githits 0.4.3 → 0.4.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -1,20 +1,16 @@
1
1
  import {
2
2
  __require,
3
3
  version
4
- } from "./chunk-q6d3ttgn.js";
4
+ } from "./chunk-vfyz65v1.js";
5
5
 
6
6
  // src/services/app-config-paths.ts
7
7
  var APP_DIR = "githits";
8
8
  function getAppConfigDir(fs) {
9
9
  const home = fs.getHomeDir();
10
- switch (process.platform) {
11
- case "win32":
12
- return fs.joinPath(process.env.APPDATA ?? fs.joinPath(home, "AppData", "Roaming"), APP_DIR);
13
- case "darwin":
14
- return fs.joinPath(home, "Library", "Application Support", APP_DIR);
15
- default:
16
- return fs.joinPath(process.env.XDG_CONFIG_HOME ?? fs.joinPath(home, ".config"), APP_DIR);
10
+ if (process.platform === "win32") {
11
+ return fs.joinPath(process.env.APPDATA ?? fs.joinPath(home, "AppData", "Roaming"), APP_DIR);
17
12
  }
13
+ return fs.joinPath(process.env.XDG_CONFIG_HOME ?? fs.joinPath(home, ".config"), APP_DIR);
18
14
  }
19
15
  function getAuthConfigPath(fs) {
20
16
  return fs.joinPath(getAppConfigDir(fs), "config.toml");
@@ -25,6 +21,15 @@ function getAuthFileStorageDir(fs) {
25
21
  function getLegacyAuthStorageDir(fs) {
26
22
  return fs.joinPath(fs.getHomeDir(), ".githits");
27
23
  }
24
+ function getLegacyMacAppConfigDir(fs) {
25
+ return fs.joinPath(fs.getHomeDir(), "Library", "Application Support", APP_DIR);
26
+ }
27
+ function getLegacyMacAuthConfigPath(fs) {
28
+ return fs.joinPath(getLegacyMacAppConfigDir(fs), "config.toml");
29
+ }
30
+ function getLegacyMacAuthFileStorageDir(fs) {
31
+ return fs.joinPath(getLegacyMacAppConfigDir(fs), "auth");
32
+ }
28
33
  // src/services/auth-config.ts
29
34
  import { parse as parseToml } from "smol-toml";
30
35
  import { z } from "zod";
@@ -50,7 +55,7 @@ function parseAuthStorageMode(value) {
50
55
  throw new AuthConfigError(`Invalid auth storage mode "${value}". Use "keychain" or "file". File mode stores OAuth credentials unencrypted on disk.`);
51
56
  }
52
57
  async function loadAuthConfig(fs) {
53
- const configPath = getAuthConfigPath(fs);
58
+ let configPath = getAuthConfigPath(fs);
54
59
  const envMode = process.env.GITHITS_AUTH_STORAGE;
55
60
  if (envMode !== undefined && envMode.trim() !== "") {
56
61
  try {
@@ -63,7 +68,12 @@ async function loadAuthConfig(fs) {
63
68
  }
64
69
  }
65
70
  if (!await fs.exists(configPath)) {
66
- return { storage: "keychain", configPath };
71
+ const legacyMacConfigPath = getLegacyMacAuthConfigPath(fs);
72
+ if (process.platform === "darwin" && await fs.exists(legacyMacConfigPath)) {
73
+ configPath = legacyMacConfigPath;
74
+ } else {
75
+ return { storage: "keychain", configPath };
76
+ }
67
77
  }
68
78
  let rawConfig;
69
79
  try {
@@ -732,6 +742,70 @@ async function clearAuthSessionBestEffort(clearTokens, clearClient) {
732
742
  if (firstError)
733
743
  throw firstError;
734
744
  }
745
+
746
+ // src/services/auth-session-metadata-storage.ts
747
+ var METADATA_FILE = "metadata.json";
748
+ var DIR_MODE2 = 448;
749
+
750
+ class AuthSessionMetadataStorage {
751
+ fs;
752
+ configDir;
753
+ metadataPath;
754
+ constructor(fs, configDir) {
755
+ this.fs = fs;
756
+ this.configDir = configDir ?? getAuthFileStorageDir(fs);
757
+ this.metadataPath = fs.joinPath(this.configDir, METADATA_FILE);
758
+ }
759
+ async load(baseUrl) {
760
+ const stored = await this.loadFile();
761
+ if (!stored)
762
+ return null;
763
+ const metadata = stored.sessions[normalizeBaseUrl(baseUrl)] ?? null;
764
+ return isAuthSessionMetadata(metadata) ? metadata : null;
765
+ }
766
+ async saveFromTokens(baseUrl, tokens) {
767
+ const stored = await this.loadFile() ?? {
768
+ version: 1,
769
+ sessions: {}
770
+ };
771
+ stored.sessions[normalizeBaseUrl(baseUrl)] = {
772
+ createdAt: tokens.createdAt,
773
+ expiresAt: tokens.expiresAt,
774
+ updatedAt: new Date().toISOString()
775
+ };
776
+ await this.fs.ensureDir(this.configDir, DIR_MODE2);
777
+ await this.fs.atomicWriteFile(this.metadataPath, JSON.stringify(stored, null, 2));
778
+ }
779
+ async clear(baseUrl) {
780
+ const stored = await this.loadFile();
781
+ if (!stored)
782
+ return;
783
+ delete stored.sessions[normalizeBaseUrl(baseUrl)];
784
+ if (Object.keys(stored.sessions).length === 0) {
785
+ await this.fs.deleteFile(this.metadataPath);
786
+ return;
787
+ }
788
+ await this.fs.atomicWriteFile(this.metadataPath, JSON.stringify(stored, null, 2));
789
+ }
790
+ async loadFile() {
791
+ if (!await this.fs.exists(this.metadataPath))
792
+ return null;
793
+ try {
794
+ const content = await this.fs.readFile(this.metadataPath);
795
+ const data = JSON.parse(content);
796
+ if (data.version !== 1 || !data.sessions)
797
+ return null;
798
+ return data;
799
+ } catch {
800
+ return null;
801
+ }
802
+ }
803
+ }
804
+ function isAuthSessionMetadata(value) {
805
+ if (value === null || typeof value !== "object")
806
+ return false;
807
+ return typeof value.createdAt === "string" && value.createdAt.length > 0 && typeof value.updatedAt === "string" && value.updatedAt.length > 0 && (value.expiresAt === null || typeof value.expiresAt === "string" && value.expiresAt.length > 0);
808
+ }
735
809
  // src/services/browser-service.ts
736
810
  import open from "open";
737
811
 
@@ -1326,11 +1400,17 @@ class GitHitsServiceImpl {
1326
1400
  method: "POST",
1327
1401
  headers: this.headers(),
1328
1402
  body: JSON.stringify({
1403
+ ...params.exampleId !== undefined && {
1404
+ example_id: params.exampleId
1405
+ },
1329
1406
  ...params.solutionId !== undefined && {
