@socketsecurity/cli-with-sentry 0.14.56 → 0.14.57
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/bin/cli.js +8 -10
- package/bin/npm-cli.js +1 -1
- package/bin/npx-cli.js +3 -1
- package/dist/constants.d.ts +19 -6
- package/dist/constants.js +47 -21
- package/dist/constants.js.map +1 -1
- package/dist/instrument-with-sentry.js +3 -3
- package/dist/instrument-with-sentry.js.map +1 -1
- package/dist/module-sync/cli.js +332 -272
- package/dist/module-sync/cli.js.map +1 -1
- package/dist/module-sync/color-or-markdown.d.ts +16 -0
- package/dist/module-sync/edge.d.ts +1 -1
- package/dist/module-sync/index.d.ts +3 -172
- package/dist/module-sync/node.d.ts +1 -1
- package/dist/module-sync/override-set.d.ts +37 -0
- package/dist/module-sync/shadow-bin.js +8 -8
- package/dist/module-sync/shadow-bin.js.map +1 -1
- package/dist/module-sync/{index.js → shadow-npm-inject.js} +29 -22
- package/dist/module-sync/shadow-npm-inject.js.map +1 -0
- package/dist/module-sync/{npm-paths.js → shadow-npm-paths.js} +4 -4
- package/dist/module-sync/shadow-npm-paths.js.map +1 -0
- package/dist/module-sync/socket-url.d.ts +3 -0
- package/dist/require/cli.js +332 -272
- package/dist/require/cli.js.map +1 -1
- package/dist/require/shadow-npm-inject.js +3 -0
- package/dist/require/shadow-npm-paths.js +3 -0
- package/package.json +4 -3
- package/dist/module-sync/index.js.map +0 -1
- package/dist/module-sync/npm-injection.js +0 -26
- package/dist/module-sync/npm-injection.js.map +0 -1
- package/dist/module-sync/npm-paths.js.map +0 -1
- package/dist/module-sync/proc-log.d.ts +0 -3
- package/dist/module-sync/reify.d.ts +0 -1020
- package/dist/require/index.js +0 -3
- package/dist/require/npm-injection.js +0 -3
- package/dist/require/npm-paths.js +0 -3
- /package/dist/module-sync/{npm-injection.d.ts → shadow-npm-inject.d.ts} +0 -0
- /package/dist/module-sync/{npm-paths.d.ts → shadow-npm-paths.d.ts} +0 -0
package/dist/module-sync/cli.js
CHANGED
|
@@ -24,7 +24,7 @@ var fs = require('node:fs');
|
|
|
24
24
|
var path = require('node:path');
|
|
25
25
|
var ndjson = _socketInterop(require('ndjson'));
|
|
26
26
|
var rest = _socketInterop(require('@octokit/rest'));
|
|
27
|
-
var
|
|
27
|
+
var shadowNpmInject = require('./shadow-npm-inject.js');
|
|
28
28
|
var constants = require('./constants.js');
|
|
29
29
|
var meow = _socketInterop(require('meow'));
|
|
30
30
|
var objects = require('@socketsecurity/registry/lib/objects');
|
|
@@ -57,7 +57,7 @@ var sorts = require('@socketsecurity/registry/lib/sorts');
|
|
|
57
57
|
var strings = require('@socketsecurity/registry/lib/strings');
|
|
58
58
|
var yaml = _socketInterop(require('yaml'));
|
|
59
59
|
var debug = require('@socketsecurity/registry/lib/debug');
|
|
60
|
-
var
|
|
60
|
+
var shadowNpmPaths = require('./shadow-npm-paths.js');
|
|
61
61
|
var betterAjvErrors = _socketInterop(require('@apideck/better-ajv-errors'));
|
|
62
62
|
var config$A = require('@socketsecurity/config');
|
|
63
63
|
var assert = require('node:assert');
|
|
@@ -840,7 +840,7 @@ function getIgnoreOptions({
|
|
|
840
840
|
ignoreCommands.push(data);
|
|
841
841
|
}
|
|
842
842
|
} catch (e) {
|
|
843
|
-
logger.logger.
|
|
843
|
+
logger.logger.fail(`Unable to process ignore command for ${comment}`);
|
|
844
844
|
logger.logger.error(e);
|
|
845
845
|
}
|
|
846
846
|
}
|
|
@@ -1226,7 +1226,7 @@ function securityCommentTemplate(diff) {
|
|
|
1226
1226
|
// TODO: is this a github action handler?
|
|
1227
1227
|
async function runAction(githubEventBefore, githubEventAfter) {
|
|
1228
1228
|
//TODO
|
|
1229
|
-
const socket = new sdk.SocketSdk(
|
|
1229
|
+
const socket = new sdk.SocketSdk(shadowNpmInject.getDefaultToken());
|
|
1230
1230
|
const git = simpleGit.simpleGit();
|
|
1231
1231
|
const changedFiles = (await git.diff(process.env['GITHUB_EVENT_NAME'] === 'pull_request' ? ['--name-only', 'HEAD^1', 'HEAD'] : ['--name-only', githubEventBefore, githubEventAfter])).split('\n');
|
|
1232
1232
|
logger.logger.log({
|
|
@@ -1291,15 +1291,14 @@ async function runAction(githubEventBefore, githubEventAfter) {
|
|
|
1291
1291
|
const {
|
|
1292
1292
|
API_V0_URL
|
|
1293
1293
|
} = constants;
|
|
1294
|
-
function handleUnsuccessfulApiResponse(_name, result
|
|
1294
|
+
function handleUnsuccessfulApiResponse(_name, result) {
|
|
1295
1295
|
// SocketSdkErrorType['error'] is not typed.
|
|
1296
1296
|
const resultErrorMessage = result.error?.message;
|
|
1297
1297
|
const message = typeof resultErrorMessage === 'string' ? resultErrorMessage : 'No error message returned';
|
|
1298
1298
|
if (result.status === 401 || result.status === 403) {
|
|
1299
|
-
|
|
1300
|
-
throw new index.AuthError(message);
|
|
1299
|
+
throw new shadowNpmInject.AuthError(message);
|
|
1301
1300
|
}
|
|
1302
|
-
|
|
1301
|
+
logger.logger.fail(`${colors.bgRed(colors.white('API returned an error:'))} ${message}`);
|
|
1303
1302
|
process$1.exit(1);
|
|
1304
1303
|
}
|
|
1305
1304
|
async function handleApiCall(value, description) {
|
|
@@ -1478,8 +1477,8 @@ async function meowWithSubcommands(subcommands, options) {
|
|
|
1478
1477
|
autoHelp: false // otherwise we can't exit(0)
|
|
1479
1478
|
});
|
|
1480
1479
|
if (!cli.flags['help'] && cli.flags['dryRun']) {
|
|
1481
|
-
logger.logger.log(`${DRY_RUN_LABEL$1}: No-op, call a sub-command; ok`);
|
|
1482
1480
|
process.exitCode = 0;
|
|
1481
|
+
logger.logger.log(`${DRY_RUN_LABEL$1}: No-op, call a sub-command; ok`);
|
|
1483
1482
|
} else {
|
|
1484
1483
|
cli.showHelp();
|
|
1485
1484
|
}
|
|
@@ -1520,9 +1519,9 @@ function meowOrExit({
|
|
|
1520
1519
|
}
|
|
1521
1520
|
function getAsciiHeader(command) {
|
|
1522
1521
|
const cliVersion = // The '@rollup/plugin-replace' will replace "process.env['SOCKET_CLI_VERSION_HASH']".
|
|
1523
|
-
"0.14.
|
|
1522
|
+
"0.14.57:6783de7:236c7308:pub";
|
|
1524
1523
|
const nodeVersion = process.version;
|
|
1525
|
-
const apiToken =
|
|
1524
|
+
const apiToken = shadowNpmInject.getSetting('apiToken');
|
|
1526
1525
|
const shownToken = apiToken ? getLastFiveOfApiToken(apiToken) : 'no';
|
|
1527
1526
|
const relCwd = process.cwd().replace(new RegExp(`^${regexps.escapeRegExp(constants.homePath)}`, 'i'), '~/');
|
|
1528
1527
|
const body = `
|
|
@@ -1595,10 +1594,10 @@ async function run$z(argv, importMeta, {
|
|
|
1595
1594
|
}
|
|
1596
1595
|
|
|
1597
1596
|
async function fetchOrgAnalyticsData(time, spinner, apiToken) {
|
|
1598
|
-
const socketSdk = await
|
|
1597
|
+
const socketSdk = await shadowNpmInject.setupSdk(apiToken);
|
|
1599
1598
|
const result = await handleApiCall(socketSdk.getOrgAnalytics(time.toString()), 'fetching analytics data');
|
|
1600
1599
|
if (result.success === false) {
|
|
1601
|
-
handleUnsuccessfulApiResponse('getOrgAnalytics', result
|
|
1600
|
+
handleUnsuccessfulApiResponse('getOrgAnalytics', result);
|
|
1602
1601
|
return undefined;
|
|
1603
1602
|
}
|
|
1604
1603
|
spinner.stop();
|
|
@@ -1610,10 +1609,10 @@ async function fetchOrgAnalyticsData(time, spinner, apiToken) {
|
|
|
1610
1609
|
}
|
|
1611
1610
|
|
|
1612
1611
|
async function fetchRepoAnalyticsData(repo, time, spinner, apiToken) {
|
|
1613
|
-
const socketSdk = await
|
|
1612
|
+
const socketSdk = await shadowNpmInject.setupSdk(apiToken);
|
|
1614
1613
|
const result = await handleApiCall(socketSdk.getRepoAnalytics(repo, time.toString()), 'fetching analytics data');
|
|
1615
1614
|
if (result.success === false) {
|
|
1616
|
-
handleUnsuccessfulApiResponse('getRepoAnalytics', result
|
|
1615
|
+
handleUnsuccessfulApiResponse('getRepoAnalytics', result);
|
|
1617
1616
|
return undefined;
|
|
1618
1617
|
}
|
|
1619
1618
|
spinner.stop();
|
|
@@ -1687,9 +1686,9 @@ async function displayAnalytics({
|
|
|
1687
1686
|
scope,
|
|
1688
1687
|
time
|
|
1689
1688
|
}) {
|
|
1690
|
-
const apiToken =
|
|
1689
|
+
const apiToken = shadowNpmInject.getDefaultToken();
|
|
1691
1690
|
if (!apiToken) {
|
|
1692
|
-
throw new
|
|
1691
|
+
throw new shadowNpmInject.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API token.');
|
|
1693
1692
|
}
|
|
1694
1693
|
await outputAnalyticsWithToken({
|
|
1695
1694
|
apiToken,
|
|
@@ -1730,9 +1729,9 @@ async function outputAnalyticsWithToken({
|
|
|
1730
1729
|
await fs$1.writeFile(filePath, serialized, 'utf8');
|
|
1731
1730
|
logger.logger.log(`Data successfully written to ${filePath}`);
|
|
1732
1731
|
} catch (e) {
|
|
1733
|
-
logger.logger.error('There was an error trying to write the json to disk');
|
|
1734
|
-
logger.logger.error(e);
|
|
1735
1732
|
process.exitCode = 1;
|
|
1733
|
+
logger.logger.fail('There was an error trying to write the json to disk');
|
|
1734
|
+
logger.logger.error(e);
|
|
1736
1735
|
}
|
|
1737
1736
|
} else {
|
|
1738
1737
|
logger.logger.log(serialized);
|
|
@@ -1760,9 +1759,9 @@ function renderJson(data) {
|
|
|
1760
1759
|
try {
|
|
1761
1760
|
return JSON.stringify(data, null, 2);
|
|
1762
1761
|
} catch (e) {
|
|
1763
|
-
// This could be caused by circular references, which is an "us" problem
|
|
1764
|
-
logger.logger.error('There was a problem converting the data set to JSON. Please try without --json or with --markdown');
|
|
1765
1762
|
process.exitCode = 1;
|
|
1763
|
+
// This could be caused by circular references, which is an "us" problem
|
|
1764
|
+
logger.logger.fail('There was a problem converting the data set to JSON. Please try without --json or with --markdown');
|
|
1766
1765
|
return;
|
|
1767
1766
|
}
|
|
1768
1767
|
}
|
|
@@ -1997,7 +1996,7 @@ async function run$y(argv, importMeta, {
|
|
|
1997
1996
|
// options or missing arguments.
|
|
1998
1997
|
// https://www.gnu.org/software/bash/manual/html_node/Exit-Status.html
|
|
1999
1998
|
process.exitCode = 2;
|
|
2000
|
-
logger.logger.
|
|
1999
|
+
logger.logger.fail(commonTags.stripIndents`${colors.bgRed(colors.white('Input error'))}: Please provide the required fields:
|
|
2001
2000
|
|
|
2002
2001
|
- Scope must be "repo" or "org" ${badScope ? colors.red('(bad!)') : colors.green('(ok)')}
|
|
2003
2002
|
|
|
@@ -2031,9 +2030,9 @@ async function getAuditLog({
|
|
|
2031
2030
|
page,
|
|
2032
2031
|
perPage
|
|
2033
2032
|
}) {
|
|
2034
|
-
const apiToken =
|
|
2033
|
+
const apiToken = shadowNpmInject.getDefaultToken();
|
|
2035
2034
|
if (!apiToken) {
|
|
2036
|
-
throw new
|
|
2035
|
+
throw new shadowNpmInject.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
|
|
2037
2036
|
}
|
|
2038
2037
|
const auditLogs = await getAuditLogWithToken({
|
|
2039
2038
|
apiToken,
|
|
@@ -2077,8 +2076,8 @@ async function outputAsJson(auditLogs, orgSlug, logType, page, perPage) {
|
|
|
2077
2076
|
})
|
|
2078
2077
|
}, null, 2);
|
|
2079
2078
|
} catch (e) {
|
|
2080
|
-
logger.logger.error('There was a problem converting the logs to JSON, please try without the `--json` flag');
|
|
2081
2079
|
process.exitCode = 1;
|
|
2080
|
+
logger.logger.fail('There was a problem converting the logs to JSON, please try without the `--json` flag');
|
|
2082
2081
|
return;
|
|
2083
2082
|
}
|
|
2084
2083
|
logger.logger.log(json);
|
|
@@ -2099,9 +2098,9 @@ These are the Socket.dev audit logs as per requested query.
