@socketsecurity/cli-with-sentry 0.14.44 → 0.14.46

package/dist/module-sync/npm-paths.js

@@ -14,7 +14,7 @@ var Module = require('node:module');
 var path = require('node:path');
 var process = require('node:process');
 var path$1 = require('@socketsecurity/registry/lib/path');
-var constants = require('./constants2.js');
+var constants = require('./constants.js');
 var ignore = _socketInterop(require('ignore'));
 var micromatch = _socketInterop(require('micromatch'));
 var tinyglobby = _socketInterop(require('tinyglobby'));
@@ -61,7 +61,7 @@ const logger = new Logger();
 
 function isDebug() {
   // Lazily access constants.ENV.
-  return constants.constants.ENV.SOCKET_CLI_DEBUG;
+  return constants.ENV.SOCKET_CLI_DEBUG;
 }
 function debugLog(...args) {
   if (isDebug()) {
@@ -100,7 +100,7 @@ const {
   NODE_MODULES: NODE_MODULES$1,
   NPM: NPM$1,
   shadowBinPath
-} = constants.constants;
+} = constants;
 async function filterGlobResultToSupportedFiles(entries, supportedFiles) {
   const patterns = ['golang', NPM$1, 'maven', 'pypi'].reduce((r, n) => {
     const supported = supportedFiles[n];
@@ -244,7 +244,7 @@ function findNpmPathSync(npmBinPath) {
     path.basename(thePath) === NPM$1 ||
     // Chocolatey installs npm bins in the same directory as node bins.
     // Lazily access constants.WIN32.
-    constants.constants.WIN32 && fs.existsSync(path.join(thePath, `${NPM$1}.cmd`)))) {
+    constants.WIN32 && fs.existsSync(path.join(thePath, `${NPM$1}.cmd`)))) {
       return thePath;
     }
     const parent = path.dirname(thePath);
@@ -281,7 +281,7 @@ const {
   NPM,
   NPX,
   SOCKET_CLI_ISSUES_URL
-} = constants.constants;
+} = constants;
 function exitWithBinPathError(binName) {
   console.error(`Socket unable to locate ${binName}; ensure it is available in the PATH environment variable.`);
   // The exit code 127 indicates that the command or binary being executed
@@ -363,7 +363,7 @@ function getArboristPackagePath() {
     const mainPathWithForwardSlashes = path$1.normalizePath(getNpmRequire().resolve(pkgName));
     const arboristPkgPathWithForwardSlashes = mainPathWithForwardSlashes.slice(0, mainPathWithForwardSlashes.lastIndexOf(pkgName) + pkgName.length);
     // Lazily access constants.WIN32.
-    _arboristPkgPath = constants.constants.WIN32 ? path.normalize(arboristPkgPathWithForwardSlashes) : arboristPkgPathWithForwardSlashes;
+    _arboristPkgPath = constants.WIN32 ? path.normalize(arboristPkgPathWithForwardSlashes) : arboristPkgPathWithForwardSlashes;
   }
   return _arboristPkgPath;
 }
@@ -419,5 +419,5 @@ exports.isDebug = isDebug;
 exports.isNpmBinPathShadowed = isNpmBinPathShadowed;
 exports.isNpxBinPathShadowed = isNpxBinPathShadowed;
 exports.logger = logger;
-//# debugId=ff4e9bce-e186-418c-a87c-6ea63ce4776e
+//# debugId=86fc9821-b01f-4210-8d26-6d3ece42c533
 //# sourceMappingURL=npm-paths.js.map

