alex-c-line 2.8.0 → 2.9.0

package/dist/index.cjs

@@ -38,10 +38,10 @@ let _inquirer_prompts = require("@inquirer/prompts");
 let node_fs_promises = require("node:fs/promises");
 let dotenv = require("dotenv");
 let execa = require("execa");
-let node_url = require("node:url");
-let _alextheman_utility_internal = require("@alextheman/utility/internal");
 let zod = require("zod");
 zod = __toESM(zod, 1);
+let _alextheman_utility_internal = require("@alextheman/utility/internal");
+let node_url = require("node:url");
 let node_module = require("node:module");
 let toml = require("toml");
 let gray_matter = require("gray-matter");
@@ -270,7 +270,7 @@ function envFile(program) {
 }
 //#endregion
 //#region src/cli/commands/internal/check-lockfile-version-discrepancy.ts
-function checkLockfileVersionDiscrepancy(program) {
+function internalCheckLockfileVersionDiscrepancy(program) {
 	program.command("check-lockfile-version-discrepancy").description("Check that version numbers in package.json and package-lock.json match").action(async () => {
 		console.info("Checking for package.json and package-lock.json discrepancies...");
 		const { version: packageVersion } = JSON.parse(await (0, node_fs_promises.readFile)(node_path.default.resolve(process.cwd(), "package.json"), "utf-8"));
@@ -284,8 +284,247 @@ function checkLockfileVersionDiscrepancy(program) {
 	});
 }
 //#endregion
+//#region src/configs/helpers/preCommit/definePreCommitConfig.ts
+const preCommitStepOptionsSchema = zod.default.strictObject({ arguments: zod.default.array(zod.default.string()).optional() });
+const preCommitConfigSchema = zod.default.strictObject({
+	packageManager: zod.default.enum(_alextheman_utility_internal.PackageManager).optional(),
+	allowNoStagedChanges: zod.default.boolean().optional(),
+	steps: zod.default.array(zod.default.union([
+		zod.default.function({
+			input: [zod.default.function()],
+			output: zod.default.any()
+		}),
+		zod.default.string(),
+		zod.default.tuple([zod.default.string(), preCommitStepOptionsSchema])
+	])),
+	updateIndex: zod.default.boolean().optional()
+});
+//#endregion
+//#region src/configs/helpers/template/pullRequest/defineTemplatePullRequestSchema.ts
+const templatePullRequestBaseSchema = zod.default.strictObject({ projectName: zod.default.string().optional() });
+const templatePullRequestSchema = zod.default.discriminatedUnion("category", [templatePullRequestBaseSchema.extend({
+	category: zod.default.literal("general"),
+	projectType: zod.default.string()
+}), templatePullRequestBaseSchema.extend({
+	category: zod.default.literal("infrastructure"),
+	infrastructureProvider: zod.default.string(),
+	requireConfirmationFrom: zod.default.string()
+})]);
+function parseTemplatePullRequestConfig(input) {
+	return _alextheman_utility.az.with(templatePullRequestSchema).parse(input);
+}
+//#endregion
+//#region src/configs/helpers/defineAlexCLineConfig.ts
+const alexCLineConfigSchema = zod.default.strictObject({
+	preCommit: preCommitConfigSchema,
+	template: zod.default.object({ pullRequest: templatePullRequestSchema })
+}).partial();
+async function parseAlexCLineConfig(input) {
+	return await _alextheman_utility.az.with(alexCLineConfigSchema).parseAsync(input);
+}
+//#endregion
+//#region src/configs/types/ConfigFileName.ts
+const ConfigFileName = {
+	STANDARD_JAVASCRIPT: "alex-c-line.config.js",
+	ES_MODULES_JAVASCRIPT: "alex-c-line.config.mjs",
+	COMMON_JS_JAVASCRIPT: "alex-c-line.config.cjs"
+};
+const PrivateConfigFileName = {
+	STANDARD_JAVASCRIPT: ".alex-c-line.private.config.js",
+	ES_MODULES_JAVASCRIPT: ".alex-c-line.private.config.mjs",
+	COMMON_JS_JAVASCRIPT: ".alex-c-line.private.config.cjs"
+};
+//#endregion
+//#region src/configs/types/template/pullRequest/PullRequestTemplateCategory.ts
+const PullRequestTemplateCategory = {
+	GENERAL: "general",
+	INFRASTRUCTURE: "infrastructure"
+};
+//#endregion
+//#region src/configs/helpers/defineAlexCLinePrivateConfig.ts
+const alexCLinePrivateConfigSchema = zod.default.object({ localPackage: zod.default.strictObject({
+	enableCache: zod.default.boolean().optional(),
+	localPackages: zod.default.record(zod.default.string(), zod.default.strictObject({
+		packageManager: zod.default.enum(_alextheman_utility_internal.PackageManager),
+		path: zod.default.string(),
+		prepareScript: zod.default.string().optional(),
+		dependencyGroup: zod.default.enum(_alextheman_utility_internal.DependencyGroup).optional(),
+		keepOldTarballs: zod.default.boolean().optional()
+	}))
+}) });
+function parseAlexCLinePrivateConfig(data) {
+	return _alextheman_utility.az.with(alexCLinePrivateConfigSchema).parse(data);
+}
+//#endregion
+//#region src/utility/fileSystem/findPackageRoot.ts
+async function findPackageRoot(startDirectory, packageName) {
+	let directory = startDirectory;
+	while (true) {
+		const packagePath = node_path.default.join(directory, "package.json");
+		try {
+			if (JSON.parse(await (0, node_fs_promises.readFile)(packagePath, "utf-8"))?.name === packageName) return directory;
+		} catch {}
+		const parent = node_path.default.dirname(directory);
+		if (parent === directory) break;
+		directory = parent;
+	}
+	throw new _alextheman_utility_v6.DataError({ packageName }, "PACKAGE_ROOT_NOT_FOUND", `Could not find package root for ${packageName}`);
+}
+//#endregion
+//#region src/utility/constants/ALEX_C_LINE_PACKAGE_ROOT.ts
+const __filename$3 = (0, node_url.fileURLToPath)(require("url").pathToFileURL(__filename).href);
+const ALEX_C_LINE_PACKAGE_ROOT = findPackageRoot(node_path.default.dirname(__filename$3), "alex-c-line");
+//#endregion
+//#region src/cli/commands/internal/dependency-audit/helpers/getOutdatedDependencies.ts
+const pnpmOutdatedSchema = zod.default.record(zod.default.string(), zod.default.object({
+	current: _alextheman_utility.az.versionNumber(),
+	latest: _alextheman_utility.az.versionNumber(),
+	isDeprecated: zod.default.boolean(),
+	dependencyType: zod.default.enum(_alextheman_utility_internal.DependencyGroup)
+}));
+function parseOutdated(input) {
+	return _alextheman_utility.az.with(pnpmOutdatedSchema).parse(input);
+}
+async function getOutdatedDependencies(program) {
+	const { exitCode, stdout, stderr } = await (0, execa.execa)({ reject: false })`pnpm outdated --json`;
+	if (![0, 1].includes(exitCode)) program.error(stderr ?? stdout, {
+		exitCode,
+		code: "OUTDATED_DEPENDENCIES_ERROR"
+	});
+	const outdatedDependencies = parseOutdated(JSON.parse(stdout.trim()));
+	if (Object.keys(outdatedDependencies).length === 0) return "No outdated dependencies found.";
+	const outdatedTemplatesPath = node_path.default.join(await ALEX_C_LINE_PACKAGE_ROOT, "templates", "dependencyAudit", "outdated");
