@socketsecurity/cli-with-sentry 0.14.78 → 0.14.80

package/dist/module-sync/types.d.ts

@@ -1,81 +1,26 @@
-/// <reference types="npmcli__arborist" />
-import { SafeNode } from './node.js'
-import { BuildIdealTreeOptions, ReifyOptions } from '@npmcli/arborist'
-import { Options as ArboristOptions } from '@npmcli/arborist'
-import { Advisory as BaseAdvisory } from '@npmcli/arborist'
-import { Arborist as BaseArborist } from '@npmcli/arborist'
-import { AuditReport as BaseAuditReport } from '@npmcli/arborist'
-import { Diff as BaseDiff } from '@npmcli/arborist'
-type ArboristClass = ArboristInstance & {
-  new (...args: any): ArboristInstance
+import { Spinner } from '@socketsecurity/registry/lib/spinner'
+type StripUndefined<T> = {
+  [K in keyof T]-?: Exclude<T[K], undefined>
 }
-type ArboristInstance = Omit<
-  typeof BaseArborist,
-  | 'actualTree'
-  | 'auditReport'
-  | 'buildIdealTree'
-  | 'diff'
-  | 'idealTree'
-  | 'loadActual'
-  | 'loadVirtual'
-  | 'reify'
-> & {
-  auditReport?: AuditReportInstance | null | undefined
-  actualTree?: SafeNode | null | undefined
-  diff: Diff | null
-  idealTree?: SafeNode | null | undefined
-  buildIdealTree(options?: BuildIdealTreeOptions): Promise<SafeNode>
-  loadActual(options?: ArboristOptions): Promise<SafeNode>
-  loadVirtual(options?: ArboristOptions): Promise<SafeNode>
-  reify(options?: ArboristReifyOptions): Promise<SafeNode>
-}
-type ArboristReifyOptions = ReifyOptions & ArboristOptions
-type AuditReportInstance = Omit<BaseAuditReport, 'report'> & {
-  report: {
-    [dependency: string]: AuditAdvisory[]
-  }
-}
-type AuditAdvisory = Omit<BaseAdvisory, 'id'> & {
-  id: number
-  cwe: string[]
-  cvss: {
-    score: number
-    vectorString: string
-  }
-  vulnerable_versions: string
-}
-declare enum DiffAction {
-  add = 'ADD',
-  change = 'CHANGE',
-  remove = 'REMOVE'
-}
-type Diff = Omit<
-  BaseDiff,
-  | 'actual'
-  | 'children'
-  | 'filterSet'
-  | 'ideal'
-  | 'leaves'
-  | 'removed'
-  | 'shrinkwrapInflated'
-  | 'unchanged'
-> & {
-  actual: SafeNode
-  children: Diff[]
-  filterSet: Set<SafeNode>
-  ideal: SafeNode
-  leaves: SafeNode[]
-  parent: Diff | null
-  removed: SafeNode[]
-  shrinkwrapInflated: Set<SafeNode>
-  unchanged: SafeNode[]
-}
-export {
-  ArboristClass,
-  ArboristInstance,
-  ArboristReifyOptions,
-  AuditReportInstance,
-  AuditAdvisory,
-  DiffAction,
-  Diff
+type RangeStyle =
+  | 'caret'
+  | 'gt'
+  | 'gte'
+  | 'lt'
+  | 'lte'
+  | 'pin'
+  | 'preserve'
+  | 'tilde'
+type FixOptions = {
+  autoMerge?: boolean | undefined
+  cwd?: string | undefined
+  rangeStyle?: RangeStyle | undefined
+  spinner?: Spinner | undefined
+  test?: boolean | undefined
+  testScript?: string | undefined
 }
+type NormalizedFixOptions = StripUndefined<
+  Required<Omit<FixOptions, 'spinner'>>
+> &
+  Pick<FixOptions, 'spinner'>
+export { RangeStyle, FixOptions, NormalizedFixOptions }

