@paklo/core 0.5.0 → 0.6.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (40) hide show
  1. package/README.md +19 -0
  2. package/dist/azure/index.d.mts +15 -15
  3. package/dist/azure/index.mjs +6 -6
  4. package/dist/azure/index.mjs.map +1 -1
  5. package/dist/dependabot/index.d.mts +3 -3
  6. package/dist/dependabot/index.mjs +5 -5
  7. package/dist/{dependabot-C6dqpHHO.mjs → dependabot-ssjzLCk2.mjs} +9 -11
  8. package/dist/dependabot-ssjzLCk2.mjs.map +1 -0
  9. package/dist/environment/index.d.mts +1 -1
  10. package/dist/environment/index.mjs +1 -1
  11. package/dist/{environment-Bn2AKsNP.mjs → environment-DxHQ97yw.mjs} +3 -22
  12. package/dist/environment-DxHQ97yw.mjs.map +1 -0
  13. package/dist/github/index.d.mts +1 -1
  14. package/dist/github/index.mjs +3 -3
  15. package/dist/github/index.mjs.map +1 -1
  16. package/dist/hono.d.mts +34 -0
  17. package/dist/hono.mjs +37 -0
  18. package/dist/hono.mjs.map +1 -0
  19. package/dist/http/index.d.mts +1 -1
  20. package/dist/http/index.mjs +2 -2
  21. package/dist/{http-BVlIr273.mjs → http-50rptIBF.mjs} +2 -2
  22. package/dist/http-50rptIBF.mjs.map +1 -0
  23. package/dist/{index-B5hYujx0.d.mts → index-4kLQpBct.d.mts} +2 -2
  24. package/dist/{index-Djd8_Qnk.d.mts → index-Ccof91Bt.d.mts} +112 -25
  25. package/dist/{job-CYxNnXAx.mjs → job-BVzOiMsQ.mjs} +56 -7
  26. package/dist/job-BVzOiMsQ.mjs.map +1 -0
  27. package/dist/keygen.d.mts +32 -36
  28. package/dist/keygen.mjs +43 -50
  29. package/dist/keygen.mjs.map +1 -1
  30. package/dist/{logger-BhxvmS3E.mjs → logger-DIt9KuME.mjs} +2 -2
  31. package/dist/{logger-BhxvmS3E.mjs.map → logger-DIt9KuME.mjs.map} +1 -1
  32. package/dist/logger.mjs +2 -2
  33. package/dist/usage.d.mts +6 -2
  34. package/dist/usage.mjs +3 -3
  35. package/dist/usage.mjs.map +1 -1
  36. package/package.json +9 -5
  37. package/dist/dependabot-C6dqpHHO.mjs.map +0 -1
  38. package/dist/environment-Bn2AKsNP.mjs.map +0 -1
  39. package/dist/http-BVlIr273.mjs.map +0 -1
  40. package/dist/job-CYxNnXAx.mjs.map +0 -1
package/dist/{index-Djd8_Qnk.d.mts → index-Ccof91Bt.d.mts} RENAMED
@@ -1,5 +1,5 @@
1
- import { p as SecurityVulnerability } from "./index-B5hYujx0.mjs";
2
- import { z } from "zod/v4";
1
+ import { p as SecurityVulnerability } from "./index-4kLQpBct.mjs";
2
+ import { z } from "zod";
3
3
  import { Hono } from "hono";
4
4
 
5
5
  //#region src/dependabot/author.d.ts
@@ -209,6 +209,8 @@ declare const PackageEcosystemSchema: z.ZodEnum<{
209
209
  vcpkg: "vcpkg";
210
210
  helm: "helm";
211
211
  julia: "julia";
212
+ bazel: "bazel";
213
+ opentofu: "opentofu";
212
214
  "docker-compose": "docker-compose";
213
215
  "dotnet-sdk": "dotnet-sdk";
214
216
  mix: "mix";
@@ -252,6 +254,8 @@ declare const DependabotUpdateSchema: z.ZodPipe<z.ZodObject<{
252
254
  vcpkg: "vcpkg";
253
255
  helm: "helm";
254
256
  julia: "julia";
257
+ bazel: "bazel";
258
+ opentofu: "opentofu";
255
259
  "docker-compose": "docker-compose";
256
260
  "dotnet-sdk": "dotnet-sdk";
257
261
  mix: "mix";
@@ -383,7 +387,7 @@ declare const DependabotUpdateSchema: z.ZodPipe<z.ZodObject<{
383
387
  patterns: z.ZodOptional<z.ZodArray<z.ZodString>>;
384
388
  'multi-ecosystem-group': z.ZodOptional<z.ZodString>;
385
389
  }, z.core.$strip>, z.ZodTransform<{
386
- 'package-ecosystem': "bundler" | "cargo" | "composer" | "pub" | "docker" | "elm" | "gradle" | "maven" | "nuget" | "pip" | "swift" | "terraform" | "devcontainers" | "bun" | "uv" | "vcpkg" | "helm" | "julia" | "docker-compose" | "dotnet-sdk" | "mix" | "gitsubmodule" | "github-actions" | "gomod" | "npm" | "pip-compile" | "pipenv" | "pnpm" | "poetry" | "rust-toolchain" | "yarn";
390
+ 'package-ecosystem': "bundler" | "cargo" | "composer" | "pub" | "docker" | "elm" | "gradle" | "maven" | "nuget" | "pip" | "swift" | "terraform" | "devcontainers" | "bun" | "uv" | "vcpkg" | "helm" | "julia" | "bazel" | "opentofu" | "docker-compose" | "dotnet-sdk" | "mix" | "gitsubmodule" | "github-actions" | "gomod" | "npm" | "pip-compile" | "pipenv" | "pnpm" | "poetry" | "rust-toolchain" | "yarn";
387
391
  directory?: string | undefined;
388
392
  directories?: string[] | undefined;
389
393
  'exclude-paths'?: string[] | undefined;
@@ -441,7 +445,7 @@ declare const DependabotUpdateSchema: z.ZodPipe<z.ZodObject<{
441
445
  patterns?: string[] | undefined;
442
446
  'multi-ecosystem-group'?: string | undefined;
443
447
  }, {
444
- 'package-ecosystem': "bundler" | "cargo" | "composer" | "pub" | "docker" | "elm" | "gradle" | "maven" | "nuget" | "pip" | "swift" | "terraform" | "devcontainers" | "bun" | "uv" | "vcpkg" | "helm" | "julia" | "docker-compose" | "dotnet-sdk" | "mix" | "gitsubmodule" | "github-actions" | "gomod" | "npm" | "pip-compile" | "pipenv" | "pnpm" | "poetry" | "rust-toolchain" | "yarn";
448
+ 'package-ecosystem': "bundler" | "cargo" | "composer" | "pub" | "docker" | "elm" | "gradle" | "maven" | "nuget" | "pip" | "swift" | "terraform" | "devcontainers" | "bun" | "uv" | "vcpkg" | "helm" | "julia" | "bazel" | "opentofu" | "docker-compose" | "dotnet-sdk" | "mix" | "gitsubmodule" | "github-actions" | "gomod" | "npm" | "pip-compile" | "pipenv" | "pnpm" | "poetry" | "rust-toolchain" | "yarn";
445
449
  directory?: string | undefined;
446
450
  directories?: string[] | undefined;
447
451
  'exclude-paths'?: string[] | undefined;
@@ -625,6 +629,8 @@ declare const DependabotConfigSchema: z.ZodPipe<z.ZodObject<{
625
629
  vcpkg: "vcpkg";
626
630
  helm: "helm";
627
631
  julia: "julia";
632
+ bazel: "bazel";
633
+ opentofu: "opentofu";
628
634
  "docker-compose": "docker-compose";
629
635
  "dotnet-sdk": "dotnet-sdk";
630
636
  mix: "mix";
@@ -756,7 +762,7 @@ declare const DependabotConfigSchema: z.ZodPipe<z.ZodObject<{
756
762
  patterns: z.ZodOptional<z.ZodArray<z.ZodString>>;
757
763
  'multi-ecosystem-group': z.ZodOptional<z.ZodString>;
758
764
  }, z.core.$strip>, z.ZodTransform<{
759
- 'package-ecosystem': "bundler" | "cargo" | "composer" | "pub" | "docker" | "elm" | "gradle" | "maven" | "nuget" | "pip" | "swift" | "terraform" | "devcontainers" | "bun" | "uv" | "vcpkg" | "helm" | "julia" | "docker-compose" | "dotnet-sdk" | "mix" | "gitsubmodule" | "github-actions" | "gomod" | "npm" | "pip-compile" | "pipenv" | "pnpm" | "poetry" | "rust-toolchain" | "yarn";
765
+ 'package-ecosystem': "bundler" | "cargo" | "composer" | "pub" | "docker" | "elm" | "gradle" | "maven" | "nuget" | "pip" | "swift" | "terraform" | "devcontainers" | "bun" | "uv" | "vcpkg" | "helm" | "julia" | "bazel" | "opentofu" | "docker-compose" | "dotnet-sdk" | "mix" | "gitsubmodule" | "github-actions" | "gomod" | "npm" | "pip-compile" | "pipenv" | "pnpm" | "poetry" | "rust-toolchain" | "yarn";
760
766
  directory?: string | undefined;
761
767
  directories?: string[] | undefined;
762
768
  'exclude-paths'?: string[] | undefined;
@@ -814,7 +820,7 @@ declare const DependabotConfigSchema: z.ZodPipe<z.ZodObject<{
814
820
  patterns?: string[] | undefined;
815
821
  'multi-ecosystem-group'?: string | undefined;
816
822
  }, {
817
- 'package-ecosystem': "bundler" | "cargo" | "composer" | "pub" | "docker" | "elm" | "gradle" | "maven" | "nuget" | "pip" | "swift" | "terraform" | "devcontainers" | "bun" | "uv" | "vcpkg" | "helm" | "julia" | "docker-compose" | "dotnet-sdk" | "mix" | "gitsubmodule" | "github-actions" | "gomod" | "npm" | "pip-compile" | "pipenv" | "pnpm" | "poetry" | "rust-toolchain" | "yarn";
823
+ 'package-ecosystem': "bundler" | "cargo" | "composer" | "pub" | "docker" | "elm" | "gradle" | "maven" | "nuget" | "pip" | "swift" | "terraform" | "devcontainers" | "bun" | "uv" | "vcpkg" | "helm" | "julia" | "bazel" | "opentofu" | "docker-compose" | "dotnet-sdk" | "mix" | "gitsubmodule" | "github-actions" | "gomod" | "npm" | "pip-compile" | "pipenv" | "pnpm" | "poetry" | "rust-toolchain" | "yarn";
818
824
  directory?: string | undefined;
819
825
  directories?: string[] | undefined;
820
826
  'exclude-paths'?: string[] | undefined;
@@ -944,7 +950,7 @@ declare const DependabotConfigSchema: z.ZodPipe<z.ZodObject<{
944
950
  }, z.core.$strip>, z.ZodTransform<{
945
951
  version: number;
946
952
  updates: {
947
- 'package-ecosystem': "bundler" | "cargo" | "composer" | "pub" | "docker" | "elm" | "gradle" | "maven" | "nuget" | "pip" | "swift" | "terraform" | "devcontainers" | "bun" | "uv" | "vcpkg" | "helm" | "julia" | "docker-compose" | "dotnet-sdk" | "mix" | "gitsubmodule" | "github-actions" | "gomod" | "npm" | "pip-compile" | "pipenv" | "pnpm" | "poetry" | "rust-toolchain" | "yarn";
953
+ 'package-ecosystem': "bundler" | "cargo" | "composer" | "pub" | "docker" | "elm" | "gradle" | "maven" | "nuget" | "pip" | "swift" | "terraform" | "devcontainers" | "bun" | "uv" | "vcpkg" | "helm" | "julia" | "bazel" | "opentofu" | "docker-compose" | "dotnet-sdk" | "mix" | "gitsubmodule" | "github-actions" | "gomod" | "npm" | "pip-compile" | "pipenv" | "pnpm" | "poetry" | "rust-toolchain" | "yarn";
948
954
  directory?: string | undefined;
949
955
  directories?: string[] | undefined;
950
956
  'exclude-paths'?: string[] | undefined;
@@ -1045,7 +1051,7 @@ declare const DependabotConfigSchema: z.ZodPipe<z.ZodObject<{
1045
1051
  }, {
1046
1052
  version: number;
1047
1053
  updates: {
1048
- 'package-ecosystem': "bundler" | "cargo" | "composer" | "pub" | "docker" | "elm" | "gradle" | "maven" | "nuget" | "pip" | "swift" | "terraform" | "devcontainers" | "bun" | "uv" | "vcpkg" | "helm" | "julia" | "docker-compose" | "dotnet-sdk" | "mix" | "gitsubmodule" | "github-actions" | "gomod" | "npm" | "pip-compile" | "pipenv" | "pnpm" | "poetry" | "rust-toolchain" | "yarn";
1054
+ 'package-ecosystem': "bundler" | "cargo" | "composer" | "pub" | "docker" | "elm" | "gradle" | "maven" | "nuget" | "pip" | "swift" | "terraform" | "devcontainers" | "bun" | "uv" | "vcpkg" | "helm" | "julia" | "bazel" | "opentofu" | "docker-compose" | "dotnet-sdk" | "mix" | "gitsubmodule" | "github-actions" | "gomod" | "npm" | "pip-compile" | "pipenv" | "pnpm" | "poetry" | "rust-toolchain" | "yarn";
1049
1055
  directory?: string | undefined;
1050
1056
  directories?: string[] | undefined;
1051
1057
  'exclude-paths'?: string[] | undefined;
@@ -1185,11 +1191,15 @@ declare const DependabotProxyConfigSchema: z.ZodObject<{
1185
1191
