tangkal 1.1.0

package/dist/src/utils/ignore.js

@@ -0,0 +1,18 @@
+import ignore from 'ignore';
+import fs from 'fs/promises';
+import path from 'path';
+export async function loadIgnore(dir) {
+    const ig = ignore();
+    const ignorePath = path.join(dir, '.tangkalignore');
+    try {
+        const content = await fs.readFile(ignorePath, 'utf-8');
+        ig.add(content);
+    }
+    catch (e) {
+        // If file doesn't exist, we just return the empty ignore instance
+    }
+    // Always ignore common noise
+    ig.add(['node_modules', '.git', 'dist', 'build', 'coverage', '*.min.js', '*.map']);
+    return ig;
+}
+//# sourceMappingURL=ignore.js.map

package/dist/src/utils/ignore.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"ignore.js","sourceRoot":"","sources":["../../../src/utils/ignore.ts"],"names":[],"mappings":"AAAA,OAAO,MAAM,MAAM,QAAQ,CAAC;AAC5B,OAAO,EAAE,MAAM,aAAa,CAAC;AAC7B,OAAO,IAAI,MAAM,MAAM,CAAC;AAGxB,MAAM,CAAC,KAAK,UAAU,UAAU,CAAC,GAAW;IAC1C,MAAM,EAAE,GAAG,MAAM,EAAE,CAAC;IACpB,MAAM,UAAU,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,gBAAgB,CAAC,CAAC;IAEpD,IAAI,CAAC;QACH,MAAM,OAAO,GAAG,MAAM,EAAE,CAAC,QAAQ,CAAC,UAAU,EAAE,OAAO,CAAC,CAAC;QACvD,EAAE,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;IAClB,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,kEAAkE;IACpE,CAAC;IAED,6BAA6B;IAC7B,EAAE,CAAC,GAAG,CAAC,CAAC,cAAc,EAAE,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,UAAU,EAAE,UAAU,EAAE,OAAO,CAAC,CAAC,CAAC;IAEnF,OAAO,EAAE,CAAC;AACZ,CAAC"}

package/dist/src/utils/lockfile.d.ts

@@ -0,0 +1,9 @@
+export interface Dependency {
+    name: string;
+    version: string;
+}
+/**
+ * Parses lockfiles (package-lock.json, yarn.lock, pnpm-lock.yaml) to get a flat list of dependencies.
+ */
+export declare function parsePackageLock(dir: string): Promise<Dependency[] | null>;
+//# sourceMappingURL=lockfile.d.ts.map

package/dist/src/utils/lockfile.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"lockfile.d.ts","sourceRoot":"","sources":["../../../src/utils/lockfile.ts"],"names":[],"mappings":"AAKA,MAAM,WAAW,UAAU;IACzB,IAAI,EAAE,MAAM,CAAC;IACb,OAAO,EAAE,MAAM,CAAC;CACjB;AAOD;;GAEG;AACH,wBAAsB,gBAAgB,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,UAAU,EAAE,GAAG,IAAI,CAAC,CAmIhF"}

