@socketsecurity/cli-with-sentry 0.14.103 → 0.14.105

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (27) hide show
  1. package/dist/constants.js +3 -3
  2. package/dist/constants.js.map +1 -1
  3. package/dist/instrument-with-sentry.js +2 -2
  4. package/dist/instrument-with-sentry.js.map +1 -1
  5. package/dist/module-sync/arborist-helpers.d.ts +69 -0
  6. package/dist/module-sync/cli.js +1560 -1165
  7. package/dist/module-sync/cli.js.map +1 -1
  8. package/dist/module-sync/index.d.ts +1 -1
  9. package/dist/module-sync/package-environment.d.ts +7 -7
  10. package/dist/module-sync/semver.d.ts +16 -0
  11. package/dist/module-sync/shadow-npm-inject.js +451 -431
  12. package/dist/module-sync/shadow-npm-inject.js.map +1 -1
  13. package/dist/module-sync/shadow-npm-paths.d.ts +23 -2
  14. package/dist/module-sync/shadow-npm-paths.js +135 -76
  15. package/dist/module-sync/shadow-npm-paths.js.map +1 -1
  16. package/dist/module-sync/vendor.js +25199 -25208
  17. package/dist/module-sync/vendor.js.map +1 -1
  18. package/dist/require/cli.js +1560 -1165
  19. package/dist/require/cli.js.map +1 -1
  20. package/dist/require/shadow-npm-inject.js +451 -431
  21. package/dist/require/shadow-npm-inject.js.map +1 -1
  22. package/dist/require/shadow-npm-paths.d.ts +23 -2
  23. package/dist/require/shadow-npm-paths.js +135 -76
  24. package/dist/require/shadow-npm-paths.js.map +1 -1
  25. package/package.json +9 -9
  26. package/dist/module-sync/shared.d.ts +0 -11
  27. package/dist/module-sync/types.d.ts +0 -27
package/dist/require/cli.js CHANGED
@@ -12,7 +12,7 @@ function _socketInterop(e) {
12
12
  }
13
13
 
14
14
  const process$1 = require('node:process')
15
- const require$$0$2 = require('node:url')
15
+ const require$$0$1 = require('node:url')
16
16
  const vendor = require('./vendor.js')
17
17
  const debug = require('@socketsecurity/registry/lib/debug')
18
18
  const logger = require('@socketsecurity/registry/lib/logger')
@@ -26,11 +26,11 @@ const objects = require('@socketsecurity/registry/lib/objects')
26
26
  const path = require('@socketsecurity/registry/lib/path')
27
27
  const regexps = require('@socketsecurity/registry/lib/regexps')
28
28
  const words = require('@socketsecurity/registry/lib/words')
29
- const require$$0 = require('node:fs')
29
+ const fs$1 = require('node:fs')
30
30
  const shadowBin = require('./shadow-bin.js')
31
31
  const prompts = require('@socketsecurity/registry/lib/prompts')
32
32
  const shadowNpmPaths = require('./shadow-npm-paths.js')
33
- const require$$0$1 = require('node:util')
33
+ const require$$0 = require('node:util')
34
34
  const arrays = require('@socketsecurity/registry/lib/arrays')
35
35
  const registry = require('@socketsecurity/registry')
36
36
  const npm = require('@socketsecurity/registry/lib/npm')
@@ -347,7 +347,7 @@ function renderJson(data) {
347
347
  }
348
348
  }
349
349
  function renderMarkdown(data, days, repoSlug) {
350
- return vendor.stripIndents`
350
+ return vendor.html`
351
351
  # Socket Alert Analytics
352
352
 
353
353
  These are the Socket.dev stats are analytics for the ${repoSlug ? `${repoSlug} repo` : 'org'} of the past ${days} days
@@ -387,7 +387,7 @@ ${[
387
387
  ]
388
388
  ]
389
389
  .map(
390
- ([title, table]) => vendor.stripIndents`
390
+ ([title, table]) => vendor.html`
391
391
  ## ${title}
392
392
 
393
393
  ${table}
@@ -900,7 +900,7 @@ function emitBanner(name) {
900
900
  logger.logger.error(getAsciiHeader(name))
901
901
  }
902
902
  function getAsciiHeader(command) {
903
- const cliVersion = '0.14.103:d303e97:055c3aba:pub' // The '@rollup/plugin-replace' will replace "process.env['INLINED_SOCKET_CLI_VERSION_HASH']".
903
+ const cliVersion = '0.14.105:2179d68:84daf9f9:pub' // The '@rollup/plugin-replace' will replace "process.env['INLINED_SOCKET_CLI_VERSION_HASH']".
904
904
  const nodeVersion = process$1.version
905
905
  const apiToken = shadowNpmInject.getDefaultToken()
906
906
  const shownToken = apiToken ? getLastFiveOfApiToken(apiToken) : 'no'
@@ -923,8 +923,8 @@ function getAsciiHeader(command) {
923
923
  return ` ${body}\n`
924
924
  }
925
925
 
926
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$H } = constants
927
- const config$K = {
926
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$I } = constants
927
+ const config$L = {
928
928
  commandName: 'analytics',
929
929
  description: `Look up analytics data`,
930
930
  hidden: false,
@@ -979,14 +979,14 @@ const config$K = {
979
979
  `
980
980
  }
981
981
  const cmdAnalytics = {
982
- description: config$K.description,
983
- hidden: config$K.hidden,
984
- run: run$K
982
+ description: config$L.description,
983
+ hidden: config$L.hidden,
984
+ run: run$L
985
985
  }
986
- async function run$K(argv, importMeta, { parentName }) {
986
+ async function run$L(argv, importMeta, { parentName }) {
987
987
  const cli = meowOrExit({
988
988
  argv,
989
- config: config$K,
989
+ config: config$L,
990
990
  importMeta,
991
991
  parentName
992
992
  })
@@ -1041,7 +1041,7 @@ async function run$K(argv, importMeta, { parentName }) {
1041
1041
  return
1042
1042
  }
1043
1043
  if (cli.flags['dryRun']) {
1044
- logger.logger.log(DRY_RUN_BAIL_TEXT$H)
1044
+ logger.logger.log(DRY_RUN_BAIL_TEXT$I)
1045
1045
  return
1046
1046
  }
1047
1047
  assert(assertScope(scope))
@@ -1216,8 +1216,8 @@ async function handleAuditLog({ logType, orgSlug, outputKind, page, perPage }) {
1216
1216
  })
1217
1217
  }
1218
1218
 
1219
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$G } = constants
1220
- const config$J = {
1219
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$H } = constants
1220
+ const config$K = {
1221
1221
  commandName: 'audit-log',
1222
1222
  description: 'Look up the audit log for an organization',
1223
1223
  hidden: false,
@@ -1262,14 +1262,14 @@ const config$J = {
1262
1262
  `
1263
1263
  }
1264
1264
  const cmdAuditLog = {
1265
- description: config$J.description,
1266
- hidden: config$J.hidden,
1267
- run: run$J
1265
+ description: config$K.description,
1266
+ hidden: config$K.hidden,
1267
+ run: run$K
1268
1268
  }
1269
- async function run$J(argv, importMeta, { parentName }) {
1269
+ async function run$K(argv, importMeta, { parentName }) {
1270
1270
  const cli = meowOrExit({
1271
1271
  argv,
1272
- config: config$J,
1272
+ config: config$K,
1273
1273
  importMeta,
1274
1274
  parentName
1275
1275
  })
@@ -1306,7 +1306,7 @@ async function run$J(argv, importMeta, { parentName }) {
1306
1306
  return
1307
1307
  }
1308
1308
  if (cli.flags['dryRun']) {
1309
- logger.logger.log(DRY_RUN_BAIL_TEXT$G)
1309
+ logger.logger.log(DRY_RUN_BAIL_TEXT$H)
1310
1310
  return
1311
1311
  }
1312
1312
  await handleAuditLog({
@@ -1322,7 +1322,7 @@ const {
1322
1322
  NPM: NPM$g,
1323
1323
  NPX: NPX$3,
1324
1324
  PACKAGE_LOCK_JSON,
1325
- PNPM: PNPM$b,
1325
+ PNPM: PNPM$a,
1326
1326
  YARN: YARN$1,
1327
1327
  YARN_LOCK
1328
1328
  } = constants
@@ -1331,7 +1331,7 @@ const nodejsPlatformTypes = new Set([
1331
1331
  'js',
1332
1332
  'nodejs',
1333
1333
  NPM$g,
1334
- PNPM$b,
1334
+ PNPM$a,
1335
1335
  'ts',
1336
1336
  'tsx',
1337
1337
  'typescript'
@@ -1346,9 +1346,9 @@ async function runCycloneDX(yargvWithYes) {
1346
1346
  if (
1347
1347
  yargv.type !== YARN$1 &&
1348
1348
  nodejsPlatformTypes.has(yargv.type) &&
1349
- require$$0.existsSync(`./${YARN_LOCK}`)
1349
+ fs$1.existsSync(`./${YARN_LOCK}`)
1350
1350
  ) {
1351
- if (require$$0.existsSync(`./${PACKAGE_LOCK_JSON}`)) {
1351
+ if (fs$1.existsSync(`./${PACKAGE_LOCK_JSON}`)) {
1352
1352
  yargv.type = NPM$g
1353
1353
  } else {
1354
1354
  // Use synp to create a package-lock.json from the yarn.lock,
@@ -1369,16 +1369,16 @@ async function runCycloneDX(yargvWithYes) {
1369
1369
  await shadowBin(NPX$3, [
1370
1370
  ...yesArgs,
1371
1371
  // The '@rollup/plugin-replace' will replace "process.env['INLINED_CYCLONEDX_CDXGEN_VERSION']".
1372
- `@cyclonedx/cdxgen@${'11.2.3'}`,
1372
+ `@cyclonedx/cdxgen@${'11.2.4'}`,
1373
1373
  ...argvToArray(yargv)
1374
1374
  ])
1375
1375
  if (cleanupPackageLock) {
1376
1376
  try {
1377
- await require$$0.promises.rm(`./${PACKAGE_LOCK_JSON}`)
1377
+ await fs$1.promises.rm(`./${PACKAGE_LOCK_JSON}`)
1378
1378
  } catch {}
1379
1379
  }
1380
1380
  const fullOutputPath = path$1.join(process$1.cwd(), yargv.output)
1381
- if (require$$0.existsSync(fullOutputPath)) {
1381
+ if (fs$1.existsSync(fullOutputPath)) {
1382
1382
  logger.logger.log(
1383
1383
  vendor.yoctocolorsCjsExports.cyanBright(`${yargv.output} created!`)
1384
1384
  )
@@ -1436,7 +1436,7 @@ function isHelpFlag(cmdArg) {
1436
1436
  }
1437
1437
 
1438
1438
  // import { meowOrExit } from '../../utils/meow-with-subcommands'
1439
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$F } = constants
1439
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$G } = constants
1440
1440
 
1441
1441
  // TODO: convert yargs to meow. Or convert all the other things to yargs.
1442
1442
  const toLower = arg => arg.toLowerCase()
@@ -1552,7 +1552,7 @@ const yargsConfig = {
1552
1552
  'spec-version'
1553
1553
  ]
1554
1554
  }
1555
- const config$I = {
1555
+ const config$J = {
1556
1556
  commandName: 'cdxgen',
1557
1557
  description: 'Create an SBOM with CycloneDX generator (cdxgen)',
1558
1558
  hidden: false,
@@ -1568,16 +1568,16 @@ const config$I = {
1568
1568
  `
1569
1569
  }
1570
1570
  const cmdCdxgen = {
1571
- description: config$I.description,
1572
- hidden: config$I.hidden,
1573
- run: run$I
1571
+ description: config$J.description,
1572
+ hidden: config$J.hidden,
1573
+ run: run$J
1574
1574
  }
1575
- async function run$I(argv, importMeta, { parentName }) {
1575
+ async function run$J(argv, importMeta, { parentName }) {
1576
1576
  const cli = meowOrExit({
1577
1577
  allowUnknownFlags: true,
1578
1578
  // Don't let meow take over --help.
1579
1579
  argv: argv.filter(a => !isHelpFlag(a)),
1580
- config: config$I,
1580
+ config: config$J,
1581
1581
  importMeta,
1582
1582
  parentName
1583
1583
  })
@@ -1599,7 +1599,7 @@ async function run$I(argv, importMeta, { parentName }) {
1599
1599
  return
1600
1600
  }
1601
1601
  if (cli.flags['dryRun']) {
1602
- logger.logger.log(DRY_RUN_BAIL_TEXT$F)
1602
+ logger.logger.log(DRY_RUN_BAIL_TEXT$G)
1603
1603
  return
1604
1604
  }
1605
1605
  if (yargv.output === undefined) {
@@ -2447,8 +2447,8 @@ async function handleCI() {
2447
2447
  })
2448
2448
  }
2449
2449
 
2450
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$E } = constants
2451
- const config$H = {
2450
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$F } = constants
2451
+ const config$I = {
2452
2452
  commandName: 'ci',
2453
2453
  description:
2454
2454
  'Create a new scan and report whether it passes your security policy',
@@ -2468,19 +2468,19 @@ const config$H = {
2468
2468
  `
2469
2469
  }
2470
2470
  const cmdCI = {
2471
- description: config$H.description,
2472
- hidden: config$H.hidden,
2473
- run: run$H
2471
+ description: config$I.description,
2472
+ hidden: config$I.hidden,
2473
+ run: run$I
2474
2474
  }
2475
- async function run$H(argv, importMeta, { parentName }) {
2475
+ async function run$I(argv, importMeta, { parentName }) {
2476
2476
  const cli = meowOrExit({
2477
2477
  argv,
2478
- config: config$H,
2478
+ config: config$I,
2479
2479
  importMeta,
2480
2480
  parentName
2481
2481
  })
2482
2482
  if (cli.flags['dryRun']) {
2483
- logger.logger.log(DRY_RUN_BAIL_TEXT$E)
2483
+ logger.logger.log(DRY_RUN_BAIL_TEXT$F)
2484
2484
  return
2485
2485
  }
2486
2486
  await handleCI()
@@ -2727,8 +2727,8 @@ async function handleConfigAuto({ key, outputKind }) {
2727
2727
  await outputConfigAuto(key, result, outputKind)
2728
2728
  }
2729
2729
 
2730
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$D } = constants
2731
- const config$G = {
2730
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$E } = constants
2731
+ const config$H = {
2732
2732
  commandName: 'auto',
2733
2733
  description: 'Automatically discover and set the correct value config item',
2734
2734
  hidden: false,
@@ -2759,14 +2759,14 @@ ${Array.from(shadowNpmInject.supportedConfigKeys.entries())
2759
2759
  `
2760
2760
  }
2761
2761
  const cmdConfigAuto = {
2762
- description: config$G.description,
2763
- hidden: config$G.hidden,
2764
- run: run$G
2762
+ description: config$H.description,
2763
+ hidden: config$H.hidden,
2764
+ run: run$H
2765
2765
  }
2766
- async function run$G(argv, importMeta, { parentName }) {
2766
+ async function run$H(argv, importMeta, { parentName }) {
2767
2767
  const cli = meowOrExit({
2768
2768
  argv,
2769
- config: config$G,
2769
+ config: config$H,
2770
2770
  importMeta,
2771
2771
  parentName
2772
2772
  })
@@ -2792,7 +2792,7 @@ async function run$G(argv, importMeta, { parentName }) {
2792
2792
  return
2793
2793
  }
2794
2794
  if (cli.flags['dryRun']) {
2795
- logger.logger.log(DRY_RUN_BAIL_TEXT$D)
2795
+ logger.logger.log(DRY_RUN_BAIL_TEXT$E)
2796
2796
  return
2797
2797
  }
2798
2798
  await handleConfigAuto({
@@ -2846,8 +2846,8 @@ async function handleConfigGet({ key, outputKind }) {
2846
2846
  await outputConfigGet(key, value, readOnly, outputKind)
2847
2847
  }
2848
2848
 
2849
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$C } = constants
2850
- const config$F = {
2849
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$D } = constants
2850
+ const config$G = {
2851
2851
  commandName: 'get',
2852
2852
  description: 'Get the value of a local CLI config item',
2853
2853
  hidden: false,
@@ -2873,14 +2873,14 @@ ${Array.from(shadowNpmInject.supportedConfigKeys.entries())
2873
2873
  `
2874
2874
  }
2875
2875
  const cmdConfigGet = {
2876
- description: config$F.description,
2877
- hidden: config$F.hidden,
2878
- run: run$F
2876
+ description: config$G.description,
2877
+ hidden: config$G.hidden,
2878
+ run: run$G
2879
2879
  }
2880
- async function run$F(argv, importMeta, { parentName }) {
2880
+ async function run$G(argv, importMeta, { parentName }) {
2881
2881
  const cli = meowOrExit({
2882
2882
  argv,
2883
- config: config$F,
2883
+ config: config$G,
2884
2884
  importMeta,
2885
2885
  parentName
2886
2886
  })
@@ -2906,7 +2906,7 @@ async function run$F(argv, importMeta, { parentName }) {
2906
2906
  return
2907
2907
  }
2908
2908
  if (cli.flags['dryRun']) {
2909
- logger.logger.log(DRY_RUN_BAIL_TEXT$C)
2909
+ logger.logger.log(DRY_RUN_BAIL_TEXT$D)
2910
2910
  return
2911
2911
  }
2912
2912
  await handleConfigGet({
@@ -2968,8 +2968,8 @@ async function outputConfigList({ full, outputKind }) {
2968
2968
  }
2969
2969
  }
2970
2970
 
2971
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$B } = constants
2972
- const config$E = {
2971
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$C } = constants
2972
+ const config$F = {
2973
2973
  commandName: 'list',
2974
2974
  description: 'Show all local CLI config items and their values',
2975
2975
  hidden: false,
@@ -3000,14 +3000,14 @@ ${Array.from(shadowNpmInject.supportedConfigKeys.entries())
3000
3000
  `
3001
3001
  }
3002
3002
  const cmdConfigList = {
3003
- description: config$E.description,
3004
- hidden: config$E.hidden,
3005
- run: run$E
3003
+ description: config$F.description,
3004
+ hidden: config$F.hidden,
3005
+ run: run$F
3006
3006
  }
3007
- async function run$E(argv, importMeta, { parentName }) {
3007
+ async function run$F(argv, importMeta, { parentName }) {
3008
3008
  const cli = meowOrExit({
3009
3009
  argv,
3010
- config: config$E,
3010
+ config: config$F,
3011
3011
  importMeta,
3012
3012
  parentName
3013
3013
  })
@@ -3024,7 +3024,7 @@ async function run$E(argv, importMeta, { parentName }) {
3024
3024
  return
3025
3025
  }
3026
3026
  if (cli.flags['dryRun']) {
3027
- logger.logger.log(DRY_RUN_BAIL_TEXT$B)
3027
+ logger.logger.log(DRY_RUN_BAIL_TEXT$C)
3028
3028
  return
3029
3029
  }
3030
3030
  await outputConfigList({
@@ -3069,8 +3069,8 @@ async function handleConfigSet({ key, outputKind, value }) {
3069
3069
  await outputConfigSet(key, value, readOnly, outputKind)
3070
3070
  }
3071
3071
 
3072
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$A } = constants
3073
- const config$D = {
3072
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$B } = constants
3073
+ const config$E = {
3074
3074
  commandName: 'set',
3075
3075
  description: 'Update the value of a local CLI config item',
3076
3076
  hidden: false,
@@ -3101,14 +3101,14 @@ ${Array.from(shadowNpmInject.supportedConfigKeys.entries())
3101
3101
  `
3102
3102
  }
3103
3103
  const cmdConfigSet = {
3104
- description: config$D.description,
3105
- hidden: config$D.hidden,
3106
- run: run$D
3104
+ description: config$E.description,
3105
+ hidden: config$E.hidden,
3106
+ run: run$E
3107
3107
  }
3108
- async function run$D(argv, importMeta, { parentName }) {
3108
+ async function run$E(argv, importMeta, { parentName }) {
3109
3109
  const cli = meowOrExit({
3110
3110
  argv,
3111
- config: config$D,
3111
+ config: config$E,
3112
3112
  importMeta,
3113
3113
  parentName
3114
3114
  })
@@ -3143,7 +3143,7 @@ async function run$D(argv, importMeta, { parentName }) {
3143
3143
  return
3144
3144
  }
3145
3145
  if (cli.flags['dryRun']) {
3146
- logger.logger.log(DRY_RUN_BAIL_TEXT$A)
3146
+ logger.logger.log(DRY_RUN_BAIL_TEXT$B)
3147
3147
  return
3148
3148
  }
3149
3149
  await handleConfigSet({
@@ -3175,8 +3175,8 @@ async function handleConfigUnset({ key, outputKind }) {
3175
3175
  await outputConfigUnset(key, outputKind)
3176
3176
  }
3177
3177
 
3178
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$z } = constants
3179
- const config$C = {
3178
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$A } = constants
3179
+ const config$D = {
3180
3180
  commandName: 'unset',
3181
3181
  description: 'Clear the value of a local CLI config item',
3182
3182
  hidden: false,
@@ -3202,14 +3202,14 @@ ${Array.from(shadowNpmInject.supportedConfigKeys.entries())
3202
3202
  `
3203
3203
  }
3204
3204
  const cmdConfigUnset = {
3205
- description: config$C.description,
3206
- hidden: config$C.hidden,
3207
- run: run$C
3205
+ description: config$D.description,
3206
+ hidden: config$D.hidden,
3207
+ run: run$D
3208
3208
  }
3209
- async function run$C(argv, importMeta, { parentName }) {
3209
+ async function run$D(argv, importMeta, { parentName }) {
3210
3210
  const cli = meowOrExit({
3211
3211
  argv,
3212
- config: config$C,
3212
+ config: config$D,
3213
3213
  importMeta,
3214
3214
  parentName
3215
3215
  })
@@ -3235,7 +3235,7 @@ async function run$C(argv, importMeta, { parentName }) {
3235
3235
  return
3236
3236
  }
3237
3237
  if (cli.flags['dryRun']) {
3238
- logger.logger.log(DRY_RUN_BAIL_TEXT$z)
3238
+ logger.logger.log(DRY_RUN_BAIL_TEXT$A)
3239
3239
  return
3240
3240
  }
3241
3241
  await handleConfigUnset({
@@ -3362,8 +3362,8 @@ async function handleDependencies({ limit, offset, outputKind }) {
3362
3362
  })
3363
3363
  }
3364
3364
 
3365
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$y } = constants
3366
- const config$B = {
3365
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$z } = constants
3366
+ const config$C = {
3367
3367
  commandName: 'dependencies',
3368
3368
  description:
3369
3369
  'Search for any dependency that is being used in your organization',
@@ -3400,14 +3400,14 @@ const config$B = {
3400
3400
  `
3401
3401
  }
3402
3402
  const cmdScanCreate$1 = {
3403
- description: config$B.description,
3404
- hidden: config$B.hidden,
3405
- run: run$B
3403
+ description: config$C.description,
3404
+ hidden: config$C.hidden,
3405
+ run: run$C
3406
3406
  }
3407
- async function run$B(argv, importMeta, { parentName }) {
3407
+ async function run$C(argv, importMeta, { parentName }) {
3408
3408
  const cli = meowOrExit({
3409
3409
  argv,
3410
- config: config$B,
3410
+ config: config$C,
3411
3411
  importMeta,
3412
3412
  parentName
3413
3413
  })
@@ -3435,7 +3435,7 @@ async function run$B(argv, importMeta, { parentName }) {
3435
3435
  return
3436
3436
  }
3437
3437
  if (cli.flags['dryRun']) {
3438
- logger.logger.log(DRY_RUN_BAIL_TEXT$y)
3438
+ logger.logger.log(DRY_RUN_BAIL_TEXT$z)
3439
3439
  return
3440
3440
  }
3441
3441
  await handleDependencies({
@@ -3445,7 +3445,7 @@ async function run$B(argv, importMeta, { parentName }) {
3445
3445
  })
3446
3446
  }
3447
3447
 
3448
- async function fetchDiffScan({ after, before, orgSlug }) {
3448
+ async function fetchDiffScan$1({ after, before, orgSlug }) {
3449
3449
  const apiToken = shadowNpmInject.getDefaultToken()
3450
3450
 
3451
3451
  // Lazily access constants.spinner.
@@ -3468,7 +3468,7 @@ async function fetchDiffScan({ after, before, orgSlug }) {
3468
3468
  return result
3469
3469
  }
3470
3470
 
3471
- async function outputDiffScan(result, { depth, file, outputKind }) {
3471
+ async function outputDiffScan$1(result, { depth, file, outputKind }) {
3472
3472
  const dashboardUrl = result.diff_report_url
3473
3473
  const dashboardMessage = dashboardUrl
3474
3474
  ? `\n View this diff scan in the Socket dashboard: ${vendor.yoctocolorsCjsExports.cyan(dashboardUrl)}`
@@ -3490,7 +3490,7 @@ async function outputDiffScan(result, { depth, file, outputKind }) {
3490
3490
  }
3491
3491
  if (file && file !== '-') {
3492
3492
  logger.logger.log(`Writing json to \`${file}\``)
3493
- require$$0.writeFile(file, JSON.stringify(result, null, 2), err => {
3493
+ fs$1.writeFile(file, JSON.stringify(result, null, 2), err => {
3494
3494
  if (err) {
3495
3495
  logger.logger.fail(`Writing to \`${file}\` failed...`)
3496
3496
  logger.logger.error(err)
@@ -3513,7 +3513,7 @@ async function outputDiffScan(result, { depth, file, outputKind }) {
3513
3513
 
3514
3514
  logger.logger.log('Diff scan result:')
3515
3515
  logger.logger.log(
3516
- require$$0$1.inspect(result, {
3516
+ require$$0.inspect(result, {
3517
3517
  showHidden: false,
3518
3518
  depth: depth > 0 ? depth : null,
3519
3519
  colors: true,
@@ -3526,7 +3526,7 @@ async function outputDiffScan(result, { depth, file, outputKind }) {
3526
3526
  logger.logger.log(dashboardMessage)
3527
3527
  }
3528
3528
 
3529
- async function handleDiffScan({
3529
+ async function handleDiffScan$1({
3530
3530
  after,
3531
3531
  before,
3532
3532
  depth,
@@ -3534,7 +3534,7 @@ async function handleDiffScan({
3534
3534
  orgSlug,
3535
3535
  outputKind
3536
3536
  }) {
3537
- const data = await fetchDiffScan({
3537
+ const data = await fetchDiffScan$1({
3538
3538
  after,
3539
3539
  before,
3540
3540
  orgSlug
@@ -3542,15 +3542,15 @@ async function handleDiffScan({
3542
3542
  if (!data) {
3543
3543
  return
3544
3544
  }
3545
- await outputDiffScan(data, {
3545
+ await outputDiffScan$1(data, {
3546
3546
  depth,
3547
3547
  file,
3548
3548
  outputKind
3549
3549
  })
3550
3550
  }
3551
3551
 
