@herodevs/cli 2.0.0-beta.14 → 2.0.0-beta.15

package/dist/service/auth-token.svc.js

@@ -0,0 +1,48 @@
+import { AsyncEntry } from '@napi-rs/keyring';
+import { getAccessTokenKey, getRefreshTokenKey, getTokenServiceName } from "./auth-config.svc.js";
+import { decodeJwtPayload } from "./jwt.svc.js";
+const TOKEN_SKEW_SECONDS = 30;
+export async function saveTokens(tokens) {
+    const service = getTokenServiceName();
+    const accessKey = getAccessTokenKey();
+    const refreshKey = getRefreshTokenKey();
+    const accessTokenSet = new AsyncEntry(service, accessKey).setPassword(tokens.accessToken);
+    const refreshTokenSet = tokens.refreshToken
+        ? new AsyncEntry(service, refreshKey).setPassword(tokens.refreshToken)
+        : new AsyncEntry(service, refreshKey).deletePassword();
+    return Promise.all([accessTokenSet, refreshTokenSet]);
+}
+export async function getStoredTokens() {
+    const service = getTokenServiceName();
+    const accessKey = getAccessTokenKey();
+    const refreshKey = getRefreshTokenKey();
+    return Promise.all([
+        new AsyncEntry(service, accessKey).getPassword(),
+        new AsyncEntry(service, refreshKey).getPassword(),
+    ]).then(([accessToken, refreshToken]) => {
+        if (!accessToken && !refreshToken) {
+            return;
+        }
+        return {
+            accessToken,
+            refreshToken,
+        };
+    });
+}
+export async function clearStoredTokens() {
+    const service = getTokenServiceName();
+    const accessKey = getAccessTokenKey();
+    const refreshKey = getRefreshTokenKey();
+    return Promise.all([
+        new AsyncEntry(service, accessKey).deletePassword(),
+        new AsyncEntry(service, refreshKey).deletePassword(),
+    ]);
+}
+export function isAccessTokenExpired(token) {
+    const payload = decodeJwtPayload(token);
+    if (!payload?.exp) {
+        return true;
+    }
+    const now = Date.now() / 1000;
+    return now + TOKEN_SKEW_SECONDS >= payload.exp;
+}

package/dist/service/auth.svc.d.ts

@@ -0,0 +1,27 @@
+import type { TokenResponse } from '../types/auth.ts';
+export type { CITokenErrorCode } from './ci-auth.svc.ts';
+export { CITokenError } from './ci-auth.svc.ts';
+export type AuthErrorCode = 'NOT_LOGGED_IN' | 'SESSION_EXPIRED';
+export type TokenSource = 'oauth' | 'ci';
+export type TokenProvider = (forceRefresh?: boolean) => Promise<string>;
+export declare const AUTH_ERROR_MESSAGES: {
+    readonly UNAUTHENTICATED: "Please log in to perform this action. To authenticate, please run an \"auth login\" command.";
+    readonly SESSION_EXPIRED: "Your session has expired. To re-authenticate, please run an \"auth login\" command.";
+    readonly INVALID_TOKEN: "Your session has expired. To re-authenticate, please run an \"auth login\" command.";
+    readonly FORBIDDEN: "You do not have permission to perform this action.";
+    readonly NOT_LOGGED_IN_GENERIC: "You are not logged in. Please run an \"auth login\" command to authenticate.";
+};
+export declare function getTokenForScanWithSource(preferOAuth?: boolean): Promise<{
+    token: string;
+    source: TokenSource;
+}>;
+export declare class AuthError extends Error {
+    readonly code: AuthErrorCode;
+    constructor(message: string, code: AuthErrorCode);
+}
+export declare function persistTokenResponse(token: TokenResponse): Promise<void>;
+export declare function getAccessToken(): Promise<string | undefined>;
+export declare function getTokenProvider(preferOAuth?: boolean): TokenProvider;
+export declare function requireAccessToken(): Promise<string>;
+export declare function logoutLocally(): Promise<void>;
+export declare const requireAccessTokenForScan: TokenProvider;

