@socketsecurity/cli-with-sentry 0.14.56 → 0.14.57
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/bin/cli.js +8 -10
- package/bin/npm-cli.js +1 -1
- package/bin/npx-cli.js +3 -1
- package/dist/constants.d.ts +19 -6
- package/dist/constants.js +47 -21
- package/dist/constants.js.map +1 -1
- package/dist/instrument-with-sentry.js +3 -3
- package/dist/instrument-with-sentry.js.map +1 -1
- package/dist/module-sync/cli.js +332 -272
- package/dist/module-sync/cli.js.map +1 -1
- package/dist/module-sync/color-or-markdown.d.ts +16 -0
- package/dist/module-sync/edge.d.ts +1 -1
- package/dist/module-sync/index.d.ts +3 -172
- package/dist/module-sync/node.d.ts +1 -1
- package/dist/module-sync/override-set.d.ts +37 -0
- package/dist/module-sync/shadow-bin.js +8 -8
- package/dist/module-sync/shadow-bin.js.map +1 -1
- package/dist/module-sync/{index.js → shadow-npm-inject.js} +29 -22
- package/dist/module-sync/shadow-npm-inject.js.map +1 -0
- package/dist/module-sync/{npm-paths.js → shadow-npm-paths.js} +4 -4
- package/dist/module-sync/shadow-npm-paths.js.map +1 -0
- package/dist/module-sync/socket-url.d.ts +3 -0
- package/dist/require/cli.js +332 -272
- package/dist/require/cli.js.map +1 -1
- package/dist/require/shadow-npm-inject.js +3 -0
- package/dist/require/shadow-npm-paths.js +3 -0
- package/package.json +4 -3
- package/dist/module-sync/index.js.map +0 -1
- package/dist/module-sync/npm-injection.js +0 -26
- package/dist/module-sync/npm-injection.js.map +0 -1
- package/dist/module-sync/npm-paths.js.map +0 -1
- package/dist/module-sync/proc-log.d.ts +0 -3
- package/dist/module-sync/reify.d.ts +0 -1020
- package/dist/require/index.js +0 -3
- package/dist/require/npm-injection.js +0 -3
- package/dist/require/npm-paths.js +0 -3
- /package/dist/module-sync/{npm-injection.d.ts → shadow-npm-inject.d.ts} +0 -0
- /package/dist/module-sync/{npm-paths.d.ts → shadow-npm-paths.d.ts} +0 -0
package/dist/require/cli.js
CHANGED
|
@@ -23,7 +23,7 @@ var events = require('node:events');
|
|
|
23
23
|
var fs = require('node:fs');
|
|
24
24
|
var path = require('node:path');
|
|
25
25
|
var ndjson = _socketInterop(require('ndjson'));
|
|
26
|
-
var
|
|
26
|
+
var shadowNpmInject = require('./shadow-npm-inject.js');
|
|
27
27
|
var constants = require('./constants.js');
|
|
28
28
|
var objects = require('@socketsecurity/registry/lib/objects');
|
|
29
29
|
var regexps = require('@socketsecurity/registry/lib/regexps');
|
|
@@ -55,7 +55,7 @@ var sorts = require('@socketsecurity/registry/lib/sorts');
|
|
|
55
55
|
var strings = require('@socketsecurity/registry/lib/strings');
|
|
56
56
|
var yaml = _socketInterop(require('yaml'));
|
|
57
57
|
var debug = require('@socketsecurity/registry/lib/debug');
|
|
58
|
-
var
|
|
58
|
+
var shadowNpmPaths = require('./shadow-npm-paths.js');
|
|
59
59
|
var betterAjvErrors = _socketInterop(require('@apideck/better-ajv-errors'));
|
|
60
60
|
var config$A = require('@socketsecurity/config');
|
|
61
61
|
var assert = require('node:assert');
|
|
@@ -837,7 +837,7 @@ function getIgnoreOptions({
|
|
|
837
837
|
ignoreCommands.push(data);
|
|
838
838
|
}
|
|
839
839
|
} catch (e) {
|
|
840
|
-
logger.logger.
|
|
840
|
+
logger.logger.fail(`Unable to process ignore command for ${comment}`);
|
|
841
841
|
logger.logger.error(e);
|
|
842
842
|
}
|
|
843
843
|
}
|
|
@@ -1223,7 +1223,7 @@ function securityCommentTemplate(diff) {
|
|
|
1223
1223
|
// TODO: is this a github action handler?
|
|
1224
1224
|
async function runAction(githubEventBefore, githubEventAfter) {
|
|
1225
1225
|
//TODO
|
|
1226
|
-
const socket = new sdk.SocketSdk(
|
|
1226
|
+
const socket = new sdk.SocketSdk(shadowNpmInject.getDefaultToken());
|
|
1227
1227
|
const git = simpleGit.simpleGit();
|
|
1228
1228
|
const changedFiles = (await git.diff(process.env['GITHUB_EVENT_NAME'] === 'pull_request' ? ['--name-only', 'HEAD^1', 'HEAD'] : ['--name-only', githubEventBefore, githubEventAfter])).split('\n');
|
|
1229
1229
|
logger.logger.log({
|
|
@@ -1288,15 +1288,14 @@ async function runAction(githubEventBefore, githubEventAfter) {
|
|
|
1288
1288
|
const {
|
|
1289
1289
|
API_V0_URL
|
|
1290
1290
|
} = constants;
|
|
1291
|
-
function handleUnsuccessfulApiResponse(_name, result
|
|
1291
|
+
function handleUnsuccessfulApiResponse(_name, result) {
|
|
1292
1292
|
// SocketSdkErrorType['error'] is not typed.
|
|
1293
1293
|
const resultErrorMessage = result.error?.message;
|
|
1294
1294
|
const message = typeof resultErrorMessage === 'string' ? resultErrorMessage : 'No error message returned';
|
|
1295
1295
|
if (result.status === 401 || result.status === 403) {
|
|
1296
|
-
|
|
1297
|
-
throw new index.AuthError(message);
|
|
1296
|
+
throw new shadowNpmInject.AuthError(message);
|
|
1298
1297
|
}
|
|
1299
|
-
|
|
1298
|
+
logger.logger.fail(`${colors.bgRed(colors.white('API returned an error:'))} ${message}`);
|
|
1300
1299
|
process$1.exit(1);
|
|
1301
1300
|
}
|
|
1302
1301
|
async function handleApiCall(value, description) {
|
|
@@ -1475,8 +1474,8 @@ async function meowWithSubcommands(subcommands, options) {
|
|
|
1475
1474
|
autoHelp: false // otherwise we can't exit(0)
|
|
1476
1475
|
});
|
|
1477
1476
|
if (!cli.flags['help'] && cli.flags['dryRun']) {
|
|
1478
|
-
logger.logger.log(`${DRY_RUN_LABEL$1}: No-op, call a sub-command; ok`);
|
|
1479
1477
|
process.exitCode = 0;
|
|
1478
|
+
logger.logger.log(`${DRY_RUN_LABEL$1}: No-op, call a sub-command; ok`);
|
|
1480
1479
|
} else {
|
|
1481
1480
|
cli.showHelp();
|
|
1482
1481
|
}
|
|
@@ -1517,9 +1516,9 @@ function meowOrExit({
|
|
|
1517
1516
|
}
|
|
1518
1517
|
function getAsciiHeader(command) {
|
|
1519
1518
|
const cliVersion = // The '@rollup/plugin-replace' will replace "process.env['SOCKET_CLI_VERSION_HASH']".
|
|
1520
|
-
"0.14.
|
|
1519
|
+
"0.14.57:6783de7:236c7308:pub";
|
|
1521
1520
|
const nodeVersion = process.version;
|
|
1522
|
-
const apiToken =
|
|
1521
|
+
const apiToken = shadowNpmInject.getSetting('apiToken');
|
|
1523
1522
|
const shownToken = apiToken ? getLastFiveOfApiToken(apiToken) : 'no';
|
|
1524
1523
|
const relCwd = process.cwd().replace(new RegExp(`^${regexps.escapeRegExp(constants.homePath)}`, 'i'), '~/');
|
|
1525
1524
|
const body = `
|
|
@@ -1592,10 +1591,10 @@ async function run$z(argv, importMeta, {
|
|
|
1592
1591
|
}
|
|
1593
1592
|
|
|
1594
1593
|
async function fetchOrgAnalyticsData(time, spinner, apiToken) {
|
|
1595
|
-
const socketSdk = await
|
|
1594
|
+
const socketSdk = await shadowNpmInject.setupSdk(apiToken);
|
|
1596
1595
|
const result = await handleApiCall(socketSdk.getOrgAnalytics(time.toString()), 'fetching analytics data');
|
|
1597
1596
|
if (result.success === false) {
|
|
1598
|
-
handleUnsuccessfulApiResponse('getOrgAnalytics', result
|
|
1597
|
+
handleUnsuccessfulApiResponse('getOrgAnalytics', result);
|
|
1599
1598
|
return undefined;
|
|
1600
1599
|
}
|
|
1601
1600
|
spinner.stop();
|
|
@@ -1607,10 +1606,10 @@ async function fetchOrgAnalyticsData(time, spinner, apiToken) {
|
|
|
1607
1606
|
}
|
|
1608
1607
|
|
|
1609
1608
|
async function fetchRepoAnalyticsData(repo, time, spinner, apiToken) {
|
|
1610
|
-
const socketSdk = await
|
|
1609
|
+
const socketSdk = await shadowNpmInject.setupSdk(apiToken);
|
|
1611
1610
|
const result = await handleApiCall(socketSdk.getRepoAnalytics(repo, time.toString()), 'fetching analytics data');
|
|
1612
1611
|
if (result.success === false) {
|
|
1613
|
-
handleUnsuccessfulApiResponse('getRepoAnalytics', result
|
|
1612
|
+
handleUnsuccessfulApiResponse('getRepoAnalytics', result);
|
|
1614
1613
|
return undefined;
|
|
1615
1614
|
}
|
|
1616
1615
|
spinner.stop();
|
|
@@ -1684,9 +1683,9 @@ async function displayAnalytics({
|
|
|
1684
1683
|
scope,
|
|
1685
1684
|
time
|
|
1686
1685
|
}) {
|
|
1687
|
-
const apiToken =
|
|
1686
|
+
const apiToken = shadowNpmInject.getDefaultToken();
|
|
1688
1687
|
if (!apiToken) {
|
|
1689
|
-
throw new
|
|
1688
|
+
throw new shadowNpmInject.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API token.');
|
|
1690
1689
|
}
|
|
1691
1690
|
await outputAnalyticsWithToken({
|
|
1692
1691
|
apiToken,
|
|
@@ -1727,9 +1726,9 @@ async function outputAnalyticsWithToken({
|
|
|
1727
1726
|
await fs$1.writeFile(filePath, serialized, 'utf8');
|
|
1728
1727
|
logger.logger.log(`Data successfully written to ${filePath}`);
|
|
1729
1728
|
} catch (e) {
|
|
1730
|
-
logger.logger.error('There was an error trying to write the json to disk');
|
|
1731
|
-
logger.logger.error(e);
|
|
1732
1729
|
process.exitCode = 1;
|
|
1730
|
+
logger.logger.fail('There was an error trying to write the json to disk');
|
|
1731
|
+
logger.logger.error(e);
|
|
1733
1732
|
}
|
|
1734
1733
|
} else {
|
|
1735
1734
|
logger.logger.log(serialized);
|
|
@@ -1757,9 +1756,9 @@ function renderJson(data) {
|
|
|
1757
1756
|
try {
|
|
1758
1757
|
return JSON.stringify(data, null, 2);
|
|
1759
1758
|
} catch (e) {
|
|
1760
|
-
// This could be caused by circular references, which is an "us" problem
|
|
1761
|
-
logger.logger.error('There was a problem converting the data set to JSON. Please try without --json or with --markdown');
|
|
1762
1759
|
process.exitCode = 1;
|
|
1760
|
+
// This could be caused by circular references, which is an "us" problem
|
|
1761
|
+
logger.logger.fail('There was a problem converting the data set to JSON. Please try without --json or with --markdown');
|
|
1763
1762
|
return;
|
|
1764
1763
|
}
|
|
1765
1764
|
}
|
|
@@ -1994,7 +1993,7 @@ async function run$y(argv, importMeta, {
|
|
|
1994
1993
|
// options or missing arguments.
|
|
1995
1994
|
// https://www.gnu.org/software/bash/manual/html_node/Exit-Status.html
|
|
1996
1995
|
process.exitCode = 2;
|
|
1997
|
-
logger.logger.
|
|
1996
|
+
logger.logger.fail(commonTags.stripIndents`${colors.bgRed(colors.white('Input error'))}: Please provide the required fields:
|
|
1998
1997
|
|
|
1999
1998
|
- Scope must be "repo" or "org" ${badScope ? colors.red('(bad!)') : colors.green('(ok)')}
|
|
2000
1999
|
|
|
@@ -2028,9 +2027,9 @@ async function getAuditLog({
|
|
|
2028
2027
|
page,
|
|
2029
2028
|
perPage
|
|
2030
2029
|
}) {
|
|
2031
|
-
const apiToken =
|
|
2030
|
+
const apiToken = shadowNpmInject.getDefaultToken();
|
|
2032
2031
|
if (!apiToken) {
|
|
2033
|
-
throw new
|
|
2032
|
+
throw new shadowNpmInject.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
|
|
2034
2033
|
}
|
|
2035
2034
|
const auditLogs = await getAuditLogWithToken({
|
|
2036
2035
|
apiToken,
|
|
@@ -2074,8 +2073,8 @@ async function outputAsJson(auditLogs, orgSlug, logType, page, perPage) {
|
|
|
2074
2073
|
})
|
|
2075
2074
|
}, null, 2);
|
|
2076
2075
|
} catch (e) {
|
|
2077
|
-
logger.logger.error('There was a problem converting the logs to JSON, please try without the `--json` flag');
|
|
2078
2076
|
process.exitCode = 1;
|
|
2077
|
+
logger.logger.fail('There was a problem converting the logs to JSON, please try without the `--json` flag');
|
|
2079
2078
|
return;
|
|
2080
2079
|
}
|
|
2081
2080
|
logger.logger.log(json);
|
|
@@ -2096,9 +2095,9 @@ These are the Socket.dev audit logs as per requested query.
