@vibgrate/cli 1.0.47 → 1.0.48

package/dist/{baseline-K7V6GAP3.js → baseline-37IN66KS.js}

@@ -1,8 +1,8 @@
 import {
   baselineCommand,
   runBaseline
-} from "./chunk-NASGRGXK.js";
-import "./chunk-UVFIFNYG.js";
+} from "./chunk-XPDOGGRY.js";
+import "./chunk-EOULHF5E.js";
 import "./chunk-RNVZIZNL.js";
 export {
   baselineCommand,

package/dist/{chunk-UVFIFNYG.js → chunk-EOULHF5E.js}

@@ -324,8 +324,13 @@ function formatText(artifact) {
     lines.push(chalk.bold.cyan("\u2551      Project Relationship Diagram        \u2551"));
     lines.push(chalk.bold.cyan("\u255A\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u255D"));
     lines.push("");
-    lines.push(chalk.bold("  Mermaid"));
-    lines.push(chalk.dim(artifact.relationshipDiagram.mermaid));
+    lines.push(chalk.bold("  Mermaid") + chalk.dim("  (copy into https://mermaid.live or a ```mermaid code block)"));
+    lines.push("");
+    lines.push(chalk.dim("  ```mermaid"));
+    for (const mLine of artifact.relationshipDiagram.mermaid.split("\n")) {
+      lines.push(chalk.dim(`  ${mLine}`));
+    }
+    lines.push(chalk.dim("  ```"));
     lines.push("");
   }
   if (artifact.solutions && artifact.solutions.length > 0) {
@@ -1100,7 +1105,7 @@ var pushCommand = new Command2("push").description("Push scan results to Vibgrat
 });
 
 // src/commands/scan.ts
-import * as path21 from "path";
+import * as path22 from "path";
 import { Command as Command3 } from "commander";
 import chalk6 from "chalk";
 
@@ -2740,6 +2745,149 @@ async function scanOneJavaProject(dir, manifestFiles, rootDir, mavenCache, cache
   };
 }
 
+// src/scanners/polyglot-scanner.ts
+import * as path8 from "path";
+var MANIFEST_TO_LANGUAGE = [
+  { name: "go.mod", type: "go" },
+  { name: "Cargo.toml", type: "rust" },
+  { name: "composer.json", type: "php" },
+  { name: "Gemfile", type: "ruby" },
+  { name: "Package.swift", type: "swift" },
+  { name: "pubspec.yaml", type: "dart" },
+  { name: "build.gradle.kts", type: "kotlin" },
+  { name: "build.sbt", type: "scala" },
+  { name: "DESCRIPTION", type: "r" },
+  { name: "Podfile", type: "objective-c" },
+  { name: "mix.exs", type: "elixir" },
+  { name: "cpanfile", type: "perl" },
+  { name: "Project.toml", type: "julia" },
+  { name: "deps.edn", type: "clojure" },
+  { name: "build.gradle", type: "groovy" },
+  { name: "tsconfig.json", type: "typescript" },
+  { name: "Makefile", type: "c" },
+  { name: "CMakeLists.txt", type: "cpp" },
+  { name: "*.vbp", type: "visual-basic" }
+];
+var EXTENSION_TO_LANGUAGE = [
+  { extensions: [".m", ".mm"], type: "objective-c" },
+  { extensions: [".c", ".h"], type: "c" },
+  { extensions: [".cpp", ".cc", ".cxx", ".hpp", ".hh", ".hxx"], type: "cpp" },
+  { extensions: [".cob", ".cbl", ".cpy"], type: "cobol" },
+  { extensions: [".f", ".for", ".f90", ".f95", ".f03", ".f08"], type: "fortran" },
+  { extensions: [".pas", ".pp", ".lpr"], type: "pascal" },
+  { extensions: [".adb", ".ads", ".ada"], type: "ada" },
+  { extensions: [".asm", ".s", ".s43", ".s65"], type: "assembly" },
+  { extensions: [".rpg", ".rpgle", ".sqlrpgle"], type: "rpg" }
+];
+function makeDep(pkg2, spec = "unknown") {
+  return {
+    package: pkg2,
+    section: "dependencies",
+    currentSpec: spec,
+    resolvedVersion: null,
+    latestStable: null,
+    majorsBehind: null,
+    drift: "unknown"
+  };
+}
+function parseLineDependencies(content, regex, capture = 1) {
+  const deps = /* @__PURE__ */ new Set();
+  for (const line of content.split(/\r?\n/)) {
+    const match = line.match(regex);
+    if (match?.[capture]) deps.add(match[capture]);
+  }
+  return [...deps];
+}
+function getProjectName(projectPath, rootDir) {
+  return path8.basename(projectPath) || path8.basename(rootDir);
+}
+function addProject(projects, seen, type, projectPath, rootDir, dependencies = []) {
+  const normalizedPath = projectPath || ".";
+  const key = `${type}:${normalizedPath}`;
+  if (seen.has(key)) return;
+  seen.add(key);
+  projects.push({
+    type,
+    path: normalizedPath,
+    name: getProjectName(normalizedPath, rootDir),
+    frameworks: [],
+    dependencies,
+    dependencyAgeBuckets: {
+      current: 0,
+      oneBehind: 0,
+      twoPlusBehind: 0,
+      unknown: dependencies.length
+    }
+  });
+}
+async function parseDepsByManifest(manifestPath, cache) {
+  const filename = path8.basename(manifestPath);
+  const readText = async () => cache ? cache.readTextFile(manifestPath) : readTextFile(manifestPath);
+  if (filename === "composer.json") {
+    const content = cache ? await cache.readJsonFile(manifestPath) : await readJsonFile(manifestPath);
+    if (!content || typeof content !== "object") return [];
+    const deps = /* @__PURE__ */ new Set();
+    for (const key of ["require", "require-dev"]) {
+      const section = content[key];
+      if (section && typeof section === "object") {
+        for (const dep of Object.keys(section)) deps.add(dep);
+      }
+    }
+    return [...deps].map((dep) => makeDep(dep));
+  }
+  const text = await readText();
+  if (!text) return [];
+  if (filename === "go.mod") return parseLineDependencies(text, /^\s*require\s+([^\s]+)\s+(.+)$/).map((dep) => makeDep(dep));
+  if (filename === "Gemfile") return parseLineDependencies(text, /^\s*gem\s+['"]([^'"]+)['"]/).map((dep) => makeDep(dep));
+  if (filename === "Cargo.toml") return parseLineDependencies(text, /^\s*([A-Za-z0-9_\-]+)\s*=\s*['"{]/).map((dep) => makeDep(dep));
+  if (filename === "pubspec.yaml") return parseLineDependencies(text, /^\s{2,}([A-Za-z0-9_\-]+):\s*.+$/).map((dep) => makeDep(dep));
+  if (filename === "mix.exs") return parseLineDependencies(text, /\{\s*:([a-zA-Z0-9_]+),/).map((dep) => makeDep(dep));
+  if (filename === "cpanfile") return parseLineDependencies(text, /^\s*requires\s+['"]([^'"]+)['"]/).map((dep) => makeDep(dep));
+  if (filename === "build.sbt") return parseLineDependencies(text, /"([A-Za-z0-9_.\-]+)"\s*%{1,2}\s*"([A-Za-z0-9_.\-]+)"/, 2).map((dep) => makeDep(dep));
+  return [];
+}
+function detectExtensionBackedProjects(entries) {
+  const byDir = /* @__PURE__ */ new Map();
+  for (const entry of entries) {
+    if (!entry.isFile) continue;
+    const ext = path8.extname(entry.name).toLowerCase();
+    if (!ext) continue;
+    for (const mapping of EXTENSION_TO_LANGUAGE) {
+      if (!mapping.extensions.includes(ext)) continue;
+      const dir = path8.dirname(entry.relPath) || ".";
+      if (!byDir.has(dir)) byDir.set(dir, /* @__PURE__ */ new Set());
+      byDir.get(dir)?.add(mapping.type);
+    }
+  }
+  return byDir;
+}
+async function scanPolyglotProjects(rootDir, cache) {
+  const entries = cache ? await cache.walkDir(rootDir) : [];
+  const candidateFiles = entries.filter((entry) => entry.isFile && MANIFEST_TO_LANGUAGE.some((m) => m.name === entry.name || m.name.startsWith("*.") && entry.name.endsWith(m.name.slice(1))));
+  const shellDirs = new Set(
+    entries.filter((entry) => entry.isFile && entry.name.endsWith(".sh")).map((entry) => path8.dirname(entry.relPath) || ".")
+  );
+  const projects = [];
+  const seen = /* @__PURE__ */ new Set();
+  for (const file of candidateFiles) {
+    const mapping = MANIFEST_TO_LANGUAGE.find((m) => m.name === file.name || m.name.startsWith("*.") && file.name.endsWith(m.name.slice(1)));
+    if (!mapping) continue;
+    const projectPath = path8.dirname(file.relPath) || ".";
+    const dependencies = await parseDepsByManifest(file.absPath, cache);
+    addProject(projects, seen, mapping.type, projectPath, rootDir, dependencies);
+  }
+  for (const dir of shellDirs) {
+    addProject(projects, seen, "shell", dir, rootDir);
+  }
+  const extensionProjects = detectExtensionBackedProjects(entries);
+  for (const [dir, types] of extensionProjects) {
+    for (const type of types) {
+      addProject(projects, seen, type, dir, rootDir);
+    }
+  }
+  return projects;
+}
+
 // src/scanners/nuget-cache.ts
 import * as semver6 from "semver";
 var NuGetCache = class {
@@ -2956,7 +3104,7 @@ var MavenCache = class {
 };
 