+	const tableTemplate = await (0, node_fs_promises.readFile)(node_path.default.join(outdatedTemplatesPath, "table.html"), "utf-8");
+	const tableRowTemplate = await (0, node_fs_promises.readFile)(node_path.default.join(outdatedTemplatesPath, "tableRow.html"), "utf-8");
+	return tableTemplate.replace("{{tableRows}}", Object.entries(outdatedDependencies).map(([packageName, data]) => {
+		return tableRowTemplate.replace("{{packageName}}", packageName).replace("{{currentVersion}}", data.current.toString()).replace("{{latestVersion}}", data.latest.toString()).replace("{{isDeprecated}}", data.isDeprecated ? "Yes" : "No").replace("{{dependencyGroup}}", data.dependencyType);
+	}).join("\n"));
+}
+//#endregion
+//#region src/cli/commands/internal/dependency-audit/helpers/getPeerCheck.ts
+const pnpmPeerCheckSchema = zod.default.object({ ".": zod.default.object({ bad: zod.default.record(zod.default.string(), zod.default.array(zod.default.object({
+	parents: zod.default.array(zod.default.object({
+		name: zod.default.string(),
+		version: _alextheman_utility.az.versionNumber()
+	})),
+	optional: zod.default.boolean(),
+	wantedRange: zod.default.string(),
+	foundVersion: _alextheman_utility.az.versionNumber()
+}))) }) });
+function parsePeerCheck(input) {
+	return _alextheman_utility.az.with(pnpmPeerCheckSchema).parse(input);
+}
+async function getPeerCheck(program) {
+	const { stdout, stderr, exitCode } = await (0, execa.execa)({ reject: false })`pnpm peers check --json`;
+	if (![0, 1].includes(exitCode)) program.error(stderr ?? stdout, {
+		exitCode,
+		code: "PEERS_CHECK_ERROR"
+	});
+	const peerCheck = parsePeerCheck(JSON.parse(stdout));
+	const auditTemplatesPath = node_path.default.join(await ALEX_C_LINE_PACKAGE_ROOT, "templates", "dependencyAudit", "peerCheck");
+	const peerCheckTableTemplate = await (0, node_fs_promises.readFile)(node_path.default.join(auditTemplatesPath, "table.html"), "utf-8");
+	const peerCheckTableRowTemplate = await (0, node_fs_promises.readFile)(node_path.default.join(auditTemplatesPath, "tableRow.html"), "utf-8");
+	if (Object.keys(peerCheck["."].bad).length === 0) return "No peer dependency issues found";
+	return peerCheckTableTemplate.replace("{{tableRows}}", Object.entries(peerCheck["."].bad).flatMap(([packageName, data]) => {
+		return data.map((item) => {
+			return peerCheckTableRowTemplate.replace("{{packageName}}", packageName).replace("{{currentVersion}}", item.foundVersion.toString()).replace("{{wantedRange}}", item.wantedRange).replace("{{parentDependencies}}", item.parents.map((parent) => {
+				return `${parent.name}@${parent.version}`;
+			}).join(", "));
+		});
+	}).join("\n"));
+}
+//#endregion
+//#region src/cli/commands/internal/dependency-audit/helpers/getSecurityAudit.ts
+const auditSchema = zod.default.object({
+	advisories: zod.default.record(zod.default.string(), zod.default.object({
+		title: zod.default.string(),
+		module_name: zod.default.string(),
+		vulnerable_versions: zod.default.string(),
+		patched_versions: zod.default.string(),
+		severity: zod.default.enum({
+			INFO: "info",
+			LOW: "low",
+			MODERATE: "moderate",
+			HIGH: "high",
+			CRITICAL: "critical"
+		}),
+		url: zod.default.url()
+	})),
+	metadata: zod.default.object({ vulnerabilities: zod.default.object({
+		info: zod.default.number(),
+		low: zod.default.number(),
+		moderate: zod.default.number(),
+		high: zod.default.number(),
+		critical: zod.default.number()
+	}) })
+});
+function parseSecurityAudit(input) {
+	return _alextheman_utility.az.with(auditSchema).parse(input);
+}
+async function getSecurityAudit(program) {
+	const { stdout, stderr, exitCode } = await (0, execa.execa)({ reject: false })`pnpm audit --json`;
+	if (![0, 1].includes(exitCode)) program.error(stderr ?? stdout, {
+		exitCode,
+		code: "SECURITY_AUDIT_ERROR"
+	});
+	const securityAudit = parseSecurityAudit(JSON.parse(stdout));
+	const auditTemplatesPath = node_path.default.join(await ALEX_C_LINE_PACKAGE_ROOT, "templates", "dependencyAudit", "securityAudit");
+	const tableTemplate = await (0, node_fs_promises.readFile)(node_path.default.join(auditTemplatesPath, "table.html"), "utf-8");
+	const tableRowTemplate = await (0, node_fs_promises.readFile)(node_path.default.join(auditTemplatesPath, "tableRow.html"), "utf-8");
+	if (Object.keys(securityAudit.advisories).length === 0) return "No security issues found";
+	const severityOrder = {
+		critical: 5,
+		high: 4,
+		moderate: 3,
+		low: 2,
+		info: 1
+	};
+	const auditTable = tableTemplate.replace("{{tableRows}}", Object.entries(securityAudit.advisories).toSorted(([_, first], [__, second]) => {
+		return severityOrder[second.severity] - severityOrder[first.severity];
+	}).map(([id, data]) => {
+		return tableRowTemplate.replace("{{advisoryId}}", id).replace("{{severity}}", data.severity).replace("{{packageName}}", data.module_name).replace("{{title}}", data.title).replace("{{affected}}", data.vulnerable_versions).replace("{{patched}}", data.patched_versions).replace("{{url}}", data.url);
+	}).join("\n"));
+	return _alextheman_utility.normaliseIndents`
+    ### Summary
+    
+    ${(await (0, node_fs_promises.readFile)(node_path.default.join(auditTemplatesPath, "summary.html"), "utf-8")).replace("{{info}}", securityAudit.metadata.vulnerabilities.info.toString()).replace("{{low}}", securityAudit.metadata.vulnerabilities.low.toString()).replace("{{moderate}}", securityAudit.metadata.vulnerabilities.moderate.toString()).replace("{{high}}", securityAudit.metadata.vulnerabilities.high.toString()).replace("{{critical}}", securityAudit.metadata.vulnerabilities.critical.toString())}
+
+    ### Audit Results
+
+    ${auditTable}
+  `;
+}
+//#endregion
+//#region src/cli/commands/internal/dependency-audit/index.ts
+function internalDependencyAudit(program) {
+	program.command("dependency-audit").description("Run an audit of the PNPM dependencies").option("-o, --output <path>", "Save the output to markdown file.").action(async ({ output }) => {
+		const content = _alextheman_utility.normaliseIndents`
+        # JavaScript Dependency Audit
+
+        ## Security Audit
+
+        ${await getSecurityAudit(program)}
+
+        ## Peer Dependency Check
+
+        ${await getPeerCheck(program)}
+
+        ## Outdated Dependencies
+
+        ${await getOutdatedDependencies(program)}
+      `;
+		console.info(content);
+		if (output) {
+			const fullSavePath = node_path.default.join(process.cwd(), output);
+			if (node_path.default.extname(output) !== ".md") throw new _alextheman_utility_v6.DataError({ output }, "INVALID_FILE_EXTENSION", "The file extension must be `.md`");
+			await (0, node_fs_promises.writeFile)(fullSavePath, content);
+			console.info(`Audit results saved to ${fullSavePath}`);
+		}
+	});
+}
+//#endregion
