stacksjs
diff --git a/‎README.md‎
Lines changed: 20 additions & 7 deletions b/‎README.md‎
Lines changed: 20 additions & 7 deletions
diff --git a/‎src/pr/pr-generator.ts‎
Lines changed: 67 additions & 0 deletions b/‎src/pr/pr-generator.ts‎
Lines changed: 67 additions & 0 deletions
diff --git a/‎src/scanner/package-scanner.ts‎
Lines changed: 49 additions & 0 deletions b/‎src/scanner/package-scanner.ts‎
Lines changed: 49 additions & 0 deletions
diff --git a/‎src/types.ts‎
Lines changed: 5 additions & 3 deletions b/‎src/types.ts‎
Lines changed: 5 additions & 3 deletions
@@ -8,9 +8,9 @@
 
 # 🐶 Buddy Bot
 
-> The fastest, most intelligent dependency management bot for modern JavaScript and TypeScript projects _(and PHP)_.
+> The fastest, most intelligent dependency management bot for modern JavaScript and TypeScript projects _(and PHP, Zig)_.
 
-Buddy Bot is a lightning-fast alternative to Dependabot and Renovate, purpose-built for modern JavaScript, TypeScript, and PHP ecosystems. It intelligently scans your projects, detects outdated & deprecated dependencies across multiple package managers, and creates beautifully formatted pull requests with comprehensive changelogs and metadata.
+Buddy Bot is a lightning-fast alternative to Dependabot and Renovate, purpose-built for modern JavaScript, TypeScript, PHP, and Zig ecosystems. It intelligently scans your projects, detects outdated & deprecated dependencies across multiple package managers, and creates beautifully formatted pull requests with comprehensive changelogs and metadata.
 
 ![Buddy Bot Pull Request Example](.github/art/screenshot.png)
 
@@ -24,9 +24,10 @@ Buddy Bot is a lightning-fast alternative to Dependabot and Renovate, purpose-bu
 
 ### 📦 **Universal Package Support**
 
-- **Multi-Package Manager**: _Full support for Bun, npm, yarn, pnpm, Composer, pkgx & Launchpad_
+- **Multi-Package Manager**: _Full support for Bun, npm, yarn, pnpm, Composer, Zig, pkgx & Launchpad_
 - **GitHub Actions**: _Automatically updates workflow dependencies (`actions/checkout@v4`, etc.)_
 - **Docker Images**: _Detects and updates Dockerfile base images and versions_
+- **Zig Dependencies**: _Manages build.zig.zon dependencies with URL and hash tracking_
 - **Lock File Awareness**: _Respects and updates all lock file formats_
 
 ### 🎯 **Smart Dependency Management**
@@ -45,7 +46,7 @@ Buddy Bot is a lightning-fast alternative to Dependabot and Renovate, purpose-bu
 
 ### 🎨 **Beautiful Pull Requests**
 
-- **Multi-Format Tables**: _Separate sections for npm, PHP/Composer, pkgx/Launchpad, and GitHub Actions_
+- **Multi-Format Tables**: _Separate sections for npm, PHP/Composer, Zig, pkgx/Launchpad, and GitHub Actions_
 - **Rich Metadata**: _Confidence badges, adoption metrics, age indicators, and download stats_
 - **Detailed Changelogs**: _Automatic release notes and breaking change detection_
 - **Professional Formatting**: _Clean, readable PR descriptions with proper categorization_
@@ -561,6 +562,7 @@ For the rebase functionality to update GitHub Actions workflow files, you need p
 - ✅ **package.json** - npm/yarn/pnpm dependencies
 - ✅ **Lock files** - package-lock.json, yarn.lock, pnpm-lock.yaml, bun.lockb
 - ✅ **Dependency files** - deps.yaml, dependencies.yaml, pkgx.yaml
+- ✅ **Zig manifests** - build.zig.zon with URL and hash updates
 - ✅ **GitHub Actions** - workflow files (with proper permissions)
 - ✅ **PR content** - Updated title, body, and metadata
 
