@socketsecurity/cli-with-sentry 0.14.92 → 0.14.93

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (9) hide show
  1. package/dist/instrument-with-sentry.js +2 -2
  2. package/dist/instrument-with-sentry.js.map +1 -1
  3. package/dist/module-sync/cli.js +35 -56
  4. package/dist/module-sync/cli.js.map +1 -1
  5. package/dist/module-sync/shadow-npm-inject.js +2 -2
  6. package/dist/module-sync/shadow-npm-inject.js.map +1 -1
  7. package/dist/require/cli.js +34 -55
  8. package/dist/require/cli.js.map +1 -1
  9. package/package.json +1 -1
package/dist/instrument-with-sentry.js CHANGED
@@ -41,7 +41,7 @@ const relConstantsPath = './constants'
41
41
  Sentry.setTag(
42
42
  'version',
43
43
  // The '@rollup/plugin-replace' will replace "process.env['INLINED_SOCKET_CLI_VERSION_HASH']".
44
- '0.14.92:5d5aa04:eb69c214:pub'
44
+ '0.14.93:8908783:3488860f:pub'
45
45
  )
46
46
  const constants = require(relConstantsPath)
47
47
  if (constants.ENV.SOCKET_CLI_DEBUG) {
@@ -56,5 +56,5 @@ const relConstantsPath = './constants'
56
56
  } = constants
57
57
  setSentry(Sentry)
58
58
  }
59
- //# debugId=7c43c672-ed3c-4627-98a8-b8a9a780c778
59
+ //# debugId=968ae08b-a3c7-4f20-9bb2-315a7a4251df
60
60
  //# sourceMappingURL=instrument-with-sentry.js.map
package/dist/instrument-with-sentry.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"instrument-with-sentry.js","sources":["../../src/instrument-with-sentry.ts"],"sourcesContent":["// This should ONLY be included in the special Sentry build!\n// Otherwise the Sentry dependency won't even be present in the manifest.\n\nimport { logger } from '@socketsecurity/registry/lib/logger'\n\n// Require constants with require(relConstantsPath) instead of require('./constants')\n// so Rollup doesn't generate a constants2.js chunk.\nconst relConstantsPath = './constants'\n// The '@rollup/plugin-replace' will replace \"process.env['INLINED_SOCKET_CLI_SENTRY_BUILD']\".\nif (process.env['INLINED_SOCKET_CLI_SENTRY_BUILD']) {\n const Sentry = require('@sentry/node')\n Sentry.init({\n onFatalError(error: Error) {\n // Defer module loads until after Sentry.init is called.\n if (require(relConstantsPath).ENV.SOCKET_CLI_DEBUG) {\n logger.fail('[DEBUG] [Sentry onFatalError]:', error)\n }\n },\n dsn: 'https://66736701db8e4ffac046bd09fa6aaced@o555220.ingest.us.sentry.io/4508846967619585',\n enabled: true,\n integrations: []\n })\n Sentry.setTag(\n 'environment',\n // The '@rollup/plugin-replace' will replace \"process.env['INLINED_SOCKET_CLI_PUBLISHED_BUILD']\".\n process.env['INLINED_SOCKET_CLI_PUBLISHED_BUILD']\n ? 'pub'\n : // The NODE_ENV convention is used by apps to define the runtime environment.\n // https://nodejs.org/en/learn/getting-started/nodejs-the-difference-between-development-and-production\n process.env['NODE_ENV']\n )\n Sentry.setTag(\n 'version',\n // The '@rollup/plugin-replace' will replace \"process.env['INLINED_SOCKET_CLI_VERSION_HASH']\".\n process.env['INLINED_SOCKET_CLI_VERSION_HASH']\n )\n const constants = require(relConstantsPath)\n if (constants.ENV.SOCKET_CLI_DEBUG) {\n Sentry.setTag('debugging', true)\n logger.log('[DEBUG] Set up Sentry.')\n } else {\n Sentry.setTag('debugging', false)\n }\n const {\n kInternalsSymbol,\n [kInternalsSymbol as unknown as 'Symbol(kInternalsSymbol)']: { setSentry }\n } = constants\n setSentry(Sentry)\n} else if (require(relConstantsPath).ENV.SOCKET_CLI_DEBUG) {\n logger.log('[DEBUG] Sentry disabled explicitly.')\n}\n"],"names":["logger","dsn","enabled","integrations","process","Sentry","setSentry"],"mappings":";;;;;;;;;;;;;AAAA;AACA;;;AAIA;AACA;AACA;AACA;AACoD;AAClD;;;AAGI;;AAEEA;AACF;;AAEFC;AACAC;AACAC;AACF;;AAGE;AACAC;;AAQA;AACAA;AAEF;AACA;AACEC;AACAL;AACF;AACEK;AACF;;;AAGE;AAA+DC;AAAU;AAC3E;;AAEF","debugId":"7c43c672-ed3c-4627-98a8-b8a9a780c778"}