3552
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$x } = constants
3553
- const config$A = {
3552
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$y } = constants
3553
+ const config$B = {
3554
3554
  commandName: 'get',
3555
3555
  description: 'Get a diff scan for an organization',
3556
3556
  hidden: false,
@@ -3609,14 +3609,14 @@ const config$A = {
3609
3609
  `
3610
3610
  }
3611
3611
  const cmdDiffScanGet = {
3612
- description: config$A.description,
3613
- hidden: config$A.hidden,
3614
- run: run$A
3612
+ description: config$B.description,
3613
+ hidden: config$B.hidden,
3614
+ run: run$B
3615
3615
  }
3616
- async function run$A(argv, importMeta, { parentName }) {
3616
+ async function run$B(argv, importMeta, { parentName }) {
3617
3617
  const cli = meowOrExit({
3618
3618
  argv,
3619
- config: config$A,
3619
+ config: config$B,
3620
3620
  importMeta,
3621
3621
  parentName
3622
3622
  })
@@ -3664,11 +3664,14 @@ async function run$A(argv, importMeta, { parentName }) {
3664
3664
  if (wasBadInput) {
3665
3665
  return
3666
3666
  }
3667
+ logger.logger.fail(
3668
+ 'Warning: this command is deprecated in favor of `socket scan diff` and will be removed in the next major bump.'
3669
+ )
3667
3670
  if (cli.flags['dryRun']) {
3668
- logger.logger.log(DRY_RUN_BAIL_TEXT$x)
3671
+ logger.logger.log(DRY_RUN_BAIL_TEXT$y)
3669
3672
  return
3670
3673
  }
3671
- await handleDiffScan({
3674
+ await handleDiffScan$1({
3672
3675
  before: String(before || ''),
3673
3676
  after: String(after || ''),
3674
3677
  depth: Number(depth),
@@ -3717,28 +3720,34 @@ function getBaseGitBranch() {
3717
3720
  'main'
3718
3721
  )
3719
3722
  }
3720
- function getSocketBranchName(purl, toVersion) {
3723
+ function getSocketBranchName(purl, newVersion, workspaceName) {
3721
3724
  const purlObj = packageurlJs.PackageURL.fromString(purl)
3722
- const namespace = formatBranchName(purlObj.namespace ?? '')
3723
- const name = formatBranchName(purlObj.name)
3724
- const version = formatBranchName(toVersion)
3725
- const fullName = `${namespace ? `${namespace}-` : ''}${name}`
3726
- return `socket-fix-${fullName}-${version}`
3725
+ const maybeWorkspaceName = workspaceName
3726
+ ? `${formatBranchName(workspaceName)}-`
3727
+ : ''
3728
+ const maybeNamespace = purlObj.namespace
3729
+ ? `${formatBranchName(purlObj.namespace)}-`
3730
+ : ''
3731
+ const fullName = `${maybeWorkspaceName}${maybeNamespace}${formatBranchName(purlObj.name)}`
3732
+ return `socket-fix-${fullName}-${formatBranchName(newVersion)}`
3727
3733
  }
3728
- function getSocketPullRequestTitle(purl, toVersion) {
3734
+ function getSocketPullRequestTitle(purl, newVersion, workspaceName) {
3729
3735
  const purlObj = packageurlJs.PackageURL.fromString(purl)
3730
3736
  const pkgName = getPkgNameFromPurlObj(purlObj)
3731
- return `Bump ${pkgName} from ${purlObj.version} to ${toVersion}`
3737
+ const workspaceDetails = workspaceName ? ` in ${workspaceName}` : ''
3738
+ return `Bump ${pkgName} from ${purlObj.version} to ${newVersion}${workspaceDetails}`
3732
3739
  }
3733
- function getSocketPullRequestBody(purl, toVersion) {
3740
+ function getSocketPullRequestBody(purl, newVersion, workspaceName) {
3734
3741
  const purlObj = packageurlJs.PackageURL.fromString(purl)
3735
3742
  const pkgName = getPkgNameFromPurlObj(purlObj)
3736
- return `Bumps [${pkgName}](https://socket.dev/${purlObj.type}/package/${pkgName}) from ${purlObj.version} to ${toVersion}.`
3743
+ const workspaceDetails = workspaceName ? ` in ${workspaceName}` : ''
3744
+ return `Bumps [${pkgName}](https://socket.dev/${purlObj.type}/package/${pkgName}) from ${purlObj.version} to ${newVersion}${workspaceDetails}.`
3737
3745
  }
3738
- function getSocketCommitMessage(purl, toVersion) {
3746
+ function getSocketCommitMessage(purl, newVersion, workspaceName) {
3739
3747
  const purlObj = packageurlJs.PackageURL.fromString(purl)
3740
3748
  const pkgName = getPkgNameFromPurlObj(purlObj)
3741
- return `socket: Bump ${pkgName} from ${purlObj.version} to ${toVersion}`
3749
+ const workspaceDetails = workspaceName ? ` in ${workspaceName}` : ''
3750
+ return `socket: Bump ${pkgName} from ${purlObj.version} to ${newVersion}${workspaceDetails}`
3742
3751
  }
3743
3752
  async function gitBranchExists(branch, cwd = process.cwd()) {
3744
3753
  try {
@@ -3854,7 +3863,7 @@ async function enableAutoMerge({ node_id: prId, number: prNumber }) {
3854
3863
  const octokitGraphql = getOctokitGraphql()
3855
3864
  try {
3856
3865
  await octokitGraphql(
3857
- `
3866
+ vendor.html`
3858
3867
  mutation EnableAutoMerge($pullRequestId: ID!) {
3859
3868
  enablePullRequestAutoMerge(input: {
3860
3869
  pullRequestId: $pullRequestId,
@@ -3878,7 +3887,9 @@ async function enableAutoMerge({ node_id: prId, number: prNumber }) {
3878
3887
  } catch (e) {
3879
3888
  let message = `Failed to enable auto-merge for PR #${prNumber}`
3880
3889
  if (e instanceof vendor.GraphqlResponseError && e.errors) {
3881
- const details = e.errors.map(({ message }) => ` - ${message}`).join('\n')
3890
+ const details = e.errors
3891
+ .map(({ message }) => ` - ${message.trim()}`)
3892
+ .join('\n')
3882
3893
  message += `:\n${details}`
3883
3894
  }
3884
3895
  logger.logger.error(message)
@@ -3903,9 +3914,13 @@ async function openGitHubPullRequest(
3903
3914
  baseBranch,
3904
3915
  branch,
3905
3916
  purl,
3906
- toVersion,
3907
- cwd = process.cwd()
3917
+ newVersion,
3918
+ options
3908
3919
  ) {
3920
+ const { cwd = process.cwd(), workspaceName } = {
3921
+ __proto__: null,
3922
+ ...options
3923
+ }
3909
3924
  // Lazily access constants.ENV[GITHUB_ACTIONS].
3910
3925
  if (constants.ENV[GITHUB_ACTIONS]) {
3911
3926
  // Lazily access constants.ENV[SOCKET_SECURITY_GITHUB_PAT].
@@ -3922,10 +3937,10 @@ async function openGitHubPullRequest(
3922
3937
  return await octokit.pulls.create({
3923
3938
  owner,
3924
3939
  repo,
3925
- title: getSocketPullRequestTitle(purl, toVersion),
3940
+ title: getSocketPullRequestTitle(purl, newVersion, workspaceName),
3926
3941
  head: branch,
3927
3942
  base: baseBranch,
3928
- body: getSocketPullRequestBody(purl, toVersion)
3943
+ body: getSocketPullRequestBody(purl, newVersion, workspaceName)
3929
3944
  })
3930
3945
  } catch (e) {
3931
3946
  let message = `Failed to open pull request`
@@ -3935,7 +3950,7 @@ async function openGitHubPullRequest(
3935
3950
  const details = restErrors
3936
3951
  .map(
3937
3952
  restErr =>
3938
- `- ${restErr.message ?? `${restErr.resource}.${restErr.field} (${restErr.code})`}`
3953
+ `- ${restErr.message?.trim() ?? `${restErr.resource}.${restErr.field} (${restErr.code})`}`
3939
3954
  )
3940
3955
  .join('\n')
3941
3956
  message += `:\n${details}`
@@ -3961,17 +3976,17 @@ async function install$1(idealTree, options) {
3961
3976
  await arb2.reify()
3962
3977
  }
3963
3978
  async function npmFix(
3964
- _pkgEnvDetails,
3965
- { autoMerge, cwd, rangeStyle, spinner, test, testScript }
3979
+ pkgEnvDetails,
3980
+ { autoMerge, cwd, purls, rangeStyle, spinner, test, testScript }
3966
3981
  ) {
3967
3982
  spinner?.start()
3968
3983
  const arb = new shadowNpmInject.SafeArborist({
3969
- path: cwd,
3984
+ path: pkgEnvDetails.pkgPath,
3970
3985
  ...shadowNpmInject.SAFE_ARBORIST_REIFY_OPTIONS_OVERRIDES
3971
3986
  })
3972
3987
  // Calling arb.reify() creates the arb.diff object and nulls-out arb.idealTree.
3973
3988
  await arb.reify()
3974
- const alertsMap = await shadowNpmInject.getAlertsMapFromArborist(arb, {
3989
+ const alertMapOptions = {
3975
3990
  consolidate: true,
3976
3991
  include: {
3977
3992
  existing: true,
@@ -3979,18 +3994,27 @@ async function npmFix(
3979
3994
  upgradable: false
3980
3995
  },
3981
3996
  nothrow: true
3982
- })
3997
+ }
3998
+ const alertsMap = purls.length
3999
+ ? await shadowNpmInject.getAlertsMapFromPurls(purls, alertMapOptions)
4000
+ : await shadowNpmInject.getAlertsMapFromArborist(arb, alertMapOptions)
3983
4001
  const infoByPkg = shadowNpmInject.getCveInfoByAlertsMap(alertsMap)
3984
4002
  if (!infoByPkg) {
3985
4003
  spinner?.stop()
3986
4004
  return
3987
4005
  }
3988
- const editablePkgJson = await packages.readPackageJson(cwd, {
3989
- editable: true
3990
- })
4006
+
3991
4007
  // Lazily access constants.ENV[CI].
3992
4008
  const isCi = constants.ENV[CI$1]
3993
- const isRepo = await isInGitRepo(cwd)
4009
+ const { pkgPath: rootPath } = pkgEnvDetails
4010
+ const { 0: isRepo, 1: workspacePkgJsonPaths } = await Promise.all([
4011
+ isInGitRepo(cwd),
4012
+ shadowNpmPaths.globWorkspace(pkgEnvDetails)
4013
+ ])
4014
+ const pkgJsonPaths = [
4015
+ pkgEnvDetails.editablePkgJson.filename,
4016
+ ...workspacePkgJsonPaths
4017
+ ]
3994
4018
  await arb.buildIdealTree()
3995
4019
  for (const { 0: name, 1: infos } of infoByPkg) {
3996
4020
  const hasUpgrade = !!registry.getManifestData(NPM$f, name)
@@ -3998,25 +4022,26 @@ async function npmFix(
3998
4022
  spinner?.info(`Skipping ${name}. Socket Optimize package exists.`)
3999
4023
  continue
4000
4024
  }
4001
- const specs = arrays.arrayUnique(
4002
- shadowNpmInject
4003
- .findPackageNodes(arb.idealTree, name)
4004
- .map(n => `${n.name}@${n.version}`)
4025
+ const oldVersions = arrays.arrayUnique(
4026
+ shadowNpmInject.findPackageNodes(arb.idealTree, name).map(n => n.version)
4005
4027
  )
4006
4028
  const packument =
4007
- specs.length && infos.length
4029
+ oldVersions.length && infos.length
4008
4030
  ? // eslint-disable-next-line no-await-in-loop
4009
4031
  await packages.fetchPackagePackument(name)
4010
4032
  : null
4011
4033
  if (!packument) {
4012
4034
  continue
4013
4035
  }
4014
- for (const spec of specs) {
4015
- const lastAtSignIndex = spec.lastIndexOf('@')
4016
- const name = spec.slice(0, lastAtSignIndex)
4017
- const fromVersion = spec.slice(lastAtSignIndex + 1)
4018
- const fromSpec = `${name}@${fromVersion}`
4019
- const fromPurl = `pkg:npm/${fromSpec}`
4036
+ const failedSpecs = new Set()
4037
+ const fixedSpecs = new Set()
4038
+ const installedSpecs = new Set()
4039
+ const testedSpecs = new Set()
4040
+ const unavailableSpecs = new Set()
4041
+ const revertedSpecs = new Set()
4042
+ for (const oldVersion of oldVersions) {
4043
+ const oldSpec = `${name}@${oldVersion}`
4044
+ const oldPurl = `pkg:npm/${oldSpec}`
4020
4045
  for (const {
4021
4046
  firstPatchedVersionIdentifier,
4022
4047
  vulnerableVersionRange
@@ -4028,7 +4053,7 @@ async function npmFix(
4028
4053
  const node = shadowNpmInject.findPackageNode(
4029
4054
  arb.idealTree,
4030
4055
  name,
4031
- fromVersion
4056
+ oldVersion
4032
4057
  )
4033
4058
  if (!node) {
4034
4059
  continue
@@ -4036,130 +4061,172 @@ async function npmFix(
4036
4061
  if (
4037
4062
  !shadowNpmInject.updateNode(node, packument, vulnerableVersionRange)
4038
4063
  ) {
4039
- spinner?.fail(`Could not patch ${fromSpec}`)
4064
+ if (!unavailableSpecs.has(oldSpec)) {
4065
+ unavailableSpecs.add(oldSpec)
4066
+ spinner?.fail(`No update available for ${oldSpec}`)
4067
+ }
4040
4068
  continue
4041
4069
  }
4042
- const toVersion = node.package.version
4043
- const toVersionRange = shadowNpmInject.applyRange(
4044
- fromVersion,
4045
- toVersion,
4046
- rangeStyle
4047
- )
4048
- const toSpec = `${name}@${toVersionRange}`
4049
- const branch = isCi ? getSocketBranchName(fromPurl, toVersion) : ''
4050
- const { owner, repo } = isCi
4051
- ? getGitHubEnvRepoInfo()
4052
- : {
4053
- owner: '',
4054
- repo: ''
4055
- }
4056
- const shouldOpenPr = isCi
4057
- ? // eslint-disable-next-line no-await-in-loop
4058
- !(await doesPullRequestExistForBranch(owner, repo, branch))
4059
- : false
4060
- const revertData = {
4061
- ...(editablePkgJson.content.dependencies
4062
- ? {
4063
- dependencies: editablePkgJson.content.dependencies
4064
- }
4065
- : undefined),
4066
- ...(editablePkgJson.content.optionalDependencies
4067
- ? {
4068
- optionalDependencies:
4069
- editablePkgJson.content.optionalDependencies
4070
- }
4071
- : undefined),
4072
- ...(editablePkgJson.content.peerDependencies
4073
- ? {
4074
- peerDependencies: editablePkgJson.content.peerDependencies
4070
+ for (const pkgJsonPath of pkgJsonPaths) {
4071
+ const isWorkspaceRoot =
4072
+ pkgJsonPath === pkgEnvDetails.editablePkgJson.filename
4073
+ const workspaceName = isWorkspaceRoot
4074
+ ? ''
4075
+ : path$1.relative(rootPath, path$1.dirname(pkgJsonPath))
4076
+ const workspaceDetails = workspaceName ? ` in ${workspaceName}` : ''
4077
+ const editablePkgJson = isWorkspaceRoot
4078
+ ? pkgEnvDetails.editablePkgJson
4079
+ : // eslint-disable-next-line no-await-in-loop
4080
+ await packages.readPackageJson(pkgJsonPath, {
4081
+ editable: true
4082
+ })
4083
+ const newVersion = node.package.version
4084
+ const newVersionRange = shadowNpmInject.applyRange(
4085
+ oldVersion,
4086
+ newVersion,
4087
+ rangeStyle
4088
+ )
4089
+ const newSpec = `${name}@${newVersionRange}`
4090
+ const newSpecKey = `${workspaceName ? `${workspaceName}>` : ''}${newSpec}`
4091
+ const revertData = {
4092
+ ...(editablePkgJson.content.dependencies
4093
+ ? {
4094
+ dependencies: editablePkgJson.content.dependencies
4095
+ }
4096
+ : undefined),
4097
+ ...(editablePkgJson.content.optionalDependencies
4098
+ ? {
4099
+ optionalDependencies:
4100
+ editablePkgJson.content.optionalDependencies
4101
+ }
4102
+ : undefined),
4103
+ ...(editablePkgJson.content.peerDependencies
4104
+ ? {
4105
+ peerDependencies: editablePkgJson.content.peerDependencies
4106
+ }
4107
+ : undefined)
4108
+ }
4109
+ const branch = isCi
4110
+ ? getSocketBranchName(oldPurl, newVersion, workspaceName)
4111
+ : ''
4112
+ const baseBranch = isCi ? getBaseGitBranch() : ''
4113
+ const { owner, repo } = isCi
4114
+ ? getGitHubEnvRepoInfo()
4115
+ : {
4116
+ owner: '',
4117
+ repo: ''
4075
4118
  }
4076
- : undefined)
4077
- }
4078
- spinner?.info(`Installing ${toSpec}`)
4079
- const baseBranch = getBaseGitBranch()
4080
-
4081
- // eslint-disable-next-line no-await-in-loop
4082
- await gitCheckoutBaseBranchIfAvailable(baseBranch, cwd)
4083
- let error
4084
- let errored = false
4085
- let installed = false
4086
- let saved = false
4087
- try {
4119
+ const shouldOpenPr = isCi
4120
+ ? // eslint-disable-next-line no-await-in-loop
4121
+ !(await doesPullRequestExistForBranch(owner, repo, branch))
4122
+ : false
4123
+ if (isCi) {
4124
+ // eslint-disable-next-line no-await-in-loop
4125
+ await gitCheckoutBaseBranchIfAvailable(baseBranch, cwd)
4126
+ }
4088
4127
  shadowNpmInject.updatePackageJsonFromNode(
4089
4128
  editablePkgJson,
4090
4129
  arb.idealTree,
4091
4130
  node,
4092
- toVersion,
4131
+ newVersion,
4093
4132
  rangeStyle
4094
4133
  )
4095
- // eslint-disable-next-line no-await-in-loop
4096
- await editablePkgJson.save()
4097
- saved = true
4134
+ let error
4135
+ let errored = false
4136
+ let installed = false
4137
+ let saved = false
4098
4138
 
4099
4139
  // eslint-disable-next-line no-await-in-loop
4100
- await install$1(arb.idealTree, {
4101
- cwd
4102
- })
4103
- installed = true
4104
- if (test) {
4105
- spinner?.info(`Testing ${toSpec}`)
4106
- // eslint-disable-next-line no-await-in-loop
4107
- await npm.runScript(testScript, [], {
4108
- spinner,
4109
- stdio: 'ignore'
4110
- })
4111
- }
4112
- spinner?.successAndStop(`Fixed ${name}`)
4113
- spinner?.start()
4114
- } catch (e) {
4115
- error = e
4116
- errored = true
4117
- }
4118
- if (!errored && shouldOpenPr) {
4119
- // eslint-disable-next-line no-await-in-loop
4120
- await gitCreateAndPushBranchIfNeeded(
4121
- branch,
4122
- getSocketCommitMessage(fromPurl, toVersion),
4123
- cwd
4124
- )
4125
- // eslint-disable-next-line no-await-in-loop
4126
- const prResponse = await openGitHubPullRequest(
4127
- owner,
4128
- repo,
4129
- baseBranch,
4130
- branch,
4131
- fromPurl,
4132
- toVersion,
4133
- cwd
4134
- )
4135
- if (prResponse && autoMerge) {
4136
- // eslint-disable-next-line no-await-in-loop
4137
- await enableAutoMerge(prResponse.data)
4140
+ if (await editablePkgJson.save()) {
4141
+ saved = true
4138
4142
  }
4139
- }
4140
- if (errored || isCi) {
4141
- if (errored) {
4142
- spinner?.error(`Reverting ${toSpec}`, error)
4143
+ if (!installedSpecs.has(newSpecKey)) {
4144
+ testedSpecs.add(newSpecKey)
4145
+ spinner?.info(`Installing ${newSpec}${workspaceDetails}`)
4143
4146
  }
4144
- if (isRepo) {
4147
+ try {
4145
4148
  // eslint-disable-next-line no-await-in-loop
4146
- await gitHardReset(cwd)
4147
- }
4148
- if (saved) {
4149
- editablePkgJson.update(revertData)
4150
- if (!isRepo) {
4149
+ await install$1(arb.idealTree, {
4150
+ cwd
4151
+ })
4152
+ installed = true
4153
+ if (test) {
4154
+ if (!testedSpecs.has(newSpecKey)) {
4155
+ testedSpecs.add(newSpecKey)
4156
+ spinner?.info(`Testing ${newSpec}${workspaceDetails}`)
4157
+ }
4151
4158
  // eslint-disable-next-line no-await-in-loop
4152
- await editablePkgJson.save()
4159
+ await npm.runScript(testScript, [], {
4160
+ spinner,
4161
+ stdio: 'ignore'
4162
+ })
4153
4163
  }
4164
+ if (!fixedSpecs.has(newSpecKey)) {
4165
+ fixedSpecs.add(newSpecKey)
4166
+ spinner?.successAndStop(`Fixed ${name}${workspaceDetails}`)
4167
+ spinner?.start()
4168
+ }
4169
+ } catch (e) {
4170
+ error = e
4171
+ errored = true
4154
4172
  }
4155
- if (!isRepo && installed) {
4173
+ if (!errored && shouldOpenPr) {
4156
4174
  // eslint-disable-next-line no-await-in-loop
4157
- await install$1(revertTree, {
4175
+ await gitCreateAndPushBranchIfNeeded(
4176
+ branch,
4177
+ getSocketCommitMessage(oldPurl, newVersion, workspaceName),
4158
4178
  cwd
4159
- })
4179
+ )
4180
+ // eslint-disable-next-line no-await-in-loop
4181
+ const prResponse = await openGitHubPullRequest(
4182
+ owner,
4183
+ repo,
4184
+ baseBranch,
4185
+ branch,
4186
+ oldPurl,
4187
+ newVersion,
4188
+ {
4189
+ cwd,
4190
+ workspaceName
4191
+ }
4192
+ )
4193
+ if (prResponse && autoMerge) {
4194
+ // eslint-disable-next-line no-await-in-loop
4195
+ await enableAutoMerge(prResponse.data)
4196
+ }
4160
4197
  }
4161
- if (errored) {
4162
- spinner?.failAndStop(`Failed to fix ${fromSpec}`)
4198
+ if (errored || isCi) {
4199
+ if (errored) {
4200
+ if (!revertedSpecs.has(newSpecKey)) {
4201
+ revertedSpecs.add(newSpecKey)
4202
+ spinner?.error(`Reverting ${newSpec}${workspaceDetails}`, error)
4203
+ }
4204
+ }
4205
+ if (isRepo) {
4206
+ // eslint-disable-next-line no-await-in-loop
4207
+ await gitHardReset(cwd)
4208
+ }
4209
+ if (saved) {
4210
+ editablePkgJson.update(revertData)
4211
+ if (!isRepo) {
4212
+ // eslint-disable-next-line no-await-in-loop
4213
+ await editablePkgJson.save()
4214
+ }
4215
+ }
4216
+ if (!isRepo && installed) {
4217
+ // eslint-disable-next-line no-await-in-loop
4218
+ await install$1(revertTree, {
4219
+ cwd
4220
+ })
4221
+ }
4222
+ if (errored) {
4223
+ if (!failedSpecs.has(newSpecKey)) {
4224
+ failedSpecs.add(newSpecKey)
4225
+ spinner?.failAndStop(
4226
+ `Update failed for ${oldSpec}${workspaceDetails}`
4227
+ )
4228
+ }
4229
+ }
4163
4230
  }
4164
4231
  }
4165
4232
  }
@@ -4168,78 +4235,6 @@ async function npmFix(
4168
4235
  spinner?.stop()
4169
4236
  }
4170
4237
 
4171
- async function getAlertsMapFromPnpmLockfile(lockfile, options_) {
4172
- const options = {
4173
- __proto__: null,
4174
- consolidate: false,
4175
- nothrow: false,
4176
- ...options_
4177
- }
4178
- const include = {
4179
- __proto__: null,
4180
- actions: undefined,
4181
- blocked: true,
4182
- critical: true,
4183
- cve: true,
4184
- existing: false,
4185
- unfixable: true,
4186
- upgradable: false,
4187
- ...options.include
4188
- }
4189
- const { spinner } = options
4190
- const depTypes = vendor.libExports$2.detectDepTypes(lockfile)
4191
- const pkgIds = Object.keys(depTypes)
4192
- let { length: remaining } = pkgIds
4193
- const alertsByPkgId = new Map()
4194
- if (!remaining) {
4195
- return alertsByPkgId
4196
- }
4197
- const getText = () => `Looking up data for ${remaining} packages`
4198
- spinner?.start(getText())
4199
- const sockSdk = await shadowNpmInject.setupSdk(
4200
- shadowNpmInject.getPublicToken()
4201
- )
4202
- const toAlertsMapOptions = {
4203
- overrides: lockfile.overrides,
4204
- consolidate: options.consolidate,
4205
- include,
4206
- spinner
4207
- }
4208
- for await (const batchResult of sockSdk.batchPackageStream(
4209
- {
4210
- alerts: 'true',
4211
- compact: 'true',
4212
- fixable: include.unfixable ? 'false' : 'true'
4213
- },
4214
- {
4215
- components: pkgIds.map(id => ({
4216
- purl: `pkg:npm/${id}`
4217
- }))
4218
- }
4219
- )) {
4220
- if (batchResult.success) {
4221
- await shadowNpmInject.addArtifactToAlertsMap(
4222
- batchResult.data,
4223
- alertsByPkgId,
4224
- toAlertsMapOptions
4225
- )
4226
- } else if (!options.nothrow) {
4227
- const statusCode = batchResult.status ?? 'unknown'
4228
- const statusMessage = batchResult.error ?? 'No status message'
4229
- throw new Error(
4230
- `Socket API server error (${statusCode}): ${statusMessage}`
4231
- )
4232
- }
4233
- remaining -= 1
4234
- if (spinner && remaining > 0) {
4235
- spinner.start()
4236
- spinner.setText(getText())
4237
- }
4238
- }
4239
- spinner?.stop()
4240
- return alertsByPkgId
4241
- }
4242
-
4243
4238
  const {
4244
4239
  NPM: NPM$e,
4245
4240
  SOCKET_CLI_SAFE_BIN,
@@ -4330,7 +4325,7 @@ function safeNpmInstall(options) {
4330
4325
  return spawnPromise
4331
4326
  }
4332
4327
 
4333
- const { NPM: NPM$d, PNPM: PNPM$a } = constants
4328
+ const { NPM: NPM$d, PNPM: PNPM$9 } = constants
4334
4329
  function runAgentInstall(pkgEnvDetails, options) {
4335
4330
  const { agent, agentExecPath } = pkgEnvDetails
4336
4331
  // All package managers support the "install" command.
@@ -4349,7 +4344,7 @@ function runAgentInstall(pkgEnvDetails, options) {
4349
4344
  ...options
4350
4345
  }
4351
4346
  const skipNodeHardenFlags =
4352
- agent === PNPM$a && pkgEnvDetails.agentVersion.major < 11
4347
+ agent === PNPM$9 && pkgEnvDetails.agentVersion.major < 11
4353
4348
  return spawn.spawn(agentExecPath, ['install', ...args], {
4354
4349
  spinner,
4355
4350
  stdio: 'inherit',
@@ -4369,7 +4364,7 @@ function runAgentInstall(pkgEnvDetails, options) {
4369
4364
  })
4370
4365
  }
4371
4366
 
