renovate 42.3.0 → 42.4.1

package/dist/workers/repository/process/vulnerabilities.js.map

@@ -1 +1 @@
-{"version":3,"file":"vulnerabilities.js","sourceRoot":"","sources":["../../../../lib/workers/repository/process/vulnerabilities.ts"],"names":[],"mappings":";;;;AAEA,0DAAsD;AACtD,kEAAkC;AAElC,2DAAgD;AAChD,6BAAwB;AACxB,4CAAqE;AAErE,4CAAyC;AACzC,+DAA0E;AAM1E,4DAAmE;AACnE,qDAA0D;AAC1D,kEAA4C;AAC5C,+CAA4C;AAC5C,iDAAiD;AAOjD,MAAa,eAAe;IAClB,UAAU,CAAyB;IAEnC,MAAM,CAAU,sBAAsB,GAG1C;QACF,KAAK,EAAE,WAAW;QAClB,EAAE,EAAE,IAAI;QACR,OAAO,EAAE,SAAS;QAClB,GAAG,EAAE,KAAK;QACV,KAAK,EAAE,OAAO;QACd,GAAG,EAAE,KAAK;QACV,KAAK,EAAE,OAAO;QACd,SAAS,EAAE,WAAW;QACtB,IAAI,EAAE,MAAM;QACZ,QAAQ,EAAE,UAAU;KACrB,CAAC;IAEF;QACE,sBAAsB;IACxB,CAAC;IAEO,KAAK,CAAC,UAAU;QACtB,IAAI,CAAC,UAAU,GAAG,MAAM,wBAAU,CAAC,MAAM,EAAE,CAAC;IAC9C,CAAC;IAED,MAAM,CAAC,KAAK,CAAC,MAAM;QACjB,MAAM,QAAQ,GAAG,IAAI,eAAe,EAAE,CAAC;QACvC,MAAM,QAAQ,CAAC,UAAU,EAAE,CAAC;QAC5B,OAAO,QAAQ,CAAC;IAClB,CAAC;IAED,KAAK,CAAC,+BAA+B,CACnC,MAAsB,EACtB,YAA2C;QAE3C,MAAM,yBAAyB,GAAG,MAAM,IAAI,CAAC,8BAA8B,CACzE,MAAM,EACN,YAAY,CACb,CAAC;QAEF,MAAM,CAAC,YAAY,KAAK,EAAE,CAAC;QAC3B,KAAK,MAAM,EACT,eAAe,EACf,aAAa,GACd,IAAI,yBAAyB,EAAE,CAAC;YAC/B,MAAM,iBAAiB,GAAkB,EAAE,CAAC;YAC5C,KAAK,MAAM,aAAa,IAAI,eAAe,EAAE,CAAC;gBAC5C,MAAM,IAAI,GAAG,IAAI,CAAC,2BAA2B,CAAC,aAAa,CAAC,CAAC;gBAC7D,IAAI,YAAE,CAAC,eAAe,CAAC,IAAI,CAAC,EAAE,CAAC;oBAC7B,SAAS;gBACX,CAAC;gBACD,iBAAiB,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YAC/B,CAAC;YACD,IAAI,CAAC,kBAAkB,CAAC,iBAAiB,EAAE,aAAa,CAAC,CAAC;YAE1D,MAAM,CAAC,YAAY,CAAC,IAAI,CAAC,GAAG,iBAAiB,CAAC,CAAC;QACjD,CAAC;IACH,CAAC;IAED,KAAK,CAAC,oBAAoB,CACxB,MAAsB,EACtB,YAA2C;QAE3C,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,8BAA8B,CACtD,MAAM,EACN,YAAY,CACb,CAAC;QACF,OAAO,MAAM,CAAC,OAAO,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,eAAe,CAAC,CAAC;IAC1D,CAAC;IAEO,KAAK,CAAC,8BAA8B,CAC1C,MAAsB,EACtB,YAA2C;QAE3C,MAAM,QAAQ,GAAG,MAAM,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC;QAC3C,MAAM,cAAc,GAAG,QAAQ,CAAC,GAAG,CAAC,CAAC,OAAO,EAAE,EAAE,CAC9C,IAAI,CAAC,2BAA2B,CAAC,MAAM,EAAE,YAAY,EAAE,OAAO,CAAC,CAChE,CAAC;QACF,OAAO,CAAC,MAAM,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;IACpD,CAAC;IAEO,KAAK,CAAC,2BAA2B,CACvC,MAAsB,EACtB,YAA2C,EAC3C,OAAe;QAEf,MAAM,aAAa,GAAG,IAAA,yBAAgB,EAAC,MAAM,EAAE,OAAO,CAAC,CAAC;QACxD,MAAM,KAAK,GAAG,YAAY,CAAC,OAAO,CAAC,CAAC,GAAG,CACrC,CAAC,KAAK,EAAE,EAAE,CAAC,GAAyC,EAAE,CACpD,IAAI,CAAC,sCAAsC,CAAC,aAAa,EAAE,KAAK,CAAC,CACpE,CAAC;QACF,eAAM,CAAC,KAAK,CACV,EAAE,OAAO,EAAE,WAAW,EAAE,KAAK,CAAC,MAAM,EAAE,EACtC,sCAAsC,CACvC,CAAC;QACF,MAAM,MAAM,GAAG,CAAC,MAAM,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;QAC3C,eAAM,CAAC,KAAK,CAAC,EAAE,OAAO,EAAE,EAAE,sCAAsC,CAAC,CAAC;QAClE,OAAO,MAAM,CAAC;IAChB,CAAC;IAEO,KAAK,CAAC,sCAAsC,CAClD,aAA6B,EAC7B,KAAkB;QAElB,MAAM,EAAE,WAAW,EAAE,GAAG,KAAK,CAAC;QAC9B,MAAM,iBAAiB,GAAG,IAAA,yBAAgB,EAAC,aAAa,EAAE,KAAK,CAAC,CAAC;QACjE,MAAM,EAAE,OAAO,EAAE,GAAG,iBAAiB,CAAC;QACtC,MAAM,KAAK,GAAG,KAAK,CAAC,IAAI,CAAC,GAAG,CAC1B,CAAC,GAAG,EAAE,EAAE,CAAC,GAA8C,EAAE,CACvD,IAAI,CAAC,4BAA4B,CAAC,iBAAiB,EAAE,GAAG,CAAC,CAC5D,CAAC;QACF,eAAM,CAAC,KAAK,CACV,EAAE,OAAO,EAAE,WAAW,EAAE,WAAW,EAAE,KAAK,CAAC,MAAM,EAAE,EACnD,kEAAkE,CACnE,CAAC;QAEF,MAAM,MAAM,GAAG,MAAM,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;QAClC,eAAM,CAAC,KAAK,CACV,EAAE,WAAW,EAAE,EACf,iDAAiD,CAClD,CAAC;QAEF,OAAO,MAAM,CAAC,MAAM,CAAC,YAAE,CAAC,MAAM,CAAC,CAAC;IAClC,CAAC;IAEO,KAAK,CAAC,4BAA4B,CACxC,iBAA+C,EAC/C,GAAsB;QAEtB,MAAM,SAAS,GAAG,eAAe,CAAC,sBAAsB,CAAC,GAAG,CAAC,UAAW,CAAC,CAAC;QAC1E,IAAI,CAAC,SAAS,EAAE,CAAC;YACf,eAAM,CAAC,KAAK,CAAC,yBAAyB,GAAG,CAAC,UAAW,mBAAmB,CAAC,CAAC;YAC1E,OAAO,IAAI,CAAC;QACd,CAAC;QAED,IAAI,WAAW,GAAG,GAAG,CAAC,WAAW,IAAI,GAAG,CAAC,OAAQ,CAAC;QAClD,IAAI,SAAS,KAAK,MAAM,EAAE,CAAC;YACzB,qDAAqD;YACrD,WAAW,GAAG,WAAW,CAAC,WAAW,EAAE,CAAC,OAAO,CAAC,IAAA,aAAK,EAAC,SAAS,CAAC,EAAE,GAAG,CAAC,CAAC;QACzE,CAAC;QAED,IAAI,CAAC;YACH,MAAM,kBAAkB,GAAG,MAAM,IAAI,CAAC,UAAU,EAAE,kBAAkB,CAClE,SAAS,EACT,WAAW,CACZ,CAAC;YACF,IACE,YAAE,CAAC,eAAe,CAAC,kBAAkB,CAAC;gBACtC,YAAE,CAAC,UAAU,CAAC,kBAAkB,CAAC,EACjC,CAAC;gBACD,eAAM,CAAC,KAAK,CACV,gDAAgD,WAAW,EAAE,CAC9D,CAAC;gBACF,OAAO,IAAI,CAAC;YACd,CAAC;YAED,MAAM,UAAU,GACd,GAAG,CAAC,aAAa,IAAI,GAAG,CAAC,cAAc,IAAI,GAAG,CAAC,YAAa,CAAC;YAE/D,MAAM,UAAU,GAAG,GAAG,CAAC,UAAU,IAAI,IAAA,6BAAoB,EAAC,GAAG,CAAC,UAAU,CAAC,CAAC;YAC1E,MAAM,aAAa,GAAG,IAAA,gBAAa,EAAC,UAAU,CAAC,CAAC;YAEhD,IAAI,CAAC,aAAa,CAAC,SAAS,CAAC,UAAU,CAAC,EAAE,CAAC;gBACzC,eAAM,CAAC,KAAK,CACV,6CAA6C,WAAW,+BAA+B,UAAU,EAAE,CACpG,CAAC;gBACF,OAAO,IAAI,CAAC;YACd,CAAC;YAED,MAAM,eAAe,GAAoB,EAAE,CAAC;YAC5C,KAAK,MAAM,gBAAgB,IAAI,kBAAkB,EAAE,CAAC;gBAClD,IAAI,gBAAgB,CAAC,SAAS,EAAE,CAAC;oBAC/B,eAAM,CAAC,KAAK,CACV,oCAAoC,gBAAgB,CAAC,EAAE,EAAE,CAC1D,CAAC;oBACF,SAAS;gBACX,CAAC;gBAED,KAAK,MAAM,QAAQ,IAAI,gBAAgB,CAAC,QAAQ,IAAI,EAAE,EAAE,CAAC;oBACvD,MAAM,YAAY,GAAG,IAAI,CAAC,mBAAmB,CAC3C,SAAS,EACT,WAAW,EACX,UAAU,EACV,QAAQ,EACR,aAAa,CACd,CAAC;oBACF,IAAI,CAAC,YAAY,EAAE,CAAC;wBAClB,SAAS;oBACX,CAAC;oBAED,eAAM,CAAC,KAAK,CACV,iBAAiB,gBAAgB,CAAC,EAAE,YAAY,WAAW,IAAI,UAAU,EAAE,CAC5E,CAAC;oBACF,MAAM,YAAY,GAAG,IAAI,CAAC,eAAe,CACvC,SAAS,EACT,UAAU,EACV,QAAQ,EACR,aAAa,CACd,CAAC;oBAEF,eAAe,CAAC,IAAI,CAAC;wBACnB,WAAW;wBACX,aAAa,EAAE,gBAAgB;wBAC/B,QAAQ;wBACR,UAAU;wBACV,YAAY;wBACZ,UAAU,EAAE,GAAG,CAAC,UAAW;wBAC3B,iBAAiB;qBAClB,CAAC,CAAC;gBACL,CAAC;YACH,CAAC;YAED,OAAO,EAAE,eAAe,EAAE,aAAa,EAAE,CAAC;QAC5C,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,eAAM,CAAC,IAAI,CACT,EAAE,GAAG,EAAE,WAAW,EAAE,EACpB,sDAAsD,CACvD,CAAC;YACF,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IAEO,kBAAkB,CACxB,YAA2B,EAC3B,aAA4B;QAE5B,MAAM,eAAe,GAA2B,EAAE,CAAC;QACnD,KAAK,MAAM,IAAI,IAAI,YAAY,EAAE,CAAC;YAChC,MAAM,OAAO,GAAG,IAAI,CAAC,eAAyB,CAAC;YAC/C,eAAe,CAAC,OAAO,CAAC,GAAG,OAAO,CAAC,OAAO,CAAC,IAAA,aAAK,EAAC,YAAY,CAAC,EAAE,EAAE,CAAC,CAAC;QACtE,CAAC;QACD,YAAY,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CACzB,aAAa,CAAC,YAAY,CACxB,eAAe,CAAC,CAAC,CAAC,eAAyB,CAAC,EAC5C,eAAe,CAAC,CAAC,CAAC,eAAyB,CAAC,CAC7C,CACF,CAAC;IACJ,CAAC;IAED,iEAAiE;IACzD,UAAU,CAChB,MAAmB,EACnB,aAA4B;QAE5B,MAAM,UAAU,GAAgB,EAAE,CAAC;QACnC,IAAI,SAAS,GAAqB,IAAI,CAAC;QAEvC,KAAK,MAAM,KAAK,IAAI,MAAM,EAAE,CAAC;YAC3B,IAAI,KAAK,CAAC,UAAU,KAAK,GAAG,EAAE,CAAC;gBAC7B,SAAS,GAAG,KAAK,CAAC;YACpB,CAAC;iBAAM,IAAI,aAAa,CAAC,SAAS,CAAC,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;gBAC5D,UAAU,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;YACzB,CAAC;iBAAM,CAAC;gBACN,eAAM,CAAC,KAAK,CAAC,EAAE,KAAK,EAAE,EAAE,yCAAyC,CAAC,CAAC;YACrE,CAAC;QACH,CAAC;QAED,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE;QACvB,+DAA+D;QAC/D,aAAa,CAAC,YAAY,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CACrE,CAAC;QAEF,IAAI,SAAS,EAAE,CAAC;YACd,UAAU,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;QAChC,CAAC;QAED,OAAO,UAAU,CAAC;IACpB,CAAC;IAEO,iBAAiB,CACvB,SAAoB,EACpB,WAAmB,EACnB,QAAsB;QAEtB,OAAO,CACL,QAAQ,CAAC,OAAO,EAAE,IAAI,KAAK,WAAW;YACtC,QAAQ,CAAC,OAAO,EAAE,SAAS,KAAK,SAAS,CAC1C,CAAC;IACJ,CAAC;IAEO,kBAAkB,CACxB,UAAkB,EAClB,QAAsB;QAEtB,OAAO,CAAC,CAAC,QAAQ,CAAC,QAAQ,EAAE,QAAQ,CAAC,UAAU,CAAC,CAAC;IACnD,CAAC;IAEO,gBAAgB,CACtB,UAAkB,EAClB,QAAsB,EACtB,aAA4B;QAE5B,KAAK,MAAM,KAAK,IAAI,QAAQ,CAAC,MAAM,IAAI,EAAE,EAAE,CAAC;YAC1C,IAAI,KAAK,CAAC,IAAI,KAAK,KAAK,EAAE,CAAC;gBACzB,SAAS;YACX,CAAC;YAED,IAAI,UAAU,GAAG,KAAK,CAAC;YACvB,KAAK,MAAM,KAAK,IAAI,IAAI,CAAC,UAAU,CAAC,KAAK,CAAC,MAAM,EAAE,aAAa,CAAC,EAAE,CAAC;gBACjE,IACE,YAAE,CAAC,cAAc,CAAC,KAAK,CAAC,UAAU,CAAC;oBACnC,CAAC,KAAK,CAAC,UAAU,KAAK,GAAG;wBACvB,IAAI,CAAC,eAAe,CAAC,UAAU,EAAE,KAAK,CAAC,UAAU,EAAE,aAAa,CAAC,CAAC,EACpE,CAAC;oBACD,UAAU,GAAG,IAAI,CAAC;gBACpB,CAAC;qBAAM,IACL,YAAE,CAAC,cAAc,CAAC,KAAK,CAAC,KAAK,CAAC;oBAC9B,IAAI,CAAC,eAAe,CAAC,UAAU,EAAE,KAAK,CAAC,KAAK,EAAE,aAAa,CAAC,EAC5D,CAAC;oBACD,UAAU,GAAG,KAAK,CAAC;gBACrB,CAAC;qBAAM,IACL,YAAE,CAAC,cAAc,CAAC,KAAK,CAAC,aAAa,CAAC;oBACtC,IAAI,CAAC,WAAW,CAAC,UAAU,EAAE,KAAK,CAAC,aAAa,EAAE,aAAa,CAAC,EAChE,CAAC;oBACD,UAAU,GAAG,KAAK,CAAC;gBACrB,CAAC;YACH,CAAC;YAED,IAAI,UAAU,EAAE,CAAC;gBACf,OAAO,IAAI,CAAC;YACd,CAAC;QACH,CAAC;QAED,OAAO,KAAK,CAAC;IACf,CAAC;IAED,gDAAgD;IACxC,mBAAmB,CACzB,SAAoB,EACpB,WAAmB,EACnB,UAAkB,EAClB,QAAsB,EACtB,aAA4B;QAE5B,OAAO,CACL,IAAI,CAAC,iBAAiB,CAAC,SAAS,EAAE,WAAW,EAAE,QAAQ,CAAC;YACxD,CAAC,IAAI,CAAC,kBAAkB,CAAC,UAAU,EAAE,QAAQ,CAAC;gBAC5C,IAAI,CAAC,gBAAgB,CAAC,UAAU,EAAE,QAAQ,EAAE,aAAa,CAAC,CAAC,CAC9D,CAAC;IACJ,CAAC;IAEO,eAAe,CACrB,SAAoB,EACpB,UAAkB,EAClB,QAAsB,EACtB,aAA4B;QAE5B,MAAM,aAAa,GAAa,EAAE,CAAC;QACnC,MAAM,oBAAoB,GAAa,EAAE,CAAC;QAE1C,KAAK,MAAM,KAAK,IAAI,QAAQ,CAAC,MAAM,IAAI,EAAE,EAAE,CAAC;YAC1C,IAAI,KAAK,CAAC,IAAI,KAAK,KAAK,EAAE,CAAC;gBACzB,SAAS;YACX,CAAC;YAED,KAAK,MAAM,KAAK,IAAI,KAAK,CAAC,MAAM,EAAE,CAAC;gBACjC,IACE,YAAE,CAAC,cAAc,CAAC,KAAK,CAAC,KAAK,CAAC;oBAC9B,aAAa,CAAC,SAAS,CAAC,KAAK,CAAC,KAAK,CAAC,EACpC,CAAC;oBACD,aAAa,CAAC,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;gBAClC,CAAC;qBAAM,IACL,YAAE,CAAC,cAAc,CAAC,KAAK,CAAC,aAAa,CAAC;oBACtC,aAAa,CAAC,SAAS,CAAC,KAAK,CAAC,aAAa,CAAC,EAC5C,CAAC;oBACD,oBAAoB,CAAC,IAAI,CAAC,KAAK,CAAC,aAAa,CAAC,CAAC;gBACjD,CAAC;YACH,CAAC;QACH,CAAC;QAED,aAAa,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,aAAa,CAAC,YAAY,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;QAC/D,MAAM,YAAY,GAAG,aAAa,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,EAAE,CAClD,IAAI,CAAC,WAAW,CAAC,OAAO,EAAE,UAAU,EAAE,aAAa,CAAC,CACrD,CAAC;QACF,IAAI,YAAY,EAAE,CAAC;YACjB,OAAO,IAAI,CAAC,0BAA0B,CAAC,YAAY,EAAE,SAAS,CAAC,CAAC;QAClE,CAAC;QAED,oBAAoB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,aAAa,CAAC,YAAY,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;QACtE,MAAM,YAAY,GAAG,oBAAoB,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,EAAE,CACzD,IAAI,CAAC,eAAe,CAAC,OAAO,EAAE,UAAU,EAAE,aAAa,CAAC,CACzD,CAAC;QACF,IAAI,YAAY,EAAE,CAAC;YACjB,OAAO,IAAI,CAAC,0BAA0B,CAAC,YAAY,EAAE,SAAS,CAAC,CAAC;QAClE,CAAC;QAED,OAAO,IAAI,CAAC;IACd,CAAC;IAEO,0BAA0B,CAChC,YAAoB,EACpB,SAAoB;QAEpB,IAAI,SAAS,KAAK,OAAO,IAAI,SAAS,KAAK,OAAO,EAAE,CAAC;YACnD,OAAO,IAAI,YAAY,IAAI,CAAC;QAC9B,CAAC;QAED,0CAA0C;QAC1C,OAAO,MAAM,YAAY,EAAE,CAAC;IAC9B,CAAC;IAEO,0BAA0B,CAChC,YAAoB,EACpB,SAAoB;QAEpB,IAAI,SAAS,KAAK,OAAO,EAAE,CAAC;YAC1B,OAAO,IAAI,YAAY,IAAI,CAAC;QAC9B,CAAC;QAED,0CAA0C;QAC1C,OAAO,KAAK,YAAY,EAAE,CAAC;IAC7B,CAAC;IAEO,WAAW,CACjB,OAAe,EACf,KAAa,EACb,aAA4B;QAE5B,OAAO,CACL,aAAa,CAAC,SAAS,CAAC,OAAO,CAAC;YAChC,aAAa,CAAC,SAAS,CAAC,KAAK,CAAC;YAC9B,aAAa,CAAC,aAAa,CAAC,OAAO,EAAE,KAAK,CAAC,CAC5C,CAAC;IACJ,CAAC;IAEO,eAAe,CACrB,OAAe,EACf,KAAa,EACb,aAA4B;QAE5B,OAAO,CACL,aAAa,CAAC,SAAS,CAAC,OAAO,CAAC;YAChC,aAAa,CAAC,SAAS,CAAC,KAAK,CAAC;YAC9B,CAAC,aAAa,CAAC,MAAM,CAAC,OAAO,EAAE,KAAK,CAAC;gBACnC,aAAa,CAAC,aAAa,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC,CAC/C,CAAC;IACJ,CAAC;IAEO,2BAA2B,CAAC,GAAkB;QACpD,MAAM,EACJ,aAAa,EACb,QAAQ,EACR,WAAW,EACX,UAAU,EACV,YAAY,EACZ,UAAU,EACV,iBAAiB,GAClB,GAAG,GAAG,CAAC;QACR,IAAI,YAAE,CAAC,eAAe,CAAC,YAAY,CAAC,EAAE,CAAC;YACrC,eAAM,CAAC,KAAK,CACV,gDAAgD,aAAa,CAAC,EAAE,OAAO,WAAW,IAAI,UAAU,EAAE,CACnG,CAAC;YACF,OAAO,IAAI,CAAC;QACd,CAAC;QAED,eAAM,CAAC,KAAK,CACV,2BAA2B,YAAY,yBAAyB,aAAa,CAAC,EAAE,OAAO,WAAW,IAAI,UAAU,EAAE,CACnH,CAAC;QAEF,MAAM,eAAe,GAAG,IAAI,CAAC,sBAAsB,CACjD,aAAa,EACb,QAAQ,CACT,CAAC;QAEF,OAAO;YACL,gBAAgB,EAAE,CAAC,UAAU,CAAC;YAC9B,iBAAiB,EAAE,CAAC,WAAW,CAAC;YAChC,mBAAmB,EAAE,UAAU;YAC/B,eAAe,EAAE,YAAY;YAC7B,oBAAoB,EAAE,IAAI;YAC1B,qBAAqB,EAAE,eAAe,CAAC,aAAa;YACpD,WAAW,EAAE,IAAI,CAAC,mBAAmB,CAAC,aAAa,EAAE,QAAQ,CAAC;YAC9D,KAAK,EAAE;gBACL,GAAG,iBAAiB,CAAC,mBAAmB;aACzC;SACF,CAAC;IACJ,CAAC;IAED,MAAM,CAAC,kBAAkB,CAAC,MAAc;QACtC,MAAM,cAAc,GAAG,OAAC,CAAC,MAAM,CAAC;YAC9B,SAAS,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC;YAClC,YAAY,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,WAAW,EAAE,CAAC,OAAO,CAAC,SAAS,CAAC;SAC1D,CAAC,CAAC;QAEH,IAAI,CAAC;YACH,MAAM,eAAe,GAA2B,IAAA,+BAAU,EAAC,MAAM,CAAC,CAAC;YACnE,MAAM,GAAG,GAAG,cAAc,CAAC,KAAK,CAAC,eAAe,EAAE,gBAAgB,EAAE,CAAC,CAAC;YAEtE,OAAO,CAAC,GAAG,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,GAAG,CAAC,YAAY,CAAC,CAAC;QACtD,CAAC;QAAC,MAAM,CAAC;YACP,eAAM,CAAC,KAAK,CAAC,gCAAgC,MAAM,EAAE,CAAC,CAAC;QACzD,CAAC;QAED,OAAO,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;IAClB,CAAC;IAEO,mBAAmB,CACzB,aAAgC,EAChC,QAAsB;QAEtB,IAAI,OAAO,GAAG,CAAC,aAAa,CAAC,EAAE,CAAC,CAAC,MAAM,CAAC,aAAa,CAAC,OAAO,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC;QAC5E,OAAO,GAAG,OAAO,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,EAAE;YAC3B,IAAI,EAAE,CAAC,UAAU,CAAC,MAAM,CAAC,EAAE,CAAC;gBAC1B,OAAO,IAAI,EAAE,sCAAsC,EAAE,GAAG,CAAC;YAC3D,CAAC;iBAAM,IAAI,EAAE,CAAC,UAAU,CAAC,OAAO,CAAC,EAAE,CAAC;gBAClC,OAAO,IAAI,EAAE,mCAAmC,EAAE,GAAG,CAAC;YACxD,CAAC;iBAAM,IAAI,EAAE,CAAC,UAAU,CAAC,KAAK,CAAC,EAAE,CAAC;gBAChC,OAAO,IAAI,EAAE,6BAA6B,EAAE,GAAG,CAAC;YAClD,CAAC;iBAAM,IAAI,EAAE,CAAC,UAAU,CAAC,UAAU,CAAC,EAAE,CAAC;gBACrC,OAAO,IAAI,EAAE,oCAAoC,EAAE,QAAQ,CAAC;YAC9D,CAAC;YAED,OAAO,EAAE,CAAC;QACZ,CAAC,CAAC,CAAC;QAEH,IAAI,OAAO,GAAG,iBAAiB,CAAC;QAChC,OAAO,IAAI,aAAa,CAAC,OAAO,CAAC,CAAC,CAAC,GAAG,aAAa,CAAC,OAAO,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC;QACrE,OAAO,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC;QACtC,OAAO,IAAI,oDAAoD,CAAC;QAEhE,MAAM,OAAO,GAAG,aAAa,CAAC,OAAO,EAAE,OAAO,CAC5C,IAAA,aAAK,EAAC,YAAY,CAAC,EACnB,QAAQ,CACT,CAAC;QACF,OAAO,IAAI,iBAAiB,OAAO,IAAI,aAAa,IAAI,CAAC;QAEzD,OAAO,IAAI,iBAAiB,CAAC;QAC7B,MAAM,eAAe,GAAG,IAAI,CAAC,sBAAsB,CACjD,aAAa,EACb,QAAQ,CACT,CAAC;QAEF,IAAI,eAAe,CAAC,UAAU,EAAE,CAAC;YAC/B,OAAO,IAAI,iBAAiB,eAAe,CAAC,KAAK,IAAI,CAAC;YACtD,OAAO,IAAI,sBAAsB,eAAe,CAAC,UAAU,MAAM,CAAC;QACpE,CAAC;aAAM,CAAC;YACN,OAAO,IAAI,GAAG,IAAA,kBAAS,EAAC,eAAe,CAAC,aAAa,CAAC,IAAI,CAAC;QAC7D,CAAC;QAED,OAAO,IAAI,sBACT,aAAa,CAAC,UAAU;YACtB,EAAE,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE;YACZ,OAAO,MAAM,GAAG,CAAC,GAAG,KAAK,GAAG,CAAC,GAAG,GAAG,CAAC;QACtC,CAAC,CAAC;aACD,IAAI,CAAC,IAAI,CAAC,IAAI,gBACnB,EAAE,CAAC;QAEH,IAAI,WAAW,GAAG,EAAE,CAAC;QACrB,IAAI,aAAa,CAAC,EAAE,CAAC,UAAU,CAAC,OAAO,CAAC,EAAE,CAAC;YACzC,WAAW,GAAG,kKAAkK,CAAC;QACnL,CAAC;aAAM,IAAI,aAAa,CAAC,EAAE,CAAC,UAAU,CAAC,KAAK,CAAC,EAAE,CAAC;YAC9C,WAAW,GAAG,gIAAgI,CAAC;QACjJ,CAAC;aAAM,IAAI,aAAa,CAAC,EAAE,CAAC,UAAU,CAAC,QAAQ,CAAC,EAAE,CAAC;YACjD,WAAW,GAAG,yJAAyJ,CAAC;QAC1K,CAAC;aAAM,IAAI,aAAa,CAAC,EAAE,CAAC,UAAU,CAAC,UAAU,CAAC,EAAE,CAAC;YACnD,WAAW,GAAG,qJAAqJ,CAAC;QACtK,CAAC;QACD,OAAO,IAAI,oEAAoE,aAAa,CAAC,EAAE,IAAI,WAAW,KAAK,CAAC;QACpH,OAAO,IAAI,YAAY,CAAC;QAExB,OAAO,CAAC,IAAA,2BAAgB,EAAC,OAAO,CAAC,CAAC,CAAC;IACrC,CAAC;IAEO,sBAAsB,CAC5B,aAAgC,EAChC,QAAsB;QAEtB,IAAI,aAAa,GAAG,SAAS,CAAC;QAC9B,IAAI,KAAK,GAAG,SAAS,CAAC;QAEtB,MAAM,UAAU,GACd,aAAa,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,SAAS,CAAC,EAAE,KAAK;YAChE,aAAa,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,SAAS,CAAC,EAAE,KAAK;YAC/D,QAAQ,CAAC,iBAAiB,EAAE,IAAe,CAAC,CAAC,UAAU;QAE1D,IAAI,UAAU,EAAE,CAAC;YACf,MAAM,CAAC,SAAS,EAAE,QAAQ,CAAC,GACzB,eAAe,CAAC,kBAAkB,CAAC,UAAU,CAAC,CAAC;YACjD,aAAa,GAAG,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9D,KAAK,GAAG,SAAS;gBACf,CAAC,CAAC,GAAG,SAAS,UAAU,IAAA,kBAAS,EAAC,aAAa,CAAC,GAAG;gBACnD,CAAC,CAAC,SAAS,CAAC;QAChB,CAAC;aAAM,IACL,aAAa,CAAC,EAAE,CAAC,UAAU,CAAC,OAAO,CAAC;YACpC,aAAa,CAAC,iBAAiB,EAAE,QAAQ,EACzC,CAAC;YACD,MAAM,QAAQ,GAAG,aAAa,CAAC,iBAAiB,CAAC,QAAkB,CAAC;YACpE,aAAa,GAAG,QAAQ,CAAC,WAAW,EAAE,CAAC;QACzC,CAAC;QAED,OAAO;YACL,UAAU;YACV,KAAK;YACL,aAAa;SACd,CAAC;IACJ,CAAC;;AArlBH,0CAslBC","sourcesContent":["// TODO #22198\nimport type { Ecosystem, Osv } from '@renovatebot/osv-offline';\nimport { OsvOffline } from '@renovatebot/osv-offline';\nimport is from '@sindresorhus/is';\nimport type { CvssVector } from 'ae-cvss-calculator';\nimport { fromVector } from 'ae-cvss-calculator';\nimport { z } from 'zod';\nimport { getManagerConfig, mergeChildConfig } from '../../../config';\nimport type { PackageRule, RenovateConfig } from '../../../config/types';\nimport { logger } from '../../../logger';\nimport { getDefaultVersioning } from '../../../modules/datasource/common';\nimport type {\n  PackageDependency,\n  PackageFile,\n} from '../../../modules/manager/types';\nimport type { VersioningApi } from '../../../modules/versioning';\nimport { get as getVersioning } from '../../../modules/versioning';\nimport { sanitizeMarkdown } from '../../../util/markdown';\nimport * as p from '../../../util/promises';\nimport { regEx } from '../../../util/regex';\nimport { titleCase } from '../../../util/string';\nimport type {\n  DependencyVulnerabilities,\n  SeverityDetails,\n  Vulnerability,\n} from './types';\n\nexport class Vulnerabilities {\n  private osvOffline: OsvOffline | undefined;\n\n  private static readonly datasourceEcosystemMap: Record<\n    string,\n    Ecosystem | undefined\n  > = {\n    crate: 'crates.io',\n    go: 'Go',\n    hackage: 'Hackage',\n    hex: 'Hex',\n    maven: 'Maven',\n    npm: 'npm',\n    nuget: 'NuGet',\n    packagist: 'Packagist',\n    pypi: 'PyPI',\n    rubygems: 'RubyGems',\n  };\n\n  private constructor() {\n    // private constructor\n  }\n\n  private async initialize(): Promise<void> {\n    this.osvOffline = await OsvOffline.create();\n  }\n\n  static async create(): Promise<Vulnerabilities> {\n    const instance = new Vulnerabilities();\n    await instance.initialize();\n    return instance;\n  }\n\n  async appendVulnerabilityPackageRules(\n    config: RenovateConfig,\n    packageFiles: Record<string, PackageFile[]>,\n  ): Promise<void> {\n    const dependencyVulnerabilities = await this.fetchDependencyVulnerabilities(\n      config,\n      packageFiles,\n    );\n\n    config.packageRules ??= [];\n    for (const {\n      vulnerabilities,\n      versioningApi,\n    } of dependencyVulnerabilities) {\n      const groupPackageRules: PackageRule[] = [];\n      for (const vulnerability of vulnerabilities) {\n        const rule = this.vulnerabilityToPackageRules(vulnerability);\n        if (is.nullOrUndefined(rule)) {\n          continue;\n        }\n        groupPackageRules.push(rule);\n      }\n      this.sortByFixedVersion(groupPackageRules, versioningApi);\n\n      config.packageRules.push(...groupPackageRules);\n    }\n  }\n\n  async fetchVulnerabilities(\n    config: RenovateConfig,\n    packageFiles: Record<string, PackageFile[]>,\n  ): Promise<Vulnerability[]> {\n    const groups = await this.fetchDependencyVulnerabilities(\n      config,\n      packageFiles,\n    );\n    return groups.flatMap((group) => group.vulnerabilities);\n  }\n\n  private async fetchDependencyVulnerabilities(\n    config: RenovateConfig,\n    packageFiles: Record<string, PackageFile[]>,\n  ): Promise<DependencyVulnerabilities[]> {\n    const managers = Object.keys(packageFiles);\n    const allManagerJobs = managers.map((manager) =>\n      this.fetchManagerVulnerabilities(config, packageFiles, manager),\n    );\n    return (await Promise.all(allManagerJobs)).flat();\n  }\n\n  private async fetchManagerVulnerabilities(\n    config: RenovateConfig,\n    packageFiles: Record<string, PackageFile[]>,\n    manager: string,\n  ): Promise<DependencyVulnerabilities[]> {\n    const managerConfig = getManagerConfig(config, manager);\n    const queue = packageFiles[manager].map(\n      (pFile) => (): Promise<DependencyVulnerabilities[]> =>\n        this.fetchManagerPackageFileVulnerabilities(managerConfig, pFile),\n    );\n    logger.trace(\n      { manager, queueLength: queue.length },\n      'fetchManagerVulnerabilities starting',\n    );\n    const result = (await p.all(queue)).flat();\n    logger.trace({ manager }, 'fetchManagerVulnerabilities finished');\n    return result;\n  }\n\n  private async fetchManagerPackageFileVulnerabilities(\n    managerConfig: RenovateConfig,\n    pFile: PackageFile,\n  ): Promise<DependencyVulnerabilities[]> {\n    const { packageFile } = pFile;\n    const packageFileConfig = mergeChildConfig(managerConfig, pFile);\n    const { manager } = packageFileConfig;\n    const queue = pFile.deps.map(\n      (dep) => (): Promise<DependencyVulnerabilities | null> =>\n        this.fetchDependencyVulnerability(packageFileConfig, dep),\n    );\n    logger.trace(\n      { manager, packageFile, queueLength: queue.length },\n      'fetchManagerPackageFileVulnerabilities starting with concurrency',\n    );\n\n    const result = await p.all(queue);\n    logger.trace(\n      { packageFile },\n      'fetchManagerPackageFileVulnerabilities finished',\n    );\n\n    return result.filter(is.truthy);\n  }\n\n  private async fetchDependencyVulnerability(\n    packageFileConfig: RenovateConfig & PackageFile,\n    dep: PackageDependency,\n  ): Promise<DependencyVulnerabilities | null> {\n    const ecosystem = Vulnerabilities.datasourceEcosystemMap[dep.datasource!];\n    if (!ecosystem) {\n      logger.trace(`Cannot map datasource ${dep.datasource!} to OSV ecosystem`);\n      return null;\n    }\n\n    let packageName = dep.packageName ?? dep.depName!;\n    if (ecosystem === 'PyPI') {\n      // https://peps.python.org/pep-0503/#normalized-names\n      packageName = packageName.toLowerCase().replace(regEx(/[_.-]+/g), '-');\n    }\n\n    try {\n      const osvVulnerabilities = await this.osvOffline?.getVulnerabilities(\n        ecosystem,\n        packageName,\n      );\n      if (\n        is.nullOrUndefined(osvVulnerabilities) ||\n        is.emptyArray(osvVulnerabilities)\n      ) {\n        logger.trace(\n          `No vulnerabilities found in OSV database for ${packageName}`,\n        );\n        return null;\n      }\n\n      const depVersion =\n        dep.lockedVersion ?? dep.currentVersion ?? dep.currentValue!;\n\n      const versioning = dep.versioning ?? getDefaultVersioning(dep.datasource);\n      const versioningApi = getVersioning(versioning);\n\n      if (!versioningApi.isVersion(depVersion)) {\n        logger.debug(\n          `Skipping vulnerability lookup for package ${packageName} due to unsupported version ${depVersion}`,\n        );\n        return null;\n      }\n\n      const vulnerabilities: Vulnerability[] = [];\n      for (const osvVulnerability of osvVulnerabilities) {\n        if (osvVulnerability.withdrawn) {\n          logger.trace(\n            `Skipping withdrawn vulnerability ${osvVulnerability.id}`,\n          );\n          continue;\n        }\n\n        for (const affected of osvVulnerability.affected ?? []) {\n          const isVulnerable = this.isPackageVulnerable(\n            ecosystem,\n            packageName,\n            depVersion,\n            affected,\n            versioningApi,\n          );\n          if (!isVulnerable) {\n            continue;\n          }\n\n          logger.debug(\n            `Vulnerability ${osvVulnerability.id} affects ${packageName} ${depVersion}`,\n          );\n          const fixedVersion = this.getFixedVersion(\n            ecosystem,\n            depVersion,\n            affected,\n            versioningApi,\n          );\n\n          vulnerabilities.push({\n            packageName,\n            vulnerability: osvVulnerability,\n            affected,\n            depVersion,\n            fixedVersion,\n            datasource: dep.datasource!,\n            packageFileConfig,\n          });\n        }\n      }\n\n      return { vulnerabilities, versioningApi };\n    } catch (err) {\n      logger.warn(\n        { err, packageName },\n        'Error fetching vulnerability information for package',\n      );\n      return null;\n    }\n  }\n\n  private sortByFixedVersion(\n    packageRules: PackageRule[],\n    versioningApi: VersioningApi,\n  ): void {\n    const versionsCleaned: Record<string, string> = {};\n    for (const rule of packageRules) {\n      const version = rule.allowedVersions as string;\n      versionsCleaned[version] = version.replace(regEx(/[(),=> ]+/g), '');\n    }\n    packageRules.sort((a, b) =>\n      versioningApi.sortVersions(\n        versionsCleaned[a.allowedVersions as string],\n        versionsCleaned[b.allowedVersions as string],\n      ),\n    );\n  }\n\n  // https://ossf.github.io/osv-schema/#affectedrangesevents-fields\n  private sortEvents(\n    events: Osv.Event[],\n    versioningApi: VersioningApi,\n  ): Osv.Event[] {\n    const sortedCopy: Osv.Event[] = [];\n    let zeroEvent: Osv.Event | null = null;\n\n    for (const event of events) {\n      if (event.introduced === '0') {\n        zeroEvent = event;\n      } else if (versioningApi.isVersion(Object.values(event)[0])) {\n        sortedCopy.push(event);\n      } else {\n        logger.debug({ event }, 'Skipping OSV event with invalid version');\n      }\n    }\n\n    sortedCopy.sort((a, b) =>\n      // no pre-processing, as there are only very few values to sort\n      versioningApi.sortVersions(Object.values(a)[0], Object.values(b)[0]),\n    );\n\n    if (zeroEvent) {\n      sortedCopy.unshift(zeroEvent);\n    }\n\n    return sortedCopy;\n  }\n\n  private isPackageAffected(\n    ecosystem: Ecosystem,\n    packageName: string,\n    affected: Osv.Affected,\n  ): boolean {\n    return (\n      affected.package?.name === packageName &&\n      affected.package?.ecosystem === ecosystem\n    );\n  }\n\n  private includedInVersions(\n    depVersion: string,\n    affected: Osv.Affected,\n  ): boolean {\n    return !!affected.versions?.includes(depVersion);\n  }\n\n  private includedInRanges(\n    depVersion: string,\n    affected: Osv.Affected,\n    versioningApi: VersioningApi,\n  ): boolean {\n    for (const range of affected.ranges ?? []) {\n      if (range.type === 'GIT') {\n        continue;\n      }\n\n      let vulnerable = false;\n      for (const event of this.sortEvents(range.events, versioningApi)) {\n        if (\n          is.nonEmptyString(event.introduced) &&\n          (event.introduced === '0' ||\n            this.isVersionGtOrEq(depVersion, event.introduced, versioningApi))\n        ) {\n          vulnerable = true;\n        } else if (\n          is.nonEmptyString(event.fixed) &&\n          this.isVersionGtOrEq(depVersion, event.fixed, versioningApi)\n        ) {\n          vulnerable = false;\n        } else if (\n          is.nonEmptyString(event.last_affected) &&\n          this.isVersionGt(depVersion, event.last_affected, versioningApi)\n        ) {\n          vulnerable = false;\n        }\n      }\n\n      if (vulnerable) {\n        return true;\n      }\n    }\n\n    return false;\n  }\n\n  // https://ossf.github.io/osv-schema/#evaluation\n  private isPackageVulnerable(\n    ecosystem: Ecosystem,\n    packageName: string,\n    depVersion: string,\n    affected: Osv.Affected,\n    versioningApi: VersioningApi,\n  ): boolean {\n    return (\n      this.isPackageAffected(ecosystem, packageName, affected) &&\n      (this.includedInVersions(depVersion, affected) ||\n        this.includedInRanges(depVersion, affected, versioningApi))\n    );\n  }\n\n  private getFixedVersion(\n    ecosystem: Ecosystem,\n    depVersion: string,\n    affected: Osv.Affected,\n    versioningApi: VersioningApi,\n  ): string | null {\n    const fixedVersions: string[] = [];\n    const lastAffectedVersions: string[] = [];\n\n    for (const range of affected.ranges ?? []) {\n      if (range.type === 'GIT') {\n        continue;\n      }\n\n      for (const event of range.events) {\n        if (\n          is.nonEmptyString(event.fixed) &&\n          versioningApi.isVersion(event.fixed)\n        ) {\n          fixedVersions.push(event.fixed);\n        } else if (\n          is.nonEmptyString(event.last_affected) &&\n          versioningApi.isVersion(event.last_affected)\n        ) {\n          lastAffectedVersions.push(event.last_affected);\n        }\n      }\n    }\n\n    fixedVersions.sort((a, b) => versioningApi.sortVersions(a, b));\n    const fixedVersion = fixedVersions.find((version) =>\n      this.isVersionGt(version, depVersion, versioningApi),\n    );\n    if (fixedVersion) {\n      return this.getFixedVersionByEcosystem(fixedVersion, ecosystem);\n    }\n\n    lastAffectedVersions.sort((a, b) => versioningApi.sortVersions(a, b));\n    const lastAffected = lastAffectedVersions.find((version) =>\n      this.isVersionGtOrEq(version, depVersion, versioningApi),\n    );\n    if (lastAffected) {\n      return this.getLastAffectedByEcosystem(lastAffected, ecosystem);\n    }\n\n    return null;\n  }\n\n  private getFixedVersionByEcosystem(\n    fixedVersion: string,\n    ecosystem: Ecosystem,\n  ): string {\n    if (ecosystem === 'Maven' || ecosystem === 'NuGet') {\n      return `[${fixedVersion},)`;\n    }\n\n    // crates.io, Go, Hex, npm, RubyGems, PyPI\n    return `>= ${fixedVersion}`;\n  }\n\n  private getLastAffectedByEcosystem(\n    lastAffected: string,\n    ecosystem: Ecosystem,\n  ): string {\n    if (ecosystem === 'Maven') {\n      return `(${lastAffected},)`;\n    }\n\n    // crates.io, Go, Hex, npm, RubyGems, PyPI\n    return `> ${lastAffected}`;\n  }\n\n  private isVersionGt(\n    version: string,\n    other: string,\n    versioningApi: VersioningApi,\n  ): boolean {\n    return (\n      versioningApi.isVersion(version) &&\n      versioningApi.isVersion(other) &&\n      versioningApi.isGreaterThan(version, other)\n    );\n  }\n\n  private isVersionGtOrEq(\n    version: string,\n    other: string,\n    versioningApi: VersioningApi,\n  ): boolean {\n    return (\n      versioningApi.isVersion(version) &&\n      versioningApi.isVersion(other) &&\n      (versioningApi.equals(version, other) ||\n        versioningApi.isGreaterThan(version, other))\n    );\n  }\n\n  private vulnerabilityToPackageRules(vul: Vulnerability): PackageRule | null {\n    const {\n      vulnerability,\n      affected,\n      packageName,\n      depVersion,\n      fixedVersion,\n      datasource,\n      packageFileConfig,\n    } = vul;\n    if (is.nullOrUndefined(fixedVersion)) {\n      logger.debug(\n        `No fixed version available for vulnerability ${vulnerability.id} in ${packageName} ${depVersion}`,\n      );\n      return null;\n    }\n\n    logger.debug(\n      `Setting allowed version ${fixedVersion} to fix vulnerability ${vulnerability.id} in ${packageName} ${depVersion}`,\n    );\n\n    const severityDetails = this.extractSeverityDetails(\n      vulnerability,\n      affected,\n    );\n\n    return {\n      matchDatasources: [datasource],\n      matchPackageNames: [packageName],\n      matchCurrentVersion: depVersion,\n      allowedVersions: fixedVersion,\n      isVulnerabilityAlert: true,\n      vulnerabilitySeverity: severityDetails.severityLevel,\n      prBodyNotes: this.generatePrBodyNotes(vulnerability, affected),\n      force: {\n        ...packageFileConfig.vulnerabilityAlerts,\n      },\n    };\n  }\n\n  static evaluateCvssVector(vector: string): [string, string] {\n    const CvssJsonSchema = z.object({\n      baseScore: z.number().default(0.0),\n      baseSeverity: z.string().toUpperCase().default('UNKNOWN'),\n    });\n\n    try {\n      const parsedCvssScore: CvssVector<any> | null = fromVector(vector);\n      const res = CvssJsonSchema.parse(parsedCvssScore?.createJsonSchema());\n\n      return [res.baseScore.toFixed(1), res.baseSeverity];\n    } catch {\n      logger.debug(`Error processing CVSS vector ${vector}`);\n    }\n\n    return ['', ''];\n  }\n\n  private generatePrBodyNotes(\n    vulnerability: Osv.Vulnerability,\n    affected: Osv.Affected,\n  ): string[] {\n    let aliases = [vulnerability.id].concat(vulnerability.aliases ?? []).sort();\n    aliases = aliases.map((id) => {\n      if (id.startsWith('CVE-')) {\n        return `[${id}](https://nvd.nist.gov/vuln/detail/${id})`;\n      } else if (id.startsWith('GHSA-')) {\n        return `[${id}](https://github.com/advisories/${id})`;\n      } else if (id.startsWith('GO-')) {\n        return `[${id}](https://pkg.go.dev/vuln/${id})`;\n      } else if (id.startsWith('RUSTSEC-')) {\n        return `[${id}](https://rustsec.org/advisories/${id}.html)`;\n      }\n\n      return id;\n    });\n\n    let content = '\\n\\n---\\n\\n### ';\n    content += vulnerability.summary ? `${vulnerability.summary}\\n` : '';\n    content += `${aliases.join(' / ')}\\n`;\n    content += `\\n<details>\\n<summary>More information</summary>\\n`;\n\n    const details = vulnerability.details?.replace(\n      regEx(/^#{1,4} /gm),\n      '##### ',\n    );\n    content += `#### Details\\n${details ?? 'No details.'}\\n`;\n\n    content += '#### Severity\\n';\n    const severityDetails = this.extractSeverityDetails(\n      vulnerability,\n      affected,\n    );\n\n    if (severityDetails.cvssVector) {\n      content += `- CVSS Score: ${severityDetails.score}\\n`;\n      content += `- Vector String: \\`${severityDetails.cvssVector}\\`\\n`;\n    } else {\n      content += `${titleCase(severityDetails.severityLevel)}\\n`;\n    }\n\n    content += `\\n#### References\\n${\n      vulnerability.references\n        ?.map((ref) => {\n          return `- [${ref.url}](${ref.url})`;\n        })\n        .join('\\n') ?? 'No references.'\n    }`;\n\n    let attribution = '';\n    if (vulnerability.id.startsWith('GHSA-')) {\n      attribution = ` and the [GitHub Advisory Database](https://github.com/github/advisory-database) ([CC-BY 4.0](https://github.com/github/advisory-database/blob/main/LICENSE.md))`;\n    } else if (vulnerability.id.startsWith('GO-')) {\n      attribution = ` and the [Go Vulnerability Database](https://github.com/golang/vulndb) ([CC-BY 4.0](https://github.com/golang/vulndb#license))`;\n    } else if (vulnerability.id.startsWith('PYSEC-')) {\n      attribution = ` and the [PyPI Advisory Database](https://github.com/pypa/advisory-database) ([CC-BY 4.0](https://github.com/pypa/advisory-database/blob/main/LICENSE))`;\n    } else if (vulnerability.id.startsWith('RUSTSEC-')) {\n      attribution = ` and the [Rust Advisory Database](https://github.com/RustSec/advisory-db) ([CC0 1.0](https://github.com/rustsec/advisory-db/blob/main/LICENSE.txt))`;\n    }\n    content += `\\n\\nThis data is provided by [OSV](https://osv.dev/vulnerability/${vulnerability.id})${attribution}.\\n`;\n    content += `</details>`;\n\n    return [sanitizeMarkdown(content)];\n  }\n\n  private extractSeverityDetails(\n    vulnerability: Osv.Vulnerability,\n    affected: Osv.Affected,\n  ): SeverityDetails {\n    let severityLevel = 'UNKNOWN';\n    let score = 'Unknown';\n\n    const cvssVector =\n      vulnerability.severity?.find((e) => e.type === 'CVSS_V4')?.score ??\n      vulnerability.severity?.find((e) => e.type === 'CVSS_V3')?.score ??\n      (affected.database_specific?.cvss as string); // RUSTSEC\n\n    if (cvssVector) {\n      const [baseScore, severity] =\n        Vulnerabilities.evaluateCvssVector(cvssVector);\n      severityLevel = severity ? severity.toUpperCase() : 'UNKNOWN';\n      score = baseScore\n        ? `${baseScore} / 10 (${titleCase(severityLevel)})`\n        : 'Unknown';\n    } else if (\n      vulnerability.id.startsWith('GHSA-') &&\n      vulnerability.database_specific?.severity\n    ) {\n      const severity = vulnerability.database_specific.severity as string;\n      severityLevel = severity.toUpperCase();\n    }\n\n    return {\n      cvssVector,\n      score,\n      severityLevel,\n    };\n  }\n}\n"]}