  type DependabotProxyConfig = z.infer<typeof DependabotProxyConfigSchema>;
1186
1192
  declare const DependabotSourceProviderSchema: z.ZodEnum<{
1187
1193
  azure: "azure";
1194
+ gitlab: "gitlab";
1195
+ bitbucket: "bitbucket";
1188
1196
  }>;
1189
1197
  type DependabotSourceProvider = z.infer<typeof DependabotSourceProviderSchema>;
1190
1198
  declare const DependabotSourceSchema: z.ZodObject<{
1191
1199
  provider: z.ZodEnum<{
1192
1200
  azure: "azure";
1201
+ gitlab: "gitlab";
1202
+ bitbucket: "bitbucket";
1193
1203
  }>;
1194
1204
  repo: z.ZodString;
1195
1205
  directory: z.ZodOptional<z.ZodNullable<z.ZodString>>;
@@ -1332,6 +1342,8 @@ declare const DependabotPackageManagerSchema: z.ZodEnum<{
1332
1342
  vcpkg: "vcpkg";
1333
1343
  helm: "helm";
1334
1344
  julia: "julia";
1345
+ bazel: "bazel";
1346
+ opentofu: "opentofu";
1335
1347
  }>;
1336
1348
  type DependabotPackageManager = z.infer<typeof DependabotPackageManagerSchema>;
1337
1349
  declare const DependabotCommandSchema: z.ZodEnum<{
@@ -1341,7 +1353,7 @@ declare const DependabotCommandSchema: z.ZodEnum<{
1341
1353
  }>;
1342
1354
  type DependabotCommand = z.infer<typeof DependabotCommandSchema>;
1343
1355
  declare const DependabotJobConfigSchema: z.ZodObject<{
1344
- id: z.ZodOptional<z.ZodNumber>;
1356
+ id: z.ZodString;
1345
1357
  command: z.ZodOptional<z.ZodEnum<{
1346
1358
  version: "version";
1347
1359
  graph: "graph";
@@ -1374,6 +1386,8 @@ declare const DependabotJobConfigSchema: z.ZodObject<{
1374
1386
  vcpkg: "vcpkg";
1375
1387
  helm: "helm";
1376
1388
  julia: "julia";
1389
+ bazel: "bazel";
1390
+ opentofu: "opentofu";
1377
1391
  }>;
1378
1392
  'allowed-updates': z.ZodArray<z.ZodObject<{
1379
1393
  'dependency-name': z.ZodOptional<z.ZodNullable<z.ZodString>>;
@@ -1431,6 +1445,8 @@ declare const DependabotJobConfigSchema: z.ZodObject<{
1431
1445
  source: z.ZodObject<{
1432
1446
  provider: z.ZodEnum<{
1433
1447
  azure: "azure";
1448
+ gitlab: "gitlab";
1449
+ bitbucket: "bitbucket";
1434
1450
  }>;
1435
1451
  repo: z.ZodString;
1436
1452
  directory: z.ZodOptional<z.ZodNullable<z.ZodString>>;
@@ -1468,7 +1484,7 @@ declare const DependabotJobConfigSchema: z.ZodObject<{
1468
1484
  type DependabotJobConfig = z.infer<typeof DependabotJobConfigSchema>;
1469
1485
  declare const DependabotJobFileSchema: z.ZodObject<{
1470
1486
  job: z.ZodObject<{
1471
- id: z.ZodOptional<z.ZodNumber>;
1487
+ id: z.ZodString;
1472
1488
  command: z.ZodOptional<z.ZodEnum<{
1473
1489
  version: "version";
1474
1490
  graph: "graph";
@@ -1501,6 +1517,8 @@ declare const DependabotJobFileSchema: z.ZodObject<{
1501
1517
  vcpkg: "vcpkg";
1502
1518
  helm: "helm";
1503
1519
  julia: "julia";
1520
+ bazel: "bazel";
1521
+ opentofu: "opentofu";
1504
1522
  }>;
1505
1523
  'allowed-updates': z.ZodArray<z.ZodObject<{
1506
1524
  'dependency-name': z.ZodOptional<z.ZodNullable<z.ZodString>>;
@@ -1558,6 +1576,8 @@ declare const DependabotJobFileSchema: z.ZodObject<{
1558
1576
  source: z.ZodObject<{
1559
1577
  provider: z.ZodEnum<{
1560
1578
  azure: "azure";
1579
+ gitlab: "gitlab";
1580
+ bitbucket: "bitbucket";
1561
1581
  }>;
1562
1582
  repo: z.ZodString;
1563
1583
  directory: z.ZodOptional<z.ZodNullable<z.ZodString>>;
@@ -1610,6 +1630,62 @@ type FileUpdaterInput = FetchedFiles & {
1610
1630
  declare function getBranchNameForUpdate(packageEcosystem: PackageEcosystem, targetBranchName: string | undefined, directory: string | undefined, dependencyGroupName: string | undefined, dependencies: DependabotExistingPR[], separator?: string): string;
1611
1631
  declare function sanitizeRef(refParts: (string | undefined)[], separator: string): string;
1612
1632
  //#endregion
1633
+ //#region src/dependabot/directory-key.d.ts
1634
+ /**
1635
+ * Options for creating a directory key that supports both naming conventions:
1636
+ * - `ecosystem` (standard format)
1637
+ * - `package-ecosystem` (alternative format for compatibility)
1638
+ *
1639
+ * Either a single `directory` or multiple `directories` can be specified.
1640
+ */
1641
+ type MakeDirectoryKeyOptions = {
1642
+ /** The package ecosystem (e.g., 'npm', 'pip', 'bundler') */
1643
+ ecosystem: string;
1644
+ /** Single directory path (optional if directories is provided) */
1645
+ directory?: string | null;
1646
+ /** Multiple directory paths (optional if directory is provided) */
1647
+ directories?: string[];
1648
+ } | {
1649
+ /** The package ecosystem using alternative naming convention */
1650
+ 'package-ecosystem': string;
1651
+ /** Single directory path (optional if directories is provided) */
1652
+ directory?: string | null;
1653
+ /** Multiple directory paths (optional if directory is provided) */
1654
+ directories?: string[];
1655
+ };
1656
+ /**
1657
+ * Creates a unique directory key by combining the ecosystem and directory information.
1658
+ *
1659
+ * The key format is: `{ecosystem}::{directory_info}`
1660
+ * - For single directory: `npm::/src/frontend`
1661
+ * - For multiple directories: `npm::/src/frontend,/src/backend`
1662
+ *
1663
+ * @param options - Configuration object containing ecosystem and directory information
1664
+ * @returns A unique string key in the format `{ecosystem}::{directories}`
1665
+ *
1666
+ * @example
1667
+ * ```typescript
1668
+ * // Single directory
1669
+ * const key1 = makeDirectoryKey({ ecosystem: 'npm', directory: '/src' });
1670
+ * // Returns: "npm::/src"
1671
+ *
1672
+ * // Multiple directories
1673
+ * const key2 = makeDirectoryKey({
1674
+ * ecosystem: 'pip',
1675
+ * directories: ['/backend', '/scripts']
1676
+ * });
1677
+ * // Returns: "pip::/backend,/scripts"
1678
+ *
1679
+ * // Using alternative naming convention
1680
+ * const key3 = makeDirectoryKey({
1681
+ * 'package-ecosystem': 'bundler',
1682
+ * directory: '/app'
1683
+ * });
1684
+ * // Returns: "bundler::/app"
1685
+ * ```
1686
+ */
1687
+ declare function makeDirectoryKey(options: MakeDirectoryKeyOptions): string;
1688
+ //#endregion
1613
1689
  //#region src/dependabot/experiments.d.ts
1614
1690
  declare const DEFAULT_EXPERIMENTS: DependabotExperiments;
1615
1691
  /**
@@ -1627,7 +1703,6 @@ type DependabotSourceInfo = {
1627
1703
  'repository-slug': string;
1628
1704
  };
1629
1705
  type DependabotJobBuilderOutput = {
1630
- jobId: number;
1631
1706
  job: DependabotJobConfig;
1632
1707
  credentials: DependabotCredential[];
1633
1708
  };
@@ -1669,7 +1744,7 @@ declare class DependabotJobBuilder {
1669
1744
  id,
1670
1745
  command
1671
1746
  }: {
1672
- id?: number;
1747
+ id?: string;
1673
1748
  command: DependabotJobConfig['command'];
1674
1749
  }): DependabotJobBuilderOutput;
1675
1750
  /**
@@ -1683,7 +1758,7 @@ declare class DependabotJobBuilder {
1683
1758
  pullRequestToUpdate,
1684
1759
  securityVulnerabilities
1685
1760
  }: {
1686
- id?: number;
1761
+ id?: string;
1687
1762
  command: DependabotJobConfig['command'];
1688
1763
  dependencyNamesToUpdate?: string[];
1689
1764
  existingPullRequests: (DependabotExistingPR[] | DependabotExistingGroupPR)[];
@@ -1712,7 +1787,7 @@ declare function mapCredentials({
1712
1787
  githubToken?: string;
1713
1788
  registries?: Record<string, DependabotRegistry>;
1714
1789
  }): DependabotCredential[];
1715
- declare function makeRandomJobId(): number;
1790
+ declare function makeRandomJobId(): string;
1716
1791
  //#endregion
1717
1792
  //#region src/dependabot/server.d.ts
1718
1793
  declare const DependabotRequestTypeSchema: z.ZodEnum<{
@@ -1759,7 +1834,7 @@ declare const DependabotRequestSchema: z.ZodDiscriminatedUnion<[z.ZodObject<{
1759
1834
  directory: z.ZodOptional<z.ZodNullable<z.ZodString>>;
1760
1835
  }, z.core.$strip>>;
1761
1836
  'updated-dependency-files': z.ZodArray<z.ZodObject<{
1762
- content: z.ZodString;
1837
+ content: z.ZodOptional<z.ZodNullable<z.ZodString>>;
1763
1838
  content_encoding: z.ZodOptional<z.ZodNullable<z.ZodString>>;
1764
1839
  deleted: z.ZodOptional<z.ZodNullable<z.ZodBoolean>>;
1765
1840
  directory: z.ZodString;
@@ -1781,7 +1856,7 @@ declare const DependabotRequestSchema: z.ZodDiscriminatedUnion<[z.ZodObject<{
1781
1856
  'base-commit-sha': z.ZodString;
1782
1857
  'dependency-names': z.ZodArray<z.ZodString>;
1783
1858
  'updated-dependency-files': z.ZodArray<z.ZodObject<{
1784
- content: z.ZodString;
1859
+ content: z.ZodOptional<z.ZodNullable<z.ZodString>>;
1785
1860
  content_encoding: z.ZodOptional<z.ZodNullable<z.ZodString>>;
1786
1861
  deleted: z.ZodOptional<z.ZodNullable<z.ZodBoolean>>;
1787
1862
  directory: z.ZodString;
@@ -1904,14 +1979,26 @@ type DependabotTokenType = 'job' | 'credentials';
1904
1979
  * @param value - The authentication value (e.g., API key).
1905
1980
  * @returns A promise that resolves to a boolean indicating whether the authentication was successful.
1906
1981
  */
1907
- type AuthenticatorFunc = (type: DependabotTokenType, id: number, value: string) => Promise<boolean>;
1982
+ type AuthenticatorFunc = (type: DependabotTokenType, id: string, value: string) => Promise<boolean>;
1908
1983
  /**
1909
1984
  * Handler function for processing dependabot requests.
1910
1985
  * @param id - The ID of the dependabot job.
1911
1986
  * @param request - The dependabot request to handle.
1912
1987
  * @returns A promise that resolves to the result of handling the request.
1913
1988
  */
1914
- type HandlerFunc = (id: number, request: DependabotRequest) => Promise<boolean>;
1989
+ type HandlerFunc = (id: string, request: DependabotRequest) => Promise<boolean>;
1990
+ /**
1991
+ * Function for getting a dependabot job config by ID.
1992
+ * @param id - The ID of the dependabot job.
1993
+ * @returns A promise that resolves to the dependabot job config, or undefined if not found.
1994
+ */
1995
+ type GetJobFunc = (id: string) => Promise<DependabotJobConfig | undefined>;
1996
+ /**
1997
+ * Function for getting dependabot credentials by job ID.
1998
+ * @param id - The ID of the dependabot job.
1999
+ * @returns A promise that resolves to an array of dependabot credentials, or undefined if not found.
2000
+ */
2001
+ type GetCredentialsFunc = (id: string) => Promise<DependabotCredential[] | undefined>;
1915
2002
  type CreateApiServerAppOptions = {
1916
2003
  /**
1917
2004
  * Base path for the endpoints.
