@visulima/vis 1.0.0-alpha.11 → 1.0.0-alpha.13

package/dist/packem_chunks/handler43.js

@@ -1,2658 +1,10 @@
-import { createRequire as __cjs_createRequire } from "node:module";
-
-const __cjs_require = __cjs_createRequire(import.meta.url);
-
-const __cjs_getProcess = typeof globalThis !== "undefined" && typeof globalThis.process !== "undefined" ? globalThis.process : process;
-
-const __cjs_getBuiltinModule = (module) => {
-    // Check if we're in Node.js and version supports getBuiltinModule
-    if (typeof __cjs_getProcess !== "undefined" && __cjs_getProcess.versions && __cjs_getProcess.versions.node) {
-        const [major, minor] = __cjs_getProcess.versions.node.split(".").map(Number);
-        // Node.js 20.16.0+ and 22.3.0+
-        if (major > 22 || (major === 22 && minor >= 3) || (major === 20 && minor >= 16)) {
-            return __cjs_getProcess.getBuiltinModule(module);
-        }
-    }
-    // Fallback to createRequire
-    return __cjs_require(module);
-};
-
-import { dim, bold, cyan, green, red, yellow } from '@visulima/colorize';
-import { findPackageManagerSync } from '@visulima/package';
-import { join, resolve } from '@visulima/path';
-import { Box, Text, ScrollView, Tabs, Tab, Spinner, ScrollBar, useApp, useWindowSize, useInput, Dialog, render } from '@visulima/tui';
-import { j as scoreColor, _ as QuitDialog, D as DEFAULT_LOW_SCORE_THRESHOLD, p as pail, c as detectPm, i as isInCi, S as SYMBOLS, x as runInstall, a as buildSocketOptions, f as fetchSocketReports } from './bin.js';
-import React, { useSyncExternalStore, useState, useEffect, useRef, useMemo, useCallback } from 'react';
-const {
-  rmSync,
-  writeFileSync,
-  statSync,
-  readFileSync
-} = __cjs_getBuiltinModule("node:fs");
-const {
-  homedir
-} = __cjs_getBuiltinModule("node:os");
-import { x as xxh3Hash } from '../packem_shared/xxh3-Ck8mXNg1.js';
-import { isAccessibleSync, readJsonSync, ensureDirSync } from '@visulima/fs';
-import { findVisConfigFile } from './applyDefaults.js';
-import { d as discoverWorkspacePackages, c as collectDepsFromPkgJson, r as readLockfileText, b as buildE18eEntries, a as buildSocketEntries, e as applyOverrides, f as runCodemod, m as markCodemodAvailability } from './handler41.js';
-import { c as checkRuntimeVersions } from '../packem_shared/runtime-check-Cobi3p6l.js';
-const {
-  spawnSync
-} = __cjs_getBuiltinModule("node:child_process");
-import { l as lockedPackages, s as startScanProgress, f as findDuplicateDependencies } from '../packem_shared/dependency-scan-A0KSklpG.js';
-import { jsxs, jsx, Fragment } from 'react/jsx-runtime';
-import { u as useMeasuredHeight } from '../packem_shared/use-measured-height-CNP0vT4M.js';
-import { r as readCatalogs, l as loadNpmrc, c as checkOutdated, a as fetchVulnerabilities } from '../packem_shared/catalog-BJTtyi-O.js';
-
-const getCacheDirectory = () => join(homedir(), ".vis", "cache", "doctor");
-const DEFAULT_TTL_MS = 30 * 60 * 1e3;
-const safeMtime = (path) => {
-  if (!path) {
-    return "";
-  }
-  try {
-    return String(statSync(path).mtimeMs);
-  } catch {
-    return "";
-  }
-};
-const CACHE_SCHEMA_VERSION = 2;
-const buildDoctorCacheKey = (input) => {
-  const payload = JSON.stringify({
-    configMtime: safeMtime(input.configPath),
-    lockfileMtime: safeMtime(input.lockfilePath),
-    schema: CACHE_SCHEMA_VERSION,
-    sections: [...input.sections].toSorted(),
-    socketEnabled: input.socketEnabled,
-    workspaceRoot: input.workspaceRoot
-  });
-  return xxh3Hash(Buffer.from(payload));
-};
-const readDoctorCache = (cacheKey) => {
-  const filePath = join(getCacheDirectory(), `${cacheKey}.json`);
-  if (!isAccessibleSync(filePath)) {
-    return void 0;
-  }
-  try {
-    const entry = readJsonSync(filePath);
-    if (Date.now() - entry.createdAt > entry.ttlMs) {
-      rmSync(filePath, { force: true });
-      return void 0;
-    }
-    return { ...entry.results, sections: new Set(entry.results.sections) };
-  } catch {
-    rmSync(filePath, { force: true });
-    return void 0;
-  }
-};
-const writeDoctorCache = (cacheKey, results, ttlMs = DEFAULT_TTL_MS) => {
-  ensureDirSync(getCacheDirectory());
-  const entry = {
-    createdAt: Date.now(),
-    results: { ...results, sections: [...results.sections] },
-    ttlMs
-  };
-  writeFileSync(join(getCacheDirectory(), `${cacheKey}.json`), JSON.stringify(entry, void 0, 2), "utf8");
-};
-
-const ORPHANS_DIAGNOSTIC_ID = "orphans";
-const checkInotifyCapacity = () => {
-  if (process.platform !== "linux") {
-    return {
-      id: "inotify",
-      message: "inotify capacity check skipped (not Linux).",
-      status: "skip"
-    };
-  }
-  let maxWatches;
-  try {
-    const raw = readFileSync("/proc/sys/fs/inotify/max_user_watches", "utf8").trim();
-    const parsed = Number.parseInt(raw, 10);
-    if (Number.isFinite(parsed) && parsed > 0) {
-      maxWatches = parsed;
-    }
-  } catch {
-    return {
-      id: "inotify",
-      message: "Could not read /proc/sys/fs/inotify/max_user_watches.",
-      status: "warn"
-    };
-  }
-  if (maxWatches === void 0) {
-    return {
-      id: "inotify",
-      message: "inotify max_user_watches reported a non-numeric value.",
-      status: "warn"
-    };
-  }
-  if (maxWatches < 65536) {
-    return {
-      detail: { maxWatches },
-      id: "inotify",
-      message: `inotify watcher limit is ${String(maxWatches)} — large monorepos can exhaust this. Bump now with \`sudo sysctl fs.inotify.max_user_watches=524288\` and persist via \`/etc/sysctl.d/99-vis.conf\` so it survives reboot.`,
-      status: "warn"
-    };
-  }
-  return {
-    detail: { maxWatches },
-    id: "inotify",
-    message: `inotify capacity OK (${String(maxWatches)} watches).`,
-    status: "ok"
-  };
-};
-const checkTtyAvailability = () => {
-  const stdinIsTty = Boolean(process.stdin.isTTY);
-  const stdoutIsTty = Boolean(process.stdout.isTTY);
-  if (stdinIsTty && stdoutIsTty) {
-    return {
-      id: "tty",
-      message: "Interactive TTY available — watch keybinds enabled.",
-      status: "ok"
-    };
-  }
-  if (!stdinIsTty && !stdoutIsTty) {
-    return {
-      id: "tty",
-      message: "No TTY on stdin/stdout — running in CI / piped mode (keybinds disabled).",
-      status: "skip"
-    };
-  }
-  return {
-    detail: { stdin: String(stdinIsTty), stdout: String(stdoutIsTty) },
-    id: "tty",
-    message: stdinIsTty ? "stdin is a TTY but stdout is not — output is being captured; keybinds still work." : "stdout is a TTY but stdin is not — keybinds disabled (input is piped).",
-    status: "skip"
-  };
-};
-const listOrphanPids = () => {
-  const selfPid = process.pid;
-  try {
-    return process.platform === "win32" ? listOrphansWindows(selfPid) : listOrphansUnix(selfPid);
-  } catch {
-    return [];
-  }
-};
-const checkOrphanedRunners = () => {
-  const selfPid = process.pid;
-  let pids;
-  try {
-    pids = process.platform === "win32" ? listOrphansWindows(selfPid) : listOrphansUnix(selfPid);
-  } catch {
-    return {
-      id: ORPHANS_DIAGNOSTIC_ID,
-      message: "Could not enumerate processes (ps/tasklist failed).",
-      status: "warn"
-    };
-  }
-  if (pids.length === 0) {
-    return {
-      id: ORPHANS_DIAGNOSTIC_ID,
-      message: "No orphaned vis/task-runner processes detected.",
-      status: "ok"
-    };
-  }
-  if (pids.length <= 2) {
-    return {
-      detail: { count: pids.length, pids: pids.join(",") },
-      id: ORPHANS_DIAGNOSTIC_ID,
-      message: `${String(pids.length)} possibly orphaned process(es) detected (PIDs: ${pids.join(", ")}). Likely benign.`,
-      status: "skip"
-    };
-  }
-  const killSnippet = process.platform === "win32" ? pids.map((p) => `taskkill /F /PID ${String(p)}`).join(" & ") : `kill ${pids.join(" ")}`;
-  return {
-    detail: { count: pids.length, pids: pids.join(",") },
-    id: "orphans",
-    message: `${String(pids.length)} possibly orphaned vis/task-runner processes — run \`vis doctor --fix\` to clean them up, or kill them manually: ${killSnippet}`,
-    status: "warn"
-  };
-};
-const killOrphanedRunners = (options = {}) => {
-  const enumerate = options.enumerate ?? listOrphanPids;
-  const force = options.force === true;
-  const signal = force ? "SIGKILL" : "SIGTERM";
-  const killFn = options.kill ?? defaultKill;
-  const pids = enumerate();
-  const killed = [];
-  const failed = [];
-  for (const pid of pids) {
-    try {
-      killFn(pid, signal);
-      killed.push(pid);
-    } catch (error) {
-      const reason = error.code ?? error.message;
-      if (reason === "ESRCH") {
-        killed.push(pid);
-        continue;
-      }
-      failed.push({ pid, reason });
-    }
-  }
-  return { failed, killed };
-};
-const defaultTaskkillRunner = (args) => spawnSync("taskkill", args, { encoding: "utf8" });
-const defaultProcessKill = (pid, signal) => {
-  process.kill(pid, signal);
-};
-const killViaTaskkill = (pid, signal, runner = defaultTaskkillRunner) => {
-  const args = signal === "SIGKILL" ? ["/F", "/PID", String(pid)] : ["/PID", String(pid)];
-  const result = runner(args);
-  if (result.error) {
-    throw result.error;
-  }
-  if (typeof result.status === "number" && result.status !== 0) {
-    const code = result.status === 128 ? "ESRCH" : `taskkill exited with code ${String(result.status)}`;
-    const error = new Error(code);
-    error.code = code;
-    throw error;
-  }
-};
-const killViaSignal = (pid, signal, kill = defaultProcessKill) => {
-  kill(pid, signal);
-};
-const defaultKill = (pid, signal) => {
-  if (process.platform === "win32") {
-    killViaTaskkill(pid, signal);
-    return;
-  }
-  killViaSignal(pid, signal);
-};
-const runProcessListing = (command, args) => {
-  const result = spawnSync(command, args, { encoding: "utf8" });
-  if (result.error) {
-    throw result.error;
-  }
-  if (typeof result.status === "number" && result.status !== 0) {
-    throw new Error(`${command} exited with code ${String(result.status)}`);
-  }
-  return typeof result.stdout === "string" ? result.stdout : "";
-};
-const listOrphansUnix = (selfPid) => {
-  const stdout = runProcessListing("ps", ["-Ao", "pid=,command="]);
-  const pids = [];
-  for (const line of stdout.split("\n")) {
-    if (line.length === 0) {
-      continue;
-    }
-    const match = /^\s*(\d+)\s+(.+)$/.exec(line);
-    if (!match) {
-      continue;
-    }
-    const pid = Number.parseInt(match[1] ?? "", 10);
-    const command = (match[2] ?? "").toLowerCase();
-    if (!Number.isFinite(pid) || pid === selfPid) {
-      continue;
-    }
-    if (/(?:^|[ /])vis-native(?:\s|$|[-.])/.test(command) || /(?:^|[ /])vis\s+run\b/.test(command) || /(?:^|[ /])task-runner(?:\s|$|[-.])/.test(command)) {
-      pids.push(pid);
-    }
-  }
-  return pids;
-};
-const listOrphansWindows = (selfPid) => {
-  const stdout = runProcessListing("tasklist", ["/FO", "CSV", "/NH"]);
-  const pids = [];
-  for (const line of stdout.split(/\r?\n/)) {
-    if (line.length === 0) {
-      continue;
-    }
-    const cells = line.split(/","/).map((cell) => cell.replaceAll(/^"|"$/g, ""));
-    const image = (cells[0] ?? "").toLowerCase();
-    const pid = Number.parseInt(cells[1] ?? "", 10);
-    if (!Number.isFinite(pid) || pid === selfPid) {
-      continue;
-    }
-    if (image === "vis.exe" || image.startsWith("vis-native") || image.includes("task-runner")) {
-      pids.push(pid);
-    }
-  }
-  return pids;
-};
-const runRuntimeDiagnostics = () => [checkInotifyCapacity(), checkTtyAvailability(), checkOrphanedRunners()];
-
-const FILTER_TABS = [
-  { id: "dependencies", label: "Deps" },
-  { id: "security", label: "Security" },
-  { id: "optimization", label: "Optimize" },
-  { id: "runtime", label: "Runtime" }
-];
-const SECTION_ORDER = ["dependencies", "security", "optimization", "runtime"];
-const groupBySection = (findings) => {
-  const map = /* @__PURE__ */ new Map();
-  for (const section of SECTION_ORDER) {
-    map.set(section, []);
-  }
-  for (const finding of findings) {
-    map.get(finding.section).push(finding);
-  }
-  for (const [section, items] of map) {
-    if (items.length === 0) {
-      map.delete(section);
-    }
-  }
-  return map;
-};
-const filterFindings = (findings, filterType, filterText, severityFilter) => {
-  let filtered = findings.filter((f) => f.section === filterType);
-  if (severityFilter) {
-    filtered = filtered.filter((f) => f.severity === severityFilter);
-  }
-  if (filterText) {
-    const lower = filterText.toLowerCase();
-    filtered = filtered.filter((f) => f.title.toLowerCase().includes(lower));
-  }
-  return [...filtered];
-};
-const initialStatus = (activeSections) => {
-  const status = {
-    dependencies: "idle",
-    optimization: "idle",
-    runtime: "idle",
-    security: "idle"
-  };
-  for (const id of SECTION_ORDER) {
-    if (activeSections.has(id)) {
-      status[id] = "idle";
-    }
-  }
-  return status;
-};
-class DoctorStore {
-  #state;
-  #listeners = /* @__PURE__ */ new Set();
-  constructor(input = []) {
-    const options = Array.isArray(input) ? { findings: input } : input;
-    const findings = options.findings ?? [];
-    const activeSections = options.activeSections ?? new Set(SECTION_ORDER);
-    const initialFilter = SECTION_ORDER.find((id) => activeSections.has(id)) ?? "dependencies";
-    const seed = filterFindings(findings, initialFilter, "", void 0);
-    const status = initialStatus(activeSections);
-    if (findings.length > 0) {
-      for (const finding of findings) {
-        status[finding.section] = "done";
-      }
-    }
-    this.#state = {
-      all: findings,
-      entries: seed,
-      filterActive: false,
-      filterText: "",
-      filterType: initialFilter,
-      focusedPanel: "list",
-      grouped: groupBySection(seed),
-      pendingAction: void 0,
-      sectionError: {},
-      sectionMessage: {},
-      sectionStatus: status,
-      selectedIndex: 0,
-      severityFilter: void 0
-    };
-  }
-  getSnapshot = () => this.#state;
-  subscribe = (listener) => {
-    this.#listeners.add(listener);
-    return () => {
-      this.#listeners.delete(listener);
-    };
-  };
-  setSelectedIndex(index) {
-    const clamped = Math.max(0, Math.min(index, this.#state.entries.length - 1));
-    if (clamped !== this.#state.selectedIndex) {
-      this.#emit({ ...this.#state, selectedIndex: clamped });
-    }
-  }
-  setFocusedPanel(panel) {
-    if (panel !== this.#state.focusedPanel) {
-      this.#emit({ ...this.#state, focusedPanel: panel });
-    }
-  }
-  setFilterType(type) {
-    if (type === this.#state.filterType) {
-      return;
-    }
-    const newEntries = filterFindings(this.#state.all, type, this.#state.filterText, this.#state.severityFilter);
-    this.#emit({
-      ...this.#state,
-      entries: newEntries,
-      filterType: type,
-      grouped: groupBySection(newEntries),
-      selectedIndex: 0
-    });
-  }
-  setFilter(text) {
-    const newEntries = filterFindings(this.#state.all, this.#state.filterType, text, this.#state.severityFilter);
-    this.#emit({
-      ...this.#state,
-      entries: newEntries,
-      filterText: text,
-      grouped: groupBySection(newEntries),
-      selectedIndex: 0
-    });
-  }
-  setFilterActive(active) {
-    if (active === this.#state.filterActive) {
-      return;
-    }
-    if (active) {
-      this.#emit({ ...this.#state, filterActive: true });
-      return;
-    }
-    const newEntries = filterFindings(this.#state.all, this.#state.filterType, "", this.#state.severityFilter);
-    this.#emit({
-      ...this.#state,
-      entries: newEntries,
-      filterActive: false,
-      filterText: "",
-      grouped: groupBySection(newEntries),
-      selectedIndex: 0
-    });
-  }
-  setPendingAction(action) {
-    this.#emit({ ...this.#state, pendingAction: action });
-  }
-  setSeverityFilter(severity) {
-    if (severity === this.#state.severityFilter) {
-      return;
-    }
-    const newEntries = filterFindings(this.#state.all, this.#state.filterType, this.#state.filterText, severity);
-    this.#emit({
-      ...this.#state,
-      entries: newEntries,
-      grouped: groupBySection(newEntries),
-      selectedIndex: 0,
-      severityFilter: severity
-    });
-  }
-  startSection(section, message) {
-    this.#emit({
-      ...this.#state,
-      sectionMessage: { ...this.#state.sectionMessage, [section]: message },
-      sectionStatus: { ...this.#state.sectionStatus, [section]: "running" }
-    });
-  }
-  completeSection(section, findings) {
-    const newAll = [...this.#state.all, ...findings];
-    const newEntries = filterFindings(newAll, this.#state.filterType, this.#state.filterText, this.#state.severityFilter);
-    const nextMessage = { ...this.#state.sectionMessage };
-    delete nextMessage[section];
-    this.#emit({
-      ...this.#state,
-      all: newAll,
-      entries: newEntries,
-      grouped: groupBySection(newEntries),
-      sectionMessage: nextMessage,
-      sectionStatus: { ...this.#state.sectionStatus, [section]: "done" }
-    });
-  }
-  failSection(section, error) {
-    this.#emit({
-      ...this.#state,
-      sectionError: { ...this.#state.sectionError, [section]: error },
-      sectionStatus: { ...this.#state.sectionStatus, [section]: "error" }
-    });
-  }
-  #emit(newState) {
-    this.#state = newState;
-    for (const listener of this.#listeners) {
-      try {
-        listener();
-      } catch {
-      }
-    }
-  }
-}
-
-const SEVERITY_RANK = { error: 0, warn: 1 };
-const isAcknowledged = (entry) => Boolean(entry.acceptedRisk);
-const flattenFindings = (results) => {
-  const findings = [];
-  if (results.sections.has("dependencies")) {
-    for (const entry of results.outdated) {
-      findings.push({
-        entry,
-        id: `outdated:${entry.packageName}`,
-        kind: "outdated",
-        section: "dependencies",
-        severity: "warn",
-        subtitle: `${entry.currentRange} → ${entry.newRange} (${entry.updateType})`,
-        title: entry.packageName
-      });
-    }
-    for (const pkg of results.duplicates) {
-      findings.push({
-        id: `duplicate:${pkg.name}`,
-        kind: "duplicate",
-        pkg,
-        section: "dependencies",
-        severity: "warn",
-        subtitle: `${String(pkg.versions.length)} versions installed`,
-        title: pkg.name
-      });
-    }
-  }
-  if (results.sections.has("security")) {
-    for (const entry of results.outdated) {
-      if (entry.vulnerabilities && entry.vulnerabilities.length > 0) {
-        const top = entry.vulnerabilities[0];
-        const sev = isAcknowledged(entry) ? "warn" : "error";
-        const count = entry.vulnerabilities.length;
-        findings.push({
-          entry,
-          id: `vuln:${entry.packageName}`,
-          kind: "vulnerability",
-          packageName: entry.packageName,
-          section: "security",
-          severity: sev,
-          subtitle: count === 1 ? `${top.severity} · ${top.id}` : `${String(count)} advisories · top: ${top.severity} ${top.id}`,
-          title: entry.packageName
-        });
-      }
-      if (entry.socketReport && entry.socketReport.alerts.length > 0) {
-        const score = Math.round(entry.socketReport.score.overall * 100);
-        findings.push({
-          entry,
-          id: `socket:${entry.packageName}`,
-          kind: "socket",
-          packageName: entry.packageName,
-          section: "security",
-          severity: "warn",
-          subtitle: `${String(entry.socketReport.alerts.length)} alert${entry.socketReport.alerts.length === 1 ? "" : "s"} · score ${String(score)}%`,
-          title: entry.packageName
-        });
-      }
-    }
-  }
-  if (results.sections.has("optimization")) {
-    for (const entry of results.optimizations) {
-      findings.push({
-        entry,
-        id: `opt:${entry.packageName}`,
-        kind: "optimization",
-        section: "optimization",
-        severity: "warn",
-        subtitle: `${entry.category} → ${entry.replacement}`,
-        title: entry.packageName
-      });
-    }
-  }
-  if (results.sections.has("runtime")) {
-    for (const diagnostic of results.runtime) {
-      if (diagnostic.status !== "warn") {
-        continue;
-      }
-      findings.push({
-        diagnostic,
-        id: `runtime:${diagnostic.id}`,
-        kind: "runtime",
-        section: "runtime",
-        severity: "warn",
-        title: diagnostic.message
-      });
-    }
-  }
-  findings.sort((a, b) => {
-    if (a.section !== b.section) {
-      const order = ["dependencies", "security", "optimization", "runtime"];
-      return order.indexOf(a.section) - order.indexOf(b.section);
-    }
-    return SEVERITY_RANK[a.severity] - SEVERITY_RANK[b.severity];
-  });
-  return findings;
-};
-const SECTION_LABELS = {
-  dependencies: "Dependencies",
-  optimization: "Optimization",
-  runtime: "Runtime",
-  security: "Security"
-};
-
-const SEVERITY_COLORS$2 = {
-  error: "red",
-  warn: "yellow"
-};
-const SEVERITY_GLYPHS = {
-  error: "✖",
-  warn: "⚠"
-};
-const SEVERITY_LABELS = {
-  error: " ERROR ",
-  warn: " WARN "
-};
-const ConfigBanner = ({ children, hint, message, severity, title }) => {
-  const color = SEVERITY_COLORS$2[severity];
-  return jsxs(Box, { borderColor: color, borderStyle: "single", flexDirection: "column", flexShrink: 0, paddingX: 1, children: [
-    jsxs(Box, { gap: 1, children: [
-      jsx(Text, { backgroundColor: color, bold: true, color: "black", children: SEVERITY_LABELS[severity] }),
-      jsx(Text, { bold: true, color, children: SEVERITY_GLYPHS[severity] }),
-      jsx(Text, { bold: true, wrap: "truncate-end", children: title })
-    ] }),
-    jsx(Text, { wrap: "truncate-end", children: message }),
-    hint ? jsx(Text, { dimColor: true, wrap: "truncate-end", children: hint }) : null,
-    children
-  ] });
-};
-
-const SEVERITY_COLORS$1 = {
-  CRITICAL: "red",
-  HIGH: "red",
-  LOW: "gray",
-  MODERATE: "yellow",
-  UNKNOWN: "gray"
-};
-const SOCKET_SEVERITY_COLORS = {
-  critical: "red",
-  high: "red",
-  low: "gray",
-  medium: "yellow"
-};
-const UPDATE_TYPE_COLORS = {
-  major: "red",
-  minor: "yellow",
-  patch: "green"
-};
-const FieldRow = ({ children, label, width = 14 }) => jsxs(Box, { children: [
-  jsx(Box, { width, children: jsxs(Text, { dimColor: true, children: [
-    label,
-    ":"
-  ] }) }),
-  typeof children === "string" ? jsx(Text, { children }) : children
-] });
-const SectionTitle = ({ children }) => jsx(Box, { marginTop: 1, children: jsx(Text, { bold: true, color: "white", children }) });
-const OutdatedDetail = ({ finding }) => {
-  const { entry } = finding;
-  const typeColor = UPDATE_TYPE_COLORS[entry.updateType] ?? "white";
-  return jsxs(Box, { flexDirection: "column", children: [
-    jsx(FieldRow, { label: "Current", children: entry.currentRange }),
-    jsxs(FieldRow, { label: "Target", children: [
-      jsx(Text, { children: entry.newRange }),
-      jsxs(Text, { bold: true, color: typeColor, children: [
-        " (",
-        entry.updateType,
-        ")"
-      ] })
-    ] }),
-    jsx(FieldRow, { label: "Catalog", children: entry.catalogName }),
-    entry.acceptedRisk ? jsx(FieldRow, { label: "Risk ack", children: jsx(Text, { dimColor: true, children: entry.acceptedRisk.reason ?? "(no reason recorded)" }) }) : null,
-    jsx(SectionTitle, { children: "Action" }),
-    jsxs(Text, { dimColor: true, children: [
-      "Run",
-      " ",
-      jsx(Text, { bold: true, color: "white", children: "vis update" }),
-      " ",
-      "to apply this change."