4372
- const { CI, NPM: NPM$c, OVERRIDES: OVERRIDES$2, PNPM: PNPM$9 } = constants
4367
+ const { CI, NPM: NPM$c, OVERRIDES: OVERRIDES$2, PNPM: PNPM$8 } = constants
4373
4368
  async function getActualTree(cwd = process.cwd()) {
4374
4369
  const arb = new shadowNpmInject.SafeArborist({
4375
4370
  path: cwd,
@@ -4391,15 +4386,18 @@ async function install(pkgEnvDetails, options) {
4391
4386
  }
4392
4387
  async function pnpmFix(
4393
4388
  pkgEnvDetails,
4394
- { autoMerge, cwd, rangeStyle, spinner, test, testScript }
4389
+ { autoMerge, cwd, purls, rangeStyle, spinner, test, testScript }
4395
4390
  ) {
4396
- const lockfile = await vendor.libExports$3.readWantedLockfile(cwd, {
4397
- ignoreIncompatible: false
4398
- })
4391
+ const lockfile = await vendor.libExports$3.readWantedLockfile(
4392
+ pkgEnvDetails.pkgPath,
4393
+ {
4394
+ ignoreIncompatible: false
4395
+ }
4396
+ )
4399
4397
  if (!lockfile) {
4400
4398
  return
4401
4399
  }
4402
- const alertsMap = await getAlertsMapFromPnpmLockfile(lockfile, {
4400
+ const alertMapOptions = {
4403
4401
  consolidate: true,
4404
4402
  include: {
4405
4403
  existing: true,
@@ -4407,43 +4405,61 @@ async function pnpmFix(
4407
4405
  upgradable: false
4408
4406
  },
4409
4407
  nothrow: true
4410
- })
4408
+ }
4409
+ const alertsMap = purls.length
4410
+ ? await shadowNpmInject.getAlertsMapFromPurls(purls, alertMapOptions)
4411
+ : await shadowNpmInject.getAlertsMapFromPnpmLockfile(
4412
+ lockfile,
4413
+ alertMapOptions
4414
+ )
4411
4415
  const infoByPkg = shadowNpmInject.getCveInfoByAlertsMap(alertsMap)
4412
4416
  if (!infoByPkg) {
4413
4417
  return
4414
4418
  }
4415
4419
  spinner?.start()
4416
- const editablePkgJson = await packages.readPackageJson(cwd, {
4417
- editable: true
4418
- })
4420
+
4419
4421
  // Lazily access constants.ENV[CI].
4420
4422
  const isCi = constants.ENV[CI]
4421
- const isRepo = await isInGitRepo(cwd)
4422
- let actualTree = await getActualTree(cwd)
4423
+ const { pkgPath: rootPath } = pkgEnvDetails
4424
+ const {
4425
+ 0: isRepo,
4426
+ 1: workspacePkgJsonPaths,
4427
+ 2: initialTree
4428
+ } = await Promise.all([
4429
+ isInGitRepo(cwd),
4430
+ shadowNpmPaths.globWorkspace(pkgEnvDetails),
4431
+ getActualTree(cwd)
4432
+ ])
4433
+ const pkgJsonPaths = [
4434
+ pkgEnvDetails.editablePkgJson.filename,
4435
+ ...workspacePkgJsonPaths
4436
+ ]
4437
+ let actualTree = initialTree
4423
4438
  for (const { 0: name, 1: infos } of infoByPkg) {
4424
4439
  if (registry.getManifestData(NPM$c, name)) {
4425
4440
  spinner?.info(`Skipping ${name}. Socket Optimize package exists.`)
4426
4441
  continue
4427
4442
  }
4428
- const specs = arrays.arrayUnique(
4429
- shadowNpmInject
4430
- .findPackageNodes(actualTree, name)
4431
- .map(n => `${n.name}@${n.version}`)
4443
+ const oldVersions = arrays.arrayUnique(
4444
+ shadowNpmInject.findPackageNodes(actualTree, name).map(n => n.version)
4432
4445
  )
4433
4446
  const packument =
4434
- specs.length && infos.length
4447
+ oldVersions.length && infos.length
4435
4448
  ? // eslint-disable-next-line no-await-in-loop
4436
4449
  await packages.fetchPackagePackument(name)
4437
4450
  : null
4438
4451
  if (!packument) {
4439
4452
  continue
4440
4453
  }
4441
- for (const spec of specs) {
4442
- const lastAtSignIndex = spec.lastIndexOf('@')
4443
- const name = spec.slice(0, lastAtSignIndex)
4444
- const fromVersion = spec.slice(lastAtSignIndex + 1)
4445
- const fromSpec = `${name}@${fromVersion}`
4446
- const fromPurl = `pkg:npm/${fromSpec}`
4454
+ const failedSpecs = new Set()
4455
+ const fixedSpecs = new Set()
4456
+ const installedSpecs = new Set()
4457
+ const testedSpecs = new Set()
4458
+ const unavailableSpecs = new Set()
4459
+ const revertedSpecs = new Set()
4460
+ for (const oldVersion of oldVersions) {
4461
+ const oldSpec = `${name}@${oldVersion}`
4462
+ const oldPurl = `pkg:npm/${oldSpec}`
4447
4463
  for (const {
4448
4464
  firstPatchedVersionIdentifier,
4449
4465
  vulnerableVersionRange
@@ -4451,177 +4467,219 @@ async function pnpmFix(
4451
4467
  const node = shadowNpmInject.findPackageNode(
4452
4468
  actualTree,
4453
4469
  name,
4454
- fromVersion
4470
+ oldVersion
4455
4471
  )
4456
4472
  if (!node) {
4457
4473
  continue
4458
4474
  }
4459
4475
  const availableVersions = Object.keys(packument.versions)
4460
- const toVersion = shadowNpmInject.findBestPatchVersion(
4476
+ const newVersion = shadowNpmInject.findBestPatchVersion(
4461
4477
  node,
4462
4478
  availableVersions,
4463
4479
  vulnerableVersionRange
4464
4480
  )
4465
- const targetPackument = toVersion
4466
- ? packument.versions[toVersion]
4481
+ const newVersionPackument = newVersion
4482
+ ? packument.versions[newVersion]
4467
4483
  : undefined
4468
- if (!(toVersion && targetPackument)) {
4469
- spinner?.fail(`Could not patch ${fromSpec}`)
4470
- continue
4471
- }
4472
- const oldPnpm = editablePkgJson.content[PNPM$9]
4473
- const oldPnpmKeyCount = oldPnpm ? Object.keys(oldPnpm).length : 0
4474
- const oldOverrides = oldPnpm?.[OVERRIDES$2]
4475
- const oldOverridesCount = oldOverrides
4476
- ? Object.keys(oldOverrides).length
4477
- : 0
4478
- const overrideKey = `${name}@${vulnerableVersionRange}`
4479
- const toVersionRange = shadowNpmInject.applyRange(
4480
- oldOverrides?.[overrideKey] ?? fromVersion,
4481
- toVersion,
4482
- rangeStyle
4483
- )
4484
- const toSpec = `${name}@${toVersionRange}`
4485
- const branch = isCi ? getSocketBranchName(fromPurl, toVersion) : ''
4486
- const baseBranch = isCi ? getBaseGitBranch() : ''
4487
- const { owner, repo } = isCi
4488
- ? getGitHubEnvRepoInfo()
4489
- : {
4490
- owner: '',
4491
- repo: ''
4492
- }
4493
- const shouldOpenPr = isCi
4494
- ? // eslint-disable-next-line no-await-in-loop
4495
- !(await doesPullRequestExistForBranch(owner, repo, branch))
4496
- : false
4497
- const updateData = {
4498
- [PNPM$9]: {
4499
- ...oldPnpm,
4500
- [OVERRIDES$2]: {
4501
- [overrideKey]: toVersionRange,
4502
- ...oldOverrides
4503
- }
4484
+ if (!(newVersion && newVersionPackument)) {
4485
+ if (!unavailableSpecs.has(oldSpec)) {
4486
+ unavailableSpecs.add(oldSpec)
4487
+ spinner?.fail(`No update available for ${oldSpec}`)
4504
4488
  }
4489
+ continue
4505
4490
  }
4506
- const revertData = {
4507
- [PNPM$9]: oldPnpmKeyCount
4508
- ? {
4509
- ...oldPnpm,
4510
- [OVERRIDES$2]:
4511
- oldOverridesCount === 1
4512
- ? undefined
4513
- : {
4514
- [overrideKey]: undefined,
4515
- ...oldOverrides
4516
- }
4517
- }
4518
- : undefined,
4519
- ...(editablePkgJson.content.dependencies
4520
- ? {
4521
- dependencies: editablePkgJson.content.dependencies
4522
- }
4523
- : undefined),
4524
- ...(editablePkgJson.content.optionalDependencies
4491
+ for (const pkgJsonPath of pkgJsonPaths) {
4492
+ const isWorkspaceRoot =
4493
+ pkgJsonPath === pkgEnvDetails.editablePkgJson.filename
4494
+ const workspaceName = isWorkspaceRoot
4495
+ ? ''
4496
+ : path$1.relative(rootPath, path$1.dirname(pkgJsonPath))
4497
+ const workspaceDetails = workspaceName ? ` in ${workspaceName}` : ''
4498
+ const editablePkgJson = isWorkspaceRoot
4499
+ ? pkgEnvDetails.editablePkgJson
4500
+ : // eslint-disable-next-line no-await-in-loop
4501
+ await packages.readPackageJson(pkgJsonPath, {
4502
+ editable: true
4503
+ })
4504
+ const oldPnpm = editablePkgJson.content[PNPM$8]
4505
+ const oldPnpmKeyCount = oldPnpm ? Object.keys(oldPnpm).length : 0
4506
+ const oldOverrides = oldPnpm?.[OVERRIDES$2]
4507
+ const oldOverridesCount = oldOverrides
4508
+ ? Object.keys(oldOverrides).length
4509
+ : 0
4510
+ const overrideKey = `${name}@${vulnerableVersionRange}`
4511
+ const newVersionRange = shadowNpmInject.applyRange(
4512
+ oldOverrides?.[overrideKey] ?? oldVersion,
4513
+ newVersion,
4514
+ rangeStyle
4515
+ )
4516
+ const newSpec = `${name}@${newVersionRange}`
4517
+ const newSpecKey = `${workspaceName ? `${workspaceName}>` : ''}${newSpec}`
4518
+ const updateData = isWorkspaceRoot
4525
4519
  ? {
4526
- optionalDependencies:
4527
- editablePkgJson.content.optionalDependencies
4520
+ [PNPM$8]: {
4521
+ ...oldPnpm,
4522
+ [OVERRIDES$2]: {
4523
+ [overrideKey]: newVersionRange,
4524
+ ...oldOverrides
4525
+ }
4526
+ }
4528
4527
  }
4529
- : undefined),
4530
- ...(editablePkgJson.content.peerDependencies
4531
- ? {
4532
- peerDependencies: editablePkgJson.content.peerDependencies
4528
+ : undefined
4529
+ const revertData = {
4530
+ ...(isWorkspaceRoot
4531
+ ? {
4532
+ [PNPM$8]: oldPnpmKeyCount
4533
+ ? {
4534
+ ...oldPnpm,
4535
+ [OVERRIDES$2]:
4536
+ oldOverridesCount === 1
4537
+ ? undefined
4538
+ : {
4539
+ [overrideKey]: undefined,
4540
+ ...oldOverrides
4541
+ }
4542
+ }
4543
+ : undefined
4544
+ }
4545
+ : {}),
4546
+ ...(editablePkgJson.content.dependencies
4547
+ ? {
4548
+ dependencies: editablePkgJson.content.dependencies
4549
+ }
4550
+ : undefined),
4551
+ ...(editablePkgJson.content.optionalDependencies
4552
+ ? {
4553
+ optionalDependencies:
4554
+ editablePkgJson.content.optionalDependencies
4555
+ }
4556
+ : undefined),
4557
+ ...(editablePkgJson.content.peerDependencies
4558
+ ? {
4559
+ peerDependencies: editablePkgJson.content.peerDependencies
4560
+ }
4561
+ : undefined)
4562
+ }
4563
+ const branch = isCi
4564
+ ? getSocketBranchName(oldPurl, newVersion, workspaceName)
4565
+ : ''
4566
+ const baseBranch = isCi ? getBaseGitBranch() : ''
4567
+ const { owner, repo } = isCi
4568
+ ? getGitHubEnvRepoInfo()
4569
+ : {
4570
+ owner: '',
4571
+ repo: ''
4533
4572
  }
4534
- : undefined)
4535
- }
4536
- spinner?.info(`Installing ${toSpec}`)
4537
- if (isCi) {
4538
- // eslint-disable-next-line no-await-in-loop
4539
- await gitCheckoutBaseBranchIfAvailable(baseBranch, cwd)
4540
- }
4541
- let error
4542
- let errored = false
4543
- let installed = false
4544
- let saved = false
4545
- try {
4546
- editablePkgJson.update(updateData)
4573
+ const shouldOpenPr = isCi
4574
+ ? // eslint-disable-next-line no-await-in-loop
4575
+ !(await doesPullRequestExistForBranch(owner, repo, branch))
4576
+ : false
4577
+ if (isCi) {
4578
+ // eslint-disable-next-line no-await-in-loop
4579
+ await gitCheckoutBaseBranchIfAvailable(baseBranch, cwd)
4580
+ }
4581
+ if (updateData) {
4582
+ editablePkgJson.update(updateData)
4583
+ }
4547
4584
  shadowNpmInject.updatePackageJsonFromNode(
4548
4585
  editablePkgJson,
4549
4586
  actualTree,
4550
4587
  node,
4551
- toVersion,
4588
+ newVersion,
4552
4589
  rangeStyle
4553
4590
  )
4554
- // eslint-disable-next-line no-await-in-loop
4555
- await editablePkgJson.save()
4556
- saved = true
4591
+ let error
4592
+ let errored = false
4593
+ let installed = false
4557
4594
 
4558
4595
  // eslint-disable-next-line no-await-in-loop
4559
- actualTree = await install(pkgEnvDetails, {
4560
- spinner
4561
- })
4562
- installed = true
4563
- if (test) {
4564
- spinner?.info(`Testing ${toSpec}`)
4596
+ if (!(await editablePkgJson.save())) {
4597
+ continue
4598
+ }
4599
+ if (!installedSpecs.has(newSpecKey)) {
4600
+ installedSpecs.add(newSpecKey)
4601
+ spinner?.info(`Installing ${newSpec}${workspaceDetails}`)
4602
+ }
4603
+ try {
4565
4604
  // eslint-disable-next-line no-await-in-loop
4566
- await npm.runScript(testScript, [], {
4567
- spinner,
4568
- stdio: 'ignore'
4605
+ actualTree = await install(pkgEnvDetails, {
4606
+ spinner
4569
4607
  })
4608
+ installed = true
4609
+ if (test) {
4610
+ if (!testedSpecs.has(newSpecKey)) {
4611
+ testedSpecs.add(newSpecKey)
4612
+ spinner?.info(`Testing ${newSpec}${workspaceDetails}`)
4613
+ }
4614
+ // eslint-disable-next-line no-await-in-loop
4615
+ await npm.runScript(testScript, [], {
4616
+ spinner,
4617
+ stdio: 'ignore'
4618
+ })
4619
+ }
4620
+ if (!fixedSpecs.has(newSpecKey)) {
4621
+ fixedSpecs.add(newSpecKey)
4622
+ spinner?.successAndStop(`Fixed ${name}${workspaceDetails}`)
4623
+ spinner?.start()
4624
+ }
4625
+ } catch (e) {
4626
+ error = e
4627
+ errored = true
4570
4628
  }
4571
- spinner?.successAndStop(`Fixed ${name}`)
4572
- spinner?.start()
4573
- } catch (e) {
4574
- error = e
4575
- errored = true
4576
- }
4577
- if (!errored && shouldOpenPr) {
4578
- // eslint-disable-next-line no-await-in-loop
4579
- await gitCreateAndPushBranchIfNeeded(
4580
- branch,
4581
- getSocketCommitMessage(fromPurl, toVersion),
4582
- cwd
4583
- )
4584
- // eslint-disable-next-line no-await-in-loop
4585
- const prResponse = await openGitHubPullRequest(
4586
- owner,
4587
- repo,
4588
- baseBranch,
4589
- branch,
4590
- fromPurl,
4591
- toVersion,
4592
- cwd
4593
- )
4594
- if (prResponse && autoMerge) {
4629
+ if (!errored && shouldOpenPr) {
4595
4630
  // eslint-disable-next-line no-await-in-loop
4596
- await enableAutoMerge(prResponse.data)
4597
- }
4598
- }
4599
- if (errored || isCi) {
4600
- if (errored) {
4601
- spinner?.error(`Reverting ${toSpec}`, error)
4602
- }
4603
- if (isRepo) {
4631
+ await gitCreateAndPushBranchIfNeeded(
4632
+ branch,
4633
+ getSocketCommitMessage(oldPurl, newVersion, workspaceName),
4634
+ cwd
4635
+ )
4604
4636
  // eslint-disable-next-line no-await-in-loop
4605
- await gitHardReset(cwd)
4637
+ const prResponse = await openGitHubPullRequest(
4638
+ owner,
4639
+ repo,
4640
+ baseBranch,
4641
+ branch,
4642
+ oldPurl,
4643
+ newVersion,
4644
+ {
4645
+ cwd,
4646
+ workspaceName
4647
+ }
4648
+ )
4649
+ if (prResponse && autoMerge) {
4650
+ // eslint-disable-next-line no-await-in-loop
4651
+ await enableAutoMerge(prResponse.data)
4652
+ }
4606
4653
  }
4607
- if (saved) {
4654
+ if (errored || isCi) {
4655
+ if (errored) {
4656
+ if (!revertedSpecs.has(newSpecKey)) {
4657
+ revertedSpecs.add(newSpecKey)
4658
+ spinner?.error(`Reverting ${newSpec}${workspaceDetails}`, error)
4659
+ }
4660
+ }
4608
4661
  editablePkgJson.update(revertData)
4609
- if (!isRepo) {
4662
+ if (isRepo) {
4663
+ // eslint-disable-next-line no-await-in-loop
4664
+ await gitHardReset(cwd)
4665
+ // eslint-disable-next-line no-await-in-loop
4666
+ actualTree = await getActualTree(cwd)
4667
+ } else if (installed) {
4610
4668
  // eslint-disable-next-line no-await-in-loop
4611
4669
  await editablePkgJson.save()
4670
+ // eslint-disable-next-line no-await-in-loop
4671
+ actualTree = await install(pkgEnvDetails, {
4672
+ spinner
4673
+ })
4674
+ }
4675
+ if (errored) {
4676
+ if (!failedSpecs.has(newSpecKey)) {
4677
+ failedSpecs.add(newSpecKey)
4678
+ spinner?.failAndStop(
4679
+ `Update failed for ${oldSpec}${workspaceDetails}`
4680
+ )
4681
+ }
4612
4682
  }
4613
- }
4614
- if (isRepo) {
4615
- // eslint-disable-next-line no-await-in-loop
4616
- actualTree = await getActualTree(cwd)
4617
- } else if (installed) {
4618
- // eslint-disable-next-line no-await-in-loop
4619
- actualTree = await install(pkgEnvDetails, {
4620
- spinner
4621
- })
4622
- }
4623
- if (errored) {
4624
- spinner?.failAndStop(`Failed to fix ${fromSpec}`)
4625
4683
  }
4626
4684
  }
4627
4685
  }
@@ -4630,6 +4688,29 @@ async function pnpmFix(
4630
4688
  spinner?.stop()
4631
4689
  }
4632
4690
 
4691
+ const CMD_NAME$1 = 'socket fix'
4692
+ function assignDefaultFixOptions(options) {
4693
+ if (options.autoPilot === undefined) {
4694
+ options.autoPilot = false
4695
+ }
4696
+ if (options.autoMerge === undefined) {
4697
+ options.autoMerge = !!options.autoPilot
4698
+ }
4699
+ if (options.cwd === undefined) {
4700
+ options.cwd = process.cwd()
4701
+ }
4702
+ if (options.rangeStyle === undefined) {
4703
+ options.rangeStyle = 'preserve'
4704
+ }
4705
+ if (options.test === undefined) {
4706
+ options.test = !!options.autoPilot || !!options.testScript
4707
+ }
4708
+ if (options.testScript === undefined) {
4709
+ options.testScript = 'test'
4710
+ }
4711
+ return options
4712
+ }
4713
+
4633
4714
  const {
4634
4715
  BINARY_LOCK_EXT,
4635
4716
  BUN: BUN$5,
@@ -4638,7 +4719,7 @@ const {
4638
4719
  NPM: NPM$b,
4639
4720
  NPM_BUGGY_OVERRIDES_PATCHED_VERSION: NPM_BUGGY_OVERRIDES_PATCHED_VERSION$1,
4640
4721
  PACKAGE_JSON,
4641
- PNPM: PNPM$8,
4722
+ PNPM: PNPM$7,
4642
4723
  VLT: VLT$5,
4643
4724
  YARN,
4644
4725
  YARN_BERRY: YARN_BERRY$5,
@@ -4647,7 +4728,7 @@ const {
4647
4728
  const AGENTS = new Set([
4648
4729
  BUN$5,
4649
4730
  NPM$b,
4650
- PNPM$8,
4731
+ PNPM$7,
4651
4732
  YARN_BERRY$5,
4652
4733
  YARN_CLASSIC$6,
4653
4734
  VLT$5
@@ -4655,7 +4736,7 @@ const AGENTS = new Set([
4655
4736
  const binByAgent = new Map([
4656
4737
  [BUN$5, BUN$5],
4657
4738
  [NPM$b, NPM$b],
4658
- [PNPM$8, PNPM$8],
4739
+ [PNPM$7, PNPM$7],
4659
4740
  [YARN_BERRY$5, YARN],
4660
4741
  [YARN_CLASSIC$6, YARN],
4661
4742
  [VLT$5, VLT$5]
@@ -4663,7 +4744,7 @@ const binByAgent = new Map([
4663
4744
  async function getAgentExecPath(agent) {
4664
4745
  const binName = binByAgent.get(agent)
4665
4746
  return (
4666
- (await vendor.libExports$1(binName, {
4747
+ (await vendor.libExports$2(binName, {
4667
4748
  nothrow: true
4668
4749
  })) ?? binName
4669
4750
  )
@@ -4697,8 +4778,8 @@ const LOCKS = {
4697
4778
  // https://docs.npmjs.com/cli/v10/configuring-npm/package-lock-json#package-lockjson-vs-npm-shrinkwrapjson
4698
4779
  'npm-shrinkwrap.json': NPM$b,
4699
4780
  'package-lock.json': NPM$b,
4700
- 'pnpm-lock.yaml': PNPM$8,
4701
- 'pnpm-lock.yml': PNPM$8,
4781
+ 'pnpm-lock.yaml': PNPM$7,
4782
+ 'pnpm-lock.yml': PNPM$7,
4702
4783
  [`yarn${LOCK_EXT$1}`]: YARN_CLASSIC$6,
4703
4784
  'vlt-lock.json': VLT$5,
4704
4785
  // Lastly, look for a hidden lock file which is present if .npmrc has package-lock=false:
@@ -4745,7 +4826,7 @@ const readLockFileByAgent = (() => {
4745
4826
  })
4746
4827
  ],
4747
4828
  [NPM$b, defaultReader],
4748
- [PNPM$8, defaultReader],
4829
+ [PNPM$7, defaultReader],
4749
4830
  [VLT$5, defaultReader],
4750
4831
  [YARN_BERRY$5, defaultReader],
4751
4832
  [YARN_CLASSIC$6, defaultReader]
@@ -4769,7 +4850,7 @@ async function detectPackageEnvironment({
4769
4850
  cwd
4770
4851
  })
4771
4852
  const pkgPath =
4772
- pkgJsonPath && require$$0.existsSync(pkgJsonPath)
4853
+ pkgJsonPath && fs$1.existsSync(pkgJsonPath)
4773
4854
  ? path$1.dirname(pkgJsonPath)
4774
4855
  : undefined
4775
4856
  const editablePkgJson = pkgPath
@@ -4777,11 +4858,12 @@ async function detectPackageEnvironment({
4777
4858
  editable: true
4778
4859
  })
4779
4860
  : undefined
4780
- const pkgJson = editablePkgJson?.content
4781
4861
  // Read Corepack `packageManager` field in package.json:
4782
4862
  // https://nodejs.org/api/packages.html#packagemanager
4783
- const pkgManager = strings.isNonEmptyString(pkgJson?.packageManager)
4784
- ? pkgJson.packageManager
4863
+ const pkgManager = strings.isNonEmptyString(
4864
+ editablePkgJson?.content?.packageManager
4865
+ )
4866
+ ? editablePkgJson.content.packageManager
4785
4867
  : undefined
4786
4868
  let agent
4787
4869
  let agentVersion
@@ -4829,8 +4911,8 @@ async function detectPackageEnvironment({
4829
4911
  let pkgNodeRange
4830
4912
  let pkgMinAgentVersion = minSupportedAgentVersion
4831
4913
  let pkgMinNodeVersion = minSupportedNodeVersion
4832
- if (pkgJson) {
4833
- const { engines } = pkgJson
4914
+ if (editablePkgJson?.content) {
4915
+ const { engines } = editablePkgJson.content
4834
4916
  const engineAgentRange = engines?.[agent]
4835
4917
  const engineNodeRange = engines?.['node']
4836
4918
  if (strings.isNonEmptyString(engineAgentRange)) {
@@ -4851,7 +4933,7 @@ async function detectPackageEnvironment({
4851
4933
  pkgMinNodeVersion = coerced.version
4852
4934
  }
4853
4935
  }
4854
- const browserslistQuery = pkgJson['browserslist']
4936
+ const browserslistQuery = editablePkgJson.content['browserslist']
4855
4937
  if (Array.isArray(browserslistQuery)) {
4856
4938
  // List Node targets in ascending version order.
4857
4939
  const browserslistNodeTargets = vendor
@@ -4897,6 +4979,7 @@ async function detectPackageEnvironment({
4897
4979
  agentExecPath,
4898
4980
  agentSupported,
4899
4981
  agentVersion,
4982
+ editablePkgJson,
4900
4983
  features: {
4901
4984
  npmBuggyOverrides
4902
4985
  },
@@ -4906,7 +4989,6 @@ async function detectPackageEnvironment({
4906
4989
  nodeSupported,
4907
4990
  nodeVersion,
4908
4991
  npmExecPath,
4909
- pkgJson: editablePkgJson,
4910
4992
  pkgPath,
4911
4993
  pkgRequirements: {
4912
4994
  agent: pkgAgentRange ?? `>=${pkgMinAgentVersion}`,
@@ -5030,15 +5112,14 @@ async function detectAndValidatePackageEnvironment(cwd, options) {
5030
5112
  return details
5031
5113
  }
5032
5114
 
