npm - @socketsecurity/cli-with-sentry - Versions diffs - 0.14.144 → 0.14.146 - Mend

@socketsecurity/cli-with-sentry 0.14.144 → 0.14.146

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

package/dist/cli.js +36 -33
package/dist/cli.js.map +1 -1
package/dist/instrument-with-sentry.js +2 -2
package/dist/instrument-with-sentry.js.map +1 -1
package/dist/shadow-npm-inject.js +2 -2
package/dist/shadow-npm-inject.js.map +1 -1
package/package.json +5 -5

package/dist/cli.js CHANGED Viewed

@@ -904,7 +904,7 @@ function emitBanner(name) {
   logger.logger.error(getAsciiHeader(name))
 }
 function getAsciiHeader(command) {
-  const cliVersion = '0.14.144:e577de2:37d9efbe:pub' // The '@rollup/plugin-replace' will replace "process.env['INLINED_SOCKET_CLI_VERSION_HASH']".
+  const cliVersion = '0.14.146:6152991:5adb2b76:pub' // The '@rollup/plugin-replace' will replace "process.env['INLINED_SOCKET_CLI_VERSION_HASH']".
   const nodeVersion = process$1.version
   const apiToken = shadowNpmInject.getDefaultToken()
   const defaultOrg = shadowNpmInject.getConfigValue('defaultOrg')
@@ -3979,23 +3979,30 @@ const alertMapOptions = Object.freeze({
   },
   nothrow: true
 })
-function assignDefaultFixOptions(options) {
-  if (options.autoPilot === undefined) {
+function normalizeFixOptions(options_) {
+  const options = {
+    __proto__: null,
+    ...options_
+  }
+  if (typeof options.autoPilot !== 'boolean') {
     options.autoPilot = false
   }
-  if (options.autoMerge === undefined) {
+  if (typeof options.autoMerge !== 'boolean') {
     options.autoMerge = !!options.autoPilot
   }
-  if (options.cwd === undefined) {
+  if (typeof options.cwd !== 'string') {
     options.cwd = process.cwd()
   }
-  if (options.rangeStyle === undefined) {
+  options.purls = Array.isArray(options.purls)
+    ? options.purls.flatMap(p => p.split(/, */))
+    : []
+  if (typeof options.rangeStyle !== 'string') {
     options.rangeStyle = 'preserve'
   }
-  if (options.test === undefined) {
+  if (typeof options.test !== 'boolean') {
     options.test = !!options.autoPilot || !!options.testScript
   }
-  if (options.testScript === undefined) {
+  if (typeof options.testScript !== 'string') {
     options.testScript = 'test'
   }
   return options
@@ -5120,10 +5127,7 @@ async function detectAndValidatePackageEnvironment(cwd, options) {
 const { NPM: NPM$a, PNPM: PNPM$6 } = constants
 async function runFix(options_) {
-  const options = assignDefaultFixOptions({
-    __proto__: null,
-    ...options_
-  })
+  const options = normalizeFixOptions(options_)
   const pkgEnvDetails = await detectAndValidatePackageEnvironment(options.cwd, {
     cmdName: CMD_NAME$1,
     logger: logger.logger
@@ -5143,8 +5147,8 @@ async function runFix(options_) {
 const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$y } = constants
 const config$B = {
   commandName: 'fix',
-  description: 'Fix "fixable" Socket alerts',
-  hidden: true,
+  description: 'Update dependencies with "fixable" Socket alerts',
+  hidden: false,
   flags: {
     ...commonFlags,
     autoPilot: {
@@ -5160,7 +5164,7 @@ const config$B = {
     purl: {
       type: 'string',
       default: [],
-      description: `User provided PURL to fix`,
+      description: `Provide a list of ${vendor.terminalLinkExports('package URLs (PURLs)', 'https://github.com/package-url/purl-spec?tab=readme-ov-file#purl')} to fix, as either a comma separated value or as multiple flags, instead of querying the Socket API`,
       isMultiple: true,
       shortFlag: 'p'
     },
@@ -5171,10 +5175,12 @@ const config$B = {
       Define how updated dependency versions should be written in package.json.