package/dist/service/auth.svc.js

@@ -0,0 +1,88 @@
+import { refreshTokens } from "./auth-refresh.svc.js";
+import { clearStoredTokens, getStoredTokens, isAccessTokenExpired, saveTokens } from "./auth-token.svc.js";
+import { requireCIAccessToken } from "./ci-auth.svc.js";
+import { getCIToken } from "./ci-token.svc.js";
+import { debugLogger } from "./log.svc.js";
+export { CITokenError } from "./ci-auth.svc.js";
+export const AUTH_ERROR_MESSAGES = {
+    UNAUTHENTICATED: 'Please log in to perform this action. To authenticate, please run an "auth login" command.',
+    SESSION_EXPIRED: 'Your session has expired. To re-authenticate, please run an "auth login" command.',
+    INVALID_TOKEN: 'Your session has expired. To re-authenticate, please run an "auth login" command.',
+    FORBIDDEN: 'You do not have permission to perform this action.',
+    NOT_LOGGED_IN_GENERIC: 'You are not logged in. Please run an "auth login" command to authenticate.',
+};
+export async function getTokenForScanWithSource(preferOAuth) {
+    if (preferOAuth) {
+        const token = await requireAccessToken();
+        return { token, source: 'oauth' };
+    }
+    const tokens = await getStoredTokens();
+    if (tokens?.accessToken && !isAccessTokenExpired(tokens.accessToken)) {
+        return { token: tokens.accessToken, source: 'oauth' };
+    }
+    if (tokens?.refreshToken) {
+        try {
+            const newTokens = await refreshTokens(tokens.refreshToken);
+            await persistTokenResponse(newTokens);
+            return { token: newTokens.access_token, source: 'oauth' };
+        }
+        catch (error) {
+            debugLogger('Token refresh failed: %O', error);
+        }
+    }
+    const ciToken = getCIToken();
+    if (ciToken) {
+        const accessToken = await requireCIAccessToken();
+        return { token: accessToken, source: 'ci' };
+    }
+    if (!tokens?.accessToken) {
+        throw new AuthError(AUTH_ERROR_MESSAGES.UNAUTHENTICATED, 'NOT_LOGGED_IN');
+    }
+    throw new AuthError(AUTH_ERROR_MESSAGES.SESSION_EXPIRED, 'SESSION_EXPIRED');
+}
+export class AuthError extends Error {
+    code;
+    constructor(message, code) {
+        super(message);
+        this.name = 'AuthError';
+        this.code = code;
+    }
+}
+export async function persistTokenResponse(token) {
+    await saveTokens({
+        accessToken: token.access_token,
+        refreshToken: token.refresh_token,
+    });
+}
+export async function getAccessToken() {
+    const tokens = await getStoredTokens();
+    if (!tokens) {
+        return;
+    }
+    if (tokens.accessToken && !isAccessTokenExpired(tokens.accessToken)) {
+        return tokens.accessToken;
+    }
+    if (!tokens.refreshToken) {
+        return;
+    }
+    const refreshed = await refreshTokens(tokens.refreshToken);
+    await persistTokenResponse(refreshed);
+    return refreshed.access_token;
+}
+export function getTokenProvider(preferOAuth) {
+    return async (_forceRefresh) => {
+        const { token } = await getTokenForScanWithSource(preferOAuth);
+        return token;
+    };
+}
+export async function requireAccessToken() {
+    const token = await getAccessToken();
+    if (!token) {
+        throw new Error(AUTH_ERROR_MESSAGES.NOT_LOGGED_IN_GENERIC);
+    }
+    return token;
+}
+export async function logoutLocally() {
+    await clearStoredTokens();
+}
+export const requireAccessTokenForScan = getTokenProvider();

package/dist/service/ci-auth.svc.d.ts

@@ -0,0 +1,6 @@
+export type CITokenErrorCode = 'CI_TOKEN_INVALID' | 'CI_TOKEN_REFRESH_FAILED' | 'CI_ORG_ID_REQUIRED';
+export declare class CITokenError extends Error {
+    readonly code: CITokenErrorCode;
+    constructor(message: string, code: CITokenErrorCode);
+}
+export declare function requireCIAccessToken(): Promise<string>;

