@visulima/vis 1.0.0-alpha.42 → 1.0.0-alpha.44
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +54 -0
- package/LICENSE.md +256 -0
- package/bin/resolve-binary.mjs +85 -0
- package/bin/vis.mjs +76 -0
- package/dist/bin.d.ts +1 -0
- package/dist/bin.js +1 -2
- package/dist/binx.js +1 -1
- package/dist/config/index.js +1 -1
- package/dist/packem_chunks/CONFIG_FILES.js +8 -0
- package/dist/packem_chunks/bloom-status.js +1 -1
- package/dist/packem_chunks/bloom-sync.js +1 -1
- package/dist/packem_chunks/catalog.js +113 -0
- package/dist/packem_chunks/cli-exec.js +1 -1
- package/dist/packem_chunks/cli-main.js +297 -434
- package/dist/packem_chunks/detect.js +3 -3
- package/dist/packem_chunks/dispatch.js +1 -1
- package/dist/packem_chunks/fix.js +1 -1
- package/dist/packem_chunks/handler.js +1 -1
- package/dist/packem_chunks/handler10.js +5 -1
- package/dist/packem_chunks/handler11.js +1 -5
- package/dist/packem_chunks/handler12.js +27 -1
- package/dist/packem_chunks/handler13.js +5 -27
- package/dist/packem_chunks/handler14.js +1 -5
- package/dist/packem_chunks/handler15.js +1 -1
- package/dist/packem_chunks/handler16.js +1 -1
- package/dist/packem_chunks/handler17.js +1 -1
- package/dist/packem_chunks/handler18.js +1 -1
- package/dist/packem_chunks/handler19.js +5 -1
- package/dist/packem_chunks/handler2.js +1 -1
- package/dist/packem_chunks/handler20.js +2 -5
- package/dist/packem_chunks/handler21.js +2 -2
- package/dist/packem_chunks/handler22.js +14 -2
- package/dist/packem_chunks/handler23.js +1 -5
- package/dist/packem_chunks/handler24.js +1 -1
- package/dist/packem_chunks/handler25.js +1 -1
- package/dist/packem_chunks/handler26.js +5 -1
- package/dist/packem_chunks/handler27.js +1 -5
- package/dist/packem_chunks/handler28.js +3 -1
- package/dist/packem_chunks/handler29.js +1 -3
- package/dist/packem_chunks/handler3.js +4 -1
- package/dist/packem_chunks/handler30.js +1 -1
- package/dist/packem_chunks/handler31.js +2 -1
- package/dist/packem_chunks/handler32.js +2 -2
- package/dist/packem_chunks/handler33.js +2 -2
- package/dist/packem_chunks/handler34.js +3 -2
- package/dist/packem_chunks/handler35.js +6 -3
- package/dist/packem_chunks/handler36.js +1 -6
- package/dist/packem_chunks/handler37.js +42 -1
- package/dist/packem_chunks/handler38.js +8 -42
- package/dist/packem_chunks/handler39.js +9 -8
- package/dist/packem_chunks/handler4.js +4 -4
- package/dist/packem_chunks/handler40.js +75 -9
- package/dist/packem_chunks/handler41.js +5 -75
- package/dist/packem_chunks/handler42.js +4 -5
- package/dist/packem_chunks/handler43.js +3 -4
- package/dist/packem_chunks/handler44.js +2 -3
- package/dist/packem_chunks/handler45.js +1 -2
- package/dist/packem_chunks/handler46.js +1 -1
- package/dist/packem_chunks/handler47.js +1 -1
- package/dist/packem_chunks/handler48.js +3 -1
- package/dist/packem_chunks/handler49.js +1 -3
- package/dist/packem_chunks/handler5.js +6 -4
- package/dist/packem_chunks/handler50.js +7 -1
- package/dist/packem_chunks/handler51.js +32 -6
- package/dist/packem_chunks/handler52.js +3 -33
- package/dist/packem_chunks/handler53.js +8 -3
- package/dist/packem_chunks/handler54.js +2 -6
- package/dist/packem_chunks/handler55.js +1 -4
- package/dist/packem_chunks/handler56.js +12 -1
- package/dist/packem_chunks/handler57.js +5 -12
- package/dist/packem_chunks/handler58.js +11 -5
- package/dist/packem_chunks/handler59.js +3 -11
- package/dist/packem_chunks/handler6.js +8 -6
- package/dist/packem_chunks/handler60.js +22 -3
- package/dist/packem_chunks/handler61.js +60 -21
- package/dist/packem_chunks/handler62.js +3 -61
- package/dist/packem_chunks/handler63.js +6 -3
- package/dist/packem_chunks/handler64.js +9 -6
- package/dist/packem_chunks/handler65.js +2 -9
- package/dist/packem_chunks/handler66.js +13 -13
- package/dist/packem_chunks/handler67.js +5 -5
- package/dist/packem_chunks/handler68.js +1 -1
- package/dist/packem_chunks/handler69.js +4 -4
- package/dist/packem_chunks/handler7.js +1 -8
- package/dist/packem_chunks/handler70.js +16 -17
- package/dist/packem_chunks/handler71.js +12 -12
- package/dist/packem_chunks/handler72.js +5 -5
- package/dist/packem_chunks/handler73.js +7 -7
- package/dist/packem_chunks/handler74.js +3 -3
- package/dist/packem_chunks/handler75.js +3 -3
- package/dist/packem_chunks/handler76.js +63 -63
- package/dist/packem_chunks/handler77.js +1 -1
- package/dist/packem_chunks/handler8.js +1 -1
- package/dist/packem_chunks/handler9.js +1 -1
- package/dist/packem_chunks/heal-accept.js +1 -1
- package/dist/packem_chunks/heal.js +1 -1
- package/dist/packem_chunks/help-command.js +1 -1
- package/dist/packem_chunks/index2.js +2 -2
- package/dist/packem_chunks/keys-refresh.js +1 -1
- package/dist/packem_chunks/lean.js +3 -3
- package/dist/packem_chunks/list.js +1 -1
- package/dist/packem_chunks/loader.js +1 -1
- package/dist/packem_chunks/loader2.js +1 -1
- package/dist/packem_chunks/orchestrator.js +19 -19
- package/dist/packem_chunks/prune.js +1 -1
- package/dist/packem_chunks/run.js +1 -1
- package/dist/packem_chunks/status.js +1 -1
- package/dist/packem_chunks/sync.js +1 -1
- package/dist/packem_chunks/sync2.js +1 -1
- package/dist/packem_chunks/tripwire.js +1 -1
- package/dist/packem_chunks/ts-loader.js +22 -2
- package/dist/packem_chunks/verify-lockfile.js +1 -1
- package/dist/packem_chunks/version-resolver.js +1 -1
- package/dist/packem_shared/{advisories-aiDtubZQ.js → advisories-CefYKEPe.js} +1 -1
- package/dist/packem_shared/{affected-shas-C1XuRlvo.js → affected-shas-CwRY5aoc.js} +1 -1
- package/dist/packem_shared/{ai-analysis-CubpCxZJ.js → ai-analysis-CO6S0afy.js} +7 -7
- package/dist/packem_shared/{ai-fix-Btd5AnSr.js → ai-fix-CI0Vvqld.js} +9 -9
- package/dist/packem_shared/augment-DaSS2Lgs.js +4 -0
- package/dist/packem_shared/bin-P6Q5tKrP.js +1 -0
- package/dist/packem_shared/{build-scripts-Doxce2VM.js → build-scripts-MTSK6TNr.js} +1 -1
- package/dist/packem_shared/{command-runtime-RiCMa2C8.js → command-runtime-BE-vKsGH.js} +1 -1
- package/dist/packem_shared/{cyclonedx-NUJ9R2GQ.js → cyclonedx-BeUmPgfO.js} +1 -1
- package/dist/packem_shared/dependency-scan-DpOFiZuI.js +1 -0
- package/dist/packem_shared/{docker-DKlF-gk3.js → docker-CViFYtmM.js} +1 -1
- package/dist/packem_shared/env-C2ZCnfP_.js +27 -0
- package/dist/packem_shared/failure-log-jFfZRJK9.js +2 -0
- package/dist/packem_shared/glob-fqg4KepW-1S3z30c8.js +1 -0
- package/dist/packem_shared/index-B0EsgdzO.js +1 -0
- package/dist/packem_shared/index-CE6MsgcV.js +22 -0
- package/dist/packem_shared/index-CQjzW7m8.js +1 -0
- package/dist/packem_shared/{index-Cb4x6lWY.js → index-Cg0IHaFI.js} +1 -1
- package/dist/packem_shared/{index-CPhv-r4c.js → index-D7EZ612R.js} +13 -13
- package/dist/packem_shared/{lifecycle-D5roTh0a.js → lifecycle-Dyb47wbD.js} +1 -1
- package/dist/packem_shared/{lockfile-DIGyLfmF.js → lockfile-C1qCKGH6.js} +1 -1
- package/dist/packem_shared/{manifests-pLwnVmCN.js → manifests-WBnsV_Eb.js} +1 -1
- package/dist/packem_shared/{min-release-age-pUAqTiv3.js → min-release-age-C71MO72F.js} +1 -1
- package/dist/packem_shared/missing-package-json-CTF71tE5.js +1 -0
- package/dist/packem_shared/{native-config-sync-4K9wWTj5.js → native-config-sync-BFDVK9LH.js} +4 -4
- package/dist/packem_shared/{osv-bloom-OuTfu_LE.js → osv-bloom-BsQ-aFiM.js} +1 -1
- package/dist/packem_shared/packument-DquNPIq9.js +1 -0
- package/dist/packem_shared/{pm-runner-Dws_Bw1y.js → pm-runner-D4jM58Oz.js} +1 -1
- package/dist/packem_shared/prompt-DjXHVgYU.js +1 -0
- package/dist/packem_shared/provenance-DIq8KyBV.js +1 -0
- package/dist/packem_shared/readJsonSync-CvkZyKmL-ihoybKvs.js +1 -0
- package/dist/packem_shared/registry-keys-C8K11ets.js +1 -0
- package/dist/packem_shared/resolve-explicit-Dr4kIybR.js +5 -0
- package/dist/packem_shared/{resolve-runtime-CJSWV-K8.js → resolve-runtime-Tx0bvg0h.js} +1 -1
- package/dist/packem_shared/run-file-DD7Ne23Z.js +1 -0
- package/dist/packem_shared/{runtime-check-0lUJvgKt.js → runtime-check-BXehSP06.js} +1 -1
- package/dist/packem_shared/s1ngularity-CtMmtXJo.js +1 -0
- package/dist/packem_shared/scan-progress-D4yywI6P.js +2 -0
- package/dist/packem_shared/{selectors-UmnAuc26.js → selectors-D4iCvITE.js} +1 -1
- package/dist/packem_shared/{signatures-BOUhghTv.js → signatures-CE8OAK-i.js} +2 -2
- package/dist/packem_shared/spinner-DuJJvFTl.js +1 -0
- package/dist/packem_shared/tabs-CgxCvjCY.js +1 -0
- package/dist/packem_shared/target-merge-DOm6h6tW.js +11 -0
- package/dist/packem_shared/target-options-CR0OuYJr.js +1 -0
- package/dist/packem_shared/toolchain-C44mPKPu.js +5 -0
- package/dist/packem_shared/{typosquats-DBOvXwph.js → typosquats-CQz-1Y6K.js} +1 -1
- package/dist/packem_shared/use-measured-height-XK9YSwtv.js +1 -0
- package/dist/packem_shared/utils-CRueU43T.js +1 -0
- package/dist/packem_shared/verify-DStfg3nb.js +1 -0
- package/dist/packem_shared/vis-update-app-Cpme_3Du.js +1 -0
- package/dist/packem_shared/{watch-Bkp_AAbc.js → watch-BXNI7dC6.js} +1 -1
- package/dist/packem_shared/watch-loop-JfGKIgKB.js +11 -0
- package/dist/packem_shared/window-ops-DDePlWLV.js +2 -0
- package/dist/runtime/preload.js +1 -1
- package/index.js +52 -52
- package/package.json +17 -13
- package/dist/packem_chunks/config.js +0 -18
- package/dist/packem_shared/CONFIG_FILES-MsOntfYT.js +0 -1
- package/dist/packem_shared/augment-8fIWWGSc.js +0 -3
- package/dist/packem_shared/bin-CnDBuLh3.js +0 -2
- package/dist/packem_shared/dependency-scan-B0HV_qeB.js +0 -1
- package/dist/packem_shared/failure-log-C7r6UZLP.js +0 -2
- package/dist/packem_shared/glob-fqg4KepW-7Bs2kZuM.js +0 -1
- package/dist/packem_shared/index-BKFEWXU_.js +0 -1
- package/dist/packem_shared/index-OQZQyN5R.js +0 -19
- package/dist/packem_shared/missing-package-json-DhYzuKhD.js +0 -1
- package/dist/packem_shared/provenance-C0P-UYOM.js +0 -1
- package/dist/packem_shared/readJsonSync-CvkZyKmL-CY7PZob_.js +0 -4