+{"version":3,"file":"vulnerabilities.js","sourceRoot":"","sources":["../../../../lib/workers/repository/process/vulnerabilities.ts"],"names":[],"mappings":";;;;AAEA,0DAAsD;AACtD,yCAK0B;AAE1B,2DAAgD;AAChD,6BAAwB;AACxB,4CAAqE;AAErE,4CAAyC;AACzC,+DAA0E;AAM1E,4DAAmE;AACnE,qDAA0D;AAC1D,kEAA4C;AAC5C,+CAA4C;AAC5C,iDAAiD;AAOjD,MAAa,eAAe;IAClB,UAAU,CAAyB;IAEnC,MAAM,CAAU,sBAAsB,GAG1C;QACF,KAAK,EAAE,WAAW;QAClB,EAAE,EAAE,IAAI;QACR,OAAO,EAAE,SAAS;QAClB,GAAG,EAAE,KAAK;QACV,KAAK,EAAE,OAAO;QACd,GAAG,EAAE,KAAK;QACV,KAAK,EAAE,OAAO;QACd,SAAS,EAAE,WAAW;QACtB,IAAI,EAAE,MAAM;QACZ,QAAQ,EAAE,UAAU;KACrB,CAAC;IAEF;QACE,sBAAsB;IACxB,CAAC;IAEO,KAAK,CAAC,UAAU;QACtB,IAAI,CAAC,UAAU,GAAG,MAAM,wBAAU,CAAC,MAAM,EAAE,CAAC;IAC9C,CAAC;IAED,MAAM,CAAC,KAAK,CAAC,MAAM;QACjB,MAAM,QAAQ,GAAG,IAAI,eAAe,EAAE,CAAC;QACvC,MAAM,QAAQ,CAAC,UAAU,EAAE,CAAC;QAC5B,OAAO,QAAQ,CAAC;IAClB,CAAC;IAED,KAAK,CAAC,+BAA+B,CACnC,MAAsB,EACtB,YAA2C;QAE3C,MAAM,yBAAyB,GAAG,MAAM,IAAI,CAAC,8BAA8B,CACzE,MAAM,EACN,YAAY,CACb,CAAC;QAEF,MAAM,CAAC,YAAY,KAAK,EAAE,CAAC;QAC3B,KAAK,MAAM,EACT,eAAe,EACf,aAAa,GACd,IAAI,yBAAyB,EAAE,CAAC;YAC/B,MAAM,iBAAiB,GAAkB,EAAE,CAAC;YAC5C,KAAK,MAAM,aAAa,IAAI,eAAe,EAAE,CAAC;gBAC5C,MAAM,IAAI,GAAG,IAAI,CAAC,2BAA2B,CAAC,aAAa,CAAC,CAAC;gBAC7D,IAAI,IAAA,sBAAiB,EAAC,IAAI,CAAC,EAAE,CAAC;oBAC5B,SAAS;gBACX,CAAC;gBACD,iBAAiB,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YAC/B,CAAC;YACD,IAAI,CAAC,kBAAkB,CAAC,iBAAiB,EAAE,aAAa,CAAC,CAAC;YAE1D,MAAM,CAAC,YAAY,CAAC,IAAI,CAAC,GAAG,iBAAiB,CAAC,CAAC;QACjD,CAAC;IACH,CAAC;IAED,KAAK,CAAC,oBAAoB,CACxB,MAAsB,EACtB,YAA2C;QAE3C,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,8BAA8B,CACtD,MAAM,EACN,YAAY,CACb,CAAC;QACF,OAAO,MAAM,CAAC,OAAO,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,eAAe,CAAC,CAAC;IAC1D,CAAC;IAEO,KAAK,CAAC,8BAA8B,CAC1C,MAAsB,EACtB,YAA2C;QAE3C,MAAM,QAAQ,GAAG,MAAM,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC;QAC3C,MAAM,cAAc,GAAG,QAAQ,CAAC,GAAG,CAAC,CAAC,OAAO,EAAE,EAAE,CAC9C,IAAI,CAAC,2BAA2B,CAAC,MAAM,EAAE,YAAY,EAAE,OAAO,CAAC,CAChE,CAAC;QACF,OAAO,CAAC,MAAM,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;IACpD,CAAC;IAEO,KAAK,CAAC,2BAA2B,CACvC,MAAsB,EACtB,YAA2C,EAC3C,OAAe;QAEf,MAAM,aAAa,GAAG,IAAA,yBAAgB,EAAC,MAAM,EAAE,OAAO,CAAC,CAAC;QACxD,MAAM,KAAK,GAAG,YAAY,CAAC,OAAO,CAAC,CAAC,GAAG,CACrC,CAAC,KAAK,EAAE,EAAE,CAAC,GAAyC,EAAE,CACpD,IAAI,CAAC,sCAAsC,CAAC,aAAa,EAAE,KAAK,CAAC,CACpE,CAAC;QACF,eAAM,CAAC,KAAK,CACV,EAAE,OAAO,EAAE,WAAW,EAAE,KAAK,CAAC,MAAM,EAAE,EACtC,sCAAsC,CACvC,CAAC;QACF,MAAM,MAAM,GAAG,CAAC,MAAM,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;QAC3C,eAAM,CAAC,KAAK,CAAC,EAAE,OAAO,EAAE,EAAE,sCAAsC,CAAC,CAAC;QAClE,OAAO,MAAM,CAAC;IAChB,CAAC;IAEO,KAAK,CAAC,sCAAsC,CAClD,aAA6B,EAC7B,KAAkB;QAElB,MAAM,EAAE,WAAW,EAAE,GAAG,KAAK,CAAC;QAC9B,MAAM,iBAAiB,GAAG,IAAA,yBAAgB,EAAC,aAAa,EAAE,KAAK,CAAC,CAAC;QACjE,MAAM,EAAE,OAAO,EAAE,GAAG,iBAAiB,CAAC;QACtC,MAAM,KAAK,GAAG,KAAK,CAAC,IAAI,CAAC,GAAG,CAC1B,CAAC,GAAG,EAAE,EAAE,CAAC,GAA8C,EAAE,CACvD,IAAI,CAAC,4BAA4B,CAAC,iBAAiB,EAAE,GAAG,CAAC,CAC5D,CAAC;QACF,eAAM,CAAC,KAAK,CACV,EAAE,OAAO,EAAE,WAAW,EAAE,WAAW,EAAE,KAAK,CAAC,MAAM,EAAE,EACnD,kEAAkE,CACnE,CAAC;QAEF,MAAM,MAAM,GAAG,MAAM,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;QAClC,eAAM,CAAC,KAAK,CACV,EAAE,WAAW,EAAE,EACf,iDAAiD,CAClD,CAAC;QAEF,OAAO,MAAM,CAAC,MAAM,CAAC,aAAQ,CAAC,CAAC;IACjC,CAAC;IAEO,KAAK,CAAC,4BAA4B,CACxC,iBAA+C,EAC/C,GAAsB;QAEtB,MAAM,SAAS,GAAG,eAAe,CAAC,sBAAsB,CAAC,GAAG,CAAC,UAAW,CAAC,CAAC;QAC1E,IAAI,CAAC,SAAS,EAAE,CAAC;YACf,eAAM,CAAC,KAAK,CAAC,yBAAyB,GAAG,CAAC,UAAW,mBAAmB,CAAC,CAAC;YAC1E,OAAO,IAAI,CAAC;QACd,CAAC;QAED,IAAI,WAAW,GAAG,GAAG,CAAC,WAAW,IAAI,GAAG,CAAC,OAAQ,CAAC;QAClD,IAAI,SAAS,KAAK,MAAM,EAAE,CAAC;YACzB,qDAAqD;YACrD,WAAW,GAAG,WAAW,CAAC,WAAW,EAAE,CAAC,OAAO,CAAC,IAAA,aAAK,EAAC,SAAS,CAAC,EAAE,GAAG,CAAC,CAAC;QACzE,CAAC;QAED,IAAI,CAAC;YACH,MAAM,kBAAkB,GAAG,MAAM,IAAI,CAAC,UAAU,EAAE,kBAAkB,CAClE,SAAS,EACT,WAAW,CACZ,CAAC;YACF,IACE,IAAA,sBAAiB,EAAC,kBAAkB,CAAC;gBACrC,IAAA,iBAAY,EAAC,kBAAkB,CAAC,EAChC,CAAC;gBACD,eAAM,CAAC,KAAK,CACV,gDAAgD,WAAW,EAAE,CAC9D,CAAC;gBACF,OAAO,IAAI,CAAC;YACd,CAAC;YAED,MAAM,UAAU,GACd,GAAG,CAAC,aAAa,IAAI,GAAG,CAAC,cAAc,IAAI,GAAG,CAAC,YAAa,CAAC;YAE/D,MAAM,UAAU,GAAG,GAAG,CAAC,UAAU,IAAI,IAAA,6BAAoB,EAAC,GAAG,CAAC,UAAU,CAAC,CAAC;YAC1E,MAAM,aAAa,GAAG,IAAA,gBAAa,EAAC,UAAU,CAAC,CAAC;YAEhD,IAAI,CAAC,aAAa,CAAC,SAAS,CAAC,UAAU,CAAC,EAAE,CAAC;gBACzC,eAAM,CAAC,KAAK,CACV,6CAA6C,WAAW,+BAA+B,UAAU,EAAE,CACpG,CAAC;gBACF,OAAO,IAAI,CAAC;YACd,CAAC;YAED,MAAM,eAAe,GAAoB,EAAE,CAAC;YAC5C,KAAK,MAAM,gBAAgB,IAAI,kBAAkB,EAAE,CAAC;gBAClD,IAAI,gBAAgB,CAAC,SAAS,EAAE,CAAC;oBAC/B,eAAM,CAAC,KAAK,CACV,oCAAoC,gBAAgB,CAAC,EAAE,EAAE,CAC1D,CAAC;oBACF,SAAS;gBACX,CAAC;gBAED,KAAK,MAAM,QAAQ,IAAI,gBAAgB,CAAC,QAAQ,IAAI,EAAE,EAAE,CAAC;oBACvD,MAAM,YAAY,GAAG,IAAI,CAAC,mBAAmB,CAC3C,SAAS,EACT,WAAW,EACX,UAAU,EACV,QAAQ,EACR,aAAa,CACd,CAAC;oBACF,IAAI,CAAC,YAAY,EAAE,CAAC;wBAClB,SAAS;oBACX,CAAC;oBAED,eAAM,CAAC,KAAK,CACV,iBAAiB,gBAAgB,CAAC,EAAE,YAAY,WAAW,IAAI,UAAU,EAAE,CAC5E,CAAC;oBACF,MAAM,YAAY,GAAG,IAAI,CAAC,eAAe,CACvC,SAAS,EACT,UAAU,EACV,QAAQ,EACR,aAAa,CACd,CAAC;oBAEF,eAAe,CAAC,IAAI,CAAC;wBACnB,WAAW;wBACX,aAAa,EAAE,gBAAgB;wBAC/B,QAAQ;wBACR,UAAU;wBACV,YAAY;wBACZ,UAAU,EAAE,GAAG,CAAC,UAAW;wBAC3B,iBAAiB;qBAClB,CAAC,CAAC;gBACL,CAAC;YACH,CAAC;YAED,OAAO,EAAE,eAAe,EAAE,aAAa,EAAE,CAAC;QAC5C,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,eAAM,CAAC,IAAI,CACT,EAAE,GAAG,EAAE,WAAW,EAAE,EACpB,sDAAsD,CACvD,CAAC;YACF,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IAEO,kBAAkB,CACxB,YAA2B,EAC3B,aAA4B;QAE5B,MAAM,eAAe,GAA2B,EAAE,CAAC;QACnD,KAAK,MAAM,IAAI,IAAI,YAAY,EAAE,CAAC;YAChC,MAAM,OAAO,GAAG,IAAI,CAAC,eAAyB,CAAC;YAC/C,eAAe,CAAC,OAAO,CAAC,GAAG,OAAO,CAAC,OAAO,CAAC,IAAA,aAAK,EAAC,YAAY,CAAC,EAAE,EAAE,CAAC,CAAC;QACtE,CAAC;QACD,YAAY,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CACzB,aAAa,CAAC,YAAY,CACxB,eAAe,CAAC,CAAC,CAAC,eAAyB,CAAC,EAC5C,eAAe,CAAC,CAAC,CAAC,eAAyB,CAAC,CAC7C,CACF,CAAC;IACJ,CAAC;IAED,iEAAiE;IACzD,UAAU,CAChB,MAAmB,EACnB,aAA4B;QAE5B,MAAM,UAAU,GAAgB,EAAE,CAAC;QACnC,IAAI,SAAS,GAAqB,IAAI,CAAC;QAEvC,KAAK,MAAM,KAAK,IAAI,MAAM,EAAE,CAAC;YAC3B,IAAI,KAAK,CAAC,UAAU,KAAK,GAAG,EAAE,CAAC;gBAC7B,SAAS,GAAG,KAAK,CAAC;YACpB,CAAC;iBAAM,IAAI,aAAa,CAAC,SAAS,CAAC,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;gBAC5D,UAAU,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;YACzB,CAAC;iBAAM,CAAC;gBACN,eAAM,CAAC,KAAK,CAAC,EAAE,KAAK,EAAE,EAAE,yCAAyC,CAAC,CAAC;YACrE,CAAC;QACH,CAAC;QAED,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE;QACvB,+DAA+D;QAC/D,aAAa,CAAC,YAAY,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CACrE,CAAC;QAEF,IAAI,SAAS,EAAE,CAAC;YACd,UAAU,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;QAChC,CAAC;QAED,OAAO,UAAU,CAAC;IACpB,CAAC;IAEO,iBAAiB,CACvB,SAAoB,EACpB,WAAmB,EACnB,QAAsB;QAEtB,OAAO,CACL,QAAQ,CAAC,OAAO,EAAE,IAAI,KAAK,WAAW;YACtC,QAAQ,CAAC,OAAO,EAAE,SAAS,KAAK,SAAS,CAC1C,CAAC;IACJ,CAAC;IAEO,kBAAkB,CACxB,UAAkB,EAClB,QAAsB;QAEtB,OAAO,CAAC,CAAC,QAAQ,CAAC,QAAQ,EAAE,QAAQ,CAAC,UAAU,CAAC,CAAC;IACnD,CAAC;IAEO,gBAAgB,CACtB,UAAkB,EAClB,QAAsB,EACtB,aAA4B;QAE5B,KAAK,MAAM,KAAK,IAAI,QAAQ,CAAC,MAAM,IAAI,EAAE,EAAE,CAAC;YAC1C,IAAI,KAAK,CAAC,IAAI,KAAK,KAAK,EAAE,CAAC;gBACzB,SAAS;YACX,CAAC;YAED,IAAI,UAAU,GAAG,KAAK,CAAC;YACvB,KAAK,MAAM,KAAK,IAAI,IAAI,CAAC,UAAU,CAAC,KAAK,CAAC,MAAM,EAAE,aAAa,CAAC,EAAE,CAAC;gBACjE,IACE,IAAA,qBAAgB,EAAC,KAAK,CAAC,UAAU,CAAC;oBAClC,CAAC,KAAK,CAAC,UAAU,KAAK,GAAG;wBACvB,IAAI,CAAC,eAAe,CAAC,UAAU,EAAE,KAAK,CAAC,UAAU,EAAE,aAAa,CAAC,CAAC,EACpE,CAAC;oBACD,UAAU,GAAG,IAAI,CAAC;gBACpB,CAAC;qBAAM,IACL,IAAA,qBAAgB,EAAC,KAAK,CAAC,KAAK,CAAC;oBAC7B,IAAI,CAAC,eAAe,CAAC,UAAU,EAAE,KAAK,CAAC,KAAK,EAAE,aAAa,CAAC,EAC5D,CAAC;oBACD,UAAU,GAAG,KAAK,CAAC;gBACrB,CAAC;qBAAM,IACL,IAAA,qBAAgB,EAAC,KAAK,CAAC,aAAa,CAAC;oBACrC,IAAI,CAAC,WAAW,CAAC,UAAU,EAAE,KAAK,CAAC,aAAa,EAAE,aAAa,CAAC,EAChE,CAAC;oBACD,UAAU,GAAG,KAAK,CAAC;gBACrB,CAAC;YACH,CAAC;YAED,IAAI,UAAU,EAAE,CAAC;gBACf,OAAO,IAAI,CAAC;YACd,CAAC;QACH,CAAC;QAED,OAAO,KAAK,CAAC;IACf,CAAC;IAED,gDAAgD;IACxC,mBAAmB,CACzB,SAAoB,EACpB,WAAmB,EACnB,UAAkB,EAClB,QAAsB,EACtB,aAA4B;QAE5B,OAAO,CACL,IAAI,CAAC,iBAAiB,CAAC,SAAS,EAAE,WAAW,EAAE,QAAQ,CAAC;YACxD,CAAC,IAAI,CAAC,kBAAkB,CAAC,UAAU,EAAE,QAAQ,CAAC;gBAC5C,IAAI,CAAC,gBAAgB,CAAC,UAAU,EAAE,QAAQ,EAAE,aAAa,CAAC,CAAC,CAC9D,CAAC;IACJ,CAAC;IAEO,eAAe,CACrB,SAAoB,EACpB,UAAkB,EAClB,QAAsB,EACtB,aAA4B;QAE5B,MAAM,aAAa,GAAa,EAAE,CAAC;QACnC,MAAM,oBAAoB,GAAa,EAAE,CAAC;QAE1C,KAAK,MAAM,KAAK,IAAI,QAAQ,CAAC,MAAM,IAAI,EAAE,EAAE,CAAC;YAC1C,IAAI,KAAK,CAAC,IAAI,KAAK,KAAK,EAAE,CAAC;gBACzB,SAAS;YACX,CAAC;YAED,KAAK,MAAM,KAAK,IAAI,KAAK,CAAC,MAAM,EAAE,CAAC;gBACjC,IACE,IAAA,qBAAgB,EAAC,KAAK,CAAC,KAAK,CAAC;oBAC7B,aAAa,CAAC,SAAS,CAAC,KAAK,CAAC,KAAK,CAAC,EACpC,CAAC;oBACD,aAAa,CAAC,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;gBAClC,CAAC;qBAAM,IACL,IAAA,qBAAgB,EAAC,KAAK,CAAC,aAAa,CAAC;oBACrC,aAAa,CAAC,SAAS,CAAC,KAAK,CAAC,aAAa,CAAC,EAC5C,CAAC;oBACD,oBAAoB,CAAC,IAAI,CAAC,KAAK,CAAC,aAAa,CAAC,CAAC;gBACjD,CAAC;YACH,CAAC;QACH,CAAC;QAED,aAAa,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,aAAa,CAAC,YAAY,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;QAC/D,MAAM,YAAY,GAAG,aAAa,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,EAAE,CAClD,IAAI,CAAC,WAAW,CAAC,OAAO,EAAE,UAAU,EAAE,aAAa,CAAC,CACrD,CAAC;QACF,IAAI,YAAY,EAAE,CAAC;YACjB,OAAO,IAAI,CAAC,0BAA0B,CAAC,YAAY,EAAE,SAAS,CAAC,CAAC;QAClE,CAAC;QAED,oBAAoB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,aAAa,CAAC,YAAY,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;QACtE,MAAM,YAAY,GAAG,oBAAoB,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,EAAE,CACzD,IAAI,CAAC,eAAe,CAAC,OAAO,EAAE,UAAU,EAAE,aAAa,CAAC,CACzD,CAAC;QACF,IAAI,YAAY,EAAE,CAAC;YACjB,OAAO,IAAI,CAAC,0BAA0B,CAAC,YAAY,EAAE,SAAS,CAAC,CAAC;QAClE,CAAC;QAED,OAAO,IAAI,CAAC;IACd,CAAC;IAEO,0BAA0B,CAChC,YAAoB,EACpB,SAAoB;QAEpB,IAAI,SAAS,KAAK,OAAO,IAAI,SAAS,KAAK,OAAO,EAAE,CAAC;YACnD,OAAO,IAAI,YAAY,IAAI,CAAC;QAC9B,CAAC;QAED,0CAA0C;QAC1C,OAAO,MAAM,YAAY,EAAE,CAAC;IAC9B,CAAC;IAEO,0BAA0B,CAChC,YAAoB,EACpB,SAAoB;QAEpB,IAAI,SAAS,KAAK,OAAO,EAAE,CAAC;YAC1B,OAAO,IAAI,YAAY,IAAI,CAAC;QAC9B,CAAC;QAED,0CAA0C;QAC1C,OAAO,KAAK,YAAY,EAAE,CAAC;IAC7B,CAAC;IAEO,WAAW,CACjB,OAAe,EACf,KAAa,EACb,aAA4B;QAE5B,OAAO,CACL,aAAa,CAAC,SAAS,CAAC,OAAO,CAAC;YAChC,aAAa,CAAC,SAAS,CAAC,KAAK,CAAC;YAC9B,aAAa,CAAC,aAAa,CAAC,OAAO,EAAE,KAAK,CAAC,CAC5C,CAAC;IACJ,CAAC;IAEO,eAAe,CACrB,OAAe,EACf,KAAa,EACb,aAA4B;QAE5B,OAAO,CACL,aAAa,CAAC,SAAS,CAAC,OAAO,CAAC;YAChC,aAAa,CAAC,SAAS,CAAC,KAAK,CAAC;YAC9B,CAAC,aAAa,CAAC,MAAM,CAAC,OAAO,EAAE,KAAK,CAAC;gBACnC,aAAa,CAAC,aAAa,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC,CAC/C,CAAC;IACJ,CAAC;IAEO,2BAA2B,CAAC,GAAkB;QACpD,MAAM,EACJ,aAAa,EACb,QAAQ,EACR,WAAW,EACX,UAAU,EACV,YAAY,EACZ,UAAU,EACV,iBAAiB,GAClB,GAAG,GAAG,CAAC;QACR,IAAI,IAAA,sBAAiB,EAAC,YAAY,CAAC,EAAE,CAAC;YACpC,eAAM,CAAC,KAAK,CACV,gDAAgD,aAAa,CAAC,EAAE,OAAO,WAAW,IAAI,UAAU,EAAE,CACnG,CAAC;YACF,OAAO,IAAI,CAAC;QACd,CAAC;QAED,eAAM,CAAC,KAAK,CACV,2BAA2B,YAAY,yBAAyB,aAAa,CAAC,EAAE,OAAO,WAAW,IAAI,UAAU,EAAE,CACnH,CAAC;QAEF,MAAM,eAAe,GAAG,IAAI,CAAC,sBAAsB,CACjD,aAAa,EACb,QAAQ,CACT,CAAC;QAEF,OAAO;YACL,gBAAgB,EAAE,CAAC,UAAU,CAAC;YAC9B,iBAAiB,EAAE,CAAC,WAAW,CAAC;YAChC,mBAAmB,EAAE,UAAU;YAC/B,eAAe,EAAE,YAAY;YAC7B,oBAAoB,EAAE,IAAI;YAC1B,qBAAqB,EAAE,eAAe,CAAC,aAAa;YACpD,WAAW,EAAE,IAAI,CAAC,mBAAmB,CAAC,aAAa,EAAE,QAAQ,CAAC;YAC9D,KAAK,EAAE;gBACL,GAAG,iBAAiB,CAAC,mBAAmB;aACzC;SACF,CAAC;IACJ,CAAC;IAED,MAAM,CAAC,kBAAkB,CAAC,MAAc;QACtC,MAAM,cAAc,GAAG,OAAC,CAAC,MAAM,CAAC;YAC9B,SAAS,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC;YAClC,YAAY,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,WAAW,EAAE,CAAC,OAAO,CAAC,SAAS,CAAC;SAC1D,CAAC,CAAC;QAEH,IAAI,CAAC;YACH,MAAM,eAAe,GAA2B,IAAA,+BAAU,EAAC,MAAM,CAAC,CAAC;YACnE,MAAM,GAAG,GAAG,cAAc,CAAC,KAAK,CAAC,eAAe,EAAE,gBAAgB,EAAE,CAAC,CAAC;YAEtE,OAAO,CAAC,GAAG,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,GAAG,CAAC,YAAY,CAAC,CAAC;QACtD,CAAC;QAAC,MAAM,CAAC;YACP,eAAM,CAAC,KAAK,CAAC,gCAAgC,MAAM,EAAE,CAAC,CAAC;QACzD,CAAC;QAED,OAAO,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;IAClB,CAAC;IAEO,mBAAmB,CACzB,aAAgC,EAChC,QAAsB;QAEtB,IAAI,OAAO,GAAG,CAAC,aAAa,CAAC,EAAE,CAAC,CAAC,MAAM,CAAC,aAAa,CAAC,OAAO,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC;QAC5E,OAAO,GAAG,OAAO,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,EAAE;YAC3B,IAAI,EAAE,CAAC,UAAU,CAAC,MAAM,CAAC,EAAE,CAAC;gBAC1B,OAAO,IAAI,EAAE,sCAAsC,EAAE,GAAG,CAAC;YAC3D,CAAC;iBAAM,IAAI,EAAE,CAAC,UAAU,CAAC,OAAO,CAAC,EAAE,CAAC;gBAClC,OAAO,IAAI,EAAE,mCAAmC,EAAE,GAAG,CAAC;YACxD,CAAC;iBAAM,IAAI,EAAE,CAAC,UAAU,CAAC,KAAK,CAAC,EAAE,CAAC;gBAChC,OAAO,IAAI,EAAE,6BAA6B,EAAE,GAAG,CAAC;YAClD,CAAC;iBAAM,IAAI,EAAE,CAAC,UAAU,CAAC,UAAU,CAAC,EAAE,CAAC;gBACrC,OAAO,IAAI,EAAE,oCAAoC,EAAE,QAAQ,CAAC;YAC9D,CAAC;YAED,OAAO,EAAE,CAAC;QACZ,CAAC,CAAC,CAAC;QAEH,IAAI,OAAO,GAAG,iBAAiB,CAAC;QAChC,OAAO,IAAI,aAAa,CAAC,OAAO,CAAC,CAAC,CAAC,GAAG,aAAa,CAAC,OAAO,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC;QACrE,OAAO,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC;QACtC,OAAO,IAAI,oDAAoD,CAAC;QAEhE,MAAM,OAAO,GAAG,aAAa,CAAC,OAAO,EAAE,OAAO,CAC5C,IAAA,aAAK,EAAC,YAAY,CAAC,EACnB,QAAQ,CACT,CAAC;QACF,OAAO,IAAI,iBAAiB,OAAO,IAAI,aAAa,IAAI,CAAC;QAEzD,OAAO,IAAI,iBAAiB,CAAC;QAC7B,MAAM,eAAe,GAAG,IAAI,CAAC,sBAAsB,CACjD,aAAa,EACb,QAAQ,CACT,CAAC;QAEF,IAAI,eAAe,CAAC,UAAU,EAAE,CAAC;YAC/B,OAAO,IAAI,iBAAiB,eAAe,CAAC,KAAK,IAAI,CAAC;YACtD,OAAO,IAAI,sBAAsB,eAAe,CAAC,UAAU,MAAM,CAAC;QACpE,CAAC;aAAM,CAAC;YACN,OAAO,IAAI,GAAG,IAAA,kBAAS,EAAC,eAAe,CAAC,aAAa,CAAC,IAAI,CAAC;QAC7D,CAAC;QAED,OAAO,IAAI,sBACT,aAAa,CAAC,UAAU;YACtB,EAAE,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE;YACZ,OAAO,MAAM,GAAG,CAAC,GAAG,KAAK,GAAG,CAAC,GAAG,GAAG,CAAC;QACtC,CAAC,CAAC;aACD,IAAI,CAAC,IAAI,CAAC,IAAI,gBACnB,EAAE,CAAC;QAEH,IAAI,WAAW,GAAG,EAAE,CAAC;QACrB,IAAI,aAAa,CAAC,EAAE,CAAC,UAAU,CAAC,OAAO,CAAC,EAAE,CAAC;YACzC,WAAW,GAAG,kKAAkK,CAAC;QACnL,CAAC;aAAM,IAAI,aAAa,CAAC,EAAE,CAAC,UAAU,CAAC,KAAK,CAAC,EAAE,CAAC;YAC9C,WAAW,GAAG,gIAAgI,CAAC;QACjJ,CAAC;aAAM,IAAI,aAAa,CAAC,EAAE,CAAC,UAAU,CAAC,QAAQ,CAAC,EAAE,CAAC;YACjD,WAAW,GAAG,yJAAyJ,CAAC;QAC1K,CAAC;aAAM,IAAI,aAAa,CAAC,EAAE,CAAC,UAAU,CAAC,UAAU,CAAC,EAAE,CAAC;YACnD,WAAW,GAAG,qJAAqJ,CAAC;QACtK,CAAC;QACD,OAAO,IAAI,oEAAoE,aAAa,CAAC,EAAE,IAAI,WAAW,KAAK,CAAC;QACpH,OAAO,IAAI,YAAY,CAAC;QAExB,OAAO,CAAC,IAAA,2BAAgB,EAAC,OAAO,CAAC,CAAC,CAAC;IACrC,CAAC;IAEO,sBAAsB,CAC5B,aAAgC,EAChC,QAAsB;QAEtB,IAAI,aAAa,GAAG,SAAS,CAAC;QAC9B,IAAI,KAAK,GAAG,SAAS,CAAC;QAEtB,MAAM,UAAU,GACd,aAAa,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,SAAS,CAAC,EAAE,KAAK;YAChE,aAAa,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,SAAS,CAAC,EAAE,KAAK;YAC/D,QAAQ,CAAC,iBAAiB,EAAE,IAAe,CAAC,CAAC,UAAU;QAE1D,IAAI,UAAU,EAAE,CAAC;YACf,MAAM,CAAC,SAAS,EAAE,QAAQ,CAAC,GACzB,eAAe,CAAC,kBAAkB,CAAC,UAAU,CAAC,CAAC;YACjD,aAAa,GAAG,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC;YAC9D,KAAK,GAAG,SAAS;gBACf,CAAC,CAAC,GAAG,SAAS,UAAU,IAAA,kBAAS,EAAC,aAAa,CAAC,GAAG;gBACnD,CAAC,CAAC,SAAS,CAAC;QAChB,CAAC;aAAM,IACL,aAAa,CAAC,EAAE,CAAC,UAAU,CAAC,OAAO,CAAC;YACpC,aAAa,CAAC,iBAAiB,EAAE,QAAQ,EACzC,CAAC;YACD,MAAM,QAAQ,GAAG,aAAa,CAAC,iBAAiB,CAAC,QAAkB,CAAC;YACpE,aAAa,GAAG,QAAQ,CAAC,WAAW,EAAE,CAAC;QACzC,CAAC;QAED,OAAO;YACL,UAAU;YACV,KAAK;YACL,aAAa;SACd,CAAC;IACJ,CAAC;;AArlBH,0CAslBC","sourcesContent":["// TODO #22198\nimport type { Ecosystem, Osv } from '@renovatebot/osv-offline';\nimport { OsvOffline } from '@renovatebot/osv-offline';\nimport {\n  isEmptyArray,\n  isNonEmptyString,\n  isNullOrUndefined,\n  isTruthy,\n} from '@sindresorhus/is';\nimport type { CvssVector } from 'ae-cvss-calculator';\nimport { fromVector } from 'ae-cvss-calculator';\nimport { z } from 'zod';\nimport { getManagerConfig, mergeChildConfig } from '../../../config';\nimport type { PackageRule, RenovateConfig } from '../../../config/types';\nimport { logger } from '../../../logger';\nimport { getDefaultVersioning } from '../../../modules/datasource/common';\nimport type {\n  PackageDependency,\n  PackageFile,\n} from '../../../modules/manager/types';\nimport type { VersioningApi } from '../../../modules/versioning';\nimport { get as getVersioning } from '../../../modules/versioning';\nimport { sanitizeMarkdown } from '../../../util/markdown';\nimport * as p from '../../../util/promises';\nimport { regEx } from '../../../util/regex';\nimport { titleCase } from '../../../util/string';\nimport type {\n  DependencyVulnerabilities,\n  SeverityDetails,\n  Vulnerability,\n} from './types';\n\nexport class Vulnerabilities {\n  private osvOffline: OsvOffline | undefined;\n\n  private static readonly datasourceEcosystemMap: Record<\n    string,\n    Ecosystem | undefined\n  > = {\n    crate: 'crates.io',\n    go: 'Go',\n    hackage: 'Hackage',\n    hex: 'Hex',\n    maven: 'Maven',\n    npm: 'npm',\n    nuget: 'NuGet',\n    packagist: 'Packagist',\n    pypi: 'PyPI',\n    rubygems: 'RubyGems',\n  };\n\n  private constructor() {\n    // private constructor\n  }\n\n  private async initialize(): Promise<void> {\n    this.osvOffline = await OsvOffline.create();\n  }\n\n  static async create(): Promise<Vulnerabilities> {\n    const instance = new Vulnerabilities();\n    await instance.initialize();\n    return instance;\n  }\n\n  async appendVulnerabilityPackageRules(\n    config: RenovateConfig,\n    packageFiles: Record<string, PackageFile[]>,\n  ): Promise<void> {\n    const dependencyVulnerabilities = await this.fetchDependencyVulnerabilities(\n      config,\n      packageFiles,\n    );\n\n    config.packageRules ??= [];\n    for (const {\n      vulnerabilities,\n      versioningApi,\n    } of dependencyVulnerabilities) {\n      const groupPackageRules: PackageRule[] = [];\n      for (const vulnerability of vulnerabilities) {\n        const rule = this.vulnerabilityToPackageRules(vulnerability);\n        if (isNullOrUndefined(rule)) {\n          continue;\n        }\n        groupPackageRules.push(rule);\n      }\n      this.sortByFixedVersion(groupPackageRules, versioningApi);\n\n      config.packageRules.push(...groupPackageRules);\n    }\n  }\n\n  async fetchVulnerabilities(\n    config: RenovateConfig,\n    packageFiles: Record<string, PackageFile[]>,\n  ): Promise<Vulnerability[]> {\n    const groups = await this.fetchDependencyVulnerabilities(\n      config,\n      packageFiles,\n    );\n    return groups.flatMap((group) => group.vulnerabilities);\n  }\n\n  private async fetchDependencyVulnerabilities(\n    config: RenovateConfig,\n    packageFiles: Record<string, PackageFile[]>,\n  ): Promise<DependencyVulnerabilities[]> {\n    const managers = Object.keys(packageFiles);\n    const allManagerJobs = managers.map((manager) =>\n      this.fetchManagerVulnerabilities(config, packageFiles, manager),\n    );\n    return (await Promise.all(allManagerJobs)).flat();\n  }\n\n  private async fetchManagerVulnerabilities(\n    config: RenovateConfig,\n    packageFiles: Record<string, PackageFile[]>,\n    manager: string,\n  ): Promise<DependencyVulnerabilities[]> {\n    const managerConfig = getManagerConfig(config, manager);\n    const queue = packageFiles[manager].map(\n      (pFile) => (): Promise<DependencyVulnerabilities[]> =>\n        this.fetchManagerPackageFileVulnerabilities(managerConfig, pFile),\n    );\n    logger.trace(\n      { manager, queueLength: queue.length },\n      'fetchManagerVulnerabilities starting',\n    );\n    const result = (await p.all(queue)).flat();\n    logger.trace({ manager }, 'fetchManagerVulnerabilities finished');\n    return result;\n  }\n\n  private async fetchManagerPackageFileVulnerabilities(\n    managerConfig: RenovateConfig,\n    pFile: PackageFile,\n  ): Promise<DependencyVulnerabilities[]> {\n    const { packageFile } = pFile;\n    const packageFileConfig = mergeChildConfig(managerConfig, pFile);\n    const { manager } = packageFileConfig;\n    const queue = pFile.deps.map(\n      (dep) => (): Promise<DependencyVulnerabilities | null> =>\n        this.fetchDependencyVulnerability(packageFileConfig, dep),\n    );\n    logger.trace(\n      { manager, packageFile, queueLength: queue.length },\n      'fetchManagerPackageFileVulnerabilities starting with concurrency',\n    );\n\n    const result = await p.all(queue);\n    logger.trace(\n      { packageFile },\n      'fetchManagerPackageFileVulnerabilities finished',\n    );\n\n    return result.filter(isTruthy);\n  }\n\n  private async fetchDependencyVulnerability(\n    packageFileConfig: RenovateConfig & PackageFile,\n    dep: PackageDependency,\n  ): Promise<DependencyVulnerabilities | null> {\n    const ecosystem = Vulnerabilities.datasourceEcosystemMap[dep.datasource!];\n    if (!ecosystem) {\n      logger.trace(`Cannot map datasource ${dep.datasource!} to OSV ecosystem`);\n      return null;\n    }\n\n    let packageName = dep.packageName ?? dep.depName!;\n    if (ecosystem === 'PyPI') {\n      // https://peps.python.org/pep-0503/#normalized-names\n      packageName = packageName.toLowerCase().replace(regEx(/[_.-]+/g), '-');\n    }\n\n    try {\n      const osvVulnerabilities = await this.osvOffline?.getVulnerabilities(\n        ecosystem,\n        packageName,\n      );\n      if (\n        isNullOrUndefined(osvVulnerabilities) ||\n        isEmptyArray(osvVulnerabilities)\n      ) {\n        logger.trace(\n          `No vulnerabilities found in OSV database for ${packageName}`,\n        );\n        return null;\n      }\n\n      const depVersion =\n        dep.lockedVersion ?? dep.currentVersion ?? dep.currentValue!;\n\n      const versioning = dep.versioning ?? getDefaultVersioning(dep.datasource);\n      const versioningApi = getVersioning(versioning);\n\n      if (!versioningApi.isVersion(depVersion)) {\n        logger.debug(\n          `Skipping vulnerability lookup for package ${packageName} due to unsupported version ${depVersion}`,\n        );\n        return null;\n      }\n\n      const vulnerabilities: Vulnerability[] = [];\n      for (const osvVulnerability of osvVulnerabilities) {\n        if (osvVulnerability.withdrawn) {\n          logger.trace(\n            `Skipping withdrawn vulnerability ${osvVulnerability.id}`,\n          );\n          continue;\n        }\n\n        for (const affected of osvVulnerability.affected ?? []) {\n          const isVulnerable = this.isPackageVulnerable(\n            ecosystem,\n            packageName,\n            depVersion,\n            affected,\n            versioningApi,\n          );\n          if (!isVulnerable) {\n            continue;\n          }\n\n          logger.debug(\n            `Vulnerability ${osvVulnerability.id} affects ${packageName} ${depVersion}`,\n          );\n          const fixedVersion = this.getFixedVersion(\n            ecosystem,\n            depVersion,\n            affected,\n            versioningApi,\n          );\n\n          vulnerabilities.push({\n            packageName,\n            vulnerability: osvVulnerability,\n            affected,\n            depVersion,\n            fixedVersion,\n            datasource: dep.datasource!,\n            packageFileConfig,\n          });\n        }\n      }\n\n      return { vulnerabilities, versioningApi };\n    } catch (err) {\n      logger.warn(\n        { err, packageName },\n        'Error fetching vulnerability information for package',\n      );\n      return null;\n    }\n  }\n\n  private sortByFixedVersion(\n    packageRules: PackageRule[],\n    versioningApi: VersioningApi,\n  ): void {\n    const versionsCleaned: Record<string, string> = {};\n    for (const rule of packageRules) {\n      const version = rule.allowedVersions as string;\n      versionsCleaned[version] = version.replace(regEx(/[(),=> ]+/g), '');\n    }\n    packageRules.sort((a, b) =>\n      versioningApi.sortVersions(\n        versionsCleaned[a.allowedVersions as string],\n        versionsCleaned[b.allowedVersions as string],\n      ),\n    );\n  }\n\n  // https://ossf.github.io/osv-schema/#affectedrangesevents-fields\n  private sortEvents(\n    events: Osv.Event[],\n    versioningApi: VersioningApi,\n  ): Osv.Event[] {\n    const sortedCopy: Osv.Event[] = [];\n    let zeroEvent: Osv.Event | null = null;\n\n    for (const event of events) {\n      if (event.introduced === '0') {\n        zeroEvent = event;\n      } else if (versioningApi.isVersion(Object.values(event)[0])) {\n        sortedCopy.push(event);\n      } else {\n        logger.debug({ event }, 'Skipping OSV event with invalid version');\n      }\n    }\n\n    sortedCopy.sort((a, b) =>\n      // no pre-processing, as there are only very few values to sort\n      versioningApi.sortVersions(Object.values(a)[0], Object.values(b)[0]),\n    );\n\n    if (zeroEvent) {\n      sortedCopy.unshift(zeroEvent);\n    }\n\n    return sortedCopy;\n  }\n\n  private isPackageAffected(\n    ecosystem: Ecosystem,\n    packageName: string,\n    affected: Osv.Affected,\n  ): boolean {\n    return (\n      affected.package?.name === packageName &&\n      affected.package?.ecosystem === ecosystem\n    );\n  }\n\n  private includedInVersions(\n    depVersion: string,\n    affected: Osv.Affected,\n  ): boolean {\n    return !!affected.versions?.includes(depVersion);\n  }\n\n  private includedInRanges(\n    depVersion: string,\n    affected: Osv.Affected,\n    versioningApi: VersioningApi,\n  ): boolean {\n    for (const range of affected.ranges ?? []) {\n      if (range.type === 'GIT') {\n        continue;\n      }\n\n      let vulnerable = false;\n      for (const event of this.sortEvents(range.events, versioningApi)) {\n        if (\n          isNonEmptyString(event.introduced) &&\n          (event.introduced === '0' ||\n            this.isVersionGtOrEq(depVersion, event.introduced, versioningApi))\n        ) {\n          vulnerable = true;\n        } else if (\n          isNonEmptyString(event.fixed) &&\n          this.isVersionGtOrEq(depVersion, event.fixed, versioningApi)\n        ) {\n          vulnerable = false;\n        } else if (\n          isNonEmptyString(event.last_affected) &&\n          this.isVersionGt(depVersion, event.last_affected, versioningApi)\n        ) {\n          vulnerable = false;\n        }\n      }\n\n      if (vulnerable) {\n        return true;\n      }\n    }\n\n    return false;\n  }\n\n  // https://ossf.github.io/osv-schema/#evaluation\n  private isPackageVulnerable(\n    ecosystem: Ecosystem,\n    packageName: string,\n    depVersion: string,\n    affected: Osv.Affected,\n    versioningApi: VersioningApi,\n  ): boolean {\n    return (\n      this.isPackageAffected(ecosystem, packageName, affected) &&\n      (this.includedInVersions(depVersion, affected) ||\n        this.includedInRanges(depVersion, affected, versioningApi))\n    );\n  }\n\n  private getFixedVersion(\n    ecosystem: Ecosystem,\n    depVersion: string,\n    affected: Osv.Affected,\n    versioningApi: VersioningApi,\n  ): string | null {\n    const fixedVersions: string[] = [];\n    const lastAffectedVersions: string[] = [];\n\n    for (const range of affected.ranges ?? []) {\n      if (range.type === 'GIT') {\n        continue;\n      }\n\n      for (const event of range.events) {\n        if (\n          isNonEmptyString(event.fixed) &&\n          versioningApi.isVersion(event.fixed)\n        ) {\n          fixedVersions.push(event.fixed);\n        } else if (\n          isNonEmptyString(event.last_affected) &&\n          versioningApi.isVersion(event.last_affected)\n        ) {\n          lastAffectedVersions.push(event.last_affected);\n        }\n      }\n    }\n\n    fixedVersions.sort((a, b) => versioningApi.sortVersions(a, b));\n    const fixedVersion = fixedVersions.find((version) =>\n      this.isVersionGt(version, depVersion, versioningApi),\n    );\n    if (fixedVersion) {\n      return this.getFixedVersionByEcosystem(fixedVersion, ecosystem);\n    }\n\n    lastAffectedVersions.sort((a, b) => versioningApi.sortVersions(a, b));\n    const lastAffected = lastAffectedVersions.find((version) =>\n      this.isVersionGtOrEq(version, depVersion, versioningApi),\n    );\n    if (lastAffected) {\n      return this.getLastAffectedByEcosystem(lastAffected, ecosystem);\n    }\n\n    return null;\n  }\n\n  private getFixedVersionByEcosystem(\n    fixedVersion: string,\n    ecosystem: Ecosystem,\n  ): string {\n    if (ecosystem === 'Maven' || ecosystem === 'NuGet') {\n      return `[${fixedVersion},)`;\n    }\n\n    // crates.io, Go, Hex, npm, RubyGems, PyPI\n    return `>= ${fixedVersion}`;\n  }\n\n  private getLastAffectedByEcosystem(\n    lastAffected: string,\n    ecosystem: Ecosystem,\n  ): string {\n    if (ecosystem === 'Maven') {\n      return `(${lastAffected},)`;\n    }\n\n    // crates.io, Go, Hex, npm, RubyGems, PyPI\n    return `> ${lastAffected}`;\n  }\n\n  private isVersionGt(\n    version: string,\n    other: string,\n    versioningApi: VersioningApi,\n  ): boolean {\n    return (\n      versioningApi.isVersion(version) &&\n      versioningApi.isVersion(other) &&\n      versioningApi.isGreaterThan(version, other)\n    );\n  }\n\n  private isVersionGtOrEq(\n    version: string,\n    other: string,\n    versioningApi: VersioningApi,\n  ): boolean {\n    return (\n      versioningApi.isVersion(version) &&\n      versioningApi.isVersion(other) &&\n      (versioningApi.equals(version, other) ||\n        versioningApi.isGreaterThan(version, other))\n    );\n  }\n\n  private vulnerabilityToPackageRules(vul: Vulnerability): PackageRule | null {\n    const {\n      vulnerability,\n      affected,\n      packageName,\n      depVersion,\n      fixedVersion,\n      datasource,\n      packageFileConfig,\n    } = vul;\n    if (isNullOrUndefined(fixedVersion)) {\n      logger.debug(\n        `No fixed version available for vulnerability ${vulnerability.id} in ${packageName} ${depVersion}`,\n      );\n      return null;\n    }\n\n    logger.debug(\n      `Setting allowed version ${fixedVersion} to fix vulnerability ${vulnerability.id} in ${packageName} ${depVersion}`,\n    );\n\n    const severityDetails = this.extractSeverityDetails(\n      vulnerability,\n      affected,\n    );\n\n    return {\n      matchDatasources: [datasource],\n      matchPackageNames: [packageName],\n      matchCurrentVersion: depVersion,\n      allowedVersions: fixedVersion,\n      isVulnerabilityAlert: true,\n      vulnerabilitySeverity: severityDetails.severityLevel,\n      prBodyNotes: this.generatePrBodyNotes(vulnerability, affected),\n      force: {\n        ...packageFileConfig.vulnerabilityAlerts,\n      },\n    };\n  }\n\n  static evaluateCvssVector(vector: string): [string, string] {\n    const CvssJsonSchema = z.object({\n      baseScore: z.number().default(0.0),\n      baseSeverity: z.string().toUpperCase().default('UNKNOWN'),\n    });\n\n    try {\n      const parsedCvssScore: CvssVector<any> | null = fromVector(vector);\n      const res = CvssJsonSchema.parse(parsedCvssScore?.createJsonSchema());\n\n      return [res.baseScore.toFixed(1), res.baseSeverity];\n    } catch {\n      logger.debug(`Error processing CVSS vector ${vector}`);\n    }\n\n    return ['', ''];\n  }\n\n  private generatePrBodyNotes(\n    vulnerability: Osv.Vulnerability,\n    affected: Osv.Affected,\n  ): string[] {\n    let aliases = [vulnerability.id].concat(vulnerability.aliases ?? []).sort();\n    aliases = aliases.map((id) => {\n      if (id.startsWith('CVE-')) {\n        return `[${id}](https://nvd.nist.gov/vuln/detail/${id})`;\n      } else if (id.startsWith('GHSA-')) {\n        return `[${id}](https://github.com/advisories/${id})`;\n      } else if (id.startsWith('GO-')) {\n        return `[${id}](https://pkg.go.dev/vuln/${id})`;\n      } else if (id.startsWith('RUSTSEC-')) {\n        return `[${id}](https://rustsec.org/advisories/${id}.html)`;\n      }\n\n      return id;\n    });\n\n    let content = '\\n\\n---\\n\\n### ';\n    content += vulnerability.summary ? `${vulnerability.summary}\\n` : '';\n    content += `${aliases.join(' / ')}\\n`;\n    content += `\\n<details>\\n<summary>More information</summary>\\n`;\n\n    const details = vulnerability.details?.replace(\n      regEx(/^#{1,4} /gm),\n      '##### ',\n    );\n    content += `#### Details\\n${details ?? 'No details.'}\\n`;\n\n    content += '#### Severity\\n';\n    const severityDetails = this.extractSeverityDetails(\n      vulnerability,\n      affected,\n    );\n\n    if (severityDetails.cvssVector) {\n      content += `- CVSS Score: ${severityDetails.score}\\n`;\n      content += `- Vector String: \\`${severityDetails.cvssVector}\\`\\n`;\n    } else {\n      content += `${titleCase(severityDetails.severityLevel)}\\n`;\n    }\n\n    content += `\\n#### References\\n${\n      vulnerability.references\n        ?.map((ref) => {\n          return `- [${ref.url}](${ref.url})`;\n        })\n        .join('\\n') ?? 'No references.'\n    }`;\n\n    let attribution = '';\n    if (vulnerability.id.startsWith('GHSA-')) {\n      attribution = ` and the [GitHub Advisory Database](https://github.com/github/advisory-database) ([CC-BY 4.0](https://github.com/github/advisory-database/blob/main/LICENSE.md))`;\n    } else if (vulnerability.id.startsWith('GO-')) {\n      attribution = ` and the [Go Vulnerability Database](https://github.com/golang/vulndb) ([CC-BY 4.0](https://github.com/golang/vulndb#license))`;\n    } else if (vulnerability.id.startsWith('PYSEC-')) {\n      attribution = ` and the [PyPI Advisory Database](https://github.com/pypa/advisory-database) ([CC-BY 4.0](https://github.com/pypa/advisory-database/blob/main/LICENSE))`;\n    } else if (vulnerability.id.startsWith('RUSTSEC-')) {\n      attribution = ` and the [Rust Advisory Database](https://github.com/RustSec/advisory-db) ([CC0 1.0](https://github.com/rustsec/advisory-db/blob/main/LICENSE.txt))`;\n    }\n    content += `\\n\\nThis data is provided by [OSV](https://osv.dev/vulnerability/${vulnerability.id})${attribution}.\\n`;\n    content += `</details>`;\n\n    return [sanitizeMarkdown(content)];\n  }\n\n  private extractSeverityDetails(\n    vulnerability: Osv.Vulnerability,\n    affected: Osv.Affected,\n  ): SeverityDetails {\n    let severityLevel = 'UNKNOWN';\n    let score = 'Unknown';\n\n    const cvssVector =\n      vulnerability.severity?.find((e) => e.type === 'CVSS_V4')?.score ??\n      vulnerability.severity?.find((e) => e.type === 'CVSS_V3')?.score ??\n      (affected.database_specific?.cvss as string); // RUSTSEC\n\n    if (cvssVector) {\n      const [baseScore, severity] =\n        Vulnerabilities.evaluateCvssVector(cvssVector);\n      severityLevel = severity ? severity.toUpperCase() : 'UNKNOWN';\n      score = baseScore\n        ? `${baseScore} / 10 (${titleCase(severityLevel)})`\n        : 'Unknown';\n    } else if (\n      vulnerability.id.startsWith('GHSA-') &&\n      vulnerability.database_specific?.severity\n    ) {\n      const severity = vulnerability.database_specific.severity as string;\n      severityLevel = severity.toUpperCase();\n    }\n\n    return {\n      cvssVector,\n      score,\n      severityLevel,\n    };\n  }\n}\n"]}

