@socketsecurity/cli-with-sentry 0.14.124 → 0.14.126

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (11) hide show
  1. package/dist/instrument-with-sentry.js +2 -2
  2. package/dist/instrument-with-sentry.js.map +1 -1
  3. package/dist/module-sync/cli.js +124 -149
  4. package/dist/module-sync/cli.js.map +1 -1
  5. package/dist/module-sync/shadow-npm-inject.js +2 -2
  6. package/dist/module-sync/shadow-npm-inject.js.map +1 -1
  7. package/dist/require/cli.js +124 -149
  8. package/dist/require/cli.js.map +1 -1
  9. package/dist/require/shadow-npm-inject.js +2 -2
  10. package/dist/require/shadow-npm-inject.js.map +1 -1
  11. package/package.json +1 -1
package/dist/require/cli.js CHANGED
@@ -917,7 +917,7 @@ function emitBanner(name) {
917
917
  logger.logger.error(getAsciiHeader(name))
918
918
  }
919
919
  function getAsciiHeader(command) {
920
- const cliVersion = '0.14.124:5b2103f:b9f122e3:pub' // The '@rollup/plugin-replace' will replace "process.env['INLINED_SOCKET_CLI_VERSION_HASH']".
920
+ const cliVersion = '0.14.126:cbde084:1c0f934a:pub' // The '@rollup/plugin-replace' will replace "process.env['INLINED_SOCKET_CLI_VERSION_HASH']".
921
921
  const nodeVersion = process$1.version
922
922
  const apiToken = shadowNpmInject.getDefaultToken()
923
923
  const defaultOrg = shadowNpmInject.getConfigValue('defaultOrg')
@@ -4180,7 +4180,6 @@ async function npmFix(
4180
4180
  )
4181
4181
  let error
4182
4182
  let errored = false
4183
- let installed = false
4184
4183
  let saved = false
4185
4184
 
4186
4185
  // eslint-disable-next-line no-await-in-loop
@@ -4196,7 +4195,6 @@ async function npmFix(
4196
4195
  await install$1(arb.idealTree, {
4197
4196
  cwd
4198
4197
  })
4199
- installed = true
4200
4198
  if (test) {
4201
4199
  if (!testedSpecs.has(newSpecKey)) {
4202
4200
  testedSpecs.add(newSpecKey)
@@ -4506,32 +4504,43 @@ async function pnpmFix(
4506
4504
  if (!packument) {
4507
4505
  continue
4508
4506
  }
4509
- const failedSpecs = new Set()
4510
4507
  const fixedSpecs = new Set()
4511
- const installedSpecs = new Set()
4512
- const testedSpecs = new Set()
4513
- const unavailableSpecs = new Set()
4514
- const revertedSpecs = new Set()
4515
4508
  for (const pkgJsonPath of pkgJsonPaths) {
4509
+ // Re-read actualTree to avoid lockfile state issues
4510
+ // eslint-disable-next-line no-await-in-loop
4511
+ actualTree = await getActualTree(cwd)
4512
+ const pkgPath = path$1.dirname(pkgJsonPath)
4513
+ const isWorkspaceRoot =
4514
+ pkgJsonPath === pkgEnvDetails.editablePkgJson.filename
4515
+ const workspaceName = isWorkspaceRoot
4516
+ ? 'root'
4517
+ : path$1.relative(rootPath, pkgPath)
4518
+ const editablePkgJson = isWorkspaceRoot
4519
+ ? pkgEnvDetails.editablePkgJson
4520
+ : // eslint-disable-next-line no-await-in-loop
4521
+ await packages.readPackageJson(pkgJsonPath, {
4522
+ editable: true
4523
+ })
4524
+
4525
+ // Get current overrides for revert logic
4526
+ const oldPnpmSection = editablePkgJson.content[PNPM$8]
4527
+ const oldOverrides = oldPnpmSection?.[OVERRIDES$2]
4516
4528
  for (const oldVersion of oldVersions) {
4517
4529
  const oldSpec = `${name}@${oldVersion}`
4518
4530
  const oldPurl = `pkg:npm/${oldSpec}`
4531
+ const node = shadowNpmInject.findPackageNode(
4532
+ actualTree,
4533
+ name,
4534
+ oldVersion
4535
+ )
4536
+ if (!node) {
4537
+ debug.debugLog(`Skipping ${oldSpec}, no node found in ${pkgJsonPath}`)
4538
+ continue
4539
+ }
4519
4540
  for (const {
