = rootAndMemberTomlFiles;
230096
- const tomlToDeps = await getDependenciesMapFromUvLock(
230097
- this.rootDir,
230098
- mf.file,
230099
- [rootTomlFile].concat(memberTomlFiles ?? [])
230100
- );
230101
- if (!tomlToDeps) {
230102
- ctxt.statusUpdater?.({
230103
- status: "error",
230104
- file: mf.file,
230105
- artifacts: [idx],
230106
- message: "Could not compute pyproject.toml files for dependency"
230107
- });
230108
- continue;
230109
- }
230110
- for (const [tomlFile, { direct, transitive }] of tomlToDeps) {
230111
- if (ctxt.wsFilter && !ctxt.wsFilter(dirname20(tomlFile) || ".")) continue;
230112
- if (direct.has(canonicalPackageName)) {
230113
- directUvTomlPatches.push(
230114
- ...await this.createPyprojectTomlDirectDependencyPatches(tomlFile, idx, upgradeVersion, ctxt)
230115
- );
230045
+ const { rootTomlFile, memberTomlFiles } = tomlFiles;
230046
+ let depTree = lockFileToDepTree.get(mf.file);
230047
+ if (!depTree) {
230048
+ depTree = await buildDependencyTreesFromUvLock(this.rootDir, mf.file);
230049
+ if (depTree) {
230050
+ lockFileToDepTree.set(mf.file, depTree);
230051
+ } else {
230052
+ ctxt.statusUpdater?.({
230053
+ status: "error",
230054
+ file: mf.file,
230055
+ artifacts: [idx],
230056
+ message: "Failed to parse uv.lock"
230057
+ });
230058
+ continue;
230116
230059
  }
230117
- if (transitive.has(canonicalPackageName)) {
230118
- transitiveUvTomlPatches.push(
230119
- ...await this.createOverrideDependencyAddPatches(rootTomlFile, idx, upgradeVersion, ctxt)
230060
+ }
230061
+ const lookupKey = getPackageKey(packageName, artifact.version);
230062
+ for (const [projectDir, projectInfo] of depTree) {
230063
+ if (ctxt.wsFilter && !ctxt.wsFilter(projectDir)) continue;
230064
+ const nodesByNameVersion = /* @__PURE__ */ new Map();
230065
+ for (const [, node] of projectInfo.nodes) {
230066
+ const key = getPackageKey(node.packageName, node.version);
230067
+ const existing = nodesByNameVersion.get(key) ?? [];
230068
+ existing.push(node);
230069
+ nodesByNameVersion.set(key, existing);
230070
+ }
230071
+ const matchingNodes = nodesByNameVersion.get(lookupKey) ?? [];
230072
+ const isDirectDep = matchingNodes.some((node) => projectInfo.direct.has(node.nodeKey));
230073
+ if (isDirectDep) {
230074
+ const tomlFile = [rootTomlFile, ...memberTomlFiles ?? []].find(
230075
+ (f6) => (dirname20(f6) || ".") === projectDir
230120
230076
  );
230077
+ if (tomlFile) {
230078
+ patches.push(
230079
+ ...await this.createPyprojectTomlDirectDependencyPatches(tomlFile, idx, upgradeVersion, ctxt)
230080
+ );
230081
+ } else {
230082
+ ctxt.statusUpdater?.({
230083
+ status: "error",
230084
+ file: mf.file,
230085
+ artifacts: [idx],
230086
+ message: `No pyproject.toml found for project at ${projectDir}`
230087
+ });
230088
+ }
230121
230089
  }
230122
- directUvTomlPatches.push(
230123
- ...await this.createOverrideDependencyUpdatePatches(rootTomlFile, idx, upgradeVersion, ctxt)
230124
- );
230125
230090
  }
230126
- continue;
230091
+ patches.push(...await this.createUvLockPatches(mf.file, idx, upgradeVersion, ctxt));
230092
+ uvLockFilesToValidate.add(mf.file);
230093
+ patches.push(...await this.createOverrideDependencyUpdatePatches(rootTomlFile, idx, upgradeVersion, ctxt));
230127
230094
  } else {
230128
230095
  ctxt.statusUpdater?.({
230129
230096
  status: "error",
@@ -230133,83 +230100,257 @@ var PipSocketUpgradeManager = class {
230133
230100
  });
230134
230101
  }
230135
230102
  }
230136
- const transitiveRequirementsTxts = /* @__PURE__ */ new Set();
230137
230103
  for (const ancestorId of artifact.toplevelAncestors ?? []) {
230138
230104
  const ancestor = ctxt.artifacts.find((a4) => a4.id === ancestorId);
230139
- if (ancestor) {
230140
- for (const mf of ancestor.manifestFiles ?? []) {
230141
- if (this.requirementsTxtMatcher(mf.file) && !directRequirementsTxts.has(mf.file)) {
230142
- transitiveRequirementsTxts.add(mf.file);
230143
- }
230105
+ for (const mf of ancestor?.manifestFiles ?? []) {
230106
+ if (ctxt.wsFilter && !ctxt.wsFilter(dirname20(mf.file) || ".")) continue;
230107
+ if (this.requirementsTxtMatcher(mf.file) && !directRequirementsTxts.has(mf.file)) {
230108
+ patches.push(...await this.createRequirementsTxtTransitivePatches(mf.file, idx, upgradeVersion, ctxt));
230144
230109
  }
230145
230110
  }
230146
230111
  }
230147
- for (const requirementsTxt of transitiveRequirementsTxts) {
230148
- if (ctxt.wsFilter && !ctxt.wsFilter(dirname20(requirementsTxt) || ".")) continue;
230149
- const patches = await this.createRequirementsTxtTransitivePatches(requirementsTxt, idx, upgradeVersion, ctxt);
230150
- requirementsTxtPatches.push(...patches);
230151
- }
230152
230112
  }
230153
- const restoreMap = /* @__PURE__ */ new Map();
230154
- for (const { file, artifacts } of directUvTomlPatches.concat(transitiveUvTomlPatches)) {
230155
- const path9 = resolve32(this.rootDir, file);
230156
- if (!restoreMap.has(path9)) {
230157
- restoreMap.set(path9, {
230158
- content: await readFile25(path9, "utf-8"),
230159
- artifacts: []
230160
- });
230161
- }
230162
- const existing = restoreMap.get(path9);
230163
- for (const idx of artifacts) {
230164
- if (!existing.artifacts.includes(idx)) {
230165
- existing.artifacts.push(idx);
230113
+ await applyPatches("PIP", this.rootDir, patches, ctxt);
230114
+ for (const lockFile of uvLockFilesToValidate) {
230115
+ const upgradesForLockFile = [];
230116
+ for (const [idx, upgradeVersion] of ctxt.upgrades) {
230117
+ const artifact = ctxt.artifacts[idx];
230118
+ if (artifact.name && artifact.version) {
230119
+ upgradesForLockFile.push({
230120
+ idx,
230121
+ packageName: normalizePackageName(artifact.name),
230122
+ oldVersion: artifact.version,
230123
+ newVersion: upgradeVersion
230124
+ });
230166
230125
  }
230167
230126
  }
230168
- }
230169
- const appliedTemporaryPatches = await applyPatches(
230170
- "PIP",
230171
- this.rootDir,
230172
- directUvTomlPatches.concat(transitiveUvTomlPatches),
230173
- ctxt
230174
- );
230175
- const lockfileToArtifacts = {};
230176
- for (const { file, artifacts } of appliedTemporaryPatches) {
230177
- const lockfile2 = tomlToLock.get(file);
230178
- if (!lockfile2) {
230127
+ await this.removeDuplicateUvLockEntries(lockFile, ctxt);
230128
+ const result = await execNeverFail2(["uv", "lock"], dirname20(resolve32(this.rootDir, lockFile)));
230129
+ if (result.error) {
230179
230130
  ctxt.statusUpdater?.({
230180
230131
  status: "error",
230181
- file,
230182
- message: "No lockfile found for pyproject.toml",
230183
- artifacts: i3(artifacts)
230132
+ file: lockFile,
230133
+ artifacts: [],
230134
+ message: `Failed to finalize lockfile: ${result.error.message ?? "Unknown error"}`
230184
230135
  });
230185
230136
  continue;
230186
230137
  }
230187
- if (!lockfileToArtifacts[lockfile2]) {
230188
- lockfileToArtifacts[lockfile2] = [];
230189
- }
230190
- lockfileToArtifacts[lockfile2].push(...artifacts);
230138
+ await this.validateUvLockUpgrades(lockFile, upgradesForLockFile, ctxt);
230191
230139
  }
230192
- await this.refreshLockfiles(lockfileToArtifacts, ctxt, "LOCKFILE_ONLY");
230193
- await asyncForEach(Array.from(restoreMap), async ([path9, { content, artifacts }]) => {
230194
- try {
230195
- await writeFile9(path9, content);
230196
- ctxt.statusUpdater?.({
230197
- status: "success",
230198
- file: relative13(this.rootDir, path9),
230199
- message: "File restored",
230200
- artifacts: i3(artifacts)
230140
+ }
230141
+ /**
230142
+ * Remove duplicate [[package]] entries from uv.lock.
230143
+ * Duplicates are identified by name==version @ source.
230144
+ */
230145
+ async removeDuplicateUvLockEntries(lockFile, ctxt) {
230146
+ const fullPath = resolve32(this.rootDir, lockFile);
230147
+ let content;
230148
+ try {
230149
+ content = await readFile25(fullPath, "utf-8");
230150
+ } catch {
230151
+ return;
230152
+ }
230153
+ const toml = parseTOML2(content);
230154
+ if (!toml) return;
230155
+ const packages = toml.package;
230156
+ if (!(packages instanceof TOMLArray)) return;
230157
+ const keyToEntries = /* @__PURE__ */ new Map();
230158
+ for (const pkg of packages) {
230159
+ if (!(pkg instanceof TOMLTable)) continue;
230160
+ const nameScalar = pkg.name;
230161
+ const versionScalar = pkg.version;
230162
+ const source = pkg.source;
230163
+ if (!(nameScalar instanceof TOMLScalar) || !(versionScalar instanceof TOMLScalar)) continue;
230164
+ if (typeof nameScalar[value] !== "string" || typeof versionScalar[value] !== "string") continue;
230165
+ const sourceStr = source instanceof TOMLTable ? parseSourceString(source) : void 0;
230166
+ const key = getPackageKey(nameScalar[value], versionScalar[value], sourceStr);
230167
+ const entries = keyToEntries.get(key) ?? [];
230168
+ entries.push(pkg);
230169
+ keyToEntries.set(key, entries);
230170
+ }
230171
+ const patches = [];
230172
+ for (const [key, entries] of keyToEntries) {
230173
+ if (entries.length <= 1) continue;
230174
+ for (let i7 = 1; i7 < entries.length; i7++) {
230175
+ const entry = entries[i7];
230176
+ const entryRange = entry[range];
230177
+ if (!entryRange) continue;
230178
+ const [start, end2] = entryRange;
230179
+ const contentAfter = content.slice(end2);
230180
+ const lineEnd = end2 + (contentAfter.startsWith("\n") ? 1 : 0);
230181
+ patches.push({
230182
+ file: lockFile,
230183
+ offset: start,
230184
+ length: lineEnd - start,
230185
+ text: "",
230186
+ artifacts: []
230201
230187
  });
230202
- } catch (e) {
230203
230188
  ctxt.statusUpdater?.({
230204
- status: "error",
230205
- file: relative13(this.rootDir, path9),
230206
- message: "Could not restore file",
230207
- artifacts: i3(artifacts)
230189
+ status: "warn",
230190
+ file: lockFile,
230191
+ artifacts: [],
230192
+ message: `Removing duplicate entry: ${key}`
230208
230193
  });
230209
230194
  }
230210
- });
230211
- await applyPatches("RUST", this.rootDir, requirementsTxtPatches.concat(directUvTomlPatches), ctxt);
230212
- await this.refreshLockfiles(lockfileToArtifacts, ctxt, "FULL_INSTALL");
230195
+ }
230196
+ if (patches.length > 0) {
230197
+ await applyPatches("PIP", this.rootDir, patches, ctxt);
230198
+ }
230199
+ }
230200
+ /**
230201
+ * Validate that upgrades were successful by checking the lockfile for old versions.
230202
+ */
230203
+ async validateUvLockUpgrades(lockFile, upgrades, ctxt) {
230204
+ const fullPath = resolve32(this.rootDir, lockFile);
230205
+ let content;
230206
+ try {
230207
+ content = await readFile25(fullPath, "utf-8");
230208
+ } catch {
230209
+ return;
230210
+ }
230211
+ const toml = parseTOML2(content);
230212
+ if (!toml) return;
230213
+ const packages = toml.package;
230214
+ if (!(packages instanceof TOMLArray)) return;
230215
+ for (const upgrade of upgrades) {
230216
+ for (const pkg of packages) {
230217
+ if (!(pkg instanceof TOMLTable)) continue;
230218
+ const nameScalar = pkg.name;
230219
+ const versionScalar = pkg.version;
230220
+ if (!(nameScalar instanceof TOMLScalar) || !(versionScalar instanceof TOMLScalar)) continue;
230221
+ if (typeof nameScalar[value] !== "string" || typeof versionScalar[value] !== "string") continue;
230222
+ const name2 = normalizePackageName(nameScalar[value]);
230223
+ const version4 = versionScalar[value];
230224
+ if (name2 === upgrade.packageName && version4 === upgrade.oldVersion) {
230225
+ const source = pkg.source;
230226
+ const sourceStr = source instanceof TOMLTable ? parseSourceString(source) : void 0;
230227
+ const key = getPackageKey(name2, version4, sourceStr);
230228
+ ctxt.statusUpdater?.({
230229
+ status: "error",
230230
+ file: lockFile,
230231
+ artifacts: [upgrade.idx],
230232
+ message: `Upgrade failed: ${key} still present in lockfile`
230233
+ });
230234
+ }
230235
+ }
230236
+ }
230237
+ }
230238
+ /**
230239
+ * Create patches for uv.lock file.
230240
+ * Updates [[package]] entries and inline dependency references.
230241
+ */
230242
+ async createUvLockPatches(lockFile, idx, upgradeVersion, ctxt) {
230243
+ const artifact = ctxt.artifacts[idx];
230244
+ assert13(artifact.name);
230245
+ assert13(artifact.version);
230246
+ const fullPath = resolve32(this.rootDir, lockFile);
230247
+ const content = await readFile25(fullPath, "utf-8");
230248
+ const packageName = normalizePackageName(artifact.name);
230249
+ const patches = [];
230250
+ const toml = parseTOML2(content);
230251
+ if (!toml) {
230252
+ ctxt.statusUpdater?.({ status: "error", file: lockFile, artifacts: [idx], message: "Failed to parse uv.lock" });
230253
+ return patches;
230254
+ }
230255
+ const packages = toml.package;
230256
+ if (!(packages instanceof TOMLArray)) {
230257
+ ctxt.statusUpdater?.({
230258
+ status: "error",
230259
+ file: lockFile,
230260
+ artifacts: [idx],
230261
+ message: "No packages found in uv.lock"
230262
+ });
230263
+ return patches;
230264
+ }
230265
+ const pkgEntry = packages.find(
230266
+ (pkg) => pkg instanceof TOMLTable && pkg.name instanceof TOMLScalar && pkg.version instanceof TOMLScalar && typeof pkg.name[value] === "string" && typeof pkg.version[value] === "string" && normalizePackageName(pkg.name[value]) === packageName && pkg.version[value] === artifact.version
230267
+ );
230268
+ if (!(pkgEntry instanceof TOMLTable)) {
230269
+ ctxt.statusUpdater?.({
230270
+ status: "error",
230271
+ file: lockFile,
230272
+ artifacts: [idx],
230273
+ message: `Package ${artifact.name}@${artifact.version} not found in lockfile`
230274
+ });
230275
+ return patches;
230276
+ }
230277
+ const versionScalar = pkgEntry.version;
230278
+ if (versionScalar instanceof TOMLScalar) {
230279
+ const [start, end2] = versionScalar[range];
230280
+ patches.push({
230281
+ file: lockFile,
230282
+ offset: start,
230283
+ length: end2 - start,
230284
+ text: `"${upgradeVersion}"`,
230285
+ artifacts: [idx]
230286
+ });
230287
+ }
230288
+ const sdist = pkgEntry.sdist;
230289
+ if (sdist instanceof TOMLTable) {
230290
+ const [start, end2] = sdist[range];
230291
+ const contentBefore = content.slice(0, start);
230292
+ const lineStart = contentBefore.lastIndexOf("\n") + 1;
230293
+ const contentAfter = content.slice(end2);
230294
+ const lineEnd = end2 + (contentAfter.startsWith("\n") ? 1 : 0);
230295
+ patches.push({
230296
+ file: lockFile,
230297
+ offset: lineStart,
230298
+ length: lineEnd - lineStart,
230299
+ text: "",
230300
+ artifacts: [idx]
230301
+ });
230302
+ }
230303
+ const wheels = pkgEntry.wheels;
230304
+ if (wheels instanceof TOMLArray) {
230305
+ const [start, end2] = wheels[range];
230306
+ const contentBefore = content.slice(0, start);
230307
+ const lineStart = contentBefore.lastIndexOf("\n") + 1;
230308
+ const contentAfter = content.slice(end2);
230309
+ const lineEnd = end2 + (contentAfter.startsWith("\n") ? 1 : 0);
230310
+ patches.push({
230311
+ file: lockFile,
230312
+ offset: lineStart,
230313
+ length: lineEnd - lineStart,
230314
+ text: "",
230315
+ artifacts: [idx]
230316
+ });
230317
+ }
230318
+ const dependencies = pkgEntry.dependencies;
230319
+ if (dependencies instanceof TOMLArray) {
230320
+ const [start, end2] = dependencies[range];
230321
+ const contentBefore = content.slice(0, start);
230322
+ const lineStart = contentBefore.lastIndexOf("\n") + 1;
230323
+ const contentAfter = content.slice(end2);
230324
+ const lineEnd = end2 + (contentAfter.startsWith("\n") ? 1 : 0);
230325
+ patches.push({
230326
+ file: lockFile,
230327
+ offset: lineStart,
230328
+ length: lineEnd - lineStart,
230329
+ text: "",
230330
+ artifacts: [idx]
230331
+ });
230332
+ }
230333
+ for (const pkg of packages) {
230334
+ if (!(pkg instanceof TOMLTable)) continue;
230335
+ const deps = pkg.dependencies;
230336
+ if (!(deps instanceof TOMLArray)) continue;
230337
+ for (const dep of deps) {
230338
+ if (!(dep instanceof TOMLTable)) continue;
230339
+ const depName = dep.name;
230340
+ const depVersion = dep.version;
230341
+ if (depName instanceof TOMLScalar && depVersion instanceof TOMLScalar && typeof depName[value] === "string" && typeof depVersion[value] === "string" && normalizePackageName(depName[value]) === packageName && depVersion[value] === artifact.version) {
230342
+ const [start, end2] = depVersion[range];
230343
+ patches.push({
230344
+ file: lockFile,
230345
+ offset: start,
230346
+ length: end2 - start,
230347
+ text: `"${upgradeVersion}"`,
230348
+ artifacts: [idx]
230349
+ });
230350
+ }
230351
+ }
230352
+ }
230353
+ return patches;
230213
230354
  }
230214
230355
  /**
230215
230356
  * Handle requirements.txt file updates
@@ -230236,7 +230377,24 @@ var PipSocketUpgradeManager = class {
230236
230377
  const requirements = (0, import_pip_requirements_js.parsePipRequirementsFileLoosely)(content, { includeLocations: true });
230237
230378
  const foundRequirement = requirements.filter((req) => req.data.type === "ProjectName").find((req) => refStart <= req.location.startIdx && req.location.endIdx <= refEnd);
230238
230379
  if (foundRequirement) {
230239
- patches.push(...createPep508VersionPatches(ref.file, idx, foundRequirement, upgradeVersion, ctxt.rangeStyle));
230380
+ const reqPatches = createPep508VersionPatches(
230381
+ ref.file,
230382
+ idx,
230383
+ foundRequirement,
230384
+ artifact.version,
230385
+ upgradeVersion,
230386
+ ctxt.rangeStyle
230387
+ );
230388
+ if (reqPatches === void 0) {
230389
+ ctxt.statusUpdater?.({
230390
+ status: "error",
230391
+ file: ref.file,
230392
+ artifacts: [idx],
230393
+ message: `Failed to parse version constraint for ${artifact.name}`
230394
+ });
230395
+ } else {
230396
+ patches.push(...reqPatches);
230397
+ }
230240
230398
  } else {
230241
230399
  ctxt.statusUpdater?.({
230242
230400
  status: "error",
@@ -230325,18 +230483,27 @@ ${newText}
230325
230483
  const depSpec = element[value];
230326
230484
  const parsed = (0, import_pip_requirements_js.parsePipRequirementsLineLoosely)(depSpec, { includeLocations: true });
230327
230485
  if (parsed && parsed.data.type === "ProjectName") {
230328
- if (canonicalizePyPIName(parsed.data.name.data) === canonicalizePyPIName(artifact.name) && satisfiestVersionSpecs(artifact.version, parsed.data.versionSpec)) {
230329
- patches.push(
230330
- ...createPep508VersionPatches(
230331
- tomlFile,
230332
- idx,
230333
- parsed,
230334
- upgradeVersion,
230335
- ctxt.rangeStyle,
230336
- element[range][0] + 1
230337
- // Skip opening quote
230338
- )
230486
+ if (normalizePackageName(parsed.data.name.data) === normalizePackageName(artifact.name) && satisfiestVersionSpecs(artifact.version, parsed.data.versionSpec)) {
230487
+ const depPatches = createPep508VersionPatches(
230488
+ tomlFile,
230489
+ idx,
230490
+ parsed,
230491
+ artifact.version,
230492
+ upgradeVersion,
230493
+ ctxt.rangeStyle,
230494
+ element[range][0] + 1
230495
+ // Skip opening quote
230339
230496
  );
230497
+ if (depPatches === void 0) {
230498
+ ctxt.statusUpdater?.({
230499
+ status: "error",
230500
+ file: tomlFile,
230501
+ artifacts: [idx],
230502
+ message: `Failed to parse version constraint for ${artifact.name}`
230503
+ });
230504
+ } else {
230505
+ patches.push(...depPatches);
230506
+ }
230340
230507
  }
230341
230508
  }
230342
230509
  }
@@ -230352,18 +230519,27 @@ ${newText}
230352
230519
  const depSpec = element[value];
230353
230520