@@ -1921,9 +2008,9 @@ type CreateApiServerAppOptions = {
1921
2008
  /** Handler function for authenticating requests. */
1922
2009
  authenticate: AuthenticatorFunc;
1923
2010
  /** Function for getting a dependabot job by ID. */
1924
- getJob: (id: number) => Promise<DependabotJobConfig | undefined>;
2011
+ getJob: GetJobFunc;
1925
2012
  /** Function for getting dependabot credentials by job ID. */
1926
- getCredentials: (id: number) => Promise<DependabotCredential[] | undefined>;
2013
+ getCredentials: GetCredentialsFunc;
1927
2014
  /** Handler function for processing the operations. */
1928
2015
  handle: HandlerFunc;
1929
2016
  };
@@ -1949,7 +2036,7 @@ declare function createApiServerApp({
1949
2036
  //#endregion
1950
2037
  //#region src/dependabot/update.d.ts
1951
2038
  declare const DependabotDependencyFileSchema: z.ZodObject<{
1952
- content: z.ZodString;
2039
+ content: z.ZodOptional<z.ZodNullable<z.ZodString>>;
1953
2040
  content_encoding: z.ZodOptional<z.ZodNullable<z.ZodString>>;
1954
2041
  deleted: z.ZodOptional<z.ZodNullable<z.ZodBoolean>>;
1955
2042
  directory: z.ZodString;
@@ -2018,7 +2105,7 @@ declare const DependabotCreatePullRequestSchema: z.ZodObject<{
2018
2105
  directory: z.ZodOptional<z.ZodNullable<z.ZodString>>;
2019
2106
  }, z.core.$strip>>;
2020
2107
  'updated-dependency-files': z.ZodArray<z.ZodObject<{
2021
- content: z.ZodString;
2108
+ content: z.ZodOptional<z.ZodNullable<z.ZodString>>;
2022
2109
  content_encoding: z.ZodOptional<z.ZodNullable<z.ZodString>>;
2023
2110
  deleted: z.ZodOptional<z.ZodNullable<z.ZodBoolean>>;
2024
2111
  directory: z.ZodString;
@@ -2039,7 +2126,7 @@ declare const DependabotUpdatePullRequestSchema: z.ZodObject<{
2039
2126
  'base-commit-sha': z.ZodString;
2040
2127
  'dependency-names': z.ZodArray<z.ZodString>;
2041
2128
  'updated-dependency-files': z.ZodArray<z.ZodObject<{
2042
- content: z.ZodString;
2129
+ content: z.ZodOptional<z.ZodNullable<z.ZodString>>;
2043
2130
  content_encoding: z.ZodOptional<z.ZodNullable<z.ZodString>>;
2044
2131
  deleted: z.ZodOptional<z.ZodNullable<z.ZodBoolean>>;
2045
2132
  directory: z.ZodString;
@@ -2139,5 +2226,5 @@ declare const DependabotMetricSchema: z.ZodObject<{
2139
2226
  }, z.core.$strip>;
2140
2227
  type DependabotMetric = z.infer<typeof DependabotMetricSchema>;
2141
2228
  //#endregion
2142
- export { CertificateAuthority as $, DependabotGroupSchema as $t, DependabotRequest as A, DependabotProxyConfigSchema as At, mapAllowedUpdatesFromDependabotConfigToJobConfig as B, DependabotSourceSchema as Bt, DependabotRecordUpdateJobUnknownError as C, DEPENDABOT_DEFAULT_AUTHOR_EMAIL as Cn, DependabotJobConfig as Ct, DependabotUpdatePullRequest as D, DependabotPackageManager as Dt, DependabotUpdateDependencyListSchema as E, DependabotJobFileSchema as Et, createApiServerApp as F, DependabotSecurityAdvisory as Ft, mapPackageEcosystemToPackageManager as G, DependabotAllowConditionSchema as Gt, mapExperiments as H, FileFetcherInput as Ht, DependabotJobBuilder as I, DependabotSecurityAdvisorySchema as It, mapVersionStrategyToRequirementsUpdateStrategy as J, DependabotConfig as Jt, mapSecurityAdvisories as K, DependabotCommitMessage as Kt, DependabotJobBuilderOutput as L, DependabotSource as Lt, DependabotRequestType as M, DependabotRequirementSchema as Mt, DependabotRequestTypeSchema as N, DependabotRequirementSource as Nt, DependabotUpdatePullRequestSchema as O, DependabotPackageManagerSchema as Ot, DependabotTokenType as P, DependabotRequirementSourceSchema as Pt, sanitizeRef as Q, DependabotGroup as Qt, DependabotSourceInfo as R, DependabotSourceProvider as Rt, DependabotRecordUpdateJobErrorSchema as S, extractPlaceholder as Sn, DependabotGroupRuleJobSchema as St, DependabotUpdateDependencyList as T, GitAuthor as Tn, DependabotJobFile as Tt, mapGroupsFromDependabotConfigToJobConfig as U, FileUpdaterInput as Ut, mapCredentials as V, FetchedFiles as Vt, mapIgnoreConditionsFromDependabotConfigToJobConfig as W, DependabotAllowCondition as Wt, parseExperiments as X, DependabotCooldown as Xt, DEFAULT_EXPERIMENTS as Y, DependabotConfigSchema as Yt, getBranchNameForUpdate as Z, DependabotCooldownSchema as Zt, DependabotRecordEcosystemMeta as _, parseRegistries as _n, DependabotExperiments as _t, DependabotDependencyFile as a, DependabotRegistry as an, DependabotCommitOptions as at, DependabotRecordEcosystemVersionsSchema as b, VariableFinderFn as bn, DependabotGroupJobSchema as bt, DependabotEcosystemMetaSchema as c, DependabotScheduleSchema as cn, DependabotConditionSchema as ct, DependabotIncrementMetric as d, POSSIBLE_CONFIG_FILE_PATHS as dn, DependabotDependency as dt, DependabotIgnoreCondition as en, CertificateAuthoritySchema as et, DependabotIncrementMetricSchema as f, PackageEcosystem as fn, DependabotDependencySchema as ft, DependabotMetricSchema as g, parseDependabotConfig as gn, DependabotExistingPRSchema as gt, DependabotMetric as h, VersioningStrategySchema as hn, DependabotExistingPR as ht, DependabotCreatePullRequestSchema as i, DependabotPullRequestBranchName as in, DependabotCommandSchema as it, DependabotRequestSchema as j, DependabotRequirement as jt, CreateApiServerAppOptions as k, DependabotProxyConfig as kt, DependabotEcosystemVersionManager as l, DependabotUpdate as ln, DependabotCredential as lt, DependabotMarkAsProcessedSchema as m, VersioningStrategy as mn, DependabotExistingGroupPRSchema as mt, DependabotClosePullRequestSchema as n, DependabotMultiEcosystemGroup as nn, DependabotAllowedSchema as nt, DependabotDependencyFileSchema as o, DependabotRegistrySchema as on, DependabotCommitOptionsSchema as ot, DependabotMarkAsProcessed as p, PackageEcosystemSchema as pn, DependabotExistingGroupPR as pt, mapSourceFromDependabotConfigToJobConfig as q, DependabotCommitMessageSchema as qt, DependabotCreatePullRequest as r, DependabotMultiEcosystemGroupSchema as rn, DependabotCommand as rt, DependabotEcosystemMeta as s, DependabotSchedule as sn, DependabotCondition as st, DependabotClosePullRequest as t, DependabotIgnoreConditionSchema as tn, DependabotAllowed as tt, DependabotEcosystemVersionManagerSchema as u, DependabotUpdateSchema as un, DependabotCredentialSchema as ut, DependabotRecordEcosystemMetaSchema as v, parseUpdates as vn, DependabotExperimentsSchema as vt, DependabotRecordUpdateJobUnknownErrorSchema as w, DEPENDABOT_DEFAULT_AUTHOR_NAME as wn, DependabotJobConfigSchema as wt, DependabotRecordUpdateJobError as x, convertPlaceholder as xn, DependabotGroupRuleJob as xt, DependabotRecordEcosystemVersions as y, validateConfiguration as yn, DependabotGroupJob as yt, makeRandomJobId as z, DependabotSourceProviderSchema as zt };
2143
- //# sourceMappingURL=index-Djd8_Qnk.d.mts.map
2229
+ export { sanitizeRef as $, DependabotGroup as $t, DependabotRequest as A, DependabotProxyConfig as At, mapAllowedUpdatesFromDependabotConfigToJobConfig as B, DependabotSourceProviderSchema as Bt, DependabotRecordUpdateJobUnknownError as C, extractPlaceholder as Cn, DependabotGroupRuleJobSchema as Ct, DependabotUpdatePullRequest as D, DependabotJobFileSchema as Dt, DependabotUpdateDependencyListSchema as E, GitAuthor as En, DependabotJobFile as Et, createApiServerApp as F, DependabotRequirementSourceSchema as Ft, mapPackageEcosystemToPackageManager as G, DependabotAllowCondition as Gt, mapExperiments as H, FetchedFiles as Ht, DependabotJobBuilder as I, DependabotSecurityAdvisory as It, mapVersionStrategyToRequirementsUpdateStrategy as J, DependabotCommitMessageSchema as Jt, mapSecurityAdvisories as K, DependabotAllowConditionSchema as Kt, DependabotJobBuilderOutput as L, DependabotSecurityAdvisorySchema as Lt, DependabotRequestType as M, DependabotRequirement as Mt, DependabotRequestTypeSchema as N, DependabotRequirementSchema as Nt, DependabotUpdatePullRequestSchema as O, DependabotPackageManager as Ot, DependabotTokenType as P, DependabotRequirementSource as Pt, getBranchNameForUpdate as Q, DependabotCooldownSchema as Qt, DependabotSourceInfo as R, DependabotSource as Rt, DependabotRecordUpdateJobErrorSchema as S, convertPlaceholder as Sn, DependabotGroupRuleJob as St, DependabotUpdateDependencyList as T, DEPENDABOT_DEFAULT_AUTHOR_NAME as Tn, DependabotJobConfigSchema as Tt, mapGroupsFromDependabotConfigToJobConfig as U, FileFetcherInput as Ut, mapCredentials as V, DependabotSourceSchema as Vt, mapIgnoreConditionsFromDependabotConfigToJobConfig as W, FileUpdaterInput as Wt, parseExperiments as X, DependabotConfigSchema as Xt, DEFAULT_EXPERIMENTS as Y, DependabotConfig as Yt, makeDirectoryKey as Z, DependabotCooldown as Zt, DependabotRecordEcosystemMeta as _, parseDependabotConfig as _n, DependabotExistingPRSchema as _t, DependabotDependencyFile as a, DependabotPullRequestBranchName as an, DependabotCommandSchema as at, DependabotRecordEcosystemVersionsSchema as b, validateConfiguration as bn, DependabotGroupJob as bt, DependabotEcosystemMetaSchema as c, DependabotSchedule as cn, DependabotCondition as ct, DependabotIncrementMetric as d, DependabotUpdateSchema as dn, DependabotCredentialSchema as dt, DependabotGroupSchema as en, CertificateAuthority as et, DependabotIncrementMetricSchema as f, POSSIBLE_CONFIG_FILE_PATHS as fn, DependabotDependency as ft, DependabotMetricSchema as g, VersioningStrategySchema as gn, DependabotExistingPR as gt, DependabotMetric as h, VersioningStrategy as hn, DependabotExistingGroupPRSchema as ht, DependabotCreatePullRequestSchema as i, DependabotMultiEcosystemGroupSchema as in, DependabotCommand as it, DependabotRequestSchema as j, DependabotProxyConfigSchema as jt, CreateApiServerAppOptions as k, DependabotPackageManagerSchema as kt, DependabotEcosystemVersionManager as l, DependabotScheduleSchema as ln, DependabotConditionSchema as lt, DependabotMarkAsProcessedSchema as m, PackageEcosystemSchema as mn, DependabotExistingGroupPR as mt, DependabotClosePullRequestSchema as n, DependabotIgnoreConditionSchema as nn, DependabotAllowed as nt, DependabotDependencyFileSchema as o, DependabotRegistry as on, DependabotCommitOptions as ot, DependabotMarkAsProcessed as p, PackageEcosystem as pn, DependabotDependencySchema as pt, mapSourceFromDependabotConfigToJobConfig as q, DependabotCommitMessage as qt, DependabotCreatePullRequest as r, DependabotMultiEcosystemGroup as rn, DependabotAllowedSchema as rt, DependabotEcosystemMeta as s, DependabotRegistrySchema as sn, DependabotCommitOptionsSchema as st, DependabotClosePullRequest as t, DependabotIgnoreCondition as tn, CertificateAuthoritySchema as tt, DependabotEcosystemVersionManagerSchema as u, DependabotUpdate as un, DependabotCredential as ut, DependabotRecordEcosystemMetaSchema as v, parseRegistries as vn, DependabotExperiments as vt, DependabotRecordUpdateJobUnknownErrorSchema as w, DEPENDABOT_DEFAULT_AUTHOR_EMAIL as wn, DependabotJobConfig as wt, DependabotRecordUpdateJobError as x, VariableFinderFn as xn, DependabotGroupJobSchema as xt, DependabotRecordEcosystemVersions as y, parseUpdates as yn, DependabotExperimentsSchema as yt, makeRandomJobId as z, DependabotSourceProvider as zt };
2230
+ //# sourceMappingURL=index-Ccof91Bt.d.mts.map
package/dist/{job-CYxNnXAx.mjs → job-BVzOiMsQ.mjs} RENAMED
@@ -1,6 +1,43 @@
1
- import { z } from "zod/v4";
1
+ import { z } from "zod";
2
2
  import * as yaml from "js-yaml";
3
3
 
4
+ //#region src/dependabot/directory-key.ts
5
+ /**
6
+ * Creates a unique directory key by combining the ecosystem and directory information.