|
|
|
2096
2095
|
${table}
|
|
2097
2096
|
`);
|
|
2098
2097
|
} catch (e) {
|
|
2099
|
-
logger.logger.error('There was a problem converting the logs to JSON, please try without the `--json` flag');
|
|
2100
|
-
logger.logger.error(e);
|
|
2101
2098
|
process.exitCode = 1;
|
|
2099
|
+
logger.logger.fail('There was a problem converting the logs to JSON, please try without the `--json` flag');
|
|
2100
|
+
logger.logger.error(e);
|
|
2102
2101
|
return;
|
|
2103
2102
|
}
|
|
2104
2103
|
}
|
|
@@ -2140,7 +2139,7 @@ async function getAuditLogWithToken({
|
|
|
2140
2139
|
spinner
|
|
2141
2140
|
} = constants;
|
|
2142
2141
|
spinner.start(`Looking up audit log for ${orgSlug}`);
|
|
2143
|
-
const socketSdk = await
|
|
2142
|
+
const socketSdk = await shadowNpmInject.setupSdk(apiToken);
|
|
2144
2143
|
const result = await handleApiCall(socketSdk.getAuditLogEvents(orgSlug, {
|
|
2145
2144
|
outputJson: outputKind === 'json',
|
|
2146
2145
|
// I'm not sure this is used at all
|
|
@@ -2152,7 +2151,7 @@ async function getAuditLogWithToken({
|
|
|
2152
2151
|
per_page: perPage
|
|
2153
2152
|
}), `Looking up audit log for ${orgSlug}\n`);
|
|
2154
2153
|
if (!result.success) {
|
|
2155
|
-
handleUnsuccessfulApiResponse('getAuditLogEvents', result
|
|
2154
|
+
handleUnsuccessfulApiResponse('getAuditLogEvents', result);
|
|
2156
2155
|
return;
|
|
2157
2156
|
}
|
|
2158
2157
|
spinner.stop();
|
|
@@ -2227,7 +2226,7 @@ async function run$x(argv, importMeta, {
|
|
|
2227
2226
|
// options or missing arguments.
|
|
2228
2227
|
// https://www.gnu.org/software/bash/manual/html_node/Exit-Status.html
|
|
2229
2228
|
process.exitCode = 2;
|
|
2230
|
-
logger.logger.
|
|
2229
|
+
logger.logger.fail(commonTags.stripIndents`
|
|
2231
2230
|
${colors.bgRed(colors.white('Input error'))}: Please provide the required fields:\n
|
|
2232
2231
|
- Org name as the first argument ${!orgSlug ? colors.red('(missing!)') : colors.green('(ok)')}
|
|
2233
2232
|
`);
|
|
@@ -2413,7 +2412,7 @@ async function run$w(argv, importMeta, {
|
|
|
2413
2412
|
//
|
|
2414
2413
|
//
|
|
2415
2414
|
// if (cli.input.length)
|
|
2416
|
-
// logger.
|
|
2415
|
+
// logger.fail(
|
|
2417
2416
|
// stripIndents`
|
|
2418
2417
|
// ${colors.bgRed(colors.white('Input error'))}: Please provide the required fields:
|
|
2419
2418
|
//
|
|
@@ -2437,7 +2436,7 @@ async function run$w(argv, importMeta, {
|
|
|
2437
2436
|
// options or missing arguments.
|
|
2438
2437
|
// https://www.gnu.org/software/bash/manual/html_node/Exit-Status.html
|
|
2439
2438
|
process$1.exitCode = 2;
|
|
2440
|
-
logger.logger.
|
|
2439
|
+
logger.logger.fail(`Unknown ${words.pluralize('argument', unknownLength)}: ${yargv._.join(', ')}`);
|
|
2441
2440
|
return;
|
|
2442
2441
|
}
|
|
2443
2442
|
if (yargv.output === undefined) {
|
|
@@ -2456,22 +2455,22 @@ async function findDependencies({
|
|
|
2456
2455
|
offset,
|
|
2457
2456
|
outputJson
|
|
2458
2457
|
}) {
|
|
2459
|
-
const apiToken =
|
|
2458
|
+
const apiToken = shadowNpmInject.getDefaultToken();
|
|
2460
2459
|
if (!apiToken) {
|
|
2461
|
-
throw new
|
|
2460
|
+
throw new shadowNpmInject.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
|
|
2462
2461
|
}
|
|
2463
2462
|
// Lazily access constants.spinner.
|
|
2464
2463
|
const {
|
|
2465
2464
|
spinner
|
|
2466
2465
|
} = constants;
|
|
2467
2466
|
spinner.start('Searching dependencies...');
|
|
2468
|
-
const socketSdk = await
|
|
2467
|
+
const socketSdk = await shadowNpmInject.setupSdk(apiToken);
|
|
2469
2468
|
const result = await handleApiCall(socketSdk.searchDependencies({
|
|
2470
2469
|
limit,
|
|
2471
2470
|
offset
|
|
2472
2471
|
}), 'Searching dependencies');
|
|
2473
2472
|
if (!result.success) {
|
|
2474
|
-
handleUnsuccessfulApiResponse('searchDependencies', result
|
|
2473
|
+
handleUnsuccessfulApiResponse('searchDependencies', result);
|
|
2475
2474
|
return;
|
|
2476
2475
|
}
|
|
2477
2476
|
spinner.stop('Organization dependencies:');
|
|
@@ -2576,9 +2575,9 @@ async function getDiffScan({
|
|
|
2576
2575
|
orgSlug,
|
|
2577
2576
|
outputJson
|
|
2578
2577
|
}) {
|
|
2579
|
-
const apiToken =
|
|
2578
|
+
const apiToken = shadowNpmInject.getDefaultToken();
|
|
2580
2579
|
if (!apiToken) {
|
|
2581
|
-
throw new
|
|
2580
|
+
throw new shadowNpmInject.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
|
|
2582
2581
|
}
|
|
2583
2582
|
await getDiffScanWithToken({
|
|
2584
2583
|
after,
|
|
@@ -2623,16 +2622,17 @@ async function getDiffScanWithToken({
|
|
|
2623
2622
|
try {
|
|
2624
2623
|
json = JSON.stringify(result, null, 2);
|
|
2625
2624
|
} catch (e) {
|
|
2626
|
-
// Most likely caused by a circular reference (or OOM)
|
|
2627
|
-
logger.logger.error('There was a problem converting the data to JSON');
|
|
2628
2625
|
process.exitCode = 1;
|
|
2626
|
+
// Most likely caused by a circular reference (or OOM)
|
|
2627
|
+
logger.logger.fail('There was a problem converting the data to JSON');
|
|
2628
|
+
logger.logger.error(e);
|
|
2629
2629
|
return;
|
|
2630
2630
|
}
|
|
2631
2631
|
if (file && file !== '-') {
|
|
2632
2632
|
logger.logger.log(`Writing json to \`${file}\``);
|
|
2633
2633
|
fs.writeFile(file, JSON.stringify(result, null, 2), err => {
|
|
2634
2634
|
if (err) {
|
|
2635
|
-
logger.logger.
|
|
2635
|
+
logger.logger.fail(`Writing to \`${file}\` failed...`);
|
|
2636
2636
|
logger.logger.error(err);
|
|
2637
2637
|
} else {
|
|
2638
2638
|
logger.logger.log(`Data successfully written to \`${file}\``);
|
|
@@ -2738,7 +2738,7 @@ async function run$u(argv, importMeta, {
|
|
|
2738
2738
|
// options or missing arguments.
|
|
2739
2739
|
// https://www.gnu.org/software/bash/manual/html_node/Exit-Status.html
|
|
2740
2740
|
process.exitCode = 2;
|
|
2741
|
-
logger.logger.
|
|
2741
|
+
logger.logger.fail(`${colors.bgRed(colors.white('Input error'))}: Please provide the required fields:\n
|
|
2742
2742
|
- Specify a before and after full scan ID ${!before && !after ? colors.red('(missing before and after!)') : !before ? colors.red('(missing before!)') : !after ? colors.red('(missing after!)') : colors.green('(ok)')}\n
|
|
2743
2743
|
- To get full scans IDs, you can run the command "socket scan list <your org slug>".
|
|
2744
2744
|
The args are expecting a full \`aaa0aa0a-aaaa-0000-0a0a-0000000a00a0\` ID.\n
|
|
@@ -2801,17 +2801,17 @@ async function runFix() {
|
|
|
2801
2801
|
});
|
|
2802
2802
|
// const agentDetails = await detect()
|
|
2803
2803
|
|
|
2804
|
-
const arb = new
|
|
2804
|
+
const arb = new shadowNpmInject.SafeArborist({
|
|
2805
2805
|
path: cwd,
|
|
2806
|
-
...
|
|
2806
|
+
...shadowNpmInject.SAFE_ARBORIST_REIFY_OPTIONS_OVERRIDES
|
|
2807
2807
|
});
|
|
2808
2808
|
await arb.reify();
|
|
2809
|
-
const alerts = await
|
|
2809
|
+
const alerts = await shadowNpmInject.getPackagesAlerts(arb, {
|
|
2810
2810
|
consolidate: true,
|
|
2811
2811
|
includeExisting: true,
|
|
2812
2812
|
includeUnfixable: false
|
|
2813
2813
|
});
|
|
2814
|
-
const infoByPkg =
|
|
2814
|
+
const infoByPkg = shadowNpmInject.getCveInfoByPackage(alerts);
|
|
2815
2815
|
await arb.buildIdealTree();
|
|
2816
2816
|
if (infoByPkg) {
|
|
2817
2817
|
for (const {
|
|
@@ -2828,7 +2828,7 @@ async function runFix() {
|
|
|
2828
2828
|
spinner.info(`Skipping ${name}. Socket Optimize package exists.`);
|
|
2829
2829
|
continue;
|
|
2830
2830
|
}
|
|
2831
|
-
const nodes =
|
|
2831
|
+
const nodes = shadowNpmInject.findPackageNodes(tree, name);
|
|
2832
2832
|
const packument = nodes.length && infos.length ?
|
|
2833
2833
|
// eslint-disable-next-line no-await-in-loop
|
|
2834
2834
|
await packages.fetchPackagePackument(name) : null;
|
|
@@ -2847,7 +2847,7 @@ async function runFix() {
|
|
|
2847
2847
|
const {
|
|
2848
2848
|
version: oldVersion
|
|
2849
2849
|
} = node;
|
|
2850
|
-
if (
|
|
2850
|
+
if (shadowNpmInject.updateNode(node, packument, vulnerableVersionRange)) {
|
|
2851
2851
|
try {
|
|
2852
2852
|
// eslint-disable-next-line no-await-in-loop
|
|
2853
2853
|
await npm.runScript('test', [], {
|
|
@@ -2878,7 +2878,7 @@ async function runFix() {
|
|
|
2878
2878
|
}
|
|
2879
2879
|
}
|
|
2880
2880
|
}
|
|
2881
|
-
const arb2 = new
|
|
2881
|
+
const arb2 = new shadowNpmInject.Arborist({
|
|
2882
2882
|
path: cwd
|
|
2883
2883
|
});
|
|
2884
2884
|
arb2.idealTree = arb.idealTree;
|
|
@@ -2999,22 +2999,16 @@ function getSeverityCount(issues, lowestToInclude) {
|
|
|
2999
2999
|
}
|
|
3000
3000
|
|
|
3001
3001
|
async function fetchPackageInfo(pkgName, pkgVersion, includeAllIssues) {
|
|
3002
|
-
|
|
3003
|
-
const {
|
|
3004
|
-
spinner
|
|
3005
|
-
} = constants;
|
|
3006
|
-
spinner.start(pkgVersion === 'latest' ? `Looking up data for the latest version of ${pkgName}` : `Looking up data for version ${pkgVersion} of ${pkgName}`);
|
|
3007
|
-
const socketSdk = await index.setupSdk(index.getPublicToken());
|
|
3002
|
+
const socketSdk = await shadowNpmInject.setupSdk(shadowNpmInject.getPublicToken());
|
|
3008
3003
|
const result = await handleApiCall(socketSdk.getIssuesByNPMPackage(pkgName, pkgVersion), 'looking up package');
|
|
3009
3004
|
const scoreResult = await handleApiCall(socketSdk.getScoreByNPMPackage(pkgName, pkgVersion), 'looking up package score');
|
|
3010
3005
|
if (result.success === false) {
|
|
3011
|
-
return handleUnsuccessfulApiResponse('getIssuesByNPMPackage', result
|
|
3006
|
+
return handleUnsuccessfulApiResponse('getIssuesByNPMPackage', result);
|
|
3012
3007
|
}
|
|
3013
3008
|
if (scoreResult.success === false) {
|
|
3014
|
-
return handleUnsuccessfulApiResponse('getScoreByNPMPackage', scoreResult
|
|
3009
|
+
return handleUnsuccessfulApiResponse('getScoreByNPMPackage', scoreResult);
|
|
3015
3010
|
}
|
|
3016
3011
|
const severityCount = getSeverityCount(result.data, includeAllIssues ? undefined : 'high');
|
|
3017
|
-
spinner?.successAndStop('Data fetched');
|
|
3018
3012
|
return {
|
|
3019
3013
|
data: result.data,
|
|
3020
3014
|
severityCount,
|
|
@@ -3063,8 +3057,8 @@ function formatPackageInfo({
|
|
|
3063
3057
|
} else {
|
|
3064
3058
|
logger.logger.log('Package has no issues');
|
|
3065
3059
|
}
|
|
3066
|
-
const format = new
|
|
3067
|
-
const url =
|
|
3060
|
+
const format = new shadowNpmInject.ColorOrMarkdown(outputKind === 'markdown');
|
|
3061
|
+
const url = shadowNpmInject.getSocketDevPackageOverviewUrl(NPM$c, pkgName, pkgVersion);
|
|
3068
3062
|
logger.logger.log('\n');
|
|
3069
3063
|
if (pkgVersion === 'latest') {
|
|
3070
3064
|
logger.logger.log(`Detailed info on socket.dev: ${format.hyperlink(`${pkgName}`, url, {
|
|
@@ -3099,9 +3093,9 @@ function formatPackageIssuesDetails(packageData, outputMarkdown) {
|
|
|
3099
3093
|
}
|
|
3100
3094
|
return acc;
|
|
3101
3095
|
}, {});
|
|
3102
|
-
const format = new
|
|
3096
|
+
const format = new shadowNpmInject.ColorOrMarkdown(outputMarkdown);
|
|
3103
3097
|
for (const issue of Object.keys(uniqueIssues)) {
|
|
3104
|
-
const issueWithLink = format.hyperlink(`${uniqueIssues[issue]?.label}`,
|
|
3098
|
+
const issueWithLink = format.hyperlink(`${uniqueIssues[issue]?.label}`, shadowNpmInject.getSocketDevAlertUrl(issue), {
|
|
3105
3099
|
fallbackToUrl: true
|
|
3106
3100
|
});
|
|
3107
3101
|
if (uniqueIssues[issue]?.count === 1) {
|
|
@@ -3128,7 +3122,13 @@ async function getPackageInfo({
|
|
|
3128
3122
|
pkgVersion,
|
|
3129
3123
|
strict
|
|
3130
3124
|
}) {
|
|
3125
|
+
// Lazily access constants.spinner.
