npm - @visulima/vis - Versions diffs - 1.0.0-alpha.11 → 1.0.0-alpha.13 - Mend

@visulima/vis 1.0.0-alpha.11 → 1.0.0-alpha.13

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (116) hide show

package/CHANGELOG.md +101 -0
package/LICENSE.md +559 -186
package/README.md +18 -0
package/dist/bin.js +1 -9
package/dist/config/index.d.ts +477 -556
package/dist/config/index.js +1 -2
package/dist/generate/index.js +1 -3
package/dist/packem_chunks/applyDefaults.js +2 -336
package/dist/packem_chunks/bin.js +234 -9552
package/dist/packem_chunks/doctor-probe.js +2 -112
package/dist/packem_chunks/fix.js +11 -234
package/dist/packem_chunks/handler.js +1 -99
package/dist/packem_chunks/handler10.js +2 -53
package/dist/packem_chunks/handler11.js +1 -32
package/dist/packem_chunks/handler12.js +5 -100
package/dist/packem_chunks/handler13.js +1 -25
package/dist/packem_chunks/handler14.js +18 -916
package/dist/packem_chunks/handler15.js +15 -201
package/dist/packem_chunks/handler16.js +1 -124
package/dist/packem_chunks/handler17.js +1 -13
package/dist/packem_chunks/handler18.js +1 -106
package/dist/packem_chunks/handler19.js +1 -19
package/dist/packem_chunks/handler2.js +2 -75
package/dist/packem_chunks/handler20.js +5 -29
package/dist/packem_chunks/handler21.js +1 -222
package/dist/packem_chunks/handler22.js +1 -237
package/dist/packem_chunks/handler23.js +5 -101
package/dist/packem_chunks/handler24.js +1 -110
package/dist/packem_chunks/handler25.js +3 -402
package/dist/packem_chunks/handler26.js +1 -13
package/dist/packem_chunks/handler27.js +1 -63
package/dist/packem_chunks/handler28.js +7 -34
package/dist/packem_chunks/handler29.js +21 -456
package/dist/packem_chunks/handler3.js +4 -95
package/dist/packem_chunks/handler30.js +3 -170
package/dist/packem_chunks/handler31.js +1 -530
package/dist/packem_chunks/handler32.js +2 -214
package/dist/packem_chunks/handler33.js +25 -119
package/dist/packem_chunks/handler34.js +2 -630
package/dist/packem_chunks/handler35.js +3 -283
package/dist/packem_chunks/handler36.js +22 -542
package/dist/packem_chunks/handler37.js +410 -744
package/dist/packem_chunks/handler38.js +22 -989
package/dist/packem_chunks/handler39.js +22 -574
package/dist/packem_chunks/handler4.js +2 -90
package/dist/packem_chunks/handler40.js +22 -1685
package/dist/packem_chunks/handler41.js +6 -1088
package/dist/packem_chunks/handler42.js +5 -797
package/dist/packem_chunks/handler43.js +10 -2658
package/dist/packem_chunks/handler44.js +51 -3784
package/dist/packem_chunks/handler45.js +25 -2574
package/dist/packem_chunks/handler46.js +3 -3769
package/dist/packem_chunks/handler47.js +21 -1485
package/dist/packem_chunks/handler48.js +42 -0
package/dist/packem_chunks/handler5.js +8 -174
package/dist/packem_chunks/handler6.js +1 -95
package/dist/packem_chunks/handler7.js +1 -115
package/dist/packem_chunks/handler8.js +1 -12
package/dist/packem_chunks/handler9.js +1 -29
package/dist/packem_chunks/heal-accept.js +10 -522
package/dist/packem_chunks/heal.js +14 -673
package/dist/packem_chunks/index.js +7 -873
package/dist/packem_chunks/loader.js +1 -23
package/dist/packem_chunks/tar.js +3 -0
package/dist/packem_shared/ai-analysis-hm8d2W7z.js +67 -0
package/dist/packem_shared/ai-cache-DoiF80AR.js +1 -0
package/dist/packem_shared/ai-fix-nn4zOE95.js +43 -0
package/dist/packem_shared/cache-directory-CwHlJhgx.js +1 -0
package/dist/packem_shared/dependency-scan-COr5n63B.js +2 -0
package/dist/packem_shared/docker-D6OGr5_S.js +2 -0
package/dist/packem_shared/failure-log-iUVLf6ts.js +2 -0
package/dist/packem_shared/flakiness-D9wf0t56.js +1 -0
package/dist/packem_shared/giget-CcEy_Elm.js +2 -0
package/dist/packem_shared/index-DH-5hsrC.js +1 -0
package/dist/packem_shared/otel-DxDUPJJH.js +6 -0
package/dist/packem_shared/otelPlugin-CQq6poq8.js +1 -0
package/dist/packem_shared/registry-CkubDdiY.js +2 -0
package/dist/packem_shared/run-summary-utils-BfBvjzhY.js +1 -0
package/dist/packem_shared/runtime-check-BXZ43CBW.js +1 -0
package/dist/packem_shared/selectors-BylODRiM.js +3 -0
package/dist/packem_shared/symbols-CQmER5MT.js +1 -0
package/dist/packem_shared/toolchain-BgBOUHII.js +5 -0
package/dist/packem_shared/typosquats-CcZl99B1.js +1 -0
package/dist/packem_shared/use-measured-height-DjYgUOKk.js +1 -0
package/dist/packem_shared/utils-DrNg0XTR.js +1 -0
package/dist/packem_shared/verify-Baj5mFJ7.js +1 -0
package/dist/packem_shared/vis-update-app-D1jl0UZZ.js +1 -0
package/dist/packem_shared/xxh3-DrAUNq4n.js +1 -0
package/index.js +556 -727
package/package.json +19 -29
package/schemas/project.schema.json +739 -297
package/schemas/vis-config.schema.json +3365 -384
package/templates/buildkite-ci/template.yml +20 -20
package/dist/packem_shared/VisUpdateApp-D-Yz_wvg.js +0 -1316
package/dist/packem_shared/_commonjsHelpers-BqLXS_qQ.js +0 -5
package/dist/packem_shared/ai-analysis-CHeB1joD.js +0 -367
package/dist/packem_shared/ai-cache-Be_jexe4.js +0 -142
package/dist/packem_shared/ai-fix-B9iQVcD2.js +0 -379
package/dist/packem_shared/cache-directory-2qvs4goY.js +0 -98
package/dist/packem_shared/catalog-BJTtyi-O.js +0 -1371
package/dist/packem_shared/dependency-scan-A0KSklpG.js +0 -188
package/dist/packem_shared/docker-2iZzc280.js +0 -181
package/dist/packem_shared/failure-log-Cz3Z4SKL.js +0 -100
package/dist/packem_shared/flakiness-goTxXuCX.js +0 -180
package/dist/packem_shared/otel-DCvqCTz_.js +0 -158
package/dist/packem_shared/otelPlugin-DFaLDvJf.js +0 -3
package/dist/packem_shared/registry-CbqXI0rc.js +0 -272
package/dist/packem_shared/run-summary-utils-PVMl4aIh.js +0 -130
package/dist/packem_shared/runtime-check-Cobi3p6l.js +0 -127
package/dist/packem_shared/selectors-SM69TfqC.js +0 -194
package/dist/packem_shared/symbols-Ta7g2nU-.js +0 -14
package/dist/packem_shared/toolchain-BdZd9eBi.js +0 -975
package/dist/packem_shared/typosquats-C-bCh3PX.js +0 -1210
package/dist/packem_shared/use-measured-height-CNP0vT4M.js +0 -20
package/dist/packem_shared/utils-CthVdBPS.js +0 -40
package/dist/packem_shared/xxh3-Ck8mXNg1.js +0 -239

package/dist/packem_shared/catalog-BJTtyi-O.js DELETED Viewed

@@ -1,1371 +0,0 @@
-import { createRequire as __cjs_createRequire } from "node:module";
-const __cjs_require = __cjs_createRequire(import.meta.url);
-const __cjs_getProcess = typeof globalThis !== "undefined" && typeof globalThis.process !== "undefined" ? globalThis.process : process;
-const __cjs_getBuiltinModule = (module) => {
-    // Check if we're in Node.js and version supports getBuiltinModule
-    if (typeof __cjs_getProcess !== "undefined" && __cjs_getProcess.versions && __cjs_getProcess.versions.node) {
-        const [major, minor] = __cjs_getProcess.versions.node.split(".").map(Number);
-        // Node.js 20.16.0+ and 22.3.0+
-        if (major > 22 || (major === 22 && minor >= 3) || (major === 20 && minor >= 16)) {
-            return __cjs_getProcess.getBuiltinModule(module);
-        }
-    }
-    // Fallback to createRequire
-    return __cjs_require(module);
-};
-const {
-  createInterface
-} = __cjs_getBuiltinModule("node:readline");
