npm - @visulima/vis - Versions diffs - 1.0.0-alpha.10 → 1.0.0-alpha.11 - Mend

@visulima/vis 1.0.0-alpha.10 → 1.0.0-alpha.11

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (120) hide show

package/CHANGELOG.md +95 -42
package/LICENSE.md +213 -0
package/README.md +8 -4
package/dist/bin.js +9 -1
package/dist/config/index.d.ts +1818 -0
package/dist/config/index.js +2 -0
package/dist/generate/index.d.ts +1 -1
package/dist/generate/index.js +3 -1
package/dist/packem_chunks/applyDefaults.js +336 -0
package/dist/packem_chunks/bin.js +9554 -64
package/dist/packem_chunks/doctor-probe.js +112 -0
package/dist/packem_chunks/fix.js +229 -48
package/dist/packem_chunks/handler.js +99 -1
package/dist/packem_chunks/handler10.js +53 -1
package/dist/packem_chunks/handler11.js +32 -1
package/dist/packem_chunks/handler12.js +100 -2
package/dist/packem_chunks/handler13.js +25 -1
package/dist/packem_chunks/handler14.js +916 -5
package/dist/packem_chunks/handler15.js +206 -1
package/dist/packem_chunks/handler16.js +122 -18
package/dist/packem_chunks/handler17.js +13 -1
package/dist/packem_chunks/handler18.js +106 -1
package/dist/packem_chunks/handler19.js +19 -1
package/dist/packem_chunks/handler2.js +75 -1
package/dist/packem_chunks/handler20.js +29 -1
package/dist/packem_chunks/handler21.js +222 -1
package/dist/packem_chunks/handler22.js +237 -5
package/dist/packem_chunks/handler23.js +101 -1
package/dist/packem_chunks/handler24.js +110 -1
package/dist/packem_chunks/handler25.js +402 -5
package/dist/packem_chunks/handler26.js +13 -1
package/dist/packem_chunks/handler27.js +63 -3
package/dist/packem_chunks/handler28.js +34 -1
package/dist/packem_chunks/handler29.js +458 -7
package/dist/packem_chunks/handler3.js +95 -2
package/dist/packem_chunks/handler30.js +168 -21
package/dist/packem_chunks/handler31.js +530 -3
package/dist/packem_chunks/handler32.js +214 -2
package/dist/packem_chunks/handler33.js +119 -24
package/dist/packem_chunks/handler34.js +630 -2
package/dist/packem_chunks/handler35.js +283 -19
package/dist/packem_chunks/handler36.js +521 -407
package/dist/packem_chunks/handler37.js +762 -22
package/dist/packem_chunks/handler38.js +989 -22
package/dist/packem_chunks/handler39.js +574 -22
package/dist/packem_chunks/handler4.js +90 -4
package/dist/packem_chunks/handler40.js +1685 -3
package/dist/packem_chunks/handler41.js +1088 -10
package/dist/packem_chunks/handler42.js +785 -141
package/dist/packem_chunks/handler43.js +2658 -42
package/dist/packem_chunks/handler44.js +3886 -3
package/dist/packem_chunks/handler45.js +2568 -21
package/dist/packem_chunks/handler46.js +3769 -0
package/dist/packem_chunks/handler47.js +1491 -0
package/dist/packem_chunks/handler5.js +174 -2
package/dist/packem_chunks/handler6.js +95 -13
package/dist/packem_chunks/handler7.js +115 -8
package/dist/packem_chunks/handler8.js +12 -1
package/dist/packem_chunks/handler9.js +29 -1
package/dist/packem_chunks/heal-accept.js +522 -0
package/dist/packem_chunks/heal.js +673 -0
package/dist/packem_chunks/index.js +873 -7
package/dist/packem_chunks/loader.js +23 -1
package/dist/packem_shared/VisUpdateApp-D-Yz_wvg.js +1316 -0
