@socketsecurity/cli-with-sentry 0.14.77 → 0.14.79

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -11,9 +11,6 @@ declare const AGENTS: readonly [
11
11
  'vlt'
12
12
  ]
13
13
  type Agent = (typeof AGENTS)[number]
14
- type StringKeyValueObject = {
15
- [key: string]: string
16
- }
17
14
  type DetectOptions = {
18
15
  cwd?: string | undefined
19
16
  onUnknown?: (pkgManager: string | undefined) => void
@@ -77,7 +74,6 @@ declare function detectAndValidatePackageEnvironment(
77
74
  export {
78
75
  AGENTS,
79
76
  Agent,
80
- StringKeyValueObject,
81
77
  DetectOptions,
82
78
  EnvDetails,
83
79
  PartialEnvDetails,
@@ -406,7 +406,7 @@ async function setupSdk(
406
406
  // The '@rollup/plugin-replace' will replace "process.env['INLINED_SOCKET_CLI_NAME']".
407
407
  name: '@socketsecurity/cli',
408
408
  // The '@rollup/plugin-replace' will replace "process.env['INLINED_SOCKET_CLI_VERSION']".
409
- version: '0.14.77',
409
+ version: '0.14.79',
410
410
  // The '@rollup/plugin-replace' will replace "process.env['INLINED_SOCKET_CLI_HOMEPAGE']".
411
411
  homepage: 'https://github.com/SocketDev/socket-cli'
412
412
  })
@@ -1729,6 +1729,52 @@ function logAlertsMap(alertsMap, options) {
1729
1729
  output.write('\n')
1730
1730
  }
1731
1731
 
1732
+ function assignDefaultFixOptions(options) {
1733
+ if (options.autoMerge === undefined) {
1734
+ options.autoMerge = false
1735
+ }
1736
+ if (options.cwd === undefined) {
1737
+ options.cwd = process.cwd()
1738
+ }
1739
+ if (options.rangeStyle === undefined) {
1740
+ options.rangeStyle = 'preserve'
1741
+ }
1742
+ if (options.test === undefined) {
1743
+ options.test = !!options.testScript
1744
+ }
1745
+ if (options.testScript === undefined) {
1746
+ options.testScript = 'test'
1747
+ }
1748
+ return options
1749
+ }
1750
+ function applyRange(refRange, version, style = 'preserve') {
1751
+ switch (style) {
1752
+ case 'caret':
1753
+ return `^${version}`
1754
+ case 'gt':
1755
+ return `>${version}`
1756
+ case 'gte':
1757
+ return `>=${version}`
1758
+ case 'lt':
1759
+ return `<${version}`
1760
+ case 'lte':
1761
+ return `<=${version}`
1762
+ case 'preserve': {
1763
+ const comparators = [...new semver.Range(refRange).set].flat()
1764
+ const { length } = comparators
1765
+ return !length || length > 1
1766
+ ? version
1767
+ : `${comparators[0].operator}${version}`
1768
+ }
1769
+ case 'tilde':
1770
+ return `~${version}`
1771
+ case 'pin':
1772
+ default:
1773
+ return version
1774
+ }
1775
+ }
1776
+ const RangeStyles = ['caret', 'gt', 'lt', 'pin', 'preserve', 'tilde']
1777
+
1732
1778
  const { LOOP_SENTINEL, NPM: NPM$1, NPM_REGISTRY_URL } = constants
1733
1779
  function getDetailsFromDiff(diff_, options) {
1734
1780
  const details = []
@@ -1843,7 +1889,31 @@ function findBestPatchVersion(
1843
1889
  }
1844
1890
  return semver.maxSatisfying(eligibleVersions, '*')
1845
1891
  }
1846
- function findPackageNodes(tree, packageName) {
1892
+ function findPackageNode(tree, name, version) {
1893
+ const queue = [
1894
+ {
1895
+ node: tree
1896
+ }
1897
+ ]
1898
+ let sentinel = 0
1899
+ while (queue.length) {
1900
+ if (sentinel++ === LOOP_SENTINEL) {
1901
