@socketsecurity/cli-with-sentry 0.14.103 → 0.14.104

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (27) hide show
  1. package/dist/constants.js +3 -3
  2. package/dist/constants.js.map +1 -1
  3. package/dist/instrument-with-sentry.js +2 -2
  4. package/dist/instrument-with-sentry.js.map +1 -1
  5. package/dist/module-sync/arborist-helpers.d.ts +69 -0
  6. package/dist/module-sync/cli.js +1571 -1174
  7. package/dist/module-sync/cli.js.map +1 -1
  8. package/dist/module-sync/index.d.ts +1 -1
  9. package/dist/module-sync/package-environment.d.ts +7 -7
  10. package/dist/module-sync/semver.d.ts +16 -0
  11. package/dist/module-sync/shadow-npm-inject.js +445 -431
  12. package/dist/module-sync/shadow-npm-inject.js.map +1 -1
  13. package/dist/module-sync/shadow-npm-paths.d.ts +23 -2
  14. package/dist/module-sync/shadow-npm-paths.js +135 -76
  15. package/dist/module-sync/shadow-npm-paths.js.map +1 -1
  16. package/dist/module-sync/vendor.js +25199 -25208
  17. package/dist/module-sync/vendor.js.map +1 -1
  18. package/dist/require/cli.js +1571 -1174
  19. package/dist/require/cli.js.map +1 -1
  20. package/dist/require/shadow-npm-inject.js +445 -431
  21. package/dist/require/shadow-npm-inject.js.map +1 -1
  22. package/dist/require/shadow-npm-paths.d.ts +23 -2
  23. package/dist/require/shadow-npm-paths.js +135 -76
  24. package/dist/require/shadow-npm-paths.js.map +1 -1
  25. package/package.json +7 -7
  26. package/dist/module-sync/shared.d.ts +0 -11
  27. package/dist/module-sync/types.d.ts +0 -27
package/dist/require/cli.js CHANGED
@@ -12,7 +12,7 @@ function _socketInterop(e) {
12
12
  }
13
13
 
14
14
  const process$1 = require('node:process')
15
- const require$$0$2 = require('node:url')
15
+ const require$$0$1 = require('node:url')
16
16
  const vendor = require('./vendor.js')
17
17
  const debug = require('@socketsecurity/registry/lib/debug')
18
18
  const logger = require('@socketsecurity/registry/lib/logger')
@@ -26,11 +26,11 @@ const objects = require('@socketsecurity/registry/lib/objects')
26
26
  const path = require('@socketsecurity/registry/lib/path')
27
27
  const regexps = require('@socketsecurity/registry/lib/regexps')
28
28
  const words = require('@socketsecurity/registry/lib/words')
29
- const require$$0 = require('node:fs')
29
+ const fs$1 = require('node:fs')
30
30
  const shadowBin = require('./shadow-bin.js')
31
31
  const prompts = require('@socketsecurity/registry/lib/prompts')
32
32
  const shadowNpmPaths = require('./shadow-npm-paths.js')
33
- const require$$0$1 = require('node:util')
33
+ const require$$0 = require('node:util')
34
34
  const arrays = require('@socketsecurity/registry/lib/arrays')
35
35
  const registry = require('@socketsecurity/registry')
36
36
  const npm = require('@socketsecurity/registry/lib/npm')
@@ -347,7 +347,7 @@ function renderJson(data) {
347
347
  }
348
348
  }
349
349
  function renderMarkdown(data, days, repoSlug) {
350
- return vendor.stripIndents`
350
+ return vendor.html`
351
351
  # Socket Alert Analytics
352
352
 
353
353
  These are the Socket.dev stats are analytics for the ${repoSlug ? `${repoSlug} repo` : 'org'} of the past ${days} days
@@ -387,7 +387,7 @@ ${[
387
387
  ]
388
388
  ]
389
389
  .map(
390
- ([title, table]) => vendor.stripIndents`
390
+ ([title, table]) => vendor.html`
391
391
  ## ${title}
392
392
 
393
393
  ${table}
@@ -900,7 +900,7 @@ function emitBanner(name) {
900
900
  logger.logger.error(getAsciiHeader(name))
901
901
  }
902
902
  function getAsciiHeader(command) {
903
- const cliVersion = '0.14.103:d303e97:055c3aba:pub' // The '@rollup/plugin-replace' will replace "process.env['INLINED_SOCKET_CLI_VERSION_HASH']".
903
+ const cliVersion = '0.14.104:da4a527:b9e86b3d:pub' // The '@rollup/plugin-replace' will replace "process.env['INLINED_SOCKET_CLI_VERSION_HASH']".
904
904
  const nodeVersion = process$1.version
905
905
  const apiToken = shadowNpmInject.getDefaultToken()
906
906
  const shownToken = apiToken ? getLastFiveOfApiToken(apiToken) : 'no'
@@ -923,8 +923,8 @@ function getAsciiHeader(command) {
923
923
  return ` ${body}\n`
924
924
  }
925
925
 
926
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$H } = constants
927
- const config$K = {
926
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$I } = constants
927
+ const config$L = {
928
928
  commandName: 'analytics',
929
929
  description: `Look up analytics data`,
930
930
  hidden: false,
@@ -979,14 +979,14 @@ const config$K = {
979
979
  `
980
980
  }
981
981
  const cmdAnalytics = {
982
- description: config$K.description,
983
- hidden: config$K.hidden,
984
- run: run$K
982
+ description: config$L.description,
983
+ hidden: config$L.hidden,
984
+ run: run$L
985
985
  }
986
- async function run$K(argv, importMeta, { parentName }) {
986
+ async function run$L(argv, importMeta, { parentName }) {
987
987
  const cli = meowOrExit({
988
988
  argv,
989
- config: config$K,
989
+ config: config$L,
990
990
  importMeta,
991
991
  parentName
992
992
  })
@@ -1041,7 +1041,7 @@ async function run$K(argv, importMeta, { parentName }) {
1041
1041
  return
1042
1042
  }
1043
1043
  if (cli.flags['dryRun']) {
1044
- logger.logger.log(DRY_RUN_BAIL_TEXT$H)
1044
+ logger.logger.log(DRY_RUN_BAIL_TEXT$I)
1045
1045
  return
1046
1046
  }
1047
1047
  assert(assertScope(scope))
@@ -1216,8 +1216,8 @@ async function handleAuditLog({ logType, orgSlug, outputKind, page, perPage }) {
1216
1216
  })
1217
1217
  }
1218
1218
 
1219
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$G } = constants
1220
- const config$J = {
1219
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$H } = constants
1220
+ const config$K = {
1221
1221
  commandName: 'audit-log',
1222
1222
  description: 'Look up the audit log for an organization',
1223
1223
  hidden: false,
@@ -1262,14 +1262,14 @@ const config$J = {
1262
1262
  `
1263
1263
  }
1264
1264
  const cmdAuditLog = {
1265
- description: config$J.description,
1266
- hidden: config$J.hidden,
1267
- run: run$J
1265
+ description: config$K.description,
1266
+ hidden: config$K.hidden,
1267
+ run: run$K
1268
1268
  }
1269
- async function run$J(argv, importMeta, { parentName }) {
1269
+ async function run$K(argv, importMeta, { parentName }) {
1270
1270
  const cli = meowOrExit({
1271
1271
  argv,
1272
- config: config$J,
1272
+ config: config$K,
1273
1273
  importMeta,
1274
1274
  parentName
1275
1275
  })
@@ -1306,7 +1306,7 @@ async function run$J(argv, importMeta, { parentName }) {
1306
1306
  return
1307
1307
  }
1308
1308
  if (cli.flags['dryRun']) {
1309
- logger.logger.log(DRY_RUN_BAIL_TEXT$G)
1309
+ logger.logger.log(DRY_RUN_BAIL_TEXT$H)
1310
1310
  return
1311
1311
  }
1312
1312
  await handleAuditLog({
@@ -1322,7 +1322,7 @@ const {
1322
1322
  NPM: NPM$g,
1323
1323
  NPX: NPX$3,
1324
1324
  PACKAGE_LOCK_JSON,
1325
- PNPM: PNPM$b,
1325
+ PNPM: PNPM$a,
1326
1326
  YARN: YARN$1,
1327
1327
  YARN_LOCK
1328
1328
  } = constants
@@ -1331,7 +1331,7 @@ const nodejsPlatformTypes = new Set([
1331
1331
  'js',
1332
1332
  'nodejs',
1333
1333
  NPM$g,
1334
- PNPM$b,
1334
+ PNPM$a,
1335
1335
  'ts',
1336
1336
  'tsx',
1337
1337
  'typescript'
@@ -1346,9 +1346,9 @@ async function runCycloneDX(yargvWithYes) {
1346
1346
  if (
1347
1347
  yargv.type !== YARN$1 &&
1348
1348
  nodejsPlatformTypes.has(yargv.type) &&
1349
- require$$0.existsSync(`./${YARN_LOCK}`)
1349
+ fs$1.existsSync(`./${YARN_LOCK}`)
1350
1350
  ) {
1351
- if (require$$0.existsSync(`./${PACKAGE_LOCK_JSON}`)) {
1351
+ if (fs$1.existsSync(`./${PACKAGE_LOCK_JSON}`)) {
1352
1352
  yargv.type = NPM$g
1353
1353
  } else {
1354
1354
  // Use synp to create a package-lock.json from the yarn.lock,
@@ -1369,16 +1369,16 @@ async function runCycloneDX(yargvWithYes) {
1369
1369
  await shadowBin(NPX$3, [
1370
1370
  ...yesArgs,
1371
1371
  // The '@rollup/plugin-replace' will replace "process.env['INLINED_CYCLONEDX_CDXGEN_VERSION']".
1372
- `@cyclonedx/cdxgen@${'11.2.3'}`,
1372
+ `@cyclonedx/cdxgen@${'11.2.4'}`,
1373
1373
  ...argvToArray(yargv)
1374
1374
  ])
1375
1375
  if (cleanupPackageLock) {
1376
1376
  try {
1377
- await require$$0.promises.rm(`./${PACKAGE_LOCK_JSON}`)
1377
+ await fs$1.promises.rm(`./${PACKAGE_LOCK_JSON}`)
1378
1378
  } catch {}
1379
1379
  }
1380
1380
  const fullOutputPath = path$1.join(process$1.cwd(), yargv.output)
1381
- if (require$$0.existsSync(fullOutputPath)) {
1381
+ if (fs$1.existsSync(fullOutputPath)) {
1382
1382
  logger.logger.log(
1383
1383
  vendor.yoctocolorsCjsExports.cyanBright(`${yargv.output} created!`)
1384
1384
  )
@@ -1436,7 +1436,7 @@ function isHelpFlag(cmdArg) {
1436
1436
  }
1437
1437
 
1438
1438
  // import { meowOrExit } from '../../utils/meow-with-subcommands'
1439
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$F } = constants
1439
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$G } = constants
1440
1440
 
1441
1441
  // TODO: convert yargs to meow. Or convert all the other things to yargs.
1442
1442
  const toLower = arg => arg.toLowerCase()
@@ -1552,7 +1552,7 @@ const yargsConfig = {
1552
1552
  'spec-version'
1553
1553
  ]
1554
1554
  }
1555
- const config$I = {
1555
+ const config$J = {
1556
1556
  commandName: 'cdxgen',
1557
1557
  description: 'Create an SBOM with CycloneDX generator (cdxgen)',
1558
1558
  hidden: false,
@@ -1568,16 +1568,16 @@ const config$I = {
1568
1568
  `
1569
1569
  }
1570
1570
  const cmdCdxgen = {
1571
- description: config$I.description,
1572
- hidden: config$I.hidden,
1573
- run: run$I
1571
+ description: config$J.description,
1572
+ hidden: config$J.hidden,
1573
+ run: run$J
1574
1574
  }
1575
- async function run$I(argv, importMeta, { parentName }) {
1575
+ async function run$J(argv, importMeta, { parentName }) {
1576
1576
  const cli = meowOrExit({
1577
1577
  allowUnknownFlags: true,
1578
1578
  // Don't let meow take over --help.
1579
1579
  argv: argv.filter(a => !isHelpFlag(a)),
1580
- config: config$I,
1580
+ config: config$J,
1581
1581
  importMeta,
1582
1582
  parentName
1583
1583
  })
@@ -1599,7 +1599,7 @@ async function run$I(argv, importMeta, { parentName }) {
1599
1599
  return
1600
1600
  }
1601
1601
  if (cli.flags['dryRun']) {
1602
- logger.logger.log(DRY_RUN_BAIL_TEXT$F)
1602
+ logger.logger.log(DRY_RUN_BAIL_TEXT$G)
1603
1603
  return
1604
1604
  }
1605
1605
  if (yargv.output === undefined) {
@@ -2447,8 +2447,8 @@ async function handleCI() {
2447
2447
  })
2448
2448
  }
2449
2449
 
2450
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$E } = constants
2451
- const config$H = {
2450
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$F } = constants
2451
+ const config$I = {
2452
2452
  commandName: 'ci',
2453
2453
  description:
2454
2454
  'Create a new scan and report whether it passes your security policy',
@@ -2468,19 +2468,19 @@ const config$H = {
2468
2468
  `
2469
2469
  }
2470
2470
  const cmdCI = {
2471
- description: config$H.description,
2472
- hidden: config$H.hidden,
2473
- run: run$H
2471
+ description: config$I.description,
2472
+ hidden: config$I.hidden,
2473
+ run: run$I
2474
2474
  }
2475
- async function run$H(argv, importMeta, { parentName }) {
2475
+ async function run$I(argv, importMeta, { parentName }) {
2476
2476
  const cli = meowOrExit({
2477
2477
  argv,
2478
- config: config$H,
2478
+ config: config$I,
2479
2479
  importMeta,
2480
2480
  parentName
2481
2481
  })
2482
2482
  if (cli.flags['dryRun']) {
2483
- logger.logger.log(DRY_RUN_BAIL_TEXT$E)
2483
+ logger.logger.log(DRY_RUN_BAIL_TEXT$F)
2484
2484
  return
2485
2485
  }
2486
2486
  await handleCI()
@@ -2727,8 +2727,8 @@ async function handleConfigAuto({ key, outputKind }) {
2727
2727
  await outputConfigAuto(key, result, outputKind)
2728
2728
  }
2729
2729
 
2730
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$D } = constants
2731
- const config$G = {
2730
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$E } = constants
2731
+ const config$H = {
2732
2732
  commandName: 'auto',
2733
2733
  description: 'Automatically discover and set the correct value config item',
2734
2734
  hidden: false,
@@ -2759,14 +2759,14 @@ ${Array.from(shadowNpmInject.supportedConfigKeys.entries())
2759
2759
  `
2760
2760
  }
2761
2761
  const cmdConfigAuto = {
2762
- description: config$G.description,
2763
- hidden: config$G.hidden,
2764
- run: run$G
2762
+ description: config$H.description,
2763
+ hidden: config$H.hidden,
2764
+ run: run$H
2765
2765
  }
2766
- async function run$G(argv, importMeta, { parentName }) {
2766
+ async function run$H(argv, importMeta, { parentName }) {
2767
2767
  const cli = meowOrExit({
2768
2768
  argv,
2769
- config: config$G,
2769
+ config: config$H,
2770
2770
  importMeta,
2771
2771
  parentName
2772
2772
  })
@@ -2792,7 +2792,7 @@ async function run$G(argv, importMeta, { parentName }) {
2792
2792
  return
2793
2793
  }
2794
2794
  if (cli.flags['dryRun']) {
2795
- logger.logger.log(DRY_RUN_BAIL_TEXT$D)
2795
+ logger.logger.log(DRY_RUN_BAIL_TEXT$E)
2796
2796
  return
2797
2797
  }
2798
2798
  await handleConfigAuto({
@@ -2846,8 +2846,8 @@ async function handleConfigGet({ key, outputKind }) {
2846
2846
  await outputConfigGet(key, value, readOnly, outputKind)
2847
2847
  }
2848
2848
 
2849
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$C } = constants
2850
- const config$F = {
2849
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$D } = constants
2850
+ const config$G = {
2851
2851
  commandName: 'get',
2852
2852
  description: 'Get the value of a local CLI config item',
2853
2853
  hidden: false,
@@ -2873,14 +2873,14 @@ ${Array.from(shadowNpmInject.supportedConfigKeys.entries())
2873
2873
  `
2874
2874
  }
2875
2875
  const cmdConfigGet = {
2876
- description: config$F.description,
2877
- hidden: config$F.hidden,
2878
- run: run$F
2876
+ description: config$G.description,
2877
+ hidden: config$G.hidden,
2878
+ run: run$G
2879
2879
  }
2880
- async function run$F(argv, importMeta, { parentName }) {
2880
+ async function run$G(argv, importMeta, { parentName }) {
2881
2881
  const cli = meowOrExit({
2882
2882
  argv,
2883
- config: config$F,
2883
+ config: config$G,
2884
2884
  importMeta,
2885
2885
  parentName
2886
2886
  })
@@ -2906,7 +2906,7 @@ async function run$F(argv, importMeta, { parentName }) {
2906
2906
  return
2907
2907
  }
2908
2908
  if (cli.flags['dryRun']) {
2909
- logger.logger.log(DRY_RUN_BAIL_TEXT$C)
2909
+ logger.logger.log(DRY_RUN_BAIL_TEXT$D)
2910
2910
  return
2911
2911
  }
2912
2912
  await handleConfigGet({
@@ -2968,8 +2968,8 @@ async function outputConfigList({ full, outputKind }) {
2968
2968
  }
2969
2969
  }
2970
2970
 
2971
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$B } = constants
2972
- const config$E = {
2971
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$C } = constants
2972
+ const config$F = {
2973
2973
  commandName: 'list',
2974
2974
  description: 'Show all local CLI config items and their values',
2975
2975
  hidden: false,
@@ -3000,14 +3000,14 @@ ${Array.from(shadowNpmInject.supportedConfigKeys.entries())
3000
3000
  `
3001
3001
  }
3002
3002
  const cmdConfigList = {
3003
- description: config$E.description,
3004
- hidden: config$E.hidden,
3005
- run: run$E
3003
+ description: config$F.description,
3004
+ hidden: config$F.hidden,
3005
+ run: run$F
3006
3006
  }
3007
- async function run$E(argv, importMeta, { parentName }) {
3007
+ async function run$F(argv, importMeta, { parentName }) {
3008
3008
  const cli = meowOrExit({
3009
3009
  argv,
3010
- config: config$E,
3010
+ config: config$F,
3011
3011
  importMeta,
3012
3012
  parentName
3013
3013
  })
@@ -3024,7 +3024,7 @@ async function run$E(argv, importMeta, { parentName }) {
3024
3024
  return
3025
3025
  }
3026
3026
  if (cli.flags['dryRun']) {
3027
- logger.logger.log(DRY_RUN_BAIL_TEXT$B)
3027
+ logger.logger.log(DRY_RUN_BAIL_TEXT$C)
3028
3028
  return
3029
3029
  }
3030
3030
  await outputConfigList({
@@ -3069,8 +3069,8 @@ async function handleConfigSet({ key, outputKind, value }) {
3069
3069
  await outputConfigSet(key, value, readOnly, outputKind)
3070
3070
  }
3071
3071
 
3072
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$A } = constants
3073
- const config$D = {
3072
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$B } = constants
3073
+ const config$E = {
3074
3074
  commandName: 'set',
3075
3075
  description: 'Update the value of a local CLI config item',
3076
3076
  hidden: false,
@@ -3101,14 +3101,14 @@ ${Array.from(shadowNpmInject.supportedConfigKeys.entries())
3101
3101
  `
3102
3102
  }
3103
3103
  const cmdConfigSet = {
3104
- description: config$D.description,
3105
- hidden: config$D.hidden,
3106
- run: run$D
3104
+ description: config$E.description,
3105
+ hidden: config$E.hidden,
3106
+ run: run$E
3107
3107
  }
3108
- async function run$D(argv, importMeta, { parentName }) {
3108
+ async function run$E(argv, importMeta, { parentName }) {
3109
3109
  const cli = meowOrExit({
3110
3110
  argv,
3111
- config: config$D,
3111
+ config: config$E,
3112
3112
  importMeta,
3113
3113
  parentName
3114
3114
  })
@@ -3143,7 +3143,7 @@ async function run$D(argv, importMeta, { parentName }) {
3143
3143
  return
3144
3144
  }
3145
3145
  if (cli.flags['dryRun']) {
3146
- logger.logger.log(DRY_RUN_BAIL_TEXT$A)
3146
+ logger.logger.log(DRY_RUN_BAIL_TEXT$B)
3147
3147
  return
3148
3148
  }
3149
3149
  await handleConfigSet({
@@ -3175,8 +3175,8 @@ async function handleConfigUnset({ key, outputKind }) {
3175
3175
  await outputConfigUnset(key, outputKind)
3176
3176
  }
3177
3177
 
3178
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$z } = constants
3179
- const config$C = {
3178
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$A } = constants
3179
+ const config$D = {
3180
3180
  commandName: 'unset',
3181
3181
  description: 'Clear the value of a local CLI config item',
3182
3182
  hidden: false,
@@ -3202,14 +3202,14 @@ ${Array.from(shadowNpmInject.supportedConfigKeys.entries())
3202
3202
  `
3203
3203
  }
3204
3204
  const cmdConfigUnset = {
3205
- description: config$C.description,
3206
- hidden: config$C.hidden,
3207
- run: run$C
3205
+ description: config$D.description,
3206
+ hidden: config$D.hidden,
3207
+ run: run$D
3208
3208
  }
3209
- async function run$C(argv, importMeta, { parentName }) {
3209
+ async function run$D(argv, importMeta, { parentName }) {
3210
3210
  const cli = meowOrExit({
3211
3211
  argv,
3212
- config: config$C,
3212
+ config: config$D,
3213
3213
  importMeta,
3214
3214
  parentName
3215
3215
  })
@@ -3235,7 +3235,7 @@ async function run$C(argv, importMeta, { parentName }) {
3235
3235
  return
3236
3236
  }
3237
3237
  if (cli.flags['dryRun']) {
3238
- logger.logger.log(DRY_RUN_BAIL_TEXT$z)
3238
+ logger.logger.log(DRY_RUN_BAIL_TEXT$A)
3239
3239
  return
3240
3240
  }
3241
3241
  await handleConfigUnset({
@@ -3362,8 +3362,8 @@ async function handleDependencies({ limit, offset, outputKind }) {
3362
3362
  })
3363
3363
  }
3364
3364
 
3365
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$y } = constants
3366
- const config$B = {
3365
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$z } = constants
3366
+ const config$C = {
3367
3367
  commandName: 'dependencies',
3368
3368
  description:
3369
3369
  'Search for any dependency that is being used in your organization',
@@ -3400,14 +3400,14 @@ const config$B = {
3400
3400
  `
3401
3401
  }
3402
3402
  const cmdScanCreate$1 = {
3403
- description: config$B.description,
3404
- hidden: config$B.hidden,
3405
- run: run$B
3403
+ description: config$C.description,
3404
+ hidden: config$C.hidden,
3405
+ run: run$C
3406
3406
  }
3407
- async function run$B(argv, importMeta, { parentName }) {
3407
+ async function run$C(argv, importMeta, { parentName }) {
3408
3408
  const cli = meowOrExit({
3409
3409
  argv,
3410
- config: config$B,
3410
+ config: config$C,
3411
3411
  importMeta,
3412
3412
  parentName
3413
3413
  })
@@ -3435,7 +3435,7 @@ async function run$B(argv, importMeta, { parentName }) {
3435
3435
  return
3436
3436
  }
3437
3437
  if (cli.flags['dryRun']) {
3438
- logger.logger.log(DRY_RUN_BAIL_TEXT$y)
3438
+ logger.logger.log(DRY_RUN_BAIL_TEXT$z)
3439
3439
  return
3440
3440
  }
3441
3441
  await handleDependencies({
@@ -3445,7 +3445,7 @@ async function run$B(argv, importMeta, { parentName }) {
3445
3445
  })
3446
3446
  }
3447
3447
 
3448
- async function fetchDiffScan({ after, before, orgSlug }) {
3448
+ async function fetchDiffScan$1({ after, before, orgSlug }) {
3449
3449
  const apiToken = shadowNpmInject.getDefaultToken()
3450
3450
 
3451
3451
  // Lazily access constants.spinner.
@@ -3468,7 +3468,7 @@ async function fetchDiffScan({ after, before, orgSlug }) {
3468
3468
  return result
3469
3469
  }
3470
3470
 
3471
- async function outputDiffScan(result, { depth, file, outputKind }) {
3471
+ async function outputDiffScan$1(result, { depth, file, outputKind }) {
3472
3472
  const dashboardUrl = result.diff_report_url
3473
3473
  const dashboardMessage = dashboardUrl
3474
3474
  ? `\n View this diff scan in the Socket dashboard: ${vendor.yoctocolorsCjsExports.cyan(dashboardUrl)}`
@@ -3490,7 +3490,7 @@ async function outputDiffScan(result, { depth, file, outputKind }) {
3490
3490
  }
3491
3491
  if (file && file !== '-') {
3492
3492
  logger.logger.log(`Writing json to \`${file}\``)
3493
- require$$0.writeFile(file, JSON.stringify(result, null, 2), err => {
3493
+ fs$1.writeFile(file, JSON.stringify(result, null, 2), err => {
3494
3494
  if (err) {
3495
3495
  logger.logger.fail(`Writing to \`${file}\` failed...`)
3496
3496
  logger.logger.error(err)
@@ -3513,7 +3513,7 @@ async function outputDiffScan(result, { depth, file, outputKind }) {
3513
3513
 
3514
3514
  logger.logger.log('Diff scan result:')
3515
3515
  logger.logger.log(
3516
- require$$0$1.inspect(result, {
3516
+ require$$0.inspect(result, {
3517
3517
  showHidden: false,
3518
3518
  depth: depth > 0 ? depth : null,
3519
3519
  colors: true,
@@ -3526,7 +3526,7 @@ async function outputDiffScan(result, { depth, file, outputKind }) {
3526
3526
  logger.logger.log(dashboardMessage)
3527
3527
  }
3528
3528
 
3529
- async function handleDiffScan({
3529
+ async function handleDiffScan$1({
3530
3530
  after,
3531
3531
  before,
3532
3532
  depth,
@@ -3534,7 +3534,7 @@ async function handleDiffScan({
3534
3534
  orgSlug,
3535
3535
  outputKind
3536
3536
  }) {
3537
- const data = await fetchDiffScan({
3537
+ const data = await fetchDiffScan$1({
3538
3538
  after,
3539
3539
  before,
3540
3540
  orgSlug
@@ -3542,15 +3542,15 @@ async function handleDiffScan({
3542
3542
  if (!data) {
3543
3543
  return
3544
3544
  }
3545
- await outputDiffScan(data, {
3545
+ await outputDiffScan$1(data, {
3546
3546
  depth,
3547
3547
  file,
3548
3548
  outputKind
3549
3549
  })
3550
3550
  }
3551
3551
 
