npm - dep-up-surgeon - Versions diffs - 2.0.0 → 2.2.0 - Mend

dep-up-surgeon 2.0.0 → 2.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (57) hide show

package/README.md +140 -5
package/dist/cli/changelogEnricher.d.ts +28 -0
package/dist/cli/changelogEnricher.d.ts.map +1 -0
package/dist/cli/changelogEnricher.js +49 -0
package/dist/cli/changelogEnricher.js.map +1 -0
package/dist/cli/git.d.ts +25 -0
package/dist/cli/git.d.ts.map +1 -1
package/dist/cli/git.js +121 -11
package/dist/cli/git.js.map +1 -1
package/dist/cli/gitFlow.d.ts +23 -0
package/dist/cli/gitFlow.d.ts.map +1 -1
package/dist/cli/gitFlow.js +77 -7
package/dist/cli/gitFlow.js.map +1 -1
package/dist/cli/openPr.d.ts +90 -0
package/dist/cli/openPr.d.ts.map +1 -0
package/dist/cli/openPr.js +276 -0
package/dist/cli/openPr.js.map +1 -0
package/dist/cli/overrideFlow.d.ts +69 -0
package/dist/cli/overrideFlow.d.ts.map +1 -0
package/dist/cli/overrideFlow.js +190 -0
package/dist/cli/overrideFlow.js.map +1 -0
package/dist/cli/report.d.ts +7 -1
package/dist/cli/report.d.ts.map +1 -1
package/dist/cli/report.js +3 -0
package/dist/cli/report.js.map +1 -1
package/dist/cli/summary.d.ts.map +1 -1
package/dist/cli/summary.js +220 -0
package/dist/cli/summary.js.map +1 -1
package/dist/cli.js +369 -33
package/dist/cli.js.map +1 -1
package/dist/config/policy.d.ts +83 -0
package/dist/config/policy.d.ts.map +1 -0
package/dist/config/policy.js +377 -0
package/dist/config/policy.js.map +1 -0
package/dist/core/audit.d.ts +49 -0
package/dist/core/audit.d.ts.map +1 -0
package/dist/core/audit.js +332 -0
package/dist/core/audit.js.map +1 -0
package/dist/core/upgrader.d.ts +13 -0
package/dist/core/upgrader.d.ts.map +1 -1
package/dist/core/upgrader.js +89 -0
package/dist/core/upgrader.js.map +1 -1
package/dist/types.d.ts +142 -1
package/dist/types.d.ts.map +1 -1
package/dist/utils/blastRadius.d.ts +46 -0
package/dist/utils/blastRadius.d.ts.map +1 -0
package/dist/utils/blastRadius.js +194 -0
package/dist/utils/blastRadius.js.map +1 -0
package/dist/utils/changelog.d.ts +129 -0
package/dist/utils/changelog.d.ts.map +1 -0
package/dist/utils/changelog.js +430 -0
package/dist/utils/changelog.js.map +1 -0
package/dist/utils/overrides.d.ts +102 -0
package/dist/utils/overrides.d.ts.map +1 -0
package/dist/utils/overrides.js +325 -0
package/dist/utils/overrides.js.map +1 -0
package/package.json +6 -5

package/README.md CHANGED Viewed

@@ -93,6 +93,17 @@ dep-up-surgeon [options]
 | `--git-branch <name>` | Create + checkout this branch before any commits. If the branch already exists, switches to it. Pairs nicely with `--ci` for PR-bot workflows (e.g. `--git-branch "deps/auto-$(date +%Y-%m-%d)"`). |
 | `--git-sign` | Pass `--gpg-sign` to every commit. Requires a signing key configured in git (`user.signingkey` + `gpg.format`). Failed signatures are recorded as failed commits in the JSON report rather than aborting the run. |
 | `--git-allow-dirty` | Allow `--git-commit` to run on a dirty working tree. We still only `git add` files we touched, so your WIP isn't swept up — but if you also `git add` your own files manually, they'll land in dep-up-surgeon's commits. |
+| `--changelog` / `--no-changelog` | Fetch the bumped package's release notes (GitHub Releases first, then its published `CHANGELOG.md`) and include them in commit bodies + `--summary`. **Default ON** when `--git-commit` or `--summary` is active. Network failures are non-fatal — missing changelogs are silently skipped. See **Changelog excerpts** below. |
+| `--security-only` | Run `npm audit` (or `pnpm`/`yarn` equivalent) first, then upgrade **only** the packages with open advisories. Every successful bump carries the advisory severity + ID into its commit subject (`[security:high]`) and into the summary's **Security fixes** table. Pairs well with `--git-commit-mode per-success` to produce one PR per CVE. See **Security-first mode** below. |
+| `--min-severity <level>` | Minimum advisory severity to consider under `--security-only`: `low` (default), `moderate`, `high`, or `critical`. Lower-severity advisories are filtered out before the upgrade plan is built. |
+| `--blast-radius` / `--no-blast-radius` | Scan project source files to list which files actually `import`/`require` each upgraded package, and surface the list in `--json` + `--summary`. **Default ON** when `--summary` is active. See **Blast radius** below. |
+| `--apply-overrides` | After the main upgrade loop, fix **transitive** CVEs that no direct bump could reach by writing a package-manager override (`overrides` for npm, `pnpm.overrides` for pnpm, `resolutions` for yarn) pinning each vulnerable transitive to its audit-recommended safe version. Runs install + validator after each pin and rolls back automatically when the validator fails. Requires `--security-only`. See **Transitive overrides** below. |
+| `--override-force` | Used with `--apply-overrides`. Overwrite an **existing** override entry whose value conflicts with the audit-recommended version. By default we refuse to clobber user-managed pins and record `conflict` in the report. |
+| `--open-pr` | After `--git-commit --git-branch` pushes the branch, open a GitHub PR with the `--summary` markdown as the body (falls back to a deterministic minimal body). Uses the `gh` CLI (must be installed + authenticated); never fatal — a missing binary, auth failure, or push rejection is recorded as `pullRequest.error` in the JSON report without aborting the run. See **Auto-opening a PR** below. |
+| `--open-pr-title <title>` | Override the PR title. Default: derived from the upgrade counts, e.g. `deps: [breaking+security] bump 3 packages`. |
+| `--open-pr-draft` | Open the PR as a draft. Recommended with `--force` or on Fridays so merge-queue bots don't auto-land it. |
+| `--open-pr-base <branch>` | Target base branch. Default: the repo default branch as reported by `gh repo view`. |
+| `--open-pr-reviewers <users>` / `--open-pr-assignees <users>` | Comma-separated usernames passed straight to `gh pr create --reviewer` / `--assignee`. |
 Exit code `1` when any upgrade could not be kept (unless `--force`). The CLI also exits `1` when the **pre-flight** validator (run on the unchanged tree) fails — see **Pre-flight check** below. Fatal errors also exit `1`.
@@ -209,6 +220,127 @@ npx dep-up-surgeon --workspaces --ci \
 }
 ```
+### Changelog excerpts
+Every successful upgrade can be annotated with the package's release notes so reviewers don't have to open five GitHub tabs per PR. Enabled by default when `--git-commit` or `--summary` is set; disable with `--no-changelog`.
+- **Source.** First preference is the **GitHub Releases API** (`GET /repos/:owner/:repo/releases/tags/:tag`), resolved from the package's `repository` field in its `package.json`. Fallback is the `CHANGELOG.md` extracted from the published tarball via `pacote.extract` — the matching version section is parsed out with a Markdown-aware heading scanner (handles `## 1.2.3`, `## [1.2.3] - 2024-...`, `## v1.2.3`, etc.).
+- **Where it shows up.** In `--git-commit-mode per-success`, the excerpt is embedded directly in the commit body. In `per-target` / `all` modes it collapses to a compact `See: <release-url>` footer so the commit doesn't balloon. `--summary md` / `--summary html` renders each excerpt in a collapsible `<details>` block — clean in PR bodies, compact in GitHub's Job Summary.
+- **Caching & resilience.** A run-local cache deduplicates fetches across workspaces. Network errors, missing tags, private repos, and malformed `CHANGELOG.md` files are all silently skipped — a missing excerpt never fails a commit.
+- **GitHub auth.** Anonymous GitHub API requests are rate-limited to 60/hour. Set `GITHUB_TOKEN` (or `GH_TOKEN`) in the environment to lift that to 5,000/hour — `dep-up-surgeon` uses it automatically for changelog fetches and nothing else.
+### Security-first mode
+`--security-only` flips the tool from "bump everything safely" to "bump only packages with known CVEs". Competes directly with Dependabot's security-alert surface, but runs locally and respects your validator / policy / link groups.
+1. Runs `npm audit --json` (or `pnpm audit --json` / `yarn audit` depending on the detected manager) **before** the upgrade plan is built.
+2. Filters the audit to advisories at or above `--min-severity <low|moderate|high|critical>`.
+3. Builds a `restrictToNames` set from the vulnerable package names and passes it to the engine — every other dependency gets added to the ignore list automatically (visible as `reason: "ignored"` in the report).
+4. Attaches the severity + advisory ID + title to every upgraded record's `security` field, which the CLI then propagates into:
+   - **Commit subjects**: `deps: [security:high] bump axios from 1.6.0 to 1.7.2`
+   - **Commit bodies**: full advisory ID, URL, and title
+   - **`--summary`**: a prominent **Security fixes** table above the normal upgraded table
+   - **`--json`**: `upgraded[].security = { severity, ids, url, title, vulnerableRange, recommendedVersion }`
+```bash
+# Only critical + high; one commit per CVE on a dedicated branch.
+npx dep-up-surgeon --workspaces --security-only --min-severity high \
+  --git-commit --git-commit-mode per-success \
+  --git-branch "deps/security-$(date +%Y-%m-%d)"
+```
+### Policy engine (policy-as-code)
+Drop a `.dep-up-surgeon.policy.yaml` (or `.json`) in the repo root to encode upgrade rules that survive across runs and humans. Loaded automatically on startup; violations are reported per-package and the engine skips the offending bumps instead of failing.
+```yaml
+# .dep-up-surgeon.policy.yaml
+freeze:
+  - pattern: react               # never touch it
+    reason: "React 18 pinned until Q3 refactor"
+  - pattern: "@types/*"          # wildcard — freezes every @types/* scope
+maxVersion:
+  - pattern: next
+    range: "<=14"                # refuse anything outside this semver range
+allowMajorAfter:
+  - pattern: eslint
+    date: "2026-06-01"           # patch/minor OK now, majors blocked until the date
+requireReviewers: 2              # metadata: surfaced in --summary / --json for your bot to consume
+autoMerge: false                 # metadata: ditto
+```
+**How rules interact**
+- **`freeze`** always wins. Exact names go straight into the ignore list; wildcards are matched against the scanned deps inside the engine so rules like `@types/*` don't have to be unrolled by hand. Freezes produce a `reason: "policy"` skip record with the originating pattern.
+- **`maxVersion`** caps the candidate list. If no candidate satisfies the range, the package is skipped with `reason: "policy"` — it won't degrade to a no-op install.
+- **`allowMajorAfter`** blocks **cross-major** bumps until the specified date (checked against `Date.now()`), demoting the candidate to the newest in-major version. Patch/minor still flow through normally.