+ throw new Error('Detected infinite loop in findPackageNodes')
1902
+ }
1903
+ const { node: currentNode } = queue.pop()
1904
+ const node = currentNode.children.get(name)
1905
+ if (node && (typeof version !== 'string' || node.version === version)) {
1906
+ return node
1907
+ }
1908
+ const children = [...currentNode.children.values()]
1909
+ for (let i = children.length - 1; i >= 0; i -= 1) {
1910
+ queue.push({
1911
+ node: children[i]
1912
+ })
1913
+ }
1914
+ }
1915
+ }
1916
+ function findPackageNodes(tree, name, version) {
1847
1917
  const queue = [
1848
1918
  {
1849
1919
  node: tree
@@ -1856,8 +1926,8 @@ function findPackageNodes(tree, packageName) {
1856
1926
  throw new Error('Detected infinite loop in findPackageNodes')
1857
1927
  }
1858
1928
  const { node: currentNode } = queue.pop()
1859
- const node = currentNode.children.get(packageName)
1860
- if (node) {
1929
+ const node = currentNode.children.get(name)
1930
+ if (node && 'undefined' !== 'string') {
1861
1931
  matches.push(node)
1862
1932
  }
1863
1933
  const children = [...currentNode.children.values()]
@@ -1878,6 +1948,7 @@ async function getAlertsMapFromArborist(arb, options_) {
1878
1948
  }
1879
1949
  const include = {
1880
1950
  __proto__: null,
1951
+ actions: undefined,
1881
1952
  blocked: true,
1882
1953
  critical: true,
1883
1954
  cve: true,
@@ -1924,7 +1995,16 @@ async function getAlertsMapFromArborist(arb, options_) {
1924
1995
  {
1925
1996
  alerts: 'true',
1926
1997
  compact: 'true',
1927
- fixable: include.unfixable ? 'false' : 'true'
1998
+ ...(include.actions
1999
+ ? {
2000
+ actions: include.actions.join(',')
2001
+ }
2002
+ : {}),
2003
+ ...(include.unfixable
2004
+ ? {}
2005
+ : {
2006
+ fixable: 'true'
2007
+ })
1928
2008
  },
1929
2009
  {
1930
2010
  components: pkgIds.map(id => ({
@@ -1954,6 +2034,9 @@ async function getAlertsMapFromArborist(arb, options_) {
1954
2034
  spinner?.stop()
1955
2035
  return alertsByPkgId
1956
2036
  }
2037
+ function isTopLevel(tree, node) {
2038
+ return tree.children.get(node.name) === node
2039
+ }
1957
2040
  function updateNode(
1958
2041
  node,
1959
2042
  packument,
@@ -1975,27 +2058,33 @@ function updateNode(
1975
2058
  // No suitable patch version found.
1976
2059
  return false
1977
2060
  }
1978
- // Use Object.defineProperty to override the version.
2061
+ // Object.defineProperty is needed to set the version property and replace
2062
+ // the old value with targetVersion.
1979
2063
  Object.defineProperty(node, 'version', {
1980
2064
  configurable: true,
1981
2065
  enumerable: true,
1982
2066
  get: () => targetVersion
1983
2067
  })
2068
+ // Update package.version associated with the node.
1984
2069
  node.package.version = targetVersion
1985
- // Update resolved and clear integrity for the new version.
2070
+ // Update node.resolved.
1986
2071
  const purlObj = packageurlJs.PackageURL.fromString(`pkg:npm/${node.name}`)
1987
2072
  node.resolved = `${NPM_REGISTRY_URL}/${node.name}/-/${purlObj.name}-${targetVersion}.tgz`
2073
+ // Update node.integrity with the targetPackument.dist.integrity value if available
2074
+ // else delete node.integrity so a new value is resolved for the target version.
