react-doctor 0.2.4 → 0.2.6

package/dist/index.js

@@ -1,17 +1,17 @@
 import { createRequire } from "node:module";
 import * as Schema from "effect/Schema";
 import * as fs$1 from "node:fs";
-import fs, { existsSync, readdirSync } from "node:fs";
+import fs, { existsSync, readFileSync, readdirSync } from "node:fs";
 import * as Path from "node:path";
 import path from "node:path";
 import { spawn, spawnSync } from "node:child_process";
 import reactDoctorPlugin, { ALL_REACT_DOCTOR_RULE_KEYS, FRAMEWORK_SPECIFIC_RULE_KEYS, MOTION_LIBRARY_PACKAGES, REACT_COMPILER_RULES, REACT_DOCTOR_RULES } from "oxlint-plugin-react-doctor";
 import * as Cause from "effect/Cause";
-import * as NodeHttpClient from "@effect/platform-node/NodeHttpClient";
 import * as Config$1 from "effect/Config";
 import * as Effect from "effect/Effect";
 import * as Layer from "effect/Layer";
 import * as Redacted from "effect/Redacted";
+import * as FetchHttpClient from "effect/unstable/http/FetchHttpClient";
 import * as Otlp from "effect/unstable/observability/Otlp";
 import * as Context from "effect/Context";
 import * as Filter from "effect/Filter";
@@ -20,7 +20,9 @@ import * as Ref from "effect/Ref";
 import * as Stream from "effect/Stream";
 import * as Cache from "effect/Cache";
 import * as Console from "effect/Console";
-import * as NodeServices from "@effect/platform-node/NodeServices";
+import * as NodeChildProcessSpawner from "@effect/platform-node-shared/NodeChildProcessSpawner";
+import * as NodeFileSystem from "@effect/platform-node-shared/NodeFileSystem";
+import * as NodePath from "@effect/platform-node-shared/NodePath";
 import * as ChildProcess from "effect/unstable/process/ChildProcess";
 import { ChildProcessSpawner } from "effect/unstable/process/ChildProcessSpawner";
 import os from "node:os";
@@ -2985,6 +2987,7 @@ const isTailwindAtLeast = (detected, required) => {
 const JSX_FILE_PATTERN = /\.(tsx|jsx)$/;
 const SCORE_API_URL = "https://www.react.doctor/api/score";
 const FETCH_TIMEOUT_MS = 1e4;
+const GITHUB_VIEWER_PERMISSION_TIMEOUT_MS = 2e3;
 const DEFAULT_BRANCH_CANDIDATES = ["main", "master"];
 const ADOPTABLE_LINT_CONFIG_FILENAMES = [".oxlintrc.json", ".eslintrc.json"];
 const GIT_SHOW_MAX_BUFFER_BYTES = 10 * 1024 * 1024;
@@ -3005,6 +3008,7 @@ const STAGED_FILES_PROJECT_CONFIG_FILENAMES = [
 ];
 const OXLINT_OUTPUT_MAX_BYTES = 50 * 1024 * 1024;
 const OXLINT_SPAWN_TIMEOUT_MS = 6e4;
+const RECOMMENDED_PNPM_MINIMUM_RELEASE_AGE_MINUTES = 10080;
 const MAX_GLOB_PATTERN_LENGTH_CHARS = 1024;
 var InvalidGlobPatternError = class extends Error {
 	pattern;
@@ -3716,7 +3720,7 @@ const layerOtlp = Layer.unwrap(Effect.gen(function* () {
 		baseUrl: endpoint.value,
 		resource: { serviceName: TRACER_PROJECT_NAME },
 		headers
-	}).pipe(Layer.provide(NodeHttpClient.layerUndici));
+	}).pipe(Layer.provide(FetchHttpClient.layer));
 }).pipe(Effect.orDie));
 Schema.String.pipe(Schema.brand("OxlintBinaryPath"));
 Schema.String.pipe(Schema.brand("NodeBinaryPath"));
@@ -3729,6 +3733,120 @@ Context.Reference("react-doctor/OxlintSpawnTimeoutMs", { defaultValue: () => {
 } });
 Context.Reference("react-doctor/OxlintOutputMaxBytes", { defaultValue: () => OXLINT_OUTPUT_MAX_BYTES });
 Context.Reference("react-doctor/StagedFilesTempDirPrefix", { defaultValue: () => "react-doctor-staged-" });