package/dist/service/ci-auth.svc.js

@@ -0,0 +1,32 @@
+import { exchangeCITokenForAccess } from "../api/ci-token.client.js";
+import { config } from "../config/constants.js";
+import { getCIToken, saveCIToken } from "./ci-token.svc.js";
+import { debugLogger } from "./log.svc.js";
+const CITOKEN_ERROR_MESSAGE = "CI token is invalid or expired. To provision a new CI token, run 'hd auth provision-ci-token' (after logging in with 'hd auth login').";
+export class CITokenError extends Error {
+    code;
+    constructor(message, code) {
+        super(message);
+        this.name = 'CITokenError';
+        this.code = code;
+    }
+}
+export async function requireCIAccessToken() {
+    const ciToken = getCIToken();
+    if (!ciToken) {
+        throw new CITokenError(CITOKEN_ERROR_MESSAGE, 'CI_TOKEN_INVALID');
+    }
+    try {
+        const result = await exchangeCITokenForAccess({
+            refreshToken: ciToken,
+        });
+        if (result.refreshToken && config.ciTokenFromEnv === undefined) {
+            saveCIToken(result.refreshToken);
+        }
+        return result.accessToken;
+    }
+    catch (error) {
+        debugLogger('CI token refresh failed: %O', error);
+        throw new CITokenError(CITOKEN_ERROR_MESSAGE, 'CI_TOKEN_REFRESH_FAILED');
+    }
+}

package/dist/service/ci-token.svc.d.ts

@@ -0,0 +1,6 @@
+export declare function encryptToken(plaintext: string): string;
+export declare function decryptToken(encoded: string): string;
+export declare function getCITokenFromStorage(): string | undefined;
+export declare function getCIToken(): string | undefined;
+export declare function saveCIToken(token: string): void;
+export declare function clearCIToken(): void;

package/dist/service/ci-token.svc.js

@@ -0,0 +1,75 @@
+import crypto from 'node:crypto';
+import os from 'node:os';
+import path from 'node:path';
+import Conf from 'conf';
+import { config } from "../config/constants.js";
+const CI_TOKEN_STORAGE_KEY = 'ciRefreshToken';
+const ENCRYPTION_SALT = 'hdcli-ci-token-v1';
+const ALGORITHM = 'aes-256-gcm';
+const IV_LENGTH = 12;
+const AUTH_TAG_LENGTH = 16;
+function getConfStore() {
+    const cwd = path.join(os.homedir(), '.hdcli');
+    return new Conf({
+        projectName: 'hdcli',
+        cwd,
+        configName: 'ci-token',
+    });
+}
+function getMachineKey() {
+    const hostname = os.hostname();
+    const username = os.userInfo().username;
+    const raw = `${hostname}:${username}:${ENCRYPTION_SALT}`;
+    return crypto.createHash('sha256').update(raw, 'utf8').digest();
+}
+export function encryptToken(plaintext) {
+    const key = getMachineKey();
+    const iv = crypto.randomBytes(IV_LENGTH);
+    const cipher = crypto.createCipheriv(ALGORITHM, key, iv);
+    const encrypted = Buffer.concat([cipher.update(plaintext, 'utf8'), cipher.final()]);
+    const authTag = cipher.getAuthTag();
+    const combined = Buffer.concat([iv, authTag, encrypted]);
+    return combined.toString('base64url');
+}
+export function decryptToken(encoded) {
+    const key = getMachineKey();
+    const combined = Buffer.from(encoded, 'base64url');
+    if (combined.length < IV_LENGTH + AUTH_TAG_LENGTH) {
+        throw new Error('Invalid encrypted token format');
+    }
+    const iv = combined.subarray(0, IV_LENGTH);
+    const authTag = combined.subarray(IV_LENGTH, IV_LENGTH + AUTH_TAG_LENGTH);
+    const ciphertext = combined.subarray(IV_LENGTH + AUTH_TAG_LENGTH);
+    const decipher = crypto.createDecipheriv(ALGORITHM, key, iv);
+    decipher.setAuthTag(authTag);
+    return decipher.update(ciphertext).toString('utf8') + decipher.final('utf8');
+}
+export function getCITokenFromStorage() {
+    const store = getConfStore();
+    const encoded = store.get(CI_TOKEN_STORAGE_KEY);
+    if (encoded === undefined || typeof encoded !== 'string') {
+        return undefined;
+    }
+    try {
+        return decryptToken(encoded);
+    }
+    catch {
+        return undefined;
+    }
+}
+export function getCIToken() {
+    const fromEnv = config.ciTokenFromEnv;
+    if (fromEnv !== undefined) {
+        return fromEnv;
+    }
+    return getCITokenFromStorage();
+}
+export function saveCIToken(token) {
+    const store = getConfStore();
+    const encoded = encryptToken(token);
+    store.set(CI_TOKEN_STORAGE_KEY, encoded);
+}
+export function clearCIToken() {
+    const store = getConfStore();
+    store.delete(CI_TOKEN_STORAGE_KEY);
+}

