npm - @mr-aftab-ahmad-khan/depguard-cli - Versions diffs - 0.1.0 - Mend

@mr-aftab-ahmad-khan/depguard-cli 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (18) hide show

package/CHANGELOG.md +10 -0
package/LICENSE +15 -0
package/README.md +337 -0
package/dist/chunk-BH7GFJ3G.js +592 -0
package/dist/chunk-BH7GFJ3G.js.map +1 -0
package/dist/cli.cjs +679 -0
package/dist/cli.cjs.map +1 -0
package/dist/cli.d.cts +1 -0
package/dist/cli.d.ts +1 -0
package/dist/cli.js +88 -0
package/dist/cli.js.map +1 -0
package/dist/index.cjs +639 -0
package/dist/index.cjs.map +1 -0
package/dist/index.d.cts +63 -0
package/dist/index.d.ts +63 -0
package/dist/index.js +29 -0
package/dist/index.js.map +1 -0
package/package.json +67 -0

package/dist/chunk-BH7GFJ3G.js ADDED Viewed

@@ -0,0 +1,592 @@
+// src/scoring.ts
+var SEVERITY_ORDER = {
+  info: 0,
+  low: 1,
+  medium: 2,
+  high: 3,
+  critical: 4
+};
+function maxSeverity(findings) {
+  let worst = "info";
+  for (const f of findings) {
+    if (SEVERITY_ORDER[f.severity] > SEVERITY_ORDER[worst]) worst = f.severity;
+  }
+  return worst;
+}
+function severityAtLeast(a, b) {
+  return SEVERITY_ORDER[a] >= SEVERITY_ORDER[b];
+}
+function scoreInstallScript(script) {
+  const reasons = [];
+  let score = 0;
+  const lower = script.toLowerCase();
+  if (/(curl|wget)\s+[^|]+\|\s*(sh|bash|zsh|node)/i.test(script)) {
+    score += 5;
+    reasons.push("curl/wget piped to a shell or node");
+  }
+  if (/\bbase64\b/.test(lower) && /\b(eval|exec)\b/.test(lower)) {
+    score += 5;
+    reasons.push("base64 combined with eval/exec");
+  }
+  if (/\bnew\s+Function\s*\(/.test(script)) {
+    score += 3;
+    reasons.push("dynamic `new Function()` invocation");
+  }
+  if (/process\.env(\.|\[)/.test(script)) {
+    score += 2;
+    reasons.push("reads process.env at install time");
+  }
+  if (/https?:\/\/(?!registry\.npmjs\.org|nodejs\.org|github\.com)[^\s'"`]+/i.test(script)) {
+    score += 3;
+    reasons.push("network call to a non-trusted domain");
+  }
+  if (/[A-Za-z0-9+/]{200,}={0,2}/.test(script)) {
+    score += 3;
+    reasons.push("very long opaque token (possible obfuscation)");
+  }
+  if (script.length > 300 && !script.includes("\n")) {
+    score += 2;
+    reasons.push("obfuscated one-liner > 300 chars");
+  }
+  return { score: Math.min(score, 10), reasons };
+}
+function levenshtein(a, b) {
+  if (a === b) return 0;
+  if (a.length === 0) return b.length;
+  if (b.length === 0) return a.length;
+  const prev = new Array(b.length + 1);
+  const curr = new Array(b.length + 1);
+  for (let j = 0; j <= b.length; j++) prev[j] = j;
+  for (let i = 1; i <= a.length; i++) {
+    curr[0] = i;
+    for (let j = 1; j <= b.length; j++) {
+      const cost = a[i - 1] === b[j - 1] ? 0 : 1;
+      curr[j] = Math.min(curr[j - 1] + 1, prev[j] + 1, prev[j - 1] + cost);
+    }
+    for (let j = 0; j <= b.length; j++) prev[j] = curr[j];
+  }
+  return prev[b.length];
+}
+function findTyposquatCandidate(name, topPackages) {
+  if (topPackages.includes(name)) return void 0;
+  for (const top of topPackages) {
+    if (Math.abs(top.length - name.length) > 2) continue;
+    const dist = levenshtein(name, top);
+    if (dist > 0 && dist <= 2) return top;
+  }
+  return void 0;
+}
+// src/top-packages.ts
+var TOP_PACKAGES = [
+  "react",
+  "react-dom",
+  "next",
+  "vue",
+  "svelte",
+  "angular",
+  "lodash",
+  "axios",
+  "express",
+  "fastify",
+  "koa",
+  "hono",
+  "moment",
+  "date-fns",
+  "dayjs",
+  "luxon",
+  "typescript",
+  "ts-node",
+  "tsx",
+  "tsup",
+  "esbuild",
+  "webpack",
+  "vite",
+  "rollup",
+  "parcel",
+  "babel",
+  "eslint",
+  "prettier",
+  "jest",
+  "vitest",
+  "mocha",
+  "chai",
+  "sinon",
+  "ava",
+  "cypress",
+  "playwright",
+  "puppeteer",
+  "redux",
+  "zustand",
+  "jotai",
+  "mobx",
+  "recoil",
+  "rxjs",
+  "graphql",
+  "apollo-client",
+  "apollo-server",
+  "prisma",
+  "drizzle-orm",
+  "kysely",
+  "knex",
+  "typeorm",
+  "sequelize",
+  "mongoose",
+  "pg",
+  "mysql2",
+  "sqlite3",
+  "better-sqlite3",
+  "redis",
+  "ioredis",
+  "bullmq",
+  "kafkajs",
+  "amqplib",
+  "socket.io",
+  "ws",
+  "uws",
+  "polka",
+  "fastify",
+  "h3",
+  "commander",
+  "yargs",
+  "minimist",
+  "inquirer",
+  "prompts",
+  "ora",
+  "chalk",
+  "picocolors",
+  "kleur",
+  "boxen",
+  "cli-table3",
+  "figlet",
+  "fs-extra",
+  "fast-glob",
+  "glob",
+  "globby",
+  "rimraf",
+  "del",
+  "execa",
+  "shelljs",
+  "cross-env",
+  "dotenv",
+  "joi",
+  "yup",
+  "zod",
+  "ajv",
+  "valibot",
+  "superstruct",
+  "io-ts",
+  "class-validator",
+  "passport",
+  "jsonwebtoken",
+  "jose",
+  "bcrypt",
+  "bcryptjs",
+  "argon2",
+  "uuid",
+  "nanoid",
+  "ulid",
+  "cuid",
+  "shortid",
+  "ms",
+  "humanize-duration",
+  "pluralize",
+  "marked",
+  "remark",
+  "rehype",
+  "showdown",
+  "turndown",
+  "cheerio",
+  "jsdom",
+  "playwright-core",
+  "node-fetch",
+  "got",
+  "ky",
+  "openai",
+  "anthropic",
+  "ai",
+  "@modelcontextprotocol/sdk",
+  "langchain",
+  "llamaindex",
+  "tiktoken",
+  "gpt-3-encoder",
+  "tailwindcss",
+  "postcss",
+  "autoprefixer",
+  "sass",
+  "stylus",
+  "less",
+  "styled-components",
+  "@emotion/react",
+  "@emotion/styled",
+  "framer-motion",
+  "react-router-dom",
+  "react-query",
+  "@tanstack/react-query",
+  "swr",
+  "trpc",
+  "@trpc/server",
+  "@trpc/client",
+  "winston",
+  "pino",
+  "bunyan",
+  "morgan",
+  "debug",
+  "sharp",
+  "jimp",
+  "canvas",
+  "puppeteer-core",
+  "playwright-chromium",
+  "exceljs",
+  "xlsx",
+  "pdfkit",
+  "pdf-lib",
+  "pdfmake",
+  "node-cron",
+  "agenda",
+  "bull",
+  "node-schedule",
+  "@sentry/node",
+  "@sentry/browser",
