@socketsecurity/cli-with-sentry 0.14.102 → 0.14.103

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (11) hide show
  1. package/dist/instrument-with-sentry.js +2 -2
  2. package/dist/instrument-with-sentry.js.map +1 -1
  3. package/dist/module-sync/cli.js +88 -51
  4. package/dist/module-sync/cli.js.map +1 -1
  5. package/dist/module-sync/shadow-npm-inject.js +2 -2
  6. package/dist/module-sync/shadow-npm-inject.js.map +1 -1
  7. package/dist/require/cli.js +88 -51
  8. package/dist/require/cli.js.map +1 -1
  9. package/dist/require/shadow-npm-inject.js +2 -2
  10. package/dist/require/shadow-npm-inject.js.map +1 -1
  11. package/package.json +1 -1
package/dist/instrument-with-sentry.js CHANGED
@@ -41,7 +41,7 @@ const relConstantsPath = './constants'
41
41
  Sentry.setTag(
42
42
  'version',
43
43
  // The '@rollup/plugin-replace' will replace "process.env['INLINED_SOCKET_CLI_VERSION_HASH']".
44
- '0.14.102:51e000d:4c8b52e6:pub'
44
+ '0.14.103:d303e97:055c3aba:pub'
45
45
  )
46
46
  const constants = require(relConstantsPath)
47
47
  if (constants.ENV.SOCKET_CLI_DEBUG) {
@@ -56,5 +56,5 @@ const relConstantsPath = './constants'
56
56
  } = constants
57
57
  setSentry(Sentry)
58
58
  }
59
- //# debugId=53e9e69e-32ef-4d48-a639-445fc330d92e
59
+ //# debugId=1792fa0d-ceff-4792-b3c3-8926ecb7baa5
60
60
  //# sourceMappingURL=instrument-with-sentry.js.map
package/dist/instrument-with-sentry.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"instrument-with-sentry.js","sources":["../../src/instrument-with-sentry.ts"],"sourcesContent":["// This should ONLY be included in the special Sentry build!\n// Otherwise the Sentry dependency won't even be present in the manifest.\n\nimport { logger } from '@socketsecurity/registry/lib/logger'\n\n// Require constants with require(relConstantsPath) instead of require('./constants')\n// so Rollup doesn't generate a constants2.js chunk.\nconst relConstantsPath = './constants'\n// The '@rollup/plugin-replace' will replace \"process.env['INLINED_SOCKET_CLI_SENTRY_BUILD']\".\nif (process.env['INLINED_SOCKET_CLI_SENTRY_BUILD']) {\n const Sentry = require('@sentry/node')\n Sentry.init({\n onFatalError(error: Error) {\n // Defer module loads until after Sentry.init is called.\n if (require(relConstantsPath).ENV.SOCKET_CLI_DEBUG) {\n logger.fail('[DEBUG] [Sentry onFatalError]:', error)\n }\n },\n dsn: 'https://66736701db8e4ffac046bd09fa6aaced@o555220.ingest.us.sentry.io/4508846967619585',\n enabled: true,\n integrations: []\n })\n Sentry.setTag(\n 'environment',\n // The '@rollup/plugin-replace' will replace \"process.env['INLINED_SOCKET_CLI_PUBLISHED_BUILD']\".\n process.env['INLINED_SOCKET_CLI_PUBLISHED_BUILD']\n ? 'pub'\n : // The NODE_ENV convention is used by apps to define the runtime environment.\n // https://nodejs.org/en/learn/getting-started/nodejs-the-difference-between-development-and-production\n process.env['NODE_ENV']\n )\n Sentry.setTag(\n 'version',\n // The '@rollup/plugin-replace' will replace \"process.env['INLINED_SOCKET_CLI_VERSION_HASH']\".\n process.env['INLINED_SOCKET_CLI_VERSION_HASH']\n )\n const constants = require(relConstantsPath)\n if (constants.ENV.SOCKET_CLI_DEBUG) {\n Sentry.setTag('debugging', true)\n logger.log('[DEBUG] Set up Sentry.')\n } else {\n Sentry.setTag('debugging', false)\n }\n const {\n kInternalsSymbol,\n [kInternalsSymbol as unknown as 'Symbol(kInternalsSymbol)']: { setSentry }\n } = constants\n setSentry(Sentry)\n} else if (require(relConstantsPath).ENV.SOCKET_CLI_DEBUG) {\n logger.log('[DEBUG] Sentry disabled explicitly.')\n}\n"],"names":["logger","dsn","enabled","integrations","process","Sentry","setSentry"],"mappings":";;;;;;;;;;;;;;;AAAA;AACA;;;AAIA;AACA;AACA;AACA;AACoD;AAClD;;;AAGI;;AAEEA;AACF;;AAEFC;AACAC;AACAC;AACF;;AAGE;AACAC;;AAQA;AACAA;AAEF;AACA;AACEC;AACAL;AACF;AACEK;AACF;;;AAGE;AAA+DC;AAAU;AAC3E;;AAEF","debugId":"53e9e69e-32ef-4d48-a639-445fc330d92e"}
