pnpm-catalog-updates 0.3.5 → 0.4.0

package/README.md

@@ -323,6 +323,51 @@ Create a `.pcurc.json` file in your project root:
 }
 ```
 
+#### Package Filtering Configuration
+
+You can also configure package-specific update rules by creating a `.pcurc.json`
+with filtering options:
+
+```json
+{
+  // Exclude packages you never want to update
+  "exclude": ["typescript", "@types/node", "react", "react-dom"],
+
+  // Only update specific packages (optional - if not specified, all packages are considered)
+  "include": ["lodash*", "chalk", "commander"],
+
+  // Package-specific update rules
+  "packageRules": [
+    {
+      "patterns": ["@types/*"],
+      "target": "latest", // Always update type definitions to latest
+      "autoUpdate": true
+    },
+    {
+      "patterns": ["react", "react-dom"],
+      "target": "patch", // Only patch updates for React
+      "requireConfirmation": true // Always ask before updating
+    },
+    {
+      "patterns": ["eslint*", "prettier"],
+      "target": "minor", // Minor updates for dev tools
+      "groupUpdate": true // Update related packages together
+    }
+  ],
+
+  // Override defaults
+  "defaults": {
+    "target": "minor",
+    "createBackup": true
+  }
+}
+```
+
+**Configuration priority**: Package rules > CLI options > Default configuration
+
+**Pattern matching**: Supports glob patterns like `react*`, `@types/*`,
+`eslint*`
+
 ## 📁 Project Structure
 
 This project follows Domain-Driven Design (DDD) principles:

package/README.zh-CN.md

@@ -316,6 +316,70 @@ pcu -t --interactive        # 交互式主题设置
 }
 ```
 
+#### 包过滤配置
+
+您还可以通过创建包含过滤选项的 `.pcurc.json` 来配置特定包的更新规则：
+
+```json
+{
+  // 排除您永远不想更新的包
+  "exclude": ["typescript", "@types/node", "react", "react-dom"],
+
+  // 仅更新特定包（可选 - 如果不指定，将考虑所有包）
+  "include": ["lodash*", "chalk", "commander"],
+
+  // 特定包的更新规则
+  "packageRules": [
+    {
+      "patterns": ["@types/*"],
+      "target": "latest", // 类型定义总是更新到最新版本
+      "autoUpdate": true
+    },
+    {
+      "patterns": ["react", "react-dom"],
+      "target": "patch", // React 只进行 patch 更新
+      "requireConfirmation": true // 更新前总是询问
+    },
+    {
+      "patterns": ["eslint*", "prettier"],
+      "target": "minor", // 开发工具进行 minor 更新
+      "groupUpdate": true // 相关包一起更新
+    }
+  ],
+
+  // 安全配置
+  "security": {
+    "autoFixVulnerabilities": true, // 自动检查并修复安全漏洞
+    "allowMajorForSecurity": true, // 为安全修复允许主版本升级
+    "notifyOnSecurityUpdate": true // 安全更新时显示通知
+  },
+
+  // 高级配置
+  "advanced": {
+    "concurrency": 5, // 并发网络请求数量（默认: 5）
+    "timeout": 30000, // 网络请求超时时间（毫秒，默认: 30000）
+    "retries": 3, // 失败重试次数（默认: 3）
+    "cacheValidityMinutes": 60 // 缓存有效期（分钟，默认: 60，设为0禁用缓存）
+  },
+
+  // Monorepo 配置
+  "monorepo": {
+    "syncVersions": ["react", "react-dom"], // 需要在多个 catalog 间同步版本的包
+    "catalogPriority": ["default", "latest", "react17"] // catalog 优先级顺序
+  },
+
+  // 覆盖默认设置
+  "defaults": {
+    "target": "minor",
+    "createBackup": true
+  }
+}
+```
+
+**配置优先级**: 包规则 > CLI 选项 > 默认配置
+
+**模式匹配**: 支持 glob 模式，如 `react*`、`@types/*`、`eslint*`
+
 ## 📁 项目结构
 
 本项目遵循领域驱动设计 (DDD) 原则：

package/dist/application/services/CatalogUpdateService.d.ts

@@ -63,6 +63,9 @@ export interface PlannedUpdate {
     updateType: 'major' | 'minor' | 'patch';
     reason: string;
     affectedPackages: string[];
+    requireConfirmation?: boolean;
+    autoUpdate?: boolean;
+    groupUpdate?: boolean;
 }
 export interface VersionConflict {
     packageName: string;
@@ -134,6 +137,10 @@ export declare class CatalogUpdateService {
     private readonly workspaceRepository;
     private readonly registryService;
     constructor(workspaceRepository: WorkspaceRepository, registryService: NpmRegistryService);
+    /**
+     * Create a new CatalogUpdateService with advanced configuration
+     */
+    static createWithConfig(workspaceRepository: WorkspaceRepository, workspacePath?: string): CatalogUpdateService;
     /**
      * Check for outdated catalog dependencies
      */
@@ -150,14 +157,6 @@ export declare class CatalogUpdateService {
      * Analyze the impact of updating a specific dependency
      */
     analyzeImpact(catalogName: string, packageName: string, newVersion: string, workspacePath?: string): Promise<ImpactAnalysis>;
-    /**
-     * Check if a specific package should be updated based on filters
-     */
-    private shouldCheckPackage;
-    /**
-     * Check if package matches a pattern (simple glob-like matching)
