@rainy-updates/cli 0.5.4 → 0.5.7

package/dist/bin/dispatch.js

@@ -0,0 +1,150 @@
+import process from "node:process";
+import { check } from "../core/check.js";
+import { upgrade } from "../core/upgrade.js";
+import { warmCache } from "../core/warm-cache.js";
+import { runCi } from "../core/ci.js";
+import { initCiWorkflow } from "../core/init-ci.js";
+import { diffBaseline, saveBaseline } from "../core/baseline.js";
+export async function handleDirectCommand(parsed) {
+    if (parsed.command === "init-ci") {
+        const workflow = await initCiWorkflow(parsed.options.cwd, parsed.options.force, {
+            mode: parsed.options.mode,
+            schedule: parsed.options.schedule,
+        });
+        process.stdout.write(workflow.created
+            ? `Created CI workflow at ${workflow.path}\n`
+            : `CI workflow already exists at ${workflow.path}. Use --force to overwrite.\n`);
+        return true;
+    }
+    if (parsed.command === "baseline") {
+        if (parsed.options.action === "save") {
+            const saved = await saveBaseline(parsed.options);
+            process.stdout.write(`Saved baseline at ${saved.filePath} (${saved.entries} entries)\n`);
+            return true;
+        }
+        const diff = await diffBaseline(parsed.options);
+        const changes = diff.added.length + diff.removed.length + diff.changed.length;
+        if (changes === 0) {
+            process.stdout.write(`No baseline drift detected (${diff.filePath}).\n`);
+            return true;
+        }
+        process.stdout.write(`Baseline drift detected (${diff.filePath}).\n`);
+        if (diff.added.length > 0)
+            process.stdout.write(`Added: ${diff.added.length}\n`);
+        if (diff.removed.length > 0)
+            process.stdout.write(`Removed: ${diff.removed.length}\n`);
+        if (diff.changed.length > 0)
+            process.stdout.write(`Changed: ${diff.changed.length}\n`);
+        process.exitCode = 1;
+        return true;
+    }
+    if (parsed.command === "bisect") {
+        const { runBisect } = await import("../commands/bisect/runner.js");
+        const result = await runBisect(parsed.options);
+        process.exitCode = result.breakingVersion ? 1 : 0;
+        return true;
+    }
+    if (parsed.command === "audit") {
+        const { runAudit } = await import("../commands/audit/runner.js");
+        const result = await runAudit(parsed.options);
+        process.exitCode = result.advisories.length > 0 ? 1 : 0;
+        return true;
+    }
+    if (parsed.command === "health") {
+        const { runHealth } = await import("../commands/health/runner.js");
+        const result = await runHealth(parsed.options);
+        process.exitCode = result.totalFlagged > 0 ? 1 : 0;
+        return true;
+    }
+    if (parsed.command === "unused") {
+        const { runUnused } = await import("../commands/unused/runner.js");
+        const result = await runUnused(parsed.options);
+        process.exitCode = result.totalUnused > 0 || result.totalMissing > 0 ? 1 : 0;
+        return true;
+    }
+    if (parsed.command === "resolve") {
+        const { runResolve } = await import("../commands/resolve/runner.js");
