@visulima/vis 1.0.0-alpha.44 → 1.0.0-alpha.45

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (105) hide show
  1. package/CHANGELOG.md +51 -0
  2. package/dist/bin.js +1 -1
  3. package/dist/binx.js +1 -1
  4. package/dist/packem_chunks/bloom-status.js +1 -1
  5. package/dist/packem_chunks/bloom-sync.js +1 -1
  6. package/dist/packem_chunks/catalog.js +63 -62
  7. package/dist/packem_chunks/cli-exec.js +1 -1
  8. package/dist/packem_chunks/cli-main.js +172 -973
  9. package/dist/packem_chunks/detect.js +1 -1
  10. package/dist/packem_chunks/fix.js +1 -1
  11. package/dist/packem_chunks/handler.js +1 -1
  12. package/dist/packem_chunks/handler10.js +1 -1
  13. package/dist/packem_chunks/handler11.js +1 -1
  14. package/dist/packem_chunks/handler12.js +2 -2
  15. package/dist/packem_chunks/handler13.js +1 -1
  16. package/dist/packem_chunks/handler14.js +1 -1
  17. package/dist/packem_chunks/handler15.js +1 -1
  18. package/dist/packem_chunks/handler16.js +1 -1
  19. package/dist/packem_chunks/handler17.js +1 -1
  20. package/dist/packem_chunks/handler18.js +1 -1
  21. package/dist/packem_chunks/handler19.js +1 -1
  22. package/dist/packem_chunks/handler21.js +1 -1
  23. package/dist/packem_chunks/handler24.js +1 -1
  24. package/dist/packem_chunks/handler27.js +1 -1
  25. package/dist/packem_chunks/handler28.js +1 -1
  26. package/dist/packem_chunks/handler29.js +1 -1
  27. package/dist/packem_chunks/handler3.js +1 -1
  28. package/dist/packem_chunks/handler30.js +1 -1
  29. package/dist/packem_chunks/handler4.js +1 -1
  30. package/dist/packem_chunks/handler5.js +3 -3
  31. package/dist/packem_chunks/handler50.js +4 -4
  32. package/dist/packem_chunks/handler51.js +3 -3
  33. package/dist/packem_chunks/handler57.js +4 -4
  34. package/dist/packem_chunks/handler58.js +1 -1
  35. package/dist/packem_chunks/handler59.js +1 -1
  36. package/dist/packem_chunks/handler6.js +6 -6
  37. package/dist/packem_chunks/handler60.js +1 -1
  38. package/dist/packem_chunks/handler61.js +1 -1
  39. package/dist/packem_chunks/handler62.js +2 -2
  40. package/dist/packem_chunks/handler63.js +4 -4
  41. package/dist/packem_chunks/handler65.js +2 -2
  42. package/dist/packem_chunks/handler66.js +13 -13
  43. package/dist/packem_chunks/handler67.js +5 -5
  44. package/dist/packem_chunks/handler68.js +16 -16
  45. package/dist/packem_chunks/handler69.js +5 -5
  46. package/dist/packem_chunks/handler7.js +1 -1
  47. package/dist/packem_chunks/handler71.js +1 -1
  48. package/dist/packem_chunks/handler72.js +2 -2
  49. package/dist/packem_chunks/handler73.js +13 -13
  50. package/dist/packem_chunks/handler74.js +3 -3
  51. package/dist/packem_chunks/handler75.js +3 -3
  52. package/dist/packem_chunks/handler76.js +5 -5
  53. package/dist/packem_chunks/handler9.js +1 -1
  54. package/dist/packem_chunks/heal-accept.js +1 -1
  55. package/dist/packem_chunks/heal.js +1 -1
  56. package/dist/packem_chunks/help-command.js +1 -1
  57. package/dist/packem_chunks/index2.js +802 -7
  58. package/dist/packem_chunks/index3.js +7 -135
  59. package/dist/packem_chunks/index4.js +134 -73
  60. package/dist/packem_chunks/index5.js +74 -0
  61. package/dist/packem_chunks/keys-refresh.js +1 -1
  62. package/dist/packem_chunks/lean.js +1 -1
  63. package/dist/packem_chunks/list.js +1 -1
  64. package/dist/packem_chunks/loader.js +1 -1
  65. package/dist/packem_chunks/print-config.js +1 -1
  66. package/dist/packem_chunks/registry.js +2 -2
  67. package/dist/packem_chunks/shell-runner.js +1 -1
  68. package/dist/packem_chunks/sync.js +1 -1
  69. package/dist/packem_chunks/sync2.js +1 -1
  70. package/dist/packem_chunks/tripwire.js +2 -2
  71. package/dist/packem_chunks/ts-loader.js +1 -1
  72. package/dist/packem_chunks/verify-lockfile.js +1 -1
  73. package/dist/packem_chunks/version-resolver.js +2 -2
  74. package/dist/packem_shared/{Table-CcVkyULl-DLWu6XHL.js → Table-BGIHvenQ-D2oJtNQj.js} +1 -1
  75. package/dist/packem_shared/affected-shas-CCxG4tvm.js +1 -0
  76. package/dist/packem_shared/{ai-analysis-CO6S0afy.js → ai-analysis-rC48NLfB.js} +4 -4
  77. package/dist/packem_shared/{ai-fix-CI0Vvqld.js → ai-fix-D_ijV3Rn.js} +3 -3
  78. package/dist/packem_shared/bin-CPMo34SM.js +1 -0
  79. package/dist/packem_shared/{command-runtime-BE-vKsGH.js → command-runtime-3FTGuUsK.js} +1 -1
  80. package/dist/packem_shared/{env-C2ZCnfP_.js → env-Ct3hMEYB.js} +1 -1
  81. package/dist/packem_shared/{failure-log-jFfZRJK9.js → failure-log-Dy2G-rKi.js} +1 -1
  82. package/dist/packem_shared/{index-CQjzW7m8.js → index-Cntyu-w8.js} +1 -1
  83. package/dist/packem_shared/{index-D7EZ612R.js → index-XAb0QGqA.js} +1 -1
  84. package/dist/packem_shared/{lifecycle-Dyb47wbD.js → lifecycle-CHcFuWf_.js} +1 -1
  85. package/dist/packem_shared/{osv-bloom-BsQ-aFiM.js → osv-bloom-DVMlkcAO.js} +2 -2
  86. package/dist/packem_shared/{packument-DquNPIq9.js → packument-C-A3Uhhx.js} +1 -1
  87. package/dist/packem_shared/pm-runner-CQcraCcu.js +1 -0
  88. package/dist/packem_shared/{provenance-DIq8KyBV.js → provenance-R2csDSNg.js} +1 -1
  89. package/dist/packem_shared/{registry-keys-C8K11ets.js → registry-keys-CMnS_Qt_.js} +1 -1
  90. package/dist/packem_shared/{resolve-explicit-Dr4kIybR.js → resolve-explicit-C4oQMyoB.js} +1 -1
  91. package/dist/packem_shared/resolve-runtime-QRaQucfL.js +1 -0
  92. package/dist/packem_shared/{s1ngularity-CtMmtXJo.js → s1ngularity-BCDt28u0.js} +1 -1
  93. package/dist/packem_shared/scan-progress-YRpDs90j.js +2 -0
  94. package/dist/packem_shared/{signatures-CE8OAK-i.js → signatures-B3srzCEv.js} +1 -1
  95. package/dist/packem_shared/use-measured-height-DHi0xOPO.js +1 -0
  96. package/dist/packem_shared/{vis-update-app-Cpme_3Du.js → vis-update-app-B3I14Vfy.js} +1 -1
  97. package/index.js +52 -52
  98. package/package.json +11 -11
  99. package/dist/packem_shared/affected-shas-CwRY5aoc.js +0 -1
  100. package/dist/packem_shared/bin-P6Q5tKrP.js +0 -1
  101. package/dist/packem_shared/pm-runner-D4jM58Oz.js +0 -1
  102. package/dist/packem_shared/resolve-runtime-Tx0bvg0h.js +0 -1
  103. package/dist/packem_shared/scan-progress-D4yywI6P.js +0 -2
  104. package/dist/packem_shared/use-measured-height-XK9YSwtv.js +0 -1
  105. package/dist/packem_shared/window-ops-DDePlWLV.js +0 -2
@@ -1,10 +1,10 @@
1
- import{createRequire as mt}from"node:module";import{E as v,j as le,q as ke,I as fe,V as ve,s as Re}from"../packem_shared/index.server-J83sowC4.js";import{a5 as wt,U as yt,V as kt,W as vt,T as bt,y as jt,X as $t,Y as Pe,p as d,P as qe,S as N}from"./cli-main.js";import{m as q,f as be,a as St,v as Ct,A as Rt,B as Xe}from"../packem_shared/index-CE6MsgcV.js";import{E as Tt}from"../packem_shared/public-api-WqUCiyIe.js";import{m as s,n as u,i as r,r as O,R as Ke,a as Je,$ as At,c as It,g as Nt,V as Mt,N as Et,f as Dt}from"./catalog.js";import{g as Ft,B as ze,h as Qe}from"../packem_shared/env-C2ZCnfP_.js";import"../packem_shared/window-ops-DDePlWLV.js";import{I as Ot}from"../packem_shared/index-B0EsgdzO.js";import{a as et}from"../packem_shared/readJsonSync-CvkZyKmL-ihoybKvs.js";import{findVisConfigFile as Bt}from"./CONFIG_FILES.js";import{A as tt,x as Be,N as Lt,F as _t,T as Vt,a as Gt,I as Ut,U as Ht}from"./handler66.js";import{w as it,R as Yt}from"../packem_shared/pm-runner-D4jM58Oz.js";import{c as Wt}from"../packem_shared/runtime-check-BXehSP06.js";import{s as qt}from"../packem_shared/scan-progress-D4yywI6P.js";import{l as Xt,r as Kt,f as Jt}from"../packem_shared/dependency-scan-DpOFiZuI.js";import{o as st}from"../packem_shared/spinner-DuJJvFTl.js";import{F as Qt,a as Zt}from"../packem_shared/tabs-CgxCvjCY.js";import{u as ei}from"../packem_shared/use-measured-height-XK9YSwtv.js";import{u as ti}from"./ts-loader.js";import{s as ii}from"../packem_shared/verify-DStfg3nb.js";const xt=mt(import.meta.url),we=typeof globalThis<"u"&&typeof globalThis.process<"u"?globalThis.process:process,We=e=>{if(typeof we<"u"&&we.versions&&we.versions.node){const[t,i]=we.versions.node.split(".").map(Number);if(t>22||t===22&&i>=3||t===20&&i>=16)return we.getBuiltinModule(e)}return xt(e)},{spawnSync:Te}=We("node:child_process"),{rmSync:Oe,writeFileSync:Pt,statSync:zt,readFileSync:Ze}=We("node:fs"),Ie=()=>q(Ft(),"doctor"),si=1800*1e3,Le=e=>{if(!e)return"";try{return String(zt(e).mtimeMs)}catch{return""}},ri=2,ni=e=>{const t=JSON.stringify({configMtime:Le(e.configPath),lockfileMtime:Le(e.lockfilePath),schema:ri,sections:[...e.sections].toSorted(),socketEnabled:e.socketEnabled,workspaceRoot:e.workspaceRoot});return wt(Buffer.from(t))},oi=e=>{const t=q(Ie(),`${e}.json`);if(be(t))try{const i=et(t);if(Date.now()-i.createdAt>i.ttlMs){Oe(t,{force:!0});return}return{...i.results,sections:new Set(i.results.sections)}}catch{Oe(t,{force:!0});return}},li=(e,t,i=si)=>{St(Ie());const l={createdAt:Date.now(),results:{...t,sections:[...t.sections]},ttlMs:i};Pt(q(Ie(),`${e}.json`),JSON.stringify(l,void 0,2),"utf8")},$e="orphans",ai=()=>{if(process.platform!=="linux")return{id:"inotify",message:"inotify capacity check skipped (not Linux).",status:"skip"};let e;try{const t=Ze("/proc/sys/fs/inotify/max_user_watches","utf8").trim(),i=Number.parseInt(t,10);Number.isFinite(i)&&i>0&&(e=i)}catch{return{id:"inotify",message:"Could not read /proc/sys/fs/inotify/max_user_watches.",status:"warn"}}return e===void 0?{id:"inotify",message:"inotify max_user_watches reported a non-numeric value.",status:"warn"}:e<65536?{detail:{maxWatches:e},id:"inotify",message:`inotify watcher limit is ${String(e)} — large monorepos can exhaust this. Bump now with \`sudo sysctl fs.inotify.max_user_watches=524288\` and persist via \`/etc/sysctl.d/99-vis.conf\` so it survives reboot.`,status:"warn"}:{detail:{maxWatches:e},id:"inotify",message:`inotify capacity OK (${String(e)} watches).`,status:"ok"}},ci=()=>{const e=!!process.stdin.isTTY,t=!!process.stdout.isTTY;return e&&t?{id:"tty",message:"Interactive TTY available — watch keybinds enabled.",status:"ok"}:!e&&!t?{id:"tty",message:"No TTY on stdin/stdout — running in CI / piped mode (keybinds disabled).",status:"skip"}:{detail:{stdin:String(e),stdout:String(t)},id:"tty",message:e?"stdin is a TTY but stdout is not — output is being captured; keybinds still work.":"stdout is a TTY but stdin is not — keybinds disabled (input is piped).",status:"skip"}},di=()=>{const e=process.pid;try{return process.platform==="win32"?ot(e):nt(e)}catch{return[]}},ui=()=>{const e=process.pid;let t;try{t=process.platform==="win32"?ot(e):nt(e)}catch{return{id:$e,message:"Could not enumerate processes (ps/tasklist failed).",status:"warn"}}if(t.length===0)return{id:$e,message:"No orphaned vis/task-runner processes detected.",status:"ok"};if(t.length<=2)return{detail:{count:t.length,pids:t.join(",")},id:$e,message:`${String(t.length)} possibly orphaned process(es) detected (PIDs: ${t.join(", ")}). Likely benign.`,status:"skip"};const i=process.platform==="win32"?t.map(l=>`taskkill /F /PID ${String(l)}`).join(" & "):`kill ${t.join(" ")}`;return{detail:{count:t.length,pids:t.join(",")},id:"orphans",message:`${String(t.length)} possibly orphaned vis/task-runner processes — run \`vis doctor --fix\` to clean them up, or kill them manually: ${i}`,status:"warn"}},hi=(e={})=>{const t=e.enumerate??di,i=e.force===!0?"SIGKILL":"SIGTERM",l=e.kill??xi,n=t(),o=[],c=[];for(const h of n)try{l(h,i),o.push(h)}catch(a){const p=a.code??a.message;if(p==="ESRCH"){o.push(h);continue}c.push({pid:h,reason:p})}return{failed:c,killed:o}},pi=e=>Te("taskkill",e,{encoding:"utf8"}),gi=(e,t)=>{process.kill(e,t)},fi=(e,t,i=pi)=>{const l=t==="SIGKILL"?["/F","/PID",String(e)]:["/PID",String(e)],n=i(l);if(n.error)throw n.error;if(typeof n.status=="number"&&n.status!==0){const o=n.status===128?"ESRCH":`taskkill exited with code ${String(n.status)}`,c=new Error(o);throw c.code=o,c}},mi=(e,t,i=gi)=>{i(e,t)},xi=(e,t)=>{if(process.platform==="win32"){fi(e,t);return}mi(e,t)},rt=(e,t)=>{const i=Te(e,t,{encoding:"utf8"});if(i.error)throw i.error;if(typeof i.status=="number"&&i.status!==0)throw new Error(`${e} exited with code ${String(i.status)}`);return typeof i.stdout=="string"?i.stdout:""},nt=e=>{const t=rt("ps",["-Ao","pid=,command="]),i=[];for(const l of t.split(`
2
- `)){if(l.length===0)continue;const n=/^\s*(\d+)\s+(.+)$/.exec(l);if(!n)continue;const o=Number.parseInt(n[1]??"",10),c=(n[2]??"").toLowerCase();!Number.isFinite(o)||o===e||(/(?:^|[ /])vis-native(?:\s|$|[-.])/.test(c)||/(?:^|[ /])vis\s+run\b/.test(c)||/(?:^|[ /])task-runner(?:\s|$|[-.])/.test(c))&&i.push(o)}return i},ot=e=>{const t=rt("tasklist",["/FO","CSV","/NH"]),i=[];for(const l of t.split(/\r?\n/)){if(l.length===0)continue;const n=l.split(/","/).map(h=>h.replaceAll(/^"|"$/g,"")),o=(n[0]??"").toLowerCase(),c=Number.parseInt(n[1]??"",10);!Number.isFinite(c)||c===e||(o==="vis.exe"||o.startsWith("vis-native")||o.includes("task-runner"))&&i.push(c)}return i},wi=()=>{let e;try{const t=Te("watchman",["--version"],{encoding:"utf8",timeout:2e3});if(t.error||typeof t.status=="number"&&t.status!==0)throw t.error??new Error("watchman exited non-zero");e=typeof t.stdout=="string"?t.stdout.trim():void 0}catch{return{id:"watchman",message:"Watchman not found — `vis` uses native fs.watch (fine for small repos). Install Watchman + `fb-watchman` to scale watch mode on large monorepos.",status:"skip"}}return{detail:e?{version:e}:void 0,id:"watchman",message:e?`Watchman available (${e}) — scalable watch backend in use.`:"Watchman available — scalable watch backend in use.",status:"ok"}},yi=(e=process.cwd())=>{let t="";try{t=Ze(q(e,".gitattributes"),"utf8")}catch(i){if(i.code!=="ENOENT")return{id:"git-lfs",message:"Could not read .gitattributes.",status:"warn"}}if(!t.includes("filter=lfs"))return{id:"git-lfs",message:"No Git LFS tracking declared in .gitattributes.",status:"skip"};try{const i=Te("git",["lfs","version"],{encoding:"utf8",timeout:2e3});if(i.error||typeof i.status=="number"&&i.status!==0)throw i.error??new Error("git-lfs not available")}catch{return{id:"git-lfs",message:"Repo tracks files via Git LFS but `git-lfs` is not installed — checked-out LFS files are pointer stubs, not real content. Install git-lfs and run `git lfs pull`.",status:"warn"}}return{id:"git-lfs",message:"Git LFS tracking declared and `git-lfs` is installed.",status:"ok"}},ki=e=>[ai(),ci(),wi(),yi(e),ui()],ge=[{id:"dependencies",label:"Deps"},{id:"security",label:"Security"},{id:"optimization",label:"Optimize"},{id:"runtime",label:"Runtime"}],Ce=["dependencies","security","optimization","runtime"],he=e=>{const t=new Map;for(const i of Ce)t.set(i,[]);for(const i of e)t.get(i.section).push(i);for(const[i,l]of t)l.length===0&&t.delete(i);return t},pe=(e,t,i,l)=>{let n=e.filter(o=>o.section===t);if(l&&(n=n.filter(o=>o.severity===l)),i){const o=i.toLowerCase();n=n.filter(c=>c.title.toLowerCase().includes(o))}return[...n]},vi=e=>{const t={dependencies:"idle",optimization:"idle",runtime:"idle",security:"idle"};for(const i of Ce)e.has(i)&&(t[i]="idle");return t};class _e{#e;#i=new Set;constructor(t=[]){const i=Array.isArray(t)?{findings:t}:t,l=i.findings??[],n=i.activeSections??new Set(Ce),o=Ce.find(a=>n.has(a))??"dependencies",c=pe(l,o,"",void 0),h=vi(n);if(l.length>0)for(const a of l)h[a.section]="done";this.#e={all:l,entries:c,filterActive:!1,filterText:"",filterType:o,focusedPanel:"list",grouped:he(c),pendingAction:void 0,sectionError:{},sectionMessage:{},sectionStatus:h,selectedIndex:0,severityFilter:void 0}}getSnapshot=()=>this.#e;subscribe=t=>(this.#i.add(t),()=>{this.#i.delete(t)});setSelectedIndex(t){const i=Math.max(0,Math.min(t,this.#e.entries.length-1));i!==this.#e.selectedIndex&&this.#t({...this.#e,selectedIndex:i})}setFocusedPanel(t){t!==this.#e.focusedPanel&&this.#t({...this.#e,focusedPanel:t})}setFilterType(t){if(t===this.#e.filterType)return;const i=pe(this.#e.all,t,this.#e.filterText,this.#e.severityFilter);this.#t({...this.#e,entries:i,filterType:t,grouped:he(i),selectedIndex:0})}setFilter(t){const i=pe(this.#e.all,this.#e.filterType,t,this.#e.severityFilter);this.#t({...this.#e,entries:i,filterText:t,grouped:he(i),selectedIndex:0})}setFilterActive(t){if(t===this.#e.filterActive)return;if(t){this.#t({...this.#e,filterActive:!0});return}const i=pe(this.#e.all,this.#e.filterType,"",this.#e.severityFilter);this.#t({...this.#e,entries:i,filterActive:!1,filterText:"",grouped:he(i),selectedIndex:0})}setPendingAction(t){this.