@socketsecurity/lib 6.0.4 → 6.0.6

package/dist/shell/parse.d.ts

@@ -8,10 +8,100 @@
  *   against `env`; unresolved ones collapse to an empty string.
  */
 import type { ParseEntry } from '../external/shell-quote';
+/**
+ * Visit each simple command in `cmd` in order. A "simple command" is the
+ * POSIX-grammar term for a run of bare-string tokens between shell
+ * control-operator boundaries (`&&`, `;`, `||`, `|`) — e.g. in `sudo apt && rm
+ * -rf /`, the two simple commands are `['sudo', 'apt']` and `['rm', '-rf',
+ * '/']`. Glob and comment tokens are ignored.
+ *
+ * The visitor receives each simple command's tokens as a `readonly string[]`;
+ * returning `true` short-circuits the walk so callers like `hasBinCall` /
+ * `findBinCall` can bail on the first match without finishing the parse.
+ *
+ * Public so consumers can write their own per-command matchers without
+ * re-parsing the command line. Used internally by `findBinCall` /
+ * `findBinCalls` / `hasBinCall`.
+ *
+ * Shell-quote is permissive (partial parses don't throw); the walk tolerates
+ * any shape it returns.
+ *
+ * @example
+ *   eachSimpleCommand('sudo apt && rm -rf /', tokens => {
+ *     console.log(tokens)
+ *     // → ['sudo', 'apt']
+ *     // → ['rm', '-rf', '/']
+ *   })
+ *
+ *   // Short-circuit on first match:
+ *   eachSimpleCommand('a ; b ; c', tokens => {
+ *     if (tokens[0] === 'b') {
+ *       return true // stop the walk
+ *     }
+ *   })
+ */
+export declare function eachSimpleCommand(cmd: string, visit: (tokens: readonly string[]) => boolean | void): void;
+/**
+ * Walk a parsed shell command and return the args of the FIRST binary call
+ * whose leading tokens match `prefix` (e.g. `['sudo']`, `['gh', 'auth',
+ * 'refresh']`). Returns `undefined` when no call matches.
+ *
+ * Short-circuits on the first match — does NOT materialize every match. Use
+ * this when "did any call match, and what were its args?" is enough. For audit
+ * / counting use cases where every match matters, use `findBinCalls`.
+ *
+ * @example
+ *   findBinCall('sudo apt update && sudo -k', ['sudo'])
+ *   // → ['apt', 'update']
+ *
+ *   findBinCall('echo "sudo foo"', ['sudo'])
+ *   // → undefined
+ */
+export declare function findBinCall(cmd: string, prefix: readonly string[]): readonly string[] | undefined;
+/**
+ * Walk a parsed shell command and return the args of every binary call whose
+ * leading tokens match `prefix` (e.g. `['sudo']`, `['gh', 'auth', 'refresh']`).
+ * Returns an empty array when no call matches.
+ *
+ * Segments split at op tokens (`&&`, `;`, `||`, `|`) so each chained command is
+ * scanned independently. Each match's args are returned as a `string[]` slice
+ * positioned after the matched prefix — useful for caller-side `.some(...)`
+ * over flag/value pairs.
+ *
+ * The AST walk means embedded args (`echo "sudo foo"`), variable substitutions
+ * (`$gh`), and command substitution (`$(...)`) don't trip the matcher — only
+ * actual calls do.
+ *
+ * @example
+ *   findBinCalls('sudo apt update && sudo -k', ['sudo'])
+ *   // → [['apt', 'update'], ['-k']]
+ *
+ *   findBinCalls('gh auth refresh -s workflow', ['gh', 'auth', 'refresh'])
+ *   // → [['-s', 'workflow']]
+ *
+ *   findBinCalls('echo "sudo foo"', ['sudo'])
+ *   // → []
+ */
+export declare function findBinCalls(cmd: string, prefix: readonly string[]): readonly string[][];
+/**
+ * Convenience: does `cmd` contain at least one binary call matching the
+ * leading-tokens `prefix`? The most common audit-pattern shape.
+ *
+ * Short-circuits on the first match — walks the parsed entries once and returns
+ * `true` as soon as a simple command matches. No intermediate match list or
+ * args slices are allocated.
+ *
+ * @example
+ *   hasBinCall('echo hi && sudo rm', ['sudo']) // → true
+ *   hasBinCall('echo "sudo foo"', ['sudo']) // → false
+ *   hasBinCall('gh auth refresh -s workflow', ['gh', 'auth', 'refresh']) // → true
+ */
+export declare function hasBinCall(cmd: string, prefix: readonly string[]): boolean;
 export type { ParseEntry, ShellComment, ShellGlob, ShellOp, } from '../external/shell-quote';
 /**
  * Tokenize `cmd` into `ParseEntry` items, preserving operators and comments.
- * Throws on unterminated quotes.
+ * `shell-quote` is permissive — an unterminated quote does not throw; the
+ * parser drops the opening quote and returns the rest as plain tokens.
  *
  * @example
  *   parseShell('git commit -m "hello world"')
@@ -24,3 +114,20 @@ export type { ParseEntry, ShellComment, ShellGlob, ShellOp, } from '../external/
  *   // → ['echo', '/root']
  */
 export declare function parseShell(cmd: string, env?: Record<string, string> | ((key: string) => string | undefined) | undefined): ParseEntry[];
+/**
+ * Does the simple command represented by `tokens` start with `prefix`? The
+ * natural companion to `eachSimpleCommand` — the visitor callback uses this to
+ * test whether a simple command is a call to a specific binary or command-line
+ * prefix.
+ *
+ * @example
+ *   simpleCommandStartsWith(['sudo', 'apt', 'update'], ['sudo'])
+ *   // → true
+ *
+ *   simpleCommandStartsWith(
+ *     ['gh', 'auth', 'status'],
+ *     ['gh', 'auth', 'refresh'],
+ *   )
+ *   // → false
+ */
+export declare function simpleCommandStartsWith(tokens: readonly string[], prefix: readonly string[]): boolean;

