@rainy-updates/cli 0.5.7 → 0.6.1

package/dist/bin/dispatch.js

@@ -1,17 +1,17 @@
-import process from "node:process";
 import { check } from "../core/check.js";
 import { upgrade } from "../core/upgrade.js";
 import { warmCache } from "../core/warm-cache.js";
 import { runCi } from "../core/ci.js";
 import { initCiWorkflow } from "../core/init-ci.js";
 import { diffBaseline, saveBaseline } from "../core/baseline.js";
+import { setRuntimeExitCode, writeStdout, } from "../utils/runtime.js";
 export async function handleDirectCommand(parsed) {
     if (parsed.command === "init-ci") {
         const workflow = await initCiWorkflow(parsed.options.cwd, parsed.options.force, {
             mode: parsed.options.mode,
             schedule: parsed.options.schedule,
         });
-        process.stdout.write(workflow.created
+        writeStdout(workflow.created
             ? `Created CI workflow at ${workflow.path}\n`
             : `CI workflow already exists at ${workflow.path}. Use --force to overwrite.\n`);
         return true;
@@ -19,110 +19,113 @@ export async function handleDirectCommand(parsed) {
     if (parsed.command === "baseline") {
         if (parsed.options.action === "save") {
             const saved = await saveBaseline(parsed.options);
-            process.stdout.write(`Saved baseline at ${saved.filePath} (${saved.entries} entries)\n`);
+            writeStdout(`Saved baseline at ${saved.filePath} (${saved.entries} entries)\n`);
             return true;
         }
         const diff = await diffBaseline(parsed.options);
         const changes = diff.added.length + diff.removed.length + diff.changed.length;
         if (changes === 0) {
-            process.stdout.write(`No baseline drift detected (${diff.filePath}).\n`);
+            writeStdout(`No baseline drift detected (${diff.filePath}).\n`);
             return true;
         }
-        process.stdout.write(`Baseline drift detected (${diff.filePath}).\n`);
+        writeStdout(`Baseline drift detected (${diff.filePath}).\n`);
         if (diff.added.length > 0)
-            process.stdout.write(`Added: ${diff.added.length}\n`);
+            writeStdout(`Added: ${diff.added.length}\n`);
         if (diff.removed.length > 0)
-            process.stdout.write(`Removed: ${diff.removed.length}\n`);
+            writeStdout(`Removed: ${diff.removed.length}\n`);
         if (diff.changed.length > 0)
-            process.stdout.write(`Changed: ${diff.changed.length}\n`);
-        process.exitCode = 1;
+            writeStdout(`Changed: ${diff.changed.length}\n`);
+        setRuntimeExitCode(1);
         return true;
     }
     if (parsed.command === "bisect") {
         const { runBisect } = await import("../commands/bisect/runner.js");
         const result = await runBisect(parsed.options);
-        process.exitCode = result.breakingVersion ? 1 : 0;
+        setRuntimeExitCode(result.breakingVersion ? 1 : 0);
         return true;
     }
     if (parsed.command === "audit") {
         const { runAudit } = await import("../commands/audit/runner.js");
         const result = await runAudit(parsed.options);
-        process.exitCode = result.advisories.length > 0 ? 1 : 0;
+        setRuntimeExitCode(result.advisories.length > 0 ? 1 : 0);
         return true;
     }
     if (parsed.command === "health") {
         const { runHealth } = await import("../commands/health/runner.js");
         const result = await runHealth(parsed.options);
-        process.exitCode = result.totalFlagged > 0 ? 1 : 0;
+        setRuntimeExitCode(result.totalFlagged > 0 ? 1 : 0);
         return true;
     }
     if (parsed.command === "unused") {
         const { runUnused } = await import("../commands/unused/runner.js");
         const result = await runUnused(parsed.options);
-        process.exitCode = result.totalUnused > 0 || result.totalMissing > 0 ? 1 : 0;
+        setRuntimeExitCode(result.totalUnused > 0 || result.totalMissing > 0 ? 1 : 0);
         return true;
     }
     if (parsed.command === "resolve") {
         const { runResolve } = await import("../commands/resolve/runner.js");
         const result = await runResolve(parsed.options);
-        process.exitCode = result.errorConflicts > 0 ? 1 : 0;
+        setRuntimeExitCode(result.errorConflicts > 0 ? 1 : 0);
         return true;
     }
     if (parsed.command === "licenses") {
         const { runLicenses } = await import("../commands/licenses/runner.js");
         const result = await runLicenses(parsed.options);
-        process.exitCode = result.totalViolations > 0 ? 1 : 0;
+        setRuntimeExitCode(result.totalViolations > 0 ? 1 : 0);
         return true;
     }
     if (parsed.command === "snapshot") {
         const { runSnapshot } = await import("../commands/snapshot/runner.js");
         const result = await runSnapshot(parsed.options);
-        process.exitCode = result.errors.length > 0 ? 1 : 0;
+        setRuntimeExitCode(result.errors.length > 0 ? 1 : 0);
         return true;
     }
     if (parsed.command === "review") {
         const { runReview } = await import("../commands/review/runner.js");
         const result = await runReview(parsed.options);
-        process.exitCode =
-            result.summary.verdict === "blocked" ||
-                result.summary.verdict === "actionable" ||
-                result.summary.verdict === "review"
-                ? 1
-                : 0;
+        setRuntimeExitCode(result.summary.verdict === "blocked" ||
+            result.summary.verdict === "actionable" ||
+            result.summary.verdict === "review"
+            ? 1
+            : 0);
         return true;
     }
     if (parsed.command === "doctor") {
         const { runDoctor } = await import("../commands/doctor/runner.js");
         const result = await runDoctor(parsed.options);
-        process.exitCode = result.verdict === "safe" ? 0 : 1;
+        setRuntimeExitCode(result.verdict === "safe" ? 0 : 1);
         return true;
     }
     if (parsed.command === "dashboard") {
         const { runDashboard } = await import("../commands/dashboard/runner.js");
         const result = await runDashboard(parsed.options);
-        process.exitCode = result.errors.length > 0 ? 1 : 0;
+        setRuntimeExitCode(result.errors.length > 0 ? 1 : 0);
         return true;
     }
     if (parsed.command === "ga") {
         const { runGa } = await import("../commands/ga/runner.js");
         const result = await runGa(parsed.options);
-        process.exitCode = result.ready ? 0 : 1;
+        setRuntimeExitCode(result.ready ? 0 : 1);
+        return true;
+    }
+    if (parsed.command === "hook") {
+        const { runHook } = await import("../commands/hook/runner.js");
+        const result = await runHook(parsed.options);
+        setRuntimeExitCode(result.errors.length > 0 ? 1 : 0);
         return true;
     }
     if (parsed.options.interactive &&
         (parsed.command === "check" ||
             parsed.command === "upgrade" ||
             parsed.command === "ci")) {
-        const { runReview } = await import("../commands/review/runner.js");
-        const result = await runReview({
+        const { runDashboard } = await import("../commands/dashboard/runner.js");
+        const result = await runDashboard({
             ...parsed.options,
-            securityOnly: false,
-            risk: undefined,
-            diff: undefined,
+            mode: parsed.command === "upgrade" ? "upgrade" : "review",
+            focus: "all",
             applySelected: parsed.command === "upgrade",
         });
-        process.exitCode =
-            result.summary.verdict === "safe" && result.updates.length === 0 ? 0 : 1;
+        setRuntimeExitCode(result.errors.length > 0 ? 1 : 0);
         return true;
     }
     return false;

