@vltpkg/query 0.0.0-6 → 0.0.0-7

package/README.md

@@ -174,6 +174,13 @@ security data needs to be fetched prior to a `Query` instantiation.
 - `:confused` Matches packages affected by manifest confusion. This
   could be malicious or caused by an error when publishing the
   package.
+- `:cve(<id>)` Matches packages that have a CVE alert with the
+  specified CVE ID. The ID parameter is required and should be a valid
+  CVE identifier (e.g., `CVE-2023-1234`). This selector can be used to
+  find packages affected by specific known vulnerabilities.
+- `:cwe(<id>)` Matches packages that have a CWE alert with the
+  specified CWE ID. The ID parameter is required and should be a valid
+  CWE identifier (e.g., `CWE-79`).
 - `:debug` Matches packages that use debug, reflection and dynamic
   code execution features.
 - `:deprecated` Matches packages marked as deprecated. This could
@@ -192,9 +199,25 @@ security data needs to be fetched prior to a `Query` instantiation.
   code may contain exploits or malicious behavior.
 - `:fs` Matches packages that accesses the file system, and could
   potentially read sensitive data.
-- `:obfuscated` Matches packages that use obfuscated files,
-  intentionally packed to hide their behavior. This could be a sign of
-  malware.
+- `:license(<type>)` Matches packages based on different potential
+  license issues:
+  - `:license(unlicensed)` Matches packages with no license.
+  - `:license(misc)` Matches packages with fine-grained problems.
+  - `:license(restricted)` Matches packages with a license that is not
+    permissive.
+  - `:license(ambiguous)` Matches packages with ambiguous licensing.
+  - `:license(copyleft)` Matches packages with a copyleft license.
+  - `:license(unknown)` Matches packages that have potential license
+    data but its type could not be determined.
+  - `:license(none)` Matches packages that have no license data.
+  - `:license(exception)` Matches packages that have SPDX license
+    exception.
+- `:malware(<type>)` Matches packages that may contain malware. The
+  type parameter is required and can be one of the following:
+  - `critical` or `0`
+  - `high` or `1`
+  - `medium` or `2`
+  - `low` or `3`
 - `:minified` Matches packages that contain minified code. This may be
   harmless in some cases where minified code is included in packaged
   libraries.
@@ -202,13 +225,28 @@ security data needs to be fetched prior to a `Query` instantiation.
   binaries or shared libraries). Including native code can obscure
   malicious behavior.
 - `:network` Matches packages that access the network.
+- `:obfuscated` Matches packages that use obfuscated files,
+  intentionally packed to hide their behavior. This could be a sign of
+  malware.
 - `:scripts` Matches packages that have scripts that are run when the
   package is installed. The majority of malware in npm is hidden in
   install scripts.
+- `:severity` Matches packages based of the severity level of any
+  attached CVE. The type paremeter is required and can be one of the
+  following:
+  - `critical` or `0`
+  - `high` or `1`
+  - `medium` or `2`
+  - `low` or `3`
 - `:shell` Matches packages that accesses the system shell. Accessing
   the system shell increases the risk of executing arbitrary code.
 - `:shrinkwrap` Matches packages that contains a shrinkwrap file. This
   may allow the package to bypass normal install procedures.
+- `:squat(<type>)` Matches packages with names similar to other
+  popular packages and may not be the package you want. The type
+  parameter is required and can be one of the following:
+  - `critical` or `0`
+  - `medium` or `2`
 - `:suspicious` Matches packages that may have its GitHub repository
   artificially inflated with stars (from bots, crowdsourcing, etc.).
 - `:tracker` Matches packages that contains telemetry which tracks how

package/dist/esm/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAY,SAAS,EAAY,MAAM,eAAe,CAAA;AAClE,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,sBAAsB,CAAA;AACvD,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,0BAA0B,CAAA;AAYnE,OAAO,KAAK,EAEV,WAAW,EAEX,aAAa,EACd,MAAM,YAAY,CAAA;AAEnB,cAAc,YAAY,CAAA;AAiC1B,eAAO,MAAM,IAAI,UACR,WAAW,KACjB,OAAO,CAAC,WAAW,CAmDrB,CAAA;AAED,MAAM,MAAM,YAAY,GAAG;IACzB,KAAK,EAAE,SAAS,CAAA;IAChB,WAAW,EAAE,WAAW,CAAA;IACxB,eAAe,EAAE,mBAAmB,GAAG,SAAS,CAAA;CACjD,CAAA;AA+BD,qBAAa,KAAK;;IAMhB;;;;OAIG;IACH,MAAM,CAAC,oBAAoB,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO;gBASvC,EAAE,KAAK,EAAE,WAAW,EAAE,eAAe,EAAE,EAAE,YAAY;IAOjE;;OAEG;IACG,MAAM,CACV,KAAK,EAAE,MAAM,EACb,MAAM,CAAC,EAAE,WAAW,GACnB,OAAO,CAAC,aAAa,CAAC;CAmD1B"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAY,SAAS,EAAY,MAAM,eAAe,CAAA;AAClE,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,sBAAsB,CAAA;AACvD,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,0BAA0B,CAAA;AAYnE,OAAO,KAAK,EAEV,WAAW,EAEX,aAAa,EACd,MAAM,YAAY,CAAA;AAEnB,cAAc,YAAY,CAAA;AAiC1B,eAAO,MAAM,IAAI,UACR,WAAW,KACjB,OAAO,CAAC,WAAW,CAmDrB,CAAA;AAED,MAAM,MAAM,YAAY,GAAG;IACzB,KAAK,EAAE,SAAS,CAAA;IAChB,WAAW,EAAE,WAAW,CAAA;IACxB,eAAe,EAAE,mBAAmB,GAAG,SAAS,CAAA;CACjD,CAAA;AAqCD,qBAAa,KAAK;;IAMhB;;;;OAIG;IACH,MAAM,CAAC,oBAAoB,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO;gBASvC,EAAE,KAAK,EAAE,WAAW,EAAE,eAAe,EAAE,EAAE,YAAY;IAOjE;;OAEG;IACG,MAAM,CACV,KAAK,EAAE,MAAM,EACb,MAAM,CAAC,EAAE,WAAW,GACnB,OAAO,CAAC,aAAa,CAAC;CAmD1B"}

package/dist/esm/index.js

@@ -79,6 +79,7 @@ export const walk = async (state) => {
 const securitySelectors = new Set([
     ':abandoned',
     ':confused',
+    ':cve',
     ':debug',
     ':deprecated',
     ':dynamic',
@@ -86,13 +87,18 @@ const securitySelectors = new Set([
     ':env',
     ':eval',
     ':fs',
-    ':obfuscated',
+    ':license',
+    ':malware',
     ':minified',
     ':native',
     ':network',
+    ':obfuscated',
     ':scripts',
+    ':sev',
+    ':severity',
     ':shell',
     ':shrinkwrap',
+    ':squat',
     ':suspicious',
     ':tracker',
     ':trivial',

