@socketsecurity/cli-with-sentry 0.14.123 → 0.14.124

package/dist/instrument-with-sentry.js

@@ -41,7 +41,7 @@ const relConstantsPath = './constants'
   Sentry.setTag(
     'version',
     // The '@rollup/plugin-replace' will replace "process.env['INLINED_SOCKET_CLI_VERSION_HASH']".
-    '0.14.123:ac83b62:6bf8f885:pub'
+    '0.14.124:5b2103f:b9f122e3:pub'
   )
   const constants = require(relConstantsPath)
   if (constants.ENV.SOCKET_CLI_DEBUG) {
@@ -56,5 +56,5 @@ const relConstantsPath = './constants'
   } = constants
   setSentry(Sentry)
 }
-//# debugId=73287fc2-b2fe-4793-8310-d084716f176a
+//# debugId=a1b404f2-b282-4607-a7bd-16cca4be61f5
 //# sourceMappingURL=instrument-with-sentry.js.map

package/dist/instrument-with-sentry.js.map

@@ -1 +1 @@
-{"version":3,"file":"instrument-with-sentry.js","sources":["../../src/instrument-with-sentry.ts"],"sourcesContent":["// This should ONLY be included in the special Sentry build!\n// Otherwise the Sentry dependency won't even be present in the manifest.\n\nimport { logger } from '@socketsecurity/registry/lib/logger'\n\n// Require constants with require(relConstantsPath) instead of require('./constants')\n// so Rollup doesn't generate a constants2.js chunk.\nconst relConstantsPath = './constants'\n// The '@rollup/plugin-replace' will replace \"process.env['INLINED_SOCKET_CLI_SENTRY_BUILD']\".\nif (process.env['INLINED_SOCKET_CLI_SENTRY_BUILD']) {\n  const Sentry = require('@sentry/node')\n  Sentry.init({\n    onFatalError(error: Error) {\n      // Defer module loads until after Sentry.init is called.\n      if (require(relConstantsPath).ENV.SOCKET_CLI_DEBUG) {\n        logger.fail('[DEBUG] [Sentry onFatalError]:', error)\n      }\n    },\n    dsn: 'https://66736701db8e4ffac046bd09fa6aaced@o555220.ingest.us.sentry.io/4508846967619585',\n    enabled: true,\n    integrations: []\n  })\n  Sentry.setTag(\n    'environment',\n    // The '@rollup/plugin-replace' will replace \"process.env['INLINED_SOCKET_CLI_PUBLISHED_BUILD']\".\n    process.env['INLINED_SOCKET_CLI_PUBLISHED_BUILD']\n      ? 'pub'\n      : // The NODE_ENV convention is used by apps to define the runtime environment.\n        // https://nodejs.org/en/learn/getting-started/nodejs-the-difference-between-development-and-production\n        process.env['NODE_ENV']\n  )\n  Sentry.setTag(\n    'version',\n    // The '@rollup/plugin-replace' will replace \"process.env['INLINED_SOCKET_CLI_VERSION_HASH']\".\n    process.env['INLINED_SOCKET_CLI_VERSION_HASH']\n  )\n  const constants = require(relConstantsPath)\n  if (constants.ENV.SOCKET_CLI_DEBUG) {\n    Sentry.setTag('debugging', true)\n    logger.log('[DEBUG] Set up Sentry.')\n  } else {\n    Sentry.setTag('debugging', false)\n  }\n  const {\n    kInternalsSymbol,\n    [kInternalsSymbol as unknown as 'Symbol(kInternalsSymbol)']: { setSentry }\n  } = constants\n  setSentry(Sentry)\n} else if (require(relConstantsPath).ENV.SOCKET_CLI_DEBUG) {\n  logger.log('[DEBUG] Sentry disabled explicitly.')\n}\n"],"names":["logger","dsn","enabled","integrations","process","Sentry","setSentry"],"mappings":";;;;;;;;;;;;;;;AAAA;AACA;;;AAIA;AACA;AACA;AACA;AACoD;AAClD;;;AAGI;;AAEEA;AACF;;AAEFC;AACAC;AACAC;AACF;;AAGE;AACAC;;AAQA;AACAA;AAEF;AACA;AACEC;AACAL;AACF;AACEK;AACF;;;AAGE;AAA+DC;AAAU;AAC3E;;AAEF","debugId":"73287fc2-b2fe-4793-8310-d084716f176a"}
