@socketsecurity/cli-with-sentry 0.14.56 → 0.14.57

package/dist/module-sync/color-or-markdown.d.ts

@@ -0,0 +1,16 @@
+import indentString from '@socketregistry/indent-string/index.cjs';
+declare class ColorOrMarkdown {
+    useMarkdown: boolean;
+    constructor(useMarkdown: boolean);
+    bold(text: string): string;
+    header(text: string, level?: number): string;
+    hyperlink(text: string, url: string | undefined, { fallback, fallbackToUrl }?: {
+        fallback?: boolean | undefined;
+        fallbackToUrl?: boolean | undefined;
+    }): string;
+    indent(...args: Parameters<typeof indentString>): ReturnType<typeof indentString>;
+    italic(text: string): string;
+    json(value: any): string;
+    list(items: string[]): string;
+}
+export { ColorOrMarkdown };

package/dist/module-sync/edge.d.ts

@@ -1,6 +1,6 @@
 /// <reference types="npmcli__arborist" />
 import { SafeNode } from "./node.js";
-import { SafeOverrideSet } from "./index.js";
+import { SafeOverrideSet } from "./override-set.js";
 import { DependencyProblem } from '@npmcli/arborist';
 import { Edge as BaseEdge } from "@npmcli/arborist";
 type EdgeClass = Omit<BaseEdge, 'accept' | 'detach' | 'optional' | 'overrides' | 'peer' | 'peerConflicted' | 'rawSpec' | 'reload' | 'satisfiedBy' | 'spec' | 'to'> & {

