npm - @socketsecurity/cli-with-sentry - Versions diffs - 0.14.152 → 0.14.153 - Mend

@socketsecurity/cli-with-sentry 0.14.152 → 0.14.153

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (17) hide show

package/dist/.config/tsconfig.dts.tsbuildinfo +1 -1
package/dist/cli.js +31 -12
package/dist/cli.js.map +1 -1
package/dist/constants.js +3 -3
package/dist/constants.js.map +1 -1
package/dist/shadow-npm-inject.js +1 -2
package/dist/shadow-npm-inject.js.map +1 -1
package/dist/types/commands/fix/npm-fix.d.mts.map +1 -1
package/dist/types/commands/fix/pnpm-fix.d.mts.map +1 -1
package/dist/types/commands/organization/output-license-policy.d.mts.map +1 -1
package/dist/types/utils/socket-package-alert.d.mts.map +1 -1
package/dist/vendor.js +74 -19
package/dist/vendor.js.map +1 -1
package/external/@socketsecurity/registry/lib/packages.d.ts +6 -2
package/external/@socketsecurity/registry/lib/packages.js +192 -139
package/external/@socketsecurity/registry/package.json +1 -1
package/package.json +5 -5

package/external/@socketsecurity/registry/lib/packages.d.ts CHANGED Viewed

@@ -12,8 +12,8 @@ declare namespace Packages {
   export class EditablePackageJson extends NPMCliPackageJson {
     content: Readonly<PackageJson>
     // @ts-ignore TypeScript doesn't like an override with a different return type.
-    override save: () => Promise<boolean>
-    saveSync: () => void
+    override save: (options?: SaveOptions | undefined) => Promise<boolean>
+    saveSync: (options?: SaveOptions | undefined) => boolean
   }
   export type Exports = Exclude<PackageJson['exports'], undefined>
   export type ExtractOptions = PacoteOptions & {
@@ -35,6 +35,10 @@ declare namespace Packages {
   export type PacoteOptions = PacoteOptionsRaw & {
     signal?: AbortSignal | undefined
   }
+  export type SaveOptions = {
+    ignoreWhitespace?: boolean | undefined
+    sort?: boolean | undefined
+  }
   export function collectIncompatibleLicenses(
     licenseNodes: LicenseNode[]
   ): LicenseNode[]