1
+ {"version":3,"file":"instrument-with-sentry.js","sources":["../../src/instrument-with-sentry.ts"],"sourcesContent":["// This should ONLY be included in the special Sentry build!\n// Otherwise the Sentry dependency won't even be present in the manifest.\n\nimport { logger } from '@socketsecurity/registry/lib/logger'\n\n// Require constants with require(relConstantsPath) instead of require('./constants')\n// so Rollup doesn't generate a constants2.js chunk.\nconst relConstantsPath = './constants'\n// The '@rollup/plugin-replace' will replace \"process.env['INLINED_SOCKET_CLI_SENTRY_BUILD']\".\nif (process.env['INLINED_SOCKET_CLI_SENTRY_BUILD']) {\n const Sentry = require('@sentry/node')\n Sentry.init({\n onFatalError(error: Error) {\n // Defer module loads until after Sentry.init is called.\n if (require(relConstantsPath).ENV.SOCKET_CLI_DEBUG) {\n logger.fail('[DEBUG] [Sentry onFatalError]:', error)\n }\n },\n dsn: 'https://66736701db8e4ffac046bd09fa6aaced@o555220.ingest.us.sentry.io/4508846967619585',\n enabled: true,\n integrations: []\n })\n Sentry.setTag(\n 'environment',\n // The '@rollup/plugin-replace' will replace \"process.env['INLINED_SOCKET_CLI_PUBLISHED_BUILD']\".\n process.env['INLINED_SOCKET_CLI_PUBLISHED_BUILD']\n ? 'pub'\n : // The NODE_ENV convention is used by apps to define the runtime environment.\n // https://nodejs.org/en/learn/getting-started/nodejs-the-difference-between-development-and-production\n process.env['NODE_ENV']\n )\n Sentry.setTag(\n 'version',\n // The '@rollup/plugin-replace' will replace \"process.env['INLINED_SOCKET_CLI_VERSION_HASH']\".\n process.env['INLINED_SOCKET_CLI_VERSION_HASH']\n )\n const constants = require(relConstantsPath)\n if (constants.ENV.SOCKET_CLI_DEBUG) {\n Sentry.setTag('debugging', true)\n logger.log('[DEBUG] Set up Sentry.')\n } else {\n Sentry.setTag('debugging', false)\n }\n const {\n kInternalsSymbol,\n [kInternalsSymbol as unknown as 'Symbol(kInternalsSymbol)']: { setSentry }\n } = constants\n setSentry(Sentry)\n} else if (require(relConstantsPath).ENV.SOCKET_CLI_DEBUG) {\n logger.log('[DEBUG] Sentry disabled explicitly.')\n}\n"],"names":["logger","dsn","enabled","integrations","process","Sentry","setSentry"],"mappings":";;;;;;;;;;;;;;;AAAA;AACA;;;AAIA;AACA;AACA;AACA;AACoD;AAClD;;;AAGI;;AAEEA;AACF;;AAEFC;AACAC;AACAC;AACF;;AAGE;AACAC;;AAQA;AACAA;AAEF;AACA;AACEC;AACAL;AACF;AACEK;AACF;;;AAGE;AAA+DC;AAAU;AAC3E;;AAEF","debugId":"1792fa0d-ceff-4792-b3c3-8926ecb7baa5"}
package/dist/module-sync/cli.js CHANGED
@@ -900,7 +900,7 @@ function emitBanner(name) {
900
900
  logger.logger.error(getAsciiHeader(name))
901
901
  }
902
902
  function getAsciiHeader(command) {
903
- const cliVersion = '0.14.102:51e000d:4c8b52e6:pub' // The '@rollup/plugin-replace' will replace "process.env['INLINED_SOCKET_CLI_VERSION_HASH']".
903
+ const cliVersion = '0.14.103:d303e97:055c3aba:pub' // The '@rollup/plugin-replace' will replace "process.env['INLINED_SOCKET_CLI_VERSION_HASH']".
