githits 0.4.4 → 0.4.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/dist/index.js CHANGED
@@ -1,6 +1,6 @@
1
1
  import {
2
2
  version
3
- } from "./shared/chunk-96tjsv6y.js";
3
+ } from "./shared/chunk-vfyz65v1.js";
4
4
  export {
5
5
  version
6
6
  };
@@ -1,6 +1,6 @@
1
1
  import { createRequire } from "node:module";
2
2
  var __require = /* @__PURE__ */ createRequire(import.meta.url);
3
3
  // package.json
4
- var version = "0.4.4";
4
+ var version = "0.4.5";
5
5
 
6
6
  export { __require, version };
@@ -1,7 +1,7 @@
1
1
  import {
2
2
  __require,
3
3
  version
4
- } from "./chunk-96tjsv6y.js";
4
+ } from "./chunk-vfyz65v1.js";
5
5
 
6
6
  // src/services/app-config-paths.ts
7
7
  var APP_DIR = "githits";
@@ -1400,11 +1400,17 @@ class GitHitsServiceImpl {
1400
1400
  method: "POST",
1401
1401
  headers: this.headers(),
1402
1402
  body: JSON.stringify({
1403
+ ...params.exampleId !== undefined && {
1404
+ example_id: params.exampleId
1405
+ },
1403
1406
  ...params.solutionId !== undefined && {
1404
1407
  solution_id: params.solutionId
1405
1408
  },
1406
1409
  accepted: params.accepted,
1407
- feedback_text: params.feedbackText ?? null
1410
+ feedback_text: params.feedbackText ?? null,
1411
+ ...params.toolName !== undefined && {
1412
+ tool_name: params.toolName
1413
+ }
1408
1414
  })
1409
1415
  });
1410
1416
  if (!response.ok) {
@@ -4167,7 +4173,10 @@ query PackageSummary($registry: Registry!, $name: String!) {
4167
4173
  var packageVersionIdentitySchema = z3.object({
4168
4174
  name: z3.string().nullable().optional(),
4169
4175
  registry: z3.string().nullable().optional(),
4170
- version: z3.string().nullable().optional()
4176
+ version: z3.string().nullable().optional(),
4177
+ publishedAt: z3.string().nullable().optional(),
4178
+ deprecated: z3.boolean().nullable().optional(),
4179
+ deprecationReason: z3.string().nullable().optional()
4171
4180
  });
4172
4181
  var vulnerabilityDetailSchema = z3.object({
4173
4182
  osvId: z3.string().nullable().optional(),
@@ -4291,6 +4300,86 @@ var dependencyGraphSchema = z3.object({
4291
4300
  nodes: z3.array(dependencyGraphNodeSchema),
4292
4301
  edges: z3.array(dependencyGraphEdgeSchema)
4293
4302
  });
4303
+ var vulnerabilityCountSummarySchema = z3.object({
4304
+ totalVulnerabilities: z3.number().int(),
4305
+ critical: z3.number().int(),
4306
+ high: z3.number().int(),
4307
+ medium: z3.number().int(),
4308
+ low: z3.number().int(),
4309
+ unknown: z3.number().int()
4310
+ });
4311
+ var vulnerabilitySummaryDetailSchema = z3.object({
4312
+ osvId: z3.string().nullable().optional(),
4313
+ registry: z3.string().nullable().optional(),
4314
+ packageName: z3.string().nullable().optional(),
4315
+ summary: z3.string().nullable().optional(),
4316
+ severityScore: z3.number().nullable().optional(),
4317
+ severityType: z3.string().nullable().optional(),
4318
+ affectedVersionRanges: z3.array(z3.string()).nullable().optional(),
4319
+ fixedInVersions: z3.array(z3.string()).nullable().optional(),
4320
+ publishedAt: z3.string().nullable().optional(),
4321
+ modifiedAt: z3.string().nullable().optional(),
4322
+ withdrawnAt: z3.string().nullable().optional(),
4323
+ aliases: z3.array(z3.string()).nullable().optional(),
4324
+ isMalicious: z3.boolean().nullable().optional()
4325
+ });
4326
+ var transitiveDependencyVulnerabilitySchema = z3.object({
4327
+ version: z3.string(),
4328
+ affectsResolvedVersion: z3.boolean(),
