@rainy-updates/cli 0.5.6 → 0.6.0

package/dist/config/policy.js

@@ -1,19 +1,24 @@
-import { promises as fs } from "node:fs";
 import path from "node:path";
 export async function loadPolicy(cwd, policyFile) {
-    const candidates = policyFile ? [policyFile] : [
-        path.join(cwd, ".rainyupdates-policy.json"),
-        path.join(cwd, "rainy-updates.policy.json"),
-    ];
+    const candidates = policyFile
+        ? [policyFile]
+        : [
+            path.join(cwd, ".rainyupdates-policy.json"),
+            path.join(cwd, "rainy-updates.policy.json"),
+        ];
     for (const candidate of candidates) {
-        const filePath = path.isAbsolute(candidate) ? candidate : path.resolve(cwd, candidate);
+        const filePath = path.isAbsolute(candidate)
+            ? candidate
+            : path.resolve(cwd, candidate);
         try {
-            const content = await fs.readFile(filePath, "utf8");
-            const parsed = JSON.parse(content);
+            const parsed = (await Bun.file(filePath).json());
             return {
                 ignorePatterns: parsed.ignore ?? [],
                 cooldownDays: asNonNegativeInt(parsed.cooldownDays),
-                packageRules: new Map(Object.entries(parsed.packageRules ?? {}).map(([pkg, rule]) => [pkg, normalizeRule(rule)])),
+                packageRules: new Map(Object.entries(parsed.packageRules ?? {}).map(([pkg, rule]) => [
+                    pkg,
+                    normalizeRule(rule),
+                ])),
                 matchRules: Object.values(parsed.packageRules ?? {})
                     .map((rule) => normalizeRule(rule))
                     .filter((rule) => typeof rule.match === "string" && rule.match.length > 0),
@@ -44,7 +49,9 @@ function normalizeRule(rule) {
         maxUpdatesPerRun: asNonNegativeInt(rule.maxUpdatesPerRun),
         cooldownDays: asNonNegativeInt(rule.cooldownDays),
         allowPrerelease: rule.allowPrerelease === true,
-        group: typeof rule.group === "string" && rule.group.trim().length > 0 ? rule.group.trim() : undefined,
+        group: typeof rule.group === "string" && rule.group.trim().length > 0
+            ? rule.group.trim()
+            : undefined,
         priority: asNonNegativeInt(rule.priority),
         target: rule.target,
         autofix: rule.autofix !== false,
@@ -60,7 +67,9 @@ function matchesPattern(value, pattern) {
         return false;
     if (pattern === "*")
         return true;
-    const escaped = pattern.replace(/[.+^${}()|[\]\\]/g, "\\$&").replace(/\*/g, ".*");
+    const escaped = pattern
+        .replace(/[.+^${}()|[\]\\]/g, "\\$&")
+        .replace(/\*/g, ".*");
     const regex = new RegExp(`^${escaped}$`);
     return regex.test(value);
 }

package/dist/core/analysis/options.d.ts

@@ -0,0 +1,6 @@
+import type { AuditOptions, CheckOptions, HealthOptions, LicenseOptions, ResolveOptions, UnusedOptions } from "../../types/index.js";
+export declare function toAuditOptions(options: CheckOptions): AuditOptions;
+export declare function toResolveOptions(options: CheckOptions): ResolveOptions;
+export declare function toHealthOptions(options: CheckOptions): HealthOptions;
+export declare function toLicenseOptions(options: CheckOptions): LicenseOptions;
+export declare function toUnusedOptions(options: CheckOptions): UnusedOptions;