package/dist/module-sync/npm-paths.js.map

@@ -1 +1 @@
-{"version":3,"file":"npm-paths.js","sources":["../../src/utils/logging.ts","../../src/utils/debug.ts","../../src/utils/ignore-by-default.ts","../../src/utils/path-resolve.ts","../../src/shadow/npm-paths.ts"],"sourcesContent":["import colors from 'yoctocolors-cjs'\n\nimport isUnicodeSupported from '@socketregistry/is-unicode-supported/index.cjs'\nimport { Spinner } from '@socketsecurity/registry/lib/spinner'\n\nexport type LogSymbols = {\n  info: string\n  success: string\n  warning: string\n  error: string\n}\n\nlet _logSymbols: LogSymbols | undefined\nexport function getLogSymbols() {\n  if (_logSymbols === undefined) {\n    _logSymbols = <LogSymbols>(isUnicodeSupported()\n      ? {\n          __proto__: null,\n          info: colors.blue('ℹ'),\n          success: colors.green('✔'),\n          warning: colors.yellow('⚠'),\n          error: colors.red('✖️')\n        }\n      : {\n          __proto__: null,\n          info: colors.blue('i'),\n          success: colors.green('√'),\n          warning: colors.yellow('‼'),\n          error: colors.red('×')\n        })\n  }\n  return _logSymbols\n}\n\nexport class Logger {\n  #spinnerLogger: ReturnType<typeof Spinner>\n  constructor() {\n    this.#spinnerLogger = new Spinner()\n  }\n\n  error(text: string) {\n    this.#spinnerLogger.error(text)\n  }\n\n  info(text: string) {\n    this.#spinnerLogger.info(text)\n  }\n\n  warn(text: string) {\n    this.#spinnerLogger.warning(text)\n  }\n}\n\nexport const logger = new Logger()\n","import { getLogSymbols } from './logging'\nimport constants from '../constants'\n\nexport function isDebug() {\n  // Lazily access constants.ENV.\n  return constants.ENV.SOCKET_CLI_DEBUG\n}\n\nexport function debugLog(...args: any[]) {\n  if (isDebug()) {\n    console.error(getLogSymbols().info, ...args)\n  }\n}\n","const ignoredDirs = [\n  // Taken from ignore-by-default:\n  // https://github.com/novemberborn/ignore-by-default/blob/v2.1.0/index.js\n  '.git', // Git repository files, see <https://git-scm.com/>\n  '.log', // Log files emitted by tools such as `tsserver`, see <https://github.com/Microsoft/TypeScript/wiki/Standalone-Server-%28tsserver%29>\n  '.nyc_output', // Temporary directory where nyc stores coverage data, see <https://github.com/bcoe/nyc>\n  '.sass-cache', // Cache folder for node-sass, see <https://github.com/sass/node-sass>\n  '.yarn', // Where node modules are installed when using Yarn, see <https://yarnpkg.com/>\n  'bower_components', // Where Bower packages are installed, see <http://bower.io/>\n  'coverage', // Standard output directory for code coverage reports, see <https://github.com/gotwarlost/istanbul>\n  'node_modules', // Where Node modules are installed, see <https://nodejs.org/>\n  // Taken from globby:\n  // https://github.com/sindresorhus/globby/blob/v14.0.2/ignore.js#L11-L16\n  'flow-typed'\n] as const\n\nconst ignoredDirPatterns = ignoredDirs.map(i => `**/${i}`)\n\nexport function directoryPatterns() {\n  return [...ignoredDirPatterns]\n}\n","import { existsSync, promises as fs, realpathSync, statSync } from 'node:fs'\nimport path from 'node:path'\nimport process from 'node:process'\n\nimport ignore from 'ignore'\nimport micromatch from 'micromatch'\nimport { glob as tinyGlob } from 'tinyglobby'\nimport which from 'which'\n\nimport { debugLog } from './debug'\nimport { directoryPatterns } from './ignore-by-default'\nimport constants from '../constants'\n\nimport type { SocketYml } from '@socketsecurity/config'\nimport type { SocketSdkReturnType } from '@socketsecurity/sdk'\nimport type { GlobOptions } from 'tinyglobby'\n\ntype GlobWithGitIgnoreOptions = GlobOptions & {\n  socketConfig?: SocketYml | undefined\n}\n\nconst { NODE_MODULES, NPM, shadowBinPath } = constants\n\nasync function filterGlobResultToSupportedFiles(\n  entries: string[],\n  supportedFiles: SocketSdkReturnType<'getReportSupportedFiles'>['data']\n): Promise<string[]> {\n  const patterns = ['golang', NPM, 'maven', 'pypi'].reduce(\n    (r: string[], n: string) => {\n      const supported = supportedFiles[n]\n      r.push(\n        ...(supported\n          ? Object.values(supported).map(p => `**/${p.pattern}`)\n          : [])\n      )\n      return r\n    },\n    []\n  )\n  return entries.filter(p => micromatch.some(p, patterns))\n}\n\nasync function globWithGitIgnore(\n  patterns: string[],\n  options: GlobWithGitIgnoreOptions\n) {\n  const {\n    cwd = process.cwd(),\n    socketConfig,\n    ...additionalOptions\n  } = <GlobWithGitIgnoreOptions>{ __proto__: null, ...options }\n  const projectIgnorePaths = socketConfig?.projectIgnorePaths\n  const ignoreFiles = await tinyGlob(['**/.gitignore'], {\n    absolute: true,\n    cwd,\n    expandDirectories: true\n  })\n  const ignores = [\n    ...directoryPatterns(),\n    ...(Array.isArray(projectIgnorePaths)\n      ? ignoreFileLinesToGlobPatterns(\n          projectIgnorePaths,\n          path.join(cwd, '.gitignore'),\n          cwd\n        )\n      : []),\n    ...(\n      await Promise.all(\n        ignoreFiles.map(async filepath =>\n          ignoreFileToGlobPatterns(\n            await fs.readFile(filepath, 'utf8'),\n            filepath,\n            cwd\n          )\n        )\n      )\n    ).flat()\n  ]\n  const hasNegatedPattern = ignores.some(p => p.charCodeAt(0) === 33 /*'!'*/)\n  const globOptions = {\n    absolute: true,\n    cwd,\n    expandDirectories: false,\n    ignore: hasNegatedPattern ? [] : ignores,\n    ...additionalOptions\n  }\n  const result = await tinyGlob(patterns, globOptions)\n  if (!hasNegatedPattern) {\n    return result\n  }\n  const { absolute } = globOptions\n\n  // Note: the input files must be INSIDE the cwd. If you get strange looking\n  // relative path errors here, most likely your path is outside the given cwd.\n  const filtered = ignore()\n    .add(ignores)\n    .filter(absolute ? result.map(p => path.relative(cwd, p)) : result)\n  return absolute ? filtered.map(p => path.resolve(cwd, p)) : filtered\n}\n\nfunction ignoreFileLinesToGlobPatterns(\n  lines: string[],\n  filepath: string,\n  cwd: string\n): string[] {\n  const base = path.relative(cwd, path.dirname(filepath)).replace(/\\\\/g, '/')\n  const patterns = []\n  for (let i = 0, { length } = lines; i < length; i += 1) {\n    const pattern = lines[i]!.trim()\n    if (pattern.length > 0 && pattern.charCodeAt(0) !== 35 /*'#'*/) {\n      patterns.push(\n        ignorePatternToMinimatch(\n          pattern.length && pattern.charCodeAt(0) === 33 /*'!'*/\n            ? `!${path.posix.join(base, pattern.slice(1))}`\n            : path.posix.join(base, pattern)\n        )\n      )\n    }\n  }\n  return patterns\n}\n\nfunction ignoreFileToGlobPatterns(\n  content: string,\n  filepath: string,\n  cwd: string\n): string[] {\n  return ignoreFileLinesToGlobPatterns(content.split(/\\r?\\n/), filepath, cwd)\n}\n\n// Based on `@eslint/compat` convertIgnorePatternToMinimatch.\n// Apache v2.0 licensed\n// Copyright Nicholas C. Zakas\n// https://github.com/eslint/rewrite/blob/compat-v1.2.1/packages/compat/src/ignore-file.js#L28\nfunction ignorePatternToMinimatch(pattern: string): string {\n  const isNegated = pattern.startsWith('!')\n  const negatedPrefix = isNegated ? '!' : ''\n  const patternToTest = (isNegated ? pattern.slice(1) : pattern).trimEnd()\n  // Special cases.\n  if (\n    patternToTest === '' ||\n    patternToTest === '**' ||\n    patternToTest === '/**' ||\n    patternToTest === '**'\n  ) {\n    return `${negatedPrefix}${patternToTest}`\n  }\n  const firstIndexOfSlash = patternToTest.indexOf('/')\n  const matchEverywherePrefix =\n    firstIndexOfSlash === -1 || firstIndexOfSlash === patternToTest.length - 1\n      ? '**/'\n      : ''\n  const patternWithoutLeadingSlash =\n    firstIndexOfSlash === 0 ? patternToTest.slice(1) : patternToTest\n  // Escape `{` and `(` because in gitignore patterns they are just\n  // literal characters without any specific syntactic meaning,\n  // while in minimatch patterns they can form brace expansion or extglob syntax.\n  //\n  // For example, gitignore pattern `src/{a,b}.js` ignores file `src/{a,b}.js`.\n  // But, the same minimatch pattern `src/{a,b}.js` ignores files `src/a.js` and `src/b.js`.\n  // Minimatch pattern `src/\\{a,b}.js` is equivalent to gitignore pattern `src/{a,b}.js`.\n  const escapedPatternWithoutLeadingSlash =\n    patternWithoutLeadingSlash.replaceAll(\n      /(?=((?:\\\\.|[^{(])*))\\1([{(])/guy,\n      '$1\\\\$2'\n    )\n  const matchInsideSuffix = patternToTest.endsWith('/**') ? '/*' : ''\n  return `${negatedPrefix}${matchEverywherePrefix}${escapedPatternWithoutLeadingSlash}${matchInsideSuffix}`\n}\n\nfunction pathsToPatterns(paths: string[]): string[] {\n  // TODO: Does not support `~/` paths.\n  return paths.map(p => (p === '.' ? '**/*' : p))\n}\n\nexport function findBinPathDetailsSync(binName: string): {\n  name: string\n  path: string | undefined\n  shadowed: boolean\n} {\n  let shadowIndex = -1\n  const bins =\n    which.sync(binName, {\n      all: true,\n      nothrow: true\n    }) ?? []\n  let binPath: string | undefined\n  for (let i = 0, { length } = bins; i < length; i += 1) {\n    const bin = realpathSync.native(bins[i]!)\n    // Skip our bin directory if it's in the front.\n    if (path.dirname(bin) === shadowBinPath) {\n      shadowIndex = i\n    } else {\n      binPath = bin\n      break\n    }\n  }\n  return { name: binName, path: binPath, shadowed: shadowIndex !== -1 }\n}\n\nexport function findNpmPathSync(npmBinPath: string): string | undefined {\n  let thePath = npmBinPath\n  while (true) {\n    const nmPath = path.join(thePath, NODE_MODULES)\n    if (\n      // npm bin paths may look like:\n      // /usr/local/share/npm/bin/npm\n      // /Users/SomeUsername/.nvm/versions/node/vX.X.X/bin/npm\n      // C:\\Users\\SomeUsername\\AppData\\Roaming\\npm\\bin\\npm.cmd\n      // OR\n      // C:\\Program Files\\nodejs\\npm.cmd\n      //\n      // In all cases the npm path contains a node_modules folder:\n      // /usr/local/share/npm/bin/npm/node_modules\n      // C:\\Program Files\\nodejs\\node_modules\n      //\n      // Use existsSync here because statsSync, even with { throwIfNoEntry: false },\n      // will throw an ENOTDIR error for paths like ./a-file-that-exists/a-directory-that-does-not.\n      // See https://github.com/nodejs/node/issues/56993.\n      existsSync(nmPath) &&\n      statSync(nmPath, { throwIfNoEntry: false })?.isDirectory() &&\n      // Optimistically look for the default location.\n      (path.basename(thePath) === NPM ||\n        // Chocolatey installs npm bins in the same directory as node bins.\n        // Lazily access constants.WIN32.\n        (constants.WIN32 && existsSync(path.join(thePath, `${NPM}.cmd`))))\n    ) {\n      return thePath\n    }\n    const parent = path.dirname(thePath)\n    if (parent === thePath) {\n      return undefined\n    }\n    thePath = parent\n  }\n}\n\nexport async function getPackageFiles(\n  cwd: string,\n  inputPaths: string[],\n  config: SocketYml | undefined,\n  supportedFiles: SocketSdkReturnType<'getReportSupportedFiles'>['data']\n): Promise<string[]> {\n  debugLog(`Globbed resolving ${inputPaths.length} paths:`, inputPaths)\n\n  const entries = await globWithGitIgnore(pathsToPatterns(inputPaths), {\n    cwd,\n    socketConfig: config\n  })\n\n  debugLog(\n    `Globbed resolved ${inputPaths.length} paths to ${entries.length} paths:`,\n    entries\n  )\n\n  const packageFiles = await filterGlobResultToSupportedFiles(\n    entries,\n    supportedFiles\n  )\n\n  debugLog(\n    `Mapped ${entries.length} entries to ${packageFiles.length} files:`,\n    packageFiles\n  )\n\n  return packageFiles\n}\n\nexport async function getPackageFilesFullScans(\n  cwd: string,\n  inputPaths: string[],\n  supportedFiles: SocketSdkReturnType<'getReportSupportedFiles'>['data'],\n  debugLog: typeof console.error = () => {}\n): Promise<string[]> {\n  debugLog(`Globbed resolving ${inputPaths.length} paths:`, inputPaths)\n\n  const entries = await globWithGitIgnore(pathsToPatterns(inputPaths), {\n    cwd\n  })\n\n  debugLog(\n    `Globbed resolved ${inputPaths.length} paths to ${entries.length} paths:`,\n    entries\n  )\n\n  const packageFiles = await filterGlobResultToSupportedFiles(\n    entries,\n    supportedFiles\n  )\n\n  debugLog(\n    `Mapped ${entries.length} entries to ${packageFiles.length} files:`,\n    packageFiles\n  )\n\n  return packageFiles\n}\n","import { existsSync } from 'node:fs'\nimport Module from 'node:module'\nimport path from 'node:path'\nimport process from 'node:process'\n\nimport { normalizePath } from '@socketsecurity/registry/lib/path'\n\nimport constants from '../constants'\nimport { findBinPathDetailsSync, findNpmPathSync } from '../utils/path-resolve'\n\nconst { NODE_MODULES, NPM, NPX, SOCKET_CLI_ISSUES_URL } = constants\n\nfunction exitWithBinPathError(binName: string): never {\n  console.error(\n    `Socket unable to locate ${binName}; ensure it is available in the PATH environment variable.`\n  )\n  // The exit code 127 indicates that the command or binary being executed\n  // could not be found.