1988
2075
  const { integrity } = targetPackument.dist
1989
2076
  if (integrity) {
1990
2077
  node.integrity = integrity
1991
2078
  } else {
1992
2079
  delete node.integrity
1993
2080
  }
1994
- if ('deprecated' in targetPackument) {
2081
+ // Update node.package.deprecated based on targetPackument.deprecated.
2082
+ if (objects.hasOwn(targetPackument, 'deprecated')) {
1995
2083
  node.package['deprecated'] = targetPackument.deprecated
1996
2084
  } else {
1997
2085
  delete node.package['deprecated']
1998
2086
  }
2087
+ // Update node.package.dependencies.
1999
2088
  const newDeps = {
2000
2089
  ...targetPackument.dependencies
2001
2090
  }
@@ -2004,12 +2093,16 @@ function updateNode(
2004
2093
  if (oldDeps) {
2005
2094
  for (const oldDepName of Object.keys(oldDeps)) {
2006
2095
  if (!objects.hasOwn(newDeps, oldDepName)) {
2096
+ // Detach old edges for dependencies that don't exist on the updated
2097
+ // node.package.dependencies.
2007
2098
  node.edgesOut.get(oldDepName)?.detach()
2008
2099
  }
2009
2100
  }
2010
2101
  }
2011
2102
  for (const newDepName of Object.keys(newDeps)) {
2012
2103
  if (!objects.hasOwn(oldDeps, newDepName)) {
2104
+ // Add new edges for dependencies that don't exist on the old
2105
+ // node.package.dependencies.
2013
2106
  node.addEdgeOut(
2014
2107
  new Edge({
2015
2108
  from: node,
@@ -2022,6 +2115,29 @@ function updateNode(
2022
2115
  }
2023
2116
  return true
2024
2117
  }
2118
+ function updatePackageJsonFromNode(editablePkgJson, tree, node, rangeStyle) {
2119
+ if (isTopLevel(tree, node)) {
2120
+ const { name, version } = node
2121
+ for (const depField of [
2122
+ 'dependencies',
2123
+ 'optionalDependencies',
2124
+ 'peerDependencies'
2125
+ ]) {
2126
+ const oldValue = editablePkgJson.content[depField]
2127
+ if (oldValue) {
2128
+ const oldVersion = oldValue[name]
2129
+ if (oldVersion) {
2130
+ editablePkgJson.update({
2131
+ [depField]: {
2132
+ ...oldValue,
2133
+ [name]: applyRange(oldVersion, version, rangeStyle)
2134
+ }
2135
+ })
2136
+ }
2137
+ }
2138
+ }
2139
+ }
2140
+ }
2025
2141
 
2026
2142
  const {
2027
2143
  NPM,
@@ -2103,6 +2219,10 @@ class SafeArborist extends Arborist {
2103
2219
  // @ts-ignore: TS gets grumpy about rest parameters.
2104
2220
  ...args.slice(1)
2105
2221
  )
2222
+ // Lazily access constants.ENV[SOCKET_CLI_ACCEPT_RISKS].
2223
+ const acceptRisks = constants.ENV[SOCKET_CLI_ACCEPT_RISKS]
2224
+ // Lazily access constants.ENV[SOCKET_CLI_VIEW_ALL_RISKS].
2225
+ const viewAllRisks = constants.ENV[SOCKET_CLI_VIEW_ALL_RISKS]
2106
2226
  const progress = ipc[SOCKET_CLI_SAFE_PROGRESS]
2107
2227
  const spinner =
2108
2228
  options['silent'] || !progress
@@ -2114,14 +2234,13 @@ class SafeArborist extends Arborist {
2114
2234
  const alertsMap = await getAlertsMapFromArborist(this, {
2115
2235
  spinner,
2116
2236
  include:
2117
- options.dryRun ||
2118
- options['yes'] ||
2119
- // Lazily access constants.ENV[SOCKET_CLI_ACCEPT_RISKS].