+- **`requireReviewers`** and **`autoMerge`** are **metadata only** — attached to the `policy` block of `--json` + `--summary` for downstream automation (GitHub Actions PR-opener, the SaaS bot, etc.) to consume.
+Every applied rule appears in the **Policy** section of `--summary` and under `policy.applied` / `policy.frozen` / `policy.warnings` in `--json`, so audits show exactly which rule blocked which package.
+### Blast radius
+Before handing the PR to a reviewer, `dep-up-surgeon` can list **which of your own source files actually import each upgraded package**. Surfaced automatically under `--summary`; attach it to `--json` too with `--blast-radius`.
+- **Scans**: `.ts`, `.tsx`, `.js`, `.jsx`, `.mjs`, `.cjs`, `.mts`, `.cts`, `.vue`, `.svelte`, `.astro`.
+- **Skips**: `node_modules`, `dist`, `build`, `coverage`, `.git`, `.next`, `.turbo`, `.vercel`, `.cache`, `.parcel-cache`, `out`, `.output`.
+- **Detects**: ES imports (`import x from '<pkg>'`), re-exports (`export … from '<pkg>'`), CommonJS `require('<pkg>')`, dynamic `import('<pkg>')`, and subpath imports (`from '<pkg>/sub'` still counts as a hit on `<pkg>`). Word-boundary safe — looking for `react` does not falsely match `react-dom`; looking for `@types/node` does not match `@types/node-ipc`.
+- **Output**: per-package `{ total, truncated, files[] }` entries in `upgraded[].blastRadius`, plus a collapsible per-package list in the Markdown / HTML summary. Caps at 20 file paths per package by default; `total` keeps counting past the cap so the summary can honestly say "used in 134 files".
+- **Cost**: a single pass over the tree, at most 1 MB read per file, parallel I/O (default concurrency 8). Failures are non-fatal — a broken symlink never aborts the run. Turn it off in huge monorepos with `--no-blast-radius`.
+### Breaking-change detection
+Whenever a changelog excerpt is fetched, `dep-up-surgeon` scans it for breaking-change markers and flags the upgrade so reviewers catch them before clicking merge. Works alongside `--changelog` (enabled by default with `--git-commit` / `--summary`) with no extra flags.
+- **What we match**: `BREAKING CHANGE:` / `BREAKING CHANGES:` footers (Conventional Commits), the `💥` and `⚠️  BREAKING` emoji conventions used by Changesets / tsup / Vitest, explicit Node-version drops (`drop support for Node 16`, `requires Node >= 20`), API-removal bullets (`- Removed the …`), and `no longer supported` / `renamed … to …` phrasing. Deprecation notices alone do **not** trip the scan.
+- **Where it shows up**:
+  - **Commit subjects** gain a `[breaking]` tag (emitted BEFORE `[security:<sev>]` when both apply): `deps: [breaking][security:high] bump axios from 1.6.0 to 2.0.0`.
+  - **Commit bodies** get a `Breaking changes detected:` section listing the exact matched lines, capped at 5 per package.
+  - **`--summary md|html`** renders a prominent `⚠️ Breaking changes detected` section ABOVE the upgraded table, plus a `⚠️ breaking` badge in the Notes column.
+  - **`--json`** → `upgraded[].changelog.breaking = { hasBreaking, matchedLines[], reasons[] }` (only present when the scan matched).
+- **Never fatal, never noisy**: absence of a changelog means no scan, which means no flag. The scan caps matches at 10 per package and dedupes identical lines so verbose changelogs don't drown out the signal.
+### Transitive overrides (`--apply-overrides`)
+`--security-only` by itself can only fix vulnerabilities reachable from a direct dependency. For CVEs that live in transitives (very common — `lodash@4.17.20` buried six levels deep under a toolchain package), pair `--security-only` with `--apply-overrides` and the tool will write a package-manager override to pin the vulnerable transitive to its safe version.
+- **Which field**: `overrides` for npm (>=8.3), `pnpm.overrides` for pnpm, `resolutions` for yarn (classic + berry).
+- **How it picks the pin**: uses the audit's own `fixAvailable.version` when present; otherwise `minVersion` of the first safe range the manager reported.
+- **Rollback on failure**: after each override, the tool runs a full install and then the validator. If either fails, the override is removed, install re-runs to restore the starting state, and the next advisory is still attempted. A failed override never strands the workspace — `report.overrides.attempts[].rolledBack === true` appears in the JSON and the summary.
+- **Conflict protection**: when the user already has a manual override with a value that **conflicts** with the audit recommendation, we refuse to clobber by default (`reason: "conflicts with target ..."`). Pass `--override-force` to overwrite explicitly.
+- **Where it shows up**:
+  - **`--summary`**: dedicated `Overrides applied` table with `Package / Pinned to / Severity / Advisory`.
+  - **`--json`**: `overrides.field` + `overrides.attempts[]` with the full decision trail (`ok`, `skipped`, `reason`, `previous`, `applied`, `installLog`, `rolledBack`).
+```bash
+# Weekly security sweep: direct bumps first, then transitive overrides, then a draft PR.
+npx dep-up-surgeon --workspaces \
+  --security-only --min-severity high \
+  --apply-overrides \
+  --git-commit --git-commit-mode per-success --git-branch "deps/security-$(date +%Y-%m-%d)" \
+  --summary md \
+  --open-pr --open-pr-draft
+```
+### Auto-opening a PR (`--open-pr`)
+When you've already paid the cost of running `--git-commit --git-branch`, `--open-pr` closes the loop by pushing the branch and opening a GitHub pull request via the [GitHub CLI (`gh`)](https://cli.github.com/). Uses your existing `gh auth`; the tool handles nothing sensitive.
+- **Body**: the Markdown `--summary` file when one was written, otherwise a deterministic minimal body listing upgraded packages. `gh pr create --body-file -` is used so the body is piped via stdin (no argv quoting hell for multi-KB Markdown).
+- **Title**: derived from the upgrade counts — e.g. `deps: [breaking+security] bump 3 packages` — or any string you pass via `--open-pr-title`.
+- **Base branch**: resolved from `gh repo view` when not explicitly given; respects your default branch setting.
+- **Reuses existing PRs**: if a PR already exists for the same head branch, we return `{ reused: true }` instead of erroring.
+- **Never fatal**: a missing `gh` binary, an unauthenticated session, a rejected push, or a 4xx from the API is recorded as `pullRequest.error` in the JSON report and printed to stderr — the upgrade commits are still on disk, and a subsequent manual `gh pr create` or `git push` will work normally.
+- **Draft mode**: pass `--open-pr-draft` to open as a draft (recommended with `--force` or when the breaking-change badge fires).
+```bash
+# Full "open a proper PR" flow with reviewers + draft mode.
+npx dep-up-surgeon --workspaces --summary md \
+  --git-commit --git-commit-mode per-success --git-branch deps/weekly \
+  --open-pr --open-pr-draft \
+  --open-pr-reviewers alice,bob --open-pr-base main
+```
 ### Workspaces & package managers
 `dep-up-surgeon` is **workspace-aware**:
@@ -387,8 +519,11 @@ The compiled entry is `dist/cli.js` (see `"bin"` in `package.json`).
 ## Future work (tracked in code)
-- Auto-open a PR after `--git-commit --git-branch` (today the user / CI step runs `gh pr create` themselves)
-- Per-commit changelog excerpt in the commit body (pull `CHANGELOG.md` / GitHub Releases for the bumped version)
-- Deeper automatic resolution using peer-range intersection across a batch
-- Renovate-style scheduling helpers (cron / day-of-week filters, grouping rules)
-- True parallel installs in monorepos that don't share a root lockfile (e.g. nohoist setups), going beyond today's parallel scan + serial install model
+- GitLab / Bitbucket auto-PR providers (today `--open-pr` is GitHub-only via `gh`)
+- Nested / parent-scoped override rules beyond the flat `name → version` form (`overrides: { "foo": { ">=2 <3": "3.0.0" } }` in npm, deep pnpm selectors)
+- Deeper automatic resolution using peer-range intersection across a batch
+- Renovate-style scheduling helpers (cron / day-of-week filters, grouping rules)
+- True parallel installs in monorepos that don't share a root lockfile (e.g. nohoist setups), going beyond today's parallel scan + serial install model
+- AI-assisted failure explanation: feed `install.lastLines` + `validation.lastLines` to an LLM and attach a one-sentence "why this broke" note to failed records
+- Integration catalog: webhooks into Slack / Discord / Linear / Jira so the bot can ping a channel when a security bump lands, not just a GitHub PR

package/dist/cli/changelogEnricher.d.ts ADDED Viewed

@@ -0,0 +1,28 @@
+/**
+ * Batch changelog enrichment for the structured report. Called once after the upgrade flow
+ * completes to fill in `UpgradeRecord.changelog` for every successful upgrade, so the summary
+ * writer (`--summary md|html`) and CI consumers can show release notes per package.
+ *
+ * Design notes:
+ *   - Network-bound; we cap parallelism with `runWithConcurrency` so a monorepo that upgrades
+ *     50 packages doesn't fire 50 simultaneous GitHub API calls.
+ *   - Every failure is swallowed. Enrichment is a courtesy feature — a 503 from the registry
+ *     or a missing `CHANGELOG.md` must NEVER mutate the exit code.
+ *   - The cache is shared with the git-commit path when both are active, so a package committed
+ *     with its changelog during the run is not fetched a second time for the summary.
+ */
+import type { UpgradeRecord } from '../types.js';
+import { type ChangelogCache, type ChangelogFetchers } from '../utils/changelog.js';
+export interface EnrichChangelogOptions {
+    cache: ChangelogCache;
+    /** Max concurrent fetches. Kept small to respect GitHub's unauth rate limit (~60/h/IP). */
+    concurrency?: number;
+    fetchers?: ChangelogFetchers;
+    githubToken?: string;
+}
+/**
+ * Mutate `records` in place: attach `.changelog` to every successful upgrade we can find a
+ * release note for. Records without a real semver `to` (e.g. `workspace:*`) are skipped.
+ */
+export declare function enrichWithChangelogs(records: UpgradeRecord[], opts: EnrichChangelogOptions): Promise<void>;
+//# sourceMappingURL=changelogEnricher.d.ts.map

package/dist/cli/changelogEnricher.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"changelogEnricher.d.ts","sourceRoot":"","sources":["../../src/cli/changelogEnricher.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;GAYG;AACH,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,aAAa,CAAC;AAEjD,OAAO,EAGL,KAAK,cAAc,EACnB,KAAK,iBAAiB,EACvB,MAAM,uBAAuB,CAAC;AAE/B,MAAM,WAAW,sBAAsB;IACrC,KAAK,EAAE,cAAc,CAAC;IACtB,2FAA2F;IAC3F,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,QAAQ,CAAC,EAAE,iBAAiB,CAAC;IAC7B,WAAW,CAAC,EAAE,MAAM,CAAC;CACtB;AAED;;;GAGG;AACH,wBAAsB,oBAAoB,CACxC,OAAO,EAAE,aAAa,EAAE,EACxB,IAAI,EAAE,sBAAsB,GAC3B,OAAO,CAAC,IAAI,CAAC,CA+Cf"}

package/dist/cli/changelogEnricher.js ADDED Viewed

@@ -0,0 +1,49 @@
+import { runWithConcurrency } from '../utils/concurrency.js';
+import { fetchChangelog, scanForBreakingChanges, } from '../utils/changelog.js';
+/**
+ * Mutate `records` in place: attach `.changelog` to every successful upgrade we can find a
+ * release note for. Records without a real semver `to` (e.g. `workspace:*`) are skipped.
