npm - @socketsecurity/cli-with-sentry - Versions diffs - 0.14.126 → 0.14.128 - Mend

@socketsecurity/cli-with-sentry 0.14.126 → 0.14.128

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (11) hide show

package/dist/instrument-with-sentry.js +2 -2
package/dist/instrument-with-sentry.js.map +1 -1
package/dist/module-sync/cli.js +32 -29
package/dist/module-sync/cli.js.map +1 -1
package/dist/module-sync/shadow-npm-inject.js +2 -2
package/dist/module-sync/shadow-npm-inject.js.map +1 -1
package/dist/require/cli.js +32 -29
package/dist/require/cli.js.map +1 -1
package/dist/require/shadow-npm-inject.js +2 -2
package/dist/require/shadow-npm-inject.js.map +1 -1
package/package.json +2 -2

package/dist/require/cli.js CHANGED Viewed

@@ -917,7 +917,7 @@ function emitBanner(name) {
   logger.logger.error(getAsciiHeader(name))
 }
 function getAsciiHeader(command) {
-  const cliVersion = '0.14.126:cbde084:1c0f934a:pub' // The '@rollup/plugin-replace' will replace "process.env['INLINED_SOCKET_CLI_VERSION_HASH']".
+  const cliVersion = '0.14.128:ec33790:2e43d170:pub' // The '@rollup/plugin-replace' will replace "process.env['INLINED_SOCKET_CLI_VERSION_HASH']".
   const nodeVersion = process$1.version
   const apiToken = shadowNpmInject.getDefaultToken()
   const defaultOrg = shadowNpmInject.getConfigValue('defaultOrg')
@@ -3811,6 +3811,11 @@ async function gitCheckoutBaseBranchIfAvailable(
     debug.debugLog(e)
   }
 }
+async function gitCleanFdx(cwd = process.cwd()) {
+  await spawn.spawn('git', ['clean', '-fdx'], {
+    cwd
+  })
+}
 async function gitCreateAndPushBranchIfNeeded(
   branch,
   commitMsg,
@@ -3846,8 +3851,8 @@ async function gitCreateAndPushBranchIfNeeded(
   })
   return true
 }
-async function gitHardReset(cwd = process.cwd()) {
-  await spawn.spawn('git', ['reset', '--hard'], {
+async function gitHardReset(branch = 'HEAD', cwd = process.cwd()) {
+  await spawn.spawn('git', ['reset', '--hard', branch], {
     cwd
   })
 }
@@ -4484,37 +4489,23 @@ async function pnpmFix(
     // Process the workspace root last since it will add an override to package.json.
     pkgEnvDetails.editablePkgJson.filename
   ]
-  let actualTree = await getActualTree(cwd)
   for (const { 0: name, 1: infos } of infoByPkg) {
+    debug.debugLog(`Processing vulnerable package: ${name}`)
     if (registry.getManifestData(NPM$c, name)) {
       spinner?.info(`Skipping ${name}. Socket Optimize package exists.`)
       continue
     }
-    const oldVersions = arrays.arrayUnique(
-      shadowNpmInject
-        .findPackageNodes(actualTree, name)
-        .map(n => n.target?.version ?? n.version)
-        .filter(Boolean)
-    )
-    const packument =
-      oldVersions.length && infos.length
-        ? // eslint-disable-next-line no-await-in-loop
-          await packages.fetchPackagePackument(name)
-        : null
-    if (!packument) {
-      continue
-    }
     const fixedSpecs = new Set()
     for (const pkgJsonPath of pkgJsonPaths) {
-      // Re-read actualTree to avoid lockfile state issues
+      debug.debugLog(`Checking workspace: ${pkgJsonPath}`)
       // eslint-disable-next-line no-await-in-loop
-      actualTree = await getActualTree(cwd)
-      const pkgPath = path$1.dirname(pkgJsonPath)
+      let actualTree = await getActualTree(cwd)
       const isWorkspaceRoot =
         pkgJsonPath === pkgEnvDetails.editablePkgJson.filename
       const workspaceName = isWorkspaceRoot
         ? 'root'
-        : path$1.relative(rootPath, pkgPath)
+        : path$1.relative(rootPath, path$1.dirname(pkgJsonPath))
       const editablePkgJson = isWorkspaceRoot
         ? pkgEnvDetails.editablePkgJson
         : // eslint-disable-next-line no-await-in-loop
@@ -4525,6 +4516,20 @@ async function pnpmFix(
       // Get current overrides for revert logic
       const oldPnpmSection = editablePkgJson.content[PNPM$8]
       const oldOverrides = oldPnpmSection?.[OVERRIDES$2]
+      const oldVersions = arrays.arrayUnique(
+        shadowNpmInject
+          .findPackageNodes(actualTree, name)
+          .map(n => n.target?.version ?? n.version)
+          .filter(Boolean)
+      )
+      const packument =
+        oldVersions.length && infos.length
+          ? // eslint-disable-next-line no-await-in-loop
+            await packages.fetchPackagePackument(name)
+          : null
+      if (!packument) {
+        continue
+      }
       for (const oldVersion of oldVersions) {
         const oldSpec = `${name}@${oldVersion}`
         const oldPurl = `pkg:npm/${oldSpec}`
@@ -4704,11 +4709,9 @@ async function pnpmFix(
             )
           } else if (isCi) {
             // eslint-disable-next-line no-await-in-loop
-            await Promise.all([
-              shadowNpmInject.removeNodeModules(cwd),
-              // Reset to base branch to isolate next PR
-              gitCheckoutBaseBranchIfAvailable(baseBranch, cwd)
-            ])
+            await gitHardReset(baseBranch, cwd)
+            // eslint-disable-next-line no-await-in-loop
+            await gitCleanFdx(cwd)
             // eslint-disable-next-line no-await-in-loop
             actualTree = await install(pkgEnvDetails, {
               spinner
@@ -12286,7 +12289,7 @@ void (async () => {
   await vendor.updater({
     name: SOCKET_CLI_BIN_NAME,
     // The '@rollup/plugin-replace' will replace "process.env['INLINED_SOCKET_CLI_VERSION']".
-    version: '0.14.126',
+    version: '0.14.128',
     ttl: 86_400_000 /* 24 hours in milliseconds */
   })
   try {
@@ -12354,5 +12357,5 @@ void (async () => {
     await shadowNpmInject.captureException(e)
   }
 })()
-//# debugId=54d7166c-6eaf-4ad9-8f14-e10e2ac6080e
+//# debugId=c19d3f6a-66fb-44e0-86a9-334f1e0e0447
 //# sourceMappingURL=cli.js.map