@socketsecurity/cli-with-sentry 0.14.66 → 0.14.68

package/dist/constants.js

@@ -1,262 +1,314 @@
-'use strict';
+'use strict'
 
-var fs = require('node:fs');
-var os = require('node:os');
-var path = require('node:path');
-var process = require('node:process');
-var registryConstants = require('@socketsecurity/registry/lib/constants');
-var env = require('@socketsecurity/registry/lib/env');
+const fs = require('node:fs')
+const os = require('node:os')
+const path = require('node:path')
+const process = require('node:process')
+const registryConstants = require('@socketsecurity/registry/lib/constants')
+const env = require('@socketsecurity/registry/lib/env')
 
 const {
   NODE_MODULES,
   NPM,
   SOCKET_SECURITY_SCOPE,
   kInternalsSymbol,
-  [kInternalsSymbol]: {
-    createConstantsObject,
-    getIpc
-  }
-} = registryConstants;
-const ALERT_TYPE_CRITICAL_CVE = 'criticalCVE';
-const ALERT_TYPE_CVE = 'cve';
-const ALERT_TYPE_MEDIUM_CVE = 'mediumCVE';
-const ALERT_TYPE_MILD_CVE = 'mildCVE';
-const API_V0_URL = 'https://api.socket.dev/v0/';
-const BINARY_LOCK_EXT = '.lockb';
-const BUN = 'bun';
-const CLI = 'cli';
-const CVE_ALERT_PROPS_FIRST_PATCHED_VERSION_IDENTIFIER = 'firstPatchedVersionIdentifier';
-const DRY_RUN_LABEL = '[DryRun]';
-const DRY_RUN_BAIL_TEXT = `${DRY_RUN_LABEL}: Bailing now`;
-const INLINED_SOCKET_CLI_LEGACY_BUILD = 'INLINED_SOCKET_CLI_LEGACY_BUILD';
-const INLINED_SOCKET_CLI_PUBLISHED_BUILD = 'INLINED_SOCKET_CLI_PUBLISHED_BUILD';
-const INLINED_SOCKET_CLI_SENTRY_BUILD = 'INLINED_SOCKET_CLI_SENTRY_BUILD';
-const LOCK_EXT = '.lock';
-const MODULE_SYNC = 'module-sync';
-const NPM_BUGGY_OVERRIDES_PATCHED_VERSION = '11.2.0';
-const NPM_REGISTRY_URL = 'https://registry.npmjs.org';
-const PNPM = 'pnpm';
-const REDACTED = '<redacted>';
-const REQUIRE = 'require';
-const SHADOW_NPM_BIN = 'shadow-bin';
-const SHADOW_NPM_INJECT = 'shadow-npm-inject';
-const SHADOW_NPM_PATHS = 'shadow-npm-paths';
-const SOCKET = 'socket';
-const SOCKET_CLI_BIN_NAME = 'socket';
-const SOCKET_CLI_BIN_NAME_ALIAS = 'cli';
-const SOCKET_CLI_DEBUG = 'SOCKET_CLI_DEBUG';
-const SOCKET_CLI_FIX = 'SOCKET_CLI_FIX';
-const SOCKET_CLI_ISSUES_URL = 'https://github.com/SocketDev/socket-cli/issues';
-const SOCKET_CLI_LEGACY_PACKAGE_NAME = `${SOCKET_SECURITY_SCOPE}/cli`;
-const SOCKET_CLI_NO_API_TOKEN = 'SOCKET_CLI_NO_API_TOKEN';
-const SOCKET_CLI_OPTIMIZE = 'SOCKET_CLI_OPTIMIZE';
-const SOCKET_CLI_NPM_BIN_NAME = 'socket-npm';
-const SOCKET_CLI_NPX_BIN_NAME = 'socket-npx';
-const SOCKET_CLI_PACKAGE_NAME = 'socket';
-const SOCKET_CLI_SAFE_WRAPPER = 'SOCKET_CLI_SAFE_WRAPPER';
-const SOCKET_CLI_SENTRY_BIN_NAME = 'socket-with-sentry';
-const SOCKET_CLI_SENTRY_BIN_NAME_ALIAS = 'cli-with-sentry';
-const SOCKET_CLI_SENTRY_NPM_BIN_NAME = 'socket-npm-with-sentry';
-const SOCKET_CLI_SENTRY_NPX_BIN_NAME = 'socket-npx-with-sentry';
-const SOCKET_CLI_SENTRY_PACKAGE_NAME = `${SOCKET_SECURITY_SCOPE}/cli-with-sentry`;
-const VLT = 'vlt';
-const WITH_SENTRY = 'with-sentry';
-const YARN = 'yarn';
-const YARN_BERRY = 'yarn/berry';
-const YARN_CLASSIC = 'yarn/classic';
-const YARN_LOCK = 'yarn.lock';
-let _Sentry;
-const LAZY_DIST_TYPE = () => registryConstants.SUPPORTS_NODE_REQUIRE_MODULE ? MODULE_SYNC : REQUIRE;
+  [kInternalsSymbol]: { createConstantsObject, getIpc }
+} = registryConstants
+const ALERT_TYPE_CRITICAL_CVE = 'criticalCVE'
+const ALERT_TYPE_CVE = 'cve'
+const ALERT_TYPE_MEDIUM_CVE = 'mediumCVE'
+const ALERT_TYPE_MILD_CVE = 'mildCVE'
+const API_V0_URL = 'https://api.socket.dev/v0/'
+const BINARY_LOCK_EXT = '.lockb'
+const BUN = 'bun'
+const CLI = 'cli'
+const CVE_ALERT_PROPS_FIRST_PATCHED_VERSION_IDENTIFIER =
+  'firstPatchedVersionIdentifier'
+const DRY_RUN_LABEL = '[DryRun]'
+const DRY_RUN_BAIL_TEXT = `${DRY_RUN_LABEL}: Bailing now`
+const INLINED_SOCKET_CLI_LEGACY_BUILD = 'INLINED_SOCKET_CLI_LEGACY_BUILD'
+const INLINED_SOCKET_CLI_PUBLISHED_BUILD = 'INLINED_SOCKET_CLI_PUBLISHED_BUILD'
+const INLINED_SOCKET_CLI_SENTRY_BUILD = 'INLINED_SOCKET_CLI_SENTRY_BUILD'
+const LOCALAPPDATA = 'LOCALAPPDATA'
+const LOCK_EXT = '.lock'
+const MODULE_SYNC = 'module-sync'
+const NPM_BUGGY_OVERRIDES_PATCHED_VERSION = '11.2.0'
+const NPM_REGISTRY_URL = 'https://registry.npmjs.org'
+const PNPM = 'pnpm'
+const REDACTED = '<redacted>'
+const REQUIRE = 'require'
+const SHADOW_NPM_BIN = 'shadow-bin'
+const SHADOW_NPM_INJECT = 'shadow-npm-inject'
+const SHADOW_NPM_PATHS = 'shadow-npm-paths'
+const SOCKET = 'socket'
+const SOCKET_APP_DIR = 'socket/settings'
+const SOCKET_CLI_ACCEPT_RISKS = 'SOCKET_CLI_ACCEPT_RISKS'
+const SOCKET_CLI_BIN_NAME = 'socket'
+const SOCKET_CLI_BIN_NAME_ALIAS = 'cli'
+const SOCKET_CLI_DEBUG = 'SOCKET_CLI_DEBUG'
+const SOCKET_CLI_FIX = 'SOCKET_CLI_FIX'
+const SOCKET_CLI_ISSUES_URL = 'https://github.com/SocketDev/socket-cli/issues'
+const SOCKET_CLI_LEGACY_PACKAGE_NAME = `${SOCKET_SECURITY_SCOPE}/cli`
+const SOCKET_CLI_NO_API_TOKEN = 'SOCKET_CLI_NO_API_TOKEN'
+const SOCKET_CLI_OPTIMIZE = 'SOCKET_CLI_OPTIMIZE'
+const SOCKET_CLI_NPM_BIN_NAME = 'socket-npm'
+const SOCKET_CLI_NPX_BIN_NAME = 'socket-npx'
+const SOCKET_CLI_PACKAGE_NAME = 'socket'
+const SOCKET_CLI_SAFE_BIN = 'SOCKET_CLI_SAFE_BIN'
+const SOCKET_CLI_SAFE_PROGRESS = 'SOCKET_CLI_SAFE_PROGRESS'
+const SOCKET_CLI_SENTRY_BIN_NAME = 'socket-with-sentry'
+const SOCKET_CLI_SENTRY_BIN_NAME_ALIAS = 'cli-with-sentry'
+const SOCKET_CLI_SENTRY_NPM_BIN_NAME = 'socket-npm-with-sentry'
+const SOCKET_CLI_SENTRY_NPX_BIN_NAME = 'socket-npx-with-sentry'
+const SOCKET_CLI_SENTRY_PACKAGE_NAME = `${SOCKET_SECURITY_SCOPE}/cli-with-sentry`
+const SOCKET_CLI_VIEW_ALL_RISKS = 'SOCKET_CLI_VIEW_ALL_RISKS'
+const SOCKET_SECURITY_API_BASE_URL = 'SOCKET_SECURITY_API_BASE_URL'
+const SOCKET_SECURITY_API_PROXY = 'SOCKET_SECURITY_API_PROXY'
+const SOCKET_SECURITY_API_TOKEN = 'SOCKET_SECURITY_API_TOKEN'
+const VLT = 'vlt'
+const WITH_SENTRY = 'with-sentry'
+const XDG_DATA_HOME = 'XDG_DATA_HOME'
+const YARN = 'yarn'
+const YARN_BERRY = 'yarn/berry'
+const YARN_CLASSIC = 'yarn/classic'
+const YARN_LOCK = 'yarn.lock'
+let _Sentry
+const LAZY_DIST_TYPE = () =>
+  registryConstants.SUPPORTS_NODE_REQUIRE_MODULE ? MODULE_SYNC : REQUIRE
 const LAZY_ENV = () => {
-  const {
-    env: env$1
-  } = process;
+  const { env: env$1 } = process
   // We inline some environment values so that they CANNOT be influenced by user
   // provided environment variables.
   return Object.freeze({
     // Lazily access registryConstants.ENV.
     ...registryConstants.ENV,
-    // Inlined flag set to determine if this is the Legacy build.