package/dist/shell/parse.js

@@ -1,6 +1,7 @@
 "use strict";
 /* Socket Lib - Built with rolldown */
 Object.defineProperty(exports, Symbol.toStringTag, { value: 'Module' });
+const require_primordials_array = require('../primordials/array.js');
 let src_external_shell_quote = require("../external/shell-quote");
 
 //#region src/shell/parse.ts
@@ -14,8 +15,146 @@ let src_external_shell_quote = require("../external/shell-quote");
 *   against `env`; unresolved ones collapse to an empty string.
 */
 /**
+* Visit each simple command in `cmd` in order. A "simple command" is the
+* POSIX-grammar term for a run of bare-string tokens between shell
+* control-operator boundaries (`&&`, `;`, `||`, `|`) — e.g. in `sudo apt && rm
+* -rf /`, the two simple commands are `['sudo', 'apt']` and `['rm', '-rf',
+* '/']`. Glob and comment tokens are ignored.
+*
+* The visitor receives each simple command's tokens as a `readonly string[]`;
+* returning `true` short-circuits the walk so callers like `hasBinCall` /
+* `findBinCall` can bail on the first match without finishing the parse.
+*
+* Public so consumers can write their own per-command matchers without
+* re-parsing the command line. Used internally by `findBinCall` /
+* `findBinCalls` / `hasBinCall`.
+*
+* Shell-quote is permissive (partial parses don't throw); the walk tolerates
+* any shape it returns.
+*
+* @example
+*   eachSimpleCommand('sudo apt && rm -rf /', tokens => {
+*     console.log(tokens)
+*     // → ['sudo', 'apt']
+*     // → ['rm', '-rf', '/']
+*   })
+*
+*   // Short-circuit on first match:
+*   eachSimpleCommand('a ; b ; c', tokens => {
+*     if (tokens[0] === 'b') {
+*       return true // stop the walk
+*     }
+*   })
+*/
+function eachSimpleCommand(cmd, visit) {
+	const entries = (0, src_external_shell_quote.parse)(cmd);
+	let current = [];
+	const flush = () => {
+		if (current.length > 0) {
+			const stop = visit(current);
+			current = [];
+			return stop === true;
+		}
+		current = [];
+		return false;
+	};
+	for (let i = 0, { length } = entries; i < length; i += 1) {
+		const entry = entries[i];
+		if (entry && typeof entry === "object" && "op" in entry) {
+			if (flush()) return;
+			continue;
+		}
+		if (typeof entry === "string") require_primordials_array.ArrayPrototypePush(current, entry);
+	}
+	flush();
+}
+/**
+* Walk a parsed shell command and return the args of the FIRST binary call
+* whose leading tokens match `prefix` (e.g. `['sudo']`, `['gh', 'auth',
+* 'refresh']`). Returns `undefined` when no call matches.
+*
+* Short-circuits on the first match — does NOT materialize every match. Use
+* this when "did any call match, and what were its args?" is enough. For audit
+* / counting use cases where every match matters, use `findBinCalls`.
+*
+* @example
+*   findBinCall('sudo apt update && sudo -k', ['sudo'])
+*   // → ['apt', 'update']
+*
+*   findBinCall('echo "sudo foo"', ['sudo'])
+*   // → undefined
+*/
+function findBinCall(cmd, prefix) {
+	if (prefix.length === 0) return;
+	let found;
+	eachSimpleCommand(cmd, (tokens) => {
+		if (!simpleCommandStartsWith(tokens, prefix)) return false;
+		found = require_primordials_array.ArrayPrototypeSlice(tokens, prefix.length);
+		return true;
+	});
+	return found;
+}
+/**