-    ] })
-  ] });
-};
-const DuplicateDetail = ({ finding }) => jsxs(Box, { flexDirection: "column", children: [
-  jsx(FieldRow, { label: "Versions", children: jsx(Text, { children: String(finding.pkg.versions.length) }) }),
-  jsx(SectionTitle, { children: "Installed versions" }),
-  finding.pkg.versions.map((v) => jsxs(Text, { children: [
-    "  · ",
-    v
-  ] }, v)),
-  jsx(SectionTitle, { children: "Action" }),
-  jsxs(Text, { dimColor: true, children: [
-    "Run",
-    " ",
-    jsx(Text, { bold: true, color: "white", children: "vis dedupe" }),
-    " ",
-    "to consolidate to a single resolution."
-  ] })
-] });
-const VulnerabilityDetail = ({ finding }) => {
-  const vulns = finding.entry.vulnerabilities ?? [];
-  return jsxs(Box, { flexDirection: "column", children: [
-    jsx(FieldRow, { label: "Package", children: finding.packageName }),
-    jsx(FieldRow, { label: "Current", children: finding.entry.currentRange }),
-    jsx(FieldRow, { label: "Advisories", children: String(vulns.length) }),
-    finding.entry.acceptedRisk ? jsx(FieldRow, { label: "Risk ack", children: jsx(Text, { dimColor: true, children: finding.entry.acceptedRisk.reason ?? "(no reason recorded)" }) }) : null,
-    vulns.map((v) => {
-      const sevColor = SEVERITY_COLORS$1[v.severity] ?? "gray";
-      return jsxs(Box, { flexDirection: "column", marginTop: 1, children: [
-        jsxs(Box, { children: [
-          jsx(Text, { bold: true, color: sevColor, children: v.severity }),
-          jsx(Text, { children: " " }),
-          jsx(Text, { children: v.id }),
-          typeof v.cvssScore === "number" ? jsxs(Text, { dimColor: true, children: [
-            " · CVSS ",
-            v.cvssScore.toFixed(1)
-          ] }) : null
-        ] }),
-        jsx(Text, { wrap: "wrap", children: v.summary }),
-        v.fixedVersions.length > 0 ? jsxs(Text, { dimColor: true, children: [
-          "Fixed in: ",
-          v.fixedVersions.join(", ")
-        ] }) : null,
-        v.aliases && v.aliases.length > 0 ? jsxs(Text, { dimColor: true, children: [
-          "Aliases: ",
-          v.aliases.join(", ")
-        ] }) : null
-      ] }, v.id);
-    })
-  ] });
-};
-const SocketDetail = ({ finding }) => {
-  const report = finding.entry.socketReport;
-  if (!report) {
-    return jsx(Text, { dimColor: true, children: "No Socket report attached." });
-  }
-  const overall = Math.round(report.score.overall * 100);
-  const overallColor = scoreColor(report.score.overall);
-  return jsxs(Box, { flexDirection: "column", children: [
-    jsx(FieldRow, { label: "Package", children: finding.packageName }),
-    jsx(FieldRow, { label: "Overall", children: jsxs(Text, { color: overallColor, children: [
-      String(overall),
-      "%"
-    ] }) }),
-    jsx(FieldRow, { label: "Alerts", children: String(report.alerts.length) }),
-    finding.entry.acceptedRisk ? jsx(FieldRow, { label: "Risk ack", children: jsx(Text, { dimColor: true, children: finding.entry.acceptedRisk.reason ?? "(no reason recorded)" }) }) : null,
-    jsx(SectionTitle, { children: "Score breakdown" }),
-    Object.entries(report.score).map(([key, value]) => {
-      if (key === "overall") {
-        return null;
-      }
-      const numericValue = typeof value === "number" ? value : 0;
-      const pct = Math.round(numericValue * 100);
-      const color = scoreColor(numericValue);
-      return jsxs(Box, { children: [
-        jsx(Box, { width: 14, children: jsxs(Text, { dimColor: true, children: [
-          key,
-          ":"
-        ] }) }),
-        jsxs(Text, { color, children: [
-          String(pct),
-          "%"
-        ] })
-      ] }, key);
-    }),
-    jsx(SectionTitle, { children: "Alerts" }),
-    report.alerts.map((alert, index) => {
-      const sevColor = SOCKET_SEVERITY_COLORS[alert.severity] ?? "gray";
-      return jsxs(Box, { flexDirection: "column", marginBottom: 1, children: [
-        jsxs(Box, { children: [
-          jsx(Text, { bold: true, color: sevColor, children: alert.severity }),
-          jsx(Text, { children: " " }),
-          jsx(Text, { children: alert.type })
-        ] }),
-        alert.props ? jsx(Text, { dimColor: true, wrap: "wrap", children: JSON.stringify(alert.props) }) : null
-      ] }, `${alert.type}-${String(index)}`);
-    })
-  ] });
-};
-const OptimizationDetail = ({ finding }) => {
-  const { entry } = finding;
-  return jsxs(Box, { flexDirection: "column", children: [
-    jsx(FieldRow, { label: "Package", children: entry.packageName }),
-    jsx(FieldRow, { label: "Category", children: entry.category }),
-    jsx(FieldRow, { label: "Replacement", children: entry.replacement }),
-    entry.overrideSpec ? jsx(FieldRow, { label: "Override", children: entry.overrideSpec }) : null,
-    jsx(FieldRow, { label: "Codemod", children: jsx(Text, { color: entry.hasCodemod ? "green" : "gray", children: entry.hasCodemod ? "available" : "not available" }) }),
-    entry.docUrl ? jsx(FieldRow, { label: "Guide", children: jsx(Text, { color: "cyan", underline: true, children: entry.docUrl }) }) : null,
-    jsx(SectionTitle, { children: "Action" }),
-    entry.hasCodemod ? jsxs(Text, { dimColor: true, children: [
-      "Run",
-      " ",
-      jsx(Text, { bold: true, color: "white", children: "vis optimize" }),
-      " ",
-      "to apply the codemod interactively."
-    ] }) : entry.overrideSpec ? jsxs(Text, { dimColor: true, children: [
-      "Run",
-      " ",
-      jsx(Text, { bold: true, color: "white", children: "vis optimize" }),
-      " ",
-      "to install the package override."
-    ] }) : entry.docUrl ? jsx(Text, { dimColor: true, children: "No automated codemod. Open the migration guide above for the recommended alternative and steps." }) : jsx(Text, { dimColor: true, children: "No automated codemod. Consult the package's docs or the e18e module-replacements guide for an alternative." })
-  ] });
-};
-const RuntimeDetail = ({ finding }) => {
-  const { diagnostic } = finding;
-  const statusColor = diagnostic.status === "warn" ? "yellow" : diagnostic.status === "ok" ? "green" : "gray";
-  return jsxs(Box, { flexDirection: "column", children: [
-    jsx(FieldRow, { label: "Check", children: diagnostic.id }),
-    jsx(FieldRow, { label: "Status", children: jsx(Text, { color: statusColor, children: diagnostic.status }) }),
-    jsx(SectionTitle, { children: "Message" }),
-    jsx(Text, { wrap: "wrap", children: diagnostic.message }),
-    diagnostic.detail && Object.keys(diagnostic.detail).length > 0 ? jsxs(Fragment, { children: [
-      jsx(SectionTitle, { children: "Details" }),
-      Object.entries(diagnostic.detail).map(([key, value]) => jsxs(Box, { children: [
-        jsx(Box, { width: 20, children: jsxs(Text, { dimColor: true, children: [
-          key,
-          ":"
-        ] }) }),
-        jsx(Text, { children: String(value) })
-      ] }, key))
-    ] }) : null
-  ] });
-};
-const DoctorDetailPanel = ({ finding, focused, scrollRef }) => {
-  const borderColor = focused ? "white" : "gray";
-  if (!finding) {
-    return jsx(Box, { alignItems: "center", borderColor: "gray", borderStyle: "single", flexDirection: "column", flexGrow: 1, justifyContent: "center", children: jsx(Text, { dimColor: true, children: "No finding selected" }) });
-  }
-  let body;
-  switch (finding.kind) {
-    case "duplicate": {
-      body = jsx(DuplicateDetail, { finding });
-      break;
-    }
-    case "optimization": {
-      body = jsx(OptimizationDetail, { finding });
-      break;
-    }
-    case "outdated": {
-      body = jsx(OutdatedDetail, { finding });
-      break;
-    }
-    case "runtime": {
-      body = jsx(RuntimeDetail, { finding });
-      break;
-    }
-    case "socket": {
-      body = jsx(SocketDetail, { finding });
-      break;
-    }
-    case "vulnerability": {
-      body = jsx(VulnerabilityDetail, { finding });
-      break;
-    }
-    default: {
-      body = jsx(Text, { dimColor: true, children: "Unknown finding kind." });
-      break;
-    }
-  }
-  return jsxs(Box, { borderColor, borderStyle: "single", flexDirection: "column", flexGrow: 1, children: [
-    jsxs(Box, { flexShrink: 0, paddingTop: 1, paddingX: 2, children: [
-      jsx(Text, { bold: true, color: "white", children: finding.title }),
-      jsxs(Text, { dimColor: true, children: [
-        "  ",
-        SECTION_LABELS[finding.section]
-      ] })
-    ] }),
-    jsxs(ScrollView, { flexGrow: 1, flexShrink: 1, paddingX: 2, ref: scrollRef, scrollbar: true, scrollbarColor: "gray", scrollbarStyle: "block", children: [
-      jsx(Text, {}),
-      body
-    ] })
-  ] });
-};
-
-const SEVERITY_COLORS = {
-  error: "red",
-  warn: "yellow"
-};
-const SEVERITY_GLYPH = {
-  error: "✖",
-  warn: "⚠"
-};
-const hasAcceptedRisk = (finding) => {
-  if (finding.kind === "outdated" || finding.kind === "vulnerability" || finding.kind === "socket") {
-    return Boolean(finding.entry.acceptedRisk);
-  }
-  return false;
-};
-const FindingRow = ({ finding, isSelected }) => {
-  const sevColor = SEVERITY_COLORS[finding.severity];
-  const acked = hasAcceptedRisk(finding);
-  return jsxs(Box, { flexShrink: 0, height: 1, children: [
-    jsx(Text, { children: isSelected ? ">" : " " }),
-    jsxs(Text, { color: sevColor, children: [
-      " ",
-      SEVERITY_GLYPH[finding.severity],
-      " "
-    ] }),
-    jsx(Box, { flexGrow: 1, children: jsx(Text, { bold: isSelected, inverse: isSelected, wrap: "truncate", children: finding.title }) }),
-    acked ? jsx(Text, { color: "cyan", children: " ack" }) : null,
-    finding.subtitle ? jsxs(Text, { dimColor: true, wrap: "truncate", children: [
-      " ",
-      finding.subtitle
-    ] }) : null
-  ] });
-};
-const SectionHeader = ({ count, section }) => jsxs(Box, { flexShrink: 0, height: 1, marginTop: 1, children: [
-  jsx(Text, { dimColor: true, children: "▼ " }),
-  jsx(Text, { bold: true, color: "white", children: SECTION_LABELS[section].toUpperCase() }),
-  jsxs(Text, { dimColor: true, children: [
-    " (",
-    count,
-    ")"
-  ] })
-] });
-const TabLabel = ({ count, label, status }) => {
-  const showSpinner = status === "running";
-  return jsxs(Text, { children: [
-    label,
-    showSpinner ? jsxs(Text, { children: [
-      " ",
-      jsx(Spinner, { type: "dots" })
-    ] }) : null,
-    status === "error" ? jsx(Text, { bold: true, color: "red", children: " ✖" }) : jsxs(Text, { dimColor: true, children: [
-      " (",
-      String(count),
-      ")"
-    ] })
-  ] });
-};
-const DoctorListPanel = ({
-  elapsedMs,
-  entries,
-  filterActive,
-  filterText,
-  filterType,
-  focused,
-  fromCache = false,
-  grouped,
-  onViewportHeightChange,
-  scrollOffset,
-  sectionCounts,
-  sectionMessage,
-  sectionStatus,
-  selectedIndex,
-  severityFilter,
-  totalAll,
-  viewportHeight
-}) => {
-  const borderColor = focused ? "white" : "gray";
-  const { measuredHeight: measuredViewportHeight, ref: contentRowRef } = useMeasuredHeight(viewportHeight, onViewportHeightChange);
-  let errors = 0;
-  let warns = 0;
-  for (const finding of entries) {
-    if (finding.severity === "error") {
-      errors += 1;
-    } else if (finding.severity === "warn") {
-      warns += 1;
-    }
-  }
-  const summaryParts = [];
-  if (errors > 0) {
-    summaryParts.push(`${String(errors)} error${errors === 1 ? "" : "s"}`);
-  }
-  if (warns > 0) {
-    summaryParts.push(`${String(warns)} warn${warns === 1 ? "" : "s"}`);
-  }
-  const summary = summaryParts.length > 0 ? ` (${summaryParts.join(", ")})` : "";
-  const elapsedSeconds = (elapsedMs / 1e3).toFixed(1);
-  const rows = [];
-  for (const [section, items] of grouped) {
-    rows.push(jsx(SectionHeader, { count: items.length, section }, `hdr-${section}`));
-    for (const item of items) {
-      const flatIndex = entries.indexOf(item);
-      rows.push(jsx(FindingRow, { finding: item, isSelected: flatIndex === selectedIndex }, item.id));
-    }
-  }
-  let contentHeight = 0;
-  for (const [, items] of grouped) {
-    contentHeight += 2 + items.length;
-  }
-  const showScrollbar = contentHeight > measuredViewportHeight && measuredViewportHeight > 0;
-  return jsxs(Box, { borderColor, borderStyle: "single", flexDirection: "column", flexGrow: 1, children: [
-    jsxs(Box, { flexShrink: 0, gap: 1, paddingX: 1, children: [
-      jsx(Text, { bold: true, inverse: true, children: " DOCTOR " }),
-      jsxs(Text, { wrap: "truncate", children: [
-        entries.length,
-        entries.length === totalAll ? "" : `/${String(totalAll)}`,
-        " finding",
-        entries.length === 1 ? "" : "s",
-        summary
-      ] }),
-      severityFilter ? jsx(Text, { bold: true, color: SEVERITY_COLORS[severityFilter], inverse: true, children: ` ${severityFilter.toUpperCase()} ONLY ` }) : null,
-      fromCache ? jsx(Text, { bold: true, color: "cyan", inverse: true, children: " CACHED " }) : null,
-      jsxs(Text, { dimColor: true, children: [
-        " · ",
-        elapsedSeconds,
-        "s"
-      ] })
-    ] }),
-    jsx(Box, { flexShrink: 0, paddingX: 1, paddingY: 1, children: jsx(
-      Tabs,
-      {
-        isFocused: focused,
-        keyMap: { next: [], previous: [], useNumbers: false, useTab: false },
-        onChange: () => {
-        },
-        showIndex: false,
-        value: filterType,
-        children: FILTER_TABS.map(({ id, label }) => jsx(Tab, { name: id, children: jsx(TabLabel, { count: sectionCounts[id], label, status: sectionStatus[id] }) }, id))
-      }
-    ) }),
-    (() => {
-      const running = Object.keys(sectionStatus).filter((id) => sectionStatus[id] === "running" && sectionMessage[id]).map((id) => sectionMessage[id]);
-      if (running.length === 0) {
-        return null;
-      }
-      return jsx(Box, { flexShrink: 0, paddingX: 1, children: jsxs(Text, { dimColor: true, wrap: "truncate", children: [
-        jsx(Spinner, { type: "dots" }),
-        " ",
-        running.join(" · ")
-      ] }) });
-    })(),
-    filterActive && jsxs(Box, { flexShrink: 0, paddingX: 1, children: [
-      jsx(Text, { bold: true, color: "white", children: "/ " }),
-      jsx(Text, { children: filterText }),
-      jsx(Text, { inverse: true, children: " " })
-    ] }),
-    jsxs(Box, { flexDirection: "row", flexGrow: 1, overflow: "hidden", ref: contentRowRef, children: [
-      jsx(Box, { flexDirection: "column", flexGrow: 1, overflow: "hidden", paddingLeft: 1, children: jsx(Box, { flexDirection: "column", marginTop: -scrollOffset, children: rows.length > 0 ? rows : jsx(Box, { marginTop: 1, children: jsx(Text, { dimColor: true, children: "No findings match the current filter." }) }) }) }),
-      showScrollbar && jsx(Box, { flexShrink: 0, marginLeft: 1, marginRight: 1, children: jsx(
-        ScrollBar,
-        {
-          contentHeight,
-          placement: "inset",
-          scrollOffset,
-          style: "block",
-          viewportHeight: measuredViewportHeight
-        }
-      ) })
-    ] }, `list-${filterType}-${filterText}`)
-  ] });
-};
-
-const buildUpdateAction = (finding) => {
-  if (finding.kind === "outdated") {
-    return {
-      command: `vis update ${finding.entry.packageName}`,
-      description: `Update ${finding.entry.packageName} to ${finding.entry.newRange}`
-    };
-  }
-  if (finding.kind === "duplicate") {
-    return {
-      command: `vis dedupe ${finding.pkg.name}`,
-      description: `Dedupe ${finding.pkg.name} (${String(finding.pkg.versions.length)} versions)`
-    };
-  }
-  return void 0;
-};
-const buildOptimizeAction = (finding) => {
-  if (finding.kind !== "optimization") {
-    return void 0;
-  }
-  return {
-    command: `vis optimize ${finding.entry.packageName}`,
-    description: `Replace ${finding.entry.packageName} with ${finding.entry.replacement}`
-  };
-};
-const buildAckAction = (finding) => {
-  if (finding.kind !== "outdated" && finding.kind !== "vulnerability" && finding.kind !== "socket") {
-    return void 0;
-  }
-  const pkg = finding.kind === "outdated" ? finding.entry.packageName : finding.packageName;
-  const snippet = [
-    "// Add to vis.config.ts:",
-    "security: {",
-    "    acceptedRisks: {",
-    `        "${pkg}": {`,
-    '            reason: "explain why this risk is acceptable",',
-    '            expiresAt: "YYYY-MM-DD",',
-    "        },",
-    "    },",
-    "},"
-  ].join("\n");
-  return {
-    command: snippet,
-    configSnippet: snippet,
-    description: `Acknowledge risk for ${pkg}`
-  };
-};
-const MIN_HORIZONTAL_WIDTH = 100;
-const MIN_VIEWPORT_WIDTH = 40;
-const MIN_VIEWPORT_HEIGHT = 10;
-const VisDoctorApp = ({ autoExitSeconds = 0, banner, fromCache = false, startedAt, store }) => {
-  const { exit } = useApp();
-  const { columns, rows } = useWindowSize();
-  const state = useSyncExternalStore(store.subscribe, store.getSnapshot);
-  const [helpVisible, setHelpVisible] = useState(false);
-  const [quitDialogVisible, setQuitDialogVisible] = useState(false);
-  const [listScrollOffset, setListScrollOffset] = useState(0);
-  const [now, setNow] = useState(() => Date.now());
-  useEffect(() => {
-    const id = setInterval(() => {
-      setNow(Date.now());
-    }, 1e3);
-    return () => {
-      clearInterval(id);
-    };
-  }, []);
-  const elapsedMs = now - startedAt;
-  const helpScrollRef = useRef(null);
-  const detailScrollRef = useRef(null);
-  const selectedFinding = state.entries[state.selectedIndex] ?? null;
-  const sectionCounts = useMemo(() => {
-    const counts = {
-      dependencies: 0,
-      optimization: 0,
-      runtime: 0,
-      security: 0
-    };
-    for (const finding of state.all) {
-      counts[finding.section] += 1;
-    }
-    return counts;
-  }, [state.all]);
-  const bannerHeight = banner ? banner.hint ? 5 : 4 : 0;
-  const activityLineHeight = useMemo(() => {
-    for (const id of Object.keys(state.sectionStatus)) {
-      if (state.sectionStatus[id] === "running" && state.sectionMessage[id]) {
-        return 1;
-      }
-    }
-    return 0;
-  }, [state.sectionStatus, state.sectionMessage]);
-  const isHorizontal = columns >= MIN_HORIZONTAL_WIDTH;
-  const listPanelHeight = isHorizontal ? Math.max(1, rows - bannerHeight - 2) : Math.floor(rows * 0.55);
-  const estimatedViewportHeight = useMemo(
