githits 0.4.4 → 0.4.5
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.claude-plugin/marketplace.json +1 -1
- package/.claude-plugin/plugin.json +1 -1
- package/.plugin/plugin.json +1 -1
- package/GEMINI.md +4 -3
- package/README.md +2 -2
- package/commands/example.md +2 -1
- package/commands/help.md +1 -1
- package/commands/search.md +2 -1
- package/dist/cli.js +1413 -122
- package/dist/index.js +1 -1
- package/dist/shared/{chunk-96tjsv6y.js → chunk-vfyz65v1.js} +1 -1
- package/dist/shared/{chunk-tfqxat16.js → chunk-ygqss6gp.js} +470 -7
- package/dist/shared/{chunk-k35egwwf.js → chunk-zzmbjttb.js} +2 -2
- package/gemini-extension.json +1 -1
- package/package.json +3 -1
- package/plugins/claude/.claude-plugin/plugin.json +1 -1
- package/plugins/claude/commands/example.md +2 -1
- package/plugins/claude/commands/help.md +1 -1
- package/plugins/claude/commands/search.md +2 -1
- package/plugins/claude/skills/search/SKILL.md +2 -0
- package/skills/githits-code/SKILL.md +81 -0
- package/skills/githits-code/references/code-and-docs.md +49 -0
- package/skills/githits-package/SKILL.md +90 -0
- package/skills/githits-package/references/package.md +51 -0
- package/skills/search/SKILL.md +0 -40
package/dist/index.js
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
import {
|
|
2
2
|
__require,
|
|
3
3
|
version
|
|
4
|
-
} from "./chunk-
|
|
4
|
+
} from "./chunk-vfyz65v1.js";
|
|
5
5
|
|
|
6
6
|
// src/services/app-config-paths.ts
|
|
7
7
|
var APP_DIR = "githits";
|
|
@@ -1400,11 +1400,17 @@ class GitHitsServiceImpl {
|
|
|
1400
1400
|
method: "POST",
|
|
1401
1401
|
headers: this.headers(),
|
|
1402
1402
|
body: JSON.stringify({
|
|
1403
|
+
...params.exampleId !== undefined && {
|
|
1404
|
+
example_id: params.exampleId
|
|
1405
|
+
},
|
|
1403
1406
|
...params.solutionId !== undefined && {
|
|
1404
1407
|
solution_id: params.solutionId
|
|
1405
1408
|
},
|
|
1406
1409
|
accepted: params.accepted,
|
|
1407
|
-
feedback_text: params.feedbackText ?? null
|
|
1410
|
+
feedback_text: params.feedbackText ?? null,
|
|
1411
|
+
...params.toolName !== undefined && {
|
|
1412
|
+
tool_name: params.toolName
|
|
1413
|
+
}
|
|
1408
1414
|
})
|
|
1409
1415
|
});
|
|
1410
1416
|
if (!response.ok) {
|
|
@@ -4167,7 +4173,10 @@ query PackageSummary($registry: Registry!, $name: String!) {
|
|
|
4167
4173
|
var packageVersionIdentitySchema = z3.object({
|
|
4168
4174
|
name: z3.string().nullable().optional(),
|
|
4169
4175
|
registry: z3.string().nullable().optional(),
|
|
4170
|
-
version: z3.string().nullable().optional()
|
|
4176
|
+
version: z3.string().nullable().optional(),
|
|
4177
|
+
publishedAt: z3.string().nullable().optional(),
|
|
4178
|
+
deprecated: z3.boolean().nullable().optional(),
|
|
4179
|
+
deprecationReason: z3.string().nullable().optional()
|
|
4171
4180
|
});
|
|
4172
4181
|
var vulnerabilityDetailSchema = z3.object({
|
|
4173
4182
|
osvId: z3.string().nullable().optional(),
|
|
@@ -4291,6 +4300,86 @@ var dependencyGraphSchema = z3.object({
|
|
|
4291
4300
|
nodes: z3.array(dependencyGraphNodeSchema),
|
|
4292
4301
|
edges: z3.array(dependencyGraphEdgeSchema)
|
|
4293
4302
|
});
|
|
4303
|
+
var vulnerabilityCountSummarySchema = z3.object({
|
|
4304
|
+
totalVulnerabilities: z3.number().int(),
|
|
4305
|
+
critical: z3.number().int(),
|
|
4306
|
+
high: z3.number().int(),
|
|
4307
|
+