package/dist/require/cli.js

@@ -36,6 +36,7 @@ const prompts = require('@socketsecurity/registry/lib/prompts')
 const shadowNpmPaths = require('./shadow-npm-paths.js')
 const chalkTable = _socketInterop(require('chalk-table'))
 const require$$0$1 = require('node:util')
+const terminalLink = _socketInterop(require('terminal-link'))
 const arrays = require('@socketsecurity/registry/lib/arrays')
 const registry = require('@socketsecurity/registry')
 const npm = require('@socketsecurity/registry/lib/npm')
@@ -52,7 +53,6 @@ const index_cjs = require('@socketregistry/hyrious__bun.lockb/index.cjs')
 const sorts = require('@socketsecurity/registry/lib/sorts')
 const registryConstants = require('@socketsecurity/registry/lib/constants')
 const isInteractive = require('@socketregistry/is-interactive/index.cjs')
-const terminalLink = _socketInterop(require('terminal-link'))
 const npa = _socketInterop(require('npm-package-arg'))
 const tinyglobby = _socketInterop(require('tinyglobby'))
 const promises = require('@socketsecurity/registry/lib/promises')
@@ -912,7 +912,7 @@ function emitBanner(name) {
   logger.logger.error(getAsciiHeader(name))
 }
 function getAsciiHeader(command) {
-  const cliVersion = '0.14.78:559893b:39cd3a2a:pub' // The '@rollup/plugin-replace' will replace "process.env['INLINED_SOCKET_CLI_VERSION_HASH']".
+  const cliVersion = '0.14.80:4ef7be7:e324b7e4:pub' // The '@rollup/plugin-replace' will replace "process.env['INLINED_SOCKET_CLI_VERSION_HASH']".
   const nodeVersion = process$1.version
   const apiToken = shadowNpmInject.getDefaultToken()
   const shownToken = apiToken ? getLastFiveOfApiToken(apiToken) : 'no'
@@ -3775,6 +3775,35 @@ function getOctokit() {
   }
   return _octokit
 }
+async function enableAutoMerge(prResponseData) {
+  const octokit = getOctokit()
+  const { node_id: prId, number: prNumber } = prResponseData
+  try {
+    await octokit.graphql(
+      `
+      mutation EnableAutoMerge($pullRequestId: ID!) {
+        enablePullRequestAutoMerge(input: {
+          pullRequestId: $pullRequestId,
+          mergeMethod: SQUASH
+        }) {
+          pullRequest {
+            number
+            autoMergeRequest {
+              enabledAt
+            }
+          }
+        }
+      }
+      `,
+      {
+        pullRequestId: prId
+      }
+    )
+    logger.logger.info(`Auto-merge enabled for PR #${prNumber}`)
+  } catch (e) {
+    logger.logger.error(`Failed to enable auto-merge for PR #${prNumber}:`, e)
+  }
+}
 async function openGitHubPullRequest(name, targetVersion, cwd = process.cwd()) {
   // Lazily access constants.ENV[GITHUB_ACTIONS].
   if (constants.ENV[GITHUB_ACTIONS]) {
@@ -3816,7 +3845,7 @@ async function openGitHubPullRequest(name, targetVersion, cwd = process.cwd()) {
       })
     }
     const octokit = getOctokit()
-    await octokit.pulls.create({
+    return await octokit.pulls.create({
       owner,
       repo,
       title: commitMsg,
@@ -3843,16 +3872,10 @@ async function install$1(idealTree, options) {
   arb2.idealTree = idealTree
   await arb2.reify()
 }
-async function npmFix(_pkgEnvDetails, options) {
-  const {
-    cwd = process.cwd(),
-    spinner,
-    test = false,
-    testScript = 'test'
-  } = {
-    __proto__: null,
-    ...options
-  }
+async function npmFix(
+  _pkgEnvDetails,
+  { autoMerge, cwd, rangeStyle, spinner, test, testScript }
+) {
   spinner?.start()
   const arb = new shadowNpmInject.SafeArborist({
     path: cwd,
@@ -3948,7 +3971,8 @@ async function npmFix(_pkgEnvDetails, options) {
             shadowNpmInject.updatePackageJsonFromNode(
               editablePkgJson,
               arb.idealTree,
-              node
+              node,
+              rangeStyle
             )
             // eslint-disable-next-line no-await-in-loop
             await editablePkgJson.save()
@@ -3972,7 +3996,15 @@ async function npmFix(_pkgEnvDetails, options) {
             // Lazily access constants.ENV[CI].
             if (constants.ENV[CI$1]) {
               // eslint-disable-next-line no-await-in-loop
-              await openGitHubPullRequest(name, targetVersion, cwd)
+              const prResponse = await openGitHubPullRequest(
+                name,
+                targetVersion,
+                cwd
+              )
+              if (autoMerge) {
+                // eslint-disable-next-line no-await-in-loop
+                await enableAutoMerge(prResponse.data)
+              }
             }
           } catch {
             spinner?.error(`Reverting ${fixSpec}`)
@@ -4207,16 +4239,10 @@ async function install(pkgEnvDetails, options) {
     stdio: 'ignore'
   })
 }
-async function pnpmFix(pkgEnvDetails, options) {
-  const {
-    cwd = process.cwd(),
-    spinner,
-    test = false,
-    testScript = 'test'
-  } = {
-    __proto__: null,
-    ...options
-  }
+async function pnpmFix(
+  pkgEnvDetails,
+  { autoMerge, cwd, rangeStyle, spinner, test, testScript }
+) {
   const lockfile = await lockfile_fs.readWantedLockfile(cwd, {
     ignoreIncompatible: false
   })
@@ -4273,7 +4299,7 @@ async function pnpmFix(pkgEnvDetails, options) {
         vulnerableVersionRange
       } of infos) {
         const node = shadowNpmInject.findPackageNode(
-          arb.idealTree,
+          arb.actualTree,
           name,
           oldVersion
         )
@@ -4346,7 +4372,8 @@ async function pnpmFix(pkgEnvDetails, options) {
             shadowNpmInject.updatePackageJsonFromNode(
               editablePkgJson,
               arb.actualTree,
-              node
+              node,
+              rangeStyle
             )
             // eslint-disable-next-line no-await-in-loop
             await editablePkgJson.save()
@@ -4371,7 +4398,15 @@ async function pnpmFix(pkgEnvDetails, options) {
             // Lazily access constants.ENV[CI].
             if (constants.ENV[CI]) {
               // eslint-disable-next-line no-await-in-loop
-              await openGitHubPullRequest(name, targetVersion, cwd)
+              const prResponse = await openGitHubPullRequest(
+                name,
+                targetVersion,
+                cwd
+              )
+              if (autoMerge) {
+                // eslint-disable-next-line no-await-in-loop
+                await enableAutoMerge(prResponse.data)
+              }
             }
           } catch {
             spinner?.error(`Reverting ${fixSpec}`)
@@ -4798,48 +4833,27 @@ async function detectAndValidatePackageEnvironment(cwd, options) {
 