-    () => Math.max(1, listPanelHeight - 6 - activityLineHeight - (state.filterActive ? 1 : 0)),
-    [listPanelHeight, activityLineHeight, state.filterActive]
-  );
-  const [measuredViewportHeight, setMeasuredViewportHeight] = useState(estimatedViewportHeight);
-  const listViewportHeight = measuredViewportHeight > 0 ? measuredViewportHeight : estimatedViewportHeight;
-  const contentHeight = useMemo(() => {
-    let height = 0;
-    for (const [, items] of state.grouped) {
-      height += 2 + items.length;
-    }
-    return height;
-  }, [state.grouped]);
-  const maxScrollOffset = Math.max(0, contentHeight - listViewportHeight);
-  useEffect(() => {
-    setListScrollOffset((current) => Math.min(current, maxScrollOffset));
-  }, [maxScrollOffset]);
-  const getRowForIndex = useCallback(
-    (index) => {
-      let row = 0;
-      let count = 0;
-      for (const [, items] of state.grouped) {
-        row += 2;
-        for (const _ of items) {
-          if (count === index) {
-            return row;
-          }
-          row += 1;
-          count += 1;
-        }
-      }
-      return row;
-    },
-    [state.grouped]
-  );
-  const scrollToIndex = useCallback(
-    (index) => {
-      const targetRow = getRowForIndex(index);
-      setListScrollOffset((current) => {
-        if (targetRow > current + listViewportHeight - 2) {
-          return Math.min(maxScrollOffset, Math.max(0, targetRow - listViewportHeight + 2));
-        }
-        if (targetRow < current + 1) {
-          return Math.max(0, targetRow - 1);
-        }
-        return current;
-      });
-    },
-    [getRowForIndex, listViewportHeight, maxScrollOffset]
-  );
-  useEffect(() => {
-    detailScrollRef.current?.scrollToTop();
-  }, [selectedFinding?.id]);
-  useInput(
-    (input, key) => {
-      if (input === "c" && key.ctrl) {
-        exit();
-        return;
-      }
-      if (quitDialogVisible) {
-        return;
-      }
-      if (helpVisible) {
-        if (key.escape || input === "?") {
-          setHelpVisible(false);
-        } else if (input === "q") {
-          setHelpVisible(false);
-          setQuitDialogVisible(true);
-        } else if (key.downArrow || input === "j") {
-          helpScrollRef.current?.scrollBy(1);
-        } else if (key.upArrow || input === "k") {
-          helpScrollRef.current?.scrollBy(-1);
-        }
-        return;
-      }
-      if (input === "?") {
-        setHelpVisible(true);
-        return;
-      }
-      if (input === "q") {
-        setQuitDialogVisible(true);
-        return;
-      }
-      if (key.tab) {
-        store.setFocusedPanel(state.focusedPanel === "list" ? "detail" : "list");
-        return;
-      }
-      if (state.filterActive) {
-        if (key.escape || key.return) {
-          store.setFilterActive(false);
-          return;
-        }
-        if (key.backspace) {
-          setListScrollOffset(0);
-          store.setFilter(state.filterText.slice(0, -1));
-          return;
-        }
-        if (input && !key.ctrl && !key.meta) {
-          setListScrollOffset(0);
-          store.setFilter(state.filterText + input);
-        }
-        return;
-      }
-      if (state.focusedPanel === "list" && (key.leftArrow || key.rightArrow)) {
-        const currentIndex = FILTER_TABS.findIndex((tab) => tab.id === state.filterType);
-        const nextIndex = key.rightArrow ? (currentIndex + 1) % FILTER_TABS.length : (currentIndex - 1 + FILTER_TABS.length) % FILTER_TABS.length;
-        setListScrollOffset(0);
-        detailScrollRef.current?.scrollToTop();
-        store.setFilterType(FILTER_TABS[nextIndex].id);
-        return;
-      }
-      if (state.focusedPanel === "list") {
-        if (key.downArrow || input === "j") {
-          const next = Math.min(state.selectedIndex + 1, state.entries.length - 1);
-          store.setSelectedIndex(next);
-          scrollToIndex(next);
-          return;
-        }
-        if (key.upArrow || input === "k") {
-          const next = Math.max(state.selectedIndex - 1, 0);
-          store.setSelectedIndex(next);
-          scrollToIndex(next);
-          return;
-        }
-        if (key.pageDown) {
-          const next = Math.min(state.selectedIndex + 10, state.entries.length - 1);
-          store.setSelectedIndex(next);
-          scrollToIndex(next);
-          return;
-        }
-        if (key.pageUp) {
-          const next = Math.max(state.selectedIndex - 10, 0);
-          store.setSelectedIndex(next);
-          scrollToIndex(next);
-          return;
-        }
-        if (key.home) {
-          store.setSelectedIndex(0);
-          setListScrollOffset(0);
-          return;
-        }
-        if (key.end) {
-          const last = state.entries.length - 1;
-          store.setSelectedIndex(last);
-          scrollToIndex(last);
-          return;
-        }
-        if (input === "/") {
-          store.setFilterActive(true);
-          return;
-        }
-        if (input === "e") {
-          store.setSeverityFilter(state.severityFilter === "error" ? void 0 : "error");
-          setListScrollOffset(0);
-          return;
-        }
-        if (input === "w") {
-          store.setSeverityFilter(state.severityFilter === "warn" ? void 0 : "warn");
-          setListScrollOffset(0);
-          return;
-        }
-        if (input === "u" && selectedFinding) {
-          const action = buildUpdateAction(selectedFinding);
-          if (action) {
-            store.setPendingAction(action);
-            exit();
-          }
-          return;
-        }
-        if (input === "o" && selectedFinding) {
-          const action = buildOptimizeAction(selectedFinding);
-          if (action) {
-            store.setPendingAction(action);
-            exit();
-          }
-          return;
-        }
-        if (input === "a" && selectedFinding) {
-          const action = buildAckAction(selectedFinding);
-          if (action) {
-            store.setPendingAction(action);
-            exit();
-          }
-          return;
-        }
-        if (input === "d") {
-          store.setFocusedPanel("detail");
-          return;
-        }
-        return;
-      }
-      if (key.escape || key.leftArrow) {
-        store.setFocusedPanel("list");
-        return;
-      }
-      if (key.downArrow || input === "j") {
-        detailScrollRef.current?.scrollBy(1);
-        return;
-      }
-      if (key.upArrow || input === "k") {
-        detailScrollRef.current?.scrollBy(-1);
-        return;
-      }
-      if (key.pageDown) {
-        detailScrollRef.current?.scrollBy(10);
-        return;
-      }
-      if (key.pageUp) {
-        detailScrollRef.current?.scrollBy(-10);
-        return;
-      }
-      if (key.home) {
-        detailScrollRef.current?.scrollToTop();
-        return;
-      }
-      if (key.end) {
-        detailScrollRef.current?.scrollToBottom();
-      }
-    },
-    { isActive: true }
-  );
-  if (columns < MIN_VIEWPORT_WIDTH || rows < MIN_VIEWPORT_HEIGHT) {
-    return jsx(Box, { alignItems: "center", height: rows, justifyContent: "center", width: columns, children: jsxs(Text, { color: "yellow", children: [
-      "Terminal too small (",
-      columns,
-      "x",
-      rows,
-      ")"
-    ] }) });
-  }
-  const detailFocused = state.focusedPanel === "detail";
-  const footerItems = [
-    jsxs(Box, { gap: 1, children: [
-      jsx(Text, { bold: true, color: "white", children: "q" }),
-      jsx(Text, { dimColor: true, children: "QUIT" })
-    ] }, "q"),
-    jsxs(Box, { gap: 1, children: [
-      jsx(Text, { bold: true, color: "white", children: "?" }),
-      jsx(Text, { dimColor: true, children: "HELP" })
-    ] }, "?"),
-    jsxs(Box, { gap: 1, children: [
-      jsx(Text, { bold: true, color: "white", children: "↑↓" }),
-      jsx(Text, { dimColor: true, children: detailFocused ? "SCROLL" : "NAV" })
-    ] }, "nav"),
-    detailFocused ? jsxs(Box, { gap: 1, children: [
-      jsx(Text, { bold: true, color: "white", children: "←/Esc" }),
-      jsx(Text, { dimColor: true, children: "LIST" })
-    ] }, "lr") : jsxs(Box, { gap: 1, children: [
-      jsx(Text, { bold: true, color: "white", children: "←→" }),
-      jsx(Text, { dimColor: true, children: "SECTION" })
-    ] }, "lr"),
-    jsxs(Box, { gap: 1, children: [
-      jsx(Text, { bold: true, color: "white", children: "/" }),
-      jsx(Text, { dimColor: true, children: "SEARCH" })
-    ] }, "search"),
-    jsxs(Box, { gap: 1, children: [
-      jsx(Text, { bold: true, color: "white", children: "e/w" }),
-      jsx(Text, { dimColor: true, children: "SEVERITY" })
-    ] }, "sev"),
-    jsxs(Box, { gap: 1, children: [
-      jsx(Text, { bold: true, color: "white", children: "u/o/a" }),
-      jsx(Text, { dimColor: true, children: "ACTION" })
-    ] }, "actions"),
-    jsxs(Box, { gap: 1, children: [
-      jsx(Text, { bold: true, color: "white", children: "Tab" }),
-      jsx(Text, { dimColor: true, children: "PANEL" })
-    ] }, "tab")
-  ];
-  const footer = jsx(Box, { borderBottom: false, borderColor: "gray", borderLeft: false, borderRight: false, borderStyle: "single", flexShrink: 0, children: jsx(Box, { gap: 2, overflow: "hidden", paddingX: 1, children: footerItems }) });
-  const helpPopup = jsxs(
-    Dialog,
-    {
-      footer: jsxs(Text, { dimColor: true, children: [
-        jsx(Text, { bold: true, color: "white", children: "↑↓" }),
-        " scroll  ",
-        jsx(Text, { bold: true, color: "white", children: "?" }),
-        "/",
-        jsx(Text, { bold: true, color: "white", children: "Esc" }),
-        " close"
-      ] }),
-      scrollRef: helpScrollRef,
-      title: "DOCTOR — KEYBOARD SHORTCUTS",
-      visible: helpVisible,
-      width: 56,
-      children: [
-        jsxs(Box, { flexDirection: "column", marginBottom: 1, children: [
-          jsxs(Box, { marginBottom: 1, children: [
-            jsx(Text, { dimColor: true, children: "── " }),
-            jsx(Text, { bold: true, color: "white", children: "NAVIGATION" })
-          ] }),
-          jsxs(Box, { children: [
-            jsx(Box, { width: 26, children: jsxs(Text, { children: [
-              jsx(Text, { bold: true, color: "white", children: " ↑/k  " }),
-              jsx(Text, { dimColor: true, children: "Move up" })
-            ] }) }),
-            jsxs(Text, { children: [
-              jsx(Text, { bold: true, color: "white", children: " ↓/j  " }),
-              jsx(Text, { dimColor: true, children: "Move down" })
-            ] })
-          ] }),
-          jsxs(Box, { children: [
-            jsx(Box, { width: 26, children: jsxs(Text, { children: [
-              jsx(Text, { bold: true, color: "white", children: " PgUp" }),
-              jsx(Text, { dimColor: true, children: " Jump up 10" })
-            ] }) }),
-            jsxs(Text, { children: [
-              jsx(Text, { bold: true, color: "white", children: " PgDn" }),
-              jsx(Text, { dimColor: true, children: " Jump down 10" })
-            ] })
-          ] }),
-          jsxs(Box, { children: [
-            jsx(Box, { width: 26, children: jsxs(Text, { children: [
-              jsx(Text, { bold: true, color: "white", children: " Home" }),
-              jsx(Text, { dimColor: true, children: " Jump to top" })
-            ] }) }),
-            jsxs(Text, { children: [
-              jsx(Text, { bold: true, color: "white", children: " End" }),
-              jsx(Text, { dimColor: true, children: " Jump to bottom" })
-            ] })
-          ] }),
-          jsxs(Text, { children: [
-            jsx(Text, { bold: true, color: "white", children: " Tab" }),
-            jsx(Text, { dimColor: true, children: " Switch panel" })
-          ] }),
-          jsxs(Text, { children: [
-            jsx(Text, { bold: true, color: "white", children: " →/←" }),
-            jsx(Text, { dimColor: true, children: " Section tabs (list) / Focus list (detail)" })
-          ] })
-        ] }),
-        jsxs(Box, { flexDirection: "column", marginBottom: 1, children: [
-          jsxs(Box, { marginBottom: 1, children: [
-            jsx(Text, { dimColor: true, children: "── " }),
-            jsx(Text, { bold: true, color: "white", children: "FILTER" })
-          ] }),
-          jsxs(Text, { children: [
-            jsx(Text, { bold: true, color: "white", children: " /" }),
-            jsx(Text, { dimColor: true, children: " Open text filter (Esc/Enter to close)" })
-          ] }),
-          jsxs(Text, { children: [
-            jsx(Text, { bold: true, color: "white", children: " e" }),
-            jsx(Text, { dimColor: true, children: " Toggle errors-only filter" })
-          ] }),
-          jsxs(Text, { children: [
-            jsx(Text, { bold: true, color: "white", children: " w" }),
-            jsx(Text, { dimColor: true, children: " Toggle warns-only filter" })
-          ] })
-        ] }),
-        jsxs(Box, { flexDirection: "column", marginBottom: 1, children: [
-          jsxs(Box, { marginBottom: 1, children: [
-            jsx(Text, { dimColor: true, children: "── " }),
-            jsx(Text, { bold: true, color: "white", children: "ACTIONS" })
-          ] }),
-          jsxs(Text, { children: [
-            jsx(Text, { bold: true, color: "white", children: " u" }),
-            jsx(Text, { dimColor: true, children: " Exit + suggest update / dedupe command" })
-          ] }),
-          jsxs(Text, { children: [
-            jsx(Text, { bold: true, color: "white", children: " o" }),
-            jsx(Text, { dimColor: true, children: " Exit + suggest optimize command" })
-          ] }),
-          jsxs(Text, { children: [
-            jsx(Text, { bold: true, color: "white", children: " a" }),
-            jsx(Text, { dimColor: true, children: " Exit + print risk-ack snippet" })
-          ] }),
-          jsxs(Text, { children: [
-            jsx(Text, { bold: true, color: "white", children: " d" }),
-            jsx(Text, { dimColor: true, children: " Focus detail panel" })
-          ] })
-        ] }),
-        jsxs(Box, { flexDirection: "column", children: [
-          jsxs(Box, { marginBottom: 1, children: [
-            jsx(Text, { dimColor: true, children: "── " }),
-            jsx(Text, { bold: true, color: "white", children: "EXIT" })
-          ] }),
-          jsxs(Text, { children: [
-            jsx(Text, { bold: true, color: "white", children: " q" }),
-            jsx(Text, { dimColor: true, children: " Quit (with countdown)" })
-          ] }),
-          jsxs(Text, { children: [
-            jsx(Text, { bold: true, color: "white", children: " Ctrl+C" }),
-            jsx(Text, { dimColor: true, children: " Quit immediately" })
-          ] })
-        ] })
-      ]
-    }
-  );
-  const listPanel = jsx(
-    DoctorListPanel,
-    {
-      elapsedMs,
-      entries: state.entries,
-      filterActive: state.filterActive,
-      filterText: state.filterText,
-      filterType: state.filterType,
-      focused: state.focusedPanel === "list",
-      fromCache,
-      grouped: state.grouped,
-      onViewportHeightChange: setMeasuredViewportHeight,
-      scrollOffset: listScrollOffset,
-      sectionCounts,
-      sectionMessage: state.sectionMessage,
-      sectionStatus: state.sectionStatus,
-      selectedIndex: state.selectedIndex,
-      severityFilter: state.severityFilter,
-      totalAll: state.all.length,
-      viewportHeight: listViewportHeight
-    }
-  );
-  const bannerNode = banner ? jsx(ConfigBanner, { hint: banner.hint, message: banner.message, severity: banner.severity, title: banner.title }) : null;
-  const detailPanel = jsx(DoctorDetailPanel, { finding: selectedFinding, focused: state.focusedPanel === "detail", scrollRef: detailScrollRef });
-  if (isHorizontal) {
-    const detailWidth = Math.floor(columns * 0.4);
-    return jsxs(Box, { flexDirection: "column", height: rows, width: columns, children: [
-      bannerNode,
-      jsxs(Box, { flexDirection: "row", flexGrow: 1, children: [
-        jsx(Box, { flexGrow: 1, children: listPanel }),
-        jsx(Box, { width: detailWidth, children: detailPanel })
-      ] }),
-      footer,
-      jsx(
-        QuitDialog,
-        {
-          autoExitSeconds: autoExitSeconds || 3,
-          onCancel: () => {
-            setQuitDialogVisible(false);
-          },
-          visible: quitDialogVisible
-        }
-      ),
-      helpPopup
-    ] });
-  }
-  return jsxs(Box, { flexDirection: "column", height: rows, width: columns, children: [
-    bannerNode,
-    jsx(Box, { height: listPanelHeight, children: listPanel }),
-    jsx(Box, { flexGrow: 1, children: detailPanel }),
-    footer,
-    jsx(
-      QuitDialog,
-      {
-        autoExitSeconds: autoExitSeconds || 3,
-        onCancel: () => {
-          setQuitDialogVisible(false);
-        },
-        visible: quitDialogVisible
-      }
-    ),
-    helpPopup
-  ] });
-};
-
-const escapeRegex = (literal) => literal.replaceAll(/[$()+.?[\\\]^{|}]/g, String.raw`\$&`);
-const compilePattern = (pattern) => {
-  const segments = pattern.split("*").map(escapeRegex);
-  return new RegExp(`^${segments.join(".*")}$`, "i");
-};
-const parseFilterPatterns = (raw) => {
-  if (!raw) {
-    return [];
-  }
-  return raw.split(",").map((token) => token.trim()).filter((token) => token.length > 0).map(compilePattern);
-};
-const matchesAny = (name, patterns) => {
-  for (const pattern of patterns) {
-    if (pattern.test(name)) {
-      return true;
-    }
-  }
-  return false;
-};
-const applyFilter = (results, patterns) => {
-  if (patterns.length === 0) {
-    return results;
-  }
-  const outdated = results.outdated.filter((entry) => matchesAny(entry.packageName, patterns));
-  const duplicates = results.duplicates.filter((dup) => matchesAny(dup.name, patterns));
-  const optimizations = results.optimizations.filter((entry) => matchesAny(entry.packageName, patterns));
-  let vulnCount = 0;
-  let socketAlerts = 0;
-  let socketLowScore = 0;
-  for (const entry of outdated) {
-    if (entry.vulnerabilities) {
-      vulnCount += entry.vulnerabilities.length;
-    }
-    if (entry.socketReport) {
-      socketAlerts += entry.socketReport.alerts.length;
