soso-ppm 2.4.8

package/lib/commands/publish.js

@@ -0,0 +1,143 @@
+'use strict';
+
+const fs = require('fs');
+const path = require('path');
+const semver = require('semver');
+const { loadRegistry, saveRegistry } = require('../config');
+const { success, error, info, warn } = require('../utils/logger');
+const git = require('../utils/git');
+
+/**
+ * Publish package to registry
+ */
+async function publish(args) {
+  const cwd = process.cwd();
+  const packageJsonPath = path.join(cwd, 'package.json');
+
+  // Load package.json
+  if (!fs.existsSync(packageJsonPath)) {
+    throw new Error('No package.json found in current directory');
+  }
+
+  const packageJson = JSON.parse(fs.readFileSync(packageJsonPath, 'utf8'));
+
+  // Validate package.json
+  validatePackageJson(packageJson);
+
+  const { name, version } = packageJson;
+
+  info(`Publishing ${name}@${version}...`);
+
+  // Check if Git repository
+  const gitDir = path.join(cwd, '.git');
+  if (!fs.existsSync(gitDir)) {
+    throw new Error('Not a git repository. Initialize with: git init');
+  }
+
+  // Check if working directory is clean
+  const isClean = await git.isClean(cwd);
+  if (!isClean) {
+    throw new Error('Working directory is not clean. Commit or stash changes before publishing.');
+  }
+
+  // Get git remote URL
+  const remoteUrl = await getGitRemoteUrl(cwd);
+  if (!remoteUrl) {
+    throw new Error('No git remote configured. Add remote with: git remote add origin <url>');
+  }
+
+  info(`Git remote: ${remoteUrl}`);
+
+  // Load registry
+  const registry = loadRegistry();
+
+  // Check if package exists
+  if (!registry.packages[name]) {
+    registry.packages[name] = {
+      name,
+      versions: {}
+    };
+    info(`Adding new package: ${name}`);
+  }
+
+  // Check if version already exists
+  if (registry.packages[name].versions[version]) {
+    throw new Error(`Version ${version} already published. Update version in package.json.`);
+  }
+
+  // Create git tag
+  const tag = `v${version}`;
+  info(`Creating tag: ${tag}`);
+  
+  try {
+    await git.createTag(tag, `Release ${version}`, cwd);
+  } catch (err) {
+    throw new Error(`Failed to create tag: ${err.message}`);
+  }
+
+  // Push tag to remote
+  info('Pushing tag to remote...');
+  try {
+    await git.pushTags(cwd);
+  } catch (err) {
+    // Rollback: delete local tag
+    await git.execGit(['tag', '-d', tag], { cwd });
+    throw new Error(`Failed to push tag: ${err.message}`);
+  }
+
+  // Update registry
+  registry.packages[name].versions[version] = {
+    version,
+    gitUrl: remoteUrl,
+    tag,
+    dependencies: packageJson.dependencies || {},
+    publishedAt: new Date().toISOString()
+  };
+
+  saveRegistry(registry);
+
+  success(`Published ${name}@${version}`);
+  info(`Package available at: ${remoteUrl}#${tag}`);
+}
+
+/**
+ * Validate package.json
+ */
+function validatePackageJson(packageJson) {
+  // Check required fields
+  if (!packageJson.name) {
+    throw new Error('package.json missing required field: name');
+  }
+
+  if (!packageJson.version) {
+    throw new Error('package.json missing required field: version');
+  }
+
+  // Validate name
+  const nameRegex = /^(@[a-z0-9-]+\/)?[a-z0-9-]+$/;
+  if (!nameRegex.test(packageJson.name)) {
+    throw new Error(
+      'Invalid package name. Use lowercase letters, numbers, and hyphens. ' +
+      'Scoped packages: @scope/name'
+    );
+  }
+
+  // Validate version
+  if (!semver.valid(packageJson.version)) {
+    throw new Error(`Invalid version: ${packageJson.version}. Must follow semver (e.g., 1.2.3)`);
+  }
+}
+
+/**
+ * Get git remote URL
+ */
+async function getGitRemoteUrl(cwd) {
+  try {
+    const output = await git.execGit(['remote', 'get-url', 'origin'], { cwd });
+    return output.trim();
+  } catch (error) {
+    return null;
+  }
+}
+
+module.exports = { publish };

