@visulima/vis 1.0.0-alpha.10 → 1.0.0-alpha.11

package/dist/packem_chunks/handler5.js

@@ -1,2 +1,174 @@
-var d=Object.defineProperty;var l=(s,t)=>d(s,"name",{value:t,configurable:!0});import{createRequire as f}from"node:module";import{c as y,p as e,I as w,T as h}from"./bin.js";const m=f(import.meta.url),c=typeof globalThis<"u"&&typeof globalThis.process<"u"?globalThis.process:process,g=l(s=>{if(typeof c<"u"&&c.versions&&c.versions.node){const[t,r]=c.versions.node.split(".").map(Number);if(t>22||t===22&&r>=3||t===20&&r>=16)return c.getBuiltinModule(s)}return m(s)},"__cjs_getBuiltinModule"),{spawnSync:v}=g("node:child_process");var b=Object.defineProperty,_=l((s,t)=>b(s,"name",{value:t,configurable:!0}),"p");const $=_(async({options:s,visConfig:t,workspaceRoot:r})=>{const p=r??process.cwd(),a=y(p);if(a.name==="pnpm"&&!s.scan){e.info("Delegating to pnpm approve-builds...");const i=["approve-builds"];s.all&&i.push("--all");const o=v("pnpm",i,{cwd:p,stdio:"inherit"});if(o.error)throw new Error(`Failed to run pnpm approve-builds: ${o.error.message}`);if(o.status!==0&&o.status!==null&&(e.error(`pnpm approve-builds exited with code ${o.status}`),process.exitCode=o.status),!s.syncNative){e.notice(""),e.notice("Tip: vis.config.ts security.allowBuilds may now be out of sync with pnpm-workspace.yaml."),e.notice("Run 'vis check --security-config' to compare, or copy the new entries into vis.config.ts.");return}}else{const i=t?.security?.allowBuilds??{},o=w(p,i);if(o.length===0)e.success("No unapproved build scripts found.");else{e.warn(`Found ${o.length} package${o.length===1?"":"s"} with unapproved build scripts:
-`);for(const n of o)e.info(`  ${n}`);e.notice(""),e.notice("To approve these packages, add them to vis.config.ts:"),e.notice(""),e.notice("  security: {"),e.notice("    allowBuilds: {");for(const n of o){const u=n.split(" (")[0];e.notice(`      "${u}": true,`)}e.notice("    },"),e.notice("  },"),a.name==="pnpm"&&(e.notice(""),e.notice("Or run 'pnpm approve-builds' to update pnpm-workspace.yaml directly."))}}if(s.syncNative){const i=t?.security?.allowBuilds??{};if(Object.keys(i).length===0)e.warn("No security.allowBuilds configured in vis.config.ts. Nothing to sync.");else{const o=h(a.name,p,i);e.info("");for(const n of o)e.success(n)}}},"execute");export{$ as default};
+import { findPackageManagerSync } from '@visulima/package';
+import { render, renderToString, Text } from '@visulima/tui';
+import { c as detectPm, g as printSecurityReport, h as previewPnpmSync, p as pail, i as isInCi, j as scoreColor, a as buildSocketOptions } from './bin.js';
+import React from 'react';
+import { v as validateAnalysisType, r as runAiAnalysis, f as formatAiAnalysis } from '../packem_shared/ai-analysis-CHeB1joD.js';
+import { U as UpdateStore, V as VisUpdateApp, C as CheckProgressApp } from '../packem_shared/VisUpdateApp-D-Yz_wvg.js';
+import { l as loadNpmrc, r as readCatalogs, c as checkOutdated, b as formatSummary, d as formatOutdatedMinimal, h as formatOutdatedTable, t as toFilterArray } from '../packem_shared/catalog-BJTtyi-O.js';
+
+const execute = async ({ argument, logger, options, visConfig, workspaceRoot: wsRoot }) => {
+  if (!wsRoot) {
+    throw new Error("Could not determine workspace root. Run this command inside a monorepo.");
+  }
+  const workspaceRoot = wsRoot;
+  if (options.securityConfig) {
+    const pm = detectPm(workspaceRoot);
+    printSecurityReport(visConfig ?? {}, pm.name);
+    if (options.sync && pm.name === "pnpm") {
+      const synced = previewPnpmSync(visConfig ?? {});
+      if (synced.length > 0) {
+        pail.info("\nSettings that would sync to pnpm-workspace.yaml:");
+        for (const s of synced) {
+          pail.success(`  ${s}`);
+        }
+      } else {
+        pail.info("No security settings to sync.");
+      }
+    } else if (options.sync && pm.name !== "pnpm") {
+      pail.info(`--sync is only available for pnpm projects. Your project uses ${pm.name}.`);
+      pail.info("vis enforces security settings at the vis layer for non-pnpm projects.");
+    }
+    if (!options.security && !argument?.length) {
+      return;
+    }
+  }
+  const { packageManager } = findPackageManagerSync(workspaceRoot);
+  const npmrcConfig = loadNpmrc(workspaceRoot);
+  const configDefaults = visConfig?.update ?? {};
+  const catalogs = readCatalogs(workspaceRoot, packageManager, {
+    dev: options.dev,
+    prod: options.prod
+  });
+  if (catalogs.size === 0) {
+    logger.info("No catalogs found.");
+    return;
+  }
+  const target = options.target ?? configDefaults.target ?? "latest";
+  if (!["latest", "minor", "patch"].includes(target)) {
+    throw new Error(`Invalid target "${target}". Use: latest, minor, or patch.`);
+  }
+  const checkOptions = {
+    exclude: [...toFilterArray(options.exclude), ...toFilterArray(configDefaults.exclude)],
+    ignore: toFilterArray(configDefaults.ignore),
+    include: [...toFilterArray(options.include), ...toFilterArray(configDefaults.include), ...argument],
+    includeLocked: Boolean(options.includeLocked),
+    includePrerelease: options.prerelease || configDefaults.prerelease || false,
+    security: !options.noSecurity,
+    target
+  };
+  let totalDeps = 0;
+  for (const deps of catalogs.values()) {
+    totalDeps += deps.size;
+  }
+  const isTTY = Boolean(process.stdout.isTTY) && !isInCi;
+  let progressInstance;
+  const onProgress = isTTY ? (current, total) => {
+    if (progressInstance) {
+      progressInstance.rerender(React.createElement(CheckProgressApp, { current, total }));
+    } else {
+      progressInstance = render(React.createElement(CheckProgressApp, { current, total }), {
+        interactive: true,
+        patchConsole: false
+      });
+    }
+  } : (current, total) => {
+    logger.info(`Checking ${String(current)}/${String(total)} dependencies...`);
+  };
+  if (!isTTY) {
+    logger.info(`Checking ${String(totalDeps)} catalog dependencies against npm registry...
