@visulima/vis 1.0.0-alpha.33 → 1.0.0-alpha.34
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +18 -0
- package/dist/bin.js +1 -1
- package/dist/binx.js +1 -1
- package/dist/config/index.d.ts +31 -6
- package/dist/packem_chunks/bin.js +274 -274
- package/dist/packem_chunks/bloom-sync.js +1 -1
- package/dist/packem_chunks/fix.js +1 -1
- package/dist/packem_chunks/handler11.js +1 -1
- package/dist/packem_chunks/handler13.js +1 -1
- package/dist/packem_chunks/handler14.js +1 -1
- package/dist/packem_chunks/handler16.js +1 -1
- package/dist/packem_chunks/handler20.js +1 -1
- package/dist/packem_chunks/handler21.js +1 -1
- package/dist/packem_chunks/handler22.js +2 -2
- package/dist/packem_chunks/handler23.js +1 -1
- package/dist/packem_chunks/handler27.js +1 -1
- package/dist/packem_chunks/handler29.js +1 -1
- package/dist/packem_chunks/handler3.js +1 -1
- package/dist/packem_chunks/handler30.js +1 -1
- package/dist/packem_chunks/handler33.js +1 -1
- package/dist/packem_chunks/handler34.js +4 -4
- package/dist/packem_chunks/handler35.js +1 -1
- package/dist/packem_chunks/handler36.js +3 -3
- package/dist/packem_chunks/handler37.js +1 -1
- package/dist/packem_chunks/handler38.js +4 -4
- package/dist/packem_chunks/handler39.js +2 -2
- package/dist/packem_chunks/handler4.js +1 -1
- package/dist/packem_chunks/handler40.js +1 -1
- package/dist/packem_chunks/handler41.js +7 -7
- package/dist/packem_chunks/handler42.js +25 -153
- package/dist/packem_chunks/handler43.js +153 -25
- package/dist/packem_chunks/handler44.js +5 -5
- package/dist/packem_chunks/handler45.js +1 -1
- package/dist/packem_chunks/handler47.js +1 -1
- package/dist/packem_chunks/handler48.js +1 -1
- package/dist/packem_chunks/handler49.js +1 -1
- package/dist/packem_chunks/handler5.js +1 -1
- package/dist/packem_chunks/handler50.js +10 -10
- package/dist/packem_chunks/handler51.js +29 -29
- package/dist/packem_chunks/handler7.js +1 -1
- package/dist/packem_chunks/heal.js +1 -1
- package/dist/packem_chunks/help-command.js +1 -1
- package/dist/packem_chunks/index.js +1 -1
- package/dist/packem_chunks/keys-refresh.js +1 -1
- package/dist/packem_chunks/list.js +1 -1
- package/dist/packem_chunks/run.js +1 -1
- package/dist/packem_chunks/sync.js +1 -1
- package/dist/packem_chunks/sync2.js +1 -1
- package/dist/packem_chunks/verify-lockfile.js +1 -1
- package/dist/packem_shared/{ai-analysis-KP8b5lc0.js → ai-analysis-3QD_RS6F.js} +1 -1
- package/dist/packem_shared/{ai-fix-BkPUHA0z.js → ai-fix-TsjDQz_0.js} +3 -3
- package/dist/packem_shared/{cyclonedx-BilSFCNY.js → cyclonedx-zf9R2jCs.js} +1 -1
- package/dist/packem_shared/{dependency-scan-BUbOcMwX.js → dependency-scan-B70azq4x.js} +1 -1
- package/dist/packem_shared/{failure-log-34Wl3npC.js → failure-log-Dxafk3t4.js} +2 -2
- package/dist/packem_shared/index-BpbjpCNL.js +1 -0
- package/dist/packem_shared/{index-ClJtJDdT.js → index-di3jpyZS.js} +1 -1
- package/dist/packem_shared/{lifecycle-Buigdp7P.js → lifecycle-DvVTL8nx.js} +2 -2
- package/dist/packem_shared/{lockfile-CrT86D6d.js → lockfile-CedmXr44.js} +1 -1
- package/dist/packem_shared/{min-release-age-BPVXwPUg.js → min-release-age-DKMW2N_v.js} +1 -1
- package/dist/packem_shared/missing-package-json-DKAwoiWK.js +1 -0
- package/dist/packem_shared/{native-config-sync-BRZZetn3.js → native-config-sync-DBkJ-hsF.js} +1 -1