+    // Inlined flag to determine if this is the Legacy build.
     // The '@rollup/plugin-replace' will replace "process.env[INLINED_SOCKET_CLI_LEGACY_BUILD]".
     INLINED_SOCKET_CLI_LEGACY_BUILD: false,
-    // Inlined flag set to determine if this is a published build.
+    // Inlined flag to determine if this is a published build.
     // The '@rollup/plugin-replace' will replace "process.env[INLINED_SOCKET_CLI_PUBLISHED_BUILD]".
     INLINED_SOCKET_CLI_PUBLISHED_BUILD: true,
-    // Inlined flag set to determine if this is the Sentry build.
+    // Inlined flag to determine if this is the Sentry build.
     // The '@rollup/plugin-replace' will replace "process.env[INLINED_SOCKET_CLI_SENTRY_BUILD]".
     INLINED_SOCKET_CLI_SENTRY_BUILD: true,
-    // Flag set to help debug Socket CLI.
+    // The location of the %localappdata% folder on Windows used to store user-specific,
+    // non-roaming application data, like temporary files, cached data, and program
+    // settings, that are specific to the current machine and user.
+    LOCALAPPDATA: env.envAsString(env$1['LOCALAPPDATA']),
+    // Flag to accepts risks of safe-npm and safe-npx run.
+    SOCKET_CLI_ACCEPT_RISKS: env.envAsBoolean(env$1['SOCKET_CLI_ACCEPT_RISKS']),
+    // Flag to help debug Socket CLI.
     SOCKET_CLI_DEBUG: env.envAsBoolean(env$1['SOCKET_CLI_DEBUG']),
-    // Flag set to make the default API token `undefined`.
-    SOCKET_CLI_NO_API_TOKEN: env.envAsBoolean(env$1['SOCKET_CLI_NO_API_TOKEN'])
-  });
-};
+    // Flag to make the default API token `undefined`.
+    SOCKET_CLI_NO_API_TOKEN: env.envAsBoolean(env$1['SOCKET_CLI_NO_API_TOKEN']),
+    // Flag to view all risks of safe-npm and safe-npx run.
+    SOCKET_CLI_VIEW_ALL_RISKS: env.envAsBoolean(
+      env$1['SOCKET_CLI_VIEW_ALL_RISKS']
+    ),
+    // Flag to change the base URL for all API-calls.
+    // https://github.com/SocketDev/socket-cli?tab=readme-ov-file#environment-variables-for-development
+    SOCKET_SECURITY_API_BASE_URL: env.envAsString(
+      env$1['SOCKET_SECURITY_API_BASE_URL']
+    ),
+    // Flag to set the proxy all requests are routed through.
+    // https://github.com/SocketDev/socket-cli?tab=readme-ov-file#environment-variables-for-development
+    SOCKET_SECURITY_API_PROXY: env.envAsString(
+      env$1['SOCKET_SECURITY_API_PROXY']
+    ),
+    // Flag to set the API token.
+    // https://github.com/SocketDev/socket-cli?tab=readme-ov-file#environment-variables
+    SOCKET_SECURITY_API_TOKEN:
+      env.envAsString(env$1['SOCKET_SECURITY_API_TOKEN']) ||
+      // Keep 'SOCKET_SECURITY_API_KEY' as an alias of 'SOCKET_SECURITY_API_TOKEN'.
+      // TODO: Remove 'SOCKET_SECURITY_API_KEY' alias.
+      env.envAsString(env$1['SOCKET_SECURITY_API_KEY']),
+    // The location of the base directory on Linux and MacOS used to store
+    // user-specific data files, defaulting to $HOME/.local/share if not set or empty.
+    XDG_DATA_HOME: env.envAsString(env$1['XDG_DATA_HOME'])
+  })
+}
 const lazyBashRcPath = () =>
-// Lazily access constants.homePath.
-path.join(constants.homePath, '.bashrc');
+  // Lazily access constants.homePath.
+  path.join(constants.homePath, '.bashrc')
 const lazyDistCliPath = () =>
-// Lazily access constants.distPath.
-path.join(constants.distPath, 'cli.js');
+  // Lazily access constants.distPath.
+  path.join(constants.distPath, 'cli.js')
 const lazyDistInstrumentWithSentryPath = () =>
-// Lazily access constants.rootDistPath.
-path.join(constants.rootDistPath, 'instrument-with-sentry.js');
+  // Lazily access constants.rootDistPath.
+  path.join(constants.rootDistPath, 'instrument-with-sentry.js')
 const lazyDistPath = () =>
-// Lazily access constants.rootDistPath and constants.DIST_TYPE.
-path.join(constants.rootDistPath, constants.DIST_TYPE);
+  // Lazily access constants.rootDistPath and constants.DIST_TYPE.
+  path.join(constants.rootDistPath, constants.DIST_TYPE)
 const lazyDistShadowNpmBinPath = () =>
-// Lazily access constants.distPath.
-path.join(constants.distPath, `${SHADOW_NPM_BIN}.js`);
+  // Lazily access constants.distPath.
+  path.join(constants.distPath, `${SHADOW_NPM_BIN}.js`)
 const lazyDistShadowNpmInjectPath = () =>
-// Lazily access constants.distPath.
-path.join(constants.distPath, `${SHADOW_NPM_INJECT}.js`);
-const lazyHomePath = () => os.homedir();
-const lazyMinimumVersionByAgent = () => new Map([
-// Bun >=1.1.39 supports the text-based lockfile.
-// https://bun.sh/blog/bun-lock-text-lockfile
-[BUN, '1.1.39'],
-// The npm version bundled with Node 18.
-// https://nodejs.org/en/about/previous-releases#looking-for-the-latest-release-of-a-version-branch
-[NPM, '10.8.2'],
-// 8.x is the earliest version to support Node 18.
-// https://pnpm.io/installation#compatibility
-// https://www.npmjs.com/package/pnpm?activeTab=versions
-[PNPM, '8.15.9'],
-// 4.x supports >= Node 18.12.0
-// https://github.com/yarnpkg/berry/blob/%40yarnpkg/core/4.1.0/CHANGELOG.md#400
-[YARN_BERRY, '4.0.0'],
-// Latest 1.x.
-// https://www.npmjs.com/package/yarn?activeTab=versions
-[YARN_CLASSIC, '1.22.22'],
-// vlt does not support overrides so we don't gate on it.
-[VLT, '*']]);
+  // Lazily access constants.distPath.
+  path.join(constants.distPath, `${SHADOW_NPM_INJECT}.js`)
+const lazyHomePath = () => os.homedir()
+const lazyMinimumVersionByAgent = () =>
+  new Map([
+    // Bun >=1.1.39 supports the text-based lockfile.
+    // https://bun.sh/blog/bun-lock-text-lockfile
+    [BUN, '1.1.39'],
+    // The npm version bundled with Node 18.
+    // https://nodejs.org/en/about/previous-releases#looking-for-the-latest-release-of-a-version-branch
+    [NPM, '10.8.2'],
+    // 8.x is the earliest version to support Node 18.
+    // https://pnpm.io/installation#compatibility
+    // https://www.npmjs.com/package/pnpm?activeTab=versions
+    [PNPM, '8.15.9'],
+    // 4.x supports >= Node 18.12.0
+    // https://github.com/yarnpkg/berry/blob/%40yarnpkg/core/4.1.0/CHANGELOG.md#400
+    [YARN_BERRY, '4.0.0'],
+    // Latest 1.x.
+    // https://www.npmjs.com/package/yarn?activeTab=versions
+    [YARN_CLASSIC, '1.22.22'],
+    // vlt does not support overrides so we don't gate on it.
+    [VLT, '*']
+  ])
 const lazyNmBinPath = () =>
-// Lazily access constants.rootPath.
-path.join(constants.rootPath, `${NODE_MODULES}/.bin`);
+  // Lazily access constants.rootPath.
+  path.join(constants.rootPath, `${NODE_MODULES}/.bin`)
 
 // Redefine registryConstants.nodeHardenFlags to account for the
 // INLINED_SOCKET_CLI_SENTRY_BUILD environment variable.
 const lazyNodeHardenFlags = () =>
-// The '@rollup/plugin-replace' will replace "process.env[INLINED_SOCKET_CLI_SENTRY_BUILD]".
-// Lazily access constants.WIN32.
-[] ;
+  // The '@rollup/plugin-replace' will replace "process.env[INLINED_SOCKET_CLI_SENTRY_BUILD]".
+  []
 const lazyRootBinPath = () =>
-// Lazily access constants.rootPath.
-path.join(constants.rootPath, 'bin');
+  // Lazily access constants.rootPath.
+  path.join(constants.rootPath, 'bin')
 const lazyRootDistPath = () =>
-// Lazily access constants.rootPath.
-path.join(constants.rootPath, 'dist');
+  // Lazily access constants.rootPath.
+  path.join(constants.rootPath, 'dist')
 const lazyRootPath = () =>
-// The '@rollup/plugin-replace' will replace "process.env['INLINED_SOCKET_CLI_TEST_DIST_BUILD']".
-path.join(fs.realpathSync.native(__dirname), '..');
+  path.join(
+    fs.realpathSync.native(__dirname),
+    // The '@rollup/plugin-replace' will replace "process.env['INLINED_SOCKET_CLI_TEST_DIST_BUILD']".
+    '..'
+  )
 const lazyShadowBinPath = () =>
-// Lazily access constants.rootPath.
-path.join(constants.rootPath, SHADOW_NPM_BIN);
+  // Lazily access constants.rootPath.
+  path.join(constants.rootPath, SHADOW_NPM_BIN)
 const lazyZshRcPath = () =>
-// Lazily access constants.homePath.
-path.join(constants.homePath, '.zshrc');
-const constants = createConstantsObject({
-  ALERT_TYPE_CRITICAL_CVE,
-  ALERT_TYPE_CVE,
-  ALERT_TYPE_MEDIUM_CVE,
-  ALERT_TYPE_MILD_CVE,
-  API_V0_URL,
-  BINARY_LOCK_EXT,
-  BUN,
-  CLI,
-  CVE_ALERT_PROPS_FIRST_PATCHED_VERSION_IDENTIFIER,
-  // Lazily defined values are initialized as `undefined` to keep their key order.
