@socketsecurity/cli-with-sentry 0.14.106 → 0.14.108

package/dist/instrument-with-sentry.js

@@ -41,7 +41,7 @@ const relConstantsPath = './constants'
   Sentry.setTag(
     'version',
     // The '@rollup/plugin-replace' will replace "process.env['INLINED_SOCKET_CLI_VERSION_HASH']".
-    '0.14.106:968fc98:d6f1d87a:pub'
+    '0.14.108:342eeb0:d9332f95:pub'
   )
   const constants = require(relConstantsPath)
   if (constants.ENV.SOCKET_CLI_DEBUG) {
@@ -56,5 +56,5 @@ const relConstantsPath = './constants'
   } = constants
   setSentry(Sentry)
 }
-//# debugId=d1310559-3c56-4c67-b04a-f71c213ee79
+//# debugId=443aef59-6954-4c72-864c-34892e5490ee
 //# sourceMappingURL=instrument-with-sentry.js.map

package/dist/instrument-with-sentry.js.map

@@ -1 +1 @@
-{"version":3,"file":"instrument-with-sentry.js","sources":["../../src/instrument-with-sentry.ts"],"sourcesContent":["// This should ONLY be included in the special Sentry build!\n// Otherwise the Sentry dependency won't even be present in the manifest.\n\nimport { logger } from '@socketsecurity/registry/lib/logger'\n\n// Require constants with require(relConstantsPath) instead of require('./constants')\n// so Rollup doesn't generate a constants2.js chunk.\nconst relConstantsPath = './constants'\n// The '@rollup/plugin-replace' will replace \"process.env['INLINED_SOCKET_CLI_SENTRY_BUILD']\".\nif (process.env['INLINED_SOCKET_CLI_SENTRY_BUILD']) {\n  const Sentry = require('@sentry/node')\n  Sentry.init({\n    onFatalError(error: Error) {\n      // Defer module loads until after Sentry.init is called.\n      if (require(relConstantsPath).ENV.SOCKET_CLI_DEBUG) {\n        logger.fail('[DEBUG] [Sentry onFatalError]:', error)\n      }\n    },\n    dsn: 'https://66736701db8e4ffac046bd09fa6aaced@o555220.ingest.us.sentry.io/4508846967619585',\n    enabled: true,\n    integrations: []\n  })\n  Sentry.setTag(\n    'environment',\n    // The '@rollup/plugin-replace' will replace \"process.env['INLINED_SOCKET_CLI_PUBLISHED_BUILD']\".\n    process.env['INLINED_SOCKET_CLI_PUBLISHED_BUILD']\n      ? 'pub'\n      : // The NODE_ENV convention is used by apps to define the runtime environment.\n        // https://nodejs.org/en/learn/getting-started/nodejs-the-difference-between-development-and-production\n        process.env['NODE_ENV']\n  )\n  Sentry.setTag(\n    'version',\n    // The '@rollup/plugin-replace' will replace \"process.env['INLINED_SOCKET_CLI_VERSION_HASH']\".\n    process.env['INLINED_SOCKET_CLI_VERSION_HASH']\n  )\n  const constants = require(relConstantsPath)\n  if (constants.ENV.SOCKET_CLI_DEBUG) {\n    Sentry.setTag('debugging', true)\n    logger.log('[DEBUG] Set up Sentry.')\n  } else {\n    Sentry.setTag('debugging', false)\n  }\n  const {\n    kInternalsSymbol,\n    [kInternalsSymbol as unknown as 'Symbol(kInternalsSymbol)']: { setSentry }\n  } = constants\n  setSentry(Sentry)\n} else if (require(relConstantsPath).ENV.SOCKET_CLI_DEBUG) {\n  logger.log('[DEBUG] Sentry disabled explicitly.')\n}\n"],"names":["logger","dsn","enabled","integrations","process","Sentry","setSentry"],"mappings":";;;;;;;;;;;;;;;AAAA;AACA;;;AAIA;AACA;AACA;AACA;AACoD;AAClD;;;AAGI;;AAEEA;AACF;;AAEFC;AACAC;AACAC;AACF;;AAGE;AACAC;;AAQA;AACAA;AAEF;AACA;AACEC;AACAL;AACF;AACEK;AACF;;;AAGE;AAA+DC;AAAU;AAC3E;;AAEF","debugId":"d1310559-3c56-4c67-b04a-f71c213ee79"}