-      if (entry.socketReport.score.overall < DEFAULT_LOW_SCORE_THRESHOLD) {
-        socketLowScore += 1;
-      }
-    }
-  }
-  return {
-    ...results,
-    duplicates,
-    optimizations,
-    outdated,
-    socketIssues: { alerts: socketAlerts, lowScore: socketLowScore },
-    vulnCount
-  };
-};
-const filterFindingsByPattern = (findings, patterns) => {
-  if (patterns.length === 0) {
-    return [...findings];
-  }
-  return findings.filter((finding) => {
-    if (finding.kind === "runtime") {
-      return true;
-    }
-    const name = finding.kind === "duplicate" ? finding.pkg.name : finding.kind === "outdated" || finding.kind === "optimization" ? finding.entry.packageName : finding.packageName;
-    return matchesAny(name, patterns);
-  });
-};
-
-const SECTION_IDS = ["dependencies", "security", "optimization", "runtime"];
-const parseSectionList = (raw) => {
-  const parsed = /* @__PURE__ */ new Set();
-  if (!raw) {
-    return parsed;
-  }
-  for (const token of raw.split(",")) {
-    const trimmed = token.trim().toLowerCase();
-    if (SECTION_IDS.includes(trimmed)) {
-      parsed.add(trimmed);
-    }
-  }
-  return parsed;
-};
-const resolveSections = (only, skip) => {
-  if (only !== void 0 && only !== "") {
-    return parseSectionList(only);
-  }
-  const skipped = parseSectionList(skip);
-  return new Set(SECTION_IDS.filter((s) => !skipped.has(s)));
-};
-const summarizeOptimizations = (entries) => {
-  const counts = { micro: 0, native: 0, preferred: 0, socket: 0, total: entries.length };
-  for (const entry of entries) {
-    switch (entry.category) {
-      case "micro-utility": {
-        counts.micro += 1;
-        break;
-      }
-      case "native": {
-        counts.native += 1;
-        break;
-      }
-      case "preferred": {
-        counts.preferred += 1;
-        break;
-      }
-      case "socket": {
-        counts.socket += 1;
-        break;
-      }
-    }
-  }
-  return counts;
-};
-const sectionStatus = (results, section) => {
-  if (!results.sections.has(section)) {
-    return "skip";
-  }
-  switch (section) {
-    case "dependencies": {
-      if (results.outdated.length > 0 || results.duplicates.length > 0) {
-        return "warn";
-      }
-      return "ok";
-    }
-    case "optimization": {
-      return results.optimizations.length > 0 ? "warn" : "ok";
-    }
-    case "runtime": {
-      return results.runtime.some((d) => d.status === "warn") ? "warn" : "ok";
-    }
-    case "security": {
-      if (results.vulnCount > 0 || results.socketIssues.alerts > 0) {
-        return "error";
-      }
-      if (results.socketIssues.lowScore > 0) {
-        return "warn";
-      }
-      return "ok";
-    }
-    default: {
-      return "ok";
-    }
-  }
-};
-const buildJsonPayload = (results, packageManagerName) => {
-  const counts = summarizeOptimizations(results.optimizations);
-  const sectionsObj = {
-    dependencies: sectionStatus(results, "dependencies"),
-    optimization: sectionStatus(results, "optimization"),
-    runtime: sectionStatus(results, "runtime"),
-    security: sectionStatus(results, "security")
-  };
-  const statuses = /* @__PURE__ */ new Set([...Object.values(sectionsObj), results.supplyChain.status]);
-  const overall = statuses.has("error") ? "error" : statuses.has("warn") ? "warn" : "ok";
-  return {
-    dependencies: {
-      duplicates: results.duplicates.length,
-      installed: results.installedCount,
-      outdated: results.outdated.length,
-      status: sectionsObj.dependencies
-    },
-    elapsedMs: results.elapsedMs,
-    optimizations: {
-      microUtilities: counts.micro,
-      native: counts.native,
-      preferred: counts.preferred,
-      socket: counts.socket,
-      status: sectionsObj.optimization,
-      total: counts.total
-    },
-    packageManager: packageManagerName,
-    runtime: results.runtime.map((d) => {
-      return {
-        detail: d.detail,
-        id: d.id,
-        message: d.message,
-        status: d.status
-      };
-    }),
-    runtimeStatus: sectionsObj.runtime,
-    security: {
-      alerts: results.socketIssues.alerts,
-      lowScorePackages: results.socketIssues.lowScore,
-      status: sectionsObj.security,
-      vulnerabilities: results.vulnCount
-    },
-    status: overall,
-    supplyChain: {
-      findings: results.supplyChain.findings.map((f) => {
-        return { detail: f.detail, label: f.label, severity: f.severity };
-      }),
-      status: results.supplyChain.status
-    },
-    workspaces: results.workspaceCount
-  };
-};
-const shouldFail = (results, strict) => {
-  const hasRuntimeWarn = results.runtime.some((d) => d.status === "warn");
-  const baseFail = results.vulnCount > 0 || results.socketIssues.alerts > 0;
-  if (!strict) {
-    return baseFail;
-  }
-  return baseFail || results.outdated.length > 0 || results.duplicates.length > 0 || hasRuntimeWarn;
-};
-
-const rollUpStatus = (findings) => {
-  if (findings.some((f) => f.severity === "error")) {
-    return "error";
-  }
-  if (findings.some((f) => f.severity === "warn")) {
-    return "warn";
-  }
-  return "ok";
-};
-const buildSupplyChainPosture = (config) => {
-  const findings = [];
-  const security = config?.security;
-  if (!security) {
-    findings.push({
-      detail: "Use defineConfig() from '@visulima/vis/config' to apply secure defaults.",
-      label: "No security config — running with the PM's native defaults",
-      severity: "warn"
-    });
-    return { findings, status: rollUpStatus(findings) };
-  }
-  if (security.minimumReleaseAge === void 0) {
-    findings.push({
-      detail: "Set security.minimumReleaseAge to block packages published in the last N minutes (mitigates supply-chain attacks).",
-      label: "minimumReleaseAge is not set",
-      severity: "warn"
-    });
-  } else if (security.minimumReleaseAge === 0) {
-    findings.push({
-      detail: "New packages can be installed immediately after publishing. Consider setting a non-zero cooldown.",
-      label: "minimumReleaseAge is explicitly 0",
-      severity: "warn"
-    });
-  } else {
-    findings.push({
-      label: `minimumReleaseAge: ${String(security.minimumReleaseAge)} minutes`,
-      severity: "ok"
-    });
-  }
-  if (security.trustPolicy === void 0 || security.trustPolicy === "off") {
-    findings.push({
-      detail: "Packages whose trust level has decreased will not be blocked. Consider 'no-downgrade'.",
-      label: `trustPolicy: ${security.trustPolicy ?? "not set"}`,
-      severity: "warn"
-    });
-  } else {
-    findings.push({
-      label: `trustPolicy: ${security.trustPolicy}`,
-      severity: "ok"
-    });
-  }
-  if (security.blockExoticSubdeps === void 0 || !security.blockExoticSubdeps) {
-    findings.push({
-      detail: "Transitive dependencies can pull code from git repos or tarball URLs. Set to true to block.",
-      label: `blockExoticSubdeps: ${String(security.blockExoticSubdeps ?? false)}`,
-      severity: "warn"
-    });
-  } else {
-    findings.push({
-      label: "blockExoticSubdeps: true",
-      severity: "ok"
-    });
-  }
-  const allowBuildsCount = security.allowBuilds ? Object.keys(security.allowBuilds).length : 0;
-  if (allowBuildsCount === 0) {
-    findings.push({
-      detail: "Lifecycle scripts are blocked by default. List trusted packages here to opt them back in (e.g. esbuild, @prisma/client).",
-      label: "allowBuilds: not configured",
-      severity: "warn"
-    });
-  } else {
-    findings.push({
-      label: `allowBuilds: ${String(allowBuildsCount)} ${allowBuildsCount === 1 ? "entry" : "entries"}`,
-      severity: "ok"
-    });
-  }
-  if (security.strictDepBuilds && allowBuildsCount === 0) {
-    findings.push({
-      detail: "All dependencies with build scripts will be blocked. Run 'vis approve-builds' to populate allowBuilds.",
-      label: "strictDepBuilds is on but allowBuilds is empty",
-      severity: "error"
-    });
-  }
-  return { findings, status: rollUpStatus(findings) };
-};
-
-const fmtDuration = (ms) => {
-  if (ms >= 1e3) {
-    return `${(ms / 1e3).toFixed(1)}s`;
-  }
-  return `${String(Math.round(ms))}ms`;
-};
-const tracked = async (progress, id, factory, summarize) => {
-  if (!progress) {
-    return factory();
-  }
-  progress.start(id);
-  const startedAt = Date.now();
-  try {
-    const value = await factory();
-    const elapsed = Date.now() - startedAt;
-    const { status, summary } = summarize(value, elapsed);
-    progress.finish(id, status, summary);
-    return value;
-  } catch (error) {
-    const elapsed = Date.now() - startedAt;
-    const message = error instanceof Error ? error.message : String(error);
-    progress.finish(id, "error", `${message} (${fmtDuration(elapsed)})`);
-    throw error;
-  }
-};
-const buildSectionFindings = (section, payload) => {
-  const partial = {
-    duplicates: payload.duplicates,
-    optimizations: payload.optimizations,
-    outdated: payload.outdated,
-    runtime: payload.runtime,
-    sections: /* @__PURE__ */ new Set([section])};
-  return flattenFindings(partial);
-};
-const streamScans = async (context) => {
-  const { filterPatterns, installed, progress, resolveCodemods, sections, store, visConfig, workspaceRoot } = context;
-  const wantsDeps = sections.has("dependencies");
-  const wantsSec = sections.has("security");
-  const wantsOpt = sections.has("optimization");
-  const wantsRuntime = sections.has("runtime");
-  const sectionFindings = (section, payload) => filterFindingsByPattern(buildSectionFindings(section, payload), filterPatterns);
-  const pm = detectPm(workspaceRoot);
-  const { packageManager } = findPackageManagerSync(workspaceRoot);
-  const rootDeps = collectDepsFromPkgJson(join(workspaceRoot, "package.json"), false);
-  const workspaceDirectories = discoverWorkspacePackages(workspaceRoot);
-  const allDeps = new Set(rootDeps);
-  for (const wsDir of workspaceDirectories) {
-    const wsDeps = collectDepsFromPkgJson(join(resolve(workspaceRoot, wsDir), "package.json"), false);
-    for (const dep of wsDeps) {
-      allDeps.add(dep);
-    }
-  }
-  const npmrcConfig = loadNpmrc(workspaceRoot);
-  const catalogs = readCatalogs(workspaceRoot, packageManager);
-  const socketOptions = buildSocketOptions(visConfig?.security?.socket);
-  const acceptedRisks = visConfig?.security?.socket?.acceptedRisks;
-  const lockText = readLockfileText(workspaceRoot, pm.name);
-  const checkOptions = {
-    exclude: [],
-    ignore: [],
-    include: [],
-    includeLocked: false,
-    includePrerelease: false,
-    security: true,
-    target: "latest"
-  };
-  const duplicates = wantsDeps ? findDuplicateDependencies(workspaceRoot, pm.name) : [];
-  const e18eEntries = wantsOpt ? buildE18eEntries(allDeps) : [];
-  const socketOverrideEntries = wantsOpt ? buildSocketEntries(allDeps, lockText, pm, false) : [];
-  const e18eNames = new Set(e18eEntries.map((e) => e.packageName));
-  const dedupedSocket = socketOverrideEntries.filter((e) => !e18eNames.has(e.packageName));
-  const allOptimizations = [...e18eEntries, ...dedupedSocket];
-  const runtime = wantsRuntime ? runRuntimeDiagnostics() : [];
-  if (store) {
-    if (wantsDeps) {
-      store.startSection("dependencies", catalogs.size > 0 ? "checking outdated catalog dependencies" : "scanning duplicates");
-    }
-    if (wantsSec) {
-      store.startSection(
-        "security",
-        installed.length > 0 ? `scanning ${String(installed.length)} packages for advisories` : "no installed packages to scan"
-      );
-    }
-    if (wantsOpt) {
-      store.startSection("optimization", "matching e18e + socket overrides");
-    }
-    if (wantsRuntime) {
-      store.startSection("runtime", "running runtime diagnostics");
-    }
-  }
-  if (store && wantsRuntime) {
-    store.completeSection(
-      "runtime",
-      sectionFindings("runtime", {
-        duplicates: [],
-        optimizations: [],
-        outdated: [],
-        runtime
-      })
-    );
-  }
-  const needsOutdated = (wantsDeps || wantsSec) && catalogs.size > 0;
-  const outdatedPromise = needsOutdated ? tracked(
-    progress,
-    "outdated",
-    () => checkOutdated(catalogs, checkOptions, npmrcConfig, void 0, workspaceRoot, socketOptions, acceptedRisks),
-    (result, ms) => {
-      const count = result.outdated.length;
-      return {
-        status: count > 0 ? "warn" : "ok",
-        summary: count > 0 ? `${String(count)} outdated · ${fmtDuration(ms)}` : `up to date · ${fmtDuration(ms)}`
-      };
-    }
-  ) : Promise.resolve({ failed: [], ignored: [], outdated: [] });
-  const vulnPromise = wantsSec && installed.length > 0 ? tracked(
-    progress,
-    "vulnerabilities",
-    () => fetchVulnerabilities(
-      installed.map((p) => {
-        return { name: p.name, version: p.version };
-      })
-    ),
-    (vulnMap2, ms) => {
-      let count = 0;
-      for (const list of vulnMap2.values()) {
-        count += list.length;
-      }
-      return {
-        status: count > 0 ? "error" : "ok",
-        summary: count > 0 ? `${String(count)} found · ${fmtDuration(ms)}` : `none found · ${fmtDuration(ms)}`
-      };
-    }
-  ) : Promise.resolve(/* @__PURE__ */ new Map());
-  const socketReportsPromise = wantsSec && socketOptions && installed.length > 0 ? tracked(
-    progress,
-    "socket",
-    () => fetchSocketReports(
-      installed.map((p) => {
-        return { name: p.name, version: p.version };
-      }),
-      socketOptions
-    ),
-    (reports, ms) => {
-      let alerts = 0;
-      let low = 0;
-      for (const report of reports.values()) {
-        alerts += report.alerts.length;
-        if (report.score.overall < DEFAULT_LOW_SCORE_THRESHOLD) {
-          low += 1;
-        }
-      }
-      const issues = alerts + low;
-      return {
-        status: issues > 0 ? "warn" : "ok",
-        summary: issues > 0 ? `${String(alerts)} alert${alerts === 1 ? "" : "s"}, ${String(low)} low-score · ${fmtDuration(ms)}` : `clean · ${fmtDuration(ms)}`
-      };
-    }
-  ) : Promise.resolve(/* @__PURE__ */ new Map());
-  let outdatedError;
-  let vulnError;
-  let socketError;
-  let optError;
-  const outdatedSafe = outdatedPromise.catch((error) => {
-    outdatedError = error instanceof Error ? error.message : String(error);
-    if (!store) {
-      pail.warn(`Outdated scan failed: ${outdatedError}`);
-    }
-    return { failed: [], ignored: [], outdated: [] };
-  });
-  const vulnSafe = vulnPromise.catch((error) => {
-    vulnError = error instanceof Error ? error.message : String(error);
-    if (!store) {
-      pail.warn(`Vulnerability scan failed: ${vulnError}`);
-    }
-    return /* @__PURE__ */ new Map();
-  });
-  const socketSafe = socketReportsPromise.catch((error) => {
-    socketError = error instanceof Error ? error.message : String(error);
-    if (!store) {
-      pail.warn(`Socket scan failed: ${socketError}`);
-    }
-    return /* @__PURE__ */ new Map();
-  });
-  const depsStream = store && wantsDeps ? outdatedSafe.then((res) => {
-    if (outdatedError) {
-      store.failSection("dependencies", outdatedError);
-      return;
-    }
-    store.completeSection(
-      "dependencies",
-      sectionFindings("dependencies", {
-        duplicates,
-        optimizations: [],
-        outdated: res.outdated,
-        runtime: []
-      })
-    );
-  }) : void 0;
-  const secStream = store && wantsSec ? Promise.all([outdatedSafe, vulnSafe, socketSafe]).then(([res]) => {
-    const firstError = outdatedError ?? vulnError ?? socketError;
-    if (firstError) {
-      store.failSection("security", firstError);
-      return;
-    }
-    store.completeSection(
-      "security",
-      sectionFindings("security", {
-        duplicates: [],
-        optimizations: [],
-        outdated: res.outdated,
-        runtime: []
-      })
-    );
-  }) : void 0;
-  const optStream = (async () => {
-    if (resolveCodemods && wantsOpt && allOptimizations.length > 0) {
-      await tracked(
-        progress,
-        "codemods",
-        async () => {
-          await markCodemodAvailability(allOptimizations);
-          return allOptimizations;
-        },
-        (entries, ms) => {
-          const fixable = entries.filter((entry) => entry.hasCodemod || entry.category === "socket").length;
-          return {
-            status: "ok",
-            summary: `${String(fixable)} auto-fixable · ${fmtDuration(ms)}`
-          };
-        }
-      ).catch((error) => {
-        optError = error instanceof Error ? error.message : String(error);
-      });
-    }
-    if (store && wantsOpt) {
-      if (optError) {
-        store.failSection("optimization", optError);
-        return;
-      }
-      store.completeSection(
-        "optimization",
-        sectionFindings("optimization", {
-          duplicates: [],
-          optimizations: allOptimizations,
-          outdated: [],
-          runtime: []
-        })
-      );
-    }
-  })();
-  const [outdatedResult, vulnMap, socketReports] = await Promise.all([outdatedSafe, vulnSafe, socketSafe]);
-  await Promise.all([depsStream, secStream, optStream]);
-  let socketAlerts = 0;
-  let socketLowScore = 0;
-  if (wantsSec && socketOptions) {
-    for (const report of socketReports.values()) {
-      socketAlerts += report.alerts.length;
-      if (report.score.overall < DEFAULT_LOW_SCORE_THRESHOLD) {
-        socketLowScore += 1;
-      }
-    }
-  }
-  let vulnCount = 0;
-  if (wantsSec) {
-    for (const entry of outdatedResult.outdated) {
-      if (entry.vulnerabilities && entry.vulnerabilities.length > 0) {
-        vulnCount += entry.vulnerabilities.length;
-      }
-    }
-    for (const list of vulnMap.values()) {
-      vulnCount += list.length;
-    }
-  }
-  return {
-    duplicates,
-    installedCount: installed.length,
-    optimizations: wantsOpt ? allOptimizations : [],
-    outdated: wantsDeps ? outdatedResult.outdated : [],
-    runtime,
-    sections,
-    socketIssues: { alerts: socketAlerts, lowScore: socketLowScore },
-    // Supply-chain posture is config-derived and cheap; always
-    // compute so the doctor section can render even when --only is
-    // limited to other sections (the section filters its own
-    // visibility in displayResults).