-     */
-    private matchesPattern;
     /**
      * Check if a package needs updating
      */
@@ -186,5 +185,13 @@ export declare class CatalogUpdateService {
      * Generate recommendations based on analysis
      */
     private generateRecommendations;
+    /**
+     * Create sync version updates for packages that should be synchronized across catalogs
+     */
+    private createSyncVersionUpdates;
+    /**
+     * Resolve version conflicts using catalog priority
+     */
+    private resolveVersionConflict;
 }
 //# sourceMappingURL=CatalogUpdateService.d.ts.map

package/dist/application/services/CatalogUpdateService.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"CatalogUpdateService.d.ts","sourceRoot":"","sources":["../../../src/application/services/CatalogUpdateService.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,EAAE,mBAAmB,EAAE,MAAM,kDAAkD,CAAC;AAGvF,OAAO,EAAE,kBAAkB,EAAE,MAAM,8DAA8D,CAAC;AAElG,MAAM,WAAW,YAAY;IAC3B,aAAa,CAAC,EAAE,MAAM,GAAG,SAAS,CAAC;IACnC,WAAW,CAAC,EAAE,MAAM,GAAG,SAAS,CAAC;IACjC,MAAM,CAAC,EAAE,YAAY,GAAG,SAAS,CAAC;IAClC,iBAAiB,CAAC,EAAE,OAAO,GAAG,SAAS,CAAC;IACxC,OAAO,CAAC,EAAE,MAAM,EAAE,GAAG,SAAS,CAAC;IAC/B,OAAO,CAAC,EAAE,MAAM,EAAE,GAAG,SAAS,CAAC;CAChC;AAED,MAAM,WAAW,aAAc,SAAQ,YAAY;IACjD,WAAW,CAAC,EAAE,OAAO,CAAC;IACtB,MAAM,CAAC,EAAE,OAAO,CAAC;IACjB,KAAK,CAAC,EAAE,OAAO,CAAC;IAChB,YAAY,CAAC,EAAE,OAAO,CAAC;CACxB;AAED,MAAM,WAAW,cAAc;IAC7B,SAAS,EAAE;QACT,IAAI,EAAE,MAAM,CAAC;QACb,IAAI,EAAE,MAAM,CAAC;KACd,CAAC;IACF,QAAQ,EAAE,iBAAiB,EAAE,CAAC;IAC9B,aAAa,EAAE,MAAM,CAAC;IACtB,UAAU,EAAE,OAAO,CAAC;CACrB;AAED,MAAM,WAAW,iBAAiB;IAChC,WAAW,EAAE,MAAM,CAAC;IACpB,oBAAoB,EAAE,sBAAsB,EAAE,CAAC;IAC/C,aAAa,EAAE,MAAM,CAAC;IACtB,aAAa,EAAE,MAAM,CAAC;CACvB;AAED,MAAM,WAAW,sBAAsB;IACrC,WAAW,EAAE,MAAM,CAAC;IACpB,cAAc,EAAE,MAAM,CAAC;IACvB,aAAa,EAAE,MAAM,CAAC;IACtB,aAAa,EAAE,MAAM,CAAC;IACtB,UAAU,EAAE,OAAO,GAAG,OAAO,GAAG,OAAO,CAAC;IACxC,gBAAgB,EAAE,OAAO,CAAC;IAC1B,gBAAgB,EAAE,MAAM,EAAE,CAAC;CAC5B;AAED,MAAM,WAAW,UAAU;IACzB,SAAS,EAAE;QACT,IAAI,EAAE,MAAM,CAAC;QACb,IAAI,EAAE,MAAM,CAAC;KACd,CAAC;IACF,OAAO,EAAE,aAAa,EAAE,CAAC;IACzB,SAAS,EAAE,eAAe,EAAE,CAAC;IAC7B,YAAY,EAAE,MAAM,CAAC;IACrB,YAAY,EAAE,OAAO,CAAC;CACvB;AAED,MAAM,WAAW,aAAa;IAC5B,WAAW,EAAE,MAAM,CAAC;IACpB,WAAW,EAAE,MAAM,CAAC;IACpB,cAAc,EAAE,MAAM,CAAC;IACvB,UAAU,EAAE,MAAM,CAAC;IACnB,UAAU,EAAE,OAAO,GAAG,OAAO,GAAG,OAAO,CAAC;IACxC,MAAM,EAAE,MAAM,CAAC;IACf,gBAAgB,EAAE,MAAM,EAAE,CAAC;CAC5B;AAED,MAAM,WAAW,eAAe;IAC9B,WAAW,EAAE,MAAM,CAAC;IACpB,QAAQ,EAAE,KAAK,CAAC;QACd,WAAW,EAAE,MAAM,CAAC;QACpB,cAAc,EAAE,MAAM,CAAC;QACvB,eAAe,EAAE,MAAM,CAAC;KACzB,CAAC,CAAC;IACH,cAAc,EAAE,MAAM,CAAC;CACxB;AAED,MAAM,WAAW,YAAY;IAC3B,OAAO,EAAE,OAAO,CAAC;IACjB,SAAS,EAAE;QACT,IAAI,EAAE,MAAM,CAAC;QACb,IAAI,EAAE,MAAM,CAAC;KACd,CAAC;IACF,mBAAmB,EAAE,iBAAiB,EAAE,CAAC;IACzC,mBAAmB,EAAE,iBAAiB,EAAE,CAAC;IACzC,MAAM,EAAE,WAAW,EAAE,CAAC;IACtB,YAAY,EAAE,MAAM,CAAC;IACrB,YAAY,EAAE,MAAM,CAAC;IACrB,WAAW,EAAE,MAAM,CAAC;CACrB;AAED,MAAM,WAAW,iBAAiB;IAChC,WAAW,EAAE,MAAM,CAAC;IACpB,WAAW,EAAE,MAAM,CAAC;IACpB,WAAW,EAAE,MAAM,CAAC;IACpB,SAAS,EAAE,MAAM,CAAC;IAClB,UAAU,EAAE,OAAO,GAAG,OAAO,GAAG,OAAO,CAAC;CACzC;AAED,MAAM,WAAW,iBAAiB;IAChC,WAAW,EAAE,MAAM,CAAC;IACpB,WAAW,EAAE,MAAM,CAAC;IACpB,cAAc,EAAE,MAAM,CAAC;IACvB,MAAM,EAAE,MAAM,CAAC;CAChB;AAED,MAAM,WAAW,WAAW;IAC1B,WAAW,EAAE,MAAM,CAAC;IACpB,WAAW,EAAE,MAAM,CAAC;IACpB,KAAK,EAAE,MAAM,CAAC;IACd,KAAK,EAAE,OAAO,CAAC;CAChB;AAED,MAAM,WAAW,cAAc;IAC7B,WAAW,EAAE,MAAM,CAAC;IACpB,WAAW,EAAE,MAAM,CAAC;IACpB,cAAc,EAAE,MAAM,CAAC;IACvB,eAAe,EAAE,MAAM,CAAC;IACxB,UAAU,EAAE,OAAO,GAAG,OAAO,GAAG,OAAO,CAAC;IACxC,gBAAgB,EAAE,aAAa,EAAE,CAAC;IAClC,SAAS,EAAE,KAAK,GAAG,QAAQ,GAAG,MAAM,CAAC;IACrC,cAAc,EAAE,cAAc,CAAC;IAC/B,eAAe,EAAE,MAAM,EAAE,CAAC;CAC3B;AAED,MAAM,WAAW,aAAa;IAC5B,WAAW,EAAE,MAAM,CAAC;IACpB,WAAW,EAAE,MAAM,CAAC;IACpB,cAAc,EAAE,cAAc,GAAG,iBAAiB,GAAG,kBAAkB,GAAG,sBAAsB,CAAC;IACjG,gBAAgB,EAAE,OAAO,CAAC;IAC1B,iBAAiB,EAAE,KAAK,GAAG,QAAQ,GAAG,MAAM,CAAC;CAC9C;AAED,MAAM,WAAW,cAAc;IAC7B,kBAAkB,EAAE,OAAO,CAAC;IAC5B,oBAAoB,EAAE,MAAM,CAAC;IAC7B,kBAAkB,EAAE,MAAM,CAAC;IAC3B,cAAc,EAAE,QAAQ,GAAG,OAAO,GAAG,MAAM,CAAC;CAC7C;AAED,MAAM,MAAM,YAAY,GAAG,QAAQ,GAAG,UAAU,GAAG,OAAO,GAAG,OAAO,GAAG,QAAQ,CAAC;AAEhF,qBAAa,oBAAoB;IAE7B,OAAO,CAAC,QAAQ,CAAC,mBAAmB;IACpC,OAAO,CAAC,QAAQ,CAAC,eAAe;gBADf,mBAAmB,EAAE,mBAAmB,EACxC,eAAe,EAAE,kBAAkB;IAGtD;;OAEG;IACG,yBAAyB,CAAC,OAAO,GAAE,YAAiB,GAAG,OAAO,CAAC,cAAc,CAAC;IAsFpF;;OAEG;IACG,WAAW,CAAC,OAAO,EAAE,aAAa,GAAG,OAAO,CAAC,UAAU,CAAC;IA4D9D;;OAEG;IACG,cAAc,CAAC,IAAI,EAAE,UAAU,EAAE,OAAO,EAAE,aAAa,GAAG,OAAO,CAAC,YAAY,CAAC;IAgFrF;;OAEG;IACG,aAAa,CACjB,WAAW,EAAE,MAAM,EACnB,WAAW,EAAE,MAAM,EACnB,UAAU,EAAE,MAAM,EAClB,aAAa,CAAC,EAAE,MAAM,GACrB,OAAO,CAAC,cAAc,CAAC;IAuF1B;;OAEG;IACH,OAAO,CAAC,kBAAkB;IAuB1B;;OAEG;IACH,OAAO,CAAC,cAAc;IAQtB;;OAEG;YACW,kBAAkB;IAuEhC;;OAEG;YACW,qBAAqB;IAyCnC;;OAEG;IACH,OAAO,CAAC,eAAe;IAiBvB;;OAEG;YACW,qBAAqB;IAyCnC;;OAEG;IACH,OAAO,CAAC,uBAAuB;IAa/B;;OAEG;IACH,OAAO,CAAC,iBAAiB;IA2BzB;;OAEG;IACH,OAAO,CAAC,uBAAuB;CAmChC"}