medium: z3.number().int(),
|
|
4308
|
+
low: z3.number().int(),
|
|
4309
|
+
unknown: z3.number().int()
|
|
4310
|
+
});
|
|
4311
|
+
var vulnerabilitySummaryDetailSchema = z3.object({
|
|
4312
|
+
osvId: z3.string().nullable().optional(),
|
|
4313
|
+
registry: z3.string().nullable().optional(),
|
|
4314
|
+
packageName: z3.string().nullable().optional(),
|
|
4315
|
+
summary: z3.string().nullable().optional(),
|
|
4316
|
+
severityScore: z3.number().nullable().optional(),
|
|
4317
|
+
severityType: z3.string().nullable().optional(),
|
|
4318
|
+
affectedVersionRanges: z3.array(z3.string()).nullable().optional(),
|
|
4319
|
+
fixedInVersions: z3.array(z3.string()).nullable().optional(),
|
|
4320
|
+
publishedAt: z3.string().nullable().optional(),
|
|
4321
|
+
modifiedAt: z3.string().nullable().optional(),
|
|
4322
|
+
withdrawnAt: z3.string().nullable().optional(),
|
|
4323
|
+
aliases: z3.array(z3.string()).nullable().optional(),
|
|
4324
|
+
isMalicious: z3.boolean().nullable().optional()
|
|
4325
|
+
});
|
|
4326
|
+
var transitiveDependencyVulnerabilitySchema = z3.object({
|
|
4327
|
+
version: z3.string(),
|
|
4328
|
+
affectsResolvedVersion: z3.boolean(),
|
|
4329
|
+
matchedAffectedVersionRanges: z3.array(z3.string()),
|
|
4330
|
+
fixVersionsAboveResolved: z3.array(z3.string()),
|
|
4331
|
+
nearestFixedVersion: z3.string().nullable().optional(),
|
|
4332
|
+
advisory: vulnerabilitySummaryDetailSchema
|
|
4333
|
+
});
|
|
4334
|
+
var transitiveVulnerablePackageSchema = z3.object({
|
|
4335
|
+
registry: z3.string(),
|
|
4336
|
+
name: z3.string(),
|
|
4337
|
+
versions: z3.array(z3.string()),
|
|
4338
|
+
affectedCount: z3.number().int(),
|
|
4339
|
+
nonAffectingCount: z3.number().int(),
|
|
4340
|
+
totalCount: z3.number().int(),
|
|
4341
|
+
maxSeverityScore: z3.number().nullable().optional(),
|
|
4342
|
+
maxSeverityLabel: z3.string().nullable().optional(),
|
|
4343
|
+
advisoryIds: z3.array(z3.string()),
|
|
4344
|
+
mostCritical: vulnerabilitySummaryDetailSchema.nullable().optional(),
|
|
4345
|
+
advisoryOccurrences: z3.array(transitiveDependencyVulnerabilitySchema).nullable().optional()
|
|
4346
|
+
});
|
|
4347
|
+
var transitiveVulnerabilitySummarySchema = z3.object({
|
|
4348
|
+
affected: vulnerabilityCountSummarySchema,
|
|
4349
|
+
nonAffecting: vulnerabilityCountSummarySchema,
|
|
4350
|
+
combined: vulnerabilityCountSummarySchema,
|
|
4351
|
+
totalPackagesAnalyzed: z3.number().int(),
|
|
4352
|
+
affectedPackageCount: z3.number().int(),
|
|
4353
|
+
packages: z3.array(transitiveVulnerablePackageSchema),
|
|
4354
|
+
calculatedAt: z3.string().nullable().optional()
|
|
4355
|
+
}).nullable().optional();
|
|
4356
|
+
var dependencyDeprecationReasonSchema = z3.object({
|
|
4357
|
+
version: z3.string(),
|
|
4358
|
+
reason: z3.string().nullable().optional()
|
|
4359
|
+
});
|
|
4360
|
+
var deprecatedDependencySchema = z3.object({
|
|
4361
|
+
registry: z3.string(),
|
|
4362
|
+
name: z3.string(),
|
|
4363
|
+
versions: z3.array(z3.string()),
|
|
4364
|
+
reasons: z3.array(dependencyDeprecationReasonSchema)
|
|
4365
|
+
});
|
|
4366
|
+
var outdatedDependencyVersionSchema = z3.object({
|
|
4367
|
+
version: z3.string(),
|
|
4368
|
+
severity: z3.string()
|
|
4369
|
+
});
|
|
4370
|
+
var outdatedDependencySchema = z3.object({
|
|
4371
|
+
registry: z3.string(),
|
|
4372
|
+