+  "@sentry/react",
+  "stripe",
+  "@stripe/stripe-js",
+  "twilio",
+  "nodemailer",
+  "resend",
+  "aws-sdk",
+  "@aws-sdk/client-s3",
+  "@aws-sdk/client-dynamodb",
+  "googleapis",
+  "firebase",
+  "firebase-admin",
+  "supabase",
+  "@supabase/supabase-js",
+  "mongodb",
+  "mongoose",
+  "elasticsearch",
+  "@elastic/elasticsearch",
+  "puppeteer-extra",
+  "playwright-extra",
+  "discord.js",
+  "telegraf",
+  "node-telegram-bot-api",
+  "slack-sdk",
+  "@slack/web-api",
+  "fast-xml-parser",
+  "xml2js",
+  "yaml",
+  "toml",
+  "ini",
+  "msgpack-lite",
+  "protobufjs",
+  "grpc",
+  "@grpc/grpc-js"
+];
+// src/scanner.ts
+import { existsSync as existsSync2, readFileSync as readFileSync2, readdirSync, statSync } from "fs";
+import { join as join2 } from "path";
+import { homedir as homedir2 } from "os";
+// src/registry.ts
+import { existsSync, mkdirSync, readFileSync, writeFileSync } from "fs";
+import { homedir } from "os";
+import { join } from "path";
+var CACHE_DIR = join(homedir(), ".depguard", "cache");
+function cacheFile(name) {
+  const safe = name.replace(/[^a-zA-Z0-9._-]/g, "_");
+  return join(CACHE_DIR, `${safe}.json`);
+}
+function readCache(name) {
+  const file = cacheFile(name);
+  if (!existsSync(file)) return void 0;
+  try {
+    const entry = JSON.parse(readFileSync(file, "utf8"));
+    if (entry.expiresAt > Date.now()) return entry.data;
+  } catch {
+    return void 0;
+  }
+  return void 0;
+}
+function writeCache(name, data, ttlMs) {
+  if (!existsSync(CACHE_DIR)) mkdirSync(CACHE_DIR, { recursive: true });
+  const entry = { expiresAt: Date.now() + ttlMs, data };
+  writeFileSync(cacheFile(name), JSON.stringify(entry), "utf8");
+}
+async function fetchPackument(name, opts = {}) {
+  const ttl = opts.ttlMs ?? 60 * 60 * 1e3;
+  const cached = readCache(name);
+  if (cached) return cached;
+  const fetcher = opts.fetcher ?? globalThis.fetch;
+  if (!fetcher) return void 0;
+  try {
+    const res = await fetcher(`https://registry.npmjs.org/${encodeURIComponent(name).replace("%40", "@")}`);
+    if (!res.ok) return void 0;
+    const data = await res.json();
+    writeCache(name, data, ttl);
+    return data;
+  } catch {
+    return void 0;
+  }
+}
+// src/scanner.ts
+function readJsonSafe(file) {
+  try {
+    return JSON.parse(readFileSync2(file, "utf8"));
+  } catch {
+    return void 0;
+  }
+}
+function findInstalled(root, depth) {
+  const nm = join2(root, "node_modules");
+  if (!existsSync2(nm)) return [];
+  const out = [];
+  const visited = /* @__PURE__ */ new Set();
+  const walk = (dir, level) => {
+    if (visited.has(dir)) return;
+    visited.add(dir);
+    if (!existsSync2(dir)) return;
+    for (const entry of readdirSync(dir)) {
+      if (entry.startsWith(".")) continue;
+      const pkgDir = join2(dir, entry);
+      try {
+        const stat = statSync(pkgDir);
+        if (!stat.isDirectory()) continue;
+      } catch {
+        continue;
+      }
+      if (entry.startsWith("@")) {
+        for (const sub of readdirSync(pkgDir)) {
+          handle(join2(pkgDir, sub), `${entry}/${sub}`, level);
+        }
+      } else {
+        handle(pkgDir, entry, level);
+      }
+    }
+  };
+  const handle = (pkgDir, name, level) => {
+    const pj = readJsonSafe(join2(pkgDir, "package.json"));
+    if (!pj) return;
+    out.push({
+      name: pj.name ?? name,
+      version: pj.version ?? "0.0.0",
+      dir: pkgDir,
+      pkgJson: pj
+    });
+    if (depth === "all" && existsSync2(join2(pkgDir, "node_modules"))) {
+      walk(join2(pkgDir, "node_modules"), level + 1);
+    }
+  };
+  walk(nm, 0);
+  return out;
+}
+function loadBaseline() {
+  const file = join2(homedir2(), ".depguard", "baseline.json");
+  if (!existsSync2(file)) return {};
+  try {
+    return JSON.parse(readFileSync2(file, "utf8"));
+  } catch {
+    return {};
+  }
+}
+var INSTALL_SCRIPT_FIELDS = ["preinstall", "install", "postinstall", "preuninstall", "preprepare", "prepare"];
+function scriptFindings(pkg) {
+  const findings = [];
+  const scripts = pkg.pkgJson.scripts ?? {};
+  for (const field of INSTALL_SCRIPT_FIELDS) {
+    const src = scripts[field];
+    if (!src) continue;
+    const { score, reasons } = scoreInstallScript(src);
+    if (score === 0) continue;
+    const severity = score >= 8 ? "critical" : score >= 5 ? "high" : score >= 3 ? "medium" : "low";
+    findings.push({
+      rule: `install-script:${field}`,
+      severity,
+      message: `${field} script is suspicious (${reasons.join("; ")})`,
+      score
+    });
+  }
+  return findings;
+}
+function maintainerFindings(pkg, packument, baseline) {
+  if (!packument?.maintainers) return [];
+  const now = packument.maintainers.map((m) => m.name).sort();
+  const known = baseline[pkg.name]?.maintainers;
+  if (!known) return [];
+  const added = now.filter((m) => !known.includes(m));
+  if (added.length === 0) return [];
+  return [{
+    rule: "maintainer-change",
+    severity: "high",
+    message: `New maintainer(s) added since baseline: ${added.join(", ")}`,
+    score: 6
+  }];
+}
+function versionAnomalyFindings(pkg, packument) {
+  if (!packument?.time) return [];
+  const out = [];
+  const time = packument.time;
+  const versions = Object.keys(time).filter((k) => k !== "created" && k !== "modified");
+  const sevenDays = 7 * 24 * 60 * 60 * 1e3;
+  const major = /* @__PURE__ */ new Map();
+  for (const v of versions) {
+    const m = /^(\d+)\./.exec(v);
+    if (!m) continue;
+    const key = Number(m[1]);
+    const arr = major.get(key) ?? [];
+    arr.push(v);
+    major.set(key, arr);
+  }
+  const keys = [...major.keys()].sort((a, b) => a - b);
+  for (let i = 1; i < keys.length; i++) {
