@vltpkg/query 0.0.0-6 → 0.0.0-8

package/dist/esm/pseudo/entropic.d.ts

@@ -1,5 +1,7 @@
 /**
  * Filters out any node that does not have a **highEntropyStrings** report alert.
  */
-export declare const entropic: (state: import("../types.ts").ParserState) => Promise<import("../types.ts").ParserState>;
+export declare const entropic: (state: import("../types.ts").ParserState) => Promise<import("../types.ts").ParserState & {
+    securityArchive: NonNullable<import("../types.ts").ParserState["securityArchive"]>;
+}>;
 //# sourceMappingURL=entropic.d.ts.map

package/dist/esm/pseudo/entropic.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"entropic.d.ts","sourceRoot":"","sources":["../../../src/pseudo/entropic.ts"],"names":[],"mappings":"AAEA;;GAEG;AACH,eAAO,MAAM,QAAQ,0FAGpB,CAAA"}
+{"version":3,"file":"entropic.d.ts","sourceRoot":"","sources":["../../../src/pseudo/entropic.ts"],"names":[],"mappings":"AAEA;;GAEG;AACH,eAAO,MAAM,QAAQ;;EAGpB,CAAA"}

package/dist/esm/pseudo/env.d.ts

@@ -1,5 +1,7 @@
 /**
  * Filters out any node that does not have a **envVars** report alert.
  */
-export declare const env: (state: import("../types.ts").ParserState) => Promise<import("../types.ts").ParserState>;
+export declare const env: (state: import("../types.ts").ParserState) => Promise<import("../types.ts").ParserState & {
+    securityArchive: NonNullable<import("../types.ts").ParserState["securityArchive"]>;
+}>;
 //# sourceMappingURL=env.d.ts.map

package/dist/esm/pseudo/env.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"env.d.ts","sourceRoot":"","sources":["../../../src/pseudo/env.ts"],"names":[],"mappings":"AAEA;;GAEG;AACH,eAAO,MAAM,GAAG,0FAAiD,CAAA"}
+{"version":3,"file":"env.d.ts","sourceRoot":"","sources":["../../../src/pseudo/env.ts"],"names":[],"mappings":"AAEA;;GAEG;AACH,eAAO,MAAM,GAAG;;EAAiD,CAAA"}

package/dist/esm/pseudo/eval.d.ts

@@ -1,5 +1,7 @@
 /**
  * Filters out any node that does not have a **usesEval** report alert.
  */
-export declare const evalParser: (state: import("../types.ts").ParserState) => Promise<import("../types.ts").ParserState>;
+export declare const evalParser: (state: import("../types.ts").ParserState) => Promise<import("../types.ts").ParserState & {
+    securityArchive: NonNullable<import("../types.ts").ParserState["securityArchive"]>;
+}>;
 //# sourceMappingURL=eval.d.ts.map

package/dist/esm/pseudo/eval.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"eval.d.ts","sourceRoot":"","sources":["../../../src/pseudo/eval.ts"],"names":[],"mappings":"AAEA;;GAEG;AACH,eAAO,MAAM,UAAU,0FAGtB,CAAA"}
+{"version":3,"file":"eval.d.ts","sourceRoot":"","sources":["../../../src/pseudo/eval.ts"],"names":[],"mappings":"AAEA;;GAEG;AACH,eAAO,MAAM,UAAU;;EAGtB,CAAA"}

package/dist/esm/pseudo/fs.d.ts

@@ -1,5 +1,7 @@
 /**
  * Filters out any node that does not have a **filesystemAccess** report alert.
  */
-export declare const fs: (state: import("../types.ts").ParserState) => Promise<import("../types.ts").ParserState>;
+export declare const fs: (state: import("../types.ts").ParserState) => Promise<import("../types.ts").ParserState & {
+    securityArchive: NonNullable<import("../types.ts").ParserState["securityArchive"]>;
+}>;
 //# sourceMappingURL=fs.d.ts.map

package/dist/esm/pseudo/fs.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"fs.d.ts","sourceRoot":"","sources":["../../../src/pseudo/fs.ts"],"names":[],"mappings":"AAEA;;GAEG;AACH,eAAO,MAAM,EAAE,0FAGd,CAAA"}
+{"version":3,"file":"fs.d.ts","sourceRoot":"","sources":["../../../src/pseudo/fs.ts"],"names":[],"mappings":"AAEA;;GAEG;AACH,eAAO,MAAM,EAAE;;EAGd,CAAA"}

package/dist/esm/pseudo/helpers.d.ts

@@ -12,8 +12,16 @@ export declare const removeDanglingEdges: (state: ParserState) => void;
  * Removes quotes from a string value.
  */
 export declare const removeQuotes: (value: string) => string;
+/**
+ * Asserts that the security archive is present.
+ */
+export declare const assertSecurityArchive: (state: ParserState, name: string) => asserts state is ParserState & {
+    securityArchive: NonNullable<ParserState['securityArchive']>;
+};
 /**
  * Reusable security selector alert filter.
  */
-export declare const createSecuritySelectorFilter: (name: string, type: string) => (state: ParserState) => Promise<ParserState>;
+export declare const createSecuritySelectorFilter: (name: string, type: string) => (state: ParserState) => Promise<ParserState & {
+    securityArchive: NonNullable<ParserState["securityArchive"]>;
+}>;
 //# sourceMappingURL=helpers.d.ts.map

package/dist/esm/pseudo/helpers.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"helpers.d.ts","sourceRoot":"","sources":["../../../src/pseudo/helpers.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,eAAe,CAAA;AAC7C,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,aAAa,CAAA;AAE9C;;GAEG;AACH,eAAO,MAAM,UAAU,UAAW,WAAW,QAAQ,QAAQ,SAK5D,CAAA;AAED;;GAEG;AACH,eAAO,MAAM,mBAAmB,UAAW,WAAW,SAMrD,CAAA;AAED;;GAEG;AACH,eAAO,MAAM,YAAY,UAAW,MAAM,WACR,CAAA;AAElC;;GAEG;AACH,eAAO,MAAM,4BAA4B,SACjC,MAAM,QACN,MAAM,aAES,WAAW,yBAqBjC,CAAA"}
+{"version":3,"file":"helpers.d.ts","sourceRoot":"","sources":["../../../src/pseudo/helpers.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,eAAe,CAAA;AAC7C,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,aAAa,CAAA;AAG9C;;GAEG;AACH,eAAO,MAAM,UAAU,UAAW,WAAW,QAAQ,QAAQ,SAK5D,CAAA;AAED;;GAEG;AACH,eAAO,MAAM,mBAAmB,UAAW,WAAW,SAMrD,CAAA;AAED;;GAEG;AACH,eAAO,MAAM,YAAY,UAAW,MAAM,WACR,CAAA;AAElC;;GAEG;AACH,eAAO,MAAM,qBAAqB,EAAE,CAClC,KAAK,EAAE,WAAW,EAClB,IAAI,EAAE,MAAM,KACT,OAAO,CAAC,KAAK,IAAI,WAAW,GAAG;IAClC,eAAe,EAAE,WAAW,CAAC,WAAW,CAAC,iBAAiB,CAAC,CAAC,CAAA;CAQ7D,CAAA;AAED;;GAEG;AACH,eAAO,MAAM,4BAA4B,SACjC,MAAM,QACN,MAAM,aAES,WAAW;qBAjBf,WAAW,CAAC,WAAW,CAAC,iBAAiB,CAAC,CAAC;EAkC7D,CAAA"}

package/dist/esm/pseudo/helpers.js

@@ -1,3 +1,4 @@
+import { error } from '@vltpkg/error-cause';
 /**
  * Removes a node and its incoming edges from the results.
  */
@@ -21,14 +22,20 @@ export const removeDanglingEdges = (state) => {
  * Removes quotes from a string value.
  */
 export const removeQuotes = (value) => value.replace(/^"(.*?)"$/, '$1');
+/**
+ * Asserts that the security archive is present.
+ */
+export const assertSecurityArchive = (state, name) => {
+    if (!state.securityArchive) {
+        throw error(`Missing security archive while trying to parse the :${name} selector`, { found: state });
+    }
+};
 /**
  * Reusable security selector alert filter.
  */
 export const createSecuritySelectorFilter = (name, type) => {
     return async (state) => {
-        if (!state.securityArchive) {
-            throw new Error(`Missing security archive while trying to parse the :${name} security selector`);
-        }
+        assertSecurityArchive(state, name);
         for (const node of state.partial.nodes) {
             const report = state.securityArchive.get(node.id);
             const exclude = !report?.alerts.some(alert => alert.type === type);