+const PNPM_WORKSPACE_FILE = "pnpm-workspace.yaml";
+const PNPM_LOCKFILE = "pnpm-lock.yaml";
+const PACKAGE_JSON_FILE = "package.json";
+const PNPM_HARDENING_RULE_KEY = "require-pnpm-hardening";
+const UTF8_BOM_CHAR = "";
+const HARDENING_SETTING_KEYS = new Set([
+	"minimumReleaseAge",
+	"blockExoticSubdeps",
+	"trustPolicy"
+]);
+const stripInlineComment = (rawValue) => {
+	let activeQuote = null;
+	for (let charIndex = 0; charIndex < rawValue.length; charIndex += 1) {
+		const currentChar = rawValue[charIndex];
+		if (activeQuote !== null) {
+			if (currentChar === activeQuote) activeQuote = null;
+			continue;
+		}
+		if (currentChar === "\"" || currentChar === "'") {
+			activeQuote = currentChar;
+			continue;
+		}
+		if (currentChar !== "#") continue;
+		const previousChar = rawValue[charIndex - 1];
+		if (charIndex === 0 || previousChar !== void 0 && /\s/.test(previousChar)) return rawValue.slice(0, charIndex);
+	}
+	return rawValue;
+};
+const unquote = (rawValue) => rawValue.replace(/^["']|["']$/g, "");
+const stripBom = (rawContent) => rawContent.startsWith(UTF8_BOM_CHAR) ? rawContent.slice(1) : rawContent;
+const parseHardeningSettings = (content) => {
+	let minimumReleaseAge = null;
+	let blockExoticSubdeps = null;
+	let trustPolicy = null;
+	const lines = stripBom(content).split(/\r?\n/);
+	for (let lineIndex = 0; lineIndex < lines.length; lineIndex += 1) {
+		const lineText = lines[lineIndex];
+		if (lineText === void 0) continue;
+		if (lineText.search(/\S/) !== 0) continue;
+		const trimmedLine = lineText.trim();
+		if (trimmedLine.startsWith("#")) continue;
+		const colonIndex = trimmedLine.indexOf(":");
+		if (colonIndex <= 0) continue;
+		const settingKey = unquote(trimmedLine.slice(0, colonIndex).trim());
+		if (!HARDENING_SETTING_KEYS.has(settingKey)) continue;
+		const inlineValue = stripInlineComment(trimmedLine.slice(colonIndex + 1)).trim();
+		if (inlineValue.length === 0) continue;
+		const scalar = {
+			value: unquote(inlineValue),
+			line: lineIndex + 1,
+			column: lineText.search(/\S/) + 1
+		};
+		if (settingKey === "minimumReleaseAge") minimumReleaseAge = scalar;
+		else if (settingKey === "blockExoticSubdeps") blockExoticSubdeps = scalar;
+		else if (settingKey === "trustPolicy") trustPolicy = scalar;
+	}
+	return {
+		minimumReleaseAge,
+		blockExoticSubdeps,
+		trustPolicy
+	};
+};
+const isPnpmManagedProject = (rootDirectory) => {
+	if (isFile(path.join(rootDirectory, PNPM_LOCKFILE))) return true;
+	if (isFile(path.join(rootDirectory, PNPM_WORKSPACE_FILE))) return true;
+	const packageJsonPath = path.join(rootDirectory, PACKAGE_JSON_FILE);
+	if (!isFile(packageJsonPath)) return false;
+	try {
+		const packageJsonRaw = fs.readFileSync(packageJsonPath, "utf-8");
+		const packageJson = JSON.parse(packageJsonRaw);
+		if (packageJson !== null && typeof packageJson === "object" && "packageManager" in packageJson && typeof packageJson.packageManager === "string" && packageJson.packageManager.startsWith("pnpm@")) return true;
+	} catch {
+		return false;
+	}
+	return false;
+};
+const buildHardeningDiagnostic = (input) => ({
+	filePath: PNPM_WORKSPACE_FILE,
+	plugin: "react-doctor",
+	rule: PNPM_HARDENING_RULE_KEY,
+	severity: "warning",
+	message: input.message,
+	help: input.help,
+	line: input.line ?? 0,
+	column: input.column ?? 0,
+	category: "Security"
+});
