@socketsecurity/cli-with-sentry 0.14.85 → 0.14.86

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -44,6 +44,8 @@ type IPC = Readonly<{
44
44
  SOCKET_CLI_SAFE_PROGRESS?: boolean | undefined
45
45
  }>
46
46
  declare const constants: {
47
+ readonly NODE_ENV: 'NODE_ENV'
48
+ readonly kInternalsSymbol: unique symbol
47
49
  readonly [kInternalsSymbol]: registryConstants.Internals
48
50
  readonly AT_LATEST: '@latest'
49
51
  readonly BIOME_JSON: 'biome.json'
@@ -69,7 +71,6 @@ declare const constants: {
69
71
  readonly MANIFEST_JSON: 'manifest.json'
70
72
  readonly MIT: 'MIT'
71
73
  readonly NODE_AUTH_TOKEN: 'NODE_AUTH_TOKEN'
72
- readonly NODE_ENV: 'NODE_ENV'
73
74
  readonly NODE_MODULES: 'node_modules'
74
75
  readonly NODE_MODULES_GLOB_RECURSIVE: '**/node_modules'
75
76
  readonly NODE_WORKSPACES: 'node_workspaces'
@@ -152,7 +153,6 @@ declare const constants: {
152
153
  '**/*.tsbuildinfo',
153
154
  '**/Thumbs.db'
154
155
  ]
155
- readonly kInternalsSymbol: unique symbol
156
156
  readonly lifecycleScriptNames: ReadonlySet<string>
157
157
  readonly maintainedNodeVersions: Readonly<MaintainedNodeVersions>
158
158
  readonly nodeHardenFlags: readonly string[] & string[]
@@ -41,7 +41,7 @@ const relConstantsPath = './constants'
41
41
  Sentry.setTag(
42
42
  'version',
43
43
  // The '@rollup/plugin-replace' will replace "process.env['INLINED_SOCKET_CLI_VERSION_HASH']".
44
- '0.14.85:f285d45:d2e4291f:pub'
44
+ '0.14.86:69093e9:7f5177c3:pub'
45
45
  )
46
46
  const constants = require(relConstantsPath)
47
47
  if (constants.ENV.SOCKET_CLI_DEBUG) {
@@ -56,5 +56,5 @@ const relConstantsPath = './constants'
56
56
  } = constants
57
57
  setSentry(Sentry)
58
58
  }
59
- //# debugId=96f123b5-7038-43b8-95e2-69bba9f1d178
59
+ //# debugId=b5cab285-105f-4455-b8eb-98de3d625ca5
60
60
  //# sourceMappingURL=instrument-with-sentry.js.map
@@ -1 +1 @@
1
- {"version":3,"file":"instrument-with-sentry.js","sources":["../../src/instrument-with-sentry.ts"],"sourcesContent":["// This should ONLY be included in the special Sentry build!\n// Otherwise the Sentry dependency won't even be present in the manifest.\n\nimport { logger } from '@socketsecurity/registry/lib/logger'\n\n// Require constants with require(relConstantsPath) instead of require('./constants')\n// so Rollup doesn't generate a constants2.js chunk.\nconst relConstantsPath = './constants'\n// The '@rollup/plugin-replace' will replace \"process.env['INLINED_SOCKET_CLI_SENTRY_BUILD']\".\nif (process.env['INLINED_SOCKET_CLI_SENTRY_BUILD']) {\n const Sentry = require('@sentry/node')\n Sentry.init({\n onFatalError(error: Error) {\n // Defer module loads until after Sentry.init is called.\n if (require(relConstantsPath).ENV.SOCKET_CLI_DEBUG) {\n logger.fail('[DEBUG] [Sentry onFatalError]:', error)\n }\n },\n dsn: 'https://66736701db8e4ffac046bd09fa6aaced@o555220.ingest.us.sentry.io/4508846967619585',\n enabled: true,\n integrations: []\n })\n Sentry.setTag(\n 'environment',\n // The '@rollup/plugin-replace' will replace \"process.env['INLINED_SOCKET_CLI_PUBLISHED_BUILD']\".\n process.env['INLINED_SOCKET_CLI_PUBLISHED_BUILD']\n ? 'pub'\n : // The NODE_ENV convention is used by apps to define the runtime environment.\n // https://nodejs.org/en/learn/getting-started/nodejs-the-difference-between-development-and-production\n process.env['NODE_ENV']\n )\n Sentry.setTag(\n 'version',\n // The '@rollup/plugin-replace' will replace \"process.env['INLINED_SOCKET_CLI_VERSION_HASH']\".