@vltpkg/query 1.0.0-rc.22 → 1.0.0-rc.24

package/dist/pseudo/severity.js

@@ -0,0 +1,159 @@
+import { error } from '@vltpkg/error-cause';
+import { asPostcssNodeWithChildren, asStringNode, asTagNode, isStringNode, isTagNode, } from '@vltpkg/dss-parser';
+import { assertSecurityArchive, removeDanglingEdges, removeNode, removeQuotes, } from "./helpers.js";
+const kindsMap = new Map([
+    ['critical', 'criticalCVE'],
+    ['high', 'cve'],
+    ['medium', 'potentialVulnerability'],
+    ['low', 'mildCVE'],
+    ['0', 'criticalCVE'],
+    ['1', 'cve'],
+    ['2', 'potentialVulnerability'],
+    ['3', 'mildCVE'],
+]);
+// Map numerical values to their respective kinds for comparison operations
+const kindLevelMap = new Map([
+    ['critical', 0],
+    ['high', 1],
+    ['medium', 2],
+    ['low', 3],
+    ['0', 0],
+    ['1', 1],
+    ['2', 2],
+    ['3', 3],
+]);
+const kinds = new Set(kindsMap.keys());
+export const isSeverityKind = (value) => kinds.has(value);
+export const asSeverityKind = (value) => {
+    if (!isSeverityKind(value)) {
+        throw error('Expected a valid severity kind', {
+            found: value,
+            validOptions: Array.from(kinds),
+        });
+    }
+    return value;
+};
+export const parseInternals = (nodes) => {
+    let kind;
+    let comparator;
+    if (nodes.length === 0) {
+        throw error('Missing severity kind parameter');
+    }
+    let kindValue = '';
+    if (isStringNode(asPostcssNodeWithChildren(nodes[0]).nodes[0])) {
+        kindValue = removeQuotes(asStringNode(asPostcssNodeWithChildren(nodes[0]).nodes[0])
+            .value);
+    }
+    else if (isTagNode(asPostcssNodeWithChildren(nodes[0]).nodes[0])) {
+        kindValue = asTagNode(asPostcssNodeWithChildren(nodes[0]).nodes[0]).value;
+    }
+    // Extract comparator if present
+    if (kindValue.startsWith('>=')) {
+        comparator = '>=';
+        kindValue = kindValue.substring(2);
+    }
+    else if (kindValue.startsWith('<=')) {
+        comparator = '<=';
+        kindValue = kindValue.substring(2);
+    }
+    else if (kindValue.startsWith('>')) {
+        comparator = '>';
+        kindValue = kindValue.substring(1);
+    }
+    else if (kindValue.startsWith('<')) {
+        comparator = '<';
+        kindValue = kindValue.substring(1);
+    }
+    // Parse kind value
+    if (kindValue) {
+        if (isSeverityKind(kindValue)) {
+            kind = kindValue;
+        }
+        else {
+            throw error('Expected a valid severity kind or number between 0-3', {
+                found: kindValue,
+            });
+        }
+    }
+    return { kind, comparator };
+};
+export const severity = async (state) => {
+    assertSecurityArchive(state, 'severity');
+    let internals;
+    try {
+        internals = parseInternals(asPostcssNodeWithChildren(state.current).nodes);
+    }
+    catch (err) {
+        throw error('Failed to parse :severity selector', { cause: err });
+    }
+    const { kind, comparator } = internals;
+    for (const node of state.partial.nodes) {
+        const report = state.securityArchive.get(node.id);
+        // Always exclude nodes that don't have security data or alerts
+        if (!report?.alerts || report.alerts.length === 0) {
+            removeNode(state, node);
+        }
+    }
+    for (const node of state.partial.nodes) {
+        const report = state.securityArchive.get(node.id);
+        let exclude = true;
+        if (report) {
+            if (comparator) {
+                // retrieve the value to compare against
+                const kindLevel = kindLevelMap.get(kind);
+                // the kindLevel value has already been validated at this point
+                // and thus can never return an undefined/falsy value but ts doesn't
+                // know about that, so we have the extra check here
+                /* c8 ignore next - impossible */
+                if (!kindLevel)
+                    break;
+                // Check each alert to find any that match our comparison criteria
+                for (const alert of report.alerts) {
+                    // Get the numerical value of the alert type
+                    const alertType = alert.type;
+                    // retrieve a key to the current alert level to be compared against
+                    const currentAlertLevelKey = [...kindsMap.entries()].find(([_, alertValue]) => alertValue === alertType)?.[0];
+                    // perform the comparison based on the user-provided kindLevel
+                    if (currentAlertLevelKey) {
+                        const currentAlertLevel = kindLevelMap.get(currentAlertLevelKey);
+                        /* c8 ignore next - impossible but ts doesn't know */
+                        if (currentAlertLevel == null)
+                            continue;
+                        switch (comparator) {
+                            case '>':
+                                if (currentAlertLevel > kindLevel) {
+                                    exclude = false;
+                                }
+                                break;
+                            case '<':
+                                if (currentAlertLevel < kindLevel) {
+                                    exclude = false;
+                                }
+                                break;
+                            case '>=':
+                                if (currentAlertLevel >= kindLevel) {
+                                    exclude = false;
+                                }
+                                break;
+                            case '<=':
+                                if (currentAlertLevel <= kindLevel) {
+                                    exclude = false;
+                                }
+                                break;
+                        }
+                    }
+                }
+            }
+            else {
+                // Original exact match behavior
+                const alertName = kindsMap.get(kind);
+                exclude = !report.alerts.some(alert => alert.type === alertName);
+            }
+        }
+        if (exclude) {
+            removeNode(state, node);
+        }
+    }
+    removeDanglingEdges(state);
+    return state;
+};