+* Walk a parsed shell command and return the args of every binary call whose
+* leading tokens match `prefix` (e.g. `['sudo']`, `['gh', 'auth', 'refresh']`).
+* Returns an empty array when no call matches.
+*
+* Segments split at op tokens (`&&`, `;`, `||`, `|`) so each chained command is
+* scanned independently. Each match's args are returned as a `string[]` slice
+* positioned after the matched prefix — useful for caller-side `.some(...)`
+* over flag/value pairs.
+*
+* The AST walk means embedded args (`echo "sudo foo"`), variable substitutions
+* (`$gh`), and command substitution (`$(...)`) don't trip the matcher — only
+* actual calls do.
+*
+* @example
+*   findBinCalls('sudo apt update && sudo -k', ['sudo'])
+*   // → [['apt', 'update'], ['-k']]
+*
+*   findBinCalls('gh auth refresh -s workflow', ['gh', 'auth', 'refresh'])
+*   // → [['-s', 'workflow']]
+*
+*   findBinCalls('echo "sudo foo"', ['sudo'])
+*   // → []
+*/
+function findBinCalls(cmd, prefix) {
+	if (prefix.length === 0) return [];
+	const matches = [];
+	eachSimpleCommand(cmd, (tokens) => {
+		if (simpleCommandStartsWith(tokens, prefix)) require_primordials_array.ArrayPrototypePush(matches, require_primordials_array.ArrayPrototypeSlice(tokens, prefix.length));
+	});
+	return matches;
+}
+/**
+* Convenience: does `cmd` contain at least one binary call matching the
+* leading-tokens `prefix`? The most common audit-pattern shape.
+*
+* Short-circuits on the first match — walks the parsed entries once and returns
+* `true` as soon as a simple command matches. No intermediate match list or
+* args slices are allocated.
+*
+* @example
+*   hasBinCall('echo hi && sudo rm', ['sudo']) // → true
+*   hasBinCall('echo "sudo foo"', ['sudo']) // → false
+*   hasBinCall('gh auth refresh -s workflow', ['gh', 'auth', 'refresh']) // → true
+*/
+function hasBinCall(cmd, prefix) {
+	if (prefix.length === 0) return false;
+	let found = false;
+	eachSimpleCommand(cmd, (tokens) => {
+		if (simpleCommandStartsWith(tokens, prefix)) {
+			found = true;
+			return true;
+		}
+		return false;
+	});
+	return found;
+}
+/**
 * Tokenize `cmd` into `ParseEntry` items, preserving operators and comments.
-* Throws on unterminated quotes.
+* `shell-quote` is permissive — an unterminated quote does not throw; the
+* parser drops the opening quote and returns the rest as plain tokens.
 *
 * @example
 *   parseShell('git commit -m "hello world"')
@@ -30,6 +169,33 @@ let src_external_shell_quote = require("../external/shell-quote");
 function parseShell(cmd, env) {
 	return (0, src_external_shell_quote.parse)(cmd, env);
 }
+/**
+* Does the simple command represented by `tokens` start with `prefix`? The
+* natural companion to `eachSimpleCommand` — the visitor callback uses this to
+* test whether a simple command is a call to a specific binary or command-line
+* prefix.
+*
+* @example
+*   simpleCommandStartsWith(['sudo', 'apt', 'update'], ['sudo'])
+*   // → true
+*
+*   simpleCommandStartsWith(
+*     ['gh', 'auth', 'status'],
+*     ['gh', 'auth', 'refresh'],
+*   )
+*   // → false
+*/
+function simpleCommandStartsWith(tokens, prefix) {
+	const { length: pl } = prefix;
+	if (tokens.length < pl) return false;
+	for (let i = 0; i < pl; i += 1) if (tokens[i] !== prefix[i]) return false;
+	return true;
+}
 