package/dist/module-sync/index.d.ts

@@ -1,175 +1,6 @@
-/// <reference types="node" />
-import { SafeEdge } from "./edge.js";
+import { kRiskyReify } from "./shadow-npm-inject.js";
+import { ArboristClass } from "./types.js";
 import { SafeNode } from "./node.js";
-import indentString from "@socketregistry/indent-string/index.cjs";
-import { LogSymbols } from "@socketsecurity/registry/lib/logger";
-import { SocketSdkResultType } from "@socketsecurity/sdk";
-import { Diff, ArboristClass } from "./types.js";
-import { ObjectEncodingOptions, OpenMode, PathLike } from "node:fs";
-import { promises as fs } from "node:fs";
-import { readFileSync as fsReadFileSync } from "node:fs";
-import { Abortable } from "node:events";
-import { FileHandle } from "node:fs/promises";
-import { kRiskyReify } from "./reify.js";
-interface OverrideSetClass {
-    children: Map<string, SafeOverrideSet>;
-    key: string | undefined;
-    keySpec: string | undefined;
-    name: string | undefined;
-    parent: SafeOverrideSet | undefined;
-    value: string | undefined;
-    version: string | undefined;
-    // eslint-disable-next-line @typescript-eslint/no-misused-new
-    new (...args: any[]): OverrideSetClass;
-    get isRoot(): boolean;
-    get ruleset(): Map<string, SafeOverrideSet>;
-    ancestry(): Generator<SafeOverrideSet>;
-    childrenAreEqual(otherOverrideSet: SafeOverrideSet | undefined): boolean;
-    getEdgeRule(edge: SafeEdge): SafeOverrideSet;
-    getNodeRule(node: SafeNode): SafeOverrideSet;
-    getMatchingRule(node: SafeNode): SafeOverrideSet | null;
-    isEqual(otherOverrideSet: SafeOverrideSet | undefined): boolean;
-}
-declare const OverrideSet: OverrideSetClass;
-// Implementation code not related to patch https://github.com/npm/cli/pull/8089
-// is based on https://github.com/npm/cli/blob/v11.0.0/workspaces/arborist/lib/override-set.js:
-declare class SafeOverrideSet extends OverrideSet {
-    // Patch adding doOverrideSetsConflict is based on
-    // https://github.com/npm/cli/pull/8089.
-    static doOverrideSetsConflict(first: SafeOverrideSet | undefined, second: SafeOverrideSet | undefined): boolean;
-    // Patch adding findSpecificOverrideSet is based on
-    // https://github.com/npm/cli/pull/8089.
-    static findSpecificOverrideSet(first: SafeOverrideSet | undefined, second: SafeOverrideSet | undefined): SafeOverrideSet | undefined;
-    // Patch adding childrenAreEqual is based on
-    // https://github.com/npm/cli/pull/8089.
-    childrenAreEqual(otherOverrideSet: SafeOverrideSet): boolean;
-    getEdgeRule(edge: SafeEdge): SafeOverrideSet;
-    // Patch adding isEqual is based on
-    // https://github.com/npm/cli/pull/8089.
-    isEqual(otherOverrideSet: SafeOverrideSet | undefined): boolean;
-}
-declare const depValid: (child: SafeNode, requested: string, accept: string | undefined, requester: SafeNode) => boolean;
-declare function getSocketDevAlertUrl(alertType: string): string;
-declare function getSocketDevPackageOverviewUrl(eco: string, name: string, version?: string | undefined): string;
-declare class ColorOrMarkdown {
-    useMarkdown: boolean;
-    constructor(useMarkdown: boolean);
-    bold(text: string): string;
-    header(text: string, level?: number): string;
-    hyperlink(text: string, url: string | undefined, { fallback, fallbackToUrl }?: {
-        fallback?: boolean | undefined;
-        fallbackToUrl?: boolean | undefined;
-    }): string;
-    indent(...args: Parameters<typeof indentString>): ReturnType<typeof indentString>;
-    italic(text: string): string;
-    json(value: any): string;
-    list(items: string[]): string;
-    get logSymbols(): LogSymbols;
-}
-type AlertUxLookup = ReturnType<typeof createAlertUXLookup>;
-type AlertUxLookupSettings = Parameters<AlertUxLookup>[0];
-type AlertUxLookupResult = ReturnType<AlertUxLookup>;
-type RuleActionUX = {
-    block: boolean;
-    display: boolean;
-};
-type SettingsType = (SocketSdkResultType<"postSettings"> & {
-    success: true;
-})["data"];
-declare function createAlertUXLookup(settings: SettingsType): (context: {
-    package: {
-        name: string;
-        version: string;
-    };
-    alert: {
-        type: string;
-    };
-}) => RuleActionUX;
