@visulima/vis 1.0.0-alpha.4 → 1.0.0-alpha.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (9) hide show
  1. package/CHANGELOG.md +23 -0
  2. package/dist/bin.js +202 -195
  3. package/dist/catalog.d.ts +22 -4
  4. package/dist/config.d.ts +1 -1
  5. package/dist/config.js +1 -1
  6. package/dist/tui/components/update/PackageListPanel.d.ts +4 -1
  7. package/dist/tui/components/update/VisUpdateApp.d.ts +8 -1
  8. package/dist/workspace.d.ts +40 -0
  9. package/package.json +11 -11
package/dist/catalog.d.ts CHANGED
@@ -25,11 +25,16 @@ interface CatalogCheckOptions {
25
25
  exclude: string[];
26
26
  ignore: string[];
27
27
  include: string[];
28
+ includeLocked: boolean;
28
29
  includePrerelease: boolean;
30
+ minimumReleaseAge?: number;
31
+ minimumReleaseAgeExclude?: string[];
32
+ packageMode?: Record<string, UpdateTarget>;
29
33
  security?: boolean;
30
34
  target: UpdateTarget;
31
35
  }
32
36
  interface ReadCatalogOptions {
37
+ depFields?: string[];
33
38
  dev?: boolean;
34
39
  prod?: boolean;
35
40
  }
@@ -77,19 +82,32 @@ declare const getRegistryForPackage: (packageName: string, config: NpmrcConfig)
77
82
  };
78
83
  interface RegistryVersionInfo {
79
84
  latest: string;
85
+ /** Map of version string to ISO publish time (populated when minimumReleaseAge is set). */
86
+ publishTimes?: Map<string, string>;
80
87
  versions: string[];
81
88
  }
82
89
  declare const fetchPackageVersions: (packageName: string, registryConfig?: {
83
90
  authToken?: string;
84
91
  url: string;
85
- }, timeoutMs?: number) => Promise<RegistryVersionInfo>;
92
+ }, timeoutMs?: number, fetchPublishTimes?: boolean) => Promise<RegistryVersionInfo>;
86
93
  declare const fetchVulnerabilities: (packages: {
87
94
  name: string;
88
95
  version: string;
89
96
  }[], timeoutMs?: number) => Promise<Map<string, SecurityVulnerability[]>>;
90
- declare const findTargetVersion: (versions: string[], latest: string, currentRange: string, target: UpdateTarget, includePrerelease: boolean) => string | undefined;
97
+ declare const resolvePackageTarget: (packageName: string, globalTarget: UpdateTarget, packageMode?: Record<string, UpdateTarget>) => UpdateTarget;
98
+ interface MaturityOptions {
99
+ minimumReleaseAge?: number;
100
+ minimumReleaseAgeExclude?: string[];
101
+ packageName?: string;
102
+ publishTimes?: Map<string, string>;
103
+ }
104
+ declare const findTargetVersion: (versions: string[], latest: string, currentRange: string, target: UpdateTarget, includePrerelease: boolean, maturity?: MaturityOptions) => string | undefined;
91
105
  interface CheckOutdatedResult {
106
+ /** Total number of unique packages checked (after filtering). */
107
+ checkedCount: number;
92
108
  failed: string[];
109
+ /** Packages that have newer versions on "latest" but were excluded by the target constraint. */
110
+ filteredByTarget: OutdatedEntry[];
93
111
  ignored: string[];
94
112
  outdated: OutdatedEntry[];
95
113
  }
@@ -114,5 +132,5 @@ interface ChangelogInfo {
114
132
  repoUrl?: string;
115
133
  }
116
134
  declare const fetchChangelogInfo: (packages: OutdatedEntry[], timeoutMs?: number) => Promise<ChangelogInfo[]>;
117
- export type { CatalogCheckOptions, CatalogProvider, ChangelogInfo, CheckOutdatedResult, NpmrcConfig, OutdatedEntry, OutputFormat, ReadCatalogOptions, SecurityVulnerability, SocketReport, UpdateTarget, };
118