package/dist/esm/pseudo/helpers.js.map

@@ -1 +1 @@
-{"version":3,"file":"helpers.js","sourceRoot":"","sources":["../../../src/pseudo/helpers.ts"],"names":[],"mappings":"AAGA;;GAEG;AACH,MAAM,CAAC,MAAM,UAAU,GAAG,CAAC,KAAkB,EAAE,IAAc,EAAE,EAAE;IAC/D,KAAK,MAAM,IAAI,IAAI,IAAI,CAAC,OAAO,EAAE,CAAC;QAChC,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,MAAM,CAAC,IAAI,CAAC,CAAA;IAClC,CAAC;IACD,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,MAAM,CAAC,IAAI,CAAC,CAAA;AAClC,CAAC,CAAA;AAED;;GAEG;AACH,MAAM,CAAC,MAAM,mBAAmB,GAAG,CAAC,KAAkB,EAAE,EAAE;IACxD,KAAK,MAAM,IAAI,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;QACvC,IAAI,CAAC,IAAI,CAAC,EAAE,EAAE,CAAC;YACb,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,MAAM,CAAC,IAAI,CAAC,CAAA;QAClC,CAAC;IACH,CAAC;AACH,CAAC,CAAA;AAED;;GAEG;AACH,MAAM,CAAC,MAAM,YAAY,GAAG,CAAC,KAAa,EAAE,EAAE,CAC5C,KAAK,CAAC,OAAO,CAAC,WAAW,EAAE,IAAI,CAAC,CAAA;AAElC;;GAEG;AACH,MAAM,CAAC,MAAM,4BAA4B,GAAG,CAC1C,IAAY,EACZ,IAAY,EACZ,EAAE;IACF,OAAO,KAAK,EAAE,KAAkB,EAAE,EAAE;QAClC,IAAI,CAAC,KAAK,CAAC,eAAe,EAAE,CAAC;YAC3B,MAAM,IAAI,KAAK,CACb,uDAAuD,IAAI,oBAAoB,CAChF,CAAA;QACH,CAAC;QAED,KAAK,MAAM,IAAI,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;YACvC,MAAM,MAAM,GAAG,KAAK,CAAC,eAAe,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,CAAA;YACjD,MAAM,OAAO,GAAG,CAAC,MAAM,EAAE,MAAM,CAAC,IAAI,CAClC,KAAK,CAAC,EAAE,CAAC,KAAK,CAAC,IAAI,KAAK,IAAI,CAC7B,CAAA;YACD,IAAI,OAAO,EAAE,CAAC;gBACZ,UAAU,CAAC,KAAK,EAAE,IAAI,CAAC,CAAA;YACzB,CAAC;QACH,CAAC;QAED,mBAAmB,CAAC,KAAK,CAAC,CAAA;QAE1B,OAAO,KAAK,CAAA;IACd,CAAC,CAAA;AACH,CAAC,CAAA","sourcesContent":["import type { NodeLike } from '@vltpkg/graph'\nimport type { ParserState } from '../types.js'\n\n/**\n * Removes a node and its incoming edges from the results.\n */\nexport const removeNode = (state: ParserState, node: NodeLike) => {\n  for (const edge of node.edgesIn) {\n    state.partial.edges.delete(edge)\n  }\n  state.partial.nodes.delete(node)\n}\n\n/**\n * Removes any edges that have no destination node from the results.\n */\nexport const removeDanglingEdges = (state: ParserState) => {\n  for (const edge of state.partial.edges) {\n    if (!edge.to) {\n      state.partial.edges.delete(edge)\n    }\n  }\n}\n\n/**\n * Removes quotes from a string value.\n */\nexport const removeQuotes = (value: string) =>\n  value.replace(/^\"(.*?)\"$/, '$1')\n\n/**\n * Reusable security selector alert filter.\n */\nexport const createSecuritySelectorFilter = (\n  name: string,\n  type: string,\n) => {\n  return async (state: ParserState) => {\n    if (!state.securityArchive) {\n      throw new Error(\n        `Missing security archive while trying to parse the :${name} security selector`,\n      )\n    }\n\n    for (const node of state.partial.nodes) {\n      const report = state.securityArchive.get(node.id)\n      const exclude = !report?.alerts.some(\n        alert => alert.type === type,\n      )\n      if (exclude) {\n        removeNode(state, node)\n      }\n    }\n\n    removeDanglingEdges(state)\n\n    return state\n  }\n}\n"]}
+{"version":3,"file":"helpers.js","sourceRoot":"","sources":["../../../src/pseudo/helpers.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,KAAK,EAAE,MAAM,qBAAqB,CAAA;AAE3C;;GAEG;AACH,MAAM,CAAC,MAAM,UAAU,GAAG,CAAC,KAAkB,EAAE,IAAc,EAAE,EAAE;IAC/D,KAAK,MAAM,IAAI,IAAI,IAAI,CAAC,OAAO,EAAE,CAAC;QAChC,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,MAAM,CAAC,IAAI,CAAC,CAAA;IAClC,CAAC;IACD,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,MAAM,CAAC,IAAI,CAAC,CAAA;AAClC,CAAC,CAAA;AAED;;GAEG;AACH,MAAM,CAAC,MAAM,mBAAmB,GAAG,CAAC,KAAkB,EAAE,EAAE;IACxD,KAAK,MAAM,IAAI,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;QACvC,IAAI,CAAC,IAAI,CAAC,EAAE,EAAE,CAAC;YACb,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,MAAM,CAAC,IAAI,CAAC,CAAA;QAClC,CAAC;IACH,CAAC;AACH,CAAC,CAAA;AAED;;GAEG;AACH,MAAM,CAAC,MAAM,YAAY,GAAG,CAAC,KAAa,EAAE,EAAE,CAC5C,KAAK,CAAC,OAAO,CAAC,WAAW,EAAE,IAAI,CAAC,CAAA;AAElC;;GAEG;AACH,MAAM,CAAC,MAAM,qBAAqB,GAK9B,CAAC,KAAK,EAAE,IAAI,EAAE,EAAE;IAClB,IAAI,CAAC,KAAK,CAAC,eAAe,EAAE,CAAC;QAC3B,MAAM,KAAK,CACT,uDAAuD,IAAI,WAAW,EACtE,EAAE,KAAK,EAAE,KAAK,EAAE,CACjB,CAAA;IACH,CAAC;AACH,CAAC,CAAA;AAED;;GAEG;AACH,MAAM,CAAC,MAAM,4BAA4B,GAAG,CAC1C,IAAY,EACZ,IAAY,EACZ,EAAE;IACF,OAAO,KAAK,EAAE,KAAkB,EAAE,EAAE;QAClC,qBAAqB,CAAC,KAAK,EAAE,IAAI,CAAC,CAAA;QAElC,KAAK,MAAM,IAAI,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;YACvC,MAAM,MAAM,GAAG,KAAK,CAAC,eAAe,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,CAAA;YACjD,MAAM,OAAO,GAAG,CAAC,MAAM,EAAE,MAAM,CAAC,IAAI,CAClC,KAAK,CAAC,EAAE,CAAC,KAAK,CAAC,IAAI,KAAK,IAAI,CAC7B,CAAA;YACD,IAAI,OAAO,EAAE,CAAC;gBACZ,UAAU,CAAC,KAAK,EAAE,IAAI,CAAC,CAAA;YACzB,CAAC;QACH,CAAC;QAED,mBAAmB,CAAC,KAAK,CAAC,CAAA;QAE1B,OAAO,KAAK,CAAA;IACd,CAAC,CAAA;AACH,CAAC,CAAA","sourcesContent":["import type { NodeLike } from '@vltpkg/graph'\nimport type { ParserState } from '../types.js'\nimport { error } from '@vltpkg/error-cause'\n\n/**\n * Removes a node and its incoming edges from the results.\n */\nexport const removeNode = (state: ParserState, node: NodeLike) => {\n  for (const edge of node.edgesIn) {\n    state.partial.edges.delete(edge)\n  }\n  state.partial.nodes.delete(node)\n}\n\n/**\n * Removes any edges that have no destination node from the results.\n */\nexport const removeDanglingEdges = (state: ParserState) => {\n  for (const edge of state.partial.edges) {\n    if (!edge.to) {\n      state.partial.edges.delete(edge)\n    }\n  }\n}\n\n/**\n * Removes quotes from a string value.\n */\nexport const removeQuotes = (value: string) =>\n  value.replace(/^\"(.*?)\"$/, '$1')\n\n/**\n * Asserts that the security archive is present.\n */\nexport const assertSecurityArchive: (\n  state: ParserState,\n  name: string,\n) => asserts state is ParserState & {\n  securityArchive: NonNullable<ParserState['securityArchive']>\n} = (state, name) => {\n  if (!state.securityArchive) {\n    throw error(\n      `Missing security archive while trying to parse the :${name} selector`,\n      { found: state },\n    )\n  }\n}\n\n/**\n * Reusable security selector alert filter.\n */\nexport const createSecuritySelectorFilter = (\n  name: string,\n  type: string,\n) => {\n  return async (state: ParserState) => {\n    assertSecurityArchive(state, name)\n\n    for (const node of state.partial.nodes) {\n      const report = state.securityArchive.get(node.id)\n      const exclude = !report?.alerts.some(\n        alert => alert.type === type,\n      )\n      if (exclude) {\n        removeNode(state, node)\n      }\n    }\n\n    removeDanglingEdges(state)\n\n    return state\n  }\n}\n"]}