-declare function uxLookup(settings: AlertUxLookupSettings): Promise<AlertUxLookupResult>;
-type CveAlertType = "cve" | "mediumCVE" | "mildCVE" | "criticalCVE";
-type ArtifactAlertCveFixable = Omit<SocketArtifactAlert, "props" | "title"> & {
-    type: CveAlertType;
-    props: {
-        firstPatchedVersionIdentifier: string;
-        vulnerableVersionRange: string;
-        [key: string]: any;
-    };
-};
-type ArtifactAlertFixable = ArtifactAlertCveFixable & {
-    type: CveAlertType | "socketUpgradeAvailable";
-};
-type SocketArtifactAlert = {
-    key: string;
-    type: string;
-    severity: string;
-    category: string;
-    action?: string | undefined;
-    actionPolicyIndex?: number | undefined;
-    file?: string | undefined;
-    props?: any | undefined;
-    start?: number | undefined;
-    end?: number | undefined;
-};
-type SocketArtifact = {
-    type: string;
-    name: string;
-    namespace?: string | undefined;
-    version?: string | undefined;
-    subpath?: string | undefined;
-    release?: string | undefined;
-    id?: string | undefined;
-    author?: string[];
-    license?: string | undefined;
-    licenseDetails?: Array<{
-        spdxDisj: string;
-        provenance: string;
-        filepath: string;
-        match_strength: number;
-    }>;
-    licenseAttrib?: Array<{
-        attribText: string;
-        attribData: Array<{
-            purl: string;
-            foundInFilepath: string;
-            spdxExpr: string;
-            foundAuthors: string[];
-        }>;
-    }>;
-    score?: {
-        supplyChain: number;
-        quality: number;
-        maintenance: number;
-        vulnerability: number;
-        license: number;
-        overall: number;
-    };
-    alerts?: SocketArtifactAlert[];
-    size?: number | undefined;
-    batchIndex?: number | undefined;
-};
-declare function batchScan(pkgIds: string[], concurrencyLimit?: number): AsyncGenerator<SocketArtifact>;
-declare function isArtifactAlertCveFixable(alert: SocketArtifactAlert): alert is ArtifactAlertCveFixable;
-declare function isArtifactAlertUpgradeFixable(alert: SocketArtifactAlert): alert is ArtifactAlertFixable;
-declare function isArtifactAlertFixable(alert: SocketArtifactAlert): alert is ArtifactAlertFixable;
-type PackageDetail = {
-    node: SafeNode;
-    existing?: SafeNode | undefined;
-};
-type GetPackagesToQueryFromDiffOptions = {
-    includeUnchanged?: boolean | undefined;
-    includeUnknownOrigin?: boolean | undefined;
-};
-declare function getPackagesToQueryFromDiff(diff_: Diff | null, options?: GetPackagesToQueryFromDiffOptions | undefined): PackageDetail[];
-declare function findUp(name: string | string[], { cwd }: {
-    cwd: string;
-}): Promise<string | undefined>;
-type ReadFileOptions = ObjectEncodingOptions & Abortable & {
-    flag?: OpenMode | undefined;
-};
-declare function readFileBinary(filepath: PathLike | FileHandle, options?: ReadFileOptions | undefined): Promise<Buffer>;
-declare function readFileUtf8(filepath: PathLike | FileHandle, options?: ReadFileOptions | undefined): Promise<string>;
-declare function safeReadFile(...args: Parameters<typeof fs.readFile>): ReturnType<typeof fs.readFile> | undefined;
-declare function safeReadFileSync(...args: Parameters<typeof fsReadFileSync>): ReturnType<typeof fsReadFileSync> | undefined;
 declare const Arborist: ArboristClass;
 declare const SAFE_ARBORIST_REIFY_OPTIONS_OVERRIDES: {
     __proto__: null;
@@ -188,4 +19,4 @@ declare class SafeArborist extends Arborist {
     // @ts-ignore Incorrectly typed.
     reify(this: SafeArborist, ...args: Parameters<InstanceType<ArboristClass>['reify']>): Promise<SafeNode>;
 }
-export { SafeOverrideSet, depValid, getSocketDevAlertUrl, getSocketDevPackageOverviewUrl, ColorOrMarkdown, createAlertUXLookup, uxLookup, CveAlertType, ArtifactAlertCveFixable, ArtifactAlertFixable, SocketArtifactAlert, SocketArtifact, batchScan, isArtifactAlertCveFixable, isArtifactAlertUpgradeFixable, isArtifactAlertFixable, PackageDetail, getPackagesToQueryFromDiff, findUp, ReadFileOptions, readFileBinary, readFileUtf8, safeReadFile, safeReadFileSync, Arborist, SAFE_ARBORIST_REIFY_OPTIONS_OVERRIDES, SafeArborist };
+export { Arborist, SAFE_ARBORIST_REIFY_OPTIONS_OVERRIDES, SafeArborist };

