@paklo/core 0.7.3 → 0.9.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (25) hide show
  1. package/dist/azure/index.d.mts +930 -116
  2. package/dist/azure/index.mjs +412 -229
  3. package/dist/azure/index.mjs.map +1 -1
  4. package/dist/dependabot/index.d.mts +3 -3
  5. package/dist/dependabot/index.mjs +3 -4
  6. package/dist/{dependabot-_TVZhG0L.mjs → dependabot-rtPO9HdD.mjs} +21 -14
  7. package/dist/dependabot-rtPO9HdD.mjs.map +1 -0
  8. package/dist/github/index.d.mts +1 -1
  9. package/dist/github/index.mjs +1 -1
  10. package/dist/{index-BWftXTYB.d.mts → index-BfwWezjJ.d.mts} +1 -1
  11. package/dist/{index-vaaBSJ7v.d.mts → index-Byxjhvfz.d.mts} +67 -59
  12. package/dist/{job-DQiSYFHb.mjs → job-BxOZ-hqF.mjs} +2 -2
  13. package/dist/job-BxOZ-hqF.mjs.map +1 -0
  14. package/dist/{logger-BqvUa-Ue.mjs → logger-5PEqZVLr.mjs} +10 -3
  15. package/dist/{logger-BqvUa-Ue.mjs.map → logger-5PEqZVLr.mjs.map} +1 -1
  16. package/dist/logger.mjs +1 -1
  17. package/dist/usage.d.mts +1 -1
  18. package/dist/usage.mjs +1 -1
  19. package/package.json +6 -9
  20. package/dist/dependabot-_TVZhG0L.mjs.map +0 -1
  21. package/dist/http/index.d.mts +0 -121
  22. package/dist/http/index.mjs +0 -3
  23. package/dist/http-D2wwAKQ-.mjs +0 -241
  24. package/dist/http-D2wwAKQ-.mjs.map +0 -1
  25. package/dist/job-DQiSYFHb.mjs.map +0 -1
package/dist/dependabot-rtPO9HdD.mjs.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"dependabot-rtPO9HdD.mjs","names":["branchName: string","DEFAULT_EXPERIMENTS: DependabotExperiments","updatingPullRequest: boolean","updateDependencyGroupName: string | null","updateDependencyNames: string[] | null","vulnerabilities: SecurityVulnerability[] | undefined","success: boolean"],"sources":["../src/dependabot/author.ts","../src/dependabot/branch-name.ts","../src/dependabot/experiments.ts","../src/dependabot/job-builder.ts","../src/dependabot/update.ts","../src/dependabot/server.ts"],"sourcesContent":["export type GitAuthor = {\n name: string;\n email: string;\n};\n\nexport const DEPENDABOT_DEFAULT_AUTHOR_EMAIL = 'noreply@github.com';\nexport const DEPENDABOT_DEFAULT_AUTHOR_NAME = 'dependabot[bot]';\n","import * as crypto from 'node:crypto';\nimport type { PackageEcosystem } from './config';\nimport type { DependabotExistingPR } from './job';\n\n// TODO: figure out how to handle IDENTIFIER field (in a group) in branch naming\n// Docs: https://docs.github.com/en/code-security/dependabot/working-with-dependabot/dependabot-options-reference#groups--\n// -> An identifier for a group is used in branch names and pull request titles.\n\nexport function getBranchNameForUpdate(\n packageEcosystem: PackageEcosystem,\n targetBranchName: string | undefined,\n directory: string | undefined,\n dependencyGroupName: string | undefined,\n dependencies: DependabotExistingPR[],\n separator: string = '/',\n): string {\n // Based on dependabot-core implementation:\n // https://github.com/dependabot/dependabot-core/blob/main/common/lib/dependabot/pull_request_creator/branch_namer/solo_strategy.rb\n // https://github.com/dependabot/dependabot-core/blob/main/common/lib/dependabot/pull_request_creator/branch_namer/dependency_group_strategy.rb\n let branchName: string;\n const branchNameMightBeTooLong = dependencyGroupName || dependencies.length > 1;\n if (branchNameMightBeTooLong) {\n // Group/multi dependency update\n // e.g. dependabot/nuget/main/microsoft-3b49c54d9e\n const dependencyDigest = crypto\n .createHash('md5')\n .update(dependencies.map((d) => `${d['dependency-name']}-${d['dependency-version']}`).join(','))\n .digest('hex')\n .substring(0, 10);\n branchName = `${dependencyGroupName || 'multi'}-${dependencyDigest}`;\n } else {\n // Single dependency update\n // e.g. dependabot/nuget/main/Microsoft.Extensions.Logging-1.0.0\n const dependencyNames = dependencies\n .map((d) => d['dependency-name'])\n .join('-and-')\n .replace(/[:[]]/g, '-') // Replace `:` and `[]` with `-`\n .replace(/@/g, ''); // Remove `@`\n const versionSuffix = dependencies[0]?.removed ? 'removed' : dependencies[0]?.['dependency-version'];\n branchName = `${dependencyNames}-${versionSuffix}`;\n }\n\n return sanitizeRef(\n [\n 'dependabot',\n packageEcosystem,\n targetBranchName,\n // normalize directory to remove leading/trailing slashes and replace remaining ones with the separator\n directory\n ? directory\n .split('/')\n .filter((part) => part.length > 0)\n .join(separator)\n : undefined,\n branchName,\n ],\n separator,\n );\n}\n\nexport function sanitizeRef(refParts: (string | undefined)[], separator: string): string {\n // Based on dependabot-core implementation:\n // https://github.com/dependabot/dependabot-core/blob/fc31ae64f492dc977cfe6773ab13fb6373aabec4/common/lib/dependabot/pull_request_creator/branch_namer/base.rb#L99\n\n // This isn't a complete implementation of git's ref validation, but it\n // covers most cases that crop up. Its list of allowed characters is a\n // bit stricter than git's, but that's for cosmetic reasons.\n return (\n refParts\n // Join the parts with the separator, ignore empty parts\n .filter((p) => p && p.trim().length > 0)\n .join(separator)\n // Remove forbidden characters (those not already replaced elsewhere)\n .replace(/[^A-Za-z0-9/\\-_.(){}]/g, '')\n // Slashes can't be followed by periods\n .replace(/\\/\\./g, '/dot-')\n // Squeeze out consecutive periods and slashes\n .replace(/\\.+/g, '.')\n .replace(/\\/+/g, '/')\n // Trailing periods are forbidden\n .replace(/\\.$/, '')\n );\n}\n","import type { DependabotExperiments } from './job';\n\n// The default experiments known to be used by the GitHub Dependabot service.\n// This changes often, update as needed by extracting them from a Dependabot GitHub Action run.\n// e.g. https://github.com/mburumaxwell/dependabot-azure-devops/actions/workflows/dependabot/dependabot-updates\nexport const DEFAULT_EXPERIMENTS: DependabotExperiments = {\n 'record-ecosystem-versions': true,\n 'record-update-job-unknown-error': true,\n 'proxy-cached': true,\n 'dependency-change-validation': true,\n 'enable-file-parser-python-local': true,\n 'npm-fallback-version-above-v6': true,\n 'enable-record-ecosystem-meta': true,\n 'enable-corepack-for-npm-and-yarn': true,\n 'enable-shared-helpers-command-timeout': true,\n 'enable-dependabot-setting-up-cronjob': true,\n 'enable-engine-version-detection': true,\n 'avoid-duplicate-updates-package-json': true,\n 'allow-refresh-for-existing-pr-dependencies': true,\n 'allow-refresh-group-with-all-dependencies': true,\n 'exclude-local-composer-packages': true,\n 'enable-enhanced-error-details-for-updater': true,\n 'gradle-lockfile-updater': true,\n 'enable-exclude-paths-subdirectory-manifest-files': true,\n 'group-membership-enforcement': true,\n 'deprecate-close-command': true,\n 'deprecate-reopen-command': true,\n 'deprecate-merge-command': true,\n 'deprecate-cancel-merge-command': true,\n 'deprecate-squash-merge-command': true,\n};\n\n/**\n * Parses a comma-separated list of key=value pairs representing experiments.\n * @param raw A comma-separated list of key=value pairs representing experiments.\n * @returns A map of experiment names to their values.\n */\nexport function parseExperiments(raw?: string): DependabotExperiments | undefined {\n return raw\n ?.split(',')\n .filter((entry) => entry.trim() !== '') // <-- filter out empty entries\n .reduce((acc, cur) => {\n const [key, value] = cur.split('=', 2);\n acc[key!] = value || true;\n return acc;\n }, {} as DependabotExperiments);\n}\n\n/**\n * Set experiment in the given experiments map.\n * If the experiments map is undefined, a new map will be created.\n * @param experiments The experiments map to set the experiment in.\n * @param name The name of the experiment to set.\n * @param value The value of the experiment to set. Defaults to true.\n * @returns The updated experiments map.\n */\nexport function setExperiment(\n experiments: DependabotExperiments | undefined,\n name: string,\n value: boolean | string = true,\n): DependabotExperiments {\n return {\n ...(experiments || {}),\n // always add the experiment, even if the value is false or an empty string\n // this allows explicit disabling of experiments\n [name]: value,\n };\n}\n","import type { SecurityVulnerability } from '@/github';\nimport type {\n DependabotAllowCondition,\n DependabotConfig,\n DependabotGroup,\n DependabotIgnoreCondition,\n DependabotRegistry,\n DependabotUpdate,\n PackageEcosystem,\n VersioningStrategy,\n} from './config';\nimport { setExperiment } from './experiments';\nimport type {\n DependabotAllowed,\n DependabotCondition,\n DependabotCredential,\n DependabotExistingGroupPR,\n DependabotExistingPR,\n DependabotExperiments,\n DependabotGroupJob,\n DependabotJobConfig,\n DependabotPackageManager,\n DependabotSecurityAdvisory,\n DependabotSource,\n DependabotSourceProvider,\n} from './job';\n\nexport type DependabotSourceInfo = {\n provider: DependabotSourceProvider;\n hostname: string;\n 'api-endpoint': string;\n 'repository-slug': string;\n};\n\nexport type DependabotJobBuilderOutput = {\n job: DependabotJobConfig;\n credentials: DependabotCredential[];\n};\n\n/**\n * Class for building dependabot job objects\n */\nexport class DependabotJobBuilder {\n private readonly config: DependabotConfig;\n private readonly update: DependabotUpdate;\n private readonly experiments: DependabotExperiments;\n private readonly debug: boolean;\n\n private readonly packageManager: DependabotPackageManager;\n private readonly source: DependabotSource;\n private readonly credentials: DependabotCredential[];\n\n constructor({\n source,\n config,\n update,\n systemAccessUser,\n systemAccessToken,\n githubToken,\n experiments,\n debug,\n }: {\n source: DependabotSourceInfo;\n config: DependabotConfig;\n update: DependabotUpdate;\n experiments: DependabotExperiments;\n systemAccessUser?: string;\n systemAccessToken?: string;\n githubToken?: string;\n /** Determines if verbose log messages are logged */\n debug: boolean;\n }) {\n this.config = config;\n this.update = update;\n this.debug = debug;\n\n this.experiments = setExperiment(experiments, 'enable_beta_ecosystems', config['enable-beta-ecosystems']);\n\n this.packageManager = mapPackageEcosystemToPackageManager(update['package-ecosystem']);\n this.source = mapSourceFromDependabotConfigToJobConfig(source, update);\n this.credentials = mapCredentials({\n sourceHostname: source.hostname,\n systemAccessUser,\n systemAccessToken,\n githubToken,\n registries: config.registries,\n });\n }\n\n /**\n * Create a dependabot update job that updates nothing, but will discover the dependency list for a package ecosystem\n */\n public forDependenciesList({\n id,\n command,\n }: {\n id: string;\n command: DependabotJobConfig['command'];\n }): DependabotJobBuilderOutput {\n return {\n job: {\n id: id,\n command: command,\n 'package-manager': this.packageManager,\n 'updating-a-pull-request': false,\n dependencies: null,\n 'allowed-updates': [{ 'dependency-type': 'direct', 'update-type': 'all' }],\n 