@socketsecurity/cli-with-sentry 0.14.122 → 0.14.124

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (11) hide show
  1. package/dist/instrument-with-sentry.js +2 -2
  2. package/dist/instrument-with-sentry.js.map +1 -1
  3. package/dist/module-sync/cli.js +34 -54
  4. package/dist/module-sync/cli.js.map +1 -1
  5. package/dist/module-sync/shadow-npm-inject.js +2 -2
  6. package/dist/module-sync/shadow-npm-inject.js.map +1 -1
  7. package/dist/require/cli.js +34 -54
  8. package/dist/require/cli.js.map +1 -1
  9. package/dist/require/shadow-npm-inject.js +2 -2
  10. package/dist/require/shadow-npm-inject.js.map +1 -1
  11. package/package.json +1 -1
package/dist/instrument-with-sentry.js CHANGED
@@ -41,7 +41,7 @@ const relConstantsPath = './constants'
41
41
  Sentry.setTag(
42
42
  'version',
43
43
  // The '@rollup/plugin-replace' will replace "process.env['INLINED_SOCKET_CLI_VERSION_HASH']".
44
- '0.14.122:30c1354:1911ca49:pub'
44
+ '0.14.124:5b2103f:b9f122e3:pub'
45
45
  )
46
46
  const constants = require(relConstantsPath)
47
47
  if (constants.ENV.SOCKET_CLI_DEBUG) {
@@ -56,5 +56,5 @@ const relConstantsPath = './constants'
56
56
  } = constants
57
57
  setSentry(Sentry)
58
58
  }
59
- //# debugId=13c369c3-e747-4648-b594-082d73b04755
59
+ //# debugId=a1b404f2-b282-4607-a7bd-16cca4be61f5
60
60
  //# sourceMappingURL=instrument-with-sentry.js.map
package/dist/instrument-with-sentry.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"instrument-with-sentry.js","sources":["../../src/instrument-with-sentry.ts"],"sourcesContent":["// This should ONLY be included in the special Sentry build!\n// Otherwise the Sentry dependency won't even be present in the manifest.\n\nimport { logger } from '@socketsecurity/registry/lib/logger'\n\n// Require constants with require(relConstantsPath) instead of require('./constants')\n// so Rollup doesn't generate a constants2.js chunk.\nconst relConstantsPath = './constants'\n// The '@rollup/plugin-replace' will replace \"process.env['INLINED_SOCKET_CLI_SENTRY_BUILD']\".\nif (process.env['INLINED_SOCKET_CLI_SENTRY_BUILD']) {\n const Sentry = require('@sentry/node')\n Sentry.init({\n onFatalError(error: Error) {\n // Defer module loads until after Sentry.init is called.\n if (require(relConstantsPath).ENV.SOCKET_CLI_DEBUG) {\n logger.fail('[DEBUG] [Sentry onFatalError]:', error)\n }\n },\n dsn: 'https://66736701db8e4ffac046bd09fa6aaced@o555220.ingest.us.sentry.io/4508846967619585',\n enabled: true,\n integrations: []\n })\n Sentry.setTag(\n 'environment',\n // The '@rollup/plugin-replace' will replace \"process.env['INLINED_SOCKET_CLI_PUBLISHED_BUILD']\".\n process.env['INLINED_SOCKET_CLI_PUBLISHED_BUILD']\n ? 'pub'\n : // The NODE_ENV convention is used by apps to define the runtime environment.\n // https://nodejs.org/en/learn/getting-started/nodejs-the-difference-between-development-and-production\n process.env['NODE_ENV']\n )\n Sentry.setTag(\n 'version',\n // The '@rollup/plugin-replace' will replace \"process.env['INLINED_SOCKET_CLI_VERSION_HASH']\".\n process.env['INLINED_SOCKET_CLI_VERSION_HASH']\n )\n const constants = require(relConstantsPath)\n if (constants.ENV.SOCKET_CLI_DEBUG) {\n Sentry.setTag('debugging', true)\n logger.log('[DEBUG] Set up Sentry.')\n } else {\n Sentry.setTag('debugging', false)\n }\n const {\n kInternalsSymbol,\n [kInternalsSymbol as unknown as 'Symbol(kInternalsSymbol)']: { setSentry }\n } = constants\n setSentry(Sentry)\n} else if (require(relConstantsPath).ENV.SOCKET_CLI_DEBUG) {\n logger.log('[DEBUG] Sentry disabled explicitly.')\n}\n"],"names":["logger","dsn","enabled","integrations","process","Sentry","setSentry"],"mappings":";;;;;;;;;;;;;;;AAAA;AACA;;;AAIA;AACA;AACA;AACA;AACoD;AAClD;;;AAGI;;AAEEA;AACF;;AAEFC;AACAC;AACAC;AACF;;AAGE;AACAC;;AAQA;AACAA;AAEF;AACA;AACEC;AACAL;AACF;AACEK;AACF;;;AAGE;AAA+DC;AAAU;AAC3E;;AAEF","debugId":"13c369c3-e747-4648-b594-082d73b04755"}
