@westbayberry/dg 1.3.3 → 2.0.0

package/dist/scan-ui/components/ProgressBar.js

@@ -0,0 +1,89 @@
+import { jsx as _jsx, jsxs as _jsxs } from "react/jsx-runtime";
+import { useState, useEffect, useRef } from "react";
+import { Text, Box } from "ink";
+import InkSpinner from "ink-spinner";
+import chalk from "chalk";
+import { useTerminalSize } from "../hooks/useTerminalSize.js";
+// Measured ETA: extrapolates remaining time from the throughput observed so far.
+// `value` and `total` are the same numbers the bar renders; `elapsedSeconds` is
+// the wall-clock since the bar mounted. Returns null fields when there's not
+// enough signal yet (value == 0 or elapsed == 0) so the UI can show
+// "calculating…" instead of a misleading number.
+export function computeEta(value, total, elapsedSeconds) {
+    if (value <= 0 || elapsedSeconds <= 0 || total <= 0) {
+        return { remainingSeconds: null, ratePerSec: null };
+    }
+    const ratePerSec = value / elapsedSeconds;
+    if (ratePerSec <= 0 || !Number.isFinite(ratePerSec)) {
+        return { remainingSeconds: null, ratePerSec: null };
+    }
+    if (value >= total) {
+        return { remainingSeconds: 0, ratePerSec };
+    }
+    const remaining = (total - value) / ratePerSec;
+    return { remainingSeconds: Math.max(1, Math.ceil(remaining)), ratePerSec };
+}
+export function formatTime(seconds) {
+    if (seconds < 60)
+        return `${seconds}s`;
+    const m = Math.floor(seconds / 60);
+    const s = seconds % 60;
+    return s > 0 ? `${m}m ${s}s` : `${m}m`;
+}
+export function formatRate(ratePerSec) {
+    if (ratePerSec >= 1)
+        return `${Math.round(ratePerSec)} pkg/s`;
+    return `${ratePerSec.toFixed(1)} pkg/s`;
+}
+export const ProgressBar = ({ value, total, label, }) => {
+    const startRef = useRef(Date.now());
+    const [elapsed, setElapsed] = useState(0);
+    useEffect(() => {
+        const timer = setInterval(() => {
+            setElapsed(Math.floor((Date.now() - startRef.current) / 1000));
+        }, 1000);
+        return () => clearInterval(timer);
+    }, []);
+    // Subscribe to terminal resizes so the bar re-lays-out when the user
+    // resizes the window mid-scan. Reading process.stdout.columns directly
+    // only captures the width at mount time and goes stale on resize.
+    const { cols: termWidth } = useTerminalSize();
+    const percent = total > 0 ? Math.round((value / total) * 100) : 0;
+    // Use a sub-second elapsed for the ETA math so the first tick after batch-1
+    // completes can produce a real number (the 1s setInterval would otherwise
+    // make elapsed=0 for the whole first second).
+    const elapsedPrecise = (Date.now() - startRef.current) / 1000;
+    const eta = computeEta(value, total, elapsedPrecise);
+    const done = total > 0 && value >= total;
+    const rateSuffix = eta.ratePerSec === null ? "" : `  (${formatRate(eta.ratePerSec)})`;
+    const rateInline = eta.ratePerSec === null ? "" : ` · ${formatRate(eta.ratePerSec)}`;
+    let timeInfo;
+    if (done) {
+        timeInfo = `in ${formatTime(elapsed)}${rateSuffix}`;
+    }
+    else if (eta.remainingSeconds === null) {
+        timeInfo = `${formatTime(elapsed)} elapsed · calculating…${rateInline}`;
+    }
+    else {
+        timeInfo = `${formatTime(elapsed)} elapsed · ~${formatTime(eta.remainingSeconds)} left${rateInline}`;
+    }
+    const counter = `${value}/${total}  ${percent}%`;
+    // Width thresholds:
+    //   < 30 cols → compact: counter only, no bar (bar would soft-wrap and
+    //               break Ink's line-count tracker, leaving stale lines
+    //               above on the next redraw).
+    //   30-59     → narrow bar (no elapsed-time tail beside the spinner).
+    //   >= 60     → full bar + tail.
+    const compact = termWidth < 30;
+    const narrow = !compact && termWidth < 60;
+    // Reserve: 4 indent + counter length + 2 padding. Floor at 6 cols so
+    // even on a borderline-narrow terminal we draw SOMETHING; if there's
+    // no room at all we fall through to compact mode above.
+    const barWidth = Math.max(6, termWidth - counter.length - 8);
+    const fraction = total > 0 ? Math.min(1, value / total) : 0;
+    const filled = Math.round(fraction * barWidth);
+    const empty = barWidth - filled;
+    const filledBar = "━".repeat(filled);
+    const emptyBar = "━".repeat(empty);
+    return (_jsxs(Box, { flexDirection: "column", paddingLeft: 2, children: [_jsx(Text, { children: chalk.bold("Dependency Guardian") }), _jsx(Text, { children: "" }), _jsxs(Box, { children: [done ? (_jsx(Text, { color: "green", children: "\u2713" })) : (_jsx(Text, { color: "cyan", children: _jsx(InkSpinner, { type: "dots" }) })), _jsxs(Text, { children: [" ", done ? "Scanned" : "Scanning", " ", total, " packages", done ? "" : "...", "  "] }), !narrow && !compact && _jsx(Text, { dimColor: true, children: timeInfo })] }), compact ? (_jsxs(Box, { children: [_jsx(Text, { children: "  " }), _jsx(Text, { children: counter })] })) : (_jsxs(Box, { children: [_jsx(Text, { children: "  " }), _jsx(Text, { color: "green", children: filledBar }), _jsx(Text, { dimColor: true, children: emptyBar }), _jsxs(Text, { children: ["  ", counter] })] })), label && !compact && (_jsx(Box, { children: _jsxs(Text, { dimColor: true, children: ["  ", chalk.dim("›"), " ", label] }) }))] }));
+};

