audit-trace 0.1.0

package/dist/core/graph-engine/npm-lock.js

@@ -0,0 +1,159 @@
+function scopedSeg(name) {
+    return name.startsWith("@") ? name.split("/").slice(0, 2).join("/") : name;
+}
+/** Resolve child path for a dependency name from parent lock path (npm v2/v3 packages keys). */
+export function resolveNpmPackagePath(packages, parentPath, depName) {
+    const seg = scopedSeg(depName);
+    let current = parentPath;
+    for (let hop = 0; hop < 512; hop++) {
+        const candidate = current === "" ? `node_modules/${seg}` : `${current}/node_modules/${seg}`;
+        if (candidate in packages)
+            return candidate;
+        if (current === "")
+            break;
+        const idx = current.lastIndexOf("/node_modules/");
+        if (idx === -1) {
+            const rootCand = `node_modules/${seg}`;
+            if (rootCand in packages)
+                return rootCand;
+            break;
+        }
+        current = current.slice(0, idx);
+        if (current === "") {
+            const rootCand = `node_modules/${seg}`;
+            if (rootCand in packages)
+                return rootCand;
+        }
+    }
+    return undefined;
+}
+export function buildGraphFromPackageLock(raw, _rootDir) {
+    const packages = raw.packages;
+    if (!packages || typeof packages !== "object") {
+        return emptyGraph();
+    }
+    const nodes = new Map();
+    const edges = [];
+    const byPackageName = new Map();
+    const rootIds = [];
+    const registerNode = (pathKey, name, ver, dev, opt, peer) => {
+        const id = `${pathKey}::${name}@${ver}`;
+        if (nodes.has(id))
+            return id;
+        const node = {
+            id,
+            pathKey,
+            name,
+            version: ver,
+            dev,
+            optional: opt,
+            peer,
+        };
+        nodes.set(id, node);
+        const list = byPackageName.get(name) ?? [];
+        list.push(id);
+        byPackageName.set(name, list);
+        return id;
+    };
+    const getEntry = (k) => packages[k] ?? {};
+    for (const pathKey of Object.keys(packages)) {
+        if (pathKey === "")
+            continue;
+        const ent = getEntry(pathKey);
+        const ver = ent.version ?? "";
+        if (!ver)
+            continue;
+        const nameFromPath = pathToPackageName(pathKey);
+        const name = ent.name ?? nameFromPath;
+        const dev = Boolean(ent.dev);
+        const optional = Boolean(ent.optional);
+        registerNode(pathKey, name, ver, dev, optional, false);
+    }
+    const rootEntry = getEntry("");
+    const ensureRoot = () => registerOrGetRoot(rootIds, nodes, byPackageName, rootEntry);
+    const linkDeps = (parentPath, deps, type) => {
+        if (!deps)
+            return;
+        for (const depName of Object.keys(deps)) {
+            const childPath = resolveNpmPackagePath(packages, parentPath, depName);
+            if (!childPath)
+                continue;
+            const childEnt = getEntry(childPath);
+            const childVer = childEnt.version ?? "";
+            const childName = childEnt.name ?? pathToPackageName(childPath);
+            const fromId = parentPath === ""
+                ? ensureRoot()
+                : findNodeId(nodes, parentPath, pathToPackageName(parentPath), getEntry(parentPath).version ?? "");
+            const toId = findNodeId(nodes, childPath, childName, childVer);
+            if (fromId && toId)
+                edges.push({ from: fromId, to: toId, depType: type });
+        }
+    };
+    linkDeps("", rootEntry.dependencies, "dependencies");
+    linkDeps("", rootEntry.devDependencies, "devDependencies");
+    linkDeps("", rootEntry.optionalDependencies, "optionalDependencies");
+    linkDeps("", rootEntry.peerDependencies, "peerDependencies");
+    for (const pathKey of Object.keys(packages)) {
+        if (pathKey === "")
+            continue;
+        const ent = getEntry(pathKey);
+        linkDeps(pathKey, ent.dependencies, "dependencies");
+        linkDeps(pathKey, ent.devDependencies, "devDependencies");
+        linkDeps(pathKey, ent.optionalDependencies, "optionalDependencies");
+        linkDeps(pathKey, ent.peerDependencies, "peerDependencies");
+    }
+    return {
+        nodes,
+        edges,
+        rootIds,
+        lockfileKind: "npm",
+        byPackageName,
+    };
+}
+function pathToPackageName(pathKey) {
+    const idx = pathKey.lastIndexOf("node_modules/");
+    if (idx === -1)
+        return pathKey;
+    return pathKey.slice(idx + "node_modules/".length);
+}
+function findNodeId(nodes, pathKey, name, version) {
+    for (const n of nodes.values()) {
+        if (n.pathKey === pathKey && n.name === name && n.version === version)
+            return n.id;
+    }
+    return undefined;
+}
+function registerOrGetRoot(rootIds, nodes, byPackageName, rootEntry) {
+    const name = rootEntry.name ?? "__root__";
+    const ver = rootEntry.version ?? "0.0.0";
+    const pathKey = "";
+    const id = `${pathKey}::${name}@${ver}`;
+    if (!nodes.has(id)) {
+        const node = {
+            id,
+            pathKey,
+            name,
+            version: ver,
+            dev: false,
+            optional: false,
+            peer: false,
+        };
+        nodes.set(id, node);
+        const list = byPackageName.get(name) ?? [];
+        list.push(id);
+        byPackageName.set(name, list);
+    }
+    if (!rootIds.includes(id))
+        rootIds.push(id);
+    return id;
+}
+function emptyGraph() {
+    return {
+        nodes: new Map(),
+        edges: [],
+        rootIds: [],
+        lockfileKind: "unknown",
+        byPackageName: new Map(),
+    };
+}
+//# sourceMappingURL=npm-lock.js.map