 // src/config.ts
-import * as path8 from "path";
+import * as path9 from "path";
 import * as fs from "fs/promises";
 var CONFIG_FILES = [
   "vibgrate.config.ts",
@@ -2982,7 +3130,7 @@ var DEFAULT_CONFIG = {
 async function loadConfig(rootDir) {
   let config = DEFAULT_CONFIG;
   for (const file of CONFIG_FILES) {
-    const configPath = path8.join(rootDir, file);
+    const configPath = path9.join(rootDir, file);
     if (await pathExists(configPath)) {
       if (file.endsWith(".json")) {
         const txt = await readTextFile(configPath);
@@ -2997,7 +3145,7 @@ async function loadConfig(rootDir) {
       }
     }
   }
-  const sidecarPath = path8.join(rootDir, ".vibgrate", "auto-excludes.json");
+  const sidecarPath = path9.join(rootDir, ".vibgrate", "auto-excludes.json");
   if (await pathExists(sidecarPath)) {
     try {
       const txt = await readTextFile(sidecarPath);
@@ -3012,7 +3160,7 @@ async function loadConfig(rootDir) {
   return config;
 }
 async function writeDefaultConfig(rootDir) {
-  const configPath = path8.join(rootDir, "vibgrate.config.ts");
+  const configPath = path9.join(rootDir, "vibgrate.config.ts");
   const content = `import type { VibgrateConfig } from '@vibgrate/cli';
 
 const config: VibgrateConfig = {
@@ -3038,7 +3186,7 @@ export default config;
 }
 async function appendExcludePatterns(rootDir, newPatterns) {
   if (newPatterns.length === 0) return false;
-  const jsonPath = path8.join(rootDir, "vibgrate.config.json");
+  const jsonPath = path9.join(rootDir, "vibgrate.config.json");
   if (await pathExists(jsonPath)) {
     try {
       const txt = await readTextFile(jsonPath);
@@ -3051,8 +3199,8 @@ async function appendExcludePatterns(rootDir, newPatterns) {
     } catch {
     }
   }
-  const vibgrateDir = path8.join(rootDir, ".vibgrate");
-  const sidecarPath = path8.join(vibgrateDir, "auto-excludes.json");
+  const vibgrateDir = path9.join(rootDir, ".vibgrate");
+  const sidecarPath = path9.join(vibgrateDir, "auto-excludes.json");
   let existing = [];
   if (await pathExists(sidecarPath)) {
     try {
@@ -3073,7 +3221,7 @@ async function appendExcludePatterns(rootDir, newPatterns) {
 }
 