package/external/@socketsecurity/registry/lib/packages.js CHANGED Viewed

@@ -42,136 +42,13 @@ function getCacache() {
   return _cacache
 }
-let _fetcher
-/*@__NO_SIDE_EFFECTS__*/
-function getFetcher() {
-  if (_fetcher === undefined) {
-    const makeFetchHappen = /*@__PURE__*/ require('../external/make-fetch-happen')
-    _fetcher = makeFetchHappen.defaults({
-      cachePath: /*@__PURE__*/ require('./constants/pacote-cache-path'),
-      // Prefer-offline: Staleness checks for cached data will be bypassed, but
-      // missing data will be requested from the server.
-      // https://github.com/npm/make-fetch-happen?tab=readme-ov-file#--optscache
-      cache: 'force-cache'
-    })
-  }
-  return _fetcher
-}
-let _fs
-/*@__NO_SIDE_EFFECTS__*/
-function getFs() {
-  if (_fs === undefined) {
-    // Use non-'node:' prefixed require to avoid Webpack errors.
-    // eslint-disable-next-line n/prefer-node-protocol
-    _fs = /*@__PURE__*/ require('fs')
-  }
-  return _fs
-}
-let _normalizePackageData
-/*@__NO_SIDE_EFFECTS__*/
-function getNormalizePackageData() {
-  if (_normalizePackageData === undefined) {
-    _normalizePackageData = /*@__PURE__*/ require('../external/normalize-package-data')
-  }
-  return _normalizePackageData
-}
-let _npmPackageArg
-/*@__NO_SIDE_EFFECTS__*/
-function getNpmPackageArg() {
-  if (_npmPackageArg === undefined) {
-    _npmPackageArg = /*@__PURE__*/ require('../external/npm-package-arg')
-  }
-  return _npmPackageArg
-}
-let _pack
-/*@__NO_SIDE_EFFECTS__*/
-function getPack() {
-  if (_pack === undefined) {
-    _pack = /*@__PURE__*/ require('../external/libnpmpack')
-  }
-  return _pack
-}
-let _PackageURL
-/*@__NO_SIDE_EFFECTS__*/
-function getPackageURL() {
-  if (_PackageURL === undefined) {
-    // The 'packageurl-js' package is browser safe.
-    _PackageURL =
-      /*@__PURE__*/ require('../external/@socketregistry/packageurl-js').PackageURL
-  }
-  return _PackageURL
-}
-let _pacote
-/*@__NO_SIDE_EFFECTS__*/
-function getPacote() {
-  if (_pacote === undefined) {
-    _pacote = /*@__PURE__*/ require('../external/pacote')
-  }
-  return _pacote
-}
-let _path
-/*@__NO_SIDE_EFFECTS__*/
-function getPath() {
-  if (_path === undefined) {
-    // Use non-'node:' prefixed require to avoid Webpack errors.
-    // eslint-disable-next-line n/prefer-node-protocol
-    _path = /*@__PURE__*/ require('path')
-  }
-  return _path
-}
-let _semver
-/*@__NO_SIDE_EFFECTS__*/
-function getSemver() {
-  if (_semver === undefined) {
-    // The 'semver' package is browser safe.
-    _semver = /*@__PURE__*/ require('../external/semver')
-  }
-  return _semver
-}
-let _spdxCorrect
-/*@__NO_SIDE_EFFECTS__*/
-function getSpdxCorrect() {
-  if (_spdxCorrect === undefined) {
-    // The 'spdx-correct' package is browser safe.
-    _spdxCorrect = /*@__PURE__*/ require('../external/spdx-correct')
-  }
-  return _spdxCorrect
-}
-let _spdxExpParse
-/*@__NO_SIDE_EFFECTS__*/
-function getSpdxExpParse() {
-  if (_spdxExpParse === undefined) {
-    // The 'spdx-expression-parse' package is browser safe.
-    _spdxExpParse = /*@__PURE__*/ require('../external/spdx-expression-parse')
-  }
-  return _spdxExpParse
-}
-let _validateNpmPackageName
-/*@__NO_SIDE_EFFECTS__*/
-function getValidateNpmPackageName() {
-  if (_validateNpmPackageName === undefined) {
-    _validateNpmPackageName = /*@__PURE__*/ require('../external/validate-npm-package-name')
-  }
-  return _validateNpmPackageName
-}
 let _EditablePackageJsonClass
 /*@__NO_SIDE_EFFECTS__*/
 function getEditablePackageJsonClass() {
   if (_EditablePackageJsonClass === undefined) {
     const EditablePackageJsonBase = /*@__PURE__*/ require('../external/@npmcli/package-json')
     const {
+      parse,
       read
     } = /*@__PURE__*/ require('../external/@npmcli/package-json/lib/read-package')
     const {
@@ -187,6 +64,7 @@ function getEditablePackageJsonClass() {
       _canSave = true
       _path = undefined
       _readFileContent = ''
+      _readFileJson = null
       static async create(path, opts = {}) {
         const p = new _EditablePackageJsonClass()
@@ -284,7 +162,10 @@ function getEditablePackageJsonClass() {
           this._canSave = false
           return this
         }
-        return this.fromJSON(this._readFileContent)
+        this.fromJSON(this._readFileContent)
+        // Add AFTER fromJSON is called in case it errors.
+        this._readFileJson = parse(this._readFileContent)
+        return this
       }
       async normalize(opts = {}) {
@@ -301,7 +182,7 @@ function getEditablePackageJsonClass() {
         return this
       }
-      async save({ sort } = {}) {
+      async save({ ignoreWhitespace = false, sort = false } = {}) {
         if (!this._canSave) {
           throw new Error('No package.json to save to')
         }
@@ -310,40 +191,75 @@ function getEditablePackageJsonClass() {
           [Symbol.for('newline')]: newline,
           ...rest
         } = this.content
+        const content = sort ? packageSort(rest) : rest
+        if (
+          ignoreWhitespace &&
+          getUtil().isDeepStrictEqual(content, this._readFileJson)
+        ) {
+          return false
+        }
         const format = indent === undefined ? '  ' : indent
         const eol = newline === undefined ? '\n' : newline
-        const content = sort ? packageSort(rest) : rest
         const fileContent = `${JSON.stringify(
           content,
           null,
           format
         )}\n`.replace(/\n/g, eol)
-        if (fileContent.trim() === this._readFileContent.trim()) {
+        if (
+          !ignoreWhitespace &&
+          fileContent.trim() === this._readFileContent.trim()
+        ) {
           return false
         }
         const { promises: fsPromises } = getFs()
         await fsPromises.writeFile(this.filename, fileContent)
         this._readFileContent = fileContent
+        this._readFileJson = parse(fileContent)
         return true
       }
-      async saveSync() {
+      async saveSync({ ignoreWhitespace = false, sort = false } = {}) {
         if (!this._canSave || this.content === undefined) {
           throw new Error('No package.json to save to')
         }
         const {
           [Symbol.for('indent')]: indent,
-          [Symbol.for('newline')]: newline