\n process.env['INLINED_SOCKET_CLI_VERSION_HASH']\n )\n const constants = require(relConstantsPath)\n if (constants.ENV.SOCKET_CLI_DEBUG) {\n Sentry.setTag('debugging', true)\n logger.log('[DEBUG] Set up Sentry.')\n } else {\n Sentry.setTag('debugging', false)\n }\n const {\n kInternalsSymbol,\n [kInternalsSymbol as unknown as 'Symbol(kInternalsSymbol)']: { setSentry }\n } = constants\n setSentry(Sentry)\n} else if (require(relConstantsPath).ENV.SOCKET_CLI_DEBUG) {\n logger.log('[DEBUG] Sentry disabled explicitly.')\n}\n"],"names":["logger","dsn","enabled","integrations","process","Sentry","setSentry"],"mappings":";;;;;;;;;;;;;AAAA;AACA;;;AAIA;AACA;AACA;AACA;AACoD;AAClD;;;AAGI;;AAEEA;AACF;;AAEFC;AACAC;AACAC;AACF;;AAGE;AACAC;;AAQA;AACAA;AAEF;AACA;AACEC;AACAL;AACF;AACEK;AACF;;;AAGE;AAA+DC;AAAU;AAC3E;;AAEF","debugId":"96f123b5-7038-43b8-95e2-69bba9f1d178"}
1
+ {"version":3,"file":"instrument-with-sentry.js","sources":["../../src/instrument-with-sentry.ts"],"sourcesContent":["// This should ONLY be included in the special Sentry build!\n// Otherwise the Sentry dependency won't even be present in the manifest.\n\nimport { logger } from '@socketsecurity/registry/lib/logger'\n\n// Require constants with require(relConstantsPath) instead of require('./constants')\n// so Rollup doesn't generate a constants2.js chunk.\nconst relConstantsPath = './constants'\n// The '@rollup/plugin-replace' will replace \"process.env['INLINED_SOCKET_CLI_SENTRY_BUILD']\".\nif (process.env['INLINED_SOCKET_CLI_SENTRY_BUILD']) {\n const Sentry = require('@sentry/node')\n Sentry.init({\n onFatalError(error: Error) {\n // Defer module loads until after Sentry.init is called.\n if (require(relConstantsPath).ENV.SOCKET_CLI_DEBUG) {\n logger.fail('[DEBUG] [Sentry onFatalError]:', error)\n }\n },\n dsn: 'https://66736701db8e4ffac046bd09fa6aaced@o555220.ingest.us.sentry.io/4508846967619585',\n enabled: true,\n integrations: []\n })\n Sentry.setTag(\n 'environment',\n // The '@rollup/plugin-replace' will replace \"process.env['INLINED_SOCKET_CLI_PUBLISHED_BUILD']\".\n process.env['INLINED_SOCKET_CLI_PUBLISHED_BUILD']\n ? 'pub'\n : // The NODE_ENV convention is used by apps to define the runtime environment.\n // https://nodejs.org/en/learn/getting-started/nodejs-the-difference-between-development-and-production\n process.env['NODE_ENV']\n )\n Sentry.setTag(\n 'version',\n // The '@rollup/plugin-replace' will replace \"process.env['INLINED_SOCKET_CLI_VERSION_HASH']\".\n process.env['INLINED_SOCKET_CLI_VERSION_HASH']\n )\n const constants = require(relConstantsPath)\n if (constants.ENV.SOCKET_CLI_DEBUG) {\n Sentry.setTag('debugging', true)\n logger.log('[DEBUG] Set up Sentry.')\n } else {\n Sentry.setTag('debugging', false)\n }\n const {\n kInternalsSymbol,\n [kInternalsSymbol as unknown as 'Symbol(kInternalsSymbol)']: { setSentry }\n } = constants\n setSentry(Sentry)\n} else if (require(relConstantsPath).ENV.SOCKET_CLI_DEBUG) {\n logger.log('[DEBUG] Sentry disabled explicitly.')\n}\n"],"names":["logger","dsn","enabled","integrations","process","Sentry","setSentry"],"mappings":";;;;;;;;;;;;;AAAA;AACA;;;AAIA;AACA;AACA;AACA;AACoD;AAClD;;;AAGI;;AAEEA;AACF;;AAEFC;AACAC;AACAC;AACF;;AAGE;AACAC;;AAQA;AACAA;AAEF;AACA;AACEC;AACAL;AACF;AACEK;AACF;;;AAGE;AAA+DC;AAAU;AAC3E;;AAEF","debugId":"b5cab285-105f-4455-b8eb-98de3d625ca5"}
@@ -915,7 +915,7 @@ function emitBanner(name) {
915
915
  logger.logger.error(getAsciiHeader(name))
916
916
  }
917
917
  function getAsciiHeader(command) {
918
- const cliVersion = '0.14.85:f285d45:d2e4291f:pub' // The '@rollup/plugin-replace' will replace "process.env['INLINED_SOCKET_CLI_VERSION_HASH']".