3552
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$x } = constants
3553
- const config$A = {
3552
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$y } = constants
3553
+ const config$B = {
3554
3554
  commandName: 'get',
3555
3555
  description: 'Get a diff scan for an organization',
3556
3556
  hidden: false,
@@ -3609,14 +3609,14 @@ const config$A = {
3609
3609
  `
3610
3610
  }
3611
3611
  const cmdDiffScanGet = {
3612
- description: config$A.description,
3613
- hidden: config$A.hidden,
3614
- run: run$A
3612
+ description: config$B.description,
3613
+ hidden: config$B.hidden,
3614
+ run: run$B
3615
3615
  }
3616
- async function run$A(argv, importMeta, { parentName }) {
3616
+ async function run$B(argv, importMeta, { parentName }) {
3617
3617
  const cli = meowOrExit({
3618
3618
  argv,
3619
- config: config$A,
3619
+ config: config$B,
3620
3620
  importMeta,
3621
3621
  parentName
3622
3622
  })
@@ -3664,11 +3664,14 @@ async function run$A(argv, importMeta, { parentName }) {
3664
3664
  if (wasBadInput) {
3665
3665
  return
3666
3666
  }
3667
+ logger.logger.fail(
3668
+ 'Warning: this command is deprecated in favor of `socket scan diff` and will be removed in the next major bump.'
3669
+ )
3667
3670
  if (cli.flags['dryRun']) {
3668
- logger.logger.log(DRY_RUN_BAIL_TEXT$x)
3671
+ logger.logger.log(DRY_RUN_BAIL_TEXT$y)
3669
3672
  return
3670
3673
  }
3671
- await handleDiffScan({
3674
+ await handleDiffScan$1({
3672
3675
  before: String(before || ''),
3673
3676
  after: String(after || ''),
3674
3677
  depth: Number(depth),
@@ -3717,28 +3720,34 @@ function getBaseGitBranch() {
3717
3720
  'main'
3718
3721
  )
3719
3722
  }
3720
- function getSocketBranchName(purl, toVersion) {
3723
+ function getSocketBranchName(purl, newVersion, workspaceName) {
3721
3724
  const purlObj = packageurlJs.PackageURL.fromString(purl)
3722
- const namespace = formatBranchName(purlObj.namespace ?? '')
3723
- const name = formatBranchName(purlObj.name)
3724
- const version = formatBranchName(toVersion)
3725
- const fullName = `${namespace ? `${namespace}-` : ''}${name}`
3726
- return `socket-fix-${fullName}-${version}`
3725
+ const maybeWorkspaceName = workspaceName
3726
+ ? `${formatBranchName(workspaceName)}-`
3727
+ : ''
3728
+ const maybeNamespace = purlObj.namespace
3729
+ ? `${formatBranchName(purlObj.namespace)}-`
3730
+ : ''
3731
+ const fullName = `${maybeWorkspaceName}${maybeNamespace}${formatBranchName(purlObj.name)}`
3732
+ return `socket-fix-${fullName}-${formatBranchName(newVersion)}`
3727
3733
  }
3728
- function getSocketPullRequestTitle(purl, toVersion) {
3734
+ function getSocketPullRequestTitle(purl, newVersion, workspaceName) {
3729
3735
  const purlObj = packageurlJs.PackageURL.fromString(purl)
3730
3736
  const pkgName = getPkgNameFromPurlObj(purlObj)
3731
- return `Bump ${pkgName} from ${purlObj.version} to ${toVersion}`
3737
+ const workspaceDetails = workspaceName ? ` in ${workspaceName}` : ''
3738
+ return `Bump ${pkgName} from ${purlObj.version} to ${newVersion}${workspaceDetails}`
3732
3739
  }
3733
- function getSocketPullRequestBody(purl, toVersion) {
3740
+ function getSocketPullRequestBody(purl, newVersion, workspaceName) {
3734
3741
  const purlObj = packageurlJs.PackageURL.fromString(purl)
3735
3742
  const pkgName = getPkgNameFromPurlObj(purlObj)
3736
- return `Bumps [${pkgName}](https://socket.dev/${purlObj.type}/package/${pkgName}) from ${purlObj.version} to ${toVersion}.`
3743
+ const workspaceDetails = workspaceName ? ` in ${workspaceName}` : ''
3744
+ return `Bumps [${pkgName}](https://socket.dev/${purlObj.type}/package/${pkgName}) from ${purlObj.version} to ${newVersion}${workspaceDetails}.`
3737
3745
  }
3738
- function getSocketCommitMessage(purl, toVersion) {
3746
+ function getSocketCommitMessage(purl, newVersion, workspaceName) {
3739
3747
  const purlObj = packageurlJs.PackageURL.fromString(purl)
3740
3748
  const pkgName = getPkgNameFromPurlObj(purlObj)
3741
- return `socket: Bump ${pkgName} from ${purlObj.version} to ${toVersion}`
3749
+ const workspaceDetails = workspaceName ? ` in ${workspaceName}` : ''
3750
+ return `socket: Bump ${pkgName} from ${purlObj.version} to ${newVersion}${workspaceDetails}`
3742
3751
  }
3743
3752
  async function gitBranchExists(branch, cwd = process.cwd()) {
3744
3753
  try {
@@ -3854,7 +3863,7 @@ async function enableAutoMerge({ node_id: prId, number: prNumber }) {
3854
3863
  const octokitGraphql = getOctokitGraphql()
3855
3864
  try {
3856
3865
  await octokitGraphql(
3857
- `
3866
+ vendor.html`
3858
3867
  mutation EnableAutoMerge($pullRequestId: ID!) {
3859
3868
  enablePullRequestAutoMerge(input: {
3860
3869
  pullRequestId: $pullRequestId,
@@ -3878,7 +3887,9 @@ async function enableAutoMerge({ node_id: prId, number: prNumber }) {
3878
3887
  } catch (e) {
3879
3888
  let message = `Failed to enable auto-merge for PR #${prNumber}`
3880
3889
  if (e instanceof vendor.GraphqlResponseError && e.errors) {
3881
- const details = e.errors.map(({ message }) => ` - ${message}`).join('\n')
3890
+ const details = e.errors
3891
+ .map(({ message }) => ` - ${message.trim()}`)
3892
+ .join('\n')
3882
3893
  message += `:\n${details}`
3883
3894
  }
3884
3895
  logger.logger.error(message)
@@ -3903,9 +3914,13 @@ async function openGitHubPullRequest(
3903
3914
  baseBranch,
3904
3915
  branch,
3905
3916
  purl,
3906
- toVersion,
3907
- cwd = process.cwd()
3917
+ newVersion,
3918
+ options
3908
3919
  ) {
3920
+ const { cwd = process.cwd(), workspaceName } = {
3921
+ __proto__: null,
3922
+ ...options
3923
+ }
3909
3924
  // Lazily access constants.ENV[GITHUB_ACTIONS].
3910
3925
  if (constants.ENV[GITHUB_ACTIONS]) {
3911
3926
  // Lazily access constants.ENV[SOCKET_SECURITY_GITHUB_PAT].
@@ -3922,10 +3937,10 @@ async function openGitHubPullRequest(
3922
3937
  return await octokit.pulls.create({
3923
3938
  owner,
3924
3939
  repo,
3925
- title: getSocketPullRequestTitle(purl, toVersion),
3940
+ title: getSocketPullRequestTitle(purl, newVersion, workspaceName),
3926
3941
  head: branch,
3927
3942
  base: baseBranch,
3928
- body: getSocketPullRequestBody(purl, toVersion)
3943
+ body: getSocketPullRequestBody(purl, newVersion, workspaceName)
3929
3944
  })
3930
3945
  } catch (e) {
3931
3946
  let message = `Failed to open pull request`
@@ -3935,7 +3950,7 @@ async function openGitHubPullRequest(
3935
3950
  const details = restErrors
3936
3951
  .map(
3937
3952
  restErr =>
3938
- `- ${restErr.message ?? `${restErr.resource}.${restErr.field} (${restErr.code})`}`
3953
+ `- ${restErr.message?.trim() ?? `${restErr.resource}.${restErr.field} (${restErr.code})`}`
3939
3954
  )
3940
3955
  .join('\n')
3941
3956
  message += `:\n${details}`
@@ -3961,17 +3976,17 @@ async function install$1(idealTree, options) {
3961
3976
  await arb2.reify()
3962
3977
  }
3963
3978
  async function npmFix(
3964
- _pkgEnvDetails,
3965
- { autoMerge, cwd, rangeStyle, spinner, test, testScript }
3979
+ pkgEnvDetails,
3980
+ { autoMerge, cwd, purls, rangeStyle, spinner, test, testScript }
3966
3981
  ) {
3967
3982
  spinner?.start()
3968
3983
  const arb = new shadowNpmInject.SafeArborist({
3969
- path: cwd,
3984
+ path: pkgEnvDetails.pkgPath,
3970
3985
  ...shadowNpmInject.SAFE_ARBORIST_REIFY_OPTIONS_OVERRIDES
3971
3986
  })
3972
3987
  // Calling arb.reify() creates the arb.diff object and nulls-out arb.idealTree.
3973
3988
  await arb.reify()
3974
- const alertsMap = await shadowNpmInject.getAlertsMapFromArborist(arb, {
3989
+ const alertMapOptions = {
3975
3990
  consolidate: true,
3976
3991
  include: {
3977
3992
  existing: true,
@@ -3979,18 +3994,27 @@ async function npmFix(
3979
3994
  upgradable: false
3980
3995
  },
3981
3996
  nothrow: true
3982
- })
3997
+ }
3998
+ const alertsMap = purls.length
3999
+ ? await shadowNpmInject.getAlertsMapFromPurls(purls, alertMapOptions)
4000
+ : await shadowNpmInject.getAlertsMapFromArborist(arb, alertMapOptions)
3983
4001
  const infoByPkg = shadowNpmInject.getCveInfoByAlertsMap(alertsMap)
3984
4002
  if (!infoByPkg) {
3985
4003
  spinner?.stop()
3986
4004
  return
3987
4005
  }
3988
- const editablePkgJson = await packages.readPackageJson(cwd, {
3989
- editable: true
3990
- })
4006
+
3991
4007
  // Lazily access constants.ENV[CI].
3992
4008
  const isCi = constants.ENV[CI$1]
3993
- const isRepo = await isInGitRepo(cwd)
4009
+ const { pkgPath: rootPath } = pkgEnvDetails
4010
+ const { 0: isRepo, 1: workspacePkgJsonPaths } = await Promise.all([
4011
+ isInGitRepo(cwd),
4012
+ shadowNpmPaths.globWorkspace(pkgEnvDetails)
4013
+ ])
4014
+ const pkgJsonPaths = [
4015
+ pkgEnvDetails.editablePkgJson.filename,
4016
+ ...workspacePkgJsonPaths
4017
+ ]
3994
4018
  await arb.buildIdealTree()
3995
4019
  for (const { 0: name, 1: infos } of infoByPkg) {
3996
4020
  const hasUpgrade = !!registry.getManifestData(NPM$f, name)
@@ -3998,25 +4022,26 @@ async function npmFix(
3998
4022
  spinner?.info(`Skipping ${name}. Socket Optimize package exists.`)
3999
4023
  continue
4000
4024
  }
4001
- const specs = arrays.arrayUnique(
4002
- shadowNpmInject
4003
- .findPackageNodes(arb.idealTree, name)
4004
- .map(n => `${n.name}@${n.version}`)
4025
+ const oldVersions = arrays.arrayUnique(
4026
+ shadowNpmInject.findPackageNodes(arb.idealTree, name).map(n => n.version)
4005
4027
  )
4006
4028
  const packument =
4007
- specs.length && infos.length
4029
+ oldVersions.length && infos.length
4008
4030
  ? // eslint-disable-next-line no-await-in-loop
4009
4031
  await packages.fetchPackagePackument(name)
4010
4032
  : null
4011
4033
  if (!packument) {
4012
4034
  continue
4013
4035
  }
4014
- for (const spec of specs) {
4015
- const lastAtSignIndex = spec.lastIndexOf('@')
4016
- const name = spec.slice(0, lastAtSignIndex)
4017
- const fromVersion = spec.slice(lastAtSignIndex + 1)
4018
- const fromSpec = `${name}@${fromVersion}`
4019
- const fromPurl = `pkg:npm/${fromSpec}`
4036
+ const failedSpecs = new Set()
4037
+ const fixedSpecs = new Set()
4038
+ const installedSpecs = new Set()
4039
+ const testedSpecs = new Set()
4040
+ const unavailableSpecs = new Set()
4041
+ const revertedSpecs = new Set()
4042
+ for (const oldVersion of oldVersions) {
4043
+ const oldSpec = `${name}@${oldVersion}`
4044
+ const oldPurl = `pkg:npm/${oldSpec}`
4020
4045
  for (const {
4021
4046
  firstPatchedVersionIdentifier,
4022
4047
  vulnerableVersionRange
@@ -4028,7 +4053,7 @@ async function npmFix(
4028
4053
  const node = shadowNpmInject.findPackageNode(
4029
4054
  arb.idealTree,
4030
4055
  name,
4031
- fromVersion
4056
+ oldVersion
4032
4057
  )
4033
4058
  if (!node) {
4034
4059
  continue
@@ -4036,130 +4061,170 @@ async function npmFix(
4036
4061
  if (
4037
4062
  !shadowNpmInject.updateNode(node, packument, vulnerableVersionRange)
4038
4063
  ) {
4039
- spinner?.fail(`Could not patch ${fromSpec}`)
4064
+ if (!unavailableSpecs.has(oldSpec)) {
4065
+ unavailableSpecs.add(oldSpec)
4066
+ spinner?.fail(`No update available for ${oldSpec}`)
4067
+ }
4040
4068
  continue
4041
4069
  }
4042
- const toVersion = node.package.version
4043
- const toVersionRange = shadowNpmInject.applyRange(
4044
- fromVersion,
4045
- toVersion,
4046
- rangeStyle
4047
- )
4048
- const toSpec = `${name}@${toVersionRange}`
4049
- const branch = isCi ? getSocketBranchName(fromPurl, toVersion) : ''
4050
- const { owner, repo } = isCi
4051
- ? getGitHubEnvRepoInfo()
4052
- : {
4053
- owner: '',
4054
- repo: ''
4055
- }
4056
- const shouldOpenPr = isCi
4057
- ? // eslint-disable-next-line no-await-in-loop
4058
- !(await doesPullRequestExistForBranch(owner, repo, branch))
4059
- : false
4060
- const revertData = {
4061
- ...(editablePkgJson.content.dependencies
4062
- ? {
4063
- dependencies: editablePkgJson.content.dependencies
4064
- }
4065
- : undefined),
4066
- ...(editablePkgJson.content.optionalDependencies
4067
- ? {
4068
- optionalDependencies:
4069
- editablePkgJson.content.optionalDependencies
4070
- }
4071
- : undefined),
4072
- ...(editablePkgJson.content.peerDependencies
4073
- ? {
4074
- peerDependencies: editablePkgJson.content.peerDependencies
4075
- }
4076
- : undefined)
4077
- }
4078
- spinner?.info(`Installing ${toSpec}`)
4079
- const baseBranch = getBaseGitBranch()
4080
-
4081
- // eslint-disable-next-line no-await-in-loop
4082
- await gitCheckoutBaseBranchIfAvailable(baseBranch, cwd)
4083
- let error
4084
- let errored = false
4085
- let installed = false
4086
- let saved = false
4087
- try {
4088
- shadowNpmInject.updatePackageJsonFromNode(
4089
- editablePkgJson,
4090
- arb.idealTree,
4091
- node,
4092
- toVersion,
4070
+ for (const pkgJsonPath of pkgJsonPaths) {
4071
+ const isWorkspaceRoot =
4072
+ pkgJsonPath === pkgEnvDetails.editablePkgJson.filename
4073
+ const workspaceName = isWorkspaceRoot
4074
+ ? ''
4075
+ : path$1.relative(rootPath, path$1.dirname(pkgJsonPath))
4076
+ const workspaceDetails = workspaceName ? ` in ${workspaceName}` : ''
4077
+ const editablePkgJson = isWorkspaceRoot
4078
+ ? pkgEnvDetails.editablePkgJson
4079
+ : // eslint-disable-next-line no-await-in-loop
4080
+ await packages.readPackageJson(pkgJsonPath, {
4081
+ editable: true
4082
+ })
4083
+ const newVersion = node.package.version
4084
+ const newVersionRange = shadowNpmInject.applyRange(
4085
+ oldVersion,
4086
+ newVersion,
4093
4087
  rangeStyle
4094
4088
  )
4095
- // eslint-disable-next-line no-await-in-loop
4096
- await editablePkgJson.save()
4097
- saved = true
4098
-
4099
- // eslint-disable-next-line no-await-in-loop
4100
- await install$1(arb.idealTree, {
4101
- cwd
4102
- })
4103
- installed = true
4104
- if (test) {
4105
- spinner?.info(`Testing ${toSpec}`)
4106
- // eslint-disable-next-line no-await-in-loop
4107
- await npm.runScript(testScript, [], {
4108
- spinner,
4109
- stdio: 'ignore'
4110
- })
4089
+ const newSpec = `${name}@${newVersionRange}`
4090
+ const newSpecKey = `${workspaceName ? `${workspaceName}>` : ''}${newSpec}`
4091
+ const branch = isCi
4092
+ ? getSocketBranchName(oldPurl, newVersion, workspaceName)
4093
+ : ''
4094
+ const { owner, repo } = isCi
4095
+ ? getGitHubEnvRepoInfo()
4096
+ : {
4097
+ owner: '',
4098
+ repo: ''
4099
+ }
4100
+ const shouldOpenPr = isCi
4101
+ ? // eslint-disable-next-line no-await-in-loop
4102
+ !(await doesPullRequestExistForBranch(owner, repo, branch))
4103
+ : false
4104
+ const revertData = {
4105
+ ...(editablePkgJson.content.dependencies
4106
+ ? {
4107
+ dependencies: editablePkgJson.content.dependencies
4108
+ }
4109
+ : undefined),
4110
+ ...(editablePkgJson.content.optionalDependencies
4111
+ ? {
4112
+ optionalDependencies:
4113
+ editablePkgJson.content.optionalDependencies
4114
+ }
4115
+ : undefined),
4116
+ ...(editablePkgJson.content.peerDependencies
4117
+ ? {
4118
+ peerDependencies: editablePkgJson.content.peerDependencies
4119
+ }
4120
+ : undefined)
4111
4121
  }
4112
- spinner?.successAndStop(`Fixed ${name}`)
4113
- spinner?.start()
4114
- } catch (e) {
4115
- error = e
4116
- errored = true
4117
- }
4118
- if (!errored && shouldOpenPr) {
4119
- // eslint-disable-next-line no-await-in-loop
4120
- await gitCreateAndPushBranchIfNeeded(
4121
- branch,
4122
- getSocketCommitMessage(fromPurl, toVersion),
4123
- cwd
4124
- )
4122
+ if (!installedSpecs.has(newSpecKey)) {
4123
+ testedSpecs.add(newSpecKey)
4124
+ spinner?.info(`Installing ${newSpec}${workspaceDetails}`)
4125
+ }
4126
+ const baseBranch = getBaseGitBranch()
4127
+
4125
4128
  // eslint-disable-next-line no-await-in-loop
4126
- const prResponse = await openGitHubPullRequest(
4127
- owner,
4128
- repo,
4129
- baseBranch,
4130
- branch,
4131
- fromPurl,
4132
- toVersion,
4133
- cwd
4134
- )
4135
- if (prResponse && autoMerge) {
4129
+ await gitCheckoutBaseBranchIfAvailable(baseBranch, cwd)
4130
+ let error
4131
+ let errored = false
4132
+ let installed = false
4133
+ let saved = false
4134
+ try {
4135
+ shadowNpmInject.updatePackageJsonFromNode(
4136
+ editablePkgJson,
4137
+ arb.idealTree,
4138
+ node,
4139
+ newVersion,
4140
+ rangeStyle
4141
+ )
4136
4142
  // eslint-disable-next-line no-await-in-loop
4137
- await enableAutoMerge(prResponse.data)
4138
- }
4139
- }
4140
- if (errored || isCi) {
4141
- if (errored) {
4142
- spinner?.error(`Reverting ${toSpec}`, error)
4143
- }
4144
- if (isRepo) {
4143
+ if (await editablePkgJson.save()) {
4144
+ saved = true
4145
+ }
4145
4146
  // eslint-disable-next-line no-await-in-loop
4146
- await gitHardReset(cwd)
4147
- }
4148
- if (saved) {
4149
- editablePkgJson.update(revertData)
4150
- if (!isRepo) {
4147
+ await install$1(arb.idealTree, {
4148
+ cwd
4149
+ })
4150
+ installed = true
4151
+ if (test) {
4152
+ if (!testedSpecs.has(newSpecKey)) {
4153
+ testedSpecs.add(newSpecKey)
4154
+ spinner?.info(`Testing ${newSpec}${workspaceDetails}`)
4155
+ }
4151
4156
  // eslint-disable-next-line no-await-in-loop
4152
- await editablePkgJson.save()
4157
+ await npm.runScript(testScript, [], {
4158
+ spinner,
4159
+ stdio: 'ignore'
4160
+ })
4161
+ }
4162
+ if (!fixedSpecs.has(newSpecKey)) {
4163
+ fixedSpecs.add(newSpecKey)
4164
+ spinner?.successAndStop(`Fixed ${name}${workspaceDetails}`)
4165
+ spinner?.start()
4153
4166
  }
4167
+ } catch (e) {
4168
+ error = e
4169
+ errored = true
4154
4170
  }
4155
- if (!isRepo && installed) {
4171
+ if (!errored && shouldOpenPr) {
4156
4172
  // eslint-disable-next-line no-await-in-loop
4157
- await install$1(revertTree, {
4173
+ await gitCreateAndPushBranchIfNeeded(
4174
+ branch,
4175
+ getSocketCommitMessage(oldPurl, newVersion, workspaceName),
4158
4176
  cwd
4159
- })
4177
+ )
4178
+ // eslint-disable-next-line no-await-in-loop
4179
+ const prResponse = await openGitHubPullRequest(
4180
+ owner,
4181
+ repo,
4182
+ baseBranch,
4183
+ branch,
4184
+ oldPurl,
4185
+ newVersion,
4186
+ {
4187
+ cwd,
4188
+ workspaceName
4189
+ }
4190
+ )
4191
+ if (prResponse && autoMerge) {
4192
+ // eslint-disable-next-line no-await-in-loop
4193
+ await enableAutoMerge(prResponse.data)
4194
+ }
4160
4195
  }
4161
- if (errored) {
4162
- spinner?.failAndStop(`Failed to fix ${fromSpec}`)
4196
+ if (errored || isCi) {
4197
+ if (errored) {
4198
+ if (!revertedSpecs.has(newSpecKey)) {
4199
+ revertedSpecs.add(newSpecKey)
4200
+ spinner?.error(`Reverting ${newSpec}${workspaceDetails}`, error)
4201
+ }
4202
+ }
4203
+ if (isRepo) {
4204
+ // eslint-disable-next-line no-await-in-loop
4205
+ await gitHardReset(cwd)
4206
+ }
4207
+ if (saved) {
4208
+ editablePkgJson.update(revertData)
4209
+ if (!isRepo) {
4210
+ // eslint-disable-next-line no-await-in-loop
4211
+ await editablePkgJson.save()
4212
+ }
4213
+ }
4214
+ if (!isRepo && installed) {
4215
+ // eslint-disable-next-line no-await-in-loop
4216
+ await install$1(revertTree, {
4217
+ cwd
4218
+ })
4219
+ }
4220
+ if (errored) {
4221
+ if (!failedSpecs.has(newSpecKey)) {
4222
+ failedSpecs.add(newSpecKey)
4223
+ spinner?.failAndStop(
4224
+ `Update failed for ${oldSpec}${workspaceDetails}`
4225
+ )
4226
+ }
4227
+ }
4163
4228
  }
4164
4229
  }
4165
4230
  }
@@ -4168,78 +4233,6 @@ async function npmFix(
4168
4233
  spinner?.stop()
4169
4234
  }
4170
4235
 
4171
- async function getAlertsMapFromPnpmLockfile(lockfile, options_) {
4172
- const options = {
4173
- __proto__: null,
4174
- consolidate: false,
4175
- nothrow: false,
4176
- ...options_
4177
- }
4178
- const include = {
4179
- __proto__: null,
4180
- actions: undefined,
4181
- blocked: true,
4182
- critical: true,
4183
- cve: true,
4184
- existing: false,
4185
- unfixable: true,
4186
- upgradable: false,
4187
- ...options.include
4188
- }
4189
- const { spinner } = options
4190
- const depTypes = vendor.libExports$2.detectDepTypes(lockfile)
4191
- const pkgIds = Object.keys(depTypes)
4192
- let { length: remaining } = pkgIds
4193
- const alertsByPkgId = new Map()
4194
- if (!remaining) {
4195
- return alertsByPkgId
4196
- }
4197
- const getText = () => `Looking up data for ${remaining} packages`
4198
- spinner?.start(getText())
4199
- const sockSdk = await shadowNpmInject.setupSdk(
4200
- shadowNpmInject.getPublicToken()
4201
- )
4202
- const toAlertsMapOptions = {
4203
- overrides: lockfile.overrides,
4204
- consolidate: options.consolidate,
4205
- include,
4206
- spinner
4207
- }
4208
- for await (const batchResult of sockSdk.batchPackageStream(
4209
- {
4210
- alerts: 'true',
4211
- compact: 'true',
4212
- fixable: include.unfixable ? 'false' : 'true'
4213
- },
4214
- {
4215
- components: pkgIds.map(id => ({
4216
- purl: `pkg:npm/${id}`
4217
- }))
4218
- }
4219
- )) {
4220
- if (batchResult.success) {
4221
- await shadowNpmInject.addArtifactToAlertsMap(
4222
- batchResult.data,
4223
- alertsByPkgId,
4224
- toAlertsMapOptions
4225
- )
4226
- } else if (!options.nothrow) {
4227
- const statusCode = batchResult.status ?? 'unknown'
4228
- const statusMessage = batchResult.error ?? 'No status message'
4229
- throw new Error(
4230
- `Socket API server error (${statusCode}): ${statusMessage}`
4231
- )
4232
- }
4233
- remaining -= 1
4234
- if (spinner && remaining > 0) {
4235
- spinner.start()
4236
- spinner.setText(getText())
4237
- }
4238
- }
4239
- spinner?.stop()
4240
- return alertsByPkgId
4241
- }
4242
-
4243
4236
  const {
4244
4237
  NPM: NPM$e,
4245
4238
  SOCKET_CLI_SAFE_BIN,
@@ -4330,7 +4323,7 @@ function safeNpmInstall(options) {
4330
4323
  return spawnPromise
4331
4324
  }
4332
4325
 