package/dist/module-sync/node.d.ts

@@ -1,5 +1,5 @@
 /// <reference types="npmcli__arborist" />
-import { SafeOverrideSet } from "./index.js";
+import { SafeOverrideSet } from "./override-set.js";
 import { SafeEdge } from "./edge.js";
 import { Link } from '@npmcli/arborist';
 import { Node as BaseNode } from "@npmcli/arborist";

package/dist/module-sync/override-set.d.ts

@@ -0,0 +1,37 @@
+import { SafeEdge } from "./edge.js";
+import { SafeNode } from "./node.js";
+interface OverrideSetClass {
+    children: Map<string, SafeOverrideSet>;
+    key: string | undefined;
+    keySpec: string | undefined;
+    name: string | undefined;
+    parent: SafeOverrideSet | undefined;
+    value: string | undefined;
+    version: string | undefined;
+    new (...args: any[]): OverrideSetClass;
+    get isRoot(): boolean;
+    get ruleset(): Map<string, SafeOverrideSet>;
+    ancestry(): Generator<SafeOverrideSet>;
+    childrenAreEqual(otherOverrideSet: SafeOverrideSet | undefined): boolean;
+    getEdgeRule(edge: SafeEdge): SafeOverrideSet;
+    getNodeRule(node: SafeNode): SafeOverrideSet;
+    getMatchingRule(node: SafeNode): SafeOverrideSet | null;
+    isEqual(otherOverrideSet: SafeOverrideSet | undefined): boolean;
+}
+declare const OverrideSet: OverrideSetClass;
+declare class SafeOverrideSet extends OverrideSet {
+    // Patch adding doOverrideSetsConflict is based on
+    // https://github.com/npm/cli/pull/8089.
+    static doOverrideSetsConflict(first: SafeOverrideSet | undefined, second: SafeOverrideSet | undefined): boolean;
+    // Patch adding findSpecificOverrideSet is based on
+    // https://github.com/npm/cli/pull/8089.
+    static findSpecificOverrideSet(first: SafeOverrideSet | undefined, second: SafeOverrideSet | undefined): SafeOverrideSet | undefined;
+    // Patch adding childrenAreEqual is based on
+    // https://github.com/npm/cli/pull/8089.
+    childrenAreEqual(otherOverrideSet: SafeOverrideSet): boolean;
+    getEdgeRule(edge: SafeEdge): SafeOverrideSet;
+    // Patch adding isEqual is based on
+    // https://github.com/npm/cli/pull/8089.
+    isEqual(otherOverrideSet: SafeOverrideSet | undefined): boolean;
+}
+export { SafeOverrideSet };

package/dist/module-sync/shadow-bin.js

@@ -14,7 +14,7 @@ var npm = require('@socketsecurity/registry/lib/npm');
 var spawn = require('@socketsecurity/registry/lib/spawn');
 var path = require('node:path');
 var cmdShim = _socketInterop(require('cmd-shim'));
-var npmPaths = require('./npm-paths.js');
+var shadowNpmPaths = require('./shadow-npm-paths.js');
 var constants = require('./constants.js');
 
 const {
@@ -24,7 +24,7 @@ const {
 async function installLinks(realBinPath, binName) {
   const isNpx = binName === NPX;
   // Find package manager being shadowed by this process.
-  const binPath = isNpx ? npmPaths.getNpxBinPath() : npmPaths.getNpmBinPath();
+  const binPath = isNpx ? shadowNpmPaths.getNpxBinPath() : shadowNpmPaths.getNpmBinPath();
   // Lazily access constants.WIN32.
   const {
     WIN32
@@ -33,7 +33,7 @@ async function installLinks(realBinPath, binName) {
   if (WIN32 && binPath) {
     return binPath;
   }
-  const shadowed = isNpx ? npmPaths.isNpxBinPathShadowed() : npmPaths.isNpmBinPathShadowed();
+  const shadowed = isNpx ? shadowNpmPaths.isNpxBinPathShadowed() : shadowNpmPaths.isNpmBinPathShadowed();
   // Move our bin directory to front of PATH so its found first.
   if (!shadowed) {
     if (WIN32) {
@@ -63,10 +63,10 @@ async function shadowBin(binName, args = process.argv.slice(2), level = 1) {
   ...constants.nodeNoWarningsFlags,
   // Lazily access constants.ENV[SOCKET_CLI_SENTRY_BUILD].
   ...(constants.ENV[SOCKET_CLI_SENTRY_BUILD] ? ['--require',
-  // Lazily access constants.instrumentWithSentryPath.
-  constants.instrumentWithSentryPath] : []), '--require',
-  // Lazily access constants.npmInjectionPath.
-  constants.npmInjectionPath,
+  // Lazily access constants.distInstrumentWithSentryPath.
+  constants.distInstrumentWithSentryPath] : []), '--require',
+  // Lazily access constants.distShadowNpmInjectPath.
+  constants.distShadowNpmInjectPath,
   // Lazily access constants.shadowBinPath.
   await installLinks(constants.shadowBinPath, binName),
   // Add `--no-progress` and `--loglevel=error` flags to fix input being
@@ -94,5 +94,5 @@ async function shadowBin(binName, args = process.argv.slice(2), level = 1) {
 }
 
 module.exports = shadowBin;
-//# debugId=6bb6d502-939a-444f-a22e-07a531d3b61f
+//# debugId=c58c4335-92d0-4ad1-86bf-6eb5428f654a
 //# sourceMappingURL=shadow-bin.js.map

