@socketsecurity/cli-with-sentry 0.14.50 → 0.14.51

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (15) hide show
  1. package/dist/constants.js +2 -2
  2. package/dist/constants.js.map +1 -1
  3. package/dist/instrument-with-sentry.js +2 -2
  4. package/dist/instrument-with-sentry.js.map +1 -1
  5. package/dist/module-sync/cli.js +91 -108
  6. package/dist/module-sync/cli.js.map +1 -1
  7. package/dist/module-sync/index.d.ts +1 -1
  8. package/dist/module-sync/index.js +18 -19
  9. package/dist/module-sync/index.js.map +1 -1
  10. package/dist/module-sync/npm-paths.js +3 -43
  11. package/dist/module-sync/npm-paths.js.map +1 -1
  12. package/dist/require/cli.js +91 -108
  13. package/dist/require/cli.js.map +1 -1
  14. package/package.json +6 -6
  15. package/dist/module-sync/logging.d.ts +0 -16
package/dist/module-sync/npm-paths.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"npm-paths.js","sources":["../../src/utils/logging.ts","../../src/utils/debug.ts","../../src/utils/ignore-by-default.ts","../../src/utils/path-resolve.ts","../../src/shadow/npm-paths.ts"],"sourcesContent":["import colors from 'yoctocolors-cjs'\n\nimport isUnicodeSupported from '@socketregistry/is-unicode-supported/index.cjs'\nimport { Spinner } from '@socketsecurity/registry/lib/spinner'\n\nexport type LogSymbols = {\n info: string\n success: string\n warning: string\n error: string\n}\n\nlet _logSymbols: LogSymbols | undefined\nexport function getLogSymbols() {\n if (_logSymbols === undefined) {\n _logSymbols = <LogSymbols>(isUnicodeSupported()\n ? {\n __proto__: null,\n info: colors.blue('ℹ'),\n success: colors.green('✔'),\n warning: colors.yellow('⚠'),\n error: colors.red('✖️')\n }\n : {\n __proto__: null,\n info: colors.blue('i'),\n success: colors.green('√'),\n warning: colors.yellow('‼'),\n error: colors.red('×')\n })\n }\n return _logSymbols\n}\n\nexport class Logger {\n #spinnerLogger: ReturnType<typeof Spinner>\n constructor() {\n this.#spinnerLogger = new Spinner()\n }\n\n error(text: string) {\n this.#spinnerLogger.error(text)\n }\n\n info(text: string) {\n this.#spinnerLogger.info(text)\n }\n\n warn(text: string) {\n this.#spinnerLogger.warning(text)\n }\n}\n\nexport const logger = new Logger()\n","import { getLogSymbols } from './logging'\nimport constants from '../constants'\n\nexport function isDebug() {\n // Lazily access constants.ENV.\n return constants.ENV.SOCKET_CLI_DEBUG\n}\n\nexport function debugLog(...args: any[]) {\n if (isDebug()) {\n console.error(getLogSymbols().info, ...args)\n }\n}\n","const ignoredDirs = [\n // Taken from ignore-by-default:\n // https://github.com/novemberborn/ignore-by-default/blob/v2.1.0/index.js\n '.git', // Git repository files, see <https://git-scm.com/>\n '.log', // Log files emitted by tools such as `tsserver`, see <https://github.com/Microsoft/TypeScript/wiki/Standalone-Server-%28tsserver%29>\n '.nyc_output', // Temporary directory where nyc stores coverage data, see <https://github.com/bcoe/nyc>\n '.sass-cache', // Cache folder for node-sass, see <https://github.com/sass/node-sass>\n '.yarn', // Where node modules are installed when using Yarn, see <https://yarnpkg.com/>\n 'bower_components', // Where Bower packages are installed, see <http://bower.io/>\n 'coverage', // Standard output directory for code coverage reports, see <https://github.com/gotwarlost/istanbul>\n 'node_modules', // Where Node modules are installed, see <https://nodejs.org/>\n // Taken from globby:\n // https://github.com/sindresorhus/globby/blob/v14.0.2/ignore.js#L11-L16\n 'flow-typed'\n] as const\n\nconst ignoredDirPatterns = ignoredDirs.map(i => `**/${i}`)\n\nexport function directoryPatterns() {\n return [...ignoredDirPatterns]\n}\n","import { existsSync, promises as fs, realpathSync, statSync } from 'node:fs'\nimport path from 'node:path'\nimport process from 'node:process'\n\nimport ignore from 'ignore'\nimport micromatch from 'micromatch'\nimport { glob as tinyGlob } from 'tinyglobby'\nimport which from 'which'\n\nimport { debugLog } from './debug'\nimport { directoryPatterns } from './ignore-by-default'\nimport constants from '../constants'\n\nimport type { SocketYml } from '@socketsecurity/config'\nimport type { SocketSdkReturnType } from '@socketsecurity/sdk'\nimport type { GlobOptions } from 'tinyglobby'\n\ntype GlobWithGitIgnoreOptions = GlobOptions & {\n socketConfig?: SocketYml | undefined\n}\n\nconst { NODE_MODULES, NPM, shadowBinPath } = constants\n\nasync function filterGlobResultToSupportedFiles(\n entries: string[],\n supportedFiles: SocketSdkReturnType<'getReportSupportedFiles'>['data']\n): Promise<string[]> {\n const patterns = ['golang', NPM, 'maven', 'pypi'].reduce(\n (r: string[], n: string) => {\n const supported = supportedFiles[n]\n r.push(\n ...(supported\n ? Object.values(supported).map(p => `**/${p.pattern}`)\n : [])\n )\n return r\n },\n []\n )\n return entries.filter(p => micromatch.some(p, patterns))\n}\n\nasync function globWithGitIgnore(\n patterns: string[],\n options: GlobWithGitIgnoreOptions\n) {\n const {\n cwd = process.cwd(),\n socketConfig,\n ...additionalOptions\n } = <GlobWithGitIgnoreOptions>{ __proto__: null, ...options }\n const projectIgnorePaths = socketConfig?.projectIgnorePaths\n const ignoreFiles = await tinyGlob(['**/.gitignore'], {\n absolute: true,\n cwd,\n expandDirectories: true\n })\n const ignores = [\n ...directoryPatterns(),\n ...(Array.isArray(projectIgnorePaths)\n ? ignoreFileLinesToGlobPatterns(\n projectIgnorePaths,\n path.join(cwd, '.gitignore'),\n cwd\n )\n : []),\n ...(\n await Promise.all(\n ignoreFiles.map(async filepath =>\n ignoreFileToGlobPatterns(\n await fs.readFile(filepath, 'utf8'),\n filepath,\n cwd\n )\n )\n )\n ).flat()\n ]\n const hasNegatedPattern = ignores.some(p => p.charCodeAt(0) === 33 /*'!'*/)\n const globOptions = {\n absolute: true,\n cwd,\n expandDirectories: false,\n ignore: hasNegatedPattern ? [] : ignores,\n ...additionalOptions\n }\n const result = await tinyGlob(patterns, globOptions)\n if (!hasNegatedPattern) {\n return result\n }\n const { absolute } = globOptions\n\n // Note: the input files must be INSIDE the cwd. If you get strange looking\n // relative path errors here, most likely your path is outside the given cwd.\n const filtered = ignore()\n .add(ignores)\n .filter(absolute ? result.map(p => path.relative(cwd, p)) : result)\n return absolute ? filtered.map(p => path.resolve(cwd, p)) : filtered\n}\n\nfunction ignoreFileLinesToGlobPatterns(\n lines: string[],\n filepath: string,\n cwd: string\n): string[] {\n const base = path.relative(cwd, path.dirname(filepath)).replace(/\\\\/g, '/')\n const patterns = []\n for (let i = 0, { length } = lines; i < length; i += 1) {\n const pattern = lines[i]!.trim()\n if (pattern.length > 0 && pattern.charCodeAt(0) !== 35 /*'#'*/) {\n patterns.push(\n ignorePatternToMinimatch(\n pattern.length && pattern.charCodeAt(0) === 33 /*'!'*/\n ? `!${path.posix.join(base, pattern.slice(1))}`\n : path.posix.join(base, pattern)\n )\n )\n }\n }\n return patterns\n}\n\nfunction ignoreFileToGlobPatterns(\n content: string,\n filepath: string,\n cwd: string\n): string[] {\n return ignoreFileLinesToGlobPatterns(content.split(/\\r?\\n/), filepath, cwd)\n}\n\n// Based on `@eslint/compat` convertIgnorePatternToMinimatch.\n// Apache v2.0 licensed\n// Copyright Nicholas C. Zakas\n// https://github.com/eslint/rewrite/blob/compat-v1.2.1/packages/compat/src/ignore-file.js#L28\nfunction ignorePatternToMinimatch(pattern: string): string {\n const isNegated = pattern.startsWith('!')