+const checkPnpmHardening = (rootDirectory) => {
+	if (!isPnpmManagedProject(rootDirectory)) return [];
+	const workspacePath = path.join(rootDirectory, PNPM_WORKSPACE_FILE);
+	const settings = parseHardeningSettings(isFile(workspacePath) ? fs.readFileSync(workspacePath, "utf-8") : "");
+	const diagnostics = [];
+	if (settings.minimumReleaseAge === null) diagnostics.push(buildHardeningDiagnostic({
+		message: "pnpm-workspace.yaml is missing `minimumReleaseAge` — newly published versions can ship malware that gets caught and unpublished within hours",
+		help: `Add \`minimumReleaseAge: ${RECOMMENDED_PNPM_MINIMUM_RELEASE_AGE_MINUTES}\` (7 days) to pnpm-workspace.yaml to delay installs until releases have had time to be vetted`
+	}));
+	if (settings.blockExoticSubdeps !== null && settings.blockExoticSubdeps.value.toLowerCase() === "false") diagnostics.push(buildHardeningDiagnostic({
+		line: settings.blockExoticSubdeps.line,
+		column: settings.blockExoticSubdeps.column,
+		message: "`blockExoticSubdeps: false` allows transitive deps from `git:`, `file:`, or tarball URLs — a known supply-chain bypass of the npm registry",
+		help: "Set `blockExoticSubdeps: true` (the default in recent pnpm v11) so transitive deps must come from the registry"
+	}));
+	if (settings.trustPolicy === null) diagnostics.push(buildHardeningDiagnostic({
+		message: "pnpm-workspace.yaml is missing `trustPolicy` — without `no-downgrade`, pnpm silently accepts packages whose trust signals (provenance, signatures) weaken between updates",
+		help: "Add `trustPolicy: no-downgrade` to pnpm-workspace.yaml"
+	}));
+	else if (settings.trustPolicy.value !== "no-downgrade") diagnostics.push(buildHardeningDiagnostic({
+		line: settings.trustPolicy.line,
+		column: settings.trustPolicy.column,
+		message: `\`trustPolicy: ${settings.trustPolicy.value}\` is weaker than \`no-downgrade\` — packages may lose trust signals between updates without you noticing`,
+		help: "Set `trustPolicy: no-downgrade` so pnpm refuses to downgrade trust between resolutions"
+	}));
+	return diagnostics;
+};
 const REDUCED_MOTION_GREP_PATTERN = "prefers-reduced-motion|useReducedMotion|MotionConfig|reducedMotion";
 const REDUCED_MOTION_FILE_GLOBS = [
 	"*.ts",
@@ -4324,6 +4442,20 @@ const parseGithubRepoFromRemoteUrl = (remoteUrl) => {
 	const urlMatch = /^(?:https?:\/\/github\.com\/|ssh:\/\/git@github\.com\/)([^/\s]+)\/([^/\s]+)$/.exec(withoutGitSuffix);
 	return urlMatch ? `${urlMatch[1]}/${urlMatch[2]}` : null;
 };
+const parseGithubRepo = (repo) => {
+	const [owner, name, ...extraParts] = repo.split("/");
+	if (owner === void 0 || name === void 0 || extraParts.length > 0) return null;
+	if (owner.length === 0 || name.length === 0) return null;
+	return {
+		owner,
+		name
+	};
+};
+const parseGithubViewerPermission = (stdout) => {
+	const value = trimOrNull(stdout);
+	if (value === null || value === "null") return null;
+	return /^[A-Z_]+$/.test(value) ? value.toLowerCase() : null;
+};
 const splitNullSeparated = (value) => value.split("\0").filter((entry) => entry.length > 0);
 /**
 * `Git` wraps every `git`-via-subprocess call react-doctor makes
@@ -4349,9 +4481,10 @@ var Git = class Git extends Context.Service()("react-doctor/Git") {
 		* reason: GitInvocationFailed })` so the rest of the codebase
 		* sees a single failure channel.