#t({...this.#e,pendingAction:t})}setSeverityFilter(t){if(t===this.#e.severityFilter)return;const i=pe(this.#e.all,this.#e.filterType,this.#e.filterText,t);this.#t({...this.#e,entries:i,grouped:he(i),selectedIndex:0,severityFilter:t})}startSection(t,i){this.#t({...this.#e,sectionMessage:{...this.#e.sectionMessage,[t]:i},sectionStatus:{...this.#e.sectionStatus,[t]:"running"}})}completeSection(t,i){const l=[...this.#e.all,...i],n=pe(l,this.#e.filterType,this.#e.filterText,this.#e.severityFilter),o={...this.#e.sectionMessage};delete o[t],this.#t({...this.#e,all:l,entries:n,grouped:he(n),sectionMessage:o,sectionStatus:{...this.#e.sectionStatus,[t]:"done"}})}failSection(t,i){this.#t({...this.#e,sectionError:{...this.#e.sectionError,[t]:i},sectionStatus:{...this.#e.sectionStatus,[t]:"error"}})}#t(t){this.#e=t;for(const i of this.#i)try{i()}catch{}}}const Ve={error:0,warn:1},bi=e=>!!e.acceptedRisk,lt=e=>{const t=[];if(e.sections.has("dependencies")){for(const i of e.outdated)t.push({entry:i,id:`outdated:${i.packageName}`,kind:"outdated",section:"dependencies",severity:"warn",subtitle:`${i.currentRange} → ${i.newRange} (${i.updateType})`,title:i.packageName});for(const i of e.duplicates)t.push({id:`duplicate:${i.name}`,kind:"duplicate",pkg:i,section:"dependencies",severity:"warn",subtitle:`${String(i.versions.length)} versions installed`,title:i.name})}if(e.sections.has("security"))for(const i of e.outdated){if(i.vulnerabilities&&i.vulnerabilities.length>0){const l=i.vulnerabilities[0],n=bi(i)?"warn":"error",o=i.vulnerabilities.length;t.push({entry:i,id:`vuln:${i.packageName}`,kind:"vulnerability",packageName:i.packageName,section:"security",severity:n,subtitle:o===1?`${l.severity} · ${l.id}`:`${String(o)} advisories · top: ${l.severity} ${l.id}`,title:i.packageName})}if(i.socketReport&&i.socketReport.alerts.length>0){const l=Math.round(i.socketReport.score.overall*100);t.push({entry:i,id:`socket:${i.packageName}`,kind:"socket",packageName:i.packageName,section:"security",severity:"warn",subtitle:`${String(i.socketReport.alerts.length)} alert${i.socketReport.alerts.length===1?"":"s"} · score ${String(l)}%`,title:i.packageName})}}if(e.sections.has("optimization"))for(const i of e.optimizations)t.push({entry:i,id:`opt:${i.packageName}`,kind:"optimization",section:"optimization",severity:"warn",subtitle:`${i.category} → ${i.replacement}`,title:i.packageName});if(e.sections.has("runtime"))for(const i of e.runtime)i.status==="warn"&&t.push({diagnostic:i,id:`runtime:${i.id}`,kind:"runtime",section:"runtime",severity:"warn",title:i.message});return t.sort((i,l)=>{if(i.section!==l.section){const n=["dependencies","security","optimization","runtime"];return n.indexOf(i.section)-n.indexOf(l.section)}return Ve[i.severity]-Ve[l.severity]}),t},at={dependencies:"Dependencies",optimization:"Optimization",runtime:"Runtime",security:"Security"},ji={error:"red",warn:"yellow"},$i={error:"✖",warn:"⚠"},Si={error:" ERROR ",warn:" WARN "},Ci=({children:e,hint:t,message:i,severity:l,title:n})=>{const o=ji[l];return s.jsxs(u,{borderColor:o,borderStyle:"single",flexDirection:"column",flexShrink:0,paddingX:1,children:[s.jsxs(u,{gap:1,children:[s.jsx(r,{backgroundColor:o,bold:!0,color:"black",children:Si[l]}),s.jsx(r,{bold:!0,color:o,children:$i[l]}),s.jsx(r,{bold:!0,wrap:"truncate-end",children:n})]}),s.jsx(r,{wrap:"truncate-end",children:i}),t?s.jsx(r,{dimColor:!0,wrap:"truncate-end",children:t}):null,e]})},Ri={CRITICAL:"red",HIGH:"red",LOW:"gray",MODERATE:"yellow",UNKNOWN:"gray"},Ti={critical:"red",high:"red",low:"gray",medium:"yellow"},Ai={major:"red",minor:"yellow",patch:"green"},C=({children:e,label:t,width:i=14})=>s.jsxs(u,{children:[s.jsx(u,{width:i,children:s.jsxs(r,{dimColor:!0,children:[t,":"]})}),typeof e=="string"?s.jsx(r,{children:e}):e]}),re=({children:e})=>s.jsx(u,{marginTop:1,children:s.jsx(r,{bold:!0,color:"white",children:e})}),Ii=({finding:e})=>{const{entry:t}=e,i=Ai[t.updateType]??"white";return s.jsxs(u,{flexDirection:"column",children:[s.jsx(C,{label:"Current",children:t.currentRange}),s.jsxs(C,{label:"Target",children:[s.jsx(r,{children:t.newRange}),s.jsxs(r,{bold:!0,color:i,children:[" (",t.updateType,")"]})]}),s.jsx(C,{label:"Catalog",children:t.catalogName}),t.acceptedRisk?s.jsx(C,{label:"Risk ack",children:s.jsx(r,{dimColor:!0,children:t.acceptedRisk.reason??"(no reason recorded)"})}):null,s.jsx(re,{children:"Action"}),s.jsxs(r,{dimColor:!0,children:["Run"," ",s.jsx(r,{bold:!0,color:"white",children:"vis update"})," ","to apply this change."]})]})},Ni=({finding:e})=>s.jsxs(u,{flexDirection:"column",children:[s.jsx(C,{label:"Versions",children:s.jsx(r,{children:String(e.pkg.versions.length)})}),s.jsx(re,{children:"Installed versions"}),e.pkg.versions.map(t=>s.jsxs(r,{children:[" · ",t]},t)),s.jsx(re,{children:"Action"}),s.jsxs(r,{dimColor:!0,children:["Run"," ",s.jsx(r,{bold:!0,color:"white",children:"vis dedupe"})," ","to consolidate to a single resolution."]})]}),Mi=({finding:e})=>{const t=e.entry.vulnerabilities??[];return s.jsxs(u,{flexDirection:"column",children:[s.jsx(C,{label:"Package",children:e.packageName}),s.jsx(C,{label:"Current",children:e.entry.currentRange}),s.jsx(C,{label:"Advisories",children:String(t.length)}),e.entry.acceptedRisk?s.jsx(C,{label:"Risk ack",children:s.jsx(r,{dimColor:!0,children:e.entry.acceptedRisk.reason??"(no reason recorded)"})}):null,t.map(i=>{const l=Ri[i.severity]??"gray";return s.jsxs(u,{flexDirection:"column",marginTop:1,children:[s.jsxs(u,{children:[s.jsx(r,{bold:!0,color:l,children:i.severity}),s.jsx(r,{children:" "}),s.jsx(r,{children:i.id}),typeof i.cvssScore=="number"?s.jsxs(r,{dimColor:!0,children:[" · CVSS ",i.cvssScore.toFixed(1)]}):null]}),s.jsx(r,{wrap:"wrap",children:i.summary}),i.fixedVersions.length>0?s.jsxs(r,{dimColor:!0,children:["Fixed in: ",i.fixedVersions.join(", ")]}):null,i.aliases&&i.aliases.length>0?s.jsxs(r,{dimColor:!0,children:["Aliases: ",i.aliases.join(", ")]}):null]},i.id)})]})},Ei=({finding:e})=>{const t=e.entry.socketReport;if(!t)return s.jsx(r,{dimColor:!0,children:"No Socket report attached."});const i=Math.round(t.score.overall*100),l=ze(t.score.overall);return s.jsxs(u,{flexDirection:"column",children:[s.jsx(C,{label:"Package",children:e.packageName}),s.jsx(C,{label:"Overall",children:s.jsxs(r,{color:l,children:[String(i),"%"]})}),s.jsx(C,{label:"Alerts",children:String(t.alerts.length)}),e.entry.acceptedRisk?s.jsx(C,{label:"Risk ack",children:s.jsx(r,{dimColor:!0,children:e.entry.acceptedRisk.reason??"(no reason recorded)"})}):null,s.jsx(re,{children:"Score breakdown"}),Object.entries(t.score).map(([n,o])=>{if(n==="overall")return null;const c=typeof o=="number"?o:0,h=Math.round(c*100),a=ze(c);return s.jsxs(u,{children:[s.jsx(u,{width:14,children:s.jsxs(r,{dimColor:!0,children:[n,":"]})}),s.jsxs(r,{color:a,children:[String(h),"%"]})]},n)}),s.jsx(re,{children:"Alerts"}),t.alerts.map((n,o)=>{const c=Ti[n.severity]??"gray";return s.jsxs(u,{flexDirection:"column",marginBottom:1,children:[s.jsxs(u,{children:[s.jsx(r,{bold:!0,color:c,children:n.severity}),s.jsx(r,{children:" "}),s.jsx(r,{children:n.type})]}),n.props?s.jsx(r,{dimColor:!0,wrap:"wrap",children:JSON.stringify(n.props)}):null]},`${n.type}-${String(o)}`)})]})},Di=({finding:e})=>{const{entry:t}=e;return s.jsxs(u,{flexDirection:"column",children:[s.jsx(C,{label:"Package",children:t.packageName}),s.jsx(C,{label:"Category",children:t.category}),s.jsx(C,{label:"Replacement",children:t.replacement}),t.overrideSpec?s.jsx(C,{label:"Override",children:t.overrideSpec}):null,s.jsx(C,{label:"Codemod",children:s.jsx(r,{color:t.hasCodemod?"green":"gray",children:t.hasCodemod?"available":"not available"})}),t.docUrl?s.jsx(C,{label:"Guide",children:s.jsx(r,{color:"cyan",underline:!0,children:t.docUrl})}):null,s.jsx(re,{children:"Action"}),t.hasCodemod?s.jsxs(r,{dimColor:!0,children:["Run"," ",s.jsx(r,{bold:!0,color:"white",children:"vis optimize"})," ","to apply the codemod interactively."]}):t.overrideSpec?s.jsxs(r,{dimColor:!0,children:["Run"," ",s.jsx(r,{bold:!0,color:"white",children:"vis optimize"})," ","to install the package override."]}):t.docUrl?s.jsx(r,{dimColor:!0,children:"No automated codemod. Open the migration guide above for the recommended alternative and steps."}):s.jsx(r,{dimColor:!0,children:"No automated codemod. Consult the package's docs or the e18e module-replacements guide for an alternative."})]})},Fi=({finding:e})=>{const{diagnostic:t}=e,i=t.status==="warn"?"yellow":t.status==="ok"?"green":"gray";return s.jsxs(u,{flexDirection:"column",children:[s.jsx(C,{label:"Check",children:t.id}),s.jsx(C,{label:"Status",children:s.jsx(r,{color:i,children:t.status})}),s.jsx(re,{children:"Message"}),s.jsx(r,{wrap:"wrap",children:t.message}),t.detail&&Object.keys(t.detail).length>0?s.jsxs(s.Fragment,{children:[s.jsx(re,{children:"Details"}),Object.entries(t.detail).map(([l,n])=>s.jsxs(u,{children:[s.jsx(u,{width:20,children:s.jsxs(r,{dimColor:!0,children:[l,":"]})}),s.jsx(r,{children:String(n)})]},l))]}):null]})},Pi=({finding:e,focused:t,scrollRef:i})=>{const l=t?"white":"gray";if(!e)return s.jsx(u,{alignItems:"center",borderColor:"gray",borderStyle:"single",flexDirection:"column",flexGrow:1,justifyContent:"center",children:s.jsx(r,{dimColor:!0,children:"No finding selected"})});let n;switch(e.kind){case"duplicate":{n=s.jsx(Ni,{finding:e});break}case"optimization":{n=s.jsx(Di,{finding:e});break}case"outdated":{n=s.jsx(Ii,{finding:e});break}case"runtime":{n=s.jsx(Fi,{finding:e});break}case"socket":{n=s.jsx(Ei,{finding:e});break}case"vulnerability":{n=s.jsx(Mi,{finding:e});break}default:{n=s.jsx(r,{dimColor:!0,children:"Unknown finding kind."});break}}return s.jsxs(u,{borderColor:l,borderStyle:"single",flexDirection:"column",flexGrow:1,children:[s.jsxs(u,{flexShrink:0,paddingTop:1,paddingX:2,children:[s.jsx(r,{bold:!0,color:"white",children:e.title}),s.jsxs(r,{dimColor:!0,children:[" ",at[e.section]]})]}),s.jsxs(yt,{flexGrow:1,flexShrink:1,paddingX:2,ref:i,scrollbar:!0,scrollbarColor:"gray",scrollbarStyle:"block",children:[s.jsx(r,{}),n]})]})},ct={error:"red",warn:"yellow"},zi={error:"✖",warn:"⚠"},Oi=e=>e.kind==="outdated"||e.kind==="vulnerability"||e.kind==="socket"?!!e.entry.acceptedRisk:!1,Bi=({finding:e,isSelected:t})=>{const i=ct[e.severity],l=Oi(e);return s.jsxs(u,{flexShrink:0,height:1,children:[s.jsx(r,{children:t?">":" "}),s.jsxs(r,{color:i,children:[" ",zi[e.severity]," "]}),s.jsx(u,{flexGrow:1,children:s.jsx(r,{bold:t,inverse:t,wrap:"truncate",children:e.title})}),l?s.jsx(r,{color:"cyan",children:" ack"}):null,e.subtitle?s.jsxs(r,{dimColor:!0,wrap:"truncate",children:[" ",e.subtitle]}):null]})},Li=({count:e,section:t})=>s.jsxs(u,{flexShrink:0,height:1,marginTop:1,children:[s.jsx(r,{dimColor:!0,children:"▼ "}),s.jsx(r,{bold:!0,color:"white",children:at[t].toUpperCase()}),s.jsxs(r,{dimColor:!0,children:[" (",e,")"]})]}),_i=({count:e,label:t,status:i})=>s.jsxs(r,{children:[t,i==="running"?s.jsxs(r,{children:[" ",s.jsx(st,{type:"dots"})]}):null,i==="error"?s.jsx(r,{bold:!0,color:"red",children:" ✖"}):s.jsxs(r,{dimColor:!0,children:[" (",String(e),")"]})]}),Vi=({elapsedMs:e,entries:t,filterActive:i,filterText:l,filterType:n,focused:o,fromCache:c=!1,grouped:h,onViewportHeightChange:a,scrollOffset:p,sectionCounts:w,sectionMessage:j,sectionStatus:k,selectedIndex:D,severityFilter:$,totalAll:f,viewportHeight:T})=>{const M=o?"white":"gray",{measuredHeight:F,ref:E}=ei(T,a);let R=0,P=0;for(const b of t)b.severity==="error"?R+=1:b.severity==="warn"&&(P+=1);const Y=[];R>0&&Y.push(`${String(R)} error${R===1?"":"s"}`),P>0&&Y.push(`${String(P)} warn${P===1?"":"s"}`);const Z=Y.length>0?` (${Y.join(", ")})`:"",ee=(e/1e3).toFixed(1),W=[];for(const[b,S]of h){W.push(s.jsx(Li,{count:S.length,section:b},`hdr-${b}`));for(const _ of S){const V=t.indexOf(_);W.push(s.jsx(Bi,{finding:_,isSelected:V===D},_.id))}}let B=0;for(const[,b]of h)B+=2+b.length;const L=B>F&&F>0;return s.jsxs(u,{borderColor:M,borderStyle:"single",flexDirection:"column",flexGrow:1,children:[s.jsxs(u,{flexShrink:0,gap:1,paddingX:1,children:[s.jsx(r,{bold:!0,inverse:!0,children:" DOCTOR "}),s.jsxs(r,{wrap:"truncate",children:[t.length,t.length===f?"":`/${String(f)}`," finding",t.length===1?"":"s",Z]}),$?s.jsx(r,{bold:!0,color:ct[$],inverse:!0,children:` ${$.toUpperCase()} ONLY `}):null,c?s.jsx(r,{bold:!0,color:"cyan",inverse:!0,children:" CACHED "}):null,s.jsxs(r,{dimColor:!0,children:[" · ",ee,"s"]})]}),s.jsx(u,{flexShrink:0,paddingX:1,paddingY:1,children:s.jsx(Qt,{isFocused:o,keyMap:{next:[],previous:[],useNumbers:!1,useTab:!1},onChange:()=>{},showIndex:!1,value:n,children:ge.map(({id:b,label:S})=>s.jsx(Zt,{name:b,children:s.jsx(_i,{count:w[b],label:S,status:k[b]})},b))})}),(()=>{const b=Object.keys(k).filter(S=>k[S]==="running"&&j[S]).map(S=>j[S]);return b.length===0?null:s.jsx(u,{flexShrink:0,paddingX:1,children:s.jsxs(r,{dimColor:!0,wrap:"truncate",children:[s.jsx(st,{type:"dots"})," ",b.join(" · ")]})})})(),i&&s.jsxs(u,{flexShrink:0,paddingX:1,children:[s.jsx(r,{bold:!0,color:"white",children:"/ "}),s.jsx(r,{children:l}),s.jsx(r,{inverse:!0,children:" "})]}),s.jsxs(u,{flexDirection:"row",flexGrow:1,overflow:"hidden",ref:E,children:[s.jsx(u,{flexDirection:"column",flexGrow:1,overflow:"hidden",paddingLeft:1,children:s.jsx(u,{flexDirection:"column",marginTop:-p,children:W.length>0?W:s.jsx(u,{marginTop:1,children:s.jsx(r,{dimColor:!0,children:"No findings match the current filter."})})})}),L&&s.jsx(u,{flexShrink:0,marginLeft:1,marginRight:1,children:s.jsx(kt,{contentHeight:B,placement:"inset",scrollOffset:p,style:"block",viewportHeight:F})})]},`list-${n}-${l}`)]})},Gi=e=>{if(e.kind==="outdated")return{command:`vis update ${e.entry.packageName}`,description:`Update ${e.entry.packageName} to ${e.entry.newRange}`};if(e.kind==="duplicate")return{command:`vis dedupe ${e.pkg.name}`,description:`Dedupe ${e.pkg.name} (${String(e.pkg.versions.length)} versions)`}},Ui=e=>{if(e.kind==="optimization")return{command:`vis optimize ${e.entry.packageName}`,description:`Replace ${e.entry.packageName} with ${e.entry.replacement}`}},Hi=e=>{if(e.kind!=="outdated"&&e.kind!=="vulnerability"&&e.kind!=="socket")return;const t=e.kind==="outdated"?e.entry.packageName:e.packageName,i=["// Add to vis.config.ts:","security: {"," acceptedRisks: {",` "${t}": {`,' reason: "explain why this risk is acceptable",',' expiresAt: "YYYY-MM-DD",'," },"," },","},"].join(`
3