 //#region src/cli/commands/internal/git-post-merge-cleanup.ts
-function gitPostMergeCleanup(program) {
+function internalGitPostMergeCleanup(program) {
 	program.command("git-post-merge-cleanup").alias("git-cleanup").description("Run after merging into a given branch to quickly clean up").argument("[branch]", "The branch you want to merge into", "main").option("--rebase", "Enable if your repository mainly rebases into main", true).action(async (branch, { rebase }) => {
 		console.info(`Running git-post-merge-cleanup in ${rebase ? "rebase" : "merge"} mode...`);
 		const { stdout: currentBranch } = await execa.execa`git branch --show-current`;
@@ -391,27 +630,8 @@ function internalMedia(program) {
 	loadCommands(program.command("media"), { internalMediaGenerate });
 }
 //#endregion
-//#region src/utility/fileSystem/findPackageRoot.ts
-async function findPackageRoot(startDirectory, packageName) {
-	let directory = startDirectory;
-	while (true) {
-		const packagePath = node_path.default.join(directory, "package.json");
-		try {
-			if (JSON.parse(await (0, node_fs_promises.readFile)(packagePath, "utf-8"))?.name === packageName) return directory;
-		} catch {}
-		const parent = node_path.default.dirname(directory);
-		if (parent === directory) break;
-		directory = parent;
-	}
-	throw new _alextheman_utility_v6.DataError({ packageName }, "PACKAGE_ROOT_NOT_FOUND", `Could not find package root for ${packageName}`);
-}
-//#endregion
-//#region src/utility/constants/ALEX_C_LINE_PACKAGE_ROOT.ts
-const __filename$3 = (0, node_url.fileURLToPath)(require("url").pathToFileURL(__filename).href);
-const ALEX_C_LINE_PACKAGE_ROOT = findPackageRoot(node_path.default.dirname(__filename$3), "alex-c-line");
-//#endregion
 //#region src/cli/commands/internal/outdated-dependencies.ts
-function outdatedDependencies(program) {
+function internalOutdatedDependencies(program) {
 	program.command("outdated-dependencies").action(async () => {
 		const { exitCode, stdout, stderr } = await (0, execa.execa)({ reject: false })`pnpm outdated --json`;
 		if (![0, 1].includes(exitCode)) program.error(stderr ?? stdout, {
@@ -435,10 +655,11 @@ function outdatedDependencies(program) {
 //#region src/cli/commands/internal/index.ts
 function internal(program) {
 	loadCommands(program.command("internal").description("Commands meant more for internal use by me and is not recommended for production usage."), {
-		checkLockfileVersionDiscrepancy,
-		gitPostMergeCleanup,
+		internalCheckLockfileVersionDiscrepancy,
+		internalDependencyAudit,
+		internalGitPostMergeCleanup,
 		internalMedia,
-		outdatedDependencies
+		internalOutdatedDependencies
 	});
 }
 //#endregion
@@ -449,78 +670,6 @@ async function createAlexCLineProjectCache(cacheContents) {
 	await (0, node_fs_promises.writeFile)(cacheFilePath, JSON.stringify(cacheContents, void 0, 2));
 }
 //#endregion
-//#region src/configs/helpers/preCommit/definePreCommitConfig.ts
-const preCommitStepOptionsSchema = zod.default.strictObject({ arguments: zod.default.array(zod.default.string()).optional() });
-const preCommitConfigSchema = zod.default.strictObject({
-	packageManager: zod.default.enum(_alextheman_utility_internal.PackageManager).optional(),
-	allowNoStagedChanges: zod.default.boolean().optional(),
-	steps: zod.default.array(zod.default.union([
-		zod.default.function({
-			input: [zod.default.function()],
-			output: zod.default.any()
-		}),
-		zod.default.string(),
-		zod.default.tuple([zod.default.string(), preCommitStepOptionsSchema])
-	])),
-	updateIndex: zod.default.boolean().optional()
-});
-//#endregion
-//#region src/configs/helpers/template/pullRequest/defineTemplatePullRequestSchema.ts
-const templatePullRequestBaseSchema = zod.default.strictObject({ projectName: zod.default.string().optional() });
-const templatePullRequestSchema = zod.default.discriminatedUnion("category", [templatePullRequestBaseSchema.extend({
-	category: zod.default.literal("general"),
-	projectType: zod.default.string()
-}), templatePullRequestBaseSchema.extend({
-	category: zod.default.literal("infrastructure"),
-	infrastructureProvider: zod.default.string(),
-	requireConfirmationFrom: zod.default.string()
-})]);
-function parseTemplatePullRequestConfig(input) {
-	return _alextheman_utility.az.with(templatePullRequestSchema).parse(input);
-}
-//#endregion
-//#region src/configs/helpers/defineAlexCLineConfig.ts
-const alexCLineConfigSchema = zod.default.strictObject({
-	preCommit: preCommitConfigSchema,
-	template: zod.default.object({ pullRequest: templatePullRequestSchema })
-}).partial();
-async function parseAlexCLineConfig(input) {
-	return await _alextheman_utility.az.with(alexCLineConfigSchema).parseAsync(input);
-}
-//#endregion
-//#region src/configs/types/ConfigFileName.ts
-const ConfigFileName = {
-	STANDARD_JAVASCRIPT: "alex-c-line.config.js",
-	ES_MODULES_JAVASCRIPT: "alex-c-line.config.mjs",
-	COMMON_JS_JAVASCRIPT: "alex-c-line.config.cjs"
-};
-const PrivateConfigFileName = {
-	STANDARD_JAVASCRIPT: ".alex-c-line.private.config.js",
-	ES_MODULES_JAVASCRIPT: ".alex-c-line.private.config.mjs",
-	COMMON_JS_JAVASCRIPT: ".alex-c-line.private.config.cjs"
-};
-//#endregion
-//#region src/configs/types/template/pullRequest/PullRequestTemplateCategory.ts
-const PullRequestTemplateCategory = {
-	GENERAL: "general",
-	INFRASTRUCTURE: "infrastructure"
-};
-//#endregion
-//#region src/configs/helpers/defineAlexCLinePrivateConfig.ts
-const alexCLinePrivateConfigSchema = zod.default.object({ localPackage: zod.default.strictObject({
-	enableCache: zod.default.boolean().optional(),
-	localPackages: zod.default.record(zod.default.string(), zod.default.strictObject({
-		packageManager: zod.default.enum(_alextheman_utility_internal.PackageManager),
-		path: zod.default.string(),
-		prepareScript: zod.default.string().optional(),
-		dependencyGroup: zod.default.enum(_alextheman_utility_internal.DependencyGroup).optional(),
-		keepOldTarballs: zod.default.boolean().optional()
-	}))
-}) });
-function parseAlexCLinePrivateConfig(data) {
-	return _alextheman_utility.az.with(alexCLinePrivateConfigSchema).parse(data);
-}
-//#endregion
 //#region src/cache/project/types/AlexCLineProjectCache.ts
 const alexCLineProjectCacheSchema = zod.default.object({ useLocalPackage: zod.default.object({ dependencies: zod.default.record(zod.default.string(), zod.default.object({
 	currentVersion: zod.default.string(),
@@ -1207,7 +1356,7 @@ function template(program) {
 //#endregion
 //#region package.json
 var name = "alex-c-line";
-var version$1 = "2.8.0";
+var version$1 = "2.9.0";
 var description = "Command-line tool with commands to streamline the developer workflow.";
 //#endregion
 //#region src/utility/updates/checkUpdate.ts

