@vltpkg/query 1.0.0-rc.23 → 1.0.0-rc.24

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (129) hide show
  1. package/dist/attribute.d.ts +14 -0
  2. package/dist/attribute.js +132 -0
  3. package/dist/combinator.d.ts +5 -0
  4. package/dist/combinator.js +111 -0
  5. package/dist/id.d.ts +5 -0
  6. package/dist/id.js +35 -0
  7. package/dist/index.d.ts +48 -0
  8. package/dist/index.js +410 -0
  9. package/dist/parser.d.ts +14 -0
  10. package/dist/parser.js +92 -0
  11. package/dist/pseudo/abandoned.d.ts +6 -0
  12. package/dist/pseudo/abandoned.js +5 -0
  13. package/dist/pseudo/attr.d.ts +18 -0
  14. package/dist/pseudo/attr.js +57 -0
  15. package/dist/pseudo/built.d.ts +7 -0
  16. package/dist/pseudo/built.js +15 -0
  17. package/dist/pseudo/confused.d.ts +8 -0
  18. package/dist/pseudo/confused.js +18 -0
  19. package/dist/pseudo/cve.d.ts +12 -0
  20. package/dist/pseudo/cve.js +43 -0
  21. package/dist/pseudo/cwe.d.ts +12 -0
  22. package/dist/pseudo/cwe.js +42 -0
  23. package/dist/pseudo/debug.d.ts +6 -0
  24. package/dist/pseudo/debug.js +5 -0
  25. package/dist/pseudo/deprecated.d.ts +6 -0
  26. package/dist/pseudo/deprecated.js +5 -0
  27. package/dist/pseudo/dev.d.ts +5 -0
  28. package/dist/pseudo/dev.js +14 -0
  29. package/dist/pseudo/diff.d.ts +26 -0
  30. package/dist/pseudo/diff.js +75 -0
  31. package/dist/pseudo/dynamic.d.ts +6 -0
  32. package/dist/pseudo/dynamic.js +5 -0
  33. package/dist/pseudo/empty.d.ts +6 -0
  34. package/dist/pseudo/empty.js +13 -0
  35. package/dist/pseudo/entropic.d.ts +6 -0
  36. package/dist/pseudo/entropic.js +5 -0
  37. package/dist/pseudo/env.d.ts +6 -0
  38. package/dist/pseudo/env.js +5 -0
  39. package/dist/pseudo/eval.d.ts +6 -0
  40. package/dist/pseudo/eval.js +5 -0
  41. package/dist/pseudo/fs.d.ts +6 -0
  42. package/dist/pseudo/fs.js +5 -0
  43. package/dist/pseudo/helpers.d.ts +38 -0
  44. package/dist/pseudo/helpers.js +79 -0
  45. package/dist/pseudo/host.d.ts +19 -0
  46. package/dist/pseudo/host.js +79 -0
  47. package/dist/pseudo/hostname.d.ts +11 -0
  48. package/dist/pseudo/hostname.js +138 -0
  49. package/dist/pseudo/license.d.ts +12 -0
  50. package/dist/pseudo/license.js +74 -0
  51. package/dist/pseudo/link.d.ts +8 -0
  52. package/dist/pseudo/link.js +24 -0
  53. package/dist/pseudo/malware.d.ts +23 -0
  54. package/dist/pseudo/malware.js +186 -0
  55. package/dist/pseudo/minified.d.ts +6 -0
  56. package/dist/pseudo/minified.js +5 -0
  57. package/dist/pseudo/missing.d.ts +7 -0
  58. package/dist/pseudo/missing.js +14 -0
  59. package/dist/pseudo/native.d.ts +6 -0
  60. package/dist/pseudo/native.js +5 -0
  61. package/dist/pseudo/network.d.ts +6 -0
  62. package/dist/pseudo/network.js +5 -0
  63. package/dist/pseudo/obfuscated.d.ts +6 -0
  64. package/dist/pseudo/obfuscated.js +5 -0
  65. package/dist/pseudo/optional.d.ts +5 -0
  66. package/dist/pseudo/optional.js +14 -0
  67. package/dist/pseudo/outdated.d.ts +53 -0
  68. package/dist/pseudo/outdated.js +211 -0
  69. package/dist/pseudo/overridden.d.ts +7 -0
  70. package/dist/pseudo/overridden.js +16 -0
  71. package/dist/pseudo/path.d.ts +18 -0
  72. package/dist/pseudo/path.js +110 -0
  73. package/dist/pseudo/peer.d.ts +5 -0
  74. package/dist/pseudo/peer.js +14 -0