-import { findCacheDirSync } from '@visulima/find-cache-dir';
-import { isAccessibleSync, readFileSync, writeFileSync, walkSync, removeSync, readJsonSync, ensureDirSync, writeJsonSync } from '@visulima/fs';
-import { join, dirname } from '@visulima/path';
-import { Text, renderToString, Box, Table } from '@visulima/tui';
-import React from 'react';
-import { parse, coerce, rcompare } from 'semver';
-import { D as DEFAULT_LOW_SCORE_THRESHOLD, o as resolveWorkspacePatterns, q as readPnpmWorkspacePatterns, f as fetchSocketReports, t as findAcceptedRisk } from '../packem_chunks/bin.js';
-const PREFIX_REGEX = /^([\^~]|>=|<=|[><=])/;
-const YAML_ENTRY_REGEX = /^(?:'([^']+)'|"([^"]+)"|([^:\s]+)):\s*(?:'([^']+)'|"([^"]+)"|(\S+))/;
-const CATALOG_SECTION_REGEX = /^catalog:/m;
-const CATALOGS_SECTION_REGEX = /^catalogs:/m;
-const SCOPE_REGISTRY_REGEX = /^(@[^:]+):registry$/;
-const AUTH_TOKEN_REGEX = /^\/\/(.+)\/:_authToken$/;
-const CONSECUTIVE_WILDCARDS_REGEX = /\*+/g;
-const GLOB_SPECIAL_CHARS_REGEX = /[.+^${}()|[\]\\]/g;
-const REGEX_SPECIAL_CHARS_REGEX = /[.*+?^${}()|[\]\\]/g;
-const QUOTES_TRIM_REGEX = /^['"]|['"]$/g;
-const REGISTRY_PROTOCOL_REGEX = /^https?:\/\//;
-const TRAILING_SLASH_REGEX = /\/$/;
-const DEFAULT_DEP_TYPES = ["dependencies", "devDependencies", "optionalDependencies", "peerDependencies"];
-const VALID_DEP_TYPES = /* @__PURE__ */ new Set([...DEFAULT_DEP_TYPES, "overrides", "pnpm.overrides", "resolutions"]);
-const getBackupDir = (workspaceRoot) => {
-  const cacheDir = findCacheDirSync("vis", { create: true, cwd: workspaceRoot });
-  if (!cacheDir) {
-    throw new Error("Cannot resolve cache directory. Ensure node_modules exists in your workspace. Run your package manager's install command first.");
-  }
-  return join(cacheDir, "backup");
-};
-const parseVersion = (input) => {
-  const stripped = input.replace(/^[\^~]|^>=|^<=|^[><]/, "");
-  const parsed = parse(stripped);
-  if (parsed) {
-    return {
-      major: parsed.major,
-      minor: parsed.minor,
-      patch: parsed.patch,
-      prerelease: Array.isArray(parsed.prerelease) ? parsed.prerelease.join(".") : String(parsed.prerelease ?? "")
-    };
-  }
-  const coerced = coerce(input);
-  if (coerced) {
-    return {
-      major: coerced.major,
-      minor: coerced.minor,
-      patch: coerced.patch,
-      prerelease: ""
-    };
-  }
-  return void 0;
-};
-const extractPrefix = (range) => {
-  const match = PREFIX_REGEX.exec(range);
-  return match?.[1] ?? "";
-};
-const versionToString = (v) => {
-  const base = `${String(v.major)}.${String(v.minor)}.${String(v.patch)}`;
-  return v.prerelease ? `${base}-${v.prerelease}` : base;
-};
-const getUpdateType = (current, target) => {
-  if (current.major !== target.major) {
-    return "major";
-  }
-  if (current.minor !== target.minor) {
-    return "minor";
-  }
-  if (current.patch !== target.patch) {
-    return "patch";
-  }
-  if (current.prerelease !== target.prerelease) {
-    return "patch";
-  }
-  return "none";
-};
-const compareVersions = (a, b) => {
-  if (a.major !== b.major) {
-    return a.major - b.major;
-  }
-  if (a.minor !== b.minor) {
-    return a.minor - b.minor;
-  }
-  if (a.patch !== b.patch) {
-    return a.patch - b.patch;
-  }
-  if (!a.prerelease && b.prerelease) {
-    return 1;
-  }
-  if (a.prerelease && !b.prerelease) {
-    return -1;
-  }
-  if (a.prerelease && b.prerelease) {
-    return a.prerelease < b.prerelease ? -1 : a.prerelease > b.prerelease ? 1 : 0;
-  }
-  return 0;
-};
-const isNewer = (current, target) => compareVersions(target, current) > 0;
-const matchesPattern = (name, pattern) => {
-  const collapsed = pattern.replaceAll(CONSECUTIVE_WILDCARDS_REGEX, "*");
-  const escaped = collapsed.replaceAll(GLOB_SPECIAL_CHARS_REGEX, String.raw`\$&`);
-  const regex = new RegExp(`^${escaped.replaceAll("*", ".*").replaceAll("?", ".")}$`);
-  return regex.test(name);
-};
-const matchesFilters = (name, include, exclude) => {
-  if (exclude.some((p) => matchesPattern(name, p))) {
-    return false;
-  }
-  if (include.length > 0) {
-    return include.some((p) => matchesPattern(name, p));
-  }
-  return true;
-};
-const parseYamlEntry = (trimmed) => {
-  const match = YAML_ENTRY_REGEX.exec(trimmed);
-  if (!match) {
-    return void 0;
-  }
-  const key = match[1] ?? match[2] ?? match[3];
-  const value = match[4] ?? match[5] ?? match[6];
-  if (!key || !value) {
-    return void 0;
-  }
-  return [key, value];
-};
-const setCatalogEntry = (catalogs, catalogName, key, value) => {
-  if (!catalogs.has(catalogName)) {
-    catalogs.set(catalogName, /* @__PURE__ */ new Map());
-  }
-  const catalog = catalogs.get(catalogName);
-  if (catalog) {
-    catalog.set(key, value);
-  }
-};
-const parseCatalogSection = (catalogs, trimmed, indent) => {
-  if (indent < 2) {
-    return;
-  }
-  const entry = parseYamlEntry(trimmed);
-  if (entry) {
-    setCatalogEntry(catalogs, "default", entry[0], entry[1]);
-  }
-};
-const parseCatalogsSection = (catalogs, trimmed, indent, currentCatalogName) => {
-  if (indent === 2 && trimmed.endsWith(":")) {
-    return trimmed.slice(0, -1).trim().replaceAll(QUOTES_TRIM_REGEX, "");
-  }
-  if (indent >= 4 && currentCatalogName) {
-    const entry = parseYamlEntry(trimmed);
-    if (entry) {
-      setCatalogEntry(catalogs, currentCatalogName, entry[0], entry[1]);
-    }
-  }
-  return currentCatalogName;
-};
-const detectTopLevelSection = (trimmed) => {
-  if (trimmed === "catalog:" || trimmed.startsWith("catalog:")) {
-    return "catalog";
-  }
-  if (trimmed === "catalogs:" || trimmed.startsWith("catalogs:")) {
-    return "catalogs";
-  }
-  return "none";
-};
-const parseCatalogsFromYaml = (content) => {
-  const catalogs = /* @__PURE__ */ new Map();
-  let section = "none";
-  let currentCatalogName = "";
-  for (const line of content.split("\n")) {
-    const trimmed = line.trimStart();
-    const indent = line.length - trimmed.length;
-    if (indent === 0 && trimmed.length > 0 && !trimmed.startsWith("#")) {
-      section = detectTopLevelSection(trimmed);
-      if (section === "catalogs") {
-        currentCatalogName = "";
-      }
-      continue;
-    }
-    if (trimmed.length === 0 || trimmed.startsWith("#")) {
-      continue;
-    }
-    if (section === "catalog") {
-      parseCatalogSection(catalogs, trimmed, indent);
-    }
-    if (section === "catalogs") {
-      currentCatalogName = parseCatalogsSection(catalogs, trimmed, indent, currentCatalogName);
-    }
-  }
-  return catalogs;
-};
-const hasPnpmCatalogs = (workspaceRoot) => {
-  const filePath = join(workspaceRoot, "pnpm-workspace.yaml");
-  if (!isAccessibleSync(filePath)) {
-    return false;
-  }
-  const content = readFileSync(filePath);
-  return CATALOG_SECTION_REGEX.test(content) || CATALOGS_SECTION_REGEX.test(content);
-};
-const readPnpmCatalogs = (workspaceRoot) => {
-  const filePath = join(workspaceRoot, "pnpm-workspace.yaml");
-  if (!isAccessibleSync(filePath)) {