package/dist/index.js

@@ -12,9 +12,9 @@ import { confirm, input, password, select } from "@inquirer/prompts";
 import { access, mkdir, readFile, readdir, rm, stat, writeFile } from "node:fs/promises";
 import { parse } from "dotenv";
 import { ExecaError, execa } from "execa";
-import { fileURLToPath, pathToFileURL } from "node:url";
-import { DependencyGroup, PackageManager, getDependenciesFromGroup, getExpectedTgzName, getPackageJsonContents, packageJsonNotFoundError } from "@alextheman/utility/internal";
 import z from "zod";
+import { DependencyGroup, PackageManager, getDependenciesFromGroup, getExpectedTgzName, getPackageJsonContents, packageJsonNotFoundError } from "@alextheman/utility/internal";
+import { fileURLToPath, pathToFileURL } from "node:url";
 import { parse as parse$1 } from "toml";
 import matter from "gray-matter";
 import { parseFilePath } from "@alextheman/utility/node";
@@ -239,7 +239,7 @@ function envFile(program) {
 }
 //#endregion
 //#region src/cli/commands/internal/check-lockfile-version-discrepancy.ts
-function checkLockfileVersionDiscrepancy(program) {
+function internalCheckLockfileVersionDiscrepancy(program) {
 	program.command("check-lockfile-version-discrepancy").description("Check that version numbers in package.json and package-lock.json match").action(async () => {
 		console.info("Checking for package.json and package-lock.json discrepancies...");
 		const { version: packageVersion } = JSON.parse(await readFile(path.resolve(process.cwd(), "package.json"), "utf-8"));
@@ -253,8 +253,247 @@ function checkLockfileVersionDiscrepancy(program) {
 	});
 }
 //#endregion
+//#region src/configs/helpers/preCommit/definePreCommitConfig.ts
+const preCommitStepOptionsSchema = z.strictObject({ arguments: z.array(z.string()).optional() });
+const preCommitConfigSchema = z.strictObject({
+	packageManager: z.enum(PackageManager).optional(),
+	allowNoStagedChanges: z.boolean().optional(),
+	steps: z.array(z.union([
+		z.function({
+			input: [z.function()],
+			output: z.any()
+		}),
+		z.string(),
+		z.tuple([z.string(), preCommitStepOptionsSchema])
+	])),
+	updateIndex: z.boolean().optional()
+});
+//#endregion
+//#region src/configs/helpers/template/pullRequest/defineTemplatePullRequestSchema.ts
+const templatePullRequestBaseSchema = z.strictObject({ projectName: z.string().optional() });
+const templatePullRequestSchema = z.discriminatedUnion("category", [templatePullRequestBaseSchema.extend({
+	category: z.literal("general"),
+	projectType: z.string()
+}), templatePullRequestBaseSchema.extend({
+	category: z.literal("infrastructure"),
+	infrastructureProvider: z.string(),
+	requireConfirmationFrom: z.string()
+})]);
+function parseTemplatePullRequestConfig(input) {
+	return az.with(templatePullRequestSchema).parse(input);
+}
+//#endregion
+//#region src/configs/helpers/defineAlexCLineConfig.ts
+const alexCLineConfigSchema = z.strictObject({
+	preCommit: preCommitConfigSchema,
+	template: z.object({ pullRequest: templatePullRequestSchema })
+}).partial();
+async function parseAlexCLineConfig(input) {
+	return await az.with(alexCLineConfigSchema).parseAsync(input);
+}
+//#endregion
+//#region src/configs/types/ConfigFileName.ts
+const ConfigFileName = {
+	STANDARD_JAVASCRIPT: "alex-c-line.config.js",
+	ES_MODULES_JAVASCRIPT: "alex-c-line.config.mjs",
+	COMMON_JS_JAVASCRIPT: "alex-c-line.config.cjs"
+};
+const PrivateConfigFileName = {
+	STANDARD_JAVASCRIPT: ".alex-c-line.private.config.js",
+	ES_MODULES_JAVASCRIPT: ".alex-c-line.private.config.mjs",
+	COMMON_JS_JAVASCRIPT: ".alex-c-line.private.config.cjs"
+};
+//#endregion
+//#region src/configs/types/template/pullRequest/PullRequestTemplateCategory.ts
+const PullRequestTemplateCategory = {
+	GENERAL: "general",
+	INFRASTRUCTURE: "infrastructure"
+};
+//#endregion
+//#region src/configs/helpers/defineAlexCLinePrivateConfig.ts
+const alexCLinePrivateConfigSchema = z.object({ localPackage: z.strictObject({
+	enableCache: z.boolean().optional(),
+	localPackages: z.record(z.string(), z.strictObject({
+		packageManager: z.enum(PackageManager),
+		path: z.string(),
+		prepareScript: z.string().optional(),
+		dependencyGroup: z.enum(DependencyGroup).optional(),
+		keepOldTarballs: z.boolean().optional()
+	}))
+}) });
+function parseAlexCLinePrivateConfig(data) {
+	return az.with(alexCLinePrivateConfigSchema).parse(data);
+}
+//#endregion
+//#region src/utility/fileSystem/findPackageRoot.ts
+async function findPackageRoot(startDirectory, packageName) {
+	let directory = startDirectory;
+	while (true) {
+		const packagePath = path.join(directory, "package.json");
+		try {
+			if (JSON.parse(await readFile(packagePath, "utf-8"))?.name === packageName) return directory;
+		} catch {}
+		const parent = path.dirname(directory);
+		if (parent === directory) break;
+		directory = parent;
+	}
+	throw new DataError({ packageName }, "PACKAGE_ROOT_NOT_FOUND", `Could not find package root for ${packageName}`);
+}
+//#endregion
+//#region src/utility/constants/ALEX_C_LINE_PACKAGE_ROOT.ts
+const __filename$2 = fileURLToPath(import.meta.url);
+const ALEX_C_LINE_PACKAGE_ROOT = findPackageRoot(path.dirname(__filename$2), "alex-c-line");
+//#endregion
+//#region src/cli/commands/internal/dependency-audit/helpers/getOutdatedDependencies.ts
+const pnpmOutdatedSchema = z.record(z.string(), z.object({
+	current: az.versionNumber(),
+	latest: az.versionNumber(),
+	isDeprecated: z.boolean(),
+	dependencyType: z.enum(DependencyGroup)
+}));
+function parseOutdated(input) {
+	return az.with(pnpmOutdatedSchema).parse(input);
+}
+async function getOutdatedDependencies(program) {
+	const { exitCode, stdout, stderr } = await execa({ reject: false })`pnpm outdated --json`;
+	if (![0, 1].includes(exitCode)) program.error(stderr ?? stdout, {
+		exitCode,
+		code: "OUTDATED_DEPENDENCIES_ERROR"
+	});
+	const outdatedDependencies = parseOutdated(JSON.parse(stdout.trim()));
+	if (Object.keys(outdatedDependencies).length === 0) return "No outdated dependencies found.";
