ruckup 0.1.0

package/dist/registry.d.ts

@@ -0,0 +1,26 @@
+/**
+ * npm registry HTTP client with caching, concurrency, and retry support.
+ */
+import type { NpmPackageMetadata, RuckupOptions } from './types.js';
+export declare class RegistryClient {
+    private options;
+    private limiter;
+    private memoryCache;
+    private diskCache;
+    private diskCacheLoaded;
+    constructor(options: RuckupOptions);
+    /** Fetch full metadata for a package from the registry */
+    fetchPackageMetadata(packageName: string): Promise<NpmPackageMetadata>;
+    /** Fetch metadata for multiple packages concurrently */
+    fetchMany(packageNames: string[]): Promise<Map<string, NpmPackageMetadata>>;
+    /** Clear the disk cache */
+    clearCache(): Promise<void>;
+    private fetchWithRetry;
+    private buildUrl;
+    private buildHeaders;
+    private resolveCachePath;
+    private loadDiskCache;
+    private getDiskCacheEntry;
+    private setDiskCacheEntry;
+}
+//# sourceMappingURL=registry.d.ts.map

package/dist/registry.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"registry.d.ts","sourceRoot":"","sources":["../src/registry.ts"],"names":[],"mappings":"AAAA;;GAEG;AAMH,OAAO,KAAK,EAAE,kBAAkB,EAAE,aAAa,EAAE,MAAM,YAAY,CAAC;AAWpE,qBAAa,cAAc;IACzB,OAAO,CAAC,OAAO,CAAgB;IAC/B,OAAO,CAAC,OAAO,CAA4B;IAC3C,OAAO,CAAC,WAAW,CAAyC;IAC5D,OAAO,CAAC,SAAS,CAA2B;IAC5C,OAAO,CAAC,eAAe,CAAS;gBAEpB,OAAO,EAAE,aAAa;IAKlC,0DAA0D;IACpD,oBAAoB,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC,kBAAkB,CAAC;IA0B5E,wDAAwD;IAClD,SAAS,CAAC,YAAY,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,GAAG,CAAC,MAAM,EAAE,kBAAkB,CAAC,CAAC;IAiBjF,2BAA2B;IACrB,UAAU,IAAI,OAAO,CAAC,IAAI,CAAC;YAWnB,cAAc;IAoC5B,OAAO,CAAC,QAAQ;IAShB,OAAO,CAAC,YAAY;IAYpB,OAAO,CAAC,gBAAgB;YAKV,aAAa;YAcb,iBAAiB;YAcjB,iBAAiB;CAehC"}

package/dist/registry.js

@@ -0,0 +1,164 @@
+/**
+ * npm registry HTTP client with caching, concurrency, and retry support.
+ */
+import { homedir } from 'node:os';
+import { readFile, writeFile, mkdir } from 'node:fs/promises';
+import { dirname, resolve } from 'node:path';
+import pLimit from 'p-limit';
+export class RegistryClient {
+    options;
+    limiter;
+    memoryCache = new Map();
+    diskCache = null;
+    diskCacheLoaded = false;
+    constructor(options) {
+        this.options = options;
+        this.limiter = pLimit(options.concurrency);
+    }
+    /** Fetch full metadata for a package from the registry */
+    async fetchPackageMetadata(packageName) {
+        // Check memory cache
+        const cached = this.memoryCache.get(packageName);
+        if (cached)
+            return cached;
+        // Check disk cache
+        if (this.options.cache) {
+            const diskCached = await this.getDiskCacheEntry(packageName);
+            if (diskCached) {
+                this.memoryCache.set(packageName, diskCached);
+                return diskCached;
+            }
+        }
+        // Fetch from registry with concurrency limiting
+        const data = await this.limiter(() => this.fetchWithRetry(packageName));
+        this.memoryCache.set(packageName, data);
+        // Store to disk cache
+        if (this.options.cache) {
+            await this.setDiskCacheEntry(packageName, data);
+        }
+        return data;
+    }
+    /** Fetch metadata for multiple packages concurrently */
+    async fetchMany(packageNames) {
+        const results = new Map();
+        const promises = packageNames.map(async (name) => {
+            try {
+                const data = await this.fetchPackageMetadata(name);
+                results.set(name, data);
+            }
+            catch (err) {
+                // Store null-ish so caller can detect failures
+                if (this.options.loglevel !== 'silent') {
+                    console.error(`Failed to fetch ${name}: ${err.message}`);
+                }
+            }
+        });
+        await Promise.all(promises);
+        return results;
+    }
+    /** Clear the disk cache */
+    async clearCache() {
+        const cachePath = this.resolveCachePath();
+        try {
+            await writeFile(cachePath, '{}', 'utf-8');
+        }
+        catch {
+            // Ignore if cache file doesn't exist
+        }
+        this.diskCache = {};
+        this.memoryCache.clear();
+    }
+    async fetchWithRetry(packageName) {
+        const url = this.buildUrl(packageName);
+        let lastError = null;
+        for (let attempt = 0; attempt <= this.options.retry; attempt++) {
+            try {
+                const controller = new AbortController();
+                const timeoutId = setTimeout(() => controller.abort(), this.options.timeout);
+                const response = await fetch(url, {
+                    signal: controller.signal,
+                    headers: this.buildHeaders(),
+                });
+                clearTimeout(timeoutId);
+                if (!response.ok) {
+                    if (response.status === 404) {
+                        throw new Error(`Package not found: ${packageName}`);
+                    }
+                    throw new Error(`Registry returned ${response.status} for ${packageName}`);
+                }
+                const data = (await response.json());
+                return data;
+            }
+            catch (err) {
+                lastError = err;
+                if (attempt < this.options.retry) {
+                    // Exponential backoff: 100ms, 200ms, 400ms...
+                    await new Promise((r) => setTimeout(r, 100 * Math.pow(2, attempt)));
+                }
+            }
+        }
+        throw lastError ?? new Error(`Failed to fetch ${packageName}`);
+    }
+    buildUrl(packageName) {
+        const registry = this.options.registry.replace(/\/$/, '');
+        // Scoped packages need encoding: @scope/name -> @scope%2fname
+        const encoded = packageName.startsWith('@')
+            ? `@${encodeURIComponent(packageName.slice(1))}`
+            : encodeURIComponent(packageName);
+        return `${registry}/${encoded}`;
+    }
+    buildHeaders() {
+        const headers = {
+            Accept: 'application/json',
+        };
+        // Support auth token from npm config
+        const token = process.env.NPM_TOKEN;
+        if (token) {
+            headers['Authorization'] = `Bearer ${token}`;
+        }
+        return headers;
+    }
+    resolveCachePath() {
+        const cachePath = this.options.cacheFile.replace(/^~/, homedir());
+        return resolve(cachePath);
+    }
+    async loadDiskCache() {
+        if (this.diskCacheLoaded && this.diskCache)
+            return this.diskCache;
+        const cachePath = this.resolveCachePath();
+        try {
+            const raw = await readFile(cachePath, 'utf-8');
+            this.diskCache = JSON.parse(raw);
+        }
+        catch {
+            this.diskCache = {};
+        }
+        this.diskCacheLoaded = true;
+        return this.diskCache;
+    }
+    async getDiskCacheEntry(packageName) {
+        const cache = await this.loadDiskCache();
+        const entry = cache[packageName];
+        if (!entry)
+            return null;
+        const expirationMs = this.options.cacheExpiration * 60 * 1000;
+        if (Date.now() - entry.timestamp > expirationMs) {
+            delete cache[packageName];
+            return null;
+        }
+        return entry.data;
+    }
+    async setDiskCacheEntry(packageName, data) {
+        const cache = await this.loadDiskCache();
+        cache[packageName] = { data, timestamp: Date.now() };
+        const cachePath = this.resolveCachePath();
+        try {
+            await mkdir(dirname(cachePath), { recursive: true });
+            await writeFile(cachePath, JSON.stringify(cache), 'utf-8');
+        }
+        catch {
+            // Non-fatal: cache write failure shouldn't break the tool
+        }
+    }
+}
+//# sourceMappingURL=registry.js.map

