githits 0.4.3 → 0.4.5
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.claude-plugin/marketplace.json +1 -1
- package/.claude-plugin/plugin.json +1 -1
- package/.plugin/plugin.json +1 -1
- package/GEMINI.md +4 -3
- package/README.md +41 -15
- package/commands/example.md +2 -1
- package/commands/help.md +1 -1
- package/commands/search.md +2 -1
- package/dist/cli.js +2348 -449
- package/dist/index.js +1 -1
- package/dist/shared/{chunk-q6d3ttgn.js → chunk-vfyz65v1.js} +1 -1
- package/dist/shared/{chunk-15argn2z.js → chunk-ygqss6gp.js} +651 -49
- package/dist/shared/chunk-zzmbjttb.js +15 -0
- package/gemini-extension.json +1 -1
- package/package.json +3 -1
- package/plugins/claude/.claude-plugin/plugin.json +1 -1
- package/plugins/claude/commands/example.md +2 -1
- package/plugins/claude/commands/help.md +1 -1
- package/plugins/claude/commands/search.md +2 -1
- package/plugins/claude/skills/search/SKILL.md +2 -0
- package/skills/githits-code/SKILL.md +81 -0
- package/skills/githits-code/references/code-and-docs.md +49 -0
- package/skills/githits-package/SKILL.md +90 -0
- package/skills/githits-package/references/package.md +51 -0
- package/dist/shared/chunk-kmka6wpx.js +0 -11
- package/skills/search/SKILL.md +0 -40
|
@@ -1,20 +1,16 @@
|
|
|
1
1
|
import {
|
|
2
2
|
__require,
|
|
3
3
|
version
|
|
4
|
-
} from "./chunk-
|
|
4
|
+
} from "./chunk-vfyz65v1.js";
|
|
5
5
|
|
|
6
6
|
// src/services/app-config-paths.ts
|
|
7
7
|
var APP_DIR = "githits";
|
|
8
8
|
function getAppConfigDir(fs) {
|
|
9
9
|
const home = fs.getHomeDir();
|
|
10
|
-
|
|
11
|
-
|
|
12
|
-
return fs.joinPath(process.env.APPDATA ?? fs.joinPath(home, "AppData", "Roaming"), APP_DIR);
|
|
13
|
-
case "darwin":
|
|
14
|
-
return fs.joinPath(home, "Library", "Application Support", APP_DIR);
|
|
15
|
-
default:
|
|
16
|
-
return fs.joinPath(process.env.XDG_CONFIG_HOME ?? fs.joinPath(home, ".config"), APP_DIR);
|
|
10
|
+
if (process.platform === "win32") {
|
|
11
|
+
return fs.joinPath(process.env.APPDATA ?? fs.joinPath(home, "AppData", "Roaming"), APP_DIR);
|
|
17
12
|
}
|
|
13
|
+
return fs.joinPath(process.env.XDG_CONFIG_HOME ?? fs.joinPath(home, ".config"), APP_DIR);
|
|
18
14
|
}
|
|
19
15
|
function getAuthConfigPath(fs) {
|
|
20
16
|
return fs.joinPath(getAppConfigDir(fs), "config.toml");
|
|
@@ -25,6 +21,15 @@ function getAuthFileStorageDir(fs) {
|
|
|
25
21
|
function getLegacyAuthStorageDir(fs) {
|
|
26
22
|
return fs.joinPath(fs.getHomeDir(), ".githits");
|
|
27
23
|
}
|
|
24
|
+
function getLegacyMacAppConfigDir(fs) {
|
|
25
|
+
return fs.joinPath(fs.getHomeDir(), "Library", "Application Support", APP_DIR);
|
|
26
|
+
}
|
|
27
|
+
function getLegacyMacAuthConfigPath(fs) {
|
|
28
|
+
return fs.joinPath(getLegacyMacAppConfigDir(fs), "config.toml");
|
|
29
|
+
}
|
|
30
|
+
function getLegacyMacAuthFileStorageDir(fs) {
|
|
31
|
+
return fs.joinPath(getLegacyMacAppConfigDir(fs), "auth");
|
|
32
|
+
}
|
|
28
33
|
// src/services/auth-config.ts
|
|
29
34
|
import { parse as parseToml } from "smol-toml";
|
|
30
35
|
import { z } from "zod";
|
|
@@ -50,7 +55,7 @@ function parseAuthStorageMode(value) {
|
|
|
50
55
|
throw new AuthConfigError(`Invalid auth storage mode "${value}". Use "keychain" or "file". File mode stores OAuth credentials unencrypted on disk.`);
|
|
51
56
|
}
|
|
52
57
|
async function loadAuthConfig(fs) {
|
|
53
|
-
|
|
58
|
+
let configPath = getAuthConfigPath(fs);
|
|
54
59
|
const envMode = process.env.GITHITS_AUTH_STORAGE;
|
|
55
60
|
if (envMode !== undefined && envMode.trim() !== "") {
|
|
56
61
|
try {
|
|
@@ -63,7 +68,12 @@ async function loadAuthConfig(fs) {
|
|
|
63
68
|
}
|
|
64
69
|
}
|
|
65
70
|
if (!await fs.exists(configPath)) {
|
|
66
|
-
|
|
71
|
+
const legacyMacConfigPath = getLegacyMacAuthConfigPath(fs);
|
|
72
|
+
if (process.platform === "darwin" && await fs.exists(legacyMacConfigPath)) {
|
|
73
|
+
configPath = legacyMacConfigPath;
|
|
74
|
+
} else {
|
|
75
|
+
return { storage: "keychain", configPath };
|
|
76
|
+
}
|
|
67
77
|
}
|
|
68
78
|
let rawConfig;
|
|
69
79
|
try {
|
|
@@ -732,6 +742,70 @@ async function clearAuthSessionBestEffort(clearTokens, clearClient) {
|
|
|
732
742
|
if (firstError)
|
|
733
743
|
throw firstError;
|
|
734
744
|
}
|
|
745
|
+
|
|
746
|
+
// src/services/auth-session-metadata-storage.ts
|
|
747
|
+
var METADATA_FILE = "metadata.json";
|
|
748
|
+
var DIR_MODE2 = 448;
|
|
749
|
+
|
|
750
|
+
class AuthSessionMetadataStorage {
|
|
751
|
+
fs;
|
|
752
|
+
configDir;
|
|
753
|
+
metadataPath;
|
|
754
|
+
constructor(fs, configDir) {
|
|
755
|
+
this.fs = fs;
|
|
756
|
+
this.configDir = configDir ?? getAuthFileStorageDir(fs);
|
|
757
|
+
this.metadataPath = fs.joinPath(this.configDir, METADATA_FILE);
|
|
758
|
+
}
|
|
759
|
+
async load(baseUrl) {
|
|
760
|
+
const stored = await this.loadFile();
|
|
761
|
+
if (!stored)
|
|
762
|
+
return null;
|
|
763
|
+
const metadata = stored.sessions[normalizeBaseUrl(baseUrl)] ?? null;
|
|
764
|
+
return isAuthSessionMetadata(metadata) ? metadata : null;
|
|
765
|
+
}
|
|
766
|
+
async saveFromTokens(baseUrl, tokens) {
|
|
767
|
+
const stored = await this.loadFile() ?? {
|
|
768
|
+
version: 1,
|
|
769
|
+
sessions: {}
|
|
770
|
+
};
|
|
771
|
+
stored.sessions[normalizeBaseUrl(baseUrl)] = {
|
|
772
|
+
createdAt: tokens.createdAt,
|
|
773
|
+
expiresAt: tokens.expiresAt,
|
|
774
|
+
updatedAt: new Date().toISOString()
|
|
775
|
+
};
|
|
776
|
+
await this.fs.ensureDir(this.configDir, DIR_MODE2);
|
|
777
|
+
await this.fs.atomicWriteFile(this.metadataPath, JSON.stringify(stored, null, 2));
|
|
778
|
+
}
|
|
779
|
+
async clear(baseUrl) {
|
|
780
|
+
const stored = await this.loadFile();
|
|
781
|
+
if (!stored)
|
|
782
|
+
return;
|
|
783
|
+
delete stored.sessions[normalizeBaseUrl(baseUrl)];
|
|
784
|
+
if (Object.keys(stored.sessions).length === 0) {
|
|
785
|
+
await this.fs.deleteFile(this.metadataPath);