7
+ *
8
+ * The key format is: `{ecosystem}::{directory_info}`
9
+ * - For single directory: `npm::/src/frontend`
10
+ * - For multiple directories: `npm::/src/frontend,/src/backend`
11
+ *
12
+ * @param options - Configuration object containing ecosystem and directory information
13
+ * @returns A unique string key in the format `{ecosystem}::{directories}`
14
+ *
15
+ * @example
16
+ * ```typescript
17
+ * // Single directory
18
+ * const key1 = makeDirectoryKey({ ecosystem: 'npm', directory: '/src' });
19
+ * // Returns: "npm::/src"
20
+ *
21
+ * // Multiple directories
22
+ * const key2 = makeDirectoryKey({
23
+ * ecosystem: 'pip',
24
+ * directories: ['/backend', '/scripts']
25
+ * });
26
+ * // Returns: "pip::/backend,/scripts"
27
+ *
28
+ * // Using alternative naming convention
29
+ * const key3 = makeDirectoryKey({
30
+ * 'package-ecosystem': 'bundler',
31
+ * directory: '/app'
32
+ * });
33
+ * // Returns: "bundler::/app"
34
+ * ```
35
+ */
36
+ function makeDirectoryKey(options) {
37
+ return `${"ecosystem" in options ? options.ecosystem : options["package-ecosystem"]}::${options.directory ?? options.directories.join(",")}`;
38
+ }
39
+
40
+ //#endregion
4
41
  //#region src/dependabot/placeholder.ts
5
42
  async function convertPlaceholder({ input, variableFinder }) {
6
43
  if (!input) return void 0;
@@ -145,6 +182,7 @@ const DependabotCooldownSchema = z.object({
145
182
  });
146
183
  const DependabotPullRequestBranchNameSchema = z.object({ separator: z.string().optional() });
147
184
  const PackageEcosystemSchema = z.enum([
185
+ "bazel",
148
186
  "bun",
149
187
  "bundler",
150
188
  "cargo",
@@ -164,6 +202,7 @@ const PackageEcosystemSchema = z.enum([
164
202
  "maven",
165
203
  "npm",
166
204
  "nuget",
205
+ "opentofu",
167
206
  "pip",
168
207
  "pip-compile",
169
208
  "pipenv",
@@ -246,10 +285,14 @@ const DependabotConfigSchema = z.object({
246
285
  }
247
286
  const seen = /* @__PURE__ */ new Set();
248
287
  for (const update of value.updates) {
249
- const key = `${update["package-ecosystem"]}:${update.directory ?? update.directories?.join(",")}`;
288
+ const key = makeDirectoryKey(update);
250
289
  if (seen.has(key)) addIssue(`Duplicate update configuration found for '${update["package-ecosystem"]}' and directory: '${update.directory ?? update.directories?.join(",")}'`);
251
290
  seen.add(key);
252
291
  }
292
+ const betaEcosystems = ["bazel", "opentofu"];
293
+ if (!value["enable-beta-ecosystems"]) {
294
+ for (const update of value.updates) if (betaEcosystems.includes(update["package-ecosystem"])) addIssue(`The package ecosystem '${update["package-ecosystem"]}' is currently in beta. To use it, set 'enable-beta-ecosystems' to true in the dependabot configuration.`);
295
+ }
253
296
  return value;
254
297
  });
255
298
  function parseUpdates(config, configPath) {
@@ -349,7 +392,11 @@ const DependabotProxyConfigSchema = z.object({
349
392
  all_credentials: DependabotCredentialSchema.array(),
350
393
  ca: CertificateAuthoritySchema
351
394
  });
352
- const DependabotSourceProviderSchema = z.enum(["azure"]);
395
+ const DependabotSourceProviderSchema = z.enum([
396
+ "azure",
397
+ "gitlab",
398
+ "bitbucket"
399
+ ]);
353
400
  const DependabotSourceSchema = z.object({
354
401
  provider: DependabotSourceProviderSchema,
355
402
  repo: z.string(),
@@ -450,7 +497,9 @@ const DependabotPackageManagerSchema = z.enum([
450
497
  "uv",
451
498
  "vcpkg",
452
499
  "helm",
453
- "julia"
500
+ "julia",
501
+ "bazel",
502
+ "opentofu"
454
503
  ]);
455
504
  const DependabotCommandSchema = z.enum([
456
505
  "graph",
@@ -458,7 +507,7 @@ const DependabotCommandSchema = z.enum([
458
507
  "recreate"
459
508
  ]);
460
509
  const DependabotJobConfigSchema = z.object({
461
- id: z.number().optional(),
510
+ id: z.string(),
462
511
  command: DependabotCommandSchema.optional(),
463
512
  "package-manager": DependabotPackageManagerSchema,
464
513
  "allowed-updates": DependabotAllowedSchema.array(),
@@ -492,5 +541,5 @@ const DependabotJobConfigSchema = z.object({
492
541
  const DependabotJobFileSchema = z.object({ job: DependabotJobConfigSchema });
493
542
 
494
543
  //#endregion
495
- export { DependabotScheduleSchema as A, extractPlaceholder as B, DependabotCommitMessageSchema as C, DependabotIgnoreConditionSchema as D, DependabotGroupSchema as E, parseDependabotConfig as F, parseRegistries as I, parseUpdates as L, POSSIBLE_CONFIG_FILE_PATHS as M, PackageEcosystemSchema as N, DependabotMultiEcosystemGroupSchema as O, VersioningStrategySchema as P, validateConfiguration as R, DependabotAllowConditionSchema as S, DependabotCooldownSchema as T, DependabotRequirementSchema as _, DependabotConditionSchema as a, DependabotSourceProviderSchema as b, DependabotExistingGroupPRSchema as c, DependabotGroupJobSchema as d, DependabotGroupRuleJobSchema as f, DependabotProxyConfigSchema as g, DependabotPackageManagerSchema as h, DependabotCommitOptionsSchema as i, DependabotUpdateSchema as j, DependabotRegistrySchema as k, DependabotExistingPRSchema as l, DependabotJobFileSchema as m, DependabotAllowedSchema as n, DependabotCredentialSchema as o, DependabotJobConfigSchema as p, DependabotCommandSchema as r, DependabotDependencySchema as s, CertificateAuthoritySchema as t, DependabotExperimentsSchema as u, DependabotRequirementSourceSchema as v, DependabotConfigSchema as w, DependabotSourceSchema as x, DependabotSecurityAdvisorySchema as y, convertPlaceholder as z };
496
- //# sourceMappingURL=job-CYxNnXAx.mjs.map
544
+ export { DependabotScheduleSchema as A, extractPlaceholder as B, DependabotCommitMessageSchema as C, DependabotIgnoreConditionSchema as D, DependabotGroupSchema as E, parseDependabotConfig as F, parseRegistries as I, parseUpdates as L, POSSIBLE_CONFIG_FILE_PATHS as M, PackageEcosystemSchema as N, DependabotMultiEcosystemGroupSchema as O, VersioningStrategySchema as P, validateConfiguration as R, DependabotAllowConditionSchema as S, DependabotCooldownSchema as T, makeDirectoryKey as V, DependabotRequirementSchema as _, DependabotConditionSchema as a, DependabotSourceProviderSchema as b, DependabotExistingGroupPRSchema as c, DependabotGroupJobSchema as d, DependabotGroupRuleJobSchema as f, DependabotProxyConfigSchema as g, DependabotPackageManagerSchema as h, DependabotCommitOptionsSchema as i, DependabotUpdateSchema as j, DependabotRegistrySchema as k, DependabotExistingPRSchema as l, DependabotJobFileSchema as m, DependabotAllowedSchema as n, DependabotCredentialSchema as o, DependabotJobConfigSchema as p, DependabotCommandSchema as r, DependabotDependencySchema as s, CertificateAuthoritySchema as t, DependabotExperimentsSchema as u, DependabotRequirementSourceSchema as v, DependabotConfigSchema as w, DependabotSourceSchema as x, DependabotSecurityAdvisorySchema as y, convertPlaceholder as z };
545
+ //# sourceMappingURL=job-BVzOiMsQ.mjs.map
package/dist/job-BVzOiMsQ.mjs.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"job-BVzOiMsQ.mjs","names":["matches: RegExpExecArray[]","betaEcosystems: PackageEcosystem[]","updates: DependabotUpdate[]","registries: Record<string, DependabotRegistry>","referenced: string[]"],"sources":["../src/dependabot/directory-key.ts","../src/dependabot/placeholder.ts","../src/dependabot/config.ts","../src/dependabot/job.ts"],"sourcesContent":["/**\n * Options for creating a directory key that supports both naming conventions:\n * - `ecosystem` (standard format)\n * - `package-ecosystem` (alternative format for compatibility)\n *\n * Either a single `directory` or multiple `directories` can be specified.\n */\ntype MakeDirectoryKeyOptions =\n | {\n /** The package ecosystem (e.g., 'npm', 'pip', 'bundler') */\n ecosystem: string;\n /** Single directory path (optional if directories is provided) */\n directory?: string | null;\n /** Multiple directory paths (optional if directory is provided) */\n directories?: string[];\n }\n | {\n /** The package ecosystem using alternative naming convention */\n 'package-ecosystem': string;\n /** Single directory path (optional if directories is provided) */\n directory?: string | null;\n /** Multiple directory paths (optional if directory is provided) */\n directories?: string[];\n };\n\n/**\n * Creates a unique directory key by combining the ecosystem and directory information.\n *\n * The key format is: `{ecosystem}::{directory_info}`\n * - For single directory: `npm::/src/frontend`\n * - For multiple directories: `npm::/src/frontend,/src/backend`\n *\n * @param options - Configuration object containing ecosystem and directory information\n * @returns A unique string key in the format `{ecosystem}::{directories}`\n *\n * @example\n * ```typescript\n * // Single directory\n * const key1 = makeDirectoryKey({ ecosystem: 'npm', directory: '/src' });\n * // Returns: \"npm::/src\"\n *\n * // Multiple directories\n * const key2 = makeDirectoryKey({\n * ecosystem: 'pip',\n * directories: ['/backend', '/scripts']\n * });\n * // Returns: \"pip::/backend,/scripts\"\n *\n * // Using alternative naming convention\n * const key3 = makeDirectoryKey({\n * 'package-ecosystem': 'bundler',\n * directory: '/app'\n * });\n * // Returns: \"bundler::/app\"\n * ```\n */\nexport function makeDirectoryKey(options: MakeDirectoryKeyOptions): string {\n // Extract ecosystem name from either naming convention\n const ecosystem = 'ecosystem' in options ? options.ecosystem : options['package-ecosystem'];\n\n // Use single directory if provided, otherwise join multiple directories with comma\n const directoryPart = options.directory ?? options.directories!.join(',');\n\n return `${ecosystem}::${directoryPart}`;\n}\n","export type VariableFinderFn = (name: string) => string | undefined | Promise<string | undefined>;\n\nasync function convertPlaceholder({\n input,\n variableFinder,\n}: {\n input?: string;\n variableFinder: VariableFinderFn;\n}): Promise<string | undefined> {\n if (!input) return undefined;\n\n const matches: RegExpExecArray[] = extractPlaceholder(input);\n let result = input;\n for (const match of matches) {\n const placeholder = match[0];\n const name = match[1]!;\n const value = (await variableFinder(name)) ?? placeholder;\n result = result.replace(placeholder, value);\n }\n return result;\n}\n\nfunction extractPlaceholder(input: string) {\n const regexp: RegExp = /\\${{\\s*([a-zA-Z_]+[a-zA-Z0-9._-]*)\\s*}}/g;\n\n return matchAll(input, regexp);\n}\n\nfunction matchAll(input: string, regexp: RegExp, matches: Array<RegExpExecArray> = []) {\n const matchIfAny = regexp.exec(input);\n if (matchIfAny) {\n matches.push(matchIfAny);\n\n // recurse until no more matches\n matchAll(input, regexp, matches);\n }\n return matches;\n}\n\nexport { convertPlaceholder, extractPlaceholder };\n","import * as yaml from 'js-yaml';\nimport { z } from 'zod';\n\nimport { makeDirectoryKey } from './directory-key';\nimport { convertPlaceholder, type VariableFinderFn } from './placeholder';\n\nexport const DependabotRegistrySchema = z\n .object({\n type: z.enum([\n // order matches\n // https://docs.github.com/en/enterprise-cloud@latest/code-security/dependabot/working-with-dependabot/configuring-access-to-private-registries-for-dependabot#supported-private-registries\n\n 'cargo-registry',\n 'composer-repository',\n 'docker-registry',\n 'git',\n 'goproxy-server',\n 'helm-registry',\n 'hex-organization',\n 'hex-repository',\n 'maven-repository',\n 'npm-registry',\n 'nuget-feed',\n 'pub-repository',\n 'python-index',\n 'rubygems-server',\n 'terraform-registry',\n ]),\n url: z.string().optional(),\n username: z.string().optional(),\n password: z.string().optional(),\n key: z.string().optional(),\n token: z.string().optional(),\n 'replaces-base': z.boolean().optional(),\n host: z.string().optional(), // for terraform and composer only\n registry: z.string().optional(), // for npm only\n organization: z.string().optional(), // for hex-organisation only\n repo: z.string().optional(), // for hex-repository only\n 'public-key-fingerprint': z.string().optional(), // for hex-repository only\n 'index-url': z.string().optional(), // for python-index only\n 'auth-key': z.string().optional(), // used by composer-repository, docker-registry, etc\n 'tenant-id': z.string().optional(), // can only be for azure related stuff, not sure\n 'client-id': z.string().optional(), // can only be for azure related stuff, not sure\n })\n // change underscore to dash in the registry key/type\n .transform((value) => ({ ...value, type: value.type.replace('-', '_') }));\nexport type DependabotRegistry = z.infer<typeof DependabotRegistrySchema>;\n\nexport const DependabotGroupSchema = z.object({\n // Define an identifier for the group to use in branch names and pull request titles.\n // This must start and end with a letter, and can contain letters, pipes |, underscores _, or hyphens -.\n IDENTIFIER: z\n .string()\n .check(\n z.regex(/^[a-zA-Z][a-zA-Z0-9|_-]*[a-zA-Z]$/, {\n message:\n 'Group identifier must start and end with a letter, and can contain letters, pipes |, underscores _, or hyphens -.',\n }),\n )\n .optional(),\n 'applies-to': z.enum(['version-updates', 'security-updates']).optional(),\n 'dependency-type': z.enum(['development', 'production']).optional(),\n patterns: z.string().array().optional(),\n 'exclude-patterns': z.string().array().optional(),\n 'update-types': z.enum(['major', 'minor', 'patch']).array().optional(),\n});\nexport type DependabotGroup = z.infer<typeof DependabotGroupSchema>;\n\nexport const DependabotAllowConditionSchema = z.object({\n 'dependency-name': z.string().optional(),\n 'dependency-type': z.enum(['direct', 'indirect', 'all', 'production', 'development']).optional(),\n 'update-type': z.enum(['all', 'security']).optional(),\n});\nexport type DependabotAllowCondition = z.infer<typeof DependabotAllowConditionSchema>;\n\nexport const DependabotIgnoreConditionSchema = z\n .object({\n 'dependency-name': z.string().optional(),\n versions: z.string().array().or(z.string()).optional(),\n 'update-types': z\n .enum(['version-update:semver-major', 'version-update:semver-minor', 'version-update:semver-patch'])\n .array()\n .optional(),\n })\n .and(z.record(z.string(), z.any()));\nexport type DependabotIgnoreCondition = z.infer<typeof DependabotIgnoreConditionSchema>;\n\nexport const DependabotScheduleSchema = z\n .object({\n interval: z.enum(['daily', 'weekly', 'monthly', 'quarterly', 'semiannually', 'yearly', 'cron']),\n\n day: z\n .enum(['sunday', 'monday', 'tuesday', 'wednesday', 'thursday', 'friday', 'saturday'])\n .optional()\n .default('monday'),\n\n time: z\n .string()\n .default('02:00')\n .check(z.regex(/^(0[0-9]|1[0-9]|2[0-3]):[0-5][0-9]$/, { message: 'Time must be in HH:MM format' }))\n .optional(),\n\n timezone: z\n .string()\n .optional()\n .default('Etc/UTC')\n .refine(\n (value) => {\n try {\n // If tz is not a valid IANA name, this throws a RangeError\n Intl.DateTimeFormat(undefined, { timeZone: value });\n return true;\n } catch {\n return false;\n }\n },\n { message: 'Invalid IANA time zone' },\n ),\n cronjob: z\n .string()\n .check(z.regex(/^\\S+ \\S+ \\S+ \\S+ \\S+$/, { message: 'Cronjob must be in standard cron format' }))\n .optional(),\n })\n .transform((value, { addIssue }) => {\n // if interval is 'cron', cronjob must be specified\n if (value.interval === 'cron' && !value.cronjob) {\n addIssue(\"The 'cronjob' field must be specified when the interval is set to 'cron'.\");\n }\n\n return value;\n });\nexport type DependabotSchedule = z.infer<typeof DependabotScheduleSchema>;\n\nexport const DependabotCommitMessageSchema = z.object({\n prefix: z.string().optional(),\n 'prefix-development': z.string().optional(),\n include: z.string().optional(),\n});\nexport type DependabotCommitMessage = z.infer<typeof DependabotCommitMessageSchema>;\n\nexport const DependabotCooldownSchema = z.object({\n 'default-days': z.number().optional(),\n 'semver-major-days': z.number().optional(),\n 'semver-minor-days': z.number().optional(),\n 'semver-patch-days': z.number().optional(),\n include: z.string().array().optional(),\n exclude: z.string().array().optional(),\n});\nexport type DependabotCooldown = z.infer<typeof DependabotCooldownSchema>;\n\nconst DependabotPullRequestBranchNameSchema = z.object({\n separator: z.string().optional(),\n});\nexport type DependabotPullRequestBranchName = z.infer<typeof DependabotPullRequestBranchNameSchema>;\n\nexport const PackageEcosystemSchema = z.enum([\n // order matches\n // https://docs.github.com/en/code-security/dependabot/working-with-dependabot/dependabot-options-reference#package-ecosystem-\n\n 'bazel', // still in beta as of 2025-Nov-17\n 'bun',\n 'bundler',\n 'cargo',\n 'composer',\n 'devcontainers',\n 'docker',\n 'docker-compose',\n 'dotnet-sdk',\n 'helm',\n 'mix',\n 'elm',\n 'gitsubmodule',\n 'github-actions',\n 'gomod',\n 'gradle',\n 'julia',\n 'maven',\n 'npm',\n 'nuget',\n 'opentofu', // in beta as of 2025-Nov-17\n 'pip',\n 'pip-compile', // alias mapped to 'pip'\n 'pipenv', // alias mapped to 'pip'\n 'pnpm', // alias mapped to 'npm'\n 'poetry', // alias mapped to 'pip'\n 'pub',\n 'rust-toolchain',\n 'swift',\n 'terraform',\n 'uv',\n 'vcpkg',\n 'yarn', // alias mapped to 'npm'\n]);\nexport type PackageEcosystem = z.infer<typeof PackageEcosystemSchema>;\n\nexport const VersioningStrategySchema = z.enum(['auto', 'increase', 'increase-if-necessary', 'lockfile-only', 'widen']);\nexport type VersioningStrategy = z.infer<typeof VersioningStrategySchema>;\n\nexport const DependabotUpdateSchema = z\n .object({\n 'package-ecosystem': PackageEcosystemSchema,\n directory: z.string().optional(),\n directories: z.string().array().optional(),\n 'exclude-paths': z.string().array().optional(),\n allow: DependabotAllowConditionSchema.array().optional(),\n assignees: z.string().array().optional(),\n 'commit-message': DependabotCommitMessageSchema.optional(),\n cooldown: DependabotCooldownSchema.optional(),\n groups: z.record(z.string(), DependabotGroupSchema).optional(),\n ignore: DependabotIgnoreConditionSchema.array().optional(),\n 'insecure-external-code-execution': z.enum(['allow', 'deny']).optional(),\n labels: z.string().array().optional(),\n milestone: z.coerce.string().optional(),\n 'open-pull-requests-limit': z.number().check(z.int(), z.gte(0)).optional(),\n 'pull-request-branch-name': DependabotPullRequestBranchNameSchema.optional(),\n 'rebase-strategy': z.string().optional(),\n registries: z.string().array().optional(),\n schedule: DependabotScheduleSchema.optional(), // TODO: make required after 2025-Nov-30\n 'target-branch': z.string().optional(),\n vendor: z.boolean().optional(),\n 'versioning-strategy': VersioningStrategySchema.optional(),\n patterns: z.string().array().optional(),\n 'multi-ecosystem-group': z.string().optional(),\n })\n .transform((value, { addIssue }) => {\n // either 'directory' or 'directories' must be specified\n if (!value.directory && (!value.directories || value.directories.length === 0)) {\n addIssue(\"Either 'directory' or 'directories' must be specified in the dependency update configuration.\");\n }\n\n // validate that 'directory' does not contain glob patterns\n if (value.directory && /[*?[\\]{}]/.test(value.directory)) {\n addIssue(\"The 'directory' field must not include glob pattern.\");\n }\n\n value['open-pull-requests-limit'] ??= 5; // default to 5 if not specified\n\n // The patterns key is required when using multi-ecosystem-group.\n // You can specify dependency patterns to include only certain dependencies in the group,\n // or use [\"*\"] to include all dependencies.\n if (value['multi-ecosystem-group'] && (!value.patterns || value.patterns.length === 0)) {\n addIssue(\n \"The 'patterns' field must be specified and contain at least one pattern when using 'multi-ecosystem-group'.