@socketsecurity/cli-with-sentry 0.14.57 → 0.14.59

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (22) hide show
  1. package/bin/cli.js +2 -0
  2. package/dist/constants.d.ts +2 -2
  3. package/dist/constants.js +11 -6
  4. package/dist/constants.js.map +1 -1
  5. package/dist/instrument-with-sentry.js +2 -2
  6. package/dist/instrument-with-sentry.js.map +1 -1
  7. package/dist/module-sync/artifact.d.ts +75 -0
  8. package/dist/module-sync/cli.js +1063 -802
  9. package/dist/module-sync/cli.js.map +1 -1
  10. package/dist/module-sync/index.d.ts +4 -3
  11. package/dist/module-sync/shadow-bin.js +3 -1
  12. package/dist/module-sync/shadow-bin.js.map +1 -1
  13. package/dist/module-sync/shadow-npm-inject.js +1414 -1287
  14. package/dist/module-sync/shadow-npm-inject.js.map +1 -1
  15. package/dist/module-sync/shadow-npm-paths.js.map +1 -1
  16. package/dist/module-sync/socket-package-alert.d.ts +46 -0
  17. package/dist/module-sync/types.d.ts +11 -3
  18. package/dist/require/cli.js +1063 -802
  19. package/dist/require/cli.js.map +1 -1
  20. package/package.json +12 -10
  21. package/dist/module-sync/color-or-markdown.d.ts +0 -16
  22. package/dist/module-sync/socket-url.d.ts +0 -3
package/dist/module-sync/index.d.ts CHANGED
@@ -1,7 +1,5 @@
1
- import { kRiskyReify } from "./shadow-npm-inject.js";
2
1
  import { ArboristClass } from "./types.js";
3
2
  import { SafeNode } from "./node.js";
4
- declare const Arborist: ArboristClass;
5
3
  declare const SAFE_ARBORIST_REIFY_OPTIONS_OVERRIDES: {
6
4
  __proto__: null;
7
5
  audit: boolean;
@@ -13,10 +11,13 @@ declare const SAFE_ARBORIST_REIFY_OPTIONS_OVERRIDES: {
13
11
  saveBundle: boolean;
14
12
  silent: boolean;
15
13
  };
14
+ declare const kCtorArgs: unique symbol;
15
+ declare const kRiskyReify: unique symbol;
16
+ declare const Arborist: ArboristClass;
16
17
  declare class SafeArborist extends Arborist {
17
18
  constructor(...ctorArgs: ConstructorParameters<ArboristClass>);
18
19
  [kRiskyReify](...args: Parameters<InstanceType<ArboristClass>['reify']>): Promise<SafeNode>;
19
20
  // @ts-ignore Incorrectly typed.
20
21
  reify(this: SafeArborist, ...args: Parameters<InstanceType<ArboristClass>['reify']>): Promise<SafeNode>;
21
22
  }
22
- export { Arborist, SAFE_ARBORIST_REIFY_OPTIONS_OVERRIDES, SafeArborist };
23
+ export { SAFE_ARBORIST_REIFY_OPTIONS_OVERRIDES, kCtorArgs, kRiskyReify, Arborist, SafeArborist };
package/dist/module-sync/shadow-bin.js CHANGED
@@ -59,6 +59,8 @@ async function shadowBin(binName, args = process.argv.slice(2), level = 1) {
59
59
  const spawnPromise = spawn.spawn(
60
60
  // Lazily access constants.execPath.
61
61
  constants.execPath, [
62
+ // Lazily access constants.nodeHardenFlags.
63
+ ...constants.nodeHardenFlags,
62
64
  // Lazily access constants.nodeNoWarningsFlags.
63
65
  ...constants.nodeNoWarningsFlags,
64
66
  // Lazily access constants.ENV[SOCKET_CLI_SENTRY_BUILD].
