@socketsecurity/cli-with-sentry 0.14.148 → 0.14.150

package/dist/instrument-with-sentry.js

@@ -30,7 +30,7 @@ const relConstantsPath = './constants'
   Sentry.setTag(
     'version',
     // The '@rollup/plugin-replace' will replace "process.env['INLINED_SOCKET_CLI_VERSION_HASH']".
-    '0.14.148:b04f898:405b6083:pub'
+    '0.14.150:cc2913a:84ef72e1:pub'
   )
   const constants = require(relConstantsPath)
   if (constants.ENV.SOCKET_CLI_DEBUG) {
@@ -45,5 +45,5 @@ const relConstantsPath = './constants'
   } = constants
   setSentry(Sentry)
 }
-//# debugId=393749b2-30d9-4e07-a7f4-236a1ad3f52d
+//# debugId=57081891-4aac-4730-be9e-f34d633bc099
 //# sourceMappingURL=instrument-with-sentry.js.map

package/dist/instrument-with-sentry.js.map

@@ -1 +1 @@
-{"version":3,"file":"instrument-with-sentry.js","sources":["../src/instrument-with-sentry.ts"],"sourcesContent":["// This should ONLY be included in the special Sentry build!\n// Otherwise the Sentry dependency won't even be present in the manifest.\n\nimport { logger } from '@socketsecurity/registry/lib/logger'\n\n// Require constants with require(relConstantsPath) instead of require('./constants')\n// so Rollup doesn't generate a constants2.js chunk.\nconst relConstantsPath = './constants'\n// The '@rollup/plugin-replace' will replace \"process.env['INLINED_SOCKET_CLI_SENTRY_BUILD']\".\nif (process.env['INLINED_SOCKET_CLI_SENTRY_BUILD']) {\n  const Sentry = require('@sentry/node')\n  Sentry.init({\n    onFatalError(error: Error) {\n      // Defer module loads until after Sentry.init is called.\n      if (require(relConstantsPath).ENV.SOCKET_CLI_DEBUG) {\n        logger.fail('[DEBUG] [Sentry onFatalError]:', error)\n      }\n    },\n    dsn: 'https://66736701db8e4ffac046bd09fa6aaced@o555220.ingest.us.sentry.io/4508846967619585',\n    enabled: true,\n    integrations: []\n  })\n  Sentry.setTag(\n    'environment',\n    // The '@rollup/plugin-replace' will replace \"process.env['INLINED_SOCKET_CLI_PUBLISHED_BUILD']\".\n    process.env['INLINED_SOCKET_CLI_PUBLISHED_BUILD']\n      ? 'pub'\n      : // The NODE_ENV convention is used by apps to define the runtime environment.\n        // https://nodejs.org/en/learn/getting-started/nodejs-the-difference-between-development-and-production\n        process.env['NODE_ENV']\n  )\n  Sentry.setTag(\n    'version',\n    // The '@rollup/plugin-replace' will replace \"process.env['INLINED_SOCKET_CLI_VERSION_HASH']\".\n    process.env['INLINED_SOCKET_CLI_VERSION_HASH']\n  )\n  const constants = require(relConstantsPath)\n  if (constants.ENV.SOCKET_CLI_DEBUG) {\n    Sentry.setTag('debugging', true)\n    logger.log('[DEBUG] Set up Sentry.')\n  } else {\n    Sentry.setTag('debugging', false)\n  }\n  const {\n    kInternalsSymbol,\n    [kInternalsSymbol as unknown as 'Symbol(kInternalsSymbol)']: { setSentry }\n  } = constants\n  setSentry(Sentry)\n} else if (require(relConstantsPath).ENV.SOCKET_CLI_DEBUG) {\n  logger.log('[DEBUG] Sentry disabled explicitly.')\n}\n"],"names":["logger","dsn","enabled","integrations","process","Sentry","setSentry"],"mappings":";;;;AAAA;AACA;;;AAIA;AACA;AACA;AACA;AACoD;AAClD;;;AAGI;;AAEEA;AACF;;AAEFC;AACAC;AACAC;AACF;;AAGE;AACAC;;AAQA;AACAA;AAEF;AACA;AACEC;AACAL;AACF;AACEK;AACF;;;AAGE;AAA+DC;AAAU;AAC3E;;AAEF","debugId":"393749b2-30d9-4e07-a7f4-236a1ad3f52d"}