904
904
  const nodeVersion = process$1.version
905
905
  const apiToken = shadowNpmInject.getDefaultToken()
906
906
  const shownToken = apiToken ? getLastFiveOfApiToken(apiToken) : 'no'
@@ -3708,7 +3708,39 @@ function formatBranchName(str) {
3708
3708
  function getPkgNameFromPurlObj(purlObj) {
3709
3709
  return `${purlObj.namespace ? `${purlObj.namespace}/` : ''}${purlObj.name}`
3710
3710
  }
3711
- async function branchExists(branch, cwd = process.cwd()) {
3711
+ function getBaseGitBranch() {
3712
+ // Lazily access constants.ENV[GITHUB_REF_NAME].
3713
+ return (
3714
+ constants.ENV[GITHUB_REF_NAME] ??
3715
+ // GitHub defaults to branch name "main"
3716
+ // https://docs.github.com/en/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/about-branches#about-the-default-branch
3717
+ 'main'
3718
+ )
3719
+ }
3720
+ function getSocketBranchName(purl, toVersion) {
3721
+ const purlObj = packageurlJs.PackageURL.fromString(purl)
3722
+ const namespace = formatBranchName(purlObj.namespace ?? '')
3723
+ const name = formatBranchName(purlObj.name)
3724
+ const version = formatBranchName(toVersion)
3725
+ const fullName = `${namespace ? `${namespace}-` : ''}${name}`
3726
+ return `socket-fix-${fullName}-${version}`
3727
+ }
3728
+ function getSocketPullRequestTitle(purl, toVersion) {
3729
+ const purlObj = packageurlJs.PackageURL.fromString(purl)
3730
+ const pkgName = getPkgNameFromPurlObj(purlObj)
3731
+ return `Bump ${pkgName} from ${purlObj.version} to ${toVersion}`
3732
+ }
3733
+ function getSocketPullRequestBody(purl, toVersion) {
3734
+ const purlObj = packageurlJs.PackageURL.fromString(purl)
3735
+ const pkgName = getPkgNameFromPurlObj(purlObj)
3736
+ return `Bumps [${pkgName}](https://socket.dev/${purlObj.type}/package/${pkgName}) from ${purlObj.version} to ${toVersion}.`
3737
+ }
3738
+ function getSocketCommitMessage(purl, toVersion) {
3739
+ const purlObj = packageurlJs.PackageURL.fromString(purl)
3740
+ const pkgName = getPkgNameFromPurlObj(purlObj)
3741
+ return `socket: Bump ${pkgName} from ${purlObj.version} to ${toVersion}`
3742
+ }
3743
+ async function gitBranchExists(branch, cwd = process.cwd()) {
3712
3744
  try {
3713
3745
  await spawn.spawn(
3714
3746
  'git',
@@ -3722,8 +3754,12 @@ async function branchExists(branch, cwd = process.cwd()) {
3722
3754
  } catch {}
3723
3755
  return false
3724
3756
  }
3725
- async function checkoutBaseBranchIfAvailable(baseBranch, cwd = process.cwd()) {
3757
+ async function gitCheckoutBaseBranchIfAvailable(
3758
+ baseBranch,
3759
+ cwd = process.cwd()
3760
+ ) {
3726
3761
  try {
3762
+ await gitHardReset()
3727
3763
  await spawn.spawn('git', ['fetch', '--depth=1', 'origin', baseBranch], {
3728
3764
  cwd
3729
3765
  })
@@ -3741,12 +3777,12 @@ async function checkoutBaseBranchIfAvailable(baseBranch, cwd = process.cwd()) {
3741
3777
  debug.debugLog(e)
3742
3778
  }
3743
3779
  }
3744
- async function createAndPushBranchIfNeeded(
3780
+ async function gitCreateAndPushBranchIfNeeded(
3745
3781
  branch,
3746
3782
  commitMsg,
3747
3783
  cwd = process.cwd()
3748
3784
  ) {
3749
- if (await branchExists(branch, cwd)) {
3785
+ if (await gitBranchExists(branch, cwd)) {
3750
3786
  logger.logger.warn(`Branch "${branch}" already exists. Skipping creation.`)
3751
3787
  return false
3752
3788
  }
@@ -3764,37 +3800,20 @@ async function createAndPushBranchIfNeeded(
3764
3800
  })
3765
3801
  return true
3766
3802
  }
3767
- function getBaseBranch() {
3768
- // Lazily access constants.ENV[GITHUB_REF_NAME].
3769
- return (
3770
- constants.ENV[GITHUB_REF_NAME] ??