\n const negatedPrefix = isNegated ? '!' : ''\n const patternToTest = (isNegated ? pattern.slice(1) : pattern).trimEnd()\n // Special cases.\n if (\n patternToTest === '' ||\n patternToTest === '**' ||\n patternToTest === '/**' ||\n patternToTest === '**'\n ) {\n return `${negatedPrefix}${patternToTest}`\n }\n const firstIndexOfSlash = patternToTest.indexOf('/')\n const matchEverywherePrefix =\n firstIndexOfSlash === -1 || firstIndexOfSlash === patternToTest.length - 1\n ? '**/'\n : ''\n const patternWithoutLeadingSlash =\n firstIndexOfSlash === 0 ? patternToTest.slice(1) : patternToTest\n // Escape `{` and `(` because in gitignore patterns they are just\n // literal characters without any specific syntactic meaning,\n // while in minimatch patterns they can form brace expansion or extglob syntax.\n //\n // For example, gitignore pattern `src/{a,b}.js` ignores file `src/{a,b}.js`.\n // But, the same minimatch pattern `src/{a,b}.js` ignores files `src/a.js` and `src/b.js`.\n // Minimatch pattern `src/\\{a,b}.js` is equivalent to gitignore pattern `src/{a,b}.js`.\n const escapedPatternWithoutLeadingSlash =\n patternWithoutLeadingSlash.replaceAll(\n /(?=((?:\\\\.|[^{(])*))\\1([{(])/guy,\n '$1\\\\$2'\n )\n const matchInsideSuffix = patternToTest.endsWith('/**') ? '/*' : ''\n return `${negatedPrefix}${matchEverywherePrefix}${escapedPatternWithoutLeadingSlash}${matchInsideSuffix}`\n}\n\nfunction pathsToPatterns(paths: string[]): string[] {\n // TODO: Does not support `~/` paths.\n return paths.map(p => (p === '.' ? '**/*' : p))\n}\n\nexport function findBinPathDetailsSync(binName: string): {\n name: string\n path: string | undefined\n shadowed: boolean\n} {\n let shadowIndex = -1\n const bins =\n which.sync(binName, {\n all: true,\n nothrow: true\n }) ?? []\n let binPath: string | undefined\n for (let i = 0, { length } = bins; i < length; i += 1) {\n const bin = realpathSync.native(bins[i]!)\n // Skip our bin directory if it's in the front.\n if (path.dirname(bin) === shadowBinPath) {\n shadowIndex = i\n } else {\n binPath = bin\n break\n }\n }\n return { name: binName, path: binPath, shadowed: shadowIndex !== -1 }\n}\n\nexport function findNpmPathSync(npmBinPath: string): string | undefined {\n let thePath = npmBinPath\n while (true) {\n const nmPath = path.join(thePath, NODE_MODULES)\n if (\n // npm bin paths may look like:\n // /usr/local/share/npm/bin/npm\n // /Users/SomeUsername/.nvm/versions/node/vX.X.X/bin/npm\n // C:\\Users\\SomeUsername\\AppData\\Roaming\\npm\\bin\\npm.cmd\n // OR\n // C:\\Program Files\\nodejs\\npm.cmd\n //\n // In all cases the npm path contains a node_modules folder:\n // /usr/local/share/npm/bin/npm/node_modules\n // C:\\Program Files\\nodejs\\node_modules\n //\n // Use existsSync here because statsSync, even with { throwIfNoEntry: false },\n // will throw an ENOTDIR error for paths like ./a-file-that-exists/a-directory-that-does-not.\n // See https://github.com/nodejs/node/issues/56993.\n existsSync(nmPath) &&\n statSync(nmPath, { throwIfNoEntry: false })?.isDirectory() &&\n // Optimistically look for the default location.\n (path.basename(thePath) === NPM ||\n // Chocolatey installs npm bins in the same directory as node bins.\n // Lazily access constants.WIN32.\n (constants.WIN32 && existsSync(path.join(thePath, `${NPM}.cmd`))))\n ) {\n return thePath\n }\n const parent = path.dirname(thePath)\n if (parent === thePath) {\n return undefined\n }\n thePath = parent\n }\n}\n\nexport async function getPackageFiles(\n cwd: string,\n inputPaths: string[],\n config: SocketYml | undefined,\n supportedFiles: SocketSdkReturnType<'getReportSupportedFiles'>['data']\n): Promise<string[]> {\n debugLog(`Globbed resolving ${inputPaths.length} paths:`, inputPaths)\n\n const entries = await globWithGitIgnore(pathsToPatterns(inputPaths), {\n cwd,\n socketConfig: config\n })\n\n debugLog(\n `Globbed resolved ${inputPaths.length} paths to ${entries.length} paths:`,\n entries\n )\n\n const packageFiles = await filterGlobResultToSupportedFiles(\n entries,\n supportedFiles\n )\n\n debugLog(\n `Mapped ${entries.length} entries to ${packageFiles.length} files:`,\n packageFiles\n )\n\n return packageFiles\n}\n\nexport async function getPackageFilesFullScans(\n cwd: string,\n inputPaths: string[],\n supportedFiles: SocketSdkReturnType<'getReportSupportedFiles'>['data'],\n debugLog: typeof console.error = () => {}\n): Promise<string[]> {\n debugLog(`Globbed resolving ${inputPaths.length} paths:`, inputPaths)\n\n const entries = await globWithGitIgnore(pathsToPatterns(inputPaths), {\n cwd\n })\n\n debugLog(\n `Globbed resolved ${inputPaths.length} paths to ${entries.length} paths:`,\n entries\n )\n\n const packageFiles = await filterGlobResultToSupportedFiles(\n entries,\n supportedFiles\n )\n\n debugLog(\n `Mapped ${entries.length} entries to ${packageFiles.length} files:`,\n packageFiles\n )\n\n return packageFiles\n}\n","import { existsSync } from 'node:fs'\nimport Module from 'node:module'\nimport path from 'node:path'\nimport process from 'node:process'\n\nimport { normalizePath } from '@socketsecurity/registry/lib/path'\n\nimport constants from '../constants'\nimport { findBinPathDetailsSync, findNpmPathSync } from '../utils/path-resolve'\n\nconst { NODE_MODULES, NPM, NPX, SOCKET_CLI_ISSUES_URL } = constants\n\nfunction exitWithBinPathError(binName: string): never {\n console.error(\n `Socket unable to locate ${binName}; ensure it is available in the PATH environment variable.`\n )\n // The exit code 127 indicates that the command or binary being executed\n // could not be found.\n process.exit(127)\n}\n\nlet _npmBinPathDetails: ReturnType<typeof findBinPathDetailsSync> | undefined\nfunction getNpmBinPathDetails(): ReturnType<typeof findBinPathDetailsSync> {\n if (_npmBinPathDetails === undefined) {\n _npmBinPathDetails = findBinPathDetailsSync(NPM)\n }\n return _npmBinPathDetails\n}\n\nlet _npxBinPathDetails: ReturnType<typeof findBinPathDetailsSync> | undefined\nfunction getNpxBinPathDetails(): ReturnType<typeof findBinPathDetailsSync> {\n if (_npxBinPathDetails === undefined) {\n _npxBinPathDetails = findBinPathDetailsSync(NPX)\n }\n return _npxBinPathDetails\n}\n\nlet _npmBinPath: string | undefined\nexport function getNpmBinPath(): string {\n if (_npmBinPath === undefined) {\n _npmBinPath = getNpmBinPathDetails().path\n if (!_npmBinPath) {\n exitWithBinPathError(NPM)\n }\n }\n return _npmBinPath\n}\n\nexport function isNpmBinPathShadowed() {\n return getNpmBinPathDetails().shadowed\n}\n\nlet _npxBinPath: string | undefined\nexport function getNpxBinPath(): string {\n if (_npxBinPath === undefined) {\n _npxBinPath = getNpxBinPathDetails().path\n if (!_npxBinPath) {\n exitWithBinPathError(NPX)\n }\n }\n return _npxBinPath\n}\n\nexport function isNpxBinPathShadowed() {\n return getNpxBinPathDetails().shadowed\n}\n\nlet _npmPath: string | undefined\nexport function getNpmPath() {\n if (_npmPath === undefined) {\n const npmBinPath = getNpmBinPath()\n _npmPath = npmBinPath ? findNpmPathSync(npmBinPath) : undefined\n if (!_npmPath) {\n let message = 'Unable to find npm CLI install directory.'\n if (npmBinPath) {\n message += `\\nSearched parent directories of ${path.dirname(npmBinPath)}.`\n }\n message += `\\n\\nThis is may be a bug with socket-npm related to changes to the npm CLI.\\nPlease report to ${SOCKET_CLI_ISSUES_URL}.`\n console.error(message)\n // The exit code 127 indicates that the command or binary being executed\n // could not be found.