+    const prev = keys[i - 1];
+    const cur = keys[i];
+    const prevReleases = major.get(prev).map((v) => Date.parse(time[v] ?? "")).filter(Number.isFinite);
+    const curReleases = major.get(cur).map((v) => Date.parse(time[v] ?? "")).filter(Number.isFinite);
+    if (prevReleases.length === 0 || curReleases.length === 0) continue;
+    const lastPrev = Math.max(...prevReleases);
+    const firstCur = Math.min(...curReleases);
+    if (firstCur - lastPrev < sevenDays) {
+      out.push({
+        rule: "version-anomaly",
+        severity: "medium",
+        message: `Major bump v${prev} \u2192 v${cur} within 7 days (potential takeover)`,
+        score: 4
+      });
+    }
+  }
+  const created = Date.parse(time.created ?? "");
+  if (Number.isFinite(created) && Date.now() - created < 30 * 24 * 60 * 60 * 1e3) {
+    out.push({
+      rule: "young-package",
+      severity: "low",
+      message: "Package was first published less than 30 days ago",
+      score: 2
+    });
+  }
+  return out;
+}
+function typosquatFindings(name) {
+  const sug = findTyposquatCandidate(name, TOP_PACKAGES);
+  if (!sug) return [];
+  return [{
+    rule: "typosquat",
+    severity: "critical",
+    message: `Name closely resembles "${sug}" \u2014 likely typosquat`,
+    score: 10
+  }];
+}
+async function scan(options = {}) {
+  const cwd = options.cwd ?? process.cwd();
+  const depth = options.scanDepth ?? "all";
+  const ignore = new Set(options.ignore ?? []);
+  const baseline = loadBaseline();
+  const startedAt = (/* @__PURE__ */ new Date()).toISOString();
+  const packages = [];
+  const installed = findInstalled(cwd, depth).filter((p) => !ignore.has(p.name));
+  for (const pkg of installed) {
+    const findings = [];
+    findings.push(...scriptFindings(pkg));
+    findings.push(...typosquatFindings(pkg.name));
+    if (options.network !== false) {
+      const packument = await fetchPackument(pkg.name, { ttlMs: options.cacheTTL ?? 60 * 60 * 1e3 });
+      findings.push(...maintainerFindings(pkg, packument, baseline));
+      findings.push(...versionAnomalyFindings(pkg, packument));
+    }
+    if (findings.length === 0) continue;
+    packages.push({
+      name: pkg.name,
+      version: pkg.version,
+      worstSeverity: maxSeverity(findings),
+      totalScore: findings.reduce((s, f) => s + f.score, 0),
+      findings
+    });
+  }
+  packages.sort((a, b) => b.totalScore - a.totalScore);
+  return {
+    packages,
+    scannedAt: startedAt,
+    generatedAt: (/* @__PURE__ */ new Date()).toISOString(),
+    totalPackages: installed.length
+  };
+}
+async function audit(name) {
+  const packument = await fetchPackument(name);
+  if (!packument) return void 0;
+  const findings = [];
+  findings.push(...typosquatFindings(name));
+  return {
+    name,
+    version: packument["dist-tags"]?.latest ?? "0.0.0",
+    worstSeverity: maxSeverity(findings),
+    totalScore: findings.reduce((s, f) => s + f.score, 0),
+    findings
+  };
+}
+// src/format.ts
+import pc from "picocolors";
+var sevColor = {
+  info: pc.gray,
+  low: pc.blue,
+  medium: pc.yellow,
+  high: pc.magenta,
+  critical: pc.red
+};
+function formatReport(result) {
+  if (result.packages.length === 0) {
+    return pc.green(`\u2713 No risk findings across ${result.totalPackages} packages`);
+  }
+  const lines = [];
+  lines.push(pc.bold(`depguard report \u2014 ${result.packages.length} package(s) with findings (of ${result.totalPackages} scanned)`));
+  for (const p of result.packages) {
+    lines.push("");
+    lines.push(`  ${sevColor[p.worstSeverity](p.worstSeverity.toUpperCase())}  ${pc.bold(p.name)}@${p.version}  score=${p.totalScore}`);
+    for (const f of p.findings) {
+      lines.push(`    - ${sevColor[f.severity](f.severity)}  ${f.rule}: ${f.message}`);
+    }
+  }
+  return lines.join("\n");
+}
+function formatJson(result) {
+  return JSON.stringify(result, null, 2);
+}
+function formatPackage(p) {
+  const lines = [];
+  lines.push(`${sevColor[p.worstSeverity](p.worstSeverity.toUpperCase())}  ${pc.bold(p.name)}@${p.version}  score=${p.totalScore}`);
+  for (const f of p.findings) {
+    lines.push(`  - ${sevColor[f.severity](f.severity)}  ${f.rule}: ${f.message}`);
+  }
+  return lines.join("\n");
+}
+// src/config.ts
+import { existsSync as existsSync3, readFileSync as readFileSync3 } from "fs";
+import { join as join3 } from "path";
+function loadConfig(cwd) {
+  const file = join3(cwd, ".depguardrc.json");
+  if (!existsSync3(file)) return {};
+  try {
+    return JSON.parse(readFileSync3(file, "utf8"));
+  } catch {
+    return {};
+  }
+}
+export {
+  maxSeverity,
+  severityAtLeast,
+  scoreInstallScript,
+  levenshtein,
+  findTyposquatCandidate,
+  TOP_PACKAGES,
+  scan,
+  audit,
+  formatReport,
+  formatJson,
+  formatPackage,
+  loadConfig
+};
+//# sourceMappingURL=chunk-BH7GFJ3G.js.map

