@socketsecurity/cli-with-sentry 0.14.92 → 0.14.94

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (9) hide show
  1. package/dist/instrument-with-sentry.js +2 -2
  2. package/dist/instrument-with-sentry.js.map +1 -1
  3. package/dist/module-sync/cli.js +36 -57
  4. package/dist/module-sync/cli.js.map +1 -1
  5. package/dist/module-sync/shadow-npm-inject.js +2 -2
  6. package/dist/module-sync/shadow-npm-inject.js.map +1 -1
  7. package/dist/require/cli.js +35 -56
  8. package/dist/require/cli.js.map +1 -1
  9. package/package.json +1 -1
package/dist/require/cli.js CHANGED
@@ -915,7 +915,7 @@ function emitBanner(name) {
915
915
  logger.logger.error(getAsciiHeader(name))
916
916
  }
917
917
  function getAsciiHeader(command) {
918
- const cliVersion = '0.14.92:5d5aa04:eb69c214:pub' // The '@rollup/plugin-replace' will replace "process.env['INLINED_SOCKET_CLI_VERSION_HASH']".
918
+ const cliVersion = '0.14.94:8a54136:888ce4ff:pub' // The '@rollup/plugin-replace' will replace "process.env['INLINED_SOCKET_CLI_VERSION_HASH']".
919
919
  const nodeVersion = process$1.version
920
920
  const apiToken = shadowNpmInject.getDefaultToken()
921
921
  const shownToken = apiToken ? getLastFiveOfApiToken(apiToken) : 'no'
@@ -3712,26 +3712,7 @@ const cmdDiffScan = {
3712
3712
  }
3713
3713
  }
3714
3714
 
3715
- const {
3716
- GITHUB_ACTIONS,
3717
- GITHUB_REF_NAME,
3718
- GITHUB_REPOSITORY,
3719
- SOCKET_SECURITY_GITHUB_PAT
3720
- } = constants
3721
- async function branchExists(branch, cwd = process.cwd()) {
3722
- try {
3723
- await spawn.spawn(
3724
- 'git',
3725
- ['show-ref', '--verify', '--quiet', `refs/heads/${branch}`],
3726
- {
3727
- cwd,
3728
- stdio: 'ignore'
3729
- }
3730
- )
3731
- return true
3732
- } catch {}
3733
- return false
3734
- }
3715
+ const { GITHUB_REF_NAME } = constants
3735
3716
  async function checkoutBaseBranchIfAvailable(baseBranch, cwd = process.cwd()) {
3736
3717
  try {
3737
3718
  await spawn.spawn('git', ['checkout', baseBranch], {
@@ -3747,6 +3728,21 @@ async function checkoutBaseBranchIfAvailable(baseBranch, cwd = process.cwd()) {
3747
3728
  )
3748
3729
  }
3749
3730
  }
3731
+ function getBaseBranch() {
3732
+ // Lazily access constants.ENV[GITHUB_REF_NAME].
3733
+ return (
3734
+ constants.ENV[GITHUB_REF_NAME] ??
3735
+ // GitHub defaults to branch name "main"
3736
+ // https://docs.github.com/en/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/about-branches#about-the-default-branch
3737
+ 'main'
3738
+ )
3739
+ }
3740
+ function getSocketBranchName(name, version) {
3741
+ return `socket-fix-${name}-${version.replace(/\./g, '-')}`
3742
+ }
3743
+
3744
+ const { GITHUB_ACTIONS, GITHUB_REPOSITORY, SOCKET_SECURITY_GITHUB_PAT } =
3745
+ constants
3750
3746
  let _octokit
3751
3747
  function getOctokit() {
3752
3748
  if (_octokit === undefined) {
@@ -3808,12 +3804,10 @@ function getGitHubRepoInfo() {
3808
3804
  repo: ownerSlashRepo.slice(slashIndex + 1)
3809
3805
  }
3810
3806
  }
3811
- function getSocketBranchName(name, version) {
3812
- return `socket-fix-${name}-${version.replace(/\./g, '-')}`
3813
- }
3814
3807
  async function openGitHubPullRequest(
3815
3808
  owner,
3816
3809
  repo,
3810
+ baseBranch,
3817
3811
  branch,
3818
3812
  name,
3819
3813
  version,
@@ -3826,42 +3820,17 @@ async function openGitHubPullRequest(
3826
3820
  if (!pat) {
3827
3821
  throw new Error('Missing SOCKET_SECURITY_GITHUB_PAT environment variable')
3828
3822
  }
3829
- const baseBranch =
3830
- // Lazily access constants.ENV[GITHUB_REF_NAME].
3831
- constants.ENV[GITHUB_REF_NAME] ??
