@code-pushup/js-packages-plugin 0.26.1

package/bin.js

@@ -0,0 +1,1040 @@
+// packages/plugin-js-packages/src/lib/runner/index.ts
+import { writeFile } from "node:fs/promises";
+import { dirname } from "node:path";
+
+// packages/models/src/lib/audit.ts
+import { z as z2 } from "zod";
+
+// packages/models/src/lib/implementation/schemas.ts
+import { MATERIAL_ICONS } from "vscode-material-icons";
+import { z } from "zod";
+
+// packages/models/src/lib/implementation/limits.ts
+var MAX_SLUG_LENGTH = 128;
+var MAX_TITLE_LENGTH = 256;
+var MAX_DESCRIPTION_LENGTH = 65536;
+var MAX_ISSUE_MESSAGE_LENGTH = 1024;
+
+// packages/models/src/lib/implementation/utils.ts
+var slugRegex = /^[a-z\d]+(?:-[a-z\d]+)*$/;
+var filenameRegex = /^(?!.*[ \\/:*?"<>|]).+$/;
+function hasDuplicateStrings(strings) {
+  const sortedStrings = [...strings].sort();
+  const duplStrings = sortedStrings.filter(
+    (item, index) => index !== 0 && item === sortedStrings[index - 1]
+  );
+  return duplStrings.length === 0 ? false : [...new Set(duplStrings)];
+}
+function hasMissingStrings(toCheck, existing) {
+  const nonExisting = toCheck.filter((s) => !existing.includes(s));
+  return nonExisting.length === 0 ? false : nonExisting;
+}
+function errorItems(items, transform = (itemArr) => itemArr.join(", ")) {
+  return transform(items || []);
+}
+function exists(value) {
+  return value != null;
+}
+function getMissingRefsForCategories(categories, plugins) {
+  if (categories.length === 0) {
+    return false;
+  }
+  const auditRefsFromCategory = categories.flatMap(
+    ({ refs }) => refs.filter(({ type }) => type === "audit").map(({ plugin, slug }) => `${plugin}/${slug}`)
+  );
+  const auditRefsFromPlugins = plugins.flatMap(
+    ({ audits, slug: pluginSlug }) => audits.map(({ slug }) => `${pluginSlug}/${slug}`)
+  );
+  const missingAuditRefs = hasMissingStrings(
+    auditRefsFromCategory,
+    auditRefsFromPlugins
+  );
+  const groupRefsFromCategory = categories.flatMap(
+    ({ refs }) => refs.filter(({ type }) => type === "group").map(({ plugin, slug }) => `${plugin}#${slug} (group)`)
+  );
+  const groupRefsFromPlugins = plugins.flatMap(
+    ({ groups, slug: pluginSlug }) => Array.isArray(groups) ? groups.map(({ slug }) => `${pluginSlug}#${slug} (group)`) : []
+  );
+  const missingGroupRefs = hasMissingStrings(
+    groupRefsFromCategory,
+    groupRefsFromPlugins
+  );
+  const missingRefs = [missingAuditRefs, missingGroupRefs].filter((refs) => Array.isArray(refs) && refs.length > 0).flat();
+  return missingRefs.length > 0 ? missingRefs : false;
+}
+function missingRefsForCategoriesErrorMsg(categories, plugins) {
+  const missingRefs = getMissingRefsForCategories(categories, plugins);
+  return `The following category references need to point to an audit or group: ${errorItems(
+    missingRefs
+  )}`;
+}
+
+// packages/models/src/lib/implementation/schemas.ts
+function executionMetaSchema(options = {
+  descriptionDate: "Execution start date and time",
+  descriptionDuration: "Execution duration in ms"
+}) {
+  return z.object({
+    date: z.string({ description: options.descriptionDate }),
+    duration: z.number({ description: options.descriptionDuration })
+  });
+}
+var slugSchema = z.string({ description: "Unique ID (human-readable, URL-safe)" }).regex(slugRegex, {
+  message: "The slug has to follow the pattern [0-9a-z] followed by multiple optional groups of -[0-9a-z]. e.g. my-slug"
+}).max(MAX_SLUG_LENGTH, {
+  message: `slug can be max ${MAX_SLUG_LENGTH} characters long`
+});
+var descriptionSchema = z.string({ description: "Description (markdown)" }).max(MAX_DESCRIPTION_LENGTH).optional();
+var urlSchema = z.string().url();
+var docsUrlSchema = urlSchema.optional().or(z.literal("")).describe("Documentation site");
+var titleSchema = z.string({ description: "Descriptive name" }).max(MAX_TITLE_LENGTH);
+var scoreSchema = z.number({
+  description: "Value between 0 and 1"
+}).min(0).max(1);
+function metaSchema(options) {
+  const {
+    descriptionDescription,
+    titleDescription,
+    docsUrlDescription,
+    description
+  } = options ?? {};
+  return z.object(
+    {
+      title: titleDescription ? titleSchema.describe(titleDescription) : titleSchema,
+      description: descriptionDescription ? descriptionSchema.describe(descriptionDescription) : descriptionSchema,
+      docsUrl: docsUrlDescription ? docsUrlSchema.describe(docsUrlDescription) : docsUrlSchema
+    },
+    { description }
+  );
+}
+var filePathSchema = z.string().trim().min(1, { message: "path is invalid" });
+var fileNameSchema = z.string().trim().regex(filenameRegex, {
+  message: `The filename has to be valid`
+}).min(1, { message: "file name is invalid" });
+var positiveIntSchema = z.number().int().positive();