1
+ {"version":3,"file":"instrument-with-sentry.js","sources":["../../src/instrument-with-sentry.ts"],"sourcesContent":["// This should ONLY be included in the special Sentry build!\n// Otherwise the Sentry dependency won't even be present in the manifest.\n\nimport { logger } from '@socketsecurity/registry/lib/logger'\n\n// Require constants with require(relConstantsPath) instead of require('./constants')\n// so Rollup doesn't generate a constants2.js chunk.\nconst relConstantsPath = './constants'\n// The '@rollup/plugin-replace' will replace \"process.env['INLINED_SOCKET_CLI_SENTRY_BUILD']\".\nif (process.env['INLINED_SOCKET_CLI_SENTRY_BUILD']) {\n const Sentry = require('@sentry/node')\n Sentry.init({\n onFatalError(error: Error) {\n // Defer module loads until after Sentry.init is called.\n if (require(relConstantsPath).ENV.SOCKET_CLI_DEBUG) {\n logger.fail('[DEBUG] [Sentry onFatalError]:', error)\n }\n },\n dsn: 'https://66736701db8e4ffac046bd09fa6aaced@o555220.ingest.us.sentry.io/4508846967619585',\n enabled: true,\n integrations: []\n })\n Sentry.setTag(\n 'environment',\n // The '@rollup/plugin-replace' will replace \"process.env['INLINED_SOCKET_CLI_PUBLISHED_BUILD']\".\n process.env['INLINED_SOCKET_CLI_PUBLISHED_BUILD']\n ? 'pub'\n : // The NODE_ENV convention is used by apps to define the runtime environment.\n // https://nodejs.org/en/learn/getting-started/nodejs-the-difference-between-development-and-production\n process.env['NODE_ENV']\n )\n Sentry.setTag(\n 'version',\n // The '@rollup/plugin-replace' will replace \"process.env['INLINED_SOCKET_CLI_VERSION_HASH']\".\n process.env['INLINED_SOCKET_CLI_VERSION_HASH']\n )\n const constants = require(relConstantsPath)\n if (constants.ENV.SOCKET_CLI_DEBUG) {\n Sentry.setTag('debugging', true)\n logger.log('[DEBUG] Set up Sentry.')\n } else {\n Sentry.setTag('debugging', false)\n }\n const {\n kInternalsSymbol,\n [kInternalsSymbol as unknown as 'Symbol(kInternalsSymbol)']: { setSentry }\n } = constants\n setSentry(Sentry)\n} else if (require(relConstantsPath).ENV.SOCKET_CLI_DEBUG) {\n logger.log('[DEBUG] Sentry disabled explicitly.')\n}\n"],"names":["logger","dsn","enabled","integrations","process","Sentry","setSentry"],"mappings":";;;;;;;;;;;;;;;AAAA;AACA;;;AAIA;AACA;AACA;AACA;AACoD;AAClD;;;AAGI;;AAEEA;AACF;;AAEFC;AACAC;AACAC;AACF;;AAGE;AACAC;;AAQA;AACAA;AAEF;AACA;AACEC;AACAL;AACF;AACEK;AACF;;;AAGE;AAA+DC;AAAU;AAC3E;;AAEF","debugId":"a1b404f2-b282-4607-a7bd-16cca4be61f5"}
package/dist/module-sync/cli.js CHANGED
@@ -917,7 +917,7 @@ function emitBanner(name) {
917
917
  logger.logger.error(getAsciiHeader(name))
918
918
  }
919
919
  function getAsciiHeader(command) {
920
- const cliVersion = '0.14.122:30c1354:1911ca49:pub' // The '@rollup/plugin-replace' will replace "process.env['INLINED_SOCKET_CLI_VERSION_HASH']".
920
+ const cliVersion = '0.14.124:5b2103f:b9f122e3:pub' // The '@rollup/plugin-replace' will replace "process.env['INLINED_SOCKET_CLI_VERSION_HASH']".
921
921
  const nodeVersion = process$1.version
922
922
  const apiToken = shadowNpmInject.getDefaultToken()
923
923
  const defaultOrg = shadowNpmInject.getConfigValue('defaultOrg')
@@ -3739,7 +3739,7 @@ function getPkgNameFromPurlObj(purlObj) {
3739
3739
  function getBaseGitBranch() {
3740
3740
  // Lazily access constants.ENV[GITHUB_REF_NAME].