 //#endregion
-exports.parseShell = parseShell;
+exports.eachSimpleCommand = eachSimpleCommand;
+exports.findBinCall = findBinCall;
+exports.findBinCalls = findBinCalls;
+exports.hasBinCall = hasBinCall;
+exports.parseShell = parseShell;
+exports.simpleCommandStartsWith = simpleCommandStartsWith;

package/dist/smol/detect.js

@@ -39,7 +39,7 @@ let _smolUtilProbed = false;
 * Returns `node:smol-util` when running on the smol Node binary, otherwise
 * `undefined`. Result is cached across calls.
 */
-/* @__NO_SIDE_EFFECTS__ */
+/*@__NO_SIDE_EFFECTS__*/
 function getSmolUtil() {
 	if (!_smolUtilProbed) {
 		_smolUtilProbed = true;

package/dist/smol/http.js

@@ -24,7 +24,7 @@ let _smolHttpProbed = false;
 * Returns `node:smol-http` when running on the smol Node binary, otherwise
 * `undefined`. Result is cached across calls.
 */
-/* @__NO_SIDE_EFFECTS__ */
+/*@__NO_SIDE_EFFECTS__*/
 function getSmolHttp() {
 	if (!_smolHttpProbed) {
 		_smolHttpProbed = true;

package/dist/smol/https.js

@@ -22,7 +22,7 @@ let _smolHttpsProbed = false;
 * Returns `node:smol-https` when running on the smol Node binary, otherwise
 * `undefined`. Result is cached across calls.
 */
-/* @__NO_SIDE_EFFECTS__ */
+/*@__NO_SIDE_EFFECTS__*/
 function getSmolHttps() {
 	if (!_smolHttpsProbed) {
 		_smolHttpsProbed = true;

package/dist/smol/manifest.js

@@ -24,7 +24,7 @@ let _smolManifestProbed = false;
 * Returns `node:smol-manifest` when running on the smol Node binary, otherwise
 * `undefined`. Result is cached across calls.
 */
-/* @__NO_SIDE_EFFECTS__ */
+/*@__NO_SIDE_EFFECTS__*/
 function getSmolManifest() {
 	if (!_smolManifestProbed) {
 		_smolManifestProbed = true;

package/dist/smol/path.js

@@ -24,7 +24,7 @@ let _smolPathProbed = false;
 *
 * @returns The native binding, or `undefined` to signal "use the JS fallback".
 */
-/* @__NO_SIDE_EFFECTS__ */
+/*@__NO_SIDE_EFFECTS__*/
 function getSmolPath() {
 	if (!_smolPathProbed) {
 		_smolPathProbed = true;

package/dist/smol/primordial.js

@@ -26,7 +26,7 @@ let _smolPrimordialProbed = false;
 * Returns `node:smol-primordial` when running on the smol Node binary,
 * otherwise `undefined`. Result is cached across calls.
 */
-/* @__NO_SIDE_EFFECTS__ */
+/*@__NO_SIDE_EFFECTS__*/
 function getSmolPrimordial() {
 	if (!_smolPrimordialProbed) {
 		_smolPrimordialProbed = true;

package/dist/smol/purl.js

@@ -25,7 +25,7 @@ let _smolPurlProbed = false;
 * Returns `node:smol-purl` when running on the smol Node binary, otherwise
 * `undefined`. Result is cached across calls.
 */
-/* @__NO_SIDE_EFFECTS__ */
+/*@__NO_SIDE_EFFECTS__*/
 function getSmolPurl() {
 	if (!_smolPurlProbed) {
 		_smolPurlProbed = true;

