#!/bin/bash
# 🔍 Dependency Validation Script
# Validates dependency integrity, checks for version drift, and security issues

set -euo pipefail

echo "🔍 Validating dependencies..."

# Colors for output
RED='\033[0;31m'
GREEN='\033[0;32m'
YELLOW='\033[1;33m'
NC='\033[0m' # No Color

# Check if pnpm is available
if ! command -v pnpm &> /dev/null; then
    echo -e "${RED}❌ pnpm is not installed${NC}"
    exit 1
fi

# 1. Validate lockfile integrity
echo "📋 Checking lockfile integrity..."
if pnpm install --frozen-lockfile --ignore-scripts; then
    echo -e "${GREEN}✅ Lockfile integrity validated${NC}"
else
    echo -e "${RED}❌ Lockfile integrity check failed${NC}"
    exit 1
fi

# 2. Check for dependency version drift
echo "🔍 Checking for dependency version drift..."
pnpm list --recursive --depth=0 --json > /tmp/deps.json

node -e "
const fs = require('fs');
const deps = JSON.parse(fs.readFileSync('/tmp/deps.json', 'utf8'));
const allDeps = new Map();

deps.forEach(pkg => {
  if (pkg.dependencies) {
    Object.entries(pkg.dependencies).forEach(([name, info]) => {
      const version = info.version;
      if (!allDeps.has(name)) {
        allDeps.set(name, new Set());
      }
      allDeps.get(name).add(\`\${pkg.name}@\${version}\`);
    });
  }
});

let hasDrift = false;
allDeps.forEach((versions, depName) => {
  if (versions.size > 1) {
    console.log(\`❌ Version drift detected for \${depName}:\`);
    versions.forEach(v => console.log(\`  - \${v}\`));
    hasDrift = true;
  }
});

if (hasDrift) {
  console.log('\\n💡 Fix version drift by aligning dependency versions across workspaces.');
  process.exit(1);
} else {
  console.log('✅ No dependency version drift detected.');
}
"

# 3. Security audit
echo "🔒 Running security audit..."
if pnpm audit --audit-level moderate; then
    echo -e "${GREEN}✅ Security audit passed${NC}"
else
    echo -e "${YELLOW}⚠️  Security vulnerabilities found. Review and update dependencies.${NC}"
fi

# 4. Check for outdated dependencies
echo "📅 Checking for outdated dependencies..."
pnpm outdated --recursive || echo -e "${YELLOW}⚠️  Some dependencies are outdated${NC}"

# 5. Validate workspace configuration
echo "⚙️  Validating workspace configuration..."
node -e "
const fs = require('fs');
const path = require('path');

try {
  const rootPkg = JSON.parse(fs.readFileSync('package.json', 'utf8'));
  console.log('✅ Root package.json is valid');
  
  const workspaceConfig = fs.readFileSync('pnpm-workspace.yaml', 'utf8');
  console.log('✅ pnpm-workspace.yaml is readable');
  
  // Check that all workspace packages exist
  const workspaces = ['apps/*', 'packages/*'];
  let allValid = true;
  
  workspaces.forEach(workspace => {
    const workspacePath = workspace.replace('/*', '');
    if (!fs.existsSync(workspacePath)) {
      console.log(\`❌ Workspace path does not exist: \${workspacePath}\`);
      allValid = false;
    }
  });
  
  if (!allValid) {
    process.exit(1);
  }
  
  console.log('✅ All workspace paths are valid');
} catch (error) {
  console.log(\`❌ Workspace validation failed: \${error.message}\`);
  process.exit(1);
}
"

# Cleanup
rm -f /tmp/deps.json

echo -e "${GREEN}🎉 Dependency validation completed successfully!${NC}"