1330
1407
  solution_id: params.solutionId
1331
1408
  },
1332
1409
  accepted: params.accepted,
1333
- feedback_text: params.feedbackText ?? null
1410
+ feedback_text: params.feedbackText ?? null,
1411
+ ...params.toolName !== undefined && {
1412
+ tool_name: params.toolName
1413
+ }
1334
1414
  })
1335
1415
  });
1336
1416
  if (!response.ok) {
@@ -3533,15 +3613,19 @@ class MigratingAuthStorage {
3533
3613
  mode;
3534
3614
  configPath;
3535
3615
  onWarning;
3616
+ metadata;
3617
+ additionalLegacyStores;
3536
3618
  warnedFileModeKeychainExport = false;
3537
3619
  warnedAmbiguousPlaintext = false;
3538
- constructor(primary, file, legacy, mode, configPath = "your GitHits config.toml", onWarning = () => {}) {
3620
+ constructor(primary, file, legacy, mode, configPath = "your GitHits config.toml", onWarning = () => {}, metadata, additionalLegacyStores = []) {
3539
3621
  this.primary = primary;
3540
3622
  this.file = file;
3541
3623
  this.legacy = legacy;
3542
3624
  this.mode = mode;
3543
3625
  this.configPath = configPath;
3544
3626
  this.onWarning = onWarning;
3627
+ this.metadata = metadata;
3628
+ this.additionalLegacyStores = additionalLegacyStores;
3545
3629
  }
3546
3630
  async loadTokens(baseUrl2) {
3547
3631
  if (this.mode === "file") {
@@ -3552,10 +3636,12 @@ class MigratingAuthStorage {
3552
3636
  async saveTokens(baseUrl2, data) {
3553
3637
  if (this.mode === "file") {
3554
3638
  await this.file.saveTokens(baseUrl2, data);
3639
+ await this.saveMetadataBestEffort(baseUrl2, data);
3555
3640
  return;
3556
3641
  }
3557
3642
  try {
3558
3643
  await this.primary.saveTokens(baseUrl2, data);
3644
+ await this.saveMetadataBestEffort(baseUrl2, data);
3559
3645
  } catch (error) {
3560
3646
  throw this.toPolicyError(error);
3561
3647
  }
@@ -3571,6 +3657,10 @@ class MigratingAuthStorage {
3571
3657
  const primaryError = await this.clearBestEffort(() => this.primary.clearTokens(baseUrl2));
3572
3658
  await this.clearBestEffort(() => this.file.clearTokens(baseUrl2));
3573
3659
  await this.clearBestEffort(() => this.legacy.clearTokens(baseUrl2));
3660
+ for (const legacy of this.additionalLegacyStores) {
3661
+ await this.clearBestEffort(() => legacy.clearTokens(baseUrl2));
3662
+ }
3663
+ await this.clearBestEffort(() => this.metadata?.clear(baseUrl2) ?? Promise.resolve());
3574
3664
  if (primaryError && !(primaryError instanceof KeychainUnavailableError)) {
3575
3665
  throw primaryError;
3576
3666
  }
@@ -3603,6 +3693,9 @@ class MigratingAuthStorage {
3603
3693
  const primaryError = await this.clearBestEffort(() => this.primary.clearClient(baseUrl2));
3604
3694
  await this.clearBestEffort(() => this.file.clearClient(baseUrl2));
3605
3695
  await this.clearBestEffort(() => this.legacy.clearClient(baseUrl2));
3696
+ for (const legacy of this.additionalLegacyStores) {
3697
+ await this.clearBestEffort(() => legacy.clearClient(baseUrl2));
3698
+ }
3606
3699
  if (primaryError && !(primaryError instanceof KeychainUnavailableError)) {
3607
3700
  throw primaryError;
3608
3701
  }
@@ -3610,10 +3703,12 @@ class MigratingAuthStorage {
3610
3703
  async saveAuthSession(baseUrl2, client, tokens) {
3611
3704
  if (this.mode === "file") {
3612
3705
  await this.file.saveAuthSession(baseUrl2, client, tokens);
3706
+ await this.saveMetadataBestEffort(baseUrl2, tokens);
3613
3707
  return;
3614
3708
  }
3615
3709
  try {
3616
3710
  await this.primary.saveAuthSession(baseUrl2, client, tokens);
3711
+ await this.saveMetadataBestEffort(baseUrl2, tokens);
3617
3712
  } catch (error) {
3618
3713
  throw this.toPolicyError(error);
3619
3714
  }
@@ -3622,6 +3717,10 @@ class MigratingAuthStorage {
3622
3717
  const primaryError = await this.clearBestEffort(() => this.primary.clearAuthSession(baseUrl2));
3623
3718
  await this.clearBestEffort(() => this.file.clearAuthSession(baseUrl2));
3624
3719
  await this.clearBestEffort(() => this.legacy.clearAuthSession(baseUrl2));
3720
+ for (const legacy of this.additionalLegacyStores) {
3721
+ await this.clearBestEffort(() => legacy.clearAuthSession(baseUrl2));
3722
+ }
3723
+ await this.clearBestEffort(() => this.metadata?.clear(baseUrl2) ?? Promise.resolve());
3625
3724
  if (primaryError && !(primaryError instanceof KeychainUnavailableError)) {
3626
3725
  throw primaryError;
3627
3726
  }
@@ -3632,8 +3731,10 @@ class MigratingAuthStorage {
3632
3731
  async loadTokensKeychainMode(baseUrl2) {
3633
3732
  try {
3634
3733
  const primaryTokens = await this.primary.loadTokens(baseUrl2);
3635
- if (primaryTokens)
3734
+ if (primaryTokens) {
3735
+ await this.saveMetadataBestEffort(baseUrl2, primaryTokens);
3636
3736
  return primaryTokens;
3737
+ }
3637
3738
  } catch (error) {
3638
3739
  if (!(error instanceof KeychainUnavailableError))
3639
3740
  throw error;
@@ -3648,7 +3749,8 @@ class MigratingAuthStorage {
3648
3749
  return candidate.data;
3649
3750
  throw error;
3650
3751
  }
3651
- await this.clearMigratedPlaintext(baseUrl2, "tokens", candidate.source, candidate.ambiguous);
3752
+ await this.clearMigratedPlaintext(baseUrl2, "tokens", candidate.source, candidate.storage, candidate.ambiguous);
3753
+ await this.saveMetadataBestEffort(baseUrl2, candidate.data);
3652
3754
  return candidate.data;
3653
3755
  }
3654
3756
  async loadTokensFileMode(baseUrl2) {
@@ -3656,8 +3758,9 @@ class MigratingAuthStorage {
3656
3758
  if (candidate) {
3657
3759
  if (candidate.source === "legacy") {
3658
3760
  await this.file.saveTokens(baseUrl2, candidate.data);