  75. package/dist/pseudo/prerelease.d.ts +17 -0
  76. package/dist/pseudo/prerelease.js +40 -0
  77. package/dist/pseudo/private.d.ts +6 -0
  78. package/dist/pseudo/private.js +15 -0
  79. package/dist/pseudo/prod.d.ts +5 -0
  80. package/dist/pseudo/prod.js +14 -0
  81. package/dist/pseudo/published.d.ts +39 -0
  82. package/dist/pseudo/published.js +179 -0
  83. package/dist/pseudo/registry.d.ts +10 -0
  84. package/dist/pseudo/registry.js +24 -0
  85. package/dist/pseudo/root.d.ts +6 -0
  86. package/dist/pseudo/root.js +17 -0
  87. package/dist/pseudo/scanned.d.ts +8 -0
  88. package/dist/pseudo/scanned.js +16 -0
  89. package/dist/pseudo/score.d.ts +15 -0
  90. package/dist/pseudo/score.js +132 -0
  91. package/dist/pseudo/scripts.d.ts +9 -0
  92. package/dist/pseudo/scripts.js +43 -0
  93. package/dist/pseudo/semver.d.ts +16 -0
  94. package/dist/pseudo/semver.js +166 -0
  95. package/dist/pseudo/severity.d.ts +14 -0
  96. package/dist/pseudo/severity.js +159 -0
  97. package/dist/pseudo/shell.d.ts +6 -0
  98. package/dist/pseudo/shell.js +5 -0
  99. package/dist/pseudo/shrinkwrap.d.ts +6 -0
  100. package/dist/pseudo/shrinkwrap.js +5 -0
  101. package/dist/pseudo/spec.d.ts +16 -0
  102. package/dist/pseudo/spec.js +101 -0
  103. package/dist/pseudo/squat.d.ts +14 -0
  104. package/dist/pseudo/squat.js +171 -0
  105. package/dist/pseudo/suspicious.d.ts +6 -0
  106. package/dist/pseudo/suspicious.js +5 -0
  107. package/dist/pseudo/tracker.d.ts +6 -0
  108. package/dist/pseudo/tracker.js +5 -0
  109. package/dist/pseudo/trivial.d.ts +6 -0
  110. package/dist/pseudo/trivial.js +5 -0
  111. package/dist/pseudo/type.d.ts +7 -0
  112. package/dist/pseudo/type.js +21 -0
  113. package/dist/pseudo/undesirable.d.ts +6 -0
  114. package/dist/pseudo/undesirable.js +5 -0
  115. package/dist/pseudo/unknown.d.ts +6 -0
  116. package/dist/pseudo/unknown.js +5 -0
  117. package/dist/pseudo/unmaintained.d.ts +6 -0
  118. package/dist/pseudo/unmaintained.js +5 -0
  119. package/dist/pseudo/unpopular.d.ts +6 -0
  120. package/dist/pseudo/unpopular.js +5 -0
  121. package/dist/pseudo/unstable.d.ts +6 -0
  122. package/dist/pseudo/unstable.js +5 -0
  123. package/dist/pseudo/workspace.d.ts +5 -0
  124. package/dist/pseudo/workspace.js +19 -0
  125. package/dist/pseudo.d.ts +5 -0
  126. package/dist/pseudo.js +366 -0
  127. package/dist/types.d.ts +124 -0
  128. package/dist/types.js +1 -0
  129. package/package.json +8 -8
package/dist/pseudo/workspace.js ADDED
@@ -0,0 +1,19 @@
1
+ import { removeNode } from "./helpers.js";
2
+ /**
3
+ * :workspace Pseudo-Selector will only match workspace dependencies.
4
+ */
5
+ export const workspace = async (state) => {
6
+ // Filter out the root node and any nodes that are not marked as workspaces
7
+ for (const node of state.partial.nodes) {
8
+ if (!node.importer || node.mainImporter) {
9
+ removeNode(state, node);
10
+ }
11
+ }
12
+ // Clears up any edges that are not pointing to workspace nodes
13
+ for (const edge of state.partial.edges) {
14
+ if (edge.to?.importer && !edge.to.mainImporter)
15
+ continue;
16
+ state.partial.edges.delete(edge);
17
+ }
18
+ return state;
19
+ };
package/dist/pseudo.d.ts ADDED
@@ -0,0 +1,5 @@
1
+ import type { ParserState } from './types.ts';
2
+ /**
3
+ * Parsers the `pseudo` node types.