4333
- const { NPM: NPM$d, PNPM: PNPM$a } = constants
4326
+ const { NPM: NPM$d, PNPM: PNPM$9 } = constants
4334
4327
  function runAgentInstall(pkgEnvDetails, options) {
4335
4328
  const { agent, agentExecPath } = pkgEnvDetails
4336
4329
  // All package managers support the "install" command.
@@ -4349,7 +4342,7 @@ function runAgentInstall(pkgEnvDetails, options) {
4349
4342
  ...options
4350
4343
  }
4351
4344
  const skipNodeHardenFlags =
4352
- agent === PNPM$a && pkgEnvDetails.agentVersion.major < 11
4345
+ agent === PNPM$9 && pkgEnvDetails.agentVersion.major < 11
4353
4346
  return spawn.spawn(agentExecPath, ['install', ...args], {
4354
4347
  spinner,
4355
4348
  stdio: 'inherit',
@@ -4369,7 +4362,7 @@ function runAgentInstall(pkgEnvDetails, options) {
4369
4362
  })
4370
4363
  }
4371
4364
 
4372
- const { CI, NPM: NPM$c, OVERRIDES: OVERRIDES$2, PNPM: PNPM$9 } = constants
4365
+ const { CI, NPM: NPM$c, OVERRIDES: OVERRIDES$2, PNPM: PNPM$8 } = constants
4373
4366
  async function getActualTree(cwd = process.cwd()) {
4374
4367
  const arb = new shadowNpmInject.SafeArborist({
4375
4368
  path: cwd,
@@ -4391,15 +4384,18 @@ async function install(pkgEnvDetails, options) {
4391
4384
  }
4392
4385
  async function pnpmFix(
4393
4386
  pkgEnvDetails,
4394
- { autoMerge, cwd, rangeStyle, spinner, test, testScript }
4387
+ { autoMerge, cwd, purls, rangeStyle, spinner, test, testScript }
4395
4388
  ) {
4396
- const lockfile = await vendor.libExports$3.readWantedLockfile(cwd, {
4397
- ignoreIncompatible: false
4398
- })
4389
+ const lockfile = await vendor.libExports$3.readWantedLockfile(
4390
+ pkgEnvDetails.pkgPath,
4391
+ {
4392
+ ignoreIncompatible: false
4393
+ }
4394
+ )
4399
4395
  if (!lockfile) {
4400
4396
  return
4401
4397
  }
4402
- const alertsMap = await getAlertsMapFromPnpmLockfile(lockfile, {
4398
+ const alertMapOptions = {
4403
4399
  consolidate: true,
4404
4400
  include: {
4405
4401
  existing: true,
@@ -4407,43 +4403,61 @@ async function pnpmFix(
4407
4403
  upgradable: false
4408
4404
  },
4409
4405
  nothrow: true
4410
- })
4406
+ }
4407
+ const alertsMap = purls.length
4408
+ ? await shadowNpmInject.getAlertsMapFromPurls(purls, alertMapOptions)
4409
+ : await shadowNpmInject.getAlertsMapFromPnpmLockfile(
4410
+ lockfile,
4411
+ alertMapOptions
4412
+ )
4411
4413
  const infoByPkg = shadowNpmInject.getCveInfoByAlertsMap(alertsMap)
4412
4414
  if (!infoByPkg) {
4413
4415
  return
4414
4416
  }
4415
4417
  spinner?.start()
4416
- const editablePkgJson = await packages.readPackageJson(cwd, {
4417
- editable: true
4418
- })
4418
+
4419
4419
  // Lazily access constants.ENV[CI].
4420
4420
  const isCi = constants.ENV[CI]
4421
- const isRepo = await isInGitRepo(cwd)
4422
- let actualTree = await getActualTree(cwd)
4421
+ const { pkgPath: rootPath } = pkgEnvDetails
4422
+ const {
4423
+ 0: isRepo,
4424
+ 1: workspacePkgJsonPaths,
4425
+ 2: initialTree
4426
+ } = await Promise.all([
4427
+ isInGitRepo(cwd),
4428
+ shadowNpmPaths.globWorkspace(pkgEnvDetails),
4429
+ getActualTree(cwd)
4430
+ ])
4431
+ const pkgJsonPaths = [
4432
+ pkgEnvDetails.editablePkgJson.filename,
4433
+ ...workspacePkgJsonPaths
4434
+ ]
4435
+ let actualTree = initialTree
4423
4436
  for (const { 0: name, 1: infos } of infoByPkg) {
4424
4437
  if (registry.getManifestData(NPM$c, name)) {
4425
4438
  spinner?.info(`Skipping ${name}. Socket Optimize package exists.`)
4426
4439
  continue
4427
4440
  }
4428
- const specs = arrays.arrayUnique(
4429
- shadowNpmInject
4430
- .findPackageNodes(actualTree, name)
4431
- .map(n => `${n.name}@${n.version}`)
4441
+ const oldVersions = arrays.arrayUnique(
4442
+ shadowNpmInject.findPackageNodes(actualTree, name).map(n => n.version)
4432
4443
  )
4433
4444
  const packument =
4434
- specs.length && infos.length
4445
+ oldVersions.length && infos.length
4435
4446
  ? // eslint-disable-next-line no-await-in-loop
4436
4447
  await packages.fetchPackagePackument(name)
4437
4448
  : null
4438
4449
  if (!packument) {
4439
4450
  continue
4440
4451
  }
4441
- for (const spec of specs) {
4442
- const lastAtSignIndex = spec.lastIndexOf('@')
4443
- const name = spec.slice(0, lastAtSignIndex)
4444
- const fromVersion = spec.slice(lastAtSignIndex + 1)
4445
- const fromSpec = `${name}@${fromVersion}`
4446
- const fromPurl = `pkg:npm/${fromSpec}`
4452
+ const failedSpecs = new Set()
4453
+ const fixedSpecs = new Set()
4454
+ const installedSpecs = new Set()
4455
+ const testedSpecs = new Set()
4456
+ const unavailableSpecs = new Set()
4457
+ const revertedSpecs = new Set()
4458
+ for (const oldVersion of oldVersions) {
4459
+ const oldSpec = `${name}@${oldVersion}`
4460
+ const oldPurl = `pkg:npm/${oldSpec}`
4447
4461
  for (const {
4448
4462
  firstPatchedVersionIdentifier,
4449
4463
  vulnerableVersionRange
@@ -4451,177 +4465,224 @@ async function pnpmFix(
4451
4465
  const node = shadowNpmInject.findPackageNode(
4452
4466
  actualTree,
4453
4467
  name,
4454
- fromVersion
4468
+ oldVersion
4455
4469
  )
4456
4470
  if (!node) {
4457
4471
  continue
4458
4472
  }
4459
4473
  const availableVersions = Object.keys(packument.versions)
4460
- const toVersion = shadowNpmInject.findBestPatchVersion(
4474
+ const newVersion = shadowNpmInject.findBestPatchVersion(
4461
4475
  node,
4462
4476
  availableVersions,
4463
4477
  vulnerableVersionRange
4464
4478
  )
4465
- const targetPackument = toVersion
4466
- ? packument.versions[toVersion]
4479
+ const newVersionPackument = newVersion
4480
+ ? packument.versions[newVersion]
4467
4481
  : undefined
4468
- if (!(toVersion && targetPackument)) {
4469
- spinner?.fail(`Could not patch ${fromSpec}`)
4470
- continue
4471
- }
4472
- const oldPnpm = editablePkgJson.content[PNPM$9]
4473
- const oldPnpmKeyCount = oldPnpm ? Object.keys(oldPnpm).length : 0
4474
- const oldOverrides = oldPnpm?.[OVERRIDES$2]
4475
- const oldOverridesCount = oldOverrides
4476
- ? Object.keys(oldOverrides).length
4477
- : 0
4478
- const overrideKey = `${name}@${vulnerableVersionRange}`
4479
- const toVersionRange = shadowNpmInject.applyRange(
4480
- oldOverrides?.[overrideKey] ?? fromVersion,
4481
- toVersion,
4482
- rangeStyle
4483
- )
4484
- const toSpec = `${name}@${toVersionRange}`
4485
- const branch = isCi ? getSocketBranchName(fromPurl, toVersion) : ''
4486
- const baseBranch = isCi ? getBaseGitBranch() : ''
4487
- const { owner, repo } = isCi
4488
- ? getGitHubEnvRepoInfo()
4489
- : {
4490
- owner: '',
4491
- repo: ''
4492
- }
4493
- const shouldOpenPr = isCi
4494
- ? // eslint-disable-next-line no-await-in-loop
4495
- !(await doesPullRequestExistForBranch(owner, repo, branch))
4496
- : false
4497
- const updateData = {
4498
- [PNPM$9]: {
4499
- ...oldPnpm,
4500
- [OVERRIDES$2]: {
4501
- [overrideKey]: toVersionRange,
4502
- ...oldOverrides
4503
- }
4482
+ if (!(newVersion && newVersionPackument)) {
4483
+ if (!unavailableSpecs.has(oldSpec)) {
4484
+ unavailableSpecs.add(oldSpec)
4485
+ spinner?.fail(`No update available for ${oldSpec}`)
4504
4486
  }
4487
+ continue
4505
4488
  }
4506
- const revertData = {
4507
- [PNPM$9]: oldPnpmKeyCount
4508
- ? {
4509
- ...oldPnpm,
4510
- [OVERRIDES$2]:
4511
- oldOverridesCount === 1
4512
- ? undefined
4513
- : {
4514
- [overrideKey]: undefined,
4515
- ...oldOverrides
4516
- }
4517
- }
4518
- : undefined,
4519
- ...(editablePkgJson.content.dependencies
4520
- ? {
4521
- dependencies: editablePkgJson.content.dependencies
4522
- }
4523
- : undefined),
4524
- ...(editablePkgJson.content.optionalDependencies
4525
- ? {
4526
- optionalDependencies:
4527
- editablePkgJson.content.optionalDependencies
4489
+ for (const pkgJsonPath of pkgJsonPaths) {
4490
+ const isWorkspaceRoot =
4491
+ pkgJsonPath === pkgEnvDetails.editablePkgJson.filename
4492
+ const workspaceName = isWorkspaceRoot
4493
+ ? ''
4494
+ : path$1.relative(rootPath, path$1.dirname(pkgJsonPath))
4495
+ const workspaceDetails = workspaceName ? ` in ${workspaceName}` : ''
4496
+ const editablePkgJson = isWorkspaceRoot
4497
+ ? pkgEnvDetails.editablePkgJson
4498
+ : // eslint-disable-next-line no-await-in-loop
4499
+ await packages.readPackageJson(pkgJsonPath, {
4500
+ editable: true
4501
+ })
4502
+ const oldPnpm = editablePkgJson.content[PNPM$8]
4503
+ const oldPnpmKeyCount = oldPnpm ? Object.keys(oldPnpm).length : 0
4504
+ const oldOverrides = oldPnpm?.[OVERRIDES$2]
4505
+ const oldOverridesCount = oldOverrides
4506
+ ? Object.keys(oldOverrides).length
4507
+ : 0
4508
+ const overrideKey = `${name}@${vulnerableVersionRange}`
4509
+ const newVersionRange = shadowNpmInject.applyRange(
4510
+ oldOverrides?.[overrideKey] ?? oldVersion,
4511
+ newVersion,
4512
+ rangeStyle
4513
+ )
4514
+ const newSpec = `${name}@${newVersionRange}`
4515
+ const newSpecKey = `${workspaceName ? `${workspaceName}>` : ''}${newSpec}`
4516
+ const branch = isCi
4517
+ ? getSocketBranchName(oldPurl, newVersion, workspaceName)
4518
+ : ''
4519
+ const baseBranch = isCi ? getBaseGitBranch() : ''
4520
+ const { owner, repo } = isCi
4521
+ ? getGitHubEnvRepoInfo()
4522
+ : {
4523
+ owner: '',
4524
+ repo: ''
4528
4525
  }
4529
- : undefined),
4530
- ...(editablePkgJson.content.peerDependencies
4526
+ const shouldOpenPr = isCi
4527
+ ? // eslint-disable-next-line no-await-in-loop
4528
+ !(await doesPullRequestExistForBranch(owner, repo, branch))
4529
+ : false
4530
+ const updateData = isWorkspaceRoot
4531
4531
  ? {
4532
- peerDependencies: editablePkgJson.content.peerDependencies
4532
+ [PNPM$8]: {
4533
+ ...oldPnpm,
4534
+ [OVERRIDES$2]: {
4535
+ [overrideKey]: newVersionRange,
4536
+ ...oldOverrides
4537
+ }
4538
+ }
4533
4539
  }
4534
- : undefined)
4535
- }
4536
- spinner?.info(`Installing ${toSpec}`)
4537
- if (isCi) {
4538
- // eslint-disable-next-line no-await-in-loop
4539
- await gitCheckoutBaseBranchIfAvailable(baseBranch, cwd)
4540
- }
4541
- let error
4542
- let errored = false
4543
- let installed = false
4544
- let saved = false
4545
- try {
4546
- editablePkgJson.update(updateData)
4547
- shadowNpmInject.updatePackageJsonFromNode(
4548
- editablePkgJson,
4549
- actualTree,
4550
- node,
4551
- toVersion,
4552
- rangeStyle
4553
- )
4554
- // eslint-disable-next-line no-await-in-loop
4555
- await editablePkgJson.save()
4556
- saved = true
4557
-
4558
- // eslint-disable-next-line no-await-in-loop
4559
- actualTree = await install(pkgEnvDetails, {
4560
- spinner
4561
- })
4562
- installed = true
4563
- if (test) {
4564
- spinner?.info(`Testing ${toSpec}`)
4565
- // eslint-disable-next-line no-await-in-loop
4566
- await npm.runScript(testScript, [], {
4567
- spinner,
4568
- stdio: 'ignore'
4569
- })
4570
- }
4571
- spinner?.successAndStop(`Fixed ${name}`)
4572
- spinner?.start()
4573
- } catch (e) {
4574
- error = e
4575
- errored = true
4576
- }
4577
- if (!errored && shouldOpenPr) {
4578
- // eslint-disable-next-line no-await-in-loop
4579
- await gitCreateAndPushBranchIfNeeded(
4580
- branch,
4581
- getSocketCommitMessage(fromPurl, toVersion),
4582
- cwd
4583
- )
4584
- // eslint-disable-next-line no-await-in-loop
4585
- const prResponse = await openGitHubPullRequest(
4586
- owner,
4587
- repo,
4588
- baseBranch,
4589
- branch,
4590
- fromPurl,
4591
- toVersion,
4592
- cwd
4593
- )
4594
- if (prResponse && autoMerge) {
4595
- // eslint-disable-next-line no-await-in-loop
4596
- await enableAutoMerge(prResponse.data)
4540
+ : {}
4541
+ const revertData = {
4542
+ ...(isWorkspaceRoot
4543
+ ? {
4544
+ [PNPM$8]: oldPnpmKeyCount
4545
+ ? {
4546
+ ...oldPnpm,
4547
+ [OVERRIDES$2]:
4548
+ oldOverridesCount === 1
4549
+ ? undefined
4550
+ : {
4551
+ [overrideKey]: undefined,
4552
+ ...oldOverrides
4553
+ }
4554
+ }
4555
+ : undefined
4556
+ }
4557
+ : {}),
4558
+ ...(editablePkgJson.content.dependencies
4559
+ ? {
4560
+ dependencies: editablePkgJson.content.dependencies
4561
+ }
4562
+ : undefined),
4563
+ ...(editablePkgJson.content.optionalDependencies
4564
+ ? {
4565
+ optionalDependencies:
4566
+ editablePkgJson.content.optionalDependencies
4567
+ }
4568
+ : undefined),
4569
+ ...(editablePkgJson.content.peerDependencies
4570
+ ? {
4571
+ peerDependencies: editablePkgJson.content.peerDependencies
4572
+ }
4573
+ : undefined)
4597
4574
  }
4598
- }
4599
- if (errored || isCi) {
4600
- if (errored) {
4601
- spinner?.error(`Reverting ${toSpec}`, error)
4575
+ if (!installedSpecs.has(newSpecKey)) {
4576
+ installedSpecs.add(newSpecKey)
4577
+ spinner?.info(`Installing ${newSpec}${workspaceDetails}`)
4602
4578
  }
4603
- if (isRepo) {
4579
+ if (isCi) {
4604
4580
  // eslint-disable-next-line no-await-in-loop
4605
- await gitHardReset(cwd)
4606
- }
4607
- if (saved) {
4608
- editablePkgJson.update(revertData)
4609
- if (!isRepo) {
4610
- // eslint-disable-next-line no-await-in-loop
4611
- await editablePkgJson.save()
4612
- }
4581
+ await gitCheckoutBaseBranchIfAvailable(baseBranch, cwd)
4613
4582
  }
4614
- if (isRepo) {
4583
+ let error
4584
+ let errored = false
4585
+ let installed = false
4586
+ let saved = false
4587
+ try {
4588
+ editablePkgJson.update(updateData)
4589
+ shadowNpmInject.updatePackageJsonFromNode(
4590
+ editablePkgJson,
4591
+ actualTree,
4592
+ node,
4593
+ newVersion,
4594
+ rangeStyle
4595
+ )
4615
4596
  // eslint-disable-next-line no-await-in-loop
4616
- actualTree = await getActualTree(cwd)
4617
- } else if (installed) {
4597
+ if (!(await editablePkgJson.save())) {
4598
+ continue
4599
+ }
4600
+ saved = true
4618
4601
  // eslint-disable-next-line no-await-in-loop
4619
4602
  actualTree = await install(pkgEnvDetails, {
4620
4603
  spinner
4621
4604
  })
4605
+ installed = true
4606
+ if (test) {
4607
+ if (!testedSpecs.has(newSpecKey)) {
4608
+ testedSpecs.add(newSpecKey)
4609
+ spinner?.info(`Testing ${newSpec}${workspaceDetails}`)
4610
+ }
4611
+ // eslint-disable-next-line no-await-in-loop
4612
+ await npm.runScript(testScript, [], {
4613
+ spinner,
4614
+ stdio: 'ignore'
4615
+ })
4616
+ }
4617
+ if (!fixedSpecs.has(newSpecKey)) {
4618
+ fixedSpecs.add(newSpecKey)
4619
+ spinner?.successAndStop(`Fixed ${name}${workspaceDetails}`)
4620
+ spinner?.start()
4621
+ }
4622
+ } catch (e) {
4623
+ error = e
4624
+ errored = true
4625
+ }
4626
+ if (!errored && shouldOpenPr) {
4627
+ // eslint-disable-next-line no-await-in-loop
4628
+ await gitCreateAndPushBranchIfNeeded(
4629
+ branch,
4630
+ getSocketCommitMessage(oldPurl, newVersion, workspaceName),
4631
+ cwd
4632
+ )
4633
+ // eslint-disable-next-line no-await-in-loop
4634
+ const prResponse = await openGitHubPullRequest(
4635
+ owner,
4636
+ repo,
4637
+ baseBranch,
4638
+ branch,
4639
+ oldPurl,
4640
+ newVersion,
4641
+ {
4642
+ cwd,
4643
+ workspaceName
4644
+ }
4645
+ )
4646
+ if (prResponse && autoMerge) {
4647
+ // eslint-disable-next-line no-await-in-loop
4648
+ await enableAutoMerge(prResponse.data)
4649
+ }
4622
4650
  }
4623
- if (errored) {
4624
- spinner?.failAndStop(`Failed to fix ${fromSpec}`)
4651
+ if (errored || isCi) {
4652
+ if (errored) {
4653
+ if (!revertedSpecs.has(newSpecKey)) {
4654
+ revertedSpecs.add(newSpecKey)
4655
+ spinner?.error(`Reverting ${newSpec}${workspaceDetails}`, error)
4656
+ }
4657
+ }
4658
+ if (isRepo) {
4659
+ // eslint-disable-next-line no-await-in-loop
4660
+ await gitHardReset(cwd)
4661
+ }
4662
+ if (saved) {
4663
+ editablePkgJson.update(revertData)
4664
+ if (!isRepo) {
4665
+ // eslint-disable-next-line no-await-in-loop
4666
+ await editablePkgJson.save()
4667
+ }
4668
+ }
4669
+ if (isRepo) {
4670
+ // eslint-disable-next-line no-await-in-loop
4671
+ actualTree = await getActualTree(cwd)
4672
+ } else if (installed) {
4673
+ // eslint-disable-next-line no-await-in-loop
4674
+ actualTree = await install(pkgEnvDetails, {
4675
+ spinner
4676
+ })
4677
+ }
4678
+ if (errored) {
4679
+ if (!failedSpecs.has(newSpecKey)) {
4680
+ failedSpecs.add(newSpecKey)
4681
+ spinner?.failAndStop(
4682
+ `Update failed for ${oldSpec}${workspaceDetails}`
4683
+ )
4684
+ }
4685
+ }
4625
4686
  }
4626
4687
  }
4627
4688
  }
@@ -4630,6 +4691,29 @@ async function pnpmFix(
4630
4691
  spinner?.stop()
4631
4692
  }
4632
4693
 
4694
+ const CMD_NAME$1 = 'socket fix'
4695
+ function assignDefaultFixOptions(options) {
4696
+ if (options.autoPilot === undefined) {
4697
+ options.autoPilot = false
4698
+ }
4699
+ if (options.autoMerge === undefined) {
4700
+ options.autoMerge = !!options.autoPilot
4701
+ }
4702
+ if (options.cwd === undefined) {
4703
+ options.cwd = process.cwd()
4704
+ }
4705
+ if (options.rangeStyle === undefined) {
4706
+ options.rangeStyle = 'preserve'
4707
+ }
4708
+ if (options.test === undefined) {
4709
+ options.test = !!options.autoPilot || !!options.testScript
4710
+ }
4711
+ if (options.testScript === undefined) {
4712
+ options.testScript = 'test'
4713
+ }
4714
+ return options
4715
+ }
4716
+
4633
4717
  const {
4634
4718
  BINARY_LOCK_EXT,
4635
4719
  BUN: BUN$5,
@@ -4638,7 +4722,7 @@ const {
4638
4722
  NPM: NPM$b,
4639
4723
  NPM_BUGGY_OVERRIDES_PATCHED_VERSION: NPM_BUGGY_OVERRIDES_PATCHED_VERSION$1,
4640
4724
  PACKAGE_JSON,
4641
- PNPM: PNPM$8,
4725
+ PNPM: PNPM$7,
4642
4726
  VLT: VLT$5,
4643
4727
  YARN,
4644
4728
  YARN_BERRY: YARN_BERRY$5,
@@ -4647,7 +4731,7 @@ const {
4647
4731
  const AGENTS = new Set([
4648
4732
  BUN$5,
4649
4733
  NPM$b,
4650
- PNPM$8,
4734
+ PNPM$7,
4651
4735
  YARN_BERRY$5,
4652
4736
  YARN_CLASSIC$6,
4653
4737
  VLT$5
@@ -4655,7 +4739,7 @@ const AGENTS = new Set([
4655
4739
  const binByAgent = new Map([
4656
4740
  [BUN$5, BUN$5],
4657
4741
  [NPM$b, NPM$b],
4658
- [PNPM$8, PNPM$8],
4742
+ [PNPM$7, PNPM$7],
4659
4743
  [YARN_BERRY$5, YARN],
4660
4744
  [YARN_CLASSIC$6, YARN],
4661
4745
  [VLT$5, VLT$5]
@@ -4663,7 +4747,7 @@ const binByAgent = new Map([
4663
4747
  async function getAgentExecPath(agent) {
4664
4748
  const binName = binByAgent.get(agent)
4665
4749
  return (
4666
- (await vendor.libExports$1(binName, {
4750
+ (await vendor.libExports$2(binName, {
4667
4751
  nothrow: true
4668
4752
  })) ?? binName
4669
4753
  )
@@ -4697,8 +4781,8 @@ const LOCKS = {
4697
4781
  // https://docs.npmjs.com/cli/v10/configuring-npm/package-lock-json#package-lockjson-vs-npm-shrinkwrapjson
4698
4782
  'npm-shrinkwrap.json': NPM$b,
4699
4783
  'package-lock.json': NPM$b,
4700
- 'pnpm-lock.yaml': PNPM$8,
4701
- 'pnpm-lock.yml': PNPM$8,
4784
+ 'pnpm-lock.yaml': PNPM$7,
4785
+ 'pnpm-lock.yml': PNPM$7,
4702
4786
  [`yarn${LOCK_EXT$1}`]: YARN_CLASSIC$6,
4703
4787
  'vlt-lock.json': VLT$5,
4704
4788
  // Lastly, look for a hidden lock file which is present if .npmrc has package-lock=false:
@@ -4745,7 +4829,7 @@ const readLockFileByAgent = (() => {
4745
4829
  })
4746
4830
  ],
4747
4831
  [NPM$b, defaultReader],
4748
- [PNPM$8, defaultReader],
4832
+ [PNPM$7, defaultReader],
4749
4833
  [VLT$5, defaultReader],
4750
4834
  [YARN_BERRY$5, defaultReader],
4751
4835
  [YARN_CLASSIC$6, defaultReader]
@@ -4769,7 +4853,7 @@ async function detectPackageEnvironment({
4769
4853
  cwd
4770
4854
  })
4771
4855
  const pkgPath =
4772
- pkgJsonPath && require$$0.existsSync(pkgJsonPath)
4856
+ pkgJsonPath && fs$1.existsSync(pkgJsonPath)
4773
4857
  ? path$1.dirname(pkgJsonPath)
4774
4858
  : undefined
4775
4859
  const editablePkgJson = pkgPath
@@ -4897,6 +4981,7 @@ async function detectPackageEnvironment({
4897
4981
  agentExecPath,
4898
4982
  agentSupported,
4899
4983
  agentVersion,
4984
+ editablePkgJson,
4900
4985
  features: {
4901
4986
  npmBuggyOverrides
4902
4987
  },
@@ -4906,7 +4991,6 @@ async function detectPackageEnvironment({
4906
4991
  nodeSupported,
4907
4992
  nodeVersion,
4908
4993
  npmExecPath,
4909
- pkgJson: editablePkgJson,
4910
4994
  pkgPath,
4911
4995
  pkgRequirements: {
4912
4996
  agent: pkgAgentRange ?? `>=${pkgMinAgentVersion}`,
@@ -5030,15 +5114,14 @@ async function detectAndValidatePackageEnvironment(cwd, options) {
5030
5114
  return details
5031
5115
  }
5032
5116
 
5033
- const { NPM: NPM$a, PNPM: PNPM$7 } = constants
5034
- const CMD_NAME$2 = 'socket fix'
5117
+ const { NPM: NPM$a, PNPM: PNPM$6 } = constants
5035
5118
  async function runFix(options_) {
5036
- const options = shadowNpmInject.assignDefaultFixOptions({
5119
+ const options = assignDefaultFixOptions({
5037
5120
  __proto__: null,
5038
5121
  ...options_
5039
5122
  })
5040
5123
  const pkgEnvDetails = await detectAndValidatePackageEnvironment(options.cwd, {
5041
- cmdName: CMD_NAME$2,
5124
+ cmdName: CMD_NAME$1,
5042
5125
  logger: logger.logger
5043
5126
  })
5044
5127
  if (!pkgEnvDetails) {
@@ -5048,13 +5131,13 @@ async function runFix(options_) {
5048
5131
  const { agent } = pkgEnvDetails
5049
5132
  if (agent === NPM$a) {
5050
5133
  await npmFix(pkgEnvDetails, options)
5051
- } else if (agent === PNPM$7) {
5134
+ } else if (agent === PNPM$6) {
5052
5135
  await pnpmFix(pkgEnvDetails, options)
5053
5136
  }
5054
5137
  }
5055
5138
 