4329
+ matchedAffectedVersionRanges: z3.array(z3.string()),
4330
+ fixVersionsAboveResolved: z3.array(z3.string()),
4331
+ nearestFixedVersion: z3.string().nullable().optional(),
4332
+ advisory: vulnerabilitySummaryDetailSchema
4333
+ });
4334
+ var transitiveVulnerablePackageSchema = z3.object({
4335
+ registry: z3.string(),
4336
+ name: z3.string(),
4337
+ versions: z3.array(z3.string()),
4338
+ affectedCount: z3.number().int(),
4339
+ nonAffectingCount: z3.number().int(),
4340
+ totalCount: z3.number().int(),
4341
+ maxSeverityScore: z3.number().nullable().optional(),
4342
+ maxSeverityLabel: z3.string().nullable().optional(),
4343
+ advisoryIds: z3.array(z3.string()),
4344
+ mostCritical: vulnerabilitySummaryDetailSchema.nullable().optional(),
4345
+ advisoryOccurrences: z3.array(transitiveDependencyVulnerabilitySchema).nullable().optional()
4346
+ });
4347
+ var transitiveVulnerabilitySummarySchema = z3.object({
4348
+ affected: vulnerabilityCountSummarySchema,
4349
+ nonAffecting: vulnerabilityCountSummarySchema,
4350
+ combined: vulnerabilityCountSummarySchema,
4351
+ totalPackagesAnalyzed: z3.number().int(),
4352
+ affectedPackageCount: z3.number().int(),
4353
+ packages: z3.array(transitiveVulnerablePackageSchema),
4354
+ calculatedAt: z3.string().nullable().optional()
4355
+ }).nullable().optional();
4356
+ var dependencyDeprecationReasonSchema = z3.object({
4357
+ version: z3.string(),
4358
+ reason: z3.string().nullable().optional()
4359
+ });
4360
+ var deprecatedDependencySchema = z3.object({
4361
+ registry: z3.string(),
4362
+ name: z3.string(),
4363
+ versions: z3.array(z3.string()),
4364
+ reasons: z3.array(dependencyDeprecationReasonSchema)
4365
+ });
4366
+ var outdatedDependencyVersionSchema = z3.object({
4367
+ version: z3.string(),
4368
+ severity: z3.string()
4369
+ });
4370
+ var outdatedDependencySchema = z3.object({
4371
+ registry: z3.string(),
4372
+ name: z3.string(),
4373
+ latestVersion: z3.string().nullable().optional(),
4374
+ severity: z3.string(),
4375
+ versions: z3.array(outdatedDependencyVersionSchema),
4376
+ repositoryUrl: z3.string().nullable().optional()
4377
+ });
4378
+ var duplicateDependencySchema = z3.object({
4379
+ registry: z3.string().nullable().optional(),
4380
+ name: z3.string(),
4381
+ versions: z3.array(z3.string())
4382
+ });
4294
4383
  var dependencyConflictEdgeSchema = z3.object({
4295
4384
  fromIndex: z3.number().int().nullable().optional(),
4296
4385
  toIndex: z3.number().int(),
@@ -4302,6 +4391,24 @@ var dependencyConflictSchema = z3.object({
4302
4391
  requiredVersions: z3.array(z3.string()),
4303
4392
  conflictingEdges: z3.array(dependencyConflictEdgeSchema)
4304
4393
  });
4394
+ var dependencyIssueConflictSchema = z3.object({
4395
+ registry: z3.string().nullable().optional(),
4396
+ name: z3.string(),
4397
+ versions: z3.array(z3.string()),
4398
+ requiredVersions: z3.array(z3.string()),
4399
+ conflictingEdges: z3.array(dependencyConflictEdgeSchema)
4400
+ });
4401
+ var dependencyIssuesSummarySchema = z3.object({
4402
+ totalCount: z3.number().int(),
4403
+ deprecatedCount: z3.number().int(),
4404
+ outdatedCount: z3.number().int(),
4405
+ duplicateCount: z3.number().int(),
4406
+ conflictCount: z3.number().int(),
4407
+ deprecatedPackages: z3.array(deprecatedDependencySchema),
4408
+ outdatedPackages: z3.array(outdatedDependencySchema),
4409
+ duplicatePackages: z3.array(duplicateDependencySchema),
4410