3741
3741
  return (
3742
- constants.ENV[GITHUB_REF_NAME] ??
3742
+ constants.ENV[GITHUB_REF_NAME] ||
3743
3743
  // GitHub defaults to branch name "main"
3744
3744
  // https://docs.github.com/en/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/about-branches#about-the-default-branch
3745
3745
  'main'
@@ -3858,16 +3858,6 @@ async function gitUnstagedModifiedFiles(cwd = process.cwd()) {
3858
3858
  const rawFiles = stdout?.trim().split('\n') ?? []
3859
3859
  return rawFiles.map(relPath => path.normalizePath(relPath))
3860
3860
  }
3861
- async function isInGitRepo(cwd = process.cwd()) {
3862
- try {
3863
- await spawn.spawn('git', ['rev-parse', '--is-inside-work-tree'], {
3864
- cwd,
3865
- stdio: 'ignore'
3866
- })
3867
- return true
3868
- } catch {}
3869
- return false
3870
- }
3871
3861
 
3872
3862
  const { GITHUB_ACTIONS, GITHUB_REPOSITORY, SOCKET_SECURITY_GITHUB_PAT } =
3873
3863
  constants
@@ -4054,10 +4044,10 @@ async function npmFix(
4054
4044
 
4055
4045
  // Lazily access constants.ENV[CI].
4056
4046
  const isCi = constants.ENV[CI$1]
4057
- const { 0: isRepo, 1: workspacePkgJsonPaths } = await Promise.all([
4058
- isInGitRepo(cwd),
4059
- shadowNpmInject.globWorkspace(pkgEnvDetails.agent, rootPath)
4060
- ])
4047
+ const workspacePkgJsonPaths = await shadowNpmInject.globWorkspace(
4048
+ pkgEnvDetails.agent,
4049
+ rootPath
4050
+ )
4061
4051
  const pkgJsonPaths = [
4062
4052
  ...workspacePkgJsonPaths,
4063
4053
  // Process the workspace root last since it will add an override to package.json.
@@ -4075,7 +4065,7 @@ async function npmFix(
4075
4065
  const oldVersions = arrays.arrayUnique(
4076
4066
  shadowNpmInject
4077
4067
  .findPackageNodes(arb.idealTree, name)
4078
- .map(n => n.version)
4068
+ .map(n => n.target?.version ?? n.version)
4079
4069
  .filter(Boolean)
4080
4070
  )
4081
4071
  const packument =
@@ -4272,15 +4262,15 @@ async function npmFix(
4272
4262
  // eslint-disable-next-line no-await-in-loop
4273
4263
  await Promise.all([
4274
4264
  shadowNpmInject.removeNodeModules(cwd),
4275
- ...(isRepo ? [gitHardReset(cwd)] : []),
4276
- ...(saved && !isRepo ? [editablePkgJson.save()] : [])
4265
+ ...(isCi
4266
+ ? [gitCheckoutBaseBranchIfAvailable(baseBranch, cwd)]
4267
+ : []),
4268
+ ...(saved && !isCi ? [editablePkgJson.save()] : [])
4277
4269
  ])
4278
- if (!isRepo && installed) {
4279
- // eslint-disable-next-line no-await-in-loop
4280
- await install$1(revertTree, {
4281
- cwd
4282
- })
4283
- }
4270
+ // eslint-disable-next-line no-await-in-loop
4271
+ await install$1(revertTree, {
4272
+ cwd
4273
+ })
4284
4274
  if (errored) {
4285
4275
  if (!failedSpecs.has(newSpecKey)) {
4286
4276
  failedSpecs.add(newSpecKey)
@@ -4480,30 +4470,34 @@ async function pnpmFix(
4480
4470
 
4481
4471
  // Lazily access constants.ENV[CI].
4482
4472
  const isCi = constants.ENV[CI]
4483
- const { 0: isRepo, 1: workspacePkgJsonPaths } = await Promise.all([
4484
- isInGitRepo(cwd),
4485
- shadowNpmInject.globWorkspace(pkgEnvDetails.agent, rootPath)
4486
- ])
4473
+ const workspacePkgJsonPaths = await shadowNpmInject.globWorkspace(
4474
+ pkgEnvDetails.agent,
4475
+ rootPath
4476
+ )
4477
+ const baseBranch = isCi ? getBaseGitBranch() : ''
4478
+ const { owner, repo } = isCi
4479
+ ? getGitHubEnvRepoInfo()
4480
+ : {
4481
+ owner: '',
4482
+ repo: ''
4483
+ }
4487
4484
  const pkgJsonPaths = [
4488
4485
  ...workspacePkgJsonPaths,
4489
4486
  // Process the workspace root last since it will add an override to package.json.