- `);return{command:i,configSnippet:i,description:`Acknowledge risk for ${t}`}},Yi=100,Wi=40,qi=10,Xi=({autoExitSeconds:e=0,banner:t,fromCache:i=!1,startedAt:l,store:n})=>{const{exit:o}=vt(),{columns:c,rows:h}=bt(),a=O.useSyncExternalStore(n.subscribe,n.getSnapshot),[p,w]=O.useState(!1),[j,k]=O.useState(!1),[D,$]=O.useState(0),[f,T]=O.useState(()=>Date.now());O.useEffect(()=>{const x=setInterval(()=>{T(Date.now())},1e3);return()=>{clearInterval(x)}},[]);const M=f-l,F=O.useRef(null),E=O.useRef(null),R=a.entries[a.selectedIndex]??null,P=O.useMemo(()=>{const x={dependencies:0,optimization:0,runtime:0,security:0};for(const m of a.all)x[m.section]+=1;return x},[a.all]),Y=t?t.hint?5:4:0,Z=O.useMemo(()=>{for(const x of Object.keys(a.sectionStatus))if(a.sectionStatus[x]==="running"&&a.sectionMessage[x])return 1;return 0},[a.sectionStatus,a.sectionMessage]),ee=c>=Yi,W=ee?Math.max(1,h-Y-2):Math.floor(h*.55),B=Math.max(1,W-6-Z-(a.filterActive?1:0)),[L,b]=O.useState(B),S=L>0?L:B,_=O.useMemo(()=>{let x=0;for(const[,m]of a.grouped)x+=2+m.length;return x},[a.grouped]),V=Math.max(0,_-S),G=Math.min(D,V),ne=O.useCallback(x=>{let m=0,y=0;for(const[,xe]of a.grouped){m+=2;for(let oe=0;oe<xe.length;oe++){if(y===x)return m;m+=1,y+=1}}return m},[a.grouped]),Q=O.useCallback(x=>{const m=ne(x);$(y=>m>y+S-2?Math.min(V,Math.max(0,m-S+2)):m<y+1?Math.max(0,m-1):y)},[ne,S,V]);if(O.useEffect(()=>{E.current?.scrollToTop()},[R?.id]),jt((x,m)=>{if(x==="c"&&m.ctrl){o();return}if(!j){if(p){m.escape||x==="?"?w(!1):x==="q"?(w(!1),k(!0)):m.downArrow||x==="j"?F.current?.scrollBy(1):(m.upArrow||x==="k")&&F.current?.scrollBy(-1);return}if(x==="?"){w(!0);return}if(x==="q"){k(!0);return}if(m.tab){n.setFocusedPanel(a.focusedPanel==="list"?"detail":"list");return}if(a.filterActive){if(m.escape||m.return){n.setFilterActive(!1);return}if(m.backspace){$(0),n.setFilter(a.filterText.slice(0,-1));return}x&&!m.ctrl&&!m.meta&&($(0),n.setFilter(a.filterText+x));return}if(a.focusedPanel==="list"&&(m.leftArrow||m.rightArrow)){const y=ge.findIndex(oe=>oe.id===a.filterType),xe=m.rightArrow?(y+1)%ge.length:(y-1+ge.length)%ge.length;$(0),E.current?.scrollToTop(),n.setFilterType(ge[xe].id);return}if(a.focusedPanel==="list"){if(m.downArrow||x==="j"){const y=Math.min(a.selectedIndex+1,a.entries.length-1);n.setSelectedIndex(y),Q(y);return}if(m.upArrow||x==="k"){const y=Math.max(a.selectedIndex-1,0);n.setSelectedIndex(y),Q(y);return}if(m.pageDown){const y=Math.min(a.selectedIndex+10,a.entries.length-1);n.setSelectedIndex(y),Q(y);return}if(m.pageUp){const y=Math.max(a.selectedIndex-10,0);n.setSelectedIndex(y),Q(y);return}if(m.home){n.setSelectedIndex(0),$(0);return}if(m.end){const y=a.entries.length-1;n.setSelectedIndex(y),Q(y);return}if(x==="/"){n.setFilterActive(!0);return}if(x==="e"){n.setSeverityFilter(a.severityFilter==="error"?void 0:"error"),$(0);return}if(x==="w"){n.setSeverityFilter(a.severityFilter==="warn"?void 0:"warn"),$(0);return}if(x==="u"&&R){const y=Gi(R);y&&(n.setPendingAction(y),o());return}if(x==="o"&&R){const y=Ui(R);y&&(n.setPendingAction(y),o());return}if(x==="a"&&R){const y=Hi(R);y&&(n.setPendingAction(y),o());return}if(x==="d"){n.setFocusedPanel("detail");return}return}if(m.escape||m.leftArrow){n.setFocusedPanel("list");return}if(m.downArrow||x==="j"){E.current?.scrollBy(1);return}if(m.upArrow||x==="k"){E.current?.scrollBy(-1);return}if(m.pageDown){E.current?.scrollBy(10);return}if(m.pageUp){E.current?.scrollBy(-10);return}if(m.home){E.current?.scrollToTop();return}m.end&&E.current?.scrollToBottom()}},{isActive:!0}),c<Wi||h<qi)return s.jsx(u,{alignItems:"center",height:h,justifyContent:"center",width:c,children:s.jsxs(r,{color:"yellow",children:["Terminal too small (",c,"x",h,")"]})});const z=a.focusedPanel==="detail",U=[s.jsxs(u,{gap:1,children:[s.jsx(r,{bold:!0,color:"white",children:"q"}),s.jsx(r,{dimColor:!0,children:"QUIT"})]},"q"),s.jsxs(u,{gap:1,children:[s.jsx(r,{bold:!0,color:"white",children:"?"}),s.jsx(r,{dimColor:!0,children:"HELP"})]},"?"),s.jsxs(u,{gap:1,children:[s.jsx(r,{bold:!0,color:"white",children:"↑↓"}),s.jsx(r,{dimColor:!0,children:z?"SCROLL":"NAV"})]},"nav"),z?s.jsxs(u,{gap:1,children:[s.jsx(r,{bold:!0,color:"white",children:"←/Esc"}),s.jsx(r,{dimColor:!0,children:"LIST"})]},"lr"):s.jsxs(u,{gap:1,children:[s.jsx(r,{bold:!0,color:"white",children:"←→"}),s.jsx(r,{dimColor:!0,children:"SECTION"})]},"lr"),s.jsxs(u,{gap:1,children:[s.jsx(r,{bold:!0,color:"white",children:"/"}),s.jsx(r,{dimColor:!0,children:"SEARCH"})]},"search"),s.jsxs(u,{gap:1,children:[s.jsx(r,{bold:!0,color:"white",children:"e/w"}),s.jsx(r,{dimColor:!0,children:"SEVERITY"})]},"sev"),s.jsxs(u,{gap:1,children:[s.jsx(r,{bold:!0,color:"white",children:"u/o/a"}),s.jsx(r,{dimColor:!0,children:"ACTION"})]},"actions"),s.jsxs(u,{gap:1,children:[s.jsx(r,{bold:!0,color:"white",children:"Tab"}),s.jsx(r,{dimColor:!0,children:"PANEL"})]},"tab")],te=s.jsx(u,{borderBottom:!1,borderColor:"gray",borderLeft:!1,borderRight:!1,borderStyle:"single",flexShrink:0,children:s.jsx(u,{gap:2,overflow:"hidden",paddingX:1,children:U})}),ce=s.jsxs($t,{footer:s.jsxs(r,{dimColor:!0,children:[s.jsx(r,{bold:!0,color:"white",children:"↑↓"})," scroll ",s.jsx(r,{bold:!0,color:"white",children:"?"}),"/",s.jsx(r,{bold:!0,color:"white",children:"Esc"})," close"]}),scrollRef:F,title:"DOCTOR — KEYBOARD SHORTCUTS",visible:p,width:56,children:[s.jsxs(u,{flexDirection:"column",marginBottom:1,children:[s.jsxs(u,{marginBottom:1,children:[s.jsx(r,{dimColor:!0,children:"── "}),s.jsx(r,{bold:!0,color:"white",children:"NAVIGATION"})]}),s.jsxs(u,{children:[s.jsx(u,{width:26,children:s.jsxs(r,{children:[s.jsx(r,{bold:!0,color:"white",children:" ↑/k "}),s.jsx(r,{dimColor:!0,children:"Move up"})]})}),s.jsxs(r,{children:[s.jsx(r,{bold:!0,color:"white",children:" ↓/j "}),s.jsx(r,{dimColor:!0,children:"Move down"})]})]}),s.jsxs(u,{children:[s.jsx(u,{width:26,children:s.jsxs(r,{children:[s.jsx(r,{bold:!0,color:"white",children:" PgUp"}),s.jsx(r,{dimColor:!0,children:" Jump up 10"})]})}),s.jsxs(r,{children:[s.jsx(r,{bold:!0,color:"white",children:" PgDn"}),s.jsx(r,{dimColor:!0,children:" Jump down 10"})]})]}),s.jsxs(u,{children:[s.jsx(u,{width:26,children:s.jsxs(r,{children:[s.jsx(r,{bold:!0,color:"white",children:" Home"}),s.jsx(r,{dimColor:!0,children:" Jump to top"})]})}),s.jsxs(r,{children:[s.jsx(r,{bold:!0,color:"white",children:" End"}),s.jsx(r,{dimColor:!0,children:" Jump to bottom"})]})]}),s.jsxs(r,{children:[s.jsx(r,{bold:!0,color:"white",children:" Tab"}),s.jsx(r,{dimColor:!0,children:" Switch panel"})]}),s.jsxs(r,{children:[s.jsx(r,{bold:!0,color:"white",children:" →/←"}),s.jsx(r,{dimColor:!0,children:" Section tabs (list) / Focus list (detail)"})]})]}),s.jsxs(u,{flexDirection:"column",marginBottom:1,children:[s.jsxs(u,{marginBottom:1,children:[s.jsx(r,{dimColor:!0,children:"── "}),s.jsx(r,{bold:!0,color:"white",children:"FILTER"})]}),s.jsxs(r,{children:[s.jsx(r,{bold:!0,color:"white",children:" /"}),s.jsx(r,{dimColor:!0,children:" Open text filter (Esc/Enter to close)"})]}),s.jsxs(r,{children:[s.jsx(r,{bold:!0,color:"white",children:" e"}),s.jsx(r,{dimColor:!0,children:" Toggle errors-only filter"})]}),s.jsxs(r,{children:[s.jsx(r,{bold:!0,color:"white",children:" w"}),s.jsx(r,{dimColor:!0,children:" Toggle warns-only filter"})]})]}),s.jsxs(u,{flexDirection:"column",marginBottom:1,children:[s.jsxs(u,{marginBottom:1,children:[s.jsx(r,{dimColor:!0,children:"── "}),s.jsx(r,{bold:!0,color:"white",children:"ACTIONS"})]}),s.jsxs(r,{children:[s.jsx(r,{bold:!0,color:"white",children:" u"}),s.jsx(r,{dimColor:!0,children:" Exit + suggest update / dedupe command"})]}),s.jsxs(r,{children:[s.jsx(r,{bold:!0,color:"white",children:" o"}),s.jsx(r,{dimColor:!0,children:" Exit + suggest optimize command"})]}),s.jsxs(r,{children:[s.jsx(r,{bold:!0,color:"white",children:" a"}),s.jsx(r,{dimColor:!0,children:" Exit + print risk-ack snippet"})]}),s.jsxs(r,{children:[s.jsx(r,{bold:!0,color:"white",children:" d"}),s.jsx(r,{dimColor:!0,children:" Focus detail panel"})]})]}),s.jsxs(u,{flexDirection:"column",children:[s.jsxs(u,{marginBottom:1,children:[s.jsx(r,{dimColor:!0,children:"── "}),s.jsx(r,{bold:!0,color:"white",children:"EXIT"})]}),s.jsxs(r,{children:[s.jsx(r,{bold:!0,color:"white",children:" q"}),s.jsx(r,{dimColor:!0,children:" Quit (with countdown)"})]}),s.jsxs(r,{children:[s.jsx(r,{bold:!0,color:"white",children:" Ctrl+C"}),s.jsx(r,{dimColor:!0,children:" Quit immediately"})]})]})]}),de=s.jsx(Vi,{elapsedMs:M,entries:a.entries,filterActive:a.filterActive,filterText:a.filterText,filterType:a.filterType,focused:a.focusedPanel==="list",fromCache:i,grouped:a.grouped,onViewportHeightChange:b,scrollOffset:G,sectionCounts:P,sectionMessage:a.sectionMessage,sectionStatus:a.sectionStatus,selectedIndex:a.selectedIndex,severityFilter:a.severityFilter,totalAll:a.all.length,viewportHeight:S}),ue=t?s.jsx(Ci,{hint:t.hint,message:t.message,severity:t.severity,title:t.title}):null,me=s.jsx(Pi,{finding:R,focused:a.focusedPanel==="detail",scrollRef:E});if(ee){const x=Math.floor(c*.4);return s.jsxs(u,{flexDirection:"column",height:h,width:c,children:[ue,s.jsxs(u,{flexDirection:"row",flexGrow:1,children:[s.jsx(u,{flexGrow:1,children:de}),s.jsx(u,{width:x,children:me})]}),te,s.jsx(Pe,{autoExitSeconds:e||3,onCancel:()=>{k(!1)},visible:j}),ce]})}return s.jsxs(u,{flexDirection:"column",height:h,width:c,children:[ue,s.jsx(u,{height:W,children:de}),s.jsx(u,{flexGrow:1,children:me}),te,s.jsx(Pe,{autoExitSeconds:e||3,onCancel:()=>{k(!1)},visible:j}),ce]})},Ki=e=>e.replaceAll(/[$()+.?[\\\]^{|}]/g,String.raw`\$&`),Ji=e=>{const t=e.split("*").map(i=>Ki(i));return new RegExp(`^${t.join(".*")}$`,"i")},Qi=e=>e?e.split(",").map(t=>t.trim()).filter(t=>t.length>0).map(t=>Ji(t)):[],Se=(e,t)=>{for(const i of t)if(i.test(e))return!0;return!1},Zi=(e,t,i)=>{if(t.length===0)return e;const l=e.outdated.filter(p=>Se(p.packageName,t)),n=e.duplicates.filter(p=>Se(p.name,t)),o=e.optimizations.filter(p=>Se(p.packageName,t));let c=0,h=0,a=0;for(const p of l)p.vulnerabilities&&(c+=p.vulnerabilities.length),p.socketReport&&(h+=p.socketReport.alerts.length,p.socketReport.score.overall<i&&(a+=1));return{...e,duplicates:n,optimizations:o,outdated:l,socketIssues:{alerts:h,lowScore:a},vulnCount:c}},dt=(e,t)=>t.length===0?[...e]:e.filter(i=>{if(i.kind==="runtime")return!0;const l=i.kind==="duplicate"?i.pkg.name:i.kind==="outdated"||i.kind==="optimization"?i.entry.packageName:i.packageName;return Se(l,t)}),ut=["dependencies","security","optimization","runtime"],Ge=e=>{const t=new Set;if(!e)return t;for(const i of e.split(",")){const l=i.trim().toLowerCase();ut.includes(l)&&t.add(l)}return t},es=(e,t)=>{if(e!==void 0&&e!=="")return Ge(e);const i=Ge(t);return new Set(ut.filter(l=>!i.has(l)))},ht=e=>{const t={micro:0,native:0,preferred:0,socket:0,total:e.length};for(const i of e)switch(i.category){case"micro-utility":{t.micro+=1;break}case"native":{t.native+=1;break}case"preferred":{t.preferred+=1;break}case"socket":{t.socket+=1;break}}return t},se=(e,t)=>{if(!e.sections.has(t))return"skip";switch(t){case"dependencies":return e.outdated.length>0||e.duplicates.length>0?"warn":"ok";case"optimization":return e.optimizations.length>0?"warn":"ok";case"runtime":return e.runtime.some(i=>i.status==="warn")?"warn":"ok";case"security":return e.vulnCount>0||e.socketIssues.alerts>0?"error":e.socketIssues.lowScore>0?"warn":"ok";default:return"ok"}},ts=(e,t)=>{const i=ht(e.optimizations),l={dependencies:se(e,"dependencies"),optimization:se(e,"optimization"),runtime:se(e,"runtime"),security:se(e,"security")},n=new Set([...Object.values(l),e.supplyChain.status]),o=n.has("error")?"error":n.has("warn")?"warn":"ok";return{dependencies:{duplicates:e.duplicates.length,installed:e.installedCount,outdated:e.outdated.length,status:l.dependencies},elapsedMs:e.elapsedMs,optimizations:{microUtilities:i.micro,native:i.native,preferred:i.preferred,socket:i.socket,status:l.optimization,total:i.total},packageManager:t,runtime:e.runtime.map(c=>({detail:c.detail,id:c.id,message:c.message,status:c.status})),runtimeStatus:l.runtime,security:{alerts:e.socketIssues.alerts,lowScorePackages:e.socketIssues.lowScore,status:l.security,vulnerabilities:e.vulnCount},status:o,supplyChain:{findings:e.supplyChain.findings.map(c=>({detail:c.detail,label:c.label,severity:c.severity})),status:e.supplyChain.status},workspaces:e.workspaceCount}},Ue=(e,t)=>{const i=e.runtime.some(n=>n.status==="warn"),l=e.vulnCount>0||e.socketIssues.alerts>0;return t?l||e.outdated.length>0||e.duplicates.length>0||i:l},is=["aube-workspace.yaml","pnpm-workspace.yaml"],ye=e=>typeof e=="boolean"?e:void 0,ss=e=>{if(e==="no-downgrade"||e==="off")return e},rs=e=>{const t={allowBuildsCount:0,blockExoticSubdeps:void 0,jailBuilds:void 0,minimumReleaseAge:void 0,minimumReleaseAgeStrict:void 0,paranoid:void 0,source:void 0,strictDepBuilds:void 0,trustPolicy:void 0};for(const i of is){const l=q(e,i);if(!be(l))continue;let n;try{n=Tt(Ct(l))}catch{continue}if(typeof n!="object"||n===null)continue;const o=n;return t.source=i,t.paranoid=ye(o.paranoid),t.trustPolicy=ss(o.trustPolicy),t.blockExoticSubdeps=ye(o.blockExoticSubdeps),t.jailBuilds=ye(o.jailBuilds),t.strictDepBuilds=ye(o.strictDepBuilds),t.minimumReleaseAgeStrict=ye(o.minimumReleaseAgeStrict),typeof o.minimumReleaseAge=="number"&&Number.isFinite(o.minimumReleaseAge)&&(t.minimumReleaseAge=o.minimumReleaseAge),o.allowBuilds&&typeof o.allowBuilds=="object"&&!Array.isArray(o.allowBuilds)&&(t.allowBuildsCount=Object.keys(o.allowBuilds).length),t}return t},ns=e=>e.paranoid?{...e,jailBuilds:!0,minimumReleaseAgeStrict:!0,strictDepBuilds:!0,trustPolicy:"no-downgrade"}:e,os=/^(@[\w./-]+\/[\w./-]+|[\w.-]+)@(.+)$/,ls=e=>{const t=os.exec(e);if(t)return{name:t[1],version:t[2]}},as=(e,t)=>{let i;try{if(t==="pnpm"){const n=q(e,"pnpm-workspace.yaml");be(n)&&(i=ti(n)?.patchedDependencies)}else if(t==="bun"){const n=q(e,"package.json");be(n)&&(i=et(n)?.patchedDependencies)}}catch{return[]}if(!i||typeof i!="object")return[];const l=[];for(const[n,o]of Object.entries(i)){if(typeof o!="string"||o.length===0)continue;const c=ls(n);c&&l.push({name:c.name,patchFile:o,resolvedPatchFile:Rt(o)?o:Xe(e,o),version:c.version})}return l},cs=e=>{const t=[];for(const i of e)be(i.resolvedPatchFile)||t.push({entry:i,kind:"missing-file"});return t},He=e=>e.some(t=>t.severity==="error")?"error":e.some(t=>t.severity==="warn")?"warn":"ok",ds=(e,t={})=>{const i=[],l=e?.security;if(!l)return i.push({detail:"Use defineConfig() from '@visulima/vis/config' to apply secure defaults.",label:"No security config — running with the PM's native defaults",severity:"warn"}),{findings:i,status:He(i)};const n=l.policies?.firstSeen?.minutes,o=l.policies?.publisherChange,c=l.policies?.installScripts;n===void 0?i.push({detail:"Set security.policies.firstSeen.minutes to block packages published in the last N minutes (mitigates supply-chain attacks).",label:"policies.firstSeen.minutes is not set",severity:"warn"}):n===0?i.push({detail:"New packages can be installed immediately after publishing. Consider setting a non-zero cooldown.",label:"policies.firstSeen.minutes is explicitly 0",severity:"warn"}):i.push({label:`policies.firstSeen.minutes: ${String(n)} minutes`,severity:"ok"}),o?.mode===void 0||o.mode==="off"?i.push({detail:"Packages whose trust level has decreased will not be blocked. Consider 'no-downgrade'.",label:`policies.publisherChange.mode: ${o?.mode??"not set"}`,severity:"warn"}):i.push({label:`policies.publisherChange.mode: ${o.mode}`,severity:"ok"}),l.blockExoticSubdeps===void 0||!l.blockExoticSubdeps?i.push({detail:"Transitive dependencies can pull code from git repos or tarball URLs. Set to true to block.",label:`blockExoticSubdeps: ${String(l.blockExoticSubdeps??!1)}`,severity:"warn"}):i.push({label:"blockExoticSubdeps: true",severity:"ok"});const h=c?.allow?Object.keys(c.allow).length:0;if(h===0?i.push({detail:"Lifecycle scripts are blocked by default. List trusted packages here to opt them back in (e.g. esbuild, @prisma/client).",label:"policies.installScripts.allow: not configured",severity:"warn"}):i.push({label:`policies.installScripts.allow: ${String(h)} ${h===1?"entry":"entries"}`,severity:"ok"}),c?.strict&&h===0&&i.push({detail:"All dependencies with build scripts will be blocked. Run 'vis approve-builds' to populate the allow list.",label:"policies.installScripts.strict is on but allow is empty",severity:"error"}),t.workspaceRoot){const a=ii(t.workspaceRoot);if(a.length>0){const p=[...new Set(a.map(w=>w.tool))].sort((w,j)=>w.localeCompare(j)).join(", ");i.push({detail:"Run `vis migrate verify` for the full list, then re-run `vis migrate <tool>` to clean up.",label:`${String(a.length)} leftover ${a.length===1?"reference":"references"} to ${p}`,severity:"warn"})}}if(t.workspaceRoot&&t.packageManager==="aube"){const a=rs(t.workspaceRoot),p=ns(a),w=p.source?` (from ${p.source})`:"";p.paranoid===!0&&i.push({detail:"Forces jailBuilds, trustPolicy=no-downgrade, minimumReleaseAgeStrict, strictStoreIntegrity, and strictDepBuilds on.",label:`aube paranoid: true${w}`,severity:"ok"}),p.trustPolicy==="off"&&i.push({detail:"Trust downgrades between releases will not be blocked. Set trustPolicy: no-downgrade in aube-workspace.yaml.",label:`aube trustPolicy: off${w}`,severity:"warn"}),p.blockExoticSubdeps===!1&&i.push({detail:"Transitive deps from git+, file:, and tarball URLs will not be blocked. Re-enable with blockExoticSubdeps: true.",label:`aube blockExoticSubdeps: false${w}`,severity:"warn"}),p.minimumReleaseAge===0&&i.push({detail:"Newly published versions are not held in a cooling window. Restore with minimumReleaseAge: 1440 (24h) or higher.",label:`aube minimumReleaseAge: 0${w}`,severity:"warn"}),p.jailBuilds===!0&&i.push({label:`aube jailBuilds: true${w}`,severity:"ok"}),p.strictDepBuilds===!0&&i.push({label:`aube strictDepBuilds: true${w}`,severity:"ok"}),p.allowBuildsCount>0&&i.push({label:`aube allowBuilds: ${String(p.allowBuildsCount)} ${p.allowBuildsCount===1?"entry":"entries"}${w}`,severity:"ok"})}if(t.workspaceRoot&&t.packageManager){const a=as(t.workspaceRoot,t.packageManager);if(a.length>0){const p=cs(a);if(p.length===0)i.push({label:`patchedDependencies: ${String(a.length)} ${a.length===1?"entry":"entries"} resolved`,severity:"ok"});else for(const w of p)i.push({detail:`Referenced from ${t.packageManager==="pnpm"?"pnpm-workspace.yaml":"package.json"} but the file is not present at ${w.entry.patchFile}.