- package/dist/packem_shared/registry-keys-D4chF-Wj.js +0 -1
- package/dist/packem_shared/resolve-explicit-Cgheka3B.js +0 -5
- package/dist/packem_shared/run-file-B4TqKa0X.js +0 -1
- package/dist/packem_shared/s1ngularity-Du1NnSFP.js +0 -1
- package/dist/packem_shared/scan-progress-CN9ONR0y.js +0 -2
- package/dist/packem_shared/spinner-lhXugSx3.js +0 -1
- package/dist/packem_shared/tabs-DTiU3usb.js +0 -1
- package/dist/packem_shared/target-options-ChWcK60i.js +0 -1
- package/dist/packem_shared/toolchain-DyCKnGch.js +0 -5
- package/dist/packem_shared/use-measured-height-CK2Co3XI.js +0 -1
- package/dist/packem_shared/utils-Cxree603.js +0 -1
- package/dist/packem_shared/verify-CVPYlUrF.js +0 -1
- package/dist/packem_shared/vis-update-app-DtHkwBca.js +0 -1
- package/dist/packem_shared/watch-loop-D9zbXzRd.js +0 -11
|
@@ -1 +1 @@
|
|
|
1
|
-
import{E as
|
|
1
|
+
import{E as C,I as a,s as j,V as S}from"../packem_shared/index.server-J83sowC4.js";import{f as R,m as V}from"../packem_shared/index-CE6MsgcV.js";import{enforceProjectConstraints as v}from"@visulima/task-runner";import{b as x,O as F}from"./catalog.js";import{b as I}from"./cli-main.js";import{c as T}from"../packem_shared/runtime-check-BXehSP06.js";import{d as z}from"../packem_shared/env-C2ZCnfP_.js";import{a as D}from"../packem_shared/readJsonSync-CvkZyKmL-ihoybKvs.js";const e=c=>c?a("✓"):S("✗"),P=async({fs:c,logger:t,options:O,visConfig:y,workspaceRoot:s})=>{if(!s)throw new Error("Could not determine workspace root.");const{config:h,packageJsons:w,workspace:f}=x(s,y),b=F(s,f,w),$=Object.keys(f.projects).length,k=new Set(Object.values(f.projects).flatMap(g=>Object.keys(g.targets??{}))).size,n=T(s);let o=0;h.constraints&&(o=v(b,h.constraints).length);const i=I(s,{minRuns:2});let r;const l=z(s);if(R(l)){const g=(await c.readdir(l)).filter(p=>p.endsWith(".json")).sort();let m=0,d=0;for(const p of g.slice(-20))try{const u=D(V(l,p));u.stats&&(m+=u.stats.total??0,d+=u.stats.cached??0)}catch{continue}m>0&&(r=`${(d/m*100).toFixed(0)}%`)}if(O.json){t.info(JSON.stringify({cacheHitRate:r??null,constraintViolations:o,flakyTasks:i.length,projects:$,runtimeIssues:n.length,targets:k},null,2));return}t.info(""),t.info(` ${C("VIS STATUS")}`),t.info(""),t.info(` ${e(!0)} ${String($)} projects · ${String(k)} unique targets`),t.info(` ${e(n.length===0)} Runtime: ${n.length===0?a("OK"):j(`${String(n.length)} issue(s)`)}`),t.info(` ${e(o===0)} Constraints: ${o===0?a("OK"):S(`${String(o)} violation(s)`)}`),t.info(` ${e(i.length===0)} Flaky tasks: ${i.length===0?a("none"):j(String(i.length))}`),r&&t.info(` ${e(!0)} Cache hit rate: ${r} (last 20 runs)`),t.info("")};export{P as default};
|
|
@@ -1 +1 @@
|
|
|
1
|
-
import{
|
|
1
|
+
import{createTaskGraph as j}from"@visulima/task-runner";import{b as m,O as b}from"./catalog.js";const y=(a,e)=>{const r=new Map;for(const[i,t]of Object.entries(a.dependencies))for(const c of t){const f=r.get(c)??[];f.push(i),r.set(c,f)}if(!a.tasks[e])return;const s=new Set([e]),o=[{node:e,path:[e]}];for(;o.length>0;){const i=o.shift();if(a.roots.includes(i.node))return i.path;for(const t of r.get(i.node)??[])s.has(t)||(s.add(t),o.push({node:t,path:[t,...i.path]}))}return[e]},E=(a,e)=>{const r=[];for(const[s,o]of Object.entries(a.dependencies))o.includes(e)&&r.push(s);return r.sort()},T=async({argument:a,logger:e,visConfig:r,workspaceRoot:s})=>{if(!s)throw new Error("Could not determine workspace root.");const o=a[0];if(!o)throw new Error("No task ID specified. Usage: vis task-why <project>:<target>");if(!o.includes(":"))throw new Error(`Invalid task ID "${o}" — expected format "project:target".`);const{packageJsons:i,workspace:t}=m(s,r),c=b(s,t,i),[f,l]=o.split(":",2),u=t.projects[f];if(!u)throw new Error(`Unknown project "${f}".`);if(!u.targets?.[l])throw new Error(`Project "${f}" has no target "${l}".`);const $=Object.entries(t.projects).flatMap(([n,k])=>Object.keys(k.targets??{}).map(h=>({id:`${n}:${h}`,outputs:[],overrides:{},target:{project:n,target:h}}))),p=j($,{projectGraph:c,workspace:t});if(!p.tasks[o])throw new Error(`Task "${o}" is not reachable in the graph.`);const d=y(p,o),g=E(p,o);if(e.info(""),e.info(`Why ${o}?`),e.info(""),d&&d.length>1){e.info("Shortest path from a root to this task:");for(const[n,k]of d.entries()){const h=n===0?" ":`${" ".repeat(n+1)}└─ `;e.info(`${h}${k}`)}e.info("")}else e.info(" This task is itself a root — nothing upstream depends on it."),e.info("");if(g.length>0){e.info(`Directly depended on by ${g.length} task(s):`);for(const n of g)e.info(` - ${n}`);e.info("")}const w=p.dependencies[o]??[];if(w.length>0){e.info(`This task depends on ${w.length} task(s):`);for(const n of[...w].sort())e.info(` - ${n}`);e.info("")}};export{T as default};
|
|
@@ -1 +1,5 @@
|
|
|
1
|
-
import{
|
|
1
|
+
import{createRequire as M}from"node:module";import{E as d,I as F,V as I,s as U}from"../packem_shared/index.server-J83sowC4.js";import{m as A}from"../packem_shared/index-CE6MsgcV.js";import{p as t}from"./cli-main.js";import{p as N,g as C,S as w,w as b,b as S,a as W,f as k,c as E,d as B,u as y,e as q,h as H}from"../packem_shared/toolchain-C44mPKPu.js";const _=M(import.meta.url),$=typeof globalThis<"u"&&typeof globalThis.process<"u"?globalThis.process:process,T=e=>{if(typeof $<"u"&&$.versions&&$.versions.node){const[n,i]=$.versions.node.split(".").map(Number);if(n>22||n===22&&i>=3||n===20&&i>=16)return $.getBuiltinModule(e)}return _(e)},{spawnSync:P}=T("node:child_process"),x=["aube","bun","deno","go","node","npm","pnpm","python","ruby","rust","yarn"],O=e=>x.includes(e),v=e=>e?F("✓"):I("✗"),j=U("⚠"),V=e=>{if(e.installed){const n=e.version?` v${e.version}`:"",i=e.configFiles.length>0?` (${e.configFiles.join(", ")})`:"";return`${v(!0)} ${e.name}${n}${i}`}return`${j} ${e.name} — referenced by ${e.configFiles.join(", ")} but not installed`},D=e=>{if(e.matches)return"";const{manager:n}=e;return n.name==="none"?d("→ (no manager)"):n.name==="self-activate"?"":n.installed?d(`→ ${n.name}`):d(`→ ${n.name} (missing)`)},G=e=>e.matches?v(!0):e.actual?j:v(!1),J=e=>{if(t.info(""),t.info(d("── Toolchain ───────────────────────")),e.detected.length===0)t.info(` ${v(!1)} No version manager detected`),t.notice(` Install one of: ${w.join(", ")}`);else for(const n of e.detected)t.info(` ${V(n)}`);if(t.info(""),e.tools.length===0){t.info(` ${d("No tool pins found — add engines.node, .nvmrc, or a manager config file.")}`);return}t.info(d("── Tools ───────────────────────────"));for(const n of e.tools){const i=`${n.expected.tool} ${n.expected.version}`,a=n.actual?`actual ${n.actual}`:"not installed",c=n.matches?"":d(` [${n.expected.source}]`),o=D(n),g=o===""?"":` ${o}`;t.info(` ${G(n)} ${i} — ${a}${c}${g}`),n.manager.note&&t.notice(` ${n.manager.note}`)}},K=(e,n,i)=>{const a=C(e,n);if(i.json){process.stdout.write(`${JSON.stringify({detected:a.detected.map(o=>({binPath:o.binPath??null,configFiles:o.configFiles,installed:o.installed,name:o.name,version:o.version??null})),tools:a.tools.map(o=>({actual:o.actual??null,expected:o.expected.version,manager:o.manager.name,managerInstalled:o.manager.installed,matches:o.matches,note:o.manager.note??null,source:o.expected.source,tool:o.expected.tool}))},void 0,2)}
|
|
2
|
+
`);return}J(a);const c=a.tools.filter(o=>!o.matches);c.length>0&&(t.info(""),t.notice(" Run `vis toolchain install` to install pinned versions.")),i.exitCode&&c.length>0&&(process.exitCode=1)},L=e=>{const n=new Map;for(const i of e){const a=n.get(i.manager.name);a?a.push(i):n.set(i.manager.name,[i])}return n},R=(e,n,i)=>P(e,n,{cwd:i,stdio:"inherit"}).status??1,z=(e,n,i)=>{const a=C(e,n),c=a.tools.filter(u=>!u.matches);if(c.length===0){t.success("Everything already matches — nothing to install.");return}const o=c.some(u=>u.manager.name!=="self-activate"&&u.manager.name!=="none");if(a.detected.length===0&&o){t.error(`No version manager detected. Install one of: ${w.join(", ")}.`),process.exitCode=1;return}const g=L(c);let l=!1,r=0;for(const[u,f]of g){if(u==="self-activate"){for(const{expected:s}of f){if(s.source==="packageManager")t.info(`${d("$")} (${s.tool} will self-activate from packageManager on next invocation)`);else if(t.info(`${d("$")} Writing packageManager=${s.tool}@${s.version}`),i.dryRun)l=!0;else try{b(e,s),l=!0}catch(h){t.error(h.message),r=1}t.notice(` ${s.tool} ${s.version} — no install needed`)}continue}if(u==="none"){for(const{expected:s}of f)t.warn(`Cannot install ${s.tool} ${s.version} — no manager can handle it.`);r=1;continue}if(!a.detected.find(s=>s.name===u)?.installed){t.error(`${u} is referenced but not on PATH — install it first, then rerun \`vis toolchain install\`.`),r=1;continue}const m=f.map(s=>S(u,s.expected)).filter(Boolean);for(const s of m){if(!s)continue;if(s.bin==="nvm"&&s.args.length===0){t.error("nvm is a shell function — run `nvm install` in your shell, then rerun `vis toolchain install`."),s.hint&&t.notice(` ${s.hint}`),r=1;continue}if(t.info(`${d("$")} ${s.bin} ${s.args.join(" ")}`),s.hint&&t.notice(` ${s.hint}`),i.dryRun){l=!0;continue}const h=R(s.bin,s.args,e);if(l=!0,h!==0){r=h;break}}}if(r!==0){process.exitCode=r;return}l&&t.success("Toolchain installed.")},Q=async(e,n,i,a,c)=>{if(!a)throw new Error("Usage: vis toolchain use <tool>@<version> (e.g. vis toolchain use node@22.13.0)");const o=W(a);if(!o)throw new Error(`Could not parse "${a}". Expected "<tool>@<version>" where <tool> is one of ${x.join(", ")}.`);const g=k(n),l=E(o,g,i);if(l.name==="none"){t.error(`No manager can pin ${o.tool}. Install one of: ${w.join(", ")}.`),process.exitCode=1;return}if(!l.installed){t.error(`The best manager for ${o.tool} (${l.name}) is not on PATH. ${l.note??""}`),process.exitCode=1;return}const r=B(l.name,o);if(!r){t.error(`${l.name} cannot pin ${o.tool}. Use a different manager, or set \`toolchain.tools.${o.tool}\` in vis.config.ts.`),process.exitCode=1;return}if(l.name==="self-activate"){if(t.info(`${d("→")} Writing packageManager field to package.json...`),c.dryRun){t.notice(` Would set packageManager: "${o.tool}@${o.version}"`);return}try{const f=b(n,o);if(!f){t.error(`Refusing to pin non-package-manager tool ${o.tool} via the packageManager field.`),process.exitCode=1;return}if(t.success(`Set packageManager: "${f}" — ${o.tool} will activate this version on next invocation.`),c.engines!==!1){const m=y(n,o);m&&t.success(`Updated package.json engines.${o.tool} → ${m}.`)}}catch(f){t.error(f.message),process.exitCode=1}return}if(r.args.length===0&&l.name==="nvm"&&o.tool==="node"){const f=A(n,".nvmrc");if(t.info(`${d("→")} Writing ${f}...`),c.dryRun){t.notice(` Would write ${o.version} to .nvmrc`);return}try{await e.writeFile(f,`${o.version}