package/dist/module-sync/shadow-bin.js.map

@@ -1 +1 @@
-{"version":3,"file":"shadow-bin.js","sources":["../../src/shadow/link.ts","../../src/shadow/shadow-bin.ts"],"sourcesContent":["import path from 'node:path'\nimport process from 'node:process'\n\nimport cmdShim from 'cmd-shim'\n\nimport {\n  getNpmBinPath,\n  getNpxBinPath,\n  isNpmBinPathShadowed,\n  isNpxBinPathShadowed\n} from './npm-paths'\nimport constants from '../constants'\n\nconst { CLI, NPX } = constants\n\nexport async function installLinks(\n  realBinPath: string,\n  binName: 'npm' | 'npx'\n): Promise<string> {\n  const isNpx = binName === NPX\n  // Find package manager being shadowed by this process.\n  const binPath = isNpx ? getNpxBinPath() : getNpmBinPath()\n  // Lazily access constants.WIN32.\n  const { WIN32 } = constants\n  // TODO: Is this early exit needed?\n  if (WIN32 && binPath) {\n    return binPath\n  }\n  const shadowed = isNpx ? isNpxBinPathShadowed() : isNpmBinPathShadowed()\n  // Move our bin directory to front of PATH so its found first.\n  if (!shadowed) {\n    if (WIN32) {\n      await cmdShim(\n        // Lazily access constants.rootDistPath.\n        path.join(constants.rootDistPath, `${binName}-${CLI}.js`),\n        path.join(realBinPath, binName)\n      )\n    }\n    process.env['PATH'] =\n      `${realBinPath}${path.delimiter}${process.env['PATH']}`\n  }\n  return binPath\n}\n","import process from 'node:process'\n\nimport {\n  isLoglevelFlag,\n  isProgressFlag\n} from '@socketsecurity/registry/lib/npm'\nimport { spawn } from '@socketsecurity/registry/lib/spawn'\n\nimport { installLinks } from './link'\nimport constants from '../constants'\n\nconst {\n  SOCKET_CLI_SAFE_WRAPPER,\n  SOCKET_CLI_SENTRY_BUILD,\n  SOCKET_IPC_HANDSHAKE\n} = constants\n\nexport default async function shadowBin(\n  binName: 'npm' | 'npx',\n  args = process.argv.slice(2),\n  level = 1\n) {\n  process.exitCode = 1\n  const terminatorPos = args.indexOf('--')\n  const binArgs = (\n    terminatorPos === -1 ? args : args.slice(0, terminatorPos)\n  ).filter(a => !isProgressFlag(a))\n  const otherArgs = terminatorPos === -1 ? [] : args.slice(terminatorPos)\n  const spawnPromise = spawn(\n    // Lazily access constants.execPath.\n    constants.execPath,\n    [\n      // Lazily access constants.nodeNoWarningsFlags.\n      ...constants.nodeNoWarningsFlags,\n      // Lazily access constants.ENV[SOCKET_CLI_SENTRY_BUILD].\n      ...(constants.ENV[SOCKET_CLI_SENTRY_BUILD]\n        ? [\n            '--require',\n            // Lazily access constants.instrumentWithSentryPath.\n            constants.instrumentWithSentryPath\n          ]\n        : []),\n      '--require',\n      // Lazily access constants.npmInjectionPath.\n      constants.npmInjectionPath,\n      // Lazily access constants.shadowBinPath.\n      await installLinks(constants.shadowBinPath, binName),\n      // Add `--no-progress` and `--loglevel=error` flags to fix input being\n      // swallowed by the npm spinner.\n      '--no-progress',\n      // Add the '--loglevel=error' flag if a loglevel flag is not provided.\n      ...(binArgs.some(isLoglevelFlag) ? [] : ['--loglevel', 'error']),\n      ...binArgs,\n      ...otherArgs\n    ],\n    {\n      // 'inherit' + 'ipc'\n      stdio: [0, 1, 2, 'ipc']\n    }\n  )\n  // See https://nodejs.org/api/all.html#all_child_process_event-exit.\n  spawnPromise.process.on('exit', (code, signalName) => {\n    if (signalName) {\n      process.kill(process.pid, signalName)\n    } else if (code !== null) {\n      process.exit(code)\n    }\n  })\n  spawnPromise.process.send({\n    [SOCKET_IPC_HANDSHAKE]: {\n      [SOCKET_CLI_SAFE_WRAPPER]: level\n    }\n  })\n  await spawnPromise\n}\n"],"names":["NPX","WIN32","process","SOCKET_IPC_HANDSHAKE","constants","spawnPromise"],"mappings":";;;;;;;;;;;;;;;;;;;AAaA;;AAAaA;AAAI;AAEV;AAIL;AACA;;AAEA;;AACQC;AAAM;AACd;;AAEE;AACF;;AAEA;;AAEE;AACE;AACE;;AAIJ;AACAC;AAEF;AACA;AACF;;AC/BA;;;AAGEC;AACF;AAEe;;AAMb;AACA;AAGA;;AAEE;;AAGE;;AAEA;;AAIM;AACAC;AAIN;AACAA;AACA;AACA;AACA;AACA;;AAEA;;AAMA;;AAEF;AAEF;;AAEE;;AAEA;AACEF;AACF;AACF;AACAG;AACE;AACE;AACF;AACF;AACA;AACF;;","debugId":"6bb6d502-939a-444f-a22e-07a531d3b61f"}