+        const result = await runResolve(parsed.options);
+        process.exitCode = result.errorConflicts > 0 ? 1 : 0;
+        return true;
+    }
+    if (parsed.command === "licenses") {
+        const { runLicenses } = await import("../commands/licenses/runner.js");
+        const result = await runLicenses(parsed.options);
+        process.exitCode = result.totalViolations > 0 ? 1 : 0;
+        return true;
+    }
+    if (parsed.command === "snapshot") {
+        const { runSnapshot } = await import("../commands/snapshot/runner.js");
+        const result = await runSnapshot(parsed.options);
+        process.exitCode = result.errors.length > 0 ? 1 : 0;
+        return true;
+    }
+    if (parsed.command === "review") {
+        const { runReview } = await import("../commands/review/runner.js");
+        const result = await runReview(parsed.options);
+        process.exitCode =
+            result.summary.verdict === "blocked" ||
+                result.summary.verdict === "actionable" ||
+                result.summary.verdict === "review"
+                ? 1
+                : 0;
+        return true;
+    }
+    if (parsed.command === "doctor") {
+        const { runDoctor } = await import("../commands/doctor/runner.js");
+        const result = await runDoctor(parsed.options);
+        process.exitCode = result.verdict === "safe" ? 0 : 1;
+        return true;
+    }
+    if (parsed.command === "dashboard") {
+        const { runDashboard } = await import("../commands/dashboard/runner.js");
+        const result = await runDashboard(parsed.options);
+        process.exitCode = result.errors.length > 0 ? 1 : 0;
+        return true;
+    }
+    if (parsed.command === "ga") {
+        const { runGa } = await import("../commands/ga/runner.js");
+        const result = await runGa(parsed.options);
+        process.exitCode = result.ready ? 0 : 1;
+        return true;
+    }
+    if (parsed.options.interactive &&
+        (parsed.command === "check" ||
+            parsed.command === "upgrade" ||
+            parsed.command === "ci")) {
+        const { runReview } = await import("../commands/review/runner.js");
+        const result = await runReview({
+            ...parsed.options,
+            securityOnly: false,
+            risk: undefined,
+            diff: undefined,
+            applySelected: parsed.command === "upgrade",
+        });
+        process.exitCode =
+            result.summary.verdict === "safe" && result.updates.length === 0 ? 0 : 1;
+        return true;
+    }
+    return false;
+}
+export async function runPrimaryCommand(parsed) {
+    if (parsed.command === "upgrade") {
+        return upgrade(parsed.options);
+    }
+    if (parsed.command === "warm-cache") {
+        return warmCache(parsed.options);
+    }
+    if (parsed.command === "ci") {
+        return runCi(parsed.options);
+    }
+    if (parsed.options.fixPr) {
+        const upgradeOptions = {
+            ...parsed.options,
+            install: false,
+            packageManager: "auto",
+            sync: false,
+        };
+        return upgrade(upgradeOptions);
+    }
+    return check(parsed.options);
+}