-    return /* @__PURE__ */ new Map();
-  }
-  const content = readFileSync(filePath);
-  return parseCatalogsFromYaml(content);
-};
-const readPackageJsonSafe = (filePath) => {
-  if (!isAccessibleSync(filePath)) {
-    return void 0;
-  }
-  try {
-    return readJsonSync(filePath);
-  } catch {
-    return void 0;
-  }
-};
-const hasBunCatalogs = (workspaceRoot) => {
-  const pkg = readPackageJsonSafe(join(workspaceRoot, "package.json"));
-  return !!(pkg?.workspaces?.catalog || pkg?.workspaces?.catalogs);
-};
-const parseBunCatalogs = (pkg) => {
-  const catalogs = /* @__PURE__ */ new Map();
-  if (pkg.workspaces?.catalog && typeof pkg.workspaces.catalog === "object") {
-    catalogs.set("default", new Map(Object.entries(pkg.workspaces.catalog)));
-  }
-  if (pkg.workspaces?.catalogs && typeof pkg.workspaces.catalogs === "object") {
-    for (const [name, deps] of Object.entries(pkg.workspaces.catalogs)) {
-      if (typeof deps === "object" && deps !== void 0) {
-        catalogs.set(name, new Map(Object.entries(deps)));
-      }
-    }
-  }
-  return catalogs;
-};
-const readBunCatalogs = (workspaceRoot) => {
-  const pkg = readPackageJsonSafe(join(workspaceRoot, "package.json"));
-  if (!pkg) {
-    return /* @__PURE__ */ new Map();
-  }
-  return parseBunCatalogs(pkg);
-};
-const parseCompositeCatalogName = (name) => {
-  const colonIndex = name.lastIndexOf(":");
-  if (colonIndex === -1) {
-    return void 0;
-  }
-  const depType = name.slice(colonIndex + 1);
-  if (!VALID_DEP_TYPES.has(depType)) {
-    return void 0;
-  }
-  return { depType, relativePath: name.slice(0, colonIndex) };
-};
-const getDepTypesToInclude = (options) => {
-  if (options?.dev) {
-    return ["devDependencies"];
-  }
-  if (options?.prod) {
-    return ["dependencies"];
-  }
-  if (options?.depFields && options.depFields.length > 0) {
-    return options.depFields;
-  }
-  return DEFAULT_DEP_TYPES;
-};
-const collectInternalPackageNames = (workspaceRoot, rootName, workspaceDirectories) => {
-  const names = /* @__PURE__ */ new Set();
-  if (rootName) {
-    names.add(rootName);
-  }
-  for (const directory of workspaceDirectories) {
-    const pkgPath = join(workspaceRoot, directory, "package.json");
-    if (isAccessibleSync(pkgPath)) {
-      try {
-        const pkg = readJsonSync(pkgPath);
-        if (pkg.name) {
-          names.add(pkg.name);
-        }
-      } catch {
-      }
-    }
-  }
-  return names;
-};
-const getNestedField = (object, path) => {
-  const parts = path.split(".");
-  let current = object;
-  for (const part of parts) {
-    if (current && typeof current === "object") {
-      current = current[part];
-    } else {
-      return void 0;
-    }
-  }
-  return typeof current === "object" && current !== null ? current : void 0;
-};
-const setNestedField = (object, path, key, value) => {
-  const parts = path.split(".");
-  let current = object;
-  for (const part of parts.slice(0, -1)) {
-    if (!current[part] || typeof current[part] !== "object") {
-      current[part] = {};
-    }
-    current = current[part];
-  }
-  const lastPart = parts.at(-1);
-  if (!current[lastPart] || typeof current[lastPart] !== "object") {
-    current[lastPart] = {};
-  }
-  current[lastPart][key] = value;
-};
-const filterExternalDeps = (deps, internalNames) => {
-  const filtered = /* @__PURE__ */ new Map();
-  for (const [name, range] of Object.entries(deps)) {
-    if (internalNames.has(name)) {
-      continue;
-    }
-    if (range.startsWith("workspace:") || range.startsWith("file:") || range.startsWith("link:") || range.startsWith("catalog:") || range.startsWith("$")) {
-      continue;
-    }
-    filtered.set(name, range);
-  }
-  return filtered;
-};
-const scanDirectoryDeps = (workspaceRoot, directory, rootPkgPath, depTypes, internalNames, catalogs) => {
-  const pkgPath = directory === "." ? rootPkgPath : join(workspaceRoot, directory, "package.json");
-  if (!isAccessibleSync(pkgPath)) {
-    return;
-  }
-  let pkg;
-  try {
-    pkg = readJsonSync(pkgPath);
-  } catch {
-    return;
-  }
-  for (const depType of depTypes) {
-    const deps = depType.includes(".") ? getNestedField(pkg, depType) : pkg[depType];
-    if (!deps || typeof deps !== "object") {
-      continue;
-    }
-    const filtered = filterExternalDeps(deps, internalNames);
-    if (filtered.size > 0) {
-      catalogs.set(`${directory}:${depType}`, filtered);
-    }
-  }
-};
-const readPackageJsonDeps = (workspaceRoot, options) => {
-  const catalogs = /* @__PURE__ */ new Map();
-  const rootPkgPath = join(workspaceRoot, "package.json");
-  if (!isAccessibleSync(rootPkgPath)) {
-    return catalogs;
-  }
-  const rootPkg = readJsonSync(rootPkgPath);
-  let workspaceDirectories = [];
-  const workspacesField = rootPkg.workspaces;
-  if (workspacesField) {
-    const patterns = Array.isArray(workspacesField) ? workspacesField : workspacesField.packages;
-    if (patterns) {
-      workspaceDirectories = resolveWorkspacePatterns(workspaceRoot, patterns);
-    }
-  }
-  if (workspaceDirectories.length === 0) {
-    const pnpmPatterns = readPnpmWorkspacePatterns(workspaceRoot);
-    if (pnpmPatterns) {
-      workspaceDirectories = resolveWorkspacePatterns(workspaceRoot, pnpmPatterns);
-    }
-  }
-  const internalNames = collectInternalPackageNames(workspaceRoot, rootPkg.name, workspaceDirectories);
-  const depTypes = getDepTypesToInclude(options);
-  const directoriesToScan = [".", ...workspaceDirectories];
-  for (const directory of directoriesToScan) {
-    scanDirectoryDeps(workspaceRoot, directory, rootPkgPath, depTypes, internalNames, catalogs);
-  }
-  return catalogs;
-};
-const hasPackageJsonDeps = (workspaceRoot) => {
-  const pkgPath = join(workspaceRoot, "package.json");
-  if (!isAccessibleSync(pkgPath)) {
-    return false;
-  }
-  try {
-    const pkg = readJsonSync(pkgPath);
-    return !!(pkg.dependencies || pkg.devDependencies || pkg.peerDependencies || pkg.optionalDependencies || pkg.overrides || pkg.resolutions || getNestedField(pkg, "pnpm.overrides"));
-  } catch {
-    return false;
-  }
-};
-const applyPackageJsonUpdates = (workspaceRoot, updates) => {
-  const byFile = /* @__PURE__ */ new Map();
-  for (const update of updates) {
-    const parsed = parseCompositeCatalogName(update.catalogName);
-    if (!parsed) {
-      continue;
-    }
-    const filePath = parsed.relativePath === "." ? join(workspaceRoot, "package.json") : join(workspaceRoot, parsed.relativePath, "package.json");
-    if (!byFile.has(filePath)) {
-      byFile.set(filePath, []);
-    }
-    const fileList = byFile.get(filePath);
-    if (fileList) {
-      fileList.push({ depType: parsed.depType, newRange: update.newRange, packageName: update.packageName });
-    }
-  }
-  for (const [filePath, fileUpdates] of byFile) {
-    const pkg = readJsonSync(filePath);
-    for (const { depType, newRange, packageName } of fileUpdates) {
-      if (depType.includes(".")) {
-        setNestedField(pkg, depType, packageName, newRange);
