@socketsecurity/cli-with-sentry 0.14.126 → 0.14.128

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (11) hide show
  1. package/dist/instrument-with-sentry.js +2 -2
  2. package/dist/instrument-with-sentry.js.map +1 -1
  3. package/dist/module-sync/cli.js +32 -29
  4. package/dist/module-sync/cli.js.map +1 -1
  5. package/dist/module-sync/shadow-npm-inject.js +2 -2
  6. package/dist/module-sync/shadow-npm-inject.js.map +1 -1
  7. package/dist/require/cli.js +32 -29
  8. package/dist/require/cli.js.map +1 -1
  9. package/dist/require/shadow-npm-inject.js +2 -2
  10. package/dist/require/shadow-npm-inject.js.map +1 -1
  11. package/package.json +2 -2
package/dist/instrument-with-sentry.js CHANGED
@@ -41,7 +41,7 @@ const relConstantsPath = './constants'
41
41
  Sentry.setTag(
42
42
  'version',
43
43
  // The '@rollup/plugin-replace' will replace "process.env['INLINED_SOCKET_CLI_VERSION_HASH']".
44
- '0.14.126:cbde084:1c0f934a:pub'
44
+ '0.14.128:ec33790:2e43d170:pub'
45
45
  )
46
46
  const constants = require(relConstantsPath)
47
47
  if (constants.ENV.SOCKET_CLI_DEBUG) {
@@ -56,5 +56,5 @@ const relConstantsPath = './constants'
56
56
  } = constants
57
57
  setSentry(Sentry)
58
58
  }
59
- //# debugId=da6eb23e-4af9-4f33-b5a0-7f84b13f7de
59
+ //# debugId=ba17586f-d812-43e4-9ceb-0db3b2084b5a
60
60
  //# sourceMappingURL=instrument-with-sentry.js.map
package/dist/instrument-with-sentry.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"instrument-with-sentry.js","sources":["../../src/instrument-with-sentry.ts"],"sourcesContent":["// This should ONLY be included in the special Sentry build!\n// Otherwise the Sentry dependency won't even be present in the manifest.\n\nimport { logger } from '@socketsecurity/registry/lib/logger'\n\n// Require constants with require(relConstantsPath) instead of require('./constants')\n// so Rollup doesn't generate a constants2.js chunk.\nconst relConstantsPath = './constants'\n// The '@rollup/plugin-replace' will replace \"process.env['INLINED_SOCKET_CLI_SENTRY_BUILD']\".\nif (process.env['INLINED_SOCKET_CLI_SENTRY_BUILD']) {\n const Sentry = require('@sentry/node')\n Sentry.init({\n onFatalError(error: Error) {\n // Defer module loads until after Sentry.init is called.\n if (require(relConstantsPath).ENV.SOCKET_CLI_DEBUG) {\n logger.fail('[DEBUG] [Sentry onFatalError]:', error)\n }\n },\n dsn: 'https://66736701db8e4ffac046bd09fa6aaced@o555220.ingest.us.sentry.io/4508846967619585',\n enabled: true,\n integrations: []\n })\n Sentry.setTag(\n 'environment',\n // The '@rollup/plugin-replace' will replace \"process.env['INLINED_SOCKET_CLI_PUBLISHED_BUILD']\".\n process.env['INLINED_SOCKET_CLI_PUBLISHED_BUILD']\n ? 'pub'\n : // The NODE_ENV convention is used by apps to define the runtime environment.\n // https://nodejs.org/en/learn/getting-started/nodejs-the-difference-between-development-and-production\n process.env['NODE_ENV']\n )\n Sentry.setTag(\n 'version',\n // The '@rollup/plugin-replace' will replace \"process.env['INLINED_SOCKET_CLI_VERSION_HASH']\".\n process.env['INLINED_SOCKET_CLI_VERSION_HASH']\n )\n const constants = require(relConstantsPath)\n if (constants.ENV.SOCKET_CLI_DEBUG) {\n Sentry.setTag('debugging', true)\n logger.log('[DEBUG] Set up Sentry.')\n } else {\n Sentry.setTag('debugging', false)\n }\n const {\n kInternalsSymbol,\n [kInternalsSymbol as unknown as 'Symbol(kInternalsSymbol)']: { setSentry }\n } = constants\n setSentry(Sentry)\n} else if (require(relConstantsPath).ENV.SOCKET_CLI_DEBUG) {\n logger.log('[DEBUG] Sentry disabled explicitly.')\n}\n"],"names":["logger","dsn","enabled","integrations","process","Sentry","setSentry"],"mappings":";;;;;;;;;;;;;;;AAAA;AACA;;;AAIA;AACA;AACA;AACA;AACoD;AAClD;;;AAGI;;AAEEA;AACF;;AAEFC;AACAC;AACAC;AACF;;AAGE;AACAC;;AAQA;AACAA;AAEF;AACA;AACEC;AACAL;AACF;AACEK;AACF;;;AAGE;AAA+DC;AAAU;AAC3E;;AAEF","debugId":"da6eb23e-4af9-4f33-b5a0-7f84b13f7de"}
1