package/dist/packem_shared/_commonjsHelpers-BqLXS_qQ.js +5 -0
package/dist/packem_shared/ai-analysis-CHeB1joD.js +367 -0
package/dist/packem_shared/ai-cache-Be_jexe4.js +142 -0
package/dist/packem_shared/ai-fix-B9iQVcD2.js +379 -0
package/dist/packem_shared/cache-directory-2qvs4goY.js +98 -0
package/dist/packem_shared/catalog-BJTtyi-O.js +1371 -0
package/dist/packem_shared/dependency-scan-A0KSklpG.js +188 -0
package/dist/packem_shared/docker-2iZzc280.js +181 -0
package/dist/packem_shared/failure-log-Cz3Z4SKL.js +100 -0
package/dist/packem_shared/flakiness-goTxXuCX.js +180 -0
package/dist/packem_shared/otel-DCvqCTz_.js +158 -0
package/dist/packem_shared/otelPlugin-DFaLDvJf.js +3 -0
package/dist/packem_shared/registry-CbqXI0rc.js +272 -0
package/dist/packem_shared/run-summary-utils-PVMl4aIh.js +130 -0
package/dist/packem_shared/runtime-check-Cobi3p6l.js +127 -0
package/dist/packem_shared/selectors-SM69TfqC.js +194 -0
package/dist/packem_shared/symbols-Ta7g2nU-.js +14 -0
package/dist/packem_shared/toolchain-BdZd9eBi.js +975 -0
package/dist/packem_shared/typosquats-C-bCh3PX.js +1210 -0
package/dist/packem_shared/use-measured-height-CNP0vT4M.js +20 -0
package/dist/packem_shared/utils-CthVdBPS.js +40 -0
package/dist/packem_shared/xxh3-Ck8mXNg1.js +239 -0
package/index.js +727 -555
package/package.json +35 -17
package/schemas/project.schema.json +8 -10
package/schemas/vis-config.schema.json +132 -8
package/skills/vis/SKILL.md +96 -0
package/templates/buildkite-ci/.buildkite/pipeline.yml.tera +85 -0
package/templates/buildkite-ci/template.yml +20 -0
package/dist/errors/index.d.ts +0 -26
package/dist/errors/index.js +0 -1
package/dist/packem_chunks/config.js +0 -2
package/dist/packem_shared/VisConfigCycleError-CAYNC7d-.js +0 -1
package/dist/packem_shared/VisConfigError-B5LP1zRf.js +0 -1
package/dist/packem_shared/VisConfigLoadError-CeqBSd2Z.js +0 -2
package/dist/packem_shared/VisConfigNotFoundError-DZ9KC527.js +0 -5
package/dist/packem_shared/VisUpdateApp-D-L4_-Iu.js +0 -1
package/dist/packem_shared/_commonjsHelpers-D6W6KoPK.js +0 -1
package/dist/packem_shared/ai-analysis-CGuy7dfE.js +0 -67
package/dist/packem_shared/ai-cache-Bynt6Y9x.js +0 -1
package/dist/packem_shared/cache-directory-D72ZEag2.js +0 -1
package/dist/packem_shared/catalog-BVPerCwG.js +0 -12
package/dist/packem_shared/dependency-scan-Du0tBu64.js +0 -2
package/dist/packem_shared/docker-BcfqH4Av.js +0 -2
package/dist/packem_shared/failure-log-DqYen0LC.js +0 -2
package/dist/packem_shared/flakiness-DSIHZGBT.js +0 -1
package/dist/packem_shared/run-summary-utils-C24Aaf9E.js +0 -1
package/dist/packem_shared/runtime-check-CGHal8SO.js +0 -1
package/dist/packem_shared/selectors-CfH9ZY08.js +0 -3
package/dist/packem_shared/symbols-CQmER5MT.js +0 -1
package/dist/packem_shared/target-merge-DNa-6eWu.js +0 -1
package/dist/packem_shared/toolchain-DQfTQY8E.js +0 -5
package/dist/packem_shared/typosquats-DOR8izpX.js +0 -1
package/dist/packem_shared/use-measured-height-DjYgUOKk.js +0 -1
package/dist/packem_shared/utils-DrNg0XTR.js +0 -1
package/dist/packem_shared/xxh3-DrAUNq4n.js +0 -1