-      } else if (pkg[depType]) {
-        pkg[depType][packageName] = newRange;
-      }
-    }
-    writeJsonSync(filePath, pkg, { detectIndent: true, overwrite: true });
-  }
-};
-const hasCatalogs = (workspaceRoot, packageManager) => {
-  if (packageManager === "bun") {
-    return hasBunCatalogs(workspaceRoot) || hasPackageJsonDeps(workspaceRoot);
-  }
-  if (packageManager === "npm" || packageManager === "yarn") {
-    return hasPackageJsonDeps(workspaceRoot);
-  }
-  return hasPnpmCatalogs(workspaceRoot) || hasPackageJsonDeps(workspaceRoot);
-};
-const readCatalogs = (workspaceRoot, packageManager, options) => {
-  let catalogs;
-  if (packageManager === "bun") {
-    catalogs = readBunCatalogs(workspaceRoot);
-  } else if (packageManager === "npm" || packageManager === "yarn") {
-    catalogs = /* @__PURE__ */ new Map();
-  } else {
-    catalogs = readPnpmCatalogs(workspaceRoot);
-  }
-  const pkgDeps = readPackageJsonDeps(workspaceRoot, options);
-  for (const [key, deps] of pkgDeps) {
-    if (!catalogs.has(key)) {
-      catalogs.set(key, deps);
-    }
-  }
-  return catalogs;
-};
-const parseNpmrc = (content) => {
-  const registries = /* @__PURE__ */ new Map();
-  const authTokens = /* @__PURE__ */ new Map();
-  let defaultRegistry = "https://registry.npmjs.org";
-  for (const line of content.split("\n")) {
-    const trimmed = line.trim();
-    if (!trimmed || trimmed.startsWith("#") || trimmed.startsWith(";")) {
-      continue;
-    }
-    const eqIndex = trimmed.indexOf("=");
-    if (eqIndex === -1) {
-      continue;
-    }
-    const key = trimmed.slice(0, eqIndex).trim();
-    const value = trimmed.slice(eqIndex + 1).trim();
-    const scopeMatch = SCOPE_REGISTRY_REGEX.exec(key);
-    if (scopeMatch?.[1]) {
-      registries.set(scopeMatch[1], value);
-      continue;
-    }
-    if (key === "registry") {
-      defaultRegistry = value;
-      continue;
-    }
-    const authMatch = AUTH_TOKEN_REGEX.exec(key);
-    if (authMatch?.[1]) {
-      authTokens.set(authMatch[1], value);
-    }
-  }
-  return { authTokens, defaultRegistry, registries };
-};
-const mergeNpmrcConfigs = (base, override) => {
-  const merged = {
-    authTokens: new Map([...base.authTokens, ...override.authTokens]),
-    defaultRegistry: override.defaultRegistry === "https://registry.npmjs.org" ? base.defaultRegistry : override.defaultRegistry,
-    registries: new Map([...base.registries, ...override.registries])
-  };
-  return merged;
-};
-const loadNpmrc = (workspaceRoot) => {
-  const empty = { authTokens: /* @__PURE__ */ new Map(), defaultRegistry: "https://registry.npmjs.org", registries: /* @__PURE__ */ new Map() };
-  const homeDirectory = process.env.HOME ?? process.env.USERPROFILE ?? "";
-  const userNpmrc = join(homeDirectory, ".npmrc");
-  let config = homeDirectory && isAccessibleSync(userNpmrc) ? parseNpmrc(readFileSync(userNpmrc)) : empty;
-  const projectNpmrc = join(workspaceRoot, ".npmrc");
-  if (isAccessibleSync(projectNpmrc)) {
-    config = mergeNpmrcConfigs(config, parseNpmrc(readFileSync(projectNpmrc)));
-  }
-  return config;
-};
-const getRegistryForPackage = (packageName, config) => {
-  let registryUrl = config.defaultRegistry;
-  if (packageName.startsWith("@")) {
-    const scope = packageName.split("/")[0];
-    if (scope && config.registries.has(scope)) {
-      const scopeRegistry = config.registries.get(scope);
-      if (scopeRegistry) {
-        registryUrl = scopeRegistry;
-      }
-    }
-  }
-  const registryHost = registryUrl.replace(REGISTRY_PROTOCOL_REGEX, "").replace(TRAILING_SLASH_REGEX, "");
-  const token = config.authTokens.get(registryHost);
-  return { token, url: registryUrl };
-};
-const DEFAULT_FETCH_TIMEOUT = 15e3;
-const fetchPackageVersions = async (packageName, registryConfig, timeoutMs = DEFAULT_FETCH_TIMEOUT, fetchPublishTimes = false) => {
-  const baseUrl = (registryConfig?.url ?? "https://registry.npmjs.org").replace(TRAILING_SLASH_REGEX, "");
-  const url = `${baseUrl}/${packageName}`;
-  const headers = fetchPublishTimes ? { Accept: "application/json" } : { Accept: "application/vnd.npm.install-v1+json" };
-  if (registryConfig?.authToken) {
-    headers["Authorization"] = `Bearer ${registryConfig.authToken}`;
-  }
-  const controller = new AbortController();
-  const timeout = setTimeout(() => {
-    controller.abort();
-  }, timeoutMs);
-  try {
-    const response = await fetch(url, { headers, signal: controller.signal });
-    if (!response.ok) {
-      throw new Error(`Failed to fetch ${packageName}: ${String(response.status)} ${response.statusText}`);
-    }
-    const data = await response.json();
-    const result = {
-      latest: data["dist-tags"]?.["latest"] ?? "",
-      versions: Object.keys(data.versions ?? {})
-    };
-    if (fetchPublishTimes && data.time) {
-      result.publishTimes = new Map(Object.entries(data.time));
-    }
-    return result;
-  } finally {
-    clearTimeout(timeout);
-  }
-};
-const mapOsvSeverity = (vuln) => {
-  const databaseSeverity = vuln.database_specific?.severity?.toUpperCase();
-  if (databaseSeverity === "CRITICAL" || databaseSeverity === "HIGH" || databaseSeverity === "MODERATE" || databaseSeverity === "LOW") {
-    return databaseSeverity;
-  }
-  const cvss = vuln.severity?.find((s) => s.type === "CVSS_V3")?.score;
-  if (cvss) {
-    const score = Number.parseFloat(cvss);
-    if (score >= 9) {
-      return "CRITICAL";
-    }
-    if (score >= 7) {
-      return "HIGH";
-    }
-    if (score >= 4) {
-      return "MODERATE";
-    }
-    return "LOW";
-  }
-  return "UNKNOWN";
-};
-const mapOsvCvss = (vuln) => {
-  const cvss = vuln.severity?.find((s) => s.type === "CVSS_V3")?.score;
-  return cvss ? Number.parseFloat(cvss) : void 0;
-};
-const mapOsvFixedVersions = (vuln) => {
-  const fixed = [];
-  for (const affected of vuln.affected ?? []) {
-    for (const range of affected.ranges ?? []) {
-      for (const event of range.events ?? []) {
-        if (event.fixed) {
-          fixed.push(event.fixed);
-        }
-      }
-    }
-  }
-  return fixed;
-};
-const mapOsvVuln = (vuln) => {
-  return {
-    aliases: vuln.aliases?.length ? vuln.aliases : void 0,
-    cvssScore: mapOsvCvss(vuln),
-    fixedVersions: mapOsvFixedVersions(vuln),
-    id: vuln.id,
-    severity: mapOsvSeverity(vuln),
-    summary: vuln.summary ?? ""
-  };
-};
-const fetchVulnerabilities = async (packages, timeoutMs = 1e4) => {
-  if (packages.length === 0) {
-    return /* @__PURE__ */ new Map();
-  }
-  const queries = packages.map((pkg) => {
-    return {
-      package: { ecosystem: "npm", name: pkg.name },
-      version: pkg.version
-    };
-  });
-  const controller = new AbortController();
-  const timeout = setTimeout(() => {
-    controller.abort();
-  }, timeoutMs);
-  try {
-    const response = await fetch("https://api.osv.dev/v1/querybatch", {
-      body: JSON.stringify({ queries }),
-      headers: { "Content-Type": "application/json" },
-      method: "POST",
-      signal: controller.signal
-    });
-    if (!response.ok) {
-      return /* @__PURE__ */ new Map();
-    }
-    const data = await response.json();
-    const result = /* @__PURE__ */ new Map();
-    for (const [index, packageInfo] of packages.entries()) {
-      const vulns = data.results[index]?.vulns;
-      if (vulns && vulns.length > 0) {
-        result.set(
-          packageInfo.name,
-          vulns.map((vuln) => mapOsvVuln(vuln))
-        );
-      }
-    }
-    return result;
-  } catch {
-    return /* @__PURE__ */ new Map();
-  } finally {
-    clearTimeout(timeout);
-  }
-};
-const packageModeRegexCache = /* @__PURE__ */ new Map();
-const resolvePackageTarget = (packageName, globalTarget, packageMode) => {
-  if (!packageMode) {
-    return globalTarget;
-  }
-  const exact = packageMode[packageName];
-  if (exact !== void 0) {
-    return exact;
-  }
-  for (const [pattern, target] of Object.entries(packageMode)) {
-    if (pattern === packageName) {
-      continue;
-    }
-    if (pattern.startsWith("/") && pattern.endsWith("/")) {
-      let regex = packageModeRegexCache.get(pattern);
-      if (!regex) {
-        regex = new RegExp(pattern.slice(1, -1));
-        packageModeRegexCache.set(pattern, regex);
-      }
-      if (regex.test(packageName)) {
-        return target;
-      }
-    } else if (matchesPattern(packageName, pattern)) {
-      return target;
-    }
-  }
-  return globalTarget;
-};
-const isTooNew = (version, publishTimes, minAgeMs) => {
-  const publishDate = publishTimes?.get(version);
-  if (!publishDate) {
-    return false;
-  }
-  return Date.now() - new Date(publishDate).getTime() < minAgeMs;
-};
-const resolveMinAgeMs = (maturity) => {
-  if (!maturity?.minimumReleaseAge) {
-    return 0;
-  }
-  const isExcluded = maturity.packageName && maturity.minimumReleaseAgeExclude?.some((p) => matchesPattern(maturity.packageName, p));
-  return isExcluded ? 0 : maturity.minimumReleaseAge * 60 * 1e3;
-};
-const filterCandidates = (versions, current, includePrerelease, minAgeMs, publishTimes, constraint) => {
-  const best = versions.map((v) => {
-    return { parsed: parseVersion(v), raw: v };
-  }).filter((v) => {
-    if (!v.parsed) {
-      return false;
-    }
-    if (!includePrerelease && v.parsed.prerelease !== "") {
-      return false;
-    }
-    if (!isNewer(current, v.parsed)) {
-      return false;
-    }
-    if (minAgeMs && isTooNew(v.raw, publishTimes, minAgeMs)) {
-      return false;
-    }
-    return constraint ? constraint(v.parsed) : true;
-  }).toSorted((a, b) => rcompare(a.raw, b.raw));
-  return best[0]?.raw;
-};
-const findTargetVersion = (versions, latest, currentRange, target, includePrerelease, maturity) => {
-  const current = parseVersion(currentRange);
-  if (!current) {
-    return void 0;
-  }
-  const minAgeMs = resolveMinAgeMs(maturity);
-  if (target === "latest") {
-    const latestParsed = parseVersion(latest);
-    if (!latestParsed) {
-      return void 0;
-    }
-    if (!includePrerelease && latestParsed.prerelease !== "") {
-      return void 0;
-    }
-    if (!isNewer(current, latestParsed)) {
-      return void 0;
-    }
-    if (!minAgeMs || !isTooNew(latest, maturity?.publishTimes, minAgeMs)) {
-      return latest;
-    }
-    return filterCandidates(versions, current, includePrerelease, minAgeMs, maturity?.publishTimes);
-  }
-  const constraint = target === "patch" ? (p) => p.major === current.major && p.minor === current.minor : (p) => p.major === current.major;
-  return filterCandidates(versions, current, includePrerelease, minAgeMs, maturity?.publishTimes, constraint);
-};
-const collectEntries = (catalogs, options) => {
-  const entries = [];
-  const ignoredSet = /* @__PURE__ */ new Set();
-  for (const [catalogName, deps] of catalogs) {
-    for (const [packageName, range] of deps) {
-      if (range.startsWith("workspace:") || range.startsWith("file:") || range.startsWith("link:") || range === "*") {
-        continue;
-      }
-      if (!options.includeLocked) {
-        const prefix = extractPrefix(range);
-        if (!prefix) {
-          continue;
-        }
-      }
-      if (options.ignore.some((p) => matchesPattern(packageName, p))) {
-        ignoredSet.add(packageName);
-        continue;
-      }
-      if (matchesFilters(packageName, options.include, options.exclude)) {
-        entries.push({ catalogName, packageName, range });
-      }
-    }
-  }
-  return { entries, ignored: [...ignoredSet] };
-};
-const fetchVersionsBatched = async (uniquePackages, npmrcConfig, onProgress, fetchPublishTimes = false) => {
-  const versionCache = /* @__PURE__ */ new Map();
-  const failed = [];
-  const concurrency = 8;
-  let completed = 0;
-  for (let index = 0; index < uniquePackages.length; index += concurrency) {
-    const batch = uniquePackages.slice(index, index + concurrency);
-    const results = await Promise.allSettled(
-      batch.map(async (name) => {
-        const registry = npmrcConfig ? getRegistryForPackage(name, npmrcConfig) : void 0;
-        const info = await fetchPackageVersions(
-          name,
-          registry ? { authToken: registry.token, url: registry.url } : void 0,
-          DEFAULT_FETCH_TIMEOUT,
-          fetchPublishTimes
-        );
-        versionCache.set(name, info);
-        return name;
-      })
-    );
-    for (const [batchIndex, batchResult] of results.entries()) {
-      completed += 1;
-      if (batchResult.status === "rejected") {
-        const batchPackage = batch[batchIndex];
-        if (batchPackage) {
-          failed.push(batchPackage);
-        }
-      }
-    }
-    if (onProgress) {
-      onProgress(completed, uniquePackages.length);
-    }
-  }
-  return { failed, versionCache };
-};
-const buildOutdatedEntries = (entries, versionCache, options) => {
-  const outdated = [];
-  for (const entry of entries) {
-    const info = versionCache.get(entry.packageName);
-    if (!info) {
-      continue;
-    }
-    const effectiveTarget = resolvePackageTarget(entry.packageName, options.target, options.packageMode);
-    const targetVersion = findTargetVersion(info.versions, info.latest, entry.range, effectiveTarget, options.includePrerelease, {
-      minimumReleaseAge: options.minimumReleaseAge,
-      minimumReleaseAgeExclude: options.minimumReleaseAgeExclude,
-      packageName: entry.packageName,
-      publishTimes: info.publishTimes
-    });
-    if (!targetVersion) {
-      continue;
-    }
-    const current = parseVersion(entry.range);
-    const target = parseVersion(targetVersion);
-    if (!current || !target) {
-      continue;
-    }
-    const updateType = getUpdateType(current, target);
-    if (updateType === "none") {
-      continue;
-    }
-    const prefix = extractPrefix(entry.range);
-    outdated.push({
-      catalogName: entry.catalogName,
-      currentRange: entry.range,
-      newRange: `${prefix}${targetVersion}`,
-      packageName: entry.packageName,
-      targetVersion,
-      updateType
-    });
-  }
-  return outdated;
-};
-const formatVersionString = (parsed) => parsed ? versionToString(parsed) : "";
-const enrichWithSecurity = async (outdated, entries, socketOptions, acceptedRisks) => {
-  const packagesToScan = [
-    ...new Map(
-      entries.map((entry) => {
-        const parsed = parseVersion(entry.range);
-        return [entry.packageName, { name: entry.packageName, version: formatVersionString(parsed) }];
-      })
-    ).values()
-  ].filter((p) => p.version);
-  const socketPromise = socketOptions ? fetchSocketReports(packagesToScan, socketOptions) : void 0;
-  const [vulnMap, socketReports] = await Promise.all([fetchVulnerabilities(packagesToScan), socketPromise]);
-  for (const entry of outdated) {
-    const vulns = vulnMap.get(entry.packageName);
-    if (vulns && vulns.length > 0) {
-      entry.vulnerabilities = vulns;
-    }
-    const parsed = parseVersion(entry.currentRange);
-    const version = formatVersionString(parsed);
-    if (socketReports) {
-      const report = socketReports.get(`${entry.packageName}@${version}`);
-      if (report) {
-        entry.socketReport = {
-          alerts: report.alerts,
-          license: report.license,
-          score: report.score
-        };
-      }
-    }
-    if (acceptedRisks) {
-      const risk = findAcceptedRisk(entry.packageName, version, acceptedRisks);
-      if (risk) {
-        entry.acceptedRisk = risk;
-      }
-    }
-  }
-};
-const OUTDATED_CACHE_TTL_MS = 6e4;
-const computeCacheHash = (catalogs, options, socketEnabled, acceptedRiskKeys) => {
-  const parts = [];
-  for (const [name, deps] of catalogs) {
-    for (const [pkg, range] of deps) {
-      parts.push(`${name}:${pkg}=${range}`);
-    }
-  }
-  parts.push(`target=${options.target},pre=${String(options.includePrerelease)},sec=${String(options.security ?? false)}`);
-  parts.push(`in=${options.include.join(",")},ex=${options.exclude.join(",")},ig=${options.ignore.join(",")}`);
-  parts.push(`locked=${String(options.includeLocked)}`);
-  parts.push(`mra=${String(options.minimumReleaseAge ?? 0)}`);
-  if (options.packageMode) {
-    const modeEntries = Object.entries(options.packageMode).map(([k, v]) => `${k}=${v}`).toSorted().join(",");
-    parts.push(`pkgMode=${modeEntries}`);
-  }
-  parts.push(`socket=${String(socketEnabled ?? false)}`);
-  if (acceptedRiskKeys && acceptedRiskKeys.length > 0) {
-    parts.push(`risks=${acceptedRiskKeys.toSorted().join(",")}`);
-  }
-  let hash = 5381;
-  const string_ = parts.join("|");
-  for (let i = 0; i < string_.length; i++) {
-    hash = (hash << 5) + hash + string_.charCodeAt(i) | 0;
-  }
-  return String(hash);
-};
-const getOutdatedCachePath = (workspaceRoot) => {
-  const cacheDir = findCacheDirSync("vis", { create: true, cwd: workspaceRoot });
-  return cacheDir ? join(cacheDir, "outdated-cache.json") : void 0;
-};
-const readOutdatedCache = (workspaceRoot, hash) => {
-  const cachePath = getOutdatedCachePath(workspaceRoot);
-  if (!cachePath || !isAccessibleSync(cachePath)) {
-    return void 0;
-  }
-  try {
-    const cache = readJsonSync(cachePath);
-    if (cache.hash === hash && Date.now() - cache.timestamp < OUTDATED_CACHE_TTL_MS) {
-      return cache.result;
-    }
-  } catch {
-  }
-  return void 0;
-};
-const writeOutdatedCache = (workspaceRoot, hash, result) => {
-  const cachePath = getOutdatedCachePath(workspaceRoot);
-  if (!cachePath) {
-    return;
-  }
-  try {
-    ensureDirSync(dirname(cachePath));
-    writeJsonSync(cachePath, { hash, result, timestamp: Date.now() });
-  } catch {
-  }
-};
-const checkOutdated = async (catalogs, options, npmrcConfig, onProgress, workspaceRoot, socketOptions, acceptedRisks) => {
-  const hash = computeCacheHash(catalogs, options, Boolean(socketOptions), acceptedRisks ? Object.keys(acceptedRisks) : void 0);
-  if (workspaceRoot) {
-    const cached = readOutdatedCache(workspaceRoot, hash);
-    if (cached) {
-      return cached;
-    }
-  }
-  const { entries, ignored } = collectEntries(catalogs, options);
-  const uniquePackages = [...new Set(entries.map((entry) => entry.packageName))];
-  const needPublishTimes = Boolean(options.minimumReleaseAge && options.minimumReleaseAge > 0);
-  const { failed, versionCache } = await fetchVersionsBatched(uniquePackages, npmrcConfig, onProgress, needPublishTimes);
-  const outdated = buildOutdatedEntries(entries, versionCache, options);
-  let filteredByTarget = [];
-  if (options.target !== "latest") {
-    const outdatedNames = new Set(outdated.map((e) => e.packageName));
-    const latestOptions = { ...options, packageMode: void 0, target: "latest" };
-    const allLatest = buildOutdatedEntries(entries, versionCache, latestOptions);
-    filteredByTarget = allLatest.filter((e) => !outdatedNames.has(e.packageName));
-  }
-  if ((options.security || socketOptions) && outdated.length > 0) {
-    await enrichWithSecurity(outdated, entries, socketOptions, acceptedRisks);
-  }
-  const result = { checkedCount: uniquePackages.length, failed, filteredByTarget, ignored, outdated };
-  if (workspaceRoot) {
-    writeOutdatedCache(workspaceRoot, hash, result);
-  }
-  return result;
-};
-const getCatalogFilePath = (workspaceRoot, packageManager) => {
-  if (packageManager === "bun") {
-    return join(workspaceRoot, "package.json");
-  }
-  return join(workspaceRoot, "pnpm-workspace.yaml");
-};
-const createPackageJsonBackup = (workspaceRoot, updates) => {
-  const backupDirectory = getBackupDir(workspaceRoot);
-  const filesToBackup = /* @__PURE__ */ new Set();
-  for (const update of updates) {
-    const parsed = parseCompositeCatalogName(update.catalogName);
-    if (parsed) {
-      filesToBackup.add(parsed.relativePath === "." ? "package.json" : join(parsed.relativePath, "package.json"));
-    }
-  }
-  if (filesToBackup.size === 0) {
-    return void 0;
-  }
-  ensureDirSync(backupDirectory);
-  for (const relativePath of filesToBackup) {
-    const sourcePath = join(workspaceRoot, relativePath);
-    if (isAccessibleSync(sourcePath)) {
-      const destinationPath = join(backupDirectory, relativePath);
-      const destinationDirectory = dirname(destinationPath);
-      ensureDirSync(destinationDirectory);
-      writeFileSync(destinationPath, readFileSync(sourcePath));
-    }
-  }
-  return backupDirectory;
-};
-const createBackup = (workspaceRoot, packageManager, updates) => {
-  if ((packageManager === "npm" || packageManager === "yarn") && updates) {
-    return createPackageJsonBackup(workspaceRoot, updates);
-  }
-  let catalogBackupPath;
-  const filePath = getCatalogFilePath(workspaceRoot, packageManager);
-  if (isAccessibleSync(filePath)) {
-    catalogBackupPath = `${filePath}.bak`;
-    writeFileSync(catalogBackupPath, readFileSync(filePath));
-  }
-  if (updates) {
-    const pkgJsonUpdates = updates.filter((u) => parseCompositeCatalogName(u.catalogName));
-    if (pkgJsonUpdates.length > 0) {
-      createPackageJsonBackup(workspaceRoot, pkgJsonUpdates);
-    }
-  }
-  return catalogBackupPath;
-};
-const restorePackageJsonBackup = (workspaceRoot) => {
-  const backupDirectory = getBackupDir(workspaceRoot);
-  if (!isAccessibleSync(backupDirectory)) {
-    return false;
-  }
-  for (const entry of walkSync(backupDirectory, { includeDirs: false })) {
-    const relativePath = entry.path.slice(backupDirectory.length + 1);
-    const destinationPath = join(workspaceRoot, relativePath);
-    writeFileSync(destinationPath, readFileSync(entry.path));
-  }
-  removeSync(backupDirectory);
-  return true;
-};
-const restoreFromBackup = (workspaceRoot, packageManager) => {
-  if (packageManager === "npm" || packageManager === "yarn") {
-    return restorePackageJsonBackup(workspaceRoot);
-  }
-  const filePath = getCatalogFilePath(workspaceRoot, packageManager);
-  const backupPath = `${filePath}.bak`;
-  if (!isAccessibleSync(backupPath)) {
-    return false;
-  }
-  const content = readFileSync(backupPath);
-  writeFileSync(filePath, content);
-  return true;
-};
-const hasBackup = (workspaceRoot, packageManager) => {
-  if (packageManager === "npm" || packageManager === "yarn") {
-    try {
-      const backupDir = getBackupDir(workspaceRoot);
-      return isAccessibleSync(backupDir);
-    } catch {
-      return false;
-    }
-  }
-  const filePath = getCatalogFilePath(workspaceRoot, packageManager);
-  return isAccessibleSync(`${filePath}.bak`);
-};
-const formatOutdatedJson = (result) => JSON.stringify(result, void 0, 2);
-const formatOutdatedMinimal = (outdated) => outdated.map((entry) => `${entry.packageName}  ${entry.currentRange} → ${entry.newRange}`).join("\n");
-const toFilterArray = (value) => {
-  if (!value) {
-    return [];
-  }
-  return Array.isArray(value) ? value : [value];
-};
-const groupByCatalog = (entries) => {
-  const grouped = /* @__PURE__ */ new Map();
-  for (const entry of entries) {
-    if (!grouped.has(entry.catalogName)) {
-      grouped.set(entry.catalogName, []);
-    }
-    const group = grouped.get(entry.catalogName);
-    if (group) {
-      group.push(entry);
-    }
-  }
-  return grouped;
-};
-const formatCatalogDisplayName = (catalogName) => {
-  const parsed = parseCompositeCatalogName(catalogName);
-  if (parsed) {
-    const location = parsed.relativePath === "." ? "root" : parsed.relativePath;
-    return `${location} (${parsed.depType})`;
-  }
-  return `Catalog: ${catalogName}`;
-};
-const formatOutdatedTable = (outdated, logger) => {
-  const byCatalog = groupByCatalog(outdated);
-  const columns = process.stdout.columns || 80;
-  const hasSocketData = outdated.some((entry) => entry.socketReport);
-  for (const [catalogName, entries] of byCatalog) {
-    const tableData = entries.flatMap((entry) => {
-      const hasSec = entry.vulnerabilities && entry.vulnerabilities.length > 0;
-      const hasSocketAlerts = entry.socketReport && entry.socketReport.alerts.length > 0;
-      const prefix = hasSec || hasSocketAlerts ? "[SEC] " : "";
-      const displayName2 = `${prefix}${entry.packageName}`;
-      const scoreString = entry.socketReport ? `${String(Math.round(entry.socketReport.score.overall * 100))}%` : "";
-      const row = {
-        current: entry.currentRange,
-        package: displayName2,
-        target: entry.newRange,
-        type: entry.updateType
-      };
-      if (hasSocketData) {
-        row.score = scoreString;
-      }
-      const rows = [row];
-      if (entry.vulnerabilities) {
-        for (const vuln of entry.vulnerabilities) {
-          const vulnRow = { current: vuln.summary, package: `  ${vuln.severity} ${vuln.id}`, target: "", type: "" };
-          if (hasSocketData) {
-            vulnRow.score = "";
-          }
-          rows.push(vulnRow);
-        }
-      }
-      if (entry.socketReport) {
-        for (const alert of entry.socketReport.alerts) {
-          const alertRow = {
-            current: alert.category,
-            package: `  [${alert.severity.toUpperCase()}] ${alert.type}`,
-            target: "",
-            type: ""
-          };
-          if (hasSocketData) {
-            alertRow.score = "";
-          }
-          rows.push(alertRow);
-        }
-      }
-      return rows;
-    });
-    const displayName = formatCatalogDisplayName(catalogName);
-    const output = renderToString(React.createElement(Table, { data: tableData }), { columns });
-    logger.info(`${displayName}
-${output}
-`);
-  }
-};
-const formatSummary = (outdated) => {
-  let majors = 0;
-  let minors = 0;
-  let patches = 0;
-  let securityCount = 0;
-  let socketAlertCount = 0;
-  let lowScoreCount = 0;
-  for (const entry of outdated) {
-    if (entry.updateType === "major") {
-      majors++;
-    } else if (entry.updateType === "minor") {
-      minors++;
-    } else {
-      patches++;
-    }
-    if (entry.vulnerabilities && entry.vulnerabilities.length > 0) {
-      securityCount++;
-    }
-    if (entry.socketReport?.alerts.length) {
-      socketAlertCount++;
-    }
-    if (entry.socketReport && entry.socketReport.score.overall < DEFAULT_LOW_SCORE_THRESHOLD) {
-      lowScoreCount++;
-    }
-  }
-  const parts = [];
-  if (majors) {
-    parts.push(`${String(majors)} major`);
-  }
-  if (minors) {
-    parts.push(`${String(minors)} minor`);
-  }
-  if (patches) {
-    parts.push(`${String(patches)} patch`);
-  }
-  if (securityCount) {
-    parts.push(`${String(securityCount)} with vulnerabilities`);
-  }
-  if (socketAlertCount) {
-    parts.push(`${String(socketAlertCount)} with Socket.dev alerts`);
-  }
-  const summary = `Found ${String(outdated.length)} outdated (${parts.join(", ")})`;
-  const columns = process.stdout.columns || 80;
-  const children = [React.createElement(Text, { bold: true }, "─ Summary"), React.createElement(Text, null, `  ${summary}`)];
-  if (lowScoreCount > 0) {
-    children.push(
-      React.createElement(
-        Text,
-        { color: "yellow" },
-        `  ${String(lowScoreCount)} package${lowScoreCount === 1 ? "" : "s"} with low Socket.dev score (<${String(DEFAULT_LOW_SCORE_THRESHOLD * 100)}%)`
-      )
-    );
-  }
-  return renderToString(React.createElement(Box, { flexDirection: "column", paddingX: 1 }, ...children), { columns });
-};
-const buildLineMatchRegex = (packageName, range) => {
-  const escapedName = packageName.replaceAll(REGEX_SPECIAL_CHARS_REGEX, String.raw`\$&`);
-  const escapedRange = range.replaceAll(REGEX_SPECIAL_CHARS_REGEX, String.raw`\$&`);
-  return new RegExp(String.raw`^(?:'${escapedName}'|"${escapedName}"|${escapedName}):\s*['"]?${escapedRange}['"]?`);
-};
-const lineMatchesPackage = (trimmed, packageName, range) => {
-  const regex = buildLineMatchRegex(packageName, range);
-  return regex.test(trimmed);
-};
-const buildUpdateMap = (updates) => {
-  const updateMap = /* @__PURE__ */ new Map();
-  for (const update of updates) {
-    if (!updateMap.has(update.catalogName)) {
-      updateMap.set(update.catalogName, /* @__PURE__ */ new Map());
-    }
-    const catalogMap = updateMap.get(update.catalogName);
-    if (catalogMap) {
-      catalogMap.set(update.packageName, {
-        newRange: update.newRange,
-        oldRange: update.currentRange
-      });
-    }
-  }
-  return updateMap;
-};
-const applyLineUpdate = (line, trimmed, catalogUpdates) => {
-  if (!catalogUpdates) {
-    return line;
-  }
-  for (const [pkgName, { newRange, oldRange }] of catalogUpdates) {
-    if (lineMatchesPackage(trimmed, pkgName, oldRange)) {
-      return line.replace(oldRange, newRange);
-    }
-  }
-  return line;
-};
-const processYamlLineForUpdate = (line, section, currentCatalogName, updateMap) => {
-  const trimmed = line.trimStart();
-  const indent = line.length - trimmed.length;
-  if (trimmed.length === 0 || trimmed.startsWith("#")) {
-    return line;
-  }
-  if (section === "catalog" && indent >= 2) {
-    return applyLineUpdate(line, trimmed, updateMap.get("default"));
-  }
-  if (section === "catalogs" && indent >= 4 && currentCatalogName) {
-    return applyLineUpdate(line, trimmed, updateMap.get(currentCatalogName));
-  }
-  return line;
-};
-const applyPnpmCatalogUpdates = (workspaceRoot, updates) => {
-  const filePath = join(workspaceRoot, "pnpm-workspace.yaml");
-  const content = readFileSync(filePath);
-  const lines = content.split("\n");
-  const updateMap = buildUpdateMap(updates);
-  let section = "none";
-  let currentCatalogName = "";
-  const result = [];
-  for (const line of lines) {
-    const trimmed = line.trimStart();
-    const indent = line.length - trimmed.length;
-    if (indent === 0 && trimmed.length > 0 && !trimmed.startsWith("#")) {
-      section = detectTopLevelSection(trimmed);
-      if (section === "catalogs") {
-        currentCatalogName = "";
-      }
-    }
-    if (section === "catalogs" && indent === 2 && trimmed.endsWith(":")) {
-      currentCatalogName = trimmed.slice(0, -1).trim().replaceAll(QUOTES_TRIM_REGEX, "");
-    }
-    result.push(processYamlLineForUpdate(line, section, currentCatalogName, updateMap));
-  }
-  writeFileSync(filePath, result.join("\n"));
-};
-const applyBunCatalogUpdates = (workspaceRoot, updates) => {
-  const filePath = join(workspaceRoot, "package.json");
-  const pkg = readJsonSync(filePath);
-  for (const update of updates) {
-    if (update.catalogName === "default") {
-      if (pkg.workspaces?.catalog) {
-        pkg.workspaces.catalog[update.packageName] = update.newRange;
-      }
-    } else {
-      const catalogEntry = pkg.workspaces?.catalogs?.[update.catalogName];
-      if (catalogEntry) {
-        catalogEntry[update.packageName] = update.newRange;
-      }
-    }
-  }
-  writeJsonSync(filePath, pkg, { detectIndent: true, overwrite: true });
-};
-const applyCatalogUpdates = (workspaceRoot, updates, packageManager, backup = true) => {
-  let backupPath;
-  if (backup) {
-    backupPath = createBackup(workspaceRoot, packageManager, updates);
-  }
-  const catalogUpdates = [];
-  const pkgJsonUpdates = [];
-  for (const update of updates) {
-    if (parseCompositeCatalogName(update.catalogName)) {
-      pkgJsonUpdates.push(update);
-    } else {
-      catalogUpdates.push(update);
-    }
-  }
-  if (catalogUpdates.length > 0) {
-    if (packageManager === "npm" || packageManager === "yarn") {
-      applyPackageJsonUpdates(workspaceRoot, catalogUpdates);
-    } else if (packageManager === "bun") {
-      applyBunCatalogUpdates(workspaceRoot, catalogUpdates);
-    } else {
-      applyPnpmCatalogUpdates(workspaceRoot, catalogUpdates);
-    }
-  }
-  if (pkgJsonUpdates.length > 0) {
-    applyPackageJsonUpdates(workspaceRoot, pkgJsonUpdates);
-  }
-  return backupPath;
-};
-const promptPackageSelection = async (outdated) => {
-  const rl = createInterface({ input: process.stdin, output: process.stdout });
-  const ask = (question) => new Promise((resolve) => {
-    rl.question(question, (answer2) => {
-      resolve(answer2.trim());
-    });
-  });
-  process.stdout.write("\nOutdated catalog dependencies:\n");
-  for (const [index, element] of outdated.entries()) {
-    if (!element) {
-      continue;
-    }
-    process.stdout.write(`  ${String(index + 1)}. ${element.packageName}: ${element.currentRange} → ${element.newRange} (${element.updateType})
-`);
-  }
-  process.stdout.write("\n");
-  const answer = await ask("Apply updates? [a]ll / [n]one / [s]elect: ");
-  if (answer.toLowerCase() === "a" || answer.toLowerCase() === "all") {
-    rl.close();
-    return outdated;
-  }
-  if (answer.toLowerCase() === "n" || answer.toLowerCase() === "none") {
-    rl.close();
-    return [];
-  }
-  if (answer.toLowerCase() === "s" || answer.toLowerCase() === "select") {
-    const selection = await ask("Enter numbers to apply (comma-separated): ");
-    rl.close();
-    const indices = selection.split(",").map((s) => Number.parseInt(s.trim(), 10) - 1).filter((i) => i >= 0 && i < outdated.length);
-    return indices.map((i) => outdated[i]).filter((entry) => entry !== void 0);
-  }
-  rl.close();
-  return [];
-};
-const GITHUB_REPO_REGEX = /github\.com[/:]([\w.-]+)\/([\w.-]+?)(?:\.git|\/|$)/;
-const fetchChangelogInfo = async (packages, timeoutMs = 1e4) => {
-  const results = [];
-  const controller = new AbortController();
-  const timeout = setTimeout(() => {
-    controller.abort();
-  }, timeoutMs);
-  try {
-    const fetches = packages.map(async (entry) => {
-      const npmUrl = `https://www.npmjs.com/package/${entry.packageName}`;
-      try {
-        const response = await fetch(`https://registry.npmjs.org/${entry.packageName}`, {
-          headers: { Accept: "application/json" },
-          signal: controller.signal
-        });
-        if (!response.ok) {
-          return { npmUrl, packageName: entry.packageName };
-        }
-        const data = await response.json();
-        const repoUrl = data.repository?.url;
-        if (!repoUrl) {
-          return { npmUrl, packageName: entry.packageName };
-        }
-        const match = GITHUB_REPO_REGEX.exec(repoUrl);
-        if (!match) {
-          return { npmUrl, packageName: entry.packageName, repoUrl };
-        }
-        const owner = match[1];
-        const repo = match[2];
-        const releaseUrl = `https://github.com/${owner}/${repo}/releases/tag/v${entry.targetVersion}`;
-        return { npmUrl, packageName: entry.packageName, releaseUrl, repoUrl: `https://github.com/${owner}/${repo}` };
-      } catch {
-        return { npmUrl, packageName: entry.packageName };
-      }
-    });
-    results.push(...await Promise.all(fetches));
-  } finally {
-    clearTimeout(timeout);
-  }
-  return results;
-};
-export { fetchVulnerabilities as a, formatSummary as b, checkOutdated as c, formatOutdatedMinimal as d, extractPrefix as e, fetchPackageVersions as f, getUpdateType as g, formatOutdatedTable as h, hasBackup as i, restoreFromBackup as j, hasCatalogs as k, loadNpmrc as l, fetchChangelogInfo as m, promptPackageSelection as n, applyCatalogUpdates as o, parseVersion as p, formatOutdatedJson as q, readCatalogs as r, toFilterArray as t };