package/dist/pseudo/shell.d.ts

@@ -0,0 +1,6 @@
+/**
+ * Filters out any node that does not have a **shellAccess** report alert.
+ */
+export declare const shell: (state: import("../types.ts").ParserState) => Promise<import("../types.ts").ParserState & {
+    securityArchive: NonNullable<import("../types.ts").ParserState["securityArchive"]>;
+}>;

package/dist/pseudo/shell.js

@@ -0,0 +1,5 @@
+import { createSecuritySelectorFilter } from "./helpers.js";
+/**
+ * Filters out any node that does not have a **shellAccess** report alert.
+ */
+export const shell = createSecuritySelectorFilter('shell', 'shellAccess');

package/dist/pseudo/shrinkwrap.d.ts

@@ -0,0 +1,6 @@
+/**
+ * Filters out any node that does not have a **shrinkwrap** report alert.
+ */
+export declare const shrinkwrap: (state: import("../types.ts").ParserState) => Promise<import("../types.ts").ParserState & {
+    securityArchive: NonNullable<import("../types.ts").ParserState["securityArchive"]>;
+}>;

package/dist/pseudo/shrinkwrap.js

@@ -0,0 +1,5 @@
+import { createSecuritySelectorFilter } from "./helpers.js";
+/**
+ * Filters out any node that does not have a **shrinkwrap** report alert.
+ */
+export const shrinkwrap = createSecuritySelectorFilter('shrinkwrap', 'shrinkwrap');

package/dist/pseudo/spec.d.ts

@@ -0,0 +1,16 @@
+import type { ParserState } from '../types.ts';
+import type { PostcssNode } from '@vltpkg/dss-parser';
+export type SpecInternals = {
+    specValue: string;
+};
+export declare const parseInternals: (nodes: PostcssNode[]) => SpecInternals;
+/**
+ * :spec Pseudo-Selector, matches edges where edge.spec.bareSpec equals the provided value.
+ *
+ * Examples:
+ * - :spec("*") matches edges with a package specifier equal to "*"
+ * - :spec(^1.0.0) matches edges with a package specifier equal to "^1.0.0"
+ * - :spec("catalog:") matches edges with a package specifier equal to "catalog:"
+ * - :spec("workspace:dev") matches edges with a package specifier equal to "workspace:dev"
+ */
+export declare const spec: (state: ParserState) => Promise<ParserState>;