 		*/
-		const runGit = (directory, args) => Effect.scoped(Effect.gen(function* () {
-			const handle = yield* spawner.spawn(ChildProcess.make("git", [...args], {
-				cwd: directory,
+		const runCommand = (input) => Effect.scoped(Effect.gen(function* () {
+			const handle = yield* spawner.spawn(ChildProcess.make(input.command, [...input.args], {
+				cwd: input.directory,
+				env: input.env,
 				extendEnv: true
 			}));
 			const [stdout, stderr, status] = yield* Effect.all([
@@ -4364,11 +4497,23 @@ var Git = class Git extends Context.Service()("react-doctor/Git") {
 				stdout,
 				stderr
 			};
-		})).pipe(Effect.catchTag("PlatformError", (cause) => new ReactDoctorError({ reason: new GitInvocationFailed({
-			args: [...args],
-			directory,
-			cause
-		}) })));
+		})).pipe(Effect.catchTag("PlatformError", (cause) => {
+			if (input.command !== "git") return Effect.succeed({
+				status: 127,
+				stdout: "",
+				stderr: String(cause)
+			});
+			return new ReactDoctorError({ reason: new GitInvocationFailed({
+				args: [...input.args],
+				directory: input.directory,
+				cause
+			}) });
+		}));
+		const runGit = (directory, args) => runCommand({
+			command: "git",
+			args,
+			directory
+		});
 		const currentBranch = (directory) => runGit(directory, [
 			"rev-parse",
 			"--abbrev-ref",
@@ -4403,11 +4548,43 @@ var Git = class Git extends Context.Service()("react-doctor/Git") {
 			"--get",
 			"remote.origin.url"
 		]).pipe(Effect.map((result) => result.status === 0 ? parseGithubRepoFromRemoteUrl(result.stdout) : null));
+		const githubViewerPermission = (input) => Effect.gen(function* () {
+			const parsedRepo = parseGithubRepo(input.repo);
+			if (parsedRepo === null) return null;
+			const resultOption = yield* runCommand({
+				command: "gh",
+				args: [
+					"api",
+					"graphql",
+					"-F",
+					`owner=${parsedRepo.owner}`,
+					"-F",
+					`name=${parsedRepo.name}`,
+					"-f",
+					`query=
+            query(\$owner: String!, \$name: String!) {
+              repository(owner: \$owner, name: \$name) {
+                viewerPermission
+              }
+            }
+          `,
+					"--jq",
+					".data.repository.viewerPermission"
+				],
+				directory: input.directory,
+				env: { GH_PROMPT_DISABLED: "1" }
+			}).pipe(Effect.timeoutOption(GITHUB_VIEWER_PERMISSION_TIMEOUT_MS));
+			if (Option.isNone(resultOption)) return null;
+			const result = resultOption.value;
+			if (result.status !== 0) return null;
+			return parseGithubViewerPermission(result.stdout);
+		}).pipe(Effect.catch(() => Effect.succeed(null)));
 		return Git.of({
 			currentBranch,
 			defaultBranch,
 			headSha,
 			githubRepo,
+			githubViewerPermission,
 			branchExists,
 			diffSelection: ({ directory, explicitBaseBranch }) => Effect.gen(function* () {
 				if (explicitBaseBranch !== void 0 && explicitBaseBranch.trim().length === 0) return yield* Effect.fail(new ReactDoctorError({ reason: new GitBaseBranchInvalid({ detail: "Diff base branch cannot be empty." }) }));
@@ -4489,7 +4666,7 @@ var Git = class Git extends Context.Service()("react-doctor/Git") {
 				};
 			})
 		});