- package/dist/packem_shared/{provenance-D8vU1u2L.js → provenance-Cu6VR1Hy.js} +1 -1
- package/dist/packem_shared/{registry-keys-E3cZn4FI.js → registry-keys-CuBAVdsk.js} +1 -1
- package/dist/packem_shared/{resolve-explicit-cPzwdiEE.js → resolve-explicit-Xue0oq8V.js} +1 -1
- package/dist/packem_shared/{s1ngularity-DBcjspCC.js → s1ngularity-adnHbyTd.js} +1 -1
- package/dist/packem_shared/{scan-progress-CTVVf9WW.js → scan-progress-lZdk5KJ-.js} +1 -1
- package/dist/packem_shared/{signatures-ChTfrQvT.js → signatures-FGbYV5QE.js} +1 -1
- package/dist/packem_shared/{spinner-C8xs6QZv.js → spinner-0acw5pd_.js} +1 -1
- package/dist/packem_shared/{tabs-xZkm6Y_J.js → tabs-zUSdR1HI.js} +1 -1
- package/dist/packem_shared/{use-measured-height-Lea6TCVD.js → use-measured-height-DyCBfLtu.js} +1 -1
- package/dist/packem_shared/{verify-cLcZwKqe.js → verify-BYzxSKWD.js} +1 -1
- package/dist/packem_shared/{vis-update-app-BCKzlqj8.js → vis-update-app-D0QyGneK.js} +1 -1
- package/dist/packem_shared/{watch-loop-BpA_pxU9.js → watch-loop-jmQQl2Qe.js} +2 -2
- package/index.js +52 -52
- package/package.json +9 -9
- package/schemas/vis-config.schema.json +34 -7
- package/dist/packem_shared/index-BnANMQ7k.js +0 -1
|
@@ -1840,7 +1840,7 @@
|
|
|
1840
1840
|
},
|
|
1841
1841
|
"staged": {
|
|
1842
1842
|
"$ref": "#/$defs/StagedConfig",
|
|
1843
|
-
"description": "Staged file patterns and commands (replaces lint-staged).\n\nAccepts all lint-staged config forms:\n- `string` or `string[]` commands\n- Sync/async functions returning `string | string[]`\n- `{ title, task }` objects for named side-effect tasks\n- Mixed arrays of strings and functions\n- A top-level generate-task function"
|
|
1843
|
+
"description": "Staged file patterns and commands (replaces lint-staged).\n\nAccepts all lint-staged config forms:\n- `string` or `string[]` commands\n- Sync/async functions returning `string | string[]`\n- `{ title, task }` objects for named side-effect tasks\n- `{ command, perPackage }` to run a command once per owning workspace package (cwd = that package dir), and `{ command, cwd }` to pin a command to a fixed directory\n- Mixed arrays of strings and functions\n- A top-level generate-task function"
|
|
1844
1844
|
},
|
|
1845
1845
|
"strictEnv": {
|
|
1846
1846
|
"type": "boolean",
|
|
@@ -2100,6 +2100,10 @@
|
|
|
2100
2100
|
"not": {},
|
|
2101
2101
|
"description": "Plugin extension point invoked during task fingerprinting. Fires once per task after the built-in inputs (filesets, runtime, env) have been gathered and before the hash is sealed. Contributions made through the supplied {@link FingerprintContributor } are mixed deterministically into the final hash.\n\nThrowing aborts fingerprinting for that task — the task fails before any cache lookup runs, so a buggy plugin can't silently corrupt cache state.\n\nWired by `vis` to bridge into the `task:fingerprint` hook; standalone task-runner consumers can pass a callback directly."
|
|
2102
2102
|
},
|
|
2103
|
+
"onDiagnostic": {
|
|
2104
|
+
"not": {},
|
|
2105
|
+
"description": "Non-fatal diagnostic sink, forwarded to the task hasher. Fires when a cacheable task's file-set inputs resolve to zero files (the signature of a dropped `namedInputs`, a wrong `{projectRoot}`, or a glob matching nothing — a task that will reuse one cache entry forever). `vis` wires this to its logger."