|
|
3126
|
+
const {
|
|
3127
|
+
spinner
|
|
3128
|
+
} = constants;
|
|
3129
|
+
spinner.start(pkgVersion === 'latest' ? `Looking up data for the latest version of ${pkgName}` : `Looking up data for version ${pkgVersion} of ${pkgName}`);
|
|
3131
3130
|
const packageData = await fetchPackageInfo(pkgName, pkgVersion, includeAllIssues);
|
|
3131
|
+
spinner.successAndStop('Data fetched');
|
|
3132
3132
|
if (packageData) {
|
|
3133
3133
|
formatPackageInfo(packageData, {
|
|
3134
3134
|
name: commandName,
|
|
@@ -3193,7 +3193,7 @@ async function run$s(argv, importMeta, {
|
|
|
3193
3193
|
// options or missing arguments.
|
|
3194
3194
|
// https://www.gnu.org/software/bash/manual/html_node/Exit-Status.html
|
|
3195
3195
|
process.exitCode = 2;
|
|
3196
|
-
logger.logger.
|
|
3196
|
+
logger.logger.fail(`${colors.bgRed(colors.white('Input error'))}: Please provide the required fields:\n
|
|
3197
3197
|
- Expecting a package name ${!rawPkgName ? colors.red('(missing!)') : colors.green('(ok)')}\n
|
|
3198
3198
|
- Can only accept one package at a time ${cli.input.length > 1 ? colors.red('(got ' + cli.input.length + '!)') : colors.green('(ok)')}\n`);
|
|
3199
3199
|
return;
|
|
@@ -3216,18 +3216,18 @@ async function run$s(argv, importMeta, {
|
|
|
3216
3216
|
}
|
|
3217
3217
|
|
|
3218
3218
|
function applyLogin(apiToken, enforcedOrgs, apiBaseUrl, apiProxy) {
|
|
3219
|
-
|
|
3220
|
-
|
|
3221
|
-
|
|
3222
|
-
|
|
3219
|
+
shadowNpmInject.updateSetting('enforcedOrgs', enforcedOrgs);
|
|
3220
|
+
shadowNpmInject.updateSetting('apiToken', apiToken);
|
|
3221
|
+
shadowNpmInject.updateSetting('apiBaseUrl', apiBaseUrl);
|
|
3222
|
+
shadowNpmInject.updateSetting('apiProxy', apiProxy);
|
|
3223
3223
|
}
|
|
3224
3224
|
|
|
3225
3225
|
const {
|
|
3226
3226
|
SOCKET_PUBLIC_API_TOKEN
|
|
3227
3227
|
} = constants;
|
|
3228
3228
|
async function attemptLogin(apiBaseUrl, apiProxy) {
|
|
3229
|
-
apiBaseUrl ??=
|
|
3230
|
-
apiProxy ??=
|
|
3229
|
+
apiBaseUrl ??= shadowNpmInject.getSetting('apiBaseUrl') ?? undefined;
|
|
3230
|
+
apiProxy ??= shadowNpmInject.getSetting('apiProxy') ?? undefined;
|
|
3231
3231
|
const apiToken = (await prompts.password({
|
|
3232
3232
|
message: `Enter your ${terminalLink('Socket.dev API key', 'https://docs.socket.dev/docs/api-keys')} (leave blank for a public key)`
|
|
3233
3233
|
})) || SOCKET_PUBLIC_API_TOKEN;
|
|
@@ -3238,13 +3238,13 @@ async function attemptLogin(apiBaseUrl, apiProxy) {
|
|
|
3238
3238
|
spinner.start('Verifying API key...');
|
|
3239
3239
|
let orgs;
|
|
3240
3240
|
try {
|
|
3241
|
-
const sdk = await
|
|
3241
|
+
const sdk = await shadowNpmInject.setupSdk(apiToken, apiBaseUrl, apiProxy);
|
|
3242
3242
|
const result = await sdk.getOrganizations();
|
|
3243
3243
|
if (!result.success) {
|
|
3244
|
-
throw new
|
|
3244
|
+
throw new shadowNpmInject.AuthError();
|
|
3245
3245
|
}
|
|
3246
3246
|
orgs = result.data;
|
|
3247
|
-
spinner.
|
|
3247
|
+
spinner.success('API key verified');
|
|
3248
3248
|
} catch {
|
|
3249
3249
|
spinner.errorAndStop('Invalid API key');
|
|
3250
3250
|
return;
|
|
@@ -3282,14 +3282,13 @@ async function attemptLogin(apiBaseUrl, apiProxy) {
|
|
|
3282
3282
|
}
|
|
3283
3283
|
}
|
|
3284
3284
|
}
|
|
3285
|
-
|
|
3285
|
+
spinner.stop();
|
|
3286
|
+
const oldToken = shadowNpmInject.getSetting('apiToken');
|
|
3286
3287
|
try {
|
|
3287
3288
|
applyLogin(apiToken, enforcedOrgs, apiBaseUrl, apiProxy);
|
|
3288
|
-
|
|
3289
|
-
spinner.successAndStop(`API credentials ${oldToken ? 'updated' : 'set'}`);
|
|
3289
|
+
logger.logger.success(`API credentials ${oldToken ? 'updated' : 'set'}`);
|
|
3290
3290
|
} catch {
|
|
3291
|
-
|
|
3292
|
-
spinner.errorAndStop(`API login failed`);
|
|
3291
|
+
logger.logger.fail(`API login failed`);
|
|
3293
3292
|
}
|
|
3294
3293
|
}
|
|
3295
3294
|
|
|
@@ -3346,16 +3345,16 @@ async function run$r(argv, importMeta, {
|
|
|
3346
3345
|
return;
|
|
3347
3346
|
}
|
|
3348
3347
|
if (!isInteractive()) {
|
|
3349
|
-
throw new
|
|
3348
|
+
throw new shadowNpmInject.InputError('Cannot prompt for credentials in a non-interactive shell');
|
|
3350
3349
|
}
|
|
3351
3350
|
await attemptLogin(apiBaseUrl, apiProxy);
|
|
3352
3351
|
}
|
|
3353
3352
|
|
|
3354
3353
|
function applyLogout() {
|
|
3355
|
-
|
|
3356
|
-
|
|
3357
|
-
|
|
3358
|
-
|
|
3354
|
+
shadowNpmInject.updateSetting('apiToken', null);
|
|
3355
|
+
shadowNpmInject.updateSetting('apiBaseUrl', null);
|
|
3356
|
+
shadowNpmInject.updateSetting('apiProxy', null);
|
|
3357
|
+
shadowNpmInject.updateSetting('enforcedOrgs', null);
|
|
3359
3358
|
}
|
|
3360
3359
|
|
|
3361
3360
|
function attemptLogout() {
|
|
@@ -3363,7 +3362,7 @@ function attemptLogout() {
|
|
|
3363
3362
|
applyLogout();
|
|
3364
3363
|
logger.logger.success('Successfully logged out');
|
|
3365
3364
|
} catch {
|
|
3366
|
-
logger.logger.
|
|
3365
|
+
logger.logger.fail('Failed to complete logout steps');
|
|
3367
3366
|
}
|
|
3368
3367
|
}
|
|
3369
3368
|
|
|
@@ -3445,14 +3444,14 @@ async function convertGradleToMaven(target, bin, _out, verbose, gradleOpts) {
|
|
|
3445
3444
|
logger.logger.groupEnd();
|
|
3446
3445
|
}
|
|
3447
3446
|
if (output.stderr) {
|
|
3448
|
-
|
|
3447
|
+
process.exitCode = 1;
|
|
3448
|
+
logger.logger.fail('There were errors while running gradle');
|
|
3449
3449
|
// (In verbose mode, stderr was printed above, no need to repeat it)
|
|
3450
3450
|
if (!verbose) {
|
|
3451
3451
|
logger.logger.group('[VERBOSE] stderr:');
|
|
3452
3452
|
logger.logger.error(output.stderr);
|
|
3453
3453
|
logger.logger.groupEnd();
|
|
3454
3454
|
}
|
|
3455
|
-
process.exitCode = 1;
|
|
3456
3455
|
return;
|
|
3457
3456
|
}
|
|
3458
3457
|
logger.logger.success('Executed gradle successfully');
|
|
@@ -3464,7 +3463,7 @@ async function convertGradleToMaven(target, bin, _out, verbose, gradleOpts) {
|
|
|
3464
3463
|
|
|
3465
3464
|
// const loc = output.stdout?.match(/Wrote (.*?.pom)\n/)?.[1]?.trim()
|
|
3466
3465
|
// if (!loc) {
|
|
3467
|
-
// logger.
|
|
3466
|
+
// logger.fail(
|
|
3468
3467
|
// 'There were no errors from sbt but could not find the location of resulting .pom file either'
|
|
3469
3468
|
// )
|
|
3470
3469
|
// process.exit(1)
|
|
@@ -3490,15 +3489,14 @@ async function convertGradleToMaven(target, bin, _out, verbose, gradleOpts) {
|
|
|
3490
3489
|
// spinner.successAndStop(`OK. File should be available in \`${out}\``)
|
|
3491
3490
|
// }
|
|
3492
3491
|
} catch (e) {
|
|
3493
|
-
|
|
3492
|
+
process.exitCode = 1;
|
|
3493
|
+
spinner.stop();
|
|
3494
|
+
logger.logger.fail('There was an unexpected error while running this' + (verbose ? '' : ' (use --verbose for details)'));
|
|
3494
3495
|
if (verbose) {
|
|
3495
3496
|
logger.logger.group('[VERBOSE] error:');
|
|
3496
3497
|
logger.logger.log(e);
|
|
3497
3498
|
logger.logger.groupEnd();
|
|
3498
3499
|
}
|
|
3499
|
-
process.exitCode = 1;
|
|
3500
|
-
} finally {
|
|
3501
|
-
spinner.stop();
|
|
3502
3500
|
}
|
|
3503
3501
|
}
|
|
3504
3502
|
|
|
@@ -3608,7 +3606,7 @@ async function run$p(argv, importMeta, {
|
|
|
3608
3606
|
// options or missing arguments.
|
|
3609
3607
|
// https://www.gnu.org/software/bash/manual/html_node/Exit-Status.html
|
|
3610
3608
|
process.exitCode = 2;
|
|
3611
|
-
logger.logger.