+`);
+  }
+  const socketOptions = buildSocketOptions(visConfig?.security?.socket);
+  const { failed, outdated } = await checkOutdated(
+    catalogs,
+    checkOptions,
+    npmrcConfig,
+    onProgress,
+    workspaceRoot,
+    socketOptions,
+    visConfig?.security?.socket?.acceptedRisks
+  );
+  if (progressInstance) {
+    progressInstance.clear();
+    progressInstance.unmount();
+  }
+  if (failed.length > 0) {
+    logger.warn(`Failed to fetch: ${failed.join(", ")}`);
+  }
+  if (outdated.length === 0) {
+    logger.info("All catalog dependencies are up to date.");
+    return;
+  }
+  const format = options.format ?? configDefaults.format ?? "table";
+  const analysisType = validateAnalysisType(options.aiType ?? "impact");
+  const aiResult = options.ai ? await runAiAnalysis(outdated, logger, visConfig?.ai, analysisType) : void 0;
+  if (isTTY && format === "table") {
+    const store = new UpdateStore(outdated, aiResult ?? null);
+    const autoExitConfig = visConfig?.tui?.autoExit ?? false;
+    const autoExitSeconds = autoExitConfig === true ? 3 : typeof autoExitConfig === "number" ? autoExitConfig : 0;
+    const instance = render(
+      React.createElement(VisUpdateApp, {
+        autoExitSeconds,
+        isDryRun: true,
+        store
+      }),
+      {
+        alternateScreen: true,
+        exitOnCtrlC: false,
+        interactive: true,
+        patchConsole: true
+      }
+    );
+    await instance.waitUntilExit();
+    const columns = process.stdout.columns || 80;
+    process.stdout.write("\n");
+    for (const entry of outdated) {
+      const hasSecurityIssue = entry.vulnerabilities?.length || entry.socketReport && entry.socketReport.alerts.length > 0;
+      const isAck = Boolean(entry.acceptedRisk);
+      const icon = hasSecurityIssue ? isAck ? "✓" : "⚠" : "✓";
+      const iconColor = isAck ? "gray" : entry.updateType === "major" ? "red" : entry.updateType === "minor" ? "yellow" : "green";
+      const socketOverall = entry.socketReport?.score.overall;
+      const scoreSuffix = socketOverall === void 0 ? "" : ` [${String(Math.round(socketOverall * 100))}%]`;
+      const socketColorName = socketOverall === void 0 ? void 0 : scoreColor(socketOverall);
+      process.stdout.write(
+        `${renderToString(
+          React.createElement(
+            Text,
+            null,
+            "   ",
+            React.createElement(Text, { color: iconColor }, icon),
+            `  ${entry.packageName}  ${entry.currentRange} → ${entry.newRange}`,
+            React.createElement(Text, { dimColor: true }, `  ${entry.updateType}`),
+            socketColorName ? React.createElement(Text, { color: socketColorName }, scoreSuffix) : null
+          ),
+          { columns }
+        )}
+`
+      );
+    }
+    process.stdout.write("\n");
+    logger.info(formatSummary(outdated));
+  } else if (format === "json") {
+    const output = { failed, outdated };
+    if (aiResult) {
+      output.aiAnalysis = aiResult;
+    }
+    process.stdout.write(`${JSON.stringify(output, void 0, 2)}
+`);
+  } else if (format === "minimal") {
+    process.stdout.write(`${formatOutdatedMinimal(outdated)}
+`);
+  } else {
+    formatOutdatedTable(outdated, logger);
+    logger.info(formatSummary(outdated));
+    if (aiResult) {
+      logger.info("");
+      logger.info(formatAiAnalysis(aiResult));
+    }
+  }
+  if (options.exitCode && outdated.length > 0) {
+    process.exitCode = 1;
+  }
+};
+
+export { execute as default };

package/dist/packem_chunks/handler6.js

@@ -1,13 +1,95 @@
-var F=Object.defineProperty;var C=(e,r)=>F(e,"name",{value:r,configurable:!0});import{createRequire as q}from"node:module";import{isAccessibleSync as v}from"@visulima/fs";import{formatBytes as g}from"@visulima/humanizer";import{join as L}from"@visulima/path";import{Cache as M,parseCacheSize as K,readLastRunSummary as T,getLastRunSummaryPath as Q}from"@visulima/task-runner";import{B as G,J as D}from"../packem_shared/ai-cache-Bynt6Y9x.js";import{_ as V,E as N}from"../packem_shared/cache-directory-D72ZEag2.js";import{p as n,H as X,a as E}from"./bin.js";import{r as J,f as I,a as Z,d as ee}from"../packem_shared/run-summary-utils-C24Aaf9E.js";const U=q(import.meta.url),k=typeof globalThis<"u"&&typeof globalThis.process<"u"?globalThis.process:process,b=C(e=>{if(typeof k<"u"&&k.versions&&k.versions.node){const[r,t]=k.versions.node.split(".").map(Number);if(r>22||r===22&&t>=3||r===20&&t>=16)return k.getBuiltinModule(e)}return U(e)},"__cjs_getBuiltinModule"),{readdir:j,stat:A,realpath:z,rm:O}=b("node:fs/promises"),{createInterface:Y}=b("node:readline");var te=Object.defineProperty,h=C((e,r)=>te(e,"name",{value:r,configurable:!0}),"f");const W=h(async e=>{let r=0;try{const t=await j(e,{withFileTypes:!0});for(const o of t){const s=L(e,o.name);if(o.isDirectory())r+=await W(s);else if(o.isFile()){const a=await A(s);r+=a.size}}}catch{}return r},"sumDirectorySize"),w=h(async e=>{const r=[];let t;try{t=await j(e)}catch{return[]}for(const o of t){if(o.startsWith("."))continue;const s=L(e,o);try{const a=await A(s);if(!a.isDirectory())continue;const c=await W(s);r.push({hash:o,mtimeMs:a.mtimeMs,path:s,sizeBytes:c})}catch{}}return r.sort((o,s)=>s.mtimeMs-o.mtimeMs),r},"collectCacheEntries"),se=h((e,r=Date.now())=>{const t=Math.floor((r-e)/1e3);return t<60?