package/dist/bin/help.d.ts

@@ -0,0 +1 @@
+export declare function renderHelp(command?: string): string;

package/dist/bin/help.js

@@ -0,0 +1,284 @@
+export function renderHelp(command) {
+    const isCommand = command && !command.startsWith("-");
+    if (isCommand && command === "check") {
+        return `rainy-updates check [options]
+
+Detect candidate dependency updates. This is the first step in the flow:
+  check detects
+  doctor summarizes
+  review decides
+  upgrade applies
+
+Options:
+  --workspace
+  --target patch|minor|major|latest
+  --filter <pattern>
+  --reject <pattern>
+  --dep-kinds deps,dev,optional,peer
+  --concurrency <n>
+  --registry-timeout-ms <n>
+  --registry-retries <n>
+  --cache-ttl <seconds>
+  --stream
+  --policy-file <path>
+  --offline
+  --fix-pr
+  --fix-branch <name>
+  --fix-commit-message <text>
+  --fix-dry-run
+  --fix-pr-no-checkout
+  --fix-pr-batch-size <n>
+  --no-pr-report
+  --json-file <path>
+  --github-output <path>
+  --sarif-file <path>
+  --pr-report-file <path>
+  --fail-on none|patch|minor|major|any
+  --max-updates <n>
+  --group-by none|name|scope|kind|risk
+  --group-max <n>
+  --cooldown-days <n>
+  --pr-limit <n>
+  --only-changed
+  --interactive
+  --show-impact
+  --show-links
+  --show-homepage
+  --lockfile-mode preserve|update|error
+  --log-level error|warn|info|debug
+  --ci`;
+    }
+    if (isCommand && command === "warm-cache") {
+        return `rainy-updates warm-cache [options]
+
+Pre-warm local metadata cache for faster CI checks.
+
+Options:
+  --workspace
+  --target patch|minor|major|latest
+  --filter <pattern>
+  --reject <pattern>
+  --dep-kinds deps,dev,optional,peer
+  --concurrency <n>
+  --registry-timeout-ms <n>
+  --registry-retries <n>
+  --cache-ttl <seconds>
+  --offline
+  --stream
+  --json-file <path>
+  --github-output <path>
+  --sarif-file <path>
+  --pr-report-file <path>`;
+    }
+    if (isCommand && command === "upgrade") {
+        return `rainy-updates upgrade [options]
+
+Apply an approved change set to package.json manifests.
+
+Options:
+  --workspace
+  --sync
+  --install
+  --pm auto|npm|pnpm
+  --target patch|minor|major|latest
+  --policy-file <path>
+  --concurrency <n>
+  --registry-timeout-ms <n>
+  --registry-retries <n>
+  --fix-pr
+  --fix-branch <name>
+  --fix-commit-message <text>
+  --fix-dry-run
+  --fix-pr-no-checkout
+  --fix-pr-batch-size <n>
+  --interactive
+  --lockfile-mode preserve|update|error
+  --no-pr-report
+  --json-file <path>
+  --pr-report-file <path>`;
+    }
+    if (isCommand && command === "ci") {
+        return `rainy-updates ci [options]
+
+Run CI-oriented automation around the same lifecycle:
+  check detects
+  doctor summarizes
+  review decides
+  upgrade applies
+
+Options:
+  --workspace
+  --mode minimal|strict|enterprise
+  --group-by none|name|scope|kind|risk
+  --group-max <n>
+  --cooldown-days <n>
+  --pr-limit <n>
+  --only-changed
+  --offline
+  --concurrency <n>
+  --registry-timeout-ms <n>
+  --registry-retries <n>
+  --stream
+  --fix-pr
+  --fix-branch <name>
+  --fix-commit-message <text>
+  --fix-dry-run
+  --fix-pr-no-checkout
+  --fix-pr-batch-size <n>
+  --no-pr-report
+  --json-file <path>
+  --github-output <path>
+  --sarif-file <path>
+  --pr-report-file <path>
+  --fail-on none|patch|minor|major|any
+  --max-updates <n>
+  --lockfile-mode preserve|update|error
+  --log-level error|warn|info|debug
+  --ci`;
+    }
+    if (isCommand && command === "init-ci") {
+        return `rainy-updates init-ci [options]
+
+Create a GitHub Actions workflow template at:
+  .github/workflows/rainy-updates.yml
+
+Options:
+  --force
+  --mode minimal|strict|enterprise
+  --schedule weekly|daily|off`;