 // src/utils/vcs.ts
-import * as path9 from "path";
+import * as path10 from "path";
 import * as fs2 from "fs/promises";
 async function detectVcs(rootDir) {
   try {
@@ -3087,7 +3235,7 @@ async function detectGit(rootDir) {
   if (!gitDir) {
     return { type: "unknown" };
   }
-  const headPath = path9.join(gitDir, "HEAD");
+  const headPath = path10.join(gitDir, "HEAD");
   let headContent;
   try {
     headContent = (await fs2.readFile(headPath, "utf8")).trim();
@@ -3113,10 +3261,10 @@ async function detectGit(rootDir) {
   };
 }
 async function findGitDir(startDir) {
-  let dir = path9.resolve(startDir);
-  const root = path9.parse(dir).root;
+  let dir = path10.resolve(startDir);
+  const root = path10.parse(dir).root;
   while (dir !== root) {
-    const gitPath = path9.join(dir, ".git");
+    const gitPath = path10.join(dir, ".git");
     try {
       const stat3 = await fs2.stat(gitPath);
       if (stat3.isDirectory()) {
@@ -3125,18 +3273,18 @@ async function findGitDir(startDir) {
       if (stat3.isFile()) {
         const content = (await fs2.readFile(gitPath, "utf8")).trim();
         if (content.startsWith("gitdir: ")) {
-          const resolved = path9.resolve(dir, content.slice(8));
+          const resolved = path10.resolve(dir, content.slice(8));
           return resolved;
         }
       }
     } catch {
     }
-    dir = path9.dirname(dir);
+    dir = path10.dirname(dir);
   }
   return null;
 }
 async function resolveRef(gitDir, refPath) {
-  const loosePath = path9.join(gitDir, refPath);
+  const loosePath = path10.join(gitDir, refPath);
   try {
     const sha = (await fs2.readFile(loosePath, "utf8")).trim();
     if (/^[0-9a-f]{40}$/i.test(sha)) {
@@ -3144,7 +3292,7 @@ async function resolveRef(gitDir, refPath) {
     }
   } catch {
   }
-  const packedPath = path9.join(gitDir, "packed-refs");
+  const packedPath = path10.join(gitDir, "packed-refs");
   try {
     const packed = await fs2.readFile(packedPath, "utf8");
     for (const line of packed.split("\n")) {
@@ -3172,18 +3320,18 @@ async function readGitRemoteUrl(gitDir) {
   }
 }
 async function resolveGitConfigPath(gitDir) {
-  const directConfig = path9.join(gitDir, "config");
+  const directConfig = path10.join(gitDir, "config");
   try {
     const stat3 = await fs2.stat(directConfig);
     if (stat3.isFile()) return directConfig;
   } catch {
   }
-  const commonDirFile = path9.join(gitDir, "commondir");
+  const commonDirFile = path10.join(gitDir, "commondir");
   try {
     const commonDir = (await fs2.readFile(commonDirFile, "utf8")).trim();
     if (!commonDir) return void 0;
-    const resolvedCommonDir = path9.resolve(gitDir, commonDir);
-    const commonConfig = path9.join(resolvedCommonDir, "config");
+    const resolvedCommonDir = path10.resolve(gitDir, commonDir);
+    const commonConfig = path10.join(resolvedCommonDir, "config");
     const stat3 = await fs2.stat(commonConfig);
     if (stat3.isFile()) return commonConfig;
   } catch {
@@ -3574,11 +3722,11 @@ var ScanProgress = class {
 
 // src/ui/scan-history.ts
 import * as fs3 from "fs/promises";
-import * as path10 from "path";
+import * as path11 from "path";
 var HISTORY_FILENAME = "scan_history.json";
 var MAX_RECORDS = 10;
 async function loadScanHistory(rootDir) {
-  const filePath = path10.join(rootDir, ".vibgrate", HISTORY_FILENAME);
+  const filePath = path11.join(rootDir, ".vibgrate", HISTORY_FILENAME);
   try {
     const txt = await fs3.readFile(filePath, "utf8");
     const data = JSON.parse(txt);
@@ -3591,8 +3739,8 @@ async function loadScanHistory(rootDir) {
   }
 }
 async function saveScanHistory(rootDir, record) {
-  const dir = path10.join(rootDir, ".vibgrate");
-  const filePath = path10.join(dir, HISTORY_FILENAME);
+  const dir = path11.join(rootDir, ".vibgrate");
+  const filePath = path11.join(dir, HISTORY_FILENAME);
   let history;
   const existing = await loadScanHistory(rootDir);
   if (existing) {
@@ -3656,7 +3804,7 @@ function estimateStepDurations(history, currentFileCount) {
 }
 
 // src/scanners/platform-matrix.ts
-import * as path11 from "path";
+import * as path12 from "path";
 var NATIVE_MODULE_PACKAGES = /* @__PURE__ */ new Set([
   // Image / media processing
   "sharp",
@@ -3936,7 +4084,7 @@ async function scanPlatformMatrix(rootDir, cache) {
   }
   result.dockerBaseImages = [...baseImages].sort();
   for (const file of [".nvmrc", ".node-version", ".tool-versions"]) {
-    const exists = cache ? await cache.pathExists(path11.join(rootDir, file)) : await pathExists(path11.join(rootDir, file));
+    const exists = cache ? await cache.pathExists(path12.join(rootDir, file)) : await pathExists(path12.join(rootDir, file));
     if (exists) {
       result.nodeVersionFiles.push(file);
     }
@@ -4013,7 +4161,7 @@ function scanDependencyRisk(projects) {
 }
 
 // src/scanners/dependency-graph.ts
-import * as path12 from "path";
+import * as path13 from "path";
 function parsePnpmLock(content) {
   const entries = [];
   const regex = /^\s+\/?(@?[^@\s][^@\s]*?)@(\d+\.\d+\.\d+[^:\s]*)\s*:/gm;
@@ -4072,9 +4220,9 @@ async function scanDependencyGraph(rootDir, cache) {
     phantomDependencies: []
   };
   let entries = [];
-  const pnpmLock = path12.join(rootDir, "pnpm-lock.yaml");
-  const npmLock = path12.join(rootDir, "package-lock.json");
-  const yarnLock = path12.join(rootDir, "yarn.lock");
+  const pnpmLock = path13.join(rootDir, "pnpm-lock.yaml");
+  const npmLock = path13.join(rootDir, "package-lock.json");
+  const yarnLock = path13.join(rootDir, "yarn.lock");
   const _pathExists = cache ? (p) => cache.pathExists(p) : pathExists;
   const _readTextFile = cache ? (p) => cache.readTextFile(p) : readTextFile;
   if (await _pathExists(pnpmLock)) {
@@ -4121,7 +4269,7 @@ async function scanDependencyGraph(rootDir, cache) {
   for (const pjPath of pkgFiles) {
     try {
       const pj = cache ? await cache.readJsonFile(pjPath) : await readJsonFile(pjPath);
-      const relPath = path12.relative(rootDir, pjPath);
+      const relPath = path13.relative(rootDir, pjPath);
       for (const section of ["dependencies", "devDependencies"]) {
         const deps = pj[section];
         if (!deps) continue;
@@ -4467,7 +4615,7 @@ function scanToolingInventory(projects) {
 }
 