+var nonnegativeIntSchema = z.number().int().nonnegative();
+function packageVersionSchema(options) {
+  const { versionDescription = "NPM version of the package", required } = options ?? {};
+  const packageSchema = z.string({ description: "NPM package name" });
+  const versionSchema = z.string({ description: versionDescription });
+  return z.object(
+    {
+      packageName: required ? packageSchema : packageSchema.optional(),
+      version: required ? versionSchema : versionSchema.optional()
+    },
+    { description: "NPM package name and version of a published package" }
+  );
+}
+var weightSchema = nonnegativeIntSchema.describe(
+  "Coefficient for the given score (use weight 0 if only for display)"
+);
+function weightedRefSchema(description, slugDescription) {
+  return z.object(
+    {
+      slug: slugSchema.describe(slugDescription),
+      weight: weightSchema.describe("Weight used to calculate score")
+    },
+    { description }
+  );
+}
+function scorableSchema(description, refSchema, duplicateCheckFn, duplicateMessageFn) {
+  return z.object(
+    {
+      slug: slugSchema.describe('Human-readable unique ID, e.g. "performance"'),
+      refs: z.array(refSchema).min(1).refine(
+        (refs) => !duplicateCheckFn(refs),
+        (refs) => ({
+          message: duplicateMessageFn(refs)
+        })
+      ).refine(hasNonZeroWeightedRef, () => ({
+        message: "In a category there has to be at least one ref with weight > 0"
+      }))
+    },
+    { description }
+  );
+}
+var materialIconSchema = z.enum(MATERIAL_ICONS, {
+  description: "Icon from VSCode Material Icons extension"
+});
+function hasNonZeroWeightedRef(refs) {
+  return refs.reduce((acc, { weight }) => weight + acc, 0) !== 0;
+}
+
+// packages/models/src/lib/audit.ts
+var auditSchema = z2.object({
+  slug: slugSchema.describe("ID (unique within plugin)")
+}).merge(
+  metaSchema({
+    titleDescription: "Descriptive name",
+    descriptionDescription: "Description (markdown)",
+    docsUrlDescription: "Link to documentation (rationale)",
+    description: "List of scorable metrics for the given plugin"
+  })
+);
+var pluginAuditsSchema = z2.array(auditSchema, {
+  description: "List of audits maintained in a plugin"
+}).min(1).refine(
+  (auditMetadata) => !getDuplicateSlugsInAudits(auditMetadata),
+  (auditMetadata) => ({
+    message: duplicateSlugsInAuditsErrorMsg(auditMetadata)
+  })
+);
+function duplicateSlugsInAuditsErrorMsg(audits) {
+  const duplicateRefs = getDuplicateSlugsInAudits(audits);
+  return `In plugin audits the following slugs are not unique: ${errorItems(
+    duplicateRefs
+  )}`;
+}
+function getDuplicateSlugsInAudits(audits) {
+  return hasDuplicateStrings(audits.map(({ slug }) => slug));
+}
+
+// packages/models/src/lib/audit-output.ts
+import { z as z4 } from "zod";
+
+// packages/models/src/lib/issue.ts
+import { z as z3 } from "zod";
+var sourceFileLocationSchema = z3.object(
+  {
+    file: filePathSchema.describe("Relative path to source file in Git repo"),
+    position: z3.object(
+      {
+        startLine: positiveIntSchema.describe("Start line"),
+        startColumn: positiveIntSchema.describe("Start column").optional(),
+        endLine: positiveIntSchema.describe("End line").optional(),
+        endColumn: positiveIntSchema.describe("End column").optional()
+      },
+      { description: "Location in file" }
+    ).optional()
+  },
+  { description: "Source file location" }
+);
+var issueSeveritySchema = z3.enum(["info", "warning", "error"], {
+  description: "Severity level"
+});
+var issueSchema = z3.object(
+  {
+    message: z3.string({ description: "Descriptive error message" }).max(MAX_ISSUE_MESSAGE_LENGTH),
+    severity: issueSeveritySchema,
+    source: sourceFileLocationSchema.optional()
+  },
+  { description: "Issue information" }
+);
+
+// packages/models/src/lib/audit-output.ts
+var auditValueSchema = nonnegativeIntSchema.describe("Raw numeric value");
+var auditDisplayValueSchema = z4.string({ description: "Formatted value (e.g. '0.9 s', '2.1 MB')" }).optional();
+var auditDetailsSchema = z4.object(
+  {
+    issues: z4.array(issueSchema, { description: "List of findings" })
+  },
+  { description: "Detailed information" }
+);
+var auditOutputSchema = z4.object(
+  {
+    slug: slugSchema.describe("Reference to audit"),
+    displayValue: auditDisplayValueSchema,
+    value: auditValueSchema,
+    score: scoreSchema,
+    details: auditDetailsSchema.optional()
+  },
+  { description: "Audit information" }
+);
+var auditOutputsSchema = z4.array(auditOutputSchema, {
+  description: "List of JSON formatted audit output emitted by the runner process of a plugin"
+}).refine(
+  (audits) => !getDuplicateSlugsInAudits2(audits),
+  (audits) => ({ message: duplicateSlugsInAuditsErrorMsg2(audits) })
