@code-pushup/js-packages-plugin 0.49.0 → 0.51.0

package/index.js

@@ -1,13 +1,13 @@
 // packages/plugin-js-packages/src/lib/js-packages-plugin.ts
-import { dirname as dirname2, join as join3 } from "node:path";
+import { dirname as dirname2, join as join4 } from "node:path";
 import { fileURLToPath } from "node:url";
 
 // packages/plugin-js-packages/package.json
 var name = "@code-pushup/js-packages-plugin";
-var version = "0.49.0";
+var version = "0.51.0";
 
 // packages/plugin-js-packages/src/lib/config.ts
-import { z as z16 } from "zod";
+import { z as z17 } from "zod";
 
 // packages/models/src/lib/implementation/schemas.ts
 import { MATERIAL_ICONS } from "vscode-material-icons";
@@ -166,9 +166,27 @@ function hasNonZeroWeightedRef(refs) {
   return refs.reduce((acc, { weight }) => weight + acc, 0) !== 0;
 }
 
-// packages/models/src/lib/audit.ts
+// packages/models/src/lib/source.ts
 import { z as z2 } from "zod";
-var auditSchema = z2.object({
+var sourceFileLocationSchema = z2.object(
+  {
+    file: filePathSchema.describe("Relative path to source file in Git repo"),
+    position: z2.object(
+      {
+        startLine: positiveIntSchema.describe("Start line"),
+        startColumn: positiveIntSchema.describe("Start column").optional(),
+        endLine: positiveIntSchema.describe("End line").optional(),
+        endColumn: positiveIntSchema.describe("End column").optional()
+      },
+      { description: "Location in file" }
+    ).optional()
+  },
+  { description: "Source file location" }
+);
+
+// packages/models/src/lib/audit.ts
+import { z as z3 } from "zod";
+var auditSchema = z3.object({
   slug: slugSchema.describe("ID (unique within plugin)")
 }).merge(
   metaSchema({
@@ -178,7 +196,7 @@ var auditSchema = z2.object({
     description: "List of scorable metrics for the given plugin"
   })
 );
-var pluginAuditsSchema = z2.array(auditSchema, {
+var pluginAuditsSchema = z3.array(auditSchema, {
   description: "List of audits maintained in a plugin"
 }).min(1).refine(
   (auditMetadata) => !getDuplicateSlugsInAudits(auditMetadata),
@@ -197,31 +215,16 @@ function getDuplicateSlugsInAudits(audits) {
 }
 
 // packages/models/src/lib/audit-output.ts
-import { z as z5 } from "zod";
+import { z as z6 } from "zod";
 
 // packages/models/src/lib/issue.ts
-import { z as z3 } from "zod";
-var sourceFileLocationSchema = z3.object(
-  {
-    file: filePathSchema.describe("Relative path to source file in Git repo"),
-    position: z3.object(
-      {
-        startLine: positiveIntSchema.describe("Start line"),
-        startColumn: positiveIntSchema.describe("Start column").optional(),
-        endLine: positiveIntSchema.describe("End line").optional(),
-        endColumn: positiveIntSchema.describe("End column").optional()
-      },
-      { description: "Location in file" }
-    ).optional()
-  },
-  { description: "Source file location" }
-);
-var issueSeveritySchema = z3.enum(["info", "warning", "error"], {
+import { z as z4 } from "zod";
+var issueSeveritySchema = z4.enum(["info", "warning", "error"], {
   description: "Severity level"
 });
-var issueSchema = z3.object(
+var issueSchema = z4.object(
   {
-    message: z3.string({ description: "Descriptive error message" }).max(MAX_ISSUE_MESSAGE_LENGTH),
+    message: z4.string({ description: "Descriptive error message" }).max(MAX_ISSUE_MESSAGE_LENGTH),
     severity: issueSeveritySchema,
     source: sourceFileLocationSchema.optional()
   },
@@ -229,60 +232,60 @@ var issueSchema = z3.object(
 );
 