  const parsed = (0, import_pip_requirements_js.parsePipRequirementsLineLoosely)(depSpec, { includeLocations: true });
230354
230521
  if (parsed && parsed.data.type === "ProjectName") {
230355
- if (canonicalizePyPIName(parsed.data.name.data) === canonicalizePyPIName(artifact.name) && satisfiestVersionSpecs(artifact.version, parsed.data.versionSpec)) {
230356
- patches.push(
230357
- ...createPep508VersionPatches(
230358
- tomlFile,
230359
- idx,
230360
- parsed,
230361
- upgradeVersion,
230362
- ctxt.rangeStyle,
230363
- element[range][0] + 1
230364
- // Skip opening quote
230365
- )
230522
+ if (normalizePackageName(parsed.data.name.data) === normalizePackageName(artifact.name) && satisfiestVersionSpecs(artifact.version, parsed.data.versionSpec)) {
230523
+ const depPatches = createPep508VersionPatches(
230524
+ tomlFile,
230525
+ idx,
230526
+ parsed,
230527
+ artifact.version,
230528
+ upgradeVersion,
230529
+ ctxt.rangeStyle,
230530
+ element[range][0] + 1
230531
+ // Skip opening quote
230366
230532
  );
230533
+ if (depPatches === void 0) {
230534
+ ctxt.statusUpdater?.({
230535
+ status: "error",
230536
+ file: tomlFile,
230537
+ artifacts: [idx],
230538
+ message: `Failed to parse version constraint for ${artifact.name}`
230539
+ });
230540
+ } else {
230541
+ patches.push(...depPatches);
230542
+ }
230367
230543
  }
230368
230544
  }
230369
230545
  }
@@ -230381,97 +230557,41 @@ ${newText}
230381
230557
  const depSpec = element[value];
230382
230558
  const parsed = (0, import_pip_requirements_js.parsePipRequirementsLineLoosely)(depSpec, { includeLocations: true });
230383
230559
  if (parsed && parsed.data.type === "ProjectName") {
230384
- if (canonicalizePyPIName(parsed.data.name.data) === canonicalizePyPIName(artifact.name) && satisfiestVersionSpecs(artifact.version, parsed.data.versionSpec)) {
230385
- patches.push(
230386
- ...createPep508VersionPatches(
230387
- tomlFile,
230388
- idx,
230389
- parsed,
230390
- upgradeVersion,
230391
- ctxt.rangeStyle,
230392
- element[range][0] + 1
230393
- // Skip opening quote
230394
- )
230395
- );
230396
- }
230397
- }
230398
- }
230399
- }
230400
- }
230401
- }
230402
- }
230403
- if (patches.length === 0) {
230404
- ctxt.statusUpdater?.({
230405
- status: "error",
230406
- file: tomlFile,
230407
- artifacts: [idx],
230408
- message: `Could not find ${artifact.name} version ${artifact.version}`
230409
- });
230410
- }
230411
- return patches;
230412
- }
230413
- /**
230414
- * Update existing tool.uv.override-dependencies entries in pyproject.toml
230415
- * Only returns patches for existing entries - does not create new ones
230416
- * These patches should be kept (re-applied after restoration)
230417
- */
230418
- async createOverrideDependencyUpdatePatches(pyprojectToml, idx, upgradeVersion, ctxt) {
230419
- const artifact = ctxt.artifacts[idx];
230420
- assert13(artifact.name);
230421
- assert13(artifact.version);
230422
- const patches = [];
230423
- try {
230424
- const content = await readFile25(resolve32(this.rootDir, pyprojectToml), "utf-8");
230425
- const toml = parseTOML2(content);
230426
- if (!toml) {
230427
- ctxt.statusUpdater?.({
230428
- status: "error",
230429
- file: pyprojectToml,
230430
- artifacts: [idx],
230431
- message: "Failed to parse TOML file"
230432
- });
230433
- return patches;
230434
- }
230435
- const overrideDeps = getNestedValue(toml, "tool.uv.override-dependencies");
230436
- if (overrideDeps instanceof TOMLArray) {
230437
- for (const overrideDep of overrideDeps) {
230438
- if (overrideDep instanceof TOMLScalar && typeof overrideDep[value] === "string") {
230439
- const overrideSpec = overrideDep[value];
230440
- const parsed = (0, import_pip_requirements_js.parsePipRequirementsLineLoosely)(overrideSpec, { includeLocations: true });
230441
- if (parsed && parsed.data.type === "ProjectName") {
230442
- if (canonicalizePyPIName(parsed.data.name.data) === canonicalizePyPIName(artifact.name) && satisfiestVersionSpecs(artifact.version, parsed.data.versionSpec)) {
230443
- patches.push(
230444
- ...createPep508VersionPatches(
230445
- pyprojectToml,
230560
+ if (normalizePackageName(parsed.data.name.data) === normalizePackageName(artifact.name) && satisfiestVersionSpecs(artifact.version, parsed.data.versionSpec)) {
230561
+ const depPatches = createPep508VersionPatches(
230562
+ tomlFile,
230446
230563
  idx,
230447
230564
  parsed,
230565
+ artifact.version,
230448
230566
  upgradeVersion,
230449
230567
  ctxt.rangeStyle,
230450
- overrideDep[range][0] + 1
230568
+ element[range][0] + 1
230451
230569
  // Skip opening quote
230452
- )
230453
- );
230570
+ );
230571
+ if (depPatches === void 0) {
230572
+ ctxt.statusUpdater?.({
230573
+ status: "error",
230574
+ file: tomlFile,
230575
+ artifacts: [idx],
230576
+ message: `Failed to parse version constraint for ${artifact.name}`
230577
+ });
230578
+ } else {
230579
+ patches.push(...depPatches);
230580
+ }
230581
+ }
230454
230582
  }
230455
230583
  }
230456
230584
  }
230457
230585
  }
230458
230586
  }
230459
- } catch (e) {
230460
- ctxt.statusUpdater?.({
230461
- status: "error",
230462
- file: pyprojectToml,
230463
- artifacts: [idx],
230464
- message: `Error updating uv override-dependency: ${e.message ?? "Unknown error"}`
230465
- });
230466
230587
  }
230467
230588
  return patches;
230468
230589
  }
230469
230590
  /**
230470
- * Add new tool.uv.override-dependencies entries in pyproject.toml
230471
- * Only creates new entries - does not update existing ones
230472
- * These patches are temporary and should be rolled back after lockfile update
230591
+ * Update existing tool.uv.override-dependencies entries in pyproject.toml.
230592
+ * Only patches existing entries - does not create new ones.
230473
230593
  */
230474
- async createOverrideDependencyAddPatches(pyprojectToml, idx, upgradeVersion, ctxt) {
230594
+ async createOverrideDependencyUpdatePatches(pyprojectToml, idx, upgradeVersion, ctxt) {
230475
230595
  const artifact = ctxt.artifacts[idx];
230476
230596
  assert13(artifact.name);
230477
230597
  assert13(artifact.version);
@@ -230480,15 +230600,8 @@ ${newText}
230480
230600
  const content = await readFile25(resolve32(this.rootDir, pyprojectToml), "utf-8");
230481
230601
  const toml = parseTOML2(content);
230482
230602
  if (!toml) {
230483
- ctxt.statusUpdater?.({
230484
- status: "error",
230485
- file: pyprojectToml,
230486
- artifacts: [idx],
230487
- message: "Failed to parse TOML file"
230488
- });
230489
230603
  return patches;
230490
230604
  }
230491
- const toolUv = getNestedValue(toml, "tool.uv");
230492
230605
  const overrideDeps = getNestedValue(toml, "tool.uv.override-dependencies");
230493
230606
  if (overrideDeps instanceof TOMLArray) {
230494
230607
  for (const overrideDep of overrideDeps) {
@@ -230496,139 +230609,162 @@ ${newText}
230496
230609
  const overrideSpec = overrideDep[value];
230497
230610
  const parsed = (0, import_pip_requirements_js.parsePipRequirementsLineLoosely)(overrideSpec, { includeLocations: true });
230498
230611
  if (parsed && parsed.data.type === "ProjectName") {
230499
- if (canonicalizePyPIName(parsed.data.name.data) === canonicalizePyPIName(artifact.name)) {
230500
- return patches;
230612
+ if (normalizePackageName(parsed.data.name.data) === normalizePackageName(artifact.name) && satisfiestVersionSpecs(artifact.version, parsed.data.versionSpec)) {
230613
+ const overridePatches = createPep508VersionPatches(
230614
+ pyprojectToml,
230615
+ idx,
230616
+ parsed,
230617
+ artifact.version,
230618
+ upgradeVersion,
230619
+ ctxt.rangeStyle,
230620
+ overrideDep[range][0] + 1
230621
+ // Skip opening quote
230622
+ );
230623
+ if (overridePatches === void 0) {
230624
+ ctxt.statusUpdater?.({
230625
+ status: "error",
230626
+ file: pyprojectToml,
230627
+ artifacts: [idx],
230628
+ message: `Failed to parse version constraint for ${artifact.name}`
230629
+ });
230630
+ } else {
230631
+ patches.push(...overridePatches);
230632
+ }
230501
230633
  }
230502
230634
  }
230503
230635
  }
230504
230636
  }
230505
- const lastElement = overrideDeps[overrideDeps.length - 1];
230506
- const insertPosition = lastElement ? lastElement[range][1] : overrideDeps[range][0] + 1;
230507
- patches.push({
230508
- file: pyprojectToml,
230509
- offset: insertPosition,
230510
- artifacts: [idx],
230511
- text: overrideDeps.length > 0 ? `,
230512
- ${" ".repeat(4)}"${artifact.name}==${upgradeVersion}"` : `
230513
- ${" ".repeat(4)}"${artifact.name}==${upgradeVersion}"`
230514
- });
230515
- } else if (toolUv instanceof TOMLTable) {
230516
- patches.push({
230517
- file: pyprojectToml,
230518
- offset: toolUv[range][1],
230519
- artifacts: [idx],
230520
- text: `
230521
- override-dependencies = [
230522
- ${" ".repeat(4)}"${artifact.name}==${upgradeVersion}",
230523
- ]`
230524
- });
230525
- } else {
230526
- patches.push({
230527
- file: pyprojectToml,
230528
- offset: toml[range][1],
230529
- artifacts: [idx],
230530
- text: `
230531
-
230532
- [tool.uv]
230533
- override-dependencies = [
230534
- ${" ".repeat(4)}"${artifact.name}==${upgradeVersion}",
230535
- ]`
230536
- });
230537
230637
  }
230538
230638
  } catch (e) {
230539
230639
  ctxt.statusUpdater?.({
230540
230640
  status: "error",
230541
230641
  file: pyprojectToml,
230542
230642
  artifacts: [idx],
230543
- message: `Error adding uv override-dependency: ${e.message ?? "Unknown error"}`
230643
+ message: `Error updating override-dependencies: ${e.message ?? "Unknown error"}`
230544
230644
  });
230545
230645
  }
230546
230646
  return patches;
230547
230647
  }
230548
- async refreshLockfiles(lockfileToArtifacts, ctxt, _mode2) {
230549
- await asyncForEach(Object.entries(lockfileToArtifacts), async ([lockfile2, artifacts]) => {
230550
- const lockfileDir = dirname20(resolve32(this.rootDir, lockfile2));
230551
- let result;
230552
- if (this.uvLockMatcher(lockfile2)) {
230553
- result = await execNeverFail2(["uv", "lock"], lockfileDir);
230554
- } else {
230555
- ctxt.statusUpdater?.({
230556
- status: "error",
230557
- file: lockfile2,
230558
- artifacts: i3(artifacts),
230559
- message: "Unknown lockfile type"
230560
- });
230561
- return;
230562
- }
230563
- if (!result.error) {
230564
- ctxt.statusUpdater?.({
230565
- status: "success",
230566
- file: lockfile2,
230567
- message: "Lockfile updated",
230568
- artifacts: i3(artifacts)
230569
- });
230570
- } else {
230571
- logger.debug("update lockfile stdout", result.stdout);
230572
- logger.debug("update lockfile stderr", result.stderr);
230573
- ctxt.statusUpdater?.({
230574
- status: "error",
230575
- file: lockfile2,
230576
- artifacts: i3(artifacts),
230577
- message: `Failed to update lockfile: ${result.error?.message ?? "Unknown error"}`
230578
- });
230579
- }
230580
- });
230581
- }
230582
230648
  };
230583
- function canonicalizePyPIName(name2) {
230584
- return (name2 ?? "").trim().toLowerCase().replaceAll(/[-_.]+/gi, "-");
230649
+ function getPackageKey(name2, version4, source) {
230650
+ const normalizedName = normalizePackageName(name2.trim());
230651
+ if (!version4) return normalizedName;
230652
+ const trimmedVersion = version4.trim();
230653
+ if (!source) return `${normalizedName}==${trimmedVersion}`;
230654
+ return `${normalizedName}==${trimmedVersion} @ ${source.trim()}`;
230585
230655
  }
230586
- async function getDependenciesMapFromUvLock(rootDir, lockFile, pyprojectTomlFilesForLockFile) {
230587
- const result = /* @__PURE__ */ new Map();
230588
- const lockToml = parseTOML2(await readFile25(resolve32(rootDir, lockFile), "utf-8"));
230589
- if (!lockToml) return result;
230590
- const children2 = /* @__PURE__ */ new Map();
230656
+ function parseSourceString(source) {
230657
+ for (const [key, val2] of Object.entries(source)) {
230658
+ if (val2 instanceof TOMLScalar && typeof val2[value] === "string") {
230659
+ return `${key.trim()}+${val2[value].trim()}`;
230660
+ }
230661
+ }
230662
+ return void 0;
230663
+ }
230664
+ async function buildDependencyTreesFromUvLock(rootDir, uvLockFile) {
230665
+ let lockToml;
230666
+ try {
230667
+ const lockContent = await readFile25(resolve32(rootDir, uvLockFile), "utf-8");
230668
+ lockToml = parseTOML2(lockContent);
230669
+ } catch {
230670
+ return void 0;
230671
+ }
230672
+ if (!lockToml) return void 0;
230591
230673
  const packages = lockToml.package;
230592
- if (!(packages instanceof TOMLArray)) return result;
230674
+ if (!(packages instanceof TOMLArray)) return void 0;
230675
+ const nodes = /* @__PURE__ */ new Map();
230676
+ const nameToFullKeys = /* @__PURE__ */ new Map();
230677
+ const nameVersionToFullKeys = /* @__PURE__ */ new Map();
230678
+ const localProjectNodeKeys = /* @__PURE__ */ new Map();
230593
230679
  for (const pkg of packages) {
230594
230680
  if (!(pkg instanceof TOMLTable)) continue;
230595
- if (pkg.name instanceof TOMLScalar && typeof pkg.name[value] === "string") {
230596
- const packageName = canonicalizePyPIName(pkg.name[value]);
230597
- if (!children2.has(packageName)) {
230598
- children2.set(packageName, /* @__PURE__ */ new Set());
230681
+ const nameScalar = pkg.name;
230682
+ const versionScalar = pkg.version;
230683
+ const source = pkg.source;
230684
+ if (!(nameScalar instanceof TOMLScalar) || !(versionScalar instanceof TOMLScalar)) continue;
230685
+ if (typeof nameScalar[value] !== "string" || typeof versionScalar[value] !== "string") continue;
230686
+ const pkgName = nameScalar[value];
230687
+ const pkgVersion = versionScalar[value];
230688
+ const pkgSource = source instanceof TOMLTable ? parseSourceString(source) : void 0;
230689
+ const nodeKey = getPackageKey(pkgName, pkgVersion, pkgSource);
230690
+ const normalizedName = normalizePackageName(pkgName);
230691
+ const node = {
230692
+ packageName: normalizedName,
230693
+ version: pkgVersion,
230694
+ nodeKey,
230695
+ deps: /* @__PURE__ */ new Set()
230696
+ // Populated in pass 2
230697
+ };
230698
+ if (!nodes.has(nodeKey)) {
230699
+ nodes.set(nodeKey, node);
230700
+ }
230701
+ const fullKeys = nameToFullKeys.get(normalizedName) ?? [];
230702
+ fullKeys.push(nodeKey);
230703
+ nameToFullKeys.set(normalizedName, fullKeys);
230704
+ const nameVersionKey = `${normalizedName}==${pkgVersion}`;
230705
+ const nameVersionFullKeys = nameVersionToFullKeys.get(nameVersionKey) ?? [];
230706
+ nameVersionFullKeys.push(nodeKey);
230707
+ nameVersionToFullKeys.set(nameVersionKey, nameVersionFullKeys);
230708
+ if (source instanceof TOMLTable) {
230709
+ const virtualPath = source.virtual;
230710
+ const editablePath = source.editable;
230711
+ if (virtualPath instanceof TOMLScalar && typeof virtualPath[value] === "string") {
230712
+ localProjectNodeKeys.set(join17(dirname20(uvLockFile), virtualPath[value]), nodeKey);
230713
+ } else if (editablePath instanceof TOMLScalar && typeof editablePath[value] === "string") {
230714
+ localProjectNodeKeys.set(join17(dirname20(uvLockFile), editablePath[value]), nodeKey);
230599
230715
  }
230600
- const dependencies = children2.get(packageName);
230601
- if (pkg.dependencies instanceof TOMLArray) {
230602
- for (const dep of pkg.dependencies) {
230603
- if (dep instanceof TOMLTable && dep.name instanceof TOMLScalar && typeof dep.name[value] === "string") {
230604
- dependencies.add(canonicalizePyPIName(dep.name[value]));
230605
- }
230606
- }
230716
+ }
230717
+ }
230718
+ for (const pkg of packages) {
230719
+ if (!(pkg instanceof TOMLTable)) continue;
230720
+ const nameScalar = pkg.name;
230721
+ const versionScalar = pkg.version;
230722
+ const source = pkg.source;
230723
+ if (!(nameScalar instanceof TOMLScalar) || !(versionScalar instanceof TOMLScalar)) continue;
230724
+ if (typeof nameScalar[value] !== "string" || typeof versionScalar[value] !== "string") continue;
230725
+ const pkgSource = source instanceof TOMLTable ? parseSourceString(source) : void 0;
230726
+ const nodeKey = getPackageKey(nameScalar[value], versionScalar[value], pkgSource);
230727
+ const node = nodes.get(nodeKey);
230728
+ if (!node) continue;
230729
+ const depsArray = pkg.dependencies;
230730
+ if (!(depsArray instanceof TOMLArray)) continue;
230731
+ for (const dep of depsArray) {
230732
+ if (!(dep instanceof TOMLTable)) continue;
230733
+ const depNameScalar = dep.name;
230734
+ if (!(depNameScalar instanceof TOMLScalar) || typeof depNameScalar[value] !== "string") continue;
230735
+ const depName = depNameScalar[value];
230736
+ const depVersionScalar = dep.version;
230737
+ const depSource = dep.source;
230738
+ let resolvedKeys;
230739
+ if (depVersionScalar instanceof TOMLScalar && typeof depVersionScalar[value] === "string" && depSource instanceof TOMLTable) {
230740
+ const depSourceStr = parseSourceString(depSource);
230741
+ resolvedKeys = [getPackageKey(depName, depVersionScalar[value], depSourceStr)];
230742
+ } else if (depVersionScalar instanceof TOMLScalar && typeof depVersionScalar[value] === "string") {
230743
+ const nameVersionKey = `${normalizePackageName(depName)}==${depVersionScalar[value]}`;
230744
+ resolvedKeys = nameVersionToFullKeys.get(nameVersionKey) ?? [];
230745
+ } else {
230746
+ resolvedKeys = nameToFullKeys.get(normalizePackageName(depName)) ?? [];
230747
+ }
230748
+ for (const key of resolvedKeys) {
230749
+ node.deps.add(key);
230607
230750
  }
230608
230751
  }
230609
230752
  }
230610
- const tomlFileToName = new Map(
230611
- await asyncFilterMap(pyprojectTomlFilesForLockFile, async (tomlFile) => {
230612
- const toml = parseTOML2(await readFile25(resolve32(rootDir, tomlFile), "utf-8"));
230613
- return toml && toml.project instanceof TOMLTable && toml.project.name instanceof TOMLScalar && typeof toml.project.name[value] === "string" ? [tomlFile, toml.project.name[value]] : void 0;
230614
- })
230615
- );
230616
- for (const [tomlFile, projectPackageName] of tomlFileToName) {
230617
- const direct = children2.get(projectPackageName);
230618
- if (!direct) continue;
230619
- const transitive = /* @__PURE__ */ new Set();
230620
- const visited = new Set(tomlFileToName.values());
230621
- const worklist = Array.from(direct);
230622
- while (worklist.length) {
230623
- const item = worklist.pop();
230624
- if (visited.has(item)) continue;
230625
- visited.add(item);
230626
- for (const dep of children2.get(item) ?? []) {
230627
- worklist.push(dep);
230628
- transitive.add(dep);
230629
- }
230630
- }
230631
- result.set(tomlFile, { direct, transitive });
230753
+ const localProjectNodeKeySet = new Set(localProjectNodeKeys.values());
230754
+ const result = /* @__PURE__ */ new Map();
230755
+ for (const [projectDir, projectNodeKey] of localProjectNodeKeys.entries()) {
230756
+ const projectNode = nodes.get(projectNodeKey);
230757
+ if (!projectNode) {
230758
+ result.set(projectDir, { direct: /* @__PURE__ */ new Set(), nodes });
230759
+ continue;
230760
+ }
230761
+ const resolvedDirect = /* @__PURE__ */ new Set();
230762
+ for (const depKey of projectNode.deps) {
230763
+ if (!localProjectNodeKeySet.has(depKey)) {
230764
+ resolvedDirect.add(depKey);
230765
+ }
230766
+ }
230767
+ result.set(projectDir, { direct: resolvedDirect, nodes });
230632
230768
  }
230633
230769
  return result;
230634
230770
  }
@@ -230640,14 +230776,14 @@ function satisfiestVersionSpecs(version4, versionSpec) {
230640
230776
  }
230641
230777
 