package/dist/esm/pseudo/license.d.ts

@@ -0,0 +1,12 @@
+import type { ParserState, PostcssNode } from '../types.ts';
+export type LicenseKinds = 'unlicensed' | 'misc' | 'restricted' | 'ambiguous' | 'copyleft' | 'unknown' | 'none' | 'exception' | undefined;
+export type LicenseAlertTypes = 'explicitlyUnlicensedItem' | 'miscLicenseIssues' | 'nonpermissiveLicense' | 'ambiguousClassifier' | 'copyleftLicense' | 'unidentifiedLicense' | 'noLicenseFound' | 'licenseException' | undefined;
+export declare const isLicenseKind: (value?: string) => value is LicenseKinds;
+export declare const asLicenseKind: (value?: string) => LicenseKinds;
+export declare const parseInternals: (nodes: PostcssNode[]) => {
+    kind: LicenseKinds;
+};
+export declare const license: (state: ParserState) => Promise<ParserState & {
+    securityArchive: NonNullable<ParserState["securityArchive"]>;
+}>;
+//# sourceMappingURL=license.d.ts.map

package/dist/esm/pseudo/license.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"license.d.ts","sourceRoot":"","sources":["../../../src/pseudo/license.ts"],"names":[],"mappings":"AAQA,OAAO,KAAK,EAAE,WAAW,EAAE,WAAW,EAAE,MAAM,aAAa,CAAA;AAQ3D,MAAM,MAAM,YAAY,GACpB,YAAY,GACZ,MAAM,GACN,YAAY,GACZ,WAAW,GACX,UAAU,GACV,SAAS,GACT,MAAM,GACN,WAAW,GACX,SAAS,CAAA;AAEb,MAAM,MAAM,iBAAiB,GACzB,0BAA0B,GAC1B,mBAAmB,GACnB,sBAAsB,GACtB,qBAAqB,GACrB,iBAAiB,GACjB,qBAAqB,GACrB,gBAAgB,GAChB,kBAAkB,GAClB,SAAS,CAAA;AAeb,eAAO,MAAM,aAAa,WAChB,MAAM,KACb,KAAK,IAAI,YAAgD,CAAA;AAE5D,eAAO,MAAM,aAAa,WAAY,MAAM,KAAG,YAQ9C,CAAA;AAED,eAAO,MAAM,cAAc,UAClB,WAAW,EAAE,KACnB;IAAE,IAAI,EAAE,YAAY,CAAA;CAmBtB,CAAA;AAED,eAAO,MAAM,OAAO,UAAiB,WAAW;;EA2B/C,CAAA"}

package/dist/esm/pseudo/license.js

@@ -0,0 +1,58 @@
+import { error } from '@vltpkg/error-cause';
+import { asPostcssNodeWithChildren, asStringNode, asTagNode, isStringNode, isTagNode, } from "../types.js";
+import { assertSecurityArchive, removeDanglingEdges, removeNode, removeQuotes, } from "./helpers.js";
+const kindsMap = new Map([
+    ['unlicensed', 'explicitlyUnlicensedItem'],
+    ['misc', 'miscLicenseIssues'],
+    ['restricted', 'nonpermissiveLicense'],
+    ['ambiguous', 'ambiguousClassifier'],
+    ['copyleft', 'copyleftLicense'],
+    ['unknown', 'unidentifiedLicense'],
+    ['none', 'noLicenseFound'],
+    ['exception', 'licenseException'],
+    [undefined, undefined],
+]);
+const kinds = new Set(kindsMap.keys());
+export const isLicenseKind = (value) => kinds.has(value);
+export const asLicenseKind = (value) => {
+    if (!isLicenseKind(value)) {
+        throw error('Expected a valid license kind', {
+            found: value,
+            validOptions: Array.from(kinds),
+        });
+    }
+    return value;
+};
+export const parseInternals = (nodes) => {
+    let kind;
+    if (isStringNode(asPostcssNodeWithChildren(nodes[0]).nodes[0])) {
+        kind = asLicenseKind(removeQuotes(asStringNode(asPostcssNodeWithChildren(nodes[0]).nodes[0])
+            .value));
+    }
+    else if (isTagNode(asPostcssNodeWithChildren(nodes[0]).nodes[0])) {
+        kind = asLicenseKind(asTagNode(asPostcssNodeWithChildren(nodes[0]).nodes[0]).value);
+    }
+    return { kind };
+};
+export const license = async (state) => {
+    assertSecurityArchive(state, 'license');
+    let internals;
+    try {
+        internals = parseInternals(asPostcssNodeWithChildren(state.current).nodes);
+    }
+    catch (err) {
+        throw error('Failed to parse :license selector', { cause: err });
+    }
+    const { kind } = internals;
+    const alertName = kindsMap.get(kind);
+    for (const node of state.partial.nodes) {
+        const report = state.securityArchive.get(node.id);
+        const exclude = !report?.alerts.some(alert => alert.type === alertName);
+        if (exclude) {
+            removeNode(state, node);
+        }
+    }
+    removeDanglingEdges(state);
+    return state;
+};
+//# sourceMappingURL=license.js.map