package/dist/esm/index.js.map

@@ -1 +1 @@
-{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,EAAE,MAAM,qBAAqB,CAAA;AAI3C,OAAO,qBAAqB,MAAM,yBAAyB,CAAA;AAC3D,OAAO,EAAE,SAAS,EAAE,MAAM,gBAAgB,CAAA;AAC1C,OAAO,EAAE,OAAO,EAAE,MAAM,YAAY,CAAA;AACpC,OAAO,EAAE,UAAU,EAAE,MAAM,iBAAiB,CAAA;AAC5C,OAAO,EAAE,EAAE,EAAE,MAAM,SAAS,CAAA;AAC5B,OAAO,EAAE,MAAM,EAAE,MAAM,aAAa,CAAA;AACpC,OAAO,EACL,yBAAyB,EACzB,yBAAyB,EACzB,cAAc,GACf,MAAM,YAAY,CAAA;AAQnB,cAAc,YAAY,CAAA;AAE1B,MAAM,MAAM,GAAG,KAAK,EAAE,KAAkB,EAAE,EAAE,CAAC,KAAK,CAAA;AAElD,MAAM,SAAS,GAAG;IAChB,SAAS;IACT,KAAK,EAAE,OAAO;IACd,UAAU;IACV,OAAO,EAAE,MAAM;IACf,EAAE;IACF,OAAO,EAAE,MAAM;IACf,MAAM;IACN,IAAI,EAAE,MAAM;IACZ,QAAQ,EAAE,KAAK,EAAE,KAAkB,EAAE,EAAE;QACrC,KAAK,CAAC,OAAO,CAAC,KAAK,GAAG,IAAI,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,CAAA;QAClD,KAAK,CAAC,OAAO,CAAC,KAAK,GAAG,IAAI,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,CAAA;QAClD,OAAO,KAAK,CAAA;IACd,CAAC;IACD,MAAM,EAAE,KAAK,EAAE,KAAkB,EAAE,EAAE;QACnC,MAAM,KAAK,CAAC,sBAAsB,EAAE,EAAE,KAAK,EAAE,KAAK,CAAC,OAAO,EAAE,CAAC,CAAA;IAC/D,CAAC;IACD,GAAG,EAAE,KAAK,EAAE,KAAkB,EAAE,EAAE;QAChC,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,KAAK,GAAG,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,KAAK,GAAG,EAAE,CAAC;YAC/D,MAAM,KAAK,CAAC,sBAAsB,EAAE,EAAE,KAAK,EAAE,KAAK,CAAC,OAAO,EAAE,CAAC,CAAA;QAC/D,CAAC;QACD,OAAO,KAAK,CAAA;IACd,CAAC;IACD,SAAS,EAAE,MAAM;CAClB,CAAA;AACD,MAAM,YAAY,GAAG,IAAI,GAAG,CAC1B,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC,CAC1B,CAAA;AAED,MAAM,CAAC,MAAM,IAAI,GAAG,KAAK,EACvB,KAAkB,EACI,EAAE;IACxB,MAAM,KAAK,CAAC,WAAW,EAAE,CAAA;IAEzB,MAAM,QAAQ,GAAG,YAAY,CAAC,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,CAAA;IAErD,IAAI,CAAC,QAAQ,EAAE,CAAC;QACd,IAAI,KAAK,CAAC,KAAK,EAAE,CAAC;YAChB,OAAO,KAAK,CAAA;QACd,CAAC;QAED,MAAM,IAAI,KAAK,CACb,kCAAkC,KAAK,CAAC,OAAO,CAAC,IAAI,EAAE,CACvD,CAAA;IACH,CAAC;IACD,KAAK,GAAG,MAAM,QAAQ,CAAC,KAAK,CAAC,CAAA;IAE7B,kDAAkD;IAClD,IACE,yBAAyB,CAAC,KAAK,CAAC,OAAO,CAAC;QACxC,KAAK,CAAC,OAAO,CAAC,IAAI,KAAK,QAAQ,EAC/B,CAAC;QACD,MAAM,IAAI,GAA4B,yBAAyB,CAC7D,KAAK,CAAC,OAAO,CACd,CAAA;QAED,IAAI,IAAI,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC;YACtB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;gBAC3C,MAAM,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAA;gBAC7B,2DAA2D;gBAC3D,IAAI,CAAC,OAAO;oBAAE,SAAQ;gBAEtB,MAAM,UAAU,GAAgB;oBAC9B,GAAG,KAAK;oBACR,OAAO;oBACP,IAAI,EAAE,IAAI,CAAC,KAAK,CAAC,CAAC,GAAG,CAAC,CAAC;oBACvB,IAAI,EAAE,IAAI,CAAC,KAAK,CAAC,CAAC,GAAG,CAAC,CAAC;iBACxB,CAAA;gBACD,KAAK,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,CAAA;YAChC,CAAC;QACH,CAAC;QAED,IAAI,cAAc,CAAC,IAAI,CAAC,EAAE,CAAC;YACzB,KAAK,MAAM,IAAI,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;gBACvC,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC,CAAA;YAC/B,CAAC;YACD,KAAK,MAAM,IAAI,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;gBACvC,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC,CAAA;YAC/B,CAAC;QACH,CAAC;IACH,CAAC;IACD,OAAO,KAAK,CAAA;AACd,CAAC,CAAA;AAQD,kDAAkD;AAClD,kDAAkD;AAClD,MAAM,iBAAiB,GAAG,IAAI,GAAG,CAAC;IAChC,YAAY;IACZ,WAAW;IACX,QAAQ;IACR,aAAa;IACb,UAAU;IACV,WAAW;IACX,MAAM;IACN,OAAO;IACP,KAAK;IACL,aAAa;IACb,WAAW;IACX,SAAS;IACT,UAAU;IACV,UAAU;IACV,QAAQ;IACR,aAAa;IACb,aAAa;IACb,UAAU;IACV,UAAU;IACV,cAAc;IACd,UAAU;IACV,eAAe;IACf,YAAY;IACZ,WAAW;CACZ,CAAC,CAAA;AAEF,MAAM,OAAO,KAAK;IAChB,MAAM,CAA4B;IAClC,MAAM,CAAW;IACjB,YAAY,CAAa;IACzB,gBAAgB,CAAiC;IAEjD;;;;OAIG;IACH,MAAM,CAAC,oBAAoB,CAAC,KAAa;QACvC,KAAK,MAAM,QAAQ,IAAI,iBAAiB,EAAE,CAAC;YACzC,IAAI,KAAK,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE,CAAC;gBAC7B,OAAO,IAAI,CAAA;YACb,CAAC;QACH,CAAC;QACD,OAAO,KAAK,CAAA;IACd,CAAC;IAED,YAAY,EAAE,KAAK,EAAE,WAAW,EAAE,eAAe,EAAgB;QAC/D,IAAI,CAAC,MAAM,GAAG,IAAI,GAAG,EAAE,CAAA;QACvB,IAAI,CAAC,MAAM,GAAG,KAAK,CAAA;QACnB,IAAI,CAAC,YAAY,GAAG,WAAW,CAAA;QAC/B,IAAI,CAAC,gBAAgB,GAAG,eAAe,CAAA;IACzC,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,MAAM,CACV,KAAa,EACb,MAAoB;QAEpB,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;YAC9B,MAAM,IAAI,SAAS,CACjB,4CAA4C,CAC7C,CAAA;QACH,CAAC;QAED,IAAI,CAAC,KAAK;YAAE,OAAO,EAAE,KAAK,EAAE,EAAE,EAAE,KAAK,EAAE,EAAE,EAAE,CAAA;QAE3C,MAAM,YAAY,GAAG,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,KAAK,CAAC,CAAA;QAC3C,IAAI,YAAY,EAAE,CAAC;YACjB,OAAO,YAAY,CAAA;QACrB,CAAC;QAED,MAAM,KAAK,GAAG,IAAI,GAAG,CACnB,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC,CACvC,CAAA;QACD,MAAM,KAAK,GAAG,IAAI,GAAG,CAAW,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAA;QAE9D,0CAA0C;QAC1C,kCAAkC;QAClC,MAAM,EAAE,OAAO,EAAE,GAAG,MAAM,IAAI,CAAC;YAC7B,WAAW,EAAE,KAAK,IAAI,EAAE;gBACtB,MAAM,IAAI,OAAO,CAAC,OAAO,CAAC,EAAE;oBAC1B,UAAU,CAAC,OAAO,EAAE,CAAC,CAAC,CAAA;gBACxB,CAAC,CAAC,CAAA;gBACF,MAAM,EAAE,cAAc,EAAE,CAAA;YAC1B,CAAC;YACD,OAAO,EAAE,qBAAqB,EAAE,CAAC,OAAO,CAAC,KAAK,CAAC;YAC/C,OAAO,EAAE;gBACP,KAAK,EAAE,IAAI,GAAG,CAAC,KAAK,CAAC;gBACrB,KAAK,EAAE,IAAI,GAAG,CAAC,KAAK,CAAC;aACtB;YACD,OAAO,EAAE;gBACP,KAAK,EAAE,IAAI,GAAG,EAAY;gBAC1B,KAAK,EAAE,IAAI,GAAG,EAAY;aAC3B;YACD,OAAO,EAAE,EAAE,KAAK,EAAE,KAAK,EAAE;YACzB,MAAM;YACN,eAAe,EAAE,IAAI,CAAC,gBAAgB;YACtC,WAAW,EAAE,IAAI,CAAC,YAAY;YAC9B,IAAI;SACL,CAAC,CAAA;QAEF,MAAM,GAAG,GAAkB;YACzB,KAAK,EAAE,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC;YAChC,KAAK,EAAE,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC;SACjC,CAAA;QACD,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,KAAK,EAAE,GAAG,CAAC,CAAA;QAC3B,OAAO,GAAG,CAAA;IACZ,CAAC;CACF","sourcesContent":["import { error } from '@vltpkg/error-cause'\nimport type { EdgeLike, GraphLike, NodeLike } from '@vltpkg/graph'\nimport type { SpecOptions } from '@vltpkg/spec/browser'\nimport type { SecurityArchiveLike } from '@vltpkg/security-archive'\nimport postcssSelectorParser from 'postcss-selector-parser'\nimport { attribute } from './attribute.ts'\nimport { classFn } from './class.ts'\nimport { combinator } from './combinator.ts'\nimport { id } from './id.ts'\nimport { pseudo } from './pseudo.ts'\nimport {\n  isPostcssNodeWithChildren,\n  asPostcssNodeWithChildren,\n  isSelectorNode,\n} from './types.ts'\nimport type {\n  PostcssNodeWithChildren,\n  ParserState,\n  ParserFn,\n  QueryResponse,\n} from './types.ts'\n\nexport * from './types.ts'\n\nconst noopFn = async (state: ParserState) => state\n\nconst selectors = {\n  attribute,\n  class: classFn,\n  combinator,\n  comment: noopFn,\n  id,\n  nesting: noopFn,\n  pseudo,\n  root: noopFn,\n  selector: async (state: ParserState) => {\n    state.partial.nodes = new Set(state.initial.nodes)\n    state.partial.edges = new Set(state.initial.edges)\n    return state\n  },\n  string: async (state: ParserState) => {\n    throw error('Unsupported selector', { found: state.current })\n  },\n  tag: async (state: ParserState) => {\n    if (state.current.value !== '{' && state.current.value !== '}') {\n      throw error('Unsupported selector', { found: state.current })\n    }\n    return state\n  },\n  universal: noopFn,\n}\nconst selectorsMap = new Map<string, ParserFn>(\n  Object.entries(selectors),\n)\n\nexport const walk = async (\n  state: ParserState,\n): Promise<ParserState> => {\n  await state.cancellable()\n\n  const parserFn = selectorsMap.get(state.current.type)\n\n  if (!parserFn) {\n    if (state.loose) {\n      return state\n    }\n\n    throw new Error(\n      `Missing parser for query node: ${state.current.type}`,\n    )\n  }\n  state = await parserFn(state)\n\n  // pseudo selectors handle their own sub selectors\n  if (\n    isPostcssNodeWithChildren(state.current) &&\n    state.current.type !== 'pseudo'\n  ) {\n    const node: PostcssNodeWithChildren = asPostcssNodeWithChildren(\n      state.current,\n    )\n\n    if (node.nodes.length) {\n      for (let i = 0; i < node.nodes.length; i++) {\n        const current = node.nodes[i]\n        /* c8 ignore next -- impossible but TS doesn't know that */\n        if (!current) continue\n\n        const childState: ParserState = {\n          ...state,\n          current,\n          next: node.nodes[i + 1],\n          prev: node.nodes[i - 1],\n        }\n        state = await walk(childState)\n      }\n    }\n\n    if (isSelectorNode(node)) {\n      for (const edge of state.partial.edges) {\n        state.collect.edges.add(edge)\n      }\n      for (const node of state.partial.nodes) {\n        state.collect.nodes.add(node)\n      }\n    }\n  }\n  return state\n}\n\nexport type QueryOptions = {\n  graph: GraphLike\n  specOptions: SpecOptions\n  securityArchive: SecurityArchiveLike | undefined\n}\n\n// A list of known security selectors that rely on\n// data from the security-archive in order to work\nconst securitySelectors = new Set([\n  ':abandoned',\n  ':confused',\n  ':debug',\n  ':deprecated',\n  ':dynamic',\n  ':entropic',\n  ':env',\n  ':eval',\n  ':fs',\n  ':obfuscated',\n  ':minified',\n  ':native',\n  ':network',\n  ':scripts',\n  ':shell',\n  ':shrinkwrap',\n  ':suspicious',\n  ':tracker',\n  ':trivial',\n  ':undesirable',\n  ':unknown',\n  ':unmaintained',\n  ':unpopular',\n  ':unstable',\n])\n\nexport class Query {\n  #cache: Map<string, QueryResponse>\n  #graph: GraphLike\n  #specOptions: SpecOptions\n  #securityArchive: SecurityArchiveLike | undefined\n\n  /**\n   * Helper method to determine if a given query string is using any of\n   * the known security selectors. This is useful so that operations can\n   * skip hydrating the security archive if it's not needed.\n   */\n  static hasSecuritySelectors(query: string): boolean {\n    for (const selector of securitySelectors) {\n      if (query.includes(selector)) {\n        return true\n      }\n    }\n    return false\n  }\n\n  constructor({ graph, specOptions, securityArchive }: QueryOptions) {\n    this.#cache = new Map()\n    this.#graph = graph\n    this.#specOptions = specOptions\n    this.#securityArchive = securityArchive\n  }\n\n  /**\n   * Search the graph for nodes and edges that match the given query.\n   */\n  async search(\n    query: string,\n    signal?: AbortSignal,\n  ): Promise<QueryResponse> {\n    if (typeof query !== 'string') {\n      throw new TypeError(\n        'Query search argument needs to be a string',\n      )\n    }\n\n    if (!query) return { edges: [], nodes: [] }\n\n    const cachedResult = this.#cache.get(query)\n    if (cachedResult) {\n      return cachedResult\n    }\n\n    const nodes = new Set<NodeLike>(\n      Array.from(this.#graph.nodes.values()),\n    )\n    const edges = new Set<EdgeLike>(Array.from(this.#graph.edges))\n\n    // builds initial state and walks over it,\n    // retrieving the collected result\n    const { collect } = await walk({\n      cancellable: async () => {\n        await new Promise(resolve => {\n          setTimeout(resolve, 0)\n        })\n        signal?.throwIfAborted()\n      },\n      current: postcssSelectorParser().astSync(query),\n      initial: {\n        nodes: new Set(nodes),\n        edges: new Set(edges),\n      },\n      collect: {\n        nodes: new Set<NodeLike>(),\n        edges: new Set<EdgeLike>(),\n      },\n      partial: { nodes, edges },\n      signal,\n      securityArchive: this.#securityArchive,\n      specOptions: this.#specOptions,\n      walk,\n    })\n\n    const res: QueryResponse = {\n      edges: Array.from(collect.edges),\n      nodes: Array.from(collect.nodes),\n    }\n    this.#cache.set(query, res)\n    return res\n  }\n}\n"]}
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,EAAE,MAAM,qBAAqB,CAAA;AAI3C,OAAO,qBAAqB,MAAM,yBAAyB,CAAA;AAC3D,OAAO,EAAE,SAAS,EAAE,MAAM,gBAAgB,CAAA;AAC1C,OAAO,EAAE,OAAO,EAAE,MAAM,YAAY,CAAA;AACpC,OAAO,EAAE,UAAU,EAAE,MAAM,iBAAiB,CAAA;AAC5C,OAAO,EAAE,EAAE,EAAE,MAAM,SAAS,CAAA;AAC5B,OAAO,EAAE,MAAM,EAAE,MAAM,aAAa,CAAA;AACpC,OAAO,EACL,yBAAyB,EACzB,yBAAyB,EACzB,cAAc,GACf,MAAM,YAAY,CAAA;AAQnB,cAAc,YAAY,CAAA;AAE1B,MAAM,MAAM,GAAG,KAAK,EAAE,KAAkB,EAAE,EAAE,CAAC,KAAK,CAAA;AAElD,MAAM,SAAS,GAAG;IAChB,SAAS;IACT,KAAK,EAAE,OAAO;IACd,UAAU;IACV,OAAO,EAAE,MAAM;IACf,EAAE;IACF,OAAO,EAAE,MAAM;IACf,MAAM;IACN,IAAI,EAAE,MAAM;IACZ,QAAQ,EAAE,KAAK,EAAE,KAAkB,EAAE,EAAE;QACrC,KAAK,CAAC,OAAO,CAAC,KAAK,GAAG,IAAI,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,CAAA;QAClD,KAAK,CAAC,OAAO,CAAC,KAAK,GAAG,IAAI,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,CAAA;QAClD,OAAO,KAAK,CAAA;IACd,CAAC;IACD,MAAM,EAAE,KAAK,EAAE,KAAkB,EAAE,EAAE;QACnC,MAAM,KAAK,CAAC,sBAAsB,EAAE,EAAE,KAAK,EAAE,KAAK,CAAC,OAAO,EAAE,CAAC,CAAA;IAC/D,CAAC;IACD,GAAG,EAAE,KAAK,EAAE,KAAkB,EAAE,EAAE;QAChC,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,KAAK,GAAG,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,KAAK,GAAG,EAAE,CAAC;YAC/D,MAAM,KAAK,CAAC,sBAAsB,EAAE,EAAE,KAAK,EAAE,KAAK,CAAC,OAAO,EAAE,CAAC,CAAA;QAC/D,CAAC;QACD,OAAO,KAAK,CAAA;IACd,CAAC;IACD,SAAS,EAAE,MAAM;CAClB,CAAA;AACD,MAAM,YAAY,GAAG,IAAI,GAAG,CAC1B,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC,CAC1B,CAAA;AAED,MAAM,CAAC,MAAM,IAAI,GAAG,KAAK,EACvB,KAAkB,EACI,EAAE;IACxB,MAAM,KAAK,CAAC,WAAW,EAAE,CAAA;IAEzB,MAAM,QAAQ,GAAG,YAAY,CAAC,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,CAAA;IAErD,IAAI,CAAC,QAAQ,EAAE,CAAC;QACd,IAAI,KAAK,CAAC,KAAK,EAAE,CAAC;YAChB,OAAO,KAAK,CAAA;QACd,CAAC;QAED,MAAM,IAAI,KAAK,CACb,kCAAkC,KAAK,CAAC,OAAO,CAAC,IAAI,EAAE,CACvD,CAAA;IACH,CAAC;IACD,KAAK,GAAG,MAAM,QAAQ,CAAC,KAAK,CAAC,CAAA;IAE7B,kDAAkD;IAClD,IACE,yBAAyB,CAAC,KAAK,CAAC,OAAO,CAAC;QACxC,KAAK,CAAC,OAAO,CAAC,IAAI,KAAK,QAAQ,EAC/B,CAAC;QACD,MAAM,IAAI,GAA4B,yBAAyB,CAC7D,KAAK,CAAC,OAAO,CACd,CAAA;QAED,IAAI,IAAI,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC;YACtB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;gBAC3C,MAAM,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAA;gBAC7B,2DAA2D;gBAC3D,IAAI,CAAC,OAAO;oBAAE,SAAQ;gBAEtB,MAAM,UAAU,GAAgB;oBAC9B,GAAG,KAAK;oBACR,OAAO;oBACP,IAAI,EAAE,IAAI,CAAC,KAAK,CAAC,CAAC,GAAG,CAAC,CAAC;oBACvB,IAAI,EAAE,IAAI,CAAC,KAAK,CAAC,CAAC,GAAG,CAAC,CAAC;iBACxB,CAAA;gBACD,KAAK,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,CAAA;YAChC,CAAC;QACH,CAAC;QAED,IAAI,cAAc,CAAC,IAAI,CAAC,EAAE,CAAC;YACzB,KAAK,MAAM,IAAI,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;gBACvC,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC,CAAA;YAC/B,CAAC;YACD,KAAK,MAAM,IAAI,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;gBACvC,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC,CAAA;YAC/B,CAAC;QACH,CAAC;IACH,CAAC;IACD,OAAO,KAAK,CAAA;AACd,CAAC,CAAA;AAQD,kDAAkD;AAClD,kDAAkD;AAClD,MAAM,iBAAiB,GAAG,IAAI,GAAG,CAAC;IAChC,YAAY;IACZ,WAAW;IACX,MAAM;IACN,QAAQ;IACR,aAAa;IACb,UAAU;IACV,WAAW;IACX,MAAM;IACN,OAAO;IACP,KAAK;IACL,UAAU;IACV,UAAU;IACV,WAAW;IACX,SAAS;IACT,UAAU;IACV,aAAa;IACb,UAAU;IACV,MAAM;IACN,WAAW;IACX,QAAQ;IACR,aAAa;IACb,QAAQ;IACR,aAAa;IACb,UAAU;IACV,UAAU;IACV,cAAc;IACd,UAAU;IACV,eAAe;IACf,YAAY;IACZ,WAAW;CACZ,CAAC,CAAA;AAEF,MAAM,OAAO,KAAK;IAChB,MAAM,CAA4B;IAClC,MAAM,CAAW;IACjB,YAAY,CAAa;IACzB,gBAAgB,CAAiC;IAEjD;;;;OAIG;IACH,MAAM,CAAC,oBAAoB,CAAC,KAAa;QACvC,KAAK,MAAM,QAAQ,IAAI,iBAAiB,EAAE,CAAC;YACzC,IAAI,KAAK,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE,CAAC;gBAC7B,OAAO,IAAI,CAAA;YACb,CAAC;QACH,CAAC;QACD,OAAO,KAAK,CAAA;IACd,CAAC;IAED,YAAY,EAAE,KAAK,EAAE,WAAW,EAAE,eAAe,EAAgB;QAC/D,IAAI,CAAC,MAAM,GAAG,IAAI,GAAG,EAAE,CAAA;QACvB,IAAI,CAAC,MAAM,GAAG,KAAK,CAAA;QACnB,IAAI,CAAC,YAAY,GAAG,WAAW,CAAA;QAC/B,IAAI,CAAC,gBAAgB,GAAG,eAAe,CAAA;IACzC,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,MAAM,CACV,KAAa,EACb,MAAoB;QAEpB,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;YAC9B,MAAM,IAAI,SAAS,CACjB,4CAA4C,CAC7C,CAAA;QACH,CAAC;QAED,IAAI,CAAC,KAAK;YAAE,OAAO,EAAE,KAAK,EAAE,EAAE,EAAE,KAAK,EAAE,EAAE,EAAE,CAAA;QAE3C,MAAM,YAAY,GAAG,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,KAAK,CAAC,CAAA;QAC3C,IAAI,YAAY,EAAE,CAAC;YACjB,OAAO,YAAY,CAAA;QACrB,CAAC;QAED,MAAM,KAAK,GAAG,IAAI,GAAG,CACnB,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC,CACvC,CAAA;QACD,MAAM,KAAK,GAAG,IAAI,GAAG,CAAW,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAA;QAE9D,0CAA0C;QAC1C,kCAAkC;QAClC,MAAM,EAAE,OAAO,EAAE,GAAG,MAAM,IAAI,CAAC;YAC7B,WAAW,EAAE,KAAK,IAAI,EAAE;gBACtB,MAAM,IAAI,OAAO,CAAC,OAAO,CAAC,EAAE;oBAC1B,UAAU,CAAC,OAAO,EAAE,CAAC,CAAC,CAAA;gBACxB,CAAC,CAAC,CAAA;gBACF,MAAM,EAAE,cAAc,EAAE,CAAA;YAC1B,CAAC;YACD,OAAO,EAAE,qBAAqB,EAAE,CAAC,OAAO,CAAC,KAAK,CAAC;YAC/C,OAAO,EAAE;gBACP,KAAK,EAAE,IAAI,GAAG,CAAC,KAAK,CAAC;gBACrB,KAAK,EAAE,IAAI,GAAG,CAAC,KAAK,CAAC;aACtB;YACD,OAAO,EAAE;gBACP,KAAK,EAAE,IAAI,GAAG,EAAY;gBAC1B,KAAK,EAAE,IAAI,GAAG,EAAY;aAC3B;YACD,OAAO,EAAE,EAAE,KAAK,EAAE,KAAK,EAAE;YACzB,MAAM;YACN,eAAe,EAAE,IAAI,CAAC,gBAAgB;YACtC,WAAW,EAAE,IAAI,CAAC,YAAY;YAC9B,IAAI;SACL,CAAC,CAAA;QAEF,MAAM,GAAG,GAAkB;YACzB,KAAK,EAAE,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC;YAChC,KAAK,EAAE,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC;SACjC,CAAA;QACD,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,KAAK,EAAE,GAAG,CAAC,CAAA;QAC3B,OAAO,GAAG,CAAA;IACZ,CAAC;CACF","sourcesContent":["import { error } from '@vltpkg/error-cause'\nimport type { EdgeLike, GraphLike, NodeLike } from '@vltpkg/graph'\nimport type { SpecOptions } from '@vltpkg/spec/browser'\nimport type { SecurityArchiveLike } from '@vltpkg/security-archive'\nimport postcssSelectorParser from 'postcss-selector-parser'\nimport { attribute } from './attribute.ts'\nimport { classFn } from './class.ts'\nimport { combinator } from './combinator.ts'\nimport { id } from './id.ts'\nimport { pseudo } from './pseudo.ts'\nimport {\n  isPostcssNodeWithChildren,\n  asPostcssNodeWithChildren,\n  isSelectorNode,\n} from './types.ts'\nimport type {\n  PostcssNodeWithChildren,\n  ParserState,\n  ParserFn,\n  QueryResponse,\n} from './types.ts'\n\nexport * from './types.ts'\n\nconst noopFn = async (state: ParserState) => state\n\nconst selectors = {\n  attribute,\n  class: classFn,\n  combinator,\n  comment: noopFn,\n  id,\n  nesting: noopFn,\n  pseudo,\n  root: noopFn,\n  selector: async (state: ParserState) => {\n    state.partial.nodes = new Set(state.initial.nodes)\n    state.partial.edges = new Set(state.initial.edges)\n    return state\n  },\n  string: async (state: ParserState) => {\n    throw error('Unsupported selector', { found: state.current })\n  },\n  tag: async (state: ParserState) => {\n    if (state.current.value !== '{' && state.current.value !== '}') {\n      throw error('Unsupported selector', { found: state.current })\n    }\n    return state\n  },\n  universal: noopFn,\n}\nconst selectorsMap = new Map<string, ParserFn>(\n  Object.entries(selectors),\n)\n\nexport const walk = async (\n  state: ParserState,\n): Promise<ParserState> => {\n  await state.cancellable()\n\n  const parserFn = selectorsMap.get(state.current.type)\n\n  if (!parserFn) {\n    if (state.loose) {\n      return state\n    }\n\n    throw new Error(\n      `Missing parser for query node: ${state.current.type}`,\n    )\n  }\n  state = await parserFn(state)\n\n  // pseudo selectors handle their own sub selectors\n  if (\n    isPostcssNodeWithChildren(state.current) &&\n    state.current.type !== 'pseudo'\n  ) {\n    const node: PostcssNodeWithChildren = asPostcssNodeWithChildren(\n      state.current,\n    )\n\n    if (node.nodes.length) {\n      for (let i = 0; i < node.nodes.length; i++) {\n        const current = node.nodes[i]\n        /* c8 ignore next -- impossible but TS doesn't know that */\n        if (!current) continue\n\n        const childState: ParserState = {\n          ...state,\n          current,\n          next: node.nodes[i + 1],\n          prev: node.nodes[i - 1],\n        }\n        state = await walk(childState)\n      }\n    }\n\n    if (isSelectorNode(node)) {\n      for (const edge of state.partial.edges) {\n        state.collect.edges.add(edge)\n      }\n      for (const node of state.partial.nodes) {\n        state.collect.nodes.add(node)\n      }\n    }\n  }\n  return state\n}\n\nexport type QueryOptions = {\n  graph: GraphLike\n  specOptions: SpecOptions\n  securityArchive: SecurityArchiveLike | undefined\n}\n\n// A list of known security selectors that rely on\n// data from the security-archive in order to work\nconst securitySelectors = new Set([\n  ':abandoned',\n  ':confused',\n  ':cve',\n  ':debug',\n  ':deprecated',\n  ':dynamic',\n  ':entropic',\n  ':env',\n  ':eval',\n  ':fs',\n  ':license',\n  ':malware',\n  ':minified',\n  ':native',\n  ':network',\n  ':obfuscated',\n  ':scripts',\n  ':sev',\n  ':severity',\n  ':shell',\n  ':shrinkwrap',\n  ':squat',\n  ':suspicious',\n  ':tracker',\n  ':trivial',\n  ':undesirable',\n  ':unknown',\n  ':unmaintained',\n  ':unpopular',\n  ':unstable',\n])\n\nexport class Query {\n  #cache: Map<string, QueryResponse>\n  #graph: GraphLike\n  #specOptions: SpecOptions\n  #securityArchive: SecurityArchiveLike | undefined\n\n  /**\n   * Helper method to determine if a given query string is using any of\n   * the known security selectors. This is useful so that operations can\n   * skip hydrating the security archive if it's not needed.\n   */\n  static hasSecuritySelectors(query: string): boolean {\n    for (const selector of securitySelectors) {\n      if (query.includes(selector)) {\n        return true\n      }\n    }\n    return false\n  }\n\n  constructor({ graph, specOptions, securityArchive }: QueryOptions) {\n    this.#cache = new Map()\n    this.#graph = graph\n    this.#specOptions = specOptions\n    this.#securityArchive = securityArchive\n  }\n\n  /**\n   * Search the graph for nodes and edges that match the given query.\n   */\n  async search(\n    query: string,\n    signal?: AbortSignal,\n  ): Promise<QueryResponse> {\n    if (typeof query !== 'string') {\n      throw new TypeError(\n        'Query search argument needs to be a string',\n      )\n    }\n\n    if (!query) return { edges: [], nodes: [] }\n\n    const cachedResult = this.#cache.get(query)\n    if (cachedResult) {\n      return cachedResult\n    }\n\n    const nodes = new Set<NodeLike>(\n      Array.from(this.#graph.nodes.values()),\n    )\n    const edges = new Set<EdgeLike>(Array.from(this.#graph.edges))\n\n    // builds initial state and walks over it,\n    // retrieving the collected result\n    const { collect } = await walk({\n      cancellable: async () => {\n        await new Promise(resolve => {\n          setTimeout(resolve, 0)\n        })\n        signal?.throwIfAborted()\n      },\n      current: postcssSelectorParser().astSync(query),\n      initial: {\n        nodes: new Set(nodes),\n        edges: new Set(edges),\n      },\n      collect: {\n        nodes: new Set<NodeLike>(),\n        edges: new Set<EdgeLike>(),\n      },\n      partial: { nodes, edges },\n      signal,\n      securityArchive: this.#securityArchive,\n      specOptions: this.#specOptions,\n      walk,\n    })\n\n    const res: QueryResponse = {\n      edges: Array.from(collect.edges),\n      nodes: Array.from(collect.nodes),\n    }\n    this.#cache.set(query, res)\n    return res\n  }\n}\n"]}

package/dist/esm/pseudo/cve.d.ts

@@ -0,0 +1,10 @@
+import type { ParserState, PostcssNode } from '../types.ts';
+export type CveInternals = {
+    cveId: string;
+};
+export declare const parseInternals: (nodes: PostcssNode[]) => CveInternals;
+/**
+ * Filters out any node that does not have a CVE alert with the specified CVE ID.
+ */
+export declare const cve: (state: ParserState) => Promise<ParserState>;
+//# sourceMappingURL=cve.d.ts.map

package/dist/esm/pseudo/cve.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"cve.d.ts","sourceRoot":"","sources":["../../../src/pseudo/cve.ts"],"names":[],"mappings":"AAQA,OAAO,KAAK,EAAE,WAAW,EAAE,WAAW,EAAE,MAAM,aAAa,CAAA;AAO3D,MAAM,MAAM,YAAY,GAAG;IACzB,KAAK,EAAE,MAAM,CAAA;CACd,CAAA;AAED,eAAO,MAAM,cAAc,UAClB,WAAW,EAAE,KACnB,YAuBF,CAAA;AAED;;GAEG;AACH,eAAO,MAAM,GAAG,UAAiB,WAAW,yBAiC3C,CAAA"}

package/dist/esm/pseudo/cve.js

@@ -0,0 +1,47 @@
+import { error } from '@vltpkg/error-cause';
+import { asPostcssNodeWithChildren, asStringNode, asTagNode, isStringNode, isTagNode, } from "../types.js";
+import { removeDanglingEdges, removeNode, removeQuotes, } from "./helpers.js";
+export const parseInternals = (nodes) => {
+    let cveId = '';
+    if (isStringNode(asPostcssNodeWithChildren(nodes[0]).nodes[0])) {
+        cveId = removeQuotes(asStringNode(asPostcssNodeWithChildren(nodes[0]).nodes[0])
+            .value);
+    }
+    else if (isTagNode(asPostcssNodeWithChildren(nodes[0]).nodes[0])) {
+        cveId = asTagNode(asPostcssNodeWithChildren(nodes[0]).nodes[0]).value;
+    }
+    if (!cveId) {
+        throw error('Expected a CVE ID', {
+            found: asPostcssNodeWithChildren(nodes[0]).nodes[0],
+        });
+    }
+    return { cveId };
+};
+/**
+ * Filters out any node that does not have a CVE alert with the specified CVE ID.
+ */
+export const cve = async (state) => {
+    if (!state.securityArchive) {
+        throw new Error('Missing security archive while trying to parse ' +
+            'the :cve security selector');
+    }
+    let internals;
+    try {
+        internals = parseInternals(asPostcssNodeWithChildren(state.current).nodes);
+    }
+    catch (err) {
+        throw error('Failed to parse :cve selector', { cause: err });
+    }
+    const { cveId } = internals;
+    for (const node of state.partial.nodes) {
+        const report = state.securityArchive.get(node.id);
+        const exclude = !report?.alerts.some(alert => alert.props.cveId.trim().toLowerCase() ===
+            cveId.trim().toLowerCase());
+        if (exclude) {
+            removeNode(state, node);
+        }
+    }
+    removeDanglingEdges(state);
+    return state;
+};
+//# sourceMappingURL=cve.js.map