+    }
+    if (isCommand && command === "baseline") {
+        return `rainy-updates baseline [options]
+
+Save or compare dependency baseline snapshots.
+
+Options:
+  --save
+  --check
+  --file <path>
+  --workspace
+  --dep-kinds deps,dev,optional,peer
+  --ci`;
+    }
+    if (isCommand && command === "audit") {
+        return `rainy-updates audit [options]
+
+Scan dependencies for CVEs using OSV.dev and GitHub Advisory Database.
+
+Options:
+  --workspace
+  --severity critical|high|medium|low
+  --summary
+  --report table|summary|json
+  --source auto|osv|github|all
+  --fix
+  --dry-run
+  --commit
+  --pm auto|npm|pnpm|bun|yarn
+  --json-file <path>
+  --concurrency <n>
+  --registry-timeout-ms <n>`;
+    }
+    if (isCommand && command === "review") {
+        return `rainy-updates review [options]
+
+Review is the decision center of Rainy Updates.
+Use it to inspect risk, security, peer, license, and policy context before applying changes.
+
+Options:
+  --workspace
+  --interactive
+  --security-only
+  --risk critical|high|medium|low
+  --diff patch|minor|major|latest
+  --apply-selected
+  --show-changelog
+  --policy-file <path>
+  --json-file <path>
+  --concurrency <n>
+  --registry-timeout-ms <n>
+  --registry-retries <n>`;
+    }
+    if (isCommand && command === "doctor") {
+        return `rainy-updates doctor [options]
+
+Produce a fast summary verdict and point the operator to review when action is needed.
+
+Options:
+  --workspace
+  --verdict-only
+  --include-changelog
+  --json-file <path>`;
+    }
+    if (isCommand && command === "ga") {
+        return `rainy-updates ga [options]
+
+Audit release and CI readiness for Rainy Updates.
+
+Options:
+  --workspace
+  --json-file <path>
+  --cwd <path>`;
+    }
+    return `rainy-updates (rup / rainy-up) <command> [options]
+
+Commands:
+  check       Detect candidate updates
+  doctor      Summarize what matters
+  review      Decide what to do
+  upgrade     Apply the approved change set
+  dashboard   Open the interactive DevOps dashboard (Ink TUI)
+  ci          Run CI-focused orchestration
+  warm-cache  Warm local cache for fast/offline checks
+  init-ci     Scaffold GitHub Actions workflow
+  baseline    Save/check dependency baseline snapshots
+  audit       Scan dependencies for CVEs (OSV.dev + GitHub)
+  health      Detect stale/deprecated/unmaintained packages
+  bisect      Find which version of a dep introduced a failure
+  unused      Detect unused or missing npm dependencies
+  resolve     Check peer dependency conflicts (pure-TS, no subprocess)
+  licenses    Scan dependency licenses and generate SPDX SBOM
+  snapshot    Save, list, restore, and diff dependency state snapshots
+  ga          Audit GA and CI readiness for this checkout
+
+Global options:
+  --cwd <path>
+  --workspace
+  --target patch|minor|major|latest
+  --format table|json|minimal|github|metrics
+  --json-file <path>
+  --github-output <path>
+  --sarif-file <path>
+  --pr-report-file <path>
+  --policy-file <path>
+  --fail-on none|patch|minor|major|any
+  --max-updates <n>
+  --group-by none|name|scope|kind|risk
+  --group-max <n>
+  --cooldown-days <n>
+  --pr-limit <n>
+  --only-changed
+  --interactive
+  --show-impact
+  --show-links
+  --show-homepage
+  --mode minimal|strict|enterprise
+  --fix-pr
+  --fix-branch <name>
+  --fix-commit-message <text>
+  --fix-dry-run
+  --fix-pr-no-checkout
+  --fix-pr-batch-size <n>
+  --no-pr-report
+  --log-level error|warn|info|debug
+  --concurrency <n>
+  --registry-timeout-ms <n>
+  --registry-retries <n>
+  --cache-ttl <seconds>
+  --offline
+  --stream
+  --lockfile-mode preserve|update|error
+  --ci
+  --help, -h
+  --version, -v`;
+}