package/dist/smol/versions.js

@@ -22,7 +22,7 @@ let _smolVersionsProbed = false;
 * Returns `node:smol-versions` when running on the smol Node binary, otherwise
 * `undefined`. Result is cached across calls.
 */
-/* @__NO_SIDE_EFFECTS__ */
+/*@__NO_SIDE_EFFECTS__*/
 function getSmolVersions() {
 	if (!_smolVersionsProbed) {
 		_smolVersionsProbed = true;

package/dist/smol/vfs.js

@@ -37,7 +37,7 @@ let _smolVfsProbed = false;
 * binding-module loader is collapsed into this function so callers don't deal
 * with two indirection levels.
 */
-/* @__NO_SIDE_EFFECTS__ */
+/*@__NO_SIDE_EFFECTS__*/
 function getSmolVfs() {
 	if (!_smolVfsProbed) {
 		_smolVfsProbed = true;

package/dist/sorts/_internal.js

@@ -5,14 +5,14 @@ Object.defineProperty(exports, Symbol.toStringTag, { value: 'Module' });
 //#region src/sorts/_internal.ts
 let _fastSort;
 let _semver;
-/* @__NO_SIDE_EFFECTS__ */
+/*@__NO_SIDE_EFFECTS__*/
 function getFastSort() {
-	if (_fastSort === void 0) _fastSort = /* @__PURE__ */ require("../external/fast-sort.js");
+	if (_fastSort === void 0) _fastSort = /*@__PURE__*/ require("../external/fast-sort.js");
 	return _fastSort;
 }
-/* @__NO_SIDE_EFFECTS__ */
+/*@__NO_SIDE_EFFECTS__*/
 function getSemver() {
-	if (_semver === void 0) _semver = /* @__PURE__ */ require("../external/semver.js");
+	if (_semver === void 0) _semver = /*@__PURE__*/ require("../external/semver.js");
 	return _semver;
 }
 

package/dist/sorts/natural.js

@@ -24,7 +24,7 @@ let _naturalSorter;
 *   localeCompare('a', 'a') // 0
 *   ```
 */
-/* @__NO_SIDE_EFFECTS__ */
+/*@__NO_SIDE_EFFECTS__*/
 function localeCompare(x, y) {
 	if (_localeCompare === void 0) _localeCompare = new Intl.Collator().compare;
 	return _localeCompare(x, y);
@@ -38,7 +38,7 @@ function localeCompare(x, y) {
 *   naturalCompare('img10', 'img2') // positive (img10 after img2)
 *   ```
 */
-/* @__NO_SIDE_EFFECTS__ */
+/*@__NO_SIDE_EFFECTS__*/
 function naturalCompare(x, y) {
 	if (_naturalCompare === void 0) _naturalCompare = new Intl.Collator(void 0, {
 		numeric: true,
@@ -55,7 +55,7 @@ function naturalCompare(x, y) {
 *   // ['file1', 'file2', 'file10']
 *   ```
 */
-/* @__NO_SIDE_EFFECTS__ */
+/*@__NO_SIDE_EFFECTS__*/
 function naturalSorter(arrayToSort) {
 	if (_naturalSorter === void 0) _naturalSorter = (/* @__PURE__ */ require_sorts__internal.getFastSort()).createNewSortInstance({ comparer: naturalCompare });
 	return _naturalSorter(arrayToSort);

package/dist/sorts/semver.js

@@ -18,7 +18,7 @@ const require_sorts__internal = require('./_internal.js');
 *   compareSemver('1.0.0', '1.0.0') // 0
 *   ```
 */
-/* @__NO_SIDE_EFFECTS__ */
+/*@__NO_SIDE_EFFECTS__*/
 function compareSemver(a, b) {
 	/* c8 ignore start */
 	const semver = /* @__PURE__ */ require_sorts__internal.getSemver();

