actions-up 1.12.0 → 1.13.0

package/dist/cli/build-json-report.d.ts

@@ -0,0 +1,257 @@
+import { ActionUpdate } from '../types/action-update';
+import { ScanResult } from '../types/scan-result';
+import { UpdateMode } from '../types/update-mode';
+/**
+ * High-level status of a JSON report.
+ */
+export type JsonReportStatus = 'updates-available' | 'no-actions-found' | 'nothing-to-check' | 'up-to-date';
+/**
+ * Options used to build a JSON report from the current CLI state.
+ */
+interface BuildJsonReportOptions {
+    /**
+     * Updates excluded by the selected update mode.
+     */
+    blockedByMode: ActionUpdate[];
+    /**
+     * Number of actions that were actually checked after excludes.
+     */
+    actionsToCheckCount: number;
+    /**
+     * Regex patterns supplied through `--exclude`.
+     */
+    excludePatterns: string[];
+    /**
+     * Whether branch references were included in update checks.
+     */
+    includeBranches: boolean;
+    /**
+     * Updates that remain actionable after all filters.
+     */
+    outdated: ActionUpdate[];
+    /**
+     * Final report status.
+     */
+    status: JsonReportStatus;
+    /**
+     * Updates skipped during processing, such as branch references.
+     */
+    skipped: ActionUpdate[];
+    /**
+     * Aggregate scan result for the current run.
+     */
+    scanResult: ScanResult;
+    /**
+     * Directories resolved for scanning.
+     */
+    directories: string[];
+    /**
+     * Whether recursive scanning mode is enabled.
+     */
+    recursive: boolean;
+    /**
+     * Effective update mode for the run.
+     */
+    mode: UpdateMode;
+    /**
+     * Minimum age filter in days.
+     */
+    minAge: number;
+    /**
+     * Working directory used for relative path normalization.
+     */
+    cwd?: string;
+}
+/**
+ * Serialized update entry in the JSON report.
+ */
+interface JsonReportUpdate {
+    /**
+     * Reason why this entry was skipped, if any.
+     */
+    skipReason: ActionUpdate['skipReason'] | null;
+    /**
+     * Processing status for this entry.
+     */
+    status: NonNullable<ActionUpdate['status']>;
+    /**
+     * Version currently used in the workflow or action file.
+     */
+    currentVersion: string | null;
+    /**
+     * Latest version found for this dependency.
+     */
+    latestVersion: string | null;
+    /**
+     * Release publication date in ISO format.
+     */
+    publishedAt: string | null;
+    /**
+     * Original action reference metadata.
+     */
+    action: JsonReportAction;
+    /**
+     * Resolved SHA for the target version.
+     */
+    latestSha: string | null;
+    /**
+     * Whether this update crosses a major version boundary.
+     */
+    isBreaking: boolean;
+    /**
+     * Whether an update is available for this entry.
+     */
+    hasUpdate: boolean;
+}
+/**
+ * Aggregate counts included in the JSON report.
+ */
+interface JsonReportSummary {
+    /**
+     * Number of composite actions discovered during scanning.
+     */
+    totalCompositeActions: number;
+    /**
+     * Number of breaking updates among actionable updates.
+     */
+    totalBreakingUpdates: number;
+    /**
+     * Number of actions checked after excludes.
+     */
+    totalActionsChecked: number;
+    /**
+     * Number of updates filtered out by `--mode`.
+     */
+    totalBlockedByMode: number;
+    /**
+     * Number of workflows discovered during scanning.
+     */
+    totalWorkflows: number;
+    /**
+     * Total number of action references found during scanning.
+     */
+    totalActions: number;
+    /**
+     * Number of skipped entries in the report.
+     */
+    totalSkipped: number;
+    /**
+     * Number of actionable updates in the report.
+     */
+    totalUpdates: number;
+}
+/**
+ * Serialized action reference included in each update entry.
+ */
+interface JsonReportAction {
+    /**
+     * Action reference type detected during scanning.
+     */
+    type: ActionUpdate['action']['type'];
+    /**
+     * Original version or ref from the file, if available.
+     */
+    version: string | null;
+    /**
+     * Relative or absolute file path for the action reference.
+     */
+    file: string | null;
+    /**
+     * Line number of the action reference.
+     */
+    line: number | null;
+    /**
+     * Original `uses` value, if available.
+     */
+    uses: string | null;
+    /**
+     * Workflow job name, when applicable.
+     */
+    job: string | null;
+    /**
+     * Full `owner/repo@ref` string, when available.
+     */
+    ref: string | null;
+    /**
+     * Normalized action name.
+     */
+    name: string;
+}
+/**
+ * Effective CLI options serialized into the report.
+ */
+interface JsonReportOptions {
+    /**
+     * Regex patterns supplied through `--exclude`.
+     */
+    excludePatterns: string[];
+    /**
+     * Whether branch references were checked.
+     */
+    includeBranches: boolean;
+    /**
+     * Resolved scan directories.
+     */
+    directories: string[];
+    /**
+     * Whether recursive scanning mode is enabled.
+     */
+    recursive: boolean;
+    /**
+     * Effective update mode.
+     */
+    mode: UpdateMode;
+    /**
+     * Indicates that JSON mode never applies changes.
+     */
+    reportOnly: true;
+    /**
+     * Minimum age filter in days.
+     */
+    minAge: number;
+    /**
+     * Indicates that this payload came from `--json`.
+     */
+    json: true;
+}
+/**
+ * Top-level machine-readable report emitted by `--json`.
+ */
+interface JsonReport {
+    /**
+     * Entries filtered out by the selected update mode.
+     */
+    blockedByMode: JsonReportUpdate[];
+    /**
+     * Entries skipped during update checks.
+     */
+    skipped: JsonReportUpdate[];
+    /**
+     * Actionable updates after filtering.
+     */
+    updates: JsonReportUpdate[];
+    /**
+     * Effective options that shaped the report.
+     */
+    options: JsonReportOptions;
+    /**
+     * Aggregate counts for the current run.
+     */
+    summary: JsonReportSummary;
+    /**
+     * Overall outcome for the current run.
+     */
+    status: JsonReportStatus;
+    /**
+     * Version of the JSON payload schema.
+     */
+    schemaVersion: 1;
+}
+/**
+ * Build the machine-readable JSON report returned by `--json`.
+ *
+ * @param options - Current CLI state and computed update data.
+ * @returns Serializable JSON payload for stdout.
+ */
+export declare function buildJsonReport(options: BuildJsonReportOptions): JsonReport;
+export {};