5033
- const { NPM: NPM$a, PNPM: PNPM$7 } = constants
5034
- const CMD_NAME$2 = 'socket fix'
5115
+ const { NPM: NPM$a, PNPM: PNPM$6 } = constants
5035
5116
  async function runFix(options_) {
5036
- const options = shadowNpmInject.assignDefaultFixOptions({
5117
+ const options = assignDefaultFixOptions({
5037
5118
  __proto__: null,
5038
5119
  ...options_
5039
5120
  })
5040
5121
  const pkgEnvDetails = await detectAndValidatePackageEnvironment(options.cwd, {
5041
- cmdName: CMD_NAME$2,
5122
+ cmdName: CMD_NAME$1,
5042
5123
  logger: logger.logger
5043
5124
  })
5044
5125
  if (!pkgEnvDetails) {
@@ -5048,13 +5129,13 @@ async function runFix(options_) {
5048
5129
  const { agent } = pkgEnvDetails
5049
5130
  if (agent === NPM$a) {
5050
5131
  await npmFix(pkgEnvDetails, options)
5051
- } else if (agent === PNPM$7) {
5132
+ } else if (agent === PNPM$6) {
5052
5133
  await pnpmFix(pkgEnvDetails, options)
5053
5134
  }
5054
5135
  }
5055
5136
 
5056
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$w } = constants
5057
- const config$z = {
5137
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$x } = constants
5138
+ const config$A = {
5058
5139
  commandName: 'fix',
5059
5140
  description: 'Fix "fixable" Socket alerts',
5060
5141
  hidden: true,
@@ -5070,10 +5151,17 @@ const config$z = {
5070
5151
  default: false,
5071
5152
  description: `Enable auto-merge for pull requests that Socket opens.\n See ${vendor.terminalLinkExports('GitHub documentation', 'https://docs.github.com/en/repositories/configuring-branches-and-merges-in-your-repository/configuring-pull-request-merges/managing-auto-merge-for-pull-requests-in-your-repository')} for managing auto-merge for pull requests in your repository.`
5072
5153
  },
5154
+ purl: {
5155
+ type: 'string',
5156
+ default: [],
5157
+ description: `User provided PURL to fix`,
5158
+ isMultiple: true,
5159
+ shortFlag: 'p'
5160
+ },
5073
5161
  rangeStyle: {
5074
5162
  type: 'string',
5075
5163
  default: 'preserve',
5076
- description: vendor.stripIndent`
5164
+ description: vendor.html`
5077
5165
  Define how updated dependency versions should be written in package.json.
5078
5166
  Available styles:
5079
5167
  * caret - Use ^ range for compatible updates (e.g. ^1.2.3)
@@ -5104,14 +5192,14 @@ const config$z = {
5104
5192
  `
5105
5193
  }
5106
5194
  const cmdFix = {
5107
- description: config$z.description,
5108
- hidden: config$z.hidden,
5109
- run: run$z
5195
+ description: config$A.description,
5196
+ hidden: config$A.hidden,
5197
+ run: run$A
5110
5198
  }
5111
- async function run$z(argv, importMeta, { parentName }) {
5199
+ async function run$A(argv, importMeta, { parentName }) {
5112
5200
  const cli = meowOrExit({
5113
5201
  argv,
5114
- config: config$z,
5202
+ config: config$A,
5115
5203
  importMeta,
5116
5204
  parentName
5117
5205
  })
@@ -5125,7 +5213,7 @@ async function run$z(argv, importMeta, { parentName }) {
5125
5213
  return
5126
5214
  }
5127
5215
  if (cli.flags['dryRun']) {
5128
- logger.logger.log(DRY_RUN_BAIL_TEXT$w)
5216
+ logger.logger.log(DRY_RUN_BAIL_TEXT$x)
5129
5217
  return
5130
5218
  }
5131
5219
 
@@ -5134,6 +5222,7 @@ async function run$z(argv, importMeta, { parentName }) {
5134
5222
  await runFix({
5135
5223
  autoMerge: Boolean(cli.flags['autoMerge']),
5136
5224
  autoPilot: Boolean(cli.flags['autoPilot']),
5225
+ purls: Array.isArray(cli.flags['purl']) ? cli.flags['purl'] : [],
5137
5226
  spinner,
5138
5227
  rangeStyle: cli.flags['rangeStyle'] ?? undefined,
5139
5228
  test: Boolean(cli.flags['test']),
@@ -5234,7 +5323,7 @@ function outputPackageInfo(
5234
5323
  return
5235
5324
  }
5236
5325
  if (outputKind === 'markdown') {
5237
- logger.logger.log(vendor.stripIndents`
5326
+ logger.logger.log(vendor.html`
5238
5327
  # Package report for ${pkgName}
5239
5328
 
5240
5329
  Package report card:
@@ -5327,11 +5416,12 @@ async function handlePackageInfo({
5327
5416
  }
5328
5417
  }
5329
5418
 
5330
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$v } = constants
5331
- const config$y = {
5419
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$w } = constants
5420
+ const config$z = {
5332
5421
  commandName: 'info',
5333
5422
  description: 'Look up info regarding a package',
5334
- hidden: false,
5423
+ hidden: true,
5424
+ // Deprecated
5335
5425
  flags: {
5336
5426
  ...commonFlags,
5337
5427
  ...outputFlags,
@@ -5352,14 +5442,14 @@ const config$y = {
5352
5442
  `
5353
5443
  }
5354
5444
  const cmdInfo = {
5355
- description: config$y.description,
5356
- hidden: config$y.hidden,
5357
- run: run$y
5445
+ description: config$z.description,
5446
+ hidden: config$z.hidden,
5447
+ run: run$z
5358
5448
  }
5359
- async function run$y(argv, importMeta, { parentName }) {
5449
+ async function run$z(argv, importMeta, { parentName }) {
5360
5450
  const cli = meowOrExit({
5361
5451
  argv,
5362
- config: config$y,
5452
+ config: config$z,
5363
5453
  importMeta,
5364
5454
  parentName
5365
5455
  })
@@ -5397,11 +5487,11 @@ async function run$y(argv, importMeta, { parentName }) {
5397
5487
  const pkgVersion =
5398
5488
  versionSeparator < 1 ? 'latest' : rawPkgName.slice(versionSeparator + 1)
5399
5489
  if (cli.flags['dryRun']) {
5400
- logger.logger.log(DRY_RUN_BAIL_TEXT$v)
5490
+ logger.logger.log(DRY_RUN_BAIL_TEXT$w)
5401
5491
  return
5402
5492
  }
5403
5493
  await handlePackageInfo({
5404
- commandName: `${parentName} ${config$y.commandName}`,
5494
+ commandName: `${parentName} ${config$z.commandName}`,
5405
5495
  includeAllIssues: Boolean(all),
5406
5496
  outputKind: json ? 'json' : markdown ? 'markdown' : 'print',
5407
5497
  pkgName,
@@ -5477,7 +5567,7 @@ async function attemptLogin(apiBaseUrl, apiProxy) {
5477
5567
  logger.logger.success(
5478
5568
  `API credentials ${previousPersistedToken === apiToken ? 'refreshed' : previousPersistedToken ? 'updated' : 'set'}`
5479
5569
  )
5480
- if (!shadowNpmInject.isReadOnlyConfig()) {
5570
+ if (shadowNpmInject.isReadOnlyConfig()) {
5481
5571
  logger.logger.log('')
5482
5572
  logger.logger.warn(
5483
5573
  'Note: config is in read-only mode, at least one key was overridden through flag/env, so the login was not persisted!'
@@ -5488,8 +5578,8 @@ async function attemptLogin(apiBaseUrl, apiProxy) {
5488
5578
  }
5489
5579
  }
5490
5580
 
5491
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$u } = constants
5492
- const config$x = {
5581
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$v } = constants
5582
+ const config$y = {
5493
5583
  commandName: 'login',
5494
5584
  description: 'Socket API login',
5495
5585
  hidden: false,
@@ -5522,21 +5612,21 @@ const config$x = {
5522
5612
  `
5523
5613
  }
5524
5614
  const cmdLogin = {
5525
- description: config$x.description,
5526
- hidden: config$x.hidden,
5527
- run: run$x
5615
+ description: config$y.description,
5616
+ hidden: config$y.hidden,
5617
+ run: run$y
5528
5618
  }
5529
- async function run$x(argv, importMeta, { parentName }) {
5619
+ async function run$y(argv, importMeta, { parentName }) {
5530
5620
  const cli = meowOrExit({
5531
5621
  argv,
5532
- config: config$x,
5622
+ config: config$y,
5533
5623
  importMeta,
5534
5624
  parentName
5535
5625
  })
5536
5626
  const apiBaseUrl = cli.flags['apiBaseUrl']
5537
5627
  const apiProxy = cli.flags['apiProxy']
5538
5628
  if (cli.flags['dryRun']) {
5539
- logger.logger.log(DRY_RUN_BAIL_TEXT$u)
5629
+ logger.logger.log(DRY_RUN_BAIL_TEXT$v)
5540
5630
  return
5541
5631
  }
5542
5632
  if (!isInteractive()) {
@@ -5558,7 +5648,7 @@ function attemptLogout() {
5558
5648
  try {
5559
5649
  applyLogout()
5560
5650
  logger.logger.success('Successfully logged out')
5561
- if (!shadowNpmInject.isReadOnlyConfig()) {
5651
+ if (shadowNpmInject.isReadOnlyConfig()) {
5562
5652
  logger.logger.log('')
5563
5653
  logger.logger.warn(
5564
5654
  'Note: config is in read-only mode, at least one key was overridden through flag/env, so the logout was not persisted!'
@@ -5569,8 +5659,8 @@ function attemptLogout() {
5569
5659
  }
5570
5660
  }
5571
5661
 
5572
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$t } = constants
5573
- const config$w = {
5662
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$u } = constants
5663
+ const config$x = {
5574
5664
  commandName: 'logout',
5575
5665
  description: 'Socket API logout',
5576
5666
  hidden: false,
@@ -5585,42 +5675,60 @@ const config$w = {
5585
5675
  `
5586
5676
  }
5587
5677
  const cmdLogout = {
5588
- description: config$w.description,
5589
- hidden: config$w.hidden,
5590
- run: run$w
5678
+ description: config$x.description,
5679
+ hidden: config$x.hidden,
5680
+ run: run$x
5591
5681
  }
5592
- async function run$w(argv, importMeta, { parentName }) {
5682
+ async function run$x(argv, importMeta, { parentName }) {
5593
5683
  const cli = meowOrExit({
5594
5684
  argv,
5595
- config: config$w,
5685
+ config: config$x,
5596
5686
  importMeta,
5597
5687
  parentName
5598
5688
  })
5599
5689
  if (cli.flags['dryRun']) {
5600
- logger.logger.log(DRY_RUN_BAIL_TEXT$t)
5690
+ logger.logger.log(DRY_RUN_BAIL_TEXT$u)
5601
5691
  return
5602
5692
  }
5603
5693
  attemptLogout()
5604
5694
  }
5605
5695
 
5606
- async function convertGradleToMaven(target, bin, _out, verbose, gradleOpts) {
5607
- // Lazily access constants.spinner.
5608
- const { spinner } = constants
5609
- const rbin = path$1.resolve(bin)
5610
- const rtarget = path$1.resolve(target)
5696
+ async function convertGradleToMaven(target, bin, cwd, verbose, gradleOpts) {
5611
5697
  if (verbose) {
5612
- logger.logger.group('gradle2maven:')
5613
- logger.logger.log(`[VERBOSE] - Absolute bin path: \`${rbin}\``)
5614
- logger.logger.log(`[VERBOSE] - Absolute target path: \`${rtarget}\``)
5615
- logger.logger.groupEnd()
5698
+ logger.logger.log('[VERBOSE] Resolving:', [cwd, bin])
5699
+ }
5700
+ const rbin = path$1.resolve(cwd, bin)
5701
+ if (verbose) {
5702
+ logger.logger.log('[VERBOSE] Resolving:', [cwd, target])
5703
+ }
5704
+ const rtarget = path$1.resolve(cwd, target)
5705
+ const binExists = fs$1.existsSync(rbin)
5706
+ const targetExists = fs$1.existsSync(rtarget)
5707
+ logger.logger.group('gradle2maven:')
5708
+ if (verbose || debug.isDebug()) {
5709
+ logger.logger.log(
5710
+ `[VERBOSE] - Absolute bin path: \`${rbin}\` (${binExists ? 'found' : vendor.yoctocolorsCjsExports.red('not found!')})`
5711
+ )
5712
+ logger.logger.log(
5713
+ `[VERBOSE] - Absolute target path: \`${rtarget}\` (${targetExists ? 'found' : vendor.yoctocolorsCjsExports.red('not found!')})`
5714
+ )
5616
5715
  } else {
5617
- logger.logger.group('gradle2maven:')
5618
- logger.logger.log(`- executing: \`${bin}\``)
5619
- logger.logger.log(`- src dir: \`${target}\``)
5620
- logger.logger.groupEnd()
5716
+ logger.logger.log(`- executing: \`${rbin}\``)
5717
+ if (!binExists) {
5718
+ logger.logger.warn(
5719
+ 'Warning: It appears the executable could not be found at this location. An error might be printed later because of that.'
5720
+ )
5721
+ }
5722
+ logger.logger.log(`- src dir: \`${rtarget}\``)
5723
+ if (!targetExists) {
5724
+ logger.logger.warn(
5725
+ 'Warning: It appears the src dir could not be found at this location. An error might be printed later because of that.'
5726
+ )
5727
+ }
5621
5728
  }
5729
+ logger.logger.groupEnd()
5622
5730
  try {
5623
- // Run sbt with the init script we provide which should yield zero or more
5731
+ // Run gradlew with the init script we provide which should yield zero or more
5624
5732
  // pom files. We have to figure out where to store those pom files such that
5625
5733
  // we can upload them and predict them through the GitHub API. We could do a
5626
5734
  // .socket folder. We could do a socket.pom.gz with all the poms, although
@@ -5630,26 +5738,23 @@ async function convertGradleToMaven(target, bin, _out, verbose, gradleOpts) {
5630
5738
  const initLocation = path$1.join(constants.rootDistPath, 'init.gradle')
5631
5739
  const commandArgs = ['--init-script', initLocation, ...gradleOpts, 'pom']
5632
5740
  if (verbose) {
5633
- logger.logger.log('[VERBOSE] Executing:', bin, commandArgs)
5741
+ logger.logger.log('[VERBOSE] Executing:', [bin], ', args:', commandArgs)
5634
5742
  }
5635
- spinner.start(
5636
- `Converting gradle to maven from \`${bin}\` on \`${target}\`...`
5743
+ logger.logger.log(
5744
+ `Converting gradle to maven from \`${bin}\` on \`${target}\` ...`
5637
5745
  )
5638
- const output = await spawn.spawn(bin, commandArgs, {
5639
- cwd: target || '.'
5640
- })
5641
- spinner.stop()
5746
+ const output = await execGradleWithSpinner(rbin, commandArgs, rtarget, cwd)
5642
5747
  if (verbose) {
5643
5748
  logger.logger.group('[VERBOSE] gradle stdout:')
5644
5749
  logger.logger.log(output)
5645
5750
  logger.logger.groupEnd()
5646
5751
  }
5647
- if (output.stderr) {
5752
+ if (output.code !== 0) {
5648
5753
  process.exitCode = 1
5649
- logger.logger.fail('There were errors while running gradle')
5754
+ logger.logger.fail(`Gradle exited with exit code ${output.code}`)
5650
5755
  // (In verbose mode, stderr was printed above, no need to repeat it)
5651
5756
  if (!verbose) {
5652
- logger.logger.group('[VERBOSE] stderr:')
5757
+ logger.logger.group('stderr:')
5653
5758
  logger.logger.error(output.stderr)
5654
5759
  logger.logger.groupEnd()
5655
5760
  }
@@ -5661,41 +5766,15 @@ async function convertGradleToMaven(target, bin, _out, verbose, gradleOpts) {
5661
5766
  logger.logger.log('- ', fn)
5662
5767
  return fn
5663
5768
  })
5664
-
5665
- // const loc = output.stdout?.match(/Wrote (.*?.pom)\n/)?.[1]?.trim()
5666
- // if (!loc) {
5667
- // logger.fail(
5668
- // 'There were no errors from sbt but could not find the location of resulting .pom file either'
5669
- // )
5670
- // // eslint-disable-next-line n/no-process-exit
5671
- // process.exit(1)
5672
- // }
5673
- //
5674
- // // Move the pom file to ...? initial cwd? loc will be an absolute path, or dump to stdout
5675
- // if (out === '-') {
5676
- // spinner.start('Result:\n```')
5677
- // spinner.log(await safeReadFile(loc))
5678
- // spinner.log('```')
5679
- // spinner.successAndStop(`OK`)
5680
- // } else {
5681
- // spinner.start()
5682
- // if (verbose) {
5683
- // spinner.log(
5684
- // `Moving manifest file from \`${loc.replace(/^\/home\/[^/]*?\//, '~/')}\` to \`${out}\``
5685
- // )
5686
- // } else {
5687
- // spinner.log('Moving output pom file')
5688
- // }
5689
- // // TODO: do we prefer fs-extra? renaming can be gnarly on windows and fs-extra's version is better
5690
- // await renamep(loc, out)
5691
- // spinner.successAndStop(`OK. File should be available in \`${out}\``)
5692
- // }
5769
+ logger.logger.log('')
5770
+ logger.logger.log(
5771
+ 'Next step is to generate a Scan by running the `socket scan create` command on the same directory'
5772
+ )
5693
5773
  } catch (e) {
5694
5774
  process.exitCode = 1
5695
- spinner.stop()
5696
5775
  logger.logger.fail(
5697
- 'There was an unexpected error while running this' +
5698
- (verbose ? '' : ' (use --verbose for details)')
5776
+ 'There was an unexpected error while generating manifests' +
5777
+ (verbose ? '' : ' (use --verbose for details)')
5699
5778
  )
5700
5779
  if (verbose) {
5701
5780
  logger.logger.group('[VERBOSE] error:')
@@ -5704,9 +5783,39 @@ async function convertGradleToMaven(target, bin, _out, verbose, gradleOpts) {
5704
5783
  }
5705
5784
  }
5706
5785
  }
5786
+ async function execGradleWithSpinner(bin, commandArgs, target, cwd) {
5787
+ // Lazily access constants.spinner.
5788
+ const { spinner } = constants
5789
+ let pass = false
5790
+ try {
5791
+ spinner.start(
5792
+ `Running gradlew... (this can take a while, it depends on how long gradlew has to run)`
5793
+ )
5794
+ const output = await spawn.spawn(bin, commandArgs, {
5795
+ // We can pipe the output through to have the user see the result
5796
+ // of running gradlew, but then we can't (easily) gather the output
5797
+ // to discover the generated files... probably a flag we should allow?
5798
+ // stdio: isDebug() ? 'inherit' : undefined,
5799
+ cwd: target || cwd
5800
+ })
5801
+ pass = true
5802
+ const { code, stderr, stdout } = output
5803
+ return {
5804
+ code,
5805
+ stdout,
5806
+ stderr
5807
+ }
5808
+ } finally {
5809
+ if (pass) {
5810
+ spinner.successAndStop('Completed gradlew execution')
5811
+ } else {
5812
+ spinner.failAndStop('There was an error while trying to run gradlew.')
5813
+ }
5814
+ }
5815
+ }
5707
5816
 
5708
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$s } = constants
5709
- const config$v = {
5817
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$t } = constants
5818
+ const config$w = {
5710
5819
  commandName: 'gradle',
5711
5820
  description:
5712
5821
  '[beta] Use Gradle to generate a manifest file (`pom.xml`) for a Gradle/Java/Kotlin/etc project',
@@ -5727,16 +5836,6 @@ const config$v = {
5727
5836
  description:
5728
5837
  'Additional options to pass on to ./gradlew, see `./gradlew --help`'
5729
5838
  },
5730
- out: {
5731
- type: 'string',
5732
- default: './socket.pom.xml',
5733
- description:
5734
- 'Path of output file; where to store the resulting manifest, see also --stdout'
5735
- },
5736
- stdout: {
5737
- type: 'boolean',
5738
- description: 'Print resulting pom.xml to stdout (supersedes --out)'
5739
- },
5740
5839
  task: {
5741
5840
  type: 'string',
5742
5841
  default: 'all',
@@ -5781,20 +5880,20 @@ const config$v = {
5781
5880
  `
5782
5881
  }
5783
5882
  const cmdManifestGradle = {
5784
- description: config$v.description,
5785
- hidden: config$v.hidden,
5786
- run: run$v
5883
+ description: config$w.description,
5884
+ hidden: config$w.hidden,
5885
+ run: run$w
5787
5886
  }
5788
- async function run$v(argv, importMeta, { parentName }) {
5887
+ async function run$w(argv, importMeta, { parentName }) {
5789
5888
  const cli = meowOrExit({
5790
5889
  argv,
5791
- config: config$v,
5890
+ config: config$w,
5792
5891
  importMeta,
5793
5892
  parentName
5794
5893
  })
5795
5894
  const verbose = Boolean(cli.flags['verbose'])
5796
5895
  if (verbose) {
5797
- logger.logger.group('- ', parentName, config$v.commandName, ':')
5896
+ logger.logger.group('- ', parentName, config$w.commandName, ':')
5798
5897
  logger.logger.group('- flags:', cli.flags)
5799
5898
  logger.logger.groupEnd()
5800
5899
  logger.logger.log('- input:', cli.input)
@@ -5815,7 +5914,7 @@ async function run$v(argv, importMeta, { parentName }) {
5815
5914
  },
5816
5915
  {
5817
5916
  nook: true,
5818
- test: cli.input.length === 1,
5917
+ test: cli.input.length <= 1,
5819
5918
  message: 'Can only accept one DIR (make sure to escape spaces!)',
5820
5919
  pass: 'ok',
5821
5920
  fail: 'received ' + cli.input.length
@@ -5824,24 +5923,12 @@ async function run$v(argv, importMeta, { parentName }) {
5824
5923
  if (wasBadInput) {
5825
5924
  return
5826
5925
  }
5827
- let bin
5828
- if (cli.flags['bin']) {
5829
- bin = cli.flags['bin']
5830
- } else {
5831
- bin = path$1.join(target, 'gradlew')
5832
- }
5833
- let out = './socket.pom.xml'
5834
- if (cli.flags['out']) {
5835
- out = cli.flags['out']
5836
- }
5837
- if (cli.flags['stdout']) {
5838
- out = '-'
5839
- }
5926
+ const { bin = path$1.join(target, 'gradlew'), cwd = process.cwd() } =
5927
+ cli.flags
5840
5928
  if (verbose) {
5841
5929
  logger.logger.group()
5842
5930
  logger.logger.log('- target:', target)
5843
5931
  logger.logger.log('- gradle bin:', bin)
5844
- logger.logger.log('- out:', out)
5845
5932
  logger.logger.groupEnd()
5846
5933
  }
5847
5934
  let gradleOpts = []
@@ -5852,10 +5939,16 @@ async function run$v(argv, importMeta, { parentName }) {
5852
5939
  .filter(Boolean)
5853
5940
  }
5854
5941
  if (cli.flags['dryRun']) {
5855
- logger.logger.log(DRY_RUN_BAIL_TEXT$s)
5942
+ logger.logger.log(DRY_RUN_BAIL_TEXT$t)
5856
5943
  return
5857
5944
  }
5858
- await convertGradleToMaven(target, bin, out, verbose, gradleOpts)
5945
+ await convertGradleToMaven(
5946
+ target,
5947
+ String(bin),
5948
+ String(cwd),
5949
+ verbose,
5950
+ gradleOpts
5951
+ )
5859
5952
  }
5860
5953
 
5861
5954
  async function convertSbtToMaven(target, bin, out, verbose, sbtOpts) {
@@ -5961,8 +6054,8 @@ async function convertSbtToMaven(target, bin, out, verbose, sbtOpts) {
5961
6054
  }
5962
6055
  }
5963
6056
 
5964
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$r } = constants
5965
- const config$u = {
6057
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$s } = constants
6058
+ const config$v = {
5966
6059
  commandName: 'scala',
5967
6060
  description:
5968
6061
  "[beta] Generate a manifest file (`pom.xml`) from Scala's `build.sbt` file",
@@ -6037,20 +6130,20 @@ const config$u = {
6037
6130
  `
6038
6131
  }
6039
6132
  const cmdManifestScala = {
6040
- description: config$u.description,
6041
- hidden: config$u.hidden,
6042
- run: run$u
6133
+ description: config$v.description,
6134
+ hidden: config$v.hidden,
6135
+ run: run$v
6043
6136
  }
6044
- async function run$u(argv, importMeta, { parentName }) {
6137
+ async function run$v(argv, importMeta, { parentName }) {
6045
6138
  const cli = meowOrExit({
6046
6139
  argv,
6047
- config: config$u,
6140
+ config: config$v,
6048
6141
  importMeta,
6049
6142
  parentName
6050
6143
  })
6051
6144
  const verbose = Boolean(cli.flags['verbose'])
6052
6145
  if (verbose) {
6053
- logger.logger.group('- ', parentName, config$u.commandName, ':')
6146
+ logger.logger.group('- ', parentName, config$v.commandName, ':')
6054
6147
  logger.logger.group('- flags:', cli.flags)
6055
6148
  logger.logger.groupEnd()
6056
6149
  logger.logger.log('- input:', cli.input)
@@ -6071,7 +6164,7 @@ async function run$u(argv, importMeta, { parentName }) {
6071
6164
  },
6072
6165
  {
6073
6166
  nook: true,
6074
- test: cli.input.length === 1,
6167
+ test: cli.input.length <= 1,
6075
6168
  message: 'Can only accept one DIR (make sure to escape spaces!)',
6076
6169
  pass: 'ok',
6077
6170
  fail: 'received ' + cli.input.length
@@ -6106,14 +6199,14 @@ async function run$u(argv, importMeta, { parentName }) {
6106
6199
  .filter(Boolean)
6107
6200
  }
6108
6201
  if (cli.flags['dryRun']) {
6109
- logger.logger.log(DRY_RUN_BAIL_TEXT$r)
6202
+ logger.logger.log(DRY_RUN_BAIL_TEXT$s)
6110
6203
  return
6111
6204
  }
6112
6205
  await convertSbtToMaven(target, bin, out, verbose, sbtOpts)
6113
6206
  }
6114
6207
 