+ */
+export async function enrichWithChangelogs(records, opts) {
+    const eligible = records.filter((r) => {
+        if (!r.success || r.skipped) {
+            return false;
+        }
+        if (r.changelog) {
+            // Already enriched (e.g. by the git-commit path) — skip the duplicate fetch.
+            return false;
+        }
+        const clean = (r.to ?? '').trim().replace(/^[\^~=]/, '');
+        return /^\d+\.\d+\.\d+/.test(clean);
+    });
+    if (eligible.length === 0) {
+        return;
+    }
+    const concurrency = Math.min(Math.max(1, Math.floor(opts.concurrency ?? 4)), 8);
+    await runWithConcurrency(eligible, concurrency, async (r) => {
+        const clean = (r.to ?? '').trim().replace(/^[\^~=]/, '');
+        try {
+            const excerpt = await fetchChangelog({
+                packageName: r.name,
+                toVersion: clean,
+                fromVersion: r.from,
+                cache: opts.cache,
+                fetchers: opts.fetchers,
+                githubToken: opts.githubToken,
+            });
+            if (excerpt) {
+                const breaking = scanForBreakingChanges(excerpt.body);
+                r.changelog = {
+                    source: excerpt.source,
+                    url: excerpt.url,
+                    body: excerpt.body,
+                    ...(breaking.hasBreaking ? { breaking } : {}),
+                };
+            }
+        }
+        catch {
+            // swallow: enrichment is best-effort
+        }
+    });
+}
+//# sourceMappingURL=changelogEnricher.js.map

package/dist/cli/changelogEnricher.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"changelogEnricher.js","sourceRoot":"","sources":["../../src/cli/changelogEnricher.ts"],"names":[],"mappings":"AAcA,OAAO,EAAE,kBAAkB,EAAE,MAAM,yBAAyB,CAAC;AAC7D,OAAO,EACL,cAAc,EACd,sBAAsB,GAGvB,MAAM,uBAAuB,CAAC;AAU/B;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,oBAAoB,CACxC,OAAwB,EACxB,IAA4B;IAE5B,MAAM,QAAQ,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE;QACpC,IAAI,CAAC,CAAC,CAAC,OAAO,IAAI,CAAC,CAAC,OAAO,EAAE,CAAC;YAC5B,OAAO,KAAK,CAAC;QACf,CAAC;QACD,IAAI,CAAC,CAAC,SAAS,EAAE,CAAC;YAChB,6EAA6E;YAC7E,OAAO,KAAK,CAAC;QACf,CAAC;QACD,MAAM,KAAK,GAAG,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC,OAAO,CAAC,SAAS,EAAE,EAAE,CAAC,CAAC;QACzD,OAAO,gBAAgB,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IACtC,CAAC,CAAC,CAAC;IAEH,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC1B,OAAO;IACT,CAAC;IAED,MAAM,WAAW,GAAG,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,WAAW,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;IAEhF,MAAM,kBAAkB,CACtB,QAAQ,EACR,WAAW,EACX,KAAK,EAAE,CAAC,EAAE,EAAE;QACV,MAAM,KAAK,GAAG,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC,OAAO,CAAC,SAAS,EAAE,EAAE,CAAC,CAAC;QACzD,IAAI,CAAC;YACH,MAAM,OAAO,GAAG,MAAM,cAAc,CAAC;gBACnC,WAAW,EAAE,CAAC,CAAC,IAAI;gBACnB,SAAS,EAAE,KAAK;gBAChB,WAAW,EAAE,CAAC,CAAC,IAAI;gBACnB,KAAK,EAAE,IAAI,CAAC,KAAK;gBACjB,QAAQ,EAAE,IAAI,CAAC,QAAQ;gBACvB,WAAW,EAAE,IAAI,CAAC,WAAW;aAC9B,CAAC,CAAC;YACH,IAAI,OAAO,EAAE,CAAC;gBACZ,MAAM,QAAQ,GAAG,sBAAsB,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;gBACtD,CAAC,CAAC,SAAS,GAAG;oBACZ,MAAM,EAAE,OAAO,CAAC,MAAM;oBACtB,GAAG,EAAE,OAAO,CAAC,GAAG;oBAChB,IAAI,EAAE,OAAO,CAAC,IAAI;oBAClB,GAAG,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC,CAAC,EAAE,QAAQ,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;iBAC9C,CAAC;YACJ,CAAC;QACH,CAAC;QAAC,MAAM,CAAC;YACP,qCAAqC;QACvC,CAAC;IACH,CAAC,CACF,CAAC;AACJ,CAAC"}

package/dist/cli/git.d.ts CHANGED Viewed

@@ -63,6 +63,31 @@ export interface UpgradeChange {
     workspace?: string;
     /** Linked-group id when this change was part of a batch. */
     groupId?: string;
+    /**
+     * Optional changelog excerpt body (from GitHub Releases or the package tarball CHANGELOG.md).
+     * When present, formatters append it to the commit body under a clearly demarcated section so
+     * reviewers can see *why* the version moved without opening a browser tab.
+     */
+    changelog?: {
+        source: 'github-release' | 'changelog.md';
+        url?: string;
+        body: string;
+        breaking?: {
+            hasBreaking: boolean;
+            matchedLines: string[];
+            reasons: string[];
+        };
+    };
+    /**
+     * Security metadata from `--security-only` audit. Surfaced in commit subjects and bodies so
+     * the merge queue / code-review tools can pivot on severity + advisory id.
+     */
+    security?: {
+        severity: 'low' | 'moderate' | 'high' | 'critical';
+        ids: string[];
+        url?: string;
+        title?: string;
+    };
 }
 export declare function formatPerSuccessMessage(prefix: string, changes: UpgradeChange[]): string;
 export declare function formatPerTargetMessage(prefix: string, workspace: string, changes: UpgradeChange[]): string;

package/dist/cli/git.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"git.d.ts","sourceRoot":"","sources":["../../src/cli/git.ts"],"names":[],"mappings":"AAkBA,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,uBAAuB,CAAC;AAE5D,MAAM,MAAM,aAAa,GAAG,aAAa,GAAG,YAAY,GAAG,KAAK,CAAC;AAEjE,MAAM,WAAW,UAAU;IACzB,iFAAiF;IACjF,GAAG,EAAE,MAAM,CAAC;IACZ,oDAAoD;IACpD,IAAI,CAAC,EAAE,OAAO,CAAC;IACf,qFAAqF;IACrF,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,UAAU,CAAC,EAAE,MAAM,CAAC;CACrB;AAED,MAAM,WAAW,eAAe;IAC9B,EAAE,EAAE,OAAO,CAAC;IACZ,6FAA6F;IAC7F,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,OAAO,EAAE,MAAM,CAAC;IAChB,yEAAyE;IACzE,KAAK,EAAE,MAAM,EAAE,CAAC;IAChB,kFAAkF;IAClF,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAED,oDAAoD;AACpD,wBAAsB,SAAS,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,CAG7D;AAED,yFAAyF;AACzF,wBAAsB,WAAW,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,GAAG,SAAS,CAAC,CAG1E;AAED;;;;GAIG;AACH,wBAAsB,mBAAmB,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC,CAexE;AAED,wBAAsB,gBAAgB,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,GAAG,SAAS,CAAC,CAG/E;AAED;;;GAGG;AACH,wBAAsB,cAAc,CAAC,GAAG,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,GAAG,SAAS,CAAC,CAe7F;AAED;;;;GAIG;AACH,wBAAsB,MAAM,CAAC,IAAI,EAAE,UAAU,EAAE,KAAK,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC,CA2BjF;AAED;;;;GAIG;AACH,wBAAsB,SAAS,CAC7B,IAAI,EAAE,UAAU,EAChB,OAAO,EAAE,MAAM,EACf,KAAK,EAAE,MAAM,EAAE,GACd,OAAO,CAAC,eAAe,CAAC,CAkD1B;AAED;;;;GAIG;AACH,wBAAgB,mBAAmB,CAAC,OAAO,EAAE,cAAc,GAAG,MAAM,CAUnE;AAMD,MAAM,WAAW,aAAa;IAC5B,IAAI,EAAE,MAAM,CAAC;IACb,yCAAyC;IACzC,IAAI,EAAE,MAAM,CAAC;IACb,yCAAyC;IACzC,EAAE,EAAE,MAAM,CAAC;IACX,yDAAyD;IACzD,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,4DAA4D;IAC5D,OAAO,CAAC,EAAE,MAAM,CAAC;~~CAClB~~;~~AAOD~~,wBAAgB,uBAAuB,CAAC,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,aAAa,EAAE,GAAG,MAAM,~~CAexF~~;~~AAED~~,wBAAgB,sBAAsB,CACpC,MAAM,EAAE,MAAM,EACd,SAAS,EAAE,MAAM,EACjB,OAAO,EAAE,aAAa,EAAE,GACvB,MAAM,~~CAWR~~;AAED,wBAAgB,qBAAqB,CAAC,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,aAAa,EAAE,GAAG,MAAM,~~CAiCtF~~"}
1	+ {"version":3,"file":"git.d.ts","sourceRoot":"","sources":["../../src/cli/git.ts"],"names":[],"mappings":"AAkBA,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,uBAAuB,CAAC;AAE5D,MAAM,MAAM,aAAa,GAAG,aAAa,GAAG,YAAY,GAAG,KAAK,CAAC;AAEjE,MAAM,WAAW,UAAU;IACzB,iFAAiF;IACjF,GAAG,EAAE,MAAM,CAAC;IACZ,oDAAoD;IACpD,IAAI,CAAC,EAAE,OAAO,CAAC;IACf,qFAAqF;IACrF,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,UAAU,CAAC,EAAE,MAAM,CAAC;CACrB;AAED,MAAM,WAAW,eAAe;IAC9B,EAAE,EAAE,OAAO,CAAC;IACZ,6FAA6F;IAC7F,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,OAAO,EAAE,MAAM,CAAC;IAChB,yEAAyE;IACzE,KAAK,EAAE,MAAM,EAAE,CAAC;IAChB,kFAAkF;IAClF,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAED,oDAAoD;AACpD,wBAAsB,SAAS,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,CAG7D;AAED,yFAAyF;AACzF,wBAAsB,WAAW,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,GAAG,SAAS,CAAC,CAG1E;AAED;;;;GAIG;AACH,wBAAsB,mBAAmB,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC,CAexE;AAED,wBAAsB,gBAAgB,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,GAAG,SAAS,CAAC,CAG/E;AAED;;;GAGG;AACH,wBAAsB,cAAc,CAAC,GAAG,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,GAAG,SAAS,CAAC,CAe7F;AAED;;;;GAIG;AACH,wBAAsB,MAAM,CAAC,IAAI,EAAE,UAAU,EAAE,KAAK,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC,CA2BjF;AAED;;;;GAIG;AACH,wBAAsB,SAAS,CAC7B,IAAI,EAAE,UAAU,EAChB,OAAO,EAAE,MAAM,EACf,KAAK,EAAE,MAAM,EAAE,GACd,OAAO,CAAC,eAAe,CAAC,CAkD1B;AAED;;;;GAIG;AACH,wBAAgB,mBAAmB,CAAC,OAAO,EAAE,cAAc,GAAG,MAAM,CAUnE;AAMD,MAAM,WAAW,aAAa;IAC5B,IAAI,EAAE,MAAM,CAAC;IACb,yCAAyC;IACzC,IAAI,EAAE,MAAM,CAAC;IACb,yCAAyC;IACzC,EAAE,EAAE,MAAM,CAAC;IACX,yDAAyD;IACzD,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,4DAA4D;IAC5D,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB;;;;OAIG;IACH,SAAS,CAAC,EAAE;QACV,MAAM,EAAE,gBAAgB,GAAG,cAAc,CAAC;QAC1C,GAAG,CAAC,EAAE,MAAM,CAAC;QACb,IAAI,EAAE,MAAM,CAAC;QACb,QAAQ,CAAC,EAAE;YACT,WAAW,EAAE,OAAO,CAAC;YACrB,YAAY,EAAE,MAAM,EAAE,CAAC;YACvB,OAAO,EAAE,MAAM,EAAE,CAAC;SACnB,CAAC;KACH,CAAC;IACF;;;OAGG;IACH,QAAQ,CAAC,EAAE;QACT,QAAQ,EAAE,KAAK,GAAG,UAAU,GAAG,MAAM,GAAG,UAAU,CAAC;QACnD,GAAG,EAAE,MAAM,EAAE,CAAC;QACd,GAAG,CAAC,EAAE,MAAM,CAAC;QACb,KAAK,CAAC,EAAE,MAAM,CAAC;KAChB,CAAC;CACH;AAmGD,wBAAgB,uBAAuB,CAAC,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,aAAa,EAAE,GAAG,MAAM,CAiBxF;AAoBD,wBAAgB,sBAAsB,CACpC,MAAM,EAAE,MAAM,EACd,SAAS,EAAE,MAAM,EACjB,OAAO,EAAE,aAAa,EAAE,GACvB,MAAM,CAeR;AAED,wBAAgB,qBAAqB,CAAC,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,aAAa,EAAE,GAAG,MAAM,CAmCtF"}

package/dist/cli/git.js CHANGED Viewed

@@ -174,38 +174,148 @@ export function lockfileBasenameFor(manager) {
 function tidyVersion(v) {
     return v.trim();
 }
+/**
+ * Render a changelog-excerpt block for the commit body. Returns an empty string when the change
+ * has no attached excerpt. Each block is prefixed with a fenced separator so `git log -p` stays
+ * legible even when a commit carries multiple excerpts (linked groups).