230642
230778
  // ../fixing-management/src/fixing-management/rubygems/rubygems-socket-upgrade-manager.ts
230643
- import { dirname as dirname22, relative as relative15, resolve as resolve34 } from "node:path";
230779
+ import { dirname as dirname22, relative as relative14, resolve as resolve34 } from "node:path";
230644
230780
  var import_picomatch9 = __toESM(require_picomatch2(), 1);
230645
230781
  import assert14 from "node:assert";
230646
230782
 
230647
230783
  // ../fixing-management/src/fixing-management/rubygems/gemfile-utils.ts
230648
230784
  var import_good_enough_parser4 = __toESM(require_cjs(), 1);
230649
230785
  init_ruby_lang();
230650
- import { resolve as resolve33, dirname as dirname21, relative as relative14 } from "node:path";
230786
+ import { resolve as resolve33, dirname as dirname21, relative as relative13 } from "node:path";
230651
230787
  import { existsSync as existsSync16, readFileSync as readFileSync4, readdirSync as readdirSync4 } from "node:fs";
230652
230788
  init_gemspec_utils();
230653
230789
  var booleanQuery2 = import_good_enough_parser4.query.alt(
@@ -230756,13 +230892,13 @@ var evalGemfileQuery = import_good_enough_parser4.query.sym("eval_gemfile").join
230756
230892
  ctx.exprEndOffset = void 0;
230757
230893
  if (ctx.depth > 50) {
230758
230894
  logger.warn(
230759
- `Recursion limit hit while evaluating gemfile: ${relative14(ctx.gemfile.rootDir, resolve33(ctx.gemfile.rootDir, ctx.gemfile.file))}`
230895
+ `Recursion limit hit while evaluating gemfile: ${relative13(ctx.gemfile.rootDir, resolve33(ctx.gemfile.rootDir, ctx.gemfile.file))}`
230760
230896
  );
230761
230897
  return ctx;
230762
230898
  }
230763
230899
  if (pathEvaluated === void 0) return ctx;
230764
230900
  const rootDir = ctx.gemfile.rootDir;
230765
- const file = relative14(rootDir, resolve33(rootDir, dirname21(ctx.gemfile.file), pathEvaluated));
230901
+ const file = relative13(rootDir, resolve33(rootDir, dirname21(ctx.gemfile.file), pathEvaluated));
230766
230902
  if (!existsSync16(resolve33(rootDir, file))) return ctx;
230767
230903
  const sourceText = readFileSync4(resolve33(rootDir, file), "utf-8");
230768
230904
  const parser2 = import_good_enough_parser4.lang.createLang(lang3);
@@ -230815,7 +230951,7 @@ var gemspecQuery = import_good_enough_parser4.query.sym("gemspec").opt(
230815
230951
  ).handler((ctx) => {
230816
230952
  if (ctx.depth > 50) {
230817
230953
  logger.warn(
230818
- `Recursion limit hit while evaluating gemspec: ${relative14(ctx.gemfile.rootDir, resolve33(ctx.gemfile.rootDir, ctx.gemfile.file))}`
230954
+ `Recursion limit hit while evaluating gemspec: ${relative13(ctx.gemfile.rootDir, resolve33(ctx.gemfile.rootDir, ctx.gemfile.file))}`
230819
230955
  );
230820
230956
  ctx.currentGem = void 0;
230821
230957
  return ctx;
@@ -230854,7 +230990,7 @@ var gemspecQuery = import_good_enough_parser4.query.sym("gemspec").opt(
230854
230990
  if (gemspecFiles.length === 0) return ctx;
230855
230991
  const gemspecFile = gemspecFiles[0];
230856
230992
  const gemspecFullPath = resolve33(searchDir, gemspecFile);
230857
- const gemspecRelativePath = relative14(rootDir, gemspecFullPath);
230993
+ const gemspecRelativePath = relative13(rootDir, gemspecFullPath);
230858
230994
  try {
230859
230995
  const sourceText = readFileSync4(gemspecFullPath, "utf-8");
230860
230996
  const gemspec = parseGemspec(rootDir, gemspecRelativePath, sourceText);
@@ -230999,7 +231135,7 @@ function parseGemfileLock(content) {
230999
231135
  }
231000
231136
 