@@ -94,5 +96,5 @@ async function shadowBin(binName, args = process.argv.slice(2), level = 1) {
94
96
  }
95
97
 
96
98
  module.exports = shadowBin;
97
- //# debugId=c58c4335-92d0-4ad1-86bf-6eb5428f654a
99
+ //# debugId=ee6e1727-ba87-4d1b-89c3-a573fd8401bd
98
100
  //# sourceMappingURL=shadow-bin.js.map
package/dist/module-sync/shadow-bin.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"shadow-bin.js","sources":["../../src/shadow/npm/link.ts","../../src/shadow/npm/bin.ts"],"sourcesContent":["import path from 'node:path'\nimport process from 'node:process'\n\nimport cmdShim from 'cmd-shim'\n\nimport {\n getNpmBinPath,\n getNpxBinPath,\n isNpmBinPathShadowed,\n isNpxBinPathShadowed\n} from './paths'\nimport constants from '../../constants'\n\nconst { CLI, NPX } = constants\n\nexport async function installLinks(\n realBinPath: string,\n binName: 'npm' | 'npx'\n): Promise<string> {\n const isNpx = binName === NPX\n // Find package manager being shadowed by this process.\n const binPath = isNpx ? getNpxBinPath() : getNpmBinPath()\n // Lazily access constants.WIN32.\n const { WIN32 } = constants\n // TODO: Is this early exit needed?\n if (WIN32 && binPath) {\n return binPath\n }\n const shadowed = isNpx ? isNpxBinPathShadowed() : isNpmBinPathShadowed()\n // Move our bin directory to front of PATH so its found first.\n if (!shadowed) {\n if (WIN32) {\n await cmdShim(\n // Lazily access constants.rootDistPath.\n path.join(constants.rootDistPath, `${binName}-${CLI}.js`),\n path.join(realBinPath, binName)\n )\n }\n process.env['PATH'] =\n `${realBinPath}${path.delimiter}${process.env['PATH']}`\n }\n return binPath\n}\n","import process from 'node:process'\n\nimport {\n isLoglevelFlag,\n isProgressFlag\n} from '@socketsecurity/registry/lib/npm'\nimport { spawn } from '@socketsecurity/registry/lib/spawn'\n\nimport { installLinks } from './link'\nimport constants from '../../constants'\n\nconst {\n SOCKET_CLI_SAFE_WRAPPER,\n SOCKET_CLI_SENTRY_BUILD,\n SOCKET_IPC_HANDSHAKE\n} = constants\n\nexport default async function shadowBin(\n binName: 'npm' | 'npx',\n args = process.argv.slice(2),\n level = 1\n) {\n process.exitCode = 1\n const terminatorPos = args.indexOf('--')\n const binArgs = (\n terminatorPos === -1 ? args : args.slice(0, terminatorPos)\n ).filter(a => !isProgressFlag(a))\n const otherArgs = terminatorPos === -1 ? [] : args.slice(terminatorPos)\n const spawnPromise = spawn(\n // Lazily access constants.execPath.\n constants.execPath,\n [\n // Lazily access constants.nodeNoWarningsFlags.\n ...constants.nodeNoWarningsFlags,\n // Lazily access constants.ENV[SOCKET_CLI_SENTRY_BUILD].\n ...(constants.ENV[SOCKET_CLI_SENTRY_BUILD]\n ? [\n '--require',\n // Lazily access constants.distInstrumentWithSentryPath.\n constants.distInstrumentWithSentryPath\n ]\n : []),\n '--require',\n // Lazily access constants.distShadowNpmInjectPath.\n constants.distShadowNpmInjectPath,\n // Lazily access constants.shadowBinPath.\n await installLinks(constants.shadowBinPath, binName),\n // Add `--no-progress` and `--loglevel=error` flags to fix input being\n // swallowed by the npm spinner.\n '--no-progress',\n // Add the '--loglevel=error' flag if a loglevel flag is not provided.\n ...(binArgs.some(isLoglevelFlag) ? [] : ['--loglevel', 'error']),\n ...binArgs,\n ...otherArgs\n ],\n {\n // 'inherit' + 'ipc'\n stdio: [0, 1, 2, 'ipc']\n }\n )\n // See https://nodejs.org/api/all.html#all_child_process_event-exit.\n spawnPromise.process.on('exit', (code, signalName) => {\n if (signalName) {\n process.kill(process.pid, signalName)\n } else if (code !== null) {\n process.exit(code)\n }\n })\n spawnPromise.process.send({\n [SOCKET_IPC_HANDSHAKE]: {\n [SOCKET_CLI_SAFE_WRAPPER]: level\n }\n })\n await spawnPromise\n}\n"],"names":["NPX","WIN32","process","SOCKET_IPC_HANDSHAKE","constants","spawnPromise"],"mappings":";;;;;;;;;;;;;;;;;;;AAaA;;AAAaA;AAAI;AAEV;AAIL;AACA;;AAEA;;AACQC;AAAM;AACd;;AAEE;AACF;;AAEA;;AAEE;AACE;AACE;;AAIJ;AACAC;AAEF;AACA;AACF;;AC/BA;;;AAGEC;AACF;AAEe;;AAMb;AACA;AAGA;;AAEE;;AAGE;;AAEA;;AAIM;AACAC;AAIN;AACAA;AACA;AACA;AACA;AACA;;AAEA;;AAMA;;AAEF;AAEF;;AAEE;;AAEA;AACEF;AACF;AACF;AACAG;AACE;AACE;AACF;AACF;AACA;AACF;;","debugId":"c58c4335-92d0-4ad1-86bf-6eb5428f654a"}