5056
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$w } = constants
5057
- const config$z = {
5139
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$x } = constants
5140
+ const config$A = {
5058
5141
  commandName: 'fix',
5059
5142
  description: 'Fix "fixable" Socket alerts',
5060
5143
  hidden: true,
@@ -5070,10 +5153,17 @@ const config$z = {
5070
5153
  default: false,
5071
5154
  description: `Enable auto-merge for pull requests that Socket opens.\n See ${vendor.terminalLinkExports('GitHub documentation', 'https://docs.github.com/en/repositories/configuring-branches-and-merges-in-your-repository/configuring-pull-request-merges/managing-auto-merge-for-pull-requests-in-your-repository')} for managing auto-merge for pull requests in your repository.`
5072
5155
  },
5156
+ purl: {
5157
+ type: 'string',
5158
+ default: [],
5159
+ description: `User provided PURL to fix`,
5160
+ isMultiple: true,
5161
+ shortFlag: 'p'
5162
+ },
5073
5163
  rangeStyle: {
5074
5164
  type: 'string',
5075
5165
  default: 'preserve',
5076
- description: vendor.stripIndent`
5166
+ description: vendor.html`
5077
5167
  Define how updated dependency versions should be written in package.json.
5078
5168
  Available styles:
5079
5169
  * caret - Use ^ range for compatible updates (e.g. ^1.2.3)
@@ -5104,14 +5194,14 @@ const config$z = {
5104
5194
  `
5105
5195
  }
5106
5196
  const cmdFix = {
5107
- description: config$z.description,
5108
- hidden: config$z.hidden,
5109
- run: run$z
5197
+ description: config$A.description,
5198
+ hidden: config$A.hidden,
5199
+ run: run$A
5110
5200
  }
5111
- async function run$z(argv, importMeta, { parentName }) {
5201
+ async function run$A(argv, importMeta, { parentName }) {
5112
5202
  const cli = meowOrExit({
5113
5203
  argv,
5114
- config: config$z,
5204
+ config: config$A,
5115
5205
  importMeta,
5116
5206
  parentName
5117
5207
  })
@@ -5125,7 +5215,7 @@ async function run$z(argv, importMeta, { parentName }) {
5125
5215
  return
5126
5216
  }
5127
5217
  if (cli.flags['dryRun']) {
5128
- logger.logger.log(DRY_RUN_BAIL_TEXT$w)
5218
+ logger.logger.log(DRY_RUN_BAIL_TEXT$x)
5129
5219
  return
5130
5220
  }
5131
5221
 
@@ -5134,6 +5224,7 @@ async function run$z(argv, importMeta, { parentName }) {
5134
5224
  await runFix({
5135
5225
  autoMerge: Boolean(cli.flags['autoMerge']),
5136
5226
  autoPilot: Boolean(cli.flags['autoPilot']),
5227
+ purls: Array.isArray(cli.flags['purl']) ? cli.flags['purl'] : [],
5137
5228
  spinner,
5138
5229
  rangeStyle: cli.flags['rangeStyle'] ?? undefined,
5139
5230
  test: Boolean(cli.flags['test']),
@@ -5234,7 +5325,7 @@ function outputPackageInfo(
5234
5325
  return
5235
5326
  }
5236
5327
  if (outputKind === 'markdown') {
5237
- logger.logger.log(vendor.stripIndents`
5328
+ logger.logger.log(vendor.html`
5238
5329
  # Package report for ${pkgName}
5239
5330
 
5240
5331
  Package report card:
@@ -5327,11 +5418,12 @@ async function handlePackageInfo({
5327
5418
  }
5328
5419
  }
5329
5420
 
5330
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$v } = constants
5331
- const config$y = {
5421
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$w } = constants
5422
+ const config$z = {
5332
5423
  commandName: 'info',
5333
5424
  description: 'Look up info regarding a package',
5334
- hidden: false,
5425
+ hidden: true,
5426
+ // Deprecated
5335
5427
  flags: {
5336
5428
  ...commonFlags,
5337
5429
  ...outputFlags,
@@ -5352,14 +5444,14 @@ const config$y = {
5352
5444
  `
5353
5445
  }
5354
5446
  const cmdInfo = {
5355
- description: config$y.description,
5356
- hidden: config$y.hidden,
5357
- run: run$y
5447
+ description: config$z.description,
5448
+ hidden: config$z.hidden,
5449
+ run: run$z
5358
5450
  }
5359
- async function run$y(argv, importMeta, { parentName }) {
5451
+ async function run$z(argv, importMeta, { parentName }) {
5360
5452
  const cli = meowOrExit({
5361
5453
  argv,
5362
- config: config$y,
5454
+ config: config$z,
5363
5455
  importMeta,
5364
5456
  parentName
5365
5457
  })
@@ -5397,11 +5489,11 @@ async function run$y(argv, importMeta, { parentName }) {
5397
5489
  const pkgVersion =
5398
5490
  versionSeparator < 1 ? 'latest' : rawPkgName.slice(versionSeparator + 1)
5399
5491
  if (cli.flags['dryRun']) {
5400
- logger.logger.log(DRY_RUN_BAIL_TEXT$v)
5492
+ logger.logger.log(DRY_RUN_BAIL_TEXT$w)
5401
5493
  return
5402
5494
  }
5403
5495
  await handlePackageInfo({
5404
- commandName: `${parentName} ${config$y.commandName}`,
5496
+ commandName: `${parentName} ${config$z.commandName}`,
5405
5497
  includeAllIssues: Boolean(all),
5406
5498
  outputKind: json ? 'json' : markdown ? 'markdown' : 'print',
5407
5499
  pkgName,
@@ -5477,7 +5569,7 @@ async function attemptLogin(apiBaseUrl, apiProxy) {
5477
5569
  logger.logger.success(
5478
5570
  `API credentials ${previousPersistedToken === apiToken ? 'refreshed' : previousPersistedToken ? 'updated' : 'set'}`
5479
5571
  )
5480
- if (!shadowNpmInject.isReadOnlyConfig()) {
5572
+ if (shadowNpmInject.isReadOnlyConfig()) {
5481
5573
  logger.logger.log('')
5482
5574
  logger.logger.warn(
5483
5575
  'Note: config is in read-only mode, at least one key was overridden through flag/env, so the login was not persisted!'
@@ -5488,8 +5580,8 @@ async function attemptLogin(apiBaseUrl, apiProxy) {
5488
5580
  }
5489
5581
  }
5490
5582
 
5491
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$u } = constants
5492
- const config$x = {
5583
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$v } = constants
5584
+ const config$y = {
5493
5585
  commandName: 'login',
5494
5586
  description: 'Socket API login',
5495
5587
  hidden: false,
@@ -5522,21 +5614,21 @@ const config$x = {
5522
5614
  `
5523
5615
  }
5524
5616
  const cmdLogin = {
5525
- description: config$x.description,
5526
- hidden: config$x.hidden,
5527
- run: run$x
5617
+ description: config$y.description,
5618
+ hidden: config$y.hidden,
5619
+ run: run$y
5528
5620
  }
5529
- async function run$x(argv, importMeta, { parentName }) {
5621
+ async function run$y(argv, importMeta, { parentName }) {
5530
5622
  const cli = meowOrExit({
5531
5623
  argv,
5532
- config: config$x,
5624
+ config: config$y,
5533
5625
  importMeta,
5534
5626
  parentName
5535
5627
  })
5536
5628
  const apiBaseUrl = cli.flags['apiBaseUrl']
5537
5629
  const apiProxy = cli.flags['apiProxy']
5538
5630
  if (cli.flags['dryRun']) {
5539
- logger.logger.log(DRY_RUN_BAIL_TEXT$u)
5631
+ logger.logger.log(DRY_RUN_BAIL_TEXT$v)
5540
5632
  return
5541
5633
  }
5542
5634
  if (!isInteractive()) {
@@ -5558,7 +5650,7 @@ function attemptLogout() {
5558
5650
  try {
5559
5651
  applyLogout()
5560
5652
  logger.logger.success('Successfully logged out')
5561
- if (!shadowNpmInject.isReadOnlyConfig()) {
5653
+ if (shadowNpmInject.isReadOnlyConfig()) {
5562
5654
  logger.logger.log('')
5563
5655
  logger.logger.warn(
5564
5656
  'Note: config is in read-only mode, at least one key was overridden through flag/env, so the logout was not persisted!'
@@ -5569,8 +5661,8 @@ function attemptLogout() {
5569
5661
  }
5570
5662
  }
5571
5663
 
5572
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$t } = constants
5573
- const config$w = {
5664
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$u } = constants
5665
+ const config$x = {
5574
5666
  commandName: 'logout',
5575
5667
  description: 'Socket API logout',
5576
5668
  hidden: false,
@@ -5585,42 +5677,60 @@ const config$w = {
5585
5677
  `
5586
5678
  }
5587
5679
  const cmdLogout = {
5588
- description: config$w.description,
5589
- hidden: config$w.hidden,
5590
- run: run$w
5680
+ description: config$x.description,
5681
+ hidden: config$x.hidden,
5682
+ run: run$x
5591
5683
  }
5592
- async function run$w(argv, importMeta, { parentName }) {
5684
+ async function run$x(argv, importMeta, { parentName }) {
5593
5685
  const cli = meowOrExit({
5594
5686
  argv,
5595
- config: config$w,
5687
+ config: config$x,
5596
5688
  importMeta,
5597
5689
  parentName
5598
5690
  })
5599
5691
  if (cli.flags['dryRun']) {
5600
- logger.logger.log(DRY_RUN_BAIL_TEXT$t)
5692
+ logger.logger.log(DRY_RUN_BAIL_TEXT$u)
5601
5693
  return
5602
5694
  }
5603
5695
  attemptLogout()
5604
5696
  }
5605
5697
 
5606
- async function convertGradleToMaven(target, bin, _out, verbose, gradleOpts) {
5607
- // Lazily access constants.spinner.
5608
- const { spinner } = constants
5609
- const rbin = path$1.resolve(bin)
5610
- const rtarget = path$1.resolve(target)
5698
+ async function convertGradleToMaven(target, bin, cwd, verbose, gradleOpts) {
5611
5699
  if (verbose) {
5612
- logger.logger.group('gradle2maven:')
5613
- logger.logger.log(`[VERBOSE] - Absolute bin path: \`${rbin}\``)
5614
- logger.logger.log(`[VERBOSE] - Absolute target path: \`${rtarget}\``)
5615
- logger.logger.groupEnd()
5700
+ logger.logger.log('[VERBOSE] Resolving:', [cwd, bin])
5701
+ }
5702
+ const rbin = path$1.resolve(cwd, bin)
5703
+ if (verbose) {
5704
+ logger.logger.log('[VERBOSE] Resolving:', [cwd, target])
5705
+ }
5706
+ const rtarget = path$1.resolve(cwd, target)
5707
+ const binExists = fs$1.existsSync(rbin)
5708
+ const targetExists = fs$1.existsSync(rtarget)
5709
+ logger.logger.group('gradle2maven:')
5710
+ if (verbose || debug.isDebug()) {
5711
+ logger.logger.log(
5712
+ `[VERBOSE] - Absolute bin path: \`${rbin}\` (${binExists ? 'found' : vendor.yoctocolorsCjsExports.red('not found!')})`
5713
+ )
5714
+ logger.logger.log(
5715
+ `[VERBOSE] - Absolute target path: \`${rtarget}\` (${targetExists ? 'found' : vendor.yoctocolorsCjsExports.red('not found!')})`
5716
+ )
5616
5717
  } else {
5617
- logger.logger.group('gradle2maven:')
5618
- logger.logger.log(`- executing: \`${bin}\``)
5619
- logger.logger.log(`- src dir: \`${target}\``)
5620
- logger.logger.groupEnd()
5718
+ logger.logger.log(`- executing: \`${rbin}\``)
5719
+ if (!binExists) {
5720
+ logger.logger.warn(
5721
+ 'Warning: It appears the executable could not be found at this location. An error might be printed later because of that.'
5722
+ )
5723
+ }
5724
+ logger.logger.log(`- src dir: \`${rtarget}\``)
5725
+ if (!targetExists) {
5726
+ logger.logger.warn(
5727
+ 'Warning: It appears the src dir could not be found at this location. An error might be printed later because of that.'
5728
+ )
5729
+ }
5621
5730
  }
5731
+ logger.logger.groupEnd()
5622
5732
  try {
5623
- // Run sbt with the init script we provide which should yield zero or more
5733
+ // Run gradlew with the init script we provide which should yield zero or more
5624
5734
  // pom files. We have to figure out where to store those pom files such that
5625
5735
  // we can upload them and predict them through the GitHub API. We could do a
5626
5736
  // .socket folder. We could do a socket.pom.gz with all the poms, although
@@ -5630,26 +5740,23 @@ async function convertGradleToMaven(target, bin, _out, verbose, gradleOpts) {
5630
5740
  const initLocation = path$1.join(constants.rootDistPath, 'init.gradle')
5631
5741
  const commandArgs = ['--init-script', initLocation, ...gradleOpts, 'pom']
5632
5742
  if (verbose) {
5633
- logger.logger.log('[VERBOSE] Executing:', bin, commandArgs)
5743
+ logger.logger.log('[VERBOSE] Executing:', [bin], ', args:', commandArgs)
5634
5744
  }
5635
- spinner.start(
5636
- `Converting gradle to maven from \`${bin}\` on \`${target}\`...`
5745
+ logger.logger.log(
5746
+ `Converting gradle to maven from \`${bin}\` on \`${target}\` ...`
5637
5747
  )
5638
- const output = await spawn.spawn(bin, commandArgs, {
5639
- cwd: target || '.'
5640
- })
5641
- spinner.stop()
5748
+ const output = await execGradleWithSpinner(rbin, commandArgs, rtarget, cwd)
5642
5749
  if (verbose) {
5643
5750
  logger.logger.group('[VERBOSE] gradle stdout:')
5644
5751
  logger.logger.log(output)
5645
5752
  logger.logger.groupEnd()
5646
5753
  }
5647
- if (output.stderr) {
5754
+ if (output.code !== 0) {
5648
5755
  process.exitCode = 1
5649
- logger.logger.fail('There were errors while running gradle')
5756
+ logger.logger.fail(`Gradle exited with exit code ${output.code}`)
5650
5757
  // (In verbose mode, stderr was printed above, no need to repeat it)
5651
5758
  if (!verbose) {
5652
- logger.logger.group('[VERBOSE] stderr:')
5759
+ logger.logger.group('stderr:')
5653
5760
  logger.logger.error(output.stderr)
5654
5761
  logger.logger.groupEnd()
5655
5762
  }
@@ -5661,41 +5768,15 @@ async function convertGradleToMaven(target, bin, _out, verbose, gradleOpts) {
5661
5768
  logger.logger.log('- ', fn)
5662
5769
  return fn
5663
5770
  })
5664
-
5665
- // const loc = output.stdout?.match(/Wrote (.*?.pom)\n/)?.[1]?.trim()
5666
- // if (!loc) {
5667
- // logger.fail(
5668
- // 'There were no errors from sbt but could not find the location of resulting .pom file either'
5669
- // )
5670
- // // eslint-disable-next-line n/no-process-exit
5671
- // process.exit(1)
5672
- // }
5673
- //
5674
- // // Move the pom file to ...? initial cwd? loc will be an absolute path, or dump to stdout
5675
- // if (out === '-') {
5676
- // spinner.start('Result:\n```')
5677
- // spinner.log(await safeReadFile(loc))
5678
- // spinner.log('```')
5679
- // spinner.successAndStop(`OK`)
5680
- // } else {
5681
- // spinner.start()
5682
- // if (verbose) {
5683
- // spinner.log(
5684
- // `Moving manifest file from \`${loc.replace(/^\/home\/[^/]*?\//, '~/')}\` to \`${out}\``
5685
- // )
5686
- // } else {
5687
- // spinner.log('Moving output pom file')
5688
- // }
5689
- // // TODO: do we prefer fs-extra? renaming can be gnarly on windows and fs-extra's version is better
5690
- // await renamep(loc, out)
5691
- // spinner.successAndStop(`OK. File should be available in \`${out}\``)
5692
- // }
5771
+ logger.logger.log('')
5772
+ logger.logger.log(
5773
+ 'Next step is to generate a Scan by running the `socket scan create` command on the same directory'
5774
+ )
5693
5775
  } catch (e) {
5694
5776
  process.exitCode = 1
5695
- spinner.stop()
5696
5777
  logger.logger.fail(
5697
- 'There was an unexpected error while running this' +
5698
- (verbose ? '' : ' (use --verbose for details)')
5778
+ 'There was an unexpected error while generating manifests' +
5779
+ (verbose ? '' : ' (use --verbose for details)')
5699
5780
  )
5700
5781
  if (verbose) {
5701
5782
  logger.logger.group('[VERBOSE] error:')
@@ -5704,9 +5785,39 @@ async function convertGradleToMaven(target, bin, _out, verbose, gradleOpts) {
5704
5785
  }
5705
5786
  }
5706
5787
  }
5788
+ async function execGradleWithSpinner(bin, commandArgs, target, cwd) {
5789
+ // Lazily access constants.spinner.
5790
+ const { spinner } = constants
5791
+ let pass = false
5792
+ try {
5793
+ spinner.start(
5794
+ `Running gradlew... (this can take a while, it depends on how long gradlew has to run)`
5795
+ )
5796
+ const output = await spawn.spawn(bin, commandArgs, {
5797
+ // We can pipe the output through to have the user see the result
5798
+ // of running gradlew, but then we can't (easily) gather the output
5799
+ // to discover the generated files... probably a flag we should allow?
5800
+ // stdio: isDebug() ? 'inherit' : undefined,
5801
+ cwd: target || cwd
5802
+ })
5803
+ pass = true
5804
+ const { code, stderr, stdout } = output
5805
+ return {
5806
+ code,
5807
+ stdout,
5808
+ stderr
5809
+ }
5810
+ } finally {
5811
+ if (pass) {
5812
+ spinner.successAndStop('Completed gradlew execution')
5813
+ } else {
5814
+ spinner.failAndStop('There was an error while trying to run gradlew.')
5815
+ }
5816
+ }
5817
+ }
5707
5818
 
5708
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$s } = constants
5709
- const config$v = {
5819
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$t } = constants
5820
+ const config$w = {
5710
5821
  commandName: 'gradle',
5711
5822
  description:
5712
5823
  '[beta] Use Gradle to generate a manifest file (`pom.xml`) for a Gradle/Java/Kotlin/etc project',
@@ -5727,16 +5838,6 @@ const config$v = {
5727
5838
  description:
5728
5839
  'Additional options to pass on to ./gradlew, see `./gradlew --help`'
5729
5840
  },
5730
- out: {
5731
- type: 'string',
5732
- default: './socket.pom.xml',
5733
- description:
5734
- 'Path of output file; where to store the resulting manifest, see also --stdout'
5735
- },
5736
- stdout: {
5737
- type: 'boolean',
5738
- description: 'Print resulting pom.xml to stdout (supersedes --out)'
5739
- },
5740
5841
  task: {
5741
5842
  type: 'string',
5742
5843
  default: 'all',
@@ -5781,20 +5882,20 @@ const config$v = {
5781
5882
  `
5782
5883
  }
5783
5884
  const cmdManifestGradle = {
5784
- description: config$v.description,
5785
- hidden: config$v.hidden,
5786
- run: run$v
5787
- }
5788
- async function run$v(argv, importMeta, { parentName }) {
5885
+ description: config$w.description,
5886
+ hidden: config$w.hidden,
5887
+ run: run$w
5888
+ }
5889
+ async function run$w(argv, importMeta, { parentName }) {
5789
5890
  const cli = meowOrExit({
5790
5891
  argv,
5791
- config: config$v,
5892
+ config: config$w,
5792
5893
  importMeta,
5793
5894
  parentName
5794
5895
  })
5795
5896
  const verbose = Boolean(cli.flags['verbose'])
5796
5897
  if (verbose) {
5797
- logger.logger.group('- ', parentName, config$v.commandName, ':')
5898
+ logger.logger.group('- ', parentName, config$w.commandName, ':')
5798
5899
  logger.logger.group('- flags:', cli.flags)
5799
5900
  logger.logger.groupEnd()
5800
5901
  logger.logger.log('- input:', cli.input)
@@ -5815,7 +5916,7 @@ async function run$v(argv, importMeta, { parentName }) {
5815
5916
  },
5816
5917
  {
5817
5918
  nook: true,
5818
- test: cli.input.length === 1,
5919
+ test: cli.input.length <= 1,
5819
5920
  message: 'Can only accept one DIR (make sure to escape spaces!)',
5820
5921
  pass: 'ok',
5821
5922
  fail: 'received ' + cli.input.length
@@ -5824,24 +5925,12 @@ async function run$v(argv, importMeta, { parentName }) {
5824
5925
  if (wasBadInput) {
5825
5926
  return
5826
5927
  }
5827
- let bin
5828
- if (cli.flags['bin']) {
5829
- bin = cli.flags['bin']
5830
- } else {
5831
- bin = path$1.join(target, 'gradlew')
5832
- }
5833
- let out = './socket.pom.xml'
5834
- if (cli.flags['out']) {
5835
- out = cli.flags['out']
5836
- }
5837
- if (cli.flags['stdout']) {
5838
- out = '-'
5839
- }
5928
+ const { bin = path$1.join(target, 'gradlew'), cwd = process.cwd() } =
5929
+ cli.flags
5840
5930
  if (verbose) {
5841
5931
  logger.logger.group()
5842
5932
  logger.logger.log('- target:', target)
5843
5933
  logger.logger.log('- gradle bin:', bin)
5844
- logger.logger.log('- out:', out)
5845
5934
  logger.logger.groupEnd()
5846
5935
  }
5847
5936
  let gradleOpts = []
@@ -5852,10 +5941,16 @@ async function run$v(argv, importMeta, { parentName }) {
5852
5941
  .filter(Boolean)
5853
5942
  }
5854
5943
  if (cli.flags['dryRun']) {
5855
- logger.logger.log(DRY_RUN_BAIL_TEXT$s)
5944
+ logger.logger.log(DRY_RUN_BAIL_TEXT$t)
5856
5945
  return
5857
5946
  }
5858
- await convertGradleToMaven(target, bin, out, verbose, gradleOpts)
5947
+ await convertGradleToMaven(
5948
+ target,
5949
+ String(bin),
5950
+ String(cwd),
5951
+ verbose,
5952
+ gradleOpts
5953
+ )
5859
5954
  }
5860
5955
 
5861
5956
  async function convertSbtToMaven(target, bin, out, verbose, sbtOpts) {
@@ -5961,8 +6056,8 @@ async function convertSbtToMaven(target, bin, out, verbose, sbtOpts) {
5961
6056
  }
5962
6057
  }
5963
6058
 
5964
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$r } = constants
5965
- const config$u = {
6059
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$s } = constants
6060
+ const config$v = {
5966
6061
  commandName: 'scala',
5967
6062
  description:
5968
6063
  "[beta] Generate a manifest file (`pom.xml`) from Scala's `build.sbt` file",
@@ -6037,20 +6132,20 @@ const config$u = {
6037
6132
  `
6038
6133
  }
6039
6134
  const cmdManifestScala = {
6040
- description: config$u.description,
6041
- hidden: config$u.hidden,
6042
- run: run$u
6135
+ description: config$v.description,
6136
+ hidden: config$v.hidden,
6137
+ run: run$v
6043
6138
  }
6044
- async function run$u(argv, importMeta, { parentName }) {
6139
+ async function run$v(argv, importMeta, { parentName }) {
6045
6140
  const cli = meowOrExit({
6046
6141
  argv,
6047
- config: config$u,
6142
+ config: config$v,
6048
6143
  importMeta,
6049
6144
  parentName
6050
6145
  })
6051
6146
  const verbose = Boolean(cli.flags['verbose'])
6052
6147
  if (verbose) {
6053
- logger.logger.group('- ', parentName, config$u.commandName, ':')
6148
+ logger.logger.group('- ', parentName, config$v.commandName, ':')
6054
6149
  logger.logger.group('- flags:', cli.flags)
6055
6150
  logger.logger.groupEnd()
6056
6151
  logger.logger.log('- input:', cli.input)
@@ -6071,7 +6166,7 @@ async function run$u(argv, importMeta, { parentName }) {
6071
6166
  },
6072
6167
  {
6073
6168
  nook: true,
6074
- test: cli.input.length === 1,
6169
+ test: cli.input.length <= 1,
6075
6170
  message: 'Can only accept one DIR (make sure to escape spaces!)',
6076
6171
  pass: 'ok',
6077
6172
  fail: 'received ' + cli.input.length
@@ -6106,14 +6201,14 @@ async function run$u(argv, importMeta, { parentName }) {
6106
6201
  .filter(Boolean)
6107
6202
  }
6108
6203
  if (cli.flags['dryRun']) {
6109
- logger.logger.log(DRY_RUN_BAIL_TEXT$r)
6204
+ logger.logger.log(DRY_RUN_BAIL_TEXT$s)
6110
6205
  return
6111
6206
  }
6112
6207
  await convertSbtToMaven(target, bin, out, verbose, sbtOpts)
6113
6208
  }
6114
6209
 