\n process.exit(127)\n }\n }\n return _npmPath\n}\n\nlet _npmRequire: NodeJS.Require | undefined\nexport function getNpmRequire(): NodeJS.Require {\n if (_npmRequire === undefined) {\n const npmPath = getNpmPath()\n const npmNmPath = path.join(npmPath, NODE_MODULES, NPM)\n _npmRequire = Module.createRequire(\n path.join(existsSync(npmNmPath) ? npmNmPath : npmPath, '<dummy-basename>')\n )\n }\n return _npmRequire\n}\n\nlet _arboristPkgPath: string | undefined\nexport function getArboristPackagePath() {\n if (_arboristPkgPath === undefined) {\n const pkgName = '@npmcli/arborist'\n const mainPathWithForwardSlashes = normalizePath(\n getNpmRequire().resolve(pkgName)\n )\n const arboristPkgPathWithForwardSlashes = mainPathWithForwardSlashes.slice(\n 0,\n mainPathWithForwardSlashes.lastIndexOf(pkgName) + pkgName.length\n )\n // Lazily access constants.WIN32.\n _arboristPkgPath = constants.WIN32\n ? path.normalize(arboristPkgPathWithForwardSlashes)\n : arboristPkgPathWithForwardSlashes\n }\n return _arboristPkgPath\n}\n\nlet _arboristClassPath: string | undefined\nexport function getArboristClassPath() {\n if (_arboristClassPath === undefined) {\n _arboristClassPath = path.join(\n getArboristPackagePath(),\n 'lib/arborist/index.js'\n )\n }\n return _arboristClassPath\n}\n\nlet _arboristDepValidPath: string | undefined\nexport function getArboristDepValidPath() {\n if (_arboristDepValidPath === undefined) {\n _arboristDepValidPath = path.join(\n getArboristPackagePath(),\n 'lib/dep-valid.js'\n )\n }\n return _arboristDepValidPath\n}\n\nlet _arboristEdgeClassPath: string | undefined\nexport function getArboristEdgeClassPath() {\n if (_arboristEdgeClassPath === undefined) {\n _arboristEdgeClassPath = path.join(getArboristPackagePath(), 'lib/edge.js')\n }\n return _arboristEdgeClassPath\n}\n\nlet _arboristNodeClassPath: string | undefined\nexport function getArboristNodeClassPath() {\n if (_arboristNodeClassPath === undefined) {\n _arboristNodeClassPath = path.join(getArboristPackagePath(), 'lib/node.js')\n }\n return _arboristNodeClassPath\n}\n\nlet _arboristOverrideSetClassPath: string | undefined\nexport function getArboristOverrideSetClassPath() {\n if (_arboristOverrideSetClassPath === undefined) {\n _arboristOverrideSetClassPath = path.join(\n getArboristPackagePath(),\n 'lib/override-set.js'\n )\n }\n return _arboristOverrideSetClassPath\n}\n"],"names":["_logSymbols","__proto__","info","success","warning","error","constructor","shadowBinPath","cwd","absolute","expandDirectories","ignore","length","all","nothrow","shadowIndex","binPath","name","path","existsSync","throwIfNoEntry","constants","thePath","socketConfig","debugLog","SOCKET_CLI_ISSUES_URL","console","process","_npmBinPathDetails","_npxBinPathDetails","_npmBinPath","_npxBinPath","_arboristPkgPath"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;AAYA;AACO;;AAEHA;AAEMC;AACAC;AACAC;AACAC;AACAC;AACF;AAEEJ;AACAC;AACAC;AACAC;AACAC;;AAER;AACA;AACF;AAEO;AACL;AACAC;AACE;AACF;;AAGE;AACF;;AAGE;AACF;;AAGE;AACF;AACF;;;AChDO;AACL;AACA;AACF;AAEO;;;AAGL;AACF;;ACZA;AACE;AACA;AACA;AAAQ;AACR;AAAQ;AACR;AAAe;AACf;AAAe;AACf;AAAS;AACT;AAAoB;AACpB;AAAY;AACZ;AAAgB;AAChB;AACA;AACA;AAGF;AAEO;;AAEP;;ACCA;;;AAA2BC;AAAc;AAEzC;AAIE;AAEI;;AAMA;;AAIJ;AACF;AAEA;;AAKIC;;;AAGF;AAAgCP;;;AAChC;;AAEEQ;;AAEAC;AACF;AACA;AAqBA;AACA;AACED;;AAEAC;AACAC;;;;;AAKA;AACF;;AACQF;AAAS;;AAEjB;AACA;AACA;AAGA;AACF;AAEA;;;AAOE;AAAkBG;;;AAEhB;;AAQA;AACF;AACA;AACF;AAEA;AAKE;AACF;;AAEA;AACA;AACA;AACA;AACA;AACE;AACA;AACA;AACA;AACA;AAME;AACF;AACA;AACA;AAIA;AAEA;AACA;AACA;AACA;AACA;AACA;AACA;;;;AAQF;AAEA;AACE;AACA;AACF;AAEO;;AAML;AAEIC;AACAC;;AAEJ;AACA;AAAkBF;;;AAEhB;;AAEEG;AACF;AACEC;AACA;AACF;AACF;;AACSC;AAAeC;;;AAC1B;AAEO;;AAEL;;AAEE;AACE;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACAC;AACmBC;AAAsB;AACzC;AACCF;AACC;AACA;AACCG;AAEH;AACF;AACA;;AAEE;AACF;AACAC;AACF;AACF;AAEO;;;;AAUHC;AACF;AAEAC;;AAUAA;AAKA;AACF;AAEO;;;AASHhB;AACF;AAEAgB;;AAUAA;AAKA;AACF;;AC9RA;;;;AAAgCC;AAAsB;AAEtD;AACEC;AAGA;AACA;AACAC;AACF;AAEA;AACA;;AAEIC;AACF;AACA;AACF;AAEA;AACA;;AAEIC;AACF;AACA;AACF;AAEA;AACO;;AAEHC;;;AAGA;AACF;AACA;AACF;AAEO;AACL;AACF;AAEA;AACO;;AAEHC;;;AAGA;AACF;AACA;AACF;AAEO;AACL;AACF;AAEA;AACO;;AAEH;;;;AAIE;;AAEA;;AAEAL;AACA;AACA;AACAC;AACF;AACF;AACA;AACF;AAEA;AACO;;AAEH;;;AAKF;AACA;AACF;AAEA;AACO;;;AAGH;AAGA;AAIA;AACAK;AAGF;AACA;AACF;AAEA;AACO;;;AAML;AACA;AACF;AAEA;AACO;;;AAML;AACA;AACF;AAEA;AACO;;;AAGL;AACA;AACF;AAEA;AACO;;;AAGL;AACA;AACF;AAEA;AACO;;;AAML;AACA;AACF;;;;;;;;;;;;;;;;;","debugId":"86fc9821-b01f-4210-8d26-6d3ece42c533"}
1
+ {"version":3,"file":"npm-paths.js","sources":["../../src/utils/debug.ts","../../src/utils/ignore-by-default.ts","../../src/utils/path-resolve.ts","../../src/shadow/npm-paths.ts"],"sourcesContent":["import { logger } from '@socketsecurity/registry/lib/logger'\n\nimport constants from '../constants'\n\nexport function isDebug() {\n // Lazily access constants.ENV.\n return constants.ENV.SOCKET_CLI_DEBUG\n}\n\nexport function debugLog(...args: any[]) {\n if (isDebug()) {\n logger.info(...args)\n }\n}\n","const ignoredDirs = [\n // Taken from ignore-by-default:\n // https://github.com/novemberborn/ignore-by-default/blob/v2.1.0/index.js\n '.git', // Git repository files, see <https://git-scm.com/>\n '.log', // Log files emitted by tools such as `tsserver`, see <https://github.com/Microsoft/TypeScript/wiki/Standalone-Server-%28tsserver%29>\n '.nyc_output', // Temporary directory where nyc stores coverage data, see <https://github.com/bcoe/nyc>\n '.sass-cache', // Cache folder for node-sass, see <https://github.com/sass/node-sass>\n '.yarn', // Where node modules are installed when using Yarn, see <https://yarnpkg.com/>\n 'bower_components', // Where Bower packages are installed, see <http://bower.io/>\n 'coverage', // Standard output directory for code coverage reports, see <https://github.com/gotwarlost/istanbul>\n 'node_modules', // Where Node modules are installed, see <https://nodejs.org/>\n // Taken from globby:\n // https://github.com/sindresorhus/globby/blob/v14.0.2/ignore.js#L11-L16\n 'flow-typed'\n] as const\n\nconst ignoredDirPatterns = ignoredDirs.map(i => `**/${i}`)\n\nexport function directoryPatterns() {\n return [...ignoredDirPatterns]\n}\n","import { existsSync, promises as fs, realpathSync, statSync } from 'node:fs'\nimport path from 'node:path'\nimport process from 'node:process'\n\nimport ignore from 'ignore'\nimport micromatch from 'micromatch'\nimport { glob as tinyGlob } from 'tinyglobby'\nimport which from 'which'\n\nimport { debugLog } from './debug'\nimport { directoryPatterns } from './ignore-by-default'\nimport constants from '../constants'\n\nimport type { SocketYml } from '@socketsecurity/config'\nimport type { SocketSdkReturnType } from '@socketsecurity/sdk'\nimport type { GlobOptions } from 'tinyglobby'\n\ntype GlobWithGitIgnoreOptions = GlobOptions & {\n socketConfig?: SocketYml | undefined\n}\n\nconst { NODE_MODULES, NPM, shadowBinPath } = constants\n\nasync function filterGlobResultToSupportedFiles(\n entries: string[],\n supportedFiles: SocketSdkReturnType<'getReportSupportedFiles'>['data']\n): Promise<string[]> {\n const patterns = ['golang', NPM, 'maven', 'pypi'].reduce(\n (r: string[], n: string) => {\n const supported = supportedFiles[n]\n r.push(\n ...