@socketsecurity/cli-with-sentry 0.14.85 → 0.14.87

package/dist/instrument-with-sentry.js

@@ -41,7 +41,7 @@ const relConstantsPath = './constants'
   Sentry.setTag(
     'version',
     // The '@rollup/plugin-replace' will replace "process.env['INLINED_SOCKET_CLI_VERSION_HASH']".
-    '0.14.85:f285d45:d2e4291f:pub'
+    '0.14.87:0330c30:e39f7589:pub'
   )
   const constants = require(relConstantsPath)
   if (constants.ENV.SOCKET_CLI_DEBUG) {
@@ -56,5 +56,5 @@ const relConstantsPath = './constants'
   } = constants
   setSentry(Sentry)
 }
-//# debugId=96f123b5-7038-43b8-95e2-69bba9f1d178
+//# debugId=7462b6a0-0ec4-4dd2-9b42-785f00a71795
 //# sourceMappingURL=instrument-with-sentry.js.map

package/dist/instrument-with-sentry.js.map

@@ -1 +1 @@
-{"version":3,"file":"instrument-with-sentry.js","sources":["../../src/instrument-with-sentry.ts"],"sourcesContent":["// This should ONLY be included in the special Sentry build!\n// Otherwise the Sentry dependency won't even be present in the manifest.\n\nimport { logger } from '@socketsecurity/registry/lib/logger'\n\n// Require constants with require(relConstantsPath) instead of require('./constants')\n// so Rollup doesn't generate a constants2.js chunk.\nconst relConstantsPath = './constants'\n// The '@rollup/plugin-replace' will replace \"process.env['INLINED_SOCKET_CLI_SENTRY_BUILD']\".\nif (process.env['INLINED_SOCKET_CLI_SENTRY_BUILD']) {\n  const Sentry = require('@sentry/node')\n  Sentry.init({\n    onFatalError(error: Error) {\n      // Defer module loads until after Sentry.init is called.\n      if (require(relConstantsPath).ENV.SOCKET_CLI_DEBUG) {\n        logger.fail('[DEBUG] [Sentry onFatalError]:', error)\n      }\n    },\n    dsn: 'https://66736701db8e4ffac046bd09fa6aaced@o555220.ingest.us.sentry.io/4508846967619585',\n    enabled: true,\n    integrations: []\n  })\n  Sentry.setTag(\n    'environment',\n    // The '@rollup/plugin-replace' will replace \"process.env['INLINED_SOCKET_CLI_PUBLISHED_BUILD']\".\n    process.env['INLINED_SOCKET_CLI_PUBLISHED_BUILD']\n      ? 'pub'\n      : // The NODE_ENV convention is used by apps to define the runtime environment.\n        // https://nodejs.org/en/learn/getting-started/nodejs-the-difference-between-development-and-production\n        process.env['NODE_ENV']\n  )\n  Sentry.setTag(\n    'version',\n    // The '@rollup/plugin-replace' will replace \"process.env['INLINED_SOCKET_CLI_VERSION_HASH']\".\n    process.env['INLINED_SOCKET_CLI_VERSION_HASH']\n  )\n  const constants = require(relConstantsPath)\n  if (constants.ENV.SOCKET_CLI_DEBUG) {\n    Sentry.setTag('debugging', true)\n    logger.log('[DEBUG] Set up Sentry.')\n  } else {\n    Sentry.setTag('debugging', false)\n  }\n  const {\n    kInternalsSymbol,\n    [kInternalsSymbol as unknown as 'Symbol(kInternalsSymbol)']: { setSentry }\n  } = constants\n  setSentry(Sentry)\n} else if (require(relConstantsPath).ENV.SOCKET_CLI_DEBUG) {\n  logger.log('[DEBUG] Sentry disabled explicitly.')\n}\n"],"names":["logger","dsn","enabled","integrations","process","Sentry","setSentry"],"mappings":";;;;;;;;;;;;;AAAA;AACA;;;AAIA;AACA;AACA;AACA;AACoD;AAClD;;;AAGI;;AAEEA;AACF;;AAEFC;AACAC;AACAC;AACF;;AAGE;AACAC;;AAQA;AACAA;AAEF;AACA;AACEC;AACAL;AACF;AACEK;AACF;;;AAGE;AAA+DC;AAAU;AAC3E;;AAEF","debugId":"96f123b5-7038-43b8-95e2-69bba9f1d178"}