|
|
786
|
+
return;
|
|
787
|
+
}
|
|
788
|
+
await this.fs.atomicWriteFile(this.metadataPath, JSON.stringify(stored, null, 2));
|
|
789
|
+
}
|
|
790
|
+
async loadFile() {
|
|
791
|
+
if (!await this.fs.exists(this.metadataPath))
|
|
792
|
+
return null;
|
|
793
|
+
try {
|
|
794
|
+
const content = await this.fs.readFile(this.metadataPath);
|
|
795
|
+
const data = JSON.parse(content);
|
|
796
|
+
if (data.version !== 1 || !data.sessions)
|
|
797
|
+
return null;
|
|
798
|
+
return data;
|
|
799
|
+
} catch {
|
|
800
|
+
return null;
|
|
801
|
+
}
|
|
802
|
+
}
|
|
803
|
+
}
|
|
804
|
+
function isAuthSessionMetadata(value) {
|
|
805
|
+
if (value === null || typeof value !== "object")
|
|
806
|
+
return false;
|
|
807
|
+
return typeof value.createdAt === "string" && value.createdAt.length > 0 && typeof value.updatedAt === "string" && value.updatedAt.length > 0 && (value.expiresAt === null || typeof value.expiresAt === "string" && value.expiresAt.length > 0);
|
|
808
|
+
}
|
|
735
809
|
// src/services/browser-service.ts
|
|
736
810
|
import open from "open";
|
|
737
811
|
|
|
@@ -1326,11 +1400,17 @@ class GitHitsServiceImpl {
|
|
|
1326
1400
|
method: "POST",
|
|
1327
1401
|
headers: this.headers(),
|
|
1328
1402
|
body: JSON.stringify({
|
|
1403
|
+
...params.exampleId !== undefined && {
|
|
1404
|
+
example_id: params.exampleId
|
|
1405
|
+
},
|
|
1329
1406
|
...params.solutionId !== undefined && {
|
|
1330
1407
|
solution_id: params.solutionId
|
|
1331
1408
|
},
|
|
1332
1409
|
accepted: params.accepted,
|
|
1333
|
-
feedback_text: params.feedbackText ?? null
|
|
1410
|
+
feedback_text: params.feedbackText ?? null,
|
|
1411
|
+
...params.toolName !== undefined && {
|
|
1412
|
+
tool_name: params.toolName
|
|
1413
|
+
}
|
|
1334
1414
|
})
|
|
1335
1415
|
});
|
|
1336
1416
|
if (!response.ok) {
|
|
@@ -3533,15 +3613,19 @@ class MigratingAuthStorage {
|
|
|
3533
3613
|
mode;
|
|
3534
3614
|
configPath;
|
|
3535
3615
|
onWarning;
|
|
3616
|
+
metadata;
|
|
3617
|
+
additionalLegacyStores;
|
|
3536
3618
|
warnedFileModeKeychainExport = false;
|
|
3537
3619
|
warnedAmbiguousPlaintext = false;
|
|
3538
|
-
constructor(primary, file, legacy, mode, configPath = "your GitHits config.toml", onWarning = () => {}) {
|
|
3620
|
+
constructor(primary, file, legacy, mode, configPath = "your GitHits config.toml", onWarning = () => {}, metadata, additionalLegacyStores = []) {
|
|
3539
3621
|
this.primary = primary;
|
|
3540
3622
|
this.file = file;
|
|
3541
3623
|
this.legacy = legacy;
|
|
3542
3624
|
this.mode = mode;
|
|
3543
3625
|
this.configPath = configPath;
|
|
3544
3626
|
this.onWarning = onWarning;
|
|
3627
|
+
this.metadata = metadata;
|
|
3628
|
+
this.additionalLegacyStores = additionalLegacyStores;
|
|
3545
3629
|
}
|
|
3546
3630
|
async loadTokens(baseUrl2) {
|
|
3547
3631
|
if (this.mode === "file") {
|
|
@@ -3552,10 +3636,12 @@ class MigratingAuthStorage {
|
|
|
3552
3636
|
async saveTokens(baseUrl2, data) {
|
|
3553
3637
|
if (this.mode === "file") {
|
|
3554
3638
|
await this.file.saveTokens(baseUrl2, data);
|
|
3639
|
+
await this.saveMetadataBestEffort(baseUrl2, data);
|
|
3555
3640
|
return;
|
|
3556
3641
|
}
|
|
3557
3642
|
try {
|
|
3558
3643
|
await this.primary.saveTokens(baseUrl2, data);
|
|
3644
|
+
await this.saveMetadataBestEffort(baseUrl2, data);
|
|
3559
3645
|
} catch (error) {
|
|
3560
3646
|
throw this.toPolicyError(error);
|
|
3561
3647
|
}
|
|
@@ -3571,6 +3657,10 @@ class MigratingAuthStorage {
|
|
|
3571
3657
|
const primaryError = await this.clearBestEffort(() => this.primary.clearTokens(baseUrl2));
|
|
3572
3658
|
await this.clearBestEffort(() => this.file.clearTokens(baseUrl2));
|
|
3573
3659
|
await this.clearBestEffort(() => this.legacy.clearTokens(baseUrl2));
|
|
3660
|
+
for (const legacy of this.additionalLegacyStores) {
|
|
3661
|
+
await this.clearBestEffort(() => legacy.clearTokens(baseUrl2));
|
|
3662
|
+
}
|
|
3663
|
+
await this.clearBestEffort(() => this.metadata?.clear(baseUrl2) ?? Promise.resolve());
|
|
3574
3664
|
if (primaryError && !(primaryError instanceof KeychainUnavailableError)) {
|
|
3575
3665
|
throw primaryError;
|
|
3576
3666
|
}
|
|
@@ -3603,6 +3693,9 @@ class MigratingAuthStorage {
|
|
|
3603
3693
|
const primaryError = await this.clearBestEffort(() => this.primary.clearClient(baseUrl2));
|
|
3604
3694
|
await this.clearBestEffort(() => this.file.clearClient(baseUrl2));
|
|
3605
3695
|
await this.clearBestEffort(() => this.legacy.clearClient(baseUrl2));
|
|
3696
|
+
for (const legacy of this.additionalLegacyStores) {
|
|
3697
|
+
await this.clearBestEffort(() => legacy.clearClient(baseUrl2));
|
|
3698
|
+
}
|
|
3606
3699
|
if (primaryError && !(primaryError instanceof KeychainUnavailableError)) {
|
|
3607
3700
|
throw primaryError;
|
|
3608
3701
|
}
|
|
@@ -3610,10 +3703,12 @@ class MigratingAuthStorage {
|
|
|
3610
3703
|
async saveAuthSession(baseUrl2, client, tokens) {
|
|
3611
3704
|
if (this.mode === "file") {
|
|
3612
3705
|
await this.file.saveAuthSession(baseUrl2, client, tokens);
|
|
3706
|
+
await this.saveMetadataBestEffort(baseUrl2, tokens);
|
|
3613
3707
|
return;
|
|
3614
3708
|
}
|
|
3615
3709
|
try {
|
|
3616
3710
|
await this.primary.saveAuthSession(baseUrl2, client, tokens);
|
|
3711
|
+
await this.saveMetadataBestEffort(baseUrl2, tokens);
|
|
3617
3712
|
} catch (error) {
|
|
3618
3713
|
throw this.toPolicyError(error);
|
|
3619
3714
|
}
|
|
@@ -3622,6 +3717,10 @@ class MigratingAuthStorage {
|
|
|
3622
3717
|
const primaryError = await this.clearBestEffort(() => this.primary.clearAuthSession(baseUrl2));
|
|
3623
3718
|
await this.clearBestEffort(() => this.file.clearAuthSession(baseUrl2));
|
|
3624
3719
|
await this.clearBestEffort(() => this.legacy.clearAuthSession(baseUrl2));
|
|
3720
|
+
for (const legacy of this.additionalLegacyStores) {
|
|
3721
|
+