package/dist/chunk-BH7GFJ3G.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"sources":["../src/scoring.ts","../src/top-packages.ts","../src/scanner.ts","../src/registry.ts","../src/format.ts","../src/config.ts"],"sourcesContent":["import type { Finding, RiskLevel } from \"./types.js\";\n\nconst SEVERITY_ORDER: Record<RiskLevel, number> = {\n info: 0,\n low: 1,\n medium: 2,\n high: 3,\n critical: 4,\n};\n\nexport function maxSeverity(findings: Finding[]): RiskLevel {\n let worst: RiskLevel = \"info\";\n for (const f of findings) {\n if (SEVERITY_ORDER[f.severity] > SEVERITY_ORDER[worst]) worst = f.severity;\n }\n return worst;\n}\n\nexport function severityAtLeast(a: RiskLevel, b: RiskLevel): boolean {\n return SEVERITY_ORDER[a] >= SEVERITY_ORDER[b];\n}\n\nexport interface ScriptScore {\n score: number;\n reasons: string[];\n}\n\nexport function scoreInstallScript(script: string): ScriptScore {\n const reasons: string[] = [];\n let score = 0;\n const lower = script.toLowerCase();\n\n if (/(curl|wget)\\s+[^|]+\\|\\s*(sh|bash|zsh|node)/i.test(script)) {\n score += 5;\n reasons.push(\"curl/wget piped to a shell or node\");\n }\n if (/\\bbase64\\b/.test(lower) && /\\b(eval|exec)\\b/.test(lower)) {\n score += 5;\n reasons.push(\"base64 combined with eval/exec\");\n }\n if (/\\bnew\\s+Function\\s*\\(/.test(script)) {\n score += 3;\n reasons.push(\"dynamic `new Function()` invocation\");\n }\n if (/process\\.env(\\.|\\[)/.test(script)) {\n score += 2;\n reasons.push(\"reads process.env at install time\");\n }\n if (/https?:\\/\\/(?!registry\\.npmjs\\.org|nodejs\\.org|github\\.com)[^\\s'\"`]+/i.test(script)) {\n score += 3;\n reasons.push(\"network call to a non-trusted domain\");\n }\n if (/[A-Za-z0-9+/]{200,}={0,2}/.test(script)) {\n score += 3;\n reasons.push(\"very long opaque token (possible obfuscation)\");\n }\n if (script.length > 300 && !script.includes(\"\\n\")) {\n score += 2;\n reasons.push(\"obfuscated one-liner > 300 chars\");\n }\n\n return { score: Math.min(score, 10), reasons };\n}\n\nexport function levenshtein(a: string, b: string): number {\n if (a === b) return 0;\n if (a.length === 0) return b.length;\n if (b.length === 0) return a.length;\n const prev = new Array<number>(b.length + 1);\n const curr = new Array<number>(b.length + 1);\n for (let j = 0; j <= b.length; j++) prev[j] = j;\n for (let i = 1; i <= a.length; i++) {\n curr[0] = i;\n for (let j = 1; j <= b.length; j++) {\n const cost = a[i - 1] === b[j - 1] ? 0 : 1;\n curr[j] = Math.min(curr[j - 1]! + 1, prev[j]! + 1, prev[j - 1]! + cost);\n }\n for (let j = 0; j <= b.length; j++) prev[j] = curr[j]!;\n }\n return prev[b.length]!;\n}\n\nexport function findTyposquatCandidate(\n name: string,\n topPackages: readonly string[],\n): string | undefined {\n if (topPackages.includes(name)) return undefined;\n for (const top of topPackages) {\n if (Math.abs(top.length - name.length) > 2) continue;\n const dist = levenshtein(name, top);\n if (dist > 0 && dist <= 2) return top;\n }\n return undefined;\n}\n","/**\n * Hardcoded top npm packages used for typosquat detection.\n * Updated periodically; sourced from npm download counts.\n */\nexport const TOP_PACKAGES: readonly string[] = [\n \"react\", \"react-dom\", \"next\", \"vue\", \"svelte\", \"angular\", \"lodash\", \"axios\",\n \"express\", \"fastify\", \"koa\", \"hono\", \"moment\", \"date-fns\", \"dayjs\", \"luxon\",\n \"typescript\", \"ts-node\", \"tsx\", \"tsup\", \"esbuild\", \"webpack\", \"vite\", \"rollup\",\n \"parcel\", \"babel\", \"eslint\", \"prettier\", \"jest\", \"vitest\", \"mocha\", \"chai\",\n \"sinon\", \"ava\", \"cypress\", \"playwright\", \"puppeteer\", \"redux\", \"zustand\",\n \"jotai\", \"mobx\", \"recoil\", \"rxjs\", \"graphql\", \"apollo-client\", \"apollo-server\",\n \"prisma\", \"drizzle-orm\", \"kysely\", \"knex\", \"typeorm\", \"sequelize\", \"mongoose\",\n \"pg\", \"mysql2\", \"sqlite3\", \"better-sqlite3\", \"redis\", \"ioredis\", \"bullmq\",\n \"kafkajs\", \"amqplib\", \"socket.io\", \"ws\", \"uws\", \"polka\", \"fastify\", \"h3\",\n \"commander\", \"yargs\", \"minimist\", \"inquirer\", \"prompts\", \"ora\", \"chalk\",\n \"picocolors\", \"kleur\", \"boxen\", \"cli-table3\", \"figlet\", \"fs-extra\", \"fast-glob\",\n \"glob\", \"globby\", \"rimraf\", \"del\", \"execa\", \"shelljs\", \"cross-env\", \"dotenv\",\n \"joi\", \"yup\", \"zod\", \"ajv\", \"valibot\", \"superstruct\", \"io-ts\", \"class-validator\",\n \"passport\", \"jsonwebtoken\", \"jose\", \"bcrypt\", \"bcryptjs\", \"argon2\", \"uuid\",\n \"nanoid\", \"ulid\", \"cuid\", \"shortid\", \"ms\", \"humanize-duration\", \"pluralize\",\n \"marked\", \"remark\", \"rehype\", \"showdown\", \"turndown\", \"cheerio\", \"jsdom\",\n \"playwright-core\", \"node-fetch\", \"got\", \"ky\", \"openai\", \"anthropic\", \"ai\",\n \"@modelcontextprotocol/sdk\", \"langchain\", \"llamaindex\", \"tiktoken\", \"gpt-3-encoder\",\n \"tailwindcss\", \"postcss\", \"autoprefixer\", \"sass\", \"stylus\", \"less\", \"styled-components\",\n \"@emotion/react\", \"@emotion/styled\", \"framer-motion\", \"react-router-dom\",\n \"react-query\", \"@tanstack/react-query\", \"swr\", \"trpc\", \"@trpc/server\",\n \"@trpc/client\", \"winston\", \"pino\", \"bunyan\", \"morgan\", \"debug\", \"sharp\", \"jimp\",\n \"canvas\", \"puppeteer-core\", \"playwright-chromium\", \"exceljs\", \"xlsx\", \"pdfkit\",\n \"pdf-lib\", \"pdfmake\", \"node-cron\", \"agenda\", \"bull\", \"node-schedule\",\n \"@sentry/node\", \"@sentry/browser\", \"@sentry/react\", \"stripe\", \"@stripe/stripe-js\",\n \"twilio\", \"nodemailer\", \"resend\", \"aws-sdk\", \"@aws-sdk/client-s3\", \"@aws-sdk/client-dynamodb\",\n \"googleapis\", \"firebase\", \"firebase-admin\", \"supabase\", \"@supabase/supabase-js\",\n \"mongodb\", \"mongoose\", \"elasticsearch\", \"@elastic/elasticsearch\", \"puppeteer-extra\",\n \"playwright-extra\", \"discord.js\", \"telegraf\", \"node-telegram-bot-api\",\n \"slack-sdk\", \"@slack/web-api\", \"fast-xml-parser\", \"xml2js\", \"yaml\", \"toml\",\n \"ini\", \"msgpack-lite\", \"protobufjs\", \"grpc\", \"@grpc/grpc-js\",\n];\n","import { existsSync, readFileSync, readdirSync, statSync } from \"node:fs\";\nimport { join } from \"node:path\";\nimport { homedir } from \"node:os\";\nimport {\n findTyposquatCandidate,\n maxSeverity,\n scoreInstallScript,\n} from \"./scoring.js\";\nimport { fetchPackument, type RegistryPackument } from \"./registry.js\";\nimport { TOP_PACKAGES } from \"./top-packages.js\";\nimport type {\n Finding,\n PackageRisk,\n RiskLevel,\n ScanOptions,\n ScanResult,\n} from \"./types.js\";\n\ninterface InstalledPackage {\n name: string;\n version: string;\n dir: string;\n pkgJson: {\n name?: string;\n version?: string;\n scripts?: Record<string, string>;\n maintainers?: Array<{ name: string; email?: string }>;\n };\n}\n\nfunction readJsonSafe(file: string): Record<string, unknown> | undefined {\n try {\n return JSON.parse(readFileSync(file, \"utf8\")) as Record<string, unknown>;\n } catch {\n return undefined;\n }\n}\n\nfunction findInstalled(root: string, depth: \"direct\" | \"all\"): InstalledPackage[] {\n const nm = join(root, \"node_modules\");\n if (!existsSync(nm)) return [];\n const out: InstalledPackage[] = [];\n const visited = new Set<string>();\n\n const walk = (dir: string, level: number): void => {\n if (visited.has(dir)) return;\n visited.add(dir);\n if (!existsSync(dir)) return;\n for (const entry of readdirSync(dir)) {\n if (entry.startsWith(\".\")) continue;\n const pkgDir = join(dir, entry);\n try {\n const stat = statSync(pkgDir);\n if (!stat.isDirectory()) continue;\n } catch {\n continue;\n }\n if (entry.startsWith(\"@\")) {\n for (const sub of readdirSync(pkgDir)) {\n handle(join(pkgDir, sub), `${entry}/${sub}`, level);\n }\n } else {\n handle(pkgDir, entry, level);\n }\n }\n };\n\n const handle = (pkgDir: string, name: string, level: number): void => {\n const pj = readJsonSafe(join(pkgDir, \"package.json\"));\n if (!pj) return;\n out.push({\n name: (pj.name as string) ?? name,\n version: (pj.version as string) ?? \"0.0.0\",\n dir: pkgDir,\n pkgJson: pj as InstalledPackage[\"pkgJson\"],\n });\n if (depth === \"all\" && existsSync(join(pkgDir, \"node_modules\"))) {\n walk(join(pkgDir, \"node_modules\"), level + 1);\n }\n };\n\n walk(nm, 0);\n return out;\n}\n\nfunction loadBaseline(): Record<string, { maintainers: string[] }> {\n const file = join(homedir(), \".depguard\", \"baseline.json\");\n if (!existsSync(file)) return {};\n try {\n return JSON.parse(readFileSync(file, \"utf8\")) as Record<string, { maintainers: string[] }>;\n } catch {\n return {};\n }\n}\n\nconst INSTALL_SCRIPT_FIELDS = [\"preinstall\", \"install\", \"postinstall\", \"preuninstall\", \"preprepare\", \"prepare\"] as const;\n\nfunction scriptFindings(pkg: InstalledPackage): Finding[] {\n const findings: Finding[] = [];\n const scripts = pkg.pkgJson.scripts ?? {};\n for (const field of INSTALL_SCRIPT_FIELDS) {\n const src = scripts[field];\n if (!src) continue;\n const { score, reasons } = scoreInstallScript(src);\n if (score === 0) continue;\n const severity: RiskLevel =\n score >= 8 ? \"critical\" : score >= 5 ? \"high\" : score >= 3 ? \"medium\" : \"low\";\n findings.push({\n rule: `install-script:${field}`,\n severity,\n message: `${field} script is suspicious (${reasons.join(\"; \")})`,\n score,\n });\n }\n return findings;\n}\n\nfunction maintainerFindings(\n pkg: InstalledPackage,\n packument: RegistryPackument | undefined,\n baseline: Record<string, { maintainers: string[] }>,\n): Finding[] {\n if (!packument?.maintainers) return [];\n const now = packument.maintainers.map((m) => m.name).sort();\n const known = baseline[pkg.name]?.maintainers;\n if (!known) return [];\n const added = now.filter((m) => !known.includes(m));\n if (added.length === 0) return [];\n return [{\n rule: \"maintainer-change\",\n severity: \"high\",\n message: `New maintainer(s) added since baseline: ${added.join(\", \")}`,\n score: 6,\n }];\n}\n\nfunction versionAnomalyFindings(\n pkg: InstalledPackage,\n packument: RegistryPackument | undefined,\n): Finding[] {\n if (!packument?.time) return [];\n const out: Finding[] = [];\n const time = packument.time;\n const versions = Object.keys(time).filter((k) => k !== \"created\" && k !== \"modified\");\n\n const sevenDays = 7 * 24 * 60 * 60 * 1000;\n const major = new Map<number, string[]>();\n for (const v of versions) {\n const m = /^(\\d+)\\./.exec(v);\n if (!m) continue;\n const key = Number(m[1]);\n const arr = major.get(key) ?? [];\n arr.push(v);\n major.set(key, arr);\n }\n const keys = [...major.keys()].sort((a, b) => a - b);\n for (let i = 1; i < keys.length; i++) {\n const prev = keys[i - 1]!;\n const cur = keys[i]!;\n const prevReleases = major.get(prev)!.map((v) => Date.parse(time[v] ?? \"\")).filter(Number.isFinite);\n const curReleases = major.get(cur)!.map((v) => Date.parse(time[v] ?? \"\")).filter(Number.isFinite);\n if (prevReleases.length === 0 || curReleases.length === 0) continue;\n const lastPrev = Math.max(...prevReleases);\n const firstCur = Math.min(...curReleases);\n if (firstCur - lastPrev < sevenDays) {\n out.push({\n rule: \"version-anomaly\",\n severity: \"medium\",\n message: `Major bump v${prev} → v${cur} within 7 days (potential takeover)`,\n score: 4,\n });\n }\n }\n\n const created = Date.parse(time.created ?? \"\");\n if (Number.isFinite(created) && Date.now() - created < 30 * 24 * 60 * 60 * 1000) {\n out.push({\n rule: \"young-package\",\n severity: \"low\",\n message: \"Package was first published less than 30 days ago\",\n score: 2,\n });\n }\n return out;\n}\n\nfunction typosquatFindings(name: string): Finding[] {\n const sug = findTyposquatCandidate(name, TOP_PACKAGES);\n if (!sug) return [];\n return [{\n rule: \"typosquat\",\n severity: \"critical\",\n message: `Name closely resembles \"${sug}\" — likely typosquat`,\n score: 10,\n }];\n}\n\nexport async function scan(options: ScanOptions = {}): Promise<ScanResult> {\n const cwd = options.cwd ?? process.cwd();\n const depth = options.scanDepth ?? \"all\";\n const ignore = new Set(options.ignore ?? []);\n const baseline = loadBaseline();\n const startedAt = new Date().toISOString();\n const packages: PackageRisk[] = [];\n\n const installed = findInstalled(cwd, depth).filter((p) => !ignore.has(p.name));\n for (const pkg of installed) {\n const findings: Finding[] = [];\n findings.push(...scriptFindings(pkg));\n findings.push(...typosquatFindings(pkg.name));\n\n if (options.network !