|
|
3
|
+
`)}catch(m){t.error(`Failed to write .nvmrc: ${m.message}`),process.exitCode=1;return}t.success(`Wrote ${o.version} to .nvmrc.`),t.notice(" nvm is a shell function — run `nvm use` to activate it in this shell.");return}if(r.args.length===0){t.error(`${l.name} cannot pin ${o.tool} from a subprocess. ${r.configChange?.hint??""}`),r.configChange&&t.notice(` Edit ${r.configChange.file} by hand and rerun \`vis toolchain status\` to verify.`),process.exitCode=1;return}if(t.info(`${d("$")} ${r.bin} ${r.args.join(" ")}`),r.configChange&&t.notice(` Will update ${r.configChange.file} — ${r.configChange.hint}`),c.dryRun)return;const u=R(r.bin,r.args,n);if(u!==0){process.exitCode=u;return}if(t.success(`Pinned ${o.tool} to ${o.version}.`),c.engines!==!1)try{const f=y(n,o);f&&t.success(`Updated package.json engines.${o.tool} → ${f}.`)}catch(f){t.warn(`Could not update engines.${o.tool}: ${f.message}`)}},X=(e,n,i)=>{if(!i)throw new Error("Usage: vis toolchain which <tool> (e.g. vis toolchain which node)");const a=i.toLowerCase();if(!O(a))throw new Error(`Unknown tool "${i}". Known: ${x.join(", ")}.`);const c=k(e),o=E({source:"vis.config.ts",tool:a,version:"*"},c,n),g=o.installed&&o.name!=="self-activate"&&o.name!=="none"?c.find(r=>r.name===o.name):void 0,l=g?q(g,a):H(a);if(!l){t.error(`${i} not found in PATH${g?` or via ${g.name}`:""}.`),process.exitCode=1;return}process.stdout.write(`${l}
|
|
4
|
+
`)},Y=(e,n)=>{const i=N(e,n);process.stdout.write(`${i.name}
|
|
5
|
+
`)},p=e=>{if(!e)throw new Error("Could not determine workspace root. Run inside a monorepo.");return e},ie=async({options:e,visConfig:n,workspaceRoot:i})=>{K(p(i),n?.toolchain,e)},se=async({visConfig:e,workspaceRoot:n})=>{Y(p(n),e?.toolchain)},ae=async({options:e,visConfig:n,workspaceRoot:i})=>{z(p(i),n?.toolchain,e)},re=async({argument:e,fs:n,options:i,visConfig:a,workspaceRoot:c})=>{await Q(n,p(c),a?.toolchain,e[0],i)},ce=async({argument:e,visConfig:n,workspaceRoot:i})=>{X(p(i),n?.toolchain,e[0])};export{se as detectExecute,ae as installExecute,ie as statusExecute,re as useExecute,ce as whichExecute};
|
|
@@ -1,5 +1 @@
|
|
|
1
|
-
import{
|
|
2
|
-
`);return}J(a);const c=a.tools.filter(o=>!o.matches);c.length>0&&(t.info(""),t.notice(" Run `vis toolchain install` to install pinned versions.")),i.exitCode&&c.length>0&&(process.exitCode=1)},L=e=>{const n=new Map;for(const i of e){const a=n.get(i.manager.name);a?a.push(i):n.set(i.manager.name,[i])}return n},R=(e,n,i)=>P(e,n,{cwd:i,stdio:"inherit"}).status??1,z=(e,n,i)=>{const a=C(e,n),c=a.tools.filter(u=>!u.matches);if(c.length===0){t.success("Everything already matches — nothing to install.");return}const o=c.some(u=>u.manager.name!=="self-activate"&&u.manager.name!=="none");if(a.detected.length===0&&o){t.error(`No version manager detected. Install one of: ${w.join(", ")}.`),process.exitCode=1;return}const g=L(c);let l=!1,r=0;for(const[u,f]of g){if(u==="self-activate"){for(const{expected:s}of f){if(s.source==="packageManager")t.info(`${d("$")} (${s.tool} will self-activate from packageManager on next invocation)`);else if(t.info(`${d("$")} Writing packageManager=${s.tool}@${s.version}`),i.dryRun)l=!0;else try{b(e,s),l=!0}catch(h){t.error(h.message),r=1}t.notice(` ${s.tool} ${s.version} — no install needed`)}continue}if(u==="none"){for(const{expected:s}of f)t.warn(`Cannot install ${s.tool} ${s.version} — no manager can handle it.`);r=1;continue}if(!a.detected.find(s=>s.name===u)?.installed){t.error(`${u} is referenced but not on PATH — install it first, then rerun \`vis toolchain install\`.`),r=1;continue}const m=f.map(s=>S(u,s.expected)).filter(Boolean);for(const s of m){if(!s)continue;if(s.bin==="nvm"&&s.args.length===0){t.error("nvm is a shell function — run `nvm install` in your shell, then rerun `vis toolchain install`."),s.hint&&t.notice(` ${s.hint}`),r=1;continue}if(t.info(`${d("$")} ${s.bin} ${s.args.join(" ")}`),s.hint&&t.notice(` ${s.hint}`),i.dryRun){l=!0;continue}const h=R(s.bin,s.args,e);if(l=!0,h!==0){r=h;break}}}if(r!==0){process.exitCode=r;return}l&&t.success("Toolchain installed.")},Q=async(e,n,i,a,c)=>{if(!a)throw new Error("Usage: vis toolchain use <tool>@<version> (e.g. vis toolchain use node@22.13.0)");const o=W(a);if(!o)throw new Error(`Could not parse "${a}". Expected "<tool>@<version>" where <tool> is one of ${x.join(", ")}.`);const g=k(n),l=E(o,g,i);if(l.name==="none"){t.error(`No manager can pin ${o.tool}. Install one of: ${w.join(", ")}.`),process.exitCode=1;return}if(!l.installed){t.error(`The best manager for ${o.tool} (${l.name}) is not on PATH. ${l.note??""}`),process.exitCode=1;return}const r=B(l.name,o);if(!r){t.error(`${l.name} cannot pin ${o.tool}. Use a different manager, or set \`toolchain.tools.${o.tool}\` in vis.config.ts.`),process.exitCode=1;return}if(l.name==="self-activate"){if(t.info(`${d("→")} Writing packageManager field to package.json...`),c.dryRun){t.notice(` Would set packageManager: "${o.tool}@${o.version}"`);return}try{const f=b(n,o);if(!f){t.error(`Refusing to pin non-package-manager tool ${o.tool} via the packageManager field.`),process.exitCode=1;return}if(t.success(`Set packageManager: "${f}" — ${o.tool} will activate this version on next invocation.`),c.engines!==!1){const m=y(n,o);m&&t.success(`Updated package.json engines.${o.tool} → ${m}.`)}}catch(f){t.error(f.message),process.exitCode=1}return}if(r.args.length===0&&l.name==="nvm"&&o.tool==="node"){const f=A(n,".nvmrc");if(t.info(`${d("→")} Writing ${f}...`),c.dryRun){t.notice(` Would write ${o.version} to .nvmrc`);return}try{await e.writeFile(f,`${o.version}
|
|
3
|
-
`)}catch(m){t.error(`Failed to write .nvmrc: ${m.message}`),process.exitCode=1;return}t.success(`Wrote ${o.version} to .nvmrc.`),t.notice(" nvm is a shell function — run `nvm use` to activate it in this shell.");return}if(r.args.length===0){t.error(`${l.name} cannot pin ${o.tool} from a subprocess. ${r.configChange?.hint??""}`),r.configChange&&t.notice(` Edit ${r.configChange.file} by hand and rerun \`vis toolchain status\` to verify.`),process.exitCode=1;return}if(t.info(`${d("$")} ${r.bin} ${r.args.join(" ")}`),r.configChange&&t.notice(` Will update ${r.configChange.file} — ${r.configChange.hint}`),c.dryRun)return;const u=R(r.bin,r.args,n);if(u!==0){process.exitCode=u;return}if(t.success(`Pinned ${o.tool} to ${o.version}.`),c.engines!==!1)try{const f=y(n,o);f&&t.success(`Updated package.json engines.${o.tool} → ${f}.`)}catch(f){t.warn(`Could not update engines.${o.tool}: ${f.message}`)}},X=(e,n,i)=>{if(!i)throw new Error("Usage: vis toolchain which <tool> (e.g. vis toolchain which node)");const a=i.toLowerCase();if(!O(a))throw new Error(`Unknown tool "${i}". Known: ${x.join(", ")}.`);const c=k(e),o=E({source:"vis.config.ts",tool:a,version:"*"},c,n),g=o.installed&&o.name!=="self-activate"&&o.name!=="none"?c.find(r=>r.name===o.name):void 0,l=g?q(g,a):H(a);if(!l){t.error(`${i} not found in PATH${g?` or via ${g.name}`:""}.`),process.exitCode=1;return}process.stdout.write(`${l}
|
|
4
|
-
`)},Y=(e,n)=>{const i=N(e,n);process.stdout.write(`${i.name}
|
|
5
|
-
`)},p=e=>{if(!e)throw new Error("Could not determine workspace root. Run inside a monorepo.");return e},ie=async({options:e,visConfig:n,workspaceRoot:i})=>{K(p(i),n?.toolchain,e)},se=async({visConfig:e,workspaceRoot:n})=>{Y(p(n),e?.toolchain)},ae=async({options:e,visConfig:n,workspaceRoot:i})=>{z(p(i),n?.toolchain,e)},re=async({argument:e,fs:n,options:i,visConfig:a,workspaceRoot:c})=>{await Q(n,p(c),a?.toolchain,e[0],i)},ce=async({argument:e,visConfig:n,workspaceRoot:i})=>{X(p(i),n?.toolchain,e[0])};export{se as detectExecute,ae as installExecute,ie as statusExecute,re as useExecute,ce as whichExecute};
|
|
1
|
+
import{I as p,S as f}from"../packem_shared/pm-runner-D4jM58Oz.js";import{r as g,a as d}from"../packem_shared/command-runtime-BE-vKsGH.js";import{c as k}from"../packem_shared/utils-CRueU43T.js";const w=async({argument:r,logger:n,options:s,rawUnknown:c,visConfig:o,workspaceRoot:i})=>{const t=k(r,c),e=i??process.cwd(),l=g({logger:n,options:s,visConfig:o},e),m=p(e,{backend:d(l),configBackend:o?.install?.backend,configCorepack:o?.install?.corepack}),a=f(m,t,s.recursive||!1,e,n);a!==0&&(process.exitCode=a)};export{w as default};
|
|
@@ -1 +1,3 @@
|
|
|
1
|
-
import{
|
|
1
|
+
import{createRequire as u}from"node:module";import{c as p}from"../packem_shared/index-D7EZ612R.js";const f=u(import.meta.url),r=typeof globalThis<"u"&&typeof globalThis.process<"u"?globalThis.process:process,a=s=>{if(typeof r<"u"&&r.versions&&r.versions.node){const[e,i]=r.versions.node.split(".").map(Number);if(e>22||e===22&&i>=3||e===20&&i>=16)return r.getBuiltinModule(s)}return f(s)},{execSync:d,spawnSync:l}=a("node:child_process"),v=async({argument:s,logger:e,options:i})=>{const t=s?.[0];e.info("info: checking for updates...");const n=p.version;let o;try{const c=d("npm view @visulima/vis version",{encoding:"utf8"}).trim();o=t??c}catch{throw new Error("Failed to query npm registry. Check your network connection.")}if(n===o&&!i.force){e.info(`
|
|
2
|
+