918
+ const cliVersion = '0.14.86:69093e9:7f5177c3:pub' // The '@rollup/plugin-replace' will replace "process.env['INLINED_SOCKET_CLI_VERSION_HASH']".
919
919
  const nodeVersion = process$1.version
920
920
  const apiToken = shadowNpmInject.getDefaultToken()
921
921
  const shownToken = apiToken ? getLastFiveOfApiToken(apiToken) : 'no'
@@ -3945,10 +3945,14 @@ async function npmFix(
3945
3945
  continue
3946
3946
  }
3947
3947
  const oldSpec = `${name}@${oldVersion}`
3948
+ let targetVersion
3949
+ let failed = false
3950
+ let installed = false
3951
+ let saved = false
3948
3952
  if (
3949
3953
  shadowNpmInject.updateNode(node, packument, vulnerableVersionRange)
3950
3954
  ) {
3951
- const targetVersion = node.package.version
3955
+ targetVersion = node.package.version
3952
3956
  const fixSpec = `${name}@^${targetVersion}`
3953
3957
  const revertData = {
3954
3958
  ...(pkgJson.dependencies
@@ -3968,8 +3972,6 @@ async function npmFix(
3968
3972
  : undefined)
3969
3973
  }
3970
3974
  spinner?.info(`Installing ${fixSpec}`)
3971
- let saved = false
3972
- let installed = false
3973
3975
  try {
3974
3976
  shadowNpmInject.updatePackageJsonFromNode(
3975
3977
  editablePkgJson,
@@ -3996,20 +3998,8 @@ async function npmFix(
3996
3998
  }
3997
3999
  spinner?.successAndStop(`Fixed ${name}`)
3998
4000
  spinner?.start()
3999
- // Lazily access constants.ENV[CI].
4000
- if (constants.ENV[CI$1]) {
4001
- // eslint-disable-next-line no-await-in-loop
4002
- const prResponse = await openGitHubPullRequest(
4003
- name,
4004
- targetVersion,
4005
- cwd
4006
- )
4007
- if (autoMerge) {
4008
- // eslint-disable-next-line no-await-in-loop
4009
- await enableAutoMerge(prResponse.data)
4010
- }
4011
- }
4012
4001
  } catch {
4002
+ failed = true
4013
4003
  spinner?.error(`Reverting ${fixSpec}`)
4014
4004
  if (saved) {
4015
4005
  editablePkgJson.update(revertData)
@@ -4025,8 +4015,35 @@ async function npmFix(
4025
4015
  spinner?.failAndStop(`Failed to fix ${oldSpec}`)
4026
4016
  }
4027
4017
  } else {
4018
+ failed = true
4028
4019
  spinner?.failAndStop(`Could not patch ${oldSpec}`)
4029
4020
  }
4021
+ if (
4022
+ !failed &&
4023
+ // Check targetVersion to make TypeScript happy.
4024
+ targetVersion &&
4025
+ // Lazily access constants.ENV[CI].