+{"version":3,"file":"instrument-with-sentry.js","sources":["../../src/instrument-with-sentry.ts"],"sourcesContent":["// This should ONLY be included in the special Sentry build!\n// Otherwise the Sentry dependency won't even be present in the manifest.\n\nimport { logger } from '@socketsecurity/registry/lib/logger'\n\n// Require constants with require(relConstantsPath) instead of require('./constants')\n// so Rollup doesn't generate a constants2.js chunk.\nconst relConstantsPath = './constants'\n// The '@rollup/plugin-replace' will replace \"process.env['INLINED_SOCKET_CLI_SENTRY_BUILD']\".\nif (process.env['INLINED_SOCKET_CLI_SENTRY_BUILD']) {\n  const Sentry = require('@sentry/node')\n  Sentry.init({\n    onFatalError(error: Error) {\n      // Defer module loads until after Sentry.init is called.\n      if (require(relConstantsPath).ENV.SOCKET_CLI_DEBUG) {\n        logger.fail('[DEBUG] [Sentry onFatalError]:', error)\n      }\n    },\n    dsn: 'https://66736701db8e4ffac046bd09fa6aaced@o555220.ingest.us.sentry.io/4508846967619585',\n    enabled: true,\n    integrations: []\n  })\n  Sentry.setTag(\n    'environment',\n    // The '@rollup/plugin-replace' will replace \"process.env['INLINED_SOCKET_CLI_PUBLISHED_BUILD']\".\n    process.env['INLINED_SOCKET_CLI_PUBLISHED_BUILD']\n      ? 'pub'\n      : // The NODE_ENV convention is used by apps to define the runtime environment.\n        // https://nodejs.org/en/learn/getting-started/nodejs-the-difference-between-development-and-production\n        process.env['NODE_ENV']\n  )\n  Sentry.setTag(\n    'version',\n    // The '@rollup/plugin-replace' will replace \"process.env['INLINED_SOCKET_CLI_VERSION_HASH']\".\n    process.env['INLINED_SOCKET_CLI_VERSION_HASH']\n  )\n  const constants = require(relConstantsPath)\n  if (constants.ENV.SOCKET_CLI_DEBUG) {\n    Sentry.setTag('debugging', true)\n    logger.log('[DEBUG] Set up Sentry.')\n  } else {\n    Sentry.setTag('debugging', false)\n  }\n  const {\n    kInternalsSymbol,\n    [kInternalsSymbol as unknown as 'Symbol(kInternalsSymbol)']: { setSentry }\n  } = constants\n  setSentry(Sentry)\n} else if (require(relConstantsPath).ENV.SOCKET_CLI_DEBUG) {\n  logger.log('[DEBUG] Sentry disabled explicitly.')\n}\n"],"names":["logger","dsn","enabled","integrations","process","Sentry","setSentry"],"mappings":";;;;;;;;;;;;;;;AAAA;AACA;;;AAIA;AACA;AACA;AACA;AACoD;AAClD;;;AAGI;;AAEEA;AACF;;AAEFC;AACAC;AACAC;AACF;;AAGE;AACAC;;AAQA;AACAA;AAEF;AACA;AACEC;AACAL;AACF;AACEK;AACF;;;AAGE;AAA+DC;AAAU;AAC3E;;AAEF","debugId":"443aef59-6954-4c72-864c-34892e5490ee"}