+	const outdatedTemplatesPath = path.join(await ALEX_C_LINE_PACKAGE_ROOT, "templates", "dependencyAudit", "outdated");
+	const tableTemplate = await readFile(path.join(outdatedTemplatesPath, "table.html"), "utf-8");
+	const tableRowTemplate = await readFile(path.join(outdatedTemplatesPath, "tableRow.html"), "utf-8");
+	return tableTemplate.replace("{{tableRows}}", Object.entries(outdatedDependencies).map(([packageName, data]) => {
+		return tableRowTemplate.replace("{{packageName}}", packageName).replace("{{currentVersion}}", data.current.toString()).replace("{{latestVersion}}", data.latest.toString()).replace("{{isDeprecated}}", data.isDeprecated ? "Yes" : "No").replace("{{dependencyGroup}}", data.dependencyType);
+	}).join("\n"));
+}
+//#endregion
+//#region src/cli/commands/internal/dependency-audit/helpers/getPeerCheck.ts
+const pnpmPeerCheckSchema = z.object({ ".": z.object({ bad: z.record(z.string(), z.array(z.object({
+	parents: z.array(z.object({
+		name: z.string(),
+		version: az.versionNumber()
+	})),
+	optional: z.boolean(),
+	wantedRange: z.string(),
+	foundVersion: az.versionNumber()
+}))) }) });
+function parsePeerCheck(input) {
+	return az.with(pnpmPeerCheckSchema).parse(input);
+}
+async function getPeerCheck(program) {
+	const { stdout, stderr, exitCode } = await execa({ reject: false })`pnpm peers check --json`;
+	if (![0, 1].includes(exitCode)) program.error(stderr ?? stdout, {
+		exitCode,
+		code: "PEERS_CHECK_ERROR"
+	});
+	const peerCheck = parsePeerCheck(JSON.parse(stdout));
+	const auditTemplatesPath = path.join(await ALEX_C_LINE_PACKAGE_ROOT, "templates", "dependencyAudit", "peerCheck");
+	const peerCheckTableTemplate = await readFile(path.join(auditTemplatesPath, "table.html"), "utf-8");
+	const peerCheckTableRowTemplate = await readFile(path.join(auditTemplatesPath, "tableRow.html"), "utf-8");
+	if (Object.keys(peerCheck["."].bad).length === 0) return "No peer dependency issues found";
+	return peerCheckTableTemplate.replace("{{tableRows}}", Object.entries(peerCheck["."].bad).flatMap(([packageName, data]) => {
+		return data.map((item) => {
+			return peerCheckTableRowTemplate.replace("{{packageName}}", packageName).replace("{{currentVersion}}", item.foundVersion.toString()).replace("{{wantedRange}}", item.wantedRange).replace("{{parentDependencies}}", item.parents.map((parent) => {
+				return `${parent.name}@${parent.version}`;
+			}).join(", "));
+		});
+	}).join("\n"));
+}
+//#endregion
+//#region src/cli/commands/internal/dependency-audit/helpers/getSecurityAudit.ts
+const auditSchema = z.object({
+	advisories: z.record(z.string(), z.object({
+		title: z.string(),
+		module_name: z.string(),
+		vulnerable_versions: z.string(),
+		patched_versions: z.string(),
+		severity: z.enum({
+			INFO: "info",
+			LOW: "low",
+			MODERATE: "moderate",
+			HIGH: "high",
+			CRITICAL: "critical"
+		}),
+		url: z.url()
+	})),
+	metadata: z.object({ vulnerabilities: z.object({
+		info: z.number(),
+		low: z.number(),
+		moderate: z.number(),
+		high: z.number(),
+		critical: z.number()
+	}) })
+});
+function parseSecurityAudit(input) {
+	return az.with(auditSchema).parse(input);
+}
+async function getSecurityAudit(program) {
+	const { stdout, stderr, exitCode } = await execa({ reject: false })`pnpm audit --json`;
+	if (![0, 1].includes(exitCode)) program.error(stderr ?? stdout, {
+		exitCode,
+		code: "SECURITY_AUDIT_ERROR"
+	});
+	const securityAudit = parseSecurityAudit(JSON.parse(stdout));
+	const auditTemplatesPath = path.join(await ALEX_C_LINE_PACKAGE_ROOT, "templates", "dependencyAudit", "securityAudit");
+	const tableTemplate = await readFile(path.join(auditTemplatesPath, "table.html"), "utf-8");
+	const tableRowTemplate = await readFile(path.join(auditTemplatesPath, "tableRow.html"), "utf-8");
+	if (Object.keys(securityAudit.advisories).length === 0) return "No security issues found";
+	const severityOrder = {
+		critical: 5,
+		high: 4,
+		moderate: 3,
+		low: 2,
+		info: 1
+	};
+	const auditTable = tableTemplate.replace("{{tableRows}}", Object.entries(securityAudit.advisories).toSorted(([_, first], [__, second]) => {
+		return severityOrder[second.severity] - severityOrder[first.severity];
+	}).map(([id, data]) => {
+		return tableRowTemplate.replace("{{advisoryId}}", id).replace("{{severity}}", data.severity).replace("{{packageName}}", data.module_name).replace("{{title}}", data.title).replace("{{affected}}", data.vulnerable_versions).replace("{{patched}}", data.patched_versions).replace("{{url}}", data.url);
+	}).join("\n"));
+	return normaliseIndents`
+    ### Summary
+    
+    ${(await readFile(path.join(auditTemplatesPath, "summary.html"), "utf-8")).replace("{{info}}", securityAudit.metadata.vulnerabilities.info.toString()).replace("{{low}}", securityAudit.metadata.vulnerabilities.low.toString()).replace("{{moderate}}", securityAudit.metadata.vulnerabilities.moderate.toString()).replace("{{high}}", securityAudit.metadata.vulnerabilities.high.toString()).replace("{{critical}}", securityAudit.metadata.vulnerabilities.critical.toString())}
+
+    ### Audit Results
+
+    ${auditTable}
+  `;
+}
+//#endregion
+//#region src/cli/commands/internal/dependency-audit/index.ts
+function internalDependencyAudit(program) {
+	program.command("dependency-audit").description("Run an audit of the PNPM dependencies").option("-o, --output <path>", "Save the output to markdown file.").action(async ({ output }) => {
+		const content = normaliseIndents`
+        # JavaScript Dependency Audit
+
+        ## Security Audit
+
+        ${await getSecurityAudit(program)}
+
+        ## Peer Dependency Check
+
+        ${await getPeerCheck(program)}
+
+        ## Outdated Dependencies
+
+        ${await getOutdatedDependencies(program)}
+      `;
+		console.info(content);
+		if (output) {
+			const fullSavePath = path.join(process.cwd(), output);
+			if (path.extname(output) !== ".md") throw new DataError({ output }, "INVALID_FILE_EXTENSION", "The file extension must be `.md`");
+			await writeFile(fullSavePath, content);
+			console.info(`Audit results saved to ${fullSavePath}`);
