From e70ff05a8dc6cd3552c87b3bff98ae938792c867 Mon Sep 17 00:00:00 2001 From: Laith Al-Saadoon Date: Sat, 13 Jun 2026 15:13:27 +0000 Subject: [PATCH] chore!: baseline Node 24, apply held majors, fix snyk phantom debug dep MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit BREAKING CHANGE: minimum Node is now 24.15.0 (was 22.12.0). Node 22 is no longer supported. 24.15.0 is the floor where the two major bumps below install under engine-strict. Node 24 baseline: - engines.node >=22.12.0 -> >=24.15.0 across the root + all 18 packages - mise.toml node pin 22 -> 24; .nvmrc / .node-version 22 -> 24 - ci.yml test matrices drop Node 22 (now [24]); verify-global-install matrix flips its six Node-22 legs to 24 (dropping the now-duplicate linux-x64-node24-mise leg) and keeps every installer x OS x arch combo - README requirements: "Node 22 or 24" -> "Node 24+" Held majors (were blocked only by Node 22, now unblocked): - license-checker-rseidelsohn 4.4.2 -> 5.0.1 (needs node>=24). v5 walks the tree via @npmcli/arborist and reports raw SPDX expressions, so it surfaces permissive licenses v4 normalized away. Allowlist (in all four callers: ci.yml, pre-release-gate.yml, scripts/acceptance.sh, mise.toml) gains Python-2.0 (argparse, via js-yaml), CC-BY-3.0 (spdx-exceptions data), and the compound expressions "MIT OR Apache-2.0", "(Apache-2.0 AND MIT)", "(BSD-3-Clause AND Apache-2.0)", "(BSD-2-Clause OR MIT OR Apache-2.0)", "(MIT OR CC0-1.0)" — all permissive or composed of already-allowed ids. - write-file-atomic 7.0.1 -> 8.0.0 across cli, ingestion, analysis, wiki. snyk phantom dependency: - snyk-nodejs-lockfile-parser@2.8.0 does require("debug") without declaring it. Added a pnpm packageExtensions entry injecting debug@4.4.3 into its deps so `pnpm install` (workspace + lockfile/CI consumers) resolves it under pnpm strict layout. NOTE: a bare `pnpm add -g ` global install still cannot see it (global installs do not read workspace packageExtensions, and snyk is not ESM-bundle-safe — it does a dynamic require("fs")). The documented + CI-tested global path is `npm install -g`, which flat-hoists debug and works end-to-end. Validated on Node 24.16.0: build, lint, typecheck, 2169 tests (0 fail), banned-strings, license allowlist (lcr@5), OSV, pack determinism, and a full `codehub analyze` of an external repo via npm-global install. --- .github/workflows/ci.yml | 13 +- .github/workflows/pre-release-gate.yml | 5 +- .github/workflows/verify-global-install.yml | 38 +- .node-version | 2 +- .nvmrc | 2 +- README.md | 4 +- mise.toml | 4 +- package.json | 4 +- packages/analysis/package.json | 4 +- packages/cli/package.json | 4 +- packages/cobol-proleap/package.json | 2 +- packages/core-types/package.json | 2 +- packages/docs/package.json | 2 +- packages/embedder/package.json | 2 +- packages/frameworks/package.json | 2 +- packages/ingestion/package.json | 4 +- packages/mcp/package.json | 2 +- packages/pack/package.json | 2 +- packages/policy/package.json | 2 +- packages/sarif/package.json | 2 +- packages/scanners/package.json | 2 +- packages/scip-ingest/package.json | 2 +- packages/search/package.json | 2 +- packages/storage/package.json | 2 +- packages/summarizer/package.json | 2 +- packages/wiki/package.json | 4 +- pnpm-lock.yaml | 976 +++++++++++++++----- pnpm-workspace.yaml | 13 + scripts/acceptance.sh | 2 +- 29 files changed, 835 insertions(+), 272 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 0a15c1c0..e2b49669 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -50,7 +50,7 @@ jobs: fail-fast: false matrix: os: [ubuntu-latest, macos-latest, windows-latest] - node-version: [22, 24] + node-version: [24] runs-on: ${{ matrix.os }} env: MISE_NODE_VERSION: ${{ matrix.node-version }} @@ -92,7 +92,7 @@ jobs: fail-fast: false matrix: os: [ubuntu-latest, macos-latest, windows-latest] - node-version: [22] + node-version: [24] runs-on: ${{ matrix.os }} env: MISE_NODE_VERSION: ${{ matrix.node-version }} @@ -146,10 +146,17 @@ jobs: - name: license allowlist # Root is `private: true` with no runtime deps post-collapse; scan # packages/cli (the real third-party runtime deps) via `--start`. + # license-checker-rseidelsohn v5 walks the tree via @npmcli/arborist + # and reports raw SPDX expressions (e.g. "MIT OR Apache-2.0") instead + # of normalizing to a single id, so the compound expressions below are + # listed verbatim. Python-2.0 (argparse, via js-yaml) and CC-BY-3.0 + # (spdx-exceptions data) are both OSI-approved permissive. Keep this + # allowlist identical across ci.yml, pre-release-gate.yml, and + # scripts/acceptance.sh. run: > pnpm exec license-checker-rseidelsohn --start packages/cli - --onlyAllow 'Apache-2.0;MIT;BSD-2-Clause;BSD-3-Clause;ISC;CC0-1.0;BlueOak-1.0.0;0BSD' + --onlyAllow 'Apache-2.0;MIT;BSD-2-Clause;BSD-3-Clause;ISC;CC0-1.0;BlueOak-1.0.0;0BSD;Python-2.0;CC-BY-3.0;MIT OR Apache-2.0;(Apache-2.0 AND MIT);(BSD-3-Clause AND Apache-2.0);(BSD-2-Clause OR MIT OR Apache-2.0);(MIT OR CC0-1.0)' --excludePrivatePackages --production diff --git a/.github/workflows/pre-release-gate.yml b/.github/workflows/pre-release-gate.yml index bc0d0f06..fdde6838 100644 --- a/.github/workflows/pre-release-gate.yml +++ b/.github/workflows/pre-release-gate.yml @@ -98,10 +98,13 @@ jobs: - name: license allowlist # Root is `private: true` with no runtime deps post-collapse; scan # packages/cli (the real third-party runtime deps) via `--start`. + # license-checker-rseidelsohn v5 reports raw SPDX expressions; see the + # note in ci.yml. Keep this allowlist identical across ci.yml, + # pre-release-gate.yml, and scripts/acceptance.sh. run: > pnpm exec license-checker-rseidelsohn --start packages/cli - --onlyAllow 'Apache-2.0;MIT;BSD-2-Clause;BSD-3-Clause;ISC;CC0-1.0;BlueOak-1.0.0;0BSD' + --onlyAllow 'Apache-2.0;MIT;BSD-2-Clause;BSD-3-Clause;ISC;CC0-1.0;BlueOak-1.0.0;0BSD;Python-2.0;CC-BY-3.0;MIT OR Apache-2.0;(Apache-2.0 AND MIT);(BSD-3-Clause AND Apache-2.0);(BSD-2-Clause OR MIT OR Apache-2.0);(MIT OR CC0-1.0)' --excludePrivatePackages --production diff --git a/.github/workflows/verify-global-install.yml b/.github/workflows/verify-global-install.yml index cb5187ea..9da5f769 100644 --- a/.github/workflows/verify-global-install.yml +++ b/.github/workflows/verify-global-install.yml @@ -6,7 +6,7 @@ # `npm install -g`, run the 5 hard gates plus the 4 smoke commands. The CLI is # the only published package — the 14 internal libraries are bundled into its # tarball at build time (tsup noExternal), so a single tarball is the entire -# install graph. The matrix exercises Linux/macOS x Node 20/22/24 x +# install graph. The matrix exercises Linux/macOS x Node 24 x # mise/nvm/Homebrew/Volta installers so a regression in any one of those tool # managers cannot land silently. # @@ -49,64 +49,58 @@ jobs: matrix: include: # ---------------------------- Linux x64 ----------------------------- - # Floor is Node 22 (engines.node >= 22.12.0); the prior node20 row - # tested a sub-floor runtime and was dropped. - - label: linux-x64-node22-mise - runner: ubuntu-24.04 - os: linux - arch: x64 - node: "22" - installer: mise + # Floor is Node 24 (engines.node >= 24.15.0); the prior node20/node22 + # rows tested sub-floor runtimes and were dropped. - label: linux-x64-node24-mise runner: ubuntu-24.04 os: linux arch: x64 node: "24" installer: mise - - label: linux-x64-node22-nvm + - label: linux-x64-node24-nvm runner: ubuntu-24.04 os: linux arch: x64 - node: "22" + node: "24" installer: nvm # ---------------------------- Linux arm64 --------------------------- # ubuntu-24.04-arm is the public-repo arm64 runner label; it is # the closest proxy GitHub offers for Apple Silicon Linux boxes. - - label: linux-arm64-node22-mise + - label: linux-arm64-node24-mise runner: ubuntu-24.04-arm os: linux arch: arm64 - node: "22" + node: "24" installer: mise # ---------------------------- macOS arm64 --------------------------- # macos-14 / macos-15 are arm64 runners (Apple Silicon). - - label: macos-arm64-node22-homebrew + - label: macos-arm64-node24-homebrew runner: macos-14 os: macos arch: arm64 - node: "22" + node: "24" installer: homebrew - - label: macos-arm64-node22-nvm + - label: macos-arm64-node24-nvm runner: macos-14 os: macos arch: arm64 - node: "22" + node: "24" installer: nvm - - label: macos-arm64-node22-volta + - label: macos-arm64-node24-volta runner: macos-14 os: macos arch: arm64 - node: "22" + node: "24" installer: volta # ---------------------------- macOS x64 ----------------------------- # macos-15-intel is the current Intel-Mac (x86_64) runner label; # covers the Intel Mac smoke case the plan calls out. The older # `macos-13` label was retired by GitHub. - - label: macos-x64-node22-nvm + - label: macos-x64-node24-nvm runner: macos-15-intel os: macos arch: x64 - node: "22" + node: "24" installer: nvm steps: - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 @@ -135,7 +129,7 @@ jobs: bash /tmp/nvm-install.sh export NVM_DIR="$HOME/.nvm" # Sourcing nvm.sh runs nvm's auto-use against the repo `.nvmrc` - # (node 22). On the macOS runners nvm is freshly cloned and no + # (node 24). On the macOS runners nvm is freshly cloned and no # node is installed yet, so that auto-use returns exit 3 # ("version N/A — not installed"). Under `set -e` that aborts the # step before `nvm install` ever runs. On the Ubuntu runners nvm + diff --git a/.node-version b/.node-version index 2bd5a0a9..a45fd52c 100644 --- a/.node-version +++ b/.node-version @@ -1 +1 @@ -22 +24 diff --git a/.nvmrc b/.nvmrc index 2bd5a0a9..a45fd52c 100644 --- a/.nvmrc +++ b/.nvmrc @@ -1 +1 @@ -22 +24 diff --git a/README.md b/README.md index 92dd4f27..d14037bd 100644 --- a/README.md +++ b/README.md @@ -108,7 +108,7 @@ for musl / `win32-arm64` coverage. ### Install from npm (recommended) -**Requirements:** Node 22 or 24. +**Requirements:** Node 24+. ```bash # global install — puts `codehub` on your PATH @@ -136,7 +136,7 @@ codehub analyze ### Build from source -**Requirements:** Node 22 or 24; pnpm 11+; Python 