'ignore-conditions': [{ 'dependency-name': '*' }],\n 'security-updates-only': false,\n 'security-advisories': [],\n source: this.source,\n 'update-subdependencies': false,\n 'existing-pull-requests': [],\n 'existing-group-pull-requests': [],\n experiments: this.experiments,\n 'requirements-update-strategy': null,\n 'lockfile-only': false,\n 'commit-message-options': {\n prefix: null,\n 'prefix-development': null,\n 'include-scope': null,\n },\n 'vendor-dependencies': false,\n 'repo-private': true,\n debug: this.debug,\n },\n credentials: this.credentials,\n };\n }\n\n /**\n * Create a dependabot update job that updates all dependencies for a package ecosystem\n */\n public forUpdate({\n id,\n command,\n dependencyNamesToUpdate,\n existingPullRequests,\n pullRequestToUpdate,\n securityVulnerabilities,\n }: {\n id: string;\n command: DependabotJobConfig['command'];\n dependencyNamesToUpdate?: string[];\n existingPullRequests: (DependabotExistingPR[] | DependabotExistingGroupPR)[];\n pullRequestToUpdate?: DependabotExistingPR[] | DependabotExistingGroupPR;\n securityVulnerabilities?: SecurityVulnerability[];\n }): DependabotJobBuilderOutput {\n const securityOnlyUpdate = this.update['open-pull-requests-limit'] === 0;\n\n let updatingPullRequest: boolean;\n let updateDependencyGroupName: string | null = null;\n let updateDependencyNames: string[] | null;\n let vulnerabilities: SecurityVulnerability[] | undefined;\n\n if (pullRequestToUpdate) {\n updatingPullRequest = true;\n updateDependencyGroupName = Array.isArray(pullRequestToUpdate)\n ? null\n : pullRequestToUpdate['dependency-group-name'];\n updateDependencyNames = (\n Array.isArray(pullRequestToUpdate) ? pullRequestToUpdate : pullRequestToUpdate.dependencies\n )?.map((d) => d['dependency-name']);\n vulnerabilities = securityVulnerabilities?.filter((v) => updateDependencyNames?.includes(v.package.name));\n } else {\n updatingPullRequest = false;\n const names = dependencyNamesToUpdate?.length ? dependencyNamesToUpdate : null;\n updateDependencyNames =\n securityOnlyUpdate && names\n ? names?.filter((d) => securityVulnerabilities?.find((v) => v.package.name === d))\n : names;\n vulnerabilities = securityVulnerabilities;\n }\n\n return {\n job: {\n id: id,\n command: command,\n 'package-manager': this.packageManager,\n 'updating-a-pull-request': updatingPullRequest || false,\n 'dependency-group-to-refresh': updateDependencyGroupName,\n 'dependency-groups': mapGroupsFromDependabotConfigToJobConfig(this.update.groups),\n dependencies: updateDependencyNames,\n 'allowed-updates': mapAllowedUpdatesFromDependabotConfigToJobConfig(this.update.allow, securityOnlyUpdate),\n 'ignore-conditions': mapIgnoreConditionsFromDependabotConfigToJobConfig(this.update.ignore),\n 'security-updates-only': securityOnlyUpdate,\n 'security-advisories': mapSecurityAdvisories(vulnerabilities),\n source: this.source,\n 'update-subdependencies': false,\n 'existing-pull-requests': existingPullRequests.filter((pr) => Array.isArray(pr)),\n 'existing-group-pull-requests': existingPullRequests.filter(\n (pr): pr is DependabotExistingGroupPR => !Array.isArray(pr),\n ),\n 'commit-message-options': {\n prefix: this.update['commit-message']?.prefix ?? null,\n 'prefix-development': this.update['commit-message']?.['prefix-development'] ?? null,\n 'include-scope':\n this.update['commit-message']?.include?.toLocaleLowerCase()?.trim() === 'scope' ? true : null,\n },\n cooldown: this.update.cooldown,\n experiments: mapExperiments(this.experiments),\n 'reject-external-code':\n this.update['insecure-external-code-execution']?.toLocaleLowerCase()?.trim() === 'allow',\n 'requirements-update-strategy': mapVersionStrategyToRequirementsUpdateStrategy(\n this.update['versioning-strategy'],\n ),\n 'lockfile-only': this.update['versioning-strategy'] === 'lockfile-only',\n 'vendor-dependencies': this.update.vendor ?? false,\n 'repo-private': true,\n debug: this.debug,\n 'proxy-log-response-body-on-auth-failure': true,\n 'max-updater-run-time': 2700,\n 'enable-beta-ecosystems': this.config['enable-beta-ecosystems'] || false,\n // Updates across ecosystems is still in development\n // See https://github.com/dependabot/dependabot-core/issues/8126\n // https://github.com/dependabot/dependabot-core/pull/12339\n // It needs to merged in the core repo first before we support it\n // However, to match current job configs and to prevent surprises, we disable it\n 'multi-ecosystem-update': false,\n 'exclude-paths': this.update['exclude-paths'],\n },\n credentials: this.credentials,\n };\n }\n}\n\nexport function mapPackageEcosystemToPackageManager(ecosystem: PackageEcosystem): DependabotPackageManager {\n // Map the dependabot config \"package ecosystem\" to the equivalent dependabot-core/cli \"package manager\".\n // Config values: https://docs.github.com/en/code-security/dependabot/working-with-dependabot/dependabot-options-reference#package-ecosystem-\n // Core/CLI values: https://github.com/dependabot/dependabot-core/blob/main/common/lib/dependabot/config/file.rb#L60-L81\n switch (ecosystem) {\n case 'docker-compose':\n return 'docker_compose';\n case 'dotnet-sdk':\n return 'dotnet_sdk';\n case 'github-actions':\n return 'github_actions';\n case 'gitsubmodule':\n return 'submodules';\n case 'gomod':\n return 'go_modules';\n case 'mix':\n return 'hex';\n case 'npm':\n return 'npm_and_yarn';\n // Additional aliases, sometimes used for convenience\n case 'pipenv':\n return 'pip';\n case 'pip-compile':\n return 'pip';\n case 'poetry':\n return 'pip';\n case 'pnpm':\n return 'npm_and_yarn';\n case 'rust-toolchain':\n return 'rust_toolchain';\n case 'yarn':\n return 'npm_and_yarn';\n default:\n return ecosystem;\n }\n}\n\nexport function mapSourceFromDependabotConfigToJobConfig(\n source: DependabotSourceInfo,\n update: DependabotUpdate,\n): DependabotSource {\n return {\n provider: source.provider,\n 'api-endpoint': source['api-endpoint'],\n hostname: source.hostname,\n repo: source['repository-slug'],\n branch: update['target-branch'],\n commit: null, // use latest commit of target branch\n directory: update.directory,\n directories: update.directories,\n };\n}\n\nexport function mapVersionStrategyToRequirementsUpdateStrategy(strategy?: VersioningStrategy): string | null {\n if (!strategy) return null;\n switch (strategy) {\n case 'auto':\n return null;\n case 'increase':\n return 'bump_versions';\n case 'increase-if-necessary':\n return 'bump_versions_if_necessary';\n case 'lockfile-only':\n return 'lockfile_only';\n case 'widen':\n return 'widen_ranges';\n default:\n throw new Error(`Invalid dependabot.yaml versioning strategy option '${strategy}'`);\n }\n}\n\nexport function mapGroupsFromDependabotConfigToJobConfig(\n dependencyGroups?: Record<string, DependabotGroup | null>,\n): DependabotGroupJob[] {\n if (!dependencyGroups || !Object.keys(dependencyGroups).length) return [];\n return Object.keys(dependencyGroups)\n .filter((name) => dependencyGroups[name])\n .map((name) => {\n const group = dependencyGroups[name]!;\n return {\n name: name,\n 'applies-to': group['applies-to'],\n rules: {\n patterns: group.patterns?.length ? group.patterns : ['*'],\n 'exclude-patterns': group['exclude-patterns'],\n 'dependency-type': group['dependency-type'],\n 'update-types': group['update-types'],\n },\n } satisfies DependabotGroupJob;\n });\n}\n\nexport function mapAllowedUpdatesFromDependabotConfigToJobConfig(\n allowedUpdates?: DependabotAllowCondition[],\n securityOnlyUpdate?: boolean,\n): DependabotAllowed[] {\n // If no allow conditions are specified, update direct dependencies by default; This is what GitHub does.\n // NOTE: 'update-type' appears to be a deprecated config, but still appears in the dependabot-core model and GitHub Dependabot job logs.\n // See: https://github.com/dependabot/dependabot-core/blob/b3a0c1f86c20729494097ebc695067099f5b4ada/updater/lib/dependabot/job.rb#L253C1-L257C78\n if (!allowedUpdates) {\n return [\n {\n 'dependency-type': 'direct',\n 'update-type': securityOnlyUpdate ? 'security' : 'all',\n },\n ];\n }\n return allowedUpdates.map((allow) => {\n return {\n 'dependency-name': allow['dependency-name'],\n 'dependency-type': allow['dependency-type'],\n 'update-type': allow['update-type'],\n };\n });\n}\n\nexport function mapIgnoreConditionsFromDependabotConfigToJobConfig(\n ignoreConditions?: DependabotIgnoreCondition[],\n): DependabotCondition[] {\n if (!ignoreConditions) return [];\n return ignoreConditions.map((ignore) => {\n return {\n source: ignore.source,\n 'updated-at': ignore['updated-at'],\n 'dependency-name': ignore['dependency-name'] ?? '*',\n 'update-types': ignore['update-types'],\n\n // The dependabot.yml config docs are not very clear about acceptable values; after scanning dependabot-core and dependabot-cli,\n // this could either be a single version string (e.g. '>1.0.0'), or multiple version strings separated by commas (e.g. '>1.0.0, <2.0.0')\n 'version-requirement': Array.isArray(ignore.versions) ? (<string[]>ignore.versions)?.join(', ') : ignore.versions,\n } satisfies DependabotCondition;\n });\n}\n\nexport function mapExperiments(experiments?: DependabotExperiments): DependabotExperiments {\n experiments ??= {};\n return Object.keys(experiments).reduce((acc, key) => {\n // Experiment values are known to be either 'true', 'false', or a string value.\n // If the value is 'true' or 'false', convert it to a boolean type so that dependabot-core handles it correctly.\n const value = experiments[key];\n if (typeof value === 'string' && value?.toLocaleLowerCase() === 'true') {\n acc[key] = true;\n } else if (typeof value === 'string' && value?.toLocaleLowerCase() === 'false') {\n acc[key] = false;\n } else {\n if (typeof value === 'string' || typeof value === 'boolean') acc[key] = value;\n }\n return acc;\n }, {} as DependabotExperiments);\n}\n\nexport function mapSecurityAdvisories(securityVulnerabilities?: SecurityVulnerability[]): DependabotSecurityAdvisory[] {\n if (!securityVulnerabilities) return [];\n\n // A single security advisory can cause a vulnerability in multiple versions of a package.\n // We need to map each unique security advisory to a list of affected-versions and patched-versions.