6115
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$q } = constants
6116
- const config$t = {
6210
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$r } = constants
6211
+ const config$u = {
6117
6212
  commandName: 'auto',
6118
6213
  description: 'Auto-detect build and attempt to generate manifest file',
6119
6214
  hidden: false,
@@ -6143,21 +6238,21 @@ const config$t = {
6143
6238
  `
6144
6239
  }
6145
6240
  const cmdManifestAuto = {
6146
- description: config$t.description,
6147
- hidden: config$t.hidden,
6148
- run: run$t
6241
+ description: config$u.description,
6242
+ hidden: config$u.hidden,
6243
+ run: run$u
6149
6244
  }
6150
- async function run$t(argv, importMeta, { parentName }) {
6245
+ async function run$u(argv, importMeta, { parentName }) {
6151
6246
  const cli = meowOrExit({
6152
6247
  argv,
6153
- config: config$t,
6248
+ config: config$u,
6154
6249
  importMeta,
6155
6250
  parentName
6156
6251
  })
6157
6252
  const verbose = !!cli.flags['verbose']
6158
6253
  const cwd = cli.flags['cwd'] ?? process.cwd()
6159
6254
  if (verbose) {
6160
- logger.logger.group('- ', parentName, config$t.commandName, ':')
6255
+ logger.logger.group('- ', parentName, config$u.commandName, ':')
6161
6256
  logger.logger.group('- flags:', cli.flags)
6162
6257
  logger.logger.groupEnd()
6163
6258
  logger.logger.log('- input:', cli.input)
@@ -6169,7 +6264,7 @@ async function run$t(argv, importMeta, { parentName }) {
6169
6264
  subArgs.push('--verbose')
6170
6265
  }
6171
6266
  const dir = cwd
6172
- if (require$$0.existsSync(path$1.join(dir, 'build.sbt'))) {
6267
+ if (fs$1.existsSync(path$1.join(dir, 'build.sbt'))) {
6173
6268
  logger.logger.log(
6174
6269
  'Detected a Scala sbt build, running default Scala generator...'
6175
6270
  )
@@ -6178,7 +6273,7 @@ async function run$t(argv, importMeta, { parentName }) {
6178
6273
  }
6179
6274
  subArgs.push(dir)
6180
6275
  if (cli.flags['dryRun']) {
6181
- logger.logger.log(DRY_RUN_BAIL_TEXT$q)
6276
+ logger.logger.log(DRY_RUN_BAIL_TEXT$r)
6182
6277
  return
6183
6278
  }
6184
6279
  await cmdManifestScala.run(subArgs, importMeta, {
@@ -6186,7 +6281,7 @@ async function run$t(argv, importMeta, { parentName }) {
6186
6281
  })
6187
6282
  return
6188
6283
  }
6189
- if (require$$0.existsSync(path$1.join(dir, 'gradlew'))) {
6284
+ if (fs$1.existsSync(path$1.join(dir, 'gradlew'))) {
6190
6285
  logger.logger.log(
6191
6286
  'Detected a gradle build, running default gradle generator...'
6192
6287
  )
@@ -6195,7 +6290,7 @@ async function run$t(argv, importMeta, { parentName }) {
6195
6290
  subArgs.push(cwd)
6196
6291
  }
6197
6292
  if (cli.flags['dryRun']) {
6198
- logger.logger.log(DRY_RUN_BAIL_TEXT$q)
6293
+ logger.logger.log(DRY_RUN_BAIL_TEXT$r)
6199
6294
  return
6200
6295
  }
6201
6296
  await cmdManifestGradle.run(subArgs, importMeta, {
@@ -6204,7 +6299,7 @@ async function run$t(argv, importMeta, { parentName }) {
6204
6299
  return
6205
6300
  }
6206
6301
  if (cli.flags['dryRun']) {
6207
- logger.logger.log(DRY_RUN_BAIL_TEXT$q)
6302
+ logger.logger.log(DRY_RUN_BAIL_TEXT$r)
6208
6303
  return
6209
6304
  }
6210
6305
 
@@ -6212,7 +6307,7 @@ async function run$t(argv, importMeta, { parentName }) {
6212
6307
  vendor
6213
6308
  .meow(
6214
6309
  `
6215
- $ ${parentName} ${config$t.commandName}
6310
+ $ ${parentName} ${config$u.commandName}
6216
6311
 
6217
6312
  Unfortunately this script did not discover a supported language in the
6218
6313
  current folder.
@@ -6226,21 +6321,21 @@ async function run$t(argv, importMeta, { parentName }) {
6226
6321
  `,
6227
6322
  {
6228
6323
  argv: [],
6229
- description: config$t.description,
6324
+ description: config$u.description,
6230
6325
  importMeta
6231
6326
  }
6232
6327
  )
6233
6328
  .showHelp()
6234
6329
  }
6235
6330
 
6236
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$p } = constants
6331
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$q } = constants
6237
6332
 
6238
6333
  // TODO: we may want to dedupe some pieces for all gradle languages. I think it
6239
6334
  // makes sense to have separate commands for them and I think it makes
6240
6335
  // sense for the help panels to note the requested language, rather than
6241
6336
  // `socket manifest kotlin` to print help screens with `gradle` as the
6242
6337
  // command. Room for improvement.
6243
- const config$s = {
6338
+ const config$t = {
6244
6339
  commandName: 'kotlin',
6245
6340
  description:
6246
6341
  '[beta] Use Gradle to generate a manifest file (`pom.xml`) for a Kotlin project',
@@ -6261,16 +6356,6 @@ const config$s = {
6261
6356
  description:
6262
6357
  'Additional options to pass on to ./gradlew, see `./gradlew --help`'
6263
6358
  },
6264
- out: {
6265
- type: 'string',
6266
- default: './socket.pom.xml',
6267
- description:
6268
- 'Path of output file; where to store the resulting manifest, see also --stdout'
6269
- },
6270
- stdout: {
6271
- type: 'boolean',
6272
- description: 'Print resulting pom.xml to stdout (supersedes --out)'
6273
- },
6274
6359
  task: {
6275
6360
  type: 'string',
6276
6361
  default: 'all',
@@ -6315,20 +6400,20 @@ const config$s = {
6315
6400
  `
6316
6401
  }
6317
6402
  const cmdManifestKotlin = {
6318
- description: config$s.description,
6319
- hidden: config$s.hidden,
6320
- run: run$s
6403
+ description: config$t.description,
6404
+ hidden: config$t.hidden,
6405
+ run: run$t
6321
6406
  }
6322
- async function run$s(argv, importMeta, { parentName }) {
6407
+ async function run$t(argv, importMeta, { parentName }) {
6323
6408
  const cli = meowOrExit({
6324
6409
  argv,
6325
- config: config$s,
6410
+ config: config$t,
6326
6411
  importMeta,
6327
6412
  parentName
6328
6413
  })
6329
6414
  const verbose = Boolean(cli.flags['verbose'])
6330
6415
  if (verbose) {
6331
- logger.logger.group('- ', parentName, config$s.commandName, ':')
6416
+ logger.logger.group('- ', parentName, config$t.commandName, ':')
6332
6417
  logger.logger.group('- flags:', cli.flags)
6333
6418
  logger.logger.groupEnd()
6334
6419
  logger.logger.log('- input:', cli.input)
@@ -6349,7 +6434,7 @@ async function run$s(argv, importMeta, { parentName }) {
6349
6434
  },
6350
6435
  {
6351
6436
  nook: true,
6352
- test: cli.input.length === 1,
6437
+ test: cli.input.length <= 1,
6353
6438
  message: 'Can only accept one DIR (make sure to escape spaces!)',
6354
6439
  pass: 'ok',
6355
6440
  fail: 'received ' + cli.input.length
@@ -6358,24 +6443,12 @@ async function run$s(argv, importMeta, { parentName }) {
6358
6443
  if (wasBadInput) {
6359
6444
  return
6360
6445
  }
6361
- let bin
6362
- if (cli.flags['bin']) {
6363
- bin = cli.flags['bin']
6364
- } else {
6365
- bin = path$1.join(target, 'gradlew')
6366
- }
6367
- let out = './socket.pom.xml'
6368
- if (cli.flags['out']) {
6369
- out = cli.flags['out']
6370
- }
6371
- if (cli.flags['stdout']) {
6372
- out = '-'
6373
- }
6446
+ const { bin = path$1.join(target, 'gradlew'), cwd = process.cwd() } =
6447
+ cli.flags
6374
6448
  if (verbose) {
6375
6449
  logger.logger.group()
6376
6450
  logger.logger.log('- target:', target)
6377
6451
  logger.logger.log('- gradle bin:', bin)
6378
- logger.logger.log('- out:', out)
6379
6452
  logger.logger.groupEnd()
6380
6453
  }
6381
6454
  let gradleOpts = []
@@ -6386,13 +6459,19 @@ async function run$s(argv, importMeta, { parentName }) {
6386
6459
  .filter(Boolean)
6387
6460
  }
6388
6461
  if (cli.flags['dryRun']) {
6389
- logger.logger.log(DRY_RUN_BAIL_TEXT$p)
6462
+ logger.logger.log(DRY_RUN_BAIL_TEXT$q)
6390
6463
  return
6391
6464
  }
6392
- await convertGradleToMaven(target, bin, out, verbose, gradleOpts)
6465
+ await convertGradleToMaven(
6466
+ target,
6467
+ String(bin),
6468
+ String(cwd),
6469
+ verbose,
6470
+ gradleOpts
6471
+ )
6393
6472
  }
6394
6473
 
6395
- const config$r = {
6474
+ const config$s = {
6396
6475
  commandName: 'manifest',
6397
6476
  description: 'Generate a dependency manifest for given file or dir',
6398
6477
  hidden: false,
@@ -6401,11 +6480,11 @@ const config$r = {
6401
6480
  }
6402
6481
  }
6403
6482
  const cmdManifest = {
6404
- description: config$r.description,
6405
- hidden: config$r.hidden,
6406
- run: run$r
6483
+ description: config$s.description,
6484
+ hidden: config$s.hidden,
6485
+ run: run$s
6407
6486
  }
6408
- async function run$r(argv, importMeta, { parentName }) {
6487
+ async function run$s(argv, importMeta, { parentName }) {
6409
6488
  await meowWithSubcommands(
6410
6489
  {
6411
6490
  auto: cmdManifestAuto,
@@ -6417,15 +6496,15 @@ async function run$r(argv, importMeta, { parentName }) {
6417
6496
  argv,
6418
6497
  aliases: {
6419
6498
  yolo: {
6420
- description: config$r.description,
6499
+ description: config$s.description,
6421
6500
  hidden: true,
6422
6501
  argv: ['auto']
6423
6502
  }
6424
6503
  },
6425
- description: config$r.description,
6504
+ description: config$s.description,
6426
6505
  importMeta,
6427
- flags: config$r.flags,
6428
- name: `${parentName} ${config$r.commandName}`
6506
+ flags: config$s.flags,
6507
+ name: `${parentName} ${config$s.commandName}`
6429
6508
  }
6430
6509
  )
6431
6510
  }
@@ -6437,8 +6516,8 @@ async function wrapNpm(argv) {
6437
6516
  await shadowBin(NPM$8, argv)
6438
6517
  }
6439
6518
 
6440
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$o, NPM: NPM$7 } = constants
6441
- const config$q = {
6519
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$p, NPM: NPM$7 } = constants
6520
+ const config$r = {
6442
6521
  commandName: 'npm',
6443
6522
  description: `${NPM$7} wrapper functionality`,
6444
6523
  hidden: false,
@@ -6451,20 +6530,20 @@ const config$q = {
6451
6530
  `
6452
6531
  }
6453
6532
  const cmdNpm = {
6454
- description: config$q.description,
6455
- hidden: config$q.hidden,
6456
- run: run$q
6533
+ description: config$r.description,
6534
+ hidden: config$r.hidden,
6535
+ run: run$r
6457
6536
  }
6458
- async function run$q(argv, importMeta, { parentName }) {
6537
+ async function run$r(argv, importMeta, { parentName }) {
6459
6538
  const cli = meowOrExit({
6460
6539
  allowUnknownFlags: true,
6461
6540
  argv,
6462
- config: config$q,
6541
+ config: config$r,
6463
6542
  importMeta,
6464
6543
  parentName
6465
6544
  })
6466
6545
  if (cli.flags['dryRun']) {
6467
- logger.logger.log(DRY_RUN_BAIL_TEXT$o)
6546
+ logger.logger.log(DRY_RUN_BAIL_TEXT$p)
6468
6547
  return
6469
6548
  }
6470
6549
  await wrapNpm(argv)
@@ -6477,8 +6556,8 @@ async function wrapNpx(argv) {
6477
6556
  await shadowBin(NPX$2, argv)
6478
6557
  }
6479
6558
 
6480
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$n, NPX: NPX$1 } = constants
6481
- const config$p = {
6559
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$o, NPX: NPX$1 } = constants
6560
+ const config$q = {
6482
6561
  commandName: 'npx',
6483
6562
  description: `${NPX$1} wrapper functionality`,
6484
6563
  hidden: false,
@@ -6491,27 +6570,27 @@ const config$p = {
6491
6570
  `
6492
6571
  }
6493
6572
  const cmdNpx = {
6494
- description: config$p.description,
6495
- hidden: config$p.hidden,
6496
- run: run$p
6573
+ description: config$q.description,
6574
+ hidden: config$q.hidden,
6575
+ run: run$q
6497
6576
  }
6498
- async function run$p(argv, importMeta, { parentName }) {
6577
+ async function run$q(argv, importMeta, { parentName }) {
6499
6578
  const cli = meowOrExit({
6500
6579
  allowUnknownFlags: true,
6501
6580
  argv,
6502
- config: config$p,
6581
+ config: config$q,
6503
6582
  importMeta,
6504
6583
  parentName
6505
6584
  })
6506
6585
  if (cli.flags['dryRun']) {
6507
- logger.logger.log(DRY_RUN_BAIL_TEXT$n)
6586
+ logger.logger.log(DRY_RUN_BAIL_TEXT$o)
6508
6587
  return
6509
6588
  }
6510
6589
  await wrapNpx(argv)
6511
6590
  }
6512
6591
 
6513
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$m } = constants
6514
- const config$o = {
6592
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$n } = constants
6593
+ const config$p = {
6515
6594
  commandName: 'oops',
6516
6595
  description: 'Trigger an intentional error (for development)',
6517
6596
  hidden: true,
@@ -6526,19 +6605,19 @@ const config$o = {
6526
6605
  `
6527
6606
  }
6528
6607
  const cmdOops = {
6529
- description: config$o.description,
6530
- hidden: config$o.hidden,
6531
- run: run$o
6608
+ description: config$p.description,
6609
+ hidden: config$p.hidden,
6610
+ run: run$p
6532
6611
  }
6533
- async function run$o(argv, importMeta, { parentName }) {
6612
+ async function run$p(argv, importMeta, { parentName }) {
6534
6613
  const cli = meowOrExit({
6535
6614
  argv,
6536
- config: config$o,
6615
+ config: config$p,
6537
6616
  importMeta,
6538
6617
  parentName
6539
6618
  })
6540
6619
  if (cli.flags['dryRun']) {
6541
- logger.logger.log(DRY_RUN_BAIL_TEXT$m)
6620
+ logger.logger.log(DRY_RUN_BAIL_TEXT$n)
6542
6621
  return
6543
6622
  }
6544
6623
  throw new Error('This error was intentionally left blank')
@@ -6547,7 +6626,7 @@ async function run$o(argv, importMeta, { parentName }) {
6547
6626
  const {
6548
6627
  BUN: BUN$4,
6549
6628
  NPM: NPM$6,
6550
- PNPM: PNPM$6,
6629
+ PNPM: PNPM$5,
6551
6630
  VLT: VLT$4,
6552
6631
  YARN_BERRY: YARN_BERRY$4,
6553
6632
  YARN_CLASSIC: YARN_CLASSIC$5
@@ -6561,19 +6640,19 @@ function matchQueryCmdStdout(stdout, name) {
6561
6640
  const depsIncludesByAgent = new Map([
6562
6641
  [BUN$4, matchLsCmdViewHumanStdout],
6563
6642
  [NPM$6, matchQueryCmdStdout],
6564
- [PNPM$6, matchQueryCmdStdout],
6643
+ [PNPM$5, matchQueryCmdStdout],
6565
6644
  [VLT$4, matchQueryCmdStdout],
6566
6645
  [YARN_BERRY$4, matchLsCmdViewHumanStdout],
6567
6646
  [YARN_CLASSIC$5, matchLsCmdViewHumanStdout]
6568
6647
  ])
6569
6648
 
6570
- function getDependencyEntries(editablePkgJson) {
6649
+ function getDependencyEntries(pkgEnvDetails) {
6571
6650
  const {
6572
6651
  dependencies,
6573
6652
  devDependencies,
6574
6653
  optionalDependencies,
6575
6654
  peerDependencies
6576
- } = editablePkgJson.content
6655
+ } = pkgEnvDetails.editablePkgJson.content
6577
6656
  return [
6578
6657
  [
6579
6658
  'dependencies',
@@ -6618,14 +6697,14 @@ const {
6618
6697
  BUN: BUN$3,
6619
6698
  NPM: NPM$5,
6620
6699
  OVERRIDES: OVERRIDES$1,
6621
- PNPM: PNPM$5,
6700
+ PNPM: PNPM$4,
6622
6701
  RESOLUTIONS: RESOLUTIONS$1,
6623
6702
  VLT: VLT$3,
6624
6703
  YARN_BERRY: YARN_BERRY$3,
6625
6704
  YARN_CLASSIC: YARN_CLASSIC$4
6626
6705
  } = constants
6627
- function getOverridesDataBun(editablePkgJson) {
6628
- const overrides = editablePkgJson.content?.[RESOLUTIONS$1] ?? {}
6706
+ function getOverridesDataBun(pkgEnvDetails) {
6707
+ const overrides = pkgEnvDetails.editablePkgJson.content?.[RESOLUTIONS$1] ?? {}
6629
6708
  return {
6630
6709
  type: YARN_BERRY$3,
6631
6710
  overrides
@@ -6634,8 +6713,8 @@ function getOverridesDataBun(editablePkgJson) {
6634
6713
 
6635
6714
  // npm overrides documentation:
6636
6715
  // https://docs.npmjs.com/cli/v10/configuring-npm/package-json#overrides
6637
- function getOverridesDataNpm(editablePkgJson) {
6638
- const overrides = editablePkgJson.content?.[OVERRIDES$1] ?? {}
6716
+ function getOverridesDataNpm(pkgEnvDetails) {
6717
+ const overrides = pkgEnvDetails.editablePkgJson.content?.[OVERRIDES$1] ?? {}
6639
6718
  return {
6640
6719
  type: NPM$5,
6641
6720
  overrides
@@ -6644,15 +6723,16 @@ function getOverridesDataNpm(editablePkgJson) {
6644
6723
 
6645
6724
  // pnpm overrides documentation:
6646
6725
  // https://pnpm.io/package_json#pnpmoverrides
6647
- function getOverridesDataPnpm(editablePkgJson) {
6648
- const overrides = editablePkgJson.content?.[PNPM$5]?.[OVERRIDES$1] ?? {}
6726
+ function getOverridesDataPnpm(pkgEnvDetails) {
6727
+ const overrides =
6728
+ pkgEnvDetails.editablePkgJson.content?.[PNPM$4]?.[OVERRIDES$1] ?? {}
6649
6729
  return {
6650
- type: PNPM$5,
6730
+ type: PNPM$4,
6651
6731
  overrides
6652
6732
  }
6653
6733
  }
6654
- function getOverridesDataVlt(editablePkgJson) {
6655
- const overrides = editablePkgJson.content?.[OVERRIDES$1] ?? {}
6734
+ function getOverridesDataVlt(pkgEnvDetails) {
6735
+ const overrides = pkgEnvDetails.editablePkgJson.content?.[OVERRIDES$1] ?? {}
6656
6736
  return {
6657
6737
  type: VLT$3,
6658
6738
  overrides
@@ -6661,8 +6741,8 @@ function getOverridesDataVlt(editablePkgJson) {
6661
6741
 
6662
6742
  // Yarn resolutions documentation:
6663
6743
  // https://yarnpkg.com/configuration/manifest#resolutions
6664
- function getOverridesDataYarn(editablePkgJson) {
6665
- const overrides = editablePkgJson.content?.[RESOLUTIONS$1] ?? {}
6744
+ function getOverridesDataYarn(pkgEnvDetails) {
6745
+ const overrides = pkgEnvDetails.editablePkgJson.content?.[RESOLUTIONS$1] ?? {}
6666
6746
  return {
6667
6747
  type: YARN_BERRY$3,
6668
6748
  overrides
@@ -6671,8 +6751,8 @@ function getOverridesDataYarn(editablePkgJson) {
6671
6751
 
6672
6752
  // Yarn resolutions documentation:
6673
6753
  // https://classic.yarnpkg.com/en/docs/selective-version-resolutions
6674
- function getOverridesDataYarnClassic(editablePkgJson) {
6675
- const overrides = editablePkgJson.content?.[RESOLUTIONS$1] ?? {}
6754
+ function getOverridesDataYarnClassic(pkgEnvDetails) {
6755
+ const overrides = pkgEnvDetails.editablePkgJson.content?.[RESOLUTIONS$1] ?? {}
6676
6756
  return {
6677
6757
  type: YARN_CLASSIC$4,
6678
6758
  overrides
@@ -6681,62 +6761,12 @@ function getOverridesDataYarnClassic(editablePkgJson) {
6681
6761
  const overridesDataByAgent = new Map([
6682
6762
  [BUN$3, getOverridesDataBun],
6683
6763
  [NPM$5, getOverridesDataNpm],
6684
- [PNPM$5, getOverridesDataPnpm],
6764
+ [PNPM$4, getOverridesDataPnpm],
6685
6765
  [VLT$3, getOverridesDataVlt],
6686
6766
  [YARN_BERRY$3, getOverridesDataYarn],
6687
6767
  [YARN_CLASSIC$4, getOverridesDataYarnClassic]
6688
6768
  ])
6689
6769
 
6690
- const { PNPM: PNPM$4 } = constants
6691
- const PNPM_WORKSPACE = `${PNPM$4}-workspace`
6692
- async function getWorkspaceGlobs(agent, pkgPath, editablePkgJson) {
6693
- let workspacePatterns
6694
- if (agent === PNPM$4) {
6695
- for (const workspacePath of [
6696
- path$1.join(pkgPath, `${PNPM_WORKSPACE}.yaml`),
6697
- path$1.join(pkgPath, `${PNPM_WORKSPACE}.yml`)
6698
- ]) {
6699
- // eslint-disable-next-line no-await-in-loop
6700
- const yml = await shadowNpmInject.safeReadFile(workspacePath)
6701
- if (yml) {
6702
- try {
6703
- workspacePatterns = vendor.distExports$1.parse(yml)?.packages
6704
- } catch {}
6705
- if (workspacePatterns) {
6706
- break
6707
- }
6708
- }
6709
- }
6710
- } else {
6711
- workspacePatterns = editablePkgJson.content['workspaces']
6712
- }
6713
- return Array.isArray(workspacePatterns)
6714
- ? workspacePatterns
6715
- .filter(strings.isNonEmptyString)
6716
- .map(workspacePatternToGlobPattern)
6717
- : undefined
6718
- }
6719
- function workspacePatternToGlobPattern(workspace) {
6720
- const { length } = workspace
6721
- if (!length) {
6722
- return ''
6723
- }
6724
- // If the workspace ends with "/"
6725
- if (workspace.charCodeAt(length - 1) === 47 /*'/'*/) {
6726
- return `${workspace}/*/package.json`
6727
- }
6728
- // If the workspace ends with "/**"
6729
- if (
6730
- workspace.charCodeAt(length - 1) === 42 /*'*'*/ &&
6731
- workspace.charCodeAt(length - 2) === 42 /*'*'*/ &&
6732
- workspace.charCodeAt(length - 3) === 47 /*'/'*/
6733
- ) {
6734
- return `${workspace}/*/**/package.json`
6735
- }
6736
- // Things like "packages/a" or "packages/*"
6737
- return `${workspace}/package.json`
6738
- }
6739
-
6740
6770
  const {
6741
6771
  BUN: BUN$2,
6742
6772
  LOCK_EXT,
@@ -6854,22 +6884,22 @@ async function npmQuery(npmExecPath, cwd) {
6854
6884
  } catch {}
6855
6885
  return cleanupQueryStdout(stdout)
6856
6886
  }
6857
- async function lsBun(agentExecPath, cwd) {
6887
+ async function lsBun(pkgEnvDetails, cwd) {
6858
6888
  try {
6859
6889
  // Bun does not support filtering by production packages yet.
6860
6890
  // https://github.com/oven-sh/bun/issues/8283
6861
6891
  return (
6862
- await spawn.spawn(agentExecPath, ['pm', 'ls', '--all'], {
6892
+ await spawn.spawn(pkgEnvDetails.agentExecPath, ['pm', 'ls', '--all'], {
6863
6893
  cwd
6864
6894
  })
6865
6895
  ).stdout
6866
6896
  } catch {}
6867
6897
  return ''
6868
6898
  }
6869
- async function lsNpm(agentExecPath, cwd) {
6870
- return await npmQuery(agentExecPath, cwd)
6899
+ async function lsNpm(pkgEnvDetails, cwd) {
6900
+ return await npmQuery(pkgEnvDetails.agentExecPath, cwd)
6871
6901
  }
6872
- async function lsPnpm(agentExecPath, cwd, options) {
6902
+ async function lsPnpm(pkgEnvDetails, cwd, options) {
6873
6903
  const npmExecPath = options?.npmExecPath
6874
6904
  if (npmExecPath && npmExecPath !== NPM$3) {
6875
6905
  const result = await npmQuery(npmExecPath, cwd)
@@ -6881,7 +6911,7 @@ async function lsPnpm(agentExecPath, cwd, options) {
6881
6911
  try {
6882
6912
  stdout = (
6883
6913
  await spawn.spawn(
6884
- agentExecPath,
6914
+ pkgEnvDetails.agentExecPath,
6885
6915
  // Pnpm uses the alternative spelling of parsable.
6886
6916
  // https://en.wiktionary.org/wiki/parsable
6887
6917
  ['ls', '--parseable', '--prod', '--depth', 'Infinity'],
@@ -6893,13 +6923,13 @@ async function lsPnpm(agentExecPath, cwd, options) {
6893
6923
  } catch {}
6894
6924
  return parsableToQueryStdout(stdout)
6895
6925
  }
6896
- async function lsVlt(agentExecPath, cwd) {
6926
+ async function lsVlt(pkgEnvDetails, cwd) {
6897
6927
  let stdout = ''
6898
6928
  try {
6899
6929
  // See https://docs.vlt.sh/cli/commands/list#options.
6900
6930
  stdout = (
6901
6931
  await spawn.spawn(
6902
- agentExecPath,
6932
+ pkgEnvDetails.agentExecPath,
6903
6933
  ['ls', '--view', 'human', ':not(.dev)'],
6904
6934
  {
6905
6935
  cwd
@@ -6909,14 +6939,14 @@ async function lsVlt(agentExecPath, cwd) {
6909
6939
  } catch {}
6910
6940
  return cleanupQueryStdout(stdout)
6911
6941
  }
6912
- async function lsYarnBerry(agentExecPath, cwd) {
6942
+ async function lsYarnBerry(pkgEnvDetails, cwd) {
6913
6943
  try {
6914
6944
  return (
6915
6945
  // Yarn Berry does not support filtering by production packages yet.
6916
6946
  // https://github.com/yarnpkg/berry/issues/5117
6917
6947
  (
6918
6948
  await spawn.spawn(
6919
- agentExecPath,
6949
+ pkgEnvDetails.agentExecPath,
6920
6950
  ['info', '--recursive', '--name-only'],
6921
6951
  {
6922
6952
  cwd
@@ -6927,14 +6957,14 @@ async function lsYarnBerry(agentExecPath, cwd) {
6927
6957
  } catch {}
6928
6958
  return ''
6929
6959
  }
6930
- async function lsYarnClassic(agentExecPath, cwd) {
6960
+ async function lsYarnClassic(pkgEnvDetails, cwd) {
6931
6961
  try {
6932
6962
  // However, Yarn Classic does support it.
6933
6963
  // https://github.com/yarnpkg/yarn/releases/tag/v1.0.0
6934
6964
  // > Fix: Excludes dev dependencies from the yarn list output when the
6935
6965
  // environment is production
6936
6966
  return (
6937
- await spawn.spawn(agentExecPath, ['list', '--prod'], {
6967
+ await spawn.spawn(pkgEnvDetails.agentExecPath, ['list', '--prod'], {
6938
6968
  cwd
6939
6969
  })
6940
6970
  ).stdout.trim()
@@ -6950,6 +6980,8 @@ const lsByAgent = new Map([
6950
6980
  [YARN_CLASSIC$2, lsYarnClassic]
6951
6981
  ])
6952
6982
 