@@ -643,6 +645,7 @@ Buddy automatically detects and updates the following dependency file formats:
 - **package.json** - Traditional npm dependencies
 - **composer.json** - PHP dependencies from Packagist
 - **composer.lock** - PHP lock file with exact versions
+- **build.zig.zon** - Zig package manager dependencies with URL and hash tracking
 - **deps.yaml** / **deps.yml** - Launchpad/pkgx dependency declarations
 - **dependencies.yaml** / **dependencies.yml** - Alternative dependency file format
 - **pkgx.yaml** / **pkgx.yml** - pkgx-specific dependency files
@@ -657,7 +660,7 @@ All dependency files are parsed using the `ts-pkgx` library to ensure compatibil
 
 ### Pull Request Format
 
-Buddy generates comprehensive pull requests with **three separate dependency tables**:
+Buddy generates comprehensive pull requests with **separate dependency tables** for each ecosystem:
 
 #### 1. npm Dependencies
 
@@ -680,7 +683,17 @@ Focused table for PHP packages from Packagist:
 | phpunit/phpunit | ^10.0.0 → ^10.3.0 | composer.json | ✅ Available |
 ```
 
-#### 3. Launchpad/pkgx Dependencies
+#### 3. Zig Dependencies
+
+Focused table for Zig packages with repository links and update types:
+
+```
+| Package | Change | Type | File |
+|---------|--------|------|------|
+| httpz | 0.5.0 → 0.6.0 | 🟡 minor | build.zig.zon |
+```
+
+#### 4. Launchpad/pkgx Dependencies
 
 Simplified table focusing on package updates and file locations:
 
@@ -690,7 +703,7 @@ Simplified table focusing on package updates and file locations:
 | bun.com | ^1.2.16 → ^1.2.19 | deps.yaml | ✅ Available |
 ```
 
-#### 4. GitHub Actions
+#### 5. GitHub Actions
 
 Workflow automation updates with direct links to repositories:
 
 
@@ -84,6 +84,10 @@ export class PullRequestGenerator {
       u.file.endsWith('composer.json') || u.file.endsWith('composer.lock'),
     ).length
 
+    const zigCount = group.updates.filter(u =>
+      u.file.endsWith('build.zig.zon'),
+    ).length
+
     const systemCount = group.updates.filter(u =>
       (u.file.includes('.yaml') || u.file.includes('.yml')) && !u.file.includes('.github/workflows/'),
     ).length
@@ -97,6 +101,8 @@ export class PullRequestGenerator {
       labels.push('npm')
     if (composerCount > 0)
       labels.push('composer')
+    if (zigCount > 0)
+      labels.push('zig')
     if (systemCount > 0)
       labels.push('system')
     if (actionsCount > 0)
@@ -171,6 +177,9 @@ export class PullRequestGenerator {
     const composerCount = group.updates.filter(u =>
       u.file.endsWith('composer.json') || u.file.endsWith('composer.lock'),
     ).length
+    const zigCount = group.updates.filter(u =>
+      u.file.endsWith('build.zig.zon'),
+    ).length
 
     this.log('📊 Package type counts', {
       packageJsonCount,
@@ -210,6 +219,8 @@ export class PullRequestGenerator {
         body += `| 🚀 GitHub Actions | ${githubActionsCount} |\n`
       if (composerCount > 0)
         body += `| 🐘 Composer Packages | ${composerCount} |\n`
+      if (zigCount > 0)
+        body += `| ⚡ Zig Packages | ${zigCount} |\n`
       body += `| **Total** | **${group.updates.length}** |\n\n`
     }
 