package/dist/cli/build-json-report.js

@@ -0,0 +1,64 @@
+import { isAbsolute, relative, resolve } from "node:path";
+function buildJsonReport(e) {
+	let n = resolve(e.cwd ?? process.cwd());
+	return {
+		summary: {
+			totalBreakingUpdates: e.outdated.filter((e) => e.isBreaking).length,
+			totalCompositeActions: e.scanResult.compositeActions.size,
+			totalWorkflows: e.scanResult.workflows.size,
+			totalActionsChecked: e.actionsToCheckCount,
+			totalBlockedByMode: e.blockedByMode.length,
+			totalActions: e.scanResult.actions.length,
+			totalUpdates: e.outdated.length,
+			totalSkipped: e.skipped.length
+		},
+		options: {
+			directories: e.directories.map((e) => serializeDirectoryPath(e, n)),
+			excludePatterns: e.excludePatterns,
+			includeBranches: e.includeBranches,
+			recursive: e.recursive,
+			minAge: e.minAge,
+			mode: e.mode,
+			reportOnly: !0,
+			json: !0
+		},
+		blockedByMode: e.blockedByMode.map((e) => serializeUpdate(e, n)),
+		updates: e.outdated.map((e) => serializeUpdate(e, n)),
+		skipped: e.skipped.map((e) => serializeUpdate(e, n)),
+		status: e.status,
+		schemaVersion: 1
+	};
+}
+function serializeUpdate(e, n) {
+	return {
+		action: {
+			file: serializePath(e.action.file, n),
+			version: e.action.version ?? null,
+			line: e.action.line ?? null,
+			uses: e.action.uses ?? null,
+			job: e.action.job ?? null,
+			ref: e.action.ref ?? null,
+			name: e.action.name,
+			type: e.action.type
+		},
+		publishedAt: e.publishedAt?.toISOString() ?? null,
+		currentVersion: e.currentVersion,
+		skipReason: e.skipReason ?? null,
+		latestVersion: e.latestVersion,
+		isBreaking: e.isBreaking,
+		status: e.status ?? "ok",
+		hasUpdate: e.hasUpdate,
+		latestSha: e.latestSha
+	};
+}
+function serializePath(r, i, a = null) {
+	if (!r) return null;
+	if (!isAbsolute(r)) return r;
+	let o = relative(i, r);
+	return o === "" ? a ?? r : o.startsWith("..") || isAbsolute(o) ? r : o;
+}
+function serializeDirectoryPath(r, i) {
+	let a = relative(i, r);
+	return a === "" ? "." : a.startsWith("..") || isAbsolute(a) ? r : a;
+}
+export { buildJsonReport };