package/dist/workers/repository/process/write.js

@@ -4,8 +4,7 @@ exports.generateCommitFingerprintConfig = generateCommitFingerprintConfig;
 exports.compareCacheFingerprint = compareCacheFingerprint;
 exports.syncBranchState = syncBranchState;
 exports.writeUpdates = writeUpdates;
-const tslib_1 = require("tslib");
-const is_1 = tslib_1.__importDefault(require("@sindresorhus/is"));
+const is_1 = require("@sindresorhus/is");
 const logger_1 = require("../../../logger");
 const manager_1 = require("../../../modules/manager");
 const scm_1 = require("../../../modules/platform/scm");
@@ -110,7 +109,7 @@ async function writeUpdates(config, allBranches) {
         const managers = [
             ...new Set(branch.upgrades
                 .map((upgrade) => manager_1.hashMap.get(upgrade.manager) ?? upgrade.manager)
-                .filter(is_1.default.string)),
+                .filter(is_1.isString)),
         ].sort();
         const commitFingerprint = (0, fingerprint_1.fingerprint)({
             commitFingerprintConfig: generateCommitFingerprintConfig(branch),

package/dist/workers/repository/process/write.js.map

@@ -1 +1 @@
-{"version":3,"file":"write.js","sourceRoot":"","sources":["../../../../lib/workers/repository/process/write.ts"],"names":[],"mappings":";;AAyBA,0EAYC;AAED,0DAgBC;AAED,0CA2DC;AAED,oCAyEC;;AA/LD,kEAAkC;AAElC,4CAA8D;AAC9D,sDAAmD;AACnD,uDAAoD;AACpD,+DAA0D;AAE1D,2DAAwD;AACxD,2EAAyE;AACzE,gDAA8D;AAM9D,6CAAiD;AACjD,6DAAgE;AAChE,qCAIkB;AAIlB,SAAgB,+BAA+B,CAC7C,MAAoB;IAEpB,MAAM,GAAG,GAAG,MAAM,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,OAAO,EAAE,EAAE;QAC1C,MAAM,eAAe,GAAG,EAA8B,CAAC;QACvD,KAAK,MAAM,KAAK,IAAI,6CAAwB,EAAE,CAAC;YAC7C,eAAe,CAAC,KAAK,CAAC,GAAG,OAAO,CAAC,KAAK,CAAC,CAAC;QAC1C,CAAC;QACD,OAAO,eAAe,CAAC;IACzB,CAAC,CAAC,CAAC;IAEH,OAAO,GAAG,CAAC;AACb,CAAC;AAED,SAAgB,uBAAuB,CACrC,WAAwB,EACxB,iBAAyB;IAEzB,IAAI,CAAC,WAAW,CAAC,iBAAiB,EAAE,CAAC;QACnC,eAAM,CAAC,KAAK,CAAC,qCAAqC,CAAC,CAAC;QACpD,OAAO,gBAAgB,CAAC;IAC1B,CAAC;IAED,IAAI,iBAAiB,KAAK,WAAW,CAAC,iBAAiB,EAAE,CAAC;QACxD,eAAM,CAAC,KAAK,CAAC,0CAA0C,CAAC,CAAC;QACzD,OAAO,UAAU,CAAC;IACpB,CAAC;IAED,eAAM,CAAC,KAAK,CAAC,iDAAiD,CAAC,CAAC;IAChE,OAAO,SAAS,CAAC;AACnB,CAAC;AAEM,KAAK,UAAU,eAAe,CACnC,UAAkB,EAClB,UAAkB;IAElB,eAAM,CAAC,KAAK,CAAC,mBAAmB,CAAC,CAAC;IAClC,MAAM,SAAS,GAAG,MAAM,SAAG,CAAC,eAAe,CAAC,UAAU,CAAC,CAAC;IACxD,MAAM,aAAa,GAAG,MAAM,SAAG,CAAC,eAAe,CAAC,UAAU,CAAC,CAAC;IAE5D,MAAM,KAAK,GAAG,IAAA,qBAAQ,GAAE,CAAC;IACzB,KAAK,CAAC,QAAQ,KAAK,EAAE,CAAC;IACtB,MAAM,EAAE,QAAQ,EAAE,cAAc,EAAE,GAAG,KAAK,CAAC;IAC3C,IAAI,WAAW,GAAG,cAAc,CAAC,IAAI,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,UAAU,KAAK,UAAU,CAAC,CAAC;IAC5E,IAAI,CAAC,WAAW,EAAE,CAAC;QACjB,eAAM,CAAC,KAAK,CACV,yEAAyE,CAC1E,CAAC;QACF,gCAAgC;QAChC,WAAW,GAAG;YACZ,UAAU;YACV,GAAG,EAAE,SAAS;YACd,UAAU;YACV,aAAa;SACC,CAAC;QACjB,cAAc,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;IACnC,CAAC;IAED,qEAAqE;IACrE,IAAI,UAAU,KAAK,WAAW,CAAC,UAAU,EAAE,CAAC;QAC1C,eAAM,CAAC,KAAK,CAAC,2CAA2C,CAAC,CAAC;QAC1D,WAAW,CAAC,UAAU,GAAG,UAAU,CAAC;QACpC,OAAO,WAAW,CAAC,UAAU,CAAC;QAC9B,WAAW,CAAC,QAAQ,GAAG,KAAK,CAAC;IAC/B,CAAC;IAED,sEAAsE;IACtE,IAAI,aAAa,KAAK,WAAW,CAAC,aAAa,EAAE,CAAC;QAChD,eAAM,CAAC,KAAK,CAAC,yCAAyC,CAAC,CAAC;QACxD,OAAO,WAAW,CAAC,YAAY,CAAC;QAChC,OAAO,WAAW,CAAC,YAAY,CAAC;QAEhC,0BAA0B;QAC1B,WAAW,CAAC,aAAa,GAAG,aAAa,CAAC;QAC1C,WAAW,CAAC,QAAQ,GAAG,KAAK,CAAC;IAC/B,CAAC;IAED,yDAAyD;IACzD,IAAI,SAAS,KAAK,WAAW,CAAC,GAAG,EAAE,CAAC;QAClC,eAAM,CAAC,KAAK,CAAC,qCAAqC,CAAC,CAAC;QACpD,OAAO,WAAW,CAAC,YAAY,CAAC;QAChC,OAAO,WAAW,CAAC,YAAY,CAAC;QAChC,OAAO,WAAW,CAAC,UAAU,CAAC;QAC9B,OAAO,WAAW,CAAC,iBAAiB,CAAC;QAErC,0BAA0B;QAC1B,WAAW,CAAC,GAAG,GAAG,SAAS,CAAC;QAC5B,WAAW,CAAC,QAAQ,GAAG,KAAK,CAAC;IAC/B,CAAC;IAED,OAAO,WAAW,CAAC;AACrB,CAAC;AAEM,KAAK,UAAU,YAAY,CAChC,MAAsB,EACtB,WAA2B;IAE3B,MAAM,QAAQ,GAAG,WAAW,CAAC;IAC7B,eAAM,CAAC,KAAK,CACV,cAAc,QAAQ,CAAC,MAAM,UAC3B,QAAQ,CAAC,MAAM,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAC/B,KAAK,QAAQ;SACV,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU,CAAC;SACxB,IAAI,EAAE;SACN,IAAI,CAAC,IAAI,CAAC,EAAE,CAChB,CAAC;IAEF,MAAM,kBAAkB,GAAG,MAAM,IAAA,8BAAqB,EAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;IACzE,IAAA,iBAAQ,EAAC,eAAe,EAAE,kBAAkB,CAAC,CAAC;IAE9C,MAAM,uBAAuB,GAAG,MAAM,IAAA,mCAA0B,EAAC,QAAQ,CAAC,CAAC;IAC3E,IAAA,iBAAQ,EAAC,UAAU,EAAE,uBAAuB,CAAC,CAAC;IAE9C,MAAM,gBAAgB,GAAG,MAAM,IAAA,yBAAgB,EAAC,MAAM,CAAC,CAAC;IACxD,IAAA,iBAAQ,EAAC,WAAW,EAAE,gBAAgB,CAAC,CAAC;IAExC,KAAK,MAAM,MAAM,IAAI,QAAQ,EAAE,CAAC;QAC9B,MAAM,EAAE,UAAU,EAAE,UAAU,EAAE,GAAG,MAAM,CAAC;QAC1C,MAAM,IAAI,GAA2B,EAAE,MAAM,EAAE,UAAU,EAAE,CAAC;QAC5D,IAAI,MAAM,CAAC,kBAAkB,EAAE,MAAM,IAAI,UAAU,EAAE,CAAC;YACpD,IAAI,CAAC,UAAU,GAAG,UAAU,CAAC;QAC/B,CAAC;QACD,IAAA,gBAAO,EAAC,IAAI,CAAC,CAAC;QACd,MAAM,aAAa,GAAG,MAAM,SAAG,CAAC,YAAY,CAAC,UAAU,CAAC,CAAC;QACzD,MAAM,WAAW,GAAG,MAAM,eAAe,CAAC,UAAU,EAAE,UAAU,CAAC,CAAC;QAElE,MAAM,QAAQ,GAAG;YACf,GAAG,IAAI,GAAG,CACR,MAAM,CAAC,QAAQ;iBACZ,GAAG,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,iBAAO,CAAC,GAAG,CAAC,OAAO,CAAC,OAAO,CAAC,IAAI,OAAO,CAAC,OAAO,CAAC;iBACjE,MAAM,CAAC,YAAE,CAAC,MAAM,CAAC,CACrB;SACF,CAAC,IAAI,EAAE,CAAC;QACT,MAAM,iBAAiB,GAAG,IAAA,yBAAW,EAAC;YACpC,uBAAuB,EAAE,+BAA+B,CAAC,MAAM,CAAC;YAChE,QAAQ;SACT,CAAC,CAAC;QACH,MAAM,CAAC,qBAAqB,GAAG,uBAAuB,CACpD,WAAW,EACX,iBAAiB,CAClB,CAAC;QAEF,MAAM,GAAG,GAAG,MAAM,IAAA,sBAAa,EAAC,MAAM,CAAC,CAAC;QACxC,MAAM,CAAC,WAAW,GAAG,GAAG,EAAE,WAAW,CAAC;QACtC,MAAM,CAAC,IAAI,GAAG,GAAG,EAAE,IAAI,CAAC;QACxB,MAAM,CAAC,MAAM,GAAG,GAAG,EAAE,MAAM,CAAC;QAC5B,MAAM,CAAC,iBAAiB,GAAG,GAAG,EAAE,eAAe;YAC7C,CAAC,CAAC,iBAAiB;YACnB,CAAC,CAAC,WAAW,CAAC,iBAAiB,CAAC;QAElC,IAAI,GAAG,EAAE,SAAS,EAAE,CAAC;YACnB,IAAA,sCAAkB,EAAC,UAAU,EAAE,UAAU,EAAE,GAAG,CAAC,SAAS,CAAC,CAAC;QAC5D,CAAC;QACD,IACE,MAAM,CAAC,MAAM,KAAK,YAAY;YAC9B,MAAM,CAAC,aAAa,KAAK,YAAY,EACrC,CAAC;YACD,sEAAsE;YACtE,OAAO,YAAY,CAAC;QACtB,CAAC;QACD,IAAI,CAAC,aAAa,IAAI,CAAC,MAAM,SAAG,CAAC,YAAY,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC,EAAE,CAAC;YAClE,IAAA,sBAAa,EAAC,UAAU,CAAC,CAAC;QAC5B,CAAC;IACH,CAAC;IACD,IAAA,mBAAU,EAAC,CAAC,QAAQ,EAAE,YAAY,CAAC,CAAC,CAAC;IACrC,OAAO,MAAM,CAAC;AAChB,CAAC","sourcesContent":["import is from '@sindresorhus/is';\nimport type { RenovateConfig } from '../../../config/types';\nimport { addMeta, logger, removeMeta } from '../../../logger';\nimport { hashMap } from '../../../modules/manager';\nimport { scm } from '../../../modules/platform/scm';\nimport { getCache } from '../../../util/cache/repository';\nimport type { BranchCache } from '../../../util/cache/repository/types';\nimport { fingerprint } from '../../../util/fingerprint';\nimport { setBranchNewCommit } from '../../../util/git/set-branch-commit';\nimport { incCountValue, setCount } from '../../global/limits';\nimport type {\n  BranchConfig,\n  CacheFingerprintMatchResult,\n  UpgradeFingerprintConfig,\n} from '../../types';\nimport { processBranch } from '../update/branch';\nimport { upgradeFingerprintFields } from './fingerprint-fields';\nimport {\n  getConcurrentBranchesCount,\n  getConcurrentPrsCount,\n  getPrHourlyCount,\n} from './limits';\n\nexport type WriteUpdateResult = 'done' | 'automerged';\n\nexport function generateCommitFingerprintConfig(\n  branch: BranchConfig,\n): UpgradeFingerprintConfig[] {\n  const res = branch.upgrades.map((upgrade) => {\n    const filteredUpgrade = {} as UpgradeFingerprintConfig;\n    for (const field of upgradeFingerprintFields) {\n      filteredUpgrade[field] = upgrade[field];\n    }\n    return filteredUpgrade;\n  });\n\n  return res;\n}\n\nexport function compareCacheFingerprint(\n  branchState: BranchCache,\n  commitFingerprint: string,\n): CacheFingerprintMatchResult {\n  if (!branchState.commitFingerprint) {\n    logger.trace('branch.isUpToDate(): no fingerprint');\n    return 'no-fingerprint';\n  }\n\n  if (commitFingerprint !== branchState.commitFingerprint) {\n    logger.debug('branch.isUpToDate(): needs recalculation');\n    return 'no-match';\n  }\n\n  logger.debug('branch.isUpToDate(): using cached result \"true\"');\n  return 'matched';\n}\n\nexport async function syncBranchState(\n  branchName: string,\n  baseBranch: string,\n): Promise<BranchCache> {\n  logger.debug('syncBranchState()');\n  const branchSha = await scm.getBranchCommit(branchName);\n  const baseBranchSha = await scm.getBranchCommit(baseBranch);\n\n  const cache = getCache();\n  cache.branches ??= [];\n  const { branches: cachedBranches } = cache;\n  let branchState = cachedBranches.find((br) => br.branchName === branchName);\n  if (!branchState) {\n    logger.debug(\n      'syncBranchState(): Branch cache not found, creating minimal branchState',\n    );\n    // create a minimal branch state\n    branchState = {\n      branchName,\n      sha: branchSha,\n      baseBranch,\n      baseBranchSha,\n    } as BranchCache;\n    cachedBranches.push(branchState);\n  }\n\n  // if base branch name has changed invalidate cached isModified state\n  if (baseBranch !== branchState.baseBranch) {\n    logger.debug('syncBranchState(): update baseBranch name');\n    branchState.baseBranch = baseBranch;\n    delete branchState.isModified;\n    branchState.pristine = false;\n  }\n\n  // if base branch sha has changed invalidate cached isBehindBase state\n  if (baseBranchSha !== branchState.baseBranchSha) {\n    logger.debug('syncBranchState(): update baseBranchSha');\n    delete branchState.isBehindBase;\n    delete branchState.isConflicted;\n\n    // update cached branchSha\n    branchState.baseBranchSha = baseBranchSha;\n    branchState.pristine = false;\n  }\n\n  // if branch sha has changed invalidate all cached states\n  if (branchSha !== branchState.sha) {\n    logger.debug('syncBranchState(): update branchSha');\n    delete branchState.isBehindBase;\n    delete branchState.isConflicted;\n    delete branchState.isModified;\n    delete branchState.commitFingerprint;\n\n    // update cached branchSha\n    branchState.sha = branchSha;\n    branchState.pristine = false;\n  }\n\n  return branchState;\n}\n\nexport async function writeUpdates(\n  config: RenovateConfig,\n  allBranches: BranchConfig[],\n): Promise<WriteUpdateResult> {\n  const branches = allBranches;\n  logger.debug(\n    `Processing ${branches.length} branch${\n      branches.length === 1 ? '' : 'es'\n    }: ${branches\n      .map((b) => b.branchName)\n      .sort()\n      .join(', ')}`,\n  );\n\n  const concurrentPrsCount = await getConcurrentPrsCount(config, branches);\n  setCount('ConcurrentPRs', concurrentPrsCount);\n\n  const concurrentBranchesCount = await getConcurrentBranchesCount(branches);\n  setCount('Branches', concurrentBranchesCount);\n\n  const prsThisHourCount = await getPrHourlyCount(config);\n  setCount('HourlyPRs', prsThisHourCount);\n\n  for (const branch of branches) {\n    const { baseBranch, branchName } = branch;\n    const meta: Record<string, string> = { branch: branchName };\n    if (config.baseBranchPatterns?.length && baseBranch) {\n      meta.baseBranch = baseBranch;\n    }\n    addMeta(meta);\n    const branchExisted = await scm.branchExists(branchName);\n    const branchState = await syncBranchState(branchName, baseBranch);\n\n    const managers = [\n      ...new Set(\n        branch.upgrades\n          .map((upgrade) => hashMap.get(upgrade.manager) ?? upgrade.manager)\n          .filter(is.string),\n      ),\n    ].sort();\n    const commitFingerprint = fingerprint({\n      commitFingerprintConfig: generateCommitFingerprintConfig(branch),\n      managers,\n    });\n    branch.cacheFingerprintMatch = compareCacheFingerprint(\n      branchState,\n      commitFingerprint,\n    );\n\n    const res = await processBranch(branch);\n    branch.prBlockedBy = res?.prBlockedBy;\n    branch.prNo = res?.prNo;\n    branch.result = res?.result;\n    branch.commitFingerprint = res?.updatesVerified\n      ? commitFingerprint\n      : branchState.commitFingerprint;\n\n    if (res?.commitSha) {\n      setBranchNewCommit(branchName, baseBranch, res.commitSha);\n    }\n    if (\n      branch.result === 'automerged' &&\n      branch.automergeType !== 'pr-comment'\n    ) {\n      // Stop processing other branches because base branch has been changed\n      return 'automerged';\n    }\n    if (!branchExisted && (await scm.branchExists(branch.branchName))) {\n      incCountValue('Branches');\n    }\n  }\n  removeMeta(['branch', 'baseBranch']);\n  return 'done';\n}\n"]}
+{"version":3,"file":"write.js","sourceRoot":"","sources":["../../../../lib/workers/repository/process/write.ts"],"names":[],"mappings":";;AAyBA,0EAYC;AAED,0DAgBC;AAED,0CA2DC;AAED,oCAyEC;AA/LD,yCAA4C;AAE5C,4CAA8D;AAC9D,sDAAmD;AACnD,uDAAoD;AACpD,+DAA0D;AAE1D,2DAAwD;AACxD,2EAAyE;AACzE,gDAA8D;AAM9D,6CAAiD;AACjD,6DAAgE;AAChE,qCAIkB;AAIlB,SAAgB,+BAA+B,CAC7C,MAAoB;IAEpB,MAAM,GAAG,GAAG,MAAM,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,OAAO,EAAE,EAAE;QAC1C,MAAM,eAAe,GAAG,EAA8B,CAAC;QACvD,KAAK,MAAM,KAAK,IAAI,6CAAwB,EAAE,CAAC;YAC7C,eAAe,CAAC,KAAK,CAAC,GAAG,OAAO,CAAC,KAAK,CAAC,CAAC;QAC1C,CAAC;QACD,OAAO,eAAe,CAAC;IACzB,CAAC,CAAC,CAAC;IAEH,OAAO,GAAG,CAAC;AACb,CAAC;AAED,SAAgB,uBAAuB,CACrC,WAAwB,EACxB,iBAAyB;IAEzB,IAAI,CAAC,WAAW,CAAC,iBAAiB,EAAE,CAAC;QACnC,eAAM,CAAC,KAAK,CAAC,qCAAqC,CAAC,CAAC;QACpD,OAAO,gBAAgB,CAAC;IAC1B,CAAC;IAED,IAAI,iBAAiB,KAAK,WAAW,CAAC,iBAAiB,EAAE,CAAC;QACxD,eAAM,CAAC,KAAK,CAAC,0CAA0C,CAAC,CAAC;QACzD,OAAO,UAAU,CAAC;IACpB,CAAC;IAED,eAAM,CAAC,KAAK,CAAC,iDAAiD,CAAC,CAAC;IAChE,OAAO,SAAS,CAAC;AACnB,CAAC;AAEM,KAAK,UAAU,eAAe,CACnC,UAAkB,EAClB,UAAkB;IAElB,eAAM,CAAC,KAAK,CAAC,mBAAmB,CAAC,CAAC;IAClC,MAAM,SAAS,GAAG,MAAM,SAAG,CAAC,eAAe,CAAC,UAAU,CAAC,CAAC;IACxD,MAAM,aAAa,GAAG,MAAM,SAAG,CAAC,eAAe,CAAC,UAAU,CAAC,CAAC;IAE5D,MAAM,KAAK,GAAG,IAAA,qBAAQ,GAAE,CAAC;IACzB,KAAK,CAAC,QAAQ,KAAK,EAAE,CAAC;IACtB,MAAM,EAAE,QAAQ,EAAE,cAAc,EAAE,GAAG,KAAK,CAAC;IAC3C,IAAI,WAAW,GAAG,cAAc,CAAC,IAAI,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,UAAU,KAAK,UAAU,CAAC,CAAC;IAC5E,IAAI,CAAC,WAAW,EAAE,CAAC;QACjB,eAAM,CAAC,KAAK,CACV,yEAAyE,CAC1E,CAAC;QACF,gCAAgC;QAChC,WAAW,GAAG;YACZ,UAAU;YACV,GAAG,EAAE,SAAS;YACd,UAAU;YACV,aAAa;SACC,CAAC;QACjB,cAAc,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;IACnC,CAAC;IAED,qEAAqE;IACrE,IAAI,UAAU,KAAK,WAAW,CAAC,UAAU,EAAE,CAAC;QAC1C,eAAM,CAAC,KAAK,CAAC,2CAA2C,CAAC,CAAC;QAC1D,WAAW,CAAC,UAAU,GAAG,UAAU,CAAC;QACpC,OAAO,WAAW,CAAC,UAAU,CAAC;QAC9B,WAAW,CAAC,QAAQ,GAAG,KAAK,CAAC;IAC/B,CAAC;IAED,sEAAsE;IACtE,IAAI,aAAa,KAAK,WAAW,CAAC,aAAa,EAAE,CAAC;QAChD,eAAM,CAAC,KAAK,CAAC,yCAAyC,CAAC,CAAC;QACxD,OAAO,WAAW,CAAC,YAAY,CAAC;QAChC,OAAO,WAAW,CAAC,YAAY,CAAC;QAEhC,0BAA0B;QAC1B,WAAW,CAAC,aAAa,GAAG,aAAa,CAAC;QAC1C,WAAW,CAAC,QAAQ,GAAG,KAAK,CAAC;IAC/B,CAAC;IAED,yDAAyD;IACzD,IAAI,SAAS,KAAK,WAAW,CAAC,GAAG,EAAE,CAAC;QAClC,eAAM,CAAC,KAAK,CAAC,qCAAqC,CAAC,CAAC;QACpD,OAAO,WAAW,CAAC,YAAY,CAAC;QAChC,OAAO,WAAW,CAAC,YAAY,CAAC;QAChC,OAAO,WAAW,CAAC,UAAU,CAAC;QAC9B,OAAO,WAAW,CAAC,iBAAiB,CAAC;QAErC,0BAA0B;QAC1B,WAAW,CAAC,GAAG,GAAG,SAAS,CAAC;QAC5B,WAAW,CAAC,QAAQ,GAAG,KAAK,CAAC;IAC/B,CAAC;IAED,OAAO,WAAW,CAAC;AACrB,CAAC;AAEM,KAAK,UAAU,YAAY,CAChC,MAAsB,EACtB,WAA2B;IAE3B,MAAM,QAAQ,GAAG,WAAW,CAAC;IAC7B,eAAM,CAAC,KAAK,CACV,cAAc,QAAQ,CAAC,MAAM,UAC3B,QAAQ,CAAC,MAAM,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAC/B,KAAK,QAAQ;SACV,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU,CAAC;SACxB,IAAI,EAAE;SACN,IAAI,CAAC,IAAI,CAAC,EAAE,CAChB,CAAC;IAEF,MAAM,kBAAkB,GAAG,MAAM,IAAA,8BAAqB,EAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;IACzE,IAAA,iBAAQ,EAAC,eAAe,EAAE,kBAAkB,CAAC,CAAC;IAE9C,MAAM,uBAAuB,GAAG,MAAM,IAAA,mCAA0B,EAAC,QAAQ,CAAC,CAAC;IAC3E,IAAA,iBAAQ,EAAC,UAAU,EAAE,uBAAuB,CAAC,CAAC;IAE9C,MAAM,gBAAgB,GAAG,MAAM,IAAA,yBAAgB,EAAC,MAAM,CAAC,CAAC;IACxD,IAAA,iBAAQ,EAAC,WAAW,EAAE,gBAAgB,CAAC,CAAC;IAExC,KAAK,MAAM,MAAM,IAAI,QAAQ,EAAE,CAAC;QAC9B,MAAM,EAAE,UAAU,EAAE,UAAU,EAAE,GAAG,MAAM,CAAC;QAC1C,MAAM,IAAI,GAA2B,EAAE,MAAM,EAAE,UAAU,EAAE,CAAC;QAC5D,IAAI,MAAM,CAAC,kBAAkB,EAAE,MAAM,IAAI,UAAU,EAAE,CAAC;YACpD,IAAI,CAAC,UAAU,GAAG,UAAU,CAAC;QAC/B,CAAC;QACD,IAAA,gBAAO,EAAC,IAAI,CAAC,CAAC;QACd,MAAM,aAAa,GAAG,MAAM,SAAG,CAAC,YAAY,CAAC,UAAU,CAAC,CAAC;QACzD,MAAM,WAAW,GAAG,MAAM,eAAe,CAAC,UAAU,EAAE,UAAU,CAAC,CAAC;QAElE,MAAM,QAAQ,GAAG;YACf,GAAG,IAAI,GAAG,CACR,MAAM,CAAC,QAAQ;iBACZ,GAAG,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,iBAAO,CAAC,GAAG,CAAC,OAAO,CAAC,OAAO,CAAC,IAAI,OAAO,CAAC,OAAO,CAAC;iBACjE,MAAM,CAAC,aAAQ,CAAC,CACpB;SACF,CAAC,IAAI,EAAE,CAAC;QACT,MAAM,iBAAiB,GAAG,IAAA,yBAAW,EAAC;YACpC,uBAAuB,EAAE,+BAA+B,CAAC,MAAM,CAAC;YAChE,QAAQ;SACT,CAAC,CAAC;QACH,MAAM,CAAC,qBAAqB,GAAG,uBAAuB,CACpD,WAAW,EACX,iBAAiB,CAClB,CAAC;QAEF,MAAM,GAAG,GAAG,MAAM,IAAA,sBAAa,EAAC,MAAM,CAAC,CAAC;QACxC,MAAM,CAAC,WAAW,GAAG,GAAG,EAAE,WAAW,CAAC;QACtC,MAAM,CAAC,IAAI,GAAG,GAAG,EAAE,IAAI,CAAC;QACxB,MAAM,CAAC,MAAM,GAAG,GAAG,EAAE,MAAM,CAAC;QAC5B,MAAM,CAAC,iBAAiB,GAAG,GAAG,EAAE,eAAe;YAC7C,CAAC,CAAC,iBAAiB;YACnB,CAAC,CAAC,WAAW,CAAC,iBAAiB,CAAC;QAElC,IAAI,GAAG,EAAE,SAAS,EAAE,CAAC;YACnB,IAAA,sCAAkB,EAAC,UAAU,EAAE,UAAU,EAAE,GAAG,CAAC,SAAS,CAAC,CAAC;QAC5D,CAAC;QACD,IACE,MAAM,CAAC,MAAM,KAAK,YAAY;YAC9B,MAAM,CAAC,aAAa,KAAK,YAAY,EACrC,CAAC;YACD,sEAAsE;YACtE,OAAO,YAAY,CAAC;QACtB,CAAC;QACD,IAAI,CAAC,aAAa,IAAI,CAAC,MAAM,SAAG,CAAC,YAAY,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC,EAAE,CAAC;YAClE,IAAA,sBAAa,EAAC,UAAU,CAAC,CAAC;QAC5B,CAAC;IACH,CAAC;IACD,IAAA,mBAAU,EAAC,CAAC,QAAQ,EAAE,YAAY,CAAC,CAAC,CAAC;IACrC,OAAO,MAAM,CAAC;AAChB,CAAC","sourcesContent":["import { isString } from '@sindresorhus/is';\nimport type { RenovateConfig } from '../../../config/types';\nimport { addMeta, logger, removeMeta } from '../../../logger';\nimport { hashMap } from '../../../modules/manager';\nimport { scm } from '../../../modules/platform/scm';\nimport { getCache } from '../../../util/cache/repository';\nimport type { BranchCache } from '../../../util/cache/repository/types';\nimport { fingerprint } from '../../../util/fingerprint';\nimport { setBranchNewCommit } from '../../../util/git/set-branch-commit';\nimport { incCountValue, setCount } from '../../global/limits';\nimport type {\n  BranchConfig,\n  CacheFingerprintMatchResult,\n  UpgradeFingerprintConfig,\n} from '../../types';\nimport { processBranch } from '../update/branch';\nimport { upgradeFingerprintFields } from './fingerprint-fields';\nimport {\n  getConcurrentBranchesCount,\n  getConcurrentPrsCount,\n  getPrHourlyCount,\n} from './limits';\n\nexport type WriteUpdateResult = 'done' | 'automerged';\n\nexport function generateCommitFingerprintConfig(\n  branch: BranchConfig,\n): UpgradeFingerprintConfig[] {\n  const res = branch.upgrades.map((upgrade) => {\n    const filteredUpgrade = {} as UpgradeFingerprintConfig;\n    for (const field of upgradeFingerprintFields) {\n      filteredUpgrade[field] = upgrade[field];\n    }\n    return filteredUpgrade;\n  });\n\n  return res;\n}\n\nexport function compareCacheFingerprint(\n  branchState: BranchCache,\n  commitFingerprint: string,\n): CacheFingerprintMatchResult {\n  if (!branchState.commitFingerprint) {\n    logger.trace('branch.isUpToDate(): no fingerprint');\n    return 'no-fingerprint';\n  }\n\n  if (commitFingerprint !== branchState.commitFingerprint) {\n    logger.debug('branch.isUpToDate(): needs recalculation');\n    return 'no-match';\n  }\n\n  logger.debug('branch.isUpToDate(): using cached result \"true\"');\n  return 'matched';\n}\n\nexport async function syncBranchState(\n  branchName: string,\n  baseBranch: string,\n): Promise<BranchCache> {\n  logger.debug('syncBranchState()');\n  const branchSha = await scm.getBranchCommit(branchName);\n  const baseBranchSha = await scm.getBranchCommit(baseBranch);\n\n  const cache = getCache();\n  cache.branches ??= [];\n  const { branches: cachedBranches } = cache;\n  let branchState = cachedBranches.find((br) => br.branchName === branchName);\n  if (!branchState) {\n    logger.debug(\n      'syncBranchState(): Branch cache not found, creating minimal branchState',\n    );\n    // create a minimal branch state\n    branchState = {\n      branchName,\n      sha: branchSha,\n      baseBranch,\n      baseBranchSha,\n    } as BranchCache;\n    cachedBranches.push(branchState);\n  }\n\n  // if base branch name has changed invalidate cached isModified state\n  if (baseBranch !== branchState.baseBranch) {\n    logger.debug('syncBranchState(): update baseBranch name');\n    branchState.baseBranch = baseBranch;\n    delete branchState.isModified;\n    branchState.pristine = false;\n  }\n\n  // if base branch sha has changed invalidate cached isBehindBase state\n  if (baseBranchSha !== branchState.baseBranchSha) {\n    logger.debug('syncBranchState(): update baseBranchSha');\n    delete branchState.isBehindBase;\n    delete branchState.isConflicted;\n\n    // update cached branchSha\n    branchState.baseBranchSha = baseBranchSha;\n    branchState.pristine = false;\n  }\n\n  // if branch sha has changed invalidate all cached states\n  if (branchSha !== branchState.sha) {\n    logger.debug('syncBranchState(): update branchSha');\n    delete branchState.isBehindBase;\n    delete branchState.isConflicted;\n    delete branchState.isModified;\n    delete branchState.commitFingerprint;\n\n    // update cached branchSha\n    branchState.sha = branchSha;\n    branchState.pristine = false;\n  }\n\n  return branchState;\n}\n\nexport async function writeUpdates(\n  config: RenovateConfig,\n  allBranches: BranchConfig[],\n): Promise<WriteUpdateResult> {\n  const branches = allBranches;\n  logger.debug(\n    `Processing ${branches.length} branch${\n      branches.length === 1 ? '' : 'es'\n    }: ${branches\n      .map((b) => b.branchName)\n      .sort()\n      .join(', ')}`,\n  );\n\n  const concurrentPrsCount = await getConcurrentPrsCount(config, branches);\n  setCount('ConcurrentPRs', concurrentPrsCount);\n\n  const concurrentBranchesCount = await getConcurrentBranchesCount(branches);\n  setCount('Branches', concurrentBranchesCount);\n\n  const prsThisHourCount = await getPrHourlyCount(config);\n  setCount('HourlyPRs', prsThisHourCount);\n\n  for (const branch of branches) {\n    const { baseBranch, branchName } = branch;\n    const meta: Record<string, string> = { branch: branchName };\n    if (config.baseBranchPatterns?.length && baseBranch) {\n      meta.baseBranch = baseBranch;\n    }\n    addMeta(meta);\n    const branchExisted = await scm.branchExists(branchName);\n    const branchState = await syncBranchState(branchName, baseBranch);\n\n    const managers = [\n      ...new Set(\n        branch.upgrades\n          .map((upgrade) => hashMap.get(upgrade.manager) ?? upgrade.manager)\n          .filter(isString),\n      ),\n    ].sort();\n    const commitFingerprint = fingerprint({\n      commitFingerprintConfig: generateCommitFingerprintConfig(branch),\n      managers,\n    });\n    branch.cacheFingerprintMatch = compareCacheFingerprint(\n      branchState,\n      commitFingerprint,\n    );\n\n    const res = await processBranch(branch);\n    branch.prBlockedBy = res?.prBlockedBy;\n    branch.prNo = res?.prNo;\n    branch.result = res?.result;\n    branch.commitFingerprint = res?.updatesVerified\n      ? commitFingerprint\n      : branchState.commitFingerprint;\n\n    if (res?.commitSha) {\n      setBranchNewCommit(branchName, baseBranch, res.commitSha);\n    }\n    if (\n      branch.result === 'automerged' &&\n      branch.automergeType !== 'pr-comment'\n    ) {\n      // Stop processing other branches because base branch has been changed\n      return 'automerged';\n    }\n    if (!branchExisted && (await scm.branchExists(branch.branchName))) {\n      incCountValue('Branches');\n    }\n  }\n  removeMeta(['branch', 'baseBranch']);\n  return 'done';\n}\n"]}