3.12 (only needed for +**Requirements:** Node 24+; pnpm 11+; Python 3.12 (only needed for SCIP indexers on Python-heavy repos); `mise` recommended. ```bash diff --git a/mise.toml b/mise.toml index 6ad1b0ac..65344279 100644 --- a/mise.toml +++ b/mise.toml @@ -1,5 +1,5 @@ [tools] -node = "22" +node = "24" pnpm = "11.1.0" python = "3.12" uv = "latest" @@ -149,7 +149,7 @@ run = "bash scripts/check-banned-strings.sh" description = "License allowlist check (packages/cli prod deps)" # Root is `private: true` with no runtime deps post-collapse, so scan from # packages/cli (where the real third-party runtime deps live) via `--start`. -run = "pnpm exec license-checker-rseidelsohn --start packages/cli --onlyAllow 'Apache-2.0;MIT;BSD-2-Clause;BSD-3-Clause;ISC;CC0-1.0;BlueOak-1.0.0;0BSD' --excludePrivatePackages --production" +run = "pnpm exec license-checker-rseidelsohn --start packages/cli --onlyAllow 'Apache-2.0;MIT;BSD-2-Clause;BSD-3-Clause;ISC;CC0-1.0;BlueOak-1.0.0;0BSD;Python-2.0;CC-BY-3.0;MIT OR Apache-2.0;(Apache-2.0 AND MIT);(BSD-3-Clause AND Apache-2.0);(BSD-2-Clause OR MIT OR Apache-2.0);(MIT OR CC0-1.0)' --excludePrivatePackages --production" [tasks.osv] description = "OSV vulnerability scan against pnpm-lock.yaml" diff --git a/package.json b/package.json index 38715a45..aba9383e 100644 --- a/package.json +++ b/package.json @@ -5,7 +5,7 @@ "description": "OpenCodeHub — Apache-2.0 code intelligence graph + MCP server for AI coding agents", "license": "Apache-2.0", "engines": { - "node": ">=22.12.0", + "node": ">=24.15.0", "pnpm": ">=11.0.0" }, "packageManager": "pnpm@11.1.0", @@ -31,7 +31,7 @@ "commitizen": "4.3.2", "cz-conventional-changelog": "3.3.0", "lefthook": "2.1.9", - "license-checker-rseidelsohn": "4.4.2", + "license-checker-rseidelsohn": "5.0.1", "tsx": "4.22.4", "typescript": "6.0.3" }, diff --git a/packages/analysis/package.json b/packages/analysis/package.json index f04a956b..85c2672d 100644 --- a/packages/analysis/package.json +++ b/packages/analysis/package.json @@ -43,7 +43,7 @@ "@opencodehub/sarif": "workspace:*", "@opencodehub/storage": "workspace:*", "@opencodehub/wiki": "workspace:*", - "write-file-atomic": "7.0.1" + "write-file-atomic": "8.0.0" }, "devDependencies": { "@types/node": "25.9.3", @@ -66,6 +66,6 @@ "detect-changes" ], "engines": { - "node": ">=22.12.0" + "node": ">=24.15.0" } } diff --git a/packages/cli/package.json b/packages/cli/package.json index fdedefb5..55f09183 100644 --- a/packages/cli/package.json +++ b/packages/cli/package.json @@ -61,7 +61,7 @@ "piscina": "5.2.0", "snyk-nodejs-lockfile-parser": "2.8.0", "web-tree-sitter": "0.26.9", - "write-file-atomic": "7.0.1", + "write-file-atomic": "8.0.0", "yaml": "2.9.0", "zod": "4.4.3" }, @@ -104,6 +104,6 @@ "code-analysis" ], "engines": { - "node": ">=22.12.0" + "node": ">=24.15.0" } } diff --git a/packages/cobol-proleap/package.json b/packages/cobol-proleap/package.json index e1f27c59..32a1a6a7 100644 --- a/packages/cobol-proleap/package.json +++ b/packages/cobol-proleap/package.json @@ -62,6 +62,6 @@ "legacy-code" ], "engines": { - "node": ">=22.12.0" + "node": ">=24.15.0" } } diff --git a/packages/core-types/package.json b/packages/core-types/package.json index a4bd1ce7..c710219e 100644 --- a/packages/core-types/package.json +++ b/packages/core-types/package.json @@ -57,6 +57,6 @@ "typescript" ], "engines": { - "node": ">=22.12.0" + "node": ">=24.15.0" } } diff --git a/packages/docs/package.json b/packages/docs/package.json index 2a3b8459..41093589 100644 --- a/packages/docs/package.json +++ b/packages/docs/package.json @@ -6,7 +6,7 @@ "license": "Apache-2.0", "type": "module", "engines": { - "node": ">=22.12.0" + "node": ">=24.15.0" }, "scripts": { "dev": "astro dev", diff --git a/packages/embedder/package.json b/packages/embedder/package.json index 15f5fb27..a2ff9109 100644 --- a/packages/embedder/package.json +++ b/packages/embedder/package.json @@ -67,6 +67,6 @@ "semantic-search" ], "engines": { - "node": ">=22.12.0" + "node": ">=24.15.0" } } diff --git a/packages/frameworks/package.json b/packages/frameworks/package.json index a2943926..60f66814 100644 --- a/packages/frameworks/package.json +++ b/packages/frameworks/package.json @@ -61,6 +61,6 @@ "language-detection" ], "engines": { - "node": ">=22.12.0" + "node": ">=24.15.0" } } diff --git a/packages/ingestion/package.json b/packages/ingestion/package.json index 72264b78..760a81f2 100644 --- a/packages/ingestion/package.json +++ b/packages/ingestion/package.json @@ -58,7 +58,7 @@ "snyk-nodejs-lockfile-parser": "2.8.0", "spdx-correct": "^3.2.0", "web-tree-sitter": "0.26.9", - "write-file-atomic": "7.0.1" + "write-file-atomic": "8.0.0" }, "devDependencies": { "@types/node": "25.9.3", @@ -90,6 +90,6 @@ "pipeline" ], "engines": { - "node": ">=22.12.0" + "node": ">=24.15.0" } } diff --git a/packages/mcp/package.json b/packages/mcp/package.json index 9f2e1a07..e6882fd1 100644 --- a/packages/mcp/package.json +++ b/packages/mcp/package.json @@ -72,6 +72,6 @@ "coding-agent" ], "engines": { - "node": ">=22.12.0" + "node": ">=24.15.0" } } diff --git a/packages/pack/package.json b/packages/pack/package.json index 1e8b4085..c48b4fb3 100644 --- a/packages/pack/package.json +++ b/packages/pack/package.json @@ -65,6 +65,6 @@ "context-window" ], "engines": { - "node": ">=22.12.0" + "node": ">=24.15.0" } } diff --git a/packages/policy/package.json b/packages/policy/package.json index ae5095d6..275e3ebc 100644 --- a/packages/policy/package.json +++ b/packages/policy/package.json @@ -61,6 +61,6 @@ "allowlist" ], "engines": { - "node": ">=22.12.0" + "node": ">=24.15.0" } } diff --git a/packages/sarif/package.json b/packages/sarif/package.json index ba8be319..50bc5142 100644 --- a/packages/sarif/package.json +++ b/packages/sarif/package.json @@ -65,6 +65,6 @@ "findings" ], "engines": { - "node": ">=22.12.0" + "node": ">=24.15.0" } } diff --git a/packages/scanners/package.json b/packages/scanners/package.json index ccc7d186..e17525e7 100644 --- a/packages/scanners/package.json +++ b/packages/scanners/package.json @@ -63,6 +63,6 @@ "sast" ], "engines": { - "node": ">=22.12.0" + "node": ">=24.15.0" } } diff --git a/packages/scip-ingest/package.json b/packages/scip-ingest/package.json index 66572201..3914d059 100644 --- a/packages/scip-ingest/package.json +++ b/packages/scip-ingest/package.json @@ -68,6 +68,6 @@ "java" ], "engines": { - "node": ">=22.12.0" + "node": ">=24.15.0" } } diff --git a/packages/search/package.json b/packages/search/package.json index 0d97e982..52dd5b44 100644 --- a/packages/search/package.json +++ b/packages/search/package.json @@ -62,6 +62,6 @@ "rrf" ], "engines": { - "node": ">=22.12.0" + "node": ">=24.15.0" } } diff --git a/packages/storage/package.json b/packages/storage/package.json index 9d0e0b8f..ec3e9250 100644 --- a/packages/storage/package.json +++ b/packages/storage/package.json @@ -66,6 +66,6 @@ "storage" ], "engines": { - "node": ">=22.12.0" + "node": ">=24.15.0" } } diff --git a/packages/summarizer/package.json b/packages/summarizer/package.json index b9fa41c6..53c1eed5 100644 --- a/packages/summarizer/package.json +++ b/packages/summarizer/package.json @@ -62,6 +62,6 @@ "code-summaries" ], "engines": { - "node": ">=22.12.0" + "node": ">=24.15.0" } } diff --git a/packages/wiki/package.json b/packages/wiki/package.json index ef78a688..354b3547 100644 --- a/packages/wiki/package.json +++ b/packages/wiki/package.json @@ -42,7 +42,7 @@ "@opencodehub/core-types": "workspace:*", "@opencodehub/storage": "workspace:*", "@opencodehub/summarizer": "workspace:*", - "write-file-atomic": "7.0.1" + "write-file-atomic": "8.0.0" }, "devDependencies": { "@types/node": "25.9.3", @@ -66,6 +66,6 @@ "markdown" ], "engines": { - "node": ">=22.12.0" + "node": ">=24.15.0" } } diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml index 3056cfb5..3cb09f58 100644 --- a/pnpm-lock.yaml +++ b/pnpm-lock.yaml @@ -26,6 +26,8 @@ overrides: devalue@<5.8.1: 5.8.1 esbuild@>=0.27.3 <0.28.1: 0.28.1 +packageExtensionsChecksum: sha256-nZE7gFFLhNkWrIf/6ERJbJ0Vvh9wcuyGpGGdQKECjYk= + importers: .: @@ -52,8 +54,8 @@ importers: specifier: 2.1.9 version: 2.1.9 license-checker-rseidelsohn: - specifier: 4.4.2 - version: 4.4.2 + specifier: 5.0.1 + version: 5.0.1 tsx: specifier: 4.22.4 version: 4.22.4 @@ -79,8 +81,8 @@ importers: specifier: workspace:* version: link:../wiki write-file-atomic: - specifier: 7.0.1 - version: 7.0.1 + specifier: 8.0.0 + version: 8.0.0 devDependencies: '@types/node': specifier: 25.9.3 @@ -108,7 +110,7 @@ importers: version: 0.0.10 '@cyclonedx/cyclonedx-library': specifier: 10.1.0 - version: 10.1.0(ajv-formats-draft2019@1.6.1(ajv@8.18.0))(ajv-formats@3.0.1(ajv@8.18.0))(ajv@8.18.0)(packageurl-js@2.0.1)(spdx-expression-parse@3.0.1) + version: 10.1.0(ajv-formats-draft2019@1.6.1(ajv@8.18.0))(ajv-formats@3.0.1(ajv@8.18.0))(ajv@8.18.0)(packageurl-js@2.0.1)(spdx-expression-parse@4.0.0) '@duckdb/node-api': specifier: 1.5.3-r.3 version: 1.5.3-r.3 @@ -155,8 +157,8 @@ importers: specifier: 0.26.9 version: 0.26.9 write-file-atomic: - specifier: 7.0.1 - version: 7.0.1 + specifier: 8.0.0 + version: 8.0.0 yaml: specifier: 2.9.0 version: 2.9.0 @@ -325,7 +327,7 @@ importers: version: 3.1068.0 '@cyclonedx/cyclonedx-library': specifier: 10.1.0 - version: 10.1.0(ajv-formats-draft2019@1.6.1(ajv@8.20.0))(ajv-formats@3.0.1(ajv@8.20.0))(ajv@8.20.0)(packageurl-js@2.0.1)(spdx-expression-parse@3.0.1) + version: 10.1.0(ajv-formats-draft2019@1.6.1(ajv@8.20.0))(ajv-formats@3.0.1(ajv@8.20.0))(ajv@8.20.0)(packageurl-js@2.0.1)(spdx-expression-parse@4.0.0) '@iarna/toml': specifier: 2.2.5 version: 2.2.5 @@ -372,8 +374,8 @@ importers: specifier: 0.26.9 version: 0.26.9 write-file-atomic: - specifier: 7.0.1 - version: 7.0.1 + specifier: 8.0.0 + version: 8.0.0 devDependencies: '@types/node': specifier: 25.9.3 @@ -608,8 +610,8 @@ importers: specifier: workspace:* version: link:../summarizer write-file-atomic: - specifier: 7.0.1 - version: 7.0.1 + specifier: 8.0.0 + version: 8.0.0 devDependencies: '@types/node': specifier: 25.9.3 @@ -1252,6 +1254,10 @@ packages: resolution: {integrity: sha512-JUOtgFW6k9u4Y+xeIaEiLr3+cjoUPiAuLXoyKOJSia6Duzb7pq+A76P9ZdPDoAoxHdHzq6gE9/jKBGXlZT8FbA==} engines: {node: '>=6'} + '@gar/promise-retry@1.0.3': + resolution: {integrity: sha512-GmzA9ckNokPypTg10pgpeHNQe7ph+iIKKmhKu3Ob9ANkswreCx7R3cKmY781K8QK3AqVL3xVh9A42JvIAbkkSA==} + engines: {node: ^20.17.0 || >=22.9.0} + '@hono/node-server@1.19.14': resolution: {integrity: sha512-GwtvgtXxnWsucXvbQXkRgqksiH2Qed37H9xHZocE5sA3N8O8O8/8FA3uclQXxXVzc9XBZuEOMK7+r02FmSpHtw==} engines: {node: '>=18.14.1'} @@ -1590,14 +1596,13 @@ packages: '@types/node': optional: true - '@isaacs/cliui@8.0.2': - resolution: {integrity: sha512-O8jcjabXaleOG9DQ0+ARXWZBTfnP4WNAqzuiJK7ll44AmxGKv/J2M4TPjxjY3znBCfvBXFzucm1twdyFybFqEA==} - engines: {node: '>=12'} - '@isaacs/fs-minipass@4.0.1': resolution: {integrity: sha512-wgm9Ehl2jpeqP3zw/7mo3kRHFp5MEDhqAdwy1fTGkHAwnkGOVsgpvQhL8B5n1qlb01jV3n/bI0ZfZp5lWA1k4w==} engines: {node: '>=18.0.0'} + '@isaacs/string-locale-compare@1.1.0': + resolution: {integrity: sha512-SQ7Kzhh9+D+ZW9MA0zkYv3VXhIDNx+LzM6EJ+/65I3QY+enU6Itte7E5XX7EWrqLW2FN4n06GWzBnPoC3th2aQ==} + '@jridgewell/gen-mapping@0.3.13': resolution: {integrity: sha512-2kkt/7niJ6MgEPxF0bYdQ6etZaA+fQvDcLKckhy1yIQOzaoKjBBjSj63/aLVjYE3qhRt5dvM+uUyfCg6UKCBbA==} @@ -1793,9 +1798,63 @@ packages: resolution: {integrity: sha512-oGB+UxlgWcgQkgwo8GcEGwemoTFt3FIO9ababBmaGwXIoBKZ+GTy0pP185beGg7Llih/NSHSV2XAs1lnznocSg==} engines: {node: '>= 8'} - '@npmcli/fs@3.1.1': - resolution: {integrity: sha512-q9CRWjpHCMIh5sVyefoD1cA7PkvILqCZsnSOEUUivORLjxCO/Irmue2DprETiNgEqktDBZaM1Bi+jrarx1XdCg==} - engines: {node: ^14.17.0 || ^16.13.0 || >=18.0.0} + '@npmcli/agent@4.0.2': + resolution: {integrity: sha512-EUEuWAxnL07Sp5/iC/1X6Xj+XThUvnbei9zfRWZdEXa7lss9RTHMhAHBeg+MZ5To9s/gGaSI+UwZTPdYMvKSeg==} + engines: {node: ^20.17.0 || >=22.9.0} + + '@npmcli/arborist@9.6.0': + resolution: {integrity: sha512-Dku9UWbrrX+UCu8rQ1obGKaQAL4kwdt3hHCNXrd0n0R/4B8oq3CzloUAShwFjfsAGM6KY27gPuNftOUEZ4nhOw==} + engines: {node: ^20.17.0 || >=22.9.0} + hasBin: true + + '@npmcli/fs@5.0.0': + resolution: {integrity: sha512-7OsC1gNORBEawOa5+j2pXN9vsicaIOH5cPXxoR6fJOmH6/EXpJB2CajXOu1fPRFun2m1lktEFX11+P89hqO/og==} + engines: {node: ^20.17.0 || >=22.9.0} + + '@npmcli/git@7.0.2': + resolution: {integrity: sha512-oeolHDjExNAJAnlYP2qzNjMX/Xi9bmu78C9dIGr4xjobrSKbuMYCph8lTzn4vnW3NjIqVmw/f8BCfouqyJXlRg==} + engines: {node: ^20.17.0 || >=22.9.0} + + '@npmcli/installed-package-contents@4.0.0': + resolution: {integrity: sha512-yNyAdkBxB72gtZ4GrwXCM0ZUedo9nIbOMKfGjt6Cu6DXf0p8y1PViZAKDC8q8kv/fufx0WTjRBdSlyrvnP7hmA==} + engines: {node: ^20.17.0 || >=22.9.0} + hasBin: true + + '@npmcli/map-workspaces@5.0.3': + resolution: {integrity: sha512-o2grssXo1e774E5OtEwwrgoszYRh0lqkJH+Pb9r78UcqdGJRDRfhpM8DvZPjzNLLNYeD/rNbjOKM3Ss5UABROw==} + engines: {node: ^20.17.0 || >=22.9.0} + + '@npmcli/metavuln-calculator@9.0.3': + resolution: {integrity: sha512-94GLSYhLXF2t2LAC7pDwLaM4uCARzxShyAQKsirmlNcpidH89VA4/+K1LbJmRMgz5gy65E/QBBWQdUvGLe2Frg==} + engines: {node: ^20.17.0 || >=22.9.0} + + '@npmcli/name-from-folder@4.0.0': + resolution: {integrity: sha512-qfrhVlOSqmKM8i6rkNdZzABj8MKEITGFAY+4teqBziksCQAOLutiAxM1wY2BKEd8KjUSpWmWCYxvXr0y4VTlPg==} + engines: {node: ^20.17.0 || >=22.9.0} + + '@npmcli/node-gyp@5.0.0': + resolution: {integrity: sha512-uuG5HZFXLfyFKqg8QypsmgLQW7smiRjVc45bqD/ofZZcR/uxEjgQU8qDPv0s9TEeMUiAAU/GC5bR6++UdTirIQ==} + engines: {node: ^20.17.0 || >=22.9.0} + + '@npmcli/package-json@7.0.5': + resolution: {integrity: sha512-iVuTlG3ORq2iaVa1IWUxAO/jIp77tUKBhoMjuzYW2kL4MLN1bi/ofqkZ7D7OOwh8coAx1/S2ge0rMdGv8sLSOQ==} + engines: {node: ^20.17.0 || >=22.9.0} + + '@npmcli/promise-spawn@9.0.1': + resolution: {integrity: sha512-OLUaoqBuyxeTqUvjA3FZFiXUfYC1alp3Sa99gW3EUDz3tZ3CbXDdcZ7qWKBzicrJleIgucoWamWH1saAmH/l2Q==} + engines: {node: ^20.17.0 || >=22.9.0} + + '@npmcli/query@5.0.0': + resolution: {integrity: sha512-8TZWfTQOsODpLqo9SVhVjHovmKXNpevHU0gO9e+y4V4fRIOneiXy0u0sMP9LmS71XivrEWfZWg50ReH4WRT4aQ==} + engines: {node: ^20.17.0 || >=22.9.0} + + '@npmcli/redact@4.0.0': + resolution: {integrity: sha512-gOBg5YHMfZy+TfHArfVogwgfBeQnKbbGo3pSUyK/gSI0AVu+pEiDVcKlQb0D8Mg1LNRZILZ6XG8I5dJ4KuAd9Q==} + engines: {node: ^20.17.0 || >=22.9.0} + + '@npmcli/run-script@10.0.4': + resolution: {integrity: sha512-mGUWr1uMnf0le2TwfOZY4SFxZGXGfm4Jtay/nwAa2FLNAKXUoUwaGwBMNH36UHPtinWfTSJ3nqFQr0091CxVGg==} + engines: {node: ^20.17.0 || >=22.9.0} '@oslojs/encoding@1.1.0': resolution: {integrity: sha512-70wQhgYmndg4GCPxPPxPGevRKqTIJ2Nh4OkiMWmDAVYsTQ+Ta7Sq+rPevXyXGdzr30/qZBnyOalCszoMxlyldQ==} @@ -1838,10 +1897,6 @@ packages: cpu: [x64] os: [win32] - '@pkgjs/parseargs@0.11.0': - resolution: {integrity: sha512-+1VkjdD0QBLPodGrJUeqarH8VAIvQODIbwh9XpP5Syisf7YoQgsJKPNFoqqLQlu+VQ/tVSshMR6loPMn8U+dPg==} - engines: {node: '>=14'} - '@pnpm/crypto.base32-hash@1.0.1': resolution: {integrity: sha512-pzAXNn6KxTA3kbcI3iEnYs4vtH51XEVqmK/1EiD18MaPKylhqy8UvMJK3zKG+jeP82cqQbozcTGm4yOQ8i3vNw==} engines: {node: '>=14.6'} @@ -2166,6 +2221,30 @@ packages: '@shikijs/vscode-textmate@10.0.2': resolution: {integrity: sha512-83yeghZ2xxin3Nj8z1NMd/NCuca+gsYXswywDy5bHvwlWL8tpTQmzGeUuHd9FC3E/SBEMvzJRwWEOz5gGes9Qg==} + '@sigstore/bundle@4.0.0': + resolution: {integrity: sha512-NwCl5Y0V6Di0NexvkTqdoVfmjTaQwoLM236r89KEojGmq/jMls8S+zb7yOwAPdXvbwfKDlP+lmXgAL4vKSQT+A==} + engines: {node: ^20.17.0 || >=22.9.0} + + '@sigstore/core@3.2.1': + resolution: {integrity: sha512-qRsxPnCrbC/puegGxKuynfnxgLiHqWStrSjxkoB4YKqq3Z3s4cyZyj42ZdWFAEblNP65C+rBH8EuREHIXoi83g==} + engines: {node: ^20.17.0 || >=22.9.0} + + '@sigstore/protobuf-specs@0.5.1': + resolution: {integrity: sha512-/ScWUhhoFasJsSRGTVBwId1loQjjnjAfE4djL6ZhrXRpNCmPTnUKF5Jokd58ILseOMjzET3UrMOtJPS9sYeI0g==} + engines: {node: ^18.17.0 || >=20.5.0} + + '@sigstore/sign@4.1.1': + resolution: {integrity: sha512-Hf4xglukg0XXQ2RiD5vSoLjdPe8OBUPA8XeVjUObheuDcWdYWrnH/BNmxZCzkAy68MzmNCxXLeurJvs6hcP2OQ==} + engines: {node: ^20.17.0 || >=22.9.0} + + '@sigstore/tuf@4.0.2': + resolution: {integrity: sha512-TCAzTy0xzdP79EnxSjq9KQ3eaR7+FmudLC6eRKknVKZbV7ZNlGLClAAQb/HMNJ5n2OBNk2GT1tEmU0xuPr+SLQ==} + engines: {node: ^20.17.0 || >=22.9.0} + + '@sigstore/verify@3.1.1': + resolution: {integrity: sha512-qv7+G3J2cc6wwFj3yKvXOamzqhMwSk1ogPGmhpS8iXllcPrJaIIBA+4HbttlHVu1pqWTdmaCH/WE7UOC51kdoA==} + engines: {node: ^20.17.0 || >=22.9.0} + '@simple-libs/child-process-utils@1.0.2': resolution: {integrity: sha512-/4R8QKnd/8agJynkNdJmNw2MBxuFTRcNFnE5Sg/G+jkSsV8/UBgULMzhizWWW42p8L5H7flImV2ATi79Ove2Tw==} engines: {node: '>=18'} @@ -2254,6 +2333,14 @@ packages: '@tsconfig/node16@1.0.4': resolution: {integrity: sha512-vxhUy4J8lyeyinH7Azl1pdd43GJhZH/tP2weN8TntQblOY+A0XbT8DJk1/oCPuOOyg/Ja757rG0CgHcWC8OfMA==} + '@tufjs/canonical-json@2.0.0': + resolution: {integrity: sha512-yVtV8zsdo8qFHe+/3kw81dSLyF7D576A5cCFCi4X7B39tWT7SekaEFUnvnWJHz+9qO7qJTah1JbrDjWKqFtdWA==} + engines: {node: ^16.14.0 || >=18.0.0} + + '@tufjs/models@4.1.0': + resolution: {integrity: sha512-Y8cK9aggNRsqJVaKUlEYs4s7CvQ1b1ta2DVPyAimb0I2qhzjNk+A+mxvll/klL0RlfuIUei8BF7YWiua4kQqww==} + engines: {node: ^20.17.0 || >=22.9.0} + '@types/braces@3.0.5': resolution: {integrity: sha512-SQFof9H+LXeWNz8wDe7oN5zu7ket0qwMu5vZubW4GCJ8Kkeh6nBWUz87+KTz/G3Kqsrp0j/W253XJb3KMEeg3w==} @@ -2482,6 +2569,10 @@ packages: resolution: {integrity: sha512-6/mh1E2u2YgEsCHdY0Yx5oW+61gZU+1vXaoiHHrpKeuRNNgFvS+/jrwHiQhB5apAf5oB7UB7E19ol2R2LKH8hQ==} engines: {node: ^14.17.0 || ^16.13.0 || >=18.0.0} + abbrev@4.0.0: + resolution: {integrity: sha512-a1wflyaL0tHtJSmLSOVybYhy22vRih4eduhhrkcjgrWGnRfrZtovJ2FRjxuTtkkj47O/baf0R86QU5OuYpz8fA==} + engines: {node: ^20.17.0 || >=22.9.0} + accepts@2.0.0: resolution: {integrity: sha512-5cvg6CtKwfgdmVqY1WIiXKc3Q1bkRqGLi+2W/6ao+6Y7gu/RCwRuAhGEzh5B4KlszSuTLgZYuqFqo5bImjNKng==} engines: {node: '>= 0.6'} @@ -2509,6 +2600,10 @@ packages: resolution: {integrity: sha512-+Ut8d9LLqwEvHHJl1+PIHqoyDxFgVN847JTVM3Izi3xHDWPE4UtzzXysMZQs64DMcrJfBeS/uoEP4AD3HQHnQQ==} engines: {node: '>=12.0'} + agent-base@7.1.4: + resolution: {integrity: sha512-MnA+YT8fwfJPgBx3m60MNqakm30XOkyIoH1y6huTQvC0PwZG7ki8NacLBcrPbNoo8vEZy7Jpuk7+jMO+CUovTQ==} + engines: {node: '>= 14'} + aggregate-error@3.1.0: resolution: {integrity: sha512-4I7Td01quW/RpocfNayFdFVk1qSuoh0E7JrbRJ16nH01HhKFQ88INq9Sd+nd72zqRySlr9BmDA8xlEJ6vJMrYA==} engines: {node: '>=8'} @@ -2653,6 +2748,10 @@ packages: bcp-47@2.1.0: resolution: {integrity: sha512-9IIS3UPrvIa1Ej+lVDdDwO7zLehjqsaByECw0bu2RRGP73jALm6FYbzI5gWbgHLvNdkvfXB5YrSbocZdOS0c0w==} + bin-links@6.0.2: + resolution: {integrity: sha512-frE1t78WOwJ45PKV2cF2tNPjTcs9L1J9s6VkrV59wanRP4GlaomuxYPVma7BwthMg8WnfSory4w5PTE6FZZ81w==} + engines: {node: ^20.17.0 || >=22.9.0} + binary-extensions@2.3.0: resolution: {integrity: sha512-Ceh+7ox5qe7LJuLHoY0feh3pHuUDHAcRUeyL2VYghZwfpkNIy/+8Ocg0a3UuSoYzavmylwuLWQOf3hl0jjMMIw==} engines: {node: '>=8'} @@ -2698,6 +2797,10 @@ packages: resolution: {integrity: sha512-b6Ilus+c3RrdDk+JhLKUAQfzzgLEPy6wcXqS7f/xe1EETvsDP6GORG7SFuOs6cID5YkqchW/LXZbX5bc8j7ZcQ==} engines: {node: '>=8'} + cacache@20.0.4: + resolution: {integrity: sha512-M3Lab8NPYlZU2exsL3bMVvMrMqgwCnMWfdZbK28bn3pK6APT/Te/I8hjRPNu1uwORY9a1eEQoifXbKPQMfMTOA==} + engines: {node: ^20.17.0 || >=22.9.0} + cacheable-lookup@5.0.4: resolution: {integrity: sha512-2/kNscPhpcxrOigMZzbiWF7dz8ilhb/nIHU3EyZiXWXpeq/au8qJ8VhdftMkty3n7Gj6HIGalQG8oiBNB3AJgA==} engines: {node: '>=10.6.0'} @@ -2836,6 +2939,10 @@ packages: engines: {node: ^20.17.0 || >=22.9.0} hasBin: true + cmd-shim@8.0.0: + resolution: {integrity: sha512-Jk/BK6NCapZ58BKUxlSI+ouKRbjH1NLZCgJkYoab+vEHUY3f6OzpNBN9u7HFSv9J6TRDGs4PLOHezoKGaFRSCA==} + engines: {node: ^20.17.0 || >=22.9.0} + code-block-writer@13.0.3: resolution: {integrity: sha512-Oofo0pq3IKnsFtuHqSF7TqBfr71aeyZDVJ0HpmqB7FBM2qEigL0iPONSCZSO9pE9dZTAxANe5XHG9Uy0YMv8cg==} @@ -3334,9 +3441,6 @@ packages: resolution: {integrity: sha512-KIN/nDJBQRcXw0MLVhZE9iQHmG68qAVIBg9CqmUYjmQIhgij9U5MFvrqkUL5FbtyyzZuOeOt0zdeRe4UY7ct+A==} engines: {node: '>= 