package/lib/commands/update.js

@@ -0,0 +1,111 @@
+'use strict';
+
+const fs = require('fs');
+const path = require('path');
+const semver = require('semver');
+const { loadRegistry } = require('../config');
+const { install } = require('./install');
+const { success, info, warn } = require('../utils/logger');
+
+/**
+ * Update dependencies
+ */
+async function update(args) {
+  const cwd = process.cwd();
+  const packageJsonPath = path.join(cwd, 'package.json');
+
+  // Load package.json
+  if (!fs.existsSync(packageJsonPath)) {
+    throw new Error('No package.json found in current directory');
+  }
+
+  const packageJson = JSON.parse(fs.readFileSync(packageJsonPath, 'utf8'));
+  const dependencies = packageJson.dependencies || {};
+
+  if (Object.keys(dependencies).length === 0) {
+    info('No dependencies to update');
+    return;
+  }
+
+  // Determine what to update
+  let specificPackage = null;
+  if (args.length > 0 && !args[0].startsWith('-')) {
+    specificPackage = args[0];
+  }
+
+  const registry = loadRegistry();
+  let updated = false;
+
+  if (specificPackage) {
+    // Update specific package
+    if (!dependencies[specificPackage]) {
+      throw new Error(`Package ${specificPackage} not found in dependencies`);
+    }
+
+    info(`Checking for updates to ${specificPackage}...`);
+    const newVersion = await findLatestVersion(specificPackage, dependencies[specificPackage], registry);
+    
+    if (newVersion) {
+      dependencies[specificPackage] = `^${newVersion}`;
+      info(`Updated ${specificPackage} to ^${newVersion}`);
+      updated = true;
+    } else {
+      info(`${specificPackage} is already at latest version`);
+    }
+  } else {
+    // Update all packages
+    info('Checking for updates...');
+    
+    for (const [name, range] of Object.entries(dependencies)) {
+      const newVersion = await findLatestVersion(name, range, registry);
+      
+      if (newVersion) {
+        dependencies[name] = `^${newVersion}`;
+        info(`Updated ${name} to ^${newVersion}`);
+        updated = true;
+      }
+    }
+  }
+
+  if (updated) {
+    // Save updated package.json
+    packageJson.dependencies = dependencies;
+    fs.writeFileSync(packageJsonPath, JSON.stringify(packageJson, null, 2) + '\n');
+
+    // Reinstall
+    info('Reinstalling dependencies...');
+    await install([]);
+    
+    success('Dependencies updated');
+  } else {
+    success('All dependencies are up to date');
+  }
+}
+
+/**
+ * Find latest version satisfying range
+ */
+async function findLatestVersion(name, range, registry) {
+  const packageData = registry.packages[name];
+  if (!packageData) {
+    warn(`Package ${name} not found in registry`);
+    return null;
+  }
+
+  const versions = Object.keys(packageData.versions).sort(semver.rcompare);
+  
+  // Find latest version matching range
+  const currentVersion = semver.maxSatisfying(versions, range);
+  
+  // Find absolute latest version
+  const latestVersion = versions[0];
+
+  // Only update if there's a newer version
+  if (currentVersion && semver.gt(latestVersion, currentVersion)) {
+    return latestVersion;
+  }
+
+  return null;
+}
+
+module.exports = { update };