+);
+function duplicateSlugsInAuditsErrorMsg2(audits) {
+  const duplicateRefs = getDuplicateSlugsInAudits2(audits);
+  return `In plugin audits the slugs are not unique: ${errorItems(
+    duplicateRefs
+  )}`;
+}
+function getDuplicateSlugsInAudits2(audits) {
+  return hasDuplicateStrings(audits.map(({ slug }) => slug));
+}
+
+// packages/models/src/lib/category-config.ts
+import { z as z5 } from "zod";
+var categoryRefSchema = weightedRefSchema(
+  "Weighted references to audits and/or groups for the category",
+  "Slug of an audit or group (depending on `type`)"
+).merge(
+  z5.object({
+    type: z5.enum(["audit", "group"], {
+      description: "Discriminant for reference kind, affects where `slug` is looked up"
+    }),
+    plugin: slugSchema.describe(
+      "Plugin slug (plugin should contain referenced audit or group)"
+    )
+  })
+);
+var categoryConfigSchema = scorableSchema(
+  "Category with a score calculated from audits and groups from various plugins",
+  categoryRefSchema,
+  getDuplicateRefsInCategoryMetrics,
+  duplicateRefsInCategoryMetricsErrorMsg
+).merge(
+  metaSchema({
+    titleDescription: "Category Title",
+    docsUrlDescription: "Category docs URL",
+    descriptionDescription: "Category description",
+    description: "Meta info for category"
+  })
+).merge(
+  z5.object({
+    isBinary: z5.boolean({
+      description: 'Is this a binary category (i.e. only a perfect score considered a "pass")?'
+    }).optional()
+  })
+);
+function duplicateRefsInCategoryMetricsErrorMsg(metrics) {
+  const duplicateRefs = getDuplicateRefsInCategoryMetrics(metrics);
+  return `In the categories, the following audit or group refs are duplicates: ${errorItems(
+    duplicateRefs
+  )}`;
+}
+function getDuplicateRefsInCategoryMetrics(metrics) {
+  return hasDuplicateStrings(
+    metrics.map(({ slug, type, plugin }) => `${type} :: ${plugin} / ${slug}`)
+  );
+}
+var categoriesSchema = z5.array(categoryConfigSchema, {
+  description: "Categorization of individual audits"
+}).refine(
+  (categoryCfg) => !getDuplicateSlugCategories(categoryCfg),
+  (categoryCfg) => ({
+    message: duplicateSlugCategoriesErrorMsg(categoryCfg)
+  })
+);
+function duplicateSlugCategoriesErrorMsg(categories) {
+  const duplicateStringSlugs = getDuplicateSlugCategories(categories);
+  return `In the categories, the following slugs are duplicated: ${errorItems(
+    duplicateStringSlugs
+  )}`;
+}
+function getDuplicateSlugCategories(categories) {
+  return hasDuplicateStrings(categories.map(({ slug }) => slug));
+}
+
+// packages/models/src/lib/commit.ts
+import { z as z6 } from "zod";
+var commitSchema = z6.object(
+  {
+    hash: z6.string({ description: "Commit SHA (full)" }).regex(
+      /^[\da-f]{40}$/,
+      "Commit SHA should be a 40-character hexadecimal string"
+    ),
+    message: z6.string({ description: "Commit message" }),
+    date: z6.coerce.date({
+      description: "Date and time when commit was authored"
+    }),
+    author: z6.string({
+      description: "Commit author name"
+    }).trim()
+  },
+  { description: "Git commit" }
+);
+
+// packages/models/src/lib/core-config.ts
+import { z as z12 } from "zod";
+
+// packages/models/src/lib/persist-config.ts
+import { z as z7 } from "zod";
+var formatSchema = z7.enum(["json", "md"]);
+var persistConfigSchema = z7.object({
+  outputDir: filePathSchema.describe("Artifacts folder").optional(),
+  filename: fileNameSchema.describe("Artifacts file name (without extension)").optional(),
+  format: z7.array(formatSchema).optional()
+});
+
+// packages/models/src/lib/plugin-config.ts
+import { z as z10 } from "zod";
+
+// packages/models/src/lib/group.ts
+import { z as z8 } from "zod";
+var groupRefSchema = weightedRefSchema(
+  "Weighted reference to a group",
+  "Reference slug to a group within this plugin (e.g. 'max-lines')"
+);
+var groupMetaSchema = metaSchema({
+  titleDescription: "Descriptive name for the group",
+  descriptionDescription: "Description of the group (markdown)",
+  docsUrlDescription: "Group documentation site",
+  description: "Group metadata"
+});
+var groupSchema = scorableSchema(
+  'A group aggregates a set of audits into a single score which can be referenced from a category. E.g. the group slug "performance" groups audits and can be referenced in a category',
+  groupRefSchema,
+  getDuplicateRefsInGroups,
+  duplicateRefsInGroupsErrorMsg
+).merge(groupMetaSchema);
+var groupsSchema = z8.array(groupSchema, {
+  description: "List of groups"
+}).optional().refine(
+  (groups) => !getDuplicateSlugsInGroups(groups),
+  (groups) => ({
+    message: duplicateSlugsInGroupsErrorMsg(groups)
+  })
+);
+function duplicateRefsInGroupsErrorMsg(groups) {
+  const duplicateRefs = getDuplicateRefsInGroups(groups);