+		}
+	});
+}
+//#endregion
 //#region src/cli/commands/internal/git-post-merge-cleanup.ts
-function gitPostMergeCleanup(program) {
+function internalGitPostMergeCleanup(program) {
 	program.command("git-post-merge-cleanup").alias("git-cleanup").description("Run after merging into a given branch to quickly clean up").argument("[branch]", "The branch you want to merge into", "main").option("--rebase", "Enable if your repository mainly rebases into main", true).action(async (branch, { rebase }) => {
 		console.info(`Running git-post-merge-cleanup in ${rebase ? "rebase" : "merge"} mode...`);
 		const { stdout: currentBranch } = await execa`git branch --show-current`;
@@ -360,27 +599,8 @@ function internalMedia(program) {
 	loadCommands(program.command("media"), { internalMediaGenerate });
 }
 //#endregion
-//#region src/utility/fileSystem/findPackageRoot.ts
-async function findPackageRoot(startDirectory, packageName) {
-	let directory = startDirectory;
-	while (true) {
-		const packagePath = path.join(directory, "package.json");
-		try {
-			if (JSON.parse(await readFile(packagePath, "utf-8"))?.name === packageName) return directory;
-		} catch {}
-		const parent = path.dirname(directory);
-		if (parent === directory) break;
-		directory = parent;
-	}
-	throw new DataError({ packageName }, "PACKAGE_ROOT_NOT_FOUND", `Could not find package root for ${packageName}`);
-}
-//#endregion
-//#region src/utility/constants/ALEX_C_LINE_PACKAGE_ROOT.ts
-const __filename$2 = fileURLToPath(import.meta.url);
-const ALEX_C_LINE_PACKAGE_ROOT = findPackageRoot(path.dirname(__filename$2), "alex-c-line");
-//#endregion
 //#region src/cli/commands/internal/outdated-dependencies.ts
-function outdatedDependencies(program) {
+function internalOutdatedDependencies(program) {
 	program.command("outdated-dependencies").action(async () => {
 		const { exitCode, stdout, stderr } = await execa({ reject: false })`pnpm outdated --json`;
 		if (![0, 1].includes(exitCode)) program.error(stderr ?? stdout, {
@@ -404,10 +624,11 @@ function outdatedDependencies(program) {
 //#region src/cli/commands/internal/index.ts
 function internal(program) {
 	loadCommands(program.command("internal").description("Commands meant more for internal use by me and is not recommended for production usage."), {
-		checkLockfileVersionDiscrepancy,
-		gitPostMergeCleanup,
+		internalCheckLockfileVersionDiscrepancy,
+		internalDependencyAudit,
+		internalGitPostMergeCleanup,
 		internalMedia,
-		outdatedDependencies
+		internalOutdatedDependencies
 	});
 }
 //#endregion
@@ -418,78 +639,6 @@ async function createAlexCLineProjectCache(cacheContents) {
 	await writeFile(cacheFilePath, JSON.stringify(cacheContents, void 0, 2));
 }
 //#endregion
-//#region src/configs/helpers/preCommit/definePreCommitConfig.ts
-const preCommitStepOptionsSchema = z.strictObject({ arguments: z.array(z.string()).optional() });
-const preCommitConfigSchema = z.strictObject({
-	packageManager: z.enum(PackageManager).optional(),
-	allowNoStagedChanges: z.boolean().optional(),
-	steps: z.array(z.union([
-		z.function({
-			input: [z.function()],
-			output: z.any()
-		}),
-		z.string(),
-		z.tuple([z.string(), preCommitStepOptionsSchema])
-	])),
-	updateIndex: z.boolean().optional()
-});
-//#endregion
-//#region src/configs/helpers/template/pullRequest/defineTemplatePullRequestSchema.ts
-const templatePullRequestBaseSchema = z.strictObject({ projectName: z.string().optional() });
-const templatePullRequestSchema = z.discriminatedUnion("category", [templatePullRequestBaseSchema.extend({
-	category: z.literal("general"),
-	projectType: z.string()
-}), templatePullRequestBaseSchema.extend({
-	category: z.literal("infrastructure"),
-	infrastructureProvider: z.string(),
-	requireConfirmationFrom: z.string()
-})]);
-function parseTemplatePullRequestConfig(input) {
-	return az.with(templatePullRequestSchema).parse(input);
-}
-//#endregion
-//#region src/configs/helpers/defineAlexCLineConfig.ts
-const alexCLineConfigSchema = z.strictObject({
-	preCommit: preCommitConfigSchema,
-	template: z.object({ pullRequest: templatePullRequestSchema })
-}).partial();
-async function parseAlexCLineConfig(input) {
-	return await az.with(alexCLineConfigSchema).parseAsync(input);
-}
-//#endregion
-//#region src/configs/types/ConfigFileName.ts
-const ConfigFileName = {
-	STANDARD_JAVASCRIPT: "alex-c-line.config.js",
-	ES_MODULES_JAVASCRIPT: "alex-c-line.config.mjs",
-	COMMON_JS_JAVASCRIPT: "alex-c-line.config.cjs"
-};
-const PrivateConfigFileName = {
-	STANDARD_JAVASCRIPT: ".alex-c-line.private.config.js",
-	ES_MODULES_JAVASCRIPT: ".alex-c-line.private.config.mjs",
-	COMMON_JS_JAVASCRIPT: ".alex-c-line.private.config.cjs"
-};
-//#endregion
-//#region src/configs/types/template/pullRequest/PullRequestTemplateCategory.ts
-const PullRequestTemplateCategory = {
-	GENERAL: "general",
-	INFRASTRUCTURE: "infrastructure"
-};
-//#endregion
-//#region src/configs/helpers/defineAlexCLinePrivateConfig.ts
-const alexCLinePrivateConfigSchema = z.object({ localPackage: z.strictObject({
-	enableCache: z.boolean().optional(),
-	localPackages: z.record(z.string(), z.strictObject({
-		packageManager: z.enum(PackageManager),
-		path: z.string(),
-		prepareScript: z.string().optional(),
-		dependencyGroup: z.enum(DependencyGroup).optional(),
-		keepOldTarballs: z.boolean().optional()
-	}))
-}) });
-function parseAlexCLinePrivateConfig(data) {
-	return az.with(alexCLinePrivateConfigSchema).parse(data);
-}
-//#endregion
 //#region src/cache/project/types/AlexCLineProjectCache.ts
 const alexCLineProjectCacheSchema = z.object({ useLocalPackage: z.object({ dependencies: z.record(z.string(), z.object({
 	currentVersion: z.string(),
@@ -1176,7 +1325,7 @@ function template(program) {
 //#endregion
 //#region package.json
 var name = "alex-c-line";
-var version$1 = "2.8.0";
+var version$1 = "2.9.0";
 var description = "Command-line tool with commands to streamline the developer workflow.";
 //#endregion
 //#region src/utility/updates/checkUpdate.ts