\n const vulnerabilitiesGroupedByPackageNameAndAdvisoryId = new Map<string, SecurityVulnerability[]>();\n for (const vuln of securityVulnerabilities) {\n const key = `${vuln.package.name}/${vuln.advisory.identifiers.map((i) => `${i.type}:${i.value}`).join('/')}`;\n if (!vulnerabilitiesGroupedByPackageNameAndAdvisoryId.has(key)) {\n vulnerabilitiesGroupedByPackageNameAndAdvisoryId.set(key, []);\n }\n vulnerabilitiesGroupedByPackageNameAndAdvisoryId.get(key)!.push(vuln);\n }\n return Array.from(vulnerabilitiesGroupedByPackageNameAndAdvisoryId.values()).map((vulns) => {\n return {\n 'dependency-name': vulns[0]!.package.name,\n 'affected-versions': vulns.map((v) => v.vulnerableVersionRange).filter((v) => v && v.length > 0),\n 'patched-versions': vulns\n .map((v) => v.firstPatchedVersion?.identifier)\n .filter((v) => v && v.length > 0)\n .map((v) => v!),\n 'unaffected-versions': [],\n } satisfies DependabotSecurityAdvisory;\n });\n}\n\nexport function mapCredentials({\n sourceHostname,\n systemAccessUser,\n systemAccessToken,\n githubToken,\n registries,\n}: {\n sourceHostname: string;\n systemAccessUser?: string;\n systemAccessToken?: string;\n githubToken?: string;\n registries?: Record<string, DependabotRegistry>;\n}): DependabotCredential[] {\n const credentials = [];\n\n // Required to authenticate with the git repository when cloning the source code\n if (systemAccessToken) {\n credentials.push({\n type: 'git_source',\n host: sourceHostname,\n username: (systemAccessUser ?? '').trim()?.length > 0 ? systemAccessUser : 'x-access-token',\n password: systemAccessToken,\n });\n }\n\n // Required to avoid rate-limiting errors when generating pull request descriptions (e.g. fetching release notes, commit messages, etc)\n if (githubToken) {\n credentials.push({\n type: 'git_source',\n host: 'github.com',\n username: 'x-access-token',\n password: githubToken,\n });\n }\n if (registries) {\n // TODO: only registries for the current update should be set\n // Required to authenticate with private package feeds when finding the latest version of dependencies.\n // The registries have already been worked on (see parseRegistries) so there is no need to do anything else.\n credentials.push(...Object.values(registries));\n }\n\n return credentials;\n}\n","import { z } from 'zod';\nimport { DependabotDependencySchema, DependabotPackageManagerSchema } from './job';\n\n// we use nullish() because it does optional() and allows the value to be set to null\n\nexport const DependabotDependencyFileSchema = z.object({\n // https://github.com/dependabot/dependabot-core/blob/5e2711f9913cc387acb7cb0d29d51fb52d235ef2/common/lib/dependabot/dependency_file.rb#L14-L15\n content: z.string().nullish(),\n content_encoding: z\n .enum([\n 'utf-8',\n 'base64',\n // for some reason, some files (e.g. txt in gomod) are marked as empty string encoding\n '',\n ])\n .nullish(),\n deleted: z.boolean().nullish(),\n directory: z.string(),\n name: z.string(),\n operation: z.enum(['update', 'create', 'delete']),\n support_file: z.boolean().nullish(),\n vendored_file: z.boolean().nullish(),\n symlink_target: z.string().nullish(),\n type: z.string().nullish(),\n mode: z\n .enum({\n executable: '100755',\n file: '100644',\n directory: '040000',\n submodule: '160000',\n symlink: '120000',\n })\n .or(z.string())\n .nullish(),\n});\nexport type DependabotDependencyFile = z.infer<typeof DependabotDependencyFileSchema>;\n\nexport const DependabotUpdateDependencyListSchema = z.object({\n dependencies: DependabotDependencySchema.array(),\n dependency_files: z.string().array().nullish(),\n});\nexport type DependabotUpdateDependencyList = z.infer<typeof DependabotUpdateDependencyListSchema>;\n\nexport const DependabotDependencySubmissionSchema = z.object({\n version: z.number(),\n sha: z.string(),\n ref: z.string(),\n job: z.object({\n correlator: z.string(),\n id: z.string(),\n }),\n detector: z.object({\n name: z.string(),\n version: z.string(),\n url: z.string(),\n }),\n manifests: z.object({\n name: z.string().nullish(),\n file: z.object({ source_location: z.string() }).nullish(),\n metadata: z.object({ ecosystem: DependabotPackageManagerSchema }).nullish(),\n resolved: z\n .object({\n package_url: z.string(),\n relationship: z.enum(['direct', 'indirect']),\n scope: z.enum(['runtime', 'development']),\n dependencies: DependabotDependencySchema.array(),\n })\n .nullish(),\n }),\n});\nexport type DependabotDependencySubmission = z.infer<typeof DependabotDependencySubmissionSchema>;\n\nexport const DependabotCreatePullRequestSchema = z.object({\n 'base-commit-sha': z.string(),\n dependencies: DependabotDependencySchema.array(),\n 'updated-dependency-files': DependabotDependencyFileSchema.array(),\n 'pr-title': z.string(),\n 'pr-body': z.string().nullish(),\n 'commit-message': z.string(),\n 'dependency-group': z.record(z.string(), z.any()).nullish(),\n});\nexport type DependabotCreatePullRequest = z.infer<typeof DependabotCreatePullRequestSchema>;\n\nexport const DependabotUpdatePullRequestSchema = z.object({\n 'base-commit-sha': z.string(),\n 'dependency-names': z.string().array(),\n 'updated-dependency-files': DependabotDependencyFileSchema.array(),\n 'pr-title': z.string().nullish(), // this is usually excluded when working with dependabot-cli and an empty string if the API\n 'pr-body': z.string().nullish(), // this is usually excluded when working with dependabot-cli and an empty string if the API\n 'commit-message': z.string().nullish(), // this is usually excluded when working with dependabot-cli and an empty string if the API\n 'dependency-group': z.record(z.string(), z.any()).nullish(),\n});\nexport type DependabotUpdatePullRequest = z.infer<typeof DependabotUpdatePullRequestSchema>;\n\nexport const DependabotClosePullRequestReasonEnum = z.enum([\n 'dependencies_changed',\n 'dependency_group_empty',\n 'dependency_removed',\n 'up_to_date',\n 'update_no_longer_possible',\n]);\nexport type DependabotClosePullRequestReason = z.infer<typeof DependabotClosePullRequestReasonEnum>;\nexport const DependabotClosePullRequestSchema = z.object({\n 'dependency-names': z.string().array(),\n reason: DependabotClosePullRequestReasonEnum.nullish(),\n});\nexport type DependabotClosePullRequest = z.infer<typeof DependabotClosePullRequestSchema>;\n\nexport const DependabotMarkAsProcessedSchema = z.object({\n 'base-commit-sha': z.string().nullish(),\n});\nexport type DependabotMarkAsProcessed = z.infer<typeof DependabotMarkAsProcessedSchema>;\n\nexport const DependabotRecordUpdateJobErrorSchema = z.object({\n 'error-type': z.string(),\n 'error-details': z.record(z.string(), z.any()).nullish(),\n});\nexport type DependabotRecordUpdateJobError = z.infer<typeof DependabotRecordUpdateJobErrorSchema>;\n\nexport const DependabotRecordUpdateJobWarningSchema = z.object({\n 'warn-type': z.string(),\n 'warn-title': z.string(),\n 'warn-description': z.string(),\n});\nexport type DependabotRecordUpdateJobWarning = z.infer<typeof DependabotRecordUpdateJobWarningSchema>;\n\nexport const DependabotRecordUpdateJobUnknownErrorSchema = z.object({\n 'error-type': z.string(),\n 'error-details': z.record(z.string(), z.any()).nullish(),\n});\nexport type DependabotRecordUpdateJobUnknownError = z.infer<typeof DependabotRecordUpdateJobUnknownErrorSchema>;\n\nexport const DependabotRecordEcosystemVersionsSchema = z.object({\n ecosystem_versions: z.record(z.string(), z.any()).nullish(),\n});\nexport type DependabotRecordEcosystemVersions = z.infer<typeof DependabotRecordEcosystemVersionsSchema>;\n\nexport const DependabotEcosystemVersionManagerSchema = z.object({\n name: z.string(),\n version: z.string(),\n raw_version: z.string(),\n requirement: z.record(z.string(), z.any()).nullish(),\n});\nexport type DependabotEcosystemVersionManager = z.infer<typeof DependabotEcosystemVersionManagerSchema>;\n\nexport const DependabotEcosystemMetaSchema = z.object({\n name: z.string(),\n package_manager: DependabotEcosystemVersionManagerSchema.nullish(),\n language: DependabotEcosystemVersionManagerSchema.nullish(),\n version: DependabotEcosystemVersionManagerSchema.nullish(),\n});\nexport type DependabotEcosystemMeta = z.infer<typeof DependabotEcosystemMetaSchema>;\n\nexport const DependabotRecordEcosystemMetaSchema = z.object({\n ecosystem: DependabotEcosystemMetaSchema,\n});\nexport type DependabotRecordEcosystemMeta = z.infer<typeof DependabotRecordEcosystemMetaSchema>;\n\nexport const DependabotRecordCooldownMetaSchema = z.object({\n cooldown: z.object({\n ecosystem_name: DependabotPackageManagerSchema,\n config: z.object({\n default_days: z.number(),\n semver_major_days: z.number(),\n semver_minor_days: z.number(),\n semver_patch_days: z.number(),\n }),\n }),\n});\nexport type DependabotRecordCooldownMeta = z.infer<typeof DependabotRecordCooldownMetaSchema>;\n\nexport const DependabotIncrementMetricSchema = z.object({\n metric: z.string(),\n tags: z.record(z.string(), z.any()).nullish(),\n});\nexport type DependabotIncrementMetric = z.infer<typeof DependabotIncrementMetricSchema>;\n\nexport const DependabotMetricSchema = z.object({\n metric: z.string(),\n type: z.enum(['increment', 'gauge', 'distribution', 'histogram']),\n value: z.number().nullish(),\n values: z.number().array().nullish(),\n tags: z.record(z.string(), z.string()).nullish(),\n});\nexport type DependabotMetric = z.infer<typeof DependabotMetricSchema>;\n","import { zValidator } from '@hono/zod-validator';\nimport { Hono } from 'hono';\nimport { type ZodType, z } from 'zod';\nimport { logger } from '@/logger';\nimport type { DependabotCredential, DependabotJobConfig } from './job';\nimport {\n DependabotClosePullRequestSchema,\n DependabotCreatePullRequestSchema,\n DependabotDependencySubmissionSchema,\n DependabotIncrementMetricSchema,\n DependabotMarkAsProcessedSchema,\n DependabotMetricSchema,\n DependabotRecordCooldownMetaSchema,\n DependabotRecordEcosystemMetaSchema,\n DependabotRecordEcosystemVersionsSchema,\n DependabotRecordUpdateJobErrorSchema,\n DependabotRecordUpdateJobUnknownErrorSchema,\n DependabotRecordUpdateJobWarningSchema,\n DependabotUpdateDependencyListSchema,\n DependabotUpdatePullRequestSchema,\n} from './update';\n\nexport const DependabotRequestTypeSchema = z.enum([\n 'create_pull_request',\n 'update_pull_request',\n 'close_pull_request',\n 'record_update_job_error',\n 'record_update_job_warning',\n 'record_update_job_unknown_error',\n 'mark_as_processed',\n 'update_dependency_list',\n 'create_dependency_submission',\n 'record_ecosystem_versions',\n 'increment_metric',\n 'record_ecosystem_meta',\n 'record_cooldown_meta',\n 'record_metrics', // from the runner\n]);\nexport type DependabotRequestType = z.infer<typeof DependabotRequestTypeSchema>;\n\nexport const DependabotRequestSchema = z.discriminatedUnion('type', [\n z.object({ type: z.literal('create_pull_request'), data: DependabotCreatePullRequestSchema }),\n z.object({ type: z.literal('update_pull_request'), data: DependabotUpdatePullRequestSchema }),\n z.object({ type: z.literal('close_pull_request'), data: DependabotClosePullRequestSchema }),\n z.object({ type: z.literal('record_update_job_error'), data: DependabotRecordUpdateJobErrorSchema }),\n z.object({ type: z.literal('record_update_job_warning'), data: DependabotRecordUpdateJobWarningSchema }),\n z.object({ type: z.literal('record_update_job_unknown_error'), data: DependabotRecordUpdateJobUnknownErrorSchema }),\n z.object({ type: z.literal('mark_as_processed'), data: DependabotMarkAsProcessedSchema }),\n z.object({ type: z.literal('update_dependency_list'), data: DependabotUpdateDependencyListSchema }),\n z.object({ type: z.literal('create_dependency_submission'), data: DependabotDependencySubmissionSchema }),\n z.object({ type: z.literal('record_ecosystem_versions'), data: DependabotRecordEcosystemVersionsSchema }),\n z.object({ type: z.literal('record_ecosystem_meta'), data: DependabotRecordEcosystemMetaSchema.array() }),\n z.object({ type: z.literal('record_cooldown_meta'), data: DependabotRecordCooldownMetaSchema.array() }),\n z.object({ type: z.literal('increment_metric'), data: DependabotIncrementMetricSchema }),\n z.object({ type: z.literal('record_metrics'), data: DependabotMetricSchema.array() }), // from the runner\n]);\nexport type DependabotRequest = z.infer<typeof DependabotRequestSchema>;\n\nexport type DependabotTokenType = 'job' | 'credentials';\n\n/**\n * Function type for authenticating requests.