6115
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$q } = constants
6116
- const config$t = {
6208
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$r } = constants
6209
+ const config$u = {
6117
6210
  commandName: 'auto',
6118
6211
  description: 'Auto-detect build and attempt to generate manifest file',
6119
6212
  hidden: false,
@@ -6143,21 +6236,21 @@ const config$t = {
6143
6236
  `
6144
6237
  }
6145
6238
  const cmdManifestAuto = {
6146
- description: config$t.description,
6147
- hidden: config$t.hidden,
6148
- run: run$t
6239
+ description: config$u.description,
6240
+ hidden: config$u.hidden,
6241
+ run: run$u
6149
6242
  }
6150
- async function run$t(argv, importMeta, { parentName }) {
6243
+ async function run$u(argv, importMeta, { parentName }) {
6151
6244
  const cli = meowOrExit({
6152
6245
  argv,
6153
- config: config$t,
6246
+ config: config$u,
6154
6247
  importMeta,
6155
6248
  parentName
6156
6249
  })
6157
6250
  const verbose = !!cli.flags['verbose']
6158
6251
  const cwd = cli.flags['cwd'] ?? process.cwd()
6159
6252
  if (verbose) {
6160
- logger.logger.group('- ', parentName, config$t.commandName, ':')
6253
+ logger.logger.group('- ', parentName, config$u.commandName, ':')
6161
6254
  logger.logger.group('- flags:', cli.flags)
6162
6255
  logger.logger.groupEnd()
6163
6256
  logger.logger.log('- input:', cli.input)
@@ -6169,7 +6262,7 @@ async function run$t(argv, importMeta, { parentName }) {
6169
6262
  subArgs.push('--verbose')
6170
6263
  }
6171
6264
  const dir = cwd
6172
- if (require$$0.existsSync(path$1.join(dir, 'build.sbt'))) {
6265
+ if (fs$1.existsSync(path$1.join(dir, 'build.sbt'))) {
6173
6266
  logger.logger.log(
6174
6267
  'Detected a Scala sbt build, running default Scala generator...'
6175
6268
  )
@@ -6178,7 +6271,7 @@ async function run$t(argv, importMeta, { parentName }) {
6178
6271
  }
6179
6272
  subArgs.push(dir)
6180
6273
  if (cli.flags['dryRun']) {
6181
- logger.logger.log(DRY_RUN_BAIL_TEXT$q)
6274
+ logger.logger.log(DRY_RUN_BAIL_TEXT$r)
6182
6275
  return
6183
6276
  }
6184
6277
  await cmdManifestScala.run(subArgs, importMeta, {
@@ -6186,7 +6279,7 @@ async function run$t(argv, importMeta, { parentName }) {
6186
6279
  })
6187
6280
  return
6188
6281
  }
6189
- if (require$$0.existsSync(path$1.join(dir, 'gradlew'))) {
6282
+ if (fs$1.existsSync(path$1.join(dir, 'gradlew'))) {
6190
6283
  logger.logger.log(
6191
6284
  'Detected a gradle build, running default gradle generator...'
6192
6285
  )
@@ -6195,7 +6288,7 @@ async function run$t(argv, importMeta, { parentName }) {
6195
6288
  subArgs.push(cwd)
6196
6289
  }
6197
6290
  if (cli.flags['dryRun']) {
6198
- logger.logger.log(DRY_RUN_BAIL_TEXT$q)
6291
+ logger.logger.log(DRY_RUN_BAIL_TEXT$r)
6199
6292
  return
6200
6293
  }
6201
6294
  await cmdManifestGradle.run(subArgs, importMeta, {
@@ -6204,7 +6297,7 @@ async function run$t(argv, importMeta, { parentName }) {
6204
6297
  return
6205
6298
  }
6206
6299
  if (cli.flags['dryRun']) {
6207
- logger.logger.log(DRY_RUN_BAIL_TEXT$q)
6300
+ logger.logger.log(DRY_RUN_BAIL_TEXT$r)
6208
6301
  return
6209
6302
  }
6210
6303
 
@@ -6212,7 +6305,7 @@ async function run$t(argv, importMeta, { parentName }) {
6212
6305
  vendor
6213
6306
  .meow(
6214
6307
  `
6215
- $ ${parentName} ${config$t.commandName}
6308
+ $ ${parentName} ${config$u.commandName}
6216
6309
 
6217
6310
  Unfortunately this script did not discover a supported language in the
6218
6311
  current folder.
@@ -6226,21 +6319,21 @@ async function run$t(argv, importMeta, { parentName }) {
6226
6319
  `,
6227
6320
  {
6228
6321
  argv: [],
6229
- description: config$t.description,
6322
+ description: config$u.description,
6230
6323
  importMeta
6231
6324
  }
6232
6325
  )
6233
6326
  .showHelp()
6234
6327
  }
6235
6328
 
6236
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$p } = constants
6329
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$q } = constants
6237
6330
 
6238
6331
  // TODO: we may want to dedupe some pieces for all gradle languages. I think it
6239
6332
  // makes sense to have separate commands for them and I think it makes
6240
6333
  // sense for the help panels to note the requested language, rather than
6241
6334
  // `socket manifest kotlin` to print help screens with `gradle` as the
6242
6335
  // command. Room for improvement.
6243
- const config$s = {
6336
+ const config$t = {
6244
6337
  commandName: 'kotlin',
6245
6338
  description:
6246
6339
  '[beta] Use Gradle to generate a manifest file (`pom.xml`) for a Kotlin project',
@@ -6261,16 +6354,6 @@ const config$s = {
6261
6354
  description:
6262
6355
  'Additional options to pass on to ./gradlew, see `./gradlew --help`'
6263
6356
  },
6264
- out: {
6265
- type: 'string',
6266
- default: './socket.pom.xml',
6267
- description:
6268
- 'Path of output file; where to store the resulting manifest, see also --stdout'
6269
- },
6270
- stdout: {
6271
- type: 'boolean',
6272
- description: 'Print resulting pom.xml to stdout (supersedes --out)'
6273
- },
6274
6357
  task: {
6275
6358
  type: 'string',
6276
6359
  default: 'all',
@@ -6315,20 +6398,20 @@ const config$s = {
6315
6398
  `
6316
6399
  }
6317
6400
  const cmdManifestKotlin = {
6318
- description: config$s.description,
6319
- hidden: config$s.hidden,
6320
- run: run$s
6401
+ description: config$t.description,
6402
+ hidden: config$t.hidden,
6403
+ run: run$t
6321
6404
  }
6322
- async function run$s(argv, importMeta, { parentName }) {
6405
+ async function run$t(argv, importMeta, { parentName }) {
6323
6406
  const cli = meowOrExit({
6324
6407
  argv,
6325
- config: config$s,
6408
+ config: config$t,
6326
6409
  importMeta,
6327
6410
  parentName
6328
6411
  })
6329
6412
  const verbose = Boolean(cli.flags['verbose'])
6330
6413
  if (verbose) {
6331
- logger.logger.group('- ', parentName, config$s.commandName, ':')
6414
+ logger.logger.group('- ', parentName, config$t.commandName, ':')
6332
6415
  logger.logger.group('- flags:', cli.flags)
6333
6416
  logger.logger.groupEnd()
6334
6417
  logger.logger.log('- input:', cli.input)
@@ -6349,7 +6432,7 @@ async function run$s(argv, importMeta, { parentName }) {
6349
6432
  },
6350
6433
  {
6351
6434
  nook: true,
6352
- test: cli.input.length === 1,
6435
+ test: cli.input.length <= 1,
6353
6436
  message: 'Can only accept one DIR (make sure to escape spaces!)',
6354
6437
  pass: 'ok',
6355
6438
  fail: 'received ' + cli.input.length
@@ -6358,24 +6441,12 @@ async function run$s(argv, importMeta, { parentName }) {
6358
6441
  if (wasBadInput) {
6359
6442
  return
6360
6443
  }
6361
- let bin
6362
- if (cli.flags['bin']) {
6363
- bin = cli.flags['bin']
6364
- } else {
6365
- bin = path$1.join(target, 'gradlew')
6366
- }
6367
- let out = './socket.pom.xml'
6368
- if (cli.flags['out']) {
6369
- out = cli.flags['out']
6370
- }
6371
- if (cli.flags['stdout']) {
6372
- out = '-'
6373
- }
6444
+ const { bin = path$1.join(target, 'gradlew'), cwd = process.cwd() } =
6445
+ cli.flags
6374
6446
  if (verbose) {
6375
6447
  logger.logger.group()
6376
6448
  logger.logger.log('- target:', target)
6377
6449
  logger.logger.log('- gradle bin:', bin)
6378
- logger.logger.log('- out:', out)
6379
6450
  logger.logger.groupEnd()
6380
6451
  }
6381
6452
  let gradleOpts = []
@@ -6386,13 +6457,19 @@ async function run$s(argv, importMeta, { parentName }) {
6386
6457
  .filter(Boolean)
6387
6458
  }
6388
6459
  if (cli.flags['dryRun']) {
6389
- logger.logger.log(DRY_RUN_BAIL_TEXT$p)
6460
+ logger.logger.log(DRY_RUN_BAIL_TEXT$q)
6390
6461
  return
6391
6462
  }
6392
- await convertGradleToMaven(target, bin, out, verbose, gradleOpts)
6463
+ await convertGradleToMaven(
6464
+ target,
6465
+ String(bin),
6466
+ String(cwd),
6467
+ verbose,
6468
+ gradleOpts
6469
+ )
6393
6470
  }
6394
6471
 
6395
- const config$r = {
6472
+ const config$s = {
6396
6473
  commandName: 'manifest',
6397
6474
  description: 'Generate a dependency manifest for given file or dir',
6398
6475
  hidden: false,
@@ -6401,11 +6478,11 @@ const config$r = {
6401
6478
  }
6402
6479
  }
6403
6480
  const cmdManifest = {
6404
- description: config$r.description,
6405
- hidden: config$r.hidden,
6406
- run: run$r
6481
+ description: config$s.description,
6482
+ hidden: config$s.hidden,
6483
+ run: run$s
6407
6484
  }
6408
- async function run$r(argv, importMeta, { parentName }) {
6485
+ async function run$s(argv, importMeta, { parentName }) {
6409
6486
  await meowWithSubcommands(
6410
6487
  {
6411
6488
  auto: cmdManifestAuto,
@@ -6417,15 +6494,15 @@ async function run$r(argv, importMeta, { parentName }) {
6417
6494
  argv,
6418
6495
  aliases: {
6419
6496
  yolo: {
6420
- description: config$r.description,
6497
+ description: config$s.description,
6421
6498
  hidden: true,
6422
6499
  argv: ['auto']
6423
6500
  }
6424
6501
  },
6425
- description: config$r.description,
6502
+ description: config$s.description,
6426
6503
  importMeta,
6427
- flags: config$r.flags,
6428
- name: `${parentName} ${config$r.commandName}`
6504
+ flags: config$s.flags,
6505
+ name: `${parentName} ${config$s.commandName}`
6429
6506
  }
6430
6507
  )
6431
6508
  }
@@ -6437,8 +6514,8 @@ async function wrapNpm(argv) {
6437
6514
  await shadowBin(NPM$8, argv)
6438
6515
  }
6439
6516
 
6440
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$o, NPM: NPM$7 } = constants
6441
- const config$q = {
6517
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$p, NPM: NPM$7 } = constants
6518
+ const config$r = {
6442
6519
  commandName: 'npm',
6443
6520
  description: `${NPM$7} wrapper functionality`,
6444
6521
  hidden: false,
@@ -6451,20 +6528,20 @@ const config$q = {
6451
6528
  `
6452
6529
  }
6453
6530
  const cmdNpm = {
6454
- description: config$q.description,
6455
- hidden: config$q.hidden,
6456
- run: run$q
6531
+ description: config$r.description,
6532
+ hidden: config$r.hidden,
6533
+ run: run$r
6457
6534
  }
6458
- async function run$q(argv, importMeta, { parentName }) {
6535
+ async function run$r(argv, importMeta, { parentName }) {
6459
6536
  const cli = meowOrExit({
6460
6537
  allowUnknownFlags: true,
6461
6538
  argv,
6462
- config: config$q,
6539
+ config: config$r,
6463
6540
  importMeta,
6464
6541
  parentName
6465
6542
  })
6466
6543
  if (cli.flags['dryRun']) {
6467
- logger.logger.log(DRY_RUN_BAIL_TEXT$o)
6544
+ logger.logger.log(DRY_RUN_BAIL_TEXT$p)
6468
6545
  return
6469
6546
  }
6470
6547
  await wrapNpm(argv)
@@ -6477,8 +6554,8 @@ async function wrapNpx(argv) {
6477
6554
  await shadowBin(NPX$2, argv)
6478
6555
  }
6479
6556
 
6480
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$n, NPX: NPX$1 } = constants
6481
- const config$p = {
6557
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$o, NPX: NPX$1 } = constants
6558
+ const config$q = {
6482
6559
  commandName: 'npx',
6483
6560
  description: `${NPX$1} wrapper functionality`,
6484
6561
  hidden: false,
@@ -6491,27 +6568,27 @@ const config$p = {
6491
6568
  `
6492
6569
  }
6493
6570
  const cmdNpx = {
6494
- description: config$p.description,
6495
- hidden: config$p.hidden,
6496
- run: run$p
6571
+ description: config$q.description,
6572
+ hidden: config$q.hidden,
6573
+ run: run$q
6497
6574
  }
6498
- async function run$p(argv, importMeta, { parentName }) {
6575
+ async function run$q(argv, importMeta, { parentName }) {
6499
6576
  const cli = meowOrExit({
6500
6577
  allowUnknownFlags: true,
6501
6578
  argv,
6502
- config: config$p,
6579
+ config: config$q,
6503
6580
  importMeta,
6504
6581
  parentName
6505
6582
  })
6506
6583
  if (cli.flags['dryRun']) {
6507
- logger.logger.log(DRY_RUN_BAIL_TEXT$n)
6584
+ logger.logger.log(DRY_RUN_BAIL_TEXT$o)
6508
6585
  return
6509
6586
  }
6510
6587
  await wrapNpx(argv)
6511
6588
  }
6512
6589
 
6513
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$m } = constants
6514
- const config$o = {
6590
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$n } = constants
6591
+ const config$p = {
6515
6592
  commandName: 'oops',
6516
6593
  description: 'Trigger an intentional error (for development)',
6517
6594
  hidden: true,
@@ -6526,19 +6603,19 @@ const config$o = {
6526
6603
  `
6527
6604
  }
6528
6605
  const cmdOops = {
6529
- description: config$o.description,
6530
- hidden: config$o.hidden,
6531
- run: run$o
6606
+ description: config$p.description,
6607
+ hidden: config$p.hidden,
6608
+ run: run$p
6532
6609
  }
6533
- async function run$o(argv, importMeta, { parentName }) {
6610
+ async function run$p(argv, importMeta, { parentName }) {
6534
6611
  const cli = meowOrExit({
6535
6612
  argv,
6536
- config: config$o,
6613
+ config: config$p,
6537
6614
  importMeta,
6538
6615
  parentName
6539
6616
  })
6540
6617
  if (cli.flags['dryRun']) {
6541
- logger.logger.log(DRY_RUN_BAIL_TEXT$m)
6618
+ logger.logger.log(DRY_RUN_BAIL_TEXT$n)
6542
6619
  return
6543
6620
  }
6544
6621
  throw new Error('This error was intentionally left blank')
@@ -6547,7 +6624,7 @@ async function run$o(argv, importMeta, { parentName }) {
6547
6624
  const {
6548
6625
  BUN: BUN$4,
6549
6626
  NPM: NPM$6,
6550
- PNPM: PNPM$6,
6627
+ PNPM: PNPM$5,
6551
6628
  VLT: VLT$4,
6552
6629
  YARN_BERRY: YARN_BERRY$4,
6553
6630
  YARN_CLASSIC: YARN_CLASSIC$5
@@ -6561,19 +6638,19 @@ function matchQueryCmdStdout(stdout, name) {
6561
6638
  const depsIncludesByAgent = new Map([
6562
6639
  [BUN$4, matchLsCmdViewHumanStdout],
6563
6640
  [NPM$6, matchQueryCmdStdout],
6564
- [PNPM$6, matchQueryCmdStdout],
6641
+ [PNPM$5, matchQueryCmdStdout],
6565
6642
  [VLT$4, matchQueryCmdStdout],
6566
6643
  [YARN_BERRY$4, matchLsCmdViewHumanStdout],
6567
6644
  [YARN_CLASSIC$5, matchLsCmdViewHumanStdout]
6568
6645
  ])
6569
6646
 
6570
- function getDependencyEntries(editablePkgJson) {
6647
+ function getDependencyEntries(pkgEnvDetails) {
6571
6648
  const {
6572
6649
  dependencies,
6573
6650
  devDependencies,
6574
6651
  optionalDependencies,
6575
6652
  peerDependencies
6576
- } = editablePkgJson.content
6653
+ } = pkgEnvDetails.editablePkgJson.content
6577
6654
  return [
6578
6655
  [
6579
6656
  'dependencies',
@@ -6618,14 +6695,14 @@ const {
6618
6695
  BUN: BUN$3,
6619
6696
  NPM: NPM$5,
6620
6697
  OVERRIDES: OVERRIDES$1,
6621
- PNPM: PNPM$5,
6698
+ PNPM: PNPM$4,
6622
6699
  RESOLUTIONS: RESOLUTIONS$1,
6623
6700
  VLT: VLT$3,
6624
6701
  YARN_BERRY: YARN_BERRY$3,
6625
6702
  YARN_CLASSIC: YARN_CLASSIC$4
6626
6703
  } = constants
6627
- function getOverridesDataBun(editablePkgJson) {
6628
- const overrides = editablePkgJson.content?.[RESOLUTIONS$1] ?? {}
6704
+ function getOverridesDataBun(pkgEnvDetails) {
6705
+ const overrides = pkgEnvDetails.editablePkgJson.content?.[RESOLUTIONS$1] ?? {}
6629
6706
  return {
6630
6707
  type: YARN_BERRY$3,
6631
6708
  overrides
@@ -6634,8 +6711,8 @@ function getOverridesDataBun(editablePkgJson) {
6634
6711
 
6635
6712
  // npm overrides documentation:
6636
6713
  // https://docs.npmjs.com/cli/v10/configuring-npm/package-json#overrides
6637
- function getOverridesDataNpm(editablePkgJson) {
6638
- const overrides = editablePkgJson.content?.[OVERRIDES$1] ?? {}
6714
+ function getOverridesDataNpm(pkgEnvDetails) {
6715
+ const overrides = pkgEnvDetails.editablePkgJson.content?.[OVERRIDES$1] ?? {}
6639
6716
  return {
6640
6717
  type: NPM$5,
6641
6718
  overrides
@@ -6644,15 +6721,16 @@ function getOverridesDataNpm(editablePkgJson) {
6644
6721
 
6645
6722
  // pnpm overrides documentation:
6646
6723
  // https://pnpm.io/package_json#pnpmoverrides
6647
- function getOverridesDataPnpm(editablePkgJson) {
6648
- const overrides = editablePkgJson.content?.[PNPM$5]?.[OVERRIDES$1] ?? {}
6724
+ function getOverridesDataPnpm(pkgEnvDetails) {
6725
+ const overrides =
6726
+ pkgEnvDetails.editablePkgJson.content?.[PNPM$4]?.[OVERRIDES$1] ?? {}
6649
6727
  return {
6650
- type: PNPM$5,
6728
+ type: PNPM$4,
6651
6729
  overrides
6652
6730
  }
6653
6731
  }
6654
- function getOverridesDataVlt(editablePkgJson) {
6655
- const overrides = editablePkgJson.content?.[OVERRIDES$1] ?? {}
6732
+ function getOverridesDataVlt(pkgEnvDetails) {
6733
+ const overrides = pkgEnvDetails.editablePkgJson.content?.[OVERRIDES$1] ?? {}
6656
6734
  return {
6657
6735
  type: VLT$3,
6658
6736
  overrides
@@ -6661,8 +6739,8 @@ function getOverridesDataVlt(editablePkgJson) {
6661
6739
 
6662
6740
  // Yarn resolutions documentation:
6663
6741
  // https://yarnpkg.com/configuration/manifest#resolutions
6664
- function getOverridesDataYarn(editablePkgJson) {
6665
- const overrides = editablePkgJson.content?.[RESOLUTIONS$1] ?? {}
6742
+ function getOverridesDataYarn(pkgEnvDetails) {
6743
+ const overrides = pkgEnvDetails.editablePkgJson.content?.[RESOLUTIONS$1] ?? {}
6666
6744
  return {
6667
6745
  type: YARN_BERRY$3,
6668
6746
  overrides
@@ -6671,8 +6749,8 @@ function getOverridesDataYarn(editablePkgJson) {
6671
6749
 
6672
6750
  // Yarn resolutions documentation:
6673
6751
  // https://classic.yarnpkg.com/en/docs/selective-version-resolutions
6674
- function getOverridesDataYarnClassic(editablePkgJson) {
6675
- const overrides = editablePkgJson.content?.[RESOLUTIONS$1] ?? {}
6752
+ function getOverridesDataYarnClassic(pkgEnvDetails) {
6753
+ const overrides = pkgEnvDetails.editablePkgJson.content?.[RESOLUTIONS$1] ?? {}
6676
6754
  return {
6677
6755
  type: YARN_CLASSIC$4,
6678
6756
  overrides
@@ -6681,62 +6759,12 @@ function getOverridesDataYarnClassic(editablePkgJson) {
6681
6759
  const overridesDataByAgent = new Map([
6682
6760
  [BUN$3, getOverridesDataBun],
6683
6761
  [NPM$5, getOverridesDataNpm],
6684
- [PNPM$5, getOverridesDataPnpm],
6762
+ [PNPM$4, getOverridesDataPnpm],
6685
6763
  [VLT$3, getOverridesDataVlt],
6686
6764
  [YARN_BERRY$3, getOverridesDataYarn],
6687
6765
  [YARN_CLASSIC$4, getOverridesDataYarnClassic]
6688
6766
  ])
6689
6767
 
6690
- const { PNPM: PNPM$4 } = constants
6691
- const PNPM_WORKSPACE = `${PNPM$4}-workspace`
6692
- async function getWorkspaceGlobs(agent, pkgPath, editablePkgJson) {
6693
- let workspacePatterns
6694
- if (agent === PNPM$4) {
6695
- for (const workspacePath of [
6696
- path$1.join(pkgPath, `${PNPM_WORKSPACE}.yaml`),
6697
- path$1.join(pkgPath, `${PNPM_WORKSPACE}.yml`)
6698
- ]) {
6699
- // eslint-disable-next-line no-await-in-loop
6700
- const yml = await shadowNpmInject.safeReadFile(workspacePath)
6701
- if (yml) {
6702
- try {
6703
- workspacePatterns = vendor.distExports$1.parse(yml)?.packages
6704
- } catch {}
6705
- if (workspacePatterns) {
6706
- break
6707
- }
6708
- }
6709
- }
6710
- } else {
6711
- workspacePatterns = editablePkgJson.content['workspaces']
6712
- }
6713
- return Array.isArray(workspacePatterns)
6714
- ? workspacePatterns
6715
- .filter(strings.isNonEmptyString)
6716
- .map(workspacePatternToGlobPattern)
6717
- : undefined
6718
- }
6719
- function workspacePatternToGlobPattern(workspace) {
6720
- const { length } = workspace
6721
- if (!length) {
6722
- return ''
6723
- }
6724
- // If the workspace ends with "/"
6725
- if (workspace.charCodeAt(length - 1) === 47 /*'/'*/) {
6726
- return `${workspace}/*/package.json`
6727
- }
6728
- // If the workspace ends with "/**"
6729
- if (
6730
- workspace.charCodeAt(length - 1) === 42 /*'*'*/ &&
6731
- workspace.charCodeAt(length - 2) === 42 /*'*'*/ &&
6732
- workspace.charCodeAt(length - 3) === 47 /*'/'*/
6733
- ) {
6734
- return `${workspace}/*/**/package.json`
6735
- }
6736
- // Things like "packages/a" or "packages/*"
6737
- return `${workspace}/package.json`
6738
- }
6739
-
6740
6768
  const {
6741
6769
  BUN: BUN$2,
6742
6770
  LOCK_EXT,
@@ -6854,22 +6882,22 @@ async function npmQuery(npmExecPath, cwd) {
6854
6882
  } catch {}
6855
6883
  return cleanupQueryStdout(stdout)
6856
6884
  }
6857
- async function lsBun(agentExecPath, cwd) {
6885
+ async function lsBun(pkgEnvDetails, cwd) {
6858
6886
  try {
6859
6887
  // Bun does not support filtering by production packages yet.
6860
6888
  // https://github.com/oven-sh/bun/issues/8283
6861
6889
  return (
6862
- await spawn.spawn(agentExecPath, ['pm', 'ls', '--all'], {
6890
+ await spawn.spawn(pkgEnvDetails.agentExecPath, ['pm', 'ls', '--all'], {
6863
6891
  cwd
6864
6892
  })
6865
6893
  ).stdout
6866
6894
  } catch {}
6867
6895
  return ''
6868
6896
  }
6869
- async function lsNpm(agentExecPath, cwd) {
6870
- return await npmQuery(agentExecPath, cwd)
6897
+ async function lsNpm(pkgEnvDetails, cwd) {
6898
+ return await npmQuery(pkgEnvDetails.agentExecPath, cwd)
6871
6899
  }
6872
- async function lsPnpm(agentExecPath, cwd, options) {
6900
+ async function lsPnpm(pkgEnvDetails, cwd, options) {
6873
6901
  const npmExecPath = options?.npmExecPath
6874
6902
  if (npmExecPath && npmExecPath !== NPM$3) {
6875
6903
  const result = await npmQuery(npmExecPath, cwd)
@@ -6881,7 +6909,7 @@ async function lsPnpm(agentExecPath, cwd, options) {
6881
6909
  try {
6882
6910
  stdout = (
6883
6911
  await spawn.spawn(
6884
- agentExecPath,
6912
+ pkgEnvDetails.agentExecPath,
6885
6913
  // Pnpm uses the alternative spelling of parsable.
6886
6914
  // https://en.wiktionary.org/wiki/parsable
6887
6915
  ['ls', '--parseable', '--prod', '--depth', 'Infinity'],
@@ -6893,13 +6921,13 @@ async function lsPnpm(agentExecPath, cwd, options) {
6893
6921
  } catch {}
6894
6922
  return parsableToQueryStdout(stdout)
6895
6923
  }
6896
- async function lsVlt(agentExecPath, cwd) {
6924
+ async function lsVlt(pkgEnvDetails, cwd) {
6897
6925
  let stdout = ''
6898
6926
  try {
6899
6927
  // See https://docs.vlt.sh/cli/commands/list#options.
6900
6928
  stdout = (
6901
6929
  await spawn.spawn(
6902
- agentExecPath,
6930
+ pkgEnvDetails.agentExecPath,
6903
6931
  ['ls', '--view', 'human', ':not(.dev)'],
6904
6932
  {
6905
6933
  cwd
@@ -6909,14 +6937,14 @@ async function lsVlt(agentExecPath, cwd) {
6909
6937
  } catch {}
6910
6938
  return cleanupQueryStdout(stdout)
6911
6939
  }
6912
- async function lsYarnBerry(agentExecPath, cwd) {
6940
+ async function lsYarnBerry(pkgEnvDetails, cwd) {
6913
6941
  try {
6914
6942
  return (
6915
6943
  // Yarn Berry does not support filtering by production packages yet.
6916
6944
  // https://github.com/yarnpkg/berry/issues/5117
6917
6945
  (
6918
6946
  await spawn.spawn(
6919
- agentExecPath,
6947
+ pkgEnvDetails.agentExecPath,
6920
6948
  ['info', '--recursive', '--name-only'],
6921
6949
  {
6922
6950
  cwd
@@ -6927,14 +6955,14 @@ async function lsYarnBerry(agentExecPath, cwd) {
6927
6955
  } catch {}
6928
6956
  return ''
6929
6957
  }
6930
- async function lsYarnClassic(agentExecPath, cwd) {
6958
+ async function lsYarnClassic(pkgEnvDetails, cwd) {
6931
6959
  try {
6932
6960
  // However, Yarn Classic does support it.
6933
6961
  // https://github.com/yarnpkg/yarn/releases/tag/v1.0.0
6934
6962
  // > Fix: Excludes dev dependencies from the yarn list output when the
6935
6963
  // environment is production
6936
6964
  return (
6937
- await spawn.spawn(agentExecPath, ['list', '--prod'], {
6965
+ await spawn.spawn(pkgEnvDetails.agentExecPath, ['list', '--prod'], {
6938
6966
  cwd
6939
6967
  })
6940
6968
  ).stdout.trim()
@@ -6950,6 +6978,8 @@ const lsByAgent = new Map([
6950
6978
  [YARN_CLASSIC$2, lsYarnClassic]
6951
6979
  ])
6952
6980
 