 // packages/models/src/lib/table.ts
-import { z as z4 } from "zod";
-var tableAlignmentSchema = z4.enum(["left", "center", "right"], {
+import { z as z5 } from "zod";
+var tableAlignmentSchema = z5.enum(["left", "center", "right"], {
   description: "Cell alignment"
 });
-var tableColumnObjectSchema = z4.object({
-  key: z4.string(),
-  label: z4.string().optional(),
+var tableColumnObjectSchema = z5.object({
+  key: z5.string(),
+  label: z5.string().optional(),
   align: tableAlignmentSchema.optional()
 });
-var tableRowObjectSchema = z4.record(tableCellValueSchema, {
+var tableRowObjectSchema = z5.record(tableCellValueSchema, {
   description: "Object row"
 });
-var tableRowPrimitiveSchema = z4.array(tableCellValueSchema, {
+var tableRowPrimitiveSchema = z5.array(tableCellValueSchema, {
   description: "Primitive row"
 });
-var tableSharedSchema = z4.object({
-  title: z4.string().optional().describe("Display title for table")
+var tableSharedSchema = z5.object({
+  title: z5.string().optional().describe("Display title for table")
 });
 var tablePrimitiveSchema = tableSharedSchema.merge(
-  z4.object(
+  z5.object(
     {
-      columns: z4.array(tableAlignmentSchema).optional(),
-      rows: z4.array(tableRowPrimitiveSchema)
+      columns: z5.array(tableAlignmentSchema).optional(),
+      rows: z5.array(tableRowPrimitiveSchema)
     },
     { description: "Table with primitive rows and optional alignment columns" }
   )
 );
 var tableObjectSchema = tableSharedSchema.merge(
-  z4.object(
+  z5.object(
     {
-      columns: z4.union([
-        z4.array(tableAlignmentSchema),
-        z4.array(tableColumnObjectSchema)
+      columns: z5.union([
+        z5.array(tableAlignmentSchema),
+        z5.array(tableColumnObjectSchema)
       ]).optional(),
-      rows: z4.array(tableRowObjectSchema)
+      rows: z5.array(tableRowObjectSchema)
     },
     {
       description: "Table with object rows and optional alignment or object columns"
     }
   )
 );
-var tableSchema = (description = "Table information") => z4.union([tablePrimitiveSchema, tableObjectSchema], { description });
+var tableSchema = (description = "Table information") => z5.union([tablePrimitiveSchema, tableObjectSchema], { description });
 
 // packages/models/src/lib/audit-output.ts
 var auditValueSchema = nonnegativeNumberSchema.describe("Raw numeric value");
-var auditDisplayValueSchema = z5.string({ description: "Formatted value (e.g. '0.9 s', '2.1 MB')" }).optional();
-var auditDetailsSchema = z5.object(
+var auditDisplayValueSchema = z6.string({ description: "Formatted value (e.g. '0.9 s', '2.1 MB')" }).optional();
+var auditDetailsSchema = z6.object(
   {
-    issues: z5.array(issueSchema, { description: "List of findings" }).optional(),
+    issues: z6.array(issueSchema, { description: "List of findings" }).optional(),
     table: tableSchema("Table of related findings").optional()
   },
   { description: "Detailed information" }
 );
-var auditOutputSchema = z5.object(
+var auditOutputSchema = z6.object(
   {
     slug: slugSchema.describe("Reference to audit"),
     displayValue: auditDisplayValueSchema,
@@ -292,7 +295,7 @@ var auditOutputSchema = z5.object(
   },
   { description: "Audit information" }
 );
-var auditOutputsSchema = z5.array(auditOutputSchema, {
+var auditOutputsSchema = z6.array(auditOutputSchema, {
   description: "List of JSON formatted audit output emitted by the runner process of a plugin"
 }).refine(
   (audits) => !getDuplicateSlugsInAudits2(audits),
@@ -309,13 +312,13 @@ function getDuplicateSlugsInAudits2(audits) {
 }
 
 // packages/models/src/lib/category-config.ts
-import { z as z6 } from "zod";
+import { z as z7 } from "zod";
 var categoryRefSchema = weightedRefSchema(
   "Weighted references to audits and/or groups for the category",
   "Slug of an audit or group (depending on `type`)"
 ).merge(
-  z6.object({
-    type: z6.enum(["audit", "group"], {
+  z7.object({
+    type: z7.enum(["audit", "group"], {
       description: "Discriminant for reference kind, affects where `slug` is looked up"
     }),
     plugin: slugSchema.describe(
@@ -336,8 +339,8 @@ var categoryConfigSchema = scorableSchema(
     description: "Meta info for category"
   })
 ).merge(
-  z6.object({
-    isBinary: z6.boolean({
+  z7.object({
+    isBinary: z7.boolean({
       description: 'Is this a binary category (i.e. only a perfect score considered a "pass")?'
     }).optional()
   })
@@ -353,7 +356,7 @@ function getDuplicateRefsInCategoryMetrics(metrics) {
     metrics.map(({ slug, type, plugin }) => `${type} :: ${plugin} / ${slug}`)
   );
 }
-var categoriesSchema = z6.array(categoryConfigSchema, {
+var categoriesSchema = z7.array(categoryConfigSchema, {
   description: "Categorization of individual audits"
 }).refine(
   (categoryCfg) => !getDuplicateSlugCategories(categoryCfg),
@@ -372,18 +375,18 @@ function getDuplicateSlugCategories(categories) {
 }
 