package/dist/src/utils/lockfile.js

@@ -0,0 +1,143 @@
+import fs from 'fs/promises';
+import path from 'path';
+import * as yarnLockfile from '@yarnpkg/lockfile';
+import yaml from 'yaml';
+/**
+ * Parses lockfiles (package-lock.json, yarn.lock, pnpm-lock.yaml) to get a flat list of dependencies.
+ */
+export async function parsePackageLock(dir) {
+    // 1. Try package-lock.json
+    try {
+        const lockPath = path.join(dir, 'package-lock.json');
+        const content = await fs.readFile(lockPath, 'utf-8');
+        const lock = JSON.parse(content);
+        const dependencies = [];
+        if (lock.packages) {
+            for (const [key, val] of Object.entries(lock.packages)) {
+                if (key === '')
+                    continue;
+                const name = key.split('node_modules/').pop();
+                if (name && typeof val.version === 'string') {
+                    dependencies.push({ name, version: val.version });
+                }
+            }
+        }
+        else if (lock.dependencies) {
+            // v1 recursive
+            const traverse = (deps) => {
+                for (const [name, val] of Object.entries(deps)) {
+                    if (typeof val.version === 'string') {
+                        dependencies.push({ name, version: val.version });
+                    }
+                    if (val.dependencies)
+                        traverse(val.dependencies);
+                }
+            };
+            traverse(lock.dependencies);
+        }
+        return deduplicate(dependencies);
+    }
+    catch (e) { }
+    // 2. Try yarn.lock
+    try {
+        const lockPath = path.join(dir, 'yarn.lock');
+        const content = await fs.readFile(lockPath, 'utf-8');
+        const parsed = yarnLockfile.parse(content);
+        if (parsed.type === 'success' && parsed.object) {
+            const dependencies = [];
+            for (const [key, val] of Object.entries(parsed.object)) {
+                const nameMatch = key.match(/^(@?[^@]+)@/);
+                const name = nameMatch ? nameMatch[1] : key;
+                if (name && typeof val.version === 'string') {
+                    dependencies.push({ name, version: val.version });
+                }
+            }
+            return deduplicate(dependencies);
+        }
+    }
+    catch (e) { }
+    // 3. Try pnpm-lock.yaml
+    try {
+        const lockPath = path.join(dir, 'pnpm-lock.yaml');
+        const content = await fs.readFile(lockPath, 'utf-8');
+        const parsed = yaml.parse(content);
+        const dependencies = [];
+        if (parsed.packages) {
+            for (const key of Object.keys(parsed.packages)) {
+                let cleanKey = key.startsWith('/') ? key.substring(1) : key;
+                if (cleanKey.includes('(')) {
+                    cleanKey = cleanKey.split('(')[0] ?? cleanKey;
+                }
+                const parts = cleanKey.split('/');
+                if (parts.length >= 2) {
+                    const version = parts.pop();
+                    const name = parts.join('/');
+                    if (name && typeof version === 'string') {
+                        dependencies.push({ name, version });
+                    }
+                }
+                else if (cleanKey.includes('@')) {
+                    const lastAt = cleanKey.lastIndexOf('@');
+                    const name = cleanKey.substring(0, lastAt);
+                    const version = cleanKey.substring(lastAt + 1);
+                    if (name && typeof version === 'string') {
+                        dependencies.push({ name, version });
+                    }
+                }
+            }
+            return deduplicate(dependencies);
+        }
+    }
+    catch (e) { }
+    // 4. Try bun.lock (Text format)
+    try {
+        const lockPath = path.join(dir, 'bun.lock');
+        const content = await fs.readFile(lockPath, 'utf-8');
+        if (content.trim().startsWith('#') || content.includes('lockfile v1')) {
+            const parsed = yarnLockfile.parse(content);
+            if (parsed.type === 'success' && parsed.object) {
+                const dependencies = [];
+                for (const [key, val] of Object.entries(parsed.object)) {
+                    const nameMatch = key.match(/^(@?[^@]+)@/);
+                    const name = nameMatch ? nameMatch[1] : key;
+                    if (name && typeof val.version === 'string') {
+                        dependencies.push({ name, version: val.version });
+                    }
+                }
+                return deduplicate(dependencies);
+            }
+        }
+    }
+    catch (e) { }
+    // 5. Try deno.lock (JSON)
+    try {
+        const lockPath = path.join(dir, 'deno.lock');
+        const content = await fs.readFile(lockPath, 'utf-8');
+        const lock = JSON.parse(content);
+        const dependencies = [];
+        if (lock.packages && lock.packages.specifiers) {
+            for (const key of Object.keys(lock.packages.specifiers)) {
+                if (key.startsWith('npm:')) {
+                    const resolved = lock.packages.specifiers[key];
+                    if (typeof resolved === 'string' && resolved.startsWith('npm:')) {
+                        const parts = resolved.replace('npm:', '').split('@');
+                        const version = parts.pop();
+                        const name = parts.join('@');
+                        if (name && typeof version === 'string') {
+                            dependencies.push({ name, version });
+                        }
+                    }
+                }
+            }
+        }
+        return deduplicate(dependencies);
+    }
+    catch (e) { }
+    return null;
+}
+function deduplicate(deps) {
+    const unique = new Map();
+    deps.forEach(d => unique.set(`${d.name}@${d.version}`, d));
+    return Array.from(unique.values());
+}
+//# sourceMappingURL=lockfile.js.map