✓ Already up to date (${n})`);return}if(i.check){n===o?e.info(`✓ Already up to date (${n})`):e.info(`info: found @visulima/vis@${o} (current: ${n})`);return}if(e.info(`info: found @visulima/vis@${o} (current: ${n})`),e.info("info: installing..."),l("npm",["install","-g",`@visulima/vis@${o}`],{encoding:"utf8",stdio:"inherit"}).status!==0)throw new Error("Failed to update. Try running with sudo or fix npm permissions.");e.info(`
|
|
3
|
+
✓ Updated @visulima/vis from ${n} → ${o}`)};export{v as default};
|
|
@@ -1,3 +1 @@
|
|
|
1
|
-
import{
|
|
2
|
-
✓ Already up to date (${n})`);return}if(i.check){n===o?e.info(`✓ Already up to date (${n})`):e.info(`info: found @visulima/vis@${o} (current: ${n})`);return}if(e.info(`info: found @visulima/vis@${o} (current: ${n})`),e.info("info: installing..."),l("npm",["install","-g",`@visulima/vis@${o}`],{encoding:"utf8",stdio:"inherit"}).status!==0)throw new Error("Failed to update. Try running with sudo or fix npm permissions.");e.info(`
|
|
3
|
-
✓ Updated @visulima/vis from ${n} → ${o}`)};export{v as default};
|
|
1
|
+
import{I as d,E as g}from"../packem_shared/pm-runner-D4jM58Oz.js";import{r as m,a as k}from"../packem_shared/command-runtime-BE-vKsGH.js";import{c as v,i as b}from"../packem_shared/utils-CRueU43T.js";const C=async({argument:l,logger:n,options:o,process:i,rawUnknown:t,visConfig:a,workspaceRoot:c})=>{const r=v(l,t);if(r.length===0)throw new Error("No packages specified. Usage: vis why <package...>");const e=c??i.cwd,p=m({logger:n,options:o,visConfig:a},e),f=d(e,{backend:k(p),configBackend:a?.install?.backend,configCorepack:a?.install?.corepack}),s=g(f,{depth:o.depth===void 0?void 0:Number(o.depth),dev:o.dev||!1,filter:b(o.filter),global:o.global||!1,json:o.json||!1,long:o.long||!1,noOptional:o.optional===!1,packages:r,parseable:o.parseable||!1,prod:o.prod||!1,recursive:o.recursive||!1},e,n);s!==0&&s!==1&&(process.exitCode=s)};export{C as default};
|
|
@@ -1 +1,4 @@
|
|
|
1
|
-
import{
|
|
1
|
+
import{getAffectedProjects as $}from"@visulima/task-runner";import{b as E,O as F}from"./catalog.js";import{r as b}from"../packem_shared/affected-shas-CwRY5aoc.js";import{f as k}from"../packem_shared/selectors-D4iCvITE.js";const T=async({argument:w,logger:s,options:e,runtime:j,visConfig:u,workspaceRoot:h})=>{const l=w[0];if(!l)throw new Error("Missing target. Usage: vis affected <target>");if(!h)throw new Error("Could not determine workspace root. Run this command inside a monorepo.");const a=h,{packageJsons:v,workspace:i}=E(a,u),y=F(a,i,v),g=new Set(["deep","direct","none"]),p=e.downstream??"deep",d=e.upstream??"none";if(!g.has(p))throw new Error(`Invalid --downstream value: "${p}". Must be "none", "direct", or "deep".`);if(!g.has(d))throw new Error(`Invalid --upstream value: "${d}". Must be "none", "direct", or "deep".`);let{base:c}=e,{head:f}=e;if(!c||!f){const o=b({defaultBase:u?.defaultBase,workspaceRoot:a});c=c??o.base,f=f??o.head,s.info(`▸ Resolved affected refs from ${o.provider} (${o.notes.join("; ")})`)}const S={base:c,downstream:p,head:f,projectGraph:y,projects:i.projects,upstream:d,workspaceRoot:a},n=await $(S);if(n.changedFiles.length===0){s.info("No files changed. Nothing to run.");return}if(n.affectedProjects.length===0){s.info("No projects affected by the changes.");return}let{affectedProjects:t}=n;if(e.query&&(t=k(t,i,e.query),t.length===0)){s.info(`Query "${String(e.query)}" matched no affected projects.`);return}if(e.sparseCheckout){const o=[...new Set(t.map(m=>i.projects[m]?.root??m))].sort();process.stdout.write(`${o.join(`
|
|
2
|
+
`)}
|
|
3
|
+
`);return}s.info(`Affected projects: ${t.join(", ")}`),n.changedFiles.length>0&&(process.env.VIS_AFFECTED_FILES=n.changedFiles.join(`
|
|
4
|
+
`));const r=[l,`--projects=${t.join(",")}`];e.parallel!==void 0&&r.push(`--parallel=${String(e.parallel)}`),e.cache||r.push("--no-cache"),e.dryRun&&r.push("--dry-run"),e.partition&&r.push(`--partition=${String(e.partition)}`),e.reverse&&r.push("--reverse"),typeof e.runnerTags=="string"&&e.runnerTags!==""&&r.push(`--runner-tags=${e.runnerTags}`);try{await j.runCommand("run",{argv:r})}finally{delete process.env.VIS_AFFECTED_FILES}};export{T as default};
|
|
@@ -1 +1 @@
|
|
|
1
|
-
import{
|
|
1
|
+
import{A as d,B as w}from"../packem_shared/index-CE6MsgcV.js";import{r as v}from"../packem_shared/command-runtime-BE-vKsGH.js";import{r as u}from"../packem_shared/run-file-DD7Ne23Z.js";const R=async({argument:s,logger:i,options:n,rawUnknown:t,visConfig:a,workspaceRoot:f})=>{const m=s??[],[o,...p]=m;if(o===void 0)throw new Error("No file specified. Usage: vis x <file> [args...]");const r=process.cwd(),c=d(o)?o:w(r,o),g=[...p,...t??[]],{runtime:l}=v({logger:i,options:n,visConfig:a},f??r),e=await u(c,g,l,r);e!==0&&(process.exitCode=e)};export{R as default};
|
|
@@ -1 +1,2 @@
|
|
|
1
|
-
import{
|
|
1
|
+
import{createRequire as R}from"node:module";import{DEFAULT_CHANGES_DIR as C}from"./DEFAULT_CLEAN_KEEP.js";import{b as E,f as B}from"./orchestrator.js";import{r as T}from"../packem_shared/slug-DoueYuLo.js";import{VisReleaseError as w}from"../packem_shared/VisReleaseError-DMGRBTNO.js";const S=R(import.meta.url),u=typeof globalThis<"u"&&typeof globalThis.process<"u"?globalThis.process:process,$=e=>{if(typeof u<"u"&&u.versions&&u.versions.node){const[o,n]=u.versions.node.split(".").map(Number);if(o>22||o===22&&n>=3||o===20&&n>=16)return u.getBuiltinModule(e)}return S(e)},{mkdir:V,writeFile:O}=$("node:fs/promises"),{resolve:b,sep:k,join:P}=$("node:path");let y;const W=e=>{y=e},_=async()=>y||(await import("./shell-runner.js")).createShellRunner(),v=e=>!e||!/^[\dv]/i.test(e)?!1:/^[\d.+\-a-z]+$/i.test(e),D=e=>{const o=e.trim(),n=/^(?:[a-z]+(?:\([^)]+\))?:\s+)?[Bb]ump\s+(?<dep>\S+)\s+from\s+(?<fromVersion>\S+)\s+to\s+(?<toVersion>\S+)(?:\s+in\s+\S+)?$/.exec(o);if(n?.groups){const t=n.groups.toVersion;return v(t)?{dep:n.groups.dep,fromVersion:n.groups.fromVersion,toVersion:t}:void 0}const s=/^(?:[a-z]+(?:\([^)]+\))?:\s+)?[Uu]pdate\s+(?:dependency|module)\s+(?<dep>\S+)\s+to\s+(?<toVersion>\S+)(?:\s+\S.*)?$/.exec(o);if(s?.groups){const t=s.groups.toVersion;return v(t)?{dep:s.groups.dep,fromVersion:"",toVersion:t}:void 0}},A=async e=>{const o=process.env.PR_NUMBER;if(o&&/^\d+$/.test(o))return Number.parseInt(o,10);const n=process.env.GITHUB_REF;if(n){const s=/^refs\/pull\/(\d+)\//.exec(n);if(s)return Number.parseInt(s[1],10)}try{const s=await(await _()).run("gh",["pr","view","--json","number"],{cwd:e,silent:!0});if(s.exitCode===0){const t=JSON.parse(s.stdout.trim());if(typeof t.number=="number")return t.number}}catch{}},L=async(e,o)=>{try{const n=await(await _()).run("gh",["pr","view",String(o),"--json","title,body,author"],{cwd:e,silent:!0});return n.exitCode!==0?void 0:JSON.parse(n.stdout.trim())}catch{return}},U=(e,o)=>{const n=[];for(const s of o){const{manifest:t}=s;(Object.hasOwn(t.dependencies??{},e)||Object.hasOwn(t.devDependencies??{},e)||Object.hasOwn(t.peerDependencies??{},e)||Object.hasOwn(t.optionalDependencies??{},e))&&n.push(s.name)}return n},F=e=>{const o={};for(const n of e.split(",")){const s=n.trim();if(!s)continue;const t=s.lastIndexOf(":");if(t<1)throw new w({code:"BUMP_FILE_INVALID",message:`Invalid --packages entry: ${JSON.stringify(s)}. Expected "package:level".`});const i=s.slice(0,t).trim(),r=s.slice(t+1).trim();if(r!=="major"&&r!=="minor"&&r!=="patch"&&r!=="none")throw new w({code:"BUMP_FILE_INVALID",message:`Invalid bump level: ${JSON.stringify(r)}. Expected major|minor|patch|none.`});o[i]=r}return o},M=async e=>{const{multiSelectPrompt:o,selectPrompt:n,textPrompt:s}=await import("./prompts.js"),t=await o("Which packages to bump?",e.map(p=>({label:p,value:p}))),i={};for(const p of t){const f=await n(`Bump level for ${p}?`,[{label:"patch — bug fixes only",value:"patch"},{label:"minor — new feature, backward-compatible",value:"minor"},{label:"major — breaking change",value:"major"},{label:"none — acknowledged, no direct bump",value:"none"}]);i[p]=f}const r=await s("Changelog entry (markdown):","");return{bumps:i,message:r}},Y=async({logger:e,options:o,workspaceRoot:n})=>{const s=n??process.cwd(),t=await E({cwd:s,skipRegistryLookup:!0});let i={},r=o.message??"";if(o.fromBotPr){const c=await A(s);if(c===void 0){e.error("No PR found. Set PR_NUMBER, run inside a GitHub Actions PR workflow, or check `gh pr view` works on this branch."),process.exitCode=1;return}const a=await L(s,c);if(!a||typeof a.title!="string"){e.error(`Could not fetch PR #${c} via \`gh pr view\`. Ensure gh is on PATH and authenticated.`),process.exitCode=1;return}const d=D(a.title);if(!d){e.info(`PR #${c} title is not a recognised Dependabot / Renovate pattern; skipping.`),e.info(`Title: ${a.title}`),process.exitCode=0;return}const h=U(d.dep,t.packages),N=d.fromVersion?`from ${d.fromVersion} to ${d.toVersion}`:`to ${d.toVersion}`;if(r=r||`Updated ${d.dep} ${N}`,h.length===0){const g=t.packages[0]?.name;if(!g){e.error("Workspace has no packages — cannot author an acknowledging change file."),process.exitCode=1;return}i={[g]:"none"},r=`${r} (no workspace package depends on ${d.dep})`}else for(const g of h)i[g]="patch"}else if(o.empty)i={},r=r||"Empty change file (no release).";else if(o.packages){i=F(o.packages);const c=new Set(t.packages.map(a=>a.name));for(const a of Object.keys(i))if(!c.has(a))throw new w({code:"BUMP_FILE_INVALID",message:`Unknown workspace package in --packages: ${JSON.stringify(a)}.`,packageName:a})}else{if(!process.stdout.isTTY){e.error("--packages is required when stdin is not a TTY."),e.error("Example: vis release add --packages '@scope/cerebro:minor' --message 'Add X'"),process.exitCode=1;return}const c=await M(t.packages.map(a=>a.name));i=c.bumps,r=r||c.message}if(Object.keys(i).length===0){e.error("No bumps specified."),process.exitCode=1;return}const p=t.config.changesDir??C,f=(o.name??T()).replaceAll(/[^a-z0-9-]/gi,"-"),l=b(s),x=l.endsWith(k)?l:`${l}${k}`,m=b(s,p);if(m!==l&&!m.startsWith(x))throw new w({code:"CONFIG_INVALID",message:`changesDir resolves outside the workspace: ${m} (workspace: ${l}).`});const j=P(m,`${f}.md`),I=B({bumps:i},r);await V(m,{recursive:!0}),await O(j,I,{flag:"wx"}),e.info(`Created ${p}/${f}.md`),e.info("");for(const[c,a]of Object.entries(i))e.info(` ${c}: ${a}`);r&&(e.info(""),e.info(` Body: ${r.split(`