package/dist/core/graph-engine/npm-lock.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"npm-lock.js","sourceRoot":"","sources":["../../../src/core/graph-engine/npm-lock.ts"],"names":[],"mappings":"AAEA,SAAS,SAAS,CAAC,IAAY;IAC7B,OAAO,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;AAC7E,CAAC;AAED,gGAAgG;AAChG,MAAM,UAAU,qBAAqB,CACnC,QAAiC,EACjC,UAAkB,EAClB,OAAe;IAEf,MAAM,GAAG,GAAG,SAAS,CAAC,OAAO,CAAC,CAAC;IAC/B,IAAI,OAAO,GAAG,UAAU,CAAC;IAEzB,KAAK,IAAI,GAAG,GAAG,CAAC,EAAE,GAAG,GAAG,GAAG,EAAE,GAAG,EAAE,EAAE,CAAC;QACnC,MAAM,SAAS,GACb,OAAO,KAAK,EAAE,CAAC,CAAC,CAAC,gBAAgB,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,OAAO,iBAAiB,GAAG,EAAE,CAAC;QAC5E,IAAI,SAAS,IAAI,QAAQ;YAAE,OAAO,SAAS,CAAC;QAE5C,IAAI,OAAO,KAAK,EAAE;YAAE,MAAM;QAC1B,MAAM,GAAG,GAAG,OAAO,CAAC,WAAW,CAAC,gBAAgB,CAAC,CAAC;QAClD,IAAI,GAAG,KAAK,CAAC,CAAC,EAAE,CAAC;YACf,MAAM,QAAQ,GAAG,gBAAgB,GAAG,EAAE,CAAC;YACvC,IAAI,QAAQ,IAAI,QAAQ;gBAAE,OAAO,QAAQ,CAAC;YAC1C,MAAM;QACR,CAAC;QACD,OAAO,GAAG,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;QAChC,IAAI,OAAO,KAAK,EAAE,EAAE,CAAC;YACnB,MAAM,QAAQ,GAAG,gBAAgB,GAAG,EAAE,CAAC;YACvC,IAAI,QAAQ,IAAI,QAAQ;gBAAE,OAAO,QAAQ,CAAC;QAC5C,CAAC;IACH,CAAC;IACD,OAAO,SAAS,CAAC;AACnB,CAAC;AAcD,MAAM,UAAU,yBAAyB,CACvC,GAA4B,EAC5B,QAAgB;IAEhB,MAAM,QAAQ,GAAG,GAAG,CAAC,QAA+C,CAAC;IACrE,IAAI,CAAC,QAAQ,IAAI,OAAO,QAAQ,KAAK,QAAQ,EAAE,CAAC;QAC9C,OAAO,UAAU,EAAE,CAAC;IACtB,CAAC;IAED,MAAM,KAAK,GAAG,IAAI,GAAG,EAA0B,CAAC;IAChD,MAAM,KAAK,GAAqB,EAAE,CAAC;IACnC,MAAM,aAAa,GAAG,IAAI,GAAG,EAAoB,CAAC;IAClD,MAAM,OAAO,GAAa,EAAE,CAAC;IAE7B,MAAM,YAAY,GAAG,CACnB,OAAe,EACf,IAAY,EACZ,GAAW,EACX,GAAY,EACZ,GAAY,EACZ,IAAa,EACb,EAAE;QACF,MAAM,EAAE,GAAG,GAAG,OAAO,KAAK,IAAI,IAAI,GAAG,EAAE,CAAC;QACxC,IAAI,KAAK,CAAC,GAAG,CAAC,EAAE,CAAC;YAAE,OAAO,EAAE,CAAC;QAC7B,MAAM,IAAI,GAAmB;YAC3B,EAAE;YACF,OAAO;YACP,IAAI;YACJ,OAAO,EAAE,GAAG;YACZ,GAAG;YACH,QAAQ,EAAE,GAAG;YACb,IAAI;SACL,CAAC;QACF,KAAK,CAAC,GAAG,CAAC,EAAE,EAAE,IAAI,CAAC,CAAC;QACpB,MAAM,IAAI,GAAG,aAAa,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC;QAC3C,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACd,aAAa,CAAC,GAAG,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;QAC9B,OAAO,EAAE,CAAC;IACZ,CAAC,CAAC;IAEF,MAAM,QAAQ,GAAG,CAAC,CAAS,EAAY,EAAE,CAAE,QAAQ,CAAC,CAAC,CAAc,IAAI,EAAE,CAAC;IAE1E,KAAK,MAAM,OAAO,IAAI,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC;QAC5C,IAAI,OAAO,KAAK,EAAE;YAAE,SAAS;QAC7B,MAAM,GAAG,GAAG,QAAQ,CAAC,OAAO,CAAC,CAAC;QAC9B,MAAM,GAAG,GAAG,GAAG,CAAC,OAAO,IAAI,EAAE,CAAC;QAC9B,IAAI,CAAC,GAAG;YAAE,SAAS;QACnB,MAAM,YAAY,GAAG,iBAAiB,CAAC,OAAO,CAAC,CAAC;QAChD,MAAM,IAAI,GAAG,GAAG,CAAC,IAAI,IAAI,YAAY,CAAC;QACtC,MAAM,GAAG,GAAG,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QAC7B,MAAM,QAAQ,GAAG,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;QACvC,YAAY,CAAC,OAAO,EAAE,IAAI,EAAE,GAAG,EAAE,GAAG,EAAE,QAAQ,EAAE,KAAK,CAAC,CAAC;IACzD,CAAC;IAED,MAAM,SAAS,GAAG,QAAQ,CAAC,EAAE,CAAC,CAAC;IAC/B,MAAM,UAAU,GAAG,GAAG,EAAE,CACtB,iBAAiB,CAAC,OAAO,EAAE,KAAK,EAAE,aAAa,EAAE,SAAS,CAAC,CAAC;IAE9D,MAAM,QAAQ,GAAG,CACf,UAAkB,EAClB,IAAwC,EACxC,IAA+B,EAC/B,EAAE;QACF,IAAI,CAAC,IAAI;YAAE,OAAO;QAClB,KAAK,MAAM,OAAO,IAAI,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;YACxC,MAAM,SAAS,GAAG,qBAAqB,CAAC,QAAQ,EAAE,UAAU,EAAE,OAAO,CAAC,CAAC;YACvE,IAAI,CAAC,SAAS;gBAAE,SAAS;YACzB,MAAM,QAAQ,GAAG,QAAQ,CAAC,SAAS,CAAC,CAAC;YACrC,MAAM,QAAQ,GAAG,QAAQ,CAAC,OAAO,IAAI,EAAE,CAAC;YACxC,MAAM,SAAS,GAAG,QAAQ,CAAC,IAAI,IAAI,iBAAiB,CAAC,SAAS,CAAC,CAAC;YAChE,MAAM,MAAM,GACV,UAAU,KAAK,EAAE;gBACf,CAAC,CAAC,UAAU,EAAE;gBACd,CAAC,CAAC,UAAU,CACR,KAAK,EACL,UAAU,EACV,iBAAiB,CAAC,UAAU,CAAC,EAC7B,QAAQ,CAAC,UAAU,CAAC,CAAC,OAAO,IAAI,EAAE,CACnC,CAAC;YACR,MAAM,IAAI,GAAG,UAAU,CAAC,KAAK,EAAE,SAAS,EAAE,SAAS,EAAE,QAAQ,CAAC,CAAC;YAC/D,IAAI,MAAM,IAAI,IAAI;gBAAE,KAAK,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC;QAC5E,CAAC;IACH,CAAC,CAAC;IAEF,QAAQ,CAAC,EAAE,EAAE,SAAS,CAAC,YAAY,EAAE,cAAc,CAAC,CAAC;IACrD,QAAQ,CAAC,EAAE,EAAE,SAAS,CAAC,eAAe,EAAE,iBAAiB,CAAC,CAAC;IAC3D,QAAQ,CAAC,EAAE,EAAE,SAAS,CAAC,oBAAoB,EAAE,sBAAsB,CAAC,CAAC;IACrE,QAAQ,CAAC,EAAE,EAAE,SAAS,CAAC,gBAAgB,EAAE,kBAAkB,CAAC,CAAC;IAE7D,KAAK,MAAM,OAAO,IAAI,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC;QAC5C,IAAI,OAAO,KAAK,EAAE;YAAE,SAAS;QAC7B,MAAM,GAAG,GAAG,QAAQ,CAAC,OAAO,CAAC,CAAC;QAC9B,QAAQ,CAAC,OAAO,EAAE,GAAG,CAAC,YAAY,EAAE,cAAc,CAAC,CAAC;QACpD,QAAQ,CAAC,OAAO,EAAE,GAAG,CAAC,eAAe,EAAE,iBAAiB,CAAC,CAAC;QAC1D,QAAQ,CAAC,OAAO,EAAE,GAAG,CAAC,oBAAoB,EAAE,sBAAsB,CAAC,CAAC;QACpE,QAAQ,CAAC,OAAO,EAAE,GAAG,CAAC,gBAAgB,EAAE,kBAAkB,CAAC,CAAC;IAC9D,CAAC;IAED,OAAO;QACL,KAAK;QACL,KAAK;QACL,OAAO;QACP,YAAY,EAAE,KAAK;QACnB,aAAa;KACd,CAAC;AACJ,CAAC;AAED,SAAS,iBAAiB,CAAC,OAAe;IACxC,MAAM,GAAG,GAAG,OAAO,CAAC,WAAW,CAAC,eAAe,CAAC,CAAC;IACjD,IAAI,GAAG,KAAK,CAAC,CAAC;QAAE,OAAO,OAAO,CAAC;IAC/B,OAAO,OAAO,CAAC,KAAK,CAAC,GAAG,GAAG,eAAe,CAAC,MAAM,CAAC,CAAC;AACrD,CAAC;AAED,SAAS,UAAU,CACjB,KAAkC,EAClC,OAAe,EACf,IAAY,EACZ,OAAe;IAEf,KAAK,MAAM,CAAC,IAAI,KAAK,CAAC,MAAM,EAAE,EAAE,CAAC;QAC/B,IAAI,CAAC,CAAC,OAAO,KAAK,OAAO,IAAI,CAAC,CAAC,IAAI,KAAK,IAAI,IAAI,CAAC,CAAC,OAAO,KAAK,OAAO;YAAE,OAAO,CAAC,CAAC,EAAE,CAAC;IACrF,CAAC;IACD,OAAO,SAAS,CAAC;AACnB,CAAC;AAED,SAAS,iBAAiB,CACxB,OAAiB,EACjB,KAAkC,EAClC,aAAoC,EACpC,SAAmB;IAEnB,MAAM,IAAI,GAAG,SAAS,CAAC,IAAI,IAAI,UAAU,CAAC;IAC1C,MAAM,GAAG,GAAG,SAAS,CAAC,OAAO,IAAI,OAAO,CAAC;IACzC,MAAM,OAAO,GAAG,EAAE,CAAC;IACnB,MAAM,EAAE,GAAG,GAAG,OAAO,KAAK,IAAI,IAAI,GAAG,EAAE,CAAC;IACxC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,CAAC;QACnB,MAAM,IAAI,GAAmB;YAC3B,EAAE;YACF,OAAO;YACP,IAAI;YACJ,OAAO,EAAE,GAAG;YACZ,GAAG,EAAE,KAAK;YACV,QAAQ,EAAE,KAAK;YACf,IAAI,EAAE,KAAK;SACZ,CAAC;QACF,KAAK,CAAC,GAAG,CAAC,EAAE,EAAE,IAAI,CAAC,CAAC;QACpB,MAAM,IAAI,GAAG,aAAa,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC;QAC3C,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACd,aAAa,CAAC,GAAG,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;IAChC,CAAC;IACD,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,EAAE,CAAC;QAAE,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IAC5C,OAAO,EAAE,CAAC;AACZ,CAAC;AAED,SAAS,UAAU;IACjB,OAAO;QACL,KAAK,EAAE,IAAI,GAAG,EAAE;QAChB,KAAK,EAAE,EAAE;QACT,OAAO,EAAE,EAAE;QACX,YAAY,EAAE,SAAS;QACvB,aAAa,EAAE,IAAI,GAAG,EAAE;KACzB,CAAC;AACJ,CAAC"}