+{"version":3,"file":"instrument-with-sentry.js","sources":["../../src/instrument-with-sentry.ts"],"sourcesContent":["// This should ONLY be included in the special Sentry build!\n// Otherwise the Sentry dependency won't even be present in the manifest.\n\nimport { logger } from '@socketsecurity/registry/lib/logger'\n\n// Require constants with require(relConstantsPath) instead of require('./constants')\n// so Rollup doesn't generate a constants2.js chunk.\nconst relConstantsPath = './constants'\n// The '@rollup/plugin-replace' will replace \"process.env['INLINED_SOCKET_CLI_SENTRY_BUILD']\".\nif (process.env['INLINED_SOCKET_CLI_SENTRY_BUILD']) {\n  const Sentry = require('@sentry/node')\n  Sentry.init({\n    onFatalError(error: Error) {\n      // Defer module loads until after Sentry.init is called.\n      if (require(relConstantsPath).ENV.SOCKET_CLI_DEBUG) {\n        logger.fail('[DEBUG] [Sentry onFatalError]:', error)\n      }\n    },\n    dsn: 'https://66736701db8e4ffac046bd09fa6aaced@o555220.ingest.us.sentry.io/4508846967619585',\n    enabled: true,\n    integrations: []\n  })\n  Sentry.setTag(\n    'environment',\n    // The '@rollup/plugin-replace' will replace \"process.env['INLINED_SOCKET_CLI_PUBLISHED_BUILD']\".\n    process.env['INLINED_SOCKET_CLI_PUBLISHED_BUILD']\n      ? 'pub'\n      : // The NODE_ENV convention is used by apps to define the runtime environment.\n        // https://nodejs.org/en/learn/getting-started/nodejs-the-difference-between-development-and-production\n        process.env['NODE_ENV']\n  )\n  Sentry.setTag(\n    'version',\n    // The '@rollup/plugin-replace' will replace \"process.env['INLINED_SOCKET_CLI_VERSION_HASH']\".\n    process.env['INLINED_SOCKET_CLI_VERSION_HASH']\n  )\n  const constants = require(relConstantsPath)\n  if (constants.ENV.SOCKET_CLI_DEBUG) {\n    Sentry.setTag('debugging', true)\n    logger.log('[DEBUG] Set up Sentry.')\n  } else {\n    Sentry.setTag('debugging', false)\n  }\n  const {\n    kInternalsSymbol,\n    [kInternalsSymbol as unknown as 'Symbol(kInternalsSymbol)']: { setSentry }\n  } = constants\n  setSentry(Sentry)\n} else if (require(relConstantsPath).ENV.SOCKET_CLI_DEBUG) {\n  logger.log('[DEBUG] Sentry disabled explicitly.')\n}\n"],"names":["logger","dsn","enabled","integrations","process","Sentry","setSentry"],"mappings":";;;;;;;;;;;;;AAAA;AACA;;;AAIA;AACA;AACA;AACA;AACoD;AAClD;;;AAGI;;AAEEA;AACF;;AAEFC;AACAC;AACAC;AACF;;AAGE;AACAC;;AAQA;AACAA;AAEF;AACA;AACEC;AACAL;AACF;AACEK;AACF;;;AAGE;AAA+DC;AAAU;AAC3E;;AAEF","debugId":"7462b6a0-0ec4-4dd2-9b42-785f00a71795"}