 // src/scanners/build-deploy.ts
-import * as path13 from "path";
+import * as path14 from "path";
 var CI_FILES = {
   ".github/workflows": "github-actions",
   ".gitlab-ci.yml": "gitlab-ci",
@@ -4520,17 +4668,17 @@ async function scanBuildDeploy(rootDir, cache) {
   const _readTextFile = cache ? (p) => cache.readTextFile(p) : readTextFile;
   const ciSystems = /* @__PURE__ */ new Set();
   for (const [file, system] of Object.entries(CI_FILES)) {
-    const fullPath = path13.join(rootDir, file);
+    const fullPath = path14.join(rootDir, file);
     if (await _pathExists(fullPath)) {
       ciSystems.add(system);
     }
   }
-  const ghWorkflowDir = path13.join(rootDir, ".github", "workflows");
+  const ghWorkflowDir = path14.join(rootDir, ".github", "workflows");
   if (await _pathExists(ghWorkflowDir)) {
     try {
       if (cache) {
         const entries = await cache.walkDir(rootDir);
-        const ghPrefix = path13.relative(rootDir, ghWorkflowDir) + path13.sep;
+        const ghPrefix = path14.relative(rootDir, ghWorkflowDir) + path14.sep;
         result.ciWorkflowCount = entries.filter(
           (e) => e.isFile && e.relPath.startsWith(ghPrefix) && (e.name.endsWith(".yml") || e.name.endsWith(".yaml"))
         ).length;
@@ -4581,11 +4729,11 @@ async function scanBuildDeploy(rootDir, cache) {
     (name) => name.endsWith(".cfn.json") || name.endsWith(".cfn.yaml")
   );
   if (cfnFiles.length > 0) iacSystems.add("cloudformation");
-  if (await _pathExists(path13.join(rootDir, "Pulumi.yaml"))) iacSystems.add("pulumi");
+  if (await _pathExists(path14.join(rootDir, "Pulumi.yaml"))) iacSystems.add("pulumi");
   result.iac = [...iacSystems].sort();
   const releaseTools = /* @__PURE__ */ new Set();
   for (const [file, tool] of Object.entries(RELEASE_FILES)) {
-    if (await _pathExists(path13.join(rootDir, file))) releaseTools.add(tool);
+    if (await _pathExists(path14.join(rootDir, file))) releaseTools.add(tool);
   }
   const pkgFiles = cache ? await cache.findPackageJsonFiles(rootDir) : await findPackageJsonFiles(rootDir);
   for (const pjPath of pkgFiles) {
@@ -4610,19 +4758,19 @@ async function scanBuildDeploy(rootDir, cache) {
   };
   const managers = /* @__PURE__ */ new Set();
   for (const [file, manager] of Object.entries(lockfileMap)) {
-    if (await _pathExists(path13.join(rootDir, file))) managers.add(manager);
+    if (await _pathExists(path14.join(rootDir, file))) managers.add(manager);
   }
   result.packageManagers = [...managers].sort();
   const monoTools = /* @__PURE__ */ new Set();
   for (const [file, tool] of Object.entries(MONOREPO_FILES)) {
-    if (await _pathExists(path13.join(rootDir, file))) monoTools.add(tool);
+    if (await _pathExists(path14.join(rootDir, file))) monoTools.add(tool);
   }
   result.monorepoTools = [...monoTools].sort();
   return result;
 }
 
 // src/scanners/ts-modernity.ts
-import * as path14 from "path";
+import * as path15 from "path";
 async function scanTsModernity(rootDir, cache) {
   const result = {
     typescriptVersion: null,
@@ -4660,7 +4808,7 @@ async function scanTsModernity(rootDir, cache) {
   if (hasEsm && hasCjs) result.moduleType = "mixed";
   else if (hasEsm) result.moduleType = "esm";
   else if (hasCjs) result.moduleType = "cjs";
-  let tsConfigPath = path14.join(rootDir, "tsconfig.json");
+  let tsConfigPath = path15.join(rootDir, "tsconfig.json");
   const tsConfigExists = cache ? await cache.pathExists(tsConfigPath) : await pathExists(tsConfigPath);
   if (!tsConfigExists) {
     const tsConfigs = cache ? await cache.findFiles(rootDir, (name) => name === "tsconfig.json") : await findFiles(rootDir, (name) => name === "tsconfig.json");
@@ -5007,7 +5155,7 @@ function scanBreakingChangeExposure(projects) {
 
 // src/scanners/file-hotspots.ts
 import * as fs4 from "fs/promises";
-import * as path15 from "path";
+import * as path16 from "path";
 var SKIP_DIRS = /* @__PURE__ */ new Set([
   "node_modules",
   ".git",
@@ -5052,9 +5200,9 @@ async function scanFileHotspots(rootDir, cache) {
     const entries = await cache.walkDir(rootDir);
     for (const entry of entries) {
       if (!entry.isFile) continue;
-      const ext = path15.extname(entry.name).toLowerCase();
+      const ext = path16.extname(entry.name).toLowerCase();
       if (SKIP_EXTENSIONS.has(ext)) continue;
-      const depth = entry.relPath.split(path15.sep).length - 1;
+      const depth = entry.relPath.split(path16.sep).length - 1;
       if (depth > maxDepth) maxDepth = depth;
       extensionCounts[ext] = (extensionCounts[ext] ?? 0) + 1;
       try {
@@ -5083,15 +5231,15 @@ async function scanFileHotspots(rootDir, cache) {
       for (const e of entries) {
         if (e.isDirectory) {
           if (SKIP_DIRS.has(e.name)) continue;
-          await walk(path15.join(dir, e.name), depth + 1);
+          await walk(path16.join(dir, e.name), depth + 1);
         } else if (e.isFile) {
-          const ext = path15.extname(e.name).toLowerCase();
+          const ext = path16.extname(e.name).toLowerCase();
           if (SKIP_EXTENSIONS.has(ext)) continue;
           extensionCounts[ext] = (extensionCounts[ext] ?? 0) + 1;
           try {
-            const stat3 = await fs4.stat(path15.join(dir, e.name));
+            const stat3 = await fs4.stat(path16.join(dir, e.name));
             allFiles.push({
-              path: path15.relative(rootDir, path15.join(dir, e.name)),
+              path: path16.relative(rootDir, path16.join(dir, e.name)),
               bytes: stat3.size
             });
           } catch {
@@ -5114,7 +5262,7 @@ async function scanFileHotspots(rootDir, cache) {
 }
 