0.4'} - eastasianwidth@0.2.0: - resolution: {integrity: sha512-I88TYZWc9XiYHRQ4/3c5rjjfgkjhLyW2luGIheGERbNQ6OY7yTybanSpDXZa8y7VUP9YmDcYa+eyq4ca7iLqWA==} - ee-first@1.1.1: resolution: {integrity: sha512-WMwm9LhRUo+WUaRN+vRuETqG89IgZphVSNkdFgeb6sS/E4OrDIN7t48CAewSHXc6C8lefD8KKfr5vY61brQlow==} @@ -3346,9 +3450,6 @@ packages: emoji-regex@8.0.0: resolution: {integrity: sha512-MSjYzcWNOA0ewAHpz0MxpYFvwg6yjy1NG3xteoqz644VCo/RPgnr1/GGt+ic3iJTzQ8Eu3TdM14SawnVUmGE6A==} - emoji-regex@9.2.2: - resolution: {integrity: sha512-L18DaJsXSUk2+42pv8mLs5jJT2hqFkFE4j21wOmgbUqsZ2hL72NsUU785g9RXgo3s0ZNgVl42TiHp3ZtOv/Vyg==} - encode-registry@3.0.1: resolution: {integrity: sha512-6qOwkl1g0fv0DN3Y3ggr2EaZXN71aoAqPp3p/pVaWSBSIo+YjLOWN61Fva43oVyQNPf7kgm8lkudzlzojwE2jw==} engines: {node: '>=10'} @@ -3480,6 +3581,9 @@ packages: resolution: {integrity: sha512-A5EmesHW6rfnZ9ysHQjPdJRni0SRar0tjtG5MNtm9n5TUvsYU8oozprtRD4AqHxcZWWlVuAmQo2nWKfN9oyjTw==} engines: {node: '>=0.10.0'} + exponential-backoff@3.1.3: + resolution: {integrity: sha512-ZgEeZXj30q+I0EN+CbSSpIyPaJ5HVQD18Z1m+u1FXbAeT94mr1zw50q4q6jiiC447Nl/YTcIYSAftiGqetwXCA==} + express-rate-limit@8.5.2: resolution: {integrity: sha512-5Kb34ipNX694DH48vN9irak1Qx30nb0PLYHXfJgw4YEjiC3ZEmZJhwOp+VfiCYwFzvFTdB9QkArYS5kXa2cx2A==} engines: {node: '>= 16'} @@ -3586,10 +3690,6 @@ packages: resolution: {integrity: sha512-Wp1zXWPVUPBmfoa3Cqc9ctaKuzKAV6uLstRqlR56kSjplf5uAce+qeyYym7F+PHbGTk+tCEdkCW6RD7DX/gBZw==} engines: {node: '>=20'} - foreground-child@3.3.1: - resolution: {integrity: sha512-gIXjKqtFuWEgzFRJA9WCQeSJLZDjgJUOMCMzxtvFq/37KojM1BFGufqsCy0r4qSQmYLsZYMeyRqzIWOMup03sw==} - engines: {node: '>=14'} - forwarded@0.2.0: resolution: {integrity: sha512-buRG0fpBtRHSTCOASe6hD258tEubFoRLb4ZNA6NxMVHNw2gOcwHo9wyablzMzOA5z9xA9L1KNjk/Nt6MT9aYow==} engines: {node: '>= 0.6'} @@ -3606,6 +3706,10 @@ packages: resolution: {integrity: sha512-hcg3ZmepS30/7BSFqRvoo3DOMQu7IjqxO5nCDt+zM9XWjb33Wg7ziNT+Qvqbuc3+gWpzO02JubVyk2G4Zvo1OQ==} engines: {node: '>=10'} + fs-minipass@3.0.3: + resolution: {integrity: sha512-XUBA9XClHbnJWSfBzjkm6RvPsyg3sryZt06BEQoXcF7EK/xpGaQYJgQKDJSUH5SGZ76Y7pFx1QBnXz09rU5Fbw==} + engines: {node: ^14.17.0 || ^16.13.0 || >=18.0.0} + fs.realpath@1.0.0: resolution: {integrity: sha512-OO0pH2lK6a0hZnAdau5ItzHPI6pUlvI7jMVnxUQRtw4owF2wk8lOSabtGDCTP4Ggrg2MbGnWO9X8K1t4+fGMDw==} @@ -3658,10 +3762,9 @@ packages: resolution: {integrity: sha512-AOIgSQCepiJYwP3ARnGx+5VnTu2HBYdzbGP45eLw1vr3zB3vZLeyed1sC9hnbcOc9/SrMyM5RPQrkGz4aS9Zow==} engines: {node: '>= 6'} - glob@10.5.0: - resolution: {integrity: sha512-DfXN8DfhJ7NH3Oe7cFmu3NCu1wKbkReJ8TorzSAFbSKrlNaQSKfIzqYqVY8zlbs2NLBbWpRiU52GX2PbaBVNkg==} - deprecated: Old versions of glob are not supported, and contain widely publicized security vulnerabilities, which have been fixed in the current version. Please update. Support for old versions may be purchased (at exorbitant rates) by contacting i@izs.me - hasBin: true + glob@13.0.6: + resolution: {integrity: sha512-Wjlyrolmm8uDpm/ogGyXZXb1Z+Ca2B8NbJwqBVg0axK9GbBeoS7yGV6vjXnYdGm6X53iehEuxxbyiKp8QmN4Vw==} + engines: {node: 18 || 20 || >=22} glob@7.2.3: resolution: {integrity: sha512-nFR0zLpU2YCaRxwoCJvL6UvCH2JFyFVIvwTLsIf21AuHlMskA1hhTdk+LlYJtOlYt9v6dvszD2BGRqBL+iQK9Q==} @@ -3828,9 +3931,9 @@ packages: resolution: {integrity: sha512-uV63apnb0kyPtAUwoWgaGh9HyIFcv8lgmzPZSiTBQAFOFGIzka5EZ1dZocmGnn0XdX0+XTqJ6Tqv7selMuGLRQ==} engines: {node: '>=16.9.0'} - hosted-git-info@6.1.3: - resolution: {integrity: sha512-HVJyzUrLIL1c0QmviVh5E8VGyUS7xCFPS6yydaVd1UegW+ibV/CohqTH9MkOLDp5o+rb82DMo77PTuc9F/8GKw==} - engines: {node: ^14.17.0 || ^16.13.0 || >=18.0.0} + hosted-git-info@9.0.3: + resolution: {integrity: sha512-Hc+ghLoSt6QaYZUv0WBiIvmMDZuZZ7oaDvdH8MbfOO4lOsxdXLEvuC6ePoGs9H1X9oCLyq6+NVN0MKqD+ydxyg==} + engines: {node: ^20.17.0 || >=22.9.0} hpagent@1.2.0: resolution: {integrity: sha512-A91dYTeIB6NoXG+PxTQpCCDDnfHsW9kc06Lvpu1TEe9gnd6ZFeiBoRO9JvzEv6xK7EX97/dUE8g/vBMTqTS3CA==} @@ -3852,10 +3955,18 @@ packages: resolution: {integrity: sha512-4FbRdAX+bSdmo4AUFuS0WNiPz8NgFt+r8ThgNWmlrjQjt1Q7ZR9+zTlce2859x4KSXrwIsaeTqDoKQmtP8pLmQ==} engines: {node: '>= 0.8'} + http-proxy-agent@7.0.2: + resolution: {integrity: sha512-T1gkAiYYDWYx3V5Bmyu7HcfcvL7mUrTWiM6yOfa3PIphViJ/gFPbvidQ+veqSOHci/PxBcDabeUNCzpOODJZig==} + engines: {node: '>= 14'} + http2-wrapper@1.0.3: resolution: {integrity: sha512-V+23sDMr12Wnz7iTcDeJr3O6AIxlnvT/bmaAAAP/Xda35C90p9599p0F1eHR/N1KILWSoWVAiOMFjBBXaXSMxg==} engines: {node: '>=10.19.0'} + https-proxy-agent@7.0.6: + resolution: {integrity: sha512-vK9P5/iUfdl95AI+JVyUuIcVtd4ofvtrOr3HNtM2yxC9bnMbEdp3x01OhQNnjb8IJYi38VlTE3mBXwcfvywuSw==} + engines: {node: '>= 14'} + i18next@26.3.1: resolution: {integrity: sha512-txQqd5EULsqEh9OJqRH15aCaOuy/nLJyhw5EHCSKLKJE1aBbb3Zve2+uQIxgWhPm1QqUQoWyQBm2kfmmIrzkcQ==} peerDependencies: @@ -3875,6 +3986,10 @@ packages: ieee754@1.2.1: resolution: {integrity: sha512-dcyqhDvX1C46lXZcVqCpK+FtMRQVdIMN6/Df5js2zouUsqG7I6sFxitIC+7KYK29KdXOLHdu9zL4sFnoVQnqaA==} + ignore-walk@8.0.0: + resolution: {integrity: sha512-FCeMZT4NiRQGh+YkeKMtWrOmBgWjHjMJ26WQWrRQyoyzqevdaGSakUaJW5xQYmjLlUVk2qUnCjYVBax9EKKg8A==} + engines: {node: ^20.17.0 || >=22.9.0} + import-fresh@3.3.1: resolution: {integrity: sha512-TR3KfrTZTYLPB6jUjfx6MF9WcWrHL9su5TObK4ZkYgBdWKPOFoSoQIdEuTuR82pmtxH2spWG9h6etwfr1pLBqQ==} engines: {node: '>=6'} @@ -3942,10 +4057,6 @@ packages: resolution: {integrity: sha512-ZMERYes6pDydyuGidse7OsHxtbI7WVeUEozgR/g7rd0xUimYNlvZRE/K2MgZTjWy725IfelLeVcEM97mmtRGXw==} engines: {node: '>=8'} - is-core-module@2.16.2: - resolution: {integrity: sha512-evOr8xfXKxE6qSR0hSXL2r3sd7ALj8+7jQEUvPYcm5sgZFdJ+AYzT6yNmJenvIYQBgIGwfwz08sL8zoL7yq2BA==} - engines: {node: '>= 0.4'} - is-decimal@2.0.1: resolution: {integrity: sha512-AAB9hiomQs5DXWcRB1rqsxGUstbRroFOPPVAomNk/3XHR5JyEZChOyTWe2oayKnsSsr/kcGqF+z6yuH6HHpN0A==} @@ -4024,9 +4135,6 @@ packages: resolution: {integrity: sha512-FFUtZMpoZ8RqHS3XeXEmHWLA4thH+ZxCv2lOiPIn1Xc7CxrqhWzNSDzD+/chS/zbYezmiwWLdQC09JdQKmthOw==} engines: {node: '>=20'} - jackspeak@3.4.3: - resolution: {integrity: sha512-OGlZQpz2yfahA/Rd1Y8Cd9SIEsqvXkLVoSw/cgwhnhFMDbsQFeZYoJJ7bIZBS9BcamUW96asq/npPWugM+RQBw==} - jiti@2.6.1: resolution: {integrity: sha512-ekilCSN1jwRvIbgeg/57YFh8qQDNbwDb9xT/qu2DAHbFFZUicIl4ygVaAvzveMhMVr3LnpSKTNnwt8PoOfmKhQ==} hasBin: true @@ -4059,9 +4167,9 @@ packages: json-parse-even-better-errors@2.3.1: resolution: {integrity: sha512-xyFwyhro/JEof6Ghe2iz2NcXoj2sloNsWr/XsERDK/oiPCfaNhl5ONfp+jQdAZRQQ0IJWNzH9zIZF7li91kh2w==} - json-parse-even-better-errors@3.0.2: - resolution: {integrity: sha512-fi0NG4bPjCHunUJffmLd0gxssIgkNmArMvis4iNah6Owg1MCJjWhEcDLmsK6iGkJq3tHwbDkTlce70/tmXN4cQ==} - engines: {node: ^14.17.0 || ^16.13.0 || >=18.0.0} + json-parse-even-better-errors@5.0.0: + resolution: {integrity: sha512-ZF1nxZ28VhQouRWhUcVlUIN3qwSgPuswK05s/HIaoetAoE/9tngVmCHjSxmSQPav1nd+lPtTL0YZ/2AFdR/iYQ==} + engines: {node: ^20.17.0 || >=22.9.0} json-schema-traverse@1.0.0: resolution: {integrity: sha512-NM8/P9n3XjXhIZn1lLhkFaACTOURQXjWhV4BA/RnOv8xvgqtqpAX9IO4mRQxSx1Rlo4tqzeqb0sOlruaOy3dug==} @@ -4069,12 +4177,25 @@ packages: json-schema-typed@8.0.2: resolution: {integrity: sha512-fQhoXdcvc3V28x7C7BMs4P5+kNlgUURe2jmUT1T//oBRMDrqy1QPelJimwZGo7Hg9VPV3EQV5Bnq4hbFy2vetA==} + json-stringify-nice@1.1.4: + resolution: {integrity: sha512-5Z5RFW63yxReJ7vANgW6eZFGWaQvnPE3WNmZoOJrSkGju2etKA2L5rrOa1sm877TVTFt57A80BH1bArcmlLfPw==} + jsonc-parser@3.3.1: resolution: {integrity: sha512-HUgH65KyejrUFPvHFPbqOY0rsFip3Bo5wb4ngvdi1EpCYWUQDC5V+Y7mZws+DLkr4M//zQJoanu1SP+87Dv1oQ==} jsonfile@6.2.1: resolution: {integrity: sha512-zwOTdL3rFQ/lRdBnntKVOX6k5cKJwEc1HdilT71BWEu7J41gXIB2MRp+vxduPSwZJPWBxEzv4yH1wYLJGUHX4Q==} + jsonparse@1.3.1: + resolution: {integrity: sha512-POQXvpdL69+CluYsillJ7SUhKvytYjW9vG/GKpnf+xP8UWgYEM/RaMzHHofbALDiKbbP1W8UEYmgGl39WkPZsg==} + engines: {'0': node >= 0.2.0} + + just-diff-apply@5.5.0: + resolution: {integrity: sha512-OYTthRfSh55WOItVqwpefPtNt2VdKsq5AnAK6apdtR6yCH8pr0CmSr710J0Mf+WdQy7K/OzMy7K2MgAfdQURDw==} + + just-diff@6.0.2: + resolution: {integrity: sha512-S59eriX5u3/QhMNq3v/gm8Kd0w8OS6Tz2FS1NG4blv+z0MuQcBRJyFWjdovM0Rad4/P4aUPFtnkNjMjyMlMSYA==} + katex@0.16.46: resolution: {integrity: sha512-WHy4Coo+bGZyH7NwJKHkS04YFsFcarWbAEOAC3EMndzdN6VSZqklLLIgfxzyaW9jDoeGYJX9SWbJPKpecox0Uw==} hasBin: true @@ -4149,9 +4270,9 @@ packages: resolution: {integrity: sha512-bwDaIOViTktE8kJLf9jP0p+H2/RDTlFFlc43Am2YgUsX22hI6Sq4RbzsrecwzY5y+MHTipOH7WsmWSEniePHWQ==} hasBin: true - license-checker-rseidelsohn@4.4.2: - resolution: {integrity: sha512-Sf8WaJhd2vELvCne+frS9AXqnY/vv591s2/nZcJDwTnoNgltG4mAmoenffVb8L2YPRYbxARLyrHJBC38AVfpuA==} - engines: {node: '>=18', npm: '>=8'} + license-checker-rseidelsohn@5.0.1: + resolution: {integrity: sha512-9X+ikKxt9Hy3zOrOZzW1dXL4St5akoYjLt63Am9JZVzU6aTdN+xfDvqySpnJT+gF/h5RmtMk2waW6TDNNCKbqQ==} + engines: {node: '>=24', npm: '>=11'} hasBin: true lilconfig@3.1.3: @@ -4263,17 +4384,10 @@ packages: resolution: {integrity: sha512-tqNXrS78oMOE73NMxK4EMLQsQowWf8jKooH9g7xPavRT706R6bkQJ6DY2Te7QukaZsulxa30wQ7bk0pm4XiHmA==} engines: {node: '>=8'} - lru-cache@10.4.3: - resolution: {integrity: sha512-JNAzZcXrCt42VGLuYz0zfAzDfAvJWW6AfYlDBQyDV5DClI2m5sAmK+OIO7s59XfsRsWHp02jAJrRadPRGTt6SQ==} - lru-cache@11.5.1: resolution: {integrity: sha512-RPimw/7aMdv2oqRrxKwvZXcPfwBrn/JZ2xYcY9Hus/6LaS3VOAKVWKWgNLCFSiOm1ESXinjsDlidVU7JlnCN2A==} engines: {node: 20 || >=22} - lru-cache@7.18.3: - resolution: {integrity: sha512-jumlc0BIUrS3qJGgIkWZsyfAM7NCWiBcCDhnd+3NNM5KbBmLTgHVfWBcg6W+rLUsIpzpERPsvwUP7CckAQSOoA==} - engines: {node: '>=12'} - magic-string@0.30.21: resolution: {integrity: sha512-vd2F4YUyEXKGcLHoq+TEyCjxueSeHnFxyyjNp80yg0XV4vUhnDer/lvvlqM/arB5bXQN5K2/3oinyCRyx8T2CQ==} @@ -4283,6 +4397,10 @@ packages: make-error@1.3.6: resolution: {integrity: sha512-s8UhlNe7vPKomQhC1qFelMokr/Sc3AgNbso3n74mVPA5LTZwkB9NlXf4XPamLxJE8h0gh73rM94xvwRT2CVInw==} + make-fetch-happen@15.0.6: + resolution: {integrity: sha512-Je0fLJ0F5atA7F+eIlLzk+Wkcl57JDf4kf+EW8xiP5E31xOQxkIxTbgf1Oi1Lw9tRI9UEMRdI5Vz2xTzoNU1Jw==} + engines: {node: ^20.17.0 || >=22.9.0} + map-age-cleaner@0.1.3: resolution: {integrity: sha512-bJzx6nMoP6PDLPBFmg7+xRKeFZvFboMrGlxmNj9ClvX53KrmvM5bXFXEWjbz4cz1AFn+jWJ9z/DJSz7hrs0w3w==} engines: {node: '>=6'} @@ -4552,13 +4670,33 @@ packages: minimatch@3.1.4: resolution: {integrity: sha512-twmL+S8+7yIsE9wsqgzU3E8/LumN3M3QELrBZ20OdmQ9jB2JvW5oZtBEmft84k/Gs5CG9mqtWc6Y9vW+JEzGxw==} - minimatch@9.0.7: - resolution: {integrity: sha512-MOwgjc8tfrpn5QQEvjijjmDVtMw2oL88ugTevzxQnzRLm6l3fVEF2gzU0kYeYYKD8C66+IdGX6peJ4MyUlUnPg==} - engines: {node: '>=16 || 14 >=14.17'} - minimist@1.2.8: resolution: {integrity: sha512-2yyAR8qBkN3YuheJanUpWC5U3bb5osDywNB8RzDVlDwDHbocAJveqqj1u8+SVD7jkWT4yvsHCpWqqWqAxb0zCA==} + minipass-collect@2.0.1: + resolution: {integrity: sha512-D7V8PO9oaz7PWGLbCACuI1qEOsq7UKfLotx/C0Aet43fCUB/wfQ7DYeq2oR/svFJGYDHPr38SHATeaj/ZoKHKw==} + engines: {node: '>=16 || 14 >=14.17'} + + minipass-fetch@5.0.2: + resolution: {integrity: sha512-2d0q2a8eCi2IRg/IGubCNRJoYbA1+YPXAzQVRFmB45gdGZafyivnZ5YSEfo3JikbjGxOdntGFvBQGqaSMXlAFQ==} + engines: {node: ^20.17.0 || >=22.9.0} + + minipass-flush@1.0.7: + resolution: {integrity: sha512-TbqTz9cUwWyHS2Dy89P3ocAGUGxKjjLuR9z8w4WUTGAVgEj17/4nhgo2Du56i0Fm3Pm30g4iA8Lcqctc76jCzA==} + engines: {node: '>= 8'} + + minipass-pipeline@1.2.4: + resolution: {integrity: sha512-xuIq7cIOt09RPRJ19gdi4b+RiNvDFYe5JH+ggNvBqGqpQXcru3PcRmOZuHBKWK1Txf9+cQ+HMVN4d6z46LZP7A==} + engines: {node: '>=8'} + + minipass-sized@2.0.0: + resolution: {integrity: sha512-zSsHhto5BcUVM2m1LurnXY6M//cGhVaegT71OfOXoprxT6o780GZd792ea6FfrQkuU4usHZIUczAQMRUE2plzA==} + engines: {node: '>=8'} + + minipass@3.3.6: + resolution: {integrity: sha512-DxiNidxSEK+tHG6zOIklvNOwm3hvCrbUrdtzY74U6HKTJxvIDfOUL5W5P2Ghd3DTkhhKPYGqeNUIh5qcM4YBfw==} + engines: {node: '>=8'} + minipass@7.1.3: resolution: {integrity: sha512-tEBHqDnIoM/1rXME1zgka9g6Q2lcoCkxHLuc7ODJ5BxbP5d4c2Z5cGgtXAku59200Cx7diuHTOYfSBD8n6mm8A==} engines: {node: '>=16 || 14 >=14.17'} @@ -4623,6 +4761,11 @@ packages: node-fetch-native@1.6.7: resolution: {integrity: sha512-g9yhqoedzIUm0nTnTqAQvueMPVOuIY16bqgAJJC8XOOubYFNwz6IER9qs0Gq2Xd0+CecCKFjtdDTMA4u4xG06Q==} + node-gyp@12.4.0: + resolution: {integrity: sha512-OMcPNvqTCFUnNaBlmdgq+lfNqY7gTiSmNRDjY3uAXRyudeKZEZxu3CLtjMQrx4zZxCX2b/mpNqTtwuCJgXhHkw==} + engines: {node: ^20.17.0 || >=22.9.0} + hasBin: true + node-mock-http@1.0.4: resolution: {integrity: sha512-8DY+kFsDkNXy1sJglUfuODx1/opAGJGyrTuFqEoN90oRc2Vk0ZbD4K2qmKXBBEhZQzdKHIVfEJpDU8Ak2NJEvQ==} @@ -4631,9 +4774,10 @@ packages: engines: {node: ^14.17.0 || ^16.13.0 || >=18.0.0} hasBin: true - normalize-package-data@5.0.0: - resolution: {integrity: sha512-h9iPVIfrVZ9wVYQnxFgtw1ugSvGEMOlyPWWtm8BMJhnwyEL/FLbYbTY3V3PpjI/BUK67n9PEWDu6eHzu1fB15Q==} - engines: {node: ^14.17.0 || ^16.13.0 || >=18.0.0} + nopt@9.0.0: + resolution: {integrity: sha512-Zhq3a+yFKrYwSBluL4H9XP3m3y5uvQkB/09CwDruCiRmR/UJYnn9W4R48ry0uGC70aeTPKLynBtscP9efFFcPw==} + engines: {node: ^20.17.0 || >=22.9.0} + hasBin: true normalize-path@3.0.0: resolution: {integrity: sha512-6eZs5Ls3WtCisHWp9S2GUy8dqkpGi4BVSz3GaqiE6ezub0512ESztXUwUB6C6IKbQkY2Pnb/mD4WYojCRwcwLA==} @@ -4643,9 +4787,33 @@ packages: resolution: {integrity: sha512-DlL+XwOy3NxAQ8xuC0okPgK46iuVNAK01YN7RueYBqqFeGsBjV9XmCAzAdgt+667bCl5kPh9EqKKDwnaPG1I7A==} engines: {node: '>=10'} - npm-normalize-package-bin@3.0.1: - resolution: {integrity: sha512-dMxCf+zZ+3zeQZXKxmyuCKlIDPGuv8EF940xbkC4kQVDTtqoh6rJFO+JTKSA6/Rwi0getWmtuy4Itup0AMcaDQ==} - engines: {node: ^14.17.0 || ^16.13.0 || >=18.0.0} + npm-bundled@5.0.0: + resolution: {integrity: sha512-JLSpbzh6UUXIEoqPsYBvVNVmyrjVZ1fzEFbqxKkTJQkWBO3xFzFT+KDnSKQWwOQNbuWRwt5LSD6HOTLGIWzfrw==} + engines: {node: ^20.17.0 || >=22.9.0} + + npm-install-checks@8.0.0: + resolution: {integrity: sha512-ScAUdMpyzkbpxoNekQ3tNRdFI8SJ86wgKZSQZdUxT+bj0wVFpsEMWnkXP0twVe1gJyNF5apBWDJhhIbgrIViRA==} + engines: {node: ^20.17.0 || >=22.9.0} + + npm-normalize-package-bin@5.0.0: + resolution: {integrity: sha512-CJi3OS4JLsNMmr2u07OJlhcrPxCeOeP/4xq67aWNai6TNWWbTrlNDgl8NcFKVlcBKp18GPj+EzbNIgrBfZhsag==} + engines: {node: ^20.17.0 || >=22.9.0} + + npm-package-arg@13.0.2: + resolution: {integrity: sha512-IciCE3SY3uE84Ld8WZU23gAPPV9rIYod4F+rc+vJ7h7cwAJt9Vk6TVsK60ry7Uj3SRS3bqRRIGuTp9YVlk6WNA==} + engines: {node: ^20.17.0 || >=22.9.0} + + npm-packlist@10.0.4: + resolution: {integrity: sha512-uMW73iajD8hiH4ZBxEV3HC+eTnppIqwakjOYuvgddnalIw2lJguKviK1pcUJDlIWm1wSJkchpDZDSVVsZEYRng==} + engines: {node: ^20.17.0 || >=22.9.0} + + npm-pick-manifest@11.0.3: + resolution: {integrity: sha512-buzyCfeoGY/PxKqmBqn1IUJrZnUi1VVJTdSSRPGI60tJdUhUoSQFhs0zycJokDdOznQentgrpf8LayEHyyYlqQ==} + engines: {node: ^20.17.0 || >=22.9.0} + + npm-registry-fetch@19.1.1: + resolution: {integrity: sha512-TakBap6OM1w0H73VZVDf44iFXsOS3h+L4wVMXmbWOQroZgFhMch0juN6XSzBNlD965yIKvWg2dfu7NSiaYLxtw==} + engines: {node: ^20.17.0 || >=22.9.0} nth-check@2.1.1: resolution: {integrity: sha512-lqjrjmaOoAnWfMmBPL+XNnynZh2+swxiX3WUE0s4yEHI6m+AwrK2UZOimIRl3X/4QctVqS8AiZjFqyOGrMXb/w==} @@ -4750,15 +4918,17 @@ packages: resolution: {integrity: sha512-R4nPAVTAU0B9D35/Gk3uJf/7XYbQcyohSKdvAxIRSNghFl4e71hVoGnBNQz9cWaXxO2I10KTC+3jMdvvoKw6dQ==} engines: {node: '>=6'} - package-json-from-dist@1.0.1: - resolution: {integrity: sha512-UEZIS3/by4OC8vL3P2dTXRETpebLI2NiI5vIrjaD/5UtrkFX/tNbwjTSRAGC/+7CAo2pIcBaRgWmcBBHcsaCIw==} - package-manager-detector@1.6.0: resolution: {integrity: sha512-61A5ThoTiDG/C8s8UMZwSorAGwMJ0ERVGj2OjoW5pAalsNOg15+iQiPzrLJ4jhZ1HJzmC2PIHT2oEiH3R5fzNA==} packageurl-js@2.0.1: resolution: {integrity: sha512-N5ixXjzTy4QDQH0Q9YFjqIWd6zH6936Djpl2m9QNFmDv5Fum8q8BjkpAcHNMzOFE0IwQrFhJWex3AN6kS0OSwg==} + pacote@21.5.1: + resolution: {integrity: sha512-KvcJ9iy3crysCsgqc4+PknH/w6jkrp8JN36mpZBPwNaDRwTfMZD37YzRazNstiZUOhuF5pno9f78n9mEJBavwg==} + engines: {node: ^20.17.0 || >=22.9.0} + hasBin: true + pagefind@1.5.2: resolution: {integrity: sha512-XTUaK0hXMCu2jszWE584JGQT7y284TmMV9l/HX3rnG5uo3rHI/uHU56XTyyyPFjeWEBxECbAi0CaFDJOONtG0Q==} hasBin: true @@ -4767,6 +4937,10 @@ packages: resolution: {integrity: sha512-GQ2EWRpQV8/o+Aw8YqtfZZPfNRWZYkbidE9k5rpl/hC3vtHHBfGm2Ifi6qWV+coDGkrUKZAxE3Lot5kcsRlh+g==} engines: {node: '>=6'} + parse-conflict-json@5.0.1: + resolution: {integrity: sha512-ZHEmNKMq1wyJXNwLxyHnluPfRAFSIliBvbK/UiOceROt4Xh9Pz0fq49NytIaeaCUf5VR86hwQ/34FCcNU5/LKQ==} + engines: {node: ^20.17.0 || >=22.9.0} + parse-entities@4.0.2: resolution: {integrity: sha512-GG2AQYWoLgL877gQIKeRPGO1xF9+eG1ujIb5soS5gPvLQ1y2o8FL90w2QWNdf9I361Mpp7726c+lj3U0qK1uGw==} @@ -4806,9 +4980,9 @@ packages: resolution: {integrity: sha512-ojmeN0qd+y0jszEtoY48r0Peq5dwMEkIlCOu6Q5f41lfkswXuKtYrhgoTpLnyIcHm24Uhqx+5Tqm2InSwLhE6Q==} engines: {node: '>=8'} - path-scurry@1.11.1: - resolution: {integrity: sha512-Xa4Nw17FS9ApQFJ9umLiJS4orGjm7ZzwUrwamcGQuHSzDyth9boKDaycYdDcZDuqYATXw4HFXgaqWTctW/v1HA==} - engines: {node: '>=16 || 14 >=14.18'} + path-scurry@2.0.2: + resolution: {integrity: sha512-3O/iVVsJAPsOnpwWIeD+d6z/7PmqApyQePUtCndjatj/9I5LylHvt5qluFaBT3I5h3r1ejfR056c+FCv+NnNXg==} + engines: {node: 18 || 20 || >=22} path-to-regexp@8.4.2: resolution: {integrity: sha512-qRcuIdP69NPm4qbACK+aDogI5CBDMi1jKe0ry5rSQJz8JVLsC7jV8XpiJjGRLLol3N+R5ihGYcrPLTno6pAdBA==} @@ -4889,6 +5063,10 @@ packages: resolution: {integrity: sha512-bIoJLOmjCO1S9XdY/DcnR5hJxvrDir1PbGChrzXG3vw0/FOliy/fA3dmdhQ441kah4gKv+TwckGzex6wNS5cnQ==} engines: {node: '>=4'} + postcss-selector-parser@7.1.4: + resolution: {integrity: sha512-HeP7D2wyhkR+XaK6v4W8oRF62Dsz4flyuczALJp61GckGm42u1saSSJ/0auvcBqxs3jMRFEcPK34At/0JBKdOg==} + engines: {node: '>=4'} + postcss@8.5.15: resolution: {integrity: sha512-FfR8sjd4em2T6fb3I2MwAJU7HWVMr9zba+enmQeeWFfCbm+UOC/0X4DS8XtpUTMwWMGbjKYP7xjfNekzyGmB3A==} engines: {node: ^10 || ^12 || >=14} @@ -4897,10 +5075,24 @@ packages: resolution: {integrity: sha512-DEvV2ZF2r2/63V+tK8hQvrR2ZGn10srHbXviTlcv7Kpzw8jWiNTqbVgjO3IY8RxrrOUF8VPMQQFysYYYv0YZxw==} engines: {node: '>=6'} + proc-log@6.1.0: + resolution: {integrity: sha512-iG+GYldRf2BQ0UDUAd6JQ/RwzaQy6mXmsk/IzlYyal4A4SNFw54MeH4/tLkF4I5WoWG9SQwuqWzS99jaFQHBuQ==} + engines: {node: ^20.17.0 || >=22.9.0} + + proggy@4.0.0: + resolution: {integrity: sha512-MbA4R+WQT76ZBm/5JUpV9yqcJt92175+Y0Bodg3HgiXzrmKu7Ggq+bpn6y6wHH+gN9NcyKn3yg1+d47VaKwNAQ==} + engines: {node: ^20.17.0 || >=22.9.0} + progress@2.0.3: resolution: {integrity: sha512-7PiHtLll5LdnKIMw100I+8xJXR5gW2QwWYkT6iJva0bXitZKa/XMrSbdmg3r2Xnaidz9Qumd0VPaMrZlF9V9sA==} engines: {node: '>=0.4.0'} + promise-all-reject-late@1.0.1: + resolution: {integrity: sha512-vuf0Lf0lOxyQREH7GDIOUMLS7kz+gs8i6B+Yi8dC68a2sychGrHTJYghMBD6k7eUcH0H5P73EckCA48xijWqXw==} + + promise-call-limit@3.0.2: + resolution: {integrity: sha512-mRPQO2T1QQVw11E7+UdCJu7S61eJVWknzml9sC1heAdj1jxl0fWMBypIt9ZOcLFf8FkG995ZD7RnVk7HH72fZw==} + property-information@7.2.0: resolution: {integrity: sha512-IAtzIB6sUiWaJYrX9smp3V46pBGbBeLFRGdh25kg1334VcBlD8HzhPeNIWQH9zhGmo2itIe25EHt9dQP7G5hmg==} @@ -4948,14 +5140,9 @@ packages: resolution: {integrity: sha512-y3bGgqKj3QBdxLbLkomlohkvsA8gdAiUQlSBJnBhfn+BPxg4bc62d8TcBW15wavDfgexCgccckhcZvywyQYPOw==} hasBin: true - read-installed-packages@2.0.1: - resolution: {integrity: sha512-t+fJOFOYaZIjBpTVxiV8Mkt7yQyy4E6MSrrnt5FmPd4enYvpU/9DYGirDmN1XQwkfeuWIhM/iu0t2rm6iSr0CA==} - engines: {node: ^14.17.0 || ^16.13.0 || >=18.0.0} - - read-package-json@6.0.4: - resolution: {integrity: sha512-AEtWXYfopBj2z5N5PbkAOeNHRPUg5q+Nen7QLxV8M2zJq1ym6/lCz3fYNTCXe19puu2d06jfHhrP7v/S2PtMMw==} - engines: {node: ^14.17.0 || ^16.13.0 || >=18.0.0} - deprecated: This package is no longer supported. Please use @npmcli/package-json instead. + read-cmd-shim@6.0.0: + resolution: {integrity: sha512-1zM5HuOfagXCBWMN83fuFI/x+T/UhZ7k+KIzhrHXcQoeX5+7gmaDYjELQHmmzIodumBHeByBJT4QYS7ufAgs7A==} + engines: {node: ^20.17.0 || >=22.9.0} readable-stream@3.6.2: resolution: {integrity: sha512-9u/sniCrY3D5WdsERHzHE4G2YCXqoG5FTHUiCC4SIbr6XcLZBY05ya9EKjYek9O5xOAwjGq+1JdGBAS7Q9ScoA==} @@ -5162,11 +5349,6 @@ packages: schemes@1.4.0: resolution: {integrity: sha512-ImFy9FbCsQlVgnE3TCWmLPCFnVzx0lHL/l+umHplDqAKd0dzFpnS6lFZIpagBlYhKwzVmlV36ec0Y1XTu8JBAQ==} - semver@7.8.0: - resolution: {integrity: sha512-AcM7dV/5ul4EekoQ29Agm5vri8JNqRyj39o0qpX6vDF2GZrtutZl5RwgD1XnZjiTAfncsJhMI48QQH3sN87YNA==} - engines: {node: '>=10'} - hasBin: true - semver@7.8.3: resolution: {integrity: sha512-wnilbGyMxzbY7dNOl7jpKbLSjcfeweJWU5j4+u5qW+6/wuGD9KzIGOyZnQVSBM9E7DtWaaH3CyHkppYrKYoxwg==} engines: {node: '>=10'} @@ -5235,6 +5417,10 @@ packages: resolution: {integrity: sha512-bzyZ1e88w9O1iNJbKnOlvYTrWPDl46O1bG0D3XInv+9tkPrxrN8jUUTiFlDkkmKWgn1M6CfIA13SuGqOa9Korw==} engines: {node: '>=14'} + sigstore@4.1.1: + resolution: {integrity: sha512-endqECJkfhozrXMK5ngu/UAA0xVcVEFdnHJCElGaExypjW+HK5i6zu3NteLoaX/iFbRUbC3+DjttQs0GARr+5w==} + engines: {node: ^20.17.0 || >=22.9.0} + sisteransi@1.0.5: resolution: {integrity: sha512-bLGGlR1QxBcynn2d5YmDX4MGjlZvy2MRBDRNHLJ8VI6l6+9FUiyTFNJ0IveOSP0bcXgVDPRcfGqA0pjaqUpfVg==} @@ -5251,8 +5437,9 @@ packages: resolution: {integrity: sha512-stxByr12oeeOyY2BlviTNQlYV5xOj47GirPr4yA1hE9JCtxfQN0+tVbkxwCtYDQWhEKWFHsEK48ORg5jrouCAg==} engines: {node: '>=20'} - slide@1.1.6: - resolution: {integrity: sha512-NwrtjCg+lZoqhFU8fOwl4ay2ei8PaqCBOUV3/ektPY9trO1yQ1oXEfmHAhKArUVUr/hOHvy5f6AdP17dCM0zMw==} + smart-buffer@4.2.0: + resolution: {integrity: sha512-94hK0Hh8rPqQl2xXc3HsaBoOXKV20MToPkcXvwbISWLEs+64sBq5kFgn2kJDHb1Pry9yrP0dxrCI9RRci7RXKg==} + engines: {node: '>= 6.0.0', npm: '>= 3.0.0'} smol-toml@1.6.1: resolution: {integrity: sha512-dWUG8F5sIIARXih1DTaQAX4SsiTXhInKf1buxdY9DIg4ZYPZK5nGM1VRIYmEbDbsHt7USo99xSLFu5Q1IqTmsg==} @@ -5270,6 +5457,14 @@ packages: engines: {node: ^20.19.0 || ^22.13.0 || >=24.0.0, npm: '>=10'} hasBin: true + socks-proxy-agent@8.0.5: + resolution: {integrity: sha512-HehCEsotFqbPW9sJ8WVYB6UbmIMv7kUUORIF2Nncq4VQvBfNBLibW9YZR5dlYCSUhwcD628pRllm7n+E+YTzJw==} + engines: {node: '>= 14'} + + socks@2.8.9: + resolution: {integrity: sha512-LJhUYUvItdQ0LkJTmPeaEObWXAqFyfmP85x0tch/ez9cahmhlBBLbIqDFnvBnUJGagb0JbIQrkBs1wJ+yRYpEw==} + engines: {node: '>= 10.0.0', npm: '>= 3.0.0'} + source-map-js@1.2.1: resolution: {integrity: sha512-UXWMKhLOwVKb728IUtQPXxfYU+usdybtUrK/8uGE8CQMvrhOpwvzDBwj0QhSL7MQc7vIsISBG8VQ8+IDQxpfQA==} engines: {node: '>=0.10.0'} @@ -5293,14 +5488,21 @@ packages: spdx-expression-parse@3.0.1: resolution: {integrity: sha512-cbqHunsQWnJNE6KhVSMsMeH5H/L9EpymbzqTQ3uLwNCLZ1Q481oWaofqH7nO6V07xlXwY6PhQdQ2IedWx/ZK4Q==} + spdx-expression-parse@4.0.0: + resolution: {integrity: sha512-Clya5JIij/7C6bRR22+tnGXbc4VKlibKSVj2iHvVeX5iMW7s1SIQlqu699JkODJJIhh/pUu8L0/VLh8xflD+LQ==} + spdx-license-ids@3.0.23: resolution: {integrity: sha512-CWLcCCH7VLu13TgOH+r8p1O/Znwhqv/dbb6lqWy67G+pT1kHmeD/+V36AVb/vq8QMIQwVShJ6Ssl5FPh0fuSdw==} spdx-ranges@2.1.1: resolution: {integrity: sha512-mcdpQFV7UDAgLpXEE/jOMqvK4LBoO0uTQg0uvXUewmEFhpiZx5yJSZITHB8w1ZahKdhfZqP5GPEOKLyEq5p8XA==} - spdx-satisfies@5.0.1: - resolution: {integrity: sha512-Nwor6W6gzFp8XX4neaKQ7ChV4wmpSh2sSDemMFSzHxpTw460jxFYeOn+jq4ybnSSw/5sc3pjka9MQPouksQNpw==} + spdx-satisfies@6.0.0: + resolution: {integrity: sha512-oOWQocnRbFVtBnBITfFgzjhnOklHossTvI+6C1hB2slvp3HgTsfru5wuo8HY2rQpwSm5JuIhNzIuqOfR5IuojQ==} + + ssri@13.0.1: + resolution: {integrity: sha512-QUiRf1+u9wPTL/76GTYlKttDEBWV1ga9ZXW8BG6kfdeyyM8LGPix9gROyg9V2+P0xNyF3X2Go526xKFdMZrHSQ==} + engines: {node: ^20.17.0 || >=22.9.0} starlight-links-validator@0.24.1: resolution: {integrity: sha512-nATZ0xMLYnmO1YDBGEy9PdjF/WxhbKR7/gQo0dFs5UELcorKLPXcNLM62xbqII7g0AF7/D9wSzD4qSwIGTu8sw==} @@ -5333,10 +5535,6 @@ packages: resolution: {integrity: sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g==} engines: {node: '>=8'} - string-width@5.1.2: - resolution: {integrity: sha512-HnLOCR3vjcY8beoNLtcjZ5/nxn2afmME6lhrDrebokqMap+XbeW8n9TXpPDOqdGK5qcI3oT0GKTW6wC7EMiVqA==} - engines: {node: '>=12'} - string-width@7.2.0: resolution: {integrity: sha512-tsaTIkKW9b4N+AEj+SVA+WhJzV7/zMhcSu78mLKWSk7cXMOSHsBKFWUs0fWwq8QyK3MgJBQRX6Gbi4kYbdvGkQ==} engines: {node: '>=18'} @@ -5475,6 +5673,10 @@ packages: resolution: {integrity: sha512-1m4RA7xVAJrSGrrXGs0L3YTwyvBs2S8PbRHaLZAkFw7JR8oIFwYtysxlBZhYIa7xSyiYJKZ3iGrrk55cGA3i9A==} engines: {node: '>=0.6'} + treeverse@3.0.0: + resolution: {integrity: sha512-gcANaAnd2QDZFmHFEOF4k7uc1J/6a6z3DJMd/QwEyxLoKGiptJRwid582r7QIsFlFMIZ3SnxfS52S4hm2DHkuQ==} + engines: {node: ^14.17.0 || ^16.13.0 || >=18.0.0} + trim-lines@3.0.1: resolution: {integrity: sha512-kRj8B+YHZCc9kQYdWfJB2/oUl9rA99qbowYYBtr4ui4mZyAQ2JpvVBd/6U2YloATfqBhBTSMhTpgBHtU0Mf3Rg==} @@ -5538,6 +5740,10 @@ packages: engines: {node: '>=18.0.0'} hasBin: true + tuf-js@4.1.0: + resolution: {integrity: sha512-50QV99kCKH5P/Vs4E2Gzp7BopNV+KzTXqWeaxrfu5IQJBOULRsTIS9seSsOVT8ZnGXzCyx55nYWAi4qJzpZKEQ==} + engines: {node: ^20.17.0 || >=22.9.0} + typanion@3.14.0: resolution: {integrity: sha512-ZW/lVMRabETuYCd9O9ZvMhAh8GslSqaUjxmK/JLPCh6l73CvLBiuXswj/+7LdnWOgYsQ130FqLzFz5aGT4I3Ug==} @@ -5582,6 +5788,10 @@ packages: undici-types@7.24.6: resolution: {integrity: sha512-WRNW+sJgj5OBN4/0JpHFqtqzhpbnV0GuB+OozA9gCL7a993SmU+1JBZCzLNxYsbMfIeDL+lTsphD5jN5N+n0zg==} + undici@6.26.0: + resolution: {integrity: sha512-4yqz8a3n5HmGTlsbADNtr/dJlhkh/55Rq798G6ibiULcXbDtaLpTl1pvdqcbFfeoj3iSi52lePFM7h9H21cw/A==} + engines: {node: '>=18.17'} + unified@11.0.5: resolution: {integrity: sha512-xKvGhPWw3k84Qjh8bI3ZeJjqnyadK+GEFtazSfZv/rKeTkTjOJho6mFqh2SM96iIcZokxiOpg78GazTSg8+KHA==} @@ -5707,8 +5917,9 @@ packages: v8-compile-cache-lib@3.0.1: resolution: {integrity: sha512-wa7YjyUGfNZngI/vtK0UHAN+lgDCxBPCylVXGp0zu59Fz5aiGtNXaq3DhIov063MorB+VfufLh3JlF2KdTK3xg==} - validate-npm-package-license@3.0.4: - resolution: {integrity: sha512-DpKm2Ui/xN7/HQKCtpZxoRWBhZ9Z0kqtygG8XCgNQ8ZlDnxuQmWhj566j8fN4Cu3/JmbhsDo7fcAJq4s9h27Ew==} + validate-npm-package-name@7.0.2: + resolution: {integrity: sha512-hVDIBwsRruT73PbK7uP5ebUt+ezEtCmzZz3F59BSr2F6OVFnJ/6h8liuvdLrQ88Xmnk6/+xGGuq+pG9WwTuy3A==} + engines: {node: ^20.17.0 || >=22.9.0} vary@1.1.2: resolution: {integrity: sha512-BNGbWLfd0eUPabhkXUVm0j8uuvREyTh5ovRa/dyow/BqAbZJyC+5fU+IzQOzmAKzYqYRAISoRhdQr3eIZ/PXqg==} @@ -5796,6 +6007,10 @@ packages: resolution: {integrity: sha512-60HTx5ID+fLRcgdHfmz0LDZAXYEV68fzwG0JWwEPBode9NuMYTIxuYXPg4ngO8i8+Ou0lM7y6GzaYWbiDL0drw==} hasBin: true + walk-up-path@4.0.0: + resolution: {integrity: sha512-3hu+tD8YzSLGuFYtPRb48vdhKMi0KQV5sn+uWr8+7dMEq/2G/dtLrdDinkLjqq5TIbIBjYJ4Ax/n3YiaW7QM8A==} + engines: {node: 20 || >=22} + wcwidth@1.0.1: resolution: {integrity: sha512-XHPEwS0q6TaxcvG85+8EYkbiCux2XtWG2mkc47Ng2A77BQu9+DqIOJldST4HgPkuea7dvKSj5VgX3P1d4rW8Tg==} @@ -5843,10 +6058,6 @@ packages: resolution: {integrity: sha512-YVGIj2kamLSTxw6NsZjoBxfSwsn0ycdesmc4p+Q21c5zPuZ1pl+NfxVdxPtdHvmNVOQ6XSYG4AUtyt/Fi7D16Q==} engines: {node: '>=10'} - wrap-ansi@8.1.0: - resolution: {integrity: sha512-si7QWI6zUMq56bESFvagtmzMdGOtoxfR+Sez11Mobfc7tm+VkUckk9bW2UeffTGVUbOksxmSw0AA2gs8g71NCQ==} - engines: {node: '>=12'} - wrap-ansi@9.0.2: resolution: {integrity: sha512-42AtmgqjV+X1VpdOfyTGOYRi0/zsoLqtXQckTmqTeybT+BDIbM/Guxo7x3pE2vtpr1ok6xRqM9OpBe+Jyoqyww==} engines: {node: '>=18'} @@ -5858,6 +6069,10 @@ packages: resolution: {integrity: sha512-OTIk8iR8/aCRWBqvxrzxR0hgxWpnYBblY1S5hDWBQfk/VFmJwzmJgQFN3WsoUKHISv2eAwe+PpbUzyL1CKTLXg==} engines: {node: ^20.17.0 || >=22.9.0} + write-file-atomic@8.0.0: + resolution: {integrity: sha512-dYwyZredl67GyLLIHJnRM3h2PcOmN5SkcgC7eM5DPDEOEl6dLFqVrMg3F1Ea32usj4VSVZtd2H4MtKTNOf6nPg==} + engines: {node: ^22.22.2 || ^24.15.0 || >=26.0.0} + xml-naming@0.1.0: resolution: {integrity: sha512-k8KO9hrMyNk6tUWqUfkTEZbezRRpONVOzUTnc97VnCvyj6Tf9lyUR9EDAIeiVLv56jsMcoXEwjW8Kv5yPY52lw==} engines: {node: '>=16.0.0'} @@ -5869,6 +6084,9 @@ packages: resolution: {integrity: sha512-0pfFzegeDWJHJIAmTLRP2DwHjdF5s7jo9tuztdQxAhINCdvS+3nGINqPd00AphqJR/0LhANUS6/+7SCb98YOfA==} engines: {node: '>=10'} + yallist@4.0.0: + resolution: {integrity: sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==} + yallist@5.0.0: resolution: {integrity: sha512-YgvUTfwqyc7UXVMrB+SImsVYSmTS8X/tSrtdNZMImM+n7+QTriRXyXim0mBrTXNeqzVF0KWGgHPeiyViFFrNDw==} engines: {node: '>=18'} @@ -6559,21 +6777,21 @@ snapshots: '@ctrl/tinycolor@4.2.0': {} - '@cyclonedx/cyclonedx-library@10.1.0(ajv-formats-draft2019@1.6.1(ajv@8.18.0))(ajv-formats@3.0.1(ajv@8.18.0))(ajv@8.18.0)(packageurl-js@2.0.1)(spdx-expression-parse@3.0.1)': + '@cyclonedx/cyclonedx-library@10.1.0(ajv-formats-draft2019@1.6.1(ajv@8.18.0))(ajv-formats@3.0.1(ajv@8.18.0))(ajv@8.18.0)(packageurl-js@2.0.1)(spdx-expression-parse@4.0.0)': optionalDependencies: ajv: 8.18.0 ajv-formats: 3.0.1(ajv@8.18.0) ajv-formats-draft2019: 1.6.1(ajv@8.18.0) packageurl-js: 2.0.1 - spdx-expression-parse: 3.0.1 + spdx-expression-parse: 4.0.0 - '@cyclonedx/cyclonedx-library@10.1.0(ajv-formats-draft2019@1.6.1(ajv@8.20.0))(ajv-formats@3.0.1(ajv@8.20.0))(ajv@8.20.0)(packageurl-js@2.0.1)(spdx-expression-parse@3.0.1)': + '@cyclonedx/cyclonedx-library@10.1.0(ajv-formats-draft2019@1.6.1(ajv@8.20.0))(ajv-formats@3.0.1(ajv@8.20.0))(ajv@8.20.0)(packageurl-js@2.0.1)(spdx-expression-parse@4.0.0)': optionalDependencies: ajv: 8.20.0 ajv-formats: 3.0.1(ajv@8.20.0) ajv-formats-draft2019: 1.6.1(ajv@8.20.0) packageurl-js: 2.0.1 - spdx-expression-parse: 3.0.1 + spdx-expression-parse: 4.0.0 '@duckdb/node-api@1.5.3-r.3': dependencies: @@ -6726,6 +6944,8 @@ snapshots: '@fortawesome/fontawesome-free@6.7.2': {} + '@gar/promise-retry@1.0.3': {} + '@hono/node-server@1.19.14(hono@4.12.21)': dependencies: hono: 4.12.21 @@ -6949,19 +7169,12 @@ snapshots: optionalDependencies: '@types/node': 25.9.3 - '@isaacs/cliui@8.0.2': - dependencies: - string-width: 5.1.2 - string-width-cjs: string-width@4.2.3 - strip-ansi: 7.2.0 - strip-ansi-cjs: strip-ansi@6.0.1 - wrap-ansi: 8.1.0 - wrap-ansi-cjs: wrap-ansi@7.0.0 - '@isaacs/fs-minipass@4.0.1': dependencies: minipass: 7.1.3 + '@isaacs/string-locale-compare@1.1.0': {} + '@jridgewell/gen-mapping@0.3.13': dependencies: '@jridgewell/sourcemap-codec': 1.5.5 @@ -7158,9 +7371,123 @@ snapshots: '@nodelib/fs.scandir': 2.1.5 fastq: 1.20.1 - '@npmcli/fs@3.1.1': + '@npmcli/agent@4.0.2': + dependencies: + agent-base: 7.1.4 + http-proxy-agent: 7.0.2 + https-proxy-agent: 7.0.6 + lru-cache: 