\n  process.exit(127)\n}\n\nlet _npmBinPathDetails: ReturnType<typeof findBinPathDetailsSync> | undefined\nfunction getNpmBinPathDetails(): ReturnType<typeof findBinPathDetailsSync> {\n  if (_npmBinPathDetails === undefined) {\n    _npmBinPathDetails = findBinPathDetailsSync(NPM)\n  }\n  return _npmBinPathDetails\n}\n\nlet _npxBinPathDetails: ReturnType<typeof findBinPathDetailsSync> | undefined\nfunction getNpxBinPathDetails(): ReturnType<typeof findBinPathDetailsSync> {\n  if (_npxBinPathDetails === undefined) {\n    _npxBinPathDetails = findBinPathDetailsSync(NPX)\n  }\n  return _npxBinPathDetails\n}\n\nlet _npmBinPath: string | undefined\nexport function getNpmBinPath(): string {\n  if (_npmBinPath === undefined) {\n    _npmBinPath = getNpmBinPathDetails().path\n    if (!_npmBinPath) {\n      exitWithBinPathError(NPM)\n    }\n  }\n  return _npmBinPath\n}\n\nexport function isNpmBinPathShadowed() {\n  return getNpmBinPathDetails().shadowed\n}\n\nlet _npxBinPath: string | undefined\nexport function getNpxBinPath(): string {\n  if (_npxBinPath === undefined) {\n    _npxBinPath = getNpxBinPathDetails().path\n    if (!_npxBinPath) {\n      exitWithBinPathError(NPX)\n    }\n  }\n  return _npxBinPath\n}\n\nexport function isNpxBinPathShadowed() {\n  return getNpxBinPathDetails().shadowed\n}\n\nlet _npmPath: string | undefined\nexport function getNpmPath() {\n  if (_npmPath === undefined) {\n    const npmBinPath = getNpmBinPath()\n    _npmPath = npmBinPath ? findNpmPathSync(npmBinPath) : undefined\n    if (!_npmPath) {\n      let message = 'Unable to find npm CLI install directory.'\n      if (npmBinPath) {\n        message += `\\nSearched parent directories of ${path.dirname(npmBinPath)}.`\n      }\n      message += `\\n\\nThis is may be a bug with socket-npm related to changes to the npm CLI.\\nPlease report to ${SOCKET_CLI_ISSUES_URL}.`\n      console.error(message)\n      // The exit code 127 indicates that the command or binary being executed\n      // could not be found.\n      process.exit(127)\n    }\n  }\n  return _npmPath\n}\n\nlet _npmRequire: NodeJS.Require | undefined\nexport function getNpmRequire(): NodeJS.Require {\n  if (_npmRequire === undefined) {\n    const npmPath = getNpmPath()\n    const npmNmPath = path.join(npmPath, NODE_MODULES, NPM)\n    _npmRequire = Module.createRequire(\n      path.join(existsSync(npmNmPath) ? npmNmPath : npmPath, '<dummy-basename>')\n    )\n  }\n  return _npmRequire\n}\n\nlet _arboristPkgPath: string | undefined\nexport function getArboristPackagePath() {\n  if (_arboristPkgPath === undefined) {\n    const pkgName = '@npmcli/arborist'\n    const mainPathWithForwardSlashes = normalizePath(\n      getNpmRequire().resolve(pkgName)\n    )\n    const arboristPkgPathWithForwardSlashes = mainPathWithForwardSlashes.slice(\n      0,\n      mainPathWithForwardSlashes.lastIndexOf(pkgName) + pkgName.length\n    )\n    // Lazily access constants.WIN32.\n    _arboristPkgPath = constants.WIN32\n      ? path.normalize(arboristPkgPathWithForwardSlashes)\n      : arboristPkgPathWithForwardSlashes\n  }\n  return _arboristPkgPath\n}\n\nlet _arboristClassPath: string | undefined\nexport function getArboristClassPath() {\n  if (_arboristClassPath === undefined) {\n    _arboristClassPath = path.join(\n      getArboristPackagePath(),\n      'lib/arborist/index.js'\n    )\n  }\n  return _arboristClassPath\n}\n\nlet _arboristDepValidPath: string | undefined\nexport function getArboristDepValidPath() {\n  if (_arboristDepValidPath === undefined) {\n    _arboristDepValidPath = path.join(\n      getArboristPackagePath(),\n      'lib/dep-valid.js'\n    )\n  }\n  return _arboristDepValidPath\n}\n\nlet _arboristEdgeClassPath: string | undefined\nexport function getArboristEdgeClassPath() {\n  if (_arboristEdgeClassPath === undefined) {\n    _arboristEdgeClassPath = path.join(getArboristPackagePath(), 'lib/edge.js')\n  }\n  return _arboristEdgeClassPath\n}\n\nlet _arboristNodeClassPath: string | undefined\nexport function getArboristNodeClassPath() {\n  if (_arboristNodeClassPath === undefined) {\n    _arboristNodeClassPath = path.join(getArboristPackagePath(), 'lib/node.js')\n  }\n  return _arboristNodeClassPath\n}\n\nlet _arboristOverrideSetClassPath: string | undefined\nexport function getArboristOverrideSetClassPath() {\n  if (_arboristOverrideSetClassPath === undefined) {\n    _arboristOverrideSetClassPath = path.join(\n      getArboristPackagePath(),\n      'lib/override-set.js'\n    )\n  }\n  return _arboristOverrideSetClassPath\n}\n"],"names":["_logSymbols","__proto__","info","success","warning","error","constructor","shadowBinPath","cwd","absolute","expandDirectories","ignore","length","all","nothrow","shadowIndex","binPath","name","path","existsSync","throwIfNoEntry","constants","thePath","socketConfig","debugLog","SOCKET_CLI_ISSUES_URL","console","process","_npmBinPathDetails","_npxBinPathDetails","_npmBinPath","_npxBinPath","_arboristPkgPath"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;AAYA;AACO;;AAEHA;AAEMC;AACAC;AACAC;AACAC;AACAC;AACF;AAEEJ;AACAC;AACAC;AACAC;AACAC;;AAER;AACA;AACF;AAEO;AACL;AACAC;AACE;AACF;;AAGE;AACF;;AAGE;AACF;;AAGE;AACF;AACF;;;AChDO;AACL;AACA;AACF;AAEO;;;AAGL;AACF;;ACZA;AACE;AACA;AACA;AAAQ;AACR;AAAQ;AACR;AAAe;AACf;AAAe;AACf;AAAS;AACT;AAAoB;AACpB;AAAY;AACZ;AAAgB;AAChB;AACA;AACA;AAGF;AAEO;;AAEP;;ACCA;;;AAA2BC;AAAc;AAEzC;AAIE;AAEI;;AAMA;;AAIJ;AACF;AAEA;;AAKIC;;;AAGF;AAAgCP;;;AAChC;;AAEEQ;;AAEAC;AACF;AACA;AAqBA;AACA;AACED;;AAEAC;AACAC;;;;;AAKA;AACF;;AACQF;AAAS;;AAEjB;AACA;AACA;AAGA;AACF;AAEA;;;AAOE;AAAkBG;;;AAEhB;;AAQA;AACF;AACA;AACF;AAEA;AAKE;AACF;;AAEA;AACA;AACA;AACA;AACA;AACE;AACA;AACA;AACA;AACA;AAME;AACF;AACA;AACA;AAIA;AAEA;AACA;AACA;AACA;AACA;AACA;AACA;;;;AAQF;AAEA;AACE;AACA;AACF;AAEO;;AAML;AAEIC;AACAC;;AAEJ;AACA;AAAkBF;;;AAEhB;;AAEEG;AACF;AACEC;AACA;AACF;AACF;;AACSC;AAAeC;;;AAC1B;AAEO;;AAEL;;AAEE;AACE;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACAC;AACmBC;AAAsB;AACzC;AACCF;AACC;AACA;AACCG;AAEH;AACF;AACA;;AAEE;AACF;AACAC;AACF;AACF;AAEO;;;;AAUHC;AACF;AAEAC;;AAUAA;AAKA;AACF;AAEO;;;AASHhB;AACF;AAEAgB;;AAUAA;AAKA;AACF;;AC9RA;;;;AAAgCC;AAAsB;AAEtD;AACEC;AAGA;AACA;AACAC;AACF;AAEA;AACA;;AAEIC;AACF;AACA;AACF;AAEA;AACA;;AAEIC;AACF;AACA;AACF;AAEA;AACO;;AAEHC;;;AAGA;AACF;AACA;AACF;AAEO;AACL;AACF;AAEA;AACO;;AAEHC;;;AAGA;AACF;AACA;AACF;AAEO;AACL;AACF;AAEA;AACO;;AAEH;;;;AAIE;;AAEA;;AAEAL;AACA;AACA;AACAC;AACF;AACF;AACA;AACF;AAEA;AACO;;AAEH;;;AAKF;AACA;AACF;AAEA;AACO;;;AAGH;AAGA;AAIA;AACAK;AAGF;AACA;AACF;AAEA;AACO;;;AAML;AACA;AACF;AAEA;AACO;;;AAML;AACA;AACF;AAEA;AACO;;;AAGL;AACA;AACF;AAEA;AACO;;;AAGL;AACA;AACF;AAEA;AACO;;;AAML;AACA;AACF;;;;;;;;;;;;;;;;;","debugId":"ff4e9bce-e186-418c-a87c-6ea63ce4776e"}
+{"version":3,"file":"npm-paths.js","sources":["../../src/utils/logging.ts","../../src/utils/debug.ts","../../src/utils/ignore-by-default.ts","../../src/utils/path-resolve.ts","../../src/shadow/npm-paths.ts"],"sourcesContent":["import colors from 'yoctocolors-cjs'\n\nimport isUnicodeSupported from '@socketregistry/is-unicode-supported/index.cjs'\nimport { Spinner } from '@socketsecurity/registry/lib/spinner'\n\nexport type LogSymbols = {\n  info: string\n  success: string\n  warning: string\n  error: string\n}\n\nlet _logSymbols: LogSymbols | undefined\nexport function getLogSymbols() {\n  if (_logSymbols === undefined) {\n    _logSymbols = <LogSymbols>(isUnicodeSupported()\n      ? {\n          __proto__: null,\n          info: colors.blue('ℹ'),\n          success: colors.green('✔'),\n          warning: colors.yellow('⚠'),\n          error: colors.red('✖️')\n        }\n      : {\n          __proto__: null,\n          info: colors.blue('i'),\n          success: colors.green('√'),\n          warning: colors.yellow('‼'),\n          error: colors.red('×')\n        })\n  }\n  return _logSymbols\n}\n\nexport class Logger {\n  #spinnerLogger: ReturnType<typeof Spinner>\n  constructor() {\n    this.#spinnerLogger = new Spinner()\n  }\n\n  error(text: string) {\n    this.#spinnerLogger.error(text)\n  }\n\n  info(text: string) {\n    this.#spinnerLogger.info(text)\n  }\n\n  warn(text: string) {\n    this.#spinnerLogger.warning(text)\n  }\n}\n\nexport const logger = new Logger()\n","import { getLogSymbols } from './logging'\nimport constants from '../constants'\n\nexport function isDebug() {\n  // Lazily access constants.ENV.\n  return constants.ENV.SOCKET_CLI_DEBUG\n}\n\nexport function debugLog(...args: any[]) {\n  if (isDebug()) {\n    console.error(getLogSymbols().info, ...args)\n  }\n}\n","const ignoredDirs = [\n  // Taken from ignore-by-default:\n  // https://github.com/novemberborn/ignore-by-default/blob/v2.1.0/index.js\n  '.git', // Git repository files, see <https://git-scm.com/>\n  '.log', // Log files emitted by tools such as `tsserver`, see <https://github.com/Microsoft/TypeScript/wiki/Standalone-Server-%28tsserver%29>\n  '.nyc_output', // Temporary directory where nyc stores coverage data, see <https://github.com/bcoe/nyc>\n  '.sass-cache', // Cache folder for node-sass, see <https://github.com/sass/node-sass>\n  '.yarn', // Where node modules are installed when using Yarn, see <https://yarnpkg.com/>\n  'bower_components', // Where Bower packages are installed, see <http://bower.io/>\n  'coverage', // Standard output directory for code coverage reports, see <https://github.com/gotwarlost/istanbul>\n  'node_modules', // Where Node modules are installed, see <https://nodejs.org/>\n  // Taken from globby:\n  // https://github.com/sindresorhus/globby/blob/v14.0.2/ignore.js#L11-L16\n  'flow-typed'\n] as const\n\nconst ignoredDirPatterns = ignoredDirs.map(i => `**/${i}`)\n\nexport function directoryPatterns() {\n  return [...ignoredDirPatterns]\n}\n","import { existsSync, promises as fs, realpathSync, statSync } from 'node:fs'\nimport path from 'node:path'\nimport process from 'node:process'\n\nimport ignore from 'ignore'\nimport micromatch from 'micromatch'\nimport { glob as tinyGlob } from 'tinyglobby'\nimport which from 'which'\n\nimport { debugLog } from './debug'\nimport { directoryPatterns } from './ignore-by-default'\nimport constants from '../constants'\n\nimport type { SocketYml } from '@socketsecurity/config'\nimport type { SocketSdkReturnType } from '@socketsecurity/sdk'\nimport type { GlobOptions } from 'tinyglobby'\n\ntype GlobWithGitIgnoreOptions = GlobOptions & {\n  socketConfig?: SocketYml | undefined\n}\n\nconst { NODE_MODULES, NPM, shadowBinPath } = constants\n\nasync function filterGlobResultToSupportedFiles(\n  entries: string[],\n  supportedFiles: SocketSdkReturnType<'getReportSupportedFiles'>['data']\n): Promise<string[]> {\n  const patterns = ['golang', NPM, 'maven', 'pypi'].reduce(\n    (r: string[], n: string) => {\n      const supported = supportedFiles[n]\n      r.push(\n        ...(supported\n          ? Object.values(supported).map(p => `**/${p.pattern}`)\n          : [])\n      )\n      return r\n    },\n    []\n  )\n  return entries.filter(p => micromatch.some(p, patterns))\n}\n\nasync function globWithGitIgnore(\n  patterns: string[],\n  options: GlobWithGitIgnoreOptions\n) {\n  const {\n    cwd = process.cwd(),\n    socketConfig,\n    ...additionalOptions\n  } = <GlobWithGitIgnoreOptions>{ __proto__: null, ...options }\n  const projectIgnorePaths = socketConfig?.projectIgnorePaths\n  const ignoreFiles = await tinyGlob(['**/.gitignore'], {\n    absolute: true,\n    cwd,\n    expandDirectories: true\n  })\n  const ignores = [\n    ...directoryPatterns(),\n    ...(Array.isArray(projectIgnorePaths)\n      ? ignoreFileLinesToGlobPatterns(\n          projectIgnorePaths,\n          path.join(cwd, '.gitignore'),\n          cwd\n        )\n      : []),\n    ...(\n      await Promise.all(\n        ignoreFiles.map(async filepath =>\n          ignoreFileToGlobPatterns(\n            await fs.readFile(filepath, 'utf8'),\n            filepath,\n            cwd\n          )\n        )\n      )\n    ).flat()\n  ]\n  const hasNegatedPattern = ignores.some(p => p.charCodeAt(0) === 33 /*'!'*/)\n  const globOptions = {\n    absolute: true,\n    cwd,\n    expandDirectories: false,\n    ignore: hasNegatedPattern ? [] : ignores,\n    ...additionalOptions\n  }\n  const result = await tinyGlob(patterns, globOptions)\n  if (!hasNegatedPattern) {\n    return result\n  }\n  const { absolute } = globOptions\n\n  // Note: the input files must be INSIDE the cwd. If you get strange looking\n  // relative path errors here, most likely your path is outside the given cwd.\n  const filtered = ignore()\n    .add(ignores)\n    .filter(absolute ? result.map(p => path.relative(cwd, p)) : result)\n  return absolute ? filtered.map(p => path.resolve(cwd, p)) : filtered\n}\n\nfunction ignoreFileLinesToGlobPatterns(\n  lines: string[],\n  filepath: string,\n  cwd: string\n): string[] {\n  const base = path.relative(cwd, path.dirname(filepath)).replace(/\\\\/g, '/')\n  const patterns = []\n  for (let i = 0, { length } = lines; i < length; i += 1) {\n    const pattern = lines[i]!.trim()\n    if (pattern.length > 0 && pattern.charCodeAt(0) !== 35 /*'#'*/) {\n      patterns.push(\n        ignorePatternToMinimatch(\n          pattern.length && pattern.charCodeAt(0) === 33 /*'!'*/\n            ? `!