 // src/scanners/security-posture.ts
-import * as path16 from "path";
+import * as path17 from "path";
 var LOCKFILES = {
   "pnpm-lock.yaml": "pnpm",
   "package-lock.json": "npm",
@@ -5135,14 +5283,14 @@ async function scanSecurityPosture(rootDir, cache) {
   const _readTextFile = cache ? (p) => cache.readTextFile(p) : readTextFile;
   const foundLockfiles = [];
   for (const [file, type] of Object.entries(LOCKFILES)) {
-    if (await _pathExists(path16.join(rootDir, file))) {
+    if (await _pathExists(path17.join(rootDir, file))) {
       foundLockfiles.push(type);
     }
   }
   result.lockfilePresent = foundLockfiles.length > 0;
   result.multipleLockfileTypes = foundLockfiles.length > 1;
   result.lockfileTypes = foundLockfiles.sort();
-  const gitignorePath = path16.join(rootDir, ".gitignore");
+  const gitignorePath = path17.join(rootDir, ".gitignore");
   if (await _pathExists(gitignorePath)) {
     try {
       const content = await _readTextFile(gitignorePath);
@@ -5157,7 +5305,7 @@ async function scanSecurityPosture(rootDir, cache) {
     }
   }
   for (const envFile of [".env", ".env.local", ".env.development", ".env.production"]) {
-    if (await _pathExists(path16.join(rootDir, envFile))) {
+    if (await _pathExists(path17.join(rootDir, envFile))) {
       if (!result.gitignoreCoversEnv) {
         result.envFilesTracked = true;
         break;
@@ -5169,7 +5317,7 @@ async function scanSecurityPosture(rootDir, cache) {
 
 // src/scanners/security-scanners.ts
 import { spawn as spawn3 } from "child_process";
-import * as path17 from "path";
+import * as path18 from "path";
 var TOOL_MATRIX = [
   { key: "semgrep", category: "sast", command: "semgrep", versionArgs: ["--version"], minRecommendedVersion: "1.75.0" },
   { key: "gitleaks", category: "secrets", command: "gitleaks", versionArgs: ["version"], minRecommendedVersion: "8.20.0" },
@@ -5264,7 +5412,7 @@ async function detectSecretHeuristics(rootDir, cache) {
   const findings = [];
   for (const entry of entries) {
     if (!entry.isFile) continue;
-    const ext = path17.extname(entry.name).toLowerCase();
+    const ext = path18.extname(entry.name).toLowerCase();
     if (ext && [".png", ".jpg", ".jpeg", ".gif", ".zip", ".pdf"].includes(ext)) continue;
     const content = await cache.readTextFile(entry.absPath);
     if (!content || content.length > 3e5) continue;
@@ -5287,9 +5435,9 @@ async function scanSecurityScanners(rootDir, cache, runner = defaultRunner) {
   const [semgrep, gitleaks, trufflehog] = await Promise.all(TOOL_MATRIX.map((tool) => assessTool(tool, runner)));
   const heuristicFindings = await detectSecretHeuristics(rootDir, cache);
   const configFiles = {
-    semgrep: await cache.pathExists(path17.join(rootDir, ".semgrep.yml")) || await cache.pathExists(path17.join(rootDir, ".semgrep.yaml")),
-    gitleaks: await cache.pathExists(path17.join(rootDir, ".gitleaks.toml")),
-    trufflehog: await cache.pathExists(path17.join(rootDir, ".trufflehog.yml")) || await cache.pathExists(path17.join(rootDir, ".trufflehog.yaml"))
+    semgrep: await cache.pathExists(path18.join(rootDir, ".semgrep.yml")) || await cache.pathExists(path18.join(rootDir, ".semgrep.yaml")),
+    gitleaks: await cache.pathExists(path18.join(rootDir, ".gitleaks.toml")),
+    trufflehog: await cache.pathExists(path18.join(rootDir, ".trufflehog.yml")) || await cache.pathExists(path18.join(rootDir, ".trufflehog.yaml"))
   };
   return {
     semgrep,
@@ -5714,7 +5862,7 @@ function scanServiceDependencies(projects) {
 }
 
 // src/scanners/architecture.ts
-import * as path18 from "path";
+import * as path19 from "path";
 import * as fs5 from "fs/promises";
 var ARCHETYPE_SIGNALS = [
   // Meta-frameworks (highest priority — they imply routing patterns)
@@ -6013,9 +6161,9 @@ async function walkSourceFiles(rootDir, cache) {
     const entries = await cache.walkDir(rootDir);
     return entries.filter((e) => {
       if (!e.isFile) return false;
-      const name = path18.basename(e.absPath);
+      const name = path19.basename(e.absPath);
       if (name.startsWith(".") && name !== ".") return false;
-      const ext = path18.extname(name);
+      const ext = path19.extname(name);
       return SOURCE_EXTENSIONS.has(ext);
     }).map((e) => e.relPath);
   }
@@ -6029,15 +6177,15 @@ async function walkSourceFiles(rootDir, cache) {
     }
     for (const entry of entries) {
       if (entry.name.startsWith(".") && entry.name !== ".") continue;
-      const fullPath = path18.join(dir, entry.name);
+      const fullPath = path19.join(dir, entry.name);
       if (entry.isDirectory()) {
         if (!IGNORE_DIRS.has(entry.name)) {
           await walk(fullPath);
         }
       } else if (entry.isFile()) {
-        const ext = path18.extname(entry.name);
+        const ext = path19.extname(entry.name);
         if (SOURCE_EXTENSIONS.has(ext)) {
-          files.push(path18.relative(rootDir, fullPath));
+          files.push(path19.relative(rootDir, fullPath));
         }
       }
     }
@@ -6061,7 +6209,7 @@ function classifyFile(filePath, archetype) {
     }
   }
   if (!bestMatch || bestMatch.confidence < 0.7) {
-    const baseName = path18.basename(filePath, path18.extname(filePath));
+    const baseName = path19.basename(filePath, path19.extname(filePath));
     const cleanBase = baseName.replace(/\.(test|spec)$/, "");
     for (const rule of SUFFIX_RULES) {
       if (cleanBase.endsWith(rule.suffix)) {
@@ -6170,7 +6318,7 @@ function generateLayerFlowMermaid(layers) {
   return lines.join("\n");
 }
 async function buildProjectArchitectureMermaid(rootDir, project, archetype, cache) {
-  const projectRoot = path18.resolve(rootDir, project.path || ".");
+  const projectRoot = path19.resolve(rootDir, project.path || ".");
   const allFiles = await walkSourceFiles(projectRoot, cache);
   const layerSet = /* @__PURE__ */ new Set();
   for (const rel of allFiles) {
@@ -6296,7 +6444,7 @@ async function scanArchitecture(rootDir, projects, tooling, services, cache) {
 }
 