package/dist/core/graph-engine/pnpm-lock.d.ts

@@ -0,0 +1,4 @@
+import type { DependencyGraphSnapshot } from "../models.js";
+/** Build graph from pnpm-lock.yaml (lockfile 6.x–9.x style with `packages` map). */
+export declare function buildGraphFromPnpmLock(content: string): DependencyGraphSnapshot;
+//# sourceMappingURL=pnpm-lock.d.ts.map

package/dist/core/graph-engine/pnpm-lock.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"pnpm-lock.d.ts","sourceRoot":"","sources":["../../../src/core/graph-engine/pnpm-lock.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAkB,uBAAuB,EAAkB,MAAM,cAAc,CAAC;AAE5F,oFAAoF;AACpF,wBAAgB,sBAAsB,CACpC,OAAO,EAAE,MAAM,GACd,uBAAuB,CA4JzB"}

package/dist/core/graph-engine/pnpm-lock.js

@@ -0,0 +1,152 @@
+import { parse as parseYaml } from "yaml";
+/** Build graph from pnpm-lock.yaml (lockfile 6.x–9.x style with `packages` map). */
+export function buildGraphFromPnpmLock(content) {
+    const doc = parseYaml(content);
+    const packages = doc.packages;
+    if (!packages || typeof packages !== "object") {
+        return empty();
+    }
+    const nodes = new Map();
+    const edges = [];
+    const byPackageName = new Map();
+    const rootIds = [];
+    const nodeIdForKey = (lockKey, name, ver) => `pnpm:${lockKey}::${name}@${ver}`;
+    const register = (lockKey, name, ver, dev, opt) => {
+        const id = nodeIdForKey(lockKey, name, ver);
+        if (nodes.has(id))
+            return id;
+        const n = {
+            id,
+            pathKey: lockKey,
+            name,
+            version: ver,
+            dev,
+            optional: opt,
+            peer: false,
+        };
+        nodes.set(id, n);
+        const arr = byPackageName.get(name) ?? [];
+        arr.push(id);
+        byPackageName.set(name, arr);
+        return id;
+    };
+    const parsePkgKey = (k) => {
+        if (!k.startsWith("/"))
+            return undefined;
+        const parts = k.slice(1).split("/").filter(Boolean);
+        if (parts.length < 2)
+            return undefined;
+        if (parts[0]?.startsWith("@")) {
+            const name = `${parts[0]}/${parts[1]}`;
+            const version = parts[2] ?? "";
+            if (!version)
+                return undefined;
+            return { name, version };
+        }
+        const name = parts[0] ?? "";
+        const version = parts[1] ?? "";
+        return { name, version };
+    };
+    const resolveKey = (depName, depVersion) => {
+        const v = depVersion.replace(/^\^|~|\*/g, "").trim();
+        if (depName.startsWith("@")) {
+            const cand = `/${depName}/${v}`;
+            if (packages[cand])
+                return cand;
+        }
+        else {
+            const cand = `/${depName}/${v}`;
+            if (packages[cand])
+                return cand;
+        }
+        for (const key of Object.keys(packages)) {
+            const p = parsePkgKey(key);
+            if (p && p.name === depName && (p.version === v || p.version.startsWith(v)))
+                return key;
+        }
+        return undefined;
+    };
+    for (const lockKey of Object.keys(packages)) {
+        const p = parsePkgKey(lockKey);
+        if (!p)
+            continue;
+        const ent = packages[lockKey] ?? {};
+        const dev = Boolean(ent.dev === "true");
+        const opt = Boolean(ent.optional === "true");
+        register(lockKey, p.name, p.version, dev, opt);
+    }
+    for (const lockKey of Object.keys(packages)) {
+        const fromP = parsePkgKey(lockKey);
+        if (!fromP)
+            continue;
+        const ent = packages[lockKey] ?? {};
+        const fromId = register(lockKey, fromP.name, fromP.version, false, false);
+        const deps = ent.dependencies;
+        const optDeps = ent
+            .optionalDependencies;
+        const devDeps = ent.devDependencies;
+        const peerDeps = ent.peerDependencies;
+        const link = (m, t) => {
+            if (!m)
+                return;
+            for (const [dname, dver] of Object.entries(m)) {
+                const tgt = resolveKey(dname, dver);
+                if (!tgt)
+                    continue;
+                const tp = parsePkgKey(tgt);
+                if (!tp)
+                    continue;
+                const toId = register(tgt, tp.name, tp.version, false, false);
+                edges.push({ from: fromId, to: toId, depType: t });
+            }
+        };
+        link(deps, "dependencies");
+        link(optDeps, "optionalDependencies");
+        link(devDeps, "devDependencies");
+        link(peerDeps, "peerDependencies");
+    }
+    const importers = doc.importers;
+    if (importers) {
+        for (const [impPath, imp] of Object.entries(importers)) {
+            const rootName = impPath === "." ? "__workspace_root__" : impPath;
+            const rootVer = "0.0.0";
+            const rootKey = `importer:${impPath}`;
+            const rootId = register(rootKey, rootName, rootVer, false, false);
+            rootIds.push(rootId);
+            const linkImp = (block, t) => {
+                if (!block)
+                    return;
+                for (const [dname, spec] of Object.entries(block)) {
+                    const v = spec.version ?? spec.specifier ?? "";
+                    const tgt = resolveKey(dname, v);
+                    if (!tgt)
+                        continue;
+                    const tp = parsePkgKey(tgt);
+                    if (!tp)
+                        continue;
+                    const toId = register(tgt, tp.name, tp.version, false, false);
+                    edges.push({ from: rootId, to: toId, depType: t });
+                }
+            };
+            linkImp(imp.dependencies, "dependencies");
+            linkImp(imp.devDependencies, "devDependencies");
+        }
+    }
+    return {
+        nodes,
+        edges,
+        rootIds,
+        lockfileKind: "pnpm",
+        byPackageName,
+    };
+}
+function empty() {
+    return {
+        nodes: new Map(),
+        edges: [],
+        rootIds: [],
+        lockfileKind: "unknown",
+        byPackageName: new Map(),
+    };
+}
+//# sourceMappingURL=pnpm-lock.js.map