package/dist/cli/index.d.ts

@@ -1,2 +1,4 @@
-/** Run the CLI. */
+/**
+ * Run the CLI.
+ */
 export declare function run(): void;

package/dist/cli/index.js

@@ -8,127 +8,186 @@ import { getUpdateLevel } from "../core/versions/get-update-level.js";
 import { applyUpdates } from "../core/ast/update/apply-updates.js";
 import { printSkippedWarning } from "./print-skipped-warning.js";
 import { normalizeUpdateMode } from "./normalize-update-mode.js";
+import { validateCliOptions } from "./validate-cli-options.js";
 import { shouldIgnore } from "../core/ignore/should-ignore.js";
 import { checkUpdates } from "../core/api/check-updates.js";
 import { mergeScanResults } from "./merge-scan-results.js";
 import { printModeWarning } from "./print-mode-warning.js";
 import { scanRecursive } from "../core/scan-recursive.js";
+import { buildJsonReport } from "./build-json-report.js";
 import { scanGitHubActions } from "../core/scan-github-actions.js";
 import "../core/index.js";
 import { version } from "../package.js";
 import { createSpinner } from "nanospinner";
+import { resolve } from "node:path";
 import "node:worker_threads";
 import pc from "picocolors";
 import cac from "cac";
 function run() {
-	let b = cac("actions-up");
-	b.help().version(version).option("--dir <directory>", "Directory to scan (repeatable). Default: .github, or . with --recursive").option("--dry-run", "Preview changes without applying them").option("--exclude <regex>", "Exclude actions by regex (repeatable)").option("--include-branches", "Also check actions pinned to branches (default: false)").option("--min-age <days>", "Minimum age in days for updates (default: 0)", { default: 0 }).option("--mode <mode>", "Update mode: major, minor, or patch (default: major)", { default: "major" }).option("--recursive, -r", "Recursively scan directories for YAML files").option("--yes, -y", "Skip all confirmations").command("", "Update GitHub Actions").action(async (v) => {
-		console.info(pc.cyan("\n🚀 Actions Up!\n"));
-		let y = createSpinner("Scanning GitHub Actions...").start(), b = resolveScanDirectories({
-			recursive: v.recursive,
+	let C = cac("actions-up");
+	C.help().version(version).option("--dir <directory>", "Directory to scan (repeatable). Default: .github, or . with --recursive").option("--dry-run", "Preview changes without applying them").option("--exclude <regex>", "Exclude actions by regex (repeatable)").option("--include-branches", "Also check actions pinned to branches (default: false)").option("--json", "Output update information as machine-readable JSON").option("--min-age <days>", "Minimum age in days for updates (default: 0)", { default: 0 }).option("--mode <mode>", "Update mode: major, minor, or patch (default: major)", { default: "major" }).option("--recursive, -r", "Recursively scan directories for YAML files").option("--yes, -y", "Skip all confirmations").command("", "Update GitHub Actions").action(async (b) => {
+		let S = b.json ?? !1, C = null, w = resolveScanDirectories({
+			recursive: b.recursive,
 			cwd: process.cwd(),
-			dir: v.dir
-		});
+			dir: b.dir
+		}), T = w.map(({ root: e, dir: f }) => resolve(e, f)), E = b.includeBranches ?? !1, D = normalizeUpdateMode(b.mode), O = [];
+		Array.isArray(b.exclude) ? O.push(...b.exclude) : typeof b.exclude == "string" && O.push(b.exclude);
+		let k = O.flatMap((e) => e.split(",")).map((e) => e.trim()).filter(Boolean);
 		try {
-			let m = mergeScanResults(v.recursive ? await Promise.all(b.map(({ root: t, dir: u }) => scanRecursive(t, u))) : await Promise.all(b.map(({ root: t, dir: u }) => scanGitHubActions(t, u)))), x = m.actions.length, S = m.workflows.size, C = m.compositeActions.size;
-			if (y.success(`Found ${pc.yellow(x)} actions in ${pc.yellow(S)} workflows and ${pc.yellow(C)} composite actions`), x === 0) {
+			validateCliOptions({
+				yes: b.yes,
+				json: S
+			}), S || (console.info(pc.cyan("\n🚀 Actions Up!\n")), C = createSpinner("Scanning GitHub Actions...").start());
+			function g({ actionsToCheckCount: e, blockedByMode: f = [], outdated: p = [], skipped: m = [], scanResult: h, status: g }) {
+				process.stdout.write(`${JSON.stringify(buildJsonReport({
+					recursive: b.recursive ?? !1,
+					excludePatterns: k,
+					directories: T,
+					minAge: b.minAge,
+					actionsToCheckCount: e,
+					includeBranches: E,
+					blockedByMode: f,
+					scanResult: h,
+					outdated: p,
+					skipped: m,
+					status: g,
+					mode: D
+				}), null, 2)}\n`);
+			}
+			let y = mergeScanResults(b.recursive ? await Promise.all(w.map(({ root: e, dir: f }) => scanRecursive(e, f))) : await Promise.all(w.map(({ root: e, dir: f }) => scanGitHubActions(e, f)))), x = y.actions.length, O = y.workflows.size, A = y.compositeActions.size;