4026
+ constants.ENV[CI$1]
4027
+ ) {
4028
+ let prResponse
4029
+ try {
4030
+ // eslint-disable-next-line no-await-in-loop
4031
+ prResponse = await openGitHubPullRequest(name, targetVersion, cwd)
4032
+ } catch (e) {
4033
+ logger.logger.error('Failed to open pull request', e)
4034
+ }
4035
+ if (prResponse && autoMerge) {
4036
+ try {
4037
+ // eslint-disable-next-line no-await-in-loop
4038
+ await enableAutoMerge(prResponse.data)
4039
+ } catch (e) {
4040
+ logger.logger.error(
4041
+ 'Failed to enable auto-merge in pull request',
4042
+ e
4043
+ )
4044
+ }
4045
+ }
4046
+ }
4030
4047
  }
4031
4048
  }
4032
4049
  }
@@ -4214,7 +4231,7 @@ function runAgentInstall(pkgEnvDetails, options) {
4214
4231
  ...options
4215
4232
  }
4216
4233
  const skipNodeHardenFlags =
4217
- pkgEnvDetails.agent === PNPM$a && pkgEnvDetails.agentVersion.major < 11
4234
+ agent === PNPM$a && pkgEnvDetails.agentVersion.major < 11
4218
4235
  return spawn.spawn(agentExecPath, ['install', ...args], {
4219
4236
  spinner,
4220
4237
  stdio: 'inherit',
@@ -4235,8 +4252,15 @@ function runAgentInstall(pkgEnvDetails, options) {
4235
4252
  }
4236
4253
 
4237
4254
  const { CI, NPM: NPM$c, OVERRIDES: OVERRIDES$2, PNPM: PNPM$9 } = constants
4238
- async function install(pkgEnvDetails, arb, options) {
4239
- const { spinner } = {
4255
+ async function getActualTree(cwd = process.cwd()) {
4256
+ const arb = new shadowNpmInject.SafeArborist({
4257
+ path: cwd,
4258
+ ...shadowNpmInject.SAFE_ARBORIST_REIFY_OPTIONS_OVERRIDES
4259
+ })
4260
+ return await arb.loadActual()
4261
+ }
4262
+ async function install(pkgEnvDetails, options) {
4263
+ const { cwd, spinner } = {
4240
4264
  __proto__: null,
4241
4265
  ...options
4242
4266
  }
@@ -4245,8 +4269,7 @@ async function install(pkgEnvDetails, arb, options) {
4245
4269
  spinner,
4246
4270
  stdio: debug.isDebug() ? 'inherit' : 'ignore'
4247
4271
  })
4248
- arb.actualTree = null
4249
- await arb.loadActual()
4272
+ return await getActualTree(cwd)
4250
4273
  }
4251
4274
  async function pnpmFix(
4252
4275
  pkgEnvDetails,
@@ -4276,11 +4299,7 @@ async function pnpmFix(
4276
4299
  editable: true
4277
4300
  })
4278
4301
  const { content: pkgJson } = editablePkgJson
4279
- const arb = new shadowNpmInject.SafeArborist({
4280
- path: cwd,
4281
- ...shadowNpmInject.SAFE_ARBORIST_REIFY_OPTIONS_OVERRIDES
4282
- })
4283
- await arb.loadActual()
4302
+ let actualTree = await getActualTree(cwd)
4284
4303
  for (const { 0: name, 1: infos } of infoByPkg) {
4285
4304
  if (registry.getManifestData(NPM$c, name)) {
4286
4305
  spinner?.info(`Skipping ${name}. Socket Optimize package exists.`)
@@ -4288,7 +4307,7 @@ async function pnpmFix(
4288
4307
  }
4289
4308
  const specs = arrays.arrayUnique(
4290
4309
  shadowNpmInject
4291
- .findPackageNodes(arb.actualTree, name)
4310
+ .findPackageNodes(actualTree, name)
4292
4311
  .map(n => `${n.name}@${n.version}`)
4293
4312
  )
4294
4313
  const packument =
@@ -4308,7 +4327,7 @@ async function pnpmFix(
4308
4327
  vulnerableVersionRange
4309
4328
  } of infos) {
4310
4329
  const node = shadowNpmInject.findPackageNode(
4311
- arb.actualTree,
4330
+ actualTree,
4312
4331
  name,
4313
4332
  oldVersion
4314
4333
  )
@@ -4325,6 +4344,9 @@ async function pnpmFix(
4325
4344
  const targetPackument = targetVersion
4326
4345
  ? packument.versions[targetVersion]
4327
4346
  : undefined
4347
+ let failed = false
4348
+ let installed = false
4349
+ let saved = false
4328
4350
  if (targetVersion && targetPackument) {
4329
4351
  const oldPnpm = pkgJson[PNPM$9]
4330
4352
  const pnpmKeyCount = oldPnpm ? Object.keys(oldPnpm).length : 0
@@ -4374,13 +4396,11 @@ async function pnpmFix(
4374
4396
  : undefined)
4375
4397
  }
4376
4398
  spinner?.info(`Installing ${fixSpec}`)
4377
- let saved = false
4378
- let installed = false
4379
4399
  try {
4380
4400
  editablePkgJson.update(updateData)
4381
4401
  shadowNpmInject.updatePackageJsonFromNode(
4382
4402
  editablePkgJson,
4383
- arb.actualTree,
4403
+ actualTree,
4384
4404
  node,
4385
4405
  rangeStyle
4386
4406
  )
@@ -4389,7 +4409,7 @@ async function pnpmFix(
4389
4409
  saved = true
4390
4410
 
4391
4411
  // eslint-disable-next-line no-await-in-loop
4392
- await install(pkgEnvDetails, arb, {
4412
+ actualTree = await install(pkgEnvDetails, {
4393
4413
  spinner
4394
4414
  })
4395
4415
  installed = true
@@ -4403,21 +4423,8 @@ async function pnpmFix(
4403
4423
  }
4404
4424
  spinner?.successAndStop(`Fixed ${name}`)
4405
4425
  spinner?.start()
4406
-
4407
- // Lazily access constants.ENV[CI].