4490
4487
  pkgEnvDetails.editablePkgJson.filename
4491
4488
  ]
4492
- let actualTree
4489
+ let actualTree = await getActualTree(cwd)
4493
4490
  for (const { 0: name, 1: infos } of infoByPkg) {
4494
4491
  if (registry.getManifestData(NPM$c, name)) {
4495
4492
  spinner?.info(`Skipping ${name}. Socket Optimize package exists.`)
4496
4493
  continue
4497
4494
  }
4498
- // eslint-disable-next-line no-await-in-loop
4499
- actualTree = await getActualTree(cwd)
4500
4495
  const oldVersions = arrays.arrayUnique(
4501
4496
  shadowNpmInject
4502
4497
  .findPackageNodes(actualTree, name)
4503
- .map(n => n.version)
4498
+ .map(n => n.target?.version ?? n.version)
4504
4499
  .filter(Boolean)
4505
4500
  )
4506
- debug.debugLog(name, 'oldVersions', oldVersions)
4507
4501
  const packument =
4508
4502
  oldVersions.length && infos.length
4509
4503
  ? // eslint-disable-next-line no-await-in-loop
@@ -4526,8 +4520,6 @@ async function pnpmFix(
4526
4520
  firstPatchedVersionIdentifier,
4527
4521
  vulnerableVersionRange
4528
4522
  } of infos) {
4529
- // eslint-disable-next-line no-await-in-loop
4530
- actualTree = await getActualTree()
4531
4523
  const node = shadowNpmInject.findPackageNode(
4532
4524
  actualTree,
4533
4525
  name,
@@ -4630,21 +4622,10 @@ async function pnpmFix(
4630
4622
  const branch = isCi
4631
4623
  ? getSocketBranchName(oldPurl, newVersion, workspaceName)
4632
4624
  : ''
4633
- const baseBranch = isCi ? getBaseGitBranch() : ''
4634
- const { owner, repo } = isCi
4635
- ? getGitHubEnvRepoInfo()
4636
- : {
4637
- owner: '',
4638
- repo: ''
4639
- }
4640
4625
  const shouldOpenPr = isCi
4641
4626
  ? // eslint-disable-next-line no-await-in-loop
4642
4627
  !(await doesPullRequestExistForBranch(owner, repo, branch))
4643
4628
  : false
4644
- if (isCi) {
4645
- // eslint-disable-next-line no-await-in-loop
4646
- await gitCheckoutBaseBranchIfAvailable(baseBranch, cwd)
4647
- }
4648
4629
  if (updateData) {
4649
4630
  editablePkgJson.update(updateData)
4650
4631
  }
@@ -4740,11 +4721,10 @@ async function pnpmFix(
4740
4721
  // eslint-disable-next-line no-await-in-loop
4741
4722
  await Promise.all([
4742
4723
  shadowNpmInject.removeNodeModules(cwd),
4743
- ...(isRepo
4744
- ? [gitHardReset(cwd)]
4745
- : installed
4746
- ? [editablePkgJson.save()]
4747
- : [])
4724
+ ...(isCi
4725
+ ? [gitCheckoutBaseBranchIfAvailable(baseBranch, cwd)]
4726
+ : []),
4727
+ ...(installed && !isCi ? [editablePkgJson.save()] : [])
4748
4728
  ])
4749
4729
  // eslint-disable-next-line no-await-in-loop
4750
4730
  actualTree = await install(pkgEnvDetails, {
@@ -12331,7 +12311,7 @@ void (async () => {
12331
12311
  await vendor.updater({
12332
12312
  name: SOCKET_CLI_BIN_NAME,
12333
12313
  // The '@rollup/plugin-replace' will replace "process.env['INLINED_SOCKET_CLI_VERSION']".
12334
- version: '0.14.122',
12314
+ version: '0.14.124',
12335
12315
  ttl: 86_400_000 /* 24 hours in milliseconds */
12336
12316
  })
12337
12317
  try {
@@ -12399,5 +12379,5 @@ void (async () => {
12399
12379
  await shadowNpmInject.captureException(e)
12400
12380
  }
12401
12381
  })()
12402
- //# debugId=89d93dc5-77bf-4052-b196-09f5e5169b84
12382
+ //# debugId=6c275bac-7bf4-4e55-8d6d-8b25adfc2eba
12403
12383
  //# sourceMappingURL=cli.js.map