`${String(t)}s`:t<3600?`${String(Math.floor(t/60))}m`:t<86400?`${String(Math.floor(t/3600))}h`:`${String(Math.floor(t/86400))}d`},"formatAge"),re=h(e=>new Promise(r=>{const t=Y({input:process.stdin,output:process.stderr});t.question(`${e} (y/N) `,o=>{t.close();const s=o.trim().toLowerCase();r(s==="y"||s==="yes")})}),"confirmPrompt"),oe=h(async(e,r,t)=>{if(!v(e)){if(r==="json"){process.stdout.write(`${JSON.stringify({directory:e,entries:[],totalBytes:0,totalCount:0},void 0,2)}
-`);return}n.info(`No cache directory found at ${e}`);return}const o=await w(e);if(o.length===0){if(r==="json"){process.stdout.write(`${JSON.stringify({directory:e,entries:[],totalBytes:0,totalCount:0},void 0,2)}
-`);return}n.info(`Cache directory is empty: ${e}`);return}const s=o.reduce((i,d)=>i+d.sizeBytes,0);if(r==="json"){const i=Date.now();process.stdout.write(`${JSON.stringify({directory:e,entries:o.map(d=>({ageMs:i-d.mtimeMs,hash:d.hash,mtimeIso:new Date(d.mtimeMs).toISOString(),sizeBytes:d.sizeBytes})),totalBytes:s,totalCount:o.length},void 0,2)}
-`);return}n.info(`Cache directory: ${e}`),n.info(`Entries: ${String(o.length)} (${g(s,{decimals:1,space:!1})})`),t.info("");const a=Date.now(),c=o.map(i=>({age:se(i.mtimeMs,a),hash:i.hash.slice(0,12),size:g(i.sizeBytes,{decimals:1,space:!1})})),u=Math.max(4,...c.map(i=>i.hash.length)),f=Math.max(4,...c.map(i=>i.size.length)),l=Math.max(3,...c.map(i=>i.age.length));t.info(`  ${"hash".padEnd(u)}  ${"size".padEnd(f)}  ${"age".padEnd(l)}`),t.info(`  ${"-".repeat(u)}  ${"-".repeat(f)}  ${"-".repeat(l)}`);for(const i of c)t.info(`  ${i.hash.padEnd(u)}  ${i.size.padEnd(f)}  ${i.age.padEnd(l)}`)},"runList"),ae=h(()=>{try{const e=G();e>0&&n.info(`Cleared ${String(e)} cached AI response${e===1?"":"s"}.`)}catch(e){n.warn(`Failed to clear AI response cache: ${e instanceof Error?e.message:String(e)}`)}},"clearAiCacheSafe"),ne=h(()=>{try{const e=X();e>0&&n.info(`Cleared ${String(e)} cached Socket.dev report${e===1?"":"s"}.`)}catch(e){n.warn(`Failed to clear Socket.dev cache: ${e instanceof Error?e.message:String(e)}`)}},"clearSocketCacheSafe"),ie=h(async(e,r,t)=>{if(!v(e)){n.info(`No cache directory to clean at ${e}`);return}if(t.dryRun){const s=await w(e),a=s.reduce((c,u)=>c+u.sizeBytes,0);n.info(`Would remove ${String(s.length)} cache entr${s.length===1?"y":"ies"} (${g(a,{decimals:1,space:!1})}) from ${e}`);return}const o=V(e,r);try{const s=await z(e),a=await z(r);if(s===a){n.error("Refusing to delete the workspace root. The cache directory resolved to the same path as the workspace."),process.exitCode=1;return}}catch{}if(!o&&!t.force){if(n.warn(`Cache directory is outside the workspace root: ${e}`),n.warn("This will recursively delete the entire directory, including anything stored there by other tools."),!process.stdin.isTTY){n.error("Refusing to clean an out-of-workspace cache without --force (stdin is not a TTY)."),process.exitCode=1;return}if(!await re("  Continue?")){n.info("Aborted.");return}}o?await new M({cacheDirectory:e,workspaceRoot:r}).clear():await O(e,{force:!0,recursive:!0}),n.success(`Cleared cache: ${e}`)},"runClean"),ce=h(async(e,r,t)=>{if(!v(e)){n.info(`No cache directory to prune at ${e}`);return}if(t.maxCacheAgeDays!==void 0&&(!Number.isFinite(t.maxCacheAgeDays)||t.maxCacheAgeDays<0)){n.error(`Invalid --max-age-days value: expected a finite number >= 0, got ${String(t.maxCacheAgeDays)}`),process.exitCode=1;return}if(t.keepLast!==void 0&&(!Number.isFinite(t.keepLast)||t.keepLast<0||!Number.isInteger(t.keepLast))){n.error(`Invalid --keep-last value: expected a non-negative integer, got ${String(t.keepLast)}`),process.exitCode=1;return}if(t.maxCacheSize!==void 0){let i;try{i=K(t.maxCacheSize)}catch(d){n.error(`Invalid --max-size value: ${d instanceof Error?d.message:String(d)}`),process.exitCode=1;return}if(!Number.isFinite(i)||i<=0){n.error(`Invalid --max-size value: expected a positive size, got "${t.maxCacheSize}" (${String(i)} bytes)`),process.exitCode=1;return}}const o=t.maxCacheAgeDays===void 0?void 0:t.maxCacheAgeDays*24*60*60*1e3,s=await w(e),a=s.reduce((i,d)=>i+d.sizeBytes,0);if(t.keepLast!