package/dist/registry.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"registry.js","sourceRoot":"","sources":["../src/registry.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,OAAO,EAAE,MAAM,SAAS,CAAC;AAClC,OAAO,EAAE,QAAQ,EAAE,SAAS,EAAE,KAAK,EAAE,MAAM,kBAAkB,CAAC;AAC9D,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAC7C,OAAO,MAAM,MAAM,SAAS,CAAC;AAY7B,MAAM,OAAO,cAAc;IACjB,OAAO,CAAgB;IACvB,OAAO,CAA4B;IACnC,WAAW,GAAG,IAAI,GAAG,EAA8B,CAAC;IACpD,SAAS,GAAsB,IAAI,CAAC;IACpC,eAAe,GAAG,KAAK,CAAC;IAEhC,YAAY,OAAsB;QAChC,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC;QACvB,IAAI,CAAC,OAAO,GAAG,MAAM,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC;IAC7C,CAAC;IAED,0DAA0D;IAC1D,KAAK,CAAC,oBAAoB,CAAC,WAAmB;QAC5C,qBAAqB;QACrB,MAAM,MAAM,GAAG,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC;QACjD,IAAI,MAAM;YAAE,OAAO,MAAM,CAAC;QAE1B,mBAAmB;QACnB,IAAI,IAAI,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;YACvB,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,iBAAiB,CAAC,WAAW,CAAC,CAAC;YAC7D,IAAI,UAAU,EAAE,CAAC;gBACf,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,WAAW,EAAE,UAAU,CAAC,CAAC;gBAC9C,OAAO,UAAU,CAAC;YACpB,CAAC;QACH,CAAC;QAED,gDAAgD;QAChD,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC,cAAc,CAAC,WAAW,CAAC,CAAC,CAAC;QACxE,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,WAAW,EAAE,IAAI,CAAC,CAAC;QAExC,sBAAsB;QACtB,IAAI,IAAI,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;YACvB,MAAM,IAAI,CAAC,iBAAiB,CAAC,WAAW,EAAE,IAAI,CAAC,CAAC;QAClD,CAAC;QAED,OAAO,IAAI,CAAC;IACd,CAAC;IAED,wDAAwD;IACxD,KAAK,CAAC,SAAS,CAAC,YAAsB;QACpC,MAAM,OAAO,GAAG,IAAI,GAAG,EAA8B,CAAC;QACtD,MAAM,QAAQ,GAAG,YAAY,CAAC,GAAG,CAAC,KAAK,EAAE,IAAI,EAAE,EAAE;YAC/C,IAAI,CAAC;gBACH,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,oBAAoB,CAAC,IAAI,CAAC,CAAC;gBACnD,OAAO,CAAC,GAAG,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;YAC1B,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,+CAA+C;gBAC/C,IAAI,IAAI,CAAC,OAAO,CAAC,QAAQ,KAAK,QAAQ,EAAE,CAAC;oBACvC,OAAO,CAAC,KAAK,CAAC,mBAAmB,IAAI,KAAM,GAAa,CAAC,OAAO,EAAE,CAAC,CAAC;gBACtE,CAAC;YACH,CAAC;QACH,CAAC,CAAC,CAAC;QACH,MAAM,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;QAC5B,OAAO,OAAO,CAAC;IACjB,CAAC;IAED,2BAA2B;IAC3B,KAAK,CAAC,UAAU;QACd,MAAM,SAAS,GAAG,IAAI,CAAC,gBAAgB,EAAE,CAAC;QAC1C,IAAI,CAAC;YACH,MAAM,SAAS,CAAC,SAAS,EAAE,IAAI,EAAE,OAAO,CAAC,CAAC;QAC5C,CAAC;QAAC,MAAM,CAAC;YACP,qCAAqC;QACvC,CAAC;QACD,IAAI,CAAC,SAAS,GAAG,EAAE,CAAC;QACpB,IAAI,CAAC,WAAW,CAAC,KAAK,EAAE,CAAC;IAC3B,CAAC;IAEO,KAAK,CAAC,cAAc,CAAC,WAAmB;QAC9C,MAAM,GAAG,GAAG,IAAI,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC;QACvC,IAAI,SAAS,GAAiB,IAAI,CAAC;QAEnC,KAAK,IAAI,OAAO,GAAG,CAAC,EAAE,OAAO,IAAI,IAAI,CAAC,OAAO,CAAC,KAAK,EAAE,OAAO,EAAE,EAAE,CAAC;YAC/D,IAAI,CAAC;gBACH,MAAM,UAAU,GAAG,IAAI,eAAe,EAAE,CAAC;gBACzC,MAAM,SAAS,GAAG,UAAU,CAAC,GAAG,EAAE,CAAC,UAAU,CAAC,KAAK,EAAE,EAAE,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;gBAE7E,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,EAAE;oBAChC,MAAM,EAAE,UAAU,CAAC,MAAM;oBACzB,OAAO,EAAE,IAAI,CAAC,YAAY,EAAE;iBAC7B,CAAC,CAAC;gBACH,YAAY,CAAC,SAAS,CAAC,CAAC;gBAExB,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;oBACjB,IAAI,QAAQ,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;wBAC5B,MAAM,IAAI,KAAK,CAAC,sBAAsB,WAAW,EAAE,CAAC,CAAC;oBACvD,CAAC;oBACD,MAAM,IAAI,KAAK,CAAC,qBAAqB,QAAQ,CAAC,MAAM,QAAQ,WAAW,EAAE,CAAC,CAAC;gBAC7E,CAAC;gBAED,MAAM,IAAI,GAAG,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAuB,CAAC;gBAC3D,OAAO,IAAI,CAAC;YACd,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,SAAS,GAAG,GAAY,CAAC;gBACzB,IAAI,OAAO,GAAG,IAAI,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;oBACjC,8CAA8C;oBAC9C,MAAM,IAAI,OAAO,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,UAAU,CAAC,CAAC,EAAE,GAAG,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,OAAO,CAAC,CAAC,CAAC,CAAC;gBACtE,CAAC;YACH,CAAC;QACH,CAAC;QAED,MAAM,SAAS,IAAI,IAAI,KAAK,CAAC,mBAAmB,WAAW,EAAE,CAAC,CAAC;IACjE,CAAC;IAEO,QAAQ,CAAC,WAAmB;QAClC,MAAM,QAAQ,GAAG,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;QAC1D,8DAA8D;QAC9D,MAAM,OAAO,GAAG,WAAW,CAAC,UAAU,CAAC,GAAG,CAAC;YACzC,CAAC,CAAC,IAAI,kBAAkB,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE;YAChD,CAAC,CAAC,kBAAkB,CAAC,WAAW,CAAC,CAAC;QACpC,OAAO,GAAG,QAAQ,IAAI,OAAO,EAAE,CAAC;IAClC,CAAC;IAEO,YAAY;QAClB,MAAM,OAAO,GAA2B;YACtC,MAAM,EAAE,kBAAkB;SAC3B,CAAC;QACF,qCAAqC;QACrC,MAAM,KAAK,GAAG,OAAO,CAAC,GAAG,CAAC,SAAS,CAAC;QACpC,IAAI,KAAK,EAAE,CAAC;YACV,OAAO,CAAC,eAAe,CAAC,GAAG,UAAU,KAAK,EAAE,CAAC;QAC/C,CAAC;QACD,OAAO,OAAO,CAAC;IACjB,CAAC;IAEO,gBAAgB;QACtB,MAAM,SAAS,GAAG,IAAI,CAAC,OAAO,CAAC,SAAS,CAAC,OAAO,CAAC,IAAI,EAAE,OAAO,EAAE,CAAC,CAAC;QAClE,OAAO,OAAO,CAAC,SAAS,CAAC,CAAC;IAC5B,CAAC;IAEO,KAAK,CAAC,aAAa;QACzB,IAAI,IAAI,CAAC,eAAe,IAAI,IAAI,CAAC,SAAS;YAAE,OAAO,IAAI,CAAC,SAAS,CAAC;QAElE,MAAM,SAAS,GAAG,IAAI,CAAC,gBAAgB,EAAE,CAAC;QAC1C,IAAI,CAAC;YACH,MAAM,GAAG,GAAG,MAAM,QAAQ,CAAC,SAAS,EAAE,OAAO,CAAC,CAAC;YAC/C,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAe,CAAC;QACjD,CAAC;QAAC,MAAM,CAAC;YACP,IAAI,CAAC,SAAS,GAAG,EAAE,CAAC;QACtB,CAAC;QACD,IAAI,CAAC,eAAe,GAAG,IAAI,CAAC;QAC5B,OAAO,IAAI,CAAC,SAAS,CAAC;IACxB,CAAC;IAEO,KAAK,CAAC,iBAAiB,CAAC,WAAmB;QACjD,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,aAAa,EAAE,CAAC;QACzC,MAAM,KAAK,GAAG,KAAK,CAAC,WAAW,CAAC,CAAC;QACjC,IAAI,CAAC,KAAK;YAAE,OAAO,IAAI,CAAC;QAExB,MAAM,YAAY,GAAG,IAAI,CAAC,OAAO,CAAC,eAAe,GAAG,EAAE,GAAG,IAAI,CAAC;QAC9D,IAAI,IAAI,CAAC,GAAG,EAAE,GAAG,KAAK,CAAC,SAAS,GAAG,YAAY,EAAE,CAAC;YAChD,OAAO,KAAK,CAAC,WAAW,CAAC,CAAC;YAC1B,OAAO,IAAI,CAAC;QACd,CAAC;QAED,OAAO,KAAK,CAAC,IAAI,CAAC;IACpB,CAAC;IAEO,KAAK,CAAC,iBAAiB,CAC7B,WAAmB,EACnB,IAAwB;QAExB,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,aAAa,EAAE,CAAC;QACzC,KAAK,CAAC,WAAW,CAAC,GAAG,EAAE,IAAI,EAAE,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE,EAAE,CAAC;QAErD,MAAM,SAAS,GAAG,IAAI,CAAC,gBAAgB,EAAE,CAAC;QAC1C,IAAI,CAAC;YACH,MAAM,KAAK,CAAC,OAAO,CAAC,SAAS,CAAC,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;YACrD,MAAM,SAAS,CAAC,SAAS,EAAE,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,EAAE,OAAO,CAAC,CAAC;QAC7D,CAAC;QAAC,MAAM,CAAC;YACP,0DAA0D;QAC5D,CAAC;IACH,CAAC;CACF"}