 const { NPM: NPM$a, PNPM: PNPM$7 } = constants
 const CMD_NAME$2 = 'socket fix'
-async function runFix({
-  cwd = process.cwd(),
-  rangeStyle,
-  spinner,
-  test = false,
-  testScript = 'test'
-}) {
-  const pkgEnvDetails = await detectAndValidatePackageEnvironment(cwd, {
+async function runFix(options_) {
+  const options = shadowNpmInject.assignDefaultFixOptions({
+    __proto__: null,
+    ...options_
+  })
+  const pkgEnvDetails = await detectAndValidatePackageEnvironment(options.cwd, {
     cmdName: CMD_NAME$2,
     logger: logger.logger
   })
   if (!pkgEnvDetails) {
-    spinner?.stop()
     return
   }
   logger.logger.info(`Fixing packages for ${pkgEnvDetails.agent}`)
-  switch (pkgEnvDetails.agent) {
-    case NPM$a: {
-      await npmFix(pkgEnvDetails, {
-        rangeStyle,
-        spinner,
-        test,
-        testScript
-      })
-      break
-    }
-    case PNPM$7: {
-      await pnpmFix(pkgEnvDetails, {
-        rangeStyle,
-        spinner,
-        test,
-        testScript
-      })
-      break
-    }
+  const { agent } = pkgEnvDetails
+  if (agent === NPM$a) {
+    await npmFix(pkgEnvDetails, options)
+  } else if (agent === PNPM$7) {
+    await pnpmFix(pkgEnvDetails, options)
   }
-  spinner?.stop()
-  // spinner.successAndStop('Socket.dev fix successful')
 }
 
-const RangeStyles = ['caret', 'gt', 'lt', 'pin', 'preserve', 'tilde']
-
 const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$w } = constants
 const config$z = {
   commandName: 'fix',
@@ -4847,6 +4861,11 @@ const config$z = {
   hidden: true,
   flags: {
     ...commonFlags,
+    autoMerge: {
+      type: 'boolean',
+      default: true,
+      description: `Enable auto-merge for pull requests that Socket opens.\n                        See ${terminalLink('GitHub documentation', 'https://docs.github.com/en/repositories/configuring-branches-and-merges-in-your-repository/configuring-pull-request-merges/managing-auto-merge-for-pull-requests-in-your-repository')} for managing auto-merge for pull requests in your repository.`
+    },
     rangeStyle: {
       type: 'string',
       default: 'preserve',
@@ -4864,7 +4883,7 @@ const config$z = {
     test: {
       type: 'boolean',
       default: true,
-      description: 'Very the fix by running unit tests'
+      description: 'Verify the fix by running unit tests'
     },
     testScript: {
       type: 'string',
@@ -4893,8 +4912,8 @@ async function run$z(argv, importMeta, { parentName }) {
     parentName
   })
   const wasBadInput = handleBadInput({
-    test: RangeStyles.includes(cli.flags['rangeStyle']),
-    message: `Expecting range style of ${arrays.joinOr(RangeStyles)}`,
+    test: shadowNpmInject.RangeStyles.includes(cli.flags['rangeStyle']),
+    message: `Expecting range style of ${arrays.joinOr(shadowNpmInject.RangeStyles)}`,
     pass: 'ok',
     fail: 'missing'
   })
@@ -4909,6 +4928,7 @@ async function run$z(argv, importMeta, { parentName }) {
   // Lazily access constants.spinner.
   const { spinner } = constants
   await runFix({
+    autoMerge: Boolean(cli.flags['autoMerge']),
     spinner,
     rangeStyle: cli.flags['rangeStyle'] ?? undefined,
     test: Boolean(cli.flags['test']),
@@ -11284,7 +11304,7 @@ void (async () => {
   await vendor.updater({
     name: SOCKET_CLI_BIN_NAME,
     // The '@rollup/plugin-replace' will replace "process.env['INLINED_SOCKET_CLI_VERSION']".
-    version: '0.14.78',
+    version: '0.14.80',
     ttl: 86_400_000 /* 24 hours in milliseconds */
   })
   try {
@@ -11352,5 +11372,5 @@ void (async () => {
     await shadowNpmInject.captureException(e)
   }
 })()
-//# debugId=990a6546-9d9d-46b0-b7f0-d76d8bd6027a
+//# debugId=bacb26e3-a893-4b98-b932-47c19a1d8f5d
 //# sourceMappingURL=cli.js.map