package/lib/config.js

@@ -0,0 +1,126 @@
+'use strict';
+
+const fs = require('fs');
+const path = require('path');
+const os = require('os');
+
+/**
+ * Get platform-specific configuration directory
+ */
+function getConfigDir() {
+  if (process.platform === 'win32') {
+    return path.join(process.env.LOCALAPPDATA || path.join(os.homedir(), 'AppData', 'Local'), 'soso');
+  }
+  return path.join(os.homedir(), '.soso');
+}
+
+/**
+ * Get cache directory
+ */
+function getCacheDir() {
+  return path.join(getConfigDir(), 'cache');
+}
+
+/**
+ * Get registry file path
+ */
+function getRegistryPath() {
+  return path.join(getConfigDir(), 'registry.json');
+}
+
+/**
+ * Get user config file path (.sosorc)
+ */
+function getUserConfigPath() {
+  return path.join(os.homedir(), '.sosorc');
+}
+
+/**
+ * Ensure directory exists
+ */
+function ensureDir(dirPath) {
+  if (!fs.existsSync(dirPath)) {
+    fs.mkdirSync(dirPath, { recursive: true });
+  }
+}
+
+/**
+ * Initialize configuration directories
+ */
+function initConfig() {
+  ensureDir(getConfigDir());
+  ensureDir(getCacheDir());
+  
+  const registryPath = getRegistryPath();
+  if (!fs.existsSync(registryPath)) {
+    fs.writeFileSync(registryPath, JSON.stringify({ packages: {} }, null, 2));
+  }
+}
+
+/**
+ * Load registry configuration
+ */
+function loadRegistry() {
+  const registryPath = getRegistryPath();
+  if (!fs.existsSync(registryPath)) {
+    return { packages: {} };
+  }
+  
+  try {
+    const content = fs.readFileSync(registryPath, 'utf8');
+    return JSON.parse(content);
+  } catch (error) {
+    throw new Error(`Failed to load registry: ${error.message}`);
+  }
+}
+
+/**
+ * Save registry configuration
+ */
+function saveRegistry(registry) {
+  const registryPath = getRegistryPath();
+  ensureDir(path.dirname(registryPath));
+  fs.writeFileSync(registryPath, JSON.stringify(registry, null, 2));
+}
+
+/**
+ * Load user configuration (.sosorc)
+ */
+function loadUserConfig() {
+  const configPath = getUserConfigPath();
+  if (!fs.existsSync(configPath)) {
+    return {};
+  }
+  
+  try {
+    const content = fs.readFileSync(configPath, 'utf8');
+    const config = {};
+    
+    // Parse simple KEY=VALUE format
+    content.split('\n').forEach(line => {
+      line = line.trim();
+      if (line && !line.startsWith('#')) {
+        const [key, ...valueParts] = line.split('=');
+        if (key && valueParts.length > 0) {
+          config[key.trim()] = valueParts.join('=').trim();
+        }
+      }
+    });
+    
+    return config;
+  } catch (error) {
+    throw new Error(`Failed to load user config: ${error.message}`);
+  }
+}
+
+module.exports = {
+  getConfigDir,
+  getCacheDir,
+  getRegistryPath,
+  getUserConfigPath,
+  ensureDir,
+  initConfig,
+  loadRegistry,
+  saveRegistry,
+  loadUserConfig
+};

package/lib/lockfile.js

@@ -0,0 +1,136 @@
+'use strict';
+
+const fs = require('fs');
+const path = require('path');
+const { debug } = require('./utils/logger');
+
+/**
+ * Lockfile manager for deterministic installs
+ */
+class Lockfile {
+  constructor(projectPath) {
+    this.projectPath = projectPath;
+    this.lockfilePath = path.join(projectPath, 'soso-lock.json');
+  }
+
+  /**
+   * Check if lockfile exists
+   */
+  exists() {
+    return fs.existsSync(this.lockfilePath);
+  }
+
+  /**
+   * Read lockfile
+   */
+  read() {
+    if (!this.exists()) {
+      return null;
+    }
+
+    try {
+      const content = fs.readFileSync(this.lockfilePath, 'utf8');
+      return JSON.parse(content);
+    } catch (error) {
+      throw new Error(`Failed to read lockfile: ${error.message}`);
+    }
+  }
+
+  /**
+   * Write lockfile
+   */
+  write(packages) {
+    debug(`Writing lockfile with ${Object.keys(packages).length} packages`);
+
+    const lockfile = {
+      lockfileVersion: 1,
+      packages: {}
+    };
+
+    // Sort packages alphabetically for deterministic output
+    const sortedNames = Object.keys(packages).sort();
+    
+    for (const name of sortedNames) {
+      const pkg = packages[name];
+      lockfile.packages[name] = {
+        version: pkg.version,
+        resolved: pkg.resolved,
+        integrity: pkg.integrity
+      };
+
+      // Include dependencies if present
+      if (pkg.dependencies && Object.keys(pkg.dependencies).length > 0) {
+        lockfile.packages[name].dependencies = pkg.dependencies;
+      }
+    }
+
+    const content = JSON.stringify(lockfile, null, 2) + '\n';
+    fs.writeFileSync(this.lockfilePath, content);
+  }
+
+  /**
+   * Validate lockfile integrity
+   */
+  validate(lockfileData) {
+    if (!lockfileData) {
+      return false;
+    }
+
+    if (lockfileData.lockfileVersion !== 1) {
+      throw new Error('Unsupported lockfile version');
+    }
+
+    if (!lockfileData.packages || typeof lockfileData.packages !== 'object') {
+      throw new Error('Invalid lockfile format: missing packages');
+    }
+
+    return true;
+  }
+
+  /**
+   * Get package from lockfile
+   */
+  getPackage(lockfileData, name) {
+    if (!lockfileData || !lockfileData.packages) {
+      return null;
+    }
+    return lockfileData.packages[name] || null;
+  }
+
+  /**
+   * Check if lockfile matches current dependencies
+   */
+  matches(lockfileData, dependencies) {
+    if (!lockfileData || !lockfileData.packages) {
+      return false;
+    }
+
+    const lockfileNames = new Set(Object.keys(lockfileData.packages));
+    const currentNames = new Set(Object.keys(dependencies));
+
+    // Quick check: same number of packages
+    if (lockfileNames.size !== currentNames.size) {
+      return false;
+    }
+
+    // Check all dependencies are in lockfile
+    for (const name of currentNames) {
+      if (!lockfileNames.has(name)) {
+        return false;
+      }
+    }
+
+    return true;
+  }
+
+  /**
+   * Delete lockfile
+   */
+  delete() {
+    if (this.exists()) {
+      fs.unlinkSync(this.lockfilePath);
+    }
+  }
+}
+
+module.exports = { Lockfile };