-    supplyChain: buildSupplyChainPosture(visConfig),
-    vulnCount,
-    workspaceCount: workspaceDirectories.length
-  };
-};
-const sectionIcon = (status) => {
-  switch (status) {
-    case "error": {
-      return red(SYMBOLS.failure);
-    }
-    case "skip": {
-      return dim(SYMBOLS.dash);
-    }
-    case "warn": {
-      return yellow(SYMBOLS.warning);
-    }
-    default: {
-      return green(SYMBOLS.success);
-    }
-  }
-};
-const heading = (title, status) => {
-  const cols = process.stderr.columns ?? 80;
-  const cap = Math.max(20, Math.min(cols - 2, 60));
-  const decoration = SYMBOLS.dash.repeat(2);
-  const label = `${sectionIcon(status)} ${bold(title)}`;
-  const labelWidth = label.replaceAll(/\[[0-9;]*m/g, "").length;
-  const remaining = Math.max(0, cap - labelWidth - decoration.length - 2);
-  return `${decoration} ${label} ${dim(SYMBOLS.dash.repeat(remaining))}`;
-};
-const itemOk = (text) => `  ${green(SYMBOLS.success)} ${text}`;
-const itemWarn = (text) => `  ${yellow(SYMBOLS.warning)} ${text}`;
-const itemError = (text) => `  ${red(SYMBOLS.failure)} ${text}`;
-const itemSkip = (text) => `  ${dim(SYMBOLS.dash)} ${dim(text)}`;
-const countLine = (count, label, parenthetical) => {
-  const head = `${bold(String(count))} ${dim(label)}`;
-  return parenthetical ? `${head} ${dim(`(${parenthetical})`)}` : head;
-};
-const displayDependencies = (results) => {
-  if (!results.sections.has("dependencies")) {
-    return;
-  }
-  pail.log("");
-  pail.log(heading("Dependencies", sectionStatus(results, "dependencies")));
-  pail.log(itemOk(countLine(results.installedCount, "packages installed")));
-  if (results.outdated.length > 0) {
-    const majors = results.outdated.filter((e) => e.updateType === "major").length;
-    const minors = results.outdated.filter((e) => e.updateType === "minor").length;
-    const patches = results.outdated.filter((e) => e.updateType === "patch").length;
-    const parts = [];
-    if (majors > 0) {
-      parts.push(`${String(majors)} major`);
-    }
-    if (minors > 0) {
-      parts.push(`${String(minors)} minor`);
-    }
-    if (patches > 0) {
-      parts.push(`${String(patches)} patch`);
-    }
-    pail.log(itemWarn(countLine(results.outdated.length, "outdated", parts.join(", "))));
-  } else {
-    pail.log(itemOk("All dependencies up to date"));
-  }
-  if (results.duplicates.length > 0) {
-    pail.log(itemWarn(countLine(results.duplicates.length, "packages with duplicate versions")));
-  } else {
-    pail.log(itemOk("No duplicate dependencies"));
-  }
-};
-const displaySecurity = (results) => {
-  if (!results.sections.has("security")) {
-    return;
-  }
-  pail.log("");
-  pail.log(heading("Security", sectionStatus(results, "security")));
-  if (results.vulnCount > 0) {
-    pail.log(itemError(countLine(results.vulnCount, `vulnerabilit${results.vulnCount === 1 ? "y" : "ies"} found`)));
-  } else {
-    pail.log(itemOk("No known vulnerabilities"));
-  }
-  if (results.socketIssues.alerts > 0) {
-    pail.log(itemWarn(countLine(results.socketIssues.alerts, `Socket.dev security alert${results.socketIssues.alerts === 1 ? "" : "s"}`)));
-  }
-  if (results.socketIssues.lowScore > 0) {
-    pail.log(itemWarn(countLine(results.socketIssues.lowScore, `package${results.socketIssues.lowScore === 1 ? "" : "s"} with low security score`)));
-  }
-  if (results.socketIssues.alerts === 0 && results.socketIssues.lowScore === 0 && results.vulnCount === 0) {
-    pail.log(itemOk("No security issues detected"));
-  }
-};
-const displayOptimization = (results) => {
-  if (!results.sections.has("optimization")) {
-    return;
-  }
-  pail.log("");
-  pail.log(heading("Optimization", sectionStatus(results, "optimization")));
-  const counts = summarizeOptimizations(results.optimizations);
-  if (counts.total === 0) {
-    pail.log(itemOk("No optimizations available"));
-    return;
-  }
-  if (counts.native > 0) {
-    pail.log(itemWarn(countLine(counts.native, "replaceable with native APIs")));
-  }
-  if (counts.preferred > 0) {
-    pail.log(itemWarn(countLine(counts.preferred, "with lighter alternatives")));
-  }
-  if (counts.micro > 0) {
-    pail.log(itemWarn(countLine(counts.micro, "trivial micro-utilities")));
-  }
-  if (counts.socket > 0) {
-    pail.log(itemWarn(countLine(counts.socket, "@socketregistry overrides available")));
-  }
-};
-const displaySupplyChain = (results) => {
-  pail.log("");
-  pail.log(heading("Supply Chain", results.supplyChain.status));
-  for (const finding of results.supplyChain.findings) {
-    const line = finding.severity === "ok" ? itemOk(finding.label) : finding.severity === "error" ? itemError(finding.label) : itemWarn(finding.label);
-    pail.log(line);
-    if (finding.detail) {
-      pail.log(`  ${dim(SYMBOLS.arrow)} ${dim(finding.detail)}`);
-    }
-  }
-  if (results.supplyChain.status !== "ok") {
-    pail.log(`  ${dim(SYMBOLS.arrow)} ${dim("Configure with security.* in vis.config.ts. See `vis check --security-config` for details.")}`);
-  }
-};
-const displayRuntime = (results) => {
-  if (!results.sections.has("runtime")) {
-    return;
-  }
-  pail.log("");
-  pail.log(heading("Runtime", sectionStatus(results, "runtime")));
-  for (const diagnostic of results.runtime) {
-    if (diagnostic.status === "ok") {
-      pail.log(itemOk(diagnostic.message));
-    } else if (diagnostic.status === "skip") {
-      pail.log(itemSkip(diagnostic.message));
-    } else {
-      pail.log(itemWarn(diagnostic.message));
-    }
-  }
-};
-const displaySummary = (results, quiet) => {
-  const criticalCount = results.vulnCount;
-  const runtimeWarnings = results.runtime.filter((d) => d.status === "warn").length;
-  const improvementCount = results.outdated.length + results.duplicates.length + results.optimizations.length + runtimeWarnings;
-  if (quiet) {
-    if (criticalCount === 0 && improvementCount === 0) {
-      pail.success(`Everything looks good! ${dim(`(${fmtDuration(results.elapsedMs)})`)}`);
-    } else {
-      const parts = [];
-      if (criticalCount > 0) {
-        parts.push(red(`${String(criticalCount)} security`));
-      }
-      if (improvementCount > 0) {
-        parts.push(yellow(`${String(improvementCount)} improvement${improvementCount === 1 ? "" : "s"}`));
-      }
-      pail.log(`${red(SYMBOLS.failure)} ${parts.join(", ")} ${dim(`(${fmtDuration(results.elapsedMs)})`)}`);
-    }
-    return;
-  }
-  pail.log("");
-  pail.log(heading("Summary", "ok"));
-  if (criticalCount === 0 && improvementCount === 0) {
-    pail.success(`Everything looks good! ${dim(`(${fmtDuration(results.elapsedMs)})`)}`);
-  } else {
-    if (criticalCount > 0) {
-      pail.error(`${String(criticalCount)} security issue${criticalCount === 1 ? "" : "s"}`);
-    }
-    if (improvementCount > 0) {
-      pail.log(
-        `  ${cyan(SYMBOLS.arrow)} ${bold(String(improvementCount))} ${dim(`improvement${improvementCount === 1 ? "" : "s"} available`)} ${dim(`(${fmtDuration(results.elapsedMs)})`)}`
-      );
-    }
-  }
-};
-const displayActions = (results) => {
-  const actions = [];
-  if (results.outdated.length > 0) {
-    actions.push("vis update     — update outdated dependencies");
-  }
-  if (results.vulnCount > 0 || results.socketIssues.alerts > 0) {
-    actions.push("vis audit      — detailed security analysis");
-  }
-  if (results.optimizations.length > 0) {
-    actions.push("vis optimize   — apply optimizations interactively");
-  }
-  if (results.duplicates.length > 0) {
-    actions.push("vis dedupe     — reduce duplicate versions");
-  }
-  if (actions.length > 0) {
-    pail.log("");
-    pail.log(bold("Next steps:"));
-    for (const action of actions) {
-      pail.log(`  ${dim(SYMBOLS.arrow)} ${action}`);
-    }
-  }
-  pail.log("");
-};
-const displayResults = (results, quiet) => {
-  if (!quiet) {
-    displayDependencies(results);
-    displaySecurity(results);
-    displayOptimization(results);
-    displayRuntime(results);
-    displaySupplyChain(results);
-  }
-  displaySummary(results, quiet);
-};
-const planScanTasks = (sections, catalogsCount, socketEnabled, installedCount, fix) => {
-  const tasks = [];
-  const wantsDeps = sections.has("dependencies");
-  const wantsSec = sections.has("security");
-  const wantsOpt = sections.has("optimization");
-  if ((wantsDeps || wantsSec) && catalogsCount > 0) {
-    tasks.push({ id: "outdated", label: "Outdated catalog dependencies" });
-  }
-  if (wantsSec && installedCount > 0) {
-    tasks.push({ id: "vulnerabilities", label: "Known vulnerabilities (OSV)" });
-  }
-  if (wantsSec && socketEnabled && installedCount > 0) {
-    tasks.push({ id: "socket", label: "Socket.dev supply-chain reports" });
-  }
-  if (wantsOpt && fix) {
-    tasks.push({ id: "codemods", label: "Codemod availability" });
-  }
-  return tasks;
-};
-const printBanner = (input) => {
-  pail.log("");
-  pail.log(`${bold(cyan("vis doctor"))} ${dim("— project health check")}`);
-  pail.log(itemOk(`Detected ${input.packageManagerName} v${input.packageManagerVersion}`));
-  if (input.runtimeFindings.length === 0) {
-    pail.log(itemOk(`Node.js ${input.nodeVersion}`));
-  } else {
-    for (const finding of input.runtimeFindings) {
-      const colour = finding.severity === "error" ? red : yellow;
-      pail.log(itemError(`Runtime: ${colour(finding.message)}`));
-    }
-    pail.log(
-      `  ${dim(SYMBOLS.arrow)} Run ${green("vis toolchain install")} to install pinned versions, or ${green("vis toolchain status")} for the per-tool breakdown.`
-    );
-  }
-  pail.log("");
-};
-const execute = async ({ logger, options, visConfig, visConfigError, workspaceRoot: wsRoot }) => {
-  if (!wsRoot) {
-    throw new Error("Could not determine workspace root.");
-  }
-  const isJson = options.format === "json" || options.json === true;
-  const sections = resolveSections(options.only, options.skip);
-  const quiet = Boolean(options.quiet);
-  const noProgress = Boolean(options.noProgress);
-  const filterPatterns = parseFilterPatterns(options.filter);
-  if (sections.size === 0) {
-    pail.error("No sections selected. Check your --only / --skip values.");
-    process.exitCode = 2;
-    return;
-  }
-  const startedAt = Date.now();
-  const pm = detectPm(wsRoot);
-  const runtimeFindings = checkRuntimeVersions(wsRoot);
-  const stdoutTty = Boolean(process.stdout.isTTY);
-  const wantsInteractive = !isJson && stdoutTty && !isInCi && !quiet && !noProgress;
-  if (!isJson && !wantsInteractive) {
-    printBanner({
-      nodeVersion: process.versions.node,
-      packageManagerName: pm.name,
-      packageManagerVersion: pm.version,
-      runtimeFindings});
-  }
-  const catalogs = readCatalogs(wsRoot, findPackageManagerSync(wsRoot).packageManager);
-  const installed = lockedPackages(wsRoot, pm.name);
-  const installedCount = installed.length;
-  const socketEnabled = Boolean(buildSocketOptions(visConfig?.security?.socket));
-  const workspaceDirectories = discoverWorkspacePackages(wsRoot);
-  if (!isJson && !quiet && !wantsInteractive) {
-    const wsLine = workspaceDirectories.length > 0 ? dim(` · ${String(workspaceDirectories.length)} workspace package${workspaceDirectories.length === 1 ? "" : "s"}`) : "";
-    pail.log(`${dim("·")} ${dim("Found")} ${bold(String(installedCount))} ${dim(`installed package${installedCount === 1 ? "" : "s"}`)}${wsLine}`);
-  }
-  const banner = visConfigError ? {
-    hint: visConfigError.file ? `Continuing with default settings — fix or regenerate ${visConfigError.file} (vis init --force).` : "Continuing with default settings.",
-    message: visConfigError.message,
-    severity: "error",
-    title: visConfigError.file ? `Failed to load ${visConfigError.file}` : "Failed to load vis.config"
-  } : void 0;
-  const lockfileNameByPm = {
-    bun: "bun.lock",
-    npm: "package-lock.json",
-    pnpm: "pnpm-lock.yaml",
-    yarn: "yarn.lock"
-  };
-  const lockfileFile = lockfileNameByPm[pm.name];
-  const lockfilePath = lockfileFile ? join(wsRoot, lockfileFile) : void 0;
-  const configFilePath = findVisConfigFile(wsRoot);
-  const cacheEnabled = !options.noCache && !options.fix;
-  const cacheKey = cacheEnabled ? buildDoctorCacheKey({
-    configPath: configFilePath,
-    lockfilePath,
-    sections,
-    socketEnabled,
-    workspaceRoot: wsRoot
-  }) : void 0;
-  const cachedResults = cacheKey ? readDoctorCache(cacheKey) : void 0;
-  const cacheHit = cachedResults !== void 0;
-  let scanResults;
-  let pendingAction;
-  if (wantsInteractive) {
-    const store = cachedResults ? new DoctorStore({ activeSections: sections, findings: filterFindingsByPattern(flattenFindings(cachedResults), filterPatterns) }) : new DoctorStore({ activeSections: sections });
-    const instance = render(React.createElement(VisDoctorApp, { banner, fromCache: cacheHit, startedAt, store }), {
-      alternateScreen: true,
-      exitOnCtrlC: false,
-      interactive: true,
-      patchConsole: true
-    });
-    try {
-      scanResults = cachedResults ?? await streamScans({
-        filterPatterns,
-        installed,
-        resolveCodemods: Boolean(options.fix),
-        sections,
-        store,
-        visConfig,
-        workspaceRoot: wsRoot
-      });
-    } catch (error) {
-      instance.unmount();
-      throw error;
-    }
-    await instance.waitUntilExit();
-    pendingAction = store.getSnapshot().pendingAction;
-  } else if (cachedResults) {
-    scanResults = cachedResults;
-  } else {
-    const tasks = planScanTasks(sections, catalogs.size, socketEnabled, installedCount, Boolean(options.fix));
-    const live = !isJson && !quiet && !noProgress;
-    const progress = startScanProgress(tasks, { live });
-    try {
-      scanResults = await streamScans({
-        filterPatterns,
-        installed,
-        progress,
-        resolveCodemods: Boolean(options.fix),
-        sections,
-        visConfig,
-        workspaceRoot: wsRoot
-      });
-    } finally {
-      progress.stop();
-    }
-  }
-  const fullResults = { ...scanResults, elapsedMs: Date.now() - startedAt };
-  if (cacheKey && !cacheHit) {
-    try {
-      writeDoctorCache(cacheKey, fullResults);
-    } catch {
-    }
-  }
-  const results = applyFilter(fullResults, filterPatterns);
-  if (isJson) {
-    process.stdout.write(`${JSON.stringify(buildJsonPayload(results, pm.name), void 0, 2)}
-`);
-    if (options.exitCode && shouldFail(results, Boolean(options.strict))) {
-      process.exitCode = 1;
-    }
-    return;
-  }
-  if (cacheHit && !quiet) {
-    pail.log(`${dim("·")} Cached results (use --no-cache to refresh)`);
-  }
-  if (filterPatterns.length > 0 && !quiet) {
-    pail.log(`${dim("·")} Filter active: ${cyan(options.filter ?? "")}`);
-  }
-  displayResults(results, quiet);
-  const hasOrphanWarning = results.runtime.some((d) => d.id === ORPHANS_DIAGNOSTIC_ID && d.status === "warn");
-  const hasOptimizationFixes = results.sections.has("optimization") && results.optimizations.length > 0;
-  if (options.fix && (hasOptimizationFixes || hasOrphanWarning)) {
-    await runFixes({
-      force: Boolean(options.fixForce),
-      logger,
-      pm,
-      recoverOrphans: hasOrphanWarning,
-      results,
-      workspaceRoot: wsRoot
-    });
-  } else if (!quiet) {
-    displayActions(results);
-  }
-  if (pendingAction) {
-    process.stdout.write("\n");
-    process.stdout.write(`${bold("→ ")}${pendingAction.description}
-`);
-    if (pendingAction.configSnippet) {
-      process.stdout.write("\n");
-      process.stdout.write(`${dim(pendingAction.configSnippet)}
-`);
-    } else {
-      process.stdout.write(`  ${cyan(pendingAction.command)}
-`);
-    }
-    process.stdout.write("\n");
-  }
-  if (options.exitCode && shouldFail(results, Boolean(options.strict))) {
-    process.exitCode = 1;
-  }
-};
-const runFixes = async (opts) => {
-  const { force, logger, pm, recoverOrphans, results, workspaceRoot } = opts;
-  pail.log("");
-  pail.log(heading("Applying fixes", "ok"));
-  const socketEntries = results.optimizations.filter((o) => o.category === "socket" && o.overrideSpec).map((o) => {
-    return { original: o.packageName, spec: o.overrideSpec };
-  });
-  const codemodEntries = results.optimizations.filter((o) => o.category !== "socket" && o.hasCodemod);
-  const manualEntries = results.optimizations.filter((o) => o.category !== "socket" && !o.hasCodemod);
-  let didSomething = false;
-  let codemodsApplied = 0;
-  const codemodFailures = [];
-  if (recoverOrphans) {
-    const recovery = killOrphanedRunners({ force });
-    if (recovery.killed.length > 0) {
-      pail.success(
-        `Cleaned up ${String(recovery.killed.length)} orphaned process${recovery.killed.length === 1 ? "" : "es"} (PIDs: ${recovery.killed.join(", ")}).`
-      );
-      didSomething = true;
-    }
-    if (recovery.failed.length > 0) {
-      const escalation = force ? "" : " Re-run with `--fix --fix-force` to escalate to SIGKILL.";
-      pail.warn(
-        `Could not signal ${String(recovery.failed.length)} orphan${recovery.failed.length === 1 ? "" : "s"}: ${recovery.failed.map((f) => `${String(f.pid)} (${f.reason})`).join(", ")}.${escalation}`
-      );
-    }
-  }
-  if (socketEntries.length > 0) {
-    const overrideResult = applyOverrides(workspaceRoot, join(workspaceRoot, "package.json"), socketEntries, pm);
-    if (overrideResult.added.length > 0) {
-      pail.success(`Added ${String(overrideResult.added.length)} security override${overrideResult.added.length === 1 ? "" : "s"}.`);
-      didSomething = true;
-    }
-    if (overrideResult.updated.length > 0) {
-      pail.success(`Updated ${String(overrideResult.updated.length)} override${overrideResult.updated.length === 1 ? "" : "s"}.`);
-      didSomething = true;
-    }
-  }
-  for (const entry of codemodEntries) {
-    try {
-      const codemodResult = await runCodemod(workspaceRoot, entry.packageName);
-      if (codemodResult.filesChanged > 0) {
-        pail.success(`${entry.packageName}: ${String(codemodResult.filesChanged)} file${codemodResult.filesChanged === 1 ? "" : "s"} updated`);
-        codemodsApplied += 1;
-        didSomething = true;
-      }
-    } catch (error) {
-      const message = error instanceof Error ? error.message : String(error);
-      codemodFailures.push({ error: message, package: entry.packageName });
-      pail.warn(`${entry.packageName}: codemod failed — ${message}`);
-    }
-  }
-  if (socketEntries.length > 0) {
-    pail.log(`${cyan(SYMBOLS.arrow)} Running ${pm.name} install to update lockfile…`);
-    const installOptions = {
-      dev: false,
-      filter: [],
-      force: false,
-      frozenLockfile: false,
-      ignoreScripts: false,
-      lockfileOnly: false,
-      noOptional: false,
-      offline: false,
-      prod: false,
-      recursive: false,
-      silent: false,
-      workspaceRoot: false
-    };