4520
4541
  firstPatchedVersionIdentifier,
4521
4542
  vulnerableVersionRange
4522
4543
  } of infos) {
4523
- const node = shadowNpmInject.findPackageNode(
4524
- actualTree,
4525
- name,
4526
- oldVersion
4527
- )
4528
- if (!node) {
4529
- debug.debugLog(
4530
- `Skipping ${oldSpec}, no node found in arborist.actualTree`,
4531
- pkgJsonPath
4532
- )
4533
- continue
4534
- }
4535
4544
  const availableVersions = Object.keys(packument.versions)
4536
4545
  const newVersion = shadowNpmInject.findBestPatchVersion(
4537
4546
  node,
@@ -4542,30 +4551,9 @@ async function pnpmFix(
4542
4551
  ? packument.versions[newVersion]
4543
4552
  : undefined
4544
4553
  if (!(newVersion && newVersionPackument)) {
4545
- if (!unavailableSpecs.has(oldSpec)) {
4546
- unavailableSpecs.add(oldSpec)
4547
- spinner?.fail(`No update available for ${oldSpec}`)
4548
- }
4554
+ spinner?.fail(`No update available for ${oldSpec}`)
4549
4555
  continue
4550
4556
  }
4551
- const isWorkspaceRoot =
4552
- pkgJsonPath === pkgEnvDetails.editablePkgJson.filename
4553
- const workspaceName = isWorkspaceRoot
4554
- ? ''
4555
- : path$1.relative(rootPath, path$1.dirname(pkgJsonPath))
4556
- const workspaceDetails = workspaceName ? ` in ${workspaceName}` : ''
4557
- const editablePkgJson = isWorkspaceRoot
4558
- ? pkgEnvDetails.editablePkgJson
4559
- : // eslint-disable-next-line no-await-in-loop
4560
- await packages.readPackageJson(pkgJsonPath, {
4561
- editable: true
4562
- })
4563
- const oldPnpm = editablePkgJson.content[PNPM$8]
4564
- const oldPnpmKeyCount = oldPnpm ? Object.keys(oldPnpm).length : 0
4565
- const oldOverrides = oldPnpm?.[OVERRIDES$2]
4566
- const oldOverridesCount = oldOverrides
4567
- ? Object.keys(oldOverrides).length
4568
- : 0
4569
4557
  const overrideKey = `${name}@${vulnerableVersionRange}`
4570
4558
  const newVersionRange = shadowNpmInject.applyRange(
4571
4559
  oldOverrides?.[overrideKey] ?? oldVersion,
@@ -4573,14 +4561,20 @@ async function pnpmFix(
4573
4561
  rangeStyle
4574
4562
  )
4575
4563
  const newSpec = `${name}@${newVersionRange}`
4576
- const newSpecKey = `${workspaceName ? `${workspaceName}>` : ''}${newSpec}`
4564
+ const newSpecKey = `${workspaceName}:${newSpec}`
4565
+ if (fixedSpecs.has(newSpecKey)) {
4566
+ debug.debugLog(
4567
+ `Already fixed ${newSpec} in ${workspaceName}, skipping`
4568
+ )
4569
+ continue
4570
+ }
4577
4571
  const updateData = isWorkspaceRoot
4578
4572
  ? {
4579
4573
  [PNPM$8]: {
4580
- ...oldPnpm,
4574
+ ...oldPnpmSection,
4581
4575
  [OVERRIDES$2]: {
4582
- [overrideKey]: newVersionRange,
4583
- ...oldOverrides
4576
+ ...oldOverrides,
4577
+ [overrideKey]: newVersionRange
4584
4578
  }
4585
4579
  }
4586
4580
  }
@@ -4588,44 +4582,28 @@ async function pnpmFix(
4588
4582
  const revertData = {
4589
4583
  ...(isWorkspaceRoot
4590
4584
  ? {
4591
- [PNPM$8]: oldPnpmKeyCount
4592
- ? {
4593
- ...oldPnpm,
4594
- [OVERRIDES$2]:
4595
- oldOverridesCount === 1
4596
- ? undefined
4597
- : {
4598
- [overrideKey]: undefined,
4599
- ...oldOverrides
4600
- }
4601
- }
4602
- : undefined
4585
+ [PNPM$8]: {
4586
+ ...oldPnpmSection,
4587
+ [OVERRIDES$2]:
4588
+ oldOverrides && Object.keys(oldOverrides).length > 1
4589
+ ? {
4590
+ ...oldOverrides,
4591
+ [overrideKey]: undefined
4592
+ }
4593
+ : undefined
4594
+ }
4603
4595
  }
4604
4596
  : {}),
4605
- ...(editablePkgJson.content.dependencies
4606
- ? {
4607
- dependencies: editablePkgJson.content.dependencies
4608
- }
4609
