@pnpm/deps.compliance.commands 1101.2.8 → 1101.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -1,4 +1,5 @@
1
- import { docsUrl, TABLE_OPTIONS } from '@pnpm/cli.utils';
1
+ import { checkbox, Separator } from '@inquirer/prompts';
2
+ import { docsUrl, interactivePromptPageSize, TABLE_OPTIONS } from '@pnpm/cli.utils';
2
3
  import { types as allTypes } from '@pnpm/config.reader';
3
4
  import { audit, normalizeGhsaId } from '@pnpm/deps.compliance.audit';
4
5
  import { PnpmError } from '@pnpm/error';
@@ -7,7 +8,6 @@ import { globalInfo } from '@pnpm/logger';
7
8
  import { createGetAuthHeaderByURI } from '@pnpm/network.auth-header';
8
9
  import { table } from '@zkochan/table';
9
10
  import chalk, {} from 'chalk';
10
- import enquirer from 'enquirer';
11
11
  import { pick, pickBy } from 'ramda';
12
12
  import { renderHelp } from 'render-help';
13
13
  import { createAuditNetworkOptions, loadAuditContext } from './auditContext.js';
@@ -386,65 +386,61 @@ function filterAdvisoriesForFix(advisories, opts) {
386
386
  }));
387
387
  }
388
388
  async function interactiveAuditFix(auditReport) {
389
- const choices = getAuditFixChoices(Object.values(auditReport.advisories));
390
- if (choices.length === 0) {
389
+ const choiceGroups = getAuditFixChoices(Object.values(auditReport.advisories));
390
+ if (choiceGroups.length === 0) {
391
391
  return auditReport;
392
392
  }
393
- const { selectedVulnerabilities } = await enquirer.prompt({
394
- choices,
395
- footer: '\nEnter to start fixing. Ctrl-c to cancel.',
396
- indicator(state, choice) {
397
- return ` ${choice.enabled ? '●' : '○'}`;
398
- },
399
- message: 'Choose which vulnerabilities to fix ' +
400
- `(Press ${chalk.cyan('<space>')} to select, ` +
401
- `${chalk.cyan('<a>')} to toggle all, ` +
402
- `${chalk.cyan('<i>')} to invert selection)`,
403
- name: 'selectedVulnerabilities',
404
- pointer: '❯',
405
- result() {
406
- return this.selected;
407
- },
408
- format() {
409
- if (!this.state.submitted || this.state.cancelled)
410
- return '';
411
- if (Array.isArray(this.selected)) {
412
- return this.selected
413
- .filter((choice) => !/^\[.+\]$/.test(choice.name))
414
- .map((choice) => this.styles.primary(choice.name)).join(', ');
393
+ const flatChoices = [];
394
+ for (const group of choiceGroups) {
395
+ flatChoices.push(new Separator(chalk.bold(`── ${group.message} ──`)));
396
+ for (const choice of group.choices) {
397
+ if (choice.disabled) {
398
+ flatChoices.push(new Separator(` ${choice.message ?? choice.name}`));
415
399
  }
416
- return this.styles.primary(this.selected.name);
417
- },
418
- styles: {
419
- dark: chalk.reset,
420
- em: chalk.bgBlack.whiteBright,
421
- success: chalk.reset,
422
- },
423
- type: 'multiselect',
424
- validate(value) {
425
- if (value.length === 0) {
426
- return 'You must choose at least one vulnerability.';
400
+ else {
401
+ flatChoices.push({
402
+ name: choice.message,
403
+ value: choice.value,
404
+ });
427
405
  }
428
- return true;
429
- },
430
- j() {
431
- return this.down();
432
- },
433
- k() {
434
- return this.up();
435
- },
436
- cancel() {
437
- // By default, canceling the prompt via Ctrl+c throws an empty string.
438
- // The custom cancel function prevents that behavior.
439
- // Otherwise, pnpm CLI would print an error and confuse users.