 // packages/models/src/lib/commit.ts
-import { z as z7 } from "zod";
-var commitSchema = z7.object(
+import { z as z8 } from "zod";
+var commitSchema = z8.object(
   {
-    hash: z7.string({ description: "Commit SHA (full)" }).regex(
+    hash: z8.string({ description: "Commit SHA (full)" }).regex(
       /^[\da-f]{40}$/,
       "Commit SHA should be a 40-character hexadecimal string"
     ),
-    message: z7.string({ description: "Commit message" }),
-    date: z7.coerce.date({
+    message: z8.string({ description: "Commit message" }),
+    date: z8.coerce.date({
       description: "Date and time when commit was authored"
     }),
-    author: z7.string({
+    author: z8.string({
       description: "Commit author name"
     }).trim()
   },
@@ -391,22 +394,22 @@ var commitSchema = z7.object(
 );
 
 // packages/models/src/lib/core-config.ts
-import { z as z13 } from "zod";
+import { z as z14 } from "zod";
 
 // packages/models/src/lib/persist-config.ts
-import { z as z8 } from "zod";
-var formatSchema = z8.enum(["json", "md"]);
-var persistConfigSchema = z8.object({
+import { z as z9 } from "zod";
+var formatSchema = z9.enum(["json", "md"]);
+var persistConfigSchema = z9.object({
   outputDir: filePathSchema.describe("Artifacts folder").optional(),
   filename: fileNameSchema.describe("Artifacts file name (without extension)").optional(),
-  format: z8.array(formatSchema).optional()
+  format: z9.array(formatSchema).optional()
 });
 
 // packages/models/src/lib/plugin-config.ts
-import { z as z11 } from "zod";
+import { z as z12 } from "zod";
 
 // packages/models/src/lib/group.ts
-import { z as z9 } from "zod";
+import { z as z10 } from "zod";
 var groupRefSchema = weightedRefSchema(
   "Weighted reference to a group",
   "Reference slug to a group within this plugin (e.g. 'max-lines')"
@@ -423,7 +426,7 @@ var groupSchema = scorableSchema(
   getDuplicateRefsInGroups,
   duplicateRefsInGroupsErrorMsg
 ).merge(groupMetaSchema);
-var groupsSchema = z9.array(groupSchema, {
+var groupsSchema = z10.array(groupSchema, {
   description: "List of groups"
 }).optional().refine(
   (groups) => !getDuplicateSlugsInGroups(groups),
@@ -451,14 +454,14 @@ function getDuplicateSlugsInGroups(groups) {
 }
 
 // packages/models/src/lib/runner-config.ts
-import { z as z10 } from "zod";
-var outputTransformSchema = z10.function().args(z10.unknown()).returns(z10.union([auditOutputsSchema, z10.promise(auditOutputsSchema)]));
-var runnerConfigSchema = z10.object(
+import { z as z11 } from "zod";
+var outputTransformSchema = z11.function().args(z11.unknown()).returns(z11.union([auditOutputsSchema, z11.promise(auditOutputsSchema)]));
+var runnerConfigSchema = z11.object(
   {
-    command: z10.string({
+    command: z11.string({
       description: "Shell command to execute"
     }),
-    args: z10.array(z10.string({ description: "Command arguments" })).optional(),
+    args: z11.array(z11.string({ description: "Command arguments" })).optional(),
     outputFile: filePathSchema.describe("Output path"),
     outputTransform: outputTransformSchema.optional()
   },
@@ -466,8 +469,8 @@ var runnerConfigSchema = z10.object(
     description: "How to execute runner"
   }
 );
-var onProgressSchema = z10.function().args(z10.unknown()).returns(z10.void());
-var runnerFunctionSchema = z10.function().args(onProgressSchema.optional()).returns(z10.union([auditOutputsSchema, z10.promise(auditOutputsSchema)]));
+var onProgressSchema = z11.function().args(z11.unknown()).returns(z11.void());
+var runnerFunctionSchema = z11.function().args(onProgressSchema.optional()).returns(z11.union([auditOutputsSchema, z11.promise(auditOutputsSchema)]));
 