package/dist/scan-ui/components/ProjectSelector.js

@@ -0,0 +1,62 @@
+import { jsxs as _jsxs, jsx as _jsx } from "react/jsx-runtime";
+import { useState } from "react";
+import { Box, Text, useInput } from "ink";
+import chalk from "chalk";
+import { sanitize } from "../../security/sanitize.js";
+import { useTerminalSize } from "../hooks/useTerminalSize.js";
+export const ProjectSelector = ({ projects, onConfirm, onCancel, userStatus }) => {
+    const [cursor, setCursor] = useState(0);
+    const [selected, setSelected] = useState(() => new Set(projects.map((_, i) => i)));
+    const { cols: termCols } = useTerminalSize();
+    useInput((input, key) => {
+        if (key.upArrow) {
+            setCursor((c) => Math.max(0, c - 1));
+        }
+        else if (key.downArrow) {
+            setCursor((c) => Math.min(projects.length - 1, c + 1));
+        }
+        else if (input === " ") {
+            setSelected((prev) => {
+                const next = new Set(prev);
+                if (next.has(cursor))
+                    next.delete(cursor);
+                else
+                    next.add(cursor);
+                return next;
+            });
+        }
+        else if (input === "a") {
+            setSelected((prev) => {
+                if (prev.size === projects.length)
+                    return new Set();
+                return new Set(projects.map((_, i) => i));
+            });
+        }
+        else if (key.return) {
+            const picked = projects.filter((_, i) => selected.has(i));
+            if (picked.length > 0)
+                onConfirm(picked);
+        }
+        else if (input === "q") {
+            onCancel();
+        }
+    });
+    const ecosystemLabel = (eco) => eco === "npm" ? chalk.magenta("npm") : chalk.blue("pip");
+    return (_jsxs(Box, { flexDirection: "column", paddingLeft: 1, children: [_jsxs(Text, { children: [chalk.bold("Dependency Guardian"), "  ", userStatus ? chalk.dim(userStatus) : ""] }), _jsx(Text, { children: "" }), _jsxs(Text, { bold: true, children: ["Found ", projects.length, " project", projects.length !== 1 ? "s" : ""] }), _jsx(Text, { children: "" }), projects.map((proj, i) => {
+                const isCursor = i === cursor;
+                const isSelected = selected.has(i);
+                const prefix = isCursor ? chalk.cyan("\u258C") : " ";
+                const check = isSelected ? chalk.green("\u25C9") : chalk.dim("\u25CB");
+                const ecoCount = `${ecosystemLabel(proj.ecosystem)} ${proj.packageCount} packages`;
+                const ecoCountPlainLen = `${proj.ecosystem} ${proj.packageCount} packages`.length;
+                const fixedPrefixLen = 4;
+                const pathColWidth = Math.max(20, termCols - fixedPrefixLen - ecoCountPlainLen - 3);
+                const path = sanitize(proj.relativePath);
+                const pathTruncated = path.length > pathColWidth
+                    ? path.slice(0, Math.max(1, pathColWidth - 1)) + "\u2026"
+                    : path.padEnd(pathColWidth);
+                return (_jsxs(Text, { ...(isCursor ? { backgroundColor: "#1a1a2e" } : {}), wrap: "truncate-end", children: [prefix, check, "  ", pathTruncated, " ", ecoCount] }, i));
+            }), _jsx(Text, { children: "" }), _jsx(Text, { dimColor: true, children: selected.size === 0
+                    ? chalk.yellow("Select at least 1 project to scan")
+                    : `${selected.size} of ${projects.length} selected` }), _jsx(Text, { children: "" }), _jsxs(Text, { children: [chalk.bold.cyan("space"), " ", chalk.dim("toggle"), "   ", chalk.bold.cyan("a"), " ", chalk.dim("all"), "   ", chalk.bold.hex('#FFD700')("\u23CE"), " ", chalk.bold.hex('#FFD700')("scan"), "   ", chalk.bold.cyan("q"), " ", chalk.dim("quit")] })] }));
+};