package/dist/module-sync/cli.js

@@ -915,7 +915,7 @@ function emitBanner(name) {
   logger.logger.error(getAsciiHeader(name))
 }
 function getAsciiHeader(command) {
-  const cliVersion = '0.14.85:f285d45:d2e4291f:pub' // The '@rollup/plugin-replace' will replace "process.env['INLINED_SOCKET_CLI_VERSION_HASH']".
+  const cliVersion = '0.14.87:0330c30:e39f7589:pub' // The '@rollup/plugin-replace' will replace "process.env['INLINED_SOCKET_CLI_VERSION_HASH']".
   const nodeVersion = process$1.version
   const apiToken = shadowNpmInject.getDefaultToken()
   const shownToken = apiToken ? getLastFiveOfApiToken(apiToken) : 'no'
@@ -3903,7 +3903,6 @@ async function npmFix(
   const editablePkgJson = await packages.readPackageJson(cwd, {
     editable: true
   })
-  const { content: pkgJson } = editablePkgJson
   await arb.buildIdealTree()
   for (const { 0: name, 1: infos } of infoByPkg) {
     const hasUpgrade = !!registry.getManifestData(NPM$f, name)
@@ -3945,36 +3944,40 @@ async function npmFix(
           continue
         }
         const oldSpec = `${name}@${oldVersion}`
+        let targetVersion
+        let failed = false
+        let installed = false
+        let saved = false
         if (
           shadowNpmInject.updateNode(node, packument, vulnerableVersionRange)
         ) {
-          const targetVersion = node.package.version
+          targetVersion = node.package.version
           const fixSpec = `${name}@^${targetVersion}`
           const revertData = {
-            ...(pkgJson.dependencies
+            ...(editablePkgJson.content.dependencies
               ? {
-                  dependencies: pkgJson.dependencies
+                  dependencies: editablePkgJson.content.dependencies
                 }
               : undefined),
-            ...(pkgJson.optionalDependencies
+            ...(editablePkgJson.content.optionalDependencies
               ? {
-                  optionalDependencies: pkgJson.optionalDependencies
+                  optionalDependencies:
+                    editablePkgJson.content.optionalDependencies
                 }
               : undefined),
-            ...(pkgJson.peerDependencies
+            ...(editablePkgJson.content.peerDependencies
               ? {
-                  peerDependencies: pkgJson.peerDependencies
+                  peerDependencies: editablePkgJson.content.peerDependencies
                 }
               : undefined)
           }
           spinner?.info(`Installing ${fixSpec}`)
-          let saved = false
-          let installed = false
           try {
             shadowNpmInject.updatePackageJsonFromNode(
               editablePkgJson,
               arb.idealTree,
               node,
+              targetVersion,
               rangeStyle
             )
             // eslint-disable-next-line no-await-in-loop
@@ -3996,20 +3999,8 @@ async function npmFix(
             }
             spinner?.successAndStop(`Fixed ${name}`)
             spinner?.start()
-            // Lazily access constants.ENV[CI].
-            if (constants.ENV[CI$1]) {
-              // eslint-disable-next-line no-await-in-loop
-              const prResponse = await openGitHubPullRequest(
-                name,
-                targetVersion,
-                cwd
-              )
-              if (autoMerge) {
-                // eslint-disable-next-line no-await-in-loop
-                await enableAutoMerge(prResponse.data)
-              }
-            }
           } catch {
+            failed = true
             spinner?.error(`Reverting ${fixSpec}`)
             if (saved) {
               editablePkgJson.update(revertData)
@@ -4025,8 +4016,35 @@ async function npmFix(
             spinner?.failAndStop(`Failed to fix ${oldSpec}`)
           }
         } else {
+          failed = true
           spinner?.failAndStop(`Could not patch ${oldSpec}`)
         }
+        if (
+          !failed &&
+          // Check targetVersion to make TypeScript happy.
+          targetVersion &&
+          // Lazily access constants.ENV[CI].
+          constants.ENV[CI$1]
+        ) {
+          let prResponse
+          try {
+            // eslint-disable-next-line no-await-in-loop
+            prResponse = await openGitHubPullRequest(name, targetVersion, cwd)
+          } catch (e) {
+            logger.logger.error('Failed to open pull request', e)
+          }
+          if (prResponse && autoMerge) {
+            try {
+              // eslint-disable-next-line no-await-in-loop
+              await enableAutoMerge(prResponse.data)
+            } catch (e) {
+              logger.logger.error(
+                'Failed to enable auto-merge in pull request',
+                e
+              )
+            }
+          }
+        }
       }
     }
   }
@@ -4214,7 +4232,7 @@ function runAgentInstall(pkgEnvDetails, options) {
     ...options
   }
   const skipNodeHardenFlags =
-    pkgEnvDetails.agent === PNPM$a && pkgEnvDetails.agentVersion.major < 11
+    agent === PNPM$a && pkgEnvDetails.agentVersion.major < 11
   return spawn.spawn(agentExecPath, ['install', ...args], {
     spinner,
     stdio: 'inherit',
@@ -4235,8 +4253,15 @@ function runAgentInstall(pkgEnvDetails, options) {
 }
 