+{"version":3,"file":"shadow-bin.js","sources":["../../src/shadow/npm/link.ts","../../src/shadow/npm/bin.ts"],"sourcesContent":["import path from 'node:path'\nimport process from 'node:process'\n\nimport cmdShim from 'cmd-shim'\n\nimport {\n  getNpmBinPath,\n  getNpxBinPath,\n  isNpmBinPathShadowed,\n  isNpxBinPathShadowed\n} from './paths'\nimport constants from '../../constants'\n\nconst { CLI, NPX } = constants\n\nexport async function installLinks(\n  realBinPath: string,\n  binName: 'npm' | 'npx'\n): Promise<string> {\n  const isNpx = binName === NPX\n  // Find package manager being shadowed by this process.\n  const binPath = isNpx ? getNpxBinPath() : getNpmBinPath()\n  // Lazily access constants.WIN32.\n  const { WIN32 } = constants\n  // TODO: Is this early exit needed?\n  if (WIN32 && binPath) {\n    return binPath\n  }\n  const shadowed = isNpx ? isNpxBinPathShadowed() : isNpmBinPathShadowed()\n  // Move our bin directory to front of PATH so its found first.\n  if (!shadowed) {\n    if (WIN32) {\n      await cmdShim(\n        // Lazily access constants.rootDistPath.\n        path.join(constants.rootDistPath, `${binName}-${CLI}.js`),\n        path.join(realBinPath, binName)\n      )\n    }\n    process.env['PATH'] =\n      `${realBinPath}${path.delimiter}${process.env['PATH']}`\n  }\n  return binPath\n}\n","import process from 'node:process'\n\nimport {\n  isLoglevelFlag,\n  isProgressFlag\n} from '@socketsecurity/registry/lib/npm'\nimport { spawn } from '@socketsecurity/registry/lib/spawn'\n\nimport { installLinks } from './link'\nimport constants from '../../constants'\n\nconst {\n  SOCKET_CLI_SAFE_WRAPPER,\n  SOCKET_CLI_SENTRY_BUILD,\n  SOCKET_IPC_HANDSHAKE\n} = constants\n\nexport default async function shadowBin(\n  binName: 'npm' | 'npx',\n  args = process.argv.slice(2),\n  level = 1\n) {\n  process.exitCode = 1\n  const terminatorPos = args.indexOf('--')\n  const binArgs = (\n    terminatorPos === -1 ? args : args.slice(0, terminatorPos)\n  ).filter(a => !isProgressFlag(a))\n  const otherArgs = terminatorPos === -1 ? [] : args.slice(terminatorPos)\n  const spawnPromise = spawn(\n    // Lazily access constants.execPath.\n    constants.execPath,\n    [\n      // Lazily access constants.nodeNoWarningsFlags.\n      ...constants.nodeNoWarningsFlags,\n      // Lazily access constants.ENV[SOCKET_CLI_SENTRY_BUILD].\n      ...(constants.ENV[SOCKET_CLI_SENTRY_BUILD]\n        ? [\n            '--require',\n            // Lazily access constants.distInstrumentWithSentryPath.\n            constants.distInstrumentWithSentryPath\n          ]\n        : []),\n      '--require',\n      // Lazily access constants.distShadowNpmInjectPath.\n      constants.distShadowNpmInjectPath,\n      // Lazily access constants.shadowBinPath.\n      await installLinks(constants.shadowBinPath, binName),\n      // Add `--no-progress` and `--loglevel=error` flags to fix input being\n      // swallowed by the npm spinner.\n      '--no-progress',\n      // Add the '--loglevel=error' flag if a loglevel flag is not provided.\n      ...(binArgs.some(isLoglevelFlag) ? [] : ['--loglevel', 'error']),\n      ...binArgs,\n      ...otherArgs\n    ],\n    {\n      // 'inherit' + 'ipc'\n      stdio: [0, 1, 2, 'ipc']\n    }\n  )\n  // See https://nodejs.org/api/all.html#all_child_process_event-exit.\n  spawnPromise.process.on('exit', (code, signalName) => {\n    if (signalName) {\n      process.kill(process.pid, signalName)\n    } else if (code !== null) {\n      process.exit(code)\n    }\n  })\n  spawnPromise.process.send({\n    [SOCKET_IPC_HANDSHAKE]: {\n      [SOCKET_CLI_SAFE_WRAPPER]: level\n    }\n  })\n  await spawnPromise\n}\n"],"names":["NPX","WIN32","process","SOCKET_IPC_HANDSHAKE","constants","spawnPromise"],"mappings":";;;;;;;;;;;;;;;;;;;AAaA;;AAAaA;AAAI;AAEV;AAIL;AACA;;AAEA;;AACQC;AAAM;AACd;;AAEE;AACF;;AAEA;;AAEE;AACE;AACE;;AAIJ;AACAC;AAEF;AACA;AACF;;AC/BA;;;AAGEC;AACF;AAEe;;AAMb;AACA;AAGA;;AAEE;;AAGE;;AAEA;;AAIM;AACAC;AAIN;AACAA;AACA;AACA;AACA;AACA;;AAEA;;AAMA;;AAEF;AAEF;;AAEE;;AAEA;AACEF;AACF;AACF;AACAG;AACE;AACE;AACF;AACF;AACA;AACF;;","debugId":"c58c4335-92d0-4ad1-86bf-6eb5428f654a"}