\",\n );\n }\n\n return value;\n });\nexport type DependabotUpdate = z.infer<typeof DependabotUpdateSchema>;\n\nexport const DependabotMultiEcosystemGroupSchema = z.object({\n schedule: DependabotScheduleSchema,\n labels: z.string().array().optional(), // behaviour: additive\n milestone: z.coerce.string().optional(), // behaviour: group-only\n assignees: z.string().array().optional(), // behaviour: additive\n 'target-branch': z.string().optional(), // behaviour: group-only\n 'commit-message': DependabotCommitMessageSchema.optional(), // behaviour: group-only\n 'pull-request-branch-name': DependabotPullRequestBranchNameSchema.optional(), // behaviour: group-only\n});\nexport type DependabotMultiEcosystemGroup = z.infer<typeof DependabotMultiEcosystemGroupSchema>;\n\n/**\n * Represents the dependabot.yaml configuration file options.\n * See: https://docs.github.com/en/github/administering-a-repository/configuration-options-for-dependency-updates#configuration-options-for-dependabotyml\n */\nexport const DependabotConfigSchema = z\n .object({\n /**\n * Mandatory. configuration file version.\n **/\n version: z.number().refine((v) => v === 2, { message: 'Only version 2 of dependabot is supported' }),\n\n /**\n * Optional. Configure groups of ecosystems to update together in a single pull request.\n */\n 'multi-ecosystem-groups': z.record(z.string(), DependabotMultiEcosystemGroupSchema).optional(),\n\n /**\n * Mandatory. Configure how Dependabot updates the versions or project dependencies.\n * Each entry configures the update settings for a particular package manager.\n */\n updates: DependabotUpdateSchema.array().check(\n z.minLength(1, { message: 'At least one update configuration is required' }),\n ),\n\n /**\n * Optional.\n * Specify authentication details to access private package registries.\n */\n registries: z.record(z.string(), DependabotRegistrySchema).optional(),\n\n /**\n * Optional. Enables updates for ecosystems that are not yet generally available.\n * https://docs.github.com/en/code-security/dependabot/working-with-dependabot/dependabot-options-reference#enable-beta-ecosystems-\n */\n 'enable-beta-ecosystems': z.boolean().optional(),\n })\n .transform((value, { addIssue }) => {\n // If you attempt to set group-only keys at the ecosystem level (in updates entries),\n // Dependabot will throw a configuration error and fail to process your dependabot.yml file.\n // These keys must only be specified in the multi-ecosystem-groups section.\n // https://docs.github.com/en/code-security/dependabot/working-with-dependabot/configuring-multi-ecosystem-updates#group-only-keys\n const groupOnlyKeys = ['milestone', 'target-branch', 'commit-message', 'pull-request-branch-name'] as const;\n if (value['multi-ecosystem-groups']) {\n for (const update of value.updates) {\n for (const key of groupOnlyKeys) {\n if (key in update) {\n addIssue(\n `The '${key}' field must not be specified in the 'updates' section when using 'multi-ecosystem-groups'. It is a group-only field.`,\n );\n }\n }\n }\n }\n\n // ensure there is no update with the same package-ecosystem and directory/directories combination\n const seen = new Set<string>();\n for (const update of value.updates) {\n const key = makeDirectoryKey(update);\n if (seen.has(key)) {\n addIssue(\n `Duplicate update configuration found for '${update['package-ecosystem']}' and directory: '${update.directory ?? update.directories?.join(',')}'`,\n );\n }\n seen.add(key);\n }\n\n // ensure that the ecosystems in beta are only used when 'enable-beta-ecosystems' is true\n const betaEcosystems: PackageEcosystem[] = ['bazel', 'opentofu'];\n if (!value['enable-beta-ecosystems']) {\n for (const update of value.updates) {\n if (betaEcosystems.includes(update['package-ecosystem'])) {\n addIssue(\n `The package ecosystem '${update['package-ecosystem']}' is currently in beta. To use it, set 'enable-beta-ecosystems' to true in the dependabot configuration.`,\n );\n }\n }\n }\n\n return value;\n });\n\nexport type DependabotConfig = z.infer<typeof DependabotConfigSchema>;\n\nexport function parseUpdates(config: DependabotConfig, configPath: string): DependabotUpdate[] {\n const updates: DependabotUpdate[] = [];\n\n // Parse the value of each of the updates obtained from the file\n for (const update of config.updates) {\n // populate the 'ignore' conditions 'source' and 'updated-at' properties, if missing\n // NOTE: 'source' and 'updated-at' are not documented in the dependabot.yml config docs, but are defined in the dependabot-core and dependabot-cli models.\n // Currently they don't appear to add much value to the update process, but are populated here for completeness.\n if (update.ignore) {\n for (const condition of update.ignore) {\n condition.source ??= configPath;\n // we don't know the last updated time, so we use the current time\n condition['updated-at'] ??= new Date().toISOString();\n }\n }\n\n updates.push(update);\n }\n return updates;\n}\n\nexport async function parseRegistries(\n config: DependabotConfig,\n variableFinder: VariableFinderFn,\n): Promise<Record<string, DependabotRegistry>> {\n // Parse the value of each of the registries obtained from the config\n const registries: Record<string, DependabotRegistry> = {};\n for (const [key, registry] of Object.entries(config.registries || {})) {\n const updated = { ...registry };\n const { type } = updated;\n\n // handle special fields for 'hex-organization' types\n if (type === 'hex_organization' && !updated.organization) {\n throw new Error(`The value 'organization' in dependency registry config '${type}' is missing`);\n }\n\n // handle special fields for 'hex-repository' types\n if (type === 'hex_repository' && !updated.repo) {\n throw new Error(`The value 'repo' in dependency registry config '${key}' is missing`);\n }\n\n // parse username, password, key, and token while replacing tokens where necessary\n updated.username = await convertPlaceholder({ input: updated.username, variableFinder: variableFinder });\n updated.password = await convertPlaceholder({ input: updated.password, variableFinder: variableFinder });\n updated.key = await convertPlaceholder({ input: updated.key, variableFinder: variableFinder });\n updated.token = await convertPlaceholder({ input: updated.token, variableFinder: variableFinder });\n\n // TODO: include sources for this logic, otherwise it looks like magic.\n // Initially, this was based on reading through the dependabot-core logic\n // but much has since changed.\n\n // parse the url\n const url = updated.url;\n if (!url && type !== 'hex_organization') {\n throw new Error(`The value 'url' in dependency registry config '${key}' is missing`);\n }\n if (url) {\n /*\n * Some credentials do not use the 'url' property in the Ruby updater.\n * The 'host' and 'registry' properties are derived from the given URL.\n * The 'registry' property is derived from the 'url' by stripping off the scheme.\n * The 'host' property is derived from the hostname of the 'url'.\n *\n * 'npm_registry' and 'docker_registry' use 'registry' only.\n * 'terraform_registry' uses 'host' only.\n * 'composer_repository' uses both 'url' and 'host'.\n * 'python_index' uses 'index-url' instead of 'url'.\n */\n\n if (URL.canParse(url)) {\n const parsedUrl = new URL(url);\n\n const addRegistry = type === 'docker_registry' || type === 'npm_registry';\n if (addRegistry) updated.registry = url.replace('https://', '').replace('http://', '');\n\n const addHost = type === 'composer_repository' || type === 'terraform_registry';\n if (addHost) updated.host = parsedUrl.hostname;\n }\n\n if (type === 'python_index') updated['index-url'] = url;\n\n const removeUrl =\n type === 'docker_registry' ||\n type === 'npm_registry' ||\n type === 'terraform_registry' ||\n type === 'python_index';\n if (removeUrl) delete updated.url; // remove the url if not needed\n }\n\n // add to list\n registries[key] = updated;\n }\n return registries;\n}\n\nexport function validateConfiguration(updates: DependabotUpdate[], registries: Record<string, DependabotRegistry>) {\n const configured = Object.keys(registries);\n const referenced: string[] = [];\n for (const u of updates) referenced.push(...(u.registries ?? []));\n\n // ensure there are no configured registries that have not been referenced\n const missingConfiguration = referenced.filter((el) => !configured.includes(el));\n if (missingConfiguration.length > 0) {\n throw new Error(\n `Referenced registries: '${missingConfiguration.join(',')}' have not been configured in the root of dependabot.yml`,\n );\n }\n\n // ensure there are no registries referenced but not configured\n const missingReferences = configured.filter((el) => !referenced.includes(el));\n if (missingReferences.length > 0) {\n throw new Error(`Registries: '${missingReferences.join(',')}' have not been referenced by any update`);\n }\n}\n\n/**\n * Possible paths to the dependabot config file.\n * Remember to prefix with a forward slash when querying API endpoints or where necessary.\n */\nexport const POSSIBLE_CONFIG_FILE_PATHS = [\n '.azuredevops/dependabot.yml',\n '.azuredevops/dependabot.yaml',\n '.github/dependabot.yaml',\n '.github/dependabot.yml',\n];\n\n/**\n * Parse the contents of a dependabot config YAML file\n * @returns {DependabotConfig} config - the dependabot configuration\n */\nexport async function parseDependabotConfig({\n configContents,\n configPath,\n variableFinder,\n}: {\n configContents: string;\n configPath: string;\n variableFinder: VariableFinderFn;\n}): Promise<DependabotConfig> {\n // Load the config\n const loadedConfig = yaml.load(configContents);\n if (loadedConfig === null || typeof loadedConfig !