6983
+ const CMD_NAME = 'socket optimize'
6984
+
6953
6985
  const {
6954
6986
  BUN,
6955
6987
  NPM: NPM$2,
@@ -7079,14 +7111,14 @@ function updatePkgJsonField(editablePkgJson, field, value) {
7079
7111
  `${JSON.stringify(Object.fromEntries(entries), null, 2)}\n`
7080
7112
  )
7081
7113
  }
7082
- function updateOverridesField(editablePkgJson, overrides) {
7083
- updatePkgJsonField(editablePkgJson, OVERRIDES, overrides)
7114
+ function updateOverridesField(pkgEnvDetails, overrides) {
7115
+ updatePkgJsonField(pkgEnvDetails.editablePkgJson, OVERRIDES, overrides)
7084
7116
  }
7085
- function updateResolutionsField(editablePkgJson, overrides) {
7086
- updatePkgJsonField(editablePkgJson, RESOLUTIONS, overrides)
7117
+ function updateResolutionsField(pkgEnvDetails, overrides) {
7118
+ updatePkgJsonField(pkgEnvDetails.editablePkgJson, RESOLUTIONS, overrides)
7087
7119
  }
7088
- function updatePnpmField(editablePkgJson, overrides) {
7089
- updatePkgJsonField(editablePkgJson, PNPM$1, overrides)
7120
+ function updatePnpmField(pkgEnvDetails, overrides) {
7121
+ updatePkgJsonField(pkgEnvDetails.editablePkgJson, PNPM$1, overrides)
7090
7122
  }
7091
7123
  const updateManifestByAgent = new Map([
7092
7124
  [BUN, updateResolutionsField],
@@ -7098,12 +7130,10 @@ const updateManifestByAgent = new Map([
7098
7130
  ])
7099
7131
 
7100
7132
  const { NPM: NPM$1, PNPM, YARN_CLASSIC } = constants
7101
- const CMD_NAME$1 = 'socket optimize'
7102
7133
  const manifestNpmOverrides = registry.getManifestData(NPM$1)
7103
- async function addOverrides(pkgPath, pkgEnvDetails, options) {
7134
+ async function addOverrides(pkgEnvDetails, pkgPath, options) {
7104
7135
  const {
7105
7136
  agent,
7106
- agentExecPath,
7107
7137
  lockName,
7108
7138
  lockSrc,
7109
7139
  npmExecPath,
@@ -7119,27 +7149,19 @@ async function addOverrides(pkgPath, pkgEnvDetails, options) {
7119
7149
  addedInWorkspaces: new Set(),
7120
7150
  updated: new Set(),
7121
7151
  updatedInWorkspaces: new Set(),
7122
- warnedPnpmWorkspaceRequiresNpm: false
7152
+ warnedPnpmWorkspaceRequiresNpm: false,
7153
+ workspacePkgJsonPaths: await shadowNpmPaths.globWorkspace(pkgEnvDetails)
7123
7154
  }
7124
7155
  } = {
7125
7156
  __proto__: null,
7126
7157
  ...options
7127
7158
  }
7128
- let { pkgJson: editablePkgJson } = pkgEnvDetails
7129
- if (editablePkgJson === undefined) {
7130
- editablePkgJson = await packages.readPackageJson(pkgPath, {
7131
- editable: true
7132
- })
7133
- }
7134
- const workspaceName = path$1.relative(rootPath, pkgPath)
7135
- const workspaceGlobs = await getWorkspaceGlobs(
7136
- agent,
7137
- pkgPath,
7138
- editablePkgJson
7139
- )
7140
- const isRoot = pkgPath === rootPath
7141
- const isLockScanned = isRoot && !prod
7142
- const isWorkspace = !!workspaceGlobs
7159
+ const isWorkspace = state.workspacePkgJsonPaths.length > 0
7160
+ const isWorkspaceRoot = pkgPath === rootPath
7161
+ const isLockScanned = isWorkspaceRoot && !prod
7162
+ const workspaceName = isWorkspaceRoot
7163
+ ? ''
7164
+ : path$1.relative(rootPath, pkgPath)
7143
7165
  if (
7144
7166
  isWorkspace &&
7145
7167
  agent === PNPM &&
@@ -7150,25 +7172,25 @@ async function addOverrides(pkgPath, pkgEnvDetails, options) {
7150
7172
  state.warnedPnpmWorkspaceRequiresNpm = true
7151
7173
  logger?.warn(
7152
7174
  cmdPrefixMessage(
7153
- CMD_NAME$1,
7175
+ CMD_NAME,
7154
7176
  `${agent} workspace support requires \`npm ls\`, falling back to \`${agent} list\``
7155
7177
  )
7156
7178
  )
7157
7179
  }
7158
7180
  const overridesDataObjects = []
7159
- if (editablePkgJson.content['private'] || isWorkspace) {
7160
- overridesDataObjects.push(overridesDataByAgent.get(agent)(editablePkgJson))
7181
+ if (isWorkspace || pkgEnvDetails.editablePkgJson.content['private']) {
7182
+ overridesDataObjects.push(overridesDataByAgent.get(agent)(pkgEnvDetails))
7161
7183
  } else {
7162
7184
  overridesDataObjects.push(
7163
- overridesDataByAgent.get(NPM$1)(editablePkgJson),
7164
- overridesDataByAgent.get(YARN_CLASSIC)(editablePkgJson)
7185
+ overridesDataByAgent.get(NPM$1)(pkgEnvDetails),
7186
+ overridesDataByAgent.get(YARN_CLASSIC)(pkgEnvDetails)
7165
7187
  )
7166
7188
  }
7167
7189
  spinner?.setText(
7168
7190
  `Adding overrides${workspaceName ? ` to ${workspaceName}` : ''}...`
7169
7191
  )
7170
7192
  const depAliasMap = new Map()
7171
- const depEntries = getDependencyEntries(editablePkgJson)
7193
+ const depEntries = getDependencyEntries(pkgEnvDetails)
7172
7194
  const manifestEntries = manifestNpmOverrides.filter(({ 1: data }) =>
7173
7195
  vendor.semverExports.satisfies(
7174
7196
  // Roughly check Node range as semver.coerce will strip leading
@@ -7219,7 +7241,7 @@ async function addOverrides(pkgPath, pkgEnvDetails, options) {
7219
7241
  depAliasMap.set(origPkgName, thisSpec)
7220
7242
  }
7221
7243
  }
7222
- if (isRoot) {
7244
+ if (isWorkspaceRoot) {
7223
7245
  // The AgentDepsIncludesFn and AgentLockIncludesFn types overlap in their
7224
7246
  // first two parameters. AgentLockIncludesFn accepts an optional third
7225
7247
  // parameter which AgentDepsIncludesFn will ignore so we cast thingScanner
@@ -7229,7 +7251,7 @@ async function addOverrides(pkgPath, pkgEnvDetails, options) {
7229
7251
  : depsIncludesByAgent.get(agent)
7230
7252
  const thingToScan = isLockScanned
7231
7253
  ? lockSrc
7232
- : await lsByAgent.get(agent)(agentExecPath, pkgPath, {
7254
+ : await lsByAgent.get(agent)(pkgEnvDetails, pkgPath, {
7233
7255
  npmExecPath
7234
7256
  })
7235
7257
  // Chunk package names to process them in parallel 3 at a time.
@@ -7295,28 +7317,21 @@ async function addOverrides(pkgPath, pkgEnvDetails, options) {
7295
7317
  )
7296
7318
  }
7297
7319
  })
7298
- if (workspaceGlobs) {
7299
- const workspacePkgJsonPaths = await vendor.distExports.glob(
7300
- workspaceGlobs,
7301
- {
7302
- absolute: true,
7303
- cwd: pkgPath,
7304
- ignore: ['**/node_modules/**', '**/bower_components/**']
7305
- }
7306
- )
7320
+ if (isWorkspace) {
7307
7321
  // Chunk package names to process them in parallel 3 at a time.
7308
7322
  await promises.pEach(
7309
- workspacePkgJsonPaths,
7323
+ state.workspacePkgJsonPaths,
7310
7324
  3,
7311
7325
  async workspacePkgJsonPath => {
7312
7326
  const otherState = await addOverrides(
7313
- path$1.dirname(workspacePkgJsonPath),
7314
7327
  pkgEnvDetails,
7328
+ path$1.dirname(workspacePkgJsonPath),
7315
7329
  {
7316
7330
  logger,
7317
7331
  pin,
7318
7332
  prod,
7319
- spinner
7333
+ spinner,
7334
+ state
7320
7335
  }
7321
7336
  )
7322
7337
  for (const key of [
@@ -7333,14 +7348,14 @@ async function addOverrides(pkgPath, pkgEnvDetails, options) {
7333
7348
  )
7334
7349
  }
7335
7350
  if (state.added.size > 0 || state.updated.size > 0) {
7336
- editablePkgJson.update(Object.fromEntries(depEntries))
7351
+ pkgEnvDetails.editablePkgJson.update(Object.fromEntries(depEntries))
7337
7352
  for (const { overrides, type } of overridesDataObjects) {
7338
7353
  updateManifestByAgent.get(type)(
7339
- editablePkgJson,
7354
+ pkgEnvDetails,
7340
7355
  objects.toSortedObject(overrides)
7341
7356
  )
7342
7357
  }
7343
- await editablePkgJson.save()
7358
+ await pkgEnvDetails.editablePkgJson.save()
7344
7359
  }
7345
7360
  return state
7346
7361
  }
@@ -7386,7 +7401,6 @@ async function updateLockfile(pkgEnvDetails, options) {
7386
7401
  }
7387
7402
  }
7388
7403
 
7389
- const CMD_NAME = 'socket optimize'
7390
7404
  function createActionMessage(verb, overrideCount, workspaceCount) {
7391
7405
  return `${verb} ${overrideCount} Socket.dev optimized ${words.pluralize('override', overrideCount)}${workspaceCount ? ` in ${workspaceCount} ${words.pluralize('workspace', workspaceCount)}` : ''}`
7392
7406
  }
@@ -7402,7 +7416,7 @@ async function applyOptimization(cwd, pin, prod) {
7402
7416
  // Lazily access constants.spinner.
7403
7417
  const { spinner } = constants
7404
7418
  spinner.start('Socket optimizing...')
7405
- const state = await addOverrides(pkgEnvDetails.pkgPath, pkgEnvDetails, {
7419
+ const state = await addOverrides(pkgEnvDetails, pkgEnvDetails.pkgPath, {
7406
7420
  logger: logger.logger,
7407
7421
  pin,
7408
7422
  prod,
@@ -7435,8 +7449,8 @@ async function applyOptimization(cwd, pin, prod) {
7435
7449
  }
7436
7450
  }
7437
7451
 
7438
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$l } = constants
7439
- const config$n = {
7452
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$m } = constants
7453
+ const config$o = {
7440
7454
  commandName: 'optimize',
7441
7455
  description: 'Optimize dependencies with @socketregistry overrides',
7442
7456
  hidden: false,
@@ -7466,20 +7480,20 @@ const config$n = {
7466
7480
  `
7467
7481
  }
7468
7482
  const cmdOptimize = {
7469
- description: config$n.description,
7470
- hidden: config$n.hidden,
7471
- run: run$n
7483
+ description: config$o.description,
7484
+ hidden: config$o.hidden,
7485
+ run: run$o
7472
7486
  }
7473
- async function run$n(argv, importMeta, { parentName }) {
7487
+ async function run$o(argv, importMeta, { parentName }) {
7474
7488
  const cli = meowOrExit({
7475
7489
  argv,
7476
- config: config$n,
7490
+ config: config$o,
7477
7491
  importMeta,
7478
7492
  parentName
7479
7493
  })
7480
7494
  const cwd = process.cwd()
7481
7495
  if (cli.flags['dryRun']) {
7482
- logger.logger.log(DRY_RUN_BAIL_TEXT$l)
7496
+ logger.logger.log(DRY_RUN_BAIL_TEXT$m)
7483
7497
  return
7484
7498
  }
7485
7499
  await applyOptimization(
@@ -7580,8 +7594,8 @@ async function handleOrganizationList(outputKind = 'text') {
7580
7594
  await outputOrganizationList(data, outputKind)
7581
7595
  }
7582
7596
 
7583
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$k } = constants
7584
- const config$m = {
7597
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$l } = constants
7598
+ const config$n = {
7585
7599
  commandName: 'list',
7586
7600
  description: 'List organizations associated with the API key used',
7587
7601
  hidden: false,
@@ -7598,18 +7612,18 @@ const config$m = {
7598
7612
  - Permissions: none (does need a token)
7599
7613
 
7600
7614
  Options
7601
- ${getFlagListOutput(config$m.flags, 6)}
7615
+ ${getFlagListOutput(config$n.flags, 6)}
7602
7616
  `
7603
7617
  }
7604
7618
  const cmdOrganizationList = {
7605
- description: config$m.description,
7606
- hidden: config$m.hidden,
7607
- run: run$m
7619
+ description: config$n.description,
7620
+ hidden: config$n.hidden,
7621
+ run: run$n
7608
7622
  }
7609
- async function run$m(argv, importMeta, { parentName }) {
7623
+ async function run$n(argv, importMeta, { parentName }) {
7610
7624
  const cli = meowOrExit({
7611
7625
  argv,
7612
- config: config$m,
7626
+ config: config$n,
7613
7627
  importMeta,
7614
7628
  parentName
7615
7629
  })
@@ -7637,7 +7651,7 @@ async function run$m(argv, importMeta, { parentName }) {
7637
7651
  return
7638
7652
  }
7639
7653
  if (cli.flags['dryRun']) {
7640
- logger.logger.log(DRY_RUN_BAIL_TEXT$k)
7654
+ logger.logger.log(DRY_RUN_BAIL_TEXT$l)
7641
7655
  return
7642
7656
  }
7643
7657
  await handleOrganizationList(json ? 'json' : markdown ? 'markdown' : 'text')
@@ -7681,8 +7695,7 @@ async function outputLicensePolicy(data, outputKind) {
7681
7695
  logger.logger.log('This is the license policy for your organization:')
7682
7696
  logger.logger.log('')
7683
7697
  const rules = data.license_policy
7684
- // @ts-ignore -- not sure what it's complaining about
7685
- const entries = Object.entries(rules)
7698
+ const entries = rules ? Object.entries(rules) : []
7686
7699
  const mapped = entries.map(([key, value]) => [
7687
7700
  key,
7688
7701
  value.allowed ? ' yes' : ' no'
@@ -7700,10 +7713,10 @@ async function handleLicensePolicy(orgSlug, outputKind) {
7700
7713
  await outputLicensePolicy(data, outputKind)
7701
7714
  }
7702
7715
 
7703
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$j } = constants
7716
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$k } = constants
7704
7717
 
7705
7718
  // TODO: secret toplevel alias `socket license policy`?
7706
- const config$l = {
7719
+ const config$m = {
7707
7720
  commandName: 'license',
7708
7721
  description: 'Retrieve the license policy of an organization',
7709
7722
  hidden: true,
@@ -7720,7 +7733,7 @@ const config$l = {
7720
7733
  - Permissions: license-policy:read
7721
7734
 
7722
7735
  Options
7723
- ${getFlagListOutput(config$l.flags, 6)}
7736
+ ${getFlagListOutput(config$m.flags, 6)}
7724
7737
 
7725
7738
  Your API token will need the \`license-policy:read\` permission otherwise
7726
7739
  the request will fail with an authentication error.
@@ -7731,14 +7744,14 @@ const config$l = {
7731
7744
  `
7732
7745
  }
7733
7746
  const cmdOrganizationPolicyLicense = {
7734
- description: config$l.description,
7735
- hidden: config$l.hidden,
7736
- run: run$l
7747
+ description: config$m.description,
7748
+ hidden: config$m.hidden,
7749
+ run: run$m
7737
7750
  }
7738
- async function run$l(argv, importMeta, { parentName }) {
7751
+ async function run$m(argv, importMeta, { parentName }) {
7739
7752
  const cli = meowOrExit({
7740
7753
  argv,
7741
- config: config$l,
7754
+ config: config$m,
7742
7755
  importMeta,
7743
7756
  parentName
7744
7757
  })
@@ -7775,7 +7788,7 @@ async function run$l(argv, importMeta, { parentName }) {
7775
7788
  return
7776
7789
  }
7777
7790
  if (cli.flags['dryRun']) {
7778
- logger.logger.log(DRY_RUN_BAIL_TEXT$j)
7791
+ logger.logger.log(DRY_RUN_BAIL_TEXT$k)
7779
7792
  return
7780
7793
  }
7781
7794
  await handleLicensePolicy(
@@ -7827,7 +7840,7 @@ async function outputSecurityPolicy(data, outputKind) {
7827
7840
  )
7828
7841
  logger.logger.log('')
7829
7842
  const rules = data.securityPolicyRules
7830
- const entries = Object.entries(rules)
7843
+ const entries = rules ? Object.entries(rules) : []
7831
7844
  const mapped = entries.map(([key, value]) => [key, value.action])
7832
7845
  mapped.sort(([a], [b]) => (a < b ? -1 : a > b ? 1 : 0))
7833
7846
  logger.logger.log(mdTableOfPairs(mapped, ['name', 'action']))
@@ -7842,10 +7855,10 @@ async function handleSecurityPolicy(orgSlug, outputKind) {
7842
7855
  await outputSecurityPolicy(data, outputKind)
7843
7856
  }
7844
7857
 
7845
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$i } = constants
7858
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$j } = constants
7846
7859
 
7847
7860
  // TODO: secret toplevel alias `socket security policy`?
7848
- const config$k = {
7861
+ const config$l = {
7849
7862
  commandName: 'security',
7850
7863
  description: 'Retrieve the security policy of an organization',
7851
7864
  hidden: true,
@@ -7862,7 +7875,7 @@ const config$k = {
7862
7875
  - Permissions: security-policy:read
7863
7876
 
7864
7877
  Options
7865
- ${getFlagListOutput(config$k.flags, 6)}
7878
+ ${getFlagListOutput(config$l.flags, 6)}
7866
7879
 
7867
7880
  Your API token will need the \`security-policy:read\` permission otherwise
7868
7881
  the request will fail with an authentication error.
@@ -7873,14 +7886,14 @@ const config$k = {
7873
7886
  `
7874
7887
  }
7875
7888
  const cmdOrganizationPolicyPolicy = {
7876
- description: config$k.description,
7877
- hidden: config$k.hidden,
7878
- run: run$k
7889
+ description: config$l.description,
7890
+ hidden: config$l.hidden,
7891
+ run: run$l
7879
7892
  }
7880
- async function run$k(argv, importMeta, { parentName }) {
7893
+ async function run$l(argv, importMeta, { parentName }) {
7881
7894
  const cli = meowOrExit({
7882
7895
  argv,
7883
- config: config$k,
7896
+ config: config$l,
7884
7897
  importMeta,
7885
7898
  parentName
7886
7899
  })
@@ -7917,7 +7930,7 @@ async function run$k(argv, importMeta, { parentName }) {
7917
7930
  return
7918
7931
  }
7919
7932
  if (cli.flags['dryRun']) {
7920
- logger.logger.log(DRY_RUN_BAIL_TEXT$i)
7933
+ logger.logger.log(DRY_RUN_BAIL_TEXT$j)
7921
7934
  return
7922
7935
  }
7923
7936
  await handleSecurityPolicy(
@@ -8003,8 +8016,8 @@ async function handleQuota(outputKind = 'text') {
8003
8016
  await outputQuota(data, outputKind)
8004
8017
  }
8005
8018
 
8006
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$h } = constants
8007
- const config$j = {
8019
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$i } = constants
8020
+ const config$k = {
8008
8021
  commandName: 'quota',
8009
8022
  description: 'List organizations associated with the API key used',
8010
8023
  hidden: true,
@@ -8017,18 +8030,18 @@ const config$j = {
8017
8030
  $ ${command}
8018
8031
 
8019
8032
  Options
8020
- ${getFlagListOutput(config$j.flags, 6)}
8033
+ ${getFlagListOutput(config$k.flags, 6)}
8021
8034
  `
8022
8035
  }
8023
8036
  const cmdOrganizationQuota = {
8024
- description: config$j.description,
8025
- hidden: config$j.hidden,
8026
- run: run$j
8037
+ description: config$k.description,
8038
+ hidden: config$k.hidden,
8039
+ run: run$k
8027
8040
  }
8028
- async function run$j(argv, importMeta, { parentName }) {
8041
+ async function run$k(argv, importMeta, { parentName }) {
8029
8042
  const cli = meowOrExit({
8030
8043
  argv,
8031
- config: config$j,
8044
+ config: config$k,
8032
8045
  importMeta,
8033
8046
  parentName
8034
8047
  })
@@ -8056,7 +8069,7 @@ async function run$j(argv, importMeta, { parentName }) {
8056
8069
  return
8057
8070
  }
8058
8071
  if (cli.flags['dryRun']) {
8059
- logger.logger.log(DRY_RUN_BAIL_TEXT$h)
8072
+ logger.logger.log(DRY_RUN_BAIL_TEXT$i)
8060
8073
  return
8061
8074
  }
8062
8075
  await handleQuota(json ? 'json' : markdown ? 'markdown' : 'text')
@@ -8397,8 +8410,8 @@ function parsePackageSpecifiers(ecosystem, pkgs) {
8397
8410
  }
8398
8411
  }
8399
8412
 
8400
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$g } = constants
8401
- const config$i = {
8413
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$h } = constants
8414
+ const config$j = {
8402
8415
  commandName: 'score',
8403
8416
  description:
8404
8417
  '[beta] Look up score for one package which reflects all of its transitive dependencies as well',
@@ -8441,14 +8454,14 @@ const config$i = {
8441
8454
  `
8442
8455
  }
8443
8456
  const cmdPackageScore = {
8444
- description: config$i.description,
8445
- hidden: config$i.hidden,
8446
- run: run$i
8457
+ description: config$j.description,
8458
+ hidden: config$j.hidden,
8459
+ run: run$j
8447
8460
  }
8448
- async function run$i(argv, importMeta, { parentName }) {
8461
+ async function run$j(argv, importMeta, { parentName }) {
8449
8462
  const cli = meowOrExit({
8450
8463
  argv,
8451
- config: config$i,
8464
+ config: config$j,
8452
8465
  importMeta,
8453
8466
  parentName
8454
8467
  })
@@ -8489,7 +8502,7 @@ async function run$i(argv, importMeta, { parentName }) {
8489
8502
  return
8490
8503
  }
8491
8504
  if (cli.flags['dryRun']) {
8492
- logger.logger.log(DRY_RUN_BAIL_TEXT$g)
8505
+ logger.logger.log(DRY_RUN_BAIL_TEXT$h)
8493
8506
  return
8494
8507
  }
8495
8508
  await handlePurlDeepScore(
@@ -8554,7 +8567,7 @@ function outputPurlsShallowScore(purls, packageData, outputKind) {
8554
8567
  return true // not found
8555
8568
  })
8556
8569
  if (outputKind === 'markdown') {
8557
- logger.logger.log(vendor.stripIndents`
8570
+ logger.logger.log(vendor.html`
8558
8571
  # Shallow Package Report
8559
8572
 
8560
8573
  This report contains the response for requesting data on some package url(s).
@@ -8695,8 +8708,8 @@ async function handlePurlsShallowScore({ outputKind, purls }) {
8695
8708
  outputPurlsShallowScore(purls, packageData.data, outputKind)
8696
8709
  }
8697
8710
 
8698
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$f } = constants
8699
- const config$h = {
8711
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$g } = constants
8712
+ const config$i = {
8700
8713
  commandName: 'shallow',
8701
8714
  description:
8702
8715
  '[beta] Look up info regarding one or more packages but not their transitives',
@@ -8739,21 +8752,21 @@ const config$h = {
8739
8752
  `
8740
8753
  }
8741
8754
  const cmdPackageShallow = {
8742
- description: config$h.description,
8743
- hidden: config$h.hidden,
8755
+ description: config$i.description,
8756
+ hidden: config$i.hidden,
8744
8757
  alias: {
8745
8758
  shallowScore: {
8746
- description: config$h.description,
8759
+ description: config$i.description,
8747
8760
  hidden: true,
8748
8761
  argv: []
8749
8762
  }
8750
8763
  },
8751
- run: run$h
8764
+ run: run$i
8752
8765
  }
8753
- async function run$h(argv, importMeta, { parentName }) {
8766
+ async function run$i(argv, importMeta, { parentName }) {
8754
8767
  const cli = meowOrExit({
8755
8768
  argv,
8756
- config: config$h,
8769
+ config: config$i,
8757
8770
  importMeta,
8758
8771
  parentName
8759
8772
  })
@@ -8786,7 +8799,7 @@ async function run$h(argv, importMeta, { parentName }) {
8786
8799
  return
8787
8800
  }
8788
8801
  if (cli.flags['dryRun']) {
8789
- logger.logger.log(DRY_RUN_BAIL_TEXT$f)
8802
+ logger.logger.log(DRY_RUN_BAIL_TEXT$g)
8790
8803
  return
8791
8804
  }
8792
8805
  await handlePurlsShallowScore({
@@ -8838,8 +8851,8 @@ async function runRawNpm(argv) {
8838
8851
  await spawnPromise
8839
8852
  }
8840
8853
 
8841
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$e, NPM } = constants
8842
- const config$g = {
8854
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$f, NPM } = constants
8855
+ const config$h = {
8843
8856
  commandName: 'raw-npm',
8844
8857
  description: `Temporarily disable the Socket ${NPM} wrapper`,
8845
8858
  hidden: false,
@@ -8853,20 +8866,20 @@ const config$g = {
8853
8866
  `
8854
8867
  }
8855
8868
  const cmdRawNpm = {
8856
- description: config$g.description,
8857
- hidden: config$g.hidden,
8858
- run: run$g
8869
+ description: config$h.description,
8870
+ hidden: config$h.hidden,
8871
+ run: run$h
8859
8872
  }
8860
- async function run$g(argv, importMeta, { parentName }) {
8873
+ async function run$h(argv, importMeta, { parentName }) {
8861
8874
  const cli = meowOrExit({
8862
8875
  allowUnknownFlags: true,
8863
8876
  argv,
8864
- config: config$g,
8877
+ config: config$h,
8865
8878
  importMeta,
8866
8879
  parentName
8867
8880
  })
8868
8881
  if (cli.flags['dryRun']) {
8869
- logger.logger.log(DRY_RUN_BAIL_TEXT$e)
8882
+ logger.logger.log(DRY_RUN_BAIL_TEXT$f)
8870
8883
  return
8871
8884
  }
8872
8885
  await runRawNpm(argv)
@@ -8888,8 +8901,8 @@ async function runRawNpx(argv) {
8888
8901
  await spawnPromise
8889
8902
  }
8890
8903
 