name: z3.string(),
|
|
4373
|
+
latestVersion: z3.string().nullable().optional(),
|
|
4374
|
+
severity: z3.string(),
|
|
4375
|
+
versions: z3.array(outdatedDependencyVersionSchema),
|
|
4376
|
+
repositoryUrl: z3.string().nullable().optional()
|
|
4377
|
+
});
|
|
4378
|
+
var duplicateDependencySchema = z3.object({
|
|
4379
|
+
registry: z3.string().nullable().optional(),
|
|
4380
|
+
name: z3.string(),
|
|
4381
|
+
versions: z3.array(z3.string())
|
|
4382
|
+
});
|
|
4294
4383
|
var dependencyConflictEdgeSchema = z3.object({
|
|
4295
4384
|
fromIndex: z3.number().int().nullable().optional(),
|
|
4296
4385
|
toIndex: z3.number().int(),
|
|
@@ -4302,6 +4391,24 @@ var dependencyConflictSchema = z3.object({
|
|
|
4302
4391
|
requiredVersions: z3.array(z3.string()),
|
|
4303
4392
|
conflictingEdges: z3.array(dependencyConflictEdgeSchema)
|
|
4304
4393
|
});
|
|
4394
|
+
var dependencyIssueConflictSchema = z3.object({
|
|
4395
|
+
registry: z3.string().nullable().optional(),
|
|
4396
|
+
name: z3.string(),
|
|
4397
|
+
versions: z3.array(z3.string()),
|
|
4398
|
+
requiredVersions: z3.array(z3.string()),
|
|
4399
|
+
conflictingEdges: z3.array(dependencyConflictEdgeSchema)
|
|
4400
|
+
});
|
|
4401
|
+
var dependencyIssuesSummarySchema = z3.object({
|
|
4402
|
+
totalCount: z3.number().int(),
|
|
4403
|
+
deprecatedCount: z3.number().int(),
|
|
4404
|
+
outdatedCount: z3.number().int(),
|
|
4405
|
+
duplicateCount: z3.number().int(),
|
|
4406
|
+
conflictCount: z3.number().int(),
|
|
4407
|
+
deprecatedPackages: z3.array(deprecatedDependencySchema),
|
|
4408
|
+
outdatedPackages: z3.array(outdatedDependencySchema),
|
|
4409
|
+
duplicatePackages: z3.array(duplicateDependencySchema),
|
|
4410
|
+
conflicts: z3.array(dependencyIssueConflictSchema)
|
|
4411
|
+
}).nullable().optional();
|
|
4305
4412
|
var circularDependencyCycleSchema = z3.object({
|
|
4306
4413
|
cycleStart: z3.string(),
|
|
4307
4414
|
circularPath: z3.array(z3.string()),
|
|
@@ -4318,7 +4425,9 @@ var transitiveDependencySchema = z3.object({
|
|
|
4318
4425
|
uniqueDependencies: z3.array(z3.string()).nullable().optional(),
|
|
4319
4426
|
dependencyConflicts: z3.array(dependencyConflictSchema).nullable().optional(),
|
|
4320
4427
|
circularDependencyCycles: z3.array(circularDependencyCycleSchema).nullable().optional(),
|
|
4321
|
-
dependencyGraph: dependencyGraphSchema.nullable().optional()
|
|
4428
|
+
dependencyGraph: dependencyGraphSchema.nullable().optional(),
|
|
4429
|
+
vulnerabilitySummary: transitiveVulnerabilitySummarySchema,
|
|
4430
|
+
dependencyIssues: dependencyIssuesSummarySchema
|
|
4322
4431
|
}).nullable().optional();
|
|
4323
4432
|
var dependencyBundleSchema = z3.object({
|
|
4324
4433
|
direct: z3.array(directDependencySchema).nullable().optional(),
|
|
@@ -4448,6 +4557,203 @@ query PackageDependencies(
|
|
|
4448
4557
|
}
|
|
4449
4558
|
}
|
|
4450
4559
|
}`;
|
|
4560
|
+
var PACKAGE_UPGRADE_DEPENDENCY_PROBE_QUERY = `
|
|
4561
|
+
query PackageUpgradeDependencyProbe(
|
|
4562
|
+
$registry: Registry!
|
|
4563
|
+
$name: String!
|
|
4564
|
+
$version: String!
|
|
4565
|
+
$includeTransitiveRisk: Boolean!
|
|
4566
|
+
$includeTransitiveSecurity: Boolean!
|
|
4567
|
+
$includeDependencyIssues: Boolean!
|
|
4568
|
+
$includeDependencyChanges: Boolean!
|
|
4569
|
+
$includeGroups: Boolean!
|
|
4570
|
+
$lifecycle: [String!]