+{"version":3,"file":"CatalogUpdateService.d.ts","sourceRoot":"","sources":["../../../src/application/services/CatalogUpdateService.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,EAAE,mBAAmB,EAAE,MAAM,kDAAkD,CAAC;AAGvF,OAAO,EAAE,kBAAkB,EAAE,MAAM,8DAA8D,CAAC;AAIlG,MAAM,WAAW,YAAY;IAC3B,aAAa,CAAC,EAAE,MAAM,GAAG,SAAS,CAAC;IACnC,WAAW,CAAC,EAAE,MAAM,GAAG,SAAS,CAAC;IACjC,MAAM,CAAC,EAAE,YAAY,GAAG,SAAS,CAAC;IAClC,iBAAiB,CAAC,EAAE,OAAO,GAAG,SAAS,CAAC;IACxC,OAAO,CAAC,EAAE,MAAM,EAAE,GAAG,SAAS,CAAC;IAC/B,OAAO,CAAC,EAAE,MAAM,EAAE,GAAG,SAAS,CAAC;CAChC;AAED,MAAM,WAAW,aAAc,SAAQ,YAAY;IACjD,WAAW,CAAC,EAAE,OAAO,CAAC;IACtB,MAAM,CAAC,EAAE,OAAO,CAAC;IACjB,KAAK,CAAC,EAAE,OAAO,CAAC;IAChB,YAAY,CAAC,EAAE,OAAO,CAAC;CACxB;AAED,MAAM,WAAW,cAAc;IAC7B,SAAS,EAAE;QACT,IAAI,EAAE,MAAM,CAAC;QACb,IAAI,EAAE,MAAM,CAAC;KACd,CAAC;IACF,QAAQ,EAAE,iBAAiB,EAAE,CAAC;IAC9B,aAAa,EAAE,MAAM,CAAC;IACtB,UAAU,EAAE,OAAO,CAAC;CACrB;AAED,MAAM,WAAW,iBAAiB;IAChC,WAAW,EAAE,MAAM,CAAC;IACpB,oBAAoB,EAAE,sBAAsB,EAAE,CAAC;IAC/C,aAAa,EAAE,MAAM,CAAC;IACtB,aAAa,EAAE,MAAM,CAAC;CACvB;AAED,MAAM,WAAW,sBAAsB;IACrC,WAAW,EAAE,MAAM,CAAC;IACpB,cAAc,EAAE,MAAM,CAAC;IACvB,aAAa,EAAE,MAAM,CAAC;IACtB,aAAa,EAAE,MAAM,CAAC;IACtB,UAAU,EAAE,OAAO,GAAG,OAAO,GAAG,OAAO,CAAC;IACxC,gBAAgB,EAAE,OAAO,CAAC;IAC1B,gBAAgB,EAAE,MAAM,EAAE,CAAC;CAC5B;AAED,MAAM,WAAW,UAAU;IACzB,SAAS,EAAE;QACT,IAAI,EAAE,MAAM,CAAC;QACb,IAAI,EAAE,MAAM,CAAC;KACd,CAAC;IACF,OAAO,EAAE,aAAa,EAAE,CAAC;IACzB,SAAS,EAAE,eAAe,EAAE,CAAC;IAC7B,YAAY,EAAE,MAAM,CAAC;IACrB,YAAY,EAAE,OAAO,CAAC;CACvB;AAED,MAAM,WAAW,aAAa;IAC5B,WAAW,EAAE,MAAM,CAAC;IACpB,WAAW,EAAE,MAAM,CAAC;IACpB,cAAc,EAAE,MAAM,CAAC;IACvB,UAAU,EAAE,MAAM,CAAC;IACnB,UAAU,EAAE,OAAO,GAAG,OAAO,GAAG,OAAO,CAAC;IACxC,MAAM,EAAE,MAAM,CAAC;IACf,gBAAgB,EAAE,MAAM,EAAE,CAAC;IAC3B,mBAAmB,CAAC,EAAE,OAAO,CAAC;IAC9B,UAAU,CAAC,EAAE,OAAO,CAAC;IACrB,WAAW,CAAC,EAAE,OAAO,CAAC;CACvB;AAED,MAAM,WAAW,eAAe;IAC9B,WAAW,EAAE,MAAM,CAAC;IACpB,QAAQ,EAAE,KAAK,CAAC;QACd,WAAW,EAAE,MAAM,CAAC;QACpB,cAAc,EAAE,MAAM,CAAC;QACvB,eAAe,EAAE,MAAM,CAAC;KACzB,CAAC,CAAC;IACH,cAAc,EAAE,MAAM,CAAC;CACxB;AAED,MAAM,WAAW,YAAY;IAC3B,OAAO,EAAE,OAAO,CAAC;IACjB,SAAS,EAAE;QACT,IAAI,EAAE,MAAM,CAAC;QACb,IAAI,EAAE,MAAM,CAAC;KACd,CAAC;IACF,mBAAmB,EAAE,iBAAiB,EAAE,CAAC;IACzC,mBAAmB,EAAE,iBAAiB,EAAE,CAAC;IACzC,MAAM,EAAE,WAAW,EAAE,CAAC;IACtB,YAAY,EAAE,MAAM,CAAC;IACrB,YAAY,EAAE,MAAM,CAAC;IACrB,WAAW,EAAE,MAAM,CAAC;CACrB;AAED,MAAM,WAAW,iBAAiB;IAChC,WAAW,EAAE,MAAM,CAAC;IACpB,WAAW,EAAE,MAAM,CAAC;IACpB,WAAW,EAAE,MAAM,CAAC;IACpB,SAAS,EAAE,MAAM,CAAC;IAClB,UAAU,EAAE,OAAO,GAAG,OAAO,GAAG,OAAO,CAAC;CACzC;AAED,MAAM,WAAW,iBAAiB;IAChC,WAAW,EAAE,MAAM,CAAC;IACpB,WAAW,EAAE,MAAM,CAAC;IACpB,cAAc,EAAE,MAAM,CAAC;IACvB,MAAM,EAAE,MAAM,CAAC;CAChB;AAED,MAAM,WAAW,WAAW;IAC1B,WAAW,EAAE,MAAM,CAAC;IACpB,WAAW,EAAE,MAAM,CAAC;IACpB,KAAK,EAAE,MAAM,CAAC;IACd,KAAK,EAAE,OAAO,CAAC;CAChB;AAED,MAAM,WAAW,cAAc;IAC7B,WAAW,EAAE,MAAM,CAAC;IACpB,WAAW,EAAE,MAAM,CAAC;IACpB,cAAc,EAAE,MAAM,CAAC;IACvB,eAAe,EAAE,MAAM,CAAC;IACxB,UAAU,EAAE,OAAO,GAAG,OAAO,GAAG,OAAO,CAAC;IACxC,gBAAgB,EAAE,aAAa,EAAE,CAAC;IAClC,SAAS,EAAE,KAAK,GAAG,QAAQ,GAAG,MAAM,CAAC;IACrC,cAAc,EAAE,cAAc,CAAC;IAC/B,eAAe,EAAE,MAAM,EAAE,CAAC;CAC3B;AAED,MAAM,WAAW,aAAa;IAC5B,WAAW,EAAE,MAAM,CAAC;IACpB,WAAW,EAAE,MAAM,CAAC;IACpB,cAAc,EAAE,cAAc,GAAG,iBAAiB,GAAG,kBAAkB,GAAG,sBAAsB,CAAC;IACjG,gBAAgB,EAAE,OAAO,CAAC;IAC1B,iBAAiB,EAAE,KAAK,GAAG,QAAQ,GAAG,MAAM,CAAC;CAC9C;AAED,MAAM,WAAW,cAAc;IAC7B,kBAAkB,EAAE,OAAO,CAAC;IAC5B,oBAAoB,EAAE,MAAM,CAAC;IAC7B,kBAAkB,EAAE,MAAM,CAAC;IAC3B,cAAc,EAAE,QAAQ,GAAG,OAAO,GAAG,MAAM,CAAC;CAC7C;AAED,MAAM,MAAM,YAAY,GAAG,QAAQ,GAAG,UAAU,GAAG,OAAO,GAAG,OAAO,GAAG,QAAQ,CAAC;AAEhF,qBAAa,oBAAoB;IAE7B,OAAO,CAAC,QAAQ,CAAC,mBAAmB;IACpC,OAAO,CAAC,QAAQ,CAAC,eAAe;gBADf,mBAAmB,EAAE,mBAAmB,EACxC,eAAe,EAAE,kBAAkB;IAGtD;;OAEG;IACH,MAAM,CAAC,gBAAgB,CACrB,mBAAmB,EAAE,mBAAmB,EACxC,aAAa,CAAC,EAAE,MAAM,GACrB,oBAAoB;IAwBvB;;OAEG;IACG,yBAAyB,CAAC,OAAO,GAAE,YAAiB,GAAG,OAAO,CAAC,cAAc,CAAC;IA8HpF;;OAEG;IACG,WAAW,CAAC,OAAO,EAAE,aAAa,GAAG,OAAO,CAAC,UAAU,CAAC;IAkF9D;;OAEG;IACG,cAAc,CAAC,IAAI,EAAE,UAAU,EAAE,OAAO,EAAE,aAAa,GAAG,OAAO,CAAC,YAAY,CAAC;IAmKrF;;OAEG;IACG,aAAa,CACjB,WAAW,EAAE,MAAM,EACnB,WAAW,EAAE,MAAM,EACnB,UAAU,EAAE,MAAM,EAClB,aAAa,CAAC,EAAE,MAAM,GACrB,OAAO,CAAC,cAAc,CAAC;IAuF1B;;OAEG;YACW,kBAAkB;IAuEhC;;OAEG;YACW,qBAAqB;IAyCnC;;OAEG;IACH,OAAO,CAAC,eAAe;IAiBvB;;OAEG;YACW,qBAAqB;IAyCnC;;OAEG;IACH,OAAO,CAAC,uBAAuB;IAa/B;;OAEG;IACH,OAAO,CAAC,iBAAiB;IA2BzB;;OAEG;IACH,OAAO,CAAC,uBAAuB;IAoC/B;;OAEG;YACW,wBAAwB;IA0FtC;;OAEG;IACH,OAAO,CAAC,sBAAsB;CAgD/B"}