package/dist/release-info.d.ts

@@ -0,0 +1,40 @@
+/**
+ * Release notes and SCM integration.
+ * Extracts repository URLs, fetches GitHub releases, builds compare URLs.
+ */
+import type { NpmPackageMetadata, UpgradeResult } from './types.js';
+interface GitHubRelease {
+    tag_name: string;
+    name: string;
+    body: string;
+    html_url: string;
+    published_at: string;
+    draft: boolean;
+    prerelease: boolean;
+}
+/** Parse a GitHub owner/repo from a repository URL or field */
+export declare function parseGitHubRepo(repoField?: string | {
+    type?: string;
+    url?: string;
+}): {
+    owner: string;
+    repo: string;
+} | null;
+/** Extract repository URL from package metadata */
+export declare function getRepositoryUrl(metadata: NpmPackageMetadata): string | undefined;
+/** Build a GitHub compare URL between two versions */
+export declare function buildCompareUrl(owner: string, repo: string, fromVersion: string, toVersion: string): string;
+/** Build a GitHub release URL for a version */
+export declare function buildReleaseUrl(owner: string, repo: string, version: string): string;
+/** Build a GitHub repository URL */
+export declare function buildRepoUrl(owner: string, repo: string): string;
+/** Fetch release info from GitHub API */
+export declare function fetchGitHubRelease(owner: string, repo: string, version: string, token?: string): Promise<GitHubRelease | null>;
+/** Resolve a GitHub token from env or gh CLI */
+export declare function resolveGitHubToken(explicit?: string): Promise<string | undefined>;
+/** Enrich upgrade results with release info */
+export declare function enrichWithReleaseInfo(upgrades: UpgradeResult[], metadataMap: Map<string, NpmPackageMetadata>, token?: string): Promise<void>;
+/** Check if the package owner changed between versions */
+export declare function checkOwnerChanged(metadata: NpmPackageMetadata, fromVersion: string, toVersion: string): boolean;
+export {};
+//# sourceMappingURL=release-info.d.ts.map

package/dist/release-info.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"release-info.d.ts","sourceRoot":"","sources":["../src/release-info.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,KAAK,EAAE,kBAAkB,EAAe,aAAa,EAAE,MAAM,YAAY,CAAC;AAEjF,UAAU,aAAa;IACrB,QAAQ,EAAE,MAAM,CAAC;IACjB,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,EAAE,MAAM,CAAC;IACb,QAAQ,EAAE,MAAM,CAAC;IACjB,YAAY,EAAE,MAAM,CAAC;IACrB,KAAK,EAAE,OAAO,CAAC;IACf,UAAU,EAAE,OAAO,CAAC;CACrB;AAED,+DAA+D;AAC/D,wBAAgB,eAAe,CAC7B,SAAS,CAAC,EAAE,MAAM,GAAG;IAAE,IAAI,CAAC,EAAE,MAAM,CAAC;IAAC,GAAG,CAAC,EAAE,MAAM,CAAA;CAAE,GACnD;IAAE,KAAK,EAAE,MAAM,CAAC;IAAC,IAAI,EAAE,MAAM,CAAA;CAAE,GAAG,IAAI,CA+BxC;AAED,mDAAmD;AACnD,wBAAgB,gBAAgB,CAAC,QAAQ,EAAE,kBAAkB,GAAG,MAAM,GAAG,SAAS,CAajF;AAED,sDAAsD;AACtD,wBAAgB,eAAe,CAC7B,KAAK,EAAE,MAAM,EACb,IAAI,EAAE,MAAM,EACZ,WAAW,EAAE,MAAM,EACnB,SAAS,EAAE,MAAM,GAChB,MAAM,CAER;AAED,+CAA+C;AAC/C,wBAAgB,eAAe,CAC7B,KAAK,EAAE,MAAM,EACb,IAAI,EAAE,MAAM,EACZ,OAAO,EAAE,MAAM,GACd,MAAM,CAER;AAED,oCAAoC;AACpC,wBAAgB,YAAY,CAAC,KAAK,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,GAAG,MAAM,CAEhE;AAED,yCAAyC;AACzC,wBAAsB,kBAAkB,CACtC,KAAK,EAAE,MAAM,EACb,IAAI,EAAE,MAAM,EACZ,OAAO,EAAE,MAAM,EACf,KAAK,CAAC,EAAE,MAAM,GACb,OAAO,CAAC,aAAa,GAAG,IAAI,CAAC,CA6B/B;AAED,gDAAgD;AAChD,wBAAsB,kBAAkB,CAAC,QAAQ,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,GAAG,SAAS,CAAC,CAuBvF;AAED,+CAA+C;AAC/C,wBAAsB,qBAAqB,CACzC,QAAQ,EAAE,aAAa,EAAE,EACzB,WAAW,EAAE,GAAG,CAAC,MAAM,EAAE,kBAAkB,CAAC,EAC5C,KAAK,CAAC,EAAE,MAAM,GACb,OAAO,CAAC,IAAI,CAAC,CAuCf;AAED,0DAA0D;AAC1D,wBAAgB,iBAAiB,CAC/B,QAAQ,EAAE,kBAAkB,EAC5B,WAAW,EAAE,MAAM,EACnB,SAAS,EAAE,MAAM,GAChB,OAAO,CAUT"}