+{"version":3,"file":"instrument-with-sentry.js","sources":["../src/instrument-with-sentry.ts"],"sourcesContent":["// This should ONLY be included in the special Sentry build!\n// Otherwise the Sentry dependency won't even be present in the manifest.\n\nimport { logger } from '@socketsecurity/registry/lib/logger'\n\n// Require constants with require(relConstantsPath) instead of require('./constants')\n// so Rollup doesn't generate a constants2.js chunk.\nconst relConstantsPath = './constants'\n// The '@rollup/plugin-replace' will replace \"process.env['INLINED_SOCKET_CLI_SENTRY_BUILD']\".\nif (process.env['INLINED_SOCKET_CLI_SENTRY_BUILD']) {\n  const Sentry = require('@sentry/node')\n  Sentry.init({\n    onFatalError(error: Error) {\n      // Defer module loads until after Sentry.init is called.\n      if (require(relConstantsPath).ENV.SOCKET_CLI_DEBUG) {\n        logger.fail('[DEBUG] [Sentry onFatalError]:', error)\n      }\n    },\n    dsn: 'https://66736701db8e4ffac046bd09fa6aaced@o555220.ingest.us.sentry.io/4508846967619585',\n    enabled: true,\n    integrations: []\n  })\n  Sentry.setTag(\n    'environment',\n    // The '@rollup/plugin-replace' will replace \"process.env['INLINED_SOCKET_CLI_PUBLISHED_BUILD']\".\n    process.env['INLINED_SOCKET_CLI_PUBLISHED_BUILD']\n      ? 'pub'\n      : // The NODE_ENV convention is used by apps to define the runtime environment.\n        // https://nodejs.org/en/learn/getting-started/nodejs-the-difference-between-development-and-production\n        process.env['NODE_ENV']\n  )\n  Sentry.setTag(\n    'version',\n    // The '@rollup/plugin-replace' will replace \"process.env['INLINED_SOCKET_CLI_VERSION_HASH']\".\n    process.env['INLINED_SOCKET_CLI_VERSION_HASH']\n  )\n  const constants = require(relConstantsPath)\n  if (constants.ENV.SOCKET_CLI_DEBUG) {\n    Sentry.setTag('debugging', true)\n    logger.log('[DEBUG] Set up Sentry.')\n  } else {\n    Sentry.setTag('debugging', false)\n  }\n  const {\n    kInternalsSymbol,\n    [kInternalsSymbol as unknown as 'Symbol(kInternalsSymbol)']: { setSentry }\n  } = constants\n  setSentry(Sentry)\n} else if (require(relConstantsPath).ENV.SOCKET_CLI_DEBUG) {\n  logger.log('[DEBUG] Sentry disabled explicitly.')\n}\n"],"names":["logger","dsn","enabled","integrations","process","Sentry","setSentry"],"mappings":";;;;AAAA;AACA;;;AAIA;AACA;AACA;AACA;AACoD;AAClD;;;AAGI;;AAEEA;AACF;;AAEFC;AACAC;AACAC;AACF;;AAGE;AACAC;;AAQA;AACAA;AAEF;AACA;AACEC;AACAL;AACF;AACEK;AACF;;;AAGE;AAA+DC;AAAU;AAC3E;;AAEF","debugId":"57081891-4aac-4730-be9e-f34d633bc099"}