- export { applyCatalogUpdates, applyPackageJsonUpdates, checkOutdated, createBackup, detectJsonIndent, extractPrefix, fetchChangelogInfo, fetchPackageVersions, fetchVulnerabilities, findTargetVersion, formatOutdatedJson, formatOutdatedMinimal, formatOutdatedTable, formatSummary, getRegistryForPackage, getUpdateType, groupByCatalog, hasBackup, hasCatalogs, hasPackageJsonDeps, isNewer, loadNpmrc, matchesFilters, matchesPattern, parseBunCatalogs, parseCatalogsFromYaml, parseCompositeCatalogName, parseNpmrc, parseVersion, promptPackageSelection, readCatalogs, readPackageJsonDeps, restoreFromBackup, toFilterArray, };
135
+ export type { CatalogCheckOptions, CatalogProvider, ChangelogInfo, CheckOutdatedResult, MaturityOptions, NpmrcConfig, OutdatedEntry, OutputFormat, ReadCatalogOptions, SecurityVulnerability, SocketReport, UpdateTarget, };
136
+ export { applyCatalogUpdates, applyPackageJsonUpdates, checkOutdated, createBackup, detectJsonIndent, extractPrefix, fetchChangelogInfo, fetchPackageVersions, fetchVulnerabilities, findTargetVersion, formatOutdatedJson, formatOutdatedMinimal, formatOutdatedTable, formatSummary, getRegistryForPackage, getUpdateType, groupByCatalog, hasBackup, hasCatalogs, hasPackageJsonDeps, isNewer, loadNpmrc, matchesFilters, matchesPattern, parseBunCatalogs, parseCatalogsFromYaml, parseCompositeCatalogName, parseNpmrc, parseVersion, promptPackageSelection, readCatalogs, readPackageJsonDeps, resolvePackageTarget, restoreFromBackup, toFilterArray, };
package/dist/config.d.ts CHANGED
@@ -8,7 +8,7 @@ declare const CONFIG_FILES: string[];
8
8
  * Users can override any value — their settings always take precedence.
9
9
  * @see https://github.com/lirantal/awesome-npm-security-best-practices
10
10
  */
11
- declare const SECURITY_DEFAULTS: Required<Pick<NonNullable<VisConfig["security"]>, "blockExoticSubdeps" | "minimumReleaseAge" | "strictDepBuilds" | "trustPolicy" | "trustPolicyIgnoreAfter">>;
11
+ declare const SECURITY_DEFAULTS: Required<Pick<NonNullable<VisConfig["security"]>, "blockExoticSubdeps" | "strictDepBuilds" | "trustPolicy" | "trustPolicyIgnoreAfter">>;
12
12
  /**
13
13
  * Apply secure defaults to a raw config object.
14
14
  * Merges `SECURITY_DEFAULTS` into `config.security`, preserving all user overrides.
package/dist/config.js CHANGED
@@ -1 +1 @@
1
- var h=Object.defineProperty;var u=(e,t)=>h(e,"name",{value:t,configurable:!0});import{createRequire as C}from"node:module";import{findCacheDirSync as w}from"@visulima/find-cache-dir";import{ensureDirSync as p,isAccessibleSync as D,readJsonSync as I,writeJsonSync as x}from"@visulima/fs";import{join as o,dirname as E}from"@visulima/path";import{createJiti as P}from"jiti";const v=C(import.meta.url),r=typeof globalThis<"u"&&typeof globalThis.process<"u"?globalThis.process:process,d=u(e=>{if(typeof r<"u"&&r.versions&&r.versions.node){const[t,s]=r.versions.node.split(".").map(Number);if(t>22||t===22&&s>=3||t===20&&s>=16)return r.getBuiltinModule(e)}return v(e)},"__cjs_getBuiltinModule"),{createHash:_}=d("node:crypto"),{existsSync:y,readFileSync:S,copyFileSync:j,unlinkSync:b}=d("node:fs"),{tmpdir:F}=d("node:os");var T=Object.defineProperty,i=u((e,t)=>T(e,"name",{value:t,configurable:!0}),"e");const