diff --git a/packages/cli-command/package.json b/packages/cli-command/package.json
index 87ca7adde..ad7c711f5 100644
--- a/packages/cli-command/package.json
+++ b/packages/cli-command/package.json
@@ -27,6 +27,7 @@
     ".": "./dist/index.js",
     "./flags": "./dist/flags.js",
     "./utils": "./dist/utils.js",
+    "./smartsnap": "./dist/smartsnap.js",
     "./test/helpers": "./test/helpers.js"
   },
   "scripts": {
@@ -36,8 +37,13 @@
     "test:coverage": "yarn test --coverage"
   },
   "dependencies": {
-    "@percy/config": "1.32.0-beta.1",
-    "@percy/core": "1.32.0-beta.1",
-    "@percy/logger": "1.32.0-beta.1"
+    "@percy/config": "1.31.14",
+    "@percy/core": "1.31.14",
+    "@percy/logger": "1.31.14",
+    "glob-to-regexp": "^0.4.1",
+    "stream-json": "^1.8.0"
+  },
+  "optionalDependencies": {
+    "snyk-nodejs-lockfile-parser": "2.7.1"
   }
 }
diff --git a/packages/cli-command/src/graphTrace.js b/packages/cli-command/src/graphTrace.js
new file mode 100644
index 000000000..3e79d84f6
--- /dev/null
+++ b/packages/cli-command/src/graphTrace.js
@@ -0,0 +1,152 @@
+import fs from 'fs';
+import path from 'path';
+import url from 'url';
+
+// Template resolution mirrors core/utils.js's secretPatterns.yml lookup:
+// resolves relative to this file's URL so it works under src/ (dev) and
+// dist/ (installed) without bundler help. The .html file is copied alongside
+// by babel's copyFiles when cli-command is built.
+const TEMPLATE_PATH = path.resolve(url.fileURLToPath(import.meta.url), '../graphTraceTemplate.html');
+
+// Maps a (raw kind, changed) pair to the kind value the template expects:
+// 'package' | 'component' | 'story' | 'is_relevant'. `changed: true` wins
+// over the underlying kind so any node touched in the diff renders purple.
+function templateKindOf(v) {
+  if (v.changed) return 'is_relevant';
+  switch (v.kind) {
+    case 'dependency': return 'package';
+    case 'component': return 'component';
+    case 'story': return 'story';
+    default: return 'component';
+  }
+}
+
+// Sort order within a column: packages left, components middle, stories right.
+// `is_relevant` shares rank with components so a changed node doesn't jump
+// out of its own group — it just recolors.
+const KIND_RANK = { package: 0, component: 1, is_relevant: 1, story: 2 };
+
+// Layout algorithm (ported from the original Ruby renderer):
+//   1. col = longest-path depth reaching the vertex (read from the
+//      transitive-closure triples the API sends), with dependencies pinned
+//      to col 0.
+//   2. Propagate over edges so col[target] > col[source]. Bounded loop
+//      guards against degenerate inputs.
+//   3. Stories pushed past the rightmost non-story column.
+//   4. Within each column, sort by (kind-rank, name) and assign row.
+function computeLayout(rawVertices, edges, transitiveClosure) {
+  const n = rawVertices.length;
+  const vertices = rawVertices.map((v, i) => ({
+    index: i,
+    name: v.file_path,
+    kind: v.kind,
+    changed: !!v.changed,
+    row: 0,
+    col: 0
+  }));
+
+  // 1. Seed col from incoming transitive-closure lengths.
+  const incomingMax = new Array(n).fill(0);
+  for (const triple of transitiveClosure) {
+    const [u, v, val] = triple;
+    if (u === v || val <= 0) continue;
+    if (v < 0 || v >= n) continue;
+    if (val > incomingMax[v]) incomingMax[v] = val;
+  }
+  for (let i = 0; i < n; i++) {
+    vertices[i].col = vertices[i].kind === 'dependency' ? 0 : incomingMax[i] + 1;
+  }
+
+  // 2. Propagate edge constraint. n+2 iterations is enough for any DAG
+  // and bounds the work on accidentally-cyclic input.
+  const iterations = n + 2;
+  for (let iter = 0; iter < iterations; iter++) {
+    let changed = false;
+    for (const [s, t] of edges) {
+      if (s < 0 || s >= n || t < 0 || t >= n) continue;
+      if (vertices[s].col < vertices[t].col) continue;
+      vertices[t].col = vertices[s].col + 1;
+      changed = true;
+    }
+    if (!changed) break;
+  }
+
+  // 3. Stories rightmost. Two passes: max across non-stories first, then
+  // push every story past that boundary. Folding into one loop would let
+  // stories visited before the last non-story keep a stale max.
+  let furthestNonStory = 0;
+  for (const v of vertices) {
+    if (v.kind === 'story') continue;
+    if (v.col > furthestNonStory) furthestNonStory = v.col;
+  }
+  for (const v of vertices) {
+    if (v.kind !== 'story') continue;
+    if (v.col < furthestNonStory + 1) v.col = furthestNonStory + 1;
+  }
+
+  // 4. Group by column, sort by (kind-rank, name), assign row.
+  const groups = new Map();
+  for (const v of vertices) {
+    let list = groups.get(v.col);
+    if (!list) groups.set(v.col, list = []);
+    list.push(v);
+  }
+  const rankOf = v => {
+    const r = KIND_RANK[templateKindOf(v)];
+    return r === undefined ? 99 : r;
+  };
+  for (const list of groups.values()) {
+    list.sort((a, b) => {
+      const ra = rankOf(a);
+      const rb = rankOf(b);
+      if (ra !== rb) return ra - rb;
+      // Byte-wise compare on name to match Ruby's String#<=> behaviour.
+      if (a.name < b.name) return -1;
+      if (a.name > b.name) return 1;
+      return 0;
+    });
+    list.forEach((v, row) => { v.row = row; });
+  }
+
+  // 5. Final shape the template consumes: drop `changed`, fold it into kind.
+  return vertices.map(v => ({
+    index: v.index,
+    name: v.name,
+    row: v.row,
+    col: v.col,
+    kind: templateKindOf(v)
+  }));
+}
+
+// Escapes characters that have meaning inside a <script> block so user-derived
+// strings (e.g. a vertex file_path) can't break out of the surrounding tag.
+// `</` covers `</script>`; `<!--`/`-->` cover HTML comment confusion; U+2028
+// and U+2029 are valid JSON but illegal in JS string literals pre-ES2019 and
+// have historically been XSS sinks.
+const LS = String.fromCharCode(0x2028);
+const PS = String.fromCharCode(0x2029);
+function safeJson(obj) {
+  return JSON.stringify(obj)
+    .replace(/<\//g, '<\\/')
+    .replace(/<!--/g, '<\\!--')
+    .replace(/--(!?)>/g, '--$1\\>')
+    .split(LS).join('\\u2028')
+    .split(PS).join('\\u2029');
+}
+
+// Populates the trace template with the three JSON payloads the page needs.
+// Input shape matches the API's graph data: `vertices` carries `kind`,
+// `file_path`, `changed`; `edges` and `transitive_closure_matrix_sparse`
+// are arrays of integer tuples.
+export function renderGraphTraceHtml({ vertices, edges, transitiveClosureMatrixSparse }) {
+  const laidOutVertices = computeLayout(
+    vertices || [],
+    edges || [],
+    transitiveClosureMatrixSparse || []
+  );
+  const template = fs.readFileSync(TEMPLATE_PATH, 'utf8');
+  return template
+    .replace('__VERTICES_JSON__', safeJson(laidOutVertices))
+    .replace('__EDGES_JSON__', safeJson(edges || []))
+    .replace('__TRANSITIVE_CLOSURE_JSON__', safeJson(transitiveClosureMatrixSparse || []));
+}
diff --git a/packages/cli-command/src/graphTraceTemplate.html b/packages/cli-command/src/graphTraceTemplate.html
new file mode 100644
index 000000000..d7714ec2c
--- /dev/null
+++ b/packages/cli-command/src/graphTraceTemplate.html
@@ -0,0 +1,349 @@
+<!DOCTYPE html>
+<html>
+<head>
+    <meta charset="utf-8">
+    <title>Smartsnap Graph</title>
+    <link
+        rel="stylesheet"
+        href="https://cdn.jsdelivr.net/npm/drawflow@0.0.60/dist/drawflow.min.css"
+        integrity="sha384-IFh+Q6zh+LRcTjqVmAKetdGY59dT485vtvWT5DAKQy8iv5+fYWHXisHP7mFKcFqV"
+        crossorigin="anonymous">
+    <script
+        src="https://cdn.jsdelivr.net/npm/drawflow@0.0.60/dist/drawflow.min.js"
+        integrity="sha384-JsnM4f1X8b5e9VbQCj6Bt6840HQNDYVKohzbXJnqOetMno8i6cmKNLVkyK3snqSw"
+        crossorigin="anonymous"></script>
+    <style>
+        html, body {
+            margin: 0; padding: 0;
+            font-family: sans-serif; background: #fafafa;
+            width: 100%; height: 100%; overflow: hidden;
+        }
+        #drawflow {
+            position: fixed;
+            top: 0; left: 0; right: 0; bottom: 0;
+            background: #fafafa;
+        }
+        #legend {
+            position: fixed; top: 8px; right: 8px;
+            background: rgba(255,255,255,0.95);
+            padding: 8px 12px; border: 1px solid #999;
+            font-size: 12px; z-index: 100;
+        }
+        #legend span {
+            display: inline-block; width: 12px; height: 12px;
+            vertical-align: middle; margin-right: 4px; border: 1px solid #333;
+        }
+        #controls {
+            position: fixed; top: 8px; left: 8px;
+            background: rgba(255,255,255,0.95);
+            border: 1px solid #999; z-index: 100;
+            display: flex; gap: 2px;
+        }
+        #controls button {
+            border: 0; background: transparent;
+            padding: 6px 10px; cursor: pointer;
+            font-size: 14px; font-family: inherit;
+        }
+        #controls button:hover { background: #eee; }
+
+        .drawflow .drawflow-node {
+            width: max-content;
+            min-width: 0; max-width: none;
+            height: auto; min-height: 0;
+            padding: 8px 14px;
+            white-space: nowrap;
+            font-size: 12px;
+            font-family: ui-monospace, SFMono-Regular, Menlo, monospace;
+            background: #fff;
+            border: 2px solid #333;
+            border-radius: 4px;
+            cursor: pointer;
+            transition: opacity 150ms;
+        }
+        .drawflow .drawflow-node .drawflow_content_node {
+            width: max-content;
+            white-space: nowrap;
+        }
+        .drawflow .drawflow-node.package    { background: #d4e5f7; border-color: #2a6db5; }
+        .drawflow .drawflow-node.component  { background: #daf0c1; border-color: #4a8e1f; }
+        .drawflow .drawflow-node.story      { background: #fce4b6; border-color: #b07310; }
+        .drawflow .drawflow-node.is-relevant { background: #d9b3ff; border-color: #6f30b0; }
+
+        .drawflow .drawflow-node .input,
+        .drawflow .drawflow-node .output {
+            width: 10px !important;
+            height: 10px !important;
+            border-width: 1px !important;
+        }
+
+        .drawflow .connection,
+        .drawflow .connection *,
+        .drawflow svg.connection,
+        .drawflow svg.connection * { pointer-events: none !important; }
+
+        .drawflow .drawflow-node.is-dim { opacity: 0.25; }
+        .drawflow .connection.is-dim { visibility: hidden; }
+
+        .drawflow .drawflow-node.is-selected {
+            box-shadow: 0 0 0 3px #2a6db5, 0 2px 8px rgba(0,0,0,0.2);
+        }
+
+        .measure-node {
+            position: absolute;
+            top: -9999px; left: -9999px;
+            opacity: 0;
+            pointer-events: none;
+            white-space: nowrap;
+            padding: 8px 14px;
+            font-size: 12px;
+            font-family: ui-monospace, SFMono-Regular, Menlo, monospace;
+            border: 2px solid transparent;
+        }
+    </style>
+</head>
+<body>
+<div id="controls">
+    <button id="zoom-in" title="Zoom in">+</button>
+    <button id="zoom-out" title="Zoom out">-</button>
+    <button id="zoom-reset" title="Reset">reset</button>
+</div>
+<div id="legend">
+    <div><span style="background:#d4e5f7"></span>Package Dependency</div>
+    <div><span style="background:#daf0c1"></span>Component</div>
+    <div><span style="background:#fce4b6"></span>Story</div>
+    <div><span style="background:#d9b3ff"></span>Changed file</div>
+</div>
+<div id="drawflow"></div>
+<script type="module">
+// ---------------------------------------------------------------------------
+// Payload populated by the CLI before this template is written to disk.
+// Tokens are replaced by graphTrace.js via plain string substitution.
+//   vertices:                         [{ index, name, row, col, kind }, ...]
+//   edges:                            [[srcIndex, tgtIndex], ...]
+//   transitive_closure_matrix_sparse: [[srcIndex, tgtIndex, length], ...]
+// `kind` is one of: 'package' | 'component' | 'story' | 'is_relevant'.
+// ---------------------------------------------------------------------------
+const vertices = __VERTICES_JSON__;
+const edges = __EDGES_JSON__;
+const transitive_closure_matrix_sparse = __TRANSITIVE_CLOSURE_JSON__;
+const n = vertices.length;
+
+// ---------------------------------------------------------------------------
+// Width measurement: each node grows to fit its file path. We need the
+// rendered width (DOM-dependent) to lay out columns without overlap.
+// ---------------------------------------------------------------------------
+function measureWidth(text) {
+    const el = document.createElement('div');
+    el.className = 'measure-node';
+    el.textContent = text;
+    document.body.appendChild(el);
+    const w = el.offsetWidth;
+    el.remove();
+    return w;
+}
+
+// Drawflow adds port circles on each side (~25px) + border; pad generously.
+const PORT_PAD = 60;
+const nodeWidth = vertices.map(v => measureWidth(v.name) + PORT_PAD);
+
+// ---------------------------------------------------------------------------
+// Column X positions (cumulative by max width per column).
+// ---------------------------------------------------------------------------
+const PAD_X = 60, PAD_Y = 60, COL_GAP = 140, ROW_HEIGHT = 70;
+
+const colMaxWidth = {};
+for (let i = 0; i < n; i++) {
+    const c = vertices[i].col;
+    if (!colMaxWidth[c] || nodeWidth[i] > colMaxWidth[c]) colMaxWidth[c] = nodeWidth[i];
+}
+const sortedCols = Object.keys(colMaxWidth).map(Number).sort((a, b) => a - b);
+const colX = {};
+let cursor = PAD_X;
+for (const c of sortedCols) {
+    colX[c] = cursor;
+    cursor += colMaxWidth[c] + COL_GAP;
+}
+
+// ---------------------------------------------------------------------------
+// Boot Drawflow.
+// ---------------------------------------------------------------------------
+const container = document.getElementById('drawflow');
+const editor = new Drawflow(container);
+editor.reroute = false;
+editor.start();
+
+function escapeHtml(s) {
+    return String(s)
+        .replace(/&/g, '&amp;')
+        .replace(/</g, '&lt;')
+        .replace(/>/g, '&gt;')
+        .replace(/"/g, '&quot;')
+        .replace(/'/g, '&#39;');
+}
+
+// CSS classes per kind. `is_relevant` becomes `is-relevant` so it matches
+// the stylesheet rule.
+function cssClassFor(kind) {
+    if (kind === 'is_relevant') return 'is-relevant';
+    return kind;
+}
+
+// ---------------------------------------------------------------------------
+// Add nodes. row/col come from the server; pixel positions are computed
+// here using the measured widths so columns never overlap.
+// ---------------------------------------------------------------------------
+const nodeIds = new Array(n);
+for (let i = 0; i < n; i++) {
+    const v = vertices[i];
+    const id = editor.addNode(
+        'node',
+        1, 1,
+        colX[v.col],
+        PAD_Y + v.row * ROW_HEIGHT,
+        cssClassFor(v.kind),
+        { index: v.index, kind: v.kind, name: v.name },
+        escapeHtml(v.name),
+    );
+    nodeIds[i] = id;
+}
+
+// ---------------------------------------------------------------------------
+// Connections.
+// ---------------------------------------------------------------------------
+for (const e of edges) {
+    editor.addConnection(nodeIds[e[0]], nodeIds[e[1]], 'output_1', 'input_1');
+}
+
+editor.editor_mode = 'fixed';
+
+// ---------------------------------------------------------------------------
+// Arrowheads on connection paths.
+// ---------------------------------------------------------------------------
+const SVG_NS = 'http://www.w3.org/2000/svg';
+function addArrowhead(svg) {
+    if (svg.querySelector('marker')) return;
+    let defs = svg.querySelector('defs');
+    if (!defs) {
+        defs = document.createElementNS(SVG_NS, 'defs');
+        svg.insertBefore(defs, svg.firstChild);
+    }
+    const marker = document.createElementNS(SVG_NS, 'marker');
+    marker.setAttribute('id', 'arrowhead');
+    marker.setAttribute('viewBox', '0 0 10 10');
+    marker.setAttribute('refX', '9');
+    marker.setAttribute('refY', '5');
+    marker.setAttribute('markerWidth', '5');
+    marker.setAttribute('markerHeight', '5');
+    marker.setAttribute('orient', 'auto');
+    const tip = document.createElementNS(SVG_NS, 'path');
+    tip.setAttribute('d', 'M 0 0 L 10 5 L 0 10 z');
+    tip.setAttribute('fill', '#4ea9ff');
+    marker.appendChild(tip);
+    defs.appendChild(marker);
+    const path = svg.querySelector('path.main-path') || svg.querySelector('path');
+    if (path) path.setAttribute('marker-end', 'url(#arrowhead)');
+}
+container.querySelectorAll('svg.connection').forEach(addArrowhead);
+
+new MutationObserver((muts) => {
+    for (const m of muts) {
+        for (const node of m.addedNodes) {
+            if (node.nodeType !== 1) continue;
+            if (node.matches && node.matches('svg.connection')) addArrowhead(node);
+            if (node.querySelectorAll) {
+                node.querySelectorAll('svg.connection').forEach(addArrowhead);
+            }
+        }
+    }
+}).observe(container, { subtree: true, childList: true });
+
+// ---------------------------------------------------------------------------
+// Click-to-select with bidirectional reachability highlight.
+//
+// Reachability comes straight from transitive_closure_matrix_sparse: for a click
+// on vertex `start`, anything appearing as the target of a triple
+// (start, j, _) is reachable from `start`, and anything appearing as the
+// source of a triple (i, start, _) can reach `start`. No adjacency list —
+// we just iterate the triples each time. With small click counts and a
+// sparse matrix this is fast enough and avoids carrying redundant graph
+// state in the page.
+// ---------------------------------------------------------------------------
+const idxByDfId = new Map();
+for (let i = 0; i < n; i++) {
+    if (nodeIds[i] !== undefined) idxByDfId.set(nodeIds[i], i);
+}
+
+function connectedTo(start) {
+    const seen = new Set([start]);
+    for (const transitive_edge of transitive_closure_matrix_sparse) {
+        if (transitive_edge[0] === start) seen.add(transitive_edge[1]);
+        else if (transitive_edge[1] === start) seen.add(transitive_edge[0]);
+    }
+    return seen;
+}
+
+function parseEndpointIds(svg) {
+    let outId = null, inId = null;
+    for (const cls of svg.classList) {
+        if (cls.startsWith('node_out_node-')) outId = parseInt(cls.slice('node_out_node-'.length), 10);
+        else if (cls.startsWith('node_in_node-')) inId = parseInt(cls.slice('node_in_node-'.length), 10);
+    }
+    return { outId, inId };
+}
+
+let currentSelected = null;
+
+function clearSelection() {
+    container.querySelectorAll('.drawflow-node.is-dim, .drawflow-node.is-selected')
+        .forEach(el => el.classList.remove('is-dim', 'is-selected'));
+    container.querySelectorAll('svg.connection.is-dim')
+        .forEach(el => el.classList.remove('is-dim'));
+}
+
+function applySelection(startIdx) {
+    const connected = connectedTo(startIdx);
+
+    for (let i = 0; i < n; i++) {
+        const el = document.getElementById('node-' + nodeIds[i]);
+        if (!el) continue;
+        el.classList.toggle('is-dim', !connected.has(i));
+        el.classList.toggle('is-selected', i === startIdx);
+    }
+
+    container.querySelectorAll('svg.connection').forEach((svg) => {
+        const { outId, inId } = parseEndpointIds(svg);
+        const s = idxByDfId.get(outId);
+        const t = idxByDfId.get(inId);
+        const keep = (s !== undefined && t !== undefined
+                      && connected.has(s) && connected.has(t));
+        svg.classList.toggle('is-dim', !keep);
+    });
+}
+
+container.addEventListener('click', (evt) => {
+    const nodeEl = evt.target.closest('.drawflow-node');
+    if (!nodeEl) return;
+    const m = nodeEl.id.match(/^node-(\d+)$/);
+    if (!m) return;
+    const dfId = parseInt(m[1], 10);
+    const idx = idxByDfId.get(dfId);
+    if (idx === undefined) return;
+
+    if (currentSelected === idx) {
+        currentSelected = null;
+        clearSelection();
+    } else {
+        currentSelected = idx;
+        applySelection(idx);
+    }
+});
+
+// ---------------------------------------------------------------------------
+// Toolbar.
+// ---------------------------------------------------------------------------
+document.getElementById('zoom-in').onclick    = () => editor.zoom_in();
+document.getElementById('zoom-out').onclick   = () => editor.zoom_out();
+document.getElementById('zoom-reset').onclick = () => { editor.zoom_reset(); currentSelected = null; clearSelection(); };
+</script>
+</body>
+</html>
diff --git a/packages/cli-command/src/index.js b/packages/cli-command/src/index.js
index d84c18762..4efd6e002 100644
--- a/packages/cli-command/src/index.js
+++ b/packages/cli-command/src/index.js
@@ -1,5 +1,6 @@
 export { default, command, _resetShutdownForTest } from './command.js';
 export { legacyCommand, legacyFlags as flags } from './legacy.js';
+export { applySmartSnap, SmartSnapBailError } from './smartsnap.js';
 // export common packages to avoid dependency resolution issues
 export { default as PercyConfig } from '@percy/config';
 export { default as logger } from '@percy/logger';
diff --git a/packages/cli-command/src/lockfileDiff.js b/packages/cli-command/src/lockfileDiff.js
new file mode 100644
index 000000000..8b2430fec
--- /dev/null
+++ b/packages/cli-command/src/lockfileDiff.js
@@ -0,0 +1,141 @@
+import { createRequire } from 'module';
+import logger from '@percy/logger';
+
+// snyk-nodejs-lockfile-parser is a CommonJS optionalDependency. It requires
+// Node >=18 while the CLI supports Node >=14, so we defer the require to call
+// time — that way importing this module never throws on older Node versions
+// (or when the optional install was skipped for any other reason). Cached on
+// first successful load so the require only resolves once per process.
+const require = createRequire(import.meta.url);
+let _snykModule;
+function loadSnyk() {
+  if (_snykModule) return _snykModule;
+  try {
+    _snykModule = require('snyk-nodejs-lockfile-parser');
+    return _snykModule;
+  } catch (e) {
+    // Surface the underlying require failure so callers can distinguish
+    // "not installed" (engine mismatch / optional skip) from genuine parse
+    // failures that happen later inside buildDepTree.
+    const err = new Error(`snyk-nodejs-lockfile-parser is not available (requires Node >=18, or the optional install was skipped): ${e.message}`);
+    err.code = 'SNYK_LOCKFILE_PARSER_UNAVAILABLE';
+    throw err;
+  }
+}
+
+// Map the on-disk filename to snyk's LockfileType enum key. We can't resolve
+// the enum value at module-eval time because the snyk import is deferred, so
+// we look up the value inside diffLockfileDeps after loadSnyk() runs.
+const TYPE_KEY_BY_FILENAME = {
+  'package-lock.json': 'npm',
+  'yarn.lock': 'yarn',
+  'pnpm-lock.yaml': 'pnpm'
+};
+
+// Walk snyk's PkgTree (a recursive `{ name, version, dependencies: { ... } }`
+// structure) into a flat `Map<name, version>` of every resolved package.
+// We dedupe by name on first sight — multiple versions of the same package
+// in the tree get collapsed to the first one encountered, which is fine for
+// the diff because we only care about whether *something* about the package
+// changed between old and new.
+function flattenPkgTree(tree) {
+  const out = new Map();
+  const walk = node => {
+    if (!node?.dependencies) return;
+    for (const [name, child] of Object.entries(node.dependencies)) {
+      if (!out.has(name)) out.set(name, child.version);
+      walk(child);
+    }
+  };
+  walk(tree);
+  return out;
+}
+
+// Pull `{ name -> rangeString }` from a raw package.json's `dependencies`
+// and `peerDependencies` blocks. devDeps and optionalDeps are intentionally
+// excluded — only runtime-relevant top-level packages count. Returns {} on
+// parse failure so the diff falls through to lockfile-only signal.
+function topLevelDeps(packageJsonContents) {
+  try {
+    const pkg = JSON.parse(packageJsonContents);
+    return {
+      ...(pkg.dependencies || {}),
+      ...(pkg.peerDependencies || {})
+    };
+  } catch {
+    return {};
+  }
+}
+
+// Given the project's package.json plus the old and new lockfile contents,
+// return the set of package names that were added, removed, or version-bumped.
+// Results are restricted to packages declared at the top level (dependencies
+// or peerDependencies) of either old or new package.json — transitives ride
+// along on direct-dep bumps and the BE module graph already resolves them
+// from stats `imports[]`, so surfacing them here would just be noise.
+//
+// Two complementary diffs run, both gated by top-level names:
+//   1. Resolved-version diff over the snyk PkgTree — catches lockfile entries
+//      whose version actually changed.
+//   2. Range-string diff over package.json — catches the case where a user