1
+ {"version":3,"file":"instrument-with-sentry.js","sources":["../../src/instrument-with-sentry.ts"],"sourcesContent":["// This should ONLY be included in the special Sentry build!\n// Otherwise the Sentry dependency won't even be present in the manifest.\n\nimport { logger } from '@socketsecurity/registry/lib/logger'\n\n// Require constants with require(relConstantsPath) instead of require('./constants')\n// so Rollup doesn't generate a constants2.js chunk.\nconst relConstantsPath = './constants'\n// The '@rollup/plugin-replace' will replace \"process.env['INLINED_SOCKET_CLI_SENTRY_BUILD']\".\nif (process.env['INLINED_SOCKET_CLI_SENTRY_BUILD']) {\n const Sentry = require('@sentry/node')\n Sentry.init({\n onFatalError(error: Error) {\n // Defer module loads until after Sentry.init is called.\n if (require(relConstantsPath).ENV.SOCKET_CLI_DEBUG) {\n logger.fail('[DEBUG] [Sentry onFatalError]:', error)\n }\n },\n dsn: 'https://66736701db8e4ffac046bd09fa6aaced@o555220.ingest.us.sentry.io/4508846967619585',\n enabled: true,\n integrations: []\n })\n Sentry.setTag(\n 'environment',\n // The '@rollup/plugin-replace' will replace \"process.env['INLINED_SOCKET_CLI_PUBLISHED_BUILD']\".\n process.env['INLINED_SOCKET_CLI_PUBLISHED_BUILD']\n ? 'pub'\n : // The NODE_ENV convention is used by apps to define the runtime environment.\n // https://nodejs.org/en/learn/getting-started/nodejs-the-difference-between-development-and-production\n process.env['NODE_ENV']\n )\n Sentry.setTag(\n 'version',\n // The '@rollup/plugin-replace' will replace \"process.env['INLINED_SOCKET_CLI_VERSION_HASH']\".\n process.env['INLINED_SOCKET_CLI_VERSION_HASH']\n )\n const constants = require(relConstantsPath)\n if (constants.ENV.SOCKET_CLI_DEBUG) {\n Sentry.setTag('debugging', true)\n logger.log('[DEBUG] Set up Sentry.')\n } else {\n Sentry.setTag('debugging', false)\n }\n const {\n kInternalsSymbol,\n [kInternalsSymbol as unknown as 'Symbol(kInternalsSymbol)']: { setSentry }\n } = constants\n setSentry(Sentry)\n} else if (require(relConstantsPath).ENV.SOCKET_CLI_DEBUG) {\n logger.log('[DEBUG] Sentry disabled explicitly.')\n}\n"],"names":["logger","dsn","enabled","integrations","process","Sentry","setSentry"],"mappings":";;;;;;;;;;;;;AAAA;AACA;;;AAIA;AACA;AACA;AACA;AACoD;AAClD;;;AAGI;;AAEEA;AACF;;AAEFC;AACAC;AACAC;AACF;;AAGE;AACAC;;AAQA;AACAA;AAEF;AACA;AACEC;AACAL;AACF;AACEK;AACF;;;AAGE;AAA+DC;AAAU;AAC3E;;AAEF","debugId":"968ae08b-a3c7-4f20-9bb2-315a7a4251df"}
package/dist/module-sync/cli.js CHANGED
@@ -43,8 +43,8 @@ const arrays = require('@socketsecurity/registry/lib/arrays')
43
43
  const registry = require('@socketsecurity/registry')
44
44
  const npm = require('@socketsecurity/registry/lib/npm')
45
45
  const packages = require('@socketsecurity/registry/lib/packages')
46
- const rest = _socketInterop(require('@octokit/rest'))
47
46
  const spawn = require('@socketsecurity/registry/lib/spawn')
47
+ const rest = _socketInterop(require('@octokit/rest'))
48
48
  const lockfile_fs = _socketInterop(require('@pnpm/lockfile.fs'))
49
49
  const lockfile_detectDepTypes = _socketInterop(
50
50
  require('@pnpm/lockfile.detect-dep-types')
@@ -918,7 +918,7 @@ function emitBanner(name) {
918
918
  logger.logger.error(getAsciiHeader(name))
919
919
  }
920
920
  function getAsciiHeader(command) {
921
- const cliVersion = '0.14.92:5d5aa04:eb69c214:pub' // The '@rollup/plugin-replace' will replace "process.env['INLINED_SOCKET_CLI_VERSION_HASH']".