 // src/scanners/code-quality.ts
-import * as path19 from "path";
+import * as path20 from "path";
 import * as ts from "typescript";
 var SOURCE_EXTENSIONS2 = /* @__PURE__ */ new Set([".ts", ".tsx", ".js", ".jsx", ".mjs", ".cjs"]);
 var DEFAULT_RESULT = {
@@ -6327,9 +6475,9 @@ async function scanCodeQuality(rootDir, cache) {
       continue;
     }
     if (!raw.trim()) continue;
-    const rel = normalizeModuleId(path19.relative(rootDir, filePath));
+    const rel = normalizeModuleId(path20.relative(rootDir, filePath));
     const source = ts.createSourceFile(filePath, raw, ts.ScriptTarget.Latest, true);
-    const imports = collectLocalImports(source, path19.dirname(filePath), rootDir);
+    const imports = collectLocalImports(source, path20.dirname(filePath), rootDir);
     depGraph.set(rel, imports);
     const fileMetrics = computeFileMetrics(source, raw);
     totalFunctions += fileMetrics.functionsAnalyzed;
@@ -6363,9 +6511,9 @@ async function scanCodeQuality(rootDir, cache) {
 async function findSourceFiles(rootDir, cache) {
   if (cache) {
     const entries = await cache.walkDir(rootDir);
-    return entries.filter((entry) => entry.isFile && SOURCE_EXTENSIONS2.has(path19.extname(entry.name).toLowerCase())).map((entry) => entry.absPath);
+    return entries.filter((entry) => entry.isFile && SOURCE_EXTENSIONS2.has(path20.extname(entry.name).toLowerCase())).map((entry) => entry.absPath);
   }
-  const files = await findFiles(rootDir, (name) => SOURCE_EXTENSIONS2.has(path19.extname(name).toLowerCase()));
+  const files = await findFiles(rootDir, (name) => SOURCE_EXTENSIONS2.has(path20.extname(name).toLowerCase()));
   return files;
 }
 function collectLocalImports(source, fileDir, rootDir) {
@@ -6386,8 +6534,8 @@ function collectLocalImports(source, fileDir, rootDir) {
 }
 function resolveLocalImport(specifier, fileDir, rootDir) {
   if (!specifier.startsWith(".")) return null;
-  const rawTarget = path19.resolve(fileDir, specifier);
-  const normalized = path19.relative(rootDir, rawTarget).replace(/\\/g, "/");
+  const rawTarget = path20.resolve(fileDir, specifier);
+  const normalized = path20.relative(rootDir, rawTarget).replace(/\\/g, "/");
   if (!normalized || normalized.startsWith("..")) return null;
   return normalizeModuleId(normalized);
 }
@@ -6529,7 +6677,7 @@ function visitEach(node, cb) {
 