package/dist/service/jwt.svc.d.ts

@@ -0,0 +1 @@
+export declare function decodeJwtPayload(token: string | undefined): Record<string, unknown> | undefined;

package/dist/service/jwt.svc.js

@@ -0,0 +1,19 @@
+export function decodeJwtPayload(token) {
+    if (!token) {
+        return;
+    }
+    try {
+        const parts = token.split('.');
+        if (parts.length < 2 || !parts[1]) {
+            return;
+        }
+        const payload = JSON.parse(Buffer.from(parts[1], 'base64url').toString('utf8'));
+        if (!payload || typeof payload !== 'object' || Array.isArray(payload)) {
+            return;
+        }
+        return payload;
+    }
+    catch {
+        return;
+    }
+}

package/dist/service/tracker.svc.d.ts

@@ -1,3 +1,58 @@
-import { type TrackerConfig } from '../config/tracker.config.js';
+import { type TrackerCategoryDefinition, type TrackerConfig } from '../config/tracker.config.ts';
+export type GitLastCommit = {
+    hash: string;
+    timestamp: string;
+    author: string;
+};
+export type FilesStats = {
+    total: number;
+    source: number;
+    comment: number;
+    single: number;
+    block: number;
+    mixed: number;
+    empty: number;
+    todo: number;
+    blockEmpty: number;
+    [k: string]: number | string | boolean;
+};
+export type CategoryStatsResult = {
+    name: string;
+    totals: FilesStats;
+    errors: string[];
+    fileTypes: string[];
+};
+export type CategorySavedResult = {
+    timestamp: string;
+    hash: string;
+    categories: CategoryStatsResult[];
+};
+export declare const INITIAL_FILES_STATS: FilesStats;
 export declare const getRootDir: (path: string) => string;
+export declare const getConfiguration: (path: string, folderName: string, fileName: string) => TrackerConfig;
 export declare const createTrackerConfig: (rootPath: string, config: TrackerConfig, overwrite?: boolean) => Promise<void>;
+export declare const getFilesFromCategory: (category: TrackerCategoryDefinition, options: {
+    rootDir: string;
+    ignorePatterns?: string[];
+}) => string[];
+export declare const getFileStats: (path: string, options: {
+    rootDir: string;
+}) => {
+    source: number;
+    total: number;
+    comment: number;
+    single: number;
+    block: number;
+    mixed: number;
+    empty: number;
+    todo: number;
+    blockEmpty: number;
+    path: string;
+    fileType: string;
+    error?: undefined;
+} | {
+    path: string;
+    fileType: string;
+    error: boolean;
+};
+export declare const saveResults: (categoriesResult: CategoryStatsResult[], rootDir: string, outputDir: string, git: GitLastCommit) => string;