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "alex-c-line",
-  "version": "2.8.0",
+  "version": "2.9.0",
   "description": "Command-line tool with commands to streamline the developer workflow.",
   "repository": {
     "type": "git",
@@ -34,8 +34,8 @@
     "templates"
   ],
   "dependencies": {
-    "@alextheman/utility": "5.19.0",
-    "@inquirer/prompts": "8.4.3",
+    "@alextheman/utility": "5.19.1",
+    "@inquirer/prompts": "8.5.0",
     "axios": "1.16.1",
     "boxen": "8.0.1",
     "chalk": "5.6.2",
@@ -52,7 +52,7 @@
     "zod": "4.4.3"
   },
   "devDependencies": {
-    "@alextheman/eslint-plugin": "5.15.0",
+    "@alextheman/eslint-plugin": "5.16.1",
     "@commander-js/extra-typings": "14.0.0",
     "@types/eslint": "9.6.1",
     "@types/node": "25.9.1",
@@ -66,9 +66,9 @@
     "prettier": "3.8.3",
     "tempy": "3.2.0",
     "ts-node": "10.9.2",
-    "tsdown": "0.22.0",
+    "tsdown": "0.22.1",
     "typescript": "6.0.3",
-    "typescript-eslint": "8.59.4",
+    "typescript-eslint": "8.60.0",
     "vite": "8.0.14",
     "vitest": "4.1.7"
   },