`,label:`patchedDependencies: missing patch file for ${w.entry.name}@${w.entry.version}`,severity:"error"})}}return{findings:i,status:He(i)}},H=e=>e>=1e3?`${(e/1e3).toFixed(1)}s`:`${String(Math.round(e))}ms`,je=async(e,t,i,l)=>{if(!e)return i();e.start(t);const n=Date.now();try{const o=await i(),c=Date.now()-n,{status:h,summary:a}=l(o,c);return e.finish(t,h,a),o}catch(o){const c=Date.now()-n,h=o instanceof Error?o.message:String(o);throw e.finish(t,"error",`${h} (${H(c)})`),o}},us=(e,t)=>{const i={duplicates:t.duplicates,optimizations:t.optimizations,outdated:t.outdated,runtime:t.runtime,sections:new Set([e])};return lt(i)},Ye=async e=>{const{filterPatterns:t,installed:i,progress:l,resolveCodemods:n,sections:o,store:c,visConfig:h,workspaceRoot:a}=e,p=o.has("dependencies"),w=o.has("security"),j=o.has("optimization"),k=o.has("runtime"),D=(g,A)=>dt(us(g,A),t),$=it(a),{packageManager:f}=qe(a),T=Be(q(a,"package.json"),!1),M=tt(a),F=new Set(T);for(const g of M){const A=Be(q(Xe(a,g),"package.json"),!1);for(const I of A)F.add(I)}const E=Nt(a),R=Ke(a,f),P=Je(h?.security,{minimumScore:h?.security?.policies?.score?.minimum}),Y=h?.security?.policies?.score?.minimum??Qe,Z=h?.security?.acceptedRisks,ee=Lt(a,$.name),W={exclude:[],ignore:[],include:[],includeLocked:!1,includePrerelease:!1,security:!0,target:"latest"},B=p?Jt(a,$.name):[],L=j?_t(F):[],b=j?Vt(F,ee,$,!1):[],S=new Set(L.map(g=>g.packageName)),_=b.filter(g=>!S.has(g.packageName)),V=[...L,..._],G=k?ki(a):[];c&&(p&&c.startSection("dependencies",R.size>0?"checking outdated catalog dependencies":"scanning duplicates"),w&&c.startSection("security",i.length>0?`scanning ${String(i.length)} packages for advisories`:"no installed packages to scan"),j&&c.startSection("optimization","matching e18e + socket overrides"),k&&c.startSection("runtime","running runtime diagnostics")),c&&k&&c.completeSection("runtime",D("runtime",{duplicates:[],optimizations:[],outdated:[],runtime:G}));const ne=(p||w)&&R.size>0?je(l,"outdated",()=>Mt(R,W,E,void 0,a,P,Z),(g,A)=>{const I=g.outdated.length;return{status:I>0?"warn":"ok",summary:I>0?`${String(I)} outdated · ${H(A)}`:`up to date · ${H(A)}`}}):Promise.resolve({failed:[],ignored:[],outdated:[]}),Q=w&&i.length>0?je(l,"vulnerabilities",()=>Et(i.map(g=>({name:g.name,version:g.version}))),(g,A)=>{let I=0;for(const ie of g.values())I+=ie.length;return{status:I>0?"error":"ok",summary:I>0?`${String(I)} found · ${H(A)}`:`none found · ${H(A)}`}}):Promise.resolve(new Map),z=w&&P.length>0&&i.length>0?je(l,"socket",()=>Dt(P,i.map(g=>({name:g.name,version:g.version}))),(g,A)=>{let I=0,ie=0;for(const Fe of g.values())I+=Fe.alerts.length,Fe.score.overall<Y&&(ie+=1);const De=I+ie;return{status:De>0?"warn":"ok",summary:De>0?`${String(I)} alert${I===1?"":"s"}, ${String(ie)} low-score · ${H(A)}`:`clean · ${H(A)}`}}):Promise.resolve(new Map);let U,te,ce,de;const ue=ne.catch(g=>(U=g instanceof Error?g.message:String(g),c||d.warn(`Outdated scan failed: ${U}`),{failed:[],ignored:[],outdated:[]})),me=Q.catch(g=>(te=g instanceof Error?g.message:String(g),c||d.warn(`Vulnerability scan failed: ${te}`),new Map)),x=z.catch(g=>(ce=g instanceof Error?g.message:String(g),c||d.warn(`Socket scan failed: ${ce}`),new Map)),m=c&&p?ue.then(g=>{if(U){c.failSection("dependencies",U);return}c.completeSection("dependencies",D("dependencies",{duplicates:B,optimizations:[],outdated:g.outdated,runtime:[]}))}):void 0,y=c&&w?Promise.all([ue,me,x]).then(([g])=>{const A=U??te??ce;if(A){c.failSection("security",A);return}c.completeSection("security",D("security",{duplicates:[],optimizations:[],outdated:g.outdated,runtime:[]}))}):void 0,xe=(async()=>{if(n&&j&&V.length>0&&await je(l,"codemods",async()=>(await Ht(V),V),(g,A)=>{const I=g.filter(ie=>ie.hasCodemod||ie.category==="socket").length;return{status:"ok",summary:`${String(I)} auto-fixable · ${H(A)}`}}).catch(g=>{de=g instanceof Error?g.message:String(g)}),c&&j){if(de){c.failSection("optimization",de);return}c.completeSection("optimization",D("optimization",{duplicates:[],optimizations:V,outdated:[],runtime:[]}))}})(),[oe,gt,ft]=await Promise.all([ue,me,x]);await Promise.all([m,y,xe]);let Me=0,Ee=0;if(w&&P.length>0)for(const g of ft.values())Me+=g.alerts.length,g.score.overall<Y&&(Ee+=1);let Ae=0;if(w){for(const g of oe.outdated)g.vulnerabilities&&g.vulnerabilities.length>0&&(Ae+=g.vulnerabilities.length);for(const g of gt.values())Ae+=g.length}return{duplicates:B,installedCount:i.length,optimizations:j?V:[],outdated:p?oe.outdated:[],runtime:G,sections:o,socketIssues:{alerts:Me,lowScore:Ee},supplyChain:ds(h,{packageManager:f,workspaceRoot:a}),vulnCount:Ae,workspaceCount:M.length}},hs=e=>{switch(e){case"error":return ve(N.failure);case"skip":return v(N.dash);case"warn":return Re(N.warning);default:return fe(N.success)}},ae=(e,t)=>{const i=process.stderr.columns??80,l=Math.max(20,Math.min(i-2,60)),n=N.dash.repeat(2),o=`${hs(t)} ${le(e)}`,c=o.replaceAll(/\[[0-9;]*m/g,"").length,h=Math.max(0,l-c-n.length-2);return`${n} ${o} ${v(N.dash.repeat(h))}`},J=e=>` ${fe(N.success)} ${e}`,X=e=>` ${Re(N.warning)} ${e}`,Ne=e=>` ${ve(N.failure)} ${e}`,pt=e=>` ${v(N.dash)} ${v(e)}`,K=(e,t,i)=>{const l=`${le(String(e))} ${v(t)}`;return i?`${l} ${v(`(${i})`)}`:l},ps=e=>{if(e.sections.has("dependencies")){if(d.log(""),d.log(ae("Dependencies",se(e,"dependencies"))),d.log(J(K(e.installedCount,"packages installed"))),e.outdated.length>0){const t=e.outdated.filter(o=>o.updateType==="major").length,i=e.outdated.filter(o=>o.updateType==="minor").length,l=e.outdated.filter(o=>o.updateType==="patch").length,n=[];t>0&&n.push(`${String(t)} major`),i>0&&n.push(`${String(i)} minor`),l>0&&n.push(`${String(l)} patch`),d.log(X(K(e.outdated.length,"outdated",n.join(", "))))}else d.log(J("All dependencies up to date"));e.duplicates.length>0?d.log(X(K(e.duplicates.length,"packages with duplicate versions"))):d.log(J("No duplicate dependencies"))}},gs=e=>{e.sections.has("security")&&(d.log(""),d.log(ae("Security",se(e,"security"))),e.vulnCount>0?d.log(Ne(K(e.vulnCount,`vulnerabilit${e.vulnCount===1?"y":"ies"} found`))):d.log(J("No known vulnerabilities")),e.socketIssues.alerts>0&&d.log(X(K(e.socketIssues.alerts,`Socket.dev security alert${e.socketIssues.alerts===1?"":"s"}`))),e.socketIssues.lowScore>0&&d.log(X(K(e.socketIssues.lowScore,`package${e.socketIssues.lowScore===1?"":"s"} with low security score`))),e.socketIssues.alerts===0&&e.socketIssues.lowScore===0&&e.vulnCount===0&&d.log(J("No security issues detected")))},fs=e=>{if(!e.sections.has("optimization"))return;d.log(""),d.log(ae("Optimization",se(e,"optimization")));const t=ht(e.optimizations);if(t.total===0){d.log(J("No optimizations available"));return}t.native>0&&d.log(X(K(t.native,"replaceable with native APIs"))),t.preferred>0&&d.log(X(K(t.preferred,"with lighter alternatives"))),t.micro>0&&d.log(X(K(t.micro,"trivial micro-utilities"))),t.socket>0&&d.log(X(K(t.socket,"@socketregistry overrides available")))},ms=e=>{d.log(""),d.log(ae("Supply Chain",e.supplyChain.status));for(const t of e.supplyChain.findings){const i=t.severity==="ok"?J(t.label):t.severity==="error"?Ne(t.label):X(t.label);d.log(i),t.detail&&d.log(` ${v(N.arrow)} ${v(t.detail)}`)}e.supplyChain.status!=="ok"&&d.log(` ${v(N.arrow)} ${v("Configure with security.* in vis.config.ts. See `vis check --security-config` for details.")}`)},xs=e=>{if(e.sections.has("runtime")){d.log(""),d.log(ae("Runtime",se(e,"runtime")));for(const t of e.runtime)t.status==="ok"?d.log(J(t.message)):t.status==="skip"?d.log(pt(t.message)):d.log(X(t.message))}},ws=(e,t)=>{const i=e.vulnCount,l=e.runtime.filter(o=>o.status==="warn").length,n=e.outdated.length+e.duplicates.length+e.optimizations.length+l;if(t){if(i===0&&n===0)d.success(`Everything looks good! ${v(`(${H(e.elapsedMs)})`)}`);else{const o=[];i>0&&o.push(ve(`${String(i)} security`)),n>0&&o.push(Re(`${String(n)} improvement${n===1?"":"s"}`)),d.log(`${ve(N.failure)} ${o.join(", ")} ${v(`(${H(e.elapsedMs)})`)}`)}return}d.log(""),d.log(ae("Summary","ok")),i===0&&n===0?d.success(`Everything looks good! ${v(`(${H(e.elapsedMs)})`)}`):(i>0&&d.error(`${String(i)} security issue${i===1?"":"s"}`),n>0&&d.log(` ${ke(N.arrow)} ${le(String(n))} ${v(`improvement${n===1?"":"s"} available`)} ${v(`(${H(e.elapsedMs)})`)}`))},ys=e=>{const t=[];if(e.outdated.length>0&&t.push("vis update — update outdated dependencies"),(e.vulnCount>0||e.socketIssues.alerts>0)&&t.push("vis audit — detailed security analysis"),e.optimizations.length>0&&t.push("vis optimize — apply optimizations interactively"),e.duplicates.length>0&&t.push("vis dedupe — reduce duplicate versions"),t.length>0){d.log(""),d.log(le("Next steps:"));for(const i of t)d.log(` ${v(N.arrow)} ${i}`)}d.log("")},ks=(e,t)=>{t||(ps(e),gs(e),fs(e),xs(e),ms(e)),ws(e,t)},vs=(e,t,i,l,n)=>{const o=[],c=e.has("dependencies"),h=e.has("security"),a=e.has("optimization");return(c||h)&&t>0&&o.push({id:"outdated",label:"Outdated catalog dependencies"}),h&&l>0&&o.push({id:"vulnerabilities",label:"Known vulnerabilities (OSV)"}),h&&i&&l>0&&o.push({id:"socket",label:"Socket.dev supply-chain reports"}),a&&n&&o.push({id:"codemods",label:"Codemod availability"}),o},bs=e=>{if(d.log(""),d.log(`${le(ke("vis doctor"))} ${v("— project health check")}`),d.log(J(`Detected ${e.packageManagerName} v${e.packageManagerVersion}`)),e.runtimeFindings.length===0)d.log(J(`Node.js ${e.nodeVersion}`));else{for(const t of e.runtimeFindings){const i=t.severity==="error"?ve:Re;d.log(Ne(`Runtime: ${i(t.message)}`))}d.log(` ${v(N.arrow)} Run ${fe("vis toolchain install")} to install pinned versions, or ${fe("vis toolchain status")} for the per-tool breakdown.`)}d.log("")},Hs=async({fs:e,logger:t,options:i,visConfig:l,visConfigError:n,workspaceRoot:o})=>{if(!o)throw new Error("Could not determine workspace root.");const c=i.format==="json"||i.json===!0,h=es(i.only,i.skip),a=!!i.quiet,p=i.progress===!1,w=Qi(i.filter);if(h.size===0){d.error("No sections selected. Check your --only / --skip values."),process.exitCode=2;return}const j=Date.now(),k=it(o),D=Wt(o),$=!!process.stdout.isTTY,f=!c&&$&&!Ot&&!a&&!p;!c&&!f&&bs({nodeVersion:process.versions.node,packageManagerName:k.name,packageManagerVersion:k.version,runtimeFindings:D});const T=Ke(o,qe(o).packageManager),M=Xt(o,k.name),F=M.length,E=Je(l?.security).length>0,R=l?.security?.policies?.score?.minimum??Qe,P=tt(o);if(!c&&!a&&!f){const z=P.length>0?v(` · ${String(P.length)} workspace package${P.length===1?"":"s"}`):"";d.log(`${v("·")} ${v("Found")} ${le(String(F))} ${v(`installed package${F===1?"":"s"}`)}${z}`)}const Y=n?{hint:n.file?`Continuing with default settings — fix or regenerate ${n.file} (vis init --force).`:"Continuing with default settings.",message:n.message,severity:"error",title:n.file?`Failed to load ${n.file}`:"Failed to load vis.config"}:void 0,Z=Kt(o,k.name)?.file,ee=Z?q(o,Z):void 0,W=Bt(o),B=i.cache!==!1&&!i.fix?ni({configPath:W,lockfilePath:ee,sections:h,socketEnabled:E,workspaceRoot:o}):void 0,L=B?oi(B):void 0,b=L!==void 0;let S,_;if(f){const z=L?new _e({activeSections:h,findings:dt(lt(L),w)}):new _e({activeSections:h}),U=At(It.createElement(Xi,{banner:Y,fromCache:b,startedAt:j,store:z}),{alternateScreen:!0,exitOnCtrlC:!1,interactive:!0,patchConsole:!0});try{S=L??await Ye({filterPatterns:w,installed:M,resolveCodemods:!!i.fix,sections:h,store:z,visConfig:l,workspaceRoot:o})}catch(te){throw U.unmount(),te}await U.waitUntilExit(),_=z.getSnapshot().pendingAction}else if(L)S=L;else{const z=vs(h,T.size,E,F,!!i.fix),U=qt(z,{live:!c&&!a&&!p});try{S=await Ye({filterPatterns:w,installed:M,progress:U,resolveCodemods:!!i.fix,sections:h,visConfig:l,workspaceRoot:o})}finally{U.stop()}}const V={...S,elapsedMs:Date.now()-j};if(B&&!b)try{li(B,V)}catch{}const G=Zi(V,w,R);if(c){process.stdout.write(`${JSON.stringify(ts(G,k.name),void 0,2)}
4
- `),i.exitCode&&Ue(G,!!i.strict)&&(process.exitCode=1);return}b&&!a&&d.log(`${v("·")} Cached results (use --no-cache to refresh)`),w.length>0&&!a&&d.log(`${v("·")} Filter active: ${ke(i.filter??"")}`),ks(G,a);const ne=G.runtime.some(z=>z.id===$e&&z.status==="warn"),Q=G.sections.has("optimization")&&G.optimizations.length>0;i.fix&&(Q||ne)?await js({force:!!i.fixForce,fs:e,logger:t,pm:k,recoverOrphans:ne,results:G,useEditorconfig:l?.editorconfig??!0,workspaceRoot:o}):a||ys(G),_&&(process.stdout.write(`
1
+ import{createRequire as mt}from"node:module";import{E as v,j as le,q as ke,I as fe,V as ve,s as Re}from"../packem_shared/index.server-J83sowC4.js";import{a5 as yt,T as wt,_ as kt,U as vt,Q as bt,y as jt,V as $t,W as Pe,p as d,P as qe,S as N}from"./cli-main.js";import{m as q,f as be,a as St,v as Ct,A as Rt,B as Xe}from"../packem_shared/index-CE6MsgcV.js";import{E as At}from"../packem_shared/public-api-WqUCiyIe.js";import{m as s,n as u,i as r,r as O,R as Ke,c as Je,$ as Tt,d as It,g as Nt,V as Mt,N as Et,f as Dt}from"./catalog.js";import{g as Ft,B as ze,h as Qe}from"../packem_shared/env-Ct3hMEYB.js";import{I as Ot}from"../packem_shared/index-B0EsgdzO.js";import{a as et}from"../packem_shared/readJsonSync-CvkZyKmL-ihoybKvs.js";import{findVisConfigFile as Bt}from"./CONFIG_FILES.js";import{A as tt,x as Be,N as Lt,F as _t,T as Vt,a as Gt,I as Ut,U as Ht}from"./handler66.js";import{A as it,y as Yt}from"../packem_shared/pm-runner-CQcraCcu.js";import{c as Wt}from"../packem_shared/runtime-check-BXehSP06.js";import{s as qt}from"../packem_shared/scan-progress-YRpDs90j.js";import{l as Xt,r as Kt,f as Jt}from"../packem_shared/dependency-scan-DpOFiZuI.js";import{o as st}from"../packem_shared/spinner-DuJJvFTl.js";import{F as Qt,a as Zt}from"../packem_shared/tabs-CgxCvjCY.js";import{u as ei}from"../packem_shared/use-measured-height-DHi0xOPO.js";import{u as ti}from"./ts-loader.js";import{s as ii}from"../packem_shared/verify-DStfg3nb.js";const xt=mt(import.meta.url),ye=typeof globalThis<"u"&&typeof globalThis.process<"u"?globalThis.process:process,We=e=>{if(typeof ye<"u"&&ye.versions&&ye.versions.node){const[t,i]=ye.versions.node.split(".").map(Number);if(t>22||t===22&&i>=3||t===20&&i>=16)return ye.getBuiltinModule(e)}return xt(e)},{spawnSync:Ae}=We("node:child_process"),{rmSync:Oe,writeFileSync:Pt,statSync:zt,readFileSync:Ze}=We("node:fs"),Ie=()=>q(Ft(),"doctor"),si=1800*1e3,Le=e=>{if(!e)return"";try{return String(zt(e).mtimeMs)}catch{return""}},ri=2,ni=e=>{const t=JSON.stringify({configMtime:Le(e.configPath),lockfileMtime:Le(e.lockfilePath),schema:ri,sections:[...e.sections].toSorted(),socketEnabled:e.socketEnabled,workspaceRoot:e.workspaceRoot});return yt(Buffer.from(t))},oi=e=>{const t=q(Ie(),`${e}.json`);if(be(t))try{const i=et(t);if(Date.now()-i.createdAt>i.ttlMs){Oe(t,{force:!0});return}return{...i.results,sections:new Set(i.results.sections)}}catch{Oe(t,{force:!0});return}},li=(e,t,i=si)=>{St(Ie());const l={createdAt:Date.now(),results:{...t,sections:[...t.sections]},ttlMs:i};Pt(q(Ie(),`${e}.json`),JSON.stringify(l,void 0,2),"utf8")},$e="orphans",ai=()=>{if(process.platform!=="linux")return{id:"inotify",message:"inotify capacity check skipped (not Linux).",status:"skip"};let e;try{const t=Ze("/proc/sys/fs/inotify/max_user_watches","utf8").trim(),i=Number.parseInt(t,10);Number.isFinite(i)&&i>0&&(e=i)}catch{return{id:"inotify",message:"Could not read /proc/sys/fs/inotify/max_user_watches.",status:"warn"}}return e===void 0?{id:"inotify",message:"inotify max_user_watches reported a non-numeric value.",status:"warn"}:e<65536?{detail:{maxWatches:e},id:"inotify",message:`inotify watcher limit is ${String(e)} — large monorepos can exhaust this. Bump now with \`sudo sysctl fs.inotify.max_user_watches=524288\` and persist via \`/etc/sysctl.d/99-vis.conf\` so it survives reboot.`,status:"warn"}:{detail:{maxWatches:e},id:"inotify",message:`inotify capacity OK (${String(e)} watches).`,status:"ok"}},ci=()=>{const e=!!process.stdin.isTTY,t=!!process.stdout.isTTY;return e&&t?{id:"tty",message:"Interactive TTY available — watch keybinds enabled.",status:"ok"}:!e&&!t?{id:"tty",message:"No TTY on stdin/stdout — running in CI / piped mode (keybinds disabled).",status:"skip"}:{detail:{stdin:String(e),stdout:String(t)},id:"tty",message:e?"stdin is a TTY but stdout is not — output is being captured; keybinds still work.":"stdout is a TTY but stdin is not — keybinds disabled (input is piped).",status:"skip"}},di=()=>{const e=process.pid;try{return process.platform==="win32"?ot(e):nt(e)}catch{return[]}},ui=()=>{const e=process.pid;let t;try{t=process.platform==="win32"?ot(e):nt(e)}catch{return{id:$e,message:"Could not enumerate processes (ps/tasklist failed).",status:"warn"}}if(t.length===0)return{id:$e,message:"No orphaned vis/task-runner processes detected.",status:"ok"};if(t.length<=2)return{detail:{count:t.length,pids:t.join(",")},id:$e,message:`${String(t.length)} possibly orphaned process(es) detected (PIDs: ${t.join(", ")}). Likely benign.`,status:"skip"};const i=process.platform==="win32"?t.map(l=>`taskkill /F /PID ${String(l)}`).join(" & "):`kill ${t.join(" ")}`;return{detail:{count:t.length,pids:t.join(",")},id:"orphans",message:`${String(t.length)} possibly orphaned vis/task-runner processes — run \`vis doctor --fix\` to clean them up, or kill them manually: ${i}`,status:"warn"}},hi=(e={})=>{const t=e.enumerate??di,i=e.force===!0?"SIGKILL":"SIGTERM",l=e.kill??xi,n=t(),o=[],c=[];for(const h of n)try{l(h,i),o.push(h)}catch(a){const p=a.code??a.message;if(p==="ESRCH"){o.push(h);continue}c.push({pid:h,reason:p})}return{failed:c,killed:o}},pi=e=>Ae("taskkill",e,{encoding:"utf8",timeout:1e4}),gi=(e,t)=>{process.kill(e,t)},fi=(e,t,i=pi)=>{const l=t==="SIGKILL"?["/F","/PID",String(e)]:["/PID",String(e)],n=i(l);if(n.error)throw n.error;if(typeof n.status=="number"&&n.status!==0){const o=n.status===128?"ESRCH":`taskkill exited with code ${String(n.status)}`,c=new Error(o);throw c.code=o,c}},mi=(e,t,i=gi)=>{i(e,t)},xi=(e,t)=>{if(process.platform==="win32"){fi(e,t);return}mi(e,t)},rt=(e,t)=>{const i=Ae(e,t,{encoding:"utf8",timeout:1e4});if(i.error)throw i.error;if(typeof i.status=="number"&&i.status!==0)throw new Error(`${e} exited with code ${String(i.status)}`);return typeof i.stdout=="string"?i.stdout:""},nt=e=>{const t=rt("ps",["-Ao","pid=,command="]),i=[];for(const l of t.split(`