package/dist/bin/help.js

@@ -40,7 +40,16 @@ Options:
   --cooldown-days <n>
   --pr-limit <n>
   --only-changed
+  --affected
+  --staged
+  --base <ref>
+  --head <ref>
+  --since <ref>
   --interactive
+  --plan-file <path>
+  --verify none|install|test|install,test
+  --test-command <cmd>
+  --verification-report-file <path>
   --show-impact
   --show-links
   --show-homepage
@@ -79,7 +88,7 @@ Options:
   --workspace
   --sync
   --install
-  --pm auto|npm|pnpm
+  --pm auto|bun|npm|pnpm|yarn
   --target patch|minor|major|latest
   --policy-file <path>
   --concurrency <n>
@@ -92,6 +101,10 @@ Options:
   --fix-pr-no-checkout
   --fix-pr-batch-size <n>
   --interactive
+  --from-plan <path>
+  --verify none|install|test|install,test
+  --test-command <cmd>
+  --verification-report-file <path>
   --lockfile-mode preserve|update|error
   --no-pr-report
   --json-file <path>
@@ -109,11 +122,17 @@ Run CI-oriented automation around the same lifecycle:
 Options:
   --workspace
   --mode minimal|strict|enterprise
+  --gate check|doctor|review|upgrade
   --group-by none|name|scope|kind|risk
   --group-max <n>
   --cooldown-days <n>
   --pr-limit <n>
   --only-changed
+  --affected
+  --staged
+  --base <ref>
+  --head <ref>
+  --since <ref>
   --offline
   --concurrency <n>
   --registry-timeout-ms <n>
@@ -126,6 +145,10 @@ Options:
   --fix-pr-no-checkout
   --fix-pr-batch-size <n>
   --no-pr-report
+  --plan-file <path>
+  --verify none|install|test|install,test
+  --test-command <cmd>
+  --verification-report-file <path>
   --json-file <path>
   --github-output <path>
   --sarif-file <path>
@@ -167,6 +190,11 @@ Scan dependencies for CVEs using OSV.dev and GitHub Advisory Database.
 