+{"version":3,"file":"instrument-with-sentry.js","sources":["../../src/instrument-with-sentry.ts"],"sourcesContent":["// This should ONLY be included in the special Sentry build!\n// Otherwise the Sentry dependency won't even be present in the manifest.\n\nimport { logger } from '@socketsecurity/registry/lib/logger'\n\n// Require constants with require(relConstantsPath) instead of require('./constants')\n// so Rollup doesn't generate a constants2.js chunk.\nconst relConstantsPath = './constants'\n// The '@rollup/plugin-replace' will replace \"process.env['INLINED_SOCKET_CLI_SENTRY_BUILD']\".\nif (process.env['INLINED_SOCKET_CLI_SENTRY_BUILD']) {\n  const Sentry = require('@sentry/node')\n  Sentry.init({\n    onFatalError(error: Error) {\n      // Defer module loads until after Sentry.init is called.\n      if (require(relConstantsPath).ENV.SOCKET_CLI_DEBUG) {\n        logger.fail('[DEBUG] [Sentry onFatalError]:', error)\n      }\n    },\n    dsn: 'https://66736701db8e4ffac046bd09fa6aaced@o555220.ingest.us.sentry.io/4508846967619585',\n    enabled: true,\n    integrations: []\n  })\n  Sentry.setTag(\n    'environment',\n    // The '@rollup/plugin-replace' will replace \"process.env['INLINED_SOCKET_CLI_PUBLISHED_BUILD']\".\n    process.env['INLINED_SOCKET_CLI_PUBLISHED_BUILD']\n      ? 'pub'\n      : // The NODE_ENV convention is used by apps to define the runtime environment.\n        // https://nodejs.org/en/learn/getting-started/nodejs-the-difference-between-development-and-production\n        process.env['NODE_ENV']\n  )\n  Sentry.setTag(\n    'version',\n    // The '@rollup/plugin-replace' will replace \"process.env['INLINED_SOCKET_CLI_VERSION_HASH']\".\n    process.env['INLINED_SOCKET_CLI_VERSION_HASH']\n  )\n  const constants = require(relConstantsPath)\n  if (constants.ENV.SOCKET_CLI_DEBUG) {\n    Sentry.setTag('debugging', true)\n    logger.log('[DEBUG] Set up Sentry.')\n  } else {\n    Sentry.setTag('debugging', false)\n  }\n  const {\n    kInternalsSymbol,\n    [kInternalsSymbol as unknown as 'Symbol(kInternalsSymbol)']: { setSentry }\n  } = constants\n  setSentry(Sentry)\n} else if (require(relConstantsPath).ENV.SOCKET_CLI_DEBUG) {\n  logger.log('[DEBUG] Sentry disabled explicitly.')\n}\n"],"names":["logger","dsn","enabled","integrations","process","Sentry","setSentry"],"mappings":";;;;;;;;;;;;;;;AAAA;AACA;;;AAIA;AACA;AACA;AACA;AACoD;AAClD;;;AAGI;;AAEEA;AACF;;AAEFC;AACAC;AACAC;AACF;;AAGE;AACAC;;AAQA;AACAA;AAEF;AACA;AACEC;AACAL;AACF;AACEK;AACF;;;AAGE;AAA+DC;AAAU;AAC3E;;AAEF","debugId":"a1b404f2-b282-4607-a7bd-16cca4be61f5"}