${path.posix.join(base, pattern.slice(1))}`\n            : path.posix.join(base, pattern)\n        )\n      )\n    }\n  }\n  return patterns\n}\n\nfunction ignoreFileToGlobPatterns(\n  content: string,\n  filepath: string,\n  cwd: string\n): string[] {\n  return ignoreFileLinesToGlobPatterns(content.split(/\\r?\\n/), filepath, cwd)\n}\n\n// Based on `@eslint/compat` convertIgnorePatternToMinimatch.\n// Apache v2.0 licensed\n// Copyright Nicholas C. Zakas\n// https://github.com/eslint/rewrite/blob/compat-v1.2.1/packages/compat/src/ignore-file.js#L28\nfunction ignorePatternToMinimatch(pattern: string): string {\n  const isNegated = pattern.startsWith('!')\n  const negatedPrefix = isNegated ? '!' : ''\n  const patternToTest = (isNegated ? pattern.slice(1) : pattern).trimEnd()\n  // Special cases.\n  if (\n    patternToTest === '' ||\n    patternToTest === '**' ||\n    patternToTest === '/**' ||\n    patternToTest === '**'\n  ) {\n    return `${negatedPrefix}${patternToTest}`\n  }\n  const firstIndexOfSlash = patternToTest.indexOf('/')\n  const matchEverywherePrefix =\n    firstIndexOfSlash === -1 || firstIndexOfSlash === patternToTest.length - 1\n      ? '**/'\n      : ''\n  const patternWithoutLeadingSlash =\n    firstIndexOfSlash === 0 ? patternToTest.slice(1) : patternToTest\n  // Escape `{` and `(` because in gitignore patterns they are just\n  // literal characters without any specific syntactic meaning,\n  // while in minimatch patterns they can form brace expansion or extglob syntax.\n  //\n  // For example, gitignore pattern `src/{a,b}.js` ignores file `src/{a,b}.js`.\n  // But, the same minimatch pattern `src/{a,b}.js` ignores files `src/a.js` and `src/b.js`.\n  // Minimatch pattern `src/\\{a,b}.js` is equivalent to gitignore pattern `src/{a,b}.js`.\n  const escapedPatternWithoutLeadingSlash =\n    patternWithoutLeadingSlash.replaceAll(\n      /(?=((?:\\\\.|[^{(])*))\\1([{(])/guy,\n      '$1\\\\$2'\n    )\n  const matchInsideSuffix = patternToTest.endsWith('/**') ? '/*' : ''\n  return `${negatedPrefix}${matchEverywherePrefix}${escapedPatternWithoutLeadingSlash}${matchInsideSuffix}`\n}\n\nfunction pathsToPatterns(paths: string[]): string[] {\n  // TODO: Does not support `~/` paths.\n  return paths.map(p => (p === '.' ? '**/*' : p))\n}\n\nexport function findBinPathDetailsSync(binName: string): {\n  name: string\n  path: string | undefined\n  shadowed: boolean\n} {\n  let shadowIndex = -1\n  const bins =\n    which.sync(binName, {\n      all: true,\n      nothrow: true\n    }) ?? []\n  let binPath: string | undefined\n  for (let i = 0, { length } = bins; i < length; i += 1) {\n    const bin = realpathSync.native(bins[i]!)\n    // Skip our bin directory if it's in the front.\n    if (path.dirname(bin) === shadowBinPath) {\n      shadowIndex = i\n    } else {\n      binPath = bin\n      break\n    }\n  }\n  return { name: binName, path: binPath, shadowed: shadowIndex !== -1 }\n}\n\nexport function findNpmPathSync(npmBinPath: string): string | undefined {\n  let thePath = npmBinPath\n  while (true) {\n    const nmPath = path.join(thePath, NODE_MODULES)\n    if (\n      // npm bin paths may look like:\n      // /usr/local/share/npm/bin/npm\n      // /Users/SomeUsername/.nvm/versions/node/vX.X.X/bin/npm\n      // C:\\Users\\SomeUsername\\AppData\\Roaming\\npm\\bin\\npm.cmd\n      // OR\n      // C:\\Program Files\\nodejs\\npm.cmd\n      //\n      // In all cases the npm path contains a node_modules folder:\n      // /usr/local/share/npm/bin/npm/node_modules\n      // C:\\Program Files\\nodejs\\node_modules\n      //\n      // Use existsSync here because statsSync, even with { throwIfNoEntry: false },\n      // will throw an ENOTDIR error for paths like ./a-file-that-exists/a-directory-that-does-not.\n      // See https://github.com/nodejs/node/issues/56993.\n      existsSync(nmPath) &&\n      statSync(nmPath, { throwIfNoEntry: false })?.isDirectory() &&\n      // Optimistically look for the default location.\n      (path.basename(thePath) === NPM ||\n        // Chocolatey installs npm bins in the same directory as node bins.\n        // Lazily access constants.WIN32.\n        (constants.WIN32 && existsSync(path.join(thePath, `${NPM}.cmd`))))\n    ) {\n      return thePath\n    }\n    const parent = path.dirname(thePath)\n    if (parent === thePath) {\n      return undefined\n    }\n    thePath = parent\n  }\n}\n\nexport async function getPackageFiles(\n  cwd: string,\n  inputPaths: string[],\n  config: SocketYml | undefined,\n  supportedFiles: SocketSdkReturnType<'getReportSupportedFiles'>['data']\n): Promise<string[]> {\n  debugLog(`Globbed resolving ${inputPaths.length} paths:`, inputPaths)\n\n  const entries = await globWithGitIgnore(pathsToPatterns(inputPaths), {\n    cwd,\n    socketConfig: config\n  })\n\n  debugLog(\n    `Globbed resolved ${inputPaths.length} paths to ${entries.length} paths:`,\n    entries\n  )\n\n  const packageFiles = await filterGlobResultToSupportedFiles(\n    entries,\n    supportedFiles\n  )\n\n  debugLog(\n    `Mapped ${entries.length} entries to ${packageFiles.length} files:`,\n    packageFiles\n  )\n\n  return packageFiles\n}\n\nexport async function getPackageFilesFullScans(\n  cwd: string,\n  inputPaths: string[],\n  supportedFiles: SocketSdkReturnType<'getReportSupportedFiles'>['data'],\n  debugLog: typeof console.error = () => {}\n): Promise<string[]> {\n  debugLog(`Globbed resolving ${inputPaths.length} paths:`, inputPaths)\n\n  const entries = await globWithGitIgnore(pathsToPatterns(inputPaths), {\n    cwd\n  })\n\n  debugLog(\n    `Globbed resolved ${inputPaths.length} paths to ${entries.length} paths:`,\n    entries\n  )\n\n  const packageFiles = await filterGlobResultToSupportedFiles(\n    entries,\n    supportedFiles\n  )\n\n  debugLog(\n    `Mapped ${entries.length} entries to ${packageFiles.length} files:`,\n    packageFiles\n  )\n\n  return packageFiles\n}\n","import { existsSync } from 'node:fs'\nimport Module from 'node:module'\nimport path from 'node:path'\nimport process from 'node:process'\n\nimport { normalizePath } from '@socketsecurity/registry/lib/path'\n\nimport constants from '../constants'\nimport { findBinPathDetailsSync, findNpmPathSync } from '../utils/path-resolve'\n\nconst { NODE_MODULES, NPM, NPX, SOCKET_CLI_ISSUES_URL } = constants\n\nfunction exitWithBinPathError(binName: string): never {\n  console.error(\n    `Socket unable to locate ${binName}; ensure it is available in the PATH environment variable.`\n  )\n  // The exit code 127 indicates that the command or binary being executed\n  // could not be found.\n  process.exit(127)\n}\n\nlet _npmBinPathDetails: ReturnType<typeof findBinPathDetailsSync> | undefined\nfunction getNpmBinPathDetails(): ReturnType<typeof findBinPathDetailsSync> {\n  if (_npmBinPathDetails === undefined) {\n    _npmBinPathDetails = findBinPathDetailsSync(NPM)\n  }\n  return _npmBinPathDetails\n}\n\nlet _npxBinPathDetails: ReturnType<typeof findBinPathDetailsSync> | undefined\nfunction getNpxBinPathDetails(): ReturnType<typeof findBinPathDetailsSync> {\n  if (_npxBinPathDetails === undefined) {\n    _npxBinPathDetails = findBinPathDetailsSync(NPX)\n  }\n  return _npxBinPathDetails\n}\n\nlet _npmBinPath: string | undefined\nexport function getNpmBinPath(): string {\n  if (_npmBinPath === undefined) {\n    _npmBinPath = getNpmBinPathDetails().path\n    if (!_npmBinPath) {\n      exitWithBinPathError(NPM)\n    }\n  }\n  return _npmBinPath\n}\n\nexport function isNpmBinPathShadowed() {\n  return getNpmBinPathDetails().shadowed\n}\n\nlet _npxBinPath: string | undefined\nexport function getNpxBinPath(): string {\n  if (_npxBinPath === undefined) {\n    _npxBinPath = getNpxBinPathDetails().path\n    if (!_npxBinPath) {\n      exitWithBinPathError(NPX)\n    }\n  }\n  return _npxBinPath\n}\n\nexport function isNpxBinPathShadowed() {\n  return getNpxBinPathDetails().shadowed\n}\n\nlet _npmPath: string | undefined\nexport function getNpmPath() {\n  if (_npmPath === undefined) {\n    const npmBinPath = getNpmBinPath()\n    _npmPath = npmBinPath ? findNpmPathSync(npmBinPath) : undefined\n    if (!_npmPath) {\n      let message = 'Unable to find npm CLI install directory.'\n      if (npmBinPath) {\n        message += `\\nSearched parent directories of ${path.dirname(npmBinPath)}.`\n      }\n      message += `\\n\\nThis is may be a bug with socket-npm related to changes to the npm CLI.\\nPlease report to ${SOCKET_CLI_ISSUES_URL}.`\n      console.error(message)\n      // The exit code 127 indicates that the command or binary being executed\n      // could not be found.\n      process.exit(127)\n    }\n  }\n  return _npmPath\n}\n\nlet _npmRequire: NodeJS.Require | undefined\nexport function getNpmRequire(): NodeJS.Require {\n  if (_npmRequire === undefined) {\n    const npmPath = getNpmPath()\n    const npmNmPath = path.join(npmPath, NODE_MODULES, NPM)\n    _npmRequire = Module.createRequire(\n      path.join(existsSync(npmNmPath) ? npmNmPath : npmPath, '<dummy-basename>')\n    )\n  }\n  return _npmRequire\n}\n\nlet _arboristPkgPath: string | undefined\nexport function getArboristPackagePath() {\n  if (_arboristPkgPath === undefined) {\n    const pkgName = '@npmcli/arborist'\n    const mainPathWithForwardSlashes = normalizePath(\n      getNpmRequire().resolve(pkgName)\n    )\n    const arboristPkgPathWithForwardSlashes = mainPathWithForwardSlashes.slice(\n      0,\n      mainPathWithForwardSlashes.lastIndexOf(pkgName) + pkgName.length\n    )\n    // Lazily access constants.WIN32.\n    _arboristPkgPath = constants.WIN32\n      ? path.normalize(arboristPkgPathWithForwardSlashes)\n      : arboristPkgPathWithForwardSlashes\n  }\n  return _arboristPkgPath\n}\n\nlet _arboristClassPath: string | undefined\nexport function getArboristClassPath() {\n  if (_arboristClassPath === undefined) {\n    _arboristClassPath = path.join(\n      getArboristPackagePath(),\n      'lib/arborist/index.js'\n    )\n  }\n  return _arboristClassPath\n}\n\nlet _arboristDepValidPath: string | undefined\nexport function getArboristDepValidPath() {\n  if (_arboristDepValidPath === undefined) {\n    _arboristDepValidPath = path.join(\n      getArboristPackagePath(),\n      'lib/dep-valid.js'\n    )\n  }\n  return _arboristDepValidPath\n}\n\nlet _arboristEdgeClassPath: string | undefined\nexport function getArboristEdgeClassPath() {\n  if (_arboristEdgeClassPath === undefined) {\n    _arboristEdgeClassPath = path.join(getArboristPackagePath(), 'lib/edge.js')\n  }\n  return _arboristEdgeClassPath\n}\n\nlet _arboristNodeClassPath: string | undefined\nexport function getArboristNodeClassPath() {\n  if (_arboristNodeClassPath === undefined) {\n    _arboristNodeClassPath = path.join(getArboristPackagePath(), 'lib/node.js')\n  }\n  return _arboristNodeClassPath\n}\n\nlet _arboristOverrideSetClassPath: string | undefined\nexport function getArboristOverrideSetClassPath() {\n  if (_arboristOverrideSetClassPath === undefined) {\n    _arboristOverrideSetClassPath = path.join(\n      getArboristPackagePath(),\n      'lib/override-set.js'\n    )\n  }\n  return _arboristOverrideSetClassPath\n}\n"],"names":["_logSymbols","__proto__","info","success","warning","error","constructor","shadowBinPath","cwd","absolute","expandDirectories","ignore","length","all","nothrow","shadowIndex","binPath","name","path","existsSync","throwIfNoEntry","constants","thePath","socketConfig","debugLog","SOCKET_CLI_ISSUES_URL","console","process","_npmBinPathDetails","_npxBinPathDetails","_npmBinPath","_npxBinPath","_arboristPkgPath"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;AAYA;AACO;;AAEHA;AAEMC;AACAC;AACAC;AACAC;AACAC;AACF;AAEEJ;AACAC;AACAC;AACAC;AACAC;;AAER;AACA;AACF;AAEO;AACL;AACAC;AACE;AACF;;AAGE;AACF;;AAGE;AACF;;AAGE;AACF;AACF;;;AChDO;AACL;AACA;AACF;AAEO;;;AAGL;AACF;;ACZA;AACE;AACA;AACA;AAAQ;AACR;AAAQ;AACR;AAAe;AACf;AAAe;AACf;AAAS;AACT;AAAoB;AACpB;AAAY;AACZ;AAAgB;AAChB;AACA;AACA;AAGF;AAEO;;AAEP;;ACCA;;;AAA2BC;AAAc;AAEzC;AAIE;AAEI;;AAMA;;AAIJ;AACF;AAEA;;AAKIC;;;AAGF;AAAgCP;;;AAChC;;AAEEQ;;AAEAC;AACF;AACA;AAqBA;AACA;AACED;;AAEAC;AACAC;;;;;AAKA;AACF;;AACQF;AAAS;;AAEjB;AACA;AACA;AAGA;AACF;AAEA;;;AAOE;AAAkBG;;;AAEhB;;AAQA;AACF;AACA;AACF;AAEA;AAKE;AACF;;AAEA;AACA;AACA;AACA;AACA;AACE;AACA;AACA;AACA;AACA;AAME;AACF;AACA;AACA;AAIA;AAEA;AACA;AACA;AACA;AACA;AACA;AACA;;;;AAQF;AAEA;AACE;AACA;AACF;AAEO;;AAML;AAEIC;AACAC;;AAEJ;AACA;AAAkBF;;;AAEhB;;AAEEG;AACF;AACEC;AACA;AACF;AACF;;AACSC;AAAeC;;;AAC1B;AAEO;;AAEL;;AAEE;AACE;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACAC;AACmBC;AAAsB;AACzC;AACCF;AACC;AACA;AACCG;AAEH;AACF;AACA;;AAEE;AACF;AACAC;AACF;AACF;AAEO;;;;AAUHC;AACF;AAEAC;;AAUAA;AAKA;AACF;AAEO;;;AASHhB;AACF;AAEAgB;;AAUAA;AAKA;AACF;;AC9RA;;;;AAAgCC;AAAsB;AAEtD;AACEC;AAGA;AACA;AACAC;AACF;AAEA;AACA;;AAEIC;AACF;AACA;AACF;AAEA;AACA;;AAEIC;AACF;AACA;AACF;AAEA;AACO;;AAEHC;;;AAGA;AACF;AACA;AACF;AAEO;AACL;AACF;AAEA;AACO;;AAEHC;;;AAGA;AACF;AACA;AACF;AAEO;AACL;AACF;AAEA;AACO;;AAEH;;;;AAIE;;AAEA;;AAEAL;AACA;AACA;AACAC;AACF;AACF;AACA;AACF;AAEA;AACO;;AAEH;;;AAKF;AACA;AACF;AAEA;AACO;;;AAGH;AAGA;AAIA;AACAK;AAGF;AACA;AACF;AAEA;AACO;;;AAML;AACA;AACF;AAEA;AACO;;;AAML;AACA;AACF;AAEA;AACO;;;AAGL;AACA;AACF;AAEA;AACO;;;AAGL;AACA;AACF;AAEA;AACO;;;AAML;AACA;AACF;;;;;;;;;;;;;;;;;","debugId":"86fc9821-b01f-4210-8d26-6d3ece42c533"}