package/dist/core/graph-engine/pnpm-lock.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"pnpm-lock.js","sourceRoot":"","sources":["../../../src/core/graph-engine/pnpm-lock.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,IAAI,SAAS,EAAE,MAAM,MAAM,CAAC;AAG1C,oFAAoF;AACpF,MAAM,UAAU,sBAAsB,CACpC,OAAe;IAEf,MAAM,GAAG,GAAG,SAAS,CAAC,OAAO,CAA4B,CAAC;IAC1D,MAAM,QAAQ,GAAG,GAAG,CAAC,QAA8D,CAAC;IACpF,IAAI,CAAC,QAAQ,IAAI,OAAO,QAAQ,KAAK,QAAQ,EAAE,CAAC;QAC9C,OAAO,KAAK,EAAE,CAAC;IACjB,CAAC;IAED,MAAM,KAAK,GAAG,IAAI,GAAG,EAA0B,CAAC;IAChD,MAAM,KAAK,GAAqB,EAAE,CAAC;IACnC,MAAM,aAAa,GAAG,IAAI,GAAG,EAAoB,CAAC;IAClD,MAAM,OAAO,GAAa,EAAE,CAAC;IAE7B,MAAM,YAAY,GAAG,CAAC,OAAe,EAAE,IAAY,EAAE,GAAW,EAAE,EAAE,CAClE,QAAQ,OAAO,KAAK,IAAI,IAAI,GAAG,EAAE,CAAC;IAEpC,MAAM,QAAQ,GAAG,CACf,OAAe,EACf,IAAY,EACZ,GAAW,EACX,GAAY,EACZ,GAAY,EACZ,EAAE;QACF,MAAM,EAAE,GAAG,YAAY,CAAC,OAAO,EAAE,IAAI,EAAE,GAAG,CAAC,CAAC;QAC5C,IAAI,KAAK,CAAC,GAAG,CAAC,EAAE,CAAC;YAAE,OAAO,EAAE,CAAC;QAC7B,MAAM,CAAC,GAAmB;YACxB,EAAE;YACF,OAAO,EAAE,OAAO;YAChB,IAAI;YACJ,OAAO,EAAE,GAAG;YACZ,GAAG;YACH,QAAQ,EAAE,GAAG;YACb,IAAI,EAAE,KAAK;SACZ,CAAC;QACF,KAAK,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC;QACjB,MAAM,GAAG,GAAG,aAAa,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC;QAC1C,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACb,aAAa,CAAC,GAAG,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC;QAC7B,OAAO,EAAE,CAAC;IACZ,CAAC,CAAC;IAEF,MAAM,WAAW,GAAG,CAAC,CAAS,EAAiD,EAAE;QAC/E,IAAI,CAAC,CAAC,CAAC,UAAU,CAAC,GAAG,CAAC;YAAE,OAAO,SAAS,CAAC;QACzC,MAAM,KAAK,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;QACpD,IAAI,KAAK,CAAC,MAAM,GAAG,CAAC;YAAE,OAAO,SAAS,CAAC;QACvC,IAAI,KAAK,CAAC,CAAC,CAAC,EAAE,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;YAC9B,MAAM,IAAI,GAAG,GAAG,KAAK,CAAC,CAAC,CAAC,IAAI,KAAK,CAAC,CAAC,CAAC,EAAE,CAAC;YACvC,MAAM,OAAO,GAAG,KAAK,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;YAC/B,IAAI,CAAC,OAAO;gBAAE,OAAO,SAAS,CAAC;YAC/B,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC;QAC3B,CAAC;QACD,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;QAC5B,MAAM,OAAO,GAAG,KAAK,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;QAC/B,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC;IAC3B,CAAC,CAAC;IAEF,MAAM,UAAU,GAAG,CAAC,OAAe,EAAE,UAAkB,EAAsB,EAAE;QAC7E,MAAM,CAAC,GAAG,UAAU,CAAC,OAAO,CAAC,WAAW,EAAE,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC;QACrD,IAAI,OAAO,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;YAC5B,MAAM,IAAI,GAAG,IAAI,OAAO,IAAI,CAAC,EAAE,CAAC;YAChC,IAAI,QAAQ,CAAC,IAAI,CAAC;gBAAE,OAAO,IAAI,CAAC;QAClC,CAAC;aAAM,CAAC;YACN,MAAM,IAAI,GAAG,IAAI,OAAO,IAAI,CAAC,EAAE,CAAC;YAChC,IAAI,QAAQ,CAAC,IAAI,CAAC;gBAAE,OAAO,IAAI,CAAC;QAClC,CAAC;QACD,KAAK,MAAM,GAAG,IAAI,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC;YACxC,MAAM,CAAC,GAAG,WAAW,CAAC,GAAG,CAAC,CAAC;YAC3B,IAAI,CAAC,IAAI,CAAC,CAAC,IAAI,KAAK,OAAO,IAAI,CAAC,CAAC,CAAC,OAAO,KAAK,CAAC,IAAI,CAAC,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC;gBAAE,OAAO,GAAG,CAAC;QAC1F,CAAC;QACD,OAAO,SAAS,CAAC;IACnB,CAAC,CAAC;IAEF,KAAK,MAAM,OAAO,IAAI,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC;QAC5C,MAAM,CAAC,GAAG,WAAW,CAAC,OAAO,CAAC,CAAC;QAC/B,IAAI,CAAC,CAAC;YAAE,SAAS;QACjB,MAAM,GAAG,GAAG,QAAQ,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC;QACpC,MAAM,GAAG,GAAG,OAAO,CAAE,GAAwB,CAAC,GAAG,KAAK,MAAM,CAAC,CAAC;QAC9D,MAAM,GAAG,GAAG,OAAO,CAAE,GAA6B,CAAC,QAAQ,KAAK,MAAM,CAAC,CAAC;QACxE,QAAQ,CAAC,OAAO,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,OAAO,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;IACjD,CAAC;IAED,KAAK,MAAM,OAAO,IAAI,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC;QAC5C,MAAM,KAAK,GAAG,WAAW,CAAC,OAAO,CAAC,CAAC;QACnC,IAAI,CAAC,KAAK;YAAE,SAAS;QACrB,MAAM,GAAG,GAAG,QAAQ,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC;QACpC,MAAM,MAAM,GAAG,QAAQ,CAAC,OAAO,EAAE,KAAK,CAAC,IAAI,EAAE,KAAK,CAAC,OAAO,EAAE,KAAK,EAAE,KAAK,CAAC,CAAC;QAC1E,MAAM,IAAI,GAAI,GAAiD,CAAC,YAAY,CAAC;QAC7E,MAAM,OAAO,GAAI,GAAyD;aACvE,oBAAoB,CAAC;QACxB,MAAM,OAAO,GAAI,GAAoD,CAAC,eAAe,CAAC;QACtF,MAAM,QAAQ,GAAI,GAAqD,CAAC,gBAAgB,CAAC;QAEzF,MAAM,IAAI,GAAG,CACX,CAAqC,EACrC,CAA4B,EAC5B,EAAE;YACF,IAAI,CAAC,CAAC;gBAAE,OAAO;YACf,KAAK,MAAM,CAAC,KAAK,EAAE,IAAI,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,CAAC;gBAC9C,MAAM,GAAG,GAAG,UAAU,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC;gBACpC,IAAI,CAAC,GAAG;oBAAE,SAAS;gBACnB,MAAM,EAAE,GAAG,WAAW,CAAC,GAAG,CAAC,CAAC;gBAC5B,IAAI,CAAC,EAAE;oBAAE,SAAS;gBAClB,MAAM,IAAI,GAAG,QAAQ,CAAC,GAAG,EAAE,EAAE,CAAC,IAAI,EAAE,EAAE,CAAC,OAAO,EAAE,KAAK,EAAE,KAAK,CAAC,CAAC;gBAC9D,KAAK,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC,EAAE,CAAC,CAAC;YACrD,CAAC;QACH,CAAC,CAAC;QACF,IAAI,CAAC,IAAI,EAAE,cAAc,CAAC,CAAC;QAC3B,IAAI,CAAC,OAAO,EAAE,sBAAsB,CAAC,CAAC;QACtC,IAAI,CAAC,OAAO,EAAE,iBAAiB,CAAC,CAAC;QACjC,IAAI,CAAC,QAAQ,EAAE,kBAAkB,CAAC,CAAC;IACrC,CAAC;IAED,MAAM,SAAS,GAAG,GAAG,CAAC,SAQT,CAAC;IAEd,IAAI,SAAS,EAAE,CAAC;QACd,KAAK,MAAM,CAAC,OAAO,EAAE,GAAG,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC,EAAE,CAAC;YACvD,MAAM,QAAQ,GAAG,OAAO,KAAK,GAAG,CAAC,CAAC,CAAC,oBAAoB,CAAC,CAAC,CAAC,OAAO,CAAC;YAClE,MAAM,OAAO,GAAG,OAAO,CAAC;YACxB,MAAM,OAAO,GAAG,YAAY,OAAO,EAAE,CAAC;YACtC,MAAM,MAAM,GAAG,QAAQ,CAAC,OAAO,EAAE,QAAQ,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,CAAC,CAAC;YAClE,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;YAErB,MAAM,OAAO,GAAG,CACd,KAA2E,EAC3E,CAA4B,EAC5B,EAAE;gBACF,IAAI,CAAC,KAAK;oBAAE,OAAO;gBACnB,KAAK,MAAM,CAAC,KAAK,EAAE,IAAI,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;oBAClD,MAAM,CAAC,GAAG,IAAI,CAAC,OAAO,IAAI,IAAI,CAAC,SAAS,IAAI,EAAE,CAAC;oBAC/C,MAAM,GAAG,GAAG,UAAU,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC;oBACjC,IAAI,CAAC,GAAG;wBAAE,SAAS;oBACnB,MAAM,EAAE,GAAG,WAAW,CAAC,GAAG,CAAC,CAAC;oBAC5B,IAAI,CAAC,EAAE;wBAAE,SAAS;oBAClB,MAAM,IAAI,GAAG,QAAQ,CAAC,GAAG,EAAE,EAAE,CAAC,IAAI,EAAE,EAAE,CAAC,OAAO,EAAE,KAAK,EAAE,KAAK,CAAC,CAAC;oBAC9D,KAAK,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC,EAAE,CAAC,CAAC;gBACrD,CAAC;YACH,CAAC,CAAC;YACF,OAAO,CAAC,GAAG,CAAC,YAAY,EAAE,cAAc,CAAC,CAAC;YAC1C,OAAO,CAAC,GAAG,CAAC,eAAe,EAAE,iBAAiB,CAAC,CAAC;QAClD,CAAC;IACH,CAAC;IAED,OAAO;QACL,KAAK;QACL,KAAK;QACL,OAAO;QACP,YAAY,EAAE,MAAiD;QAC/D,aAAa;KACd,CAAC;AACJ,CAAC;AAED,SAAS,KAAK;IACZ,OAAO;QACL,KAAK,EAAE,IAAI,GAAG,EAAE;QAChB,KAAK,EAAE,EAAE;QACT,OAAO,EAAE,EAAE;QACX,YAAY,EAAE,SAAS;QACvB,aAAa,EAAE,IAAI,GAAG,EAAE;KACzB,CAAC;AACJ,CAAC"}