-  DIST_TYPE: undefined,
-  DRY_RUN_LABEL,
-  DRY_RUN_BAIL_TEXT,
-  ENV: undefined,
-  INLINED_SOCKET_CLI_LEGACY_BUILD,
-  INLINED_SOCKET_CLI_PUBLISHED_BUILD,
-  INLINED_SOCKET_CLI_SENTRY_BUILD,
-  LOCK_EXT,
-  MODULE_SYNC,
-  NPM_BUGGY_OVERRIDES_PATCHED_VERSION,
-  NPM_REGISTRY_URL,
-  PNPM,
-  REDACTED,
-  REQUIRE,
-  SHADOW_NPM_BIN,
-  SHADOW_NPM_INJECT,
-  SHADOW_NPM_PATHS,
-  SOCKET,
-  SOCKET_CLI_BIN_NAME,
-  SOCKET_CLI_BIN_NAME_ALIAS,
-  SOCKET_CLI_DEBUG,
-  SOCKET_CLI_FIX,
-  SOCKET_CLI_ISSUES_URL,
-  SOCKET_CLI_SENTRY_BIN_NAME_ALIAS,
-  SOCKET_CLI_LEGACY_PACKAGE_NAME,
-  SOCKET_CLI_NO_API_TOKEN,
-  SOCKET_CLI_NPM_BIN_NAME,
-  SOCKET_CLI_NPX_BIN_NAME,
-  SOCKET_CLI_OPTIMIZE,
-  SOCKET_CLI_PACKAGE_NAME,
-  SOCKET_CLI_SAFE_WRAPPER,
-  SOCKET_CLI_SENTRY_BIN_NAME,
-  SOCKET_CLI_SENTRY_NPM_BIN_NAME,
-  SOCKET_CLI_SENTRY_NPX_BIN_NAME,
-  SOCKET_CLI_SENTRY_PACKAGE_NAME,
-  VLT,
-  WITH_SENTRY,
-  YARN,
-  YARN_BERRY,
-  YARN_CLASSIC,
-  YARN_LOCK,
-  bashRcPath: undefined,
-  distCliPath: undefined,
-  distInstrumentWithSentryPath: undefined,
-  distPath: undefined,
-  distShadowNpmBinPath: undefined,
-  distShadowNpmInjectPath: undefined,
-  homePath: undefined,
-  minimumVersionByAgent: undefined,
-  nmBinPath: undefined,
-  nodeHardenFlags: undefined,
-  rootBinPath: undefined,
-  rootDistPath: undefined,
-  rootPath: undefined,
-  shadowBinPath: undefined,
-  zshRcPath: undefined
-}, {
-  getters: {
-    DIST_TYPE: LAZY_DIST_TYPE,
-    ENV: LAZY_ENV,
-    bashRcPath: lazyBashRcPath,
-    distCliPath: lazyDistCliPath,
-    distInstrumentWithSentryPath: lazyDistInstrumentWithSentryPath,
-    distPath: lazyDistPath,
-    distShadowNpmBinPath: lazyDistShadowNpmBinPath,
-    distShadowNpmInjectPath: lazyDistShadowNpmInjectPath,
-    homePath: lazyHomePath,
-    minimumVersionByAgent: lazyMinimumVersionByAgent,
-    nmBinPath: lazyNmBinPath,
-    nodeHardenFlags: lazyNodeHardenFlags,
-    rootBinPath: lazyRootBinPath,
-    rootDistPath: lazyRootDistPath,
-    rootPath: lazyRootPath,
-    shadowBinPath: lazyShadowBinPath,
-    zshRcPath: lazyZshRcPath
+  // Lazily access constants.homePath.
+  path.join(constants.homePath, '.zshrc')
+const constants = createConstantsObject(
+  {
+    ALERT_TYPE_CRITICAL_CVE,
+    ALERT_TYPE_CVE,
+    ALERT_TYPE_MEDIUM_CVE,
+    ALERT_TYPE_MILD_CVE,
+    API_V0_URL,
+    BINARY_LOCK_EXT,
+    BUN,
+    CLI,
+    CVE_ALERT_PROPS_FIRST_PATCHED_VERSION_IDENTIFIER,
+    // Lazily defined values are initialized as `undefined` to keep their key order.
+    DIST_TYPE: undefined,
+    DRY_RUN_LABEL,
+    DRY_RUN_BAIL_TEXT,
+    ENV: undefined,
+    INLINED_SOCKET_CLI_LEGACY_BUILD,
+    INLINED_SOCKET_CLI_PUBLISHED_BUILD,
+    INLINED_SOCKET_CLI_SENTRY_BUILD,
+    LOCALAPPDATA,
+    LOCK_EXT,
+    MODULE_SYNC,
+    NPM_BUGGY_OVERRIDES_PATCHED_VERSION,
+    NPM_REGISTRY_URL,
+    PNPM,
+    REDACTED,
+    REQUIRE,
+    SHADOW_NPM_BIN,
+    SHADOW_NPM_INJECT,
+    SHADOW_NPM_PATHS,
+    SOCKET,
+    SOCKET_APP_DIR,
+    SOCKET_CLI_ACCEPT_RISKS,
+    SOCKET_CLI_BIN_NAME,
+    SOCKET_CLI_BIN_NAME_ALIAS,
+    SOCKET_CLI_DEBUG,
+    SOCKET_CLI_FIX,
+    SOCKET_CLI_ISSUES_URL,
+    SOCKET_CLI_SENTRY_BIN_NAME_ALIAS,
+    SOCKET_CLI_LEGACY_PACKAGE_NAME,
+    SOCKET_CLI_NO_API_TOKEN,
+    SOCKET_CLI_NPM_BIN_NAME,
+    SOCKET_CLI_NPX_BIN_NAME,
+    SOCKET_CLI_OPTIMIZE,
+    SOCKET_CLI_PACKAGE_NAME,
+    SOCKET_CLI_SAFE_BIN,
+    SOCKET_CLI_SAFE_PROGRESS,
+    SOCKET_CLI_SENTRY_BIN_NAME,
+    SOCKET_CLI_SENTRY_NPM_BIN_NAME,
+    SOCKET_CLI_SENTRY_NPX_BIN_NAME,
+    SOCKET_CLI_SENTRY_PACKAGE_NAME,
+    SOCKET_CLI_VIEW_ALL_RISKS,
+    SOCKET_SECURITY_API_BASE_URL,
+    SOCKET_SECURITY_API_PROXY,
+    SOCKET_SECURITY_API_TOKEN,
+    VLT,
+    WITH_SENTRY,
+    XDG_DATA_HOME,
+    YARN,
+    YARN_BERRY,
+    YARN_CLASSIC,
+    YARN_LOCK,
+    bashRcPath: undefined,
+    distCliPath: undefined,
+    distInstrumentWithSentryPath: undefined,
+    distPath: undefined,
+    distShadowNpmBinPath: undefined,
+    distShadowNpmInjectPath: undefined,
+    homePath: undefined,
+    minimumVersionByAgent: undefined,
+    nmBinPath: undefined,
+    nodeHardenFlags: undefined,
+    rootBinPath: undefined,
+    rootDistPath: undefined,
+    rootPath: undefined,
+    shadowBinPath: undefined,
+    zshRcPath: undefined
   },
-  internals: {
-    getIpc,
-    getSentry() {
-      return _Sentry;
+  {
+    getters: {
+      DIST_TYPE: LAZY_DIST_TYPE,
+      ENV: LAZY_ENV,
+      bashRcPath: lazyBashRcPath,
+      distCliPath: lazyDistCliPath,
+      distInstrumentWithSentryPath: lazyDistInstrumentWithSentryPath,
+      distPath: lazyDistPath,
+      distShadowNpmBinPath: lazyDistShadowNpmBinPath,
+      distShadowNpmInjectPath: lazyDistShadowNpmInjectPath,
+      homePath: lazyHomePath,
+      minimumVersionByAgent: lazyMinimumVersionByAgent,
+      nmBinPath: lazyNmBinPath,
+      nodeHardenFlags: lazyNodeHardenFlags,
+      rootBinPath: lazyRootBinPath,
+      rootDistPath: lazyRootDistPath,
+      rootPath: lazyRootPath,
+      shadowBinPath: lazyShadowBinPath,
+      zshRcPath: lazyZshRcPath
     },
-    setSentry(Sentry) {
-      if (_Sentry === undefined) {
-        _Sentry = Sentry;
-        return true;
+    internals: {
+      getIpc,
+      getSentry() {
+        return _Sentry
+      },
+      setSentry(Sentry) {
+        if (_Sentry === undefined) {
+          _Sentry = Sentry
+          return true
+        }
+        return false
       }
-      return false;
-    }
-  },
-  mixin: registryConstants
-});
+    },
+    mixin: registryConstants
+  }
+)
 
-module.exports = constants;
-//# debugId=a25f34c5-c5a4-4a2d-a4d0-03e4d7369a93
+module.exports = constants
+//# debugId=5b0e4686-31cf-4423-99c5-f986ce441719
 //# sourceMappingURL=constants.js.map

package/dist/constants.js.map

@@ -1 +1 @@
-{"version":3,"file":"constants.js","sources":["../../src/constants.ts"],"sourcesContent":["import { realpathSync } from 'node:fs'\nimport os from 'node:os'\nimport path from 'node:path'\nimport process from 'node:process'\n\nimport registryConstants from '@socketsecurity/registry/lib/constants'\nimport { envAsBoolean } from '@socketsecurity/registry/lib/env'\n\nimport type { Agent } from './utils/package-environment'\nimport type { Remap } from '@socketsecurity/registry/lib/objects'\n\nconst {\n  NODE_MODULES,\n  NPM,\n  SOCKET_SECURITY_SCOPE,\n  kInternalsSymbol,\n  [kInternalsSymbol as unknown as 'Symbol(kInternalsSymbol)']: {\n    createConstantsObject,\n    getIpc\n  }\n} = registryConstants\n\ntype RegistryEnv = typeof registryConstants.ENV\n\ntype RegistryInternals = (typeof registryConstants)['Symbol(kInternalsSymbol)']\n\ntype Sentry = any\n\ntype Internals = Remap<\n  Omit<RegistryInternals, 'getIpc'> &\n    Readonly<{\n      getIpc: {\n        (): Promise<IPC>\n        <K extends keyof IPC | undefined>(\n          key?: K | undefined\n        ): Promise<K extends keyof IPC ? IPC[K] : IPC>\n      }\n      getSentry: () => Sentry\n      setSentry(Sentry: Sentry): boolean\n    }>\n>\n\ntype ENV = Remap<\n  RegistryEnv &\n    Readonly<{\n      SOCKET_CLI_DEBUG: boolean\n      SOCKET_CLI_NO_API_TOKEN: boolean\n    }>\n>\n\ntype IPC = Readonly<{\n  SOCKET_CLI_FIX?: string | undefined\n  SOCKET_CLI_OPTIMIZE?: boolean | undefined\n  SOCKET_CLI_SAFE_WRAPPER?: string | undefined\n}>\n\ntype Constants = Remap<\n  Omit<typeof registryConstants, 'Symbol(kInternalsSymbol)' | 'ENV' | 'IPC'> & {\n    readonly 'Symbol(kInternalsSymbol)': Internals\n    readonly ALERT_TYPE_CRITICAL_CVE: 'criticalCVE'\n    readonly ALERT_TYPE_CVE: 'cve'\n    readonly ALERT_TYPE_MEDIUM_CVE: 'mediumCVE'\n    readonly ALERT_TYPE_MILD_CVE: 'mildCVE'\n    readonly API_V0_URL: 'https://api.socket.dev/v0/'\n    readonly BINARY_LOCK_EXT: '.lockb'\n    readonly BUN: 'bun'\n    readonly CLI: 'cli'\n    readonly CVE_ALERT_PROPS_FIRST_PATCHED_VERSION_IDENTIFIER: 'firstPatchedVersionIdentifier'\n    readonly ENV: ENV\n    readonly DIST_TYPE: 'module-sync' | 'require'\n    readonly DRY_RUN_LABEL: '[DryRun]'\n    readonly DRY_RUN_BAIL_TEXT: '[DryRun] Bailing now'\n    readonly INLINED_SOCKET_CLI_LEGACY_BUILD: 'INLINED_SOCKET_CLI_LEGACY_BUILD'\n    readonly INLINED_SOCKET_CLI_PUBLISHED_BUILD: 'INLINED_SOCKET_CLI_PUBLISHED_BUILD'\n    readonly INLINED_SOCKET_CLI_SENTRY_BUILD: 'INLINED_SOCKET_CLI_SENTRY_BUILD'\n    readonly IPC: IPC\n    readonly LOCK_EXT: '.lock'\n    readonly MODULE_SYNC: 'module-sync'\n    readonly NPM_BUGGY_OVERRIDES_PATCHED_VERSION: '11.2.0'\n    readonly NPM_REGISTRY_URL: 'https://registry.npmjs.org'\n    readonly PNPM: 'pnpm'\n    readonly REDACTED: '<redacted>'\n    readonly REQUIRE: 'require'\n    readonly SHADOW_NPM_BIN: 'shadow-bin'\n    readonly SHADOW_NPM_INJECT: 'shadow-npm-inject'\n    readonly SHADOW_NPM_PATHS: 'shadow-npm-paths'\n    readonly SOCKET: 'socket'\n    readonly SOCKET_CLI_BIN_NAME: 'socket'\n    readonly SOCKET_CLI_BIN_NAME_ALIAS: 'cli'\n    readonly SOCKET_CLI_DEBUG: 'SOCKET_CLI_DEBUG'\n    readonly SOCKET_CLI_FIX: 'SOCKET_CLI_FIX'\n    readonly SOCKET_CLI_ISSUES_URL: 'https://github.com/SocketDev/socket-cli/issues'\n    readonly SOCKET_CLI_SENTRY_BIN_NAME_ALIAS: 'cli-with-sentry'\n    readonly SOCKET_CLI_LEGACY_PACKAGE_NAME: '@socketsecurity/cli'\n    readonly SOCKET_CLI_NO_API_TOKEN: 'SOCKET_CLI_NO_API_TOKEN'\n    readonly SOCKET_CLI_NPM_BIN_NAME: 'socket-npm'\n    readonly SOCKET_CLI_NPX_BIN_NAME: 'socket-npx'\n    readonly SOCKET_CLI_OPTIMIZE: 'SOCKET_CLI_OPTIMIZE'\n    readonly SOCKET_CLI_PACKAGE_NAME: 'socket'\n    readonly SOCKET_CLI_SAFE_WRAPPER: 'SOCKET_CLI_SAFE_WRAPPER'\n    readonly SOCKET_CLI_SENTRY_BIN_NAME: 'socket-with-sentry'\n    readonly SOCKET_CLI_SENTRY_NPM_BIN_NAME: 'socket-npm-with-sentry'\n    readonly SOCKET_CLI_SENTRY_NPX_BIN_NAME: 'socket-npx-with-sentry'\n    readonly SOCKET_CLI_SENTRY_PACKAGE_NAME: '@socketsecurity/cli-with-sentry'\n    readonly VLT: 'vlt'\n    readonly WITH_SENTRY: 'with-sentry'\n    readonly YARN: 'yarn'\n    readonly YARN_BERRY: 'yarn/berry'\n    readonly YARN_CLASSIC: 'yarn/classic'\n    readonly YARN_LOCK: 'yarn.lock'\n    readonly bashRcPath: string\n    readonly distCliPath: string\n    readonly distInstrumentWithSentryPath: string\n    readonly distPath: string\n    readonly distShadowNpmBinPath: string\n    readonly distShadowNpmInjectPath: string\n    readonly homePath: string\n    readonly minimumVersionByAgent: Map<Agent, string>\n    readonly nmBinPath: string\n    readonly nodeHardenFlags: string[]\n    readonly rootBinPath: string\n    readonly rootDistPath: string\n    readonly rootPath: string\n    readonly shadowBinPath: string\n    readonly zshRcPath: string\n  }\n>\n\nconst ALERT_TYPE_CRITICAL_CVE = 'criticalCVE'\nconst ALERT_TYPE_CVE = 'cve'\nconst ALERT_TYPE_MEDIUM_CVE = 'mediumCVE'\nconst ALERT_TYPE_MILD_CVE = 'mildCVE'\nconst API_V0_URL = 'https://api.socket.dev/v0/'\nconst BINARY_LOCK_EXT = '.lockb'\nconst BUN = 'bun'\nconst CLI = 'cli'\nconst CVE_ALERT_PROPS_FIRST_PATCHED_VERSION_IDENTIFIER =\n  'firstPatchedVersionIdentifier'\nconst DRY_RUN_LABEL = '[DryRun]'\nconst DRY_RUN_BAIL_TEXT = `${DRY_RUN_LABEL}: Bailing now`\nconst INLINED_SOCKET_CLI_LEGACY_BUILD = 'INLINED_SOCKET_CLI_LEGACY_BUILD'\nconst INLINED_SOCKET_CLI_PUBLISHED_BUILD = 'INLINED_SOCKET_CLI_PUBLISHED_BUILD'\nconst INLINED_SOCKET_CLI_SENTRY_BUILD = 'INLINED_SOCKET_CLI_SENTRY_BUILD'\nconst LOCK_EXT = '.lock'\nconst MODULE_SYNC = 'module-sync'\nconst NPM_BUGGY_OVERRIDES_PATCHED_VERSION = '11.2.0'\nconst NPM_REGISTRY_URL = 'https://registry.npmjs.org'\nconst PNPM = 'pnpm'\nconst REDACTED = '<redacted>'\nconst REQUIRE = 'require'\nconst SHADOW_NPM_BIN = 'shadow-bin'\nconst SHADOW_NPM_INJECT = 'shadow-npm-inject'\nconst SHADOW_NPM_PATHS = 'shadow-npm-paths'\nconst SOCKET = 'socket'\nconst SOCKET_CLI_BIN_NAME = 'socket'\nconst SOCKET_CLI_BIN_NAME_ALIAS = 'cli'\nconst SOCKET_CLI_DEBUG = 'SOCKET_CLI_DEBUG'\nconst SOCKET_CLI_FIX = 'SOCKET_CLI_FIX'\nconst SOCKET_CLI_ISSUES_URL = 'https://github.com/SocketDev/socket-cli/issues'\nconst SOCKET_CLI_LEGACY_PACKAGE_NAME = `${SOCKET_SECURITY_SCOPE}/cli`\nconst SOCKET_CLI_NO_API_TOKEN = 'SOCKET_CLI_NO_API_TOKEN'\nconst SOCKET_CLI_OPTIMIZE = 'SOCKET_CLI_OPTIMIZE'\nconst SOCKET_CLI_NPM_BIN_NAME = 'socket-npm'\nconst SOCKET_CLI_NPX_BIN_NAME = 'socket-npx'\nconst SOCKET_CLI_PACKAGE_NAME = 'socket'\nconst SOCKET_CLI_SAFE_WRAPPER = 'SOCKET_CLI_SAFE_WRAPPER'\nconst SOCKET_CLI_SENTRY_BIN_NAME = 'socket-with-sentry'\nconst SOCKET_CLI_SENTRY_BIN_NAME_ALIAS = 'cli-with-sentry'\nconst SOCKET_CLI_SENTRY_NPM_BIN_NAME = 'socket-npm-with-sentry'\nconst SOCKET_CLI_SENTRY_NPX_BIN_NAME = 'socket-npx-with-sentry'\nconst SOCKET_CLI_SENTRY_PACKAGE_NAME = `${SOCKET_SECURITY_SCOPE}/cli-with-sentry`\nconst VLT = 'vlt'\nconst WITH_SENTRY = 'with-sentry'\nconst YARN = 'yarn'\nconst YARN_BERRY = 'yarn/berry'\nconst YARN_CLASSIC = 'yarn/classic'\nconst YARN_LOCK = 'yarn.lock'\n\nlet _Sentry: any\n\nconst LAZY_DIST_TYPE = () =>\n  registryConstants.SUPPORTS_NODE_REQUIRE_MODULE ? MODULE_SYNC : REQUIRE\n\nconst LAZY_ENV = () => {\n  const { env } = process\n  // We inline some environment values so that they CANNOT be influenced by user\n  // provided environment variables.\n  return Object.freeze({\n    // Lazily access registryConstants.ENV.\n    ...registryConstants.ENV,\n    // Inlined flag set to determine if this is the Legacy build.\n    // The '@rollup/plugin-replace' will replace \"process.env[INLINED_SOCKET_CLI_LEGACY_BUILD]\".\n    INLINED_SOCKET_CLI_LEGACY_BUILD:\n      process.env['INLINED_SOCKET_CLI_LEGACY_BUILD'],\n    // Inlined flag set to determine if this is a published build.\n    // The '@rollup/plugin-replace' will replace \"process.env[INLINED_SOCKET_CLI_PUBLISHED_BUILD]\".\n    INLINED_SOCKET_CLI_PUBLISHED_BUILD:\n      process.env['INLINED_SOCKET_CLI_PUBLISHED_BUILD'],\n    // Inlined flag set to determine if this is the Sentry build.\n    // The '@rollup/plugin-replace' will replace \"process.env[INLINED_SOCKET_CLI_SENTRY_BUILD]\".