package/dist/scan-ui/components/ScoreHeader.js

@@ -0,0 +1,20 @@
+import { jsxs as _jsxs, jsx as _jsx, Fragment as _Fragment } from "react/jsx-runtime";
+import { Text, Box } from "ink";
+import chalk from "chalk";
+import { useTerminalSize } from "../hooks/useTerminalSize.js";
+import { renderLogo } from "../logo.js";
+function scoreColor(score, action) {
+    const colorFn = action === "block" ? chalk.red.bold :
+        action === "warn" ? chalk.yellow.bold :
+            action === "analysis_incomplete" ? chalk.cyan.bold :
+                chalk.green.bold;
+    return colorFn(String(score));
+}
+export const ScoreHeader = ({ score, action, total, flagged, clean, userStatus, scanUsage, usageNearLimit, }) => {
+    const logo = renderLogo(action);
+    const { cols } = useTerminalSize();
+    const showLogo = cols >= 60;
+    return (_jsx(Box, { flexDirection: "column", borderStyle: "round", borderColor: action === "block" ? "red" : action === "warn" ? "yellow" : action === "analysis_incomplete" ? "cyan" : "green", paddingLeft: 1, paddingRight: 1, width: "100%", children: _jsxs(Box, { flexDirection: "row", children: [_jsxs(Box, { flexDirection: "column", flexGrow: 1, children: [_jsxs(Text, { bold: true, children: ["Dependency Guardian  ", userStatus ?? ""] }), _jsx(Text, { children: " " }), _jsxs(Text, { children: [chalk.dim("Score"), "  ", scoreColor(score, action)] }), total !== undefined && (_jsxs(_Fragment, { children: [_jsx(Text, { children: " " }), _jsxs(Text, { children: [chalk.dim(`${total} package${total !== 1 ? "s" : ""} scanned`), flagged !== undefined && flagged > 0 ? (_jsxs(_Fragment, { children: ["    ", chalk.yellow(`${flagged} flagged`), "    ", chalk.green(`${clean ?? 0} clean`)] })) : (_jsxs(_Fragment, { children: ["    ", chalk.green("all clean")] }))] }), scanUsage && (usageNearLimit
+                                    ? _jsxs(Text, { color: "yellow", children: [scanUsage, "  \u2191 dg upgrade for Pro"] })
+                                    : _jsx(Text, { dimColor: true, children: scanUsage }))] }))] }), showLogo && (_jsx(Box, { flexDirection: "column", marginLeft: 2, children: logo.map((line, i) => _jsx(Text, { children: line }, i)) }))] }) }));
+};