|
|
4571
|
+
$minSeverity: Float
|
|
4572
|
+
) {
|
|
4573
|
+
packageDependencies(
|
|
4574
|
+
registry: $registry
|
|
4575
|
+
name: $name
|
|
4576
|
+
version: $version
|
|
4577
|
+
includeTransitive: $includeTransitiveRisk
|
|
4578
|
+
lifecycle: $lifecycle
|
|
4579
|
+
) {
|
|
4580
|
+
package {
|
|
4581
|
+
name
|
|
4582
|
+
registry
|
|
4583
|
+
version
|
|
4584
|
+
publishedAt
|
|
4585
|
+
deprecated
|
|
4586
|
+
deprecationReason
|
|
4587
|
+
}
|
|
4588
|
+
dependencies {
|
|
4589
|
+
direct {
|
|
4590
|
+
name
|
|
4591
|
+
versionConstraint
|
|
4592
|
+
type
|
|
4593
|
+
}
|
|
4594
|
+
transitive @include(if: $includeTransitiveRisk) {
|
|
4595
|
+
dependencyGraph @include(if: $includeDependencyChanges) {
|
|
4596
|
+
formatVersion
|
|
4597
|
+
nodes {
|
|
4598
|
+
registry
|
|
4599
|
+
name
|
|
4600
|
+
version
|
|
4601
|
+
}
|
|
4602
|
+
edges {
|
|
4603
|
+
fromIndex
|
|
4604
|
+
toIndex
|
|
4605
|
+
constraint
|
|
4606
|
+
dependencyType
|
|
4607
|
+
}
|
|
4608
|
+
}
|
|
4609
|
+
vulnerabilitySummary(minSeverity: $minSeverity) @include(if: $includeTransitiveSecurity) {
|
|
4610
|
+
affected {
|
|
4611
|
+
totalVulnerabilities
|
|
4612
|
+
critical
|
|
4613
|
+
high
|
|
4614
|
+
medium
|
|
4615
|
+
low
|
|
4616
|
+
unknown
|
|
4617
|
+
}
|
|
4618
|
+
nonAffecting {
|
|
4619
|
+
totalVulnerabilities
|
|
4620
|
+
critical
|
|
4621
|
+
high
|
|
4622
|
+
medium
|
|
4623
|
+
low
|
|
4624
|
+
unknown
|
|
4625
|
+
}
|
|
4626
|
+
combined {
|
|
4627
|
+
totalVulnerabilities
|
|
4628
|
+
critical
|
|
4629
|
+
high
|
|
4630
|
+
medium
|
|
4631
|
+
low
|
|
4632
|
+
unknown
|
|
4633
|
+
}
|
|
4634
|
+
totalPackagesAnalyzed
|
|
4635
|
+
affectedPackageCount
|
|
4636
|
+
calculatedAt
|
|
4637
|
+
packages {
|
|
4638
|
+
registry
|
|
4639
|
+
name
|
|
4640
|
+
versions
|
|
4641
|
+
affectedCount
|
|
4642
|
+
nonAffectingCount
|
|
4643
|
+
totalCount
|
|
4644
|
+
maxSeverityScore
|
|
4645
|
+
maxSeverityLabel
|
|
4646
|
+
advisoryIds(scope: AFFECTED)
|
|
4647
|
+
mostCritical {
|
|
4648
|
+
osvId
|
|
4649
|
+
registry
|
|
4650
|
+
packageName
|
|
4651
|
+
summary
|
|
4652
|
+
severityScore
|
|
4653
|
+
severityType
|
|
4654
|
+
affectedVersionRanges
|
|
4655
|
+
fixedInVersions
|
|
4656
|
+
publishedAt
|
|
4657
|
+
modifiedAt
|
|
4658
|
+
withdrawnAt
|
|
4659
|
+
aliases
|
|
4660
|
+
isMalicious
|
|
4661
|
+
}
|
|
4662
|
+
advisoryOccurrences(scope: AFFECTED, minSeverity: $minSeverity, limit: 5) {
|
|
4663
|
+
version
|
|
4664
|
+
affectsResolvedVersion
|
|
4665
|
+
matchedAffectedVersionRanges
|
|
4666
|
+
fixVersionsAboveResolved
|
|
4667
|
+
nearestFixedVersion
|
|
4668
|
+
advisory {
|
|
4669
|
+
osvId
|
|
4670
|
+
registry
|
|
4671
|
+
packageName
|
|
4672
|
+
summary
|
|
4673
|
+
severityScore
|
|
4674
|
+
severityType
|
|
4675
|
+
affectedVersionRanges
|
|
4676
|
+
fixedInVersions
|
|
4677
|
+
publishedAt
|
|
4678
|
+
modifiedAt
|
|
4679
|
+
withdrawnAt
|
|
4680
|
+
aliases
|
|
4681
|
+
isMalicious
|
|
4682
|
+
}
|
|
4683
|
+
}
|
|
4684
|
+
}
|
|
4685
|
+
}
|
|
4686
|
+
dependencyIssues @include(if: $includeDependencyIssues) {
|
|
4687
|
+
totalCount
|
|
4688
|
+
deprecatedCount
|
|
4689
|
+
outdatedCount
|
|
4690
|
+
duplicateCount
|
|
4691
|
+
conflictCount
|
|
4692
|
+
deprecatedPackages {
|
|
4693
|
+
registry
|
|
4694
|
+
name
|
|
4695
|
+
versions
|
|
4696
|
+
reasons {
|
|
4697
|
+
version
|
|
4698
|
+
reason
|
|
4699
|
+
}
|
|
4700
|
+
}
|
|
4701
|
+
outdatedPackages {
|
|
4702
|
+
registry
|
|
4703
|
+
name
|
|