+          [Symbol.for('newline')]: newline,
+          ...rest
         } = this.content
+        const content = sort ? packageSort(rest) : rest
+        if (
+          ignoreWhitespace &&
+          getUtil().isDeepStrictEqual(content, this._readFileJson)
+        ) {
+          return false
+        }
         const format = indent === undefined ? '  ' : indent
         const eol = newline === undefined ? '\n' : newline
-        let fileContent = `${JSON.stringify(this.content, null, format)}\n`
-        if (eol !== '\n') {
-          fileContent = fileContent.replace(/\n/g, eol)
+        const fileContent = `${JSON.stringify(
+          content,
+          null,
+          format
+        )}\n`.replace(/\n/g, eol)
+        if (
+          !ignoreWhitespace &&
+          fileContent.trim() === this._readFileContent.trim()
+        ) {
+          return false
         }
         const fs = getFs()
         fs.writeFileSync(this.filename, fileContent)
+        this._readFileContent = fileContent
+        this._readFileJson = parse(fileContent)
+        return true
       }
       update(content) {
@@ -355,6 +271,141 @@ function getEditablePackageJsonClass() {
   return _EditablePackageJsonClass
 }
+let _fetcher
+/*@__NO_SIDE_EFFECTS__*/
+function getFetcher() {
+  if (_fetcher === undefined) {
+    const makeFetchHappen = /*@__PURE__*/ require('../external/make-fetch-happen')
+    _fetcher = makeFetchHappen.defaults({
+      cachePath: /*@__PURE__*/ require('./constants/pacote-cache-path'),
+      // Prefer-offline: Staleness checks for cached data will be bypassed, but
+      // missing data will be requested from the server.
+      // https://github.com/npm/make-fetch-happen?tab=readme-ov-file#--optscache
+      cache: 'force-cache'
+    })
+  }
+  return _fetcher
+}
+let _fs
+/*@__NO_SIDE_EFFECTS__*/
+function getFs() {
+  if (_fs === undefined) {
+    // Use non-'node:' prefixed require to avoid Webpack errors.
+    // eslint-disable-next-line n/prefer-node-protocol
+    _fs = /*@__PURE__*/ require('fs')
+  }
+  return _fs
+}
+let _normalizePackageData
+/*@__NO_SIDE_EFFECTS__*/
+function getNormalizePackageData() {
+  if (_normalizePackageData === undefined) {
+    _normalizePackageData = /*@__PURE__*/ require('../external/normalize-package-data')
+  }
+  return _normalizePackageData
+}
+let _npmPackageArg
+/*@__NO_SIDE_EFFECTS__*/
+function getNpmPackageArg() {
+  if (_npmPackageArg === undefined) {
+    _npmPackageArg = /*@__PURE__*/ require('../external/npm-package-arg')
+  }
+  return _npmPackageArg
+}
+let _pack
+/*@__NO_SIDE_EFFECTS__*/
+function getPack() {
+  if (_pack === undefined) {
+    _pack = /*@__PURE__*/ require('../external/libnpmpack')
+  }
+  return _pack
+}
+let _PackageURL
+/*@__NO_SIDE_EFFECTS__*/
+function getPackageURL() {
+  if (_PackageURL === undefined) {
+    // The 'packageurl-js' package is browser safe.
+    _PackageURL =
+      /*@__PURE__*/ require('../external/@socketregistry/packageurl-js').PackageURL
+  }
+  return _PackageURL
+}
+let _pacote
+/*@__NO_SIDE_EFFECTS__*/
+function getPacote() {
+  if (_pacote === undefined) {
+    _pacote = /*@__PURE__*/ require('../external/pacote')
+  }
+  return _pacote
+}
+let _path
+/*@__NO_SIDE_EFFECTS__*/
+function getPath() {
+  if (_path === undefined) {
+    // Use non-'node:' prefixed require to avoid Webpack errors.
+    // eslint-disable-next-line n/prefer-node-protocol
+    _path = /*@__PURE__*/ require('path')
+  }
+  return _path
+}
+let _semver
+/*@__NO_SIDE_EFFECTS__*/
+function getSemver() {
+  if (_semver === undefined) {
+    // The 'semver' package is browser safe.
+    _semver = /*@__PURE__*/ require('../external/semver')
+  }
+  return _semver
+}
+let _spdxCorrect
+/*@__NO_SIDE_EFFECTS__*/
+function getSpdxCorrect() {
+  if (_spdxCorrect === undefined) {
+    // The 'spdx-correct' package is browser safe.
+    _spdxCorrect = /*@__PURE__*/ require('../external/spdx-correct')
+  }
+  return _spdxCorrect
+}
+let _spdxExpParse
+/*@__NO_SIDE_EFFECTS__*/
+function getSpdxExpParse() {
+  if (_spdxExpParse === undefined) {
+    // The 'spdx-expression-parse' package is browser safe.
+    _spdxExpParse = /*@__PURE__*/ require('../external/spdx-expression-parse')
+  }
+  return _spdxExpParse
+}
+let _util
+/*@__NO_SIDE_EFFECTS__*/
+function getUtil() {
+  if (_util === undefined) {
+    // Use non-'node:' prefixed require to avoid Webpack errors.
+    // eslint-disable-next-line n/prefer-node-protocol
+    _util = /*@__PURE__*/ require('util')
+  }
+  return _util
+}
+let _validateNpmPackageName
+/*@__NO_SIDE_EFFECTS__*/
+function getValidateNpmPackageName() {
+  if (_validateNpmPackageName === undefined) {
+    _validateNpmPackageName = /*@__PURE__*/ require('../external/validate-npm-package-name')
+  }
+  return _validateNpmPackageName
+}
 /*@__NO_SIDE_EFFECTS__*/
 function collectIncompatibleLicenses(licenseNodes) {
   const result = []
@@ -457,12 +508,14 @@ function createPackageJson(sockRegPkgName, directory, options) {
       directory
     },
     ...(type ? { type } : {}),
-    ...(entryExports ? { exports: entryExports } : {}),
+    ...(entryExports ? { exports: { ...entryExports } } : {}),
     ...(entryExports ? {} : { main: `${main ?? './index.js'}` }),
     sideEffects: sideEffects !== undefined && !!sideEffects,
-    ...(isObjectObject(dependencies) ? { dependencies } : {}),
-    ...(isObjectObject(overrides) ? { overrides } : {}),
-    ...(isObjectObject(resolutions) ? { resolutions } : {}),
+    ...(isObjectObject(dependencies)
+      ? { dependencies: { ...dependencies } }
+      : {}),
+    ...(isObjectObject(overrides) ? { overrides: { ...overrides } } : {}),
+    ...(isObjectObject(resolutions) ? { resolutions: { ...resolutions } } : {}),
     ...(isObjectObject(engines)
       ? {
           engines: objectFromEntries(
@@ -486,9 +539,9 @@ function createPackageJson(sockRegPkgName, directory, options) {
           )
         }
       : { engines: { node: PACKAGE_DEFAULT_NODE_RANGE } }),
-    files: Array.isArray(files) ? files : ['*.d.ts', '*.js'],
+    files: Array.isArray(files) ? files.slice() : ['*.d.ts', '*.js'],
     ...(isObjectObject(socket)
-      ? { socket }
+      ? { socket: { ...socket } }
       : {
           socket: {
             // Valid categories are: cleanup, levelup, speedup, tuneup