package/dist/scan-ui/components/SetupBanner.js

@@ -0,0 +1,13 @@
+import { jsx as _jsx, jsxs as _jsxs } from "react/jsx-runtime";
+import { Box, Text } from "ink";
+// Visible alert shown above the scan results when the user's DG setup has
+// gaps — missing api key, missing pre-commit hook, etc. Renders nothing
+// when issues is empty so it's free to drop in unconditionally.
+//
+// Yellow border, single line per issue, fix command in cyan so the user
+// can copy-paste it.
+export const SetupBanner = ({ issues }) => {
+    if (issues.length === 0)
+        return null;
+    return (_jsxs(Box, { flexDirection: "column", borderStyle: "round", borderColor: "yellow", paddingLeft: 1, paddingRight: 1, width: "100%", children: [_jsxs(Text, { wrap: "truncate-end", children: [_jsx(Text, { color: "yellow", bold: true, children: "! Setup incomplete" }), _jsxs(Text, { dimColor: true, children: [" \u2014 ", issues.length === 1 ? "1 thing" : `${issues.length} things`, " you haven't set up yet"] })] }), issues.map((issue) => (_jsxs(Text, { wrap: "truncate-end", children: [_jsx(Text, { dimColor: true, children: "  \u00B7 " }), issue.label, _jsx(Text, { dimColor: true, children: " \u2192 " }), _jsx(Text, { color: "cyan", bold: true, children: issue.fix })] }, issue.id)))] }));
+};

package/dist/scan-ui/components/Spinner.js

@@ -0,0 +1,4 @@
+import { jsx as _jsx, jsxs as _jsxs } from "react/jsx-runtime";
+import { Text, Box } from "ink";
+import InkSpinner from "ink-spinner";
+export const Spinner = ({ label }) => (_jsxs(Box, { children: [_jsx(Text, { color: "cyan", children: _jsx(InkSpinner, { type: "dots" }) }), _jsxs(Text, { children: [" ", label] })] }));

package/dist/scan-ui/format-helpers.js

@@ -0,0 +1,40 @@
+export const USAGE_NEAR_LIMIT_RATIO = 0.8;
+// Renders the monthly package-usage readout shown on every scan. `nearLimit`
+// drives the dim → yellow + upgrade-nudge escalation; it's only ever true for
+// a finite limit at/above 80% used.
+export function formatUsage(usage) {
+    const used = usage.used.toLocaleString();
+    if (usage.limit === null) {
+        return { text: `${used} packages this month`, nearLimit: false };
+    }
+    return {
+        text: `${used} / ${usage.limit.toLocaleString()} packages this month`,
+        nearLimit: usage.used / usage.limit >= USAGE_NEAR_LIMIT_RATIO,
+    };
+}
+export function pad(s, len) {
+    return s + " ".repeat(Math.max(0, len - s.length));
+}
+export function truncate(s, max) {
+    return s.length <= max ? s : s.slice(0, max - 1) + "…";
+}
+export function groupPackages(packages, keyBy = "name") {
+    const map = new Map();
+    for (const pkg of packages) {
+        const fingerprint = pkg.findings.length === 0
+            ? `__clean_${pkg.score}`
+            : pkg.findings
+                .map((f) => `${f.category ?? ""}:${f.severity}`)
+                .sort()
+                .join("|") + `|score:${pkg.score}`;
+        const group = map.get(fingerprint) ?? [];
+        group.push(pkg);
+        map.set(fingerprint, group);
+    }
+    return [...map.entries()]
+        .map(([fingerprint, pkgs]) => ({
+        packages: pkgs,
+        key: keyBy === "fingerprint" ? fingerprint : pkgs[0]?.name ?? "",
+    }))
+        .sort((a, b) => (b.packages[0]?.score ?? 0) - (a.packages[0]?.score ?? 0));
+}

package/dist/scan-ui/hooks/useExpandAnimation.js

@@ -0,0 +1,40 @@
+import { useState, useEffect, useRef } from "react";
+export function useExpandAnimation(targetHeight, active, durationMs = 180) {
+    const [visibleLines, setVisibleLines] = useState(0);
+    const timerRef = useRef(null);
+    useEffect(() => {
+        if (timerRef.current) {
+            clearInterval(timerRef.current);
+            timerRef.current = null;
+        }
+        if (!active || targetHeight <= 0) {
+            setVisibleLines(0);
+            return;
+        }
+        const intervalMs = Math.max(16, Math.floor(durationMs / targetHeight));
+        let current = 1;
+        setVisibleLines(1);
+        timerRef.current = setInterval(() => {
+            current++;
+            if (current >= targetHeight) {
+                setVisibleLines(targetHeight);
+                if (timerRef.current)
+                    clearInterval(timerRef.current);
+                timerRef.current = null;
+            }
+            else {
+                setVisibleLines(current);
+            }
+        }, intervalMs);
+        return () => {
+            if (timerRef.current) {
+                clearInterval(timerRef.current);
+                timerRef.current = null;
+            }
+        };
+    }, [active, targetHeight, durationMs]);
+    return {
+        visibleLines: active ? visibleLines : 0,
+        isAnimating: active && visibleLines > 0 && visibleLines < targetHeight,
+    };
+}