package/dist/module-sync/{index.js → shadow-npm-inject.js}

@@ -38,7 +38,7 @@ var logger = require('@socketsecurity/registry/lib/logger');
 var terminalLink = _socketInterop(require('terminal-link'));
 var colors = _socketInterop(require('yoctocolors-cjs'));
 var indentString = require('@socketregistry/indent-string/index.cjs');
-var npmPaths = require('./npm-paths.js');
+var shadowNpmPaths = require('./shadow-npm-paths.js');
 var npa = _socketInterop(require('npm-package-arg'));
 
 const {
@@ -700,13 +700,6 @@ void (async () => {
   _uxLookup = createAlertUXLookup(settings);
 })();
 
-const markdownLogSymbols = Object.freeze({
-  __proto__: null,
-  info: ':information_source:',
-  error: ':stop_sign:',
-  success: ':white_check_mark:',
-  warning: ':warning:'
-});
 class ColorOrMarkdown {
   constructor(useMarkdown) {
     this.useMarkdown = !!useMarkdown;
@@ -741,9 +734,6 @@ class ColorOrMarkdown {
     const indentedContent = items.map(item => this.indent(item).trimStart());
     return this.useMarkdown ? `* ${indentedContent.join('\n* ')}\n` : `${indentedContent.join('\n')}\n`;
   }
-  get logSymbols() {
-    return this.useMarkdown ? markdownLogSymbols : logger.Logger.LOG_SYMBOLS;
-  }
 }
 
 function getSocketDevAlertUrl(alertType) {
@@ -753,7 +743,7 @@ function getSocketDevPackageOverviewUrl(eco, name, version) {
   return `https://socket.dev/${eco}/package/${name}${version ? `/overview/${version}` : ''}`;
 }
 