|
|
3609
|
+
logger.logger.fail(commonTags.stripIndents`${colors.bgRed(colors.white('Input error'))}: Please provide the required fields:
|
|
3612
3610
|
|
|
3613
3611
|
- The DIR arg is required ${!target ? colors.red('(missing!)') : target === '-' ? colors.red('(stdin is not supported)') : colors.green('(ok)')}
|
|
3614
3612
|
|
|
@@ -3684,14 +3682,14 @@ async function convertSbtToMaven(target, bin, out, verbose, sbtOpts) {
|
|
|
3684
3682
|
logger.logger.groupEnd();
|
|
3685
3683
|
}
|
|
3686
3684
|
if (output.stderr) {
|
|
3687
|
-
|
|
3685
|
+
process.exitCode = 1;
|
|
3686
|
+
logger.logger.fail('There were errors while running sbt');
|
|
3688
3687
|
// (In verbose mode, stderr was printed above, no need to repeat it)
|
|
3689
3688
|
if (!verbose) {
|
|
3690
3689
|
logger.logger.group('[VERBOSE] stderr:');
|
|
3691
3690
|
logger.logger.error(output.stderr);
|
|
3692
3691
|
logger.logger.groupEnd();
|
|
3693
3692
|
}
|
|
3694
|
-
process.exitCode = 1;
|
|
3695
3693
|
return;
|
|
3696
3694
|
}
|
|
3697
3695
|
const poms = [];
|
|
@@ -3700,8 +3698,8 @@ async function convertSbtToMaven(target, bin, out, verbose, sbtOpts) {
|
|
|
3700
3698
|
return fn;
|
|
3701
3699
|
});
|
|
3702
3700
|
if (!poms.length) {
|
|
3703
|
-
logger.logger.error('There were no errors from sbt but it seems to not have generated any poms either');
|
|
3704
3701
|
process.exitCode = 1;
|
|
3702
|
+
logger.logger.fail('There were no errors from sbt but it seems to not have generated any poms either');
|
|
3705
3703
|
return;
|
|
3706
3704
|
}
|
|
3707
3705
|
// Move the pom file to ...? initial cwd? loc will be an absolute path, or dump to stdout
|
|
@@ -3709,14 +3707,14 @@ async function convertSbtToMaven(target, bin, out, verbose, sbtOpts) {
|
|
|
3709
3707
|
// TODO: maybe we can add an option to target a specific file to dump to stdout
|
|
3710
3708
|
if (out === '-' && poms.length === 1) {
|
|
3711
3709
|
logger.logger.log('Result:\n```');
|
|
3712
|
-
logger.logger.log(await
|
|
3710
|
+
logger.logger.log(await shadowNpmInject.safeReadFile(poms[0], 'utf8'));
|
|
3713
3711
|
logger.logger.log('```');
|
|
3714
3712
|
logger.logger.success(`OK`);
|
|
3715
3713
|
} else if (out === '-') {
|
|
3716
|
-
|
|
3714
|
+
process.exitCode = 1;
|
|
3715
|
+
logger.logger.fail('Requested out target was stdout but there are multiple generated files');
|
|
3717
3716
|
poms.forEach(fn => logger.logger.error('-', fn));
|
|
3718
3717
|
logger.logger.error('Exiting now...');
|
|
3719
|
-
process.exitCode = 1;
|
|
3720
3718
|
return;
|
|
3721
3719
|
} else {
|
|
3722
3720
|
// if (verbose) {
|
|
@@ -3733,15 +3731,14 @@ async function convertSbtToMaven(target, bin, out, verbose, sbtOpts) {
|
|
|
3733
3731
|
logger.logger.success(`OK`);
|
|
3734
3732
|
}
|
|
3735
3733
|
} catch (e) {
|
|
3736
|
-
|
|
3734
|
+
process.exitCode = 1;
|
|
3735
|
+
spinner.stop();
|
|
3736
|
+
logger.logger.fail('There was an unexpected error while running this' + (verbose ? '' : ' (use --verbose for details)'));
|
|
3737
3737
|
if (verbose) {
|
|
3738
3738
|
logger.logger.group('[VERBOSE] error:');
|
|
3739
3739
|
logger.logger.log(e);
|
|
3740
3740
|
logger.logger.groupEnd();
|
|
3741
3741
|
}
|
|
3742
|
-
process.exitCode = 1;
|
|
3743
|
-
} finally {
|
|
3744
|
-
spinner.stop();
|
|
3745
3742
|
}
|
|
3746
3743
|
}
|
|
3747
3744
|
|
|
@@ -3849,7 +3846,7 @@ async function run$o(argv, importMeta, {
|
|
|
3849
3846
|
// options or missing arguments.
|
|
3850
3847
|
// https://www.gnu.org/software/bash/manual/html_node/Exit-Status.html
|
|
3851
3848
|
process.exitCode = 2;
|
|
3852
|
-
logger.logger.
|
|
3849
|
+
logger.logger.fail(commonTags.stripIndents`${colors.bgRed(colors.white('Input error'))}: Please provide the required fields:
|
|
3853
3850
|
|
|
3854
3851
|
- The DIR or FILE arg is required ${!target ? colors.red('(missing!)') : target === '-' ? colors.red('(stdin is not supported)') : colors.green('(ok)')}
|
|
3855
3852
|
|
|
@@ -4109,7 +4106,7 @@ async function run$m(argv, importMeta, {
|
|
|
4109
4106
|
// options or missing arguments.
|
|
4110
4107
|
// https://www.gnu.org/software/bash/manual/html_node/Exit-Status.html
|
|
4111
4108
|
process.exitCode = 2;
|
|
4112
|
-
logger.logger.
|
|
4109
|
+
logger.logger.fail(commonTags.stripIndents`${colors.bgRed(colors.white('Input error'))}: Please provide the required fields:
|
|
4113
4110
|
|
|
4114
4111
|
- The DIR arg is required ${!target ? colors.red('(missing!)') : target === '-' ? colors.red('(stdin is not supported)') : colors.green('(ok)')}
|
|
4115
4112
|
|
|
@@ -4184,12 +4181,11 @@ async function run$l(argv, importMeta, {
|
|
|
4184
4181
|
}
|
|
4185
4182
|
|
|
4186
4183
|
const {
|
|
4187
|
-
NPM: NPM$b
|
|
4188
|
-
SHADOW_BIN: SHADOW_BIN$1
|
|
4184
|
+
NPM: NPM$b
|
|
4189
4185
|
} = constants;
|
|
4190
4186
|
async function wrapNpm(argv) {
|
|
4191
|
-
// Lazily access constants.
|
|
4192
|
-
const shadowBin = require(
|
|
4187
|
+
// Lazily access constants.distShadowNpmBinPath.
|
|
4188
|
+
const shadowBin = require(constants.distShadowNpmBinPath);
|
|
4193
4189
|
await shadowBin(NPM$b, argv);
|
|
4194
4190
|
}
|
|
4195
4191
|
|
|
@@ -4230,12 +4226,11 @@ async function run$k(argv, importMeta, {
|
|
|
4230
4226
|
}
|
|
4231
4227
|
|
|
4232
4228
|
const {
|
|
4233
|
-
NPX: NPX$2
|
|
4234
|
-
SHADOW_BIN
|
|
4229
|
+
NPX: NPX$2
|
|
4235
4230
|
} = constants;
|
|
4236
4231
|
async function wrapNpx(argv) {
|
|
4237
|
-
// Lazily access constants.
|
|
4238
|
-
const shadowBin = require(
|
|
4232
|
+
// Lazily access constants.distShadowNpmBinPath.
|
|
4233
|
+
const shadowBin = require(constants.distShadowNpmBinPath);
|
|
4239
4234
|
await shadowBin(NPX$2, argv);
|
|
4240
4235
|
}
|
|
4241
4236
|
|
|
@@ -4398,8 +4393,8 @@ const readLockFileByAgent = (() => {
|
|
|
4398
4393
|
return undefined;
|
|
4399
4394
|
};
|
|
4400
4395
|
}
|
|
4401
|
-
const binaryReader = wrapReader(
|
|
4402
|
-
const defaultReader = wrapReader(async lockPath => await
|
|
4396
|
+
const binaryReader = wrapReader(shadowNpmInject.readFileBinary);
|
|
4397
|
+
const defaultReader = wrapReader(async lockPath => await shadowNpmInject.readFileUtf8(lockPath));
|
|
4403
4398
|
return {
|
|
4404
4399
|
[BUN$5]: wrapReader(async (lockPath, agentExecPath) => {
|
|
4405
4400
|
const ext = path.extname(lockPath);
|
|
@@ -4431,12 +4426,12 @@ async function detectPackageEnvironment({
|
|
|
4431
4426
|
cwd = process$1.cwd(),
|
|
4432
4427
|
onUnknown
|
|
4433
4428
|
} = {}) {
|
|
4434
|
-
let lockPath = await
|
|
4429
|
+
let lockPath = await shadowNpmInject.findUp(Object.keys(LOCKS), {
|
|
4435
4430
|
cwd
|
|
4436
4431
|
});
|
|
4437
4432
|
let lockName = lockPath ? path.basename(lockPath) : undefined;
|
|
4438
4433
|
const isHiddenLockFile = lockName === '.package-lock.json';
|
|
4439
|
-
const pkgJsonPath = lockPath ? path.resolve(lockPath, `${isHiddenLockFile ? '../' : ''}../package.json`) : await
|
|
4434
|
+
const pkgJsonPath = lockPath ? path.resolve(lockPath, `${isHiddenLockFile ? '../' : ''}../package.json`) : await shadowNpmInject.findUp('package.json', {
|
|
4440
4435
|
cwd
|
|
4441
4436
|
});
|
|
4442
4437
|
const pkgPath = pkgJsonPath && fs.existsSync(pkgJsonPath) ? path.dirname(pkgJsonPath) : undefined;
|
|
@@ -4548,36 +4543,36 @@ async function detectAndValidatePackageEnvironment(cwd, options) {
|
|
|
4548
4543
|
const details = await detectPackageEnvironment({
|
|
4549
4544
|
cwd,
|
|
4550
4545
|
onUnknown(pkgManager) {
|
|
4551
|
-
logger?.warn(
|
|
4546
|
+
logger?.warn(`${COMMAND_TITLE$2}: Unknown package manager${pkgManager ? ` ${pkgManager}` : ''}, defaulting to npm`);
|
|
4552
4547
|
}
|
|
4553
4548
|
});
|
|
4554
4549
|
if (!details.supported) {
|
|
4555
|
-
logger?.
|
|
4550
|
+
logger?.fail(`${COMMAND_TITLE$2}: No supported Node or browser range detected`);
|
|
4556
4551
|
return;
|
|
4557
4552
|
}
|
|
4558
4553
|
if (details.agent === VLT$4) {
|
|
4559
|
-
logger?.
|
|
4554
|
+
logger?.fail(`${COMMAND_TITLE$2}: ${details.agent} does not support overrides. Soon, though ⚡`);
|
|
4560
4555
|
return;
|
|
4561
4556
|
}
|
|
4562
4557
|
const lockName = details.lockName ?? 'lock file';
|
|
4563
4558
|
if (details.lockName === undefined || details.lockSrc === undefined) {
|
|
4564
|
-
logger?.
|
|
4559
|
+
logger?.fail(`${COMMAND_TITLE$2}: No ${lockName} found`);
|
|
4565
4560
|
return;
|
|
4566
4561
|
}
|
|
4567
4562
|
if (details.lockSrc.trim() === '') {
|
|
4568
|
-
logger?.
|
|
4563
|
+
logger?.fail(`${COMMAND_TITLE$2}: ${lockName} is empty`);
|
|
4569
4564
|
return;
|
|
4570
4565
|
}
|
|
4571
4566
|
if (details.pkgPath === undefined) {
|
|
4572
|
-
logger?.
|
|
4567
|
+
logger?.fail(`${COMMAND_TITLE$2}: No package.json found`);
|
|
4573
4568
|
return;
|
|
4574
4569
|
}
|
|
4575
4570
|
if (prod && (details.agent === BUN$4 || details.agent === YARN_BERRY$4)) {
|
|
4576
|
-
logger?.
|
|
4571
|
+
logger?.fail(`${COMMAND_TITLE$2}: --prod not supported for ${details.agent}${details.agentVersion ? `@${details.agentVersion.toString()}` : ''}`);
|
|
4577
4572
|
return;
|
|
4578
4573
|
}
|
|
4579
4574
|
if (details.lockPath && path.relative(cwd, details.lockPath).startsWith('.')) {
|
|
4580
|
-
logger?.warn(
|
|
4575
|
+
logger?.warn(`${COMMAND_TITLE$2}: Package ${lockName} found at ${details.lockPath}`);
|
|
4581
4576
|
}
|
|
4582
4577
|
return details;
|
|
4583
4578
|
}
|
|
@@ -4681,7 +4676,7 @@ async function getWorkspaceGlobs(agent, pkgPath, pkgJson) {
|
|
|
4681
4676
|
if (agent === PNPM$4) {
|
|
4682
4677
|
for (const workspacePath of [path.join(pkgPath, `${PNPM_WORKSPACE}.yaml`), path.join(pkgPath, `${PNPM_WORKSPACE}.yml`)]) {
|
|
4683
4678
|
// eslint-disable-next-line no-await-in-loop
|
|
4684
|
-
const yml = await
|
|
4679
|
+
const yml = await shadowNpmInject.safeReadFile(workspacePath, 'utf8');
|
|
4685
4680
|
if (yml) {
|
|
4686
4681
|
try {
|
|
4687
4682
|
workspacePatterns = yaml.parse(yml)?.packages;
|
|
@@ -5026,8 +5021,8 @@ function safeNpmInstall(options) {
|
|
|
5026
5021
|
constants.execPath, [
|
|
5027
5022
|
// Lazily access constants.nodeNoWarningsFlags.
|
|
5028
5023
|
...constants.nodeNoWarningsFlags, '--require',
|
|
5029
|
-
// Lazily access constants.
|
|
5030
|
-
constants.
|
|
5024
|
+
// Lazily access constants.distShadowNpmInjectPath.
|
|
5025
|
+
constants.distShadowNpmInjectPath, shadowNpmPaths.getNpmBinPath(), 'install',
|
|
5031
5026
|
// Even though the '--silent' flag is passed npm will still run through
|
|
5032
5027
|
// code paths for 'audit' and 'fund' unless '--no-audit' and '--no-fund'
|
|
5033
5028
|
// flags are passed.
|
|
@@ -5114,7 +5109,7 @@ async function updatePackageLockJson(pkgEnvDetails, options) {
|
|
|
5114
5109
|
}
|
|
5115
5110
|
} catch (e) {
|
|
5116
5111
|
spinner?.stop();
|
|
5117
|
-
logger?.