package/dist/core/graph-engine/traverse.d.ts

@@ -0,0 +1,17 @@
+import { Graph } from "graphlib";
+import type { DependencyGraphSnapshot, DependencyNode } from "../models.js";
+export interface GraphIndexes {
+    forward: Graph;
+    reverse: Graph;
+    nodeById: Map<string, import("../models.js").DependencyNode>;
+}
+export declare function buildIndexes(snapshot: DependencyGraphSnapshot): GraphIndexes;
+/** Shortest path (fewest edges) from any root to target using BFS on reverse graph from target... actually we need path from root to vulnerable: BFS forward from roots */
+export declare function shortestPathFromRoots(snapshot: DependencyGraphSnapshot, indexes: GraphIndexes, targetId: string): string[] | null;
+export declare function dfsAllPathsWithLimit(indexes: GraphIndexes, fromId: string, toId: string, maxPaths: number, maxDepth: number): string[][];
+export declare function reverseLookupConsumers(indexes: GraphIndexes, packageNodeId: string): string[];
+/** All transitive predecessors (who depends on this) */
+export declare function impactSet(indexes: GraphIndexes, packageNodeId: string): Set<string>;
+export declare function duplicateVersions(snapshot: DependencyGraphSnapshot): Map<string, Set<string>>;
+export declare function formatPathNames(pathIds: string[], nodes: Map<string, DependencyNode>): string;
+//# sourceMappingURL=traverse.d.ts.map

package/dist/core/graph-engine/traverse.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"traverse.d.ts","sourceRoot":"","sources":["../../../src/core/graph-engine/traverse.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,EAAE,MAAM,UAAU,CAAC;AACjC,OAAO,KAAK,EAAE,uBAAuB,EAAE,cAAc,EAAE,MAAM,cAAc,CAAC;AAE5E,MAAM,WAAW,YAAY;IAC3B,OAAO,EAAE,KAAK,CAAC;IACf,OAAO,EAAE,KAAK,CAAC;IACf,QAAQ,EAAE,GAAG,CAAC,MAAM,EAAE,OAAO,cAAc,EAAE,cAAc,CAAC,CAAC;CAC9D;AAED,wBAAgB,YAAY,CAAC,QAAQ,EAAE,uBAAuB,GAAG,YAAY,CAkB5E;AAED,2KAA2K;AAC3K,wBAAgB,qBAAqB,CACnC,QAAQ,EAAE,uBAAuB,EACjC,OAAO,EAAE,YAAY,EACrB,QAAQ,EAAE,MAAM,GACf,MAAM,EAAE,GAAG,IAAI,CAsCjB;AAED,wBAAgB,oBAAoB,CAClC,OAAO,EAAE,YAAY,EACrB,MAAM,EAAE,MAAM,EACd,IAAI,EAAE,MAAM,EACZ,QAAQ,EAAE,MAAM,EAChB,QAAQ,EAAE,MAAM,GACf,MAAM,EAAE,EAAE,CAoBZ;AAED,wBAAgB,sBAAsB,CACpC,OAAO,EAAE,YAAY,EACrB,aAAa,EAAE,MAAM,GACpB,MAAM,EAAE,CAGV;AAED,wDAAwD;AACxD,wBAAgB,SAAS,CAAC,OAAO,EAAE,YAAY,EAAE,aAAa,EAAE,MAAM,GAAG,GAAG,CAAC,MAAM,CAAC,CAUnF;AAED,wBAAgB,iBAAiB,CAAC,QAAQ,EAAE,uBAAuB,GAAG,GAAG,CAAC,MAAM,EAAE,GAAG,CAAC,MAAM,CAAC,CAAC,CAY7F;AAED,wBAAgB,eAAe,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE,KAAK,EAAE,GAAG,CAAC,MAAM,EAAE,cAAc,CAAC,GAAG,MAAM,CAO7F"}