440
- // See related issue: https://github.com/enquirer/enquirer/issues/225
406
+ }
407
+ }
408
+ const message = 'Choose which vulnerabilities to fix ' +
409
+ `(Press ${chalk.cyan('<space>')} to select, ` +
410
+ `${chalk.cyan('<a>')} to toggle all, ` +
411
+ `${chalk.cyan('<i>')} to invert selection)\n\nEnter to start fixing. Ctrl-c to cancel.`;
412
+ let selectedKeys;
413
+ try {
414
+ selectedKeys = await checkbox({
415
+ choices: flatChoices,
416
+ pageSize: interactivePromptPageSize(),
417
+ message,
418
+ required: true,
419
+ validate: (values) => {
420
+ if (values.length === 0) {
421
+ return 'You must choose at least one vulnerability.';
422
+ }
423
+ return true;
424
+ },
425
+ theme: {
426
+ icon: { checked: '●', unchecked: '○', cursor: '❯' },
427
+ style: {
428
+ highlight: (text) => text,
429
+ },
430
+ keybindings: ['vim'],
431
+ },
432
+ });
433
+ }
434
+ catch (err) {
435
+ if (err instanceof Error && err.name === 'ExitPromptError') {
441
436
  globalInfo('Audit fix canceled');
442
437
  process.exit(0);
443
- },
444
- }); // eslint-disable-line @typescript-eslint/no-explicit-any
445
- const selectedKeys = new Set(selectedVulnerabilities.map((c) => c.value));
438
+ }
439
+ throw err;
440
+ }
441
+ const selectedKeySet = new Set(selectedKeys);
446
442
  const selectedAdvisories = Object.fromEntries(Object.entries(auditReport.advisories)
447
- .filter(([, advisory]) => selectedKeys.has(`${advisory.module_name}@${advisory.vulnerable_versions}`)));
443
+ .filter(([, advisory]) => selectedKeySet.has(`${advisory.module_name}@${advisory.vulnerable_versions}`)));
448
444
  return { ...auditReport, advisories: selectedAdvisories };
449
445
  }
450
446
  //# sourceMappingURL=audit.js.map
@@ -2,6 +2,7 @@ import type { AuditAdvisory } from '@pnpm/deps.compliance.audit';
2
2
  export interface AuditChoiceRow {
3
3
  name: string;
4
4
  value: string;
5
+ message: string;
5
6
  disabled?: boolean;
6
7
  }
7
8
  type AuditChoiceGroup = Array<{
@@ -56,6 +56,7 @@ export function getAuditFixChoices(advisories) {
56
56
  if (i === 0) {
57
57
  return {
58
58
  name: rendered[i],
59
+ message: rendered[i],
59
60
  value: '',
60
61
  disabled: true,
61
62
  hint: '',
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@pnpm/deps.compliance.commands",
3
- "version": "1101.2.8",
3
+ "version": "1101.3.0",
4
4
  "description": "pnpm commands for audit, licenses, and sbom",
5
5
  "keywords": [
6
6
  "pnpm",
@@ -27,44 +27,43 @@
27
27
  "!*.map"
28
28
  ],
29
29
  "dependencies": {
30
+ "@inquirer/prompts": "^8.4.3",
30
31
  "@zkochan/table": "^2.0.1",
31
32
  "chalk": "^5.6.2",
32
- "enquirer": "^2.4.1",
33
33
  "memoize": "^10.2.0",
34
34
  "ramda": "npm:@pnpm/ramda@0.28.1",
35
35
  "render-help": "^2.0.0",
36
36