 // packages/models/src/lib/plugin-config.ts
 var pluginMetaSchema = packageVersionSchema().merge(
@@ -478,13 +481,13 @@ var pluginMetaSchema = packageVersionSchema().merge(
     description: "Plugin metadata"
   })
 ).merge(
-  z11.object({
+  z12.object({
     slug: slugSchema.describe("Unique plugin slug within core config"),
     icon: materialIconSchema
   })
 );
-var pluginDataSchema = z11.object({
-  runner: z11.union([runnerConfigSchema, runnerFunctionSchema]),
+var pluginDataSchema = z12.object({
+  runner: z12.union([runnerConfigSchema, runnerFunctionSchema]),
   audits: pluginAuditsSchema,
   groups: groupsSchema
 });
@@ -510,22 +513,22 @@ function getMissingRefsFromGroups(pluginCfg) {
 }
 
 // packages/models/src/lib/upload-config.ts
-import { z as z12 } from "zod";
-var uploadConfigSchema = z12.object({
+import { z as z13 } from "zod";
+var uploadConfigSchema = z13.object({
   server: urlSchema.describe("URL of deployed portal API"),
-  apiKey: z12.string({
+  apiKey: z13.string({
     description: "API key with write access to portal (use `process.env` for security)"
   }),
   organization: slugSchema.describe(
     "Organization slug from Code PushUp portal"
   ),
   project: slugSchema.describe("Project slug from Code PushUp portal"),
-  timeout: z12.number({ description: "Request timeout in minutes (default is 5)" }).positive().int().optional()
+  timeout: z13.number({ description: "Request timeout in minutes (default is 5)" }).positive().int().optional()
 });
 
 // packages/models/src/lib/core-config.ts
-var unrefinedCoreConfigSchema = z13.object({
-  plugins: z13.array(pluginConfigSchema, {
+var unrefinedCoreConfigSchema = z14.object({
+  plugins: z14.array(pluginConfigSchema, {
     description: "List of plugins to be used (official, community-provided, or custom)"
   }).min(1),
   /** portal configuration for persisting results */
@@ -548,7 +551,7 @@ function refineCoreConfig(schema) {
 }
 
 // packages/models/src/lib/report.ts
-import { z as z14 } from "zod";
+import { z as z15 } from "zod";
 var auditReportSchema = auditSchema.merge(auditOutputSchema);
 var pluginReportSchema = pluginMetaSchema.merge(
   executionMetaSchema({
@@ -556,9 +559,9 @@ var pluginReportSchema = pluginMetaSchema.merge(
     descriptionDuration: "Duration of the plugin run in ms"
   })
 ).merge(
-  z14.object({
-    audits: z14.array(auditReportSchema).min(1),
-    groups: z14.array(groupSchema).optional()
+  z15.object({
+    audits: z15.array(auditReportSchema).min(1),
+    groups: z15.array(groupSchema).optional()
   })
 ).refine(
   (pluginReport) => !getMissingRefsFromGroups2(pluginReport.audits, pluginReport.groups ?? []),
@@ -592,10 +595,10 @@ var reportSchema = packageVersionSchema({
     descriptionDuration: "Duration of the collect run in ms"
   })
 ).merge(
-  z14.object(
+  z15.object(
     {
-      categories: z14.array(categoryConfigSchema),
-      plugins: z14.array(pluginReportSchema).min(1),
+      categories: z15.array(categoryConfigSchema),
+      plugins: z15.array(pluginReportSchema).min(1),
       commit: commitSchema.describe("Git commit for which report was collected").nullable()
     },
     { description: "Collect output data" }
@@ -611,40 +614,40 @@ var reportSchema = packageVersionSchema({
 );
 