8891
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$d, NPX } = constants
8892
- const config$f = {
8904
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$e, NPX } = constants
8905
+ const config$g = {
8893
8906
  commandName: 'raw-npx',
8894
8907
  description: `Temporarily disable the Socket ${NPX} wrapper`,
8895
8908
  hidden: false,
@@ -8903,26 +8916,26 @@ const config$f = {
8903
8916
  `
8904
8917
  }
8905
8918
  const cmdRawNpx = {
8906
- description: config$f.description,
8907
- hidden: config$f.hidden,
8908
- run: run$f
8919
+ description: config$g.description,
8920
+ hidden: config$g.hidden,
8921
+ run: run$g
8909
8922
  }
8910
- async function run$f(argv, importMeta, { parentName }) {
8923
+ async function run$g(argv, importMeta, { parentName }) {
8911
8924
  const cli = meowOrExit({
8912
8925
  allowUnknownFlags: true,
8913
8926
  argv,
8914
- config: config$f,
8927
+ config: config$g,
8915
8928
  importMeta,
8916
8929
  parentName
8917
8930
  })
8918
8931
  if (cli.flags['dryRun']) {
8919
- logger.logger.log(DRY_RUN_BAIL_TEXT$d)
8932
+ logger.logger.log(DRY_RUN_BAIL_TEXT$e)
8920
8933
  return
8921
8934
  }
8922
8935
  await runRawNpx(argv)
8923
8936
  }
8924
8937
 
8925
- const config$e = {
8938
+ const config$f = {
8926
8939
  commandName: 'create',
8927
8940
  description: '[Deprecated] Create a project report',
8928
8941
  hidden: false,
@@ -8936,14 +8949,14 @@ const config$e = {
8936
8949
  `
8937
8950
  }
8938
8951
  const cmdReportCreate = {
8939
- description: config$e.description,
8940
- hidden: config$e.hidden,
8941
- run: run$e
8952
+ description: config$f.description,
8953
+ hidden: config$f.hidden,
8954
+ run: run$f
8942
8955
  }
8943
- async function run$e(argv, importMeta, { parentName }) {
8956
+ async function run$f(argv, importMeta, { parentName }) {
8944
8957
  meowOrExit({
8945
8958
  argv,
8946
- config: config$e,
8959
+ config: config$f,
8947
8960
  importMeta,
8948
8961
  parentName
8949
8962
  })
@@ -8953,7 +8966,7 @@ async function run$e(argv, importMeta, { parentName }) {
8953
8966
  process.exitCode = 1
8954
8967
  }
8955
8968
 
8956
- const config$d = {
8969
+ const config$e = {
8957
8970
  commandName: 'view',
8958
8971
  description: '[Deprecated] View a project report',
8959
8972
  hidden: false,
@@ -8967,14 +8980,14 @@ const config$d = {
8967
8980
  `
8968
8981
  }
8969
8982
  const cmdReportView = {
8970
- description: config$d.description,
8971
- hidden: config$d.hidden,
8972
- run: run$d
8983
+ description: config$e.description,
8984
+ hidden: config$e.hidden,
8985
+ run: run$e
8973
8986
  }
8974
- async function run$d(argv, importMeta, { parentName }) {
8987
+ async function run$e(argv, importMeta, { parentName }) {
8975
8988
  meowOrExit({
8976
8989
  argv,
8977
- config: config$d,
8990
+ config: config$e,
8978
8991
  importMeta,
8979
8992
  parentName
8980
8993
  })
@@ -9061,8 +9074,8 @@ async function handleCreateRepo({
9061
9074
  await outputCreateRepo()
9062
9075
  }
9063
9076
 
9064
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$c } = constants
9065
- const config$c = {
9077
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$d } = constants
9078
+ const config$d = {
9066
9079
  commandName: 'create',
9067
9080
  description: 'Create a repository in an organization',
9068
9081
  hidden: false,
@@ -9115,14 +9128,14 @@ const config$c = {
9115
9128
  `
9116
9129
  }
9117
9130
  const cmdReposCreate = {
9118
- description: config$c.description,
9119
- hidden: config$c.hidden,
9120
- run: run$c
9131
+ description: config$d.description,
9132
+ hidden: config$d.hidden,
9133
+ run: run$d
9121
9134
  }
9122
- async function run$c(argv, importMeta, { parentName }) {
9135
+ async function run$d(argv, importMeta, { parentName }) {
9123
9136
  const cli = meowOrExit({
9124
9137
  argv,
9125
- config: config$c,
9138
+ config: config$d,
9126
9139
  importMeta,
9127
9140
  parentName
9128
9141
  })
@@ -9157,7 +9170,7 @@ async function run$c(argv, importMeta, { parentName }) {
9157
9170
  return
9158
9171
  }
9159
9172
  if (cli.flags['dryRun']) {
9160
- logger.logger.log(DRY_RUN_BAIL_TEXT$c)
9173
+ logger.logger.log(DRY_RUN_BAIL_TEXT$d)
9161
9174
  return
9162
9175
  }
9163
9176
  await handleCreateRepo({
@@ -9186,8 +9199,8 @@ async function handleDeleteRepo(orgSlug, repoName) {
9186
9199
  spinner.successAndStop('Repository deleted successfully')
9187
9200
  }
9188
9201
 
9189
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$b } = constants
9190
- const config$b = {
9202
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$c } = constants
9203
+ const config$c = {
9191
9204
  commandName: 'del',
9192
9205
  description: 'Delete a repository in an organization',
9193
9206
  hidden: false,
@@ -9210,14 +9223,14 @@ const config$b = {
9210
9223
  `
9211
9224
  }
9212
9225
  const cmdReposDel = {
9213
- description: config$b.description,
9214
- hidden: config$b.hidden,
9215
- run: run$b
9226
+ description: config$c.description,
9227
+ hidden: config$c.hidden,
9228
+ run: run$c
9216
9229
  }
9217
- async function run$b(argv, importMeta, { parentName }) {
9230
+ async function run$c(argv, importMeta, { parentName }) {
9218
9231
  const cli = meowOrExit({
9219
9232
  argv,
9220
- config: config$b,
9233
+ config: config$c,
9221
9234
  importMeta,
9222
9235
  parentName
9223
9236
  })
@@ -9252,7 +9265,7 @@ async function run$b(argv, importMeta, { parentName }) {
9252
9265
  return
9253
9266
  }
9254
9267
  if (cli.flags['dryRun']) {
9255
- logger.logger.log(DRY_RUN_BAIL_TEXT$b)
9268
+ logger.logger.log(DRY_RUN_BAIL_TEXT$c)
9256
9269
  return
9257
9270
  }
9258
9271
  await handleDeleteRepo(orgSlug, repoName)
@@ -9341,8 +9354,8 @@ async function handleListRepos({
9341
9354
  await outputListRepos(data, outputKind)
9342
9355
  }
9343
9356
 
9344
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$a } = constants
9345
- const config$a = {
9357
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$b } = constants
9358
+ const config$b = {
9346
9359
  commandName: 'list',
9347
9360
  description: 'List repositories in an organization',
9348
9361
  hidden: false,
@@ -9389,14 +9402,14 @@ const config$a = {
9389
9402
  `
9390
9403
  }
9391
9404
  const cmdReposList = {
9392
- description: config$a.description,
9393
- hidden: config$a.hidden,
9394
- run: run$a
9405
+ description: config$b.description,
9406
+ hidden: config$b.hidden,
9407
+ run: run$b
9395
9408
  }
9396
- async function run$a(argv, importMeta, { parentName }) {
9409
+ async function run$b(argv, importMeta, { parentName }) {
9397
9410
  const cli = meowOrExit({
9398
9411
  argv,
9399
- config: config$a,
9412
+ config: config$b,
9400
9413
  importMeta,
9401
9414
  parentName
9402
9415
  })
@@ -9433,7 +9446,7 @@ async function run$a(argv, importMeta, { parentName }) {
9433
9446
  return
9434
9447
  }
9435
9448
  if (cli.flags['dryRun']) {
9436
- logger.logger.log(DRY_RUN_BAIL_TEXT$a)
9449
+ logger.logger.log(DRY_RUN_BAIL_TEXT$b)
9437
9450
  return
9438
9451
  }
9439
9452
  await handleListRepos({
@@ -9503,8 +9516,8 @@ async function handleUpdateRepo({
9503
9516
  await outputUpdateRepo()
9504
9517
  }
9505
9518
 
9506
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$9 } = constants
9507
- const config$9 = {
9519
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$a } = constants
9520
+ const config$a = {
9508
9521
  commandName: 'update',
9509
9522
  description: 'Update a repository in an organization',
9510
9523
  hidden: false,
@@ -9557,14 +9570,14 @@ const config$9 = {
9557
9570
  `
9558
9571
  }
9559
9572
  const cmdReposUpdate = {
9560
- description: config$9.description,
9561
- hidden: config$9.hidden,
9562
- run: run$9
9573
+ description: config$a.description,
9574
+ hidden: config$a.hidden,
9575
+ run: run$a
9563
9576
  }
9564
- async function run$9(argv, importMeta, { parentName }) {
9577
+ async function run$a(argv, importMeta, { parentName }) {
9565
9578
  const cli = meowOrExit({
9566
9579
  argv,
9567
- config: config$9,
9580
+ config: config$a,
9568
9581
  importMeta,
9569
9582
  parentName
9570
9583
  })
@@ -9599,7 +9612,7 @@ async function run$9(argv, importMeta, { parentName }) {
9599
9612
  return
9600
9613
  }
9601
9614
  if (cli.flags['dryRun']) {
9602
- logger.logger.log(DRY_RUN_BAIL_TEXT$9)
9615
+ logger.logger.log(DRY_RUN_BAIL_TEXT$a)
9603
9616
  return
9604
9617
  }
9605
9618
  await handleUpdateRepo({
@@ -9701,8 +9714,8 @@ async function handleViewRepo(orgSlug, repoName, outputKind) {
9701
9714
  await outputViewRepo(data, outputKind)
9702
9715
  }
9703
9716
 
9704
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$8 } = constants
9705
- const config$8 = {
9717
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$9 } = constants
9718
+ const config$9 = {
9706
9719
  commandName: 'view',
9707
9720
  description: 'View repositories in an organization',
9708
9721
  hidden: false,
@@ -9731,14 +9744,14 @@ const config$8 = {
9731
9744
  `
9732
9745
  }
9733
9746
  const cmdReposView = {
9734
- description: config$8.description,
9735
- hidden: config$8.hidden,
9736
- run: run$8
9747
+ description: config$9.description,
9748
+ hidden: config$9.hidden,
9749
+ run: run$9
9737
9750
  }
9738
- async function run$8(argv, importMeta, { parentName }) {
9751
+ async function run$9(argv, importMeta, { parentName }) {
9739
9752
  const cli = meowOrExit({
9740
9753
  argv,
9741
- config: config$8,
9754
+ config: config$9,
9742
9755
  importMeta,
9743
9756
  parentName
9744
9757
  })
@@ -9781,7 +9794,7 @@ async function run$8(argv, importMeta, { parentName }) {
9781
9794
  return
9782
9795
  }
9783
9796
  if (cli.flags['dryRun']) {
9784
- logger.logger.log(DRY_RUN_BAIL_TEXT$8)
9797
+ logger.logger.log(DRY_RUN_BAIL_TEXT$9)
9785
9798
  return
9786
9799
  }
9787
9800
  await handleViewRepo(
@@ -9876,8 +9889,8 @@ async function suggestTarget() {
9876
9889
  }
9877
9890
  }
9878
9891
 
9879
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$7 } = constants
9880
- const config$7 = {
9892
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$8 } = constants
9893
+ const config$8 = {
9881
9894
  commandName: 'create',
9882
9895
  description: 'Create a scan',
9883
9896
  hidden: false,
@@ -9983,6 +9996,9 @@ const config$7 = {
9983
9996
  When a FILE is given only that FILE is targeted. Otherwise any eligible
9984
9997
  files in the given DIR will be considered.
9985
9998
 
9999
+ The --repo and --branch flags tell Socket to associate this Scan with that
10000
+ repo/branch. The names will show up on your dashboard on the Socket website.
10001
+
9986
10002
  Note: for a first run you probably want to set --defaultBranch to indicate
9987
10003
  the default branch name, like "main" or "master".
9988
10004
 
@@ -9997,14 +10013,14 @@ const config$7 = {
9997
10013
  `
9998
10014
  }
9999
10015
  const cmdScanCreate = {
10000
- description: config$7.description,
10001
- hidden: config$7.hidden,
10002
- run: run$7
10016
+ description: config$8.description,
10017
+ hidden: config$8.hidden,
10018
+ run: run$8
10003
10019
  }
10004
- async function run$7(argv, importMeta, { parentName }) {
10020
+ async function run$8(argv, importMeta, { parentName }) {
10005
10021
  const cli = meowOrExit({
10006
10022
  argv,
10007
- config: config$7,
10023
+ config: config$8,
10008
10024
  importMeta,
10009
10025
  parentName
10010
10026
  })
@@ -10056,154 +10072,484 @@ async function run$7(argv, importMeta, { parentName }) {
10056
10072
  if (suggestion) {
10057
10073
  orgSlug = suggestion
10058
10074
  }
10059
- updatedInput = true
10075
+ updatedInput = true
10076
+ }
10077
+ }
10078
+ if (updatedInput && orgSlug && targets?.length) {
10079
+ logger.logger.error(
10080
+ 'Note: You can invoke this command next time to skip the interactive questions:'
10081
+ )
10082
+ logger.logger.error('```')
10083
+ logger.logger.error(
10084
+ ` socket scan create [other flags...] ${defaultOrgSlug ? '' : orgSlug} ${targets.join(' ')}`
10085
+ )
10086
+ logger.logger.error('```\n')
10087
+ }
10088
+ const wasBadInput = handleBadInput(
10089
+ {
10090
+ nook: !!defaultOrgSlug,
10091
+ test: !!orgSlug && orgSlug !== '.',
10092
+ message: 'Org name as the first argument',
10093
+ pass: 'ok',
10094
+ fail:
10095
+ orgSlug === '.'
10096
+ ? 'dot is an invalid org, most likely you forgot the org name here?'
10097
+ : 'missing'
10098
+ },
10099
+ {
10100
+ test: !!targets.length,
10101
+ message: 'At least one TARGET (e.g. `.` or `./package.json`)',
10102
+ pass: 'ok',
10103
+ fail: 'missing (or perhaps you forgot the org slug?)'
10104
+ },
10105
+ {
10106
+ nook: true,
10107
+ test: !json || !markdown,
10108
+ message: 'The json and markdown flags cannot be both set, pick one',
10109
+ pass: 'ok',
10110
+ fail: 'omit one'
10111
+ },
10112
+ {
10113
+ nook: true,
10114
+ test: !!apiToken,
10115
+ message: 'This command requires an API token for access',
10116
+ pass: 'ok',
10117
+ fail: 'missing (try `socket login`)'
10118
+ },
10119
+ {
10120
+ nook: true,
10121
+ test: !pendingHead || !tmp,
10122
+ message: 'Can not use --pendingHead and --tmp at the same time',
10123
+ pass: 'ok',
10124
+ fail: 'remove at least one flag'
10125
+ },
10126
+ {
10127
+ nook: true,
10128
+ test: !pendingHead || !!branchName,
10129
+ message: 'When --pendingHead is set, --branch is mandatory',
10130
+ pass: 'ok',
10131
+ fail: 'missing branch name'
10132
+ },
10133
+ {
10134
+ nook: true,
10135
+ test: !defaultBranch || !!branchName,
10136
+ message: 'When --defaultBranch is set, --branch is mandatory',
10137
+ pass: 'ok',
10138
+ fail: 'missing branch name'
10139
+ }
10140
+ )
10141
+ if (wasBadInput) {
10142
+ return
10143
+ }
10144
+
10145
+ // Note exiting earlier to skirt a hidden auth requirement
10146
+ if (dryRun) {
10147
+ logger.logger.log(DRY_RUN_BAIL_TEXT$8)
10148
+ return
10149
+ }
10150
+ await handleCreateNewScan({
10151
+ branchName: branchName,
10152
+ commitHash: (commitHash && String(commitHash)) || '',
10153
+ commitMessage: (commitMessage && String(commitMessage)) || '',
10154
+ committers: (committers && String(committers)) || '',
10155
+ cwd,
10156
+ defaultBranch: Boolean(defaultBranch),
10157
+ orgSlug,
10158
+ outputKind: json ? 'json' : markdown ? 'markdown' : 'text',
10159
+ pendingHead: Boolean(pendingHead),
10160
+ pullRequest: Number(pullRequest),
10161
+ readOnly: Boolean(readOnly),
10162
+ repoName: repoName,
10163
+ report,
10164
+ targets,
10165
+ tmp: Boolean(tmp)
10166
+ })
10167
+ }
10168
+
10169
+ async function fetchDeleteOrgFullScan(orgSlug, scanId) {
10170
+ const sockSdk = await shadowNpmInject.setupSdk()
10171
+
10172
+ // Lazily access constants.spinner.
10173
+ const { spinner } = constants
10174
+ spinner.start('Requesting the scan to be deleted...')
10175
+ const result = await handleApiCall(
10176
+ sockSdk.deleteOrgFullScan(orgSlug, scanId),
10177
+ 'Deleting scan'
10178
+ )
10179
+ spinner.successAndStop('Received response for deleting a scan.')
10180
+ if (!result.success) {
10181
+ handleUnsuccessfulApiResponse('deleteOrgFullScan', result)
10182
+ }
10183
+ return result.data
10184
+ }
10185
+
10186
+ async function outputDeleteScan(_data) {
10187
+ logger.logger.success('Scan deleted successfully')
10188
+ }
10189
+
10190
+ async function handleDeleteScan(orgSlug, scanId) {
10191
+ const data = await fetchDeleteOrgFullScan(orgSlug, scanId)
10192
+ if (!data) {
10193
+ return
10194
+ }
10195
+ await outputDeleteScan()
10196
+ }
10197
+
10198
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$7 } = constants
10199
+ const config$7 = {
10200
+ commandName: 'del',
10201
+ description: 'Delete a scan',
10202
+ hidden: false,
10203
+ flags: {
10204
+ ...commonFlags,
10205
+ ...outputFlags
10206
+ },
10207
+ help: (command, config) => `
10208
+ Usage
10209
+ $ ${command} <org slug> <scan ID>
10210
+
10211
+ API Token Requirements
10212
+ - Quota: 1 unit
10213
+ - Permissions: full-scans:delete
10214
+
10215
+ Options
10216
+ ${getFlagListOutput(config.flags, 6)}
10217
+
10218
+ Examples
10219
+ $ ${command} FakeOrg 000aaaa1-0000-0a0a-00a0-00a0000000a0
10220
+ `
10221
+ }
10222
+ const cmdScanDel = {
10223
+ description: config$7.description,
10224
+ hidden: config$7.hidden,
10225
+ run: run$7
10226
+ }
10227
+ async function run$7(argv, importMeta, { parentName }) {
10228
+ const cli = meowOrExit({
10229
+ argv,
10230
+ config: config$7,
10231
+ importMeta,
10232
+ parentName
10233
+ })
10234
+ const defaultOrgSlug = shadowNpmInject.getConfigValue('defaultOrg')
10235
+ const orgSlug = defaultOrgSlug || cli.input[0] || ''
10236
+ const scanId = (defaultOrgSlug ? cli.input[0] : cli.input[1]) || ''
10237
+ const apiToken = shadowNpmInject.getDefaultToken()
10238
+ const wasBadInput = handleBadInput(
10239
+ {
10240
+ nook: !!defaultOrgSlug,
10241
+ test: !!orgSlug && orgSlug !== '.',
10242
+ message: 'Org name as the first argument',
10243
+ pass: 'ok',
10244
+ fail:
10245
+ orgSlug === '.'
10246
+ ? 'dot is an invalid org, most likely you forgot the org name here?'
10247
+ : 'missing'
10248
+ },
10249
+ {
10250
+ test: !!scanId,
10251
+ message: 'Scan ID to delete',
10252
+ pass: 'ok',
10253
+ fail: 'missing'
10254
+ },
10255
+ {
10256
+ nook: true,
10257
+ test: !!apiToken,
10258
+ message:
10259
+ 'You need to be logged in to use this command. See `socket login`.',
10260
+ pass: 'ok',
10261
+ fail: 'missing API token'
10262
+ }
10263
+ )
10264
+ if (wasBadInput) {
10265
+ return
10266
+ }
10267
+ if (cli.flags['dryRun']) {
10268
+ logger.logger.log(DRY_RUN_BAIL_TEXT$7)
10269
+ return
10270
+ }
10271
+ await handleDeleteScan(orgSlug, scanId)
10272
+ }
10273
+
10274
+ async function fetchDiffScan({ id1, id2, orgSlug }) {
10275
+ const apiToken = shadowNpmInject.getDefaultToken()
10276
+
10277
+ // Lazily access constants.spinner.
10278
+ const { spinner } = constants
10279
+ logger.logger.error('Scan ID 1:', id1)
10280
+ logger.logger.error('Scan ID 2:', id2)
10281
+ spinner.start('Fetching scan diff... (this may take a while)')
10282
+ const response = await queryApi(
10283
+ `orgs/${orgSlug}/full-scans/diff?before=${encodeURIComponent(id1)}&after=${encodeURIComponent(id2)}`,
10284
+ apiToken || ''
10285
+ )
10286
+ spinner.successAndStop('Received scan diff response')
10287
+ if (!response.ok) {
10288
+ const err = await handleApiError(response.status)
10289
+ logger.logger.fail(failMsgWithBadge(response.statusText, err))
10290
+ return
10291
+ }
10292
+ const result = await handleApiCall(
10293
+ await response.json(),
10294
+ 'Deserializing json'
10295
+ )
10296
+ return result
10297
+ }
10298
+
10299
+ const SOCKET_SBOM_URL_PREFIX$1 =
10300
+ 'https://socket.dev/dashboard/org/SocketDev/sbom/'
10301
+ async function outputDiffScan(result, { depth, file, outputKind }) {
10302
+ const dashboardUrl = result.diff_report_url
10303
+ const dashboardMessage = dashboardUrl
10304
+ ? `\n View this diff scan in the Socket dashboard: ${vendor.yoctocolorsCjsExports.cyan(dashboardUrl)}`
10305
+ : ''
10306
+
10307
+ // When forcing json, or dumping to file, serialize to string such that it
10308
+ // won't get truncated. The only way to dump the full raw JSON to stdout is
10309
+ // to use `--json --file -` (the dash is a standard notation for stdout)
10310
+ if (outputKind === 'json' || file) {
10311
+ let json
10312
+ try {
10313
+ json = JSON.stringify(result, null, 2)
10314
+ } catch (e) {
10315
+ process.exitCode = 1
10316
+ // Most likely caused by a circular reference (or OOM)
10317
+ logger.logger.fail('There was a problem converting the data to JSON')
10318
+ logger.logger.error(e)
10319
+ return
10320
+ }
10321
+ if (file && file !== '-') {
10322
+ logger.logger.log(`Writing json to \`${file}\``)
10323
+ fs$1.writeFile(file, JSON.stringify(result, null, 2), err => {
10324
+ if (err) {
10325
+ logger.logger.fail(`Writing to \`${file}\` failed...`)
10326
+ logger.logger.error(err)
10327
+ } else {
10328
+ logger.logger.log(`Data successfully written to \`${file}\``)
10329
+ }
10330
+ logger.logger.error(dashboardMessage)
10331
+ })
10332
+ } else {
10333
+ // TODO: expose different method for writing to stderr when simply dodging stdout
10334
+ logger.logger.error(`\n Diff scan result: \n`)
10335
+ logger.logger.log(json)
10336
+ logger.logger.error(dashboardMessage)
10337
+ }
10338
+ return
10339
+ }
10340
+ if (outputKind === 'markdown') {
10341
+ logger.logger.log('# Scan diff result')
10342
+ logger.logger.log('')
10343
+ logger.logger.log(
10344
+ 'This Socket.dev report shows the changes between two scans:'
10345
+ )
10346
+ logger.logger.log(
10347
+ `- [${result.before.id}](${SOCKET_SBOM_URL_PREFIX$1}${result.before.id})`
10348
+ )
10349
+ logger.logger.log(
10350
+ `- [${result.after.id}](${SOCKET_SBOM_URL_PREFIX$1}${result.after.id})`
10351
+ )
10352
+ logger.logger.log('')
10353
+ logger.logger.log(
10354
+ `You can [view this report in your dashboard](${result.diff_report_url})`
10355
+ )
10356
+ logger.logger.log('')
10357
+ logger.logger.log('## Changes')
10358
+ logger.logger.log('')
10359
+ logger.logger.log(
10360
+ `- directDependenciesChanged: ${result.directDependenciesChanged}`
10361
+ )
10362
+ logger.logger.log(`- Added packages: ${result.artifacts.added.length}`)
10363
+ if (result.artifacts.added.length > 0) {
10364
+ result.artifacts.added.slice(0, 10).forEach(artifact => {
10365
+ logger.logger.log(
10366
+ ` - ${artifact.type} ${artifact.name}@${artifact.version}`
10367
+ )
10368
+ })
10369
+ if (result.artifacts.added.length > 10) {
10370
+ logger.logger.log(
10371
+ ` ... and ${result.artifacts.added.length - 10} more`
10372
+ )
10373
+ }
10374
+ }
10375
+ logger.logger.log(`- Removed packages: ${result.artifacts.removed.length}`)
10376
+ if (result.artifacts.removed.length > 0) {
10377
+ result.artifacts.removed.slice(0, 10).forEach(artifact => {
10378
+ logger.logger.log(
10379
+ ` - ${artifact.type} ${artifact.name}@${artifact.version}`
10380
+ )
10381
+ })
10382
+ if (result.artifacts.removed.length > 10) {
10383
+ logger.logger.log(
10384
+ ` ... and ${result.artifacts.removed.length - 10} more`
10385
+ )
10386
+ }
10387
+ }
10388
+ logger.logger.log(
10389
+ `- Replaced packages: ${result.artifacts.replaced.length}`
10390
+ )
10391
+ if (result.artifacts.replaced.length > 0) {
10392
+ result.artifacts.replaced.slice(0, 10).forEach(artifact => {
10393
+ logger.logger.log(
10394
+ ` - ${artifact.type} ${artifact.name}@${artifact.version}`
10395
+ )
10396
+ })
10397
+ if (result.artifacts.replaced.length > 10) {
10398
+ logger.logger.log(
10399
+ ` ... and ${result.artifacts.replaced.length - 10} more`
10400
+ )
10401
+ }
10402
+ }
10403
+ logger.logger.log(`- Updated packages: ${result.artifacts.updated.length}`)
10404
+ if (result.artifacts.updated.length > 0) {
10405
+ result.artifacts.updated.slice(0, 10).forEach(artifact => {
10406
+ logger.logger.log(
10407
+ ` - ${artifact.type} ${artifact.name}@${artifact.version}`
10408
+ )
10409
+ })
10410
+ if (result.artifacts.updated.length > 10) {
10411
+ logger.logger.log(
10412
+ ` ... and ${result.artifacts.updated.length - 10} more`
10413
+ )
10414
+ }
10415
+ }
10416
+ logger.logger.log(
10417
+ `- Unchanged packages: ${result.artifacts.unchanged.length}`
10418
+ )
10419
+ if (result.artifacts.unchanged.length > 0) {
10420
+ result.artifacts.unchanged.slice(0, 10).forEach(artifact => {
10421
+ logger.logger.log(
10422
+ ` - ${artifact.type} ${artifact.name}@${artifact.version}`
10423
+ )
10424
+ })
10425
+ if (result.artifacts.unchanged.length > 10) {
10426
+ logger.logger.log(
10427
+ ` ... and ${result.artifacts.unchanged.length - 10} more`
10428
+ )
10429
+ }
10060
10430
  }
10061
- }
10062
- if (updatedInput && orgSlug && targets?.length) {
10063
- logger.logger.error(
10064
- 'Note: You can invoke this command next time to skip the interactive questions:'
10431
+ logger.logger.log('')
10432
+ logger.logger.log(`## Scan ${result.before.id}`)
10433
+ logger.logger.log('')
10434
+ logger.logger.log(
10435
+ 'This Scan was considered to be the "base" / "from" / "before" Scan.'
10065
10436
  )
10066
- logger.logger.error('```')
10067
- logger.logger.error(
10068
- ` socket scan create [other flags...] ${defaultOrgSlug ? '' : orgSlug} ${targets.join(' ')}`
10437
+ logger.logger.log('')
10438
+ for (const [key, value] of Object.entries(result.before)) {
10439
+ if (key === 'pull_request' && !value) {
10440
+ continue
10441
+ }
10442
+ if (!['id', 'organization_id', 'repository_id'].includes(key)) {
10443
+ logger.logger.group(
10444
+ `- ${key === 'repository_slug' ? 'repo' : key === 'organization_slug' ? 'org' : key}: ${value}`
10445
+ )
10446
+ logger.logger.groupEnd()
10447
+ }
10448
+ }
10449
+ logger.logger.log('')
10450
+ logger.logger.log(`## Scan ${result.after.id}`)
10451
+ logger.logger.log('')
10452
+ logger.logger.log(
10453
+ 'This Scan was considered to be the "head" / "to" / "after" Scan.'
10069
10454
  )
10070
- logger.logger.error('```\n')
10071
- }
10072
- const wasBadInput = handleBadInput(
10073
- {
10074
- nook: !!defaultOrgSlug,
10075
- test: !!orgSlug && orgSlug !== '.',
10076
- message: 'Org name as the first argument',
10077
- pass: 'ok',
10078
- fail:
10079
- orgSlug === '.'
10080
- ? 'dot is an invalid org, most likely you forgot the org name here?'
10081
- : 'missing'
10082
- },
10083
- {
10084
- test: !!targets.length,
10085
- message: 'At least one TARGET (e.g. `.` or `./package.json`)',
10086
- pass: 'ok',
10087
- fail: 'missing (or perhaps you forgot the org slug?)'
10088
- },
10089
- {
10090
- nook: true,
10091
- test: !json || !markdown,
10092
- message: 'The json and markdown flags cannot be both set, pick one',
10093
- pass: 'ok',
10094
- fail: 'omit one'
10095
- },
10096
- {
10097
- nook: true,
10098
- test: !!apiToken,
10099
- message: 'This command requires an API token for access',
10100
- pass: 'ok',
10101
- fail: 'missing (try `socket login`)'
10102
- },
10103
- {
10104
- nook: true,
10105
- test: !pendingHead || !tmp,
10106
- message: 'Can not use --pendingHead and --tmp at the same time',
10107
- pass: 'ok',
10108
- fail: 'remove at least one flag'
10109
- },
10110
- {
10111
- nook: true,
10112
- test: !pendingHead || !!branchName,
10113
- message: 'When --pendingHead is set, --branch is mandatory',
10114
- pass: 'ok',
10115
- fail: 'missing branch name'
10116
- },
10117
- {
10118
- nook: true,
10119
- test: !defaultBranch || !!branchName,
10120
- message: 'When --defaultBranch is set, --branch is mandatory',
10121
- pass: 'ok',
10122
- fail: 'missing branch name'
10455
+ logger.logger.log('')
10456
+ for (const [key, value] of Object.entries(result.after)) {
10457
+ if (key === 'pull_request' && !value) {
10458
+ continue
10459
+ }
10460
+ if (!['id', 'organization_id', 'repository_id'].includes(key)) {
10461
+ logger.logger.group(
10462
+ `- ${key === 'repository_slug' ? 'repo' : key === 'organization_slug' ? 'org' : key}: ${value}`
10463
+ )
10464
+ logger.logger.groupEnd()
10465
+ }
10123
10466
  }
10124
- )
10125
- if (wasBadInput) {
10126
- return
10127
- }
10128
-
10129
- // Note exiting earlier to skirt a hidden auth requirement
10130
- if (dryRun) {
10131
- logger.logger.log(DRY_RUN_BAIL_TEXT$7)
10467
+ logger.logger.log('')
10132
10468
  return
10133
10469
  }
10134
- await handleCreateNewScan({
10135
- branchName: branchName,
10136
- commitHash: (commitHash && String(commitHash)) || '',
10137
- commitMessage: (commitMessage && String(commitMessage)) || '',
10138
- committers: (committers && String(committers)) || '',
10139
- cwd,
10140
- defaultBranch: Boolean(defaultBranch),
10141
- orgSlug,
10142
- outputKind: json ? 'json' : markdown ? 'markdown' : 'text',
10143
- pendingHead: Boolean(pendingHead),
10144
- pullRequest: Number(pullRequest),
10145
- readOnly: Boolean(readOnly),
10146
- repoName: repoName,
10147
- report,
10148
- targets,
10149
- tmp: Boolean(tmp)
10150
- })
10151
- }
10152
10470
 