+//      bumped `^5.8.3` to `^5.18.0` but the lockfile already resolved to
+//      5.18.0 under the old range, so the resolved tree looks identical.
+export async function diffLockfileDeps({ packageJson, oldPackageJson, oldLockfile, newLockfile, lockfileType }) {
+  const log = logger('storybook:smartsnap:lockfile');
+  const { buildDepTree, LockfileType } = loadSnyk();
+  const typeKey = TYPE_KEY_BY_FILENAME[lockfileType];
+  const type = typeKey && LockfileType[typeKey];
+  if (!type) {
+    throw new Error(`Unsupported lockfile type: ${lockfileType}`);
+  }
+
+  // The two buildDepTree calls are kept sequential (not Promise.all'd) so that
+  // when one of them throws the log message identifies *which* side failed —
+  // old vs. new lockfile parsing behave differently when the user's lockfile
+  // is in an unexpected state.
+  let oldTree;
+  try {
+    log.debug('buildDepTree: parsing OLD lockfile...');
+    oldTree = await buildDepTree(oldPackageJson, oldLockfile, true, type);
+    log.debug('buildDepTree: OLD lockfile parsed successfully');
+  } catch (e) {
+    log.warn(`buildDepTree: OLD lockfile failed to parse: ${e.message}`);
+    throw e;
+  }
+
+  let newTree;
+  try {
+    log.debug('buildDepTree: parsing NEW lockfile...');
+    newTree = await buildDepTree(packageJson, newLockfile, true, type);
+    log.debug('buildDepTree: NEW lockfile parsed successfully');
+  } catch (e) {
+    log.warn(`buildDepTree: NEW lockfile failed to parse: ${e.message}`);
+    throw e;
+  }
+
+  const oldPkgs = flattenPkgTree(oldTree);
+  const newPkgs = flattenPkgTree(newTree);
+
+  const oldTopLevel = topLevelDeps(oldPackageJson);
+  const newTopLevel = topLevelDeps(packageJson);
+  const topLevelNames = new Set([...Object.keys(oldTopLevel), ...Object.keys(newTopLevel)]);
+
+  const affected = new Set();
+  for (const [name, version] of newPkgs) {
+    if (!topLevelNames.has(name)) continue;
+    if (!oldPkgs.has(name) || oldPkgs.get(name) !== version) affected.add(name);
+  }
+  for (const [name] of oldPkgs) {
+    if (!topLevelNames.has(name)) continue;
+    if (!newPkgs.has(name)) affected.add(name);
+  }
+
+  // Range-string diff is inherently top-level since it iterates package.json
+  // directly. `!==` between the strings (or undefined) covers added, removed,
+  // and changed in a single comparison.
+  for (const name of topLevelNames) {
+    if (oldTopLevel[name] !== newTopLevel[name]) affected.add(name);
+  }
+
+  return [...affected];
+}
diff --git a/packages/cli-command/src/smartsnap.js b/packages/cli-command/src/smartsnap.js
new file mode 100644
index 000000000..f2de3ac84
--- /dev/null
+++ b/packages/cli-command/src/smartsnap.js
@@ -0,0 +1,469 @@
+import fs from 'fs';
+import path from 'path';
+import { spawnSync } from 'child_process';
+import { createRequire } from 'module';
+import globToRegExp from 'glob-to-regexp';
+import logger from '@percy/logger';
+import { diffLockfileDeps } from './lockfileDiff.js';
+import { renderGraphTraceHtml } from './graphTrace.js';
+
+// stream-json is CommonJS — load via createRequire to avoid named-import interop issues.
+const require = createRequire(import.meta.url);
+const { parser } = require('stream-json');
+const { pick } = require('stream-json/filters/Pick');
+const { streamArray } = require('stream-json/streamers/StreamArray');
+const { streamValues } = require('stream-json/streamers/StreamValues');
+
+// Webpack/Vite stats prefix loader-resolved virtual modules with a NUL byte
+// (e.g. "\u0000/path/to/file?commonjs-es-import"). Strip it so the path lines
+// up with the absolute paths in our file index. Built via String.fromCharCode
+// to avoid embedding a control char in source / tripping no-control-regex.
+const NULL_CHAR = String.fromCharCode(0);
+const stripNull = s => (typeof s === 'string' ? s.replaceAll(NULL_CHAR, '') : s);
+
+// Status poll cadence: 12 attempts × 5s = 1 minute total.
+const POLL_INTERVAL_MS = 5000;
+const POLL_ATTEMPTS = 12;
+
+const GLOB_CHARS = /[*?]/;
+const MAX_PATTERN_LENGTH = 500;
+
+function patternToRegex(pattern) {
+  if (typeof pattern !== 'string' || pattern.length > MAX_PATTERN_LENGTH) {
+    throw new Error('Invalid pattern: must be a string with max length of 500 characters');
+  }
+  return globToRegExp(pattern, { extended: true, globstar: true });
+}
+
+function matchesPattern(str, pattern) {
+  if (GLOB_CHARS.test(pattern)) {
+    try {
+      return patternToRegex(pattern).test(str);
+    } catch {
+      return false;
+    }
+  }
+  return str === pattern;
+}
+
+// Thrown from any pipeline step that wants to fall back to the full snapshot
+// set. The caller in snapshots.js downgrades these to log.info — they're
+// expected, user-visible bail conditions, not crashes.
+export class SmartSnapBailError extends Error {
+  constructor(message) {
+    super(message);
+    this.name = 'SmartSnapBailError';
+  }
+}
+
+function git(args) {
+  const res = spawnSync('git', args, { encoding: 'utf8' });
+  if (res.status !== 0) {
+    throw new Error(`git ${args.join(' ')} failed: ${res.stderr || res.stdout || `exit ${res.status}`}`);
+  }
+  return res.stdout;
+}
+
+// baseRef flows into `git` argv from either user config (`baseline`) or the
+// API. Reject anything that could be parsed as an option (leading `-`) or
+// contains chars outside the safe ref alphabet — git also accepts `--` as an
+// end-of-options separator in `git diff`, but not before the rev in
+// `git show <rev>:<path>`, so validation is the only universal guard.
+function assertSafeRef(ref) {
+  if (typeof ref !== 'string' || !/^[A-Za-z0-9_./][A-Za-z0-9_./-]*$/.test(ref)) {
+    throw new SmartSnapBailError(`SmartSnap: unsafe baseline ref "${ref}"; running full snapshot set`);
+  }
+}
+
+function gitDiffNames(ref) {
+  assertSafeRef(ref);
+  return git(['diff', '--name-only', ref, 'HEAD', '--']).split('\n').filter(Boolean);
+}
+
+function gitProjectRoot() {
+  return git(['rev-parse', '--show-toplevel']).trim();
+}
+
+// Paths under these directories are dependencies / framework wiring rather
+// than first-party source, so we don't track them in the file index.
+const EXCLUDED_DIRS = new Set(['node_modules', '.storybook']);
+const isExcluded = relPath => relPath.split(/[/\\]/).some(seg => EXCLUDED_DIRS.has(seg));
+
+// Resolve+index used for `id` and `resolvedFrom` only. Converts absolute paths
+// to projectRoot-relative form, then either returns the existing index for that
+// path or assigns the next one (= current map size). Paths inside node_modules
+// or .storybook are returned as the relative string and *not* indexed; modules
+// whose id falls into that bucket are dropped downstream by the
+// "id is string → drop" contract in transformModule.
+function resolveAndIndex(value, fileIndex, projectRoot) {
+  const clean = stripNull(value);
+  if (!path.isAbsolute(clean)) return clean;
+  const rel = path.relative(projectRoot, clean);
+  if (isExcluded(rel)) return rel;
+  let idx = fileIndex.get(rel);
+  if (idx === undefined) {
+    idx = fileIndex.size;
+    fileIndex.set(rel, idx);
+  }
+  return idx;
+}
+
+// Transform a stats `modules[]` entry into the indexed shape the SmartSnap graph expects.
+// Returns null when the module's id is a string — those entries are dropped (per BE contract).
+// Each `imports[i]` / `passThroughExports[i]` carries `{ type, source }` from the
+// bundler-plugin: for `type === 'src'` we translate the absolute file path to its
+// project-file index when possible; for `type === 'module'` the source is already
+// the bare package name, so we leave it alone.
+function transformModule(m, fileIndex, projectRoot) {
+  const out = {};
+  if (m.id != null) out.id = resolveAndIndex(m.id, fileIndex, projectRoot);
+  if (typeof out.id === 'string') return null;
+
+  const mapEntry = (e) => {
+    const copy = { ...e };
+    if (copy.type === 'src' && typeof copy.source === 'string') {
+      copy.source = resolveAndIndex(copy.source, fileIndex, projectRoot);
+    }
+    return copy;
+  };
+
+  if (Array.isArray(m.imports)) out.imports = m.imports.map(mapEntry);
+  if (Array.isArray(m.passThroughExports)) out.passThroughExports = m.passThroughExports.map(mapEntry);
+  if (Array.isArray(m.nonPassThroughExports)) out.nonPassThroughExports = m.nonPassThroughExports;
+
+  return out;
+}
+
+function streamModules(filePath, onModule) {
+  return new Promise((resolve, reject) => {
+    fs.createReadStream(filePath)
+      .pipe(parser())
+      .pipe(pick({ filter: 'modules' }))
+      .pipe(streamArray())
+      .on('data', ({ value }) => onModule(value))
+      .on('end', resolve)
+      .on('error', reject);
+  });
+}
+
+function readTopLevelKey(filePath, key) {
+  return new Promise((resolve, reject) => {
+    let value;
+    fs.createReadStream(filePath)
+      .pipe(parser())
+      .pipe(pick({ filter: key }))
+      .pipe(streamValues())
+      .on('data', ({ value: v }) => { value = v; })
+      .on('end', () => resolve(value))
+      .on('error', reject);
+  });
+}
+
+async function readStats(statsFile, projectRoot) {
+  const fileIndex = new Map();
+  const modules = [];
+  await streamModules(statsFile, (m) => {
+    const t = transformModule(m, fileIndex, projectRoot);
+    if (t) modules.push(t);
+  });
+
+  // Emit `files` ordered by encounter-time index so files[N] corresponds to
+  // every module/source ref that was assigned index N during streaming.
+  const files = [...fileIndex.entries()]
+    .sort((a, b) => a[1] - b[1])
+    .map(([p]) => p);
+
+  // The bundler-plugin-smartsnap emits a unique buildId per storybook build
+  // so concurrent runs against the same project don't share Redis state.
+  const buildId = await readTopLevelKey(statsFile, 'buildId');
+  return { files, modules, buildId };
+}
+
+// Polls `job_status?sync=true&type=smartsnap_graph&id=<buildId>` — the sync
+// response blocks server-side until the job moves off `in_progress`, but the
+// API enforces a shorter timeout than the job can take, so we retry up to
+// POLL_ATTEMPTS times. On `done` the response also carries the graph payload
+// (affected stories + vertices/edges/transitive closure for trace
+// rendering), so the caller reads it directly without a second fetch.
+//
+// Response shape is the unwrapped `{ status, data }` — the smartsnap_graph
+// status response no longer keys the result by buildId.
+async function pollGraphStatus(percy, buildId, log) {
+  for (let i = 0; i < POLL_ATTEMPTS; i++) {
+    const res = await percy.client.getStatus('smartsnap_graph', [buildId]);
+    const status = res?.status;
+    log.debug(`SmartSnap: graph status (attempt ${i + 1}) = ${status}`);
+    if (status === 'done' || status === 'failure') return { status, data: res?.data };
+    if (i < POLL_ATTEMPTS - 1) await new Promise(r => setTimeout(r, POLL_INTERVAL_MS));
+  }
+  return { status: null };
+}
+
+// Given the mapped snapshots and storybook.smartSnap config, returns the subset of snapshots
+// that the SmartSnap graph reports as affected. On any recoverable failure, returns the input
+// list unchanged so the build runs as a full snapshot pass.
+export async function applySmartSnap(percy, snapshots, smartSnapConfig, buildDir) {
+  const log = logger('storybook:smartsnap');
+  const { baseline, untraced, trace, bailOnChanges, statsFile } = smartSnapConfig || {};
+
+  if (!buildDir) {
+    throw new SmartSnapBailError('SmartSnap requires the Storybook build directory (e.g. `percy storybook ./storybook-static`); URL and `start` modes are not supported. Running full snapshot set');
+  }
+
+  // Treat statsFile as a flat filename anchored inside the build directory.
+  // path.basename() strips any traversal segments so the resolved path can't
+  // escape buildDir even if the config is hostile.
+  const statsName = path.basename(statsFile || 'enriched-stats.json');
+  if (!/^[\w.-]+\.json$/i.test(statsName)) {
+    throw new SmartSnapBailError(`SmartSnap: invalid statsFile "${statsName}" — must be a .json filename; running full snapshot set`);
+  }
+  const resolvedStatsPath = path.join(path.resolve(buildDir), statsName);
+  let statsStat;
+  try {
+    statsStat = fs.statSync(resolvedStatsPath);
+  } catch {
+    throw new SmartSnapBailError(`SmartSnap: stats file "${statsName}" not found in build directory ${buildDir}; running full snapshot set`);
+  }
+  if (!statsStat.isFile()) {
+    throw new SmartSnapBailError(`SmartSnap: stats file "${statsName}" in ${buildDir} is not a regular file; running full snapshot set`);
+  }
+
+  // New API shape: `{ base_build_commit_sha, snapshots: { <name>: <review_state> } }`.
+  // The single base-build commit replaces the previous per-snapshot commit map —
+  // baseline prediction now happens server-side via `Percy::BaseBuildService`,
+  // so we just diff against whatever commit it picked. The set of snapshot
+  // names is no longer sent; the API resolves baselines from the project +
+  // git/PR context alone.
+  const baseLookup = await percy.client.getSmartsnapSnapshotNameToCommit();
+  log.debug(`SmartSnap: base lookup ${JSON.stringify(baseLookup)}`);
+
+  let affectedNodes;
+  let baseRef;
+
+  if (baseline) {
+    log.debug(`SmartSnap: diffing against explicit baseline "${baseline}"`);
+    baseRef = baseline;
+  } else if (baseLookup?.base_build_commit_sha) {
+    log.debug(`SmartSnap: diffing against predicted base build commit "${baseLookup.base_build_commit_sha}"`);
+    baseRef = baseLookup.base_build_commit_sha;
+  } else {
+    throw new SmartSnapBailError('SmartSnap: API could not predict a base build commit and no explicit baseline was set; running full snapshot set');
+  }
+  assertSafeRef(baseRef);
+  affectedNodes = gitDiffNames(baseRef);
+
+  // HEAD already matches the base build commit (or the diff is otherwise
+  // empty) — there's nothing for the dep graph to map. Bail to a full set.
+  if (affectedNodes.length === 0) {
+    throw new SmartSnapBailError('SmartSnap: no files changed between HEAD and base build commit; running full snapshot set');
+  }
+
+  // A change to anything under `.storybook/` (preview config, addons, manager
+  // wiring) can affect every story's render, so the dep graph isn't enough.
+  const dotStorybookHit = affectedNodes.find(p => p.split(/[/\\]/).includes('.storybook'));
+  if (dotStorybookHit) {
+    throw new SmartSnapBailError(`SmartSnap: change to "${dotStorybookHit}" inside .storybook affects all stories; running full snapshot set`);
+  }
+
+  // Manifest/lockfile changes can shift the dependency tree, so resolve the
+  // diff at the package level via snyk-nodejs-lockfile-parser and feed the
+  // changed package names back into the graph. Short-circuits below fall
+  // back to a full snapshot whenever we can't reason about the change.
+  const MANIFEST_PATHS = new Set(['package.json', 'package-lock.json', 'yarn.lock', 'pnpm-lock.yaml']);
+  const manifestHits = affectedNodes.filter(p => MANIFEST_PATHS.has(path.basename(p)));
+  const projectRoot = gitProjectRoot();
+
+  if (manifestHits.length > 0) {
+    // Locate the changed manifest's directory from affectedNodes (NOT the git
+    // root) — monorepos keep package.json + lockfile inside a workspace dir.
+    // If two changes land in different dirs, we'd need per-workspace resolution
+    // we don't try to do yet, so bail.
+    const uniqueDirs = [...new Set(manifestHits.map(p => path.dirname(p)))];
+    if (uniqueDirs.length > 1) {
+      throw new SmartSnapBailError(`SmartSnap: manifest changes span multiple directories (${uniqueDirs.join(', ')}); running full snapshot set`);
+    }
+    const manifestDir = uniqueDirs[0]; // repo-relative; '.' for root
+    const absManifestDir = path.resolve(projectRoot, manifestDir);
+
+    // Pick the lockfile that lives next to the changed manifest. If two
+    // coexist (e.g. a stray package-lock.json next to yarn.lock) we can't
+    // pick a canonical source, so bail.
+    const LOCKFILE_NAMES = ['package-lock.json', 'yarn.lock', 'pnpm-lock.yaml'];
+    const presentLockfiles = LOCKFILE_NAMES.filter(n => fs.existsSync(path.join(absManifestDir, n)));
+    if (presentLockfiles.length === 0) {
+      throw new SmartSnapBailError(`SmartSnap: manifest changed in "${manifestDir}" but no lockfile present there; running full snapshot set`);
+    }
+    if (presentLockfiles.length > 1) {
+      throw new SmartSnapBailError(`SmartSnap: multiple lockfiles in "${manifestDir}" (${presentLockfiles.join(', ')}); cannot pick canonical; running full snapshot set`);
+    }
+    const lockfileName = presentLockfiles[0];
+    // git always uses forward slashes for its <rev>:<path> spec; build it by
+    // hand instead of path.join (which would use backslashes on Windows).
+    const lockfileRepoPath = manifestDir === '.' ? lockfileName : `${manifestDir}/${lockfileName}`;
+
+    // Resolve the lockfile at the base commit. If it wasn't tracked there
+    // (first SmartSnap run, lockfile renamed, etc.) we can't diff, so bail.
+    let oldLockfile;
+    try {
+      oldLockfile = git(['show', `${baseRef}:${lockfileRepoPath}`]);
+    } catch {
+      throw new SmartSnapBailError(`SmartSnap: lockfile "${lockfileRepoPath}" not present at base ref ${baseRef}; running full snapshot set`);
+    }
+
+    const newLockfile = fs.readFileSync(path.join(absManifestDir, lockfileName), 'utf8');
+
+    if (oldLockfile !== newLockfile) {
+      // Lockfile actually shifted — invoke the diff. If byte-identical, only
+      // package.json's non-dep fields changed and we fall through unchanged.
+      const packageJson = fs.readFileSync(path.join(absManifestDir, 'package.json'), 'utf8');
+      const packageJsonRepoPath = manifestDir === '.' ? 'package.json' : `${manifestDir}/package.json`;
+      const oldPackageJson = git(['show', `${baseRef}:${packageJsonRepoPath}`]);
+      try {
+        const packageAffected = await diffLockfileDeps({
+          packageJson,
+          oldLockfile,
+          newLockfile,
+          lockfileType: lockfileName,
+          oldPackageJson
+        });
+        log.debug(`SmartSnap: lockfile diff produced ${packageAffected.length} affected packages: ${packageAffected.join(', ')}`);
+      } catch (e) {
+        // snyk-nodejs-lockfile-parser is an optionalDependency (requires Node >=18).
+        // When it's missing we can't reason about the manifest change, so we
+        // conservatively bail to a full snapshot rather than under-snapshotting.
+        if (e.code === 'SNYK_LOCKFILE_PARSER_UNAVAILABLE') {
+          throw new SmartSnapBailError(`SmartSnap: ${e.message}; running full snapshot set`);
+        }
+        throw e;
+      }
+    }
+  }
+
+  if (untraced?.length) {
+    affectedNodes = affectedNodes.filter(p => !untraced.some(g => matchesPattern(p, g)));
+  }
+
+  if (bailOnChanges?.length) {
+    const bailed = affectedNodes.find(p => bailOnChanges.some(g => matchesPattern(p, g)));
+    if (bailed) {
+      throw new SmartSnapBailError(`SmartSnap: change to "${bailed}" matched bailOnChanges; running full snapshot set`);
+    }
+  }
+
+  log.debug(`SmartSnap: parsing stats file ${resolvedStatsPath}`);
+  const { files, modules, buildId } = await readStats(resolvedStatsPath, projectRoot);
+
+  if (typeof buildId !== 'string' || !buildId) {
+    throw new SmartSnapBailError(`SmartSnap: stats file at ${resolvedStatsPath} is missing a top-level "buildId" — running full snapshot set`);
+  }
+
+  // Storybook's `entries[id].importPath` (and v6 `parameters.fileName`)
+  // is resolved relative to the directory percy was invoked from — for a
+  // monorepo storybook that's typically the package dir (e.g.
+  // `frontend/packages/design-stack`), not the git root. Example:
+  // `./modules/AgentCard/AgentCard.stories.tsx`.
+  //
+  // `affectedNodes` from `git diff --name-only` and the `files` array
+  // built by the stats compactor are both project-root-relative
+  // (e.g. `packages/design-stack/modules/AgentCard/AgentCard.stories.tsx`).
+  // Project them into the same frame so the BE matches importPath against
+  // affectedNodes without a cross-frame translation.
+  const dotPosix = './';
+  const dotPlatform = `.${path.sep}`;
+  const invocationDir = process.cwd();
+  const normalizeImportPath = p => {
+    if (typeof p !== 'string' || !p) return p;
+    let rel = p;
+    if (rel.startsWith(dotPlatform)) rel = rel.slice(dotPlatform.length);
+    else if (rel.startsWith(dotPosix)) rel = rel.slice(dotPosix.length);
+    // If the importPath happens to be absolute (older Storybook configs),
+    // path.resolve treats it as the target directly; otherwise it's joined
+    // against `invocationDir`. Then re-base against the git project root.
+    const abs = path.resolve(invocationDir, rel);
+    const projRel = path.relative(projectRoot, abs);
+    // path.relative('','') → '' and `path.relative` produces backslashes
+    // on Windows; the stats `files` array uses the same — leave platform
+    // sep alone so the two stay byte-identical for the BE match.
+    return projRel || rel;
+  };
+
+  const storybookPaths = [...new Set(snapshots.map(s => normalizeImportPath(s.importPath)).filter(Boolean))];
+  const snapshotsWithImportPath = snapshots.filter(s => s.importPath).length;
+  log.debug(`SmartSnap: ${snapshotsWithImportPath}/${snapshots.length} snapshots have importPath; ${storybookPaths.length} unique storybookPaths`);
+  if (storybookPaths.length === 0) {
+    log.warn(`SmartSnap: no snapshots have importPath set — check Storybook story extraction. Sample snapshot: ${JSON.stringify({
+      id: snapshots[0]?.id, name: snapshots[0]?.name, importPath: snapshots[0]?.importPath, keys: snapshots[0] ? Object.keys(snapshots[0]) : []
+    })}`);
+  } else {
+    log.debug(`SmartSnap: storybookPaths sample: ${storybookPaths.slice(0, 3).join(', ')}`);
+  }
+
+  log.debug(`SmartSnap: starting graph generation job ${JSON.stringify({ buildId, files, modules, storybookPaths, affectedNodes })}`);
+  await percy.client.generateSmartsnapGraph(buildId, {
+    files, modules, storybookPaths, affectedNodes
+  });
+
+  const { status, data } = await pollGraphStatus(percy, buildId, log);
+  if (status !== 'done') {
+    throw new SmartSnapBailError(`SmartSnap: graph generation did not complete (status: ${status ?? 'timed out'}); running full snapshot set`);
+  }
+
+  // The sync status response carries the graph payload directly on completion,
+  // so there's no second fetch — `data` here is the same response body that
+  // used to come from `getSmartsnapGraphData`.
+
+  log.debug(`SmartSnap: affected stories result ${JSON.stringify(data?.affected_stories)}`);
+
+  // Trace rendering moved client-side: the API now returns the raw graph
+  // (vertices, edges, transitive-closure triples) and we populate the
+  // bundled HTML template here. Anything missing means the BE couldn't
+  // produce a graph — skip silently rather than write a broken page.
+  if (trace && data?.vertices && data?.edges && data?.transitive_closure_matrix_sparse) {
+    const tracePath = path.resolve(process.cwd(), 'trace.html');
+    try {
+      const html = renderGraphTraceHtml({
+        vertices: data.vertices,
+        edges: data.edges,
+        transitiveClosureMatrixSparse: data.transitive_closure_matrix_sparse
+      });
+      fs.writeFileSync(tracePath, html);
+      log.info(`SmartSnap: trace written to ${tracePath}`);
+    } catch (e) {
+      log.warn(`SmartSnap: failed to write trace.html: ${e.message}`);
+    }
+  }
+
+  const affected = new Set(data?.affected_stories || []);
+
+  // Snapshots whose baseline review_state is `failed` or `rejected` have no
+  // usable baseline image to diff against, and snapshots that don't appear
+  // in the base build at all are brand-new (no baseline exists yet). In
+  // both cases SmartSnap can't legitimately skip them — re-snapshot
+  // unconditionally regardless of what the affected-graph reports.
+  const baselineSnapshots = baseLookup?.snapshots || {};
+  const FORCE_RESNAPSHOT_STATES = new Set(['failed', 'rejected']);
+  const needsBaselineRefresh = name => {
+    if (baseline) return false;
+    const state = baselineSnapshots[name];
+    return state === undefined || FORCE_RESNAPSHOT_STATES.has(state);
+  };
+
+  // Use the same normalization on lookup so a snapshot's `./src/...` matches
+  // an affected-stories `src/...` from the API.
+  let forced = 0;
+  let affectedKept = 0;
+  const filtered = snapshots.filter(s => {
+    if (needsBaselineRefresh(s.name)) {
+      forced += 1;
+      return true;
+    }
+    const p = normalizeImportPath(s.importPath);
+    if (p && affected.has(p)) {
+      affectedKept += 1;
+      return true;
+    }
+    return false;
+  });
+  log.info(`SmartSnap: ${filtered.length} of ${snapshots.length} snapshots kept (${affectedKept} via affected-graph, ${forced} via missing/failed/rejected baseline)`);
+  return filtered;
+}
diff --git a/packages/client/src/client.js b/packages/client/src/client.js
index 452c60e93..43b21614d 100644
--- a/packages/client/src/client.js
+++ b/packages/client/src/client.js
@@ -413,12 +413,62 @@ export class PercyClient {
   }
 