 // packages/models/src/lib/reports-diff.ts
-import { z as z15 } from "zod";
+import { z as z16 } from "zod";
 function makeComparisonSchema(schema) {
   const sharedDescription = schema.description || "Result";
-  return z15.object({
+  return z16.object({
     before: schema.describe(`${sharedDescription} (source commit)`),
     after: schema.describe(`${sharedDescription} (target commit)`)
   });
 }
 function makeArraysComparisonSchema(diffSchema, resultSchema, description) {
-  return z15.object(
+  return z16.object(
     {
-      changed: z15.array(diffSchema),
-      unchanged: z15.array(resultSchema),
-      added: z15.array(resultSchema),
-      removed: z15.array(resultSchema)
+      changed: z16.array(diffSchema),
+      unchanged: z16.array(resultSchema),
+      added: z16.array(resultSchema),
+      removed: z16.array(resultSchema)
     },
     { description }
   );
 }
-var scorableMetaSchema = z15.object({
+var scorableMetaSchema = z16.object({
   slug: slugSchema,
   title: titleSchema,
   docsUrl: docsUrlSchema
 });
 var scorableWithPluginMetaSchema = scorableMetaSchema.merge(
-  z15.object({
+  z16.object({
     plugin: pluginMetaSchema.pick({ slug: true, title: true, docsUrl: true }).describe("Plugin which defines it")
   })
 );
 var scorableDiffSchema = scorableMetaSchema.merge(
-  z15.object({
+  z16.object({
     scores: makeComparisonSchema(scoreSchema).merge(
-      z15.object({
-        diff: z15.number().min(-1).max(1).describe("Score change (`scores.after - scores.before`)")
+      z16.object({
+        diff: z16.number().min(-1).max(1).describe("Score change (`scores.after - scores.before`)")
       })
     ).describe("Score comparison")
   })
@@ -655,10 +658,10 @@ var scorableWithPluginDiffSchema = scorableDiffSchema.merge(
 var categoryDiffSchema = scorableDiffSchema;
 var groupDiffSchema = scorableWithPluginDiffSchema;
 var auditDiffSchema = scorableWithPluginDiffSchema.merge(
-  z15.object({
+  z16.object({
     values: makeComparisonSchema(auditValueSchema).merge(
-      z15.object({
-        diff: z15.number().int().describe("Value change (`values.after - values.before`)")
+      z16.object({
+        diff: z16.number().int().describe("Value change (`values.after - values.before`)")
       })
     ).describe("Audit `value` comparison"),
     displayValues: makeComparisonSchema(auditDisplayValueSchema).describe(
@@ -667,16 +670,18 @@ var auditDiffSchema = scorableWithPluginDiffSchema.merge(
   })
 );
 var categoryResultSchema = scorableMetaSchema.merge(
-  z15.object({ score: scoreSchema })
+  z16.object({ score: scoreSchema })
 );
 var groupResultSchema = scorableWithPluginMetaSchema.merge(
-  z15.object({ score: scoreSchema })
+  z16.object({ score: scoreSchema })
 );
 var auditResultSchema = scorableWithPluginMetaSchema.merge(
   auditOutputSchema.pick({ score: true, value: true, displayValue: true })
 );
-var reportsDiffSchema = z15.object({
+var reportsDiffSchema = z16.object({
   commits: makeComparisonSchema(commitSchema).nullable().describe("Commits identifying compared reports"),
+  portalUrl: urlSchema.optional().describe("Link to comparison page in Code PushUp portal"),
+  label: z16.string().optional().describe("Label (e.g. project name)"),
   categories: makeArraysComparisonSchema(
     categoryDiffSchema,
     categoryResultSchema,
@@ -730,17 +735,17 @@ var dependencyDocs = {
 