package/dist/core/graph-engine/traverse.js

@@ -0,0 +1,125 @@
+import { Graph } from "graphlib";
+export function buildIndexes(snapshot) {
+    const forward = new Graph({ directed: true, multigraph: false });
+    const reverse = new Graph({ directed: true, multigraph: false });
+    const nodeById = new Map(snapshot.nodes);
+    for (const n of snapshot.nodes.keys()) {
+        forward.setNode(n);
+        reverse.setNode(n);
+    }
+    for (const e of snapshot.edges) {
+        if (!forward.hasNode(e.from) || !forward.hasNode(e.to))
+            continue;
+        const label = `${e.depType}`;
+        if (!forward.hasEdge(e.from, e.to))
+            forward.setEdge(e.from, e.to, label);
+        if (!reverse.hasEdge(e.to, e.from))
+            reverse.setEdge(e.to, e.from, label);
+    }
+    return { forward, reverse, nodeById };
+}
+/** Shortest path (fewest edges) from any root to target using BFS on reverse graph from target... actually we need path from root to vulnerable: BFS forward from roots */
+export function shortestPathFromRoots(snapshot, indexes, targetId) {
+    const { forward } = indexes;
+    if (!forward.hasNode(targetId))
+        return null;
+    const roots = new Set(snapshot.rootIds.filter((r) => forward.hasNode(r)));
+    if (roots.size === 0) {
+        for (const n of forward.nodes()) {
+            const preds = forward.predecessors(n) ?? [];
+            if (preds.length === 0)
+                roots.add(n);
+        }
+    }
+    const queue = [...roots];
+    const prev = new Map();
+    for (const r of roots)
+        prev.set(r, null);
+    const seen = new Set(queue);
+    while (queue.length) {
+        const u = queue.shift();
+        if (u === targetId)
+            break;
+        const succ = forward.successors(u) ?? [];
+        for (const v of succ) {
+            if (seen.has(v))
+                continue;
+            seen.add(v);
+            prev.set(v, u);
+            queue.push(v);
+        }
+    }
+    if (!seen.has(targetId))
+        return null;
+    const path = [];
+    let cur = targetId;
+    while (cur != null) {
+        path.push(cur);
+        cur = prev.get(cur) ?? null;
+    }
+    path.reverse();
+    return path;
+}
+export function dfsAllPathsWithLimit(indexes, fromId, toId, maxPaths, maxDepth) {
+    const paths = [];
+    const path = [fromId];
+    const visit = (u, depth) => {
+        if (paths.length >= maxPaths)
+            return;
+        if (depth > maxDepth)
+            return;
+        if (u === toId) {
+            paths.push([...path]);
+            return;
+        }
+        for (const v of indexes.forward.successors(u) ?? []) {
+            path.push(v);
+            visit(v, depth + 1);
+            path.pop();
+        }
+    };
+    visit(fromId, 0);
+    return paths;
+}
+export function reverseLookupConsumers(indexes, packageNodeId) {
+    if (!indexes.reverse.hasNode(packageNodeId))
+        return [];
+    return indexes.reverse.successors(packageNodeId) ?? [];
+}
+/** All transitive predecessors (who depends on this) */
+export function impactSet(indexes, packageNodeId) {
+    const out = new Set();
+    const q = [...reverseLookupConsumers(indexes, packageNodeId)];
+    while (q.length) {
+        const u = q.pop();
+        if (out.has(u))
+            continue;
+        out.add(u);
+        for (const p of reverseLookupConsumers(indexes, u))
+            q.push(p);
+    }
+    return out;
+}
+export function duplicateVersions(snapshot) {
+    const m = new Map();
+    for (const n of snapshot.nodes.values()) {
+        const s = m.get(n.name) ?? new Set();
+        s.add(n.version);
+        m.set(n.name, s);
+    }
+    const dup = new Map();
+    for (const [name, vers] of m) {
+        if (vers.size > 1)
+            dup.set(name, vers);
+    }
+    return dup;
+}
+export function formatPathNames(pathIds, nodes) {
+    return pathIds
+        .map((id) => {
+        const n = nodes.get(id);
+        return n ? `${n.name}@${n.version}` : id;
+    })
+        .join(" → ");
+}
+//# sourceMappingURL=traverse.js.map

package/dist/core/graph-engine/traverse.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"traverse.js","sourceRoot":"","sources":["../../../src/core/graph-engine/traverse.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,EAAE,MAAM,UAAU,CAAC;AASjC,MAAM,UAAU,YAAY,CAAC,QAAiC;IAC5D,MAAM,OAAO,GAAG,IAAI,KAAK,CAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,UAAU,EAAE,KAAK,EAAE,CAAC,CAAC;IACjE,MAAM,OAAO,GAAG,IAAI,KAAK,CAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,UAAU,EAAE,KAAK,EAAE,CAAC,CAAC;IACjE,MAAM,QAAQ,GAAG,IAAI,GAAG,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;IAEzC,KAAK,MAAM,CAAC,IAAI,QAAQ,CAAC,KAAK,CAAC,IAAI,EAAE,EAAE,CAAC;QACtC,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC;QACnB,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC;IACrB,CAAC;IAED,KAAK,MAAM,CAAC,IAAI,QAAQ,CAAC,KAAK,EAAE,CAAC;QAC/B,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,CAAC;YAAE,SAAS;QACjE,MAAM,KAAK,GAAG,GAAG,CAAC,CAAC,OAAO,EAAE,CAAC;QAC7B,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,EAAE,CAAC;YAAE,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,EAAE,EAAE,KAAK,CAAC,CAAC;QACzE,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,IAAI,CAAC;YAAE,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC;IAC3E,CAAC;IAED,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,QAAQ,EAAE,CAAC;AACxC,CAAC;AAED,2KAA2K;AAC3K,MAAM,UAAU,qBAAqB,CACnC,QAAiC,EACjC,OAAqB,EACrB,QAAgB;IAEhB,MAAM,EAAE,OAAO,EAAE,GAAG,OAAO,CAAC;IAC5B,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,QAAQ,CAAC;QAAE,OAAO,IAAI,CAAC;IAE5C,MAAM,KAAK,GAAG,IAAI,GAAG,CAAC,QAAQ,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IAC1E,IAAI,KAAK,CAAC,IAAI,KAAK,CAAC,EAAE,CAAC;QACrB,KAAK,MAAM,CAAC,IAAI,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC;YAChC,MAAM,KAAK,GAAG,OAAO,CAAC,YAAY,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;YAC5C,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC;gBAAE,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;QACvC,CAAC;IACH,CAAC;IAED,MAAM,KAAK,GAAa,CAAC,GAAG,KAAK,CAAC,CAAC;IACnC,MAAM,IAAI,GAAG,IAAI,GAAG,EAAyB,CAAC;IAC9C,KAAK,MAAM,CAAC,IAAI,KAAK;QAAE,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC;IACzC,MAAM,IAAI,GAAG,IAAI,GAAG,CAAC,KAAK,CAAC,CAAC;IAE5B,OAAO,KAAK,CAAC,MAAM,EAAE,CAAC;QACpB,MAAM,CAAC,GAAG,KAAK,CAAC,KAAK,EAAG,CAAC;QACzB,IAAI,CAAC,KAAK,QAAQ;YAAE,MAAM;QAC1B,MAAM,IAAI,GAAG,OAAO,CAAC,UAAU,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;QACzC,KAAK,MAAM,CAAC,IAAI,IAAI,EAAE,CAAC;YACrB,IAAI,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;gBAAE,SAAS;YAC1B,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;YACZ,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;YACf,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAChB,CAAC;IACH,CAAC;IAED,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,QAAQ,CAAC;QAAE,OAAO,IAAI,CAAC;IACrC,MAAM,IAAI,GAAa,EAAE,CAAC;IAC1B,IAAI,GAAG,GAAkB,QAAQ,CAAC;IAClC,OAAO,GAAG,IAAI,IAAI,EAAE,CAAC;QACnB,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QACf,GAAG,GAAG,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,IAAI,IAAI,CAAC;IAC9B,CAAC;IACD,IAAI,CAAC,OAAO,EAAE,CAAC;IACf,OAAO,IAAI,CAAC;AACd,CAAC;AAED,MAAM,UAAU,oBAAoB,CAClC,OAAqB,EACrB,MAAc,EACd,IAAY,EACZ,QAAgB,EAChB,QAAgB;IAEhB,MAAM,KAAK,GAAe,EAAE,CAAC;IAC7B,MAAM,IAAI,GAAa,CAAC,MAAM,CAAC,CAAC;IAEhC,MAAM,KAAK,GAAG,CAAC,CAAS,EAAE,KAAa,EAAE,EAAE;QACzC,IAAI,KAAK,CAAC,MAAM,IAAI,QAAQ;YAAE,OAAO;QACrC,IAAI,KAAK,GAAG,QAAQ;YAAE,OAAO;QAC7B,IAAI,CAAC,KAAK,IAAI,EAAE,CAAC;YACf,KAAK,CAAC,IAAI,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC;YACtB,OAAO;QACT,CAAC;QACD,KAAK,MAAM,CAAC,IAAI,OAAO,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC;YACpD,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YACb,KAAK,CAAC,CAAC,EAAE,KAAK,GAAG,CAAC,CAAC,CAAC;YACpB,IAAI,CAAC,GAAG,EAAE,CAAC;QACb,CAAC;IACH,CAAC,CAAC;IAEF,KAAK,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC;IACjB,OAAO,KAAK,CAAC;AACf,CAAC;AAED,MAAM,UAAU,sBAAsB,CACpC,OAAqB,EACrB,aAAqB;IAErB,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,OAAO,CAAC,aAAa,CAAC;QAAE,OAAO,EAAE,CAAC;IACvD,OAAO,OAAO,CAAC,OAAO,CAAC,UAAU,CAAC,aAAa,CAAC,IAAI,EAAE,CAAC;AACzD,CAAC;AAED,wDAAwD;AACxD,MAAM,UAAU,SAAS,CAAC,OAAqB,EAAE,aAAqB;IACpE,MAAM,GAAG,GAAG,IAAI,GAAG,EAAU,CAAC;IAC9B,MAAM,CAAC,GAAG,CAAC,GAAG,sBAAsB,CAAC,OAAO,EAAE,aAAa,CAAC,CAAC,CAAC;IAC9D,OAAO,CAAC,CAAC,MAAM,EAAE,CAAC;QAChB,MAAM,CAAC,GAAG,CAAC,CAAC,GAAG,EAAG,CAAC;QACnB,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC;YAAE,SAAS;QACzB,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;QACX,KAAK,MAAM,CAAC,IAAI,sBAAsB,CAAC,OAAO,EAAE,CAAC,CAAC;YAAE,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAChE,CAAC;IACD,OAAO,GAAG,CAAC;AACb,CAAC;AAED,MAAM,UAAU,iBAAiB,CAAC,QAAiC;IACjE,MAAM,CAAC,GAAG,IAAI,GAAG,EAAuB,CAAC;IACzC,KAAK,MAAM,CAAC,IAAI,QAAQ,CAAC,KAAK,CAAC,MAAM,EAAE,EAAE,CAAC;QACxC,MAAM,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,IAAI,GAAG,EAAU,CAAC;QAC7C,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC;QACjB,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC;IACnB,CAAC;IACD,MAAM,GAAG,GAAG,IAAI,GAAG,EAAuB,CAAC;IAC3C,KAAK,MAAM,CAAC,IAAI,EAAE,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;QAC7B,IAAI,IAAI,CAAC,IAAI,GAAG,CAAC;YAAE,GAAG,CAAC,GAAG,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;IACzC,CAAC;IACD,OAAO,GAAG,CAAC;AACb,CAAC;AAED,MAAM,UAAU,eAAe,CAAC,OAAiB,EAAE,KAAkC;IACnF,OAAO,OAAO;SACX,GAAG,CAAC,CAAC,EAAE,EAAE,EAAE;QACV,MAAM,CAAC,GAAG,KAAK,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QACxB,OAAO,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,IAAI,CAAC,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;IAC3C,CAAC,CAAC;SACD,IAAI,CAAC,KAAK,CAAC,CAAC;AACjB,CAAC"}