package/dist/module-sync/npm.js

@@ -13,12 +13,12 @@ var process = require('node:process');
 var spawn = _socketInterop(require('@npmcli/promise-spawn'));
 var objects = require('@socketsecurity/registry/lib/objects');
 var npmPaths = require('./npm-paths.js');
-var constants = require('./constants2.js');
+var constants = require('./constants.js');
 
 const {
   SOCKET_IPC_HANDSHAKE,
   abortSignal
-} = constants.constants;
+} = constants;
 const auditFlags = new Set(['--audit', '--no-audit']);
 const fundFlags = new Set(['--fund', '--no-fund']);
 
@@ -54,11 +54,11 @@ function safeNpmInstall(opts) {
   const useDebug = npmPaths.isDebug();
   const spawnPromise = spawn(
   // Lazily access constants.execPath.
-  constants.constants.execPath, [
+  constants.execPath, [
   // Lazily access constants.nodeNoWarningsFlags.
-  ...constants.constants.nodeNoWarningsFlags, '--require',
+  ...constants.nodeNoWarningsFlags, '--require',
   // Lazily access constants.npmInjectionPath.
-  constants.constants.npmInjectionPath, npmPaths.getNpmBinPath(), 'install',
+  constants.npmInjectionPath, npmPaths.getNpmBinPath(), 'install',
   // Even though the '--silent' flag is passed npm will still run through
   // code paths for 'audit' and 'fund' unless '--no-audit' and '--no-fund'
   // flags are passed.
@@ -95,5 +95,5 @@ function safeNpmInstall(opts) {
 exports.isLoglevelFlag = isLoglevelFlag;
 exports.isProgressFlag = isProgressFlag;
 exports.safeNpmInstall = safeNpmInstall;
-//# debugId=fcfc8894-7d11-47dd-a73e-8b7ff358443
+//# debugId=73c2e7c8-ac5f-4a8a-8343-be29aaec8a8a
 //# sourceMappingURL=npm.js.map

package/dist/module-sync/npm.js.map

@@ -1 +1 @@
-{"version":3,"file":"npm.js","sources":["../../src/utils/npm.ts"],"sourcesContent":["import process from 'node:process'\n\nimport spawn from '@npmcli/promise-spawn'\n\nimport { isObject } from '@socketsecurity/registry/lib/objects'\n\nimport { isDebug } from './debug'\nimport constants from '../constants'\nimport { getNpmBinPath } from '../shadow/npm-paths'\n\nconst { SOCKET_IPC_HANDSHAKE, abortSignal } = constants\n\nconst auditFlags = new Set(['--audit', '--no-audit'])\n\nconst fundFlags = new Set(['--fund', '--no-fund'])\n\n// https://docs.npmjs.com/cli/v11/using-npm/logging#aliases\nconst logFlags = new Set([\n  '--loglevel',\n  '-d',\n  '--dd',\n  '--ddd',\n  '-q',\n  '--quiet',\n  '-s',\n  '--silent'\n])\n\nconst progressFlags = new Set(['--progress', '--no-progress'])\n\nexport function isAuditFlag(cmdArg: string) {\n  return auditFlags.has(cmdArg)\n}\n\nexport function isFundFlag(cmdArg: string) {\n  return fundFlags.has(cmdArg)\n}\n\nexport function isLoglevelFlag(cmdArg: string) {\n  // https://docs.npmjs.com/cli/v11/using-npm/logging#setting-log-levels\n  return cmdArg.startsWith('--loglevel=') || logFlags.has(cmdArg)\n}\n\nexport function isProgressFlag(cmdArg: string) {\n  return progressFlags.has(cmdArg)\n}\n\ntype SpawnOption = Exclude<Parameters<typeof spawn>[2], undefined>\n\ntype SafeNpmInstallOptions = SpawnOption & {\n  args?: string[]\n  ipc?: object\n}\n\nexport function safeNpmInstall(opts?: SafeNpmInstallOptions) {\n  const { args = [], ipc, ...spawnOptions } = { __proto__: null, ...opts }\n  const terminatorPos = args.indexOf('--')\n  const npmArgs = (\n    terminatorPos === -1 ? args : args.slice(0, terminatorPos)\n  ).filter(a => !isAuditFlag(a) && !isFundFlag(a) && !isProgressFlag(a))\n  const otherArgs = terminatorPos === -1 ? [] : args.slice(terminatorPos)\n  const useIpc = isObject(ipc)\n  const useDebug = isDebug()\n  const spawnPromise = spawn(\n    // Lazily access constants.execPath.\n    constants.execPath,\n    [\n      // Lazily access constants.nodeNoWarningsFlags.\n      ...constants.nodeNoWarningsFlags,\n      '--require',\n      // Lazily access constants.npmInjectionPath.\n      constants.npmInjectionPath,\n      getNpmBinPath(),\n      'install',\n      // Even though the '--silent' flag is passed npm will still run through\n      // code paths for 'audit' and 'fund' unless '--no-audit' and '--no-fund'\n      // flags are passed.\n      '--no-audit',\n      '--no-fund',\n      // Add `--no-progress` and `--silent` flags to fix input being swallowed\n      // by the spinner when running the command with recent versions of npm.\n      '--no-progress',\n      // Add the '--silent' flag if a loglevel flag is not provided and the\n      // SOCKET_CLI_DEBUG environment variable is not truthy.\n      ...(useDebug || npmArgs.some(isLoglevelFlag) ? [] : ['--silent']),\n      ...npmArgs,\n      ...otherArgs\n    ],\n    {\n      signal: abortSignal,\n      // Set stdio to include 'ipc'.\n      // See https://github.com/nodejs/node/blob/v23.6.0/lib/child_process.js#L161-L166\n      // and https://github.com/nodejs/node/blob/v23.6.0/lib/internal/child_process.js#L238.\n      stdio: useDebug\n        ? // 'inherit'\n          useIpc\n          ? [0, 1, 2, 'ipc']\n          : 'inherit'\n        : // 'ignore'\n          useIpc\n          ? ['ignore', 'ignore', 'ignore', 'ipc']\n          : 'ignore',\n      ...spawnOptions,\n      env: {\n        ...process.env,\n        ...spawnOptions.env\n      }\n    }\n  )\n  if (useIpc) {\n    spawnPromise.process.send({ [SOCKET_IPC_HANDSHAKE]: ipc })\n  }\n  return spawnPromise\n}\n"],"names":["abortSignal","args","__proto__","constants","signal","stdio","env","spawnPromise"],"mappings":";;;;;;;;;;;;;;;;;AAUA;;AAA8BA;AAAY;AAE1C;AAEA;;AAEA;AACA;AAWA;AAEO;AACL;AACF;AAEO;AACL;AACF;AAEO;AACL;AACA;AACF;AAEO;AACL;AACF;AASO;;AACGC;;;AAAgC;AAAMC;;;AAC9C;AACA;AAGA;AACA;AACA;;AAEE;;AAGE;AACA;AAEA;AACAC;AAGA;AACA;AACA;AACA;AAEA;AACA;;AAEA;AACA;;AAMAC;AACA;AACA;AACA;AACAC;AACI;;AAIA;;AAIJ;AACAC;;AAEE;AACF;AACF;AAEF;AACEC;AAA4B;AAA4B;AAC1D;AACA;AACF;;;;","debugId":"fcfc8894-7d11-47dd-a73e-8b7ff358443"}
+{"version":3,"file":"npm.js","sources":["../../src/utils/npm.ts"],"sourcesContent":["import process from 'node:process'\n\nimport spawn from '@npmcli/promise-spawn'\n\nimport { isObject } from '@socketsecurity/registry/lib/objects'\n\nimport { isDebug } from './debug'\nimport constants from '../constants'\nimport { getNpmBinPath } from '../shadow/npm-paths'\n\nconst { SOCKET_IPC_HANDSHAKE, abortSignal } = constants\n\nconst auditFlags = new Set(['--audit', '--no-audit'])\n\nconst fundFlags = new Set(['--fund', '--no-fund'])\n\n// https://docs.npmjs.com/cli/v11/using-npm/logging#aliases\nconst logFlags = new Set([\n  '--loglevel',\n  '-d',\n  '--dd',\n  '--ddd',\n  '-q',\n  '--quiet',\n  '-s',\n  '--silent'\n])\n\nconst progressFlags = new Set(['--progress', '--no-progress'])\n\nexport function isAuditFlag(cmdArg: string) {\n  return auditFlags.has(cmdArg)\n}\n\nexport function isFundFlag(cmdArg: string) {\n  return fundFlags.has(cmdArg)\n}\n\nexport function isLoglevelFlag(cmdArg: string) {\n  // https://docs.npmjs.com/cli/v11/using-npm/logging#setting-log-levels\n  return cmdArg.startsWith('--loglevel=') || logFlags.has(cmdArg)\n}\n\nexport function isProgressFlag(cmdArg: string) {\n  return progressFlags.has(cmdArg)\n}\n\ntype SpawnOption = Exclude<Parameters<typeof spawn>[2], undefined>\n\ntype SafeNpmInstallOptions = SpawnOption & {\n  args?: string[]\n  ipc?: object\n}\n\nexport function safeNpmInstall(opts?: SafeNpmInstallOptions) {\n  const { args = [], ipc, ...spawnOptions } = { __proto__: null, ...opts }\n  const terminatorPos = args.indexOf('--')\n  const npmArgs = (\n    terminatorPos === -1 ? args : args.slice(0, terminatorPos)\n  ).filter(a => !isAuditFlag(a) && !isFundFlag(a) && !isProgressFlag(a))\n  const otherArgs = terminatorPos === -1 ? [] : args.slice(terminatorPos)\n  const useIpc = isObject(ipc)\n  const useDebug = isDebug()\n  const spawnPromise = spawn(\n    // Lazily access constants.execPath.\n    constants.execPath,\n    [\n      // Lazily access constants.nodeNoWarningsFlags.\n      ...constants.nodeNoWarningsFlags,\n      '--require',\n      // Lazily access constants.npmInjectionPath.\n      constants.npmInjectionPath,\n      getNpmBinPath(),\n      'install',\n      // Even though the '--silent' flag is passed npm will still run through\n      // code paths for 'audit' and 'fund' unless '--no-audit' and '--no-fund'\n      // flags are passed.\n      '--no-audit',\n      '--no-fund',\n      // Add `--no-progress` and `--silent` flags to fix input being swallowed\n      // by the spinner when running the command with recent versions of npm.\n      '--no-progress',\n      // Add the '--silent' flag if a loglevel flag is not provided and the\n      // SOCKET_CLI_DEBUG environment variable is not truthy.\n      ...(useDebug || npmArgs.some(isLoglevelFlag) ? [] : ['--silent']),\n      ...npmArgs,\n      ...otherArgs\n    ],\n    {\n      signal: abortSignal,\n      // Set stdio to include 'ipc'.\n      // See https://github.com/nodejs/node/blob/v23.6.0/lib/child_process.js#L161-L166\n      // and https://github.com/nodejs/node/blob/v23.6.0/lib/internal/child_process.js#L238.\n      stdio: useDebug\n        ? // 'inherit'\n          useIpc\n          ? [0, 1, 2, 'ipc']\n          : 'inherit'\n        : // 'ignore'\n          useIpc\n          ? ['ignore', 'ignore', 'ignore', 'ipc']\n          : 'ignore',\n      ...spawnOptions,\n      env: {\n        ...process.env,\n        ...spawnOptions.env\n      }\n    }\n  )\n  if (useIpc) {\n    spawnPromise.process.send({ [SOCKET_IPC_HANDSHAKE]: ipc })\n  }\n  return spawnPromise\n}\n"],"names":["abortSignal","args","__proto__","constants","signal","stdio","env","spawnPromise"],"mappings":";;;;;;;;;;;;;;;;;AAUA;;AAA8BA;AAAY;AAE1C;AAEA;;AAEA;AACA;AAWA;AAEO;AACL;AACF;AAEO;AACL;AACF;AAEO;AACL;AACA;AACF;AAEO;AACL;AACF;AASO;;AACGC;;;AAAgC;AAAMC;;;AAC9C;AACA;AAGA;AACA;AACA;;AAEE;;AAGE;AACA;AAEA;AACAC;AAGA;AACA;AACA;AACA;AAEA;AACA;;AAEA;AACA;;AAMAC;AACA;AACA;AACA;AACAC;AACI;;AAIA;;AAIJ;AACAC;;AAEE;AACF;AACF;AAEF;AACEC;AAA4B;AAA4B;AAC1D;AACA;AACF;;;;","debugId":"73c2e7c8-ac5f-4a8a-8343-be29aaec8a8a"}

package/dist/module-sync/shadow-bin.js

@@ -14,13 +14,13 @@ var spawn = _socketInterop(require('@npmcli/promise-spawn'));
 var path = require('node:path');
 var cmdShim = _socketInterop(require('cmd-shim'));
 var npmPaths = require('./npm-paths.js');
-var constants = require('./constants2.js');
+var constants = require('./constants.js');
 var npm = require('./npm.js');
 
 const {
   CLI,
   NPX
-} = constants.constants;
+} = constants;
 async function installLinks(realBinPath, binName) {
   const isNpx = binName === NPX;
   // Find package manager being shadowed by this process.
@@ -28,7 +28,7 @@ async function installLinks(realBinPath, binName) {
   // Lazily access constants.WIN32.
   const {
     WIN32
-  } = constants.constants;
+  } = constants;
   // TODO: Is this early exit needed?
   if (WIN32 && binPath) {
     return binPath;
@@ -39,7 +39,7 @@ async function installLinks(realBinPath, binName) {
     if (WIN32) {
       await cmdShim(
       // Lazily access constants.rootDistPath.
-      path.join(constants.constants.rootDistPath, `${binName}-${CLI}.js`), path.join(realBinPath, binName));
+      path.join(constants.rootDistPath, `${binName}-${CLI}.js`), path.join(realBinPath, binName));
     }
     process.env['PATH'] = `${realBinPath}${path.delimiter}${process.env['PATH']}`;
   }
@@ -51,7 +51,7 @@ const {
   SOCKET_CLI_SENTRY_BUILD,
   SOCKET_IPC_HANDSHAKE,
   abortSignal
-} = constants.constants;
+} = constants;
 async function shadowBin(binName, args = process.argv.slice(2)) {
   process.exitCode = 1;
   const terminatorPos = args.indexOf('--');
@@ -59,17 +59,17 @@ async function shadowBin(binName, args = process.argv.slice(2)) {
   const otherArgs = terminatorPos === -1 ? [] : args.slice(terminatorPos);
   const spawnPromise = spawn(
   // Lazily access constants.execPath.
-  constants.constants.execPath, [
+  constants.execPath, [
   // Lazily access constants.nodeNoWarningsFlags.
-  ...constants.constants.nodeNoWarningsFlags,
+  ...constants.nodeNoWarningsFlags,
   // Lazily access constants.ENV[SOCKET_CLI_SENTRY_BUILD].
-  ...(constants.constants.ENV[SOCKET_CLI_SENTRY_BUILD] ? ['--require',
+  ...(constants.ENV[SOCKET_CLI_SENTRY_BUILD] ? ['--require',
   // Lazily access constants.instrumentWithSentryPath.
-  constants.constants.instrumentWithSentryPath] : []), '--require',
+  constants.instrumentWithSentryPath] : []), '--require',
   // Lazily access constants.npmInjectionPath.
-  constants.constants.npmInjectionPath,
+  constants.npmInjectionPath,
   // Lazily access constants.shadowBinPath.
-  await installLinks(constants.constants.shadowBinPath, binName),
+  await installLinks(constants.shadowBinPath, binName),
   // Add `--no-progress` and `--quiet` flags to fix input being swallowed by
   // the spinner when running the command with recent versions of npm.
   '--no-progress',
@@ -99,5 +99,5 @@ async function shadowBin(binName, args = process.argv.slice(2)) {
 }
 