package/dist/module-sync/cli.js

@@ -917,9 +917,11 @@ function emitBanner(name) {
   logger.logger.error(getAsciiHeader(name))
 }
 function getAsciiHeader(command) {
-  const cliVersion = '0.14.106:968fc98:d6f1d87a:pub' // The '@rollup/plugin-replace' will replace "process.env['INLINED_SOCKET_CLI_VERSION_HASH']".
+  const cliVersion = '0.14.108:342eeb0:d9332f95:pub' // The '@rollup/plugin-replace' will replace "process.env['INLINED_SOCKET_CLI_VERSION_HASH']".
   const nodeVersion = process$1.version
   const apiToken = shadowNpmInject.getDefaultToken()
+  const defaultOrg = shadowNpmInject.getConfigValue('defaultOrg')
+  const readOnlyConfig = shadowNpmInject.isReadOnlyConfig() ? '*' : '.'
   const shownToken = apiToken ? getLastFiveOfApiToken(apiToken) : 'no'
   const relCwd = path.normalizePath(
     process$1
@@ -935,7 +937,7 @@ function getAsciiHeader(command) {
   const body = `
    _____         _       _        /---------------
   |   __|___ ___| |_ ___| |_      | Socket.dev CLI ver ${cliVersion}
-  |__   | . |  _| '_| -_|  _|     | Node: ${nodeVersion}, API token set: ${shownToken}
+  |__   | ${readOnlyConfig} |  _| '_| -_|  _|     | Node: ${nodeVersion}, API token set: ${shownToken}${defaultOrg ? `, default org: ${defaultOrg}` : ''}
   |_____|___|___|_,_|___|_|.dev   | Command: \`${command}\`, cwd: ${relCwd}`.trimStart()
   return `   ${body}\n`
 }
@@ -2301,7 +2303,7 @@ async function handleScanReport({
   })
 }
 
-async function outputCreateNewScan(data, outputKind) {
+async function outputCreateNewScan(data, outputKind, interactive) {
   if (!data.id) {
     logger.logger.fail('Did not receive a scan ID from the API...')
     process.exitCode = 1
@@ -2341,10 +2343,11 @@ async function outputCreateNewScan(data, outputKind) {
   )
   logger.logger.log(`Available at: ${link}`)
   if (
-    await prompts.confirm({
+    interactive &&
+    (await prompts.confirm({
       message: 'Would you like to open it in your browser?',
       default: false
-    })
+    }))
   ) {
     await vendor.open(`${data.html_report_url}`)
   }
@@ -2357,6 +2360,7 @@ async function handleCreateNewScan({
   committers,
   cwd,
   defaultBranch,
+  interactive,
   orgSlug,
   outputKind,
   pendingHead,
@@ -2428,7 +2432,7 @@ async function handleCreateNewScan({
       process.exitCode = 1
     }
   } else {
-    await outputCreateNewScan(data, outputKind)
+    await outputCreateNewScan(data, outputKind, interactive)
   }
 }
 