package/dist/release-info.js

@@ -0,0 +1,165 @@
+/**
+ * Release notes and SCM integration.
+ * Extracts repository URLs, fetches GitHub releases, builds compare URLs.
+ */
+/** Parse a GitHub owner/repo from a repository URL or field */
+export function parseGitHubRepo(repoField) {
+    let url;
+    if (typeof repoField === 'string') {
+        url = repoField;
+    }
+    else if (repoField?.url) {
+        url = repoField.url;
+    }
+    if (!url)
+        return null;
+    // Handle various URL formats:
+    // https://github.com/owner/repo
+    // https://github.com/owner/repo.git
+    // git+https://github.com/owner/repo.git
+    // git://github.com/owner/repo.git
+    // git@github.com:owner/repo.git
+    // github:owner/repo
+    const patterns = [
+        /github\.com[/:]([\w.-]+)\/([\w.-]+?)(?:\.git)?$/,
+        /^github:([\w.-]+)\/([\w.-]+)$/,
+    ];
+    for (const pattern of patterns) {
+        const match = url.match(pattern);
+        if (match) {
+            return { owner: match[1], repo: match[2] };
+        }
+    }
+    return null;
+}
+/** Extract repository URL from package metadata */
+export function getRepositoryUrl(metadata) {
+    const repo = metadata.repository;
+    if (typeof repo === 'string') {
+        const gh = parseGitHubRepo(repo);
+        if (gh)
+            return `https://github.com/${gh.owner}/${gh.repo}`;
+        return repo;
+    }
+    if (repo?.url) {
+        const gh = parseGitHubRepo(repo);
+        if (gh)
+            return `https://github.com/${gh.owner}/${gh.repo}`;
+        return repo.url.replace(/^git\+/, '').replace(/\.git$/, '');
+    }
+    return undefined;
+}
+/** Build a GitHub compare URL between two versions */
+export function buildCompareUrl(owner, repo, fromVersion, toVersion) {
+    return `https://github.com/${owner}/${repo}/compare/v${fromVersion}...v${toVersion}`;
+}
+/** Build a GitHub release URL for a version */
+export function buildReleaseUrl(owner, repo, version) {
+    return `https://github.com/${owner}/${repo}/releases/tag/v${version}`;
+}
+/** Build a GitHub repository URL */
+export function buildRepoUrl(owner, repo) {
+    return `https://github.com/${owner}/${repo}`;
+}
+/** Fetch release info from GitHub API */
+export async function fetchGitHubRelease(owner, repo, version, token) {
+    // Try common tag formats
+    const tagCandidates = [
+        `v${version}`,
+        version,
+    ];
+    const headers = {
+        Accept: 'application/vnd.github+json',
+        'X-GitHub-Api-Version': '2022-11-28',
+    };
+    if (token) {
+        headers['Authorization'] = `Bearer ${token}`;
+    }
+    for (const tag of tagCandidates) {
+        try {
+            const url = `https://api.github.com/repos/${encodeURIComponent(owner)}/${encodeURIComponent(repo)}/releases/tags/${encodeURIComponent(tag)}`;
+            const response = await fetch(url, { headers });
+            if (response.ok) {
+                return (await response.json());
+            }
+        }
+        catch {
+            // Try next format
+        }
+    }
+    return null;
+}
+/** Resolve a GitHub token from env or gh CLI */
+export async function resolveGitHubToken(explicit) {
+    // Explicit token takes priority
+    if (explicit)
+        return explicit;
+    // Environment variable
+    if (process.env.GITHUB_TOKEN)
+        return process.env.GITHUB_TOKEN;
+    if (process.env.GH_TOKEN)
+        return process.env.GH_TOKEN;
+    // Try gh CLI
+    try {
+        const { execFile } = await import('node:child_process');
+        const { promisify } = await import('node:util');
+        const execFileP = promisify(execFile);
+        const { stdout } = await execFileP('gh', ['auth', 'token'], {
+            timeout: 5000,
+        });
+        const token = stdout.trim();
+        if (token)
+            return token;
+    }
+    catch {
+        // gh not installed or not authenticated
+    }
+    return undefined;
+}
+/** Enrich upgrade results with release info */
+export async function enrichWithReleaseInfo(upgrades, metadataMap, token) {
+    const promises = upgrades.map(async (upgrade) => {
+        const metadata = metadataMap.get(upgrade.name);
+        if (!metadata)
+            return;
+        const repoUrl = getRepositoryUrl(metadata);
+        upgrade.repositoryUrl = repoUrl;
+        upgrade.homepage = metadata.homepage;
+        const gh = parseGitHubRepo(metadata.repository);
+        if (!gh)
+            return;
+        upgrade.releaseInfo = {
+            tagName: `v${upgrade.targetVersion}`,
+            repoUrl: buildRepoUrl(gh.owner, gh.repo),
+            compareUrl: buildCompareUrl(gh.owner, gh.repo, upgrade.currentVersion, upgrade.targetVersion),
+            releaseUrl: buildReleaseUrl(gh.owner, gh.repo, upgrade.targetVersion),
+        };
+        // Try to fetch actual release data (for body text)
+        try {
+            const release = await fetchGitHubRelease(gh.owner, gh.repo, upgrade.targetVersion, token);
+            if (release) {
+                upgrade.releaseInfo.releaseName = release.name;
+                upgrade.releaseInfo.body = release.body;
+                upgrade.releaseInfo.publishedAt = release.published_at;
+                upgrade.releaseInfo.releaseUrl = release.html_url;
+            }
+        }
+        catch {
+            // Non-fatal
+        }
+    });
+    await Promise.all(promises);
+}
+/** Check if the package owner changed between versions */
+export function checkOwnerChanged(metadata, fromVersion, toVersion) {
+    const fromMeta = metadata.versions[fromVersion];
+    const toMeta = metadata.versions[toVersion];
+    if (!fromMeta || !toMeta)
+        return false;
+    const fromOwner = fromMeta._npmUser?.name ?? fromMeta.maintainers?.[0]?.name;
+    const toOwner = toMeta._npmUser?.name ?? toMeta.maintainers?.[0]?.name;
+    if (!fromOwner || !toOwner)
+        return false;
+    return fromOwner !== toOwner;
+}
+//# sourceMappingURL=release-info.js.map