921
+ const cliVersion = '0.14.93:8908783:3488860f:pub' // The '@rollup/plugin-replace' will replace "process.env['INLINED_SOCKET_CLI_VERSION_HASH']".
922
922
  const nodeVersion = process$1.version
923
923
  const apiToken = shadowNpmInject.getDefaultToken()
924
924
  const shownToken = apiToken ? getLastFiveOfApiToken(apiToken) : 'no'
@@ -3715,26 +3715,7 @@ const cmdDiffScan = {
3715
3715
  }
3716
3716
  }
3717
3717
 
3718
- const {
3719
- GITHUB_ACTIONS,
3720
- GITHUB_REF_NAME,
3721
- GITHUB_REPOSITORY,
3722
- SOCKET_SECURITY_GITHUB_PAT
3723
- } = constants
3724
- async function branchExists(branch, cwd = process.cwd()) {
3725
- try {
3726
- await spawn.spawn(
3727
- 'git',
3728
- ['show-ref', '--verify', '--quiet', `refs/heads/${branch}`],
3729
- {
3730
- cwd,
3731
- stdio: 'ignore'
3732
- }
3733
- )
3734
- return true
3735
- } catch {}
3736
- return false
3737
- }
3718
+ const { GITHUB_REF_NAME } = constants
3738
3719
  async function checkoutBaseBranchIfAvailable(baseBranch, cwd = process.cwd()) {
3739
3720
  try {
3740
3721
  await spawn.spawn('git', ['checkout', baseBranch], {
@@ -3750,6 +3731,21 @@ async function checkoutBaseBranchIfAvailable(baseBranch, cwd = process.cwd()) {
3750
3731
  )
3751
3732
  }
3752
3733
  }
3734
+ function getBaseBranch() {
3735
+ // Lazily access constants.ENV[GITHUB_REF_NAME].
3736
+ return (
3737
+ constants.ENV[GITHUB_REF_NAME] ??
3738
+ // GitHub defaults to branch name "main"
3739
+ // https://docs.github.com/en/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/about-branches#about-the-default-branch
3740
+ 'main'
3741
+ )
3742
+ }
3743
+ function getSocketBranchName(name, version) {
3744
+ return `socket-fix-${name}-${version.replace(/\./g, '-')}`
3745
+ }
3746
+
3747
+ const { GITHUB_ACTIONS, GITHUB_REPOSITORY, SOCKET_SECURITY_GITHUB_PAT } =
3748
+ constants
3753
3749
  let _octokit
3754
3750
  function getOctokit() {
3755
3751
  if (_octokit === undefined) {
@@ -3811,12 +3807,10 @@ function getGitHubRepoInfo() {
3811
3807
  repo: ownerSlashRepo.slice(slashIndex + 1)
3812
3808
  }
3813
3809
  }
3814
- function getSocketBranchName(name, version) {
3815
- return `socket-fix-${name}-${version.replace(/\./g, '-')}`
3816
- }
3817
3810
  async function openGitHubPullRequest(
3818
3811
  owner,
3819
3812
  repo,
3813
+ baseBranch,
3820
3814
  branch,
3821
3815
  name,
3822
3816
  version,
@@ -3829,36 +3823,11 @@ async function openGitHubPullRequest(
3829
3823
  if (!pat) {
3830
3824
  throw new Error('Missing SOCKET_SECURITY_GITHUB_PAT environment variable')
3831
3825
  }
3832
- const baseBranch =
3833
- // Lazily access constants.ENV[GITHUB_REF_NAME].
3834
- constants.ENV[GITHUB_REF_NAME] ??