|
|
|
2099
2098
|
${table}
|
|
2100
2099
|
`);
|
|
2101
2100
|
} catch (e) {
|
|
2102
|
-
logger.logger.error('There was a problem converting the logs to JSON, please try without the `--json` flag');
|
|
2103
|
-
logger.logger.error(e);
|
|
2104
2101
|
process.exitCode = 1;
|
|
2102
|
+
logger.logger.fail('There was a problem converting the logs to JSON, please try without the `--json` flag');
|
|
2103
|
+
logger.logger.error(e);
|
|
2105
2104
|
return;
|
|
2106
2105
|
}
|
|
2107
2106
|
}
|
|
@@ -2143,7 +2142,7 @@ async function getAuditLogWithToken({
|
|
|
2143
2142
|
spinner
|
|
2144
2143
|
} = constants;
|
|
2145
2144
|
spinner.start(`Looking up audit log for ${orgSlug}`);
|
|
2146
|
-
const socketSdk = await
|
|
2145
|
+
const socketSdk = await shadowNpmInject.setupSdk(apiToken);
|
|
2147
2146
|
const result = await handleApiCall(socketSdk.getAuditLogEvents(orgSlug, {
|
|
2148
2147
|
outputJson: outputKind === 'json',
|
|
2149
2148
|
// I'm not sure this is used at all
|
|
@@ -2155,7 +2154,7 @@ async function getAuditLogWithToken({
|
|
|
2155
2154
|
per_page: perPage
|
|
2156
2155
|
}), `Looking up audit log for ${orgSlug}\n`);
|
|
2157
2156
|
if (!result.success) {
|
|
2158
|
-
handleUnsuccessfulApiResponse('getAuditLogEvents', result
|
|
2157
|
+
handleUnsuccessfulApiResponse('getAuditLogEvents', result);
|
|
2159
2158
|
return;
|
|
2160
2159
|
}
|
|
2161
2160
|
spinner.stop();
|
|
@@ -2230,7 +2229,7 @@ async function run$x(argv, importMeta, {
|
|
|
2230
2229
|
// options or missing arguments.
|
|
2231
2230
|
// https://www.gnu.org/software/bash/manual/html_node/Exit-Status.html
|
|
2232
2231
|
process.exitCode = 2;
|
|
2233
|
-
logger.logger.
|
|
2232
|
+
logger.logger.fail(commonTags.stripIndents`
|
|
2234
2233
|
${colors.bgRed(colors.white('Input error'))}: Please provide the required fields:\n
|
|
2235
2234
|
- Org name as the first argument ${!orgSlug ? colors.red('(missing!)') : colors.green('(ok)')}
|
|
2236
2235
|
`);
|
|
@@ -2416,7 +2415,7 @@ async function run$w(argv, importMeta, {
|
|
|
2416
2415
|
//
|
|
2417
2416
|
//
|
|
2418
2417
|
// if (cli.input.length)
|
|
2419
|
-
// logger.
|
|
2418
|
+
// logger.fail(
|
|
2420
2419
|
// stripIndents`
|
|
2421
2420
|
// ${colors.bgRed(colors.white('Input error'))}: Please provide the required fields:
|
|
2422
2421
|
//
|
|
@@ -2440,7 +2439,7 @@ async function run$w(argv, importMeta, {
|
|
|
2440
2439
|
// options or missing arguments.
|
|
2441
2440
|
// https://www.gnu.org/software/bash/manual/html_node/Exit-Status.html
|
|
2442
2441
|
process$1.exitCode = 2;
|
|
2443
|
-
logger.logger.
|
|
2442
|
+
logger.logger.fail(`Unknown ${words.pluralize('argument', unknownLength)}: ${yargv._.join(', ')}`);
|
|
2444
2443
|
return;
|
|
2445
2444
|
}
|
|
2446
2445
|
if (yargv.output === undefined) {
|
|
@@ -2459,22 +2458,22 @@ async function findDependencies({
|
|
|
2459
2458
|
offset,
|
|
2460
2459
|
outputJson
|
|
2461
2460
|
}) {
|
|
2462
|
-
const apiToken =
|
|
2461
|
+
const apiToken = shadowNpmInject.getDefaultToken();
|
|
2463
2462
|
if (!apiToken) {
|
|
2464
|
-
throw new
|
|
2463
|
+
throw new shadowNpmInject.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
|
|
2465
2464
|
}
|
|
2466
2465
|
// Lazily access constants.spinner.
|
|
2467
2466
|
const {
|
|
2468
2467
|
spinner
|
|
2469
2468
|
} = constants;
|
|
2470
2469
|
spinner.start('Searching dependencies...');
|
|
2471
|
-
const socketSdk = await
|
|
2470
|
+
const socketSdk = await shadowNpmInject.setupSdk(apiToken);
|
|
2472
2471
|
const result = await handleApiCall(socketSdk.searchDependencies({
|
|
2473
2472
|
limit,
|
|
2474
2473
|
offset
|
|
2475
2474
|
}), 'Searching dependencies');
|
|
2476
2475
|
if (!result.success) {
|
|
2477
|
-
handleUnsuccessfulApiResponse('searchDependencies', result
|
|
2476
|
+
handleUnsuccessfulApiResponse('searchDependencies', result);
|
|
2478
2477
|
return;
|
|
2479
2478
|
}
|
|
2480
2479
|
spinner.stop('Organization dependencies:');
|
|
@@ -2579,9 +2578,9 @@ async function getDiffScan({
|
|
|
2579
2578
|
orgSlug,
|
|
2580
2579
|
outputJson
|
|
2581
2580
|
}) {
|
|
2582
|
-
const apiToken =
|
|
2581
|
+
const apiToken = shadowNpmInject.getDefaultToken();
|
|
2583
2582
|
if (!apiToken) {
|
|
2584
|
-
throw new
|
|
2583
|
+
throw new shadowNpmInject.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
|
|
2585
2584
|
}
|
|
2586
2585
|
await getDiffScanWithToken({
|
|
2587
2586
|
after,
|
|
@@ -2626,16 +2625,17 @@ async function getDiffScanWithToken({
|
|
|
2626
2625
|
try {
|
|
2627
2626
|
json = JSON.stringify(result, null, 2);
|
|
2628
2627
|
} catch (e) {
|
|
2629
|
-
// Most likely caused by a circular reference (or OOM)
|
|
2630
|
-
logger.logger.error('There was a problem converting the data to JSON');
|
|
2631
2628
|
process.exitCode = 1;
|
|
2629
|
+
// Most likely caused by a circular reference (or OOM)
|
|
2630
|
+
logger.logger.fail('There was a problem converting the data to JSON');
|
|
2631
|
+
logger.logger.error(e);
|
|
2632
2632
|
return;
|
|
2633
2633
|
}
|
|
2634
2634
|
if (file && file !== '-') {
|
|
2635
2635
|
logger.logger.log(`Writing json to \`${file}\``);
|
|
2636
2636
|
fs.writeFile(file, JSON.stringify(result, null, 2), err => {
|
|
2637
2637
|
if (err) {
|
|
2638
|
-
logger.logger.
|
|
2638
|
+
logger.logger.fail(`Writing to \`${file}\` failed...`);
|
|
2639
2639
|
logger.logger.error(err);
|
|
2640
2640
|
} else {
|
|
2641
2641
|
logger.logger.log(`Data successfully written to \`${file}\``);
|
|
@@ -2741,7 +2741,7 @@ async function run$u(argv, importMeta, {
|
|
|
2741
2741
|
// options or missing arguments.
|
|
2742
2742
|
// https://www.gnu.org/software/bash/manual/html_node/Exit-Status.html
|
|
2743
2743
|
process.exitCode = 2;
|
|
2744
|
-
logger.logger.
|
|
2744
|
+
logger.logger.fail(`${colors.bgRed(colors.white('Input error'))}: Please provide the required fields:\n
|
|
2745
2745
|
- Specify a before and after full scan ID ${!before && !after ? colors.red('(missing before and after!)') : !before ? colors.red('(missing before!)') : !after ? colors.red('(missing after!)') : colors.green('(ok)')}\n
|
|
2746
2746
|
- To get full scans IDs, you can run the command "socket scan list <your org slug>".
|
|
2747
2747
|
The args are expecting a full \`aaa0aa0a-aaaa-0000-0a0a-0000000a00a0\` ID.\n
|
|
@@ -2804,17 +2804,17 @@ async function runFix() {
|
|
|
2804
2804
|
});
|
|
2805
2805
|
// const agentDetails = await detect()
|
|
2806
2806
|
|
|
2807
|
-
const arb = new
|
|
2807
|
+
const arb = new shadowNpmInject.SafeArborist({
|
|
2808
2808
|
path: cwd,
|
|
2809
|
-
...
|
|
2809
|
+
...shadowNpmInject.SAFE_ARBORIST_REIFY_OPTIONS_OVERRIDES
|
|
2810
2810
|
});
|
|
2811
2811
|
await arb.reify();
|
|
2812
|
-
const alerts = await
|
|
2812
|
+
const alerts = await shadowNpmInject.getPackagesAlerts(arb, {
|
|
2813
2813
|
consolidate: true,
|
|
2814
2814
|
includeExisting: true,
|
|
2815
2815
|
includeUnfixable: false
|
|
2816
2816
|
});
|
|
2817
|
-
const infoByPkg =
|
|
2817
|
+
const infoByPkg = shadowNpmInject.getCveInfoByPackage(alerts);
|
|
2818
2818
|
await arb.buildIdealTree();
|
|
2819
2819
|
if (infoByPkg) {
|
|
2820
2820
|
for (const {
|
|
@@ -2831,7 +2831,7 @@ async function runFix() {
|
|
|
2831
2831
|
spinner.info(`Skipping ${name}. Socket Optimize package exists.`);
|
|
2832
2832
|
continue;
|
|
2833
2833
|
}
|
|
2834
|
-
const nodes =
|
|
2834
|
+
const nodes = shadowNpmInject.findPackageNodes(tree, name);
|
|
2835
2835
|
const packument = nodes.length && infos.length ?
|
|
2836
2836
|
// eslint-disable-next-line no-await-in-loop
|
|
2837
2837
|
await packages.fetchPackagePackument(name) : null;
|
|
@@ -2850,7 +2850,7 @@ async function runFix() {
|
|
|
2850
2850
|
const {
|
|
2851
2851
|
version: oldVersion
|
|
2852
2852
|
} = node;
|
|
2853
|
-
if (
|
|
2853
|
+
if (shadowNpmInject.updateNode(node, packument, vulnerableVersionRange)) {
|
|
2854
2854
|
try {
|
|
2855
2855
|
// eslint-disable-next-line no-await-in-loop
|
|
2856
2856
|
await npm.runScript('test', [], {
|
|
@@ -2881,7 +2881,7 @@ async function runFix() {
|
|
|
2881
2881
|
}
|
|
2882
2882
|
}
|
|
2883
2883
|
}
|
|
2884
|
-
const arb2 = new
|
|
2884
|
+
const arb2 = new shadowNpmInject.Arborist({
|
|
2885
2885
|
path: cwd
|
|
2886
2886
|
});
|
|
2887
2887
|
arb2.idealTree = arb.idealTree;
|
|
@@ -3002,22 +3002,16 @@ function getSeverityCount(issues, lowestToInclude) {
|
|
|
3002
3002
|
}
|
|
3003
3003
|
|
|
3004
3004
|
async function fetchPackageInfo(pkgName, pkgVersion, includeAllIssues) {
|
|
3005
|
-
|
|
3006
|
-
const {
|
|
3007
|
-
spinner
|
|
3008
|
-
} = constants;
|
|
3009
|
-
spinner.start(pkgVersion === 'latest' ? `Looking up data for the latest version of ${pkgName}` : `Looking up data for version ${pkgVersion} of ${pkgName}`);
|
|
3010
|
-
const socketSdk = await index.setupSdk(index.getPublicToken());
|
|
3005
|
+
const socketSdk = await shadowNpmInject.setupSdk(shadowNpmInject.getPublicToken());
|
|
3011
3006
|
const result = await handleApiCall(socketSdk.getIssuesByNPMPackage(pkgName, pkgVersion), 'looking up package');
|
|
3012
3007
|
const scoreResult = await handleApiCall(socketSdk.getScoreByNPMPackage(pkgName, pkgVersion), 'looking up package score');
|
|
3013
3008
|
if (result.success === false) {
|
|
3014
|
-
return handleUnsuccessfulApiResponse('getIssuesByNPMPackage', result
|
|
3009
|
+
return handleUnsuccessfulApiResponse('getIssuesByNPMPackage', result);
|
|
3015
3010
|
}
|
|
3016
3011
|
if (scoreResult.success === false) {
|
|
3017
|
-
return handleUnsuccessfulApiResponse('getScoreByNPMPackage', scoreResult
|
|
3012
|
+
return handleUnsuccessfulApiResponse('getScoreByNPMPackage', scoreResult);
|
|
3018
3013
|
}
|
|
3019
3014
|
const severityCount = getSeverityCount(result.data, includeAllIssues ? undefined : 'high');
|
|
3020
|
-
spinner?.successAndStop('Data fetched');
|
|
3021
3015
|
return {
|
|
3022
3016
|
data: result.data,
|
|
3023
3017
|
severityCount,
|
|
@@ -3066,8 +3060,8 @@ function formatPackageInfo({
|
|
|
3066
3060
|
} else {
|
|
3067
3061
|
logger.logger.log('Package has no issues');
|
|
3068
3062
|
}
|
|
3069
|
-
const format = new
|
|
3070
|
-
const url =
|
|
3063
|
+
const format = new shadowNpmInject.ColorOrMarkdown(outputKind === 'markdown');
|
|
3064
|
+
const url = shadowNpmInject.getSocketDevPackageOverviewUrl(NPM$c, pkgName, pkgVersion);
|
|
3071
3065
|
logger.logger.log('\n');
|
|
3072
3066
|
if (pkgVersion === 'latest') {
|
|
3073
3067
|
logger.logger.log(`Detailed info on socket.dev: ${format.hyperlink(`${pkgName}`, url, {
|
|
@@ -3102,9 +3096,9 @@ function formatPackageIssuesDetails(packageData, outputMarkdown) {
|
|
|
3102
3096
|
}
|
|
3103
3097
|
return acc;
|
|
3104
3098
|
}, {});
|
|
3105
|
-
const format = new
|
|
3099
|
+
const format = new shadowNpmInject.ColorOrMarkdown(outputMarkdown);
|
|
3106
3100
|
for (const issue of Object.keys(uniqueIssues)) {
|
|
3107
|
-
const issueWithLink = format.hyperlink(`${uniqueIssues[issue]?.label}`,
|
|
3101
|
+
const issueWithLink = format.hyperlink(`${uniqueIssues[issue]?.label}`, shadowNpmInject.getSocketDevAlertUrl(issue), {
|
|
3108
3102
|
fallbackToUrl: true
|
|
3109
3103
|
});
|
|
3110
3104
|
if (uniqueIssues[issue]?.count === 1) {
|
|
@@ -3131,7 +3125,13 @@ async function getPackageInfo({
|
|
|
3131
3125
|
pkgVersion,
|
|
3132
3126
|
strict
|
|
3133
3127
|
}) {
|
|
3128
|
+
// Lazily access constants.spinner.
|
|
3129
|
+
const {
|
|
3130
|
+
spinner
|
|
3131
|
+
} = constants;
|
|
3132
|
+
spinner.start(pkgVersion === 'latest' ? `Looking up data for the latest version of ${pkgName}` : `Looking up data for version ${pkgVersion} of ${pkgName}`);
|
|
3134
3133
|
const packageData = await fetchPackageInfo(pkgName, pkgVersion, includeAllIssues);
|
|
3134
|
+
spinner.successAndStop('Data fetched');
|
|
3135
3135
|
if (packageData) {
|
|
3136
3136
|
formatPackageInfo(packageData, {
|
|
3137
3137
|
name: commandName,
|
|
@@ -3196,7 +3196,7 @@ async function run$s(argv, importMeta, {
|
|
|
3196
3196
|
// options or missing arguments.
|
|
3197
3197
|
// https://www.gnu.org/software/bash/manual/html_node/Exit-Status.html
|
|
3198
3198
|
process.exitCode = 2;
|
|
3199
|
-
logger.logger.
|
|
3199
|
+
logger.logger.fail(`${colors.bgRed(colors.white('Input error'))}: Please provide the required fields:\n
|
|
3200
3200
|
- Expecting a package name ${!rawPkgName ? colors.red('(missing!)') : colors.green('(ok)')}\n
|
|
3201
3201
|
- Can only accept one package at a time ${cli.input.length > 1 ? colors.red('(got ' + cli.input.length + '!)') : colors.green('(ok)')}\n`);
|
|
3202
3202
|
return;
|
|
@@ -3219,18 +3219,18 @@ async function run$s(argv, importMeta, {
|
|
|
3219
3219
|
}
|
|
3220
3220
|
|
|
3221
3221
|
function applyLogin(apiToken, enforcedOrgs, apiBaseUrl, apiProxy) {
|
|
3222
|
-
|
|
3223
|
-
|
|
3224
|
-
|
|
3225
|
-
|
|
3222
|
+
shadowNpmInject.updateSetting('enforcedOrgs', enforcedOrgs);
|
|
3223
|
+
shadowNpmInject.updateSetting('apiToken', apiToken);
|
|
3224
|
+
shadowNpmInject.updateSetting('apiBaseUrl', apiBaseUrl);
|
|
3225
|
+
shadowNpmInject.updateSetting('apiProxy', apiProxy);
|
|
3226
3226
|
}
|
|
3227
3227
|
|
|
3228
3228
|
const {
|
|
3229
3229
|
SOCKET_PUBLIC_API_TOKEN
|
|
3230
3230
|
} = constants;
|
|
3231
3231
|
async function attemptLogin(apiBaseUrl, apiProxy) {
|
|
3232
|
-
apiBaseUrl ??=
|
|
3233
|
-
apiProxy ??=
|
|
3232
|
+
apiBaseUrl ??= shadowNpmInject.getSetting('apiBaseUrl') ?? undefined;
|
|
3233
|
+
apiProxy ??= shadowNpmInject.getSetting('apiProxy') ?? undefined;
|
|
3234
3234
|
const apiToken = (await prompts.password({
|
|
3235
3235
|
message: `Enter your ${terminalLink('Socket.dev API key', 'https://docs.socket.dev/docs/api-keys')} (leave blank for a public key)`
|
|
3236
3236
|
})) || SOCKET_PUBLIC_API_TOKEN;
|
|
@@ -3241,13 +3241,13 @@ async function attemptLogin(apiBaseUrl, apiProxy) {
|
|
|
3241
3241
|
spinner.start('Verifying API key...');
|
|
3242
3242
|
let orgs;
|
|
3243
3243
|
try {
|
|
3244
|
-
const sdk = await
|
|
3244
|
+
const sdk = await shadowNpmInject.setupSdk(apiToken, apiBaseUrl, apiProxy);
|
|
3245
3245
|
const result = await sdk.getOrganizations();
|
|
3246
3246
|
if (!result.success) {
|
|
3247
|
-
throw new
|
|
3247
|
+
throw new shadowNpmInject.AuthError();
|
|
3248
3248
|
}
|
|
3249
3249
|
orgs = result.data;
|
|
3250
|
-
spinner.
|
|
3250
|
+
spinner.success('API key verified');
|
|
3251
3251
|
} catch {
|
|
3252
3252
|
spinner.errorAndStop('Invalid API key');
|
|
3253
3253
|
return;
|
|
@@ -3285,14 +3285,13 @@ async function attemptLogin(apiBaseUrl, apiProxy) {
|
|
|
3285
3285
|
}
|
|
3286
3286
|
}
|
|
3287
3287
|
}
|
|
3288
|
-
|
|
3288
|
+
spinner.stop();
|
|
3289
|
+
const oldToken = shadowNpmInject.getSetting('apiToken');
|
|
3289
3290
|
try {
|
|
3290
3291
|
applyLogin(apiToken, enforcedOrgs, apiBaseUrl, apiProxy);
|
|
3291
|
-
|
|
3292
|
-
spinner.successAndStop(`API credentials ${oldToken ? 'updated' : 'set'}`);
|
|
3292
|
+
logger.logger.success(`API credentials ${oldToken ? 'updated' : 'set'}`);
|
|
3293
3293
|
} catch {
|
|
3294
|
-
|
|
3295
|
-
spinner.errorAndStop(`API login failed`);
|
|
3294
|
+
logger.logger.fail(`API login failed`);
|
|
3296
3295
|
}
|
|
3297
3296
|
}
|
|
3298
3297
|
|
|
@@ -3349,16 +3348,16 @@ async function run$r(argv, importMeta, {
|
|
|
3349
3348
|
return;
|
|
3350
3349
|
}
|
|
3351
3350
|
if (!isInteractive()) {
|
|
3352
|
-
throw new
|
|
3351
|
+
throw new shadowNpmInject.InputError('Cannot prompt for credentials in a non-interactive shell');
|
|
3353
3352
|
}
|
|
3354
3353
|
await attemptLogin(apiBaseUrl, apiProxy);
|
|
3355
3354
|
}
|
|
3356
3355
|
|
|
3357
3356
|
function applyLogout() {
|
|
3358
|
-
|
|
3359
|
-
|
|
3360
|
-
|
|
3361
|
-
|
|
3357
|
+
shadowNpmInject.updateSetting('apiToken', null);
|
|
3358
|
+
shadowNpmInject.updateSetting('apiBaseUrl', null);
|
|
3359
|
+
shadowNpmInject.updateSetting('apiProxy', null);
|
|
3360
|
+
shadowNpmInject.updateSetting('enforcedOrgs', null);
|
|
3362
3361
|
}
|
|
3363
3362
|
|
|
3364
3363
|
function attemptLogout() {
|
|
@@ -3366,7 +3365,7 @@ function attemptLogout() {
|
|
|
3366
3365
|
applyLogout();
|
|
3367
3366
|
logger.logger.success('Successfully logged out');
|
|
3368
3367
|
} catch {
|
|
3369
|
-
logger.logger.
|
|
3368
|
+
logger.logger.fail('Failed to complete logout steps');
|
|
3370
3369
|
}
|
|
3371
3370
|
}
|
|
3372
3371
|
|
|
@@ -3448,14 +3447,14 @@ async function convertGradleToMaven(target, bin, _out, verbose, gradleOpts) {
|
|
|
3448
3447
|
logger.logger.groupEnd();
|
|
3449
3448
|
}
|
|
3450
3449
|
if (output.stderr) {
|
|
3451
|
-
|
|
3450
|
+
process.exitCode = 1;
|
|
3451
|
+
logger.logger.fail('There were errors while running gradle');
|
|
3452
3452
|
// (In verbose mode, stderr was printed above, no need to repeat it)
|
|
3453
3453
|
if (!verbose) {
|
|
3454
3454
|
logger.logger.group('[VERBOSE] stderr:');
|
|
3455
3455
|
logger.logger.error(output.stderr);
|
|
3456
3456
|
logger.logger.groupEnd();
|
|
3457
3457
|
}
|
|
3458
|
-
process.exitCode = 1;
|
|
3459
3458
|
return;
|
|
3460
3459
|
}
|
|
3461
3460
|
logger.logger.success('Executed gradle successfully');
|
|
@@ -3467,7 +3466,7 @@ async function convertGradleToMaven(target, bin, _out, verbose, gradleOpts) {
|
|
|
3467
3466
|
|
|
3468
3467
|
// const loc = output.stdout?.match(/Wrote (.*?.pom)\n/)?.[1]?.trim()
|
|
3469
3468
|
// if (!loc) {
|
|
3470
|
-
// logger.
|
|
3469
|
+
// logger.fail(
|
|
3471
3470
|
// 'There were no errors from sbt but could not find the location of resulting .pom file either'
|
|
3472
3471
|
// )
|
|
3473
3472
|
// process.exit(1)
|
|
@@ -3493,15 +3492,14 @@ async function convertGradleToMaven(target, bin, _out, verbose, gradleOpts) {
|
|
|
3493
3492
|
// spinner.successAndStop(`OK. File should be available in \`${out}\``)
|
|
3494
3493
|
// }
|
|
3495
3494
|
} catch (e) {
|
|
3496
|
-
|
|
3495
|
+
process.exitCode = 1;
|
|
3496
|
+
spinner.stop();
|
|
3497
|
+
logger.logger.fail('There was an unexpected error while running this' + (verbose ? '' : ' (use --verbose for details)'));
|
|
3497
3498
|
if (verbose) {
|
|
3498
3499
|
logger.logger.group('[VERBOSE] error:');
|
|
3499
3500
|
logger.logger.log(e);
|
|
3500
3501
|
logger.logger.groupEnd();
|
|
3501
3502
|
}
|
|
3502
|
-
process.exitCode = 1;
|
|
3503
|
-
} finally {
|
|
3504
|
-
spinner.stop();
|
|
3505
3503
|
}
|
|
3506
3504
|
}
|
|
3507
3505
|
|
|
@@ -3611,7 +3609,7 @@ async function run$p(argv, importMeta, {
|
|
|
3611
3609
|
// options or missing arguments.
|
|
3612
3610
|
// https://www.gnu.org/software/bash/manual/html_node/Exit-Status.html
|
|
3613
3611
|
process.exitCode = 2;
|
|
3614
|
-
logger.logger.
|
|
3612
|
+
logger.logger.fail(commonTags.stripIndents`${colors.bgRed(colors.white('Input error'))}: Please provide the required fields:
|
|
3615
3613
|
|
|
3616
3614
|
- The DIR arg is required ${!target ? colors.red('(missing!)') : target === '-' ? colors.red('(stdin is not supported)') : colors.green('(ok)')}
|
|
3617
3615
|
|
|
@@ -3687,14 +3685,14 @@ async function convertSbtToMaven(target, bin, out, verbose, sbtOpts) {
|
|
|
3687
3685
|
logger.logger.groupEnd();
|
|
3688
3686
|
}
|
|
3689
3687
|
if (output.stderr) {
|
|
3690
|
-
|
|
3688
|
+
process.exitCode = 1;
|
|
3689
|
+
logger.logger.fail('There were errors while running sbt');
|
|
3691
3690
|
// (In verbose mode, stderr was printed above, no need to repeat it)
|
|
3692
3691
|
if (!verbose) {
|
|
3693
3692
|
logger.logger.group('[VERBOSE] stderr:');
|
|
3694
3693
|
logger.logger.error(output.stderr);
|
|
3695
3694
|
logger.logger.groupEnd();
|
|
3696
3695
|
}
|
|
3697
|
-
process.exitCode = 1;
|
|
3698
3696
|
return;
|
|
3699
3697
|
}
|
|
3700
3698
|
const poms = [];
|
|
@@ -3703,8 +3701,8 @@ async function convertSbtToMaven(target, bin, out, verbose, sbtOpts) {
|
|
|
3703
3701
|
return fn;
|
|
3704
3702
|
});
|
|
3705
3703
|
if (!poms.length) {
|
|
3706
|
-
logger.logger.error('There were no errors from sbt but it seems to not have generated any poms either');
|
|
3707
3704
|
process.exitCode = 1;
|
|
3705
|
+
logger.logger.fail('There were no errors from sbt but it seems to not have generated any poms either');
|
|
3708
3706
|
return;
|
|
3709
3707
|
}
|
|
3710
3708
|
// Move the pom file to ...? initial cwd? loc will be an absolute path, or dump to stdout
|
|
@@ -3712,14 +3710,14 @@ async function convertSbtToMaven(target, bin, out, verbose, sbtOpts) {
|
|
|
3712
3710
|
// TODO: maybe we can add an option to target a specific file to dump to stdout
|
|
3713
3711
|
if (out === '-' && poms.length === 1) {
|
|
3714
3712
|
logger.logger.log('Result:\n```');
|
|
3715
|
-
logger.logger.log(await
|
|
3713
|
+
logger.logger.log(await shadowNpmInject.safeReadFile(poms[0], 'utf8'));
|
|
3716
3714
|
logger.logger.log('```');
|
|
3717
3715
|
logger.logger.success(`OK`);
|
|
3718
3716
|
} else if (out === '-') {
|
|
3719
|
-
|
|
3717
|
+
process.exitCode = 1;
|
|
3718
|
+
logger.logger.fail('Requested out target was stdout but there are multiple generated files');
|
|
3720
3719
|
poms.forEach(fn => logger.logger.error('-', fn));
|
|
3721
3720
|
logger.logger.error('Exiting now...');
|
|
3722
|
-
process.exitCode = 1;
|
|
3723
3721
|
return;
|
|
3724
3722
|
} else {
|
|
3725
3723
|
// if (verbose) {
|
|
@@ -3736,15 +3734,14 @@ async function convertSbtToMaven(target, bin, out, verbose, sbtOpts) {
|
|
|
3736
3734
|
logger.logger.success(`OK`);
|
|
3737
3735
|
}
|
|
3738
3736
|
} catch (e) {
|
|
3739
|
-
|
|
3737
|
+
process.exitCode = 1;
|
|
3738
|
+
spinner.stop();
|
|
3739
|
+
logger.logger.fail('There was an unexpected error while running this' + (verbose ? '' : ' (use --verbose for details)'));
|
|
3740
3740
|
if (verbose) {
|
|
3741
3741
|
logger.logger.group('[VERBOSE] error:');
|
|
3742
3742
|
logger.logger.log(e);
|
|
3743
3743
|
logger.logger.groupEnd();
|
|
3744
3744
|
}
|
|
3745
|
-
process.exitCode = 1;
|
|
3746
|
-
} finally {
|
|
3747
|
-
spinner.stop();
|
|
3748
3745
|
}
|
|
3749
3746
|
}
|
|
3750
3747
|
|
|
@@ -3852,7 +3849,7 @@ async function run$o(argv, importMeta, {
|
|
|
3852
3849
|
// options or missing arguments.
|
|
3853
3850
|
// https://www.gnu.org/software/bash/manual/html_node/Exit-Status.html
|
|
3854
3851
|
process.exitCode = 2;
|
|
3855
|
-
logger.logger.
|
|
3852
|
+
logger.logger.fail(commonTags.stripIndents`${colors.bgRed(colors.white('Input error'))}: Please provide the required fields:
|
|
3856
3853
|
|
|
3857
3854
|
- The DIR or FILE arg is required ${!target ? colors.red('(missing!)') : target === '-' ? colors.red('(stdin is not supported)') : colors.green('(ok)')}
|
|
3858
3855
|
|
|
@@ -4112,7 +4109,7 @@ async function run$m(argv, importMeta, {
|
|
|
4112
4109
|
// options or missing arguments.
|
|
4113
4110
|
// https://www.gnu.org/software/bash/manual/html_node/Exit-Status.html
|
|
4114
4111
|
process.exitCode = 2;
|
|
4115
|
-
logger.logger.
|
|
4112
|
+
logger.logger.fail(commonTags.stripIndents`${colors.bgRed(colors.white('Input error'))}: Please provide the required fields:
|
|
4116
4113
|
|
|
4117
4114
|
- The DIR arg is required ${!target ? colors.red('(missing!)') : target === '-' ? colors.red('(stdin is not supported)') : colors.green('(ok)')}
|
|
4118
4115
|
|
|
@@ -4187,12 +4184,11 @@ async function run$l(argv, importMeta, {
|
|
|
4187
4184
|
}
|
|
4188
4185
|
|
|
4189
4186
|
const {
|
|
4190
|
-
NPM: NPM$b
|
|
4191
|
-
SHADOW_BIN: SHADOW_BIN$1
|
|
4187
|
+
NPM: NPM$b
|
|
4192
4188
|
} = constants;
|
|
4193
4189
|
async function wrapNpm(argv) {
|
|
4194
|
-
// Lazily access constants.
|
|
4195
|
-
const shadowBin = require(
|
|
4190
|
+
// Lazily access constants.distShadowNpmBinPath.
|
|
4191
|
+
const shadowBin = require(constants.distShadowNpmBinPath);
|
|
4196
4192
|
await shadowBin(NPM$b, argv);
|
|
4197
4193
|
}
|
|
4198
4194
|
|
|
@@ -4233,12 +4229,11 @@ async function run$k(argv, importMeta, {
|
|
|
4233
4229
|
}
|
|
4234
4230
|
|
|
4235
4231
|
const {
|
|
4236
|
-
NPX: NPX$2
|
|
4237
|
-
SHADOW_BIN
|
|
4232
|
+
NPX: NPX$2
|
|
4238
4233
|
} = constants;
|
|
4239
4234
|
async function wrapNpx(argv) {
|
|
4240
|
-
// Lazily access constants.
|
|
4241
|
-
const shadowBin = require(
|
|
4235
|
+
// Lazily access constants.distShadowNpmBinPath.
|
|
4236
|
+
const shadowBin = require(constants.distShadowNpmBinPath);
|
|
4242
4237
|
await shadowBin(NPX$2, argv);
|
|
4243
4238
|
}
|
|
4244
4239
|
|
|
@@ -4401,8 +4396,8 @@ const readLockFileByAgent = (() => {
|
|
|
4401
4396
|
return undefined;
|
|
4402
4397
|
};
|
|
4403
4398
|
}
|
|
4404
|
-
const binaryReader = wrapReader(
|
|
4405
|
-
const defaultReader = wrapReader(async lockPath => await
|
|
4399
|
+
const binaryReader = wrapReader(shadowNpmInject.readFileBinary);
|
|
4400
|
+
const defaultReader = wrapReader(async lockPath => await shadowNpmInject.readFileUtf8(lockPath));
|
|
4406
4401
|
return {
|
|
4407
4402
|
[BUN$5]: wrapReader(async (lockPath, agentExecPath) => {
|
|
4408
4403
|
const ext = path.extname(lockPath);
|
|
@@ -4434,12 +4429,12 @@ async function detectPackageEnvironment({
|
|
|
4434
4429
|
cwd = process$1.cwd(),
|
|
4435
4430
|
onUnknown
|
|
4436
4431
|
} = {}) {
|
|
4437
|
-
let lockPath = await
|
|
4432
|
+
let lockPath = await shadowNpmInject.findUp(Object.keys(LOCKS), {
|
|
4438
4433
|
cwd
|
|
4439
4434
|
});
|
|
4440
4435
|
let lockName = lockPath ? path.basename(lockPath) : undefined;
|
|
4441
4436
|
const isHiddenLockFile = lockName === '.package-lock.json';
|
|
4442
|
-
const pkgJsonPath = lockPath ? path.resolve(lockPath, `${isHiddenLockFile ? '../' : ''}../package.json`) : await
|
|
4437
|
+
const pkgJsonPath = lockPath ? path.resolve(lockPath, `${isHiddenLockFile ? '../' : ''}../package.json`) : await shadowNpmInject.findUp('package.json', {
|
|
4443
4438
|
cwd
|
|
4444
4439
|
});
|
|
4445
4440
|
const pkgPath = pkgJsonPath && fs.existsSync(pkgJsonPath) ? path.dirname(pkgJsonPath) : undefined;
|
|
@@ -4551,36 +4546,36 @@ async function detectAndValidatePackageEnvironment(cwd, options) {
|
|
|
4551
4546
|
const details = await detectPackageEnvironment({
|
|
4552
4547
|
cwd,
|
|
4553
4548
|
onUnknown(pkgManager) {
|
|
4554
|
-
logger?.warn(
|
|
4549
|
+
logger?.warn(`${COMMAND_TITLE$2}: Unknown package manager${pkgManager ? ` ${pkgManager}` : ''}, defaulting to npm`);
|
|
4555
4550
|
}
|
|
4556
4551
|
});
|
|
4557
4552
|
if (!details.supported) {
|
|
4558
|
-
logger?.
|
|
4553
|
+
logger?.fail(`${COMMAND_TITLE$2}: No supported Node or browser range detected`);
|
|
4559
4554
|
return;
|
|
4560
4555
|
}
|
|
4561
4556
|
if (details.agent === VLT$4) {
|
|
4562
|
-
logger?.
|
|
4557
|
+
logger?.fail(`${COMMAND_TITLE$2}: ${details.agent} does not support overrides. Soon, though ⚡`);
|
|
4563
4558
|
return;
|
|
4564
4559
|
}
|
|
4565
4560
|
const lockName = details.lockName ?? 'lock file';
|
|
4566
4561
|
if (details.lockName === undefined || details.lockSrc === undefined) {
|
|
4567
|
-
logger?.
|
|
4562
|
+
logger?.fail(`${COMMAND_TITLE$2}: No ${lockName} found`);
|
|
4568
4563
|
return;
|
|
4569
4564
|
}
|
|
4570
4565
|
if (details.lockSrc.trim() === '') {
|
|
4571
|
-
logger?.
|
|
4566
|
+
logger?.fail(`${COMMAND_TITLE$2}: ${lockName} is empty`);
|
|
4572
4567
|
return;
|
|
4573
4568
|
}
|
|
4574
4569
|
if (details.pkgPath === undefined) {
|
|
4575
|
-
logger?.
|
|
4570
|
+
logger?.fail(`${COMMAND_TITLE$2}: No package.json found`);
|
|
4576
4571
|
return;
|
|
4577
4572
|
}
|
|
4578
4573
|
if (prod && (details.agent === BUN$4 || details.agent === YARN_BERRY$4)) {
|
|
4579
|
-
logger?.
|
|
4574
|
+
logger?.fail(`${COMMAND_TITLE$2}: --prod not supported for ${details.agent}${details.agentVersion ? `@${details.agentVersion.toString()}` : ''}`);
|
|
4580
4575
|
return;
|
|
4581
4576
|
}
|
|
4582
4577
|
if (details.lockPath && path.relative(cwd, details.lockPath).startsWith('.')) {
|
|
4583
|
-
logger?.warn(
|
|
4578
|
+
logger?.warn(`${COMMAND_TITLE$2}: Package ${lockName} found at ${details.lockPath}`);
|
|
4584
4579
|
}
|
|
4585
4580
|
return details;
|
|
4586
4581
|
}
|
|
@@ -4684,7 +4679,7 @@ async function getWorkspaceGlobs(agent, pkgPath, pkgJson) {
|
|
|
4684
4679
|
if (agent === PNPM$4) {
|
|
4685
4680
|
for (const workspacePath of [path.join(pkgPath, `${PNPM_WORKSPACE}.yaml`), path.join(pkgPath, `${PNPM_WORKSPACE}.yml`)]) {
|
|
4686
4681
|
// eslint-disable-next-line no-await-in-loop
|
|
4687
|
-
const yml = await
|
|
4682
|
+
const yml = await shadowNpmInject.safeReadFile(workspacePath, 'utf8');
|
|
4688
4683
|
if (yml) {
|
|
4689
4684
|
try {
|
|
4690
4685
|
workspacePatterns = yaml.parse(yml)?.packages;
|
|
@@ -5029,8 +5024,8 @@ function safeNpmInstall(options) {
|
|
|
5029
5024
|
constants.execPath, [
|
|
5030
5025
|
// Lazily access constants.nodeNoWarningsFlags.
|
|
5031
5026
|
...constants.nodeNoWarningsFlags, '--require',
|
|
5032
|
-
// Lazily access constants.
|
|
5033
|
-
constants.
|
|
5027
|
+
// Lazily access constants.distShadowNpmInjectPath.
|
|
5028
|
+
constants.distShadowNpmInjectPath, shadowNpmPaths.getNpmBinPath(), 'install',
|
|
5034
5029
|
// Even though the '--silent' flag is passed npm will still run through
|
|
5035
5030
|
// code paths for 'audit' and 'fund' unless '--no-audit' and '--no-fund'
|
|
5036
5031
|
// flags are passed.
|
|
@@ -5117,7 +5112,7 @@ async function updatePackageLockJson(pkgEnvDetails, options) {
|
|
|
5117
5112
|
}
|
|
5118
5113
|
} catch (e) {
|
|
5119
5114
|
spinner?.stop();
|
|
5120
|
-
logger?.
|
|
5115
|
+
logger?.fail(`${COMMAND_TITLE$1}: ${pkgEnvDetails.agent} install failed to update ${pkgEnvDetails.lockName}`);
|
|
5121
5116
|
logger?.error(e);
|
|
5122
5117
|
}
|
|
5123
5118
|
}
|
|
@@ -5217,7 +5212,7 @@ async function addOverrides(pkgPath, pkgEnvDetails, options) {
|
|
|
5217
5212
|
const isWorkspace = !!workspaceGlobs;
|
|
5218
5213
|
if (isWorkspace && agent === PNPM && npmExecPath === NPM$1 && !state.warnedPnpmWorkspaceRequiresNpm) {
|
|
5219
5214
|
state.warnedPnpmWorkspaceRequiresNpm = true;
|
|
5220
|
-
logger?.warn(
|
|
5215
|
+
logger?.warn(`${COMMAND_TITLE}: pnpm workspace support requires \`npm ls\`, falling back to \`pnpm list\``);
|
|
5221
5216
|
}
|
|
5222
5217
|
const thingToScan = isLockScanned ? lockSrc : await lsByAgent[agent](agentExecPath, pkgPath, {
|
|
5223
5218
|
npmExecPath
|
|
@@ -5408,9 +5403,9 @@ async function run$h(argv, importMeta, {
|
|
|
5408
5403
|
}
|
|
5409
5404
|
|
|
5410
5405
|
async function getOrganization(format = 'text') {
|
|
5411
|
-
const apiToken =
|
|
5406
|
+
const apiToken = shadowNpmInject.getDefaultToken();
|
|
5412
5407
|
if (!apiToken) {
|
|
5413
|
-
throw new
|
|
5408
|
+
throw new shadowNpmInject.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
|
|
5414
5409
|
}
|
|
5415
5410
|
await printOrganizationsFromToken(apiToken, format);
|
|
5416
5411
|
}
|
|
@@ -5420,10 +5415,10 @@ async function printOrganizationsFromToken(apiToken, format = 'text') {
|
|
|
5420
5415
|
spinner
|
|
5421
5416
|
} = constants;
|
|
5422
5417
|
spinner.start('Fetching organizations...');
|
|
5423
|
-
const socketSdk = await
|
|
5418
|
+
const socketSdk = await shadowNpmInject.setupSdk(apiToken);
|
|
5424
5419
|
const result = await handleApiCall(socketSdk.getOrganizations(), 'looking up organizations');
|
|
5425
5420
|
if (!result.success) {
|
|
5426
|
-
handleUnsuccessfulApiResponse('getOrganizations', result
|
|
5421
|
+
handleUnsuccessfulApiResponse('getOrganizations', result);
|
|
5427
5422
|
return;
|
|
5428
5423
|
}
|
|
5429
5424
|
spinner.stop();
|
|
@@ -5514,7 +5509,7 @@ async function run$g(argv, importMeta, {
|
|
|
5514
5509
|
// options or missing arguments.
|
|
5515
5510
|
// https://www.gnu.org/software/bash/manual/html_node/Exit-Status.html
|
|
5516
5511
|
process.exitCode = 2;
|
|
5517
|
-
logger.logger.
|
|
5512
|
+
logger.logger.fail(commonTags.stripIndents`
|
|
5518
5513
|
${colors.bgRed(colors.white('Input error'))}: Please provide the required fields:
|
|
5519
5514
|
|
|
5520
5515
|
- The json and markdown flags cannot be both set, pick one
|
|
@@ -5529,7 +5524,7 @@ ${colors.bgRed(colors.white('Input error'))}: Please provide the required fields
|
|
|
5529
5524
|
}
|
|
5530
5525
|
|
|
5531
5526
|
async function runRawNpm(argv) {
|
|
5532
|
-
const spawnPromise = spawn.spawn(
|
|
5527
|
+
const spawnPromise = spawn.spawn(shadowNpmPaths.getNpmBinPath(), argv, {
|
|
5533
5528
|
stdio: 'inherit'
|
|
5534
5529
|
});
|
|
5535
5530
|
// See https://nodejs.org/api/all.html#all_child_process_event-exit.
|
|
@@ -5583,7 +5578,7 @@ async function run$f(argv, importMeta, {
|
|
|
5583
5578
|
}
|
|
5584
5579
|
|
|
5585
5580
|
async function runRawNpx(argv) {
|
|
5586
|
-
const spawnPromise = spawn.spawn(
|
|
5581
|
+
const spawnPromise = spawn.spawn(shadowNpmPaths.getNpxBinPath(), argv, {
|
|
5587
5582
|
stdio: 'inherit'
|
|
5588
5583
|
});
|
|
5589
5584
|
// See https://nodejs.org/api/all.html#all_child_process_event-exit.
|
|
@@ -5647,16 +5642,16 @@ async function createReport(socketConfig, inputPaths, {
|
|
|
5647
5642
|
const {
|
|
5648
5643
|
spinner
|
|
5649
5644
|
} = constants;
|
|
5650
|
-
const socketSdk = await
|
|
5645
|
+
const socketSdk = await shadowNpmInject.setupSdk();
|
|
5651
5646
|
const supportedFiles = await socketSdk.getReportSupportedFiles().then(res => {
|
|
5652
|
-
if (!res.success) handleUnsuccessfulApiResponse('getReportSupportedFiles', res
|
|
5647
|
+
if (!res.success) handleUnsuccessfulApiResponse('getReportSupportedFiles', res);
|
|
5653
5648
|
return res.data;
|
|
5654
5649
|
}).catch(cause => {
|
|
5655
5650
|
throw new Error('Failed getting supported files for report', {
|
|
5656
5651
|
cause
|
|
5657
5652
|
});
|
|
5658
5653
|
});
|
|
5659
|
-
const packagePaths = await
|
|
5654
|
+
const packagePaths = await shadowNpmPaths.getPackageFilesFullScans(cwd, inputPaths, supportedFiles, socketConfig);
|
|
5660
5655
|
const packagePathsCount = packagePaths.length;
|
|
5661
5656
|
if (packagePathsCount && debug.isDebug()) {
|
|
5662
5657
|
for (const pkgPath of packagePaths) {
|
|
@@ -5671,7 +5666,7 @@ async function createReport(socketConfig, inputPaths, {
|
|
|
5671
5666
|
const apiCall = socketSdk.createReportFromFilePaths(packagePaths, cwd, socketConfig?.issueRules);
|
|
5672
5667
|
const result = await handleApiCall(apiCall, 'creating report');
|
|
5673
5668
|
if (!result.success) {
|
|
5674
|
-
handleUnsuccessfulApiResponse('createReport', result
|
|
5669
|
+
handleUnsuccessfulApiResponse('createReport', result);
|
|
5675
5670
|
return undefined;
|
|
5676
5671
|
}
|
|
5677
5672
|
spinner.successAndStop();
|
|
@@ -5689,7 +5684,7 @@ async function getSocketConfig(absoluteConfigPath) {
|
|
|
5689
5684
|
errors: cause.validationErrors,
|
|
5690
5685
|
schema: cause.schema
|
|
5691
5686
|
});
|
|
5692
|
-
throw new
|
|
5687
|
+
throw new shadowNpmInject.InputError('The socket.yml config is not valid', betterErrors.map(err => `[${err.path}] ${err.message}.${err.suggestion ? err.suggestion : ''}`).join('\n'));
|
|
5693
5688
|
} else {
|
|
5694
5689
|
throw new Error('Failed to read socket.yml config', {
|
|
5695
5690
|
cause
|
|
@@ -5707,7 +5702,7 @@ async function fetchReportData(reportId, includeAllIssues, strict) {
|
|
|
5707
5702
|
spinner
|
|
5708
5703
|
} = constants;
|
|
5709
5704
|
spinner.start(`Fetching report with ID ${reportId} (this could take a while)`);
|
|
5710
|
-
const socketSdk = await
|
|
5705
|
+
const socketSdk = await shadowNpmInject.setupSdk();
|
|
5711
5706
|
let result;
|
|
5712
5707
|
for (let retry = 1; !result; ++retry) {
|
|
5713
5708
|
try {
|
|
@@ -5721,7 +5716,7 @@ async function fetchReportData(reportId, includeAllIssues, strict) {
|
|
|
5721
5716
|
}
|
|
5722
5717
|
}
|
|
5723
5718
|
if (!result.success) {
|
|
5724
|
-
return handleUnsuccessfulApiResponse('getReport', result
|
|
5719
|
+
return handleUnsuccessfulApiResponse('getReport', result);
|
|
5725
5720
|
}
|
|
5726
5721
|
|
|
5727
5722
|
// Conclude the status of the API call.
|
|
@@ -5746,7 +5741,7 @@ function formatReportDataOutput(reportId, data, commandName, outputJson, outputM
|
|
|
5746
5741
|
if (outputJson) {
|
|
5747
5742
|
logger.logger.log(JSON.stringify(data, undefined, 2));
|
|
5748
5743
|
} else {
|
|
5749
|
-
const format = new
|
|
5744
|
+
const format = new shadowNpmInject.ColorOrMarkdown(outputMarkdown);
|
|
5750
5745
|
logger.logger.log(commonTags.stripIndents`
|
|
5751
5746
|
Detailed info on socket.dev: ${format.hyperlink(reportId, data.url, {
|
|
5752
5747
|
fallbackToUrl: true
|
|
@@ -5850,7 +5845,7 @@ async function run$d(argv, importMeta, {
|
|
|
5850
5845
|
} else if (json) {
|
|
5851
5846
|
logger.logger.log(JSON.stringify(result.data, undefined, 2));
|
|
5852
5847
|
} else {
|
|
5853
|
-
const format = new
|
|
5848
|
+
const format = new shadowNpmInject.ColorOrMarkdown(markdown);
|
|
5854
5849
|
logger.logger.log(`New report: ${format.hyperlink(result.data.id, result.data.url, {
|
|
5855
5850
|
fallbackToUrl: true
|
|
5856
5851
|
})}`);
|
|
@@ -5897,7 +5892,7 @@ async function run$c(argv, importMeta, {
|
|
|
5897
5892
|
// options or missing arguments.
|
|
5898
5893
|
// https://www.gnu.org/software/bash/manual/html_node/Exit-Status.html
|
|
5899
5894
|
process.exitCode = 2;
|
|
5900
|
-
logger.logger.
|
|
5895
|
+
logger.logger.fail(commonTags.stripIndents`${colors.bgRed(colors.white('Input error'))}: Please provide the required fields:
|
|
5901
5896
|
|
|
5902
5897
|
- Need at least one report ID ${!reportId ? colors.red('(missing!)') : colors.green('(ok)')}
|
|
5903
5898
|
|
|
@@ -5938,13 +5933,33 @@ const cmdReport = {
|
|
|
5938
5933
|
};
|
|
5939
5934
|
|
|
5940
5935
|
async function createRepo({
|
|
5936
|
+
default_branch,
|
|
5937
|
+
description,
|
|
5938
|
+
homepage,
|
|
5939
|
+
orgSlug,
|
|
5940
|
+
repoName,
|
|
5941
|
+
visibility
|
|
5942
|
+
}) {
|
|
5943
|
+
const apiToken = shadowNpmInject.getDefaultToken();
|
|
5944
|
+
if (!apiToken) {
|
|
5945
|
+
throw new shadowNpmInject.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
|
|
5946
|
+
}
|
|
5947
|
+
await createRepoWithToken({
|
|
5948
|
+
apiToken,
|
|
5949
|
+
default_branch,
|
|
5950
|
+
description,
|
|
5951
|
+
homepage,
|
|
5952
|
+
orgSlug,
|
|
5953
|
+
repoName,
|
|
5954
|
+
visibility
|
|
5955
|
+
});
|
|
5956
|
+
}
|
|
5957
|
+
async function createRepoWithToken({
|
|
5941
5958
|
apiToken,
|
|
5942
5959
|
default_branch,
|
|
5943
5960
|
description,
|
|
5944
5961
|
homepage,
|
|
5945
5962
|
orgSlug,
|
|
5946
|
-
outputJson,
|
|
5947
|
-
outputMarkdown,
|
|
5948
5963
|
repoName,
|
|
5949
5964
|
visibility
|
|
5950
5965
|
}) {
|
|
@@ -5953,22 +5968,19 @@ async function createRepo({
|
|
|
5953
5968
|
spinner
|
|
5954
5969
|
} = constants;
|
|
5955
5970
|
spinner.start('Creating repository...');
|
|
5956
|
-
const socketSdk = await
|
|
5971
|
+
const socketSdk = await shadowNpmInject.setupSdk(apiToken);
|
|
5957
5972
|
const result = await handleApiCall(socketSdk.createOrgRepo(orgSlug, {
|
|
5958
|
-
outputJson,
|
|
5959
|
-
outputMarkdown,
|
|
5960
|
-
orgSlug,
|
|
5961
5973
|
name: repoName,
|
|
5962
5974
|
description,
|
|
5963
5975
|
homepage,
|
|
5964
5976
|
default_branch,
|
|
5965
5977
|
visibility
|
|
5966
5978
|
}), 'creating repository');
|
|
5967
|
-
if (result.success) {
|
|
5968
|
-
|
|
5969
|
-
|
|
5970
|
-
handleUnsuccessfulApiResponse('createOrgRepo', result, spinner);
|
|
5979
|
+
if (!result.success) {
|
|
5980
|
+
handleUnsuccessfulApiResponse('createOrgRepo', result);
|
|
5981
|
+
return;
|
|
5971
5982
|
}
|
|
5983
|
+
spinner.successAndStop('Repository created successfully');
|
|
5972
5984
|
}
|
|
5973
5985
|
|
|
5974
5986
|
const {
|
|
@@ -5980,7 +5992,6 @@ const config$b = {
|
|
|
5980
5992
|
hidden: false,
|
|
5981
5993
|
flags: {
|
|
5982
5994
|
...commonFlags,
|
|
5983
|
-
...outputFlags,
|
|
5984
5995
|
repoName: {
|
|
5985
5996
|
type: 'string',
|
|
5986
5997
|
shortFlag: 'n',
|
|
@@ -6044,7 +6055,7 @@ async function run$b(argv, importMeta, {
|
|
|
6044
6055
|
// options or missing arguments.
|
|
6045
6056
|
// https://www.gnu.org/software/bash/manual/html_node/Exit-Status.html
|
|
6046
6057
|
process.exitCode = 2;
|
|
6047
|
-
logger.logger.
|
|
6058
|
+
logger.logger.fail(commonTags.stripIndents`${colors.bgRed(colors.white('Input error'))}: Please provide the required fields:
|
|
6048
6059
|
|
|
6049
6060
|
- Org name as the first argument ${!orgSlug ? colors.red('(missing!)') : colors.green('(ok)')}
|
|
6050
6061
|
|
|
@@ -6055,36 +6066,36 @@ async function run$b(argv, importMeta, {
|
|
|
6055
6066
|
logger.logger.log(DRY_RUN_BAIL_TEXT$b);
|
|
6056
6067
|
return;
|
|
6057
6068
|
}
|
|
6058
|
-
const apiToken = index.getDefaultToken();
|
|
6059
|
-
if (!apiToken) {
|
|
6060
|
-
throw new index.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
|
|
6061
|
-
}
|
|
6062
6069
|
await createRepo({
|
|
6063
|
-
outputJson: Boolean(cli.flags['json']),
|
|
6064
|
-
outputMarkdown: Boolean(cli.flags['markdown']),
|
|
6065
6070
|
orgSlug,
|
|
6066
6071
|
repoName,
|
|
6067
6072
|
description: String(cli.flags['repoDescription'] || ''),
|
|
6068
6073
|
homepage: String(cli.flags['homepage'] || ''),
|
|
6069
6074
|
default_branch: String(cli.flags['defaultBranch'] || ''),
|
|
6070
|
-
visibility: String(cli.flags['visibility'] || 'private')
|
|
6071
|
-
apiToken
|
|
6075
|
+
visibility: String(cli.flags['visibility'] || 'private')
|
|
6072
6076
|
});
|
|
6073
6077
|
}
|
|
6074
6078
|
|
|
6075
|
-
async function deleteRepo(orgSlug, repoName
|
|
6079
|
+
async function deleteRepo(orgSlug, repoName) {
|
|
6080
|
+
const apiToken = shadowNpmInject.getDefaultToken();
|
|
6081
|
+
if (!apiToken) {
|
|
6082
|
+
throw new shadowNpmInject.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
|
|
6083
|
+
}
|
|
6084
|
+
await deleteRepoWithToken(orgSlug, repoName, apiToken);
|
|
6085
|
+
}
|
|
6086
|
+
async function deleteRepoWithToken(orgSlug, repoName, apiToken) {
|
|
6076
6087
|
// Lazily access constants.spinner.
|
|
6077
6088
|
const {
|
|
6078
6089
|
spinner
|
|
6079
6090
|
} = constants;
|
|
6080
6091
|
spinner.start('Deleting repository...');
|
|
6081
|
-
const socketSdk = await
|
|
6092
|
+
const socketSdk = await shadowNpmInject.setupSdk(apiToken);
|
|
6082
6093
|
const result = await handleApiCall(socketSdk.deleteOrgRepo(orgSlug, repoName), 'deleting repository');
|
|
6083
|
-
if (result.success) {
|
|
6084
|
-
|
|
6085
|
-
|
|
6086
|
-
handleUnsuccessfulApiResponse('deleteOrgRepo', result, spinner);
|
|
6094
|
+
if (!result.success) {
|
|
6095
|
+
handleUnsuccessfulApiResponse('deleteOrgRepo', result);
|
|
6096
|
+
return;
|
|
6087
6097
|
}
|
|
6098
|
+
spinner.successAndStop('Repository deleted successfully');
|
|
6088
6099
|
}
|
|
6089
6100
|
|
|
6090
6101
|
const {
|
|
@@ -6128,7 +6139,7 @@ async function run$a(argv, importMeta, {
|
|
|
6128
6139
|
// options or missing arguments.
|
|
6129
6140
|
// https://www.gnu.org/software/bash/manual/html_node/Exit-Status.html
|
|
6130
6141
|
process.exitCode = 2;
|
|
6131
|
-
logger.logger.
|
|
6142
|
+
logger.logger.fail(commonTags.stripIndents`${colors.bgRed(colors.white('Input error'))}: Please provide the required fields:
|
|
6132
6143
|
|
|
6133
6144
|
- Org name as the first argument ${!orgSlug ? colors.red('(missing!)') : colors.green('(ok)')}
|
|
6134
6145
|
|
|
@@ -6141,20 +6152,37 @@ async function run$a(argv, importMeta, {
|
|
|
6141
6152
|
logger.logger.log(DRY_RUN_BAIL_TEXT$a);
|
|
6142
6153
|
return;
|
|
6143
6154
|
}
|
|
6144
|
-
|
|
6145
|
-
if (!apiToken) {
|
|
6146
|
-
throw new index.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
|
|
6147
|
-
}
|
|
6148
|
-
await deleteRepo(orgSlug, repoName, apiToken);
|
|
6155
|
+
await deleteRepo(orgSlug, repoName);
|
|
6149
6156
|
}
|
|
6150
6157
|
|
|
6151
6158
|
// @ts-ignore
|
|
6152
6159
|
async function listRepos({
|
|
6160
|
+
direction,
|
|
6161
|
+
orgSlug,
|
|
6162
|
+
outputKind,
|
|
6163
|
+
page,
|
|
6164
|
+
per_page,
|
|
6165
|
+
sort
|
|
6166
|
+
}) {
|
|
6167
|
+
const apiToken = shadowNpmInject.getDefaultToken();
|
|
6168
|
+
if (!apiToken) {
|
|
6169
|
+
throw new shadowNpmInject.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
|
|
6170
|
+
}
|
|
6171
|
+
await listReposWithToken({
|
|
6172
|
+
apiToken,
|
|
6173
|
+
direction,
|
|
6174
|
+
orgSlug,
|
|
6175
|
+
outputKind,
|
|
6176
|
+
page,
|
|
6177
|
+
per_page,
|
|
6178
|
+
sort
|
|
6179
|
+
});
|
|
6180
|
+
}
|
|
6181
|
+
async function listReposWithToken({
|
|
6153
6182
|
apiToken,
|
|
6154
6183
|
direction,
|
|
6155
6184
|
orgSlug,
|
|
6156
|
-
|
|
6157
|
-
outputMarkdown,
|
|
6185
|
+
outputKind,
|
|
6158
6186
|
page,
|
|
6159
6187
|
per_page,
|
|
6160
6188
|
sort
|
|
@@ -6163,23 +6191,20 @@ async function listRepos({
|
|
|
6163
6191
|
const {
|
|
6164
6192
|
spinner
|
|
6165
6193
|
} = constants;
|
|
6166
|
-
spinner.start('
|
|
6167
|
-
const socketSdk = await
|
|
6194
|
+
spinner.start('Fetching list of repositories...');
|
|
6195
|
+
const socketSdk = await shadowNpmInject.setupSdk(apiToken);
|
|
6168
6196
|
const result = await handleApiCall(socketSdk.getOrgRepoList(orgSlug, {
|
|
6169
|
-
outputJson,
|
|
6170
|
-
outputMarkdown,
|
|
6171
|
-
orgSlug,
|
|
6172
6197
|
sort,
|
|
6173
6198
|
direction,
|
|
6174
6199
|
per_page,
|
|
6175
6200
|
page
|
|
6176
6201
|
}), 'listing repositories');
|
|
6177
6202
|
if (!result.success) {
|
|
6178
|
-
handleUnsuccessfulApiResponse('getOrgRepoList', result
|
|
6203
|
+
handleUnsuccessfulApiResponse('getOrgRepoList', result);
|
|
6179
6204
|
return;
|
|
6180
6205
|
}
|
|
6181
|
-
spinner.stop();
|
|
6182
|
-
if (
|
|
6206
|
+
spinner.stop('Fetch complete.');
|
|
6207
|
+
if (outputKind === 'json') {
|
|
6183
6208
|
const data = result.data.results.map(o => ({
|
|
6184
6209
|
id: o.id,
|
|
6185
6210
|
name: o.name,
|
|
@@ -6276,7 +6301,7 @@ async function run$9(argv, importMeta, {
|
|
|
6276
6301
|
// options or missing arguments.
|
|
6277
6302
|
// https://www.gnu.org/software/bash/manual/html_node/Exit-Status.html
|
|
6278
6303
|
process.exitCode = 2;
|
|
6279
|
-
logger.logger.
|
|
6304
|
+
logger.logger.fail(commonTags.stripIndents`${colors.bgRed(colors.white('Input error'))}: Please provide the required fields:
|
|
6280
6305
|
|
|
6281
6306
|
- Org name as the first argument ${!orgSlug ? colors.red('(missing!)') : colors.green('(ok)')}
|
|
6282
6307
|
|
|
@@ -6287,30 +6312,44 @@ async function run$9(argv, importMeta, {
|
|
|
6287
6312
|
logger.logger.log(DRY_RUN_BAIL_TEXT$9);
|
|
6288
6313
|
return;
|
|
6289
6314
|
}
|
|
6290
|
-
const apiToken = index.getDefaultToken();
|
|
6291
|
-
if (!apiToken) {
|
|
6292
|
-
throw new index.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
|
|
6293
|
-
}
|
|
6294
6315
|
await listRepos({
|
|
6295
|
-
apiToken,
|
|
6296
|
-
outputJson: Boolean(cli.flags['json']),
|
|
6297
|
-
outputMarkdown: Boolean(cli.flags['markdown']),
|
|
6298
|
-
orgSlug,
|
|
6299
|
-
sort: String(cli.flags['sort'] || 'created_at'),
|
|
6300
6316
|
direction: cli.flags['direction'] === 'asc' ? 'asc' : 'desc',
|
|
6317
|
+
orgSlug,
|
|
6318
|
+
outputKind: cli.flags['json'] ? 'json' : cli.flags['markdown'] ? 'markdown' : 'print',
|
|
6301
6319
|
page: Number(cli.flags['page']) || 1,
|
|
6302
|
-
per_page: Number(cli.flags['perPage']) || 30
|
|
6320
|
+
per_page: Number(cli.flags['perPage']) || 30,
|
|
6321
|
+
sort: String(cli.flags['sort'] || 'created_at')
|
|
6303
6322
|
});
|
|
6304
6323
|
}
|
|
6305
6324
|
|
|
6306
6325
|
async function updateRepo({
|
|
6326
|
+
default_branch,
|
|
6327
|
+
description,
|
|
6328
|
+
homepage,
|
|
6329
|
+
orgSlug,
|
|
6330
|
+
repoName,
|
|
6331
|
+
visibility
|
|
6332
|
+
}) {
|
|
6333
|
+
const apiToken = shadowNpmInject.getDefaultToken();
|
|
6334
|
+
if (!apiToken) {
|
|
6335
|
+
throw new shadowNpmInject.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
|
|
6336
|
+
}
|
|
6337
|
+
await updateRepoWithToken({
|
|
6338
|
+
apiToken,
|
|
6339
|
+
default_branch,
|
|
6340
|
+
description,
|
|
6341
|
+
homepage,
|
|
6342
|
+
orgSlug,
|
|
6343
|
+
repoName,
|
|
6344
|
+
visibility
|
|
6345
|
+
});
|
|
6346
|
+
}
|
|
6347
|
+
async function updateRepoWithToken({
|
|
6307
6348
|
apiToken,
|
|
6308
6349
|
default_branch,
|
|
6309
6350
|
description,
|
|
6310
6351
|
homepage,
|
|
6311
6352
|
orgSlug,
|
|
6312
|
-
outputJson,
|
|
6313
|
-
outputMarkdown,
|
|
6314
6353
|
repoName,
|
|
6315
6354
|
visibility
|
|
6316
6355
|
}) {
|
|
@@ -6319,10 +6358,8 @@ async function updateRepo({
|
|
|
6319
6358
|
spinner
|
|
6320
6359
|
} = constants;
|
|
6321
6360
|
spinner.start('Updating repository...');
|
|
6322
|
-
const socketSdk = await
|
|
6361
|
+
const socketSdk = await shadowNpmInject.setupSdk(apiToken);
|
|
6323
6362
|
const result = await handleApiCall(socketSdk.updateOrgRepo(orgSlug, repoName, {
|
|
6324
|
-
outputJson,
|
|
6325
|
-
outputMarkdown,
|
|
6326
6363
|
orgSlug,
|
|
6327
6364
|
name: repoName,
|
|
6328
6365
|
description,
|
|
@@ -6330,11 +6367,11 @@ async function updateRepo({
|
|
|
6330
6367
|
default_branch,
|
|
6331
6368
|
visibility
|
|
6332
6369
|
}), 'updating repository');
|
|
6333
|
-
if (result.success) {
|
|
6334
|
-
|
|
6335
|
-
|
|
6336
|
-
handleUnsuccessfulApiResponse('updateOrgRepo', result, spinner);
|
|
6370
|
+
if (!result.success) {
|
|
6371
|
+
handleUnsuccessfulApiResponse('updateOrgRepo', result);
|
|
6372
|
+
return;
|
|
6337
6373
|
}
|
|
6374
|
+
spinner.successAndStop('Repository updated successfully');
|
|
6338
6375
|
}
|
|
6339
6376
|
|
|
6340
6377
|
const {
|
|
@@ -6346,7 +6383,6 @@ const config$8 = {
|
|
|
6346
6383
|
hidden: false,
|
|
6347
6384
|
flags: {
|
|
6348
6385
|
...commonFlags,
|
|
6349
|
-
...outputFlags,
|
|
6350
6386
|
repoName: {
|
|
6351
6387
|
type: 'string',
|
|
6352
6388
|
shortFlag: 'n',
|
|
@@ -6410,7 +6446,7 @@ async function run$8(argv, importMeta, {
|
|
|
6410
6446
|
// options or missing arguments.
|
|
6411
6447
|
// https://www.gnu.org/software/bash/manual/html_node/Exit-Status.html
|
|
6412
6448
|
process.exitCode = 2;
|
|
6413
|
-
logger.logger.
|
|
6449
|
+
logger.logger.fail(commonTags.stripIndents`${colors.bgRed(colors.white('Input error'))}: Please provide the required fields:
|
|
6414
6450
|
|
|
6415
6451
|
- Org name as the first argument ${!orgSlug ? colors.red('(missing!)') : colors.green('(ok)')}
|
|
6416
6452
|
|
|
@@ -6423,14 +6459,7 @@ async function run$8(argv, importMeta, {
|
|
|
6423
6459
|
logger.logger.log(DRY_RUN_BAIL_TEXT$8);
|
|
6424
6460
|
return;
|
|
6425
6461
|
}
|
|
6426
|
-
const apiToken = index.getDefaultToken();
|
|
6427
|
-
if (!apiToken) {
|
|
6428
|
-
throw new index.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
|
|
6429
|
-
}
|
|
6430
6462
|
await updateRepo({
|
|
6431
|
-
apiToken,
|
|
6432
|
-
outputJson: Boolean(cli.flags['json']),
|
|
6433
|
-
outputMarkdown: Boolean(cli.flags['markdown']),
|
|
6434
6463
|
orgSlug,
|
|
6435
6464
|
repoName,
|
|
6436
6465
|
description: String(cli.flags['repoDescription'] || ''),
|
|
@@ -6441,16 +6470,45 @@ async function run$8(argv, importMeta, {
|
|
|
6441
6470
|
}
|
|
6442
6471
|
|
|
6443
6472
|
// @ts-ignore
|
|
6444
|
-
async function viewRepo(orgSlug, repoName,
|
|
6473
|
+
async function viewRepo(orgSlug, repoName, outputKind) {
|
|
6474
|
+
const apiToken = shadowNpmInject.getDefaultToken();
|
|
6475
|
+
if (!apiToken) {
|
|
6476
|
+
throw new shadowNpmInject.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
|
|
6477
|
+
}
|
|
6478
|
+
await viewRepoWithToken(orgSlug, repoName, apiToken, outputKind);
|
|
6479
|
+
}
|
|
6480
|
+
async function viewRepoWithToken(orgSlug, repoName, apiToken, outputKind) {
|
|
6445
6481
|
// Lazily access constants.spinner.
|
|
6446
6482
|
const {
|
|
6447
6483
|
spinner
|
|
6448
6484
|
} = constants;
|
|
6449
|
-
spinner.start('Fetching repository...');
|
|
6450
|
-
const socketSdk = await
|
|
6485
|
+
spinner.start('Fetching repository data...');
|
|
6486
|
+
const socketSdk = await shadowNpmInject.setupSdk(apiToken);
|
|
6451
6487
|
const result = await handleApiCall(socketSdk.getOrgRepo(orgSlug, repoName), 'fetching repository');
|
|
6452
6488
|
if (!result.success) {
|
|
6453
|
-
handleUnsuccessfulApiResponse('getOrgRepo', result
|
|
6489
|
+
handleUnsuccessfulApiResponse('getOrgRepo', result);
|
|
6490
|
+
return;
|
|
6491
|
+
}
|
|
6492
|
+
spinner.stop('Fetched repository data.');
|
|
6493
|
+
if (outputKind === 'json') {
|
|
6494
|
+
const {
|
|
6495
|
+
archived,
|
|
6496
|
+
created_at,
|
|
6497
|
+
default_branch,
|
|
6498
|
+
homepage,
|
|
6499
|
+
id,
|
|
6500
|
+
name,
|
|
6501
|
+
visibility
|
|
6502
|
+
} = result.data;
|
|
6503
|
+
logger.logger.log(JSON.stringify({
|
|
6504
|
+
id,
|
|
6505
|
+
name,
|
|
6506
|
+
visibility,
|
|
6507
|
+
default_branch,
|
|
6508
|
+
homepage,
|
|
6509
|
+
archived,
|
|
6510
|
+
created_at
|
|
6511
|
+
}, null, 2));
|
|
6454
6512
|
return;
|
|
6455
6513
|
}
|
|
6456
6514
|
const options = {
|
|
@@ -6477,7 +6535,7 @@ async function viewRepo(orgSlug, repoName, apiToken) {
|
|
|
6477
6535
|
name: colors.magenta('Created at')
|
|
6478
6536
|
}]
|
|
6479
6537
|
};
|
|
6480
|
-
|
|
6538
|
+
logger.logger.log(chalkTable(options, [result.data]));
|
|
6481
6539
|
}
|
|
6482
6540
|
|
|
6483
6541
|
const {
|
|
@@ -6489,7 +6547,12 @@ const config$7 = {
|
|
|
6489
6547
|
hidden: false,
|
|
6490
6548
|
flags: {
|
|
6491
6549
|
...commonFlags,
|
|
6492
|
-
...outputFlags
|
|
6550
|
+
...outputFlags,
|
|
6551
|
+
repoName: {
|
|
6552
|
+
description: 'The repository to check',
|
|
6553
|
+
default: '',
|
|
6554
|
+
type: 'string'
|
|
6555
|
+
}
|
|
6493
6556
|
},
|
|
6494
6557
|
help: (command, config) => `
|
|
6495
6558
|
Usage
|
|
@@ -6523,7 +6586,7 @@ async function run$7(argv, importMeta, {
|
|
|
6523
6586
|
// options or missing arguments.
|
|
6524
6587
|
// https://www.gnu.org/software/bash/manual/html_node/Exit-Status.html
|
|
6525
6588
|
process.exitCode = 2;
|
|
6526
|
-
logger.logger.
|
|
6589
|
+
logger.logger.fail(commonTags.stripIndents`
|
|
6527
6590
|
${colors.bgRed(colors.white('Input error'))}: Please provide the required fields:
|
|
6528
6591
|
|
|
6529
6592
|
- Org name as the first argument ${!orgSlug ? colors.red('(missing!)') : colors.green('(ok)')}
|
|
@@ -6536,11 +6599,7 @@ async function run$7(argv, importMeta, {
|
|
|
6536
6599
|
logger.logger.log(DRY_RUN_BAIL_TEXT$7);
|
|
6537
6600
|
return;
|
|
6538
6601
|
}
|
|
6539
|
-
|
|
6540
|
-
if (!apiToken) {
|
|
6541
|
-
throw new index.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
|
|
6542
|
-
}
|
|
6543
|
-
await viewRepo(orgSlug, repoName, apiToken);
|
|
6602
|
+
await viewRepo(orgSlug, repoName, cli.flags['json'] ? 'json' : cli.flags['markdown'] ? 'markdown' : 'print');
|
|
6544
6603
|
}
|
|
6545
6604
|
|
|
6546
6605
|
const description$1 = 'Repositories related commands';
|
|
@@ -6725,10 +6784,10 @@ async function createFullScan({
|
|
|
6725
6784
|
const {
|
|
6726
6785
|
spinner
|
|
6727
6786
|
} = constants;
|
|
6728
|
-
const socketSdk = await
|
|
6787
|
+
const socketSdk = await shadowNpmInject.setupSdk();
|
|
6729
6788
|
const supportedFiles = await socketSdk.getReportSupportedFiles().then(res => {
|
|
6730
6789
|
if (!res.success) {
|
|
6731
|
-
handleUnsuccessfulApiResponse('getReportSupportedFiles', res
|
|
6790
|
+
handleUnsuccessfulApiResponse('getReportSupportedFiles', res);
|
|
6732
6791
|
assert(false, 'handleUnsuccessfulApiResponse should unconditionally throw');
|
|
6733
6792
|
}
|
|
6734
6793
|
return res.data;
|
|
@@ -6751,14 +6810,14 @@ async function createFullScan({
|
|
|
6751
6810
|
// const absoluteConfigPath = path.join(cwd, 'socket.yml')
|
|
6752
6811
|
// const socketConfig = await getSocketConfig(absoluteConfigPath)
|
|
6753
6812
|
|
|
6754
|
-
const packagePaths = await
|
|
6813
|
+
const packagePaths = await shadowNpmPaths.getPackageFilesFullScans(cwd, targets, supportedFiles
|
|
6755
6814
|
// socketConfig
|
|
6756
6815
|
);
|
|
6757
6816
|
|
|
6758
6817
|
// We're going to need an api token to suggest data because those suggestions
|
|
6759
6818
|
// must come from data we already know. Don't error on missing api token yet.
|
|
6760
6819
|
// If the api-token is not set, ignore it for the sake of suggestions.
|
|
6761
|
-
const apiToken =
|
|
6820
|
+
const apiToken = shadowNpmInject.getDefaultToken();
|
|
6762
6821
|
|
|
6763
6822
|
// If the current cwd is unknown and is used as a repo slug anyways, we will
|
|
6764
6823
|
// first need to register the slug before we can use it.
|
|
@@ -6792,7 +6851,7 @@ async function createFullScan({
|
|
|
6792
6851
|
// options or missing arguments.
|
|
6793
6852
|
// https://www.gnu.org/software/bash/manual/html_node/Exit-Status.html
|
|
6794
6853
|
process$1.exitCode = 2;
|
|
6795
|
-
logger.logger.
|
|
6854
|
+
logger.logger.fail(commonTags.stripIndents`
|
|
6796
6855
|
${colors.bgRed(colors.white('Input error'))}: Please provide the required fields:
|
|
6797
6856
|
|
|
6798
6857
|
- Org name as the first argument ${!orgSlug ? colors.red('(missing!)') : colors.green('(ok)')}
|
|
@@ -6814,7 +6873,7 @@ async function createFullScan({
|
|
|
6814
6873
|
logger.logger.log('```');
|
|
6815
6874
|
}
|
|
6816
6875
|
if (!apiToken) {
|
|
6817
|
-
throw new
|
|
6876
|
+
throw new shadowNpmInject.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
|
|
6818
6877
|
}
|
|
6819
6878
|
if (readOnly) {
|
|
6820
6879
|
logger.logger.log('[ReadOnly] Bailing now');
|
|
@@ -6830,7 +6889,7 @@ async function createFullScan({
|
|
|
6830
6889
|
tmp
|
|
6831
6890
|
}, packagePaths, cwd), 'Creating scan');
|
|
6832
6891
|
if (!result.success) {
|
|
6833
|
-
handleUnsuccessfulApiResponse('CreateOrgFullScan', result
|
|
6892
|
+
handleUnsuccessfulApiResponse('CreateOrgFullScan', result);
|
|
6834
6893
|
return;
|
|
6835
6894
|
}
|
|
6836
6895
|
spinner.successAndStop('Scan created successfully');
|
|
@@ -6974,16 +7033,17 @@ async function run$6(argv, importMeta, {
|
|
|
6974
7033
|
branch: branchName,
|
|
6975
7034
|
repo: repoName
|
|
6976
7035
|
} = cli.flags;
|
|
6977
|
-
const apiToken =
|
|
7036
|
+
const apiToken = shadowNpmInject.getDefaultToken(); // This checks if we _can_ suggest anything
|
|
6978
7037
|
|
|
6979
7038
|
if (!apiToken && (!orgSlug || !repoName || !branchName || !targets.length)) {
|
|
6980
7039
|
// Without api token we cannot recover because we can't request more info
|
|
6981
7040
|
// from the server, to match and help with the current cwd/git status.
|
|
7041
|
+
//
|
|
6982
7042
|
// Use exit status of 2 to indicate incorrect usage, generally invalid
|
|
6983
7043
|
// options or missing arguments.
|
|
6984
7044
|
// https://www.gnu.org/software/bash/manual/html_node/Exit-Status.html
|
|
6985
7045
|
process$1.exitCode = 2;
|
|
6986
|
-
logger.logger.
|
|
7046
|
+
logger.logger.fail(commonTags.stripIndents`
|
|
6987
7047
|
${colors.bgRed(colors.white('Input error'))}: Please provide the required fields:
|
|
6988
7048
|
|
|
6989
7049
|
- Org name as the first argument ${!orgSlug ? colors.red('(missing!)') : colors.green('(ok)')}
|
|
@@ -7022,9 +7082,9 @@ async function run$6(argv, importMeta, {
|
|
|
7022
7082
|
}
|
|
7023
7083
|
|
|
7024
7084
|
async function deleteOrgFullScan(orgSlug, fullScanId) {
|
|
7025
|
-
const apiToken =
|
|
7085
|
+
const apiToken = shadowNpmInject.getDefaultToken();
|
|
7026
7086
|
if (!apiToken) {
|
|
7027
|
-
throw new
|
|
7087
|
+
throw new shadowNpmInject.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
|
|
7028
7088
|
}
|
|
7029
7089
|
await deleteOrgFullScanWithToken(orgSlug, fullScanId, apiToken);
|
|
7030
7090
|
}
|
|
@@ -7034,10 +7094,10 @@ async function deleteOrgFullScanWithToken(orgSlug, fullScanId, apiToken) {
|
|
|
7034
7094
|
spinner
|
|
7035
7095
|
} = constants;
|
|
7036
7096
|
spinner.start('Deleting scan...');
|
|
7037
|
-
const socketSdk = await
|
|
7097
|
+
const socketSdk = await shadowNpmInject.setupSdk(apiToken);
|
|
7038
7098
|
const result = await handleApiCall(socketSdk.deleteOrgFullScan(orgSlug, fullScanId), 'Deleting scan');
|
|
7039
7099
|
if (!result.success) {
|
|
7040
|
-
handleUnsuccessfulApiResponse('deleteOrgFullScan', result
|
|
7100
|
+
handleUnsuccessfulApiResponse('deleteOrgFullScan', result);
|
|
7041
7101
|
return;
|
|
7042
7102
|
}
|
|
7043
7103
|
spinner.successAndStop('Scan deleted successfully');
|
|
@@ -7085,7 +7145,7 @@ async function run$5(argv, importMeta, {
|
|
|
7085
7145
|
// options or missing arguments.