package/lib/resolver.js

@@ -0,0 +1,139 @@
+'use strict';
+
+const semver = require('semver');
+const { debug } = require('./utils/logger');
+
+/**
+ * Resolve dependency tree to flat structure
+ * Implements highest-compatible-version strategy
+ */
+class Resolver {
+  constructor(registry) {
+    this.registry = registry;
+    this.resolved = new Map(); // package name -> resolved version
+    this.pending = new Map(); // package name -> requested ranges
+  }
+
+  /**
+   * Resolve all dependencies from root package
+   */
+  async resolve(dependencies) {
+    if (!dependencies || Object.keys(dependencies).length === 0) {
+      return {};
+    }
+
+    // First pass: collect all version requirements
+    await this.collectRequirements(dependencies);
+
+    // Second pass: resolve conflicts
+    this.resolveConflicts();
+
+    return Object.fromEntries(this.resolved);
+  }
+
+  /**
+   * Recursively collect all dependency requirements
+   */
+  async collectRequirements(dependencies, visited = new Set()) {
+    for (const [name, range] of Object.entries(dependencies)) {
+      debug(`Collecting requirement: ${name}@${range}`);
+
+      // Track this requirement
+      if (!this.pending.has(name)) {
+        this.pending.set(name, []);
+      }
+      this.pending.get(name).push(range);
+
+      // Avoid infinite loops
+      const key = `${name}@${range}`;
+      if (visited.has(key)) {
+        continue;
+      }
+      visited.add(key);
+
+      // Get available versions from registry
+      const versions = await this.getAvailableVersions(name);
+      if (versions.length === 0) {
+        throw new Error(`Package not found in registry: ${name}`);
+      }
+
+      // Find highest version matching this range
+      const version = semver.maxSatisfying(versions, range);
+      if (!version) {
+        throw new Error(`No version of ${name} satisfies ${range}. Available: ${versions.join(', ')}`);
+      }
+
+      // Get package metadata to find its dependencies
+      const pkgInfo = await this.getPackageInfo(name, version);
+      
+      // Recursively collect dependencies
+      if (pkgInfo.dependencies) {
+        await this.collectRequirements(pkgInfo.dependencies, visited);
+      }
+    }
+  }
+
+  /**
+   * Resolve version conflicts
+   */
+  resolveConflicts() {
+    for (const [name, ranges] of this.pending.entries()) {
+      debug(`Resolving ${name} with ranges: ${ranges.join(', ')}`);
+
+      // Get all available versions
+      const packageData = this.registry.packages[name];
+      if (!packageData) {
+        throw new Error(`Package not found: ${name}`);
+      }
+
+      const versions = Object.keys(packageData.versions);
+
+      // Find highest version that satisfies ALL ranges
+      let resolvedVersion = null;
+      
+      for (const version of versions.sort(semver.rcompare)) {
+        const satisfiesAll = ranges.every(range => semver.satisfies(version, range));
+        if (satisfiesAll) {
+          resolvedVersion = version;
+          break;
+        }
+      }
+
+      if (!resolvedVersion) {
+        throw new Error(
+          `Cannot resolve ${name}: conflicting version ranges ${ranges.join(', ')}. ` +
+          `Available versions: ${versions.join(', ')}`
+        );
+      }
+
+      this.resolved.set(name, resolvedVersion);
+      debug(`Resolved ${name} to ${resolvedVersion}`);
+    }
+  }
+
+  /**
+   * Get available versions for a package
+   */
+  async getAvailableVersions(name) {
+    const packageData = this.registry.packages[name];
+    if (!packageData || !packageData.versions) {
+      return [];
+    }
+
+    return Object.keys(packageData.versions).sort(semver.rcompare);
+  }
+
+  /**
+   * Get package info for specific version
+   */
+  async getPackageInfo(name, version) {
+    const packageData = this.registry.packages[name];
+    if (!packageData || !packageData.versions || !packageData.versions[version]) {
+      throw new Error(`Version ${version} not found for package ${name}`);
+    }
+
+    return packageData.versions[version];
+  }
+}
+
+module.exports = { Resolver };