package/dist/application/services/CatalogUpdateService.js

@@ -7,6 +7,8 @@
  */
 import { WorkspacePath } from '../../domain/value-objects/WorkspacePath.js';
 import { Version } from '../../domain/value-objects/Version.js';
+import { NpmRegistryService } from '../../infrastructure/external-services/NpmRegistryService.js';
+import { ConfigLoader } from '../../common/config/ConfigLoader.js';
 export class CatalogUpdateService {
     workspaceRepository;
     registryService;
@@ -14,11 +16,35 @@ export class CatalogUpdateService {
         this.workspaceRepository = workspaceRepository;
         this.registryService = registryService;
     }
+    /**
+     * Create a new CatalogUpdateService with advanced configuration
+     */
+    static createWithConfig(workspaceRepository, workspacePath) {
+        const config = ConfigLoader.loadConfig(workspacePath || process.cwd());
+        // Create registry service with advanced configuration
+        const advancedConfig = {};
+        if (config.advanced?.concurrency !== undefined) {
+            advancedConfig.concurrency = config.advanced.concurrency;
+        }
+        if (config.advanced?.timeout !== undefined) {
+            advancedConfig.timeout = config.advanced.timeout;
+        }
+        if (config.advanced?.retries !== undefined) {
+            advancedConfig.retries = config.advanced.retries;
+        }
+        if (config.advanced?.cacheValidityMinutes !== undefined) {
+            advancedConfig.cacheValidityMinutes = config.advanced.cacheValidityMinutes;
+        }
+        const registryService = new NpmRegistryService('https://registry.npmjs.org/', advancedConfig);
+        return new CatalogUpdateService(workspaceRepository, registryService);
+    }
     /**
      * Check for outdated catalog dependencies
      */
     async checkOutdatedDependencies(options = {}) {
         const workspacePath = WorkspacePath.fromString(options.workspacePath || process.cwd());
+        // Load configuration
+        const config = ConfigLoader.loadConfig(workspacePath.toString());
         // Load workspace
         const workspace = await this.workspaceRepository.findByPath(workspacePath);
         if (!workspace) {
@@ -44,21 +70,49 @@ export class CatalogUpdateService {
             }
             const dependencies = catalog.getDependencies();
             for (const [packageName, currentRange] of dependencies) {
-                // Apply include/exclude filters
-                if (!this.shouldCheckPackage(packageName, options.include, options.exclude)) {
+                // Apply configuration filters
+                const packageConfig = ConfigLoader.getPackageConfig(packageName, config);
+                if (!packageConfig.shouldUpdate) {
                     continue;
                 }
+                // Override target from package-specific configuration, considering security settings
+                let effectiveTarget = packageConfig.target;
+                // Check for security vulnerabilities if security config is enabled
+                let hasSecurityVulnerabilities = false;
+                if (config.security?.autoFixVulnerabilities) {
+                    try {
+                        const currentVersion = currentRange.getMinVersion()?.toString();
+                        if (currentVersion) {
+                            const securityReport = await this.registryService.checkSecurityVulnerabilities(packageName, currentVersion);
+                            hasSecurityVulnerabilities = securityReport.hasVulnerabilities;
+                            // Allow major updates for security fixes if configured
+                            if (hasSecurityVulnerabilities && config.security.allowMajorForSecurity) {
+                                effectiveTarget = 'latest';
+                            }
+                        }
+                    }
+                    catch (error) {
+                        console.warn(`Failed to check security for ${packageName}:`, error);