package/dist/release-info.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"release-info.js","sourceRoot":"","sources":["../src/release-info.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAcH,+DAA+D;AAC/D,MAAM,UAAU,eAAe,CAC7B,SAAoD;IAEpD,IAAI,GAAuB,CAAC;IAE5B,IAAI,OAAO,SAAS,KAAK,QAAQ,EAAE,CAAC;QAClC,GAAG,GAAG,SAAS,CAAC;IAClB,CAAC;SAAM,IAAI,SAAS,EAAE,GAAG,EAAE,CAAC;QAC1B,GAAG,GAAG,SAAS,CAAC,GAAG,CAAC;IACtB,CAAC;IAED,IAAI,CAAC,GAAG;QAAE,OAAO,IAAI,CAAC;IAEtB,8BAA8B;IAC9B,gCAAgC;IAChC,oCAAoC;IACpC,wCAAwC;IACxC,kCAAkC;IAClC,gCAAgC;IAChC,oBAAoB;IACpB,MAAM,QAAQ,GAAG;QACf,iDAAiD;QACjD,+BAA+B;KAChC,CAAC;IAEF,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;QAC/B,MAAM,KAAK,GAAG,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;QACjC,IAAI,KAAK,EAAE,CAAC;YACV,OAAO,EAAE,KAAK,EAAE,KAAK,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE,KAAK,CAAC,CAAC,CAAC,EAAE,CAAC;QAC7C,CAAC;IACH,CAAC;IAED,OAAO,IAAI,CAAC;AACd,CAAC;AAED,mDAAmD;AACnD,MAAM,UAAU,gBAAgB,CAAC,QAA4B;IAC3D,MAAM,IAAI,GAAG,QAAQ,CAAC,UAAU,CAAC;IACjC,IAAI,OAAO,IAAI,KAAK,QAAQ,EAAE,CAAC;QAC7B,MAAM,EAAE,GAAG,eAAe,CAAC,IAAI,CAAC,CAAC;QACjC,IAAI,EAAE;YAAE,OAAO,sBAAsB,EAAE,CAAC,KAAK,IAAI,EAAE,CAAC,IAAI,EAAE,CAAC;QAC3D,OAAO,IAAI,CAAC;IACd,CAAC;IACD,IAAI,IAAI,EAAE,GAAG,EAAE,CAAC;QACd,MAAM,EAAE,GAAG,eAAe,CAAC,IAAI,CAAC,CAAC;QACjC,IAAI,EAAE;YAAE,OAAO,sBAAsB,EAAE,CAAC,KAAK,IAAI,EAAE,CAAC,IAAI,EAAE,CAAC;QAC3D,OAAO,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC,QAAQ,EAAE,EAAE,CAAC,CAAC,OAAO,CAAC,QAAQ,EAAE,EAAE,CAAC,CAAC;IAC9D,CAAC;IACD,OAAO,SAAS,CAAC;AACnB,CAAC;AAED,sDAAsD;AACtD,MAAM,UAAU,eAAe,CAC7B,KAAa,EACb,IAAY,EACZ,WAAmB,EACnB,SAAiB;IAEjB,OAAO,sBAAsB,KAAK,IAAI,IAAI,aAAa,WAAW,OAAO,SAAS,EAAE,CAAC;AACvF,CAAC;AAED,+CAA+C;AAC/C,MAAM,UAAU,eAAe,CAC7B,KAAa,EACb,IAAY,EACZ,OAAe;IAEf,OAAO,sBAAsB,KAAK,IAAI,IAAI,kBAAkB,OAAO,EAAE,CAAC;AACxE,CAAC;AAED,oCAAoC;AACpC,MAAM,UAAU,YAAY,CAAC,KAAa,EAAE,IAAY;IACtD,OAAO,sBAAsB,KAAK,IAAI,IAAI,EAAE,CAAC;AAC/C,CAAC;AAED,yCAAyC;AACzC,MAAM,CAAC,KAAK,UAAU,kBAAkB,CACtC,KAAa,EACb,IAAY,EACZ,OAAe,EACf,KAAc;IAEd,yBAAyB;IACzB,MAAM,aAAa,GAAG;QACpB,IAAI,OAAO,EAAE;QACb,OAAO;KACR,CAAC;IAEF,MAAM,OAAO,GAA2B;QACtC,MAAM,EAAE,6BAA6B;QACrC,sBAAsB,EAAE,YAAY;KACrC,CAAC;IAEF,IAAI,KAAK,EAAE,CAAC;QACV,OAAO,CAAC,eAAe,CAAC,GAAG,UAAU,KAAK,EAAE,CAAC;IAC/C,CAAC;IAED,KAAK,MAAM,GAAG,IAAI,aAAa,EAAE,CAAC;QAChC,IAAI,CAAC;YACH,MAAM,GAAG,GAAG,gCAAgC,kBAAkB,CAAC,KAAK,CAAC,IAAI,kBAAkB,CAAC,IAAI,CAAC,kBAAkB,kBAAkB,CAAC,GAAG,CAAC,EAAE,CAAC;YAC7I,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,EAAE,EAAE,OAAO,EAAE,CAAC,CAAC;YAC/C,IAAI,QAAQ,CAAC,EAAE,EAAE,CAAC;gBAChB,OAAO,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAkB,CAAC;YAClD,CAAC;QACH,CAAC;QAAC,MAAM,CAAC;YACP,kBAAkB;QACpB,CAAC;IACH,CAAC;IAED,OAAO,IAAI,CAAC;AACd,CAAC;AAED,gDAAgD;AAChD,MAAM,CAAC,KAAK,UAAU,kBAAkB,CAAC,QAAiB;IACxD,gCAAgC;IAChC,IAAI,QAAQ;QAAE,OAAO,QAAQ,CAAC;IAE9B,uBAAuB;IACvB,IAAI,OAAO,CAAC,GAAG,CAAC,YAAY;QAAE,OAAO,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC;IAC9D,IAAI,OAAO,CAAC,GAAG,CAAC,QAAQ;QAAE,OAAO,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC;IAEtD,aAAa;IACb,IAAI,CAAC;QACH,MAAM,EAAE,QAAQ,EAAE,GAAG,MAAM,MAAM,CAAC,oBAAoB,CAAC,CAAC;QACxD,MAAM,EAAE,SAAS,EAAE,GAAG,MAAM,MAAM,CAAC,WAAW,CAAC,CAAC;QAChD,MAAM,SAAS,GAAG,SAAS,CAAC,QAAQ,CAAC,CAAC;QACtC,MAAM,EAAE,MAAM,EAAE,GAAG,MAAM,SAAS,CAAC,IAAI,EAAE,CAAC,MAAM,EAAE,OAAO,CAAC,EAAE;YAC1D,OAAO,EAAE,IAAI;SACd,CAAC,CAAC;QACH,MAAM,KAAK,GAAG,MAAM,CAAC,IAAI,EAAE,CAAC;QAC5B,IAAI,KAAK;YAAE,OAAO,KAAK,CAAC;IAC1B,CAAC;IAAC,MAAM,CAAC;QACP,wCAAwC;IAC1C,CAAC;IAED,OAAO,SAAS,CAAC;AACnB,CAAC;AAED,+CAA+C;AAC/C,MAAM,CAAC,KAAK,UAAU,qBAAqB,CACzC,QAAyB,EACzB,WAA4C,EAC5C,KAAc;IAEd,MAAM,QAAQ,GAAG,QAAQ,CAAC,GAAG,CAAC,KAAK,EAAE,OAAO,EAAE,EAAE;QAC9C,MAAM,QAAQ,GAAG,WAAW,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;QAC/C,IAAI,CAAC,QAAQ;YAAE,OAAO;QAEtB,MAAM,OAAO,GAAG,gBAAgB,CAAC,QAAQ,CAAC,CAAC;QAC3C,OAAO,CAAC,aAAa,GAAG,OAAO,CAAC;QAChC,OAAO,CAAC,QAAQ,GAAG,QAAQ,CAAC,QAAQ,CAAC;QAErC,MAAM,EAAE,GAAG,eAAe,CAAC,QAAQ,CAAC,UAAU,CAAC,CAAC;QAChD,IAAI,CAAC,EAAE;YAAE,OAAO;QAEhB,OAAO,CAAC,WAAW,GAAG;YACpB,OAAO,EAAE,IAAI,OAAO,CAAC,aAAa,EAAE;YACpC,OAAO,EAAE,YAAY,CAAC,EAAE,CAAC,KAAK,EAAE,EAAE,CAAC,IAAI,CAAC;YACxC,UAAU,EAAE,eAAe,CAAC,EAAE,CAAC,KAAK,EAAE,EAAE,CAAC,IAAI,EAAE,OAAO,CAAC,cAAc,EAAE,OAAO,CAAC,aAAa,CAAC;YAC7F,UAAU,EAAE,eAAe,CAAC,EAAE,CAAC,KAAK,EAAE,EAAE,CAAC,IAAI,EAAE,OAAO,CAAC,aAAa,CAAC;SACtE,CAAC;QAEF,mDAAmD;QACnD,IAAI,CAAC;YACH,MAAM,OAAO,GAAG,MAAM,kBAAkB,CACtC,EAAE,CAAC,KAAK,EACR,EAAE,CAAC,IAAI,EACP,OAAO,CAAC,aAAa,EACrB,KAAK,CACN,CAAC;YACF,IAAI,OAAO,EAAE,CAAC;gBACZ,OAAO,CAAC,WAAW,CAAC,WAAW,GAAG,OAAO,CAAC,IAAI,CAAC;gBAC/C,OAAO,CAAC,WAAW,CAAC,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC;gBACxC,OAAO,CAAC,WAAW,CAAC,WAAW,GAAG,OAAO,CAAC,YAAY,CAAC;gBACvD,OAAO,CAAC,WAAW,CAAC,UAAU,GAAG,OAAO,CAAC,QAAQ,CAAC;YACpD,CAAC;QACH,CAAC;QAAC,MAAM,CAAC;YACP,YAAY;QACd,CAAC;IACH,CAAC,CAAC,CAAC;IAEH,MAAM,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;AAC9B,CAAC;AAED,0DAA0D;AAC1D,MAAM,UAAU,iBAAiB,CAC/B,QAA4B,EAC5B,WAAmB,EACnB,SAAiB;IAEjB,MAAM,QAAQ,GAAG,QAAQ,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC;IAChD,MAAM,MAAM,GAAG,QAAQ,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC;IAC5C,IAAI,CAAC,QAAQ,IAAI,CAAC,MAAM;QAAE,OAAO,KAAK,CAAC;IAEvC,MAAM,SAAS,GAAG,QAAQ,CAAC,QAAQ,EAAE,IAAI,IAAI,QAAQ,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC,EAAE,IAAI,CAAC;IAC7E,MAAM,OAAO,GAAG,MAAM,CAAC,QAAQ,EAAE,IAAI,IAAI,MAAM,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC,EAAE,IAAI,CAAC;IAEvE,IAAI,CAAC,SAAS,IAAI,CAAC,OAAO;QAAE,OAAO,KAAK,CAAC;IACzC,OAAO,SAAS,KAAK,OAAO,CAAC;AAC/B,CAAC"}