6981
+ const CMD_NAME = 'socket optimize'
6982
+
6953
6983
  const {
6954
6984
  BUN,
6955
6985
  NPM: NPM$2,
@@ -7079,14 +7109,14 @@ function updatePkgJsonField(editablePkgJson, field, value) {
7079
7109
  `${JSON.stringify(Object.fromEntries(entries), null, 2)}\n`
7080
7110
  )
7081
7111
  }
7082
- function updateOverridesField(editablePkgJson, overrides) {
7083
- updatePkgJsonField(editablePkgJson, OVERRIDES, overrides)
7112
+ function updateOverridesField(pkgEnvDetails, overrides) {
7113
+ updatePkgJsonField(pkgEnvDetails.editablePkgJson, OVERRIDES, overrides)
7084
7114
  }
7085
- function updateResolutionsField(editablePkgJson, overrides) {
7086
- updatePkgJsonField(editablePkgJson, RESOLUTIONS, overrides)
7115
+ function updateResolutionsField(pkgEnvDetails, overrides) {
7116
+ updatePkgJsonField(pkgEnvDetails.editablePkgJson, RESOLUTIONS, overrides)
7087
7117
  }
7088
- function updatePnpmField(editablePkgJson, overrides) {
7089
- updatePkgJsonField(editablePkgJson, PNPM$1, overrides)
7118
+ function updatePnpmField(pkgEnvDetails, overrides) {
7119
+ updatePkgJsonField(pkgEnvDetails.editablePkgJson, PNPM$1, overrides)
7090
7120
  }
7091
7121
  const updateManifestByAgent = new Map([
7092
7122
  [BUN, updateResolutionsField],
@@ -7098,12 +7128,10 @@ const updateManifestByAgent = new Map([
7098
7128
  ])
7099
7129
 
7100
7130
  const { NPM: NPM$1, PNPM, YARN_CLASSIC } = constants
7101
- const CMD_NAME$1 = 'socket optimize'
7102
7131
  const manifestNpmOverrides = registry.getManifestData(NPM$1)
7103
- async function addOverrides(pkgPath, pkgEnvDetails, options) {
7132
+ async function addOverrides(pkgEnvDetails, pkgPath, options) {
7104
7133
  const {
7105
7134
  agent,
7106
- agentExecPath,
7107
7135
  lockName,
7108
7136
  lockSrc,
7109
7137
  npmExecPath,
@@ -7119,27 +7147,19 @@ async function addOverrides(pkgPath, pkgEnvDetails, options) {
7119
7147
  addedInWorkspaces: new Set(),
7120
7148
  updated: new Set(),
7121
7149
  updatedInWorkspaces: new Set(),
7122
- warnedPnpmWorkspaceRequiresNpm: false
7150
+ warnedPnpmWorkspaceRequiresNpm: false,
7151
+ workspacePkgJsonPaths: await shadowNpmPaths.globWorkspace(pkgEnvDetails)
7123
7152
  }
7124
7153
  } = {
7125
7154
  __proto__: null,
7126
7155
  ...options
7127
7156
  }
7128
- let { pkgJson: editablePkgJson } = pkgEnvDetails
7129
- if (editablePkgJson === undefined) {
7130
- editablePkgJson = await packages.readPackageJson(pkgPath, {
7131
- editable: true
7132
- })
7133
- }
7134
- const workspaceName = path$1.relative(rootPath, pkgPath)
7135
- const workspaceGlobs = await getWorkspaceGlobs(
7136
- agent,
7137
- pkgPath,
7138
- editablePkgJson
7139
- )
7140
- const isRoot = pkgPath === rootPath
7141
- const isLockScanned = isRoot && !prod
7142
- const isWorkspace = !!workspaceGlobs
7157
+ const isWorkspace = state.workspacePkgJsonPaths.length > 0
7158
+ const isWorkspaceRoot = pkgPath === rootPath
7159
+ const isLockScanned = isWorkspaceRoot && !prod
7160
+ const workspaceName = isWorkspaceRoot
7161
+ ? ''
7162
+ : path$1.relative(rootPath, pkgPath)
7143
7163
  if (
7144
7164
  isWorkspace &&
7145
7165
  agent === PNPM &&
@@ -7150,25 +7170,25 @@ async function addOverrides(pkgPath, pkgEnvDetails, options) {
7150
7170
  state.warnedPnpmWorkspaceRequiresNpm = true
7151
7171
  logger?.warn(
7152
7172
  cmdPrefixMessage(
7153
- CMD_NAME$1,
7173
+ CMD_NAME,
7154
7174
  `${agent} workspace support requires \`npm ls\`, falling back to \`${agent} list\``
7155
7175
  )
7156
7176
  )
7157
7177
  }
7158
7178
  const overridesDataObjects = []
7159
- if (editablePkgJson.content['private'] || isWorkspace) {
7160
- overridesDataObjects.push(overridesDataByAgent.get(agent)(editablePkgJson))
7179
+ if (isWorkspace || pkgEnvDetails.editablePkgJson.content['private']) {
7180
+ overridesDataObjects.push(overridesDataByAgent.get(agent)(pkgEnvDetails))
7161
7181
  } else {
7162
7182
  overridesDataObjects.push(
7163
- overridesDataByAgent.get(NPM$1)(editablePkgJson),
7164
- overridesDataByAgent.get(YARN_CLASSIC)(editablePkgJson)
7183
+ overridesDataByAgent.get(NPM$1)(pkgEnvDetails),
7184
+ overridesDataByAgent.get(YARN_CLASSIC)(pkgEnvDetails)
7165
7185
  )
7166
7186
  }
7167
7187
  spinner?.setText(
7168
7188
  `Adding overrides${workspaceName ? ` to ${workspaceName}` : ''}...`
7169
7189
  )
7170
7190
  const depAliasMap = new Map()
7171
- const depEntries = getDependencyEntries(editablePkgJson)
7191
+ const depEntries = getDependencyEntries(pkgEnvDetails)
7172
7192
  const manifestEntries = manifestNpmOverrides.filter(({ 1: data }) =>
7173
7193
  vendor.semverExports.satisfies(
7174
7194
  // Roughly check Node range as semver.coerce will strip leading
@@ -7219,7 +7239,7 @@ async function addOverrides(pkgPath, pkgEnvDetails, options) {
7219
7239
  depAliasMap.set(origPkgName, thisSpec)
7220
7240
  }
7221
7241
  }
7222
- if (isRoot) {
7242
+ if (isWorkspaceRoot) {
7223
7243
  // The AgentDepsIncludesFn and AgentLockIncludesFn types overlap in their
7224
7244
  // first two parameters. AgentLockIncludesFn accepts an optional third
7225
7245
  // parameter which AgentDepsIncludesFn will ignore so we cast thingScanner
@@ -7229,7 +7249,7 @@ async function addOverrides(pkgPath, pkgEnvDetails, options) {
7229
7249
  : depsIncludesByAgent.get(agent)
7230
7250
  const thingToScan = isLockScanned
7231
7251
  ? lockSrc
7232
- : await lsByAgent.get(agent)(agentExecPath, pkgPath, {
7252
+ : await lsByAgent.get(agent)(pkgEnvDetails, pkgPath, {
7233
7253
  npmExecPath
7234
7254
  })
7235
7255
  // Chunk package names to process them in parallel 3 at a time.
@@ -7295,28 +7315,21 @@ async function addOverrides(pkgPath, pkgEnvDetails, options) {
7295
7315
  )
7296
7316
  }
7297
7317
  })
7298
- if (workspaceGlobs) {
7299
- const workspacePkgJsonPaths = await vendor.distExports.glob(
7300
- workspaceGlobs,
7301
- {
7302
- absolute: true,
7303
- cwd: pkgPath,
7304
- ignore: ['**/node_modules/**', '**/bower_components/**']
7305
- }
7306
- )
7318
+ if (isWorkspace) {
7307
7319
  // Chunk package names to process them in parallel 3 at a time.
7308
7320
  await promises.pEach(
7309
- workspacePkgJsonPaths,
7321
+ state.workspacePkgJsonPaths,
7310
7322
  3,
7311
7323
  async workspacePkgJsonPath => {
7312
7324
  const otherState = await addOverrides(
7313
- path$1.dirname(workspacePkgJsonPath),
7314
7325
  pkgEnvDetails,
7326
+ path$1.dirname(workspacePkgJsonPath),
7315
7327
  {
7316
7328
  logger,
7317
7329
  pin,
7318
7330
  prod,
7319
- spinner
7331
+ spinner,
7332
+ state
7320
7333
  }
7321
7334
  )
7322
7335
  for (const key of [
@@ -7333,14 +7346,14 @@ async function addOverrides(pkgPath, pkgEnvDetails, options) {
7333
7346
  )
7334
7347
  }
7335
7348
  if (state.added.size > 0 || state.updated.size > 0) {
7336
- editablePkgJson.update(Object.fromEntries(depEntries))
7349
+ pkgEnvDetails.editablePkgJson.update(Object.fromEntries(depEntries))
7337
7350
  for (const { overrides, type } of overridesDataObjects) {
7338
7351
  updateManifestByAgent.get(type)(
7339
- editablePkgJson,
7352
+ pkgEnvDetails,
7340
7353
  objects.toSortedObject(overrides)
7341
7354
  )
7342
7355
  }
7343
- await editablePkgJson.save()
7356
+ await pkgEnvDetails.editablePkgJson.save()
7344
7357
  }
7345
7358
  return state
7346
7359
  }
@@ -7386,7 +7399,6 @@ async function updateLockfile(pkgEnvDetails, options) {
7386
7399
  }
7387
7400
  }
7388
7401
 
7389
- const CMD_NAME = 'socket optimize'
7390
7402
  function createActionMessage(verb, overrideCount, workspaceCount) {
7391
7403
  return `${verb} ${overrideCount} Socket.dev optimized ${words.pluralize('override', overrideCount)}${workspaceCount ? ` in ${workspaceCount} ${words.pluralize('workspace', workspaceCount)}` : ''}`
7392
7404
  }
@@ -7402,7 +7414,7 @@ async function applyOptimization(cwd, pin, prod) {
7402
7414
  // Lazily access constants.spinner.
7403
7415
  const { spinner } = constants
7404
7416
  spinner.start('Socket optimizing...')
7405
- const state = await addOverrides(pkgEnvDetails.pkgPath, pkgEnvDetails, {
7417
+ const state = await addOverrides(pkgEnvDetails, pkgEnvDetails.pkgPath, {
7406
7418
  logger: logger.logger,
7407
7419
  pin,
7408
7420
  prod,
@@ -7435,8 +7447,8 @@ async function applyOptimization(cwd, pin, prod) {
7435
7447
  }
7436
7448
  }
7437
7449
 
7438
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$l } = constants
7439
- const config$n = {
7450
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$m } = constants
7451
+ const config$o = {
7440
7452
  commandName: 'optimize',
7441
7453
  description: 'Optimize dependencies with @socketregistry overrides',
7442
7454
  hidden: false,
@@ -7466,20 +7478,20 @@ const config$n = {
7466
7478
  `
7467
7479
  }
7468
7480
  const cmdOptimize = {
7469
- description: config$n.description,
7470
- hidden: config$n.hidden,
7471
- run: run$n
7481
+ description: config$o.description,
7482
+ hidden: config$o.hidden,
7483
+ run: run$o
7472
7484
  }
7473
- async function run$n(argv, importMeta, { parentName }) {
7485
+ async function run$o(argv, importMeta, { parentName }) {
7474
7486
  const cli = meowOrExit({
7475
7487
  argv,
7476
- config: config$n,
7488
+ config: config$o,
7477
7489
  importMeta,
7478
7490
  parentName
7479
7491
  })
7480
7492
  const cwd = process.cwd()
7481
7493
  if (cli.flags['dryRun']) {
7482
- logger.logger.log(DRY_RUN_BAIL_TEXT$l)
7494
+ logger.logger.log(DRY_RUN_BAIL_TEXT$m)
7483
7495
  return
7484
7496
  }
7485
7497
  await applyOptimization(
@@ -7580,8 +7592,8 @@ async function handleOrganizationList(outputKind = 'text') {
7580
7592
  await outputOrganizationList(data, outputKind)
7581
7593
  }
7582
7594
 
7583
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$k } = constants
7584
- const config$m = {
7595
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$l } = constants
7596
+ const config$n = {
7585
7597
  commandName: 'list',
7586
7598
  description: 'List organizations associated with the API key used',
7587
7599
  hidden: false,
@@ -7598,18 +7610,18 @@ const config$m = {
7598
7610
  - Permissions: none (does need a token)
7599
7611
 
7600
7612
  Options
7601
- ${getFlagListOutput(config$m.flags, 6)}
7613
+ ${getFlagListOutput(config$n.flags, 6)}
7602
7614
  `
7603
7615
  }
7604
7616
  const cmdOrganizationList = {
7605
- description: config$m.description,
7606
- hidden: config$m.hidden,
7607
- run: run$m
7617
+ description: config$n.description,
7618
+ hidden: config$n.hidden,
7619
+ run: run$n
7608
7620
  }
7609
- async function run$m(argv, importMeta, { parentName }) {
7621
+ async function run$n(argv, importMeta, { parentName }) {
7610
7622
  const cli = meowOrExit({
7611
7623
  argv,
7612
- config: config$m,
7624
+ config: config$n,
7613
7625
  importMeta,
7614
7626
  parentName
7615
7627
  })
@@ -7637,7 +7649,7 @@ async function run$m(argv, importMeta, { parentName }) {
7637
7649
  return
7638
7650
  }
7639
7651
  if (cli.flags['dryRun']) {
7640
- logger.logger.log(DRY_RUN_BAIL_TEXT$k)
7652
+ logger.logger.log(DRY_RUN_BAIL_TEXT$l)
7641
7653
  return
7642
7654
  }
7643
7655
  await handleOrganizationList(json ? 'json' : markdown ? 'markdown' : 'text')
@@ -7681,8 +7693,7 @@ async function outputLicensePolicy(data, outputKind) {
7681
7693
  logger.logger.log('This is the license policy for your organization:')
7682
7694
  logger.logger.log('')
7683
7695
  const rules = data.license_policy
7684
- // @ts-ignore -- not sure what it's complaining about
7685
- const entries = Object.entries(rules)
7696
+ const entries = rules ? Object.entries(rules) : []
7686
7697
  const mapped = entries.map(([key, value]) => [
7687
7698
  key,
7688
7699
  value.allowed ? ' yes' : ' no'
@@ -7700,10 +7711,10 @@ async function handleLicensePolicy(orgSlug, outputKind) {
7700
7711
  await outputLicensePolicy(data, outputKind)
7701
7712
  }
7702
7713
 
7703
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$j } = constants
7714
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$k } = constants
7704
7715
 
7705
7716
  // TODO: secret toplevel alias `socket license policy`?
7706
- const config$l = {
7717
+ const config$m = {
7707
7718
  commandName: 'license',
7708
7719
  description: 'Retrieve the license policy of an organization',
7709
7720
  hidden: true,
@@ -7720,7 +7731,7 @@ const config$l = {
7720
7731
  - Permissions: license-policy:read
7721
7732
 
7722
7733
  Options
7723
- ${getFlagListOutput(config$l.flags, 6)}
7734
+ ${getFlagListOutput(config$m.flags, 6)}
7724
7735
 
7725
7736
  Your API token will need the \`license-policy:read\` permission otherwise
7726
7737
  the request will fail with an authentication error.
@@ -7731,14 +7742,14 @@ const config$l = {
7731
7742
  `
7732
7743
  }
7733
7744
  const cmdOrganizationPolicyLicense = {
7734
- description: config$l.description,
7735
- hidden: config$l.hidden,
7736
- run: run$l
7745
+ description: config$m.description,
7746
+ hidden: config$m.hidden,
7747
+ run: run$m
7737
7748
  }
7738
- async function run$l(argv, importMeta, { parentName }) {
7749
+ async function run$m(argv, importMeta, { parentName }) {
7739
7750
  const cli = meowOrExit({
7740
7751
  argv,
7741
- config: config$l,
7752
+ config: config$m,
7742
7753
  importMeta,
7743
7754
  parentName
7744
7755
  })
@@ -7775,7 +7786,7 @@ async function run$l(argv, importMeta, { parentName }) {
7775
7786
  return
7776
7787
  }
7777
7788
  if (cli.flags['dryRun']) {
7778
- logger.logger.log(DRY_RUN_BAIL_TEXT$j)
7789
+ logger.logger.log(DRY_RUN_BAIL_TEXT$k)
7779
7790
  return
7780
7791
  }
7781
7792
  await handleLicensePolicy(
@@ -7827,7 +7838,7 @@ async function outputSecurityPolicy(data, outputKind) {
7827
7838
  )
7828
7839
  logger.logger.log('')
7829
7840
  const rules = data.securityPolicyRules
7830
- const entries = Object.entries(rules)
7841
+ const entries = rules ? Object.entries(rules) : []
7831
7842
  const mapped = entries.map(([key, value]) => [key, value.action])
7832
7843
  mapped.sort(([a], [b]) => (a < b ? -1 : a > b ? 1 : 0))
7833
7844
  logger.logger.log(mdTableOfPairs(mapped, ['name', 'action']))
@@ -7842,10 +7853,10 @@ async function handleSecurityPolicy(orgSlug, outputKind) {
7842
7853
  await outputSecurityPolicy(data, outputKind)
7843
7854
  }
7844
7855
 
7845
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$i } = constants
7856
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$j } = constants
7846
7857
 
7847
7858
  // TODO: secret toplevel alias `socket security policy`?
7848
- const config$k = {
7859
+ const config$l = {
7849
7860
  commandName: 'security',
7850
7861
  description: 'Retrieve the security policy of an organization',
7851
7862
  hidden: true,
@@ -7862,7 +7873,7 @@ const config$k = {
7862
7873
  - Permissions: security-policy:read
7863
7874
 
7864
7875
  Options
7865
- ${getFlagListOutput(config$k.flags, 6)}
7876
+ ${getFlagListOutput(config$l.flags, 6)}
7866
7877
 
7867
7878
  Your API token will need the \`security-policy:read\` permission otherwise
7868
7879
  the request will fail with an authentication error.
@@ -7873,14 +7884,14 @@ const config$k = {
7873
7884
  `
7874
7885
  }
7875
7886
  const cmdOrganizationPolicyPolicy = {
7876
- description: config$k.description,
7877
- hidden: config$k.hidden,
7878
- run: run$k
7887
+ description: config$l.description,
7888
+ hidden: config$l.hidden,
7889
+ run: run$l
7879
7890
  }
7880
- async function run$k(argv, importMeta, { parentName }) {
7891
+ async function run$l(argv, importMeta, { parentName }) {
7881
7892
  const cli = meowOrExit({
7882
7893
  argv,
7883
- config: config$k,
7894
+ config: config$l,
7884
7895
  importMeta,
7885
7896
  parentName
7886
7897
  })
@@ -7917,7 +7928,7 @@ async function run$k(argv, importMeta, { parentName }) {
7917
7928
  return
7918
7929
  }
7919
7930
  if (cli.flags['dryRun']) {
7920
- logger.logger.log(DRY_RUN_BAIL_TEXT$i)
7931
+ logger.logger.log(DRY_RUN_BAIL_TEXT$j)
7921
7932
  return
7922
7933
  }
7923
7934
  await handleSecurityPolicy(
@@ -8003,8 +8014,8 @@ async function handleQuota(outputKind = 'text') {
8003
8014
  await outputQuota(data, outputKind)
8004
8015
  }
8005
8016
 
8006
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$h } = constants
8007
- const config$j = {
8017
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$i } = constants
8018
+ const config$k = {
8008
8019
  commandName: 'quota',
8009
8020
  description: 'List organizations associated with the API key used',
8010
8021
  hidden: true,
@@ -8017,18 +8028,18 @@ const config$j = {
8017
8028
  $ ${command}
8018
8029
 
8019
8030
  Options
8020
- ${getFlagListOutput(config$j.flags, 6)}
8031
+ ${getFlagListOutput(config$k.flags, 6)}
8021
8032
  `
8022
8033
  }
8023
8034
  const cmdOrganizationQuota = {
8024
- description: config$j.description,
8025
- hidden: config$j.hidden,
8026
- run: run$j
8035
+ description: config$k.description,
8036
+ hidden: config$k.hidden,
8037
+ run: run$k
8027
8038
  }
8028
- async function run$j(argv, importMeta, { parentName }) {
8039
+ async function run$k(argv, importMeta, { parentName }) {
8029
8040
  const cli = meowOrExit({
8030
8041
  argv,
8031
- config: config$j,
8042
+ config: config$k,
8032
8043
  importMeta,
8033
8044
  parentName
8034
8045
  })
@@ -8056,7 +8067,7 @@ async function run$j(argv, importMeta, { parentName }) {
8056
8067
  return
8057
8068
  }
8058
8069
  if (cli.flags['dryRun']) {
8059
- logger.logger.log(DRY_RUN_BAIL_TEXT$h)
8070
+ logger.logger.log(DRY_RUN_BAIL_TEXT$i)
8060
8071
  return
8061
8072
  }
8062
8073
  await handleQuota(json ? 'json' : markdown ? 'markdown' : 'text')
@@ -8397,8 +8408,8 @@ function parsePackageSpecifiers(ecosystem, pkgs) {
8397
8408
  }
8398
8409
  }
8399
8410
 
8400
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$g } = constants
8401
- const config$i = {
8411
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$h } = constants
8412
+ const config$j = {
8402
8413
  commandName: 'score',
8403
8414
  description:
8404
8415
  '[beta] Look up score for one package which reflects all of its transitive dependencies as well',
@@ -8441,14 +8452,14 @@ const config$i = {
8441
8452
  `
8442
8453
  }
8443
8454
  const cmdPackageScore = {
8444
- description: config$i.description,
8445
- hidden: config$i.hidden,
8446
- run: run$i
8455
+ description: config$j.description,
8456
+ hidden: config$j.hidden,
8457
+ run: run$j
8447
8458
  }
8448
- async function run$i(argv, importMeta, { parentName }) {
8459
+ async function run$j(argv, importMeta, { parentName }) {
8449
8460
  const cli = meowOrExit({
8450
8461
  argv,
8451
- config: config$i,
8462
+ config: config$j,
8452
8463
  importMeta,
8453
8464
  parentName
8454
8465
  })
@@ -8489,7 +8500,7 @@ async function run$i(argv, importMeta, { parentName }) {
8489
8500
  return
8490
8501
  }
8491
8502
  if (cli.flags['dryRun']) {
8492
- logger.logger.log(DRY_RUN_BAIL_TEXT$g)
8503
+ logger.logger.log(DRY_RUN_BAIL_TEXT$h)
8493
8504
  return
8494
8505
  }
8495
8506
  await handlePurlDeepScore(
@@ -8554,7 +8565,7 @@ function outputPurlsShallowScore(purls, packageData, outputKind) {
8554
8565
  return true // not found
8555
8566
  })
8556
8567
  if (outputKind === 'markdown') {
8557
- logger.logger.log(vendor.stripIndents`
8568
+ logger.logger.log(vendor.html`
8558
8569
  # Shallow Package Report
8559
8570
 
8560
8571
  This report contains the response for requesting data on some package url(s).
@@ -8695,8 +8706,8 @@ async function handlePurlsShallowScore({ outputKind, purls }) {
8695
8706
  outputPurlsShallowScore(purls, packageData.data, outputKind)
8696
8707
  }
8697
8708
 
8698
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$f } = constants
8699
- const config$h = {
8709
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$g } = constants
8710
+ const config$i = {
8700
8711
  commandName: 'shallow',
8701
8712
  description:
8702
8713
  '[beta] Look up info regarding one or more packages but not their transitives',
@@ -8739,21 +8750,21 @@ const config$h = {
8739
8750
  `
8740
8751
  }
8741
8752
  const cmdPackageShallow = {
8742
- description: config$h.description,
8743
- hidden: config$h.hidden,
8753
+ description: config$i.description,
8754
+ hidden: config$i.hidden,
8744
8755
  alias: {
8745
8756
  shallowScore: {
8746
- description: config$h.description,
8757
+ description: config$i.description,
8747
8758
  hidden: true,
8748
8759
  argv: []
8749
8760
  }
8750
8761
  },
8751
- run: run$h
8762
+ run: run$i
8752
8763
  }
8753
- async function run$h(argv, importMeta, { parentName }) {
8764
+ async function run$i(argv, importMeta, { parentName }) {
8754
8765
  const cli = meowOrExit({
8755
8766
  argv,
8756
- config: config$h,
8767
+ config: config$i,
8757
8768
  importMeta,
8758
8769
  parentName
8759
8770
  })
@@ -8786,7 +8797,7 @@ async function run$h(argv, importMeta, { parentName }) {
8786
8797
  return
8787
8798
  }
8788
8799
  if (cli.flags['dryRun']) {
8789
- logger.logger.log(DRY_RUN_BAIL_TEXT$f)
8800
+ logger.logger.log(DRY_RUN_BAIL_TEXT$g)
8790
8801
  return
8791
8802
  }
8792
8803
  await handlePurlsShallowScore({
@@ -8838,8 +8849,8 @@ async function runRawNpm(argv) {
8838
8849
  await spawnPromise
8839
8850
  }
8840
8851
 
8841
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$e, NPM } = constants
8842
- const config$g = {
8852
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$f, NPM } = constants
8853
+ const config$h = {
8843
8854
  commandName: 'raw-npm',
8844
8855
  description: `Temporarily disable the Socket ${NPM} wrapper`,
8845
8856
  hidden: false,
@@ -8853,20 +8864,20 @@ const config$g = {
8853
8864
  `
8854
8865
  }
8855
8866
  const cmdRawNpm = {
8856
- description: config$g.description,
8857
- hidden: config$g.hidden,
8858
- run: run$g
8867
+ description: config$h.description,
8868
+ hidden: config$h.hidden,
8869
+ run: run$h
8859
8870
  }
8860
- async function run$g(argv, importMeta, { parentName }) {
8871
+ async function run$h(argv, importMeta, { parentName }) {
8861
8872
  const cli = meowOrExit({
8862
8873
  allowUnknownFlags: true,
8863
8874
  argv,
8864
- config: config$g,
8875
+ config: config$h,
8865
8876
  importMeta,
8866
8877
  parentName
8867
8878
  })
8868
8879
  if (cli.flags['dryRun']) {
8869
- logger.logger.log(DRY_RUN_BAIL_TEXT$e)
8880
+ logger.logger.log(DRY_RUN_BAIL_TEXT$f)
8870
8881
  return
8871
8882
  }
8872
8883
  await runRawNpm(argv)
@@ -8888,8 +8899,8 @@ async function runRawNpx(argv) {
8888
8899
  await spawnPromise
8889
8900
  }
8890
8901
 