package/dist/sorts/strings.js

@@ -18,7 +18,7 @@ Object.defineProperty(exports, Symbol.toStringTag, { value: 'Module' });
 *   compareStr('a', 'a') // 0
 *   ```
 */
-/* @__NO_SIDE_EFFECTS__ */
+/*@__NO_SIDE_EFFECTS__*/
 function compareStr(a, b) {
 	return a < b ? -1 : a > b ? 1 : 0;
 }

package/dist/spinner/default.js

@@ -42,7 +42,7 @@ let _spinner;
 *
 * @see https://github.com/sindresorhus/cli-spinners/blob/main/spinners.json
 */
-/* @__NO_SIDE_EFFECTS__ */
+/*@__NO_SIDE_EFFECTS__*/
 function getCliSpinners(styleName) {
 	if (_cliSpinners === void 0)
  /* c8 ignore stop */

package/dist/spinner/spinner.js

@@ -55,7 +55,7 @@ let _defaultSpinner;
 *
 * @returns New spinner instance
 */
-/* @__NO_SIDE_EFFECTS__ */
+/*@__NO_SIDE_EFFECTS__*/
 function Spinner(options) {
 	if (_Spinner === void 0) {
 		const YoctoSpinnerClass = (0, src_external__socketregistry_yocto_spinner.default)({}).constructor;

package/dist/ssri/convert.js

@@ -31,7 +31,7 @@ const require_primordials_error = require('../primordials/error.js');
 *
 * @throws Error if hex format is invalid
 */
-/* @__NO_SIDE_EFFECTS__ */
+/*@__NO_SIDE_EFFECTS__*/
 function hexToSsri(hex, algorithm = "sha256") {
 	if (!/^[a-f0-9]+$/i.test(hex)) throw new require_primordials_error.ErrorCtor(`Invalid hex format: ${hex}`);
 	return `${algorithm}-${require_primordials_buffer.BufferPrototypeToString(require_primordials_buffer.BufferFrom(hex, "hex"), "base64")}`;
@@ -56,7 +56,7 @@ function hexToSsri(hex, algorithm = "sha256") {
 *
 * @throws Error if SSRI format is invalid
 */
-/* @__NO_SIDE_EFFECTS__ */
+/*@__NO_SIDE_EFFECTS__*/
 function ssriToHex(ssri) {
 	const match = /^([a-z0-9]+)-([A-Za-z0-9+/]+=*)$/i.exec(ssri);
 	if (!match || !match[2] || match[2].length < 2) throw new require_primordials_error.ErrorCtor(`Invalid SSRI format: ${ssri}`);

package/dist/ssri/parse.js

@@ -27,7 +27,7 @@ const require_primordials_error = require('../primordials/error.js');
 *
 * @throws Error if SSRI format is invalid
 */
-/* @__NO_SIDE_EFFECTS__ */
+/*@__NO_SIDE_EFFECTS__*/
 function parseSsri(ssri) {
 	const match = /^([a-z0-9]+)-([A-Za-z0-9+/]+=*)$/i.exec(ssri);
 	if (!match || !match[1] || !match[2] || match[2].length < 2) throw new require_primordials_error.ErrorCtor(`Invalid SSRI format: ${ssri}`);

package/dist/ssri/validate.js

@@ -26,7 +26,7 @@ Object.defineProperty(exports, Symbol.toStringTag, { value: 'Module' });
 *
 * @returns True if string is valid hex format
 */
-/* @__NO_SIDE_EFFECTS__ */
+/*@__NO_SIDE_EFFECTS__*/
 function isValidHex(value) {
 	return /^[a-f0-9]+$/i.test(value);
 }
@@ -46,7 +46,7 @@ function isValidHex(value) {
 *
 * @returns True if string matches SSRI format
 */
-/* @__NO_SIDE_EFFECTS__ */
+/*@__NO_SIDE_EFFECTS__*/
 function isValidSsri(value) {
 	return /^[a-z0-9]+-[A-Za-z0-9+/]{2,}=*$/i.test(value);
 }

package/dist/stdio/prompts.js

@@ -152,7 +152,7 @@ function resolveTheme(theme) {
 *
 * @returns Wrapped prompt function with spinner, theme, and signal handling
 */
-/* @__NO_SIDE_EFFECTS__ */
+/*@__NO_SIDE_EFFECTS__*/
 function wrapPrompt(inquirerPrompt) {
 	return async (...args) => {
 		const origContext = args.length > 1 ? args[1] : void 0;

package/dist/streams/parallel.js

@@ -26,7 +26,7 @@ let src_external_streaming_iterables = require("../external/streaming-iterables"
 *   )
 *   ```
 */
-/* @__NO_SIDE_EFFECTS__ */
+/*@__NO_SIDE_EFFECTS__*/
 async function parallelEach(iterable, func, options) {
 	for await (const _ of /* @__PURE__ */ parallelMap(iterable, func, options));
 }
@@ -47,7 +47,7 @@ async function parallelEach(iterable, func, options) {
 *   }
 *   ```
 */
-/* @__NO_SIDE_EFFECTS__ */
+/*@__NO_SIDE_EFFECTS__*/
 function parallelMap(iterable, func, options) {
 	const opts = /* @__PURE__ */ require_promises_options.normalizeIterationOptions(options);
 	return (0, src_external_streaming_iterables.parallelMap)(opts.concurrency, async (item) => {

package/dist/streams/transform.js

@@ -24,7 +24,7 @@ let src_external_streaming_iterables = require("../external/streaming-iterables"
 *   }
 *   ```
 */
-/* @__NO_SIDE_EFFECTS__ */
+/*@__NO_SIDE_EFFECTS__*/
 function transform(iterable, func, options) {
 	const opts = /* @__PURE__ */ require_promises_options.normalizeIterationOptions(options);
 	return (0, src_external_streaming_iterables.transform)(opts.concurrency, async (item) => {