package/dist/esm/pseudo/license.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"license.js","sourceRoot":"","sources":["../../../src/pseudo/license.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,EAAE,MAAM,qBAAqB,CAAA;AAC3C,OAAO,EACL,yBAAyB,EACzB,YAAY,EACZ,SAAS,EACT,YAAY,EACZ,SAAS,GACV,MAAM,aAAa,CAAA;AAEpB,OAAO,EACL,qBAAqB,EACrB,mBAAmB,EACnB,UAAU,EACV,YAAY,GACb,MAAM,cAAc,CAAA;AAwBrB,MAAM,QAAQ,GAAG,IAAI,GAAG,CAAkC;IACxD,CAAC,YAAY,EAAE,0BAA0B,CAAC;IAC1C,CAAC,MAAM,EAAE,mBAAmB,CAAC;IAC7B,CAAC,YAAY,EAAE,sBAAsB,CAAC;IACtC,CAAC,WAAW,EAAE,qBAAqB,CAAC;IACpC,CAAC,UAAU,EAAE,iBAAiB,CAAC;IAC/B,CAAC,SAAS,EAAE,qBAAqB,CAAC;IAClC,CAAC,MAAM,EAAE,gBAAgB,CAAC;IAC1B,CAAC,WAAW,EAAE,kBAAkB,CAAC;IACjC,CAAC,SAAS,EAAE,SAAS,CAAC;CACvB,CAAC,CAAA;AACF,MAAM,KAAK,GAAG,IAAI,GAAG,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAC,CAAA;AAEtC,MAAM,CAAC,MAAM,aAAa,GAAG,CAC3B,KAAc,EACS,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,KAAqB,CAAC,CAAA;AAE5D,MAAM,CAAC,MAAM,aAAa,GAAG,CAAC,KAAc,EAAgB,EAAE;IAC5D,IAAI,CAAC,aAAa,CAAC,KAAK,CAAC,EAAE,CAAC;QAC1B,MAAM,KAAK,CAAC,+BAA+B,EAAE;YAC3C,KAAK,EAAE,KAAK;YACZ,YAAY,EAAE,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC;SAChC,CAAC,CAAA;IACJ,CAAC;IACD,OAAO,KAAK,CAAA;AACd,CAAC,CAAA;AAED,MAAM,CAAC,MAAM,cAAc,GAAG,CAC5B,KAAoB,EACI,EAAE;IAC1B,IAAI,IAAkB,CAAA;IAEtB,IAAI,YAAY,CAAC,yBAAyB,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;QAC/D,IAAI,GAAG,aAAa,CAClB,YAAY,CACV,YAAY,CAAC,yBAAyB,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;aACvD,KAAK,CACT,CACF,CAAA;IACH,CAAC;SAAM,IACL,SAAS,CAAC,yBAAyB,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,EACvD,CAAC;QACD,IAAI,GAAG,aAAa,CAClB,SAAS,CAAC,yBAAyB,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAC9D,CAAA;IACH,CAAC;IAED,OAAO,EAAE,IAAI,EAAE,CAAA;AACjB,CAAC,CAAA;AAED,MAAM,CAAC,MAAM,OAAO,GAAG,KAAK,EAAE,KAAkB,EAAE,EAAE;IAClD,qBAAqB,CAAC,KAAK,EAAE,SAAS,CAAC,CAAA;IAEvC,IAAI,SAAS,CAAA;IACb,IAAI,CAAC;QACH,SAAS,GAAG,cAAc,CACxB,yBAAyB,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,KAAK,CAC/C,CAAA;IACH,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,KAAK,CAAC,mCAAmC,EAAE,EAAE,KAAK,EAAE,GAAG,EAAE,CAAC,CAAA;IAClE,CAAC;IAED,MAAM,EAAE,IAAI,EAAE,GAAG,SAAS,CAAA;IAC1B,MAAM,SAAS,GAAG,QAAQ,CAAC,GAAG,CAAC,IAAI,CAAC,CAAA;IACpC,KAAK,MAAM,IAAI,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;QACvC,MAAM,MAAM,GAAG,KAAK,CAAC,eAAe,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,CAAA;QACjD,MAAM,OAAO,GAAG,CAAC,MAAM,EAAE,MAAM,CAAC,IAAI,CAClC,KAAK,CAAC,EAAE,CAAC,KAAK,CAAC,IAAI,KAAK,SAAS,CAClC,CAAA;QACD,IAAI,OAAO,EAAE,CAAC;YACZ,UAAU,CAAC,KAAK,EAAE,IAAI,CAAC,CAAA;QACzB,CAAC;IACH,CAAC;IAED,mBAAmB,CAAC,KAAK,CAAC,CAAA;IAE1B,OAAO,KAAK,CAAA;AACd,CAAC,CAAA","sourcesContent":["import { error } from '@vltpkg/error-cause'\nimport {\n  asPostcssNodeWithChildren,\n  asStringNode,\n  asTagNode,\n  isStringNode,\n  isTagNode,\n} from '../types.ts'\nimport type { ParserState, PostcssNode } from '../types.ts'\nimport {\n  assertSecurityArchive,\n  removeDanglingEdges,\n  removeNode,\n  removeQuotes,\n} from './helpers.ts'\n\nexport type LicenseKinds =\n  | 'unlicensed'\n  | 'misc'\n  | 'restricted'\n  | 'ambiguous'\n  | 'copyleft'\n  | 'unknown'\n  | 'none'\n  | 'exception'\n  | undefined\n\nexport type LicenseAlertTypes =\n  | 'explicitlyUnlicensedItem'\n  | 'miscLicenseIssues'\n  | 'nonpermissiveLicense'\n  | 'ambiguousClassifier'\n  | 'copyleftLicense'\n  | 'unidentifiedLicense'\n  | 'noLicenseFound'\n  | 'licenseException'\n  | undefined\n\nconst kindsMap = new Map<LicenseKinds, LicenseAlertTypes>([\n  ['unlicensed', 'explicitlyUnlicensedItem'],\n  ['misc', 'miscLicenseIssues'],\n  ['restricted', 'nonpermissiveLicense'],\n  ['ambiguous', 'ambiguousClassifier'],\n  ['copyleft', 'copyleftLicense'],\n  ['unknown', 'unidentifiedLicense'],\n  ['none', 'noLicenseFound'],\n  ['exception', 'licenseException'],\n  [undefined, undefined],\n])\nconst kinds = new Set(kindsMap.keys())\n\nexport const isLicenseKind = (\n  value?: string,\n): value is LicenseKinds => kinds.has(value as LicenseKinds)\n\nexport const asLicenseKind = (value?: string): LicenseKinds => {\n  if (!isLicenseKind(value)) {\n    throw error('Expected a valid license kind', {\n      found: value,\n      validOptions: Array.from(kinds),\n    })\n  }\n  return value\n}\n\nexport const parseInternals = (\n  nodes: PostcssNode[],\n): { kind: LicenseKinds } => {\n  let kind: LicenseKinds\n\n  if (isStringNode(asPostcssNodeWithChildren(nodes[0]).nodes[0])) {\n    kind = asLicenseKind(\n      removeQuotes(\n        asStringNode(asPostcssNodeWithChildren(nodes[0]).nodes[0])\n          .value,\n      ),\n    )\n  } else if (\n    isTagNode(asPostcssNodeWithChildren(nodes[0]).nodes[0])\n  ) {\n    kind = asLicenseKind(\n      asTagNode(asPostcssNodeWithChildren(nodes[0]).nodes[0]).value,\n    )\n  }\n\n  return { kind }\n}\n\nexport const license = async (state: ParserState) => {\n  assertSecurityArchive(state, 'license')\n\n  let internals\n  try {\n    internals = parseInternals(\n      asPostcssNodeWithChildren(state.current).nodes,\n    )\n  } catch (err) {\n    throw error('Failed to parse :license selector', { cause: err })\n  }\n\n  const { kind } = internals\n  const alertName = kindsMap.get(kind)\n  for (const node of state.partial.nodes) {\n    const report = state.securityArchive.get(node.id)\n    const exclude = !report?.alerts.some(\n      alert => alert.type === alertName,\n    )\n    if (exclude) {\n      removeNode(state, node)\n    }\n  }\n\n  removeDanglingEdges(state)\n\n  return state\n}\n"]}

package/dist/esm/pseudo/malware.d.ts

@@ -0,0 +1,12 @@
+import type { ParserState, PostcssNode } from '../types.ts';
+export type MalwareKinds = '0' | '1' | '2' | '3' | 'critical' | 'high' | 'medium' | 'low' | undefined;
+export type MalwareAlertTypes = 'malware' | 'gptMalware' | 'gptSecurity' | 'gptAnomaly' | undefined;
+export declare const isMalwareKind: (value?: string) => value is MalwareKinds;
+export declare const asMalwareKind: (value?: string) => MalwareKinds;
+export declare const parseInternals: (nodes: PostcssNode[]) => {
+    kind: MalwareKinds;
+};
+export declare const malware: (state: ParserState) => Promise<ParserState & {
+    securityArchive: NonNullable<ParserState["securityArchive"]>;
+}>;
+//# sourceMappingURL=malware.d.ts.map

package/dist/esm/pseudo/malware.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"malware.d.ts","sourceRoot":"","sources":["../../../src/pseudo/malware.ts"],"names":[],"mappings":"AAQA,OAAO,KAAK,EAAE,WAAW,EAAE,WAAW,EAAE,MAAM,aAAa,CAAA;AAQ3D,MAAM,MAAM,YAAY,GACpB,GAAG,GACH,GAAG,GACH,GAAG,GACH,GAAG,GACH,UAAU,GACV,MAAM,GACN,QAAQ,GACR,KAAK,GACL,SAAS,CAAA;AAEb,MAAM,MAAM,iBAAiB,GACzB,SAAS,GACT,YAAY,GACZ,aAAa,GACb,YAAY,GACZ,SAAS,CAAA;AAcb,eAAO,MAAM,aAAa,WAChB,MAAM,KACb,KAAK,IAAI,YAAgD,CAAA;AAE5D,eAAO,MAAM,aAAa,WAAY,MAAM,KAAG,YAQ9C,CAAA;AAED,eAAO,MAAM,cAAc,UAClB,WAAW,EAAE,KACnB;IAAE,IAAI,EAAE,YAAY,CAAA;CAmBtB,CAAA;AAED,eAAO,MAAM,OAAO,UAAiB,WAAW;;EA2B/C,CAAA"}