-	})).pipe(Layer.provide(NodeServices.layer));
+	})).pipe(Layer.provide(NodeChildProcessSpawner.layer.pipe(Layer.provide(Layer.mergeAll(NodeFileSystem.layer, NodePath.layer)))));
 	/**
 	* Test layer driven by a deterministic snapshot. Each key is a
 	* convenience pre-canned response so tests don't have to enumerate
@@ -4502,6 +4679,7 @@ var Git = class Git extends Context.Service()("react-doctor/Git") {
 		defaultBranch: () => Effect.succeed(snapshot.defaultBranch ?? null),
 		headSha: () => Effect.succeed(snapshot.headSha ?? null),
 		githubRepo: () => Effect.succeed(snapshot.githubRepo ?? null),
+		githubViewerPermission: () => Effect.succeed(snapshot.githubViewerPermission ?? null),
 		branchExists: (_directory, branch) => Effect.succeed(snapshot.branchExists?.get(branch) ?? false),
 		diffSelection: () => Effect.succeed(snapshot.diffSelection ?? null),
 		stagedFilePaths: () => Effect.succeed(snapshot.stagedFiles ?? []),
@@ -5844,7 +6022,11 @@ const calculateScore = async (diagnostics, options = {}) => {
 			...options.metadata?.framework ? { framework: options.metadata.framework } : {},
 			...options.metadata?.reactVersion ? { reactVersion: options.metadata.reactVersion } : {},
 			...typeof options.metadata?.sourceFileCount === "number" ? { sourceFileCount: options.metadata.sourceFileCount } : {},
-			...options.metadata?.defaultBranch ? { defaultBranch: options.metadata.defaultBranch } : {}
+			...options.metadata?.defaultBranch ? { defaultBranch: options.metadata.defaultBranch } : {},
+			...options.metadata?.doctorVersion ? { doctorVersion: options.metadata.doctorVersion } : {},
+			...options.metadata?.githubEventName ? { githubEventName: options.metadata.githubEventName } : {},
+			...options.metadata?.githubActorAssociation ? { githubActorAssociation: options.metadata.githubActorAssociation } : {},
+			...options.metadata?.githubViewerPermission ? { githubViewerPermission: options.metadata.githubViewerPermission } : {}
 		}));
 		const response = await fetch(requestUrl, {
 			method: "POST",
@@ -5889,6 +6071,32 @@ var Score = class Score extends Context.Service()("react-doctor/Score") {
 	}) }));
 	static layerOf = (result) => Layer.succeed(Score, Score.of({ compute: () => Effect.succeed(result) }));
 };
+const getObjectProperty = (value, propertyName) => {
+	if (typeof value !== "object" || value === null) return void 0;
+	return Reflect.get(value, propertyName);
+};
+const getStringProperty = (value, propertyName) => {
+	const propertyValue = getObjectProperty(value, propertyName);
+	return typeof propertyValue === "string" && propertyValue.length > 0 ? propertyValue : void 0;
+};
+const readGithubEventPayload = (eventPath) => {
+	if (eventPath === void 0 || eventPath.length === 0) return null;
+	try {
+		return JSON.parse(readFileSync(eventPath, "utf8"));
+	} catch {
+		return null;
+	}
+};
+const resolveGithubActionsScoreMetadata = (environment = process.env) => {
+	if (environment.GITHUB_ACTIONS !== "true") return {};
+	const pullRequest = getObjectProperty(readGithubEventPayload(environment.GITHUB_EVENT_PATH), "pull_request");
+	const eventName = environment.GITHUB_EVENT_NAME;