   // Retrieves snapshot/comparison data by id. Requires a read access token.
+  // For `smartsnap_graph`, the API blocks (sync=true) until the graph job
+  // finishes and returns the graph payload directly in the response — there
+  // is no separate "data" endpoint to fetch after polling.
   async getStatus(type, ids) {
-    if (!['snapshot', 'comparison'].includes(type)) throw new Error('Invalid type passed');
+    if (!['snapshot', 'comparison', 'smartsnap_graph'].includes(type)) throw new Error('Invalid type passed');
     this.log.debug(`Getting ${type} status for ids ${ids}`);
     return this.get(`job_status?sync=true&type=${type}&id=${ids.join()}`);
   }
 
+  // SmartSnap endpoints authenticate against the project attached to the
+  // current Percy token (via the Authorization header). `generate-graph`
+  // takes a `build_id` (sourced from the bundler-emitted stats file) so
+  // multiple concurrent storybook builds for the same project don't share
+  // Redis state. `snapshot-name-to-commit` is project-scoped only.
+  // Graph status is polled through the shared `getStatus()` helper with
+  // type `smartsnap_graph` — the sync response returns the graph payload
+  // directly on completion.
+
+  async getSmartsnapSnapshotNameToCommit() {
+    this.log.debug('Smartsnap: looking up baselines...');
+    const qs = new URLSearchParams();
+
+    // Same git/PR context `createBuild` sends — the API uses these to predict
+    // the base build that *would* be selected if we called createBuild now,
+    // without actually creating one. Any missing field means the API falls
+    // back through the same strategy chain it would on real build creation.
+    if (this.env.git?.branch) qs.append('branch', this.env.git.branch);
+    if (this.env.target?.branch) qs.append('target_branch', this.env.target.branch);
+    if (this.env.git?.sha) qs.append('commit_sha', this.env.git.sha);
+    if (this.env.target?.commit) qs.append('target_commit_sha', this.env.target.commit);
+    if (this.env.pullRequest != null) qs.append('pull_request_number', String(this.env.pullRequest));
+    if (this.env.partial) qs.append('partial', 'true');
+
+    const query = qs.toString();
+    return this.get(
+      query ? `smartsnap/snapshot-name-to-commit?${query}` : 'smartsnap/snapshot-name-to-commit',
+      { identifier: 'smartsnap.snapshot_name_to_commit' }
+    );
+  }
+
+  async generateSmartsnapGraph(buildId, {
+    files,
+    modules,
+    storybookPaths,
+    affectedNodes
+  } = {}) {
+    this.log.debug(`Smartsnap: enqueueing graph build for build ${buildId}...`);
+    return this.post('smartsnap/generate-graph', {
+      build_id: buildId,
+      files,
+      modules,
+      storybook_paths: storybookPaths,
+      affected_nodes: affectedNodes
+    }, { identifier: 'smartsnap.generate_graph' });
+  }
+
   // Returns device details enabled on project associated with given token
   async getDeviceDetails(buildId) {
     try {
diff --git a/packages/client/test/client.test.js b/packages/client/test/client.test.js
index 6227423ae..018050971 100644
--- a/packages/client/test/client.test.js
+++ b/packages/client/test/client.test.js
@@ -811,6 +811,125 @@ describe('PercyClient', () => {
       await expectAsync(client.getStatus('comparison', [3, 4])).toBeResolvedTo({ data: '<<status-data-comparison>>' });
       await expectAsync(client.getStatus('comparison', [5])).toBeResolvedTo({ data: '<<status-data-comparison-2>>' });
     });
+
+    it('gets smartsnap_graph status (sync response carries graph payload on completion)', async () => {
+      const path = '/job_status?sync=true&type=smartsnap_graph&id=build-1';
+      const body = {
+        status: 'done',
+        data: {
+          affected_stories: ['src/Foo.stories.tsx'],
+          vertices: [{ kind: 'story', file_path: 'src/Foo.stories.tsx', changed: true }],
+          edges: [],
+          transitive_closure_matrix_sparse: []
+        }
+      };
+      api.reply(path, () => [200, body]);
+
+      await expectAsync(client.getStatus('smartsnap_graph', ['build-1'])).toBeResolvedTo(body);
+      expect(api.requests[path][0].method).toBe('GET');
+    });
+  });
+
+  describe('#getSmartsnapSnapshotNameToCommit()', () => {
+    const stubEnv = (overrides = {}) => {
+      Object.defineProperty(client.env, 'git', { value: overrides.git ?? {}, configurable: true });
+      Object.defineProperty(client.env, 'target', { value: overrides.target ?? {}, configurable: true });
+      Object.defineProperty(client.env, 'pullRequest', { value: overrides.pullRequest ?? null, configurable: true });
+      Object.defineProperty(client.env, 'partial', { value: overrides.partial ?? false, configurable: true });
+    };
+
+    beforeEach(() => stubEnv());
+
+    it('issues a GET with no query params when env is empty', async () => {
+      const path = '/smartsnap/snapshot-name-to-commit';
+      api.reply(path, () => [200, { data: { foo: 'sha-foo' } }]);
+
+      await expectAsync(
+        client.getSmartsnapSnapshotNameToCommit()
+      ).toBeResolvedTo({ data: { foo: 'sha-foo' } });
+
+      expect(api.requests[path]).toBeDefined();
+      expect(api.requests[path][0].method).toBe('GET');
+    });
+
+    it('appends git/target/PR/partial context when present in env', async () => {
+      stubEnv({
+        git: { branch: 'feature/x', sha: 'commit-sha-1' },
+        target: { branch: 'main', commit: 'commit-sha-2' },
+        pullRequest: 42,
+        partial: true
+      });
+
+      const expectedPath = '/smartsnap/snapshot-name-to-commit?' + [
+        'branch=feature%2Fx',
+        'target_branch=main',
+        'commit_sha=commit-sha-1',
+        'target_commit_sha=commit-sha-2',
+        'pull_request_number=42',
+        'partial=true'
+      ].join('&');
+
+      api.reply(expectedPath, () => [200, { data: { a: 'sha-a' } }]);
+
+      await expectAsync(
+        client.getSmartsnapSnapshotNameToCommit()
+      ).toBeResolvedTo({ data: { a: 'sha-a' } });
+
+      expect(api.requests[expectedPath]).toBeDefined();
+      expect(api.requests[expectedPath][0].method).toBe('GET');
+    });
+
+    it('includes pull_request_number=0 when env.pullRequest is 0 (not null)', async () => {
+      stubEnv({ pullRequest: 0 });
+
+      const expectedPath = '/smartsnap/snapshot-name-to-commit?pull_request_number=0';
+      api.reply(expectedPath, () => [200, { data: {} }]);
+
+      await expectAsync(
+        client.getSmartsnapSnapshotNameToCommit()
+      ).toBeResolvedTo({ data: {} });
+
+      expect(api.requests[expectedPath]).toBeDefined();
+    });
+  });
+
+  describe('#generateSmartsnapGraph()', () => {
+    it('POSTs build_id and graph payload to smartsnap/generate-graph', async () => {
+      api.reply('/smartsnap/generate-graph', () => [202, { status: 'queued' }]);
+
+      await expectAsync(client.generateSmartsnapGraph('build-1', {
+        files: ['a.js', 'b.js'],
+        modules: [{ id: 1, name: 'mod' }],
+        storybookPaths: ['stories/a.js'],
+        affectedNodes: ['node-1']
+      })).toBeResolvedTo({ status: 'queued' });
+
+      expect(api.requests['/smartsnap/generate-graph']).toBeDefined();
+      expect(api.requests['/smartsnap/generate-graph'][0].method).toBe('POST');
+      expect(api.requests['/smartsnap/generate-graph'][0].body).toEqual({
+        build_id: 'build-1',
+        files: ['a.js', 'b.js'],
+        modules: [{ id: 1, name: 'mod' }],
+        storybook_paths: ['stories/a.js'],
+        affected_nodes: ['node-1']
+      });
+    });
+
+    it('sends undefined fields when called without payload', async () => {
+      api.reply('/smartsnap/generate-graph', () => [202, { status: 'queued' }]);
+
+      await expectAsync(client.generateSmartsnapGraph('build-2')).toBeResolvedTo({ status: 'queued' });
+
+      // JSON.stringify drops undefined values, so only build_id should remain in body
+      expect(api.requests['/smartsnap/generate-graph'][0].body).toEqual({ build_id: 'build-2' });
+    });
+
+    it('rejects when API returns an error', async () => {
+      api.reply('/smartsnap/generate-graph', () => [500, { error: 'boom' }]);
+
+      await expectAsync(client.generateSmartsnapGraph('build-3', {}))
+        .toBeRejected();
+    });
   });
 