(supported\n ? Object.values(supported).map(p => `**/${p.pattern}`)\n : [])\n )\n return r\n },\n []\n )\n return entries.filter(p => micromatch.some(p, patterns))\n}\n\nasync function globWithGitIgnore(\n patterns: string[],\n options: GlobWithGitIgnoreOptions\n) {\n const {\n cwd = process.cwd(),\n socketConfig,\n ...additionalOptions\n } = <GlobWithGitIgnoreOptions>{ __proto__: null, ...options }\n const projectIgnorePaths = socketConfig?.projectIgnorePaths\n const ignoreFiles = await tinyGlob(['**/.gitignore'], {\n absolute: true,\n cwd,\n expandDirectories: true\n })\n const ignores = [\n ...directoryPatterns(),\n ...(Array.isArray(projectIgnorePaths)\n ? ignoreFileLinesToGlobPatterns(\n projectIgnorePaths,\n path.join(cwd, '.gitignore'),\n cwd\n )\n : []),\n ...(\n await Promise.all(\n ignoreFiles.map(async filepath =>\n ignoreFileToGlobPatterns(\n await fs.readFile(filepath, 'utf8'),\n filepath,\n cwd\n )\n )\n )\n ).flat()\n ]\n const hasNegatedPattern = ignores.some(p => p.charCodeAt(0) === 33 /*'!'*/)\n const globOptions = {\n absolute: true,\n cwd,\n expandDirectories: false,\n ignore: hasNegatedPattern ? [] : ignores,\n ...additionalOptions\n }\n const result = await tinyGlob(patterns, globOptions)\n if (!hasNegatedPattern) {\n return result\n }\n const { absolute } = globOptions\n\n // Note: the input files must be INSIDE the cwd. If you get strange looking\n // relative path errors here, most likely your path is outside the given cwd.\n const filtered = ignore()\n .add(ignores)\n .filter(absolute ? result.map(p => path.relative(cwd, p)) : result)\n return absolute ? filtered.map(p => path.resolve(cwd, p)) : filtered\n}\n\nfunction ignoreFileLinesToGlobPatterns(\n lines: string[],\n filepath: string,\n cwd: string\n): string[] {\n const base = path.relative(cwd, path.dirname(filepath)).replace(/\\\\/g, '/')\n const patterns = []\n for (let i = 0, { length } = lines; i < length; i += 1) {\n const pattern = lines[i]!.trim()\n if (pattern.length > 0 && pattern.charCodeAt(0) !== 35 /*'#'*/) {\n patterns.push(\n ignorePatternToMinimatch(\n pattern.length && pattern.charCodeAt(0) === 33 /*'!'*/\n ? `!${path.posix.join(base, pattern.slice(1))}`\n : path.posix.join(base, pattern)\n )\n )\n }\n }\n return patterns\n}\n\nfunction ignoreFileToGlobPatterns(\n content: string,\n filepath: string,\n cwd: string\n): string[] {\n return ignoreFileLinesToGlobPatterns(content.split(/\\r?\\n/), filepath, cwd)\n}\n\n// Based on `@eslint/compat` convertIgnorePatternToMinimatch.\n// Apache v2.0 licensed\n// Copyright Nicholas C. Zakas\n// https://github.com/eslint/rewrite/blob/compat-v1.2.1/packages/compat/src/ignore-file.js#L28\nfunction ignorePatternToMinimatch(pattern: string): string {\n const isNegated = pattern.startsWith('!')\n const negatedPrefix = isNegated ? '!' : ''\n const patternToTest = (isNegated ? pattern.slice(1) : pattern).trimEnd()\n // Special cases.\n if (\n patternToTest === '' ||\n patternToTest === '**' ||\n patternToTest === '/**' ||\n patternToTest === '**'\n ) {\n return `${negatedPrefix}${patternToTest}`\n }\n const firstIndexOfSlash = patternToTest.indexOf('/')\n const matchEverywherePrefix =\n firstIndexOfSlash === -1 || firstIndexOfSlash === patternToTest.length - 1\n ? '**/'\n : ''\n const patternWithoutLeadingSlash =\n firstIndexOfSlash === 0 ? patternToTest.slice(1) : patternToTest\n // Escape `{` and `(` because in gitignore patterns they are just\n // literal characters without any specific syntactic meaning,\n // while in minimatch patterns they can form brace expansion or extglob syntax.\n //\n // For example, gitignore pattern `src/{a,b}.js` ignores file `src/{a,b}.js`.\n // But, the same minimatch pattern `src/{a,b}.js` ignores files `src/a.js` and `src/b.js`.\n // Minimatch pattern `src/\\{a,b}.js` is equivalent to gitignore pattern `src/{a,b}.js`.\n const escapedPatternWithoutLeadingSlash =\n patternWithoutLeadingSlash.replaceAll(\n /(?=((?:\\\\.|[^{(])*))\\1([{(])/guy,\n '$1\\\\$2'\n )\n const matchInsideSuffix = patternToTest.endsWith('/**') ? '/*' : ''\n return `${negatedPrefix}${matchEverywherePrefix}${escapedPatternWithoutLeadingSlash}${matchInsideSuffix}`\n}\n\nfunction pathsToPatterns(paths: string[]): string[] {\n // TODO: Does not support `~/` paths.\n return paths.map(p => (p === '.' ? '**/*' : p))\n}\n\nexport function findBinPathDetailsSync(binName: string): {\n name: string\n path: string | undefined\n shadowed: boolean\n} {\n let shadowIndex = -1\n const bins =\n which.sync(binName, {\n all: true,\n nothrow: true\n }) ?? []\n let binPath: string | undefined\n for (let i = 0, { length } = bins; i < length; i += 1) {\n const bin = realpathSync.native(bins[i]!)\n // Skip our bin directory if it's in the front.\n if (path.dirname(bin) === shadowBinPath) {\n shadowIndex = i\n } else {\n binPath = bin\n break\n }\n }\n return { name: binName, path: binPath, shadowed: shadowIndex !== -1 }\n}\n\nexport function findNpmPathSync(npmBinPath: string): string | undefined {\n let thePath = npmBinPath\n while (true) {\n const nmPath = path.join(thePath, NODE_MODULES)\n if (\n // npm bin paths may look like:\n // /usr/local/share/npm/bin/npm\n // /Users/SomeUsername/.nvm/versions/node/vX.X.X/bin/npm\n // C:\\Users\\SomeUsername\\AppData\\Roaming\\npm\\bin\\npm.cmd\n // OR\n // C:\\Program Files\\nodejs\\npm.cmd\n //\n // In all cases the npm path contains a node_modules folder:\n // /usr/local/share/npm/bin/npm/node_modules\n // C:\\Program Files\\nodejs\\node_modules\n //\n // Use existsSync here because statsSync, even with { throwIfNoEntry: false },\n // will throw an ENOTDIR error for paths like ./a-file-that-exists/a-directory-that-does-not.\n // See https://github.com/nodejs/node/issues/56993.\n existsSync(nmPath) &&\n statSync(nmPath, { throwIfNoEntry: false })?.isDirectory() &&\n // Optimistically look for the default location.\n (path.basename(thePath) === NPM ||\n // Chocolatey installs npm bins in the same directory as node bins.\n // Lazily access constants.WIN32.\n (constants.WIN32 && existsSync(path.join(thePath, `${NPM}.cmd`))))\n ) {\n return thePath\n }\n const parent = path.dirname(thePath)\n if (parent === thePath) {\n return undefined\n }\n thePath = parent\n }\n}\n\nexport async function getPackageFiles(\n cwd: string,\n inputPaths: string[],\n config: SocketYml | undefined,\n supportedFiles: SocketSdkReturnType<'getReportSupportedFiles'>['data']\n): Promise<string[]> {\n debugLog(`Globbed resolving ${inputPaths.length} paths:`, inputPaths)\n\n const entries = await globWithGitIgnore(pathsToPatterns(inputPaths), {\n cwd,\n socketConfig: config\n })\n\n debugLog(\n `Globbed resolved ${inputPaths.length} paths to ${entries.length} paths:`,\n entries\n )\n\n const packageFiles = await filterGlobResultToSupportedFiles(\n entries,\n supportedFiles\n )\n\n debugLog(\n `Mapped ${entries.length} entries to ${packageFiles.length} files:`,\n packageFiles\n )\n\n return packageFiles\n}\n\nexport async function getPackageFilesFullScans(\n cwd: string,\n inputPaths: string[],\n supportedFiles: SocketSdkReturnType<'getReportSupportedFiles'>['data'],\n debugLog: typeof console.error = () => {}\n): Promise<string[]> {\n debugLog(`Globbed resolving ${inputPaths.length} paths:`, inputPaths)\n\n const entries = await globWithGitIgnore(pathsToPatterns(inputPaths), {\n cwd\n })\n\n debugLog(\n `Globbed resolved ${inputPaths.length} paths to ${entries.length} paths:`,\n entries\n )\n\n const packageFiles = await filterGlobResultToSupportedFiles(\n entries,\n supportedFiles\n )\n\n debugLog(\n `Mapped ${entries.length} entries to ${packageFiles.length} files:`,\n packageFiles\n )\n\n return packageFiles\n}\n","import { existsSync } from 'node:fs'\nimport Module from 'node:module'\nimport path from 'node:path'\nimport process from 'node:process'\n\nimport { normalizePath } from '@socketsecurity/registry/lib/path'\n\nimport constants from '../constants'\nimport { findBinPathDetailsSync, findNpmPathSync } from '../utils/path-resolve'\n\nconst { NODE_MODULES, NPM, NPX, SOCKET_CLI_ISSUES_URL } = constants\n\nfunction exitWithBinPathError(binName: string): never {\n console.error(\n `Socket unable to locate ${binName}; ensure it is available in the PATH environment variable.