package/dist/shadow-npm-inject.js

@@ -2,9 +2,9 @@
 
 const shadowNpmPaths = require('./shadow-npm-paths.js')
 const process$1 = require('node:process')
-const vendor = require('./vendor.js')
 const logger = require('../external/@socketsecurity/registry/lib/logger')
 const constants = require('./constants.js')
+const vendor = require('./vendor.js')
 const arrays = require('../external/@socketsecurity/registry/lib/arrays')
 const packages = require('../external/@socketsecurity/registry/lib/packages')
 const registry = require('../external/@socketsecurity/registry')
@@ -332,7 +332,8 @@ const supportedConfigKeys = new Map([
   [
     'enforcedOrgs',
     'Orgs in this list have their security policies enforced on this machine'
-  ]
+  ],
+  ['isTestingV1', 'For development of testing the next major bump']
 ])
 const sensitiveConfigKeys = new Set(['apiToken'])
 let _cachedConfig
@@ -349,6 +350,9 @@ function overrideCachedConfig(jsonConfig) {
       throw new Error()
     }
   } catch {
+    // Force set an empty config to prevent accidentally using system settings
+    _cachedConfig = {}
+    _readOnlyConfig = true
     return {
       ok: false,
       message:
@@ -524,6 +528,9 @@ function updateConfigValue(key, value) {
     })
   }
 }
+function isTestingV1() {
+  return !!getConfigValue('isTestingV1')
+}
 
 const {
   kInternalsSymbol: kInternalsSymbol$1,
@@ -623,7 +630,7 @@ async function setupSdk(
       // The '@rollup/plugin-replace' will replace "process.env['INLINED_SOCKET_CLI_NAME']".
       name: '@socketsecurity/cli',
       // The '@rollup/plugin-replace' will replace "process.env['INLINED_SOCKET_CLI_VERSION']".
-      version: '0.14.148',
+      version: '0.14.150',
       // The '@rollup/plugin-replace' will replace "process.env['INLINED_SOCKET_CLI_HOMEPAGE']".
       homepage: 'https://github.com/SocketDev/socket-cli'
     })
@@ -2506,8 +2513,6 @@ class SafeArborist extends Arborist {
     )
     // Lazily access constants.ENV[SOCKET_CLI_ACCEPT_RISKS].
     const acceptRisks = constants.ENV[SOCKET_CLI_ACCEPT_RISKS]
-    // Lazily access constants.ENV[SOCKET_CLI_VIEW_ALL_RISKS].
-    const viewAllRisks = constants.ENV[SOCKET_CLI_VIEW_ALL_RISKS]
     const progress = ipc[SOCKET_CLI_SAFE_PROGRESS]
     const spinner =
       options['silent'] || !progress
@@ -2535,13 +2540,17 @@ class SafeArborist extends Arborist {
     })
     if (alertsMap.size) {
       process$1.exitCode = 1
+      // Lazily access constants.ENV[SOCKET_CLI_VIEW_ALL_RISKS].
+      const viewAllRisks = constants.ENV[SOCKET_CLI_VIEW_ALL_RISKS]
       logAlertsMap(alertsMap, {
         hideAt: viewAllRisks ? 'none' : 'middle',
         output: process$1.stderr
       })
-      throw new Error(vendor.html`
+      throw new Error(
+        `
           Socket ${binName} exiting due to risks.${viewAllRisks ? '' : `\nView all risks - Rerun with environment variable ${SOCKET_CLI_VIEW_ALL_RISKS}=1.`}${acceptRisks ? '' : `\nAccept risks - Rerun with environment variable ${SOCKET_CLI_ACCEPT_RISKS}=1.`}
-        `)
+        `.trim()
+      )
     } else if (!options['silent']) {
       logger.logger.success(
         `Socket ${binName} ${acceptRisks ? 'accepted' : 'found no'} risks`
@@ -2604,6 +2613,7 @@ exports.getSocketDevPackageOverviewUrl = getSocketDevPackageOverviewUrl
 exports.globWithGitIgnore = globWithGitIgnore
 exports.globWorkspace = globWorkspace
 exports.isReadOnlyConfig = isReadOnlyConfig
+exports.isTestingV1 = isTestingV1
 exports.overrideCachedConfig = overrideCachedConfig
 exports.overrideConfigApiToken = overrideConfigApiToken
 exports.pathsToGlobPatterns = pathsToGlobPatterns
@@ -2617,5 +2627,5 @@ exports.supportedConfigKeys = supportedConfigKeys
 exports.updateConfigValue = updateConfigValue
 exports.updateNode = updateNode
 exports.updatePackageJsonFromNode = updatePackageJsonFromNode
-//# debugId=73444845-c83b-4052-b896-91d56cceb187
+//# debugId=32c0e7c8-3d51-46ad-b003-37963c3c7d8e
 //# sourceMappingURL=shadow-npm-inject.js.map