   describe('#getDeviceDetails()', () => {
diff --git a/yarn.lock b/yarn.lock
index 11f9cb4f7..38d71d367 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -10,6 +10,13 @@
     "@jridgewell/gen-mapping" "^0.3.5"
     "@jridgewell/trace-mapping" "^0.3.24"
 
+"@arcanis/slice-ansi@^1.1.1":
+  version "1.1.1"
+  resolved "https://registry.yarnpkg.com/@arcanis/slice-ansi/-/slice-ansi-1.1.1.tgz#0ee328a68996ca45854450033a3d161421dc4f55"
+  integrity sha512-xguP2WR2Dv0gQ7Ykbdb7BNCnPnIPB94uTi0Z2NvkRBEnhbwjOQ7QyQKJXrVQg4qDpiD9hA5l5cCwy/z2OXgc3w==
+  dependencies:
+    grapheme-splitter "^1.0.4"
+
 "@babel/cli@^7.11.6":
   version "7.24.7"
   resolved "https://registry.npmjs.org/@babel/cli/-/cli-7.24.7.tgz"
@@ -1180,6 +1187,13 @@
   resolved "https://registry.npmjs.org/@hutson/parse-repository-url/-/parse-repository-url-3.0.2.tgz"
   integrity sha512-H9XAx3hc0BQHY6l+IFSWHDySypcXsvsuLhgYLUGywmJ5pswRVQJUHpOsobnLYp2ZUaUlKiKDrgWWhosOwAEM8Q==
 
+"@isaacs/fs-minipass@^4.0.0":
+  version "4.0.1"
+  resolved "https://registry.yarnpkg.com/@isaacs/fs-minipass/-/fs-minipass-4.0.1.tgz#2d59ae3ab4b38fb4270bfa23d30f8e2e86c7fe32"
+  integrity sha512-wgm9Ehl2jpeqP3zw/7mo3kRHFp5MEDhqAdwy1fTGkHAwnkGOVsgpvQhL8B5n1qlb01jV3n/bI0ZfZp5lWA1k4w==
+  dependencies:
+    minipass "^7.0.4"
+
 "@isaacs/string-locale-compare@^1.1.0":
   version "1.1.0"
   resolved "https://registry.npmjs.org/@isaacs/string-locale-compare/-/string-locale-compare-1.1.0.tgz"
@@ -2253,6 +2267,118 @@
     node-addon-api "^3.2.1"
     node-gyp-build "^4.3.0"
 
+"@percy/cli-command@1.31.14":
+  version "1.31.14"
+  resolved "https://registry.yarnpkg.com/@percy/cli-command/-/cli-command-1.31.14.tgz#6c08f8841e7bd468026024908ac6d6e88d41e25c"
+  integrity sha512-rLDR8dqHuUMQf4QfoStcQ1YTjdahGHOLn8IgA4ZC/o0H/9o2ynDIckMfQRgPYwBSwJDZU/pFZmuFGXiC8l/3tw==
+  dependencies:
+    "@percy/config" "1.31.14"
+    "@percy/core" "1.31.14"
+    "@percy/logger" "1.31.14"
+
+"@percy/cli-doctor@1.31.14":
+  version "1.31.14"
+  resolved "https://registry.yarnpkg.com/@percy/cli-doctor/-/cli-doctor-1.31.14.tgz#6021763fe076244d600b932ecc221c63465f0898"
+  integrity sha512-UjH6LUvAWoX3HUFg9qcxo7bRVb6Y41/RCFYbAdC+/jZF/IX+FU3wnmGD8s0FZs4L+wlz6PXSJtIzAcyQGRas1w==
+  dependencies:
+    "@percy/cli-command" "1.31.14"
+    "@percy/client" "1.31.14"
+    "@percy/config" "1.31.14"
+    "@percy/core" "1.31.14"
+    "@percy/env" "1.31.14"
+    "@percy/logger" "1.31.14"
+    "@percy/monitoring" "1.31.14"
+    minimatch "^9.0.0"
+    ws "^8.17.1"
+
+"@percy/client@1.31.14":
+  version "1.31.14"
+  resolved "https://registry.yarnpkg.com/@percy/client/-/client-1.31.14.tgz#dc850b8e490118194efa9ef428ef971480674ca9"
+  integrity sha512-HA/1SlYg57L3eNQZivNJ5yKZte8v7ZZ3CT29hhn03sHReVd3NshQuSC1Vm8kchrnoSi4SR5bUilwJ9w8lnDT3A==
+  dependencies:
+    "@percy/config" "1.31.14"
+    "@percy/env" "1.31.14"
+    "@percy/logger" "1.31.14"
+    pac-proxy-agent "^7.0.2"
+    pako "^2.1.0"
+
+"@percy/config@1.31.14":
+  version "1.31.14"
+  resolved "https://registry.yarnpkg.com/@percy/config/-/config-1.31.14.tgz#6ba0d312b51556e85e07d207a9abccbf5075daa7"
+  integrity sha512-BRVfkff1j3ATdA8xH600802nhFfE1K4XRsGwOHTEZd/DnFVvGUIagQvfZxpTdHBTZ8G+nwi9Z8CTcVtzgd4AMw==
+  dependencies:
+    "@percy/logger" "1.31.14"
+    ajv "^8.6.2"
+    cosmiconfig "^8.0.0"
+    yaml "^2.0.0"
+
+"@percy/core@1.31.14":
+  version "1.31.14"
+  resolved "https://registry.yarnpkg.com/@percy/core/-/core-1.31.14.tgz#76eb027e6a6df2cb5990196e899d357d5612ae9b"
+  integrity sha512-c6QTjqaKs7UxL9HK6VJJl5B57hywFNn+l22vES4dFkegrkdE0maAz7rG88X2Xp2sYrsR3qf9n9CKCDy511/KYw==
+  dependencies:
+    "@percy/client" "1.31.14"
+    "@percy/config" "1.31.14"
+    "@percy/dom" "1.31.14"
+    "@percy/logger" "1.31.14"
+    "@percy/monitoring" "1.31.14"
+    "@percy/webdriver-utils" "1.31.14"
+    content-disposition "^0.5.4"
+    cross-spawn "^7.0.3"
+    extract-zip "^2.0.1"
+    fast-glob "^3.2.11"
+    micromatch "^4.0.8"
+    mime-types "^2.1.34"
+    pako "^2.1.0"
+    path-to-regexp "^6.3.0"
+    rimraf "^3.0.2"
+    ws "^8.17.1"
+    yaml "^2.4.1"
+  optionalDependencies:
+    "@percy/cli-doctor" "1.31.14"
+
+"@percy/dom@1.31.14":
+  version "1.31.14"
+  resolved "https://registry.yarnpkg.com/@percy/dom/-/dom-1.31.14.tgz#bb8506014589d1d76d148f31410f259554389757"
+  integrity sha512-Ilz9qSf9Z80jHah9b7OfX2M2N9vmY4hkGEhMO953ui3NSQhXZsezr4aIPREYdyZdo11pEWm+JWU1AEZw54CbbA==
+
+"@percy/env@1.31.14":
+  version "1.31.14"
+  resolved "https://registry.yarnpkg.com/@percy/env/-/env-1.31.14.tgz#035116da85d36bbb14dbe274ac4694d56b301ecf"
+  integrity sha512-eRW4Ot2Z5WESKPJHcdLc9JFLtjxJaALzRxGa7Z+0R5t5wOlqbEVQytLBzgFWWTVa2XEejR4Sffs5cYqM+ldgEA==
+  dependencies:
+    "@percy/logger" "1.31.14"
+
+"@percy/logger@1.31.14":
+  version "1.31.14"
+  resolved "https://registry.yarnpkg.com/@percy/logger/-/logger-1.31.14.tgz#07790eb96f46fdc7a25566d2fe2e6cc8922b6d7a"
+  integrity sha512-e078iCrSDa4qdMfOlX+DXhZ08MzYxNTFfz7HsgLcAXSn6AV+CGZT/BxaHlzm2I5tp1zQV7wHnvvm4RV2qx1FEA==
+
+"@percy/monitoring@1.31.14":
+  version "1.31.14"
+  resolved "https://registry.yarnpkg.com/@percy/monitoring/-/monitoring-1.31.14.tgz#6d0726cf0daf9eb9ea45d10dcc139676d969d3d4"
+  integrity sha512-5zqOZmkua08pc/lppXeBUCEWCG9xGQwrxI+DlZ6TMLg05Dwn7nPRaMMxYla8A/XsDemcq0TECgCT83uYY0WpeQ==
+  dependencies:
+    "@percy/config" "1.31.14"
+    "@percy/logger" "1.31.14"
+    "@percy/sdk-utils" "1.31.14"
+    systeminformation "^5.25.11"
+
+"@percy/sdk-utils@1.31.14":
+  version "1.31.14"
+  resolved "https://registry.yarnpkg.com/@percy/sdk-utils/-/sdk-utils-1.31.14.tgz#f86e0451a5931d5a1d2bf1daa2438f543c70936e"
+  integrity sha512-I31GM+aCHiME12jX9ac5COThZWOpTBONkR9J6D059wqiFhHtRenA2mWFx6rC+zUpG5un0imkal7tN9y1D4hPBg==
+  dependencies:
+    pac-proxy-agent "^7.0.2"
+
+"@percy/webdriver-utils@1.31.14":
+  version "1.31.14"
+  resolved "https://registry.yarnpkg.com/@percy/webdriver-utils/-/webdriver-utils-1.31.14.tgz#486e56ddd34496dad0356d21c7251fe78e51ef30"
+  integrity sha512-2V4yxf60mXsDAUz+GFOePcfSNF9mSbrV1WH+sUWDItFUjV14QSVNuBcZRKO8Etgi7bFSCPz1Z1jXrxmopBFpbg==
+  dependencies:
+    "@percy/config" "1.31.14"
+    "@percy/sdk-utils" "1.31.14"
+
 "@phenomnomnominal/tsquery@4.1.1":
   version "4.1.1"
   resolved "https://registry.npmjs.org/@phenomnomnominal/tsquery/-/tsquery-4.1.1.tgz"
@@ -2260,6 +2386,18 @@
   dependencies:
     esquery "^1.0.1"
 
+"@pnpm/crypto.base32-hash@1.0.1":
+  version "1.0.1"
+  resolved "https://registry.yarnpkg.com/@pnpm/crypto.base32-hash/-/crypto.base32-hash-1.0.1.tgz#e0eeff4ae736d2a781e41041206a65fe78704ffd"
+  integrity sha512-pzAXNn6KxTA3kbcI3iEnYs4vtH51XEVqmK/1EiD18MaPKylhqy8UvMJK3zKG+jeP82cqQbozcTGm4yOQ8i3vNw==
+  dependencies:
+    rfc4648 "^1.5.1"
+
+"@pnpm/types@8.9.0":
+  version "8.9.0"
+  resolved "https://registry.yarnpkg.com/@pnpm/types/-/types-8.9.0.tgz#9636d5f0642793432f72609b79458ca9be049b02"
+  integrity sha512-3MYHYm8epnciApn6w5Fzx6sepawmsNU7l6lvIq+ER22/DPSrr83YMhU/EQWnf4lORn2YyiXFj0FJSyJzEtIGmw==
+
 "@protobufjs/aspromise@^1.1.1", "@protobufjs/aspromise@^1.1.2":
   version "1.1.2"
   resolved "https://registry.yarnpkg.com/@protobufjs/aspromise/-/aspromise-1.1.2.tgz#9b8b0cc663d669a7d8f6f5d0893a14d348f30fbf"
@@ -2378,11 +2516,77 @@
   resolved "https://registry.npmjs.org/@sinclair/typebox/-/typebox-0.25.24.tgz"
   integrity sha512-XJfwUVUKDHF5ugKwIcxEgc9k8b7HbznCp6eUfWgu710hMPNIO4aw4/zB5RogDQz8nd6gyCDpU9O/m6qYEWY6yQ==
 
+"@sindresorhus/is@^4.0.0":
+  version "4.6.0"
+  resolved "https://registry.yarnpkg.com/@sindresorhus/is/-/is-4.6.0.tgz#3c7c9c46e678feefe7a2e5bb609d3dbd665ffb3f"
+  integrity sha512-t09vSN3MdfsyCHoFcTRCH/iUtG7OJ0CsjzB8cjAmKc/va/kIgeDI/TxsigdncE/4be734m0cvIYwNaV4i2XqAw==
+
+"@snyk/dep-graph@^2.12.0":
+  version "2.16.8"
+  resolved "https://registry.yarnpkg.com/@snyk/dep-graph/-/dep-graph-2.16.8.tgz#d5f5940e6758618a9c963b0966aecba575c766e9"
+  integrity sha512-vlUCjaV8XE6bJEZ7ZfyMnOb+oUWNDzSMeeuO9ek32JR4tpnIgb1DT6EFJw3zeFDxk0e9cb/PznK/7JxyM1TL7Q==
+  dependencies:
+    event-loop-spinner "^2.1.0"
+    lodash.clone "^4.5.0"
+    lodash.constant "^3.0.0"
+    lodash.filter "^4.6.0"
+    lodash.foreach "^4.5.0"
+    lodash.isempty "^4.4.0"
+    lodash.isequal "^4.5.0"
+    lodash.isfunction "^3.0.9"
+    lodash.isundefined "^3.0.1"
+    lodash.map "^4.6.0"
+    lodash.reduce "^4.6.0"
+    lodash.size "^4.2.0"
+    lodash.transform "^4.6.0"
+    lodash.union "^4.6.0"
+    lodash.values "^4.3.0"
+    object-hash "^3.0.0"
+    packageurl-js "2.0.1"
+    semver "^7.0.0"
+    tslib "^2"
+
+"@snyk/error-catalog-nodejs-public@^5.16.0":
+  version "5.81.0"
+  resolved "https://registry.yarnpkg.com/@snyk/error-catalog-nodejs-public/-/error-catalog-nodejs-public-5.81.0.tgz#8ee889eb016de0ef693e8b661f5a42d28a05da9e"
+  integrity sha512-vR3fVLYTdHXujpLp/u2afrqQwCHNQj7sb3EKwqTNpgdtgJhluetcc/Qrf+PfMWvh/VioKCi17wO3nWaaGVAdyw==
+  dependencies:
+    tslib "^2.8.1"
+    uuid "^11.1.0"
+
+"@snyk/graphlib@2.1.9-patch.3":
+  version "2.1.9-patch.3"
+  resolved "https://registry.yarnpkg.com/@snyk/graphlib/-/graphlib-2.1.9-patch.3.tgz#b8edb2335af1978db7f3cb1f28f5d562960acf23"
+  integrity sha512-bBY9b9ulfLj0v2Eer0yFYa3syVeIxVKl2EpxSrsVeT4mjA0CltZyHsF0JjoaGXP27nItTdJS5uVsj1NA+3aE+Q==
+  dependencies:
+    lodash.clone "^4.5.0"
+    lodash.constant "^3.0.0"
+    lodash.filter "^4.6.0"
+    lodash.foreach "^4.5.0"
+    lodash.has "^4.5.2"
+    lodash.isempty "^4.4.0"
+    lodash.isfunction "^3.0.9"
+    lodash.isundefined "^3.0.1"
+    lodash.keys "^4.2.0"
+    lodash.map "^4.6.0"
+    lodash.reduce "^4.6.0"
+    lodash.size "^4.2.0"
+    lodash.transform "^4.6.0"
+    lodash.union "^4.6.0"
+    lodash.values "^4.3.0"
+
 "@socket.io/component-emitter@~3.1.0":
   version "3.1.2"
   resolved "https://registry.npmjs.org/@socket.io/component-emitter/-/component-emitter-3.1.2.tgz"
   integrity sha512-9BCxFwvbGg/RsZK9tjXd8s4UcwR0MWeFQ1XEKIQVVvAGJyINdrqKMcTRyLoK8Rse1GjzLV9cwjWV1olXRWEXVA==
 