+ {"version":3,"file":"instrument-with-sentry.js","sources":["../../src/instrument-with-sentry.ts"],"sourcesContent":["// This should ONLY be included in the special Sentry build!\n// Otherwise the Sentry dependency won't even be present in the manifest.\n\nimport { logger } from '@socketsecurity/registry/lib/logger'\n\n// Require constants with require(relConstantsPath) instead of require('./constants')\n// so Rollup doesn't generate a constants2.js chunk.\nconst relConstantsPath = './constants'\n// The '@rollup/plugin-replace' will replace \"process.env['INLINED_SOCKET_CLI_SENTRY_BUILD']\".\nif (process.env['INLINED_SOCKET_CLI_SENTRY_BUILD']) {\n const Sentry = require('@sentry/node')\n Sentry.init({\n onFatalError(error: Error) {\n // Defer module loads until after Sentry.init is called.\n if (require(relConstantsPath).ENV.SOCKET_CLI_DEBUG) {\n logger.fail('[DEBUG] [Sentry onFatalError]:', error)\n }\n },\n dsn: 'https://66736701db8e4ffac046bd09fa6aaced@o555220.ingest.us.sentry.io/4508846967619585',\n enabled: true,\n integrations: []\n })\n Sentry.setTag(\n 'environment',\n // The '@rollup/plugin-replace' will replace \"process.env['INLINED_SOCKET_CLI_PUBLISHED_BUILD']\".\n process.env['INLINED_SOCKET_CLI_PUBLISHED_BUILD']\n ? 'pub'\n : // The NODE_ENV convention is used by apps to define the runtime environment.\n // https://nodejs.org/en/learn/getting-started/nodejs-the-difference-between-development-and-production\n process.env['NODE_ENV']\n )\n Sentry.setTag(\n 'version',\n // The '@rollup/plugin-replace' will replace \"process.env['INLINED_SOCKET_CLI_VERSION_HASH']\".\n process.env['INLINED_SOCKET_CLI_VERSION_HASH']\n )\n const constants = require(relConstantsPath)\n if (constants.ENV.SOCKET_CLI_DEBUG) {\n Sentry.setTag('debugging', true)\n logger.log('[DEBUG] Set up Sentry.')\n } else {\n Sentry.setTag('debugging', false)\n }\n const {\n kInternalsSymbol,\n [kInternalsSymbol as unknown as 'Symbol(kInternalsSymbol)']: { setSentry }\n } = constants\n setSentry(Sentry)\n} else if (require(relConstantsPath).ENV.SOCKET_CLI_DEBUG) {\n logger.log('[DEBUG] Sentry disabled explicitly.')\n}\n"],"names":["logger","dsn","enabled","integrations","process","Sentry","setSentry"],"mappings":";;;;;;;;;;;;;;;AAAA;AACA;;;AAIA;AACA;AACA;AACA;AACoD;AAClD;;;AAGI;;AAEEA;AACF;;AAEFC;AACAC;AACAC;AACF;;AAGE;AACAC;;AAQA;AACAA;AAEF;AACA;AACEC;AACAL;AACF;AACEK;AACF;;;AAGE;AAA+DC;AAAU;AAC3E;;AAEF","debugId":"ba17586f-d812-43e4-9ceb-0db3b2084b5a"}
package/dist/module-sync/cli.js CHANGED
@@ -917,7 +917,7 @@ function emitBanner(name) {
917
917
  logger.logger.error(getAsciiHeader(name))
918
918
  }
919
919
  function getAsciiHeader(command) {
920
- const cliVersion = '0.14.126:cbde084:1c0f934a:pub' // The '@rollup/plugin-replace' will replace "process.env['INLINED_SOCKET_CLI_VERSION_HASH']".
920
+ const cliVersion = '0.14.128:ec33790:2e43d170:pub' // The '@rollup/plugin-replace' will replace "process.env['INLINED_SOCKET_CLI_VERSION_HASH']".
921
921
  const nodeVersion = process$1.version
922
922
  const apiToken = shadowNpmInject.getDefaultToken()
923
923
  const defaultOrg = shadowNpmInject.getConfigValue('defaultOrg')
@@ -3811,6 +3811,11 @@ async function gitCheckoutBaseBranchIfAvailable(
3811
3811
  debug.debugLog(e)
3812
3812
  }
3813
3813
  }
3814
+ async function gitCleanFdx(cwd = process.cwd()) {
3815
+ await spawn.spawn('git', ['clean', '-fdx'], {
3816
+ cwd
3817
+ })
3818
+ }
3814
3819
  async function gitCreateAndPushBranchIfNeeded(
3815
3820
  branch,
3816
3821
  commitMsg,
@@ -3846,8 +3851,8 @@ async function gitCreateAndPushBranchIfNeeded(
3846
3851
  })
3847
3852
  return true
3848
3853
  }
3849
- async function gitHardReset(cwd = process.cwd()) {
3850
- await spawn.spawn('git', ['reset', '--hard'], {
3854
+ async function gitHardReset(branch = 'HEAD', cwd = process.cwd()) {
3855
+ await spawn.spawn('git', ['reset', '--hard', branch], {
3851
3856
  cwd
3852
3857
  })
3853
3858
  }
@@ -4484,37 +4489,23 @@ async function pnpmFix(
4484
4489
  // Process the workspace root last since it will add an override to package.json.