- : undefined),
4610
- ...(editablePkgJson.content.optionalDependencies
4611
- ? {
4612
- optionalDependencies:
4613
- editablePkgJson.content.optionalDependencies
4614
- }
4615
- : undefined),
4616
- ...(editablePkgJson.content.peerDependencies
4617
- ? {
4618
- peerDependencies: editablePkgJson.content.peerDependencies
4619
- }
4620
- : undefined)
4597
+ ...(editablePkgJson.content.dependencies && {
4598
+ dependencies: editablePkgJson.content.dependencies
4599
+ }),
4600
+ ...(editablePkgJson.content.optionalDependencies && {
4601
+ optionalDependencies: editablePkgJson.content.optionalDependencies
4602
+ }),
4603
+ ...(editablePkgJson.content.peerDependencies && {
4604
+ peerDependencies: editablePkgJson.content.peerDependencies
4605
+ })
4621
4606
  }
4622
- const branch = isCi
4623
- ? getSocketBranchName(oldPurl, newVersion, workspaceName)
4624
- : ''
4625
- const shouldOpenPr = isCi
4626
- ? // eslint-disable-next-line no-await-in-loop
4627
- !(await doesPullRequestExistForBranch(owner, repo, branch))
4628
- : false
4629
4607
  if (updateData) {
4630
4608
  editablePkgJson.update(updateData)
4631
4609
  }
@@ -4637,107 +4615,104 @@ async function pnpmFix(
4637
4615
  rangeStyle
4638
4616
  )
4639
4617
  debug.debugLog(`Updated package.json from node: ${modded}`)
4640
- let error
4641
- let errored = false
4642
- let installed = false
4643
4618
 
4644
4619
  // eslint-disable-next-line no-await-in-loop
4645
4620
  if (!(await editablePkgJson.save())) {
4646
4621
  debug.debugLog(
4647
- `Skipping nothing changed in ${editablePkgJson.filename}`
4622
+ `No changes saved for ${pkgJsonPath}, skipping install`
4648
4623
  )
4649
4624
  continue
4650
4625
  }
4651
- if (!installedSpecs.has(newSpecKey)) {
4652
- installedSpecs.add(newSpecKey)
4653
- spinner?.info(`Installing ${newSpec}${workspaceDetails}`)
4654
- }
4626
+ spinner?.info(`Installing ${newSpec} in ${workspaceName}`)
4627
+ let errored = false
4628
+ let error
4655
4629
  try {
4656
4630
  // eslint-disable-next-line no-await-in-loop
4657
4631
  actualTree = await install(pkgEnvDetails, {
4658
4632
  spinner
4659
4633
  })
4660
- installed = true
4661
4634
  if (test) {
4662
- if (!testedSpecs.has(newSpecKey)) {
4663
- testedSpecs.add(newSpecKey)
4664
- spinner?.info(`Testing ${newSpec}${workspaceDetails}`)
4665
- }
4635
+ spinner?.info(`Testing ${newSpec} in ${workspaceName}`)
4666
4636
  // eslint-disable-next-line no-await-in-loop
4667
4637
  await npm.runScript(testScript, [], {
4668
4638
  spinner,
4669
4639
  stdio: 'ignore'
4670
4640
  })
4671
4641
  }
4672
- if (!fixedSpecs.has(newSpecKey)) {
4673
- fixedSpecs.add(newSpecKey)
4674
- spinner?.successAndStop(`Fixed ${name}${workspaceDetails}`)
4675
- spinner?.start()
4642
+ fixedSpecs.add(newSpecKey)
4643
+ spinner?.successAndStop(`Fixed ${name} in ${workspaceName}`)
4644
+ spinner?.start()
4645
+ const branch = getSocketBranchName(
4646
+ oldPurl,
4647
+ newVersion,
4648
+ workspaceName
4649
+ )
4650
+ const shouldOpenPr = isCi
4651
+ ? // eslint-disable-next-line no-await-in-loop
4652
+ !(await doesPullRequestExistForBranch(owner, repo, branch))
4653
+ : false
4654
+ if (
4655
+ isCi &&
4656
+ shouldOpenPr &&
4657
+ // eslint-disable-next-line no-await-in-loop
4658
+ (await gitCreateAndPushBranchIfNeeded(
4659
+ branch,
4660
+ getSocketCommitMessage(oldPurl, newVersion, workspaceName),
4661
+ cwd
4662
+ ))
4663
+ ) {
4664
+ // eslint-disable-next-line no-await-in-loop
4665