package/dist/workers/repository/reconfigure/comment.js

@@ -2,8 +2,7 @@
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.ensureReconfigurePrComment = ensureReconfigurePrComment;
 exports.getConfigDesc = getConfigDesc;
-const tslib_1 = require("tslib");
-const is_1 = tslib_1.__importDefault(require("@sindresorhus/is"));
+const is_1 = require("@sindresorhus/is");
 const global_1 = require("../../../config/global");
 const logger_1 = require("../../../logger");
 const platform_1 = require("../../../modules/platform");
@@ -65,9 +64,7 @@ async function ensureReconfigurePrComment(config, packageFiles, branches, branch
 function getDescriptionArray(config) {
     logger_1.logger.debug('getDescriptionArray()');
     logger_1.logger.trace({ config });
-    const desc = is_1.default.array(config.description, is_1.default.string)
-        ? config.description
-        : [];
+    const desc = (0, is_1.isArray)(config.description, is_1.isString) ? config.description : [];
     return desc.concat((0, config_description_1.getScheduleDesc)(config));
 }
 function getConfigDesc(config) {

package/dist/workers/repository/reconfigure/comment.js.map

@@ -1 +1 @@
-{"version":3,"file":"comment.js","sourceRoot":"","sources":["../../../../lib/workers/repository/reconfigure/comment.ts"],"names":[],"mappings":";;AAkBA,gEAiEC;AAWD,sCAeC;;AA7GD,kEAAkC;AAClC,mDAAsD;AAEtD,4CAAyC;AAGzC,wDAAqD;AACrD,+DAAkE;AAElE,wDAI4B;AAC5B,8DAAiE;AACjE,4EAAsE;AACtE,sDAA6D;AAEtD,KAAK,UAAU,0BAA0B,CAC9C,MAAsB,EACtB,YAAkD,EAClD,QAAwB,EACxB,UAAkB,EAClB,EAAM;IAEN,eAAM,CAAC,KAAK,CAAC,8BAA8B,CAAC,CAAC;IAC7C,eAAM,CAAC,KAAK,CAAC,EAAE,MAAM,EAAE,CAAC,CAAC;IACzB,IAAI,iBAAiB,GAAG,8LAA8L,CAAC;IAEvN,cAAc;IACd,iBAAiB,IAAI;;;;;;;;CAQtB,CAAC;IACA,IAAI,MAAM,GAAG,iBAAiB,CAAC;IAC/B,IAAI,YAAY,IAAI,MAAM,CAAC,OAAO,CAAC,YAAY,CAAC,CAAC,MAAM,EAAE,CAAC;QACxD,IAAI,KAAK,GAAa,EAAE,CAAC;QACzB,KAAK,MAAM,CAAC,OAAO,EAAE,YAAY,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,YAAY,CAAC,EAAE,CAAC;YACnE,KAAK,GAAG,KAAK,CAAC,MAAM,CAClB,YAAY,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,QAAQ,IAAI,CAAC,WAAW,OAAO,OAAO,GAAG,CAAC,CACtE,CAAC;QACJ,CAAC;QACD,MAAM;YACJ,MAAM,CAAC,OAAO,CACZ,mBAAmB,EACnB,gCAAgC,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CACpD,GAAG,IAAI,CAAC;IACb,CAAC;SAAM,CAAC;QACN,MAAM,GAAG,MAAM,CAAC,OAAO,CAAC,qBAAqB,EAAE,EAAE,CAAC,CAAC;IACrD,CAAC;IACD,IAAI,UAAU,GAAG,EAAE,CAAC;IACpB,IAAI,qBAAY,CAAC,GAAG,CAAC,QAAQ,CAAC,EAAE,CAAC;QAC/B,eAAM,CAAC,IAAI,CAAC,+BAA+B,UAAU,EAAE,CAAC,CAAC;IAC3D,CAAC;SAAM,CAAC;QACN,UAAU,GAAG,aAAa,CAAC,MAAM,CAAC,CAAC;IACrC,CAAC;IACD,MAAM,GAAG,MAAM,CAAC,OAAO,CAAC,cAAc,EAAE,UAAU,CAAC,CAAC;IACpD,MAAM,GAAG,MAAM,CAAC,OAAO,CACrB,gBAAgB,EAChB,IAAA,6BAAW,EAAC,MAAM,CAAC,GAAG,IAAA,4CAA0B,EAAC,YAAa,EAAE,MAAM,CAAC,CACxE,CAAC;IACF,MAAM,GAAG,MAAM,CAAC,OAAO,CAAC,cAAc,EAAE,IAAA,2BAAS,EAAC,MAAM,CAAC,CAAC,CAAC;IAC3D,MAAM,GAAG,MAAM,CAAC,OAAO,CAAC,kBAAkB,EAAE,IAAA,+BAAiB,EAAC,MAAM,CAAC,CAAC,CAAC;IACvE,MAAM,GAAG,MAAM,CAAC,OAAO,CAAC,cAAc,EAAE,IAAA,2BAAiB,EAAC,MAAM,EAAE,QAAQ,CAAC,CAAC,CAAC;IAC7E,eAAM,CAAC,KAAK,CAAC,WAAW,GAAG,MAAM,CAAC,CAAC;IAEnC,MAAM,GAAG,mBAAQ,CAAC,eAAe,CAAC,MAAM,CAAC,CAAC;IAE1C,IAAI,qBAAY,CAAC,GAAG,CAAC,QAAQ,CAAC,EAAE,CAAC;QAC/B,eAAM,CAAC,IAAI,CAAC,+BAA+B,CAAC,CAAC;QAC7C,OAAO,IAAI,CAAC;IACd,CAAC;IAED,OAAO,MAAM,IAAA,uBAAa,EAAC;QACzB,MAAM,EAAE,EAAE,CAAC,MAAM;QACjB,KAAK,EAAE,wBAAwB;QAC/B,OAAO,EAAE,MAAM;KAChB,CAAC,CAAC;AACL,CAAC;AAED,SAAS,mBAAmB,CAAC,MAAsB;IACjD,eAAM,CAAC,KAAK,CAAC,uBAAuB,CAAC,CAAC;IACtC,eAAM,CAAC,KAAK,CAAC,EAAE,MAAM,EAAE,CAAC,CAAC;IACzB,MAAM,IAAI,GAAG,YAAE,CAAC,KAAK,CAAC,MAAM,CAAC,WAAW,EAAE,YAAE,CAAC,MAAM,CAAC;QAClD,CAAC,CAAC,MAAM,CAAC,WAAW;QACpB,CAAC,CAAC,EAAE,CAAC;IACP,OAAO,IAAI,CAAC,MAAM,CAAC,IAAA,oCAAe,EAAC,MAAM,CAAC,CAAC,CAAC;AAC9C,CAAC;AAED,SAAgB,aAAa,CAAC,MAAsB;IAClD,eAAM,CAAC,KAAK,CAAC,iBAAiB,CAAC,CAAC;IAChC,eAAM,CAAC,KAAK,CAAC,EAAE,MAAM,EAAE,CAAC,CAAC;IACzB,MAAM,cAAc,GAAG,mBAAmB,CAAC,MAAM,CAAC,CAAC;IACnD,IAAI,CAAC,cAAc,CAAC,MAAM,EAAE,CAAC;QAC3B,eAAM,CAAC,KAAK,CAAC,6BAA6B,CAAC,CAAC;QAC5C,OAAO,EAAE,CAAC;IACZ,CAAC;IACD,eAAM,CAAC,KAAK,CAAC,uCAAuC,cAAc,CAAC,MAAM,EAAE,CAAC,CAAC;IAC7E,IAAI,IAAI,GAAG,0FAA0F,CAAC;IACtG,cAAc,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,EAAE;QAC3B,IAAI,IAAI,OAAO,CAAC,IAAI,CAAC;IACvB,CAAC,CAAC,CAAC;IACH,IAAI,IAAI,WAAW,CAAC;IACpB,OAAO,IAAI,CAAC;AACd,CAAC","sourcesContent":["import is from '@sindresorhus/is';\nimport { GlobalConfig } from '../../../config/global';\nimport type { RenovateConfig } from '../../../config/types';\nimport { logger } from '../../../logger';\nimport type { PackageFile } from '../../../modules/manager/types';\nimport type { Pr } from '../../../modules/platform';\nimport { platform } from '../../../modules/platform';\nimport { ensureComment } from '../../../modules/platform/comment';\nimport type { BranchConfig } from '../../types';\nimport {\n  getDepWarningsOnboardingPR,\n  getErrors,\n  getWarnings,\n} from '../errors-warnings';\nimport { getBaseBranchDesc } from '../onboarding/pr/base-branch';\nimport { getScheduleDesc } from '../onboarding/pr/config-description';\nimport { getExpectedPrList } from '../onboarding/pr/pr-list';\n\nexport async function ensureReconfigurePrComment(\n  config: RenovateConfig,\n  packageFiles: Record<string, PackageFile[]> | null,\n  branches: BranchConfig[],\n  branchName: string,\n  pr: Pr,\n): Promise<boolean> {\n  logger.debug('ensureReconfigurePrComment()');\n  logger.trace({ config });\n  let prCommentTemplate = `This is a reconfigure PR comment to help you understand and re-configure your renovate bot settings. If this Reconfigure PR were to be merged, we'd expect to see the following outcome:\\n\\n`;\n\n  // TODO #22198\n  prCommentTemplate += `\n---\n{{PACKAGE FILES}}\n{{CONFIG}}\n{{BASEBRANCH}}\n{{PRLIST}}\n{{WARNINGS}}\n{{ERRORS}}\n`;\n  let prBody = prCommentTemplate;\n  if (packageFiles && Object.entries(packageFiles).length) {\n    let files: string[] = [];\n    for (const [manager, managerFiles] of Object.entries(packageFiles)) {\n      files = files.concat(\n        managerFiles.map((file) => ` * \\`${file.packageFile}\\` (${manager})`),\n      );\n    }\n    prBody =\n      prBody.replace(\n        '{{PACKAGE FILES}}',\n        '### Detected Package Files\\n\\n' + files.join('\\n'),\n      ) + '\\n';\n  } else {\n    prBody = prBody.replace('{{PACKAGE FILES}}\\n', '');\n  }\n  let configDesc = '';\n  if (GlobalConfig.get('dryRun')) {\n    logger.info(`DRY-RUN: Would check branch ${branchName}`);\n  } else {\n    configDesc = getConfigDesc(config);\n  }\n  prBody = prBody.replace('{{CONFIG}}\\n', configDesc);\n  prBody = prBody.replace(\n    '{{WARNINGS}}\\n',\n    getWarnings(config) + getDepWarningsOnboardingPR(packageFiles!, config),\n  );\n  prBody = prBody.replace('{{ERRORS}}\\n', getErrors(config));\n  prBody = prBody.replace('{{BASEBRANCH}}\\n', getBaseBranchDesc(config));\n  prBody = prBody.replace('{{PRLIST}}\\n', getExpectedPrList(config, branches));\n  logger.trace('prBody:\\n' + prBody);\n\n  prBody = platform.massageMarkdown(prBody);\n\n  if (GlobalConfig.get('dryRun')) {\n    logger.info('DRY-RUN: Would ensure comment');\n    return true;\n  }\n\n  return await ensureComment({\n    number: pr.number,\n    topic: 'Reconfigure PR Results',\n    content: prBody,\n  });\n}\n\nfunction getDescriptionArray(config: RenovateConfig): string[] {\n  logger.debug('getDescriptionArray()');\n  logger.trace({ config });\n  const desc = is.array(config.description, is.string)\n    ? config.description\n    : [];\n  return desc.concat(getScheduleDesc(config));\n}\n\nexport function getConfigDesc(config: RenovateConfig): string {\n  logger.debug('getConfigDesc()');\n  logger.trace({ config });\n  const descriptionArr = getDescriptionArray(config);\n  if (!descriptionArr.length) {\n    logger.debug('No config description found');\n    return '';\n  }\n  logger.debug(`Found description array with length:${descriptionArr.length}`);\n  let desc = `\\n### Configuration Summary\\n\\nBased on the default config's presets, Renovate will:\\n\\n`;\n  descriptionArr.forEach((d) => {\n    desc += `  - ${d}\\n`;\n  });\n  desc += '\\n\\n---\\n';\n  return desc;\n}\n"]}
+{"version":3,"file":"comment.js","sourceRoot":"","sources":["../../../../lib/workers/repository/reconfigure/comment.ts"],"names":[],"mappings":";;AAkBA,gEAiEC;AASD,sCAeC;AA3GD,yCAAqD;AACrD,mDAAsD;AAEtD,4CAAyC;AAGzC,wDAAqD;AACrD,+DAAkE;AAElE,wDAI4B;AAC5B,8DAAiE;AACjE,4EAAsE;AACtE,sDAA6D;AAEtD,KAAK,UAAU,0BAA0B,CAC9C,MAAsB,EACtB,YAAkD,EAClD,QAAwB,EACxB,UAAkB,EAClB,EAAM;IAEN,eAAM,CAAC,KAAK,CAAC,8BAA8B,CAAC,CAAC;IAC7C,eAAM,CAAC,KAAK,CAAC,EAAE,MAAM,EAAE,CAAC,CAAC;IACzB,IAAI,iBAAiB,GAAG,8LAA8L,CAAC;IAEvN,cAAc;IACd,iBAAiB,IAAI;;;;;;;;CAQtB,CAAC;IACA,IAAI,MAAM,GAAG,iBAAiB,CAAC;IAC/B,IAAI,YAAY,IAAI,MAAM,CAAC,OAAO,CAAC,YAAY,CAAC,CAAC,MAAM,EAAE,CAAC;QACxD,IAAI,KAAK,GAAa,EAAE,CAAC;QACzB,KAAK,MAAM,CAAC,OAAO,EAAE,YAAY,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,YAAY,CAAC,EAAE,CAAC;YACnE,KAAK,GAAG,KAAK,CAAC,MAAM,CAClB,YAAY,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,QAAQ,IAAI,CAAC,WAAW,OAAO,OAAO,GAAG,CAAC,CACtE,CAAC;QACJ,CAAC;QACD,MAAM;YACJ,MAAM,CAAC,OAAO,CACZ,mBAAmB,EACnB,gCAAgC,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CACpD,GAAG,IAAI,CAAC;IACb,CAAC;SAAM,CAAC;QACN,MAAM,GAAG,MAAM,CAAC,OAAO,CAAC,qBAAqB,EAAE,EAAE,CAAC,CAAC;IACrD,CAAC;IACD,IAAI,UAAU,GAAG,EAAE,CAAC;IACpB,IAAI,qBAAY,CAAC,GAAG,CAAC,QAAQ,CAAC,EAAE,CAAC;QAC/B,eAAM,CAAC,IAAI,CAAC,+BAA+B,UAAU,EAAE,CAAC,CAAC;IAC3D,CAAC;SAAM,CAAC;QACN,UAAU,GAAG,aAAa,CAAC,MAAM,CAAC,CAAC;IACrC,CAAC;IACD,MAAM,GAAG,MAAM,CAAC,OAAO,CAAC,cAAc,EAAE,UAAU,CAAC,CAAC;IACpD,MAAM,GAAG,MAAM,CAAC,OAAO,CACrB,gBAAgB,EAChB,IAAA,6BAAW,EAAC,MAAM,CAAC,GAAG,IAAA,4CAA0B,EAAC,YAAa,EAAE,MAAM,CAAC,CACxE,CAAC;IACF,MAAM,GAAG,MAAM,CAAC,OAAO,CAAC,cAAc,EAAE,IAAA,2BAAS,EAAC,MAAM,CAAC,CAAC,CAAC;IAC3D,MAAM,GAAG,MAAM,CAAC,OAAO,CAAC,kBAAkB,EAAE,IAAA,+BAAiB,EAAC,MAAM,CAAC,CAAC,CAAC;IACvE,MAAM,GAAG,MAAM,CAAC,OAAO,CAAC,cAAc,EAAE,IAAA,2BAAiB,EAAC,MAAM,EAAE,QAAQ,CAAC,CAAC,CAAC;IAC7E,eAAM,CAAC,KAAK,CAAC,WAAW,GAAG,MAAM,CAAC,CAAC;IAEnC,MAAM,GAAG,mBAAQ,CAAC,eAAe,CAAC,MAAM,CAAC,CAAC;IAE1C,IAAI,qBAAY,CAAC,GAAG,CAAC,QAAQ,CAAC,EAAE,CAAC;QAC/B,eAAM,CAAC,IAAI,CAAC,+BAA+B,CAAC,CAAC;QAC7C,OAAO,IAAI,CAAC;IACd,CAAC;IAED,OAAO,MAAM,IAAA,uBAAa,EAAC;QACzB,MAAM,EAAE,EAAE,CAAC,MAAM;QACjB,KAAK,EAAE,wBAAwB;QAC/B,OAAO,EAAE,MAAM;KAChB,CAAC,CAAC;AACL,CAAC;AAED,SAAS,mBAAmB,CAAC,MAAsB;IACjD,eAAM,CAAC,KAAK,CAAC,uBAAuB,CAAC,CAAC;IACtC,eAAM,CAAC,KAAK,CAAC,EAAE,MAAM,EAAE,CAAC,CAAC;IACzB,MAAM,IAAI,GAAG,IAAA,YAAO,EAAC,MAAM,CAAC,WAAW,EAAE,aAAQ,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC,CAAC,EAAE,CAAC;IAC7E,OAAO,IAAI,CAAC,MAAM,CAAC,IAAA,oCAAe,EAAC,MAAM,CAAC,CAAC,CAAC;AAC9C,CAAC;AAED,SAAgB,aAAa,CAAC,MAAsB;IAClD,eAAM,CAAC,KAAK,CAAC,iBAAiB,CAAC,CAAC;IAChC,eAAM,CAAC,KAAK,CAAC,EAAE,MAAM,EAAE,CAAC,CAAC;IACzB,MAAM,cAAc,GAAG,mBAAmB,CAAC,MAAM,CAAC,CAAC;IACnD,IAAI,CAAC,cAAc,CAAC,MAAM,EAAE,CAAC;QAC3B,eAAM,CAAC,KAAK,CAAC,6BAA6B,CAAC,CAAC;QAC5C,OAAO,EAAE,CAAC;IACZ,CAAC;IACD,eAAM,CAAC,KAAK,CAAC,uCAAuC,cAAc,CAAC,MAAM,EAAE,CAAC,CAAC;IAC7E,IAAI,IAAI,GAAG,0FAA0F,CAAC;IACtG,cAAc,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,EAAE;QAC3B,IAAI,IAAI,OAAO,CAAC,IAAI,CAAC;IACvB,CAAC,CAAC,CAAC;IACH,IAAI,IAAI,WAAW,CAAC;IACpB,OAAO,IAAI,CAAC;AACd,CAAC","sourcesContent":["import { isArray, isString } from '@sindresorhus/is';\nimport { GlobalConfig } from '../../../config/global';\nimport type { RenovateConfig } from '../../../config/types';\nimport { logger } from '../../../logger';\nimport type { PackageFile } from '../../../modules/manager/types';\nimport type { Pr } from '../../../modules/platform';\nimport { platform } from '../../../modules/platform';\nimport { ensureComment } from '../../../modules/platform/comment';\nimport type { BranchConfig } from '../../types';\nimport {\n  getDepWarningsOnboardingPR,\n  getErrors,\n  getWarnings,\n} from '../errors-warnings';\nimport { getBaseBranchDesc } from '../onboarding/pr/base-branch';\nimport { getScheduleDesc } from '../onboarding/pr/config-description';\nimport { getExpectedPrList } from '../onboarding/pr/pr-list';\n\nexport async function ensureReconfigurePrComment(\n  config: RenovateConfig,\n  packageFiles: Record<string, PackageFile[]> | null,\n  branches: BranchConfig[],\n  branchName: string,\n  pr: Pr,\n): Promise<boolean> {\n  logger.debug('ensureReconfigurePrComment()');\n  logger.trace({ config });\n  let prCommentTemplate = `This is a reconfigure PR comment to help you understand and re-configure your renovate bot settings. If this Reconfigure PR were to be merged, we'd expect to see the following outcome:\\n\\n`;\n\n  // TODO #22198\n  prCommentTemplate += `\n---\n{{PACKAGE FILES}}\n{{CONFIG}}\n{{BASEBRANCH}}\n{{PRLIST}}\n{{WARNINGS}}\n{{ERRORS}}\n`;\n  let prBody = prCommentTemplate;\n  if (packageFiles && Object.entries(packageFiles).length) {\n    let files: string[] = [];\n    for (const [manager, managerFiles] of Object.entries(packageFiles)) {\n      files = files.concat(\n        managerFiles.map((file) => ` * \\`${file.packageFile}\\` (${manager})`),\n      );\n    }\n    prBody =\n      prBody.replace(\n        '{{PACKAGE FILES}}',\n        '### Detected Package Files\\n\\n' + files.join('\\n'),\n      ) + '\\n';\n  } else {\n    prBody = prBody.replace('{{PACKAGE FILES}}\\n', '');\n  }\n  let configDesc = '';\n  if (GlobalConfig.get('dryRun')) {\n    logger.info(`DRY-RUN: Would check branch ${branchName}`);\n  } else {\n    configDesc = getConfigDesc(config);\n  }\n  prBody = prBody.replace('{{CONFIG}}\\n', configDesc);\n  prBody = prBody.replace(\n    '{{WARNINGS}}\\n',\n    getWarnings(config) + getDepWarningsOnboardingPR(packageFiles!, config),\n  );\n  prBody = prBody.replace('{{ERRORS}}\\n', getErrors(config));\n  prBody = prBody.replace('{{BASEBRANCH}}\\n', getBaseBranchDesc(config));\n  prBody = prBody.replace('{{PRLIST}}\\n', getExpectedPrList(config, branches));\n  logger.trace('prBody:\\n' + prBody);\n\n  prBody = platform.massageMarkdown(prBody);\n\n  if (GlobalConfig.get('dryRun')) {\n    logger.info('DRY-RUN: Would ensure comment');\n    return true;\n  }\n\n  return await ensureComment({\n    number: pr.number,\n    topic: 'Reconfigure PR Results',\n    content: prBody,\n  });\n}\n\nfunction getDescriptionArray(config: RenovateConfig): string[] {\n  logger.debug('getDescriptionArray()');\n  logger.trace({ config });\n  const desc = isArray(config.description, isString) ? config.description : [];\n  return desc.concat(getScheduleDesc(config));\n}\n\nexport function getConfigDesc(config: RenovateConfig): string {\n  logger.debug('getConfigDesc()');\n  logger.trace({ config });\n  const descriptionArr = getDescriptionArray(config);\n  if (!descriptionArr.length) {\n    logger.debug('No config description found');\n    return '';\n  }\n  logger.debug(`Found description array with length:${descriptionArr.length}`);\n  let desc = `\\n### Configuration Summary\\n\\nBased on the default config's presets, Renovate will:\\n\\n`;\n  descriptionArr.forEach((d) => {\n    desc += `  - ${d}\\n`;\n  });\n  desc += '\\n\\n---\\n';\n  return desc;\n}\n"]}

package/dist/workers/repository/reconfigure/utils.js

@@ -3,8 +3,7 @@ Object.defineProperty(exports, "__esModule", { value: true });
 exports.getReconfigureBranchName = getReconfigureBranchName;
 exports.setBranchStatus = setBranchStatus;
 exports.getReconfigureConfig = getReconfigureConfig;
-const tslib_1 = require("tslib");
-const is_1 = tslib_1.__importDefault(require("@sindresorhus/is"));
+const is_1 = require("@sindresorhus/is");
 const logger_1 = require("../../../logger");
 const platform_1 = require("../../../modules/platform");
 const scm_1 = require("../../../modules/platform/scm");
@@ -15,7 +14,7 @@ function getReconfigureBranchName(prefix) {
     return `${prefix}reconfigure`;
 }
 async function setBranchStatus(branchName, description, state, context) {
-    if (!is_1.default.nonEmptyString(context)) {
+    if (!(0, is_1.isNonEmptyString)(context)) {
         // already logged this case when validating the status check
         return;
     }

package/dist/workers/repository/reconfigure/utils.js.map

@@ -1 +1 @@
-{"version":3,"file":"utils.js","sourceRoot":"","sources":["../../../../lib/workers/repository/reconfigure/utils.ts"],"names":[],"mappings":";;AAUA,4DAEC;AAED,0CAiBC;AAMD,oDAwCC;;AA7ED,kEAAkC;AAElC,4CAAyC;AACzC,wDAAqD;AACrD,uDAAoD;AAEpD,iDAAiD;AACjD,yCAAiD;AACjD,yCAAiD;AAEjD,SAAgB,wBAAwB,CAAC,MAAc;IACrD,OAAO,GAAG,MAAM,aAAa,CAAC;AAChC,CAAC;AAEM,KAAK,UAAU,eAAe,CACnC,UAAkB,EAClB,WAAmB,EACnB,KAAmB,EACnB,OAAuB;IAEvB,IAAI,CAAC,YAAE,CAAC,cAAc,CAAC,OAAO,CAAC,EAAE,CAAC;QAChC,4DAA4D;QAC5D,OAAO;IACT,CAAC;IAED,MAAM,mBAAQ,CAAC,eAAe,CAAC;QAC7B,UAAU;QACV,OAAO;QACP,WAAW;QACX,KAAK;KACN,CAAC,CAAC;AACL,CAAC;AAMM,KAAK,UAAU,oBAAoB,CACxC,UAAkB;IAElB,MAAM,SAAG,CAAC,cAAc,CAAC,UAAU,CAAC,CAAC;IACrC,MAAM,cAAc,GAAG,MAAM,IAAA,wBAAgB,GAAE,CAAC;IAEhD,IAAI,cAAc,KAAK,IAAI,EAAE,CAAC;QAC5B,eAAM,CAAC,KAAK,CAAC,4CAA4C,CAAC,CAAC;QAC3D,OAAO;YACL,EAAE,EAAE,KAAK;YACT,UAAU,EAAE,0CAA0C;SACvD,CAAC;IACJ,CAAC;IAED,MAAM,aAAa,GAAG,MAAM,IAAA,kBAAa,EAAC,cAAc,EAAE,MAAM,CAAC,CAAC;IAClE,IAAI,aAAa,KAAK,IAAI,EAAE,CAAC;QAC3B,OAAO;YACL,EAAE,EAAE,KAAK;YACT,UAAU,EAAE,yCAAyC;YACrD,cAAc;SACf,CAAC;IACJ,CAAC;IAED,IAAI,gBAAqB,CAAC;IAC1B,IAAI,CAAC;QACH,gBAAgB,GAAG,IAAA,kBAAS,EAAC,aAAa,EAAE,cAAc,CAAC,CAAC;QAC5D,6FAA6F;QAC7F,IAAI,cAAc,KAAK,cAAc,EAAE,CAAC;YACtC,gBAAgB,GAAG,gBAAgB,CAAC,QAAQ,CAAC;QAC/C,CAAC;IACH,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,eAAM,CAAC,KAAK,CAAC,EAAE,GAAG,EAAE,EAAE,iCAAiC,CAAC,CAAC;QACzD,OAAO;YACL,EAAE,EAAE,KAAK;YACT,UAAU,EAAE,4CAA4C;YACxD,cAAc;SACf,CAAC;IACJ,CAAC;IAED,OAAO,EAAE,EAAE,EAAE,IAAI,EAAE,MAAM,EAAE,gBAAgB,EAAE,cAAc,EAAE,CAAC;AAChE,CAAC","sourcesContent":["import is from '@sindresorhus/is';\nimport type { RenovateConfig } from '../../../config/types';\nimport { logger } from '../../../logger';\nimport { platform } from '../../../modules/platform';\nimport { scm } from '../../../modules/platform/scm';\nimport type { BranchStatus } from '../../../types';\nimport { parseJson } from '../../../util/common';\nimport { readLocalFile } from '../../../util/fs';\nimport { detectConfigFile } from '../init/merge';\n\nexport function getReconfigureBranchName(prefix: string): string {\n  return `${prefix}reconfigure`;\n}\n\nexport async function setBranchStatus(\n  branchName: string,\n  description: string,\n  state: BranchStatus,\n  context?: string | null,\n): Promise<void> {\n  if (!is.nonEmptyString(context)) {\n    // already logged this case when validating the status check\n    return;\n  }\n\n  await platform.setBranchStatus({\n    branchName,\n    context,\n    description,\n    state,\n  });\n}\n\ntype GetReconfigureConfigResult =\n  | { ok: true; config: RenovateConfig; configFileName: string }\n  | { ok: false; errMessage: string; configFileName?: string };\n\nexport async function getReconfigureConfig(\n  branchName: string,\n): Promise<GetReconfigureConfigResult> {\n  await scm.checkoutBranch(branchName);\n  const configFileName = await detectConfigFile();\n\n  if (configFileName === null) {\n    logger.debug('No config file found in reconfigure branch');\n    return {\n      ok: false,\n      errMessage: 'Validation Failed - No config file found',\n    };\n  }\n\n  const configFileRaw = await readLocalFile(configFileName, 'utf8');\n  if (configFileRaw === null) {\n    return {\n      ok: false,\n      errMessage: 'Validation Failed - Invalid config file',\n      configFileName,\n    };\n  }\n\n  let configFileParsed: any;\n  try {\n    configFileParsed = parseJson(configFileRaw, configFileName);\n    // no need to confirm renovate field in package.json we already do it in `detectConfigFile()`\n    if (configFileName === 'package.json') {\n      configFileParsed = configFileParsed.renovate;\n    }\n  } catch (err) {\n    logger.debug({ err }, 'Error while parsing config file');\n    return {\n      ok: false,\n      errMessage: 'Validation Failed - Unparsable config file',\n      configFileName,\n    };\n  }\n\n  return { ok: true, config: configFileParsed, configFileName };\n}\n"]}
+{"version":3,"file":"utils.js","sourceRoot":"","sources":["../../../../lib/workers/repository/reconfigure/utils.ts"],"names":[],"mappings":";;AAUA,4DAEC;AAED,0CAiBC;AAMD,oDAwCC;AA7ED,yCAAoD;AAEpD,4CAAyC;AACzC,wDAAqD;AACrD,uDAAoD;AAEpD,iDAAiD;AACjD,yCAAiD;AACjD,yCAAiD;AAEjD,SAAgB,wBAAwB,CAAC,MAAc;IACrD,OAAO,GAAG,MAAM,aAAa,CAAC;AAChC,CAAC;AAEM,KAAK,UAAU,eAAe,CACnC,UAAkB,EAClB,WAAmB,EACnB,KAAmB,EACnB,OAAuB;IAEvB,IAAI,CAAC,IAAA,qBAAgB,EAAC,OAAO,CAAC,EAAE,CAAC;QAC/B,4DAA4D;QAC5D,OAAO;IACT,CAAC;IAED,MAAM,mBAAQ,CAAC,eAAe,CAAC;QAC7B,UAAU;QACV,OAAO;QACP,WAAW;QACX,KAAK;KACN,CAAC,CAAC;AACL,CAAC;AAMM,KAAK,UAAU,oBAAoB,CACxC,UAAkB;IAElB,MAAM,SAAG,CAAC,cAAc,CAAC,UAAU,CAAC,CAAC;IACrC,MAAM,cAAc,GAAG,MAAM,IAAA,wBAAgB,GAAE,CAAC;IAEhD,IAAI,cAAc,KAAK,IAAI,EAAE,CAAC;QAC5B,eAAM,CAAC,KAAK,CAAC,4CAA4C,CAAC,CAAC;QAC3D,OAAO;YACL,EAAE,EAAE,KAAK;YACT,UAAU,EAAE,0CAA0C;SACvD,CAAC;IACJ,CAAC;IAED,MAAM,aAAa,GAAG,MAAM,IAAA,kBAAa,EAAC,cAAc,EAAE,MAAM,CAAC,CAAC;IAClE,IAAI,aAAa,KAAK,IAAI,EAAE,CAAC;QAC3B,OAAO;YACL,EAAE,EAAE,KAAK;YACT,UAAU,EAAE,yCAAyC;YACrD,cAAc;SACf,CAAC;IACJ,CAAC;IAED,IAAI,gBAAqB,CAAC;IAC1B,IAAI,CAAC;QACH,gBAAgB,GAAG,IAAA,kBAAS,EAAC,aAAa,EAAE,cAAc,CAAC,CAAC;QAC5D,6FAA6F;QAC7F,IAAI,cAAc,KAAK,cAAc,EAAE,CAAC;YACtC,gBAAgB,GAAG,gBAAgB,CAAC,QAAQ,CAAC;QAC/C,CAAC;IACH,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,eAAM,CAAC,KAAK,CAAC,EAAE,GAAG,EAAE,EAAE,iCAAiC,CAAC,CAAC;QACzD,OAAO;YACL,EAAE,EAAE,KAAK;YACT,UAAU,EAAE,4CAA4C;YACxD,cAAc;SACf,CAAC;IACJ,CAAC;IAED,OAAO,EAAE,EAAE,EAAE,IAAI,EAAE,MAAM,EAAE,gBAAgB,EAAE,cAAc,EAAE,CAAC;AAChE,CAAC","sourcesContent":["import { isNonEmptyString } from '@sindresorhus/is';\nimport type { RenovateConfig } from '../../../config/types';\nimport { logger } from '../../../logger';\nimport { platform } from '../../../modules/platform';\nimport { scm } from '../../../modules/platform/scm';\nimport type { BranchStatus } from '../../../types';\nimport { parseJson } from '../../../util/common';\nimport { readLocalFile } from '../../../util/fs';\nimport { detectConfigFile } from '../init/merge';\n\nexport function getReconfigureBranchName(prefix: string): string {\n  return `${prefix}reconfigure`;\n}\n\nexport async function setBranchStatus(\n  branchName: string,\n  description: string,\n  state: BranchStatus,\n  context?: string | null,\n): Promise<void> {\n  if (!isNonEmptyString(context)) {\n    // already logged this case when validating the status check\n    return;\n  }\n\n  await platform.setBranchStatus({\n    branchName,\n    context,\n    description,\n    state,\n  });\n}\n\ntype GetReconfigureConfigResult =\n  | { ok: true; config: RenovateConfig; configFileName: string }\n  | { ok: false; errMessage: string; configFileName?: string };\n\nexport async function getReconfigureConfig(\n  branchName: string,\n): Promise<GetReconfigureConfigResult> {\n  await scm.checkoutBranch(branchName);\n  const configFileName = await detectConfigFile();\n\n  if (configFileName === null) {\n    logger.debug('No config file found in reconfigure branch');\n    return {\n      ok: false,\n      errMessage: 'Validation Failed - No config file found',\n    };\n  }\n\n  const configFileRaw = await readLocalFile(configFileName, 'utf8');\n  if (configFileRaw === null) {\n    return {\n      ok: false,\n      errMessage: 'Validation Failed - Invalid config file',\n      configFileName,\n    };\n  }\n\n  let configFileParsed: any;\n  try {\n    configFileParsed = parseJson(configFileRaw, configFileName);\n    // no need to confirm renovate field in package.json we already do it in `detectConfigFile()`\n    if (configFileName === 'package.json') {\n      configFileParsed = configFileParsed.renovate;\n    }\n  } catch (err) {\n    logger.debug({ err }, 'Error while parsing config file');\n    return {\n      ok: false,\n      errMessage: 'Validation Failed - Unparsable config file',\n      configFileName,\n    };\n  }\n\n  return { ok: true, config: configFileParsed, configFileName };\n}\n"]}