`\n )\n // The exit code 127 indicates that the command or binary being executed\n // could not be found.\n process.exit(127)\n}\n\nlet _npmBinPathDetails: ReturnType<typeof findBinPathDetailsSync> | undefined\nfunction getNpmBinPathDetails(): ReturnType<typeof findBinPathDetailsSync> {\n if (_npmBinPathDetails === undefined) {\n _npmBinPathDetails = findBinPathDetailsSync(NPM)\n }\n return _npmBinPathDetails\n}\n\nlet _npxBinPathDetails: ReturnType<typeof findBinPathDetailsSync> | undefined\nfunction getNpxBinPathDetails(): ReturnType<typeof findBinPathDetailsSync> {\n if (_npxBinPathDetails === undefined) {\n _npxBinPathDetails = findBinPathDetailsSync(NPX)\n }\n return _npxBinPathDetails\n}\n\nlet _npmBinPath: string | undefined\nexport function getNpmBinPath(): string {\n if (_npmBinPath === undefined) {\n _npmBinPath = getNpmBinPathDetails().path\n if (!_npmBinPath) {\n exitWithBinPathError(NPM)\n }\n }\n return _npmBinPath\n}\n\nexport function isNpmBinPathShadowed() {\n return getNpmBinPathDetails().shadowed\n}\n\nlet _npxBinPath: string | undefined\nexport function getNpxBinPath(): string {\n if (_npxBinPath === undefined) {\n _npxBinPath = getNpxBinPathDetails().path\n if (!_npxBinPath) {\n exitWithBinPathError(NPX)\n }\n }\n return _npxBinPath\n}\n\nexport function isNpxBinPathShadowed() {\n return getNpxBinPathDetails().shadowed\n}\n\nlet _npmPath: string | undefined\nexport function getNpmPath() {\n if (_npmPath === undefined) {\n const npmBinPath = getNpmBinPath()\n _npmPath = npmBinPath ? findNpmPathSync(npmBinPath) : undefined\n if (!_npmPath) {\n let message = 'Unable to find npm CLI install directory.'\n if (npmBinPath) {\n message += `\\nSearched parent directories of ${path.dirname(npmBinPath)}.`\n }\n message += `\\n\\nThis is may be a bug with socket-npm related to changes to the npm CLI.\\nPlease report to ${SOCKET_CLI_ISSUES_URL}.`\n console.error(message)\n // The exit code 127 indicates that the command or binary being executed\n // could not be found.\n process.exit(127)\n }\n }\n return _npmPath\n}\n\nlet _npmRequire: NodeJS.Require | undefined\nexport function getNpmRequire(): NodeJS.Require {\n if (_npmRequire === undefined) {\n const npmPath = getNpmPath()\n const npmNmPath = path.join(npmPath, NODE_MODULES, NPM)\n _npmRequire = Module.createRequire(\n path.join(existsSync(npmNmPath) ? npmNmPath : npmPath, '<dummy-basename>')\n )\n }\n return _npmRequire\n}\n\nlet _arboristPkgPath: string | undefined\nexport function getArboristPackagePath() {\n if (_arboristPkgPath === undefined) {\n const pkgName = '@npmcli/arborist'\n const mainPathWithForwardSlashes = normalizePath(\n getNpmRequire().resolve(pkgName)\n )\n const arboristPkgPathWithForwardSlashes = mainPathWithForwardSlashes.slice(\n 0,\n mainPathWithForwardSlashes.lastIndexOf(pkgName) + pkgName.length\n )\n // Lazily access constants.WIN32.\n _arboristPkgPath = constants.WIN32\n ? path.normalize(arboristPkgPathWithForwardSlashes)\n : arboristPkgPathWithForwardSlashes\n }\n return _arboristPkgPath\n}\n\nlet _arboristClassPath: string | undefined\nexport function getArboristClassPath() {\n if (_arboristClassPath === undefined) {\n _arboristClassPath = path.join(\n getArboristPackagePath(),\n 'lib/arborist/index.js'\n )\n }\n return _arboristClassPath\n}\n\nlet _arboristDepValidPath: string | undefined\nexport function getArboristDepValidPath() {\n if (_arboristDepValidPath === undefined) {\n _arboristDepValidPath = path.join(\n getArboristPackagePath(),\n 'lib/dep-valid.js'\n )\n }\n return _arboristDepValidPath\n}\n\nlet _arboristEdgeClassPath: string | undefined\nexport function getArboristEdgeClassPath() {\n if (_arboristEdgeClassPath === undefined) {\n _arboristEdgeClassPath = path.join(getArboristPackagePath(), 'lib/edge.js')\n }\n return _arboristEdgeClassPath\n}\n\nlet _arboristNodeClassPath: string | undefined\nexport function getArboristNodeClassPath() {\n if (_arboristNodeClassPath === undefined) {\n _arboristNodeClassPath = path.join(getArboristPackagePath(), 'lib/node.js')\n }\n return _arboristNodeClassPath\n}\n\nlet _arboristOverrideSetClassPath: string | undefined\nexport function getArboristOverrideSetClassPath() {\n if (_arboristOverrideSetClassPath === undefined) {\n _arboristOverrideSetClassPath = path.join(\n getArboristPackagePath(),\n 'lib/override-set.js'\n )\n }\n return _arboristOverrideSetClassPath\n}\n"],"names":["logger","shadowBinPath","cwd","__proto__","absolute","expandDirectories","ignore","length","all","nothrow","shadowIndex","binPath","name","path","existsSync","throwIfNoEntry","constants","thePath","socketConfig","debugLog","SOCKET_CLI_ISSUES_URL","console","process","_npmBinPathDetails","_npxBinPathDetails","_npmBinPath","_npxBinPath","_arboristPkgPath"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;AAIO;AACL;AACA;AACF;AAEO;;AAEHA;AACF;AACF;;ACbA;AACE;AACA;AACA;AAAQ;AACR;AAAQ;AACR;AAAe;AACf;AAAe;AACf;AAAS;AACT;AAAoB;AACpB;AAAY;AACZ;AAAgB;AAChB;AACA;AACA;AAGF;AAEO;;AAEP;;ACCA;;;AAA2BC;AAAc;AAEzC;AAIE;AAEI;;AAMA;;AAIJ;AACF;AAEA;;AAKIC;;;AAGF;AAAgCC;;;AAChC;;AAEEC;;AAEAC;AACF;AACA;AAqBA;AACA;AACED;;AAEAC;AACAC;;;;;AAKA;AACF;;AACQF;AAAS;;AAEjB;AACA;AACA;AAGA;AACF;AAEA;;;AAOE;AAAkBG;;;AAEhB;;AAQA;AACF;AACA;AACF;AAEA;AAKE;AACF;;AAEA;AACA;AACA;AACA;AACA;AACE;AACA;AACA;AACA;AACA;AAME;AACF;AACA;AACA;AAIA;AAEA;AACA;AACA;AACA;AACA;AACA;AACA;;;;AAQF;AAEA;AACE;AACA;AACF;AAEO;;AAML;AAEIC;AACAC;;AAEJ;AACA;AAAkBF;;;AAEhB;;AAEEG;AACF;AACEC;AACA;AACF;AACF;;AACSC;AAAeC;;;AAC1B;AAEO;;AAEL;;AAEE;AACE;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACAC;AACmBC;AAAsB;AACzC;AACCF;AACC;AACA;AACCG;AAEH;AACF;AACA;;AAEE;AACF;AACAC;AACF;AACF;AAEO;;;;AAUHC;AACF;AAEAC;;AAUAA;AAKA;AACF;AAEO;;;AASHjB;AACF;AAEAiB;;AAUAA;AAKA;AACF;;AC9RA;;;;AAAgCC;AAAsB;AAEtD;AACEC;AAGA;AACA;AACAC;AACF;AAEA;AACA;;AAEIC;AACF;AACA;AACF;AAEA;AACA;;AAEIC;AACF;AACA;AACF;AAEA;AACO;;AAEHC;;;AAGA;AACF;AACA;AACF;AAEO;AACL;AACF;AAEA;AACO;;AAEHC;;;AAGA;AACF;AACA;AACF;AAEO;AACL;AACF;AAEA;AACO;;AAEH;;;;AAIE;;AAEA;;AAEAL;AACA;AACA;AACAC;AACF;AACF;AACA;AACF;AAEA;AACO;;AAEH;;;AAKF;AACA;AACF;AAEA;AACO;;;AAGH;AAGA;AAIA;AACAK;AAGF;AACA;AACF;AAEA;AACO;;;AAML;AACA;AACF;AAEA;AACO;;;AAML;AACA;AACF;AAEA;AACO;;;AAGL;AACA;AACF;AAEA;AACO;;;AAGL;AACA;AACF;AAEA;AACO;;;AAML;AACA;AACF;;;;;;;;;;;;;;;","debugId":"b3405284-ab08-4403-9b26-5aa765a53b0e"}
package/dist/require/cli.js CHANGED
@@ -15,6 +15,7 @@ var require$$0 = require('node:url');
15
15
  var ponyCause = _socketInterop(require('pony-cause'));
16
16
  var vendor = require('./vendor.js');
17
17
  var colors = _socketInterop(require('yoctocolors-cjs'));
18
+ var logger = require('@socketsecurity/registry/lib/logger');
18
19
  var micromatch = _socketInterop(require('micromatch'));
19
20
  var simpleGit = _socketInterop(require('simple-git'));
20
21
  var sdk = require('@socketsecurity/sdk');
@@ -1514,7 +1515,7 @@ function meowOrExit({
1514
1515
  }
1515
1516
  function getAsciiHeader(command) {
1516
1517
  const cliVersion = // The '@rollup/plugin-replace' will replace "process.env['SOCKET_CLI_VERSION_HASH']".