\n    INLINED_SOCKET_CLI_SENTRY_BUILD:\n      process.env['INLINED_SOCKET_CLI_SENTRY_BUILD'],\n    // Flag set to help debug Socket CLI.\n    SOCKET_CLI_DEBUG: envAsBoolean(env['SOCKET_CLI_DEBUG']),\n    // Flag set to make the default API token `undefined`.\n    SOCKET_CLI_NO_API_TOKEN: envAsBoolean(env['SOCKET_CLI_NO_API_TOKEN'])\n  })\n}\n\nconst lazyBashRcPath = () =>\n  // Lazily access constants.homePath.\n  path.join(constants.homePath, '.bashrc')\n\nconst lazyDistCliPath = () =>\n  // Lazily access constants.distPath.\n  path.join(constants.distPath, 'cli.js')\n\nconst lazyDistInstrumentWithSentryPath = () =>\n  // Lazily access constants.rootDistPath.\n  path.join(constants.rootDistPath, 'instrument-with-sentry.js')\n\nconst lazyDistPath = () =>\n  // Lazily access constants.rootDistPath and constants.DIST_TYPE.\n  path.join(constants.rootDistPath, constants.DIST_TYPE)\n\nconst lazyDistShadowNpmBinPath = () =>\n  // Lazily access constants.distPath.\n  path.join(constants.distPath, `${SHADOW_NPM_BIN}.js`)\n\nconst lazyDistShadowNpmInjectPath = () =>\n  // Lazily access constants.distPath.\n  path.join(constants.distPath, `${SHADOW_NPM_INJECT}.js`)\n\nconst lazyHomePath = () => os.homedir()\n\nconst lazyMinimumVersionByAgent = () =>\n  new Map([\n    // Bun >=1.1.39 supports the text-based lockfile.\n    // https://bun.sh/blog/bun-lock-text-lockfile\n    [BUN, '1.1.39'],\n    // The npm version bundled with Node 18.\n    // https://nodejs.org/en/about/previous-releases#looking-for-the-latest-release-of-a-version-branch\n    [NPM, '10.8.2'],\n    // 8.x is the earliest version to support Node 18.\n    // https://pnpm.io/installation#compatibility\n    // https://www.npmjs.com/package/pnpm?activeTab=versions\n    [PNPM, '8.15.9'],\n    // 4.x supports >= Node 18.12.0\n    // https://github.com/yarnpkg/berry/blob/%40yarnpkg/core/4.1.0/CHANGELOG.md#400\n    [YARN_BERRY, '4.0.0'],\n    // Latest 1.x.\n    // https://www.npmjs.com/package/yarn?activeTab=versions\n    [YARN_CLASSIC, '1.22.22'],\n    // vlt does not support overrides so we don't gate on it.\n    [VLT, '*']\n  ])\n\nconst lazyNmBinPath = () =>\n  // Lazily access constants.rootPath.\n  path.join(constants.rootPath, `${NODE_MODULES}/.bin`)\n\n// Redefine registryConstants.nodeHardenFlags to account for the\n// INLINED_SOCKET_CLI_SENTRY_BUILD environment variable.\nconst lazyNodeHardenFlags = () =>\n  // The '@rollup/plugin-replace' will replace \"process.env[INLINED_SOCKET_CLI_SENTRY_BUILD]\".\n  // Lazily access constants.WIN32.\n  process.env['INLINED_SOCKET_CLI_SENTRY_BUILD'] || constants.WIN32\n    ? []\n    : // Harden Node security.\n      // https://nodejs.org/en/learn/getting-started/security-best-practices\n      // We have contributed the following patches to our dependencies to make\n      // Node's --frozen-intrinsics workable.\n      // √ https://github.com/SBoudrias/Inquirer.js/pull/1683\n      // √ https://github.com/pnpm/components/pull/23\n      ['--disable-proto', 'delete', '--frozen-intrinsics', '--no-deprecation']\n\nconst lazyRootBinPath = () =>\n  // Lazily access constants.rootPath.\n  path.join(constants.rootPath, 'bin')\n\nconst lazyRootDistPath = () =>\n  // Lazily access constants.rootPath.\n  path.join(constants.rootPath, 'dist')\n\nconst lazyRootPath = () =>\n  // The '@rollup/plugin-replace' will replace \"process.env['INLINED_SOCKET_CLI_TEST_DIST_BUILD']\".\n  path.join(\n    realpathSync.native(__dirname),\n    process.env['INLINED_SOCKET_CLI_TEST_DIST_BUILD'] ? '../..' : '..'\n  )\n\nconst lazyShadowBinPath = () =>\n  // Lazily access constants.rootPath.\n  path.join(constants.rootPath, SHADOW_NPM_BIN)\n\nconst lazyZshRcPath = () =>\n  // Lazily access constants.homePath.\n  path.join(constants.homePath, '.zshrc')\n\nconst constants = createConstantsObject(\n  {\n    ALERT_TYPE_CRITICAL_CVE,\n    ALERT_TYPE_CVE,\n    ALERT_TYPE_MEDIUM_CVE,\n    ALERT_TYPE_MILD_CVE,\n    API_V0_URL,\n    BINARY_LOCK_EXT,\n    BUN,\n    CLI,\n    CVE_ALERT_PROPS_FIRST_PATCHED_VERSION_IDENTIFIER,\n    // Lazily defined values are initialized as `undefined` to keep their key order.\n    DIST_TYPE: undefined,\n    DRY_RUN_LABEL,\n    DRY_RUN_BAIL_TEXT,\n    ENV: undefined,\n    INLINED_SOCKET_CLI_LEGACY_BUILD,\n    INLINED_SOCKET_CLI_PUBLISHED_BUILD,\n    INLINED_SOCKET_CLI_SENTRY_BUILD,\n    LOCK_EXT,\n    MODULE_SYNC,\n    NPM_BUGGY_OVERRIDES_PATCHED_VERSION,\n    NPM_REGISTRY_URL,\n    PNPM,\n    REDACTED,\n    REQUIRE,\n    SHADOW_NPM_BIN,\n    SHADOW_NPM_INJECT,\n    SHADOW_NPM_PATHS,\n    SOCKET,\n    SOCKET_CLI_BIN_NAME,\n    SOCKET_CLI_BIN_NAME_ALIAS,\n    SOCKET_CLI_DEBUG,\n    SOCKET_CLI_FIX,\n    SOCKET_CLI_ISSUES_URL,\n    SOCKET_CLI_SENTRY_BIN_NAME_ALIAS,\n    SOCKET_CLI_LEGACY_PACKAGE_NAME,\n    SOCKET_CLI_NO_API_TOKEN,\n    SOCKET_CLI_NPM_BIN_NAME,\n    SOCKET_CLI_NPX_BIN_NAME,\n    SOCKET_CLI_OPTIMIZE,\n    SOCKET_CLI_PACKAGE_NAME,\n    SOCKET_CLI_SAFE_WRAPPER,\n    SOCKET_CLI_SENTRY_BIN_NAME,\n    SOCKET_CLI_SENTRY_NPM_BIN_NAME,\n    SOCKET_CLI_SENTRY_NPX_BIN_NAME,\n    SOCKET_CLI_SENTRY_PACKAGE_NAME,\n    VLT,\n    WITH_SENTRY,\n    YARN,\n    YARN_BERRY,\n    YARN_CLASSIC,\n    YARN_LOCK,\n    bashRcPath: undefined,\n    distCliPath: undefined,\n    distInstrumentWithSentryPath: undefined,\n    distPath: undefined,\n    distShadowNpmBinPath: undefined,\n    distShadowNpmInjectPath: undefined,\n    homePath: undefined,\n    minimumVersionByAgent: undefined,\n    nmBinPath: undefined,\n    nodeHardenFlags: undefined,\n    rootBinPath: undefined,\n    rootDistPath: undefined,\n    rootPath: undefined,\n    shadowBinPath: undefined,\n    zshRcPath: undefined\n  },\n  {\n    getters: {\n      DIST_TYPE: LAZY_DIST_TYPE,\n      ENV: LAZY_ENV,\n      bashRcPath: lazyBashRcPath,\n      distCliPath: lazyDistCliPath,\n      distInstrumentWithSentryPath: lazyDistInstrumentWithSentryPath,\n      distPath: lazyDistPath,\n      distShadowNpmBinPath: lazyDistShadowNpmBinPath,\n      distShadowNpmInjectPath: lazyDistShadowNpmInjectPath,\n      homePath: lazyHomePath,\n      minimumVersionByAgent: lazyMinimumVersionByAgent,\n      nmBinPath: lazyNmBinPath,\n      nodeHardenFlags: lazyNodeHardenFlags,\n      rootBinPath: lazyRootBinPath,\n      rootDistPath: lazyRootDistPath,\n      rootPath: lazyRootPath,\n      shadowBinPath: lazyShadowBinPath,\n      zshRcPath: lazyZshRcPath\n    },\n    internals: {\n      getIpc,\n      getSentry() {\n        return _Sentry\n      },\n      setSentry(Sentry: Sentry): boolean {\n        if (_Sentry === undefined) {\n          _Sentry = Sentry\n          return true\n        }\n        return false\n      }\n    },\n    mixin: registryConstants\n  }\n) as Constants\n\nexport default