package/dist/esm/pseudo/cve.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"cve.js","sourceRoot":"","sources":["../../../src/pseudo/cve.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,EAAE,MAAM,qBAAqB,CAAA;AAC3C,OAAO,EACL,yBAAyB,EACzB,YAAY,EACZ,SAAS,EACT,YAAY,EACZ,SAAS,GACV,MAAM,aAAa,CAAA;AAEpB,OAAO,EACL,mBAAmB,EACnB,UAAU,EACV,YAAY,GACb,MAAM,cAAc,CAAA;AAMrB,MAAM,CAAC,MAAM,cAAc,GAAG,CAC5B,KAAoB,EACN,EAAE;IAChB,IAAI,KAAK,GAAG,EAAE,CAAA;IAEd,IAAI,YAAY,CAAC,yBAAyB,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;QAC/D,KAAK,GAAG,YAAY,CAClB,YAAY,CAAC,yBAAyB,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;aACvD,KAAK,CACT,CAAA;IACH,CAAC;SAAM,IACL,SAAS,CAAC,yBAAyB,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,EACvD,CAAC;QACD,KAAK,GAAG,SAAS,CACf,yBAAyB,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAC7C,CAAC,KAAK,CAAA;IACT,CAAC;IAED,IAAI,CAAC,KAAK,EAAE,CAAC;QACX,MAAM,KAAK,CAAC,mBAAmB,EAAE;YAC/B,KAAK,EAAE,yBAAyB,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC;SACpD,CAAC,CAAA;IACJ,CAAC;IAED,OAAO,EAAE,KAAK,EAAE,CAAA;AAClB,CAAC,CAAA;AAED;;GAEG;AACH,MAAM,CAAC,MAAM,GAAG,GAAG,KAAK,EAAE,KAAkB,EAAE,EAAE;IAC9C,IAAI,CAAC,KAAK,CAAC,eAAe,EAAE,CAAC;QAC3B,MAAM,IAAI,KAAK,CACb,iDAAiD;YAC/C,4BAA4B,CAC/B,CAAA;IACH,CAAC;IAED,IAAI,SAAS,CAAA;IACb,IAAI,CAAC;QACH,SAAS,GAAG,cAAc,CACxB,yBAAyB,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,KAAK,CAC/C,CAAA;IACH,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,KAAK,CAAC,+BAA+B,EAAE,EAAE,KAAK,EAAE,GAAG,EAAE,CAAC,CAAA;IAC9D,CAAC;IAED,MAAM,EAAE,KAAK,EAAE,GAAG,SAAS,CAAA;IAC3B,KAAK,MAAM,IAAI,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;QACvC,MAAM,MAAM,GAAG,KAAK,CAAC,eAAe,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,CAAA;QACjD,MAAM,OAAO,GAAG,CAAC,MAAM,EAAE,MAAM,CAAC,IAAI,CAClC,KAAK,CAAC,EAAE,CACN,KAAK,CAAC,KAAK,CAAC,KAAK,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE;YACtC,KAAK,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAC7B,CAAA;QACD,IAAI,OAAO,EAAE,CAAC;YACZ,UAAU,CAAC,KAAK,EAAE,IAAI,CAAC,CAAA;QACzB,CAAC;IACH,CAAC;IAED,mBAAmB,CAAC,KAAK,CAAC,CAAA;IAE1B,OAAO,KAAK,CAAA;AACd,CAAC,CAAA","sourcesContent":["import { error } from '@vltpkg/error-cause'\nimport {\n  asPostcssNodeWithChildren,\n  asStringNode,\n  asTagNode,\n  isStringNode,\n  isTagNode,\n} from '../types.ts'\nimport type { ParserState, PostcssNode } from '../types.ts'\nimport {\n  removeDanglingEdges,\n  removeNode,\n  removeQuotes,\n} from './helpers.ts'\n\nexport type CveInternals = {\n  cveId: string\n}\n\nexport const parseInternals = (\n  nodes: PostcssNode[],\n): CveInternals => {\n  let cveId = ''\n\n  if (isStringNode(asPostcssNodeWithChildren(nodes[0]).nodes[0])) {\n    cveId = removeQuotes(\n      asStringNode(asPostcssNodeWithChildren(nodes[0]).nodes[0])\n        .value,\n    )\n  } else if (\n    isTagNode(asPostcssNodeWithChildren(nodes[0]).nodes[0])\n  ) {\n    cveId = asTagNode(\n      asPostcssNodeWithChildren(nodes[0]).nodes[0],\n    ).value\n  }\n\n  if (!cveId) {\n    throw error('Expected a CVE ID', {\n      found: asPostcssNodeWithChildren(nodes[0]).nodes[0],\n    })\n  }\n\n  return { cveId }\n}\n\n/**\n * Filters out any node that does not have a CVE alert with the specified CVE ID.\n */\nexport const cve = async (state: ParserState) => {\n  if (!state.securityArchive) {\n    throw new Error(\n      'Missing security archive while trying to parse ' +\n        'the :cve security selector',\n    )\n  }\n\n  let internals\n  try {\n    internals = parseInternals(\n      asPostcssNodeWithChildren(state.current).nodes,\n    )\n  } catch (err) {\n    throw error('Failed to parse :cve selector', { cause: err })\n  }\n\n  const { cveId } = internals\n  for (const node of state.partial.nodes) {\n    const report = state.securityArchive.get(node.id)\n    const exclude = !report?.alerts.some(\n      alert =>\n        alert.props.cveId.trim().toLowerCase() ===\n        cveId.trim().toLowerCase(),\n    )\n    if (exclude) {\n      removeNode(state, node)\n    }\n  }\n\n  removeDanglingEdges(state)\n\n  return state\n}\n"]}

package/dist/esm/pseudo/cwe.d.ts

@@ -0,0 +1,10 @@
+import type { ParserState, PostcssNode } from '../types.ts';
+export type CweInternals = {
+    cweId: string;
+};
+export declare const parseInternals: (nodes: PostcssNode[]) => CweInternals;
+/**
+ * Filters out any node that does not have a CWE alert with the specified CWE ID.
+ */
+export declare const cwe: (state: ParserState) => Promise<ParserState>;
+//# sourceMappingURL=cwe.d.ts.map

package/dist/esm/pseudo/cwe.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"cwe.d.ts","sourceRoot":"","sources":["../../../src/pseudo/cwe.ts"],"names":[],"mappings":"AAQA,OAAO,KAAK,EAAE,WAAW,EAAE,WAAW,EAAE,MAAM,aAAa,CAAA;AAO3D,MAAM,MAAM,YAAY,GAAG;IACzB,KAAK,EAAE,MAAM,CAAA;CACd,CAAA;AAED,eAAO,MAAM,cAAc,UAClB,WAAW,EAAE,KACnB,YAuBF,CAAA;AAED;;GAEG;AACH,eAAO,MAAM,GAAG,UAAiB,WAAW,yBAkC3C,CAAA"}

package/dist/esm/pseudo/cwe.js

@@ -0,0 +1,46 @@
+import { error } from '@vltpkg/error-cause';
+import { asPostcssNodeWithChildren, asStringNode, asTagNode, isStringNode, isTagNode, } from "../types.js";
+import { removeDanglingEdges, removeNode, removeQuotes, } from "./helpers.js";
+export const parseInternals = (nodes) => {
+    let cweId = '';
+    if (isStringNode(asPostcssNodeWithChildren(nodes[0]).nodes[0])) {
+        cweId = removeQuotes(asStringNode(asPostcssNodeWithChildren(nodes[0]).nodes[0])
+            .value);
+    }
+    else if (isTagNode(asPostcssNodeWithChildren(nodes[0]).nodes[0])) {
+        cweId = asTagNode(asPostcssNodeWithChildren(nodes[0]).nodes[0]).value;
+    }
+    if (!cweId) {
+        throw error('Expected a CWE ID', {
+            found: asPostcssNodeWithChildren(nodes[0]).nodes[0],
+        });
+    }
+    return { cweId };
+};
+/**
+ * Filters out any node that does not have a CWE alert with the specified CWE ID.
+ */
+export const cwe = async (state) => {
+    if (!state.securityArchive) {
+        throw new Error('Missing security archive while trying to parse ' +
+            'the :cwe security selector');
+    }
+    let internals;
+    try {
+        internals = parseInternals(asPostcssNodeWithChildren(state.current).nodes);
+    }
+    catch (err) {
+        throw error('Failed to parse :cwe selector', { cause: err });
+    }
+    const { cweId } = internals;
+    for (const node of state.partial.nodes) {
+        const report = state.securityArchive.get(node.id);
+        const exclude = !report?.alerts.some(alert => alert.props.cwes.some(cwe => cwe.id.trim().toLowerCase() === cweId.trim().toLowerCase()));
+        if (exclude) {
+            removeNode(state, node);
+        }
+    }
+    removeDanglingEdges(state);
+    return state;
+};
+//# sourceMappingURL=cwe.js.map

package/dist/esm/pseudo/cwe.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"cwe.js","sourceRoot":"","sources":["../../../src/pseudo/cwe.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,EAAE,MAAM,qBAAqB,CAAA;AAC3C,OAAO,EACL,yBAAyB,EACzB,YAAY,EACZ,SAAS,EACT,YAAY,EACZ,SAAS,GACV,MAAM,aAAa,CAAA;AAEpB,OAAO,EACL,mBAAmB,EACnB,UAAU,EACV,YAAY,GACb,MAAM,cAAc,CAAA;AAMrB,MAAM,CAAC,MAAM,cAAc,GAAG,CAC5B,KAAoB,EACN,EAAE;IAChB,IAAI,KAAK,GAAG,EAAE,CAAA;IAEd,IAAI,YAAY,CAAC,yBAAyB,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;QAC/D,KAAK,GAAG,YAAY,CAClB,YAAY,CAAC,yBAAyB,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;aACvD,KAAK,CACT,CAAA;IACH,CAAC;SAAM,IACL,SAAS,CAAC,yBAAyB,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,EACvD,CAAC;QACD,KAAK,GAAG,SAAS,CACf,yBAAyB,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAC7C,CAAC,KAAK,CAAA;IACT,CAAC;IAED,IAAI,CAAC,KAAK,EAAE,CAAC;QACX,MAAM,KAAK,CAAC,mBAAmB,EAAE;YAC/B,KAAK,EAAE,yBAAyB,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC;SACpD,CAAC,CAAA;IACJ,CAAC;IAED,OAAO,EAAE,KAAK,EAAE,CAAA;AAClB,CAAC,CAAA;AAED;;GAEG;AACH,MAAM,CAAC,MAAM,GAAG,GAAG,KAAK,EAAE,KAAkB,EAAE,EAAE;IAC9C,IAAI,CAAC,KAAK,CAAC,eAAe,EAAE,CAAC;QAC3B,MAAM,IAAI,KAAK,CACb,iDAAiD;YAC/C,4BAA4B,CAC/B,CAAA;IACH,CAAC;IAED,IAAI,SAAS,CAAA;IACb,IAAI,CAAC;QACH,SAAS,GAAG,cAAc,CACxB,yBAAyB,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,KAAK,CAC/C,CAAA;IACH,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,KAAK,CAAC,+BAA+B,EAAE,EAAE,KAAK,EAAE,GAAG,EAAE,CAAC,CAAA;IAC9D,CAAC;IAED,MAAM,EAAE,KAAK,EAAE,GAAG,SAAS,CAAA;IAC3B,KAAK,MAAM,IAAI,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;QACvC,MAAM,MAAM,GAAG,KAAK,CAAC,eAAe,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,CAAA;QACjD,MAAM,OAAO,GAAG,CAAC,MAAM,EAAE,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAC3C,KAAK,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,CACnB,GAAG,CAAC,EAAE,CACJ,GAAG,CAAC,EAAE,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,KAAK,KAAK,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAC7D,CACF,CAAA;QACD,IAAI,OAAO,EAAE,CAAC;YACZ,UAAU,CAAC,KAAK,EAAE,IAAI,CAAC,CAAA;QACzB,CAAC;IACH,CAAC;IAED,mBAAmB,CAAC,KAAK,CAAC,CAAA;IAE1B,OAAO,KAAK,CAAA;AACd,CAAC,CAAA","sourcesContent":["import { error } from '@vltpkg/error-cause'\nimport {\n  asPostcssNodeWithChildren,\n  asStringNode,\n  asTagNode,\n  isStringNode,\n  isTagNode,\n} from '../types.ts'\nimport type { ParserState, PostcssNode } from '../types.ts'\nimport {\n  removeDanglingEdges,\n  removeNode,\n  removeQuotes,\n} from './helpers.ts'\n\nexport type CweInternals = {\n  cweId: string\n}\n\nexport const parseInternals = (\n  nodes: PostcssNode[],\n): CweInternals => {\n  let cweId = ''\n\n  if (isStringNode(asPostcssNodeWithChildren(nodes[0]).nodes[0])) {\n    cweId = removeQuotes(\n      asStringNode(asPostcssNodeWithChildren(nodes[0]).nodes[0])\n        .value,\n    )\n  } else if (\n    isTagNode(asPostcssNodeWithChildren(nodes[0]).nodes[0])\n  ) {\n    cweId = asTagNode(\n      asPostcssNodeWithChildren(nodes[0]).nodes[0],\n    ).value\n  }\n\n  if (!cweId) {\n    throw error('Expected a CWE ID', {\n      found: asPostcssNodeWithChildren(nodes[0]).nodes[0],\n    })\n  }\n\n  return { cweId }\n}\n\n/**\n * Filters out any node that does not have a CWE alert with the specified CWE ID.\n */\nexport const cwe = async (state: ParserState) => {\n  if (!state.securityArchive) {\n    throw new Error(\n      'Missing security archive while trying to parse ' +\n        'the :cwe security selector',\n    )\n  }\n\n  let internals\n  try {\n    internals = parseInternals(\n      asPostcssNodeWithChildren(state.current).nodes,\n    )\n  } catch (err) {\n    throw error('Failed to parse :cwe selector', { cause: err })\n  }\n\n  const { cweId } = internals\n  for (const node of state.partial.nodes) {\n    const report = state.securityArchive.get(node.id)\n    const exclude = !report?.alerts.some(alert =>\n      alert.props.cwes.some(\n        cwe =>\n          cwe.id.trim().toLowerCase() === cweId.trim().toLowerCase(),\n      ),\n    )\n    if (exclude) {\n      removeNode(state, node)\n    }\n  }\n\n  removeDanglingEdges(state)\n\n  return state\n}\n"]}

package/dist/esm/pseudo/license.d.ts

@@ -0,0 +1,10 @@
+import type { ParserState, PostcssNode } from '../types.ts';
+export type LicenseKinds = 'unlicensed' | 'misc' | 'restricted' | 'ambiguous' | 'copyleft' | 'unknown' | 'none' | 'exception' | undefined;
+export type LicenseAlertTypes = 'explicitlyUnlicensedItem' | 'miscLicenseIssues' | 'nonpermissiveLicense' | 'ambiguousClassifier' | 'copyleftLicense' | 'unidentifiedLicense' | 'noLicenseFound' | 'licenseException' | undefined;
+export declare const isLicenseKind: (value?: string) => value is LicenseKinds;
+export declare const asLicenseKind: (value?: string) => LicenseKinds;
+export declare const parseInternals: (nodes: PostcssNode[]) => {
+    kind: LicenseKinds;
+};
+export declare const license: (state: ParserState) => Promise<ParserState>;
+//# sourceMappingURL=license.d.ts.map

package/dist/esm/pseudo/license.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"license.d.ts","sourceRoot":"","sources":["../../../src/pseudo/license.ts"],"names":[],"mappings":"AAQA,OAAO,KAAK,EAAE,WAAW,EAAE,WAAW,EAAE,MAAM,aAAa,CAAA;AAO3D,MAAM,MAAM,YAAY,GACpB,YAAY,GACZ,MAAM,GACN,YAAY,GACZ,WAAW,GACX,UAAU,GACV,SAAS,GACT,MAAM,GACN,WAAW,GACX,SAAS,CAAA;AAEb,MAAM,MAAM,iBAAiB,GACzB,0BAA0B,GAC1B,mBAAmB,GACnB,sBAAsB,GACtB,qBAAqB,GACrB,iBAAiB,GACjB,qBAAqB,GACrB,gBAAgB,GAChB,kBAAkB,GAClB,SAAS,CAAA;AAeb,eAAO,MAAM,aAAa,WAChB,MAAM,KACb,KAAK,IAAI,YAAgD,CAAA;AAE5D,eAAO,MAAM,aAAa,WAAY,MAAM,KAAG,YAQ9C,CAAA;AAED,eAAO,MAAM,cAAc,UAClB,WAAW,EAAE,KACnB;IAAE,IAAI,EAAE,YAAY,CAAA;CAmBtB,CAAA;AAED,eAAO,MAAM,OAAO,UAAiB,WAAW,yBAgC/C,CAAA"}

package/dist/esm/pseudo/license.js

@@ -0,0 +1,61 @@
+import { error } from '@vltpkg/error-cause';
+import { asPostcssNodeWithChildren, asStringNode, asTagNode, isStringNode, isTagNode, } from "../types.js";
+import { removeDanglingEdges, removeNode, removeQuotes, } from "./helpers.js";
+const kindsMap = new Map([
+    ['unlicensed', 'explicitlyUnlicensedItem'],
+    ['misc', 'miscLicenseIssues'],
+    ['restricted', 'nonpermissiveLicense'],
+    ['ambiguous', 'ambiguousClassifier'],
+    ['copyleft', 'copyleftLicense'],
+    ['unknown', 'unidentifiedLicense'],
+    ['none', 'noLicenseFound'],
+    ['exception', 'licenseException'],
+    [undefined, undefined],
+]);
+const kinds = new Set(kindsMap.keys());
+export const isLicenseKind = (value) => kinds.has(value);
+export const asLicenseKind = (value) => {
+    if (!isLicenseKind(value)) {
+        throw error('Expected a valid license kind', {
+            found: value,
+            validOptions: Array.from(kinds),
+        });
+    }
+    return value;
+};
+export const parseInternals = (nodes) => {
+    let kind;
+    if (isStringNode(asPostcssNodeWithChildren(nodes[0]).nodes[0])) {
+        kind = asLicenseKind(removeQuotes(asStringNode(asPostcssNodeWithChildren(nodes[0]).nodes[0])
+            .value));
+    }
+    else if (isTagNode(asPostcssNodeWithChildren(nodes[0]).nodes[0])) {
+        kind = asLicenseKind(asTagNode(asPostcssNodeWithChildren(nodes[0]).nodes[0]).value);
+    }
+    return { kind };
+};
+export const license = async (state) => {
+    if (!state.securityArchive) {
+        throw new Error('Missing security archive while trying to parse ' +
+            'the :license security selector');
+    }
+    let internals;
+    try {
+        internals = parseInternals(asPostcssNodeWithChildren(state.current).nodes);
+    }
+    catch (err) {
+        throw error('Failed to parse :license selector', { cause: err });
+    }
+    const { kind } = internals;
+    const alertName = kindsMap.get(kind);
+    for (const node of state.partial.nodes) {
+        const report = state.securityArchive.get(node.id);
+        const exclude = !report?.alerts.some(alert => alert.type === alertName);
+        if (exclude) {
+            removeNode(state, node);
+        }
+    }
+    removeDanglingEdges(state);
+    return state;
+};
+//# sourceMappingURL=license.js.map

package/dist/esm/pseudo/license.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"license.js","sourceRoot":"","sources":["../../../src/pseudo/license.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,EAAE,MAAM,qBAAqB,CAAA;AAC3C,OAAO,EACL,yBAAyB,EACzB,YAAY,EACZ,SAAS,EACT,YAAY,EACZ,SAAS,GACV,MAAM,aAAa,CAAA;AAEpB,OAAO,EACL,mBAAmB,EACnB,UAAU,EACV,YAAY,GACb,MAAM,cAAc,CAAA;AAwBrB,MAAM,QAAQ,GAAG,IAAI,GAAG,CAAkC;IACxD,CAAC,YAAY,EAAE,0BAA0B,CAAC;IAC1C,CAAC,MAAM,EAAE,mBAAmB,CAAC;IAC7B,CAAC,YAAY,EAAE,sBAAsB,CAAC;IACtC,CAAC,WAAW,EAAE,qBAAqB,CAAC;IACpC,CAAC,UAAU,EAAE,iBAAiB,CAAC;IAC/B,CAAC,SAAS,EAAE,qBAAqB,CAAC;IAClC,CAAC,MAAM,EAAE,gBAAgB,CAAC;IAC1B,CAAC,WAAW,EAAE,kBAAkB,CAAC;IACjC,CAAC,SAAS,EAAE,SAAS,CAAC;CACvB,CAAC,CAAA;AACF,MAAM,KAAK,GAAG,IAAI,GAAG,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAC,CAAA;AAEtC,MAAM,CAAC,MAAM,aAAa,GAAG,CAC3B,KAAc,EACS,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,KAAqB,CAAC,CAAA;AAE5D,MAAM,CAAC,MAAM,aAAa,GAAG,CAAC,KAAc,EAAgB,EAAE;IAC5D,IAAI,CAAC,aAAa,CAAC,KAAK,CAAC,EAAE,CAAC;QAC1B,MAAM,KAAK,CAAC,+BAA+B,EAAE;YAC3C,KAAK,EAAE,KAAK;YACZ,YAAY,EAAE,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC;SAChC,CAAC,CAAA;IACJ,CAAC;IACD,OAAO,KAAK,CAAA;AACd,CAAC,CAAA;AAED,MAAM,CAAC,MAAM,cAAc,GAAG,CAC5B,KAAoB,EACI,EAAE;IAC1B,IAAI,IAAkB,CAAA;IAEtB,IAAI,YAAY,CAAC,yBAAyB,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;QAC/D,IAAI,GAAG,aAAa,CAClB,YAAY,CACV,YAAY,CAAC,yBAAyB,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;aACvD,KAAK,CACT,CACF,CAAA;IACH,CAAC;SAAM,IACL,SAAS,CAAC,yBAAyB,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,EACvD,CAAC;QACD,IAAI,GAAG,aAAa,CAClB,SAAS,CAAC,yBAAyB,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAC9D,CAAA;IACH,CAAC;IAED,OAAO,EAAE,IAAI,EAAE,CAAA;AACjB,CAAC,CAAA;AAED,MAAM,CAAC,MAAM,OAAO,GAAG,KAAK,EAAE,KAAkB,EAAE,EAAE;IAClD,IAAI,CAAC,KAAK,CAAC,eAAe,EAAE,CAAC;QAC3B,MAAM,IAAI,KAAK,CACb,iDAAiD;YAC/C,gCAAgC,CACnC,CAAA;IACH,CAAC;IAED,IAAI,SAAS,CAAA;IACb,IAAI,CAAC;QACH,SAAS,GAAG,cAAc,CACxB,yBAAyB,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,KAAK,CAC/C,CAAA;IACH,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,KAAK,CAAC,mCAAmC,EAAE,EAAE,KAAK,EAAE,GAAG,EAAE,CAAC,CAAA;IAClE,CAAC;IAED,MAAM,EAAE,IAAI,EAAE,GAAG,SAAS,CAAA;IAC1B,MAAM,SAAS,GAAG,QAAQ,CAAC,GAAG,CAAC,IAAI,CAAC,CAAA;IACpC,KAAK,MAAM,IAAI,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;QACvC,MAAM,MAAM,GAAG,KAAK,CAAC,eAAe,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,CAAA;QACjD,MAAM,OAAO,GAAG,CAAC,MAAM,EAAE,MAAM,CAAC,IAAI,CAClC,KAAK,CAAC,EAAE,CAAC,KAAK,CAAC,IAAI,KAAK,SAAS,CAClC,CAAA;QACD,IAAI,OAAO,EAAE,CAAC;YACZ,UAAU,CAAC,KAAK,EAAE,IAAI,CAAC,CAAA;QACzB,CAAC;IACH,CAAC;IAED,mBAAmB,CAAC,KAAK,CAAC,CAAA;IAE1B,OAAO,KAAK,CAAA;AACd,CAAC,CAAA","sourcesContent":["import { error } from '@vltpkg/error-cause'\nimport {\n  asPostcssNodeWithChildren,\n  asStringNode,\n  asTagNode,\n  isStringNode,\n  isTagNode,\n} from '../types.ts'\nimport type { ParserState, PostcssNode } from '../types.ts'\nimport {\n  removeDanglingEdges,\n  removeNode,\n  removeQuotes,\n} from './helpers.ts'\n\nexport type LicenseKinds =\n  | 'unlicensed'\n  | 'misc'\n  | 'restricted'\n  | 'ambiguous'\n  | 'copyleft'\n  | 'unknown'\n  | 'none'\n  | 'exception'\n  | undefined\n\nexport type LicenseAlertTypes =\n  | 'explicitlyUnlicensedItem'\n  | 'miscLicenseIssues'\n  | 'nonpermissiveLicense'\n  | 'ambiguousClassifier'\n  | 'copyleftLicense'\n  | 'unidentifiedLicense'\n  | 'noLicenseFound'\n  | 'licenseException'\n  | undefined\n\nconst kindsMap = new Map<LicenseKinds, LicenseAlertTypes>([\n  ['unlicensed', 'explicitlyUnlicensedItem'],\n  ['misc', 'miscLicenseIssues'],\n  ['restricted', 'nonpermissiveLicense'],\n  ['ambiguous', 'ambiguousClassifier'],\n  ['copyleft', 'copyleftLicense'],\n  ['unknown', 'unidentifiedLicense'],\n  ['none', 'noLicenseFound'],\n  ['exception', 'licenseException'],\n  [undefined, undefined],\n])\nconst kinds = new Set(kindsMap.keys())\n\nexport const isLicenseKind = (\n  value?: string,\n): value is LicenseKinds => kinds.has(value as LicenseKinds)\n\nexport const asLicenseKind = (value?: string): LicenseKinds => {\n  if (!isLicenseKind(value)) {\n    throw error('Expected a valid license kind', {\n      found: value,\n      validOptions: Array.from(kinds),\n    })\n  }\n  return value\n}\n\nexport const parseInternals = (\n  nodes: PostcssNode[],\n): { kind: LicenseKinds } => {\n  let kind: LicenseKinds\n\n  if (isStringNode(asPostcssNodeWithChildren(nodes[0]).nodes[0])) {\n    kind = asLicenseKind(\n      removeQuotes(\n        asStringNode(asPostcssNodeWithChildren(nodes[0]).nodes[0])\n          .value,\n      ),\n    )\n  } else if (\n    isTagNode(asPostcssNodeWithChildren(nodes[0]).nodes[0])\n  ) {\n    kind = asLicenseKind(\n      asTagNode(asPostcssNodeWithChildren(nodes[0]).nodes[0]).value,\n    )\n  }\n\n  return { kind }\n}\n\nexport const license = async (state: ParserState) => {\n  if (!state.securityArchive) {\n    throw new Error(\n      'Missing security archive while trying to parse ' +\n        'the :license security selector',\n    )\n  }\n\n  let internals\n  try {\n    internals = parseInternals(\n      asPostcssNodeWithChildren(state.current).nodes,\n    )\n  } catch (err) {\n    throw error('Failed to parse :license selector', { cause: err })\n  }\n\n  const { kind } = internals\n  const alertName = kindsMap.get(kind)\n  for (const node of state.partial.nodes) {\n    const report = state.securityArchive.get(node.id)\n    const exclude = !report?.alerts.some(\n      alert => alert.type === alertName,\n    )\n    if (exclude) {\n      removeNode(state, node)\n    }\n  }\n\n  removeDanglingEdges(state)\n\n  return state\n}\n"]}