package/dist/scan-ui/hooks/useScan.js

@@ -0,0 +1,113 @@
+import { useReducer, useEffect, useRef, useCallback, useState } from "react";
+import { analyzePackages, AnalyzeError, mergeAnalyzeResponses } from "../../api/analyze.js";
+import { collectScanPackages, discoverScanProjectsAsync } from "../../scan/collect.js";
+function reducer(_state, action) {
+    switch (action.type) {
+        case "PROJECTS_FOUND":
+        case "RESTART_SELECTION":
+            return { phase: "selecting", projects: action.projects };
+        case "DISCOVERY_PROGRESS":
+            return { phase: "discovering", path: action.path, found: action.found };
+        case "DISCOVERY_COMPLETE":
+            return { phase: "scanning", done: 0, total: action.total, currentBatch: [] };
+        case "DISCOVERY_EMPTY":
+            return { phase: "empty", message: action.message };
+        case "SCAN_PROGRESS":
+            return { phase: "scanning", done: action.done, total: action.total, currentBatch: action.currentBatch };
+        case "SCAN_COMPLETE":
+            return {
+                phase: "results",
+                result: action.result,
+                durationMs: action.durationMs,
+                skippedCount: action.skippedCount,
+                ...(action.discoveredTotal !== undefined ? { discoveredTotal: action.discoveredTotal } : {})
+            };
+        case "ERROR":
+            return { phase: "error", error: action.error };
+        case "FREE_CAP_REACHED":
+            return { phase: "free_cap_reached", scansUsed: action.scansUsed, maxScans: action.maxScans, capReason: action.capReason };
+    }
+}
+export function useScan(config) {
+    const [state, dispatch] = useReducer(reducer, { phase: "discovering" });
+    const started = useRef(false);
+    const [multiProjects, setMultiProjects] = useState(null);
+    useEffect(() => {
+        if (started.current) {
+            return;
+        }
+        started.current = true;
+        void (async () => {
+            const projects = await discoverScanProjectsAsync(process.cwd(), (progress) => {
+                dispatch({ type: "DISCOVERY_PROGRESS", path: progress.path, found: progress.found });
+            });
+            if (projects.length === 0) {
+                dispatch({ type: "DISCOVERY_EMPTY", message: "No dependency lockfiles found." });
+                return;
+            }
+            if (projects.length > 1) {
+                setMultiProjects(projects);
+                dispatch({ type: "PROJECTS_FOUND", projects });
+                return;
+            }
+            await scanProjects(projects, dispatch);
+        })();
+    }, [config]);
+    const scanSelectedProjects = useCallback((projects) => {
+        void scanProjects(projects, dispatch);
+    }, []);
+    const restartSelection = useCallback(() => {
+        if (multiProjects) {
+            dispatch({ type: "RESTART_SELECTION", projects: multiProjects });
+        }
+    }, [multiProjects]);
+    return {
+        state,
+        scanSelectedProjects,
+        restartSelection: multiProjects ? restartSelection : null
+    };
+}
+async function scanProjects(projects, dispatch) {
+    try {
+        const { byEcosystem, skipped } = collectScanPackages(projects);
+        const total = [...byEcosystem.values()].reduce((sum, list) => sum + list.length, 0);
+        if (total === 0) {
+            dispatch({ type: "DISCOVERY_EMPTY", message: "No packages to scan." });
+            return;
+        }
+        dispatch({ type: "DISCOVERY_COMPLETE", total });
+        const startMs = Date.now();
+        const responses = [];
+        let completed = 0;
+        for (const [ecosystem, packages] of byEcosystem) {
+            const base = completed;
+            responses.push(await analyzePackages(packages, {
+                ecosystem,
+                onProgress: (done, _ecosystemTotal, currentBatch) => {
+                    dispatch({ type: "SCAN_PROGRESS", done: base + done, total, currentBatch: [...currentBatch] });
+                }
+            }));
+            completed = base + packages.length;
+        }
+        dispatch({
+            type: "SCAN_COMPLETE",
+            result: mergeAnalyzeResponses(responses),
+            durationMs: Date.now() - startMs,
+            skippedCount: skipped,
+            discoveredTotal: total
+        });
+    }
+    catch (error) {
+        if (error instanceof AnalyzeError && (error.statusCode === 402 || error.statusCode === 429)) {
+            const body = (error.body ?? {});
+            dispatch({
+                type: "FREE_CAP_REACHED",
+                scansUsed: body.scansUsed ?? 0,
+                maxScans: body.maxScans ?? 0,
+                capReason: body.reason === "prefix_cap" ? "prefix_cap" : "monthly_limit"
+            });
+            return;
+        }
+        dispatch({ type: "ERROR", error: error instanceof Error ? error : new Error(String(error)) });
+    }
+}