2
+ `)){if(l.length===0)continue;const n=/^\s*(\d+)\s+(.+)$/.exec(l);if(!n)continue;const o=Number.parseInt(n[1]??"",10),c=(n[2]??"").toLowerCase();!Number.isFinite(o)||o===e||(/(?:^|[ /])vis-native(?:\s|$|[-.])/.test(c)||/(?:^|[ /])vis\s+run\b/.test(c)||/(?:^|[ /])task-runner(?:\s|$|[-.])/.test(c))&&i.push(o)}return i},ot=e=>{const t=rt("tasklist",["/FO","CSV","/NH"]),i=[];for(const l of t.split(/\r?\n/)){if(l.length===0)continue;const n=l.split(/","/).map(h=>h.replaceAll(/^"|"$/g,"")),o=(n[0]??"").toLowerCase(),c=Number.parseInt(n[1]??"",10);!Number.isFinite(c)||c===e||(o==="vis.exe"||o.startsWith("vis-native")||o.includes("task-runner"))&&i.push(c)}return i},yi=()=>{let e;try{const t=Ae("watchman",["--version"],{encoding:"utf8",timeout:2e3});if(t.error||typeof t.status=="number"&&t.status!==0)throw t.error??new Error("watchman exited non-zero");e=typeof t.stdout=="string"?t.stdout.trim():void 0}catch{return{id:"watchman",message:"Watchman not found — `vis` uses native fs.watch (fine for small repos). Install Watchman + `fb-watchman` to scale watch mode on large monorepos.",status:"skip"}}return{detail:e?{version:e}:void 0,id:"watchman",message:e?`Watchman available (${e}) — scalable watch backend in use.`:"Watchman available — scalable watch backend in use.",status:"ok"}},wi=(e=process.cwd())=>{let t="";try{t=Ze(q(e,".gitattributes"),"utf8")}catch(i){if(i.code!=="ENOENT")return{id:"git-lfs",message:"Could not read .gitattributes.",status:"warn"}}if(!t.includes("filter=lfs"))return{id:"git-lfs",message:"No Git LFS tracking declared in .gitattributes.",status:"skip"};try{const i=Ae("git",["lfs","version"],{encoding:"utf8",timeout:2e3});if(i.error||typeof i.status=="number"&&i.status!==0)throw i.error??new Error("git-lfs not available")}catch{return{id:"git-lfs",message:"Repo tracks files via Git LFS but `git-lfs` is not installed — checked-out LFS files are pointer stubs, not real content. Install git-lfs and run `git lfs pull`.",status:"warn"}}return{id:"git-lfs",message:"Git LFS tracking declared and `git-lfs` is installed.",status:"ok"}},ki=e=>[ai(),ci(),yi(),wi(e),ui()],ge=[{id:"dependencies",label:"Deps"},{id:"security",label:"Security"},{id:"optimization",label:"Optimize"},{id:"runtime",label:"Runtime"}],Ce=["dependencies","security","optimization","runtime"],he=e=>{const t=new Map;for(const i of Ce)t.set(i,[]);for(const i of e)t.get(i.section).push(i);for(const[i,l]of t)l.length===0&&t.delete(i);return t},pe=(e,t,i,l)=>{let n=e.filter(o=>o.section===t);if(l&&(n=n.filter(o=>o.severity===l)),i){const o=i.toLowerCase();n=n.filter(c=>c.title.toLowerCase().includes(o))}return[...n]},vi=e=>{const t={dependencies:"idle",optimization:"idle",runtime:"idle",security:"idle"};for(const i of Ce)e.has(i)&&(t[i]="idle");return t};class _e{#e;#i=new Set;constructor(t=[]){const i=Array.isArray(t)?{findings:t}:t,l=i.findings??[],n=i.activeSections??new Set(Ce),o=Ce.find(a=>n.has(a))??"dependencies",c=pe(l,o,"",void 0),h=vi(n);if(l.length>0)for(const a of l)h[a.section]="done";this.#e={all:l,entries:c,filterActive:!1,filterText:"",filterType:o,focusedPanel:"list",grouped:he(c),pendingAction:void 0,sectionError:{},sectionMessage:{},sectionStatus:h,selectedIndex:0,severityFilter:void 0}}getSnapshot=()=>this.#e;subscribe=t=>(this.#i.add(t),()=>{this.#i.delete(t)});setSelectedIndex(t){const i=Math.max(0,Math.min(t,this.#e.entries.length-1));i!==this.#e.selectedIndex&&this.#t({...this.#e,selectedIndex:i})}setFocusedPanel(t){t!==this.#e.focusedPanel&&this.#t({...this.#e,focusedPanel:t})}setFilterType(t){if(t===this.#e.filterType)return;const i=pe(this.#e.all,t,this.#e.filterText,this.#e.severityFilter);this.#t({...this.#e,entries:i,filterType:t,grouped:he(i),selectedIndex:0})}setFilter(t){const i=pe(this.#e.all,this.#e.filterType,t,this.#e.severityFilter);this.#t({...this.#e,entries:i,filterText:t,grouped:he(i),selectedIndex:0})}setFilterActive(t){if(t===this.#e.filterActive)return;if(t){this.#t({...this.#e,filterActive:!0});return}const i=pe(this.#e.all,this.#e.filterType,"",this.#e.severityFilter);this.#t({...this.#e,entries:i,filterActive:!1,filterText:"",grouped:he(i),selectedIndex:0})}setPendingAction(t){this.#t({...this.#e,pendingAction:t})}setSeverityFilter(t){if(t===this.#e.severityFilter)return;const i=pe(this.#e.all,this.#e.filterType,this.#e.filterText,t);this.#t({...this.#e,entries:i,grouped:he(i),selectedIndex:0,severityFilter:t})}startSection(t,i){this.#t({...this.#e,sectionMessage:{...this.#e.sectionMessage,[t]:i},sectionStatus:{...this.#e.sectionStatus,[t]:"running"}})}completeSection(t,i){const l=[...this.#e.all,...i],n=pe(l,this.#e.filterType,this.#e.filterText,this.#e.severityFilter),o={...this.#e.sectionMessage};delete o[t],this.#t({...this.#e,all:l,entries:n,grouped:he(n),sectionMessage:o,sectionStatus:{...this.#e.sectionStatus,[t]:"done"}})}failSection(t,i){this.#t({...this.#e,sectionError:{...this.#e.sectionError,[t]:i},sectionStatus:{...this.#e.sectionStatus,[t]:"error"}})}#t(t){this.#e=t;for(const i of this.#i)try{i()}catch{}}}const Ve={error:0,warn:1},bi=e=>!!e.acceptedRisk,lt=e=>{const t=[];if(e.sections.has("dependencies")){for(const i of e.outdated)t.push({entry:i,id:`outdated:${i.packageName}`,kind:"outdated",section:"dependencies",severity:"warn",subtitle:`${i.currentRange} → ${i.newRange} (${i.updateType})`,title:i.packageName});for(const i of e.duplicates)t.push({id:`duplicate:${i.name}`,kind:"duplicate",pkg:i,section:"dependencies",severity:"warn",subtitle:`${String(i.versions.length)} versions installed`,title:i.name})}if(e.sections.has("security"))for(const i of e.outdated){if(i.vulnerabilities&&i.vulnerabilities.length>0){const l=i.vulnerabilities[0],n=bi(i)?"warn":"error",o=i.vulnerabilities.length;t.push({entry:i,id:`vuln:${i.packageName}`,kind:"vulnerability",packageName:i.packageName,section:"security",severity:n,subtitle:o===1?`${l.severity} · ${l.id}`:`${String(o)} advisories · top: ${l.severity} ${l.id}`,title:i.packageName})}if(i.socketReport&&i.socketReport.alerts.length>0){const l=Math.round(i.socketReport.score.overall*100);t.push({entry:i,id:`socket:${i.packageName}`,kind:"socket",packageName:i.packageName,section:"security",severity:"warn",subtitle:`${String(i.socketReport.alerts.length)} alert${i.socketReport.alerts.length===1?"":"s"} · score ${String(l)}%`,title:i.packageName})}}if(e.sections.has("optimization"))for(const i of e.optimizations)t.push({entry:i,id:`opt:${i.packageName}`,kind:"optimization",section:"optimization",severity:"warn",subtitle:`${i.category} → ${i.replacement}`,title:i.packageName});if(e.sections.has("runtime"))for(const i of e.runtime)i.status==="warn"&&t.push({diagnostic:i,id:`runtime:${i.id}`,kind:"runtime",section:"runtime",severity:"warn",title:i.message});return t.sort((i,l)=>{if(i.section!==l.section){const n=["dependencies","security","optimization","runtime"];return n.indexOf(i.section)-n.indexOf(l.section)}return Ve[i.severity]-Ve[l.severity]}),t},at={dependencies:"Dependencies",optimization:"Optimization",runtime:"Runtime",security:"Security"},ji={error:"red",warn:"yellow"},$i={error:"✖",warn:"⚠"},Si={error:" ERROR ",warn:" WARN "},Ci=({children:e,hint:t,message:i,severity:l,title:n})=>{const o=ji[l];return s.jsxs(u,{borderColor:o,borderStyle:"single",flexDirection:"column",flexShrink:0,paddingX:1,children:[s.jsxs(u,{gap:1,children:[s.jsx(r,{backgroundColor:o,bold:!0,color:"black",children:Si[l]}),s.jsx(r,{bold:!0,color:o,children:$i[l]}),s.jsx(r,{bold:!0,wrap:"truncate-end",children:n})]}),s.jsx(r,{wrap:"truncate-end",children:i}),t?s.jsx(r,{dimColor:!0,wrap:"truncate-end",children:t}):null,e]})},Ri={CRITICAL:"red",HIGH:"red",LOW:"gray",MODERATE:"yellow",UNKNOWN:"gray"},Ai={critical:"red",high:"red",low:"gray",medium:"yellow"},Ti={major:"red",minor:"yellow",patch:"green"},C=({children:e,label:t,width:i=14})=>s.jsxs(u,{children:[s.jsx(u,{width:i,children:s.jsxs(r,{dimColor:!0,children:[t,":"]})}),typeof e=="string"?s.jsx(r,{children:e}):e]}),re=({children:e})=>s.jsx(u,{marginTop:1,children:s.jsx(r,{bold:!0,color:"white",children:e})}),Ii=({finding:e})=>{const{entry:t}=e,i=Ti[t.updateType]??"white";return s.jsxs(u,{flexDirection:"column",children:[s.jsx(C,{label:"Current",children:t.currentRange}),s.jsxs(C,{label:"Target",children:[s.jsx(r,{children:t.newRange}),s.jsxs(r,{bold:!0,color:i,children:[" (",t.updateType,")"]})]}),s.jsx(C,{label:"Catalog",children:t.catalogName}),t.acceptedRisk?s.jsx(C,{label:"Risk ack",children:s.jsx(r,{dimColor:!0,children:t.acceptedRisk.reason??"(no reason recorded)"})}):null,s.jsx(re,{children:"Action"}),s.jsxs(r,{dimColor:!0,children:["Run"," ",s.jsx(r,{bold:!0,color:"white",children:"vis update"})," ","to apply this change."]})]})},Ni=({finding:e})=>s.jsxs(u,{flexDirection:"column",children:[s.jsx(C,{label:"Versions",children:s.jsx(r,{children:String(e.pkg.versions.length)})}),s.jsx(re,{children:"Installed versions"}),e.pkg.versions.map(t=>s.jsxs(r,{children:[" · ",t]},t)),s.jsx(re,{children:"Action"}),s.jsxs(r,{dimColor:!0,children:["Run"," ",s.jsx(r,{bold:!0,color:"white",children:"vis dedupe"})," ","to consolidate to a single resolution."]})]}),Mi=({finding:e})=>{const t=e.entry.vulnerabilities??[];return s.jsxs(u,{flexDirection:"column",children:[s.jsx(C,{label:"Package",children:e.packageName}),s.jsx(C,{label:"Current",children:e.entry.currentRange}),s.jsx(C,{label:"Advisories",children:String(t.length)}),e.entry.acceptedRisk?s.jsx(C,{label:"Risk ack",children:s.jsx(r,{dimColor:!0,children:e.entry.acceptedRisk.reason??"(no reason recorded)"})}):null,t.map(i=>{const l=Ri[i.severity]??"gray";return s.jsxs(u,{flexDirection:"column",marginTop:1,children:[s.jsxs(u,{children:[s.jsx(r,{bold:!0,color:l,children:i.severity}),s.jsx(r,{children:" "}),s.jsx(r,{children:i.id}),typeof i.cvssScore=="number"?s.jsxs(r,{dimColor:!0,children:[" · CVSS ",i.cvssScore.toFixed(1)]}):null]}),s.jsx(r,{wrap:"wrap",children:i.summary}),i.fixedVersions.length>0?s.jsxs(r,{dimColor:!0,children:["Fixed in: ",i.fixedVersions.join(", ")]}):null,i.aliases&&i.aliases.length>0?s.jsxs(r,{dimColor:!0,children:["Aliases: ",i.aliases.join(", ")]}):null]},i.id)})]})},Ei=({finding:e})=>{const t=e.entry.socketReport;if(!t)return s.jsx(r,{dimColor:!0,children:"No Socket report attached."});const i=Math.round(t.score.overall*100),l=ze(t.score.overall);return s.jsxs(u,{flexDirection:"column",children:[s.jsx(C,{label:"Package",children:e.packageName}),s.jsx(C,{label:"Overall",children:s.jsxs(r,{color:l,children:[String(i),"%"]})}),s.jsx(C,{label:"Alerts",children:String(t.alerts.length)}),e.entry.acceptedRisk?s.jsx(C,{label:"Risk ack",children:s.jsx(r,{dimColor:!0,children:e.entry.acceptedRisk.reason??"(no reason recorded)"})}):null,s.jsx(re,{children:"Score breakdown"}),Object.entries(t.score).map(([n,o])=>{if(n==="overall")return null;const c=typeof o=="number"?o:0,h=Math.round(c*100),a=ze(c);return s.jsxs(u,{children:[s.jsx(u,{width:14,children:s.jsxs(r,{dimColor:!0,children:[n,":"]})}),s.jsxs(r,{color:a,children:[String(h),"%"]})]},n)}),s.jsx(re,{children:"Alerts"}),t.alerts.map((n,o)=>{const c=Ai[n.severity]??"gray";return s.jsxs(u,{flexDirection:"column",marginBottom:1,children:[s.jsxs(u,{children:[s.jsx(r,{bold:!0,color:c,children:n.severity}),s.jsx(r,{children:" "}),s.jsx(r,{children:n.type})]}),n.props?s.jsx(r,{dimColor:!0,wrap:"wrap",children:JSON.stringify(n.props)}):null]},`${n.type}-${String(o)}`)})]})},Di=({finding:e})=>{const{entry:t}=e;return s.jsxs(u,{flexDirection:"column",children:[s.jsx(C,{label:"Package",children:t.packageName}),s.jsx(C,{label:"Category",children:t.category}),s.jsx(C,{label:"Replacement",children:t.replacement}),t.overrideSpec?s.jsx(C,{label:"Override",children:t.overrideSpec}):null,s.jsx(C,{label:"Codemod",children:s.jsx(r,{color:t.hasCodemod?"green":"gray",children:t.hasCodemod?"available":"not available"})}),t.docUrl?s.jsx(C,{label:"Guide",children:s.jsx(r,{color:"cyan",underline:!0,children:t.docUrl})}):null,s.jsx(re,{children:"Action"}),t.hasCodemod?s.jsxs(r,{dimColor:!0,children:["Run"," ",s.jsx(r,{bold:!0,color:"white",children:"vis optimize"})," ","to apply the codemod interactively."]}):t.overrideSpec?s.jsxs(r,{dimColor:!0,children:["Run"," ",s.jsx(r,{bold:!0,color:"white",children:"vis optimize"})," ","to install the package override."]}):t.docUrl?s.jsx(r,{dimColor:!0,children:"No automated codemod. Open the migration guide above for the recommended alternative and steps."}):s.jsx(r,{dimColor:!0,children:"No automated codemod. Consult the package's docs or the e18e module-replacements guide for an alternative."})]})},Fi=({finding:e})=>{const{diagnostic:t}=e,i=t.status==="warn"?"yellow":t.status==="ok"?"green":"gray";return s.jsxs(u,{flexDirection:"column",children:[s.jsx(C,{label:"Check",children:t.id}),s.jsx(C,{label:"Status",children:s.jsx(r,{color:i,children:t.status})}),s.jsx(re,{children:"Message"}),s.jsx(r,{wrap:"wrap",children:t.message}),t.detail&&Object.keys(t.detail).length>0?s.jsxs(s.Fragment,{children:[s.jsx(re,{children:"Details"}),Object.entries(t.detail).map(([l,n])=>s.jsxs(u,{children:[s.jsx(u,{width:20,children:s.jsxs(r,{dimColor:!0,children:[l,":"]})}),s.jsx(r,{children:String(n)})]},l))]}):null]})},Pi=({finding:e,focused:t,scrollRef:i})=>{const l=t?"white":"gray";if(!e)return s.jsx(u,{alignItems:"center",borderColor:"gray",borderStyle:"single",flexDirection:"column",flexGrow:1,justifyContent:"center",children:s.jsx(r,{dimColor:!0,children:"No finding selected"})});let n;switch(e.kind){case"duplicate":{n=s.jsx(Ni,{finding:e});break}case"optimization":{n=s.jsx(Di,{finding:e});break}case"outdated":{n=s.jsx(Ii,{finding:e});break}case"runtime":{n=s.jsx(Fi,{finding:e});break}case"socket":{n=s.jsx(Ei,{finding:e});break}case"vulnerability":{n=s.jsx(Mi,{finding:e});break}default:{n=s.jsx(r,{dimColor:!0,children:"Unknown finding kind."