+"@szmarczak/http-timer@^4.0.5":
+  version "4.0.6"
+  resolved "https://registry.yarnpkg.com/@szmarczak/http-timer/-/http-timer-4.0.6.tgz#b4a914bb62e7c272d4e5989fe4440f812ab1d807"
+  integrity sha512-4BAffykYOgO+5nzBWYwE3W90sBgLJoUPRWWcL8wlyiM8IB8ipJz3UMJ9KXQd1RKQXpKp8Tutn80HZtWsu2u76w==
+  dependencies:
+    defer-to-connect "^2.0.0"
+
 "@tootallnate/once@2":
   version "2.0.0"
   resolved "https://registry.npmjs.org/@tootallnate/once/-/once-2.0.0.tgz"
@@ -2398,6 +2602,16 @@
   resolved "https://registry.npmjs.org/@tsd/typescript/-/typescript-5.4.5.tgz"
   integrity sha512-saiCxzHRhUrRxQV2JhH580aQUZiKQUXI38FcAcikcfOomAil4G4lxT0RfrrKywoAYP/rqAdYXYmNRLppcd+hQQ==
 
+"@types/cacheable-request@^6.0.1":
+  version "6.0.3"
+  resolved "https://registry.yarnpkg.com/@types/cacheable-request/-/cacheable-request-6.0.3.tgz#a430b3260466ca7b5ca5bfd735693b36e7a9d183"
+  integrity sha512-IQ3EbTzGxIigb1I3qPZc1rWJnH0BmSKv5QYTalEwweFvyBDLSAe24zP0le/hyi7ecGfZVlIVAg4BZqb8WBwKqw==
+  dependencies:
+    "@types/http-cache-semantics" "*"
+    "@types/keyv" "^3.1.4"
+    "@types/node" "*"
+    "@types/responselike" "^1.0.0"
+
 "@types/cookie@^0.4.1":
   version "0.4.1"
   resolved "https://registry.npmjs.org/@types/cookie/-/cookie-0.4.1.tgz"
@@ -2408,6 +2622,11 @@
   resolved "https://registry.npmjs.org/@types/cors/-/cors-2.8.12.tgz"
   integrity sha512-vt+kDhq/M2ayberEtJcIN/hxXy1Pk+59g2FV/ZQceeaTyCtCucjL2Q7FXlFjtWn4n15KCr1NE2lNNFhp0lEThw==
 
+"@types/emscripten@^1.39.6":
+  version "1.41.5"
+  resolved "https://registry.yarnpkg.com/@types/emscripten/-/emscripten-1.41.5.tgz#5670e4b52b098691cb844b84ee48c9176699b68d"
+  integrity sha512-cMQm7pxu6BxtHyqJ7mQZ2kXWV5SLmugybFdHCBbJ5eHzOo6VhBckEgAT3//rP5FwPHNPeEiq4SmQ5ucBwsOo4Q==
+
 "@types/eslint@^7.2.13":
   version "7.28.1"
   resolved "https://registry.npmjs.org/@types/eslint/-/eslint-7.28.1.tgz"
@@ -2431,6 +2650,11 @@
   resolved "https://registry.npmjs.org/@types/estree/-/estree-1.0.0.tgz"
   integrity sha512-WulqXMDUTYAXCjZnk6JtIHPigp55cVtDgDrO2gHRwhyJto21+1zbVCtOYB2L1F9w4qCQ0rOGWBnBe0FNTiEJIQ==
 
+"@types/http-cache-semantics@*":
+  version "4.2.0"
+  resolved "https://registry.yarnpkg.com/@types/http-cache-semantics/-/http-cache-semantics-4.2.0.tgz#f6a7788f438cbfde15f29acad46512b4c01913b3"
+  integrity sha512-L3LgimLHXtGkWikKnsPg0/VFx9OGZaC+eN1u4r+OB1XRqH3meBIAVC2zr1WdMH+RHmnRkqliQAOHNJ/E0j/e0Q==
+
 "@types/json-schema@*":
   version "7.0.9"
   resolved "https://registry.npmjs.org/@types/json-schema/-/json-schema-7.0.9.tgz"
@@ -2441,6 +2665,13 @@
   resolved "https://registry.npmjs.org/@types/json5/-/json5-0.0.29.tgz"
   integrity sha1-7ihweulOEdK4J7y+UnC86n8+ce4=
 
+"@types/keyv@^3.1.4":
+  version "3.1.4"
+  resolved "https://registry.yarnpkg.com/@types/keyv/-/keyv-3.1.4.tgz#3ccdb1c6751b0c7e52300bcdacd5bcbf8faa75b6"
+  integrity sha512-BQ5aZNSCpj7D6K2ksrRCTmKRLEpnPvWDiLPfoGyhZ++8YtiK9d/3DBKPJgry359X/P1PfruyYwvnvwFjuEiEIg==
+  dependencies:
+    "@types/node" "*"
+
 "@types/minimatch@^3.0.3":
   version "3.0.3"
   resolved "https://registry.npmjs.org/@types/minimatch/-/minimatch-3.0.3.tgz"
@@ -2483,6 +2714,23 @@
   resolved "https://registry.npmjs.org/@types/resolve/-/resolve-1.20.2.tgz"
   integrity sha512-60BCwRFOZCQhDncwQdxxeOEEkbc5dIMccYLwbxsS4TUNeVECQ/pBJ0j09mrHOl/JJvpRPGwO9SvE4nR2Nb/a4Q==
 
+"@types/responselike@^1.0.0":
+  version "1.0.3"
+  resolved "https://registry.yarnpkg.com/@types/responselike/-/responselike-1.0.3.tgz#cc29706f0a397cfe6df89debfe4bf5cea159db50"
+  integrity sha512-H/+L+UkTV33uf49PH5pCAUBVPNj2nDBXTN+qS1dOwyyg24l3CcicicCA7ca+HMvJBZcFgl5r8e+RR6elsb4Lyw==
+  dependencies:
+    "@types/node" "*"
+
+"@types/semver@^7.1.0":
+  version "7.7.1"
+  resolved "https://registry.yarnpkg.com/@types/semver/-/semver-7.7.1.tgz#3ce3af1a5524ef327d2da9e4fd8b6d95c8d70528"
+  integrity sha512-FmgJfu+MOcQ370SD0ev7EI8TlCAfKYU+B4m5T3yXc1CiRN94g/SZPtsCkk506aUDtlMnFZvasDwHHUcZUEaYuA==
+
+"@types/treeify@^1.0.0":
+  version "1.0.3"
+  resolved "https://registry.yarnpkg.com/@types/treeify/-/treeify-1.0.3.tgz#f502e11e851b1464d5e80715d5ce3705ad864638"
+  integrity sha512-hx0o7zWEUU4R2Amn+pjCBQQt23Khy/Dk56gQU5xi5jtPL1h83ACJCeFaB2M/+WO1AntvWrSoVnnCAfI1AQH4Cg==
+
 "@types/yauzl@^2.9.1":
   version "2.9.1"
   resolved "https://registry.npmjs.org/@types/yauzl/-/yauzl-2.9.1.tgz"
@@ -2490,6 +2738,54 @@
   dependencies:
     "@types/node" "*"
 
+"@yarnpkg/core@^4.4.1":
+  version "4.7.0"
+  resolved "https://registry.yarnpkg.com/@yarnpkg/core/-/core-4.7.0.tgz#ece83ad51eadb7786df38dbf7314cd77917d72fb"
+  integrity sha512-/zOgPAcDvwx8NDzLidDFaZDg+3Jgv824C4fudqZFlUuWv/BzOEtjfRTAyi+O0h15FyT7YvlsMnQpmnIQB+LgKw==
+  dependencies:
+    "@arcanis/slice-ansi" "^1.1.1"
+    "@types/semver" "^7.1.0"
+    "@types/treeify" "^1.0.0"
+    "@yarnpkg/fslib" "^3.1.5"
+    "@yarnpkg/libzip" "^3.2.2"
+    "@yarnpkg/parsers" "^3.0.3"
+    "@yarnpkg/shell" "^4.1.3"
+    camelcase "^5.3.1"
+    chalk "^4.1.2"
+    ci-info "^4.0.0"
+    clipanion "^4.0.0-rc.2"
+    cross-spawn "^7.0.3"
+    diff "^5.1.0"
+    dotenv "^16.3.1"
+    es-toolkit "^1.39.7"
+    fast-glob "^3.2.2"
+    got "^11.7.0"
+    hpagent "^1.2.0"
+    micromatch "^4.0.2"
+    p-limit "^2.2.0"
+    semver "^7.1.2"
+    strip-ansi "^6.0.0"
+    tar "^7.5.3"
+    tinylogic "^2.0.0"
+    treeify "^1.1.0"
+    tslib "^2.4.0"
+
+"@yarnpkg/fslib@^3.1.2", "@yarnpkg/fslib@^3.1.3", "@yarnpkg/fslib@^3.1.5":
+  version "3.1.5"
+  resolved "https://registry.yarnpkg.com/@yarnpkg/fslib/-/fslib-3.1.5.tgz#e06924ab0bb312abe4e1e23a462cd481c446741e"
+  integrity sha512-hXaPIWl5GZA+rXcx+yaKWUuePJruZuD+3A5A2X6paEBfFsyCD7oEp88lSMj1ym1ehBWUmhNH/YGOp+SrbmSBPg==
+  dependencies:
+    tslib "^2.4.0"
+
+"@yarnpkg/libzip@^3.2.2":
+  version "3.2.2"
+  resolved "https://registry.yarnpkg.com/@yarnpkg/libzip/-/libzip-3.2.2.tgz#075a25ff850e898dfb1c68df515ddaf5809bbcbe"
+  integrity sha512-Kqxgjfy6SwwC4tTGQYToIWtUhIORTpkowqgd9kkMiBixor0eourHZZAggt/7N4WQKt9iCyPSkO3Xvr44vXUBAw==
+  dependencies:
+    "@types/emscripten" "^1.39.6"
+    "@yarnpkg/fslib" "^3.1.3"
+    tslib "^2.4.0"
+
 "@yarnpkg/lockfile@^1.1.0":
   version "1.1.0"
   resolved "https://registry.npmjs.org/@yarnpkg/lockfile/-/lockfile-1.1.0.tgz"
@@ -2503,6 +2799,28 @@
     js-yaml "^3.10.0"
     tslib "^2.4.0"
 
+"@yarnpkg/parsers@^3.0.3":
+  version "3.0.3"
+  resolved "https://registry.yarnpkg.com/@yarnpkg/parsers/-/parsers-3.0.3.tgz#624f35f242c1115a48beb1fd12aed610bcd8e823"
+  integrity sha512-mQZgUSgFurUtA07ceMjxrWkYz8QtDuYkvPlu0ZqncgjopQ0t6CNEo/OSealkmnagSUx8ZD5ewvezUwUuMqutQg==
+  dependencies:
+    js-yaml "^3.10.0"
+    tslib "^2.4.0"
+
+"@yarnpkg/shell@^4.1.3":
+  version "4.1.3"
+  resolved "https://registry.yarnpkg.com/@yarnpkg/shell/-/shell-4.1.3.tgz#a99a1bcfb8ca1d896440046b71d2b254d0712948"
+  integrity sha512-5igwsHbPtSAlLdmMdKqU3atXjwhtLFQXsYAG0sn1XcPb3yF8WxxtWxN6fycBoUvFyIHFz1G0KeRefnAy8n6gdw==
+  dependencies:
+    "@yarnpkg/fslib" "^3.1.2"
+    "@yarnpkg/parsers" "^3.0.3"
+    chalk "^4.1.2"
+    clipanion "^4.0.0-rc.2"
+    cross-spawn "^7.0.3"
+    fast-glob "^3.2.2"
+    micromatch "^4.0.2"
+    tslib "^2.4.0"
+
 "@zkochan/js-yaml@0.0.6":
   version "0.0.6"
   resolved "https://registry.npmjs.org/@zkochan/js-yaml/-/js-yaml-0.0.6.tgz"
@@ -2794,6 +3112,11 @@ astral-regex@^2.0.0:
   resolved "https://registry.npmjs.org/astral-regex/-/astral-regex-2.0.0.tgz"
   integrity sha512-Z7tMw1ytTXt5jqMcOP+OQteU1VuNK9Y02uuJtKQ1Sv69jXQKKg5cibLwGJow8yzZP+eAc18EmLGPal0bp36rvQ==
 
+async@^3.2.2:
+  version "3.2.6"
+  resolved "https://registry.yarnpkg.com/async/-/async-3.2.6.tgz#1b0728e14929d51b85b449b7f06e27c1145e38ce"
+  integrity sha512-htCUDlxyyCLMgaM3xXg0C0LW2xqfuQ6p05pCEIsXuyQ+a1koYKTuBMzRNwmybfLgvJDMd0r1LTn4+E0Ti6C2AA==
+
 async@^3.2.3:
   version "3.2.4"
   resolved "https://registry.npmjs.org/async/-/async-3.2.4.tgz"
@@ -3058,6 +3381,24 @@ cacache@^16.0.0, cacache@^16.0.6, cacache@^16.1.0:
     tar "^6.1.11"
     unique-filename "^1.1.1"
 
+cacheable-lookup@^5.0.3:
+  version "5.0.4"
+  resolved "https://registry.yarnpkg.com/cacheable-lookup/-/cacheable-lookup-5.0.4.tgz#5a6b865b2c44357be3d5ebc2a467b032719a7005"
+  integrity sha512-2/kNscPhpcxrOigMZzbiWF7dz8ilhb/nIHU3EyZiXWXpeq/au8qJ8VhdftMkty3n7Gj6HIGalQG8oiBNB3AJgA==
+
+cacheable-request@^7.0.2:
+  version "7.0.4"
+  resolved "https://registry.yarnpkg.com/cacheable-request/-/cacheable-request-7.0.4.tgz#7a33ebf08613178b403635be7b899d3e69bbe817"
+  integrity sha512-v+p6ongsrp0yTGbJXjgxPow2+DL93DASP4kXCDKb8/bwRtt9OEF3whggkkDkGNzgcWy2XaF4a8nZglC7uElscg==
+  dependencies:
+    clone-response "^1.0.2"
+    get-stream "^5.1.0"
+    http-cache-semantics "^4.0.0"
+    keyv "^4.0.0"
+    lowercase-keys "^2.0.0"
+    normalize-url "^6.0.1"
+    responselike "^2.0.0"
+
 caching-transform@^4.0.0:
   version "4.0.0"
   resolved "https://registry.npmjs.org/caching-transform/-/caching-transform-4.0.0.tgz"
@@ -3128,7 +3469,7 @@ chalk@^2.0.1, chalk@^2.1.0, chalk@^2.4.2:
     escape-string-regexp "^1.0.5"
     supports-color "^5.3.0"
 
-chalk@^4.0.0, chalk@^4.0.2, chalk@^4.1.0, chalk@^4.1.1:
+chalk@^4.0.0, chalk@^4.0.2, chalk@^4.1.0, chalk@^4.1.1, chalk@^4.1.2:
   version "4.1.2"
   resolved "https://registry.npmjs.org/chalk/-/chalk-4.1.2.tgz"
   integrity sha512-oKnbhFyRIXpUuez8iBMmyEa4nbj4IOQyuhc/wy9kY7/WVPcwIO9VA668Pu8RkO7+0G76SLROeyw9CpQ061i4mA==
@@ -3161,11 +3502,21 @@ chownr@^2.0.0:
   resolved "https://registry.npmjs.org/chownr/-/chownr-2.0.0.tgz"
   integrity sha512-bIomtDF5KGpdogkLd9VspvFzk9KfpyyGlS8YFVZl7TGPBHL5snIOnxeshwVgPteQ9b4Eydl+pVbIyE1DcvCWgQ==
 
+chownr@^3.0.0:
+  version "3.0.0"
+  resolved "https://registry.yarnpkg.com/chownr/-/chownr-3.0.0.tgz#9855e64ecd240a9cc4267ce8a4aa5d24a1da15e4"
+  integrity sha512-+IxzY9BZOQd/XuYPRmrvEVjF/nqj5kgT4kEq7VofrDoM1MxoRjEWkrCC3EtLi59TVawxTAn+orJwFQcrqEN1+g==
+
 ci-info@^2.0.0:
   version "2.0.0"
   resolved "https://registry.npmjs.org/ci-info/-/ci-info-2.0.0.tgz"
   integrity sha512-5tK7EtrZ0N+OLFMthtqOj4fI2Jeb88C4CAZPu25LDVUgXJ0A3Js4PMGqrn0JU1W0Mh1/Z8wZzYPxqUrXeBboCQ==
 
+ci-info@^4.0.0:
+  version "4.4.0"
+  resolved "https://registry.yarnpkg.com/ci-info/-/ci-info-4.4.0.tgz#7d54eff9f54b45b62401c26032696eb59c8bd18c"
+  integrity sha512-77PSwercCZU2Fc4sX94eF8k8Pxte6JAwL4/ICZLFjJLqegs7kCuAsqqj/70NQF6TvDpgFjkubQB2FW2ZZddvQg==
+
 clean-stack@^2.0.0:
   version "2.2.0"
   resolved "https://registry.npmjs.org/clean-stack/-/clean-stack-2.2.0.tgz"
@@ -3193,6 +3544,13 @@ cli-width@^3.0.0:
   resolved "https://registry.npmjs.org/cli-width/-/cli-width-3.0.0.tgz"
   integrity sha512-FxqpkPPwu1HjuN93Omfm4h8uIanXofW0RxVEW3k5RKx+mJJYSthzNhp32Kzxxy3YAEZ/Dc/EWN1vZRY0+kOhbw==
 
+clipanion@^4.0.0-rc.2:
+  version "4.0.0-rc.4"
+  resolved "https://registry.yarnpkg.com/clipanion/-/clipanion-4.0.0-rc.4.tgz#7191a940e47ef197e5f18c9cbbe419278b5f5903"
+  integrity sha512-CXkMQxU6s9GklO/1f714dkKBMu1lopS1WFF0B8o4AxPykR1hpozxSiUZ5ZUeBjfPgCWqbcNOtZVFhB8Lkfp1+Q==
+  dependencies:
+    typanion "^3.8.0"
+
 cliui@^6.0.0:
   version "6.0.0"
   resolved "https://registry.npmjs.org/cliui/-/cliui-6.0.0.tgz"
@@ -3229,6 +3587,13 @@ clone-deep@^4.0.1:
     kind-of "^6.0.2"
     shallow-clone "^3.0.0"
 