-    runInstall(pm, installOptions, workspaceRoot, logger);
-    didSomething = true;
-  }
-  pail.log("");
-  if (didSomething) {
-    pail.success(`Fixes applied. ${codemodsApplied > 0 ? `${String(codemodsApplied)} codemod${codemodsApplied === 1 ? "" : "s"} applied.` : ""}`.trim());
-  } else {
-    pail.log(itemSkip("No auto-fixable items in the current run."));
-  }
-  if (codemodFailures.length > 0) {
-    pail.warn(
-      `${String(codemodFailures.length)} codemod${codemodFailures.length === 1 ? "" : "s"} failed (run ${green("vis optimize")} for the interactive picker).`
-    );
-  }
-  if (manualEntries.length > 0) {
-    pail.notice(
-      `${String(manualEntries.length)} optimization${manualEntries.length === 1 ? "" : "s"} need manual review (no codemod). Run ${green("vis optimize")} to inspect them.`
-    );
-  }
-};
-
-export { execute as default };
+var Dt=Object.defineProperty;var D=(e,t)=>Dt(e,"name",{value:t,configurable:!0});import{createRequire as Ot}from"node:module";import{green as we,yellow as ze,dim as b,red as Re,bold as ae,cyan as Te}from"@visulima/colorize";import{findPackageManagerSync as at}from"@visulima/package";import{join as te,isAbsolute as Ft,resolve as ct}from"@visulima/path";import{Box as h,Text as n,ScrollView as Mt,Spinner as dt,Tabs as zt,Tab as jt,ScrollBar as Et,useApp as Bt,useWindowSize as Lt,useInput as _t,Dialog as Ut,render as Vt}from"@visulima/tui";import{B as qe,an as Xe,F as Le,A as ut,u as Ht,g as ht,V as pt,S as Gt,b as Yt,U as Kt,p as u,ah as j,s as Jt,h as qt}from"./bin.js";import Xt,{useSyncExternalStore as Wt,useState as xe,useEffect as Be,useRef as We,useMemo as Pe,useCallback as Qe}from"react";import{X as ii}from"../packem_shared/xxh3-DrAUNq4n.js";import{isAccessibleSync as Fe,readJsonSync as gt,ensureDirSync as ri}from"@visulima/fs";import{findVisConfigFile as ni}from"./applyDefaults.js";import{x as et,A as ft,L as oi,F as si,T as li,I as ai,a as ci,U as di}from"./handler40.js";import{c as ui}from"../packem_shared/runtime-check-BXZ43CBW.js";import{f as hi,l as pi,s as gi}from"../packem_shared/dependency-scan-COr5n63B.js";import{jsxs as a,jsx as r,Fragment as fi}from"react/jsx-runtime";import{u as mi}from"../packem_shared/use-measured-height-DjYgUOKk.js";import{readYamlSync as yi}from"@visulima/fs/yaml";import{s as ki}from"../packem_shared/verify-Baj5mFJ7.js";const Nt=Ot(import.meta.url),Ce=typeof globalThis<"u"&&typeof globalThis.process<"u"?globalThis.process:process,Ue=D(e=>{if(typeof Ce<"u"&&Ce.versions&&Ce.versions.node){const[t,i]=Ce.versions.node.split(".").map(Number);if(t>22||t===22&&i>=3||t===20&&i>=16)return Ce.getBuiltinModule(e)}return Nt(e)},"__cjs_getBuiltinModule"),{statSync:Qt,rmSync:Ze,writeFileSync:Zt,readFileSync:ei}=Ue("node:fs"),{homedir:ti}=Ue("node:os"),{spawnSync:mt}=Ue("node:child_process");var wi=Object.defineProperty,Ae=D((e,t)=>wi(e,"name",{value:t,configurable:!0}),"r$2");const _e=Ae(()=>te(ti(),".vis","cache","doctor"),"getCacheDirectory"),vi=1800*1e3,tt=Ae(e=>{if(!e)return"";try{return String(Qt(e).mtimeMs)}catch{return""}},"safeMtime"),bi=2,Si=Ae(e=>{const t=JSON.stringify({configMtime:tt(e.configPath),lockfileMtime:tt(e.lockfilePath),schema:bi,sections:[...e.sections].toSorted(),socketEnabled:e.socketEnabled,workspaceRoot:e.workspaceRoot});return ii(Buffer.from(t))},"buildDoctorCacheKey"),$i=Ae(e=>{const t=te(_e(),`${e}.json`);if(Fe(t))try{const i=gt(t);if(Date.now()-i.createdAt>i.ttlMs){Ze(t,{force:!0});return}return{...i.results,sections:new Set(i.results.sections)}}catch{Ze(t,{force:!0});return}},"readDoctorCache"),Ci=Ae((e,t,i=vi)=>{ri(_e());const s={createdAt:Date.now(),results:{...t,sections:[...t.sections]},ttlMs:i};Zt(te(_e(),`${e}.json`),JSON.stringify(s,void 0,2),"utf8")},"writeDoctorCache");var xi=Object.defineProperty,U=D((e,t)=>xi(e,"name",{value:t,configurable:!0}),"i$3");const Oe="orphans",Ri=U(()=>{if(process.platform!=="linux")return{id:"inotify",message:"inotify capacity check skipped (not Linux).",status:"skip"};let e;try{const t=ei("/proc/sys/fs/inotify/max_user_watches","utf8").trim(),i=Number.parseInt(t,10);Number.isFinite(i)&&i>0&&(e=i)}catch{return{id:"inotify",message:"Could not read /proc/sys/fs/inotify/max_user_watches.",status:"warn"}}return e===void 0?{id:"inotify",message:"inotify max_user_watches reported a non-numeric value.",status:"warn"}:e<65536?{detail:{maxWatches:e},id:"inotify",message:`inotify watcher limit is ${String(e)} — large monorepos can exhaust this. Bump now with \`sudo sysctl fs.inotify.max_user_watches=524288\` and persist via \`/etc/sysctl.d/99-vis.conf\` so it survives reboot.`,status:"warn"}:{detail:{maxWatches:e},id:"inotify",message:`inotify capacity OK (${String(e)} watches).`,status:"ok"}},"checkInotifyCapacity"),Ti=U(()=>{const e=!!process.stdin.isTTY,t=!!process.stdout.isTTY;return e&&t?{id:"tty",message:"Interactive TTY available — watch keybinds enabled.",status:"ok"}:!e&&!t?{id:"tty",message:"No TTY on stdin/stdout — running in CI / piped mode (keybinds disabled).",status:"skip"}:{detail:{stdin:String(e),stdout:String(t)},id:"tty",message:e?"stdin is a TTY but stdout is not — output is being captured; keybinds still work.":"stdout is a TTY but stdin is not — keybinds disabled (input is piped).",status:"skip"}},"checkTtyAvailability"),Ai=U(()=>{const e=process.pid;try{return process.platform==="win32"?wt(e):kt(e)}catch{return[]}},"listOrphanPids"),Ii=U(()=>{const e=process.pid;let t;try{t=process.platform==="win32"?wt(e):kt(e)}catch{return{id:Oe,message:"Could not enumerate processes (ps/tasklist failed).",status:"warn"}}if(t.length===0)return{id:Oe,message:"No orphaned vis/task-runner processes detected.",status:"ok"};if(t.length<=2)return{detail:{count:t.length,pids:t.join(",")},id:Oe,message:`${String(t.length)} possibly orphaned process(es) detected (PIDs: ${t.join(", ")}). Likely benign.`,status:"skip"};const i=process.platform==="win32"?t.map(s=>`taskkill /F /PID ${String(s)}`).join(" & "):`kill ${t.join(" ")}`;return{detail:{count:t.length,pids:t.join(",")},id:"orphans",message:`${String(t.length)} possibly orphaned vis/task-runner processes — run \`vis doctor --fix\` to clean them up, or kill them manually: ${i}`,status:"warn"}},"checkOrphanedRunners"),Pi=U((e={})=>{const t=e.enumerate??Ai,i=e.force===!0?"SIGKILL":"SIGTERM",s=e.kill??Mi,o=t(),l=[],c=[];for(const p of o)try{s(p,i),l.push(p)}catch(d){const $=d.code??d.message;if($==="ESRCH"){l.push(p);continue}c.push({pid:p,reason:$})}return{failed:c,killed:l}},"killOrphanedRunners"),Di=U(e=>mt("taskkill",e,{encoding:"utf8"}),"defaultTaskkillRunner"),Oi=U((e,t)=>{process.kill(e,t)},"defaultProcessKill"),Ni=U((e,t,i=Di)=>{const s=t==="SIGKILL"?["/F","/PID",String(e)]:["/PID",String(e)],o=i(s);if(o.error)throw o.error;if(typeof o.status=="number"&&o.status!==0){const l=o.status===128?"ESRCH":`taskkill exited with code ${String(o.status)}`,c=new Error(l);throw c.code=l,c}},"killViaTaskkill"),Fi=U((e,t,i=Oi)=>{i(e,t)},"killViaSignal"),Mi=U((e,t)=>{if(process.platform==="win32"){Ni(e,t);return}Fi(e,t)},"defaultKill"),yt=U((e,t)=>{const i=mt(e,t,{encoding:"utf8"});if(i.error)throw i.error;if(typeof i.status=="number"&&i.status!==0)throw new Error(`${e} exited with code ${String(i.status)}`);return typeof i.stdout=="string"?i.stdout:""},"runProcessListing"),kt=U(e=>{const t=yt("ps",["-Ao","pid=,command="]),i=[];for(const s of t.split(`
+`)){if(s.length===0)continue;const o=/^\s*(\d+)\s+(.+)$/.exec(s);if(!o)continue;const l=Number.parseInt(o[1]??"",10),c=(o[2]??"").toLowerCase();!Number.isFinite(l)||l===e||(/(?:^|[ /])vis-native(?:\s|$|[-.])/.test(c)||/(?:^|[ /])vis\s+run\b/.test(c)||/(?:^|[ /])task-runner(?:\s|$|[-.])/.test(c))&&i.push(l)}return i},"listOrphansUnix"),wt=U(e=>{const t=yt("tasklist",["/FO","CSV","/NH"]),i=[];for(const s of t.split(/\r?\n/)){if(s.length===0)continue;const o=s.split(/","/).map(p=>p.replaceAll(/^"|"$/g,"")),l=(o[0]??"").toLowerCase(),c=Number.parseInt(o[1]??"",10);!Number.isFinite(c)||c===e||(l==="vis.exe"||l.startsWith("vis-native")||l.includes("task-runner"))&&i.push(c)}return i},"listOrphansWindows"),zi=U(()=>[Ri(),Ti(),Ii()],"runRuntimeDiagnostics");var ji=Object.defineProperty,ke=D((e,t)=>ji(e,"name",{value:t,configurable:!0}),"s$2");const ye=[{id:"dependencies",label:"Deps"},{id:"security",label:"Security"},{id:"optimization",label:"Optimize"},{id:"runtime",label:"Runtime"}],Me=["dependencies","security","optimization","runtime"],fe=ke(e=>{const t=new Map;for(const i of Me)t.set(i,[]);for(const i of e)t.get(i.section).push(i);for(const[i,s]of t)s.length===0&&t.delete(i);return t},"groupBySection"),me=ke((e,t,i,s)=>{let o=e.filter(l=>l.section===t);if(s&&(o=o.filter(l=>l.severity===s)),i){const l=i.toLowerCase();o=o.filter(c=>c.title.toLowerCase().includes(l))}return[...o]},"filterFindings"),Ei=ke(e=>{const t={dependencies:"idle",optimization:"idle",runtime:"idle",security:"idle"};for(const i of Me)e.has(i)&&(t[i]="idle");return t},"initialStatus");class it{static{D(this,"DoctorStore")}static{ke(this,"DoctorStore")}#e;#i=new Set;constructor(t=[]){const i=Array.isArray(t)?{findings:t}:t,s=i.findings??[],o=i.activeSections??new Set(Me),l=Me.find(d=>o.has(d))??"dependencies",c=me(s,l,"",void 0),p=Ei(o);if(s.length>0)for(const d of s)p[d.section]="done";this.#e={all:s,entries:c,filterActive:!1,filterText:"",filterType:l,focusedPanel:"list",grouped:fe(c),pendingAction:void 0,sectionError:{},sectionMessage:{},sectionStatus:p,selectedIndex:0,severityFilter:void 0}}getSnapshot=ke(()=>this.#e,"getSnapshot");subscribe=ke(t=>(this.#i.add(t),()=>{this.#i.delete(t)}),"subscribe");setSelectedIndex(t){const i=Math.max(0,Math.min(t,this.#e.entries.length-1));i!==this.#e.selectedIndex&&this.#t({...this.#e,selectedIndex:i})}setFocusedPanel(t){t!==this.#e.focusedPanel&&this.#t({...this.#e,focusedPanel:t})}setFilterType(t){if(t===this.#e.filterType)return;const i=me(this.#e.all,t,this.#e.filterText,this.#e.severityFilter);this.#t({...this.#e,entries:i,filterType:t,grouped:fe(i),selectedIndex:0})}setFilter(t){const i=me(this.#e.all,this.#e.filterType,t,this.#e.severityFilter);this.#t({...this.#e,entries:i,filterText:t,grouped:fe(i),selectedIndex:0})}setFilterActive(t){if(t===this.#e.filterActive)return;if(t){this.#t({...this.#e,filterActive:!0});return}const i=me(this.#e.all,this.#e.filterType,"",this.#e.severityFilter);this.#t({...this.#e,entries:i,filterActive:!1,filterText:"",grouped:fe(i),selectedIndex:0})}setPendingAction(t){this.#t({...this.#e,pendingAction:t})}setSeverityFilter(t){if(t===this.#e.severityFilter)return;const i=me(this.#e.all,this.#e.filterType,this.#e.filterText,t);this.#t({...this.#e,entries:i,grouped:fe(i),selectedIndex:0,severityFilter:t})}startSection(t,i){this.#t({...this.#e,sectionMessage:{...this.#e.sectionMessage,[t]:i},sectionStatus:{...this.#e.sectionStatus,[t]:"running"}})}completeSection(t,i){const s=[...this.#e.all,...i],o=me(s,this.#e.filterType,this.#e.filterText,this.#e.severityFilter),l={...this.#e.sectionMessage};delete l[t],this.#t({...this.#e,all:s,entries:o,grouped:fe(o),sectionMessage:l,sectionStatus:{...this.#e.sectionStatus,[t]:"done"}})}failSection(t,i){this.#t({...this.#e,sectionError:{...this.#e.sectionError,[t]:i},sectionStatus:{...this.#e.sectionStatus,[t]:"error"}})}#t(t){this.#e=t;for(const i of this.#i)try{i()}catch{}}}var Bi=Object.defineProperty,vt=D((e,t)=>Bi(e,"name",{value:t,configurable:!0}),"r$1");const rt={error:0,warn:1},Li=vt(e=>!!e.acceptedRisk,"isAcknowledged"),bt=vt(e=>{const t=[];if(e.sections.has("dependencies")){for(const i of e.outdated)t.push({entry:i,id:`outdated:${i.packageName}`,kind:"outdated",section:"dependencies",severity:"warn",subtitle:`${i.currentRange} → ${i.newRange} (${i.updateType})`,title:i.packageName});for(const i of e.duplicates)t.push({id:`duplicate:${i.name}`,kind:"duplicate",pkg:i,section:"dependencies",severity:"warn",subtitle:`${String(i.versions.length)} versions installed`,title:i.name})}if(e.sections.has("security"))for(const i of e.outdated){if(i.vulnerabilities&&i.vulnerabilities.length>0){const s=i.vulnerabilities[0],o=Li(i)?"warn":"error",l=i.vulnerabilities.length;t.push({entry:i,id:`vuln:${i.packageName}`,kind:"vulnerability",packageName:i.packageName,section:"security",severity:o,subtitle:l===1?`${s.severity} · ${s.id}`:`${String(l)} advisories · top: ${s.severity} ${s.id}`,title:i.packageName})}if(i.socketReport&&i.socketReport.alerts.length>0){const s=Math.round(i.socketReport.score.overall*100);t.push({entry:i,id:`socket:${i.packageName}`,kind:"socket",packageName:i.packageName,section:"security",severity:"warn",subtitle:`${String(i.socketReport.alerts.length)} alert${i.socketReport.alerts.length===1?"":"s"} · score ${String(s)}%`,title:i.packageName})}}if(e.sections.has("optimization"))for(const i of e.optimizations)t.push({entry:i,id:`opt:${i.packageName}`,kind:"optimization",section:"optimization",severity:"warn",subtitle:`${i.category} → ${i.replacement}`,title:i.packageName});if(e.sections.has("runtime"))for(const i of e.runtime)i.status==="warn"&&t.push({diagnostic:i,id:`runtime:${i.id}`,kind:"runtime",section:"runtime",severity:"warn",title:i.message});return t.sort((i,s)=>{if(i.section!==s.section){const o=["dependencies","security","optimization","runtime"];return o.indexOf(i.section)-o.indexOf(s.section)}return rt[i.severity]-rt[s.severity]}),t},"flattenFindings"),St={dependencies:"Dependencies",optimization:"Optimization",runtime:"Runtime",security:"Security"};var _i=Object.defineProperty,Ui=D((e,t)=>_i(e,"name",{value:t,configurable:!0}),"i$2");const Vi={error:"red",warn:"yellow"},Hi={error:"✖",warn:"⚠"},Gi={error:" ERROR ",warn:" WARN "},Yi=Ui(({children:e,hint:t,message:i,severity:s,title:o})=>{const l=Vi[s];return a(h,{borderColor:l,borderStyle:"single",flexDirection:"column",flexShrink:0,paddingX:1,children:[a(h,{gap:1,children:[r(n,{backgroundColor:l,bold:!0,color:"black",children:Gi[s]}),r(n,{bold:!0,color:l,children:Hi[s]}),r(n,{bold:!0,wrap:"truncate-end",children:o})]}),r(n,{wrap:"truncate-end",children:i}),t?r(n,{dimColor:!0,wrap:"truncate-end",children:t}):null,e]})},"ConfigBanner");var Ki=Object.defineProperty,ie=D((e,t)=>Ki(e,"name",{value:t,configurable:!0}),"d");const Ji={CRITICAL:"red",HIGH:"red",LOW:"gray",MODERATE:"yellow",UNKNOWN:"gray"},qi={critical:"red",high:"red",low:"gray",medium:"yellow"},Xi={major:"red",minor:"yellow",patch:"green"},x=ie(({children:e,label:t,width:i=14})=>a(h,{children:[r(h,{width:i,children:a(n,{dimColor:!0,children:[t,":"]})}),typeof e=="string"?r(n,{children:e}):e]}),"FieldRow"),se=ie(({children:e})=>r(h,{marginTop:1,children:r(n,{bold:!0,color:"white",children:e})}),"SectionTitle"),Wi=ie(({finding:e})=>{const{entry:t}=e,i=Xi[t.updateType]??"white";return a(h,{flexDirection:"column",children:[r(x,{label:"Current",children:t.currentRange}),a(x,{label:"Target",children:[r(n,{children:t.newRange}),a(n,{bold:!0,color:i,children:[" (",t.updateType,")"]})]}),r(x,{label:"Catalog",children:t.catalogName}),t.acceptedRisk?r(x,{label:"Risk ack",children:r(n,{dimColor:!0,children:t.acceptedRisk.reason??"(no reason recorded)"})}):null,r(se,{children:"Action"}),a(n,{dimColor:!0,children:["Run"," ",r(n,{bold:!0,color:"white",children:"vis update"})," ","to apply this change."]})]})},"OutdatedDetail"),Qi=ie(({finding:e})=>a(h,{flexDirection:"column",children:[r(x,{label:"Versions",children:r(n,{children:String(e.pkg.versions.length)})}),r(se,{children:"Installed versions"}),e.pkg.versions.map(t=>a(n,{children:["  · ",t]},t)),r(se,{children:"Action"}),a(n,{dimColor:!0,children:["Run"," ",r(n,{bold:!0,color:"white",children:"vis dedupe"})," ","to consolidate to a single resolution."]})]}),"DuplicateDetail"),Zi=ie(({finding:e})=>{const t=e.entry.vulnerabilities??[];return a(h,{flexDirection:"column",children:[r(x,{label:"Package",children:e.packageName}),r(x,{label:"Current",children:e.entry.currentRange}),r(x,{label:"Advisories",children:String(t.length)}),e.entry.acceptedRisk?r(x,{label:"Risk ack",children:r(n,{dimColor:!0,children:e.entry.acceptedRisk.reason??"(no reason recorded)"})}):null,t.map(i=>{const s=Ji[i.severity]??"gray";return a(h,{flexDirection:"column",marginTop:1,children:[a(h,{children:[r(n,{bold:!0,color:s,children:i.severity}),r(n,{children:" "}),r(n,{children:i.id}),typeof i.cvssScore=="number"?a(n,{dimColor:!0,children:[" · CVSS ",i.cvssScore.toFixed(1)]}):null]}),r(n,{wrap:"wrap",children:i.summary}),i.fixedVersions.length>0?a(n,{dimColor:!0,children:["Fixed in: ",i.fixedVersions.join(", ")]}):null,i.aliases&&i.aliases.length>0?a(n,{dimColor:!0,children:["Aliases: ",i.aliases.join(", ")]}):null]},i.id)})]})},"VulnerabilityDetail"),er=ie(({finding:e})=>{const t=e.entry.socketReport;if(!t)return r(n,{dimColor:!0,children:"No Socket report attached."});const i=Math.round(t.score.overall*100),s=qe(t.score.overall);return a(h,{flexDirection:"column",children:[r(x,{label:"Package",children:e.packageName}),r(x,{label:"Overall",children:a(n,{color:s,children:[String(i),"%"]})}),r(x,{label:"Alerts",children:String(t.alerts.length)}),e.entry.acceptedRisk?r(x,{label:"Risk ack",children:r(n,{dimColor:!0,children:e.entry.acceptedRisk.reason??"(no reason recorded)"})}):null,r(se,{children:"Score breakdown"}),Object.entries(t.score).map(([o,l])=>{if(o==="overall")return null;const c=typeof l=="number"?l:0,p=Math.round(c*100),d=qe(c);return a(h,{children:[r(h,{width:14,children:a(n,{dimColor:!0,children:[o,":"]})}),a(n,{color:d,children:[String(p),"%"]})]},o)}),r(se,{children:"Alerts"}),t.alerts.map((o,l)=>{const c=qi[o.severity]??"gray";return a(h,{flexDirection:"column",marginBottom:1,children:[a(h,{children:[r(n,{bold:!0,color:c,children:o.severity}),r(n,{children:" "}),r(n,{children:o.type})]}),o.props?r(n,{dimColor:!0,wrap:"wrap",children:JSON.stringify(o.props)}):null]},`${o.type}-${String(l)}`)})]})},"SocketDetail"),tr=ie(({finding:e})=>{const{entry:t}=e;return a(h,{flexDirection:"column",children:[r(x,{label:"Package",children:t.packageName}),r(x,{label:"Category",children:t.category}),r(x,{label:"Replacement",children:t.replacement}),t.overrideSpec?r(x,{label:"Override",children:t.overrideSpec}):null,r(x,{label:"Codemod",children:r(n,{color:t.hasCodemod?"green":"gray",children:t.hasCodemod?"available":"not available"})}),t.docUrl?r(x,{label:"Guide",children:r(n,{color:"cyan",underline:!0,children:t.docUrl})}):null,r(se,{children:"Action"}),t.hasCodemod?a(n,{dimColor:!0,children:["Run"," ",r(n,{bold:!0,color:"white",children:"vis optimize"})," ","to apply the codemod interactively."]}):t.overrideSpec?a(n,{dimColor:!0,children:["Run"," ",r(n,{bold:!0,color:"white",children:"vis optimize"})," ","to install the package override."]}):t.docUrl?r(n,{dimColor:!0,children:"No automated codemod. Open the migration guide above for the recommended alternative and steps."}):r(n,{dimColor:!0,children:"No automated codemod. Consult the package's docs or the e18e module-replacements guide for an alternative."