+ */
+function formatChangelogBlock(change) {
+    if (!change.changelog?.body) {
+        return '';
+    }
+    const cl = change.changelog;
+    const attribution = cl.source === 'github-release'
+        ? cl.url
+            ? `source: GitHub Release (${cl.url})`
+            : 'source: GitHub Release'
+        : 'source: CHANGELOG.md';
+    return [
+        `--- ${change.name} ${tidyVersion(change.from)} → ${tidyVersion(change.to)} ---`,
+        attribution,
+        '',
+        cl.body,
+    ].join('\n');
+}
+/** Concatenate every available changelog block, separated by blank lines. */
+function changelogSection(changes) {
+    const blocks = changes.map(formatChangelogBlock).filter(Boolean);
+    return blocks.length > 0 ? `\n\n${blocks.join('\n\n')}` : '';
+}
+/**
+ * Prepend a conventional-commits-ish `security` scope and severity tag when ANY change in the
+ * batch carries security metadata. Keeps the subject parseable by dashboards that group by
+ * keyword while still fitting in a normal 72-char commit subject line.
+ */
+function securitySubjectTag(changes) {
+    const highest = changes.reduce((acc, c) => {
+        const s = c.security?.severity;
+        if (!s)
+            return acc;
+        if (!acc)
+            return s;
+        const rank = { low: 1, moderate: 2, high: 3, critical: 4 };
+        return rank[s] > rank[acc] ? s : acc;
+    }, undefined);
+    return highest ? `[security:${highest}] ` : '';
+}
+/**
+ * True when ANY change in the batch has a breaking-change marker detected in its changelog.
+ * Consumed by the subject tag (`[breaking] `) and the dedicated "Breaking changes:" footer so
+ * reviewers spot them at a glance in `git log` + `gh pr view`.
+ */
+function hasBreakingChange(changes) {
+    return changes.some((c) => c.changelog?.breaking?.hasBreaking === true);
+}
+/** Render the `[breaking] ` tag prefix; emitted BEFORE the security tag so order is stable. */
+function breakingSubjectTag(changes) {
+    return hasBreakingChange(changes) ? '[breaking] ' : '';
+}
+/**
+ * Render a per-change breaking-changes footer. One section per upgrade so reviewers can see
+ * which package the breaking lines came from. Capped to 5 lines per package — the scanner
+ * already dedupes, this is just a belt-and-braces against especially noisy changelogs.
+ */
+function breakingFooter(changes) {
+    const rows = [];
+    for (const c of changes) {
+        const b = c.changelog?.breaking;
+        if (!b?.hasBreaking || b.matchedLines.length === 0)
+            continue;
+        rows.push(`- ${c.name}:`);
+        for (const line of b.matchedLines.slice(0, 5)) {
+            rows.push(`    · ${line}`);
+        }
+    }
+    return rows.length > 0 ? `\n\nBreaking changes detected:\n${rows.join('\n')}` : '';
+}
+/** Render a per-change security footer (inside the commit body). */
+function securityFooter(changes) {
+    const rows = changes
+        .filter((c) => c.security)
+        .map((c) => {
+        const s = c.security;
+        const id = s.ids[0] ? ` ${s.ids[0]}` : '';
+        const title = s.title ? ` — ${s.title}` : '';
+        const url = s.url ? ` (${s.url})` : '';
+        return `- ${c.name}: ${s.severity}${id}${title}${url}`;
+    });
+    return rows.length > 0 ? `\n\nSecurity fixes:\n${rows.join('\n')}` : '';
+}
 export function formatPerSuccessMessage(prefix, changes) {
+    const brkTag = breakingSubjectTag(changes);
+    const secTag = securitySubjectTag(changes);
     if (changes.length === 1) {
         const c = changes[0];
         const ws = c.workspace && c.workspace !== 'root' ? ` (${c.workspace})` : '';
-        return `${prefix}bump ${c.name} from ${tidyVersion(c.from)} to ${tidyVersion(c.to)}${ws}`;
+        const subject = `${prefix}${brkTag}${secTag}bump ${c.name} from ${tidyVersion(c.from)} to ${tidyVersion(c.to)}${ws}`;
+        return subject + breakingFooter(changes) + securityFooter(changes) + changelogSection(changes);
     }
-    // Linked group → multi-line message with each member listed.
     const head = changes[0];
     const ws = head.workspace && head.workspace !== 'root' ? ` (${head.workspace})` : '';
     const lines = [
-        `${prefix}bump ${changes.length} linked packages${ws}`,
+        `${prefix}${brkTag}${secTag}bump ${changes.length} linked packages${ws}`,
         '',
         ...changes.map((c) => `- ${c.name}: ${tidyVersion(c.from)} → ${tidyVersion(c.to)}`),
     ];
-    return lines.join('\n');
+    return lines.join('\n') + breakingFooter(changes) + securityFooter(changes) + changelogSection(changes);
+}
+/**
+ * Compact one-line changelog reference for per-target / all-in-one commit modes where embedding
+ * full release notes per package would balloon the message. We surface the best-known URL when
+ * we have one, otherwise a short `(CHANGELOG.md)` marker.