package/templates/{outdated → dependencyAudit/outdated}/table.html

@@ -4,6 +4,8 @@
       <th scope="col">Name</th>
       <th scope="col">Current Version</th>
       <th scope="col">Latest Version</th>
+      <th scope="col">Deprecated</th>
+      <th scope="col">Dependency Group</th>
     </tr>
   </thead>
   <tbody>

package/templates/{outdated → dependencyAudit/outdated}/tableRow.html

@@ -2,4 +2,6 @@
   <th scope="row">{{packageName}}</th>
   <td>{{currentVersion}}</td>
   <td>{{latestVersion}}</td>
+  <td>{{isDeprecated}}</td>
+  <td>{{dependencyGroup}}</td>
 </tr>

package/templates/dependencyAudit/peerCheck/table.html

@@ -0,0 +1,13 @@
+<table>
+  <thead>
+    <tr>
+      <th scope="col">Unmet Peer</th>
+      <th scope="col">Installed</th>
+      <th scope="col">Version Range Wanted</th>
+      <th scope="col">Range Wanted By</th>
+    </tr>
+  </thead>
+  <tbody>
+    {{tableRows}}
+  </tbody>
+</table>

package/templates/dependencyAudit/peerCheck/tableRow.html

@@ -0,0 +1,6 @@
+<tr>
+  <th scope="row">{{packageName}}</th>
+  <td>{{currentVersion}}</td>
+  <td>{{wantedRange}}</td>
+  <td>{{parentDependencies}}</td>
+</tr>

package/templates/dependencyAudit/securityAudit/summary.html

@@ -0,0 +1,7 @@
+<ul>
+  <li>Info: {{info}}</li>
+  <li>Low: {{low}}</li>
+  <li>Moderate: {{moderate}}</li>
+  <li>High: {{high}}</li>
+  <li>Critical: {{critical}}</li>
+</ul>

package/templates/dependencyAudit/securityAudit/table.html

@@ -0,0 +1,15 @@
+<table>
+  <thead>
+    <tr>
+      <th scope="col">ID</th>
+      <th scope="col">Severity</th>
+      <th scope="col">Title</th>
+      <th scope="col">Package</th>
+      <th scope="col">Affected</th>
+      <th scope="col">Patched</th>
+    </tr>
+  </thead>
+  <tbody>
+    {{tableRows}}
+  </tbody>
+</table>

package/templates/dependencyAudit/securityAudit/tableRow.html

@@ -0,0 +1,10 @@
+<tr>
+  <td>
+    <a href="{{url}}">{{advisoryId}}</a>
+  </td>
+  <th scope="row">{{severity}}</th>
+  <td>{{title}}</td>
+  <td>{{packageName}}</td>
+  <td>{{affected}}</td>
+  <td>{{patched}}</td>
+</tr>