==void 0&&s.length>t.keepLast){const i=s.slice(t.keepLast);await Promise.all(i.map(d=>O(d.path,{force:!0,recursive:!0})))}await new M({cacheDirectory:e,maxCacheAge:o,maxCacheSize:t.maxCacheSize,workspaceRoot:r}).removeOldEntries();const c=await w(e),u=c.reduce((i,d)=>i+d.sizeBytes,0),f=s.length-c.length,l=a-u;if(f<=0){n.info("Nothing to prune — all entries are within the configured limits.");return}n.success(`Pruned ${String(f)} entr${f===1?"y":"ies"}, freed ${g(l,{decimals:1,space:!1})}.`)},"runPrune"),R=16,P=h(e=>e.length>R?`${e.slice(0,R)}…`:e,"truncateHash"),x=h((e,r,t)=>{const o=Object.entries(r??{});if(o.length!==0){t.info(`  ${e}:`),o.sort(([s],[a])=>s.localeCompare(a));for(const[s,a]of o)t.info(`    ${s.padEnd(40)}  ${P(a)}`)}},"renderHashDetailsBucket"),ue=h(async(e,r,t)=>{const{format:o,runId:s,workspaceRoot:a}=r,c=s===void 0?await T(a):await J(a,s);if(!c){if(o==="json"){process.stdout.write(`${JSON.stringify({error:"no-summary",runId:s??null,taskId:e},void 0,2)}
-`),process.exitCode=1;return}s===void 0?n.error("No previous run summary found. Run a task first to populate `.task-runner/last-summary.json`."):n.error(`Run summary "${s}" not found in .task-runner/runs/.`),process.exitCode=1;return}const u=I(c,e);if(!u){if(o==="json"){process.stdout.write(`${JSON.stringify({error:"task-not-in-summary",runId:c.id,taskId:e},void 0,2)}
-`),process.exitCode=1;return}n.error(`Task "${e}" was not part of run ${c.id}.`),n.info(`Tasks in this run: ${c.tasks.map(d=>d.taskId).join(", ")||"(none)"}`),process.exitCode=1;return}const f=await Z(a,c.id),l=f?I(f,e):void 0,i=ee(u.hashDetails,l?.hashDetails);if(o==="json"){process.stdout.write(`${JSON.stringify({diff:i,previousRunId:f?.id??null,previousTask:l?{cacheStatus:l.cacheStatus,hash:l.hash??null,hashDetails:l.hashDetails??null}:null,runId:c.id,task:{cacheStatus:u.cacheStatus,hash:u.hash??null,hashDetails:u.hashDetails??null,taskId:u.taskId}},void 0,2)}
-`);return}if(n.info(`Why ${e}? (run ${c.id})`),t.info(""),t.info(`  status:  ${u.cacheStatus}`),t.info(`  hash:    ${u.hash??"(none)"}`),l?t.info(`  prev:    ${l.hash??"(none)"}  [run ${f?.id??"?"}]`):t.info("  prev:    (no prior run found)"),t.info(""),!l){n.info("No previous run to diff against — first time this task was recorded.");return}if(!i.commandChanged&&i.nodes.added.length===0&&i.nodes.changed.length===0&&i.nodes.removed.length===0&&i.runtime.added.length===0&&i.runtime.changed.length===0&&i.runtime.removed.length===0&&i.implicitDeps.added.length===0&&i.implicitDeps.changed.length===0&&i.implicitDeps.removed.length===0){n.success("No hash inputs changed since the previous run.");return}t.info("Hash inputs that changed since the previous run:"),t.info(""),i.commandChanged&&t.info("  command:  changed");for(const d of["nodes","runtime","implicitDeps"]){const m=i[d];if(!(m.added.length===0&&m.changed.length===0&&m.removed.length===0)){t.info(`  ${d}:`);for(const $ of m.added)t.info(`    + ${$}`);for(const $ of m.changed)t.info(`    ~ ${$}`);for(const $ of m.removed)t.info(`    - ${$}`)}}t.info(""),n.info(`Last summary file: ${Q(a)}`)},"runWhy"),de=h(async(e,r,t)=>{const{format:o,runId:s,workspaceRoot:a}=r,c=s===void 0?await T(a):await J(a,s);if(!c){if(o==="json"){process.stdout.write(`${JSON.stringify({error:"no-summary",runId:s??null,taskId:e},void 0,2)}
-`),process.exitCode=1;return}s===void 0?n.error("No previous run summary found. Run a task first to populate `.task-runner/last-summary.json`."):n.error(`Run summary "${s}" not found in .task-runner/runs/.`),process.exitCode=1;return}const u=I(c,e);if(!u){if(o==="json"){process.stdout.write(`${JSON.stringify({error:"task-not-in-summary",runId:c.id,taskId:e},void 0,2)}
-`),process.exitCode=1;return}n.error(`Task "${e}" was not part of run ${c.id}.`),process.exitCode=1;return}if(o==="json"){process.stdout.write(`${JSON.stringify({cacheStatus:u.cacheStatus,hash:u.hash??null,hashDetails:u.hashDetails??null,runId:c.id,taskId:u.taskId},void 0,2)}
-`);return}n.info(`Hash for ${e} (run ${c.id})`),t.info(""),t.info(`  status:  ${u.cacheStatus}`),t.info(`  hash:    ${u.hash??"(none)"}`),u.hashDetails?(t.info(""),t.info(`  command: ${P(u.hashDetails.command)}`),x("nodes",u.hashDetails.nodes,t),x("runtime",u.hashDetails.runtime,t),x("implicitDeps",u.hashDetails.implicitDeps,t)):(t.info(""),n.info("No hash details recorded for this task."))},"runHash"),he=h(async(e,r)=>{if(!v(e)){if(r==="json"){process.stdout.write(`${JSON.stringify({directory:e,exists:!1,totalBytes:0,totalCount:0})}
-`);return}n.info(`No cache directory at ${e}`);return}const t=await w(e),o=t.reduce((s,a)=>s+a.sizeBytes,0);if(r==="json"){process.stdout.write(`${JSON.stringify({directory:e,exists:!0,totalBytes:o,totalCount:t.length})}