 module.exports = shadowBin;
-//# debugId=4e5b63c6-e098-4ed6-837b-8200334878cf
+//# debugId=f578bd6f-82f7-4281-b443-42099e9e8c53
 //# sourceMappingURL=shadow-bin.js.map

package/dist/module-sync/shadow-bin.js.map

@@ -1 +1 @@
-{"version":3,"file":"shadow-bin.js","sources":["../../src/shadow/link.ts","../../src/shadow/shadow-bin.ts"],"sourcesContent":["import path from 'node:path'\nimport process from 'node:process'\n\nimport cmdShim from 'cmd-shim'\n\nimport {\n  getNpmBinPath,\n  getNpxBinPath,\n  isNpmBinPathShadowed,\n  isNpxBinPathShadowed\n} from './npm-paths'\nimport constants from '../constants'\n\nconst { CLI, NPX } = constants\n\nexport async function installLinks(\n  realBinPath: string,\n  binName: 'npm' | 'npx'\n): Promise<string> {\n  const isNpx = binName === NPX\n  // Find package manager being shadowed by this process.\n  const binPath = isNpx ? getNpxBinPath() : getNpmBinPath()\n  // Lazily access constants.WIN32.\n  const { WIN32 } = constants\n  // TODO: Is this early exit needed?\n  if (WIN32 && binPath) {\n    return binPath\n  }\n  const shadowed = isNpx ? isNpxBinPathShadowed() : isNpmBinPathShadowed()\n  // Move our bin directory to front of PATH so its found first.\n  if (!shadowed) {\n    if (WIN32) {\n      await cmdShim(\n        // Lazily access constants.rootDistPath.\n        path.join(constants.rootDistPath, `${binName}-${CLI}.js`),\n        path.join(realBinPath, binName)\n      )\n    }\n    process.env['PATH'] =\n      `${realBinPath}${path.delimiter}${process.env['PATH']}`\n  }\n  return binPath\n}\n","import process from 'node:process'\n\nimport spawn from '@npmcli/promise-spawn'\n\nimport { installLinks } from './link'\nimport constants from '../constants'\nimport { isLoglevelFlag, isProgressFlag } from '../utils/npm'\n\nconst {\n  SOCKET_CLI_SAFE_WRAPPER,\n  SOCKET_CLI_SENTRY_BUILD,\n  SOCKET_IPC_HANDSHAKE,\n  abortSignal\n} = constants\n\nexport default async function shadowBin(\n  binName: 'npm' | 'npx',\n  args = process.argv.slice(2)\n) {\n  process.exitCode = 1\n  const terminatorPos = args.indexOf('--')\n  const binArgs = (\n    terminatorPos === -1 ? args : args.slice(0, terminatorPos)\n  ).filter(a => !isProgressFlag(a))\n  const otherArgs = terminatorPos === -1 ? [] : args.slice(terminatorPos)\n  const spawnPromise = spawn(\n    // Lazily access constants.execPath.\n    constants.execPath,\n    [\n      // Lazily access constants.nodeNoWarningsFlags.\n      ...constants.nodeNoWarningsFlags,\n      // Lazily access constants.ENV[SOCKET_CLI_SENTRY_BUILD].\n      ...(constants.ENV[SOCKET_CLI_SENTRY_BUILD]\n        ? [\n            '--require',\n            // Lazily access constants.instrumentWithSentryPath.\n            constants.instrumentWithSentryPath\n          ]\n        : []),\n      '--require',\n      // Lazily access constants.npmInjectionPath.\n      constants.npmInjectionPath,\n      // Lazily access constants.shadowBinPath.\n      await installLinks(constants.shadowBinPath, binName),\n      // Add `--no-progress` and `--quiet` flags to fix input being swallowed by\n      // the spinner when running the command with recent versions of npm.\n      '--no-progress',\n      // Add the '--quiet' flag if a loglevel flag is not provided.\n      ...(binArgs.some(isLoglevelFlag) ? [] : ['--quiet']),\n      ...binArgs,\n      ...otherArgs\n    ],\n    {\n      signal: abortSignal,\n      // 'inherit' + 'ipc'\n      stdio: [0, 1, 2, 'ipc']\n    }\n  )\n  // See https://nodejs.org/api/all.html#all_child_process_event-exit.\n  spawnPromise.process.on('exit', (code, signalName) => {\n    if (abortSignal.aborted) {\n      return\n    }\n    if (signalName) {\n      process.kill(process.pid, signalName)\n    } else if (code !== null) {\n      process.exit(code)\n    }\n  })\n  spawnPromise.process.send({\n    [SOCKET_IPC_HANDSHAKE]: {\n      [SOCKET_CLI_SAFE_WRAPPER]: true\n    }\n  })\n  await spawnPromise\n}\n"],"names":["NPX","WIN32","process","abortSignal","constants","signal","spawnPromise"],"mappings":";;;;;;;;;;;;;;;;;;;AAaA;;AAAaA;AAAI;AAEV;AAIL;AACA;;AAEA;;AACQC;AAAM;AACd;;AAEE;AACF;;AAEA;;AAEE;AACE;AACE;;AAIJ;AACAC;AAEF;AACA;AACF;;AClCA;;;;AAIEC;AACF;AAEe;;AAKb;AACA;AAGA;;AAEE;;AAGE;;AAEA;;AAIM;AACAC;AAIN;AACAA;AACA;AACA;AACA;AACA;;AAEA;;AAMAC;AACA;;AAEF;AAEF;;;AAGI;AACF;AACA;;AAEA;AACEH;AACF;AACF;AACAI;AACE;AACE;AACF;AACF;AACA;AACF;;","debugId":"4e5b63c6-e098-4ed6-837b-8200334878cf"}
+{"version":3,"file":"shadow-bin.js","sources":["../../src/shadow/link.ts","../../src/shadow/shadow-bin.ts"],"sourcesContent":["import path from 'node:path'\nimport process from 'node:process'\n\nimport cmdShim from 'cmd-shim'\n\nimport {\n  getNpmBinPath,\n  getNpxBinPath,\n  isNpmBinPathShadowed,\n  isNpxBinPathShadowed\n} from './npm-paths'\nimport constants from '../constants'\n\nconst { CLI, NPX } = constants\n\nexport async function installLinks(\n  realBinPath: string,\n  binName: 'npm' | 'npx'\n): Promise<string> {\n  const isNpx = binName === NPX\n  // Find package manager being shadowed by this process.\n  const binPath = isNpx ? getNpxBinPath() : getNpmBinPath()\n  // Lazily access constants.WIN32.\n  const { WIN32 } = constants\n  // TODO: Is this early exit needed?\n  if (WIN32 && binPath) {\n    return binPath\n  }\n  const shadowed = isNpx ? isNpxBinPathShadowed() : isNpmBinPathShadowed()\n  // Move our bin directory to front of PATH so its found first.\n  if (!shadowed) {\n    if (WIN32) {\n      await cmdShim(\n        // Lazily access constants.rootDistPath.\n        path.join(constants.rootDistPath, `${binName}-${CLI}.js`),\n        path.join(realBinPath, binName)\n      )\n    }\n    process.env['PATH'] =\n      `${realBinPath}${path.delimiter}${process.env['PATH']}`\n  }\n  return binPath\n}\n","import process from 'node:process'\n\nimport spawn from '@npmcli/promise-spawn'\n\nimport { installLinks } from './link'\nimport constants from '../constants'\nimport { isLoglevelFlag, isProgressFlag } from '../utils/npm'\n\nconst {\n  SOCKET_CLI_SAFE_WRAPPER,\n  SOCKET_CLI_SENTRY_BUILD,\n  SOCKET_IPC_HANDSHAKE,\n  abortSignal\n} = constants\n\nexport default async function shadowBin(\n  binName: 'npm' | 'npx',\n  args = process.argv.slice(2)\n) {\n  process.exitCode = 1\n  const terminatorPos = args.indexOf('--')\n  const binArgs = (\n    terminatorPos === -1 ? args : args.slice(0, terminatorPos)\n  ).filter(a => !isProgressFlag(a))\n  const otherArgs = terminatorPos === -1 ? [] : args.slice(terminatorPos)\n  const spawnPromise = spawn(\n    // Lazily access constants.execPath.\n    constants.execPath,\n    [\n      // Lazily access constants.nodeNoWarningsFlags.\n      ...constants.nodeNoWarningsFlags,\n      // Lazily access constants.ENV[SOCKET_CLI_SENTRY_BUILD].\n      ...(constants.ENV[SOCKET_CLI_SENTRY_BUILD]\n        ? [\n            '--require',\n            // Lazily access constants.instrumentWithSentryPath.\n            constants.instrumentWithSentryPath\n          ]\n        : []),\n      '--require',\n      // Lazily access constants.npmInjectionPath.\n      constants.npmInjectionPath,\n      // Lazily access constants.shadowBinPath.\n      await installLinks(constants.shadowBinPath, binName),\n      // Add `--no-progress` and `--quiet` flags to fix input being swallowed by\n      // the spinner when running the command with recent versions of npm.\n      '--no-progress',\n      // Add the '--quiet' flag if a loglevel flag is not provided.\n      ...(binArgs.some(isLoglevelFlag) ? [] : ['--quiet']),\n      ...binArgs,\n      ...otherArgs\n    ],\n    {\n      signal: abortSignal,\n      // 'inherit' + 'ipc'\n      stdio: [0, 1, 2, 'ipc']\n    }\n  )\n  // See https://nodejs.org/api/all.html#all_child_process_event-exit.\n  spawnPromise.process.on('exit', (code, signalName) => {\n    if (abortSignal.aborted) {\n      return\n    }\n    if (signalName) {\n      process.kill(process.pid, signalName)\n    } else if (code !== null) {\n      process.exit(code)\n    }\n  })\n  spawnPromise.process.send({\n    [SOCKET_IPC_HANDSHAKE]: {\n      [SOCKET_CLI_SAFE_WRAPPER]: true\n    }\n  })\n  await spawnPromise\n}\n"],"names":["NPX","WIN32","process","abortSignal","constants","signal","spawnPromise"],"mappings":";;;;;;;;;;;;;;;;;;;AAaA;;AAAaA;AAAI;AAEV;AAIL;AACA;;AAEA;;AACQC;AAAM;AACd;;AAEE;AACF;;AAEA;;AAEE;AACE;AACE;;AAIJ;AACAC;AAEF;AACA;AACF;;AClCA;;;;AAIEC;AACF;AAEe;;AAKb;AACA;AAGA;;AAEE;;AAGE;;AAEA;;AAIM;AACAC;AAIN;AACAA;AACA;AACA;AACA;AACA;;AAEA;;AAMAC;AACA;;AAEF;AAEF;;;AAGI;AACF;AACA;;AAEA;AACEH;AACF;AACF;AACAI;AACE;AACE;AACF;AACF;AACA;AACF;;","debugId":"f578bd6f-82f7-4281-b443-42099e9e8c53"}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@socketsecurity/cli-with-sentry",
-  "version": "0.14.44",
+  "version": "0.14.46",
   "description": "CLI tool for Socket.dev, includes Sentry error handling, otherwise identical to the regular `socket` package",
   "homepage": "http://github.com/SocketDev/socket-cli",
   "license": "MIT",
@@ -14,6 +14,7 @@
     "url": "https://socket.dev"
   },
   "bin": {
+    "cli-with-sentry": "bin/cli.js",
     "socket-with-sentry": "bin/cli.js",
     "socket-npm-with-sentry": "bin/npm-cli.js",
     "socket-npx-with-sentry": "bin/npx-cli.js"