});break}}return s.jsxs(u,{borderColor:l,borderStyle:"single",flexDirection:"column",flexGrow:1,children:[s.jsxs(u,{flexShrink:0,paddingTop:1,paddingX:2,children:[s.jsx(r,{bold:!0,color:"white",children:e.title}),s.jsxs(r,{dimColor:!0,children:[" ",at[e.section]]})]}),s.jsxs(wt,{flexGrow:1,flexShrink:1,paddingX:2,ref:i,scrollbar:!0,scrollbarColor:"gray",scrollbarStyle:"block",children:[s.jsx(r,{}),n]})]})},ct={error:"red",warn:"yellow"},zi={error:"✖",warn:"⚠"},Oi=e=>e.kind==="outdated"||e.kind==="vulnerability"||e.kind==="socket"?!!e.entry.acceptedRisk:!1,Bi=({finding:e,isSelected:t})=>{const i=ct[e.severity],l=Oi(e);return s.jsxs(u,{flexShrink:0,height:1,children:[s.jsx(r,{children:t?">":" "}),s.jsxs(r,{color:i,children:[" ",zi[e.severity]," "]}),s.jsx(u,{flexGrow:1,children:s.jsx(r,{bold:t,inverse:t,wrap:"truncate",children:e.title})}),l?s.jsx(r,{color:"cyan",children:" ack"}):null,e.subtitle?s.jsxs(r,{dimColor:!0,wrap:"truncate",children:[" ",e.subtitle]}):null]})},Li=({count:e,section:t})=>s.jsxs(u,{flexShrink:0,height:1,marginTop:1,children:[s.jsx(r,{dimColor:!0,children:"▼ "}),s.jsx(r,{bold:!0,color:"white",children:at[t].toUpperCase()}),s.jsxs(r,{dimColor:!0,children:[" (",e,")"]})]}),_i=({count:e,label:t,status:i})=>s.jsxs(r,{children:[t,i==="running"?s.jsxs(r,{children:[" ",s.jsx(st,{type:"dots"})]}):null,i==="error"?s.jsx(r,{bold:!0,color:"red",children:" ✖"}):s.jsxs(r,{dimColor:!0,children:[" (",String(e),")"]})]}),Vi=({elapsedMs:e,entries:t,filterActive:i,filterText:l,filterType:n,focused:o,fromCache:c=!1,grouped:h,onViewportHeightChange:a,scrollOffset:p,sectionCounts:y,sectionMessage:j,sectionStatus:k,selectedIndex:D,severityFilter:$,totalAll:f,viewportHeight:A})=>{const M=o?"white":"gray",{measuredHeight:F,ref:E}=ei(A,a);let R=0,P=0;for(const b of t)b.severity==="error"?R+=1:b.severity==="warn"&&(P+=1);const Y=[];R>0&&Y.push(`${String(R)} error${R===1?"":"s"}`),P>0&&Y.push(`${String(P)} warn${P===1?"":"s"}`);const Z=Y.length>0?` (${Y.join(", ")})`:"",ee=(e/1e3).toFixed(1),W=[];for(const[b,S]of h){W.push(s.jsx(Li,{count:S.length,section:b},`hdr-${b}`));for(const _ of S){const V=t.indexOf(_);W.push(s.jsx(Bi,{finding:_,isSelected:V===D},_.id))}}let B=0;for(const[,b]of h)B+=2+b.length;const L=B>F&&F>0;return s.jsxs(u,{borderColor:M,borderStyle:"single",flexDirection:"column",flexGrow:1,children:[s.jsxs(u,{flexShrink:0,gap:1,paddingX:1,children:[s.jsx(r,{bold:!0,inverse:!0,children:" DOCTOR "}),s.jsxs(r,{wrap:"truncate",children:[t.length,t.length===f?"":`/${String(f)}`," finding",t.length===1?"":"s",Z]}),$?s.jsx(r,{bold:!0,color:ct[$],inverse:!0,children:` ${$.toUpperCase()} ONLY `}):null,c?s.jsx(r,{bold:!0,color:"cyan",inverse:!0,children:" CACHED "}):null,s.jsxs(r,{dimColor:!0,children:[" · ",ee,"s"]})]}),s.jsx(u,{flexShrink:0,paddingX:1,paddingY:1,children:s.jsx(Qt,{isFocused:o,keyMap:{next:[],previous:[],useNumbers:!1,useTab:!1},onChange:()=>{},showIndex:!1,value:n,children:ge.map(({id:b,label:S})=>s.jsx(Zt,{name:b,children:s.jsx(_i,{count:y[b],label:S,status:k[b]})},b))})}),(()=>{const b=Object.keys(k).filter(S=>k[S]==="running"&&j[S]).map(S=>j[S]);return b.length===0?null:s.jsx(u,{flexShrink:0,paddingX:1,children:s.jsxs(r,{dimColor:!0,wrap:"truncate",children:[s.jsx(st,{type:"dots"})," ",b.join(" · ")]})})})(),i&&s.jsxs(u,{flexShrink:0,paddingX:1,children:[s.jsx(r,{bold:!0,color:"white",children:"/ "}),s.jsx(r,{children:l}),s.jsx(r,{inverse:!0,children:" "})]}),s.jsxs(u,{flexDirection:"row",flexGrow:1,overflow:"hidden",ref:E,children:[s.jsx(u,{flexDirection:"column",flexGrow:1,overflow:"hidden",paddingLeft:1,children:s.jsx(u,{flexDirection:"column",marginTop:-p,children:W.length>0?W:s.jsx(u,{marginTop:1,children:s.jsx(r,{dimColor:!0,children:"No findings match the current filter."})})})}),L&&s.jsx(u,{flexShrink:0,marginLeft:1,marginRight:1,children:s.jsx(kt,{contentHeight:B,placement:"inset",scrollOffset:p,style:"block",viewportHeight:F})})]},`list-${n}-${l}`)]})},Gi=e=>{if(e.kind==="outdated")return{command:`vis update ${e.entry.packageName}`,description:`Update ${e.entry.packageName} to ${e.entry.newRange}`};if(e.kind==="duplicate")return{command:`vis dedupe ${e.pkg.name}`,description:`Dedupe ${e.pkg.name} (${String(e.pkg.versions.length)} versions)`}},Ui=e=>{if(e.kind==="optimization")return{command:`vis optimize ${e.entry.packageName}`,description:`Replace ${e.entry.packageName} with ${e.entry.replacement}`}},Hi=e=>{if(e.kind!=="outdated"&&e.kind!=="vulnerability"&&e.kind!=="socket")return;const t=e.kind==="outdated"?e.entry.packageName:e.packageName,i=["// Add to vis.config.ts:","security: {"," acceptedRisks: {",` "${t}": {`,' reason: "explain why this risk is acceptable",',' expiresAt: "YYYY-MM-DD",'," },"," },","},"].join(`
3
+ `);return{command:i,configSnippet:i,description:`Acknowledge risk for ${t}`}},Yi=100,Wi=40,qi=10,Xi=({autoExitSeconds:e=0,banner:t,fromCache:i=!1,startedAt:l,store:n})=>{const{exit:o}=vt(),{columns:c,rows:h}=bt(),a=O.useSyncExternalStore(n.subscribe,n.getSnapshot),[p,y]=O.useState(!1),[j,k]=O.useState(!1),[D,$]=O.useState(0),[f,A]=O.useState(()=>Date.now());O.useEffect(()=>{const x=setInterval(()=>{A(Date.now())},1e3);return()=>{clearInterval(x)}},[]);const M=f-l,F=O.useRef(null),E=O.useRef(null),R=a.entries[a.selectedIndex]??null,P=O.useMemo(()=>{const x={dependencies:0,optimization:0,runtime:0,security:0};for(const m of a.all)x[m.section]+=1;return x},[a.all]),Y=t?t.hint?5:4:0,Z=O.useMemo(()=>{for(const x of Object.keys(a.sectionStatus))if(a.sectionStatus[x]==="running"&&a.sectionMessage[x])return 1;return 0},[a.sectionStatus,a.sectionMessage]),ee=c>=Yi,W=ee?Math.max(1,h-Y-2):Math.floor(h*.55),B=Math.max(1,W-6-Z-(a.filterActive?1:0)),[L,b]=O.useState(B),S=L>0?L:B,_=O.useMemo(()=>{let x=0;for(const[,m]of a.grouped)x+=2+m.length;return x},[a.grouped]),V=Math.max(0,_-S),G=Math.min(D,V),ne=O.useCallback(x=>{let m=0,w=0;for(const[,xe]of a.grouped){m+=2;for(let oe=0;oe<xe.length;oe++){if(w===x)return m;m+=1,w+=1}}return m},[a.grouped]),Q=O.useCallback(x=>{const m=ne(x);$(w=>m>w+S-2?Math.min(V,Math.max(0,m-S+2)):m<w+1?Math.max(0,m-1):w)},[ne,S,V]);if(O.useEffect(()=>{E.current?.scrollToTop()},[R?.id]),jt((x,m)=>{if(x==="c"&&m.ctrl){o();return}if(!j){if(p){m.escape||x==="?"?y(!1):x==="q"?(y(!1),k(!0)):m.downArrow||x==="j"?F.current?.scrollBy(1):(m.upArrow||x==="k")&&F.current?.scrollBy(-1);return}if(x==="?"){y(!0);return}if(x==="q"){k(!0);return}if(m.tab){n.setFocusedPanel(a.focusedPanel==="list"?"detail":"list");return}if(a.filterActive){if(m.escape||m.return){n.setFilterActive(!1);return}if(m.backspace){$(0),n.setFilter(a.filterText.slice(0,-1));return}x&&!m.ctrl&&!m.meta&&($(0),n.setFilter(a.filterText+x));return}if(a.focusedPanel==="list"&&(m.leftArrow||m.rightArrow)){const w=ge.findIndex(oe=>oe.id===a.filterType),xe=m.rightArrow?(w+1)%ge.length:(w-1+ge.length)%ge.length;$(0),E.current?.scrollToTop(),n.setFilterType(ge[xe].id);return}if(a.focusedPanel==="list"){if(m.downArrow||x==="j"){const w=Math.min(a.selectedIndex+1,a.entries.length-1);n.setSelectedIndex(w),Q(w);return}if(m.upArrow||x==="k"){const w=Math.max(a.selectedIndex-1,0);n.setSelectedIndex(w),Q(w);return}if(m.pageDown){const w=Math.min(a.selectedIndex+10,a.entries.length-1);n.setSelectedIndex(w),Q(w);return}if(m.pageUp){const w=Math.max(a.selectedIndex-10,0);n.setSelectedIndex(w),Q(w);return}if(m.home){n.setSelectedIndex(0),$(0);return}if(m.end){const w=a.entries.length-1;n.setSelectedIndex(w),Q(w);return}if(x==="/"){n.setFilterActive(!0);return}if(x==="e"){n.setSeverityFilter(a.severityFilter==="error"?void 0:"error"),$(0);return}if(x==="w"){n.setSeverityFilter(a.severityFilter==="warn"?void 0:"warn"),$(0);return}if(x==="u"&&R){const w=Gi(R);w&&(n.setPendingAction(w),o());return}if(x==="o"&&R){const w=Ui(R);w&&(n.setPendingAction(w),o());return}if(x==="a"&&R){const w=Hi(R);w&&(n.setPendingAction(w),o());return}if(x==="d"){n.setFocusedPanel("detail");return}return}if(m.escape||m.leftArrow){n.setFocusedPanel("list");return}if(m.downArrow||x==="j"){E.current?.scrollBy(1);return}if(m.upArrow||x==="k"){E.current?.scrollBy(-1);return}if(m.pageDown){E.current?.scrollBy(10);return}if(m.pageUp){E.current?.scrollBy(-10);return}if(m.home){E.current?.scrollToTop();return}m.end&&E.current?.scrollToBottom()}},{isActive:!0}),c<Wi||h<qi)return s.jsx(u,{alignItems:"center",height:h,justifyContent:"center",width:c,children:s.jsxs(r,{color:"yellow",children:["Terminal too small (",c,"x",h,")"]})});const z=a.focusedPanel==="detail",U=[s.jsxs(u,{gap:1,children:[s.jsx(r,{bold:!0,color:"white",children:"q"}),s.jsx(r,{dimColor:!0,children:"QUIT"})]},"q"),s.jsxs(u,{gap:1,children:[s.jsx(r,{bold:!0,color:"white",children:"?"}),s.jsx(r,{dimColor:!0,children:"HELP"})]},"?"),s.jsxs(u,{gap:1,children:[s.jsx(r,{bold:!0,color:"white",children:"↑↓"}),s.jsx(r,{dimColor:!0,children:z?"SCROLL":"NAV"})]},"nav"),z?s.jsxs(u,{gap:1,children:[s.jsx(r,{bold:!0,color:"white",children:"←/Esc"}),s.jsx(r,{dimColor:!0,children:"LIST"})]},"lr"):s.jsxs(u,{gap:1,children:[s.jsx(r,{bold:!0,color:"white",children:"←→"}),s.jsx(r,{dimColor:!0,children:"SECTION"})]},"lr"),s.jsxs(u,{gap:1,children:[s.jsx(r,{bold:!0,color:"white",children:"/"}),s.jsx(r,{dimColor:!0,children:"SEARCH"})]},"search"),s.jsxs(u,{gap:1,children:[s.jsx(r,{bold:!0,color:"white",children:"e/w"}),s.jsx(r,{dimColor:!0,children:"SEVERITY"})]},"sev"),s.jsxs(u,{gap:1,children:[s.jsx(r,{bold:!0,color:"white",children:"u/o/a"}),s.jsx(r,{dimColor:!0,children:"ACTION"})]},"actions"),s.jsxs(u,{gap:1,children:[s.jsx(r,{bold:!0,color:"white",children:"Tab"}),s.jsx(r,{dimColor:!0,children:"PANEL"})]},"tab")],te=s.jsx(u,{borderBottom:!1,borderColor:"gray",borderLeft:!1,borderRight:!1,borderStyle:"single",flexShrink:0,children:s.jsx(u,{gap:2,overflow:"hidden",paddingX:1,children:U})}),ce=s.jsxs($t,{footer:s.jsxs(r,{dimColor:!0,children:[s.jsx(r,{bold:!0,color:"white",children:"↑↓"})," scroll ",s.jsx(r,{bold:!0,color:"white",children:"?"}),"/",s.jsx(r,{bold:!0,color:"white",children:"Esc"})," close"]}),scrollRef:F,title:"DOCTOR — KEYBOARD SHORTCUTS",visible:p,width:56,children:[s.jsxs(u,{flexDirection:"column",marginBottom:1,children:[s.jsxs(u,{marginBottom:1,children:[s.jsx(r,{dimColor:!0,children:"── "}),s.jsx(r,{bold:!0,color:"white",children:"NAVIGATION"})]}),s.jsxs(u,{children:[s.jsx(u,{width:26,children:s.jsxs(r,{children:[s.jsx(r,{bold:!0,color:"white",children:" ↑/k "}),s.jsx(r,{dimColor:!0,children:"Move up"})]})}),s.jsxs(r,{children:[s.jsx(r,{bold:!0,color:"white",children:" ↓/j "}),s.jsx(r,{dimColor:!0,children:"Move down"})]})]}),s.jsxs(u,{children:[s.jsx(u,{width:26,children:s.jsxs(r,{children:[s.jsx(r,{bold:!0,color:"white",children:" PgUp"}),s.jsx(r,{dimColor:!0,children:" Jump up 10"})]})}),s.jsxs(r,{children:[s.jsx(r,{bold:!0,color:"white",children:" PgDn"}),s.jsx(r,{dimColor:!0,children:" Jump down 10"})]})]}),s.jsxs(u,{children:[s.jsx(u,{width:26,children:s.jsxs(r,{children:[s.jsx(r,{bold:!0,color:"white",children:" Home"}),s.jsx(r,{dimColor:!0,children:" Jump to top"})]})}),s.jsxs(r,{children:[s.jsx(r,{bold:!0,color:"white",children:" End"}),s.jsx(r,{dimColor:!0,children:" Jump to bottom"})]})]}),s.jsxs(r,{children:[s.jsx(r,{bold:!0,color:"white",children:" Tab"}),s.jsx(r,{dimColor:!0,children:" Switch panel"})]}),s.jsxs(r,{children:[s.jsx(r,{bold:!0,color:"white",children:" →/←"}),s.jsx(r,{dimColor:!0,children:" Section tabs (list) / Focus list (detail)"})]})]}),s.jsxs(u,{flexDirection:"column",marginBottom:1,children:[s.jsxs(u,{marginBottom:1,children:[s.jsx(r,{dimColor:!0,children:"── "}),s.jsx(r,{bold:!0,color:"white",children:"FILTER"})]}),s.jsxs(r,{children:[s.jsx(r,{bold:!0,color:"white",children:" /"}),s.jsx(r,{dimColor:!0,children:" Open text filter (Esc/Enter to close)"})]}),s.jsxs(r,{children:[s.jsx(r,{bold:!0,color:"white",children:" e"}),s.jsx(r,{dimColor:!0,children:" Toggle errors-only filter"})]}),s.jsxs(r,{children:[s.jsx(r,{bold:!0,color:"white",children:" w"}),s.jsx(r,{dimColor:!0,children:" Toggle warns-only filter"})]})]}),s.jsxs(u,{flexDirection:"column",marginBottom:1,children:[s.jsxs(u,{marginBottom:1,children:[s.jsx(r,{dimColor:!0,children:"── "}),s.jsx(r,{bold:!0,color:"white",children:"ACTIONS"})]}),s.jsxs(r,{children:[s.jsx(r,{bold:!0,color:"white",children:" u"}),s.jsx(r,{dimColor:!0,children:" Exit + suggest update / dedupe command"})]}),s.jsxs(r,{children:[s.jsx(r,{bold:!0,color:"white",children:" o"}),s.jsx(r,{dimColor:!0,children:" Exit + suggest optimize command"})]}),s.jsxs(r,{children:[s.jsx(r,{bold:!0,color:"white",children:" a"}),s.jsx(r,{dimColor:!0,children:" Exit + print risk-ack snippet"})]}),s.jsxs(r,{children:[s.jsx(r,{bold:!0,color:"white",children:" d"}),s.jsx(r,{dimColor:!0,children:" Focus detail panel"})]})]}),s.jsxs(u,{flexDirection:"column",children:[s.jsxs(u,{marginBottom:1,children:[s.jsx(r,{dimColor:!0,children:"── "}),s.jsx(r,{bold:!0,color:"white",children:"EXIT"})]}),s.jsxs(r,{children:[s.jsx(r,{bold:!0,color:"white",children:" q"}),s.jsx(r,{dimColor:!0,children:" Quit (with countdown)"})]}),s.jsxs(r,{children:[s.jsx(r,{bold:!0,color:"white",children:" Ctrl+C"}),s.jsx(r,{dimColor:!0,children:" Quit immediately"})]})]})]}),de=s.jsx(Vi,{elapsedMs:M,entries:a.entries,filterActive:a.filterActive,filterText:a.filterText,filterType:a.filterType,focused:a.focusedPanel==="list",fromCache:i,grouped:a.grouped,onViewportHeightChange:b,scrollOffset:G,sectionCounts:P,sectionMessage:a.sectionMessage,sectionStatus:a.sectionStatus,selectedIndex:a.selectedIndex,severityFilter:a.severityFilter,totalAll:a.all.length,viewportHeight:S}),ue=t?s.jsx(Ci,{hint:t.hint,message:t.message,severity:t.severity,title:t.title}):null,me=s.jsx(Pi,{finding:R,focused:a.focusedPanel==="detail",scrollRef:E});if(ee){const x=Math.floor(c*.4);return s.jsxs(u,{flexDirection:"column",height:h,width:c,children:[ue,s.jsxs(u,{flexDirection:"row",flexGrow:1,children:[s.jsx(u,{flexGrow:1,children:de}),s.jsx(u,{width:x,children:me})]}),te,s.jsx(Pe,{autoExitSeconds:e||3,onCancel:()=>{k(!1)},visible:j}),ce]})}return s.jsxs(u,{flexDirection:"column",height:h,width:c,children:[ue,s.jsx(u,{height:W,children:de}),s.jsx(u,{flexGrow:1,children:me}),te,s.jsx(Pe,{autoExitSeconds:e||3,onCancel:()=>{k(!1)},visible:j}),ce]})},Ki=e=>e.replaceAll(/[$()+.?[\\\]^{|}]/g,String.raw`\$&`),Ji=e=>{const t=e.split("*").map(i=>Ki(i));return new RegExp(`^${t.join(".*")}$`,"i")},Qi=e=>e?e.split(",").map(t=>t.trim()).filter(t=>t.length>0).map(t=>Ji(t)):[],Se=(e,t)=>{for(const i of t)if(i.test(e))return!0;return!1},Zi=(e,t,i)=>{if(t.length===0)return e;const l=e.outdated.filter(p=>Se(p.packageName,t)),n=e.duplicates.filter(p=>Se(p.name,t)),o=e.optimizations.filter(p=>Se(p.packageName,t));let c=0,h=0,a=0;for(const p of l)p.vulnerabilities&&(c+=p.vulnerabilities.length),p.socketReport&&(h+=p.socketReport.alerts.length,p.socketReport.score.overall<i&&(a+=1));return{...e,duplicates:n,optimizations:o,outdated:l,socketIssues:{alerts:h,lowScore:a},vulnCount:c}},dt=(e,t)=>t.length===0?[...e]:e.filter(i=>{if(i.kind==="runtime")return!0;const l=i.kind==="duplicate"?i.pkg.name:i.kind==="outdated"||i.kind==="optimization"?i.entry.packageName:i.packageName;return Se(l,t)}),ut=["dependencies","security","optimization","runtime"],Ge=e=>{const t=new Set;if(!e)return t;for(const i of e.split(",")){const l=i.trim().toLowerCase();ut.includes(l)&&t.add(l)}return t},es=(e,t)=>{if(e!==void 0&&e!=="")return Ge(e);const i=Ge(t);return new Set(ut.filter(l=>!i.has(l)))},ht=e=>{const t={micro:0,native:0,preferred:0,socket:0,total:e.length};for(const i of e)switch(i.category){case"micro-utility":{t.micro+=1;break}case"native":{t.native+=1;break}case"preferred":{t.preferred+=1;break}case"socket":{t.socket+=1;break}}return t},se=(e,t)=>{if(!e.sections.has(t))return"skip";switch(t){case"dependencies":return e.outdated.length>0||e.duplicates.length>0?"warn":"ok";case"optimization":return e.optimizations.length>0?"warn":"ok";case"runtime":return e.runtime.some(i=>i.status==="warn")?"warn":"ok";case"security":return e.vulnCount>0||e.socketIssues.alerts>0?"error":e.socketIssues.lowScore>0?"warn":"ok";default:return"ok"}},ts=(e,t)=>{const i=ht(e.optimizations),l={dependencies:se(e,"dependencies"),optimization:se(e,"optimization"),runtime:se(e,"runtime"),security:se(e,"security")},n=new Set([...Object.values(l),e.supplyChain.status]),o=n.has("error")?"error":n.has("warn")?"warn":"ok";return{dependencies:{duplicates:e.duplicates.length,installed:e.installedCount,outdated:e.outdated.length,status:l.dependencies},elapsedMs:e.elapsedMs,optimizations:{microUtilities:i.micro,native:i.native,preferred:i.preferred,socket:i.socket,status:l.optimization,total:i.total},packageManager:t,runtime:e.runtime.map(c=>({detail:c.detail,id:c.id,message:c.message,status:c.status})),runtimeStatus:l.runtime,security:{alerts:e.socketIssues.alerts,lowScorePackages:e.socketIssues.lowScore,status:l.security,vulnerabilities:e.vulnCount},status:o,supplyChain:{findings:e.supplyChain.findings.map(c=>({detail:c.detail,label:c.label,severity:c.severity})),status:e.supplyChain.status},workspaces:e.workspaceCount}},Ue=(e,t)=>{const i=e.runtime.some(n=>n.status==="warn"),l=e.vulnCount>0||e.socketIssues.alerts>0;return t?l||e.outdated.length>0||e.duplicates.length>0||i:l},is=["aube-workspace.yaml","pnpm-workspace.yaml"],we=e=>typeof e=="boolean"?e:void 0,ss=e=>{if(e==="no-downgrade"||e==="off")return e},rs=e=>{const t={allowBuildsCount:0,blockExoticSubdeps:void 0,jailBuilds:void 0,minimumReleaseAge:void 0,minimumReleaseAgeStrict:void 0,paranoid:void 0,source:void 0,strictDepBuilds:void 0,trustPolicy:void 0};for(const i of is){const l=q(e,i);if(!be(l))continue;let n;try{n=At(Ct(l))}catch{continue}if(typeof n!