+ conflicts: z3.array(dependencyIssueConflictSchema)
4411
+ }).nullable().optional();
4305
4412
  var circularDependencyCycleSchema = z3.object({
4306
4413
  cycleStart: z3.string(),
4307
4414
  circularPath: z3.array(z3.string()),
@@ -4318,7 +4425,9 @@ var transitiveDependencySchema = z3.object({
4318
4425
  uniqueDependencies: z3.array(z3.string()).nullable().optional(),
4319
4426
  dependencyConflicts: z3.array(dependencyConflictSchema).nullable().optional(),
4320
4427
  circularDependencyCycles: z3.array(circularDependencyCycleSchema).nullable().optional(),
4321
- dependencyGraph: dependencyGraphSchema.nullable().optional()
4428
+ dependencyGraph: dependencyGraphSchema.nullable().optional(),
4429
+ vulnerabilitySummary: transitiveVulnerabilitySummarySchema,
4430
+ dependencyIssues: dependencyIssuesSummarySchema
4322
4431
  }).nullable().optional();
4323
4432
  var dependencyBundleSchema = z3.object({
4324
4433
  direct: z3.array(directDependencySchema).nullable().optional(),
@@ -4448,6 +4557,203 @@ query PackageDependencies(
4448
4557
  }
4449
4558
  }
4450
4559
  }`;
4560
+ var PACKAGE_UPGRADE_DEPENDENCY_PROBE_QUERY = `
4561
+ query PackageUpgradeDependencyProbe(
4562
+ $registry: Registry!
4563
+ $name: String!
4564
+ $version: String!
4565
+ $includeTransitiveRisk: Boolean!
4566
+ $includeTransitiveSecurity: Boolean!
4567
+ $includeDependencyIssues: Boolean!
4568
+ $includeDependencyChanges: Boolean!
4569
+ $includeGroups: Boolean!
4570
+ $lifecycle: [String!]
4571
+ $minSeverity: Float
4572
+ ) {
4573
+ packageDependencies(
4574
+ registry: $registry
4575
+ name: $name
4576
+ version: $version
4577
+ includeTransitive: $includeTransitiveRisk
4578
+ lifecycle: $lifecycle
4579
+ ) {
4580
+ package {
4581
+ name
4582
+ registry
4583
+ version
4584
+ publishedAt
4585
+ deprecated
4586
+ deprecationReason
4587
+ }
4588
+ dependencies {
4589
+ direct {
4590
+ name
4591
+ versionConstraint
4592
+ type
4593
+ }
4594
+ transitive @include(if: $includeTransitiveRisk) {
4595
+ dependencyGraph @include(if: $includeDependencyChanges) {
4596
+ formatVersion
4597
+ nodes {
4598
+ registry
4599
+ name
4600
+ version
4601
+ }
4602
+ edges {
4603
+ fromIndex
4604
+ toIndex
4605
+ constraint
4606
+ dependencyType
4607
+ }
4608
+ }
4609
+ vulnerabilitySummary(minSeverity: $minSeverity) @include(if: $includeTransitiveSecurity) {
4610
+ affected {
4611
+ totalVulnerabilities
4612
+ critical
4613
+ high
4614
+ medium
4615
+ low
4616
+ unknown
4617
+ }
4618
+ nonAffecting {
4619
+ totalVulnerabilities
4620
+ critical
4621
+ high
4622
+ medium
4623
+ low
4624
+ unknown
4625
+ }
4626
+ combined {
4627
+ totalVulnerabilities
4628
+ critical
4629
+ high
4630
+ medium
4631
+ low
4632
+ unknown
4633
+ }
4634
+ totalPackagesAnalyzed
4635
+ affectedPackageCount
4636
+ calculatedAt
4637
+ packages {
4638
+ registry
4639
+ name
4640
+ versions
4641
+ affectedCount
4642
+ nonAffectingCount
4643
+ totalCount
4644
+ maxSeverityScore
4645
+ maxSeverityLabel
4646
+ advisoryIds(scope: AFFECTED)
4647
+ mostCritical {
4648
+ osvId
4649
+ registry
4650
+ packageName
4651
+ summary
4652
+ severityScore
4653
+ severityType
4654
+ affectedVersionRanges
4655
+ fixedInVersions
4656
+ publishedAt
4657
+ modifiedAt
4658
+ withdrawnAt
4659
+ aliases
4660
+ isMalicious
4661
+ }
4662
+ advisoryOccurrences(scope: AFFECTED, minSeverity: $minSeverity, limit: 5) {
4663
+ version
4664
+ affectsResolvedVersion
4665