4704
|
+
latestVersion
|
|
4705
|
+
severity
|
|
4706
|
+
versions {
|
|
4707
|
+
version
|
|
4708
|
+
severity
|
|
4709
|
+
}
|
|
4710
|
+
repositoryUrl
|
|
4711
|
+
}
|
|
4712
|
+
duplicatePackages {
|
|
4713
|
+
registry
|
|
4714
|
+
name
|
|
4715
|
+
versions
|
|
4716
|
+
}
|
|
4717
|
+
conflicts {
|
|
4718
|
+
registry
|
|
4719
|
+
name
|
|
4720
|
+
versions
|
|
4721
|
+
requiredVersions
|
|
4722
|
+
conflictingEdges {
|
|
4723
|
+
fromIndex
|
|
4724
|
+
toIndex
|
|
4725
|
+
versionConstraint
|
|
4726
|
+
dependencyType
|
|
4727
|
+
}
|
|
4728
|
+
}
|
|
4729
|
+
}
|
|
4730
|
+
}
|
|
4731
|
+
}
|
|
4732
|
+
dependencyGroups @include(if: $includeGroups) {
|
|
4733
|
+
primaryGroup
|
|
4734
|
+
environmentMarkers {
|
|
4735
|
+
type
|
|
4736
|
+
value
|
|
4737
|
+
raw
|
|
4738
|
+
}
|
|
4739
|
+
groups {
|
|
4740
|
+
name
|
|
4741
|
+
lifecycle
|
|
4742
|
+
conditionType
|
|
4743
|
+
conditionValue
|
|
4744
|
+
selectionMode
|
|
4745
|
+
exclusiveGroup
|
|
4746
|
+
fallbackPriority
|
|
4747
|
+
compatibleWith
|
|
4748
|
+
defaultEnabled
|
|
4749
|
+
dependencies {
|
|
4750
|
+
name
|
|
4751
|
+
constraint
|
|
4752
|
+
}
|
|
4753
|
+
}
|
|
4754
|
+
}
|
|
4755
|
+
}
|
|
4756
|
+
}`;
|
|
4451
4757
|
var changelogPackageInfoSchema = z3.object({
|
|
4452
4758
|
name: z3.string().nullable().optional(),
|
|
4453
4759
|
registry: z3.string().nullable().optional(),
|
|
@@ -4915,7 +5221,10 @@ class PackageIntelligenceServiceImpl {
|
|
|
4915
5221
|
const identity = {
|
|
4916
5222
|
name,
|
|
4917
5223
|
version: version2,
|
|
4918
|
-
registry: data.package?.registry ?? undefined
|
|
5224
|
+
registry: data.package?.registry ?? undefined,
|
|
5225
|
+
publishedAt: data.package?.publishedAt ?? undefined,
|
|
5226
|
+
deprecated: data.package?.deprecated ?? undefined,
|
|
5227
|
+
deprecationReason: data.package?.deprecationReason ?? undefined
|
|
4919
5228
|
};
|
|
4920
5229
|
const security = data.security ? {
|
|
4921
5230
|
affectedVulnerabilityCount: data.security.affectedVulnerabilityCount,
|
|
@@ -4955,6 +5264,58 @@ class PackageIntelligenceServiceImpl {
|
|
|
4955
5264
|
executeWithToken: (token) => this.executePackageDependencies(token, params)
|
|
4956
5265
|
}));
|
|
4957
5266
|
}
|
|
5267
|
+
async packageUpgradeDependencyProbe(params) {
|
|
5268
|
+
return withTelemetrySpan("pkg-intel.upgrade-dependency-probe.request", () => executeWithTokenRefresh({
|
|
5269
|
+
getToken: () => this.tokenProvider.getToken(),
|
|
5270
|
+
forceRefresh: () => this.tokenProvider.forceRefresh(),
|
|
5271
|
+
shouldRefresh: (error) => error instanceof AuthenticationError,
|
|
5272
|
+
executeWithToken: (token) => this.executePackageUpgradeDependencyProbe(token, params)
|
|
5273
|
+
}));
|
|
5274
|
+
}
|
|
5275
|
+
async executePackageUpgradeDependencyProbe(token, params) {
|
|
5276
|
+
const includeTransitiveRisk = params.includeTransitiveSecurity === true || params.includeDependencyIssues === true || params.includeDependencyChanges === true;
|
|
5277
|
+
let response;
|
|
5278
|
+
try {
|
|
5279
|
+
response = await postPkgseerGraphql({
|
|
5280
|
+
endpointUrl: this.endpointUrl,
|
|
5281
|
+
token,
|
|
5282
|
+
query: PACKAGE_UPGRADE_DEPENDENCY_PROBE_QUERY,
|
|
5283
|
+
variables: {
|
|
5284
|
+
registry: params.registry,
|
|
5285
|
+
name: params.packageName,
|
|
5286
|
+
version: params.version,
|
|
5287
|
+
includeTransitiveRisk,
|
|
5288
|
+
includeTransitiveSecurity: params.includeTransitiveSecurity === true,
|
|
5289
|
+