+                    }
+                }
                 try {
-                    const outdatedInfo = await this.checkPackageUpdate(packageName, currentRange, options.target || 'latest', options.includePrerelease || false);
+                    const outdatedInfo = await this.checkPackageUpdate(packageName, currentRange, effectiveTarget, options.includePrerelease || config.defaults?.includePrerelease || false);
                     if (outdatedInfo) {
                         // Get affected packages
                         const affectedPackages = workspace
                             .getPackagesUsingCatalogDependency(catalog.getName(), packageName)
                             .getPackageNames();
-                        outdatedDependencies.push({
+                        // Override security update flag based on security check
+                        const finalOutdatedInfo = {
                             ...outdatedInfo,
                             affectedPackages,
-                        });
+                            isSecurityUpdate: hasSecurityVulnerabilities || outdatedInfo.isSecurityUpdate,
+                        };
+                        outdatedDependencies.push(finalOutdatedInfo);
+                        // Log security notifications if enabled
+                        if (hasSecurityVulnerabilities && config.security?.notifyOnSecurityUpdate) {
+                            console.warn(`🔒 Security vulnerability detected in ${packageName}@${outdatedInfo.currentVersion}`);
+                        }
                     }
                 }
                 catch (error) {
@@ -91,9 +145,14 @@ export class CatalogUpdateService {
         const outdatedReport = await this.checkOutdatedDependencies(options);
         const updates = [];
         const conflicts = [];
+        // Load configuration for package rules and monorepo settings
+        const workspacePath = options.workspacePath || process.cwd();
+        const config = ConfigLoader.loadConfig(workspacePath);
         // Convert outdated dependencies to planned updates
         for (const catalogInfo of outdatedReport.catalogs) {
             for (const outdated of catalogInfo.outdatedDependencies) {
+                // Get package-specific configuration
+                const packageConfig = ConfigLoader.getPackageConfig(outdated.packageName, config);
                 const update = {
                     catalogName: catalogInfo.catalogName,
                     packageName: outdated.packageName,
@@ -102,10 +161,21 @@ export class CatalogUpdateService {
                     updateType: outdated.updateType,
                     reason: this.getUpdateReason(outdated),
                     affectedPackages: outdated.affectedPackages,
+                    requireConfirmation: packageConfig.requireConfirmation,
+                    autoUpdate: packageConfig.autoUpdate,
+                    groupUpdate: packageConfig.groupUpdate,
                 };
                 updates.push(update);
             }
         }
+        // Handle syncVersions - ensure packages in syncVersions list are synchronized across catalogs
+        if (config.monorepo?.syncVersions && config.monorepo.syncVersions.length > 0) {
+            const workspacePathObj = WorkspacePath.fromString(workspacePath);
+            const workspace = await this.workspaceRepository.findByPath(workspacePathObj);
+            if (workspace) {
+                updates.push(...(await this.createSyncVersionUpdates(config.monorepo.syncVersions, workspace, updates)));
+            }
+        }
         // Detect conflicts (same package in multiple catalogs with different versions)
         const packageCatalogMap = new Map();
         for (const update of updates) {
@@ -114,20 +184,15 @@ export class CatalogUpdateService {
             }
             packageCatalogMap.get(update.packageName).push(update);
         }
+        // Handle conflicts with catalogPriority
         for (const [packageName, packageUpdates] of packageCatalogMap) {
             if (packageUpdates.length > 1) {
                 const uniqueVersions = new Set(packageUpdates.map((u) => u.newVersion));
                 if (uniqueVersions.size > 1) {
-                    const conflict = {
-                        packageName,
-                        catalogs: packageUpdates.map((u) => ({
-                            catalogName: u.catalogName,