package/dist/esm/pseudo/malware.d.ts

@@ -0,0 +1,10 @@
+import type { ParserState, PostcssNode } from '../types.ts';
+export type MalwareKinds = '0' | '1' | '2' | '3' | 'critical' | 'high' | 'medium' | 'low' | undefined;
+export type MalwareAlertTypes = 'malware' | 'gptMalware' | 'gptSecurity' | 'gptAnomaly' | undefined;
+export declare const isMalwareKind: (value?: string) => value is MalwareKinds;
+export declare const asMalwareKind: (value?: string) => MalwareKinds;
+export declare const parseInternals: (nodes: PostcssNode[]) => {
+    kind: MalwareKinds;
+};
+export declare const malware: (state: ParserState) => Promise<ParserState>;
+//# sourceMappingURL=malware.d.ts.map

package/dist/esm/pseudo/malware.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"malware.d.ts","sourceRoot":"","sources":["../../../src/pseudo/malware.ts"],"names":[],"mappings":"AAQA,OAAO,KAAK,EAAE,WAAW,EAAE,WAAW,EAAE,MAAM,aAAa,CAAA;AAO3D,MAAM,MAAM,YAAY,GACpB,GAAG,GACH,GAAG,GACH,GAAG,GACH,GAAG,GACH,UAAU,GACV,MAAM,GACN,QAAQ,GACR,KAAK,GACL,SAAS,CAAA;AAEb,MAAM,MAAM,iBAAiB,GACzB,SAAS,GACT,YAAY,GACZ,aAAa,GACb,YAAY,GACZ,SAAS,CAAA;AAcb,eAAO,MAAM,aAAa,WAChB,MAAM,KACb,KAAK,IAAI,YAAgD,CAAA;AAE5D,eAAO,MAAM,aAAa,WAAY,MAAM,KAAG,YAQ9C,CAAA;AAED,eAAO,MAAM,cAAc,UAClB,WAAW,EAAE,KACnB;IAAE,IAAI,EAAE,YAAY,CAAA;CAmBtB,CAAA;AAED,eAAO,MAAM,OAAO,UAAiB,WAAW,yBAgC/C,CAAA"}

package/dist/esm/pseudo/malware.js

@@ -0,0 +1,60 @@
+import { error } from '@vltpkg/error-cause';
+import { asPostcssNodeWithChildren, asStringNode, asTagNode, isStringNode, isTagNode, } from "../types.js";
+import { removeDanglingEdges, removeNode, removeQuotes, } from "./helpers.js";
+const kindsMap = new Map([
+    ['critical', 'malware'],
+    ['high', 'gptMalware'],
+    ['medium', 'gptSecurity'],
+    ['low', 'gptAnomaly'],
+    ['0', 'malware'],
+    ['1', 'gptMalware'],
+    ['2', 'gptSecurity'],
+    ['3', 'gptAnomaly'],
+]);
+const kinds = new Set(kindsMap.keys());
+export const isMalwareKind = (value) => kinds.has(value);
+export const asMalwareKind = (value) => {
+    if (!isMalwareKind(value)) {
+        throw error('Expected a valid malware kind', {
+            found: value,
+            validOptions: Array.from(kinds),
+        });
+    }
+    return value;
+};
+export const parseInternals = (nodes) => {
+    let kind;
+    if (isStringNode(asPostcssNodeWithChildren(nodes[0]).nodes[0])) {
+        kind = asMalwareKind(removeQuotes(asStringNode(asPostcssNodeWithChildren(nodes[0]).nodes[0])
+            .value));
+    }
+    else if (isTagNode(asPostcssNodeWithChildren(nodes[0]).nodes[0])) {
+        kind = asMalwareKind(asTagNode(asPostcssNodeWithChildren(nodes[0]).nodes[0]).value);
+    }
+    return { kind };
+};
+export const malware = async (state) => {
+    if (!state.securityArchive) {
+        throw new Error('Missing security archive while trying to parse ' +
+            'the :malware security selector');
+    }
+    let internals;
+    try {
+        internals = parseInternals(asPostcssNodeWithChildren(state.current).nodes);
+    }
+    catch (err) {
+        throw error('Failed to parse :malware selector', { cause: err });
+    }
+    const { kind } = internals;
+    const alertName = kindsMap.get(kind);
+    for (const node of state.partial.nodes) {
+        const report = state.securityArchive.get(node.id);
+        const exclude = !report?.alerts.some(alert => alert.type === alertName);
+        if (exclude) {
+            removeNode(state, node);
+        }
+    }
+    removeDanglingEdges(state);
+    return state;
+};
+//# sourceMappingURL=malware.js.map

package/dist/esm/pseudo/malware.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"malware.js","sourceRoot":"","sources":["../../../src/pseudo/malware.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,EAAE,MAAM,qBAAqB,CAAA;AAC3C,OAAO,EACL,yBAAyB,EACzB,YAAY,EACZ,SAAS,EACT,YAAY,EACZ,SAAS,GACV,MAAM,aAAa,CAAA;AAEpB,OAAO,EACL,mBAAmB,EACnB,UAAU,EACV,YAAY,GACb,MAAM,cAAc,CAAA;AAoBrB,MAAM,QAAQ,GAAG,IAAI,GAAG,CAAkC;IACxD,CAAC,UAAU,EAAE,SAAS,CAAC;IACvB,CAAC,MAAM,EAAE,YAAY,CAAC;IACtB,CAAC,QAAQ,EAAE,aAAa,CAAC;IACzB,CAAC,KAAK,EAAE,YAAY,CAAC;IACrB,CAAC,GAAG,EAAE,SAAS,CAAC;IAChB,CAAC,GAAG,EAAE,YAAY,CAAC;IACnB,CAAC,GAAG,EAAE,aAAa,CAAC;IACpB,CAAC,GAAG,EAAE,YAAY,CAAC;CACpB,CAAC,CAAA;AACF,MAAM,KAAK,GAAG,IAAI,GAAG,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAC,CAAA;AAEtC,MAAM,CAAC,MAAM,aAAa,GAAG,CAC3B,KAAc,EACS,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,KAAqB,CAAC,CAAA;AAE5D,MAAM,CAAC,MAAM,aAAa,GAAG,CAAC,KAAc,EAAgB,EAAE;IAC5D,IAAI,CAAC,aAAa,CAAC,KAAK,CAAC,EAAE,CAAC;QAC1B,MAAM,KAAK,CAAC,+BAA+B,EAAE;YAC3C,KAAK,EAAE,KAAK;YACZ,YAAY,EAAE,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC;SAChC,CAAC,CAAA;IACJ,CAAC;IACD,OAAO,KAAK,CAAA;AACd,CAAC,CAAA;AAED,MAAM,CAAC,MAAM,cAAc,GAAG,CAC5B,KAAoB,EACI,EAAE;IAC1B,IAAI,IAAkB,CAAA;IAEtB,IAAI,YAAY,CAAC,yBAAyB,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;QAC/D,IAAI,GAAG,aAAa,CAClB,YAAY,CACV,YAAY,CAAC,yBAAyB,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;aACvD,KAAK,CACT,CACF,CAAA;IACH,CAAC;SAAM,IACL,SAAS,CAAC,yBAAyB,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,EACvD,CAAC;QACD,IAAI,GAAG,aAAa,CAClB,SAAS,CAAC,yBAAyB,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAC9D,CAAA;IACH,CAAC;IAED,OAAO,EAAE,IAAI,EAAE,CAAA;AACjB,CAAC,CAAA;AAED,MAAM,CAAC,MAAM,OAAO,GAAG,KAAK,EAAE,KAAkB,EAAE,EAAE;IAClD,IAAI,CAAC,KAAK,CAAC,eAAe,EAAE,CAAC;QAC3B,MAAM,IAAI,KAAK,CACb,iDAAiD;YAC/C,gCAAgC,CACnC,CAAA;IACH,CAAC;IAED,IAAI,SAAS,CAAA;IACb,IAAI,CAAC;QACH,SAAS,GAAG,cAAc,CACxB,yBAAyB,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,KAAK,CAC/C,CAAA;IACH,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,KAAK,CAAC,mCAAmC,EAAE,EAAE,KAAK,EAAE,GAAG,EAAE,CAAC,CAAA;IAClE,CAAC;IAED,MAAM,EAAE,IAAI,EAAE,GAAG,SAAS,CAAA;IAC1B,MAAM,SAAS,GAAG,QAAQ,CAAC,GAAG,CAAC,IAAI,CAAC,CAAA;IACpC,KAAK,MAAM,IAAI,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;QACvC,MAAM,MAAM,GAAG,KAAK,CAAC,eAAe,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,CAAA;QACjD,MAAM,OAAO,GAAG,CAAC,MAAM,EAAE,MAAM,CAAC,IAAI,CAClC,KAAK,CAAC,EAAE,CAAC,KAAK,CAAC,IAAI,KAAK,SAAS,CAClC,CAAA;QACD,IAAI,OAAO,EAAE,CAAC;YACZ,UAAU,CAAC,KAAK,EAAE,IAAI,CAAC,CAAA;QACzB,CAAC;IACH,CAAC;IAED,mBAAmB,CAAC,KAAK,CAAC,CAAA;IAE1B,OAAO,KAAK,CAAA;AACd,CAAC,CAAA","sourcesContent":["import { error } from '@vltpkg/error-cause'\nimport {\n  asPostcssNodeWithChildren,\n  asStringNode,\n  asTagNode,\n  isStringNode,\n  isTagNode,\n} from '../types.ts'\nimport type { ParserState, PostcssNode } from '../types.ts'\nimport {\n  removeDanglingEdges,\n  removeNode,\n  removeQuotes,\n} from './helpers.ts'\n\nexport type MalwareKinds =\n  | '0'\n  | '1'\n  | '2'\n  | '3'\n  | 'critical'\n  | 'high'\n  | 'medium'\n  | 'low'\n  | undefined\n\nexport type MalwareAlertTypes =\n  | 'malware'\n  | 'gptMalware'\n  | 'gptSecurity'\n  | 'gptAnomaly'\n  | undefined\n\nconst kindsMap = new Map<MalwareKinds, MalwareAlertTypes>([\n  ['critical', 'malware'],\n  ['high', 'gptMalware'],\n  ['medium', 'gptSecurity'],\n  ['low', 'gptAnomaly'],\n  ['0', 'malware'],\n  ['1', 'gptMalware'],\n  ['2', 'gptSecurity'],\n  ['3', 'gptAnomaly'],\n])\nconst kinds = new Set(kindsMap.keys())\n\nexport const isMalwareKind = (\n  value?: string,\n): value is MalwareKinds => kinds.has(value as MalwareKinds)\n\nexport const asMalwareKind = (value?: string): MalwareKinds => {\n  if (!isMalwareKind(value)) {\n    throw error('Expected a valid malware kind', {\n      found: value,\n      validOptions: Array.from(kinds),\n    })\n  }\n  return value\n}\n\nexport const parseInternals = (\n  nodes: PostcssNode[],\n): { kind: MalwareKinds } => {\n  let kind: MalwareKinds\n\n  if (isStringNode(asPostcssNodeWithChildren(nodes[0]).nodes[0])) {\n    kind = asMalwareKind(\n      removeQuotes(\n        asStringNode(asPostcssNodeWithChildren(nodes[0]).nodes[0])\n          .value,\n      ),\n    )\n  } else if (\n    isTagNode(asPostcssNodeWithChildren(nodes[0]).nodes[0])\n  ) {\n    kind = asMalwareKind(\n      asTagNode(asPostcssNodeWithChildren(nodes[0]).nodes[0]).value,\n    )\n  }\n\n  return { kind }\n}\n\nexport const malware = async (state: ParserState) => {\n  if (!state.securityArchive) {\n    throw new Error(\n      'Missing security archive while trying to parse ' +\n        'the :malware security selector',\n    )\n  }\n\n  let internals\n  try {\n    internals = parseInternals(\n      asPostcssNodeWithChildren(state.current).nodes,\n    )\n  } catch (err) {\n    throw error('Failed to parse :malware selector', { cause: err })\n  }\n\n  const { kind } = internals\n  const alertName = kindsMap.get(kind)\n  for (const node of state.partial.nodes) {\n    const report = state.securityArchive.get(node.id)\n    const exclude = !report?.alerts.some(\n      alert => alert.type === alertName,\n    )\n    if (exclude) {\n      removeNode(state, node)\n    }\n  }\n\n  removeDanglingEdges(state)\n\n  return state\n}\n"]}

package/dist/esm/pseudo/severity.d.ts

@@ -0,0 +1,10 @@
+import type { ParserState, PostcssNode } from '../types.ts';
+export type SeverityKinds = '0' | '1' | '2' | '3' | 'critical' | 'high' | 'medium' | 'low' | undefined;
+export type SeverityAlertTypes = 'criticalCVE' | 'cve' | 'potentialVulnerability' | 'mildCVE' | undefined;
+export declare const isSeverityKind: (value?: string) => value is SeverityKinds;
+export declare const asSeverityKind: (value?: string) => SeverityKinds;
+export declare const parseInternals: (nodes: PostcssNode[]) => {
+    kind: SeverityKinds;
+};
+export declare const severity: (state: ParserState) => Promise<ParserState>;
+//# sourceMappingURL=severity.d.ts.map

package/dist/esm/pseudo/severity.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"severity.d.ts","sourceRoot":"","sources":["../../../src/pseudo/severity.ts"],"names":[],"mappings":"AAQA,OAAO,KAAK,EAAE,WAAW,EAAE,WAAW,EAAE,MAAM,aAAa,CAAA;AAO3D,MAAM,MAAM,aAAa,GACrB,GAAG,GACH,GAAG,GACH,GAAG,GACH,GAAG,GACH,UAAU,GACV,MAAM,GACN,QAAQ,GACR,KAAK,GACL,SAAS,CAAA;AAEb,MAAM,MAAM,kBAAkB,GAC1B,aAAa,GACb,KAAK,GACL,wBAAwB,GACxB,SAAS,GACT,SAAS,CAAA;AAcb,eAAO,MAAM,cAAc,WACjB,MAAM,KACb,KAAK,IAAI,aAAkD,CAAA;AAE9D,eAAO,MAAM,cAAc,WAAY,MAAM,KAAG,aAQ/C,CAAA;AAED,eAAO,MAAM,cAAc,UAClB,WAAW,EAAE,KACnB;IAAE,IAAI,EAAE,aAAa,CAAA;CAmBvB,CAAA;AAED,eAAO,MAAM,QAAQ,UAAiB,WAAW,yBAgChD,CAAA"}

package/dist/esm/pseudo/severity.js

@@ -0,0 +1,60 @@
+import { error } from '@vltpkg/error-cause';
+import { asPostcssNodeWithChildren, asStringNode, asTagNode, isStringNode, isTagNode, } from "../types.js";
+import { removeDanglingEdges, removeNode, removeQuotes, } from "./helpers.js";
+const kindsMap = new Map([
+    ['critical', 'criticalCVE'],
+    ['high', 'cve'],
+    ['medium', 'potentialVulnerability'],
+    ['low', 'mildCVE'],
+    ['0', 'criticalCVE'],
+    ['1', 'cve'],
+    ['2', 'potentialVulnerability'],
+    ['3', 'mildCVE'],
+]);
+const kinds = new Set(kindsMap.keys());
+export const isSeverityKind = (value) => kinds.has(value);
+export const asSeverityKind = (value) => {
+    if (!isSeverityKind(value)) {
+        throw error('Expected a valid severity kind', {
+            found: value,
+            validOptions: Array.from(kinds),
+        });
+    }
+    return value;
+};
+export const parseInternals = (nodes) => {
+    let kind;
+    if (isStringNode(asPostcssNodeWithChildren(nodes[0]).nodes[0])) {
+        kind = asSeverityKind(removeQuotes(asStringNode(asPostcssNodeWithChildren(nodes[0]).nodes[0])
+            .value));
+    }
+    else if (isTagNode(asPostcssNodeWithChildren(nodes[0]).nodes[0])) {
+        kind = asSeverityKind(asTagNode(asPostcssNodeWithChildren(nodes[0]).nodes[0]).value);
+    }
+    return { kind };
+};
+export const severity = async (state) => {
+    if (!state.securityArchive) {
+        throw new Error('Missing security archive while trying to parse ' +
+            'the :severity security selector');
+    }
+    let internals;
+    try {
+        internals = parseInternals(asPostcssNodeWithChildren(state.current).nodes);
+    }
+    catch (err) {
+        throw error('Failed to parse :severity selector', { cause: err });
+    }
+    const { kind } = internals;
+    const alertName = kindsMap.get(kind);
+    for (const node of state.partial.nodes) {
+        const report = state.securityArchive.get(node.id);
+        const exclude = !report?.alerts.some(alert => alert.type === alertName);
+        if (exclude) {
+            removeNode(state, node);
+        }
+    }
+    removeDanglingEdges(state);
+    return state;
+};
+//# sourceMappingURL=severity.js.map