|
|
5112
|
+
logger?.fail(`${COMMAND_TITLE$1}: ${pkgEnvDetails.agent} install failed to update ${pkgEnvDetails.lockName}`);
|
|
5118
5113
|
logger?.error(e);
|
|
5119
5114
|
}
|
|
5120
5115
|
}
|
|
@@ -5214,7 +5209,7 @@ async function addOverrides(pkgPath, pkgEnvDetails, options) {
|
|
|
5214
5209
|
const isWorkspace = !!workspaceGlobs;
|
|
5215
5210
|
if (isWorkspace && agent === PNPM && npmExecPath === NPM$1 && !state.warnedPnpmWorkspaceRequiresNpm) {
|
|
5216
5211
|
state.warnedPnpmWorkspaceRequiresNpm = true;
|
|
5217
|
-
logger?.warn(
|
|
5212
|
+
logger?.warn(`${COMMAND_TITLE}: pnpm workspace support requires \`npm ls\`, falling back to \`pnpm list\``);
|
|
5218
5213
|
}
|
|
5219
5214
|
const thingToScan = isLockScanned ? lockSrc : await lsByAgent[agent](agentExecPath, pkgPath, {
|
|
5220
5215
|
npmExecPath
|
|
@@ -5405,9 +5400,9 @@ async function run$h(argv, importMeta, {
|
|
|
5405
5400
|
}
|
|
5406
5401
|
|
|
5407
5402
|
async function getOrganization(format = 'text') {
|
|
5408
|
-
const apiToken =
|
|
5403
|
+
const apiToken = shadowNpmInject.getDefaultToken();
|
|
5409
5404
|
if (!apiToken) {
|
|
5410
|
-
throw new
|
|
5405
|
+
throw new shadowNpmInject.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
|
|
5411
5406
|
}
|
|
5412
5407
|
await printOrganizationsFromToken(apiToken, format);
|
|
5413
5408
|
}
|
|
@@ -5417,10 +5412,10 @@ async function printOrganizationsFromToken(apiToken, format = 'text') {
|
|
|
5417
5412
|
spinner
|
|
5418
5413
|
} = constants;
|
|
5419
5414
|
spinner.start('Fetching organizations...');
|
|
5420
|
-
const socketSdk = await
|
|
5415
|
+
const socketSdk = await shadowNpmInject.setupSdk(apiToken);
|
|
5421
5416
|
const result = await handleApiCall(socketSdk.getOrganizations(), 'looking up organizations');
|
|
5422
5417
|
if (!result.success) {
|
|
5423
|
-
handleUnsuccessfulApiResponse('getOrganizations', result
|
|
5418
|
+
handleUnsuccessfulApiResponse('getOrganizations', result);
|
|
5424
5419
|
return;
|
|
5425
5420
|
}
|
|
5426
5421
|
spinner.stop();
|
|
@@ -5511,7 +5506,7 @@ async function run$g(argv, importMeta, {
|
|
|
5511
5506
|
// options or missing arguments.
|
|
5512
5507
|
// https://www.gnu.org/software/bash/manual/html_node/Exit-Status.html
|
|
5513
5508
|
process.exitCode = 2;
|
|
5514
|
-
logger.logger.
|
|
5509
|
+
logger.logger.fail(commonTags.stripIndents`
|
|
5515
5510
|
${colors.bgRed(colors.white('Input error'))}: Please provide the required fields:
|
|
5516
5511
|
|
|
5517
5512
|
- The json and markdown flags cannot be both set, pick one
|
|
@@ -5526,7 +5521,7 @@ ${colors.bgRed(colors.white('Input error'))}: Please provide the required fields
|
|
|
5526
5521
|
}
|
|
5527
5522
|
|
|
5528
5523
|
async function runRawNpm(argv) {
|
|
5529
|
-
const spawnPromise = spawn.spawn(
|
|
5524
|
+
const spawnPromise = spawn.spawn(shadowNpmPaths.getNpmBinPath(), argv, {
|
|
5530
5525
|
stdio: 'inherit'
|
|
5531
5526
|
});
|
|
5532
5527
|
// See https://nodejs.org/api/all.html#all_child_process_event-exit.
|
|
@@ -5580,7 +5575,7 @@ async function run$f(argv, importMeta, {
|
|
|
5580
5575
|
}
|
|
5581
5576
|
|
|
5582
5577
|
async function runRawNpx(argv) {
|
|
5583
|
-
const spawnPromise = spawn.spawn(
|
|
5578
|
+
const spawnPromise = spawn.spawn(shadowNpmPaths.getNpxBinPath(), argv, {
|
|
5584
5579
|
stdio: 'inherit'
|
|
5585
5580
|
});
|
|
5586
5581
|
// See https://nodejs.org/api/all.html#all_child_process_event-exit.
|
|
@@ -5644,16 +5639,16 @@ async function createReport(socketConfig, inputPaths, {
|
|
|
5644
5639
|
const {
|
|
5645
5640
|
spinner
|
|
5646
5641
|
} = constants;
|
|
5647
|
-
const socketSdk = await
|
|
5642
|
+
const socketSdk = await shadowNpmInject.setupSdk();
|
|
5648
5643
|
const supportedFiles = await socketSdk.getReportSupportedFiles().then(res => {
|
|
5649
|
-
if (!res.success) handleUnsuccessfulApiResponse('getReportSupportedFiles', res
|
|
5644
|
+
if (!res.success) handleUnsuccessfulApiResponse('getReportSupportedFiles', res);
|
|
5650
5645
|
return res.data;
|
|
5651
5646
|
}).catch(cause => {
|
|
5652
5647
|
throw new Error('Failed getting supported files for report', {
|
|
5653
5648
|
cause
|
|
5654
5649
|
});
|
|
5655
5650
|
});
|
|
5656
|
-
const packagePaths = await
|
|
5651
|
+
const packagePaths = await shadowNpmPaths.getPackageFilesFullScans(cwd, inputPaths, supportedFiles, socketConfig);
|
|
5657
5652
|
const packagePathsCount = packagePaths.length;
|
|
5658
5653
|
if (packagePathsCount && debug.isDebug()) {
|
|
5659
5654
|
for (const pkgPath of packagePaths) {
|
|
@@ -5668,7 +5663,7 @@ async function createReport(socketConfig, inputPaths, {
|
|
|
5668
5663
|
const apiCall = socketSdk.createReportFromFilePaths(packagePaths, cwd, socketConfig?.issueRules);
|
|
5669
5664
|
const result = await handleApiCall(apiCall, 'creating report');
|
|
5670
5665
|
if (!result.success) {
|
|
5671
|
-
handleUnsuccessfulApiResponse('createReport', result
|
|
5666
|
+
handleUnsuccessfulApiResponse('createReport', result);
|
|
5672
5667
|
return undefined;
|
|
5673
5668
|
}
|
|
5674
5669
|
spinner.successAndStop();
|
|
@@ -5686,7 +5681,7 @@ async function getSocketConfig(absoluteConfigPath) {
|
|
|
5686
5681
|
errors: cause.validationErrors,
|
|
5687
5682
|
schema: cause.schema
|
|
5688
5683
|
});
|
|
5689
|
-
throw new
|
|
5684
|
+
throw new shadowNpmInject.InputError('The socket.yml config is not valid', betterErrors.map(err => `[${err.path}] ${err.message}.${err.suggestion ? err.suggestion : ''}`).join('\n'));
|
|
5690
5685
|
} else {
|
|
5691
5686
|
throw new Error('Failed to read socket.yml config', {
|
|
5692
5687
|
cause
|
|
@@ -5704,7 +5699,7 @@ async function fetchReportData(reportId, includeAllIssues, strict) {
|
|
|
5704
5699
|
spinner
|
|
5705
5700
|
} = constants;
|
|
5706
5701
|
spinner.start(`Fetching report with ID ${reportId} (this could take a while)`);
|
|
5707
|
-
const socketSdk = await
|
|
5702
|
+
const socketSdk = await shadowNpmInject.setupSdk();
|
|
5708
5703
|
let result;
|
|
5709
5704
|
for (let retry = 1; !result; ++retry) {
|
|
5710
5705
|
try {
|
|
@@ -5718,7 +5713,7 @@ async function fetchReportData(reportId, includeAllIssues, strict) {
|
|
|
5718
5713
|
}
|
|
5719
5714
|
}
|
|
5720
5715
|
if (!result.success) {
|
|
5721
|
-
return handleUnsuccessfulApiResponse('getReport', result
|
|
5716
|
+
return handleUnsuccessfulApiResponse('getReport', result);
|
|
5722
5717
|
}
|
|
5723
5718
|
|
|
5724
5719
|
// Conclude the status of the API call.
|
|
@@ -5743,7 +5738,7 @@ function formatReportDataOutput(reportId, data, commandName, outputJson, outputM
|
|
|
5743
5738
|
if (outputJson) {
|
|
5744
5739
|
logger.logger.log(JSON.stringify(data, undefined, 2));
|
|
5745
5740
|
} else {
|
|
5746
|
-
const format = new
|
|
5741
|
+
const format = new shadowNpmInject.ColorOrMarkdown(outputMarkdown);
|
|
5747
5742
|
logger.logger.log(commonTags.stripIndents`
|
|
5748
5743
|
Detailed info on socket.dev: ${format.hyperlink(reportId, data.url, {
|
|
5749
5744
|
fallbackToUrl: true
|
|
@@ -5847,7 +5842,7 @@ async function run$d(argv, importMeta, {
|
|
|
5847
5842
|
} else if (json) {
|
|
5848
5843
|
logger.logger.log(JSON.stringify(result.data, undefined, 2));
|
|
5849
5844
|
} else {
|
|
5850
|
-
const format = new
|
|
5845
|
+
const format = new shadowNpmInject.ColorOrMarkdown(markdown);
|
|
5851
5846
|
logger.logger.log(`New report: ${format.hyperlink(result.data.id, result.data.url, {
|
|
5852
5847
|
fallbackToUrl: true
|
|
5853
5848
|
})}`);
|
|
@@ -5894,7 +5889,7 @@ async function run$c(argv, importMeta, {
|
|
|
5894
5889
|
// options or missing arguments.
|
|
5895
5890
|
// https://www.gnu.org/software/bash/manual/html_node/Exit-Status.html
|
|
5896
5891
|
process.exitCode = 2;
|
|
5897
|
-
logger.logger.
|
|
5892
|
+
logger.logger.fail(commonTags.stripIndents`${colors.bgRed(colors.white('Input error'))}: Please provide the required fields:
|
|
5898
5893
|
|
|
5899
5894
|
- Need at least one report ID ${!reportId ? colors.red('(missing!)') : colors.green('(ok)')}
|
|
5900
5895
|
|
|
@@ -5935,13 +5930,33 @@ const cmdReport = {
|
|
|
5935
5930
|
};
|
|
5936
5931
|
|
|
5937
5932
|
async function createRepo({
|
|
5933
|
+
default_branch,
|
|
5934
|
+
description,
|
|
5935
|
+
homepage,
|
|
5936
|
+
orgSlug,
|
|
5937
|
+
repoName,
|
|
5938
|
+
visibility
|
|
5939
|
+
}) {
|
|
5940
|
+
const apiToken = shadowNpmInject.getDefaultToken();
|
|
5941
|
+
if (!apiToken) {
|
|
5942
|
+
throw new shadowNpmInject.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
|
|
5943
|
+
}
|
|
5944
|
+
await createRepoWithToken({
|
|
5945
|
+
apiToken,
|
|
5946
|
+
default_branch,
|
|
5947
|
+
description,
|
|
5948
|
+
homepage,
|
|
5949
|
+
orgSlug,
|
|
5950
|
+
repoName,
|
|
5951
|
+
visibility
|
|
5952
|
+
});
|
|
5953
|
+
}
|
|
5954
|
+
async function createRepoWithToken({
|
|
5938
5955
|
apiToken,
|
|
5939
5956
|
default_branch,
|
|
5940
5957
|
description,
|
|
5941
5958
|
homepage,
|
|
5942
5959
|
orgSlug,
|
|
5943
|
-
outputJson,
|
|
5944
|
-
outputMarkdown,
|
|
5945
5960
|
repoName,
|
|
5946
5961
|
visibility
|
|
5947
5962
|
}) {
|
|
@@ -5950,22 +5965,19 @@ async function createRepo({
|
|
|
5950
5965
|
spinner
|
|
5951
5966
|
} = constants;
|
|
5952
5967
|
spinner.start('Creating repository...');
|
|
5953
|
-
const socketSdk = await
|
|
5968
|
+
const socketSdk = await shadowNpmInject.setupSdk(apiToken);
|
|
5954
5969
|
const result = await handleApiCall(socketSdk.createOrgRepo(orgSlug, {
|
|
5955
|
-
outputJson,
|
|
5956
|
-
outputMarkdown,
|
|
5957
|
-
orgSlug,
|
|
5958
5970
|
name: repoName,
|
|
5959
5971
|
description,
|
|
5960
5972
|
homepage,
|
|
5961
5973
|
default_branch,
|
|
5962
5974
|
visibility
|
|
5963
5975
|
}), 'creating repository');
|
|
5964
|
-
if (result.success) {
|
|
5965
|
-
|
|
5966
|
-
|
|
5967
|
-
handleUnsuccessfulApiResponse('createOrgRepo', result, spinner);
|
|
5976
|
+
if (!result.success) {
|
|
5977
|
+
handleUnsuccessfulApiResponse('createOrgRepo', result);
|
|
5978
|
+
return;
|
|
5968
5979
|
}
|
|
5980
|
+
spinner.successAndStop('Repository created successfully');
|
|
5969
5981
|
}
|
|
5970
5982
|
|
|
5971
5983
|
const {
|
|
@@ -5977,7 +5989,6 @@ const config$b = {
|
|
|
5977
5989
|
hidden: false,
|
|
5978
5990
|
flags: {
|
|
5979
5991
|
...commonFlags,
|
|
5980
|
-
...outputFlags,
|
|
5981
5992
|
repoName: {
|
|
5982
5993
|
type: 'string',
|
|
5983
5994
|
shortFlag: 'n',
|
|
@@ -6041,7 +6052,7 @@ async function run$b(argv, importMeta, {
|
|
|
6041
6052
|
// options or missing arguments.
|
|
6042
6053
|
// https://www.gnu.org/software/bash/manual/html_node/Exit-Status.html
|
|
6043
6054
|
process.exitCode = 2;
|
|
6044
|
-
logger.logger.