4
+ */
5
+ export declare const pseudo: (state: ParserState) => Promise<ParserState>;
package/dist/pseudo.js ADDED
@@ -0,0 +1,366 @@
1
+ import { error } from '@vltpkg/error-cause';
2
+ import { removeDanglingEdges, removeNode } from "./pseudo/helpers.js";
3
+ import { asPostcssNodeWithChildren, asPseudoNode, isSelectorNode, } from '@vltpkg/dss-parser';
4
+ // imported pseudo selectors
5
+ import { abandoned } from "./pseudo/abandoned.js";
6
+ import { attr } from "./pseudo/attr.js";
7
+ import { built } from "./pseudo/built.js";
8
+ import { confused } from "./pseudo/confused.js";
9
+ import { cve } from "./pseudo/cve.js";
10
+ import { cwe } from "./pseudo/cwe.js";
11
+ import { debug } from "./pseudo/debug.js";
12
+ import { deprecated } from "./pseudo/deprecated.js";
13
+ import { dev } from "./pseudo/dev.js";
14
+ import { diff } from "./pseudo/diff.js";
15
+ import { dynamic } from "./pseudo/dynamic.js";
16
+ import { empty } from "./pseudo/empty.js";
17
+ import { entropic } from "./pseudo/entropic.js";
18
+ import { env } from "./pseudo/env.js";
19
+ import { evalParser } from "./pseudo/eval.js";
20
+ import { fs } from "./pseudo/fs.js";
21
+ import { hostContext } from "./pseudo/host.js";
22
+ import { hostname } from "./pseudo/hostname.js";
23
+ import { license } from "./pseudo/license.js";
24
+ import { link } from "./pseudo/link.js";
25
+ import { malware } from "./pseudo/malware.js";
26
+ import { minified } from "./pseudo/minified.js";
27
+ import { missing } from "./pseudo/missing.js";
28
+ import { nativeParser } from "./pseudo/native.js";
29
+ import { network } from "./pseudo/network.js";
30
+ import { obfuscated } from "./pseudo/obfuscated.js";
31
+ import { optional } from "./pseudo/optional.js";
32
+ import { outdated } from "./pseudo/outdated.js";
33
+ import { overridden } from "./pseudo/overridden.js";
34
+ import { path } from "./pseudo/path.js";
35
+ import { peer } from "./pseudo/peer.js";
36
+ import { prerelease } from "./pseudo/prerelease.js";
37
+ import { published } from "./pseudo/published.js";
38
+ import { privateParser } from "./pseudo/private.js";
39
+ import { registry } from "./pseudo/registry.js";
40
+ import { prod } from "./pseudo/prod.js";
41
+ import { root } from "./pseudo/root.js";
42
+ import { scanned } from "./pseudo/scanned.js";
43
+ import { score } from "./pseudo/score.js";
44
+ import { scripts } from "./pseudo/scripts.js";
45
+ import { shell } from "./pseudo/shell.js";
46
+ import { semverParser as semver } from "./pseudo/semver.js";
47
+ import { severity } from "./pseudo/severity.js";
48
+ import { spec } from "./pseudo/spec.js";
49
+ import { shrinkwrap } from "./pseudo/shrinkwrap.js";
50
+ import { squat } from "./pseudo/squat.js";
51
+ import { suspicious } from "./pseudo/suspicious.js";
52
+ import { tracker } from "./pseudo/tracker.js";
53
+ import { trivial } from "./pseudo/trivial.js";
54
+ import { type } from "./pseudo/type.js";
55
+ import { undesirable } from "./pseudo/undesirable.js";
56
+ import { unknown } from "./pseudo/unknown.js";
57
+ import { unmaintained } from "./pseudo/unmaintained.js";
58
+ import { unpopular } from "./pseudo/unpopular.js";
59
+ import { unstable } from "./pseudo/unstable.js";
60
+ import { workspace } from "./pseudo/workspace.js";
61
+ /**
62
+ * :has Pseudo-Selector, matches only nodes that have valid results
63
+ * for its nested selector expressions.