+ matchedAffectedVersionRanges
4666
+ fixVersionsAboveResolved
4667
+ nearestFixedVersion
4668
+ advisory {
4669
+ osvId
4670
+ registry
4671
+ packageName
4672
+ summary
4673
+ severityScore
4674
+ severityType
4675
+ affectedVersionRanges
4676
+ fixedInVersions
4677
+ publishedAt
4678
+ modifiedAt
4679
+ withdrawnAt
4680
+ aliases
4681
+ isMalicious
4682
+ }
4683
+ }
4684
+ }
4685
+ }
4686
+ dependencyIssues @include(if: $includeDependencyIssues) {
4687
+ totalCount
4688
+ deprecatedCount
4689
+ outdatedCount
4690
+ duplicateCount
4691
+ conflictCount
4692
+ deprecatedPackages {
4693
+ registry
4694
+ name
4695
+ versions
4696
+ reasons {
4697
+ version
4698
+ reason
4699
+ }
4700
+ }
4701
+ outdatedPackages {
4702
+ registry
4703
+ name
4704
+ latestVersion
4705
+ severity
4706
+ versions {
4707
+ version
4708
+ severity
4709
+ }
4710
+ repositoryUrl
4711
+ }
4712
+ duplicatePackages {
4713
+ registry
4714
+ name
4715
+ versions
4716
+ }
4717
+ conflicts {
4718
+ registry
4719
+ name
4720
+ versions
4721
+ requiredVersions
4722
+ conflictingEdges {
4723
+ fromIndex
4724
+ toIndex
4725
+ versionConstraint
4726
+ dependencyType
4727
+ }
4728
+ }
4729
+ }
4730
+ }
4731
+ }
4732
+ dependencyGroups @include(if: $includeGroups) {
4733
+ primaryGroup
4734
+ environmentMarkers {
4735
+ type
4736
+ value
4737
+ raw
4738
+ }
4739
+ groups {
4740
+ name
4741
+ lifecycle
4742
+ conditionType
4743
+ conditionValue
4744
+ selectionMode
4745
+ exclusiveGroup
4746
+ fallbackPriority
4747
+ compatibleWith
4748
+ defaultEnabled
4749
+ dependencies {
4750
+ name
4751
+ constraint
4752
+ }
4753
+ }
4754
+ }
4755
+ }
4756
+ }`;
4451
4757
  var changelogPackageInfoSchema = z3.object({
4452
4758
  name: z3.string().nullable().optional(),
4453
4759
  registry: z3.string().nullable().optional(),
@@ -4915,7 +5221,10 @@ class PackageIntelligenceServiceImpl {
4915
5221
  const identity = {
4916
5222
  name,
4917
5223
  version: version2,
4918
- registry: data.package?.registry ?? undefined
5224
+ registry: data.package?.registry ?? undefined,
5225
+ publishedAt: data.package?.publishedAt ?? undefined,
5226
+ deprecated: data.package?.deprecated ?? undefined,
5227
+ deprecationReason: data.package?.deprecationReason ?? undefined
4919
5228
  };
4920
5229
  const security = data.security ? {
4921
5230
  affectedVulnerabilityCount: data.security.affectedVulnerabilityCount,
@@ -4955,6 +5264,58 @@ class PackageIntelligenceServiceImpl {
4955
5264
  executeWithToken: (token) => this.executePackageDependencies(token, params)
4956
5265
  }));
4957
5266
  }
5267
+ async packageUpgradeDependencyProbe(params) {
5268
+ return withTelemetrySpan("pkg-intel.upgrade-dependency-probe.request", () => executeWithTokenRefresh({
5269
+ getToken: () => this.tokenProvider.getToken(),
5270
+ forceRefresh: () => this.tokenProvider.forceRefresh(),
5271
+ shouldRefresh: (error) => error instanceof AuthenticationError,
5272
+ executeWithToken: (token) => this.executePackageUpgradeDependencyProbe(token, params)
5273
+ }));
5274
+ }
5275
+ async executePackageUpgradeDependencyProbe(token, params) {
5276
+ const includeTransitiveRisk = params.includeTransitiveSecurity === true || params.includeDependencyIssues === true || params.includeDependencyChanges === true;
5277
+ let response;
5278
+ try {
5279
+ response = await postPkgseerGraphql({
5280
+ endpointUrl: this.endpointUrl,
5281
+ token,
5282
+ query: PACKAGE_UPGRADE_DEPENDENCY_PROBE_QUERY,
5283