\n * @param type - The type of authentication ('job' or 'credentials').\n * @param id - The ID of the dependabot job.\n * @param value - The authentication value (e.g., API key).\n * @returns A promise that resolves to a boolean indicating whether the authentication was successful.\n */\ntype AuthenticatorFunc = (type: DependabotTokenType, id: string, value: string) => Promise<boolean>;\n\n/**\n * Handler function for processing dependabot requests.\n * @param id - The ID of the dependabot job.\n * @param request - The dependabot request to handle.\n * @returns A promise that resolves to the result of handling the request.\n */\ntype HandlerFunc = (id: string, request: DependabotRequest) => Promise<boolean>;\n\n/**\n * Function for inspecting raw dependabot requests.\n * @param id - The ID of the dependabot job.\n * @param type - The type of dependabot request.\n * @param raw - The raw JSON data of the request.\n * @returns A promise that resolves when the operation is complete.\n */\ntype InspectRequestFunc = (id: string, type: DependabotRequestType, raw: unknown) => Promise<void>;\n\n/**\n * Function for getting a dependabot job config by ID.\n * @param id - The ID of the dependabot job.\n * @returns A promise that resolves to the dependabot job config, or undefined if not found.\n */\ntype GetJobFunc = (id: string) => Promise<DependabotJobConfig | undefined>;\n\n/**\n * Function for getting dependabot credentials by job ID.\n * @param id - The ID of the dependabot job.\n * @returns A promise that resolves to an array of dependabot credentials, or undefined if not found.\n */\ntype GetCredentialsFunc = (id: string) => Promise<DependabotCredential[] | undefined>;\n\nexport type CreateApiServerAppOptions = {\n /**\n * Base path for the endpoints.\n * @default `/api/update_jobs`\n */\n basePath?: string;\n\n /** Handler function for authenticating requests. */\n authenticate: AuthenticatorFunc;\n\n /** Function for getting a dependabot job by ID. */\n getJob: GetJobFunc;\n\n /** Function for getting dependabot credentials by job ID. */\n getCredentials: GetCredentialsFunc;\n\n /**\n * Optional function for inspecting raw dependabot requests.\n * Should only be used for troubleshooting.\n * */\n inspect?: InspectRequestFunc;\n\n /** Handler function for processing the operations. */\n handle: HandlerFunc;\n};\n\n/**\n * Creates an API server application for handling dependabot update jobs.\n * The endpoints in the server application have paths in the format: `/api/update_jobs/:id/{operation}`,\n * where `:id` is the job ID and `{operation}` is one of the defined operations e.g. `create_pull_request`.\n *\n * You should set the job endpoint URL in the job container to\n * `http://<host>:<port>/api/update_jobs/:id` where `<host>` and `<port>` are the host and port\n *\n * These endpoints are protected using the provided API key.\n * @param params - The parameters for creating the API server application.\n * @returns The created API server application.\n */\nexport function createApiServerApp({\n basePath = `/api/update_jobs`,\n authenticate,\n getJob,\n getCredentials,\n inspect,\n handle,\n}: CreateApiServerAppOptions): Hono {\n // Setup app with base path and middleware\n const app = new Hono().basePath(basePath);\n\n // Handle endpoints:\n // - POST request to /create_pull_request\n // - POST request to /update_pull_request\n // - POST request to /close_pull_request\n // - POST request to /record_update_job_error\n // - POST request to /record_update_job_warning\n // - POST request to /record_update_job_unknown_error\n // - PATCH request to /mark_as_processed\n // - POST request to /update_dependency_list\n // - POST request to /create_dependency_submission\n // - POST request to /record_ecosystem_versions\n // - POST request to /record_ecosystem_meta\n // - POST request to /increment_metric\n\n function operation<T extends ZodType>(type: DependabotRequestType, schema: T, method?: string) {\n app.on(\n method || 'post',\n `/:id/${type}`,\n zValidator('param', z.object({ id: z.string() })),\n async (context, next) => {\n /**\n * Do not authenticate in scenarios where the server is not using HTTPS because the\n * dependabot proxy will not send the job token over HTTP, yet trying to get HTTPS to work\n * with localhost (self-signed certs) against docker (host.docker.internal) is complicated.\n */\n const url = new URL(context.req.url);\n const isHTTPS = url.protocol === 'https:';\n const { id } = context.req.valid('param');\n if (isHTTPS) {\n const value = context.req.header('Authorization');\n if (!value) return context.body(null, 401);\n const valid = await authenticate('job', id, value);\n if (!valid) return context.body(null, 403);\n } else {\n logger.trace(`Skipping authentication because it is not secure ${context.req.url}`);\n }\n\n // if inspection is provided, call it with the raw request data\n if (inspect) {\n await inspect(id, type, await context.req.json());\n }\n\n await next();\n },\n zValidator('json', z.object({ data: schema })),\n async (context) => {\n const { id } = context.req.valid('param');\n const { data } = context.req.valid('json') as { data: z.infer<typeof schema> };\n // biome-ignore lint/suspicious/noExplicitAny: generic\n const success: boolean = await handle(id, { type, data: data as any });\n return context.body(null, success ? 204 : 400);\n },\n );\n }\n\n operation('create_pull_request', DependabotCreatePullRequestSchema);\n operation('update_pull_request', DependabotUpdatePullRequestSchema);\n operation('close_pull_request', DependabotClosePullRequestSchema);\n operation('record_update_job_error', DependabotRecordUpdateJobErrorSchema);\n operation('record_update_job_warning', DependabotRecordUpdateJobWarningSchema);\n operation('record_update_job_unknown_error', DependabotRecordUpdateJobUnknownErrorSchema);\n operation('mark_as_processed', DependabotMarkAsProcessedSchema, 'patch');\n operation('update_dependency_list', DependabotUpdateDependencyListSchema);\n operation('create_dependency_submission', DependabotDependencySubmissionSchema);\n operation('record_ecosystem_versions', DependabotRecordEcosystemVersionsSchema);\n operation('record_ecosystem_meta', DependabotRecordEcosystemMetaSchema.array());\n operation('record_cooldown_meta', DependabotRecordCooldownMetaSchema.array());\n operation('increment_metric', DependabotIncrementMetricSchema);\n operation('record_metrics', DependabotMetricSchema.array()); // from the runner\n\n // Handle endpoints:\n // - GET request to /details\n // - GET request to /credentials\n app.on(\n 'get',\n '/:id/details',\n zValidator('param', z.object({ id: z.string() })),\n async (context, next) => {\n const { id } = context.req.valid('param');\n const value = context.req.header('Authorization');\n if (!value) return context.body(null, 401);\n const valid = await authenticate('job', id, value);\n if (!valid) return context.body(null, 403);\n await next();\n },\n async (context) => {\n const { id } = context.req.valid('param');\n const job = await getJob(id);\n if (!job) return context.body(null, 204);\n return context.json(job);\n },\n );\n app.on(\n 'get',\n '/:id/credentials',\n zValidator('param', z.object({ id: z.string() })),\n async (context, next) => {\n const { id } = context.req.valid('param');\n const value = context.req.header('Authorization');\n if (!value) return context.body(null, 401);\n const valid = await authenticate('credentials', id, value);\n if (!valid) return context.body(null, 403);\n await next();\n },\n async (context) => {\n const { id } = context.req.valid('param');\n const credentials = await getCredentials(id);\n if (!credentials) return context.body(null, 204);\n return context.json(credentials);\n },\n );\n\n return app;\n}\n"],"mappings":";;;;;;;;AAKA,MAAa,kCAAkC;AAC/C,MAAa,iCAAiC;;;;ACE9C,SAAgB,uBACd,kBACA,kBACA,WACA,qBACA,cACA,YAAoB,KACZ;CAIR,IAAIA;AAEJ,KADiC,uBAAuB,aAAa,SAAS,GAChD;EAG5B,MAAM,mBAAmB,OACtB,WAAW,MAAM,CACjB,OAAO,aAAa,KAAK,MAAM,GAAG,EAAE,mBAAmB,GAAG,EAAE,wBAAwB,CAAC,KAAK,IAAI,CAAC,CAC/F,OAAO,MAAM,CACb,UAAU,GAAG,GAAG;AACnB,eAAa,GAAG,uBAAuB,QAAQ,GAAG;OAUlD,cAAa,GANW,aACrB,KAAK,MAAM,EAAE,mBAAmB,CAChC,KAAK,QAAQ,CACb,QAAQ,UAAU,IAAI,CACtB,QAAQ,MAAM,GAAG,CAEY,GADV,aAAa,IAAI,UAAU,YAAY,aAAa,KAAK;AAIjF,QAAO,YACL;EACE;EACA;EACA;EAEA,YACI,UACG,MAAM,IAAI,CACV,QAAQ,SAAS,KAAK,SAAS,EAAE,CACjC,KAAK,UAAU,GAClB;EACJ;EACD,EACD,UACD;;AAGH,SAAgB,YAAY,UAAkC,WAA2B;AAOvF,QACE,SAEG,QAAQ,MAAM,KAAK,EAAE,MAAM,CAAC,SAAS,EAAE,CACvC,KAAK,UAAU,CAEf,QAAQ,0BAA0B,GAAG,CAErC,QAAQ,SAAS,QAAQ,CAEzB,QAAQ,QAAQ,IAAI,CACpB,QAAQ,QAAQ,IAAI,CAEpB,QAAQ,OAAO,GAAG;;;;;AC3EzB,MAAaC,sBAA6C;CACxD,6BAA6B;CAC7B,mCAAmC;CACnC,gBAAgB;CAChB,gCAAgC;CAChC,mCAAmC;CACnC,iCAAiC;CACjC,gCAAgC;CAChC,oCAAoC;CACpC,yCAAyC;CACzC,wCAAwC;CACxC,mCAAmC;CACnC,wCAAwC;CACxC,8CAA8C;CAC9C,6CAA6C;CAC7C,mCAAmC;CACnC,6CAA6C;CAC7C,2BAA2B;CAC3B,oDAAoD;CACpD,gCAAgC;CAChC,2BAA2B;CAC3B,4BAA4B;CAC5B,2BAA2B;CAC3B,kCAAkC;CAClC,kCAAkC;CACnC;;;;;;AAOD,SAAgB,iBAAiB,KAAiD;AAChF,QAAO,KACH,MAAM,IAAI,CACX,QAAQ,UAAU,MAAM,MAAM,KAAK,GAAG,CACtC,QAAQ,KAAK,QAAQ;EACpB,MAAM,CAAC,KAAK,SAAS,IAAI,MAAM,KAAK,EAAE;AACtC,MAAI,OAAQ,SAAS;AACrB,SAAO;IACN,EAAE,CAA0B;;;;;;;;;;AAWnC,SAAgB,cACd,aACA,MACA,QAA0B,MACH;AACvB,QAAO;EACL,GAAI,eAAe,EAAE;GAGpB,OAAO;EACT;;;;;;;;ACxBH,IAAa,uBAAb,MAAkC;CAChC,AAAiB;CACjB,AAAiB;CACjB,AAAiB;CACjB,AAAiB;CAEjB,AAAiB;CACjB,AAAiB;CACjB,AAAiB;CAEjB,YAAY,EACV,QACA,QACA,QACA,kBACA,mBACA,aACA,aACA,SAWC;AACD,OAAK,SAAS;AACd,OAAK,SAAS;AACd,OAAK,QAAQ;AAEb,OAAK,cAAc,cAAc,aAAa,0BAA0B,OAAO,0BAA0B;AAEzG,OAAK,iBAAiB,oCAAoC,OAAO,qBAAqB;AACtF,OAAK,SAAS,yCAAyC,QAAQ,OAAO;AACtE,OAAK,cAAc,eAAe;GAChC,gBAAgB,OAAO;GACvB;GACA;GACA;GACA,YAAY,OAAO;GACpB,CAAC;;;;;CAMJ,AAAO,oBAAoB,EACzB,IACA,WAI6B;AAC7B,SAAO;GACL,KAAK;IACC;IACK;IACT,mBAAmB,KAAK;IACxB,2BAA2B;IAC3B,cAAc;IACd,mBAAmB,CAAC;KAAE,mBAAmB;KAAU,eAAe;KAAO,CAAC;IAC1E,qBAAqB,CAAC,EAAE,mBAAmB,KAAK,CAAC;IACjD,yBAAyB;IACzB,uBAAuB,EAAE;IACzB,QAAQ,KAAK;IACb,0BAA0B;IAC1B,0BAA0B,EAAE;IAC5B,gCAAgC,EAAE;IAClC,aAAa,KAAK;IAClB,gCAAgC;IAChC,iBAAiB;IACjB,0BAA0B;KACxB,QAAQ;KACR,sBAAsB;KACtB,iBAAiB;KAClB;IACD,uBAAuB;IACvB,gBAAgB;IAChB,OAAO,KAAK;IACb;GACD,aAAa,KAAK;GACnB;;;;;CAMH,AAAO,UAAU,EACf,IACA,SACA,yBACA,sBACA,qBACA,2BAQ6B;EAC7B,MAAM,qBAAqB,KAAK,OAAO,gCAAgC;EAEvE,IAAIC;EACJ,IAAIC,4BAA2C;EAC/C,IAAIC;EACJ,IAAIC;AAEJ,MAAI,qBAAqB;AACvB,yBAAsB;AACtB,+BAA4B,MAAM,QAAQ,oBAAoB,GAC1D,OACA,oBAAoB;AACxB,4BACE,MAAM,QAAQ,oBAAoB,GAAG,sBAAsB,oBAAoB,eAC9E,KAAK,MAAM,EAAE,mBAAmB;AACnC,qBAAkB,yBAAyB,QAAQ,MAAM,uBAAuB,SAAS,EAAE,QAAQ,KAAK,CAAC;SACpG;AACL,yBAAsB;GACtB,MAAM,QAAQ,yBAAyB,SAAS,0BAA0B;AAC1E,2BACE,sBAAsB,QAClB,OAAO,QAAQ,MAAM,yBAAyB,MAAM,MAAM,EAAE,QAAQ,SAAS,EAAE,CAAC,GAChF;AACN,qBAAkB;;AAGpB,SAAO;GACL,KAAK;IACC;IACK;IACT,mBAAmB,KAAK;IACxB,2BAA2B,uBAAuB;IAClD,+BAA+B;IAC/B,qBAAqB,yCAAyC,KAAK,OAAO,OAAO;IACjF,cAAc;IACd,mBAAmB,iDAAiD,KAAK,OAAO,OAAO,mBAAmB;IAC1G,qBAAqB,mDAAmD,KAAK,OAAO,OAAO;IAC3F,yBAAyB;IACzB,uBAAuB,sBAAsB,gBAAgB;IAC7D,QAAQ,KAAK;IACb,0BAA0B;IAC1B,0BAA0B,qBAAqB,QAAQ,OAAO,MAAM,QAAQ,GAAG,CAAC;IAChF,gCAAgC,qBAAqB,QAClD,OAAwC,CAAC,MAAM,QAAQ,GAAG,CAC5D;IACD,0BAA0B;KACxB,QAAQ,KAAK,OAAO,mBAAmB,UAAU;KACjD,sBAAsB,KAAK,OAAO,oBAAoB,yBAAyB;KAC/E,iBACE,KAAK,OAAO,mBAAmB,SAAS,mBAAmB,EAAE,MAAM,KAAK,UAAU,OAAO;KAC5F;IACD,UAAU,KAAK,OAAO;IACtB,aAAa,eAAe,KAAK,YAAY;IAC7C,wBACE,KAAK,OAAO,qCAAqC,mBAAmB,EAAE,MAAM,KAAK;IACnF,gCAAgC,+CAC9B,KAAK,OAAO,uBACb;IACD,iBAAiB,KAAK,OAAO,2BAA2B;IACxD,uBAAuB,KAAK,OAAO,UAAU;IAC7C,gBAAgB;IAChB,OAAO,KAAK;IACZ,2CAA2C;IAC3C,wBAAwB;IACxB,0BAA0B,KAAK,OAAO,6BAA6B;IAMnE,0BAA0B;IAC1B,iBAAiB,KAAK,OAAO;IAC9B;GACD,aAAa,KAAK;GACnB;;;AAIL,SAAgB,oCAAoC,WAAuD;AAIzG,SAAQ,WAAR;EACE,KAAK,iBACH,QAAO;EACT,KAAK,aACH,QAAO;EACT,KAAK,iBACH,QAAO;EACT,KAAK,eACH,QAAO;EACT,KAAK,QACH,QAAO;EACT,KAAK,MACH,QAAO;EACT,KAAK,MACH,QAAO;EAET,KAAK,SACH,QAAO;EACT,KAAK,cACH,QAAO;EACT,KAAK,SACH,QAAO;EACT,KAAK,OACH,QAAO;EACT,KAAK,iBACH,QAAO;EACT,KAAK,OACH,QAAO;EACT,QACE,QAAO;;;AAIb,SAAgB,yCACd,QACA,QACkB;AAClB,QAAO;EACL,UAAU,OAAO;EACjB,gBAAgB,OAAO;EACvB,UAAU,OAAO;EACjB,MAAM,OAAO;EACb,QAAQ,OAAO;EACf,QAAQ;EACR,WAAW,OAAO;EAClB,aAAa,OAAO;EACrB;;AAGH,SAAgB,+CAA+C,UAA8C;AAC3G,KAAI,CAAC,SAAU,QAAO;AACtB,SAAQ,UAAR;EACE,KAAK,OACH,QAAO;EACT,KAAK,WACH,QAAO;EACT,KAAK,wBACH,QAAO;EACT,KAAK,gBACH,QAAO;EACT,KAAK,QACH,QAAO;EACT,QACE,OAAM,IAAI,MAAM,uDAAuD,SAAS,GAAG;;;AAIzF,SAAgB,yCACd,kBACsB;AACtB,KAAI,CAAC,oBAAoB,CAAC,OAAO,KAAK,iBAAiB,CAAC,OAAQ,QAAO,EAAE;AACzE,QAAO,OAAO,KAAK,iBAAiB,CACjC,QAAQ,SAAS,iBAAiB,MAAM,CACxC,KAAK,SAAS;EACb,MAAM,QAAQ,iBAAiB;AAC/B,SAAO;GACC;GACN,cAAc,MAAM;GACpB,OAAO;IACL,UAAU,MAAM,UAAU,SAAS,MAAM,WAAW,CAAC,IAAI;IACzD,oBAAoB,MAAM;IAC1B,mBAAmB,MAAM;IACzB,gBAAgB,MAAM;IACvB;GACF;GACD;;AAGN,SAAgB,iDACd,gBACA,oBACqB;AAIrB,KAAI,CAAC,eACH,QAAO,CACL;EACE,mBAAmB;EACnB,eAAe,qBAAqB,aAAa;EAClD,CACF;AAEH,QAAO,eAAe,KAAK,UAAU;AACnC,SAAO;GACL,mBAAmB,MAAM;GACzB,mBAAmB,MAAM;GACzB,eAAe,MAAM;GACtB;GACD;;AAGJ,SAAgB,mDACd,kBACuB;AACvB,KAAI,CAAC,iBAAkB,QAAO,EAAE;AAChC,QAAO,iBAAiB,KAAK,WAAW;AACtC,SAAO;GACL,QAAQ,OAAO;GACf,cAAc,OAAO;GACrB,mBAAmB,OAAO,sBAAsB;GAChD,gBAAgB,OAAO;GAIvB,uBAAuB,MAAM,QAAQ,OAAO,SAAS,GAAc,OAAO,UAAW,KAAK,KAAK,GAAG,OAAO;GAC1G;GACD;;AAGJ,SAAgB,eAAe,aAA4D;AACzF,iBAAgB,EAAE;AAClB,QAAO,OAAO,KAAK,YAAY,CAAC,QAAQ,KAAK,QAAQ;EAGnD,MAAM,QAAQ,YAAY;AAC1B,MAAI,OAAO,UAAU,YAAY,OAAO,mBAAmB,KAAK,OAC9D,KAAI,OAAO;WACF,OAAO,UAAU,YAAY,OAAO,mBAAmB,KAAK,QACrE,KAAI,OAAO;WAEP,OAAO,UAAU,YAAY,OAAO,UAAU,UAAW,KAAI,OAAO;AAE1E,SAAO;IACN,EAAE,CAA0B;;AAGjC,SAAgB,sBAAsB,yBAAiF;AACrH,KAAI,CAAC,wBAAyB,QAAO,EAAE;CAIvC,MAAM,mEAAmD,IAAI,KAAsC;AACnG,MAAK,MAAM,QAAQ,yBAAyB;EAC1C,MAAM,MAAM,GAAG,KAAK,QAAQ,KAAK,GAAG,KAAK,SAAS,YAAY,KAAK,MAAM,GAAG,EAAE,KAAK,GAAG,EAAE,QAAQ,CAAC,KAAK,IAAI;AAC1G,MAAI,CAAC,iDAAiD,IAAI,IAAI,CAC5D,kDAAiD,IAAI,KAAK,EAAE,CAAC;AAE/D,mDAAiD,IAAI,IAAI,CAAE,KAAK,KAAK;;AAEvE,QAAO,MAAM,KAAK,iDAAiD,QAAQ,CAAC,CAAC,KAAK,UAAU;AAC1F,SAAO;GACL,mBAAmB,MAAM,GAAI,QAAQ;GACrC,qBAAqB,MAAM,KAAK,MAAM,EAAE,uBAAuB,CAAC,QAAQ,MAAM,KAAK,EAAE,SAAS,EAAE;GAChG,oBAAoB,MACjB,KAAK,MAAM,EAAE,qBAAqB,WAAW,CAC7C,QAAQ,MAAM,KAAK,EAAE,SAAS,EAAE,CAChC,KAAK,MAAM,EAAG;GACjB,uBAAuB,EAAE;GAC1B;GACD;;AAGJ,SAAgB,eAAe,EAC7B,gBACA,kBACA,mBACA,aACA,cAOyB;CACzB,MAAM,cAAc,EAAE;AAGtB,KAAI,kBACF,aAAY,KAAK;EACf,MAAM;EACN,MAAM;EACN,WAAW,oBAAoB,IAAI,MAAM,EAAE,SAAS,IAAI,mBAAmB;EAC3E,UAAU;EACX,CAAC;AAIJ,KAAI,YACF,aAAY,KAAK;EACf,MAAM;EACN,MAAM;EACN,UAAU;EACV,UAAU;EACX,CAAC;AAEJ,KAAI,WAIF,aAAY,KAAK,GAAG,OAAO,OAAO,WAAW,CAAC;AAGhD,QAAO;;;;;ACvbT,MAAa,iCAAiC,EAAE,OAAO;CAErD,SAAS,EAAE,QAAQ,CAAC,SAAS;CAC7B,kBAAkB,EACf,KAAK;EACJ;EACA;EAEA;EACD,CAAC,CACD,SAAS;CACZ,SAAS,EAAE,SAAS,CAAC,SAAS;CAC9B,WAAW,EAAE,QAAQ;CACrB,MAAM,EAAE,QAAQ;CAChB,WAAW,EAAE,KAAK;EAAC;EAAU;EAAU;EAAS,CAAC;CACjD,cAAc,EAAE,SAAS,CAAC,SAAS;CACnC,eAAe,EAAE,SAAS,CAAC,SAAS;CACpC,gBAAgB,EAAE,QAAQ,CAAC,SAAS;CACpC,MAAM,EAAE,QAAQ,CAAC,SAAS;CAC1B,MAAM,EACH,KAAK;EACJ,YAAY;EACZ,MAAM;EACN,WAAW;EACX,WAAW;EACX,SAAS;EACV,CAAC,CACD,GAAG,EAAE,QAAQ,CAAC,CACd,SAAS;CACb,CAAC;AAGF,MAAa,uCAAuC,EAAE,OAAO;CAC3D,cAAc,2BAA2B,OAAO;CAChD,kBAAkB,EAAE,QAAQ,CAAC,OAAO,CAAC,SAAS;CAC/C,CAAC;AAGF,MAAa,uCAAuC,EAAE,OAAO;CAC3D,SAAS,EAAE,QAAQ;CACnB,KAAK,EAAE,QAAQ;CACf,KAAK,EAAE,QAAQ;CACf,KAAK,EAAE,OAAO;EACZ,YAAY,EAAE,QAAQ;EACtB,IAAI,EAAE,QAAQ;EACf,CAAC;CACF,UAAU,EAAE,OAAO;EACjB,MAAM,EAAE,QAAQ;EAChB,SAAS,EAAE,QAAQ;EACnB,KAAK,EAAE,QAAQ;EAChB,CAAC;CACF,WAAW,EAAE,OAAO;EAClB,MAAM,EAAE,QAAQ,CAAC,SAAS;EAC1B,MAAM,EAAE,OAAO,EAAE,iBAAiB,EAAE,QAAQ,EAAE,CAAC,CAAC,SAAS;EACzD,UAAU,EAAE,OAAO,EAAE,WAAW,gCAAgC,CAAC,CAAC,SAAS;EAC3E,UAAU,EACP,OAAO;GACN,aAAa,EAAE,QAAQ;GACvB,cAAc,EAAE,KAAK,CAAC,UAAU,WAAW,CAAC;GAC5C,OAAO,EAAE,KAAK,CAAC,WAAW,cAAc,CAAC;GACzC,cAAc,2BAA2B,OAAO;GACjD,CAAC,CACD,SAAS;EACb,CAAC;CACH,CAAC;AAGF,MAAa,oCAAoC,EAAE,OAAO;CACxD,mBAAmB,EAAE,QAAQ;CAC7B,cAAc,2BAA2B,OAAO;CAChD,4BAA4B,+BAA+B,OAAO;CAClE,YAAY,EAAE,QAAQ;CACtB,WAAW,EAAE,QAAQ,CAAC,SAAS;CAC/B,kBAAkB,EAAE,QAAQ;CAC5B,oBAAoB,EAAE,OAAO,EAAE,QAAQ,EAAE,EAAE,KAAK,CAAC,CAAC,SAAS;CAC5D,CAAC;AAGF,MAAa,oCAAoC,EAAE,OAAO;CACxD,mBAAmB,EAAE,QAAQ;CAC7B,oBAAoB,EAAE,QAAQ,CAAC,OAAO;CACtC,4BAA4B,+BAA+B,OAAO;CAClE,YAAY,EAAE,QAAQ,CAAC,SAAS;CAChC,WAAW,EAAE,QAAQ,CAAC,SAAS;CAC/B,kBAAkB,EAAE,QAAQ,CAAC,SAAS;CACtC,oBAAoB,EAAE,OAAO,EAAE,QAAQ,EAAE,EAAE,KAAK,CAAC,CAAC,SAAS;CAC5D,CAAC;AAGF,MAAa,uCAAuC,EAAE,KAAK;CACzD;CACA;CACA;CACA;CACA;CACD,CAAC;AAEF,MAAa,mCAAmC,EAAE,OAAO;CACvD,oBAAoB,EAAE,QAAQ,CAAC,OAAO;CACtC,QAAQ,qCAAqC,SAAS;CACvD,CAAC;AAGF,MAAa,kCAAkC,EAAE,OAAO,EACtD,mBAAmB,EAAE,QAAQ,CAAC,SAAS,EACxC,CAAC;AAGF,MAAa,uCAAuC,EAAE,OAAO;CAC3D,cAAc,EAAE,QAAQ;CACxB,iBAAiB,EAAE,OAAO,EAAE,QAAQ,EAAE,EAAE,KAAK,CAAC,CAAC,SAAS;CACzD,CAAC;AAGF,MAAa,yCAAyC,EAAE,OAAO;CAC7D,aAAa,EAAE,QAAQ;CACvB,cAAc,EAAE,QAAQ;CACxB,oBAAoB,EAAE,QAAQ;CAC/B,CAAC;AAGF,MAAa,8CAA8C,EAAE,OAAO;CAClE,cAAc,EAAE,QAAQ;CACxB,iBAAiB,EAAE,OAAO,EAAE,QAAQ,EAAE,EAAE,KAAK,CAAC,CAAC,SAAS;CACzD,CAAC;AAGF,MAAa,0CAA0C,EAAE,OAAO,EAC9D,oBAAoB,EAAE,OAAO,EAAE,QAAQ,EAAE,EAAE,KAAK,CAAC,CAAC,SAAS,EAC5D,CAAC;AAGF,MAAa,0CAA0C,EAAE,OAAO;CAC9D,MAAM,EAAE,QAAQ;CAChB,SAAS,EAAE,QAAQ;CACnB,aAAa,EAAE,QAAQ;CACvB,aAAa,EAAE,OAAO,EAAE,QAAQ,EAAE,EAAE,KAAK,CAAC,CAAC,SAAS;CACrD,CAAC;AAGF,MAAa,gCAAgC,EAAE,OAAO;CACpD,MAAM,EAAE,QAAQ;CAChB,iBAAiB,wCAAwC,SAAS;CAClE,UAAU,wCAAwC,SAAS;CAC3D,SAAS,wCAAwC,SAAS;CAC3D,CAAC;AAGF,MAAa,sCAAsC,EAAE,OAAO,EAC1D,WAAW,+BACZ,CAAC;AAGF,MAAa,qCAAqC,EAAE,OAAO,EACzD,UAAU,EAAE,OAAO;CACjB,gBAAgB;CAChB,QAAQ,EAAE,OAAO;EACf,cAAc,EAAE,QAAQ;EACxB,mBAAmB,EAAE,QAAQ;EAC7B,mBAAmB,EAAE,QAAQ;EAC7B,mBAAmB,EAAE,QAAQ;EAC9B,CAAC;CACH,CAAC,EACH,CAAC;AAGF,MAAa,kCAAkC,EAAE,OAAO;CACtD,QAAQ,EAAE,QAAQ;CAClB,MAAM,EAAE,OAAO,EAAE,QAAQ,EAAE,EAAE,KAAK,CAAC,CAAC,SAAS;CAC9C,CAAC;AAGF,MAAa,yBAAyB,EAAE,OAAO;CAC7C,QAAQ,EAAE,QAAQ;CAClB,MAAM,EAAE,KAAK;EAAC;EAAa;EAAS;EAAgB;EAAY,CAAC;CACjE,OAAO,EAAE,QAAQ,CAAC,SAAS;CAC3B,QAAQ,EAAE,QAAQ,CAAC,OAAO,CAAC,SAAS;CACpC,MAAM,EAAE,OAAO,EAAE,QAAQ,EAAE,EAAE,QAAQ,CAAC,CAAC,SAAS;CACjD,CAAC;;;;ACjKF,MAAa,8BAA8B,EAAE,KAAK;CAChD;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACA;CACD,CAAC;AAGF,MAAa,0BAA0B,EAAE,mBAAmB,QAAQ;CAClE,EAAE,OAAO;EAAE,MAAM,EAAE,QAAQ,sBAAsB;EAAE,MAAM;EAAmC,CAAC;CAC7F,EAAE,OAAO;EAAE,MAAM,EAAE,QAAQ,sBAAsB;EAAE,MAAM;EAAmC,CAAC;CAC7F,EAAE,OAAO;EAAE,MAAM,EAAE,QAAQ,qBAAqB;EAAE,MAAM;EAAkC,CAAC;CAC3F,EAAE,OAAO;EAAE,MAAM,EAAE,QAAQ,0BAA0B;EAAE,MAAM;EAAsC,CAAC;CACpG,EAAE,OAAO;EAAE,MAAM,EAAE,QAAQ,4BAA4B;EAAE,MAAM;EAAwC,CAAC;CACxG,EAAE,OAAO;EAAE,MAAM,EAAE,QAAQ,kCAAkC;EAAE,MAAM;EAA6C,CAAC;CACnH,EAAE,OAAO;EAAE,MAAM,EAAE,QAAQ,oBAAoB;EAAE,MAAM;EAAiC,CAAC;CACzF,EAAE,OAAO;EAAE,MAAM,EAAE,QAAQ,yBAAyB;EAAE,MAAM;EAAsC,CAAC;CACnG,EAAE,OAAO;EAAE,MAAM,EAAE,QAAQ,+BAA+B;EAAE,MAAM;EAAsC,CAAC;CACzG,EAAE,OAAO;EAAE,MAAM,EAAE,QAAQ,4BAA4B;EAAE,MAAM;EAAyC,CAAC;CACzG,EAAE,OAAO;EAAE,MAAM,EAAE,QAAQ,wBAAwB;EAAE,MAAM,oCAAoC,OAAO;EAAE,CAAC;CACzG,EAAE,OAAO;EAAE,MAAM,EAAE,QAAQ,uBAAuB;EAAE,MAAM,mCAAmC,OAAO;EAAE,CAAC;CACvG,EAAE,OAAO;EAAE,MAAM,EAAE,QAAQ,mBAAmB;EAAE,MAAM;EAAiC,CAAC;CACxF,EAAE,OAAO;EAAE,MAAM,EAAE,QAAQ,iBAAiB;EAAE,MAAM,uBAAuB,OAAO;EAAE,CAAC;CACtF,CAAC;;;;;;;;;;;;;AAmFF,SAAgB,mBAAmB,EACjC,WAAW,oBACX,cACA,QACA,gBACA,SACA,UACkC;CAElC,MAAM,MAAM,IAAI,MAAM,CAAC,SAAS,SAAS;CAgBzC,SAAS,UAA6B,MAA6B,QAAW,QAAiB;AAC7F,MAAI,GACF,UAAU,QACV,QAAQ,QACR,WAAW,SAAS,EAAE,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,CAAC,CAAC,EACjD,OAAO,SAAS,SAAS;GAOvB,MAAM,UADM,IAAI,IAAI,QAAQ,IAAI,IAAI,CAChB,aAAa;GACjC,MAAM,EAAE,OAAO,QAAQ,IAAI,MAAM,QAAQ;AACzC,OAAI,SAAS;IACX,MAAM,QAAQ,QAAQ,IAAI,OAAO,gBAAgB;AACjD,QAAI,CAAC,MAAO,QAAO,QAAQ,KAAK,MAAM,IAAI;AAE1C,QAAI,CADU,MAAM,aAAa,OAAO,IAAI,MAAM,CACtC,QAAO,QAAQ,KAAK,MAAM,IAAI;SAE1C,QAAO,MAAM,oDAAoD,QAAQ,IAAI,MAAM;AAIrF,OAAI,QACF,OAAM,QAAQ,IAAI,MAAM,MAAM,QAAQ,IAAI,MAAM,CAAC;AAGnD,SAAM,MAAM;KAEd,WAAW,QAAQ,EAAE,OAAO,EAAE,MAAM,QAAQ,CAAC,CAAC,EAC9C,OAAO,YAAY;GACjB,MAAM,EAAE,OAAO,QAAQ,IAAI,MAAM,QAAQ;GACzC,MAAM,EAAE,SAAS,QAAQ,IAAI,MAAM,OAAO;GAE1C,MAAMC,UAAmB,MAAM,OAAO,IAAI;IAAE;IAAY;IAAa,CAAC;AACtE,UAAO,QAAQ,KAAK,MAAM,UAAU,MAAM,IAAI;IAEjD;;AAGH,WAAU,uBAAuB,kCAAkC;AACnE,WAAU,uBAAuB,kCAAkC;AACnE,WAAU,sBAAsB,iCAAiC;AACjE,WAAU,2BAA2B,qCAAqC;AAC1E,WAAU,6BAA6B,uCAAuC;AAC9E,WAAU,mCAAmC,4CAA4C;AACzF,WAAU,qBAAqB,iCAAiC,QAAQ;AACxE,WAAU,0BAA0B,qCAAqC;AACzE,WAAU,gCAAgC,qCAAqC;AAC/E,WAAU,6BAA6B,wCAAwC;AAC/E,WAAU,yBAAyB,oCAAoC,OAAO,CAAC;AAC/E,WAAU,wBAAwB,mCAAmC,OAAO,CAAC;AAC7E,WAAU,oBAAoB,gCAAgC;AAC9D,WAAU,kBAAkB,uBAAuB,OAAO,CAAC;AAK3D,KAAI,GACF,OACA,gBACA,WAAW,SAAS,EAAE,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,CAAC,CAAC,EACjD,OAAO,SAAS,SAAS;EACvB,MAAM,EAAE,OAAO,QAAQ,IAAI,MAAM,QAAQ;EACzC,MAAM,QAAQ,QAAQ,IAAI,OAAO,gBAAgB;AACjD,MAAI,CAAC,MAAO,QAAO,QAAQ,KAAK,MAAM,IAAI;AAE1C,MAAI,CADU,MAAM,aAAa,OAAO,IAAI,MAAM,CACtC,QAAO,QAAQ,KAAK,MAAM,IAAI;AAC1C,QAAM,MAAM;IAEd,OAAO,YAAY;EACjB,MAAM,EAAE,OAAO,QAAQ,IAAI,MAAM,QAAQ;EACzC,MAAM,MAAM,MAAM,OAAO,GAAG;AAC5B,MAAI,CAAC,IAAK,QAAO,QAAQ,KAAK,MAAM,IAAI;AACxC,SAAO,QAAQ,KAAK,IAAI;GAE3B;AACD,KAAI,GACF,OACA,oBACA,WAAW,SAAS,EAAE,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,CAAC,CAAC,EACjD,OAAO,SAAS,SAAS;EACvB,MAAM,EAAE,OAAO,QAAQ,IAAI,MAAM,QAAQ;EACzC,MAAM,QAAQ,QAAQ,IAAI,OAAO,gBAAgB;AACjD,MAAI,CAAC,MAAO,QAAO,QAAQ,KAAK,MAAM,IAAI;AAE1C,MAAI,CADU,MAAM,aAAa,eAAe,IAAI,MAAM,CAC9C,QAAO,QAAQ,KAAK,MAAM,IAAI;AAC1C,QAAM,MAAM;IAEd,OAAO,YAAY;EACjB,MAAM,EAAE,OAAO,QAAQ,IAAI,MAAM,QAAQ;EACzC,MAAM,cAAc,MAAM,eAAe,GAAG;AAC5C,MAAI,CAAC,YAAa,QAAO,QAAQ,KAAK,MAAM,IAAI;AAChD,SAAO,QAAQ,KAAK,YAAY;GAEnC;AAED,QAAO"}
package/dist/github/index.d.mts CHANGED
@@ -1,2 +1,2 @@
1
- import { _ as createGitHubClient, a as PackageEcosystemSchema, c as SecurityAdvisoryIdentifierSchema, d as SecurityAdvisorySeverity, f as SecurityAdvisorySeveritySchema, g as getGhsaPackageEcosystemFromDependabotPackageManager, h as filterVulnerabilities, i as PackageEcosystem, l as SecurityAdvisoryIdentifierType, m as SecurityVulnerabilitySchema, n as GitHubSecurityAdvisoryClient, o as PackageSchema, p as SecurityVulnerability, r as Package, s as SecurityAdvisory, t as FirstPatchedVersion, u as SecurityAdvisorySchema } from "../index-BWftXTYB.mjs";