="object"||n===null)continue;const o=n;return t.source=i,t.paranoid=we(o.paranoid),t.trustPolicy=ss(o.trustPolicy),t.blockExoticSubdeps=we(o.blockExoticSubdeps),t.jailBuilds=we(o.jailBuilds),t.strictDepBuilds=we(o.strictDepBuilds),t.minimumReleaseAgeStrict=we(o.minimumReleaseAgeStrict),typeof o.minimumReleaseAge=="number"&&Number.isFinite(o.minimumReleaseAge)&&(t.minimumReleaseAge=o.minimumReleaseAge),o.allowBuilds&&typeof o.allowBuilds=="object"&&!Array.isArray(o.allowBuilds)&&(t.allowBuildsCount=Object.keys(o.allowBuilds).length),t}return t},ns=e=>e.paranoid?{...e,jailBuilds:!0,minimumReleaseAgeStrict:!0,strictDepBuilds:!0,trustPolicy:"no-downgrade"}:e,os=/^(@[\w./-]+\/[\w./-]+|[\w.-]+)@(.+)$/,ls=e=>{const t=os.exec(e);if(t)return{name:t[1],version:t[2]}},as=(e,t)=>{let i;try{if(t==="pnpm"){const n=q(e,"pnpm-workspace.yaml");be(n)&&(i=ti(n)?.patchedDependencies)}else if(t==="bun"){const n=q(e,"package.json");be(n)&&(i=et(n)?.patchedDependencies)}}catch{return[]}if(!i||typeof i!="object")return[];const l=[];for(const[n,o]of Object.entries(i)){if(typeof o!="string"||o.length===0)continue;const c=ls(n);c&&l.push({name:c.name,patchFile:o,resolvedPatchFile:Rt(o)?o:Xe(e,o),version:c.version})}return l},cs=e=>{const t=[];for(const i of e)be(i.resolvedPatchFile)||t.push({entry:i,kind:"missing-file"});return t},He=e=>e.some(t=>t.severity==="error")?"error":e.some(t=>t.severity==="warn")?"warn":"ok",ds=(e,t={})=>{const i=[],l=e?.security;if(!l)return i.push({detail:"Use defineConfig() from '@visulima/vis/config' to apply secure defaults.",label:"No security config — running with the PM's native defaults",severity:"warn"}),{findings:i,status:He(i)};const n=l.policies?.firstSeen?.minutes,o=l.policies?.publisherChange,c=l.policies?.installScripts;n===void 0?i.push({detail:"Set security.policies.firstSeen.minutes to block packages published in the last N minutes (mitigates supply-chain attacks).",label:"policies.firstSeen.minutes is not set",severity:"warn"}):n===0?i.push({detail:"New packages can be installed immediately after publishing. Consider setting a non-zero cooldown.",label:"policies.firstSeen.minutes is explicitly 0",severity:"warn"}):i.push({label:`policies.firstSeen.minutes: ${String(n)} minutes`,severity:"ok"}),o?.mode===void 0||o.mode==="off"?i.push({detail:"Packages whose trust level has decreased will not be blocked. Consider 'no-downgrade'.",label:`policies.publisherChange.mode: ${o?.mode??"not set"}`,severity:"warn"}):i.push({label:`policies.publisherChange.mode: ${o.mode}`,severity:"ok"}),l.blockExoticSubdeps===void 0||!l.blockExoticSubdeps?i.push({detail:"Transitive dependencies can pull code from git repos or tarball URLs. Set to true to block.",label:`blockExoticSubdeps: ${String(l.blockExoticSubdeps??!1)}`,severity:"warn"}):i.push({label:"blockExoticSubdeps: true",severity:"ok"});const h=c?.allow?Object.keys(c.allow).length:0;if(h===0?i.push({detail:"Lifecycle scripts are blocked by default. List trusted packages here to opt them back in (e.g. esbuild, @prisma/client).",label:"policies.installScripts.allow: not configured",severity:"warn"}):i.push({label:`policies.installScripts.allow: ${String(h)} ${h===1?"entry":"entries"}`,severity:"ok"}),c?.strict&&h===0&&i.push({detail:"All dependencies with build scripts will be blocked. Run 'vis approve-builds' to populate the allow list.",label:"policies.installScripts.strict is on but allow is empty",severity:"error"}),t.workspaceRoot){const a=ii(t.workspaceRoot);if(a.length>0){const p=[...new Set(a.map(y=>y.tool))].sort((y,j)=>y.localeCompare(j)).join(", ");i.push({detail:"Run `vis migrate verify` for the full list, then re-run `vis migrate <tool>` to clean up.",label:`${String(a.length)} leftover ${a.length===1?"reference":"references"} to ${p}`,severity:"warn"})}}if(t.workspaceRoot&&t.packageManager==="aube"){const a=rs(t.workspaceRoot),p=ns(a),y=p.source?` (from ${p.source})`:"";p.paranoid===!0&&i.push({detail:"Forces jailBuilds, trustPolicy=no-downgrade, minimumReleaseAgeStrict, strictStoreIntegrity, and strictDepBuilds on.",label:`aube paranoid: true${y}`,severity:"ok"}),p.trustPolicy==="off"&&i.push({detail:"Trust downgrades between releases will not be blocked. Set trustPolicy: no-downgrade in aube-workspace.yaml.",label:`aube trustPolicy: off${y}`,severity:"warn"}),p.blockExoticSubdeps===!1&&i.push({detail:"Transitive deps from git+, file:, and tarball URLs will not be blocked. Re-enable with blockExoticSubdeps: true.",label:`aube blockExoticSubdeps: false${y}`,severity:"warn"}),p.minimumReleaseAge===0&&i.push({detail:"Newly published versions are not held in a cooling window. Restore with minimumReleaseAge: 1440 (24h) or higher.",label:`aube minimumReleaseAge: 0${y}`,severity:"warn"}),p.jailBuilds===!0&&i.push({label:`aube jailBuilds: true${y}`,severity:"ok"}),p.strictDepBuilds===!0&&i.push({label:`aube strictDepBuilds: true${y}`,severity:"ok"}),p.allowBuildsCount>0&&i.push({label:`aube allowBuilds: ${String(p.allowBuildsCount)} ${p.allowBuildsCount===1?"entry":"entries"}${y}`,severity:"ok"})}if(t.workspaceRoot&&t.packageManager){const a=as(t.workspaceRoot,t.packageManager);if(a.length>0){const p=cs(a);if(p.length===0)i.push({label:`patchedDependencies: ${String(a.length)} ${a.length===1?"entry":"entries"} resolved`,severity:"ok"});else for(const y of p)i.push({detail:`Referenced from ${t.packageManager==="pnpm"?"pnpm-workspace.yaml":"package.json"} but the file is not present at ${y.entry.patchFile}.`,label:`patchedDependencies: missing patch file for ${y.entry.name}@${y.entry.version}`,severity:"error"})}}return{findings:i,status:He(i)}},H=e=>e>=1e3?`${(e/1e3).toFixed(1)}s`:`${String(Math.round(e))}ms`,je=async(e,t,i,l)=>{if(!e)return i();e.start(t);const n=Date.now();try{const o=await i(),c=Date.now()-n,{status:h,summary:a}=l(o,c);return e.finish(t,h,a),o}catch(o){const c=Date.now()-n,h=o instanceof Error?o.message:String(o);throw e.finish(t,"error",`${h} (${H(c)})`),o}},us=(e,t)=>{const i={duplicates:t.duplicates,optimizations:t.optimizations,outdated:t.outdated,runtime:t.runtime,sections:new Set([e])};return lt(i)},Ye=async e=>{const{filterPatterns:t,installed:i,progress:l,resolveCodemods:n,sections:o,store:c,visConfig:h,workspaceRoot:a}=e,p=o.has("dependencies"),y=o.has("security"),j=o.has("optimization"),k=o.has("runtime"),D=(g,T)=>dt(us(g,T),t),$=it(a),{packageManager:f}=qe(a),A=Be(q(a,"package.json"),!1),M=tt(a),F=new Set(A);for(const g of M){const T=Be(q(Xe(a,g),"package.json"),!1);for(const I of T)F.add(I)}const E=Nt(a),R=Ke(a,f),P=Je(h?.security,{minimumScore:h?.security?.policies?.score?.minimum}),Y=h?.security?.policies?.score?.minimum??Qe,Z=h?.security?.acceptedRisks,ee=Lt(a,$.name),W={exclude:[],ignore:[],include:[],includeLocked:!1,includePrerelease:!1,security:!0,target:"latest"},B=p?Jt(a,$.name):[],L=j?_t(F):[],b=j?Vt(F,ee,$,!1):[],S=new Set(L.map(g=>g.packageName)),_=b.filter(g=>!S.has(g.packageName)),V=[...L,..._],G=k?ki(a):[];c&&(p&&c.startSection("dependencies",R.size>0?"checking outdated catalog dependencies":"scanning duplicates"),y&&c.startSection("security",i.length>0?`scanning ${String(i.length)} packages for advisories`:"no installed packages to scan"),j&&c.startSection("optimization","matching e18e + socket overrides"),k&&c.startSection("runtime","running runtime diagnostics")),c&&k&&c.completeSection("runtime",D("runtime",{duplicates:[],optimizations:[],outdated:[],runtime:G}));const ne=(p||y)&&R.size>0?je(l,"outdated",()=>Mt(R,W,E,void 0,a,P,Z),(g,T)=>{const I=g.outdated.length;return{status:I>0?"warn":"ok",summary:I>0?`${String(I)} outdated · ${H(T)}`:`up to date · ${H(T)}`}}):Promise.resolve({failed:[],ignored:[],outdated:[]}),Q=y&&i.length>0?je(l,"vulnerabilities",()=>Et(i.map(g=>({name:g.name,version:g.version}))),(g,T)=>{let I=0;for(const ie of g.values())I+=ie.length;return{status:I>0?"error":"ok",summary:I>0?`${String(I)} found · ${H(T)}`:`none found · ${H(T)}`}}):Promise.resolve(new Map),z=y&&P.length>0&&i.length>0?je(l,"socket",()=>Dt(P,i.map(g=>({name:g.name,version:g.version}))),(g,T)=>{let I=0,ie=0;for(const Fe of g.values())I+=Fe.alerts.length,Fe.score.overall<Y&&(ie+=1);const De=I+ie;return{status:De>0?"warn":"ok",summary:De>0?`${String(I)} alert${I===1?"":"s"}, ${String(ie)} low-score · ${H(T)}`:`clean · ${H(T)}`}}):Promise.resolve(new Map);let U,te,ce,de;const ue=ne.catch(g=>(U=g instanceof Error?g.message:String(g),c||d.warn(`Outdated scan failed: ${U}`),{failed:[],ignored:[],outdated:[]})),me=Q.catch(g=>(te=g instanceof Error?g.message:String(g),c||d.warn(`Vulnerability scan failed: ${te}`),new Map)),x=z.catch(g=>(ce=g instanceof Error?g.message:String(g),c||d.warn(`Socket scan failed: ${ce}`),new Map)),m=c&&p?ue.then(g=>{if(U){c.failSection("dependencies",U);return}c.completeSection("dependencies",D("dependencies",{duplicates:B,optimizations:[],outdated:g.outdated,runtime:[]}))}):void 0,w=c&&y?Promise.all([ue,me,x]).then(([g])=>{const T=U??te??ce;if(T){c.failSection("security",T);return}c.completeSection("security",D("security",{duplicates:[],optimizations:[],outdated:g.outdated,runtime:[]}))}):void 0,xe=(async()=>{if(n&&j&&V.length>0&&await je(l,"codemods",async()=>(await Ht(V),V),(g,T)=>{const I=g.filter(ie=>ie.hasCodemod||ie.category==="socket").length;return{status:"ok",summary:`${String(I)} auto-fixable · ${H(T)}`}}).catch(g=>{de=g instanceof Error?g.message:String(g)}),c&&j){if(de){c.failSection("optimization",de);return}c.completeSection("optimization",D("optimization",{duplicates:[],optimizations:V,outdated:[],runtime:[]}))}})(),[oe,gt,ft]=await Promise.all([ue,me,x]);await Promise.all([m,w,xe]);let Me=0,Ee=0;if(y&&P.length>0)for(const g of ft.values())Me+=g.alerts.length,g.score.overall<Y&&(Ee+=1);let Te=0;if(y){for(const g of oe.outdated)g.vulnerabilities&&g.vulnerabilities.length>0&&(Te+=g.vulnerabilities.length);for(const g of gt.values())Te+=g.length}return{duplicates:B,installedCount:i.length,optimizations:j?V:[],outdated:p?oe.outdated:[],runtime:G,sections:o,socketIssues:{alerts:Me,lowScore:Ee},supplyChain:ds(h,{packageManager:f,workspaceRoot:a}),vulnCount:Te,workspaceCount:M.length}},hs=e=>{switch(e){case"error":return ve(N.failure);case"skip":return v(N.dash);case"warn":return Re(N.warning);default:return fe(N.success)}},ae=(e,t)=>{const i=process.stderr.columns??80,l=Math.max(20,Math.min(i-2,60)),n=N.dash.repeat(2),o=`${hs(t)} ${le(e)}`,c=o.replaceAll(/\[[0-9;]*m/g,"").length,h=Math.max(0,l-c-n.length-2);return`${n} ${o} ${v(N.dash.repeat(h))}`},J=e=>` ${fe(N.success)} ${e}`,X=e=>` ${Re(N.warning)} ${e}`,Ne=e=>` ${ve(N.failure)} ${e}`,pt=e=>` ${v(N.dash)} ${v(e)}`,K=(e,t,i)=>{const l=`${le(String(e))} ${v(t)}`;return i?`${l} ${v(`(${i})`)}`:l},ps=e=>{if(e.sections.has("dependencies")){if(d.log(""),d.log(ae("Dependencies",se(e,"dependencies"))),d.log(J(K(e.installedCount,"packages installed"))),e.outdated.length>0){const t=e.outdated.filter(o=>o.updateType==="major").length,i=e.outdated.filter(o=>o.updateType==="minor").length,l=e.outdated.filter(o=>o.updateType==="patch").length,n=[];t>0&&n.push(`${String(t)} major`),i>0&&n.push(`${String(i)} minor`),l>0&&n.push(`${String(l)} patch`),d.log(X(K(e.outdated.length,"outdated",n.join(", "))))}else d.log(J("All dependencies up to date"));e.duplicates.length>0?d.log(X(K(e.duplicates.length,"packages with duplicate versions"))):d.log(J("No duplicate dependencies"))}},gs=e=>{e.sections.has("security")&&(d.log(""),d.log(ae("Security",se(e,"security"))),e.vulnCount>0?d.log(Ne(K(e.vulnCount,`vulnerabilit${e.vulnCount===1?"y":"ies"} found`))):d.log(J("No known vulnerabilities")),e.socketIssues.alerts>0&&d.log(X(K(e.socketIssues.alerts,`Socket.dev security alert${e.socketIssues.alerts===1?"":"s"}`))),e.socketIssues.lowScore>0&&d.log(X(K(e.socketIssues.lowScore,`package${e.socketIssues.lowScore===1?"":"s"} with low security score`))),e.socketIssues.alerts===0&&e.socketIssues.lowScore===0&&e.vulnCount===0&&d.log(J("No security issues detected")))},fs=e=>{if(!e.sections.has("optimization"))return;d.log(""),d.log(ae("Optimization",se(e,"optimization")));const t=ht(e.optimizations);if(t.total===0){d.log(J("No optimizations available"));return}t.native>0&&d.log(X(K(t.native,"replaceable with native APIs"))),t.preferred>0&&d.log(X(K(t.preferred,"with lighter alternatives"))),t.micro>0&&d.log(X(K(t.micro,"trivial micro-utilities"))),t.socket>0&&d.log(X(K(t.socket,"@socketregistry overrides available")))},ms=e=>{d.log(""),d.log(ae("Supply Chain",e.supplyChain.status));for(const t of e.supplyChain.findings){const i=t.severity==="ok"?J(t.label):t.severity==="error"?Ne(t.label):X(t.label);d.log(i),t.detail&&d.log(` ${v(N.arrow)} ${v(t.detail)}`)}e.supplyChain.status!=="ok"&&d.log(` ${v(N.arrow)} ${v("Configure with security.* in vis.config.ts. See `vis check --security-config` for details.")}`)},xs=e=>{if(e.sections.has("runtime")){d.log(""),d.log(ae("Runtime",se(e,"runtime")));for(const t of e.runtime)t.status==="ok"?d.log(J(t.message)):t.status==="skip"?d.log(pt(t.message)):d.log(X(t.message))}},ys=(e,t)=>{const i=e.vulnCount,l=e.runtime.filter(o=>o.status==="warn").length,n=e.outdated.length+e.duplicates.length+e.optimizations.length+l;if(t){if(i===0&&n===0)d.success(`Everything looks good! ${v(`(${H(e.elapsedMs)})`)}`);else{const o=[];i>0&&o.push(ve(`${String(i)} security`)),n>0&&o.push(Re(`${String(n)} improvement${n===1?"":"s"}`)),d.log(`${ve(N.failure)} ${o.join(", ")} ${v(`(${H(e.elapsedMs)})`)}`)}return}d.log(""),d.log(ae("Summary","ok")),i===0&&n===0?d.success(`Everything looks good! ${v(`(${H(e.elapsedMs)})`)}`):(i>0&&d.error(`${String(i)} security issue${i===1?"":"s"}`),n>0&&d.log(` ${ke(N.arrow)} ${le(String(n))} ${v(`improvement${n===1?"":"s"} available`)} ${v(`(${H(e.elapsedMs)})`)}`))},ws=e=>{const t=[];if(e.outdated.length>0&&t.push("vis update — update outdated dependencies"),(e.vulnCount>0||e.socketIssues.alerts>0)&&t.push("vis audit — detailed security analysis"),e.optimizations.length>0&&t.push("vis optimize — apply optimizations interactively"),e.duplicates.length>0&&t.push("vis dedupe — reduce duplicate versions"),t.length>0){d.log(""),d.log(le("Next steps:"));for(const i of t)d.log(` ${v(N.arrow)} ${i}`)}d.log("")},ks=(e,t)=>{t||(ps(e),gs(e),fs(e),xs(e),ms(e)),ys(e,t)},vs=(e,t,i,l,n)=>{const o=[],c=e.has("dependencies"),h=e.has("security"),a=e.has("optimization");return(c||h)&&t>0&&o.push({id:"outdated",label:"Outdated catalog dependencies"}),h&&l>0&&o.push({id:"vulnerabilities",label:"Known vulnerabilities (OSV)"}),h&&i&&l>0&&o.push({id:"socket",label:"Socket.dev supply-chain reports"}),a&&n&&o.push({id:"codemods",label:"Codemod availability"}),o},bs=e=>{if(d.log(""),d.log(`${le(ke("vis doctor"))} ${v("— project health check")}`),d.log(J(`Detected ${e.packageManagerName} v${e.packageManagerVersion}`)),e.runtimeFindings.length===0)d.log(J(`Node.js ${e.nodeVersion}`));else{for(const t of e.runtimeFindings){const i=t.severity==="error"?ve:Re;d.log(Ne(`Runtime: ${i(t.message)}`))}d.log(` ${v(N.arrow)} Run ${fe("vis toolchain install")} to install pinned versions, or ${fe("vis toolchain status")} for the per-tool breakdown.`)}d.log("")},Us=async({fs:e,logger:t,options:i,visConfig:l,visConfigError:n,workspaceRoot:o})=>{if(!o)throw new Error("Could not determine workspace root.");const c=i.format==="json"||i.json===!0,h=es(i.only,i.skip),a=!!i.quiet,p=i.progress===!1,y=Qi(i.filter);if(h.size===0){d.error("No sections selected. Check your --only / --skip values."),process.exitCode=2;return}const j=Date.now(),k=it(o),D=Wt(o),$=!!process.stdout.isTTY,f=!c&&$&&!Ot&&!a&&!p;!c&&!f&&bs({nodeVersion:process.versions.node,packageManagerName:k.name,packageManagerVersion:k.version,runtimeFindings:D});const A=Ke(o,qe(o).packageManager),M=Xt(o,k.name),F=M.length,E=Je(l?.security).length>0,R=l?.security?.policies?.score?.minimum??Qe,P=tt(o);if(!c&&!a&&!f){const z=P.length>0?v(` · ${String(P.length)} workspace package${P.length===1?"":"s"}`):"";d.log(`${v("·")} ${v("Found")} ${le(String(F))} ${v(`installed package${F===1?"":"s"}`)}${z}`)}const Y=n?{hint:n.file?`Continuing with default settings — fix or regenerate ${n.file} (vis init --force).`:"Continuing with default settings.",message:n.message,severity:"error",title:n.file?`Failed to load ${n.file}`:"Failed to load vis.config"}:void 0,Z=Kt(o,k.name)?.file,ee=Z?q(o,Z):void 0,W=Bt(o),B=i.cache!==!1&&!i.fix?ni({configPath:W,lockfilePath:ee,sections:h,socketEnabled:E,workspaceRoot:o}):void 0,L=B?oi(B):void 0,b=L!==void 0;let S,_;if(f){const z=L?new _e({activeSections:h,findings:dt(lt(L),y)}):new _e({activeSections:h}),U=Tt(It.createElement(Xi,{banner:Y,fromCache:b,startedAt:j,store:z}),{alternateScreen:!0,exitOnCtrlC:!1,interactive:!0,patchConsole:!0});try{S=L??await Ye({filterPatterns:y,installed:M,resolveCodemods:!!i.fix,sections:h,store:z,visConfig:l,workspaceRoot:o})}catch(te){throw U.unmount(),te}await U.waitUntilExit(),_=z.getSnapshot().pendingAction}else if(L)S=L;else{const z=vs(h,A.size,E,F,!!i.fix),U=qt(z,{live:!c&&!a&&!p});try{S=await Ye({filterPatterns:y,installed:M,progress:U,resolveCodemods:!!i.fix,sections:h,visConfig:l,workspaceRoot:o})}finally{U.stop()}}const V={...S,elapsedMs:Date.now()-j};if(B&&!b)try{li(B,V)}catch{}const G=Zi(V,y,R);if(c){process.stdout.write(`${JSON.stringify(ts(G,k.name),void 0,2)}