@@ -220,6 +231,9 @@ export class PullRequestGenerator {
     const composerUpdates = group.updates.filter(update =>
       update.file.endsWith('composer.json') || update.file.endsWith('composer.lock'),
     )
+    const zigUpdates = group.updates.filter(update =>
+      update.file.endsWith('build.zig.zon'),
+    )
     const dependencyFileUpdates = group.updates.filter(update =>
       update.file.includes('.yaml') || update.file.includes('.yml'),
     ).filter(update => !update.file.includes('.github/workflows/'))
@@ -425,6 +439,59 @@ export class PullRequestGenerator {
       body += `\n`
     }
 
+    // Zig dependencies table
+    if (zigUpdates.length > 0) {
+      // Only show section header for multi-package updates or when there are multiple package types
+      if (isMultiPackageUpdate || zigCount < group.updates.length) {
+        body += `## ⚡ Zig Dependencies\n\n`
+      }
+
+      body += `![zig](https://img.shields.io/badge/Zig-F7A41D?style=flat&logo=zig&logoColor=white)\n\n`
+
+      // Only show count text for multi-package updates
+      if (zigUpdates.length > 1) {
+        body += `*${zigUpdates.length} packages will be updated*\n\n`
+      }
+
+      body += `| Package | Change | Type | File |\n`
+      body += `|---|---|---|---|\n`
+
+      for (const update of zigUpdates) {
+        // Generate package link from metadata if available
+        let packageCell: string
+        const metadata = (update as any).metadata
+        if (metadata?.url) {
+          // Extract repository URL from tarball URL
+          const repoMatch = metadata.url.match(/https?:\/\/github\.com\/([^\/]+\/[^\/]+)/)
+          if (repoMatch) {
+            const repoUrl = `https://github.com/${repoMatch[1]}`
+            packageCell = `[${update.name}](${repoUrl})`
+          }
+          else {
+            packageCell = update.name
+          }
+        }
+        else {
+          packageCell = update.name
+        }
+
+        // Enhanced version change display
+        const updateType = getUpdateType(update.currentVersion, update.newVersion)
+        const typeEmoji = updateType === 'major' ? '🔴' : updateType === 'minor' ? '🟡' : '🟢'
+        const change = this.formatVersionChange(update.currentVersion, update.newVersion)
+
+        // File reference
+        const fileName = update.file.split('/').pop() || update.file
+        const fileCell = this.config?.repository?.owner && this.config?.repository?.name
+          ? `[\`${fileName}\`](https://github.com/${this.config.repository.owner}/${this.config.repository.name}/blob/main/${update.file})`
+          : `\`${fileName}\``
+
+        body += `| ${packageCell} | ${change} | ${typeEmoji} ${updateType} | ${fileCell} |\n`
+      }
+
+      body += `\n`
+    }
+
     // Dependency files table (enhanced with more information)
     if (dependencyFileUpdates.length > 0) {
       // Only show section header for multi-package updates or when there are multiple package types
 
@@ -10,6 +10,7 @@ import { BuddyError } from '../types'
 import { isDependencyFile, parseDependencyFile as parseDepFile } from '../utils/dependency-file-parser'
 import { isDockerfile, parseDockerfile as parseDockerfileUtil } from '../utils/dockerfile-parser'
 import { isGitHubActionsFile, parseGitHubActionsFile } from '../utils/github-actions-parser'
+import { isZigManifest, parseZigManifest } from '../utils/zig-parser'
 
 export class PackageScanner {
   private ignoreGlobs: Glob[] = []
@@ -110,6 +111,20 @@ export class PackageScanner {
         }
       }
 
+      // Look for Zig manifest files (build.zig.zon)
+      const zigManifests = await this.findZigManifests()
+      this.logger.info(`🔍 Found ${zigManifests.length} Zig manifest(s): ${zigManifests.join(', ')}`)
+      for (const filePath of zigManifests) {
+        if (this.shouldIgnorePath(filePath)) {
+          continue
+        }
+        const packageFile = await this.parseZigManifestFile(filePath)
+        if (packageFile) {
+          packageFiles.push(packageFile)
+          this.logger.info(`📦 Parsed Zig manifest: ${filePath} with ${packageFile.dependencies.length} dependencies`)
+        }
+      }
+
       const duration = Date.now() - startTime
       this.logger.success(`Found ${packageFiles.length} package files in ${duration}ms`)
 