+ variables: {
5284
+ registry: params.registry,
5285
+ name: params.packageName,
5286
+ version: params.version,
5287
+ includeTransitiveRisk,
5288
+ includeTransitiveSecurity: params.includeTransitiveSecurity === true,
5289
+ includeDependencyIssues: params.includeDependencyIssues === true,
5290
+ includeDependencyChanges: params.includeDependencyChanges === true,
5291
+ includeGroups: params.includeGroups === true,
5292
+ lifecycle: params.includeGroups === true ? ["peer"] : undefined,
5293
+ minSeverity: params.minSeverity
5294
+ },
5295
+ fetchFn: this.fetchFn
5296
+ });
5297
+ } catch (cause) {
5298
+ if (cause instanceof PkgseerTransportError) {
5299
+ throw new PackageIntelligenceNetworkError("Could not reach the package intelligence service. Check your connection or set GITHITS_CODE_NAV_URL.", { cause });
5300
+ }
5301
+ throw cause;
5302
+ }
5303
+ if (response.status < 200 || response.status >= 300) {
5304
+ throw this.createHttpError(response);
5305
+ }
5306
+ const parsed = dependenciesGraphQLResponseSchema.safeParse(response.parsedBody);
5307
+ if (!parsed.success) {
5308
+ throw new MalformedPackageIntelligenceResponseError("Malformed response from the package-intelligence service.");
5309
+ }
5310
+ if (parsed.data.errors && parsed.data.errors.length > 0) {
5311
+ throw promoteGenericVersionNotFound(this.createGraphQLError(parsed.data.errors), params);
5312
+ }
5313
+ const data = parsed.data.data?.packageDependencies;
5314
+ if (!data) {
5315
+ throw new MalformedPackageIntelligenceResponseError("Empty response from the package-intelligence service.");
5316
+ }
5317
+ return this.normaliseDependencyReport(data);
5318
+ }
4958
5319
  async executePackageDependencies(token, params) {
4959
5320
  let response;
4960
5321
  try {
@@ -5003,7 +5364,10 @@ class PackageIntelligenceServiceImpl {
5003
5364
  const identity = {
5004
5365
  name,
5005
5366
  version: version2,
5006
- registry: data.package?.registry ?? undefined
5367
+ registry: data.package?.registry ?? undefined,
5368
+ publishedAt: data.package?.publishedAt ?? undefined,
5369
+ deprecated: data.package?.deprecated ?? undefined,
5370
+ deprecationReason: data.package?.deprecationReason ?? undefined
5007
5371
  };
5008
5372
  const bundle = data.dependencies;
5009
5373
  const dependencies = bundle ? {
@@ -5049,7 +5413,9 @@ class PackageIntelligenceServiceImpl {
5049
5413
  constraint: e.constraint ?? undefined,
5050
5414
  dependencyType: e.dependencyType ?? undefined
5051
5415
  }))
5052
- } : undefined
5416
+ } : undefined,
5417
+ vulnerabilitySummary: this.normaliseTransitiveVulnerabilitySummary(bundle.transitive.vulnerabilitySummary),
5418
+ dependencyIssues: this.normaliseDependencyIssuesSummary(bundle.transitive.dependencyIssues)
5053
5419
  } : undefined
5054
5420
  } : undefined;
5055
5421
  const dependencyGroups = data.dependencyGroups ? {
@@ -5081,6 +5447,103 @@ class PackageIntelligenceServiceImpl {
5081
5447
  dependencyGroups
5082
5448
  };
5083
5449
  }
5450
+ normaliseTransitiveVulnerabilitySummary(summary) {
5451
+ if (!summary)
5452
+ return;
5453
+ return {
5454
+ affected: summary.affected,
5455
+ nonAffecting: summary.nonAffecting,
5456
+ combined: summary.combined,
5457
+ totalPackagesAnalyzed: summary.totalPackagesAnalyzed,
5458
+ affectedPackageCount: summary.affectedPackageCount,
5459
+ calculatedAt: summary.calculatedAt ?? undefined,
5460
+ packages: summary.packages.map((pkg) => ({