3835
- // GitHub defaults to branch name "main"
3836
- // https://docs.github.com/en/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/about-branches#about-the-default-branch
3837
- 'main'
3838
3826
  const commitMsg = `chore: upgrade ${name} to ${version}`
3839
3827
  const url = `https://x-access-token:${pat}@github.com/${owner}/${repo}`
3840
3828
  await spawn.spawn('git', ['remote', 'set-url', 'origin', url], {
3841
3829
  cwd
3842
3830
  })
3843
- if (await branchExists(branch, cwd)) {
3844
- logger.logger.warn(
3845
- `Branch "${branch}" already exists. Skipping creation.`
3846
- )
3847
- } else {
3848
- await checkoutBaseBranchIfAvailable(baseBranch, cwd)
3849
- await spawn.spawn('git', ['checkout', '-b', branch], {
3850
- cwd
3851
- })
3852
- await spawn.spawn('git', ['add', 'package.json', 'pnpm-lock.yaml'], {
3853
- cwd
3854
- })
3855
- await spawn.spawn('git', ['commit', '-m', commitMsg], {
3856
- cwd
3857
- })
3858
- await spawn.spawn('git', ['push', '--set-upstream', 'origin', branch], {
3859
- cwd
3860
- })
3861
- }
3862
3831
  const octokit = getOctokit()
3863
3832
  return await octokit.pulls.create({
3864
3833
  owner,
@@ -3983,6 +3952,12 @@ async function npmFix(
3983
3952
  : undefined)
3984
3953
  }
3985
3954
  spinner?.info(`Installing ${fixSpec}`)
3955
+ const { owner, repo } = getGitHubRepoInfo()
3956
+ const baseBranch = getBaseBranch()
3957
+ const branch = getSocketBranchName(name, targetVersion)
3958
+
3959
+ // eslint-disable-next-line no-await-in-loop
3960
+ await checkoutBaseBranchIfAvailable(baseBranch, cwd)
3986
3961
  let installed = false
3987
3962
  let saved = false
3988
3963
  try {
@@ -4028,8 +4003,6 @@ async function npmFix(
4028
4003
  spinner?.failAndStop(`Failed to fix ${oldSpec}`)
4029
4004
  return
4030
4005
  }
4031
- const { owner, repo } = getGitHubRepoInfo()
4032
- const branch = getSocketBranchName(name, targetVersion)
4033
4006
  if (
4034
4007
  // Lazily access constants.ENV[CI].
4035
4008
  constants.ENV[CI$1] &&
@@ -4042,6 +4015,7 @@ async function npmFix(
4042
4015
  prResponse = await openGitHubPullRequest(
4043
4016
  owner,
4044
4017
  repo,
4018
+ baseBranch,
4045
4019
  branch,
4046
4020
  name,
4047
4021
  targetVersion,
@@ -4418,6 +4392,12 @@ async function pnpmFix(
4418
4392
  : undefined)
4419
4393
  }
4420
4394
  spinner?.info(`Installing ${fixSpec}`)
4395
+ const { owner, repo } = getGitHubRepoInfo()
4396
+ const baseBranch = getBaseBranch()
4397
+ const branch = getSocketBranchName(name, targetVersion)
4398
+
4399
+ // eslint-disable-next-line no-await-in-loop
4400
+ await checkoutBaseBranchIfAvailable(baseBranch, cwd)
4421
4401
  let installed = false
4422
4402
  let saved = false
4423
4403
  try {
@@ -4464,8 +4444,6 @@ async function pnpmFix(
4464
4444
  spinner?.failAndStop(`Failed to fix ${oldSpec}`)
4465
4445
  return
4466
4446
  }
4467
- const { owner, repo } = getGitHubRepoInfo()
4468
- const branch = getSocketBranchName(name, targetVersion)
4469
4447
  if (
4470
4448
  // Lazily access constants.ENV[CI].
4471
4449
  constants.ENV[CI] &&
@@ -4478,6 +4456,7 @@ async function pnpmFix(
4478
4456
  prResponse = await openGitHubPullRequest(
4479
4457
  owner,
4480
4458
  repo,
4459
+ baseBranch,
4481
4460
  branch,
4482
4461
  name,
4483
4462
  targetVersion,
@@ -11382,7 +11361,7 @@ void (async () => {
11382
11361
  await updateNotifier({
11383
11362
  name: SOCKET_CLI_BIN_NAME,
11384
11363
  // The '@rollup/plugin-replace' will replace "process.env['INLINED_SOCKET_CLI_VERSION']".
11385
- version: '0.14.92',
11364
+ version: '0.14.93',
11386
11365
  ttl: 86_400_000 /* 24 hours in milliseconds */
11387
11366
  })
11388
11367
  try {
@@ -11450,5 +11429,5 @@ void (async () => {
11450
11429
  await shadowNpmInject.captureException(e)
11451
11430
  }
11452
11431
  })()
11453
- //# debugId=1c9e346c-a188-4a0b-a9d2-98a27621720f
11432
+ //# debugId=9a650fbf-5fa4-435c-a720-2f0161a7fc92
11454
11433
  //# sourceMappingURL=cli.js.map