A=["vis.config.ts","vis.config.mts","vis.config.cts","vis.config.js","vis.config.mjs","vis.config.cjs"],J={blockExoticSubdeps:!0,minimumReleaseAge:20160,strictDepBuilds:!0,trustPolicy:"no-downgrade",trustPolicyIgnoreAfter:43200},R=i(e=>({...J,...e}),"mergeSecurityDefaults"),l=i(e=>({...e,security:R(e.security),update:{security:!0,target:"minor",...e.update}}),"applyDefaults"),V=i(e=>{for(const t of A){const s=o(e,t);if(y(s))return s}},"findVisConfigFile"),k=i(e=>_("sha256").update(S(e)).digest("hex"),"hashFileContents"),q=i(e=>{const t=o(e,"node_modules");if(y(t)){const n=o(t,".cache","vis");return p(n),o(n,"vis-config-cache.json")}const s=w("vis",{create:!0,cwd:e});return s?o(s,"vis-config-cache.json"):void 0},"getConfigCachePath"),B=i((e,t)=>{if(D(e))try{const s=I(e);if(s.hash===t)return s.config}catch{}},"readConfigCache"),N=i((e,t,s)=>{try{p(E(e)),x(e,{config:s,hash:t})}catch{}},"writeConfigCache"),H=i(async e=>{const t=V(e);if(!t)return l({});const s=k(t),n=q(e);if(n){const g=B(n,s);if(g)return g}const m=t.slice(t.lastIndexOf(".")),a=o(F(),`vis-config-${s}${m}`);j(t,a);let c;try{c=await P(e,{fsCache:!1,moduleCache:!1}).import(a,{default:!0,try:!0})??{}}finally{try{b(a)}catch{}}let f;return f=l(typeof c=="function"?await c()??{}:c),n&&N(n,s,f),f},"loadVisConfig"),Y=i(e=>l(e),"defineConfig");export{A as CONFIG_FILES,J as SECURITY_DEFAULTS,l as applyDefaults,Y as defineConfig,V as findVisConfigFile,H as loadVisConfig};
1
+ var m=Object.defineProperty;var u=(e,t)=>m(e,"name",{value:t,configurable:!0});import{createRequire as C}from"node:module";import{findCacheDirSync as w}from"@visulima/find-cache-dir";import{ensureDirSync as p,isAccessibleSync as D,readJsonSync as x,writeJsonSync as E}from"@visulima/fs";import{join as o,dirname as I}from"@visulima/path";import{createJiti as P}from"jiti";const v=C(import.meta.url),r=typeof globalThis<"u"&&typeof globalThis.process<"u"?globalThis.process:process,d=u(e=>{if(typeof r<"u"&&r.versions&&r.versions.node){const[t,s]=r.versions.node.split(".").map(Number);if(t>22||t===22&&s>=3||t===20&&s>=16)return r.getBuiltinModule(e)}return v(e)},"__cjs_getBuiltinModule"),{createHash:_}=d("node:crypto"),{existsSync:y,readFileSync:S,copyFileSync:j,unlinkSync:b}=d("node:fs"),{tmpdir:F}=d("node:os");var T=Object.defineProperty,n=u((e,t)=>T(e,"name",{value:t,configurable:!0}),"e");const A=["vis.config.ts","vis.config.mts","vis.config.cts","vis.config.js","vis.config.mjs","vis.config.cjs"],J={blockExoticSubdeps:!0,strictDepBuilds:!0,trustPolicy:"no-downgrade",trustPolicyIgnoreAfter:43200},V=n(e=>({...J,...e}),"mergeSecurityDefaults"),l=n(e=>({...e,security:V(e.security),update:{security:!0,target:"minor",...e.update}}),"applyDefaults"),k=n(e=>{for(const t of A){const s=o(e,t);if(y(s))return s}},"findVisConfigFile"),q=n(e=>_("sha256").update(S(e)).digest("hex"),"hashFileContents"),B=n(e=>{const t=o(e,"node_modules");if(y(t)){const i=o(t,".cache","vis");return p(i),o(i,"vis-config-cache.json")}const s=w("vis",{create:!0,cwd:e});return s?o(s,"vis-config-cache.json"):void 0},"getConfigCachePath"),N=n((e,t)=>{if(D(e))try{const s=x(e);if(s.hash===t)return s.config}catch{}},"readConfigCache"),O=n((e,t,s)=>{try{p(I(e)),E(e,{config:s,hash:t})}catch{}},"writeConfigCache"),H=n(async e=>{const t=k(e);if(!t)return l({});const s=q(t),i=B(e);if(i){const g=N(i,s);if(g)return g}const h=t.slice(t.lastIndexOf(".")),a=o(F(),`vis-config-${s}${h}`);j(t,a);let c;try{c=await P(e,{fsCache:!1,moduleCache:!1}).import(a,{default:!0,try:!0})??{}}finally{try{b(a)}catch{}}let f;return f=l(typeof c=="function"?await c()??{}:c),i&&O(i,s,f),f},"loadVisConfig"),Y=n(e=>l(e),"defineConfig");export{A as CONFIG_FILES,J as SECURITY_DEFAULTS,l as applyDefaults,Y as defineConfig,k as findVisConfigFile,H as loadVisConfig};