package/dist/core/analysis/options.js

@@ -0,0 +1,69 @@
+export function toAuditOptions(options) {
+    return {
+        cwd: options.cwd,
+        workspace: options.workspace,
+        severity: undefined,
+        fix: false,
+        dryRun: true,
+        commit: false,
+        packageManager: "auto",
+        reportFormat: "json",
+        sourceMode: "auto",
+        jsonFile: undefined,
+        concurrency: options.concurrency,
+        registryTimeoutMs: options.registryTimeoutMs,
+        silent: true,
+    };
+}
+export function toResolveOptions(options) {
+    return {
+        cwd: options.cwd,
+        workspace: options.workspace,
+        afterUpdate: true,
+        safe: false,
+        jsonFile: undefined,
+        concurrency: options.concurrency,
+        registryTimeoutMs: options.registryTimeoutMs,
+        cacheTtlSeconds: options.cacheTtlSeconds,
+        silent: true,
+    };
+}
+export function toHealthOptions(options) {
+    return {
+        cwd: options.cwd,
+        workspace: options.workspace,
+        staleDays: 365,
+        includeDeprecated: true,
+        includeAlternatives: false,
+        reportFormat: "json",
+        jsonFile: undefined,
+        concurrency: options.concurrency,
+        registryTimeoutMs: options.registryTimeoutMs,
+    };
+}
+export function toLicenseOptions(options) {
+    return {
+        cwd: options.cwd,
+        workspace: options.workspace,
+        allow: undefined,
+        deny: undefined,
+        sbomFile: undefined,
+        jsonFile: undefined,
+        diffMode: false,
+        concurrency: options.concurrency,
+        registryTimeoutMs: options.registryTimeoutMs,
+        cacheTtlSeconds: options.cacheTtlSeconds,
+    };
+}
+export function toUnusedOptions(options) {
+    return {
+        cwd: options.cwd,
+        workspace: options.workspace,
+        srcDirs: ["src", "."],
+        includeDevDependencies: true,
+        fix: false,
+        dryRun: true,
+        jsonFile: undefined,
+        concurrency: options.concurrency,
+    };
+}

package/dist/core/analysis/review-items.d.ts

@@ -0,0 +1,4 @@
+import type { AnalysisBundle, AuditResult, PackageUpdate, ResolveResult, ReviewItem, UnusedResult } from "../../types/index.js";
+export declare function buildReviewItems(updates: PackageUpdate[], auditResult: AuditResult, resolveResult: ResolveResult, healthResult: AnalysisBundle["health"], licenseResult: AnalysisBundle["licenses"], unusedResult: UnusedResult, config: {
+    includeChangelog?: boolean;
+}): Promise<ReviewItem[]>;