})]})},"OptimizationDetail"),ir=ie(({finding:e})=>{const{diagnostic:t}=e,i=t.status==="warn"?"yellow":t.status==="ok"?"green":"gray";return a(h,{flexDirection:"column",children:[r(x,{label:"Check",children:t.id}),r(x,{label:"Status",children:r(n,{color:i,children:t.status})}),r(se,{children:"Message"}),r(n,{wrap:"wrap",children:t.message}),t.detail&&Object.keys(t.detail).length>0?a(fi,{children:[r(se,{children:"Details"}),Object.entries(t.detail).map(([s,o])=>a(h,{children:[r(h,{width:20,children:a(n,{dimColor:!0,children:[s,":"]})}),r(n,{children:String(o)})]},s))]}):null]})},"RuntimeDetail"),rr=ie(({finding:e,focused:t,scrollRef:i})=>{const s=t?"white":"gray";if(!e)return r(h,{alignItems:"center",borderColor:"gray",borderStyle:"single",flexDirection:"column",flexGrow:1,justifyContent:"center",children:r(n,{dimColor:!0,children:"No finding selected"})});let o;switch(e.kind){case"duplicate":{o=r(Qi,{finding:e});break}case"optimization":{o=r(tr,{finding:e});break}case"outdated":{o=r(Wi,{finding:e});break}case"runtime":{o=r(ir,{finding:e});break}case"socket":{o=r(er,{finding:e});break}case"vulnerability":{o=r(Zi,{finding:e});break}default:{o=r(n,{dimColor:!0,children:"Unknown finding kind."});break}}return a(h,{borderColor:s,borderStyle:"single",flexDirection:"column",flexGrow:1,children:[a(h,{flexShrink:0,paddingTop:1,paddingX:2,children:[r(n,{bold:!0,color:"white",children:e.title}),a(n,{dimColor:!0,children:["  ",St[e.section]]})]}),a(Mt,{flexGrow:1,flexShrink:1,paddingX:2,ref:i,scrollbar:!0,scrollbarColor:"gray",scrollbarStyle:"block",children:[r(n,{}),o]})]})},"DoctorDetailPanel");var nr=Object.defineProperty,Ie=D((e,t)=>nr(e,"name",{value:t,configurable:!0}),"c$2");const $t={error:"red",warn:"yellow"},or={error:"✖",warn:"⚠"},sr=Ie(e=>e.kind==="outdated"||e.kind==="vulnerability"||e.kind==="socket"?!!e.entry.acceptedRisk:!1,"hasAcceptedRisk"),lr=Ie(({finding:e,isSelected:t})=>{const i=$t[e.severity],s=sr(e);return a(h,{flexShrink:0,height:1,children:[r(n,{children:t?">":" "}),a(n,{color:i,children:[" ",or[e.severity]," "]}),r(h,{flexGrow:1,children:r(n,{bold:t,inverse:t,wrap:"truncate",children:e.title})}),s?r(n,{color:"cyan",children:" ack"}):null,e.subtitle?a(n,{dimColor:!0,wrap:"truncate",children:[" ",e.subtitle]}):null]})},"FindingRow"),ar=Ie(({count:e,section:t})=>a(h,{flexShrink:0,height:1,marginTop:1,children:[r(n,{dimColor:!0,children:"▼ "}),r(n,{bold:!0,color:"white",children:St[t].toUpperCase()}),a(n,{dimColor:!0,children:[" (",e,")"]})]}),"SectionHeader"),cr=Ie(({count:e,label:t,status:i})=>a(n,{children:[t,i==="running"?a(n,{children:[" ",r(dt,{type:"dots"})]}):null,i==="error"?r(n,{bold:!0,color:"red",children:" ✖"}):a(n,{dimColor:!0,children:[" (",String(e),")"]})]}),"TabLabel"),dr=Ie(({elapsedMs:e,entries:t,filterActive:i,filterText:s,filterType:o,focused:l,fromCache:c=!1,grouped:p,onViewportHeightChange:d,scrollOffset:$,sectionCounts:R,sectionMessage:w,sectionStatus:A,selectedIndex:E,severityFilter:g,totalAll:I,viewportHeight:B})=>{const X=l?"white":"gray",{measuredHeight:L,ref:F}=mi(B,d);let P=0,_=0;for(const v of t)v.severity==="error"?P+=1:v.severity==="warn"&&(_+=1);const W=[];P>0&&W.push(`${String(P)} error${P===1?"":"s"}`),_>0&&W.push(`${String(_)} warn${_===1?"":"s"}`);const re=W.length>0?` (${W.join(", ")})`:"",Y=(e/1e3).toFixed(1),O=[];for(const[v,T]of p){O.push(r(ar,{count:T.length,section:v},`hdr-${v}`));for(const C of T){const H=t.indexOf(C);O.push(r(lr,{finding:C,isSelected:H===E},C.id))}}let V=0;for(const[,v]of p)V+=2+v.length;const K=V>L&&L>0;return a(h,{borderColor:X,borderStyle:"single",flexDirection:"column",flexGrow:1,children:[a(h,{flexShrink:0,gap:1,paddingX:1,children:[r(n,{bold:!0,inverse:!0,children:" DOCTOR "}),a(n,{wrap:"truncate",children:[t.length,t.length===I?"":`/${String(I)}`," finding",t.length===1?"":"s",re]}),g?r(n,{bold:!0,color:$t[g],inverse:!0,children:` ${g.toUpperCase()} ONLY `}):null,c?r(n,{bold:!0,color:"cyan",inverse:!0,children:" CACHED "}):null,a(n,{dimColor:!0,children:[" · ",Y,"s"]})]}),r(h,{flexShrink:0,paddingX:1,paddingY:1,children:r(zt,{isFocused:l,keyMap:{next:[],previous:[],useNumbers:!1,useTab:!1},onChange:D(()=>{},"onChange"),showIndex:!1,value:o,children:ye.map(({id:v,label:T})=>r(jt,{name:v,children:r(cr,{count:R[v],label:T,status:A[v]})},v))})}),(()=>{const v=Object.keys(A).filter(T=>A[T]==="running"&&w[T]).map(T=>w[T]);return v.length===0?null:r(h,{flexShrink:0,paddingX:1,children:a(n,{dimColor:!0,wrap:"truncate",children:[r(dt,{type:"dots"})," ",v.join(" · ")]})})})(),i&&a(h,{flexShrink:0,paddingX:1,children:[r(n,{bold:!0,color:"white",children:"/ "}),r(n,{children:s}),r(n,{inverse:!0,children:" "})]}),a(h,{flexDirection:"row",flexGrow:1,overflow:"hidden",ref:F,children:[r(h,{flexDirection:"column",flexGrow:1,overflow:"hidden",paddingLeft:1,children:r(h,{flexDirection:"column",marginTop:-$,children:O.length>0?O:r(h,{marginTop:1,children:r(n,{dimColor:!0,children:"No findings match the current filter."})})})}),K&&r(h,{flexShrink:0,marginLeft:1,marginRight:1,children:r(Et,{contentHeight:V,placement:"inset",scrollOffset:$,style:"block",viewportHeight:L})})]},`list-${o}-${s}`)]})},"DoctorListPanel");var ur=Object.defineProperty,je=D((e,t)=>ur(e,"name",{value:t,configurable:!0}),"g$1");const hr=je(e=>{if(e.kind==="outdated")return{command:`vis update ${e.entry.packageName}`,description:`Update ${e.entry.packageName} to ${e.entry.newRange}`};if(e.kind==="duplicate")return{command:`vis dedupe ${e.pkg.name}`,description:`Dedupe ${e.pkg.name} (${String(e.pkg.versions.length)} versions)`}},"buildUpdateAction"),pr=je(e=>{if(e.kind==="optimization")return{command:`vis optimize ${e.entry.packageName}`,description:`Replace ${e.entry.packageName} with ${e.entry.replacement}`}},"buildOptimizeAction"),gr=je(e=>{if(e.kind!=="outdated"&&e.kind!=="vulnerability"&&e.kind!=="socket")return;const t=e.kind==="outdated"?e.entry.packageName:e.packageName,i=["// Add to vis.config.ts:","security: {","    acceptedRisks: {",`        "${t}": {`,'            reason: "explain why this risk is acceptable",','            expiresAt: "YYYY-MM-DD",',"        },","    },","},"].join(`
+`);return{command:i,configSnippet:i,description:`Acknowledge risk for ${t}`}},"buildAckAction"),fr=100,mr=40,yr=10,kr=je(({autoExitSeconds:e=0,banner:t,fromCache:i=!1,startedAt:s,store:o})=>{const{exit:l}=Bt(),{columns:c,rows:p}=Lt(),d=Wt(o.subscribe,o.getSnapshot),[$,R]=xe(!1),[w,A]=xe(!1),[E,g]=xe(0),[I,B]=xe(()=>Date.now());Be(()=>{const y=setInterval(()=>{B(Date.now())},1e3);return()=>{clearInterval(y)}},[]);const X=I-s,L=We(null),F=We(null),P=d.entries[d.selectedIndex]??null,_=Pe(()=>{const y={dependencies:0,optimization:0,runtime:0,security:0};for(const m of d.all)y[m.section]+=1;return y},[d.all]),W=t?t.hint?5:4:0,re=Pe(()=>{for(const y of Object.keys(d.sectionStatus))if(d.sectionStatus[y]==="running"&&d.sectionMessage[y])return 1;return 0},[d.sectionStatus,d.sectionMessage]),Y=c>=fr,O=Y?Math.max(1,p-W-2):Math.floor(p*.55),V=Pe(()=>Math.max(1,O-6-re-(d.filterActive?1:0)),[O,re,d.filterActive]),[K,v]=xe(V),T=K>0?K:V,C=Pe(()=>{let y=0;for(const[,m]of d.grouped)y+=2+m.length;return y},[d.grouped]),H=Math.max(0,C-T);Be(()=>{g(y=>Math.min(y,H))},[H]);const de=Qe(y=>{let m=0,k=0;for(const[,$e]of d.grouped){m+=2;for(let le=0;le<$e.length;le++){if(k===y)return m;m+=1,k+=1}}return m},[d.grouped]),N=Qe(y=>{const m=de(y);g(k=>m>k+T-2?Math.min(H,Math.max(0,m-T+2)):m<k+1?Math.max(0,m-1):k)},[de,T,H]);if(Be(()=>{F.current?.scrollToTop()},[P?.id]),_t((y,m)=>{if(y==="c"&&m.ctrl){l();return}if(!w){if($){m.escape||y==="?"?R(!1):y==="q"?(R(!1),A(!0)):m.downArrow||y==="j"?L.current?.scrollBy(1):(m.upArrow||y==="k")&&L.current?.scrollBy(-1);return}if(y==="?"){R(!0);return}if(y==="q"){A(!0);return}if(m.tab){o.setFocusedPanel(d.focusedPanel==="list"?"detail":"list");return}if(d.filterActive){if(m.escape||m.return){o.setFilterActive(!1);return}if(m.backspace){g(0),o.setFilter(d.filterText.slice(0,-1));return}y&&!m.ctrl&&!m.meta&&(g(0),o.setFilter(d.filterText+y));return}if(d.focusedPanel==="list"&&(m.leftArrow||m.rightArrow)){const k=ye.findIndex(le=>le.id===d.filterType),$e=m.rightArrow?(k+1)%ye.length:(k-1+ye.length)%ye.length;g(0),F.current?.scrollToTop(),o.setFilterType(ye[$e].id);return}if(d.focusedPanel==="list"){if(m.downArrow||y==="j"){const k=Math.min(d.selectedIndex+1,d.entries.length-1);o.setSelectedIndex(k),N(k);return}if(m.upArrow||y==="k"){const k=Math.max(d.selectedIndex-1,0);o.setSelectedIndex(k),N(k);return}if(m.pageDown){const k=Math.min(d.selectedIndex+10,d.entries.length-1);o.setSelectedIndex(k),N(k);return}if(m.pageUp){const k=Math.max(d.selectedIndex-10,0);o.setSelectedIndex(k),N(k);return}if(m.home){o.setSelectedIndex(0),g(0);return}if(m.end){const k=d.entries.length-1;o.setSelectedIndex(k),N(k);return}if(y==="/"){o.setFilterActive(!0);return}if(y==="e"){o.setSeverityFilter(d.severityFilter==="error"?void 0:"error"),g(0);return}if(y==="w"){o.setSeverityFilter(d.severityFilter==="warn"?void 0:"warn"),g(0);return}if(y==="u"&&P){const k=hr(P);k&&(o.setPendingAction(k),l());return}if(y==="o"&&P){const k=pr(P);k&&(o.setPendingAction(k),l());return}if(y==="a"&&P){const k=gr(P);k&&(o.setPendingAction(k),l());return}if(y==="d"){o.setFocusedPanel("detail");return}return}if(m.escape||m.leftArrow){o.setFocusedPanel("list");return}if(m.downArrow||y==="j"){F.current?.scrollBy(1);return}if(m.upArrow||y==="k"){F.current?.scrollBy(-1);return}if(m.pageDown){F.current?.scrollBy(10);return}if(m.pageUp){F.current?.scrollBy(-10);return}if(m.home){F.current?.scrollToTop();return}m.end&&F.current?.scrollToBottom()}},{isActive:!0}),c<mr||p<yr)return r(h,{alignItems:"center",height:p,justifyContent:"center",width:c,children:a(n,{color:"yellow",children:["Terminal too small (",c,"x",p,")"]})});const Q=d.focusedPanel==="detail",ee=[a(h,{gap:1,children:[r(n,{bold:!0,color:"white",children:"q"}),r(n,{dimColor:!0,children:"QUIT"})]},"q"),a(h,{gap:1,children:[r(n,{bold:!0,color:"white",children:"?"}),r(n,{dimColor:!0,children:"HELP"})]},"?"),a(h,{gap:1,children:[r(n,{bold:!0,color:"white",children:"↑↓"}),r(n,{dimColor:!0,children:Q?"SCROLL":"NAV"})]},"nav"),Q?a(h,{gap:1,children:[r(n,{bold:!0,color:"white",children:"←/Esc"}),r(n,{dimColor:!0,children:"LIST"})]},"lr"):a(h,{gap:1,children:[r(n,{bold:!0,color:"white",children:"←→"}),r(n,{dimColor:!0,children:"SECTION"})]},"lr"),a(h,{gap:1,children:[r(n,{bold:!0,color:"white",children:"/"}),r(n,{dimColor:!0,children:"SEARCH"})]},"search"),a(h,{gap:1,children:[r(n,{bold:!0,color:"white",children:"e/w"}),r(n,{dimColor:!0,children:"SEVERITY"})]},"sev"),a(h,{gap:1,children:[r(n,{bold:!0,color:"white",children:"u/o/a"}),r(n,{dimColor:!0,children:"ACTION"})]},"actions"),a(h,{gap:1,children:[r(n,{bold:!0,color:"white",children:"Tab"}),r(n,{dimColor:!0,children:"PANEL"})]},"tab")],ue=r(h,{borderBottom:!1,borderColor:"gray",borderLeft:!1,borderRight:!1,borderStyle:"single",flexShrink:0,children:r(h,{gap:2,overflow:"hidden",paddingX:1,children:ee})}),he=a(Ut,{footer:a(n,{dimColor:!0,children:[r(n,{bold:!0,color:"white",children:"↑↓"})," scroll  ",r(n,{bold:!0,color:"white",children:"?"}),"/",r(n,{bold:!0,color:"white",children:"Esc"})," close"]}),scrollRef:L,title:"DOCTOR — KEYBOARD SHORTCUTS",visible:$,width:56,children:[a(h,{flexDirection:"column",marginBottom:1,children:[a(h,{marginBottom:1,children:[r(n,{dimColor:!0,children:"── "}),r(n,{bold:!0,color:"white",children:"NAVIGATION"})]}),a(h,{children:[r(h,{width:26,children:a(n,{children:[r(n,{bold:!0,color:"white",children:" ↑/k  "}),r(n,{dimColor:!0,children:"Move up"})]})}),a(n,{children:[r(n,{bold:!0,color:"white",children:" ↓/j  "}),r(n,{dimColor:!0,children:"Move down"})]})]}),a(h,{children:[r(h,{width:26,children:a(n,{children:[r(n,{bold:!0,color:"white",children:" PgUp"}),r(n,{dimColor:!0,children:" Jump up 10"})]})}),a(n,{children:[r(n,{bold:!0,color:"white",children:" PgDn"}),r(n,{dimColor:!0,children:" Jump down 10"})]})]}),a(h,{children:[r(h,{width:26,children:a(n,{children:[r(n,{bold:!0,color:"white",children:" Home"}),r(n,{dimColor:!0,children:" Jump to top"})]})}),a(n,{children:[r(n,{bold:!0,color:"white",children:" End"}),r(n,{dimColor:!0,children:" Jump to bottom"})]})]}),a(n,{children:[r(n,{bold:!0,color:"white",children:" Tab"}),r(n,{dimColor:!0,children:" Switch panel"})]}),a(n,{children:[r(n,{bold:!0,color:"white",children:" →/←"}),r(n,{dimColor:!0,children:" Section tabs (list) / Focus list (detail)"})]})]}),a(h,{flexDirection:"column",marginBottom:1,children:[a(h,{marginBottom:1,children:[r(n,{dimColor:!0,children:"── "}),r(n,{bold:!0,color:"white",children:"FILTER"})]}),a(n,{children:[r(n,{bold:!0,color:"white",children:" /"}),r(n,{dimColor:!0,children:" Open text filter (Esc/Enter to close)"})]}),a(n,{children:[r(n,{bold:!0,color:"white",children:" e"}),r(n,{dimColor:!0,children:" Toggle errors-only filter"})]}),a(n,{children:[r(n,{bold:!0,color:"white",children:" w"}),r(n,{dimColor:!0,children:" Toggle warns-only filter"})]})]}),a(h,{flexDirection:"column",marginBottom:1,children:[a(h,{marginBottom:1,children:[r(n,{dimColor:!0,children:"── "}),r(n,{bold:!0,color:"white",children:"ACTIONS"})]}),a(n,{children:[r(n,{bold:!0,color:"white",children:" u"}),r(n,{dimColor:!0,children:" Exit + suggest update / dedupe command"})]}),a(n,{children:[r(n,{bold:!0,color:"white",children:" o"}),r(n,{dimColor:!0,children:" Exit + suggest optimize command"})]}),a(n,{children:[r(n,{bold:!0,color:"white",children:" a"}),r(n,{dimColor:!0,children:" Exit + print risk-ack snippet"})]}),a(n,{children:[r(n,{bold:!0,color:"white",children:" d"}),r(n,{dimColor:!0,children:" Focus detail panel"})]})]}),a(h,{flexDirection:"column",children:[a(h,{marginBottom:1,children:[r(n,{dimColor:!0,children:"── "}),r(n,{bold:!0,color:"white",children:"EXIT"})]}),a(n,{children:[r(n,{bold:!0,color:"white",children:" q"}),r(n,{dimColor:!0,children:" Quit (with countdown)"})]}),a(n,{children:[r(n,{bold:!0,color:"white",children:" Ctrl+C"}),r(n,{dimColor:!0,children:" Quit immediately"})]})]})]}),pe=r(dr,{elapsedMs:X,entries:d.entries,filterActive:d.filterActive,filterText:d.filterText,filterType:d.filterType,focused:d.focusedPanel==="list",fromCache:i,grouped:d.grouped,onViewportHeightChange:v,scrollOffset:E,sectionCounts:_,sectionMessage:d.sectionMessage,sectionStatus:d.sectionStatus,selectedIndex:d.selectedIndex,severityFilter:d.severityFilter,totalAll:d.all.length,viewportHeight:T}),ge=t?r(Yi,{hint:t.hint,message:t.message,severity:t.severity,title:t.title}):null,Se=r(rr,{finding:P,focused:d.focusedPanel==="detail",scrollRef:F});if(Y){const y=Math.floor(c*.4);return a(h,{flexDirection:"column",height:p,width:c,children:[ge,a(h,{flexDirection:"row",flexGrow:1,children:[r(h,{flexGrow:1,children:pe}),r(h,{width:y,children:Se})]}),ue,r(Xe,{autoExitSeconds:e||3,onCancel:D(()=>{A(!1)},"onCancel"),visible:w}),he]})}return a(h,{flexDirection:"column",height:p,width:c,children:[ge,r(h,{height:O,children:pe}),r(h,{flexGrow:1,children:Se}),ue,r(Xe,{autoExitSeconds:e||3,onCancel:D(()=>{A(!1)},"onCancel"),visible:w}),he]})},"VisDoctorApp");var wr=Object.defineProperty,ve=D((e,t)=>wr(e,"name",{value:t,configurable:!0}),"n");const vr=ve(e=>e.replaceAll(/[$()+.?[\\\]^{|}]/g,String.raw`\$&`),"escapeRegex"),br=ve(e=>{const t=e.split("*").map(i=>vr(i));return new RegExp(`^${t.join(".*")}$`,"i")},"compilePattern"),Sr=ve(e=>e?e.split(",").map(t=>t.trim()).filter(t=>t.length>0).map(t=>br(t)):[],"parseFilterPatterns"),Ne=ve((e,t)=>{for(const i of t)if(i.test(e))return!0;return!1},"matchesAny"),$r=ve((e,t)=>{if(t.length===0)return e;const i=e.outdated.filter(d=>Ne(d.packageName,t)),s=e.duplicates.filter(d=>Ne(d.name,t)),o=e.optimizations.filter(d=>Ne(d.packageName,t));let l=0,c=0,p=0;for(const d of i)d.vulnerabilities&&(l+=d.vulnerabilities.length),d.socketReport&&(c+=d.socketReport.alerts.length,d.socketReport.score.overall<Le&&(p+=1));return{...e,duplicates:s,optimizations:o,outdated:i,socketIssues:{alerts:c,lowScore:p},vulnCount:l}},"applyFilter"),Ct=ve((e,t)=>t.length===0?[...e]:e.filter(i=>{if(i.kind==="runtime")return!0;const s=i.kind==="duplicate"?i.pkg.name:i.kind==="outdated"||i.kind==="optimization"?i.entry.packageName:i.packageName;return Ne(s,t)}),"filterFindingsByPattern");var Cr=Object.defineProperty,be=D((e,t)=>Cr(e,"name",{value:t,configurable:!0}),"r");const xt=["dependencies","security","optimization","runtime"],nt=be(e=>{const t=new Set;if(!e)return t;for(const i of e.split(",")){const s=i.trim().toLowerCase();xt.includes(s)&&t.add(s)}return t},"parseSectionList"),xr=be((e,t)=>{if(e!==void 0&&e!=="")return nt(e);const i=nt(t);return new Set(xt.filter(s=>!i.has(s)))},"resolveSections"),Rt=be(e=>{const t={micro:0,native:0,preferred:0,socket:0,total:e.length};for(const i of e)switch(i.category){case"micro-utility":{t.micro+=1;break}case"native":{t.native+=1;break}case"preferred":{t.preferred+=1;break}case"socket":{t.socket+=1;break}}return t},"summarizeOptimizations"),oe=be((e,t)=>{if(!e.sections.has(t))return"skip";switch(t){case"dependencies":return e.outdated.length>0||e.duplicates.length>0?"warn":"ok";case"optimization":return e.optimizations.length>0?"warn":"ok";case"runtime":return e.runtime.some(i=>i.status==="warn")?"warn":"ok";case"security":return e.vulnCount>0||e.socketIssues.alerts>0?"error":e.socketIssues.lowScore>0?"warn":"ok";default:return"ok"}},"sectionStatus"),Rr=be((e,t)=>{const i=Rt(e.optimizations),s={dependencies:oe(e,"dependencies"),optimization:oe(e,"optimization"),runtime:oe(e,"runtime"),security:oe(e,"security")},o=new Set([...Object.values(s),e.supplyChain.status]),l=o.has("error")?"error":o.has("warn")?"warn":"ok";return{dependencies:{duplicates:e.duplicates.length,installed:e.installedCount,outdated:e.outdated.length,status:s.dependencies},elapsedMs:e.elapsedMs,optimizations:{microUtilities:i.micro,native:i.native,preferred:i.preferred,socket:i.socket,status:s.optimization,total:i.total},packageManager:t,runtime:e.runtime.map(c=>({detail:c.detail,id:c.id,message:c.message,status:c.status})),runtimeStatus:s.runtime,security:{alerts:e.socketIssues.alerts,lowScorePackages:e.socketIssues.lowScore,status:s.security,vulnerabilities:e.vulnCount},status:l,supplyChain:{findings:e.supplyChain.findings.map(c=>({detail:c.detail,label:c.label,severity:c.severity})),status:e.supplyChain.status},workspaces:e.workspaceCount}},"buildJsonPayload"),ot=be((e,t)=>{const i=e.runtime.some(o=>o.status==="warn"),s=e.vulnCount>0||e.socketIssues.alerts>0;return t?s||e.outdated.length>0||e.duplicates.length>0||i:s},"shouldFail");var Tr=Object.defineProperty,Ve=D((e,t)=>Tr(e,"name",{value:t,configurable:!0}),"i");const Ar=/^(@[\w./-]+\/[\w./-]+|[\w.-]+)@(.+)$/,Ir=Ve(e=>{const t=Ar.exec(e);if(t)return{name:t[1],version:t[2]}},"parsePatchKey"),Pr=Ve((e,t)=>{let i;try{if(t==="pnpm"){const o=te(e,"pnpm-workspace.yaml");Fe(o)&&(i=yi(o)?.patchedDependencies)}else if(t==="bun"){const o=te(e,"package.json");Fe(o)&&(i=gt(o)?.patchedDependencies)}}catch{return[]}if(!i||typeof i!