-`);return}n.info(`Cache directory: ${e}`),n.info(`Entries:         ${String(t.length)}`),n.info(`Total size:      ${g(o,{decimals:1,space:!1})}`)},"runSize"),_=h(e=>e==="task"||e==="ai"||e==="socket"||e==="all"?e:(e&&e.length>0&&n.warn(`Unknown --type value '${e}'; falling back to 'all'.`),"all"),"parseCacheTarget"),p=h((e,r)=>e==="all"||e===r,"includesTarget"),y=h(e=>e===void 0?null:new Date(e).toISOString(),"isoOrNull"),B=h((e,r)=>{n.info(`${e}:`),n.info(`  Entries:    ${String(r.entries)}`),n.info(`  Total size: ${g(r.totalSizeBytes,{decimals:1,space:!1})}`),n.info(`  Oldest:     ${r.oldestEntry?new Date(r.oldestEntry).toISOString():"N/A"}`),n.info(`  Newest:     ${r.newestEntry?new Date(r.newestEntry).toISOString():"N/A"}`)},"printAuxStatsBlock"),le=h(e=>e==="worktree"||e==="shared"||e==="all"?e:(e&&e.length>0&&n.warn(`Unknown --scope value '${e}'; falling back to 'shared'.`),"shared"),"parseScope"),S=h((e,r,t)=>{const o=e??process.cwd(),s=t??{},a=s.taskRunnerOptions??{},c=le(r.scope),u=r.cacheDir,f=N(o,u,a.cacheDirectory,!1),l=N(o,u,a.cacheDirectory,s.sharedWorktreeCache);let i,d;switch(c){case"all":{i=l,d=l===f?[l]:[l,f];break}case"worktree":{i=f,d=[f];break}default:i=l,d=[l]}return{cacheDirectories:d,cacheDirectory:i,scope:c,sharedWorktreeCache:s.sharedWorktreeCache,workspaceRoot:o}},"resolveCacheDirectoryFromContext"),Ce=h(async({logger:e,options:r,visConfig:t,workspaceRoot:o})=>{const{cacheDirectories:s}=S(o,r,t),a=r.format??"table";for(const c of s)s.length>1&&n.info(`# ${c}`),await oe(c,a,e)},"cacheListExecute"),xe=h(async({options:e,visConfig:r,workspaceRoot:t})=>{const o=_(e.type),s=!!e.dryRun;if(p(o,"task")){const{cacheDirectory:a,workspaceRoot:c}=S(t,e,r);await ie(a,c,{dryRun:s,force:!!e.force})}if(p(o,"ai"))if(s){const a=D();n.info(`Would clear ${String(a.entries)} cached AI response${a.entries===1?"":"s"}.`)}else ae();if(p(o,"socket"))if(s){const a=E();n.info(`Would clear ${String(a.entries)} cached Socket.dev report${a.entries===1?"":"s"}.`)}else ne()},"cacheCleanExecute"),De=h(async({options:e,visConfig:r,workspaceRoot:t})=>{const{cacheDirectories:o,workspaceRoot:s}=S(t,e,r);for(const a of o)o.length>1&&n.info(`# ${a}`),await ce(a,s,{keepLast:typeof e.keepLast=="number"?e.keepLast:void 0,maxCacheAgeDays:typeof e.maxAgeDays=="number"?e.maxAgeDays:void 0,maxCacheSize:e.maxSize})},"cachePruneExecute"),H=h(e=>e??process.cwd(),"resolveWorkspaceRoot"),Ee=h(async({argument:e,logger:r,options:t,workspaceRoot:o})=>{const s=e[0];if(!s){n.error("No task ID specified. Usage: vis cache why <project>:<target>"),process.exitCode=1;return}await ue(s,{format:t.format??"table",runId:t.run,workspaceRoot:H(o)},r)},"cacheWhyExecute"),Ie=h(async({argument:e,logger:r,options:t,workspaceRoot:o})=>{const s=e[0];if(!s){n.error("No task ID specified. Usage: vis cache hash <project>:<target>"),process.exitCode=1;return}await de(s,{format:t.format??"table",runId:t.run,workspaceRoot:H(o)},r)},"cacheHashExecute"),ze=h(async({options:e,visConfig:r,workspaceRoot:t})=>{const o=_(e.type);if((e.format??"table")==="json"){const s={};if(p(o,"task")){const{cacheDirectories:a}=S(t,e,r);s.task=await Promise.all(a.map(async c=>{const u=v(c),f=u?await w(c):[],l=f.reduce((i,d)=>i+d.sizeBytes,0);return{directory:c,entries:f.length,exists:u,newestEntry:y(f[0]?.mtimeMs),oldestEntry:y(f.at(-1)?.mtimeMs),totalBytes:l}}))}if(p(o,"ai")){const a=D();s.ai={entries:a.entries,newestEntry:y(a.newestEntry),oldestEntry:y(a.oldestEntry),totalBytes:a.totalSizeBytes}}if(p(o,"socket")){const a=E();s.socket={entries:a.entries,newestEntry:y(a.newestEntry),oldestEntry:y(a.oldestEntry),totalBytes:a.totalSizeBytes}}process.stdout.write(`${JSON.stringify(s,void 0,2)}
-`);return}if(p(o,"task")){const{cacheDirectories:s}=S(t,e,r);for(const a of s)s.length>1&&n.info(`# ${a}`),await he(a,"table")}p(o,"ai")&&B("AI response cache",D()),p(o,"socket")&&B("Socket.dev report cache",E())},"cacheSizeExecute");export{xe as cacheCleanExecute,Ie as cacheHashExecute,Ce as cacheListExecute,De as cachePruneExecute,ze as cacheSizeExecute,Ee as cacheWhyExecute,ae as clearAiCacheSafe,ne as clearSocketCacheSafe,w as collectCacheEntries,se as formatAge,ie as runClean,de as runHash,oe as runList,ce as runPrune,he as runSize,ue as runWhy};
+import { r as runToolchainPreflight } from '../packem_shared/toolchain-BdZd9eBi.js';
+
+const detectCiRefs = () => {
+  if (process.env["GITHUB_BASE_REF"]) {
+    return {
+      base: `origin/${process.env["GITHUB_BASE_REF"]}`,
+      head: process.env["GITHUB_SHA"] ?? "HEAD"
+    };
+  }
+  if (process.env["CI_MERGE_REQUEST_TARGET_BRANCH_NAME"]) {
+    return {
+      base: `origin/${process.env["CI_MERGE_REQUEST_TARGET_BRANCH_NAME"]}`,
+      head: process.env["CI_COMMIT_SHA"] ?? "HEAD"
+    };
+  }
+  if (process.env["BUILDKITE_PULL_REQUEST_BASE_BRANCH"]) {
+    return {