+			if (C?.success(`Found ${pc.yellow(x)} actions in ${pc.yellow(O)} workflows and ${pc.yellow(A)} composite actions`), x === 0) {
+				if (S) {
+					g({
+						status: "no-actions-found",
+						actionsToCheckCount: 0,
+						scanResult: y
+					});
+					return;
+				}
 				console.info(pc.green("\n✨ No GitHub Actions found in this repository"));
 				return;
 			}
-			let w = m.actions, T = [];
-			Array.isArray(v.exclude) ? T.push(...v.exclude) : typeof v.exclude == "string" && T.push(v.exclude);
-			let E = T.flatMap((t) => t.split(",")).map((t) => t.trim()).filter(Boolean);
-			if (E.length > 0) {
-				let { parseExcludePatterns: t } = await import("../core/filters/parse-exclude-patterns.js"), u = t(E);
-				u.length > 0 && (w = w.filter((t) => {
-					let { name: d } = t;
-					for (let t of u) if (t.test(d)) return !1;
+			let j = y.actions;
+			if (k.length > 0) {
+				let { parseExcludePatterns: e } = await import("../core/filters/parse-exclude-patterns.js"), f = e(k);
+				f.length > 0 && (j = j.filter((e) => {
+					let { name: p } = e;
+					for (let e of f) if (e.test(p)) return !1;
 					return !0;
 				}));
 			}
-			if (y = createSpinner("Checking for updates...").start(), w.length === 0) {
-				y.success("No actions to check after excludes"), console.info(pc.green("\n✨ Nothing to check after excludes\n"));
+			if (S || (C = createSpinner("Checking for updates...").start()), j.length === 0) {
+				if (C?.success("No actions to check after excludes"), S) {
+					g({
+						status: "nothing-to-check",
+						actionsToCheckCount: 0,
+						scanResult: y
+					});
+					return;
+				}
+				console.info(pc.green("\n✨ Nothing to check after excludes\n"));
 				return;
 			}
-			let D = process.env.GITHUB_TOKEN, O = createGitHubClient(D), k = v.includeBranches ?? !1, A = await checkUpdates(w, D, {
-				client: O,
-				includeBranches: k
-			}), j = [];
-			await Promise.all(A.map(async (t) => {
-				await shouldIgnore(t.action.file, t.action.line) || j.push(t);
+			let M = process.env.GITHUB_TOKEN, N = createGitHubClient(M), P = await checkUpdates(j, M, {
+				client: N,
+				includeBranches: E
+			}), F = [];
+			await Promise.all(P.map(async (e) => {
+				await shouldIgnore(e.action.file, e.action.line) || F.push(e);
 			}));
-			let M = j.filter((t) => t.status === "skipped"), N = j.filter((t) => t.hasUpdate), P = v.minAge * 24 * 60 * 60 * 1e3, F = Date.now();
-			N = N.filter((t) => t.publishedAt ? F - t.publishedAt.getTime() >= P : !0);
-			let I = normalizeUpdateMode(v.mode), L = [];
-			if (I !== "major") {
-				let d = /* @__PURE__ */ new Map(), p = /* @__PURE__ */ new Map(), m = /* @__PURE__ */ new Map(), h = await Promise.all(N.map(async (d) => {
-					let f = d.currentVersion;
-					if (isSha(d.currentVersion)) {
-						let u = await readInlineVersionComment(d.action.file, d.action.line, m);
-						u && (f = u);
+			let I = F.filter((e) => e.status === "skipped"), L = F.filter((e) => e.hasUpdate), R = b.minAge * 24 * 60 * 60 * 1e3, z = Date.now();
+			L = L.filter((e) => e.publishedAt ? z - e.publishedAt.getTime() >= R : !0);
+			let B = [];
+			if (D !== "major") {
+				let p = /* @__PURE__ */ new Map(), h = /* @__PURE__ */ new Map(), g = /* @__PURE__ */ new Map(), _ = await Promise.all(L.map(async (p) => {
+					let m = p.currentVersion;
+					if (isSha(p.currentVersion)) {
+						let f = await readInlineVersionComment(p.action.file, p.action.line, g);
+						f && (m = f);
 					}
-					let p = getUpdateLevel(f, d.latestVersion);
+					let h = getUpdateLevel(m, p.latestVersion);
 					return {
-						effectiveCurrentVersion: f,
-						allowed: I === "minor" ? p === "minor" || p === "patch" || p === "none" : p === "patch" || p === "none",
-						update: d
+						effectiveCurrentVersion: m,
+						allowed: D === "minor" ? h === "minor" || h === "patch" || h === "none" : h === "patch" || h === "none",
+						update: p
 					};
-				})), g = [], _ = await Promise.all(h.map(async (t) => {
-					if (t.allowed) return { update: t.update };
-					let u = await getCompatibleUpdate(O, {
-						currentVersion: t.effectiveCurrentVersion,
-						actionName: t.update.action.name,
-						tagsCache: d,
-						shaCache: p,
-						mode: I
+				})), v = [], y = await Promise.all(_.map(async (e) => {
+					if (e.allowed) return { update: e.update };
+					let f = await getCompatibleUpdate(N, {
+						currentVersion: e.effectiveCurrentVersion,
+						actionName: e.update.action.name,
+						tagsCache: p,
+						shaCache: h,
+						mode: D
 					});
-					return u ? { update: {
-						...t.update,
-						latestVersion: u.version,
-						latestSha: u.sha,