3771
- // GitHub defaults to branch name "main"
3772
- // https://docs.github.com/en/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/about-branches#about-the-default-branch
3773
- 'main'
3774
- )
3775
- }
3776
- function getSocketBranchName(purl, toVersion) {
3777
- const purlObj = packageurlJs.PackageURL.fromString(purl)
3778
- const namespace = formatBranchName(purlObj.namespace ?? '')
3779
- const name = formatBranchName(purlObj.name)
3780
- const version = formatBranchName(toVersion)
3781
- const fullName = `${namespace ? `${namespace}-` : ''}${name}`
3782
- return `socket-fix-${fullName}-${version}`
3783
- }
3784
- function getSocketPullRequestTitle(purl, toVersion) {
3785
- const purlObj = packageurlJs.PackageURL.fromString(purl)
3786
- const pkgName = getPkgNameFromPurlObj(purlObj)
3787
- return `Bump ${pkgName} from ${purlObj.version} to ${toVersion}`
3788
- }
3789
- function getSocketPullRequestBody(purl, toVersion) {
3790
- const purlObj = packageurlJs.PackageURL.fromString(purl)
3791
- const pkgName = getPkgNameFromPurlObj(purlObj)
3792
- return `Bumps [${pkgName}](https://socket.dev/${purlObj.type}/package/${pkgName}) from ${purlObj.version} to ${toVersion}.`
3803
+ async function gitHardReset(cwd = process.cwd()) {
3804
+ await spawn.spawn('git', ['reset', '--hard'], {
3805
+ cwd
3806
+ })
3793
3807
  }
3794
- function getSocketCommitMessage(purl, toVersion) {
3795
- const purlObj = packageurlJs.PackageURL.fromString(purl)
3796
- const pkgName = getPkgNameFromPurlObj(purlObj)
3797
- return `socket: Bump ${pkgName} from ${purlObj.version} to ${toVersion}`
3808
+ async function isInGitRepo(cwd = process.cwd()) {
3809
+ try {
3810
+ await spawn.spawn('git', ['rev-parse', '--is-inside-work-tree'], {
3811
+ cwd,
3812
+ stdio: 'ignore'
3813
+ })
3814
+ return true
3815
+ } catch {}
3816
+ return false
3798
3817
  }
3799
3818
 
3800
3819
  const { GITHUB_ACTIONS, GITHUB_REPOSITORY, SOCKET_SECURITY_GITHUB_PAT } =
@@ -3971,6 +3990,7 @@ async function npmFix(
3971
3990
  })
3972
3991
  // Lazily access constants.ENV[CI].
3973
3992
  const isCi = constants.ENV[CI$1]
3993
+ const isRepo = await isInGitRepo(cwd)
3974
3994
  await arb.buildIdealTree()
3975
3995
  for (const { 0: name, 1: infos } of infoByPkg) {
3976
3996
  const hasUpgrade = !!registry.getManifestData(NPM$f, name)
@@ -4056,10 +4076,10 @@ async function npmFix(
4056
4076
  : undefined)
4057
4077
  }
4058
4078
  spinner?.info(`Installing ${toSpec}`)
4059
- const baseBranch = getBaseBranch()
4079
+ const baseBranch = getBaseGitBranch()
4060
4080
 
4061
4081
  // eslint-disable-next-line no-await-in-loop
4062
- await checkoutBaseBranchIfAvailable(baseBranch, cwd)
4082
+ await gitCheckoutBaseBranchIfAvailable(baseBranch, cwd)
4063
4083
  let error
4064
4084
  let errored = false
4065
4085
  let installed = false
@@ -4097,7 +4117,7 @@ async function npmFix(
4097
4117
  }
4098
4118
  if (!errored && shouldOpenPr) {
4099
4119
  // eslint-disable-next-line no-await-in-loop
4100
- await createAndPushBranchIfNeeded(
4120
+ await gitCreateAndPushBranchIfNeeded(
4101
4121
  branch,
4102
4122
  getSocketCommitMessage(fromPurl, toVersion),
4103
4123
  cwd
@@ -4121,12 +4141,18 @@ async function npmFix(
4121
4141
  if (errored) {
4122
4142
  spinner?.error(`Reverting ${toSpec}`, error)
4123
4143
  }
4144
+ if (isRepo) {
4145
+ // eslint-disable-next-line no-await-in-loop
4146
+ await gitHardReset(cwd)
4147
+ }
4124
4148
  if (saved) {
4125
4149
  editablePkgJson.update(revertData)
4126
- // eslint-disable-next-line no-await-in-loop
4127
- await editablePkgJson.save()
4150
+ if (!isRepo) {
4151
+ // eslint-disable-next-line no-await-in-loop
4152
+ await editablePkgJson.save()
4153
+ }
4128
4154
  }
4129
- if (installed) {
4155
+ if (!isRepo && installed) {
4130
4156
  // eslint-disable-next-line no-await-in-loop
4131
4157
  await install$1(revertTree, {
4132
4158
  cwd
@@ -4392,6 +4418,7 @@ async function pnpmFix(
4392
4418
  })
4393
4419
  // Lazily access constants.ENV[CI].