1
+ import { _ as createGitHubClient, a as PackageEcosystemSchema, c as SecurityAdvisoryIdentifierSchema, d as SecurityAdvisorySeverity, f as SecurityAdvisorySeveritySchema, g as getGhsaPackageEcosystemFromDependabotPackageManager, h as filterVulnerabilities, i as PackageEcosystem, l as SecurityAdvisoryIdentifierType, m as SecurityVulnerabilitySchema, n as GitHubSecurityAdvisoryClient, o as PackageSchema, p as SecurityVulnerability, r as Package, s as SecurityAdvisory, t as FirstPatchedVersion, u as SecurityAdvisorySchema } from "../index-BfwWezjJ.mjs";
2
2
  export { FirstPatchedVersion, GitHubSecurityAdvisoryClient, Package, PackageEcosystem, PackageEcosystemSchema, PackageSchema, SecurityAdvisory, SecurityAdvisoryIdentifierSchema, SecurityAdvisoryIdentifierType, SecurityAdvisorySchema, SecurityAdvisorySeverity, SecurityAdvisorySeveritySchema, SecurityVulnerability, SecurityVulnerabilitySchema, createGitHubClient, filterVulnerabilities, getGhsaPackageEcosystemFromDependabotPackageManager };
package/dist/github/index.mjs CHANGED
@@ -1,4 +1,4 @@
1
- import { n as logger } from "../logger-BqvUa-Ue.mjs";
1
+ import { n as logger } from "../logger-5PEqZVLr.mjs";
2
2
  import { z } from "zod";
3
3
  import { Octokit } from "octokit";
4
4
  import * as semver from "semver";
package/dist/{index-BWftXTYB.d.mts → index-BfwWezjJ.d.mts} RENAMED
@@ -166,4 +166,4 @@ declare class GitHubSecurityAdvisoryClient {
166
166
  declare function filterVulnerabilities(securityVulnerabilities: SecurityVulnerability[]): SecurityVulnerability[];
167
167
  //#endregion
168
168
  export { createGitHubClient as _, PackageEcosystemSchema as a, SecurityAdvisoryIdentifierSchema as c, SecurityAdvisorySeverity as d, SecurityAdvisorySeveritySchema as f, getGhsaPackageEcosystemFromDependabotPackageManager as g, filterVulnerabilities as h, PackageEcosystem as i, SecurityAdvisoryIdentifierType as l, SecurityVulnerabilitySchema as m, GitHubSecurityAdvisoryClient as n, PackageSchema as o, SecurityVulnerability as p, Package as r, SecurityAdvisory as s, FirstPatchedVersion as t, SecurityAdvisorySchema as u };
169
- //# sourceMappingURL=index-BWftXTYB.d.mts.map
169
+ //# sourceMappingURL=index-BfwWezjJ.d.mts.map
package/dist/{index-vaaBSJ7v.d.mts → index-Byxjhvfz.d.mts} RENAMED
@@ -1,4 +1,4 @@
1
- import { p as SecurityVulnerability } from "./index-BWftXTYB.mjs";
1
+ import { p as SecurityVulnerability } from "./index-BfwWezjJ.mjs";
2
2
  import { z } from "zod";
3
3
  import { Hono } from "hono";
4
4
 
@@ -342,7 +342,7 @@ declare const DependabotUpdateSchema: z.ZodPipe<z.ZodObject<{
342
342
  }, z.core.$strip>>;
343
343
  'rebase-strategy': z.ZodOptional<z.ZodString>;
344
344
  registries: z.ZodOptional<z.ZodArray<z.ZodString>>;
345
- schedule: z.ZodOptional<z.ZodPipe<z.ZodObject<{
345
+ schedule: z.ZodPipe<z.ZodObject<{
346
346
  interval: z.ZodEnum<{
347
347
  daily: "daily";
348
348
  weekly: "weekly";
@@ -376,7 +376,7 @@ declare const DependabotUpdateSchema: z.ZodPipe<z.ZodObject<{
376
376
  timezone: string;
377
377
  time?: string | undefined;
378
378
  cronjob?: string | undefined;
379
- }>>>;
379
+ }>>;
380
380
  'target-branch': z.ZodOptional<z.ZodString>;
381
381
  vendor: z.ZodOptional<z.ZodBoolean>;
382
382
  'versioning-strategy': z.ZodOptional<z.ZodEnum<{
@@ -390,6 +390,13 @@ declare const DependabotUpdateSchema: z.ZodPipe<z.ZodObject<{
390
390
  'multi-ecosystem-group': z.ZodOptional<z.ZodString>;
391
391
  }, z.core.$strip>, z.ZodTransform<{
392
392
  'package-ecosystem': "bundler" | "cargo" | "composer" | "conda" | "pub" | "docker" | "elm" | "gradle" | "maven" | "nuget" | "pip" | "swift" | "terraform" | "devcontainers" | "bun" | "uv" | "vcpkg" | "helm" | "julia" | "bazel" | "opentofu" | "docker-compose" | "dotnet-sdk" | "mix" | "gitsubmodule" | "github-actions" | "gomod" | "npm" | "pip-compile" | "pipenv" | "pnpm" | "poetry" | "rust-toolchain" | "yarn";
393
+ schedule: {
394
+ interval: "daily" | "weekly" | "monthly" | "quarterly" | "semiannually" | "yearly" | "cron";
395
+ day: "sunday" | "monday" | "tuesday" | "wednesday" | "thursday" | "friday" | "saturday";
396
+ timezone: string;
397
+ time?: string | undefined;
398
+ cronjob?: string | undefined;
399
+ };
393
400
  directory?: string | undefined;
394
401
  directories?: string[] | undefined;
395
402
  'exclude-paths'?: string[] | undefined;
@@ -434,13 +441,6 @@ declare const DependabotUpdateSchema: z.ZodPipe<z.ZodObject<{
434
441
  } | undefined;
435
442
  'rebase-strategy'?: string | undefined;
436
443
  registries?: string[] | undefined;
437
- schedule?: {
438
- interval: "daily" | "weekly" | "monthly" | "quarterly" | "semiannually" | "yearly" | "cron";
439
- day: "sunday" | "monday" | "tuesday" | "wednesday" | "thursday" | "friday" | "saturday";
440
- timezone: string;
441
- time?: string | undefined;
442
- cronjob?: string | undefined;
443
- } | undefined;
444
444
  'target-branch'?: string | undefined;
445
445
  vendor?: boolean | undefined;
446
446
  'versioning-strategy'?: "auto" | "increase" | "increase-if-necessary" | "lockfile-only" | "widen" | undefined;
@@ -448,6 +448,13 @@ declare const DependabotUpdateSchema: z.ZodPipe<z.ZodObject<{
448
448
  'multi-ecosystem-group'?: string | undefined;
449
449
  }, {
450
450
  'package-ecosystem': "bundler" | "cargo" | "composer" | "conda" | "pub" | "docker" | "elm" | "gradle" | "maven" | "nuget" | "pip" | "swift" | "terraform" | "devcontainers" | "bun" | "uv" | "vcpkg" | "helm" | "julia" | "bazel" | "opentofu" | "docker-compose" | "dotnet-sdk" | "mix" | "gitsubmodule" | "github-actions" | "gomod" | "npm" | "pip-compile" | "pipenv" | "pnpm" | "poetry" | "rust-toolchain" | "yarn";
451
+ schedule: {
452
+ interval: "daily" | "weekly" | "monthly" | "quarterly" | "semiannually" | "yearly" | "cron";
453
+ day: "sunday" | "monday" | "tuesday" | "wednesday" | "thursday" | "friday" | "saturday";
454
+ timezone: string;
455
+ time?: string | undefined;
456
+ cronjob?: string | undefined;
457
+ };
451
458
  directory?: string | undefined;
452
459
  directories?: string[] | undefined;
453
460
  'exclude-paths'?: string[] | undefined;
@@ -492,13 +499,6 @@ declare const DependabotUpdateSchema: z.ZodPipe<z.ZodObject<{
492
499
  } | undefined;
493
500
  'rebase-strategy'?: string | undefined;
494
501
  registries?: string[] | undefined;
495
- schedule?: {
496
- interval: "daily" | "weekly" | "monthly" | "quarterly" | "semiannually" | "yearly" | "cron";
497
- day: "sunday" | "monday" | "tuesday" | "wednesday" | "thursday" | "friday" | "saturday";
498
- timezone: string;
499
- time?: string | undefined;
500
- cronjob?: string | undefined;
501
- } | undefined;
502
502
  'target-branch'?: string | undefined;
503
503
  vendor?: boolean | undefined;
504
504
  'versioning-strategy'?: "auto" | "increase" | "increase-if-necessary" | "lockfile-only" | "widen" | undefined;
@@ -718,7 +718,7 @@ declare const DependabotConfigSchema: z.ZodPipe<z.ZodObject<{
718
718
  }, z.core.$strip>>;
719
719
  'rebase-strategy': z.ZodOptional<z.ZodString>;
720
720
  registries: z.ZodOptional<z.ZodArray<z.ZodString>>;
721
- schedule: z.ZodOptional<z.ZodPipe<z.ZodObject<{
721
+ schedule: z.ZodPipe<z.ZodObject<{
722
722
  interval: z.ZodEnum<{
723
723
  daily: "daily";
724
724
  weekly: "weekly";
@@ -752,7 +752,7 @@ declare const DependabotConfigSchema: z.ZodPipe<z.ZodObject<{
752
752
  timezone: string;
753
753
  time?: string | undefined;
754
754
  cronjob?: string | undefined;
755
- }>>>;
755
+ }>>;
756
756
  'target-branch': z.ZodOptional<z.ZodString>;
757
757
  vendor: z.ZodOptional<z.ZodBoolean>;
758
758
  'versioning-strategy': z.ZodOptional<z.ZodEnum<{
@@ -766,6 +766,13 @@ declare const DependabotConfigSchema: z.ZodPipe<z.ZodObject<{
766
766
  'multi-ecosystem-group': z.ZodOptional<z.ZodString>;
767
767
  }, z.core.$strip>, z.ZodTransform<{
768
768
  'package-ecosystem': "bundler" | "cargo" | "composer" | "conda" | "pub" | "docker" | "elm" | "gradle" | "maven" | "nuget" | "pip" | "swift" | "terraform" | "devcontainers" | "bun" | "uv" | "vcpkg" | "helm" | "julia" | "bazel" | "opentofu" | "docker-compose" | "dotnet-sdk" | "mix" | "gitsubmodule" | "github-actions" | "gomod" | "npm" | "pip-compile" | "pipenv" | "pnpm" | "poetry" | "rust-toolchain" | "yarn";
769
+ schedule: {
770
+ interval: "daily" | "weekly" | "monthly" | "quarterly" | "semiannually" | "yearly" | "cron";
771
+ day: "sunday" | "monday" | "tuesday" | "wednesday" | "thursday" | "friday" | "saturday";
772
+ timezone: string;
773
+ time?: string | undefined;
774
+ cronjob?: string | undefined;
775
+ };
769
776
  directory?: string | undefined;
770
777
  directories?: string[] | undefined;
771
778
  'exclude-paths'?: string[] | undefined;
@@ -810,13 +817,6 @@ declare const DependabotConfigSchema: z.ZodPipe<z.ZodObject<{
810
817
  } | undefined;
811
818
  'rebase-strategy'?: string | undefined;
812
819
  registries?: string[] | undefined;
813
- schedule?: {
814
- interval: "daily" | "weekly" | "monthly" | "quarterly" | "semiannually" | "yearly" | "cron";
815
- day: "sunday" | "monday" | "tuesday" | "wednesday" | "thursday" | "friday" | "saturday";
816
- timezone: string;
817
- time?: string | undefined;
818
- cronjob?: string | undefined;
819
- } | undefined;
820
820
  'target-branch'?: string | undefined;
821
821
  vendor?: boolean | undefined;
822
822
  'versioning-strategy'?: "auto" | "increase" | "increase-if-necessary" | "lockfile-only" | "widen" | undefined;
@@ -824,6 +824,13 @@ declare const DependabotConfigSchema: z.ZodPipe<z.ZodObject<{
824
824
  'multi-ecosystem-group'?: string | undefined;
825
825
  }, {
826
826
  'package-ecosystem': "bundler" | "cargo" | "composer" | "conda" | "pub" | "docker" | "elm" | "gradle" | "maven" | "nuget" | "pip" | "swift" | "terraform" | "devcontainers" | "bun" | "uv" | "vcpkg" | "helm" | "julia" | "bazel" | "opentofu" | "docker-compose" | "dotnet-sdk" | "mix" | "gitsubmodule" | "github-actions" | "gomod" | "npm" | "pip-compile" | "pipenv" | "pnpm" | "poetry" | "rust-toolchain" | "yarn";
827
+ schedule: {
828
+ interval: "daily" | "weekly" | "monthly" | "quarterly" | "semiannually" | "yearly" | "cron";
829
+ day: "sunday" | "monday" | "tuesday" | "wednesday" | "thursday" | "friday" | "saturday";
830
+ timezone: string;
831
+ time?: string | undefined;
832
+ cronjob?: string | undefined;
833
+ };
827
834
  directory?: string | undefined;
828
835
  directories?: string[] | undefined;
829
836
  'exclude-paths'?: string[] | undefined;
@@ -868,13 +875,6 @@ declare const DependabotConfigSchema: z.ZodPipe<z.ZodObject<{
868
875
  } | undefined;
869
876
  'rebase-strategy'?: string | undefined;
870
877
  registries?: string[] | undefined;
871
- schedule?: {
872
- interval: "daily" | "weekly" | "monthly" | "quarterly" | "semiannually" | "yearly" | "cron";
873
- day: "sunday" | "monday" | "tuesday" | "wednesday" | "thursday" | "friday" | "saturday";
874
- timezone: string;
875
- time?: string | undefined;