1517
- "0.14.50:c8e152a:9126d091:pub";
1518
+ "0.14.51:8252840:e7069cc4:pub";
1518
1519
  const nodeVersion = process.version;
1519
1520
  const apiToken = index.getSetting('apiToken');
1520
1521
  const shownToken = apiToken ? getLastFiveOfApiToken(apiToken) : 'no';
@@ -2334,10 +2335,8 @@ async function getDiffScan({
2334
2335
  orgSlug,
2335
2336
  outputJson
2336
2337
  }, apiToken) {
2337
- const spinnerText = 'Getting diff scan... \n';
2338
- const spinner$1 = new spinner.Spinner({
2339
- text: spinnerText
2340
- }).start();
2338
+ const spinner$1 = new spinner.Spinner();
2339
+ spinner$1.start('Getting diff scan...');
2341
2340
  const response = await queryAPI(`${orgSlug}/full-scans/diff?before=${before}&after=${after}&preview`, apiToken);
2342
2341
  const data = await response.json();
2343
2342
  if (!response.ok) {
@@ -2514,9 +2513,7 @@ async function runFix() {
2514
2513
  const tree = arb.idealTree;
2515
2514
  const hasUpgrade = !!registry.getManifestData(NPM$d, name);
2516
2515
  if (hasUpgrade) {
2517
- spinner$1.stop();
2518
- console.log(`Skipping ${name}. Socket Optimize package exists.`);
2519
- spinner$1.start();
2516
+ spinner$1.info(`Skipping ${name}. Socket Optimize package exists.`);
2520
2517
  continue;
2521
2518
  }
2522
2519
  const nodes = index.findPackageNodes(tree, name);
@@ -2542,10 +2539,10 @@ async function runFix() {
2542
2539
  try {
2543
2540
  // eslint-disable-next-line no-await-in-loop
2544
2541
  await npm.runScript('test', [], {
2545
- stdio: 'pipe'
2542
+ spinner: spinner$1,
2543
+ stdio: 'ignore'
2546
2544
  });
2547
2545
  spinner$1.info(`Patched ${name} ${oldVersion} -> ${node.version}`);
2548
- spinner$1.start();
2549
2546
  if (isTopLevel(tree, node)) {
2550
2547
  for (const depField of ['dependencies', 'optionalDependencies', 'peerDependencies']) {
2551
2548
  const oldVersion = editablePkgJson.content[depField]?.[name];
@@ -2558,14 +2555,11 @@ async function runFix() {
2558
2555
  // eslint-disable-next-line no-await-in-loop
2559
2556
  await editablePkgJson.save();
2560
2557
  } catch {
2561
- spinner$1.errorAndStop(`Reverting ${name} to ${oldVersion}`);
2562
- spinner$1.start();
2558
+ spinner$1.error(`Reverting ${name} to ${oldVersion}`);
2563
2559
  arb.idealTree = revertToIdealTree;
2564
2560
  }
2565
2561
  } else {
2566
- spinner$1.stop();
2567
- console.log(`Could not patch ${name} ${oldVersion}`);
2568
- spinner$1.start();
2562
+ spinner$1.error(`Could not patch ${name} ${oldVersion}`);
2569
2563
  }
2570
2564
  }
2571
2565
  }
@@ -2906,9 +2900,8 @@ async function attemptLogin(apiBaseUrl, apiProxy) {
2906
2900
  })) || SOCKET_PUBLIC_API_TOKEN;
2907
2901
  apiBaseUrl ??= index.getSetting('apiBaseUrl') ?? undefined;
2908
2902
  apiProxy ??= index.getSetting('apiProxy') ?? undefined;
2909
- const spinner$1 = new spinner.Spinner({
2910
- text: 'Verifying API key...'
2911
- }).start();
2903
+ const spinner$1 = new spinner.Spinner();
2904
+ spinner$1.start('Verifying API key...');
2912
2905
  let orgs;
2913
2906
  try {
2914
2907
  const sdk = await index.setupSdk(apiToken, apiBaseUrl, apiProxy);
@@ -2935,6 +2928,8 @@ async function attemptLogin(apiBaseUrl, apiProxy) {
2935
2928
  value: '',
2936
2929
  description: 'Pick "None" if this is a personal device'
2937
2930
  })
2931
+ }, {
2932
+ spinner: spinner$1
2938
2933
  });
2939
2934
  if (id) {
2940
2935
  enforcedOrgs = [id];
@@ -2943,6 +2938,8 @@ async function attemptLogin(apiBaseUrl, apiProxy) {
2943
2938
  const confirmOrg = await prompts.confirm({
2944
2939
  message: `Should Socket enforce ${enforcedChoices[0]?.name}'s security policies system-wide?`,
2945
2940
  default: true
2941
+ }, {
2942
+ spinner: spinner$1
2946
2943
  });
2947
2944
  if (confirmOrg) {
2948
2945
  const existing = enforcedChoices[0];
@@ -3024,9 +3021,9 @@ function applyLogout() {
3024
3021
  function attemptLogout() {
3025
3022
  try {
3026
3023
  applyLogout();
3027
- new spinner.Spinner().success('Successfully logged out');
3024
+ logger.logger.success('Successfully logged out');
3028
3025
  } catch {
3029
- new spinner.Spinner().success('Failed to complete logout steps');
3026
+ logger.logger.error('Failed to complete logout steps');
3030
3027
  }
3031
3028
  }
3032
3029
 
@@ -3093,12 +3090,11 @@ async function convertGradleToMaven(target, bin, _out, verbose, gradleOpts) {
3093
3090
  const initLocation = path.join(constants.rootDistPath, 'init.gradle');
3094
3091
  const commandArgs = ['--init-script', initLocation, ...gradleOpts, 'pom'];
3095
3092
  if (verbose) {
3096
- console.log('\n[VERBOSE] Executing:', bin, commandArgs);
3093
+ spinner$1.log('[VERBOSE] Executing:', bin, commandArgs);
3097
3094
  }
3098
3095
  const output = await spawn(bin, commandArgs, {
3099
3096
  cwd: target || '.'
3100
3097
  });
3101
- spinner$1.stop();
3102
3098
  if (verbose) {
3103
3099
  console.group('[VERBOSE] gradle stdout:');
3104
3100
  console.log(output);
@@ -3114,7 +3110,6 @@ async function convertGradleToMaven(target, bin, _out, verbose, gradleOpts) {
3114
3110
  }
3115
3111
  process.exit(1);
3116
3112
  }
3117
- spinner$1.start();
3118
3113
  spinner$1.successAndStop('Executed gradle successfully');
3119
3114
  console.log('Reported exports:');
3120
3115
  output.stdout.replace(/^POM file copied to: (.*)/gm, (_all, fn) => {
@@ -3124,7 +3119,7 @@ async function convertGradleToMaven(target, bin, _out, verbose, gradleOpts) {
3124
3119
 
3125
3120
  // const loc = output.stdout?.match(/Wrote (.*?.pom)\n/)?.[1]?.trim()
3126
3121
  // if (!loc) {
3127
- // spinner.errorAndStop(
3122
+ // console.error(
3128
3123
  // 'There were no errors from sbt but could not find the location of resulting .pom file either'
3129
3124
  // )
3130
3125
  // process.exit(1)
@@ -3132,22 +3127,22 @@ async function convertGradleToMaven(target, bin, _out, verbose, gradleOpts) {
3132
3127
  //
3133
3128
  // // Move the pom file to ...? initial cwd? loc will be an absolute path, or dump to stdout
3134
3129
  // if (out === '-') {
3135
- // spinner.start('Result:\n```').success()
3130
+ // spinner.start('Result:\n```')
3136
3131
  // console.log(await safeReadFile(loc, 'utf8'))
3137
3132
  // console.log('```')
3138
- // spinner.start().success(`OK`)
3133
+ // spinner.successAndStop(`OK`)
3139
3134
  // } else {
3135
+ // spinner.start()
3140
3136
  // if (verbose) {
3141
- // spinner.start(
3137
+ // spinner.log(
3142
3138
  // `Moving manifest file from \`${loc.replace(/^\/home\/[^/]*?\//, '~/')}\` to \`${out}\``
3143
3139
  // )
3144
3140
  // } else {
3145
- // spinner.start('Moving output pom file')
3141
+ // spinner.log('Moving output pom file')
3146
3142
  // }
3147
3143
  // // TODO: do we prefer fs-extra? renaming can be gnarly on windows and fs-extra's version is better
3148
3144
  // await renamep(loc, out)
3149
- // spinner.successAndStop()
3150
- // spinner.start().success(`OK. File should be available in \`${out}\``)
3145
+ // spinner.successAndStop(`OK. File should be available in \`${out}\``)
3151
3146
  // }
3152
3147
  } catch (e) {
3153
3148
  spinner$1.errorAndStop('There was an unexpected error while running this' + (verbose ? '' : ' (use --verbose for details)'));
@@ -3318,22 +3313,22 @@ async function convertSbtToMaven(target, bin, out, verbose, sbtOpts) {
3318
3313
  const spinner$1 = new spinner.Spinner();
3319
3314
  spinner$1.start(`Converting sbt to maven from \`${bin}\` on \`${target}\`...`);
3320
3315
  try {
3321
- // Run sbt with the init script we provide which should yield zero or more pom files.