8891
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$d, NPX } = constants
8892
- const config$f = {
8902
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$e, NPX } = constants
8903
+ const config$g = {
8893
8904
  commandName: 'raw-npx',
8894
8905
  description: `Temporarily disable the Socket ${NPX} wrapper`,
8895
8906
  hidden: false,
@@ -8903,26 +8914,26 @@ const config$f = {
8903
8914
  `
8904
8915
  }
8905
8916
  const cmdRawNpx = {
8906
- description: config$f.description,
8907
- hidden: config$f.hidden,
8908
- run: run$f
8917
+ description: config$g.description,
8918
+ hidden: config$g.hidden,
8919
+ run: run$g
8909
8920
  }
8910
- async function run$f(argv, importMeta, { parentName }) {
8921
+ async function run$g(argv, importMeta, { parentName }) {
8911
8922
  const cli = meowOrExit({
8912
8923
  allowUnknownFlags: true,
8913
8924
  argv,
8914
- config: config$f,
8925
+ config: config$g,
8915
8926
  importMeta,
8916
8927
  parentName
8917
8928
  })
8918
8929
  if (cli.flags['dryRun']) {
8919
- logger.logger.log(DRY_RUN_BAIL_TEXT$d)
8930
+ logger.logger.log(DRY_RUN_BAIL_TEXT$e)
8920
8931
  return
8921
8932
  }
8922
8933
  await runRawNpx(argv)
8923
8934
  }
8924
8935
 
8925
- const config$e = {
8936
+ const config$f = {
8926
8937
  commandName: 'create',
8927
8938
  description: '[Deprecated] Create a project report',
8928
8939
  hidden: false,
@@ -8936,14 +8947,14 @@ const config$e = {
8936
8947
  `
8937
8948
  }
8938
8949
  const cmdReportCreate = {
8939
- description: config$e.description,
8940
- hidden: config$e.hidden,
8941
- run: run$e
8950
+ description: config$f.description,
8951
+ hidden: config$f.hidden,
8952
+ run: run$f
8942
8953
  }
8943
- async function run$e(argv, importMeta, { parentName }) {
8954
+ async function run$f(argv, importMeta, { parentName }) {
8944
8955
  meowOrExit({
8945
8956
  argv,
8946
- config: config$e,
8957
+ config: config$f,
8947
8958
  importMeta,
8948
8959
  parentName
8949
8960
  })
@@ -8953,7 +8964,7 @@ async function run$e(argv, importMeta, { parentName }) {
8953
8964
  process.exitCode = 1
8954
8965
  }
8955
8966
 
8956
- const config$d = {
8967
+ const config$e = {
8957
8968
  commandName: 'view',
8958
8969
  description: '[Deprecated] View a project report',
8959
8970
  hidden: false,
@@ -8967,14 +8978,14 @@ const config$d = {
8967
8978
  `
8968
8979
  }
8969
8980
  const cmdReportView = {
8970
- description: config$d.description,
8971
- hidden: config$d.hidden,
8972
- run: run$d
8981
+ description: config$e.description,
8982
+ hidden: config$e.hidden,
8983
+ run: run$e
8973
8984
  }
8974
- async function run$d(argv, importMeta, { parentName }) {
8985
+ async function run$e(argv, importMeta, { parentName }) {
8975
8986
  meowOrExit({
8976
8987
  argv,
8977
- config: config$d,
8988
+ config: config$e,
8978
8989
  importMeta,
8979
8990
  parentName
8980
8991
  })
@@ -9061,8 +9072,8 @@ async function handleCreateRepo({
9061
9072
  await outputCreateRepo()
9062
9073
  }
9063
9074
 
9064
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$c } = constants
9065
- const config$c = {
9075
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$d } = constants
9076
+ const config$d = {
9066
9077
  commandName: 'create',
9067
9078
  description: 'Create a repository in an organization',
9068
9079
  hidden: false,
@@ -9115,14 +9126,14 @@ const config$c = {
9115
9126
  `
9116
9127
  }
9117
9128
  const cmdReposCreate = {
9118
- description: config$c.description,
9119
- hidden: config$c.hidden,
9120
- run: run$c
9129
+ description: config$d.description,
9130
+ hidden: config$d.hidden,
9131
+ run: run$d
9121
9132
  }
9122
- async function run$c(argv, importMeta, { parentName }) {
9133
+ async function run$d(argv, importMeta, { parentName }) {
9123
9134
  const cli = meowOrExit({
9124
9135
  argv,
9125
- config: config$c,
9136
+ config: config$d,
9126
9137
  importMeta,
9127
9138
  parentName
9128
9139
  })
@@ -9157,7 +9168,7 @@ async function run$c(argv, importMeta, { parentName }) {
9157
9168
  return
9158
9169
  }
9159
9170
  if (cli.flags['dryRun']) {
9160
- logger.logger.log(DRY_RUN_BAIL_TEXT$c)
9171
+ logger.logger.log(DRY_RUN_BAIL_TEXT$d)
9161
9172
  return
9162
9173
  }
9163
9174
  await handleCreateRepo({
@@ -9186,8 +9197,8 @@ async function handleDeleteRepo(orgSlug, repoName) {
9186
9197
  spinner.successAndStop('Repository deleted successfully')
9187
9198
  }
9188
9199
 
9189
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$b } = constants
9190
- const config$b = {
9200
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$c } = constants
9201
+ const config$c = {
9191
9202
  commandName: 'del',
9192
9203
  description: 'Delete a repository in an organization',
9193
9204
  hidden: false,
@@ -9210,14 +9221,14 @@ const config$b = {
9210
9221
  `
9211
9222
  }
9212
9223
  const cmdReposDel = {
9213
- description: config$b.description,
9214
- hidden: config$b.hidden,
9215
- run: run$b
9224
+ description: config$c.description,
9225
+ hidden: config$c.hidden,
9226
+ run: run$c
9216
9227
  }
9217
- async function run$b(argv, importMeta, { parentName }) {
9228
+ async function run$c(argv, importMeta, { parentName }) {
9218
9229
  const cli = meowOrExit({
9219
9230
  argv,
9220
- config: config$b,
9231
+ config: config$c,
9221
9232
  importMeta,
9222
9233
  parentName
9223
9234
  })
@@ -9252,7 +9263,7 @@ async function run$b(argv, importMeta, { parentName }) {
9252
9263
  return
9253
9264
  }
9254
9265
  if (cli.flags['dryRun']) {
9255
- logger.logger.log(DRY_RUN_BAIL_TEXT$b)
9266
+ logger.logger.log(DRY_RUN_BAIL_TEXT$c)
9256
9267
  return
9257
9268
  }
9258
9269
  await handleDeleteRepo(orgSlug, repoName)
@@ -9341,8 +9352,8 @@ async function handleListRepos({
9341
9352
  await outputListRepos(data, outputKind)
9342
9353
  }
9343
9354
 
9344
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$a } = constants
9345
- const config$a = {
9355
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$b } = constants
9356
+ const config$b = {
9346
9357
  commandName: 'list',
9347
9358
  description: 'List repositories in an organization',
9348
9359
  hidden: false,
@@ -9389,14 +9400,14 @@ const config$a = {
9389
9400
  `
9390
9401
  }
9391
9402
  const cmdReposList = {
9392
- description: config$a.description,
9393
- hidden: config$a.hidden,
9394
- run: run$a
9403
+ description: config$b.description,
9404
+ hidden: config$b.hidden,
9405
+ run: run$b
9395
9406
  }
9396
- async function run$a(argv, importMeta, { parentName }) {
9407
+ async function run$b(argv, importMeta, { parentName }) {
9397
9408
  const cli = meowOrExit({
9398
9409
  argv,
9399
- config: config$a,
9410
+ config: config$b,
9400
9411
  importMeta,
9401
9412
  parentName
9402
9413
  })
@@ -9433,7 +9444,7 @@ async function run$a(argv, importMeta, { parentName }) {
9433
9444
  return
9434
9445
  }
9435
9446
  if (cli.flags['dryRun']) {
9436
- logger.logger.log(DRY_RUN_BAIL_TEXT$a)
9447
+ logger.logger.log(DRY_RUN_BAIL_TEXT$b)
9437
9448
  return
9438
9449
  }
9439
9450
  await handleListRepos({
@@ -9503,8 +9514,8 @@ async function handleUpdateRepo({
9503
9514
  await outputUpdateRepo()
9504
9515
  }
9505
9516
 
9506
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$9 } = constants
9507
- const config$9 = {
9517
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$a } = constants
9518
+ const config$a = {
9508
9519
  commandName: 'update',
9509
9520
  description: 'Update a repository in an organization',
9510
9521
  hidden: false,
@@ -9557,14 +9568,14 @@ const config$9 = {
9557
9568
  `
9558
9569
  }
9559
9570
  const cmdReposUpdate = {
9560
- description: config$9.description,
9561
- hidden: config$9.hidden,
9562
- run: run$9
9571
+ description: config$a.description,
9572
+ hidden: config$a.hidden,
9573
+ run: run$a
9563
9574
  }
9564
- async function run$9(argv, importMeta, { parentName }) {
9575
+ async function run$a(argv, importMeta, { parentName }) {
9565
9576
  const cli = meowOrExit({
9566
9577
  argv,
9567
- config: config$9,
9578
+ config: config$a,
9568
9579
  importMeta,
9569
9580
  parentName
9570
9581
  })
@@ -9599,7 +9610,7 @@ async function run$9(argv, importMeta, { parentName }) {
9599
9610
  return
9600
9611
  }
9601
9612
  if (cli.flags['dryRun']) {
9602
- logger.logger.log(DRY_RUN_BAIL_TEXT$9)
9613
+ logger.logger.log(DRY_RUN_BAIL_TEXT$a)
9603
9614
  return
9604
9615
  }
9605
9616
  await handleUpdateRepo({
@@ -9701,8 +9712,8 @@ async function handleViewRepo(orgSlug, repoName, outputKind) {
9701
9712
  await outputViewRepo(data, outputKind)
9702
9713
  }
9703
9714
 
9704
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$8 } = constants
9705
- const config$8 = {
9715
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$9 } = constants
9716
+ const config$9 = {
9706
9717
  commandName: 'view',
9707
9718
  description: 'View repositories in an organization',
9708
9719
  hidden: false,
@@ -9731,14 +9742,14 @@ const config$8 = {
9731
9742
  `
9732
9743
  }
9733
9744
  const cmdReposView = {
9734
- description: config$8.description,
9735
- hidden: config$8.hidden,
9736
- run: run$8
9745
+ description: config$9.description,
9746
+ hidden: config$9.hidden,
9747
+ run: run$9
9737
9748
  }
9738
- async function run$8(argv, importMeta, { parentName }) {
9749
+ async function run$9(argv, importMeta, { parentName }) {
9739
9750
  const cli = meowOrExit({
9740
9751
  argv,
9741
- config: config$8,
9752
+ config: config$9,
9742
9753
  importMeta,
9743
9754
  parentName
9744
9755
  })
@@ -9781,7 +9792,7 @@ async function run$8(argv, importMeta, { parentName }) {
9781
9792
  return
9782
9793
  }
9783
9794
  if (cli.flags['dryRun']) {
9784
- logger.logger.log(DRY_RUN_BAIL_TEXT$8)
9795
+ logger.logger.log(DRY_RUN_BAIL_TEXT$9)
9785
9796
  return
9786
9797
  }
9787
9798
  await handleViewRepo(
@@ -9876,8 +9887,8 @@ async function suggestTarget() {
9876
9887
  }
9877
9888
  }
9878
9889
 
9879
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$7 } = constants
9880
- const config$7 = {
9890
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$8 } = constants
9891
+ const config$8 = {
9881
9892
  commandName: 'create',
9882
9893
  description: 'Create a scan',
9883
9894
  hidden: false,
@@ -9983,6 +9994,9 @@ const config$7 = {
9983
9994
  When a FILE is given only that FILE is targeted. Otherwise any eligible
9984
9995
  files in the given DIR will be considered.
9985
9996
 
9997
+ The --repo and --branch flags tell Socket to associate this Scan with that
9998
+ repo/branch. The names will show up on your dashboard on the Socket website.
9999
+
9986
10000
  Note: for a first run you probably want to set --defaultBranch to indicate
9987
10001
  the default branch name, like "main" or "master".
9988
10002
 
@@ -9997,14 +10011,14 @@ const config$7 = {
9997
10011
  `
9998
10012
  }
9999
10013
  const cmdScanCreate = {
10000
- description: config$7.description,
10001
- hidden: config$7.hidden,
10002
- run: run$7
10014
+ description: config$8.description,
10015
+ hidden: config$8.hidden,
10016
+ run: run$8
10003
10017
  }
10004
- async function run$7(argv, importMeta, { parentName }) {
10018
+ async function run$8(argv, importMeta, { parentName }) {
10005
10019
  const cli = meowOrExit({
10006
10020
  argv,
10007
- config: config$7,
10021
+ config: config$8,
10008
10022
  importMeta,
10009
10023
  parentName
10010
10024
  })
@@ -10056,154 +10070,484 @@ async function run$7(argv, importMeta, { parentName }) {
10056
10070
  if (suggestion) {
10057
10071
  orgSlug = suggestion
10058
10072
  }
10059
- updatedInput = true
10073
+ updatedInput = true
10074
+ }
10075
+ }
10076
+ if (updatedInput && orgSlug && targets?.length) {
10077
+ logger.logger.error(
10078
+ 'Note: You can invoke this command next time to skip the interactive questions:'
10079
+ )
10080
+ logger.logger.error('```')
10081
+ logger.logger.error(
10082
+ ` socket scan create [other flags...] ${defaultOrgSlug ? '' : orgSlug} ${targets.join(' ')}`
10083
+ )
10084
+ logger.logger.error('```\n')
10085
+ }
10086
+ const wasBadInput = handleBadInput(
10087
+ {
10088
+ nook: !!defaultOrgSlug,
10089
+ test: !!orgSlug && orgSlug !== '.',
10090
+ message: 'Org name as the first argument',
10091
+ pass: 'ok',
10092
+ fail:
10093
+ orgSlug === '.'
10094
+ ? 'dot is an invalid org, most likely you forgot the org name here?'
10095
+ : 'missing'
10096
+ },
10097
+ {
10098
+ test: !!targets.length,
10099
+ message: 'At least one TARGET (e.g. `.` or `./package.json`)',
10100
+ pass: 'ok',
10101
+ fail: 'missing (or perhaps you forgot the org slug?)'
10102
+ },
10103
+ {
10104
+ nook: true,
10105
+ test: !json || !markdown,
10106
+ message: 'The json and markdown flags cannot be both set, pick one',
10107
+ pass: 'ok',
10108
+ fail: 'omit one'
10109
+ },
10110
+ {
10111
+ nook: true,
10112
+ test: !!apiToken,
10113
+ message: 'This command requires an API token for access',
10114
+ pass: 'ok',
10115
+ fail: 'missing (try `socket login`)'
10116
+ },
10117
+ {
10118
+ nook: true,
10119
+ test: !pendingHead || !tmp,
10120
+ message: 'Can not use --pendingHead and --tmp at the same time',
10121
+ pass: 'ok',
10122
+ fail: 'remove at least one flag'
10123
+ },
10124
+ {
10125
+ nook: true,
10126
+ test: !pendingHead || !!branchName,
10127
+ message: 'When --pendingHead is set, --branch is mandatory',
10128
+ pass: 'ok',
10129
+ fail: 'missing branch name'
10130
+ },
10131
+ {
10132
+ nook: true,
10133
+ test: !defaultBranch || !!branchName,
10134
+ message: 'When --defaultBranch is set, --branch is mandatory',
10135
+ pass: 'ok',
10136
+ fail: 'missing branch name'
10137
+ }
10138
+ )
10139
+ if (wasBadInput) {
10140
+ return
10141
+ }
10142
+
10143
+ // Note exiting earlier to skirt a hidden auth requirement
10144
+ if (dryRun) {
10145
+ logger.logger.log(DRY_RUN_BAIL_TEXT$8)
10146
+ return
10147
+ }
10148
+ await handleCreateNewScan({
10149
+ branchName: branchName,
10150
+ commitHash: (commitHash && String(commitHash)) || '',
10151
+ commitMessage: (commitMessage && String(commitMessage)) || '',
10152
+ committers: (committers && String(committers)) || '',
10153
+ cwd,
10154
+ defaultBranch: Boolean(defaultBranch),
10155
+ orgSlug,
10156
+ outputKind: json ? 'json' : markdown ? 'markdown' : 'text',
10157
+ pendingHead: Boolean(pendingHead),
10158
+ pullRequest: Number(pullRequest),
10159
+ readOnly: Boolean(readOnly),
10160
+ repoName: repoName,
10161
+ report,
10162
+ targets,
10163
+ tmp: Boolean(tmp)
10164
+ })
10165
+ }
10166
+
10167
+ async function fetchDeleteOrgFullScan(orgSlug, scanId) {
10168
+ const sockSdk = await shadowNpmInject.setupSdk()
10169
+
10170
+ // Lazily access constants.spinner.
10171
+ const { spinner } = constants
10172
+ spinner.start('Requesting the scan to be deleted...')
10173
+ const result = await handleApiCall(
10174
+ sockSdk.deleteOrgFullScan(orgSlug, scanId),
10175
+ 'Deleting scan'
10176
+ )
10177
+ spinner.successAndStop('Received response for deleting a scan.')
10178
+ if (!result.success) {
10179
+ handleUnsuccessfulApiResponse('deleteOrgFullScan', result)
10180
+ }
10181
+ return result.data
10182
+ }
10183
+
10184
+ async function outputDeleteScan(_data) {
10185
+ logger.logger.success('Scan deleted successfully')
10186
+ }
10187
+
10188
+ async function handleDeleteScan(orgSlug, scanId) {
10189
+ const data = await fetchDeleteOrgFullScan(orgSlug, scanId)
10190
+ if (!data) {
10191
+ return
10192
+ }
10193
+ await outputDeleteScan()
10194
+ }
10195
+
10196
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$7 } = constants
10197
+ const config$7 = {
10198
+ commandName: 'del',
10199
+ description: 'Delete a scan',
10200
+ hidden: false,
10201
+ flags: {
10202
+ ...commonFlags,
10203
+ ...outputFlags
10204
+ },
10205
+ help: (command, config) => `
10206
+ Usage
10207
+ $ ${command} <org slug> <scan ID>
10208
+
10209
+ API Token Requirements
10210
+ - Quota: 1 unit
10211
+ - Permissions: full-scans:delete
10212
+
10213
+ Options
10214
+ ${getFlagListOutput(config.flags, 6)}
10215
+
10216
+ Examples
10217
+ $ ${command} FakeOrg 000aaaa1-0000-0a0a-00a0-00a0000000a0
10218
+ `
10219
+ }
10220
+ const cmdScanDel = {
10221
+ description: config$7.description,
10222
+ hidden: config$7.hidden,
10223
+ run: run$7
10224
+ }
10225
+ async function run$7(argv, importMeta, { parentName }) {
10226
+ const cli = meowOrExit({
10227
+ argv,
10228
+ config: config$7,
10229
+ importMeta,
10230
+ parentName
10231
+ })
10232
+ const defaultOrgSlug = shadowNpmInject.getConfigValue('defaultOrg')
10233
+ const orgSlug = defaultOrgSlug || cli.input[0] || ''
10234
+ const scanId = (defaultOrgSlug ? cli.input[0] : cli.input[1]) || ''
10235
+ const apiToken = shadowNpmInject.getDefaultToken()
10236
+ const wasBadInput = handleBadInput(
10237
+ {
10238
+ nook: !!defaultOrgSlug,
10239
+ test: !!orgSlug && orgSlug !== '.',
10240
+ message: 'Org name as the first argument',
10241
+ pass: 'ok',
10242
+ fail:
10243
+ orgSlug === '.'
10244
+ ? 'dot is an invalid org, most likely you forgot the org name here?'
10245
+ : 'missing'
10246
+ },
10247
+ {
10248
+ test: !!scanId,
10249
+ message: 'Scan ID to delete',
10250
+ pass: 'ok',
10251
+ fail: 'missing'
10252
+ },
10253
+ {
10254
+ nook: true,
10255
+ test: !!apiToken,
10256
+ message:
10257
+ 'You need to be logged in to use this command. See `socket login`.',
10258
+ pass: 'ok',
10259
+ fail: 'missing API token'
10260
+ }
10261
+ )
10262
+ if (wasBadInput) {
10263
+ return
10264
+ }
10265
+ if (cli.flags['dryRun']) {
10266
+ logger.logger.log(DRY_RUN_BAIL_TEXT$7)
10267
+ return
10268
+ }
10269
+ await handleDeleteScan(orgSlug, scanId)
10270
+ }
10271
+
10272
+ async function fetchDiffScan({ id1, id2, orgSlug }) {
10273
+ const apiToken = shadowNpmInject.getDefaultToken()
10274
+
10275
+ // Lazily access constants.spinner.
10276
+ const { spinner } = constants
10277
+ logger.logger.error('Scan ID 1:', id1)
10278
+ logger.logger.error('Scan ID 2:', id2)
10279
+ spinner.start('Fetching scan diff... (this may take a while)')
10280
+ const response = await queryApi(
10281
+ `orgs/${orgSlug}/full-scans/diff?before=${encodeURIComponent(id1)}&after=${encodeURIComponent(id2)}`,
10282
+ apiToken || ''
10283
+ )
10284
+ spinner.successAndStop('Received scan diff response')
10285
+ if (!response.ok) {
10286
+ const err = await handleApiError(response.status)
10287
+ logger.logger.fail(failMsgWithBadge(response.statusText, err))
10288
+ return
10289
+ }
10290
+ const result = await handleApiCall(
10291
+ await response.json(),
10292
+ 'Deserializing json'
10293
+ )
10294
+ return result
10295
+ }
10296
+
10297
+ const SOCKET_SBOM_URL_PREFIX$1 =
10298
+ 'https://socket.dev/dashboard/org/SocketDev/sbom/'
10299
+ async function outputDiffScan(result, { depth, file, outputKind }) {
10300
+ const dashboardUrl = result.diff_report_url
10301
+ const dashboardMessage = dashboardUrl
10302
+ ? `\n View this diff scan in the Socket dashboard: ${vendor.yoctocolorsCjsExports.cyan(dashboardUrl)}`
10303
+ : ''
10304
+
10305
+ // When forcing json, or dumping to file, serialize to string such that it
10306
+ // won't get truncated. The only way to dump the full raw JSON to stdout is
10307
+ // to use `--json --file -` (the dash is a standard notation for stdout)
10308
+ if (outputKind === 'json' || file) {
10309
+ let json
10310
+ try {
10311
+ json = JSON.stringify(result, null, 2)
10312
+ } catch (e) {
10313
+ process.exitCode = 1
10314
+ // Most likely caused by a circular reference (or OOM)
10315
+ logger.logger.fail('There was a problem converting the data to JSON')
10316
+ logger.logger.error(e)
10317
+ return
10318
+ }
10319
+ if (file && file !== '-') {
10320
+ logger.logger.log(`Writing json to \`${file}\``)
10321
+ fs$1.writeFile(file, JSON.stringify(result, null, 2), err => {
10322
+ if (err) {
10323
+ logger.logger.fail(`Writing to \`${file}\` failed...`)
10324
+ logger.logger.error(err)
10325
+ } else {
10326
+ logger.logger.log(`Data successfully written to \`${file}\``)
10327
+ }
10328
+ logger.logger.error(dashboardMessage)
10329
+ })
10330
+ } else {
10331
+ // TODO: expose different method for writing to stderr when simply dodging stdout
10332
+ logger.logger.error(`\n Diff scan result: \n`)
10333
+ logger.logger.log(json)
10334
+ logger.logger.error(dashboardMessage)
10335
+ }
10336
+ return
10337
+ }
10338
+ if (outputKind === 'markdown') {
10339
+ logger.logger.log('# Scan diff result')
10340
+ logger.logger.log('')
10341
+ logger.logger.log(
10342
+ 'This Socket.dev report shows the changes between two scans:'
10343
+ )
10344
+ logger.logger.log(
10345
+ `- [${result.before.id}](${SOCKET_SBOM_URL_PREFIX$1}${result.before.id})`
10346
+ )
10347
+ logger.logger.log(
10348
+ `- [${result.after.id}](${SOCKET_SBOM_URL_PREFIX$1}${result.after.id})`
10349
+ )
10350
+ logger.logger.log('')
10351
+ logger.logger.log(
10352
+ `You can [view this report in your dashboard](${result.diff_report_url})`
10353
+ )
10354
+ logger.logger.log('')
10355
+ logger.logger.log('## Changes')
10356
+ logger.logger.log('')
10357
+ logger.logger.log(
10358
+ `- directDependenciesChanged: ${result.directDependenciesChanged}`
10359
+ )
10360
+ logger.logger.log(`- Added packages: ${result.artifacts.added.length}`)
10361
+ if (result.artifacts.added.length > 0) {
10362
+ result.artifacts.added.slice(0, 10).forEach(artifact => {
10363
+ logger.logger.log(
10364
+ ` - ${artifact.type} ${artifact.name}@${artifact.version}`
10365
+ )
10366
+ })
10367
+ if (result.artifacts.added.length > 10) {
10368
+ logger.logger.log(
10369
+ ` ... and ${result.artifacts.added.length - 10} more`
10370
+ )
10371
+ }
10372
+ }
10373
+ logger.logger.log(`- Removed packages: ${result.artifacts.removed.length}`)
10374
+ if (result.artifacts.removed.length > 0) {
10375
+ result.artifacts.removed.slice(0, 10).forEach(artifact => {
10376
+ logger.logger.log(
10377
+ ` - ${artifact.type} ${artifact.name}@${artifact.version}`
10378
+ )
10379
+ })
10380
+ if (result.artifacts.removed.length > 10) {
10381
+ logger.logger.log(
10382
+ ` ... and ${result.artifacts.removed.length - 10} more`
10383
+ )
10384
+ }
10385
+ }
10386
+ logger.logger.log(
10387
+ `- Replaced packages: ${result.artifacts.replaced.length}`
10388
+ )
10389
+ if (result.artifacts.replaced.length > 0) {
10390
+ result.artifacts.replaced.slice(0, 10).forEach(artifact => {
10391
+ logger.logger.log(
10392
+ ` - ${artifact.type} ${artifact.name}@${artifact.version}`
10393
+ )
10394
+ })
10395
+ if (result.artifacts.replaced.length > 10) {
10396
+ logger.logger.log(
10397
+ ` ... and ${result.artifacts.replaced.length - 10} more`
10398
+ )
10399
+ }
10400
+ }
10401
+ logger.logger.log(`- Updated packages: ${result.artifacts.updated.length}`)
10402
+ if (result.artifacts.updated.length > 0) {
10403
+ result.artifacts.updated.slice(0, 10).forEach(artifact => {
10404
+ logger.logger.log(
10405
+ ` - ${artifact.type} ${artifact.name}@${artifact.version}`
10406
+ )
10407
+ })
10408
+ if (result.artifacts.updated.length > 10) {
10409
+ logger.logger.log(
10410
+ ` ... and ${result.artifacts.updated.length - 10} more`
10411
+ )
10412
+ }
10413
+ }
10414
+ logger.logger.log(
10415
+ `- Unchanged packages: ${result.artifacts.unchanged.length}`
10416
+ )
10417
+ if (result.artifacts.unchanged.length > 0) {
10418
+ result.artifacts.unchanged.slice(0, 10).forEach(artifact => {
10419
+ logger.logger.log(
10420
+ ` - ${artifact.type} ${artifact.name}@${artifact.version}`
10421
+ )
10422
+ })
10423
+ if (result.artifacts.unchanged.length > 10) {
10424
+ logger.logger.log(
10425
+ ` ... and ${result.artifacts.unchanged.length - 10} more`
10426
+ )
10427
+ }
10060
10428
  }
10061
- }
10062
- if (updatedInput && orgSlug && targets?.length) {
10063
- logger.logger.error(
10064
- 'Note: You can invoke this command next time to skip the interactive questions:'
10429
+ logger.logger.log('')
10430
+ logger.logger.log(`## Scan ${result.before.id}`)
10431
+ logger.logger.log('')
10432
+ logger.logger.log(
10433
+ 'This Scan was considered to be the "base" / "from" / "before" Scan.'
10065
10434
  )
10066
- logger.logger.error('```')
10067
- logger.logger.error(
10068
- ` socket scan create [other flags...] ${defaultOrgSlug ? '' : orgSlug} ${targets.join(' ')}`
10435
+ logger.logger.log('')
10436
+ for (const [key, value] of Object.entries(result.before)) {
10437
+ if (key === 'pull_request' && !value) {
10438
+ continue
10439
+ }
10440
+ if (!['id', 'organization_id', 'repository_id'].includes(key)) {
10441
+ logger.logger.group(
10442
+ `- ${key === 'repository_slug' ? 'repo' : key === 'organization_slug' ? 'org' : key}: ${value}`
10443
+ )
10444
+ logger.logger.groupEnd()
10445
+ }
10446
+ }
10447
+ logger.logger.log('')
10448
+ logger.logger.log(`## Scan ${result.after.id}`)
10449
+ logger.logger.log('')
10450
+ logger.logger.log(
10451
+ 'This Scan was considered to be the "head" / "to" / "after" Scan.'
10069
10452
  )
10070
- logger.logger.error('```\n')
10071
- }
10072
- const wasBadInput = handleBadInput(
10073
- {
10074
- nook: !!defaultOrgSlug,
10075
- test: !!orgSlug && orgSlug !== '.',
10076
- message: 'Org name as the first argument',
10077
- pass: 'ok',
10078
- fail:
10079
- orgSlug === '.'
10080
- ? 'dot is an invalid org, most likely you forgot the org name here?'
10081
- : 'missing'
10082
- },
10083
- {
10084
- test: !!targets.length,
10085
- message: 'At least one TARGET (e.g. `.` or `./package.json`)',
10086
- pass: 'ok',
10087
- fail: 'missing (or perhaps you forgot the org slug?)'
10088
- },
10089
- {
10090
- nook: true,
10091
- test: !json || !markdown,
10092
- message: 'The json and markdown flags cannot be both set, pick one',
10093
- pass: 'ok',
10094
- fail: 'omit one'
10095
- },
10096
- {
10097
- nook: true,
10098
- test: !!apiToken,
10099
- message: 'This command requires an API token for access',
10100
- pass: 'ok',
10101
- fail: 'missing (try `socket login`)'
10102
- },
10103
- {
10104
- nook: true,
10105
- test: !pendingHead || !tmp,
10106
- message: 'Can not use --pendingHead and --tmp at the same time',
10107
- pass: 'ok',
10108
- fail: 'remove at least one flag'
10109
- },
10110
- {
10111
- nook: true,
10112
- test: !pendingHead || !!branchName,
10113
- message: 'When --pendingHead is set, --branch is mandatory',
10114
- pass: 'ok',
10115
- fail: 'missing branch name'
10116
- },
10117
- {
10118
- nook: true,
10119
- test: !defaultBranch || !!branchName,
10120
- message: 'When --defaultBranch is set, --branch is mandatory',
10121
- pass: 'ok',
10122
- fail: 'missing branch name'
10453
+ logger.logger.log('')
10454
+ for (const [key, value] of Object.entries(result.after)) {
10455
+ if (key === 'pull_request' && !value) {
10456
+ continue
10457
+ }
10458
+ if (!['id', 'organization_id', 'repository_id'].includes(key)) {
10459
+ logger.logger.group(
10460
+ `- ${key === 'repository_slug' ? 'repo' : key === 'organization_slug' ? 'org' : key}: ${value}`
10461
+ )
10462
+ logger.logger.groupEnd()
10463
+ }
10123
10464
  }
10124
- )
10125
- if (wasBadInput) {
10126
- return
10127
- }
10128
-
10129
- // Note exiting earlier to skirt a hidden auth requirement
10130
- if (dryRun) {
10131
- logger.logger.log(DRY_RUN_BAIL_TEXT$7)
10465
+ logger.logger.log('')
10132
10466
  return
10133
10467
  }
10134
- await handleCreateNewScan({
10135
- branchName: branchName,
10136
- commitHash: (commitHash && String(commitHash)) || '',
10137
- commitMessage: (commitMessage && String(commitMessage)) || '',
10138
- committers: (committers && String(committers)) || '',
10139
- cwd,
10140
- defaultBranch: Boolean(defaultBranch),
10141
- orgSlug,
10142
- outputKind: json ? 'json' : markdown ? 'markdown' : 'text',
10143
- pendingHead: Boolean(pendingHead),
10144
- pullRequest: Number(pullRequest),
10145
- readOnly: Boolean(readOnly),
10146
- repoName: repoName,
10147
- report,
10148
- targets,
10149
- tmp: Boolean(tmp)
10150
- })
10151
- }
10152
10468
 