package/dist/module-sync/cli.js

@@ -917,7 +917,7 @@ function emitBanner(name) {
   logger.logger.error(getAsciiHeader(name))
 }
 function getAsciiHeader(command) {
-  const cliVersion = '0.14.123:ac83b62:6bf8f885:pub' // The '@rollup/plugin-replace' will replace "process.env['INLINED_SOCKET_CLI_VERSION_HASH']".
+  const cliVersion = '0.14.124:5b2103f:b9f122e3:pub' // The '@rollup/plugin-replace' will replace "process.env['INLINED_SOCKET_CLI_VERSION_HASH']".
   const nodeVersion = process$1.version
   const apiToken = shadowNpmInject.getDefaultToken()
   const defaultOrg = shadowNpmInject.getConfigValue('defaultOrg')
@@ -3739,7 +3739,7 @@ function getPkgNameFromPurlObj(purlObj) {
 function getBaseGitBranch() {
   // Lazily access constants.ENV[GITHUB_REF_NAME].
   return (
-    constants.ENV[GITHUB_REF_NAME] ??
+    constants.ENV[GITHUB_REF_NAME] ||
     // GitHub defaults to branch name "main"
     // https://docs.github.com/en/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/about-branches#about-the-default-branch
     'main'
@@ -3858,16 +3858,6 @@ async function gitUnstagedModifiedFiles(cwd = process.cwd()) {
   const rawFiles = stdout?.trim().split('\n') ?? []
   return rawFiles.map(relPath => path.normalizePath(relPath))
 }
-async function isInGitRepo(cwd = process.cwd()) {
-  try {
-    await spawn.spawn('git', ['rev-parse', '--is-inside-work-tree'], {
-      cwd,
-      stdio: 'ignore'
-    })
-    return true
-  } catch {}
-  return false
-}
 
 const { GITHUB_ACTIONS, GITHUB_REPOSITORY, SOCKET_SECURITY_GITHUB_PAT } =
   constants
@@ -4054,10 +4044,10 @@ async function npmFix(
 
   // Lazily access constants.ENV[CI].
   const isCi = constants.ENV[CI$1]
-  const { 0: isRepo, 1: workspacePkgJsonPaths } = await Promise.all([
-    isInGitRepo(cwd),
-    shadowNpmInject.globWorkspace(pkgEnvDetails.agent, rootPath)
-  ])
+  const workspacePkgJsonPaths = await shadowNpmInject.globWorkspace(
+    pkgEnvDetails.agent,
+    rootPath
+  )
   const pkgJsonPaths = [
     ...workspacePkgJsonPaths,
     // Process the workspace root last since it will add an override to package.json.
@@ -4075,7 +4065,7 @@ async function npmFix(
     const oldVersions = arrays.arrayUnique(
       shadowNpmInject
         .findPackageNodes(arb.idealTree, name)
-        .map(n => n.version)
+        .map(n => n.target?.version ?? n.version)
         .filter(Boolean)
     )
     const packument =
@@ -4272,15 +4262,15 @@ async function npmFix(
             // eslint-disable-next-line no-await-in-loop
             await Promise.all([
               shadowNpmInject.removeNodeModules(cwd),
-              ...(isRepo ? [gitHardReset(cwd)] : []),
-              ...(saved && !isRepo ? [editablePkgJson.save()] : [])
+              ...(isCi
+                ? [gitCheckoutBaseBranchIfAvailable(baseBranch, cwd)]
+                : []),
+              ...(saved && !isCi ? [editablePkgJson.save()] : [])
             ])
-            if (!isRepo && installed) {
-              // eslint-disable-next-line no-await-in-loop
-              await install$1(revertTree, {
-                cwd
-              })
-            }
+            // eslint-disable-next-line no-await-in-loop
+            await install$1(revertTree, {
+              cwd
+            })
             if (errored) {
               if (!failedSpecs.has(newSpecKey)) {
                 failedSpecs.add(newSpecKey)
@@ -4480,37 +4470,34 @@ async function pnpmFix(
 