 // packages/plugin-js-packages/src/lib/config.ts
 var dependencyGroups = ["prod", "dev", "optional"];
-var dependencyGroupSchema = z16.enum(dependencyGroups);
-var packageCommandSchema = z16.enum(["audit", "outdated"]);
-var packageManagerIdSchema = z16.enum([
+var dependencyGroupSchema = z17.enum(dependencyGroups);
+var packageCommandSchema = z17.enum(["audit", "outdated"]);
+var packageManagerIdSchema = z17.enum([
   "npm",
   "yarn-classic",
   "yarn-modern",
   "pnpm"
 ]);
-var packageJsonPathSchema = z16.union([
-  z16.array(z16.string()).min(1),
-  z16.object({ autoSearch: z16.literal(true) })
+var packageJsonPathSchema = z17.union([
+  z17.array(z17.string()).min(1),
+  z17.object({ autoSearch: z17.literal(true) })
 ]).describe(
   "File paths to package.json. Looks only at root package.json by default"
 ).default(["package.json"]);
@@ -751,7 +756,7 @@ var packageAuditLevels = [
   "low",
   "info"
 ];
-var packageAuditLevelSchema = z16.enum(packageAuditLevels);
+var packageAuditLevelSchema = z17.enum(packageAuditLevels);
 function fillAuditLevelMapping(mapping) {
   return {
     critical: mapping.critical ?? defaultAuditLevelMapping.critical,
@@ -761,20 +766,23 @@ function fillAuditLevelMapping(mapping) {
     info: mapping.info ?? defaultAuditLevelMapping.info
   };
 }
-var jsPackagesPluginConfigSchema = z16.object({
-  checks: z16.array(packageCommandSchema, {
+var jsPackagesPluginConfigSchema = z17.object({
+  checks: z17.array(packageCommandSchema, {
     description: "Package manager commands to be run. Defaults to both audit and outdated."
   }).min(1).default(["audit", "outdated"]),
-  packageManager: packageManagerIdSchema.describe(
-    "Package manager to be used."
-  ),
-  dependencyGroups: z16.array(dependencyGroupSchema).min(1).default(["prod", "dev"]),
-  auditLevelMapping: z16.record(packageAuditLevelSchema, issueSeveritySchema, {
+  packageManager: packageManagerIdSchema.describe("Package manager to be used.").optional(),
+  dependencyGroups: z17.array(dependencyGroupSchema).min(1).default(["prod", "dev"]),
+  auditLevelMapping: z17.record(packageAuditLevelSchema, issueSeveritySchema, {
     description: "Mapping of audit levels to issue severity. Custom mapping or overrides may be entered manually, otherwise has a default preset."
   }).default(defaultAuditLevelMapping).transform(fillAuditLevelMapping),
   packageJsonPaths: packageJsonPathSchema
 });
 
+// packages/utils/src/lib/execute-process.ts
+import {
+  spawn
+} from "node:child_process";
+
 // packages/utils/src/lib/reports/utils.ts
 import ansis from "ansis";
 import { md } from "build-md";
@@ -782,6 +790,60 @@ import { md } from "build-md";
 // packages/utils/src/lib/reports/constants.ts
 var TERMINAL_WIDTH = 80;
 
+// packages/utils/src/lib/reports/utils.ts
+function calcDuration(start, stop) {
+  return Math.round((stop ?? performance.now()) - start);
+}
+
+// packages/utils/src/lib/execute-process.ts
+var ProcessError = class extends Error {
+  code;
+  stderr;
+  stdout;
+  constructor(result) {
+    super(result.stderr);
+    this.code = result.code;
+    this.stderr = result.stderr;
+    this.stdout = result.stdout;
+  }
+};
+function executeProcess(cfg) {
+  const { command, args, observer, ignoreExitCode = false, ...options } = cfg;
+  const { onStdout, onStderr, onError, onComplete } = observer ?? {};
+  const date = (/* @__PURE__ */ new Date()).toISOString();
+  const start = performance.now();
+  return new Promise((resolve, reject) => {
+    const spawnedProcess = spawn(command, args ?? [], {
+      shell: true,
+      ...options
+    });
+    let stdout = "";
+    let stderr = "";
+    spawnedProcess.stdout.on("data", (data) => {
+      stdout += String(data);
+      onStdout?.(String(data), spawnedProcess);
+    });
+    spawnedProcess.stderr.on("data", (data) => {
+      stderr += String(data);
+      onStderr?.(String(data), spawnedProcess);
+    });
+    spawnedProcess.on("error", (err) => {
+      stderr += err.toString();
+    });
+    spawnedProcess.on("close", (code2) => {
+      const timings = { date, duration: calcDuration(start) };
+      if (code2 === 0 || ignoreExitCode) {
+        onComplete?.();
+        resolve({ code: code2, stdout, stderr, ...timings });
+      } else {
+        const errorMsg = new ProcessError({ code: code2, stdout, stderr, ...timings });
+        onError?.(errorMsg);
+        reject(errorMsg);
+      }
+    });
+  });
+}
+
 // packages/utils/src/lib/file-system.ts
 import { bold, gray } from "ansis";
 import { bundleRequire } from "bundle-require";
@@ -816,6 +878,14 @@ function logListItem(args) {
 }
 