constants\n"],"names":["getIpc","env","INLINED_SOCKET_CLI_LEGACY_BUILD","INLINED_SOCKET_CLI_PUBLISHED_BUILD","INLINED_SOCKET_CLI_SENTRY_BUILD","SOCKET_CLI_DEBUG","SOCKET_CLI_NO_API_TOKEN","path","constants","DIST_TYPE","ENV","bashRcPath","distCliPath","distInstrumentWithSentryPath","distPath","distShadowNpmBinPath","distShadowNpmInjectPath","homePath","minimumVersionByAgent","nmBinPath","nodeHardenFlags","rootBinPath","rootDistPath","rootPath","shadowBinPath","zshRcPath","getters","internals","getSentry","_Sentry","mixin"],"mappings":";;;;;;;;;AAWA;;;;;AAKE;;AAEEA;AACF;AACF;AA4GA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAEA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAEA;AAEA;AAGA;;AACUC;AAAI;AACZ;AACA;;AAEE;;AAEA;AACA;AACAC;AAEA;AACA;AACAC;AAEA;AACA;AACAC;AAEA;AACAC;AACA;AACAC;AACF;AACF;AAEA;AACE;AACAC;AAEF;AACE;AACAA;AAEF;AACE;AACAA;AAEF;AACE;AACAA;AAEF;AACE;AACAA;AAEF;AACE;AACAA;AAEF;AAEA;AAEI;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAGJ;AACE;AACAA;;AAEF;AACA;AACA;AACE;AACA;AAEI;AASN;AACE;AACAA;AAEF;AACE;AACAA;AAEF;AACE;AACAA;AAKF;AACE;AACAA;AAEF;AACE;AACAA;AAEIC;;;;;;;;;;AAWF;AACAC;;;AAGAC;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAsCAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACF;AAEEC;AACEjB;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;;AAEFE;;AAEEC;AACE;;;;AAIEC;AACA;AACF;AACA;AACF;;AAEFC;AACF;;","debugId":"a25f34c5-c5a4-4a2d-a4d0-03e4d7369a93"}
+{"version":3,"file":"constants.js","sources":["../../src/constants.ts"],"sourcesContent":["import { realpathSync } from 'node:fs'\nimport os from 'node:os'\nimport path from 'node:path'\nimport process from 'node:process'\n\nimport registryConstants from '@socketsecurity/registry/lib/constants'\nimport { envAsBoolean, envAsString } from '@socketsecurity/registry/lib/env'\n\nimport type { Agent } from './utils/package-environment'\nimport type { Remap } from '@socketsecurity/registry/lib/objects'\n\nconst {\n  NODE_MODULES,\n  NPM,\n  SOCKET_SECURITY_SCOPE,\n  kInternalsSymbol,\n  [kInternalsSymbol as unknown as 'Symbol(kInternalsSymbol)']: {\n    createConstantsObject,\n    getIpc\n  }\n} = registryConstants\n\ntype RegistryEnv = typeof registryConstants.ENV\n\ntype RegistryInternals = (typeof registryConstants)['Symbol(kInternalsSymbol)']\n\ntype Sentry = any\n\ntype Internals = Remap<\n  Omit<RegistryInternals, 'getIpc'> &\n    Readonly<{\n      getIpc: {\n        (): Promise<IPC>\n        <K extends keyof IPC | undefined>(\n          key?: K | undefined\n        ): Promise<K extends keyof IPC ? IPC[K] : IPC>\n      }\n      getSentry: () => Sentry\n      setSentry(Sentry: Sentry): boolean\n    }>\n>\n\ntype ENV = Remap<\n  RegistryEnv &\n    Readonly<{\n      LOCALAPPDATA: string\n      SOCKET_CLI_ACCEPT_RISKS: boolean\n      SOCKET_CLI_DEBUG: boolean\n      SOCKET_CLI_NO_API_TOKEN: boolean\n      SOCKET_CLI_VIEW_ALL_RISKS: boolean\n      SOCKET_SECURITY_API_BASE_URL: string\n      SOCKET_SECURITY_API_PROXY: string\n      SOCKET_SECURITY_API_TOKEN: string\n      XDG_DATA_HOME: string\n    }>\n>\n\ntype IPC = Readonly<{\n  SOCKET_CLI_FIX?: string | undefined\n  SOCKET_CLI_OPTIMIZE?: boolean | undefined\n  SOCKET_CLI_SAFE_BIN?: string | undefined\n  SOCKET_CLI_SAFE_PROGRESS?: boolean | undefined\n}>\n\ntype Constants = Remap<\n  Omit<typeof registryConstants, 'Symbol(kInternalsSymbol)' | 'ENV' | 'IPC'> & {\n    readonly 'Symbol(kInternalsSymbol)': Internals\n    readonly ALERT_TYPE_CRITICAL_CVE: 'criticalCVE'\n    readonly ALERT_TYPE_CVE: 'cve'\n    readonly ALERT_TYPE_MEDIUM_CVE: 'mediumCVE'\n    readonly ALERT_TYPE_MILD_CVE: 'mildCVE'\n    readonly API_V0_URL: 'https://api.socket.dev/v0/'\n    readonly BINARY_LOCK_EXT: '.lockb'\n    readonly BUN: 'bun'\n    readonly CLI: 'cli'\n    readonly CVE_ALERT_PROPS_FIRST_PATCHED_VERSION_IDENTIFIER: 'firstPatchedVersionIdentifier'\n    readonly ENV: ENV\n    readonly DIST_TYPE: 'module-sync' | 'require'\n    readonly DRY_RUN_LABEL: '[DryRun]'\n    readonly DRY_RUN_BAIL_TEXT: '[DryRun] Bailing now'\n    readonly INLINED_SOCKET_CLI_LEGACY_BUILD: 'INLINED_SOCKET_CLI_LEGACY_BUILD'\n    readonly INLINED_SOCKET_CLI_PUBLISHED_BUILD: 'INLINED_SOCKET_CLI_PUBLISHED_BUILD'\n    readonly INLINED_SOCKET_CLI_SENTRY_BUILD: 'INLINED_SOCKET_CLI_SENTRY_BUILD'\n    readonly IPC: IPC\n    readonly LOCALAPPDATA: 'LOCALAPPDATA'\n    readonly LOCK_EXT: '.lock'\n    readonly MODULE_SYNC: 'module-sync'\n    readonly NPM_BUGGY_OVERRIDES_PATCHED_VERSION: '11.2.0'\n    readonly NPM_REGISTRY_URL: 'https://registry.npmjs.org'\n    readonly PNPM: 'pnpm'\n    readonly REDACTED: '<redacted>'\n    readonly REQUIRE: 'require'\n    readonly SHADOW_NPM_BIN: 'shadow-bin'\n    readonly SHADOW_NPM_INJECT: 'shadow-npm-inject'\n    readonly SHADOW_NPM_PATHS: 'shadow-npm-paths'\n    readonly SOCKET: 'socket'\n    readonly SOCKET_APP_DIR: 'socket/settings'\n    readonly SOCKET_CLI_ACCEPT_RISKS: 'SOCKET_CLI_ACCEPT_RISKS'\n    readonly SOCKET_CLI_BIN_NAME: 'socket'\n    readonly SOCKET_CLI_BIN_NAME_ALIAS: 'cli'\n    readonly SOCKET_CLI_DEBUG: 'SOCKET_CLI_DEBUG'\n    readonly SOCKET_CLI_FIX: 'SOCKET_CLI_FIX'\n    readonly SOCKET_CLI_ISSUES_URL: 'https://github.com/SocketDev/socket-cli/issues'\n    readonly SOCKET_CLI_SENTRY_BIN_NAME_ALIAS: 'cli-with-sentry'\n    readonly SOCKET_CLI_LEGACY_PACKAGE_NAME: '@socketsecurity/cli'\n    readonly SOCKET_CLI_NO_API_TOKEN: 'SOCKET_CLI_NO_API_TOKEN'\n    readonly SOCKET_CLI_NPM_BIN_NAME: 'socket-npm'\n    readonly SOCKET_CLI_NPX_BIN_NAME: 'socket-npx'\n    readonly SOCKET_CLI_OPTIMIZE: 'SOCKET_CLI_OPTIMIZE'\n    readonly SOCKET_CLI_PACKAGE_NAME: 'socket'\n    readonly SOCKET_CLI_SAFE_BIN: 'SOCKET_CLI_SAFE_BIN'\n    readonly SOCKET_CLI_SAFE_PROGRESS: 'SOCKET_CLI_SAFE_PROGRESS'\n    readonly SOCKET_CLI_SENTRY_BIN_NAME: 'socket-with-sentry'\n    readonly SOCKET_CLI_SENTRY_NPM_BIN_NAME: 'socket-npm-with-sentry'\n    readonly SOCKET_CLI_SENTRY_NPX_BIN_NAME: 'socket-npx-with-sentry'\n    readonly SOCKET_CLI_SENTRY_PACKAGE_NAME: '@socketsecurity/cli-with-sentry'\n    readonly SOCKET_CLI_VIEW_ALL_RISKS: 'SOCKET_CLI_VIEW_ALL_RISKS'\n    readonly SOCKET_SECURITY_API_BASE_URL: 'SOCKET_SECURITY_API_BASE_URL'\n    readonly SOCKET_SECURITY_API_PROXY: 'SOCKET_SECURITY_API_PROXY'\n    readonly SOCKET_SECURITY_API_TOKEN: 'SOCKET_SECURITY_API_TOKEN'\n    readonly VLT: 'vlt'\n    readonly WITH_SENTRY: 'with-sentry'\n    readonly XDG_DATA_HOME: 'XDG_DATA_HOME'\n    readonly YARN: 'yarn'\n    readonly YARN_BERRY: 'yarn/berry'\n    readonly YARN_CLASSIC: 'yarn/classic'\n    readonly YARN_LOCK: 'yarn.lock'\n    readonly bashRcPath: string\n    readonly distCliPath: string\n    readonly distInstrumentWithSentryPath: string\n    readonly distPath: string\n    readonly distShadowNpmBinPath: string\n    readonly distShadowNpmInjectPath: string\n    readonly homePath: string\n    readonly minimumVersionByAgent: Map<Agent, string>\n    readonly nmBinPath: string\n    readonly nodeHardenFlags: string[]\n    readonly rootBinPath: string\n    readonly rootDistPath: string\n    readonly rootPath: string\n    readonly shadowBinPath: string\n    readonly zshRcPath: string\n  }\n>\n\nconst ALERT_TYPE_CRITICAL_CVE = 'criticalCVE'\nconst ALERT_TYPE_CVE = 'cve'\nconst ALERT_TYPE_MEDIUM_CVE = 'mediumCVE'\nconst ALERT_TYPE_MILD_CVE = 'mildCVE'\nconst API_V0_URL = 'https://api.socket.dev/v0/'\nconst