1
+ {"version":3,"file":"shadow-bin.js","sources":["../../src/shadow/npm/link.ts","../../src/shadow/npm/bin.ts"],"sourcesContent":["import path from 'node:path'\nimport process from 'node:process'\n\nimport cmdShim from 'cmd-shim'\n\nimport {\n getNpmBinPath,\n getNpxBinPath,\n isNpmBinPathShadowed,\n isNpxBinPathShadowed\n} from './paths'\nimport constants from '../../constants'\n\nconst { CLI, NPX } = constants\n\nexport async function installLinks(\n realBinPath: string,\n binName: 'npm' | 'npx'\n): Promise<string> {\n const isNpx = binName === NPX\n // Find package manager being shadowed by this process.\n const binPath = isNpx ? getNpxBinPath() : getNpmBinPath()\n // Lazily access constants.WIN32.\n const { WIN32 } = constants\n // TODO: Is this early exit needed?\n if (WIN32 && binPath) {\n return binPath\n }\n const shadowed = isNpx ? isNpxBinPathShadowed() : isNpmBinPathShadowed()\n // Move our bin directory to front of PATH so its found first.\n if (!shadowed) {\n if (WIN32) {\n await cmdShim(\n // Lazily access constants.rootDistPath.\n path.join(constants.rootDistPath, `${binName}-${CLI}.js`),\n path.join(realBinPath, binName)\n )\n }\n process.env['PATH'] =\n `${realBinPath}${path.delimiter}${process.env['PATH']}`\n }\n return binPath\n}\n","import process from 'node:process'\n\nimport {\n isLoglevelFlag,\n isProgressFlag\n} from '@socketsecurity/registry/lib/npm'\nimport { spawn } from '@socketsecurity/registry/lib/spawn'\n\nimport { installLinks } from './link'\nimport constants from '../../constants'\n\nconst {\n SOCKET_CLI_SAFE_WRAPPER,\n SOCKET_CLI_SENTRY_BUILD,\n SOCKET_IPC_HANDSHAKE\n} = constants\n\nexport default async function shadowBin(\n binName: 'npm' | 'npx',\n args = process.argv.slice(2),\n level = 1\n) {\n process.exitCode = 1\n const terminatorPos = args.indexOf('--')\n const binArgs = (\n terminatorPos === -1 ? args : args.slice(0, terminatorPos)\n ).filter(a => !isProgressFlag(a))\n const otherArgs = terminatorPos === -1 ? [] : args.slice(terminatorPos)\n const spawnPromise = spawn(\n // Lazily access constants.execPath.\n constants.execPath,\n [\n // Lazily access constants.nodeHardenFlags.\n ...constants.nodeHardenFlags,\n // Lazily access constants.nodeNoWarningsFlags.\n ...constants.nodeNoWarningsFlags,\n // Lazily access constants.ENV[SOCKET_CLI_SENTRY_BUILD].\n ...(constants.ENV[SOCKET_CLI_SENTRY_BUILD]\n ? [\n '--require',\n // Lazily access constants.distInstrumentWithSentryPath.\n constants.distInstrumentWithSentryPath\n ]\n : []),\n '--require',\n // Lazily access constants.distShadowNpmInjectPath.\n constants.distShadowNpmInjectPath,\n // Lazily access constants.shadowBinPath.\n await installLinks(constants.shadowBinPath, binName),\n // Add `--no-progress` and `--loglevel=error` flags to fix input being\n // swallowed by the npm spinner.\n '--no-progress',\n // Add the '--loglevel=error' flag if a loglevel flag is not provided.\n ...(binArgs.some(isLoglevelFlag) ? [] : ['--loglevel', 'error']),\n ...binArgs,\n ...otherArgs\n ],\n {\n // 'inherit' + 'ipc'\n stdio: [0, 1, 2, 'ipc']\n }\n )\n // See https://nodejs.org/api/all.html#all_child_process_event-exit.\n spawnPromise.process.on('exit', (code, signalName) => {\n if (signalName) {\n process.kill(process.pid, signalName)\n } else if (code !== null) {\n process.exit(code)\n }\n })\n spawnPromise.process.send({\n [SOCKET_IPC_HANDSHAKE]: {\n [SOCKET_CLI_SAFE_WRAPPER]: level\n }\n })\n await spawnPromise\n}\n"],"names":["NPX","WIN32","process","SOCKET_IPC_HANDSHAKE","constants","spawnPromise"],"mappings":";;;;;;;;;;;;;;;;;;;AAaA;;AAAaA;AAAI;AAEV;AAIL;AACA;;AAEA;;AACQC;AAAM;AACd;;AAEE;AACF;;AAEA;;AAEE;AACE;AACE;;AAIJ;AACAC;AAEF;AACA;AACF;;AC/BA;;;AAGEC;AACF;AAEe;;AAMb;AACA;AAGA;;AAEE;;AAGE;;AAEA;;AAEA;;AAIM;AACAC;AAIN;AACAA;AACA;AACA;AACA;AACA;;AAEA;;AAMA;;AAEF;AAEF;;AAEE;;AAEA;AACEF;AACF;AACF;AACAG;AACE;AACE;AACF;AACF;AACA;AACF;;","debugId":"ee6e1727-ba87-4d1b-89c3-a573fd8401bd"}