+clone-response@^1.0.2:
+  version "1.0.3"
+  resolved "https://registry.yarnpkg.com/clone-response/-/clone-response-1.0.3.tgz#af2032aa47816399cf5f0a1d0db902f517abb8c3"
+  integrity sha512-ROoL94jJH2dUVML2Y/5PEDNaSHgeOdSDicUyS7izcF63G6sTc/FTjLub4b8Il9S8S0beOfYt0TaA5qvFK+w0wA==
+  dependencies:
+    mimic-response "^1.0.0"
+
 clone@^1.0.2:
   version "1.0.4"
   resolved "https://registry.npmjs.org/clone/-/clone-1.0.4.tgz"
@@ -3623,6 +3988,13 @@ decamelize@^1.1.0, decamelize@^1.2.0:
   resolved "https://registry.npmjs.org/decamelize/-/decamelize-1.2.0.tgz"
   integrity sha1-9lNNFRSCabIDUue+4m9QH5oZEpA=
 
+decompress-response@^6.0.0:
+  version "6.0.0"
+  resolved "https://registry.yarnpkg.com/decompress-response/-/decompress-response-6.0.0.tgz#ca387612ddb7e104bd16d85aab00d5ecf09c66fc"
+  integrity sha512-aW35yZM6Bb/4oJlZncMH2LCoZtJXTRxES17vE3hoRiowU2kWHaJKFkSBDnDR+cm9J+9QhXmREyIfv0pji9ejCQ==
+  dependencies:
+    mimic-response "^3.1.0"
+
 dedent@^0.7.0:
   version "0.7.0"
   resolved "https://registry.npmjs.org/dedent/-/dedent-0.7.0.tgz"
@@ -3652,6 +4024,11 @@ defaults@^1.0.3:
   dependencies:
     clone "^1.0.2"
 
+defer-to-connect@^2.0.0:
+  version "2.0.1"
+  resolved "https://registry.yarnpkg.com/defer-to-connect/-/defer-to-connect-2.0.1.tgz#8016bdb4143e4632b77a3449c6236277de520587"
+  integrity sha512-4tvttepXG1VaYGrRibk5EwJd1t4udunSOVMdLSAL6mId1ix438oPwPZMALY41FCijukO1L0twNcGsdzS7dHgDg==
+
 define-data-property@^1.0.1, define-data-property@^1.1.4:
   version "1.1.4"
   resolved "https://registry.npmjs.org/define-data-property/-/define-data-property-1.1.4.tgz"
@@ -3704,6 +4081,16 @@ depd@^1.1.2:
   resolved "https://registry.npmjs.org/depd/-/depd-1.1.2.tgz"
   integrity sha1-m81S4UwJd2PnSbJ0xDRu0uVgtak=
 
+dependency-path@^9.2.8:
+  version "9.2.8"
+  resolved "https://registry.yarnpkg.com/dependency-path/-/dependency-path-9.2.8.tgz#9fe05be8d69ad1943a2084e4d86f3063c4b50c01"
+  integrity sha512-S0OhIK7sIyAsph8hVH/LMCTDL3jozKtlrPx3dMQrlE2nAlXTquTT+AcOufphDMTQqLkfn4acvfiem9I1IWZ4jQ==
+  dependencies:
+    "@pnpm/crypto.base32-hash" "1.0.1"
+    "@pnpm/types" "8.9.0"
+    encode-registry "^3.0.0"
+    semver "^7.3.8"
+
 deprecation@^2.0.0, deprecation@^2.3.1:
   version "2.3.1"
   resolved "https://registry.npmjs.org/deprecation/-/deprecation-2.3.1.tgz"
@@ -3742,6 +4129,11 @@ diff-sequences@^29.4.3:
   resolved "https://registry.npmjs.org/diff-sequences/-/diff-sequences-29.4.3.tgz"
   integrity sha512-ofrBgwpPhCD85kMKtE9RYFFq6OC1A89oW2vvgWZNCwxrUpRUILopY7lsYyMDSjc8g6U6aiO0Qubg6r4Wgt5ZnA==
 
+diff@^5.1.0:
+  version "5.2.2"
+  resolved "https://registry.yarnpkg.com/diff/-/diff-5.2.2.tgz#0a4742797281d09cfa699b79ea32d27723623bad"
+  integrity sha512-vtcDfH3TOjP8UekytvnHH1o1P4FcUdt4eQ1Y+Abap1tk/OB2MWQvcwS2ClCd1zuIhc3JKOx6p3kod8Vfys3E+A==
+
 dir-glob@^3.0.1:
   version "3.0.1"
   resolved "https://registry.npmjs.org/dir-glob/-/dir-glob-3.0.1.tgz"
@@ -3787,6 +4179,11 @@ dot-prop@^6.0.1:
   dependencies:
     is-obj "^2.0.0"
 
+dotenv@^16.3.1:
+  version "16.6.1"
+  resolved "https://registry.yarnpkg.com/dotenv/-/dotenv-16.6.1.tgz#773f0e69527a8315c7285d5ee73c4459d20a8020"
+  integrity sha512-uBq4egWHTcTt33a72vpSG0z3HnPuIl6NqYcTrKEg2azoEyl2hpW0zqlxysq2pK9HlDIHyHyakeYaYnSAwd8bow==
+
 dotenv@~10.0.0:
   version "10.0.0"
   resolved "https://registry.npmjs.org/dotenv/-/dotenv-10.0.0.tgz"
@@ -3828,6 +4225,13 @@ emoji-regex@^8.0.0:
   resolved "https://registry.npmjs.org/emoji-regex/-/emoji-regex-8.0.0.tgz"
   integrity sha512-MSjYzcWNOA0ewAHpz0MxpYFvwg6yjy1NG3xteoqz644VCo/RPgnr1/GGt+ic3iJTzQ8Eu3TdM14SawnVUmGE6A==
 
+encode-registry@^3.0.0:
+  version "3.0.1"
+  resolved "https://registry.yarnpkg.com/encode-registry/-/encode-registry-3.0.1.tgz#cb925d0db14ce59b18882b62c67133721b0846d1"
+  integrity sha512-6qOwkl1g0fv0DN3Y3ggr2EaZXN71aoAqPp3p/pVaWSBSIo+YjLOWN61Fva43oVyQNPf7kgm8lkudzlzojwE2jw==
+  dependencies:
+    mem "^8.0.0"
+
 encodeurl@~1.0.2:
   version "1.0.2"
   resolved "https://registry.npmjs.org/encodeurl/-/encodeurl-1.0.2.tgz"
@@ -4027,6 +4431,11 @@ es-to-primitive@^1.2.1:
     is-date-object "^1.0.1"
     is-symbol "^1.0.2"
 
+es-toolkit@^1.39.7:
+  version "1.46.1"
+  resolved "https://registry.yarnpkg.com/es-toolkit/-/es-toolkit-1.46.1.tgz#38ca27191a98a867fc544b81cf1477a68947fb06"
+  integrity sha512-5eNtXOs3tbfxXOj04tjjseeWkRWaoCjdEI+96DgwzZoe6c9juL49pXlzAFTI72aWC9Y8p7168g6XIKjh7k6pyQ==
+
 es6-error@^4.0.1:
   version "4.1.1"
   resolved "https://registry.npmjs.org/es6-error/-/es6-error-4.1.1.tgz"
@@ -4293,6 +4702,13 @@ esutils@^2.0.2:
   resolved "https://registry.npmjs.org/esutils/-/esutils-2.0.3.tgz"
   integrity sha512-kVscqXk4OCp68SZ0dkgEKVi6/8ij300KBWTJq32P/dYeWTSwK41WyTxalN1eRmA5Z9UU/LX9D7FWSmV9SAYx6g==
 
+event-loop-spinner@^2.0.0, event-loop-spinner@^2.1.0:
+  version "2.3.2"
+  resolved "https://registry.yarnpkg.com/event-loop-spinner/-/event-loop-spinner-2.3.2.tgz#cbf92985dccf8ce52c8905b33b8ac909c33f5605"
+  integrity sha512-O078Lkxi/yZEPPifcizDOGUeK1OFOlPC6sfCCrx10odvqX3tEi9XLaIRt9cIl9TBFcPZzuMaXbJ0b+T6D2Tnjg==
+  dependencies:
+    tslib "^2.6.3"
+
 eventemitter3@^4.0.0, eventemitter3@^4.0.4:
   version "4.0.7"
   resolved "https://registry.npmjs.org/eventemitter3/-/eventemitter3-4.0.7.tgz"
@@ -4354,7 +4770,7 @@ fast-glob@3.2.7:
     merge2 "^1.3.0"
     micromatch "^4.0.4"
 
-fast-glob@^3.2.11, fast-glob@^3.2.9:
+fast-glob@^3.2.11, fast-glob@^3.2.2, fast-glob@^3.2.9:
   version "3.3.3"
   resolved "https://registry.npmjs.org/fast-glob/-/fast-glob-3.3.3.tgz"
   integrity sha512-7MptL8U0cqcFdzIzwOTHoilX9x5BrNqye7Z/LuC7kCMRio1EMSyqRK3BEAUD7sXRq4iT4AzTVuZdhgQ2TCvYLg==
@@ -4805,6 +5221,11 @@ glob-parent@^5.1.1, glob-parent@^5.1.2, glob-parent@~5.1.2:
   dependencies:
     is-glob "^4.0.1"
 
+glob-to-regexp@^0.4.1:
+  version "0.4.1"
+  resolved "https://registry.yarnpkg.com/glob-to-regexp/-/glob-to-regexp-0.4.1.tgz#c75297087c851b9a578bd217dd59a92f59fe546e"
+  integrity sha512-lkX1HJXwyMcprw/5YUZc2s7DrpAiHB21/V+E1rHUrVNokkvB6bqMzT0VfV6/86ZNabt1k14YOIaT7nDvOX3Iiw==
+
 glob@7.1.4:
   version "7.1.4"
   resolved "https://registry.npmjs.org/glob/-/glob-7.1.4.tgz"
@@ -4914,11 +5335,33 @@ gopd@^1.2.0:
   resolved "https://registry.npmjs.org/gopd/-/gopd-1.2.0.tgz"
   integrity sha512-ZUKRh6/kUFoAiTAtTYPZJ3hw9wNxx+BIBOijnlG9PnrJsCcSjs1wyyD6vJpaYtgnzDrKYRSqf3OO6Rfa93xsRg==
 
+got@^11.7.0:
+  version "11.8.6"
+  resolved "https://registry.yarnpkg.com/got/-/got-11.8.6.tgz#276e827ead8772eddbcfc97170590b841823233a"
+  integrity sha512-6tfZ91bOr7bOXnK7PRDCGBLa1H4U080YHNaAQ2KsMGlLEzRbk44nsZF2E1IeRc3vtJHPVbKCYgdFbaGO2ljd8g==
+  dependencies:
+    "@sindresorhus/is" "^4.0.0"
+    "@szmarczak/http-timer" "^4.0.5"
+    "@types/cacheable-request" "^6.0.1"
+    "@types/responselike" "^1.0.0"
+    cacheable-lookup "^5.0.3"
+    cacheable-request "^7.0.2"
+    decompress-response "^6.0.0"
+    http2-wrapper "^1.0.0-beta.5.2"
+    lowercase-keys "^2.0.0"
+    p-cancelable "^2.0.0"
+    responselike "^2.0.0"
+
 graceful-fs@^4.1.11, graceful-fs@^4.1.15, graceful-fs@^4.1.2, graceful-fs@^4.1.6, graceful-fs@^4.2.0, graceful-fs@^4.2.6:
   version "4.2.9"
   resolved "https://registry.npmjs.org/graceful-fs/-/graceful-fs-4.2.9.tgz"
   integrity sha512-NtNxqUcXgpW2iMrfqSfR73Glt39K+BLwWsPs94yR63v45T0Wbej7eRmL5cWfwEgqXnmjQp3zaJTshdRW/qC2ZQ==
 
+grapheme-splitter@^1.0.4:
+  version "1.0.4"
+  resolved "https://registry.yarnpkg.com/grapheme-splitter/-/grapheme-splitter-1.0.4.tgz#9cf3a665c6247479896834af35cf1dbb4400767e"
+  integrity sha512-bzh50DW9kTPM00T8y4o8vQg89Di9oLJVLW/KaOGIXJWP/iqCN6WKYkbNOF04vFLJhwcpYUh9ydh/+5vpOqV4YQ==
+
 handlebars@^4.7.7:
   version "4.7.9"
   resolved "https://registry.yarnpkg.com/handlebars/-/handlebars-4.7.9.tgz#6f139082ab58dc4e5a0e51efe7db5ae890d56a0f"
@@ -5033,11 +5476,21 @@ hosted-git-info@^5.0.0:
   dependencies:
     lru-cache "^7.5.1"
 
+hpagent@^1.2.0:
+  version "1.2.0"
+  resolved "https://registry.yarnpkg.com/hpagent/-/hpagent-1.2.0.tgz#0ae417895430eb3770c03443456b8d90ca464903"
+  integrity sha512-A91dYTeIB6NoXG+PxTQpCCDDnfHsW9kc06Lvpu1TEe9gnd6ZFeiBoRO9JvzEv6xK7EX97/dUE8g/vBMTqTS3CA==
+
 html-escaper@^2.0.0:
   version "2.0.2"
   resolved "https://registry.npmjs.org/html-escaper/-/html-escaper-2.0.2.tgz"
   integrity sha512-H2iMtd0I4Mt5eYiapRdIDjp+XzelXQ0tFE4JS7YFwFevXXMmOp9myNrUvCg0D6ws8iqkRPBfKHgbwig1SmlLfg==
 
+http-cache-semantics@^4.0.0:
+  version "4.2.0"
+  resolved "https://registry.yarnpkg.com/http-cache-semantics/-/http-cache-semantics-4.2.0.tgz#205f4db64f8562b76a4ff9235aa5279839a09dd5"
+  integrity sha512-dTxcvPXqPvXBQpq5dUr6mEMJX4oIEFv6bwom3FDwKRDsuIjjJGANqhBuoAn9c1RQJIdAKav33ED65E2ys+87QQ==
+
 http-cache-semantics@^4.1.0:
   version "4.1.1"
   resolved "https://registry.npmjs.org/http-cache-semantics/-/http-cache-semantics-4.1.1.tgz"
@@ -5080,6 +5533,14 @@ http-proxy@^1.18.1:
     follow-redirects "^1.0.0"
     requires-port "^1.0.0"
 
+http2-wrapper@^1.0.0-beta.5.2:
+  version "1.0.3"
+  resolved "https://registry.yarnpkg.com/http2-wrapper/-/http2-wrapper-1.0.3.tgz#b8f55e0c1f25d4ebd08b3b0c2c079f9590800b3d"
+  integrity sha512-V+23sDMr12Wnz7iTcDeJr3O6AIxlnvT/bmaAAAP/Xda35C90p9599p0F1eHR/N1KILWSoWVAiOMFjBBXaXSMxg==
+  dependencies:
+    quick-lru "^5.1.1"
+    resolve-alpn "^1.0.0"
+
 https-proxy-agent@^5.0.0:
   version "5.0.0"
   resolved "https://registry.npmjs.org/https-proxy-agent/-/https-proxy-agent-5.0.0.tgz"
@@ -5693,6 +6154,11 @@ jsesc@~0.5.0:
   resolved "https://registry.npmjs.org/jsesc/-/jsesc-0.5.0.tgz"
   integrity sha1-597mbjXW/Bb3EP6R1c9p9w8IkR0=
 
+json-buffer@3.0.1:
+  version "3.0.1"
+  resolved "https://registry.yarnpkg.com/json-buffer/-/json-buffer-3.0.1.tgz#9338802a30d3b6605fbe0613e094008ca8c05a13"
+  integrity sha512-4bV5BfR2mqfQTJm+V5tPPdf+ZpuhiIvTuAB5g8kcrXOZpTT/QwwVRWBywX1ozr6lEuPdbHxwaJlm9G6mI2sfSQ==
+
 json-parse-better-errors@^1.0.1:
   version "1.0.2"
   resolved "https://registry.npmjs.org/json-parse-better-errors/-/json-parse-better-errors-1.0.2.tgz"
@@ -5843,6 +6309,13 @@ karma@^6.0.2:
     ua-parser-js "^0.7.30"
     yargs "^16.1.1"
 
+keyv@^4.0.0:
+  version "4.5.4"
+  resolved "https://registry.yarnpkg.com/keyv/-/keyv-4.5.4.tgz#a879a99e29452f942439f2a405e3af8b31d4de93"
+  integrity sha512-oxVHkHR/EJf2CNXnWxRLW6mg7JyCCUcG0DtEGmL2ctUo1PNTin1PUil+r/+4r5MpVgC/fn1kjsx7mjSujKqIpw==
+  dependencies:
+    json-buffer "3.0.1"
+
 kind-of@^6.0.2, kind-of@^6.0.3:
   version "6.0.3"
   resolved "https://registry.npmjs.org/kind-of/-/kind-of-6.0.3.tgz"
@@ -5959,36 +6432,126 @@ lodash.camelcase@^4.3.0:
   resolved "https://registry.yarnpkg.com/lodash.camelcase/-/lodash.camelcase-4.3.0.tgz#b28aa6288a2b9fc651035c7711f65ab6190331a6"
   integrity sha512-TwuEnCnxbc3rAvhf/LbG7tJUDzhqXyFnv3dtzLOPgCG/hODL7WFnsbwktkD7yUV0RrreP/l1PALq/YSg6VvjlA==
 
+lodash.clone@^4.5.0:
+  version "4.5.0"
+  resolved "https://registry.yarnpkg.com/lodash.clone/-/lodash.clone-4.5.0.tgz#195870450f5a13192478df4bc3d23d2dea1907b6"
+  integrity sha512-GhrVeweiTD6uTmmn5hV/lzgCQhccwReIVRLHp7LT4SopOjqEZ5BbX8b5WWEtAKasjmy8hR7ZPwsYlxRCku5odg==
+
 lodash.clonedeep@^4.5.0:
   version "4.5.0"
   resolved "https://registry.npmjs.org/lodash.clonedeep/-/lodash.clonedeep-4.5.0.tgz"
   integrity sha1-4j8/nE+Pvd6HJSnBBxhXoIblzO8=
 
+lodash.constant@^3.0.0:
+  version "3.0.0"
+  resolved "https://registry.yarnpkg.com/lodash.constant/-/lodash.constant-3.0.0.tgz#bfe05cce7e515b3128925d6362138420bd624910"
+  integrity sha512-X5XMrB+SdI1mFa81162NSTo/YNd23SLdLOLzcXTwS4inDZ5YCL8X67UFzZJAH4CqIa6R8cr56CShfA5K5MFiYQ==
+
 lodash.debounce@^4.0.8:
   version "4.0.8"
   resolved "https://registry.npmjs.org/lodash.debounce/-/lodash.debounce-4.0.8.tgz"
   integrity sha1-gteb/zCmfEAF/9XiUVMArZyk168=
 