3659
- await this.clearBestEffort(() => this.legacy.clearTokens(baseUrl2));
3761
+ await this.clearBestEffort(() => candidate.storage.clearTokens(baseUrl2));
3660
3762
  }
3763
+ await this.saveMetadataBestEffort(baseUrl2, candidate.data);
3661
3764
  return candidate.data;
3662
3765
  }
3663
3766
  let primaryTokens = null;
@@ -3671,6 +3774,7 @@ class MigratingAuthStorage {
3671
3774
  return null;
3672
3775
  this.warnKeychainExport();
3673
3776
  await this.file.saveTokens(baseUrl2, primaryTokens);
3777
+ await this.saveMetadataBestEffort(baseUrl2, primaryTokens);
3674
3778
  return primaryTokens;
3675
3779
  }
3676
3780
  async loadClientKeychainMode(baseUrl2) {
@@ -3692,7 +3796,7 @@ class MigratingAuthStorage {
3692
3796
  return candidate.data;
3693
3797
  throw error;
3694
3798
  }
3695
- await this.clearMigratedPlaintext(baseUrl2, "client", candidate.source, candidate.ambiguous);
3799
+ await this.clearMigratedPlaintext(baseUrl2, "client", candidate.source, candidate.storage, candidate.ambiguous);
3696
3800
  return candidate.data;
3697
3801
  }
3698
3802
  async loadClientFileMode(baseUrl2) {
@@ -3700,7 +3804,7 @@ class MigratingAuthStorage {
3700
3804
  if (candidate) {
3701
3805
  if (candidate.source === "legacy") {
3702
3806
  await this.file.saveClient(baseUrl2, candidate.data);
3703
- await this.clearBestEffort(() => this.legacy.clearClient(baseUrl2));
3807
+ await this.clearBestEffort(() => candidate.storage.clearClient(baseUrl2));
3704
3808
  }
3705
3809
  return candidate.data;
3706
3810
  }
@@ -3724,18 +3828,22 @@ class MigratingAuthStorage {
3724
3828
  candidates.push({
3725
3829
  data: fileTokens,
3726
3830
  source: "file",
3831
+ storage: this.file,
3727
3832
  timestamp: fileTokens.createdAt,
3728
3833
  ambiguous: false
3729
3834
  });
3730
3835
  }
3731
- const legacyTokens = await this.legacy.loadTokens(baseUrl2);
3732
- if (legacyTokens) {
3733
- candidates.push({
3734
- data: legacyTokens,
3735
- source: "legacy",
3736
- timestamp: legacyTokens.createdAt,
3737
- ambiguous: false
3738
- });
3836
+ for (const legacy of this.getLegacyStores()) {
3837
+ const legacyTokens = await legacy.loadTokens(baseUrl2);
3838
+ if (legacyTokens) {
3839
+ candidates.push({
3840
+ data: legacyTokens,
3841
+ source: "legacy",
3842
+ storage: legacy,
3843
+ timestamp: legacyTokens.createdAt,
3844
+ ambiguous: false
3845
+ });
3846
+ }
3739
3847
  }
3740
3848
  return this.selectNewestCandidate(candidates);
3741
3849
  }
@@ -3746,18 +3854,22 @@ class MigratingAuthStorage {
3746
3854
  candidates.push({
3747
3855
  data: fileClient,
3748
3856
  source: "file",
3857
+ storage: this.file,
3749
3858
  timestamp: fileClient.registeredAt,
3750
3859
  ambiguous: false
3751
3860
  });
3752
3861
  }
3753
- const legacyClient = await this.legacy.loadClient(baseUrl2);
3754
- if (legacyClient) {
3755
- candidates.push({
3756
- data: legacyClient,
3757
- source: "legacy",
3758
- timestamp: legacyClient.registeredAt,
3759
- ambiguous: false
3760
- });
3862
+ for (const legacy of this.getLegacyStores()) {
3863
+ const legacyClient = await legacy.loadClient(baseUrl2);
3864
+ if (legacyClient) {
3865
+ candidates.push({
3866
+ data: legacyClient,
3867
+ source: "legacy",
3868
+ storage: legacy,
3869
+ timestamp: legacyClient.registeredAt,
3870
+ ambiguous: false
3871
+ });
3872
+ }
3761
3873
  }
3762
3874
  return this.selectNewestCandidate(candidates);
3763
3875
  }
@@ -3772,7 +3884,7 @@ class MigratingAuthStorage {
3772
3884
  }));
3773
3885
  if (parsed.some((entry) => Number.isNaN(entry.timestampMs))) {
3774
3886
  this.warnAmbiguousPlaintext();
3775
- const selected = candidates.find((candidate) => candidate.source === "file") ?? candidates[0] ?? null;
3887
+ const selected = candidates.find((candidate) => candidate.source === "file") ?? null;
3776
3888
  if (selected)
3777
3889
  selected.ambiguous = true;
3778
3890
  return selected;
@@ -3784,16 +3896,20 @@ class MigratingAuthStorage {
3784
3896
  return candidates[0] ?? null;
3785
3897
  if (second && first.timestampMs === second.timestampMs) {
3786
3898
  this.warnAmbiguousPlaintext();
3787
- const selected = candidates.find((candidate) => candidate.source === "file") ?? first.candidate;
3899
+ const selected = candidates.find((candidate) => candidate.source === "file") ?? null;
3900
+ if (!selected)
3901
+ return null;
3788
3902
  selected.ambiguous = true;
3789
3903
  return selected;
3790
3904
  }
3791
3905
  return first.candidate;
3792
3906
  }
3793
- async clearMigratedPlaintext(baseUrl2, kind, source, ambiguous = false) {
3907
+ async clearMigratedPlaintext(baseUrl2, kind, source, storage, ambiguous = false) {
3794
3908
  if (!ambiguous) {
3795
3909
  await this.clearPlaintextSource(this.file, baseUrl2, kind);
3796
- await this.clearPlaintextSource(this.legacy, baseUrl2, kind);
3910
+ for (const legacy of this.getLegacyStores()) {
3911
+ await this.clearPlaintextSource(legacy, baseUrl2, kind);
3912
+ }
3797
3913
  return;
3798
3914
  }
3799
3915
  if (source === "file") {
@@ -3801,9 +3917,12 @@ class MigratingAuthStorage {
3801
3917
  return;
3802
3918
  }
3803
3919
  if (source === "legacy") {
3804
- await this.clearPlaintextSource(this.legacy, baseUrl2, kind);
3920
+ await this.clearPlaintextSource(storage, baseUrl2, kind);
3805
3921
  }
3806
3922
  }
3923
+ getLegacyStores() {
3924
+ return [...this.additionalLegacyStores, this.legacy];
3925
+ }
3807
3926
  async clearPlaintextSource(storage, baseUrl2, kind) {
3808
3927