|
|
2
|
+
`)[0]?.slice(0,80)??""}`))};export{W as __setBotPrRunnerForTests,Y as default,D as parseBotPrTitle};
|
|
@@ -1,2 +1,2 @@
|
|
|
1
|
-
import{
|
|
2
|
-
`)
|
|
1
|
+
import{releaseChangelog as l}from"../packem_shared/ReleaseClient-YHzBIxYS.js";const c=async({logger:o,options:t,workspaceRoot:r})=>{const s=r??process.cwd(),i=t.filter?t.filter.split(",").map(e=>e.trim()).filter(Boolean):void 0,n=await l({channel:t.channel,cwd:s,projects:i});if(t.json){process.stdout.write(`${JSON.stringify(n,null,2)}
|
|
2
|
+
`),n.projectChangelogs.length===0&&(process.exitCode=1);return}if(n.projectChangelogs.length===0){o.info("No pending releases — no changelog entries to render."),process.exitCode=1;return}for(const e of n.projectChangelogs)o.info(`# ${e.package} → ${e.file}`),o.info(""),o.info(e.content),o.info("")};export{c as default};
|
|
@@ -1,2 +1,2 @@
|
|
|
1
|
-
import{
|
|
2
|
-
`)
|
|
1
|
+
import{DEFAULT_CHANGES_DIR as R}from"./DEFAULT_CLEAN_KEEP.js";import{b as D,c as F,d as b}from"./orchestrator.js";import{createShellRunner as E}from"./shell-runner.js";const y=async({logger:r,options:d,workspaceRoot:$})=>{const s=$??process.cwd(),p=d.noFail===!0,u=d.strict===!0,t=await D({cwd:s}),{printConfigIfRequested:x}=await import("./print-config.js");if(x(d,t,r))return;const{files:i}=await F({changesDir:t.config.changesDir,cwd:s});if(i.length===0){u?(r.error("No change files present and --strict is set."),r.error(`Run \`vis release add\` to author one in ${t.config.changesDir??R}.`),process.exitCode=p?0:1):(r.warn("No change files present. PR will not produce a release."),process.exitCode=0);return}if(!u){r.info(`${i.length} change file(s) present. ✓`),process.exitCode=0;return}const m=t.config.baseBranch??"main",g=await E().run("git",["diff","--name-only",`${m}...HEAD`],{cwd:s,silent:!0});if(g.exitCode!==0){r.warn(`Could not run git diff vs ${m}: ${g.stderr}`),process.exitCode=0;return}const f=g.stdout.split(`
|
|
2
|
+
`).map(e=>e.trim()).filter(Boolean);if(f.length===0){r.info("No source files changed. ✓"),process.exitCode=0;return}const{default:w}=await import("./index.js"),k=t.config.changedFilePatterns??["**"],v=(e,n,l)=>{if(!e.startsWith(`${n}/`))return!1;const h=e.slice(n.length+1);return l.some(o=>w(o,h))},C=new Set(b(i).keys()),c=new Set;for(const e of f){const n=t.packages.find(o=>{const a=o.dir.startsWith(s)?o.dir.slice(s.length).replace(/^[/\\]/,""):o.dir;return e===`${a}/package.json`||e.startsWith(`${a}/`)});for(const o of t.packages){const a=t.perPackageConfig.get(o.name)?.additionalPaths;!a||a.length===0||a.some(P=>w(P,e))&&!C.has(o.name)&&c.add(o.name)}if(!n)continue;const l=n.dir.startsWith(s)?n.dir.slice(s.length).replace(/^[/\\]/,""):n.dir,h=t.perPackageConfig.get(n.name)?.changedFilePatterns??k;e!==`${l}/package.json`&&!v(e,l,h)||C.has(n.name)||c.add(n.name)}if(c.size>0){r.error("The following packages have changes but no covering change file:");for(const e of c)r.error(` - ${e}`);r.error("Run `vis release add` to author one."),process.exitCode=p?0:1;return}r.info(`${i.length} change file(s); ${f.length} changed file(s) all covered. ✓`),process.exitCode=0};export{y as default};
|
|
@@ -1,2 +1,3 @@
|
|
|
1
|
-
import{
|
|
2
|
-
`)
|
|
1
|
+
import{b as h}from"./orchestrator.js";import{escapeMarkdown as f}from"./security.js";import{createShellRunner as g}from"./shell-runner.js";import{d as w,a as R,u as $}from"../packem_shared/sticky-comment-D6_7-w8T.js";const k=(o,a)=>{const e=["### 🚀 Release Plan",""];if(a&&(e.push(`Channel: \`${a}\``),e.push("")),o.releases.length===0)return e.push("_No pending releases._ (Add a change file via `vis release add` to mark this PR as releasing.)"),e.join(`
|
|
2
|
+
`);const n={major:[],minor:[],patch:[]};for(const s of o.releases)n[s.type].push(s);for(const s of["major","minor","patch"])if(n[s].length!==0){e.push(`#### ${s.charAt(0).toUpperCase()}${s.slice(1)}`),e.push("");for(const r of n[s]){const t=[];r.isCascadeBump&&t.push("cascade"),r.isGroupBump&&t.push("group"),r.isDependencyBump&&!r.isCascadeBump&&t.push("dep-bump");const i=t.length>0?` _(${t.join(", ")})_`:"";e.push(`- \`${r.name}\`: ${r.oldVersion} → **${r.newVersion}**${i}`)}e.push("")}if(o.warnings.length>0){e.push("#### ⚠️ Warnings"),e.push("");for(const s of o.warnings)e.push(`- ${f(s)}`)}return e.join(`
|
|
3
|
+
`)},v=async({logger:o,options:a,workspaceRoot:e})=>{const n=e??process.cwd(),s=a.noFail===!0,r=a.strict===!0,t=g(),i=await w(t,n),c=R(process.env);(!i||!c)&&o.warn("Not running in a PR context (GITHUB_REF / PR_NUMBER missing or `gh repo view` failed). Falling back to local print.");const p=await h({cwd:n,skipRegistryLookup:!0}),{printConfigIfRequested:d}=await import("./print-config.js");if(d(a,p,o))return;const m=p.config.versionPr?.commentMarker??"<!-- vis-release-comment -->",l=k(p.plan,p.channel?.tag);if(i&&c){const u=await $({body:l,cwd:n,issueNumber:c,marker:m,repo:i,runner:t});if(u)o.info(`${u.created?"Posted":"Updated"} release-plan comment on PR #${c} (id: ${u.id}).`);else{o.error("Failed to post / update PR comment."),process.exitCode=s?0:1;return}}else o.info(l);r&&p.plan.releases.length===0&&(o.error("--strict and no pending releases."),process.exitCode=s?0:1)};export{v as default};
|
|
@@ -1,3 +1,6 @@
|
|
|
1
|
-
import{
|
|
2
|
-
`);const
|
|
3
|
-
|
|
1
|
+
import{createRequire as _}from"node:module";import{b as y}from"./orchestrator.js";const m=_(import.meta.url),r=typeof globalThis<"u"&&typeof globalThis.process<"u"?globalThis.process:process,g=n=>{if(typeof r<"u"&&r.versions&&r.versions.node){const[o,i]=r.versions.node.split(".").map(Number);if(o>22||o===22&&i>=3||o===20&&i>=16)return r.getBuiltinModule(n)}return m(n)},{appendFileSync:f}=g("node:fs"),B=async({logger:n,options:o,workspaceRoot:i})=>{const l=i??process.cwd(),s=await y({cwd:l,skipRegistryLookup:!0}),{printConfigIfRequested:u}=await import("./print-config.js");if(u(o,s,n))return;const t=s.plan.releases.length===0?"nothing":s.channel?.mode==="version-pr"?"version-pr":"publish",a=s.plan.releases.map(e=>e.name),p={channel:s.channel?.tag,mode:t,packages:a,plan:s.plan.releases.map(e=>({isCascadeBump:e.isCascadeBump,isDependencyBump:e.isDependencyBump,isGroupBump:e.isGroupBump,name:e.name,newVersion:e.newVersion,oldVersion:e.oldVersion,type:e.type})),prerelease:s.channel?.prerelease,warnings:s.plan.warnings};process.stdout.write(`${JSON.stringify(p,null,2)}
|
|
2
|
+
`);const c=process.env.GITHUB_OUTPUT;if(c){const e=[`mode=${t}`,`packages=${a.join(",")}`,`json<<__VIS_RELEASE_EOF__
|
|
3
|
+
${JSON.stringify(p)}
|
|
4
|
+
__VIS_RELEASE_EOF__`];try{f(c,`${e.join(`
|
|
5
|
+
`)}
|
|
6
|
+
`)}catch(d){n.warn(`Could not write $GITHUB_OUTPUT: ${d.message}`)}}};export{B as default};
|
|
@@ -1,6 +1 @@
|
|
|
1
|
-
import{
|
|
2
|
-
`);const c=process.env.GITHUB_OUTPUT;if(c){const e=[`mode=${t}`,`packages=${a.join(",")}`,`json<<__VIS_RELEASE_EOF__
|
|
3
|
-
${JSON.stringify(p)}
|
|
4
|
-
__VIS_RELEASE_EOF__`];try{f(c,`${e.join(`
|
|
5
|
-
`)}
|
|
6
|
-
`)}catch(d){n.warn(`Could not write $GITHUB_OUTPUT: ${d.message}`)}}};export{B as default};
|
|
1
|
+
import{b as f}from"./orchestrator.js";import{createShellRunner as g}from"./shell-runner.js";const p=async({logger:r,options:n,workspaceRoot:l})=>{const t=l??process.cwd(),i=g(),s=await f({cwd:t}),e=n.branch??s.config.versionPr?.branch??"vis-release/version-packages",o=n.base??s.config.baseBranch??"main";r.info(`Rebasing ${e} onto ${o}...`);const a=await i.run("git",["fetch","origin",`${e}:${e}`,o],{cwd:t,silent:!0});if(a.exitCode!==0){r.info(`No remote branch ${e} to rebase (${a.stderr.trim()||"fetch failed"}). Skipping.`);return}const c=await i.run("git",["switch",e],{cwd:t,silent:!0});if(c.exitCode!==0){r.error(`Could not switch to ${e}: ${c.stderr.trim()}`),process.exitCode=1;return}if((await i.run("git",["rebase",`origin/${o}`],{cwd:t,silent:!0})).exitCode!==0){await i.run("git",["rebase","--abort"],{cwd:t,silent:!0}),r.error("Rebase produced conflicts; aborting. Resolve manually, or let the next `vis release ci release` recompute the version PR from scratch."),process.exitCode=1;return}const u=await i.run("git",["rev-list","--count",`origin/${e}..${e}`],{cwd:t,silent:!0});if(u.exitCode===0&&u.stdout.trim()==="0"){r.info(`${e} is already up to date with ${o}. Nothing to push.`);return}const d=await i.run("git",["push","--force-with-lease","origin",`${e}:${e}`],{cwd:t,silent:!0});if(d.exitCode!==0){r.error(`Failed to force-push ${e}: ${d.stderr.trim()}`),process.exitCode=1;return}r.info(`Force-pushed ${e} after rebasing onto ${o}.`)};export{p as default};
|
|
@@ -1 +1,42 @@
|
|
|
1
|
-
|
|
1
|
+
const i=`
|
|
2
|
+
🔧 vis release CI setup
|
|
3
|
+
|
|
4
|
+
1. Workflow permissions
|
|
5
|
+
Add to .github/workflows/vis-release.yml:
|
|
6
|
+
permissions:
|
|
7
|
+
contents: write
|
|
8
|
+
pull-requests: write
|
|
9
|
+
id-token: write # required for OIDC trusted publishing on npm
|
|
10
|
+
|
|
11
|
+
2. Secrets
|
|
12
|
+
Required:
|
|
13
|
+
- VIS_GH_TOKEN — PAT or GitHub App token. Used to force-push the
|
|
14
|
+
version-PR branch and create/edit the version PR. The default
|
|
15
|
+
\${{ github.token }} is anti-recursion-locked and cannot trigger
|
|
16
|
+
downstream workflows on the version-PR.
|
|
17
|
+
- GH_TOKEN — \${{ github.token }} works for read-only / commenting.
|
|
18
|
+
Optional:
|
|
19
|
+
- NPM_TOKEN — fallback when OIDC is not available. Trusted Publishing
|
|
20
|
+
(id-token: write) is preferred.