package/dist/esm/pseudo/severity.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"severity.js","sourceRoot":"","sources":["../../../src/pseudo/severity.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,EAAE,MAAM,qBAAqB,CAAA;AAC3C,OAAO,EACL,yBAAyB,EACzB,YAAY,EACZ,SAAS,EACT,YAAY,EACZ,SAAS,GACV,MAAM,aAAa,CAAA;AAEpB,OAAO,EACL,mBAAmB,EACnB,UAAU,EACV,YAAY,GACb,MAAM,cAAc,CAAA;AAoBrB,MAAM,QAAQ,GAAG,IAAI,GAAG,CAAoC;IAC1D,CAAC,UAAU,EAAE,aAAa,CAAC;IAC3B,CAAC,MAAM,EAAE,KAAK,CAAC;IACf,CAAC,QAAQ,EAAE,wBAAwB,CAAC;IACpC,CAAC,KAAK,EAAE,SAAS,CAAC;IAClB,CAAC,GAAG,EAAE,aAAa,CAAC;IACpB,CAAC,GAAG,EAAE,KAAK,CAAC;IACZ,CAAC,GAAG,EAAE,wBAAwB,CAAC;IAC/B,CAAC,GAAG,EAAE,SAAS,CAAC;CACjB,CAAC,CAAA;AACF,MAAM,KAAK,GAAG,IAAI,GAAG,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAC,CAAA;AAEtC,MAAM,CAAC,MAAM,cAAc,GAAG,CAC5B,KAAc,EACU,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,KAAsB,CAAC,CAAA;AAE9D,MAAM,CAAC,MAAM,cAAc,GAAG,CAAC,KAAc,EAAiB,EAAE;IAC9D,IAAI,CAAC,cAAc,CAAC,KAAK,CAAC,EAAE,CAAC;QAC3B,MAAM,KAAK,CAAC,gCAAgC,EAAE;YAC5C,KAAK,EAAE,KAAK;YACZ,YAAY,EAAE,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC;SAChC,CAAC,CAAA;IACJ,CAAC;IACD,OAAO,KAAK,CAAA;AACd,CAAC,CAAA;AAED,MAAM,CAAC,MAAM,cAAc,GAAG,CAC5B,KAAoB,EACK,EAAE;IAC3B,IAAI,IAAmB,CAAA;IAEvB,IAAI,YAAY,CAAC,yBAAyB,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;QAC/D,IAAI,GAAG,cAAc,CACnB,YAAY,CACV,YAAY,CAAC,yBAAyB,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;aACvD,KAAK,CACT,CACF,CAAA;IACH,CAAC;SAAM,IACL,SAAS,CAAC,yBAAyB,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,EACvD,CAAC;QACD,IAAI,GAAG,cAAc,CACnB,SAAS,CAAC,yBAAyB,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAC9D,CAAA;IACH,CAAC;IAED,OAAO,EAAE,IAAI,EAAE,CAAA;AACjB,CAAC,CAAA;AAED,MAAM,CAAC,MAAM,QAAQ,GAAG,KAAK,EAAE,KAAkB,EAAE,EAAE;IACnD,IAAI,CAAC,KAAK,CAAC,eAAe,EAAE,CAAC;QAC3B,MAAM,IAAI,KAAK,CACb,iDAAiD;YAC/C,iCAAiC,CACpC,CAAA;IACH,CAAC;IAED,IAAI,SAAS,CAAA;IACb,IAAI,CAAC;QACH,SAAS,GAAG,cAAc,CACxB,yBAAyB,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,KAAK,CAC/C,CAAA;IACH,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,KAAK,CAAC,oCAAoC,EAAE,EAAE,KAAK,EAAE,GAAG,EAAE,CAAC,CAAA;IACnE,CAAC;IAED,MAAM,EAAE,IAAI,EAAE,GAAG,SAAS,CAAA;IAC1B,MAAM,SAAS,GAAG,QAAQ,CAAC,GAAG,CAAC,IAAI,CAAC,CAAA;IACpC,KAAK,MAAM,IAAI,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;QACvC,MAAM,MAAM,GAAG,KAAK,CAAC,eAAe,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,CAAA;QACjD,MAAM,OAAO,GAAG,CAAC,MAAM,EAAE,MAAM,CAAC,IAAI,CAClC,KAAK,CAAC,EAAE,CAAC,KAAK,CAAC,IAAI,KAAK,SAAS,CAClC,CAAA;QACD,IAAI,OAAO,EAAE,CAAC;YACZ,UAAU,CAAC,KAAK,EAAE,IAAI,CAAC,CAAA;QACzB,CAAC;IACH,CAAC;IAED,mBAAmB,CAAC,KAAK,CAAC,CAAA;IAE1B,OAAO,KAAK,CAAA;AACd,CAAC,CAAA","sourcesContent":["import { error } from '@vltpkg/error-cause'\nimport {\n  asPostcssNodeWithChildren,\n  asStringNode,\n  asTagNode,\n  isStringNode,\n  isTagNode,\n} from '../types.ts'\nimport type { ParserState, PostcssNode } from '../types.ts'\nimport {\n  removeDanglingEdges,\n  removeNode,\n  removeQuotes,\n} from './helpers.ts'\n\nexport type SeverityKinds =\n  | '0'\n  | '1'\n  | '2'\n  | '3'\n  | 'critical'\n  | 'high'\n  | 'medium'\n  | 'low'\n  | undefined\n\nexport type SeverityAlertTypes =\n  | 'criticalCVE'\n  | 'cve'\n  | 'potentialVulnerability'\n  | 'mildCVE'\n  | undefined\n\nconst kindsMap = new Map<SeverityKinds, SeverityAlertTypes>([\n  ['critical', 'criticalCVE'],\n  ['high', 'cve'],\n  ['medium', 'potentialVulnerability'],\n  ['low', 'mildCVE'],\n  ['0', 'criticalCVE'],\n  ['1', 'cve'],\n  ['2', 'potentialVulnerability'],\n  ['3', 'mildCVE'],\n])\nconst kinds = new Set(kindsMap.keys())\n\nexport const isSeverityKind = (\n  value?: string,\n): value is SeverityKinds => kinds.has(value as SeverityKinds)\n\nexport const asSeverityKind = (value?: string): SeverityKinds => {\n  if (!isSeverityKind(value)) {\n    throw error('Expected a valid severity kind', {\n      found: value,\n      validOptions: Array.from(kinds),\n    })\n  }\n  return value\n}\n\nexport const parseInternals = (\n  nodes: PostcssNode[],\n): { kind: SeverityKinds } => {\n  let kind: SeverityKinds\n\n  if (isStringNode(asPostcssNodeWithChildren(nodes[0]).nodes[0])) {\n    kind = asSeverityKind(\n      removeQuotes(\n        asStringNode(asPostcssNodeWithChildren(nodes[0]).nodes[0])\n          .value,\n      ),\n    )\n  } else if (\n    isTagNode(asPostcssNodeWithChildren(nodes[0]).nodes[0])\n  ) {\n    kind = asSeverityKind(\n      asTagNode(asPostcssNodeWithChildren(nodes[0]).nodes[0]).value,\n    )\n  }\n\n  return { kind }\n}\n\nexport const severity = async (state: ParserState) => {\n  if (!state.securityArchive) {\n    throw new Error(\n      'Missing security archive while trying to parse ' +\n        'the :severity security selector',\n    )\n  }\n\n  let internals\n  try {\n    internals = parseInternals(\n      asPostcssNodeWithChildren(state.current).nodes,\n    )\n  } catch (err) {\n    throw error('Failed to parse :severity selector', { cause: err })\n  }\n\n  const { kind } = internals\n  const alertName = kindsMap.get(kind)\n  for (const node of state.partial.nodes) {\n    const report = state.securityArchive.get(node.id)\n    const exclude = !report?.alerts.some(\n      alert => alert.type === alertName,\n    )\n    if (exclude) {\n      removeNode(state, node)\n    }\n  }\n\n  removeDanglingEdges(state)\n\n  return state\n}\n"]}

package/dist/esm/pseudo/squat.d.ts

@@ -0,0 +1,10 @@
+import type { ParserState, PostcssNode } from '../types.ts';
+export type SquatKinds = '0' | '2' | 'critical' | 'medium' | undefined;
+export type SquatAlertTypes = 'didYouMean' | 'gptDidYouMean' | undefined;
+export declare const isSquatKind: (value?: string) => value is SquatKinds;
+export declare const asSquatKind: (value?: string) => SquatKinds;
+export declare const parseInternals: (nodes: PostcssNode[]) => {
+    kind: SquatKinds;
+};
+export declare const squat: (state: ParserState) => Promise<ParserState>;
+//# sourceMappingURL=squat.d.ts.map

package/dist/esm/pseudo/squat.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"squat.d.ts","sourceRoot":"","sources":["../../../src/pseudo/squat.ts"],"names":[],"mappings":"AAQA,OAAO,KAAK,EAAE,WAAW,EAAE,WAAW,EAAE,MAAM,aAAa,CAAA;AAO3D,MAAM,MAAM,UAAU,GAAG,GAAG,GAAG,GAAG,GAAG,UAAU,GAAG,QAAQ,GAAG,SAAS,CAAA;AAEtE,MAAM,MAAM,eAAe,GACvB,YAAY,GACZ,eAAe,GACf,SAAS,CAAA;AAWb,eAAO,MAAM,WAAW,WAAY,MAAM,KAAG,KAAK,IAAI,UACtB,CAAA;AAEhC,eAAO,MAAM,WAAW,WAAY,MAAM,KAAG,UAQ5C,CAAA;AAED,eAAO,MAAM,cAAc,UAClB,WAAW,EAAE,KACnB;IAAE,IAAI,EAAE,UAAU,CAAA;CAmBpB,CAAA;AAED,eAAO,MAAM,KAAK,UAAiB,WAAW,yBAgC7C,CAAA"}

package/dist/esm/pseudo/squat.js

@@ -0,0 +1,57 @@
+import { error } from '@vltpkg/error-cause';
+import { asPostcssNodeWithChildren, asStringNode, asTagNode, isStringNode, isTagNode, } from "../types.js";
+import { removeDanglingEdges, removeNode, removeQuotes, } from "./helpers.js";
+const kindsMap = new Map([
+    ['critical', 'didYouMean'],
+    ['medium', 'gptDidYouMean'],
+    ['0', 'didYouMean'],
+    ['2', 'gptDidYouMean'],
+    [undefined, undefined],
+]);
+const kinds = new Set(kindsMap.keys());
+export const isSquatKind = (value) => kinds.has(value);
+export const asSquatKind = (value) => {
+    if (!isSquatKind(value)) {
+        throw error('Expected a valid squat kind', {
+            found: value,
+            validOptions: Array.from(kinds),
+        });
+    }
+    return value;
+};
+export const parseInternals = (nodes) => {
+    let kind;
+    if (isStringNode(asPostcssNodeWithChildren(nodes[0]).nodes[0])) {
+        kind = asSquatKind(removeQuotes(asStringNode(asPostcssNodeWithChildren(nodes[0]).nodes[0])
+            .value));
+    }
+    else if (isTagNode(asPostcssNodeWithChildren(nodes[0]).nodes[0])) {
+        kind = asSquatKind(asTagNode(asPostcssNodeWithChildren(nodes[0]).nodes[0]).value);
+    }
+    return { kind };
+};
+export const squat = async (state) => {
+    if (!state.securityArchive) {
+        throw new Error('Missing security archive while trying to parse ' +
+            'the :squat security selector');
+    }
+    let internals;
+    try {
+        internals = parseInternals(asPostcssNodeWithChildren(state.current).nodes);
+    }
+    catch (err) {
+        throw error('Failed to parse :squat selector', { cause: err });
+    }
+    const { kind } = internals;
+    const alertName = kindsMap.get(kind);
+    for (const node of state.partial.nodes) {
+        const report = state.securityArchive.get(node.id);
+        const exclude = !report?.alerts.some(alert => alert.type === alertName);
+        if (exclude) {
+            removeNode(state, node);
+        }
+    }
+    removeDanglingEdges(state);
+    return state;
+};
+//# sourceMappingURL=squat.js.map

package/dist/esm/pseudo/squat.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"squat.js","sourceRoot":"","sources":["../../../src/pseudo/squat.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,EAAE,MAAM,qBAAqB,CAAA;AAC3C,OAAO,EACL,yBAAyB,EACzB,YAAY,EACZ,SAAS,EACT,YAAY,EACZ,SAAS,GACV,MAAM,aAAa,CAAA;AAEpB,OAAO,EACL,mBAAmB,EACnB,UAAU,EACV,YAAY,GACb,MAAM,cAAc,CAAA;AASrB,MAAM,QAAQ,GAAG,IAAI,GAAG,CAA8B;IACpD,CAAC,UAAU,EAAE,YAAY,CAAC;IAC1B,CAAC,QAAQ,EAAE,eAAe,CAAC;IAC3B,CAAC,GAAG,EAAE,YAAY,CAAC;IACnB,CAAC,GAAG,EAAE,eAAe,CAAC;IACtB,CAAC,SAAS,EAAE,SAAS,CAAC;CACvB,CAAC,CAAA;AACF,MAAM,KAAK,GAAG,IAAI,GAAG,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAC,CAAA;AAEtC,MAAM,CAAC,MAAM,WAAW,GAAG,CAAC,KAAc,EAAuB,EAAE,CACjE,KAAK,CAAC,GAAG,CAAC,KAAmB,CAAC,CAAA;AAEhC,MAAM,CAAC,MAAM,WAAW,GAAG,CAAC,KAAc,EAAc,EAAE;IACxD,IAAI,CAAC,WAAW,CAAC,KAAK,CAAC,EAAE,CAAC;QACxB,MAAM,KAAK,CAAC,6BAA6B,EAAE;YACzC,KAAK,EAAE,KAAK;YACZ,YAAY,EAAE,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC;SAChC,CAAC,CAAA;IACJ,CAAC;IACD,OAAO,KAAK,CAAA;AACd,CAAC,CAAA;AAED,MAAM,CAAC,MAAM,cAAc,GAAG,CAC5B,KAAoB,EACE,EAAE;IACxB,IAAI,IAAgB,CAAA;IAEpB,IAAI,YAAY,CAAC,yBAAyB,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;QAC/D,IAAI,GAAG,WAAW,CAChB,YAAY,CACV,YAAY,CAAC,yBAAyB,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;aACvD,KAAK,CACT,CACF,CAAA;IACH,CAAC;SAAM,IACL,SAAS,CAAC,yBAAyB,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,EACvD,CAAC;QACD,IAAI,GAAG,WAAW,CAChB,SAAS,CAAC,yBAAyB,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAC9D,CAAA;IACH,CAAC;IAED,OAAO,EAAE,IAAI,EAAE,CAAA;AACjB,CAAC,CAAA;AAED,MAAM,CAAC,MAAM,KAAK,GAAG,KAAK,EAAE,KAAkB,EAAE,EAAE;IAChD,IAAI,CAAC,KAAK,CAAC,eAAe,EAAE,CAAC;QAC3B,MAAM,IAAI,KAAK,CACb,iDAAiD;YAC/C,8BAA8B,CACjC,CAAA;IACH,CAAC;IAED,IAAI,SAAS,CAAA;IACb,IAAI,CAAC;QACH,SAAS,GAAG,cAAc,CACxB,yBAAyB,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,KAAK,CAC/C,CAAA;IACH,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,KAAK,CAAC,iCAAiC,EAAE,EAAE,KAAK,EAAE,GAAG,EAAE,CAAC,CAAA;IAChE,CAAC;IAED,MAAM,EAAE,IAAI,EAAE,GAAG,SAAS,CAAA;IAC1B,MAAM,SAAS,GAAG,QAAQ,CAAC,GAAG,CAAC,IAAI,CAAC,CAAA;IACpC,KAAK,MAAM,IAAI,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;QACvC,MAAM,MAAM,GAAG,KAAK,CAAC,eAAe,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,CAAA;QACjD,MAAM,OAAO,GAAG,CAAC,MAAM,EAAE,MAAM,CAAC,IAAI,CAClC,KAAK,CAAC,EAAE,CAAC,KAAK,CAAC,IAAI,KAAK,SAAS,CAClC,CAAA;QACD,IAAI,OAAO,EAAE,CAAC;YACZ,UAAU,CAAC,KAAK,EAAE,IAAI,CAAC,CAAA;QACzB,CAAC;IACH,CAAC;IAED,mBAAmB,CAAC,KAAK,CAAC,CAAA;IAE1B,OAAO,KAAK,CAAA;AACd,CAAC,CAAA","sourcesContent":["import { error } from '@vltpkg/error-cause'\nimport {\n  asPostcssNodeWithChildren,\n  asStringNode,\n  asTagNode,\n  isStringNode,\n  isTagNode,\n} from '../types.ts'\nimport type { ParserState, PostcssNode } from '../types.ts'\nimport {\n  removeDanglingEdges,\n  removeNode,\n  removeQuotes,\n} from './helpers.ts'\n\nexport type SquatKinds = '0' | '2' | 'critical' | 'medium' | undefined\n\nexport type SquatAlertTypes =\n  | 'didYouMean'\n  | 'gptDidYouMean'\n  | undefined\n\nconst kindsMap = new Map<SquatKinds, SquatAlertTypes>([\n  ['critical', 'didYouMean'],\n  ['medium', 'gptDidYouMean'],\n  ['0', 'didYouMean'],\n  ['2', 'gptDidYouMean'],\n  [undefined, undefined],\n])\nconst kinds = new Set(kindsMap.keys())\n\nexport const isSquatKind = (value?: string): value is SquatKinds =>\n  kinds.has(value as SquatKinds)\n\nexport const asSquatKind = (value?: string): SquatKinds => {\n  if (!isSquatKind(value)) {\n    throw error('Expected a valid squat kind', {\n      found: value,\n      validOptions: Array.from(kinds),\n    })\n  }\n  return value\n}\n\nexport const parseInternals = (\n  nodes: PostcssNode[],\n): { kind: SquatKinds } => {\n  let kind: SquatKinds\n\n  if (isStringNode(asPostcssNodeWithChildren(nodes[0]).nodes[0])) {\n    kind = asSquatKind(\n      removeQuotes(\n        asStringNode(asPostcssNodeWithChildren(nodes[0]).nodes[0])\n          .value,\n      ),\n    )\n  } else if (\n    isTagNode(asPostcssNodeWithChildren(nodes[0]).nodes[0])\n  ) {\n    kind = asSquatKind(\n      asTagNode(asPostcssNodeWithChildren(nodes[0]).nodes[0]).value,\n    )\n  }\n\n  return { kind }\n}\n\nexport const squat = async (state: ParserState) => {\n  if (!state.securityArchive) {\n    throw new Error(\n      'Missing security archive while trying to parse ' +\n        'the :squat security selector',\n    )\n  }\n\n  let internals\n  try {\n    internals = parseInternals(\n      asPostcssNodeWithChildren(state.current).nodes,\n    )\n  } catch (err) {\n    throw error('Failed to parse :squat selector', { cause: err })\n  }\n\n  const { kind } = internals\n  const alertName = kindsMap.get(kind)\n  for (const node of state.partial.nodes) {\n    const report = state.securityArchive.get(node.id)\n    const exclude = !report?.alerts.some(\n      alert => alert.type === alertName,\n    )\n    if (exclude) {\n      removeNode(state, node)\n    }\n  }\n\n  removeDanglingEdges(state)\n\n  return state\n}\n"]}

package/dist/esm/pseudo.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"pseudo.d.ts","sourceRoot":"","sources":["../../src/pseudo.ts"],"names":[],"mappings":"AAYA,OAAO,KAAK,EAAY,WAAW,EAAE,MAAM,YAAY,CAAA;AAqXvD;;GAEG;AACH,eAAO,MAAM,MAAM,UAAiB,WAAW,yBAiB9C,CAAA"}
+{"version":3,"file":"pseudo.d.ts","sourceRoot":"","sources":["../../src/pseudo.ts"],"names":[],"mappings":"AAYA,OAAO,KAAK,EAAY,WAAW,EAAE,MAAM,YAAY,CAAA;AAkYvD;;GAEG;AACH,eAAO,MAAM,MAAM,UAAiB,WAAW,yBAiB9C,CAAA"}

package/dist/esm/pseudo.js

@@ -7,6 +7,8 @@ import { asPostcssNodeWithChildren, asPseudoNode, asTagNode, isSelectorNode, } f
 import { abandoned } from "./pseudo/abandoned.js";
 import { attr } from "./pseudo/attr.js";
 import { confused } from "./pseudo/confused.js";
+import { cve } from "./pseudo/cve.js";
+import { cwe } from "./pseudo/cwe.js";
 import { debug } from "./pseudo/debug.js";
 import { deprecated } from "./pseudo/deprecated.js";
 import { dynamic } from "./pseudo/dynamic.js";
@@ -14,6 +16,8 @@ import { entropic } from "./pseudo/entropic.js";
 import { env } from "./pseudo/env.js";
 import { evalParser } from "./pseudo/eval.js";
 import { fs } from "./pseudo/fs.js";
+import { license } from "./pseudo/license.js";
+import { malware } from "./pseudo/malware.js";
 import { minified } from "./pseudo/minified.js";
 import { nativeParser } from "./pseudo/native.js";
 import { network } from "./pseudo/network.js";
@@ -22,7 +26,9 @@ import { outdated } from "./pseudo/outdated.js";
 import { scripts } from "./pseudo/scripts.js";
 import { shell } from "./pseudo/shell.js";
 import { semverParser as semver } from "./pseudo/semver.js";
+import { severity } from "./pseudo/severity.js";
 import { shrinkwrap } from "./pseudo/shrinkwrap.js";
+import { squat } from "./pseudo/squat.js";
 import { suspicious } from "./pseudo/suspicious.js";
 import { tracker } from "./pseudo/tracker.js";
 import { trivial } from "./pseudo/trivial.js";
@@ -313,6 +319,8 @@ const pseudoSelectors = new Map(Object.entries({
     abandoned,
     attr,
     confused,
+    cve,
+    cwe,
     debug,
     deprecated,
     dynamic,
@@ -324,6 +332,8 @@ const pseudoSelectors = new Map(Object.entries({
     has,
     is,
     // TODO: link
+    license,
+    malware,
     minified,
     missing,
     native: nativeParser,
@@ -338,8 +348,11 @@ const pseudoSelectors = new Map(Object.entries({
     scope,
     scripts,
     semver,
+    sev: severity,
+    severity,
     shell,
     shrinkwrap,
+    squat,
     suspicious,
     tracker,
     trivial,