package/dist/commands/audit/runner.js

@@ -54,7 +54,9 @@ export async function runAudit(options) {
         result.warnings.push("No dependencies found to audit.");
         return result;
     }
-    process.stderr.write(`[audit] Querying ${describeSourceMode(options.sourceMode)} for ${targetResolution.targets.length} dependency version${targetResolution.targets.length === 1 ? "" : "s"}...\n`);
+    if (!options.silent) {
+        process.stderr.write(`[audit] Querying ${describeSourceMode(options.sourceMode)} for ${targetResolution.targets.length} dependency version${targetResolution.targets.length === 1 ? "" : "s"}...\n`);
+    }
     const fetched = await fetchAdvisories(targetResolution.targets, {
         concurrency: options.concurrency,
         registryTimeoutMs: options.registryTimeoutMs,
@@ -77,15 +79,17 @@ export async function runAudit(options) {
     result.advisories = advisories;
     result.packages = summarizeAdvisories(advisories);
     result.autoFixable = advisories.filter((a) => a.patchedVersion !== null).length;
-    if (options.reportFormat === "summary") {
-        process.stdout.write(renderAuditSummary(result.packages) +
-            renderAuditSourceHealth(result.sourceHealth) +
-            "\n");
-    }
-    else if (options.reportFormat === "table" || !options.jsonFile) {
-        process.stdout.write(renderAuditTable(advisories) +
-            renderAuditSourceHealth(result.sourceHealth) +
-            "\n");
+    if (!options.silent) {
+        if (options.reportFormat === "summary") {
+            process.stdout.write(renderAuditSummary(result.packages) +
+                renderAuditSourceHealth(result.sourceHealth) +
+                "\n");
+        }
+        else if (options.reportFormat === "table" || !options.jsonFile) {
+            process.stdout.write(renderAuditTable(advisories) +
+                renderAuditSourceHealth(result.sourceHealth) +
+                "\n");
+        }
     }
     if (options.jsonFile) {
         await writeFileAtomic(options.jsonFile, stableStringify({
@@ -97,7 +101,9 @@ export async function runAudit(options) {
             errors: result.errors,
             warnings: result.warnings,
         }, 2) + "\n");
-        process.stderr.write(`[audit] JSON report written to ${options.jsonFile}\n`);
+        if (!options.silent) {
+            process.stderr.write(`[audit] JSON report written to ${options.jsonFile}\n`);
+        }
     }
     if (options.fix && result.autoFixable > 0) {
         await applyFix(advisories, options);
@@ -120,27 +126,35 @@ async function applyFix(advisories, options) {
     const installArgs = buildInstallArgs(pm, patchMap);
     const installCmd = `${pm} ${installArgs.join(" ")}`;
     if (options.dryRun) {
-        process.stderr.write(`[audit] --dry-run: would execute:\n  ${installCmd}\n`);
-        if (options.commit) {
-            const msg = buildCommitMessage(patchMap);
-            process.stderr.write(`[audit] --dry-run: would commit:\n  git commit -m "${msg}"\n`);
+        if (!options.silent) {
+            process.stderr.write(`[audit] --dry-run: would execute:\n  ${installCmd}\n`);
+            if (options.commit) {
+                const msg = buildCommitMessage(patchMap);
+                process.stderr.write(`[audit] --dry-run: would commit:\n  git commit -m "${msg}"\n`);
+            }
         }
         return;
     }
-    process.stderr.write(`[audit] Applying ${patchMap.size} fix(es)...\n`);
-    process.stderr.write(`  → ${installCmd}\n`);
+    if (!options.silent) {
+        process.stderr.write(`[audit] Applying ${patchMap.size} fix(es)...\n`);
+        process.stderr.write(`  → ${installCmd}\n`);
+    }
     try {
         await runCommand(pm, installArgs, options.cwd);
     }
     catch (err) {
-        process.stderr.write(`[audit] Install failed: ${String(err)}\n`);
+        if (!options.silent) {
+            process.stderr.write(`[audit] Install failed: ${String(err)}\n`);
+        }
         return;
     }
-    process.stderr.write(`[audit] ✔ Patches applied successfully.\n`);
+    if (!options.silent) {
+        process.stderr.write(`[audit] ✔ Patches applied successfully.\n`);
+    }
     if (options.commit) {
-        await commitFix(patchMap, options.cwd);
+        await commitFix(patchMap, options.cwd, options.silent);
     }
-    else {
+    else if (!options.silent) {
         process.stderr.write(`[audit] Tip: run with --commit to automatically commit the changes.\n`);
     }
 }
@@ -157,7 +171,7 @@ function buildInstallArgs(pm, patchMap) {
             return ["install", ...packages]; // npm
     }
 }
-async function commitFix(patchMap, cwd) {
+async function commitFix(patchMap, cwd, silent) {
     const msg = buildCommitMessage(patchMap);
     try {
         // Stage all modified files (package.json + lockfiles)
@@ -171,12 +185,15 @@ async function commitFix(patchMap, cwd) {
             "bun.lockb",
         ], cwd, true);
         await runCommand("git", ["commit", "-m", msg], cwd);
-        process.stderr.write(`[audit] ✔ Committed: "${msg}"\n`);
+        if (!silent)
+            process.stderr.write(`[audit] ✔ Committed: "${msg}"\n`);
     }
     catch (err) {
-        process.stderr.write(`[audit] Git commit failed: ${String(err)}\n`);
-        process.stderr.write(`[audit] Changes are applied — commit manually with:\n`);
-        process.stderr.write(`  git add -A && git commit -m "${msg}"\n`);
+        if (!silent) {
+            process.stderr.write(`[audit] Git commit failed: ${String(err)}\n`);
+            process.stderr.write(`[audit] Changes are applied — commit manually with:\n`);
+            process.stderr.write(`  git add -A && git commit -m "${msg}"\n`);
+        }
     }
 }
 function buildCommitMessage(patchMap) {

