@socketsecurity/cli-with-sentry 0.14.93 → 0.14.95
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/constants.js +3 -3
- package/dist/constants.js.map +1 -1
- package/dist/instrument-with-sentry.js +2 -2
- package/dist/instrument-with-sentry.js.map +1 -1
- package/dist/module-sync/cli.js +177 -157
- package/dist/module-sync/cli.js.map +1 -1
- package/dist/module-sync/shadow-bin.js +3 -14
- package/dist/module-sync/shadow-bin.js.map +1 -1
- package/dist/module-sync/shadow-npm-inject.js +68 -59
- package/dist/module-sync/shadow-npm-inject.js.map +1 -1
- package/dist/module-sync/shadow-npm-paths.js +16 -29
- package/dist/module-sync/shadow-npm-paths.js.map +1 -1
- package/dist/module-sync/vendor.d.ts +0 -0
- package/dist/module-sync/vendor.js +85829 -12598
- package/dist/module-sync/vendor.js.map +1 -1
- package/dist/require/cli.js +159 -138
- package/dist/require/cli.js.map +1 -1
- package/dist/require/shadow-bin.d.ts +5 -0
- package/dist/require/shadow-bin.js +108 -1
- package/dist/require/shadow-bin.js.map +1 -0
- package/dist/require/shadow-npm-inject.d.ts +1 -0
- package/dist/require/shadow-npm-inject.js +2335 -1
- package/dist/require/shadow-npm-inject.js.map +1 -0
- package/dist/require/shadow-npm-paths.d.ts +29 -0
- package/dist/require/shadow-npm-paths.js +454 -1
- package/dist/require/shadow-npm-paths.js.map +1 -0
- package/package.json +29 -29
- package/dist/blessed/lib/alias.js +0 -521
- package/dist/blessed/lib/blessed.js +0 -34
- package/dist/blessed/lib/colors.js +0 -492
- package/dist/blessed/lib/events.js +0 -197
- package/dist/blessed/lib/gpmclient.js +0 -247
- package/dist/blessed/lib/helpers.js +0 -172
- package/dist/blessed/lib/keys.js +0 -514
- package/dist/blessed/lib/program.js +0 -4532
- package/dist/blessed/lib/tput.js +0 -3113
- package/dist/blessed/lib/unicode.js +0 -914
- package/dist/blessed/lib/widget.js +0 -62
- package/dist/blessed/lib/widgets/ansiimage.js +0 -175
- package/dist/blessed/lib/widgets/bigtext.js +0 -172
- package/dist/blessed/lib/widgets/box.js +0 -36
- package/dist/blessed/lib/widgets/button.js +0 -64
- package/dist/blessed/lib/widgets/checkbox.js +0 -97
- package/dist/blessed/lib/widgets/element.js +0 -2873
- package/dist/blessed/lib/widgets/filemanager.js +0 -225
- package/dist/blessed/lib/widgets/form.js +0 -303
- package/dist/blessed/lib/widgets/image.js +0 -73
- package/dist/blessed/lib/widgets/input.js +0 -36
- package/dist/blessed/lib/widgets/layout.js +0 -251
- package/dist/blessed/lib/widgets/line.js +0 -61
- package/dist/blessed/lib/widgets/list.js +0 -654
- package/dist/blessed/lib/widgets/listbar.js +0 -454
- package/dist/blessed/lib/widgets/listtable.js +0 -267
- package/dist/blessed/lib/widgets/loading.js +0 -90
- package/dist/blessed/lib/widgets/log.js +0 -84
- package/dist/blessed/lib/widgets/message.js +0 -147
- package/dist/blessed/lib/widgets/node.js +0 -315
- package/dist/blessed/lib/widgets/overlayimage.js +0 -796
- package/dist/blessed/lib/widgets/progressbar.js +0 -168
- package/dist/blessed/lib/widgets/prompt.js +0 -129
- package/dist/blessed/lib/widgets/question.js +0 -131
- package/dist/blessed/lib/widgets/radiobutton.js +0 -64
- package/dist/blessed/lib/widgets/radioset.js +0 -38
- package/dist/blessed/lib/widgets/screen.js +0 -2487
- package/dist/blessed/lib/widgets/scrollablebox.js +0 -417
- package/dist/blessed/lib/widgets/scrollabletext.js +0 -37
- package/dist/blessed/lib/widgets/table.js +0 -385
- package/dist/blessed/lib/widgets/terminal.js +0 -454
- package/dist/blessed/lib/widgets/text.js +0 -37
- package/dist/blessed/lib/widgets/textarea.js +0 -378
- package/dist/blessed/lib/widgets/textbox.js +0 -81
- package/dist/blessed/lib/widgets/video.js +0 -132
- package/dist/blessed/usr/fonts/AUTHORS +0 -1
- package/dist/blessed/usr/fonts/LICENSE +0 -94
- package/dist/blessed/usr/fonts/README +0 -340
- package/dist/blessed/usr/fonts/ter-u14b.json +0 -17826
- package/dist/blessed/usr/fonts/ter-u14n.json +0 -17826
- package/dist/blessed/usr/linux +0 -0
- package/dist/blessed/usr/windows-ansi +0 -0
- package/dist/blessed/usr/xterm +0 -0