package/dist/service/tracker.svc.js

@@ -1,7 +1,21 @@
-import { existsSync, mkdirSync } from 'node:fs';
+import { existsSync, mkdirSync, readFileSync, writeFileSync } from 'node:fs';
 import { writeFile } from 'node:fs/promises';
-import { join, resolve } from 'node:path';
-import { TRACKER_ROOT_FILE } from '../config/tracker.config.js';
+import { extname, join, resolve } from 'node:path';
+import { globSync } from 'glob'; // replace with node:fs globSync as soon as v22 is minimum supported version
+import sloc from 'sloc';
+import { DEFAULT_TRACKER_RUN_DATA_FILE } from '../config/constants.js';
+import { TRACKER_ROOT_FILE } from "../config/tracker.config.js";
+export const INITIAL_FILES_STATS = {
+    total: 0,
+    block: 0,
+    blockEmpty: 0,
+    comment: 0,
+    empty: 0,
+    mixed: 0,
+    single: 0,
+    source: 0,
+    todo: 0,
+};
 export const getRootDir = (path) => {
     if (existsSync(join(path, TRACKER_ROOT_FILE))) {
         return path;
@@ -11,6 +25,21 @@ export const getRootDir = (path) => {
     }
     return getRootDir(resolve(join(path, '..')));
 };
+export const getConfiguration = (path, folderName, fileName) => {
+    const filePath = join(path, folderName, fileName);
+    if (!existsSync(filePath)) {
+        throw new Error(`Couldn't find configuration ${fileName} file in ${path}. If you haven't, run tracker init command to create the configuration file. If you have a custom folder and configuration file, use the flags -d (directory) and -f (filename) to specify it`);
+    }
+    const stringConfiguration = readFileSync(filePath, {
+        encoding: 'utf-8',
+    });
+    try {
+        return JSON.parse(stringConfiguration);
+    }
+    catch (_err) {
+        throw new Error(`A configuration file was found, but it's contents are not valid. Review your configuration file and fix any errors, or run tracker init -o to overwrite the file`);
+    }
+};
 export const createTrackerConfig = async (rootPath, config, overwrite = false) => {
     const { outputDir } = config;
     const configDir = join(rootPath, outputDir);
@@ -24,3 +53,49 @@ export const createTrackerConfig = async (rootPath, config, overwrite = false) =
     }
     await writeFile(join(configDir, config.configFile), JSON.stringify(config, null, 2));
 };
+export const getFilesFromCategory = (category, options) => {
+    const { fileTypes, includes } = category;
+    const { rootDir, ignorePatterns } = options;
+    // if no includes folder or no specific file type is set, we ignore the category
+    if (fileTypes.length === 0 || includes.length === 0) {
+        return [];
+    }
+    const patterns = includes.flatMap((include) => fileTypes.map((type) => `*${include.replace('./', '')}/**/*.${type}`));
+    return globSync(patterns, {
+        cwd: rootDir,
+        ignore: ignorePatterns?.map((ignore) => `${ignore}`) ?? [],
+    });
+};
+export const getFileStats = (path, options) => {
+    const fileType = extname(path).replace(/\./g, '');
+    try {
+        const stats = sloc(readFileSync(join(options.rootDir, path), 'utf8'), fileType);
+        return {
+            path,
+            fileType,
+            ...stats,
+        };
+    }
+    catch (_err) {
+        return {
+            path,
+            fileType,
+            error: true,
+        };
+    }
+};
+export const saveResults = (categoriesResult, rootDir, outputDir, git) => {
+    const dataResults = [];
+    const dataFile = join(rootDir, outputDir, DEFAULT_TRACKER_RUN_DATA_FILE);
+    try {
+        const savedOutput = readFileSync(dataFile).toString('utf8');
+        dataResults.push(...JSON.parse(savedOutput));
+    }
+    catch (_err) { }
+    dataResults.push({
+        ...git,
+        categories: categoriesResult,
+    });
+    writeFileSync(dataFile, JSON.stringify(dataResults, null, 2));
+    return `${dataFile}`;
+};

package/dist/types/auth.d.ts

@@ -0,0 +1,9 @@
+export interface TokenResponse {
+    access_token: string;
+    refresh_token?: string;
+    expires_in?: number;
+    refresh_expires_in?: number;
+    token_type?: string;
+    scope?: string;
+    id_token?: string;
+}

package/dist/types/auth.js

@@ -0,0 +1 @@
+export {};