await this.clearBestEffort(() => legacy.clearAuthSession(baseUrl2));
|
|
3722
|
+
}
|
|
3723
|
+
await this.clearBestEffort(() => this.metadata?.clear(baseUrl2) ?? Promise.resolve());
|
|
3625
3724
|
if (primaryError && !(primaryError instanceof KeychainUnavailableError)) {
|
|
3626
3725
|
throw primaryError;
|
|
3627
3726
|
}
|
|
@@ -3632,8 +3731,10 @@ class MigratingAuthStorage {
|
|
|
3632
3731
|
async loadTokensKeychainMode(baseUrl2) {
|
|
3633
3732
|
try {
|
|
3634
3733
|
const primaryTokens = await this.primary.loadTokens(baseUrl2);
|
|
3635
|
-
if (primaryTokens)
|
|
3734
|
+
if (primaryTokens) {
|
|
3735
|
+
await this.saveMetadataBestEffort(baseUrl2, primaryTokens);
|
|
3636
3736
|
return primaryTokens;
|
|
3737
|
+
}
|
|
3637
3738
|
} catch (error) {
|
|
3638
3739
|
if (!(error instanceof KeychainUnavailableError))
|
|
3639
3740
|
throw error;
|
|
@@ -3648,7 +3749,8 @@ class MigratingAuthStorage {
|
|
|
3648
3749
|
return candidate.data;
|
|
3649
3750
|
throw error;
|
|
3650
3751
|
}
|
|
3651
|
-
await this.clearMigratedPlaintext(baseUrl2, "tokens", candidate.source, candidate.ambiguous);
|
|
3752
|
+
await this.clearMigratedPlaintext(baseUrl2, "tokens", candidate.source, candidate.storage, candidate.ambiguous);
|
|
3753
|
+
await this.saveMetadataBestEffort(baseUrl2, candidate.data);
|
|
3652
3754
|
return candidate.data;
|
|
3653
3755
|
}
|
|
3654
3756
|
async loadTokensFileMode(baseUrl2) {
|
|
@@ -3656,8 +3758,9 @@ class MigratingAuthStorage {
|
|
|
3656
3758
|
if (candidate) {
|
|
3657
3759
|
if (candidate.source === "legacy") {
|
|
3658
3760
|
await this.file.saveTokens(baseUrl2, candidate.data);
|
|
3659
|
-
await this.clearBestEffort(() =>
|
|
3761
|
+
await this.clearBestEffort(() => candidate.storage.clearTokens(baseUrl2));
|
|
3660
3762
|
}
|
|
3763
|
+
await this.saveMetadataBestEffort(baseUrl2, candidate.data);
|
|
3661
3764
|
return candidate.data;
|
|
3662
3765
|
}
|
|
3663
3766
|
let primaryTokens = null;
|
|
@@ -3671,6 +3774,7 @@ class MigratingAuthStorage {
|
|
|
3671
3774
|
return null;
|
|
3672
3775
|
this.warnKeychainExport();
|
|
3673
3776
|
await this.file.saveTokens(baseUrl2, primaryTokens);
|
|
3777
|
+
await this.saveMetadataBestEffort(baseUrl2, primaryTokens);
|
|
3674
3778
|
return primaryTokens;
|
|
3675
3779
|
}
|
|
3676
3780
|
async loadClientKeychainMode(baseUrl2) {
|
|
@@ -3692,7 +3796,7 @@ class MigratingAuthStorage {
|
|
|
3692
3796
|
return candidate.data;
|
|
3693
3797
|
throw error;
|
|
3694
3798
|
}
|
|
3695
|
-
await this.clearMigratedPlaintext(baseUrl2, "client", candidate.source, candidate.ambiguous);
|
|
3799
|
+
await this.clearMigratedPlaintext(baseUrl2, "client", candidate.source, candidate.storage, candidate.ambiguous);
|
|
3696
3800
|
return candidate.data;
|
|
3697
3801
|
}
|
|
3698
3802
|
async loadClientFileMode(baseUrl2) {
|
|
@@ -3700,7 +3804,7 @@ class MigratingAuthStorage {
|
|
|
3700
3804
|
if (candidate) {
|
|
3701
3805
|
if (candidate.source === "legacy") {
|
|
3702
3806
|
await this.file.saveClient(baseUrl2, candidate.data);
|
|
3703
|
-
await this.clearBestEffort(() =>
|
|
3807
|
+
await this.clearBestEffort(() => candidate.storage.clearClient(baseUrl2));
|
|
3704
3808
|
}
|
|
3705
3809
|
return candidate.data;
|
|
3706
3810
|
}
|
|
@@ -3724,18 +3828,22 @@ class MigratingAuthStorage {
|
|
|
3724
3828
|
candidates.push({
|
|
3725
3829
|
data: fileTokens,
|
|
3726
3830
|
source: "file",
|
|
3831
|
+
storage: this.file,
|
|
3727
3832
|
timestamp: fileTokens.createdAt,
|
|
3728
3833
|
ambiguous: false
|
|
3729
3834
|
});
|
|
3730
3835
|
}
|
|
3731
|
-
const
|
|
3732
|
-
|
|
3733
|
-
|
|
3734
|
-
|
|
3735
|
-
|
|
3736
|
-
|
|
3737
|
-
|
|
3738
|
-
|
|
3836
|
+
for (const legacy of this.getLegacyStores()) {
|
|
3837
|
+
const legacyTokens = await legacy.loadTokens(baseUrl2);
|
|
3838
|
+
if (legacyTokens) {
|
|
3839
|
+
candidates.push({
|
|
3840
|
+
data: legacyTokens,
|
|
3841
|
+
source: "legacy",
|
|
3842
|
+
storage: legacy,
|
|
3843
|
+
timestamp: legacyTokens.createdAt,
|
|
3844
|
+
ambiguous: false
|
|
3845
|
+
});
|
|
3846
|
+
}
|
|
3739
3847
|
}
|
|
3740
3848
|
return this.selectNewestCandidate(candidates);
|
|
3741
3849
|
}
|
|
@@ -3746,18 +3854,22 @@ class MigratingAuthStorage {
|
|
|
3746
3854
|
candidates.push({
|
|
3747
3855
|
data: fileClient,
|
|
3748
3856
|
source: "file",
|
|
3857
|
+
storage: this.file,
|
|
3749
3858
|
timestamp: fileClient.registeredAt,
|
|
3750
3859
|
ambiguous: false
|
|
3751
3860
|
});
|
|
3752
3861
|
}
|
|
3753
|
-
const
|
|
3754
|
-
|
|
3755
|
-
|
|
3756
|
-
|
|
3757
|
-
|
|
3758
|
-
|
|
3759
|
-
|
|
3760
|
-
|
|
3862
|
+
for (const legacy of this.getLegacyStores()) {
|
|
3863
|
+
const legacyClient = await legacy.loadClient(baseUrl2);
|
|
3864
|
+
if (legacyClient) {
|
|
3865
|
+
candidates.push({
|
|
3866
|
+
data: legacyClient,
|
|
3867
|
+
source: "legacy",
|
|
3868
|
+
storage: legacy,
|
|
3869
|
+
timestamp: legacyClient.registeredAt,
|
|
3870
|
+
ambiguous: false
|
|
3871
|
+
});
|
|
3872
|
+
}
|
|
3761
3873
|
}
|
|
3762
3874
|
return this.selectNewestCandidate(candidates);
|
|
3763
3875
|
}
|
|
@@ -3772,7 +3884,7 @@ class MigratingAuthStorage {
|
|
|
3772
3884
|
}));
|
|
3773
3885
|
if (parsed.some((entry) => Number.isNaN(entry.timestampMs))) {
|
|
3774
3886
|
this.warnAmbiguousPlaintext();
|
|
3775
|
-
const selected = candidates.find((candidate) => candidate.source === "file") ??
|
|
3887
|
+
const selected = candidates.find((candidate) => candidate.source === "file") ?? null;
|
|
3776
3888
|
if (selected)
|
|
3777
3889
|
selected.ambiguous = true;
|
|
3778
3890
|
return selected;
|
|
@@ -3784,16 +3896,20 @@ class MigratingAuthStorage {
|
|
|
3784
3896
|
return candidates[0] ?? null;
|
|
3785
3897
|
if (second && first.timestampMs === second.timestampMs) {
|
|
3786
3898
|
this.warnAmbiguousPlaintext();
|
|
3787
|
-
const selected = candidates.find((candidate) => candidate.source === "file") ??