+	const actorAssociation = getStringProperty(pullRequest, "author_association");
+	return {
+		...eventName !== void 0 && eventName.length > 0 ? { githubEventName: eventName } : {},
+		...actorAssociation !== void 0 ? { githubActorAssociation: actorAssociation } : {}
+	};
+};
 const NO_HOOKS = {
 	beforeLint: () => Effect.void,
 	afterLint: () => Effect.void
@@ -5912,7 +6120,7 @@ const fileReader = (filesService, rootDirectory) => (filePath) => {
 *   Config.resolve(directory)
 *     -> Project.discover(resolvedDirectory)
 *     -> Git metadata for score attribution
-*     -> Stream.fromIterable(checkReducedMotion env diagnostics)
+*     -> Stream.fromIterable(env diagnostics: reduced-motion + pnpm hardening)
 *     -> Stream.concat(Linter.run(...))    [folds ReactDoctorError into Ref]
 *     -> Stream.concat(DeadCode.run(...))  [folds Error into Ref]
 *     -> Stream.filterMap(perElementPipeline.apply)  [auto-suppress / severity / ignore / inline]
@@ -5944,13 +6152,21 @@ const runInspect = (input, hooks = {}) => Effect.gen(function* () {
 		gitService.headSha(scanDirectory).pipe(Effect.orElseSucceed(() => null)),
 		gitService.defaultBranch(scanDirectory).pipe(Effect.orElseSucceed(() => null))
 	], { concurrency: 3 });
+	const githubActionsScoreMetadata = input.isCi ? resolveGithubActionsScoreMetadata() : {};
+	const githubViewerPermission = input.resolveLocalGithubViewerPermission === true && !input.isCi && repo !== null ? yield* gitService.githubViewerPermission({
+		directory: scanDirectory,
+		repo
+	}).pipe(Effect.orElseSucceed(() => null)) : null;
 	const scoreMetadata = {
 		...repo !== null ? { repo } : {},
 		...sha !== null ? { sha } : {},
 		framework: project.framework,
 		...project.reactVersion !== null ? { reactVersion: project.reactVersion } : {},
 		sourceFileCount: project.sourceFileCount,
-		...defaultBranch !== null ? { defaultBranch } : {}
+		...defaultBranch !== null ? { defaultBranch } : {},
+		...input.doctorVersion !== void 0 ? { doctorVersion: input.doctorVersion } : {},
+		...githubActionsScoreMetadata,
+		...githubViewerPermission !== null ? { githubViewerPermission } : {}
 	};
 	const lintIncludePaths = computeJsxIncludePaths([...input.includePaths]) ?? resolveLintIncludePaths(scanDirectory, resolvedConfig.config);
 	const beforeLint = hooks.beforeLint ?? NO_HOOKS.beforeLint;
@@ -5972,7 +6188,7 @@ const runInspect = (input, hooks = {}) => Effect.gen(function* () {
 		readFileLinesSync: fileReader(filesService, scanDirectory),
 		respectInlineDisables: input.respectInlineDisables
 	});
-	const environmentDiagnostics = isDiffMode ? [] : checkReducedMotion(scanDirectory);
+	const environmentDiagnostics = isDiffMode ? [] : [...checkReducedMotion(scanDirectory), ...checkPnpmHardening(scanDirectory)];
 	const emptyDiagnosticStream = Stream.empty;
 	const rawLintStream = linterService.run({
 		rootDirectory: scanDirectory,
@@ -6500,7 +6716,8 @@ const diagnose = async (directory, options = {}) => {
 		adoptExistingLintConfig: initialLoadedConfig?.config?.adoptExistingLintConfig ?? true,
 		ignoredTags: new Set(initialLoadedConfig?.config?.ignore?.tags ?? []),
 		runDeadCode: options.deadCode ?? initialLoadedConfig?.config?.deadCode ?? true,