BINARY_LOCK_EXT = '.lockb'\nconst BUN = 'bun'\nconst CLI = 'cli'\nconst CVE_ALERT_PROPS_FIRST_PATCHED_VERSION_IDENTIFIER =\n  'firstPatchedVersionIdentifier'\nconst DRY_RUN_LABEL = '[DryRun]'\nconst DRY_RUN_BAIL_TEXT = `${DRY_RUN_LABEL}: Bailing now`\nconst INLINED_SOCKET_CLI_LEGACY_BUILD = 'INLINED_SOCKET_CLI_LEGACY_BUILD'\nconst INLINED_SOCKET_CLI_PUBLISHED_BUILD = 'INLINED_SOCKET_CLI_PUBLISHED_BUILD'\nconst INLINED_SOCKET_CLI_SENTRY_BUILD = 'INLINED_SOCKET_CLI_SENTRY_BUILD'\nconst LOCALAPPDATA = 'LOCALAPPDATA'\nconst LOCK_EXT = '.lock'\nconst MODULE_SYNC = 'module-sync'\nconst NPM_BUGGY_OVERRIDES_PATCHED_VERSION = '11.2.0'\nconst NPM_REGISTRY_URL = 'https://registry.npmjs.org'\nconst PNPM = 'pnpm'\nconst REDACTED = '<redacted>'\nconst REQUIRE = 'require'\nconst SHADOW_NPM_BIN = 'shadow-bin'\nconst SHADOW_NPM_INJECT = 'shadow-npm-inject'\nconst SHADOW_NPM_PATHS = 'shadow-npm-paths'\nconst SOCKET = 'socket'\nconst SOCKET_APP_DIR = 'socket/settings'\nconst SOCKET_CLI_ACCEPT_RISKS = 'SOCKET_CLI_ACCEPT_RISKS'\nconst SOCKET_CLI_BIN_NAME = 'socket'\nconst SOCKET_CLI_BIN_NAME_ALIAS = 'cli'\nconst SOCKET_CLI_DEBUG = 'SOCKET_CLI_DEBUG'\nconst SOCKET_CLI_FIX = 'SOCKET_CLI_FIX'\nconst SOCKET_CLI_ISSUES_URL = 'https://github.com/SocketDev/socket-cli/issues'\nconst SOCKET_CLI_LEGACY_PACKAGE_NAME = `${SOCKET_SECURITY_SCOPE}/cli`\nconst SOCKET_CLI_NO_API_TOKEN = 'SOCKET_CLI_NO_API_TOKEN'\nconst SOCKET_CLI_OPTIMIZE = 'SOCKET_CLI_OPTIMIZE'\nconst SOCKET_CLI_NPM_BIN_NAME = 'socket-npm'\nconst SOCKET_CLI_NPX_BIN_NAME = 'socket-npx'\nconst SOCKET_CLI_PACKAGE_NAME = 'socket'\nconst SOCKET_CLI_SAFE_BIN = 'SOCKET_CLI_SAFE_BIN'\nconst SOCKET_CLI_SAFE_PROGRESS = 'SOCKET_CLI_SAFE_PROGRESS'\nconst SOCKET_CLI_SENTRY_BIN_NAME = 'socket-with-sentry'\nconst SOCKET_CLI_SENTRY_BIN_NAME_ALIAS = 'cli-with-sentry'\nconst SOCKET_CLI_SENTRY_NPM_BIN_NAME = 'socket-npm-with-sentry'\nconst SOCKET_CLI_SENTRY_NPX_BIN_NAME = 'socket-npx-with-sentry'\nconst SOCKET_CLI_SENTRY_PACKAGE_NAME = `${SOCKET_SECURITY_SCOPE}/cli-with-sentry`\nconst SOCKET_CLI_VIEW_ALL_RISKS = 'SOCKET_CLI_VIEW_ALL_RISKS'\nconst SOCKET_SECURITY_API_BASE_URL = 'SOCKET_SECURITY_API_BASE_URL'\nconst SOCKET_SECURITY_API_PROXY = 'SOCKET_SECURITY_API_PROXY'\nconst SOCKET_SECURITY_API_TOKEN = 'SOCKET_SECURITY_API_TOKEN'\nconst VLT = 'vlt'\nconst WITH_SENTRY = 'with-sentry'\nconst XDG_DATA_HOME = 'XDG_DATA_HOME'\nconst YARN = 'yarn'\nconst YARN_BERRY = 'yarn/berry'\nconst YARN_CLASSIC = 'yarn/classic'\nconst YARN_LOCK = 'yarn.lock'\n\nlet _Sentry: any\n\nconst LAZY_DIST_TYPE = () =>\n  registryConstants.SUPPORTS_NODE_REQUIRE_MODULE ? MODULE_SYNC : REQUIRE\n\nconst LAZY_ENV = () => {\n  const { env } = process\n  // We inline some environment values so that they CANNOT be influenced by user\n  // provided environment variables.\n  return Object.freeze({\n    // Lazily access registryConstants.ENV.\n    ...registryConstants.ENV,\n    // Inlined flag to determine if this is the Legacy build.\n    // The '@rollup/plugin-replace' will replace \"process.env[INLINED_SOCKET_CLI_LEGACY_BUILD]\".\n    INLINED_SOCKET_CLI_LEGACY_BUILD:\n      process.env['INLINED_SOCKET_CLI_LEGACY_BUILD'],\n    // Inlined flag to determine if this is a published build.\n    // The '@rollup/plugin-replace' will replace \"process.env[INLINED_SOCKET_CLI_PUBLISHED_BUILD]\".\n    INLINED_SOCKET_CLI_PUBLISHED_BUILD:\n      process.env['INLINED_SOCKET_CLI_PUBLISHED_BUILD'],\n    // Inlined flag to determine if this is the Sentry build.\n    // The '@rollup/plugin-replace' will replace \"process.env[INLINED_SOCKET_CLI_SENTRY_BUILD]\".\n    INLINED_SOCKET_CLI_SENTRY_BUILD:\n      process.env['INLINED_SOCKET_CLI_SENTRY_BUILD'],\n    // The location of the %localappdata% folder on Windows used to store user-specific,\n    // non-roaming application data, like temporary files, cached data, and program\n    // settings, that are specific to the current machine and user.\n    LOCALAPPDATA: envAsString(env['LOCALAPPDATA']),\n    // Flag to accepts risks of safe-npm and safe-npx run.\n    SOCKET_CLI_ACCEPT_RISKS: envAsBoolean(env['SOCKET_CLI_ACCEPT_RISKS']),\n    // Flag to help debug Socket CLI.\n    SOCKET_CLI_DEBUG: envAsBoolean(env['SOCKET_CLI_DEBUG']),\n    // Flag to make the default API token `undefined`.\n    SOCKET_CLI_NO_API_TOKEN: envAsBoolean(env['SOCKET_CLI_NO_API_TOKEN']),\n    // Flag to view all risks of safe-npm and safe-npx run.\n    SOCKET_CLI_VIEW_ALL_RISKS: envAsBoolean(env['SOCKET_CLI_VIEW_ALL_RISKS']),\n    // Flag to change the base URL for all API-calls.\n    // https://github.com/SocketDev/socket-cli?tab=readme-ov-file#environment-variables-for-development\n    SOCKET_SECURITY_API_BASE_URL: envAsString(\n      env['SOCKET_SECURITY_API_BASE_URL']\n    ),\n    // Flag to set the proxy all requests are routed through.\n    // https://github.com/SocketDev/socket-cli?tab=readme-ov-file#environment-variables-for-development\n    SOCKET_SECURITY_API_PROXY: envAsString(env['SOCKET_SECURITY_API_PROXY']),\n    // Flag to set the API token.\n    // https://github.com/SocketDev/socket-cli?tab=readme-ov-file#environment-variables\n    SOCKET_SECURITY_API_TOKEN:\n      envAsString(env['SOCKET_SECURITY_API_TOKEN']) ||\n      // Keep 'SOCKET_SECURITY_API_KEY' as an alias of 'SOCKET_SECURITY_API_TOKEN'.\n      // TODO: Remove 'SOCKET_SECURITY_API_KEY' alias.\n      envAsString(env['SOCKET_SECURITY_API_KEY']),\n    // The location of the base directory on Linux and MacOS used to store\n    // user-specific data files, defaulting to $HOME/.local/share if not set or empty.\n    XDG_DATA_HOME: envAsString(env['XDG_DATA_HOME'])\n  })\n}\n\nconst lazyBashRcPath = () =>\n  // Lazily access constants.homePath.\n  path.join(constants.homePath, '.bashrc')\n\nconst lazyDistCliPath = () =>\n  // Lazily access constants.distPath.\n  path.join(constants.distPath, 'cli.js')\n\nconst lazyDistInstrumentWithSentryPath = () =>\n  // Lazily access constants.rootDistPath.\n  path.join(constants.rootDistPath, 'instrument-with-sentry.js')\n\nconst lazyDistPath = () =>\n  // Lazily access constants.rootDistPath and constants.DIST_TYPE.\n  path.join(constants.rootDistPath, constants.DIST_TYPE)\n\nconst lazyDistShadowNpmBinPath = () =>\n  // Lazily access constants.distPath.\n  path.join(constants.distPath, `${SHADOW_NPM_BIN}.js`)\n\nconst lazyDistShadowNpmInjectPath = () =>\n  // Lazily access constants.distPath.\n  path.join(constants.distPath, `${SHADOW_NPM_INJECT}.js`)\n\nconst lazyHomePath = () => os.homedir()\n\nconst lazyMinimumVersionByAgent = () =>\n  new Map([\n    // Bun >=1.1.39 supports the text-based lockfile.\n    // https://bun.sh/blog/bun-lock-text-lockfile\n    [BUN, '1.1.39'],\n    // The npm version bundled with Node 18.\n    // https://nodejs.org/en/about/previous-releases#looking-for-the-latest-release-of-a-version-branch\n    [NPM, '10.8.2'],\n    // 8.x is the earliest version to support Node 18.