package/dist/scan-ui/hooks/useTerminalSize.js

@@ -0,0 +1,24 @@
+import { useState, useEffect } from "react";
+import { useStdout } from "ink";
+export function useTerminalSize() {
+    const { stdout } = useStdout();
+    const [size, setSize] = useState({
+        rows: stdout?.rows ?? process.stdout.rows ?? 24,
+        cols: stdout?.columns ?? process.stdout.columns ?? 80,
+    });
+    useEffect(() => {
+        const handle = () => {
+            setSize({
+                rows: process.stdout.rows ?? 24,
+                cols: process.stdout.columns ?? 80,
+            });
+        };
+        process.stdout.setMaxListeners(process.stdout.getMaxListeners() + 1);
+        process.stdout.on("resize", handle);
+        return () => {
+            process.stdout.off("resize", handle);
+            process.stdout.setMaxListeners(Math.max(0, process.stdout.getMaxListeners() - 1));
+        };
+    }, []);
+    return size;
+}

package/dist/scan-ui/launch.js

@@ -0,0 +1,27 @@
+import { loadUserConfig } from "../config/settings.js";
+import { resolvePresentation } from "../presentation/mode.js";
+export function shouldLaunchScanTui(options) {
+    if (options.format !== "text" || options.outputPath) {
+        return false;
+    }
+    if (options.targetPath !== ".") {
+        return false;
+    }
+    return resolvePresentation().mode === "rich";
+}
+export async function launchScanTui(initialView = "results") {
+    const ci = process.env.CI;
+    if (ci === "" || ci === "0" || ci === "false") {
+        delete process.env.CI;
+    }
+    const [{ render }, react, app] = await Promise.all([
+        import("ink"),
+        import("react"),
+        import("./LegacyApp.js")
+    ]);
+    const policyMode = loadUserConfig().policy.mode;
+    const mode = policyMode === "off" ? "off" : policyMode === "warn" ? "warn" : "block";
+    const config = { mode };
+    const instance = render(react.default.createElement(app.App, { config, initialView }), { exitOnCtrlC: true });
+    await instance.waitUntilExit();
+}