+      base: `origin/${process.env["BUILDKITE_PULL_REQUEST_BASE_BRANCH"]}`,
+      head: process.env["BUILDKITE_COMMIT"] ?? "HEAD"
+    };
+  }
+  if (process.env["CIRCLE_BRANCH"] && process.env["CIRCLE_SHA1"]) {
+    return {
+      base: "origin/main",
+      head: process.env["CIRCLE_SHA1"]
+    };
+  }
+  return { base: "origin/main", head: "HEAD" };
+};
+const execute = async ({ argument, logger, options, runtime, visConfig, workspaceRoot: wsRoot }) => {
+  const rawTargets = argument[0];
+  if (!rawTargets) {
+    throw new Error("Missing targets. Usage: vis ci <target>[,<target>…]");
+  }
+  const targets = rawTargets.split(",").map((t) => t.trim()).filter(Boolean);
+  if (targets.length === 0) {
+    throw new Error("Missing targets. Usage: vis ci <target>[,<target>…]");
+  }
+  if (!wsRoot) {
+    throw new Error("Could not determine workspace root. Run this command inside a monorepo.");
+  }
+  const { base: defaultBase, head: defaultHead } = detectCiRefs();
+  const base = options.base ?? defaultBase;
+  const head = options.head ?? defaultHead;
+  if (!options.skipToolchain) {
+    logger.info("▸ Toolchain pre-flight");
+  }
+  await runToolchainPreflight(
+    wsRoot,
+    visConfig?.toolchain,
+    {
+      error: (message) => {
+        logger.error(message);
+      },
+      info: (message) => {
+        logger.info(message);
+      },
+      warn: (message) => {
+        logger.warn(message);
+      }
+    },
+    Boolean(options.skipToolchain)
+  );
+  if (options.install === false) {
+    logger.info("▸ Skipping install (--no-install)");
+  } else {
+    logger.info("▸ Installing dependencies");
+    await runtime.runCommand("install", {
+      argv: ["--frozen-lockfile"]
+    });
+  }
+  for (const target of targets) {
+    logger.info(`▸ Running affected ${target} (base=${base}, head=${head})`);
+    const argv = [
+      target,
+      `--base=${base}`,
+      `--head=${head}`,
+      `--upstream=${String(options.upstream ?? "none")}`,
+      `--downstream=${String(options.downstream ?? "deep")}`
+    ];
+    if (options.parallel !== void 0) {
+      argv.push(`--parallel=${String(options.parallel)}`);
+    }
+    if (options.partition) {
+      argv.push(`--partition=${String(options.partition)}`);
+    }
+    if (options.query) {
+      argv.push(`--query=${String(options.query)}`);
+    }
+    await runtime.runCommand("affected", { argv });
+  }
+  logger.info("▸ CI pipeline complete");
+};
+
+export { execute as default };

package/dist/packem_chunks/handler7.js

@@ -1,8 +1,115 @@
-var I=Object.defineProperty;var S=(c,o)=>I(c,"name",{value:o,configurable:!0});import{findPackageManagerSync as J}from"@visulima/package";import{render as b,renderToString as V,Text as y}from"@visulima/tui";import{c as W,O as Z,W as q,p as f,V as G,B as H,d as K}from"./bin.js";import a from"react";import{z as Q,e as X,Z as _}from"../packem_shared/ai-analysis-CGuy7dfE.js";import{U as ee,B as te,f as j}from"../packem_shared/VisUpdateApp-D-L4_-Iu.js";import{o as oe,a as re,N as m,w as ne,v as N,O as se,T as ie}from"../packem_shared/catalog-BVPerCwG.js";var ae=Object.defineProperty,ce=S((c,o)=>ae(c,"name",{value:o,configurable:!0}),"$");const we=ce(async({argument:c,logger:o,options:e,visConfig:i,workspaceRoot:C})=>{if(!C)throw new Error("Could not determine workspace root. Run this command inside a monorepo.");const d=C;if(e.securityConfig){const t=W(d);if(Z(i??{},t.name),e.sync&&t.name==="pnpm"){const r=q(i??{});if(r.length>0){f.info(`
-Settings that would sync to pnpm-workspace.yaml:`);for(const x of r)f.success(`  ${x}`)}else f.info("No security settings to sync.")}else e.sync&&t.name!=="pnpm"&&(f.info(`--sync is only available for pnpm projects. Your project uses ${t.name}.`),f.info("vis enforces security settings at the vis layer for non-pnpm projects."));if(!e.security&&!c?.length)return}const{packageManager:O}=J(d),U=oe(d),l=i?.update??{},w=re(d,O,{dev:e.dev,prod:e.prod});if(w.size===0){o.info("No catalogs found.");return}const v=e.target??l.target??"latest";if(!["latest","minor","patch"].includes(v))throw new Error(`Invalid target "${v}". Use: latest, minor, or patch.`);const z={exclude:[...m(e.exclude),...m(l.exclude)],ignore:m(l.ignore),include:[...m(e.include),...m(l.include),...c],includeLocked:!!e.includeLocked,includePrerelease:e.prerelease||l.prerelease||!1,security:!e.noSecurity,target:v};let E=0;for(const t of w.values())E+=t.size;const h=!!process.stdout.isTTY&&!K;let u;const B=h?(t,r)=>{u?u.rerender(a.createElement(j,{current:t,total:r})):u=b(a.createElement(j,{current:t,total:r}),{interactive:!0,patchConsole:!1})}:(t,r)=>{o.info(`Checking ${String(t)}/${String(r)} dependencies...`)};h||o.info(`Checking ${String(E)} catalog dependencies against npm registry...