package/dist/src/utils/lockfile.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"lockfile.js","sourceRoot":"","sources":["../../../src/utils/lockfile.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,aAAa,CAAC;AAC7B,OAAO,IAAI,MAAM,MAAM,CAAC;AACxB,OAAO,KAAK,YAAY,MAAM,mBAAmB,CAAC;AAClD,OAAO,IAAI,MAAM,MAAM,CAAC;AAYxB;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,gBAAgB,CAAC,GAAW;IAChD,2BAA2B;IAC3B,IAAI,CAAC;QACH,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,mBAAmB,CAAC,CAAC;QACrD,MAAM,OAAO,GAAG,MAAM,EAAE,CAAC,QAAQ,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;QACrD,MAAM,IAAI,GAAkB,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;QAEhD,MAAM,YAAY,GAAiB,EAAE,CAAC;QAEtC,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;YAClB,KAAK,MAAM,CAAC,GAAG,EAAE,GAAG,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC;gBACvD,IAAI,GAAG,KAAK,EAAE;oBAAE,SAAS;gBACzB,MAAM,IAAI,GAAG,GAAG,CAAC,KAAK,CAAC,eAAe,CAAC,CAAC,GAAG,EAAE,CAAC;gBAC9C,IAAI,IAAI,IAAI,OAAO,GAAG,CAAC,OAAO,KAAK,QAAQ,EAAE,CAAC;oBAC5C,YAAY,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,OAAO,EAAE,GAAG,CAAC,OAAO,EAAE,CAAC,CAAC;gBACpD,CAAC;YACH,CAAC;QACH,CAAC;aAAM,IAAI,IAAI,CAAC,YAAY,EAAE,CAAC;YAC3B,eAAe;YACf,MAAM,QAAQ,GAAG,CAAC,IAAS,EAAE,EAAE;gBAC3B,KAAK,MAAM,CAAC,IAAI,EAAE,GAAG,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC;oBAC7C,IAAI,OAAQ,GAAW,CAAC,OAAO,KAAK,QAAQ,EAAE,CAAC;wBAC3C,YAAY,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,OAAO,EAAG,GAAW,CAAC,OAAO,EAAE,CAAC,CAAC;oBAC/D,CAAC;oBACD,IAAK,GAAW,CAAC,YAAY;wBAAE,QAAQ,CAAE,GAAW,CAAC,YAAY,CAAC,CAAC;gBACvE,CAAC;YACL,CAAC,CAAC;YACF,QAAQ,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC;QAChC,CAAC;QACD,OAAO,WAAW,CAAC,YAAY,CAAC,CAAC;IACnC,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC,CAAA,CAAC;IAEd,mBAAmB;IACnB,IAAI,CAAC;QACD,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,WAAW,CAAC,CAAC;QAC7C,MAAM,OAAO,GAAG,MAAM,EAAE,CAAC,QAAQ,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;QACrD,MAAM,MAAM,GAAG,YAAY,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;QAE3C,IAAI,MAAM,CAAC,IAAI,KAAK,SAAS,IAAI,MAAM,CAAC,MAAM,EAAE,CAAC;YAC7C,MAAM,YAAY,GAAiB,EAAE,CAAC;YACtC,KAAK,MAAM,CAAC,GAAG,EAAE,GAAG,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,MAAM,CAAC,EAAE,CAAC;gBACrD,MAAM,SAAS,GAAG,GAAG,CAAC,KAAK,CAAC,aAAa,CAAC,CAAC;gBAC3C,MAAM,IAAI,GAAG,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC;gBAC5C,IAAI,IAAI,IAAI,OAAQ,GAAW,CAAC,OAAO,KAAK,QAAQ,EAAE,CAAC;oBACnD,YAAY,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,OAAO,EAAG,GAAW,CAAC,OAAiB,EAAE,CAAC,CAAC;gBACzE,CAAC;YACL,CAAC;YACD,OAAO,WAAW,CAAC,YAAY,CAAC,CAAC;QACrC,CAAC;IACL,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC,CAAA,CAAC;IAEd,wBAAwB;IACxB,IAAI,CAAC;QACD,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,gBAAgB,CAAC,CAAC;QAClD,MAAM,OAAO,GAAG,MAAM,EAAE,CAAC,QAAQ,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;QACrD,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;QAEnC,MAAM,YAAY,GAAiB,EAAE,CAAC;QACtC,IAAI,MAAM,CAAC,QAAQ,EAAE,CAAC;YAClB,KAAK,MAAM,GAAG,IAAI,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,EAAE,CAAC;gBAC7C,IAAI,QAAQ,GAAG,GAAG,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC;gBAC5D,IAAI,QAAQ,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;oBACzB,QAAQ,GAAG,QAAQ,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,QAAQ,CAAC;gBAClD,CAAC;gBAED,MAAM,KAAK,GAAG,QAAQ,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