package/dist/esm/pseudo/malware.js

@@ -0,0 +1,57 @@
+import { error } from '@vltpkg/error-cause';
+import { asPostcssNodeWithChildren, asStringNode, asTagNode, isStringNode, isTagNode, } from "../types.js";
+import { assertSecurityArchive, removeDanglingEdges, removeNode, removeQuotes, } from "./helpers.js";
+const kindsMap = new Map([
+    ['critical', 'malware'],
+    ['high', 'gptMalware'],
+    ['medium', 'gptSecurity'],
+    ['low', 'gptAnomaly'],
+    ['0', 'malware'],
+    ['1', 'gptMalware'],
+    ['2', 'gptSecurity'],
+    ['3', 'gptAnomaly'],
+]);
+const kinds = new Set(kindsMap.keys());
+export const isMalwareKind = (value) => kinds.has(value);
+export const asMalwareKind = (value) => {
+    if (!isMalwareKind(value)) {
+        throw error('Expected a valid malware kind', {
+            found: value,
+            validOptions: Array.from(kinds),
+        });
+    }
+    return value;
+};
+export const parseInternals = (nodes) => {
+    let kind;
+    if (isStringNode(asPostcssNodeWithChildren(nodes[0]).nodes[0])) {
+        kind = asMalwareKind(removeQuotes(asStringNode(asPostcssNodeWithChildren(nodes[0]).nodes[0])
+            .value));
+    }
+    else if (isTagNode(asPostcssNodeWithChildren(nodes[0]).nodes[0])) {
+        kind = asMalwareKind(asTagNode(asPostcssNodeWithChildren(nodes[0]).nodes[0]).value);
+    }
+    return { kind };
+};
+export const malware = async (state) => {
+    assertSecurityArchive(state, 'malware');
+    let internals;
+    try {
+        internals = parseInternals(asPostcssNodeWithChildren(state.current).nodes);
+    }
+    catch (err) {
+        throw error('Failed to parse :malware selector', { cause: err });
+    }
+    const { kind } = internals;
+    const alertName = kindsMap.get(kind);
+    for (const node of state.partial.nodes) {
+        const report = state.securityArchive.get(node.id);
+        const exclude = !report?.alerts.some(alert => alert.type === alertName);
+        if (exclude) {
+            removeNode(state, node);
+        }
+    }
+    removeDanglingEdges(state);
+    return state;
+};
+//# sourceMappingURL=malware.js.map

package/dist/esm/pseudo/malware.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"malware.js","sourceRoot":"","sources":["../../../src/pseudo/malware.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,EAAE,MAAM,qBAAqB,CAAA;AAC3C,OAAO,EACL,yBAAyB,EACzB,YAAY,EACZ,SAAS,EACT,YAAY,EACZ,SAAS,GACV,MAAM,aAAa,CAAA;AAEpB,OAAO,EACL,qBAAqB,EACrB,mBAAmB,EACnB,UAAU,EACV,YAAY,GACb,MAAM,cAAc,CAAA;AAoBrB,MAAM,QAAQ,GAAG,IAAI,GAAG,CAAkC;IACxD,CAAC,UAAU,EAAE,SAAS,CAAC;IACvB,CAAC,MAAM,EAAE,YAAY,CAAC;IACtB,CAAC,QAAQ,EAAE,aAAa,CAAC;IACzB,CAAC,KAAK,EAAE,YAAY,CAAC;IACrB,CAAC,GAAG,EAAE,SAAS,CAAC;IAChB,CAAC,GAAG,EAAE,YAAY,CAAC;IACnB,CAAC,GAAG,EAAE,aAAa,CAAC;IACpB,CAAC,GAAG,EAAE,YAAY,CAAC;CACpB,CAAC,CAAA;AACF,MAAM,KAAK,GAAG,IAAI,GAAG,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAC,CAAA;AAEtC,MAAM,CAAC,MAAM,aAAa,GAAG,CAC3B,KAAc,EACS,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,KAAqB,CAAC,CAAA;AAE5D,MAAM,CAAC,MAAM,aAAa,GAAG,CAAC,KAAc,EAAgB,EAAE;IAC5D,IAAI,CAAC,aAAa,CAAC,KAAK,CAAC,EAAE,CAAC;QAC1B,MAAM,KAAK,CAAC,+BAA+B,EAAE;YAC3C,KAAK,EAAE,KAAK;YACZ,YAAY,EAAE,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC;SAChC,CAAC,CAAA;IACJ,CAAC;IACD,OAAO,KAAK,CAAA;AACd,CAAC,CAAA;AAED,MAAM,CAAC,MAAM,cAAc,GAAG,CAC5B,KAAoB,EACI,EAAE;IAC1B,IAAI,IAAkB,CAAA;IAEtB,IAAI,YAAY,CAAC,yBAAyB,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;QAC/D,IAAI,GAAG,aAAa,CAClB,YAAY,CACV,YAAY,CAAC,yBAAyB,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;aACvD,KAAK,CACT,CACF,CAAA;IACH,CAAC;SAAM,IACL,SAAS,CAAC,yBAAyB,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,EACvD,CAAC;QACD,IAAI,GAAG,aAAa,CAClB,SAAS,CAAC,yBAAyB,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAC9D,CAAA;IACH,CAAC;IAED,OAAO,EAAE,IAAI,EAAE,CAAA;AACjB,CAAC,CAAA;AAED,MAAM,CAAC,MAAM,OAAO,GAAG,KAAK,EAAE,KAAkB,EAAE,EAAE;IAClD,qBAAqB,CAAC,KAAK,EAAE,SAAS,CAAC,CAAA;IAEvC,IAAI,SAAS,CAAA;IACb,IAAI,CAAC;QACH,SAAS,GAAG,cAAc,CACxB,yBAAyB,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,KAAK,CAC/C,CAAA;IACH,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,KAAK,CAAC,mCAAmC,EAAE,EAAE,KAAK,EAAE,GAAG,EAAE,CAAC,CAAA;IAClE,CAAC;IAED,MAAM,EAAE,IAAI,EAAE,GAAG,SAAS,CAAA;IAC1B,MAAM,SAAS,GAAG,QAAQ,CAAC,GAAG,CAAC,IAAI,CAAC,CAAA;IACpC,KAAK,MAAM,IAAI,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;QACvC,MAAM,MAAM,GAAG,KAAK,CAAC,eAAe,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,CAAA;QACjD,MAAM,OAAO,GAAG,CAAC,MAAM,EAAE,MAAM,CAAC,IAAI,CAClC,KAAK,CAAC,EAAE,CAAC,KAAK,CAAC,IAAI,KAAK,SAAS,CAClC,CAAA;QACD,IAAI,OAAO,EAAE,CAAC;YACZ,UAAU,CAAC,KAAK,EAAE,IAAI,CAAC,CAAA;QACzB,CAAC;IACH,CAAC;IAED,mBAAmB,CAAC,KAAK,CAAC,CAAA;IAE1B,OAAO,KAAK,CAAA;AACd,CAAC,CAAA","sourcesContent":["import { error } from '@vltpkg/error-cause'\nimport {\n  asPostcssNodeWithChildren,\n  asStringNode,\n  asTagNode,\n  isStringNode,\n  isTagNode,\n} from '../types.ts'\nimport type { ParserState, PostcssNode } from '../types.ts'\nimport {\n  assertSecurityArchive,\n  removeDanglingEdges,\n  removeNode,\n  removeQuotes,\n} from './helpers.ts'\n\nexport type MalwareKinds =\n  | '0'\n  | '1'\n  | '2'\n  | '3'\n  | 'critical'\n  | 'high'\n  | 'medium'\n  | 'low'\n  | undefined\n\nexport type MalwareAlertTypes =\n  | 'malware'\n  | 'gptMalware'\n  | 'gptSecurity'\n  | 'gptAnomaly'\n  | undefined\n\nconst kindsMap = new Map<MalwareKinds, MalwareAlertTypes>([\n  ['critical', 'malware'],\n  ['high', 'gptMalware'],\n  ['medium', 'gptSecurity'],\n  ['low', 'gptAnomaly'],\n  ['0', 'malware'],\n  ['1', 'gptMalware'],\n  ['2', 'gptSecurity'],\n  ['3', 'gptAnomaly'],\n])\nconst kinds = new Set(kindsMap.keys())\n\nexport const isMalwareKind = (\n  value?: string,\n): value is MalwareKinds => kinds.has(value as MalwareKinds)\n\nexport const asMalwareKind = (value?: string): MalwareKinds => {\n  if (!isMalwareKind(value)) {\n    throw error('Expected a valid malware kind', {\n      found: value,\n      validOptions: Array.from(kinds),\n    })\n  }\n  return value\n}\n\nexport const parseInternals = (\n  nodes: PostcssNode[],\n): { kind: MalwareKinds } => {\n  let kind: MalwareKinds\n\n  if (isStringNode(asPostcssNodeWithChildren(nodes[0]).nodes[0])) {\n    kind = asMalwareKind(\n      removeQuotes(\n        asStringNode(asPostcssNodeWithChildren(nodes[0]).nodes[0])\n          .value,\n      ),\n    )\n  } else if (\n    isTagNode(asPostcssNodeWithChildren(nodes[0]).nodes[0])\n  ) {\n    kind = asMalwareKind(\n      asTagNode(asPostcssNodeWithChildren(nodes[0]).nodes[0]).value,\n    )\n  }\n\n  return { kind }\n}\n\nexport const malware = async (state: ParserState) => {\n  assertSecurityArchive(state, 'malware')\n\n  let internals\n  try {\n    internals = parseInternals(\n      asPostcssNodeWithChildren(state.current).nodes,\n    )\n  } catch (err) {\n    throw error('Failed to parse :malware selector', { cause: err })\n  }\n\n  const { kind } = internals\n  const alertName = kindsMap.get(kind)\n  for (const node of state.partial.nodes) {\n    const report = state.securityArchive.get(node.id)\n    const exclude = !report?.alerts.some(\n      alert => alert.type === alertName,\n    )\n    if (exclude) {\n      removeNode(state, node)\n    }\n  }\n\n  removeDanglingEdges(state)\n\n  return state\n}\n"]}