 const { CI, NPM: NPM$c, OVERRIDES: OVERRIDES$2, PNPM: PNPM$9 } = constants
-async function install(pkgEnvDetails, arb, options) {
-  const { spinner } = {
+async function getActualTree(cwd = process.cwd()) {
+  const arb = new shadowNpmInject.SafeArborist({
+    path: cwd,
+    ...shadowNpmInject.SAFE_ARBORIST_REIFY_OPTIONS_OVERRIDES
+  })
+  return await arb.loadActual()
+}
+async function install(pkgEnvDetails, options) {
+  const { cwd, spinner } = {
     __proto__: null,
     ...options
   }
@@ -4245,8 +4270,7 @@ async function install(pkgEnvDetails, arb, options) {
     spinner,
     stdio: debug.isDebug() ? 'inherit' : 'ignore'
   })
-  arb.actualTree = null
-  await arb.loadActual()
+  return await getActualTree(cwd)
 }
 async function pnpmFix(
   pkgEnvDetails,
@@ -4275,12 +4299,7 @@ async function pnpmFix(
   const editablePkgJson = await packages.readPackageJson(cwd, {
     editable: true
   })
-  const { content: pkgJson } = editablePkgJson
-  const arb = new shadowNpmInject.SafeArborist({
-    path: cwd,
-    ...shadowNpmInject.SAFE_ARBORIST_REIFY_OPTIONS_OVERRIDES
-  })
-  await arb.loadActual()
+  let actualTree = await getActualTree(cwd)
   for (const { 0: name, 1: infos } of infoByPkg) {
     if (registry.getManifestData(NPM$c, name)) {
       spinner?.info(`Skipping ${name}. Socket Optimize package exists.`)
@@ -4288,7 +4307,7 @@ async function pnpmFix(
     }
     const specs = arrays.arrayUnique(
       shadowNpmInject
-        .findPackageNodes(arb.actualTree, name)
+        .findPackageNodes(actualTree, name)
         .map(n => `${n.name}@${n.version}`)
     )
     const packument =
@@ -4308,7 +4327,7 @@ async function pnpmFix(
         vulnerableVersionRange
       } of infos) {
         const node = shadowNpmInject.findPackageNode(
-          arb.actualTree,
+          actualTree,
           name,
           oldVersion
         )
@@ -4325,15 +4344,22 @@ async function pnpmFix(
         const targetPackument = targetVersion
           ? packument.versions[targetVersion]
           : undefined
+        let failed = false
+        let installed = false
+        let saved = false
         if (targetVersion && targetPackument) {
-          const oldPnpm = pkgJson[PNPM$9]
-          const pnpmKeyCount = oldPnpm ? Object.keys(oldPnpm).length : 0
+          const oldPnpm = editablePkgJson.content[PNPM$9]
+          const oldPnpmKeyCount = oldPnpm ? Object.keys(oldPnpm).length : 0
           const oldOverrides = oldPnpm?.[OVERRIDES$2]
-          const overridesCount = oldOverrides
+          const oldOverridesCount = oldOverrides
             ? Object.keys(oldOverrides).length
             : 0
           const overrideKey = `${node.name}@${vulnerableVersionRange}`
-          const overrideRange = `^${targetVersion}`
+          const overrideRange = shadowNpmInject.applyRange(
+            oldOverrides?.[overrideKey] ?? targetVersion,
+            targetVersion,
+            rangeStyle
+          )
           const fixSpec = `${name}@${overrideRange}`
           const updateData = {
             [PNPM$9]: {
@@ -4345,11 +4371,11 @@ async function pnpmFix(
             }
           }
           const revertData = {
-            [PNPM$9]: pnpmKeyCount
+            [PNPM$9]: oldPnpmKeyCount
               ? {
                   ...oldPnpm,
                   [OVERRIDES$2]:
-                    overridesCount === 1
+                    oldOverridesCount === 1
                       ? undefined
                       : {
                           [overrideKey]: undefined,
@@ -4357,31 +4383,31 @@ async function pnpmFix(
                         }
                 }
               : undefined,
-            ...(pkgJson.dependencies
+            ...(editablePkgJson.content.dependencies
               ? {
-                  dependencies: pkgJson.dependencies
+                  dependencies: editablePkgJson.content.dependencies
                 }
               : undefined),
-            ...(pkgJson.optionalDependencies
+            ...(editablePkgJson.content.optionalDependencies
               ? {
-                  optionalDependencies: pkgJson.optionalDependencies
+                  optionalDependencies:
+                    editablePkgJson.content.optionalDependencies
                 }
               : undefined),
-            ...(pkgJson.peerDependencies
+            ...(editablePkgJson.content.peerDependencies
               ? {
-                  peerDependencies: pkgJson.peerDependencies
+                  peerDependencies: editablePkgJson.content.peerDependencies
                 }
               : undefined)
           }
           spinner?.info(`Installing ${fixSpec}`)
-          let saved = false
-          let installed = false
           try {
             editablePkgJson.update(updateData)
             shadowNpmInject.updatePackageJsonFromNode(
               editablePkgJson,
-              arb.actualTree,
+              actualTree,
               node,
+              targetVersion,
               rangeStyle
             )
             // eslint-disable-next-line no-await-in-loop
@@ -4389,7 +4415,7 @@ async function pnpmFix(
             saved = true
 