5461
+ registry: pkg.registry,
5462
+ name: pkg.name,
5463
+ versions: pkg.versions,
5464
+ affectedCount: pkg.affectedCount,
5465
+ nonAffectingCount: pkg.nonAffectingCount,
5466
+ totalCount: pkg.totalCount,
5467
+ maxSeverityScore: pkg.maxSeverityScore ?? undefined,
5468
+ maxSeverityLabel: pkg.maxSeverityLabel ?? undefined,
5469
+ advisoryIds: pkg.advisoryIds,
5470
+ mostCritical: pkg.mostCritical ? this.normaliseVulnerabilitySummaryDetail(pkg.mostCritical) : undefined,
5471
+ advisoryOccurrences: pkg.advisoryOccurrences?.map((occurrence) => ({
5472
+ version: occurrence.version,
5473
+ affectsResolvedVersion: occurrence.affectsResolvedVersion,
5474
+ matchedAffectedVersionRanges: occurrence.matchedAffectedVersionRanges,
5475
+ fixVersionsAboveResolved: occurrence.fixVersionsAboveResolved,
5476
+ nearestFixedVersion: occurrence.nearestFixedVersion ?? undefined,
5477
+ advisory: this.normaliseVulnerabilitySummaryDetail(occurrence.advisory)
5478
+ })) ?? undefined
5479
+ }))
5480
+ };
5481
+ }
5482
+ normaliseVulnerabilitySummaryDetail(advisory) {
5483
+ return {
5484
+ osvId: advisory.osvId ?? undefined,
5485
+ registry: advisory.registry ?? undefined,
5486
+ packageName: advisory.packageName ?? undefined,
5487
+ summary: advisory.summary ?? undefined,
5488
+ severityScore: advisory.severityScore ?? undefined,
5489
+ severityType: advisory.severityType ?? undefined,
5490
+ affectedVersionRanges: advisory.affectedVersionRanges ?? undefined,
5491
+ fixedInVersions: advisory.fixedInVersions ?? undefined,
5492
+ publishedAt: advisory.publishedAt ?? undefined,
5493
+ modifiedAt: advisory.modifiedAt ?? undefined,
5494
+ withdrawnAt: advisory.withdrawnAt ?? undefined,
5495
+ aliases: advisory.aliases ?? undefined,
5496
+ isMalicious: advisory.isMalicious ?? undefined
5497
+ };
5498
+ }
5499
+ normaliseDependencyIssuesSummary(issues) {
5500
+ if (!issues)
5501
+ return;
5502
+ return {
5503
+ totalCount: issues.totalCount,
5504
+ deprecatedCount: issues.deprecatedCount,
5505
+ outdatedCount: issues.outdatedCount,
5506
+ duplicateCount: issues.duplicateCount,
5507
+ conflictCount: issues.conflictCount,
5508
+ deprecatedPackages: issues.deprecatedPackages.map((pkg) => ({
5509
+ registry: pkg.registry,
5510
+ name: pkg.name,
5511
+ versions: pkg.versions,
5512
+ reasons: pkg.reasons.map((reason) => ({
5513
+ version: reason.version,
5514
+ reason: reason.reason ?? undefined
5515
+ }))
5516
+ })),
5517
+ outdatedPackages: issues.outdatedPackages.map((pkg) => ({
5518
+ registry: pkg.registry,
5519
+ name: pkg.name,
5520
+ latestVersion: pkg.latestVersion ?? undefined,
5521
+ severity: pkg.severity,
5522
+ versions: pkg.versions.map((version2) => ({
5523
+ version: version2.version,
5524
+ severity: version2.severity
5525
+ })),
5526
+ repositoryUrl: pkg.repositoryUrl ?? undefined
5527
+ })),
5528
+ duplicatePackages: issues.duplicatePackages.map((pkg) => ({
5529
+ registry: pkg.registry ?? undefined,
5530
+ name: pkg.name,
5531
+ versions: pkg.versions
5532
+ })),
5533
+ conflicts: issues.conflicts.map((conflict) => ({
5534
+ registry: conflict.registry ?? undefined,
5535
+ name: conflict.name,
5536
+ versions: conflict.versions,
5537
+ requiredVersions: conflict.requiredVersions,
5538
+ conflictingEdges: conflict.conflictingEdges.map((edge) => ({
5539
+ fromIndex: edge.fromIndex ?? undefined,
5540
+ toIndex: edge.toIndex,
5541
+ versionConstraint: edge.versionConstraint,
5542