 Options:
   --workspace
+  --affected
+  --staged
+  --base <ref>
+  --head <ref>
+  --since <ref>
   --severity critical|high|medium|low
   --summary
   --report table|summary|json
@@ -187,11 +215,18 @@ Use it to inspect risk, security, peer, license, and policy context before apply
 
 Options:
   --workspace
+  --only-changed
+  --affected
+  --staged
+  --base <ref>
+  --head <ref>
+  --since <ref>
   --interactive
   --security-only
   --risk critical|high|medium|low
   --diff patch|minor|major|latest
   --apply-selected
+  --plan-file <path>
   --show-changelog
   --policy-file <path>
   --json-file <path>
@@ -206,9 +241,37 @@ Produce a fast summary verdict and point the operator to review when action is n
 
 Options:
   --workspace
+  --only-changed
+  --affected
+  --staged
+  --base <ref>
+  --head <ref>
+  --since <ref>
   --verdict-only
   --include-changelog
   --json-file <path>`;
+    }
+    if (isCommand && command === "dashboard") {
+        return `rainy-updates dashboard [options]
+
+Open the primary interactive dependency operations console.
+
+Options:
+  --workspace
+  --only-changed
+  --affected
+  --staged
+  --base <ref>
+  --head <ref>
+  --since <ref>
+  --mode check|review|upgrade
+  --focus all|security|risk|major|blocked|workspace
+  --apply-selected
+  --plan-file <path>
+  --verify none|install|test|install,test
+  --test-command <cmd>
+  --verification-report-file <path>
+  --cwd <path>`;
     }
     if (isCommand && command === "ga") {
         return `rainy-updates ga [options]
@@ -218,6 +281,14 @@ Audit release and CI readiness for Rainy Updates.
 Options:
   --workspace
   --json-file <path>
+  --cwd <path>`;
+    }
+    if (isCommand && command === "hook") {
+        return `rainy-updates hook <install|uninstall|doctor> [options]
+
+Install, remove, or inspect Rainy-managed git hooks.
+
+Options:
   --cwd <path>`;
     }
     return `rainy-updates (rup / rainy-up) <command> [options]
@@ -227,7 +298,7 @@ Commands:
   doctor      Summarize what matters
   review      Decide what to do
   upgrade     Apply the approved change set
-  dashboard   Open the interactive DevOps dashboard (Ink TUI)
+  dashboard   Open the primary interactive dependency dashboard
   ci          Run CI-focused orchestration
   warm-cache  Warm local cache for fast/offline checks
   init-ci     Scaffold GitHub Actions workflow
@@ -240,6 +311,7 @@ Commands:
   licenses    Scan dependency licenses and generate SPDX SBOM
   snapshot    Save, list, restore, and diff dependency state snapshots
   ga          Audit GA and CI readiness for this checkout
+  hook        Install or inspect Rainy-managed git hooks
 
 Global options:
   --cwd <path>
@@ -258,6 +330,11 @@ Global options:
   --cooldown-days <n>
   --pr-limit <n>
   --only-changed
+  --affected
+  --staged
+  --base <ref>
+  --head <ref>
+  --since <ref>
   --interactive
   --show-impact
   --show-links

package/dist/bin/main.d.ts

@@ -0,0 +1 @@
+export declare function runCli(): Promise<void>;