2120
- constants.ENV[SOCKET_CLI_ACCEPT_RISKS]
2237
+ acceptRisks || options.dryRun || options['yes']
2121
2238
  ? {
2239
+ actions: ['error'],
2122
2240
  blocked: true,
2123
2241
  critical: false,
2124
2242
  cve: false,
2243
+ existing: true,
2125
2244
  unfixable: false
2126
2245
  }
2127
2246
  : {
@@ -2132,17 +2251,16 @@ class SafeArborist extends Arborist {
2132
2251
  if (alertsMap.size) {
2133
2252
  process$1.exitCode = 1
2134
2253
  logAlertsMap(alertsMap, {
2135
- // Lazily access constants.ENV[SOCKET_CLI_VIEW_ALL_RISKS].
2136
- hideAt: constants.ENV[SOCKET_CLI_VIEW_ALL_RISKS] ? 'none' : 'middle',
2254
+ hideAt: viewAllRisks ? 'none' : 'middle',
2137
2255
  output: process$1.stderr
2138
2256
  })
2139
2257
  throw new Error(commonTags.stripIndents`
2140
- Socket ${binName} exiting due to risks.
2141
- View all risks - Rerun with environment variable ${SOCKET_CLI_VIEW_ALL_RISKS}=1.
2142
- Accept risks - Rerun with environment variable ${SOCKET_CLI_ACCEPT_RISKS}=1.
2258
+ Socket ${binName} exiting due to risks.${viewAllRisks ? '' : `\nView all risks - Rerun with environment variable ${SOCKET_CLI_VIEW_ALL_RISKS}=1.`}${acceptRisks ? '' : `\nAccept risks - Rerun with environment variable ${SOCKET_CLI_ACCEPT_RISKS}=1.`}
2143
2259
  `)
2144
2260
  } else if (!options['silent']) {
2145
- logger.logger.success(`Socket ${binName} found no risks!`)
2261
+ logger.logger.success(
2262
+ `Socket ${binName} ${acceptRisks ? 'accepted' : 'found no'} risks`
2263
+ )
2146
2264
  if (binName === NPX) {
2147
2265
  logger.logger.log(`Running ${options.add[0]}`)
2148
2266
  }
@@ -2176,12 +2294,15 @@ exports.Arborist = Arborist
2176
2294
  exports.AuthError = AuthError
2177
2295
  exports.ColorOrMarkdown = ColorOrMarkdown
2178
2296
  exports.InputError = InputError
2297
+ exports.RangeStyles = RangeStyles
2179
2298
  exports.SAFE_ARBORIST_REIFY_OPTIONS_OVERRIDES =
2180
2299
  SAFE_ARBORIST_REIFY_OPTIONS_OVERRIDES
2181
2300
  exports.SafeArborist = SafeArborist
2182
2301
  exports.addArtifactToAlertsMap = addArtifactToAlertsMap
2302
+ exports.assignDefaultFixOptions = assignDefaultFixOptions
2183
2303
  exports.captureException = captureException
2184
2304
  exports.findBestPatchVersion = findBestPatchVersion
2305
+ exports.findPackageNode = findPackageNode
2185
2306
  exports.findPackageNodes = findPackageNodes
2186
2307
  exports.findUp = findUp
2187
2308
  exports.formatSeverityCount = formatSeverityCount
@@ -2204,5 +2325,6 @@ exports.setupSdk = setupSdk
2204
2325
  exports.supportedConfigKeys = supportedConfigKeys
2205
2326
  exports.updateConfigValue = updateConfigValue
2206
2327
  exports.updateNode = updateNode
2207
- //# debugId=c9cead2a-fe3b-4520-bcb7-22b65cf339e6
2328
+ exports.updatePackageJsonFromNode = updatePackageJsonFromNode
2329
+ //# debugId=1d1585dd-7e83-4248-93a3-4d24eb899744
2208
2330
  //# sourceMappingURL=shadow-npm-inject.js.map