package/dist/security.d.ts

@@ -0,0 +1,10 @@
+/**
+ * npm security advisory checker.
+ * Queries the npm bulk advisory endpoint to flag packages with known vulnerabilities.
+ */
+import type { Advisory, RuckupOptions, UpgradeResult } from './types.js';
+/** Check security advisories for a set of packages */
+export declare function checkAdvisories(upgrades: UpgradeResult[], options: RuckupOptions): Promise<Map<string, Advisory[]>>;
+/** Enrich upgrade results with advisory data */
+export declare function enrichWithAdvisories(upgrades: UpgradeResult[], advisories: Map<string, Advisory[]>): void;
+//# sourceMappingURL=security.d.ts.map

package/dist/security.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"security.d.ts","sourceRoot":"","sources":["../src/security.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,KAAK,EAAE,QAAQ,EAAE,aAAa,EAAE,aAAa,EAAE,MAAM,YAAY,CAAC;AAkBzE,sDAAsD;AACtD,wBAAsB,eAAe,CACnC,QAAQ,EAAE,aAAa,EAAE,EACzB,OAAO,EAAE,aAAa,GACrB,OAAO,CAAC,GAAG,CAAC,MAAM,EAAE,QAAQ,EAAE,CAAC,CAAC,CA6DlC;AAED,gDAAgD;AAChD,wBAAgB,oBAAoB,CAClC,QAAQ,EAAE,aAAa,EAAE,EACzB,UAAU,EAAE,GAAG,CAAC,MAAM,EAAE,QAAQ,EAAE,CAAC,GAClC,IAAI,CAON"}