   // Lazily access constants.ENV[CI].
   const isCi = constants.ENV[CI]
-  const { 0: isRepo, 1: workspacePkgJsonPaths } = await Promise.all([
-    isInGitRepo(cwd),
-    shadowNpmInject.globWorkspace(pkgEnvDetails.agent, rootPath)
-  ])
+  const workspacePkgJsonPaths = await shadowNpmInject.globWorkspace(
+    pkgEnvDetails.agent,
+    rootPath
+  )
+  const baseBranch = isCi ? getBaseGitBranch() : ''
+  const { owner, repo } = isCi
+    ? getGitHubEnvRepoInfo()
+    : {
+        owner: '',
+        repo: ''
+      }
   const pkgJsonPaths = [
     ...workspacePkgJsonPaths,
     // Process the workspace root last since it will add an override to package.json.
     pkgEnvDetails.editablePkgJson.filename
   ]
-  let actualTree
+  let actualTree = await getActualTree(cwd)
   for (const { 0: name, 1: infos } of infoByPkg) {
     if (registry.getManifestData(NPM$c, name)) {
       spinner?.info(`Skipping ${name}. Socket Optimize package exists.`)
       continue
     }
-    // eslint-disable-next-line no-await-in-loop
-    await Promise.all([
-      shadowNpmInject.removeNodeModules(cwd),
-      ...(isRepo ? [gitHardReset(cwd)] : [])
-    ])
-    // eslint-disable-next-line no-await-in-loop
-    actualTree = await install(pkgEnvDetails, {
-      spinner
-    })
     const oldVersions = arrays.arrayUnique(
       shadowNpmInject
         .findPackageNodes(actualTree, name)
-        .map(n => n.version)
+        .map(n => n.target?.version ?? n.version)
         .filter(Boolean)
     )
-    debug.debugLog(name, 'oldVersions', oldVersions)
     const packument =
       oldVersions.length && infos.length
         ? // eslint-disable-next-line no-await-in-loop
@@ -4533,15 +4520,6 @@ async function pnpmFix(
           firstPatchedVersionIdentifier,
           vulnerableVersionRange
         } of infos) {
-          // eslint-disable-next-line no-await-in-loop
-          await Promise.all([
-            shadowNpmInject.removeNodeModules(cwd),
-            ...(isRepo ? [gitHardReset(cwd)] : [])
-          ])
-          // eslint-disable-next-line no-await-in-loop
-          actualTree = await install(pkgEnvDetails, {
-            spinner
-          })
           const node = shadowNpmInject.findPackageNode(
             actualTree,
             name,
@@ -4644,21 +4622,10 @@ async function pnpmFix(
           const branch = isCi
             ? getSocketBranchName(oldPurl, newVersion, workspaceName)
             : ''
-          const baseBranch = isCi ? getBaseGitBranch() : ''
-          const { owner, repo } = isCi
-            ? getGitHubEnvRepoInfo()
-            : {
-                owner: '',
-                repo: ''
-              }
           const shouldOpenPr = isCi
             ? // eslint-disable-next-line no-await-in-loop
               !(await doesPullRequestExistForBranch(owner, repo, branch))
             : false
-          if (isCi) {
-            // eslint-disable-next-line no-await-in-loop
-            await gitCheckoutBaseBranchIfAvailable(baseBranch, cwd)
-          }
           if (updateData) {
             editablePkgJson.update(updateData)
           }
@@ -4754,11 +4721,10 @@ async function pnpmFix(
             // eslint-disable-next-line no-await-in-loop
             await Promise.all([
               shadowNpmInject.removeNodeModules(cwd),
-              ...(isRepo
-                ? [gitHardReset(cwd)]
-                : installed
-                  ? [editablePkgJson.save()]
-                  : [])
+              ...(isCi
+                ? [gitCheckoutBaseBranchIfAvailable(baseBranch, cwd)]
+                : []),
+              ...(installed && !isCi ? [editablePkgJson.save()] : [])
             ])
             // eslint-disable-next-line no-await-in-loop
             actualTree = await install(pkgEnvDetails, {
@@ -12345,7 +12311,7 @@ void (async () => {
   await vendor.updater({
     name: SOCKET_CLI_BIN_NAME,
     // The '@rollup/plugin-replace' will replace "process.env['INLINED_SOCKET_CLI_VERSION']".
-    version: '0.14.123',
+    version: '0.14.124',
     ttl: 86_400_000 /* 24 hours in milliseconds */
   })
   try {
@@ -12413,5 +12379,5 @@ void (async () => {
     await shadowNpmInject.captureException(e)
   }
 })()
-//# debugId=645892ec-7104-4af0-915a-c1219b90c91c
+//# debugId=6c275bac-7bf4-4e55-8d6d-8b25adfc2eba
 //# sourceMappingURL=cli.js.map