package/dist/esm/pseudo/minified.d.ts

@@ -1,5 +1,7 @@
 /**
  * Filters out any node that does not have a **minifiedFile** report alert.
  */
-export declare const minified: (state: import("../types.ts").ParserState) => Promise<import("../types.ts").ParserState>;
+export declare const minified: (state: import("../types.ts").ParserState) => Promise<import("../types.ts").ParserState & {
+    securityArchive: NonNullable<import("../types.ts").ParserState["securityArchive"]>;
+}>;
 //# sourceMappingURL=minified.d.ts.map

package/dist/esm/pseudo/minified.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"minified.d.ts","sourceRoot":"","sources":["../../../src/pseudo/minified.ts"],"names":[],"mappings":"AAEA;;GAEG;AACH,eAAO,MAAM,QAAQ,0FAGpB,CAAA"}
+{"version":3,"file":"minified.d.ts","sourceRoot":"","sources":["../../../src/pseudo/minified.ts"],"names":[],"mappings":"AAEA;;GAEG;AACH,eAAO,MAAM,QAAQ;;EAGpB,CAAA"}

package/dist/esm/pseudo/native.d.ts

@@ -1,5 +1,7 @@
 /**
  * Filters out any node that does not have a **hasNativeCode** report alert.
  */
-export declare const nativeParser: (state: import("../types.ts").ParserState) => Promise<import("../types.ts").ParserState>;
+export declare const nativeParser: (state: import("../types.ts").ParserState) => Promise<import("../types.ts").ParserState & {
+    securityArchive: NonNullable<import("../types.ts").ParserState["securityArchive"]>;
+}>;
 //# sourceMappingURL=native.d.ts.map

package/dist/esm/pseudo/native.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"native.d.ts","sourceRoot":"","sources":["../../../src/pseudo/native.ts"],"names":[],"mappings":"AAEA;;GAEG;AACH,eAAO,MAAM,YAAY,0FAGxB,CAAA"}
+{"version":3,"file":"native.d.ts","sourceRoot":"","sources":["../../../src/pseudo/native.ts"],"names":[],"mappings":"AAEA;;GAEG;AACH,eAAO,MAAM,YAAY;;EAGxB,CAAA"}

package/dist/esm/pseudo/network.d.ts

@@ -1,5 +1,7 @@
 /**
  * Filters out any node that does not have a **networkAccess** report alert.
  */
-export declare const network: (state: import("../types.ts").ParserState) => Promise<import("../types.ts").ParserState>;
+export declare const network: (state: import("../types.ts").ParserState) => Promise<import("../types.ts").ParserState & {
+    securityArchive: NonNullable<import("../types.ts").ParserState["securityArchive"]>;
+}>;
 //# sourceMappingURL=network.d.ts.map

package/dist/esm/pseudo/network.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"network.d.ts","sourceRoot":"","sources":["../../../src/pseudo/network.ts"],"names":[],"mappings":"AAEA;;GAEG;AACH,eAAO,MAAM,OAAO,0FAGnB,CAAA"}
+{"version":3,"file":"network.d.ts","sourceRoot":"","sources":["../../../src/pseudo/network.ts"],"names":[],"mappings":"AAEA;;GAEG;AACH,eAAO,MAAM,OAAO;;EAGnB,CAAA"}

package/dist/esm/pseudo/obfuscated.d.ts

@@ -1,5 +1,7 @@
 /**
  * Filters out any node that does not have an **obfuscatedFile** report alert.
  */
-export declare const obfuscated: (state: import("../types.ts").ParserState) => Promise<import("../types.ts").ParserState>;
+export declare const obfuscated: (state: import("../types.ts").ParserState) => Promise<import("../types.ts").ParserState & {
+    securityArchive: NonNullable<import("../types.ts").ParserState["securityArchive"]>;
+}>;
 //# sourceMappingURL=obfuscated.d.ts.map

package/dist/esm/pseudo/obfuscated.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"obfuscated.d.ts","sourceRoot":"","sources":["../../../src/pseudo/obfuscated.ts"],"names":[],"mappings":"AAEA;;GAEG;AACH,eAAO,MAAM,UAAU,0FAGtB,CAAA"}
+{"version":3,"file":"obfuscated.d.ts","sourceRoot":"","sources":["../../../src/pseudo/obfuscated.ts"],"names":[],"mappings":"AAEA;;GAEG;AACH,eAAO,MAAM,UAAU;;EAGtB,CAAA"}

package/dist/esm/pseudo/scanned.d.ts

@@ -0,0 +1,7 @@
+import type { ParserState } from '../types.ts';
+/**
+ * Ensures that security report data is available for all packages in the current graph.
+ * Throws an error if security data is not available.
+ */
+export declare const scanned: (state: ParserState) => Promise<ParserState>;
+//# sourceMappingURL=scanned.d.ts.map

package/dist/esm/pseudo/scanned.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"scanned.d.ts","sourceRoot":"","sources":["../../../src/pseudo/scanned.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,aAAa,CAAA;AAE9C;;;GAGG;AACH,eAAO,MAAM,OAAO,UAAiB,WAAW,yBAK/C,CAAA"}

package/dist/esm/pseudo/scanned.js

@@ -0,0 +1,12 @@
+import { error } from '@vltpkg/error-cause';
+/**
+ * Ensures that security report data is available for all packages in the current graph.
+ * Throws an error if security data is not available.
+ */
+export const scanned = async (state) => {
+    if (!state.securityArchive?.ok) {
+        throw error('Security report data missing');
+    }
+    return state;
+};
+//# sourceMappingURL=scanned.js.map

package/dist/esm/pseudo/scanned.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"scanned.js","sourceRoot":"","sources":["../../../src/pseudo/scanned.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,EAAE,MAAM,qBAAqB,CAAA;AAG3C;;;GAGG;AACH,MAAM,CAAC,MAAM,OAAO,GAAG,KAAK,EAAE,KAAkB,EAAE,EAAE;IAClD,IAAI,CAAC,KAAK,CAAC,eAAe,EAAE,EAAE,EAAE,CAAC;QAC/B,MAAM,KAAK,CAAC,8BAA8B,CAAC,CAAA;IAC7C,CAAC;IACD,OAAO,KAAK,CAAA;AACd,CAAC,CAAA","sourcesContent":["import { error } from '@vltpkg/error-cause'\nimport type { ParserState } from '../types.ts'\n\n/**\n * Ensures that security report data is available for all packages in the current graph.\n * Throws an error if security data is not available.\n */\nexport const scanned = async (state: ParserState) => {\n  if (!state.securityArchive?.ok) {\n    throw error('Security report data missing')\n  }\n  return state\n}\n"]}

package/dist/esm/pseudo/scripts.d.ts

@@ -1,5 +1,7 @@
 /**
  * Filters out any node that does not have an **installScripts** report alert.
  */
-export declare const scripts: (state: import("../types.ts").ParserState) => Promise<import("../types.ts").ParserState>;
+export declare const scripts: (state: import("../types.ts").ParserState) => Promise<import("../types.ts").ParserState & {
+    securityArchive: NonNullable<import("../types.ts").ParserState["securityArchive"]>;
+}>;
 //# sourceMappingURL=scripts.d.ts.map