  await this.clearBestEffort(() => kind === "tokens" ? storage.clearTokens(baseUrl2) : storage.clearClient(baseUrl2));
3809
3928
  }
@@ -3815,6 +3934,9 @@ class MigratingAuthStorage {
3815
3934
  return error;
3816
3935
  }
3817
3936
  }
3937
+ async saveMetadataBestEffort(baseUrl2, tokens) {
3938
+ await this.clearBestEffort(() => this.metadata?.saveFromTokens(baseUrl2, tokens) ?? Promise.resolve());
3939
+ }
3818
3940
  toPolicyError(error) {
3819
3941
  if (!(error instanceof KeychainUnavailableError))
3820
3942
  return error;
@@ -4051,7 +4173,10 @@ query PackageSummary($registry: Registry!, $name: String!) {
4051
4173
  var packageVersionIdentitySchema = z3.object({
4052
4174
  name: z3.string().nullable().optional(),
4053
4175
  registry: z3.string().nullable().optional(),
4054
- version: z3.string().nullable().optional()
4176
+ version: z3.string().nullable().optional(),
4177
+ publishedAt: z3.string().nullable().optional(),
4178
+ deprecated: z3.boolean().nullable().optional(),
4179
+ deprecationReason: z3.string().nullable().optional()
4055
4180
  });
4056
4181
  var vulnerabilityDetailSchema = z3.object({
4057
4182
  osvId: z3.string().nullable().optional(),
@@ -4175,6 +4300,86 @@ var dependencyGraphSchema = z3.object({
4175
4300
  nodes: z3.array(dependencyGraphNodeSchema),
4176
4301
  edges: z3.array(dependencyGraphEdgeSchema)
4177
4302
  });
4303
+ var vulnerabilityCountSummarySchema = z3.object({
4304
+ totalVulnerabilities: z3.number().int(),
4305
+ critical: z3.number().int(),
4306
+ high: z3.number().int(),
4307
+ medium: z3.number().int(),
4308
+ low: z3.number().int(),
4309
+ unknown: z3.number().int()
4310
+ });
4311
+ var vulnerabilitySummaryDetailSchema = z3.object({
4312
+ osvId: z3.string().nullable().optional(),
4313
+ registry: z3.string().nullable().optional(),
4314
+ packageName: z3.string().nullable().optional(),
4315
+ summary: z3.string().nullable().optional(),
4316
+ severityScore: z3.number().nullable().optional(),
4317
+ severityType: z3.string().nullable().optional(),
4318
+ affectedVersionRanges: z3.array(z3.string()).nullable().optional(),
4319
+ fixedInVersions: z3.array(z3.string()).nullable().optional(),
4320
+ publishedAt: z3.string().nullable().optional(),
4321
+ modifiedAt: z3.string().nullable().optional(),
4322
+ withdrawnAt: z3.string().nullable().optional(),
4323
+ aliases: z3.array(z3.string()).nullable().optional(),
4324
+ isMalicious: z3.boolean().nullable().optional()
4325
+ });
4326
+ var transitiveDependencyVulnerabilitySchema = z3.object({
4327
+ version: z3.string(),
4328
+ affectsResolvedVersion: z3.boolean(),
4329
+ matchedAffectedVersionRanges: z3.array(z3.string()),
4330
+ fixVersionsAboveResolved: z3.array(z3.string()),
4331
+ nearestFixedVersion: z3.string().nullable().optional(),
4332
+ advisory: vulnerabilitySummaryDetailSchema
4333
+ });
4334
+ var transitiveVulnerablePackageSchema = z3.object({
4335
+ registry: z3.string(),
4336
+ name: z3.string(),
4337
+ versions: z3.array(z3.string()),
4338
+ affectedCount: z3.number().int(),
4339
+ nonAffectingCount: z3.number().int(),
4340
+ totalCount: z3.number().int(),
4341
+ maxSeverityScore: z3.number().nullable().optional(),
4342
+ maxSeverityLabel: z3.string().nullable().optional(),
4343
+ advisoryIds: z3.array(z3.string()),
4344
+ mostCritical: vulnerabilitySummaryDetailSchema.nullable().optional(),
4345
+ advisoryOccurrences: z3.array(transitiveDependencyVulnerabilitySchema).nullable().optional()
4346
+ });
4347
+ var transitiveVulnerabilitySummarySchema = z3.object({
4348
+ affected: vulnerabilityCountSummarySchema,
4349
+ nonAffecting: vulnerabilityCountSummarySchema,
4350
+ combined: vulnerabilityCountSummarySchema,
4351
+ totalPackagesAnalyzed: z3.number().int(),
4352
+ affectedPackageCount: z3.number().int(),
4353
+ packages: z3.array(transitiveVulnerablePackageSchema),
4354
+ calculatedAt: z3.string().nullable().optional()
4355
+ }).nullable().optional();
4356
+ var dependencyDeprecationReasonSchema = z3.object({
4357
+ version: z3.string(),
4358
+ reason: z3.string().nullable().optional()
4359
+ });
4360
+ var deprecatedDependencySchema = z3.object({
4361
+ registry: z3.string(),
4362
+ name: z3.string(),
4363
+ versions: z3.array(z3.string()),
4364
+ reasons: z3.array(dependencyDeprecationReasonSchema)
4365
+ });
4366
+ var outdatedDependencyVersionSchema = z3.object({
4367
+ version: z3.string(),
4368
+ severity: z3.string()
4369
+ });
4370
+ var outdatedDependencySchema = z3.object({
4371
+ registry: z3.string(),
4372
+ name: z3.string(),
4373
+ latestVersion: z3.string().nullable().optional(),
4374
+ severity: z3.string(),
4375
+ versions: z3.array(outdatedDependencyVersionSchema),
4376
+ repositoryUrl: z3.string().nullable().optional()
4377
+ });
4378
+ var duplicateDependencySchema = z3.object({
4379
+ registry: z3.string().nullable().optional(),
4380
+ name: z3.string(),
4381
+ versions: z3.array(z3.string())
4382
+ });
4178
4383
  var dependencyConflictEdgeSchema = z3.object({
4179
4384
  fromIndex: z3.number().int().nullable().optional(),
4180
4385
  toIndex: z3.number().int(),
@@ -4186,6 +4391,24 @@ var dependencyConflictSchema = z3.object({
4186
4391
  requiredVersions: z3.array(z3.string()),
4187
4392
  conflictingEdges: z3.array(dependencyConflictEdgeSchema)
4188
4393
  });
4394
+ var dependencyIssueConflictSchema = z3.object({
4395
+ registry: z3.string().nullable().optional(),
4396
+ name: z3.string(),
4397
+ versions: z3.array(z3.string()),
4398
+ requiredVersions: z3.array(z3.string()),
4399