+ dependencyType: edge.dependencyType
5543
+ }))
5544
+ }))
5545
+ };
5546
+ }
5084
5547
  async packageChangelog(params) {
5085
5548
  return withTelemetrySpan("pkg-intel.changelog.request", () => executeWithTokenRefresh({
5086
5549
  getToken: () => this.tokenProvider.getToken(),
@@ -4,8 +4,8 @@ import {
4
4
  createAuthStatusDependencies,
5
5
  createContainer,
6
6
  loadAutoLoginAuthSessionMetadata
7
- } from "./chunk-tfqxat16.js";
8
- import"./chunk-96tjsv6y.js";
7
+ } from "./chunk-ygqss6gp.js";
8
+ import"./chunk-vfyz65v1.js";
9
9
  export {
10
10
  loadAutoLoginAuthSessionMetadata,
11
11
  createContainer,
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "githits",
3
- "version": "0.4.4",
3
+ "version": "0.4.5",
4
4
  "description": "Code examples from global open source for developers and AI assistants.",
5
5
  "mcpServers": {
6
6
  "githits": {
package/package.json CHANGED
@@ -1,7 +1,7 @@
1
1
  {
2
2
  "name": "githits",
3
3
  "description": "CLI companion for GitHits - code examples from global open source for developers and AI assistants",
4
- "version": "0.4.4",
4
+ "version": "0.4.5",
5
5
  "type": "module",
6
6
  "files": [
7
7
  "dist",
@@ -38,6 +38,8 @@
38
38
  "audit:pkg-ecosystems": "bun run scripts/pkg-ecosystem-audit.ts",
39
39
  "agent:e2e": "bun run scripts/agent-eval.ts",
40
40
  "agent:e2e:report": "bun run scripts/agent-eval-report.ts",
41
+ "agent:session": "bun run scripts/agent-session.ts",
42
+ "eval": "bun run eval/run.ts",
41
43
  "test": "bun test",
42
44
  "typecheck": "tsc",
43
45
  "format": "biome format --write .",
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "githits",
3
- "version": "0.4.4",
3
+ "version": "0.4.5",
4
4
  "description": "Code examples from global open source for developers and AI assistants",
5
5
  "author": {
6
6
  "name": "GitHits"
@@ -21,4 +21,5 @@ Optional parameters:
21
21
  licenses), or `"custom"` (user's blocklist).
22
22
 
23
23
  Present the results clearly. After the user has reviewed the result, use the
24
- `feedback` tool to report whether the example was helpful.
24
+ `feedback` tool to report whether the example was helpful. Use the returned
25
+ `solution_id` when available.
@@ -31,7 +31,7 @@ This plugin connects to the GitHits MCP server and always exposes these core too
31
31
  language. Requires `query`; `language` is optional and inferred when omitted.
32
32
  - **search_language** — Look up supported programming language names when you
33
33
  need to force a specific language.
34
- - **feedback** — Rate a search result to improve future quality.
34
+ - **feedback** — Submit result or session feedback to improve future quality.
35
35
 
36
36
  Additional indexed dependency/package tools are available by default:
37
37
  `search`, `search_status`, `docs_list`, `docs_read`, `pkg_info`, `pkg_vulns`,
@@ -23,4 +23,5 @@ Optional parameters:
23
23
  licenses), or `"custom"` (user's blocklist).
24
24
 
25
25
  Present the results clearly. After the user has reviewed the result, use the
26
- `feedback` tool to report whether the example was helpful.
26
+ `feedback` tool to report whether the result was helpful. Omit `solution_id`
27
+ for generic session feedback about indexed search results.
@@ -3,6 +3,8 @@ name: search
3
3
  description:
4
4
  Use GitHits MCP tools to find real-world code examples when model knowledge
5
5
  is insufficient.
6
+ metadata:
7
+ internal: true
6
8
  ---
7
9
 
8
10
  Use GitHits when: