@socketsecurity/cli-with-sentry 0.14.52 → 0.14.55
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/bin/cli.js +10 -15
- package/dist/constants.d.ts +12 -8
- package/dist/constants.js +11 -2
- package/dist/constants.js.map +1 -1
- package/dist/instrument-with-sentry.js +2 -2
- package/dist/instrument-with-sentry.js.map +1 -1
- package/dist/module-sync/cli.js +556 -255
- package/dist/module-sync/cli.js.map +1 -1
- package/dist/module-sync/edge.d.ts +1 -1
- package/dist/module-sync/index.d.ts +28 -28
- package/dist/module-sync/index.js +11 -4
- package/dist/module-sync/index.js.map +1 -1
- package/dist/module-sync/npm-paths.js.map +1 -1
- package/dist/module-sync/reify.d.ts +10 -10
- package/dist/module-sync/settings.d.ts +1 -1
- package/dist/module-sync/shadow-bin.js +16 -13
- package/dist/module-sync/shadow-bin.js.map +1 -1
- package/dist/require/cli.js +556 -255
- package/dist/require/cli.js.map +1 -1
- package/package.json +11 -10
- package/dist/module-sync/npm.d.ts +0 -26
- package/dist/module-sync/npm.js +0 -114
- package/dist/module-sync/npm.js.map +0 -1
- package/dist/require/npm.js +0 -3
|
@@ -992,22 +992,22 @@ type SocketPackageAlert = {
|
|
|
992
992
|
raw: any;
|
|
993
993
|
};
|
|
994
994
|
declare function findPackageNodes(tree: SafeNode, packageName: string): SafeNode[];
|
|
995
|
-
declare function updateNode(node: SafeNode, packument: Packument, vulnerableVersionRange?: string, firstPatchedVersionIdentifier?: string): boolean;
|
|
995
|
+
declare function updateNode(node: SafeNode, packument: Packument, vulnerableVersionRange?: string, firstPatchedVersionIdentifier?: string | undefined): boolean;
|
|
996
996
|
type GetPackageAlertsOptions = {
|
|
997
|
-
output?: Writable;
|
|
998
|
-
consolidate?: boolean;
|
|
999
|
-
includeExisting?: boolean;
|
|
1000
|
-
includeUnfixable?: boolean;
|
|
997
|
+
output?: Writable | undefined;
|
|
998
|
+
consolidate?: boolean | undefined;
|
|
999
|
+
includeExisting?: boolean | undefined;
|
|
1000
|
+
includeUnfixable?: boolean | undefined;
|
|
1001
1001
|
};
|
|
1002
|
-
declare function getPackagesAlerts(arb: SafeArborist, options?: GetPackageAlertsOptions): Promise<SocketPackageAlert[]>;
|
|
1003
|
-
type CveInfoByPackage = Map<string, {
|
|
1002
|
+
declare function getPackagesAlerts(arb: SafeArborist, options?: GetPackageAlertsOptions | undefined): Promise<SocketPackageAlert[]>;
|
|
1003
|
+
type CveInfoByPackage = Map<string, Array<{
|
|
1004
1004
|
firstPatchedVersionIdentifier: string;
|
|
1005
1005
|
vulnerableVersionRange: string;
|
|
1006
|
-
}
|
|
1006
|
+
}>>;
|
|
1007
1007
|
type GetCveInfoByPackageOptions = {
|
|
1008
|
-
excludeUpgrades?: boolean;
|
|
1008
|
+
excludeUpgrades?: boolean | undefined;
|
|
1009
1009
|
};
|
|
1010
|
-
declare function getCveInfoByPackage(alerts: SocketPackageAlert[], options?: GetCveInfoByPackageOptions): CveInfoByPackage | null;
|
|
1010
|
+
declare function getCveInfoByPackage(alerts: SocketPackageAlert[], options?: GetCveInfoByPackageOptions | undefined): CveInfoByPackage | null;
|
|
1011
1011
|
declare function updateAdvisoryNodes(arb: SafeArborist, alerts: SocketPackageAlert[]): Promise<void>;
|
|
1012
1012
|
declare function updateSocketRegistryNodes(arb: SafeArborist): Promise<void>;
|
|
1013
1013
|
declare const kRiskyReify: unique symbol;
|
|
@@ -3,7 +3,7 @@ interface Settings {
|
|
|
3
3
|
apiBaseUrl?: string | null | undefined;
|
|
4
4
|
apiKey?: string | null | undefined;
|
|
5
5
|
apiProxy?: string | null | undefined;
|
|
6
|
-
enforcedOrgs?: string[] | null | undefined;
|
|
6
|
+
enforcedOrgs?: string[] | readonly string[] | null | undefined;
|
|
7
7
|
apiToken?: string | null | undefined;
|
|
8
8
|
}
|
|
9
9
|
declare function findSocketYmlSync(): {
|
|
@@ -10,12 +10,12 @@ function _socketInterop(e) {
|
|
|
10
10
|
}
|
|
11
11
|
|
|
12
12
|
var process = require('node:process');
|
|
13
|
-
var
|
|
13
|
+
var npm = require('@socketsecurity/registry/lib/npm');
|
|
14
|
+
var spawn = require('@socketsecurity/registry/lib/spawn');
|
|
14
15
|
var path = require('node:path');
|
|
15
16
|
var cmdShim = _socketInterop(require('cmd-shim'));
|
|
16
17
|
var npmPaths = require('./npm-paths.js');
|
|
17
18
|
var constants = require('./constants.js');
|
|
18
|
-
var npm = require('./npm.js');
|
|
19
19
|
|
|
20
20
|
const {
|
|
21
21
|
CLI,
|
|
@@ -47,17 +47,24 @@ async function installLinks(realBinPath, binName) {
|
|
|
47
47
|
}
|
|
48
48
|
|
|
49
49
|
const {
|
|
50
|
+
NPM,
|
|
51
|
+
SOCKET_CLI_LEGACY_PACKAGE_NAME,
|
|
52
|
+
SOCKET_CLI_PACKAGE_NAME,
|
|
50
53
|
SOCKET_CLI_SAFE_WRAPPER,
|
|
51
54
|
SOCKET_CLI_SENTRY_BUILD,
|
|
52
|
-
|
|
53
|
-
|
|
55
|
+
SOCKET_CLI_SENTRY_PACKAGE_NAME,
|
|
56
|
+
SOCKET_IPC_HANDSHAKE
|
|
54
57
|
} = constants;
|
|
55
58
|
async function shadowBin(binName, args = process.argv.slice(2)) {
|
|
56
59
|
process.exitCode = 1;
|
|
57
60
|
const terminatorPos = args.indexOf('--');
|
|
58
|
-
const
|
|
61
|
+
const skipSocketCliUpgrade = binName === NPM && args.length === 3 && args[0] === 'install' && args[1] === '-g' && (args[2] === SOCKET_CLI_PACKAGE_NAME || args[2] === SOCKET_CLI_LEGACY_PACKAGE_NAME || args[2] === SOCKET_CLI_SENTRY_PACKAGE_NAME);
|
|
62
|
+
let binArgs = terminatorPos === -1 ? args : args.slice(0, terminatorPos);
|
|
63
|
+
if (!skipSocketCliUpgrade) {
|
|
64
|
+
binArgs = binArgs.filter(a => !npm.isProgressFlag(a));
|
|
65
|
+
}
|
|
59
66
|
const otherArgs = terminatorPos === -1 ? [] : args.slice(terminatorPos);
|
|
60
|
-
const spawnPromise = spawn(
|
|
67
|
+
const spawnPromise = spawn.spawn(
|
|
61
68
|
// Lazily access constants.execPath.
|
|
62
69
|
constants.execPath, [
|
|
63
70
|
// Lazily access constants.nodeNoWarningsFlags.
|
|
@@ -72,18 +79,14 @@ async function shadowBin(binName, args = process.argv.slice(2)) {
|
|
|
72
79
|
await installLinks(constants.shadowBinPath, binName),
|
|
73
80
|
// Add `--no-progress` and `--quiet` flags to fix input being swallowed by
|
|
74
81
|
// the spinner when running the command with recent versions of npm.
|
|
75
|
-
'--no-progress',
|
|
82
|
+
...(skipSocketCliUpgrade ? [] : ['--no-progress']),
|
|
76
83
|
// Add the '--quiet' flag if a loglevel flag is not provided.
|
|
77
|
-
...(binArgs.some(npm.isLoglevelFlag) ? [] : ['--quiet']), ...binArgs, ...otherArgs], {
|
|
78
|
-
signal: abortSignal,
|
|
84
|
+
...(binArgs.some(npm.isLoglevelFlag) ? [] : skipSocketCliUpgrade ? ['--loglevel', 'error'] : ['--quiet']), ...binArgs, ...otherArgs], {
|
|
79
85
|
// 'inherit' + 'ipc'
|
|
80
86
|
stdio: [0, 1, 2, 'ipc']
|
|
81
87
|
});
|
|
82
88
|
// See https://nodejs.org/api/all.html#all_child_process_event-exit.
|
|
83
89
|
spawnPromise.process.on('exit', (code, signalName) => {
|
|
84
|
-
if (abortSignal.aborted) {
|
|
85
|
-
return;
|
|
86
|
-
}
|
|
87
90
|
if (signalName) {
|
|
88
91
|
process.kill(process.pid, signalName);
|
|
89
92
|
} else if (code !== null) {
|
|
@@ -99,5 +102,5 @@ async function shadowBin(binName, args = process.argv.slice(2)) {
|
|
|
99
102
|
}
|
|
100
103
|
|
|
101
104
|
module.exports = shadowBin;
|
|
102
|
-
//# debugId=
|
|
105
|
+
//# debugId=4b080160-768f-48ff-859c-2da65a395a61
|
|
103
106
|
//# sourceMappingURL=shadow-bin.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"shadow-bin.js","sources":["../../src/shadow/link.ts","../../src/shadow/shadow-bin.ts"],"sourcesContent":["import path from 'node:path'\nimport process from 'node:process'\n\nimport cmdShim from 'cmd-shim'\n\nimport {\n getNpmBinPath,\n getNpxBinPath,\n isNpmBinPathShadowed,\n isNpxBinPathShadowed\n} from './npm-paths'\nimport constants from '../constants'\n\nconst { CLI, NPX } = constants\n\nexport async function installLinks(\n realBinPath: string,\n binName: 'npm' | 'npx'\n): Promise<string> {\n const isNpx = binName === NPX\n // Find package manager being shadowed by this process.\n const binPath = isNpx ? getNpxBinPath() : getNpmBinPath()\n // Lazily access constants.WIN32.\n const { WIN32 } = constants\n // TODO: Is this early exit needed?\n if (WIN32 && binPath) {\n return binPath\n }\n const shadowed = isNpx ? isNpxBinPathShadowed() : isNpmBinPathShadowed()\n // Move our bin directory to front of PATH so its found first.\n if (!shadowed) {\n if (WIN32) {\n await cmdShim(\n // Lazily access constants.rootDistPath.\n path.join(constants.rootDistPath, `${binName}-${CLI}.js`),\n path.join(realBinPath, binName)\n )\n }\n process.env['PATH'] =\n `${realBinPath}${path.delimiter}${process.env['PATH']}`\n }\n return binPath\n}\n","import process from 'node:process'\n\nimport spawn from '@
|
|
1
|
+
{"version":3,"file":"shadow-bin.js","sources":["../../src/shadow/link.ts","../../src/shadow/shadow-bin.ts"],"sourcesContent":["import path from 'node:path'\nimport process from 'node:process'\n\nimport cmdShim from 'cmd-shim'\n\nimport {\n getNpmBinPath,\n getNpxBinPath,\n isNpmBinPathShadowed,\n isNpxBinPathShadowed\n} from './npm-paths'\nimport constants from '../constants'\n\nconst { CLI, NPX } = constants\n\nexport async function installLinks(\n realBinPath: string,\n binName: 'npm' | 'npx'\n): Promise<string> {\n const isNpx = binName === NPX\n // Find package manager being shadowed by this process.\n const binPath = isNpx ? getNpxBinPath() : getNpmBinPath()\n // Lazily access constants.WIN32.\n const { WIN32 } = constants\n // TODO: Is this early exit needed?\n if (WIN32 && binPath) {\n return binPath\n }\n const shadowed = isNpx ? isNpxBinPathShadowed() : isNpmBinPathShadowed()\n // Move our bin directory to front of PATH so its found first.\n if (!shadowed) {\n if (WIN32) {\n await cmdShim(\n // Lazily access constants.rootDistPath.