package/dist/esm/pseudo/scripts.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"scripts.d.ts","sourceRoot":"","sources":["../../../src/pseudo/scripts.ts"],"names":[],"mappings":"AAEA;;GAEG;AACH,eAAO,MAAM,OAAO,0FAGnB,CAAA"}
+{"version":3,"file":"scripts.d.ts","sourceRoot":"","sources":["../../../src/pseudo/scripts.ts"],"names":[],"mappings":"AAEA;;GAEG;AACH,eAAO,MAAM,OAAO;;EAGnB,CAAA"}

package/dist/esm/pseudo/severity.d.ts

@@ -0,0 +1,12 @@
+import type { ParserState, PostcssNode } from '../types.ts';
+export type SeverityKinds = '0' | '1' | '2' | '3' | 'critical' | 'high' | 'medium' | 'low' | undefined;
+export type SeverityAlertTypes = 'criticalCVE' | 'cve' | 'potentialVulnerability' | 'mildCVE' | undefined;
+export declare const isSeverityKind: (value?: string) => value is SeverityKinds;
+export declare const asSeverityKind: (value?: string) => SeverityKinds;
+export declare const parseInternals: (nodes: PostcssNode[]) => {
+    kind: SeverityKinds;
+};
+export declare const severity: (state: ParserState) => Promise<ParserState & {
+    securityArchive: NonNullable<ParserState["securityArchive"]>;
+}>;
+//# sourceMappingURL=severity.d.ts.map

package/dist/esm/pseudo/severity.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"severity.d.ts","sourceRoot":"","sources":["../../../src/pseudo/severity.ts"],"names":[],"mappings":"AAQA,OAAO,KAAK,EAAE,WAAW,EAAE,WAAW,EAAE,MAAM,aAAa,CAAA;AAQ3D,MAAM,MAAM,aAAa,GACrB,GAAG,GACH,GAAG,GACH,GAAG,GACH,GAAG,GACH,UAAU,GACV,MAAM,GACN,QAAQ,GACR,KAAK,GACL,SAAS,CAAA;AAEb,MAAM,MAAM,kBAAkB,GAC1B,aAAa,GACb,KAAK,GACL,wBAAwB,GACxB,SAAS,GACT,SAAS,CAAA;AAcb,eAAO,MAAM,cAAc,WACjB,MAAM,KACb,KAAK,IAAI,aAAkD,CAAA;AAE9D,eAAO,MAAM,cAAc,WAAY,MAAM,KAAG,aAQ/C,CAAA;AAED,eAAO,MAAM,cAAc,UAClB,WAAW,EAAE,KACnB;IAAE,IAAI,EAAE,aAAa,CAAA;CAmBvB,CAAA;AAED,eAAO,MAAM,QAAQ,UAAiB,WAAW;;EA2BhD,CAAA"}

package/dist/esm/pseudo/severity.js

@@ -0,0 +1,57 @@
+import { error } from '@vltpkg/error-cause';
+import { asPostcssNodeWithChildren, asStringNode, asTagNode, isStringNode, isTagNode, } from "../types.js";
+import { assertSecurityArchive, removeDanglingEdges, removeNode, removeQuotes, } from "./helpers.js";
+const kindsMap = new Map([
+    ['critical', 'criticalCVE'],
+    ['high', 'cve'],
+    ['medium', 'potentialVulnerability'],
+    ['low', 'mildCVE'],
+    ['0', 'criticalCVE'],
+    ['1', 'cve'],
+    ['2', 'potentialVulnerability'],
+    ['3', 'mildCVE'],
+]);
+const kinds = new Set(kindsMap.keys());
+export const isSeverityKind = (value) => kinds.has(value);
+export const asSeverityKind = (value) => {
+    if (!isSeverityKind(value)) {
+        throw error('Expected a valid severity kind', {
+            found: value,
+            validOptions: Array.from(kinds),
+        });
+    }
+    return value;
+};
+export const parseInternals = (nodes) => {
+    let kind;
+    if (isStringNode(asPostcssNodeWithChildren(nodes[0]).nodes[0])) {
+        kind = asSeverityKind(removeQuotes(asStringNode(asPostcssNodeWithChildren(nodes[0]).nodes[0])
+            .value));
+    }
+    else if (isTagNode(asPostcssNodeWithChildren(nodes[0]).nodes[0])) {
+        kind = asSeverityKind(asTagNode(asPostcssNodeWithChildren(nodes[0]).nodes[0]).value);
+    }
+    return { kind };
+};
+export const severity = async (state) => {
+    assertSecurityArchive(state, 'severity');
+    let internals;
+    try {
+        internals = parseInternals(asPostcssNodeWithChildren(state.current).nodes);
+    }
+    catch (err) {
+        throw error('Failed to parse :severity selector', { cause: err });
+    }
+    const { kind } = internals;
+    const alertName = kindsMap.get(kind);
+    for (const node of state.partial.nodes) {
+        const report = state.securityArchive.get(node.id);
+        const exclude = !report?.alerts.some(alert => alert.type === alertName);
+        if (exclude) {
+            removeNode(state, node);
+        }
+    }
+    removeDanglingEdges(state);
+    return state;
+};
+//# sourceMappingURL=severity.js.map