 // src/scanners/owasp-category-mapping.ts
 import { spawn as spawn4 } from "child_process";
-import * as path20 from "path";
+import * as path21 from "path";
 var OWASP_CONFIG = "p/owasp-top-ten";
 var DEFAULT_EXTENSIONS = /* @__PURE__ */ new Set([
   ".js",
@@ -6608,7 +6756,7 @@ function parseFindings(results, rootDir) {
     const metadata = r.extra?.metadata;
     return {
       ruleId: r.check_id ?? "unknown",
-      path: r.path ? path20.relative(rootDir, path20.resolve(rootDir, r.path)) : "",
+      path: r.path ? path21.relative(rootDir, path21.resolve(rootDir, r.path)) : "",
       line: r.start?.line ?? 1,
       endLine: r.end?.line,
       message: r.extra?.message ?? "Potential security issue",
@@ -6668,7 +6816,7 @@ async function scanOwaspCategoryMapping(rootDir, cache, options = {}, runner = r
     }
   }
   const entries = cache ? await cache.walkDir(rootDir) : [];
-  const files = entries.filter((e) => e.isFile && DEFAULT_EXTENSIONS.has(path20.extname(e.name).toLowerCase()));
+  const files = entries.filter((e) => e.isFile && DEFAULT_EXTENSIONS.has(path21.extname(e.name).toLowerCase()));
   const findings = [];
   const errors = [];
   let scannedFiles = 0;
@@ -7036,20 +7184,26 @@ function buildDefs() {
 function generateWorkspaceRelationshipMermaid(projects) {
   const lines = ["flowchart LR"];
   const byPath = new Map(projects.map((p) => [p.path, p]));
-  for (const project of projects) {
-    const id = sanitizeId(project.projectId || project.path || project.name);
-    lines.push(`${id}["${escapeLabel(nodeLabel(project))}"]`);
-    lines.push(`class ${id} ${scoreClass(project.drift?.score)}`);
-  }
+  const edges = [];
+  const connectedIds = /* @__PURE__ */ new Set();
   for (const project of projects) {
     const fromId = sanitizeId(project.projectId || project.path || project.name);
     for (const ref of project.projectReferences ?? []) {
       const target = byPath.get(ref.path);
       if (!target) continue;
       const toId = sanitizeId(target.projectId || target.path || target.name);
-      lines.push(`${fromId} --> ${toId}`);
+      edges.push(`${fromId} --> ${toId}`);
+      connectedIds.add(fromId);
+      connectedIds.add(toId);
     }
   }
+  for (const project of projects) {
+    const id = sanitizeId(project.projectId || project.path || project.name);
+    if (!connectedIds.has(id)) continue;
+    lines.push(`${id}["${escapeLabel(nodeLabel(project))}"]`);
+    lines.push(`class ${id} ${scoreClass(project.drift?.score)}`);
+  }
+  lines.push(...edges);
   lines.push(...buildDefs());
   return { mermaid: lines.join("\n") };
 }
@@ -7109,17 +7263,17 @@ async function discoverSolutions(rootDir, fileCache) {
   for (const solutionFile of solutionFiles) {
     try {
       const content = await fileCache.readTextFile(solutionFile);
-      const dir = path21.dirname(solutionFile);
-      const relSolutionPath = path21.relative(rootDir, solutionFile).replace(/\\/g, "/");
+      const dir = path22.dirname(solutionFile);
+      const relSolutionPath = path22.relative(rootDir, solutionFile).replace(/\\/g, "/");
       const projectPaths = /* @__PURE__ */ new Set();
       const projectRegex = /Project\("[^"]*"\)\s*=\s*"([^"]*)",\s*"([^"]+\.csproj)"/g;
       let match;
       while ((match = projectRegex.exec(content)) !== null) {
         const projectRelative = match[2];
-        const absProjectPath = path21.resolve(dir, projectRelative.replace(/\\/g, "/"));
-        projectPaths.add(path21.relative(rootDir, absProjectPath).replace(/\\/g, "/"));
+        const absProjectPath = path22.resolve(dir, projectRelative.replace(/\\/g, "/"));
+        projectPaths.add(path22.relative(rootDir, absProjectPath).replace(/\\/g, "/"));
       }
-      const solutionName = path21.basename(solutionFile, path21.extname(solutionFile));
+      const solutionName = path22.basename(solutionFile, path22.extname(solutionFile));
       parsed.push({
         path: relSolutionPath,
         name: solutionName,
@@ -7175,6 +7329,7 @@ async function runScan(rootDir, opts) {
     { id: "dotnet", label: "Scanning .NET projects", weight: 2 },
     { id: "python", label: "Scanning Python projects", weight: 3 },
     { id: "java", label: "Scanning Java projects", weight: 3 },
+    { id: "polyglot", label: "Scanning additional language projects", weight: 2 },
     ...scanners !== false ? [
       ...scannerPolicy.platformMatrix && scanners?.platformMatrix?.enabled !== false ? [{ id: "platform", label: "Platform matrix" }] : [],
       ...scannerPolicy.toolingInventory && scanners?.toolingInventory?.enabled !== false ? [{ id: "tooling", label: "Tooling inventory" }] : [],
@@ -7271,7 +7426,16 @@ async function runScan(rootDir, opts) {
   filesScanned += javaProjects.length;
   progress.addProjects(javaProjects.length);
   progress.completeStep("java", `${javaProjects.length} project${javaProjects.length !== 1 ? "s" : ""}`, javaProjects.length);
-  const allProjects = [...nodeProjects, ...dotnetProjects, ...pythonProjects, ...javaProjects];
+  progress.startStep("polyglot");
+  const polyglotProjects = await scanPolyglotProjects(rootDir, fileCache);
+  for (const p of polyglotProjects) {
+    progress.addDependencies(p.dependencies.length);
+    progress.addFrameworks(p.frameworks.length);
+  }
+  filesScanned += polyglotProjects.length;
+  progress.addProjects(polyglotProjects.length);
+  progress.completeStep("polyglot", `${polyglotProjects.length} project${polyglotProjects.length !== 1 ? "s" : ""}`, polyglotProjects.length);
+  const allProjects = [...nodeProjects, ...dotnetProjects, ...pythonProjects, ...javaProjects, ...polyglotProjects];
   const dsn = opts.dsn || process.env.VIBGRATE_DSN;
   const parsedDsn = dsn ? parseDsn(dsn) : null;
   const workspaceId = parsedDsn?.workspaceId;
@@ -7279,7 +7443,7 @@ async function runScan(rootDir, opts) {
     project.drift = computeDriftScore([project]);
     project.projectId = computeProjectId(project.path, project.name, workspaceId);
   }
-  const solutionsManifestPath = path21.join(rootDir, ".vibgrate", "solutions.json");
+  const solutionsManifestPath = path22.join(rootDir, ".vibgrate", "solutions.json");
   const persistedSolutionIds = /* @__PURE__ */ new Map();
   if (await pathExists(solutionsManifestPath)) {
     try {
@@ -7589,7 +7753,7 @@ async function runScan(rootDir, opts) {
     schemaVersion: "1.0",
     timestamp: (/* @__PURE__ */ new Date()).toISOString(),
     vibgrateVersion: VERSION,
-    rootPath: path21.basename(rootDir),
+    rootPath: path22.basename(rootDir),
     ...vcs.type !== "unknown" ? { vcs } : {},
     repository,
     projects: allProjects,
@@ -7603,7 +7767,7 @@ async function runScan(rootDir, opts) {
     relationshipDiagram
   };
   if (opts.baseline) {
-    const baselinePath = path21.resolve(opts.baseline);
+    const baselinePath = path22.resolve(opts.baseline);
     if (await pathExists(baselinePath)) {
       try {
         const baseline = await readJsonFile(baselinePath);
@@ -7615,10 +7779,10 @@ async function runScan(rootDir, opts) {
     }
   }
   if (!opts.noLocalArtifacts && !maxPrivacyMode) {
-    const vibgrateDir = path21.join(rootDir, ".vibgrate");
+    const vibgrateDir = path22.join(rootDir, ".vibgrate");
     await ensureDir(vibgrateDir);
-    await writeJsonFile(path21.join(vibgrateDir, "scan_result.json"), artifact);
-    await writeJsonFile(path21.join(vibgrateDir, "solutions.json"), {
+    await writeJsonFile(path22.join(vibgrateDir, "scan_result.json"), artifact);
+    await writeJsonFile(path22.join(vibgrateDir, "solutions.json"), {
       scannedAt: artifact.timestamp,
       solutions: solutions.map((solution) => ({
         solutionId: solution.solutionId,
@@ -7639,10 +7803,10 @@ async function runScan(rootDir, opts) {
   if (!opts.noLocalArtifacts && !maxPrivacyMode) {
     for (const project of allProjects) {
       if (project.drift && project.path) {
-        const projectDir = path21.resolve(rootDir, project.path);
-        const projectVibgrateDir = path21.join(projectDir, ".vibgrate");
+        const projectDir = path22.resolve(rootDir, project.path);
+        const projectVibgrateDir = path22.join(projectDir, ".vibgrate");
         await ensureDir(projectVibgrateDir);
-        await writeJsonFile(path21.join(projectVibgrateDir, "project_score.json"), {
+        await writeJsonFile(path22.join(projectVibgrateDir, "project_score.json"), {
           projectId: project.projectId,
           name: project.name,
           type: project.type,
@@ -7662,7 +7826,7 @@ async function runScan(rootDir, opts) {
   if (opts.format === "json") {
     const jsonStr = JSON.stringify(artifact, null, 2);
     if (opts.out) {
-      await writeTextFile(path21.resolve(opts.out), jsonStr);
+      await writeTextFile(path22.resolve(opts.out), jsonStr);
       console.log(chalk6.green("\u2714") + ` JSON written to ${opts.out}`);
     } else {
       console.log(jsonStr);
@@ -7671,7 +7835,7 @@ async function runScan(rootDir, opts) {
     const sarif = formatSarif(artifact);
     const sarifStr = JSON.stringify(sarif, null, 2);
     if (opts.out) {
-      await writeTextFile(path21.resolve(opts.out), sarifStr);
+      await writeTextFile(path22.resolve(opts.out), sarifStr);
       console.log(chalk6.green("\u2714") + ` SARIF written to ${opts.out}`);
     } else {
       console.log(sarifStr);
@@ -7680,14 +7844,14 @@ async function runScan(rootDir, opts) {
     const text = formatText(artifact);
     console.log(text);
     if (opts.out) {
-      await writeTextFile(path21.resolve(opts.out), text);
+      await writeTextFile(path22.resolve(opts.out), text);
     }
   }
   return artifact;
 }
 async function buildRepositoryInfo(rootDir, remoteUrl, ciSystems) {
-  const packageJsonPath = path21.join(rootDir, "package.json");
-  let name = path21.basename(rootDir);
+  const packageJsonPath = path22.join(rootDir, "package.json");
+  let name = path22.basename(rootDir);
   let version;
   if (await pathExists(packageJsonPath)) {
     try {
@@ -7779,7 +7943,7 @@ function parseNonNegativeNumber(value, label) {
   return parsed;
 }
 var scanCommand = new Command3("scan").description("Scan a project for upgrade drift").argument("[path]", "Path to scan", ".").option("--out <file>", "Output file path").option("--format <format>", "Output format (text|json|sarif)", "text").option("--fail-on <level>", "Fail on warn or error").option("--baseline <file>", "Compare against baseline").option("--changed-only", "Only scan changed files").option("--concurrency <n>", "Max concurrent npm calls", "8").option("--push", "Auto-push results to Vibgrate API after scan").option("--dsn <dsn>", "DSN token for push (or use VIBGRATE_DSN env)").option("--region <region>", "Override data residency region for push (us, eu)").option("--strict", "Fail on push errors").option("--install-tools", "Auto-install missing security scanners via Homebrew").option("--ui-purpose", "Enable optional UI purpose evidence extraction (slower)").option("--no-local-artifacts", "Do not write .vibgrate JSON artifacts to disk").option("--max-privacy", "Enable strongest privacy mode (minimal scanners, no local artifacts)").option("--offline", "Run without network calls; do not upload results").option("--package-manifest <file>", "Use local package-version manifest JSON/ZIP (for offline mode)").option("--drift-budget <score>", "Fail if drift score is above budget (0-100)").option("--drift-worsening <percent>", "Fail if drift worsens by more than % since baseline").action(async (targetPath, opts) => {
-  const rootDir = path21.resolve(targetPath);
+  const rootDir = path22.resolve(targetPath);
   if (!await pathExists(rootDir)) {
     console.error(chalk6.red(`Path does not exist: ${rootDir}`));
     process.exit(1);