  "semver": "^7.8.1",
37
37
  "@pnpm/cli.command": "1100.0.1",
38
38
  "@pnpm/cli.common-cli-options-help": "1100.0.1",
39
+ "@pnpm/cli.utils": "1101.0.8",
39
40
  "@pnpm/cli.meta": "1100.0.5",
40
- "@pnpm/config.reader": "1101.4.1",
41
+ "@pnpm/config.pick-registry-for-package": "1100.0.6",
42
+ "@pnpm/config.reader": "1101.5.0",
41
43
  "@pnpm/config.writer": "1100.0.10",
42
- "@pnpm/deps.compliance.audit": "1101.0.10",
43
44
  "@pnpm/constants": "1100.0.0",
45
+ "@pnpm/deps.compliance.audit": "1101.0.11",
44
46
  "@pnpm/deps.compliance.license-resolver": "1100.0.0",
45
- "@pnpm/config.pick-registry-for-package": "1100.0.6",
46
- "@pnpm/deps.compliance.sbom": "1100.1.5",
47
47
  "@pnpm/deps.compliance.license-scanner": "1100.0.15",
48
+ "@pnpm/deps.compliance.sbom": "1100.1.5",
49
+ "@pnpm/deps.security.signatures": "1101.1.5",
48
50
  "@pnpm/error": "1100.0.0",
49
- "@pnpm/installing.commands": "1100.6.0",
50
- "@pnpm/deps.security.signatures": "1101.1.4",
51
51
  "@pnpm/lockfile.fs": "1100.1.2",
52
52
  "@pnpm/lockfile.types": "1100.0.8",
53
- "@pnpm/cli.utils": "1101.0.8",
53
+ "@pnpm/installing.commands": "1100.7.0",
54
+ "@pnpm/lockfile.utils": "1100.0.10",
54
55
  "@pnpm/lockfile.walker": "1100.0.8",
55
56
  "@pnpm/network.auth-header": "1101.0.0",
56
- "@pnpm/object.key-sorting": "1100.0.0",
57
57
  "@pnpm/store.path": "1100.0.1",
58
+ "@pnpm/object.key-sorting": "1100.0.0",
58
59
  "@pnpm/types": "1101.2.0",
59
- "@pnpm/workspace.project-manifest-reader": "1100.0.9",
60
- "@pnpm/lockfile.utils": "1100.0.10"
60
+ "@pnpm/workspace.project-manifest-reader": "1100.0.9"
61
61
  },
62
62
  "peerDependencies": {
63
63
  "@pnpm/logger": "^1001.0.1"
64
64
  },
65
65
  "devDependencies": {
66
66
  "@jest/globals": "30.3.0",
67
- "@pnpm/registry-mock": "6.0.0",
68
67
  "@types/ramda": "0.31.1",
69
68
  "@types/semver": "7.7.1",
70
69
  "@types/zkochan__table": "npm:@types/table@6.0.0",
@@ -72,15 +71,15 @@
72
71
  "nock": "13.3.4",
73
72
  "read-yaml-file": "^3.0.0",
74
73
  "tempy": "3.0.0",
74
+ "@pnpm/deps.compliance.commands": "1101.3.0",
75
75
  "@pnpm/logger": "1100.0.0",
76
76
  "@pnpm/pkg-manifest.reader": "1100.0.5",
77
- "@pnpm/prepare": "1100.0.11",
77
+ "@pnpm/prepare": "1100.0.12",
78
78
  "@pnpm/test-fixtures": "1100.0.0",
79
- "@pnpm/testing.mock-agent": "1100.0.7",
80
- "@pnpm/testing.registry-mock": "1100.0.1",
81
- "@pnpm/workspace.projects-filter": "1100.0.16",
82
- "@pnpm/testing.command-defaults": "1100.0.1",
83
- "@pnpm/deps.compliance.commands": "1101.2.8"
79
+ "@pnpm/testing.command-defaults": "1100.0.2",
80
+ "@pnpm/testing.mock-agent": "1100.0.8",
81
+ "@pnpm/testing.registry-mock": "1100.0.2",
82
+ "@pnpm/workspace.projects-filter": "1100.0.17"
84
83
  },
85
84
  "engines": {
86
85
  "node": ">=22.13"