includeDependencyIssues: params.includeDependencyIssues === true,
|
|
5290
|
+
includeDependencyChanges: params.includeDependencyChanges === true,
|
|
5291
|
+
includeGroups: params.includeGroups === true,
|
|
5292
|
+
lifecycle: params.includeGroups === true ? ["peer"] : undefined,
|
|
5293
|
+
minSeverity: params.minSeverity
|
|
5294
|
+
},
|
|
5295
|
+
fetchFn: this.fetchFn
|
|
5296
|
+
});
|
|
5297
|
+
} catch (cause) {
|
|
5298
|
+
if (cause instanceof PkgseerTransportError) {
|
|
5299
|
+
throw new PackageIntelligenceNetworkError("Could not reach the package intelligence service. Check your connection or set GITHITS_CODE_NAV_URL.", { cause });
|
|
5300
|
+
}
|
|
5301
|
+
throw cause;
|
|
5302
|
+
}
|
|
5303
|
+
if (response.status < 200 || response.status >= 300) {
|
|
5304
|
+
throw this.createHttpError(response);
|
|
5305
|
+
}
|
|
5306
|
+
const parsed = dependenciesGraphQLResponseSchema.safeParse(response.parsedBody);
|
|
5307
|
+
if (!parsed.success) {
|
|
5308
|
+
throw new MalformedPackageIntelligenceResponseError("Malformed response from the package-intelligence service.");
|
|
5309
|
+
}
|
|
5310
|
+
if (parsed.data.errors && parsed.data.errors.length > 0) {
|
|
5311
|
+
throw promoteGenericVersionNotFound(this.createGraphQLError(parsed.data.errors), params);
|
|
5312
|
+
}
|
|
5313
|
+
const data = parsed.data.data?.packageDependencies;
|
|
5314
|
+
if (!data) {
|
|
5315
|
+
throw new MalformedPackageIntelligenceResponseError("Empty response from the package-intelligence service.");
|
|
5316
|
+
}
|
|
5317
|
+
return this.normaliseDependencyReport(data);
|
|
5318
|
+
}
|
|
4958
5319
|
async executePackageDependencies(token, params) {
|
|
4959
5320
|
let response;
|
|
4960
5321
|
try {
|
|
@@ -5003,7 +5364,10 @@ class PackageIntelligenceServiceImpl {
|
|
|
5003
5364
|
const identity = {
|
|
5004
5365
|
name,
|
|
5005
5366
|
version: version2,
|
|
5006
|
-
registry: data.package?.registry ?? undefined
|
|
5367
|
+
registry: data.package?.registry ?? undefined,
|
|
5368
|
+
publishedAt: data.package?.publishedAt ?? undefined,
|
|
5369
|
+
deprecated: data.package?.deprecated ?? undefined,
|
|
5370
|
+
deprecationReason: data.package?.deprecationReason ?? undefined
|
|
5007
5371
|
};
|
|
5008
5372
|
const bundle = data.dependencies;
|
|
5009
5373
|
const dependencies = bundle ? {
|
|
@@ -5049,7 +5413,9 @@ class PackageIntelligenceServiceImpl {
|
|
|
5049
5413
|
constraint: e.constraint ?? undefined,
|
|
5050
5414
|
dependencyType: e.dependencyType ?? undefined
|
|
5051
5415
|
}))
|
|
5052
|
-
} : undefined
|
|
5416
|
+
} : undefined,
|
|
5417
|
+
vulnerabilitySummary: this.normaliseTransitiveVulnerabilitySummary(bundle.transitive.vulnerabilitySummary),
|
|
5418
|
+
dependencyIssues: this.normaliseDependencyIssuesSummary(bundle.transitive.dependencyIssues)
|
|
5053
5419
|
} : undefined
|
|
5054
5420
|
} : undefined;
|
|
5055
5421
|
const dependencyGroups = data.dependencyGroups ? {
|
|
@@ -5081,6 +5447,103 @@ class PackageIntelligenceServiceImpl {
|
|
|
5081
5447
|
dependencyGroups
|
|
5082
5448
|
};
|
|
5083
5449
|
}
|
|
5450
|
+
normaliseTransitiveVulnerabilitySummary(summary) {
|
|
5451
|
+
if (!summary)
|
|
5452
|
+
return;
|
|
5453
|
+
return {
|
|
5454
|
+
affected: summary.affected,
|
|
5455
|
+
nonAffecting: summary.nonAffecting,
|
|
5456
|
+
combined: summary.combined,
|
|
5457
|
+
totalPackagesAnalyzed: summary.totalPackagesAnalyzed,
|
|
5458
|
+
affectedPackageCount: summary.affectedPackageCount,
|
|
5459
|
+