package/dist/pseudo/spec.js

@@ -0,0 +1,101 @@
+import { error } from '@vltpkg/error-cause';
+import { asError } from '@vltpkg/types';
+import { asPostcssNodeWithChildren, asStringNode, asTagNode, isTagNode, } from '@vltpkg/dss-parser';
+import { removeEdge, removeUnlinkedNodes, removeQuotes, } from "./helpers.js";
+export const parseInternals = (nodes) => {
+    // tries to parse the first param as a string node, otherwise defaults
+    // to reading all postcss nodes as just strings, since it just means
+    // the value was defined as an unquoted string
+    let specValue = '';
+    if (nodes.length === 0) {
+        throw new Error('No nodes provided to parseInternals');
+    }
+    const firstNode = asPostcssNodeWithChildren(nodes[0]);
+    if (firstNode.nodes.length === 0) {
+        throw new Error('First node has no child nodes');
+    }
+    // Try to parse as a quoted string first (single string node)
+    if (firstNode.nodes.length === 1) {
+        const targetNode = firstNode.nodes[0];
+        try {
+            specValue = removeQuotes(asStringNode(targetNode).value);
+            return { specValue };
+        }
+        catch (err) {
+            if (asError(err).message === 'Mismatching query node' &&
+                isTagNode(targetNode)
+            /* c8 ignore start */
+            ) {
+                // Handle simple unquoted single-token values like "1"
+                const tagNode = asTagNode(targetNode);
+                specValue = tagNode.value;
+                return { specValue };
+                /* c8 ignore stop */
+            }
+            else {
+                throw err;
+            }
+        }
+    }
+    // Handle unquoted complex values that get parsed into multiple nodes
+    // This happens when unquoted values contain dots, like ^1.0.0 which becomes:
+    // - Tag: "^1"
+    // - ClassName: "0" (from .0)
+    // - ClassName: "0" (from .0)
+    // We need to reconstruct the original value by concatenating all nodes
+    const parts = [];
+    for (const node of firstNode.nodes) {
+        switch (node.type) {
+            case 'tag':
+                parts.push(asTagNode(node).value);
+                break;
+            case 'class':
+                // Class nodes represent .className in CSS, so we need to add the dot back
+                parts.push('.' + node.value);
+                break;
+            case 'id':
+                // ID nodes represent #idName in CSS, so we need to add the hash back
+                parts.push('#' + node.value);
+                break;
+            case 'string':
+                parts.push(removeQuotes(asStringNode(node).value));
+                break;
+            default:
+                // For other node types, try to get the value property or convert to string
+                /* c8 ignore next */
+                parts.push(node.value ?? String(node));
+                break;
+        }
+    }
+    specValue = parts.join('');
+    return { specValue };
+};
+/**
+ * :spec Pseudo-Selector, matches edges where edge.spec.bareSpec equals the provided value.
+ *
+ * Examples:
+ * - :spec("*") matches edges with a package specifier equal to "*"
+ * - :spec(^1.0.0) matches edges with a package specifier equal to "^1.0.0"
+ * - :spec("catalog:") matches edges with a package specifier equal to "catalog:"
+ * - :spec("workspace:dev") matches edges with a package specifier equal to "workspace:dev"
+ */
+export const spec = async (state) => {
+    let internals;
+    try {
+        internals = parseInternals(asPostcssNodeWithChildren(state.current).nodes);
+    }
+    catch (err) {
+        throw error('Failed to parse :spec selector', {
+            cause: err,
+        });
+    }
+    const { specValue } = internals;
+    for (const edge of state.partial.edges) {
+        if (edge.spec.bareSpec !== specValue) {
+            removeEdge(state, edge);
+        }
+    }
+    // Clean up unlinked nodes after removing edges
+    removeUnlinkedNodes(state);
+    return state;
+};

package/dist/pseudo/squat.d.ts

@@ -0,0 +1,14 @@
+import type { ParserState } from '../types.ts';
+import type { PostcssNode } from '@vltpkg/dss-parser';
+export type SquatKinds = '0' | '2' | 'critical' | 'medium' | undefined;
+export type SquatAlertTypes = 'didYouMean' | 'gptDidYouMean' | undefined;
+export type SquatComparator = '>' | '<' | '>=' | '<=' | undefined;
+export declare const isSquatKind: (value?: string) => value is SquatKinds;
+export declare const asSquatKind: (value?: string) => SquatKinds;
+export declare const parseInternals: (nodes: PostcssNode[]) => {
+    kind: SquatKinds;
+    comparator: SquatComparator;
+};
+export declare const squat: (state: ParserState) => Promise<ParserState & {
+    securityArchive: NonNullable<ParserState["securityArchive"]>;
+}>;

package/dist/pseudo/squat.js

@@ -0,0 +1,171 @@
+import { error } from '@vltpkg/error-cause';
+import { asError } from '@vltpkg/types';
+import { asPostcssNodeWithChildren, asStringNode, asTagNode, isStringNode, isTagNode, } from '@vltpkg/dss-parser';
+import { assertSecurityArchive, removeDanglingEdges, removeNode, removeQuotes, } from "./helpers.js";
+const kindsMap = new Map([
+    ['critical', 'didYouMean'],
+    ['medium', 'gptDidYouMean'],
+    ['0', 'didYouMean'],
+    ['2', 'gptDidYouMean'],
+    [undefined, undefined],
+]);
+// Map numerical values to their respective kinds for comparison operations
+const kindLevelMap = new Map([
+    ['critical', 0],
+    ['medium', 2],
+    ['0', 0],
+    ['2', 2],
+]);
+const kinds = new Set(kindsMap.keys());
+export const isSquatKind = (value) => kinds.has(value);
+export const asSquatKind = (value) => {
+    if (!isSquatKind(value)) {
+        throw error('Expected a valid squat kind', {
+            found: value,
+            validOptions: Array.from(kinds),
+        });
+    }
+    return value;
+};
+export const parseInternals = (nodes) => {
+    let kind;
+    let comparator;
+    let kindValue = '';
+    if (isStringNode(asPostcssNodeWithChildren(nodes[0]).nodes[0])) {
+        kindValue = removeQuotes(asStringNode(asPostcssNodeWithChildren(nodes[0]).nodes[0])
+            .value);
+    }
+    else if (isTagNode(asPostcssNodeWithChildren(nodes[0]).nodes[0])) {
+        kindValue = asTagNode(asPostcssNodeWithChildren(nodes[0]).nodes[0]).value;
+    }
+    // Extract comparator if present
+    if (kindValue.startsWith('>=')) {
+        comparator = '>=';
+        kindValue = kindValue.substring(2);
+    }
+    else if (kindValue.startsWith('<=')) {
+        comparator = '<=';
+        kindValue = kindValue.substring(2);
+    }
+    else if (kindValue.startsWith('>')) {
+        comparator = '>';
+        kindValue = kindValue.substring(1);
+    }
+    else if (kindValue.startsWith('<')) {
+        comparator = '<';
+        kindValue = kindValue.substring(1);
+    }
+    // Parse kind value
+    if (kindValue) {
+        if (isSquatKind(kindValue)) {
+            kind = kindValue;
+        }
+        else {
+            throw error('Expected a valid squat kind for comparison', {
+                found: kindValue,
+                validOptions: Array.from(kinds),
+            });
+        }
+    }
+    return { kind, comparator };
+};
+export const squat = async (state) => {
+    assertSecurityArchive(state, 'squat');
+    let internals;
+    try {
+        internals = parseInternals(asPostcssNodeWithChildren(state.current).nodes);
+    }
+    catch (err) {
+        if (asError(err).message === 'Expected a query node') {
+            // No parameters provided - pseudo state form: match ANY squat level
+            internals = { kind: undefined, comparator: undefined };
+        }
+        else {
+            throw error('Failed to parse :squat selector', { cause: err });
+        }
+    }
+    const { kind, comparator } = internals;
+    // First pass: Remove nodes without security data
+    for (const node of state.partial.nodes) {
+        const report = state.securityArchive.get(node.id);
+        // Always exclude nodes that don't have security data or alerts
+        if (!report?.alerts || report.alerts.length === 0) {
+            removeNode(state, node);
+        }
+    }
+    // Second pass: Apply comparison filtering
+    for (const node of state.partial.nodes) {
+        const report = state.securityArchive.get(node.id);
+        // Skip if report is undefined
+        // (should never happen since we filtered above)
+        /* c8 ignore next - impossible */
+        if (!report)
+            continue;
+        // At this point we know report exists and has alerts
+        let exclude = true;
+        if (kind === undefined && comparator === undefined) {
+            // Pseudo state form: match ANY squat level
+            exclude = !report.alerts.some(alert => [...kindsMap.values()].includes(alert.type));
+        }
+        else if (comparator) {
+            // Get the value to compare against
+            const kindLevel = kindLevelMap.get(kind);
+            /* c8 ignore next - impossible */
+            if (kindLevel === undefined)
+                break;
+            // For each alert, check if it matches the comparison criteria
+            let matchesComparison = false;
+            for (const alert of report.alerts) {
+                // Get the alert type
+                const alertType = alert.type;
+                // Find the corresponding kind for this alert type
+                const alertLevelKey = [...kindsMap.entries()].find(([_, value]) => value === alertType)?.[0];
+                if (alertLevelKey) {
+                    // Get the numeric level for this alert
+                    const alertLevel = kindLevelMap.get(alertLevelKey);
+                    /* c8 ignore next - impossible */
+                    if (alertLevel === undefined)
+                        continue;
+                    // Apply the comparison based on the comparator
+                    switch (comparator) {
+                        case '>':
+                            if (alertLevel > kindLevel) {
+                                matchesComparison = true;
+                            }
+                            break;
+                        case '<':
+                            if (alertLevel < kindLevel) {
+                                matchesComparison = true;
+                            }
+                            break;
+                        case '>=':
+                            if (alertLevel >= kindLevel) {
+                                matchesComparison = true;
+                            }
+                            break;
+                        case '<=':
+                            if (alertLevel <= kindLevel) {
+                                matchesComparison = true;
+                            }
+                            break;
+                    }
+                    // If we found a match, we can stop checking other alerts
+                    if (matchesComparison)
+                        break;
+                }
+            }
+            // Exclude the node if it doesn't match the comparison
+            exclude = !matchesComparison;
+        }
+        else {
+            // Original exact match behavior
+            const alertName = kindsMap.get(kind);
+            exclude = !report.alerts.some(alert => alert.type === alertName);
+        }
+        if (exclude) {
+            removeNode(state, node);
+        }
+    }
+    removeDanglingEdges(state);
+    return state;
+};

package/dist/pseudo/suspicious.d.ts

@@ -0,0 +1,6 @@
+/**
+ * Filters out any node that does not have a **suspiciousStarActivity** report alert.
+ */
+export declare const suspicious: (state: import("../types.ts").ParserState) => Promise<import("../types.ts").ParserState & {
+    securityArchive: NonNullable<import("../types.ts").ParserState["securityArchive"]>;
+}>;

package/dist/pseudo/suspicious.js

@@ -0,0 +1,5 @@
+import { createSecuritySelectorFilter } from "./helpers.js";
+/**
+ * Filters out any node that does not have a **suspiciousStarActivity** report alert.
+ */
+export const suspicious = createSecuritySelectorFilter('suspicious', 'suspiciousStarActivity');

package/dist/pseudo/tracker.d.ts

@@ -0,0 +1,6 @@
+/**
+ * Filters out any node that does not have a **telemetry** report alert.
+ */
+export declare const tracker: (state: import("../types.ts").ParserState) => Promise<import("../types.ts").ParserState & {
+    securityArchive: NonNullable<import("../types.ts").ParserState["securityArchive"]>;
+}>;

package/dist/pseudo/tracker.js

@@ -0,0 +1,5 @@
+import { createSecuritySelectorFilter } from "./helpers.js";
+/**
+ * Filters out any node that does not have a **telemetry** report alert.
+ */
+export const tracker = createSecuritySelectorFilter('tracker', 'telemetry');

package/dist/pseudo/trivial.d.ts

@@ -0,0 +1,6 @@
+/**
+ * Filters out any node that does not have a **trivialPackage** report alert.
+ */
+export declare const trivial: (state: import("../types.ts").ParserState) => Promise<import("../types.ts").ParserState & {
+    securityArchive: NonNullable<import("../types.ts").ParserState["securityArchive"]>;
+}>;

package/dist/pseudo/trivial.js

@@ -0,0 +1,5 @@
+import { createSecuritySelectorFilter } from "./helpers.js";
+/**
+ * Filters out any node that does not have a **trivialPackage** report alert.
+ */
+export const trivial = createSecuritySelectorFilter('trivial', 'trivialPackage');

package/dist/pseudo/type.d.ts

@@ -0,0 +1,7 @@
+import type { ParserState } from '../types.ts';
+/**
+ * :type(str) Pseudo-Element will match only nodes that are of
+ * the same type as the value used. The type is determined by the
+ * first part of the dependency ID.
+ */
+export declare const type: (state: ParserState) => Promise<ParserState>;

package/dist/pseudo/type.js

@@ -0,0 +1,21 @@
+import { splitDepID } from '@vltpkg/dep-id/browser';
+import { asPostcssNodeWithChildren, asTagNode, } from '@vltpkg/dss-parser';
+import { removeDanglingEdges, removeNode } from "./helpers.js";
+/**
+ * :type(str) Pseudo-Element will match only nodes that are of
+ * the same type as the value used. The type is determined by the
+ * first part of the dependency ID.
+ */
+export const type = async (state) => {
+    const type = asPostcssNodeWithChildren(state.current);
+    const selector = asPostcssNodeWithChildren(type.nodes[0]);
+    const name = asTagNode(selector.nodes[0]).value;
+    for (const node of state.partial.nodes) {
+        const nodeType = splitDepID(node.id)[0];
+        if (nodeType !== name) {
+            removeNode(state, node);
+        }
+    }
+    removeDanglingEdges(state);
+    return state;
+};

package/dist/pseudo/undesirable.d.ts

@@ -0,0 +1,6 @@
+/**
+ * Filters out any node that does not have a **troll** report alert.
+ */
+export declare const undesirable: (state: import("../types.ts").ParserState) => Promise<import("../types.ts").ParserState & {
+    securityArchive: NonNullable<import("../types.ts").ParserState["securityArchive"]>;
+}>;

package/dist/pseudo/undesirable.js

@@ -0,0 +1,5 @@
+import { createSecuritySelectorFilter } from "./helpers.js";
+/**
+ * Filters out any node that does not have a **troll** report alert.
+ */
+export const undesirable = createSecuritySelectorFilter('undesirable', 'troll');

package/dist/pseudo/unknown.d.ts

@@ -0,0 +1,6 @@
+/**
+ * Filters out any node that does not have a **newAuthor** report alert.
+ */
+export declare const unknown: (state: import("../types.ts").ParserState) => Promise<import("../types.ts").ParserState & {
+    securityArchive: NonNullable<import("../types.ts").ParserState["securityArchive"]>;
+}>;

package/dist/pseudo/unknown.js

@@ -0,0 +1,5 @@
+import { createSecuritySelectorFilter } from "./helpers.js";
+/**
+ * Filters out any node that does not have a **newAuthor** report alert.
+ */
+export const unknown = createSecuritySelectorFilter('unknown', 'newAuthor');

package/dist/pseudo/unmaintained.d.ts

@@ -0,0 +1,6 @@
+/**
+ * Filters out any node that does not have a **unmaintained** report alert.
+ */
+export declare const unmaintained: (state: import("../types.ts").ParserState) => Promise<import("../types.ts").ParserState & {
+    securityArchive: NonNullable<import("../types.ts").ParserState["securityArchive"]>;
+}>;

package/dist/pseudo/unmaintained.js

@@ -0,0 +1,5 @@
+import { createSecuritySelectorFilter } from "./helpers.js";
+/**
+ * Filters out any node that does not have a **unmaintained** report alert.
+ */
+export const unmaintained = createSecuritySelectorFilter('unmaintained', 'unmaintained');

package/dist/pseudo/unpopular.d.ts

@@ -0,0 +1,6 @@
+/**
+ * Filters out any node that does not have a **unpopularPackage** report alert.
+ */
+export declare const unpopular: (state: import("../types.ts").ParserState) => Promise<import("../types.ts").ParserState & {
+    securityArchive: NonNullable<import("../types.ts").ParserState["securityArchive"]>;
+}>;

package/dist/pseudo/unpopular.js

@@ -0,0 +1,5 @@
+import { createSecuritySelectorFilter } from "./helpers.js";
+/**
+ * Filters out any node that does not have a **unpopularPackage** report alert.
+ */
+export const unpopular = createSecuritySelectorFilter('unpopular', 'unpopularPackage');

package/dist/pseudo/unstable.d.ts

@@ -0,0 +1,6 @@
+/**
+ * Filters out any node that does not have a **unstableOwnership** report alert.
+ */
+export declare const unstable: (state: import("../types.ts").ParserState) => Promise<import("../types.ts").ParserState & {
+    securityArchive: NonNullable<import("../types.ts").ParserState["securityArchive"]>;
+}>;

package/dist/pseudo/unstable.js

@@ -0,0 +1,5 @@
+import { createSecuritySelectorFilter } from "./helpers.js";
+/**
+ * Filters out any node that does not have a **unstableOwnership** report alert.
+ */
+export const unstable = createSecuritySelectorFilter('unstable', 'unstableOwnership');

package/dist/pseudo/workspace.d.ts

@@ -0,0 +1,5 @@
+import type { ParserState } from '../types.ts';
+/**
+ * :workspace Pseudo-Selector will only match workspace dependencies.
+ */
+export declare const workspace: (state: ParserState) => Promise<ParserState>;