package/dist/workers/repository/reconfigure/validate.js

@@ -1,8 +1,7 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.validateReconfigureBranch = validateReconfigureBranch;
-const tslib_1 = require("tslib");
-const is_1 = tslib_1.__importDefault(require("@sindresorhus/is"));
+const is_1 = require("@sindresorhus/is");
 const massage_1 = require("../../../config/massage");
 const validation_1 = require("../../../config/validation");
 const logger_1 = require("../../../logger");
@@ -20,7 +19,7 @@ async function validateReconfigureBranch(config, reconfigureConfig, configFileNa
     if (context) {
         const validationStatus = await platform_1.platform.getBranchStatusCheck(branchName, context);
         // if old status check is present skip validation
-        if (is_1.default.nonEmptyString(validationStatus)) {
+        if ((0, is_1.isNonEmptyString)(validationStatus)) {
             logger_1.logger.debug('Skipping validation check because status check already exists.');
             return validationStatus === 'green';
         }

package/dist/workers/repository/reconfigure/validate.js.map

@@ -1 +1 @@
-{"version":3,"file":"validate.js","sourceRoot":"","sources":["../../../../lib/workers/repository/reconfigure/validate.ts"],"names":[],"mappings":";;AAaA,8DAkEC;;AA/ED,kEAAkC;AAClC,qDAAwD;AAExD,2DAA4D;AAC5D,4CAAyC;AAEzC,wDAAqD;AACrD,+DAAkE;AAClE,2CAAoD;AACpD,+CAA4C;AAC5C,2DAAgE;AAChE,mCAAoE;AAE7D,KAAK,UAAU,yBAAyB,CAC7C,MAAsB,EACtB,iBAAiC,EACjC,cAAsB,EACtB,aAAwB;IAExB,eAAM,CAAC,KAAK,CAAC,6BAA6B,CAAC,CAAC;IAE5C,MAAM,OAAO,GAAG,MAAM,CAAC,gBAAgB,EAAE,gBAAgB,CAAC;IAC1D,MAAM,UAAU,GAAG,IAAA,gCAAwB,EAAC,MAAM,CAAC,YAAa,CAAC,CAAC;IAClE,MAAM,SAAS,GAAG,IAAA,qBAAe,EAAC,UAAU,CAAE,CAAC;IAE/C,IAAI,OAAO,EAAE,CAAC;QACZ,MAAM,gBAAgB,GAAG,MAAM,mBAAQ,CAAC,oBAAoB,CAC1D,UAAU,EACV,OAAO,CACR,CAAC;QAEF,iDAAiD;QACjD,IAAI,YAAE,CAAC,cAAc,CAAC,gBAAgB,CAAC,EAAE,CAAC;YACxC,eAAM,CAAC,KAAK,CACV,gEAAgE,CACjE,CAAC;YACF,OAAO,gBAAgB,KAAK,OAAO,CAAC;QACtC,CAAC;IACH,CAAC;SAAM,CAAC;QACN,eAAM,CAAC,KAAK,CACV,0EAA0E,CAC3E,CAAC;IACJ,CAAC;IAED,4EAA4E;IAC5E,MAAM,cAAc,GAAG,IAAA,uBAAa,EAAC,iBAAiB,CAAC,CAAC;IACxD,MAAM,gBAAgB,GAAG,MAAM,IAAA,2BAAc,EAAC,MAAM,EAAE,cAAc,CAAC,CAAC;IAEtE,gBAAgB;IAChB,IAAI,gBAAgB,CAAC,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACvC,eAAM,CAAC,KAAK,CACV,EAAE,MAAM,EAAE,gBAAgB,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,EACxE,mBAAmB,CACpB,CAAC;QAEF,6CAA6C;QAC7C,IAAI,aAAa,EAAE,CAAC;YAClB,IAAI,IAAI,GAAG,6FAA6F,CAAC;YACzG,IAAI,IAAI,eAAe,cAAc,MAAM,CAAC;YAC5C,IAAI,IAAI,cAAc,gBAAgB,CAAC,MAAM;iBAC1C,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC;iBACrB,IAAI,CAAC,IAAI,CAAC;iBACV,OAAO,CAAC,IAAA,aAAK,EAAC,IAAI,CAAC,EAAE,GAAG,CAAC,MAAM,CAAC;YAEnC,MAAM,IAAA,uBAAa,EAAC;gBAClB,MAAM,EAAE,aAAa,CAAC,MAAM;gBAC5B,KAAK,EAAE,6CAA6C;gBACpD,OAAO,EAAE,IAAI;aACd,CAAC,CAAC;QACL,CAAC;QAED,MAAM,IAAA,uBAAe,EAAC,UAAU,EAAE,mBAAmB,EAAE,KAAK,EAAE,OAAO,CAAC,CAAC;QACvE,IAAA,6CAAyB,EAAC,SAAS,EAAE,KAAK,CAAC,CAAC;QAC5C,OAAO,KAAK,CAAC;IACf,CAAC;IAED,gBAAgB;IAChB,MAAM,IAAA,uBAAe,EAAC,UAAU,EAAE,uBAAuB,EAAE,OAAO,EAAE,OAAO,CAAC,CAAC;IAC7E,OAAO,IAAI,CAAC;AACd,CAAC","sourcesContent":["import is from '@sindresorhus/is';\nimport { massageConfig } from '../../../config/massage';\nimport type { RenovateConfig } from '../../../config/types';\nimport { validateConfig } from '../../../config/validation';\nimport { logger } from '../../../logger';\nimport type { Pr } from '../../../modules/platform';\nimport { platform } from '../../../modules/platform';\nimport { ensureComment } from '../../../modules/platform/comment';\nimport { getBranchCommit } from '../../../util/git';\nimport { regEx } from '../../../util/regex';\nimport { setReconfigureBranchCache } from './reconfigure-cache';\nimport { getReconfigureBranchName, setBranchStatus } from './utils';\n\nexport async function validateReconfigureBranch(\n  config: RenovateConfig,\n  reconfigureConfig: RenovateConfig,\n  configFileName: string,\n  reconfigurePr: Pr | null,\n): Promise<boolean> {\n  logger.debug('validateReconfigureBranch()');\n\n  const context = config.statusCheckNames?.configValidation;\n  const branchName = getReconfigureBranchName(config.branchPrefix!);\n  const branchSha = getBranchCommit(branchName)!;\n\n  if (context) {\n    const validationStatus = await platform.getBranchStatusCheck(\n      branchName,\n      context,\n    );\n\n    // if old status check is present skip validation\n    if (is.nonEmptyString(validationStatus)) {\n      logger.debug(\n        'Skipping validation check because status check already exists.',\n      );\n      return validationStatus === 'green';\n    }\n  } else {\n    logger.debug(\n      'Status check is null or an empty string, skipping status check addition.',\n    );\n  }\n\n  // perform validation and provide a passing or failing check based on result\n  const massagedConfig = massageConfig(reconfigureConfig);\n  const validationResult = await validateConfig('repo', massagedConfig);\n\n  // failing check\n  if (validationResult.errors.length > 0) {\n    logger.debug(\n      { errors: validationResult.errors.map((err) => err.message).join(', ') },\n      'Validation Errors',\n    );\n\n    // add comment to reconfigure PR if it exists\n    if (reconfigurePr) {\n      let body = `There is an error with this repository's Renovate configuration that needs to be fixed.\\n\\n`;\n      body += `Location: \\`${configFileName}\\`\\n`;\n      body += `Message: \\`${validationResult.errors\n        .map((e) => e.message)\n        .join(', ')\n        .replace(regEx(/`/g), \"'\")}\\`\\n`;\n\n      await ensureComment({\n        number: reconfigurePr.number,\n        topic: 'Action Required: Fix Renovate Configuration',\n        content: body,\n      });\n    }\n\n    await setBranchStatus(branchName, 'Validation Failed', 'red', context);\n    setReconfigureBranchCache(branchSha, false);\n    return false;\n  }\n\n  // passing check\n  await setBranchStatus(branchName, 'Validation Successful', 'green', context);\n  return true;\n}\n"]}
+{"version":3,"file":"validate.js","sourceRoot":"","sources":["../../../../lib/workers/repository/reconfigure/validate.ts"],"names":[],"mappings":";;AAaA,8DAkEC;AA/ED,yCAAoD;AACpD,qDAAwD;AAExD,2DAA4D;AAC5D,4CAAyC;AAEzC,wDAAqD;AACrD,+DAAkE;AAClE,2CAAoD;AACpD,+CAA4C;AAC5C,2DAAgE;AAChE,mCAAoE;AAE7D,KAAK,UAAU,yBAAyB,CAC7C,MAAsB,EACtB,iBAAiC,EACjC,cAAsB,EACtB,aAAwB;IAExB,eAAM,CAAC,KAAK,CAAC,6BAA6B,CAAC,CAAC;IAE5C,MAAM,OAAO,GAAG,MAAM,CAAC,gBAAgB,EAAE,gBAAgB,CAAC;IAC1D,MAAM,UAAU,GAAG,IAAA,gCAAwB,EAAC,MAAM,CAAC,YAAa,CAAC,CAAC;IAClE,MAAM,SAAS,GAAG,IAAA,qBAAe,EAAC,UAAU,CAAE,CAAC;IAE/C,IAAI,OAAO,EAAE,CAAC;QACZ,MAAM,gBAAgB,GAAG,MAAM,mBAAQ,CAAC,oBAAoB,CAC1D,UAAU,EACV,OAAO,CACR,CAAC;QAEF,iDAAiD;QACjD,IAAI,IAAA,qBAAgB,EAAC,gBAAgB,CAAC,EAAE,CAAC;YACvC,eAAM,CAAC,KAAK,CACV,gEAAgE,CACjE,CAAC;YACF,OAAO,gBAAgB,KAAK,OAAO,CAAC;QACtC,CAAC;IACH,CAAC;SAAM,CAAC;QACN,eAAM,CAAC,KAAK,CACV,0EAA0E,CAC3E,CAAC;IACJ,CAAC;IAED,4EAA4E;IAC5E,MAAM,cAAc,GAAG,IAAA,uBAAa,EAAC,iBAAiB,CAAC,CAAC;IACxD,MAAM,gBAAgB,GAAG,MAAM,IAAA,2BAAc,EAAC,MAAM,EAAE,cAAc,CAAC,CAAC;IAEtE,gBAAgB;IAChB,IAAI,gBAAgB,CAAC,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACvC,eAAM,CAAC,KAAK,CACV,EAAE,MAAM,EAAE,gBAAgB,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,EACxE,mBAAmB,CACpB,CAAC;QAEF,6CAA6C;QAC7C,IAAI,aAAa,EAAE,CAAC;YAClB,IAAI,IAAI,GAAG,6FAA6F,CAAC;YACzG,IAAI,IAAI,eAAe,cAAc,MAAM,CAAC;YAC5C,IAAI,IAAI,cAAc,gBAAgB,CAAC,MAAM;iBAC1C,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC;iBACrB,IAAI,CAAC,IAAI,CAAC;iBACV,OAAO,CAAC,IAAA,aAAK,EAAC,IAAI,CAAC,EAAE,GAAG,CAAC,MAAM,CAAC;YAEnC,MAAM,IAAA,uBAAa,EAAC;gBAClB,MAAM,EAAE,aAAa,CAAC,MAAM;gBAC5B,KAAK,EAAE,6CAA6C;gBACpD,OAAO,EAAE,IAAI;aACd,CAAC,CAAC;QACL,CAAC;QAED,MAAM,IAAA,uBAAe,EAAC,UAAU,EAAE,mBAAmB,EAAE,KAAK,EAAE,OAAO,CAAC,CAAC;QACvE,IAAA,6CAAyB,EAAC,SAAS,EAAE,KAAK,CAAC,CAAC;QAC5C,OAAO,KAAK,CAAC;IACf,CAAC;IAED,gBAAgB;IAChB,MAAM,IAAA,uBAAe,EAAC,UAAU,EAAE,uBAAuB,EAAE,OAAO,EAAE,OAAO,CAAC,CAAC;IAC7E,OAAO,IAAI,CAAC;AACd,CAAC","sourcesContent":["import { isNonEmptyString } from '@sindresorhus/is';\nimport { massageConfig } from '../../../config/massage';\nimport type { RenovateConfig } from '../../../config/types';\nimport { validateConfig } from '../../../config/validation';\nimport { logger } from '../../../logger';\nimport type { Pr } from '../../../modules/platform';\nimport { platform } from '../../../modules/platform';\nimport { ensureComment } from '../../../modules/platform/comment';\nimport { getBranchCommit } from '../../../util/git';\nimport { regEx } from '../../../util/regex';\nimport { setReconfigureBranchCache } from './reconfigure-cache';\nimport { getReconfigureBranchName, setBranchStatus } from './utils';\n\nexport async function validateReconfigureBranch(\n  config: RenovateConfig,\n  reconfigureConfig: RenovateConfig,\n  configFileName: string,\n  reconfigurePr: Pr | null,\n): Promise<boolean> {\n  logger.debug('validateReconfigureBranch()');\n\n  const context = config.statusCheckNames?.configValidation;\n  const branchName = getReconfigureBranchName(config.branchPrefix!);\n  const branchSha = getBranchCommit(branchName)!;\n\n  if (context) {\n    const validationStatus = await platform.getBranchStatusCheck(\n      branchName,\n      context,\n    );\n\n    // if old status check is present skip validation\n    if (isNonEmptyString(validationStatus)) {\n      logger.debug(\n        'Skipping validation check because status check already exists.',\n      );\n      return validationStatus === 'green';\n    }\n  } else {\n    logger.debug(\n      'Status check is null or an empty string, skipping status check addition.',\n    );\n  }\n\n  // perform validation and provide a passing or failing check based on result\n  const massagedConfig = massageConfig(reconfigureConfig);\n  const validationResult = await validateConfig('repo', massagedConfig);\n\n  // failing check\n  if (validationResult.errors.length > 0) {\n    logger.debug(\n      { errors: validationResult.errors.map((err) => err.message).join(', ') },\n      'Validation Errors',\n    );\n\n    // add comment to reconfigure PR if it exists\n    if (reconfigurePr) {\n      let body = `There is an error with this repository's Renovate configuration that needs to be fixed.\\n\\n`;\n      body += `Location: \\`${configFileName}\\`\\n`;\n      body += `Message: \\`${validationResult.errors\n        .map((e) => e.message)\n        .join(', ')\n        .replace(regEx(/`/g), \"'\")}\\`\\n`;\n\n      await ensureComment({\n        number: reconfigurePr.number,\n        topic: 'Action Required: Fix Renovate Configuration',\n        content: body,\n      });\n    }\n\n    await setBranchStatus(branchName, 'Validation Failed', 'red', context);\n    setReconfigureBranchCache(branchSha, false);\n    return false;\n  }\n\n  // passing check\n  await setBranchStatus(branchName, 'Validation Successful', 'green', context);\n  return true;\n}\n"]}

package/dist/workers/repository/update/branch/auto-replace.js

@@ -3,9 +3,8 @@ Object.defineProperty(exports, "__esModule", { value: true });
 exports.confirmIfDepUpdated = confirmIfDepUpdated;
 exports.checkBranchDepsMatchBaseDeps = checkBranchDepsMatchBaseDeps;
 exports.doAutoReplace = doAutoReplace;
-const tslib_1 = require("tslib");
 // TODO #22198
-const is_1 = tslib_1.__importDefault(require("@sindresorhus/is"));
+const is_1 = require("@sindresorhus/is");
 const error_messages_1 = require("../../../../constants/error-messages");
 const logger_1 = require("../../../../logger");
 const manager_1 = require("../../../../modules/manager");
@@ -31,7 +30,7 @@ async function confirmIfDepUpdated(upgrade, newContent) {
             return false;
         }
         // istanbul ignore if
-        if (is_1.default.number(depIndex) && depIndex >= newExtract.deps.length) {
+        if ((0, is_1.isNumber)(depIndex) && depIndex >= newExtract.deps.length) {
             logger_1.logger.debug(`Extracted ${packageFile} after autoreplace has fewer deps than expected.`);
             return false;
         }
@@ -139,9 +138,9 @@ async function doAutoReplace(upgrade, existingContent, reuseExistingBranch, firs
     if (reuseExistingBranch) {
         return await checkExistingBranch(upgrade, existingContent);
     }
-    const replaceWithoutReplaceString = is_1.default.string(newName) &&
+    const replaceWithoutReplaceString = (0, is_1.isString)(newName) &&
         newName !== depName &&
-        (is_1.default.undefined(upgrade.replaceString) ||
+        ((0, is_1.isUndefined)(upgrade.replaceString) ||
             !upgrade.replaceString?.includes(depName));
     const replaceString = upgrade.replaceString ?? currentValue ?? currentDigest;
     logger_1.logger.trace({ depName, replaceString }, 'autoReplace replaceString');