             // eslint-disable-next-line no-await-in-loop
-            await install(pkgEnvDetails, arb, {
+            actualTree = await install(pkgEnvDetails, {
               spinner
             })
             installed = true
@@ -4403,21 +4429,8 @@ async function pnpmFix(
             }
             spinner?.successAndStop(`Fixed ${name}`)
             spinner?.start()
-
-            // Lazily access constants.ENV[CI].
-            if (constants.ENV[CI]) {
-              // eslint-disable-next-line no-await-in-loop
-              const prResponse = await openGitHubPullRequest(
-                name,
-                targetVersion,
-                cwd
-              )
-              if (autoMerge) {
-                // eslint-disable-next-line no-await-in-loop
-                await enableAutoMerge(prResponse.data)
-              }
-            }
           } catch (e) {
+            failed = true
             spinner?.error(`Reverting ${fixSpec}`, e)
             if (saved) {
               editablePkgJson.update(revertData)
@@ -4426,15 +4439,42 @@ async function pnpmFix(
             }
             if (installed) {
               // eslint-disable-next-line no-await-in-loop
-              await install(pkgEnvDetails, arb, {
+              actualTree = await install(pkgEnvDetails, {
                 spinner
               })
             }
             spinner?.failAndStop(`Failed to fix ${oldSpec}`)
           }
         } else {
+          failed = true
           spinner?.failAndStop(`Could not patch ${oldSpec}`)
         }
+        if (
+          !failed &&
+          // Check targetVersion to make TypeScript happy.
+          targetVersion &&
+          // Lazily access constants.ENV[CI].
+          constants.ENV[CI]
+        ) {
+          let prResponse
+          try {
+            // eslint-disable-next-line no-await-in-loop
+            prResponse = await openGitHubPullRequest(name, targetVersion, cwd)
+          } catch (e) {
+            logger.logger.error('Failed to open pull request', e)
+          }
+          if (prResponse && autoMerge) {
+            try {
+              // eslint-disable-next-line no-await-in-loop
+              await enableAutoMerge(prResponse.data)
+            } catch (e) {
+              logger.logger.error(
+                'Failed to enable auto-merge in pull request',
+                e
+              )
+            }
+          }
+        }
       }
     }
   }
@@ -6366,13 +6406,13 @@ const depsIncludesByAgent = new Map([
   [YARN_CLASSIC$5, matchLsCmdViewHumanStdout]
 ])
 