package/dist/scan-ui/logo.js

@@ -0,0 +1,91 @@
+import chalk from "chalk";
+function plot(grid, x, y, type) {
+    const row = grid[y];
+    if (!row || x < 0 || x >= row.length)
+        return;
+    row[x] = Math.max(row[x] ?? 0, type);
+}
+function bresenham(grid, x0, y0, x1, y1, type) {
+    const dx = Math.abs(x1 - x0), dy = Math.abs(y1 - y0);
+    const sx = x0 < x1 ? 1 : -1, sy = y0 < y1 ? 1 : -1;
+    let err = dx - dy, x = x0, y = y0;
+    while (true) {
+        plot(grid, x, y, type);
+        if (x === x1 && y === y1)
+            break;
+        const e2 = 2 * err;
+        if (e2 > -dy) {
+            err -= dy;
+            x += sx;
+        }
+        if (e2 < dx) {
+            err += dx;
+            y += sy;
+        }
+    }
+}
+function fillCircle(grid, cx, cy, r, type) {
+    for (let y = Math.floor(cy - r); y <= Math.ceil(cy + r); y++)
+        for (let x = Math.floor(cx - r); x <= Math.ceil(cx + r); x++)
+            if ((x - cx) ** 2 + (y - cy) ** 2 <= r * r)
+                plot(grid, x, y, type);
+}
+const LOGO_DATA = (() => {
+    const W = 22, H = 28;
+    const grid = Array.from({ length: H }, () => Array(W).fill(0));
+    const cx = 11, cy = 14, R = 10;
+    const angles = [270, 315, 0, 45, 90, 135, 180, 225];
+    const nodes = angles.map(a => {
+        const rad = a * Math.PI / 180;
+        return [Math.round(cx + R * Math.cos(rad)), Math.round(cy + R * Math.sin(rad))];
+    });
+    for (const [nx, ny] of nodes)
+        bresenham(grid, cx, cy, nx, ny, 1);
+    nodes.forEach(([nx, ny], i) => fillCircle(grid, nx, ny, 1.5, i === 1 ? 4 : 2));
+    fillCircle(grid, cx, cy, 3, 3);
+    const chars = [];
+    const types = [];
+    for (let row = 0; row < H; row += 4) {
+        for (let col = 0; col < W; col += 2) {
+            let bits = 0, maxType = 0;
+            const offsets = [
+                [0, 0, 1], [1, 0, 2], [2, 0, 4], [3, 0, 64],
+                [0, 1, 8], [1, 1, 16], [2, 1, 32], [3, 1, 128],
+            ];
+            for (const [dy, dx, bit] of offsets) {
+                const py = row + dy, px = col + dx;
+                const cell = grid[py]?.[px] ?? 0;
+                if (py < H && px < W && cell > 0) {
+                    bits |= bit;
+                    maxType = Math.max(maxType, cell);
+                }
+            }
+            chars.push(String.fromCharCode(0x2800 + bits));
+            types.push(maxType);
+        }
+    }
+    return { chars, types, cols: W / 2 };
+})();
+export function renderLogo(action) {
+    const colors = {
+        1: chalk.dim,
+        2: chalk.white,
+        3: (s) => chalk.bold.white(s),
+        4: action === "block" ? chalk.red
+            : action === "warn" ? chalk.yellow
+                : action === "analysis_incomplete" ? chalk.cyan
+                    : chalk.green,
+    };
+    const result = [];
+    const { chars, types, cols } = LOGO_DATA;
+    for (let i = 0; i < chars.length; i += cols) {
+        let row = "";
+        for (let j = 0; j < cols; j++) {
+            const ch = chars[i + j] ?? "";
+            const t = types[i + j] ?? 0;
+            row += t > 0 ? (colors[t] ?? chalk.dim)(ch) : ch;
+        }
+        result.push(row);
+    }
+    return result;
+}

package/dist/scan-ui/shims.js

@@ -0,0 +1,30 @@
+import { authStatus } from "../auth/store.js";
+export function isLoggedIn() {
+    try {
+        return authStatus().authenticated;
+    }
+    catch {
+        return false;
+    }
+}
+export function getStoredApiKey() {
+    try {
+        const status = authStatus();
+        return status.authenticated ? status.tokenPreview : null;
+    }
+    catch {
+        return null;
+    }
+}
+export function scanExitCode(action, mode) {
+    if (action === "block") {
+        return 2;
+    }
+    if (action === "warn") {
+        return mode === "strict" ? 2 : 1;
+    }
+    if (action === "analysis_incomplete") {
+        return 4;
+    }
+    return 0;
+}

package/dist/security/sanitize.js

@@ -0,0 +1,28 @@
+import { stripVTControlCharacters } from "node:util";
+export function sanitize(s) {
+    return stripVTControlCharacters(s);
+}
+export function sanitizeDeep(value) {
+    if (typeof value === "string") {
+        return stripVTControlCharacters(value);
+    }
+    if (value === null || value === undefined) {
+        return value;
+    }
+    if (Array.isArray(value)) {
+        return value.map((v) => sanitizeDeep(v));
+    }
+    if (typeof value === "object") {
+        const src = value;
+        const out = {};
+        for (const k of Object.keys(src)) {
+            const cleanKey = stripVTControlCharacters(k);
+            out[cleanKey] = sanitizeDeep(src[k]);
+        }
+        return out;
+    }
+    return value;
+}
+export function sanitizeResponse(response) {
+    return sanitizeDeep(response);
+}