+  return `In plugin groups the following references are not unique: ${errorItems(
+    duplicateRefs
+  )}`;
+}
+function getDuplicateRefsInGroups(groups) {
+  return hasDuplicateStrings(groups.map(({ slug: ref }) => ref).filter(exists));
+}
+function duplicateSlugsInGroupsErrorMsg(groups) {
+  const duplicateRefs = getDuplicateSlugsInGroups(groups);
+  return `In groups the following slugs are not unique: ${errorItems(
+    duplicateRefs
+  )}`;
+}
+function getDuplicateSlugsInGroups(groups) {
+  return Array.isArray(groups) ? hasDuplicateStrings(groups.map(({ slug }) => slug)) : false;
+}
+
+// packages/models/src/lib/runner-config.ts
+import { z as z9 } from "zod";
+var outputTransformSchema = z9.function().args(z9.unknown()).returns(z9.union([auditOutputsSchema, z9.promise(auditOutputsSchema)]));
+var runnerConfigSchema = z9.object(
+  {
+    command: z9.string({
+      description: "Shell command to execute"
+    }),
+    args: z9.array(z9.string({ description: "Command arguments" })).optional(),
+    outputFile: filePathSchema.describe("Output path"),
+    outputTransform: outputTransformSchema.optional()
+  },
+  {
+    description: "How to execute runner"
+  }
+);
+var onProgressSchema = z9.function().args(z9.unknown()).returns(z9.void());
+var runnerFunctionSchema = z9.function().args(onProgressSchema.optional()).returns(z9.union([auditOutputsSchema, z9.promise(auditOutputsSchema)]));
+
+// packages/models/src/lib/plugin-config.ts
+var pluginMetaSchema = packageVersionSchema().merge(
+  metaSchema({
+    titleDescription: "Descriptive name",
+    descriptionDescription: "Description (markdown)",
+    docsUrlDescription: "Plugin documentation site",
+    description: "Plugin metadata"
+  })
+).merge(
+  z10.object({
+    slug: slugSchema.describe("Unique plugin slug within core config"),
+    icon: materialIconSchema
+  })
+);
+var pluginDataSchema = z10.object({
+  runner: z10.union([runnerConfigSchema, runnerFunctionSchema]),
+  audits: pluginAuditsSchema,
+  groups: groupsSchema
+});
+var pluginConfigSchema = pluginMetaSchema.merge(pluginDataSchema).refine(
+  (pluginCfg) => !getMissingRefsFromGroups(pluginCfg),
+  (pluginCfg) => ({
+    message: missingRefsFromGroupsErrorMsg(pluginCfg)
+  })
+);
+function missingRefsFromGroupsErrorMsg(pluginCfg) {
+  const missingRefs = getMissingRefsFromGroups(pluginCfg);
+  return `The following group references need to point to an existing audit in this plugin config: ${errorItems(
+    missingRefs
+  )}`;
+}
+function getMissingRefsFromGroups(pluginCfg) {
+  return hasMissingStrings(
+    pluginCfg.groups?.flatMap(
+      ({ refs: audits }) => audits.map(({ slug: ref }) => ref)
+    ) ?? [],
+    pluginCfg.audits.map(({ slug }) => slug)
+  );
+}
+
+// packages/models/src/lib/upload-config.ts
+import { z as z11 } from "zod";
+var uploadConfigSchema = z11.object({
+  server: urlSchema.describe("URL of deployed portal API"),
+  apiKey: z11.string({
+    description: "API key with write access to portal (use `process.env` for security)"
+  }),
+  organization: slugSchema.describe(
+    "Organization slug from Code PushUp portal"
+  ),
+  project: slugSchema.describe("Project slug from Code PushUp portal"),
+  timeout: z11.number({ description: "Request timeout in minutes (default is 5)" }).positive().int().optional()
+});
+
+// packages/models/src/lib/core-config.ts
+var unrefinedCoreConfigSchema = z12.object({
+  plugins: z12.array(pluginConfigSchema, {
+    description: "List of plugins to be used (official, community-provided, or custom)"
+  }).min(1),
+  /** portal configuration for persisting results */
+  persist: persistConfigSchema.optional(),
+  /** portal configuration for uploading results */
+  upload: uploadConfigSchema.optional(),
+  categories: categoriesSchema.optional()
+});
+var coreConfigSchema = refineCoreConfig(unrefinedCoreConfigSchema);
+function refineCoreConfig(schema) {
+  return schema.refine(
+    (coreCfg) => !getMissingRefsForCategories(coreCfg.categories ?? [], coreCfg.plugins),
+    (coreCfg) => ({
+      message: missingRefsForCategoriesErrorMsg(
+        coreCfg.categories ?? [],
+        coreCfg.plugins
+      )
+    })
+  );
+}
+
+// packages/models/src/lib/report.ts
+import { z as z13 } from "zod";
+var auditReportSchema = auditSchema.merge(auditOutputSchema);
+var pluginReportSchema = pluginMetaSchema.merge(
+  executionMetaSchema({
+    descriptionDate: "Start date and time of plugin run",
+    descriptionDuration: "Duration of the plugin run in ms"
+  })
+).merge(
+  z13.object({
+    audits: z13.array(auditReportSchema).min(1),
+    groups: z13.array(groupSchema).optional()
+  })
+).refine(
+  (pluginReport) => !getMissingRefsFromGroups2(pluginReport.audits, pluginReport.groups ?? []),
+  (pluginReport) => ({