package/dist/tui/components/update/PackageListPanel.d.ts CHANGED
@@ -6,13 +6,16 @@ interface PackageListPanelProps {
6
6
  filterActive: boolean;
7
7
  filterText: string;
8
8
  filterType: FilterType;
9
+ filteredOutCount: number;
9
10
  focused: boolean;
10
11
  groupedByCatalog: Map<string, OutdatedEntry[]>;
11
12
  isDryRun: boolean;
12
13
  scrollOffset: number;
13
14
  selectedIndex: number;
15
+ totalCatalogEntries: number;
16
+ totalChecked: number;
14
17
  totalEntries: number;
15
18
  viewportHeight: number;
16
19
  }
17
- declare const PackageListPanel: ({ checkedEntries, entries, filterActive, filterText, filterType, focused, groupedByCatalog, isDryRun, scrollOffset, selectedIndex, totalEntries, viewportHeight, }: PackageListPanelProps) => React.JSX.Element;
20
+ declare const PackageListPanel: ({ checkedEntries, entries, filterActive, filterText, filterType, filteredOutCount, focused, groupedByCatalog, isDryRun, scrollOffset, selectedIndex, totalCatalogEntries, totalChecked, totalEntries, viewportHeight, }: PackageListPanelProps) => React.JSX.Element;
18
21
  export default PackageListPanel;
package/dist/tui/components/update/VisUpdateApp.d.ts CHANGED
@@ -1,11 +1,18 @@
1
1
  import React from "react";
2
+ import type { OutdatedEntry } from "../../../catalog.d.ts";
2
3
  import type { UpdateStore } from "./UpdateStore.d.ts";
3
4
  interface VisUpdateAppProps {
4
5
  /** 0 = no auto-exit (default), >0 = countdown seconds */
5
6
  autoExitSeconds?: number;
6
7
  changelogUrls?: Map<string, string>;
8
+ /** Total unique packages checked by the registry. */
9
+ checkedCount?: number;
10
+ /** Total catalog entries (before deduplication). */
11
+ totalCatalogEntries?: number;
12
+ /** Packages that have newer versions but were filtered out by the target constraint. */
13
+ filteredOutEntries?: OutdatedEntry[];
7
14
  isDryRun: boolean;
8
15
  store: UpdateStore;
9
16
  }
10
- declare const VisUpdateApp: ({ autoExitSeconds, changelogUrls, isDryRun, store }: VisUpdateAppProps) => React.JSX.Element;
17
+ declare const VisUpdateApp: ({ autoExitSeconds, changelogUrls, checkedCount, filteredOutEntries, isDryRun, store, totalCatalogEntries }: VisUpdateAppProps) => React.JSX.Element;
11
18
  export default VisUpdateApp;
package/dist/workspace.d.ts CHANGED
@@ -274,6 +274,15 @@ interface VisConfig {
274
274
  };
275
275
  /** Update command defaults */
276
276
  update?: {
277
+ /**
278
+ * Dependency fields to scan for outdated packages.
279
+ * Beyond the standard fields, supports:
280
+ * - `"overrides"` (npm)
281
+ * - `"resolutions"` (yarn)
282
+ * - `"pnpm.overrides"`
283
+ * @default ["dependencies", "devDependencies", "optionalDependencies", "peerDependencies"]
284
+ */
285
+ depFields?: string[];
277
286
  exclude?: string[];
278
287
  format?: "json" | "minimal" | "table";
279
288
  /**
@@ -284,7 +293,38 @@ interface VisConfig {
284
293
  */
285
294
  ignore?: string[];
286
295
  include?: string[];
296
+ /**
297
+ * Include packages with pinned/exact versions (no `^` or `~` prefix).
298
+ * By default, pinned versions are skipped during update checks.