11.5.1 + socks-proxy-agent: 8.0.5 + transitivePeerDependencies: + - supports-color + + '@npmcli/arborist@9.6.0': + dependencies: + '@gar/promise-retry': 1.0.3 + '@isaacs/string-locale-compare': 1.1.0 + '@npmcli/fs': 5.0.0 + '@npmcli/installed-package-contents': 4.0.0 + '@npmcli/map-workspaces': 5.0.3 + '@npmcli/metavuln-calculator': 9.0.3 + '@npmcli/name-from-folder': 4.0.0 + '@npmcli/node-gyp': 5.0.0 + '@npmcli/package-json': 7.0.5 + '@npmcli/query': 5.0.0 + '@npmcli/redact': 4.0.0 + '@npmcli/run-script': 10.0.4 + bin-links: 6.0.2 + cacache: 20.0.4 + common-ancestor-path: 2.0.0 + hosted-git-info: 9.0.3 + json-stringify-nice: 1.1.4 + lru-cache: 11.5.1 + minimatch: 10.2.5 + nopt: 9.0.0 + npm-install-checks: 8.0.0 + npm-package-arg: 13.0.2 + npm-pick-manifest: 11.0.3 + npm-registry-fetch: 19.1.1 + pacote: 21.5.1 + parse-conflict-json: 5.0.1 + proc-log: 6.1.0 + proggy: 4.0.0 + promise-all-reject-late: 1.0.1 + promise-call-limit: 3.0.2 + semver: 7.8.4 + ssri: 13.0.1 + treeverse: 3.0.0 + walk-up-path: 4.0.0 + transitivePeerDependencies: + - supports-color + + '@npmcli/fs@5.0.0': + dependencies: + semver: 7.8.4 + + '@npmcli/git@7.0.2': + dependencies: + '@gar/promise-retry': 1.0.3 + '@npmcli/promise-spawn': 9.0.1 + ini: 6.0.0 + lru-cache: 11.5.1 + npm-pick-manifest: 11.0.3 + proc-log: 6.1.0 + semver: 7.8.4 + which: 6.0.1 + + '@npmcli/installed-package-contents@4.0.0': + dependencies: + npm-bundled: 5.0.0 + npm-normalize-package-bin: 5.0.0 + + '@npmcli/map-workspaces@5.0.3': dependencies: - semver: 7.8.0 + '@npmcli/name-from-folder': 4.0.0 + '@npmcli/package-json': 7.0.5 + glob: 13.0.6 + minimatch: 10.2.5 + + '@npmcli/metavuln-calculator@9.0.3': + dependencies: + cacache: 20.0.4 + json-parse-even-better-errors: 5.0.0 + pacote: 21.5.1 + proc-log: 6.1.0 + semver: 7.8.4 + transitivePeerDependencies: + - supports-color + + '@npmcli/name-from-folder@4.0.0': {} + + '@npmcli/node-gyp@5.0.0': {} + + '@npmcli/package-json@7.0.5': + dependencies: + '@npmcli/git': 7.0.2 + glob: 13.0.6 + hosted-git-info: 9.0.3 + json-parse-even-better-errors: 5.0.0 + proc-log: 6.1.0 + semver: 7.8.4 + spdx-expression-parse: 4.0.0 + + '@npmcli/promise-spawn@9.0.1': + dependencies: + which: 6.0.1 + + '@npmcli/query@5.0.0': + dependencies: + postcss-selector-parser: 7.1.4 + + '@npmcli/redact@4.0.0': {} + + '@npmcli/run-script@10.0.4': + dependencies: + '@npmcli/node-gyp': 5.0.0 + '@npmcli/package-json': 7.0.5 + '@npmcli/promise-spawn': 9.0.1 + node-gyp: 12.4.0 + proc-log: 6.1.0 '@oslojs/encoding@1.1.0': {} @@ -7187,9 +7514,6 @@ snapshots: '@pagefind/windows-x64@1.5.2': optional: true - '@pkgjs/parseargs@0.11.0': - optional: true - '@pnpm/crypto.base32-hash@1.0.1': dependencies: rfc4648: 1.5.4 @@ -7394,6 +7718,38 @@ snapshots: '@shikijs/vscode-textmate@10.0.2': {} + '@sigstore/bundle@4.0.0': + dependencies: + '@sigstore/protobuf-specs': 0.5.1 + + '@sigstore/core@3.2.1': {} + + '@sigstore/protobuf-specs@0.5.1': {} + + '@sigstore/sign@4.1.1': + dependencies: + '@gar/promise-retry': 1.0.3 + '@sigstore/bundle': 4.0.0 + '@sigstore/core': 3.2.1 + '@sigstore/protobuf-specs': 0.5.1 + make-fetch-happen: 15.0.6 + proc-log: 6.1.0 + transitivePeerDependencies: + - supports-color + + '@sigstore/tuf@4.0.2': + dependencies: + '@sigstore/protobuf-specs': 0.5.1 + tuf-js: 4.1.0 + transitivePeerDependencies: + - supports-color + + '@sigstore/verify@3.1.1': + dependencies: + '@sigstore/bundle': 4.0.0 + '@sigstore/core': 3.2.1 + '@sigstore/protobuf-specs': 0.5.1 + '@simple-libs/child-process-utils@1.0.2': dependencies: '@simple-libs/stream-utils': 1.2.0 @@ -7469,7 +7825,7 @@ snapshots: lodash.values: 4.3.0 object-hash: 3.0.0 packageurl-js: 2.0.1 - semver: 7.8.3 + semver: 7.8.4 tslib: 2.8.1 '@snyk/error-catalog-nodejs-public@5.82.0': @@ -7541,6 +7897,13 @@ snapshots: '@tsconfig/node16@1.0.4': {} + '@tufjs/canonical-json@2.0.0': {} + + '@tufjs/models@4.1.0': + dependencies: + '@tufjs/canonical-json': 2.0.0 + minimatch: 10.2.5 + '@types/braces@3.0.5': {} '@types/cacheable-request@6.0.3': @@ -7783,7 +8146,7 @@ snapshots: hpagent: 1.2.0 micromatch: 4.0.8 p-limit: 2.3.0 - semver: 7.8.3 + semver: 7.8.4 strip-ansi: 6.0.1 tar: 7.5.16 tinylogic: 2.0.0 @@ -7824,6 +8187,8 @@ snapshots: abbrev@2.0.0: {} + abbrev@4.0.0: {} + accepts@2.0.0: dependencies: mime-types: 3.0.2 @@ -7844,6 +8209,8 @@ snapshots: adm-zip@0.5.17: optional: true + agent-base@7.1.4: {} + aggregate-error@3.1.0: dependencies: clean-stack: 2.2.0 @@ -8075,6 +8442,14 @@ snapshots: is-alphanumerical: 2.0.1 is-decimal: 2.0.1 + bin-links@6.0.2: + dependencies: + cmd-shim: 8.0.0 + npm-normalize-package-bin: 5.0.0 + proc-log: 6.1.0 + read-cmd-shim: 6.0.0 + write-file-atomic: 7.0.1 + binary-extensions@2.3.0: {} bl@4.1.0: @@ -8128,6 +8503,19 @@ snapshots: cac@6.7.14: {} + cacache@20.0.4: + dependencies: + '@npmcli/fs': 5.0.0 + fs-minipass: 3.0.3 + glob: 13.0.6 + lru-cache: 11.5.1 + minipass: 7.1.3 + minipass-collect: 2.0.1 + minipass-flush: 1.0.7 + minipass-pipeline: 1.2.4 + p-map: 7.0.4 + ssri: 13.0.1 + cacheable-lookup@5.0.4: {} cacheable-request@7.0.4: @@ -8272,6 +8660,8 @@ snapshots: transitivePeerDependencies: - supports-color + cmd-shim@8.0.0: {} + code-block-writer@13.0.3: optional: true @@ -8721,7 +9111,7 @@ snapshots: '@pnpm/crypto.base32-hash': 1.0.1 '@pnpm/types': 8.9.0 encode-registry: 3.0.1 - semver: 7.8.3 + semver: 7.8.4 dequal@2.0.3: {} @@ -8785,16 +9175,12 @@ snapshots: es-errors: 1.3.0 gopd: 1.2.0 - eastasianwidth@0.2.0: {} - ee-first@1.1.1: {} emoji-regex@10.6.0: {} emoji-regex@8.0.0: {} - emoji-regex@9.2.2: {} - encode-registry@3.0.1: dependencies: mem: 8.1.1 @@ -8941,6 +9327,8 @@ snapshots: dependencies: homedir-polyfill: 1.0.3 + exponential-backoff@3.1.3: {} + express-rate-limit@8.5.2(express@5.2.1): dependencies: express: 5.2.1 @@ -9091,11 +9479,6 @@ snapshots: dependencies: tiny-inflate: 1.0.3 - foreground-child@3.3.1: - dependencies: - cross-spawn: 7.0.6 - signal-exit: 4.1.0 - forwarded@0.2.0: {} fresh@2.0.0: {} @@ -9113,6 +9496,10 @@ snapshots: jsonfile: 6.2.1 universalify: 2.0.1 + fs-minipass@3.0.3: + dependencies: + minipass: 7.1.3 + fs.realpath@1.0.0: {} fsevents@2.3.2: @@ -9167,14 +9554,11 @@ snapshots: dependencies: is-glob: 4.0.3 - glob@10.5.0: + glob@13.0.6: dependencies: - foreground-child: 3.3.1 - jackspeak: 3.4.3 - minimatch: 9.0.7 + minimatch: 10.2.5 minipass: 7.1.3 - package-json-from-dist: 1.0.1 - path-scurry: 1.11.1 + path-scurry: 2.0.2 glob@7.2.3: dependencies: @@ -9512,9 +9896,9 @@ snapshots: hono@4.12.21: {} - hosted-git-info@6.1.3: + hosted-git-info@9.0.3: dependencies: - lru-cache: 7.18.3 + lru-cache: 11.5.1 hpagent@1.2.0: {} @@ -9534,11 +9918,25 @@ snapshots: statuses: 2.0.2 toidentifier: 1.0.1 + http-proxy-agent@7.0.2: + dependencies: + agent-base: 7.1.4 + debug: 4.4.3 + transitivePeerDependencies: + - supports-color + http2-wrapper@1.0.3: dependencies: quick-lru: 5.1.1 resolve-alpn: 1.2.1 + https-proxy-agent@7.0.6: + dependencies: + agent-base: 7.1.4 + debug: 4.4.3 + transitivePeerDependencies: + - supports-color + i18next@26.3.1(typescript@6.0.3): optionalDependencies: typescript: 6.0.3 @@ -9553,6 +9951,10 @@ snapshots: ieee754@1.2.1: {} + ignore-walk@8.0.0: + dependencies: + minimatch: 10.2.5 + import-fresh@3.3.1: dependencies: parent-module: 1.0.1 @@ -9620,10 +10022,6 @@ snapshots: dependencies: binary-extensions: 2.3.0 - is-core-module@2.16.2: - dependencies: - hasown: 2.0.3 - is-decimal@2.0.1: {} is-docker@3.0.0: {} @@ -9672,12 +10070,6 @@ snapshots: isexe@4.0.0: {} - jackspeak@3.4.3: - dependencies: - '@isaacs/cliui': 8.0.2 - optionalDependencies: - '@pkgjs/parseargs': 0.11.0 - jiti@2.6.1: {} jose@6.2.3: {} @@ -9700,12 +10092,14 @@ snapshots: json-parse-even-better-errors@2.3.1: {} - json-parse-even-better-errors@3.0.2: {} + json-parse-even-better-errors@5.0.0: {} json-schema-traverse@1.0.0: {} json-schema-typed@8.0.2: {} + json-stringify-nice@1.1.4: {} + jsonc-parser@3.3.1: {} jsonfile@6.2.1: @@ -9714,6 +10108,12 @@ snapshots: optionalDependencies: graceful-fs: 4.2.11 + jsonparse@1.3.1: {} + + just-diff-apply@5.5.0: {} + + just-diff@6.0.2: {} + katex@0.16.46: dependencies: commander: 8.3.0 @@ -9773,18 +10173,19 @@ snapshots: lefthook-windows-arm64: 2.1.9 lefthook-windows-x64: 2.1.9 - license-checker-rseidelsohn@4.4.2: + license-checker-rseidelsohn@5.0.1: dependencies: + '@npmcli/arborist': 9.6.0 + '@npmcli/package-json': 7.0.5 chalk: 4.1.2 debug: 4.4.3 lodash.clonedeep: 4.5.0 mkdirp: 1.0.4 nopt: 7.2.1 - read-installed-packages: 2.0.1 - semver: 7.8.0 + semver: 7.8.4 spdx-correct: 3.2.0 - spdx-expression-parse: 3.0.1 - spdx-satisfies: 5.0.1 + spdx-expression-parse: 4.0.0 + spdx-satisfies: 6.0.0 treeify: 1.1.0 transitivePeerDependencies: - supports-color @@ -9870,12 +10271,8 @@ snapshots: lowercase-keys@2.0.0: {} - lru-cache@10.4.3: {} - lru-cache@11.5.1: {} - lru-cache@7.18.3: {} - magic-string@0.30.21: dependencies: '@jridgewell/sourcemap-codec': 1.5.5 @@ -9888,6 +10285,23 @@ snapshots: make-error@1.3.6: {} + make-fetch-happen@15.0.6: + dependencies: + '@gar/promise-retry': 1.0.3 + '@npmcli/agent': 4.0.2 + '@npmcli/redact': 4.0.0 + cacache: 20.0.4 + http-cache-semantics: 4.2.0 + minipass: 7.1.3 + minipass-fetch: 5.0.2 + minipass-flush: 1.0.7 + minipass-pipeline: 1.2.4 + negotiator: 1.0.0 + proc-log: 6.1.0 + ssri: 13.0.1 + transitivePeerDependencies: + - supports-color + map-age-cleaner@0.1.3: dependencies: p-defer: 1.0.0 @@ -10439,17 +10853,40 @@ snapshots: minimatch@10.2.5: dependencies: brace-expansion: 5.0.6 - optional: true minimatch@3.1.4: dependencies: brace-expansion: 1.1.13 - minimatch@9.0.7: + minimist@1.2.8: {} + + minipass-collect@2.0.1: dependencies: - brace-expansion: 5.0.6 + minipass: 7.1.3 - minimist@1.2.8: {} + minipass-fetch@5.0.2: + dependencies: + minipass: 7.1.3 + minipass-sized: 2.0.0 + minizlib: 3.1.0 + optionalDependencies: + iconv-lite: 0.7.2 + + minipass-flush@1.0.7: + dependencies: + minipass: 3.3.6 + + minipass-pipeline@1.2.4: + dependencies: + minipass: 3.3.6 + + minipass-sized@2.0.0: + dependencies: + minipass: 7.1.3 + + minipass@3.3.6: + dependencies: + yallist: 4.0.0 minipass@7.1.3: {} @@ -10507,24 +10944,74 @@ snapshots: node-fetch-native@1.6.7: {} + node-gyp@12.4.0: + dependencies: + env-paths: 2.2.1 + exponential-backoff: 3.1.3 + graceful-fs: 4.2.11 + nopt: 9.0.0 + proc-log: 6.1.0 + semver: 7.8.4 + tar: 7.5.16 + tinyglobby: 0.2.17 + undici: 6.26.0 + which: 6.0.1 + node-mock-http@1.0.4: {} nopt@7.2.1: dependencies: abbrev: 2.0.0 - normalize-package-data@5.0.0: + nopt@9.0.0: dependencies: - hosted-git-info: 6.1.3 - is-core-module: 2.16.2 - semver: 7.8.0 - validate-npm-package-license: 3.0.4 + abbrev: 4.0.0 normalize-path@3.0.0: {} normalize-url@6.1.0: {} - npm-normalize-package-bin@3.0.1: {} + npm-bundled@5.0.0: + dependencies: + npm-normalize-package-bin: 5.0.0 + + npm-install-checks@8.0.0: + dependencies: + semver: 7.8.4 + + npm-normalize-package-bin@5.0.0: {} + + npm-package-arg@13.0.2: + dependencies: + hosted-git-info: 9.0.3 + proc-log: 6.1.0 + semver: 7.8.4 + validate-npm-package-name: 7.0.2 + + npm-packlist@10.0.4: + dependencies: + ignore-walk: 8.0.0 + proc-log: 6.1.0 + + npm-pick-manifest@11.0.3: + dependencies: + npm-install-checks: 8.0.0 + npm-normalize-package-bin: 5.0.0 + npm-package-arg: 13.0.2 + semver: 7.8.4 + + npm-registry-fetch@19.1.1: + dependencies: + '@npmcli/redact': 4.0.0 + jsonparse: 1.3.1 + make-fetch-happen: 15.0.6 + minipass: 7.1.3 + minipass-fetch: 5.0.2 + minizlib: 3.1.0 + npm-package-arg: 13.0.2 + proc-log: 6.1.0 + transitivePeerDependencies: + - supports-color nth-check@2.1.1: dependencies: @@ -10626,12 +11113,32 @@ snapshots: p-try@2.2.0: {} - package-json-from-dist@1.0.1: {} - package-manager-detector@1.6.0: {} packageurl-js@2.0.1: {} + pacote@21.5.1: + dependencies: + '@gar/promise-retry': 1.0.3 + '@npmcli/git': 7.0.2 + '@npmcli/installed-package-contents': 4.0.0 + '@npmcli/package-json': 7.0.5 + '@npmcli/promise-spawn': 9.0.1 + '@npmcli/run-script': 10.0.4 + cacache: 20.0.4 + fs-minipass: 3.0.3 + minipass: 7.1.3 + npm-package-arg: 13.0.2 + npm-packlist: 10.0.4 + npm-pick-manifest: 11.0.3 + npm-registry-fetch: 19.1.1 + proc-log: 6.1.0 + sigstore: 4.1.1 + ssri: 13.0.1 + tar: 7.5.16 + transitivePeerDependencies: + - supports-color + pagefind@1.5.2: optionalDependencies: '@pagefind/darwin-arm64': 1.5.2 @@ -10646,6 +11153,12 @@ snapshots: dependencies: callsites: 3.1.0 + parse-conflict-json@5.0.1: + dependencies: + json-parse-even-better-errors: 5.0.0 + just-diff: 6.0.2 + just-diff-apply: 5.5.0 + parse-entities@4.0.2: dependencies: '@types/unist': 2.0.11 @@ -10691,9 +11204,9 @@ snapshots: path-key@3.1.1: {} - path-scurry@1.11.1: + path-scurry@2.0.2: dependencies: - lru-cache: 10.4.3 + lru-cache: 11.5.1 minipass: 7.1.3 path-to-regexp@8.4.2: {} @@ -10756,6 +11269,11 @@ snapshots: cssesc: 3.0.0 util-deprecate: 1.0.2 + postcss-selector-parser@7.1.4: + dependencies: + cssesc: 3.0.0 + util-deprecate: 1.0.2 + postcss@8.5.15: dependencies: nanoid: 3.3.12 @@ -10764,8 +11282,16 @@ snapshots: prismjs@1.30.0: {} + proc-log@6.1.0: {} + + proggy@4.0.0: {} + progress@2.0.3: {} + promise-all-reject-late@1.0.1: {} + + promise-call-limit@3.0.2: {} + property-information@7.2.0: {} proxy-addr@2.0.7: @@ -10813,24 +11339,7 @@ snapshots: minimist: 1.2.8 strip-json-comments: 2.0.1 - read-installed-packages@2.0.1: - dependencies: - '@npmcli/fs': 3.1.1 - debug: 4.4.3 - read-package-json: 6.0.4 - semver: 7.8.0 - slide: 1.1.6 - optionalDependencies: - graceful-fs: 4.2.11 - transitivePeerDependencies: - - supports-color - - read-package-json@6.0.4: - dependencies: - glob: 10.5.0 - json-parse-even-better-errors: 3.0.2 - normalize-package-data: 5.0.0 - npm-normalize-package-bin: 3.0.1 + read-cmd-shim@6.0.0: {} readable-stream@3.6.2: dependencies: @@ -11178,8 +11687,6 @@ snapshots: dependencies: extend: 3.0.2 - semver@7.8.0: {} - semver@7.8.3: {} semver@7.8.4: {} @@ -11329,6 +11836,17 @@ snapshots: signal-exit@4.1.0: {} + sigstore@4.1.1: + dependencies: + '@sigstore/bundle': 4.0.0 + '@sigstore/core': 3.2.1 + '@sigstore/protobuf-specs': 0.5.1 + '@sigstore/sign': 4.1.1 + '@sigstore/tuf': 4.0.2 + '@sigstore/verify': 3.1.1 + transitivePeerDependencies: + - supports-color + sisteransi@1.0.5: {} sitemap@9.0.1: @@ -11348,7 +11866,7 @@ snapshots: ansi-styles: 6.2.3 is-fullwidth-code-point: 5.1.0 - slide@1.1.6: {} + smart-buffer@4.2.0: {} smol-toml@1.6.1: {} @@ -11372,6 +11890,7 @@ snapshots: '@snyk/graphlib': 2.1.9-patch.3 '@yarnpkg/core': 4.8.0(typanion@3.14.0) '@yarnpkg/lockfile': 1.1.0 + debug: 4.4.3 dependency-path: 9.2.8 event-loop-spinner: 2.3.2 js-yaml: 4.1.1 @@ -11389,6 +11908,19 @@ snapshots: - supports-color - typanion + socks-proxy-agent@8.0.5: + dependencies: + agent-base: 7.1.4 + debug: 4.4.3 + socks: 2.8.9 + transitivePeerDependencies: + - supports-color + + socks@2.8.9: + dependencies: + ip-address: 10.2.0 + smart-buffer: 4.2.0 + source-map-js@1.2.1: {} source-map@0.7.6: {} @@ -11413,16 +11945,25 @@ snapshots: spdx-exceptions: 2.5.0 spdx-license-ids: 3.0.23 + spdx-expression-parse@4.0.0: + dependencies: + spdx-exceptions: 2.5.0 + spdx-license-ids: 3.0.23 + spdx-license-ids@3.0.23: {} spdx-ranges@2.1.1: {} - spdx-satisfies@5.0.1: + spdx-satisfies@6.0.0: dependencies: spdx-compare: 1.0.0 spdx-expression-parse: 3.0.1 spdx-ranges: 2.1.1 + ssri@13.0.1: + dependencies: + minipass: 7.1.3 + starlight-links-validator@0.24.1(@astrojs/starlight@0.40.0(astro@6.4.6(@types/node@25.9.3)(jiti@2.6.1)(rollup@4.61.1)(tsx@4.22.4)(yaml@2.9.0))(typescript@6.0.3))(astro@6.4.6(@types/node@25.9.3)(jiti@2.6.1)(rollup@4.61.1)(tsx@4.22.4)(yaml@2.9.0)): dependencies: '@astrojs/starlight': 0.40.0(astro@6.4.6(@types/node@25.9.3)(jiti@2.6.1)(rollup@4.61.1)(tsx@4.22.4)(yaml@2.9.0))(typescript@6.0.3) @@ -11478,12 +12019,6 @@ snapshots: is-fullwidth-code-point: 3.0.0 strip-ansi: 6.0.1 - string-width@5.1.2: - dependencies: - eastasianwidth: 0.2.0 - emoji-regex: 9.2.2 - strip-ansi: 7.2.0 - string-width@7.2.0: dependencies: emoji-regex: 10.6.0 @@ -11627,6 +12162,8 @@ snapshots: treeify@1.1.0: {} + treeverse@3.0.0: {} + trim-lines@3.0.1: {} trim-trailing-lines@2.1.0: {} @@ -11699,6 +12236,14 @@ snapshots: optionalDependencies: fsevents: 2.3.3 + tuf-js@4.1.0: + dependencies: + '@tufjs/models': 4.1.0 + debug: 4.4.3 + make-fetch-happen: 15.0.6 + transitivePeerDependencies: + - supports-color + typanion@3.14.0: {} type-fest@0.20.2: @@ -11728,6 +12273,8 @@ snapshots: undici-types@7.24.6: {} + undici@6.26.0: {} + unified@11.0.5: dependencies: '@types/unist': 3.0.3 @@ -11823,10 +12370,7 @@ snapshots: v8-compile-cache-lib@3.0.1: {} - validate-npm-package-license@3.0.4: - dependencies: - spdx-correct: 3.2.0 - spdx-expression-parse: 3.0.1 + validate-npm-package-name@7.0.2: {} vary@1.1.2: {} @@ -11889,6 +12433,8 @@ snapshots: dependencies: vscode-languageserver-protocol: 3.16.0 + walk-up-path@4.0.0: {} + wcwidth@1.0.1: dependencies: defaults: 1.0.4 @@ -11933,12 +12479,6 @@ snapshots: string-width: 4.2.3 strip-ansi: 6.0.1 - wrap-ansi@8.1.0: - dependencies: - ansi-styles: 6.2.3 - string-width: 5.1.2 - strip-ansi: 7.2.0 - wrap-ansi@9.0.2: dependencies: ansi-styles: 6.2.3 @@ -11951,12 +12491,18 @@ snapshots: dependencies: signal-exit: 4.1.0 + write-file-atomic@8.0.0: + dependencies: + signal-exit: 4.1.0 + xml-naming@0.1.0: {} xxhash-wasm@1.1.0: {} y18n@5.0.8: {} + yallist@4.0.0: {} + yallist@5.0.0: {} yaml@2.9.0: {} @@ -12029,7 +12575,7 @@ time: graphology-dag@0.4.1: '2023-12-09T08:29:05.655Z' graphology@0.26.0: '2025-01-26T10:25:05.589Z' lefthook@2.1.9: '2026-05-29T08:40:26.517Z' - license-checker-rseidelsohn@4.4.2: '2024-09-09T05:30:18.956Z' + license-checker-rseidelsohn@5.0.1: '2026-05-27T14:15:44.165Z' listr2@10.2.1: '2026-03-02T23:32:42.720Z' lru-cache@11.5.1: '2026-05-27T15:04:12.732Z' onnxruntime-node@1.26.0: '2026-05-08T19:50:24.041Z' @@ -12047,6 +12593,6 @@ time: tsx@4.22.4: '2026-05-31T12:22:19.330Z' typescript@6.0.3: '2026-04-16T23:38:27.905Z' web-tree-sitter@0.26.9: '2026-05-19T18:12:46.154Z' - write-file-atomic@7.0.1: '2026-02-26T21:57:55.279Z' + write-file-atomic@8.0.0: '2026-05-08T18:30:27.965Z' yaml@2.9.0: '2026-05-11T10:16:24.045Z' zod@4.4.3: '2026-05-04T07:06:40.819Z' diff --git a/pnpm-workspace.yaml b/pnpm-workspace.yaml index 7ffcb90c..aef4ba27 100644 --- a/pnpm-workspace.yaml +++ b/pnpm-workspace.yaml @@ -33,6 +33,19 @@ overrides: # to 0.28.1 — the first patched release — until astro widens its own range. esbuild@>=0.27.3 <0.28.1: "0.28.1" +# packageExtensions patch third-party manifests that under-declare their deps. +packageExtensions: + # snyk-nodejs-lockfile-parser@2.8.0 requires('debug') in its lockfile parsers + # (dist/parsers/lock-parser-base.js) but does not declare it — it relied on + # `debug` being flat-hoisted by npm. Under pnpm's strict symlinked layout + # that resolution fails, so `codehub analyze` crashes with + # "Cannot find module 'debug'" when the CLI is installed via `pnpm add -g`. + # Inject the missing dep so pnpm places `debug` in snyk's resolution scope. + # (`npm install -g` is unaffected — it flat-hoists `debug` regardless.) + snyk-nodejs-lockfile-parser: + dependencies: + debug: "4.4.3" + # Project-level settings. In pnpm v11, only auth+registry settings are read # from .npmrc; non-auth settings belong here or in ~/.config/pnpm/config.yaml. # User-specific settings (store-dir, package-import-method) stay in diff --git a/scripts/acceptance.sh b/scripts/acceptance.sh index c9467c88..a4d5f5ae 100755 --- a/scripts/acceptance.sh +++ b/scripts/acceptance.sh @@ -115,7 +115,7 @@ echo "5/${TOTAL_GATES}: license allowlist" # mise/ci callers. if pnpm exec license-checker-rseidelsohn \ --start packages/cli \ - --onlyAllow 'Apache-2.0;MIT;BSD-2-Clause;BSD-3-Clause;ISC;CC0-1.0;BlueOak-1.0.0;0BSD' \ + --onlyAllow 'Apache-2.0;MIT;BSD-2-Clause;BSD-3-Clause;ISC;CC0-1.0;BlueOak-1.0.0;0BSD;Python-2.0;CC-BY-3.0;MIT OR Apache-2.0;(Apache-2.0 AND MIT);(BSD-3-Clause AND Apache-2.0);(BSD-2-Clause OR MIT OR Apache-2.0);(MIT OR CC0-1.0)' \ --excludePrivatePackages --production \ > "$tmpdir/license.log" 2>&1; then pass "licenses within allowlist"