package/dist/bin/main.js

@@ -0,0 +1,126 @@
+import { parseCliArgs } from "../core/options.js";
+import { createRunId, writeArtifactManifest } from "../core/artifacts.js";
+import { renderResult } from "../output/format.js";
+import { writeGitHubOutput } from "../output/github.js";
+import { createSarifReport } from "../output/sarif.js";
+import { renderPrReport } from "../output/pr-report.js";
+import { writeFileAtomic } from "../utils/io.js";
+import { resolveFailReason } from "../core/summary.js";
+import { stableStringify } from "../utils/stable-json.js";
+import { getRuntimeArgv, setRuntimeExitCode, writeStderr, writeStdout, } from "../utils/runtime.js";
+import { CLI_VERSION } from "../generated/version.js";
+import { handleDirectCommand, runPrimaryCommand } from "./dispatch.js";
+import { renderHelp } from "./help.js";
+export async function runCli() {
+    try {
+        const argv = getRuntimeArgv();
+        if (argv.includes("--version") || argv.includes("-v")) {
+            writeStdout((await readPackageVersion()) + "\n");
+            return;
+        }
+        if (argv.includes("--help") || argv.includes("-h")) {
+            writeStdout(renderHelp(argv[0]) + "\n");
+            return;
+        }
+        const parsed = await parseCliArgs(argv);
+        if (await handleDirectCommand(parsed))
+            return;
+        if (parsed.command !== "check" &&
+            parsed.command !== "upgrade" &&
+            parsed.command !== "warm-cache" &&
+            parsed.command !== "ci") {
+            throw new Error(`Unhandled command: ${parsed.command}`);
+        }
+        const result = await runPrimaryCommand(parsed);
+        result.summary.runId = createRunId(parsed.command, parsed.options, result);
+        if (parsed.options.fixPr &&
+            (parsed.command === "check" ||
+                parsed.command === "upgrade" ||
+                parsed.command === "ci")) {
+            result.summary.fixPrApplied = false;
+            result.summary.fixBranchName =
+                parsed.options.fixBranch ?? "chore/rainy-updates";
+            result.summary.fixCommitSha = "";
+            result.summary.fixPrBranchesCreated = 0;
+            if (parsed.command === "ci") {
+                const { applyFixPrBatches } = await import("../core/fix-pr-batch.js");
+                const batched = await applyFixPrBatches(parsed.options, result);
+                result.summary.fixPrApplied = batched.applied;
+                result.summary.fixBranchName =
+                    batched.branches[0] ??
+                        parsed.options.fixBranch ??
+                        "chore/rainy-updates";
+                result.summary.fixCommitSha = batched.commits[0] ?? "";
+                result.summary.fixPrBranchesCreated = batched.branches.length;
+                if (batched.branches.length > 1) {
+                    result.warnings.push(`Created ${batched.branches.length} fix-pr batch branches.`);
+                }
+            }
+            else {
+                const { applyFixPr } = await import("../core/fix-pr.js");
+                const fixResult = await applyFixPr(parsed.options, result, []);
+                result.summary.fixPrApplied = fixResult.applied;
+                result.summary.fixBranchName = fixResult.branchName ?? "";
+                result.summary.fixCommitSha = fixResult.commitSha ?? "";
+                result.summary.fixPrBranchesCreated = fixResult.applied ? 1 : 0;
+            }
+        }
+        if (parsed.options.prReportFile) {
+            const markdown = renderPrReport(result);
+            await writeFileAtomic(parsed.options.prReportFile, markdown + "\n");
+        }
+        const artifactManifest = await writeArtifactManifest(parsed.command, parsed.options, result);
+        if (artifactManifest) {
+            result.summary.artifactManifest = artifactManifest.artifactManifestPath;
+        }
+        result.summary.failReason = resolveFailReason(result.updates, result.errors, parsed.options.failOn, parsed.options.maxUpdates, parsed.options.ci);
+        const renderStartedAt = Date.now();
+        let rendered = renderResult(result, parsed.options.format, {
+            showImpact: parsed.options.showImpact,
+            showHomepage: parsed.options.showHomepage,
+        });
+        result.summary.durationMs.render = Math.max(0, Date.now() - renderStartedAt);
+        if (parsed.options.format === "json" ||
+            parsed.options.format === "metrics") {
+            rendered = renderResult(result, parsed.options.format, {
+                showImpact: parsed.options.showImpact,
+                showHomepage: parsed.options.showHomepage,
+            });
+        }
+        if (parsed.options.onlyChanged &&
+            result.updates.length === 0 &&
+            result.errors.length === 0 &&
+            result.warnings.length === 0 &&
+            (parsed.options.format === "table" ||
+                parsed.options.format === "minimal" ||
+                parsed.options.format === "github")) {
+            rendered = "";
+        }
+        if (parsed.options.jsonFile) {
+            await writeFileAtomic(parsed.options.jsonFile, stableStringify(result, 2) + "\n");
+        }
+        if (parsed.options.githubOutputFile) {
+            await writeGitHubOutput(parsed.options.githubOutputFile, result);
+        }
+        if (parsed.options.sarifFile) {
+            const sarif = createSarifReport(result);
+            await writeFileAtomic(parsed.options.sarifFile, stableStringify(sarif, 2) + "\n");
+        }
+        writeStdout(rendered + "\n");
+        setRuntimeExitCode(resolveExitCode(result, result.summary.failReason));
+    }
+    catch (error) {
+        writeStderr(`rainy-updates (rup): ${String(error)}\n`);
+        setRuntimeExitCode(2);
+    }
+}
+async function readPackageVersion() {
+    return CLI_VERSION;
+}
+function resolveExitCode(result, failReason) {
+    if (result.errors.length > 0)
+        return 2;
+    if (failReason !== "none")
+        return 1;
+    return 0;
+}