299
+ * @default false
300
+ */
301
+ includeLocked?: boolean;
287
302
  install?: boolean;
303
+ /**
304
+ * Minimum number of minutes since a version was published before
305
+ * vis will consider it for updates. This mirrors pnpm's
306
+ * `minimumReleaseAge` — a single setting that applies to both
307
+ * install and update.
308
+ *
309
+ * Not set by default. If your package manager config
310
+ * (`pnpm-workspace.yaml`) has `minimumReleaseAge`, vis will
311
+ * read it from there as a fallback.
312
+ * @example 1440 // 24 hours
313
+ */
314
+ minimumReleaseAge?: number;
315
+ /**
316
+ * Package names/patterns excluded from the minimumReleaseAge check.
317
+ * @example ["webpack", "@myorg/*"]
318
+ */
319
+ minimumReleaseAgeExclude?: string[];
320
+ /**
321
+ * Per-package or per-pattern update target overrides.
322
+ * Keys are exact package names, glob patterns, or regex patterns
323
+ * wrapped in `/` (e.g., `/^@vue/`).
324
+ * Values are `"latest"`, `"minor"`, or `"patch"`.
325
+ * @example { "typescript": "minor", "/^@vue/": "patch" }
326
+ */
327
+ packageMode?: Record<string, "latest" | "minor" | "patch">;
288
328
  prerelease?: boolean;
289
329
  security?: boolean;
290
330
  target?: "latest" | "minor" | "patch";
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@visulima/vis",
3
- "version": "1.0.0-alpha.4",
3
+ "version": "1.0.0-alpha.5",
4
4
  "description": "A CLI task runner for monorepo workspaces, powered by @visulima/task-runner",
5
5
  "keywords": [
6
6
  "visulima",
@@ -69,13 +69,13 @@
69
69
  "@visulima/package": "5.0.0-alpha.7",
70
70
  "@visulima/path": "3.0.0-alpha.8",
71
71
  "@visulima/task-runner": "1.0.0-alpha.4",
72
- "@visulima/tui": "1.0.0-alpha.1",
72
+ "@visulima/tui": "1.0.0-alpha.2",
73
73
  "giget": "^3.2.0",
74
74
  "jiti": "^2.6.1",
75
75
  "lockparse": "^0.5.0",
76
76
  "module-replacements": "^2.11.0",
77
77
  "module-replacements-codemods": "^1.2.1",
78
- "react": "19.2.4",
78
+ "react": "19.2.5",
79
79
  "semver": "^7.7.1",
80
80
  "validate-npm-package-name": "^7.0.2"
81
81
  },
@@ -88,14 +88,14 @@
88
88
  }
89
89
  },
90
90
  "optionalDependencies": {
91
- "@visulima/vis-binding-darwin-arm64": "1.0.0-alpha.4",
92
- "@visulima/vis-binding-darwin-x64": "1.0.0-alpha.4",
93
- "@visulima/vis-binding-linux-arm64-gnu": "1.0.0-alpha.4",
94
- "@visulima/vis-binding-linux-arm64-musl": "1.0.0-alpha.4",
95
- "@visulima/vis-binding-linux-x64-gnu": "1.0.0-alpha.4",
96
- "@visulima/vis-binding-win32-arm64-msvc": "1.0.0-alpha.4",
97
- "@visulima/vis-binding-win32-x64-msvc": "1.0.0-alpha.4",
98
- "@visulima/vis-binding-linux-x64-musl": "1.0.0-alpha.4"
91
+ "@visulima/vis-binding-darwin-arm64": "1.0.0-alpha.5",
92
+ "@visulima/vis-binding-linux-arm64-gnu": "1.0.0-alpha.5",
93
+ "@visulima/vis-binding-linux-arm64-musl": "1.0.0-alpha.5",
94
+ "@visulima/vis-binding-darwin-x64": "1.0.0-alpha.5",
95
+ "@visulima/vis-binding-linux-x64-gnu": "1.0.0-alpha.5",
96
+ "@visulima/vis-binding-linux-x64-musl": "1.0.0-alpha.5",
97
+ "@visulima/vis-binding-win32-arm64-msvc": "1.0.0-alpha.5",
98
+ "@visulima/vis-binding-win32-x64-msvc": "1.0.0-alpha.5"
99
99
  },
100
100
  "engines": {
101
101
  "node": ">=22.13 <=25.x"