package/dist/core/analysis/review-items.js

@@ -0,0 +1,128 @@
+import { fetchChangelog } from "../../commands/changelog/fetcher.js";
+import { applyRiskAssessments } from "../../risk/index.js";
+import { applyImpactScores } from "../impact.js";
+export async function buildReviewItems(updates, auditResult, resolveResult, healthResult, licenseResult, unusedResult, config) {
+    const advisoryPackages = new Set(auditResult.packages.map((pkg) => pkg.packageName));
+    const impactedUpdates = applyImpactScores(updates, {
+        advisoryPackages,
+        workspaceDependentCount: (name) => updates.filter((item) => item.name === name).length,
+    });
+    const healthByName = new Map(healthResult.metrics.map((metric) => [metric.name, metric]));
+    const advisoriesByName = new Map();
+    const conflictsByName = new Map();
+    const licenseByName = new Map(licenseResult.packages.map((pkg) => [pkg.name, pkg]));
+    const licenseViolationNames = new Set(licenseResult.violations.map((pkg) => pkg.name));
+    const unusedByName = new Map();
+    for (const advisory of auditResult.advisories) {
+        const list = advisoriesByName.get(advisory.packageName) ?? [];
+        list.push(advisory);
+        advisoriesByName.set(advisory.packageName, list);
+    }
+    for (const conflict of resolveResult.conflicts) {
+        const list = conflictsByName.get(conflict.requester) ?? [];
+        list.push(conflict);
+        conflictsByName.set(conflict.requester, list);
+        const peerList = conflictsByName.get(conflict.peer) ?? [];
+        peerList.push(conflict);
+        conflictsByName.set(conflict.peer, peerList);
+    }
+    for (const issue of [...unusedResult.unused, ...unusedResult.missing]) {
+        const list = unusedByName.get(issue.name) ?? [];
+        list.push(issue);
+        unusedByName.set(issue.name, list);
+    }
+    const enrichedUpdates = await maybeAttachReleaseNotes(impactedUpdates, Boolean(config.includeChangelog));
+    return applyRiskAssessments(enrichedUpdates.map((update) => enrichUpdate(update, advisoriesByName, conflictsByName, healthByName, licenseByName, licenseViolationNames, unusedByName)), {
+        knownPackageNames: new Set(updates.map((item) => item.name)),
+    }).map((item) => ({
+        ...item,
+        update: {
+            ...item.update,
+            policyAction: derivePolicyAction(item),
+            decisionState: deriveDecisionState(item),
+            selectedByDefault: deriveDecisionState(item) !== "blocked",
+            blockedReason: deriveDecisionState(item) === "blocked"
+                ? item.update.recommendedAction
+                : undefined,
+            monitorReason: item.update.healthStatus === "stale" ? "Package health should be monitored." : undefined,
+        },
+    }));
+}
+function enrichUpdate(update, advisoriesByName, conflictsByName, healthByName, licenseByName, licenseViolationNames, unusedByName) {
+    const advisories = advisoriesByName.get(update.name) ?? [];
+    const peerConflicts = conflictsByName.get(update.name) ?? [];
+    const health = healthByName.get(update.name);
+    const license = licenseByName.get(update.name);
+    const unusedIssues = unusedByName.get(update.name) ?? [];
+    return {
+        update: {
+            ...update,
+            advisoryCount: advisories.length,
+            peerConflictSeverity: peerConflicts.some((item) => item.severity === "error")
+                ? "error"
+                : peerConflicts.length > 0
+                    ? "warning"
+                    : "none",
+            licenseStatus: licenseViolationNames.has(update.name)
+                ? "denied"
+                : license
+                    ? "allowed"
+                    : "review",
+            healthStatus: health?.flags[0] ?? "healthy",
+        },
+        advisories,
+        health,
+        peerConflicts,
+        license,
+        unusedIssues,
+        selected: true,
+    };
+}
+function derivePolicyAction(item) {
+    if (item.update.peerConflictSeverity === "error" || item.update.licenseStatus === "denied") {
+        return "block";
+    }
+    if ((item.update.advisoryCount ?? 0) > 0 || item.update.riskLevel === "critical") {
+        return "review";
+    }
+    if (item.update.healthStatus === "stale" || item.update.healthStatus === "archived") {
+        return "monitor";
+    }
+    return "allow";
+}
+function deriveDecisionState(item) {
+    if (item.update.peerConflictSeverity === "error" || item.update.licenseStatus === "denied") {
+        return "blocked";
+    }
+    if ((item.update.advisoryCount ?? 0) > 0 || item.update.riskLevel === "critical") {
+        return "actionable";
+    }
+    if (item.update.riskLevel === "high" || item.update.diffType === "major") {
+        return "review";
+    }
+    return "safe";
+}
+async function maybeAttachReleaseNotes(updates, includeChangelog) {
+    if (!includeChangelog || updates.length === 0) {
+        return updates;
+    }
+    return Promise.all(updates.map(async (update) => ({
+        ...update,
+        releaseNotesSummary: summarizeChangelog(await fetchChangelog(update.name, update.repository)),
+    })));
+}
+function summarizeChangelog(content) {
+    if (!content)
+        return undefined;
+    const lines = content
+        .split(/\r?\n/)
+        .map((line) => line.trim())
+        .filter(Boolean);
+    const title = lines.find((line) => line.startsWith("#"))?.replace(/^#+\s*/, "") ?? "Release notes";
+    const excerpt = lines.find((line) => !line.startsWith("#")) ?? "No summary available.";
+    return {
+        source: content.includes("# Release") ? "github-release" : "changelog-file",
+        title,
+        excerpt: excerpt.slice(0, 240),
+    };
+}

package/dist/core/analysis/run-silenced.d.ts

@@ -0,0 +1 @@
+export declare function runSilenced<T>(fn: () => Promise<T>): Promise<T>;

package/dist/core/analysis/run-silenced.js

@@ -0,0 +1,13 @@
+export async function runSilenced(fn) {
+    const stdoutWrite = process.stdout.write.bind(process.stdout);
+    const stderrWrite = process.stderr.write.bind(process.stderr);
+    process.stdout.write = (() => true);
+    process.stderr.write = (() => true);
+    try {
+        return await fn();
+    }
+    finally {
+        process.stdout.write = stdoutWrite;
+        process.stderr.write = stderrWrite;
+    }
+}