10153
- async function fetchDeleteOrgFullScan(orgSlug, scanId) {
10154
- const sockSdk = await shadowNpmInject.setupSdk()
10469
+ // In this case neither the --json nor the --file flag was passed
10470
+ // Dump the JSON to CLI and let NodeJS deal with truncation
10155
10471
 
10156
- // Lazily access constants.spinner.
10157
- const { spinner } = constants
10158
- spinner.start('Requesting the scan to be deleted...')
10159
- const result = await handleApiCall(
10160
- sockSdk.deleteOrgFullScan(orgSlug, scanId),
10161
- 'Deleting scan'
10472
+ logger.logger.log('Diff scan result:')
10473
+ logger.logger.log(
10474
+ require$$0.inspect(result, {
10475
+ showHidden: false,
10476
+ depth: depth > 0 ? depth : null,
10477
+ colors: true,
10478
+ maxArrayLength: null
10479
+ })
10162
10480
  )
10163
- spinner.successAndStop('Received response for deleting a scan.')
10164
- if (!result.success) {
10165
- handleUnsuccessfulApiResponse('deleteOrgFullScan', result)
10166
- }
10167
- return result.data
10168
- }
10169
-
10170
- async function outputDeleteScan(_data) {
10171
- logger.logger.success('Scan deleted successfully')
10481
+ logger.logger.error(
10482
+ `\n 📝 To display the detailed report in the terminal, use the --json flag. For a friendlier report, use the --markdown flag.\n`
10483
+ )
10484
+ logger.logger.log(dashboardMessage)
10172
10485
  }
10173
10486
 
10174
- async function handleDeleteScan(orgSlug, scanId) {
10175
- const data = await fetchDeleteOrgFullScan(orgSlug, scanId)
10487
+ async function handleDiffScan({ depth, file, id1, id2, orgSlug, outputKind }) {
10488
+ const data = await fetchDiffScan({
10489
+ id1,
10490
+ id2,
10491
+ orgSlug
10492
+ })
10176
10493
  if (!data) {
10177
10494
  return
10178
10495
  }
10179
- await outputDeleteScan()
10496
+ await outputDiffScan(data, {
10497
+ depth,
10498
+ file,
10499
+ outputKind
10500
+ })
10180
10501
  }
10181
10502
 
10182
10503
  const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$6 } = constants
10504
+ const SOCKET_SBOM_URL_PREFIX =
10505
+ 'https://socket.dev/dashboard/org/SocketDev/sbom/'
10183
10506
  const config$6 = {
10184
- commandName: 'del',
10185
- description: 'Delete a scan',
10507
+ commandName: 'diff',
10508
+ description: 'See what changed between two Scans',
10186
10509
  hidden: false,
10187
10510
  flags: {
10188
10511
  ...commonFlags,
10189
- ...outputFlags
10512
+ ...outputFlags,
10513
+ depth: {
10514
+ type: 'number',
10515
+ default: 2,
10516
+ description:
10517
+ 'Max depth of JSON to display before truncating, use zero for no limit (without --json/--file)'
10518
+ },
10519
+ file: {
10520
+ type: 'string',
10521
+ shortFlag: 'f',
10522
+ default: '',
10523
+ description:
10524
+ 'Path to a local file where the output should be saved. Use `-` to force stdout.'
10525
+ }
10190
10526
  },
10191
10527
  help: (command, config) => `
10192
10528
  Usage
10193
- $ ${command} <org slug> <scan ID>
10529
+ $ ${command} <org slug> <ID1> <ID2>
10194
10530
 
10195
10531
  API Token Requirements
10196
10532
  - Quota: 1 unit
10197
- - Permissions: full-scans:delete
10533
+ - Permissions: full-scans:list
10534
+
10535
+ This command displays the package changes between two scans. The full output
10536
+ can be pretty large depending on the size of your repo and time range. It is
10537
+ best stored to disk (with --json) to be further analyzed by other tools.
10538
+
10539
+ Note: First Scan ID is assumed to be the older ID. This is only relevant for
10540
+ the added/removed list (similar to diffing two files with git).
10198
10541
 
10199
10542
  Options
10200
10543
  ${getFlagListOutput(config.flags, 6)}
10201
10544
 
10202
10545
  Examples
10203
- $ ${command} FakeOrg 000aaaa1-0000-0a0a-00a0-00a0000000a0
10546
+ $ ${command} FakeCorp aaa0aa0a-aaaa-0000-0a0a-0000000a00a0 aaa1aa1a-aaaa-1111-1a1a-1111111a11a1
10547
+ $ ${command} FakeCorp aaa0aa0a-aaaa-0000-0a0a-0000000a00a0 aaa1aa1a-aaaa-1111-1a1a-1111111a11a1 --json
10204
10548
  `
10205
10549
  }
10206
- const cmdScanDel = {
10550
+ const cmdScanDiff = {
10207
10551
  description: config$6.description,
10208
10552
  hidden: config$6.hidden,
10209
10553
  run: run$6
@@ -10215,27 +10559,46 @@ async function run$6(argv, importMeta, { parentName }) {
10215
10559
  importMeta,
10216
10560
  parentName
10217
10561
  })
10562
+ const { depth, file, json, markdown } = cli.flags
10218
10563
  const defaultOrgSlug = shadowNpmInject.getConfigValue('defaultOrg')
10219
10564
  const orgSlug = defaultOrgSlug || cli.input[0] || ''
10220
- const scanId = (defaultOrgSlug ? cli.input[0] : cli.input[1]) || ''
10565
+ let id1 = cli.input[defaultOrgSlug ? 0 : 1] || ''
10566
+ let id2 = cli.input[defaultOrgSlug ? 1 : 2] || ''
10567
+ if (id1.startsWith(SOCKET_SBOM_URL_PREFIX)) {
10568
+ id1 = id1.slice(SOCKET_SBOM_URL_PREFIX.length)
10569
+ }
10570
+ if (id2.startsWith(SOCKET_SBOM_URL_PREFIX)) {
10571
+ id2 = id2.slice(SOCKET_SBOM_URL_PREFIX.length)
10572
+ }
10221
10573
  const apiToken = shadowNpmInject.getDefaultToken()
10222
10574
  const wasBadInput = handleBadInput(
10223
10575
  {
10224
- nook: !!defaultOrgSlug,
10225
- test: !!orgSlug && orgSlug !== '.',
10226
- message: 'Org name as the first argument',
10576
+ test: !!(id1 && id2),
10577
+ message:
10578
+ 'Specify two Scan IDs.\nA Scan ID looks like `aaa0aa0a-aaaa-0000-0a0a-0000000a00a0`.',
10227
10579
  pass: 'ok',
10228
10580
  fail:
10229
- orgSlug === '.'
10230
- ? 'dot is an invalid org, most likely you forgot the org name here?'
10231
- : 'missing'
10581
+ !id1 && !id2
10582
+ ? 'missing both Scan IDs'
10583
+ : !id2
10584
+ ? 'missing second Scan ID'
10585
+ : 'missing first Scan ID' // Not sure how this can happen but ok.
10232
10586
  },
10233
10587
  {
10234
- test: !!scanId,
10235
- message: 'Scan ID to delete',
10588
+ test: !!orgSlug,
10589
+ nook: true,
10590
+ message: 'Org name as the first argument',
10236
10591
  pass: 'ok',
10237
10592
  fail: 'missing'
10238
10593
  },
10594
+ {
10595
+ nook: true,
10596
+ test: !json || !markdown,
10597
+ message:
10598
+ 'The `--json` and `--markdown` flags can not be used at the same time',
10599
+ pass: 'ok',
10600
+ fail: 'bad'
10601
+ },
10239
10602
  {
10240
10603
  nook: true,
10241
10604
  test: !!apiToken,
@@ -10252,15 +10615,24 @@ async function run$6(argv, importMeta, { parentName }) {
10252
10615
  logger.logger.log(DRY_RUN_BAIL_TEXT$6)
10253
10616
  return
10254
10617
  }
10255
- await handleDeleteScan(orgSlug, scanId)
10618
+ await handleDiffScan({
10619
+ id1: String(id1 || ''),
10620
+ id2: String(id2 || ''),
10621
+ depth: Number(depth),
10622
+ orgSlug,
10623
+ outputKind: json ? 'json' : markdown ? 'markdown' : 'text',
10624
+ file: String(file || '')
10625
+ })
10256
10626
  }
10257
10627
 
10258
10628
  async function fetchListScans({
10629
+ branch,
10259
10630
  direction,
10260
10631
  from_time,
10261
10632
  orgSlug,
10262
10633
  page,
10263
10634
  per_page,
10635
+ repo,
10264
10636
  sort
10265
10637
  }) {
10266
10638
  const sockSdk = await shadowNpmInject.setupSdk()
@@ -10270,6 +10642,16 @@ async function fetchListScans({
10270
10642
  spinner.start('Fetching list of scans...')
10271
10643
  const result = await handleApiCall(
10272
10644
  sockSdk.getOrgFullScanList(orgSlug, {
10645
+ ...(branch
10646
+ ? {
10647
+ branch
10648
+ }
10649
+ : {}),
10650
+ ...(repo
10651
+ ? {
10652
+ repo
10653
+ }
10654
+ : {}),
10273
10655
  sort,
10274
10656
  direction,
10275
10657
  per_page: String(per_page),
@@ -10301,6 +10683,10 @@ async function outputListScans(data, outputKind) {
10301
10683
  field: 'report_url',
10302
10684
  name: vendor.yoctocolorsCjsExports.magenta('Scan URL')
10303
10685
  },
10686
+ {
10687
+ field: 'repo',
10688
+ name: vendor.yoctocolorsCjsExports.magenta('Repo')
10689
+ },
10304
10690
  {
10305
10691
  field: 'branch',
10306
10692
  name: vendor.yoctocolorsCjsExports.magenta('Branch')
@@ -10324,6 +10710,7 @@ async function outputListScans(data, outputKind) {
10324
10710
  day: 'numeric'
10325
10711
  })
10326
10712
  : '',
10713
+ repo: d.repo,
10327
10714
  branch: d.branch
10328
10715
  }
10329
10716
  })
@@ -10331,20 +10718,24 @@ async function outputListScans(data, outputKind) {
10331
10718
  }
10332
10719
 
10333
10720
  async function handleListScans({
10721
+ branch,
10334
10722
  direction,
10335
10723
  from_time,
10336
10724
  orgSlug,
10337
10725
  outputKind,
10338
10726
  page,
10339
10727
  per_page,
10728
+ repo,
10340
10729
  sort
10341
10730
  }) {
10342
10731
  const data = await fetchListScans({
10732
+ branch,
10343
10733
  direction,
10344
10734
  from_time,
10345
10735
  orgSlug,
10346
10736
  page,
10347
10737
  per_page,
10738
+ repo,
10348
10739
  sort
10349
10740
  })
10350
10741
  if (!data) {
@@ -10361,12 +10752,9 @@ const config$5 = {
10361
10752
  flags: {
10362
10753
  ...commonFlags,
10363
10754
  ...outputFlags,
10364
- sort: {
10755
+ branch: {
10365
10756
  type: 'string',
10366
- shortFlag: 's',
10367
- default: 'created_at',
10368
- description:
10369
- 'Sorting option (`name` or `created_at`) - default is `created_at`'
10757
+ description: 'Filter to show only scans with this branch name'
10370
10758
  },
10371
10759
  direction: {
10372
10760
  type: 'string',
@@ -10374,11 +10762,11 @@ const config$5 = {
10374
10762
  default: 'desc',
10375
10763
  description: 'Direction option (`desc` or `asc`) - Default is `desc`'
10376
10764
  },
10377
- perPage: {
10378
- type: 'number',
10379
- shortFlag: 'pp',
10380
- default: 30,
10381
- description: 'Results per page - Default is 30'
10765
+ fromTime: {
10766
+ type: 'string',
10767
+ shortFlag: 'f',
10768
+ default: '',
10769
+ description: 'From time - as a unix timestamp'
10382
10770
  },
10383
10771
  page: {
10384
10772
  type: 'number',
@@ -10386,11 +10774,22 @@ const config$5 = {
10386
10774
  default: 1,
10387
10775
  description: 'Page number - Default is 1'
10388
10776
  },
10389
- fromTime: {
10777
+ perPage: {
10778
+ type: 'number',
10779
+ shortFlag: 'pp',
10780
+ default: 30,
10781
+ description: 'Results per page - Default is 30'
10782
+ },
10783
+ repo: {
10390
10784
  type: 'string',
10391
- shortFlag: 'f',
10392
- default: '',
10393
- description: 'From time - as a unix timestamp'
10785
+ description: 'Filter to show only scans with this repository name'
10786
+ },
10787
+ sort: {
10788
+ type: 'string',
10789
+ shortFlag: 's',
10790
+ default: 'created_at',
10791
+ description:
10792
+ 'Sorting option (`name` or `created_at`) - default is `created_at`'
10394
10793
  },
10395
10794
  untilTime: {
10396
10795
  type: 'string',
@@ -10426,7 +10825,7 @@ async function run$5(argv, importMeta, { parentName }) {
10426
10825
  importMeta,
10427
10826
  parentName
10428
10827
  })
10429
- const { json, markdown } = cli.flags
10828
+ const { branch, json, markdown, repo } = cli.flags
10430
10829
  const defaultOrgSlug = shadowNpmInject.getConfigValue('defaultOrg')
10431
10830
  const orgSlug = defaultOrgSlug || cli.input[0] || ''
10432
10831
  const apiToken = shadowNpmInject.getDefaultToken()
@@ -10465,12 +10864,14 @@ async function run$5(argv, importMeta, { parentName }) {
10465
10864
  return
10466
10865
  }
10467
10866
  await handleListScans({
10867
+ branch: branch ? String(branch) : '',
10468
10868
  direction: String(cli.flags['direction'] || ''),
10469
10869
  from_time: String(cli.flags['fromTime'] || ''),
10470
10870
  orgSlug,
10471
10871
  outputKind: json ? 'json' : markdown ? 'markdown' : 'print',
10472
10872
  page: Number(cli.flags['page'] || 1),
10473
10873
  per_page: Number(cli.flags['perPage'] || 30),
10874
+ repo: repo ? String(repo) : '',
10474
10875
  sort: String(cli.flags['sort'] || '')
10475
10876
  })
10476
10877
  }
@@ -10960,6 +11361,7 @@ const cmdScan = {
10960
11361
  create: cmdScanCreate,
10961
11362
  list: cmdScanList,
10962
11363
  del: cmdScanDel,
11364
+ diff: cmdScanDiff,
10963
11365
  metadata: cmdScanMetadata,
10964
11366
  report: cmdScanReport,
10965
11367
  view: cmdScanView
@@ -11328,7 +11730,7 @@ async function run$1(argv, importMeta, { parentName }) {
11328
11730
  }
11329
11731
 
11330
11732
  function addSocketWrapper(file) {
11331
- return require$$0.appendFile(
11733
+ return fs$1.appendFile(
11332
11734
  file,
11333
11735
  'alias npm="socket npm"\nalias npx="socket npx"\n',
11334
11736
  err => {
@@ -11337,7 +11739,7 @@ function addSocketWrapper(file) {
11337
11739
  }
11338
11740
  // TODO: pretty sure you need to source the file or restart
11339
11741
  // any terminal session before changes are reflected.
11340
- logger.logger.log(vendor.stripIndents`
11742
+ logger.logger.log(vendor.html`
11341
11743
  The alias was added to ${file}. Running 'npm install' will now be wrapped in Socket's "safe npm" 🎉
11342
11744
  If you want to disable it at any time, run \`socket wrapper --disable\`
11343
11745
  `)
@@ -11346,7 +11748,7 @@ If you want to disable it at any time, run \`socket wrapper --disable\`
11346
11748
  }
11347
11749
 
11348
11750
  function checkSocketWrapperSetup(file) {
11349
- const fileContent = require$$0.readFileSync(file, 'utf8')
11751
+ const fileContent = fs$1.readFileSync(file, 'utf8')
11350
11752
  const linesWithSocketAlias = fileContent
11351
11753
  .split('\n')
11352
11754
  .filter(
@@ -11365,11 +11767,10 @@ async function postinstallWrapper() {
11365
11767
  // Lazily access constants.bashRcPath and constants.zshRcPath.
11366
11768
  const { bashRcPath, zshRcPath } = constants
11367
11769
  const socketWrapperEnabled =
11368
- (require$$0.existsSync(bashRcPath) &&
11369
- checkSocketWrapperSetup(bashRcPath)) ||
11370
- (require$$0.existsSync(zshRcPath) && checkSocketWrapperSetup(zshRcPath))
11770
+ (fs$1.existsSync(bashRcPath) && checkSocketWrapperSetup(bashRcPath)) ||
11771
+ (fs$1.existsSync(zshRcPath) && checkSocketWrapperSetup(zshRcPath))
11371
11772
  if (!socketWrapperEnabled) {
11372
- await installSafeNpm(vendor.stripIndents`
11773
+ await installSafeNpm(vendor.html`
11373
11774
  The Socket CLI is now successfully installed! 🎉
11374
11775
 
11375
11776
  To better protect yourself against supply-chain attacks, our "safe npm" wrapper can warn you about malicious packages whenever you run 'npm install'.
@@ -11394,10 +11795,10 @@ async function installSafeNpm(query) {
11394
11795
  // Lazily access constants.bashRcPath and constants.zshRcPath.
11395
11796
  const { bashRcPath, zshRcPath } = constants
11396
11797
  try {
11397
- if (require$$0.existsSync(bashRcPath)) {
11798
+ if (fs$1.existsSync(bashRcPath)) {
11398
11799
  addSocketWrapper(bashRcPath)
11399
11800
  }
11400
- if (require$$0.existsSync(zshRcPath)) {
11801
+ if (fs$1.existsSync(zshRcPath)) {
11401
11802
  addSocketWrapper(zshRcPath)
11402
11803
  }
11403
11804
  } catch (e) {
@@ -11409,7 +11810,7 @@ async function installSafeNpm(query) {
11409
11810
  }
11410
11811
 
11411
11812
  function removeSocketWrapper(file) {
11412
- return require$$0.readFile(file, 'utf8', function (err, data) {
11813
+ return fs$1.readFile(file, 'utf8', function (err, data) {
11413
11814
  if (err) {
11414
11815
  logger.logger.fail('There was an error removing the alias:')
11415
11816
  logger.logger.error(err)
@@ -11421,7 +11822,7 @@ function removeSocketWrapper(file) {
11421
11822
  l => l !== 'alias npm="socket npm"' && l !== 'alias npx="socket npx"'
11422
11823
  )
11423
11824
  const updatedFileContent = linesWithoutSocketAlias.join('\n')
11424
- require$$0.writeFile(file, updatedFileContent, function (err) {
11825
+ fs$1.writeFile(file, updatedFileContent, function (err) {
11425
11826
  if (err) {
11426
11827
  logger.logger.error(err)
11427
11828
  return
@@ -11509,27 +11910,21 @@ async function run(argv, importMeta, { parentName }) {
11509
11910
  // Lazily access constants.bashRcPath and constants.zshRcPath.
11510
11911
  const { bashRcPath, zshRcPath } = constants
11511
11912
  if (enable) {
11512
- if (
11513
- require$$0.existsSync(bashRcPath) &&
11514
- !checkSocketWrapperSetup(bashRcPath)
11515
- ) {
11913
+ if (fs$1.existsSync(bashRcPath) && !checkSocketWrapperSetup(bashRcPath)) {
11516
11914
  addSocketWrapper(bashRcPath)
11517
11915
  }
11518
- if (
11519
- require$$0.existsSync(zshRcPath) &&
11520
- !checkSocketWrapperSetup(zshRcPath)
11521
- ) {
11916
+ if (fs$1.existsSync(zshRcPath) && !checkSocketWrapperSetup(zshRcPath)) {
11522
11917
  addSocketWrapper(zshRcPath)
11523
11918
  }
11524
11919
  } else {
11525
- if (require$$0.existsSync(bashRcPath)) {
11920
+ if (fs$1.existsSync(bashRcPath)) {
11526
11921
  removeSocketWrapper(bashRcPath)
11527
11922
  }
11528
- if (require$$0.existsSync(zshRcPath)) {
11923
+ if (fs$1.existsSync(zshRcPath)) {
11529
11924
  removeSocketWrapper(zshRcPath)
11530
11925
  }
11531
11926
  }
11532
- if (!require$$0.existsSync(bashRcPath) && !require$$0.existsSync(zshRcPath)) {
11927
+ if (!fs$1.existsSync(bashRcPath) && !fs$1.existsSync(zshRcPath)) {
11533
11928
  logger.logger.fail(
11534
11929
  'There was an issue setting up the alias in your bash profile'
11535
11930
  )
@@ -11543,7 +11938,7 @@ void (async () => {
11543
11938
  await vendor.updater({
11544
11939
  name: SOCKET_CLI_BIN_NAME,
11545
11940
  // The '@rollup/plugin-replace' will replace "process.env['INLINED_SOCKET_CLI_VERSION']".
11546
- version: '0.14.103',
11941
+ version: '0.14.105',
11547
11942
  ttl: 86_400_000 /* 24 hours in milliseconds */
11548
11943
  })
11549
11944
  try {
@@ -11580,7 +11975,7 @@ void (async () => {
11580
11975
  argv: process$1.argv.slice(2),
11581
11976
  name: SOCKET_CLI_BIN_NAME,
11582
11977
  importMeta: {
11583
- url: `${require$$0$2.pathToFileURL(__filename)}`
11978
+ url: `${require$$0$1.pathToFileURL(__filename)}`
11584
11979
  }
11585
11980
  }
11586
11981
  )
@@ -11611,5 +12006,5 @@ void (async () => {
11611
12006
  await shadowNpmInject.captureException(e)
11612
12007
  }
11613
12008
  })()
11614
- //# debugId=e925b9d1-907d-4e63-b176-1eb32d8e7284
12009
+ //# debugId=1651050b-5b34-4e33-bf0e-95c55f069093
11615
12010
  //# sourceMappingURL=cli.js.map