package/dist/utils/open-in-browser.d.ts

@@ -0,0 +1 @@
+export declare function openInBrowser(url: string): Promise<void>;

package/dist/utils/open-in-browser.js

@@ -0,0 +1,21 @@
+import { exec } from 'node:child_process';
+import { platform } from 'node:os';
+export function openInBrowser(url) {
+    return new Promise((resolve, reject) => {
+        const escapedUrl = `"${url.replace(/"/g, '\\"')}"`;
+        const command = (() => {
+            const plat = platform();
+            if (plat === 'darwin')
+                return `open ${escapedUrl}`; // macOS
+            if (plat === 'win32')
+                return `start "" ${escapedUrl}`; // Windows
+            return `xdg-open ${escapedUrl}`; // Linux
+        })();
+        exec(command, (err) => {
+            if (err)
+                reject(new Error(`Failed to open browser: ${err.message}`));
+            else
+                resolve();
+        });
+    });
+}

package/dist/utils/retry.d.ts

@@ -0,0 +1,11 @@
+export type RetryOptions = {
+    attempts: number;
+    baseDelayMs: number;
+    onRetry?: (info: {
+        attempt: number;
+        delayMs: number;
+        error: unknown;
+    }) => void;
+    finalErrorMessage?: string;
+};
+export declare function withRetries<T>(operation: string, fn: () => Promise<T>, options: RetryOptions): Promise<T>;

package/dist/utils/retry.js

@@ -0,0 +1,29 @@
+import { debugLogger } from "../service/log.svc.js";
+const sleep = (ms) => new Promise((resolve) => setTimeout(resolve, ms));
+export async function withRetries(operation, fn, options) {
+    const { attempts, baseDelayMs, onRetry, finalErrorMessage } = options;
+    let lastError;
+    for (let attempt = 1; attempt <= attempts; attempt += 1) {
+        try {
+            return await fn();
+        }
+        catch (error) {
+            lastError = error;
+            if (attempt === attempts) {
+                break;
+            }
+            const delayMs = baseDelayMs * attempt;
+            if (onRetry) {
+                onRetry({ attempt, delayMs, error });
+            }
+            else {
+                debugLogger('Retry (%s) attempt %d/%d after %dms: %o', operation, attempt, attempts, delayMs, error);
+            }
+            await sleep(delayMs);
+        }
+    }
+    const message = finalErrorMessage ??
+        (lastError instanceof Error ? lastError.message : null) ??
+        'Please contact support@herodevs.com.';
+    throw new Error(message);
+}

package/dist/utils/strip-typename.js

@@ -7,7 +7,8 @@ export function stripTypename(obj) {
         for (const key of Object.keys(obj)) {
             if (key === '__typename')
                 continue;
-            result[key] = stripTypename(obj[key]);
+            const value = obj[key];
+            result[key] = stripTypename(value);
         }
         return result;
     }

