@socketsecurity/cli-with-sentry 0.14.128 → 0.14.130

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (12) hide show
  1. package/dist/instrument-with-sentry.js +2 -2
  2. package/dist/instrument-with-sentry.js.map +1 -1
  3. package/dist/module-sync/arborist-helpers.d.ts +9 -10
  4. package/dist/module-sync/cli.js +285 -306
  5. package/dist/module-sync/cli.js.map +1 -1
  6. package/dist/module-sync/shadow-npm-inject.js +14 -34
  7. package/dist/module-sync/shadow-npm-inject.js.map +1 -1
  8. package/dist/require/cli.js +285 -306
  9. package/dist/require/cli.js.map +1 -1
  10. package/dist/require/shadow-npm-inject.js +14 -34
  11. package/dist/require/shadow-npm-inject.js.map +1 -1
  12. package/package.json +1 -1
package/dist/require/shadow-npm-inject.js CHANGED
@@ -627,7 +627,7 @@ async function setupSdk(
627
627
  // The '@rollup/plugin-replace' will replace "process.env['INLINED_SOCKET_CLI_NAME']".
628
628
  name: '@socketsecurity/cli',
629
629
  // The '@rollup/plugin-replace' will replace "process.env['INLINED_SOCKET_CLI_VERSION']".
630
- version: '0.14.128',
630
+ version: '0.14.130',
631
631
  // The '@rollup/plugin-replace' will replace "process.env['INLINED_SOCKET_CLI_HOMEPAGE']".
632
632
  homepage: 'https://github.com/SocketDev/socket-cli'
633
633
  })
@@ -1583,56 +1583,36 @@ function getDetailsFromDiff(diff_, options) {
1583
1583
  function isTopLevel(tree, node) {
1584
1584
  return tree.children.get(node.name) === node
1585
1585
  }
1586
- function updateNode(
1587
- node,
1588
- packument,
1589
- vulnerableVersionRange,
1590
- firstPatchedVersionIdentifier
1591
- ) {
1592
- const availableVersions = Object.keys(packument.versions)
1593
- // Find the highest non-vulnerable version within the same major range
1594
- const targetVersion = findBestPatchVersion(
1595
- node,
1596
- availableVersions,
1597
- vulnerableVersionRange
1598
- )
1599
- const targetPackument = targetVersion
1600
- ? packument.versions[targetVersion]
1601
- : undefined
1602
- // Check !targetVersion to make TypeScript happy.
1603
- if (!targetVersion || !targetPackument) {
1604
- // No suitable patch version found.
1605
- return false
1606
- }
1586
+ function updateNode(node, newVersion, newVersionPackument) {
1607
1587
  // Object.defineProperty is needed to set the version property and replace
1608
- // the old value with targetVersion.
1588
+ // the old value with newVersion.
1609
1589
  Object.defineProperty(node, 'version', {
1610
1590
  configurable: true,
1611
1591
  enumerable: true,
1612
- get: () => targetVersion
1592
+ get: () => newVersion
1613
1593
  })
1614
1594
  // Update package.version associated with the node.
1615
- node.package.version = targetVersion
1595
+ node.package.version = newVersion
1616
1596
  // Update node.resolved.
1617
1597
  const purlObj = packageurlJs.PackageURL.fromString(`pkg:npm/${node.name}`)
1618
- node.resolved = `${NPM_REGISTRY_URL}/${node.name}/-/${purlObj.name}-${targetVersion}.tgz`
1598
+ node.resolved = `${NPM_REGISTRY_URL}/${node.name}/-/${purlObj.name}-${newVersion}.tgz`
1619
1599
  // Update node.integrity with the targetPackument.dist.integrity value if available
1620
1600
  // else delete node.integrity so a new value is resolved for the target version.
1621
- const { integrity } = targetPackument.dist
1601
+ const { integrity } = newVersionPackument.dist
1622
1602
  if (integrity) {
1623
1603
  node.integrity = integrity
1624
1604
  } else {
1625
1605
  delete node.integrity
1626
1606
  }
1627
1607
  // Update node.package.deprecated based on targetPackument.deprecated.
1628
- if (objects.hasOwn(targetPackument, 'deprecated')) {
1629
- node.package['deprecated'] = targetPackument.deprecated
1608
+ if (objects.hasOwn(newVersionPackument, 'deprecated')) {
1609
+ node.package['deprecated'] = newVersionPackument.deprecated
1630
1610
  } else {
1631
1611
  delete node.package['deprecated']
1632
1612
  }
1633
1613
  // Update node.package.dependencies.
1634
1614
  const newDeps = {
1635
- ...targetPackument.dependencies
1615
+ ...newVersionPackument.dependencies
1636
1616
  }
1637
1617
  const { dependencies: oldDeps } = node.package
1638
1618
  node.package.dependencies = newDeps
@@ -1659,13 +1639,12 @@ function updateNode(
1659
1639
  )
1660
1640
  }
1661
1641
  }
1662
- return true
1663
1642
  }
1664
1643
  function updatePackageJsonFromNode(
1665
1644
  editablePkgJson,
1666
1645
  tree,
1667
1646
  node,
1668
- targetVersion,
1647
+ newVersion,
1669
1648
  rangeStyle
1670
1649
  ) {
1671
1650
  let result = false
@@ -1682,7 +1661,7 @@ function updatePackageJsonFromNode(
1682
1661
  if (depObject) {
1683
1662
  const oldRange = depObject[name]
1684
1663
  if (oldRange) {
1685
- const newRange = applyRange(oldRange, targetVersion, rangeStyle)
1664
+ const newRange = applyRange(oldRange, newVersion, rangeStyle)
1686
1665
  if (oldRange !== newRange) {
1687
1666
  result = true
1688
1667
  editablePkgJson.update({
@@ -1716,6 +1695,7 @@ function isArtifactAlertCve(alert) {
1716
1695
 
1717
1696
  const ALERT_FIX_TYPE = /*#__PURE__*/ (function (ALERT_FIX_TYPE) {
1718
1697
  ALERT_FIX_TYPE['cve'] = 'cve'
1698
+ ALERT_FIX_TYPE['remove'] = 'remove'
1719
1699
  ALERT_FIX_TYPE['upgrade'] = 'upgrade'
1720
1700
  return ALERT_FIX_TYPE
1721
1701
  })({})
@@ -2612,5 +2592,5 @@ exports.supportedConfigKeys = supportedConfigKeys
2612
2592
  exports.updateConfigValue = updateConfigValue
2613
2593
  exports.updateNode = updateNode
2614
2594
  exports.updatePackageJsonFromNode = updatePackageJsonFromNode
2615
- //# debugId=82804657-c393-4918-b2d2-f600b7765d8f
2595
+ //# debugId=958a7911-f71e-4666-9f2e-6ffcd2e9511c
2616
2596
  //# sourceMappingURL=shadow-npm-inject.js.map