+    message: missingRefsFromGroupsErrorMsg2(
+      pluginReport.audits,
+      pluginReport.groups ?? []
+    )
+  })
+);
+function missingRefsFromGroupsErrorMsg2(audits, groups) {
+  const missingRefs = getMissingRefsFromGroups2(audits, groups);
+  return `group references need to point to an existing audit in this plugin report: ${errorItems(
+    missingRefs
+  )}`;
+}
+function getMissingRefsFromGroups2(audits, groups) {
+  return hasMissingStrings(
+    groups.flatMap(
+      ({ refs: auditRefs }) => auditRefs.map(({ slug: ref }) => ref)
+    ),
+    audits.map(({ slug }) => slug)
+  );
+}
+var reportSchema = packageVersionSchema({
+  versionDescription: "NPM version of the CLI",
+  required: true
+}).merge(
+  executionMetaSchema({
+    descriptionDate: "Start date and time of the collect run",
+    descriptionDuration: "Duration of the collect run in ms"
+  })
+).merge(
+  z13.object(
+    {
+      categories: z13.array(categoryConfigSchema),
+      plugins: z13.array(pluginReportSchema).min(1),
+      commit: commitSchema.describe("Git commit for which report was collected").nullable()
+    },
+    { description: "Collect output data" }
+  )
+).refine(
+  (report) => !getMissingRefsForCategories(report.categories, report.plugins),
+  (report) => ({
+    message: missingRefsForCategoriesErrorMsg(
+      report.categories,
+      report.plugins
+    )
+  })
+);
+
+// packages/models/src/lib/reports-diff.ts
+import { z as z14 } from "zod";
+function makeComparisonSchema(schema) {
+  const sharedDescription = schema.description || "Result";
+  return z14.object({
+    before: schema.describe(`${sharedDescription} (source commit)`),
+    after: schema.describe(`${sharedDescription} (target commit)`)
+  });
+}
+function makeArraysComparisonSchema(diffSchema, resultSchema, description) {
+  return z14.object(
+    {
+      changed: z14.array(diffSchema),
+      unchanged: z14.array(resultSchema),
+      added: z14.array(resultSchema),
+      removed: z14.array(resultSchema)
+    },
+    { description }
+  );
+}
+var scorableMetaSchema = z14.object({ slug: slugSchema, title: titleSchema });
+var scorableWithPluginMetaSchema = scorableMetaSchema.merge(
+  z14.object({
+    plugin: pluginMetaSchema.pick({ slug: true, title: true }).describe("Plugin which defines it")
+  })
+);
+var scorableDiffSchema = scorableMetaSchema.merge(
+  z14.object({
+    scores: makeComparisonSchema(scoreSchema).merge(
+      z14.object({
+        diff: z14.number().min(-1).max(1).describe("Score change (`scores.after - scores.before`)")
+      })
+    ).describe("Score comparison")
+  })
+);
+var scorableWithPluginDiffSchema = scorableDiffSchema.merge(
+  scorableWithPluginMetaSchema
+);
+var categoryDiffSchema = scorableDiffSchema;
+var groupDiffSchema = scorableWithPluginDiffSchema;
+var auditDiffSchema = scorableWithPluginDiffSchema.merge(
+  z14.object({
+    values: makeComparisonSchema(auditValueSchema).merge(
+      z14.object({
+        diff: z14.number().int().describe("Value change (`values.after - values.before`)")
+      })
+    ).describe("Audit `value` comparison"),
+    displayValues: makeComparisonSchema(auditDisplayValueSchema).describe(
+      "Audit `displayValue` comparison"
+    )
+  })
+);
+var categoryResultSchema = scorableMetaSchema.merge(
+  z14.object({ score: scoreSchema })
+);
+var groupResultSchema = scorableWithPluginMetaSchema.merge(
+  z14.object({ score: scoreSchema })
+);
+var auditResultSchema = scorableWithPluginMetaSchema.merge(
+  auditOutputSchema.pick({ score: true, value: true, displayValue: true })
+);
+var reportsDiffSchema = z14.object({
+  commits: makeComparisonSchema(commitSchema).nullable().describe("Commits identifying compared reports"),
+  categories: makeArraysComparisonSchema(
+    categoryDiffSchema,
+    categoryResultSchema,
+    "Changes affecting categories"
+  ),
+  groups: makeArraysComparisonSchema(
+    groupDiffSchema,
+    groupResultSchema,
+    "Changes affecting groups"
+  ),
+  audits: makeArraysComparisonSchema(
+    auditDiffSchema,
+    auditResultSchema,
+    "Changes affecting audits"
+  )
+}).merge(
+  packageVersionSchema({
+    versionDescription: "NPM version of the CLI (when `compare` was run)",
+    required: true
+  })
+).merge(
+  executionMetaSchema({
+    descriptionDate: "Start date and time of the compare run",
+    descriptionDuration: "Duration of the compare run in ms"
+  })
+);
+
+// packages/utils/src/lib/execute-process.ts
+import { spawn } from "node:child_process";
+
+// packages/utils/src/lib/file-system.ts
+import { bundleRequire } from "bundle-require";
+import chalk2 from "chalk";
+import { mkdir, readFile, readdir, rm, stat } from "node:fs/promises";
+import { join } from "node:path";
+
+// packages/utils/src/lib/guards.ts