231001
231137
  // ../fixing-management/src/fixing-management/rubygems/rubygems-socket-upgrade-manager.ts
231002
- import { readFile as readFile26, writeFile as writeFile10 } from "node:fs/promises";
231138
+ import { readFile as readFile26, writeFile as writeFile9 } from "node:fs/promises";
231003
231139
 
231004
231140
  // ../fixing-management/src/fixing-management/rubygems/rubygems-patch-utils.ts
231005
231141
  function createRubygemVersionPatches(gem, idx, upgradeVersion, rangeStyle, statusUpdater) {
@@ -231230,7 +231366,7 @@ var RubygemsSocketUpgradeManager = class {
231230
231366
  });
231231
231367
  continue;
231232
231368
  }
231233
- const gemfileName = relative15(this.rootDir, resolve34(this.rootDir, dirname22(mf.file), "Gemfile"));
231369
+ const gemfileName = relative14(this.rootDir, resolve34(this.rootDir, dirname22(mf.file), "Gemfile"));
231234
231370
  gemfileToLockfile.set(gemfileName, mf.file);
231235
231371
  if (pathGems.length > 0) {
231236
231372
  const { gemspecPatches, gemfilePatches } = await this.handleGemspecDependency(
@@ -231306,17 +231442,17 @@ var RubygemsSocketUpgradeManager = class {
231306
231442
  });
231307
231443
  await asyncForEach(Array.from(restoreMap), async ([path9, { content, artifacts }]) => {
231308
231444
  try {
231309
- await writeFile10(path9, content);
231445
+ await writeFile9(path9, content);
231310
231446
  ctxt.statusUpdater?.({
231311
231447
  status: "success",
231312
- file: relative15(this.rootDir, path9),
231448
+ file: relative14(this.rootDir, path9),
231313
231449
  message: "File restored",
231314
231450
  artifacts: i3(artifacts)
231315
231451
  });
231316
231452
  } catch (e) {
231317
231453
  ctxt.statusUpdater?.({
231318
231454
  status: "error",
231319
- file: relative15(this.rootDir, path9),
231455
+ file: relative14(this.rootDir, path9),
231320
231456
  message: "Could not restore file",
231321
231457
  artifacts: i3(artifacts)
231322
231458
  });
@@ -231573,7 +231709,7 @@ import { resolve as resolve36 } from "path";
231573
231709
 
231574
231710
  // ../utils/dist/constants.js
231575
231711
  var import_lodash8 = __toESM(require_lodash(), 1);
231576
- import { dirname as dirname23, join as join18 } from "node:path";
231712
+ import { dirname as dirname23, join as join19 } from "node:path";
231577
231713
  import { fileURLToPath as fileURLToPath3 } from "node:url";
231578
231714
 