package/dist/core/graph-engine/yarn-lock.d.ts

@@ -0,0 +1,4 @@
+import type { DependencyGraphSnapshot } from "../models.js";
+/** Parse yarn.lock v1 into dependency graph (resolved versions as nodes). */
+export declare function buildGraphFromYarnLock(content: string): DependencyGraphSnapshot;
+//# sourceMappingURL=yarn-lock.d.ts.map

package/dist/core/graph-engine/yarn-lock.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"yarn-lock.d.ts","sourceRoot":"","sources":["../../../src/core/graph-engine/yarn-lock.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAkB,uBAAuB,EAAkB,MAAM,cAAc,CAAC;AAE5F,6EAA6E;AAC7E,wBAAgB,sBAAsB,CAAC,OAAO,EAAE,MAAM,GAAG,uBAAuB,CAmI/E"}

package/dist/core/graph-engine/yarn-lock.js

@@ -0,0 +1,128 @@
+import lockfile from "@yarnpkg/lockfile";
+/** Parse yarn.lock v1 into dependency graph (resolved versions as nodes). */
+export function buildGraphFromYarnLock(content) {
+    const parsed = lockfile.parse(content);
+    if (parsed.type !== "success" || !parsed.object) {
+        return empty();
+    }
+    const obj = parsed.object;
+    const nodes = new Map();
+    const edges = [];
+    const byPackageName = new Map();
+    const rootIds = [];
+    const parseKey = (key) => {
+        const idx = key.lastIndexOf("@");
+        if (idx <= 0)
+            return undefined;
+        const name = key.slice(0, idx);
+        const range = key.slice(idx + 1);
+        if (!name || !range)
+            return undefined;
+        return { name, range };
+    };
+    const canonicalId = (name, version) => `yarn:${name}@${version}`;
+    const register = (name, version) => {
+        const id = canonicalId(name, version);
+        if (nodes.has(id))
+            return id;
+        const n = {
+            id,
+            pathKey: id,
+            name,
+            version,
+            dev: false,
+            optional: false,
+            peer: false,
+        };
+        nodes.set(id, n);
+        const arr = byPackageName.get(name) ?? [];
+        arr.push(id);
+        byPackageName.set(name, arr);
+        return id;
+    };
+    /** name+constraint -> resolved version from lockfile entries */
+    const resolveVersion = (name, constraint) => {
+        for (const [k, v] of Object.entries(obj)) {
+            const p = parseKey(k);
+            if (!p)
+                continue;
+            if (p.name === name && (v.version === constraint || k.includes(constraint))) {
+                return v.version;
+            }
+        }
+        for (const [, v] of Object.entries(obj)) {
+            if (v.version === constraint)
+                return v.version;
+        }
+        return undefined;
+    };
+    for (const key of Object.keys(obj)) {
+        const pk = parseKey(key);
+        if (!pk)
+            continue;
+        const entry = obj[key];
+        register(pk.name, entry.version);
+    }
+    const rootId = register("__root__", "0.0.0");
+    rootIds.push(rootId);
+    const directDeps = new Set();
+    for (const key of Object.keys(obj)) {
+        const pk = parseKey(key);
+        if (!pk)
+            continue;
+        const entry = obj[key];
+        if (key === `${pk.name}@${entry.version}` ||
+            pk.range === entry.version ||
+            obj[`${pk.name}@${entry.version}`]) {
+            directDeps.add(`${pk.name}@${entry.version}`);
+        }
+    }
+    for (const key of Object.keys(obj)) {
+        const pk = parseKey(key);
+        if (!pk)
+            continue;
+        const entry = obj[key];
+        const fromId = register(pk.name, entry.version);
+        const link = (m, t) => {
+            if (!m)
+                return;
+            for (const [dname, dconstraint] of Object.entries(m)) {
+                const ver = resolveVersion(dname, dconstraint) ?? dconstraint;
+                const toId = register(dname, ver);
+                edges.push({ from: fromId, to: toId, depType: t });
+            }
+        };
+        link(entry.dependencies, "dependencies");
+        link(entry.optionalDependencies, "optionalDependencies");
+    }
+    for (const key of Object.keys(obj)) {
+        const pk = parseKey(key);
+        if (!pk)
+            continue;
+        const entry = obj[key];
+        const isLikelyTop = !pk.range.includes("^") &&
+            !pk.range.includes("~") &&
+            pk.range === entry.version;
+        if (isLikelyTop) {
+            const toId = register(pk.name, entry.version);
+            edges.push({ from: rootId, to: toId, depType: "dependencies" });
+        }
+    }
+    return {
+        nodes,
+        edges,
+        rootIds,
+        lockfileKind: "yarn-classic",
+        byPackageName,
+    };
+}
+function empty() {
+    return {
+        nodes: new Map(),
+        edges: [],
+        rootIds: [],
+        lockfileKind: "unknown",
+        byPackageName: new Map(),
+    };
+}
+//# sourceMappingURL=yarn-lock.js.map