-		isCi: false
+		isCi: false,
+		resolveLocalGithubViewerPermission: true
 	});
 	const output = await Effect.runPromise(program.pipe(Effect.provide(buildLayerStack()), Effect.provide(layerOtlp), Effect.catchReasons("ReactDoctorError", {
 		NoReactDependency: (reason) => Effect.die(new NoReactDependencyError(reason.directory)),

package/dist/rolldown-runtime-uZX_iqCz.js

@@ -0,0 +1,35 @@
+import { createRequire } from "node:module";
+//#region \0rolldown/runtime.js
+var __create = Object.create;
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __getProtoOf = Object.getPrototypeOf;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __commonJSMin = (cb, mod) => () => (mod || (cb((mod = { exports: {} }).exports, mod), cb = null), mod.exports);
+var __exportAll = (all, no_symbols) => {
+	let target = {};
+	for (var name in all) __defProp(target, name, {
+		get: all[name],
+		enumerable: true
+	});
+	if (!no_symbols) __defProp(target, Symbol.toStringTag, { value: "Module" });
+	return target;
+};
+var __copyProps = (to, from, except, desc) => {
+	if (from && typeof from === "object" || typeof from === "function") for (var keys = __getOwnPropNames(from), i = 0, n = keys.length, key; i < n; i++) {
+		key = keys[i];
+		if (!__hasOwnProp.call(to, key) && key !== except) __defProp(to, key, {
+			get: ((k) => from[k]).bind(null, key),
+			enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable
+		});
+	}
+	return to;
+};
+var __toESM = (mod, isNodeMode, target) => (target = mod != null ? __create(__getProtoOf(mod)) : {}, __copyProps(isNodeMode || !mod || !mod.__esModule ? __defProp(target, "default", {
+	value: mod,
+	enumerable: true
+}) : target, mod));
+var __require = /* @__PURE__ */ createRequire(import.meta.url);
+//#endregion
+export { __toESM as i, __exportAll as n, __require as r, __commonJSMin as t };

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "react-doctor",
-  "version": "0.2.4",
+  "version": "0.2.6",
   "description": "Diagnose and fix React codebases for security, performance, correctness, accessibility, bundle-size, and architecture issues",
   "keywords": [
     "accessibility",
@@ -49,22 +49,23 @@
     }
   },
   "dependencies": {
-    "@effect/platform-node": "4.0.0-beta.70",
+    "@effect/platform-node-shared": "4.0.0-beta.70",
     "agent-install": "0.0.5",
+    "conf": "^15.1.0",
     "deslop-js": "^0.0.12",
     "effect": "4.0.0-beta.70",
     "oxlint": "^1.66.0",
     "prompts": "^2.4.2",
     "typescript": ">=5.0.4 <7",
-    "oxlint-plugin-react-doctor": "0.2.4"
+    "oxlint-plugin-react-doctor": "0.2.6"
   },
   "devDependencies": {
     "@types/prompts": "^2.4.9",
     "commander": "^14.0.3",
     "eslint-plugin-react-hooks": "^7.1.1",
     "ora": "^9.4.0",
-    "@react-doctor/api": "0.2.4",
-    "@react-doctor/core": "0.2.4"
+    "@react-doctor/api": "0.2.6",
+    "@react-doctor/core": "0.2.6"
   },
   "peerDependencies": {
     "eslint-plugin-react-hooks": "^6 || ^7"
@@ -75,7 +76,7 @@
     }
   },
   "engines": {
-    "node": ">=22.13.0"
+    "node": "^20.19.0 || >=22.12.0"
   },
   "scripts": {
     "dev": "vp pack --watch",