64
+ */
65
+ const has = async (state) => {
66
+ const top = asPostcssNodeWithChildren(state.current);
67
+ const collectNodes = new Set();
68
+ const collectEdges = new Set();
69
+ for (const node of top.nodes) {
70
+ if (isSelectorNode(node)) {
71
+ const nestedState = await state.walk({
72
+ cancellable: state.cancellable,
73
+ initial: {
74
+ edges: new Set(state.initial.edges),
75
+ nodes: new Set(state.initial.nodes),
76
+ },
77
+ current: node,
78
+ walk: state.walk,
79
+ collect: {
80
+ edges: new Set(),
81
+ nodes: new Set(),
82
+ },
83
+ partial: {
84
+ edges: new Set(state.partial.edges),
85
+ nodes: new Set(state.partial.nodes),
86
+ },
87
+ hostContexts: state.hostContexts,
88
+ importers: state.importers,
89
+ retries: state.retries,
90
+ securityArchive: state.securityArchive,
91
+ signal: state.signal,
92
+ scopeIDs: state.scopeIDs,
93
+ comment: state.comment,
94
+ specificity: { ...state.specificity },
95
+ });
96
+ for (const n of nestedState.collect.nodes) {
97
+ collectNodes.add(n);
98
+ }
99
+ for (const e of nestedState.partial.edges) {
100
+ collectEdges.add(e);
101
+ }
102
+ }
103
+ }
104
+ // if the nested selector did not match anything, that means
105
+ // no current node has any matches
106
+ if (collectNodes.size === 0) {
107
+ state.partial.edges.clear();
108
+ state.partial.nodes.clear();
109
+ return state;
110
+ }
111
+ // handles transitive dependencies
112
+ // compareNodes collects a list of all ancestor nodes
113
+ // from the resulting nodes of the nested selector
114
+ const compareNodes = new Set();
115
+ const traverse = new Set(collectNodes);
116
+ for (const node of traverse) {
117
+ for (const edge of node.edgesIn) {
118
+ compareNodes.add(edge.from);
119
+ if (edge.from.edgesIn.size) {
120
+ traverse.add(edge.from);
121
+ }
122
+ }
123
+ }
124
+ // for each node in the current list checks to see if
125
+ // it has a node in the resulting nested state that is
126
+ // a transitive dependency / children.
127
+ nodesLoop: for (const node of state.partial.nodes) {
128
+ if (node.edgesOut.size === 0 || !compareNodes.has(node)) {
129
+ removeNode(state, node);
130
+ continue;
131
+ }
132
+ for (const edge of node.edgesOut.values()) {
133
+ if (collectEdges.has(edge)) {
134
+ continue nodesLoop;
135
+ }
136
+ }
137
+ removeNode(state, node);
138
+ }
139
+ removeDanglingEdges(state);
140
+ return state;
141
+ };
142
+ /**
143
+ * :is Pseudo-selector, acts as a shortcut for writing more compact expressions
144
+ * by allowing multiple nested selectors to match on the previous results.
145
+ *
146
+ * It also enables the loose parsing mode, skipping instead of erroring usage
147
+ * of non-existing classes, identifiers, pseudo-classes, etc.
148
+ */
149
+ const is = async (state) => {
150
+ const top = asPostcssNodeWithChildren(state.current);
151
+ const collect = new Set();
152
+ for (const node of top.nodes) {
153
+ if (isSelectorNode(node)) {
154
+ const nestedState = await state.walk({
155
+ cancellable: state.cancellable,
156
+ collect: {
157
+ edges: new Set(),
158
+ nodes: new Set(),
159
+ },
160
+ current: node,
161
+ initial: state.initial,
162
+ loose: true,
163
+ partial: {
164
+ nodes: new Set(state.partial.nodes),
165
+ edges: new Set(state.partial.edges),
166
+ },
167
+ importers: state.importers,
168
+ hostContexts: state.hostContexts,
169
+ walk: state.walk,
170
+ retries: state.retries,
171
+ securityArchive: state.securityArchive,
172
+ signal: state.signal,
173
+ scopeIDs: state.scopeIDs,
174
+ comment: state.comment,
175
+ specificity: { ...state.specificity },
176
+ });
177
+ for (const n of nestedState.collect.nodes) {
178
+ collect.add(n);
179
+ }
180
+ }
181
+ }
182
+ for (const node of state.partial.nodes) {
183
+ if (!collect.has(node)) {
184
+ removeNode(state, node);
185
+ }
186
+ }
187
+ return state;
188
+ };
189
+ /**
190
+ * :not Pseudo-class, serves to create negate expressions, anything that
191
+ * matches selectors declared inside the `:not()` expression is going to be
192
+ * filtered out in the final result.