+ */
+function compactChangelogMark(change) {
+    if (!change.changelog?.body) {
+        return '';
+    }
+    if (change.changelog.source === 'github-release' && change.changelog.url) {
+        return `  (release notes: ${change.changelog.url})`;
+    }
+    if (change.changelog.source === 'github-release') {
+        return '  (see GitHub release)';
+    }
+    return '  (see CHANGELOG.md)';
 }
 export function formatPerTargetMessage(prefix, workspace, changes) {
     if (changes.length === 0) {
         return `${prefix}no changes for ${workspace}`;
     }
+    const brkTag = breakingSubjectTag(changes);
+    const secTag = securitySubjectTag(changes);
     const wsLabel = workspace === 'root' ? '' : ` in ${workspace}`;
     const lines = [
-        `${prefix}${changes.length} upgrade${changes.length === 1 ? '' : 's'}${wsLabel}`,
+        `${prefix}${brkTag}${secTag}${changes.length} upgrade${changes.length === 1 ? '' : 's'}${wsLabel}`,
         '',
-        ...changes.map((c) => `- ${c.name}: ${tidyVersion(c.from)} → ${tidyVersion(c.to)}`),
+        ...changes.map((c) => `- ${c.name}: ${tidyVersion(c.from)} → ${tidyVersion(c.to)}${compactChangelogMark(c)}`),
     ];
-    return lines.join('\n');
+    return lines.join('\n') + breakingFooter(changes) + securityFooter(changes);
 }
 export function formatAllInOneMessage(prefix, changes) {
     if (changes.length === 0) {
         return `${prefix}no upgrades`;
     }
+    const brkTag = breakingSubjectTag(changes);
+    const secTag = securitySubjectTag(changes);
     const targets = new Map();
     for (const c of changes) {
         const key = c.workspace ?? 'root';
@@ -215,15 +325,15 @@ export function formatAllInOneMessage(prefix, changes) {
     }
     const targetCount = targets.size;
     const head = targetCount === 1
-        ? `${prefix}${changes.length} upgrade${changes.length === 1 ? '' : 's'}`
-        : `${prefix}${changes.length} upgrades across ${targetCount} targets`;
+        ? `${prefix}${brkTag}${secTag}${changes.length} upgrade${changes.length === 1 ? '' : 's'}`
+        : `${prefix}${brkTag}${secTag}${changes.length} upgrades across ${targetCount} targets`;
     const lines = [head, ''];
     for (const [ws, list] of targets) {
         if (targetCount > 1) {
             lines.push(`[${ws}]`);
         }
         for (const c of list) {
-            lines.push(`- ${c.name}: ${tidyVersion(c.from)} → ${tidyVersion(c.to)}`);
+            lines.push(`- ${c.name}: ${tidyVersion(c.from)} → ${tidyVersion(c.to)}${compactChangelogMark(c)}`);
         }
         if (targetCount > 1) {
             lines.push('');
@@ -233,6 +343,6 @@ export function formatAllInOneMessage(prefix, changes) {
     while (lines.length > 0 && lines[lines.length - 1] === '') {
         lines.pop();
     }
-    return lines.join('\n');
+    return lines.join('\n') + breakingFooter(changes) + securityFooter(changes);
 }
 //# sourceMappingURL=git.js.map

package/dist/cli/git.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"git.js","sourceRoot":"","sources":["../../src/cli/git.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;GAcG;AACH,OAAO,IAAI,MAAM,WAAW,CAAC;AAC7B,OAAO,EAAE,MAAM,UAAU,CAAC;AAC1B,OAAO,EAAE,KAAK,EAAE,MAAM,OAAO,CAAC;AA0B9B,oDAAoD;AACpD,MAAM,CAAC,KAAK,UAAU,SAAS,CAAC,GAAW;IACzC,MAAM,CAAC,GAAG,MAAM,KAAK,CAAC,KAAK,EAAE,CAAC,WAAW,EAAE,uBAAuB,CAAC,EAAE,EAAE,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,CAAC;IAC7F,OAAO,CAAC,CAAC,QAAQ,KAAK,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,IAAI,EAAE,KAAK,MAAM,CAAC;AACxD,CAAC;AAED,yFAAyF;AACzF,MAAM,CAAC,KAAK,UAAU,WAAW,CAAC,GAAW;IAC3C,MAAM,CAAC,GAAG,MAAM,KAAK,CAAC,KAAK,EAAE,CAAC,WAAW,EAAE,iBAAiB,CAAC,EAAE,EAAE,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,CAAC;IACvF,OAAO,CAAC,CAAC,QAAQ,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC;AACxD,CAAC;AAED;;;;GAIG;AACH,MAAM,CAAC,KAAK,UAAU,mBAAmB,CAAC,GAAW;IACnD,MAAM,CAAC,GAAG,MAAM,KAAK,CAAC,KAAK,EAAE,CAAC,QAAQ,EAAE,aAAa,CAAC,EAAE,EAAE,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,CAAC;IAChF,IAAI,CAAC,CAAC,QAAQ,KAAK,CAAC,EAAE,CAAC;QACrB,OAAO,EAAE,CAAC;IACZ,CAAC;IACD,OAAO,CAAC,CAAC,MAAM;SACZ,KAAK,CAAC,IAAI,CAAC;SACX,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;SACpB,MAAM,CAAC,OAAO,CAAC;SACf,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE;QACZ,kFAAkF;QAClF,yCAAyC;QACzC,MAAM,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,6BAA6B,CAAC,CAAC;QACpD,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;IACzB,CAAC,CAAC,CAAC;AACP,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,gBAAgB,CAAC,GAAW;IAChD,MAAM,CAAC,GAAG,MAAM,KAAK,CAAC,KAAK,EAAE,CAAC,WAAW,EAAE,cAAc,EAAE,MAAM,CAAC,EAAE,EAAE,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,CAAC;IAC5F,OAAO,CAAC,CAAC,QAAQ,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC;AACxD,CAAC;AAED;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,cAAc,CAAC,GAAW,EAAE,MAAc;IAC9D,MAAM,QAAQ,GAAG,MAAM,gBAAgB,CAAC,GAAG,CAAC,CAAC;IAC7C,0FAA0F;IAC1F,gFAAgF;IAChF,MAAM,MAAM,GAAG,MAAM,KAAK,CAAC,KAAK,EAAE,CAAC,UAAU,EAAE,IAAI,EAAE,MAAM,CAAC,EAAE,EAAE,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,CAAC;IACtF,IAAI,MAAM,CAAC,QAAQ,KAAK,CAAC,EAAE,CAAC;QAC1B,OAAO,QAAQ,CAAC;IAClB,CAAC;IACD,MAAM,UAAU,GAAG,MAAM,KAAK,CAAC,KAAK,EAAE,CAAC,UAAU,EAAE,MAAM,CAAC,EAAE,EAAE,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,CAAC;IACpF,IAAI,UAAU,CAAC,QAAQ,KAAK,CAAC,EAAE,CAAC;QAC9B,MAAM,IAAI,KAAK,CACb,gBAAgB,MAAM,YAAY,CAAC,MAAM,CAAC,MAAM,IAAI,UAAU,CAAC,MAAM,CAAC,CAAC,IAAI,EAAE,EAAE,CAChF,CAAC;IACJ,CAAC;IACD,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED;;;;GAIG;AACH,MAAM,CAAC,KAAK,UAAU,MAAM,CAAC,IAAgB,EAAE,KAAe;IAC5D,MAAM,QAAQ,GAAG,CAAC,MAAM,WAAW,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,IAAI,IAAI,CAAC,GAAG,CAAC;IAC3D,sFAAsF;IACtF,gFAAgF;IAChF,sFAAsF;IACtF,qEAAqE;IACrE,MAAM,YAAY,GAAG,MAAM,EAAE,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,QAAQ,CAAC,CAAC;IACvE,MAAM,QAAQ,GAAa,EAAE,CAAC;IAC9B,KAAK,MAAM,GAAG,IAAI,KAAK,EAAE,CAAC;QACxB,IAAI,CAAC,CAAC,MAAM,EAAE,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC;YAChC,SAAS;QACX,CAAC;QACD,MAAM,OAAO,GAAG,MAAM,EAAE,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC;QACxD,MAAM,GAAG,GAAG,IAAI,CAAC,QAAQ,CAAC,YAAY,EAAE,OAAO,CAAC,CAAC;QACjD,QAAQ,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IACrB,CAAC;IACD,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC1B,OAAO,EAAE,CAAC;IACZ,CAAC;IACD,MAAM,CAAC,GAAG,MAAM,KAAK,CAAC,KAAK,EAAE,CAAC,KAAK,EAAE,IAAI,EAAE,GAAG,QAAQ,CAAC,EAAE;QACvD,GAAG,EAAE,YAAY;QACjB,MAAM,EAAE,KAAK;KACd,CAAC,CAAC;IACH,IAAI,CAAC,CAAC,QAAQ,KAAK,CAAC,EAAE,CAAC;QACrB,MAAM,IAAI,KAAK,CAAC,mBAAmB,CAAC,CAAC,MAAM,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC,MAAM,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC;IAC3E,CAAC;IACD,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED;;;;GAIG;AACH,MAAM,CAAC,KAAK,UAAU,SAAS,CAC7B,IAAgB,EAChB,OAAe,EACf,KAAe;IAEf,MAAM,QAAQ,GAAG,CAAC,MAAM,WAAW,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,IAAI,IAAI,CAAC,GAAG,CAAC;IAE3D,4FAA4F;IAC5F,uFAAuF;IACvF,mCAAmC;IACnC,MAAM,MAAM,GAAG,MAAM,KAAK,CAAC,KAAK,EAAE,CAAC,MAAM,EAAE,UAAU,EAAE,aAAa,CAAC,EAAE;QACrE,GAAG,EAAE,QAAQ;QACb,MAAM,EAAE,KAAK;KACd,CAAC,CAAC;IACH,IAAI,MAAM,CAAC,QAAQ,KAAK,CAAC,IAAI,MAAM,CAAC,MAAM,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE,CAAC;QACzD,OAAO;YACL,EAAE,EAAE,KAAK;YACT,OAAO;YACP,KAAK;YACL,KAAK,EAAE,uCAAuC;SAC/C,CAAC;IACJ,CAAC;IAED,MAAM,IAAI,GAAG,CAAC,QAAQ,EAAE,IAAI,EAAE,OAAO,CAAC,CAAC;IACvC,IAAI,IAAI,CAAC,IAAI,EAAE,CAAC;QACd,IAAI,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC;IAC1B,CAAC;IACD,MAAM,GAAG,GAAG,EAAE,GAAG,OAAO,CAAC,GAAG,EAAE,CAAC;IAC/B,IAAI,IAAI