|
|
7086
7146
|
// https://www.gnu.org/software/bash/manual/html_node/Exit-Status.html
|
|
7087
7147
|
process.exitCode = 2;
|
|
7088
|
-
logger.logger.
|
|
7148
|
+
logger.logger.fail(commonTags.stripIndents`${colors.bgRed(colors.white('Input error'))}: Please provide the required fields:
|
|
7089
7149
|
|
|
7090
7150
|
- Org name as the first argument ${!orgSlug ? colors.red('(missing!)') : colors.green('(ok)')}
|
|
7091
7151
|
|
|
@@ -7109,9 +7169,9 @@ async function listFullScans({
|
|
|
7109
7169
|
per_page,
|
|
7110
7170
|
sort
|
|
7111
7171
|
}) {
|
|
7112
|
-
const apiToken =
|
|
7172
|
+
const apiToken = shadowNpmInject.getDefaultToken();
|
|
7113
7173
|
if (!apiToken) {
|
|
7114
|
-
throw new
|
|
7174
|
+
throw new shadowNpmInject.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
|
|
7115
7175
|
}
|
|
7116
7176
|
await listFullScansWithToken({
|
|
7117
7177
|
apiToken,
|
|
@@ -7139,7 +7199,7 @@ async function listFullScansWithToken({
|
|
|
7139
7199
|
spinner
|
|
7140
7200
|
} = constants;
|
|
7141
7201
|
spinner.start('Fetching list of scans...');
|
|
7142
|
-
const socketSdk = await
|
|
7202
|
+
const socketSdk = await shadowNpmInject.setupSdk(apiToken);
|
|
7143
7203
|
const result = await handleApiCall(socketSdk.getOrgFullScanList(orgSlug, {
|
|
7144
7204
|
sort,
|
|
7145
7205
|
direction,
|
|
@@ -7148,7 +7208,7 @@ async function listFullScansWithToken({
|
|
|
7148
7208
|
from: from_time
|
|
7149
7209
|
}), 'Listing scans');
|
|
7150
7210
|
if (!result.success) {
|
|
7151
|
-
handleUnsuccessfulApiResponse('getOrgFullScanList', result
|
|
7211
|
+
handleUnsuccessfulApiResponse('getOrgFullScanList', result);
|
|
7152
7212
|
return;
|
|
7153
7213
|
}
|
|
7154
7214
|
spinner.stop(`Fetch complete`);
|
|
@@ -7264,7 +7324,7 @@ async function run$4(argv, importMeta, {
|
|
|
7264
7324
|
// options or missing arguments.
|
|
7265
7325
|
// https://www.gnu.org/software/bash/manual/html_node/Exit-Status.html
|
|
7266
7326
|
process.exitCode = 2;
|
|
7267
|
-
logger.logger.
|
|
7327
|
+
logger.logger.fail(commonTags.stripIndents`${colors.bgRed(colors.white('Input error'))}: Please provide the required fields:
|
|
7268
7328
|
|
|
7269
7329
|
- Org name as the argument ${!orgSlug ? colors.red('(missing!)') : colors.green('(ok)')}`);
|
|
7270
7330
|
return;
|
|
@@ -7285,9 +7345,9 @@ async function run$4(argv, importMeta, {
|
|
|
7285
7345
|
}
|
|
7286
7346
|
|
|
7287
7347
|
async function getOrgScanMetadata(orgSlug, scanId, outputKind) {
|
|
7288
|
-
const apiToken =
|
|
7348
|
+
const apiToken = shadowNpmInject.getDefaultToken();
|
|
7289
7349
|
if (!apiToken) {
|
|
7290
|
-
throw new
|
|
7350
|
+
throw new shadowNpmInject.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
|
|
7291
7351
|
}
|
|
7292
7352
|
await getOrgScanMetadataWithToken(orgSlug, scanId, apiToken, outputKind);
|
|
7293
7353
|
}
|
|
@@ -7297,10 +7357,10 @@ async function getOrgScanMetadataWithToken(orgSlug, scanId, apiToken, outputKind
|
|
|
7297
7357
|
spinner
|
|
7298
7358
|
} = constants;
|
|
7299
7359
|
spinner.start('Fetching meta data for a full scan...');
|
|
7300
|
-
const socketSdk = await
|
|
7360
|
+
const socketSdk = await shadowNpmInject.setupSdk(apiToken);
|
|
7301
7361
|
const result = await handleApiCall(socketSdk.getOrgFullScanMetadata(orgSlug, scanId), 'Listing scans');
|
|
7302
7362
|
if (!result.success) {
|
|
7303
|
-
handleUnsuccessfulApiResponse('getOrgFullScanMetadata', result
|
|
7363
|
+
handleUnsuccessfulApiResponse('getOrgFullScanMetadata', result);
|
|
7304
7364
|
return;
|
|
7305
7365
|
}
|
|
7306
7366
|
spinner?.successAndStop('Fetched the meta data\n');
|
|
@@ -7366,7 +7426,7 @@ async function run$3(argv, importMeta, {
|
|
|
7366
7426
|
// options or missing arguments.
|
|
7367
7427
|
// https://www.gnu.org/software/bash/manual/html_node/Exit-Status.html
|
|
7368
7428
|
process.exitCode = 2;
|
|
7369
|
-
logger.logger.
|
|
7429
|
+
logger.logger.fail(commonTags.stripIndents`${colors.bgRed(colors.white('Input error'))}: Please provide the required fields:
|
|
7370
7430
|
|
|
7371
7431
|
- Org name as the first argument ${!orgSlug ? colors.red('(missing!)') : colors.green('(ok)')}
|
|
7372
7432
|
|
|
@@ -7385,15 +7445,15 @@ async function streamFullScan(orgSlug, fullScanId, file) {
|
|
|
7385
7445
|
const {
|
|
7386
7446
|
spinner
|
|
7387
7447
|
} = constants;
|
|
7388
|
-
const apiToken =
|
|
7448
|
+
const apiToken = shadowNpmInject.getDefaultToken();
|
|
7389
7449
|
if (!apiToken) {
|
|
7390
|
-
throw new
|
|
7450
|
+
throw new shadowNpmInject.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
|
|
7391
7451
|
}
|
|
7392
7452
|
spinner.start('Fetching scan...');
|
|
7393
|
-
const socketSdk = await
|
|
7453
|
+
const socketSdk = await shadowNpmInject.setupSdk(apiToken);
|
|
7394
7454
|
const data = await handleApiCall(socketSdk.getOrgFullScan(orgSlug, fullScanId, file === '-' ? undefined : file), 'Fetching a scan');
|
|
7395
7455
|
if (!data?.success) {
|
|
7396
|
-
handleUnsuccessfulApiResponse('getOrgFullScan', data
|
|
7456
|
+
handleUnsuccessfulApiResponse('getOrgFullScan', data);
|
|
7397
7457
|
return;
|
|
7398
7458
|
}
|
|
7399
7459
|
spinner?.successAndStop(file ? `Full scan details written to ${file}` : 'stdout');
|
|
@@ -7405,16 +7465,16 @@ async function getFullScan(orgSlug, fullScanId) {
|
|
|
7405
7465
|
const {
|
|
7406
7466
|
spinner
|
|
7407
7467
|
} = constants;
|
|
7408
|
-
const apiToken =
|
|
7468
|
+
const apiToken = shadowNpmInject.getDefaultToken();
|
|
7409
7469
|
if (!apiToken) {
|
|
7410
|
-
throw new
|
|
7470
|
+
throw new shadowNpmInject.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
|
|
7411
7471
|
}
|
|
7412
7472
|
spinner.start('Fetching full-scan...');
|
|
7413
7473
|
const response = await queryAPI(`orgs/${orgSlug}/full-scans/${encodeURIComponent(fullScanId)}`, apiToken);
|
|
7414
7474
|
spinner.stop('Fetch complete.');
|
|
7415
7475
|
if (!response.ok) {
|
|
7416
7476
|
const err = await handleAPIError(response.status);
|
|
7417
|
-
logger.logger.
|
|
7477
|
+
logger.logger.fail(`${colors.bgRed(colors.white(response.statusText))}: Fetch error: ${err}`);
|
|
7418
7478
|
return;
|
|
7419
7479
|
}
|
|
7420
7480
|
|
|
@@ -7462,9 +7522,9 @@ View this report at: https://socket.dev/dashboard/org/${orgSlug}/sbom/${fullScan
|
|
|
7462
7522
|
await fs$1.writeFile(filePath, report, 'utf8');
|
|
7463
7523
|
logger.logger.log(`Data successfully written to ${filePath}`);
|
|
7464
7524
|
} catch (e) {
|
|
7465
|
-
logger.logger.error('There was an error trying to write the json to disk');
|
|
7466
|
-
logger.logger.error(e);
|
|
7467
7525
|
process.exitCode = 1;
|
|
7526
|
+
logger.logger.fail('There was an error trying to write the json to disk');
|
|
7527
|
+
logger.logger.error(e);
|
|
7468
7528
|
}
|
|
7469
7529
|
} else {
|
|
7470
7530
|
logger.logger.log(report);
|
|
@@ -7515,7 +7575,7 @@ async function run$2(argv, importMeta, {
|
|
|
7515
7575
|
// options or missing arguments.
|
|
7516
7576
|
// https://www.gnu.org/software/bash/manual/html_node/Exit-Status.html
|
|
7517
7577
|
process.exitCode = 2;
|
|
7518
|
-
logger.logger.
|
|
7578
|
+
logger.logger.fail(commonTags.stripIndents`
|
|
7519
7579
|
${colors.bgRed(colors.white('Input error'))}: Please provide the required fields:
|
|
7520
7580
|
|
|
7521
7581
|
- Org name as the first argument ${!orgSlug ? colors.red('(missing!)') : colors.green('(ok)')}
|
|
@@ -7707,9 +7767,9 @@ async function run$1(argv, importMeta, {
|
|
|
7707
7767
|
logger.logger.log(DRY_RUN_BAIL_TEXT$1);
|
|
7708
7768
|
return;
|
|
7709
7769
|
}
|
|
7710
|
-
const apiToken =
|
|
7770
|
+
const apiToken = shadowNpmInject.getDefaultToken();
|
|
7711
7771
|
if (!apiToken) {
|
|
7712
|
-
throw new
|
|
7772
|
+
throw new shadowNpmInject.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
|
|
7713
7773
|
}
|
|
7714
7774
|
await getThreatFeed({
|
|
7715
7775
|
apiToken,
|
|
@@ -7804,7 +7864,7 @@ function askQuestion(rl, query) {
|
|
|
7804
7864
|
function removeSocketWrapper(file) {
|
|
7805
7865
|
return fs.readFile(file, 'utf8', function (err, data) {
|
|
7806
7866
|
if (err) {
|
|
7807
|
-
logger.logger.
|
|
7867
|
+
logger.logger.fail('There was an error removing the alias:');
|
|
7808
7868
|
logger.logger.error(err);
|
|
7809
7869
|
return;
|
|
7810
7870
|
}
|
|
@@ -7881,7 +7941,7 @@ async function run(argv, importMeta, {
|
|
|
7881
7941
|
// options or missing arguments.
|
|
7882
7942
|
// https://www.gnu.org/software/bash/manual/html_node/Exit-Status.html
|
|
7883
7943
|
process.exitCode = 2;
|
|
7884
|
-
logger.logger.
|
|
7944
|
+
logger.logger.fail(commonTags.stripIndents`
|
|
7885
7945
|
${colors.bgRed(colors.white('Input error'))}: Please provide the required flags:
|
|
7886
7946
|
|
|
7887
7947
|
- Must use --enabled or --disabled
|
|
@@ -7914,7 +7974,7 @@ async function run(argv, importMeta, {
|
|
|
7914
7974
|
}
|
|
7915
7975
|
}
|
|
7916
7976
|
if (!fs.existsSync(bashRcPath) && !fs.existsSync(zshRcPath)) {
|
|
7917
|
-
logger.logger.
|
|
7977
|
+
logger.logger.fail('There was an issue setting up the alias in your bash profile');
|
|
7918
7978
|
}
|
|
7919
7979
|
}
|
|
7920
7980
|
|
|
@@ -7973,10 +8033,10 @@ void (async () => {
|
|
|
7973
8033
|
let errorBody;
|
|
7974
8034
|
let errorTitle;
|
|
7975
8035
|
let errorMessage = '';
|
|
7976
|
-
if (e instanceof
|
|
8036
|
+
if (e instanceof shadowNpmInject.AuthError) {
|
|
7977
8037
|
errorTitle = 'Authentication error';
|
|
7978
8038
|
errorMessage = e.message;
|
|
7979
|
-
} else if (e instanceof
|
|
8039
|
+
} else if (e instanceof shadowNpmInject.InputError) {
|
|
7980
8040
|
errorTitle = 'Invalid input';
|
|
7981
8041
|
errorMessage = e.message;
|
|
7982
8042
|
errorBody = e.body;
|
|
@@ -7987,12 +8047,12 @@ void (async () => {
|
|
|
7987
8047
|
} else {
|
|
7988
8048
|
errorTitle = 'Unexpected error with no details';
|
|
7989
8049
|
}
|
|
7990
|
-
logger.logger.
|
|
8050
|
+
logger.logger.fail(`${colors.bgRed(colors.white(errorTitle + ':'))} ${errorMessage}`);
|
|
7991
8051
|
if (errorBody) {
|
|
7992
8052
|
logger.logger.error(`\n${errorBody}`);
|
|
7993
8053
|
}
|
|
7994
|
-
await
|
|
8054
|
+
await shadowNpmInject.captureException(e);
|
|
7995
8055
|
}
|
|
7996
8056
|
})();
|
|
7997
|
-
//# debugId=
|
|
8057
|
+
//# debugId=6f2331ca-147d-40b1-aa4e-e5b6a5c2eba0
|
|
7998
8058
|
//# sourceMappingURL=cli.js.map
|