package/dist/cache/cache.js

@@ -1,7 +1,7 @@
-import { promises as fs } from "node:fs";
-import os from "node:os";
 import path from "node:path";
-import process from "node:process";
+import { writeFileAtomic } from "../utils/io.js";
+import { getCacheDir } from "../utils/runtime-paths.js";
+import { readEnv } from "../utils/runtime.js";
 class FileCacheStore {
     filePath;
     constructor(filePath) {
@@ -15,19 +15,19 @@ class FileCacheStore {
             return null;
         return {
             ...entry,
-            availableVersions: Array.isArray(entry.availableVersions) ? entry.availableVersions : [entry.latestVersion],
+            availableVersions: Array.isArray(entry.availableVersions)
+                ? entry.availableVersions
+                : [entry.latestVersion],
         };
     }
     async set(entry) {
         const entries = await this.readEntries();
         entries[this.getKey(entry.packageName, entry.target)] = entry;
-        await fs.mkdir(path.dirname(this.filePath), { recursive: true });
-        await fs.writeFile(this.filePath, JSON.stringify(entries), "utf8");
+        await writeFileAtomic(this.filePath, JSON.stringify(entries));
     }
     async readEntries() {
         try {
-            const content = await fs.readFile(this.filePath, "utf8");
-            return JSON.parse(content);
+            return (await Bun.file(this.filePath).json());
         }
         catch {
             return {};
@@ -93,7 +93,9 @@ class SqliteCacheStore {
     }
     ensureSchema() {
         try {
-            const columns = this.db.prepare("PRAGMA table_info(versions);").all();
+            const columns = this.db
+                .prepare("PRAGMA table_info(versions);")
+                .all();
             const hasAvailableVersions = columns.some((column) => column.name === "available_versions");
             if (!hasAvailableVersions) {
                 this.db.exec("ALTER TABLE versions ADD COLUMN available_versions TEXT;");
@@ -117,8 +119,8 @@ export class VersionCache {
         this.fallbackReason = fallbackReason;
     }
     static async create(customPath) {
-        const basePath = customPath ?? path.join(os.homedir(), ".cache", "rainy-updates");
-        if (process.env.RAINY_UPDATES_CACHE_BACKEND === "file") {
+        const basePath = customPath ?? getCacheDir();
+        if (readEnv("RAINY_UPDATES_CACHE_BACKEND") === "file") {
             const jsonPath = path.join(basePath, "cache.json");
             return new VersionCache(new FileCacheStore(jsonPath), "file", true, "forced via RAINY_UPDATES_CACHE_BACKEND=file");
         }

package/dist/commands/audit/parser.js

@@ -1,5 +1,5 @@
 import path from "node:path";
-import process from "node:process";
+import { getRuntimeCwd } from "../../utils/runtime.js";
 const SEVERITY_LEVELS = ["critical", "high", "medium", "low"];
 const SOURCE_MODES = ["auto", "osv", "github", "all"];
 export function parseSeverity(value) {
@@ -10,8 +10,13 @@ export function parseSeverity(value) {
 }
 export function parseAuditArgs(args) {
     const options = {
-        cwd: process.cwd(),
+        cwd: getRuntimeCwd(),
         workspace: false,
+        affected: false,
+        staged: false,
+        baseRef: undefined,
+        headRef: undefined,
+        sinceRef: undefined,
         severity: undefined,
         fix: false,
         dryRun: false,
@@ -39,6 +44,37 @@ export function parseAuditArgs(args) {
             index += 1;
             continue;
         }
+        if (current === "--affected") {
+            options.affected = true;
+            index += 1;
+            continue;
+        }
+        if (current === "--staged") {
+            options.staged = true;
+            index += 1;
+            continue;
+        }
+        if (current === "--base" && next) {
+            options.baseRef = next;
+            index += 2;
+            continue;
+        }
+        if (current === "--base")
+            throw new Error("Missing value for --base");
+        if (current === "--head" && next) {
+            options.headRef = next;
+            index += 2;
+            continue;
+        }
+        if (current === "--head")
+            throw new Error("Missing value for --head");
+        if (current === "--since" && next) {
+            options.sinceRef = next;
+            index += 2;
+            continue;
+        }
+        if (current === "--since")
+            throw new Error("Missing value for --since");
         if (current === "--severity" && next) {
             options.severity = parseSeverity(next);
             index += 2;