-function getDependencyEntries(pkgJson) {
+function getDependencyEntries(editablePkgJson) {
   const {
     dependencies,
     devDependencies,
     optionalDependencies,
     peerDependencies
-  } = pkgJson
+  } = editablePkgJson.content
   return [
     [
       'dependencies',
@@ -6423,8 +6463,8 @@ const {
   YARN_BERRY: YARN_BERRY$3,
   YARN_CLASSIC: YARN_CLASSIC$4
 } = constants
-function getOverridesDataBun(pkgJson) {
-  const overrides = pkgJson?.[RESOLUTIONS$1] ?? {}
+function getOverridesDataBun(editablePkgJson) {
+  const overrides = editablePkgJson.content?.[RESOLUTIONS$1] ?? {}
   return {
     type: YARN_BERRY$3,
     overrides
@@ -6433,8 +6473,8 @@ function getOverridesDataBun(pkgJson) {
 
 // npm overrides documentation:
 // https://docs.npmjs.com/cli/v10/configuring-npm/package-json#overrides
-function getOverridesDataNpm(pkgJson) {
-  const overrides = pkgJson?.[OVERRIDES$1] ?? {}
+function getOverridesDataNpm(editablePkgJson) {
+  const overrides = editablePkgJson.content?.[OVERRIDES$1] ?? {}
   return {
     type: NPM$5,
     overrides
@@ -6443,15 +6483,15 @@ function getOverridesDataNpm(pkgJson) {
 
 // pnpm overrides documentation:
 // https://pnpm.io/package_json#pnpmoverrides
-function getOverridesDataPnpm(pkgJson) {
-  const overrides = pkgJson?.pnpm?.[OVERRIDES$1] ?? {}
+function getOverridesDataPnpm(editablePkgJson) {
+  const overrides = editablePkgJson.content?.[PNPM$5]?.[OVERRIDES$1] ?? {}
   return {
     type: PNPM$5,
     overrides
   }
 }
-function getOverridesDataVlt(pkgJson) {
-  const overrides = pkgJson?.[OVERRIDES$1] ?? {}
+function getOverridesDataVlt(editablePkgJson) {
+  const overrides = editablePkgJson.content?.[OVERRIDES$1] ?? {}
   return {
     type: VLT$3,
     overrides
@@ -6460,8 +6500,8 @@ function getOverridesDataVlt(pkgJson) {
 
 // Yarn resolutions documentation:
 // https://yarnpkg.com/configuration/manifest#resolutions
-function getOverridesDataYarn(pkgJson) {
-  const overrides = pkgJson?.[RESOLUTIONS$1] ?? {}
+function getOverridesDataYarn(editablePkgJson) {
+  const overrides = editablePkgJson.content?.[RESOLUTIONS$1] ?? {}
   return {
     type: YARN_BERRY$3,
     overrides
@@ -6470,8 +6510,8 @@ function getOverridesDataYarn(pkgJson) {
 
 // Yarn resolutions documentation:
 // https://classic.yarnpkg.com/en/docs/selective-version-resolutions
-function getOverridesDataClassic(pkgJson) {
-  const overrides = pkgJson?.[RESOLUTIONS$1] ?? {}
+function getOverridesDataYarnClassic(editablePkgJson) {
+  const overrides = editablePkgJson.content?.[RESOLUTIONS$1] ?? {}
   return {
     type: YARN_CLASSIC$4,
     overrides
@@ -6483,12 +6523,12 @@ const overridesDataByAgent = new Map([
   [PNPM$5, getOverridesDataPnpm],
   [VLT$3, getOverridesDataVlt],
   [YARN_BERRY$3, getOverridesDataYarn],
-  [YARN_CLASSIC$4, getOverridesDataClassic]
+  [YARN_CLASSIC$4, getOverridesDataYarnClassic]
 ])
 