package/dist/module-sync/constants2.js

@@ -1,231 +0,0 @@
-'use strict';
-
-var fs = require('node:fs');
-var path = require('node:path');
-var process = require('node:process');
-var registryConstants = require('@socketsecurity/registry/lib/constants');
-var env = require('@socketsecurity/registry/lib/env');
-
-const {
-  NODE_MODULES,
-  PACKAGE_JSON,
-  TAP,
-  kInternalsSymbol,
-  [kInternalsSymbol]: {
-    createConstantsObject
-  }
-} = registryConstants;
-const ALERT_TYPE_CRITICAL_CVE = 'criticalCVE';
-const ALERT_TYPE_CVE = 'cve';
-const ALERT_TYPE_MEDIUM_CVE = 'mediumCVE';
-const ALERT_TYPE_MILD_CVE = 'mildCVE';
-const ALERT_TYPE_SOCKET_UPGRADE_AVAILABLE = 'socketUpgradeAvailable';
-const API_V0_URL = 'https://api.socket.dev/v0';
-const BABEL_RUNTIME = '@babel/runtime';
-const BINARY_LOCK_EXT = '.lockb';
-const BUN = 'bun';
-const CLI = 'cli';
-const CVE_ALERT_PROPS_FIRST_PATCHED_VERSION_IDENTIFIER = 'firstPatchedVersionIdentifier';
-const CVE_ALERT_PROPS_VULNERABLE_VERSION_RANGE = 'vulnerableVersionRange';
-const LOCK_EXT = '.lock';
-const MODULE_SYNC = 'module-sync';
-const NPM_INJECTION = 'npm-injection';
-const NPM_REGISTRY_URL = 'https://registry.npmjs.org';
-const NPX = 'npx';
-const PNPM = 'pnpm';
-const REQUIRE = 'require';
-const SHADOW_BIN = 'shadow-bin';
-const SOCKET = 'socket';
-const SOCKET_CLI_DEBUG = 'SOCKET_CLI_DEBUG';
-const SOCKET_CLI_FIX = 'SOCKET_CLI_FIX';
-const SOCKET_CLI_ISSUES_URL = 'https://github.com/SocketDev/socket-cli/issues';
-const SOCKET_CLI_LEGACY_BUILD = 'SOCKET_CLI_LEGACY_BUILD';
-const SOCKET_CLI_OPTIMIZE = 'SOCKET_CLI_OPTIMIZE';
-const SOCKET_CLI_PUBLISHED_BUILD = 'SOCKET_CLI_PUBLISHED_BUILD';
-const SOCKET_CLI_SAFE_WRAPPER = 'SOCKET_CLI_SAFE_WRAPPER';
-const SOCKET_CLI_SENTRY_BUILD = 'SOCKET_CLI_SENTRY_BUILD';
-const SOCKET_CLI_VERSION_HASH = 'SOCKET_CLI_VERSION_HASH';
-const VLT = 'vlt';
-const YARN = 'yarn';
-const YARN_BERRY = `${YARN}/berry`;
-const YARN_CLASSIC = `${YARN}/classic`;
-let _Sentry;
-const LAZY_BATCH_PURL_ENDPOINT = () => {
-  const query = new URLSearchParams();
-  query.append('alerts', 'true');
-  query.append('compact', 'true');
-  return `${API_V0_URL}/purl?${query}`;
-};
-const LAZY_DIST_TYPE = () => registryConstants.SUPPORTS_NODE_REQUIRE_MODULE ? MODULE_SYNC : REQUIRE;
-const LAZY_ENV = () => Object.freeze({
-  // Lazily access registryConstants.ENV.
-  ...registryConstants.ENV,
-  // Flag set to help debug Socket CLI.
-  [SOCKET_CLI_DEBUG]: env.envAsBoolean(process.env[SOCKET_CLI_DEBUG]),
-  // Inline the following environment values so that they CANNOT be influenced
-  // by user provided environment variables.
-  //
-  // Flag set to determine if this is the Legacy build.
-  // The '@rollup/plugin-replace' will replace "process.env[SOCKET_CLI_LEGACY_BUILD]".
-  [SOCKET_CLI_LEGACY_BUILD]: false,
-  // Flag set to determine if this is a published build.
-  // The '@rollup/plugin-replace' will replace "process.env[SOCKET_CLI_PUBLISHED_BUILD]".
-  [SOCKET_CLI_PUBLISHED_BUILD]: true,
-  // Flag set to determine if this is the Sentry build.
-  // The '@rollup/plugin-replace' will replace "process.env[SOCKET_CLI_SENTRY_BUILD]".
-  [SOCKET_CLI_SENTRY_BUILD]: true,
-  // Flag set to determine the version hash of the build.
-  // The '@rollup/plugin-replace' will replace "process.env[SOCKET_CLI_VERSION_HASH]".
-  [SOCKET_CLI_VERSION_HASH]: "0.14.44:d759761:ba5ca849:pub"
-});
-const lazyCdxgenBinPath = () =>
-// Lazily access constants.nmBinPath.
-path.join(constants.nmBinPath, 'cdxgen');
-const lazyDistPath = () =>
-// Lazily access constants.rootDistPath and constants.DIST_TYPE.
-path.join(constants.rootDistPath, constants.DIST_TYPE);
-const lazyInstrumentWithSentryPath = () =>
-// Lazily access constants.rootDistPath.
-path.join(constants.rootDistPath, 'instrument-with-sentry.js');
-const lazyNmBinPath = () =>
-// Lazily access constants.rootPath.
-path.join(constants.rootPath, `${NODE_MODULES}/.bin`);
-const lazyNpmInjectionPath = () =>
-// Lazily access constants.distPath.
-path.join(constants.distPath, `${NPM_INJECTION}.js`);
-const lazyRootBinPath = () =>
-// Lazily access constants.rootPath.
-path.join(constants.rootPath, 'bin');
-const lazyRootDistPath = () =>
-// Lazily access constants.rootPath.
-path.join(constants.rootPath, 'dist');
-const lazyRootPath = () =>
-// The '@rollup/plugin-replace' will replace "process.env.[TAP]".
-path.resolve(fs.realpathSync.native(__dirname), '..');
-const lazyRootPkgJsonPath = () =>
-// Lazily access constants.rootPath.
-path.join(constants.rootPath, PACKAGE_JSON);
-const lazyShadowBinPath = () =>
-// Lazily access constants.rootPath.
-path.join(constants.rootPath, SHADOW_BIN);
-const lazySynpBinPath = () =>
-// Lazily access constants.nmBinPath.
-path.join(constants.nmBinPath, 'synp');
-const constants = createConstantsObject({
-  ALERT_TYPE_CRITICAL_CVE,
-  ALERT_TYPE_CVE,
-  ALERT_TYPE_MEDIUM_CVE,
-  ALERT_TYPE_MILD_CVE,
-  ALERT_TYPE_SOCKET_UPGRADE_AVAILABLE,
-  API_V0_URL,
-  BABEL_RUNTIME,
-  // Lazily defined values are initialized as `undefined` to keep their key order.
-  BATCH_PURL_ENDPOINT: undefined,
-  BINARY_LOCK_EXT,
-  BUN,
-  CLI,
-  CVE_ALERT_PROPS_FIRST_PATCHED_VERSION_IDENTIFIER,
-  CVE_ALERT_PROPS_VULNERABLE_VERSION_RANGE,
-  DIST_TYPE: undefined,
-  ENV: undefined,
-  LOCK_EXT,
-  MODULE_SYNC,
-  NPM_INJECTION,
-  NPM_REGISTRY_URL,
-  NPX,
-  PNPM,
-  REQUIRE,
-  SHADOW_BIN,
-  SOCKET,
-  SOCKET_CLI_DEBUG,
-  SOCKET_CLI_FIX,
-  SOCKET_CLI_ISSUES_URL,
-  SOCKET_CLI_LEGACY_BUILD,
-  SOCKET_CLI_OPTIMIZE,
-  SOCKET_CLI_PUBLISHED_BUILD,
-  SOCKET_CLI_SAFE_WRAPPER,
-  SOCKET_CLI_SENTRY_BUILD,
-  SOCKET_CLI_VERSION_HASH,
-  VLT,
-  YARN,
-  YARN_BERRY,
-  YARN_CLASSIC,
-  cdxgenBinPath: undefined,
-  distPath: undefined,
-  instrumentWithSentryPath: undefined,
-  nmBinPath: undefined,
-  npmInjectionPath: undefined,
-  rootBinPath: undefined,
-  rootDistPath: undefined,
-  rootPath: undefined,
-  rootPkgJsonPath: undefined,
-  shadowBinPath: undefined,
-  synpBinPath: undefined
-}, {
-  getters: {
-    BATCH_PURL_ENDPOINT: LAZY_BATCH_PURL_ENDPOINT,
-    DIST_TYPE: LAZY_DIST_TYPE,
-    ENV: LAZY_ENV,
-    distPath: lazyDistPath,
-    cdxgenBinPath: lazyCdxgenBinPath,
-    instrumentWithSentryPath: lazyInstrumentWithSentryPath,
-    nmBinPath: lazyNmBinPath,
-    npmInjectionPath: lazyNpmInjectionPath,
-    rootBinPath: lazyRootBinPath,
-    rootDistPath: lazyRootDistPath,
-    rootPath: lazyRootPath,
-    rootPkgJsonPath: lazyRootPkgJsonPath,
-    shadowBinPath: lazyShadowBinPath,
-    synpBinPath: lazySynpBinPath
-  },
-  internals: {
-    getSentry() {
-      return _Sentry;
-    },
-    setSentry(Sentry) {
-      if (_Sentry === undefined) {
-        _Sentry = Sentry;
-        return true;
-      }
-      return false;
-    }
-  },
-  mixin: registryConstants
-});
-
-var constants$1 = {
-  __proto__: null,
-  default: constants
-};
-
-function getAugmentedNamespace(n) {
-  if (n.__esModule) return n;
-  var f = n.default;
-	if (typeof f == "function") {
-		var a = function a () {
-			if (this instanceof a) {
-        return Reflect.construct(f, arguments, this.constructor);
-			}
-			return f.apply(this, arguments);
-		};
-		a.prototype = f.prototype;
-  } else a = {};
-  Object.defineProperty(a, '__esModule', {value: true});
-	Object.keys(n).forEach(function (k) {
-		var d = Object.getOwnPropertyDescriptor(n, k);
-		Object.defineProperty(a, k, d.get ? d : {
-			enumerable: true,
-			get: function () {
-				return n[k];
-			}
-		});
-	});
-	return a;
-}
-
-var require$$1 = /*@__PURE__*/getAugmentedNamespace(constants$1);
-
-exports.constants = constants;
-exports.require$$1 = require$$1;
-//# debugId=435f32a3-529f-42d3-a920-3fda62a829e2
-//# sourceMappingURL=constants2.js.map

package/dist/module-sync/constants2.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"constants2.js","sources":["../../src/constants.ts"],"sourcesContent":["import { realpathSync } from 'node:fs'\nimport path from 'node:path'\nimport process from 'node:process'\n\nimport registryConstants from '@socketsecurity/registry/lib/constants'\nimport { envAsBoolean } from '@socketsecurity/registry/lib/env'\n\nimport type { Remap } from '@socketsecurity/registry/lib/objects'\n\nconst {\n  NODE_MODULES,\n  PACKAGE_JSON,\n  TAP,\n  kInternalsSymbol,\n  [kInternalsSymbol as unknown as 'Symbol(kInternalsSymbol)']: {\n    createConstantsObject\n  }\n} = registryConstants\n\ntype RegistryEnv = typeof registryConstants.ENV\n\ntype RegistryInternals = (typeof registryConstants)['Symbol(kInternalsSymbol)']\n\ntype Sentry = any\n\ntype Internals = Remap<\n  Omit<RegistryInternals, 'getIPC'> &\n    Readonly<{\n      getIPC: {\n        (): Promise<IPC>\n        <K extends keyof IPC | undefined>(\n          key?: K\n        ): Promise<K extends keyof IPC ? IPC[K] : IPC>\n      }\n      getSentry: () => Sentry\n      setSentry(Sentry: Sentry): boolean\n    }>\n>\n\ntype ENV = Remap<\n  RegistryEnv &\n    Readonly<{\n      SOCKET_CLI_DEBUG: boolean\n      SOCKET_CLI_LEGACY_BUILD: boolean\n      SOCKET_CLI_PUBLISHED_BUILD: boolean\n      SOCKET_CLI_SENTRY_BUILD: boolean\n      SOCKET_CLI_VERSION_HASH: string\n    }>\n>\n\ntype IPC = Readonly<{\n  SOCKET_CLI_FIX?: string\n  SOCKET_CLI_OPTIMIZE?: boolean\n  SOCKET_CLI_SAFE_WRAPPER?: boolean\n}>\n\ntype Constants = Remap<\n  Omit<typeof registryConstants, 'Symbol(kInternalsSymbol)' | 'ENV' | 'IPC'> & {\n    readonly 'Symbol(kInternalsSymbol)': Internals\n    readonly ALERT_TYPE_CRITICAL_CVE: 'criticalCVE'\n    readonly ALERT_TYPE_CVE: 'cve'\n    readonly ALERT_TYPE_MEDIUM_CVE: 'mediumCVE'\n    readonly ALERT_TYPE_MILD_CVE: 'mildCVE'\n    readonly ALERT_TYPE_SOCKET_UPGRADE_AVAILABLE: 'socketUpgradeAvailable'\n    readonly API_V0_URL: 'https://api.socket.dev/v0'\n    readonly BABEL_RUNTIME: '@babel/runtime'\n    readonly BATCH_PURL_ENDPOINT: 'https://api.socket.dev/v0/purl?alerts=true&compact=true'\n    readonly BINARY_LOCK_EXT: '.lockb'\n    readonly BUN: 'bun'\n    readonly CLI: 'cli'\n    readonly CVE_ALERT_PROPS_FIRST_PATCHED_VERSION_IDENTIFIER: 'firstPatchedVersionIdentifier'\n    readonly CVE_ALERT_PROPS_VULNERABLE_VERSION_RANGE: 'vulnerableVersionRange'\n    readonly ENV: ENV\n    readonly DIST_TYPE: 'module-sync' | 'require'\n    readonly IPC: IPC\n    readonly LOCK_EXT: '.lock'\n    readonly MODULE_SYNC: 'module-sync'\n    readonly NPM_INJECTION: 'npm-injection'\n    readonly NPM_REGISTRY_URL: 'https://registry.npmjs.org'\n    readonly NPX: 'npx'\n    readonly PNPM: 'pnpm'\n    readonly REQUIRE: 'require'\n    readonly SHADOW_BIN: 'shadow-bin'\n    readonly SOCKET: 'socket'\n    readonly SOCKET_CLI_DEBUG: 'SOCKET_CLI_DEBUG'\n    readonly SOCKET_CLI_FIX: 'SOCKET_CLI_FIX'\n    readonly SOCKET_CLI_ISSUES_URL: 'https://github.com/SocketDev/socket-cli/issues'\n    readonly SOCKET_CLI_LEGACY_BUILD: 'SOCKET_CLI_LEGACY_BUILD'\n    readonly SOCKET_CLI_OPTIMIZE: 'SOCKET_CLI_OPTIMIZE'\n    readonly SOCKET_CLI_PUBLISHED_BUILD: 'SOCKET_CLI_PUBLISHED_BUILD'\n    readonly SOCKET_CLI_SAFE_WRAPPER: 'SOCKET_CLI_SAFE_WRAPPER'\n    readonly SOCKET_CLI_SENTRY_BUILD: 'SOCKET_CLI_SENTRY_BUILD'\n    readonly SOCKET_CLI_VERSION_HASH: 'SOCKET_CLI_VERSION_HASH'\n    readonly VLT: 'vlt'\n    readonly YARN: 'yarn'\n    readonly YARN_BERRY: 'yarn/berry'\n    readonly YARN_CLASSIC: 'yarn/classic'\n    readonly cdxgenBinPath: string\n    readonly distPath: string\n    readonly instrumentWithSentryPath: string\n    readonly nmBinPath: string\n    readonly npmInjectionPath: string\n    readonly rootBinPath: string\n    readonly rootDistPath: string\n    readonly rootPath: string\n    readonly rootPkgJsonPath: string\n    readonly shadowBinPath: string\n    readonly synpBinPath: string\n  }\n>\n\nconst ALERT_TYPE_CRITICAL_CVE = 'criticalCVE'\nconst ALERT_TYPE_CVE = 'cve'\nconst ALERT_TYPE_MEDIUM_CVE = 'mediumCVE'\nconst ALERT_TYPE_MILD_CVE = 'mildCVE'\nconst ALERT_TYPE_SOCKET_UPGRADE_AVAILABLE = 'socketUpgradeAvailable'\nconst API_V0_URL = 'https://api.socket.dev/v0'\nconst BABEL_RUNTIME = '@babel/runtime'\nconst BINARY_LOCK_EXT = '.lockb'\nconst BUN = 'bun'\nconst CLI = 'cli'\nconst CVE_ALERT_PROPS_FIRST_PATCHED_VERSION_IDENTIFIER =\n  'firstPatchedVersionIdentifier'\nconst CVE_ALERT_PROPS_VULNERABLE_VERSION_RANGE = 'vulnerableVersionRange'\nconst LOCK_EXT = '.lock'\nconst MODULE_SYNC = 'module-sync'\nconst NPM_INJECTION = 'npm-injection'\nconst NPM_REGISTRY_URL = 'https://registry.npmjs.org'\nconst NPX = 'npx'\nconst PNPM = 'pnpm'\nconst REQUIRE = 'require'\nconst SHADOW_BIN = 'shadow-bin'\nconst SOCKET = 'socket'\nconst SOCKET_CLI_DEBUG = 'SOCKET_CLI_DEBUG'\nconst SOCKET_CLI_FIX = 'SOCKET_CLI_FIX'\nconst SOCKET_CLI_ISSUES_URL = 'https://github.com/SocketDev/socket-cli/issues'\nconst SOCKET_CLI_LEGACY_BUILD = 'SOCKET_CLI_LEGACY_BUILD'\nconst SOCKET_CLI_OPTIMIZE = 'SOCKET_CLI_OPTIMIZE'\nconst SOCKET_CLI_PUBLISHED_BUILD = 'SOCKET_CLI_PUBLISHED_BUILD'\nconst SOCKET_CLI_SAFE_WRAPPER = 'SOCKET_CLI_SAFE_WRAPPER'\nconst SOCKET_CLI_SENTRY_BUILD = 'SOCKET_CLI_SENTRY_BUILD'\nconst SOCKET_CLI_VERSION_HASH = 'SOCKET_CLI_VERSION_HASH'\nconst VLT = 'vlt'\nconst YARN = 'yarn'\nconst YARN_BERRY = `${YARN}/berry`\nconst YARN_CLASSIC = `${YARN}/classic`\n\nlet _Sentry: any\n\nconst LAZY_BATCH_PURL_ENDPOINT = () => {\n  const query = new URLSearchParams()\n  query.append('alerts', 'true')\n  query.append('compact', 'true')\n  return `${API_V0_URL}/purl?${query}`\n}\n\nconst LAZY_DIST_TYPE = () =>\n  registryConstants.SUPPORTS_NODE_REQUIRE_MODULE ? MODULE_SYNC : REQUIRE\n\nconst LAZY_ENV = () =>\n  Object.freeze({\n    // Lazily access registryConstants.ENV.\n    ...registryConstants.ENV,\n    // Flag set to help debug Socket CLI.\n    [SOCKET_CLI_DEBUG]: envAsBoolean(process.env[SOCKET_CLI_DEBUG]),\n    // Inline the following environment values so that they CANNOT be influenced\n    // by user provided environment variables.\n    //\n    // Flag set to determine if this is the Legacy build.\n    // The '@rollup/plugin-replace' will replace \"process.env[SOCKET_CLI_LEGACY_BUILD]\".\n    [SOCKET_CLI_LEGACY_BUILD]: process.env[SOCKET_CLI_LEGACY_BUILD],\n    // Flag set to determine if this is a published build.\n    // The '@rollup/plugin-replace' will replace \"process.env[SOCKET_CLI_PUBLISHED_BUILD]\".\n    [SOCKET_CLI_PUBLISHED_BUILD]: process.env[SOCKET_CLI_PUBLISHED_BUILD],\n    // Flag set to determine if this is the Sentry build.\n    // The '@rollup/plugin-replace' will replace \"process.env[SOCKET_CLI_SENTRY_BUILD]\".\n    [SOCKET_CLI_SENTRY_BUILD]: process.env[SOCKET_CLI_SENTRY_BUILD],\n    // Flag set to determine the version hash of the build.\n    // The '@rollup/plugin-replace' will replace \"process.env[SOCKET_CLI_VERSION_HASH]\".\n    [SOCKET_CLI_VERSION_HASH]: process.env[SOCKET_CLI_VERSION_HASH]\n  })\n\nconst lazyCdxgenBinPath = () =>\n  // Lazily access constants.nmBinPath.\n  path.join(constants.nmBinPath, 'cdxgen')\n\nconst lazyDistPath = () =>\n  // Lazily access constants.rootDistPath and constants.DIST_TYPE.\n  path.join(constants.rootDistPath, constants.DIST_TYPE)\n\nconst lazyInstrumentWithSentryPath = () =>\n  // Lazily access constants.rootDistPath.\n  path.join(constants.rootDistPath, 'instrument-with-sentry.js')\n\nconst lazyNmBinPath = () =>\n  // Lazily access constants.rootPath.\n  path.join(constants.rootPath, `${NODE_MODULES}/.bin`)\n\nconst lazyNpmInjectionPath = () =>\n  // Lazily access constants.distPath.\n  path.join(constants.distPath, `${NPM_INJECTION}.js`)\n\nconst lazyRootBinPath = () =>\n  // Lazily access constants.rootPath.\n  path.join(constants.rootPath, 'bin')\n\nconst lazyRootDistPath = () =>\n  // Lazily access constants.rootPath.\n  path.join(constants.rootPath, 'dist')\n\nconst lazyRootPath = () =>\n  // The '@rollup/plugin-replace' will replace \"process.env.[TAP]\".\n  path.resolve(\n    realpathSync.native(__dirname),\n    process.env[TAP] ? '../..' : '..'\n  )\n\nconst lazyRootPkgJsonPath = () =>\n  // Lazily access constants.rootPath.\n  path.join(constants.rootPath, PACKAGE_JSON)\n\nconst lazyShadowBinPath = () =>\n  // Lazily access constants.rootPath.\n  path.join(constants.rootPath, SHADOW_BIN)\n\nconst lazySynpBinPath = () =>\n  // Lazily access constants.nmBinPath.\n  path.join(constants.nmBinPath, 'synp')\n\nconst constants = <Constants>createConstantsObject(\n  {\n    ALERT_TYPE_CRITICAL_CVE,\n    ALERT_TYPE_CVE,\n    ALERT_TYPE_MEDIUM_CVE,\n    ALERT_TYPE_MILD_CVE,\n    ALERT_TYPE_SOCKET_UPGRADE_AVAILABLE,\n    API_V0_URL,\n    BABEL_RUNTIME,\n    // Lazily defined values are initialized as `undefined` to keep their key order.\n    BATCH_PURL_ENDPOINT: undefined,\n    BINARY_LOCK_EXT,\n    BUN,\n    CLI,\n    CVE_ALERT_PROPS_FIRST_PATCHED_VERSION_IDENTIFIER,\n    CVE_ALERT_PROPS_VULNERABLE_VERSION_RANGE,\n    DIST_TYPE: undefined,\n    ENV: undefined,\n    LOCK_EXT,\n    MODULE_SYNC,\n    NPM_INJECTION,\n    NPM_REGISTRY_URL,\n    NPX,\n    PNPM,\n    REQUIRE,\n    SHADOW_BIN,\n    SOCKET,\n    SOCKET_CLI_DEBUG,\n    SOCKET_CLI_FIX,\n    SOCKET_CLI_ISSUES_URL,\n    SOCKET_CLI_LEGACY_BUILD,\n    SOCKET_CLI_OPTIMIZE,\n    SOCKET_CLI_PUBLISHED_BUILD,\n    SOCKET_CLI_SAFE_WRAPPER,\n    SOCKET_CLI_SENTRY_BUILD,\n    SOCKET_CLI_VERSION_HASH,\n    VLT,\n    YARN,\n    YARN_BERRY,\n    YARN_CLASSIC,\n    cdxgenBinPath: undefined,\n    distPath: undefined,\n    instrumentWithSentryPath: undefined,\n    nmBinPath: undefined,\n    npmInjectionPath: undefined,\n    rootBinPath: undefined,\n    rootDistPath: undefined,\n    rootPath: undefined,\n    rootPkgJsonPath: undefined,\n    shadowBinPath: undefined,\n    synpBinPath: undefined\n  },\n  {\n    getters: {\n      BATCH_PURL_ENDPOINT: LAZY_BATCH_PURL_ENDPOINT,\n      DIST_TYPE: LAZY_DIST_TYPE,\n      ENV: LAZY_ENV,\n      distPath: lazyDistPath,\n      cdxgenBinPath: lazyCdxgenBinPath,\n      instrumentWithSentryPath: lazyInstrumentWithSentryPath,\n      nmBinPath: lazyNmBinPath,\n      npmInjectionPath: lazyNpmInjectionPath,\n      rootBinPath: lazyRootBinPath,\n      rootDistPath: lazyRootDistPath,\n      rootPath: lazyRootPath,\n      rootPkgJsonPath: lazyRootPkgJsonPath,\n      shadowBinPath: lazyShadowBinPath,\n      synpBinPath: lazySynpBinPath\n    },\n    internals: {\n      getSentry() {\n        return _Sentry\n      },\n      setSentry(Sentry: Sentry): boolean {\n        if (_Sentry === undefined) {\n          _Sentry = Sentry\n          return true\n        }\n        return false\n      }\n    },\n    mixin: registryConstants\n  }\n)\n\nexport default constants\n"],"names":["createConstantsObject","query","path","constants","BATCH_PURL_ENDPOINT","DIST_TYPE","ENV","cdxgenBinPath","distPath","instrumentWithSentryPath","nmBinPath","npmInjectionPath","rootBinPath","rootDistPath","rootPath","rootPkgJsonPath","shadowBinPath","synpBinPath","getters","internals","getSentry","_Sentry","mixin"],"mappings":";;;;;;;;AASA;;;;;AAKE;AACEA;AACF;AACF;AA8FA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAEA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAEA;AAEA;AACE;AACAC;AACAA;AACA;AACF;AAEA;AAGA;AAEI;;AAEA;;AAEA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACF;AAEF;AACE;AACAC;AAEF;AACE;AACAA;AAEF;AACE;AACAA;AAEF;AACE;AACAA;AAEF;AACE;AACAA;AAEF;AACE;AACAA;AAEF;AACE;AACAA;AAEF;AACE;AACAA;AAKF;AACE;AACAA;AAEF;AACE;AACAA;AAEF;AACE;AACAA;AAEIC;;;;;;;;AASF;AACAC;;;;;;AAMAC;AACAC;;;;;;;;;;;;;;;;;;;;;;;AAuBAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACF;AAEEC;AACEd;AACAC;AACAC;AACAE;AACAD;AACAE;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;;AAEFE;AACEC;AACE;;;;AAIEC;AACA;AACF;AACA;AACF;;AAEFC;AACF;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;","debugId":"435f32a3-529f-42d3-a920-3fda62a829e2"}