;gBAClC,IAAI,KAAK,CAAC,MAAM,IAAI,CAAC,EAAE,CAAC;oBACpB,MAAM,OAAO,GAAG,KAAK,CAAC,GAAG,EAAE,CAAC;oBAC5B,MAAM,IAAI,GAAG,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;oBAC7B,IAAI,IAAI,IAAI,OAAO,OAAO,KAAK,QAAQ,EAAE,CAAC;wBACtC,YAAY,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC,CAAC;oBACzC,CAAC;gBACL,CAAC;qBAAM,IAAI,QAAQ,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;oBAChC,MAAM,MAAM,GAAG,QAAQ,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC;oBACzC,MAAM,IAAI,GAAG,QAAQ,CAAC,SAAS,CAAC,CAAC,EAAE,MAAM,CAAC,CAAC;oBAC3C,MAAM,OAAO,GAAG,QAAQ,CAAC,SAAS,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;oBAC/C,IAAI,IAAI,IAAI,OAAO,OAAO,KAAK,QAAQ,EAAE,CAAC;wBACtC,YAAY,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC,CAAC;oBACzC,CAAC;gBACL,CAAC;YACL,CAAC;YACD,OAAO,WAAW,CAAC,YAAY,CAAC,CAAC;QACrC,CAAC;IACL,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC,CAAA,CAAC;IAEd,gCAAgC;IAChC,IAAI,CAAC;QACD,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,UAAU,CAAC,CAAC;QAC5C,MAAM,OAAO,GAAG,MAAM,EAAE,CAAC,QAAQ,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;QACrD,IAAI,OAAO,CAAC,IAAI,EAAE,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,OAAO,CAAC,QAAQ,CAAC,aAAa,CAAC,EAAE,CAAC;YACpE,MAAM,MAAM,GAAG,YAAY,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;YAC3C,IAAI,MAAM,CAAC,IAAI,KAAK,SAAS,IAAI,MAAM,CAAC,MAAM,EAAE,CAAC;gBAC7C,MAAM,YAAY,GAAiB,EAAE,CAAC;gBACtC,KAAK,MAAM,CAAC,GAAG,EAAE,GAAG,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,MAAM,CAAC,EAAE,CAAC;oBACrD,MAAM,SAAS,GAAG,GAAG,CAAC,KAAK,CAAC,aAAa,CAAC,CAAC;oBAC3C,MAAM,IAAI,GAAG,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC;oBAC5C,IAAI,IAAI,IAAI,OAAQ,GAAW,CAAC,OAAO,KAAK,QAAQ,EAAE,CAAC;wBACnD,YAAY,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,OAAO,EAAG,GAAW,CAAC,OAAiB,EAAE,CAAC,CAAC;oBACzE,CAAC;gBACL,CAAC;gBACD,OAAO,WAAW,CAAC,YAAY,CAAC,CAAC;YACrC,CAAC;QACL,CAAC;IACL,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC,CAAA,CAAC;IAEd,0BAA0B;IAC1B,IAAI,CAAC;QACD,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,WAAW,CAAC,CAAC;QAC7C,MAAM,OAAO,GAAG,MAAM,EAAE,CAAC,QAAQ,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;QACrD,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;QACjC,MAAM,YAAY,GAAiB,EAAE,CAAC;QAEtC,IAAI,IAAI,CAAC,QAAQ,IAAI,IAAI,CAAC,QAAQ,CAAC,UAAU,EAAE,CAAC;YAC5C,KAAK,MAAM,GAAG,IAAI,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,UAAU,CAAC,EAAE,CAAC;gBACtD,IAAI,GAAG,CAAC,UAAU,CAAC,MAAM,CAAC,EAAE,CAAC;oBACzB,MAAM,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC;oBAC/C,IAAI,OAAO,QAAQ,KAAK,QAAQ,IAAI,QAAQ,CAAC,UAAU,CAAC,MAAM,CAAC,EAAE,CAAC;wBAC7D,MAAM,KAAK,GAAG,QAAQ,CAAC,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;wBACtD,MAAM,OAAO,GAAG,KAAK,CAAC,GAAG,EAAE,CAAC;wBAC5B,MAAM,IAAI,GAAG,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;wBAC7B,IAAI,IAAI,IAAI,OAAO,OAAO,KAAK,QAAQ,EAAE,CAAC;4BACtC,YAAY,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC,CAAC;wBACzC,CAAC;oBACN,CAAC;gBACL,CAAC;YACL,CAAC;QACL,CAAC;QACD,OAAO,WAAW,CAAC,YAAY,CAAC,CAAC;IACrC,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC,CAAA,CAAC;IAEd,OAAO,IAAI,CAAC;AACd,CAAC;AAED,SAAS,WAAW,CAAC,IAAkB;IACnC,MAAM,MAAM,GAAG,IAAI,GAAG,EAAsB,CAAC;IAC7C,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,IAAI,IAAI,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC;IAC3D,OAAO,KAAK,CAAC,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC,CAAC;AACvC,CAAC"}