\n path.join(constants.rootDistPath, `${binName}-${CLI}.js`),\n path.join(realBinPath, binName)\n )\n }\n process.env['PATH'] =\n `${realBinPath}${path.delimiter}${process.env['PATH']}`\n }\n return binPath\n}\n","import process from 'node:process'\n\nimport {\n isLoglevelFlag,\n isProgressFlag\n} from '@socketsecurity/registry/lib/npm'\nimport { spawn } from '@socketsecurity/registry/lib/spawn'\n\nimport { installLinks } from './link'\nimport constants from '../constants'\n\nconst {\n NPM,\n SOCKET_CLI_LEGACY_PACKAGE_NAME,\n SOCKET_CLI_PACKAGE_NAME,\n SOCKET_CLI_SAFE_WRAPPER,\n SOCKET_CLI_SENTRY_BUILD,\n SOCKET_CLI_SENTRY_PACKAGE_NAME,\n SOCKET_IPC_HANDSHAKE\n} = constants\n\nexport default async function shadowBin(\n binName: 'npm' | 'npx',\n args = process.argv.slice(2)\n) {\n process.exitCode = 1\n const terminatorPos = args.indexOf('--')\n const skipSocketCliUpgrade =\n binName === NPM &&\n args.length === 3 &&\n args[0] === 'install' &&\n args[1] === '-g' &&\n (args[2] === SOCKET_CLI_PACKAGE_NAME ||\n args[2] === SOCKET_CLI_LEGACY_PACKAGE_NAME ||\n args[2] === SOCKET_CLI_SENTRY_PACKAGE_NAME)\n\n let binArgs = terminatorPos === -1 ? args : args.slice(0, terminatorPos)\n if (!skipSocketCliUpgrade) {\n binArgs = binArgs.filter(a => !isProgressFlag(a))\n }\n const otherArgs = terminatorPos === -1 ? [] : args.slice(terminatorPos)\n const spawnPromise = spawn(\n // Lazily access constants.execPath.\n constants.execPath,\n [\n // Lazily access constants.nodeNoWarningsFlags.\n ...constants.nodeNoWarningsFlags,\n // Lazily access constants.ENV[SOCKET_CLI_SENTRY_BUILD].\n ...(constants.ENV[SOCKET_CLI_SENTRY_BUILD]\n ? [\n '--require',\n // Lazily access constants.instrumentWithSentryPath.\n constants.instrumentWithSentryPath\n ]\n : []),\n '--require',\n // Lazily access constants.npmInjectionPath.\n constants.npmInjectionPath,\n // Lazily access constants.shadowBinPath.\n await installLinks(constants.shadowBinPath, binName),\n // Add `--no-progress` and `--quiet` flags to fix input being swallowed by\n // the spinner when running the command with recent versions of npm.\n ...(skipSocketCliUpgrade ? [] : ['--no-progress']),\n // Add the '--quiet' flag if a loglevel flag is not provided.\n ...(binArgs.some(isLoglevelFlag)\n ? []\n : skipSocketCliUpgrade\n ? ['--loglevel', 'error']\n : ['--quiet']),\n ...binArgs,\n ...otherArgs\n ],\n {\n // 'inherit' + 'ipc'\n stdio: [0, 1, 2, 'ipc']\n }\n )\n // See https://nodejs.org/api/all.html#all_child_process_event-exit.\n spawnPromise.process.on('exit', (code, signalName) => {\n if (signalName) {\n process.kill(process.pid, signalName)\n } else if (code !== null) {\n process.exit(code)\n }\n })\n spawnPromise.process.send({\n [SOCKET_IPC_HANDSHAKE]: {\n [SOCKET_CLI_SAFE_WRAPPER]: true\n }\n })\n await spawnPromise\n}\n"],"names":["NPX","WIN32","process","SOCKET_IPC_HANDSHAKE","binArgs","constants","spawnPromise"],"mappings":";;;;;;;;;;;;;;;;;;;AAaA;;AAAaA;AAAI;AAEV;AAIL;AACA;;AAEA;;AACQC;AAAM;AACd;;AAEE;AACF;;AAEA;;AAEE;AACE;AACE;;AAIJ;AACAC;AAEF;AACA;AACF;;AC/BA;;;;;;;AAOEC;AACF;AAEe;;AAKb;;AAUA;;AAEEC;AACF;AACA;;AAEE;;AAGE;;AAEA;;AAIM;AACAC;AAIN;AACAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AASA;;AAEF;AAEF;;AAEE;;AAEA;AACEH;AACF;AACF;AACAI;AACE;AACE;AACF;AACF;AACA;AACF;;","debugId":"4b080160-768f-48ff-859c-2da65a395a61"}
|