|
|
3899
|
+
const selected = candidates.find((candidate) => candidate.source === "file") ?? null;
|
|
3900
|
+
if (!selected)
|
|
3901
|
+
return null;
|
|
3788
3902
|
selected.ambiguous = true;
|
|
3789
3903
|
return selected;
|
|
3790
3904
|
}
|
|
3791
3905
|
return first.candidate;
|
|
3792
3906
|
}
|
|
3793
|
-
async clearMigratedPlaintext(baseUrl2, kind, source, ambiguous = false) {
|
|
3907
|
+
async clearMigratedPlaintext(baseUrl2, kind, source, storage, ambiguous = false) {
|
|
3794
3908
|
if (!ambiguous) {
|
|
3795
3909
|
await this.clearPlaintextSource(this.file, baseUrl2, kind);
|
|
3796
|
-
|
|
3910
|
+
for (const legacy of this.getLegacyStores()) {
|
|
3911
|
+
await this.clearPlaintextSource(legacy, baseUrl2, kind);
|
|
3912
|
+
}
|
|
3797
3913
|
return;
|
|
3798
3914
|
}
|
|
3799
3915
|
if (source === "file") {
|
|
@@ -3801,9 +3917,12 @@ class MigratingAuthStorage {
|
|
|
3801
3917
|
return;
|
|
3802
3918
|
}
|
|
3803
3919
|
if (source === "legacy") {
|
|
3804
|
-
await this.clearPlaintextSource(
|
|
3920
|
+
await this.clearPlaintextSource(storage, baseUrl2, kind);
|
|
3805
3921
|
}
|
|
3806
3922
|
}
|
|
3923
|
+
getLegacyStores() {
|
|
3924
|
+
return [...this.additionalLegacyStores, this.legacy];
|
|
3925
|
+
}
|
|
3807
3926
|
async clearPlaintextSource(storage, baseUrl2, kind) {
|
|
3808
3927
|
await this.clearBestEffort(() => kind === "tokens" ? storage.clearTokens(baseUrl2) : storage.clearClient(baseUrl2));
|
|
3809
3928
|
}
|
|
@@ -3815,6 +3934,9 @@ class MigratingAuthStorage {
|
|
|
3815
3934
|
return error;
|
|
3816
3935
|
}
|
|
3817
3936
|
}
|
|
3937
|
+
async saveMetadataBestEffort(baseUrl2, tokens) {
|
|
3938
|
+
await this.clearBestEffort(() => this.metadata?.saveFromTokens(baseUrl2, tokens) ?? Promise.resolve());
|
|
3939
|
+
}
|
|
3818
3940
|
toPolicyError(error) {
|
|
3819
3941
|
if (!(error instanceof KeychainUnavailableError))
|
|
3820
3942
|
return error;
|
|
@@ -4051,7 +4173,10 @@ query PackageSummary($registry: Registry!, $name: String!) {
|
|
|
4051
4173
|
var packageVersionIdentitySchema = z3.object({
|
|
4052
4174
|
name: z3.string().nullable().optional(),
|
|
4053
4175
|
registry: z3.string().nullable().optional(),
|
|
4054
|
-
version: z3.string().nullable().optional()
|
|
4176
|
+
version: z3.string().nullable().optional(),
|
|
4177
|
+
publishedAt: z3.string().nullable().optional(),
|
|
4178
|
+
deprecated: z3.boolean().nullable().optional(),
|
|
4179
|
+
deprecationReason: z3.string().nullable().optional()
|
|
4055
4180
|
});
|
|
4056
4181
|
var vulnerabilityDetailSchema = z3.object({
|
|
4057
4182
|
osvId: z3.string().nullable().optional(),
|
|
@@ -4175,6 +4300,86 @@ var dependencyGraphSchema = z3.object({
|
|
|
4175
4300
|
nodes: z3.array(dependencyGraphNodeSchema),
|
|
4176
4301
|
edges: z3.array(dependencyGraphEdgeSchema)
|
|
4177
4302
|
});
|
|
4303
|
+
var vulnerabilityCountSummarySchema = z3.object({
|
|
4304
|
+
totalVulnerabilities: z3.number().int(),
|
|
4305
|
+
critical: z3.number().int(),
|
|
4306
|
+
high: z3.number().int(),
|
|
4307
|
+
medium: z3.number().int(),
|
|
4308
|
+
low: z3.number().int(),
|
|
4309
|
+
unknown: z3.number().int()
|
|
4310
|
+
});
|
|
4311
|
+
var vulnerabilitySummaryDetailSchema = z3.object({
|
|
4312
|
+
osvId: z3.string().nullable().optional(),
|
|
4313
|
+
registry: z3.string().nullable().optional(),
|
|
4314
|
+
packageName: z3.string().nullable().optional(),
|
|
4315
|
+
summary: z3.string().nullable().optional(),
|
|
4316
|
+
severityScore: z3.number().nullable().optional(),
|
|
4317
|
+
severityType: z3.string().nullable().optional(),
|
|
4318
|
+
affectedVersionRanges: z3.array(z3.string()).nullable().optional(),
|
|
4319
|
+
fixedInVersions: z3.array(z3.string()).nullable().optional(),
|
|
4320
|
+
publishedAt: z3.string().nullable().optional(),
|
|
4321
|
+
modifiedAt: z3.string().nullable().optional(),
|
|
4322
|
+
withdrawnAt: z3.string().nullable().optional(),
|
|
4323
|
+
aliases: z3.array(z3.string()).nullable().optional(),
|
|
4324
|
+
isMalicious: z3.boolean().nullable().optional()
|
|
4325
|
+
});
|
|
4326
|
+
var transitiveDependencyVulnerabilitySchema = z3.object({
|
|
4327
|
+
version: z3.string(),
|
|
4328
|
+
affectsResolvedVersion: z3.boolean(),
|
|
4329
|
+
matchedAffectedVersionRanges: z3.array(z3.string()),
|
|
4330
|
+
fixVersionsAboveResolved: z3.array(z3.string()),
|
|
4331
|
+
nearestFixedVersion: z3.string().nullable().optional(),
|
|
4332
|
+
advisory: vulnerabilitySummaryDetailSchema
|
|
4333
|
+
});
|
|
4334
|
+
var transitiveVulnerablePackageSchema = z3.object({
|
|
4335
|
+
registry: z3.string(),
|
|
4336
|
+
name: z3.string(),
|
|
4337
|
+
versions: z3.array(z3.string()),
|
|
4338
|
+
affectedCount: z3.number().int(),
|
|
4339
|
+
nonAffectingCount: z3.number().int(),
|
|
4340
|
+
totalCount: z3.number().int(),
|
|
4341
|
+
maxSeverityScore: z3.number().nullable().optional(),
|
|
4342
|
+
maxSeverityLabel: z3.string().nullable().optional(),
|
|
4343
|
+
advisoryIds: z3.array(z3.string()),
|
|
4344
|
+
mostCritical: vulnerabilitySummaryDetailSchema.nullable().optional(),
|
|
4345
|
+
advisoryOccurrences: z3.array(transitiveDependencyVulnerabilitySchema).nullable().optional()
|
|
4346
|
+
});
|
|
4347
|
+
var transitiveVulnerabilitySummarySchema = z3.object({
|
|
4348
|
+
affected: vulnerabilityCountSummarySchema,
|
|
4349
|
+
nonAffecting: vulnerabilityCountSummarySchema,
|
|
4350
|
+
combined: vulnerabilityCountSummarySchema,
|
|
4351
|
+
totalPackagesAnalyzed: z3.number().int(),
|
|
4352
|
+
affectedPackageCount: z3.number().int(),
|
|
4353
|
+
packages: z3.array(transitiveVulnerablePackageSchema),
|
|
4354
|
+
calculatedAt: z3.string().nullable().optional()
|
|
4355
|
+
}).nullable().optional();
|
|
4356
|
+
var dependencyDeprecationReasonSchema = z3.object({
|
|
4357
|
+
version: z3.string(),
|
|
4358
|
+
reason: z3.string().nullable().optional()
|
|
4359
|
+
});
|
|
4360
|
+
var deprecatedDependencySchema = z3.object({
|
|
4361
|
+
registry: z3.string(),
|
|
4362
|
+
name: z3.string(),
|
|
4363
|
+
versions: z3.array(z3.string()),
|
|
4364
|
+
reasons: z3.array(dependencyDeprecationReasonSchema)
|
|
4365
|
+
});
|
|
4366
|
+
var outdatedDependencyVersionSchema = z3.object({
|
|
4367
|
+
version: z3.string(),
|
|
4368
|
+
severity: z3.string()
|
|
4369
|
+
});
|
|
4370
|
+
var outdatedDependencySchema = z3.object({
|
|
4371
|
+
registry: z3.string(),
|
|
4372
|
+
name: z3.string(),
|
|
4373
|
+