\n    // https://pnpm.io/installation#compatibility\n    // https://www.npmjs.com/package/pnpm?activeTab=versions\n    [PNPM, '8.15.9'],\n    // 4.x supports >= Node 18.12.0\n    // https://github.com/yarnpkg/berry/blob/%40yarnpkg/core/4.1.0/CHANGELOG.md#400\n    [YARN_BERRY, '4.0.0'],\n    // Latest 1.x.\n    // https://www.npmjs.com/package/yarn?activeTab=versions\n    [YARN_CLASSIC, '1.22.22'],\n    // vlt does not support overrides so we don't gate on it.\n    [VLT, '*']\n  ])\n\nconst lazyNmBinPath = () =>\n  // Lazily access constants.rootPath.\n  path.join(constants.rootPath, `${NODE_MODULES}/.bin`)\n\n// Redefine registryConstants.nodeHardenFlags to account for the\n// INLINED_SOCKET_CLI_SENTRY_BUILD environment variable.\nconst lazyNodeHardenFlags = () =>\n  // The '@rollup/plugin-replace' will replace \"process.env[INLINED_SOCKET_CLI_SENTRY_BUILD]\".\n  process.env['INLINED_SOCKET_CLI_SENTRY_BUILD'] ||\n  // Lazily access constants.WIN32.\n  constants.WIN32\n    ? []\n    : // Harden Node security.\n      // https://nodejs.org/en/learn/getting-started/security-best-practices\n      // We have contributed the following patches to our dependencies to make\n      // Node's --frozen-intrinsics workable.\n      // √ https://github.com/SBoudrias/Inquirer.js/pull/1683\n      // √ https://github.com/pnpm/components/pull/23\n      ['--disable-proto', 'delete', '--frozen-intrinsics', '--no-deprecation']\n\nconst lazyRootBinPath = () =>\n  // Lazily access constants.rootPath.\n  path.join(constants.rootPath, 'bin')\n\nconst lazyRootDistPath = () =>\n  // Lazily access constants.rootPath.\n  path.join(constants.rootPath, 'dist')\n\nconst lazyRootPath = () =>\n  path.join(\n    realpathSync.native(__dirname),\n    // The '@rollup/plugin-replace' will replace \"process.env['INLINED_SOCKET_CLI_TEST_DIST_BUILD']\".\n    process.env['INLINED_SOCKET_CLI_TEST_DIST_BUILD'] ? '../..' : '..'\n  )\n\nconst lazyShadowBinPath = () =>\n  // Lazily access constants.rootPath.\n  path.join(constants.rootPath, SHADOW_NPM_BIN)\n\nconst lazyZshRcPath = () =>\n  // Lazily access constants.homePath.\n  path.join(constants.homePath, '.zshrc')\n\nconst constants = createConstantsObject(\n  {\n    ALERT_TYPE_CRITICAL_CVE,\n    ALERT_TYPE_CVE,\n    ALERT_TYPE_MEDIUM_CVE,\n    ALERT_TYPE_MILD_CVE,\n    API_V0_URL,\n    BINARY_LOCK_EXT,\n    BUN,\n    CLI,\n    CVE_ALERT_PROPS_FIRST_PATCHED_VERSION_IDENTIFIER,\n    // Lazily defined values are initialized as `undefined` to keep their key order.\n    DIST_TYPE: undefined,\n    DRY_RUN_LABEL,\n    DRY_RUN_BAIL_TEXT,\n    ENV: undefined,\n    INLINED_SOCKET_CLI_LEGACY_BUILD,\n    INLINED_SOCKET_CLI_PUBLISHED_BUILD,\n    INLINED_SOCKET_CLI_SENTRY_BUILD,\n    LOCALAPPDATA,\n    LOCK_EXT,\n    MODULE_SYNC,\n    NPM_BUGGY_OVERRIDES_PATCHED_VERSION,\n    NPM_REGISTRY_URL,\n    PNPM,\n    REDACTED,\n    REQUIRE,\n    SHADOW_NPM_BIN,\n    SHADOW_NPM_INJECT,\n    SHADOW_NPM_PATHS,\n    SOCKET,\n    SOCKET_APP_DIR,\n    SOCKET_CLI_ACCEPT_RISKS,\n    SOCKET_CLI_BIN_NAME,\n    SOCKET_CLI_BIN_NAME_ALIAS,\n    SOCKET_CLI_DEBUG,\n    SOCKET_CLI_FIX,\n    SOCKET_CLI_ISSUES_URL,\n    SOCKET_CLI_SENTRY_BIN_NAME_ALIAS,\n    SOCKET_CLI_LEGACY_PACKAGE_NAME,\n    SOCKET_CLI_NO_API_TOKEN,\n    SOCKET_CLI_NPM_BIN_NAME,\n    SOCKET_CLI_NPX_BIN_NAME,\n    SOCKET_CLI_OPTIMIZE,\n    SOCKET_CLI_PACKAGE_NAME,\n    SOCKET_CLI_SAFE_BIN,\n    SOCKET_CLI_SAFE_PROGRESS,\n    SOCKET_CLI_SENTRY_BIN_NAME,\n    SOCKET_CLI_SENTRY_NPM_BIN_NAME,\n    SOCKET_CLI_SENTRY_NPX_BIN_NAME,\n    SOCKET_CLI_SENTRY_PACKAGE_NAME,\n    SOCKET_CLI_VIEW_ALL_RISKS,\n    SOCKET_SECURITY_API_BASE_URL,\n    SOCKET_SECURITY_API_PROXY,\n    SOCKET_SECURITY_API_TOKEN,\n    VLT,\n    WITH_SENTRY,\n    XDG_DATA_HOME,\n    YARN,\n    YARN_BERRY,\n    YARN_CLASSIC,\n    YARN_LOCK,\n    bashRcPath: undefined,\n    distCliPath: undefined,\n    distInstrumentWithSentryPath: undefined,\n    distPath: undefined,\n    distShadowNpmBinPath: undefined,\n    distShadowNpmInjectPath: undefined,\n    homePath: undefined,\n    minimumVersionByAgent: undefined,\n    nmBinPath: undefined,\n    nodeHardenFlags: undefined,\n    rootBinPath: undefined,\n    rootDistPath: undefined,\n    rootPath: undefined,\n    shadowBinPath: undefined,\n    zshRcPath: undefined\n  },\n  {\n    getters: {\n      DIST_TYPE: LAZY_DIST_TYPE,\n      ENV: LAZY_ENV,\n      bashRcPath: lazyBashRcPath,\n      distCliPath: lazyDistCliPath,\n      distInstrumentWithSentryPath: lazyDistInstrumentWithSentryPath,\n      distPath: lazyDistPath,\n      distShadowNpmBinPath: lazyDistShadowNpmBinPath,\n      distShadowNpmInjectPath: lazyDistShadowNpmInjectPath,\n      homePath: lazyHomePath,\n      minimumVersionByAgent: lazyMinimumVersionByAgent,\n      nmBinPath: lazyNmBinPath,\n      nodeHardenFlags: lazyNodeHardenFlags,\n      rootBinPath: lazyRootBinPath,\n      rootDistPath: lazyRootDistPath,\n      rootPath: lazyRootPath,\n      shadowBinPath: lazyShadowBinPath,\n      zshRcPath: lazyZshRcPath\n    },\n    internals: {\n      getIpc,\n      getSentry() {\n        return _Sentry\n      },\n      setSentry(Sentry: Sentry): boolean {\n        if (_Sentry === undefined) {\n          _Sentry = Sentry\n          return true\n        }\n        return false\n      }\n    },\n    mixin: registryConstants\n  }\n) as Constants\n\nexport default constants\n"],"names":["getIpc","env","INLINED_SOCKET_CLI_LEGACY_BUILD","INLINED_SOCKET_CLI_PUBLISHED_BUILD","INLINED_SOCKET_CLI_SENTRY_BUILD","LOCALAPPDATA","SOCKET_CLI_ACCEPT_RISKS","SOCKET_CLI_DEBUG","SOCKET_CLI_NO_API_TOKEN","SOCKET_CLI_VIEW_ALL_RISKS","SOCKET_SECURITY_API_BASE_URL","SOCKET_SECURITY_API_PROXY","SOCKET_SECURITY_API_TOKEN","envAsString","XDG_DATA_HOME","path","constants","DIST_TYPE","ENV","bashRcPath","distCliPath","distInstrumentWithSentryPath","distPath","distShadowNpmBinPath","distShadowNpmInjectPath","homePath","minimumVersionByAgent","nmBinPath","nodeHardenFlags","rootBinPath","rootDistPath","rootPath","shadowBinPath","zshRcPath","getters","internals","getSentry","_Sentry","mixin"],"mappings":";;;;;;;;;AAWA;;;;;AAKE;;AAEEA;AACF;AACF;AA6HA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAEA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAEA;AAEA;AAGA;;AACUC;AAAI;AACZ;AACA;;AAEE;;AAEA;AACA;AACAC;AAEA;AACA;AACAC;AAEA;AACA;AACAC;AAEA;AACA;AACA;AACAC;AACA;AACAC;AACA;AACAC;AACA;AACAC;AACA;AACAC;AACA;AACA;AACAC;AAGA;AACA;AACAC;AACA;AACA;AACAC;AAEE;AACA;AACAC;AACF;AACA;AACAC;AACF;AACF;AAEA;AACE;AACAC;AAEF;AACE;AACAA;AAEF;AACE;AACAA;AAEF;AACE;AACAA;AAEF;AACE;AACAA;AAEF;AACE;AACAA;AAEF;AAEA;AAEI;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAGJ;AACE;AACAA;;AAEF;AACA;AACA;AACE;AAII;AASN;AACE;AACAA;AAEF;AACE;AACAA;AAEF;AAGI;AAC8D;AAGlE;AACE;AACAA;AAEF;AACE;AACAA;AAEIC;;;;;;;;;;AAWF;AACAC;;;AAGAC;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AA+CAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACF;AAEEC;AACEjB;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;;AAEFE;;AAEEC;AACE;;;;AAIEC;AACA;AACF;AACA;AACF;;AAEFC;AACF;;","debugId":"5b0e4686-31cf-4423-99c5-f986ce441719"}