       Available styles:
         *	caret - Use ^ range for compatible updates (e.g. ^1.2.3)
-        *	gt - Use >= to allow any newer version (e.g. >=1.2.3)
+        *	gt - Use > to allow any newer version (e.g. >1.2.3)
+        *	gte - Use >= to allow any newer version (e.g. >=1.2.3)
         *	lt - Use < to allow only lower versions (e.g. <1.2.3)
+        *	lte - Use <= to allow only lower versions (e.g. <=1.2.3)
         *	pin - Use the exact version (e.g. 1.2.3)
-        *	preserve - Retain the existing version range as-is
+        *	preserve - Retain the existing version range style as-is
         *	tilde - Use ~ range for patch/minor updates (e.g. ~1.2.3)
       `
     },
@@ -7462,21 +7468,21 @@ async function addOverrides(pkgEnvDetails, pkgPath, options) {
       addedInWorkspaces: new Set(),
       updated: new Set(),
       updatedInWorkspaces: new Set(),
-      warnedPnpmWorkspaceRequiresNpm: false,
-      workspacePkgJsonPaths: await shadowNpmInject.globWorkspace(
-        agent,
-        rootPath
-      )
+      warnedPnpmWorkspaceRequiresNpm: false
     }
   } = {
     __proto__: null,
     ...options
   }
-  const isWorkspace = state.workspacePkgJsonPaths.length > 0
+  const workspacePkgJsonPaths = await shadowNpmInject.globWorkspace(
+    agent,
+    pkgPath
+  )
+  const isWorkspace = workspacePkgJsonPaths.length > 0
   const isWorkspaceRoot = pkgPath === rootPath
   const isLockScanned = isWorkspaceRoot && !prod
   const workspaceName = isWorkspaceRoot
-    ? ''
+    ? 'root'
     : path$1.relative(rootPath, pkgPath)
   if (
     isWorkspace &&
@@ -7502,9 +7508,7 @@ async function addOverrides(pkgEnvDetails, pkgPath, options) {
       overridesDataByAgent.get(YARN_CLASSIC)(pkgEnvDetails)
     )
   }
-  spinner?.setText(
-    `Adding overrides${workspaceName ? ` to ${workspaceName}` : ''}...`
-  )
+  spinner?.setText(`Adding overrides to ${workspaceName}...`)
   const depAliasMap = new Map()
   const depEntries = getDependencyEntries(pkgEnvDetails)
   const manifestEntries = manifestNpmOverrides.filter(({ 1: data }) =>
@@ -7550,7 +7554,7 @@ async function addOverrides(pkgEnvDetails, pkgPath, options) {
           thisSpec = sockOverrideSpec
           depObj[origPkgName] = thisSpec
           state.added.add(sockRegPkgName)
-          if (workspaceName) {
+          if (!isWorkspaceRoot) {
             state.addedInWorkspaces.add(workspaceName)
           }
         }
@@ -7636,7 +7640,7 @@ async function addOverrides(pkgEnvDetails, pkgPath, options) {
   if (isWorkspace) {
     // Chunk package names to process them in parallel 3 at a time.
     await promises.pEach(
-      state.workspacePkgJsonPaths,
+      workspacePkgJsonPaths,
       3,
       async workspacePkgJsonPath => {
         const otherState = await addOverrides(
@@ -7646,8 +7650,7 @@ async function addOverrides(pkgEnvDetails, pkgPath, options) {
             logger,
             pin,
             prod,
-            spinner,
-            state
+            spinner
           }
         )
         for (const key of [
@@ -12258,7 +12261,7 @@ void (async () => {
   await vendor.updater({
     name: SOCKET_CLI_BIN_NAME,
     // The '@rollup/plugin-replace' will replace "process.env['INLINED_SOCKET_CLI_VERSION']".
-    version: '0.14.144',
+    version: '0.14.146',
     ttl: 86_400_000 /* 24 hours in milliseconds */
   })
   try {
@@ -12326,5 +12329,5 @@ void (async () => {
     await shadowNpmInject.captureException(e)
   }
 })()
-//# debugId=b98a5e11-2f79-43fe-9402-d9e2d8286d96
+//# debugId=6da5d585-ab38-4032-b453-f3dc4beddc3d
 //# sourceMappingURL=cli.js.map