+function isPromiseFulfilledResult(result) {
+  return result.status === "fulfilled";
+}
+function isPromiseRejectedResult(result) {
+  return result.status === "rejected";
+}
+
+// packages/utils/src/lib/logging.ts
+import isaacs_cliui from "@isaacs/cliui";
+import { cliui } from "@poppinss/cliui";
+import chalk from "chalk";
+
+// packages/utils/src/lib/reports/constants.ts
+var TERMINAL_WIDTH = 80;
+
+// packages/utils/src/lib/logging.ts
+var singletonUiInstance;
+function ui() {
+  if (singletonUiInstance === void 0) {
+    singletonUiInstance = cliui();
+  }
+  return {
+    ...singletonUiInstance,
+    row: (args) => {
+      logListItem(args);
+    }
+  };
+}
+var singletonisaacUi;
+function logListItem(args) {
+  if (singletonisaacUi === void 0) {
+    singletonisaacUi = isaacs_cliui({ width: TERMINAL_WIDTH });
+  }
+  singletonisaacUi.div(...args);
+  const content = singletonisaacUi.toString();
+  singletonisaacUi.rows = [];
+  singletonUiInstance?.logger.log(content);
+}
+
+// packages/utils/src/lib/file-system.ts
+async function readTextFile(path) {
+  const buffer = await readFile(path);
+  return buffer.toString();
+}
+async function readJsonFile(path) {
+  const text = await readTextFile(path);
+  return JSON.parse(text);
+}
+async function ensureDirectoryExists(baseDir) {
+  try {
+    await mkdir(baseDir, { recursive: true });
+    return;
+  } catch (error) {
+    ui().logger.error(error.message);
+    if (error.code !== "EEXIST") {
+      throw error;
+    }
+  }
+}
+function pluginWorkDir(slug) {
+  return join("node_modules", ".code-pushup", slug);
+}
+
+// packages/utils/src/lib/reports/utils.ts
+function calcDuration(start, stop) {
+  return Math.floor((stop ?? performance.now()) - start);
+}
+
+// packages/utils/src/lib/execute-process.ts
+var ProcessError = class extends Error {
+  code;
+  stderr;
+  stdout;
+  constructor(result) {
+    super(result.stderr);
+    this.code = result.code;
+    this.stderr = result.stderr;
+    this.stdout = result.stdout;
+  }
+};
+function executeProcess(cfg) {
+  const { observer, cwd, command, args, alwaysResolve = false } = cfg;
+  const { onStdout, onError, onComplete } = observer ?? {};
+  const date = (/* @__PURE__ */ new Date()).toISOString();
+  const start = performance.now();
+  return new Promise((resolve, reject) => {
+    const process2 = spawn(command, args, { cwd, shell: true });
+    let stdout = "";
+    let stderr = "";
+    process2.stdout.on("data", (data) => {
+      stdout += String(data);
+      onStdout?.(String(data));
+    });
+    process2.stderr.on("data", (data) => {
+      stderr += String(data);
+    });
+    process2.on("error", (err) => {
+      stderr += err.toString();
+    });
+    process2.on("close", (code) => {
+      const timings = { date, duration: calcDuration(start) };
+      if (code === 0 || alwaysResolve) {
+        onComplete?.();
+        resolve({ code, stdout, stderr, ...timings });
+      } else {
+        const errorMsg = new ProcessError({ code, stdout, stderr, ...timings });
+        onError?.(errorMsg);
+        reject(errorMsg);
+      }
+    });
+  });
+}
+
+// packages/utils/src/lib/git.ts
+import { simpleGit } from "simple-git";
+
+// packages/utils/src/lib/transform.ts
+function objectToEntries(obj) {
+  return Object.entries(obj);
+}
+
+// packages/utils/src/lib/progress.ts
+import chalk3 from "chalk";
+import { MultiProgressBars } from "multi-progress-bars";
+
+// packages/utils/src/lib/reports/log-stdout-summary.ts
+import chalk4 from "chalk";
+
+// packages/plugin-js-packages/src/lib/config.ts
+import { z as z15 } from "zod";
+
+// packages/plugin-js-packages/src/lib/constants.ts
+var defaultAuditLevelMapping = {
+  critical: "error",
+  high: "error",
+  moderate: "warning",
+  low: "warning",
+  info: "info"
+};
+
+// packages/plugin-js-packages/src/lib/config.ts
+var dependencyGroups = ["prod", "dev", "optional"];
+var packageCommandSchema = z15.enum(["audit", "outdated"]);
+var packageManagerSchema = z15.enum([
+  "npm",
+  "yarn-classic",
+  "yarn-modern",
+  "pnpm"
+]);
+var packageAuditLevels = [
+  "critical",
+  "high",
+  "moderate",
+  "low",
+  "info"
+];
+var packageAuditLevelSchema = z15.enum(packageAuditLevels);
+function fillAuditLevelMapping(mapping) {
+  return {
+    critical: mapping.critical ?? defaultAuditLevelMapping.critical,
+    high: mapping.high ?? defaultAuditLevelMapping.high,
+    moderate: mapping.moderate ?? defaultAuditLevelMapping.moderate,
+    low: mapping.low ?? defaultAuditLevelMapping.low,
+    info: mapping.info ?? defaultAuditLevelMapping.info
+  };
+}
+var jsPackagesPluginConfigSchema = z15.object({
+  checks: z15.array(packageCommandSchema, {
+    description: "Package manager commands to be run. Defaults to both audit and outdated."