876
- cronjob?: string | undefined;
877
- } | undefined;
878
878
  'target-branch'?: string | undefined;
879
879
  vendor?: boolean | undefined;
880
880
  'versioning-strategy'?: "auto" | "increase" | "increase-if-necessary" | "lockfile-only" | "widen" | undefined;
@@ -954,6 +954,13 @@ declare const DependabotConfigSchema: z.ZodPipe<z.ZodObject<{
954
954
  version: number;
955
955
  updates: {
956
956
  'package-ecosystem': "bundler" | "cargo" | "composer" | "conda" | "pub" | "docker" | "elm" | "gradle" | "maven" | "nuget" | "pip" | "swift" | "terraform" | "devcontainers" | "bun" | "uv" | "vcpkg" | "helm" | "julia" | "bazel" | "opentofu" | "docker-compose" | "dotnet-sdk" | "mix" | "gitsubmodule" | "github-actions" | "gomod" | "npm" | "pip-compile" | "pipenv" | "pnpm" | "poetry" | "rust-toolchain" | "yarn";
957
+ schedule: {
958
+ interval: "daily" | "weekly" | "monthly" | "quarterly" | "semiannually" | "yearly" | "cron";
959
+ day: "sunday" | "monday" | "tuesday" | "wednesday" | "thursday" | "friday" | "saturday";
960
+ timezone: string;
961
+ time?: string | undefined;
962
+ cronjob?: string | undefined;
963
+ };
957
964
  directory?: string | undefined;
958
965
  directories?: string[] | undefined;
959
966
  'exclude-paths'?: string[] | undefined;
@@ -998,13 +1005,6 @@ declare const DependabotConfigSchema: z.ZodPipe<z.ZodObject<{
998
1005
  } | undefined;
999
1006
  'rebase-strategy'?: string | undefined;
1000
1007
  registries?: string[] | undefined;
1001
- schedule?: {
1002
- interval: "daily" | "weekly" | "monthly" | "quarterly" | "semiannually" | "yearly" | "cron";
1003
- day: "sunday" | "monday" | "tuesday" | "wednesday" | "thursday" | "friday" | "saturday";
1004
- timezone: string;
1005
- time?: string | undefined;
1006
- cronjob?: string | undefined;
1007
- } | undefined;
1008
1008
  'target-branch'?: string | undefined;
1009
1009
  vendor?: boolean | undefined;
1010
1010
  'versioning-strategy'?: "auto" | "increase" | "increase-if-necessary" | "lockfile-only" | "widen" | undefined;
@@ -1055,6 +1055,13 @@ declare const DependabotConfigSchema: z.ZodPipe<z.ZodObject<{
1055
1055
  version: number;
1056
1056
  updates: {
1057
1057
  'package-ecosystem': "bundler" | "cargo" | "composer" | "conda" | "pub" | "docker" | "elm" | "gradle" | "maven" | "nuget" | "pip" | "swift" | "terraform" | "devcontainers" | "bun" | "uv" | "vcpkg" | "helm" | "julia" | "bazel" | "opentofu" | "docker-compose" | "dotnet-sdk" | "mix" | "gitsubmodule" | "github-actions" | "gomod" | "npm" | "pip-compile" | "pipenv" | "pnpm" | "poetry" | "rust-toolchain" | "yarn";
1058
+ schedule: {
1059
+ interval: "daily" | "weekly" | "monthly" | "quarterly" | "semiannually" | "yearly" | "cron";
1060
+ day: "sunday" | "monday" | "tuesday" | "wednesday" | "thursday" | "friday" | "saturday";
1061
+ timezone: string;
1062
+ time?: string | undefined;
1063
+ cronjob?: string | undefined;
1064
+ };
1058
1065
  directory?: string | undefined;
1059
1066
  directories?: string[] | undefined;
1060
1067
  'exclude-paths'?: string[] | undefined;
@@ -1099,13 +1106,6 @@ declare const DependabotConfigSchema: z.ZodPipe<z.ZodObject<{
1099
1106
  } | undefined;
1100
1107
  'rebase-strategy'?: string | undefined;
1101
1108
  registries?: string[] | undefined;
1102
- schedule?: {
1103
- interval: "daily" | "weekly" | "monthly" | "quarterly" | "semiannually" | "yearly" | "cron";
1104
- day: "sunday" | "monday" | "tuesday" | "wednesday" | "thursday" | "friday" | "saturday";
1105
- timezone: string;
1106
- time?: string | undefined;
1107
- cronjob?: string | undefined;
1108
- } | undefined;
1109
1109
  'target-branch'?: string | undefined;
1110
1110
  vendor?: boolean | undefined;
1111
1111
  'versioning-strategy'?: "auto" | "increase" | "increase-if-necessary" | "lockfile-only" | "widen" | undefined;
@@ -1319,6 +1319,7 @@ type DependabotCommitOptions = z.infer<typeof DependabotCommitOptionsSchema>;
1319
1319
  declare const DependabotExperimentsSchema: z.ZodRecord<z.ZodString, z.ZodUnion<readonly [z.ZodString, z.ZodBoolean]>>;
1320
1320
  type DependabotExperiments = z.infer<typeof DependabotExperimentsSchema>;
1321
1321
  declare const DependabotPackageManagerSchema: z.ZodEnum<{
1322
+ hex: "hex";
1322
1323
  bundler: "bundler";
1323
1324
  cargo: "cargo";
1324
1325
  composer: "composer";
@@ -1331,7 +1332,6 @@ declare const DependabotPackageManagerSchema: z.ZodEnum<{
1331
1332
  go_modules: "go_modules";
1332
1333
  gradle: "gradle";
1333
1334
  maven: "maven";
1334
- hex: "hex";
1335
1335
  nuget: "nuget";
1336
1336
  npm_and_yarn: "npm_and_yarn";
1337
1337
  pip: "pip";
@@ -1364,6 +1364,7 @@ declare const DependabotJobConfigSchema: z.ZodObject<{
1364
1364
  recreate: "recreate";
1365
1365
  }>>;
1366
1366
  'package-manager': z.ZodEnum<{
1367
+ hex: "hex";
1367
1368
  bundler: "bundler";
1368
1369
  cargo: "cargo";
1369
1370
  composer: "composer";
@@ -1376,7 +1377,6 @@ declare const DependabotJobConfigSchema: z.ZodObject<{
1376
1377
  go_modules: "go_modules";
1377
1378
  gradle: "gradle";
1378
1379
  maven: "maven";
1379
- hex: "hex";
1380
1380
  nuget: "nuget";
1381
1381
  npm_and_yarn: "npm_and_yarn";
1382
1382
  pip: "pip";
@@ -1496,6 +1496,7 @@ declare const DependabotJobFileSchema: z.ZodObject<{
1496
1496
  recreate: "recreate";
1497
1497
  }>>;
1498
1498
  'package-manager': z.ZodEnum<{
1499
+ hex: "hex";
1499
1500
  bundler: "bundler";
1500
1501
  cargo: "cargo";
1501
1502
  composer: "composer";
@@ -1508,7 +1509,6 @@ declare const DependabotJobFileSchema: z.ZodObject<{
1508
1509
  go_modules: "go_modules";
1509
1510
  gradle: "gradle";
1510
1511
  maven: "maven";
1511
- hex: "hex";
1512
1512
  nuget: "nuget";
1513
1513
  npm_and_yarn: "npm_and_yarn";
1514
1514
  pip: "pip";
@@ -1700,6 +1700,15 @@ declare const DEFAULT_EXPERIMENTS: DependabotExperiments;
1700
1700
  * @returns A map of experiment names to their values.
1701
1701
  */
1702
1702
  declare function parseExperiments(raw?: string): DependabotExperiments | undefined;
1703
+ /**
1704
+ * Set experiment in the given experiments map.
1705
+ * If the experiments map is undefined, a new map will be created.
1706
+ * @param experiments The experiments map to set the experiment in.
1707
+ * @param name The name of the experiment to set.
1708
+ * @param value The value of the experiment to set. Defaults to true.
1709
+ * @returns The updated experiments map.
1710
+ */
1711
+ declare function setExperiment(experiments: DependabotExperiments | undefined, name: string, value?: boolean | string): DependabotExperiments;
1703
1712
  //#endregion
1704
1713
  //#region src/dependabot/job-builder.d.ts
1705
1714
  type DependabotSourceInfo = {
@@ -1750,7 +1759,7 @@ declare class DependabotJobBuilder {
1750
1759
  id,
1751
1760
  command
1752
1761
  }: {
1753
- id?: string;
1762
+ id: string;
1754
1763
  command: DependabotJobConfig['command'];
1755
1764
  }): DependabotJobBuilderOutput;
1756
1765
  /**
@@ -1764,7 +1773,7 @@ declare class DependabotJobBuilder {
1764
1773
  pullRequestToUpdate,
1765
1774
  securityVulnerabilities
1766
1775
  }: {
1767
- id?: string;
1776
+ id: string;
1768
1777
  command: DependabotJobConfig['command'];
1769
1778
  dependencyNamesToUpdate?: string[];
1770
1779
  existingPullRequests: (DependabotExistingPR[] | DependabotExistingGroupPR)[];
@@ -1793,7 +1802,6 @@ declare function mapCredentials({
1793
1802
  githubToken?: string;
1794
1803
  registries?: Record<string, DependabotRegistry>;
1795
1804
  }): DependabotCredential[];
1796
- declare function makeRandomJobId(): string;
1797
1805
  //#endregion
1798
1806
  //#region src/dependabot/server.d.ts
1799
1807
  declare const DependabotRequestTypeSchema: z.ZodEnum<{
@@ -1999,6 +2007,7 @@ declare const DependabotRequestSchema: z.ZodDiscriminatedUnion<[z.ZodObject<{
1999
2007
  }, z.core.$strip>>>;
2000
2008
  metadata: z.ZodOptional<z.ZodNullable<z.ZodObject<{
2001
2009
  ecosystem: z.ZodEnum<{
2010
+ hex: "hex";
2002
2011
  bundler: "bundler";
2003
2012
  cargo: "cargo";
2004
2013
  composer: "composer";
@@ -2011,7 +2020,6 @@ declare const DependabotRequestSchema: z.ZodDiscriminatedUnion<[z.ZodObject<{
2011
2020
  go_modules: "go_modules";
2012
2021
  gradle: "gradle";
2013
2022
  maven: "maven";
2014
- hex: "hex";
2015
2023
  nuget: "nuget";
2016
2024
  npm_and_yarn: "npm_and_yarn";
2017
2025
  pip: "pip";
@@ -2103,6 +2111,7 @@ declare const DependabotRequestSchema: z.ZodDiscriminatedUnion<[z.ZodObject<{
2103
2111
  data: z.ZodArray<z.ZodObject<{
2104
2112
  cooldown: z.ZodObject<{
2105
2113
  ecosystem_name: z.ZodEnum<{
2114
+ hex: "hex";
2106
2115
  bundler: "bundler";
2107
2116
  cargo: "cargo";
2108
2117
  composer: "composer";
@@ -2115,7 +2124,6 @@ declare const DependabotRequestSchema: z.ZodDiscriminatedUnion<[z.ZodObject<{
2115
2124
  go_modules: "go_modules";
2116
2125
  gradle: "gradle";
2117
2126
  maven: "maven";
2118
- hex: "hex";
2119
2127
  nuget: "nuget";
2120
2128
  npm_and_yarn: "npm_and_yarn";
2121
2129
  pip: "pip";
@@ -2318,6 +2326,7 @@ declare const DependabotDependencySubmissionSchema: z.ZodObject<{
2318
2326
  }, z.core.$strip>>>;
2319
2327
  metadata: z.ZodOptional<z.ZodNullable<z.ZodObject<{
2320
2328
  ecosystem: z.ZodEnum<{
2329
+ hex: "hex";
2321
2330
  bundler: "bundler";
2322
2331
  cargo: "cargo";
2323
2332
  composer: "composer";
@@ -2330,7 +2339,6 @@ declare const DependabotDependencySubmissionSchema: z.ZodObject<{
2330
2339
  go_modules: "go_modules";
2331
2340
  gradle: "gradle";
2332
2341
  maven: "maven";
2333
- hex: "hex";
2334
2342
  nuget: "nuget";
2335
2343
  npm_and_yarn: "npm_and_yarn";
2336
2344
  pip: "pip";
@@ -2583,6 +2591,7 @@ type DependabotRecordEcosystemMeta = z.infer<typeof DependabotRecordEcosystemMet
2583
2591
  declare const DependabotRecordCooldownMetaSchema: z.ZodObject<{
2584
2592
  cooldown: z.ZodObject<{
2585
2593
  ecosystem_name: z.ZodEnum<{
2594
+ hex: "hex";
2586
2595
  bundler: "bundler";
2587
2596
  cargo: "cargo";
2588
2597
  composer: "composer";
@@ -2595,7 +2604,6 @@ declare const DependabotRecordCooldownMetaSchema: z.ZodObject<{
2595
2604
  go_modules: "go_modules";
2596
2605
  gradle: "gradle";
2597
2606
  maven: "maven";
2598
- hex: "hex";
2599
2607
  nuget: "nuget";
2600
2608
  npm_and_yarn: "npm_and_yarn";
2601
2609
  pip: "pip";
@@ -2641,5 +2649,5 @@ declare const DependabotMetricSchema: z.ZodObject<{
2641
2649
  }, z.core.$strip>;
2642
2650
  type DependabotMetric = z.infer<typeof DependabotMetricSchema>;
2643
2651
  //#endregion
2644