 // packages/utils/src/lib/file-system.ts
+async function fileExists(path) {
+  try {
+    const stats = await stat(path);
+    return stats.isFile();
+  } catch {
+    return false;
+  }
+}
 async function ensureDirectoryExists(baseDir) {
   try {
     await mkdir(baseDir, { recursive: true });
@@ -870,17 +940,23 @@ import { MultiProgressBars } from "multi-progress-bars";
 import { MarkdownDocument as MarkdownDocument3, md as md4 } from "build-md";
 
 // packages/utils/src/lib/reports/formatting.ts
-import { MarkdownDocument, md as md2 } from "build-md";
+import {
+  MarkdownDocument,
+  md as md2
+} from "build-md";
 
 // packages/utils/src/lib/reports/generate-md-report-categoy-section.ts
 import { MarkdownDocument as MarkdownDocument2, md as md3 } from "build-md";
 
 // packages/utils/src/lib/reports/generate-md-reports-diff.ts
 import {
-  MarkdownDocument as MarkdownDocument4,
-  md as md5
+  MarkdownDocument as MarkdownDocument5,
+  md as md6
 } from "build-md";
 
+// packages/utils/src/lib/reports/generate-md-reports-diff-utils.ts
+import { MarkdownDocument as MarkdownDocument4, md as md5 } from "build-md";
+
 // packages/utils/src/lib/reports/log-stdout-summary.ts
 import { bold as bold4, cyan, cyanBright, green as green2, red } from "ansis";
 
@@ -1038,9 +1114,14 @@ function getVulnerabilitiesTotal(summary) {
   return Object.values(summary).reduce((acc, value) => acc + value, 0);
 }
 
+// packages/plugin-js-packages/src/lib/package-managers/pnpm/utils.ts
+var filterOutWarnings = (output) => output.split("\n").filter((line) => !line.trim().startsWith("WARN")).join("\n");
+
 // packages/plugin-js-packages/src/lib/package-managers/pnpm/audit-result.ts
 function pnpmToAuditResult(output) {
-  const pnpmResult = JSON.parse(output);
+  const pnpmResult = JSON.parse(
+    filterOutWarnings(output)
+  );
   const vulnerabilities = Object.values(pnpmResult.advisories).map(
     ({
       module_name: name2,
@@ -1083,7 +1164,9 @@ function pnpmToDirectDependency(path) {
 
 // packages/plugin-js-packages/src/lib/package-managers/pnpm/outdated-result.ts
 function pnpmToOutdatedResult(output) {
-  const pnpmOutdated = JSON.parse(output);
+  const pnpmOutdated = JSON.parse(
+    filterOutWarnings(output)
+  );
   return objectToEntries(pnpmOutdated).map(
     ([name2, { current, latest, dependencyType: type }]) => ({
       name: name2,
@@ -1369,7 +1452,7 @@ import { writeFile } from "node:fs/promises";
 import { dirname } from "node:path";
 
 // packages/plugin-js-packages/src/lib/runner/audit/transform.ts
-import { md as md6 } from "build-md";
+import { md as md7 } from "build-md";
 
 // packages/plugin-js-packages/src/lib/runner/constants.ts
 import { join as join2 } from "node:path";
@@ -1382,7 +1465,7 @@ var PLUGIN_CONFIG_PATH = join2(
 );
 
 // packages/plugin-js-packages/src/lib/runner/outdated/transform.ts
-import { md as md7 } from "build-md";
+import { md as md8 } from "build-md";
 import { clean, diff, neq } from "semver";
 
 // packages/plugin-js-packages/src/lib/runner/outdated/constants.ts
@@ -1408,28 +1491,113 @@ async function createRunnerConfig(scriptPath, config) {
   };
 }
 