package/dist/core/analysis-bundle.js

@@ -1,7 +1,7 @@
-import { fetchChangelog } from "../commands/changelog/fetcher.js";
-import { applyImpactScores } from "./impact.js";
-import { applyRiskAssessments } from "../risk/index.js";
 import { check } from "./check.js";
+import { toAuditOptions, toHealthOptions, toLicenseOptions, toResolveOptions, toUnusedOptions, } from "./analysis/options.js";
+import { buildReviewItems } from "./analysis/review-items.js";
+import { runSilenced } from "./analysis/run-silenced.js";
 export async function buildAnalysisBundle(options, config = {}) {
     const baseCheckOptions = {
         ...options,
@@ -31,211 +31,3 @@ export async function buildAnalysisBundle(options, config = {}) {
             .map((source) => source.source),
     };
 }
-async function buildReviewItems(updates, auditResult, resolveResult, healthResult, licenseResult, unusedResult, config) {
-    const advisoryPackages = new Set(auditResult.packages.map((pkg) => pkg.packageName));
-    const impactedUpdates = applyImpactScores(updates, {
-        advisoryPackages,
-        workspaceDependentCount: (name) => updates.filter((item) => item.name === name).length,
-    });
-    const healthByName = new Map(healthResult.metrics.map((metric) => [metric.name, metric]));
-    const advisoriesByName = new Map();
-    const conflictsByName = new Map();
-    const licenseByName = new Map(licenseResult.packages.map((pkg) => [pkg.name, pkg]));
-    const licenseViolationNames = new Set(licenseResult.violations.map((pkg) => pkg.name));
-    const unusedByName = new Map();
-    for (const advisory of auditResult.advisories) {
-        const list = advisoriesByName.get(advisory.packageName) ?? [];
-        list.push(advisory);
-        advisoriesByName.set(advisory.packageName, list);
-    }
-    for (const conflict of resolveResult.conflicts) {
-        const list = conflictsByName.get(conflict.requester) ?? [];
-        list.push(conflict);
-        conflictsByName.set(conflict.requester, list);
-        const peerList = conflictsByName.get(conflict.peer) ?? [];
-        peerList.push(conflict);
-        conflictsByName.set(conflict.peer, peerList);
-    }
-    for (const issue of [...unusedResult.unused, ...unusedResult.missing]) {
-        const list = unusedByName.get(issue.name) ?? [];
-        list.push(issue);
-        unusedByName.set(issue.name, list);
-    }
-    const enrichedUpdates = await maybeAttachReleaseNotes(impactedUpdates, Boolean(config.includeChangelog));
-    return applyRiskAssessments(enrichedUpdates.map((update) => enrichUpdate(update, advisoriesByName, conflictsByName, healthByName, licenseByName, licenseViolationNames, unusedByName)), {
-        knownPackageNames: new Set(updates.map((item) => item.name)),
-    }).map((item) => ({
-        ...item,
-        update: {
-            ...item.update,
-            policyAction: derivePolicyAction(item),
-            decisionState: deriveDecisionState(item),
-            selectedByDefault: deriveDecisionState(item) !== "blocked",
-            blockedReason: deriveDecisionState(item) === "blocked"
-                ? item.update.recommendedAction
-                : undefined,
-            monitorReason: item.update.healthStatus === "stale" ? "Package health should be monitored." : undefined,
-        },
-    }));
-}
-function enrichUpdate(update, advisoriesByName, conflictsByName, healthByName, licenseByName, licenseViolationNames, unusedByName) {
-    const advisories = advisoriesByName.get(update.name) ?? [];
-    const peerConflicts = conflictsByName.get(update.name) ?? [];
-    const health = healthByName.get(update.name);
-    const license = licenseByName.get(update.name);
-    const unusedIssues = unusedByName.get(update.name) ?? [];
-    return {
-        update: {
-            ...update,
-            advisoryCount: advisories.length,
-            peerConflictSeverity: peerConflicts.some((item) => item.severity === "error")
-                ? "error"
-                : peerConflicts.length > 0
-                    ? "warning"
-                    : "none",
-            licenseStatus: licenseViolationNames.has(update.name)
-                ? "denied"
-                : license
-                    ? "allowed"
-                    : "review",
-            healthStatus: health?.flags[0] ?? "healthy",
-        },