4485
4490
  pkgEnvDetails.editablePkgJson.filename
4486
4491
  ]
4487
- let actualTree = await getActualTree(cwd)
4488
4492
  for (const { 0: name, 1: infos } of infoByPkg) {
4493
+ debug.debugLog(`Processing vulnerable package: ${name}`)
4489
4494
  if (registry.getManifestData(NPM$c, name)) {
4490
4495
  spinner?.info(`Skipping ${name}. Socket Optimize package exists.`)
4491
4496
  continue
4492
4497
  }
4493
- const oldVersions = arrays.arrayUnique(
4494
- shadowNpmInject
4495
- .findPackageNodes(actualTree, name)
4496
- .map(n => n.target?.version ?? n.version)
4497
- .filter(Boolean)
4498
- )
4499
- const packument =
4500
- oldVersions.length && infos.length
4501
- ? // eslint-disable-next-line no-await-in-loop
4502
- await packages.fetchPackagePackument(name)
4503
- : null
4504
- if (!packument) {
4505
- continue
4506
- }
4507
4498
  const fixedSpecs = new Set()
4508
4499
  for (const pkgJsonPath of pkgJsonPaths) {
4509
- // Re-read actualTree to avoid lockfile state issues
4500
+ debug.debugLog(`Checking workspace: ${pkgJsonPath}`)
4501
+
4510
4502
  // eslint-disable-next-line no-await-in-loop
4511
- actualTree = await getActualTree(cwd)
4512
- const pkgPath = path$1.dirname(pkgJsonPath)
4503
+ let actualTree = await getActualTree(cwd)
4513
4504
  const isWorkspaceRoot =
4514
4505
  pkgJsonPath === pkgEnvDetails.editablePkgJson.filename
4515
4506
  const workspaceName = isWorkspaceRoot
4516
4507
  ? 'root'
4517
- : path$1.relative(rootPath, pkgPath)
4508
+ : path$1.relative(rootPath, path$1.dirname(pkgJsonPath))
4518
4509
  const editablePkgJson = isWorkspaceRoot
4519
4510
  ? pkgEnvDetails.editablePkgJson
4520
4511
  : // eslint-disable-next-line no-await-in-loop
@@ -4525,6 +4516,20 @@ async function pnpmFix(
4525
4516
  // Get current overrides for revert logic
4526
4517
  const oldPnpmSection = editablePkgJson.content[PNPM$8]
4527
4518
  const oldOverrides = oldPnpmSection?.[OVERRIDES$2]
4519
+ const oldVersions = arrays.arrayUnique(
4520
+ shadowNpmInject
4521
+ .findPackageNodes(actualTree, name)
4522
+ .map(n => n.target?.version ?? n.version)
4523
+ .filter(Boolean)
4524
+ )
4525
+ const packument =
4526
+ oldVersions.length && infos.length
4527
+ ? // eslint-disable-next-line no-await-in-loop
4528
+ await packages.fetchPackagePackument(name)
4529
+ : null
4530
+ if (!packument) {
4531
+ continue
4532
+ }
4528
4533
  for (const oldVersion of oldVersions) {
4529
4534
  const oldSpec = `${name}@${oldVersion}`
4530
4535
  const oldPurl = `pkg:npm/${oldSpec}`
@@ -4704,11 +4709,9 @@ async function pnpmFix(
4704
4709
  )
4705
4710
  } else if (isCi) {
4706
4711
  // eslint-disable-next-line no-await-in-loop
4707
- await Promise.all([
4708
- shadowNpmInject.removeNodeModules(cwd),
4709
- // Reset to base branch to isolate next PR
4710
- gitCheckoutBaseBranchIfAvailable(baseBranch, cwd)
4711
- ])
4712
+ await gitHardReset(baseBranch, cwd)
4713
+ // eslint-disable-next-line no-await-in-loop
4714
+ await gitCleanFdx(cwd)
4712
4715
  // eslint-disable-next-line no-await-in-loop
4713
4716
  actualTree = await install(pkgEnvDetails, {
4714
4717
  spinner
@@ -12286,7 +12289,7 @@ void (async () => {
12286
12289
  await vendor.updater({
12287
12290
  name: SOCKET_CLI_BIN_NAME,
12288
12291
  // The '@rollup/plugin-replace' will replace "process.env['INLINED_SOCKET_CLI_VERSION']".
12289
- version: '0.14.126',
12292
+ version: '0.14.128',
12290
12293
  ttl: 86_400_000 /* 24 hours in milliseconds */
12291
12294
  })
12292
12295
  try {
@@ -12354,5 +12357,5 @@ void (async () => {
12354
12357
  await shadowNpmInject.captureException(e)
12355
12358
  }
12356
12359
  })()
12357
- //# debugId=54d7166c-6eaf-4ad9-8f14-e10e2ac6080e
12360
+ //# debugId=c19d3f6a-66fb-44e0-86a9-334f1e0e0447
12358
12361
  //# sourceMappingURL=cli.js.map