== false) {\n const packument = await fetchPackument(pkg.name, { ttlMs: options.cacheTTL ?? 60 * 60 * 1000 });\n findings.push(...maintainerFindings(pkg, packument, baseline));\n findings.push(...versionAnomalyFindings(pkg, packument));\n }\n\n if (findings.length === 0) continue;\n packages.push({\n name: pkg.name,\n version: pkg.version,\n worstSeverity: maxSeverity(findings),\n totalScore: findings.reduce((s, f) => s + f.score, 0),\n findings,\n });\n }\n\n packages.sort((a, b) => b.totalScore - a.totalScore);\n\n return {\n packages,\n scannedAt: startedAt,\n generatedAt: new Date().toISOString(),\n totalPackages: installed.length,\n };\n}\n\nexport async function audit(name: string): Promise<PackageRisk | undefined> {\n const packument = await fetchPackument(name);\n if (!packument) return undefined;\n const findings: Finding[] = [];\n findings.push(...typosquatFindings(name));\n return {\n name,\n version: packument[\"dist-tags\"]?.latest ?? \"0.0.0\",\n worstSeverity: maxSeverity(findings),\n totalScore: findings.reduce((s, f) => s + f.score, 0),\n findings,\n };\n}\n","import { existsSync, mkdirSync, readFileSync, writeFileSync } from \"node:fs\";\nimport { homedir } from \"node:os\";\nimport { join } from \"node:path\";\n\nexport interface RegistryPackument {\n name: string;\n maintainers?: Array<{ name: string; email?: string }>;\n time?: Record<string, string>;\n versions?: Record<string, unknown>;\n \"dist-tags\"?: Record<string, string>;\n}\n\ninterface CacheEntry {\n expiresAt: number;\n data: RegistryPackument;\n}\n\nconst CACHE_DIR = join(homedir(), \".depguard\", \"cache\");\n\nfunction cacheFile(name: string): string {\n const safe = name.replace(/[^a-zA-Z0-9._-]/g, \"_\");\n return join(CACHE_DIR, `${safe}.json`);\n}\n\nfunction readCache(name: string): RegistryPackument | undefined {\n const file = cacheFile(name);\n if (!existsSync(file)) return undefined;\n try {\n const entry = JSON.parse(readFileSync(file, \"utf8\")) as CacheEntry;\n if (entry.expiresAt > Date.now()) return entry.data;\n } catch {\n return undefined;\n }\n return undefined;\n}\n\nfunction writeCache(name: string, data: RegistryPackument, ttlMs: number): void {\n if (!existsSync(CACHE_DIR)) mkdirSync(CACHE_DIR, { recursive: true });\n const entry: CacheEntry = { expiresAt: Date.now() + ttlMs, data };\n writeFileSync(cacheFile(name), JSON.stringify(entry), \"utf8\");\n}\n\nexport interface FetchOptions {\n ttlMs?: number;\n fetcher?: (url: string) => Promise<{ ok: boolean; status: number; json(): Promise<unknown> }>;\n}\n\nexport async function fetchPackument(\n name: string,\n opts: FetchOptions = {},\n): Promise<RegistryPackument | undefined> {\n const ttl = opts.ttlMs ?? 60 * 60 * 1000;\n const cached = readCache(name);\n if (cached) return cached;\n const fetcher = opts.fetcher ?? (globalThis.fetch as typeof fetch);\n if (!fetcher) return undefined;\n try {\n const res = await fetcher(`https://registry.npmjs.org/${encodeURIComponent(name).replace(\"%40\", \"@\")}`);\n if (!res.ok) return undefined;\n const data = (await res.json()) as RegistryPackument;\n writeCache(name, data, ttl);\n return data;\n } catch {\n return undefined;\n }\n}\n","import pc from \"picocolors\";\nimport type { PackageRisk, RiskLevel, ScanResult } from \"./types.js\";\n\nconst sevColor: Record<RiskLevel, (s: string) => string> = {\n info: pc.gray,\n low: pc.blue,\n medium: pc.yellow,\n high: pc.magenta,\n critical: pc.red,\n};\n\nexport function formatReport(result: ScanResult): string {\n if (result.packages.length === 0) {\n return pc.green(`✓ No risk findings across ${result.totalPackages} packages`);\n }\n const lines: string[] = [];\n lines.push(pc.bold(`depguard report — ${result.packages.length} package(s) with findings (of ${result.totalPackages} scanned)`));\n for (const p of result.packages) {\n lines.push(\"\");\n lines.push(` ${sevColor[p.worstSeverity](p.worstSeverity.toUpperCase())} ${pc.bold(p.name)}@${p.version} score=${p.totalScore}`);\n for (const f of p.findings) {\n lines.push(` - ${sevColor[f.severity](f.severity)} ${f.rule}: ${f.message}`);\n }\n }\n return lines.join(\"\\n\");\n}\n\nexport function formatJson(result: ScanResult): string {\n return JSON.stringify(result, null, 2);\n}\n\nexport function formatPackage(p: PackageRisk): string {\n const lines: string[] = [];\n lines.push(`${sevColor[p.worstSeverity](p.worstSeverity.toUpperCase())} ${pc.bold(p.name)}@${p.version} score=${p.totalScore}`);\n for (const f of p.findings) {\n lines.push(` - ${sevColor[f.severity](f.severity)} ${f.rule}: ${f.message}`);\n }\n return lines.join(\"\\n\");\n}\n","import { existsSync, readFileSync } from \"node:fs\";\nimport { join } from \"node:path\";\nimport type { RiskLevel } from \"./types.js\";\n\nexport interface DepguardConfig {\n failOn?: RiskLevel;\n ignore?: string[];\n baselinePath?: string;\n cacheTTL?: number;\n scanDepth?: \"direct\" | \"all\";\n}\n\nexport function loadConfig(cwd: string): DepguardConfig {\n const file = join(cwd, \".depguardrc.json\");\n if (!existsSync(file)) return {};\n try {\n return JSON.parse(readFileSync(file, \"utf8\")) as DepguardConfig;\n } catch {\n return {};\n }\n}\n"],"mappings":";AAEA,IAAM,iBAA4C;AAAA,EAChD,MAAM;AAAA,EACN,KAAK;AAAA,EACL,QAAQ;AAAA,EACR,MAAM;AAAA,EACN,UAAU;AACZ;AAEO,SAAS,YAAY,UAAgC;AAC1D,MAAI,QAAmB;AACvB,aAAW,KAAK,UAAU;AACxB,QAAI,eAAe,EAAE,QAAQ,IAAI,eAAe,KAAK,EAAG,SAAQ,EAAE;AAAA,EACpE;AACA,SAAO;AACT;AAEO,SAAS,gBAAgB,GAAc,GAAuB;AACnE,SAAO,eAAe,CAAC,KAAK,eAAe,CAAC;AAC9C;AAOO,SAAS,mBAAmB,QAA6B;AAC9D,QAAM,UAAoB,CAAC;AAC3B,MAAI,QAAQ;AACZ,QAAM,QAAQ,OAAO,YAAY;AAEjC,MAAI,8CAA8C,KAAK,MAAM,GAAG;AAC9D,aAAS;AACT,YAAQ,KAAK,oCAAoC;AAAA,EACnD;AACA,MAAI,aAAa,KAAK,KAAK,KAAK,kBAAkB,KAAK,KAAK,GAAG;AAC7D,aAAS;AACT,YAAQ,KAAK,gCAAgC;AAAA,EAC/C;AACA,MAAI,wBAAwB,KAAK,MAAM,GAAG;AACxC,aAAS;AACT,YAAQ,KAAK,qCAAqC;AAAA,EACpD;AACA,MAAI,sBAAsB,KAAK,MAAM,GAAG;AACtC,aAAS;AACT,YAAQ,KAAK,mCAAmC;AAAA,EAClD;AACA,MAAI,wEAAwE,KAAK,MAAM,GAAG;AACxF,aAAS;AACT,YAAQ,KAAK,sCAAsC;AAAA,EACrD;AACA,MAAI,4BAA4B,KAAK,MAAM,GAAG;AAC5C,aAAS;AACT,YAAQ,KAAK,+CAA+C;AAAA,EAC9D;AACA,MAAI,OAAO,SAAS,OAAO,CAAC,OAAO,SAAS,IAAI,GAAG;AACjD,aAAS;AACT,YAAQ,KAAK,kCAAkC;AAAA,EACjD;AAEA,SAAO,EAAE,OAAO,KAAK,IAAI,OAAO,EAAE,GAAG,QAAQ;AAC/C;AAEO,SAAS,YAAY,GAAW,GAAmB;AACxD,MAAI,MAAM,EAAG,QAAO;AACpB,MAAI,EAAE,WAAW,EAAG,QAAO,EAAE;AAC7B,MAAI,EAAE,WAAW,EAAG,QAAO,EAAE;AAC7B,QAAM,OAAO,IAAI,MAAc,EAAE,SAAS,CAAC;AAC3C,QAAM,OAAO,IAAI,MAAc,EAAE,SAAS,CAAC;AAC3C,WAAS,IAAI,GAAG,KAAK,EAAE,QAAQ,IAAK,MAAK,CAAC,IAAI;AAC9C,WAAS,IAAI,GAAG,KAAK,EAAE,QAAQ,KAAK;AAClC,SAAK,CAAC,IAAI;AACV,aAAS,IAAI,GAAG,KAAK,EAAE,QAAQ,KAAK;AAClC,YAAM,OAAO,EAAE,IAAI,CAAC,MAAM,EAAE,IAAI,CAAC,IAAI,IAAI;AACzC,WAAK,CAAC,IAAI,KAAK,IAAI,KAAK,IAAI,CAAC,IAAK,GAAG,KAAK,CAAC,IAAK,GAAG,KAAK,IAAI,CAAC,IAAK,IAAI;AAAA,IACxE;AACA,aAAS,IAAI,GAAG,KAAK,EAAE,QAAQ,IAAK,MAAK,CAAC,IAAI,KAAK,CAAC;AAAA,EACtD;AACA,SAAO,KAAK,EAAE,MAAM;AACtB;AAEO,SAAS,uBACd,MACA,aACoB;AACpB,MAAI,YAAY,SAAS,IAAI,EAAG,QAAO;AACvC,aAAW,OAAO,aAAa;AAC7B,QAAI,KAAK,IAAI,IAAI,SAAS,KAAK,MAAM,IAAI,EAAG;AAC5C,UAAM,OAAO,YAAY,MAAM,GAAG;AAClC,QAAI,OAAO,KAAK,QAAQ,EAAG,QAAO;AAAA,EACpC;AACA,SAAO;AACT;;;ACzFO,IAAM,eAAkC;AAAA,EAC7C;AAAA,EAAS;AAAA,EAAa;AAAA,EAAQ;AAAA,EAAO;AAAA,EAAU;AAAA,EAAW;AAAA,EAAU;AAAA,EACpE;AAAA,EAAW;AAAA,EAAW;AAAA,EAAO;AAAA,EAAQ;AAAA,EAAU;AAAA,EAAY;AAAA,EAAS;AAAA,EACpE;AAAA,EAAc;AAAA,EAAW;AAAA,EAAO;AAAA,EAAQ;AAAA,EAAW;AAAA,EAAW;AAAA,EAAQ;AAAA,EACtE;AAAA,EAAU;AAAA,EAAS;AAAA,EAAU;AAAA,EAAY;AAAA,EAAQ;AAAA,EAAU;AAAA,EAAS;AAAA,EACpE;AAAA,EAAS;AAAA,EAAO;AAAA,EAAW;AAAA,EAAc;AAAA,EAAa;AAAA,EAAS;AAAA,EAC/D;AAAA,EAAS;AAAA,EAAQ;AAAA,EAAU;AAAA,EAAQ;AAAA,EAAW;AAAA,EAAiB;AAAA,EAC/D;AAAA,EAAU;AAAA,EAAe;AAAA,EAAU;AAAA,EAAQ;AAAA,EAAW;AAAA,EAAa;AAAA,EACnE;AAAA,EAAM;AAAA,EAAU;AAAA,EAAW;AAAA,EAAkB;AAAA,EAAS;AAAA,EAAW;AAAA,EACjE;AAAA,EAAW;AAAA,EAAW;AAAA,EAAa;AAAA,EAAM;AAAA,EAAO;AAAA,EAAS;AAAA,EAAW;AAAA,EACpE;AAAA,EAAa;AAAA,EAAS;AAAA,EAAY;AAAA,EAAY;AAAA,EAAW;AAAA,EAAO;AAAA,EAChE;AAAA,EAAc;AAAA,EAAS;AAAA,EAAS;AAAA,EAAc;AAAA,EAAU;AAAA,EAAY;AAAA,EACpE;AAAA,EAAQ;AAAA,EAAU;AAAA,EAAU;AAAA,EAAO;AAAA,EAAS;AAAA,EAAW;AAAA,EAAa;AAAA,EACpE;AAAA,EAAO;AAAA,EAAO;AAAA,EAAO;AAAA,EAAO;AAAA,EAAW;AAAA,EAAe;AAAA,EAAS;AAAA,EAC/D;AAAA,EAAY;AAAA,EAAgB;AAAA,EAAQ;AAAA,EAAU;AAAA,EAAY;AAAA,EAAU;AAAA,EACpE;AAAA,EAAU;AAAA,EAAQ;AAAA,EAAQ;AAAA,EAAW;AAAA,EAAM;AAAA,EAAqB;AAAA,EAChE;AAAA,EAAU;AAAA,EAAU;AAAA,EAAU;AAAA,EAAY;AAAA,EAAY;AAAA,EAAW;AAAA,EACjE;AAAA,EAAmB;AAAA,EAAc;AAAA,EAAO;AAAA,EAAM;AAAA,EAAU;AAAA,EAAa;AAAA,EACrE;AAAA,EAA6B;AAAA,EAAa;AAAA,EAAc;AAAA,EAAY;AAAA,EACpE;AAAA,EAAe;AAAA,EAAW;AAAA,EAAgB;AAAA,EAAQ;AAAA,EAAU;AAAA,EAAQ;AAAA,EACpE;AAAA,EAAkB;AAAA,EAAmB;AAAA,EAAiB;AAAA,EACtD;AAAA,EAAe;AAAA,EAAyB;AAAA,EAAO;AAAA,EAAQ;AAAA,EACvD;AAAA,EAAgB;AAAA,EAAW;AAAA,EAAQ;AAAA,EAAU;AAAA,EAAU;AAAA,EAAS;AAAA,EAAS;AAAA,EACzE;AAAA,EAAU;AAAA,EAAkB;AAAA,EAAuB;AAAA,EAAW;AAAA,EAAQ;AAAA,EACtE;AAAA,EAAW;AAAA,EAAW;AAAA,EAAa;AAAA,EAAU;AAAA,EAAQ;AAAA,EACrD;AAAA,EAAgB;AAAA,EAAmB;AAAA,EAAiB;AAAA,EAAU;AAAA,EAC9D;AAAA,EAAU;AAAA,EAAc;AAAA,EAAU;AAAA,EAAW;AAAA,EAAsB;AAAA,EACnE;AAAA,EAAc;AAAA,EAAY;AAAA,EAAkB;AAAA,EAAY;AAAA,EACxD;AAAA,EAAW;AAAA,EAAY;AAAA,EAAiB;AAAA,EAA0B;AAAA,EAClE;AAAA,EAAoB;AAAA,EAAc;AAAA,EAAY;AAAA,EAC9C;AAAA,EAAa;AAAA,EAAkB;AAAA,EAAmB;AAAA,EAAU;AAAA,EAAQ;AAAA,EACpE;AAAA,EAAO;AAAA,EAAgB;AAAA,EAAc;AAAA,EAAQ;AAC/C;;;ACpCA,SAAS,cAAAA,aAAY,gBAAAC,eAAc,aAAa,gBAAgB;AAChE,SAAS,QAAAC,aAAY;AACrB,SAAS,WAAAC,gBAAe;;;ACFxB,SAAS,YAAY,WAAW,cAAc,qBAAqB;AACnE,SAAS,eAAe;AACxB,SAAS,YAAY;AAerB,IAAM,YAAY,KAAK,QAAQ,GAAG,aAAa,OAAO;AAEtD,SAAS,UAAU,MAAsB;AACvC,QAAM,OAAO,KAAK,QAAQ,oBAAoB,GAAG;AACjD,SAAO,KAAK,WAAW,GAAG,IAAI,OAAO;AACvC;AAEA,SAAS,UAAU,MAA6C;AAC9D,QAAM,OAAO,UAAU,IAAI;AAC3B,MAAI,CAAC,WAAW,IAAI,EAAG,QAAO;AAC9B,MAAI;AACF,UAAM,QAAQ,KAAK,MAAM,aAAa,MAAM,MAAM,CAAC;AACnD,QAAI,MAAM,YAAY,KAAK,IAAI,EAAG,QAAO,MAAM;AAAA,EACjD,QAAQ;AACN,WAAO;AAAA,EACT;AACA,SAAO;AACT;AAEA,SAAS,WAAW,MAAc,MAAyB,OAAqB;AAC9E,MAAI,CAAC,WAAW,SAAS,EAAG,WAAU,WAAW,EAAE,WAAW,KAAK,CAAC;AACpE,QAAM,QAAoB,EAAE,WAAW,KAAK,IAAI,IAAI,OAAO,KAAK;AAChE,gBAAc,UAAU,IAAI,GAAG,KAAK,UAAU,KAAK,GAAG,MAAM;AAC9D;AAOA,eAAsB,eACpB,MACA,OAAqB,CAAC,GACkB;AACxC,QAAM,MAAM,KAAK,SAAS,KAAK,KAAK;AACpC,QAAM,SAAS,UAAU,IAAI;AAC7B,MAAI,OAAQ,QAAO;AACnB,QAAM,UAAU,KAAK,WAAY,WAAW;AAC5C,MAAI,CAAC,QAAS,QAAO;AACrB,MAAI;AACF,UAAM,MAAM,MAAM,QAAQ,8BAA8B,mBAAmB,IAAI,EAAE,QAAQ,OAAO,GAAG,CAAC,EAAE;AACtG,QAAI,CAAC,IAAI,GAAI,QAAO;AACpB,UAAM,OAAQ,MAAM,IAAI,KAAK;AAC7B,eAAW,MAAM,MAAM,GAAG;AAC1B,WAAO;AAAA,EACT,QAAQ;AACN,WAAO;AAAA,EACT;AACF;;;ADnCA,SAAS,aAAa,MAAmD;AACvE,MAAI;AACF,WAAO,KAAK,MAAMC,cAAa,MAAM,MAAM,CAAC;AAAA,EAC9C,QAAQ;AACN,WAAO;AAAA,EACT;AACF;AAEA,SAAS,cAAc,MAAc,OAA6C;AAChF,QAAM,KAAKC,MAAK,MAAM,cAAc;AACpC,MAAI,CAACC,YAAW,EAAE,EAAG,QAAO,CAAC;AAC7B,QAAM,MAA0B,CAAC;AACjC,QAAM,UAAU,oBAAI,IAAY;AAEhC,QAAM,OAAO,CAAC,KAAa,UAAwB;AACjD,QAAI,QAAQ,IAAI,GAAG,EAAG;AACtB,YAAQ,IAAI,GAAG;AACf,QAAI,CAACA,YAAW,GAAG,EAAG;AACtB,eAAW,SAAS,YAAY,GAAG,GAAG;AACpC,UAAI,MAAM,WAAW,GAAG,EAAG;AAC3B,YAAM,SAASD,MAAK,KAAK,KAAK;AAC9B,UAAI;AACF,cAAM,OAAO,SAAS,MAAM;AAC5B,YAAI,CAAC,KAAK,YAAY,EAAG;AAAA,MAC3B,QAAQ;AACN;AAAA,MACF;AACA,UAAI,MAAM,WAAW,GAAG,GAAG;AACzB,mBAAW,OAAO,YAAY,MAAM,GAAG;AACrC,iBAAOA,MAAK,QAAQ,GAAG,GAAG,GAAG,KAAK,IAAI,GAAG,IAAI,KAAK;AAAA,QACpD;AAAA,MACF,OAAO;AACL,eAAO,QAAQ,OAAO,KAAK;AAAA,MAC7B;AAAA,IACF;AAAA,EACF;AAEA,QAAM,SAAS,CAAC,QAAgB,MAAc,UAAwB;AACpE,UAAM,KAAK,aAAaA,