package/dist/esm/pseudo.js.map

@@ -1 +1 @@
-{"version":3,"file":"pseudo.js","sourceRoot":"","sources":["../../src/pseudo.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,wBAAwB,CAAA;AACnD,OAAO,EAAE,KAAK,EAAE,MAAM,qBAAqB,CAAA;AAE3C,OAAO,EAAE,UAAU,EAAE,MAAM,eAAe,CAAA;AAE1C,OAAO,EAAE,mBAAmB,EAAE,UAAU,EAAE,MAAM,qBAAqB,CAAA;AACrE,OAAO,EACL,yBAAyB,EACzB,YAAY,EACZ,SAAS,EACT,cAAc,GACf,MAAM,YAAY,CAAA;AAGnB,4BAA4B;AAC5B,OAAO,EAAE,SAAS,EAAE,MAAM,uBAAuB,CAAA;AACjD,OAAO,EAAE,IAAI,EAAE,MAAM,kBAAkB,CAAA;AACvC,OAAO,EAAE,QAAQ,EAAE,MAAM,sBAAsB,CAAA;AAC/C,OAAO,EAAE,KAAK,EAAE,MAAM,mBAAmB,CAAA;AACzC,OAAO,EAAE,UAAU,EAAE,MAAM,wBAAwB,CAAA;AACnD,OAAO,EAAE,OAAO,EAAE,MAAM,qBAAqB,CAAA;AAC7C,OAAO,EAAE,QAAQ,EAAE,MAAM,sBAAsB,CAAA;AAC/C,OAAO,EAAE,GAAG,EAAE,MAAM,iBAAiB,CAAA;AACrC,OAAO,EAAE,UAAU,EAAE,MAAM,kBAAkB,CAAA;AAC7C,OAAO,EAAE,EAAE,EAAE,MAAM,gBAAgB,CAAA;AACnC,OAAO,EAAE,QAAQ,EAAE,MAAM,sBAAsB,CAAA;AAC/C,OAAO,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAA;AACjD,OAAO,EAAE,OAAO,EAAE,MAAM,qBAAqB,CAAA;AAC7C,OAAO,EAAE,UAAU,EAAE,MAAM,wBAAwB,CAAA;AACnD,OAAO,EAAE,QAAQ,EAAE,MAAM,sBAAsB,CAAA;AAC/C,OAAO,EAAE,OAAO,EAAE,MAAM,qBAAqB,CAAA;AAC7C,OAAO,EAAE,KAAK,EAAE,MAAM,mBAAmB,CAAA;AACzC,OAAO,EAAE,YAAY,IAAI,MAAM,EAAE,MAAM,oBAAoB,CAAA;AAC3D,OAAO,EAAE,UAAU,EAAE,MAAM,wBAAwB,CAAA;AACnD,OAAO,EAAE,UAAU,EAAE,MAAM,wBAAwB,CAAA;AACnD,OAAO,EAAE,OAAO,EAAE,MAAM,qBAAqB,CAAA;AAC7C,OAAO,EAAE,OAAO,EAAE,MAAM,qBAAqB,CAAA;AAC7C,OAAO,EAAE,WAAW,EAAE,MAAM,yBAAyB,CAAA;AACrD,OAAO,EAAE,OAAO,EAAE,MAAM,qBAAqB,CAAA;AAC7C,OAAO,EAAE,YAAY,EAAE,MAAM,0BAA0B,CAAA;AACvD,OAAO,EAAE,SAAS,EAAE,MAAM,uBAAuB,CAAA;AACjD,OAAO,EAAE,QAAQ,EAAE,MAAM,sBAAsB,CAAA;AAE/C;;GAEG;AACH,MAAM,KAAK,GAAG,KAAK,EAAE,KAAkB,EAAE,EAAE;IACzC,KAAK,MAAM,IAAI,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;QACvC,IAAI,IAAI,CAAC,QAAQ,CAAC,IAAI,GAAG,CAAC,EAAE,CAAC;YAC3B,UAAU,CAAC,KAAK,EAAE,IAAI,CAAC,CAAA;QACzB,CAAC;IACH,CAAC;IACD,OAAO,KAAK,CAAA;AACd,CAAC,CAAA;AAED;;;GAGG;AACH,MAAM,GAAG,GAAG,KAAK,EAAE,KAAkB,EAAE,EAAE;IACvC,MAAM,GAAG,GAAG,yBAAyB,CAAC,KAAK,CAAC,OAAO,CAAC,CAAA;IACpD,MAAM,YAAY,GAAG,IAAI,GAAG,EAAY,CAAA;IACxC,MAAM,YAAY,GAAG,IAAI,GAAG,EAAY,CAAA;IAExC,KAAK,MAAM,IAAI,IAAI,GAAG,CAAC,KAAK,EAAE,CAAC;QAC7B,IAAI,cAAc,CAAC,IAAI,CAAC,EAAE,CAAC;YACzB,MAAM,WAAW,GAAG,MAAM,KAAK,CAAC,IAAI,CAAC;gBACnC,WAAW,EAAE,KAAK,CAAC,WAAW;gBAC9B,OAAO,EAAE;oBACP,KAAK,EAAE,IAAI,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC;oBACnC,KAAK,EAAE,IAAI,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC;iBACpC;gBACD,OAAO,EAAE,IAAI;gBACb,IAAI,EAAE,KAAK,CAAC,IAAI;gBAChB,OAAO,EAAE;oBACP,KAAK,EAAE,IAAI,GAAG,EAAE;oBAChB,KAAK,EAAE,IAAI,GAAG,EAAE;iBACjB;gBACD,OAAO,EAAE;oBACP,KAAK,EAAE,IAAI,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC;oBACnC,KAAK,EAAE,IAAI,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC;iBACpC;gBACD,eAAe,EAAE,KAAK,CAAC,eAAe;gBACtC,WAAW,EAAE,KAAK,CAAC,WAAW;aAC/B,CAAC,CAAA;YACF,KAAK,MAAM,CAAC,IAAI,WAAW,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;gBAC1C,YAAY,CAAC,GAAG,CAAC,CAAC,CAAC,CAAA;YACrB,CAAC;YACD,KAAK,MAAM,CAAC,IAAI,WAAW,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;gBAC1C,YAAY,CAAC,GAAG,CAAC,CAAC,CAAC,CAAA;YACrB,CAAC;QACH,CAAC;IACH,CAAC;IAED,4DAA4D;IAC5D,kCAAkC;IAClC,IAAI,YAAY,CAAC,IAAI,KAAK,CAAC,EAAE,CAAC;QAC5B,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,KAAK,EAAE,CAAA;QAC3B,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,KAAK,EAAE,CAAA;QAC3B,OAAO,KAAK,CAAA;IACd,CAAC;IAED,kCAAkC;IAClC,qDAAqD;IACrD,kDAAkD;IAClD,MAAM,YAAY,GAAG,IAAI,GAAG,EAAY,CAAA;IACxC,MAAM,QAAQ,GAAG,IAAI,GAAG,CAAC,YAAY,CAAC,CAAA;IACtC,KAAK,MAAM,IAAI,IAAI,QAAQ,EAAE,CAAC;QAC5B,KAAK,MAAM,IAAI,IAAI,IAAI,CAAC,OAAO,EAAE,CAAC;YAChC,YAAY,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;YAC3B,IAAI,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC;gBAC3B,QAAQ,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;YACzB,CAAC;QACH,CAAC;IACH,CAAC;IAED,qDAAqD;IACrD,sDAAsD;IACtD,sCAAsC;IACtC,SAAS,EAAE,KAAK,MAAM,IAAI,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;QAClD,IAAI,IAAI,CAAC,QAAQ,CAAC,IAAI,KAAK,CAAC,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC;YACxD,UAAU,CAAC,KAAK,EAAE,IAAI,CAAC,CAAA;YACvB,SAAQ;QACV,CAAC;QAED,KAAK,MAAM,IAAI,IAAI,IAAI,CAAC,QAAQ,CAAC,MAAM,EAAE,EAAE,CAAC;YAC1C,IAAI,YAAY,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC;gBAC3B,SAAS,SAAS,CAAA;YACpB,CAAC;QACH,CAAC;QACD,UAAU,CAAC,KAAK,EAAE,IAAI,CAAC,CAAA;IACzB,CAAC;IAED,mBAAmB,CAAC,KAAK,CAAC,CAAA;IAE1B,OAAO,KAAK,CAAA;AACd,CAAC,CAAA;AAED;;;;;;GAMG;AACH,MAAM,EAAE,GAAG,KAAK,EAAE,KAAkB,EAAE,EAAE;IACtC,MAAM,GAAG,GAAG,yBAAyB,CAAC,KAAK,CAAC,OAAO,CAAC,CAAA;IACpD,MAAM,OAAO,GAAG,IAAI,GAAG,EAAE,CAAA;IACzB,KAAK,MAAM,IAAI,IAAI,GAAG,CAAC,KAAK,EAAE,CAAC;QAC7B,IAAI,cAAc,CAAC,IAAI,CAAC,EAAE,CAAC;YACzB,MAAM,WAAW,GAAG,MAAM,KAAK,CAAC,IAAI,CAAC;gBACnC,WAAW,EAAE,KAAK,CAAC,WAAW;gBAC9B,OAAO,EAAE;oBACP,KAAK,EAAE,IAAI,GAAG,EAAE;oBAChB,KAAK,EAAE,IAAI,GAAG,EAAE;iBACjB;gBACD,OAAO,EAAE,IAAI;gBACb,OAAO,EAAE,KAAK,CAAC,OAAO;gBACtB,KAAK,EAAE,IAAI;gBACX,OAAO,EAAE;oBACP,KAAK,EAAE,IAAI,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC;oBACnC,KAAK,EAAE,IAAI,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC;iBACpC;gBACD,IAAI,EAAE,KAAK,CAAC,IAAI;gBAChB,eAAe,EAAE,KAAK,CAAC,eAAe;gBACtC,WAAW,EAAE,KAAK,CAAC,WAAW;aAC/B,CAAC,CAAA;YACF,KAAK,MAAM,CAAC,IAAI,WAAW,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;gBAC1C,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,CAAA;YAChB,CAAC;QACH,CAAC;IACH,CAAC;IACD,KAAK,MAAM,IAAI,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;QACvC,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC;YACvB,UAAU,CAAC,KAAK,EAAE,IAAI,CAAC,CAAA;QACzB,CAAC;IACH,CAAC;IACD,OAAO,KAAK,CAAA;AACd,CAAC,CAAA;AAED;;;GAGG;AACH,MAAM,OAAO,GAAG,KAAK,EAAE,KAAkB,EAAE,EAAE;IAC3C,KAAK,MAAM,IAAI,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;QACvC,IAAI,IAAI,CAAC,EAAE,EAAE,CAAC;YACZ,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,MAAM,CAAC,IAAI,CAAC,CAAA;QAClC,CAAC;IACH,CAAC;IACD,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,KAAK,EAAE,CAAA;IAC3B,OAAO,KAAK,CAAA;AACd,CAAC,CAAA;AAED;;;;GAIG;AACH,MAAM,GAAG,GAAG,KAAK,EAAE,KAAkB,EAAE,EAAE;IACvC,MAAM,GAAG,GAAG,yBAAyB,CAAC,KAAK,CAAC,OAAO,CAAC,CAAA;IACpD,MAAM,OAAO,GAAG,IAAI,GAAG,EAAE,CAAA;IACzB,KAAK,MAAM,IAAI,IAAI,GAAG,CAAC,KAAK,EAAE,CAAC;QAC7B,IAAI,cAAc,CAAC,IAAI,CAAC,EAAE,CAAC;YACzB,MAAM,WAAW,GAAG,MAAM,KAAK,CAAC,IAAI,CAAC;gBACnC,WAAW,EAAE,KAAK,CAAC,WAAW;gBAC9B,OAAO,EAAE;oBACP,KAAK,EAAE,IAAI,GAAG,EAAE;oBAChB,KAAK,EAAE,IAAI,GAAG,EAAE;iBACjB;gBACD,OAAO,EAAE,IAAI;gBACb,OAAO,EAAE,KAAK,CAAC,OAAO;gBACtB,OAAO,EAAE;oBACP,KAAK,EAAE,IAAI,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC;oBACnC,KAAK,EAAE,IAAI,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC;iBACpC;gBACD,IAAI,EAAE,KAAK,CAAC,IAAI;gBAChB,eAAe,EAAE,KAAK,CAAC,eAAe;gBACtC,WAAW,EAAE,KAAK,CAAC,WAAW;aAC/B,CAAC,CAAA;YACF,KAAK,MAAM,CAAC,IAAI,WAAW,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;gBAC1C,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,CAAA;YAChB,CAAC;YACD,4CAA4C;QAC9C,CAAC;aAAM,CAAC;YACN,MAAM,KAAK,CAAC,gCAAgC,EAAE;gBAC5C,MAAM,EAAE,EAAE,IAAI,EAAE,UAAU,EAAE;gBAC5B,KAAK,EAAE,IAAI;aACZ,CAAC,CAAA;QACJ,CAAC;QACD,oBAAoB;IACtB,CAAC;IACD,KAAK,MAAM,IAAI,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;QACvC,IAAI,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC;YACtB,UAAU,CAAC,KAAK,EAAE,IAAI,CAAC,CAAA;QACzB,CAAC;IACH,CAAC;IACD,OAAO,KAAK,CAAA;AACd,CAAC,CAAA;AAED;;;GAGG;AACH,MAAM,SAAS,GAAG,KAAK,EAAE,KAAkB,EAAE,EAAE;IAC7C,KAAK,MAAM,IAAI,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;QACvC,IAAI,CAAC,IAAI,CAAC,QAAQ,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,OAAO,EAAE,CAAC;YACzD,UAAU,CAAC,KAAK,EAAE,IAAI,CAAC,CAAA;QACzB,CAAC;IACH,CAAC;IAED,mBAAmB,CAAC,KAAK,CAAC,CAAA;IAE1B,OAAO,KAAK,CAAA;AACd,CAAC,CAAA;AAED;;GAEG;AACH,MAAM,IAAI,GAAG,KAAK,EAAE,KAAkB,EAAE,EAAE;IACxC,MAAM,CAAC,OAAO,CAAC,GAAG,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,MAAM,EAAE,CAAA;IAC9C,MAAM,YAAY,GAAG,OAAO,EAAE,KAAK,CAAC,YAAY,CAAA;IAChD,IAAI,CAAC,YAAY,EAAE,CAAC;QAClB,MAAM,KAAK,CAAC,iDAAiD,CAAC,CAAA;IAChE,CAAC;IACD,KAAK,MAAM,IAAI,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;QACvC,IAAI,IAAI,CAAC,EAAE,KAAK,YAAY,EAAE,CAAC;YAC7B,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,MAAM,CAAC,IAAI,CAAC,CAAA;QAClC,CAAC;IACH,CAAC;IACD,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,KAAK,EAAE,CAAA;IAC3B,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,YAAY,CAAC,CAAA;IACrC,OAAO,KAAK,CAAA;AACd,CAAC,CAAA;AAED;;;GAGG;AACH,MAAM,OAAO,GAAG,KAAK,EAAE,KAAkB,EAAE,EAAE;IAC3C,MAAM,CAAC,OAAO,CAAC,GAAG,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,MAAM,EAAE,CAAA;IAC9C,MAAM,SAAS,GAAG,OAAO,EAAE,KAAK,CAAC,SAAS,CAAA;IAC1C,IAAI,CAAC,SAAS,EAAE,IAAI,EAAE,CAAC;QACrB,MAAM,KAAK,CAAC,oDAAoD,CAAC,CAAA;IACnE,CAAC;IAED,0DAA0D;IAC1D,0DAA0D;IAC1D,gCAAgC;IAChC,MAAM,gBAAgB,GAAG,IAAI,GAAG,EAAY,CAAA;IAC5C,KAAK,MAAM,QAAQ,IAAI,SAAS,EAAE,CAAC;QACjC,KAAK,MAAM,IAAI,IAAI,QAAQ,CAAC,OAAO,EAAE,CAAC;YACpC,gBAAgB,CAAC,GAAG,CAAC,IAAI,CAAC,CAAA;QAC5B,CAAC;IACH,CAAC;IAED,KAAK,MAAM,IAAI,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;QACvC,IAAI,CAAC,IAAI,CAAC,EAAE,IAAI,CAAC,gBAAgB,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC;YAC5C,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,MAAM,CAAC,IAAI,CAAC,CAAA;QAClC,CAAC;IACH,CAAC;IACD,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,KAAK,EAAE,CAAA;IAC3B,KAAK,MAAM,QAAQ,IAAI,SAAS,EAAE,CAAC;QACjC,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAA;IACnC,CAAC;IACD,OAAO,KAAK,CAAA;AACd,CAAC,CAAA;AAED;;;GAGG;AACH,MAAM,KAAK,GAAG,KAAK,EAAE,KAAkB,EAAE,EAAE;IACzC,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,KAAK,EAAE,CAAA;IAC3B,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,KAAK,EAAE,CAAA;IAC3B,KAAK,MAAM,IAAI,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;QACvC,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC,CAAA;IAC/B,CAAC;IACD,KAAK,MAAM,IAAI,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;QACvC,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC,CAAA;IAC/B,CAAC;IACD,OAAO,KAAK,CAAA;AACd,CAAC,CAAA;AAED;;;GAGG;AACH,MAAM,MAAM,GAAG,KAAK,EAAE,KAAkB,EAAE,EAAE;IAC1C,MAAM,IAAI,GAAG,yBAAyB,CAAC,KAAK,CAAC,OAAO,CAAC,CAAA;IACrD,MAAM,QAAQ,GAAG,yBAAyB,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAA;IACzD,MAAM,IAAI,GAAG,SAAS,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAA;IAC/C,KAAK,MAAM,IAAI,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;QACvC,MAAM,QAAQ,GAAG,UAAU,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAA;QACvC,IAAI,QAAQ,KAAK,IAAI,EAAE,CAAC;YACtB,UAAU,CAAC,KAAK,EAAE,IAAI,CAAC,CAAA;QACzB,CAAC;IACH,CAAC;IACD,OAAO,KAAK,CAAA;AACd,CAAC,CAAA;AAED,MAAM,eAAe,GAAG,IAAI,GAAG,CAC7B,MAAM,CAAC,OAAO,CAAC;IACb,SAAS;IACT,IAAI;IACJ,QAAQ;IACR,KAAK;IACL,UAAU;IACV,OAAO;IACP,IAAI,EAAE,UAAU;IAChB,KAAK;IACL,QAAQ;IACR,GAAG;IACH,EAAE;IACF,GAAG;IACH,EAAE;IACF,aAAa;IACb,QAAQ;IACR,OAAO;IACP,MAAM,EAAE,YAAY;IACpB,OAAO;IACP,GAAG;IACH,UAAU;IACV,QAAQ;IACR,mBAAmB;IACnB,OAAO,EAAE,SAAS;IAClB,OAAO;IACP,IAAI;IACJ,KAAK;IACL,OAAO;IACP,MAAM;IACN,KAAK;IACL,UAAU;IACV,UAAU;IACV,OAAO;IACP,OAAO;IACP,IAAI,EAAE,MAAM;IACZ,WAAW;IACX,OAAO;IACP,YAAY;IACZ,SAAS;IACT,QAAQ;CACT,CAAC,CACH,CAAA;AAED;;GAEG;AACH,MAAM,CAAC,MAAM,MAAM,GAAG,KAAK,EAAE,KAAkB,EAAE,EAAE;IACjD,MAAM,KAAK,CAAC,WAAW,EAAE,CAAA;IAEzB,MAAM,IAAI,GAAG,YAAY,CAAC,KAAK,CAAC,OAAO,CAAC,CAAA;IACxC,MAAM,QAAQ,GACZ,IAAI,CAAC,KAAK,IAAI,eAAe,CAAC,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAA;IAExD,IAAI,CAAC,QAAQ,EAAE,CAAC;QACd,IAAI,KAAK,CAAC,KAAK,EAAE,CAAC;YAChB,OAAO,KAAK,CAAA;QACd,CAAC;QAED,MAAM,IAAI,KAAK,CACb,6BAA6B,KAAK,CAAC,OAAO,CAAC,KAAK,EAAE,CACnD,CAAA;IACH,CAAC;IACD,OAAO,QAAQ,CAAC,KAAK,CAAC,CAAA;AACxB,CAAC,CAAA","sourcesContent":["import { splitDepID } from '@vltpkg/dep-id/browser'\nimport { error } from '@vltpkg/error-cause'\nimport type { EdgeLike, NodeLike } from '@vltpkg/graph'\nimport { asManifest } from '@vltpkg/types'\n\nimport { removeDanglingEdges, removeNode } from './pseudo/helpers.ts'\nimport {\n  asPostcssNodeWithChildren,\n  asPseudoNode,\n  asTagNode,\n  isSelectorNode,\n} from './types.ts'\nimport type { ParserFn, ParserState } from './types.ts'\n\n// imported pseudo selectors\nimport { abandoned } from './pseudo/abandoned.ts'\nimport { attr } from './pseudo/attr.ts'\nimport { confused } from './pseudo/confused.ts'\nimport { debug } from './pseudo/debug.ts'\nimport { deprecated } from './pseudo/deprecated.ts'\nimport { dynamic } from './pseudo/dynamic.ts'\nimport { entropic } from './pseudo/entropic.ts'\nimport { env } from './pseudo/env.ts'\nimport { evalParser } from './pseudo/eval.ts'\nimport { fs } from './pseudo/fs.ts'\nimport { minified } from './pseudo/minified.ts'\nimport { nativeParser } from './pseudo/native.ts'\nimport { network } from './pseudo/network.ts'\nimport { obfuscated } from './pseudo/obfuscated.ts'\nimport { outdated } from './pseudo/outdated.ts'\nimport { scripts } from './pseudo/scripts.ts'\nimport { shell } from './pseudo/shell.ts'\nimport { semverParser as semver } from './pseudo/semver.ts'\nimport { shrinkwrap } from './pseudo/shrinkwrap.ts'\nimport { suspicious } from './pseudo/suspicious.ts'\nimport { tracker } from './pseudo/tracker.ts'\nimport { trivial } from './pseudo/trivial.ts'\nimport { undesirable } from './pseudo/undesirable.ts'\nimport { unknown } from './pseudo/unknown.ts'\nimport { unmaintained } from './pseudo/unmaintained.ts'\nimport { unpopular } from './pseudo/unpopular.ts'\nimport { unstable } from './pseudo/unstable.ts'\n\n/**\n * :empty Pseudo-Selector, matches only nodes that have no children.\n */\nconst empty = async (state: ParserState) => {\n  for (const node of state.partial.nodes) {\n    if (node.edgesOut.size > 0) {\n      removeNode(state, node)\n    }\n  }\n  return state\n}\n\n/**\n * :has Pseudo-Selector, matches only nodes that have valid results\n * for its nested selector expressions.\n */\nconst has = async (state: ParserState) => {\n  const top = asPostcssNodeWithChildren(state.current)\n  const collectNodes = new Set<NodeLike>()\n  const collectEdges = new Set<EdgeLike>()\n\n  for (const node of top.nodes) {\n    if (isSelectorNode(node)) {\n      const nestedState = await state.walk({\n        cancellable: state.cancellable,\n        initial: {\n          edges: new Set(state.initial.edges),\n          nodes: new Set(state.initial.nodes),\n        },\n        current: node,\n        walk: state.walk,\n        collect: {\n          edges: new Set(),\n          nodes: new Set(),\n        },\n        partial: {\n          edges: new Set(state.partial.edges),\n          nodes: new Set(state.partial.nodes),\n        },\n        securityArchive: state.securityArchive,\n        specOptions: state.specOptions,\n      })\n      for (const n of nestedState.collect.nodes) {\n        collectNodes.add(n)\n      }\n      for (const e of nestedState.partial.edges) {\n        collectEdges.add(e)\n      }\n    }\n  }\n\n  // if the nested selector did not match anything, that means\n  // no current node has any matches\n  if (collectNodes.size === 0) {\n    state.partial.edges.clear()\n    state.partial.nodes.clear()\n    return state\n  }\n\n  // handles transitive dependencies\n  // compareNodes collects a list of all ancestor nodes\n  // from the resulting nodes of the nested selector\n  const compareNodes = new Set<NodeLike>()\n  const traverse = new Set(collectNodes)\n  for (const node of traverse) {\n    for (const edge of node.edgesIn) {\n      compareNodes.add(edge.from)\n      if (edge.from.edgesIn.size) {\n        traverse.add(edge.from)\n      }\n    }\n  }\n\n  // for each node in the current list checks to see if\n  // it has a node in the resulting nested state that is\n  // a transitive dependency / children.\n  nodesLoop: for (const node of state.partial.nodes) {\n    if (node.edgesOut.size === 0 || !compareNodes.has(node)) {\n      removeNode(state, node)\n      continue\n    }\n\n    for (const edge of node.edgesOut.values()) {\n      if (collectEdges.has(edge)) {\n        continue nodesLoop\n      }\n    }\n    removeNode(state, node)\n  }\n\n  removeDanglingEdges(state)\n\n  return state\n}\n\n/**\n * :is Pseudo-selector, acts as a shortcut for writing more compact expressions\n * by allowing multiple nested selectors to match on the previous results.\n *\n * It also enables the loose parsing mode, skipping instead of erroring usage\n * of non-existing classes, identifiers, pseudo-classes, etc.\n */\nconst is = async (state: ParserState) => {\n  const top = asPostcssNodeWithChildren(state.current)\n  const collect = new Set()\n  for (const node of top.nodes) {\n    if (isSelectorNode(node)) {\n      const nestedState = await state.walk({\n        cancellable: state.cancellable,\n        collect: {\n          edges: new Set(),\n          nodes: new Set(),\n        },\n        current: node,\n        initial: state.initial,\n        loose: true,\n        partial: {\n          nodes: new Set(state.partial.nodes),\n          edges: new Set(state.partial.edges),\n        },\n        walk: state.walk,\n        securityArchive: state.securityArchive,\n        specOptions: state.specOptions,\n      })\n      for (const n of nestedState.collect.nodes) {\n        collect.add(n)\n      }\n    }\n  }\n  for (const node of state.partial.nodes) {\n    if (!collect.has(node)) {\n      removeNode(state, node)\n    }\n  }\n  return state\n}\n\n/**\n * :missing Pseudo-Selector, matches only\n * edges that are not linked to any node.\n */\nconst missing = async (state: ParserState) => {\n  for (const edge of state.partial.edges) {\n    if (edge.to) {\n      state.partial.edges.delete(edge)\n    }\n  }\n  state.partial.nodes.clear()\n  return state\n}\n\n/**\n * :not Pseudo-class, serves to create negate expressions, anything that\n * matches selectors declared inside the `:not()` expression is going to be\n * filtered out in the final result.\n */\nconst not = async (state: ParserState) => {\n  const top = asPostcssNodeWithChildren(state.current)\n  const collect = new Set()\n  for (const node of top.nodes) {\n    if (isSelectorNode(node)) {\n      const nestedState = await state.walk({\n        cancellable: state.cancellable,\n        collect: {\n          edges: new Set(),\n          nodes: new Set(),\n        },\n        current: node,\n        initial: state.initial,\n        partial: {\n          nodes: new Set(state.partial.nodes),\n          edges: new Set(state.partial.edges),\n        },\n        walk: state.walk,\n        securityArchive: state.securityArchive,\n        specOptions: state.specOptions,\n      })\n      for (const n of nestedState.collect.nodes) {\n        collect.add(n)\n      }\n      /* c8 ignore start - should be impossible */\n    } else {\n      throw error('Error parsing :not() selectors', {\n        wanted: { type: 'selector' },\n        found: node,\n      })\n    }\n    /* c8 ignore stop */\n  }\n  for (const node of state.partial.nodes) {\n    if (collect.has(node)) {\n      removeNode(state, node)\n    }\n  }\n  return state\n}\n\n/**\n * :private Pseudo-Selector will only match packages that have\n * a `private: true` key set in their `package.json` metadata.\n */\nconst privateFn = async (state: ParserState) => {\n  for (const node of state.partial.nodes) {\n    if (!node.manifest || !asManifest(node.manifest).private) {\n      removeNode(state, node)\n    }\n  }\n\n  removeDanglingEdges(state)\n\n  return state\n}\n\n/**\n * :root Pseudo-Element will return the project root node for the graph.\n */\nconst root = async (state: ParserState) => {\n  const [anyNode] = state.initial.nodes.values()\n  const mainImporter = anyNode?.graph.mainImporter\n  if (!mainImporter) {\n    throw error(':root pseudo-element works on local graphs only')\n  }\n  for (const edge of state.partial.edges) {\n    if (edge.to !== mainImporter) {\n      state.partial.edges.delete(edge)\n    }\n  }\n  state.partial.nodes.clear()\n  state.partial.nodes.add(mainImporter)\n  return state\n}\n\n/**\n * :project Pseudo-Element, returns all graph importers (e.g: the\n * root node along with any configured workspace)\n */\nconst project = async (state: ParserState) => {\n  const [anyNode] = state.initial.nodes.values()\n  const importers = anyNode?.graph.importers\n  if (!importers?.size) {\n    throw error(':project pseudo-element works on local graphs only')\n  }\n\n  // make a list of all edges that are coming from importers\n  // so that we can filter out any edges that are not direct\n  // dependencies of the importers\n  const importersEdgesIn = new Set<EdgeLike>()\n  for (const importer of importers) {\n    for (const edge of importer.edgesIn) {\n      importersEdgesIn.add(edge)\n    }\n  }\n\n  for (const edge of state.partial.edges) {\n    if (!edge.to || !importersEdgesIn.has(edge)) {\n      state.partial.edges.delete(edge)\n    }\n  }\n  state.partial.nodes.clear()\n  for (const importer of importers) {\n    state.partial.nodes.add(importer)\n  }\n  return state\n}\n\n/**\n * :scope Pseudo-Element, returns the original scope of items\n * at the start of a given selector.\n */\nconst scope = async (state: ParserState) => {\n  state.partial.edges.clear()\n  state.partial.nodes.clear()\n  for (const edge of state.initial.edges) {\n    state.partial.edges.add(edge)\n  }\n  for (const node of state.initial.nodes) {\n    state.partial.nodes.add(node)\n  }\n  return state\n}\n\n/**\n * :type(str) Pseudo-Element will match only nodes that are of\n * the same type as the value used\n */\nconst typeFn = async (state: ParserState) => {\n  const type = asPostcssNodeWithChildren(state.current)\n  const selector = asPostcssNodeWithChildren(type.nodes[0])\n  const name = asTagNode(selector.nodes[0]).value\n  for (const node of state.partial.nodes) {\n    const nodeType = splitDepID(node.id)[0]\n    if (nodeType !== name) {\n      removeNode(state, node)\n    }\n  }\n  return state\n}\n\nconst pseudoSelectors = new Map<string, ParserFn>(\n  Object.entries({\n    abandoned,\n    attr,\n    confused,\n    debug,\n    deprecated,\n    dynamic,\n    eval: evalParser,\n    empty,\n    entropic,\n    env,\n    fs,\n    has,\n    is,\n    // TODO: link\n    minified,\n    missing,\n    native: nativeParser,\n    network,\n    not,\n    obfuscated,\n    outdated,\n    // TODO: overridden\n    private: privateFn,\n    project,\n    root,\n    scope,\n    scripts,\n    semver,\n    shell,\n    shrinkwrap,\n    suspicious,\n    tracker,\n    trivial,\n    type: typeFn,\n    undesirable,\n    unknown,\n    unmaintained,\n    unpopular,\n    unstable,\n  }),\n)\n\n/**\n * Parsers the `pseudo` node types.\n */\nexport const pseudo = async (state: ParserState) => {\n  await state.cancellable()\n\n  const curr = asPseudoNode(state.current)\n  const parserFn =\n    curr.value && pseudoSelectors.get(curr.value.slice(1))\n\n  if (!parserFn) {\n    if (state.loose) {\n      return state\n    }\n\n    throw new Error(\n      `Unsupported pseudo-class: ${state.current.value}`,\n    )\n  }\n  return parserFn(state)\n}\n"]}