4
+ `),i.exitCode&&Ue(G,!!i.strict)&&(process.exitCode=1);return}b&&!a&&d.log(`${v("·")} Cached results (use --no-cache to refresh)`),y.length>0&&!a&&d.log(`${v("·")} Filter active: ${ke(i.filter??"")}`),ks(G,a);const ne=G.runtime.some(z=>z.id===$e&&z.status==="warn"),Q=G.sections.has("optimization")&&G.optimizations.length>0;i.fix&&(Q||ne)?await js({force:!!i.fixForce,fs:e,logger:t,pm:k,recoverOrphans:ne,results:G,useEditorconfig:l?.editorconfig??!0,workspaceRoot:o}):a||ws(G),_&&(process.stdout.write(`
5
5
  `),process.stdout.write(`${le("→ ")}${_.description}
6
6
  `),_.configSnippet?(process.stdout.write(`
7
7
  `),process.stdout.write(`${v(_.configSnippet)}
8
8
  `)):process.stdout.write(` ${ke(_.command)}
9
9
  `),process.stdout.write(`
10
- `)),i.exitCode&&Ue(G,!!i.strict)&&(process.exitCode=1)},js=async e=>{const{force:t,fs:i,logger:l,pm:n,recoverOrphans:o,results:c,useEditorconfig:h,workspaceRoot:a}=e;d.log(""),d.log(ae("Applying fixes","ok"));const p=c.optimizations.filter(f=>f.category==="socket"&&f.overrideSpec).map(f=>({original:f.packageName,spec:f.overrideSpec})),w=c.optimizations.filter(f=>f.category!=="socket"&&f.hasCodemod),j=c.optimizations.filter(f=>f.category!=="socket"&&!f.hasCodemod);let k=!1,D=0;const $=[];if(o){const f=hi({force:t});if(f.killed.length>0&&(d.success(`Cleaned up ${String(f.killed.length)} orphaned process${f.killed.length===1?"":"es"} (PIDs: ${f.killed.join(", ")}).`),k=!0),f.failed.length>0){const T=t?"":" Re-run with `--fix --fix-force` to escalate to SIGKILL.";d.warn(`Could not signal ${String(f.failed.length)} orphan${f.failed.length===1?"":"s"}: ${f.failed.map(M=>`${String(M.pid)} (${M.reason})`).join(", ")}.${T}`)}}if(p.length>0){const f=Gt(a,q(a,"package.json"),p,n,h);f.added.length>0&&(d.success(`Added ${String(f.added.length)} security override${f.added.length===1?"":"s"}.`),k=!0),f.updated.length>0&&(d.success(`Updated ${String(f.updated.length)} override${f.updated.length===1?"":"s"}.`),k=!0)}for(const f of w)try{const T=await Ut(i,a,f.packageName);T.filesChanged>0&&(d.success(`${f.packageName}: ${String(T.filesChanged)} file${T.filesChanged===1?"":"s"} updated`),D+=1,k=!0)}catch(T){const M=T instanceof Error?T.message:String(T);$.push({error:M,package:f.packageName}),d.warn(`${f.packageName}: codemod failed — ${M}`)}p.length>0&&(d.log(`${ke(N.arrow)} Running ${n.name} install to update lockfile…`),Yt(n,{dev:!1,filter:[],force:!1,frozenLockfile:!1,ignoreScripts:!1,lockfileOnly:!1,noOptional:!1,offline:!1,prod:!1,recursive:!1,silent:!1,workspaceRoot:!1},a,l),k=!0),d.log(""),k?d.success(`Fixes applied. ${D>0?`${String(D)} codemod${D===1?"":"s"} applied.`:""}`.trim()):d.log(pt("No auto-fixable items in the current run.")),$.length>0&&d.warn(`${String($.length)} codemod${$.length===1?"":"s"} failed (run ${fe("vis optimize")} for the interactive picker).`),j.length>0&&d.notice(`${String(j.length)} optimization${j.length===1?"":"s"} need manual review (no codemod). Run ${fe("vis optimize")} to inspect them.`)};export{Hs as default};
10
+ `)),i.exitCode&&Ue(G,!!i.strict)&&(process.exitCode=1)},js=async e=>{const{force:t,fs:i,logger:l,pm:n,recoverOrphans:o,results:c,useEditorconfig:h,workspaceRoot:a}=e;d.log(""),d.log(ae("Applying fixes","ok"));const p=c.optimizations.filter(f=>f.category==="socket"&&f.overrideSpec).map(f=>({original:f.packageName,spec:f.overrideSpec})),y=c.optimizations.filter(f=>f.category!=="socket"&&f.hasCodemod),j=c.optimizations.filter(f=>f.category!=="socket"&&!f.hasCodemod);let k=!1,D=0;const $=[];if(o){const f=hi({force:t});if(f.killed.length>0&&(d.success(`Cleaned up ${String(f.killed.length)} orphaned process${f.killed.length===1?"":"es"} (PIDs: ${f.killed.join(", ")}).`),k=!0),f.failed.length>0){const A=t?"":" Re-run with `--fix --fix-force` to escalate to SIGKILL.";d.warn(`Could not signal ${String(f.failed.length)} orphan${f.failed.length===1?"":"s"}: ${f.failed.map(M=>`${String(M.pid)} (${M.reason})`).join(", ")}.${A}`)}}if(p.length>0){const f=Gt(a,q(a,"package.json"),p,n,h);f.added.length>0&&(d.success(`Added ${String(f.added.length)} security override${f.added.length===1?"":"s"}.`),k=!0),f.updated.length>0&&(d.success(`Updated ${String(f.updated.length)} override${f.updated.length===1?"":"s"}.`),k=!0)}for(const f of y)try{const A=await Ut(i,a,f.packageName);A.filesChanged>0&&(d.success(`${f.packageName}: ${String(A.filesChanged)} file${A.filesChanged===1?"":"s"} updated`),D+=1,k=!0)}catch(A){const M=A instanceof Error?A.message:String(A);$.push({error:M,package:f.packageName}),d.warn(`${f.packageName}: codemod failed — ${M}`)}p.length>0&&(d.log(`${ke(N.arrow)} Running ${n.name} install to update lockfile…`),Yt(n,{dev:!1,filter:[],force:!1,frozenLockfile:!1,ignoreScripts:!1,lockfileOnly:!1,noOptional:!1,offline:!1,prod:!1,recursive:!1,silent:!1,workspaceRoot:!1},a,l),k=!0),d.log(""),k?d.success(`Fixes applied. ${D>0?`${String(D)} codemod${D===1?"":"s"} applied.`:""}`.trim()):d.log(pt("No auto-fixable items in the current run.")),$.length>0&&d.warn(`${String($.length)} codemod${$.length===1?"":"s"} failed (run ${fe("vis optimize")} for the interactive picker).`),j.length>0&&d.notice(`${String(j.length)} optimization${j.length===1?"":"s"} need manual review (no codemod). Run ${fe("vis optimize")} to inspect them.`)};export{Us as default};
@@ -1 +1 @@
1
- import{r as g}from"../packem_shared/affected-shas-CwRY5aoc.js";import{r as m}from"../packem_shared/toolchain-C44mPKPu.js";const w=async({argument:d,logger:t,options:o,runtime:r,visConfig:s,workspaceRoot:e})=>{const l=d[0];if(!l)throw new Error("Missing targets. Usage: vis ci <target>[,<target>…]");const f=l.split(",").map(a=>a.trim()).filter(Boolean);if(f.length===0)throw new Error("Missing targets. Usage: vis ci <target>[,<target>…]");if(!e)throw new Error("Could not determine workspace root. Run this command inside a monorepo.");const i=g({defaultBase:s?.defaultBase,workspaceRoot:e}),p=o.base??i.base,c=o.head??i.head;!o.base&&!o.head&&t.info(`▸ Resolved affected refs from ${i.provider} (${i.notes.join("; ")})`),o.skipToolchain||t.info("▸ Toolchain pre-flight"),await m(e,s?.toolchain,{error:a=>{t.error(a)},info:a=>{t.info(a)},warn:a=>{t.warn(a)}},!!o.skipToolchain),o.install===!1?t.info("▸ Skipping install (--no-install)"):(t.info("▸ Installing dependencies"),await r.runCommand("install",{argv:["--ci","--frozen-lockfile"]}));for(const a of f){t.info(`▸ Running affected ${a} (base=${p}, head=${c})`);const n=[a,`--base=${p}`,`--head=${c}`,`--upstream=${String(o.upstream??"none")}`,`--downstream=${String(o.downstream??"deep")}`];o.parallel!==void 0&&n.push(`--parallel=${String(o.parallel)}`),o.partition&&n.push(`--partition=${String(o.partition)}`),o.query&&n.push(`--query=${String(o.query)}`),await r.runCommand("affected",{argv:n})}t.info("▸ CI pipeline complete")};export{w as default};
1
+ import{r as g}from"../packem_shared/affected-shas-CCxG4tvm.js";import{r as m}from"../packem_shared/toolchain-C44mPKPu.js";const w=async({argument:d,logger:t,options:o,runtime:r,visConfig:s,workspaceRoot:e})=>{const l=d[0];if(!l)throw new Error("Missing targets. Usage: vis ci <target>[,<target>…]");const f=l.split(",").map(a=>a.trim()).filter(Boolean);if(f.length===0)throw new Error("Missing targets. Usage: vis ci <target>[,<target>…]");if(!e)throw new Error("Could not determine workspace root. Run this command inside a monorepo.");const i=g({defaultBase:s?.defaultBase,workspaceRoot:e}),p=o.base??i.base,c=o.head??i.head;!o.base&&!o.head&&t.info(`▸ Resolved affected refs from ${i.provider} (${i.notes.join("; ")})`),o.skipToolchain||t.info("▸ Toolchain pre-flight"),await m(e,s?.toolchain,{error:a=>{t.error(a)},info:a=>{t.info(a)},warn:a=>{t.warn(a)}},!!o.skipToolchain),o.install===!1?t.info("▸ Skipping install (--no-install)"):(t.info("▸ Installing dependencies"),await r.runCommand("install",{argv:["--ci","--frozen-lockfile"]}));for(const a of f){t.info(`▸ Running affected ${a} (base=${p}, head=${c})`);const n=[a,`--base=${p}`,`--head=${c}`,`--upstream=${String(o.upstream??"none")}`,`--downstream=${String(o.downstream??"deep")}`];o.parallel!==void 0&&n.push(`--parallel=${String(o.parallel)}`),o.partition&&n.push(`--partition=${String(o.partition)}`),o.query&&n.push(`--query=${String(o.query)}`),await r.runCommand("affected",{argv:n})}t.info("▸ CI pipeline complete")};export{w as default};
@@ -1,4 +1,4 @@
1
- import{createRequire as Et}from"node:module";import{V as we,E as D,s as ye,q as pt,Q as dt}from"../packem_shared/index.server-J83sowC4.js";import{I as Lt,m as z,f as J,v as be,T as Ze,B as Tt}from"../packem_shared/index-CE6MsgcV.js";import{I as De}from"../packem_shared/index-B0EsgdzO.js";import{whichBin as Pt}from"#native";import{r as zt,R as Wt,b as _t}from"../packem_shared/ai-analysis-CO6S0afy.js";import{N as Ht,O as Ut,B as Ft,Q as Gt,p as u,i as Qe}from"./cli-main.js";import"../packem_shared/public-api-WqUCiyIe.js";import{u as Ve}from"./ts-loader.js";import{e as Bt,W as Kt,v as qt,a as Jt,N as Yt,f as Zt,b as Qt,O as Xt}from"./catalog.js";import{w as ei,M as ti}from"../packem_shared/pm-runner-D4jM58Oz.js";import{s as L}from"../packem_shared/index-Cg0IHaFI.js";import{c as gt,s as he,p as ii,e as ai,g as ni}from"../packem_shared/index-CQjzW7m8.js";import{d as ri}from"../packem_shared/anolilab-text-CAM_E6uK.js";import{t as oi,b as si}from"../packem_shared/cyclonedx-BeUmPgfO.js";import{s as pi}from"../packem_shared/scan-progress-D4yywI6P.js";import{r as di,A as Xe,q as et}from"../packem_shared/advisories-CefYKEPe.js";import{a as ut}from"../packem_shared/readJsonSync-CvkZyKmL-ihoybKvs.js";import{l as gi,f as fi,a as ui}from"../packem_shared/dependency-scan-DpOFiZuI.js";import{r as mi}from"../packem_shared/manifests-WBnsV_Eb.js";import{l as bi,p as xi,O as ki}from"../packem_shared/osv-bloom-BsQ-aFiM.js";import{H as tt,h as $i,D as Si,y as Ni}from"../packem_shared/env-C2ZCnfP_.js";const Ot=Et(import.meta.url),ee=typeof globalThis<"u"&&typeof globalThis.process<"u"?globalThis.process:process,Y=e=>{if(typeof ee<"u"&&ee.versions&&ee.versions.node){const[t,i]=ee.versions.node.split(".").map(Number);if(t>22||t===22&&i>=3||t===20&&i>=16)return ee.getBuiltinModule(e)}return Ot(e)},{spawnSync:Dt}=Y("node:child_process"),{createInterface:Mt}=Y("node:readline"),{stripVTControlCharacters:Vt}=Y("node:util"),{createHash:ci}=Y("node:crypto"),{relative:ft,join:li}=Y("node:path"),{readFileSync:mt,existsSync:hi,writeFileSync:vi,renameSync:wi,unlinkSync:yi}=Y("node:fs"),it=(e,t={})=>{Array.isArray(t.extensions)||(t.extensions=["js","mjs","cjs","ts"]);const i=[];for(const a of Lt(e,t))i.push(a.path);return i},xe=e=>`${e.packageName}@${e.packageVersion}:${e.vulnerability.id}`,Ai=e=>e==null||e===!0||e===""||e==="true"||e.toString().toLowerCase()==="all",Ci=(e,t)=>{if(Ai(t))return e;const i=String(t).trim();if(/^\d+$/.test(i)){const n=Number.parseInt(i,10)-1,o=e[n];return o?[o]:[]}const a=i.toLowerCase();return e.filter(n=>{const{aliases:o,id:r}=n.vulnerability;return r.toLowerCase()===a||(o??[]).some(c=>c.toLowerCase()===a)})},Ri=e=>{const{packageName:t,packageVersion:i,vulnerability:a}=e,n=(a.aliases??[]).join(", ")||"none",o=(a.fixedVersions??[]).join(", ")||"no fixed version published";return`You are a security engineer. Explain this dependency vulnerability for a developer triaging it.
1
+ import{createRequire as Et}from"node:module";import{V as we,E as D,s as ye,q as pt,Q as dt}from"../packem_shared/index.server-J83sowC4.js";import{I as Lt,m as z,f as J,v as be,T as Ze,B as Tt}from"../packem_shared/index-CE6MsgcV.js";import{I as De}from"../packem_shared/index-B0EsgdzO.js";import{whichBin as Pt}from"#native";import{r as zt,R as Wt,b as _t}from"../packem_shared/ai-analysis-rC48NLfB.js";import{N as Ht,O as Ut,B as Ft,M as Gt,p as u,i as Qe}from"./cli-main.js";import"../packem_shared/public-api-WqUCiyIe.js";import{u as Ve}from"./ts-loader.js";import{e as Bt,W as Kt,v as qt,c as Jt,N as Yt,f as Zt,b as Qt,O as Xt}from"./catalog.js";import{A as ei,j as ti}from"../packem_shared/pm-runner-CQcraCcu.js";import{s as L}from"../packem_shared/index-Cg0IHaFI.js";import{c as gt,s as he,p as ii,e as ai,g as ni}from"../packem_shared/index-Cntyu-w8.js";import{d as ri}from"../packem_shared/anolilab-text-CAM_E6uK.js";import{t as oi,b as si}from"../packem_shared/cyclonedx-BeUmPgfO.js";import{s as pi}from"../packem_shared/scan-progress-YRpDs90j.js";import{r as di,A as Xe,q as et}from"../packem_shared/advisories-CefYKEPe.js";import{a as ut}from"../packem_shared/readJsonSync-CvkZyKmL-ihoybKvs.js";import{l as gi,f as fi,a as ui}from"../packem_shared/dependency-scan-DpOFiZuI.js";import{r as mi}from"../packem_shared/manifests-WBnsV_Eb.js";import{l as bi,p as xi,O as ki}from"../packem_shared/osv-bloom-DVMlkcAO.js";import{H as tt,h as $i,D as Si,y as Ni}from"../packem_shared/env-Ct3hMEYB.js";const Ot=Et(import.meta.url),ee=typeof globalThis<"u"&&typeof globalThis.process<"u"?globalThis.process:process,Y=e=>{if(typeof ee<"u"&&ee.versions&&ee.versions.node){const[t,i]=ee.versions.node.split(".").map(Number);if(t>22||t===22&&i>=3||t===20&&i>=16)return ee.getBuiltinModule(e)}return Ot(e)},{spawnSync:Dt}=Y("node:child_process"),{createInterface:Mt}=Y("node:readline"),{stripVTControlCharacters:Vt}=Y("node:util"),{createHash:ci}=Y("node:crypto"),{relative:ft,join:li}=Y("node:path"),{readFileSync:mt,existsSync:hi,writeFileSync:vi,renameSync:wi,unlinkSync:yi}=Y("node:fs"),it=(e,t={})=>{Array.isArray(t.extensions)||(t.extensions=["js","mjs","cjs","ts"]);const i=[];for(const a of Lt(e,t))i.push(a.path);return i},xe=e=>`${e.packageName}@${e.packageVersion}:${e.vulnerability.id}`,Ai=e=>e==null||e===!0||e===""||e==="true"||e.toString().toLowerCase()==="all",Ci=(e,t)=>{if(Ai(t))return e;const i=String(t).trim();if(/^\d+$/.test(i)){const n=Number.parseInt(i,10)-1,o=e[n];return o?[o]:[]}const a=i.toLowerCase();return e.filter(n=>{const{aliases:o,id:r}=n.vulnerability;return r.toLowerCase()===a||(o??[]).some(c=>c.toLowerCase()===a)})},Ri=e=>{const{packageName:t,packageVersion:i,vulnerability:a}=e,n=(a.aliases??[]).join(", ")||"none",o=(a.fixedVersions??[]).join(", ")||"no fixed version published";return`You are a security engineer. Explain this dependency vulnerability for a developer triaging it.
2
2
 
3
3
  Package: ${t}@${i}
4
4
  Advisory: ${a.id} (aliases: ${n})