-        advisories,
-        health,
-        peerConflicts,
-        license,
-        unusedIssues,
-        selected: true,
-    };
-}
-function derivePolicyAction(item) {
-    if (item.update.peerConflictSeverity === "error" || item.update.licenseStatus === "denied") {
-        return "block";
-    }
-    if ((item.update.advisoryCount ?? 0) > 0 || item.update.riskLevel === "critical") {
-        return "review";
-    }
-    if (item.update.healthStatus === "stale" || item.update.healthStatus === "archived") {
-        return "monitor";
-    }
-    return "allow";
-}
-function deriveDecisionState(item) {
-    if (item.update.peerConflictSeverity === "error" || item.update.licenseStatus === "denied") {
-        return "blocked";
-    }
-    if ((item.update.advisoryCount ?? 0) > 0 || item.update.riskLevel === "critical") {
-        return "actionable";
-    }
-    if (item.update.riskLevel === "high" || item.update.diffType === "major") {
-        return "review";
-    }
-    return "safe";
-}
-async function maybeAttachReleaseNotes(updates, includeChangelog) {
-    if (!includeChangelog || updates.length === 0) {
-        return updates;
-    }
-    const enriched = await Promise.all(updates.map(async (update) => ({
-        ...update,
-        releaseNotesSummary: summarizeChangelog(await fetchChangelog(update.name, update.repository)),
-    })));
-    return enriched;
-}
-function summarizeChangelog(content) {
-    if (!content)
-        return undefined;
-    const lines = content
-        .split(/\r?\n/)
-        .map((line) => line.trim())
-        .filter(Boolean);
-    const title = lines.find((line) => line.startsWith("#"))?.replace(/^#+\s*/, "") ?? "Release notes";
-    const excerpt = lines.find((line) => !line.startsWith("#")) ?? "No summary available.";
-    return {
-        source: content.includes("# Release") ? "github-release" : "changelog-file",
-        title,
-        excerpt: excerpt.slice(0, 240),
-    };
-}
-async function runSilenced(fn) {
-    const stdoutWrite = process.stdout.write.bind(process.stdout);
-    const stderrWrite = process.stderr.write.bind(process.stderr);
-    process.stdout.write = (() => true);
-    process.stderr.write = (() => true);
-    try {
-        return await fn();
-    }
-    finally {
-        process.stdout.write = stdoutWrite;
-        process.stderr.write = stderrWrite;
-    }
-}
-function toAuditOptions(options) {
-    return {
-        cwd: options.cwd,
-        workspace: options.workspace,
-        severity: undefined,
-        fix: false,
-        dryRun: true,
-        commit: false,
-        packageManager: "auto",
-        reportFormat: "json",
-        sourceMode: "auto",
-        jsonFile: undefined,
-        concurrency: options.concurrency,
-        registryTimeoutMs: options.registryTimeoutMs,
-        silent: true,
-    };
-}
-function toResolveOptions(options) {
-    return {
-        cwd: options.cwd,
-        workspace: options.workspace,
-        afterUpdate: true,
-        safe: false,
-        jsonFile: undefined,
-        concurrency: options.concurrency,
-        registryTimeoutMs: options.registryTimeoutMs,
-        cacheTtlSeconds: options.cacheTtlSeconds,
-        silent: true,
-    };
-}
-function toHealthOptions(options) {
-    return {
-        cwd: options.cwd,
-        workspace: options.workspace,
-        staleDays: 365,
-        includeDeprecated: true,
-        includeAlternatives: false,
-        reportFormat: "json",
-        jsonFile: undefined,
-        concurrency: options.concurrency,
-        registryTimeoutMs: options.registryTimeoutMs,
-    };
-}
-function toLicenseOptions(options) {
-    return {
-        cwd: options.cwd,
-        workspace: options.workspace,
-        allow: undefined,
-        deny: undefined,
-        sbomFile: undefined,
-        jsonFile: undefined,
-        diffMode: false,
-        concurrency: options.concurrency,
-        registryTimeoutMs: options.registryTimeoutMs,
-        cacheTtlSeconds: options.cacheTtlSeconds,
-    };
-}
-function toUnusedOptions(options) {
-    return {
-        cwd: options.cwd,
-        workspace: options.workspace,
-        srcDirs: ["src", "."],
-        includeDevDependencies: true,
-        fix: false,
-        dryRun: true,
-        jsonFile: undefined,
-        concurrency: options.concurrency,
-    };
-}