package/dist/packem_chunks/handler4.js CHANGED Viewed

@@ -1,4 +1,90 @@
-var x=Object.defineProperty;var h=(n,t)=>x(n,"name",{value:t,configurable:!0});import{findPackageManagerSync as N}from"@visulima/package";import{z as P,e as U,Z as j}from"../packem_shared/ai-analysis-CGuy7dfE.js";import{V as z,U as M}from"./bin.js";import{a as O,f as T,b,n as S,_ as V,m as q}from"../packem_shared/catalog-BVPerCwG.js";var A=Object.defineProperty,F=h((n,t)=>A(n,"name",{value:t,configurable:!0}),"x");const J=/^[\^~>=<]+/,G=F(async({argument:n,logger:t,options:f,visConfig:u,workspaceRoot:g})=>{if(!g)throw new Error("Could not determine workspace root. Run this command inside a monorepo.");const m=n,e=m[0];if(!e)throw new Error("Package name is required. Usage: vis analyze <package> [version]");const p=m[1],{packageManager:E}=N(g);let a,w="default";const C=O(g,E);for(const[o,s]of C){const i=s.get(e);if(i){a=i,w=o;break}}if(!a)throw new Error(`Package "${e}" not found in any catalog or package.json. Make sure it exists in your workspace dependencies.`);let r;if(p)r=p;else{t.info(`Fetching latest version for ${e}...
-`);const o=await T(e);if(!o.latest)throw new Error(`Could not determine latest version for "${e}".`);r=o.latest}const d=b(a),k=b(r);if(!d||!k)throw new Error(`Could not parse versions: current="${a}", target="${r}".`);const v=S(d,k);if(v==="none"){t.info(`${e} is already at ${r}. Nothing to analyze.`);return}const R=V(a),l={catalogName:w,currentRange:a,newRange:`${R}${r}`,packageName:e,targetVersion:r,updateType:v},y=P(f.aiType??"impact");if(y==="security"||f.security){t.info(`Checking for known vulnerabilities...
-`);const o=a.replace(J,""),s=(await q([{name:e,version:o}])).get(e);s&&s.length>0&&(l.vulnerabilities=s);const i=z(u?.security?.socket);if(i){const c=(await M([{name:e,version:o}],i)).get(`${e}@${o}`);c&&(l.socketReport={alerts:c.alerts,license:c.license,score:c.score})}}const $=await U([l],t,u?.ai,y);(f.format??"table")==="json"?process.stdout.write(`${JSON.stringify($,void 0,2)}
-`):t.info(j($))},"execute");export{G as default};
+import { createRequire as __cjs_createRequire } from "node:module";
+const __cjs_require = __cjs_createRequire(import.meta.url);
+const __cjs_getProcess = typeof globalThis !== "undefined" && typeof globalThis.process !== "undefined" ? globalThis.process : process;
+const __cjs_getBuiltinModule = (module) => {
+    // Check if we're in Node.js and version supports getBuiltinModule
+    if (typeof __cjs_getProcess !== "undefined" && __cjs_getProcess.versions && __cjs_getProcess.versions.node) {
+        const [major, minor] = __cjs_getProcess.versions.node.split(".").map(Number);
+        // Node.js 20.16.0+ and 22.3.0+
+        if (major > 22 || (major === 22 && minor >= 3) || (major === 20 && minor >= 16)) {
+            return __cjs_getProcess.getBuiltinModule(module);
+        }
+    }
+    // Fallback to createRequire
+    return __cjs_require(module);
+};
+const {
+  spawnSync
+} = __cjs_getBuiltinModule("node:child_process");
+import { c as detectPm, p as pail, s as scanUnapprovedBuildScripts, e as syncAllowBuildsToNativeConfig } from './bin.js';
+const execute = async ({ options, visConfig, workspaceRoot: wsRoot }) => {
+  const cwd = wsRoot ?? process.cwd();
+  const pm = detectPm(cwd);
+  if (pm.name === "pnpm" && !options.scan) {
+    pail.info("Delegating to pnpm approve-builds...");
+    const pnpmArgs = ["approve-builds"];
+    if (options.all) {
+      pnpmArgs.push("--all");
+    }
+    const result = spawnSync("pnpm", pnpmArgs, { cwd, stdio: "inherit" });
+    if (result.error) {
+      throw new Error(`Failed to run pnpm approve-builds: ${result.error.message}`);
+    }
+    if (result.status !== 0 && result.status !== null) {
+      pail.error(`pnpm approve-builds exited with code ${result.status}`);
+      process.exitCode = result.status;
+    }
+    if (!options.syncNative) {
+      pail.notice("");
+      pail.notice("Tip: vis.config.ts security.allowBuilds may now be out of sync with pnpm-workspace.yaml.");
+      pail.notice("Run 'vis check --security-config' to compare, or copy the new entries into vis.config.ts.");
+      return;
+    }
+  } else {
+    const allowBuilds = visConfig?.security?.allowBuilds ?? {};
+    const unapproved = scanUnapprovedBuildScripts(cwd, allowBuilds);
+    if (unapproved.length === 0) {
+      pail.success("No unapproved build scripts found.");
+    } else {
+      pail.warn(`Found ${unapproved.length} package${unapproved.length === 1 ? "" : "s"} with unapproved build scripts:
+`);
+      for (const pkg of unapproved) {
+        pail.info(`  ${pkg}`);
+      }
+      pail.notice("");
+      pail.notice("To approve these packages, add them to vis.config.ts:");
+      pail.notice("");
+      pail.notice("  security: {");
+      pail.notice("    allowBuilds: {");
+      for (const pkg of unapproved) {
+        const name = pkg.split(" (")[0];
+        pail.notice(`      "${name}": true,`);
+      }
+      pail.notice("    },");
+      pail.notice("  },");
+      if (pm.name === "pnpm") {
+        pail.notice("");
+        pail.notice("Or run 'pnpm approve-builds' to update pnpm-workspace.yaml directly.");
+      }
+    }
+  }
+  if (options.syncNative) {
+    const allowBuilds = visConfig?.security?.allowBuilds ?? {};
+    if (Object.keys(allowBuilds).length === 0) {
+      pail.warn("No security.allowBuilds configured in vis.config.ts. Nothing to sync.");
+    } else {
+      const actions = syncAllowBuildsToNativeConfig(pm.name, cwd, allowBuilds);
+      pail.info("");
+      for (const action of actions) {
+        pail.success(action);
+      }
+    }
+  }
+};
+export { execute as default };