calculatedAt: summary.calculatedAt ?? undefined,
|
|
5460
|
+
packages: summary.packages.map((pkg) => ({
|
|
5461
|
+
registry: pkg.registry,
|
|
5462
|
+
name: pkg.name,
|
|
5463
|
+
versions: pkg.versions,
|
|
5464
|
+
affectedCount: pkg.affectedCount,
|
|
5465
|
+
nonAffectingCount: pkg.nonAffectingCount,
|
|
5466
|
+
totalCount: pkg.totalCount,
|
|
5467
|
+
maxSeverityScore: pkg.maxSeverityScore ?? undefined,
|
|
5468
|
+
maxSeverityLabel: pkg.maxSeverityLabel ?? undefined,
|
|
5469
|
+
advisoryIds: pkg.advisoryIds,
|
|
5470
|
+
mostCritical: pkg.mostCritical ? this.normaliseVulnerabilitySummaryDetail(pkg.mostCritical) : undefined,
|
|
5471
|
+
advisoryOccurrences: pkg.advisoryOccurrences?.map((occurrence) => ({
|
|
5472
|
+
version: occurrence.version,
|
|
5473
|
+
affectsResolvedVersion: occurrence.affectsResolvedVersion,
|
|
5474
|
+
matchedAffectedVersionRanges: occurrence.matchedAffectedVersionRanges,
|
|
5475
|
+
fixVersionsAboveResolved: occurrence.fixVersionsAboveResolved,
|
|
5476
|
+
nearestFixedVersion: occurrence.nearestFixedVersion ?? undefined,
|
|
5477
|
+
advisory: this.normaliseVulnerabilitySummaryDetail(occurrence.advisory)
|
|
5478
|
+
})) ?? undefined
|
|
5479
|
+
}))
|
|
5480
|
+
};
|
|
5481
|
+
}
|
|
5482
|
+
normaliseVulnerabilitySummaryDetail(advisory) {
|
|
5483
|
+
return {
|
|
5484
|
+
osvId: advisory.osvId ?? undefined,
|
|
5485
|
+
registry: advisory.registry ?? undefined,
|
|
5486
|
+
packageName: advisory.packageName ?? undefined,
|
|
5487
|
+
summary: advisory.summary ?? undefined,
|
|
5488
|
+
severityScore: advisory.severityScore ?? undefined,
|
|
5489
|
+
severityType: advisory.severityType ?? undefined,
|
|
5490
|
+
affectedVersionRanges: advisory.affectedVersionRanges ?? undefined,
|
|
5491
|
+
fixedInVersions: advisory.fixedInVersions ?? undefined,
|
|
5492
|
+
publishedAt: advisory.publishedAt ?? undefined,
|
|
5493
|
+
modifiedAt: advisory.modifiedAt ?? undefined,
|
|
5494
|
+
withdrawnAt: advisory.withdrawnAt ?? undefined,
|
|
5495
|
+
aliases: advisory.aliases ?? undefined,
|
|
5496
|
+
isMalicious: advisory.isMalicious ?? undefined
|
|
5497
|
+
};
|
|
5498
|
+
}
|
|
5499
|
+
normaliseDependencyIssuesSummary(issues) {
|
|
5500
|
+
if (!issues)
|
|
5501
|
+
return;
|
|
5502
|
+
return {
|
|
5503
|
+
totalCount: issues.totalCount,
|
|
5504
|
+
deprecatedCount: issues.deprecatedCount,
|
|
5505
|
+
outdatedCount: issues.outdatedCount,
|
|
5506
|
+
duplicateCount: issues.duplicateCount,
|
|
5507
|
+
conflictCount: issues.conflictCount,
|
|
5508
|
+
deprecatedPackages: issues.deprecatedPackages.map((pkg) => ({
|
|
5509
|
+
registry: pkg.registry,
|
|
5510
|
+
name: pkg.name,
|
|
5511
|
+
versions: pkg.versions,
|
|
5512
|
+
reasons: pkg.reasons.map((reason) => ({
|
|
5513
|
+
version: reason.version,
|
|
5514
|
+
reason: reason.reason ?? undefined
|
|
5515
|
+
}))
|
|
5516
|
+
})),
|
|
5517
|
+
outdatedPackages: issues.outdatedPackages.map((pkg) => ({
|
|
5518
|
+
registry: pkg.registry,
|
|
5519
|
+
name: pkg.name,
|
|
5520
|
+
latestVersion: pkg.latestVersion ?? undefined,
|
|
5521
|
+
severity: pkg.severity,
|
|
5522
|
+
versions: pkg.versions.map((version2) => ({
|
|
5523
|
+
version: version2.version,
|
|
5524
|
+
severity: version2.severity
|
|
5525
|
+
})),
|
|
5526
|
+
repositoryUrl: pkg.repositoryUrl ?? undefined
|
|
5527
|
+
})),
|
|
5528
|
+
duplicatePackages: issues.duplicatePackages.map((pkg) => ({
|
|
5529
|
+
registry: pkg.registry ?? undefined,
|
|
5530
|
+
name: pkg.name,
|
|