3322
- // We have to figure out where to store those pom files such that we can upload them and predict them through the GitHub API.
3323
- // We could do a .socket folder. We could do a socket.pom.gz with all the poms, although I'd prefer something plain-text if it is to be committed.
3324
-
3316
+ // Run sbt with the init script we provide which should yield zero or more
3317
+ // pom files. We have to figure out where to store those pom files such that
3318
+ // we can upload them and predict them through the GitHub API. We could do a
3319
+ // .socket folder. We could do a socket.pom.gz with all the poms, although
3320
+ // I'd prefer something plain-text if it is to be committed.
3325
3321
  const output = await spawn(bin, ['makePom'].concat(sbtOpts), {
3326
3322
  cwd: target || '.'
3327
3323
  });
3328
- spinner$1.successAndStop();
3324
+ spinner$1.stop();
3329
3325
  if (verbose) {
3330
3326
  console.group('[VERBOSE] sbt stdout:');
3331
3327
  console.log(output);
3332
3328
  console.groupEnd();
3333
3329
  }
3334
3330
  if (output.stderr) {
3335
- spinner$1.start();
3336
- spinner$1.errorAndStop('There were errors while running sbt');
3331
+ logger.logger.error('There were errors while running sbt');
3337
3332
  // (In verbose mode, stderr was printed above, no need to repeat it)
3338
3333
  if (!verbose) {
3339
3334
  console.group('[VERBOSE] stderr:');
@@ -3348,36 +3343,35 @@ async function convertSbtToMaven(target, bin, out, verbose, sbtOpts) {
3348
3343
  return fn;
3349
3344
  });
3350
3345
  if (!poms.length) {
3351
- spinner$1.errorAndStop('There were no errors from sbt but it seems to not have generated any poms either');
3346
+ logger.logger.error('There were no errors from sbt but it seems to not have generated any poms either');
3352
3347
  process.exit(1);
3353
3348
  }
3354
-
3355
3349
  // Move the pom file to ...? initial cwd? loc will be an absolute path, or dump to stdout
3356
3350
  // TODO: what to do with multiple output files? Do we want to dump them to stdout? Raw or with separators or ?
3357
3351
  // TODO: maybe we can add an option to target a specific file to dump to stdout
3358
3352
  if (out === '-' && poms.length === 1) {
3359
- spinner$1.start('Result:\n```').success();
3353
+ logger.logger.log('Result:\n```');
3360
3354
  console.log(await index.safeReadFile(poms[0], 'utf8'));
3361
- console.log('```');
3362
- spinner$1.start().success(`OK`);
3355
+ logger.logger.log('```');
3356
+ logger.logger.success(`OK`);
3363
3357
  } else if (out === '-') {
3364
- spinner$1.start().error('Requested out target was stdout but there are multiple generated files');
3358
+ logger.logger.error('Requested out target was stdout but there are multiple generated files');
3365
3359
  poms.forEach(fn => console.error('-', fn));
3366
3360
  console.error('Exiting now...');
3367
3361
  process.exit(1);
3368
3362
  } else {
3369
3363
  // if (verbose) {
3370
- // spinner.start(
3364
+ // console.log(
3371
3365
  // `Moving manifest file from \`${loc.replace(/^\/home\/[^/]*?\//, '~/')}\` to \`${out}\``
3372
3366
  // )
3373
3367
  // } else {
3374
- // spinner.start('Moving output pom file')
3368
+ // console.log('Moving output pom file')
3375
3369
  // }
3376
3370
  // TODO: do we prefer fs-extra? renaming can be gnarly on windows and fs-extra's version is better
3377
3371
  // await renamep(loc, out)
3378
- spinner$1.start().success(`Generated ${poms.length} pom files`);
3372
+ logger.logger.success(`Generated ${poms.length} pom files`);
3379
3373
  poms.forEach(fn => console.log('-', fn));
3380
- spinner$1.start().success(`OK`);
3374
+ logger.logger.success(`OK`);
3381
3375
  }
3382
3376
  } catch (e) {
3383
3377
  spinner$1.errorAndStop('There was an unexpected error while running this' + (verbose ? '' : ' (use --verbose for details)'));
@@ -4802,9 +4796,7 @@ async function addOverrides(pkgPath, pkgEnvDetails, options) {
4802
4796
  } else {
4803
4797
  overridesDataObjects.push(overridesDataByAgent.get(NPM$1)(pkgJson), overridesDataByAgent.get(YARN_CLASSIC)(pkgJson));
4804
4798
  }
4805
- if (spinner) {
4806
- spinner.text = `Adding overrides${workspaceName ? ` to ${workspaceName}` : ''}...`;
4807
- }
4799
+ spinner?.setText(`Adding overrides${workspaceName ? ` to ${workspaceName}` : ''}...`);
4808
4800
  const depAliasMap = new Map();
4809
4801
  const nodeRange = `>=${pkgEnvDetails.minimumNodeVersion}`;
4810
4802
  const manifestEntries = manifestNpmOverrides.filter(({
@@ -4981,9 +4973,8 @@ async function getOrganization(format = 'text') {
4981
4973
  await printOrganizationsFromToken(apiToken, format);
4982
4974
  }
4983
4975
  async function printOrganizationsFromToken(apiToken, format = 'text') {
4984
- const spinner$1 = new spinner.Spinner({
4985
- text: 'Fetching organizations...'
4986
- }).start();
4976
+ const spinner$1 = new spinner.Spinner();
4977
+ spinner$1.start('Fetching organizations...');
4987
4978
  const socketSdk = await index.setupSdk(apiToken);
4988
4979
  const result = await handleApiCall(socketSdk.getOrganizations(), 'looking up organizations');
4989
4980
  if (!result.success) {
@@ -5225,24 +5216,28 @@ async function createReport(socketConfig, inputPaths, {
5225
5216
  });
5226
5217
  });
5227
5218
  const packagePaths = await npmPaths.getPackageFiles(cwd, inputPaths, socketConfig, supportedFiles);
5228
- npmPaths.debugLog('Uploading:', packagePaths.join(`\n${npmPaths.getLogSymbols().info} Uploading: `));
5219
+ const {
5220
+ length: packagePathsCount
5221
+ } = packagePaths;
5222
+ if (packagePathsCount && npmPaths.isDebug()) {
5223
+ for (const pkgPath of packagePaths) {
5224
+ npmPaths.debugLog(`Uploading: ${pkgPath}`);
5225
+ }
5226
+ }
5229
5227
  if (dryRun) {
5230
5228
  npmPaths.debugLog('[dryRun] Skipped actual upload');
5231
5229
  return undefined;
5232
- } else {
5233
- const socketSdk = await index.setupSdk();
5234
- const spinner$1 = new spinner.Spinner({
5235
- text: `Creating report with ${packagePaths.length} package files`
5236
- }).start();
5237
- const apiCall = socketSdk.createReportFromFilePaths(packagePaths, cwd, socketConfig?.issueRules);
5238
- const result = await handleApiCall(apiCall, 'creating report');
5239
- if (!result.success) {
5240
- handleUnsuccessfulApiResponse('createReport', result, spinner$1);
5241
- return undefined;
5242
- }
5243
- spinner$1.successAndStop();
5244
- return result;
5245
5230
  }
5231
+ const spinner$1 = new spinner.Spinner();
5232
+ spinner$1.start(`Creating report with ${packagePathsCount} package ${words.pluralize('file', packagePathsCount)}`);
5233
+ const apiCall = socketSdk.createReportFromFilePaths(packagePaths, cwd, socketConfig?.issueRules);
5234
+ const result = await handleApiCall(apiCall, 'creating report');
5235
+ if (!result.success) {
5236
+ handleUnsuccessfulApiResponse('createReport', result, spinner$1);
5237
+ return undefined;
5238
+ }
5239
+ spinner$1.successAndStop();
5240
+ return result;
5246
5241
  }
5247
5242
 
5248
5243
  async function getSocketConfig(absoluteConfigPath) {
@@ -5269,10 +5264,9 @@ async function getSocketConfig(absoluteConfigPath) {
5269
5264
  const MAX_TIMEOUT_RETRY = 5;
5270
5265
  const HTTP_CODE_TIMEOUT = 524;
5271
5266
  async function fetchReportData(reportId, includeAllIssues, strict) {
5267
+ const spinner$1 = new spinner.Spinner();
5268
+ spinner$1.start(`Fetching report with ID ${reportId} (this could take a while)`);
5272
5269
  const socketSdk = await index.setupSdk();
5273
- const spinner$1 = new spinner.Spinner({
5274
- text: `Fetching report with ID ${reportId} (this could take a while)`
5275
- }).start();
5276
5270
  let result;
5277
5271
  for (let retry = 1; !result; ++retry) {
5278
5272
  try {
@@ -5280,6 +5274,7 @@ async function fetchReportData(reportId, includeAllIssues, strict) {
5280
5274
  result = await handleApiCall(socketSdk.getReport(reportId), 'fetching report');
5281
5275
  } catch (err) {
5282
5276
  if (retry >= MAX_TIMEOUT_RETRY || !(err instanceof Error) || err.cause?.cause?.response?.statusCode !== HTTP_CODE_TIMEOUT) {
5277
+ spinner$1.stop();
5283
5278
  throw err;
5284
5279
  }
5285
5280
  }
@@ -5288,21 +5283,21 @@ async function fetchReportData(reportId, includeAllIssues, strict) {
5288
5283
  return handleUnsuccessfulApiResponse('getReport', result, spinner$1);
5289
5284
  }
5290
5285
 
5291
- // Conclude the status of the API call
5292
-
5286
+ // Conclude the status of the API call.