193
+ */
194
+ const not = async (state) => {
195
+ const top = asPostcssNodeWithChildren(state.current);
196
+ const collect = new Set();
197
+ for (const node of top.nodes) {
198
+ if (isSelectorNode(node)) {
199
+ const nestedState = await state.walk({
200
+ cancellable: state.cancellable,
201
+ collect: {
202
+ edges: new Set(),
203
+ nodes: new Set(),
204
+ },
205
+ current: node,
206
+ initial: state.initial,
207
+ partial: {
208
+ nodes: new Set(state.partial.nodes),
209
+ edges: new Set(state.partial.edges),
210
+ },
211
+ importers: state.importers,
212
+ hostContexts: state.hostContexts,
213
+ walk: state.walk,
214
+ retries: state.retries,
215
+ securityArchive: state.securityArchive,
216
+ signal: state.signal,
217
+ scopeIDs: state.scopeIDs,
218
+ comment: state.comment,
219
+ specificity: { ...state.specificity },
220
+ });
221
+ for (const n of nestedState.collect.nodes) {
222
+ collect.add(n);
223
+ }
224
+ /* c8 ignore start - should be impossible */
225
+ }
226
+ else {
227
+ throw error('Error parsing :not() selectors', {
228
+ wanted: { type: 'selector' },
229
+ found: node,
230
+ });
231
+ }
232
+ /* c8 ignore stop */
233
+ }
234
+ for (const node of state.partial.nodes) {
235
+ if (collect.has(node)) {
236
+ removeNode(state, node);
237
+ }
238
+ }
239
+ removeDanglingEdges(state);
240
+ return state;
241
+ };
242
+ /**
243
+ * :project Pseudo-Class, matches only graph importers (e.g: the
244
+ * root node along with any configured workspace)
245
+ */
246
+ const project = async (state) => {
247
+ for (const node of state.partial.nodes) {
248
+ if (!node.importer) {
249
+ removeNode(state, node);
250
+ }
251
+ }
252
+ for (const edge of state.partial.edges) {
253
+ if (!edge.to?.importer) {
254
+ state.partial.edges.delete(edge);
255
+ }
256
+ }
257
+ return state;
258
+ };
259
+ /**
260
+ * :scope Pseudo-Element, returns only the nodes that match the provided scopeIDs
261
+ * from the Query.search method.
262
+ */
263
+ const scope = async (state) => {
264
+ const scopeIDSet = new Set(state.scopeIDs);
265
+ for (const node of state.partial.nodes) {
266
+ if (!scopeIDSet.has(node.id)) {
267
+ removeNode(state, node);
268
+ }
269
+ }
270
+ removeDanglingEdges(state);
271
+ return state;
272
+ };
273
+ const pseudoSelectors = new Map(Object.entries({
274
+ abandoned,
275
+ attr,
276
+ built,
277
+ confused,
278
+ cve,
279
+ cwe,
280
+ debug,
281
+ deprecated,
282
+ dev,
283
+ diff,
284
+ dynamic,
285
+ eval: evalParser,
286
+ empty,
287
+ entropic,
288
+ env,
289
+ fs,
290
+ has,
291
+ host: hostContext,
292
+ hostname,
293
+ is,
294
+ license,
295
+ link,
296
+ malware,
297
+ minified,
298
+ missing,
299
+ native: nativeParser,
300
+ network,
301
+ not,
302
+ obfuscated,
303
+ optional,
304
+ outdated,
305
+ overridden,
306
+ path,
307
+ peer,
308
+ prerelease,
309
+ published,
310
+ private: privateParser,
311
+ prod,
312
+ registry,
313
+ project,
314
+ root,
315
+ scanned,
316
+ scope,
317
+ score,
318
+ scripts,
319
+ semver,
320
+ sev: severity,
321
+ spec,
322
+ severity,
323
+ shell,
324
+ shrinkwrap,
325
+ squat,
326
+ suspicious,
327
+ tracker,
328
+ trivial,
329
+ type,
330
+ undesirable,
331
+ unknown,
332
+ unmaintained,
333
+ unpopular,
334
+ unstable,
335
+ v: semver,
336
+ workspace,
337
+ }));
338
+ /**
339
+ * Parsers the `pseudo` node types.