+ const prResponse = await openGitHubPullRequest(
4666
+ owner,
4667
+ repo,
4668
+ baseBranch,
4669
+ branch,
4670
+ oldPurl,
4671
+ newVersion,
4672
+ {
4673
+ cwd,
4674
+ workspaceName
4675
+ }
4676
+ )
4677
+ if (prResponse) {
4678
+ const { data } = prResponse
4679
+ spinner?.info(`PR #${data.number} opened.`)
4680
+ if (autoMerge) {
4681
+ // eslint-disable-next-line no-await-in-loop
4682
+ await enableAutoMerge(data)
4683
+ }
4684
+ }
4676
4685
  }
4677
4686
  } catch (e) {
4678
4687
  error = e
4679
4688
  errored = true
4680
4689
  }
4681
- if (
4682
- !errored &&
4683
- shouldOpenPr &&
4690
+ if (errored) {
4691
+ editablePkgJson.update(revertData)
4684
4692
  // eslint-disable-next-line no-await-in-loop
4685
- (await gitCreateAndPushBranchIfNeeded(
4686
- branch,
4687
- getSocketCommitMessage(oldPurl, newVersion, workspaceName),
4688
- cwd
4689
- ))
4690
- ) {
4693
+ await Promise.all([
4694
+ shadowNpmInject.removeNodeModules(cwd),
4695
+ editablePkgJson.save()
4696
+ ])
4691
4697
  // eslint-disable-next-line no-await-in-loop
4692
- const prResponse = await openGitHubPullRequest(
4693
- owner,
4694
- repo,
4695
- baseBranch,
4696
- branch,
4697
- oldPurl,
4698
- newVersion,
4699
- {
4700
- cwd,
4701
- workspaceName
4702
- }
4698
+ actualTree = await install(pkgEnvDetails, {
4699
+ spinner
4700
+ })
4701
+ spinner?.failAndStop(
4702
+ `Update failed for ${oldSpec} in ${workspaceName}`,
4703
+ error
4703
4704
  )
4704
- if (prResponse) {
4705
- const { data } = prResponse
4706
- spinner?.info(`PR #${data.number} opened.`)
4707
- if (autoMerge) {
4708
- // eslint-disable-next-line no-await-in-loop
4709
- await enableAutoMerge(data)
4710
- }
4711
- }
4712
- }
4713
- if (errored || isCi) {
4714
- if (errored) {
4715
- if (!revertedSpecs.has(newSpecKey)) {
4716
- revertedSpecs.add(newSpecKey)
4717
- spinner?.error(`Reverting ${newSpec}${workspaceDetails}`, error)
4718
- }
4719
- }
4720
- editablePkgJson.update(revertData)
4705
+ } else if (isCi) {
4721
4706
  // eslint-disable-next-line no-await-in-loop
4722
4707
  await Promise.all([
4723
4708
  shadowNpmInject.removeNodeModules(cwd),
4724
- ...(isCi
4725
- ? [gitCheckoutBaseBranchIfAvailable(baseBranch, cwd)]
4726
- : []),
4727
- ...(installed && !isCi ? [editablePkgJson.save()] : [])
4709
+ // Reset to base branch to isolate next PR
4710
+ gitCheckoutBaseBranchIfAvailable(baseBranch, cwd)
4728
4711
  ])
4729
4712
  // eslint-disable-next-line no-await-in-loop
4730
4713
  actualTree = await install(pkgEnvDetails, {
4731
4714
  spinner
4732
4715
  })
4733
- if (errored) {
4734
- if (!failedSpecs.has(newSpecKey)) {
4735
- failedSpecs.add(newSpecKey)
4736
- spinner?.failAndStop(
4737
- `Update failed for ${oldSpec}${workspaceDetails}`
4738
- )
4739
- }
4740
- }
4741
4716
  }
4742
4717
  }
4743
4718
  }
@@ -12311,7 +12286,7 @@ void (async () => {
12311
12286
  await vendor.updater({
12312
12287
  name: SOCKET_CLI_BIN_NAME,
12313
12288
  // The '@rollup/plugin-replace' will replace "process.env['INLINED_SOCKET_CLI_VERSION']".
12314
- version: '0.14.124',
12289
+ version: '0.14.126',
12315
12290
  ttl: 86_400_000 /* 24 hours in milliseconds */
12316
12291
  })
12317
12292
  try {
@@ -12379,5 +12354,5 @@ void (async () => {
12379
12354
  await shadowNpmInject.captureException(e)
12380
12355
  }
12381
12356
  })()
12382
- //# debugId=6c275bac-7bf4-4e55-8d6d-8b25adfc2eba
12357
+ //# debugId=54d7166c-6eaf-4ad9-8f14-e10e2ac6080e
12383
12358
  //# sourceMappingURL=cli.js.map