+  }).min(1).default(["audit", "outdated"]),
+  packageManager: packageManagerSchema.describe("Package manager to be used."),
+  auditLevelMapping: z15.record(packageAuditLevelSchema, issueSeveritySchema, {
+    description: "Mapping of audit levels to issue severity. Custom mapping or overrides may be entered manually, otherwise has a default preset."
+  }).default(defaultAuditLevelMapping).transform(fillAuditLevelMapping)
+});
+
+// packages/plugin-js-packages/src/lib/runner/audit/constants.ts
+var auditScoreModifiers = {
+  critical: 1,
+  high: 0.1,
+  moderate: 0.05,
+  low: 0.02,
+  info: 0.01
+};
+
+// packages/plugin-js-packages/src/lib/runner/audit/transform.ts
+function auditResultToAuditOutput(result, dependenciesType, auditLevelMapping) {
+  const issues = vulnerabilitiesToIssues(
+    result.vulnerabilities,
+    auditLevelMapping
+  );
+  return {
+    slug: `npm-audit-${dependenciesType}`,
+    score: calculateAuditScore(result.metadata.vulnerabilities),
+    value: result.metadata.vulnerabilities.total,
+    displayValue: vulnerabilitiesToDisplayValue(
+      result.metadata.vulnerabilities
+    ),
+    ...issues.length > 0 && { details: { issues } }
+  };
+}
+function calculateAuditScore(stats) {
+  if (stats.total === 0) {
+    return 1;
+  }
+  return objectToEntries(stats).reduce(
+    (score, [level, vulnerabilities]) => {
+      if (level === "total") {
+        return score;
+      }
+      const reducedScore = score - auditScoreModifiers[level] * vulnerabilities;
+      return Math.max(reducedScore, 0);
+    },
+    1
+  );
+}
+function vulnerabilitiesToDisplayValue(vulnerabilities) {
+  if (vulnerabilities.total === 0) {
+    return "0 vulnerabilities";
+  }
+  const vulnerabilityStats = packageAuditLevels.map(
+    (level) => vulnerabilities[level] > 0 ? `${vulnerabilities[level]} ${level}` : ""
+  ).filter((text) => text !== "").join(", ");
+  return `${vulnerabilities.total} ${vulnerabilities.total === 1 ? "vulnerability" : "vulnerabilities"} (${vulnerabilityStats})`;
+}
+function vulnerabilitiesToIssues(vulnerabilities, auditLevelMapping) {
+  if (Object.keys(vulnerabilities).length === 0) {
+    return [];
+  }
+  return Object.values(vulnerabilities).map((detail) => {
+    const versionRange = detail.range === "*" ? "**all** versions" : `versions **${detail.range}**`;
+    const vulnerabilitySummary = `\`${detail.name}\` dependency has a **${detail.severity}** vulnerability in ${versionRange}.`;
+    const fixInformation = typeof detail.fixAvailable === "boolean" ? `Fix is ${detail.fixAvailable ? "" : "not "}available.` : `Fix available: Update \`${detail.fixAvailable.name}\` to version **${detail.fixAvailable.version}**${detail.fixAvailable.isSemVerMajor ? " (breaking change)." : "."}`;
+    if (Array.isArray(detail.via) && detail.via.length > 0 && typeof detail.via[0] === "object") {
+      return {
+        message: `${vulnerabilitySummary} ${fixInformation} More information: [${detail.via[0].title}](${detail.via[0].url})`,
+        severity: auditLevelMapping[detail.severity]
+      };
+    }
+    return {
+      message: `${vulnerabilitySummary} ${fixInformation}`,
+      severity: auditLevelMapping[detail.severity]
+    };
+  });
+}
+
+// packages/plugin-js-packages/src/lib/runner/constants.ts
+import { join as join2 } from "node:path";
+var WORKDIR = pluginWorkDir("js-packages");
+var RUNNER_OUTPUT_PATH = join2(WORKDIR, "runner-output.json");
+var PLUGIN_CONFIG_PATH = join2(
+  process.cwd(),
+  WORKDIR,
+  "plugin-config.json"
+);
+
+// packages/plugin-js-packages/src/lib/runner/outdated/constants.ts
+var outdatedSeverity = {
+  major: "error",
+  minor: "warning",
+  patch: "info"
+};
+
+// packages/plugin-js-packages/src/lib/runner/outdated/transform.ts
+function outdatedResultToAuditOutput(result, dependenciesType) {
+  const validDependencies = objectToEntries(result).filter(
+    (entry) => entry[1].current != null
+  ).filter(
+    ([, detail]) => dependenciesType === "prod" ? detail.type === "dependencies" : detail.type === `${dependenciesType}Dependencies`
+  );
+  const outdatedDependencies = validDependencies.filter(
+    ([, versions]) => versions.current !== versions.wanted
+  );
+  const majorOutdatedAmount = outdatedDependencies.filter(
+    ([, versions]) => getOutdatedLevel(versions.current, versions.wanted) === "major"