4408
- if (constants.ENV[CI]) {
4409
- // eslint-disable-next-line no-await-in-loop
4410
- const prResponse = await openGitHubPullRequest(
4411
- name,
4412
- targetVersion,
4413
- cwd
4414
- )
4415
- if (autoMerge) {
4416
- // eslint-disable-next-line no-await-in-loop
4417
- await enableAutoMerge(prResponse.data)
4418
- }
4419
- }
4420
4426
  } catch (e) {
4427
+ failed = true
4421
4428
  spinner?.error(`Reverting ${fixSpec}`, e)
4422
4429
  if (saved) {
4423
4430
  editablePkgJson.update(revertData)
@@ -4426,15 +4433,42 @@ async function pnpmFix(
4426
4433
  }
4427
4434
  if (installed) {
4428
4435
  // eslint-disable-next-line no-await-in-loop
4429
- await install(pkgEnvDetails, arb, {
4436
+ actualTree = await install(pkgEnvDetails, {
4430
4437
  spinner
4431
4438
  })
4432
4439
  }
4433
4440
  spinner?.failAndStop(`Failed to fix ${oldSpec}`)
4434
4441
  }
4435
4442
  } else {
4443
+ failed = true
4436
4444
  spinner?.failAndStop(`Could not patch ${oldSpec}`)
4437
4445
  }
4446
+ if (
4447
+ !failed &&
4448
+ // Check targetVersion to make TypeScript happy.
4449
+ targetVersion &&
4450
+ // Lazily access constants.ENV[CI].
4451
+ constants.ENV[CI]
4452
+ ) {
4453
+ let prResponse
4454
+ try {
4455
+ // eslint-disable-next-line no-await-in-loop
4456
+ prResponse = await openGitHubPullRequest(name, targetVersion, cwd)
4457
+ } catch (e) {
4458
+ logger.logger.error('Failed to open pull request', e)
4459
+ }
4460
+ if (prResponse && autoMerge) {
4461
+ try {
4462
+ // eslint-disable-next-line no-await-in-loop
4463
+ await enableAutoMerge(prResponse.data)
4464
+ } catch (e) {
4465
+ logger.logger.error(
4466
+ 'Failed to enable auto-merge in pull request',
4467
+ e
4468
+ )
4469
+ }
4470
+ }
4471
+ }
4438
4472
  }
4439
4473
  }
4440
4474
  }
@@ -11308,7 +11342,7 @@ void (async () => {
11308
11342
  await updateNotifier({
11309
11343
  name: SOCKET_CLI_BIN_NAME,
11310
11344
  // The '@rollup/plugin-replace' will replace "process.env['INLINED_SOCKET_CLI_VERSION']".
11311
- version: '0.14.85',
11345
+ version: '0.14.86',
11312
11346
  ttl: 86_400_000 /* 24 hours in milliseconds */
11313
11347
  })
11314
11348
  try {
@@ -11376,5 +11410,5 @@ void (async () => {
11376
11410
  await shadowNpmInject.captureException(e)
11377
11411
  }
11378
11412
  })()
11379
- //# debugId=4c5033d8-b51b-4e74-849f-37bf630f03a
11413
+ //# debugId=25e9779a-36e3-488a-a24f-cffa66f1d6b5
11380
11414
  //# sourceMappingURL=cli.js.map