latestVersion: z3.string().nullable().optional(),
|
|
4374
|
+
severity: z3.string(),
|
|
4375
|
+
versions: z3.array(outdatedDependencyVersionSchema),
|
|
4376
|
+
repositoryUrl: z3.string().nullable().optional()
|
|
4377
|
+
});
|
|
4378
|
+
var duplicateDependencySchema = z3.object({
|
|
4379
|
+
registry: z3.string().nullable().optional(),
|
|
4380
|
+
name: z3.string(),
|
|
4381
|
+
versions: z3.array(z3.string())
|
|
4382
|
+
});
|
|
4178
4383
|
var dependencyConflictEdgeSchema = z3.object({
|
|
4179
4384
|
fromIndex: z3.number().int().nullable().optional(),
|
|
4180
4385
|
toIndex: z3.number().int(),
|
|
@@ -4186,6 +4391,24 @@ var dependencyConflictSchema = z3.object({
|
|
|
4186
4391
|
requiredVersions: z3.array(z3.string()),
|
|
4187
4392
|
conflictingEdges: z3.array(dependencyConflictEdgeSchema)
|
|
4188
4393
|
});
|
|
4394
|
+
var dependencyIssueConflictSchema = z3.object({
|
|
4395
|
+
registry: z3.string().nullable().optional(),
|
|
4396
|
+
name: z3.string(),
|
|
4397
|
+
versions: z3.array(z3.string()),
|
|
4398
|
+
requiredVersions: z3.array(z3.string()),
|
|
4399
|
+
conflictingEdges: z3.array(dependencyConflictEdgeSchema)
|
|
4400
|
+
});
|
|
4401
|
+
var dependencyIssuesSummarySchema = z3.object({
|
|
4402
|
+
totalCount: z3.number().int(),
|
|
4403
|
+
deprecatedCount: z3.number().int(),
|
|
4404
|
+
outdatedCount: z3.number().int(),
|
|
4405
|
+
duplicateCount: z3.number().int(),
|
|
4406
|
+
conflictCount: z3.number().int(),
|
|
4407
|
+
deprecatedPackages: z3.array(deprecatedDependencySchema),
|
|
4408
|
+
outdatedPackages: z3.array(outdatedDependencySchema),
|
|
4409
|
+
duplicatePackages: z3.array(duplicateDependencySchema),
|
|
4410
|
+
conflicts: z3.array(dependencyIssueConflictSchema)
|
|
4411
|
+
}).nullable().optional();
|
|
4189
4412
|
var circularDependencyCycleSchema = z3.object({
|
|
4190
4413
|
cycleStart: z3.string(),
|
|
4191
4414
|
circularPath: z3.array(z3.string()),
|
|
@@ -4202,7 +4425,9 @@ var transitiveDependencySchema = z3.object({
|
|
|
4202
4425
|
uniqueDependencies: z3.array(z3.string()).nullable().optional(),
|
|
4203
4426
|
dependencyConflicts: z3.array(dependencyConflictSchema).nullable().optional(),
|
|
4204
4427
|
circularDependencyCycles: z3.array(circularDependencyCycleSchema).nullable().optional(),
|
|
4205
|
-
dependencyGraph: dependencyGraphSchema.nullable().optional()
|
|
4428
|
+
dependencyGraph: dependencyGraphSchema.nullable().optional(),
|
|
4429
|
+
vulnerabilitySummary: transitiveVulnerabilitySummarySchema,
|
|
4430
|
+
dependencyIssues: dependencyIssuesSummarySchema
|
|
4206
4431
|
}).nullable().optional();
|
|
4207
4432
|
var dependencyBundleSchema = z3.object({
|
|
4208
4433
|
direct: z3.array(directDependencySchema).nullable().optional(),
|
|
@@ -4332,6 +4557,203 @@ query PackageDependencies(
|
|
|
4332
4557
|
}
|
|
4333
4558
|
}
|
|
4334
4559
|
}`;
|
|
4560
|
+
var PACKAGE_UPGRADE_DEPENDENCY_PROBE_QUERY = `
|
|
4561
|
+
query PackageUpgradeDependencyProbe(
|
|
4562
|
+
$registry: Registry!
|
|
4563
|
+
$name: String!
|
|
4564
|
+
$version: String!
|
|
4565
|
+
$includeTransitiveRisk: Boolean!
|
|
4566
|
+
$includeTransitiveSecurity: Boolean!
|
|
4567
|
+
$includeDependencyIssues: Boolean!
|
|
4568
|
+
$includeDependencyChanges: Boolean!
|
|
4569
|
+
$includeGroups: Boolean!
|
|
4570
|
+
$lifecycle: [String!]
|
|
4571
|
+
$minSeverity: Float
|
|
4572
|
+
) {
|
|
4573
|
+
packageDependencies(
|
|
4574
|
+
registry: $registry
|
|
4575
|
+
name: $name
|
|
4576
|
+
version: $version
|
|
4577
|
+
includeTransitive: $includeTransitiveRisk
|
|
4578
|
+
lifecycle: $lifecycle
|
|
4579
|
+
) {
|
|
4580
|
+
package {
|
|
4581
|
+
name
|
|
4582
|
+
registry
|
|
4583
|
+
version
|
|
4584
|
+
publishedAt
|
|
4585
|
+
deprecated
|
|
4586
|
+
deprecationReason
|
|
4587
|
+
}
|
|
4588
|
+
dependencies {
|
|
4589
|
+
direct {
|
|
4590
|
+
name
|
|
4591
|
+
versionConstraint
|
|
4592
|
+
type
|
|
4593
|
+
}
|
|
4594
|
+
transitive @include(if: $includeTransitiveRisk) {
|
|
4595
|
+
dependencyGraph @include(if: $includeDependencyChanges) {
|
|
4596
|
+
formatVersion
|
|
4597
|
+
nodes {
|
|
4598
|
+
registry
|
|
4599
|
+
name
|
|
4600
|
+
version
|
|
4601
|
+
}
|
|
4602
|
+
edges {
|
|
4603
|
+
fromIndex
|
|
4604
|
+
toIndex
|
|
4605
|
+
constraint
|
|
4606
|
+
dependencyType
|
|
4607
|
+
}
|
|
4608
|
+
}
|
|
4609
|
+
vulnerabilitySummary(minSeverity: $minSeverity) @include(if: $includeTransitiveSecurity) {
|
|
4610
|
+
affected {
|
|
4611
|
+
totalVulnerabilities
|
|
4612
|
+
critical
|
|
4613
|
+
high
|
|
4614
|
+
medium
|
|
4615
|
+
low
|
|
4616
|
+
unknown
|
|
4617
|
+
}
|
|
4618
|
+
nonAffecting {
|
|
4619
|
+
totalVulnerabilities
|
|
4620
|
+
critical
|
|
4621
|
+
high
|
|
4622
|
+
medium
|
|
4623
|
+
low
|
|
4624
|
+
unknown
|
|
4625
|
+
}
|
|
4626
|
+
combined {
|
|
4627
|
+
totalVulnerabilities
|
|
4628
|
+
critical
|
|
4629
|
+
high
|
|
4630
|
+
medium
|
|
4631
|
+
low
|
|
4632
|
+
unknown
|
|
4633
|
+
}
|
|
4634
|
+
totalPackagesAnalyzed
|
|
4635
|
+
affectedPackageCount
|
|
4636
|
+
calculatedAt
|
|
4637
|
+
packages {
|
|
4638
|
+
registry
|
|
4639
|
+
name
|
|
4640
|
+
versions
|
|
4641
|
+
affectedCount
|
|
4642
|
+
nonAffectingCount
|
|
4643
|
+
totalCount
|
|
4644
|
+
maxSeverityScore
|
|
4645
|
+
maxSeverityLabel
|
|
4646
|
+
advisoryIds(scope: AFFECTED)
|
|
4647
|
+
mostCritical {
|
|
4648
|
+
osvId
|
|
4649
|
+
registry
|
|
4650
|
+
packageName
|
|
4651
|
+
summary
|
|
4652
|
+
severityScore
|
|
4653
|
+
severityType
|
|
4654
|
+
affectedVersionRanges
|
|
4655
|
+
fixedInVersions
|
|
4656
|
+
publishedAt
|
|
4657
|
+
modifiedAt
|
|
4658
|
+
withdrawnAt
|
|
4659
|
+
aliases
|
|
4660
|
+
isMalicious
|
|
4661
|
+
}
|
|
4662
|
+
advisoryOccurrences(scope: AFFECTED, minSeverity: $minSeverity, limit: 5) {
|
|
4663
|
+
version
|
|
4664
|
+
affectsResolvedVersion
|
|
4665
|
+
matchedAffectedVersionRanges
|
|
4666
|
+
fixVersionsAboveResolved
|
|
4667
|
+
nearestFixedVersion
|
|
4668
|
+
advisory {
|
|
4669
|
+
osvId
|
|
4670
|
+
registry
|
|
4671
|
+
packageName
|
|
4672
|
+
summary
|
|
4673
|
+
severityScore
|
|
4674
|
+
severityType
|
|
4675
|
+
affectedVersionRanges
|
|
4676
|
+
fixedInVersions
|
|
4677
|
+
publishedAt
|
|
4678
|
+
modifiedAt
|
|
4679
|
+
withdrawnAt
|
|
4680
|
+
aliases
|
|
4681
|
+
isMalicious
|
|
4682
|
+
}
|
|
4683
|
+
}
|
|
4684
|
+
}
|
|
4685
|
+
}
|
|
4686
|
+
dependencyIssues @include(if: $includeDependencyIssues) {
|
|
4687
|
+
totalCount
|
|
4688
|