+ conflictingEdges: z3.array(dependencyConflictEdgeSchema)
4400
+ });
4401
+ var dependencyIssuesSummarySchema = z3.object({
4402
+ totalCount: z3.number().int(),
4403
+ deprecatedCount: z3.number().int(),
4404
+ outdatedCount: z3.number().int(),
4405
+ duplicateCount: z3.number().int(),
4406
+ conflictCount: z3.number().int(),
4407
+ deprecatedPackages: z3.array(deprecatedDependencySchema),
4408
+ outdatedPackages: z3.array(outdatedDependencySchema),
4409
+ duplicatePackages: z3.array(duplicateDependencySchema),
4410
+ conflicts: z3.array(dependencyIssueConflictSchema)
4411
+ }).nullable().optional();
4189
4412
  var circularDependencyCycleSchema = z3.object({
4190
4413
  cycleStart: z3.string(),
4191
4414
  circularPath: z3.array(z3.string()),
@@ -4202,7 +4425,9 @@ var transitiveDependencySchema = z3.object({
4202
4425
  uniqueDependencies: z3.array(z3.string()).nullable().optional(),
4203
4426
  dependencyConflicts: z3.array(dependencyConflictSchema).nullable().optional(),
4204
4427
  circularDependencyCycles: z3.array(circularDependencyCycleSchema).nullable().optional(),
4205
- dependencyGraph: dependencyGraphSchema.nullable().optional()
4428
+ dependencyGraph: dependencyGraphSchema.nullable().optional(),
4429
+ vulnerabilitySummary: transitiveVulnerabilitySummarySchema,
4430
+ dependencyIssues: dependencyIssuesSummarySchema
4206
4431
  }).nullable().optional();
4207
4432
  var dependencyBundleSchema = z3.object({
4208
4433
  direct: z3.array(directDependencySchema).nullable().optional(),
@@ -4332,6 +4557,203 @@ query PackageDependencies(
4332
4557
  }
4333
4558
  }
4334
4559
  }`;
4560
+ var PACKAGE_UPGRADE_DEPENDENCY_PROBE_QUERY = `
4561
+ query PackageUpgradeDependencyProbe(
4562
+ $registry: Registry!
4563
+ $name: String!
4564
+ $version: String!
4565
+ $includeTransitiveRisk: Boolean!
4566
+ $includeTransitiveSecurity: Boolean!
4567
+ $includeDependencyIssues: Boolean!
4568
+ $includeDependencyChanges: Boolean!
4569
+ $includeGroups: Boolean!
4570
+ $lifecycle: [String!]
4571
+ $minSeverity: Float
4572
+ ) {
4573
+ packageDependencies(
4574
+ registry: $registry
4575
+ name: $name
4576
+ version: $version
4577
+ includeTransitive: $includeTransitiveRisk
4578
+ lifecycle: $lifecycle
4579
+ ) {
4580
+ package {
4581
+ name
4582
+ registry
4583
+ version
4584
+ publishedAt
4585
+ deprecated
4586
+ deprecationReason
4587
+ }
4588
+ dependencies {
4589
+ direct {
4590
+ name
4591
+ versionConstraint
4592
+ type
4593
+ }
4594
+ transitive @include(if: $includeTransitiveRisk) {
4595
+ dependencyGraph @include(if: $includeDependencyChanges) {
4596
+ formatVersion
4597
+ nodes {
4598
+ registry
4599
+ name
4600
+ version
4601
+ }
4602
+ edges {
4603
+ fromIndex
4604
+ toIndex
4605
+ constraint
4606
+ dependencyType
4607
+ }
4608
+ }
4609
+ vulnerabilitySummary(minSeverity: $minSeverity) @include(if: $includeTransitiveSecurity) {
4610
+ affected {
4611
+ totalVulnerabilities
4612
+ critical
4613
+ high
4614
+ medium
4615
+ low
4616
+ unknown
4617
+ }
4618
+ nonAffecting {
4619
+ totalVulnerabilities
4620
+ critical
4621
+ high
4622
+ medium
4623
+ low
4624
+ unknown
4625
+ }
4626
+ combined {
4627
+ totalVulnerabilities
4628
+ critical
4629
+ high
4630
+ medium
4631
+ low
4632
+ unknown
4633
+ }
4634
+ totalPackagesAnalyzed
4635
+ affectedPackageCount
4636
+ calculatedAt
4637
+ packages {
4638
+ registry
4639
+ name
4640
+ versions
4641
+ affectedCount
4642
+ nonAffectingCount
4643
+ totalCount
4644
+ maxSeverityScore
4645
+ maxSeverityLabel
4646
+ advisoryIds(scope: AFFECTED)
4647
+ mostCritical {
4648
+ osvId
4649
+ registry
4650
+ packageName
4651
+ summary
4652
+ severityScore
4653
+ severityType
4654
+ affectedVersionRanges
4655
+ fixedInVersions
4656
+ publishedAt
4657
+ modifiedAt
4658
+ withdrawnAt
4659
+ aliases
4660
+ isMalicious
4661
+ }
4662
+ advisoryOccurrences(scope: AFFECTED, minSeverity: $minSeverity, limit: 5) {
4663
+ version
4664
+ affectsResolvedVersion
4665
+ matchedAffectedVersionRanges
4666
+ fixVersionsAboveResolved
4667
+ nearestFixedVersion
4668
+ advisory {
4669
+ osvId
4670
+ registry
4671
+ packageName
4672
+ summary
4673
+ severityScore
4674
+ severityType
4675
+ affectedVersionRanges
4676
+ fixedInVersions
4677
+ publishedAt
4678
+ modifiedAt
4679
+ withdrawnAt
4680
+ aliases
4681
+ isMalicious
4682
+ }
4683
+ }
4684
+ }
4685
+ }
4686
+ dependencyIssues @include(if: $includeDependencyIssues) {
4687
+ totalCount
4688
+ deprecatedCount
4689
+ outdatedCount
4690
+ duplicateCount
4691
+ conflictCount
4692
+ deprecatedPackages {
4693
+ registry
4694
+ name
4695
+ versions
4696
+ reasons {
4697
+ version
4698
+ reason
4699
+ }
4700
+ }
4701
+ outdatedPackages {
4702
+ registry
4703
+ name
4704
+ latestVersion
4705
+ severity
4706
+ versions {
4707
+ version
4708
+ severity
4709
+ }
4710
+ repositoryUrl
4711
+ }
4712
+ duplicatePackages {
4713
+ registry
4714
+ name
4715
+ versions
4716
+ }
4717
+ conflicts {
4718
+ registry
4719
+ name
4720
+ versions
4721
+ requiredVersions
4722
+ conflictingEdges {
4723
+ fromIndex
4724
+ toIndex
4725
+ versionConstraint
4726
+ dependencyType
4727
+ }
4728
+ }
4729
+ }
4730
+ }
4731
+ }
4732
+ dependencyGroups @include(if: $includeGroups) {
4733
+ primaryGroup
4734
+ environmentMarkers {
4735
+ type
4736
+ value
4737
+ raw
4738
+ }
4739
+ groups {
4740
+ name
4741
+ lifecycle
4742
+ conditionType
4743
+ conditionValue
4744
+ selectionMode
4745
+ exclusiveGroup
4746
+ fallbackPriority
4747
+ compatibleWith
4748
+ defaultEnabled
4749
+ dependencies {