340
+ */
341
+ export const pseudo = async (state) => {
342
+ await state.cancellable();
343
+ const curr = asPseudoNode(state.current);
344
+ const parserFn = curr.value && pseudoSelectors.get(curr.value.slice(1));
345
+ if (!parserFn) {
346
+ if (state.loose) {
347
+ state.partial.edges.clear();
348
+ state.partial.nodes.clear();
349
+ return state;
350
+ }
351
+ throw error(`Unsupported pseudo-class: ${state.current.value}`, {
352
+ found: state.current,
353
+ });
354
+ }
355
+ const result = await parserFn(state);
356
+ // Increment the commonCounter for specificity, except for
357
+ // nesting selectors which don't contribute to specificity
358
+ const pseudoValue = curr.value.slice(1);
359
+ if (pseudoValue &&
360
+ pseudoValue !== 'not' &&
361
+ pseudoValue !== 'is' &&
362
+ pseudoValue !== 'has') {
363
+ result.specificity.commonCounter += 1;
364
+ }
365
+ return result;
366
+ };
package/dist/types.d.ts ADDED
@@ -0,0 +1,124 @@
1
+ import type { EdgeLike, NodeLike } from '@vltpkg/types';
2
+ import type { SecurityArchiveLike, PackageScore } from '@vltpkg/security-archive';
3
+ import type { DepID } from '@vltpkg/dep-id';
4
+ import type { PostcssNode } from '@vltpkg/dss-parser';
5
+ export type HostContextsMapResult = {
6
+ initialEdges: EdgeLike[];
7
+ initialNodes: NodeLike[];
8
+ edges: EdgeLike[];
9
+ nodes: NodeLike[];
10
+ securityArchive: SecurityArchiveLike | undefined;
11
+ };
12
+ export type HostContextsMap = Map<string, () => Promise<HostContextsMapResult>>;
13
+ export type Specificity = {
14
+ idCounter: number;
15
+ commonCounter: number;
16
+ };
17
+ export type GraphSelectionState = {
18
+ nodes: Set<NodeLike>;
19
+ edges: Set<EdgeLike>;
20
+ };
21
+ /**
22
+ * Callback that returns changed file paths for a given
23
+ * commitish reference. Used by the :diff() pseudo selector.
24
+ * The returned paths should be relative to the project root.
25
+ */
26
+ export type DiffFilesProvider = (commitish: string) => Set<string>;
27
+ export type ParserState = {
28
+ cancellable: () => Promise<void>;
29
+ collect: GraphSelectionState;
30
+ comment: string;
31
+ current: PostcssNode;
32
+ diffFiles?: DiffFilesProvider;
33
+ hostContexts?: HostContextsMap;
34
+ importers: Set<NodeLike>;
35
+ initial: GraphSelectionState;
36
+ loose?: boolean;
37
+ next?: PostcssNode;
38
+ prev?: PostcssNode;
39
+ result?: NodeLike[];
40
+ signal: AbortSignal;
41
+ walk: ParserFn;
42
+ partial: GraphSelectionState;
43
+ retries: number;
44
+ securityArchive: SecurityArchiveLike | undefined;
45
+ scopeIDs?: DepID[];
46
+ specificity: Specificity;
47
+ };
48
+ export type QueryResponse = {
49
+ edges: QueryResponseEdge[];
50
+ nodes: QueryResponseNode[];
51
+ importers: QueryResponseNode[];
52
+ comment: string;
53
+ specificity: Specificity;
54
+ };
55
+ export type QueryResponseEdge = Omit<EdgeLike, 'from' | 'to'> & {
56
+ from: QueryResponseNode;
57
+ to?: QueryResponseNode;
58
+ };
59
+ export type QueryResponseNode = Omit<NodeLike, 'edgesIn' | 'edgesOut'> & {
60
+ edgesIn: Set<QueryResponseEdge>;
61
+ edgesOut: Map<string, QueryResponseEdge>;
62
+ insights: Insights;
63