MAAK,QAAQ,cAAc,CAAC;AACpD,QAAI,CAAC,GAAI;AACT,QAAI,KAAK;AAAA,MACP,MAAO,GAAG,QAAmB;AAAA,MAC7B,SAAU,GAAG,WAAsB;AAAA,MACnC,KAAK;AAAA,MACL,SAAS;AAAA,IACX,CAAC;AACD,QAAI,UAAU,SAASC,YAAWD,MAAK,QAAQ,cAAc,CAAC,GAAG;AAC/D,WAAKA,MAAK,QAAQ,cAAc,GAAG,QAAQ,CAAC;AAAA,IAC9C;AAAA,EACF;AAEA,OAAK,IAAI,CAAC;AACV,SAAO;AACT;AAEA,SAAS,eAA0D;AACjE,QAAM,OAAOA,MAAKE,SAAQ,GAAG,aAAa,eAAe;AACzD,MAAI,CAACD,YAAW,IAAI,EAAG,QAAO,CAAC;AAC/B,MAAI;AACF,WAAO,KAAK,MAAMF,cAAa,MAAM,MAAM,CAAC;AAAA,EAC9C,QAAQ;AACN,WAAO,CAAC;AAAA,EACV;AACF;AAEA,IAAM,wBAAwB,CAAC,cAAc,WAAW,eAAe,gBAAgB,cAAc,SAAS;AAE9G,SAAS,eAAe,KAAkC;AACxD,QAAM,WAAsB,CAAC;AAC7B,QAAM,UAAU,IAAI,QAAQ,WAAW,CAAC;AACxC,aAAW,SAAS,uBAAuB;AACzC,UAAM,MAAM,QAAQ,KAAK;AACzB,QAAI,CAAC,IAAK;AACV,UAAM,EAAE,OAAO,QAAQ,IAAI,mBAAmB,GAAG;AACjD,QAAI,UAAU,EAAG;AACjB,UAAM,WACJ,SAAS,IAAI,aAAa,SAAS,IAAI,SAAS,SAAS,IAAI,WAAW;AAC1E,aAAS,KAAK;AAAA,MACZ,MAAM,kBAAkB,KAAK;AAAA,MAC7B;AAAA,MACA,SAAS,GAAG,KAAK,0BAA0B,QAAQ,KAAK,IAAI,CAAC;AAAA,MAC7D;AAAA,IACF,CAAC;AAAA,EACH;AACA,SAAO;AACT;AAEA,SAAS,mBACP,KACA,WACA,UACW;AACX,MAAI,CAAC,WAAW,YAAa,QAAO,CAAC;AACrC,QAAM,MAAM,UAAU,YAAY,IAAI,CAAC,MAAM,EAAE,IAAI,EAAE,KAAK;AAC1D,QAAM,QAAQ,SAAS,IAAI,IAAI,GAAG;AAClC,MAAI,CAAC,MAAO,QAAO,CAAC;AACpB,QAAM,QAAQ,IAAI,OAAO,CAAC,MAAM,CAAC,MAAM,SAAS,CAAC,CAAC;AAClD,MAAI,MAAM,WAAW,EAAG,QAAO,CAAC;AAChC,SAAO,CAAC;AAAA,IACN,MAAM;AAAA,IACN,UAAU;AAAA,IACV,SAAS,2CAA2C,MAAM,KAAK,IAAI,CAAC;AAAA,IACpE,OAAO;AAAA,EACT,CAAC;AACH;AAEA,SAAS,uBACP,KACA,WACW;AACX,MAAI,CAAC,WAAW,KAAM,QAAO,CAAC;AAC9B,QAAM,MAAiB,CAAC;AACxB,QAAM,OAAO,UAAU;AACvB,QAAM,WAAW,OAAO,KAAK,IAAI,EAAE,OAAO,CAAC,MAAM,MAAM,aAAa,MAAM,UAAU;AAEpF,QAAM,YAAY,IAAI,KAAK,KAAK,KAAK;AACrC,QAAM,QAAQ,oBAAI,IAAsB;AACxC,aAAW,KAAK,UAAU;AACxB,UAAM,IAAI,WAAW,KAAK,CAAC;AAC3B,QAAI,CAAC,EAAG;AACR,UAAM,MAAM,OAAO,EAAE,CAAC,CAAC;AACvB,UAAM,MAAM,MAAM,IAAI,GAAG,KAAK,CAAC;AAC/B,QAAI,KAAK,CAAC;AACV,UAAM,IAAI,KAAK,GAAG;AAAA,EACpB;AACA,QAAM,OAAO,CAAC,GAAG,MAAM,KAAK,CAAC,EAAE,KAAK,CAAC,GAAG,MAAM,IAAI,CAAC;AACnD,WAAS,IAAI,GAAG,IAAI,KAAK,QAAQ,KAAK;AACpC,UAAM,OAAO,KAAK,IAAI,CAAC;AACvB,UAAM,MAAM,KAAK,CAAC;AAClB,UAAM,eAAe,MAAM,IAAI,IAAI,EAAG,IAAI,CAAC,MAAM,KAAK,MAAM,KAAK,CAAC,KAAK,EAAE,CAAC,EAAE,OAAO,OAAO,QAAQ;AAClG,UAAM,cAAc,MAAM,IAAI,GAAG,EAAG,IAAI,CAAC,MAAM,KAAK,MAAM,KAAK,CAAC,KAAK,EAAE,CAAC,EAAE,OAAO,OAAO,QAAQ;AAChG,QAAI,aAAa,WAAW,KAAK,YAAY,WAAW,EAAG;AAC3D,UAAM,WAAW,KAAK,IAAI,GAAG,YAAY;AACzC,UAAM,WAAW,KAAK,IAAI,GAAG,WAAW;AACxC,QAAI,WAAW,WAAW,WAAW;AACnC,UAAI,KAAK;AAAA,QACP,MAAM;AAAA,QACN,UAAU;AAAA,QACV,SAAS,eAAe,IAAI,YAAO,GAAG;AAAA,QACtC,OAAO;AAAA,MACT,CAAC;AAAA,IACH;AAAA,EACF;AAEA,QAAM,UAAU,KAAK,MAAM,KAAK,WAAW,EAAE;AAC7C,MAAI,OAAO,SAAS,OAAO,KAAK,KAAK,IAAI,IAAI,UAAU,KAAK,KAAK,KAAK,KAAK,KAAM;AAC/E,QAAI,KAAK;AAAA,MACP,MAAM;AAAA,MACN,UAAU;AAAA,MACV,SAAS;AAAA,MACT,OAAO;AAAA,IACT,CAAC;AAAA,EACH;AACA,SAAO;AACT;AAEA,SAAS,kBAAkB,MAAyB;AAClD,QAAM,MAAM,uBAAuB,MAAM,YAAY;AACrD,MAAI,CAAC,IAAK,QAAO,CAAC;AAClB,SAAO,CAAC;AAAA,IACN,MAAM;AAAA,IACN,UAAU;AAAA,IACV,SAAS,2BAA2B,GAAG;AAAA,IACvC,OAAO;AAAA,EACT,CAAC;AACH;AAEA,eAAsB,KAAK,UAAuB,CAAC,GAAwB;AACzE,QAAM,MAAM,QAAQ,OAAO,QAAQ,IAAI;AACvC,QAAM,QAAQ,QAAQ,aAAa;AACnC,QAAM,SAAS,IAAI,IAAI,QAAQ,UAAU,CAAC,CAAC;AAC3C,QAAM,WAAW,aAAa;AAC9B,QAAM,aAAY,oBAAI,KAAK,GAAE,YAAY;AACzC,QAAM,WAA0B,CAAC;AAEjC,QAAM,YAAY,cAAc,KAAK,KAAK,EAAE,OAAO,CAAC,MAAM,CAAC,OAAO,IAAI,EAAE,IAAI,CAAC;AAC7E,aAAW,OAAO,WAAW;AAC3B,UAAM,WAAsB,CAAC;AAC7B,aAAS,KAAK,GAAG,eAAe,GAAG,CAAC;AACpC,aAAS,KAAK,GAAG,kBAAkB,IAAI,IAAI,CAAC;AAE5C,QAAI,QAAQ,YAAY,OAAO;AAC7B,YAAM,YAAY,MAAM,eAAe,IAAI,MAAM,EAAE,OAAO,QAAQ,YAAY,KAAK,KAAK,IAAK,CAAC;AAC9F,eAAS,KAAK,GAAG,mBAAmB,KAAK,WAAW,QAAQ,CAAC;AAC7D,eAAS,KAAK,GAAG,uBAAuB,KAAK,SAAS,CAAC;AAAA,IACzD;AAEA,QAAI,SAAS,WAAW,EAAG;AAC3B,aAAS,KAAK;AAAA,MACZ,MAAM,IAAI;AAAA,MACV,SAAS,IAAI;AAAA,MACb,eAAe,YAAY,QAAQ;AAAA,MACnC,YAAY,SAAS,OAAO,CAAC,GAAG,MAAM,IAAI,EAAE,OAAO,CAAC;AAAA,MACpD;AAAA,IACF,CAAC;AAAA,EACH;AAEA,WAAS,KAAK,CAAC,GAAG,MAAM,EAAE,aAAa,EAAE,UAAU;AAEnD,SAAO;AAAA,IACL;AAAA,IACA,WAAW;AAAA,IACX,cAAa,oBAAI,KAAK,GAAE,YAAY;AAAA,IACpC,eAAe,UAAU;AAAA,EAC3B;AACF;AAEA,eAAsB,MAAM,MAAgD;AAC1E,QAAM,YAAY,MAAM,eAAe,IAAI;AAC3C,MAAI,CAAC,UAAW,QAAO;AACvB,QAAM,WAAsB,CAAC;AAC7B,WAAS,KAAK,GAAG,kBAAkB,IAAI,CAAC;AACxC,SAAO;AAAA,IACL;AAAA,IACA,SAAS,UAAU,WAAW,GAAG,UAAU;AAAA,IAC3C,eAAe,YAAY,QAAQ;AAAA,IACnC,YAAY,SAAS,OAAO,CAAC,GAAG,MAAM,IAAI,EAAE,OAAO,CAAC;AAAA,IACpD;AAAA,EACF;AACF;;;AEzPA,OAAO,QAAQ;AAGf,IAAM,WAAqD;AAAA,EACzD,MAAM,GAAG;AAAA,EACT,KAAK,GAAG;AAAA,EACR,QAAQ,GAAG;AAAA,EACX,MAAM,GAAG;AAAA,EACT,UAAU,GAAG;AACf;AAEO,SAAS,aAAa,QAA4B;AACvD,MAAI,OAAO,SAAS,WAAW,GAAG;AAChC,WAAO,GAAG,MAAM,kCAA6B,OAAO,aAAa,WAAW;AAAA,EAC9E;AACA,QAAM,QAAkB,CAAC;AACzB,QAAM,KAAK,GAAG,KAAK,0BAAqB,OAAO,SAAS,MAAM,iCAAiC,OAAO,aAAa,WAAW,CAAC;AAC/H,aAAW,KAAK,OAAO,UAAU;AAC/B,UAAM,KAAK,EAAE;AACb,UAAM,KAAK,KAAK,SAAS,EAAE,aAAa,EAAE,EAAE,cAAc,YAAY,CAAC,CAAC,KAAK,GAAG,KAAK,EAAE,IAAI,CAAC,IAAI,EAAE,OAAO,WAAW,EAAE,UAAU,EAAE;AAClI,eAAW,KAAK,EAAE,UAAU;AAC1B,YAAM,KAAK,SAAS,SAAS,EAAE,QAAQ,EAAE,EAAE,QAAQ,CAAC,KAAK,EAAE,IAAI,KAAK,EAAE,OAAO,EAAE;AAAA,IACjF;AAAA,EACF;AACA,SAAO,MAAM,KAAK,IAAI;AACxB;AAEO,SAAS,WAAW,QAA4B;AACrD,SAAO,KAAK,UAAU,QAAQ,MAAM,CAAC;AACvC;AAEO,SAAS,cAAc,GAAwB;AACpD,QAAM,QAAkB,CAAC;AACzB,QAAM,KAAK,GAAG,SAAS,EAAE,aAAa,EAAE,EAAE,cAAc,YAAY,CAAC,CAAC,KAAK,GAAG,KAAK,EAAE,IAAI,CAAC,IAAI,EAAE,OAAO,WAAW,EAAE,UAAU,EAAE;AAChI,aAAW,KAAK,EAAE,UAAU;AAC1B,UAAM,KAAK,OAAO,SAAS,EAAE,QAAQ,EAAE,EAAE,QAAQ,CAAC,KAAK,EAAE,IAAI,KAAK,EAAE,OAAO,EAAE;AAAA,EAC/E;AACA,SAAO,MAAM,KAAK,IAAI;AACxB;;;ACtCA,SAAS,cAAAI,aAAY,gBAAAC,qBAAoB;AACzC,SAAS,QAAAC,aAAY;AAWd,SAAS,WAAW,KAA6B;AACtD,QAAM,OAAOA,MAAK,KAAK,kBAAkB;AACzC,MAAI,CAACF,YAAW,IAAI,EAAG,QAAO,CAAC;AAC/B,MAAI;AACF,WAAO,KAAK,MAAMC,cAAa,MAAM,MAAM,CAAC;AAAA,EAC9C,QAAQ;AACN,WAAO,CAAC;AAAA,EACV;AACF;","names":["existsSync","readFileSync","join","homedir","readFileSync","join","existsSync","homedir","existsSync","readFileSync","join"]}