3832
- // GitHub defaults to branch name "main"
3833
- // https://docs.github.com/en/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/about-branches#about-the-default-branch
3834
- 'main'
3835
3823
  const commitMsg = `chore: upgrade ${name} to ${version}`
3836
3824
  const url = `https://x-access-token:${pat}@github.com/${owner}/${repo}`
3837
3825
  await spawn.spawn('git', ['remote', 'set-url', 'origin', url], {
3838
3826
  cwd
3839
3827
  })
3840
- if (await branchExists(branch, cwd)) {
3841
- logger.logger.warn(
3842
- `Branch "${branch}" already exists. Skipping creation.`
3843
- )
3844
- } else {
3845
- await checkoutBaseBranchIfAvailable(baseBranch, cwd)
3846
- await spawn.spawn('git', ['checkout', '-b', branch], {
3847
- cwd
3848
- })
3849
- await spawn.spawn('git', ['add', 'package.json', 'pnpm-lock.yaml'], {
3850
- cwd
3851
- })
3852
- await spawn.spawn('git', ['commit', '-m', commitMsg], {
3853
- cwd
3854
- })
3855
- await spawn.spawn('git', ['push', '--set-upstream', 'origin', branch], {
3856
- cwd
3857
- })
3858
- }
3859
3828
  const octokit = getOctokit()
3860
3829
  return await octokit.pulls.create({
3861
3830
  owner,
3862
3831
  repo,
3863
3832
  title: commitMsg,
3864
- head: branch,
3833
+ head: `${owner}:${branch}`,
3865
3834
  base: baseBranch,
3866
3835
  body: `[socket] Upgrade \`${name}\` to ${version}`
3867
3836
  })
@@ -3980,6 +3949,12 @@ async function npmFix(
3980
3949
  : undefined)
3981
3950
  }
3982
3951
  spinner?.info(`Installing ${fixSpec}`)
3952
+ const { owner, repo } = getGitHubRepoInfo()
3953
+ const baseBranch = getBaseBranch()
3954
+ const branch = getSocketBranchName(name, targetVersion)
3955
+
3956
+ // eslint-disable-next-line no-await-in-loop
3957
+ await checkoutBaseBranchIfAvailable(baseBranch, cwd)
3983
3958
  let installed = false
3984
3959
  let saved = false
3985
3960
  try {
@@ -4025,8 +4000,6 @@ async function npmFix(
4025
4000
  spinner?.failAndStop(`Failed to fix ${oldSpec}`)
4026
4001
  return
4027
4002
  }
4028
- const { owner, repo } = getGitHubRepoInfo()
4029
- const branch = getSocketBranchName(name, targetVersion)
4030
4003
  if (
4031
4004
  // Lazily access constants.ENV[CI].
4032
4005
  constants.ENV[CI$1] &&
@@ -4039,6 +4012,7 @@ async function npmFix(
4039
4012
  prResponse = await openGitHubPullRequest(
4040
4013
  owner,
4041
4014
  repo,
4015
+ baseBranch,
4042
4016
  branch,
4043
4017
  name,
4044
4018
  targetVersion,
@@ -4415,6 +4389,12 @@ async function pnpmFix(
4415
4389
  : undefined)
4416
4390
  }
4417
4391
  spinner?.info(`Installing ${fixSpec}`)
4392
+ const { owner, repo } = getGitHubRepoInfo()
4393
+ const baseBranch = getBaseBranch()
4394
+ const branch = getSocketBranchName(name, targetVersion)
4395
+
4396
+ // eslint-disable-next-line no-await-in-loop
4397
+ await checkoutBaseBranchIfAvailable(baseBranch, cwd)
4418
4398
  let installed = false
4419
4399
  let saved = false
4420
4400
  try {
@@ -4461,8 +4441,6 @@ async function pnpmFix(
4461
4441
  spinner?.failAndStop(`Failed to fix ${oldSpec}`)
4462
4442
  return
4463
4443
  }
4464
- const { owner, repo } = getGitHubRepoInfo()
4465
- const branch = getSocketBranchName(name, targetVersion)
4466
4444
  if (
4467
4445
  // Lazily access constants.ENV[CI].
4468
4446
  constants.ENV[CI] &&
@@ -4475,6 +4453,7 @@ async function pnpmFix(
4475
4453
  prResponse = await openGitHubPullRequest(
4476
4454
  owner,
4477
4455
  repo,
4456
+ baseBranch,
4478
4457
  branch,
4479
4458
  name,
4480
4459
  targetVersion,
@@ -11381,7 +11360,7 @@ void (async () => {
11381
11360
  await vendor.updater({
11382
11361
  name: SOCKET_CLI_BIN_NAME,
11383
11362
  // The '@rollup/plugin-replace' will replace "process.env['INLINED_SOCKET_CLI_VERSION']".
11384
- version: '0.14.92',
11363
+ version: '0.14.94',
11385
11364
  ttl: 86_400_000 /* 24 hours in milliseconds */
11386
11365
  })
11387
11366
  try {
@@ -11449,5 +11428,5 @@ void (async () => {
11449
11428
  await shadowNpmInject.captureException(e)
11450
11429
  }
11451
11430
  })()
11452
- //# debugId=a79ad5f1-a2ab-429a-ab98-689ad89a4fd7
11431
+ //# debugId=9a1c1ddf-a0fa-41c5-9a1e-93ccaebc4f83
11453
11432
  //# sourceMappingURL=cli.js.map