|
|
21
|
+
|
|
22
|
+
3. Trusted Publishing on npm
|
|
23
|
+
For each published package:
|
|
24
|
+
a. https://npmjs.com/package/<name>/access → Publishing access
|
|
25
|
+
b. Add a Trusted Publisher with provider=GitHub Actions
|
|
26
|
+
c. Repository: visulima/visulima
|
|
27
|
+
d. Workflow filename: vis-release.yml
|
|
28
|
+
e. Environment name: (leave blank unless you use one)
|
|
29
|
+
|
|
30
|
+
4. Concurrency group (recommended)
|
|
31
|
+
concurrency:
|
|
32
|
+
group: vis-release-\${{ github.ref }}
|
|
33
|
+
cancel-in-progress: false
|
|
34
|
+
|
|
35
|
+
5. Husky pre-commit gate (optional)
|
|
36
|
+
Add to .husky/pre-commit:
|
|
37
|
+
vis release check --hook pre-commit --no-fail
|
|
38
|
+
(Or run \`vis release init\` and confirm the prompt — it'll auto-wire
|
|
39
|
+
the hook if you say yes.)
|
|
40
|
+
|
|
41
|
+
📚 RFC: packages/tooling/vis/rfc/design-release-manager.md (§16)
|
|
42
|
+
`,o=async({logger:e})=>{e.info(i)};export{o as default};
|
|
@@ -1,42 +1,8 @@
|
|
|
1
|
-
const
|
|
2
|
-
|
|
3
|
-
|
|
4
|
-
|
|
5
|
-
|
|
6
|
-
|
|
7
|
-
|
|
8
|
-
|
|
9
|
-
id-token: write # required for OIDC trusted publishing on npm
|
|
10
|
-
|
|
11
|
-
2. Secrets
|
|
12
|
-
Required:
|
|
13
|
-
- VIS_GH_TOKEN — PAT or GitHub App token. Used to force-push the
|
|
14
|
-
version-PR branch and create/edit the version PR. The default
|
|
15
|
-
\${{ github.token }} is anti-recursion-locked and cannot trigger
|
|
16
|
-
downstream workflows on the version-PR.
|
|
17
|
-
- GH_TOKEN — \${{ github.token }} works for read-only / commenting.
|
|
18
|
-
Optional:
|
|
19
|
-
- NPM_TOKEN — fallback when OIDC is not available. Trusted Publishing
|
|
20
|
-
(id-token: write) is preferred.
|
|
21
|
-
|
|
22
|
-
3. Trusted Publishing on npm
|
|
23
|
-
For each published package:
|
|
24
|
-
a. https://npmjs.com/package/<name>/access → Publishing access
|
|
25
|
-
b. Add a Trusted Publisher with provider=GitHub Actions
|
|
26
|
-
c. Repository: visulima/visulima
|
|
27
|
-
d. Workflow filename: vis-release.yml
|
|
28
|
-
e. Environment name: (leave blank unless you use one)
|
|
29
|
-
|
|
30
|
-
4. Concurrency group (recommended)
|
|
31
|
-
concurrency:
|
|
32
|
-
group: vis-release-\${{ github.ref }}
|
|
33
|
-
cancel-in-progress: false
|
|
34
|
-
|
|
35
|
-
5. Husky pre-commit gate (optional)
|
|
36
|
-
Add to .husky/pre-commit:
|
|
37
|
-
vis release check --hook pre-commit --no-fail
|
|
38
|
-
(Or run \`vis release init\` and confirm the prompt — it'll auto-wire
|
|
39
|
-
the hook if you say yes.)
|
|
40
|
-
|
|
41
|
-
📚 RFC: packages/tooling/vis/rfc/design-release-manager.md (§16)
|
|
42
|
-
`,o=async({logger:e})=>{e.info(i)};export{o as default};
|
|
1
|
+
import{b as g}from"./orchestrator.js";import{detectRemoteProvider as h,createRemoteClient as $}from"./detect2.js";import{createShellRunner as w}from"./shell-runner.js";import{runSnapshot as R}from"./snapshot.js";const y=(r,o)=>{if(r.length===0)return"_No packages were affected by this PR._";const n=["### 📦 Preview Packages",""];for(const e of r){const t=`${e.name}@${e.version}`;n.push(`- \`${e.name}\` → \`${e.version}\``),o?n.push(` \`\`\`sh
|
|
2
|
+
npm i ${t} --registry ${o}
|
|
3
|
+
\`\`\``):n.push(` \`\`\`sh
|
|
4
|
+
npm i ${t}
|
|
5
|
+
\`\`\``)}return n.join(`
|
|
6
|
+
`)},S=async({logger:r,options:o,workspaceRoot:n})=>{const e=n??process.cwd(),t=w(),l=await h(e,t),a=$(l),s=a.detectPullRequestNumber(process.env),p=o.tag??(s?`pr-${s}`:void 0);if(!p){r.error("Could not determine snapshot tag. Pass --tag or run in a PR context (GITHUB_REF=refs/pull/<n>/merge)."),process.exitCode=1;return}if(o.onClose){await C(e,t,a,s,r);return}let c,u;try{c=await g({cwd:e});const{printConfigIfRequested:i}=await import("./print-config.js");if(i(o,c,r))return;u=await R({context:c,runner:t,tag:p})}catch(i){r.error(`Snapshot failed: ${i.message}`),process.exitCode=1;return}if(r.info(`Snapshotted ${u.published.length} package(s) at version ${u.snapshotVersion} → tag "${u.tag}"`),!s)return;const d=await a.detectRepoSlug(e,t);if(!d){r.warn("Could not detect repo slug — skipping sticky PR comment.");return}const m="<!-- vis-release-snapshot-comment -->",f=`${m}
|
|
7
|
+
|
|
8
|
+
${y(u.published,c.config.snapshot?.registry)}`;try{const i=await a.upsertStickyComment(t,{body:f,cwd:e,issueNumber:s,marker:m,repo:d});i&&r.info(`${i.created?"Posted":"Updated"} snapshot comment on PR #${s}.`)}catch(i){r.warn(`upsertStickyComment failed (publish already succeeded): ${i.message}`)}},C=async(r,o,n,e,t)=>{if(!e){t.error("PR-close cleanup requires a PR context."),process.exitCode=1;return}const l=await n.detectRepoSlug(r,o);if(!l){t.warn("Could not detect repo slug — skipping cleanup.");return}const a=await o.run("gh",["api",`repos/${l}/pulls/${e}/commits`,"--paginate"],{cwd:r,silent:!0});if(a.exitCode!==0){t.warn(`gh api failed: ${a.stderr}`);return}let s;try{s=JSON.parse(a.stdout)}catch{t.warn("Could not parse gh api output.");return}const p=[`pr-${e}`];for(const c of s)p.push(c.sha,c.sha.slice(0,7));t.info(`Cleanup intent for PR #${e}: ${p.length} tag pattern(s) across ${s.length} commit(s)`),t.info("Default backend (pkg-pr-new) auto-cleans by TTL — no DELETE issued. Implement a custom backend's delete endpoint to enable real cleanup.")};export{S as default};
|
|
@@ -1,8 +1,9 @@
|
|
|
1
|
-
import{b as
|
|
2
|
-
npm i ${t} --registry ${o}
|
|
3
|
-
|
|
4
|
-
|
|
5
|
-
|
|
6
|
-
|
|
7
|
-
|
|
8
|
-
${
|
|
1
|
+
import{b as j}from"./orchestrator.js";const A=async({logger:u,options:m,workspaceRoot:h})=>{const c=h??process.cwd(),a=[];let n;try{n=await j({cwd:c}),a.push({message:"vis.config.ts loaded; release block parsed.",name:"config-loads",severity:"error",status:"pass"})}catch(e){a.push({message:`Config failed to load: ${e.message}`,name:"config-loads",severity:"error",status:"fail"}),await $(u,m,a),process.exitCode=1;return}n.packages.length===0?a.push({message:"No packages discovered. Ensure your package manager's workspace block resolves.",name:"workspace-discovered",severity:"error",status:"fail"}):a.push({message:`Discovered ${n.packages.length} workspace package(s).`,name:"workspace-discovered",severity:"info",status:"pass"});try{const e=await n.pm.detectVersion(c);e?a.push({message:`${n.pm.id}@${e} (min required: ${n.pm.minVersion})`,name:"pm-version",severity:"info",status:"pass"}):a.push({message:`Could not detect ${n.pm.id} version.`,name:"pm-version",severity:"warn",status:"skip"})}catch(e){a.push({message:`Skipped: ${e.message}`,name:"pm-version",severity:"warn",status:"skip"})}n.branch&&n.channel?a.push({message:`Branch "${n.branch}" → channel ${n.channel.tag}${n.channel.prerelease?` (preid: ${n.channel.prerelease})`:""}, mode: ${n.channel.mode}`,name:"branch-channel",severity:"info",status:"pass"}):n.branch&&!n.channel?a.push({message:`Branch "${n.branch}" does not match any configured channel. Releases will use dist-tag "latest" by default.`,name:"branch-channel",severity:"warn",status:"fail"}):a.push({message:"No branch detected (detached HEAD or non-git workspace).",name:"branch-channel",severity:"warn",status:"skip"});try{await import("node:child_process").then(({execSync:e})=>{try{return e("gh --version",{stdio:"ignore"}),!0}catch{return!1}})?a.push({message:"gh CLI is on PATH.",name:"gh-cli-available",severity:"info",status:"pass"}):a.push({message:"gh CLI not found. GH releases / PR comments will be skipped.",name:"gh-cli-available",severity:"warn",status:"fail"})}catch{}if(process.env.CI==="true"||process.env.GITHUB_ACTIONS==="true")try{const{createShellRunner:e}=await import("./shell-runner.js"),i=await e().run("gh",["auth","status","--show-token"],{cwd:c,silent:!0}),t=`${i.stdout}
|
|
2
|
+
${i.stderr}`,s=/Token scopes:\s*(.+)/.exec(t);if(i.exitCode!==0||!s)a.push({message:"Skipped: `gh auth status` did not return a parseable Token scopes line. (Fine-grained tokens / OIDC-only auth fall in this bucket.)",name:"github.token-scopes",severity:"info",status:"skip"});else{const r=s[1].split(",").map(l=>l.trim().replaceAll(/^['"]|['"]$/g,"")).filter(Boolean),o=new Set(["admin:org","admin:repo_hook","delete_repo","repo","site_admin"]),g=r.filter(l=>o.has(l));g.length>0?a.push({message:`Token carries broader scopes than vis needs: ${g.join(", ")}. The release flow needs only contents:write + pull-requests:write (+ optional id-token:write for OIDC). Consider provisioning a fine-grained PAT or scoping the workflow's permissions block.`,name:"github.token-scopes",severity:"warn",status:"fail"}):a.push({message:`Token scopes look appropriately narrow: ${r.join(", ")||"(none)"}.`,name:"github.token-scopes",severity:"info",status:"pass"})}}catch{a.push({message:"Skipped: gh auth status could not be invoked.",name:"github.token-scopes",severity:"info",status:"skip"})}(process.env.CI==="true"||process.env.GITHUB_ACTIONS==="true")&&(process.env.ACTIONS_ID_TOKEN_REQUEST_URL?a.push({message:"GitHub Actions OIDC env vars present.",name:"oidc-available",severity:"info",status:"pass"}):process.env.NPM_TOKEN?a.push({message:"OIDC env vars missing; falling back to NPM_TOKEN. Add `permissions: { id-token: write }` to the workflow to enable trusted publishing.",name:"oidc-available",severity:"warn",status:"fail"}):a.push({message:"Neither OIDC env vars nor NPM_TOKEN are set in CI. Publish will fail.",name:"oidc-available",severity:"error",status:"fail"}));const y=await import("node:fs/promises"),b=await import("node:path");for(const e of n.packages){if(e.manifest.napi===void 0)continue;const i=b.join(e.dir,"npm");try{const t=(await y.readdir(i,{withFileTypes:!0})).filter(g=>g.isDirectory());if(t.length===0){a.push({message:`${e.name} has a napi field but no npm/<platform>/ subdirs. Run pnpm exec napi artifacts before publishing.`,name:`napi-${e.name}-platforms`,severity:"warn",status:"fail"});continue}const s=[];for(const g of t){const l=b.join(i,g.name,"package.json");try{const p=JSON.parse(await y.readFile(l,"utf8"));p.version!==e.version&&s.push(`${g.name} (${p.version} vs parent ${e.version})`)}catch{s.push(`${g.name} (unreadable manifest)`)}}s.length>0?a.push({message:`${e.name}: platform versions out of sync — ${s.join(", ")}. They'll be re-synced on next publish.`,name:`napi-${e.name}-versions`,severity:"warn",status:"fail"}):a.push({message:`${e.name}: ${t.length} platform package(s), all versions in sync.`,name:`napi-${e.name}`,severity:"info",status:"pass"});const r=e.manifest.optionalDependencies??{},o=[];for(const g of t)try{const l=JSON.parse(await y.readFile(b.join(i,g.name,"package.json"),"utf8"));Object.hasOwn(r,l.name)||o.push(l.name)}catch{}o.length>0&&a.push({message:`${e.name}: missing optionalDependencies entries for: ${o.join(", ")}. Consumers won't get the right binary.