+{"version":3,"file":"pseudo.js","sourceRoot":"","sources":["../../src/pseudo.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,wBAAwB,CAAA;AACnD,OAAO,EAAE,KAAK,EAAE,MAAM,qBAAqB,CAAA;AAE3C,OAAO,EAAE,UAAU,EAAE,MAAM,eAAe,CAAA;AAE1C,OAAO,EAAE,mBAAmB,EAAE,UAAU,EAAE,MAAM,qBAAqB,CAAA;AACrE,OAAO,EACL,yBAAyB,EACzB,YAAY,EACZ,SAAS,EACT,cAAc,GACf,MAAM,YAAY,CAAA;AAGnB,4BAA4B;AAC5B,OAAO,EAAE,SAAS,EAAE,MAAM,uBAAuB,CAAA;AACjD,OAAO,EAAE,IAAI,EAAE,MAAM,kBAAkB,CAAA;AACvC,OAAO,EAAE,QAAQ,EAAE,MAAM,sBAAsB,CAAA;AAC/C,OAAO,EAAE,GAAG,EAAE,MAAM,iBAAiB,CAAA;AACrC,OAAO,EAAE,GAAG,EAAE,MAAM,iBAAiB,CAAA;AACrC,OAAO,EAAE,KAAK,EAAE,MAAM,mBAAmB,CAAA;AACzC,OAAO,EAAE,UAAU,EAAE,MAAM,wBAAwB,CAAA;AACnD,OAAO,EAAE,OAAO,EAAE,MAAM,qBAAqB,CAAA;AAC7C,OAAO,EAAE,QAAQ,EAAE,MAAM,sBAAsB,CAAA;AAC/C,OAAO,EAAE,GAAG,EAAE,MAAM,iBAAiB,CAAA;AACrC,OAAO,EAAE,UAAU,EAAE,MAAM,kBAAkB,CAAA;AAC7C,OAAO,EAAE,EAAE,EAAE,MAAM,gBAAgB,CAAA;AACnC,OAAO,EAAE,OAAO,EAAE,MAAM,qBAAqB,CAAA;AAC7C,OAAO,EAAE,OAAO,EAAE,MAAM,qBAAqB,CAAA;AAC7C,OAAO,EAAE,QAAQ,EAAE,MAAM,sBAAsB,CAAA;AAC/C,OAAO,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAA;AACjD,OAAO,EAAE,OAAO,EAAE,MAAM,qBAAqB,CAAA;AAC7C,OAAO,EAAE,UAAU,EAAE,MAAM,wBAAwB,CAAA;AACnD,OAAO,EAAE,QAAQ,EAAE,MAAM,sBAAsB,CAAA;AAC/C,OAAO,EAAE,OAAO,EAAE,MAAM,qBAAqB,CAAA;AAC7C,OAAO,EAAE,KAAK,EAAE,MAAM,mBAAmB,CAAA;AACzC,OAAO,EAAE,YAAY,IAAI,MAAM,EAAE,MAAM,oBAAoB,CAAA;AAC3D,OAAO,EAAE,QAAQ,EAAE,MAAM,sBAAsB,CAAA;AAC/C,OAAO,EAAE,UAAU,EAAE,MAAM,wBAAwB,CAAA;AACnD,OAAO,EAAE,KAAK,EAAE,MAAM,mBAAmB,CAAA;AACzC,OAAO,EAAE,UAAU,EAAE,MAAM,wBAAwB,CAAA;AACnD,OAAO,EAAE,OAAO,EAAE,MAAM,qBAAqB,CAAA;AAC7C,OAAO,EAAE,OAAO,EAAE,MAAM,qBAAqB,CAAA;AAC7C,OAAO,EAAE,WAAW,EAAE,MAAM,yBAAyB,CAAA;AACrD,OAAO,EAAE,OAAO,EAAE,MAAM,qBAAqB,CAAA;AAC7C,OAAO,EAAE,YAAY,EAAE,MAAM,0BAA0B,CAAA;AACvD,OAAO,EAAE,SAAS,EAAE,MAAM,uBAAuB,CAAA;AACjD,OAAO,EAAE,QAAQ,EAAE,MAAM,sBAAsB,CAAA;AAE/C;;GAEG;AACH,MAAM,KAAK,GAAG,KAAK,EAAE,KAAkB,EAAE,EAAE;IACzC,KAAK,MAAM,IAAI,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;QACvC,IAAI,IAAI,CAAC,QAAQ,CAAC,IAAI,GAAG,CAAC,EAAE,CAAC;YAC3B,UAAU,CAAC,KAAK,EAAE,IAAI,CAAC,CAAA;QACzB,CAAC;IACH,CAAC;IACD,OAAO,KAAK,CAAA;AACd,CAAC,CAAA;AAED;;;GAGG;AACH,MAAM,GAAG,GAAG,KAAK,EAAE,KAAkB,EAAE,EAAE;IACvC,MAAM,GAAG,GAAG,yBAAyB,CAAC,KAAK,CAAC,OAAO,CAAC,CAAA;IACpD,MAAM,YAAY,GAAG,IAAI,GAAG,EAAY,CAAA;IACxC,MAAM,YAAY,GAAG,IAAI,GAAG,EAAY,CAAA;IAExC,KAAK,MAAM,IAAI,IAAI,GAAG,CAAC,KAAK,EAAE,CAAC;QAC7B,IAAI,cAAc,CAAC,IAAI,CAAC,EAAE,CAAC;YACzB,MAAM,WAAW,GAAG,MAAM,KAAK,CAAC,IAAI,CAAC;gBACnC,WAAW,EAAE,KAAK,CAAC,WAAW;gBAC9B,OAAO,EAAE;oBACP,KAAK,EAAE,IAAI,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC;oBACnC,KAAK,EAAE,IAAI,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC;iBACpC;gBACD,OAAO,EAAE,IAAI;gBACb,IAAI,EAAE,KAAK,CAAC,IAAI;gBAChB,OAAO,EAAE;oBACP,KAAK,EAAE,IAAI,GAAG,EAAE;oBAChB,KAAK,EAAE,IAAI,GAAG,EAAE;iBACjB;gBACD,OAAO,EAAE;oBACP,KAAK,EAAE,IAAI,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC;oBACnC,KAAK,EAAE,IAAI,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC;iBACpC;gBACD,eAAe,EAAE,KAAK,CAAC,eAAe;gBACtC,WAAW,EAAE,KAAK,CAAC,WAAW;aAC/B,CAAC,CAAA;YACF,KAAK,MAAM,CAAC,IAAI,WAAW,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;gBAC1C,YAAY,CAAC,GAAG,CAAC,CAAC,CAAC,CAAA;YACrB,CAAC;YACD,KAAK,MAAM,CAAC,IAAI,WAAW,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;gBAC1C,YAAY,CAAC,GAAG,CAAC,CAAC,CAAC,CAAA;YACrB,CAAC;QACH,CAAC;IACH,CAAC;IAED,4DAA4D;IAC5D,kCAAkC;IAClC,IAAI,YAAY,CAAC,IAAI,KAAK,CAAC,EAAE,CAAC;QAC5B,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,KAAK,EAAE,CAAA;QAC3B,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,KAAK,EAAE,CAAA;QAC3B,OAAO,KAAK,CAAA;IACd,CAAC;IAED,kCAAkC;IAClC,qDAAqD;IACrD,kDAAkD;IAClD,MAAM,YAAY,GAAG,IAAI,GAAG,EAAY,CAAA;IACxC,MAAM,QAAQ,GAAG,IAAI,GAAG,CAAC,YAAY,CAAC,CAAA;IACtC,KAAK,MAAM,IAAI,IAAI,QAAQ,EAAE,CAAC;QAC5B,KAAK,MAAM,IAAI,IAAI,IAAI,CAAC,OAAO,EAAE,CAAC;YAChC,YAAY,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;YAC3B,IAAI,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC;gBAC3B,QAAQ,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;YACzB,CAAC;QACH,CAAC;IACH,CAAC;IAED,qDAAqD;IACrD,sDAAsD;IACtD,sCAAsC;IACtC,SAAS,EAAE,KAAK,MAAM,IAAI,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;QAClD,IAAI,IAAI,CAAC,QAAQ,CAAC,IAAI,KAAK,CAAC,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC;YACxD,UAAU,CAAC,KAAK,EAAE,IAAI,CAAC,CAAA;YACvB,SAAQ;QACV,CAAC;QAED,KAAK,MAAM,IAAI,IAAI,IAAI,CAAC,QAAQ,CAAC,MAAM,EAAE,EAAE,CAAC;YAC1C,IAAI,YAAY,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC;gBAC3B,SAAS,SAAS,CAAA;YACpB,CAAC;QACH,CAAC;QACD,UAAU,CAAC,KAAK,EAAE,IAAI,CAAC,CAAA;IACzB,CAAC;IAED,mBAAmB,CAAC,KAAK,CAAC,CAAA;IAE1B,OAAO,KAAK,CAAA;AACd,CAAC,CAAA;AAED;;;;;;GAMG;AACH,MAAM,EAAE,GAAG,KAAK,EAAE,KAAkB,EAAE,EAAE;IACtC,MAAM,GAAG,GAAG,yBAAyB,CAAC,KAAK,CAAC,OAAO,CAAC,CAAA;IACpD,MAAM,OAAO,GAAG,IAAI,GAAG,EAAE,CAAA;IACzB,KAAK,MAAM,IAAI,IAAI,GAAG,CAAC,KAAK,EAAE,CAAC;QAC7B,IAAI,cAAc,CAAC,IAAI,CAAC,EAAE,CAAC;YACzB,MAAM,WAAW,GAAG,MAAM,KAAK,CAAC,IAAI,CAAC;gBACnC,WAAW,EAAE,KAAK,CAAC,WAAW;gBAC9B,OAAO,EAAE;oBACP,KAAK,EAAE,IAAI,GAAG,EAAE;oBAChB,KAAK,EAAE,IAAI,GAAG,EAAE;iBACjB;gBACD,OAAO,EAAE,IAAI;gBACb,OAAO,EAAE,KAAK,CAAC,OAAO;gBACtB,KAAK,EAAE,IAAI;gBACX,OAAO,EAAE;oBACP,KAAK,EAAE,IAAI,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC;oBACnC,KAAK,EAAE,IAAI,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC;iBACpC;gBACD,IAAI,EAAE,KAAK,CAAC,IAAI;gBAChB,eAAe,EAAE,KAAK,CAAC,eAAe;gBACtC,WAAW,EAAE,KAAK,CAAC,WAAW;aAC/B,CAAC,CAAA;YACF,KAAK,MAAM,CAAC,IAAI,WAAW,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;gBAC1C,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,CAAA;YAChB,CAAC;QACH,CAAC;IACH,CAAC;IACD,KAAK,MAAM,IAAI,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;QACvC,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC;YACvB,UAAU,CAAC,KAAK,EAAE,IAAI,CAAC,CAAA;QACzB,CAAC;IACH,CAAC;IACD,OAAO,KAAK,CAAA;AACd,CAAC,CAAA;AAED;;;GAGG;AACH,MAAM,OAAO,GAAG,KAAK,EAAE,KAAkB,EAAE,EAAE;IAC3C,KAAK,MAAM,IAAI,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;QACvC,IAAI,IAAI,CAAC,EAAE,EAAE,CAAC;YACZ,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,MAAM,CAAC,IAAI,CAAC,CAAA;QAClC,CAAC;IACH,CAAC;IACD,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,KAAK,EAAE,CAAA;IAC3B,OAAO,KAAK,CAAA;AACd,CAAC,CAAA;AAED;;;;GAIG;AACH,MAAM,GAAG,GAAG,KAAK,EAAE,KAAkB,EAAE,EAAE;IACvC,MAAM,GAAG,GAAG,yBAAyB,CAAC,KAAK,CAAC,OAAO,CAAC,CAAA;IACpD,MAAM,OAAO,GAAG,IAAI,GAAG,EAAE,CAAA;IACzB,KAAK,MAAM,IAAI,IAAI,GAAG,CAAC,KAAK,EAAE,CAAC;QAC7B,IAAI,cAAc,CAAC,IAAI,CAAC,EAAE,CAAC;YACzB,MAAM,WAAW,GAAG,MAAM,KAAK,CAAC,IAAI,CAAC;gBACnC,WAAW,EAAE,KAAK,CAAC,WAAW;gBAC9B,OAAO,EAAE;oBACP,KAAK,EAAE,IAAI,GAAG,EAAE;oBAChB,KAAK,EAAE,IAAI,GAAG,EAAE;iBACjB;gBACD,OAAO,EAAE,IAAI;gBACb,OAAO,EAAE,KAAK,CAAC,OAAO;gBACtB,OAAO,EAAE;oBACP,KAAK,EAAE,IAAI,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC;oBACnC,KAAK,EAAE,IAAI,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC;iBACpC;gBACD,IAAI,EAAE,KAAK,CAAC,IAAI;gBAChB,eAAe,EAAE,KAAK,CAAC,eAAe;gBACtC,WAAW,EAAE,KAAK,CAAC,WAAW;aAC/B,CAAC,CAAA;YACF,KAAK,MAAM,CAAC,IAAI,WAAW,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;gBAC1C,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,CAAA;YAChB,CAAC;YACD,4CAA4C;QAC9C,CAAC;aAAM,CAAC;YACN,MAAM,KAAK,CAAC,gCAAgC,EAAE;gBAC5C,MAAM,EAAE,EAAE,IAAI,EAAE,UAAU,EAAE;gBAC5B,KAAK,EAAE,IAAI;aACZ,CAAC,CAAA;QACJ,CAAC;QACD,oBAAoB;IACtB,CAAC;IACD,KAAK,MAAM,IAAI,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;QACvC,IAAI,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC;YACtB,UAAU,CAAC,KAAK,EAAE,IAAI,CAAC,CAAA;QACzB,CAAC;IACH,CAAC;IACD,OAAO,KAAK,CAAA;AACd,CAAC,CAAA;AAED;;;GAGG;AACH,MAAM,SAAS,GAAG,KAAK,EAAE,KAAkB,EAAE,EAAE;IAC7C,KAAK,MAAM,IAAI,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;QACvC,IAAI,CAAC,IAAI,CAAC,QAAQ,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,OAAO,EAAE,CAAC;YACzD,UAAU,CAAC,KAAK,EAAE,IAAI,CAAC,CAAA;QACzB,CAAC;IACH,CAAC;IAED,mBAAmB,CAAC,KAAK,CAAC,CAAA;IAE1B,OAAO,KAAK,CAAA;AACd,CAAC,CAAA;AAED;;GAEG;AACH,MAAM,IAAI,GAAG,KAAK,EAAE,KAAkB,EAAE,EAAE;IACxC,MAAM,CAAC,OAAO,CAAC,GAAG,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,MAAM,EAAE,CAAA;IAC9C,MAAM,YAAY,GAAG,OAAO,EAAE,KAAK,CAAC,YAAY,CAAA;IAChD,IAAI,CAAC,YAAY,EAAE,CAAC;QAClB,MAAM,KAAK,CAAC,iDAAiD,CAAC,CAAA;IAChE,CAAC;IACD,KAAK,MAAM,IAAI,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;QACvC,IAAI,IAAI,CAAC,EAAE,KAAK,YAAY,EAAE,CAAC;YAC7B,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,MAAM,CAAC,IAAI,CAAC,CAAA;QAClC,CAAC;IACH,CAAC;IACD,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,KAAK,EAAE,CAAA;IAC3B,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,YAAY,CAAC,CAAA;IACrC,OAAO,KAAK,CAAA;AACd,CAAC,CAAA;AAED;;;GAGG;AACH,MAAM,OAAO,GAAG,KAAK,EAAE,KAAkB,EAAE,EAAE;IAC3C,MAAM,CAAC,OAAO,CAAC,GAAG,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,MAAM,EAAE,CAAA;IAC9C,MAAM,SAAS,GAAG,OAAO,EAAE,KAAK,CAAC,SAAS,CAAA;IAC1C,IAAI,CAAC,SAAS,EAAE,IAAI,EAAE,CAAC;QACrB,MAAM,KAAK,CAAC,oDAAoD,CAAC,CAAA;IACnE,CAAC;IAED,0DAA0D;IAC1D,0DAA0D;IAC1D,gCAAgC;IAChC,MAAM,gBAAgB,GAAG,IAAI,GAAG,EAAY,CAAA;IAC5C,KAAK,MAAM,QAAQ,IAAI,SAAS,EAAE,CAAC;QACjC,KAAK,MAAM,IAAI,IAAI,QAAQ,CAAC,OAAO,EAAE,CAAC;YACpC,gBAAgB,CAAC,GAAG,CAAC,IAAI,CAAC,CAAA;QAC5B,CAAC;IACH,CAAC;IAED,KAAK,MAAM,IAAI,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;QACvC,IAAI,CAAC,IAAI,CAAC,EAAE,IAAI,CAAC,gBAAgB,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC;YAC5C,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,MAAM,CAAC,IAAI,CAAC,CAAA;QAClC,CAAC;IACH,CAAC;IACD,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,KAAK,EAAE,CAAA;IAC3B,KAAK,MAAM,QAAQ,IAAI,SAAS,EAAE,CAAC;QACjC,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAA;IACnC,CAAC;IACD,OAAO,KAAK,CAAA;AACd,CAAC,CAAA;AAED;;;GAGG;AACH,MAAM,KAAK,GAAG,KAAK,EAAE,KAAkB,EAAE,EAAE;IACzC,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,KAAK,EAAE,CAAA;IAC3B,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,KAAK,EAAE,CAAA;IAC3B,KAAK,MAAM,IAAI,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;QACvC,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC,CAAA;IAC/B,CAAC;IACD,KAAK,MAAM,IAAI,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;QACvC,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC,CAAA;IAC/B,CAAC;IACD,OAAO,KAAK,CAAA;AACd,CAAC,CAAA;AAED;;;GAGG;AACH,MAAM,MAAM,GAAG,KAAK,EAAE,KAAkB,EAAE,EAAE;IAC1C,MAAM,IAAI,GAAG,yBAAyB,CAAC,KAAK,CAAC,OAAO,CAAC,CAAA;IACrD,MAAM,QAAQ,GAAG,yBAAyB,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAA;IACzD,MAAM,IAAI,GAAG,SAAS,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAA;IAC/C,KAAK,MAAM,IAAI,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;QACvC,MAAM,QAAQ,GAAG,UAAU,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAA;QACvC,IAAI,QAAQ,KAAK,IAAI,EAAE,CAAC;YACtB,UAAU,CAAC,KAAK,EAAE,IAAI,CAAC,CAAA;QACzB,CAAC;IACH,CAAC;IACD,OAAO,KAAK,CAAA;AACd,CAAC,CAAA;AAED,MAAM,eAAe,GAAG,IAAI,GAAG,CAC7B,MAAM,CAAC,OAAO,CAAC;IACb,SAAS;IACT,IAAI;IACJ,QAAQ;IACR,GAAG;IACH,GAAG;IACH,KAAK;IACL,UAAU;IACV,OAAO;IACP,IAAI,EAAE,UAAU;IAChB,KAAK;IACL,QAAQ;IACR,GAAG;IACH,EAAE;IACF,GAAG;IACH,EAAE;IACF,aAAa;IACb,OAAO;IACP,OAAO;IACP,QAAQ;IACR,OAAO;IACP,MAAM,EAAE,YAAY;IACpB,OAAO;IACP,GAAG;IACH,UAAU;IACV,QAAQ;IACR,mBAAmB;IACnB,OAAO,EAAE,SAAS;IAClB,OAAO;IACP,IAAI;IACJ,KAAK;IACL,OAAO;IACP,MAAM;IACN,GAAG,EAAE,QAAQ;IACb,QAAQ;IACR,KAAK;IACL,UAAU;IACV,KAAK;IACL,UAAU;IACV,OAAO;IACP,OAAO;IACP,IAAI,EAAE,MAAM;IACZ,WAAW;IACX,OAAO;IACP,YAAY;IACZ,SAAS;IACT,QAAQ;CACT,CAAC,CACH,CAAA;AAED;;GAEG;AACH,MAAM,CAAC,MAAM,MAAM,GAAG,KAAK,EAAE,KAAkB,EAAE,EAAE;IACjD,MAAM,KAAK,CAAC,WAAW,EAAE,CAAA;IAEzB,MAAM,IAAI,GAAG,YAAY,CAAC,KAAK,CAAC,OAAO,CAAC,CAAA;IACxC,MAAM,QAAQ,GACZ,IAAI,CAAC,KAAK,IAAI,eAAe,CAAC,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAA;IAExD,IAAI,CAAC,QAAQ,EAAE,CAAC;QACd,IAAI,KAAK,CAAC,KAAK,EAAE,CAAC;YAChB,OAAO,KAAK,CAAA;QACd,CAAC;QAED,MAAM,IAAI,KAAK,CACb,6BAA6B,KAAK,CAAC,OAAO,CAAC,KAAK,EAAE,CACnD,CAAA;IACH,CAAC;IACD,OAAO,QAAQ,CAAC,KAAK,CAAC,CAAA;AACxB,CAAC,CAAA","sourcesContent":["import { splitDepID } from '@vltpkg/dep-id/browser'\nimport { error } from '@vltpkg/error-cause'\nimport type { EdgeLike, NodeLike } from '@vltpkg/graph'\nimport { asManifest } from '@vltpkg/types'\n\nimport { removeDanglingEdges, removeNode } from './pseudo/helpers.ts'\nimport {\n  asPostcssNodeWithChildren,\n  asPseudoNode,\n  asTagNode,\n  isSelectorNode,\n} from './types.ts'\nimport type { ParserFn, ParserState } from './types.ts'\n\n// imported pseudo selectors\nimport { abandoned } from './pseudo/abandoned.ts'\nimport { attr } from './pseudo/attr.ts'\nimport { confused } from './pseudo/confused.ts'\nimport { cve } from './pseudo/cve.ts'\nimport { cwe } from './pseudo/cwe.ts'\nimport { debug } from './pseudo/debug.ts'\nimport { deprecated } from './pseudo/deprecated.ts'\nimport { dynamic } from './pseudo/dynamic.ts'\nimport { entropic } from './pseudo/entropic.ts'\nimport { env } from './pseudo/env.ts'\nimport { evalParser } from './pseudo/eval.ts'\nimport { fs } from './pseudo/fs.ts'\nimport { license } from './pseudo/license.ts'\nimport { malware } from './pseudo/malware.ts'\nimport { minified } from './pseudo/minified.ts'\nimport { nativeParser } from './pseudo/native.ts'\nimport { network } from './pseudo/network.ts'\nimport { obfuscated } from './pseudo/obfuscated.ts'\nimport { outdated } from './pseudo/outdated.ts'\nimport { scripts } from './pseudo/scripts.ts'\nimport { shell } from './pseudo/shell.ts'\nimport { semverParser as semver } from './pseudo/semver.ts'\nimport { severity } from './pseudo/severity.ts'\nimport { shrinkwrap } from './pseudo/shrinkwrap.ts'\nimport { squat } from './pseudo/squat.ts'\nimport { suspicious } from './pseudo/suspicious.ts'\nimport { tracker } from './pseudo/tracker.ts'\nimport { trivial } from './pseudo/trivial.ts'\nimport { undesirable } from './pseudo/undesirable.ts'\nimport { unknown } from './pseudo/unknown.ts'\nimport { unmaintained } from './pseudo/unmaintained.ts'\nimport { unpopular } from './pseudo/unpopular.ts'\nimport { unstable } from './pseudo/unstable.ts'\n\n/**\n * :empty Pseudo-Selector, matches only nodes that have no children.\n */\nconst empty = async (state: ParserState) => {\n  for (const node of state.partial.nodes) {\n    if (node.edgesOut.size > 0) {\n      removeNode(state, node)\n    }\n  }\n  return state\n}\n\n/**\n * :has Pseudo-Selector, matches only nodes that have valid results\n * for its nested selector expressions.\n */\nconst has = async (state: ParserState) => {\n  const top = asPostcssNodeWithChildren(state.current)\n  const collectNodes = new Set<NodeLike>()\n  const collectEdges = new Set<EdgeLike>()\n\n  for (const node of top.nodes) {\n    if (isSelectorNode(node)) {\n      const nestedState = await state.walk({\n        cancellable: state.cancellable,\n        initial: {\n          edges: new Set(state.initial.edges),\n          nodes: new Set(state.initial.nodes),\n        },\n        current: node,\n        walk: state.walk,\n        collect: {\n          edges: new Set(),\n          nodes: new Set(),\n        },\n        partial: {\n          edges: new Set(state.partial.edges),\n          nodes: new Set(state.partial.nodes),\n        },\n        securityArchive: state.securityArchive,\n        specOptions: state.specOptions,\n      })\n      for (const n of nestedState.collect.nodes) {\n        collectNodes.add(n)\n      }\n      for (const e of nestedState.partial.edges) {\n        collectEdges.add(e)\n      }\n    }\n  }\n\n  // if the nested selector did not match anything, that means\n  // no current node has any matches\n  if (collectNodes.size === 0) {\n    state.partial.edges.clear()\n    state.partial.nodes.clear()\n    return state\n  }\n\n  // handles transitive dependencies\n  // compareNodes collects a list of all ancestor nodes\n  // from the resulting nodes of the nested selector\n  const compareNodes = new Set<NodeLike>()\n  const traverse = new Set(collectNodes)\n  for (const node of traverse) {\n    for (const edge of node.edgesIn) {\n      compareNodes.add(edge.from)\n      if (edge.from.edgesIn.size) {\n        traverse.add(edge.from)\n      }\n    }\n  }\n\n  // for each node in the current list checks to see if\n  // it has a node in the resulting nested state that is\n  // a transitive dependency / children.\n  nodesLoop: for (const node of state.partial.nodes) {\n    if (node.edgesOut.size === 0 || !compareNodes.has(node)) {\n      removeNode(state, node)\n      continue\n    }\n\n    for (const edge of node.edgesOut.values()) {\n      if (collectEdges.has(edge)) {\n        continue nodesLoop\n      }\n    }\n    removeNode(state, node)\n  }\n\n  removeDanglingEdges(state)\n\n  return state\n}\n\n/**\n * :is Pseudo-selector, acts as a shortcut for writing more compact expressions\n * by allowing multiple nested selectors to match on the previous results.\n *\n * It also enables the loose parsing mode, skipping instead of erroring usage\n * of non-existing classes, identifiers, pseudo-classes, etc.\n */\nconst is = async (state: ParserState) => {\n  const top = asPostcssNodeWithChildren(state.current)\n  const collect = new Set()\n  for (const node of top.nodes) {\n    if (isSelectorNode(node)) {\n      const nestedState = await state.walk({\n        cancellable: state.cancellable,\n        collect: {\n          edges: new Set(),\n          nodes: new Set(),\n        },\n        current: node,\n        initial: state.initial,\n        loose: true,\n        partial: {\n          nodes: new Set(state.partial.nodes),\n          edges: new Set(state.partial.edges),\n        },\n        walk: state.walk,\n        securityArchive: state.securityArchive,\n        specOptions: state.specOptions,\n      })\n      for (const n of nestedState.collect.nodes) {\n        collect.add(n)\n      }\n    }\n  }\n  for (const node of state.partial.nodes) {\n    if (!collect.has(node)) {\n      removeNode(state, node)\n    }\n  }\n  return state\n}\n\n/**\n * :missing Pseudo-Selector, matches only\n * edges that are not linked to any node.\n */\nconst missing = async (state: ParserState) => {\n  for (const edge of state.partial.edges) {\n    if (edge.to) {\n      state.partial.edges.delete(edge)\n    }\n  }\n  state.partial.nodes.clear()\n  return state\n}\n\n/**\n * :not Pseudo-class, serves to create negate expressions, anything that\n * matches selectors declared inside the `:not()` expression is going to be\n * filtered out in the final result.\n */\nconst not = async (state: ParserState) => {\n  const top = asPostcssNodeWithChildren(state.current)\n  const collect = new Set()\n  for (const node of top.nodes) {\n    if (isSelectorNode(node)) {\n      const nestedState = await state.walk({\n        cancellable: state.cancellable,\n        collect: {\n          edges: new Set(),\n          nodes: new Set(),\n        },\n        current: node,\n        initial: state.initial,\n        partial: {\n          nodes: new Set(state.partial.nodes),\n          edges: new Set(state.partial.edges),\n        },\n        walk: state.walk,\n        securityArchive: state.securityArchive,\n        specOptions: state.specOptions,\n      })\n      for (const n of nestedState.collect.nodes) {\n        collect.add(n)\n      }\n      /* c8 ignore start - should be impossible */\n    } else {\n      throw error('Error parsing :not() selectors', {\n        wanted: { type: 'selector' },\n        found: node,\n      })\n    }\n    /* c8 ignore stop */\n  }\n  for (const node of state.partial.nodes) {\n    if (collect.has(node)) {\n      removeNode(state, node)\n    }\n  }\n  return state\n}\n\n/**\n * :private Pseudo-Selector will only match packages that have\n * a `private: true` key set in their `package.json` metadata.\n */\nconst privateFn = async (state: ParserState) => {\n  for (const node of state.partial.nodes) {\n    if (!node.manifest || !asManifest(node.manifest).private) {\n      removeNode(state, node)\n    }\n  }\n\n  removeDanglingEdges(state)\n\n  return state\n}\n\n/**\n * :root Pseudo-Element will return the project root node for the graph.\n */\nconst root = async (state: ParserState) => {\n  const [anyNode] = state.initial.nodes.values()\n  const mainImporter = anyNode?.graph.mainImporter\n  if (!mainImporter) {\n    throw error(':root pseudo-element works on local graphs only')\n  }\n  for (const edge of state.partial.edges) {\n    if (edge.to !== mainImporter) {\n      state.partial.edges.delete(edge)\n    }\n  }\n  state.partial.nodes.clear()\n  state.partial.nodes.add(mainImporter)\n  return state\n}\n\n/**\n * :project Pseudo-Element, returns all graph importers (e.g: the\n * root node along with any configured workspace)\n */\nconst project = async (state: ParserState) => {\n  const [anyNode] = state.initial.nodes.values()\n  const importers = anyNode?.graph.importers\n  if (!importers?.size) {\n    throw error(':project pseudo-element works on local graphs only')\n  }\n\n  // make a list of all edges that are coming from importers\n  // so that we can filter out any edges that are not direct\n  // dependencies of the importers\n  const importersEdgesIn = new Set<EdgeLike>()\n  for (const importer of importers) {\n    for (const edge of importer.edgesIn) {\n      importersEdgesIn.add(edge)\n    }\n  }\n\n  for (const edge of state.partial.edges) {\n    if (!edge.to || !importersEdgesIn.has(edge)) {\n      state.partial.edges.delete(edge)\n    }\n  }\n  state.partial.nodes.clear()\n  for (const importer of importers) {\n    state.partial.nodes.add(importer)\n  }\n  return state\n}\n\n/**\n * :scope Pseudo-Element, returns the original scope of items\n * at the start of a given selector.\n */\nconst scope = async (state: ParserState) => {\n  state.partial.edges.clear()\n  state.partial.nodes.clear()\n  for (const edge of state.initial.edges) {\n    state.partial.edges.add(edge)\n  }\n  for (const node of state.initial.nodes) {\n    state.partial.nodes.add(node)\n  }\n  return state\n}\n\n/**\n * :type(str) Pseudo-Element will match only nodes that are of\n * the same type as the value used\n */\nconst typeFn = async (state: ParserState) => {\n  const type = asPostcssNodeWithChildren(state.current)\n  const selector = asPostcssNodeWithChildren(type.nodes[0])\n  const name = asTagNode(selector.nodes[0]).value\n  for (const node of state.partial.nodes) {\n    const nodeType = splitDepID(node.id)[0]\n    if (nodeType !== name) {\n      removeNode(state, node)\n    }\n  }\n  return state\n}\n\nconst pseudoSelectors = new Map<string, ParserFn>(\n  Object.entries({\n    abandoned,\n    attr,\n    confused,\n    cve,\n    cwe,\n    debug,\n    deprecated,\n    dynamic,\n    eval: evalParser,\n    empty,\n    entropic,\n    env,\n    fs,\n    has,\n    is,\n    // TODO: link\n    license,\n    malware,\n    minified,\n    missing,\n    native: nativeParser,\n    network,\n    not,\n    obfuscated,\n    outdated,\n    // TODO: overridden\n    private: privateFn,\n    project,\n    root,\n    scope,\n    scripts,\n    semver,\n    sev: severity,\n    severity,\n    shell,\n    shrinkwrap,\n    squat,\n    suspicious,\n    tracker,\n    trivial,\n    type: typeFn,\n    undesirable,\n    unknown,\n    unmaintained,\n    unpopular,\n    unstable,\n  }),\n)\n\n/**\n * Parsers the `pseudo` node types.\n */\nexport const pseudo = async (state: ParserState) => {\n  await state.cancellable()\n\n  const curr = asPseudoNode(state.current)\n  const parserFn =\n    curr.value && pseudoSelectors.get(curr.value.slice(1))\n\n  if (!parserFn) {\n    if (state.loose) {\n      return state\n    }\n\n    throw new Error(\n      `Unsupported pseudo-class: ${state.current.value}`,\n    )\n  }\n  return parserFn(state)\n}\n"]}