231579
231715
  // ../utils/dist/file-utils.js
@@ -231581,7 +231717,7 @@ var import_lodash7 = __toESM(require_lodash(), 1);
231581
231717
  var import_micromatch2 = __toESM(require_micromatch(), 1);
231582
231718
  import { existsSync as existsSync17 } from "fs";
231583
231719
  import { access as access4, cp as cp3, readdir as readdir4, stat as stat4 } from "fs/promises";
231584
- import { basename as basename9, join as join17, relative as relative16, resolve as resolve35 } from "path";
231720
+ import { basename as basename9, join as join18, relative as relative15, resolve as resolve35 } from "path";
231585
231721
  var { uniq: uniq2 } = import_lodash7.default;
231586
231722
  var { isMatch: isMatch2 } = import_micromatch2.default;
231587
231723
  function* parents2(dir) {
@@ -231610,10 +231746,10 @@ var COANA_ROOT = once3(() => {
231610
231746
  return coanaRoot;
231611
231747
  });
231612
231748
  var REPOS_PATH = once3(() => {
231613
- return process.env.REPOS_PATH ?? join18(COANA_ROOT(), "repos");
231749
+ return process.env.REPOS_PATH ?? join19(COANA_ROOT(), "repos");
231614
231750
  });
231615
231751
  var COANA_REPOS_PATH = once3(() => {
231616
- return process.env.COANA_REPOS_PATH ?? join18(REPOS_PATH(), "coana-tech");
231752
+ return process.env.COANA_REPOS_PATH ?? join19(REPOS_PATH(), "coana-tech");
231617
231753
  });
231618
231754
 
231619
231755
  // ../docker-management/src/constants.ts
@@ -231627,32 +231763,32 @@ var getImageTag = () => {
231627
231763
  };
231628
231764
 
231629
231765
  // ../docker-management/src/docker-spec.ts
231630
- import { join as join19 } from "path";
231766
+ import { join as join20 } from "path";
231631
231767
  var builderSpecs = [
231632
231768
  {
231633
231769
  name: "maven-builder",
231634
- file: join19("builders", "maven", "Dockerfile"),
231770
+ file: join20("builders", "maven", "Dockerfile"),
231635
231771
  isBuilder: true
231636
231772
  },
231637
231773
  {
231638
231774
  name: "python-builder",
231639
- file: join19("builders", "python", "Dockerfile"),
231775
+ file: join20("builders", "python", "Dockerfile"),
231640
231776
  isBuilder: true
231641
231777
  },
231642
231778
  {
231643
231779
  name: "go-builder",
231644
- file: join19("builders", "go", "Dockerfile"),
231780
+ file: join20("builders", "go", "Dockerfile"),
231645
231781
  isBuilder: true
231646
231782
  }
231647
231783
  ];
231648
231784
  var packageManagerDockerSpecs = [
231649
231785
  {
231650
231786
  name: "npm-package-managers",
231651
- file: join19("package-management", "npm", "Dockerfile")
231787
+ file: join20("package-management", "npm", "Dockerfile")
231652
231788
  },
231653
231789
  {
231654
231790
  name: "maven-package-managers",
231655
- file: join19("package-management", "maven", "Dockerfile"),
231791
+ file: join20("package-management", "maven", "Dockerfile"),
231656
231792
  variants: {
231657
231793
  jdk8: {
231658
231794
  JDK_URL_AMD64: "https://github.com/adoptium/temurin8-binaries/releases/download/jdk8u442-b06/OpenJDK8U-jdk_x64_linux_hotspot_8u442b06.tar.gz",
@@ -231677,57 +231813,57 @@ var packageManagerDockerSpecs = [
231677
231813
  },
231678
231814
  {
231679
231815
  name: "pip-package-managers",
231680
- file: join19("package-management", "pip", "Dockerfile"),
231816
+ file: join20("package-management", "pip", "Dockerfile"),
231681
231817
  from: {
231682
231818
  name: "python-builder"
231683
231819
  }
231684
231820
  },
231685
231821
  {
231686
231822
  name: "go-package-manager",
231687
- file: join19("package-management", "go", "Dockerfile"),
231823
+ file: join20("package-management", "go", "Dockerfile"),
231688
231824
  from: {
231689
231825
  name: "go-builder"
231690
231826
  }
231691
231827
  },
231692
231828
  {
231693
231829
  name: "nuget-package-manager",
231694
- file: join19("package-management", "nuget", "Dockerfile")
231830
+ file: join20("package-management", "nuget", "Dockerfile")
231695
231831
  },
231696
231832
  {
231697
231833
  name: "cargo-package-manager",
231698
- file: join19("package-management", "cargo", "Dockerfile")
231834
+ file: join20("package-management", "cargo", "Dockerfile")
231699
231835
  }
231700
231836
  ];
231701
231837
  var reachabilityAnalyzerDockerSpecs = [
231702
231838
  {
231703
231839
  name: "jelly-analyzer",
231704
- file: join19("reachability-analyzers", "jelly", "Dockerfile")
231840
+ file: join20("reachability-analyzers", "jelly", "Dockerfile")
231705
231841
  },
231706
231842
  {
231707
231843
  name: "alucard-analyzer",
231708
- file: join19("reachability-analyzers", "alucard", "Dockerfile")
231844
+ file: join20("reachability-analyzers", "alucard", "Dockerfile")
231709
231845
  },
231710
231846
  {
231711
231847
  name: "mambalade-analyzer",
231712
- file: join19("reachability-analyzers", "mambalade", "Dockerfile"),
231848
+ file: join20("reachability-analyzers", "mambalade", "Dockerfile"),
231713
231849
  from: {
231714
231850
  name: "python-builder"
231715
231851
  }
231716
231852
  },
231717
231853
  {
231718
231854
  name: "goana-analyzer",
231719
- file: join19("reachability-analyzers", "goana", "Dockerfile"),
231855
+ file: join20("reachability-analyzers", "goana", "Dockerfile"),
231720
231856
  from: {
231721
231857
  name: "go-builder"
231722
231858
  }
231723
231859
  },
231724
231860
  {
231725
231861
  name: "cocoa-analyzer",
231726
- file: join19("reachability-analyzers", "cocoa", "Dockerfile")
231862
+ file: join20("reachability-analyzers", "cocoa", "Dockerfile")
231727
231863
  },
231728
231864
  {
231729
231865
  name: "rustica-analyzer",
231730
- file: join19("reachability-analyzers", "rustica", "Dockerfile")
231866
+ file: join20("reachability-analyzers", "rustica", "Dockerfile")
231731
231867
  }
231732
231868
  ];
231733
231869
  function getAllPackageManagerSpecs() {
@@ -232008,13 +232144,13 @@ async function detectVariantMaven(projectDir) {
232008
232144
 
232009
232145
  // ../docker-management/src/maven/gradle-version-detector.ts
232010
232146
  import { existsSync as existsSync18 } from "fs";
232011
- import { join as join20 } from "path";
232147
+ import { join as join21 } from "path";
232012
232148
  import { readFile as readFile28 } from "fs/promises";
232013
232149
  async function detectVariantGradle(projectDir) {
232014
232150
  return sanitizeJvmVariant("GRADLE", projectDir, await detect(projectDir));
232015
232151
  }
232016
232152
  async function detect(projectDir) {
232017
- const gradleWrapperPropertiesPath = join20(projectDir, "gradle", "wrapper", "gradle-wrapper.properties");
232153
+ const gradleWrapperPropertiesPath = join21(projectDir, "gradle", "wrapper", "gradle-wrapper.properties");
232018
232154
  const gradleWrapperProperties = existsSync18(gradleWrapperPropertiesPath) ? (await readFile28(gradleWrapperPropertiesPath, "utf-8")).split("\n").map((line) => line.trim()).filter((line) => !line.startsWith("#")).filter((line) => line) : void 0;
232019
232155
  if (!gradleWrapperProperties) return void 0;
232020
232156
  const distributionUrlRegex = /.*gradle-(\d+(\.\d+(\.\d+)?)?)/;
@@ -232030,13 +232166,13 @@ async function detect(projectDir) {
232030
232166
 
232031
232167
  // ../docker-management/src/maven/sbt-version-detector.ts
232032
232168
  import { existsSync as existsSync19 } from "fs";
232033
- import { join as join21 } from "path";
232169
+ import { join as join22 } from "path";
232034
232170
  import { readFile as readFile29 } from "fs/promises";
232035
232171
  async function detectVariantSbt(projectDir) {
232036
232172
  return sanitizeJvmVariant("SBT", projectDir, await detect2(projectDir));
232037
232173
  }
232038
232174
  async function detect2(projectDir) {
232039
- const sbtBuildPropertiesPath = join21(projectDir, "project", "build.properties");
232175
+ const sbtBuildPropertiesPath = join22(projectDir, "project", "build.properties");
232040
232176
  const sbtBuildProperties = existsSync19(sbtBuildPropertiesPath) ? (await readFile29(sbtBuildPropertiesPath, "utf-8")).split("\n").map((line) => line.trim()).filter((line) => !line.startsWith("#")).filter((line) => line) : void 0;
232041
232177
  if (!sbtBuildProperties) return void 0;
232042
232178
  for (const prop2 of sbtBuildProperties) {
@@ -232151,18 +232287,18 @@ async function findReachabilityAnalyzersDockerImage(ecosystem) {
232151
232287
  // ../other-modules-communicator/src/other-modules-communicator.ts
232152
232288
  var import_lodash12 = __toESM(require_lodash(), 1);
232153
232289
  import { rmSync } from "fs";
232154
- import { mkdir as mkdir5, readFile as readFile30, writeFile as writeFile11 } from "fs/promises";
232290
+ import { mkdir as mkdir5, readFile as readFile30, writeFile as writeFile10 } from "fs/promises";
232155
232291
  import assert15 from "node:assert";
232156
232292
  import { platform as platform6 } from "os";
232157
- import { join as join24, posix as posix2, relative as relative18, sep as sep3 } from "path";
232293
+ import { join as join25, posix as posix2, relative as relative17, sep as sep3 } from "path";
232158
232294
 
232159
232295
  // ../utils/src/tmp-file.ts
232160
232296
  import { rm, mkdtemp, cp as cp4, lstat as lstat2 } from "fs/promises";
232161
232297
  import { tmpdir as tmpdir2 } from "os";
232162
- import { join as join22, relative as relative17, sep as sep2, extname as extname2 } from "path";
232298
+ import { join as join23, relative as relative16, sep as sep2, extname as extname2 } from "path";
232163
232299
  async function createTmpDirectory(prefix) {
232164
232300
  try {
232165
- const tmpDir = await mkdtemp(join22(tmpdir2(), prefix));
232301
+ const tmpDir = await mkdtemp(join23(tmpdir2(), prefix));
232166
232302
  return tmpDir;
232167
232303
  } catch (err) {
232168
232304
  console.log("Error creating tmp directory", err);
@@ -232196,7 +232332,7 @@ async function copyForNpmAnalysis(srcDir, prefix) {
232196
232332
  verbatimSymlinks: true,
232197
232333
  // Preserve symlinks as symlinks instead of dereferencing them
232198
232334
  filter: async (src) => {
232199
- const relativePath = relative17(srcDir, src);
232335
+ const relativePath = relative16(srcDir, src);
232200
232336
  if (relativePath === "") return true;
232201
232337
  const pathSegments = relativePath.split(sep2);
232202
232338
  if (pathSegments.some((segment) => EXCLUDED_DIRECTORIES.has(segment))) {
@@ -232437,7 +232573,7 @@ import { resolve as resolve37 } from "path";
232437
232573
 
232438
232574
  // ../utils/src/constants.ts
232439
232575
  var import_lodash10 = __toESM(require_lodash(), 1);
232440
- import { dirname as dirname24, join as join23 } from "node:path";
232576
+ import { dirname as dirname24, join as join24 } from "node:path";
232441
232577
  import { fileURLToPath as fileURLToPath4 } from "node:url";
232442
232578
  var { once: once5 } = import_lodash10.default;
232443
232579
  var fileName2 = fileURLToPath4(import.meta.url);
@@ -232450,10 +232586,10 @@ var COANA_ROOT2 = once5(() => {
232450
232586
  return coanaRoot;
232451
232587
  });
232452
232588
  var REPOS_PATH2 = once5(() => {
232453
- return process.env.REPOS_PATH ?? join23(COANA_ROOT2(), "repos");
232589
+ return process.env.REPOS_PATH ?? join24(COANA_ROOT2(), "repos");
232454
232590
  });
232455
232591
  var COANA_REPOS_PATH2 = once5(() => {
232456
- return process.env.COANA_REPOS_PATH ?? join23(REPOS_PATH2(), "coana-tech");
232592
+ return process.env.COANA_REPOS_PATH ?? join24(REPOS_PATH2(), "coana-tech");
232457
232593
  });
232458
232594
  var REQUIREMENTS_FILES_SEARCH_DEPTH = 2;
232459
232595
 