== 'object') {\n throw new Error('Invalid dependabot config object');\n }\n\n // Parse the config\n const config = await DependabotConfigSchema.parseAsync(loadedConfig);\n const updates = parseUpdates(config, configPath);\n const registries = await parseRegistries(config, variableFinder);\n validateConfiguration(updates, registries);\n\n return { ...config, updates, registries };\n}\n","import { z } from 'zod';\nimport { DependabotCooldownSchema } from './config';\n\n// we use nullish() because it does optional() and allows the value to be set to null\n\nexport const DependabotCredentialSchema = z.record(z.string(), z.any());\nexport type DependabotCredential = z.infer<typeof DependabotCredentialSchema>;\n\nexport const CertificateAuthoritySchema = z.object({\n cert: z.string(),\n key: z.string(),\n});\nexport type CertificateAuthority = z.infer<typeof CertificateAuthoritySchema>;\n\nexport const DependabotProxyConfigSchema = z.object({\n all_credentials: DependabotCredentialSchema.array(),\n ca: CertificateAuthoritySchema,\n});\nexport type DependabotProxyConfig = z.infer<typeof DependabotProxyConfigSchema>;\n\nexport const DependabotSourceProviderSchema = z.enum(['azure', 'gitlab', 'bitbucket']);\nexport type DependabotSourceProvider = z.infer<typeof DependabotSourceProviderSchema>;\n\nexport const DependabotSourceSchema = z.object({\n provider: DependabotSourceProviderSchema,\n repo: z.string(),\n directory: z.string().nullish(),\n directories: z.string().array().nullish(),\n branch: z.string().nullish(),\n commit: z.string().nullish(),\n hostname: z.string().nullish(), // Must be provided if api-endpoint is\n 'api-endpoint': z.string().nullish(), // Must be provided if hostname is\n});\nexport type DependabotSource = z.infer<typeof DependabotSourceSchema>;\n\nexport const DependabotExistingPRSchema = z.object({\n 'dependency-name': z.string(),\n 'dependency-version': z.string().nullish(),\n directory: z.string().nullish(),\n removed: z.boolean().nullish(),\n});\nexport type DependabotExistingPR = z.infer<typeof DependabotExistingPRSchema>;\n\nexport const DependabotExistingGroupPRSchema = z.object({\n 'dependency-group-name': z.string(),\n dependencies: DependabotExistingPRSchema.array(),\n});\nexport type DependabotExistingGroupPR = z.infer<typeof DependabotExistingGroupPRSchema>;\n\nexport const DependabotAllowedSchema = z.object({\n 'dependency-name': z.string().nullish(),\n 'dependency-type': z.string().nullish(),\n 'update-type': z.enum(['all', 'security']).optional(),\n});\nexport type DependabotAllowed = z.infer<typeof DependabotAllowedSchema>;\n\nexport const DependabotGroupRuleJobSchema = z.object({\n patterns: z.string().array().nullish(),\n 'exclude-patterns': z.string().array().nullish(),\n 'dependency-type': z.string().nullish(),\n 'update-types': z.string().array().nullish(),\n});\nexport type DependabotGroupRuleJob = z.infer<typeof DependabotGroupRuleJobSchema>;\n\nexport const DependabotGroupJobSchema = z.object({\n name: z.string(),\n 'applies-to': z.string().nullish(),\n rules: DependabotGroupRuleJobSchema,\n});\nexport type DependabotGroupJob = z.infer<typeof DependabotGroupJobSchema>;\n\nexport const DependabotConditionSchema = z.object({\n 'dependency-name': z.string(),\n source: z.string().nullish(),\n 'update-types': z.string().array().nullish(),\n 'updated-at': z.coerce.string().nullish(),\n 'version-requirement': z.string().nullish(),\n});\nexport type DependabotCondition = z.infer<typeof DependabotConditionSchema>;\n\nexport const DependabotSecurityAdvisorySchema = z.object({\n 'dependency-name': z.string(),\n 'affected-versions': z.string().array(),\n 'patched-versions': z.string().array().nullish(), // may not be patched as of yet\n 'unaffected-versions': z.string().array(),\n});\nexport type DependabotSecurityAdvisory = z.infer<typeof DependabotSecurityAdvisorySchema>;\n\nexport const DependabotRequirementSourceSchema = z.record(z.string(), z.any());\nexport type DependabotRequirementSource = z.infer<typeof DependabotRequirementSourceSchema>;\n\nexport const DependabotRequirementSchema = z.object({\n file: z.string().nullish(), // e.g. 'requirements.txt' or '/Root.csproj'\n groups: z.string().array().nullish(), // e.g. ['dependencies']\n metadata: z.record(z.string(), z.any()).nullish(),\n requirement: z.string().nullish(), // e.g. '==3.2.0' or '8.1.0'\n source: DependabotRequirementSourceSchema.nullish(),\n version: z.string().nullish(),\n 'previous-version': z.string().nullish(),\n});\nexport type DependabotRequirement = z.infer<typeof DependabotRequirementSchema>;\n\nexport const DependabotDependencySchema = z.object({\n name: z.string(), // e.g. 'django' or 'GraphQL.Server.Ui.Voyager'\n 'previous-requirements': DependabotRequirementSchema.array().nullish(),\n 'previous-version': z.string().nullish(),\n version: z.string().nullish(), // e.g. '5.0.1' or '8.1.0'\n requirements: DependabotRequirementSchema.array().nullish(),\n removed: z.boolean().nullish(),\n directory: z.string().nullish(),\n});\nexport type DependabotDependency = z.infer<typeof DependabotDependencySchema>;\n\nexport const DependabotCommitOptionsSchema = z.object({\n prefix: z.string().nullish(),\n 'prefix-development': z.string().nullish(),\n 'include-scope': z.boolean().nullish(),\n});\nexport type DependabotCommitOptions = z.infer<typeof DependabotCommitOptionsSchema>;\n\nexport const DependabotExperimentsSchema = z.record(z.string(), z.union([z.string(), z.boolean()]));\nexport type DependabotExperiments = z.infer<typeof DependabotExperimentsSchema>;\n\nexport const DependabotPackageManagerSchema = z.enum([\n // order matches dependabot-action/src/update-containers.ts\n\n 'bundler',\n 'cargo',\n 'composer',\n 'pub',\n 'docker',\n 'elm',\n 'github_actions', // ecosystem(s): 'github-actions'\n 'submodules', // ecosystem(s): 'gitsubmodule'\n 'go_modules', // ecosystem(s): 'gomod'\n 'gradle',\n 'maven',\n 'hex', // ecosystem(s): 'mix'\n 'nuget',\n 'npm_and_yarn', // ecosystem(s): 'npm', 'pnpm', 'yarn'\n 'pip', // ecosystem(s): 'pipenv', 'pip-compile', 'poetry'\n 'rust_toolchain', // ecosystem(s): 'rust-toolchain'\n 'swift',\n 'terraform',\n 'devcontainers',\n 'dotnet_sdk', // ecosystem(s): 'dotnet-sdk'\n 'bun',\n 'docker_compose', // // ecosystem(s): 'docker-compose',\n 'uv',\n 'vcpkg',\n 'helm',\n 'julia',\n 'bazel',\n 'opentofu',\n]);\nexport type DependabotPackageManager = z.infer<typeof DependabotPackageManagerSchema>;\n\nexport const DependabotCommandSchema = z.enum(['graph', 'version', 'recreate']);\nexport type DependabotCommand = z.infer<typeof DependabotCommandSchema>;\n\n// See: https://github.com/dependabot/cli/blob/main/internal/model/job.go\n// https://github.com/dependabot/dependabot-core/blob/main/updater/lib/dependabot/job.rb\nexport const DependabotJobConfigSchema = z.object({\n id: z.string(),\n command: DependabotCommandSchema.optional(),\n 'package-manager': DependabotPackageManagerSchema,\n 'allowed-updates': DependabotAllowedSchema.array(),\n debug: z.boolean().nullable(),\n 'dependency-groups': DependabotGroupJobSchema.array().nullish(),\n dependencies: z.string().array().nullable(),\n 'dependency-group-to-refresh': z.string().nullish(),\n 'existing-pull-requests': DependabotExistingPRSchema.array().array(),\n 'existing-group-pull-requests': DependabotExistingGroupPRSchema.array(),\n experiments: DependabotExperimentsSchema,\n 'ignore-conditions': DependabotConditionSchema.array(),\n 'lockfile-only': z.boolean(),\n 'requirements-update-strategy': z.string().nullable(),\n 'security-advisories': DependabotSecurityAdvisorySchema.array(),\n 'security-updates-only': z.boolean(),\n source: DependabotSourceSchema,\n 'update-subdependencies': z.boolean(),\n 'updating-a-pull-request': z.boolean(),\n 'vendor-dependencies': z.boolean(),\n 'reject-external-code': z.boolean().nullish(),\n 'repo-private': z.boolean(),\n 'commit-message-options': DependabotCommitOptionsSchema,\n 'credentials-metadata': DependabotCredentialSchema.array().nullish(),\n 'max-updater-run-time': z.int().nullish(),\n cooldown: DependabotCooldownSchema.nullish(),\n 'proxy-log-response-body-on-auth-failure': z.boolean().nullish(),\n 'enable-beta-ecosystems': z.boolean().nullish(),\n 'multi-ecosystem-update': z.boolean().nullish(),\n 'exclude-paths': z.string().array().optional(),\n});\nexport type DependabotJobConfig = z.infer<typeof DependabotJobConfigSchema>;\n\nexport const DependabotJobFileSchema = z.object({\n job: DependabotJobConfigSchema,\n});\nexport type DependabotJobFile = z.infer<typeof DependabotJobFileSchema>;\n\n// Code below is borrowed and adapted from dependabot-action\n\n// biome-ignore-start lint/suspicious/noExplicitAny: generic\nexport type FetchedFiles = {\n base_commit_sha: string;\n dependency_files: any[];\n base64_dependency_files: any[];\n};\n// biome-ignore-end lint/suspicious/noExplicitAny: generic\n\nexport type FileFetcherInput = {\n job: DependabotJobConfig;\n};\n\nexport type FileUpdaterInput = FetchedFiles & {\n job: DependabotJobConfig;\n};\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAwDA,SAAgB,iBAAiB,SAA0C;AAOzE,QAAO,GALW,eAAe,UAAU,QAAQ,YAAY,QAAQ,qBAKnD,IAFE,QAAQ,aAAa,QAAQ,YAAa,KAAK,IAAI;;;;;AC3D3E,eAAe,mBAAmB,EAChC,OACA,kBAI8B;AAC9B,KAAI,CAAC,MAAO,QAAO;CAEnB,MAAMA,UAA6B,mBAAmB,MAAM;CAC5D,IAAI,SAAS;AACb,MAAK,MAAM,SAAS,SAAS;EAC3B,MAAM,cAAc,MAAM;EAC1B,MAAM,OAAO,MAAM;EACnB,MAAM,QAAS,MAAM,eAAe,KAAK,IAAK;AAC9C,WAAS,OAAO,QAAQ,aAAa,MAAM;;AAE7C,QAAO;;AAGT,SAAS,mBAAmB,OAAe;AAGzC,QAAO,SAAS,OAFO,2CAEO;;AAGhC,SAAS,SAAS,OAAe,QAAgB,UAAkC,EAAE,EAAE;CACrF,MAAM,aAAa,OAAO,KAAK,MAAM;AACrC,KAAI,YAAY;AACd,UAAQ,KAAK,WAAW;AAGxB,WAAS,OAAO,QAAQ,QAAQ;;AAElC,QAAO;;;;;AC9BT,MAAa,2BAA2B,EACrC,OAAO;CACN,MAAM,EAAE,KAAK;EAIX;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACA;EACD,CAAC;CACF,KAAK,EAAE,QAAQ,CAAC,UAAU;CAC1B,UAAU,EAAE,QAAQ,CAAC,UAAU;CAC/B,UAAU,EAAE,QAAQ,CAAC,UAAU;CAC/B,KAAK,EAAE,QAAQ,CAAC,UAAU;CAC1B,OAAO,EAAE,QAAQ,CAAC,UAAU;CAC5B,iBAAiB,EAAE,SAAS,CAAC,UAAU;CACvC,MAAM,EAAE,QAAQ,CAAC,UAAU;CAC3B,UAAU,EAAE,QAAQ,CAAC,UAAU;CAC/B,cAAc,EAAE,QAAQ,CAAC,UAAU;CACnC,MAAM,EAAE,QAAQ,CAAC,UAAU;CAC3B,0BAA0B,EAAE,QAAQ,CAAC,UAAU;CAC/C,aAAa,EAAE,QAAQ,CAAC,UAAU;CAClC,YAAY,EAAE,QAAQ,CAAC,UAAU;CACjC,aAAa,EAAE,QAAQ,CAAC,UAAU;CAClC,aAAa,EAAE,QAAQ,CAAC,UAAU;CACnC,CAAC,CAED,WAAW,WAAW;CAAE,GAAG;CAAO,MAAM,MAAM,KAAK,QAAQ,KAAK,IAAI;CAAE,EAAE;AAG3E,MAAa,wBAAwB,EAAE,OAAO;CAG5C,YAAY,EACT,QAAQ,CACR,MACC,EAAE,MAAM,qCAAqC,EAC3C,SACE,qHACH,CAAC,CACH,CACA,UAAU;CACb,cAAc,EAAE,KAAK,CAAC,mBAAmB,mBAAmB,CAAC,CAAC,UAAU;CACxE,mBAAmB,EAAE,KAAK,CAAC,eAAe,aAAa,CAAC,CAAC,UAAU;CACnE,UAAU,EAAE,QAAQ,CAAC,OAAO,CAAC,UAAU;CACvC,oBAAoB,EAAE,QAAQ,CAAC,OAAO,CAAC,UAAU;CACjD,gBAAgB,EAAE,KAAK;EAAC;EAAS;EAAS;EAAQ,CAAC,CAAC,OAAO,CAAC,UAAU;CACvE,CAAC;AAGF,MAAa,iCAAiC,EAAE,OAAO;CACrD,mBAAmB,EAAE,QAAQ,CAAC,UAAU;CACxC,mBAAmB,EAAE,KAAK;EAAC;EAAU;EAAY;EAAO;EAAc;EAAc,CAAC,CAAC,UAAU;CAChG,eAAe,EAAE,KAAK,CAAC,OAAO,WAAW,CAAC,CAAC,UAAU;CACtD,CAAC;AAGF,MAAa,kCAAkC,EAC5C,OAAO;CACN,mBAAmB,EAAE,QAAQ,CAAC,UAAU;CACxC,UAAU,EAAE,QAAQ,CAAC,OAAO,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAC,UAAU;CACtD,gBAAgB,EACb,KAAK;EAAC;EAA+B;EAA+B;EAA8B,CAAC,CACnG,OAAO,CACP,UAAU;CACd,CAAC,CACD,IAAI,EAAE,OAAO,EAAE,QAAQ,EAAE,EAAE,KAAK,CAAC,CAAC;AAGrC,MAAa,2BAA2B,EACrC,OAAO;CACN,UAAU,EAAE,KAAK;EAAC;EAAS;EAAU;EAAW;EAAa;EAAgB;EAAU;EAAO,CAAC;CAE/F,KAAK,EACF,KAAK;EAAC;EAAU;EAAU;EAAW;EAAa;EAAY;EAAU;EAAW,CAAC,CACpF,UAAU,CACV,QAAQ,SAAS;CAEpB,MAAM,EACH,QAAQ,CACR,QAAQ,QAAQ,CAChB,MAAM,EAAE,MAAM,uCAAuC,EAAE,SAAS,gCAAgC,CAAC,CAAC,CAClG,UAAU;CAEb,UAAU,EACP,QAAQ,CACR,UAAU,CACV,QAAQ,UAAU,CAClB,QACE,UAAU;AACT,MAAI;AAEF,QAAK,eAAe,QAAW,EAAE,UAAU,OAAO,CAAC;AACnD,UAAO;UACD;AACN,UAAO;;IAGX,EAAE,SAAS,0BAA0B,CACtC;CACH,SAAS,EACN,QAAQ,CACR,MAAM,EAAE,MAAM,yBAAyB,EAAE,SAAS,2CAA2C,CAAC,CAAC,CAC/F,UAAU;CACd,CAAC,CACD,WAAW,OAAO,EAAE,eAAe;AAElC,KAAI,MAAM,aAAa,UAAU,CAAC,MAAM,QACtC,UAAS,4EAA4E;AAGvF,QAAO;EACP;AAGJ,MAAa,gCAAgC,EAAE,OAAO;CACpD,QAAQ,EAAE,QAAQ,CAAC,UAAU;CAC7B,sBAAsB,EAAE,QAAQ,CAAC,UAAU;CAC3C,SAAS,EAAE,QAAQ,CAAC,UAAU;CAC/B,CAAC;AAGF,MAAa,2BAA2B,EAAE,OAAO;CAC/C,gBAAgB,EAAE,QAAQ,CAAC,UAAU;CACrC,qBAAqB,EAAE,QAAQ,CAAC,UAAU;CAC1C,qBAAqB,EAAE,QAAQ,CAAC,UAAU;CAC1C,qBAAqB,EAAE,QAAQ,CAAC,UAAU;CAC1C,SAAS,EAAE,QAAQ,CAAC,OAAO,CAAC,UAAU;CACtC,SAAS,EAAE,QAAQ,CAAC,OAAO,CAAC,UAAU;CACvC,CAAC;AAGF,MAAM,wCAAwC,EAAE,OAAO,EACrD,WAAW,EAAE,QAAQ,CAAC,UAAU,EACjC,CAAC;AAGF,MAAa,yBAAyB,EAAE,KAAK;CAI3C;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACD,CAAC;AAGF,MAAa,2BAA2B,EAAE,KAAK;CAAC;CAAQ;CAAY;CAAyB;CAAiB;CAAQ,CAAC;AAGvH,MAAa,yBAAyB,EACnC,OAAO;CACN,qBAAqB;CACrB,WAAW,EAAE,QAAQ,CAAC,UAAU;CAChC,aAAa,EAAE,QAAQ,CAAC,OAAO,CAAC,UAAU;CAC1C,iBAAiB,EAAE,QAAQ,CAAC,OAAO,CAAC,UAAU;CAC9C,OAAO,+BAA+B,OAAO,CAAC,UAAU;CACxD,WAAW,EAAE,QAAQ,CAAC,OAAO,CAAC,UAAU;CACxC,kBAAkB,8BAA8B,UAAU;CAC1D,UAAU,yBAAyB,UAAU;CAC7C,QAAQ,EAAE,OAAO,EAAE,QAAQ,EAAE,sBAAsB,CAAC,UAAU;CAC9D,QAAQ,gCAAgC,OAAO,CAAC,UAAU;CAC1D,oCAAoC,EAAE,KAAK,CAAC,SAAS,OAAO,CAAC,CAAC,UAAU;CACxE,QAAQ,EAAE,QAAQ,CAAC,OAAO,CAAC,UAAU;CACrC,WAAW,EAAE,OAAO,QAAQ,CAAC,UAAU;CACvC,4BAA4B,EAAE,QAAQ,CAAC,MAAM,EAAE,KAAK,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,UAAU;CAC1E,4BAA4B,sCAAsC,UAAU;CAC5E,mBAAmB,EAAE,QAAQ,CAAC,UAAU;CACxC,YAAY,EAAE,QAAQ,CAAC,OAAO,CAAC,UAAU;CACzC,UAAU,yBAAyB,UAAU;CAC7C,iBAAiB,EAAE,QAAQ,CAAC,UAAU;CACtC,QAAQ,EAAE,SAAS,CAAC,UAAU;CAC9B,uBAAuB,yBAAyB,UAAU;CAC1D,UAAU,EAAE,QAAQ,CAAC,OAAO,CAAC,UAAU;CACvC,yBAAyB,EAAE,QAAQ,CAAC,UAAU;CAC/C,CAAC,CACD,WAAW,OAAO,EAAE,eAAe;AAElC,KAAI,CAAC,MAAM,cAAc,CAAC,MAAM,eAAe,MAAM,YAAY,WAAW,GAC1E,UAAS,gGAAgG;AAI3G,KAAI,MAAM,aAAa,YAAY,KAAK,MAAM,UAAU,CACtD,UAAS,uDAAuD;AAGlE,OAAM,gCAAgC;AAKtC,KAAI,MAAM,6BAA6B,CAAC,MAAM,YAAY,MAAM,SAAS,WAAW,GAClF,UACE,8GACD;AAGH,QAAO;EACP;AAGJ,MAAa,sCAAsC,EAAE,OAAO;CAC1D,UAAU;CACV,QAAQ,EAAE,QAAQ,CAAC,OAAO,CAAC,UAAU;CACrC,WAAW,EAAE,OAAO,QAAQ,CAAC,UAAU;CACvC,WAAW,EAAE,QAAQ,CAAC,OAAO,CAAC,UAAU;CACxC,iBAAiB,EAAE,QAAQ,CAAC,UAAU;CACtC,kBAAkB,8BAA8B,UAAU;CAC1D,4BAA4B,sCAAsC,UAAU;CAC7E,CAAC;;;;;AAOF,MAAa,yBAAyB,EACnC,OAAO;CAIN,SAAS,EAAE,QAAQ,CAAC,QAAQ,MAAM,MAAM,GAAG,EAAE,SAAS,6CAA6C,CAAC;CAKpG,0BAA0B,EAAE,OAAO,EAAE,QAAQ,EAAE,oCAAoC,CAAC,UAAU;CAM9F,SAAS,uBAAuB,OAAO,CAAC,MACtC,EAAE,UAAU,GAAG,EAAE,SAAS,iDAAiD,CAAC,CAC7E;CAMD,YAAY,EAAE,OAAO,EAAE,QAAQ,EAAE,yBAAyB,CAAC,UAAU;CAMrE,0BAA0B,EAAE,SAAS,CAAC,UAAU;CACjD,CAAC,CACD,WAAW,OAAO,EAAE,eAAe;CAKlC,MAAM,gBAAgB;EAAC;EAAa;EAAiB;EAAkB;EAA2B;AAClG,KAAI,MAAM,2BACR;OAAK,MAAM,UAAU,MAAM,QACzB,MAAK,MAAM,OAAO,cAChB,KAAI,OAAO,OACT,UACE,QAAQ,IAAI,uHACb;;CAOT,MAAM,uBAAO,IAAI,KAAa;AAC9B,MAAK,MAAM,UAAU,MAAM,SAAS;EAClC,MAAM,MAAM,iBAAiB,OAAO;AACpC,MAAI,KAAK,IAAI,IAAI,CACf,UACE,6CAA6C,OAAO,qBAAqB,oBAAoB,OAAO,aAAa,OAAO,aAAa,KAAK,IAAI,CAAC,GAChJ;AAEH,OAAK,IAAI,IAAI;;CAIf,MAAMC,iBAAqC,CAAC,SAAS,WAAW;AAChE,KAAI,CAAC,MAAM,2BACT;OAAK,MAAM,UAAU,MAAM,QACzB,KAAI,eAAe,SAAS,OAAO,qBAAqB,CACtD,UACE,0BAA0B,OAAO,qBAAqB,0GACvD;;AAKP,QAAO;EACP;AAIJ,SAAgB,aAAa,QAA0B,YAAwC;CAC7F,MAAMC,UAA8B,EAAE;AAGtC,MAAK,MAAM,UAAU,OAAO,SAAS;AAInC,MAAI,OAAO,OACT,MAAK,MAAM,aAAa,OAAO,QAAQ;AACrC,aAAU,WAAW;AAErB,aAAU,mCAAkB,IAAI,MAAM,EAAC,aAAa;;AAIxD,UAAQ,KAAK,OAAO;;AAEtB,QAAO;;AAGT,eAAsB,gBACpB,QACA,gBAC6C;CAE7C,MAAMC,aAAiD,EAAE;AACzD,MAAK,MAAM,CAAC,KAAK,aAAa,OAAO,QAAQ,OAAO,cAAc,EAAE,CAAC,EAAE;EACrE,MAAM,UAAU,EAAE,GAAG,UAAU;EAC/B,MAAM,EAAE,SAAS;AAGjB,MAAI,SAAS,sBAAsB,CAAC,QAAQ,aAC1C,OAAM,IAAI,MAAM,2DAA2D,KAAK,cAAc;AAIhG,MAAI,SAAS,oBAAoB,CAAC,QAAQ,KACxC,OAAM,IAAI,MAAM,mDAAmD,IAAI,cAAc;AAIvF,UAAQ,WAAW,MAAM,mBAAmB;GAAE,OAAO,QAAQ;GAA0B;GAAgB,CAAC;AACxG,UAAQ,WAAW,MAAM,mBAAmB;GAAE,OAAO,QAAQ;GAA0B;GAAgB,CAAC;AACxG,UAAQ,MAAM,MAAM,mBAAmB;GAAE,OAAO,QAAQ;GAAqB;GAAgB,CAAC;AAC9F,UAAQ,QAAQ,MAAM,mBAAmB;GAAE,OAAO,QAAQ;GAAuB;GAAgB,CAAC;EAOlG,MAAM,MAAM,QAAQ;AACpB,MAAI,CAAC,OAAO,SAAS,mBACnB,OAAM,IAAI,MAAM,kDAAkD,IAAI,cAAc;AAEtF,MAAI,KAAK;AAaP,OAAI,IAAI,SAAS,IAAI,EAAE;IACrB,MAAM,YAAY,IAAI,IAAI,IAAI;AAG9B,QADoB,SAAS,qBAAqB,SAAS,eAC1C,SAAQ,WAAW,IAAI,QAAQ,YAAY,GAAG,CAAC,QAAQ,WAAW,GAAG;AAGtF,QADgB,SAAS,yBAAyB,SAAS,qBAC9C,SAAQ,OAAO,UAAU;;AAGxC,OAAI,SAAS,eAAgB,SAAQ,eAAe;AAOpD,OAJE,SAAS,qBACT,SAAS,kBACT,SAAS,wBACT,SAAS,eACI,QAAO,QAAQ;;AAIhC,aAAW,OAAO;;AAEpB,QAAO;;AAGT,SAAgB,sBAAsB,SAA6B,YAAgD;CACjH,MAAM,aAAa,OAAO,KAAK,WAAW;CAC1C,MAAMC,aAAuB,EAAE;AAC/B,MAAK,MAAM,KAAK,QAAS,YAAW,KAAK,GAAI,EAAE,cAAc,EAAE,CAAE;CAGjE,MAAM,uBAAuB,WAAW,QAAQ,OAAO,CAAC,WAAW,SAAS,GAAG,CAAC;AAChF,KAAI,qBAAqB,SAAS,EAChC,OAAM,IAAI,MACR,2BAA2B,qBAAqB,KAAK,IAAI,CAAC,0DAC3D;CAIH,MAAM,oBAAoB,WAAW,QAAQ,OAAO,CAAC,WAAW,SAAS,GAAG,CAAC;AAC7E,KAAI,kBAAkB,SAAS,EAC7B,OAAM,IAAI,MAAM,gBAAgB,kBAAkB,KAAK,IAAI,CAAC,0CAA0C;;;;;;AAQ1G,MAAa,6BAA6B;CACxC;CACA;CACA;CACA;CACD;;;;;AAMD,eAAsB,sBAAsB,EAC1C,gBACA,YACA,kBAK4B;CAE5B,MAAM,eAAe,KAAK,KAAK,eAAe;AAC9C,KAAI,iBAAiB,QAAQ,OAAO,iBAAiB,SACnD,OAAM,IAAI,MAAM,mCAAmC;CAIrD,MAAM,SAAS,MAAM,uBAAuB,WAAW,aAAa;CACpE,MAAM,UAAU,aAAa,QAAQ,WAAW;CAChD,MAAM,aAAa,MAAM,gBAAgB,QAAQ,eAAe;AAChE,uBAAsB,SAAS,WAAW;AAE1C,QAAO;EAAE,GAAG;EAAQ;EAAS;EAAY;;;;;AC1e3C,MAAa,6BAA6B,EAAE,OAAO,EAAE,QAAQ,EAAE,EAAE,KAAK,CAAC;AAGvE,MAAa,6BAA6B,EAAE,OAAO;CACjD,MAAM,EAAE,QAAQ;CAChB,KAAK,EAAE,QAAQ;CAChB,CAAC;AAGF,MAAa,8BAA8B,EAAE,OAAO;CAClD,iBAAiB,2BAA2B,OAAO;CACnD,IAAI;CACL,CAAC;AAGF,MAAa,iCAAiC,EAAE,KAAK;CAAC;CAAS;CAAU;CAAY,CAAC;AAGtF,MAAa,yBAAyB,EAAE,OAAO;CAC7C,UAAU;CACV,MAAM,EAAE,QAAQ;CAChB,WAAW,EAAE,QAAQ,CAAC,SAAS;CAC/B,aAAa,EAAE,QAAQ,CAAC,OAAO,CAAC,SAAS;CACzC,QAAQ,EAAE,QAAQ,CAAC,SAAS;CAC5B,QAAQ,EAAE,QAAQ,CAAC,SAAS;CAC5B,UAAU,EAAE,QAAQ,CAAC,SAAS;CAC9B,gBAAgB,EAAE,QAAQ,CAAC,SAAS;CACrC,CAAC;AAGF,MAAa,6BAA6B,EAAE,OAAO;CACjD,mBAAmB,EAAE,QAAQ;CAC7B,sBAAsB,EAAE,QAAQ,CAAC,SAAS;CAC1C,WAAW,EAAE,QAAQ,CAAC,SAAS;CAC/B,SAAS,EAAE,SAAS,CAAC,SAAS;CAC/B,CAAC;AAGF,MAAa,kCAAkC,EAAE,OAAO;CACtD,yBAAyB,EAAE,QAAQ;CACnC,cAAc,2BAA2B,OAAO;CACjD,CAAC;AAGF,MAAa,0BAA0B,EAAE,OAAO;CAC9C,mBAAmB,EAAE,QAAQ,CAAC,SAAS;CACvC,mBAAmB,EAAE,QAAQ,CAAC,SAAS;CACvC,eAAe,EAAE,KAAK,CAAC,OAAO,WAAW,CAAC,CAAC,UAAU;CACtD,CAAC;AAGF,MAAa,+BAA+B,EAAE,OAAO;CACnD,UAAU,EAAE,QAAQ,CAAC,OAAO,CAAC,SAAS;CACtC,oBAAoB,EAAE,QAAQ,CAAC,OAAO,CAAC,SAAS;CAChD,mBAAmB,EAAE,QAAQ,CAAC,SAAS;CACvC,gBAAgB,EAAE,QAAQ,CAAC,OAAO,CAAC,SAAS;CAC7C,CAAC;AAGF,MAAa,2BAA2B,EAAE,OAAO;CAC/C,MAAM,EAAE,QAAQ;CAChB,cAAc,EAAE,QAAQ,CAAC,SAAS;CAClC,OAAO;CACR,CAAC;AAGF,MAAa,4BAA4B,EAAE,OAAO;CAChD,mBAAmB,EAAE,QAAQ;CAC7B,QAAQ,EAAE,QAAQ,CAAC,SAAS;CAC5B,gBAAgB,EAAE,QAAQ,CAAC,OAAO,CAAC,SAAS;CAC5C,cAAc,EAAE,OAAO,QAAQ,CAAC,SAAS;CACzC,uBAAuB,EAAE,QAAQ,CAAC,SAAS;CAC5C,CAAC;AAGF,MAAa,mCAAmC,EAAE,OAAO;CACvD,mBAAmB,EAAE,QAAQ;CAC7B,qBAAqB,EAAE,QAAQ,CAAC,OAAO;CACvC,oBAAoB,EAAE,QAAQ,CAAC,OAAO,CAAC,SAAS;CAChD,uBAAuB,EAAE,QAAQ,CAAC,OAAO;CAC1C,CAAC;AAGF,MAAa,oCAAoC,EAAE,OAAO,EAAE,QAAQ,EAAE,EAAE,KAAK,CAAC;AAG9E,MAAa,8BAA8B,EAAE,OAAO;CAClD,MAAM,EAAE,QAAQ,CAAC,SAAS;CAC1B,QAAQ,EAAE,QAAQ,CAAC,OAAO,CAAC,SAAS;CACpC,UAAU,EAAE,OAAO,EAAE,QAAQ,EAAE,EAAE,KAAK,CAAC,CAAC,SAAS;CACjD,aAAa,EAAE,QAAQ,CAAC,SAAS;CACjC,QAAQ,kCAAkC,SAAS;CACnD,SAAS,EAAE,QAAQ,CAAC,SAAS;CAC7B,oBAAoB,EAAE,QAAQ,CAAC,SAAS;CACzC,CAAC;AAGF,MAAa,6BAA6B,EAAE,OAAO;CACjD,MAAM,EAAE,QAAQ;CAChB,yBAAyB,4BAA4B,OAAO,CAAC,SAAS;CACtE,oBAAoB,EAAE,QAAQ,CAAC,SAAS;CACxC,SAAS,EAAE,QAAQ,CAAC,SAAS;CAC7B,cAAc,4BAA4B,OAAO,CAAC,SAAS;CAC3D,SAAS,EAAE,SAAS,CAAC,SAAS;CAC9B,WAAW,EAAE,QAAQ,CAAC,SAAS;CAChC,CAAC;AAGF,MAAa,gCAAgC,EAAE,OAAO;CACpD,QAAQ,EAAE,QAAQ,CAAC,SAAS;CAC5B,sBAAsB,EAAE,QAAQ,CAAC,SAAS;CAC1C,iBAAiB,EAAE,SAAS,CAAC,SAAS;CACvC,CAAC;AAGF,MAAa,8BAA8B,EAAE,OAAO,EAAE,QAAQ,EAAE,EAAE,MAAM,CAAC,EAAE,QAAQ,EAAE,EAAE,SAAS,CAAC,CAAC,CAAC;AAGnG,MAAa,iCAAiC,EAAE,KAAK;CAGnD;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACD,CAAC;AAGF,MAAa,0BAA0B,EAAE,KAAK;CAAC;CAAS;CAAW;CAAW,CAAC;AAK/E,MAAa,4BAA4B,EAAE,OAAO;CAChD,IAAI,EAAE,QAAQ;CACd,SAAS,wBAAwB,UAAU;CAC3C,mBAAmB;CACnB,mBAAmB,wBAAwB,OAAO;CAClD,OAAO,EAAE,SAAS,CAAC,UAAU;CAC7B,qBAAqB,yBAAyB,OAAO,CAAC,SAAS;CAC/D,cAAc,EAAE,QAAQ,CAAC,OAAO,CAAC,UAAU;CAC3C,+BAA+B,EAAE,QAAQ,CAAC,SAAS;CACnD,0BAA0B,2BAA2B,OAAO,CAAC,OAAO;CACpE,gCAAgC,gCAAgC,OAAO;CACvE,aAAa;CACb,qBAAqB,0BAA0B,OAAO;CACtD,iBAAiB,EAAE,SAAS;CAC5B,gCAAgC,EAAE,QAAQ,CAAC,UAAU;CACrD,uBAAuB,iCAAiC,OAAO;CAC/D,yBAAyB,EAAE,SAAS;CACpC,QAAQ;CACR,0BAA0B,EAAE,SAAS;CACrC,2BAA2B,EAAE,SAAS;CACtC,uBAAuB,EAAE,SAAS;CAClC,wBAAwB,EAAE,SAAS,CAAC,SAAS;CAC7C,gBAAgB,EAAE,SAAS;CAC3B,0BAA0B;CAC1B,wBAAwB,2BAA2B,OAAO,CAAC,SAAS;CACpE,wBAAwB,EAAE,KAAK,CAAC,SAAS;CACzC,UAAU,yBAAyB,SAAS;CAC5C,2CAA2C,EAAE,SAAS,CAAC,SAAS;CAChE,0BAA0B,EAAE,SAAS,CAAC,SAAS;CAC/C,0BAA0B,EAAE,SAAS,CAAC,SAAS;CAC/C,iBAAiB,EAAE,QAAQ,CAAC,OAAO,CAAC,UAAU;CAC/C,CAAC;AAGF,MAAa,0BAA0B,EAAE,OAAO,EAC9C,KAAK,2BACN,CAAC"}