4750
+ name
4751
+ constraint
4752
+ }
4753
+ }
4754
+ }
4755
+ }
4756
+ }`;
4335
4757
  var changelogPackageInfoSchema = z3.object({
4336
4758
  name: z3.string().nullable().optional(),
4337
4759
  registry: z3.string().nullable().optional(),
@@ -4799,7 +5221,10 @@ class PackageIntelligenceServiceImpl {
4799
5221
  const identity = {
4800
5222
  name,
4801
5223
  version: version2,
4802
- registry: data.package?.registry ?? undefined
5224
+ registry: data.package?.registry ?? undefined,
5225
+ publishedAt: data.package?.publishedAt ?? undefined,
5226
+ deprecated: data.package?.deprecated ?? undefined,
5227
+ deprecationReason: data.package?.deprecationReason ?? undefined
4803
5228
  };
4804
5229
  const security = data.security ? {
4805
5230
  affectedVulnerabilityCount: data.security.affectedVulnerabilityCount,
@@ -4839,6 +5264,58 @@ class PackageIntelligenceServiceImpl {
4839
5264
  executeWithToken: (token) => this.executePackageDependencies(token, params)
4840
5265
  }));
4841
5266
  }
5267
+ async packageUpgradeDependencyProbe(params) {
5268
+ return withTelemetrySpan("pkg-intel.upgrade-dependency-probe.request", () => executeWithTokenRefresh({
5269
+ getToken: () => this.tokenProvider.getToken(),
5270
+ forceRefresh: () => this.tokenProvider.forceRefresh(),
5271
+ shouldRefresh: (error) => error instanceof AuthenticationError,
5272
+ executeWithToken: (token) => this.executePackageUpgradeDependencyProbe(token, params)
5273
+ }));
5274
+ }
5275
+ async executePackageUpgradeDependencyProbe(token, params) {
5276
+ const includeTransitiveRisk = params.includeTransitiveSecurity === true || params.includeDependencyIssues === true || params.includeDependencyChanges === true;
5277
+ let response;
5278
+ try {
5279
+ response = await postPkgseerGraphql({
5280
+ endpointUrl: this.endpointUrl,
5281
+ token,
5282
+ query: PACKAGE_UPGRADE_DEPENDENCY_PROBE_QUERY,
5283
+ variables: {
5284
+ registry: params.registry,
5285
+ name: params.packageName,
5286
+ version: params.version,
5287
+ includeTransitiveRisk,
5288
+ includeTransitiveSecurity: params.includeTransitiveSecurity === true,
5289
+ includeDependencyIssues: params.includeDependencyIssues === true,
5290
+ includeDependencyChanges: params.includeDependencyChanges === true,
5291
+ includeGroups: params.includeGroups === true,
5292
+ lifecycle: params.includeGroups === true ? ["peer"] : undefined,
5293
+ minSeverity: params.minSeverity
5294
+ },
5295
+ fetchFn: this.fetchFn
5296
+ });
5297
+ } catch (cause) {
5298
+ if (cause instanceof PkgseerTransportError) {
5299
+ throw new PackageIntelligenceNetworkError("Could not reach the package intelligence service. Check your connection or set GITHITS_CODE_NAV_URL.", { cause });
5300
+ }
5301
+ throw cause;
5302
+ }
5303
+ if (response.status < 200 || response.status >= 300) {
5304
+ throw this.createHttpError(response);
5305
+ }
5306
+ const parsed = dependenciesGraphQLResponseSchema.safeParse(response.parsedBody);
5307
+ if (!parsed.success) {
5308
+ throw new MalformedPackageIntelligenceResponseError("Malformed response from the package-intelligence service.");
5309
+ }
5310
+ if (parsed.data.errors && parsed.data.errors.length > 0) {
5311
+ throw promoteGenericVersionNotFound(this.createGraphQLError(parsed.data.errors), params);
5312
+ }
5313
+ const data = parsed.data.data?.packageDependencies;
5314
+ if (!data) {
5315
+ throw new MalformedPackageIntelligenceResponseError("Empty response from the package-intelligence service.");
5316
+ }
5317
+ return this.normaliseDependencyReport(data);
5318
+ }
4842
5319
  async executePackageDependencies(token, params) {
4843
5320
  let response;
4844
5321
  try {
@@ -4887,7 +5364,10 @@ class PackageIntelligenceServiceImpl {
4887
5364
  const identity = {
4888
5365
  name,
4889
5366
  version: version2,
4890
- registry: data.package?.registry ?? undefined
5367
+ registry: data.package?.registry ?? undefined,
5368
+ publishedAt: data.package?.publishedAt ?? undefined,
5369
+ deprecated: data.package?.deprecated ?? undefined,
5370
+ deprecationReason: data.package?.deprecationReason ?? undefined
4891
5371
  };
4892
5372
  const bundle = data.dependencies;
4893
5373
  const dependencies = bundle ? {
@@ -4933,7 +5413,9 @@ class PackageIntelligenceServiceImpl {
4933
5413
  constraint: e.constraint ?? undefined,
4934
5414
  dependencyType: e.dependencyType ?? undefined
4935
5415
  }))
4936
- } : undefined
5416
+ } : undefined,
5417
+ vulnerabilitySummary: this.normaliseTransitiveVulnerabilitySummary(bundle.transitive.vulnerabilitySummary),
5418
+ dependencyIssues: this.normaliseDependencyIssuesSummary(bundle.transitive.dependencyIssues)
4937
5419
  } : undefined
4938
5420
  } : undefined;
4939
5421
  const dependencyGroups = data.dependencyGroups ? {
@@ -4965,6 +5447,103 @@ class PackageIntelligenceServiceImpl {
4965
5447
  dependencyGroups
4966
5448
  };
4967
5449
  }
5450
+ normaliseTransitiveVulnerabilitySummary(summary) {
5451
+ if (!summary)
5452
+ return;
5453
+ return {
5454
+ affected: summary.affected,
5455
+ nonAffecting: summary.nonAffecting,
5456
+ combined: summary.combined,
5457
+ totalPackagesAnalyzed: summary.totalPackagesAnalyzed,
5458
+ affectedPackageCount: summary.affectedPackageCount,
5459
+ calculatedAt: summary.calculatedAt ?? undefined,
5460
+ packages: summary.packages.map((pkg) => ({
5461
+ registry: pkg.registry,
5462
+ name: pkg.name,
5463
+ versions: pkg.versions,
5464
+ affectedCount: pkg.affectedCount,
5465
+ nonAffectingCount: pkg.nonAffectingCount,