+ toJSON: () => Pick<QueryResponseNode, 'id' | 'name' | 'version' | 'location' | 'importer' | 'manifest' | 'projectRoot' | 'integrity' | 'resolved' | 'dev' | 'optional' | 'insights' | 'confused'>;
64
+ };
65
+ export type Insights = {
66
+ abandoned?: boolean;
67
+ confused?: boolean;
68
+ cve?: `CVE-${string}`[];
69
+ cwe?: `CWE-${string}`[];
70
+ debug?: boolean;
71
+ deprecated?: boolean;
72
+ dynamic?: boolean;
73
+ entropic?: boolean;
74
+ env?: boolean;
75
+ eval?: boolean;
76
+ fs?: boolean;
77
+ license?: LicenseInsights;
78
+ malware?: MalwareInsights;
79
+ minified?: boolean;
80
+ native?: boolean;
81
+ network?: boolean;
82
+ obfuscated?: boolean;
83
+ scanned: boolean;
84
+ score?: PackageScore;
85
+ scripts?: boolean;
86
+ severity?: SeverityInsights;
87
+ shell?: boolean;
88
+ shrinkwrap?: boolean;
89
+ squat?: SquatInsights;
90
+ suspicious?: boolean;
91
+ tracker?: boolean;
92
+ trivial?: boolean;
93
+ undesirable?: boolean;
94
+ unknown?: boolean;
95
+ unmaintained?: boolean;
96
+ unpopular?: boolean;
97
+ unstable?: boolean;
98
+ };
99
+ export type LicenseInsights = {
100
+ unlicensed: boolean;
101
+ misc: boolean;
102
+ restricted: boolean;
103
+ ambiguous: boolean;
104
+ copyleft: boolean;
105
+ unknown: boolean;
106
+ none: boolean;
107
+ exception: boolean;
108
+ };
109
+ export type LeveledInsights = {
110
+ low: boolean;
111
+ medium: boolean;
112
+ high: boolean;
113
+ critical: boolean;
114
+ };
115
+ export type MalwareInsights = LeveledInsights;
116
+ export type SeverityInsights = LeveledInsights;
117
+ export type SquatInsights = {
118
+ medium: boolean;
119
+ critical: boolean;
120
+ };
121
+ export type ParserFn = (opt: ParserState) => Promise<ParserState>;
122
+ export type ParsedSelectorToken = PostcssNode & {
123
+ token: string;
124
+ };
package/dist/types.js ADDED
@@ -0,0 +1 @@
1
+ export {};
package/package.json CHANGED
@@ -1,7 +1,7 @@
1
1
  {
2
2
  "name": "@vltpkg/query",
3
3
  "description": "Query syntax parser that retrieves items from a graph",
4
- "version": "1.0.0-rc.23",
4
+ "version": "1.0.0-rc.24",
5
5
  "repository": {
6
6
  "type": "git",
7
7
  "url": "git+https://github.com/vltpkg/vltpkg.git",
@@ -12,12 +12,12 @@
12
12
  "email": "support@vlt.sh"
13
13
  },
14
14
  "dependencies": {
15
- "@vltpkg/dep-id": "1.0.0-rc.23",
16
- "@vltpkg/dss-parser": "1.0.0-rc.23",
17
- "@vltpkg/error-cause": "1.0.0-rc.23",
18
- "@vltpkg/security-archive": "1.0.0-rc.23",
19
- "@vltpkg/semver": "1.0.0-rc.23",
20
- "@vltpkg/types": "1.0.0-rc.23",
15
+ "@vltpkg/dep-id": "1.0.0-rc.24",
16
+ "@vltpkg/dss-parser": "1.0.0-rc.24",
17
+ "@vltpkg/error-cause": "1.0.0-rc.24",
18
+ "@vltpkg/security-archive": "1.0.0-rc.24",
19
+ "@vltpkg/semver": "1.0.0-rc.24",
20
+ "@vltpkg/types": "1.0.0-rc.24",
21
21
  "minimatch": "^10.1.1",
22
22
  "p-retry": "^7.1.1",
23
23
  "postcss-selector-parser": "^7.1.1"
@@ -25,7 +25,7 @@
25
25
  "devDependencies": {
26
26
  "@eslint/js": "^9.39.1",
27
27
  "@types/node": "^22.19.2",
28
- "@vltpkg/spec": "1.0.0-rc.23",
28
+ "@vltpkg/spec": "1.0.0-rc.24",
29
29
  "eslint": "^9.39.1",
30
30
  "prettier": "^3.7.4",
31
31
  "tap": "^21.5.0",