,CAAC,WAAW,EAAE,CAAC;QACrB,GAAG,CAAC,gBAAgB,GAAG,IAAI,CAAC,WAAW,CAAC;QACxC,GAAG,CAAC,mBAAmB,GAAG,IAAI,CAAC,WAAW,CAAC;IAC7C,CAAC;IACD,IAAI,IAAI,CAAC,UAAU,EAAE,CAAC;QACpB,GAAG,CAAC,eAAe,GAAG,IAAI,CAAC,UAAU,CAAC;QACtC,GAAG,CAAC,kBAAkB,GAAG,IAAI,CAAC,UAAU,CAAC;IAC3C,CAAC;IAED,MAAM,CAAC,GAAG,MAAM,KAAK,CAAC,KAAK,EAAE,IAAI,EAAE,EAAE,GAAG,EAAE,QAAQ,EAAE,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,CAAC;IAC1E,IAAI,CAAC,CAAC,QAAQ,KAAK,CAAC,EAAE,CAAC;QACrB,OAAO;YACL,EAAE,EAAE,KAAK;YACT,OAAO;YACP,KAAK;YACL,KAAK,EAAE,CAAC,CAAC,CAAC,MAAM,IAAI,CAAC,CAAC,MAAM,CAAC,CAAC,IAAI,EAAE;SACrC,CAAC;IACJ,CAAC;IAED,MAAM,GAAG,GAAG,MAAM,KAAK,CAAC,KAAK,EAAE,CAAC,WAAW,EAAE,SAAS,EAAE,MAAM,CAAC,EAAE,EAAE,GAAG,EAAE,QAAQ,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,CAAC;IACnG,OAAO;QACL,EAAE,EAAE,IAAI;QACR,GAAG,EAAE,GAAG,CAAC,QAAQ,KAAK,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,SAAS;QACvD,OAAO;QACP,KAAK;KACN,CAAC;AACJ,CAAC;AAED;;;;GAIG;AACH,MAAM,UAAU,mBAAmB,CAAC,OAAuB;IACzD,QAAQ,OAAO,EAAE,CAAC;QAChB,KAAK,MAAM;YACT,OAAO,gBAAgB,CAAC;QAC1B,KAAK,MAAM;YACT,OAAO,WAAW,CAAC;QACrB,KAAK,KAAK,CAAC;QACX;YACE,OAAO,mBAAmB,CAAC;IAC/B,CAAC;AACH,CAAC;AAkBD,0EAA0E;AAC1E,SAAS,WAAW,CAAC,CAAS;IAC5B,OAAO,CAAC,CAAC,IAAI,EAAE,CAAC;AAClB,CAAC;AAED,MAAM,UAAU,uBAAuB,CAAC,MAAc,EAAE,OAAwB;IAC9E,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACzB,MAAM,CAAC,GAAG,OAAO,CAAC,CAAC,CAAC,CAAC;QACrB,MAAM,EAAE,GAAG,CAAC,CAAC,SAAS,IAAI,CAAC,CAAC,SAAS,KAAK,MAAM,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,SAAS,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;QAC5E,OAAO,GAAG,MAAM,QAAQ,CAAC,CAAC,IAAI,SAAS,WAAW,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,WAAW,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC;IAC5F,CAAC;IACD,6DAA6D;IAC7D,MAAM,IAAI,GAAG,OAAO,CAAC,CAAC,CAAC,CAAC;IACxB,MAAM,EAAE,GAAG,IAAI,CAAC,SAAS,IAAI,IAAI,CAAC,SAAS,KAAK,MAAM,CAAC,CAAC,CAAC,KAAK,IAAI,CAAC,SAAS,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;IACrF,MAAM,KAAK,GAAG;QACZ,GAAG,MAAM,QAAQ,OAAO,CAAC,MAAM,mBAAmB,EAAE,EAAE;QACtD,EAAE;QACF,GAAG,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,KAAK,CAAC,CAAC,IAAI,KAAK,WAAW,CAAC,CAAC,CAAC,IAAI,CAAC,MAAM,WAAW,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC;KACpF,CAAC;IACF,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AAC1B,CAAC;AAED,MAAM,UAAU,sBAAsB,CACpC,MAAc,EACd,SAAiB,EACjB,OAAwB;IAExB,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACzB,OAAO,GAAG,MAAM,kBAAkB,SAAS,EAAE,CAAC;IAChD,CAAC;IACD,MAAM,OAAO,GAAG,SAAS,KAAK,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,OAAO,SAAS,EAAE,CAAC;IAC/D,MAAM,KAAK,GAAG;QACZ,GAAG,MAAM,GAAG,OAAO,CAAC,MAAM,WAAW,OAAO,CAAC,MAAM,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,GAAG,GAAG,OAAO,EAAE;QAChF,EAAE;QACF,GAAG,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,KAAK,CAAC,CAAC,IAAI,KAAK,WAAW,CAAC,CAAC,CAAC,IAAI,CAAC,MAAM,WAAW,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC;KACpF,CAAC;IACF,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AAC1B,CAAC;AAED,MAAM,UAAU,qBAAqB,CAAC,MAAc,EAAE,OAAwB;IAC5E,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACzB,OAAO,GAAG,MAAM,aAAa,CAAC;IAChC,CAAC;IACD,MAAM,OAAO,GAAG,IAAI,GAAG,EAA2B,CAAC;IACnD,KAAK,MAAM,CAAC,IAAI,OAAO,EAAE,CAAC;QACxB,MAAM,GAAG,GAAG,CAAC,CAAC,SAAS,IAAI,MAAM,CAAC;QAClC,MAAM,IAAI,GAAG,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC;QACpC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACb,OAAO,CAAC,GAAG,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;IACzB,CAAC;IACD,MAAM,WAAW,GAAG,OAAO,CAAC,IAAI,CAAC;IACjC,MAAM,IAAI,GACR,WAAW,KAAK,CAAC;QACf,CAAC,CAAC,GAAG,MAAM,GAAG,OAAO,CAAC,MAAM,WAAW,OAAO,CAAC,MAAM,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,GAAG,EAAE;QACxE,CAAC,CAAC,GAAG,MAAM,GAAG,OAAO,CAAC,MAAM,oBAAoB,WAAW,UAAU,CAAC;IAC1E,MAAM,KAAK,GAAa,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC;IACnC,KAAK,MAAM,CAAC,EAAE,EAAE,IAAI,CAAC,IAAI,OAAO,EAAE,CAAC;QACjC,IAAI,WAAW,GAAG,CAAC,EAAE,CAAC;YACpB,KAAK,CAAC,IAAI,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC;QACxB,CAAC;QACD,KAAK,MAAM,CAAC,IAAI,IAAI,EAAE,CAAC;YACrB,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,IAAI,KAAK,WAAW,CAAC,CAAC,CAAC,IAAI,CAAC,MAAM,WAAW,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC;QAC3E,CAAC;QACD,IAAI,WAAW,GAAG,CAAC,EAAE,CAAC;YACpB,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACjB,CAAC;IACH,CAAC;IACD,4BAA4B;IAC5B,OAAO,KAAK,CAAC,MAAM,GAAG,CAAC,IAAI,KAAK,CAAC,KAAK,CAAC,MAAM,GAAG,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC;QAC1D,KAAK,CAAC,GAAG,EAAE,CAAC;IACd,CAAC;IACD,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AAC1B,CAAC"}
1	+ {"version":3,"file":"git.js","sourceRoot":"","sources":["../../src/cli/git.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;GAcG;AACH,OAAO,IAAI,MAAM,WAAW,CAAC;AAC7B,OAAO,EAAE,MAAM,UAAU,CAAC;AAC1B,OAAO,EAAE,KAAK,EAAE,MAAM,OAAO,CAAC;AA0B9B,oDAAoD;AACpD,MAAM,CAAC,KAAK,UAAU,SAAS,CAAC,GAAW;IACzC,MAAM,CAAC,GAAG,MAAM,KAAK,CAAC,KAAK,EAAE,CAAC,WAAW,EAAE,uBAAuB,CAAC,EAAE,EAAE,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,CAAC;IAC7F,OAAO,CAAC,CAAC,QAAQ,KAAK,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,IAAI,EAAE,KAAK,MAAM,CAAC;AACxD,CAAC;AAED,yFAAyF;AACzF,MAAM,CAAC,KAAK,UAAU,WAAW,CAAC,GAAW;IAC3C,MAAM,CAAC,GAAG,MAAM,KAAK,CAAC,KAAK,EAAE,CAAC,WAAW,EAAE,iBAAiB,CAAC,EAAE,EAAE,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,CAAC;IACvF,OAAO,CAAC,CAAC,QAAQ,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC;AACxD,CAAC;AAED;;;;GAIG;AACH,MAAM,CAAC,KAAK,UAAU,mBAAmB,CAAC,GAAW;IACnD,MAAM,CAAC,GAAG,MAAM,KAAK,CAAC,KAAK,EAAE,CAAC,QAAQ,EAAE,aAAa,CAAC,EAAE,EAAE,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,CAAC;IAChF,IAAI,CAAC,CAAC,QAAQ,KAAK,CAAC,EAAE,CAAC;QACrB,OAAO,EAAE,CAAC;IACZ,CAAC;IACD,OAAO,CAAC,CAAC,MAAM;SACZ,KAAK,CAAC,IAAI,CAAC;SACX,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;SACpB,MAAM,CAAC,OAAO,CAAC;SACf,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE;QACZ,kFAAkF;QAClF,yCAAyC;QACzC,MAAM,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,6BAA6B,CAAC,CAAC;QACpD,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;IACzB,CAAC,CAAC,CAAC;AACP,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,gBAAgB,CAAC,GAAW;IAChD,MAAM,CAAC,GAAG,MAAM,KAAK,CAAC,KAAK,EAAE,CAAC,WAAW,EAAE,cAAc,EAAE,MAAM,CAAC,EAAE,EAAE,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,CAAC;IAC5F,OAAO,CAAC,CAAC,QAAQ,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC;AACxD,CAAC;AAED;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,cAAc,CAAC,GAAW,EAAE,MAAc;IAC9D,MAAM,QAAQ,GAAG,MAAM,gBAAgB,CAAC,GAAG,CAAC,CAAC;IAC7C,0FAA0F;IAC1F,gFAAgF;IAChF,MAAM,MAAM,GAAG,MAAM,KAAK,CAAC,KAAK,EAAE,CAAC,UAAU,EAAE,IAAI,EAAE,MAAM,CAAC,EAAE,EAAE,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,CAAC;IACtF,IAAI,MAAM,CAAC,QAAQ,KAAK,CAAC,EAAE,CAAC;QAC1B,OAAO,QAAQ,CAAC;IAClB,CAAC;IACD,MAAM,UAAU,GAAG,MAAM,KAAK,CAAC,KAAK,EAAE,CAAC,UAAU,EAAE,MAAM,CAAC,EAAE,EAAE,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,CAAC;IACpF,IAAI,UAAU,CAAC,QAAQ,KAAK,CAAC,EAAE,CAAC;QAC9B,MAAM,IAAI,KAAK,CACb,gBAAgB,MAAM,YAAY,CAAC,MAAM,CAAC,MAAM,IAAI,UAAU,CAAC,MAAM,CAAC,CAAC,IAAI,EAAE,EAAE,CAChF,CAAC;IACJ,CAAC;IACD,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED;;;;GAIG;AACH,MAAM,CAAC,KAAK,UAAU,MAAM,CAAC,IAAgB,EAAE,KAAe;IAC5D,MAAM,QAAQ,GAAG,CAAC,MAAM,WAAW,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,IAAI,IAAI,CAAC,GAAG,CAAC;IAC3D,sFAAsF;IACtF,gFAAgF;IAChF,sFAAsF;IACtF,qEAAqE;IACrE,MAAM,YAAY,GAAG,MAAM,EAAE,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,QAAQ,CAAC,CAAC;IACvE,MAAM,QAAQ,GAAa,EAAE,CAAC;IAC9B,KAAK,MAAM,GAAG,IAAI,KAAK,EAAE,CAAC;QACxB,IAAI,CAAC,CAAC,MAAM,EAAE,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC;YAChC,SAAS;QACX,CAAC;QACD,MAAM,OAAO,GAAG,MAAM,EAAE,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC;QACxD,MAAM,GAAG,GAAG,IAAI,CAAC,QAAQ,CAAC,YAAY,EAAE,OAAO,CAAC,CAAC;QACjD,QAAQ,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IACrB,CAAC;IACD,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC1B,OAAO,EAAE,CAAC;IACZ,CAAC;IACD,MAAM,CAAC,GAAG,MAAM,KAAK,CAAC,KAAK,EAAE,CAAC,KAAK,EAAE,IAAI,EAAE,GAAG,QAAQ,CAAC,EAAE;QACvD,GAAG,EAAE,YAAY;QACjB,MAAM,EAAE,KAAK;KACd,CAAC,CAAC;IACH,IAAI,CAAC,CAAC,QAAQ,KAAK,CAAC,EAAE,CAAC;QACrB,MAAM,IAAI,KAAK,CAAC,mBAAmB,CAAC,CAAC,MAAM,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC,MAAM,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC;IAC3E,CAAC;IACD,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED;;;;GAIG;AACH,MAAM,CAAC,KAAK,UAAU,SAAS,CAC7B,IAAgB,EAChB,OAAe,EACf,KAAe;IAEf,MAAM,QAAQ,GAAG,CAAC,MAAM,WAAW,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,IAAI,IAAI,CAAC,GAAG,CAAC;IAE3D,4FAA4F;IAC5F,uFAAuF;IACvF,mCAAmC;IACnC,MAAM,MAAM,GAAG,MAAM,KAAK,CAAC,KAAK,EAAE,CAAC,MAAM,EAAE,UAAU,EAAE,aAAa,CAAC,EAAE;QACrE,GAAG,EAAE,QAAQ;QACb,MAAM,EAAE,KAAK;KACd,CAAC,CAAC;IACH,IAAI,MAAM,CAAC,QAAQ,KAAK,CAAC,IAAI,MAAM,CAAC,MAAM,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE,CAAC;QACzD,OAAO;YACL,EAAE,EAAE,KAAK;YACT,OAAO;YACP,KAAK;YACL,KAAK,EAAE,uCAAuC;SAC/C,CAAC;IACJ,CAAC;IAED,MAAM,IAAI,GAAG,CAAC,QAAQ,EAAE,IAAI,EAAE,OAAO,CAAC,CAAC;IACvC,IAAI,IAAI,CAAC,IAAI,EAAE,CAAC;QACd,IAAI,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC;IAC1B,CAAC;IACD,MAAM,GAAG,GAAG,EAAE,GAAG,OAAO,CAAC,GAAG,EAAE,CAAC;IAC/B,IAAI,IAAI,CAAC,WAAW,EAAE,CAAC;QACrB,GAAG,CAAC,gBAAgB,GAAG,IAAI,CAAC,WAAW,CAAC;QACxC,GAAG,CAAC,mBAAmB,GAAG,IAAI,CAAC,WAAW,CAAC;IAC7C,CAAC;IACD,IAAI,IAAI,CAAC,UAAU,EAAE,CAAC;QACpB,GAAG,CAAC,eAAe,GAAG,IAAI,CAAC,UAAU,CAAC;QACtC,GAAG,CAAC,kBAAkB,GAAG,IAAI,CAAC,UAAU,CAAC;IAC3C,CAAC;IAED,MAAM,CAAC,GAAG,MAAM,KAAK,CAAC,KAAK,EAAE,IAAI,EAAE,EAAE,GAAG,EAAE,QAAQ,EAAE,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,CAAC;IAC1E,IAAI,CAAC,CAAC,QAAQ,KAAK,CAAC,EAAE,CAAC;QACrB,OAAO;YACL,EAAE,EAAE,KAAK;YACT,OAAO;YACP,KAAK;YACL,KAAK,EAAE,CAAC,CAAC,CAAC,MAAM,IAAI,CAAC,CAAC,MAAM,CAAC,CAAC,IAAI,EAAE;SACrC,CAAC;IACJ,CAAC;IAED,MAAM,GAAG,GAAG,MAAM,KAAK,CAAC,KAAK,EAAE,CAAC,WAAW,EAAE,SAAS,EAAE,MAAM,CAAC,EAAE,EAAE,GAAG,EAAE,QAAQ,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,CAAC;IACnG,OAAO;QACL,EAAE,EAAE,IAAI;QACR,GAAG,EAAE,GAAG,CAAC,QAAQ,KAAK,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,SAAS;QACvD,OAAO;QACP,KAAK;KACN,CAAC;AACJ,CAAC;AAED;;;;GAIG;AACH,MAAM,UAAU,mBAAmB,CAAC,OAAuB;IACzD,QAAQ,OAAO,EAAE,CAAC;QAChB,KAAK,MAAM;YACT,OAAO,gBAAgB,CAAC;QAC1B,KAAK,MAAM;YACT,OAAO,WAAW,CAAC;QACrB,KAAK,KAAK,CAAC;QACX;YACE,OAAO,mBAAmB,CAAC;IAC/B,CAAC;AACH,CAAC;AA2CD,0EAA0E;AAC1E,SAAS,WAAW,CAAC,CAAS;IAC5B,OAAO,CAAC,CAAC,IAAI,EAAE,CAAC;AAClB,CAAC;AAED;;;;GAIG;AACH,SAAS,oBAAoB,CAAC,MAAqB;IACjD,IAAI,CAAC,MAAM,CAAC,SAAS,EAAE,IAAI,EAAE,CAAC;QAC5B,OAAO,EAAE,CAAC;IACZ,CAAC;IACD,MAAM,EAAE,GAAG,MAAM,CAAC,SAAS,CAAC;IAC5B,MAAM,WAAW,GACf,EAAE,CAAC,MAAM,KAAK,gBAAgB;QAC5B,CAAC,CAAC,EAAE,CAAC,GAAG;YACN,CAAC,CAAC,2BAA2B,EAAE,CAAC,GAAG,GAAG;YACtC,CAAC,CAAC,wBAAwB;QAC5B,CAAC,CAAC,sBAAsB,CAAC;IAC7B,OAAO;QACL,OAAO,MAAM,CAAC,IAAI,IAAI,WAAW,CAAC,MAAM,CAAC,IAAI,CAAC,MAAM,WAAW,CAAC,MAAM,CAAC,EAAE,CAAC,MAAM;QAChF,WAAW;QACX,EAAE;QACF,EAAE,CAAC,IAAI;KACR,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AACf,CAAC;AAED,6EAA6E;AAC7E,SAAS,gBAAgB,CAAC,OAAwB;IAChD,MAAM,MAAM,GAAG,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;IACjE,OAAO,MAAM,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,OAAO,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;AAC/D,CAAC;AAED;;;;GAIG;AACH,SAAS,kBAAkB,CAAC,OAAwB;IAClD,MAAM,OAAO,GAAG,OAAO,CAAC,MAAM,CAAuD,CAAC,GAAG,EAAE,CAAC,EAAE,EAAE;QAC9F,MAAM,CAAC,GAAG,CAAC,CAAC,QAAQ,EAAE,QAAQ,CAAC;QAC/B,IAAI,CAAC,CAAC;YAAE,OAAO,GAAG,CAAC;QACnB,IAAI,CAAC,GAAG;YAAE,OAAO,CAAC,CAAC;QACnB,MAAM,IAAI,GAAG,EAAE,GAAG,EAAE,CAAC,EAAE,QAAQ,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,QAAQ,EAAE,CAAC,EAAW,CAAC;QACpE,OAAO,IAAI,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC;IACvC,CAAC,EAAE,SAAS,CAAC,CAAC;IACd,OAAO,OAAO,CAAC,CAAC,CAAC,aAAa,OAAO,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC;AACjD,CAAC;AAED;;;;GAIG;AACH,SAAS,iBAAiB,CAAC,OAAwB;IACjD,OAAO,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS,EAAE,QAAQ,EAAE,WAAW,KAAK,IAAI,CAAC,CAAC;AAC1E,CAAC;AAED,+FAA+F;AAC/F,SAAS,kBAAkB,CAAC,OAAwB;IAClD,OAAO,iBAAiB,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,aAAa,CAAC,CAAC,CAAC,EAAE,CAAC;AACzD,CAAC;AAED;;;;GAIG;AACH,SAAS,cAAc,CAAC,OAAwB;IAC9C,MAAM,IAAI,GAAa,EAAE,CAAC;IAC1B,KAAK,MAAM,CAAC,IAAI,OAAO,EAAE,CAAC;QACxB,MAAM,CAAC,GAAG,CAAC,CAAC,SAAS,EAAE,QAAQ,CAAC;QAChC,IAAI,CAAC,CAAC,EAAE,WAAW,IAAI,CAAC,CAAC,YAAY,CAAC,MAAM,KAAK,CAAC;YAAE,SAAS;QAC7D,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,IAAI,GAAG,CAAC,CAAC;QAC1B,KAAK,MAAM,IAAI,IAAI,CAAC,CAAC,YAAY,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,CAAC;YAC9C,IAAI,CAAC,IAAI,CAAC,SAAS,IAAI,EAAE,CAAC,CAAC;QAC7B,CAAC;IACH,CAAC;IACD,OAAO,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,mCAAmC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;AACrF,CAAC;AAED,oEAAoE;AACpE,SAAS,cAAc,CAAC,OAAwB;IAC9C,MAAM,IAAI,GAAG,OAAO;SACjB,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC;SACzB,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE;QACT,MAAM,CAAC,GAAG,CAAC,CAAC,QAAS,CAAC;QACtB,MAAM,EAAE,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QAC1C,MAAM,KAAK,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QAC7C,MAAM,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;QACvC,OAAO,KAAK,CAAC,CAAC,IAAI,KAAK,CAAC,CAAC,QAAQ,GAAG,EAAE,GAAG,KAAK,GAAG,GAAG,EAAE,CAAC;IACzD,CAAC,CAAC,CAAC;IACL,OAAO,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,wBAAwB,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;AAC1E,CAAC;AAED,MAAM,UAAU,uBAAuB,CAAC,MAAc,EAAE,OAAwB;IAC9E,MAAM,MAAM,GAAG,kBAAkB,CAAC,OAAO,CAAC,CAAC;IAC3C,MAAM,MAAM,GAAG,kBAAkB,CAAC,OAAO,CAAC,CAAC;IAC3C,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACzB,MAAM,CAAC,GAAG,OAAO,CAAC,CAAC,CAAC,CAAC;QACrB,MAAM,EAAE,GAAG,CAAC,CAAC,SAAS,IAAI,CAAC,CAAC,SAAS,KAAK,MAAM,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,SAAS,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;QAC5E,MAAM,OAAO,GAAG,GAAG,MAAM,GAAG,MAAM,GAAG,MAAM,QAAQ,CAAC,CAAC,IAAI,SAAS,WAAW,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,WAAW,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC;QACrH,OAAO,OAAO,GAAG,cAAc,CAAC,OAAO,CAAC,GAAG,cAAc,CAAC,OAAO,CAAC,GAAG,gBAAgB,CAAC,OAAO,CAAC,CAAC;IACjG,CAAC;IACD,MAAM,IAAI,GAAG,OAAO,CAAC,CAAC,CAAC,CAAC;IACxB,MAAM,EAAE,GAAG,IAAI,CAAC,SAAS,IAAI,IAAI,CAAC,SAAS,KAAK,MAAM,CAAC,CAAC,CAAC,KAAK,IAAI,CAAC,SAAS,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;IACrF,MAAM,KAAK,GAAG;QACZ,GAAG,MAAM,GAAG,MAAM,GAAG,MAAM,QAAQ,OAAO,CAAC,MAAM,mBAAmB,EAAE,EAAE;QACxE,EAAE;QACF,GAAG,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,KAAK,CAAC,CAAC,IAAI,KAAK,WAAW,CAAC,CAAC,CAAC,IAAI,CAAC,MAAM,WAAW,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC;KACpF,CAAC;IACF,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,cAAc,CAAC,OAAO,CAAC,GAAG,cAAc,CAAC,OAAO,CAAC,GAAG,gBAAgB,CAAC,OAAO,CAAC,CAAC;AAC1G,CAAC;AAED;;;;GAIG;AACH,SAAS,oBAAoB,CAAC,MAAqB;IACjD,IAAI,CAAC,MAAM,CAAC,SAAS,EAAE,IAAI,EAAE,CAAC;QAC5B,OAAO,EAAE,CAAC;IACZ,CAAC;IACD,IAAI,MAAM,CAAC,SAAS,CAAC,MAAM,KAAK,gBAAgB,IAAI,MAAM,CAAC,SAAS,CAAC,GAAG,EAAE,CAAC;QACzE,OAAO,qBAAqB,MAAM,CAAC,SAAS,CAAC,GAAG,GAAG,CAAC;IACtD,CAAC;IACD,IAAI,MAAM,CAAC,SAAS,CAAC,MAAM,KAAK,gBAAgB,EAAE,CAAC;QACjD,OAAO,wBAAwB,CAAC;IAClC,CAAC;IACD,OAAO,sBAAsB,CAAC;AAChC,CAAC;AAED,MAAM,UAAU,sBAAsB,CACpC,MAAc,