 const { PNPM: PNPM$4 } = constants
 const PNPM_WORKSPACE = `${PNPM$4}-workspace`
-async function getWorkspaceGlobs(agent, pkgPath, pkgJson) {
+async function getWorkspaceGlobs(agent, pkgPath, editablePkgJson) {
   let workspacePatterns
   if (agent === PNPM$4) {
     for (const workspacePath of [
@@ -6507,7 +6547,7 @@ async function getWorkspaceGlobs(agent, pkgPath, pkgJson) {
       }
     }
   } else {
-    workspacePatterns = pkgJson['workspaces']
+    workspacePatterns = editablePkgJson.content['workspaces']
   }
   return Array.isArray(workspacePatterns)
     ? workspacePatterns
@@ -6780,8 +6820,7 @@ function getHighestEntryIndex(entries, keys) {
   return getEntryIndexes(entries, keys).at(-1) ?? -1
 }
 function updatePkgJsonField(editablePkgJson, field, value) {
-  const { content: pkgJson } = editablePkgJson
-  const oldValue = pkgJson[field]
+  const oldValue = editablePkgJson.content[field]
   if (oldValue) {
     // The field already exists so we simply update the field value.
     if (field === PNPM$1) {
@@ -6832,7 +6871,7 @@ function updatePkgJsonField(editablePkgJson, field, value) {
   // Since the field doesn't exist we want to insert it into the package.json
   // in a place that makes sense, e.g. close to the "dependencies" field. If
   // we can't find a place to insert the field we'll add it to the bottom.
-  const entries = Object.entries(pkgJson)
+  const entries = Object.entries(editablePkgJson.content)
   let insertIndex = -1
   let isPlacingHigher = false
   if (field === OVERRIDES) {
@@ -6931,9 +6970,12 @@ async function addOverrides(pkgPath, pkgEnvDetails, options) {
       editable: true
     })
   }
-  const { content: pkgJson } = editablePkgJson
   const workspaceName = path$1.relative(rootPath, pkgPath)
-  const workspaceGlobs = await getWorkspaceGlobs(agent, pkgPath, pkgJson)
+  const workspaceGlobs = await getWorkspaceGlobs(
+    agent,
+    pkgPath,
+    editablePkgJson
+  )
   const isRoot = pkgPath === rootPath
   const isLockScanned = isRoot && !prod
   const isWorkspace = !!workspaceGlobs
@@ -6953,19 +6995,19 @@ async function addOverrides(pkgPath, pkgEnvDetails, options) {
     )
   }
   const overridesDataObjects = []
-  if (pkgJson['private'] || isWorkspace) {
-    overridesDataObjects.push(overridesDataByAgent.get(agent)(pkgJson))
+  if (editablePkgJson.content['private'] || isWorkspace) {
+    overridesDataObjects.push(overridesDataByAgent.get(agent)(editablePkgJson))
   } else {
     overridesDataObjects.push(
-      overridesDataByAgent.get(NPM$1)(pkgJson),
-      overridesDataByAgent.get(YARN_CLASSIC)(pkgJson)
+      overridesDataByAgent.get(NPM$1)(editablePkgJson),
+      overridesDataByAgent.get(YARN_CLASSIC)(editablePkgJson)
     )
   }
   spinner?.setText(
     `Adding overrides${workspaceName ? ` to ${workspaceName}` : ''}...`
   )
   const depAliasMap = new Map()
-  const depEntries = getDependencyEntries(pkgJson)
+  const depEntries = getDependencyEntries(editablePkgJson)
   const manifestEntries = manifestNpmOverrides.filter(({ 1: data }) =>
     semver.satisfies(
       // Roughly check Node range as semver.coerce will strip leading
@@ -11308,7 +11350,7 @@ void (async () => {
   await updateNotifier({
     name: SOCKET_CLI_BIN_NAME,
     // The '@rollup/plugin-replace' will replace "process.env['INLINED_SOCKET_CLI_VERSION']".
-    version: '0.14.85',
+    version: '0.14.87',
     ttl: 86_400_000 /* 24 hours in milliseconds */
   })
   try {
@@ -11376,5 +11418,5 @@ void (async () => {
     await shadowNpmInject.captureException(e)
   }
 })()
-//# debugId=4c5033d8-b51b-4e74-849f-37bf630f03a
+//# debugId=f5888d1f-c1df-495c-8ef8-bcef09e18680
 //# sourceMappingURL=cli.js.map