@@ -336,6 +351,40 @@ export class PackageScanner {
     }
   }
 
+  /**
+   * Find Zig manifest files (build.zig.zon) in the project
+   */
+  private async findZigManifests(): Promise<string[]> {
+    const zigManifests: string[] = []
+
+    try {
+      // Look for build.zig.zon files
+      const manifestFiles = await this.findFiles('build.zig.zon')
+      zigManifests.push(...manifestFiles)
+    }
+    catch {
+      // Ignore if no Zig manifests exist
+    }
+
+    return zigManifests
+  }
+
+  /**
+   * Parse a Zig manifest file (build.zig.zon)
+   */
+  async parseZigManifestFile(filePath: string): Promise<PackageFile | null> {
+    try {
+      const fullPath = join(this.projectPath, filePath)
+      const content = await readFile(fullPath, 'utf-8')
+      const result = await parseZigManifest(filePath, content)
+      return result
+    }
+    catch (_error) {
+      this.logger.warn(`Failed to parse Zig manifest ${filePath}:`, _error)
+      return null
+    }
+  }
+
   /**
    * Find Composer files in the project
    */
 
@@ -156,7 +156,7 @@ export interface PackageFile {
   /** File path relative to repository root */
   path: string
   /** Type of package file */
-  type: 'package.json' | 'bun.lockb' | 'package-lock.json' | 'yarn.lock' | 'pnpm-lock.yaml' | 'deps.yaml' | 'deps.yml' | 'dependencies.yaml' | 'dependencies.yml' | 'pkgx.yaml' | 'pkgx.yml' | '.deps.yaml' | '.deps.yml' | 'composer.json' | 'composer.lock' | 'github-actions' | 'Dockerfile'
+  type: 'package.json' | 'bun.lockb' | 'package-lock.json' | 'yarn.lock' | 'pnpm-lock.yaml' | 'deps.yaml' | 'deps.yml' | 'dependencies.yaml' | 'dependencies.yml' | 'pkgx.yaml' | 'pkgx.yml' | '.deps.yaml' | '.deps.yml' | 'composer.json' | 'composer.lock' | 'github-actions' | 'Dockerfile' | 'build.zig.zon'
   /** Raw file content */
   content: string
   /** Parsed dependencies */
@@ -169,11 +169,13 @@ export interface Dependency {
   /** Current version or range */
   currentVersion: string
   /** Dependency type */
-  type: 'dependencies' | 'devDependencies' | 'peerDependencies' | 'optionalDependencies' | 'require' | 'require-dev' | 'github-actions' | 'docker-image'
+  type: 'dependencies' | 'devDependencies' | 'peerDependencies' | 'optionalDependencies' | 'require' | 'require-dev' | 'github-actions' | 'docker-image' | 'zig-dependencies'
   /** File where dependency is defined */
   file: string
   /** Line number in file */
   line?: number
+  /** Additional metadata (e.g., URL, hash for Zig dependencies) */
+  metadata?: Record<string, string>
 }
 
 export interface PackageUpdate {
@@ -186,7 +188,7 @@ export interface PackageUpdate {
   /** Update type */
   updateType: 'major' | 'minor' | 'patch'
   /** Dependency type */
-  dependencyType: 'dependencies' | 'devDependencies' | 'peerDependencies' | 'optionalDependencies' | 'require' | 'require-dev' | 'github-actions' | 'docker-image'
+  dependencyType: 'dependencies' | 'devDependencies' | 'peerDependencies' | 'optionalDependencies' | 'require' | 'require-dev' | 'github-actions' | 'docker-image' | 'zig-dependencies'
   /** Source file */
   file: string
   /** Package metadata from registry */