+
deprecatedCount
|
|
4689
|
+
outdatedCount
|
|
4690
|
+
duplicateCount
|
|
4691
|
+
conflictCount
|
|
4692
|
+
deprecatedPackages {
|
|
4693
|
+
registry
|
|
4694
|
+
name
|
|
4695
|
+
versions
|
|
4696
|
+
reasons {
|
|
4697
|
+
version
|
|
4698
|
+
reason
|
|
4699
|
+
}
|
|
4700
|
+
}
|
|
4701
|
+
outdatedPackages {
|
|
4702
|
+
registry
|
|
4703
|
+
name
|
|
4704
|
+
latestVersion
|
|
4705
|
+
severity
|
|
4706
|
+
versions {
|
|
4707
|
+
version
|
|
4708
|
+
severity
|
|
4709
|
+
}
|
|
4710
|
+
repositoryUrl
|
|
4711
|
+
}
|
|
4712
|
+
duplicatePackages {
|
|
4713
|
+
registry
|
|
4714
|
+
name
|
|
4715
|
+
versions
|
|
4716
|
+
}
|
|
4717
|
+
conflicts {
|
|
4718
|
+
registry
|
|
4719
|
+
name
|
|
4720
|
+
versions
|
|
4721
|
+
requiredVersions
|
|
4722
|
+
conflictingEdges {
|
|
4723
|
+
fromIndex
|
|
4724
|
+
toIndex
|
|
4725
|
+
versionConstraint
|
|
4726
|
+
dependencyType
|
|
4727
|
+
}
|
|
4728
|
+
}
|
|
4729
|
+
}
|
|
4730
|
+
}
|
|
4731
|
+
}
|
|
4732
|
+
dependencyGroups @include(if: $includeGroups) {
|
|
4733
|
+
primaryGroup
|
|
4734
|
+
environmentMarkers {
|
|
4735
|
+
type
|
|
4736
|
+
value
|
|
4737
|
+
raw
|
|
4738
|
+
}
|
|
4739
|
+
groups {
|
|
4740
|
+
name
|
|
4741
|
+
lifecycle
|
|
4742
|
+
conditionType
|
|
4743
|
+
conditionValue
|
|
4744
|
+
selectionMode
|
|
4745
|
+
exclusiveGroup
|
|
4746
|
+
fallbackPriority
|
|
4747
|
+
compatibleWith
|
|
4748
|
+
defaultEnabled
|
|
4749
|
+
dependencies {
|
|
4750
|
+
name
|
|
4751
|
+
constraint
|
|
4752
|
+
}
|
|
4753
|
+
}
|
|
4754
|
+
}
|
|
4755
|
+
}
|
|
4756
|
+
}`;
|
|
4335
4757
|
var changelogPackageInfoSchema = z3.object({
|
|
4336
4758
|
name: z3.string().nullable().optional(),
|
|
4337
4759
|
registry: z3.string().nullable().optional(),
|
|
@@ -4799,7 +5221,10 @@ class PackageIntelligenceServiceImpl {
|
|
|
4799
5221
|
const identity = {
|
|
4800
5222
|
name,
|
|
4801
5223
|
version: version2,
|
|
4802
|
-
registry: data.package?.registry ?? undefined
|
|
5224
|
+
registry: data.package?.registry ?? undefined,
|
|
5225
|
+
publishedAt: data.package?.publishedAt ?? undefined,
|
|
5226
|
+
deprecated: data.package?.deprecated ?? undefined,
|
|
5227
|
+
deprecationReason: data.package?.deprecationReason ?? undefined
|
|
4803
5228
|
};
|
|
4804
5229
|
const security = data.security ? {
|
|
4805
5230
|
affectedVulnerabilityCount: data.security.affectedVulnerabilityCount,
|
|
@@ -4839,6 +5264,58 @@ class PackageIntelligenceServiceImpl {
|
|
|
4839
5264
|
executeWithToken: (token) => this.executePackageDependencies(token, params)
|
|
4840
5265
|
}));
|
|
4841
5266
|
}
|
|
5267
|
+
async packageUpgradeDependencyProbe(params) {
|
|
5268
|
+
return withTelemetrySpan("pkg-intel.upgrade-dependency-probe.request", () => executeWithTokenRefresh({
|
|
5269
|
+
getToken: () => this.tokenProvider.getToken(),
|
|
5270
|
+
forceRefresh: () => this.tokenProvider.forceRefresh(),
|
|
5271
|
+
shouldRefresh: (error) => error instanceof AuthenticationError,
|
|
5272
|
+
executeWithToken: (token) => this.executePackageUpgradeDependencyProbe(token, params)
|
|
5273
|
+
}));
|
|
5274
|
+
}
|
|
5275
|
+
async executePackageUpgradeDependencyProbe(token, params) {
|
|
5276
|
+
const includeTransitiveRisk = params.includeTransitiveSecurity === true || params.includeDependencyIssues === true || params.includeDependencyChanges === true;
|
|
5277
|
+
let response;
|
|
5278
|
+
try {
|
|
5279
|
+
response = await postPkgseerGraphql({
|
|
5280
|
+
endpointUrl: this.endpointUrl,
|
|
5281
|
+
token,
|
|
5282
|
+
query: PACKAGE_UPGRADE_DEPENDENCY_PROBE_QUERY,
|
|
5283
|
+
variables: {
|
|
5284
|
+
registry: params.registry,
|
|
5285
|
+
name: params.packageName,
|
|
5286
|
+
version: params.version,
|
|
5287
|
+
includeTransitiveRisk,
|
|
5288
|
+
includeTransitiveSecurity: params.includeTransitiveSecurity === true,
|
|
5289
|
+
includeDependencyIssues: params.includeDependencyIssues === true,
|
|
5290
|
+
includeDependencyChanges: params.includeDependencyChanges === true,
|
|
5291
|
+
includeGroups: params.includeGroups === true,
|
|
5292
|
+
lifecycle: params.includeGroups === true ? ["peer"] : undefined,
|
|
5293
|
+
minSeverity: params.minSeverity
|
|
5294
|
+
},
|
|
5295
|
+
fetchFn: this.fetchFn
|
|
5296
|
+
});
|
|
5297
|
+
} catch (cause) {
|
|
5298
|
+
if (cause instanceof PkgseerTransportError) {
|
|
5299
|
+
throw new PackageIntelligenceNetworkError("Could not reach the package intelligence service. Check your connection or set GITHITS_CODE_NAV_URL.", { cause });
|
|
5300
|
+
}
|
|
5301
|
+
throw cause;
|
|
5302
|
+
}
|
|
5303
|
+
if (response.status < 200 || response.status >= 300) {
|
|
5304
|
+
throw this.createHttpError(response);
|
|
5305
|
+
}
|
|
5306
|
+
const parsed = dependenciesGraphQLResponseSchema.safeParse(response.parsedBody);
|
|
5307
|
+
if (!parsed.success) {
|
|
5308
|
+
throw new MalformedPackageIntelligenceResponseError("Malformed response from the package-intelligence service.");
|
|
5309
|
+
}
|
|
5310
|
+
if (parsed.data.errors && parsed.data.errors.length > 0) {
|
|
5311
|
+
throw promoteGenericVersionNotFound(this.createGraphQLError(parsed.data.errors), params);
|
|
5312
|
+
}
|
|
5313
|
+
const data = parsed.data.data?.packageDependencies;
|
|
5314
|
+
if (!data) {
|
|
5315
|
+
throw new MalformedPackageIntelligenceResponseError("Empty response from the package-intelligence service.");
|
|
5316
|
+
}
|
|
5317
|
+
return this.normaliseDependencyReport(data);
|
|
5318
|
+
}
|
|
4842
5319
|
async executePackageDependencies(token, params) {
|
|
4843
5320
|
let response;
|
|
4844
5321
|
try {
|
|
@@ -4887,7 +5364,10 @@ class PackageIntelligenceServiceImpl {
|
|
|
4887
5364
|
const identity = {
|
|
4888
5365
|
name,
|
|
4889
5366
|
version: version2,
|
|
4890
|
-
registry: data.package?.registry ?? undefined
|
|
5367
|
+
registry: data.package?.registry ?? undefined,
|
|
5368
|
+
publishedAt: data.package?.publishedAt ?? undefined,
|
|
5369
|
+
deprecated: data.package?.deprecated ?? undefined,
|
|
5370
|
+
deprecationReason: data.package?.deprecationReason ?? undefined
|
|
4891
5371
|
};
|
|
4892
5372
|
const bundle = data.dependencies;
|
|
4893
5373
|
const dependencies = bundle ? {
|
|
@@ -4933,7 +5413,9 @@ class PackageIntelligenceServiceImpl {
|
|
|
4933
5413
|
constraint: e.constraint ?? undefined,
|
|
4934
5414
|
dependencyType: e.dependencyType ?? undefined
|
|
4935
5415
|
}))
|
|
4936
|
-
} : undefined
|
|
5416
|
+
} : undefined,
|
|
5417
|
+