@@ -232492,7 +232628,7 @@ var { memoize, once: once7, take } = import_lodash12.default;
232492
232628
  async function getReachabilityAnalyzersScriptPath() {
232493
232629
  if (isNexeMode()) {
232494
232630
  const extractedPath = await extractTool("reachability-analyzers", "reachability-analyzers-cli.mjs");
232495
- return join24(extractedPath, "reachability-analyzers-cli.mjs");
232631
+ return join25(extractedPath, "reachability-analyzers-cli.mjs");
232496
232632
  }
232497
232633
  return REACHABILITY_ANALYZERS_SCRIPT_PATH();
232498
232634
  }
@@ -232577,7 +232713,7 @@ var OtherModulesCommunicator = class {
232577
232713
  }
232578
232714
  if (cmd === "getWorkspacePathsMultipleSubprojects")
232579
232715
  return `${_cmdStr()}: (${packageManagerName}) ${abbreviateList(subprojects, 10)}`;
232580
- return `${_cmdStr()}: (${packageManagerName}) ${relative18(this.rootWorkingDir, subprojectPath) || "."}`;
232716
+ return `${_cmdStr()}: (${packageManagerName}) ${relative17(this.rootWorkingDir, subprojectPath) || "."}`;
232581
232717
  }
232582
232718
  getSpinnerTextForReachabilityAnalyzerCommand(cmd, ecosystem, subprojectPath, workspacePath) {
232583
232719
  function _cmdStr() {
@@ -232590,10 +232726,10 @@ var OtherModulesCommunicator = class {
232590
232726
  return "Running reachability analysis on package registry package";
232591
232727
  }
232592
232728
  }
232593
- return `${_cmdStr()}: (${ecosystem}) ${relative18(this.rootWorkingDir, join24(subprojectPath, workspacePath)) || "."}`;
232729
+ return `${_cmdStr()}: (${ecosystem}) ${relative17(this.rootWorkingDir, join25(subprojectPath, workspacePath)) || "."}`;
232594
232730
  }
232595
232731
  getProjectPath(subprojectPath) {
232596
- return this.options.runWithoutDocker ? subprojectPath : posix2.resolve("/project", relative18(this.rootWorkingDir, subprojectPath).replaceAll(sep3, posix2.sep));
232732
+ return this.options.runWithoutDocker ? subprojectPath : posix2.resolve("/project", relative17(this.rootWorkingDir, subprojectPath).replaceAll(sep3, posix2.sep));
232597
232733
  }
232598
232734
  // options shared between package-management and reachability-analyzers
232599
232735
  commonOptions = once7(
@@ -232639,7 +232775,7 @@ var OtherModulesCommunicator = class {
232639
232775
  async runPackageManagerCommandWithOutput(commandName, packageManagerName, subprojectPath, args2 = [], extraDockerArgs, env) {
232640
232776
  const tmpDir = await this.getTmpDirForSubproject(subprojectPath);
232641
232777
  const outputFileName = `${v4_default()}-${commandName}-output.json`;
232642
- const outputFilePathThisProcess = join24(tmpDir, outputFileName);
232778
+ const outputFilePathThisProcess = join25(tmpDir, outputFileName);
232643
232779
  const outputFilePathOtherProcess = this.options.runWithoutDocker ? outputFilePathThisProcess : posix2.join(TMP_DIR_IN_DOCKER, outputFileName);
232644
232780
  await this.runPackageManagerCommand(
232645
232781
  commandName,
@@ -232677,8 +232813,8 @@ var OtherModulesCommunicator = class {
232677
232813
  if (isNexeMode()) {
232678
232814
  const baseDir = getExtractionBaseDir();
232679
232815
  env.COANA_ROOT = baseDir;
232680
- env.REPOS_PATH = join24(baseDir, "repos");
232681
- env.COANA_REPOS_PATH = join24(baseDir, "repos", "coana-tech");
232816
+ env.REPOS_PATH = join25(baseDir, "repos");
232817
+ env.COANA_REPOS_PATH = join25(baseDir, "repos", "coana-tech");
232682
232818
  env.REACHABILITY_ANALYZERS_SCRIPT_PATH = scriptPath;
232683
232819
  }
232684
232820
  return Spinner.instance().wrap(
@@ -232715,7 +232851,7 @@ var OtherModulesCommunicator = class {
232715
232851
  async runReachabilityAnalyzerCommandWithOutput(commandName, ecosystem, subprojectPath, workspacePath, args2, env, rootWorkingDirOverride, displaySubprojectPath) {
232716
232852
  const tmpDir = await this.getTmpDirForSubproject(displaySubprojectPath ?? subprojectPath);
232717
232853
  const outputFileName = `${v4_default()}-${commandName}-output.json`;
232718
- const outputFilePathThisProcess = join24(tmpDir, outputFileName);
232854
+ const outputFilePathThisProcess = join25(tmpDir, outputFileName);
232719
232855
  const outputFilePathOtherProcess = this.options.runWithoutDocker ? outputFilePathThisProcess : posix2.join(TMP_DIR_IN_DOCKER, outputFileName);
232720
232856
  await this.runReachabilityAnalyzerCommand(
232721
232857
  commandName,
@@ -232746,7 +232882,7 @@ var OtherModulesCommunicator = class {
232746
232882
  "getWorkspacePathsMultipleSubprojects",
232747
232883
  packageManagerName,
232748
232884
  this.rootWorkingDir,
232749
- subprojectPaths.map((subprojectPath) => relative18(this.rootWorkingDir, subprojectPath) || ".")
232885
+ subprojectPaths.map((subprojectPath) => relative17(this.rootWorkingDir, subprojectPath) || ".")
232750
232886
  );
232751
232887
  }
232752
232888
  async getProvidedArgsForSubproject(subprojectPath, providedOptions) {
@@ -232754,9 +232890,9 @@ var OtherModulesCommunicator = class {
232754
232890
  if (providedOptions.type === "providee") {
232755
232891
  const tmpDir = await this.getTmpDirForSubproject(subprojectPath);
232756
232892
  const providerFileName = "provider.json";
232757
- const providerFileThisProcess = join24(tmpDir, providerFileName);
232893
+ const providerFileThisProcess = join25(tmpDir, providerFileName);
232758
232894
  const providerFileOtherProcess = this.options.runWithoutDocker ? providerFileThisProcess : posix2.join(TMP_DIR_IN_DOCKER, providerFileName);
232759
- await writeFile11(providerFileThisProcess, JSON.stringify(providedOptions.provider));
232895
+ await writeFile10(providerFileThisProcess, JSON.stringify(providedOptions.provider));
232760
232896
  return ["--provider", providerFileOtherProcess];
232761
232897
  } else {
232762
232898
  return ["--as-provider"];
@@ -232801,9 +232937,9 @@ var OtherModulesCommunicator = class {
232801
232937
  await extractAllToolsForNexeMode();
232802
232938
  }
232803
232939
  const inputFileName = `${v4_default()}-runReachabilityAnalysis-input.json`;
232804
- const inputFileThisProcess = join24(tmpDir, inputFileName);
232940
+ const inputFileThisProcess = join25(tmpDir, inputFileName);
232805
232941
  const inputFileOtherProcess = this.options.runWithoutDocker ? inputFileThisProcess : posix2.join(TMP_DIR_IN_DOCKER, inputFileName);
232806
- await writeFile11(
232942
+ await writeFile10(
232807
232943
  inputFileThisProcess,
232808
232944
  JSON.stringify({
232809
232945
  workspaceData,
@@ -232845,7 +232981,7 @@ var setUpGoModuleCache = once7(async () => {
232845
232981
  execFileSync2("chmod", ["--recursive", "+rw", tmpDir]);
232846
232982
  rmSync(tmpDir, { recursive: true, force: true });
232847
232983
  });
232848
- const [upper, work] = [join24(tmpDir, "upper"), join24(tmpDir, "work")];
232984
+ const [upper, work] = [join25(tmpDir, "upper"), join25(tmpDir, "work")];
232849
232985
  for (const dir of [upper, work]) await mkdir5(dir);
232850
232986
  const o7 = await execNeverFail2(
232851
232987
  cmdt`docker volume create --driver local --opt type=overlay
@@ -232881,7 +233017,7 @@ function abbreviateList(items, maxItems) {
232881
233017
  import { resolve as resolve38 } from "path";
232882
233018
 
232883
233019
  // ../utils/src/dashboard-api/coana-api.ts
232884
- import { writeFile as writeFile12 } from "fs/promises";
233020
+ import { writeFile as writeFile11 } from "fs/promises";
232885
233021
  var import_artifact = __toESM(require_artifact_client2(), 1);
232886
233022
  var coanaAPI = process.env.PUBLIC_API_URL ?? "https://app.coana.tech/api/v1";
232887
233023
  var axiosClient2 = getAxiosClient();
@@ -233011,7 +233147,7 @@ async function sendToDashboard(report, writeReportToFile, reportId, apiKey) {
233011
233147
  try {
233012
233148
  if (writeReportToFile) {
233013
233149
  logger.info("Writing report to dashboard-report.json");
233014
- await writeFile12("dashboard-report.json", JSON.stringify(report, null, 2));
233150
+ await writeFile11("dashboard-report.json", JSON.stringify(report, null, 2));
233015
233151
  if (process.env.GITHUB_ACTIONS === "true") {
233016
233152
  logger.info("uploading dashboard-report.json as an artifact");
233017
233153
  (0, import_artifact.create)().uploadArtifact("dashboard-report", ["dashboard-report.json"], process.cwd());
@@ -234087,21 +234223,21 @@ function getVulnerabilitiesFromReport(report) {
234087
234223
  var import_packageurl_js = __toESM(require_packageurl_js(), 1);
234088
234224
 
234089
234225
  // dist/cli-upgrade-purl.js
234090
- import { join as join27, relative as relative21, resolve as resolve41 } from "node:path";
234226
+ import { join as join28, relative as relative20, resolve as resolve41 } from "node:path";
234091
234227
  var import_picomatch10 = __toESM(require_picomatch2(), 1);
234092
234228
 
234093
234229
  // ../project-management/src/project-management/project-manager.ts
234094
- import { relative as relative20, resolve as resolve40 } from "path";
234230
+ import { relative as relative19, resolve as resolve40 } from "path";
234095
234231
 
234096
234232
  // ../project-management/src/project-management/ecosystem-management/ecosystem-manager.ts
234097
234233
  var import_micromatch3 = __toESM(require_micromatch2(), 1);
234098
234234
  import { readdir as readdir6 } from "fs/promises";
234099
- import { join as join26, relative as relative19, resolve as resolve39 } from "path";
234235
+ import { join as join27, relative as relative18, resolve as resolve39 } from "path";
234100
234236
 