10153
- async function fetchDeleteOrgFullScan(orgSlug, scanId) {
10154
- const sockSdk = await shadowNpmInject.setupSdk()
10471
+ // In this case neither the --json nor the --file flag was passed
10472
+ // Dump the JSON to CLI and let NodeJS deal with truncation
10155
10473
 
10156
- // Lazily access constants.spinner.
10157
- const { spinner } = constants
10158
- spinner.start('Requesting the scan to be deleted...')
10159
- const result = await handleApiCall(
10160
- sockSdk.deleteOrgFullScan(orgSlug, scanId),
10161
- 'Deleting scan'
10474
+ logger.logger.log('Diff scan result:')
10475
+ logger.logger.log(
10476
+ require$$0.inspect(result, {
10477
+ showHidden: false,
10478
+ depth: depth > 0 ? depth : null,
10479
+ colors: true,
10480
+ maxArrayLength: null
10481
+ })
10162
10482
  )
10163
- spinner.successAndStop('Received response for deleting a scan.')
10164
- if (!result.success) {
10165
- handleUnsuccessfulApiResponse('deleteOrgFullScan', result)
10166
- }
10167
- return result.data
10168
- }
10169
-
10170
- async function outputDeleteScan(_data) {
10171
- logger.logger.success('Scan deleted successfully')
10483
+ logger.logger.error(
10484
+ `\n 📝 To display the detailed report in the terminal, use the --json flag. For a friendlier report, use the --markdown flag.\n`
10485
+ )
10486
+ logger.logger.log(dashboardMessage)
10172
10487
  }
10173
10488
 
10174
- async function handleDeleteScan(orgSlug, scanId) {
10175
- const data = await fetchDeleteOrgFullScan(orgSlug, scanId)
10489
+ async function handleDiffScan({ depth, file, id1, id2, orgSlug, outputKind }) {
10490
+ const data = await fetchDiffScan({
10491
+ id1,
10492
+ id2,
10493
+ orgSlug
10494
+ })
10176
10495
  if (!data) {
10177
10496
  return
10178
10497
  }
10179
- await outputDeleteScan()
10498
+ await outputDiffScan(data, {
10499
+ depth,
10500
+ file,
10501
+ outputKind
10502
+ })
10180
10503
  }
10181
10504
 
10182
10505
  const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$6 } = constants
10506
+ const SOCKET_SBOM_URL_PREFIX =
10507
+ 'https://socket.dev/dashboard/org/SocketDev/sbom/'
10183
10508
  const config$6 = {
10184
- commandName: 'del',
10185
- description: 'Delete a scan',
10509
+ commandName: 'diff',
10510
+ description: 'See what changed between two Scans',
10186
10511
  hidden: false,
10187
10512
  flags: {
10188
10513
  ...commonFlags,
10189
- ...outputFlags
10514
+ ...outputFlags,
10515
+ depth: {
10516
+ type: 'number',
10517
+ default: 2,
10518
+ description:
10519
+ 'Max depth of JSON to display before truncating, use zero for no limit (without --json/--file)'
10520
+ },
10521
+ file: {
10522
+ type: 'string',
10523
+ shortFlag: 'f',
10524
+ default: '',
10525
+ description:
10526
+ 'Path to a local file where the output should be saved. Use `-` to force stdout.'
10527
+ }
10190
10528
  },
10191
10529
  help: (command, config) => `
10192
10530
  Usage
10193
- $ ${command} <org slug> <scan ID>
10531
+ $ ${command} <org slug> <ID1> <ID2>
10194
10532
 
10195
10533
  API Token Requirements
10196
10534
  - Quota: 1 unit
10197
- - Permissions: full-scans:delete
10535
+ - Permissions: full-scans:list
10536
+
10537
+ This command displays the package changes between two scans. The full output
10538
+ can be pretty large depending on the size of your repo and time range. It is
10539
+ best stored to disk (with --json) to be further analyzed by other tools.
10540
+
10541
+ Note: First Scan ID is assumed to be the older ID. This is only relevant for
10542
+ the added/removed list (similar to diffing two files with git).
10198
10543
 
10199
10544
  Options
10200
10545
  ${getFlagListOutput(config.flags, 6)}
10201
10546
 
10202
10547
  Examples
10203
- $ ${command} FakeOrg 000aaaa1-0000-0a0a-00a0-00a0000000a0
10548
+ $ ${command} FakeCorp aaa0aa0a-aaaa-0000-0a0a-0000000a00a0 aaa1aa1a-aaaa-1111-1a1a-1111111a11a1
10549
+ $ ${command} FakeCorp aaa0aa0a-aaaa-0000-0a0a-0000000a00a0 aaa1aa1a-aaaa-1111-1a1a-1111111a11a1 --json
10204
10550
  `
10205
10551
  }
10206
- const cmdScanDel = {
10552
+ const cmdScanDiff = {
10207
10553
  description: config$6.description,
10208
10554
  hidden: config$6.hidden,
10209
10555
  run: run$6
@@ -10215,27 +10561,46 @@ async function run$6(argv, importMeta, { parentName }) {
10215
10561
  importMeta,
10216
10562
  parentName
10217
10563
  })
10564
+ const { depth, file, json, markdown } = cli.flags
10218
10565
  const defaultOrgSlug = shadowNpmInject.getConfigValue('defaultOrg')
10219
10566
  const orgSlug = defaultOrgSlug || cli.input[0] || ''
10220
- const scanId = (defaultOrgSlug ? cli.input[0] : cli.input[1]) || ''
10567
+ let id1 = cli.input[defaultOrgSlug ? 0 : 1] || ''
10568
+ let id2 = cli.input[defaultOrgSlug ? 1 : 2] || ''
10569
+ if (id1.startsWith(SOCKET_SBOM_URL_PREFIX)) {
10570
+ id1 = id1.slice(SOCKET_SBOM_URL_PREFIX.length)
10571
+ }
10572
+ if (id2.startsWith(SOCKET_SBOM_URL_PREFIX)) {
10573
+ id2 = id2.slice(SOCKET_SBOM_URL_PREFIX.length)
10574
+ }
10221
10575
  const apiToken = shadowNpmInject.getDefaultToken()
10222
10576
  const wasBadInput = handleBadInput(
10223
10577
  {
10224
- nook: !!defaultOrgSlug,
10225
- test: !!orgSlug && orgSlug !== '.',
10226
- message: 'Org name as the first argument',
10578
+ test: !!(id1 && id2),
10579
+ message:
10580
+ 'Specify two Scan IDs.\nA Scan ID looks like `aaa0aa0a-aaaa-0000-0a0a-0000000a00a0`.',
10227
10581
  pass: 'ok',
10228
10582
  fail:
10229
- orgSlug === '.'
10230
- ? 'dot is an invalid org, most likely you forgot the org name here?'
10231
- : 'missing'
10583
+ !id1 && !id2
10584
+ ? 'missing both Scan IDs'
10585
+ : !id2
10586
+ ? 'missing second Scan ID'
10587
+ : 'missing first Scan ID' // Not sure how this can happen but ok.
10232
10588
  },
10233
10589
  {
10234
- test: !!scanId,
10235
- message: 'Scan ID to delete',
10590
+ test: !!orgSlug,
10591
+ nook: true,
10592
+ message: 'Org name as the first argument',
10236
10593
  pass: 'ok',
10237
10594
  fail: 'missing'
10238
10595
  },
10596
+ {
10597
+ nook: true,
10598
+ test: !json || !markdown,
10599
+ message:
10600
+ 'The `--json` and `--markdown` flags can not be used at the same time',
10601
+ pass: 'ok',
10602
+ fail: 'bad'
10603
+ },
10239
10604
  {
10240
10605
  nook: true,
10241
10606
  test: !!apiToken,
@@ -10252,15 +10617,24 @@ async function run$6(argv, importMeta, { parentName }) {
10252
10617
  logger.logger.log(DRY_RUN_BAIL_TEXT$6)
10253
10618
  return
10254
10619
  }
10255
- await handleDeleteScan(orgSlug, scanId)
10620
+ await handleDiffScan({
10621
+ id1: String(id1 || ''),
10622
+ id2: String(id2 || ''),
10623
+ depth: Number(depth),
10624
+ orgSlug,
10625
+ outputKind: json ? 'json' : markdown ? 'markdown' : 'text',
10626
+ file: String(file || '')
10627
+ })
10256
10628
  }
10257
10629
 
10258
10630
  async function fetchListScans({
10631
+ branch,
10259
10632
  direction,
10260
10633
  from_time,
10261
10634
  orgSlug,
10262
10635
  page,
10263
10636
  per_page,
10637
+ repo,
10264
10638
  sort
10265
10639
  }) {
10266
10640
  const sockSdk = await shadowNpmInject.setupSdk()
@@ -10270,6 +10644,16 @@ async function fetchListScans({
10270
10644
  spinner.start('Fetching list of scans...')
10271
10645
  const result = await handleApiCall(
10272
10646
  sockSdk.getOrgFullScanList(orgSlug, {
10647
+ ...(branch
10648
+ ? {
10649
+ branch
10650
+ }
10651
+ : {}),
10652
+ ...(repo
10653
+ ? {
10654
+ repo
10655
+ }
10656
+ : {}),
10273
10657
  sort,
10274
10658
  direction,
10275
10659
  per_page: String(per_page),
@@ -10301,6 +10685,10 @@ async function outputListScans(data, outputKind) {
10301
10685
  field: 'report_url',
10302
10686
  name: vendor.yoctocolorsCjsExports.magenta('Scan URL')
10303
10687
  },
10688
+ {
10689
+ field: 'repo',
10690
+ name: vendor.yoctocolorsCjsExports.magenta('Repo')
10691
+ },
10304
10692
  {
10305
10693
  field: 'branch',
10306
10694
  name: vendor.yoctocolorsCjsExports.magenta('Branch')
@@ -10324,6 +10712,7 @@ async function outputListScans(data, outputKind) {
10324
10712
  day: 'numeric'
10325
10713
  })
10326
10714
  : '',
10715
+ repo: d.repo,
10327
10716
  branch: d.branch
10328
10717
  }
10329
10718
  })
@@ -10331,20 +10720,24 @@ async function outputListScans(data, outputKind) {
10331
10720
  }
10332
10721
 
10333
10722
  async function handleListScans({
10723
+ branch,
10334
10724
  direction,
10335
10725
  from_time,
10336
10726
  orgSlug,
10337
10727
  outputKind,
10338
10728
  page,
10339
10729
  per_page,
10730
+ repo,
10340
10731
  sort
10341
10732
  }) {
10342
10733
  const data = await fetchListScans({
10734
+ branch,
10343
10735
  direction,
10344
10736
  from_time,
10345
10737
  orgSlug,
10346
10738
  page,
10347
10739
  per_page,
10740
+ repo,
10348
10741
  sort
10349
10742
  })
10350
10743
  if (!data) {
@@ -10361,12 +10754,9 @@ const config$5 = {
10361
10754
  flags: {
10362
10755
  ...commonFlags,
10363
10756
  ...outputFlags,
10364
- sort: {
10757
+ branch: {
10365
10758
  type: 'string',
10366
- shortFlag: 's',
10367
- default: 'created_at',
10368
- description:
10369
- 'Sorting option (`name` or `created_at`) - default is `created_at`'
10759
+ description: 'Filter to show only scans with this branch name'
10370
10760
  },
10371
10761
  direction: {
10372
10762
  type: 'string',
@@ -10374,11 +10764,11 @@ const config$5 = {
10374
10764
  default: 'desc',
10375
10765
  description: 'Direction option (`desc` or `asc`) - Default is `desc`'
10376
10766
  },
10377
- perPage: {
10378
- type: 'number',
10379
- shortFlag: 'pp',
10380
- default: 30,
10381
- description: 'Results per page - Default is 30'
10767
+ fromTime: {
10768
+ type: 'string',
10769
+ shortFlag: 'f',
10770
+ default: '',
10771
+ description: 'From time - as a unix timestamp'
10382
10772
  },
10383
10773
  page: {
10384
10774
  type: 'number',
@@ -10386,11 +10776,22 @@ const config$5 = {
10386
10776
  default: 1,
10387
10777
  description: 'Page number - Default is 1'
10388
10778
  },
10389
- fromTime: {
10779
+ perPage: {
10780
+ type: 'number',
10781
+ shortFlag: 'pp',
10782
+ default: 30,
10783
+ description: 'Results per page - Default is 30'
10784
+ },
10785
+ repo: {
10390
10786
  type: 'string',
10391
- shortFlag: 'f',
10392
- default: '',
10393
- description: 'From time - as a unix timestamp'
10787
+ description: 'Filter to show only scans with this repository name'
10788
+ },
10789
+ sort: {
10790
+ type: 'string',
10791
+ shortFlag: 's',
10792
+ default: 'created_at',
10793
+ description:
10794
+ 'Sorting option (`name` or `created_at`) - default is `created_at`'
10394
10795
  },
10395
10796
  untilTime: {
10396
10797
  type: 'string',
@@ -10426,7 +10827,7 @@ async function run$5(argv, importMeta, { parentName }) {
10426
10827
  importMeta,
10427
10828
  parentName
10428
10829
  })
10429
- const { json, markdown } = cli.flags
10830
+ const { branch, json, markdown, repo } = cli.flags
10430
10831
  const defaultOrgSlug = shadowNpmInject.getConfigValue('defaultOrg')
10431
10832
  const orgSlug = defaultOrgSlug || cli.input[0] || ''
10432
10833
  const apiToken = shadowNpmInject.getDefaultToken()
@@ -10465,12 +10866,14 @@ async function run$5(argv, importMeta, { parentName }) {
10465
10866
  return
10466
10867
  }
10467
10868
  await handleListScans({
10869
+ branch: branch ? String(branch) : '',
10468
10870
  direction: String(cli.flags['direction'] || ''),
10469
10871
  from_time: String(cli.flags['fromTime'] || ''),
10470
10872
  orgSlug,
10471
10873
  outputKind: json ? 'json' : markdown ? 'markdown' : 'print',
10472
10874
  page: Number(cli.flags['page'] || 1),
10473
10875
  per_page: Number(cli.flags['perPage'] || 30),
10876
+ repo: repo ? String(repo) : '',
10474
10877
  sort: String(cli.flags['sort'] || '')
10475
10878
  })
10476
10879
  }
@@ -10960,6 +11363,7 @@ const cmdScan = {
10960
11363
  create: cmdScanCreate,
10961
11364
  list: cmdScanList,
10962
11365
  del: cmdScanDel,
11366
+ diff: cmdScanDiff,
10963
11367
  metadata: cmdScanMetadata,
10964
11368
  report: cmdScanReport,
10965
11369
  view: cmdScanView
@@ -11328,7 +11732,7 @@ async function run$1(argv, importMeta, { parentName }) {
11328
11732
  }
11329
11733
 
11330
11734
  function addSocketWrapper(file) {
11331
- return require$$0.appendFile(
11735
+ return fs$1.appendFile(
11332
11736
  file,
11333
11737
  'alias npm="socket npm"\nalias npx="socket npx"\n',
11334
11738
  err => {
@@ -11337,7 +11741,7 @@ function addSocketWrapper(file) {
11337
11741
  }
11338
11742
  // TODO: pretty sure you need to source the file or restart
11339
11743
  // any terminal session before changes are reflected.
11340
- logger.logger.log(vendor.stripIndents`
11744
+ logger.logger.log(vendor.html`
11341
11745
  The alias was added to ${file}. Running 'npm install' will now be wrapped in Socket's "safe npm" 🎉
11342
11746
  If you want to disable it at any time, run \`socket wrapper --disable\`
11343
11747
  `)
@@ -11346,7 +11750,7 @@ If you want to disable it at any time, run \`socket wrapper --disable\`
11346
11750
  }
11347
11751
 
11348
11752
  function checkSocketWrapperSetup(file) {
11349
- const fileContent = require$$0.readFileSync(file, 'utf8')
11753
+ const fileContent = fs$1.readFileSync(file, 'utf8')
11350
11754
  const linesWithSocketAlias = fileContent
11351
11755
  .split('\n')
11352
11756
  .filter(
@@ -11365,11 +11769,10 @@ async function postinstallWrapper() {
11365
11769
  // Lazily access constants.bashRcPath and constants.zshRcPath.
11366
11770
  const { bashRcPath, zshRcPath } = constants
11367
11771
  const socketWrapperEnabled =
11368
- (require$$0.existsSync(bashRcPath) &&
11369
- checkSocketWrapperSetup(bashRcPath)) ||
11370
- (require$$0.existsSync(zshRcPath) && checkSocketWrapperSetup(zshRcPath))
11772
+ (fs$1.existsSync(bashRcPath) && checkSocketWrapperSetup(bashRcPath)) ||
11773
+ (fs$1.existsSync(zshRcPath) && checkSocketWrapperSetup(zshRcPath))
11371
11774
  if (!socketWrapperEnabled) {
11372
- await installSafeNpm(vendor.stripIndents`
11775
+ await installSafeNpm(vendor.html`
11373
11776
  The Socket CLI is now successfully installed! 🎉
11374
11777
 
11375
11778
  To better protect yourself against supply-chain attacks, our "safe npm" wrapper can warn you about malicious packages whenever you run 'npm install'.
@@ -11394,10 +11797,10 @@ async function installSafeNpm(query) {
11394
11797
  // Lazily access constants.bashRcPath and constants.zshRcPath.
11395
11798
  const { bashRcPath, zshRcPath } = constants
11396
11799
  try {
11397
- if (require$$0.existsSync(bashRcPath)) {
11800
+ if (fs$1.existsSync(bashRcPath)) {
11398
11801
  addSocketWrapper(bashRcPath)
11399
11802
  }
11400
- if (require$$0.existsSync(zshRcPath)) {
11803
+ if (fs$1.existsSync(zshRcPath)) {
11401
11804
  addSocketWrapper(zshRcPath)
11402
11805
  }
11403
11806
  } catch (e) {
@@ -11409,7 +11812,7 @@ async function installSafeNpm(query) {
11409
11812
  }
11410
11813
 
11411
11814
  function removeSocketWrapper(file) {
11412
- return require$$0.readFile(file, 'utf8', function (err, data) {
11815
+ return fs$1.readFile(file, 'utf8', function (err, data) {
11413
11816
  if (err) {
11414
11817
  logger.logger.fail('There was an error removing the alias:')
11415
11818
  logger.logger.error(err)
@@ -11421,7 +11824,7 @@ function removeSocketWrapper(file) {
11421
11824
  l => l !== 'alias npm="socket npm"' && l !== 'alias npx="socket npx"'
11422
11825
  )
11423
11826
  const updatedFileContent = linesWithoutSocketAlias.join('\n')
11424
- require$$0.writeFile(file, updatedFileContent, function (err) {
11827
+ fs$1.writeFile(file, updatedFileContent, function (err) {
11425
11828
  if (err) {
11426
11829
  logger.logger.error(err)
11427
11830
  return
@@ -11509,27 +11912,21 @@ async function run(argv, importMeta, { parentName }) {
11509
11912
  // Lazily access constants.bashRcPath and constants.zshRcPath.
11510
11913
  const { bashRcPath, zshRcPath } = constants
11511
11914
  if (enable) {
11512
- if (
11513
- require$$0.existsSync(bashRcPath) &&
11514
- !checkSocketWrapperSetup(bashRcPath)
11515
- ) {
11915
+ if (fs$1.existsSync(bashRcPath) && !checkSocketWrapperSetup(bashRcPath)) {
11516
11916
  addSocketWrapper(bashRcPath)
11517
11917
  }
11518
- if (
11519
- require$$0.existsSync(zshRcPath) &&
11520
- !checkSocketWrapperSetup(zshRcPath)
11521
- ) {
11918
+ if (fs$1.existsSync(zshRcPath) && !checkSocketWrapperSetup(zshRcPath)) {
11522
11919
  addSocketWrapper(zshRcPath)
11523
11920
  }
11524
11921
  } else {
11525
- if (require$$0.existsSync(bashRcPath)) {
11922
+ if (fs$1.existsSync(bashRcPath)) {
11526
11923
  removeSocketWrapper(bashRcPath)
11527
11924
  }
11528
- if (require$$0.existsSync(zshRcPath)) {
11925
+ if (fs$1.existsSync(zshRcPath)) {
11529
11926
  removeSocketWrapper(zshRcPath)
11530
11927
  }
11531
11928
  }
11532
- if (!require$$0.existsSync(bashRcPath) && !require$$0.existsSync(zshRcPath)) {
11929
+ if (!fs$1.existsSync(bashRcPath) && !fs$1.existsSync(zshRcPath)) {
11533
11930
  logger.logger.fail(
11534
11931
  'There was an issue setting up the alias in your bash profile'
11535
11932
  )
@@ -11543,7 +11940,7 @@ void (async () => {
11543
11940
  await vendor.updater({
11544
11941
  name: SOCKET_CLI_BIN_NAME,
11545
11942
  // The '@rollup/plugin-replace' will replace "process.env['INLINED_SOCKET_CLI_VERSION']".
11546
- version: '0.14.103',
11943
+ version: '0.14.104',
11547
11944
  ttl: 86_400_000 /* 24 hours in milliseconds */
11548
11945
  })
11549
11946
  try {
@@ -11580,7 +11977,7 @@ void (async () => {
11580
11977
  argv: process$1.argv.slice(2),
11581
11978
  name: SOCKET_CLI_BIN_NAME,
11582
11979
  importMeta: {
11583
- url: `${require$$0$2.pathToFileURL(__filename)}`
11980
+ url: `${require$$0$1.pathToFileURL(__filename)}`
11584
11981
  }
11585
11982
  }
11586
11983
  )
@@ -11611,5 +12008,5 @@ void (async () => {
11611
12008
  await shadowNpmInject.captureException(e)
11612
12009
  }
11613
12010
  })()
11614
- //# debugId=e925b9d1-907d-4e63-b176-1eb32d8e7284
12011
+ //# debugId=efb43bfa-f612-4c54-a458-2dcec93289cb
11615
12012
  //# sourceMappingURL=cli.js.map