vulnerabilitySummary: this.normaliseTransitiveVulnerabilitySummary(bundle.transitive.vulnerabilitySummary),
|
|
5418
|
+
dependencyIssues: this.normaliseDependencyIssuesSummary(bundle.transitive.dependencyIssues)
|
|
4937
5419
|
} : undefined
|
|
4938
5420
|
} : undefined;
|
|
4939
5421
|
const dependencyGroups = data.dependencyGroups ? {
|
|
@@ -4965,6 +5447,103 @@ class PackageIntelligenceServiceImpl {
|
|
|
4965
5447
|
dependencyGroups
|
|
4966
5448
|
};
|
|
4967
5449
|
}
|
|
5450
|
+
normaliseTransitiveVulnerabilitySummary(summary) {
|
|
5451
|
+
if (!summary)
|
|
5452
|
+
return;
|
|
5453
|
+
return {
|
|
5454
|
+
affected: summary.affected,
|
|
5455
|
+
nonAffecting: summary.nonAffecting,
|
|
5456
|
+
combined: summary.combined,
|
|
5457
|
+
totalPackagesAnalyzed: summary.totalPackagesAnalyzed,
|
|
5458
|
+
affectedPackageCount: summary.affectedPackageCount,
|
|
5459
|
+
calculatedAt: summary.calculatedAt ?? undefined,
|
|
5460
|
+
packages: summary.packages.map((pkg) => ({
|
|
5461
|
+
registry: pkg.registry,
|
|
5462
|
+
name: pkg.name,
|
|
5463
|
+
versions: pkg.versions,
|
|
5464
|
+
affectedCount: pkg.affectedCount,
|
|
5465
|
+
nonAffectingCount: pkg.nonAffectingCount,
|
|
5466
|
+
totalCount: pkg.totalCount,
|
|
5467
|
+
maxSeverityScore: pkg.maxSeverityScore ?? undefined,
|
|
5468
|
+
maxSeverityLabel: pkg.maxSeverityLabel ?? undefined,
|
|
5469
|
+
advisoryIds: pkg.advisoryIds,
|
|
5470
|
+
mostCritical: pkg.mostCritical ? this.normaliseVulnerabilitySummaryDetail(pkg.mostCritical) : undefined,
|
|
5471
|
+
advisoryOccurrences: pkg.advisoryOccurrences?.map((occurrence) => ({
|
|
5472
|
+
version: occurrence.version,
|
|
5473
|
+
affectsResolvedVersion: occurrence.affectsResolvedVersion,
|
|
5474
|
+
matchedAffectedVersionRanges: occurrence.matchedAffectedVersionRanges,
|
|
5475
|
+
fixVersionsAboveResolved: occurrence.fixVersionsAboveResolved,
|
|
5476
|
+
nearestFixedVersion: occurrence.nearestFixedVersion ?? undefined,
|
|
5477
|
+
advisory: this.normaliseVulnerabilitySummaryDetail(occurrence.advisory)
|
|
5478
|
+
})) ?? undefined
|
|
5479
|
+
}))
|
|
5480
|
+
};
|
|
5481
|
+
}
|
|
5482
|
+
normaliseVulnerabilitySummaryDetail(advisory) {
|
|
5483
|
+
return {
|
|
5484
|
+
osvId: advisory.osvId ?? undefined,
|
|
5485
|
+
registry: advisory.registry ?? undefined,
|
|
5486
|
+
packageName: advisory.packageName ?? undefined,
|
|
5487
|
+
summary: advisory.summary ?? undefined,
|
|
5488
|
+
severityScore: advisory.severityScore ?? undefined,
|
|
5489
|
+
severityType: advisory.severityType ?? undefined,
|
|
5490
|
+
affectedVersionRanges: advisory.affectedVersionRanges ?? undefined,
|
|
5491
|
+
fixedInVersions: advisory.fixedInVersions ?? undefined,
|
|
5492
|
+
publishedAt: advisory.publishedAt ?? undefined,
|
|
5493
|
+
modifiedAt: advisory.modifiedAt ?? undefined,
|
|
5494
|
+
withdrawnAt: advisory.withdrawnAt ?? undefined,
|
|
5495
|
+
aliases: advisory.aliases ?? undefined,
|
|
5496
|
+
isMalicious: advisory.isMalicious ?? undefined
|
|
5497
|
+
};
|
|
5498
|
+
}
|
|
5499
|
+
normaliseDependencyIssuesSummary(issues) {
|
|
5500
|
+
if (!issues)
|
|
5501
|
+
return;
|
|
5502
|
+
return {
|
|
5503
|
+
totalCount: issues.totalCount,
|
|
5504
|
+
deprecatedCount: issues.deprecatedCount,
|
|
5505
|
+
outdatedCount: issues.outdatedCount,
|
|
5506
|
+
duplicateCount: issues.duplicateCount,
|
|
5507
|
+
conflictCount: issues.conflictCount,
|
|
5508
|
+
deprecatedPackages: issues.deprecatedPackages.map((pkg) => ({
|
|
5509
|
+
registry: pkg.registry,
|
|
5510
|
+
name: pkg.name,
|
|
5511
|
+
versions: pkg.versions,
|
|
5512
|
+
reasons: pkg.reasons.map((reason) => ({
|
|
5513
|
+
version: reason.version,
|
|
5514
|
+
reason: reason.reason ?? undefined
|
|
5515
|
+
}))
|
|
5516
|
+
})),
|
|
5517
|
+
outdatedPackages: issues.outdatedPackages.map((pkg) => ({
|
|
5518
|
+
registry: pkg.registry,
|
|
5519
|
+
name: pkg.name,
|
|
5520
|
+
latestVersion: pkg.latestVersion ?? undefined,
|
|
5521
|
+
severity: pkg.severity,
|
|
5522
|
+
versions: pkg.versions.map((version2) => ({
|
|
5523
|
+
version: version2.version,
|
|
5524
|
+
severity: version2.severity
|
|
5525
|
+
})),
|
|
5526
|
+
repositoryUrl: pkg.repositoryUrl ?? undefined
|
|
5527
|
+
})),
|
|
5528
|
+
duplicatePackages: issues.duplicatePackages.map((pkg) => ({
|
|
5529
|
+
registry: pkg.registry ?? undefined,
|
|
5530
|
+
name: pkg.name,
|
|
5531
|
+
versions: pkg.versions
|
|
5532
|
+
})),
|
|
5533
|
+
conflicts: issues.conflicts.map((conflict) => ({
|
|
5534
|
+
registry: conflict.registry ?? undefined,
|
|
5535
|
+
name: conflict.name,
|
|
5536
|
+
versions: conflict.versions,
|
|
5537
|
+
requiredVersions: conflict.requiredVersions,
|
|
5538
|
+
conflictingEdges: conflict.conflictingEdges.map((edge) => ({
|
|
5539
|
+
fromIndex: edge.fromIndex ?? undefined,
|
|
5540
|
+
toIndex: edge.toIndex,
|
|
5541
|
+
versionConstraint: edge.versionConstraint,
|
|
5542
|
+
dependencyType: edge.dependencyType
|
|
5543
|
+
}))
|
|
5544
|
+
}))
|
|
5545
|
+
};
|
|
5546
|
+
}
|
|
4968
5547
|
async packageChangelog(params) {
|
|
4969
5548
|
return withTelemetrySpan("pkg-intel.changelog.request", () => executeWithTokenRefresh({
|
|
4970
5549
|
getToken: () => this.tokenProvider.getToken(),
|
|
@@ -5423,7 +6002,7 @@ var NPM_DIST_TAGS_URL = "https://registry.npmjs.org/-/package/githits/dist-tags"
|
|
|
5423
6002
|
var NPM_PACKAGE_VERSION_URL = "https://registry.npmjs.org/githits";
|
|
5424
6003
|
var CHECK_INTERVAL_MS = 24 * 60 * 60 * 1000;
|
|
5425
6004
|
var FETCH_TIMEOUT_MS = 1000;
|
|
5426
|
-
var
|
|
6005
|
+
var DIR_MODE3 = 448;
|
|
5427
6006
|
var UPDATE_COMMAND = "npm i -g githits@latest";
|
|
5428
6007
|
var MAX_DEPRECATION_REASON_LENGTH = 200;
|
|
5429
6008
|
|
|
@@ -5613,7 +6192,7 @@ class NpmRegistryUpdateCheckService {
|
|
|
5613
6192
|
}
|
|
5614
6193
|
async saveCache(cache) {
|
|
5615
6194
|
try {
|
|
5616
|
-
await this.fs.ensureDir(this.configDir,
|
|
6195
|
+
await this.fs.ensureDir(this.configDir, DIR_MODE3);
|
|
5617
6196
|
if (typeof this.fs.atomicWriteFile === "function") {
|
|
5618
6197
|
await this.fs.atomicWriteFile(this.cachePath, `${JSON.stringify(cache, null, 2)}
|
|
5619
6198
|
`);
|
|
@@ -5750,10 +6329,29 @@ async function createAuthStorage(fileSystemService) {
|
|
|
5750
6329
|
function createAuthStorageForMode(fileSystemService, mode, configPath = "your GitHits config.toml") {
|
|
5751
6330
|