`,name:`napi-${e.name}-optdeps`,severity:"error",status:"fail"})}catch{a.push({message:`${e.name}: could not read npm/ subdir.`,name:`napi-${e.name}-platforms`,severity:"warn",status:"skip"})}}{const{resolveVersionActionsId:e}=await import("./orchestrator.js").then(t=>t.w),i=n.packages.filter(t=>e(t,n.perPackageConfig.get(t.name)??{})==="jsr");for(const t of i){const s=n.perPackageConfig.get(t.name)??{},r=["jsr","publish","--dry-run","--allow-dirty"],o=s.jsrConfigPath;o!==void 0&&o!=="jsr.json"&&r.push("--config",o);for(const g of s.jsrPublishArgs??[])r.push(g);try{const g=await n.pm.runner.run("npx",r,{cwd:t.dir,silent:!0});g.exitCode===0?a.push({message:`${t.name}: \`jsr publish --dry-run\` passed.`,name:`jsr-dry-run/${t.name}`,severity:"info",status:"pass"}):a.push({message:`${t.name}: \`jsr publish --dry-run\` reported issues (slow types / exports / auth?): ${(g.stderr||g.stdout).trim().slice(0,300)}`,name:`jsr-dry-run/${t.name}`,severity:"warn",status:"fail"})}catch(g){a.push({message:`${t.name}: could not run \`npx jsr publish --dry-run\` (${g.message}). Install the jsr CLI / check network to enable this pre-flight.`,name:`jsr-dry-run/${t.name}`,severity:"warn",status:"skip"})}}}if(n.plan.warnings.length>0)for(const e of n.plan.warnings)a.push({message:e,name:"plan-warning",severity:"warn",status:"fail"});else a.push({message:n.plan.releases.length===0?"No pending releases.":`Plan resolves ${n.plan.releases.length} release(s).`,name:"plan-readable",severity:"info",status:"pass"});const d=n.config.publish?.guards;if(d?.packSecretScan)try{await import("@visulima/secret-scanner"),a.push({message:"@visulima/secret-scanner resolves; pack-set secret scanning will run.",name:"publish-guards.packSecretScan",severity:"info",status:"pass"})}catch{a.push({message:"publish.guards.packSecretScan is enabled but @visulima/secret-scanner is not installed. pnpm add -D @visulima/secret-scanner, or set the gate to false.",name:"publish-guards.packSecretScan",severity:"error",status:"fail"})}d?.audit&&d.audit!=="off"&&a.push({message:`Runtime npm audit gate active at "${d.audit}" severity.`,name:"publish-guards.audit",severity:"info",status:"pass"});const f=n.config.publish?.releaseAssets;if((f?.stampHashes||f?.uploadTarball)&&a.push({message:`Release-asset attestation: stampHashes=${f.stampHashes??!1}, uploadTarball=${f.uploadTarball??!1}.`,name:"publish-releaseAssets",severity:"info",status:"pass"}),n.config.publish?.stage){try{const{execSync:r}=await import("node:child_process"),o=r("npm --version",{stdio:["ignore","pipe","ignore"]}).toString().trim(),[g="0",l="0"]=o.split("."),p=Number.parseInt(g,10)>11||Number.parseInt(g,10)===11&&Number.parseInt(l,10)>=15;a.push({message:p?`npm ${o} supports \`npm stage publish\`.`:`npm ${o} is too old for staged publishing. Upgrade to npm ≥ 11.15.0.`,name:"publish-stage.npm-version",severity:p?"info":"error",status:p?"pass":"fail"})}catch{a.push({message:"publish.stage is enabled but npm is not on PATH.",name:"publish-stage.npm-version",severity:"error",status:"fail"})}const e=n.config.publish?.registry??"https://registry.npmjs.org/",i=/(?:^|:\/\/)registry\.npmjs\.(?:org|com)\//.test(e);a.push({message:i?"Registry is npmjs.com; staging is supported.":`publish.stage is enabled but registry "${e}" is not npmjs.com. Staging is npm Inc-specific; the request will be rejected.`,name:"publish-stage.registry",severity:i?"info":"warn",status:i?"pass":"fail"});const t=n.packages.filter(r=>r.manifest.publishConfig?.access==="restricted"),s=!!process.env.ACTIONS_ID_TOKEN_REQUEST_URL&&!process.env.NPM_TOKEN;t.length>0&&s&&a.push({message:`${t.length} package(s) have publishConfig.access: "restricted" and OIDC trusted publishing is active. Staging this combo is not supported in v1 (no static token for the post-decision read). Set NPM_TOKEN, or disable publish.stage for these packages.`,name:"publish-stage.oidc-restricted",severity:"error",status:"fail"})}try{const{DEFAULT_CHANGES_DIR:e}=await import("./DEFAULT_CLEAN_KEEP.js"),{readStagedRegistry:i}=await import("./staged-registry.js"),t=await i(c,n.config.changesDir??e);if(t.pending.length>0){const s=t.pending.map(r=>`${r.name}@${r.version} (${r.reason})`).join(", ");a.push({message:`${t.pending.length} pending stage(s) recorded in .vis/release/staged.json: ${s}. Approve / reject before the next release: vis release stage approve --all`,name:"publish-stage.pending",severity:"warn",status:"fail"})}}catch{}try{const{DEFAULT_CHANGES_DIR:e}=await import("./DEFAULT_CLEAN_KEEP.js"),{readFile:i}=await import("node:fs/promises"),{join:t}=await import("node:path"),s=t(c,n.config.changesDir??e,".state.json"),r=await i(s,"utf8"),o=JSON.parse(r);Array.isArray(o.stagedIds)&&o.stagedIds.length>0&&a.push({message:`Found ${o.stagedIds.length} legacy stage id(s) in .state.json#stagedIds: ${o.stagedIds.join(", ")}. The new registry lives in .vis/release/staged.json. Approve / reject these via npmjs.com or \`vis release stage approve <id>\` to avoid losing them.`,name:"publish-stage.legacy-stagedIds",severity:"warn",status:"fail"})}catch{}{const e=n.packages.filter(i=>n.perPackageConfig.get(i.name)?.versionActions==="shell");for(const i of e){const t=n.perPackageConfig.get(i.name)??{},s=n.config.allowCustomCommands,r=s===!0||Array.isArray(s)&&s.includes(i.name),o=t.publishCommand!==void 0&&t.publishCommand!=="";r||a.push({message:`${i.name} uses versionActions: "shell" but release.allowCustomCommands does not permit it. Set allowCustomCommands: true or include "${i.name}" in the array.`,name:`shell-actions.${i.name}.trust-gate`,severity:"error",status:"fail"}),o?r&&a.push({message:`${i.name} → shell publish (${Array.isArray(t.publishCommand)?`${t.publishCommand.length} commands`:"1 command"}).`,name:`shell-actions.${i.name}`,severity:"info",status:"pass"}):a.push({message:`${i.name} uses versionActions: "shell" but no publishCommand is configured. Set release.packages["${i.name}"].publishCommand.`,name:`shell-actions.${i.name}.publish-command`,severity:"error",status:"fail"})}}if(!n.config.gitUser)try{const{createShellRunner:e}=await import("./shell-runner.js"),i=e(),t=await i.run("git",["config","user.name"],{cwd:c,silent:!0}),s=await i.run("git",["config","user.email"],{cwd:c,silent:!0}),r=t.exitCode===0&&t.stdout.trim().length>0,o=s.exitCode===0&&s.stdout.trim().length>0;!r||!o?a.push({message:`git config user.name/user.email is not set (name=${r?"ok":"missing"}, email=${o?"ok":"missing"}). vis auto-commits staged.json and version bumps — these will fail without an identity. Set release.gitUser in vis.config.ts or configure git globally.`,name:"git.identity",severity:"warn",status:"fail"}):a.push({message:`git identity: ${t.stdout.trim()} <${s.stdout.trim()}>.`,name:"git.identity",severity:"info",status:"pass"})}catch{}if(n.config.signing){const{signing:e}=n.config;try{const{createShellRunner:i}=await import("./shell-runner.js"),t=i(),s=await t.run("git",["config","user.signingkey"],{cwd:c,silent:!0}),r=await t.run("git",["config","gpg.format"],{cwd:c,silent:!0}),o=s.exitCode===0?s.stdout.trim():"",g=r.exitCode===0?r.stdout.trim():"",l=o.length>0||!!e.key;if(e.mode==="ssh")g!=="ssh"||!l?a.push({message:`release.signing.mode is "ssh" but git config is incomplete (gpg.format=${g||"<unset>"}, user.signingkey=${l?"ok":"missing"}). Run \`git config gpg.format ssh\` and \`git config user.signingkey <path-to-key>\` before releasing.`,name:"git.signing",severity:"warn",status:"fail"}):a.push({message:"git signing: ssh mode active (gpg.format=ssh, signingkey configured).",name:"git.signing",severity:"info",status:"pass"});else if(e.mode==="sigstore"){const{gitsignAvailable:p}=await import("./git.js");await p({cwd:c,runner:t})?a.push({message:"git signing: sigstore mode (preview); gitsign is on PATH.",name:"git.signing",severity:"info",status:"pass"}):a.push({message:'release.signing.mode is "sigstore" (preview) but gitsign is not on PATH. Tags will fall back to GPG signing with a warning. Install gitsign: https://github.com/sigstore/gitsign',name:"git.signing",severity:"warn",status:"fail"})}else if(l){const p=e.key?/[\\/]/.test(e.key)||/\.(?:pem|gpg|key|asc|p12|pfx)$/i.test(e.key)||e.key.length<8?"configured":`…${e.key.slice(-4)}`:"from git config";a.push({message:`git signing: gpg mode active (key: ${p}).`,name:"git.signing",severity:"info",status:"pass"})}else a.push({message:'release.signing.mode is "gpg" but neither release.signing.key nor git config user.signingkey is set. Configure one before releasing.',name:"git.signing",severity:"warn",status:"fail"})}catch(i){a.push({message:`Could not verify git signing config: ${i.message}.`,name:"git.signing",severity:"warn",status:"skip"})}}if(n.config.floatingMajorTag===!0&&n.config.signing?.mode==="sigstore"&&a.push({message:`release.floatingMajorTag and release.signing.mode="sigstore" are both enabled. The floating-tag retarget force-pushes <unscoped-name>-v<major> (e.g. acme-action-v1) on every release, which appends a new sigstore transparency-log entry to Rekor each time (Rekor is append-only — entries are never removed). Over a long-lived major you'll accumulate one log entry per release. Consider either dropping floatingMajorTag (and pin consumers to a specific tag) or switching to gpg/ssh signing if the Rekor footprint matters for your project.`,name:"floating-major-tag.signing-risk",severity:"warn",status:"fail"}),n.config.floatingMajorTag===!0)try{const{createShellRunner:e}=await import("./shell-runner.js"),i=await e().run("git",["tag","--list","v*"],{cwd:c,silent:!0});if(i.exitCode===0){const t=i.stdout.split(`
|
|
3
|
+
`).map(s=>s.trim()).filter(s=>/^v\d+$/.test(s));if(t.length===0)a.push({message:"No legacy `v<major>` tags found; floating-tag migration is clean.",name:"floating-major-tag.legacy-tags",severity:"info",status:"pass"});else{const s=t.slice(0,5),r=t.length>5?` (+${t.length-5} more)`:"",o=t[0],g=o.slice(1);a.push({message:`Legacy floating-major tags detected (${s.join(", ")}${r}). After upgrading the floating-tag format to \`<safe-name>-v<major>\`, these legacy tags are no longer updated. Consumers pinning \`<repo>@${o}\` will silently freeze at the pre-upgrade commit. Migration:
|
|
4
|
+
1. Re-tag the legacy tag to point at the new floating tag:
|
|
5
|
+
git tag -f ${o} <safe-name>-v${g}
|
|
6
|
+
git push --force origin ${o}
|
|
7
|
+