+					return f ? { update: {
+						...e.update,
+						latestVersion: f.version,
+						latestSha: f.sha,
 						isBreaking: !1,
 						hasUpdate: !0
-					} } : { blocked: t.update };
+					} } : { blocked: e.update };
 				}));
-				for (let t of _) {
-					if (t.update) {
-						g.push(t.update);
+				for (let e of y) {
+					if (e.update) {
+						v.push(e.update);
 						continue;
 					}
-					L.push(t.blocked);
+					B.push(e.blocked);
+				}
+				L = v;
+			}
+			let V = L.filter((e) => e.isBreaking);
+			if (L.length === 0) {
+				if (C?.success("All actions are up to date!"), S) {
+					g({
+						actionsToCheckCount: j.length,
+						status: "up-to-date",
+						blockedByMode: B,
+						scanResult: y,
+						skipped: I
+					});
+					return;
 				}
-				N = g;
+				I.length > 0 && printSkippedWarning(I, E), B.length > 0 && printModeWarning(B, D), console.info(pc.green("\n✨ Everything is already at the latest version!\n"));
+				return;
 			}
-			let R = N.filter((t) => t.isBreaking);
-			if (N.length === 0) {
-				y.success("All actions are up to date!"), M.length > 0 && printSkippedWarning(M, k), L.length > 0 && printModeWarning(L, I), console.info(pc.green("\n✨ Everything is already at the latest version!\n"));
+			if (C?.success(`Found ${pc.yellow(L.length)} updates available${V.length > 0 ? ` (${pc.redBright(V.length)} breaking)` : ""}`), S) {
+				g({
+					actionsToCheckCount: j.length,
+					status: "updates-available",
+					blockedByMode: B,
+					scanResult: y,
+					outdated: L,
+					skipped: I
+				});
 				return;
 			}
-			if (y.success(`Found ${pc.yellow(N.length)} updates available${R.length > 0 ? ` (${pc.redBright(R.length)} breaking)` : ""}`), M.length > 0 && printSkippedWarning(M, k), L.length > 0 && printModeWarning(L, I), v.dryRun) {
+			if (I.length > 0 && printSkippedWarning(I, E), B.length > 0 && printModeWarning(B, D), b.dryRun) {
 				console.info(pc.yellow("\n📋 Dry Run - No changes will be made\n"));
-				for (let t of N) console.info(`${pc.cyan(t.action.file ?? "unknown")}:\n${t.action.name}: ${pc.redBright(t.currentVersion)} → ${pc.green(t.latestVersion)} ${t.latestSha ? pc.gray(`(${t.latestSha.slice(0, 7)})`) : ""}\n`);
-				console.info(pc.gray(`\n${N.length} actions would be updated\n`));
+				for (let e of L) console.info(`${pc.cyan(e.action.file ?? "unknown")}:\n${e.action.name}: ${pc.redBright(e.currentVersion)} → ${pc.green(e.latestVersion)} ${e.latestSha ? pc.gray(`(${e.latestSha.slice(0, 7)})`) : ""}\n`);
+				console.info(pc.gray(`\n${L.length} actions would be updated\n`));
 				return;
 			}
-			if (v.yes) {
-				let t = N.filter((t) => t.latestSha);
-				if (t.length === 0) {
+			if (b.yes) {
+				let e = L.filter((e) => e.latestSha);
+				if (e.length === 0) {
 					console.info(pc.yellow("\n⚠️ No actions with SHA available for update\n"));
 					return;
 				}
-				console.info(pc.yellow(`\n🔄 Updating ${t.length} actions...\n`)), await applyUpdates(t), console.info(pc.green("\n✓ Updates applied successfully!"));
+				console.info(pc.yellow(`\n🔄 Updating ${e.length} actions...\n`)), await applyUpdates(e), console.info(pc.green("\n✓ Updates applied successfully!"));
 			} else {
-				(M.length > 0 || L.length > 0) && console.info("");
-				let t = await promptUpdateSelection(N, { showAge: v.minAge > 0 });
-				if (!t || t.length === 0) {
+				(I.length > 0 || B.length > 0) && console.info("");
+				let e = await promptUpdateSelection(L, { showAge: b.minAge > 0 });
+				if (!e || e.length === 0) {
 					console.info(pc.gray("\nNo updates applied"));
 					return;
 				}
-				console.info(pc.yellow(`\n🔄 Updating ${t.length} selected actions...\n`)), await applyUpdates(t), console.info(pc.green("\n✓ Updates applied successfully!"));
+				console.info(pc.yellow(`\n🔄 Updating ${e.length} selected actions...\n`)), await applyUpdates(e), console.info(pc.green("\n✓ Updates applied successfully!"));
 			}
-		} catch (t) {
-			y.error("Failed"), t instanceof Error && t.name === "GitHubRateLimitError" ? (console.error(pc.yellow("\n⚠️ Rate Limit Exceeded\n")), console.error(t.message), console.error(pc.gray("\nExample: GITHUB_TOKEN=ghp_xxxx actions-up\n"))) : console.error(pc.redBright("\nError:"), t instanceof Error ? t.message : String(t)), process.exit(1);
+		} catch (e) {
+			C?.error("Failed"), e instanceof Error && e.name === "GitHubRateLimitError" ? (console.error(pc.yellow("\n⚠️ Rate Limit Exceeded\n")), console.error(e.message), console.error(pc.gray("\nExample: GITHUB_TOKEN=ghp_xxxx actions-up\n"))) : console.error(pc.redBright("\nError:"), e instanceof Error ? e.message : String(e)), process.exit(1);
 		}
-	}), b.parse();
+	}), C.parse();
 }
 export { run };