+  ).length;
+  const issues = outdatedDependencies.length === 0 ? [] : outdatedToIssues(outdatedDependencies);
+  return {
+    slug: `npm-outdated-${dependenciesType}`,
+    score: calculateOutdatedScore(
+      majorOutdatedAmount,
+      validDependencies.length
+    ),
+    value: outdatedDependencies.length,
+    displayValue: outdatedToDisplayValue(
+      majorOutdatedAmount,
+      outdatedDependencies.length
+    ),
+    ...issues.length > 0 && { details: { issues } }
+  };
+}
+function calculateOutdatedScore(majorOutdated, totalDeps) {
+  return totalDeps > 0 ? (totalDeps - majorOutdated) / totalDeps : 1;
+}
+function outdatedToDisplayValue(majorOutdated, totalOutdated) {
+  return totalOutdated === 0 ? "all dependencies are up to date" : majorOutdated > 0 ? `${majorOutdated} out of ${totalOutdated} outdated dependencies require major update` : `${totalOutdated} outdated ${totalOutdated === 1 ? "dependency" : "dependencies"}`;
+}
+function outdatedToIssues(dependencies) {
+  return dependencies.map(([name, versions]) => {
+    const outdatedLevel = getOutdatedLevel(versions.current, versions.wanted);
+    const packageReference = versions.homepage == null ? `\`${name}\`` : `[\`${name}\`](${versions.homepage})`;
+    return {
+      message: `Package ${packageReference} requires a **${outdatedLevel}** update from **${versions.current}** to **${versions.wanted}**.`,
+      severity: outdatedSeverity[outdatedLevel]
+    };
+  });
+}
+function getOutdatedLevel(currentFullVersion, wantedFullVersion) {
+  const current = splitPackageVersion(currentFullVersion);
+  const wanted = splitPackageVersion(wantedFullVersion);
+  if (current.major < wanted.major) {
+    return "major";
+  }
+  if (current.minor < wanted.minor) {
+    return "minor";
+  }
+  if (current.patch < wanted.patch) {
+    return "patch";
+  }
+  throw new Error("Package is not outdated.");
+}
+function splitPackageVersion(fullVersion) {
+  const [major, minor, patch] = fullVersion.split(".").map(Number);
+  if (major == null || minor == null || patch == null) {
+    throw new Error(`Invalid version description ${fullVersion}`);
+  }
+  return { major, minor, patch };
+}
+
+// packages/plugin-js-packages/src/lib/runner/index.ts
+async function executeRunner() {
+  const { packageManager, checks, auditLevelMapping } = await readJsonFile(PLUGIN_CONFIG_PATH);
+  const auditResults = checks.includes("audit") ? await processAudit(packageManager, auditLevelMapping) : [];
+  const outdatedResults = checks.includes("outdated") ? await processOutdated(packageManager) : [];
+  const checkResults = [...auditResults, ...outdatedResults];
+  await ensureDirectoryExists(dirname(RUNNER_OUTPUT_PATH));
+  await writeFile(RUNNER_OUTPUT_PATH, JSON.stringify(checkResults));
+}
+async function processOutdated(packageManager) {
+  const { stdout } = await executeProcess({
+    command: packageManager,
+    args: ["outdated", "--json", "--long"],
+    alwaysResolve: true
+    // npm outdated returns exit code 1 when outdated dependencies are found
+  });
+  const outdatedResult = JSON.parse(stdout);
+  return dependencyGroups.map(
+    (dep) => outdatedResultToAuditOutput(outdatedResult, dep)
+  );
+}
+async function processAudit(packageManager, auditLevelMapping) {
+  const auditResults = await Promise.allSettled(
+    dependencyGroups.map(async (dep) => {
+      const { stdout } = await executeProcess({
+        command: packageManager,
+        args: ["audit", ...getNpmAuditOptions(dep)]
+      });
+      const auditResult = JSON.parse(stdout);
+      return auditResultToAuditOutput(auditResult, dep, auditLevelMapping);
+    })
+  );
+  const rejected = auditResults.filter(isPromiseRejectedResult);
+  if (rejected.length > 0) {
+    rejected.map((result) => {
+      console.error(result.reason);
+    });
+    throw new Error(`JS Packages plugin: Running npm audit failed.`);
+  }
+  return auditResults.filter(isPromiseFulfilledResult).map((x) => x.value);
+}
+function getNpmAuditOptions(currentDep) {
+  const flags = [
+    `--include=${currentDep}`,
+    ...dependencyGroups.filter((dep) => dep !== currentDep).map((dep) => `--omit=${dep}`)
+  ];
+  return [...flags, "--json", "--audit-level=none"];
+}
+
+// packages/plugin-js-packages/src/bin.ts
+await executeRunner();