|
|
6055
|
+
logger.logger.fail(commonTags.stripIndents`${colors.bgRed(colors.white('Input error'))}: Please provide the required fields:
|
|
6045
6056
|
|
|
6046
6057
|
- Org name as the first argument ${!orgSlug ? colors.red('(missing!)') : colors.green('(ok)')}
|
|
6047
6058
|
|
|
@@ -6052,36 +6063,36 @@ async function run$b(argv, importMeta, {
|
|
|
6052
6063
|
logger.logger.log(DRY_RUN_BAIL_TEXT$b);
|
|
6053
6064
|
return;
|
|
6054
6065
|
}
|
|
6055
|
-
const apiToken = index.getDefaultToken();
|
|
6056
|
-
if (!apiToken) {
|
|
6057
|
-
throw new index.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
|
|
6058
|
-
}
|
|
6059
6066
|
await createRepo({
|
|
6060
|
-
outputJson: Boolean(cli.flags['json']),
|
|
6061
|
-
outputMarkdown: Boolean(cli.flags['markdown']),
|
|
6062
6067
|
orgSlug,
|
|
6063
6068
|
repoName,
|
|
6064
6069
|
description: String(cli.flags['repoDescription'] || ''),
|
|
6065
6070
|
homepage: String(cli.flags['homepage'] || ''),
|
|
6066
6071
|
default_branch: String(cli.flags['defaultBranch'] || ''),
|
|
6067
|
-
visibility: String(cli.flags['visibility'] || 'private')
|
|
6068
|
-
apiToken
|
|
6072
|
+
visibility: String(cli.flags['visibility'] || 'private')
|
|
6069
6073
|
});
|
|
6070
6074
|
}
|
|
6071
6075
|
|
|
6072
|
-
async function deleteRepo(orgSlug, repoName
|
|
6076
|
+
async function deleteRepo(orgSlug, repoName) {
|
|
6077
|
+
const apiToken = shadowNpmInject.getDefaultToken();
|
|
6078
|
+
if (!apiToken) {
|
|
6079
|
+
throw new shadowNpmInject.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
|
|
6080
|
+
}
|
|
6081
|
+
await deleteRepoWithToken(orgSlug, repoName, apiToken);
|
|
6082
|
+
}
|
|
6083
|
+
async function deleteRepoWithToken(orgSlug, repoName, apiToken) {
|
|
6073
6084
|
// Lazily access constants.spinner.
|
|
6074
6085
|
const {
|
|
6075
6086
|
spinner
|
|
6076
6087
|
} = constants;
|
|
6077
6088
|
spinner.start('Deleting repository...');
|
|
6078
|
-
const socketSdk = await
|
|
6089
|
+
const socketSdk = await shadowNpmInject.setupSdk(apiToken);
|
|
6079
6090
|
const result = await handleApiCall(socketSdk.deleteOrgRepo(orgSlug, repoName), 'deleting repository');
|
|
6080
|
-
if (result.success) {
|
|
6081
|
-
|
|
6082
|
-
|
|
6083
|
-
handleUnsuccessfulApiResponse('deleteOrgRepo', result, spinner);
|
|
6091
|
+
if (!result.success) {
|
|
6092
|
+
handleUnsuccessfulApiResponse('deleteOrgRepo', result);
|
|
6093
|
+
return;
|
|
6084
6094
|
}
|
|
6095
|
+
spinner.successAndStop('Repository deleted successfully');
|
|
6085
6096
|
}
|
|
6086
6097
|
|
|
6087
6098
|
const {
|
|
@@ -6125,7 +6136,7 @@ async function run$a(argv, importMeta, {
|
|
|
6125
6136
|
// options or missing arguments.
|
|
6126
6137
|
// https://www.gnu.org/software/bash/manual/html_node/Exit-Status.html
|
|
6127
6138
|
process.exitCode = 2;
|
|
6128
|
-
logger.logger.
|
|
6139
|
+
logger.logger.fail(commonTags.stripIndents`${colors.bgRed(colors.white('Input error'))}: Please provide the required fields:
|
|
6129
6140
|
|
|
6130
6141
|
- Org name as the first argument ${!orgSlug ? colors.red('(missing!)') : colors.green('(ok)')}
|
|
6131
6142
|
|
|
@@ -6138,20 +6149,37 @@ async function run$a(argv, importMeta, {
|
|
|
6138
6149
|
logger.logger.log(DRY_RUN_BAIL_TEXT$a);
|
|
6139
6150
|
return;
|
|
6140
6151
|
}
|
|
6141
|
-
|
|
6142
|
-
if (!apiToken) {
|
|
6143
|
-
throw new index.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
|
|
6144
|
-
}
|
|
6145
|
-
await deleteRepo(orgSlug, repoName, apiToken);
|
|
6152
|
+
await deleteRepo(orgSlug, repoName);
|
|
6146
6153
|
}
|
|
6147
6154
|
|
|
6148
6155
|
// @ts-ignore
|
|
6149
6156
|
async function listRepos({
|
|
6157
|
+
direction,
|
|
6158
|
+
orgSlug,
|
|
6159
|
+
outputKind,
|
|
6160
|
+
page,
|
|
6161
|
+
per_page,
|
|
6162
|
+
sort
|
|
6163
|
+
}) {
|
|
6164
|
+
const apiToken = shadowNpmInject.getDefaultToken();
|
|
6165
|
+
if (!apiToken) {
|
|
6166
|
+
throw new shadowNpmInject.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
|
|
6167
|
+
}
|
|
6168
|
+
await listReposWithToken({
|
|
6169
|
+
apiToken,
|
|
6170
|
+
direction,
|
|
6171
|
+
orgSlug,
|
|
6172
|
+
outputKind,
|
|
6173
|
+
page,
|
|
6174
|
+
per_page,
|
|
6175
|
+
sort
|
|
6176
|
+
});
|
|
6177
|
+
}
|
|
6178
|
+
async function listReposWithToken({
|
|
6150
6179
|
apiToken,
|
|
6151
6180
|
direction,
|
|
6152
6181
|
orgSlug,
|
|
6153
|
-
|
|
6154
|
-
outputMarkdown,
|
|
6182
|
+
outputKind,
|
|
6155
6183
|
page,
|
|
6156
6184
|
per_page,
|
|
6157
6185
|
sort
|
|
@@ -6160,23 +6188,20 @@ async function listRepos({
|
|
|
6160
6188
|
const {
|
|
6161
6189
|
spinner
|
|
6162
6190
|
} = constants;
|
|
6163
|
-
spinner.start('
|
|
6164
|
-
const socketSdk = await
|
|
6191
|
+
spinner.start('Fetching list of repositories...');
|
|
6192
|
+
const socketSdk = await shadowNpmInject.setupSdk(apiToken);
|
|
6165
6193
|
const result = await handleApiCall(socketSdk.getOrgRepoList(orgSlug, {
|
|
6166
|
-
outputJson,
|
|
6167
|
-
outputMarkdown,
|
|
6168
|
-
orgSlug,
|
|
6169
6194
|
sort,
|
|
6170
6195
|
direction,
|
|
6171
6196
|
per_page,
|
|
6172
6197
|
page
|
|
6173
6198
|
}), 'listing repositories');
|
|
6174
6199
|
if (!result.success) {
|
|
6175
|
-
handleUnsuccessfulApiResponse('getOrgRepoList', result
|
|
6200
|
+
handleUnsuccessfulApiResponse('getOrgRepoList', result);
|
|
6176
6201
|
return;
|
|
6177
6202
|
}
|
|
6178
|
-
spinner.stop();
|
|
6179
|
-
if (
|
|
6203
|
+
spinner.stop('Fetch complete.');
|
|
6204
|
+
if (outputKind === 'json') {
|
|
6180
6205
|
const data = result.data.results.map(o => ({
|
|
6181
6206
|
id: o.id,
|
|
6182
6207
|
name: o.name,
|
|
@@ -6273,7 +6298,7 @@ async function run$9(argv, importMeta, {
|
|
|
6273
6298
|
// options or missing arguments.
|
|
6274
6299
|
// https://www.gnu.org/software/bash/manual/html_node/Exit-Status.html
|
|
6275
6300
|
process.exitCode = 2;
|
|
6276
|
-
logger.logger.
|
|
6301
|
+
logger.logger.fail(commonTags.stripIndents`${colors.bgRed(colors.white('Input error'))}: Please provide the required fields:
|
|
6277
6302
|
|
|
6278
6303
|
- Org name as the first argument ${!orgSlug ? colors.red('(missing!)') : colors.green('(ok)')}
|
|
6279
6304
|
|
|
@@ -6284,30 +6309,44 @@ async function run$9(argv, importMeta, {
|
|
|
6284
6309
|
logger.logger.log(DRY_RUN_BAIL_TEXT$9);
|
|
6285
6310
|
return;
|
|
6286
6311
|
}
|
|
6287
|
-
const apiToken = index.getDefaultToken();
|
|
6288
|
-
if (!apiToken) {
|
|
6289
|
-
throw new index.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
|
|
6290
|
-
}
|
|
6291
6312
|
await listRepos({
|
|
6292
|
-
apiToken,
|
|
6293
|
-
outputJson: Boolean(cli.flags['json']),
|
|
6294
|
-
outputMarkdown: Boolean(cli.flags['markdown']),
|
|
6295
|
-
orgSlug,
|
|
6296
|
-
sort: String(cli.flags['sort'] || 'created_at'),
|
|
6297
6313
|
direction: cli.flags['direction'] === 'asc' ? 'asc' : 'desc',
|
|
6314
|
+
orgSlug,
|
|
6315
|
+
outputKind: cli.flags['json'] ? 'json' : cli.flags['markdown'] ? 'markdown' : 'print',
|
|
6298
6316
|
page: Number(cli.flags['page']) || 1,
|
|
6299
|
-
per_page: Number(cli.flags['perPage']) || 30
|
|
6317
|
+
per_page: Number(cli.flags['perPage']) || 30,
|
|
6318
|
+
sort: String(cli.flags['sort'] || 'created_at')
|
|
6300
6319
|
});
|
|
6301
6320
|
}
|
|
6302
6321
|
|
|
6303
6322
|
async function updateRepo({
|
|
6323
|
+
default_branch,
|
|
6324
|
+
description,
|
|
6325
|
+
homepage,
|
|
6326
|
+
orgSlug,
|
|
6327
|
+
repoName,
|
|
6328
|
+
visibility
|
|
6329
|
+
}) {
|
|
6330
|
+
const apiToken = shadowNpmInject.getDefaultToken();
|
|
6331
|
+
if (!apiToken) {
|
|
6332
|
+
throw new shadowNpmInject.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
|
|
6333
|
+
}
|
|
6334
|
+
await updateRepoWithToken({
|
|
6335
|
+
apiToken,
|
|
6336
|
+
default_branch,
|
|
6337
|
+
description,
|
|
6338
|
+
homepage,
|
|
6339
|
+
orgSlug,
|
|
6340
|
+
repoName,
|
|
6341
|
+
visibility
|
|
6342
|
+
});
|
|
6343
|
+
}
|
|
6344
|
+
async function updateRepoWithToken({
|
|
6304
6345
|
apiToken,
|
|
6305
6346
|
default_branch,
|
|
6306
6347
|
description,
|
|
6307
6348
|
homepage,
|
|
6308
6349
|
orgSlug,
|
|
6309
|
-
outputJson,
|
|
6310
|
-
outputMarkdown,
|
|
6311
6350
|
repoName,
|
|
6312
6351
|
visibility
|
|
6313
6352
|
}) {
|
|
@@ -6316,10 +6355,8 @@ async function updateRepo({
|
|
|
6316
6355
|
spinner
|
|
6317
6356
|
} = constants;
|
|
6318
6357
|
spinner.start('Updating repository...');
|
|
6319
|
-
const socketSdk = await
|
|
6358
|
+
const socketSdk = await shadowNpmInject.setupSdk(apiToken);
|
|
6320
6359
|
const result = await handleApiCall(socketSdk.updateOrgRepo(orgSlug, repoName, {
|
|
6321
|
-
outputJson,
|
|
6322
|
-
outputMarkdown,
|
|
6323
6360
|
orgSlug,
|
|
6324
6361
|
name: repoName,
|
|
6325
6362
|
description,
|
|
@@ -6327,11 +6364,11 @@ async function updateRepo({
|
|
|
6327
6364
|
default_branch,
|
|
6328
6365
|
visibility
|
|
6329
6366
|
}), 'updating repository');
|
|
6330
|
-
if (result.success) {
|
|
6331
|
-
|
|
6332
|
-
|
|
6333
|
-
handleUnsuccessfulApiResponse('updateOrgRepo', result, spinner);
|
|
6367
|
+
if (!result.success) {
|
|
6368
|
+
handleUnsuccessfulApiResponse('updateOrgRepo', result);
|
|
6369
|
+
return;
|
|
6334
6370
|
}
|
|
6371
|
+
spinner.successAndStop('Repository updated successfully');
|
|
6335
6372
|
}
|
|
6336
6373
|
|
|
6337
6374
|
const {
|
|
@@ -6343,7 +6380,6 @@ const config$8 = {
|
|
|
6343
6380
|
hidden: false,
|
|
6344
6381
|
flags: {
|
|
6345
6382
|
...commonFlags,
|
|
6346
|
-
...outputFlags,
|
|
6347
6383
|
repoName: {
|
|
6348
6384
|
type: 'string',
|
|
6349
6385
|
shortFlag: 'n',
|
|
@@ -6407,7 +6443,7 @@ async function run$8(argv, importMeta, {
|
|
|
6407
6443
|
// options or missing arguments.
|
|
6408
6444
|
// https://www.gnu.org/software/bash/manual/html_node/Exit-Status.html
|
|
6409
6445
|
process.exitCode = 2;
|
|
6410
|
-
logger.logger.