package/dist/workers/repository/update/branch/auto-replace.js.map

@@ -1 +1 @@
-{"version":3,"file":"auto-replace.js","sourceRoot":"","sources":["../../../../../lib/workers/repository/update/branch/auto-replace.ts"],"names":[],"mappings":";;AAYA,kDA+GC;AA4BD,oEAqBC;AA0BD,sCAuQC;;AA7cD,cAAc;AACd,kEAAkC;AAClC,yEAAiF;AACjF,+CAA4C;AAC5C,yDAAiE;AAEjE,4CAAqD;AACrD,kDAA6D;AAC7D,oDAA6D;AAC7D,wDAAoD;AAG7C,KAAK,UAAU,mBAAmB,CACvC,OAA4B,EAC5B,UAAkB;IAElB,MAAM,EAAE,OAAO,EAAE,WAAW,EAAE,QAAQ,EAAE,GAAG,OAAO,CAAC;IACnD,IAAI,UAA6B,CAAC;IAClC,IAAI,CAAC;QACH,MAAM,UAAU,GAAG,MAAM,IAAA,4BAAkB,EACzC,OAAO,EACP,UAAU,EACV,WAAY,EACZ,OAAO,CACR,CAAC;QACF,qBAAqB;QACrB,IAAI,CAAC,UAAU,EAAE,CAAC;YAChB,2BAA2B;YAC3B,eAAM,CAAC,KAAK,CACV,qBAAqB,WAAY,aAAa,OAAO,qEAAqE,CAC3H,CAAC;YACF,eAAM,CAAC,KAAK,CACV,EAAE,WAAW,EAAE,OAAO,EAAE,UAAU,EAAE,EACpC,uCAAuC,CACxC,CAAC;YACF,OAAO,KAAK,CAAC;QACf,CAAC;QACD,qBAAqB;QACrB,IAAI,CAAC,UAAU,CAAC,IAAI,EAAE,MAAM,EAAE,CAAC;YAC7B,eAAM,CAAC,KAAK,CACV,aAAa,WAAY,sFAAsF,CAChH,CAAC;YACF,OAAO,KAAK,CAAC;QACf,CAAC;QACD,qBAAqB;QACrB,IAAI,YAAE,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,QAAQ,IAAI,UAAU,CAAC,IAAI,CAAC,MAAM,EAAE,CAAC;YAC9D,eAAM,CAAC,KAAK,CACV,aAAa,WAAY,kDAAkD,CAC5E,CAAC;YACF,OAAO,KAAK,CAAC;QACf,CAAC;QACD,UAAU,GAAG,UAAU,CAAC,IAAI,CAAC,QAAS,CAAC,CAAC;IAC1C,CAAC;IAAC,OAAO,GAAG,EAAE,0BAA0B,CAAC,CAAC;QACxC,eAAM,CAAC,KAAK,CAAC,EAAE,OAAO,EAAE,WAAW,EAAE,GAAG,EAAE,EAAE,4BAA4B,CAAC,CAAC;IAC5E,CAAC;IAED,IAAI,CAAC,UAAW,EAAE,CAAC;QACjB,eAAM,CAAC,KAAK,CAAC,oBAAoB,WAAY,EAAE,CAAC,CAAC;QACjD,OAAO,KAAK,CAAC;IACf,CAAC;IAED,IACE,OAAO,CAAC,OAAO,KAAK,UAAU,CAAC,OAAO;QACtC,OAAO,CAAC,OAAO,KAAK,UAAU,CAAC,OAAO,EACtC,CAAC;QACD,eAAM,CAAC,KAAK,CACV;YACE,OAAO;YACP,WAAW;YACX,cAAc,EAAE,OAAO,CAAC,OAAO;YAC/B,UAAU,EAAE,UAAU,CAAC,OAAO;SAC/B,EACD,kBAAkB,CACnB,CAAC;QACF,OAAO,KAAK,CAAC;IACf,CAAC;IAED,IAAI,OAAO,CAAC,OAAO,IAAI,OAAO,CAAC,OAAO,KAAK,UAAU,CAAC,OAAO,EAAE,CAAC;QAC9D,eAAM,CAAC,KAAK,CACV;YACE,OAAO;YACP,WAAW;YACX,cAAc,EAAE,OAAO,CAAC,OAAO;YAC/B,UAAU,EAAE,UAAU,CAAC,OAAO;SAC/B,EACD,wBAAwB,CACzB,CAAC;QACF,OAAO,KAAK,CAAC;IACf,CAAC;IAED,IAAI,OAAO,CAAC,QAAQ,IAAI,OAAO,CAAC,QAAQ,KAAK,UAAU,CAAC,YAAY,EAAE,CAAC;QACrE,eAAM,CAAC,KAAK,CACV;YACE,OAAO,EAAE,OAAO,CAAC,OAAO;YACxB,OAAO;YACP,WAAW;YACX,aAAa,EAAE,OAAO,CAAC,QAAQ;YAC/B,UAAU,EAAE,UAAU,CAAC,YAAY;SACpC,EACD,sBAAsB,CACvB,CAAC;QACF,OAAO,KAAK,CAAC;IACf,CAAC;IAED,IACE,OAAO,CAAC,SAAS;QACjB,CAAC,OAAO,CAAC,WAAW,KAAK,IAAI,IAAI,OAAO,CAAC,aAAa,CAAC;QACvD,OAAO,CAAC,SAAS,KAAK,UAAU,CAAC,aAAa,EAC9C,CAAC;QACD,eAAM,CAAC,KAAK,CACV;YACE,OAAO,EAAE,OAAO,CAAC,OAAO;YACxB,OAAO;YACP,WAAW;YACX,aAAa,EAAE,OAAO,CAAC,SAAS;YAChC,UAAU,EAAE,UAAU,CAAC,aAAa;SACrC,EACD,uBAAuB,CACxB,CAAC;QACF,OAAO,KAAK,CAAC;IACf,CAAC;IAED,OAAO,IAAI,CAAC;AACd,CAAC;AAED,SAAS,gBAAgB,CAAC,IAAyB;IACjD,uBAAuB;IACvB,OAAO,IAAI;SACR,GAAG,CACF,CAAC,GAAG,EAAE,EAAE,CACN,GAAG,CAAC,GAAG,CAAC,OAAO,IAAI,GAAG,CAAC,WAAW,CAAE,GAAG,CAAC,GAAG,CAAC,WAAW;QACrD,GAAG,CAAC,OAAO,CAAE,EAAE,CACpB;SACA,IAAI,CAAC,GAAG,CAAC,CAAC;AACf,CAAC;AAED,SAAS,YAAY,CACnB,eAAuB,EACvB,OAAe,EACf,YAAoB,EACpB,QAAQ,GAAG,CAAC;IAEZ,MAAM,QAAQ,GAAG,eAAe,CAAC,OAAO,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC;IAC5D,MAAM,QAAQ,GAAG,eAAe,CAAC,OAAO,CAAC,YAAY,EAAE,QAAQ,CAAC,CAAC;IACjE,MAAM,KAAK,GAAG,QAAQ,GAAG,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC;IACxD,IAAI,KAAK,GAAG,CAAC,EAAE,CAAC;QACd,OAAO,QAAQ,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,eAAe,CAAC,MAAM,CAAC;IACtD,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC;AAEM,KAAK,UAAU,4BAA4B,CAChD,OAA4B,EAC5B,aAAqB;IAErB,MAAM,EAAE,QAAQ,EAAE,OAAO,EAAE,WAAW,EAAE,GAAG,OAAO,CAAC;IACnD,IAAI,CAAC;QACH,MAAM,GAAG,GAAG,MAAM,IAAA,4BAAkB,EAClC,OAAO,EACP,aAAa,EACb,WAAY,EACZ,OAAO,CACP,CAAC;QACH,MAAM,UAAU,GAAG,GAAI,CAAC,IAAI,CAAC;QAC7B,OAAO,gBAAgB,CAAC,QAAS,CAAC,KAAK,gBAAgB,CAAC,UAAU,CAAC,CAAC;IACtE,CAAC;IAAC,MAAM,0BAA0B,CAAC,CAAC;QAClC,eAAM,CAAC,IAAI,CACT,EAAE,OAAO,EAAE,WAAW,EAAE,EACxB,0CAA0C,CAC3C,CAAC;QACF,OAAO,KAAK,CAAC;IACf,CAAC;AACH,CAAC;AAED,KAAK,UAAU,mBAAmB,CAChC,OAA4B,EAC5B,eAAuB;IAEvB,MAAM,EAAE,WAAW,EAAE,OAAO,EAAE,GAAG,OAAO,CAAC;IACzC,IAAI,CAAC,CAAC,MAAM,4BAA4B,CAAC,OAAO,EAAE,eAAe,CAAC,CAAC,EAAE,CAAC;QACpE,eAAM,CAAC,KAAK,CACV,EAAE,WAAW,EAAE,OAAO,EAAE,EACxB,6CAA6C,CAC9C,CAAC;QACF,OAAO,IAAI,CAAC;IACd,CAAC;IACD,IAAI,CAAC,CAAC,MAAM,mBAAmB,CAAC,OAAO,EAAE,eAAe,CAAC,CAAC,EAAE,CAAC;QAC3D,eAAM,CAAC,KAAK,CACV,EAAE,WAAW,EAAE,OAAO,EAAE,EACxB,0CAA0C,CAC3C,CAAC;QACF,OAAO,IAAI,CAAC;IACd,CAAC;IACD,2BAA2B;IAC3B,eAAM,CAAC,KAAK,CAAC,cAAc,OAAQ,OAAO,WAAY,qBAAqB,CAAC,CAAC;IAC7E,OAAO,eAAe,CAAC;AACzB,CAAC;AAEM,KAAK,UAAU,aAAa,CACjC,OAA4B,EAC5B,eAAuB,EACvB,mBAA4B,EAC5B,WAAW,GAAG,IAAI;IAElB,MAAM,EACJ,WAAW,EACX,OAAO,EACP,eAAe,EACf,OAAO,EACP,YAAY,EACZ,oBAAoB,EACpB,QAAQ,EACR,aAAa,EACb,kBAAkB,EAClB,SAAS,EACT,sBAAsB,EACtB,yBAAyB,GAC1B,GAAG,OAAO,CAAC;IACZ;;;;MAIE;IACF,IAAI,mBAAmB,EAAE,CAAC;QACxB,OAAO,MAAM,mBAAmB,CAAC,OAAO,EAAE,eAAe,CAAC,CAAC;IAC7D,CAAC;IACD,MAAM,2BAA2B,GAC/B,YAAE,CAAC,MAAM,CAAC,OAAO,CAAC;QAClB,OAAO,KAAK,OAAO;QACnB,CAAC,YAAE,CAAC,SAAS,CAAC,OAAO,CAAC,aAAa,CAAC;YAClC,CAAC,OAAO,CAAC,aAAa,EAAE,QAAQ,CAAC,OAAQ,CAAC,CAAC,CAAC;IAChD,MAAM,aAAa,GAAG,OAAO,CAAC,aAAa,IAAI,YAAY,IAAI,aAAa,CAAC;IAC7E,eAAM,CAAC,KAAK,CAAC,EAAE,OAAO,EAAE,aAAa,EAAE,EAAE,2BAA2B,CAAC,CAAC;IACtE,IAAI,WAAmB,CAAC;IACxB,IAAI,2BAA2B,EAAE,CAAC;QAChC,WAAW,GAAG,YAAY,CAAC,eAAe,EAAE,OAAQ,EAAE,YAAa,CAAC,CAAC;IACvE,CAAC;SAAM,CAAC;QACN,WAAW,GAAG,eAAe,CAAC,OAAO,CAAC,aAAc,CAAC,CAAC;IACxD,CAAC;IACD,IAAI,WAAW,KAAK,CAAC,CAAC,EAAE,CAAC;QACvB,eAAM,CAAC,IAAI,CACT,EAAE,WAAW,EAAE,OAAO,EAAE,eAAe,EAAE,aAAa,EAAE,EACxD,4EAA4E,CAC7E,CAAC;QACF,OAAO,eAAe,CAAC;IACzB,CAAC;IACD,IAAI,CAAC;QACH,IAAI,SAAiB,CAAC;QACtB,IAAI,yBAAyB,IAAI,CAAC,OAAO,EAAE,CAAC;YAC1C,SAAS,GAAG,IAAA,kBAAO,EAAC,yBAAyB,EAAE,OAAO,EAAE,KAAK,CAAC,CAAC;QACjE,CAAC;aAAM,CAAC;YACN,SAAS,GAAG,aAAc,CAAC;YAE3B,MAAM,qBAAqB,GAAG,sBAAsB,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;YAChE,IAAI,YAAY,IAAI,QAAQ,IAAI,YAAY,KAAK,QAAQ,EAAE,CAAC;gBAC1D,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,YAAY,CAAC,EAAE,CAAC;oBACtC,eAAM,CAAC,KAAK,CACV,EAAE,eAAe,EAAE,SAAS,EAAE,YAAY,EAAE,oBAAoB,EAAE,EAClE,6CAA6C,CAC9C,CAAC;gBACJ,CAAC;gBACD,SAAS,GAAG,SAAS,CAAC,OAAO,CAC3B,IAAA,aAAK,EAAC,IAAA,oBAAY,EAAC,YAAY,CAAC,EAAE,qBAAqB,CAAC,EACxD,QAAQ,CACT,CAAC;YACJ,CAAC;YACD,IAAI,OAAO,IAAI,OAAO,IAAI,OAAO,KAAK,OAAO,EAAE,CAAC;gBAC9C,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,OAAO,CAAC,EAAE,CAAC;oBACjC,eAAM,CAAC,KAAK,CACV,EAAE,eAAe,EAAE,SAAS,EAAE,OAAO,EAAE,eAAe,EAAE,EACxD,wCAAwC,CACzC,CAAC;gBACJ,CAAC;gBACD,SAAS,GAAG,SAAS,CAAC,OAAO,CAC3B,IAAA,aAAK,EAAC,IAAA,oBAAY,EAAC,OAAO,CAAC,EAAE,qBAAqB,CAAC,EACnD,OAAO,CACR,CAAC;YACJ,CAAC;YACD,IAAI,aAAa,IAAI,SAAS,IAAI,aAAa,KAAK,SAAS,EAAE,CAAC;gBAC9D,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,aAAa,CAAC,EAAE,CAAC;oBACvC,eAAM,CAAC,KAAK,CACV,EAAE,eAAe,EAAE,SAAS,EAAE,aAAa,EAAE,EAC7C,8CAA8C,CAC/C,CAAC;gBACJ,CAAC;gBACD,SAAS,GAAG,SAAS,CAAC,OAAO,CAC3B,IAAA,aAAK,EAAC,IAAA,oBAAY,EAAC,aAAa,CAAC,EAAE,qBAAqB,CAAC,EACzD,SAAS,CACV,CAAC;YACJ,CAAC;iBAAM,IACL,kBAAkB;gBAClB,SAAS;gBACT,kBAAkB,KAAK,SAAS,EAChC,CAAC;gBACD,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,kBAAkB,CAAC,EAAE,CAAC;oBAC5C,eAAM,CAAC,KAAK,CACV,EAAE,eAAe,EAAE,SAAS,EAAE,kBAAkB,EAAE,EAClD,mDAAmD,CACpD,CAAC;gBACJ,CAAC;gBACD,SAAS,GAAG,SAAS,CAAC,OAAO,CAC3B,IAAA,aAAK,EAAC,IAAA,oBAAY,EAAC,kBAAkB,CAAC,EAAE,qBAAqB,CAAC,EAC9D,SAAS,CACV,CAAC;YACJ,CAAC;QACH,CAAC;QACD,IAAI,CAAC,WAAW,IAAI,CAAC,MAAM,mBAAmB,CAAC,OAAO,EAAE,eAAe,CAAC,CAAC,EAAE,CAAC;YAC1E,eAAM,CAAC,KAAK,CACV,EAAE,WAAW,EAAE,OAAO,EAAE,EACxB,iDAAiD,CAClD,CAAC;YACF,OAAO,eAAe,CAAC;QACzB,CAAC;QACD,eAAM,CAAC,KAAK,CACV,EAAE,WAAW,EAAE,OAAO,EAAE,EACxB,4BAA4B,WAAW,EAAE,CAC1C,CAAC;QACF,IAAI,UAAU,GAAG,eAAe,CAAC;QACjC,IAAI,YAAY,GAAG,CAAC,OAAO,CAAC;QAC5B,IAAI,aAAa,GAAG,CAAC,QAAQ,CAAC;QAC9B,IAAI,cAAc,GAAG,CAAC,SAAS,CAAC;QAChC,IAAI,UAAU,GAAG,WAAW,CAAC;QAC7B,uCAAuC;QACvC,OAAO,WAAW,GAAG,UAAU,CAAC,MAAM,EAAE,WAAW,IAAI,CAAC,EAAE,CAAC;YACzD,mDAAmD;YACnD,IAAI,2BAA2B,EAAE,CAAC;gBAChC,oCAAoC;gBACpC,IAAI,OAAO,IAAI,IAAA,gBAAO,EAAC,UAAU,EAAE,WAAW,EAAE,OAAQ,CAAC,EAAE,CAAC;oBAC1D,eAAM,CAAC,KAAK,CACV,EAAE,WAAW,EAAE,OAAO,EAAE,EACxB,0BAA0B,WAAW,EAAE,CACxC,CAAC;oBACF,IAAI,YAAY,EAAE,CAAC;wBACjB,UAAU,GAAG,YAAY,CACvB,eAAe,EACf,OAAQ,EACR,YAAa,EACb,UAAU,GAAG,CAAC,CACf,CAAC;wBACF,WAAW,GAAG,UAAU,GAAG,CAAC,CAAC;wBAC7B,MAAM,IAAA,mBAAc,EAAC,OAAO,CAAC,WAAY,EAAE,eAAe,CAAC,CAAC;wBAC5D,UAAU,GAAG,eAAe,CAAC;wBAC7B,YAAY,GAAG,CAAC,OAAO,CAAC;wBACxB,aAAa,GAAG,CAAC,QAAQ,CAAC;wBAC1B,cAAc,GAAG,CAAC,SAAS,CAAC;wBAC5B,SAAS;oBACX,CAAC;oBACD,uBAAuB;oBACvB,UAAU,GAAG,IAAA,kBAAS,EAAC,UAAU,EAAE,WAAW,EAAE,OAAQ,EAAE,OAAO,CAAC,CAAC;oBACnE,MAAM,IAAA,mBAAc,EAAC,OAAO,CAAC,WAAY,EAAE,UAAU,CAAC,CAAC;oBACvD,YAAY,GAAG,IAAI,CAAC;oBACpB,WAAW,IAAI,OAAO,CAAC,MAAM,GAAG,CAAC,CAAC;gBACpC,CAAC;qBAAM,IACL,QAAQ;oBACR,IAAA,gBAAO,EAAC,UAAU,EAAE,WAAW,EAAE,YAAa,CAAC,EAC/C,CAAC;oBACD,eAAM,CAAC,KAAK,CACV,EAAE,WAAW,EAAE,YAAY,EAAE,EAC7B,+BAA+B,WAAW,EAAE,CAC7C,CAAC;oBACF,IAAI,aAAa,EAAE,CAAC;wBAClB,UAAU,GAAG,YAAY,CACvB,eAAe,EACf,OAAQ,EACR,YAAa,EACb,UAAU,GAAG,CAAC,CACf,CAAC;wBACF,WAAW,GAAG,UAAU,GAAG,CAAC,CAAC;wBAC7B,MAAM,IAAA,mBAAc,EAAC,OAAO,CAAC,WAAY,EAAE,eAAe,CAAC,CAAC;wBAC5D,UAAU,GAAG,eAAe,CAAC;wBAC7B,YAAY,GAAG,CAAC,OAAO,CAAC;wBACxB,aAAa,GAAG,CAAC,QAAQ,CAAC;wBAC1B,cAAc,GAAG,CAAC,SAAS,CAAC;wBAC5B,SAAS;oBACX,CAAC;oBACD,iCAAiC;oBACjC,UAAU,GAAG,IAAA,kBAAS,EACpB,UAAU,EACV,WAAW,EACX,YAAa,EACb,QAAQ,CACT,CAAC;oBACF,MAAM,IAAA,mBAAc,EAAC,OAAO,CAAC,WAAY,EAAE,UAAU,CAAC,CAAC;oBACvD,aAAa,GAAG,IAAI,CAAC;oBACrB,WAAW,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,CAAC;gBACrC,CAAC;qBAAM,IACL,SAAS;oBACT,IAAA,gBAAO,EAAC,UAAU,EAAE,WAAW,EAAE,aAAc,CAAC,EAChD,CAAC;oBACD,eAAM,CAAC,KAAK,CACV,EAAE,WAAW,EAAE,aAAa,EAAE,EAC9B,gCAAgC,WAAW,EAAE,CAC9C,CAAC;oBACF,IAAI,cAAc,EAAE,CAAC;wBACnB,UAAU,GAAG,YAAY,CACvB,eAAe,EACf,OAAQ,EACR,YAAa,EACb,UAAU,GAAG,CAAC,CACf,CAAC;wBACF,WAAW,GAAG,UAAU,GAAG,CAAC,CAAC;wBAC7B,MAAM,IAAA,mBAAc,EAAC,OAAO,CAAC,WAAY,EAAE,eAAe,CAAC,CAAC;wBAC5D,UAAU,GAAG,eAAe,CAAC;wBAC7B,YAAY,GAAG,CAAC,OAAO,CAAC;wBACxB,aAAa,GAAG,CAAC,QAAQ,CAAC;wBAC1B,cAAc,GAAG,CAAC,SAAS,CAAC;wBAC5B,SAAS;oBACX,CAAC;oBACD,iCAAiC;oBACjC,UAAU,GAAG,IAAA,kBAAS,EACpB,UAAU,EACV,WAAW,EACX,aAAc,EACd,SAAS,CACV,CAAC;oBACF,MAAM,IAAA,mBAAc,EAAC,OAAO,CAAC,WAAY,EAAE,UAAU,CAAC,CAAC;oBACvD,cAAc,GAAG,IAAI,CAAC;oBACtB,WAAW,IAAI,SAAS,CAAC,MAAM,GAAG,CAAC,CAAC;gBACtC,CAAC;gBACD,IAAI,YAAY,IAAI,aAAa,IAAI,cAAc,EAAE,CAAC;oBACpD,IAAI,MAAM,mBAAmB,CAAC,OAAO,EAAE,UAAU,CAAC,EAAE,CAAC;wBACnD,OAAO,UAAU,CAAC;oBACpB,CAAC;oBACD,UAAU,GAAG,YAAY,CACvB,eAAe,EACf,OAAQ,EACR,YAAa,EACb,UAAU,GAAG,CAAC,CACf,CAAC;oBACF,WAAW,GAAG,UAAU,GAAG,CAAC,CAAC;oBAC7B,MAAM,IAAA,mBAAc,EAAC,OAAO,CAAC,WAAY,EAAE,eAAe,CAAC,CAAC;oBAC5D,UAAU,GAAG,eAAe,CAAC;oBAC7B,YAAY,GAAG,CAAC,OAAO,CAAC;oBACxB,aAAa,GAAG,CAAC,QAAQ,CAAC;oBAC1B,cAAc,GAAG,CAAC,SAAS,CAAC;gBAC9B,CAAC;YACH,CAAC;iBAAM,IAAI,IAAA,gBAAO,EAAC,UAAU,EAAE,WAAW,EAAE,aAAc,CAAC,EAAE,CAAC;gBAC5D,eAAM,CAAC,KAAK,CACV,EAAE,WAAW,EAAE,OAAO,EAAE,EACxB,wBAAwB,WAAW,EAAE,CACtC,CAAC;gBACF,iCAAiC;gBACjC,UAAU,GAAG,IAAA,kBAAS,EACpB,UAAU,EACV,WAAW,EACX,aAAc,EACd,SAAS,CACV,CAAC;gBACF,MAAM,IAAA,mBAAc,EAAC,OAAO,CAAC,WAAY,EAAE,UAAU,CAAC,CAAC;gBACvD,IAAI,MAAM,mBAAmB,CAAC,OAAO,EAAE,UAAU,CAAC,EAAE,CAAC;oBACnD,OAAO,UAAU,CAAC;gBACpB,CAAC;gBACD,MAAM,IAAA,mBAAc,EAAC,OAAO,CAAC,WAAY,EAAE,eAAe,CAAC,CAAC;gBAC5D,UAAU,GAAG,eAAe,CAAC;YAC/B,CAAC;QACH,CAAC;IACH,CAAC;IAAC,OAAO,GAAG,EAAE,0BAA0B,CAAC,CAAC;QACxC,eAAM,CAAC,KAAK,CAAC,EAAE,WAAW,EAAE,OAAO,EAAE,GAAG,EAAE,EAAE,qBAAqB,CAAC,CAAC;IACrE,CAAC;IACD,uBAAuB;IACvB,MAAM,IAAI,KAAK,CAAC,0CAAyB,CAAC,CAAC;AAC7C,CAAC","sourcesContent":["// TODO #22198\nimport is from '@sindresorhus/is';\nimport { WORKER_FILE_UPDATE_FAILED } from '../../../../constants/error-messages';\nimport { logger } from '../../../../logger';\nimport { extractPackageFile } from '../../../../modules/manager';\nimport type { PackageDependency } from '../../../../modules/manager/types';\nimport { writeLocalFile } from '../../../../util/fs';\nimport { escapeRegExp, regEx } from '../../../../util/regex';\nimport { matchAt, replaceAt } from '../../../../util/string';\nimport { compile } from '../../../../util/template';\nimport type { BranchUpgradeConfig } from '../../../types';\n\nexport async function confirmIfDepUpdated(\n  upgrade: BranchUpgradeConfig,\n  newContent: string,\n): Promise<boolean> {\n  const { manager, packageFile, depIndex } = upgrade;\n  let newUpgrade: PackageDependency;\n  try {\n    const newExtract = await extractPackageFile(\n      manager,\n      newContent,\n      packageFile!,\n      upgrade,\n    );\n    // istanbul ignore if\n    if (!newExtract) {\n      // TODO: fix types (#22198)\n      logger.debug(\n        `Could not extract ${packageFile!} (manager=${manager}) after autoreplace. Did the autoreplace make the file unparseable?`,\n      );\n      logger.trace(\n        { packageFile, content: newContent },\n        'packageFile content after autoreplace',\n      );\n      return false;\n    }\n    // istanbul ignore if\n    if (!newExtract.deps?.length) {\n      logger.debug(\n        `Extracted ${packageFile!} after autoreplace has no deps array. Did the autoreplace make the file unparseable?`,\n      );\n      return false;\n    }\n    // istanbul ignore if\n    if (is.number(depIndex) && depIndex >= newExtract.deps.length) {\n      logger.debug(\n        `Extracted ${packageFile!} after autoreplace has fewer deps than expected.`,\n      );\n      return false;\n    }\n    newUpgrade = newExtract.deps[depIndex!];\n  } catch (err) /* istanbul ignore next */ {\n    logger.debug({ manager, packageFile, err }, 'Failed to parse newContent');\n  }\n\n  if (!newUpgrade!) {\n    logger.debug(`No newUpgrade in ${packageFile!}`);\n    return false;\n  }\n\n  if (\n    upgrade.depName !== newUpgrade.depName &&\n    upgrade.newName !== newUpgrade.depName\n  ) {\n    logger.debug(\n      {\n        manager,\n        packageFile,\n        currentDepName: upgrade.depName,\n        newDepName: newUpgrade.depName,\n      },\n      'depName mismatch',\n    );\n    return false;\n  }\n\n  if (upgrade.newName && upgrade.newName !== newUpgrade.depName) {\n    logger.debug(\n      {\n        manager,\n        packageFile,\n        currentDepName: upgrade.depName,\n        newDepName: newUpgrade.depName,\n      },\n      'depName is not updated',\n    );\n    return false;\n  }\n\n  if (upgrade.newValue && upgrade.newValue !== newUpgrade.currentValue) {\n    logger.debug(\n      {\n        depName: upgrade.depName,\n        manager,\n        packageFile,\n        expectedValue: upgrade.newValue,\n        foundValue: newUpgrade.currentValue,\n      },\n      'Value is not updated',\n    );\n    return false;\n  }\n\n  if (\n    upgrade.newDigest &&\n    (upgrade.isPinDigest === true || upgrade.currentDigest) &&\n    upgrade.newDigest !== newUpgrade.currentDigest\n  ) {\n    logger.debug(\n      {\n        depName: upgrade.depName,\n        manager,\n        packageFile,\n        expectedValue: upgrade.newDigest,\n        foundValue: newUpgrade.currentDigest,\n      },\n      'Digest is not updated',\n    );\n    return false;\n  }\n\n  return true;\n}\n\nfunction getDepsSignature(deps: PackageDependency[]): string {\n  // TODO: types (#22198)\n  return deps\n    .map(\n      (dep) =>\n        `${(dep.depName ?? dep.packageName)!}${(dep.packageName ??\n          dep.depName)!}`,\n    )\n    .join(',');\n}\n\nfunction firstIndexOf(\n  existingContent: string,\n  depName: string,\n  currentValue: string,\n  position = 0,\n): number {\n  const depIndex = existingContent.indexOf(depName, position);\n  const valIndex = existingContent.indexOf(currentValue, position);\n  const index = depIndex < valIndex ? depIndex : valIndex;\n  if (index < 0) {\n    return position === 0 ? -1 : existingContent.length;\n  }\n  return index;\n}\n\nexport async function checkBranchDepsMatchBaseDeps(\n  upgrade: BranchUpgradeConfig,\n  branchContent: string,\n): Promise<boolean> {\n  const { baseDeps, manager, packageFile } = upgrade;\n  try {\n    const res = await extractPackageFile(\n      manager,\n      branchContent,\n      packageFile!,\n      upgrade,\n    )!;\n    const branchDeps = res!.deps;\n    return getDepsSignature(baseDeps!) === getDepsSignature(branchDeps);\n  } catch /* istanbul ignore next */ {\n    logger.info(\n      { manager, packageFile },\n      'Failed to parse branchContent - rebasing',\n    );\n    return false;\n  }\n}\n\nasync function checkExistingBranch(\n  upgrade: BranchUpgradeConfig,\n  existingContent: string,\n): Promise<string | null> {\n  const { packageFile, depName } = upgrade;\n  if (!(await checkBranchDepsMatchBaseDeps(upgrade, existingContent))) {\n    logger.debug(\n      { packageFile, depName },\n      'Rebasing branch after deps list has changed',\n    );\n    return null;\n  }\n  if (!(await confirmIfDepUpdated(upgrade, existingContent))) {\n    logger.debug(\n      { packageFile, depName },\n      'Rebasing after outdated branch dep found',\n    );\n    return null;\n  }\n  // TODO: fix types (#22198)\n  logger.debug(`Branch dep ${depName!} in ${packageFile!} is already updated`);\n  return existingContent;\n}\n\nexport async function doAutoReplace(\n  upgrade: BranchUpgradeConfig,\n  existingContent: string,\n  reuseExistingBranch: boolean,\n  firstUpdate = true,\n): Promise<string | null> {\n  const {\n    packageFile,\n    depName,\n    depNameTemplate,\n    newName,\n    currentValue,\n    currentValueTemplate,\n    newValue,\n    currentDigest,\n    currentDigestShort,\n    newDigest,\n    autoReplaceGlobalMatch,\n    autoReplaceStringTemplate,\n  } = upgrade;\n  /*\n    If replacement support for more managers is added,\n    please also update the list in docs/usage/configuration-options.md\n    at replacementName and replacementVersion\n  */\n  if (reuseExistingBranch) {\n    return await checkExistingBranch(upgrade, existingContent);\n  }\n  const replaceWithoutReplaceString =\n    is.string(newName) &&\n    newName !== depName &&\n    (is.undefined(upgrade.replaceString) ||\n      !upgrade.replaceString?.includes(depName!));\n  const replaceString = upgrade.replaceString ?? currentValue ?? currentDigest;\n  logger.trace({ depName, replaceString }, 'autoReplace replaceString');\n  let searchIndex: number;\n  if (replaceWithoutReplaceString) {\n    searchIndex = firstIndexOf(existingContent, depName!, currentValue!);\n  } else {\n    searchIndex = existingContent.indexOf(replaceString!);\n  }\n  if (searchIndex === -1) {\n    logger.info(\n      { packageFile, depName, existingContent, replaceString },\n      'Cannot find replaceString in current file content. Was it already updated?',\n    );\n    return existingContent;\n  }\n  try {\n    let newString: string;\n    if (autoReplaceStringTemplate && !newName) {\n      newString = compile(autoReplaceStringTemplate, upgrade, false);\n    } else {\n      newString = replaceString!;\n\n      const autoReplaceRegExpFlag = autoReplaceGlobalMatch ? 'g' : '';\n      if (currentValue && newValue && currentValue !== newValue) {\n        if (!newString.includes(currentValue)) {\n          logger.debug(\n            { stringToReplace: newString, currentValue, currentValueTemplate },\n            'currentValue not found in string to replace',\n          );\n        }\n        newString = newString.replace(\n          regEx(escapeRegExp(currentValue), autoReplaceRegExpFlag),\n          newValue,\n        );\n      }\n      if (depName && newName && depName !== newName) {\n        if (!newString.includes(depName)) {\n          logger.debug(\n            { stringToReplace: newString, depName, depNameTemplate },\n            'depName not found in string to replace',\n          );\n        }\n        newString = newString.replace(\n          regEx(escapeRegExp(depName), autoReplaceRegExpFlag),\n          newName,\n        );\n      }\n      if (currentDigest && newDigest && currentDigest !== newDigest) {\n        if (!newString.includes(currentDigest)) {\n          logger.debug(\n            { stringToReplace: newString, currentDigest },\n            'currentDigest not found in string to replace',\n          );\n        }\n        newString = newString.replace(\n          regEx(escapeRegExp(currentDigest), autoReplaceRegExpFlag),\n          newDigest,\n        );\n      } else if (\n        currentDigestShort &&\n        newDigest &&\n        currentDigestShort !== newDigest\n      ) {\n        if (!newString.includes(currentDigestShort)) {\n          logger.debug(\n            { stringToReplace: newString, currentDigestShort },\n            'currentDigestShort not found in string to replace',\n          );\n        }\n        newString = newString.replace(\n          regEx(escapeRegExp(currentDigestShort), autoReplaceRegExpFlag),\n          newDigest,\n        );\n      }\n    }\n    if (!firstUpdate && (await confirmIfDepUpdated(upgrade, existingContent))) {\n      logger.debug(\n        { packageFile, depName },\n        'Package file is already updated - no work to do',\n      );\n      return existingContent;\n    }\n    logger.debug(\n      { packageFile, depName },\n      `Starting search at index ${searchIndex}`,\n    );\n    let newContent = existingContent;\n    let nameReplaced = !newName;\n    let valueReplaced = !newValue;\n    let digestReplaced = !newDigest;\n    let startIndex = searchIndex;\n    // Iterate through the rest of the file\n    for (; searchIndex < newContent.length; searchIndex += 1) {\n      // First check if we have a hit for the old version\n      if (replaceWithoutReplaceString) {\n        // look for depName and currentValue\n        if (newName && matchAt(newContent, searchIndex, depName!)) {\n          logger.debug(\n            { packageFile, depName },\n            `Found depName at index ${searchIndex}`,\n          );\n          if (nameReplaced) {\n            startIndex = firstIndexOf(\n              existingContent,\n              depName!,\n              currentValue!,\n              startIndex + 1,\n            );\n            searchIndex = startIndex - 1;\n            await writeLocalFile(upgrade.packageFile!, existingContent);\n            newContent = existingContent;\n            nameReplaced = !newName;\n            valueReplaced = !newValue;\n            digestReplaced = !newDigest;\n            continue;\n          }\n          // replace with newName\n          newContent = replaceAt(newContent, searchIndex, depName!, newName);\n          await writeLocalFile(upgrade.packageFile!, newContent);\n          nameReplaced = true;\n          searchIndex += newName.length - 1;\n        } else if (\n          newValue &&\n          matchAt(newContent, searchIndex, currentValue!)\n        ) {\n          logger.debug(\n            { packageFile, currentValue },\n            `Found currentValue at index ${searchIndex}`,\n          );\n          if (valueReplaced) {\n            startIndex = firstIndexOf(\n              existingContent,\n              depName!,\n              currentValue!,\n              startIndex + 1,\n            );\n            searchIndex = startIndex - 1;\n            await writeLocalFile(upgrade.packageFile!, existingContent);\n            newContent = existingContent;\n            nameReplaced = !newName;\n            valueReplaced = !newValue;\n            digestReplaced = !newDigest;\n            continue;\n          }\n          // Now test if the result matches\n          newContent = replaceAt(\n            newContent,\n            searchIndex,\n            currentValue!,\n            newValue,\n          );\n          await writeLocalFile(upgrade.packageFile!, newContent);\n          valueReplaced = true;\n          searchIndex += newValue.length - 1;\n        } else if (\n          newDigest &&\n          matchAt(newContent, searchIndex, currentDigest!)\n        ) {\n          logger.debug(\n            { packageFile, currentDigest },\n            `Found currentDigest at index ${searchIndex}`,\n          );\n          if (digestReplaced) {\n            startIndex = firstIndexOf(\n              existingContent,\n              depName!,\n              currentValue!,\n              startIndex + 1,\n            );\n            searchIndex = startIndex - 1;\n            await writeLocalFile(upgrade.packageFile!, existingContent);\n            newContent = existingContent;\n            nameReplaced = !newName;\n            valueReplaced = !newValue;\n            digestReplaced = !newDigest;\n            continue;\n          }\n          // Now test if the result matches\n          newContent = replaceAt(\n            newContent,\n            searchIndex,\n            currentDigest!,\n            newDigest,\n          );\n          await writeLocalFile(upgrade.packageFile!, newContent);\n          digestReplaced = true;\n          searchIndex += newDigest.length - 1;\n        }\n        if (nameReplaced && valueReplaced && digestReplaced) {\n          if (await confirmIfDepUpdated(upgrade, newContent)) {\n            return newContent;\n          }\n          startIndex = firstIndexOf(\n            existingContent,\n            depName!,\n            currentValue!,\n            startIndex + 1,\n          );\n          searchIndex = startIndex - 1;\n          await writeLocalFile(upgrade.packageFile!, existingContent);\n          newContent = existingContent;\n          nameReplaced = !newName;\n          valueReplaced = !newValue;\n          digestReplaced = !newDigest;\n        }\n      } else if (matchAt(newContent, searchIndex, replaceString!)) {\n        logger.debug(\n          { packageFile, depName },\n          `Found match at index ${searchIndex}`,\n        );\n        // Now test if the result matches\n        newContent = replaceAt(\n          newContent,\n          searchIndex,\n          replaceString!,\n          newString,\n        );\n        await writeLocalFile(upgrade.packageFile!, newContent);\n        if (await confirmIfDepUpdated(upgrade, newContent)) {\n          return newContent;\n        }\n        await writeLocalFile(upgrade.packageFile!, existingContent);\n        newContent = existingContent;\n      }\n    }\n  } catch (err) /* istanbul ignore next */ {\n    logger.debug({ packageFile, depName, err }, 'doAutoReplace error');\n  }\n  // istanbul ignore next\n  throw new Error(WORKER_FILE_UPDATE_FAILED);\n}\n"]}