-                            currentVersion: u.currentVersion,
-                            proposedVersion: u.newVersion,
-                        })),
-                        recommendation: `Consider using the same version across all catalogs`,
-                    };
-                    conflicts.push(conflict);
+                    const resolvedConflict = this.resolveVersionConflict(packageName, packageUpdates, config.monorepo?.catalogPriority || ['default']);
+                    if (resolvedConflict) {
+                        conflicts.push(resolvedConflict);
+                    }
                 }
             }
         }
@@ -144,6 +209,8 @@ export class CatalogUpdateService {
      */
     async executeUpdates(plan, options) {
         const workspacePath = WorkspacePath.fromString(plan.workspace.path);
+        // Load configuration for security settings
+        const config = ConfigLoader.loadConfig(workspacePath.toString());
         // Load workspace
         const workspace = await this.workspaceRepository.findByPath(workspacePath);
         if (!workspace) {
@@ -152,6 +219,8 @@ export class CatalogUpdateService {
         const updatedDependencies = [];
         const skippedDependencies = [];
         const errors = [];
+        // Track security updates for notification
+        const securityUpdates = [];
         // Execute updates
         for (const update of plan.updates) {
             try {
@@ -168,6 +237,20 @@ export class CatalogUpdateService {
                         continue;
                     }
                 }
+                // Check if this is a security update and track it
+                let isSecurityUpdate = false;
+                if (config.security?.notifyOnSecurityUpdate) {
+                    try {
+                        const securityReport = await this.registryService.checkSecurityVulnerabilities(update.packageName, update.currentVersion);
+                        if (securityReport.hasVulnerabilities) {
+                            isSecurityUpdate = true;
+                            securityUpdates.push(`${update.packageName}@${update.currentVersion} → ${update.newVersion}`);
+                        }
+                    }
+                    catch (error) {
+                        console.warn(`Failed to check security for ${update.packageName}:`, error);
+                    }
+                }
                 // Perform the update
                 workspace.updateCatalogDependency(update.catalogName, update.packageName, update.newVersion);
                 updatedDependencies.push({
@@ -177,6 +260,10 @@ export class CatalogUpdateService {
                     toVersion: update.newVersion,
                     updateType: update.updateType,
                 });
+                // Log security update notification
+                if (isSecurityUpdate && config.security?.notifyOnSecurityUpdate) {
+                    console.log(`✅ Security fix applied: ${update.packageName}@${update.currentVersion} → ${update.newVersion}`);
+                }
             }
             catch (error) {
                 errors.push({
@@ -191,6 +278,44 @@ export class CatalogUpdateService {
         if (!options.dryRun && updatedDependencies.length > 0) {
             try {
                 await this.workspaceRepository.save(workspace);
+                // Show summary of security updates if any
+                if (securityUpdates.length > 0 && config.security?.notifyOnSecurityUpdate) {
+                    console.log(`\n🔒 Security Updates Summary:`);
+                    console.log(`   Applied ${securityUpdates.length} security fix(es):`);
+                    securityUpdates.forEach((update) => console.log(`   • ${update}`));
+                }
+                // Show summary of synced version updates
+                const syncUpdates = updatedDependencies.filter((u) => plan.updates.find((pu) => pu.packageName === u.packageName &&
+                    pu.catalogName === u.catalogName &&
+                    pu.reason.includes('Sync version')));
+                if (syncUpdates.length > 0) {
+                    console.log(`\n🔄 Version Sync Summary:`);
+                    const syncedPackages = new Set(syncUpdates.map((u) => u.packageName));
+                    console.log(`   Synchronized ${syncedPackages.size} package(s) across catalogs:`);
+                    // Group by package name