-`);const M=G(i?.security?.socket),{failed:$,outdated:s}=await ne(w,z,U,B,d,M,i?.security?.socket?.acceptedRisks);if(u&&(u.clear(),u.unmount()),$.length>0&&o.warn(`Failed to fetch: ${$.join(", ")}`),s.length===0){o.info("All catalog dependencies are up to date.");return}const k=e.format??l.format??"table",P=Q(e.aiType??"impact"),p=e.ai?await X(s,o,i?.ai,P):void 0;if(h&&k==="table"){const t=new ee(s,p??null),r=i?.tui?.autoExit??!1,x=r===!0?3:typeof r=="number"?r:0;await b(a.createElement(te,{autoExitSeconds:x,isDryRun:!0,store:t}),{alternateScreen:!0,exitOnCtrlC:!1,interactive:!0,patchConsole:!0}).waitUntilExit();const L=process.stdout.columns||80;process.stdout.write(`
-`);for(const n of s){const Y=n.vulnerabilities?.length||n.socketReport&&n.socketReport.alerts.length>0,T=!!n.acceptedRisk,A=Y?T?"✓":"⚠":"✓",D=T?"gray":n.updateType==="major"?"red":n.updateType==="minor"?"yellow":"green",g=n.socketReport?.score.overall,F=g===void 0?"":` [${String(Math.round(g*100))}%]`,R=g===void 0?void 0:H(g);process.stdout.write(`${V(a.createElement(y,null,"   ",a.createElement(y,{color:D},A),`  ${n.packageName}  ${n.currentRange} → ${n.newRange}`,a.createElement(y,{dimColor:!0},`  ${n.updateType}`),R?a.createElement(y,{color:R},F):null),{columns:L})}
-`)}process.stdout.write(`
-`),o.info(N(s))}else if(k==="json"){const t={failed:$,outdated:s};p&&(t.aiAnalysis=p),process.stdout.write(`${JSON.stringify(t,void 0,2)}
-`)}else k==="minimal"?process.stdout.write(`${se(s)}
-`):(ie(s,o),o.info(N(s)),p&&(o.info(""),o.info(_(p))));e.exitCode&&s.length>0&&(process.exitCode=1)},"execute");export{we as default};
+import { createRequire as __cjs_createRequire } from "node:module";
+
+const __cjs_require = __cjs_createRequire(import.meta.url);
+
+const __cjs_getProcess = typeof globalThis !== "undefined" && typeof globalThis.process !== "undefined" ? globalThis.process : process;
+
+const __cjs_getBuiltinModule = (module) => {
+    // Check if we're in Node.js and version supports getBuiltinModule
+    if (typeof __cjs_getProcess !== "undefined" && __cjs_getProcess.versions && __cjs_getProcess.versions.node) {
+        const [major, minor] = __cjs_getProcess.versions.node.split(".").map(Number);
+        // Node.js 20.16.0+ and 22.3.0+
+        if (major > 22 || (major === 22 && minor >= 3) || (major === 20 && minor >= 16)) {
+            return __cjs_getProcess.getBuiltinModule(module);
+        }
+    }
+    // Fallback to createRequire
+    return __cjs_require(module);
+};
+
+const {
+  readdirSync,
+  lstatSync
+} = __cjs_getBuiltinModule("node:fs");
+import { isAccessibleSync } from '@visulima/fs';
+import { join } from '@visulima/path';
+import { cleanWorkspace } from '#native';
+import { p as pail } from './bin.js';
+
+const findNodeModulesDirectories = (root) => {
+  const results = [];
+  const stack = [root];
+  while (stack.length > 0) {
+    const dir = stack.pop();
+    let entries;
+    try {
+      entries = readdirSync(dir);
+    } catch {
+      continue;
+    }
+    for (const entry of entries) {
+      const fullPath = join(dir, entry);
+      try {
+        const stat = lstatSync(fullPath);
+        if (stat.isSymbolicLink() || !stat.isDirectory()) {
+          continue;
+        }
+      } catch {
+        continue;
+      }
+      if (entry === "node_modules") {
+        results.push(fullPath);
+      } else if (entry !== ".git" && entry !== ".hg") {
+        stack.push(fullPath);
+      }
+    }
+  }
+  return results;
+};
+const LOCKFILE_NAMES = ["pnpm-lock.yaml", "package-lock.json", "npm-shrinkwrap.json", "yarn.lock", "bun.lock", "bun.lockb"];
+const removeLockfiles = (cwd, dryRun, logger) => {
+  let removed = 0;
+  let hadError = false;
+  for (const name of LOCKFILE_NAMES) {
+    const lockfile = join(cwd, name);
+    if (!isAccessibleSync(lockfile)) {
+      continue;
+    }
+    {
+      logger.info(`  ${lockfile}`);
+      removed++;
+      continue;
+    }
+  }
+  return { hadError, removed };
+};
+const execute = async ({ logger, options, workspaceRoot: wsRoot }) => {
+  const cwd = wsRoot ?? process.cwd();
+  const shouldRemoveLockfile = options.lockfile || false;
+  const dryRun = options.dryRun || false;
+  if (dryRun) {
+    const directories = findNodeModulesDirectories(cwd);
+    if (directories.length > 0) {
+      pail.info("Would remove:");
+      for (const dir of directories) {
+        logger.info(`  ${dir}`);
+      }
+    } else {
+      pail.info("No node_modules directories found.");
+    }
+    if (shouldRemoveLockfile) {
+      removeLockfiles(cwd, true, logger);
+    }
+    return;
+  }
+  const result = cleanWorkspace(cwd, shouldRemoveLockfile);
+  for (const dir of result.removed) {
+    pail.success(`Removed ${dir}`);
+  }
+  for (const file of result.lockfilesRemoved) {
+    pail.success(`Removed ${file}`);
+  }
+  for (const error of result.errors) {
+    pail.error(error);
+  }
+  if (result.removed.length === 0 && result.lockfilesRemoved.length === 0) {
+    pail.info("No node_modules directories found.");
+  } else {
+    pail.info(`Cleaned ${result.removed.length} node_modules director${result.removed.length === 1 ? "y" : "ies"}`);
+  }
+  if (result.errors.length > 0) {
+    process.exitCode = 1;
+  }
+};
+
+export { execute as default };

package/dist/packem_chunks/handler8.js

@@ -1 +1,12 @@
-var m=Object.defineProperty;var f=(r,n)=>m(r,"name",{value:n,configurable:!0});import{r as u}from"../packem_shared/toolchain-DQfTQY8E.js";var _=Object.defineProperty,a=f((r,n)=>_(r,"name",{value:n,configurable:!0}),"n");const C=a(()=>process.env.GITHUB_BASE_REF?{base:`origin/${process.env.GITHUB_BASE_REF}`,head:process.env.GITHUB_SHA??"HEAD"}:process.env.CI_MERGE_REQUEST_TARGET_BRANCH_NAME?{base:`origin/${process.env.CI_MERGE_REQUEST_TARGET_BRANCH_NAME}`,head:process.env.CI_COMMIT_SHA??"HEAD"}:process.env.CIRCLE_BRANCH&&process.env.CIRCLE_SHA1?{base:"origin/main",head:process.env.CIRCLE_SHA1}:{base:"origin/main",head:"HEAD"},"detectCiRefs"),w=a(async({argument:r,logger:n,options:e,runtime:t,visConfig:d,workspaceRoot:s})=>{const l=r[0];if(!l)throw new Error("Missing targets. Usage: vis ci <target>[,<target>…]");const p=l.split(",").map(o=>o.trim()).filter(Boolean);if(p.length===0)throw new Error("Missing targets. Usage: vis ci <target>[,<target>…]");if(!s)throw new Error("Could not determine workspace root. Run this command inside a monorepo.");const{base:E,head:h}=C(),c=e.base??E,g=e.head??h;e.skipToolchain||n.info("▸ Toolchain pre-flight"),await u(s,d?.toolchain,{error:a(o=>{n.error(o)},"error"),info:a(o=>{n.info(o)},"info"),warn:a(o=>{n.warn(o)},"warn")},!!e.skipToolchain),e.install===!1?n.info("▸ Skipping install (--no-install)"):(n.info("▸ Installing dependencies"),await t.runCommand("install",{argv:["--frozen-lockfile"]}));for(const o of p){n.info(`▸ Running affected ${o} (base=${c}, head=${g})`);const i=[o,`--base=${c}`,`--head=${g}`,`--upstream=${String(e.upstream??"none")}`,`--downstream=${String(e.downstream??"deep")}`];e.parallel!==void 0&&i.push(`--parallel=${String(e.parallel)}`),e.partition&&i.push(`--partition=${String(e.partition)}`),e.query&&i.push(`--query=${String(e.query)}`),await t.runCommand("affected",{argv:i})}n.info("▸ CI pipeline complete")},"execute");export{w as default};
+import { r as resolveInstaller, k as runDedupe } from './bin.js';
+
+const execute = async ({ logger, options, visConfig, workspaceRoot: wsRoot }) => {
+  const cwd = wsRoot ?? process.cwd();
+  const pm = resolveInstaller(cwd, { configBackend: visConfig?.install?.backend });
+  const code = runDedupe(pm, options.check || false, cwd, logger);
+  if (code !== 0) {
+    process.exitCode = code;
+  }
+};
+
+export { execute as default };

package/dist/packem_chunks/handler9.js

@@ -1 +1,29 @@
-var a=Object.defineProperty;var d=(s,o)=>a(s,"name",{value:o,configurable:!0});import{createRequire as p}from"node:module";import{isAccessibleSync as k}from"@visulima/fs";import{join as m}from"@visulima/path";import{cleanWorkspace as b}from"#native";import{p as c}from"./bin.js";import{f as R}from"../packem_shared/utils-DrNg0XTR.js";const g=p(import.meta.url),f=typeof globalThis<"u"&&typeof globalThis.process<"u"?globalThis.process:process,h=d(s=>{if(typeof f<"u"&&f.versions&&f.versions.node){const[o,n]=f.versions.node.split(".").map(Number);if(o>22||o===22&&n>=3||o===20&&n>=16)return f.getBuiltinModule(s)}return g(s)},"__cjs_getBuiltinModule"),{readdirSync:v,lstatSync:y,unlinkSync:_}=h("node:fs");var $=Object.defineProperty,u=d((s,o)=>$(s,"name",{value:o,configurable:!0}),"f");const j=u(s=>{const o=[],n=[s];for(;n.length>0;){const t=n.pop();let i;try{i=v(t)}catch{continue}for(const r of i){const e=m(t,r);try{const l=y(e);if(l.isSymbolicLink()||!l.isDirectory())continue}catch{continue}r==="node_modules"?o.push(e):r!==".git"&&r!==".hg"&&n.push(e)}}return o},"findNodeModulesDirectories"),S=["pnpm-lock.yaml","package-lock.json","npm-shrinkwrap.json","yarn.lock","bun.lock","bun.lockb"],x=u((s,o,n)=>{let t=0,i=!1;for(const r of S){const e=m(s,r);if(k(e)){if(o){n.info(`  ${e}`),t++;continue}try{_(e),c.success(`Removed ${e}`),t++}catch(l){c.error(`${e}: ${R(l)}`),i=!0}}}return{hadError:i,removed:t}},"removeLockfiles"),D=u(async({logger:s,options:o,workspaceRoot:n})=>{const t=n??process.cwd(),i=o.lockfile||!1;if(o.dryRun){const e=j(t);if(e.length>0){c.info("Would remove:");for(const l of e)s.info(`  ${l}`)}else c.info("No node_modules directories found.");i&&x(t,!0,s);return}const r=b(t,i);for(const e of r.removed)c.success(`Removed ${e}`);for(const e of r.lockfilesRemoved)c.success(`Removed ${e}`);for(const e of r.errors)c.error(e);r.removed.length===0&&r.lockfilesRemoved.length===0?c.info("No node_modules directories found."):c.info(`Cleaned ${r.removed.length} node_modules director${r.removed.length===1?"y":"ies"}`),r.errors.length>0&&(process.exitCode=1)},"execute");export{D as default};
+import { r as resolveInstaller, l as runDlx } from './bin.js';
+
+const execute = async ({ argument, logger, options, visConfig, workspaceRoot: wsRoot }) => {
+  const args = argument;
+  if (!args || args.length === 0) {
+    throw new Error("No package specified. Usage: vis dlx <package[@version]> [args...]");
+  }
+  const [pkg, ...rest] = args;
+  const cwd = wsRoot ?? process.cwd();
+  const pm = resolveInstaller(cwd, { configBackend: visConfig?.install?.backend });
+  const additionalPackages = options.package ? Array.isArray(options.package) ? options.package : [options.package] : [];
+  const code = runDlx(
+    pm,
+    {
+      additionalPackages,
+      args: rest,
+      package: pkg,
+      shellMode: options.shellMode || false,
+      silent: options.silent || false
+    },
+    cwd,
+    logger
+  );
+  if (code !== 0) {
+    process.exitCode = code;
+  }
+};
+
+export { execute as default };