package/dist/esm/pseudo/severity.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"severity.js","sourceRoot":"","sources":["../../../src/pseudo/severity.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,EAAE,MAAM,qBAAqB,CAAA;AAC3C,OAAO,EACL,yBAAyB,EACzB,YAAY,EACZ,SAAS,EACT,YAAY,EACZ,SAAS,GACV,MAAM,aAAa,CAAA;AAEpB,OAAO,EACL,qBAAqB,EACrB,mBAAmB,EACnB,UAAU,EACV,YAAY,GACb,MAAM,cAAc,CAAA;AAoBrB,MAAM,QAAQ,GAAG,IAAI,GAAG,CAAoC;IAC1D,CAAC,UAAU,EAAE,aAAa,CAAC;IAC3B,CAAC,MAAM,EAAE,KAAK,CAAC;IACf,CAAC,QAAQ,EAAE,wBAAwB,CAAC;IACpC,CAAC,KAAK,EAAE,SAAS,CAAC;IAClB,CAAC,GAAG,EAAE,aAAa,CAAC;IACpB,CAAC,GAAG,EAAE,KAAK,CAAC;IACZ,CAAC,GAAG,EAAE,wBAAwB,CAAC;IAC/B,CAAC,GAAG,EAAE,SAAS,CAAC;CACjB,CAAC,CAAA;AACF,MAAM,KAAK,GAAG,IAAI,GAAG,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAC,CAAA;AAEtC,MAAM,CAAC,MAAM,cAAc,GAAG,CAC5B,KAAc,EACU,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,KAAsB,CAAC,CAAA;AAE9D,MAAM,CAAC,MAAM,cAAc,GAAG,CAAC,KAAc,EAAiB,EAAE;IAC9D,IAAI,CAAC,cAAc,CAAC,KAAK,CAAC,EAAE,CAAC;QAC3B,MAAM,KAAK,CAAC,gCAAgC,EAAE;YAC5C,KAAK,EAAE,KAAK;YACZ,YAAY,EAAE,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC;SAChC,CAAC,CAAA;IACJ,CAAC;IACD,OAAO,KAAK,CAAA;AACd,CAAC,CAAA;AAED,MAAM,CAAC,MAAM,cAAc,GAAG,CAC5B,KAAoB,EACK,EAAE;IAC3B,IAAI,IAAmB,CAAA;IAEvB,IAAI,YAAY,CAAC,yBAAyB,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;QAC/D,IAAI,GAAG,cAAc,CACnB,YAAY,CACV,YAAY,CAAC,yBAAyB,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;aACvD,KAAK,CACT,CACF,CAAA;IACH,CAAC;SAAM,IACL,SAAS,CAAC,yBAAyB,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,EACvD,CAAC;QACD,IAAI,GAAG,cAAc,CACnB,SAAS,CAAC,yBAAyB,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAC9D,CAAA;IACH,CAAC;IAED,OAAO,EAAE,IAAI,EAAE,CAAA;AACjB,CAAC,CAAA;AAED,MAAM,CAAC,MAAM,QAAQ,GAAG,KAAK,EAAE,KAAkB,EAAE,EAAE;IACnD,qBAAqB,CAAC,KAAK,EAAE,UAAU,CAAC,CAAA;IAExC,IAAI,SAAS,CAAA;IACb,IAAI,CAAC;QACH,SAAS,GAAG,cAAc,CACxB,yBAAyB,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,KAAK,CAC/C,CAAA;IACH,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,KAAK,CAAC,oCAAoC,EAAE,EAAE,KAAK,EAAE,GAAG,EAAE,CAAC,CAAA;IACnE,CAAC;IAED,MAAM,EAAE,IAAI,EAAE,GAAG,SAAS,CAAA;IAC1B,MAAM,SAAS,GAAG,QAAQ,CAAC,GAAG,CAAC,IAAI,CAAC,CAAA;IACpC,KAAK,MAAM,IAAI,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;QACvC,MAAM,MAAM,GAAG,KAAK,CAAC,eAAe,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,CAAA;QACjD,MAAM,OAAO,GAAG,CAAC,MAAM,EAAE,MAAM,CAAC,IAAI,CAClC,KAAK,CAAC,EAAE,CAAC,KAAK,CAAC,IAAI,KAAK,SAAS,CAClC,CAAA;QACD,IAAI,OAAO,EAAE,CAAC;YACZ,UAAU,CAAC,KAAK,EAAE,IAAI,CAAC,CAAA;QACzB,CAAC;IACH,CAAC;IAED,mBAAmB,CAAC,KAAK,CAAC,CAAA;IAE1B,OAAO,KAAK,CAAA;AACd,CAAC,CAAA","sourcesContent":["import { error } from '@vltpkg/error-cause'\nimport {\n  asPostcssNodeWithChildren,\n  asStringNode,\n  asTagNode,\n  isStringNode,\n  isTagNode,\n} from '../types.ts'\nimport type { ParserState, PostcssNode } from '../types.ts'\nimport {\n  assertSecurityArchive,\n  removeDanglingEdges,\n  removeNode,\n  removeQuotes,\n} from './helpers.ts'\n\nexport type SeverityKinds =\n  | '0'\n  | '1'\n  | '2'\n  | '3'\n  | 'critical'\n  | 'high'\n  | 'medium'\n  | 'low'\n  | undefined\n\nexport type SeverityAlertTypes =\n  | 'criticalCVE'\n  | 'cve'\n  | 'potentialVulnerability'\n  | 'mildCVE'\n  | undefined\n\nconst kindsMap = new Map<SeverityKinds, SeverityAlertTypes>([\n  ['critical', 'criticalCVE'],\n  ['high', 'cve'],\n  ['medium', 'potentialVulnerability'],\n  ['low', 'mildCVE'],\n  ['0', 'criticalCVE'],\n  ['1', 'cve'],\n  ['2', 'potentialVulnerability'],\n  ['3', 'mildCVE'],\n])\nconst kinds = new Set(kindsMap.keys())\n\nexport const isSeverityKind = (\n  value?: string,\n): value is SeverityKinds => kinds.has(value as SeverityKinds)\n\nexport const asSeverityKind = (value?: string): SeverityKinds => {\n  if (!isSeverityKind(value)) {\n    throw error('Expected a valid severity kind', {\n      found: value,\n      validOptions: Array.from(kinds),\n    })\n  }\n  return value\n}\n\nexport const parseInternals = (\n  nodes: PostcssNode[],\n): { kind: SeverityKinds } => {\n  let kind: SeverityKinds\n\n  if (isStringNode(asPostcssNodeWithChildren(nodes[0]).nodes[0])) {\n    kind = asSeverityKind(\n      removeQuotes(\n        asStringNode(asPostcssNodeWithChildren(nodes[0]).nodes[0])\n          .value,\n      ),\n    )\n  } else if (\n    isTagNode(asPostcssNodeWithChildren(nodes[0]).nodes[0])\n  ) {\n    kind = asSeverityKind(\n      asTagNode(asPostcssNodeWithChildren(nodes[0]).nodes[0]).value,\n    )\n  }\n\n  return { kind }\n}\n\nexport const severity = async (state: ParserState) => {\n  assertSecurityArchive(state, 'severity')\n\n  let internals\n  try {\n    internals = parseInternals(\n      asPostcssNodeWithChildren(state.current).nodes,\n    )\n  } catch (err) {\n    throw error('Failed to parse :severity selector', { cause: err })\n  }\n\n  const { kind } = internals\n  const alertName = kindsMap.get(kind)\n  for (const node of state.partial.nodes) {\n    const report = state.securityArchive.get(node.id)\n    const exclude = !report?.alerts.some(\n      alert => alert.type === alertName,\n    )\n    if (exclude) {\n      removeNode(state, node)\n    }\n  }\n\n  removeDanglingEdges(state)\n\n  return state\n}\n"]}

package/dist/esm/pseudo/shell.d.ts

@@ -1,5 +1,7 @@
 /**
  * Filters out any node that does not have a **shellAccess** report alert.
  */
-export declare const shell: (state: import("../types.ts").ParserState) => Promise<import("../types.ts").ParserState>;
+export declare const shell: (state: import("../types.ts").ParserState) => Promise<import("../types.ts").ParserState & {
+    securityArchive: NonNullable<import("../types.ts").ParserState["securityArchive"]>;
+}>;
 //# sourceMappingURL=shell.d.ts.map

package/dist/esm/pseudo/shell.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"shell.d.ts","sourceRoot":"","sources":["../../../src/pseudo/shell.ts"],"names":[],"mappings":"AAEA;;GAEG;AACH,eAAO,MAAM,KAAK,0FAGjB,CAAA"}
+{"version":3,"file":"shell.d.ts","sourceRoot":"","sources":["../../../src/pseudo/shell.ts"],"names":[],"mappings":"AAEA;;GAEG;AACH,eAAO,MAAM,KAAK;;EAGjB,CAAA"}

package/dist/esm/pseudo/shrinkwrap.d.ts

@@ -1,5 +1,7 @@
 /**
  * Filters out any node that does not have a **shrinkwrap** report alert.
  */
-export declare const shrinkwrap: (state: import("../types.ts").ParserState) => Promise<import("../types.ts").ParserState>;
+export declare const shrinkwrap: (state: import("../types.ts").ParserState) => Promise<import("../types.ts").ParserState & {
+    securityArchive: NonNullable<import("../types.ts").ParserState["securityArchive"]>;
+}>;
 //# sourceMappingURL=shrinkwrap.d.ts.map

package/dist/esm/pseudo/shrinkwrap.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"shrinkwrap.d.ts","sourceRoot":"","sources":["../../../src/pseudo/shrinkwrap.ts"],"names":[],"mappings":"AAEA;;GAEG;AACH,eAAO,MAAM,UAAU,0FAGtB,CAAA"}
+{"version":3,"file":"shrinkwrap.d.ts","sourceRoot":"","sources":["../../../src/pseudo/shrinkwrap.ts"],"names":[],"mappings":"AAEA;;GAEG;AACH,eAAO,MAAM,UAAU;;EAGtB,CAAA"}

package/dist/esm/pseudo/squat.d.ts

@@ -0,0 +1,12 @@
+import type { ParserState, PostcssNode } from '../types.ts';
+export type SquatKinds = '0' | '2' | 'critical' | 'medium' | undefined;
+export type SquatAlertTypes = 'didYouMean' | 'gptDidYouMean' | undefined;
+export declare const isSquatKind: (value?: string) => value is SquatKinds;
+export declare const asSquatKind: (value?: string) => SquatKinds;
+export declare const parseInternals: (nodes: PostcssNode[]) => {
+    kind: SquatKinds;
+};
+export declare const squat: (state: ParserState) => Promise<ParserState & {
+    securityArchive: NonNullable<ParserState["securityArchive"]>;
+}>;
+//# sourceMappingURL=squat.d.ts.map

package/dist/esm/pseudo/squat.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"squat.d.ts","sourceRoot":"","sources":["../../../src/pseudo/squat.ts"],"names":[],"mappings":"AAQA,OAAO,KAAK,EAAE,WAAW,EAAE,WAAW,EAAE,MAAM,aAAa,CAAA;AAQ3D,MAAM,MAAM,UAAU,GAAG,GAAG,GAAG,GAAG,GAAG,UAAU,GAAG,QAAQ,GAAG,SAAS,CAAA;AAEtE,MAAM,MAAM,eAAe,GACvB,YAAY,GACZ,eAAe,GACf,SAAS,CAAA;AAWb,eAAO,MAAM,WAAW,WAAY,MAAM,KAAG,KAAK,IAAI,UACtB,CAAA;AAEhC,eAAO,MAAM,WAAW,WAAY,MAAM,KAAG,UAQ5C,CAAA;AAED,eAAO,MAAM,cAAc,UAClB,WAAW,EAAE,KACnB;IAAE,IAAI,EAAE,UAAU,CAAA;CAmBpB,CAAA;AAED,eAAO,MAAM,KAAK,UAAiB,WAAW;;EA2B7C,CAAA"}