+{"version":3,"file":"auto-replace.js","sourceRoot":"","sources":["../../../../../lib/workers/repository/update/branch/auto-replace.ts"],"names":[],"mappings":";;AAYA,kDA+GC;AA4BD,oEAqBC;AA0BD,sCAuQC;AA7cD,cAAc;AACd,yCAAmE;AACnE,yEAAiF;AACjF,+CAA4C;AAC5C,yDAAiE;AAEjE,4CAAqD;AACrD,kDAA6D;AAC7D,oDAA6D;AAC7D,wDAAoD;AAG7C,KAAK,UAAU,mBAAmB,CACvC,OAA4B,EAC5B,UAAkB;IAElB,MAAM,EAAE,OAAO,EAAE,WAAW,EAAE,QAAQ,EAAE,GAAG,OAAO,CAAC;IACnD,IAAI,UAA6B,CAAC;IAClC,IAAI,CAAC;QACH,MAAM,UAAU,GAAG,MAAM,IAAA,4BAAkB,EACzC,OAAO,EACP,UAAU,EACV,WAAY,EACZ,OAAO,CACR,CAAC;QACF,qBAAqB;QACrB,IAAI,CAAC,UAAU,EAAE,CAAC;YAChB,2BAA2B;YAC3B,eAAM,CAAC,KAAK,CACV,qBAAqB,WAAY,aAAa,OAAO,qEAAqE,CAC3H,CAAC;YACF,eAAM,CAAC,KAAK,CACV,EAAE,WAAW,EAAE,OAAO,EAAE,UAAU,EAAE,EACpC,uCAAuC,CACxC,CAAC;YACF,OAAO,KAAK,CAAC;QACf,CAAC;QACD,qBAAqB;QACrB,IAAI,CAAC,UAAU,CAAC,IAAI,EAAE,MAAM,EAAE,CAAC;YAC7B,eAAM,CAAC,KAAK,CACV,aAAa,WAAY,sFAAsF,CAChH,CAAC;YACF,OAAO,KAAK,CAAC;QACf,CAAC;QACD,qBAAqB;QACrB,IAAI,IAAA,aAAQ,EAAC,QAAQ,CAAC,IAAI,QAAQ,IAAI,UAAU,CAAC,IAAI,CAAC,MAAM,EAAE,CAAC;YAC7D,eAAM,CAAC,KAAK,CACV,aAAa,WAAY,kDAAkD,CAC5E,CAAC;YACF,OAAO,KAAK,CAAC;QACf,CAAC;QACD,UAAU,GAAG,UAAU,CAAC,IAAI,CAAC,QAAS,CAAC,CAAC;IAC1C,CAAC;IAAC,OAAO,GAAG,EAAE,0BAA0B,CAAC,CAAC;QACxC,eAAM,CAAC,KAAK,CAAC,EAAE,OAAO,EAAE,WAAW,EAAE,GAAG,EAAE,EAAE,4BAA4B,CAAC,CAAC;IAC5E,CAAC;IAED,IAAI,CAAC,UAAW,EAAE,CAAC;QACjB,eAAM,CAAC,KAAK,CAAC,oBAAoB,WAAY,EAAE,CAAC,CAAC;QACjD,OAAO,KAAK,CAAC;IACf,CAAC;IAED,IACE,OAAO,CAAC,OAAO,KAAK,UAAU,CAAC,OAAO;QACtC,OAAO,CAAC,OAAO,KAAK,UAAU,CAAC,OAAO,EACtC,CAAC;QACD,eAAM,CAAC,KAAK,CACV;YACE,OAAO;YACP,WAAW;YACX,cAAc,EAAE,OAAO,CAAC,OAAO;YAC/B,UAAU,EAAE,UAAU,CAAC,OAAO;SAC/B,EACD,kBAAkB,CACnB,CAAC;QACF,OAAO,KAAK,CAAC;IACf,CAAC;IAED,IAAI,OAAO,CAAC,OAAO,IAAI,OAAO,CAAC,OAAO,KAAK,UAAU,CAAC,OAAO,EAAE,CAAC;QAC9D,eAAM,CAAC,KAAK,CACV;YACE,OAAO;YACP,WAAW;YACX,cAAc,EAAE,OAAO,CAAC,OAAO;YAC/B,UAAU,EAAE,UAAU,CAAC,OAAO;SAC/B,EACD,wBAAwB,CACzB,CAAC;QACF,OAAO,KAAK,CAAC;IACf,CAAC;IAED,IAAI,OAAO,CAAC,QAAQ,IAAI,OAAO,CAAC,QAAQ,KAAK,UAAU,CAAC,YAAY,EAAE,CAAC;QACrE,eAAM,CAAC,KAAK,CACV;YACE,OAAO,EAAE,OAAO,CAAC,OAAO;YACxB,OAAO;YACP,WAAW;YACX,aAAa,EAAE,OAAO,CAAC,QAAQ;YAC/B,UAAU,EAAE,UAAU,CAAC,YAAY;SACpC,EACD,sBAAsB,CACvB,CAAC;QACF,OAAO,KAAK,CAAC;IACf,CAAC;IAED,IACE,OAAO,CAAC,SAAS;QACjB,CAAC,OAAO,CAAC,WAAW,KAAK,IAAI,IAAI,OAAO,CAAC,aAAa,CAAC;QACvD,OAAO,CAAC,SAAS,KAAK,UAAU,CAAC,aAAa,EAC9C,CAAC;QACD,eAAM,CAAC,KAAK,CACV;YACE,OAAO,EAAE,OAAO,CAAC,OAAO;YACxB,OAAO;YACP,WAAW;YACX,aAAa,EAAE,OAAO,CAAC,SAAS;YAChC,UAAU,EAAE,UAAU,CAAC,aAAa;SACrC,EACD,uBAAuB,CACxB,CAAC;QACF,OAAO,KAAK,CAAC;IACf,CAAC;IAED,OAAO,IAAI,CAAC;AACd,CAAC;AAED,SAAS,gBAAgB,CAAC,IAAyB;IACjD,uBAAuB;IACvB,OAAO,IAAI;SACR,GAAG,CACF,CAAC,GAAG,EAAE,EAAE,CACN,GAAG,CAAC,GAAG,CAAC,OAAO,IAAI,GAAG,CAAC,WAAW,CAAE,GAAG,CAAC,GAAG,CAAC,WAAW;QACrD,GAAG,CAAC,OAAO,CAAE,EAAE,CACpB;SACA,IAAI,CAAC,GAAG,CAAC,CAAC;AACf,CAAC;AAED,SAAS,YAAY,CACnB,eAAuB,EACvB,OAAe,EACf,YAAoB,EACpB,QAAQ,GAAG,CAAC;IAEZ,MAAM,QAAQ,GAAG,eAAe,CAAC,OAAO,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC;IAC5D,MAAM,QAAQ,GAAG,eAAe,CAAC,OAAO,CAAC,YAAY,EAAE,QAAQ,CAAC,CAAC;IACjE,MAAM,KAAK,GAAG,QAAQ,GAAG,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC;IACxD,IAAI,KAAK,GAAG,CAAC,EAAE,CAAC;QACd,OAAO,QAAQ,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,eAAe,CAAC,MAAM,CAAC;IACtD,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC;AAEM,KAAK,UAAU,4BAA4B,CAChD,OAA4B,EAC5B,aAAqB;IAErB,MAAM,EAAE,QAAQ,EAAE,OAAO,EAAE,WAAW,EAAE,GAAG,OAAO,CAAC;IACnD,IAAI,CAAC;QACH,MAAM,GAAG,GAAG,MAAM,IAAA,4BAAkB,EAClC,OAAO,EACP,aAAa,EACb,WAAY,EACZ,OAAO,CACP,CAAC;QACH,MAAM,UAAU,GAAG,GAAI,CAAC,IAAI,CAAC;QAC7B,OAAO,gBAAgB,CAAC,QAAS,CAAC,KAAK,gBAAgB,CAAC,UAAU,CAAC,CAAC;IACtE,CAAC;IAAC,MAAM,0BAA0B,CAAC,CAAC;QAClC,eAAM,CAAC,IAAI,CACT,EAAE,OAAO,EAAE,WAAW,EAAE,EACxB,0CAA0C,CAC3C,CAAC;QACF,OAAO,KAAK,CAAC;IACf,CAAC;AACH,CAAC;AAED,KAAK,UAAU,mBAAmB,CAChC,OAA4B,EAC5B,eAAuB;IAEvB,MAAM,EAAE,WAAW,EAAE,OAAO,EAAE,GAAG,OAAO,CAAC;IACzC,IAAI,CAAC,CAAC,MAAM,4BAA4B,CAAC,OAAO,EAAE,eAAe,CAAC,CAAC,EAAE,CAAC;QACpE,eAAM,CAAC,KAAK,CACV,EAAE,WAAW,EAAE,OAAO,EAAE,EACxB,6CAA6C,CAC9C,CAAC;QACF,OAAO,IAAI,CAAC;IACd,CAAC;IACD,IAAI,CAAC,CAAC,MAAM,mBAAmB,CAAC,OAAO,EAAE,eAAe,CAAC,CAAC,EAAE,CAAC;QAC3D,eAAM,CAAC,KAAK,CACV,EAAE,WAAW,EAAE,OAAO,EAAE,EACxB,0CAA0C,CAC3C,CAAC;QACF,OAAO,IAAI,CAAC;IACd,CAAC;IACD,2BAA2B;IAC3B,eAAM,CAAC,KAAK,CAAC,cAAc,OAAQ,OAAO,WAAY,qBAAqB,CAAC,CAAC;IAC7E,OAAO,eAAe,CAAC;AACzB,CAAC;AAEM,KAAK,UAAU,aAAa,CACjC,OAA4B,EAC5B,eAAuB,EACvB,mBAA4B,EAC5B,WAAW,GAAG,IAAI;IAElB,MAAM,EACJ,WAAW,EACX,OAAO,EACP,eAAe,EACf,OAAO,EACP,YAAY,EACZ,oBAAoB,EACpB,QAAQ,EACR,aAAa,EACb,kBAAkB,EAClB,SAAS,EACT,sBAAsB,EACtB,yBAAyB,GAC1B,GAAG,OAAO,CAAC;IACZ;;;;MAIE;IACF,IAAI,mBAAmB,EAAE,CAAC;QACxB,OAAO,MAAM,mBAAmB,CAAC,OAAO,EAAE,eAAe,CAAC,CAAC;IAC7D,CAAC;IACD,MAAM,2BAA2B,GAC/B,IAAA,aAAQ,EAAC,OAAO,CAAC;QACjB,OAAO,KAAK,OAAO;QACnB,CAAC,IAAA,gBAAW,EAAC,OAAO,CAAC,aAAa,CAAC;YACjC,CAAC,OAAO,CAAC,aAAa,EAAE,QAAQ,CAAC,OAAQ,CAAC,CAAC,CAAC;IAChD,MAAM,aAAa,GAAG,OAAO,CAAC,aAAa,IAAI,YAAY,IAAI,aAAa,CAAC;IAC7E,eAAM,CAAC,KAAK,CAAC,EAAE,OAAO,EAAE,aAAa,EAAE,EAAE,2BAA2B,CAAC,CAAC;IACtE,IAAI,WAAmB,CAAC;IACxB,IAAI,2BAA2B,EAAE,CAAC;QAChC,WAAW,GAAG,YAAY,CAAC,eAAe,EAAE,OAAQ,EAAE,YAAa,CAAC,CAAC;IACvE,CAAC;SAAM,CAAC;QACN,WAAW,GAAG,eAAe,CAAC,OAAO,CAAC,aAAc,CAAC,CAAC;IACxD,CAAC;IACD,IAAI,WAAW,KAAK,CAAC,CAAC,EAAE,CAAC;QACvB,eAAM,CAAC,IAAI,CACT,EAAE,WAAW,EAAE,OAAO,EAAE,eAAe,EAAE,aAAa,EAAE,EACxD,4EAA4E,CAC7E,CAAC;QACF,OAAO,eAAe,CAAC;IACzB,CAAC;IACD,IAAI,CAAC;QACH,IAAI,SAAiB,CAAC;QACtB,IAAI,yBAAyB,IAAI,CAAC,OAAO,EAAE,CAAC;YAC1C,SAAS,GAAG,IAAA,kBAAO,EAAC,yBAAyB,EAAE,OAAO,EAAE,KAAK,CAAC,CAAC;QACjE,CAAC;aAAM,CAAC;YACN,SAAS,GAAG,aAAc,CAAC;YAE3B,MAAM,qBAAqB,GAAG,sBAAsB,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;YAChE,IAAI,YAAY,IAAI,QAAQ,IAAI,YAAY,KAAK,QAAQ,EAAE,CAAC;gBAC1D,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,YAAY,CAAC,EAAE,CAAC;oBACtC,eAAM,CAAC,KAAK,CACV,EAAE,eAAe,EAAE,SAAS,EAAE,YAAY,EAAE,oBAAoB,EAAE,EAClE,6CAA6C,CAC9C,CAAC;gBACJ,CAAC;gBACD,SAAS,GAAG,SAAS,CAAC,OAAO,CAC3B,IAAA,aAAK,EAAC,IAAA,oBAAY,EAAC,YAAY,CAAC,EAAE,qBAAqB,CAAC,EACxD,QAAQ,CACT,CAAC;YACJ,CAAC;YACD,IAAI,OAAO,IAAI,OAAO,IAAI,OAAO,KAAK,OAAO,EAAE,CAAC;gBAC9C,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,OAAO,CAAC,EAAE,CAAC;oBACjC,eAAM,CAAC,KAAK,CACV,EAAE,eAAe,EAAE,SAAS,EAAE,OAAO,EAAE,eAAe,EAAE,EACxD,wCAAwC,CACzC,CAAC;gBACJ,CAAC;gBACD,SAAS,GAAG,SAAS,CAAC,OAAO,CAC3B,IAAA,aAAK,EAAC,IAAA,oBAAY,EAAC,OAAO,CAAC,EAAE,qBAAqB,CAAC,EACnD,OAAO,CACR,CAAC;YACJ,CAAC;YACD,IAAI,aAAa,IAAI,SAAS,IAAI,aAAa,KAAK,SAAS,EAAE,CAAC;gBAC9D,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,aAAa,CAAC,EAAE,CAAC;oBACvC,eAAM,CAAC,KAAK,CACV,EAAE,eAAe,EAAE,SAAS,EAAE,aAAa,EAAE,EAC7C,8CAA8C,CAC/C,CAAC;gBACJ,CAAC;gBACD,SAAS,GAAG,SAAS,CAAC,OAAO,CAC3B,IAAA,aAAK,EAAC,IAAA,oBAAY,EAAC,aAAa,CAAC,EAAE,qBAAqB,CAAC,EACzD,SAAS,CACV,CAAC;YACJ,CAAC;iBAAM,IACL,kBAAkB;gBAClB,SAAS;gBACT,kBAAkB,KAAK,SAAS,EAChC,CAAC;gBACD,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,kBAAkB,CAAC,EAAE,CAAC;oBAC5C,eAAM,CAAC,KAAK,CACV,EAAE,eAAe,EAAE,SAAS,EAAE,kBAAkB,EAAE,EAClD,mDAAmD,CACpD,CAAC;gBACJ,CAAC;gBACD,SAAS,GAAG,SAAS,CAAC,OAAO,CAC3B,IAAA,aAAK,EAAC,IAAA,oBAAY,EAAC,kBAAkB,CAAC,EAAE,qBAAqB,CAAC,EAC9D,SAAS,CACV,CAAC;YACJ,CAAC;QACH,CAAC;QACD,IAAI,CAAC,WAAW,IAAI,CAAC,MAAM,mBAAmB,CAAC,OAAO,EAAE,eAAe,CAAC,CAAC,EAAE,CAAC;YAC1E,eAAM,CAAC,KAAK,CACV,EAAE,WAAW,EAAE,OAAO,EAAE,EACxB,iDAAiD,CAClD,CAAC;YACF,OAAO,eAAe,CAAC;QACzB,CAAC;QACD,eAAM,CAAC,KAAK,CACV,EAAE,WAAW,EAAE,OAAO,EAAE,EACxB,4BAA4B,WAAW,EAAE,CAC1C,CAAC;QACF,IAAI,UAAU,GAAG,eAAe,CAAC;QACjC,IAAI,YAAY,GAAG,CAAC,OAAO,CAAC;QAC5B,IAAI,aAAa,GAAG,CAAC,QAAQ,CAAC;QAC9B,IAAI,cAAc,GAAG,CAAC,SAAS,CAAC;QAChC,IAAI,UAAU,GAAG,WAAW,CAAC;QAC7B,uCAAuC;QACvC,OAAO,WAAW,GAAG,UAAU,CAAC,MAAM,EAAE,WAAW,IAAI,CAAC,EAAE,CAAC;YACzD,mDAAmD;YACnD,IAAI,2BAA2B,EAAE,CAAC;gBAChC,oCAAoC;gBACpC,IAAI,OAAO,IAAI,IAAA,gBAAO,EAAC,UAAU,EAAE,WAAW,EAAE,OAAQ,CAAC,EAAE,CAAC;oBAC1D,eAAM,CAAC,KAAK,CACV,EAAE,WAAW,EAAE,OAAO,EAAE,EACxB,0BAA0B,WAAW,EAAE,CACxC,CAAC;oBACF,IAAI,YAAY,EAAE,CAAC;wBACjB,UAAU,GAAG,YAAY,CACvB,eAAe,EACf,OAAQ,EACR,YAAa,EACb,UAAU,GAAG,CAAC,CACf,CAAC;wBACF,WAAW,GAAG,UAAU,GAAG,CAAC,CAAC;wBAC7B,MAAM,IAAA,mBAAc,EAAC,OAAO,CAAC,WAAY,EAAE,eAAe,CAAC,CAAC;wBAC5D,UAAU,GAAG,eAAe,CAAC;wBAC7B,YAAY,GAAG,CAAC,OAAO,CAAC;wBACxB,aAAa,GAAG,CAAC,QAAQ,CAAC;wBAC1B,cAAc,GAAG,CAAC,SAAS,CAAC;wBAC5B,SAAS;oBACX,CAAC;oBACD,uBAAuB;oBACvB,UAAU,GAAG,IAAA,kBAAS,EAAC,UAAU,EAAE,WAAW,EAAE,OAAQ,EAAE,OAAO,CAAC,CAAC;oBACnE,MAAM,IAAA,mBAAc,EAAC,OAAO,CAAC,WAAY,EAAE,UAAU,CAAC,CAAC;oBACvD,YAAY,GAAG,IAAI,CAAC;oBACpB,WAAW,IAAI,OAAO,CAAC,MAAM,GAAG,CAAC,CAAC;gBACpC,CAAC;qBAAM,IACL,QAAQ;oBACR,IAAA,gBAAO,EAAC,UAAU,EAAE,WAAW,EAAE,YAAa,CAAC,EAC/C,CAAC;oBACD,eAAM,CAAC,KAAK,CACV,EAAE,WAAW,EAAE,YAAY,EAAE,EAC7B,+BAA+B,WAAW,EAAE,CAC7C,CAAC;oBACF,IAAI,aAAa,EAAE,CAAC;wBAClB,UAAU,GAAG,YAAY,CACvB,eAAe,EACf,OAAQ,EACR,YAAa,EACb,UAAU,GAAG,CAAC,CACf,CAAC;wBACF,WAAW,GAAG,UAAU,GAAG,CAAC,CAAC;wBAC7B,MAAM,IAAA,mBAAc,EAAC,OAAO,CAAC,WAAY,EAAE,eAAe,CAAC,CAAC;wBAC5D,UAAU,GAAG,eAAe,CAAC;wBAC7B,YAAY,GAAG,CAAC,OAAO,CAAC;wBACxB,aAAa,GAAG,CAAC,QAAQ,CAAC;wBAC1B,cAAc,GAAG,CAAC,SAAS,CAAC;wBAC5B,SAAS;oBACX,CAAC;oBACD,iCAAiC;oBACjC,UAAU,GAAG,IAAA,kBAAS,EACpB,UAAU,EACV,WAAW,EACX,YAAa,EACb,QAAQ,CACT,CAAC;oBACF,MAAM,IAAA,mBAAc,EAAC,OAAO,CAAC,WAAY,EAAE,UAAU,CAAC,CAAC;oBACvD,aAAa,GAAG,IAAI,CAAC;oBACrB,WAAW,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,CAAC;gBACrC,CAAC;qBAAM,IACL,SAAS;oBACT,IAAA,gBAAO,EAAC,UAAU,EAAE,WAAW,EAAE,aAAc,CAAC,EAChD,CAAC;oBACD,eAAM,CAAC,KAAK,CACV,EAAE,WAAW,EAAE,aAAa,EAAE,EAC9B,gCAAgC,WAAW,EAAE,CAC9C,CAAC;oBACF,IAAI,cAAc,EAAE,CAAC;wBACnB,UAAU,GAAG,YAAY,CACvB,eAAe,EACf,OAAQ,EACR,YAAa,EACb,UAAU,GAAG,CAAC,CACf,CAAC;wBACF,WAAW,GAAG,UAAU,GAAG,CAAC,CAAC;wBAC7B,MAAM,IAAA,mBAAc,EAAC,OAAO,CAAC,WAAY,EAAE,eAAe,CAAC,CAAC;wBAC5D,UAAU,GAAG,eAAe,CAAC;wBAC7B,YAAY,GAAG,CAAC,OAAO,CAAC;wBACxB,aAAa,GAAG,CAAC,QAAQ,CAAC;wBAC1B,cAAc,GAAG,CAAC,SAAS,CAAC;wBAC5B,SAAS;oBACX,CAAC;oBACD,iCAAiC;oBACjC,UAAU,GAAG,IAAA,kBAAS,EACpB,UAAU,EACV,WAAW,EACX,aAAc,EACd,SAAS,CACV,CAAC;oBACF,MAAM,IAAA,mBAAc,EAAC,OAAO,CAAC,WAAY,EAAE,UAAU,CAAC,CAAC;oBACvD,cAAc,GAAG,IAAI,CAAC;oBACtB,WAAW,IAAI,SAAS,CAAC,MAAM,GAAG,CAAC,CAAC;gBACtC,CAAC;gBACD,IAAI,YAAY,IAAI,aAAa,IAAI,cAAc,EAAE,CAAC;oBACpD,IAAI,MAAM,mBAAmB,CAAC,OAAO,EAAE,UAAU,CAAC,EAAE,CAAC;wBACnD,OAAO,UAAU,CAAC;oBACpB,CAAC;oBACD,UAAU,GAAG,YAAY,CACvB,eAAe,EACf,OAAQ,EACR,YAAa,EACb,UAAU,GAAG,CAAC,CACf,CAAC;oBACF,WAAW,GAAG,UAAU,GAAG,CAAC,CAAC;oBAC7B,MAAM,IAAA,mBAAc,EAAC,OAAO,CAAC,WAAY,EAAE,eAAe,CAAC,CAAC;oBAC5D,UAAU,GAAG,eAAe,CAAC;oBAC7B,YAAY,GAAG,CAAC,OAAO,CAAC;oBACxB,aAAa,GAAG,CAAC,QAAQ,CAAC;oBAC1B,cAAc,GAAG,CAAC,SAAS,CAAC;gBAC9B,CAAC;YACH,CAAC;iBAAM,IAAI,IAAA,gBAAO,EAAC,UAAU,EAAE,WAAW,EAAE,aAAc,CAAC,EAAE,CAAC;gBAC5D,eAAM,CAAC,KAAK,CACV,EAAE,WAAW,EAAE,OAAO,EAAE,EACxB,wBAAwB,WAAW,EAAE,CACtC,CAAC;gBACF,iCAAiC;gBACjC,UAAU,GAAG,IAAA,kBAAS,EACpB,UAAU,EACV,WAAW,EACX,aAAc,EACd,SAAS,CACV,CAAC;gBACF,MAAM,IAAA,mBAAc,EAAC,OAAO,CAAC,WAAY,EAAE,UAAU,CAAC,CAAC;gBACvD,IAAI,MAAM,mBAAmB,CAAC,OAAO,EAAE,UAAU,CAAC,EAAE,CAAC;oBACnD,OAAO,UAAU,CAAC;gBACpB,CAAC;gBACD,MAAM,IAAA,mBAAc,EAAC,OAAO,CAAC,WAAY,EAAE,eAAe,CAAC,CAAC;gBAC5D,UAAU,GAAG,eAAe,CAAC;YAC/B,CAAC;QACH,CAAC;IACH,CAAC;IAAC,OAAO,GAAG,EAAE,0BAA0B,CAAC,CAAC;QACxC,eAAM,CAAC,KAAK,CAAC,EAAE,WAAW,EAAE,OAAO,EAAE,GAAG,EAAE,EAAE,qBAAqB,CAAC,CAAC;IACrE,CAAC;IACD,uBAAuB;IACvB,MAAM,IAAI,KAAK,CAAC,0CAAyB,CAAC,CAAC;AAC7C,CAAC","sourcesContent":["// TODO #22198\nimport { isNumber, isString, isUndefined } from '@sindresorhus/is';\nimport { WORKER_FILE_UPDATE_FAILED } from '../../../../constants/error-messages';\nimport { logger } from '../../../../logger';\nimport { extractPackageFile } from '../../../../modules/manager';\nimport type { PackageDependency } from '../../../../modules/manager/types';\nimport { writeLocalFile } from '../../../../util/fs';\nimport { escapeRegExp, regEx } from '../../../../util/regex';\nimport { matchAt, replaceAt } from '../../../../util/string';\nimport { compile } from '../../../../util/template';\nimport type { BranchUpgradeConfig } from '../../../types';\n\nexport async function confirmIfDepUpdated(\n  upgrade: BranchUpgradeConfig,\n  newContent: string,\n): Promise<boolean> {\n  const { manager, packageFile, depIndex } = upgrade;\n  let newUpgrade: PackageDependency;\n  try {\n    const newExtract = await extractPackageFile(\n      manager,\n      newContent,\n      packageFile!,\n      upgrade,\n    );\n    // istanbul ignore if\n    if (!newExtract) {\n      // TODO: fix types (#22198)\n      logger.debug(\n        `Could not extract ${packageFile!} (manager=${manager}) after autoreplace. Did the autoreplace make the file unparseable?`,\n      );\n      logger.trace(\n        { packageFile, content: newContent },\n        'packageFile content after autoreplace',\n      );\n      return false;\n    }\n    // istanbul ignore if\n    if (!newExtract.deps?.length) {\n      logger.debug(\n        `Extracted ${packageFile!} after autoreplace has no deps array. Did the autoreplace make the file unparseable?`,\n      );\n      return false;\n    }\n    // istanbul ignore if\n    if (isNumber(depIndex) && depIndex >= newExtract.deps.length) {\n      logger.debug(\n        `Extracted ${packageFile!} after autoreplace has fewer deps than expected.`,\n      );\n      return false;\n    }\n    newUpgrade = newExtract.deps[depIndex!];\n  } catch (err) /* istanbul ignore next */ {\n    logger.debug({ manager, packageFile, err }, 'Failed to parse newContent');\n  }\n\n  if (!newUpgrade!) {\n    logger.debug(`No newUpgrade in ${packageFile!}`);\n    return false;\n  }\n\n  if (\n    upgrade.depName !== newUpgrade.depName &&\n    upgrade.newName !== newUpgrade.depName\n  ) {\n    logger.debug(\n      {\n        manager,\n        packageFile,\n        currentDepName: upgrade.depName,\n        newDepName: newUpgrade.depName,\n      },\n      'depName mismatch',\n    );\n    return false;\n  }\n\n  if (upgrade.newName && upgrade.newName !== newUpgrade.depName) {\n    logger.debug(\n      {\n        manager,\n        packageFile,\n        currentDepName: upgrade.depName,\n        newDepName: newUpgrade.depName,\n      },\n      'depName is not updated',\n    );\n    return false;\n  }\n\n  if (upgrade.newValue && upgrade.newValue !== newUpgrade.currentValue) {\n    logger.debug(\n      {\n        depName: upgrade.depName,\n        manager,\n        packageFile,\n        expectedValue: upgrade.newValue,\n        foundValue: newUpgrade.currentValue,\n      },\n      'Value is not updated',\n    );\n    return false;\n  }\n\n  if (\n    upgrade.newDigest &&\n    (upgrade.isPinDigest === true || upgrade.currentDigest) &&\n    upgrade.newDigest !== newUpgrade.currentDigest\n  ) {\n    logger.debug(\n      {\n        depName: upgrade.depName,\n        manager,\n        packageFile,\n        expectedValue: upgrade.newDigest,\n        foundValue: newUpgrade.currentDigest,\n      },\n      'Digest is not updated',\n    );\n    return false;\n  }\n\n  return true;\n}\n\nfunction getDepsSignature(deps: PackageDependency[]): string {\n  // TODO: types (#22198)\n  return deps\n    .map(\n      (dep) =>\n        `${(dep.depName ?? dep.packageName)!}${(dep.packageName ??\n          dep.depName)!}`,\n    )\n    .join(',');\n}\n\nfunction firstIndexOf(\n  existingContent: string,\n  depName: string,\n  currentValue: string,\n  position = 0,\n): number {\n  const depIndex = existingContent.indexOf(depName, position);\n  const valIndex = existingContent.indexOf(currentValue, position);\n  const index = depIndex < valIndex ? depIndex : valIndex;\n  if (index < 0) {\n    return position === 0 ? -1 : existingContent.length;\n  }\n  return index;\n}\n\nexport async function checkBranchDepsMatchBaseDeps(\n  upgrade: BranchUpgradeConfig,\n  branchContent: string,\n): Promise<boolean> {\n  const { baseDeps, manager, packageFile } = upgrade;\n  try {\n    const res = await extractPackageFile(\n      manager,\n      branchContent,\n      packageFile!,\n      upgrade,\n    )!;\n    const branchDeps = res!.deps;\n    return getDepsSignature(baseDeps!) === getDepsSignature(branchDeps);\n  } catch /* istanbul ignore next */ {\n    logger.info(\n      { manager, packageFile },\n      'Failed to parse branchContent - rebasing',\n    );\n    return false;\n  }\n}\n\nasync function checkExistingBranch(\n  upgrade: BranchUpgradeConfig,\n  existingContent: string,\n): Promise<string | null> {\n  const { packageFile, depName } = upgrade;\n  if (!(await checkBranchDepsMatchBaseDeps(upgrade, existingContent))) {\n    logger.debug(\n      { packageFile, depName },\n      'Rebasing branch after deps list has changed',\n    );\n    return null;\n  }\n  if (!(await confirmIfDepUpdated(upgrade, existingContent))) {\n    logger.debug(\n      { packageFile, depName },\n      'Rebasing after outdated branch dep found',\n    );\n    return null;\n  }\n  // TODO: fix types (#22198)\n  logger.debug(`Branch dep ${depName!} in ${packageFile!} is already updated`);\n  return existingContent;\n}\n\nexport async function doAutoReplace(\n  upgrade: BranchUpgradeConfig,\n  existingContent: string,\n  reuseExistingBranch: boolean,\n  firstUpdate = true,\n): Promise<string | null> {\n  const {\n    packageFile,\n    depName,\n    depNameTemplate,\n    newName,\n    currentValue,\n    currentValueTemplate,\n    newValue,\n    currentDigest,\n    currentDigestShort,\n    newDigest,\n    autoReplaceGlobalMatch,\n    autoReplaceStringTemplate,\n  } = upgrade;\n  /*\n    If replacement support for more managers is added,\n    please also update the list in docs/usage/configuration-options.md\n    at replacementName and replacementVersion\n  */\n  if (reuseExistingBranch) {\n    return await checkExistingBranch(upgrade, existingContent);\n  }\n  const replaceWithoutReplaceString =\n    isString(newName) &&\n    newName !== depName &&\n    (isUndefined(upgrade.replaceString) ||\n      !upgrade.replaceString?.includes(depName!));\n  const replaceString = upgrade.replaceString ?? currentValue ?? currentDigest;\n  logger.trace({ depName, replaceString }, 'autoReplace replaceString');\n  let searchIndex: number;\n  if (replaceWithoutReplaceString) {\n    searchIndex = firstIndexOf(existingContent, depName!, currentValue!);\n  } else {\n    searchIndex = existingContent.indexOf(replaceString!);\n  }\n  if (searchIndex === -1) {\n    logger.info(\n      { packageFile, depName, existingContent, replaceString },\n      'Cannot find replaceString in current file content. Was it already updated?',\n    );\n    return existingContent;\n  }\n  try {\n    let newString: string;\n    if (autoReplaceStringTemplate && !newName) {\n      newString = compile(autoReplaceStringTemplate, upgrade, false);\n    } else {\n      newString = replaceString!;\n\n      const autoReplaceRegExpFlag = autoReplaceGlobalMatch ? 'g' : '';\n      if (currentValue && newValue && currentValue !== newValue) {\n        if (!newString.includes(currentValue)) {\n          logger.debug(\n            { stringToReplace: newString, currentValue, currentValueTemplate },\n            'currentValue not found in string to replace',\n          );\n        }\n        newString = newString.replace(\n          regEx(escapeRegExp(currentValue), autoReplaceRegExpFlag),\n          newValue,\n        );\n      }\n      if (depName && newName && depName !== newName) {\n        if (!newString.includes(depName)) {\n          logger.debug(\n            { stringToReplace: newString, depName, depNameTemplate },\n            'depName not found in string to replace',\n          );\n        }\n        newString = newString.replace(\n          regEx(escapeRegExp(depName), autoReplaceRegExpFlag),\n          newName,\n        );\n      }\n      if (currentDigest && newDigest && currentDigest !== newDigest) {\n        if (!newString.includes(currentDigest)) {\n          logger.debug(\n            { stringToReplace: newString, currentDigest },\n            'currentDigest not found in string to replace',\n          );\n        }\n        newString = newString.replace(\n          regEx(escapeRegExp(currentDigest), autoReplaceRegExpFlag),\n          newDigest,\n        );\n      } else if (\n        currentDigestShort &&\n        newDigest &&\n        currentDigestShort !== newDigest\n      ) {\n        if (!newString.includes(currentDigestShort)) {\n          logger.debug(\n            { stringToReplace: newString, currentDigestShort },\n            'currentDigestShort not found in string to replace',\n          );\n        }\n        newString = newString.replace(\n          regEx(escapeRegExp(currentDigestShort), autoReplaceRegExpFlag),\n          newDigest,\n        );\n      }\n    }\n    if (!firstUpdate && (await confirmIfDepUpdated(upgrade, existingContent))) {\n      logger.debug(\n        { packageFile, depName },\n        'Package file is already updated - no work to do',\n      );\n      return existingContent;\n    }\n    logger.debug(\n      { packageFile, depName },\n      `Starting search at index ${searchIndex}`,\n    );\n    let newContent = existingContent;\n    let nameReplaced = !newName;\n    let valueReplaced = !newValue;\n    let digestReplaced = !newDigest;\n    let startIndex = searchIndex;\n    // Iterate through the rest of the file\n    for (; searchIndex < newContent.length; searchIndex += 1) {\n      // First check if we have a hit for the old version\n      if (replaceWithoutReplaceString) {\n        // look for depName and currentValue\n        if (newName && matchAt(newContent, searchIndex, depName!)) {\n          logger.debug(\n            { packageFile, depName },\n            `Found depName at index ${searchIndex}`,\n          );\n          if (nameReplaced) {\n            startIndex = firstIndexOf(\n              existingContent,\n              depName!,\n              currentValue!,\n              startIndex + 1,\n            );\n            searchIndex = startIndex - 1;\n            await writeLocalFile(upgrade.packageFile!, existingContent);\n            newContent = existingContent;\n            nameReplaced = !newName;\n            valueReplaced = !newValue;\n            digestReplaced = !newDigest;\n            continue;\n          }\n          // replace with newName\n          newContent = replaceAt(newContent, searchIndex, depName!, newName);\n          await writeLocalFile(upgrade.packageFile!, newContent);\n          nameReplaced = true;\n          searchIndex += newName.length - 1;\n        } else if (\n          newValue &&\n          matchAt(newContent, searchIndex, currentValue!)\n        ) {\n          logger.debug(\n            { packageFile, currentValue },\n            `Found currentValue at index ${searchIndex}`,\n          );\n          if (valueReplaced) {\n            startIndex = firstIndexOf(\n              existingContent,\n              depName!,\n              currentValue!,\n              startIndex + 1,\n            );\n            searchIndex = startIndex - 1;\n            await writeLocalFile(upgrade.packageFile!, existingContent);\n            newContent = existingContent;\n            nameReplaced = !newName;\n            valueReplaced = !newValue;\n            digestReplaced = !newDigest;\n            continue;\n          }\n          // Now test if the result matches\n          newContent = replaceAt(\n            newContent,\n            searchIndex,\n            currentValue!,\n            newValue,\n          );\n          await writeLocalFile(upgrade.packageFile!, newContent);\n          valueReplaced = true;\n          searchIndex += newValue.length - 1;\n        } else if (\n          newDigest &&\n          matchAt(newContent, searchIndex, currentDigest!)\n        ) {\n          logger.debug(\n            { packageFile, currentDigest },\n            `Found currentDigest at index ${searchIndex}`,\n          );\n          if (digestReplaced) {\n            startIndex = firstIndexOf(\n              existingContent,\n              depName!,\n              currentValue!,\n              startIndex + 1,\n            );\n            searchIndex = startIndex - 1;\n            await writeLocalFile(upgrade.packageFile!, existingContent);\n            newContent = existingContent;\n            nameReplaced = !newName;\n            valueReplaced = !newValue;\n            digestReplaced = !newDigest;\n            continue;\n          }\n          // Now test if the result matches\n          newContent = replaceAt(\n            newContent,\n            searchIndex,\n            currentDigest!,\n            newDigest,\n          );\n          await writeLocalFile(upgrade.packageFile!, newContent);\n          digestReplaced = true;\n          searchIndex += newDigest.length - 1;\n        }\n        if (nameReplaced && valueReplaced && digestReplaced) {\n          if (await confirmIfDepUpdated(upgrade, newContent)) {\n            return newContent;\n          }\n          startIndex = firstIndexOf(\n            existingContent,\n            depName!,\n            currentValue!,\n            startIndex + 1,\n          );\n          searchIndex = startIndex - 1;\n          await writeLocalFile(upgrade.packageFile!, existingContent);\n          newContent = existingContent;\n          nameReplaced = !newName;\n          valueReplaced = !newValue;\n          digestReplaced = !newDigest;\n        }\n      } else if (matchAt(newContent, searchIndex, replaceString!)) {\n        logger.debug(\n          { packageFile, depName },\n          `Found match at index ${searchIndex}`,\n        );\n        // Now test if the result matches\n        newContent = replaceAt(\n          newContent,\n          searchIndex,\n          replaceString!,\n          newString,\n        );\n        await writeLocalFile(upgrade.packageFile!, newContent);\n        if (await confirmIfDepUpdated(upgrade, newContent)) {\n          return newContent;\n        }\n        await writeLocalFile(upgrade.packageFile!, existingContent);\n        newContent = existingContent;\n      }\n    }\n  } catch (err) /* istanbul ignore next */ {\n    logger.debug({ packageFile, depName, err }, 'doAutoReplace error');\n  }\n  // istanbul ignore next\n  throw new Error(WORKER_FILE_UPDATE_FAILED);\n}\n"]}