+                    const syncByPackage = new Map();
+                    syncUpdates.forEach((update) => {
+                        if (!syncByPackage.has(update.packageName)) {
+                            syncByPackage.set(update.packageName, []);
+                        }
+                        syncByPackage.get(update.packageName).push(update);
+                    });
+                    syncByPackage.forEach((updates, packageName) => {
+                        const catalogs = updates.map((u) => u.catalogName).join(', ');
+                        const version = updates[0]?.toVersion;
+                        console.log(`   • ${packageName}@${version} in catalogs: ${catalogs}`);
+                    });
+                }
+                // Show catalog priority resolution if any
+                if (plan.hasConflicts &&
+                    plan.conflicts.some((c) => c.recommendation.includes('Priority catalog'))) {
+                    console.log(`\n📋 Catalog Priority Resolutions:`);
+                    plan.conflicts
+                        .filter((c) => c.recommendation.includes('Priority catalog'))
+                        .forEach((conflict) => {
+                        console.log(`   • ${conflict.packageName}: ${conflict.recommendation}`);
+                    });
+                }
             }
             catch (error) {
                 errors.push({
@@ -274,38 +399,6 @@ export class CatalogUpdateService {
             recommendations,
         };
     }
-    /**
-     * Check if a specific package should be updated based on filters
-     */
-    shouldCheckPackage(packageName, include, exclude) {
-        // Check exclude patterns first
-        if (exclude && exclude.length > 0) {
-            for (const pattern of exclude) {
-                if (this.matchesPattern(packageName, pattern)) {
-                    return false;
-                }
-            }
-        }
-        // Check include patterns
-        if (include && include.length > 0) {
-            for (const pattern of include) {
-                if (this.matchesPattern(packageName, pattern)) {
-                    return true;
-                }
-            }
-            return false; // If include patterns exist, package must match one
-        }
-        return true; // Include by default if no patterns
-    }
-    /**
-     * Check if package matches a pattern (simple glob-like matching)
-     */
-    matchesPattern(packageName, pattern) {
-        // Convert glob pattern to regex
-        const regexPattern = pattern.replace(/\*/g, '.*').replace(/\?/g, '.');
-        const regex = new RegExp(`^${regexPattern}$`, 'i');
-        return regex.test(packageName);
-    }
     /**
      * Check if a package needs updating
      */
@@ -517,5 +610,124 @@ export class CatalogUpdateService {
         }
         return recommendations;
     }
+    /**
+     * Create sync version updates for packages that should be synchronized across catalogs
+     */
+    async createSyncVersionUpdates(syncVersions, workspace, existingUpdates) {
+        const syncUpdates = [];
+        const catalogs = workspace.getCatalogs();
+        const allCatalogs = catalogs.getAll();
+        for (const packageName of syncVersions) {
+            // Check if this package exists in multiple catalogs
+            const catalogsWithPackage = allCatalogs.filter((catalog) => catalog && catalog.getDependencyVersion(packageName));
+            if (catalogsWithPackage.length <= 1) {
+                continue; // No need to sync if package is only in one catalog
+            }
+            // Find the highest version from existing updates or determine target version
+            let targetVersion = null;
+            let targetUpdateType = 'patch';
+            // Check if this package has any existing updates
+            const existingUpdate = existingUpdates.find((u) => u.packageName === packageName);
+            if (existingUpdate) {
+                targetVersion = existingUpdate.newVersion;
+                targetUpdateType = existingUpdate.updateType;
+            }
+            else {
+                // Get latest version for this package
+                try {
+                    const packageInfo = await this.registryService.getPackageInfo(packageName);
+                    targetVersion = packageInfo.latestVersion;
+                }
+                catch (error) {