package/dist/security.js

@@ -0,0 +1,72 @@
+/**
+ * npm security advisory checker.
+ * Queries the npm bulk advisory endpoint to flag packages with known vulnerabilities.
+ */
+/** Check security advisories for a set of packages */
+export async function checkAdvisories(upgrades, options) {
+    const results = new Map();
+    // Build bulk request: package name -> [current version, target version]
+    const requestBody = {};
+    for (const u of upgrades) {
+        const versions = [];
+        if (u.currentVersion)
+            versions.push(u.currentVersion);
+        if (u.targetVersion)
+            versions.push(u.targetVersion);
+        if (versions.length > 0) {
+            requestBody[u.name] = versions;
+        }
+    }
+    if (Object.keys(requestBody).length === 0)
+        return results;
+    try {
+        const registry = options.registry.replace(/\/$/, '');
+        const url = `${registry}/-/npm/v1/security/advisories/bulk`;
+        const controller = new AbortController();
+        const timeoutId = setTimeout(() => controller.abort(), options.timeout);
+        const response = await fetch(url, {
+            method: 'POST',
+            headers: {
+                'Content-Type': 'application/json',
+                Accept: 'application/json',
+            },
+            body: JSON.stringify(requestBody),
+            signal: controller.signal,
+        });
+        clearTimeout(timeoutId);
+        if (!response.ok) {
+            // Advisory endpoint may not be available on custom registries
+            return results;
+        }
+        const data = (await response.json());
+        // Group advisories by package name
+        for (const advisory of Object.values(data)) {
+            const packageName = advisory.module_name;
+            if (!results.has(packageName)) {
+                results.set(packageName, []);
+            }
+            results.get(packageName).push({
+                id: advisory.id,
+                title: advisory.title,
+                url: advisory.url,
+                severity: advisory.severity,
+                vulnerableVersions: advisory.vulnerable_versions,
+                recommendation: advisory.recommendation,
+            });
+        }
+    }
+    catch {
+        // Non-fatal: advisory check failure shouldn't break the tool
+    }
+    return results;
+}
+/** Enrich upgrade results with advisory data */
+export function enrichWithAdvisories(upgrades, advisories) {
+    for (const upgrade of upgrades) {
+        const pkgAdvisories = advisories.get(upgrade.name);
+        if (pkgAdvisories && pkgAdvisories.length > 0) {
+            upgrade.advisories = pkgAdvisories;
+        }
+    }
+}
+//# sourceMappingURL=security.js.map

package/dist/security.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"security.js","sourceRoot":"","sources":["../src/security.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAoBH,sDAAsD;AACtD,MAAM,CAAC,KAAK,UAAU,eAAe,CACnC,QAAyB,EACzB,OAAsB;IAEtB,MAAM,OAAO,GAAG,IAAI,GAAG,EAAsB,CAAC;IAE9C,wEAAwE;IACxE,MAAM,WAAW,GAAwB,EAAE,CAAC;IAC5C,KAAK,MAAM,CAAC,IAAI,QAAQ,EAAE,CAAC;QACzB,MAAM,QAAQ,GAAa,EAAE,CAAC;QAC9B,IAAI,CAAC,CAAC,cAAc;YAAE,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,cAAc,CAAC,CAAC;QACtD,IAAI,CAAC,CAAC,aAAa;YAAE,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,aAAa,CAAC,CAAC;QACpD,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACxB,WAAW,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,QAAQ,CAAC;QACjC,CAAC;IACH,CAAC;IAED,IAAI,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,OAAO,CAAC;IAE1D,IAAI,CAAC;QACH,MAAM,QAAQ,GAAG,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;QACrD,MAAM,GAAG,GAAG,GAAG,QAAQ,oCAAoC,CAAC;QAE5D,MAAM,UAAU,GAAG,IAAI,eAAe,EAAE,CAAC;QACzC,MAAM,SAAS,GAAG,UAAU,CAAC,GAAG,EAAE,CAAC,UAAU,CAAC,KAAK,EAAE,EAAE,OAAO,CAAC,OAAO,CAAC,CAAC;QAExE,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,EAAE;YAChC,MAAM,EAAE,MAAM;YACd,OAAO,EAAE;gBACP,cAAc,EAAE,kBAAkB;gBAClC,MAAM,EAAE,kBAAkB;aAC3B;YACD,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,WAAW,CAAC;YACjC,MAAM,EAAE,UAAU,CAAC,MAAM;SAC1B,CAAC,CAAC;QACH,YAAY,CAAC,SAAS,CAAC,CAAC;QAExB,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YACjB,8DAA8D;YAC9D,OAAO,OAAO,CAAC;QACjB,CAAC;QAED,MAAM,IAAI,GAAG,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAyB,CAAC;QAE7D,mCAAmC;QACnC,KAAK,MAAM,QAAQ,IAAI,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC;YAC3C,MAAM,WAAW,GAAG,QAAQ,CAAC,WAAW,CAAC;YACzC,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,WAAW,CAAC,EAAE,CAAC;gBAC9B,OAAO,CAAC,GAAG,CAAC,WAAW,EAAE,EAAE,CAAC,CAAC;YAC/B,CAAC;YACD,OAAO,CAAC,GAAG,CAAC,WAAW,CAAE,CAAC,IAAI,CAAC;gBAC7B,EAAE,EAAE,QAAQ,CAAC,EAAE;gBACf,KAAK,EAAE,QAAQ,CAAC,KAAK;gBACrB,GAAG,EAAE,QAAQ,CAAC,GAAG;gBACjB,QAAQ,EAAE,QAAQ,CAAC,QAAgC;gBACnD,kBAAkB,EAAE,QAAQ,CAAC,mBAAmB;gBAChD,cAAc,EAAE,QAAQ,CAAC,cAAc;aACxC,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAAC,MAAM,CAAC;QACP,6DAA6D;IAC/D,CAAC;IAED,OAAO,OAAO,CAAC;AACjB,CAAC;AAED,gDAAgD;AAChD,MAAM,UAAU,oBAAoB,CAClC,QAAyB,EACzB,UAAmC;IAEnC,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;QAC/B,MAAM,aAAa,GAAG,UAAU,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;QACnD,IAAI,aAAa,IAAI,aAAa,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAC9C,OAAO,CAAC,UAAU,GAAG,aAAa,CAAC;QACrC,CAAC;IACH,CAAC;AACH,CAAC"}