="object")return[];const s=[];for(const[o,l]of Object.entries(i)){if(typeof l!="string"||l.length===0)continue;const c=Ir(o);c&&s.push({name:c.name,patchFile:l,resolvedPatchFile:Ft(l)?l:ct(e,l),version:c.version})}return s},"readPatchedDependencies"),Dr=Ve(e=>{const t=[];for(const i of e)Fe(i.resolvedPatchFile)||t.push({entry:i,kind:"missing-file"});return t},"findPatchIssues");var Or=Object.defineProperty,Tt=D((e,t)=>Or(e,"name",{value:t,configurable:!0}),"a");const st=Tt(e=>e.some(t=>t.severity==="error")?"error":e.some(t=>t.severity==="warn")?"warn":"ok","rollUpStatus"),Nr=Tt((e,t={})=>{const i=[],s=e?.security;if(!s)return i.push({detail:"Use defineConfig() from '@visulima/vis/config' to apply secure defaults.",label:"No security config — running with the PM's native defaults",severity:"warn"}),{findings:i,status:st(i)};s.minimumReleaseAge===void 0?i.push({detail:"Set security.minimumReleaseAge to block packages published in the last N minutes (mitigates supply-chain attacks).",label:"minimumReleaseAge is not set",severity:"warn"}):s.minimumReleaseAge===0?i.push({detail:"New packages can be installed immediately after publishing. Consider setting a non-zero cooldown.",label:"minimumReleaseAge is explicitly 0",severity:"warn"}):i.push({label:`minimumReleaseAge: ${String(s.minimumReleaseAge)} minutes`,severity:"ok"}),s.trustPolicy===void 0||s.trustPolicy==="off"?i.push({detail:"Packages whose trust level has decreased will not be blocked. Consider 'no-downgrade'.",label:`trustPolicy: ${s.trustPolicy??"not set"}`,severity:"warn"}):i.push({label:`trustPolicy: ${s.trustPolicy}`,severity:"ok"}),s.blockExoticSubdeps===void 0||!s.blockExoticSubdeps?i.push({detail:"Transitive dependencies can pull code from git repos or tarball URLs. Set to true to block.",label:`blockExoticSubdeps: ${String(s.blockExoticSubdeps??!1)}`,severity:"warn"}):i.push({label:"blockExoticSubdeps: true",severity:"ok"});const o=s.allowBuilds?Object.keys(s.allowBuilds).length:0;if(o===0?i.push({detail:"Lifecycle scripts are blocked by default. List trusted packages here to opt them back in (e.g. esbuild, @prisma/client).",label:"allowBuilds: not configured",severity:"warn"}):i.push({label:`allowBuilds: ${String(o)} ${o===1?"entry":"entries"}`,severity:"ok"}),s.strictDepBuilds&&o===0&&i.push({detail:"All dependencies with build scripts will be blocked. Run 'vis approve-builds' to populate allowBuilds.",label:"strictDepBuilds is on but allowBuilds is empty",severity:"error"}),t.workspaceRoot){const l=ki(t.workspaceRoot);if(l.length>0){const c=[...new Set(l.map(p=>p.tool))].sort((p,d)=>p.localeCompare(d)).join(", ");i.push({detail:"Run `vis migrate verify` for the full list, then re-run `vis migrate <tool>` to clean up.",label:`${String(l.length)} leftover ${l.length===1?"reference":"references"} to ${c}`,severity:"warn"})}}if(t.workspaceRoot&&t.packageManager){const l=Pr(t.workspaceRoot,t.packageManager);if(l.length>0){const c=Dr(l);if(c.length===0)i.push({label:`patchedDependencies: ${String(l.length)} ${l.length===1?"entry":"entries"} resolved`,severity:"ok"});else for(const p of c)i.push({detail:`Referenced from ${t.packageManager==="pnpm"?"pnpm-workspace.yaml":"package.json"} but the file is not present at ${p.entry.patchFile}.`,label:`patchedDependencies: missing patch file for ${p.entry.name}@${p.entry.version}`,severity:"error"})}}return{findings:i,status:st(i)}},"buildSupplyChainPosture");var Fr=Object.defineProperty,S=D((e,t)=>Fr(e,"name",{value:t,configurable:!0}),"u");const G=S(e=>e>=1e3?`${(e/1e3).toFixed(1)}s`:`${String(Math.round(e))}ms`,"fmtDuration"),De=S(async(e,t,i,s)=>{if(!e)return i();e.start(t);const o=Date.now();try{const l=await i(),c=Date.now()-o,{status:p,summary:d}=s(l,c);return e.finish(t,p,d),l}catch(l){const c=Date.now()-o,p=l instanceof Error?l.message:String(l);throw e.finish(t,"error",`${p} (${G(c)})`),l}},"tracked"),Mr=S((e,t)=>{const i={duplicates:t.duplicates,elapsedMs:0,installedCount:0,optimizations:t.optimizations,outdated:t.outdated,runtime:t.runtime,sections:new Set([e]),socketIssues:{alerts:0,lowScore:0},supplyChain:{findings:[],status:"ok"},vulnCount:0,workspaceCount:0};return bt(i)},"buildSectionFindings"),lt=S(async e=>{const{filterPatterns:t,installed:i,progress:s,resolveCodemods:o,sections:l,store:c,visConfig:p,workspaceRoot:d}=e,$=l.has("dependencies"),R=l.has("security"),w=l.has("optimization"),A=l.has("runtime"),E=S((f,M)=>Ct(Mr(f,M),t),"sectionFindings"),g=ut(d),{packageManager:I}=at(d),B=et(te(d,"package.json"),!1),X=ft(d),L=new Set(B);for(const f of X){const M=et(te(ct(d,f),"package.json"),!1);for(const z of M)L.add(z)}const F=Ht(d),P=ht(d,I),_=pt(p?.security?.socket),W=p?.security?.socket?.acceptedRisks,re=oi(d,g.name),Y={exclude:[],ignore:[],include:[],includeLocked:!1,includePrerelease:!1,security:!0,target:"latest"},O=$?hi(d,g.name):[],V=w?si(L):[],K=w?li(L,re,g,!1):[],v=new Set(V.map(f=>f.packageName)),T=K.filter(f=>!v.has(f.packageName)),C=[...V,...T],H=A?zi():[];c&&($&&c.startSection("dependencies",P.size>0?"checking outdated catalog dependencies":"scanning duplicates"),R&&c.startSection("security",i.length>0?`scanning ${String(i.length)} packages for advisories`:"no installed packages to scan"),w&&c.startSection("optimization","matching e18e + socket overrides"),A&&c.startSection("runtime","running runtime diagnostics")),c&&A&&c.completeSection("runtime",E("runtime",{duplicates:[],optimizations:[],outdated:[],runtime:H}));const de=($||R)&&P.size>0?De(s,"outdated",()=>Gt(P,Y,F,void 0,d,_,W),(f,M)=>{const z=f.outdated.length;return{status:z>0?"warn":"ok",summary:z>0?`${String(z)} outdated · ${G(M)}`:`up to date · ${G(M)}`}}):Promise.resolve({failed:[],ignored:[],outdated:[]}),N=R&&i.length>0?De(s,"vulnerabilities",()=>Yt(i.map(f=>({name:f.name,version:f.version}))),(f,M)=>{let z=0;for(const ne of f.values())z+=ne.length;return{status:z>0?"error":"ok",summary:z>0?`${String(z)} found · ${G(M)}`:`none found · ${G(M)}`}}):Promise.resolve(new Map),Q=R&&_&&i.length>0?De(s,"socket",()=>Kt(i.map(f=>({name:f.name,version:f.version})),_),(f,M)=>{let z=0,ne=0;for(const Je of f.values())z+=Je.alerts.length,Je.score.overall<Le&&(ne+=1);const Ke=z+ne;return{status:Ke>0?"warn":"ok",summary:Ke>0?`${String(z)} alert${z===1?"":"s"}, ${String(ne)} low-score · ${G(M)}`:`clean · ${G(M)}`}}):Promise.resolve(new Map);let ee,ue,he,pe;const ge=de.catch(f=>(ee=f instanceof Error?f.message:String(f),c||u.warn(`Outdated scan failed: ${ee}`),{failed:[],ignored:[],outdated:[]})),Se=N.catch(f=>(ue=f instanceof Error?f.message:String(f),c||u.warn(`Vulnerability scan failed: ${ue}`),new Map)),y=Q.catch(f=>(he=f instanceof Error?f.message:String(f),c||u.warn(`Socket scan failed: ${he}`),new Map)),m=c&&$?ge.then(f=>{if(ee){c.failSection("dependencies",ee);return}c.completeSection("dependencies",E("dependencies",{duplicates:O,optimizations:[],outdated:f.outdated,runtime:[]}))}):void 0,k=c&&R?Promise.all([ge,Se,y]).then(([f])=>{const M=ee??ue??he;if(M){c.failSection("security",M);return}c.completeSection("security",E("security",{duplicates:[],optimizations:[],outdated:f.outdated,runtime:[]}))}):void 0,$e=(async()=>{if(o&&w&&C.length>0&&await De(s,"codemods",async()=>(await ai(C),C),(f,M)=>{const z=f.filter(ne=>ne.hasCodemod||ne.category==="socket").length;return{status:"ok",summary:`${String(z)} auto-fixable · ${G(M)}`}}).catch(f=>{pe=f instanceof Error?f.message:String(f)}),c&&w){if(pe){c.failSection("optimization",pe);return}c.completeSection("optimization",E("optimization",{duplicates:[],optimizations:C,outdated:[],runtime:[]}))}})(),[le,It,Pt]=await Promise.all([ge,Se,y]);await Promise.all([m,k,$e]);let Ge=0,Ye=0;if(R&&_)for(const f of Pt.values())Ge+=f.alerts.length,f.score.overall<Le&&(Ye+=1);let Ee=0;if(R){for(const f of le.outdated)f.vulnerabilities&&f.vulnerabilities.length>0&&(Ee+=f.vulnerabilities.length);for(const f of It.values())Ee+=f.length}return{duplicates:O,installedCount:i.length,optimizations:w?C:[],outdated:$?le.outdated:[],runtime:H,sections:l,socketIssues:{alerts:Ge,lowScore:Ye},supplyChain:Nr(p,{packageManager:I,workspaceRoot:d}),vulnCount:Ee,workspaceCount:X.length}},"streamScans"),zr=S(e=>{switch(e){case"error":return Re(j.failure);case"skip":return b(j.dash);case"warn":return ze(j.warning);default:return we(j.success)}},"sectionIcon"),ce=S((e,t)=>{const i=process.stderr.columns??80,s=Math.max(20,Math.min(i-2,60)),o=j.dash.repeat(2),l=`${zr(t)} ${ae(e)}`,c=l.replaceAll(/\[[0-9;]*m/g,"").length,p=Math.max(0,s-c-o.length-2);return`${o} ${l} ${b(j.dash.repeat(p))}`},"heading"),q=S(e=>`  ${we(j.success)} ${e}`,"itemOk"),Z=S(e=>`  ${ze(j.warning)} ${e}`,"itemWarn"),He=S(e=>`  ${Re(j.failure)} ${e}`,"itemError"),At=S(e=>`  ${b(j.dash)} ${b(e)}`,"itemSkip"),J=S((e,t,i)=>{const s=`${ae(String(e))} ${b(t)}`;return i?`${s} ${b(`(${i})`)}`:s},"countLine"),jr=S(e=>{if(e.sections.has("dependencies")){if(u.log(""),u.log(ce("Dependencies",oe(e,"dependencies"))),u.log(q(J(e.installedCount,"packages installed"))),e.outdated.length>0){const t=e.outdated.filter(l=>l.updateType==="major").length,i=e.outdated.filter(l=>l.updateType==="minor").length,s=e.outdated.filter(l=>l.updateType==="patch").length,o=[];t>0&&o.push(`${String(t)} major`),i>0&&o.push(`${String(i)} minor`),s>0&&o.push(`${String(s)} patch`),u.log(Z(J(e.outdated.length,"outdated",o.join(", "))))}else u.log(q("All dependencies up to date"));e.duplicates.length>0?u.log(Z(J(e.duplicates.length,"packages with duplicate versions"))):u.log(q("No duplicate dependencies"))}},"displayDependencies"),Er=S(e=>{e.sections.has("security")&&(u.log(""),u.log(ce("Security",oe(e,"security"))),e.vulnCount>0?u.log(He(J(e.vulnCount,`vulnerabilit${e.vulnCount===1?"y":"ies"} found`))):u.log(q("No known vulnerabilities")),e.socketIssues.alerts>0&&u.log(Z(J(e.socketIssues.alerts,`Socket.dev security alert${e.socketIssues.alerts===1?"":"s"}`))),e.socketIssues.lowScore>0&&u.log(Z(J(e.socketIssues.lowScore,`package${e.socketIssues.lowScore===1?"":"s"} with low security score`))),e.socketIssues.alerts===0&&e.socketIssues.lowScore===0&&e.vulnCount===0&&u.log(q("No security issues detected")))},"displaySecurity"),Br=S(e=>{if(!e.sections.has("optimization"))return;u.log(""),u.log(ce("Optimization",oe(e,"optimization")));const t=Rt(e.optimizations);if(t.total===0){u.log(q("No optimizations available"));return}t.native>0&&u.log(Z(J(t.native,"replaceable with native APIs"))),t.preferred>0&&u.log(Z(J(t.preferred,"with lighter alternatives"))),t.micro>0&&u.log(Z(J(t.micro,"trivial micro-utilities"))),t.socket>0&&u.log(Z(J(t.socket,"@socketregistry overrides available")))},"displayOptimization"),Lr=S(e=>{u.log(""),u.log(ce("Supply Chain",e.supplyChain.status));for(const t of e.supplyChain.findings){const i=t.severity==="ok"?q(t.label):t.severity==="error"?He(t.label):Z(t.label);u.log(i),t.detail&&u.log(`  ${b(j.arrow)} ${b(t.detail)}`)}e.supplyChain.status!=="ok"&&u.log(`  ${b(j.arrow)} ${b("Configure with security.* in vis.config.ts. See `vis check --security-config` for details.")}`)},"displaySupplyChain"),_r=S(e=>{if(e.sections.has("runtime")){u.log(""),u.log(ce("Runtime",oe(e,"runtime")));for(const t of e.runtime)t.status==="ok"?u.log(q(t.message)):t.status==="skip"?u.log(At(t.message)):u.log(Z(t.message))}},"displayRuntime"),Ur=S((e,t)=>{const i=e.vulnCount,s=e.runtime.filter(l=>l.status==="warn").length,o=e.outdated.length+e.duplicates.length+e.optimizations.length+s;if(t){if(i===0&&o===0)u.success(`Everything looks good! ${b(`(${G(e.elapsedMs)})`)}`);else{const l=[];i>0&&l.push(Re(`${String(i)} security`)),o>0&&l.push(ze(`${String(o)} improvement${o===1?"":"s"}`)),u.log(`${Re(j.failure)} ${l.join(", ")} ${b(`(${G(e.elapsedMs)})`)}`)}return}u.log(""),u.log(ce("Summary","ok")),i===0&&o===0?u.success(`Everything looks good! ${b(`(${G(e.elapsedMs)})`)}`):(i>0&&u.error(`${String(i)} security issue${i===1?"":"s"}`),o>0&&u.log(`  ${Te(j.arrow)} ${ae(String(o))} ${b(`improvement${o===1?"":"s"} available`)} ${b(`(${G(e.elapsedMs)})`)}`))},"displaySummary"),Vr=S(e=>{const t=[];if(e.outdated.length>0&&t.push("vis update     — update outdated dependencies"),(e.vulnCount>0||e.socketIssues.alerts>0)&&t.push("vis audit      — detailed security analysis"),e.optimizations.length>0&&t.push("vis optimize   — apply optimizations interactively"),e.duplicates.length>0&&t.push("vis dedupe     — reduce duplicate versions"),t.length>0){u.log(""),u.log(ae("Next steps:"));for(const i of t)u.log(`  ${b(j.arrow)} ${i}`)}u.log("")},"displayActions"),Hr=S((e,t)=>{t||(jr(e),Er(e),Br(e),_r(e),Lr(e)),Ur(e,t)},"displayResults"),Gr=S((e,t,i,s,o)=>{const l=[],c=e.has("dependencies"),p=e.has("security"),d=e.has("optimization");return(c||p)&&t>0&&l.push({id:"outdated",label:"Outdated catalog dependencies"}),p&&s>0&&l.push({id:"vulnerabilities",label:"Known vulnerabilities (OSV)"}),p&&i&&s>0&&l.push({id:"socket",label:"Socket.dev supply-chain reports"}),d&&o&&l.push({id:"codemods",label:"Codemod availability"}),l},"planScanTasks"),Yr=S(e=>{if(u.log(""),u.log(`${ae(Te("vis doctor"))} ${b("— project health check")}`),u.log(q(`Detected ${e.packageManagerName} v${e.packageManagerVersion}`)),e.workspaceCount!==void 0&&e.workspaceCount>0&&u.log(q(J(e.workspaceCount,`workspace package${e.workspaceCount===1?"":"s"}`))),e.runtimeFindings.length===0)u.log(q(`Node.js ${e.nodeVersion}`));else{for(const t of e.runtimeFindings){const i=t.severity==="error"?Re:ze;u.log(He(`Runtime: ${i(t.message)}`))}u.log(`  ${b(j.arrow)} Run ${we("vis toolchain install")} to install pinned versions, or ${we("vis toolchain status")} for the per-tool breakdown.`)}u.log("")},"printBanner"),pn=S(async({logger:e,options:t,visConfig:i,visConfigError:s,workspaceRoot:o})=>{if(!o)throw new Error("Could not determine workspace root.");const l=t.format==="json"||t.json===!0,c=xr(t.only,t.skip),p=!!t.quiet,d=!!t.noProgress,$=Sr(t.filter);if(c.size===0){u.error("No sections selected. Check your --only / --skip values."),process.exitCode=2;return}const R=Date.now(),w=ut(o),A=ui(o),E=!!process.stdout.isTTY,g=!l&&E&&!Jt&&!p&&!d;!l&&!g&&Yr({nodeVersion:process.versions.node,packageManagerName:w.name,packageManagerVersion:w.version,runtimeFindings:A,workspaceCount:void 0});const I=ht(o,at(o).packageManager),B=pi(o,w.name),X=B.length,L=!!pt(i?.security?.socket),F=ft(o);if(!l&&!p&&!g){const N=F.length>0?b(` · ${String(F.length)} workspace package${F.length===1?"":"s"}`):"";u.log(`${b("·")} ${b("Found")} ${ae(String(X))} ${b(`installed package${X===1?"":"s"}`)}${N}`)}const P=s?{hint:s.file?`Continuing with default settings — fix or regenerate ${s.file} (vis init --force).`:"Continuing with default settings.",message:s.message,severity:"error",title:s.file?`Failed to load ${s.file}`:"Failed to load vis.config"}:void 0,_={bun:"bun.lock",npm:"package-lock.json",pnpm:"pnpm-lock.yaml",yarn:"yarn.lock"}[w.name],W=_?te(o,_):void 0,re=ni(o),Y=!t.noCache&&!t.fix?Si({configPath:re,lockfilePath:W,sections:c,socketEnabled:L,workspaceRoot:o}):void 0,O=Y?$i(Y):void 0,V=O!==void 0;let K,v;if(g){const N=O?new it({activeSections:c,findings:Ct(bt(O),$)}):new it({activeSections:c}),Q=Vt(Xt.createElement(kr,{banner:P,fromCache:V,startedAt:R,store:N}),{alternateScreen:!0,exitOnCtrlC:!1,interactive:!0,patchConsole:!0});try{K=O??await lt({filterPatterns:$,installed:B,resolveCodemods:!!t.fix,sections:c,store:N,visConfig:i,workspaceRoot:o})}catch(ee){throw Q.unmount(),ee}await Q.waitUntilExit(),v=N.getSnapshot().pendingAction}else if(O)K=O;else{const N=Gr(c,I.size,L,X,!!t.fix),Q=gi(N,{live:!l&&!p&&!d});try{K=await lt({filterPatterns:$,installed:B,progress:Q,resolveCodemods:!!t.fix,sections:c,visConfig:i,workspaceRoot:o})}finally{Q.stop()}}const T={...K,elapsedMs:Date.now()-R};if(Y&&!V)try{Ci(Y,T)}catch{}const C=$r(T,$);if(l){process.stdout.write(`${JSON.stringify(Rr(C,w.name),void 0,2)}
+`),t.exitCode&&ot(C,!!t.strict)&&(process.exitCode=1);return}V&&!p&&u.log(`${b("·")} Cached results (use --no-cache to refresh)`),$.length>0&&!p&&u.log(`${b("·")} Filter active: ${Te(t.filter??"")}`),Hr(C,p);const H=C.runtime.some(N=>N.id===Oe&&N.status==="warn"),de=C.sections.has("optimization")&&C.optimizations.length>0;t.fix&&(de||H)?await Kr({force:!!t.fixForce,logger:e,pm:w,recoverOrphans:H,results:C,useEditorconfig:i?.editorconfig??!0,workspaceRoot:o}):p||Vr(C),v&&(process.stdout.write(`
+`),process.stdout.write(`${ae("→ ")}${v.description}
+`),v.configSnippet?(process.stdout.write(`
+`),process.stdout.write(`${b(v.configSnippet)}
+`)):process.stdout.write(`  ${Te(v.command)}
+`),process.stdout.write(`
+`)),t.exitCode&&ot(C,!!t.strict)&&(process.exitCode=1)},"execute"),Kr=S(async e=>{const{force:t,logger:i,pm:s,recoverOrphans:o,results:l,useEditorconfig:c,workspaceRoot:p}=e;u.log(""),u.log(ce("Applying fixes","ok"));const d=l.optimizations.filter(g=>g.category==="socket"&&g.overrideSpec).map(g=>({original:g.packageName,spec:g.overrideSpec})),$=l.optimizations.filter(g=>g.category!=="socket"&&g.hasCodemod),R=l.optimizations.filter(g=>g.category!=="socket"&&!g.hasCodemod);let w=!1,A=0;const E=[];if(o){const g=Pi({force:t});if(g.killed.length>0&&(u.success(`Cleaned up ${String(g.killed.length)} orphaned process${g.killed.length===1?"":"es"} (PIDs: ${g.killed.join(", ")}).`),w=!0),g.failed.length>0){const I=t?"":" Re-run with `--fix --fix-force` to escalate to SIGKILL.";u.warn(`Could not signal ${String(g.failed.length)} orphan${g.failed.length===1?"":"s"}: ${g.failed.map(B=>`${String(B.pid)} (${B.reason})`).join(", ")}.${I}`)}}if(d.length>0){const g=ci(p,te(p,"package.json"),d,s,c);g.added.length>0&&(u.success(`Added ${String(g.added.length)} security override${g.added.length===1?"":"s"}.`),w=!0),g.updated.length>0&&(u.success(`Updated ${String(g.updated.length)} override${g.updated.length===1?"":"s"}.`),w=!0)}for(const g of $)try{const I=await di(p,g.packageName);I.filesChanged>0&&(u.success(`${g.packageName}: ${String(I.filesChanged)} file${I.filesChanged===1?"":"s"} updated`),A+=1,w=!0)}catch(I){const B=I instanceof Error?I.message:String(I);E.push({error:B,package:g.packageName}),u.warn(`${g.packageName}: codemod failed — ${B}`)}d.length>0&&(u.log(`${Te(j.arrow)} Running ${s.name} install to update lockfile…`),qt(s,{dev:!1,filter:[],force:!1,frozenLockfile:!1,ignoreScripts:!1,lockfileOnly:!1,noOptional:!1,offline:!1,prod:!1,recursive:!1,silent:!1,workspaceRoot:!1},p,i),w=!0),u.log(""),w?u.success(`Fixes applied. ${A>0?`${String(A)} codemod${A===1?"":"s"} applied.`:""}`.trim()):u.log(At("No auto-fixable items in the current run.")),E.length>0&&u.warn(`${String(E.length)} codemod${E.length===1?"":"s"} failed (run ${we("vis optimize")} for the interactive picker).`),R.length>0&&u.notice(`${String(R.length)} optimization${R.length===1?"":"s"} need manual review (no codemod). Run ${we("vis optimize")} to inspect them.`)},"runFixes");export{pn as default};