- export { mapPackageEcosystemToPackageManager as $, DependabotAllowCondition as $t, DependabotRecordUpdateJobUnknownErrorSchema as A, convertPlaceholder as An, DependabotGroupRuleJob as At, DependabotRequestType as B, DependabotRequirement as Bt, DependabotRecordEcosystemMeta as C, VersioningStrategy as Cn, DependabotExistingGroupPRSchema as Ct, DependabotRecordUpdateJobError as D, parseUpdates as Dn, DependabotExperimentsSchema as Dt, DependabotRecordEcosystemVersionsSchema as E, parseRegistries as En, DependabotExperiments as Et, DependabotUpdatePullRequest as F, DependabotJobFileSchema as Ft, DependabotJobBuilderOutput as G, DependabotSecurityAdvisorySchema as Gt, DependabotTokenType as H, DependabotRequirementSource as Ht, DependabotUpdatePullRequestSchema as I, DependabotPackageManager as It, mapAllowedUpdatesFromDependabotConfigToJobConfig as J, DependabotSourceProviderSchema as Jt, DependabotSourceInfo as K, DependabotSource as Kt, CreateApiServerAppOptions as L, DependabotPackageManagerSchema as Lt, DependabotRecordUpdateJobWarningSchema as M, DEPENDABOT_DEFAULT_AUTHOR_EMAIL as Mn, DependabotJobConfig as Mt, DependabotUpdateDependencyList as N, DEPENDABOT_DEFAULT_AUTHOR_NAME as Nn, DependabotJobConfigSchema as Nt, DependabotRecordUpdateJobErrorSchema as O, validateConfiguration as On, DependabotGroupJob as Ot, DependabotUpdateDependencyListSchema as P, GitAuthor as Pn, DependabotJobFile as Pt, mapIgnoreConditionsFromDependabotConfigToJobConfig as Q, FileUpdaterInput as Qt, DependabotRequest as R, DependabotProxyConfig as Rt, DependabotRecordCooldownMetaSchema as S, PackageEcosystemSchema as Sn, DependabotExistingGroupPR as St, DependabotRecordEcosystemVersions as T, parseDependabotConfig as Tn, DependabotExistingPRSchema as Tt, createApiServerApp as U, DependabotRequirementSourceSchema as Ut, DependabotRequestTypeSchema as V, DependabotRequirementSchema as Vt, DependabotJobBuilder as W, DependabotSecurityAdvisory as Wt, mapExperiments as X, FetchedFiles as Xt, mapCredentials as Y, DependabotSourceSchema as Yt, mapGroupsFromDependabotConfigToJobConfig as Z, FileFetcherInput as Zt, DependabotMarkAsProcessed as _, DependabotScheduleSchema as _n, DependabotConditionSchema as _t, DependabotCreatePullRequest as a, DependabotCooldown as an, makeDirectoryKey as at, DependabotMetricSchema as b, POSSIBLE_CONFIG_FILE_PATHS as bn, DependabotDependency as bt, DependabotDependencyFileSchema as c, DependabotGroupSchema as cn, CertificateAuthority as ct, DependabotEcosystemMeta as d, DependabotMultiEcosystemGroup as dn, DependabotAllowedSchema as dt, DependabotAllowConditionSchema as en, mapSecurityAdvisories as et, DependabotEcosystemMetaSchema as f, DependabotMultiEcosystemGroupSchema as fn, DependabotCommand as ft, DependabotIncrementMetricSchema as g, DependabotSchedule as gn, DependabotCondition as gt, DependabotIncrementMetric as h, DependabotRegistrySchema as hn, DependabotCommitOptionsSchema as ht, DependabotClosePullRequestSchema as i, DependabotConfigSchema as in, parseExperiments as it, DependabotRecordUpdateJobWarning as j, extractPlaceholder as jn, DependabotGroupRuleJobSchema as jt, DependabotRecordUpdateJobUnknownError as k, VariableFinderFn as kn, DependabotGroupJobSchema as kt, DependabotDependencySubmission as l, DependabotIgnoreCondition as ln, CertificateAuthoritySchema as lt, DependabotEcosystemVersionManagerSchema as m, DependabotRegistry as mn, DependabotCommitOptions as mt, DependabotClosePullRequestReason as n, DependabotCommitMessageSchema as nn, mapVersionStrategyToRequirementsUpdateStrategy as nt, DependabotCreatePullRequestSchema as o, DependabotCooldownSchema as on, getBranchNameForUpdate as ot, DependabotEcosystemVersionManager as p, DependabotPullRequestBranchName as pn, DependabotCommandSchema as pt, makeRandomJobId as q, DependabotSourceProvider as qt, DependabotClosePullRequestReasonEnum as r, DependabotConfig as rn, DEFAULT_EXPERIMENTS as rt, DependabotDependencyFile as s, DependabotGroup as sn, sanitizeRef as st, DependabotClosePullRequest as t, DependabotCommitMessage as tn, mapSourceFromDependabotConfigToJobConfig as tt, DependabotDependencySubmissionSchema as u, DependabotIgnoreConditionSchema as un, DependabotAllowed as ut, DependabotMarkAsProcessedSchema as v, DependabotUpdate as vn, DependabotCredential as vt, DependabotRecordEcosystemMetaSchema as w, VersioningStrategySchema as wn, DependabotExistingPR as wt, DependabotRecordCooldownMeta as x, PackageEcosystem as xn, DependabotDependencySchema as xt, DependabotMetric as y, DependabotUpdateSchema as yn, DependabotCredentialSchema as yt, DependabotRequestSchema as z, DependabotProxyConfigSchema as zt };
2645
- //# sourceMappingURL=index-vaaBSJ7v.d.mts.map
2652
+ export { mapSecurityAdvisories as $, DependabotAllowCondition as $t, DependabotRecordUpdateJobUnknownErrorSchema as A, convertPlaceholder as An, DependabotGroupRuleJob as At, DependabotRequestType as B, DependabotRequirement as Bt, DependabotRecordEcosystemMeta as C, VersioningStrategy as Cn, DependabotExistingGroupPRSchema as Ct, DependabotRecordUpdateJobError as D, parseUpdates as Dn, DependabotExperimentsSchema as Dt, DependabotRecordEcosystemVersionsSchema as E, parseRegistries as En, DependabotExperiments as Et, DependabotUpdatePullRequest as F, DependabotJobFileSchema as Ft, DependabotJobBuilderOutput as G, DependabotSecurityAdvisorySchema as Gt, DependabotTokenType as H, DependabotRequirementSource as Ht, DependabotUpdatePullRequestSchema as I, DependabotPackageManager as It, mapCredentials as J, DependabotSourceProviderSchema as Jt, DependabotSourceInfo as K, DependabotSource as Kt, CreateApiServerAppOptions as L, DependabotPackageManagerSchema as Lt, DependabotRecordUpdateJobWarningSchema as M, DEPENDABOT_DEFAULT_AUTHOR_EMAIL as Mn, DependabotJobConfig as Mt, DependabotUpdateDependencyList as N, DEPENDABOT_DEFAULT_AUTHOR_NAME as Nn, DependabotJobConfigSchema as Nt, DependabotRecordUpdateJobErrorSchema as O, validateConfiguration as On, DependabotGroupJob as Ot, DependabotUpdateDependencyListSchema as P, GitAuthor as Pn, DependabotJobFile as Pt, mapPackageEcosystemToPackageManager as Q, FileUpdaterInput as Qt, DependabotRequest as R, DependabotProxyConfig as Rt, DependabotRecordCooldownMetaSchema as S, PackageEcosystemSchema as Sn, DependabotExistingGroupPR as St, DependabotRecordEcosystemVersions as T, parseDependabotConfig as Tn, DependabotExistingPRSchema as Tt, createApiServerApp as U, DependabotRequirementSourceSchema as Ut, DependabotRequestTypeSchema as V, DependabotRequirementSchema as Vt, DependabotJobBuilder as W, DependabotSecurityAdvisory as Wt, mapGroupsFromDependabotConfigToJobConfig as X, FetchedFiles as Xt, mapExperiments as Y, DependabotSourceSchema as Yt, mapIgnoreConditionsFromDependabotConfigToJobConfig as Z, FileFetcherInput as Zt, DependabotMarkAsProcessed as _, DependabotScheduleSchema as _n, DependabotConditionSchema as _t, DependabotCreatePullRequest as a, DependabotCooldown as an, makeDirectoryKey as at, DependabotMetricSchema as b, POSSIBLE_CONFIG_FILE_PATHS as bn, DependabotDependency as bt, DependabotDependencyFileSchema as c, DependabotGroupSchema as cn, CertificateAuthority as ct, DependabotEcosystemMeta as d, DependabotMultiEcosystemGroup as dn, DependabotAllowedSchema as dt, DependabotAllowConditionSchema as en, mapSourceFromDependabotConfigToJobConfig as et, DependabotEcosystemMetaSchema as f, DependabotMultiEcosystemGroupSchema as fn, DependabotCommand as ft, DependabotIncrementMetricSchema as g, DependabotSchedule as gn, DependabotCondition as gt, DependabotIncrementMetric as h, DependabotRegistrySchema as hn, DependabotCommitOptionsSchema as ht, DependabotClosePullRequestSchema as i, DependabotConfigSchema as in, setExperiment as it, DependabotRecordUpdateJobWarning as j, extractPlaceholder as jn, DependabotGroupRuleJobSchema as jt, DependabotRecordUpdateJobUnknownError as k, VariableFinderFn as kn, DependabotGroupJobSchema as kt, DependabotDependencySubmission as l, DependabotIgnoreCondition as ln, CertificateAuthoritySchema as lt, DependabotEcosystemVersionManagerSchema as m, DependabotRegistry as mn, DependabotCommitOptions as mt, DependabotClosePullRequestReason as n, DependabotCommitMessageSchema as nn, DEFAULT_EXPERIMENTS as nt, DependabotCreatePullRequestSchema as o, DependabotCooldownSchema as on, getBranchNameForUpdate as ot, DependabotEcosystemVersionManager as p, DependabotPullRequestBranchName as pn, DependabotCommandSchema as pt, mapAllowedUpdatesFromDependabotConfigToJobConfig as q, DependabotSourceProvider as qt, DependabotClosePullRequestReasonEnum as r, DependabotConfig as rn, parseExperiments as rt, DependabotDependencyFile as s, DependabotGroup as sn, sanitizeRef as st, DependabotClosePullRequest as t, DependabotCommitMessage as tn, mapVersionStrategyToRequirementsUpdateStrategy as tt, DependabotDependencySubmissionSchema as u, DependabotIgnoreConditionSchema as un, DependabotAllowed as ut, DependabotMarkAsProcessedSchema as v, DependabotUpdate as vn, DependabotCredential as vt, DependabotRecordEcosystemMetaSchema as w, VersioningStrategySchema as wn, DependabotExistingPR as wt, DependabotRecordCooldownMeta as x, PackageEcosystem as xn, DependabotDependencySchema as xt, DependabotMetric as y, DependabotUpdateSchema as yn, DependabotCredentialSchema as yt, DependabotRequestSchema as z, DependabotProxyConfigSchema as zt };
2653
+ //# sourceMappingURL=index-Byxjhvfz.d.mts.map
package/dist/{job-DQiSYFHb.mjs → job-BxOZ-hqF.mjs} RENAMED
@@ -251,7 +251,7 @@ const DependabotUpdateSchema = z.object({
251
251
  "pull-request-branch-name": DependabotPullRequestBranchNameSchema.optional(),
252
252
  "rebase-strategy": z.string().optional(),
253
253
  registries: z.string().array().optional(),
254
- schedule: DependabotScheduleSchema.optional(),
254
+ schedule: DependabotScheduleSchema,
255
255
  "target-branch": z.string().optional(),
256
256
  vendor: z.boolean().optional(),
257
257
  "versioning-strategy": VersioningStrategySchema.optional(),
@@ -557,4 +557,4 @@ const DependabotJobFileSchema = z.object({ job: DependabotJobConfigSchema });
557
557
 
558
558
  //#endregion
559
559
  export { DependabotScheduleSchema as A, extractPlaceholder as B, DependabotCommitMessageSchema as C, DependabotIgnoreConditionSchema as D, DependabotGroupSchema as E, parseDependabotConfig as F, parseRegistries as I, parseUpdates as L, POSSIBLE_CONFIG_FILE_PATHS as M, PackageEcosystemSchema as N, DependabotMultiEcosystemGroupSchema as O, VersioningStrategySchema as P, validateConfiguration as R, DependabotAllowConditionSchema as S, DependabotCooldownSchema as T, makeDirectoryKey as V, DependabotRequirementSchema as _, DependabotConditionSchema as a, DependabotSourceProviderSchema as b, DependabotExistingGroupPRSchema as c, DependabotGroupJobSchema as d, DependabotGroupRuleJobSchema as f, DependabotProxyConfigSchema as g, DependabotPackageManagerSchema as h, DependabotCommitOptionsSchema as i, DependabotUpdateSchema as j, DependabotRegistrySchema as k, DependabotExistingPRSchema as l, DependabotJobFileSchema as m, DependabotAllowedSchema as n, DependabotCredentialSchema as o, DependabotJobConfigSchema as p, DependabotCommandSchema as r, DependabotDependencySchema as s, CertificateAuthoritySchema as t, DependabotExperimentsSchema as u, DependabotRequirementSourceSchema as v, DependabotConfigSchema as w, DependabotSourceSchema as x, DependabotSecurityAdvisorySchema as y, convertPlaceholder as z };
560
- //# sourceMappingURL=job-DQiSYFHb.mjs.map
560
+ //# sourceMappingURL=job-BxOZ-hqF.mjs.map