package/dist/src/utils/popular-packages.d.ts

@@ -0,0 +1,2 @@
+export declare function getPopularPackages(): Promise<string[]>;
+//# sourceMappingURL=popular-packages.d.ts.map

package/dist/src/utils/popular-packages.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"popular-packages.d.ts","sourceRoot":"","sources":["../../../src/utils/popular-packages.ts"],"names":[],"mappings":"AAMA,wBAAsB,kBAAkB,IAAI,OAAO,CAAC,MAAM,EAAE,CAAC,CAe5D"}

package/dist/src/utils/popular-packages.js

@@ -0,0 +1,22 @@
+import axios from 'axios';
+import { POPULAR_PACKAGES as FALLBACK_PACKAGES } from '../config.js';
+const LIST_URL = 'https://raw.githubusercontent.com/wooorm/npm-high-impact/main/data.json';
+let cachedPackages = null;
+export async function getPopularPackages() {
+    if (cachedPackages)
+        return cachedPackages;
+    try {
+        const { data } = await axios.get(LIST_URL, { timeout: 5000 });
+        if (Array.isArray(data)) {
+            cachedPackages = [...new Set([...data, ...FALLBACK_PACKAGES])];
+        }
+        else {
+            cachedPackages = FALLBACK_PACKAGES;
+        }
+    }
+    catch (e) {
+        cachedPackages = FALLBACK_PACKAGES;
+    }
+    return cachedPackages;
+}
+//# sourceMappingURL=popular-packages.js.map

package/dist/src/utils/popular-packages.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"popular-packages.js","sourceRoot":"","sources":["../../../src/utils/popular-packages.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,MAAM,OAAO,CAAC;AAC1B,OAAO,EAAE,gBAAgB,IAAI,iBAAiB,EAAE,MAAM,cAAc,CAAC;AAErE,MAAM,QAAQ,GAAG,yEAAyE,CAAC;AAC3F,IAAI,cAAc,GAAoB,IAAI,CAAC;AAE3C,MAAM,CAAC,KAAK,UAAU,kBAAkB;IACtC,IAAI,cAAc;QAAE,OAAO,cAAc,CAAC;IAE1C,IAAI,CAAC;QACH,MAAM,EAAE,IAAI,EAAE,GAAG,MAAM,KAAK,CAAC,GAAG,CAAC,QAAQ,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC;QAC9D,IAAI,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC;YACxB,cAAc,GAAG,CAAC,GAAG,IAAI,GAAG,CAAC,CAAC,GAAG,IAAI,EAAE,GAAG,iBAAiB,CAAC,CAAC,CAAC,CAAC;QACjE,CAAC;aAAM,CAAC;YACN,cAAc,GAAG,iBAAiB,CAAC;QACrC,CAAC;IACH,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,cAAc,GAAG,iBAAiB,CAAC;IACrC,CAAC;IAED,OAAO,cAAe,CAAC;AACzB,CAAC"}

package/package.json

@@ -0,0 +1,53 @@
+{
+  "name": "tangkal",
+  "version": "1.1.0",
+  "description": "Preventive security scanner for cloned repositories. Detects malicious AST patterns, vulnerable dependencies, and typosquatting.",
+  "main": "dist/index.js",
+  "type": "module",
+  "bin": {
+    "tangkal": "./dist/index.js"
+  },
+  "files": [
+    "dist",
+    "README.md"
+  ],
+  "scripts": {
+    "build": "tsc",
+    "prepublishOnly": "pnpm build",
+    "test": "echo \"Error: no test specified\" && exit 1"
+  },
+  "keywords": [
+    "security",
+    "scanner",
+    "malware",
+    "static-analysis",
+    "vulnerability",
+    "typosquatting",
+    "ast"
+  ],
+  "author": "Andrew Virya Victorio",
+  "license": "ISC",
+  "dependencies": {
+    "@babel/parser": "^7.28.6",
+    "@babel/traverse": "^7.28.6",
+    "@yarnpkg/lockfile": "^1.1.0",
+    "axios": "^1.13.3",
+    "chalk": "^5.6.2",
+    "commander": "^14.0.2",
+    "fast-glob": "^3.3.3",
+    "fast-levenshtein": "^3.0.0",
+    "ignore": "^7.0.5",
+    "inquirer": "^13.2.1",
+    "ora": "^9.1.0",
+    "p-limit": "^7.2.0",
+    "shannon-entropy": "^0.0.3",
+    "yaml": "^2.7.0"
+  },
+  "devDependencies": {
+    "@types/fast-levenshtein": "^0.0.4",
+    "@types/inquirer": "^9.0.9",
+    "@types/node": "^25.0.10",
+    "ts-node": "^10.9.2",
+    "typescript": "^5.9.3"
+  }
+}