|
|
6446
|
+
logger.logger.fail(commonTags.stripIndents`${colors.bgRed(colors.white('Input error'))}: Please provide the required fields:
|
|
6411
6447
|
|
|
6412
6448
|
- Org name as the first argument ${!orgSlug ? colors.red('(missing!)') : colors.green('(ok)')}
|
|
6413
6449
|
|
|
@@ -6420,14 +6456,7 @@ async function run$8(argv, importMeta, {
|
|
|
6420
6456
|
logger.logger.log(DRY_RUN_BAIL_TEXT$8);
|
|
6421
6457
|
return;
|
|
6422
6458
|
}
|
|
6423
|
-
const apiToken = index.getDefaultToken();
|
|
6424
|
-
if (!apiToken) {
|
|
6425
|
-
throw new index.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
|
|
6426
|
-
}
|
|
6427
6459
|
await updateRepo({
|
|
6428
|
-
apiToken,
|
|
6429
|
-
outputJson: Boolean(cli.flags['json']),
|
|
6430
|
-
outputMarkdown: Boolean(cli.flags['markdown']),
|
|
6431
6460
|
orgSlug,
|
|
6432
6461
|
repoName,
|
|
6433
6462
|
description: String(cli.flags['repoDescription'] || ''),
|
|
@@ -6438,16 +6467,45 @@ async function run$8(argv, importMeta, {
|
|
|
6438
6467
|
}
|
|
6439
6468
|
|
|
6440
6469
|
// @ts-ignore
|
|
6441
|
-
async function viewRepo(orgSlug, repoName,
|
|
6470
|
+
async function viewRepo(orgSlug, repoName, outputKind) {
|
|
6471
|
+
const apiToken = shadowNpmInject.getDefaultToken();
|
|
6472
|
+
if (!apiToken) {
|
|
6473
|
+
throw new shadowNpmInject.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
|
|
6474
|
+
}
|
|
6475
|
+
await viewRepoWithToken(orgSlug, repoName, apiToken, outputKind);
|
|
6476
|
+
}
|
|
6477
|
+
async function viewRepoWithToken(orgSlug, repoName, apiToken, outputKind) {
|
|
6442
6478
|
// Lazily access constants.spinner.
|
|
6443
6479
|
const {
|
|
6444
6480
|
spinner
|
|
6445
6481
|
} = constants;
|
|
6446
|
-
spinner.start('Fetching repository...');
|
|
6447
|
-
const socketSdk = await
|
|
6482
|
+
spinner.start('Fetching repository data...');
|
|
6483
|
+
const socketSdk = await shadowNpmInject.setupSdk(apiToken);
|
|
6448
6484
|
const result = await handleApiCall(socketSdk.getOrgRepo(orgSlug, repoName), 'fetching repository');
|
|
6449
6485
|
if (!result.success) {
|
|
6450
|
-
handleUnsuccessfulApiResponse('getOrgRepo', result
|
|
6486
|
+
handleUnsuccessfulApiResponse('getOrgRepo', result);
|
|
6487
|
+
return;
|
|
6488
|
+
}
|
|
6489
|
+
spinner.stop('Fetched repository data.');
|
|
6490
|
+
if (outputKind === 'json') {
|
|
6491
|
+
const {
|
|
6492
|
+
archived,
|
|
6493
|
+
created_at,
|
|
6494
|
+
default_branch,
|
|
6495
|
+
homepage,
|
|
6496
|
+
id,
|
|
6497
|
+
name,
|
|
6498
|
+
visibility
|
|
6499
|
+
} = result.data;
|
|
6500
|
+
logger.logger.log(JSON.stringify({
|
|
6501
|
+
id,
|
|
6502
|
+
name,
|
|
6503
|
+
visibility,
|
|
6504
|
+
default_branch,
|
|
6505
|
+
homepage,
|
|
6506
|
+
archived,
|
|
6507
|
+
created_at
|
|
6508
|
+
}, null, 2));
|
|
6451
6509
|
return;
|
|
6452
6510
|
}
|
|
6453
6511
|
const options = {
|
|
@@ -6474,7 +6532,7 @@ async function viewRepo(orgSlug, repoName, apiToken) {
|
|
|
6474
6532
|
name: colors.magenta('Created at')
|
|
6475
6533
|
}]
|
|
6476
6534
|
};
|
|
6477
|
-
|
|
6535
|
+
logger.logger.log(chalkTable(options, [result.data]));
|
|
6478
6536
|
}
|
|
6479
6537
|
|
|
6480
6538
|
const {
|
|
@@ -6486,7 +6544,12 @@ const config$7 = {
|
|
|
6486
6544
|
hidden: false,
|
|
6487
6545
|
flags: {
|
|
6488
6546
|
...commonFlags,
|
|
6489
|
-
...outputFlags
|
|
6547
|
+
...outputFlags,
|
|
6548
|
+
repoName: {
|
|
6549
|
+
description: 'The repository to check',
|
|
6550
|
+
default: '',
|
|
6551
|
+
type: 'string'
|
|
6552
|
+
}
|
|
6490
6553
|
},
|
|
6491
6554
|
help: (command, config) => `
|
|
6492
6555
|
Usage
|
|
@@ -6520,7 +6583,7 @@ async function run$7(argv, importMeta, {
|
|
|
6520
6583
|
// options or missing arguments.
|
|
6521
6584
|
// https://www.gnu.org/software/bash/manual/html_node/Exit-Status.html
|
|
6522
6585
|
process.exitCode = 2;
|
|
6523
|
-
logger.logger.
|
|
6586
|
+
logger.logger.fail(commonTags.stripIndents`
|
|
6524
6587
|
${colors.bgRed(colors.white('Input error'))}: Please provide the required fields:
|
|
6525
6588
|
|
|
6526
6589
|
- Org name as the first argument ${!orgSlug ? colors.red('(missing!)') : colors.green('(ok)')}
|
|
@@ -6533,11 +6596,7 @@ async function run$7(argv, importMeta, {
|
|
|
6533
6596
|
logger.logger.log(DRY_RUN_BAIL_TEXT$7);
|
|
6534
6597
|
return;
|
|
6535
6598
|
}
|
|
6536
|
-
|
|
6537
|
-
if (!apiToken) {
|
|
6538
|
-
throw new index.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
|
|
6539
|
-
}
|
|
6540
|
-
await viewRepo(orgSlug, repoName, apiToken);
|
|
6599
|
+
await viewRepo(orgSlug, repoName, cli.flags['json'] ? 'json' : cli.flags['markdown'] ? 'markdown' : 'print');
|
|
6541
6600
|
}
|
|
6542
6601
|
|
|
6543
6602
|
const description$1 = 'Repositories related commands';
|
|
@@ -6722,10 +6781,10 @@ async function createFullScan({
|
|
|
6722
6781
|
const {
|
|
6723
6782
|
spinner
|
|
6724
6783
|
} = constants;
|
|
6725
|
-
const socketSdk = await
|
|
6784
|
+
const socketSdk = await shadowNpmInject.setupSdk();
|
|
6726
6785
|
const supportedFiles = await socketSdk.getReportSupportedFiles().then(res => {
|
|
6727
6786
|
if (!res.success) {
|
|
6728
|
-
handleUnsuccessfulApiResponse('getReportSupportedFiles', res
|
|
6787
|
+
handleUnsuccessfulApiResponse('getReportSupportedFiles', res);
|
|
6729
6788
|
assert(false, 'handleUnsuccessfulApiResponse should unconditionally throw');
|
|
6730
6789
|
}
|
|
6731
6790
|
return res.data;
|
|
@@ -6748,14 +6807,14 @@ async function createFullScan({
|
|
|
6748
6807
|
// const absoluteConfigPath = path.join(cwd, 'socket.yml')
|
|
6749
6808
|
// const socketConfig = await getSocketConfig(absoluteConfigPath)
|
|
6750
6809
|
|
|
6751
|
-
const packagePaths = await
|
|
6810
|
+
const packagePaths = await shadowNpmPaths.getPackageFilesFullScans(cwd, targets, supportedFiles
|
|
6752
6811
|
// socketConfig
|
|
6753
6812
|
);
|
|
6754
6813
|
|
|
6755
6814
|
// We're going to need an api token to suggest data because those suggestions
|
|
6756
6815
|
// must come from data we already know. Don't error on missing api token yet.
|
|
6757
6816
|
// If the api-token is not set, ignore it for the sake of suggestions.
|
|
6758
|
-
const apiToken =
|
|
6817
|
+
const apiToken = shadowNpmInject.getDefaultToken();
|
|
6759
6818
|
|
|
6760
6819
|
// If the current cwd is unknown and is used as a repo slug anyways, we will
|
|
6761
6820
|
// first need to register the slug before we can use it.
|
|
@@ -6789,7 +6848,7 @@ async function createFullScan({
|
|
|
6789
6848
|
// options or missing arguments.
|
|
6790
6849
|
// https://www.gnu.org/software/bash/manual/html_node/Exit-Status.html
|
|
6791
6850
|
process$1.exitCode = 2;
|
|
6792
|
-
logger.logger.
|
|
6851
|
+
logger.logger.fail(commonTags.stripIndents`
|
|
6793
6852
|
${colors.bgRed(colors.white('Input error'))}: Please provide the required fields:
|
|
6794
6853
|
|
|
6795
6854
|
- Org name as the first argument ${!orgSlug ? colors.red('(missing!)') : colors.green('(ok)')}
|
|
@@ -6811,7 +6870,7 @@ async function createFullScan({
|
|
|
6811
6870
|
logger.logger.log('```');
|
|
6812
6871
|
}
|
|
6813
6872
|
if (!apiToken) {
|
|
6814
|
-
throw new
|
|
6873
|
+
throw new shadowNpmInject.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
|
|
6815
6874
|
}
|
|
6816
6875
|
if (readOnly) {
|
|
6817
6876
|
logger.logger.log('[ReadOnly] Bailing now');
|
|
@@ -6827,7 +6886,7 @@ async function createFullScan({
|
|
|
6827
6886
|
tmp
|
|
6828
6887
|
}, packagePaths, cwd), 'Creating scan');
|
|
6829
6888
|
if (!result.success) {
|
|
6830
|
-
handleUnsuccessfulApiResponse('CreateOrgFullScan', result
|
|
6889
|
+
handleUnsuccessfulApiResponse('CreateOrgFullScan', result);
|
|
6831
6890
|
return;
|
|
6832
6891
|
}
|
|
6833
6892
|
spinner.successAndStop('Scan created successfully');
|
|
@@ -6971,16 +7030,17 @@ async function run$6(argv, importMeta, {
|
|
|
6971
7030
|
branch: branchName,
|
|
6972
7031
|
repo: repoName
|
|
6973
7032
|
} = cli.flags;
|
|
6974
|
-
const apiToken =
|
|
7033
|
+
const apiToken = shadowNpmInject.getDefaultToken(); // This checks if we _can_ suggest anything
|
|
6975
7034
|
|
|
6976
7035
|
if (!apiToken && (!orgSlug || !repoName || !branchName || !targets.length)) {
|
|
6977
7036
|
// Without api token we cannot recover because we can't request more info
|
|
6978
7037
|
// from the server, to match and help with the current cwd/git status.
|
|
7038
|
+
//
|
|
6979
7039
|
// Use exit status of 2 to indicate incorrect usage, generally invalid
|
|
6980
7040
|
// options or missing arguments.
|
|
6981
7041
|
// https://www.gnu.org/software/bash/manual/html_node/Exit-Status.html
|
|
6982
7042
|
process$1.exitCode = 2;
|
|
6983
|
-
logger.logger.
|
|
7043
|
+
logger.logger.fail(commonTags.stripIndents`
|
|
6984
7044
|
${colors.bgRed(colors.white('Input error'))}: Please provide the required fields:
|
|
6985
7045
|
|
|
6986
7046
|
- Org name as the first argument ${!orgSlug ? colors.red('(missing!)') : colors.green('(ok)')}
|
|
@@ -7019,9 +7079,9 @@ async function run$6(argv, importMeta, {
|
|
|
7019
7079
|
}
|
|
7020
7080
|
|
|
7021
7081
|
async function deleteOrgFullScan(orgSlug, fullScanId) {
|
|
7022
|
-
const apiToken =
|
|
7082
|
+
const apiToken = shadowNpmInject.getDefaultToken();
|
|
7023
7083
|
if (!apiToken) {
|
|
7024
|
-
throw new
|
|
7084
|
+
throw new shadowNpmInject.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
|
|
7025
7085
|
}
|
|
7026
7086
|
await deleteOrgFullScanWithToken(orgSlug, fullScanId, apiToken);
|
|
7027
7087
|
}
|
|
@@ -7031,10 +7091,10 @@ async function deleteOrgFullScanWithToken(orgSlug, fullScanId, apiToken) {
|
|
|
7031
7091
|
spinner
|
|
7032
7092
|
} = constants;
|
|
7033
7093
|
spinner.start('Deleting scan...');
|
|
7034
|
-
const socketSdk = await
|
|
7094
|
+
const socketSdk = await shadowNpmInject.setupSdk(apiToken);
|
|
7035
7095
|
const result = await handleApiCall(socketSdk.deleteOrgFullScan(orgSlug, fullScanId), 'Deleting scan');
|
|
7036
7096
|
if (!result.success) {
|
|
7037
|
-
handleUnsuccessfulApiResponse('deleteOrgFullScan', result
|
|
7097
|
+
handleUnsuccessfulApiResponse('deleteOrgFullScan', result);
|
|
7038
7098
|
return;
|
|
7039
7099
|
}
|
|
7040
7100
|
spinner.successAndStop('Scan deleted successfully');
|
|
@@ -7082,7 +7142,7 @@ async function run$5(argv, importMeta, {
|
|
|
7082
7142
|
// options or missing arguments.
