@socketsecurity/cli-with-sentry 0.14.135 → 0.14.137

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (12) hide show
  1. package/dist/cli.js +12 -43
  2. package/dist/cli.js.map +1 -1
  3. package/dist/constants.js.map +1 -1
  4. package/dist/instrument-with-sentry.js +2 -2
  5. package/dist/instrument-with-sentry.js.map +1 -1
  6. package/dist/shadow-bin.js +1 -52
  7. package/dist/shadow-bin.js.map +1 -1
  8. package/dist/shadow-npm-inject.js +2 -41
  9. package/dist/shadow-npm-inject.js.map +1 -1
  10. package/dist/vendor.js +19 -5
  11. package/dist/vendor.js.map +1 -1
  12. package/package.json +6 -7
package/dist/cli.js CHANGED
@@ -28,41 +28,6 @@ const spawn = require('@socketsecurity/registry/lib/spawn')
28
28
  const sorts = require('@socketsecurity/registry/lib/sorts')
29
29
  const registryConstants = require('@socketsecurity/registry/lib/constants')
30
30
  const promises = require('@socketsecurity/registry/lib/promises')
31
- require('node:os')
32
- require('node:buffer')
33
- require('node:util')
34
- require('node:path')
35
- require('node:fs')
36
- require('node:tty')
37
- require('node:https')
38
- require('node:http')
39
- require('node:url')
40
- require('node:process')
41
- require('node:events')
42
- require('node:http')
43
- require('node:https')
44
- require('node:readline')
45
- require('@socketsecurity/registry/lib/constants/abort-signal')
46
- require('node:fs/promises')
47
- require('node:child_process')
48
- require('node:os')
49
- require('node:tty')
50
- require('node:crypto')
51
- require('node:constants')
52
- require('node:stream')
53
- require('node:assert')
54
- require('node:stream')
55
- require('node:string_decoder')
56
- require('node:path/win32')
57
- require('node:module')
58
- require('node:events')
59
- require('node:buffer')
60
- require('node:string_decoder')
61
- require('node:child_process')
62
- require('@socketsecurity/registry/lib/fs')
63
- require('node:timers/promises')
64
- require('node:module')
65
- require('@socketsecurity/registry/lib/env')
66
31
 
67
32
  function failMsgWithBadge(badge, msg) {
68
33
  return `${vendor.yoctocolorsCjsExports.bgRed(vendor.yoctocolorsCjsExports.bold(vendor.yoctocolorsCjsExports.white(` ${badge}: `)))} ${vendor.yoctocolorsCjsExports.bold(msg)}`
@@ -938,7 +903,7 @@ function emitBanner(name) {
938
903
  logger.logger.error(getAsciiHeader(name))
939
904
  }
940
905
  function getAsciiHeader(command) {
941
- const cliVersion = '0.14.135:01c197e:e7de020f:pub' // The '@rollup/plugin-replace' will replace "process.env['INLINED_SOCKET_CLI_VERSION_HASH']".
906
+ const cliVersion = '0.14.137:757d90e:21533d68:pub' // The '@rollup/plugin-replace' will replace "process.env['INLINED_SOCKET_CLI_VERSION_HASH']".
942
907
  const nodeVersion = process$1.version
943
908
  const apiToken = shadowNpmInject.getDefaultToken()
944
909
  const defaultOrg = shadowNpmInject.getConfigValue('defaultOrg')
@@ -1409,7 +1374,7 @@ async function runCycloneDX(yargvWithYes) {
1409
1374
  await shadowBin(NPX$3, [
1410
1375
  ...yesArgs,
1411
1376
  // The '@rollup/plugin-replace' will replace "process.env['INLINED_CYCLONEDX_CDXGEN_VERSION']".
1412
- `@cyclonedx/cdxgen@${'11.2.4'}`,
1377
+ `@cyclonedx/cdxgen@${'11.2.5'}`,
1413
1378
  ...argvToArray(yargv)
1414
1379
  ])
1415
1380
  if (cleanupPackageLock) {
@@ -4087,7 +4052,7 @@ async function npmFix(
4087
4052
  continue
4088
4053
  }
4089
4054
  if (!infos.length) {
4090
- debug.debugLog(`No vulnerability info found for ${name}`)
4055
+ debug.debugLog(`No vuln info found for ${name}`)
4091
4056
  continue
4092
4057
  }
4093
4058
  // eslint-disable-next-line no-await-in-loop
@@ -4151,7 +4116,9 @@ async function npmFix(
4151
4116
  ? packument.versions[newVersion]
4152
4117
  : undefined
4153
4118
  if (!(newVersion && newVersionPackument)) {
4154
- spinner?.fail(`No update found for ${oldSpec}.`)
4119
+ debug.debugLog(
4120
+ `No suitable update. ${oldSpec} needs >=${firstPatchedVersionIdentifier}, skipping`
4121
+ )
4155
4122
  continue
4156
4123
  }
4157
4124
  const newVersionRange = shadowNpmInject.applyRange(
@@ -4502,7 +4469,7 @@ async function pnpmFix(
4502
4469
  continue
4503
4470
  }
4504
4471
  if (!infos.length) {
4505
- debug.debugLog(`No vulnerability info found for ${name}`)
4472
+ debug.debugLog(`No vuln info found for ${name}`)
4506
4473
  continue
4507
4474
  }
4508
4475
  // eslint-disable-next-line no-await-in-loop
@@ -4569,7 +4536,9 @@ async function pnpmFix(
4569
4536
  ? packument.versions[newVersion]
4570
4537
  : undefined
4571
4538
  if (!(newVersion && newVersionPackument)) {
4572
- spinner?.fail(`No update found for ${oldSpec}.`)
4539
+ debug.debugLog(
4540
+ `No suitable update. ${oldSpec} needs >=${firstPatchedVersionIdentifier}, skipping`
4541
+ )
4573
4542
  continue
4574
4543
  }
4575
4544
  const overrideKey = `${name}@${vulnerableVersionRange}`
@@ -12287,7 +12256,7 @@ void (async () => {
12287
12256
  await vendor.updater({
12288
12257
  name: SOCKET_CLI_BIN_NAME,
12289
12258
  // The '@rollup/plugin-replace' will replace "process.env['INLINED_SOCKET_CLI_VERSION']".
12290
- version: '0.14.135',
12259
+ version: '0.14.137',
12291
12260
  ttl: 86_400_000 /* 24 hours in milliseconds */
12292
12261
  })
12293
12262
  try {
@@ -12355,5 +12324,5 @@ void (async () => {
12355
12324
  await shadowNpmInject.captureException(e)
12356
12325
  }
12357
12326
  })()
12358
- //# debugId=9a529f35-9255-4c89-82fb-977f1262673f
12327
+ //# debugId=f3262a3d-7855-4795-95c6-2f60f8e6995
12359
12328
  //# sourceMappingURL=cli.js.map