package/dist/commands/dashboard/parser.d.ts

@@ -0,0 +1,2 @@
+import type { DashboardOptions } from "../../types/index.js";
+export declare function parseDashboardArgs(args: string[]): DashboardOptions;

package/dist/commands/dashboard/parser.js

@@ -0,0 +1,59 @@
+export function parseDashboardArgs(args) {
+    const options = {
+        cwd: process.cwd(),
+        target: "latest",
+        includeKinds: [
+            "dependencies",
+            "devDependencies",
+            "optionalDependencies",
+            "peerDependencies",
+        ],
+        cacheTtlSeconds: 3600,
+        ci: false,
+        format: "table",
+        workspace: false,
+        concurrency: 16,
+        registryTimeoutMs: 8000,
+        registryRetries: 3,
+        offline: false,
+        stream: false,
+        logLevel: "info",
+        groupBy: "none",
+        onlyChanged: false,
+        ciProfile: "minimal",
+        lockfileMode: "preserve",
+        interactive: true,
+        showImpact: false,
+        showHomepage: true,
+    };
+    for (let i = 0; i < args.length; i++) {
+        const arg = args[i];
+        const nextArg = args[i + 1];
+        if (arg === "--view" && nextArg) {
+            if (nextArg === "dependencies" ||
+                nextArg === "security" ||
+                nextArg === "health") {
+                options.view = nextArg;
+            }
+            else {
+                throw new Error(`Invalid --view: ${nextArg}`);
+            }
+            i++;
+            continue;
+        }
+        if (arg === "--view") {
+            throw new Error("Missing value for --view");
+        }
+        // Pass through common workspace / cwd args
+        if (arg === "--workspace") {
+            options.workspace = true;
+            continue;
+        }
+        if (arg === "--cwd" && nextArg) {
+            options.cwd = nextArg;
+            i++;
+            continue;
+        }
+    }
+    return options;
+}

package/dist/commands/dashboard/runner.d.ts

@@ -0,0 +1,2 @@
+import type { DashboardOptions, DashboardResult } from "../../types/index.js";
+export declare function runDashboard(options: DashboardOptions): Promise<DashboardResult>;

package/dist/commands/dashboard/runner.js

@@ -0,0 +1,47 @@
+import React from "react";
+import { render } from "ink";
+import { loadConfig } from "../../config/loader.js";
+import { DashboardTUI } from "../../ui/dashboard/DashboardTUI.js";
+// We'll need to load initial state or data before or during the render
+import { check } from "../../core/check.js";
+export async function runDashboard(options) {
+    // Load configuration
+    const resolvedConfig = await loadConfig(options.cwd);
+    // Create an initial check result. In a real scenario, this could run
+    // progressively in the TUI, but for simplicity we fetch initial data first.
+    const checkResult = await check({
+        ...options,
+        // We do not want `check` to exit or log heavily here, the UI will take over.
+        logLevel: "error",
+    });
+    // Render the interactive Ink Dashboard
+    const { waitUntilExit } = render(React.createElement(DashboardTUI, {
+        options,
+        initialResult: checkResult,
+    }));
+    await waitUntilExit();
+    const finalStore = await import("../../ui/dashboard/store.js");
+    const finalState = finalStore.getStore()?.getState();
+    if (finalState?.shouldApply) {
+        process.stderr.write("[dashboard] Applying updates...\n");
+        const { applySelectedUpdates } = await import("../../core/upgrade.js");
+        const { detectPackageManager } = await import("../../pm/detect.js");
+        const { installDependencies } = await import("../../pm/install.js");
+        await applySelectedUpdates({
+            ...options,
+            install: false, // We handle installation explicitly below
+            packageManager: "auto",
+            sync: true,
+            lockfileMode: options.lockfileMode || "preserve",
+        }, finalState.updates);
+        // Install using the correct package manager if desired
+        const detected = await detectPackageManager(options.cwd);
+        await installDependencies(options.cwd, "auto", detected);
+        process.stderr.write("[dashboard] Successfully applied updates and installed dependencies.\n");
+    }
+    return {
+        completed: true,
+        errors: [],
+        warnings: [],
+    };
+}