-const depValid = require(npmPaths.getArboristDepValidPath());
+const depValid = require(shadowNpmPaths.getArboristDepValidPath());
 
 const {
   UNDEFINED_TOKEN
@@ -783,7 +773,7 @@ function tryRequire(req, ...ids) {
 let _log = UNDEFINED_TOKEN;
 function getLogger() {
   if (_log === UNDEFINED_TOKEN) {
-    _log = tryRequire(npmPaths.getNpmRequire(), ['proc-log/lib/index.js',
+    _log = tryRequire(shadowNpmPaths.getNpmRequire(), ['proc-log/lib/index.js',
     // The proc-log DefinitelyTyped definition is incorrect. The type definition
     // is really that of its export log.
     mod => mod.log], 'npmlog/lib/log.js');
@@ -791,7 +781,7 @@ function getLogger() {
   return _log;
 }
 
-const OverrideSet = require(npmPaths.getArboristOverrideSetClassPath());
+const OverrideSet = require(shadowNpmPaths.getArboristOverrideSetClassPath());
 
 // Implementation code not related to patch https://github.com/npm/cli/pull/8089
 // is based on https://github.com/npm/cli/blob/v11.0.0/workspaces/arborist/lib/override-set.js:
@@ -909,7 +899,7 @@ class SafeOverrideSet extends OverrideSet {
   }
 }
 
-const Node = require(npmPaths.getArboristNodeClassPath());
+const Node = require(shadowNpmPaths.getArboristNodeClassPath());
 
 // Implementation code not related to patch https://github.com/npm/cli/pull/8089
 // is based on https://github.com/npm/cli/blob/v11.0.0/workspaces/arborist/lib/node.js:
@@ -1205,7 +1195,7 @@ class SafeNode extends Node {
   }
 }
 
-const Edge = require(npmPaths.getArboristEdgeClassPath());
+const Edge = require(shadowNpmPaths.getArboristEdgeClassPath());
 
 // The Edge class makes heavy use of private properties which subclasses do NOT
 // have access to. So we have to recreate any functionality that relies on those
@@ -1783,7 +1773,7 @@ const {
     getIPC
   }
 } = constants;
-const Arborist = require(npmPaths.getArboristClassPath());
+const Arborist = require(shadowNpmPaths.getArboristClassPath());
 const SAFE_ARBORIST_REIFY_OPTIONS_OVERRIDES = {
   __proto__: null,
   audit: false,
@@ -1847,15 +1837,32 @@ class SafeArborist extends Arborist {
   }
 }
 
+function installSafeArborist() {
+  // Override '@npmcli/arborist' module exports with patched variants based on
+  // https://github.com/npm/cli/pull/8089.
+  const cache = require.cache;
+  cache[shadowNpmPaths.getArboristClassPath()] = {
+    exports: SafeArborist
+  };
+  cache[shadowNpmPaths.getArboristEdgeClassPath()] = {
+    exports: SafeEdge
+  };
+  cache[shadowNpmPaths.getArboristNodeClassPath()] = {
+    exports: SafeNode
+  };
+  cache[shadowNpmPaths.getArboristOverrideSetClassPath()] = {
+    exports: SafeOverrideSet
+  };
+}
+
+installSafeArborist();
+
 exports.Arborist = Arborist;
 exports.AuthError = AuthError;
 exports.ColorOrMarkdown = ColorOrMarkdown;
 exports.InputError = InputError;
 exports.SAFE_ARBORIST_REIFY_OPTIONS_OVERRIDES = SAFE_ARBORIST_REIFY_OPTIONS_OVERRIDES;
 exports.SafeArborist = SafeArborist;
-exports.SafeEdge = SafeEdge;
-exports.SafeNode = SafeNode;
-exports.SafeOverrideSet = SafeOverrideSet;
 exports.captureException = captureException;
 exports.findPackageNodes = findPackageNodes;
 exports.findUp = findUp;
@@ -1872,5 +1879,5 @@ exports.safeReadFile = safeReadFile;
 exports.setupSdk = setupSdk;
 exports.updateNode = updateNode;
 exports.updateSetting = updateSetting;
-//# debugId=32696061-6e8b-4f74-95c9-9ae9ce6c9c1c
-//# sourceMappingURL=index.js.map
+//# debugId=a2461f74-6908-4fea-b499-5d8392a553ba
+//# sourceMappingURL=shadow-npm-inject.js.map