package/dist/core/artifacts.js

@@ -1,10 +1,9 @@
-import crypto from "node:crypto";
 import path from "node:path";
 import { stableStringify } from "../utils/stable-json.js";
 import { writeFileAtomic } from "../utils/io.js";
 export function createRunId(command, options, result) {
-    const hash = crypto.createHash("sha256");
-    hash.update(stableStringify({
+    const hasher = new Bun.CryptoHasher("sha256");
+    hasher.update(stableStringify({
         command,
         cwd: path.resolve(options.cwd),
         target: options.target,
@@ -17,14 +16,15 @@ export function createRunId(command, options, result) {
             toRange: update.toRange,
         })),
     }, 0));
-    return hash.digest("hex").slice(0, 16);
+    return hasher.digest("hex").slice(0, 16);
 }
 export async function writeArtifactManifest(command, options, result) {
     const shouldWrite = options.ci ||
         Boolean(options.jsonFile) ||
         Boolean(options.githubOutputFile) ||
         Boolean(options.sarifFile) ||
-        Boolean(options.prReportFile);
+        Boolean(options.prReportFile) ||
+        Boolean(options.verificationReportFile);
     if (!shouldWrite)
         return null;
     const runId = result.summary.runId ?? createRunId(command, options, result);
@@ -41,6 +41,7 @@ export async function writeArtifactManifest(command, options, result) {
             githubOutputFile: options.githubOutputFile,
             sarifFile: options.sarifFile,
             prReportFile: options.prReportFile,
+            verificationReportFile: options.verificationReportFile,
         },
     };
     await writeFileAtomic(artifactManifestPath, stableStringify(manifest, 2) + "\n");

package/dist/core/baseline.js

@@ -1,6 +1,6 @@
-import { promises as fs } from "node:fs";
 import path from "node:path";
 import { collectDependencies, readManifest } from "../parsers/package-json.js";
+import { writeFileAtomic } from "../utils/io.js";
 import { discoverPackageDirs } from "../workspace/discover.js";
 export async function saveBaseline(options) {
     const entries = await collectBaselineEntries(options.cwd, options.workspace, options.includeKinds);
@@ -9,16 +9,14 @@ export async function saveBaseline(options) {
         createdAt: new Date().toISOString(),
         entries,
     };
-    await fs.mkdir(path.dirname(options.filePath), { recursive: true });
-    await fs.writeFile(options.filePath, JSON.stringify(payload, null, 2) + "\n", "utf8");
+    await writeFileAtomic(options.filePath, JSON.stringify(payload, null, 2) + "\n");
     return {
         filePath: options.filePath,
         entries: entries.length,
     };
 }
 export async function diffBaseline(options) {
-    const content = await fs.readFile(options.filePath, "utf8");
-    const baseline = JSON.parse(content);
+    const baseline = (await Bun.file(options.filePath).json());
     const currentEntries = await collectBaselineEntries(options.cwd, options.workspace, options.includeKinds);
     const baselineMap = new Map(baseline.entries.map((entry) => [toKey(entry), entry]));
     const currentMap = new Map(currentEntries.map((entry) => [toKey(entry), entry]));

package/dist/core/check.js

@@ -1,5 +1,4 @@
 import path from "node:path";
-import process from "node:process";
 import { collectDependencies, readManifest } from "../parsers/package-json.js";
 import { matchesPattern } from "../utils/pattern.js";
 import { applyRangeStyle, classifyDiff, clampTarget, pickTargetVersionFromAvailable } from "../utils/semver.js";
@@ -11,6 +10,7 @@ import { loadPolicy, resolvePolicyRule } from "../config/policy.js";
 import { createSummary, finalizeSummary } from "./summary.js";
 import { applyImpactScores } from "./impact.js";
 import { formatClassifiedMessage } from "./errors.js";
+import { writeStdout } from "../utils/runtime.js";
 export async function check(options) {
     const startedAt = Date.now();
     let discoveryMs = 0;
@@ -48,7 +48,7 @@ export async function check(options) {
         if (!options.stream)
             return;
         streamedEvents += 1;
-        process.stdout.write(`${message}\n`);
+        writeStdout(`${message}\n`);
     };
     for (const packageDir of packageDirs) {
         let manifest;