2. Or sunset the legacy tag and announce the new pin to consumers.`,name:"floating-major-tag.legacy-tags",severity:"warn",status:"fail"})}}else a.push({message:`Skipped: \`git tag --list "v*"\` exited ${i.exitCode}.`,name:"floating-major-tag.legacy-tags",severity:"info",status:"skip"})}catch(e){a.push({message:`Skipped: could not list git tags: ${e.message}.`,name:"floating-major-tag.legacy-tags",severity:"info",status:"skip"})}if(m.firstRelease===!0){const e=[];try{const{createShellRunner:i}=await import("./shell-runner.js"),t=i(),s=new Set,r=n.config.releaseTagPattern??"{name}@{version}";s.add(r);for(const o of n.packages){const g=n.perPackageConfig.get(o.name)?.releaseTagPattern??r;s.add(g)}for(const o of s){const g=o.replaceAll(/\{(?:name|unscopedName|version|major|minor|patch|date|channel)\}/g,()=>"*"),l=await t.run("git",["tag","--list",g],{cwd:c,silent:!0});if(l.exitCode!==0)continue;const p=l.stdout.split(`
|
|
8
|
+
`).map(v=>v.trim()).filter(Boolean);p.length>0&&e.push(`Found ${p.length} git tag(s) matching "${o}": ${p.slice(0,5).join(", ")}${p.length>5?` (+${p.length-5} more)`:""}.`)}}catch(i){e.push(`Could not scan git tags: ${i.message}.`)}try{const{resolveVersionActionsId:i}=await import("./orchestrator.js").then(s=>s.w),{createVersionActions:t}=await import("../packem_shared/createVersionActions-BK43SNDH.js");for(const s of n.packages){const r=n.perPackageConfig.get(s.name),o=i(s,r??{});let g;try{g=t(o)}catch{continue}let l;try{l=await g.readPublishedVersion.call(g,{perPackageConfig:r,pkg:s,pm:n.pm})}catch{continue}l&&l.length>0&&e.push(`${s.name} is already published at version ${l}.`)}}catch(i){e.push(`Could not probe published versions: ${i.message}.`)}e.length>0?a.push({message:`--first-release is set but the workspace is NOT greenfield: ${e.join(" ")} Remove --first-release and run a normal release, or roll back the existing tags / unpublish before bootstrapping.`,name:"first-release.repo-not-greenfield",severity:"error",status:"fail"}):a.push({message:"Workspace looks greenfield (no matching release tags, no published versions detected). Safe to use --first-release.",name:"first-release.repo-not-greenfield",severity:"info",status:"pass"})}if(n.config.gitlabHost){const{detectRemoteProvider:e}=await import("./detect2.js"),{createShellRunner:i}=await import("./shell-runner.js"),t=await e(c,i(),n.config.provider);t==="gitlab"?a.push({message:`Self-hosted GitLab host configured: ${n.config.gitlabHost}.`,name:"gitlab-host",severity:"info",status:"pass"}):a.push({message:`release.gitlabHost is set ("${n.config.gitlabHost}") but the resolved provider is "${t}". The host will be ignored. Either set release.provider: "gitlab" or remove gitlabHost.`,name:"gitlab-host",severity:"warn",status:"fail"})}if(n.config.githubHost){const{detectRemoteProvider:e}=await import("./detect2.js"),{createShellRunner:i}=await import("./shell-runner.js"),t=await e(c,i(),n.config.provider);t==="github"?await import("node:child_process").then(({execSync:s})=>{try{return s("gh --version",{stdio:"ignore"}),!0}catch{return!1}})?a.push({message:`Self-hosted GitHub Enterprise host configured: ${n.config.githubHost}.`,name:"github-host",severity:"info",status:"pass"}):a.push({message:`release.githubHost is set ("${n.config.githubHost}") but the gh CLI is not on PATH. Install gh and run \`gh auth login --hostname ${n.config.githubHost}\` before releasing.`,name:"github-host",severity:"error",status:"fail"}):a.push({message:`release.githubHost is set ("${n.config.githubHost}") but the resolved provider is "${t}". The host will be ignored. Either set release.provider: "github" or remove githubHost.`,name:"github-host",severity:"warn",status:"fail"})}{const e=await import("node:fs/promises"),i=await import("node:path");let t;for(const s of n.packages){const r=n.perPackageConfig.get(s.name);if(r){if(r.uvLockPath){const o=i.isAbsolute(r.uvLockPath)?r.uvLockPath:i.join(s.dir,r.uvLockPath);try{await e.access(o),a.push({message:`uv.lock present at ${o}.`,name:`uv-lockfile/${s.name}`,severity:"info",status:"pass"})}catch{a.push({message:`${s.name}: configured uvLockPath "${r.uvLockPath}" doesn't exist (expected ${o}). Run \`uv lock\` to generate it, or remove uvLockPath if the lockfile lives elsewhere.`,name:`uv-lockfile/${s.name}`,severity:"warn",status:"fail"})}}if(r.uvWorkspace?.root){const o=i.resolve(s.dir,r.uvWorkspace.root),g=i.relative(o,s.dir).replaceAll("\\","/");switch(t||({checkUvWorkspaceMembership:t}=await import("./registry.js").then(l=>l.g)),await t(o,g)){case"member":{a.push({message:`${s.name} is a member of the uv workspace rooted at ${o}.`,name:`uv-workspace/${s.name}`,severity:"info",status:"pass"});break}case"no-root-pyproject":{a.push({message:`${s.name}: uvWorkspace.root points at ${o} but no pyproject.toml was found there. Verify the path is correct.`,name:`uv-workspace/${s.name}`,severity:"warn",status:"fail"});break}case"no-workspace":{a.push({message:`${s.name}: uvWorkspace.root points at ${o} but that pyproject.toml has no [tool.uv.workspace] block. Add one with a "members" list, or drop the uvWorkspace setting.`,name:`uv-workspace/${s.name}`,severity:"warn",status:"fail"});break}default:a.push({message:`${s.name}: uv workspace root at ${o} has [tool.uv.workspace] but its "members" list doesn't include "${g}". Add the package to members or correct uvWorkspace.root.`,name:`uv-workspace/${s.name}`,severity:"warn",status:"fail"})}}}}}const{execFileSync:w}=await import("node:child_process"),k=(e,i)=>{const t=e.split(".").map(r=>Number.parseInt(r,10)),s=i.split(".").map(r=>Number.parseInt(r,10));for(const[r,o]of s.entries()){const g=t[r]??0;if(g!==(o??0))return g>(o??0)}return!0};{const e=process.versions.node,[i=0,t=0]=e.split(".").map(r=>Number.parseInt(r,10)),s=i===22&&t>=14||i>=24||i===23;a.push({message:`node@${e} (min: 22.14.0 || >=24.10.0)`,name:"node-version",severity:s?"info":"error",status:s?"pass":"fail"})}for(const[e,i,t]of[["git","2.31","git-version"],["gh","2.40","gh-version"]])try{const s=w(e,["--version"],{stdio:["ignore","pipe","ignore"]}).toString(),r=/(\d+\.\d+\.\d+)/.exec(s);if(!r)continue;const o=k(r[1],i);a.push({message:`${e}@${r[1]} (min: ${i})`,name:t,severity:o?"info":e==="git"?"error":"warn",status:o?"pass":"fail"})}catch{}{const e=new Set([n.config.publish?.registry??"https://registry.npmjs.org"]);for(const i of n.packages){const t=n.perPackageConfig.get(i.name)?.registry;t&&e.add(t)}for(const i of e)try{const t=i.replace(/\/+$/,""),s=await fetch(`${t}/-/ping`,{method:"HEAD",signal:AbortSignal.timeout(3e3)});a.push({message:`${i} reachable (HTTP ${s.status}).`,name:"registry-reachable",severity:s.ok||s.status===404?"info":"warn",status:"pass"})}catch(t){a.push({message:`${i} not reachable: ${t.message}. Publishing may fail (or you're offline — this is a warning).`,name:"registry-reachable",severity:"warn",status:"fail"})}}try{const e=w("git",["tag","--list"],{cwd:c,stdio:["ignore","pipe","ignore"]}).toString().split(/\r?\n/).map(s=>s.trim()).filter(Boolean),i=/(?:^|@)\d+\.\d+\.\d+(?:[-+].+)?$/,t=e.filter(s=>!i.test(s)&&!/^v?\d+\.\d+\.\d+/.test(s));a.push({message:e.length===0?"No git tags yet (fresh repo).":`${e.length-t.length}/${e.length} tags parse as a release tag${t.length>0?` (unrecognised: ${t.slice(0,3).join(", ")}${t.length>3?"…":""})`:""}.`,name:"tags-parseable",severity:"warn",status:t.length>0?"fail":"pass"})}catch{}{const{readFile:e}=await import("node:fs/promises"),i=await import("node:path");let t=0,s=0;for(const r of n.packages)try{const o=await e(i.join(r.dir,"CHANGELOG.md"),"utf8");s+=1,/^#{1,2}\s/m.test(o)&&(t+=1)}catch{}s>0&&a.push({message:`${t}/${s} existing CHANGELOG.md file(s) have a recognised heading structure.`,name:"changelog-format",severity:"info",status:t===s?"pass":"fail"})}try{const e=await n.pm.readCatalogYaml(c);if(e){const{parseCatalogs:i}=await import("./registry.js").then(r=>r.f),t=i(e),s=[];for(const r of n.packages)for(const o of["dependencies","devDependencies","peerDependencies","optionalDependencies"]){const g=r.manifest[o];if(!(!g||typeof g!="object"))for(const[l,p]of Object.entries(g)){if(typeof p!="string"||!p.startsWith("catalog:"))continue;const v=p.slice(8)||"default";(v==="default"?t.default?.[l]:t.named?.[v]?.[l])||s.push(`${r.name} → ${l} (${p})`)}}a.push({message:s.length===0?"All catalog: references resolve against pnpm-workspace.yaml.":`${s.length} catalog: reference(s) don't resolve: ${s.slice(0,3).join("; ")}${s.length>3?"…":""}`,name:"catalog-consistency",severity:"warn",status:s.length===0?"pass":"fail"})}}catch{}await $(u,m,a);const C=a.some(e=>e.severity==="error"&&e.status==="fail");process.exitCode=C?1:0},$=async(u,m,h)=>{if(m.json){process.stdout.write(`${JSON.stringify({checks:h},null,2)}
|
|
9
|
+
`);return}for(const c of h){const a=`${c.status==="pass"?"✓":c.status==="fail"?"✗":"—"} [${c.severity}] ${c.name}: ${c.message}`;c.severity==="error"&&c.status==="fail"?u.error(a):c.severity==="warn"&&c.status==="fail"?u.warn(a):u.info(a)}};export{A as default};
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import{
|
|
2
|
-
`)}
|
|
3
|
-
`);
|
|
4
|
-
`)
|
|
1
|
+
import{P as N}from"./cli-main.js";import"../packem_shared/index-CE6MsgcV.js";import"../packem_shared/public-api-WqUCiyIe.js";import{K as C,Z as P,W as T}from"../packem_shared/ai-analysis-CO6S0afy.js";import{R as I,T as j,E as h,N as q,a as x,f as z,q as A,I as F}from"./catalog.js";const M=/^[\^~>=<]+/,V=async({argument:v,logger:n,options:c,visConfig:l,workspaceRoot:f})=>{if(!f)throw new Error("Could not determine workspace root. Run this command inside a monorepo.");const m=v,e=m[0];if(!e)throw new Error("Package name is required. Usage: vis analyze <package> [version]");const p=m[1],{packageManager:R}=N(f);let t,u="default";const b=I(f,R);for(const[o,i]of b){const a=i.get(e);if(a){t=a,u=o;break}}if(!t)throw new Error(`Package "${e}" not found in any catalog or package.json. Make sure it exists in your workspace dependencies.`);let r;if(p)r=p;else{n.info(`Fetching latest version for ${e}...
|
|
2
|
+
`);const o=await j(e);if(!o.latest)throw new Error(`Could not determine latest version for "${e}".`);r=o.latest}const d=h(t),w=h(r);if(!d||!w)throw new Error(`Could not parse versions: current="${t}", target="${r}".`);const k=A(d,w);if(k==="none"){n.info(`${e} is already at ${r}. Nothing to analyze.`);return}const E=F(t),g={catalogName:u,currentRange:t,newRange:`${E}${r}`,packageName:e,targetVersion:r,updateType:k},y=C(c.aiType??"impact");if(y==="security"||c.security){n.info(`Checking for known vulnerabilities...
|
|
3
|
+
`);const o=t.replace(M,""),i=(await q([{name:e,version:o}])).get(e);i&&i.length>0&&(g.vulnerabilities=i);const a=x(l?.security,{minimumScore:l?.security?.policies?.score?.minimum});if(a.length>0){const s=(await z(a,[{name:e,version:o}])).get(`${e}@${o}`);s&&(g.socketReport={alerts:s.alerts,license:s.license,score:s.score})}}const $=await P([g],n,l?.ai,y);(c.format??"table")==="json"?process.stdout.write(`${JSON.stringify($,void 0,2)}
|
|
4
|
+
`):n.info(T($))};export{V as default};
|