package/dist/core/graph-engine/yarn-lock.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"yarn-lock.js","sourceRoot":"","sources":["../../../src/core/graph-engine/yarn-lock.ts"],"names":[],"mappings":"AAAA,OAAO,QAAQ,MAAM,mBAAmB,CAAC;AAGzC,6EAA6E;AAC7E,MAAM,UAAU,sBAAsB,CAAC,OAAe;IACpD,MAAM,MAAM,GAAG,QAAQ,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;IACvC,IAAI,MAAM,CAAC,IAAI,KAAK,SAAS,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC;QAChD,OAAO,KAAK,EAAE,CAAC;IACjB,CAAC;IAED,MAAM,GAAG,GAAG,MAAM,CAAC,MAOlB,CAAC;IAEF,MAAM,KAAK,GAAG,IAAI,GAAG,EAA0B,CAAC;IAChD,MAAM,KAAK,GAAqB,EAAE,CAAC;IACnC,MAAM,aAAa,GAAG,IAAI,GAAG,EAAoB,CAAC;IAClD,MAAM,OAAO,GAAa,EAAE,CAAC;IAE7B,MAAM,QAAQ,GAAG,CAAC,GAAW,EAA+C,EAAE;QAC5E,MAAM,GAAG,GAAG,GAAG,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC;QACjC,IAAI,GAAG,IAAI,CAAC;YAAE,OAAO,SAAS,CAAC;QAC/B,MAAM,IAAI,GAAG,GAAG,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;QAC/B,MAAM,KAAK,GAAG,GAAG,CAAC,KAAK,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC;QACjC,IAAI,CAAC,IAAI,IAAI,CAAC,KAAK;YAAE,OAAO,SAAS,CAAC;QACtC,OAAO,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC;IACzB,CAAC,CAAC;IAEF,MAAM,WAAW,GAAG,CAAC,IAAY,EAAE,OAAe,EAAE,EAAE,CAAC,QAAQ,IAAI,IAAI,OAAO,EAAE,CAAC;IAEjF,MAAM,QAAQ,GAAG,CAAC,IAAY,EAAE,OAAe,EAAE,EAAE;QACjD,MAAM,EAAE,GAAG,WAAW,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC;QACtC,IAAI,KAAK,CAAC,GAAG,CAAC,EAAE,CAAC;YAAE,OAAO,EAAE,CAAC;QAC7B,MAAM,CAAC,GAAmB;YACxB,EAAE;YACF,OAAO,EAAE,EAAE;YACX,IAAI;YACJ,OAAO;YACP,GAAG,EAAE,KAAK;YACV,QAAQ,EAAE,KAAK;YACf,IAAI,EAAE,KAAK;SACZ,CAAC;QACF,KAAK,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC;QACjB,MAAM,GAAG,GAAG,aAAa,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC;QAC1C,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACb,aAAa,CAAC,GAAG,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC;QAC7B,OAAO,EAAE,CAAC;IACZ,CAAC,CAAC;IAEF,gEAAgE;IAChE,MAAM,cAAc,GAAG,CAAC,IAAY,EAAE,UAAkB,EAAsB,EAAE;QAC9E,KAAK,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC;YACzC,MAAM,CAAC,GAAG,QAAQ,CAAC,CAAC,CAAC,CAAC;YACtB,IAAI,CAAC,CAAC;gBAAE,SAAS;YACjB,IAAI,CAAC,CAAC,IAAI,KAAK,IAAI,IAAI,CAAC,CAAC,CAAC,OAAO,KAAK,UAAU,IAAI,CAAC,CAAC,QAAQ,CAAC,UAAU,CAAC,CAAC,EAAE,CAAC;gBAC5E,OAAO,CAAC,CAAC,OAAO,CAAC;YACnB,CAAC;QACH,CAAC;QACD,KAAK,MAAM,CAAC,EAAE,CAAC,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC;YACxC,IAAI,CAAC,CAAC,OAAO,KAAK,UAAU;gBAAE,OAAO,CAAC,CAAC,OAAO,CAAC;QACjD,CAAC;QACD,OAAO,SAAS,CAAC;IACnB,CAAC,CAAC;IAEF,KAAK,MAAM,GAAG,IAAI,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC;QACnC,MAAM,EAAE,GAAG,QAAQ,CAAC,GAAG,CAAC,CAAC;QACzB,IAAI,CAAC,EAAE;YAAE,SAAS;QAClB,MAAM,KAAK,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QACvB,QAAQ,CAAC,EAAE,CAAC,IAAI,EAAE,KAAK,CAAC,OAAO,CAAC,CAAC;IACnC,CAAC;IAED,MAAM,MAAM,GAAG,QAAQ,CAAC,UAAU,EAAE,OAAO,CAAC,CAAC;IAC7C,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;IAErB,MAAM,UAAU,GAAG,IAAI,GAAG,EAAU,CAAC;IACrC,KAAK,MAAM,GAAG,IAAI,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC;QACnC,MAAM,EAAE,GAAG,QAAQ,CAAC,GAAG,CAAC,CAAC;QACzB,IAAI,CAAC,EAAE;YAAE,SAAS;QAClB,MAAM,KAAK,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QACvB,IACE,GAAG,KAAK,GAAG,EAAE,CAAC,IAAI,IAAI,KAAK,CAAC,OAAO,EAAE;YACrC,EAAE,CAAC,KAAK,KAAK,KAAK,CAAC,OAAO;YAC1B,GAAG,CAAC,GAAG,EAAE,CAAC,IAAI,IAAI,KAAK,CAAC,OAAO,EAAE,CAAC,EAClC,CAAC;YACD,UAAU,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,IAAI,IAAI,KAAK,CAAC,OAAO,EAAE,CAAC,CAAC;QAChD,CAAC;IACH,CAAC;IAED,KAAK,MAAM,GAAG,IAAI,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC;QACnC,MAAM,EAAE,GAAG,QAAQ,CAAC,GAAG,CAAC,CAAC;QACzB,IAAI,CAAC,EAAE;YAAE,SAAS;QAClB,MAAM,KAAK,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QACvB,MAAM,MAAM,GAAG,QAAQ,CAAC,EAAE,CAAC,IAAI,EAAE,KAAK,CAAC,OAAO,CAAC,CAAC;QAEhD,MAAM,IAAI,GAAG,CACX,CAAqC,EACrC,CAA4B,EAC5B,EAAE;YACF,IAAI,CAAC,CAAC;gBAAE,OAAO;YACf,KAAK,MAAM,CAAC,KAAK,EAAE,WAAW,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,CAAC;gBACrD,MAAM,GAAG,GAAG,cAAc,CAAC,KAAK,EAAE,WAAW,CAAC,IAAI,WAAW,CAAC;gBAC9D,MAAM,IAAI,GAAG,QAAQ,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC;gBAClC,KAAK,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC,EAAE,CAAC,CAAC;YACrD,CAAC;QACH,CAAC,CAAC;QACF,IAAI,CAAC,KAAK,CAAC,YAAY,EAAE,cAAc,CAAC,CAAC;QACzC,IAAI,CAAC,KAAK,CAAC,oBAAoB,EAAE,sBAAsB,CAAC,CAAC;IAC3D,CAAC;IAED,KAAK,MAAM,GAAG,IAAI,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC;QACnC,MAAM,EAAE,GAAG,QAAQ,CAAC,GAAG,CAAC,CAAC;QACzB,IAAI,CAAC,EAAE;YAAE,SAAS;QAClB,MAAM,KAAK,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QACvB,MAAM,WAAW,GACf,CAAC,EAAE,CAAC,KAAK,CAAC,QAAQ,CAAC,GAAG,CAAC;YACvB,CAAC,EAAE,CAAC,KAAK,CAAC,QAAQ,CAAC,GAAG,CAAC;YACvB,EAAE,CAAC,KAAK,KAAK,KAAK,CAAC,OAAO,CAAC;QAC7B,IAAI,WAAW,EAAE,CAAC;YAChB,MAAM,IAAI,GAAG,QAAQ,CAAC,EAAE,CAAC,IAAI,EAAE,KAAK,CAAC,OAAO,CAAC,CAAC;YAC9C,KAAK,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,cAAc,EAAE,CAAC,CAAC;QAClE,CAAC;IACH,CAAC;IAED,OAAO;QACL,KAAK;QACL,KAAK;QACL,OAAO;QACP,YAAY,EAAE,cAAc;QAC5B,aAAa;KACd,CAAC;AACJ,CAAC;AAED,SAAS,KAAK;IACZ,OAAO;QACL,KAAK,EAAE,IAAI,GAAG,EAAE;QAChB,KAAK,EAAE,EAAE;QACT,OAAO,EAAE,EAAE;QACX,YAAY,EAAE,SAAS;QACvB,aAAa,EAAE,IAAI,GAAG,EAAE;KACzB,CAAC;AACJ,CAAC"}