package/dist/core/ci.js

@@ -1,5 +1,8 @@
 import { check } from "./check.js";
 import { warmCache } from "./warm-cache.js";
+import { buildReviewResult, createDoctorResult } from "./review-model.js";
+import { createDecisionPlan, defaultDecisionPlanPath, writeDecisionPlan, } from "./decision-plan.js";
+import { upgrade } from "./upgrade.js";
 export async function runCi(options) {
     const profile = options.ciProfile;
     if (profile !== "minimal") {
@@ -16,5 +19,53 @@ export async function runCi(options) {
         offline: profile === "minimal" ? options.offline : true,
         concurrency: profile === "enterprise" ? Math.max(options.concurrency, 32) : options.concurrency,
     };
-    return await check(checkOptions);
+    if (options.ciGate === "check") {
+        return await check(checkOptions);
+    }
+    if (options.ciGate === "doctor") {
+        const review = await buildReviewResult(checkOptions);
+        createDoctorResult(review);
+        return reviewToCheckResult(review);
+    }
+    if (options.ciGate === "review") {
+        const review = await buildReviewResult(checkOptions);
+        const selectedItems = review.items.filter((item) => item.update.selectedByDefault !== false &&
+            item.update.decisionState !== "blocked");
+        const decisionPlanFile = options.decisionPlanFile ?? defaultDecisionPlanPath(options.cwd);
+        const plan = createDecisionPlan({
+            review,
+            selectedItems,
+            sourceCommand: "ci",
+            mode: "review",
+            focus: "all",
+        });
+        await writeDecisionPlan(decisionPlanFile, plan);
+        review.decisionPlan = plan;
+        review.summary.decisionPlan = decisionPlanFile;
+        review.summary.interactiveSurface = "dashboard";
+        review.summary.queueFocus = "all";
+        review.summary.suggestedCommand = `rup upgrade --from-plan ${decisionPlanFile}`;
+        return reviewToCheckResult(review);
+    }
+    const decisionPlanFile = options.decisionPlanFile ?? defaultDecisionPlanPath(options.cwd);
+    return upgrade({
+        ...checkOptions,
+        install: false,
+        packageManager: "auto",
+        sync: checkOptions.workspace,
+        fromPlanFile: decisionPlanFile,
+    });
+}
+function reviewToCheckResult(review) {
+    return {
+        projectPath: review.projectPath,
+        packagePaths: review.analysis.check.packagePaths,
+        packageManager: review.analysis.check.packageManager,
+        target: review.target,
+        timestamp: review.analysis.check.timestamp,
+        summary: review.summary,
+        updates: review.updates,
+        errors: review.errors,
+        warnings: review.warnings,
+    };
 }

package/dist/core/decision-plan.d.ts

@@ -0,0 +1,14 @@
+import type { DashboardMode, DecisionPlan, PackageUpdate, QueueFocus, ReviewItem, ReviewResult, UpgradeOptions } from "../types/index.js";
+export declare function defaultDecisionPlanPath(cwd: string): string;
+export declare function filterReviewItemsByFocus(items: ReviewItem[], focus: QueueFocus): ReviewItem[];
+export declare function createDecisionPlan(input: {
+    review: ReviewResult;
+    selectedItems: ReviewItem[];
+    sourceCommand: string;
+    mode: DashboardMode;
+    focus: QueueFocus;
+}): DecisionPlan;
+export declare function writeDecisionPlan(filePath: string, plan: DecisionPlan): Promise<void>;
+export declare function readDecisionPlan(filePath: string): Promise<DecisionPlan>;
+export declare function selectedUpdatesFromPlan(plan: DecisionPlan): PackageUpdate[];
+export declare function resolveDecisionPlanPath(options: Pick<UpgradeOptions, "cwd" | "decisionPlanFile">, explicit?: string): string;