@@ -2451,6 +2455,7 @@ async function handleCI() {
     committers: '',
     cwd: process.cwd(),
     defaultBranch: false,
+    interactive: false,
     orgSlug,
     outputKind: 'json',
     pendingHead: true,
@@ -3815,14 +3820,16 @@ async function gitCreateAndPushBranchIfNeeded(
   await spawn.spawn('git', ['checkout', '-b', branch], {
     cwd
   })
-  const relFilepaths = await vendor.distExports.glob(
-    '**/{package.json,package-lock.json,pnpm-lock.yaml}',
-    {
-      cwd
-    }
-  )
-  if (relFilepaths.length) {
-    await spawn.spawn('git', ['add', ...relFilepaths], {
+  const moddedFilepaths = (await gitUnstagedModifiedFiles(cwd)).filter(p => {
+    const basename = path$1.basename(p)
+    return (
+      basename === 'package.json' ||
+      basename === 'package-lock.json' ||
+      basename === 'pnpm-lock.yaml'
+    )
+  })
+  if (moddedFilepaths.length) {
+    await spawn.spawn('git', ['add', ...moddedFilepaths], {
       cwd
     })
   }
@@ -3839,6 +3846,13 @@ async function gitHardReset(cwd = process.cwd()) {
     cwd
   })
 }
+async function gitUnstagedModifiedFiles(cwd = process.cwd()) {
+  const { stdout } = await spawn.spawn('git', ['diff', '--name-only'], {
+    cwd
+  })
+  const rawFiles = stdout?.trim().split('\n') ?? []
+  return rawFiles.map(relPath => path.normalizePath(relPath))
+}
 async function isInGitRepo(cwd = process.cwd()) {
   try {
     await spawn.spawn('git', ['rev-parse', '--is-inside-work-tree'], {
@@ -3876,13 +3890,17 @@ function getOctokitGraphql() {
 }
 async function doesPullRequestExistForBranch(owner, repo, branch) {
   const octokit = getOctokit()
-  const { data: prs } = await octokit.pulls.list({
-    owner,
-    repo,
-    head: `${owner}:${branch}`,
-    state: 'open'
-  })
-  return prs.length > 0
+  try {
+    const { data: prs } = await octokit.pulls.list({
+      owner,
+      repo,
+      head: `${owner}:${branch}`,
+      state: 'open'
+    })
+    debug.debugLog('doesPullRequestExistForBranch > prs', prs)
+    return prs.length > 0
+  } catch {}
+  return false
 }
 async function enableAutoMerge({ node_id: prId, number: prNumber }) {
   const octokitGraphql = getOctokitGraphql()
@@ -4459,6 +4477,7 @@ async function pnpmFix(
     pkgEnvDetails.editablePkgJson.filename,
     ...workspacePkgJsonPaths
   ]
+  debug.debugLog('workspacePkgJsonPaths', workspacePkgJsonPaths)
   let actualTree = initialTree
   for (const { 0: name, 1: infos } of infoByPkg) {
     if (registry.getManifestData(NPM$c, name)) {
@@ -4513,6 +4532,7 @@ async function pnpmFix(
           }
           continue
         }
+        debug.debugLog('pkgJsonPaths', pkgJsonPaths)
         for (const pkgJsonPath of pkgJsonPaths) {
           const isWorkspaceRoot =
             pkgJsonPath === pkgEnvDetails.editablePkgJson.filename
@@ -10263,6 +10283,12 @@ const config$8 = {
       description:
         'Set the default branch of the repository to the branch of this full-scan. Should only need to be done once, for example for the "main" or "master" branch.'
     },
+    interactive: {
+      type: 'boolean',
+      default: true,
+      description:
+        'Allow for interactive elements, asking for input. Use --no-interactive to prevent any input questions, defaulting them to cancel/no.'
+    },
     pendingHead: {
       type: 'boolean',
       default: true,
@@ -10359,6 +10385,7 @@ async function run$8(argv, importMeta, { parentName }) {
     cwd: cwdOverride,
     defaultBranch,
     dryRun,
+    interactive = true,
     json,
     markdown,
     pendingHead,
@@ -10384,7 +10411,7 @@ async function run$8(argv, importMeta, { parentName }) {
   // If we updated any inputs then we should print the command line to repeat
   // the command without requiring user input, as a suggestion.
   let updatedInput = false
-  if (!targets.length && !dryRun) {
+  if (!targets.length && !dryRun && interactive) {
     const received = await suggestTarget()
     targets = received ?? []
     updatedInput = true
@@ -10393,7 +10420,7 @@ async function run$8(argv, importMeta, { parentName }) {
   // If the current cwd is unknown and is used as a repo slug anyways, we will
   // first need to register the slug before we can use it.
   // Only do suggestions with an apiToken and when not in dryRun mode
-  if (apiToken && !dryRun) {
+  if (apiToken && !dryRun && interactive) {
     if (!orgSlug) {
       const suggestion = await suggestOrgSlug()
       if (suggestion) {
@@ -10481,6 +10508,7 @@ async function run$8(argv, importMeta, { parentName }) {
     committers: (committers && String(committers)) || '',
     cwd,
     defaultBranch: Boolean(defaultBranch),
+    interactive: Boolean(interactive),
     orgSlug,
     outputKind: json ? 'json' : markdown ? 'markdown' : 'text',
     pendingHead: Boolean(pendingHead),
@@ -12267,7 +12295,7 @@ void (async () => {
   await vendor.updater({
     name: SOCKET_CLI_BIN_NAME,
     // The '@rollup/plugin-replace' will replace "process.env['INLINED_SOCKET_CLI_VERSION']".
-    version: '0.14.106',
+    version: '0.14.108',
     ttl: 86_400_000 /* 24 hours in milliseconds */
   })
   try {
@@ -12335,5 +12363,5 @@ void (async () => {
     await shadowNpmInject.captureException(e)
   }
 })()
-//# debugId=262dd99f-490c-457b-886d-df52563318d8
+//# debugId=d0923c39-8309-4e38-ada6-57f9f02b7bcd
 //# sourceMappingURL=cli.js.map