package/dist/workers/repository/update/branch/commit.js

@@ -1,9 +1,8 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.commitFilesToBranch = commitFilesToBranch;
-const tslib_1 = require("tslib");
 // TODO #22198
-const is_1 = tslib_1.__importDefault(require("@sindresorhus/is"));
+const is_1 = require("@sindresorhus/is");
 const global_1 = require("../../../../config/global");
 const error_messages_1 = require("../../../../constants/error-messages");
 const logger_1 = require("../../../../logger");
@@ -13,7 +12,7 @@ const sanitize_1 = require("../../../../util/sanitize");
 function commitFilesToBranch(config) {
     let updatedFiles = config.updatedPackageFiles.concat(config.updatedArtifacts);
     // istanbul ignore if
-    if (is_1.default.nonEmptyArray(config.excludeCommitPaths)) {
+    if ((0, is_1.isNonEmptyArray)(config.excludeCommitPaths)) {
         updatedFiles = updatedFiles.filter(({ path: filePath }) => {
             const matchesExcludePaths = config.excludeCommitPaths.some((excludedPath) => (0, minimatch_1.minimatch)(excludedPath, { dot: true }).match(filePath));
             if (matchesExcludePaths) {
@@ -23,7 +22,7 @@ function commitFilesToBranch(config) {
             return true;
         });
     }
-    if (!is_1.default.nonEmptyArray(updatedFiles)) {
+    if (!(0, is_1.isNonEmptyArray)(updatedFiles)) {
         logger_1.logger.debug(`No files to commit`);
         return Promise.resolve(null);
     }