4394
4420
  const isCi = constants.ENV[CI]
4421
+ const isRepo = await isInGitRepo(cwd)
4395
4422
  let actualTree = await getActualTree(cwd)
4396
4423
  for (const { 0: name, 1: infos } of infoByPkg) {
4397
4424
  if (registry.getManifestData(NPM$c, name)) {
@@ -4456,6 +4483,7 @@ async function pnpmFix(
4456
4483
  )
4457
4484
  const toSpec = `${name}@${toVersionRange}`
4458
4485
  const branch = isCi ? getSocketBranchName(fromPurl, toVersion) : ''
4486
+ const baseBranch = isCi ? getBaseGitBranch() : ''
4459
4487
  const { owner, repo } = isCi
4460
4488
  ? getGitHubEnvRepoInfo()
4461
4489
  : {
@@ -4506,10 +4534,10 @@ async function pnpmFix(
4506
4534
  : undefined)
4507
4535
  }
4508
4536
  spinner?.info(`Installing ${toSpec}`)
4509
- const baseBranch = getBaseBranch()
4510
-
4511
- // eslint-disable-next-line no-await-in-loop
4512
- await checkoutBaseBranchIfAvailable(baseBranch, cwd)
4537
+ if (isCi) {
4538
+ // eslint-disable-next-line no-await-in-loop
4539
+ await gitCheckoutBaseBranchIfAvailable(baseBranch, cwd)
4540
+ }
4513
4541
  let error
4514
4542
  let errored = false
4515
4543
  let installed = false
@@ -4548,7 +4576,7 @@ async function pnpmFix(
4548
4576
  }
4549
4577
  if (!errored && shouldOpenPr) {
4550
4578
  // eslint-disable-next-line no-await-in-loop
4551
- await createAndPushBranchIfNeeded(
4579
+ await gitCreateAndPushBranchIfNeeded(
4552
4580
  branch,
4553
4581
  getSocketCommitMessage(fromPurl, toVersion),
4554
4582
  cwd
@@ -4572,12 +4600,21 @@ async function pnpmFix(
4572
4600
  if (errored) {
4573
4601
  spinner?.error(`Reverting ${toSpec}`, error)
4574
4602
  }
4603
+ if (isRepo) {
4604
+ // eslint-disable-next-line no-await-in-loop
4605
+ await gitHardReset(cwd)
4606
+ }
4575
4607
  if (saved) {
4576
4608
  editablePkgJson.update(revertData)
4577
- // eslint-disable-next-line no-await-in-loop
4578
- await editablePkgJson.save()
4609
+ if (!isRepo) {
4610
+ // eslint-disable-next-line no-await-in-loop
4611
+ await editablePkgJson.save()
4612
+ }
4579
4613
  }
4580
- if (installed) {
4614
+ if (isRepo) {
4615
+ // eslint-disable-next-line no-await-in-loop
4616
+ actualTree = await getActualTree(cwd)
4617
+ } else if (installed) {
4581
4618
  // eslint-disable-next-line no-await-in-loop
4582
4619
  actualTree = await install(pkgEnvDetails, {
4583
4620
  spinner
@@ -11506,7 +11543,7 @@ void (async () => {
11506
11543
  await vendor.updater({
11507
11544
  name: SOCKET_CLI_BIN_NAME,
11508
11545
  // The '@rollup/plugin-replace' will replace "process.env['INLINED_SOCKET_CLI_VERSION']".
11509
- version: '0.14.102',
11546
+ version: '0.14.103',
11510
11547
  ttl: 86_400_000 /* 24 hours in milliseconds */
11511
11548
  })
11512
11549
  try {
@@ -11574,5 +11611,5 @@ void (async () => {
11574
11611
  await shadowNpmInject.captureException(e)
11575
11612
  }
11576
11613
  })()
11577
- //# debugId=522cbad6-7bef-48c2-95d7-5233b81e92ca
11614
+ //# debugId=e925b9d1-907d-4e63-b176-1eb32d8e7284
11578
11615
  //# sourceMappingURL=cli.js.map