5293
5287
  if (strict) {
5294
5288
  if (result.data.healthy) {
5295
- spinner$1.successAndStop('Report result is healthy and great!');
5289
+ spinner$1.success('Report result is healthy and great!');
5296
5290
  } else {
5297
- spinner$1.errorAndStop('Report result deemed unhealthy for project');
5291
+ spinner$1.error('Report result deemed unhealthy for project');
5298
5292
  }
5299
5293
  } else if (!result.data.healthy) {
5300
5294
  const severityCount = getSeverityCount(result.data.issues, includeAllIssues ? undefined : 'high');
5301
5295
  const issueSummary = formatSeverityCount(severityCount);
5302
- spinner$1.successAndStop(`Report has these issues: ${issueSummary}`);
5296
+ spinner$1.success(`Report has these issues: ${issueSummary}`);
5303
5297
  } else {
5304
- spinner$1.successAndStop('Report has no issues');
5298
+ spinner$1.success('Report has no issues');
5305
5299
  }
5300
+ spinner$1.stop();
5306
5301
  return result.data;
5307
5302
  }
5308
5303
 
@@ -5524,10 +5519,8 @@ async function createRepo({
5524
5519
  repoName,
5525
5520
  visibility
5526
5521
  }) {
5527
- const spinnerText = 'Creating repository... \n';
5528
- const spinner$1 = new spinner.Spinner({
5529
- text: spinnerText
5530
- }).start();
5522
+ const spinner$1 = new spinner.Spinner();
5523
+ spinner$1.start('Creating repository...');
5531
5524
  const socketSdk = await index.setupSdk(apiToken);
5532
5525
  const result = await handleApiCall(socketSdk.createOrgRepo(orgSlug, {
5533
5526
  outputJson,
@@ -5642,10 +5635,8 @@ async function run$b(argv, importMeta, {
5642
5635
  }
5643
5636
 
5644
5637
  async function deleteRepo(orgSlug, repoName, apiToken) {
5645
- const spinnerText = 'Deleting repository... \n';
5646
- const spinner$1 = new spinner.Spinner({
5647
- text: spinnerText
5648
- }).start();
5638
+ const spinner$1 = new spinner.Spinner();
5639
+ spinner$1.start('Deleting repository...');
5649
5640
  const socketSdk = await index.setupSdk(apiToken);
5650
5641
  const result = await handleApiCall(socketSdk.deleteOrgRepo(orgSlug, repoName), 'deleting repository');
5651
5642
  if (result.success) {
@@ -6200,7 +6191,7 @@ function dirNameToSlug(name) {
6200
6191
  async function suggestBranchSlug(repoDefaultBranch) {
6201
6192
  const spawnResult = childProcess.spawnSync('git', ['branch', '--show-current']);
6202
6193
  const currentBranch = spawnResult.stdout.toString('utf8').trim();
6203
- if (spawnResult.status === 0 && currentBranch) {
6194
+ if (currentBranch && spawnResult.status === 0) {
6204
6195
  const proceed = await prompts.select({
6205
6196
  message: 'Use the current git branch as target branch name?',
6206
6197
  choices: [{
@@ -6520,17 +6511,15 @@ async function run$6(argv, importMeta, {
6520
6511
  }
6521
6512
 
6522
6513
  async function deleteOrgFullScan(orgSlug, fullScanId, apiToken) {
6523
- const spinnerText = 'Deleting scan...';
6524
- const spinner$1 = new spinner.Spinner({
6525
- text: spinnerText
6526
- }).start();
6514
+ const spinner$1 = new spinner.Spinner();
6515
+ spinner$1.start('Deleting scan...');
6527
6516
  const socketSdk = await index.setupSdk(apiToken);
6528
6517
  const result = await handleApiCall(socketSdk.deleteOrgFullScan(orgSlug, fullScanId), 'Deleting scan');
6529
- if (result.success) {
6530
- spinner$1.successAndStop('Scan deleted successfully');
6531
- } else {
6518
+ if (!result.success) {
6532
6519
  handleUnsuccessfulApiResponse('deleteOrgFullScan', result, spinner$1);
6520
+ return;
6533
6521
  }
6522
+ spinner$1.successAndStop('Scan deleted successfully');
6534
6523
  }
6535
6524
 
6536
6525
  const config$5 = {
@@ -6589,10 +6578,8 @@ async function run$5(argv, importMeta, {
6589
6578
 
6590
6579
  // @ts-ignore
6591
6580
  async function listFullScans(orgSlug, input, apiToken) {
6592
- const spinnerText = 'Listing scans... \n';
6593
- const spinner$1 = new spinner.Spinner({
6594
- text: spinnerText
6595
- }).start();
6581
+ const spinner$1 = new spinner.Spinner();
6582
+ spinner$1.start('Listing scans...');
6596
6583
  const socketSdk = await index.setupSdk(apiToken);
6597
6584
  const result = await handleApiCall(socketSdk.getOrgFullScanList(orgSlug, input), 'Listing scans');
6598
6585
  if (!result.success) {
@@ -6732,10 +6719,8 @@ async function run$4(argv, importMeta, {
6732
6719
  }
6733
6720
 
6734
6721
  async function getOrgScanMetadata(orgSlug, scanId, apiToken) {
6735
- const spinnerText = "Getting scan's metadata... \n";
6736
- const spinner$1 = new spinner.Spinner({
6737
- text: spinnerText
6738
- }).start();
6722
+ const spinner$1 = new spinner.Spinner();
6723
+ spinner$1.start("Getting scan's metadata...");
6739
6724
  const socketSdk = await index.setupSdk(apiToken);
6740
6725
  const result = await handleApiCall(socketSdk.getOrgFullScanMetadata(orgSlug, scanId), 'Listing scans');
6741
6726
  if (!result.success) {
@@ -6801,9 +6786,8 @@ async function run$3(argv, importMeta, {
6801
6786
  }
6802
6787
 
6803
6788
  async function getFullScan(orgSlug, fullScanId, file, apiToken) {
6804
- const spinner$1 = new spinner.Spinner({
6805
- text: 'Streaming scan...'
6806
- }).start();
6789
+ const spinner$1 = new spinner.Spinner();
6790
+ spinner$1.start('Streaming scan...');
6807
6791
  const socketSdk = await index.setupSdk(apiToken);
6808
6792
  const data = await handleApiCall(socketSdk.getOrgFullScan(orgSlug, fullScanId, file === '-' ? undefined : file), 'Streaming a scan');
6809
6793
  if (data?.success) {
@@ -6899,9 +6883,8 @@ async function getThreatFeed({
6899
6883
  page,
6900
6884
  perPage
6901
6885
  }) {
6902
- const spinner$1 = new spinner.Spinner({
6903
- text: 'Looking up the threat feed'
6904
- }).start();
6886
+ const spinner$1 = new spinner.Spinner();
6887
+ spinner$1.start('Looking up the threat feed');
6905
6888
  const formattedQueryParams = formatQueryParams({
6906
6889
  per_page: perPage,
6907
6890
  page,
@@ -7301,12 +7284,12 @@ void (async () => {
7301
7284
  } else {
7302
7285
  errorTitle = 'Unexpected error with no details';
7303
7286
  }
7304
- console.error(`${npmPaths.getLogSymbols().error} ${colors.bgRed(colors.white(errorTitle + ':'))} ${errorMessage}`);
7287
+ logger.logger.error(`${colors.bgRed(colors.white(errorTitle + ':'))} ${errorMessage}`);
7305
7288
  if (errorBody) {
7306
7289
  console.error(`\n${errorBody}`);
7307
7290
  }
7308
7291
  await index.captureException(e);
7309
7292
  }
7310
7293
  })();
7311
- //# debugId=76095f49-6cee-41ed-8752-1e7608d29b7d
7294
+ //# debugId=387e6564-5b13-4477-b447-bab83844129a
7312
7295
  //# sourceMappingURL=cli.js.map