const fileStorage = new ModeAwareFileAuthStorage(new AuthStorageImpl(fileSystemService, getAuthFileStorageDir(fileSystemService)), mode, configPath);
|
|
5752
6331
|
const legacyStorage = new AuthStorageImpl(fileSystemService, getLegacyAuthStorageDir(fileSystemService));
|
|
6332
|
+
const additionalLegacyStores = process.platform === "darwin" ? [
|
|
6333
|
+
new AuthStorageImpl(fileSystemService, getLegacyMacAuthFileStorageDir(fileSystemService))
|
|
6334
|
+
] : [];
|
|
5753
6335
|
const rawKeyring = new KeyringServiceImpl;
|
|
5754
6336
|
const keyring = process.platform === "win32" ? new ChunkingKeyringService(rawKeyring, WINDOWS_MAX_ENTRY_SIZE) : rawKeyring;
|
|
5755
6337
|
const keychainStorage = new KeychainAuthStorage(keyring);
|
|
5756
|
-
|
|
6338
|
+
const metadataStorage = new AuthSessionMetadataStorage(fileSystemService);
|
|
6339
|
+
return new LockedAuthStorage(new MigratingAuthStorage(keychainStorage, fileStorage, legacyStorage, mode, configPath, (message) => console.error(message), metadataStorage, additionalLegacyStores), fileSystemService);
|
|
6340
|
+
}
|
|
6341
|
+
async function loadAutoLoginAuthSessionMetadata() {
|
|
6342
|
+
const envToken = getEnvApiToken();
|
|
6343
|
+
if (envToken) {
|
|
6344
|
+
const now = new Date().toISOString();
|
|
6345
|
+
return { createdAt: now, expiresAt: null, updatedAt: now };
|
|
6346
|
+
}
|
|
6347
|
+
const fileSystemService = new FileSystemServiceImpl;
|
|
6348
|
+
const metadataStorage = new AuthSessionMetadataStorage(fileSystemService);
|
|
6349
|
+
return metadataStorage.load(getMcpUrl());
|
|
6350
|
+
}
|
|
6351
|
+
async function clearAutoLoginAuthSessionMetadata() {
|
|
6352
|
+
const fileSystemService = new FileSystemServiceImpl;
|
|
6353
|
+
const metadataStorage = new AuthSessionMetadataStorage(fileSystemService);
|
|
6354
|
+
await metadataStorage.clear(getMcpUrl());
|
|
5757
6355
|
}
|
|
5758
6356
|
async function createAuthCommandDependencies() {
|
|
5759
6357
|
return withTelemetrySpan("container.create-auth-command", async () => {
|
|
@@ -5792,8 +6390,9 @@ function createStaticTokenProvider(token) {
|
|
|
5792
6390
|
}
|
|
5793
6391
|
};
|
|
5794
6392
|
}
|
|
5795
|
-
async function createContainer() {
|
|
6393
|
+
async function createContainer(options = {}) {
|
|
5796
6394
|
return withTelemetrySpan("container.create", async () => {
|
|
6395
|
+
const resolveStoredToken = options.resolveStoredToken ?? true;
|
|
5797
6396
|
const mcpUrl = getMcpUrl();
|
|
5798
6397
|
const apiUrl = getApiUrl();
|
|
5799
6398
|
const codeNavigationUrl = getCodeNavigationUrl();
|
|
@@ -5824,7 +6423,10 @@ async function createContainer() {
|
|
|
5824
6423
|
}
|
|
5825
6424
|
const authStorage = await createAuthStorage(fileSystemService);
|
|
5826
6425
|
const tokenManager = new TokenManager({ authService, authStorage, mcpUrl });
|
|
5827
|
-
const apiToken = await withTelemetrySpan("container.token.get", () => tokenManager.getToken());
|
|
6426
|
+
const apiToken = resolveStoredToken ? await withTelemetrySpan("container.token.get", () => tokenManager.getToken()) : undefined;
|
|
6427
|
+
if (resolveStoredToken && apiToken === undefined) {
|
|
6428
|
+
await new AuthSessionMetadataStorage(fileSystemService).clear(mcpUrl);
|
|
6429
|
+
}
|
|
5828
6430
|
const codeNavigationService = new CodeNavigationServiceImpl(codeNavigationUrl, tokenManager);
|
|
5829
6431
|
const packageIntelligenceService = new PackageIntelligenceServiceImpl(codeNavigationUrl, tokenManager);
|
|
5830
6432
|
return {
|
|
@@ -5845,4 +6447,4 @@ async function createContainer() {
|
|
|
5845
6447
|
});
|
|
5846
6448
|
}
|
|
5847
6449
|
|
|
5848
|
-
export { AuthConfigError, CLIENT_UPDATE_REQUIRED_REASON, ClientUpdateRequiredError, debugLog, setMcpClientVersionProvider, setClientMode, isTelemetryEnabled, withTelemetrySpan, startTelemetrySpan, endTelemetrySpan, flushTelemetry, AuthenticationError, CodeNavigationAccessError, CodeNavigationGraphQLError, CodeNavigationIndexingError, CodeNavigationUnresolvableError, MalformedCodeNavigationResponseError, CodeNavigationTargetNotFoundError, CodeNavigationFileNotFoundError, CodeNavigationVersionNotFoundError, CodeNavigationValidationError, CodeNavigationFeatureFlagRequiredError, CodeNavigationNetworkError, CodeNavigationBackendError, getCodeNavigationUrl, ExecServiceImpl, FileSystemServiceImpl, AuthStorageLockTimeoutError, AuthStoragePolicyError, PackageIntelligenceAccessError, PackageIntelligenceFeatureFlagRequiredError, PackageIntelligenceNetworkError, PackageIntelligenceBackendError, PackageIntelligenceGraphQLError, PackageIntelligenceTargetNotFoundError, PackageIntelligenceValidationError, PackageIntelligenceVersionNotFoundError, MalformedPackageIntelligenceResponseError, PackageIntelligenceChangelogSourceNotFoundError, PromptServiceImpl, refreshExpiredToken, NpmRegistryUpdateCheckService, shouldRunUpdateCheck, shouldRunRequiredUpdateEnforcement, formatUpdateNotice, formatRequiredUpdateNotice, createAuthCommandDependencies, createAuthStatusDependencies, createContainer };
|
|
6450
|
+
export { AuthConfigError, CLIENT_UPDATE_REQUIRED_REASON, ClientUpdateRequiredError, debugLog, setMcpClientVersionProvider, setClientMode, isTelemetryEnabled, withTelemetrySpan, startTelemetrySpan, endTelemetrySpan, flushTelemetry, AuthenticationError, CodeNavigationAccessError, CodeNavigationGraphQLError, CodeNavigationIndexingError, CodeNavigationUnresolvableError, MalformedCodeNavigationResponseError, CodeNavigationTargetNotFoundError, CodeNavigationFileNotFoundError, CodeNavigationVersionNotFoundError, CodeNavigationValidationError, CodeNavigationFeatureFlagRequiredError, CodeNavigationNetworkError, CodeNavigationBackendError, getCodeNavigationUrl, ExecServiceImpl, FileSystemServiceImpl, AuthStorageLockTimeoutError, AuthStoragePolicyError, PackageIntelligenceAccessError, PackageIntelligenceFeatureFlagRequiredError, PackageIntelligenceNetworkError, PackageIntelligenceBackendError, PackageIntelligenceGraphQLError, PackageIntelligenceTargetNotFoundError, PackageIntelligenceValidationError, PackageIntelligenceVersionNotFoundError, MalformedPackageIntelligenceResponseError, PackageIntelligenceChangelogSourceNotFoundError, PromptServiceImpl, refreshExpiredToken, NpmRegistryUpdateCheckService, shouldRunUpdateCheck, shouldRunRequiredUpdateEnforcement, formatUpdateNotice, formatRequiredUpdateNotice, loadAutoLoginAuthSessionMetadata, clearAutoLoginAuthSessionMetadata, createAuthCommandDependencies, createAuthStatusDependencies, createContainer };
|