+                    console.warn(`Failed to get version info for sync package ${packageName}:`, error);
+                    continue;
+                }
+            }
+            if (!targetVersion)
+                continue;
+            // Create sync updates for all catalogs that need updating
+            for (const catalog of catalogsWithPackage) {
+                const currentRange = catalog.getDependencyVersion(packageName);
+                if (!currentRange)
+                    continue;
+                const currentVersion = currentRange.getMinVersion();
+                if (!currentVersion)
+                    continue;
+                const currentVersionString = currentVersion.toString();
+                // Skip if already at target version
+                if (currentVersionString === targetVersion)
+                    continue;
+                // Check if this update already exists
+                const existingUpdateForCatalog = existingUpdates.find((u) => u.packageName === packageName && u.catalogName === catalog.getName());
+                if (existingUpdateForCatalog) {
+                    // Update the existing update to use the sync version
+                    existingUpdateForCatalog.newVersion = targetVersion;
+                    existingUpdateForCatalog.reason = `Sync version across catalogs: ${existingUpdateForCatalog.reason}`;
+                }
+                else {
+                    // Create new sync update
+                    const affectedPackages = workspace
+                        .getPackagesUsingCatalogDependency(catalog.getName(), packageName)
+                        .getPackageNames();
+                    const syncUpdate = {
+                        catalogName: catalog.getName(),
+                        packageName: packageName,
+                        currentVersion: currentVersionString,
+                        newVersion: targetVersion,
+                        updateType: targetUpdateType,
+                        reason: `Sync version with other catalogs`,
+                        affectedPackages,
+                        requireConfirmation: true, // Sync updates should be confirmed
+                        autoUpdate: false,
+                        groupUpdate: true,
+                    };
+                    syncUpdates.push(syncUpdate);
+                }
+            }
+        }
+        return syncUpdates;
+    }
+    /**
+     * Resolve version conflicts using catalog priority
+     */
+    resolveVersionConflict(packageName, packageUpdates, catalogPriority) {
+        // Find the highest priority catalog with an update for this package
+        let priorityCatalog = null;
+        for (const catalogName of catalogPriority) {
+            const catalogUpdate = packageUpdates.find((u) => u.catalogName === catalogName);
+            if (catalogUpdate) {
+                priorityCatalog = catalogUpdate;
+                break;
+            }
+        }
+        // If no priority catalog found, use the first one
+        if (!priorityCatalog) {
+            priorityCatalog = packageUpdates[0] || null;
+        }
+        // Update all other catalogs to use the priority catalog's version
+        const priorityVersion = priorityCatalog?.newVersion;
+        if (priorityVersion && priorityCatalog) {
+            for (const update of packageUpdates) {
+                if (update.catalogName !== priorityCatalog.catalogName) {
+                    update.newVersion = priorityVersion;
+                    update.reason = `Using version from priority catalog (${priorityCatalog.catalogName}): ${update.reason}`;
+                }
+            }
+        }
+        // Create conflict record for reporting
+        const uniqueVersions = new Set(packageUpdates.map((u) => u.newVersion));
+        if (uniqueVersions.size > 1) {
+            return {
+                packageName,
+                catalogs: packageUpdates.map((u) => ({
+                    catalogName: u.catalogName,
+                    currentVersion: u.currentVersion,
+                    proposedVersion: u.newVersion,
+                })),
+                recommendation: `Resolved using catalog priority. Priority catalog '${priorityCatalog?.catalogName}' version '${priorityVersion}' selected.`,
+            };
+        }
+        return null;
+    }
 }
 //# sourceMappingURL=CatalogUpdateService.js.map