|
|
7083
7143
|
// https://www.gnu.org/software/bash/manual/html_node/Exit-Status.html
|
|
7084
7144
|
process.exitCode = 2;
|
|
7085
|
-
logger.logger.
|
|
7145
|
+
logger.logger.fail(commonTags.stripIndents`${colors.bgRed(colors.white('Input error'))}: Please provide the required fields:
|
|
7086
7146
|
|
|
7087
7147
|
- Org name as the first argument ${!orgSlug ? colors.red('(missing!)') : colors.green('(ok)')}
|
|
7088
7148
|
|
|
@@ -7106,9 +7166,9 @@ async function listFullScans({
|
|
|
7106
7166
|
per_page,
|
|
7107
7167
|
sort
|
|
7108
7168
|
}) {
|
|
7109
|
-
const apiToken =
|
|
7169
|
+
const apiToken = shadowNpmInject.getDefaultToken();
|
|
7110
7170
|
if (!apiToken) {
|
|
7111
|
-
throw new
|
|
7171
|
+
throw new shadowNpmInject.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
|
|
7112
7172
|
}
|
|
7113
7173
|
await listFullScansWithToken({
|
|
7114
7174
|
apiToken,
|
|
@@ -7136,7 +7196,7 @@ async function listFullScansWithToken({
|
|
|
7136
7196
|
spinner
|
|
7137
7197
|
} = constants;
|
|
7138
7198
|
spinner.start('Fetching list of scans...');
|
|
7139
|
-
const socketSdk = await
|
|
7199
|
+
const socketSdk = await shadowNpmInject.setupSdk(apiToken);
|
|
7140
7200
|
const result = await handleApiCall(socketSdk.getOrgFullScanList(orgSlug, {
|
|
7141
7201
|
sort,
|
|
7142
7202
|
direction,
|
|
@@ -7145,7 +7205,7 @@ async function listFullScansWithToken({
|
|
|
7145
7205
|
from: from_time
|
|
7146
7206
|
}), 'Listing scans');
|
|
7147
7207
|
if (!result.success) {
|
|
7148
|
-
handleUnsuccessfulApiResponse('getOrgFullScanList', result
|
|
7208
|
+
handleUnsuccessfulApiResponse('getOrgFullScanList', result);
|
|
7149
7209
|
return;
|
|
7150
7210
|
}
|
|
7151
7211
|
spinner.stop(`Fetch complete`);
|
|
@@ -7261,7 +7321,7 @@ async function run$4(argv, importMeta, {
|
|
|
7261
7321
|
// options or missing arguments.
|
|
7262
7322
|
// https://www.gnu.org/software/bash/manual/html_node/Exit-Status.html
|
|
7263
7323
|
process.exitCode = 2;
|
|
7264
|
-
logger.logger.
|
|
7324
|
+
logger.logger.fail(commonTags.stripIndents`${colors.bgRed(colors.white('Input error'))}: Please provide the required fields:
|
|
7265
7325
|
|
|
7266
7326
|
- Org name as the argument ${!orgSlug ? colors.red('(missing!)') : colors.green('(ok)')}`);
|
|
7267
7327
|
return;
|
|
@@ -7282,9 +7342,9 @@ async function run$4(argv, importMeta, {
|
|
|
7282
7342
|
}
|
|
7283
7343
|
|
|
7284
7344
|
async function getOrgScanMetadata(orgSlug, scanId, outputKind) {
|
|
7285
|
-
const apiToken =
|
|
7345
|
+
const apiToken = shadowNpmInject.getDefaultToken();
|
|
7286
7346
|
if (!apiToken) {
|
|
7287
|
-
throw new
|
|
7347
|
+
throw new shadowNpmInject.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
|
|
7288
7348
|
}
|
|
7289
7349
|
await getOrgScanMetadataWithToken(orgSlug, scanId, apiToken, outputKind);
|
|
7290
7350
|
}
|
|
@@ -7294,10 +7354,10 @@ async function getOrgScanMetadataWithToken(orgSlug, scanId, apiToken, outputKind
|
|
|
7294
7354
|
spinner
|
|
7295
7355
|
} = constants;
|
|
7296
7356
|
spinner.start('Fetching meta data for a full scan...');
|
|
7297
|
-
const socketSdk = await
|
|
7357
|
+
const socketSdk = await shadowNpmInject.setupSdk(apiToken);
|
|
7298
7358
|
const result = await handleApiCall(socketSdk.getOrgFullScanMetadata(orgSlug, scanId), 'Listing scans');
|
|
7299
7359
|
if (!result.success) {
|
|
7300
|
-
handleUnsuccessfulApiResponse('getOrgFullScanMetadata', result
|
|
7360
|
+
handleUnsuccessfulApiResponse('getOrgFullScanMetadata', result);
|
|
7301
7361
|
return;
|
|
7302
7362
|
}
|
|
7303
7363
|
spinner?.successAndStop('Fetched the meta data\n');
|
|
@@ -7363,7 +7423,7 @@ async function run$3(argv, importMeta, {
|
|
|
7363
7423
|
// options or missing arguments.
|
|
7364
7424
|
// https://www.gnu.org/software/bash/manual/html_node/Exit-Status.html
|
|
7365
7425
|
process.exitCode = 2;
|
|
7366
|
-
logger.logger.
|
|
7426
|
+
logger.logger.fail(commonTags.stripIndents`${colors.bgRed(colors.white('Input error'))}: Please provide the required fields:
|
|
7367
7427
|
|
|
7368
7428
|
- Org name as the first argument ${!orgSlug ? colors.red('(missing!)') : colors.green('(ok)')}
|
|
7369
7429
|
|
|
@@ -7382,15 +7442,15 @@ async function streamFullScan(orgSlug, fullScanId, file) {
|
|
|
7382
7442
|
const {
|
|
7383
7443
|
spinner
|
|
7384
7444
|
} = constants;
|
|
7385
|
-
const apiToken =
|
|
7445
|
+
const apiToken = shadowNpmInject.getDefaultToken();
|
|
7386
7446
|
if (!apiToken) {
|
|
7387
|
-
throw new
|
|
7447
|
+
throw new shadowNpmInject.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
|
|
7388
7448
|
}
|
|
7389
7449
|
spinner.start('Fetching scan...');
|
|
7390
|
-
const socketSdk = await
|
|
7450
|
+
const socketSdk = await shadowNpmInject.setupSdk(apiToken);
|
|
7391
7451
|
const data = await handleApiCall(socketSdk.getOrgFullScan(orgSlug, fullScanId, file === '-' ? undefined : file), 'Fetching a scan');
|
|
7392
7452
|
if (!data?.success) {
|
|
7393
|
-
handleUnsuccessfulApiResponse('getOrgFullScan', data
|
|
7453
|
+
handleUnsuccessfulApiResponse('getOrgFullScan', data);
|
|
7394
7454
|
return;
|
|
7395
7455
|
}
|
|
7396
7456
|
spinner?.successAndStop(file ? `Full scan details written to ${file}` : 'stdout');
|
|
@@ -7402,16 +7462,16 @@ async function getFullScan(orgSlug, fullScanId) {
|
|
|
7402
7462
|
const {
|
|
7403
7463
|
spinner
|
|
7404
7464
|
} = constants;
|
|
7405
|
-
const apiToken =
|
|
7465
|
+
const apiToken = shadowNpmInject.getDefaultToken();
|
|
7406
7466
|
if (!apiToken) {
|
|
7407
|
-
throw new
|
|
7467
|
+
throw new shadowNpmInject.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
|
|
7408
7468
|
}
|
|
7409
7469
|
spinner.start('Fetching full-scan...');
|
|
7410
7470
|
const response = await queryAPI(`orgs/${orgSlug}/full-scans/${encodeURIComponent(fullScanId)}`, apiToken);
|
|
7411
7471
|
spinner.stop('Fetch complete.');
|
|
7412
7472
|
if (!response.ok) {
|
|
7413
7473
|
const err = await handleAPIError(response.status);
|
|
7414
|
-
logger.logger.
|
|
7474
|
+
logger.logger.fail(`${colors.bgRed(colors.white(response.statusText))}: Fetch error: ${err}`);
|
|
7415
7475
|
return;
|
|
7416
7476
|
}
|
|
7417
7477
|
|
|
@@ -7459,9 +7519,9 @@ View this report at: https://socket.dev/dashboard/org/${orgSlug}/sbom/${fullScan
|
|
|
7459
7519
|
await fs$1.writeFile(filePath, report, 'utf8');
|
|
7460
7520
|
logger.logger.log(`Data successfully written to ${filePath}`);
|
|
7461
7521
|
} catch (e) {
|
|
7462
|
-
logger.logger.error('There was an error trying to write the json to disk');
|
|
7463
|
-
logger.logger.error(e);
|
|
7464
7522
|
process.exitCode = 1;
|
|
7523
|
+
logger.logger.fail('There was an error trying to write the json to disk');
|
|
7524
|
+
logger.logger.error(e);
|
|
7465
7525
|
}
|
|
7466
7526
|
} else {
|
|
7467
7527
|
logger.logger.log(report);
|
|
@@ -7512,7 +7572,7 @@ async function run$2(argv, importMeta, {
|
|
|
7512
7572
|
// options or missing arguments.
|
|
7513
7573
|
// https://www.gnu.org/software/bash/manual/html_node/Exit-Status.html
|
|
7514
7574
|
process.exitCode = 2;
|
|
7515
|
-
logger.logger.
|
|
7575
|
+
logger.logger.fail(commonTags.stripIndents`
|
|
7516
7576
|
${colors.bgRed(colors.white('Input error'))}: Please provide the required fields:
|
|
7517
7577
|
|
|
7518
7578
|
- Org name as the first argument ${!orgSlug ? colors.red('(missing!)') : colors.green('(ok)')}
|
|
@@ -7704,9 +7764,9 @@ async function run$1(argv, importMeta, {
|
|
|
7704
7764
|
logger.logger.log(DRY_RUN_BAIL_TEXT$1);
|
|
7705
7765
|
return;
|
|
7706
7766
|
}
|
|
7707
|
-
const apiToken =
|
|
7767
|
+
const apiToken = shadowNpmInject.getDefaultToken();
|
|
7708
7768
|
if (!apiToken) {
|
|
7709
|
-
throw new
|
|
7769
|
+
throw new shadowNpmInject.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
|
|
7710
7770
|
}
|
|
7711
7771
|
await getThreatFeed({
|
|
7712
7772
|
apiToken,
|
|
@@ -7801,7 +7861,7 @@ function askQuestion(rl, query) {
|
|
|
7801
7861
|
function removeSocketWrapper(file) {
|
|
7802
7862
|
return fs.readFile(file, 'utf8', function (err, data) {
|
|
7803
7863
|
if (err) {
|
|
7804
|
-
logger.logger.
|
|
7864
|
+
logger.logger.fail('There was an error removing the alias:');
|
|
7805
7865
|
logger.logger.error(err);
|
|
7806
7866
|
return;
|
|
7807
7867
|
}
|
|
@@ -7878,7 +7938,7 @@ async function run(argv, importMeta, {
|
|
|
7878
7938
|
// options or missing arguments.
|
|
7879
7939
|
// https://www.gnu.org/software/bash/manual/html_node/Exit-Status.html
|
|
7880
7940
|
process.exitCode = 2;
|
|
7881
|
-
logger.logger.
|
|
7941
|
+
logger.logger.fail(commonTags.stripIndents`
|
|
7882
7942
|
${colors.bgRed(colors.white('Input error'))}: Please provide the required flags:
|
|
7883
7943
|
|
|
7884
7944
|
- Must use --enabled or --disabled
|
|
@@ -7911,7 +7971,7 @@ async function run(argv, importMeta, {
|
|
|
7911
7971
|
}
|
|
7912
7972
|
}
|
|
7913
7973
|
if (!fs.existsSync(bashRcPath) && !fs.existsSync(zshRcPath)) {
|
|
7914
|
-
logger.logger.
|
|
7974
|
+
logger.logger.fail('There was an issue setting up the alias in your bash profile');
|
|
7915
7975
|
}
|
|
7916
7976
|
}
|
|
7917
7977
|
|
|
@@ -7970,10 +8030,10 @@ void (async () => {
|
|
|
7970
8030
|
let errorBody;
|
|
7971
8031
|
let errorTitle;
|
|
7972
8032
|
let errorMessage = '';
|
|
7973
|
-
if (e instanceof
|
|
8033
|
+
if (e instanceof shadowNpmInject.AuthError) {
|
|
7974
8034
|
errorTitle = 'Authentication error';
|
|
7975
8035
|
errorMessage = e.message;
|
|
7976
|
-
} else if (e instanceof
|
|
8036
|
+
} else if (e instanceof shadowNpmInject.InputError) {
|
|
7977
8037
|
errorTitle = 'Invalid input';
|
|
7978
8038
|
errorMessage = e.message;
|
|
7979
8039
|
errorBody = e.body;
|
|
@@ -7984,12 +8044,12 @@ void (async () => {
|
|
|
7984
8044
|
} else {
|
|
7985
8045
|
errorTitle = 'Unexpected error with no details';
|
|
7986
8046
|
}
|
|
7987
|
-
logger.logger.
|
|
8047
|
+
logger.logger.fail(`${colors.bgRed(colors.white(errorTitle + ':'))} ${errorMessage}`);
|
|
7988
8048
|
if (errorBody) {
|
|
7989
8049
|
logger.logger.error(`\n${errorBody}`);
|
|
7990
8050
|
}
|
|
7991
|
-
await
|
|
8051
|
+
await shadowNpmInject.captureException(e);
|
|
7992
8052
|
}
|
|
7993
8053
|
})();
|
|
7994
|
-
//# debugId=
|
|
8054
|
+
//# debugId=da32be80-6a12-4a4c-b9c4-0cfdd490ce52
|
|
7995
8055
|
//# sourceMappingURL=cli.js.map
|