package/dist/{chunk-NASGRGXK.js → chunk-XPDOGGRY.js}

@@ -1,6 +1,6 @@
 import {
   runScan
-} from "./chunk-UVFIFNYG.js";
+} from "./chunk-EOULHF5E.js";
 import {
   writeJsonFile
 } from "./chunk-RNVZIZNL.js";

package/dist/cli.js

@@ -4,7 +4,7 @@ import {
 } from "./chunk-PTMLMDZU.js";
 import {
   baselineCommand
-} from "./chunk-NASGRGXK.js";
+} from "./chunk-XPDOGGRY.js";
 import {
   VERSION,
   dsnCommand,
@@ -12,7 +12,7 @@ import {
   pushCommand,
   scanCommand,
   writeDefaultConfig
-} from "./chunk-UVFIFNYG.js";
+} from "./chunk-EOULHF5E.js";
 import {
   ensureDir,
   pathExists,
@@ -41,7 +41,7 @@ var initCommand = new Command("init").description("Initialize vibgrate in a proj
     console.log(chalk.green("\u2714") + ` Created ${chalk.bold("vibgrate.config.ts")}`);
   }
   if (opts.baseline) {
-    const { runBaseline } = await import("./baseline-K7V6GAP3.js");
+    const { runBaseline } = await import("./baseline-37IN66KS.js");
     await runBaseline(rootDir);
   }
   console.log("");

package/dist/index.d.ts

@@ -1,6 +1,6 @@
 type DepSection = 'dependencies' | 'devDependencies' | 'peerDependencies' | 'optionalDependencies';
 type RiskLevel = 'low' | 'moderate' | 'high';
-type ProjectType = 'node' | 'dotnet' | 'python' | 'java';
+type ProjectType = 'node' | 'dotnet' | 'python' | 'java' | 'go' | 'rust' | 'php' | 'typescript' | 'ruby' | 'swift' | 'kotlin' | 'dart' | 'scala' | 'r' | 'objective-c' | 'elixir' | 'haskell' | 'lua' | 'perl' | 'julia' | 'shell' | 'clojure' | 'groovy' | 'c' | 'cpp' | 'cobol' | 'fortran' | 'visual-basic' | 'pascal' | 'ada' | 'assembly' | 'rpg';
 type OutputFormat = 'text' | 'json' | 'sarif';
 interface DependencyRow {
     package: string;

package/dist/index.js

@@ -7,7 +7,7 @@ import {
   formatText,
   generateFindings,
   runScan
-} from "./chunk-UVFIFNYG.js";
+} from "./chunk-EOULHF5E.js";
 import "./chunk-RNVZIZNL.js";
 export {
   computeDriftScore,

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@vibgrate/cli",
-  "version": "1.0.47",
+  "version": "1.0.48",
   "description": "CLI for measuring upgrade drift across Node, .NET, Python & Java projects",
   "type": "module",
   "bin": {