EACd,SAAiB,EACjB,OAAwB;IAExB,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACzB,OAAO,GAAG,MAAM,kBAAkB,SAAS,EAAE,CAAC;IAChD,CAAC;IACD,MAAM,MAAM,GAAG,kBAAkB,CAAC,OAAO,CAAC,CAAC;IAC3C,MAAM,MAAM,GAAG,kBAAkB,CAAC,OAAO,CAAC,CAAC;IAC3C,MAAM,OAAO,GAAG,SAAS,KAAK,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,OAAO,SAAS,EAAE,CAAC;IAC/D,MAAM,KAAK,GAAG;QACZ,GAAG,MAAM,GAAG,MAAM,GAAG,MAAM,GAAG,OAAO,CAAC,MAAM,WAAW,OAAO,CAAC,MAAM,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,GAAG,GAAG,OAAO,EAAE;QAClG,EAAE;QACF,GAAG,OAAO,CAAC,GAAG,CACZ,CAAC,CAAC,EAAE,EAAE,CAAC,KAAK,CAAC,CAAC,IAAI,KAAK,WAAW,CAAC,CAAC,CAAC,IAAI,CAAC,MAAM,WAAW,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,oBAAoB,CAAC,CAAC,CAAC,EAAE,CAC9F;KACF,CAAC;IACF,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,cAAc,CAAC,OAAO,CAAC,GAAG,cAAc,CAAC,OAAO,CAAC,CAAC;AAC9E,CAAC;AAED,MAAM,UAAU,qBAAqB,CAAC,MAAc,EAAE,OAAwB;IAC5E,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACzB,OAAO,GAAG,MAAM,aAAa,CAAC;IAChC,CAAC;IACD,MAAM,MAAM,GAAG,kBAAkB,CAAC,OAAO,CAAC,CAAC;IAC3C,MAAM,MAAM,GAAG,kBAAkB,CAAC,OAAO,CAAC,CAAC;IAC3C,MAAM,OAAO,GAAG,IAAI,GAAG,EAA2B,CAAC;IACnD,KAAK,MAAM,CAAC,IAAI,OAAO,EAAE,CAAC;QACxB,MAAM,GAAG,GAAG,CAAC,CAAC,SAAS,IAAI,MAAM,CAAC;QAClC,MAAM,IAAI,GAAG,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC;QACpC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACb,OAAO,CAAC,GAAG,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;IACzB,CAAC;IACD,MAAM,WAAW,GAAG,OAAO,CAAC,IAAI,CAAC;IACjC,MAAM,IAAI,GACR,WAAW,KAAK,CAAC;QACf,CAAC,CAAC,GAAG,MAAM,GAAG,MAAM,GAAG,MAAM,GAAG,OAAO,CAAC,MAAM,WAAW,OAAO,CAAC,MAAM,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,GAAG,EAAE;QAC1F,CAAC,CAAC,GAAG,MAAM,GAAG,MAAM,GAAG,MAAM,GAAG,OAAO,CAAC,MAAM,oBAAoB,WAAW,UAAU,CAAC;IAC5F,MAAM,KAAK,GAAa,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC;IACnC,KAAK,MAAM,CAAC,EAAE,EAAE,IAAI,CAAC,IAAI,OAAO,EAAE,CAAC;QACjC,IAAI,WAAW,GAAG,CAAC,EAAE,CAAC;YACpB,KAAK,CAAC,IAAI,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC;QACxB,CAAC;QACD,KAAK,MAAM,CAAC,IAAI,IAAI,EAAE,CAAC;YACrB,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,IAAI,KAAK,WAAW,CAAC,CAAC,CAAC,IAAI,CAAC,MAAM,WAAW,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,oBAAoB,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;QACrG,CAAC;QACD,IAAI,WAAW,GAAG,CAAC,EAAE,CAAC;YACpB,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACjB,CAAC;IACH,CAAC;IACD,4BAA4B;IAC5B,OAAO,KAAK,CAAC,MAAM,GAAG,CAAC,IAAI,KAAK,CAAC,KAAK,CAAC,MAAM,GAAG,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC;QAC1D,KAAK,CAAC,GAAG,EAAE,CAAC;IACd,CAAC;IACD,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,cAAc,CAAC,OAAO,CAAC,GAAG,cAAc,CAAC,OAAO,CAAC,CAAC;AAC9E,CAAC"}

package/dist/cli/gitFlow.d.ts CHANGED Viewed

@@ -1,6 +1,7 @@
 import type { PackageManager } from '../core/workspaces.js';
 import type { GitCommitRecord } from '../types.js';
 import type { UpgradeAppliedEvent } from '../core/upgrader.js';
+import { type ChangelogFetchers } from '../utils/changelog.js';
 import { type GitCommitMode } from './git.js';
 export interface GitFlowConfig {
     enabled: boolean;
@@ -9,6 +10,28 @@ export interface GitFlowConfig {
     sign: boolean;
     allowDirty: boolean;
     branch?: string;
+    /**
+     * When true, the flow fetches a changelog excerpt for every successful upgrade and appends it
+     * to the commit body (per-success mode) or a one-line link (per-target / all modes). Fetching
+     * is best-effort — missing / rate-limited changelogs are silently dropped and never abort the
+     * upgrade or the commit. Off by default only when the user passes `--no-changelog`.
+     */
+    includeChangelog?: boolean;
+    /** Injection point for tests. Bypasses the real GitHub + pacote calls. */
+    changelogFetchers?: ChangelogFetchers;
+    /** Explicit GitHub token (otherwise read from `GITHUB_TOKEN` / `GH_TOKEN`). */
+    githubToken?: string;
+    /**
+     * Map of package-name → `SecurityAdvisory` from the `--security-only` pre-flight audit.
+     * When a change matches an advisory, gitFlow stamps it onto the `UpgradeChange.security`
+     * field so the commit subject gets the `[security:<sev>]` tag + the body lists the CVE.
+     */
+    securityAdvisories?: Map<string, {
+        severity: 'low' | 'moderate' | 'high' | 'critical';
+        ids: string[];
+        url?: string;
+        title?: string;
+    }>;
 }
 export interface GitFlowController {
     enabled: boolean;

package/dist/cli/gitFlow.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"gitFlow.d.ts","sourceRoot":"","sources":["../../src/cli/gitFlow.ts"],"names":[],"mappings":"AAqBA,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,uBAAuB,CAAC;AAC5D,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,aAAa,CAAC;AACnD,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,qBAAqB,CAAC;AAE/D,OAAO,EASL,KAAK,aAAa,EAEnB,MAAM,UAAU,CAAC;AAElB,MAAM,WAAW,aAAa;IAC5B,OAAO,EAAE,OAAO,CAAC;IACjB,IAAI,EAAE,aAAa,CAAC;IACpB,MAAM,EAAE,MAAM,CAAC;IACf,IAAI,EAAE,OAAO,CAAC;IACd,UAAU,EAAE,OAAO,CAAC;IACpB,MAAM,CAAC,EAAE,MAAM,CAAC;~~CACjB~~;AAED,MAAM,WAAW,iBAAiB;IAChC,OAAO,EAAE,OAAO,CAAC;IACjB,IAAI,CAAC,EAAE,aAAa,CAAC;IACrB,gFAAgF;IAChF,gBAAgB,CAAC,EAAE,CAAC,EAAE,EAAE,mBAAmB,KAAK,OAAO,CAAC,IAAI,CAAC,CAAC;IAC9D,2EAA2E;IAC3E,gBAAgB,CAAC,SAAS,EAAE,MAAM,EAAE,OAAO,EAAE,cAAc,EAAE,UAAU,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IAChG,yFAAyF;IACzF,UAAU,CAAC,OAAO,EAAE,cAAc,EAAE,UAAU,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IACvE,8DAA8D;IAC9D,OAAO,EAAE,eAAe,EAAE,CAAC;CAC5B;AAgBD;;;;;GAKG;AACH,MAAM,MAAM,kBAAkB,GAC1B;IAAE,EAAE,EAAE,IAAI,CAAC;IAAC,UAAU,EAAE,iBAAiB,CAAA;CAAE,GAC3C;IAAE,EAAE,EAAE,KAAK,CAAC;IAAC,KAAK,EAAE,MAAM,CAAA;CAAE,CAAC;AAEjC;;;;GAIG;AACH,wBAAsB,aAAa,CACjC,GAAG,EAAE,MAAM,EACX,MAAM,EAAE,aAAa,EACrB,UAAU,EAAE,OAAO,EACnB,MAAM,EAAE,OAAO,GACd,OAAO,CAAC,kBAAkB,CAAC,~~CAyM7B~~"}
1	+ {"version":3,"file":"gitFlow.d.ts","sourceRoot":"","sources":["../../src/cli/gitFlow.ts"],"names":[],"mappings":"AAqBA,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,uBAAuB,CAAC;AAC5D,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,aAAa,CAAC;AACnD,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,qBAAqB,CAAC;AAE/D,OAAO,EAIL,KAAK,iBAAiB,EACvB,MAAM,uBAAuB,CAAC;AAC/B,OAAO,EASL,KAAK,aAAa,EAEnB,MAAM,UAAU,CAAC;AAElB,MAAM,WAAW,aAAa;IAC5B,OAAO,EAAE,OAAO,CAAC;IACjB,IAAI,EAAE,aAAa,CAAC;IACpB,MAAM,EAAE,MAAM,CAAC;IACf,IAAI,EAAE,OAAO,CAAC;IACd,UAAU,EAAE,OAAO,CAAC;IACpB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB;;;;;OAKG;IACH,gBAAgB,CAAC,EAAE,OAAO,CAAC;IAC3B,0EAA0E;IAC1E,iBAAiB,CAAC,EAAE,iBAAiB,CAAC;IACtC,+EAA+E;IAC/E,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB;;;;OAIG;IACH,kBAAkB,CAAC,EAAE,GAAG,CACtB,MAAM,EACN;QACE,QAAQ,EAAE,KAAK,GAAG,UAAU,GAAG,MAAM,GAAG,UAAU,CAAC;QACnD,GAAG,EAAE,MAAM,EAAE,CAAC;QACd,GAAG,CAAC,EAAE,MAAM,CAAC;QACb,KAAK,CAAC,EAAE,MAAM,CAAC;KAChB,CACF,CAAC;CACH;AAED,MAAM,WAAW,iBAAiB;IAChC,OAAO,EAAE,OAAO,CAAC;IACjB,IAAI,CAAC,EAAE,aAAa,CAAC;IACrB,gFAAgF;IAChF,gBAAgB,CAAC,EAAE,CAAC,EAAE,EAAE,mBAAmB,KAAK,OAAO,CAAC,IAAI,CAAC,CAAC;IAC9D,2EAA2E;IAC3E,gBAAgB,CAAC,SAAS,EAAE,MAAM,EAAE,OAAO,EAAE,cAAc,EAAE,UAAU,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IAChG,yFAAyF;IACzF,UAAU,CAAC,OAAO,EAAE,cAAc,EAAE,UAAU,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IACvE,8DAA8D;IAC9D,OAAO,EAAE,eAAe,EAAE,CAAC;CAC5B;AAgBD;;;;;GAKG;AACH,MAAM,MAAM,kBAAkB,GAC1B;IAAE,EAAE,EAAE,IAAI,CAAC;IAAC,UAAU,EAAE,iBAAiB,CAAA;CAAE,GAC3C;IAAE,EAAE,EAAE,KAAK,CAAC;IAAC,KAAK,EAAE,MAAM,CAAA;CAAE,CAAC;AAEjC;;;;GAIG;AACH,wBAAsB,aAAa,CACjC,GAAG,EAAE,MAAM,EACX,MAAM,EAAE,aAAa,EACrB,UAAU,EAAE,OAAO,EACnB,MAAM,EAAE,OAAO,GACd,OAAO,CAAC,kBAAkB,CAAC,CA8Q7B"}