package/dist/strings/format.js

@@ -38,7 +38,7 @@ const fromCharCode = String.fromCharCode;
 *
 * @returns The string with prefix applied to each line
 */
-/* @__NO_SIDE_EFFECTS__ */
+/*@__NO_SIDE_EFFECTS__*/
 function applyLinePrefix(str, options) {
 	const { prefix = "" } = {
 		__proto__: null,
@@ -80,7 +80,7 @@ function applyLinePrefix(str, options) {
 *
 * @returns The centered text with padding
 */
-/* @__NO_SIDE_EFFECTS__ */
+/*@__NO_SIDE_EFFECTS__*/
 function centerText(text, width) {
 	const textLength = (/* @__PURE__ */ require_ansi_strip.stripAnsi(text)).length;
 	if (textLength >= width) return text;
@@ -114,7 +114,7 @@ function centerText(text, width) {
 *
 * @returns The indented string
 */
-/* @__NO_SIDE_EFFECTS__ */
+/*@__NO_SIDE_EFFECTS__*/
 function indentString(str, options) {
 	const { count = 1 } = {
 		__proto__: null,
@@ -141,7 +141,7 @@ function indentString(str, options) {
 *
 * @returns The repeated string, or empty string if count <= 0
 */
-/* @__NO_SIDE_EFFECTS__ */
+/*@__NO_SIDE_EFFECTS__*/
 function repeatString(str, count) {
 	if (count <= 0) return "";
 	return require_primordials_string.StringPrototypeRepeat(str, count);

package/dist/strings/predicates.js

@@ -26,7 +26,7 @@ Object.defineProperty(exports, Symbol.toStringTag, { value: 'Module' });
 *
 * @returns `true` if the value is a blank string, `false` otherwise
 */
-/* @__NO_SIDE_EFFECTS__ */
+/*@__NO_SIDE_EFFECTS__*/
 function isBlankString(value) {
 	return typeof value === "string" && (!value.length || /^\s+$/.test(value));
 }
@@ -51,7 +51,7 @@ function isBlankString(value) {
 *
 * @returns `true` if the value is a non-empty string, `false` otherwise
 */
-/* @__NO_SIDE_EFFECTS__ */
+/*@__NO_SIDE_EFFECTS__*/
 function isNonEmptyString(value) {
 	return typeof value === "string" && value.length > 0;
 }

package/dist/strings/search.js

@@ -37,7 +37,7 @@ const require_primordials_math = require('../primordials/math.js');
 *
 * @returns The index of the first match, or -1 if not found
 */
-/* @__NO_SIDE_EFFECTS__ */
+/*@__NO_SIDE_EFFECTS__*/
 function search(str, regexp, options) {
 	const { fromIndex = 0 } = {
 		__proto__: null,