234101
234237
  // ../project-management/src/project-management/ecosystem-management/ecosystem-specs.ts
234102
234238
  import { existsSync as existsSync21 } from "fs";
234103
234239
  import { readdir as readdir5, readFile as readFile31 } from "fs/promises";
234104
- import { join as join25, sep as sep4 } from "path";
234240
+ import { join as join26, sep as sep4 } from "path";
234105
234241
  var specs = {
234106
234242
  NPM: [
234107
234243
  /* @__PURE__ */ new Map([["package.json", packageManagerIfPackageJSONExistsAndValid("NPM")]]),
@@ -234132,7 +234268,7 @@ var specs = {
234132
234268
  [
234133
234269
  /^(pyproject.toml|setup.py|requirements.*\.txt)/,
234134
234270
  async (projectDir) => {
234135
- const isPythonProject = await exists(join25(projectDir, "pyproject.toml")) || await exists(join25(projectDir, "setup.py")) && await isSetupPySetuptools(join25(projectDir, "setup.py"));
234271
+ const isPythonProject = await exists(join26(projectDir, "pyproject.toml")) || await exists(join26(projectDir, "setup.py")) && await isSetupPySetuptools(join26(projectDir, "setup.py"));
234136
234272
  if (isPythonProject) {
234137
234273
  properPythonProjects.push(projectDir + sep4);
234138
234274
  return "PIP_REQUIREMENTS";
@@ -234155,7 +234291,7 @@ var specs = {
234155
234291
  [
234156
234292
  "uv.lock",
234157
234293
  async (projectDir) => {
234158
- if (await exists(join25(projectDir, "pyproject.toml"))) {
234294
+ if (await exists(join26(projectDir, "pyproject.toml"))) {
234159
234295
  logger.warn("uv is not supported yet, using plain pyproject.toml as a fallback");
234160
234296
  return "PIP_REQUIREMENTS";
234161
234297
  } else logger.error("uv.lock found without pyproject.toml");
@@ -234176,8 +234312,8 @@ function getEcosystemSpecs(ecosystems) {
234176
234312
  }
234177
234313
  function packageManagerIfPackageJSONExistsAndValid(packageManager) {
234178
234314
  return async (projectDir) => {
234179
- if (!existsSync21(join25(projectDir, "package.json"))) return void 0;
234180
- const packageJSONPath = join25(projectDir, "package.json");
234315
+ if (!existsSync21(join26(projectDir, "package.json"))) return void 0;
234316
+ const packageJSONPath = join26(projectDir, "package.json");
234181
234317
  try {
234182
234318
  JSON.parse(await readFile31(packageJSONPath, "utf-8"));
234183
234319
  return packageManager;
@@ -234234,7 +234370,7 @@ var EcosystemManager = class _EcosystemManager {
234234
234370
  const resolvedProjectDir = resolve39(mainProjectDir, relativeProjectDir);
234235
234371
  if (config3.includeDirs.length > 0)
234236
234372
  workspacePaths = workspacePaths.filter(
234237
- (workspacePath) => isMatch3(relative19(mainProjectDir, join26(resolvedProjectDir, workspacePath)), config3.includeDirs)
234373
+ (workspacePath) => isMatch3(relative18(mainProjectDir, join27(resolvedProjectDir, workspacePath)), config3.includeDirs)
234238
234374
  );
234239
234375
  workspacePaths.filter((workspacePath) => workspacePath !== ".").forEach((workspacePath) => projectDirsAlreadyCovered.push(resolve39(resolvedProjectDir, workspacePath)));
234240
234376
  if (workspacePaths.length > 0)
@@ -234262,7 +234398,7 @@ var EcosystemManager = class _EcosystemManager {
234262
234398
  }
234263
234399
  }
234264
234400
  for (const dir of directoriesToTraverse) {
234265
- await recHelper(join26(projectDir, dir), true);
234401
+ await recHelper(join27(projectDir, dir), true);
234266
234402
  }
234267
234403
  }
234268
234404
  async function getPackageManagerName(projectDir, foundProjectFiles, foundLockFiles) {
@@ -234275,7 +234411,7 @@ var EcosystemManager = class _EcosystemManager {
234275
234411
  return typeof packageManagerNameProvider === "function" ? await packageManagerNameProvider(projectDir) : packageManagerNameProvider;
234276
234412
  } catch (e) {
234277
234413
  if (e instanceof InvalidProjectFileError) {
234278
- const projectDirRelative = relative19(mainProjectDir, projectDir) || ".";
234414
+ const projectDirRelative = relative18(mainProjectDir, projectDir) || ".";
234279
234415
  logger.error(
234280
234416
  `Invalid ${e.fileName} file in ${projectDirRelative}. If the project is intentionally invalid, and you want Coana to skip it in the scan, then add "--exclude-dirs ${projectDirRelative}" to the Coana command.`
234281
234417
  );
@@ -234291,7 +234427,7 @@ var EcosystemManager = class _EcosystemManager {
234291
234427
  const filesAndDirectories = await readdir6(projectDir, { withFileTypes: true });
234292
234428
  for (const dirent of filesAndDirectories) {
234293
234429
  const fileOrDirectory = dirent.name;
234294
- const fullPath = join26(projectDir, fileOrDirectory);
234430
+ const fullPath = join27(projectDir, fileOrDirectory);
234295
234431
  if (dirent.isDirectory()) {
234296
234432
  if (shouldIgnoreDir(fileOrDirectory) || shouldIgnoreDueToExcludeDirsOrChangedFiles(config3, fullPath))
234297
234433
  continue;
@@ -234318,7 +234454,7 @@ var EcosystemManager = class _EcosystemManager {
234318
234454
  packageManagerName,
234319
234455
  subprojectPath,
234320
234456
  workspacePaths: workspacePaths.filter(
234321
- (workspacePath) => !shouldIgnoreDueToExcludeDirsOrChangedFiles(this.config, join26(subprojectPath, workspacePath))
234457
+ (workspacePath) => !shouldIgnoreDueToExcludeDirsOrChangedFiles(this.config, join27(subprojectPath, workspacePath))
234322
234458
  )
234323
234459
  }));
234324
234460
  }
@@ -234367,7 +234503,7 @@ function shouldIgnoreDir(dir) {
234367
234503
  return dirsToIgnore.includes(dir);
234368
234504
  }
234369
234505
  function shouldIgnoreDueToExcludeDirsOrChangedFiles({ mainProjectDir, excludeDirs, changedFiles }, fullPath) {
234370
- const relativeToProjectDir = relative19(mainProjectDir, fullPath) || ".";
234506
+ const relativeToProjectDir = relative18(mainProjectDir, fullPath) || ".";
234371
234507
  return !!(isMatch3(relativeToProjectDir, excludeDirs) || changedFiles && !changedFiles.some((changedFile) => changedFile.startsWith(relativeToProjectDir)));
234372
234508
  }
234373
234509
 
@@ -234415,7 +234551,7 @@ var ProjectManager = class _ProjectManager {
234415
234551
  if (subprojects.length === 0) return void 0;
234416
234552
  return ` ${ecosystem}:
234417
234553
  ${subprojects.map(
234418
- ({ subprojectPath, workspacePaths }) => ` ${relative20(this.projectDir, subprojectPath) || ". (Root)"}${workspacePaths.length > 1 || workspacePaths[0] !== "." ? ` (${workspacePaths.length} ${ecosystem === "MAVEN" ? "modules" : "workspaces"})` : ""}`
234554
+ ({ subprojectPath, workspacePaths }) => ` ${relative19(this.projectDir, subprojectPath) || ". (Root)"}${workspacePaths.length > 1 || workspacePaths[0] !== "." ? ` (${workspacePaths.length} ${ecosystem === "MAVEN" ? "modules" : "workspaces"})` : ""}`
234419
234555
  ).join("\n")}`;
234420
234556
  }).filter((line) => line).join("\n");
234421
234557
  const detailsString = Object.entries(this.ecosystemToEcosystemManager).map(([ecosystem, manager]) => {
@@ -234423,7 +234559,7 @@ ${subprojects.map(
234423
234559
  if (subprojects.length === 0) return void 0;
234424
234560
  const subprojectsString = subprojects.map(({ subprojectPath, workspacePaths, packageManagerName }) => {
234425
234561
  if (workspacePaths.length === 1 && workspacePaths[0] === ".") return void 0;
234426
- return ` ${relative20(this.projectDir, subprojectPath) || ". (Root)"}
234562
+ return ` ${relative19(this.projectDir, subprojectPath) || ". (Root)"}
234427
234563
  ${workspacePaths.map((ws) => ` ${ws === "." ? ". (Root)" : ws} - ${packageManagerName}`).join("\n")}`;
234428
234564
  }).filter((line) => line).join("\n");
234429
234565
  if (!subprojectsString) return void 0;
@@ -234579,7 +234715,7 @@ ${Array.from(upgrades).map(([idx, upgradeVersion]) => ` ${prettyPrintPurlUpgrade
234579
234715
  warn: "\u26A0\uFE0F",
234580
234716
  error: "\u274C"
234581
234717
  };
234582
- logger.info(`${statusIcons[update3.status]} ${update3.message} \u2500 ${relative21(rootDir, resolve41(rootDir, update3.file))}`);
234718
+ logger.info(`${statusIcons[update3.status]} ${update3.message} \u2500 ${relative20(rootDir, resolve41(rootDir, update3.file))}`);
234583
234719
  update3.artifacts.forEach((idx, i7) => {
234584
234720
  logger.info(`${" ".repeat(3)}${i7 === update3.artifacts.length - 1 ? "\u2514\u2500" : "\u251C\u2500"} ${prettyPrintSocketFactArtifactUpgrade(artifacts[idx], upgrades2.get(idx))}`);
234585
234721
  });
@@ -234633,7 +234769,7 @@ ${Array.from(upgrades).map(([idx, upgradeVersion]) => ` ${prettyPrintPurlUpgrade
234633
234769
  const subprojectPromiseQueue = new PromiseQueue(Number(options.concurrency));
234634
234770
  supportedSubprojects.forEach((subproject) => {
234635
234771
  subprojectPromiseQueue.enqueueTask(async () => {
234636
- const workspacePathsMatchingGlob = subproject.workspacePaths.filter((wsPath) => wsFilter(relative21(rootDir, resolve41(rootDir, subproject.subprojectPath, wsPath)) || "."));
234772
+ const workspacePathsMatchingGlob = subproject.workspacePaths.filter((wsPath) => wsFilter(relative20(rootDir, resolve41(rootDir, subproject.subprojectPath, wsPath)) || "."));
234637
234773
  if (workspacePathsMatchingGlob.length === 0)
234638
234774
  return;
234639
234775
  const filterDescription = options.include !== void 0 || options.exclude !== void 0 ? `matching filters ${options.include ? `include: [${options.include.join(", ")}]` : ""}${options.include && options.exclude ? " " : ""}${options.exclude ? `exclude: [${options.exclude.join(", ")}]` : ""}` : "";
@@ -234663,7 +234799,7 @@ ${workspacePathsMatchingGlob.map((wsPath) => ` ${wsPath}`).join("\n")}`);
234663
234799
  });
234664
234800
  if (vulnerabilityFixes.length === 0)
234665
234801
  return;
234666
- logger.info(`Found ${vulnerabilityFixes.length} ${vulnerabilityFixes.length === 1 ? "dependency" : "dependencies"} matching upgrade specs for ${join27(subproject.subprojectPath, wsPath)}`);
234802
+ logger.info(`Found ${vulnerabilityFixes.length} ${vulnerabilityFixes.length === 1 ? "dependency" : "dependencies"} matching upgrade specs for ${join28(subproject.subprojectPath, wsPath)}`);
234667
234803
  workspaceToFixes[wsPath] = [
234668
234804
  {
234669
234805
  fixId: "dummy",
@@ -234675,7 +234811,7 @@ ${workspacePathsMatchingGlob.map((wsPath) => ` ${wsPath}`).join("\n")}`);
234675
234811
  logger.info(`No dependencies matching upgrade specs found for subproject ${subproject.subprojectPath}`);
234676
234812
  return;
234677
234813
  }
234678
- await applySecurityFixes(subproject.packageManagerName, rootDir, relative21(rootDir, subproject.subprojectPath) || ".", otherModulesCommunicator, workspaceToFixes, fixingData, signalFixApplied);
234814
+ await applySecurityFixes(subproject.packageManagerName, rootDir, relative20(rootDir, subproject.subprojectPath) || ".", otherModulesCommunicator, workspaceToFixes, fixingData, signalFixApplied);
234679
234815
  });
234680
234816
  });
234681
234817
  await subprojectPromiseQueue.onIdle();
@@ -234684,7 +234820,7 @@ ${workspacePathsMatchingGlob.map((wsPath) => ` ${wsPath}`).join("\n")}`);
234684
234820
  }
234685
234821
  }
234686
234822
  var signalFixApplied = (_fixId, subprojectPath, workspacePath, vulnerabilityFixes) => {
234687
- logger.info(`Successfully upgraded purls for: ${join27(subprojectPath, workspacePath)}`);
234823
+ logger.info(`Successfully upgraded purls for: ${join28(subprojectPath, workspacePath)}`);
234688
234824
  logger.info(`Upgraded:
234689
234825
  ${vulnerabilityFixes.map((fix) => ` ${fix.dependencyName} from ${fix.currentVersion} to ${fix.fixedVersion}`).join("\n")}`);
234690
234826
  };
@@ -234890,7 +235026,7 @@ function prettyApplyFixesTo(applyFixesToOption) {
234890
235026
  // dist/cli-core.js
234891
235027
  import assert16 from "node:assert";
234892
235028
  import { existsSync as existsSync26, writeFileSync as writeFileSync3 } from "fs";
234893
- import { mkdir as mkdir6, writeFile as writeFile14 } from "fs/promises";
235029
+ import { mkdir as mkdir6, writeFile as writeFile13 } from "fs/promises";
234894
235030
 
234895
235031
  // ../../node_modules/.pnpm/kleur@4.1.5/node_modules/kleur/index.mjs
234896
235032
  var FORCE_COLOR;
@@ -234995,7 +235131,7 @@ var kleur_default = $;
234995
235131
  // dist/cli-core.js
234996
235132
  var import_lodash15 = __toESM(require_lodash(), 1);
234997
235133
  import os from "os";
234998
- import { join as join30, relative as relative22, resolve as resolve43 } from "path";
235134
+ import { join as join31, relative as relative21, resolve as resolve43 } from "path";
234999
235135
 
235000
235136
  // ../utils/src/dashboard-api/shared-api.ts
235001
235137
  var DashboardAPI = class {
@@ -235787,7 +235923,7 @@ function transformToVulnChainNode(dependencyTree) {
235787
235923
  }
235788
235924
 