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@vltpkg/query",
   "description": "Query syntax parser that retrieves items from a graph",
-  "version": "0.0.0-6",
+  "version": "0.0.0-7",
   "repository": {
     "type": "git",
     "url": "git+https://github.com/vltpkg/vltpkg.git",
@@ -20,12 +20,12 @@
   },
   "dependencies": {
     "postcss-selector-parser": "^6.1.2",
-    "@vltpkg/dep-id": "0.0.0-6",
-    "@vltpkg/error-cause": "0.0.0-6",
-    "@vltpkg/graph": "0.0.0-6",
-    "@vltpkg/security-archive": "0.0.0-6",
-    "@vltpkg/semver": "0.0.0-6",
-    "@vltpkg/types": "0.0.0-6"
+    "@vltpkg/dep-id": "0.0.0-7",
+    "@vltpkg/error-cause": "0.0.0-7",
+    "@vltpkg/graph": "0.0.0-7",
+    "@vltpkg/security-archive": "0.0.0-7",
+    "@vltpkg/semver": "0.0.0-7",
+    "@vltpkg/types": "0.0.0-7"
   },
   "devDependencies": {
     "@eslint/js": "^9.20.0",
@@ -38,7 +38,7 @@
     "typedoc": "0.27.6",
     "typescript": "5.7.3",
     "typescript-eslint": "^8.23.0",
-    "@vltpkg/spec": "0.0.0-6"
+    "@vltpkg/spec": "0.0.0-7"
   },
   "license": "BSD-2-Clause-Patent",
   "engines": {