+// packages/plugin-js-packages/src/lib/package-managers/derive-package-manager.ts
+import { readFile as readFile2 } from "node:fs/promises";
+import { join as join3 } from "node:path";
+
+// packages/plugin-js-packages/src/lib/package-managers/derive-yarn.ts
+async function deriveYarnVersion() {
+  const { stdout } = await executeProcess({
+    command: "yarn",
+    args: ["-v"]
+  });
+  const yarnVersion = Number.parseInt(stdout.toString().trim().at(0) ?? "", 10);
+  if (yarnVersion >= 2) {
+    return "yarn-modern";
+  } else if (yarnVersion === 1) {
+    return "yarn-classic";
+  }
+  return false;
+}
+
+// packages/plugin-js-packages/src/lib/package-managers/derive-package-manager.ts
+async function derivePackageManagerInPackageJson(currentDir = process.cwd()) {
+  if (await fileExists(join3(currentDir, "package.json"))) {
+    const content = JSON.parse(
+      (await readFile2(join3("package.json"))).toString()
+    );
+    const { packageManager: packageManagerData = "" } = content;
+    const [manager = "", version2 = ""] = packageManagerData.split("@");
+    if (manager === "npm") {
+      return manager;
+    }
+    if (manager === "pnpm") {
+      return manager;
+    }
+    if (manager === "yarn") {
+      const majorVersion = Number(version2.split(".")[0]);
+      return majorVersion > 1 ? "yarn-modern" : "yarn-classic";
+    }
+  }
+  return false;
+}
+async function derivePackageManager(currentDir = process.cwd()) {
+  const pkgManagerFromPackageJson = await derivePackageManagerInPackageJson(
+    currentDir
+  );
+  if (pkgManagerFromPackageJson) {
+    return pkgManagerFromPackageJson;
+  }
+  if (await fileExists(join3(currentDir, "package-lock.json"))) {
+    return "npm";
+  } else if (await fileExists(join3(currentDir, "pnpm-lock.yaml"))) {
+    return "pnpm";
+  } else if (await fileExists(join3(currentDir, "yarn.lock"))) {
+    const yarnVersion = await deriveYarnVersion();
+    if (yarnVersion) {
+      return yarnVersion;
+    }
+  }
+  throw new Error(
+    "Could not detect package manager. Please provide it in the js-packages plugin config."
+  );
+}
+
+// packages/plugin-js-packages/src/lib/utils.ts
+async function normalizeConfig(config) {
+  const jsPackagesPluginConfig = jsPackagesPluginConfigSchema.parse(
+    config ?? {}
+  );
+  const {
+    packageManager,
+    dependencyGroups: dependencyGroupsCfg = [],
+    checks: checksCfg = [],
+    ...jsPackagesPluginConfigRest
+  } = jsPackagesPluginConfig;
+  const checks = [...new Set(checksCfg)];
+  const depGroups = [...new Set(dependencyGroupsCfg)];
+  const pm = packageManagers[packageManager ?? await derivePackageManager()];
+  return {
+    ...jsPackagesPluginConfigRest,
+    packageManager: pm,
+    checks,
+    depGroups
+  };
+}
+
 // packages/plugin-js-packages/src/lib/js-packages-plugin.ts
 async function jsPackagesPlugin(config) {
-  const jsPackagesPluginConfig = jsPackagesPluginConfigSchema.parse(config);
-  const checks = [...new Set(jsPackagesPluginConfig.checks)];
-  const depGroups = [...new Set(jsPackagesPluginConfig.dependencyGroups)];
-  const id = jsPackagesPluginConfig.packageManager;
-  const pm = packageManagers[id];
-  const runnerScriptPath = join3(
+  const { packageManager, checks, depGroups, ...jsPackagesPluginConfigRest } = await normalizeConfig(config);
+  const runnerScriptPath = join4(
     fileURLToPath(dirname2(import.meta.url)),
     "bin.js"
   );
   return {
     slug: "js-packages",
     title: "JS Packages",
-    icon: pm.icon,
+    icon: packageManager.icon,
     description: "This plugin runs audit to uncover vulnerabilities and lists outdated dependencies. It supports npm, yarn classic, yarn modern, and pnpm package managers.",
-    docsUrl: pm.docs.homepage,
+    docsUrl: packageManager.docs.homepage,
     packageName: name,
     version,
-    audits: createAudits(id, checks, depGroups),
-    groups: createGroups(id, checks, depGroups),
-    runner: await createRunnerConfig(runnerScriptPath, jsPackagesPluginConfig)
+    audits: createAudits(packageManager.slug, checks, depGroups),
+    groups: createGroups(packageManager.slug, checks, depGroups),
+    runner: await createRunnerConfig(runnerScriptPath, {
+      ...jsPackagesPluginConfigRest,
+      checks,
+      packageManager: packageManager.slug,
+      dependencyGroups: depGroups
+    })
   };
 }
 function createGroups(id, checks, depGroups) {