+lodash.filter@^4.6.0:
+  version "4.6.0"
+  resolved "https://registry.yarnpkg.com/lodash.filter/-/lodash.filter-4.6.0.tgz#668b1d4981603ae1cc5a6fa760143e480b4c4ace"
+  integrity sha512-pXYUy7PR8BCLwX5mgJ/aNtyOvuJTdZAo9EQFUvMIYugqmJxnrYaANvTbgndOzHSCSR0wnlBBfRXJL5SbWxo3FQ==
+
+lodash.flatmap@^4.5.0:
+  version "4.5.0"
+  resolved "https://registry.yarnpkg.com/lodash.flatmap/-/lodash.flatmap-4.5.0.tgz#ef8cbf408f6e48268663345305c6acc0b778702e"
+  integrity sha512-/OcpcAGWlrZyoHGeHh3cAoa6nGdX6QYtmzNP84Jqol6UEQQ2gIaU3H+0eICcjcKGl0/XF8LWOujNn9lffsnaOg==
+
 lodash.flattendeep@^4.4.0:
   version "4.4.0"
   resolved "https://registry.npmjs.org/lodash.flattendeep/-/lodash.flattendeep-4.4.0.tgz"
   integrity sha1-+wMJF/hqMTTlvJvsDWngAT3f7bI=
 
+lodash.foreach@^4.5.0:
+  version "4.5.0"
+  resolved "https://registry.yarnpkg.com/lodash.foreach/-/lodash.foreach-4.5.0.tgz#1a6a35eace401280c7f06dddec35165ab27e3e53"
+  integrity sha512-aEXTF4d+m05rVOAUG3z4vZZ4xVexLKZGF0lIxuHZ1Hplpk/3B6Z1+/ICICYRLm7c41Z2xiejbkCkJoTlypoXhQ==
+
+lodash.has@^4.5.2:
+  version "4.5.2"
+  resolved "https://registry.yarnpkg.com/lodash.has/-/lodash.has-4.5.2.tgz#d19f4dc1095058cccbe2b0cdf4ee0fe4aa37c862"
+  integrity sha512-rnYUdIo6xRCJnQmbVFEwcxF144erlD+M3YcJUVesflU9paQaE8p+fJDcIQrlMYbxoANFL+AB9hZrzSBBk5PL+g==
+
+lodash.isempty@^4.4.0:
+  version "4.4.0"
+  resolved "https://registry.yarnpkg.com/lodash.isempty/-/lodash.isempty-4.4.0.tgz#6f86cbedd8be4ec987be9aaf33c9684db1b31e7e"
+  integrity sha512-oKMuF3xEeqDltrGMfDxAPGIVMSSRv8tbRSODbrs4KGsRRLEhrW8N8Rd4DRgB2+621hY8A8XwwrTVhXWpxFvMzg==
+
+lodash.isequal@^4.5.0:
+  version "4.5.0"
+  resolved "https://registry.yarnpkg.com/lodash.isequal/-/lodash.isequal-4.5.0.tgz#415c4478f2bcc30120c22ce10ed3226f7d3e18e0"
+  integrity sha512-pDo3lu8Jhfjqls6GkMgpahsF9kCyayhgykjyLMNFTKWrpVdAQtYyB4muAMWozBB4ig/dtWAmsMxLEI8wuz+DYQ==
+
+lodash.isfunction@^3.0.9:
+  version "3.0.9"
+  resolved "https://registry.yarnpkg.com/lodash.isfunction/-/lodash.isfunction-3.0.9.tgz#06de25df4db327ac931981d1bdb067e5af68d051"
+  integrity sha512-AirXNj15uRIMMPihnkInB4i3NHeb4iBtNg9WRWuK2o31S+ePwwNmDPaTL3o7dTJ+VXNZim7rFs4rxN4YU1oUJw==
+
 lodash.ismatch@^4.4.0:
   version "4.4.0"
   resolved "https://registry.npmjs.org/lodash.ismatch/-/lodash.ismatch-4.4.0.tgz"
   integrity sha1-dWy1FQyjum8RCFp4hJZF8Yj4Xzc=
 
+lodash.isundefined@^3.0.1:
+  version "3.0.1"
+  resolved "https://registry.yarnpkg.com/lodash.isundefined/-/lodash.isundefined-3.0.1.tgz#23ef3d9535565203a66cefd5b830f848911afb48"
+  integrity sha512-MXB1is3s899/cD8jheYYE2V9qTHwKvt+npCwpD+1Sxm3Q3cECXCiYHjeHWXNwr6Q0SOBPrYUDxendrO6goVTEA==
+
+lodash.keys@^4.2.0:
+  version "4.2.0"
+  resolved "https://registry.yarnpkg.com/lodash.keys/-/lodash.keys-4.2.0.tgz#a08602ac12e4fb83f91fc1fb7a360a4d9ba35205"
+  integrity sha512-J79MkJcp7Df5mizHiVNpjoHXLi4HLjh9VLS/M7lQSGoQ+0oQ+lWEigREkqKyizPB1IawvQLLKY8mzEcm1tkyxQ==
+
+lodash.map@^4.6.0:
+  version "4.6.0"
+  resolved "https://registry.yarnpkg.com/lodash.map/-/lodash.map-4.6.0.tgz#771ec7839e3473d9c4cde28b19394c3562f4f6d3"
+  integrity sha512-worNHGKLDetmcEYDvh2stPCrrQRkP20E4l0iIS7F8EvzMqBBi7ltvFN5m1HvTf1P7Jk1txKhvFcmYsCr8O2F1Q==
+
 lodash.merge@^4.6.2:
   version "4.6.2"
   resolved "https://registry.npmjs.org/lodash.merge/-/lodash.merge-4.6.2.tgz"
   integrity sha512-0KpjqXRVvrYyCsX1swR/XTK0va6VQkQM6MNo7PqW77ByjAhoARA8EfrP1N4+KlKj8YS0ZUCtRT/YUuhyYDujIQ==
 
+lodash.reduce@^4.6.0:
+  version "4.6.0"
+  resolved "https://registry.yarnpkg.com/lodash.reduce/-/lodash.reduce-4.6.0.tgz#f1ab6b839299ad48f784abbf476596f03b914d3b"
+  integrity sha512-6raRe2vxCYBhpBu+B+TtNGUzah+hQjVdu3E17wfusjyrXBka2nBS8OH/gjVZ5PvHOhWmIZTYri09Z6n/QfnNMw==
+
+lodash.size@^4.2.0:
+  version "4.2.0"
+  resolved "https://registry.yarnpkg.com/lodash.size/-/lodash.size-4.2.0.tgz#71fe75ed3eabdb2bcb73a1b0b4f51c392ee27b86"
+  integrity sha512-wbu3SF1XC5ijqm0piNxw59yCbuUf2kaShumYBLWUrcCvwh6C8odz6SY/wGVzCWTQTFL/1Ygbvqg2eLtspUVVAQ==
+
+lodash.topairs@^4.3.0:
+  version "4.3.0"
+  resolved "https://registry.yarnpkg.com/lodash.topairs/-/lodash.topairs-4.3.0.tgz#3b6deaa37d60fb116713c46c5f17ea190ec48d64"
+  integrity sha512-qrRMbykBSEGdOgQLJJqVSdPWMD7Q+GJJ5jMRfQYb+LTLsw3tYVIabnCzRqTJb2WTo17PG5gNzXuFaZgYH/9SAQ==
+
+lodash.transform@^4.6.0:
+  version "4.6.0"
+  resolved "https://registry.yarnpkg.com/lodash.transform/-/lodash.transform-4.6.0.tgz#12306422f63324aed8483d3f38332b5f670547a0"
+  integrity sha512-LO37ZnhmBVx0GvOU/caQuipEh4GN82TcWv3yHlebGDgOxbxiwwzW5Pcx2AcvpIv2WmvmSMoC492yQFNhy/l/UQ==
+
 lodash.truncate@^4.4.2:
   version "4.4.2"
   resolved "https://registry.npmjs.org/lodash.truncate/-/lodash.truncate-4.4.2.tgz"
   integrity sha1-WjUNoLERO4N+z//VgSy+WNbq4ZM=
 
+lodash.union@^4.6.0:
+  version "4.6.0"
+  resolved "https://registry.yarnpkg.com/lodash.union/-/lodash.union-4.6.0.tgz#48bb5088409f16f1821666641c44dd1aaae3cd88"
+  integrity sha512-c4pB2CdGrGdjMKYLA+XiRDO7Y0PRQbm/Gzg8qMj+QH+pFVAoTp5sBpO0odL3FjoPCGjK96p6qsP+yQoiLoOBcw==
+
+lodash.values@^4.3.0:
+  version "4.3.0"
+  resolved "https://registry.yarnpkg.com/lodash.values/-/lodash.values-4.3.0.tgz#a3a6c2b0ebecc5c2cba1c17e6e620fe81b53d347"
+  integrity sha512-r0RwvdCv8id9TUblb/O7rYPwVy6lerCbcawrfdo9iC/1t1wsNMJknO79WNBgwkH0hIeJ08jmvvESbFpNb4jH0Q==
+
 lodash@^4.17.15, lodash@^4.17.21, lodash@~4.17.10:
   version "4.17.21"
   resolved "https://registry.npmjs.org/lodash/-/lodash-4.17.21.tgz"
@@ -6032,6 +6595,11 @@ long@^5.0.0:
   resolved "https://registry.yarnpkg.com/long/-/long-5.3.2.tgz#1d84463095999262d7d7b7f8bfd4a8cc55167f83"
   integrity sha512-mNAgZ1GmyNhD7AuqnTG3/VQ26o760+ZYBPKjPvugO8+nLbYfX6TVpJPseBvopbdY+qpZ/lKUnmEc1LeZYS3QAA==
 
+lowercase-keys@^2.0.0:
+  version "2.0.0"
+  resolved "https://registry.yarnpkg.com/lowercase-keys/-/lowercase-keys-2.0.0.tgz#2603e78b7b4b0006cbca2fbcc8a3202558ac9479"
+  integrity sha512-tqNXrS78oMOE73NMxK4EMLQsQowWf8jKooH9g7xPavRT706R6bkQJ6DY2Te7QukaZsulxa30wQ7bk0pm4XiHmA==
+
 lru-cache@^10.2.0:
   version "10.4.3"
   resolved "https://registry.npmjs.org/lru-cache/-/lru-cache-10.4.3.tgz"
@@ -6100,6 +6668,13 @@ make-fetch-happen@^10.0.3, make-fetch-happen@^10.0.6:
     socks-proxy-agent "^7.0.0"
     ssri "^9.0.0"
 
+map-age-cleaner@^0.1.3:
+  version "0.1.3"
+  resolved "https://registry.yarnpkg.com/map-age-cleaner/-/map-age-cleaner-0.1.3.tgz#7d583a7306434c055fe474b0f45078e6e1b4b92a"
+  integrity sha512-bJzx6nMoP6PDLPBFmg7+xRKeFZvFboMrGlxmNj9ClvX53KrmvM5bXFXEWjbz4cz1AFn+jWJ9z/DJSz7hrs0w3w==
+  dependencies:
+    p-defer "^1.0.0"
+
 map-obj@^1.0.0:
   version "1.0.1"
   resolved "https://registry.npmjs.org/map-obj/-/map-obj-1.0.1.tgz"
@@ -6120,6 +6695,14 @@ media-typer@0.3.0:
   resolved "https://registry.npmjs.org/media-typer/-/media-typer-0.3.0.tgz"
   integrity sha1-hxDXrwqmJvj/+hzgAWhUUmMlV0g=
 
+mem@^8.0.0:
+  version "8.1.1"
+  resolved "https://registry.yarnpkg.com/mem/-/mem-8.1.1.tgz#cf118b357c65ab7b7e0817bdf00c8062297c0122"
+  integrity sha512-qFCFUDs7U3b8mBDPyz5EToEKoAkgCzqquIgi9nkkR9bixxOVOre+09lbuH7+9Kn2NFpm56M3GUWVbU2hQgdACA==
+  dependencies:
+    map-age-cleaner "^0.1.3"
+    mimic-fn "^3.1.0"
+
 memfs@^3.4.0:
   version "3.4.12"
   resolved "https://registry.npmjs.org/memfs/-/memfs-3.4.12.tgz"
@@ -6172,7 +6755,7 @@ merge2@^1.3.0, merge2@^1.4.1:
   resolved "https://registry.npmjs.org/merge2/-/merge2-1.4.1.tgz"
   integrity sha512-8q7VEgMJW4J8tcfVPy8g09NcQwZdbwFEqhe/WZkoIzjn/3TGDwtOCYtXGxA3O8tPzpczCCDgv+P2P5y00ZJOOg==
 
-micromatch@^4.0.4, micromatch@^4.0.8:
+micromatch@^4.0.2, micromatch@^4.0.4, micromatch@^4.0.8:
   version "4.0.8"
   resolved "https://registry.npmjs.org/micromatch/-/micromatch-4.0.8.tgz"
   integrity sha512-PXwfBhYu0hBCPw8Dn0E+WDYb7af3dSLVWKi3HGv84IdF4TyFoC0ysxFd0Goxw7nSv4T/PzEJQxsYsEiFCKo2BA==
@@ -6202,6 +6785,21 @@ mimic-fn@^2.1.0:
   resolved "https://registry.npmjs.org/mimic-fn/-/mimic-fn-2.1.0.tgz"
   integrity sha512-OqbOk5oEQeAZ8WXWydlu9HJjz9WVdEIvamMCcXmuqUYjTknH/sqsWvhQ3vgwKFRR1HpjvNBKQ37nbJgYzGqGcg==
 
+mimic-fn@^3.1.0:
+  version "3.1.0"
+  resolved "https://registry.yarnpkg.com/mimic-fn/-/mimic-fn-3.1.0.tgz#65755145bbf3e36954b949c16450427451d5ca74"
+  integrity sha512-Ysbi9uYW9hFyfrThdDEQuykN4Ey6BuwPD2kpI5ES/nFTDn/98yxYNLZJcgUAKPT/mcrLLKaGzJR9YVxJrIdASQ==
+
+mimic-response@^1.0.0:
+  version "1.0.1"
+  resolved "https://registry.yarnpkg.com/mimic-response/-/mimic-response-1.0.1.tgz#4923538878eef42063cb8a3e3b0798781487ab1b"
+  integrity sha512-j5EctnkH7amfV/q5Hgmoal1g2QHFJRraOtmx0JpIqkxhBhI/lJSl1nMpQ45hVarwNETOoWEimndZ4QK0RHxuxQ==
+
+mimic-response@^3.1.0:
+  version "3.1.0"
+  resolved "https://registry.yarnpkg.com/mimic-response/-/mimic-response-3.1.0.tgz#2d1d59af9c1b129815accc2c46a022a5ce1fa3c9"
+  integrity sha512-z0yWI+4FDrrweS8Zmt4Ej5HdJmky15+L2e6Wgn3+iK5fWzb6T3fhNFq2+MeTRb064c6Wr4N/wv0DzQTjNzHNGQ==
+
 min-indent@^1.0.0:
   version "1.0.1"
   resolved "https://registry.npmjs.org/min-indent/-/min-indent-1.0.1.tgz"
@@ -6332,6 +6930,11 @@ minipass@^5.0.0:
   resolved "https://registry.npmjs.org/minipass/-/minipass-7.1.2.tgz"
   integrity sha512-qOOzS1cBTWYF4BH8fVePDBOO9iptMnGUEZwNc/cMWnTV2nVLZ7VoNWEPHkYczZA0pdoA7dl6e7FL659nX9S2aw==
 
+minipass@^7.0.4, minipass@^7.1.2:
+  version "7.1.3"
+  resolved "https://registry.yarnpkg.com/minipass/-/minipass-7.1.3.tgz#79389b4eb1bb2d003a9bba87d492f2bd37bdc65b"
+  integrity sha512-tEBHqDnIoM/1rXME1zgka9g6Q2lcoCkxHLuc7ODJ5BxbP5d4c2Z5cGgtXAku59200Cx7diuHTOYfSBD8n6mm8A==
+
 minizlib@^2.1.1, minizlib@^2.1.2:
   version "2.1.2"
   resolved "https://registry.npmjs.org/minizlib/-/minizlib-2.1.2.tgz"
@@ -6340,6 +6943,13 @@ minizlib@^2.1.1, minizlib@^2.1.2:
     minipass "^3.0.0"
     yallist "^4.0.0"
 
+minizlib@^3.1.0:
+  version "3.1.0"
+  resolved "https://registry.yarnpkg.com/minizlib/-/minizlib-3.1.0.tgz#6ad76c3a8f10227c9b51d1c9ac8e30b27f5a251c"
+  integrity sha512-KZxYo1BUkWD2TVFLr0MQoM8vUUigWD3LlD83a/75BqC+4qE0Hb1Vo5v1FgcfaNXvfXzr+5EhQ6ing/CaBijTlw==
+  dependencies:
+    minipass "^7.1.2"
+
 mkdirp-infer-owner@^2.0.0:
   version "2.0.0"
   resolved "https://registry.npmjs.org/mkdirp-infer-owner/-/mkdirp-infer-owner-2.0.0.tgz"
@@ -6509,6 +7119,11 @@ normalize-path@^3.0.0, normalize-path@~3.0.0:
   resolved "https://registry.npmjs.org/normalize-path/-/normalize-path-3.0.0.tgz"
   integrity sha512-6eZs5Ls3WtCisHWp9S2GUy8dqkpGi4BVSz3GaqiE6ezub0512ESztXUwUB6C6IKbQkY2Pnb/mD4WYojCRwcwLA==
 
+normalize-url@^6.0.1:
+  version "6.1.0"
+  resolved "https://registry.yarnpkg.com/normalize-url/-/normalize-url-6.1.0.tgz#40d0885b535deffe3f3147bec877d05fe4c5668a"
+  integrity sha512-DlL+XwOy3NxAQ8xuC0okPgK46iuVNAK01YN7RueYBqqFeGsBjV9XmCAzAdgt+667bCl5kPh9EqKKDwnaPG1I7A==
+
 npm-bundled@^1.1.1:
   version "1.1.1"
   resolved "https://registry.npmjs.org/npm-bundled/-/npm-bundled-1.1.1.tgz"
@@ -6696,6 +7311,11 @@ object-assign@^4:
   resolved "https://registry.npmjs.org/object-assign/-/object-assign-4.1.1.tgz"
   integrity sha1-IQmtx5ZYh8/AXLvUQsrIv7s2CGM=
 