235789
235925
  // dist/internal/socket-mode-helpers-socket-dependency-trees.js
235790
- import { basename as basename11, dirname as dirname25, join as join28, sep as sep5 } from "path";
235926
+ import { basename as basename11, dirname as dirname25, join as join29, sep as sep5 } from "path";
235791
235927
  var REQUIREMENTS_FILES_SEARCH_DEPTH2 = 3;
235792
235928
  var venvExcludes = [
235793
235929
  "venv",
@@ -235912,7 +236048,7 @@ async function fetchArtifactsFromSocket(rootWorkingDirectory, manifestsTarHash,
235912
236048
  for (const file of allFiles) {
235913
236049
  const base = basename11(file);
235914
236050
  const workspaceDir = dirname25(file) || ".";
235915
- if (base === "pyproject.toml" || base === "setup.py" && await isSetupPySetuptools(join28(rootWorkingDirectory, file))) {
236051
+ if (base === "pyproject.toml" || base === "setup.py" && await isSetupPySetuptools(join29(rootWorkingDirectory, file))) {
235916
236052
  if (!properPythonProjects.includes(workspaceDir)) {
235917
236053
  properPythonProjects.push(workspaceDir);
235918
236054
  }
@@ -237917,10 +238053,10 @@ function compareDocumentPosition(nodeA, nodeB) {
237917
238053
  function uniqueSort(nodes) {
237918
238054
  nodes = nodes.filter((node, i7, arr) => !arr.includes(node, i7 + 1));
237919
238055
  nodes.sort((a4, b) => {
237920
- const relative23 = compareDocumentPosition(a4, b);
237921
- if (relative23 & DocumentPosition.PRECEDING) {
238056
+ const relative22 = compareDocumentPosition(a4, b);
238057
+ if (relative22 & DocumentPosition.PRECEDING) {
237922
238058
  return -1;
237923
- } else if (relative23 & DocumentPosition.FOLLOWING) {
238059
+ } else if (relative22 & DocumentPosition.FOLLOWING) {
237924
238060
  return 1;
237925
238061
  }
237926
238062
  return 0;
@@ -249779,11 +249915,11 @@ var { root: root2 } = static_exports;
249779
249915
  // ../utils/src/maven-utils.ts
249780
249916
  var import_lodash14 = __toESM(require_lodash(), 1);
249781
249917
  import { existsSync as existsSync25, readdirSync as readdirSync5, statSync as statSync5 } from "fs";
249782
- import { join as join29 } from "path";
249918
+ import { join as join30 } from "path";
249783
249919
 
249784
249920
  // ../utils/src/download-utils.ts
249785
249921
  import { existsSync as existsSync24 } from "fs";
249786
- import { writeFile as writeFile13 } from "fs/promises";
249922
+ import { writeFile as writeFile12 } from "fs/promises";
249787
249923
 
249788
249924
  // ../utils/src/maven-utils.ts
249789
249925
  var { memoize: memoize3 } = import_lodash14.default;
@@ -251150,7 +251286,7 @@ async function onlineScan(dependencyTree, apiKey, timeout) {
251150
251286
  }
251151
251287
 
251152
251288
  // dist/version.js
251153
- var version3 = "14.12.131";
251289
+ var version3 = "14.12.133";
251154
251290
 
251155
251291
  // dist/cli-core.js
251156
251292
  var { mapValues, omit, partition, pickBy: pickBy2 } = import_lodash15.default;
@@ -251271,8 +251407,8 @@ var CliCore = class {
251271
251407
  }
251272
251408
  async main() {
251273
251409
  const tmpDir = await createTmpDirectory("coana-cli-");
251274
- this.coanaLogPath = join30(tmpDir, "coana-log.txt");
251275
- this.coanaSocketPath = join30(tmpDir, "coana.sock");
251410
+ this.coanaLogPath = join31(tmpDir, "coana-log.txt");
251411
+ this.coanaSocketPath = join31(tmpDir, "coana.sock");
251276
251412
  if (this.options.socketMode) {
251277
251413
  logger.enableStreamBuffering();
251278
251414
  }
@@ -251419,7 +251555,7 @@ var CliCore = class {
251419
251555
  await this.shareLogIfAnalysisError(vulnsWithResults);
251420
251556
  const socketReport = toSocketFactsSocketDependencyTree(artifacts, vulnsWithResults, this.reportId, allWorkspaceDiagnostics);
251421
251557
  const outputFile = resolve43(this.options.socketMode);
251422
- await writeFile14(outputFile, JSON.stringify(socketReport, null, 2));
251558
+ await writeFile13(outputFile, JSON.stringify(socketReport, null, 2));
251423
251559
  logger.info(kleur_default.green(`Socket report written to: ${outputFile}`));
251424
251560
  }
251425
251561
  displayWorkspaceDiagnosticsSummary(diagnosticsEntries) {
@@ -251504,7 +251640,7 @@ var CliCore = class {
251504
251640
  }
251505
251641
  const socketReport = toSocketFacts(report, this.reportDependencyTrees, subPjToWsPathToDirectDependencies);
251506
251642
  const outputFile = resolve43(this.options.socketMode);
251507
- await writeFile14(outputFile, JSON.stringify(socketReport, null, 2));
251643
+ await writeFile13(outputFile, JSON.stringify(socketReport, null, 2));
251508
251644
  logger.info(kleur_default.green(`Socket report written to: ${outputFile}`));
251509
251645
  return;
251510
251646
  }
@@ -251543,7 +251679,7 @@ var CliCore = class {
251543
251679
  const { reachabilitySupport, traditionalScaSupport, noSupport } = manager.getSubprojectsWithWorkspacePaths();
251544
251680
  await this.dashboardAPI.registerSubprojects([...reachabilitySupport, ...traditionalScaSupport, ...noSupport].map((sp) => ({
251545
251681
  ...sp,
251546
- subprojectPath: relative22(this.rootWorkingDirectory, sp.subprojectPath) || "."
251682
+ subprojectPath: relative21(this.rootWorkingDirectory, sp.subprojectPath) || "."
251547
251683
  })), this.reportId, this.apiKey);
251548
251684
  for (const unsupported of noSupport)
251549
251685
  logger.warn(unsupported.unsupportedMsg);
@@ -251572,7 +251708,7 @@ var CliCore = class {
251572
251708
  await this.spinner.succeed();
251573
251709
  } catch (error) {
251574
251710
  if (this.options.ignoreFailingWorkspaces) {
251575
- const relativeSubprojectPath = relative22(this.rootWorkingDirectory, subprojectAndWsPath.subprojectPath) || ".";
251711
+ const relativeSubprojectPath = relative21(this.rootWorkingDirectory, subprojectAndWsPath.subprojectPath) || ".";
251576
251712
  this.failedSubprojects.push({
251577
251713
  subproject: relativeSubprojectPath,
251578
251714
  error: error.message || "Unknown error"
@@ -251631,7 +251767,7 @@ Subproject: ${subproject}`);
251631
251767
  }
251632
251768
  async updateSpinnerTextOnNewSubproject(subprojectAndWsPath, numberSubprojects, index2) {
251633
251769
  this.spinner.start();
251634
- const relativeSubprojectPath = relative22(this.rootWorkingDirectory, subprojectAndWsPath.subprojectPath) || ".";
251770
+ const relativeSubprojectPath = relative21(this.rootWorkingDirectory, subprojectAndWsPath.subprojectPath) || ".";
251635
251771
  await this.spinner.setText(numberSubprojects > 1 ? `Processing subproject ${relativeSubprojectPath} (${index2 + 1}/${numberSubprojects})${+this.options.concurrency > 1 ? `. May process up to ${+this.options.concurrency - 1} other workspaces in parallel` : ""}` : `Processing ${relativeSubprojectPath}`);
251636
251772
  }
251637
251773
  async initialize() {
@@ -251713,7 +251849,7 @@ Subproject: ${subproject}`);
251713
251849
  return workspaceToAugmentedVulnerabilities[workspacePath] !== void 0;
251714
251850
  }).map((workspacePath) => {
251715
251851
  return {
251716
- subprojectPath: relative22(this.rootWorkingDirectory, subprojectPath) || ".",
251852
+ subprojectPath: relative21(this.rootWorkingDirectory, subprojectPath) || ".",
251717
251853
  workspacePath,
251718
251854
  directDependencies: projectInfo[workspacePath].dataForAnalysis.directDependenciesMap ?? {},
251719
251855
  vulnerabilities: workspaceToAugmentedVulnerabilities[workspacePath],
@@ -251942,7 +252078,7 @@ Subproject: ${subproject}`);
251942
252078
  async sendProgress(type, isStartEvent, subprojectPath, workspacePath) {
251943
252079
  await this.dashboardAPI.registerCLIProgress({
251944
252080
  type,
251945
- ...subprojectPath ? { subprojectPath: relative22(this.rootWorkingDirectory, subprojectPath) || "." } : {},
252081
+ ...subprojectPath ? { subprojectPath: relative21(this.rootWorkingDirectory, subprojectPath) || "." } : {},
251946
252082
  ...workspacePath ? { workspacePath } : {}
251947
252083
  }, isStartEvent, this.reportId, this.apiKey);
251948
252084
  }
@@ -251998,7 +252134,7 @@ Subproject: ${subproject}`);
251998
252134
  dependencyTree: workspaceToPlainDependencyTree[workspacePath],
251999
252135
  ecosystem: workspaceToPlainDependencyTree[workspacePath].ecosystem ?? "NPM",
252000
252136
  workspacePath,
252001
- subprojectPath: relative22(rootWorkingDirectory, subprojectPath) || "."
252137
+ subprojectPath: relative21(rootWorkingDirectory, subprojectPath) || "."
252002
252138
  }));
252003
252139
  if (this.options.socketMode) {
252004
252140
  this.reportDependencyTrees = workspacePaths.map((workspacePath) => ({
@@ -252006,7 +252142,7 @@ Subproject: ${subproject}`);
252006
252142
  dependencyTree: projectInfo[workspacePath].dataForAnalysis.data.dependencyTree,
252007
252143
  ecosystem: projectInfo[workspacePath].dataForAnalysis.data.dependencyTree.ecosystem ?? "NPM",
252008
252144
  workspacePath,
252009
- subprojectPath: relative22(rootWorkingDirectory, subprojectPath) || "."
252145
+ subprojectPath: relative21(rootWorkingDirectory, subprojectPath) || "."
252010
252146
  }));
252011
252147
  }
252012
252148
  if (this.shareWithDashboard)
@@ -252022,7 +252158,7 @@ Subproject: ${subproject}`);
252022
252158
  } catch (e) {
252023
252159
  logger.error(`Scanning for vulnerabilities failed for subproject ${subprojectPath} in workspace ${workspacePath}`);
252024
252160
  if (this.options.ignoreFailingWorkspaces) {
252025
- const relativeSubprojectPath = relative22(this.rootWorkingDirectory, subprojectPath) || ".";
252161
+ const relativeSubprojectPath = relative21(this.rootWorkingDirectory, subprojectPath) || ".";
252026
252162
  this.failedWorkspaces.push({
252027
252163
  subproject: relativeSubprojectPath,
252028
252164
  workspace: workspacePath,
@@ -252041,7 +252177,7 @@ Subproject: ${subproject}`);
252041
252177
  }
252042
252178
  };
252043
252179
  function getRelativeSubprojectPath(subprojectPath, projectDir) {
252044
- return relative22(projectDir, subprojectPath) || ".";
252180
+ return relative21(projectDir, subprojectPath) || ".";
252045
252181
  }
252046
252182
  function getDependencyType(vulnChainDetails, codeAwareScanResults, directDependencies, reachability) {
252047
252183
  if (reachability === "UNREACHABLE" || reachability === "UNKNOWN") {
@@ -252102,8 +252238,8 @@ computeFixesAndUpgradePurlsCmd.name("compute-fixes-and-upgrade-purls").argument(
252102
252238
  throw new Error('Range style must be "pin"');
252103
252239
  }
252104
252240
  options.purlTypes = options.purlTypes?.map((t4) => t4.toLowerCase());
252105
- const tmpDir = await mkdtemp2(join31(tmpdir3(), "compute-fixes-and-upgrade-purls-"));
252106
- const logFile = join31(tmpDir, "compute-fixes-and-upgrade-purls.log");
252241
+ const tmpDir = await mkdtemp2(join32(tmpdir3(), "compute-fixes-and-upgrade-purls-"));
252242
+ const logFile = join32(tmpDir, "compute-fixes-and-upgrade-purls.log");
252107
252243
  logger.initWinstonLogger(options.debug, logFile);
252108
252244
  try {
252109
252245
  await initializeComputeFixesAndUpgradePurls(path9, options);
@@ -252115,7 +252251,7 @@ computeFixesAndUpgradePurlsCmd.name("compute-fixes-and-upgrade-purls").argument(
252115
252251
  if (options.outputFile) {
252116
252252
  const outputFile = resolve44(options.outputFile);
252117
252253
  await mkdir7(dirname26(outputFile), { recursive: true });
252118
- await writeFile15(outputFile, JSON.stringify(output, null, 2));
252254
+ await writeFile14(outputFile, JSON.stringify(output, null, 2));
252119
252255
  logger.info(`Result written to: ${outputFile}`);
252120
252256
  }
252121
252257
  await rm3(tmpDir, { recursive: true, force: true });