5466
+ totalCount: pkg.totalCount,
5467
+ maxSeverityScore: pkg.maxSeverityScore ?? undefined,
5468
+ maxSeverityLabel: pkg.maxSeverityLabel ?? undefined,
5469
+ advisoryIds: pkg.advisoryIds,
5470
+ mostCritical: pkg.mostCritical ? this.normaliseVulnerabilitySummaryDetail(pkg.mostCritical) : undefined,
5471
+ advisoryOccurrences: pkg.advisoryOccurrences?.map((occurrence) => ({
5472
+ version: occurrence.version,
5473
+ affectsResolvedVersion: occurrence.affectsResolvedVersion,
5474
+ matchedAffectedVersionRanges: occurrence.matchedAffectedVersionRanges,
5475
+ fixVersionsAboveResolved: occurrence.fixVersionsAboveResolved,
5476
+ nearestFixedVersion: occurrence.nearestFixedVersion ?? undefined,
5477
+ advisory: this.normaliseVulnerabilitySummaryDetail(occurrence.advisory)
5478
+ })) ?? undefined
5479
+ }))
5480
+ };
5481
+ }
5482
+ normaliseVulnerabilitySummaryDetail(advisory) {
5483
+ return {
5484
+ osvId: advisory.osvId ?? undefined,
5485
+ registry: advisory.registry ?? undefined,
5486
+ packageName: advisory.packageName ?? undefined,
5487
+ summary: advisory.summary ?? undefined,
5488
+ severityScore: advisory.severityScore ?? undefined,
5489
+ severityType: advisory.severityType ?? undefined,
5490
+ affectedVersionRanges: advisory.affectedVersionRanges ?? undefined,
5491
+ fixedInVersions: advisory.fixedInVersions ?? undefined,
5492
+ publishedAt: advisory.publishedAt ?? undefined,
5493
+ modifiedAt: advisory.modifiedAt ?? undefined,
5494
+ withdrawnAt: advisory.withdrawnAt ?? undefined,
5495
+ aliases: advisory.aliases ?? undefined,
5496
+ isMalicious: advisory.isMalicious ?? undefined
5497
+ };
5498
+ }
5499
+ normaliseDependencyIssuesSummary(issues) {
5500
+ if (!issues)
5501
+ return;
5502
+ return {
5503
+ totalCount: issues.totalCount,
5504
+ deprecatedCount: issues.deprecatedCount,
5505
+ outdatedCount: issues.outdatedCount,
5506
+ duplicateCount: issues.duplicateCount,
5507
+ conflictCount: issues.conflictCount,
5508
+ deprecatedPackages: issues.deprecatedPackages.map((pkg) => ({
5509
+ registry: pkg.registry,
5510
+ name: pkg.name,
5511
+ versions: pkg.versions,
5512
+ reasons: pkg.reasons.map((reason) => ({
5513
+ version: reason.version,
5514
+ reason: reason.reason ?? undefined
5515
+ }))
5516
+ })),
5517
+ outdatedPackages: issues.outdatedPackages.map((pkg) => ({
5518
+ registry: pkg.registry,
5519
+ name: pkg.name,
5520
+ latestVersion: pkg.latestVersion ?? undefined,
5521
+ severity: pkg.severity,
5522
+ versions: pkg.versions.map((version2) => ({
5523
+ version: version2.version,
5524
+ severity: version2.severity
5525
+ })),
5526
+ repositoryUrl: pkg.repositoryUrl ?? undefined
5527
+ })),
5528
+ duplicatePackages: issues.duplicatePackages.map((pkg) => ({
5529
+ registry: pkg.registry ?? undefined,
5530
+ name: pkg.name,
5531
+ versions: pkg.versions
5532
+ })),
5533
+ conflicts: issues.conflicts.map((conflict) => ({
5534
+ registry: conflict.registry ?? undefined,
5535
+ name: conflict.name,
5536
+ versions: conflict.versions,
5537
+ requiredVersions: conflict.requiredVersions,
5538
+ conflictingEdges: conflict.conflictingEdges.map((edge) => ({
5539
+ fromIndex: edge.fromIndex ?? undefined,
5540
+ toIndex: edge.toIndex,
5541
+ versionConstraint: edge.versionConstraint,
5542
+ dependencyType: edge.dependencyType
5543
+ }))
5544
+ }))
5545
+ };
5546
+ }
4968
5547
  async packageChangelog(params) {
4969
5548
  return withTelemetrySpan("pkg-intel.changelog.request", () => executeWithTokenRefresh({
4970
5549
  getToken: () => this.tokenProvider.getToken(),
@@ -5423,7 +6002,7 @@ var NPM_DIST_TAGS_URL = "https://registry.npmjs.org/-/package/githits/dist-tags"
5423
6002
  var NPM_PACKAGE_VERSION_URL = "https://registry.npmjs.org/githits";
5424
6003
  var CHECK_INTERVAL_MS = 24 * 60 * 60 * 1000;
5425
6004
  var FETCH_TIMEOUT_MS = 1000;
5426
- var DIR_MODE2 = 448;
6005
+ var DIR_MODE3 = 448;
5427
6006
  var UPDATE_COMMAND = "npm i -g githits@latest";
5428
6007
  var MAX_DEPRECATION_REASON_LENGTH = 200;
5429
6008
 
@@ -5613,7 +6192,7 @@ class NpmRegistryUpdateCheckService {
5613
6192
  }
5614
6193
  async saveCache(cache) {
5615
6194
  try {
5616
- await this.fs.ensureDir(this.configDir, DIR_MODE2);
6195
+ await this.fs.ensureDir(this.configDir, DIR_MODE3);
5617
6196
  if (typeof this.fs.atomicWriteFile === "function") {
5618
6197
  await this.fs.atomicWriteFile(this.cachePath, `${JSON.stringify(cache, null, 2)}
5619
6198
  `);
@@ -5750,10 +6329,29 @@ async function createAuthStorage(fileSystemService) {
5750
6329
  function createAuthStorageForMode(fileSystemService, mode, configPath = "your GitHits config.toml") {
5751
6330
  const fileStorage = new ModeAwareFileAuthStorage(new AuthStorageImpl(fileSystemService, getAuthFileStorageDir(fileSystemService)), mode, configPath);
5752
6331
  const legacyStorage = new AuthStorageImpl(fileSystemService, getLegacyAuthStorageDir(fileSystemService));
6332
+ const additionalLegacyStores = process.platform === "darwin" ? [
6333
+ new AuthStorageImpl(fileSystemService, getLegacyMacAuthFileStorageDir(fileSystemService))
6334
+ ] : [];
5753
6335
  const rawKeyring = new KeyringServiceImpl;
5754
6336
  const keyring = process.platform === "win32" ? new ChunkingKeyringService(rawKeyring, WINDOWS_MAX_ENTRY_SIZE) : rawKeyring;
5755
6337
  const keychainStorage = new KeychainAuthStorage(keyring);
5756
- return new LockedAuthStorage(new MigratingAuthStorage(keychainStorage, fileStorage, legacyStorage, mode, configPath, (message) => console.error(message)), fileSystemService);