+object-hash@^3.0.0:
+  version "3.0.0"
+  resolved "https://registry.yarnpkg.com/object-hash/-/object-hash-3.0.0.tgz#73f97f753e7baffc0e2cc9d6e079079744ac82e9"
+  integrity sha512-RSn9F68PjH9HqtltsSnqYC1XXoWe9Bju5+213R98cNGttag9q9yAOTzdbsqvIa7aNm5WffBZFpWYr2aWrklWAw==
+
 object-inspect@^1.13.1, object-inspect@^1.9.0:
   version "1.13.1"
   resolved "https://registry.npmjs.org/object-inspect/-/object-inspect-1.13.1.tgz"
@@ -6813,6 +7433,16 @@ os-tmpdir@~1.0.2:
   resolved "https://registry.npmjs.org/os-tmpdir/-/os-tmpdir-1.0.2.tgz"
   integrity sha1-u+Z0BseaqFxc/sdm/lc0VV36EnQ=
 
+p-cancelable@^2.0.0:
+  version "2.1.1"
+  resolved "https://registry.yarnpkg.com/p-cancelable/-/p-cancelable-2.1.1.tgz#aab7fbd416582fa32a3db49859c122487c5ed2cf"
+  integrity sha512-BZOr3nRQHOntUjTrH8+Lh54smKHoHyur8We1V8DSMVrl5A2malOOwuJRnKRDjSnkoeBh4at6BwEnb5I7Jl31wg==
+
+p-defer@^1.0.0:
+  version "1.0.0"
+  resolved "https://registry.yarnpkg.com/p-defer/-/p-defer-1.0.0.tgz#9f6eb182f6c9aa8cd743004a7d4f96b196b0fb0c"
+  integrity sha512-wB3wfAxZpk2AzOfUMJNL+d36xothRSyj8EXOa4f6GMqYDN9BJaaSISbsk+wS9abmnebVw95C2Kb5t85UmpCxuw==
+
 p-finally@^1.0.0:
   version "1.0.0"
   resolved "https://registry.npmjs.org/p-finally/-/p-finally-1.0.0.tgz"
@@ -6946,6 +7576,11 @@ package-hash@^4.0.0:
     lodash.flattendeep "^4.4.0"
     release-zalgo "^1.0.0"
 
+packageurl-js@2.0.1:
+  version "2.0.1"
+  resolved "https://registry.yarnpkg.com/packageurl-js/-/packageurl-js-2.0.1.tgz#a8fa43a64971b5dd0dca5fb904b950a6cc317a6f"
+  integrity sha512-N5ixXjzTy4QDQH0Q9YFjqIWd6zH6936Djpl2m9QNFmDv5Fum8q8BjkpAcHNMzOFE0IwQrFhJWex3AN6kS0OSwg==
+
 pacote@^13.0.3, pacote@^13.6.1:
   version "13.6.1"
   resolved "https://registry.npmjs.org/pacote/-/pacote-13.6.1.tgz"
@@ -7305,6 +7940,11 @@ quick-lru@^4.0.1:
   resolved "https://registry.npmjs.org/quick-lru/-/quick-lru-4.0.1.tgz"
   integrity sha512-ARhCpm70fzdcvNQfPoy49IaanKkTlRWF2JMzqhcJbhSFRZv7nPTvZJdcY7301IPmvW+/p0RgIWnQDLJxifsQ7g==
 
+quick-lru@^5.1.1:
+  version "5.1.1"
+  resolved "https://registry.yarnpkg.com/quick-lru/-/quick-lru-5.1.1.tgz#366493e6b3e42a3a6885e2e99d18f80fb7a8c932"
+  integrity sha512-WuyALRjWPDGtt/wzJiadO5AXY+8hZ80hVpe6MyivgraREW751X3SbhRvG3eLKOYN+8VEvqLcf3wdnt44Z4S4SA==
+
 range-parser@^1.2.1:
   version "1.2.1"
   resolved "https://registry.npmjs.org/range-parser/-/range-parser-1.2.1.tgz"
@@ -7528,6 +8168,11 @@ reselect@^4.1.7:
   resolved "https://registry.npmjs.org/reselect/-/reselect-4.1.8.tgz"
   integrity sha512-ab9EmR80F/zQTMNeneUr4cv+jSwPJgIlvEmVwLerwrWVbpLlBuls9XHzIeTFy4cegU2NHBp3va0LKOzU5qFEYQ==
 
+resolve-alpn@^1.0.0:
+  version "1.2.1"
+  resolved "https://registry.yarnpkg.com/resolve-alpn/-/resolve-alpn-1.2.1.tgz#b7adbdac3546aaaec20b45e7d8265927072726f9"
+  integrity sha512-0a1F4l73/ZFZOakJnQ3FvkJ2+gSTQWz/r2KE5OdDY0TxPm5h4GkqkWWfM47T7HsbnOtcJVEF4epCVy6u7Q3K+g==
+
 resolve-cwd@^3.0.0:
   version "3.0.0"
   resolved "https://registry.npmjs.org/resolve-cwd/-/resolve-cwd-3.0.0.tgz"
@@ -7554,6 +8199,13 @@ resolve@^1.10.0, resolve@^1.10.1, resolve@^1.14.2, resolve@^1.17.0, resolve@^1.2
     path-parse "^1.0.7"
     supports-preserve-symlinks-flag "^1.0.0"
 
+responselike@^2.0.0:
+  version "2.0.1"
+  resolved "https://registry.yarnpkg.com/responselike/-/responselike-2.0.1.tgz#9a0bc8fdc252f3fb1cca68b016591059ba1422bc"
+  integrity sha512-4gl03wn3hj1HP3yzgdI7d3lCkF95F21Pz4BPGvKHinyQzALR5CapwC8yIi0Rh58DEMQ/SguC03wFj2k0M/mHhw==
+  dependencies:
+    lowercase-keys "^2.0.0"
+
 restore-cursor@^3.1.0:
   version "3.1.0"
   resolved "https://registry.npmjs.org/restore-cursor/-/restore-cursor-3.1.0.tgz"
@@ -7572,6 +8224,11 @@ reusify@^1.0.4:
   resolved "https://registry.npmjs.org/reusify/-/reusify-1.0.4.tgz"
   integrity sha512-U9nH88a3fc/ekCF1l0/UP1IosiuIjyTh7hBvXVMHYgVcfGvt897Xguj2UOLDeI5BG2m7/uwyaLVT6fbtCwTyzw==
 
+rfc4648@^1.5.1:
+  version "1.5.4"
+  resolved "https://registry.yarnpkg.com/rfc4648/-/rfc4648-1.5.4.tgz#1174c0afba72423a0b70c386ecfeb80aa61b05ca"
+  integrity sha512-rRg/6Lb+IGfJqO05HZkN50UtY7K/JhxJag1kP23+zyMfrvoB0B7RWv06MbOzoc79RgCdNTiUaNsTT1AJZ7Z+cg==
+
 rfdc@^1.3.0:
   version "1.3.0"
   resolved "https://registry.npmjs.org/rfdc/-/rfdc-1.3.0.tgz"
@@ -7666,6 +8323,11 @@ semver@^7.0.0, semver@^7.1.1, semver@^7.2.1, semver@^7.3.2, semver@^7.3.4, semve
   resolved "https://registry.npmjs.org/semver/-/semver-7.6.3.tgz"
   integrity sha512-oVekP1cKtI+CTDvHWYFUcMtsK/00wmAEfyqKfNdARm8u1wNVhSgaX7A8d4UuIlUI5e84iEwOhs7ZPYRmzU9U6A==
 
+semver@^7.1.2, semver@^7.3.8, semver@^7.6.0:
+  version "7.8.0"
+  resolved "https://registry.yarnpkg.com/semver/-/semver-7.8.0.tgz#ed0661039fcbcda2ce71f01fa6adbefaa77040df"
+  integrity sha512-AcM7dV/5ul4EekoQ29Agm5vri8JNqRyj39o0qpX6vDF2GZrtutZl5RwgD1XnZjiTAfncsJhMI48QQH3sN87YNA==
+
 set-blocking@^2.0.0:
   version "2.0.0"
   resolved "https://registry.npmjs.org/set-blocking/-/set-blocking-2.0.0.tgz"
@@ -7770,6 +8432,40 @@ smart-buffer@^4.2.0:
   resolved "https://registry.npmjs.org/smart-buffer/-/smart-buffer-4.2.0.tgz"
   integrity sha512-94hK0Hh8rPqQl2xXc3HsaBoOXKV20MToPkcXvwbISWLEs+64sBq5kFgn2kJDHb1Pry9yrP0dxrCI9RRci7RXKg==
 
+snyk-config@^5.2.0:
+  version "5.3.0"
+  resolved "https://registry.yarnpkg.com/snyk-config/-/snyk-config-5.3.0.tgz#5ea906ad1c9c6151dd87c4e523c1d9659f5cf0e3"
+  integrity sha512-YPxhYZXBXgnYdvovwlKf5JYcOp+nxB7lel3tWLarYqZ4hwxN118FodIFb8nSqMrepsPdyOaQYKKnrTYqvQeaJA==
+  dependencies:
+    async "^3.2.2"
+    debug "^4.3.4"
+    lodash.merge "^4.6.2"
+    minimist "^1.2.6"
+
+snyk-nodejs-lockfile-parser@2.7.1:
+  version "2.7.1"
+  resolved "https://registry.yarnpkg.com/snyk-nodejs-lockfile-parser/-/snyk-nodejs-lockfile-parser-2.7.1.tgz#e175501c9691f70c6a32b590956e680ce0c0048b"
+  integrity sha512-ViG434ZhiWXRtAEXVS2yjkHKz6Yk1lj9FxyMYWjRDZN/VplvrTGhkI/6BISgKotkR9h+QPsmVHiwWdoeVoqRog==
+  dependencies:
+    "@snyk/dep-graph" "^2.12.0"
+    "@snyk/error-catalog-nodejs-public" "^5.16.0"
+    "@snyk/graphlib" "2.1.9-patch.3"
+    "@yarnpkg/core" "^4.4.1"
+    "@yarnpkg/lockfile" "^1.1.0"
+    dependency-path "^9.2.8"
+    event-loop-spinner "^2.0.0"
+    js-yaml "^4.1.0"
+    lodash.clonedeep "^4.5.0"
+    lodash.flatmap "^4.5.0"
+    lodash.isempty "^4.4.0"
+    lodash.topairs "^4.3.0"
+    micromatch "^4.0.8"
+    p-map "^4.0.0"
+    semver "^7.6.0"
+    snyk-config "^5.2.0"
+    tslib "^1.9.3"
+    uuid "^8.3.0"
+
 socket.io-adapter@~2.5.2:
   version "2.5.5"
   resolved "https://registry.npmjs.org/socket.io-adapter/-/socket.io-adapter-2.5.5.tgz"
@@ -7944,6 +8640,18 @@ statuses@~1.5.0:
   resolved "https://registry.npmjs.org/statuses/-/statuses-1.5.0.tgz"
   integrity sha1-Fhx9rBd2Wf2YEfQ3cfqZOBR4Yow=
 
+stream-chain@^2.2.5:
+  version "2.2.5"
+  resolved "https://registry.yarnpkg.com/stream-chain/-/stream-chain-2.2.5.tgz#b30967e8f14ee033c5b9a19bbe8a2cba90ba0d09"
+  integrity sha512-1TJmBx6aSWqZ4tx7aTpBDXK0/e2hhcNSTV8+CbFJtDjbb+I1mZ8lHit0Grw9GRT+6JbIrrDd8esncgBi8aBXGA==
+
+stream-json@^1.8.0:
+  version "1.9.1"
+  resolved "https://registry.yarnpkg.com/stream-json/-/stream-json-1.9.1.tgz#e3fec03e984a503718946c170db7d74556c2a187"
+  integrity sha512-uWkjJ+2Nt/LO9Z/JyKZbMusL8Dkh97uUBTv3AJQ74y07lVahLY4eEFsPsE97pxYBwr8nnjMAIch5eqI0gPShyw==
+  dependencies:
+    stream-chain "^2.2.5"
+
 streamroller@^3.0.2:
   version "3.0.2"
   resolved "https://registry.npmjs.org/streamroller/-/streamroller-3.0.2.tgz"
@@ -8147,6 +8855,17 @@ tar@^6.1.0, tar@^6.1.11, tar@^6.1.2:
     mkdirp "^1.0.3"
     yallist "^4.0.0"
 
+tar@^7.5.3:
+  version "7.5.15"
+  resolved "https://registry.yarnpkg.com/tar/-/tar-7.5.15.tgz#afe6d1316cddf614a566e3813e42fe01aed46fee"
+  integrity sha512-dzGK0boVlC4W5QFuQN1EFSl3bIDYsk7Tj40U6eIBnK2k/8ml7TZ5agbI5j5+qnoVcAA+rNtBml8SEiLxZpNqRQ==
+  dependencies:
+    "@isaacs/fs-minipass" "^4.0.0"
+    chownr "^3.0.0"
+    minipass "^7.1.2"
+    minizlib "^3.1.0"
+    yallist "^5.0.0"
+
 temp-dir@^1.0.0:
   version "1.0.0"
   resolved "https://registry.npmjs.org/temp-dir/-/temp-dir-1.0.0.tgz"
@@ -8191,6 +8910,11 @@ through@2, "through@>=2.2.7 <3", through@^2.3.4, through@^2.3.6:
   resolved "https://registry.npmjs.org/through/-/through-2.3.8.tgz"
   integrity sha1-DdTJ/6q8NXlgsbckEV1+Doai4fU=
 
+tinylogic@^2.0.0:
+  version "2.0.0"
+  resolved "https://registry.yarnpkg.com/tinylogic/-/tinylogic-2.0.0.tgz#0d2409c492b54c0663082ac1e3f16be64497bb47"
+  integrity sha512-dljTkiLLITtsjqBvTA1MRZQK/sGP4kI3UJKc3yA9fMzYbMF2RhcN04SeROVqJBIYYOoJMM8u0WDnhFwMSFQotw==
+
 tmp@^0.0.33:
   version "0.0.33"
   resolved "https://registry.npmjs.org/tmp/-/tmp-0.0.33.tgz"
@@ -8227,6 +8951,11 @@ tr46@~0.0.3:
   resolved "https://registry.npmjs.org/tr46/-/tr46-0.0.3.tgz"
   integrity sha1-gYT9NH2snNwYWZLzpmIuFLnZq2o=
 
+treeify@^1.1.0:
+  version "1.1.0"
+  resolved "https://registry.yarnpkg.com/treeify/-/treeify-1.1.0.tgz#4e31c6a463accd0943879f30667c4fdaff411bb8"
+  integrity sha512-1m4RA7xVAJrSGrrXGs0L3YTwyvBs2S8PbRHaLZAkFw7JR8oIFwYtysxlBZhYIa7xSyiYJKZ3iGrrk55cGA3i9A==
+
 treeverse@^2.0.0:
   version "2.0.0"
   resolved "https://registry.npmjs.org/treeverse/-/treeverse-2.0.0.tgz"
@@ -8265,11 +8994,21 @@ tsd@^0.31.2:
     path-exists "^4.0.0"
     read-pkg-up "^7.0.0"
 
-tslib@^2.0.1, tslib@^2.1.0, tslib@^2.3.0, tslib@^2.4.0, tslib@^2.8.1:
+tslib@^1.9.3:
+  version "1.14.1"
+  resolved "https://registry.yarnpkg.com/tslib/-/tslib-1.14.1.tgz#cf2d38bdc34a134bcaf1091c41f6619e2f672d00"
+  integrity sha512-Xni35NKzjgMrwevysHTCArtLDpPvye8zV/0E4EyYn43P7/7qvQwPh9BGkHewbMulVntbigmcT7rdX3BNo9wRJg==
+
+tslib@^2, tslib@^2.0.1, tslib@^2.1.0, tslib@^2.3.0, tslib@^2.4.0, tslib@^2.6.3, tslib@^2.8.1:
   version "2.8.1"
   resolved "https://registry.npmjs.org/tslib/-/tslib-2.8.1.tgz"
   integrity sha512-oJFu94HQb+KVduSUQL7wnpmqnfmLsOA/nAh6b6EH0wCEoK0/mPeXU6c3wKDV83MkOuHPRHtSXKKU99IBazS/2w==
 
+typanion@^3.8.0:
+  version "3.14.0"
+  resolved "https://registry.yarnpkg.com/typanion/-/typanion-3.14.0.tgz#a766a91810ce8258033975733e836c43a2929b94"
+  integrity sha512-ZW/lVMRabETuYCd9O9ZvMhAh8GslSqaUjxmK/JLPCh6l73CvLBiuXswj/+7LdnWOgYsQ130FqLzFz5aGT4I3Ug==
+
 type-check@^0.4.0, type-check@~0.4.0:
   version "0.4.0"
   resolved "https://registry.npmjs.org/type-check/-/type-check-0.4.0.tgz"
@@ -8483,12 +9222,17 @@ utils-merge@1.0.1:
   resolved "https://registry.npmjs.org/utils-merge/-/utils-merge-1.0.1.tgz"
   integrity sha1-n5VxD1CiZ5R7LMwSR0HBAoQn5xM=
 
+uuid@^11.1.0:
+  version "11.1.1"
+  resolved "https://registry.yarnpkg.com/uuid/-/uuid-11.1.1.tgz#f6d81d2e1c65d00762e5e29b16c5d2d995e208ad"
+  integrity sha512-vIYxrBCC/N/K+Js3qSN88go7kIfNPssr/hHCesKCQNAjmgvYS2oqr69kIufEG+O4+PfezOH4EbIeHCfFov8ZgQ==
+
 uuid@^3.3.3:
   version "3.4.0"
   resolved "https://registry.npmjs.org/uuid/-/uuid-3.4.0.tgz"
   integrity sha512-HjSDRw6gZE5JMggctHBcjVak08+KEVhSIiDzFnT9S9aegmp85S/bReBVTb4QTFaRNptJ9kuYaNhnbNEOkbKb/A==
 
-uuid@^8.3.2:
+uuid@^8.3.0, uuid@^8.3.2:
   version "8.3.2"
   resolved "https://registry.npmjs.org/uuid/-/uuid-8.3.2.tgz"
   integrity sha512-+NYs2QeMWy+GWFOEm9xnn6HCDp0l7QBD7ml8zLUmJ+93Q5NF0NocErnwkTkXVFNiX3/fpC6afS8Dhb/gz7R7eg==
@@ -8743,6 +9487,11 @@ yallist@^4.0.0:
   resolved "https://registry.npmjs.org/yallist/-/yallist-4.0.0.tgz"
   integrity sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==
 
+yallist@^5.0.0:
+  version "5.0.0"
+  resolved "https://registry.yarnpkg.com/yallist/-/yallist-5.0.0.tgz#00e2de443639ed0d78fd87de0d27469fbcffb533"
+  integrity sha512-YgvUTfwqyc7UXVMrB+SImsVYSmTS8X/tSrtdNZMImM+n7+QTriRXyXim0mBrTXNeqzVF0KWGgHPeiyViFFrNDw==
+
 yaml@^1.10.0:
   version "1.10.2"
   resolved "https://registry.npmjs.org/yaml/-/yaml-1.10.2.tgz"