package/external/@socketsecurity/registry/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@socketsecurity/registry",
-  "version": "1.0.157",
+  "version": "1.0.159",
   "license": "MIT",
   "description": "Socket.dev registry helpers methods and metadata",
   "keywords": [

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@socketsecurity/cli-with-sentry",
-  "version": "0.14.152",
+  "version": "0.14.153",
   "description": "CLI tool for Socket.dev, includes Sentry error handling, otherwise identical to the regular `socket` package",
   "homepage": "https://github.com/SocketDev/socket-cli",
   "license": "MIT",
@@ -106,8 +106,8 @@
     "@socketregistry/is-interactive": "1.0.5",
     "@socketregistry/packageurl-js": "1.0.6",
     "@socketsecurity/config": "2.1.3",
-    "@socketsecurity/registry": "1.0.157",
-    "@socketsecurity/sdk": "1.4.29",
+    "@socketsecurity/registry": "1.0.159",
+    "@socketsecurity/sdk": "1.4.30",
     "@types/blessed": "0.1.25",
     "@types/cmd-shim": "5.0.2",
     "@types/micromatch": "4.0.9",
@@ -139,7 +139,7 @@
     "hpagent": "1.2.0",
     "husky": "9.1.7",
     "ignore": "7.0.4",
-    "knip": "5.51.1",
+    "knip": "5.52.0",
     "lint-staged": "15.5.1",
     "magic-string": "0.30.17",
     "meow": "13.2.0",
@@ -148,7 +148,7 @@
     "nock": "14.0.4",
     "npm-package-arg": "12.0.2",
     "npm-run-all2": "7.0.2",
-    "open": "10.1.1",
+    "open": "10.1.2",
     "oxlint": "0.16.8",
     "pony-cause": "2.1.11",
     "rollup": "4.40.1",