6338
+ const metadataStorage = new AuthSessionMetadataStorage(fileSystemService);
6339
+ return new LockedAuthStorage(new MigratingAuthStorage(keychainStorage, fileStorage, legacyStorage, mode, configPath, (message) => console.error(message), metadataStorage, additionalLegacyStores), fileSystemService);
6340
+ }
6341
+ async function loadAutoLoginAuthSessionMetadata() {
6342
+ const envToken = getEnvApiToken();
6343
+ if (envToken) {
6344
+ const now = new Date().toISOString();
6345
+ return { createdAt: now, expiresAt: null, updatedAt: now };
6346
+ }
6347
+ const fileSystemService = new FileSystemServiceImpl;
6348
+ const metadataStorage = new AuthSessionMetadataStorage(fileSystemService);
6349
+ return metadataStorage.load(getMcpUrl());
6350
+ }
6351
+ async function clearAutoLoginAuthSessionMetadata() {
6352
+ const fileSystemService = new FileSystemServiceImpl;
6353
+ const metadataStorage = new AuthSessionMetadataStorage(fileSystemService);
6354
+ await metadataStorage.clear(getMcpUrl());
5757
6355
  }
5758
6356
  async function createAuthCommandDependencies() {
5759
6357
  return withTelemetrySpan("container.create-auth-command", async () => {
@@ -5792,8 +6390,9 @@ function createStaticTokenProvider(token) {
5792
6390
  }
5793
6391
  };
5794
6392
  }
5795
- async function createContainer() {
6393
+ async function createContainer(options = {}) {
5796
6394
  return withTelemetrySpan("container.create", async () => {
6395
+ const resolveStoredToken = options.resolveStoredToken ?? true;
5797
6396
  const mcpUrl = getMcpUrl();
5798
6397
  const apiUrl = getApiUrl();
5799
6398
  const codeNavigationUrl = getCodeNavigationUrl();
@@ -5824,7 +6423,10 @@ async function createContainer() {
5824
6423
  }
5825
6424
  const authStorage = await createAuthStorage(fileSystemService);
5826
6425
  const tokenManager = new TokenManager({ authService, authStorage, mcpUrl });
5827
- const apiToken = await withTelemetrySpan("container.token.get", () => tokenManager.getToken());
6426
+ const apiToken = resolveStoredToken ? await withTelemetrySpan("container.token.get", () => tokenManager.getToken()) : undefined;
6427
+ if (resolveStoredToken && apiToken === undefined) {
6428
+ await new AuthSessionMetadataStorage(fileSystemService).clear(mcpUrl);
6429
+ }
5828
6430
  const codeNavigationService = new CodeNavigationServiceImpl(codeNavigationUrl, tokenManager);
5829
6431
  const packageIntelligenceService = new PackageIntelligenceServiceImpl(codeNavigationUrl, tokenManager);
5830
6432
  return {
@@ -5845,4 +6447,4 @@ async function createContainer() {
5845
6447
  });
5846
6448
  }
5847
6449
 
5848
- export { AuthConfigError, CLIENT_UPDATE_REQUIRED_REASON, ClientUpdateRequiredError, debugLog, setMcpClientVersionProvider, setClientMode, isTelemetryEnabled, withTelemetrySpan, startTelemetrySpan, endTelemetrySpan, flushTelemetry, AuthenticationError, CodeNavigationAccessError, CodeNavigationGraphQLError, CodeNavigationIndexingError, CodeNavigationUnresolvableError, MalformedCodeNavigationResponseError, CodeNavigationTargetNotFoundError, CodeNavigationFileNotFoundError, CodeNavigationVersionNotFoundError, CodeNavigationValidationError, CodeNavigationFeatureFlagRequiredError, CodeNavigationNetworkError, CodeNavigationBackendError, getCodeNavigationUrl, ExecServiceImpl, FileSystemServiceImpl, AuthStorageLockTimeoutError, AuthStoragePolicyError, PackageIntelligenceAccessError, PackageIntelligenceFeatureFlagRequiredError, PackageIntelligenceNetworkError, PackageIntelligenceBackendError, PackageIntelligenceGraphQLError, PackageIntelligenceTargetNotFoundError, PackageIntelligenceValidationError, PackageIntelligenceVersionNotFoundError, MalformedPackageIntelligenceResponseError, PackageIntelligenceChangelogSourceNotFoundError, PromptServiceImpl, refreshExpiredToken, NpmRegistryUpdateCheckService, shouldRunUpdateCheck, shouldRunRequiredUpdateEnforcement, formatUpdateNotice, formatRequiredUpdateNotice, createAuthCommandDependencies, createAuthStatusDependencies, createContainer };
6450
+ export { AuthConfigError, CLIENT_UPDATE_REQUIRED_REASON, ClientUpdateRequiredError, debugLog, setMcpClientVersionProvider, setClientMode, isTelemetryEnabled, withTelemetrySpan, startTelemetrySpan, endTelemetrySpan, flushTelemetry, AuthenticationError, CodeNavigationAccessError, CodeNavigationGraphQLError, CodeNavigationIndexingError, CodeNavigationUnresolvableError, MalformedCodeNavigationResponseError, CodeNavigationTargetNotFoundError, CodeNavigationFileNotFoundError, CodeNavigationVersionNotFoundError, CodeNavigationValidationError, CodeNavigationFeatureFlagRequiredError, CodeNavigationNetworkError, CodeNavigationBackendError, getCodeNavigationUrl, ExecServiceImpl, FileSystemServiceImpl, AuthStorageLockTimeoutError, AuthStoragePolicyError, PackageIntelligenceAccessError, PackageIntelligenceFeatureFlagRequiredError, PackageIntelligenceNetworkError, PackageIntelligenceBackendError, PackageIntelligenceGraphQLError, PackageIntelligenceTargetNotFoundError, PackageIntelligenceValidationError, PackageIntelligenceVersionNotFoundError, MalformedPackageIntelligenceResponseError, PackageIntelligenceChangelogSourceNotFoundError, PromptServiceImpl, refreshExpiredToken, NpmRegistryUpdateCheckService, shouldRunUpdateCheck, shouldRunRequiredUpdateEnforcement, formatUpdateNotice, formatRequiredUpdateNotice, loadAutoLoginAuthSessionMetadata, clearAutoLoginAuthSessionMetadata, createAuthCommandDependencies, createAuthStatusDependencies, createContainer };