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@herodevs/cli",
-  "version": "2.0.0-beta.14",
+  "version": "2.0.0-beta.15",
   "author": "HeroDevs, Inc",
   "bin": {
     "hd": "./bin/run.js"
@@ -11,7 +11,7 @@
     "url": "https://github.com/herodevs/cli"
   },
   "homepage": "https://github.com/herodevs/cli",
-  "bugs": "https://github.com/@herodevs/cli/issues",
+  "bugs": "https://github.com/herodevs/cli/issues",
   "scripts": {
     "build": "shx rm -rf dist && tsc -b",
     "ci": "biome ci",
@@ -20,15 +20,18 @@
     "clean:files": "shx rm -f herodevs.**.csv herodevs.**.json herodevs.**.txt",
     "dev": "npm run build && ./bin/dev.js",
     "dev:debug": "npm run build && DEBUG=oclif:* ./bin/dev.js",
+    "dev:auth:local": "OAUTH_CONNECT_URL='http://localhost:6040/realms/herodevs_local/protocol/openid-connect' npm run dev auth login",
+    "dev:auth:logout": "npm run dev auth logout",
     "format": "biome format --write",
     "lint": "biome lint --write",
     "postpack": "shx rm -f oclif.manifest.json",
     "prepare": "shx test -d dist || npm run build",
     "prepack": "oclif manifest",
     "pretest": "npm run lint && npm run typecheck",
-    "readme": "npm run ci:fix && npm run build && oclif readme",
-    "test": "globstar -- node --import tsx --test --experimental-test-module-mocks \"test/**/*.test.ts\"",
-    "test:e2e": "globstar -- node --import tsx --test \"e2e/**/*.test.ts\"",
+    "readme": "npm run ci:fix && npm run build && oclif readme && sed -i '' 's|/plugin-help/blob/v|/plugin-help/blob/|; s|/plugin-update/blob/v|/plugin-update/blob/|' README.md",
+    "test": "vitest run",
+    "test:watch": "vitest watch",
+    "test:e2e": "globstar -- node --import tsx --import ./e2e/setup/register-mock-auth.mjs --test \"e2e/**/*.test.ts\"",
     "typecheck": "tsc --noEmit",
     "version": "oclif manifest",
     "postversion": "node scripts/update-install-script-version.js && git add README.md"
@@ -39,29 +42,40 @@
     "herodevs cli"
   ],
   "dependencies": {
-    "@amplitude/analytics-node": "^1.5.22",
+    "@amplitude/analytics-node": "^1.5.26",
     "@apollo/client": "^4.0.9",
-    "@cyclonedx/cdxgen": "^11.11.0",
-    "@herodevs/eol-shared": "github:herodevs/eol-shared#v0.1.12",
-    "@inquirer/prompts": "^8.0.1",
+    "@cyclonedx/cdxgen": "^12.1.1",
+    "@herodevs/eol-shared": "github:herodevs/eol-shared#v0.1.17",
+    "@inquirer/prompts": "^8.0.2",
+    "@napi-rs/keyring": "^1.2.0",
     "@oclif/core": "^4.8.0",
     "@oclif/plugin-help": "^6.2.32",
-    "@oclif/plugin-update": "^4.7.14",
+    "@oclif/plugin-update": "^4.7.16",
     "@oclif/table": "^0.5.1",
+    "cli-progress": "^3.12.0",
+    "conf": "^15.1.0",
     "date-fns": "^4.1.0",
+    "glob": "^13.0.0",
+    "graphql": "^16.11.0",
     "node-machine-id": "^1.1.12",
     "ora": "^9.0.0",
     "packageurl-js": "^2.0.1",
+    "sloc": "^0.3.2",
     "terminal-link": "^5.0.0",
     "update-notifier": "^7.3.1"
   },
   "devDependencies": {
-    "@biomejs/biome": "^2.3.4",
-    "@oclif/test": "^4.1.13",
+    "@biomejs/biome": "^2.3.8",
+    "@oclif/test": "^4.1.15",
+    "@types/cli-progress": "^3.11.6",
+    "@types/debug": "^4.1.12",
     "@types/inquirer": "^9.0.9",
     "@types/mock-fs": "^4.13.4",
-    "@types/node": "^24.10.0",
-    "@types/sinon": "^17.0.4",
+    "@types/node": "^24.10.1",
+    "@types/ora": "^3.1.0",
+    "@types/sinon": "^21.0.0",
+    "@types/sloc": "^0.2.3",
+    "@types/terminal-link": "^1.1.0",
     "@types/update-notifier": "^6.0.8",
     "globstar": "^1.0.0",
     "mock-fs": "^5.5.0",
@@ -69,8 +83,9 @@
     "shx": "^0.4.0",
     "sinon": "^21.0.0",
     "ts-node": "^10.9.2",
-    "tsx": "^4.20.6",
-    "typescript": "^5.9.3"
+    "tsx": "^4.21.0",
+    "typescript": "^5.9.3",
+    "vitest": "^4.0.16"
   },
   "engines": {
     "node": ">=20.0.0"
@@ -88,7 +103,6 @@
     "commands": "./dist/commands",
     "plugins": [
       "@oclif/plugin-help",
-      "@oclif/plugin-plugins",
       "@oclif/plugin-update"
     ],
     "hooks": {