package/dist/cli/resolve-scan-directories.d.ts

@@ -1,10 +1,14 @@
-/** Options for resolving scan directories from CLI flags. */
+/**
+ * Options for resolving scan directories from CLI flags.
+ */
 interface ResolveScanDirectoriesOptions {
     dir?: string[] | string;
     recursive?: boolean;
     cwd: string;
 }
-/** Resolved directory with root and relative directory. */
+/**
+ * Resolved directory with root and relative directory.
+ */
 interface ResolvedDirectory {
     root: string;
     dir: string;

package/dist/cli/validate-cli-options.d.ts

@@ -0,0 +1,20 @@
+/**
+ * Minimal subset of CLI flags that require cross-option validation.
+ */
+interface ValidateCliOptionsInput {
+    /**
+     * Whether JSON report mode is enabled.
+     */
+    json?: boolean;
+    /**
+     * Whether auto-apply mode is enabled.
+     */
+    yes?: boolean;
+}
+/**
+ * Validate combinations of CLI flags before running the pipeline.
+ *
+ * @param options - Parsed CLI flags relevant to cross-option validation.
+ */
+export declare function validateCliOptions(options: ValidateCliOptionsInput): void;
+export {};

package/dist/cli/validate-cli-options.js

@@ -0,0 +1,4 @@
+function validateCliOptions(e) {
+	if (e.json && e.yes) throw Error("--json cannot be used with --yes");
+}
+export { validateCliOptions };