5531
|
+
versions: pkg.versions
|
|
5532
|
+
})),
|
|
5533
|
+
conflicts: issues.conflicts.map((conflict) => ({
|
|
5534
|
+
registry: conflict.registry ?? undefined,
|
|
5535
|
+
name: conflict.name,
|
|
5536
|
+
versions: conflict.versions,
|
|
5537
|
+
requiredVersions: conflict.requiredVersions,
|
|
5538
|
+
conflictingEdges: conflict.conflictingEdges.map((edge) => ({
|
|
5539
|
+
fromIndex: edge.fromIndex ?? undefined,
|
|
5540
|
+
toIndex: edge.toIndex,
|
|
5541
|
+
versionConstraint: edge.versionConstraint,
|
|
5542
|
+
dependencyType: edge.dependencyType
|
|
5543
|
+
}))
|
|
5544
|
+
}))
|
|
5545
|
+
};
|
|
5546
|
+
}
|
|
5084
5547
|
async packageChangelog(params) {
|
|
5085
5548
|
return withTelemetrySpan("pkg-intel.changelog.request", () => executeWithTokenRefresh({
|
|
5086
5549
|
getToken: () => this.tokenProvider.getToken(),
|
|
@@ -4,8 +4,8 @@ import {
|
|
|
4
4
|
createAuthStatusDependencies,
|
|
5
5
|
createContainer,
|
|
6
6
|
loadAutoLoginAuthSessionMetadata
|
|
7
|
-
} from "./chunk-
|
|
8
|
-
import"./chunk-
|
|
7
|
+
} from "./chunk-ygqss6gp.js";
|
|
8
|
+
import"./chunk-vfyz65v1.js";
|
|
9
9
|
export {
|
|
10
10
|
loadAutoLoginAuthSessionMetadata,
|
|
11
11
|
createContainer,
|
package/gemini-extension.json
CHANGED
package/package.json
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "githits",
|
|
3
3
|
"description": "CLI companion for GitHits - code examples from global open source for developers and AI assistants",
|
|
4
|
-
"version": "0.4.
|
|
4
|
+
"version": "0.4.5",
|
|
5
5
|
"type": "module",
|
|
6
6
|
"files": [
|
|
7
7
|
"dist",
|
|
@@ -38,6 +38,8 @@
|
|
|
38
38
|
"audit:pkg-ecosystems": "bun run scripts/pkg-ecosystem-audit.ts",
|
|
39
39
|
"agent:e2e": "bun run scripts/agent-eval.ts",
|
|
40
40
|
"agent:e2e:report": "bun run scripts/agent-eval-report.ts",
|
|
41
|
+
"agent:session": "bun run scripts/agent-session.ts",
|
|
42
|
+
"eval": "bun run eval/run.ts",
|
|
41
43
|
"test": "bun test",
|
|
42
44
|
"typecheck": "tsc",
|
|
43
45
|
"format": "biome format --write .",
|
|
@@ -21,4 +21,5 @@ Optional parameters:
|
|
|
21
21
|
licenses), or `"custom"` (user's blocklist).
|
|
22
22
|
|
|
23
23
|
Present the results clearly. After the user has reviewed the result, use the
|
|
24
|
-
`feedback` tool to report whether the example was helpful.
|
|
24
|
+
`feedback` tool to report whether the example was helpful. Use the returned
|
|
25
|
+
`solution_id` when available.
|
|
@@ -31,7 +31,7 @@ This plugin connects to the GitHits MCP server and always exposes these core too
|
|
|
31
31
|
language. Requires `query`; `language` is optional and inferred when omitted.
|
|
32
32
|
- **search_language** — Look up supported programming language names when you
|
|
33
33
|
need to force a specific language.
|
|
34
|
-
- **feedback** —
|
|
34
|
+
- **feedback** — Submit result or session feedback to improve future quality.
|
|
35
35
|
|
|
36
36
|
Additional indexed dependency/package tools are available by default:
|
|
37
37
|
`search`, `search_status`, `docs_list`, `docs_read`, `pkg_info`, `pkg_vulns`,
|
|
@@ -23,4 +23,5 @@ Optional parameters:
|
|
|
23
23
|
licenses), or `"custom"` (user's blocklist).
|
|
24
24
|
|
|
25
25
|
Present the results clearly. After the user has reviewed the result, use the
|
|
26
|
-
`feedback` tool to report whether the
|
|
26
|
+
`feedback` tool to report whether the result was helpful. Omit `solution_id`
|
|
27
|
+
for generic session feedback about indexed search results.
|