|
|
2106
|
+
},
|
|
2103
2107
|
"parallel": {
|
|
2104
2108
|
"type": [
|
|
2105
2109
|
"number",
|
|
@@ -4937,10 +4941,7 @@
|
|
|
4937
4941
|
"StagedTask": {
|
|
4938
4942
|
"anyOf": [
|
|
4939
4943
|
{
|
|
4940
|
-
"
|
|
4941
|
-
"items": {
|
|
4942
|
-
"type": "string"
|
|
4943
|
-
}
|
|
4944
|
+
"$ref": "#/$defs/CommandTask"
|
|
4944
4945
|
},
|
|
4945
4946
|
{
|
|
4946
4947
|
"type": "string"
|
|
@@ -4948,11 +4949,37 @@
|
|
|
4948
4949
|
{
|
|
4949
4950
|
"type": "array",
|
|
4950
4951
|
"items": {
|
|
4951
|
-
"
|
|
4952
|
+
"anyOf": [
|
|
4953
|
+
{
|
|
4954
|
+
"$ref": "#/$defs/CommandTask"
|
|
4955
|
+
},
|
|
4956
|
+
{
|
|
4957
|
+
"type": "string"
|
|
4958
|
+
}
|
|
4959
|
+
]
|
|
4952
4960
|
}
|
|
4953
4961
|
}
|
|
4954
4962
|
],
|
|
4955
|
-
"description": "A task value as authored by the user. Command strings are split into argv and invoked with the matched file paths appended. Arrays run serially. Functions receive the matched paths and return further task values (possibly async). `{ title, task }` objects run `task` directly with no argv construction."
|
|
4963
|
+
"description": "A task value as authored by the user. Command strings are split into argv and invoked with the matched file paths appended. `{ command, … }` objects do the same with per-task execution options (cwd / perPackage). Arrays run serially. Functions receive the matched paths and return further task values (possibly async). `{ title, task }` objects run `task` directly with no argv construction."
|
|
4964
|
+
},
|
|
4965
|
+
"CommandTask": {
|
|
4966
|
+
"type": "object",
|
|
4967
|
+
"properties": {
|
|
4968
|
+
"command": {
|
|
4969
|
+
"type": "string"
|
|
4970
|
+
},
|
|
4971
|
+
"cwd": {
|
|
4972
|
+
"type": "string"
|
|
4973
|
+
},
|
|
4974
|
+
"perPackage": {
|
|
4975
|
+
"type": "boolean"
|
|
4976
|
+
}
|
|
4977
|
+
},
|
|
4978
|
+
"required": [
|
|
4979
|
+
"command"
|
|
4980
|
+
],
|
|
4981
|
+
"additionalProperties": false,
|
|
4982
|
+
"description": "Object form of a command task. Unlike a bare command string it carries execution options:\n\n- `perPackage` runs the command once per workspace package that owns the matched files, with `cwd` set to that package's directory and file paths made relative to it. Use it for tools that resolve their config or plugins from the nearest `package.json` — e.g. eslint with a cwd-sensitive shareable config. Files that sit under no workspace package fall back to a single run from the workspace root.\n- `cwd` pins the command to a fixed directory (relative to the workspace root, or absolute) and passes the matched files as absolute paths so they resolve regardless of where the command runs. Ignored when `perPackage` is set — that derives the cwd per package instead.\n\nA command task is distinguished from {@link CustomTask } by carrying a `command` string and no `task` function."
|
|
4956
4983
|
}
|
|
4957
4984
|
}
|
|
4958
4985
|
}
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
var D=Object.defineProperty;var v=(t,e)=>D(t,"name",{value:e,configurable:!0});import{m as w,D as C,g as S,f as A}from"./provenance-D8vU1u2L.js";import{$ as m}from"../packem_chunks/bin.js";import{x as W}from"./build-scripts-DE6U8jVq.js";import{n as b}from"./license-zZU7aavK.js";import{a as j,C as F,B as U}from"./readFileSync-DseCu8sg-DEq4Fn3a.js";import{S as E}from"./lockfile-CrT86D6d.js";import{L as N}from"./dependency-scan-BUbOcMwX.js";var I=Object.defineProperty,L=v((t,e)=>I(t,"name",{value:e,configurable:!0}),"i");const g={CRITICAL:0,HIGH:1,LOW:3,MODERATE:2,UNKNOWN:4},we=L((t,e)=>{const i=g[(t.vulnerability.severity??"UNKNOWN").toUpperCase()]??4,n=g[(e.vulnerability.severity??"UNKNOWN").toUpperCase()]??4;return i-n||t.packageName.localeCompare(e.packageName)||t.packageVersion.localeCompare(e.packageVersion)},"compareFindingsForDisplay"),M=L((t,e)=>{const i=g[e.toUpperCase()]??2;return(g[t.toUpperCase()]??4)<=i},"severityPassesFilter"),P=["firstSeen","installScripts","license","malware","publisherChange","score","unexpectedDeps","vulnerability"];var V=Object.defineProperty,R=v((t,e)=>V(t,"name",{value:e,configurable:!0}),"r");const $=6e4,_=R((t,e,i)=>{for(const n of i)if(n===t||n===`${t}@${e}`||n.endsWith("*")&&t.startsWith(n.slice(0,-1)))return!0;return!1},"isExcluded"),T=R(async(t,e)=>{const i=e.security?.policies?.firstSeen;if(i?.minutes===void 0||i.minutes<=0)return[];const{minutes:n}=i,a=i.exclude??[],o=e.security?.acceptedRisks,c=n*$,s=Date.now();return(await w(t.packages,C,async r=>{if(_(r.name,r.version,a))return;const l=await S(r.name,{workspaceRoot:t.workspaceRoot});if(l===void 0)return;const p=l.time?.[r.version];if(p===void 0)return;const u=Date.parse(p);if(Number.isNaN(u))return;const f=s-u;if(f>=c)return;const k=Math.max(0,Math.floor(f/$));return{acceptedRisk:m(r.name,r.version,o,"firstSeen"),data:{ageMinutes:k,minimumMinutes:n,publishedAt:p},packageName:r.name,policy:"firstSeen",reason:`${r.name}@${r.version} was published ${String(k)} min ago — below the ${String(n)} min firstSeen cooldown.`,severity:"block",version:r.version}})).filter(r=>r!==void 0)},"evaluateFirstSeenPolicy");var K=Object.defineProperty,H=v((t,e)=>K(t,"name",{value:e,configurable:!0}),"n");const q=H((t,e)=>{const i=e.security?.policies?.installScripts;if(!i)return[];const n=i.allow??{},a=i.strict===!0;if(!a&&Object.keys(n).length===0)return[];const o=W(t.workspaceRoot,n,{pinVersions:e.security?.pinVersions===!0});if(o.unapproved.length===0)return[];const c=e.security?.acceptedRisks,s=a?"block":"warn";return o.unapproved.map(r=>({acceptedRisk:m(r.name,r.version??"*",c,"installScripts"),data:{hooks:r.hooks},packageName:r.name,policy:"installScripts",reason:`${r.name}${r.version?`@${r.version}`:""} declares unapproved build script(s): ${r.hooks.join(", ")}`,severity:s,version:r.version??"*"}))},"evaluateInstallScriptsPolicy");var z=Object.defineProperty,y=v((t,e)=>z(t,"name",{value:e,configurable:!0}),"a");const Y=new Set(["AND","OR"]),B=y(t=>{const e=t.replaceAll("("," ").replaceAll(")"," ").split(/\s+/).map(a=>a.trim()).filter(a=>a.length>0),i=[];let n=!1;for(const a of e){const o=a.toUpperCase();if(n){n=!1;continue}if(o==="WITH"){n=!0;continue}if(Y.has(o))continue;const c=a.endsWith("+"),s=c?a.slice(0,-1):a,r=b(s)??s;i.push(r),c&&i.push(`${r}-or-later`)}return i},"extractSpdxLeaves"),G=y(t=>{if(typeof t.license=="string"){const e=t.license.trim();return e.length>0?e:void 0}if(t.license&&typeof t.license=="object"&&typeof t.license.type=="string"){const e=t.license.type.trim();if(e.length>0)return e}if(Array.isArray(t.licenses)&&t.licenses.length>0){const e=t.licenses.map(i=>i&&typeof i.type=="string"?i.type.trim():"").filter(i=>i.length>0);if(e.length>0)return e.length===1?e[0]:`(${e.join(" OR ")})`}},"declaredLicense"),J=y((t,e)=>{if(e.length===0)return;const i=new Set(e.map(n=>b(n)??n).map(n=>n.toLowerCase()));for(const n of t)if(i.has(n.toLowerCase()))return n},"findDeniedLeaf"),Q=y((t,e)=>{if(e.length===0)return;const i=new Set(e.map(n=>b(n)??n).map(n=>n.toLowerCase()));for(const n of t)if(!i.has(n.toLowerCase()))return n},"findUnallowedLeaf"),X=y((t,e)=>{const i=e.security?.policies?.license;if(!i)return[];const n=i.allow??[],a=i.deny??[];if(n.length===0&&a.length===0)return[];const o=e.security?.acceptedRisks,c=[];for(const s of t.packages){const r=t.manifestData?.get(`${s.name}@${s.version}`),l=r?G(r):void 0;if(!l){n.length>0&&c.push({acceptedRisk:m(s.name,s.version,o,"license"),data:{declaredLicense:null},packageName:s.name,policy:"license",reason:`${s.name}@${s.version} declares no license; allow-list mode requires one of: ${n.join(", ")}`,severity:"block",version:s.version});continue}const p=B(l),u=J(p,a);if(u){c.push({acceptedRisk:m(s.name,s.version,o,"license"),data:{declaredLicense:l,deniedLicense:u},packageName:s.name,policy:"license",reason:`${s.name}@${s.version} uses denied license '${u}' (declared: ${l})`,severity:"block",version:s.version});continue}const f=Q(p,n);f&&c.push({acceptedRisk:m(s.name,s.version,o,"license"),data:{allowList:n,declaredLicense:l,unallowedLicense:f},packageName:s.name,policy:"license",reason:`${s.name}@${s.version} uses license '${f}' which is not on the allow-list (declared: ${l})`,severity:"block",version:s.version})}return c},"evaluateLicensePolicy");var Z=Object.defineProperty,O=v((t,e)=>Z(t,"name",{value:e,configurable:!0}),"c$1");const ee=6e4,te=O((t,e,i)=>{for(const n of i)if(n===t||n===`${t}@${e}`||n.endsWith("*")&&t.startsWith(n.slice(0,-1)))return!0;return!1},"isExcluded"),ie=O(async(t,e)=>{const i=e.security?.policies?.publisherChange;if(i?.mode!=="no-downgrade")return[];const n=i.exclude??[],a=typeof i.ignoreAfter=="number"?i.ignoreAfter*ee:void 0,o=e.security?.acceptedRisks,c=Date.now();return(await w(t.packages,C,async s=>{if(te(s.name,s.version,n))return;const r=await S(s.name,{workspaceRoot:t.workspaceRoot});if(r===void 0)return;if(a!==void 0){const p=r.time?.[s.version],u=p===void 0?Number.NaN:Date.parse(p);if(!Number.isNaN(u)&&c-u>a)return}if(r.versions[s.version]?.dist?.attestations?.provenance!==void 0)return;const l=A(r,s.version);if(l!==void 0)return{acceptedRisk:m(s.name,s.version,o,"publisherChange"),data:{priorVersionWithProvenance:l},packageName:s.name,policy:"publisherChange",reason:`${s.name}@${s.version} dropped the provenance attestation that ${s.name}@${l} carried — publisher trust downgrade.`,severity:"block",version:s.version}})).filter(s=>s!==void 0)},"evaluatePublisherChangePolicy");var ne=Object.defineProperty,h=v((t,e)=>ne(t,"name",{value:e,configurable:!0}),"l$1");const se=h(t=>{for(const e of Object.values(N))for(const i of[e.file,...e.aliases??[]])if(t===i||t.endsWith(`/${i}`)||t.endsWith(`.${i}`))return e.type},"detectLockfileType"),re=h((t,e,i)=>{const n=j(e)?e:F(t,e);let a;try{a=U(n)}catch{return}const o=se(n)??N[i]?.type;if(!o)return;const c=E(a,o);if(c.length===0)return;const s=new Set;for(const r of c)s.add(`${r.name}@${r.version}`);return s},"loadBaselineKeys"),oe=h((t,e)=>{for(const i of e)if(i===t||i.endsWith("*")&&t.startsWith(i.slice(0,-1)))return!0;return!1},"matchesAllowList"),ae=h((t,e)=>{const i=e.security?.policies?.unexpectedDeps;if(!i)return[];const n=i.allow??[],a=i.baselineLockfile;if(n.length===0&&!a)return[];const o=a?re(t.workspaceRoot,a,t.packageManager):void 0,c=e.security?.acceptedRisks,s=[];for(const r of t.packages){const l=n.length===0||oe(r.name,n),p=o?o.has(`${r.name}@${r.version}`):!0;if(l&&p)continue;const u=[],f={};l||(u.push(`not on allow-list (${n.length} entr${n.length===1?"y":"ies"})`),f.allowList=n),!p&&o&&(u.push(`not present in baseline lockfile (${a})`),f.baselineLockfile=a),s.push({acceptedRisk:m(r.name,r.version,c,"unexpectedDeps"),data:f,packageName:r.name,policy:"unexpectedDeps",reason:`${r.name}@${r.version} is unexpected: ${u.join("; ")}`,severity:"block",version:r.version})}return s},"evaluateUnexpectedDepsPolicy");var ce=Object.defineProperty,le=v((t,e)=>ce(t,"name",{value:e,configurable:!0}),"c");const ue=le((t,e)=>{if(!t.osvFindings||t.osvFindings.size===0)return[];const i=e.security?.policies?.vulnerability?.failOn,n=e.security?.acceptedRisks,a=[];for(const o of t.packages){const c=t.osvFindings.get(o.name);if(!(!c||c.length===0))for(const s of c){const r=i?M(s.severity,i)?"block":"warn":"info";a.push({acceptedRisk:m(o.name,o.version,n,"vulnerability"),data:{advisoryId:s.id,aliases:s.aliases??[],cvssScore:s.cvssScore,fixedVersions:s.fixedVersions,severity:s.severity,summary:s.summary},packageName:o.name,policy:"vulnerability",reason:`${s.severity} ${s.id} affects ${o.name}@${o.version}: ${s.summary}`,severity:r,version:o.version})}}return a},"evaluateVulnerabilityPolicy");var pe=Object.defineProperty,d=v((t,e)=>pe(t,"name",{value:e,configurable:!0}),"t");const x=[{evaluate:ue,isConfigured:d(t=>t.security?.policies?.vulnerability!==void 0,"isConfigured"),name:"vulnerability",offlineSupported:!0,surfaces:["audit","doctor"]},{evaluate:X,isConfigured:d(t=>{const e=t.security?.policies?.license;return!!(e&&(e.allow&&e.allow.length>0||e.deny&&e.deny.length>0))},"isConfigured"),name:"license",offlineSupported:!0,surfaces:["audit","doctor","install"]},{evaluate:q,isConfigured:d(t=>{const e=t.security?.policies?.installScripts;return!!(e&&(e.allow&&Object.keys(e.allow).length>0||e.strict===!0))},"isConfigured"),name:"installScripts",offlineSupported:!0,surfaces:["audit","doctor","install"]},{evaluate:ae,isConfigured:d(t=>{const e=t.security?.policies?.unexpectedDeps;return!!(e&&(e.allow&&e.allow.length>0||typeof e.baselineLockfile=="string"))},"isConfigured"),name:"unexpectedDeps",offlineSupported:!0,surfaces:["audit","doctor","install"]},{evaluate:T,isConfigured:d(t=>{const e=t.security?.policies?.firstSeen?.minutes;return typeof e=="number"&&e>0},"isConfigured"),name:"firstSeen",offlineSupported:!1,surfaces:["audit","doctor","install"]},{evaluate:ie,isConfigured:d(t=>t.security?.policies?.publisherChange?.mode==="no-downgrade","isConfigured"),name:"publisherChange",offlineSupported:!1,surfaces:["audit","doctor","install"]}],fe=d((t,e,i)=>x.filter(n=>n.surfaces.includes(t)?i!==void 0?i.has(n.name):n.isConfigured(e):!1),"selectModules"),Ce=d(async(t,e,i)=>{const n=fe(e,i.visConfig,i.enabledPolicies),a=[];for(const o of n){if(t.offline&&!o.offlineSupported){a.push({packageName:"*",policy:o.name,reason:`policy.${o.name} skipped: requires network (--offline)`,severity:"info",version:"*"});continue}try{const c=await o.evaluate(t,i.visConfig);a.push(...c)}catch(c){const s=c instanceof Error?c.message:String(c);a.push({packageName:"*",policy:o.name,reason:`policy.${o.name} failed: ${s}`,severity:"info",version:"*"})}}return a},"evaluatePolicies"),de=(()=>{const t=new Map;for(const e of P)t.set(e.toLowerCase(),e);return t})(),Se=d(()=>x.map(t=>t.name),"getRegisteredPolicyNames"),Ne=d((t,e)=>{if(t===void 0)return;const i=t.trim().toLowerCase();if(i===""||i==="none")return new Set;if(i==="all")return new Set(P);const n=new Set;for(const a of t.split(",").map(o=>o.trim()).filter(o=>o.length>0)){const o=a.replace(/^_+/,"").replaceAll(/_+([a-z])/g,(s,r)=>r.toUpperCase()),c=de.get(o.toLowerCase());c===void 0?e?.(a):n.add(c)}return n},"parsePoliciesFlag");export{we as c,Ce as e,Se as g,Ne as p,M as s};
|