- package/dist/blessed/usr/xterm-256color +0 -0
- package/dist/blessed/usr/xterm.termcap +0 -243
- package/dist/blessed/usr/xterm.terminfo +0 -1977
- package/dist/blessed/vendor/tng.js +0 -1878
package/dist/module-sync/cli.js
CHANGED
|
@@ -12,57 +12,38 @@ function _socketInterop(e) {
|
|
|
12
12
|
}
|
|
13
13
|
|
|
14
14
|
const process$1 = require('node:process')
|
|
15
|
-
const
|
|
16
|
-
const
|
|
17
|
-
const updateNotifier = _socketInterop(require('tiny-updater'))
|
|
15
|
+
const require$$0$2 = require('node:url')
|
|
16
|
+
const vendor = require('./vendor.js')
|
|
18
17
|
const debug = require('@socketsecurity/registry/lib/debug')
|
|
19
18
|
const logger = require('@socketsecurity/registry/lib/logger')
|
|
20
19
|
const assert = require('node:assert')
|
|
21
20
|
const fs = require('node:fs/promises')
|
|
22
|
-
const commonTags = _socketInterop(require('common-tags'))
|
|
23
21
|
const strings = require('@socketsecurity/registry/lib/strings')
|
|
24
22
|
const shadowNpmInject = require('./shadow-npm-inject.js')
|
|
25
23
|
const constants = require('./constants.js')
|
|
26
|
-
const colors = _socketInterop(require('yoctocolors-cjs'))
|
|
27
24
|
const path$1 = require('node:path')
|
|
28
|
-
const meow = _socketInterop(require('meow'))
|
|
29
25
|
const objects = require('@socketsecurity/registry/lib/objects')
|
|
30
26
|
const path = require('@socketsecurity/registry/lib/path')
|
|
31
27
|
const regexps = require('@socketsecurity/registry/lib/regexps')
|
|
32
|
-
const yargsParse = _socketInterop(require('yargs-parser'))
|
|
33
28
|
const words = require('@socketsecurity/registry/lib/words')
|
|
34
|
-
const
|
|
29
|
+
const require$$0 = require('node:fs')
|
|
35
30
|
const shadowBin = require('./shadow-bin.js')
|
|
36
|
-
const open = _socketInterop(require('open'))
|
|
37
31
|
const prompts = require('@socketsecurity/registry/lib/prompts')
|
|
38
32
|
const shadowNpmPaths = require('./shadow-npm-paths.js')
|
|
39
|
-
const
|
|
40
|
-
const util = require('node:util')
|
|
41
|
-
const terminalLink = _socketInterop(require('terminal-link'))
|
|
33
|
+
const require$$0$1 = require('node:util')
|
|
42
34
|
const arrays = require('@socketsecurity/registry/lib/arrays')
|
|
43
35
|
const registry = require('@socketsecurity/registry')
|
|
44
36
|
const npm = require('@socketsecurity/registry/lib/npm')
|
|
45
37
|
const packages = require('@socketsecurity/registry/lib/packages')
|
|
46
38
|
const spawn = require('@socketsecurity/registry/lib/spawn')
|
|
47
|
-
const rest = _socketInterop(require('@octokit/rest'))
|
|
48
|
-
const lockfile_fs = _socketInterop(require('@pnpm/lockfile.fs'))
|
|
49
|
-
const lockfile_detectDepTypes = _socketInterop(
|
|
50
|
-
require('@pnpm/lockfile.detect-dep-types')
|
|
51
|
-
)
|
|
52
|
-
const browserslist = _socketInterop(require('browserslist'))
|
|
53
|
-
const semver = _socketInterop(require('semver'))
|
|
54
|
-
const which = _socketInterop(require('which'))
|
|
55
39
|
const index_cjs = require('@socketregistry/hyrious__bun.lockb/index.cjs')
|
|
56
40
|
const sorts = require('@socketsecurity/registry/lib/sorts')
|
|
57
41
|
const registryConstants = require('@socketsecurity/registry/lib/constants')
|
|
58
42
|
const isInteractive = require('@socketregistry/is-interactive/index.cjs')
|
|
59
|
-
const npa = _socketInterop(require('npm-package-arg'))
|
|
60
|
-
const tinyglobby = _socketInterop(require('tinyglobby'))
|
|
61
43
|
const promises = require('@socketsecurity/registry/lib/promises')
|
|
62
|
-
const yaml = _socketInterop(require('yaml'))
|
|
63
44
|
|
|
64
45
|
function failMsgWithBadge(badge, msg) {
|
|
65
|
-
return `${
|
|
46
|
+
return `${vendor.yoctocolorsCjsExports.bgRed(vendor.yoctocolorsCjsExports.bold(vendor.yoctocolorsCjsExports.white(` ${badge}: `)))} ${vendor.yoctocolorsCjsExports.bold(msg)}`
|
|
66
47
|
}
|
|
67
48
|
|
|
68
49
|
function handleUnsuccessfulApiResponse(_name, sockSdkError) {
|
|
@@ -365,7 +346,7 @@ function renderJson(data) {
|
|
|
365
346
|
}
|
|
366
347
|
}
|
|
367
348
|
function renderMarkdown(data, days, repoSlug) {
|
|
368
|
-
return
|
|
349
|
+
return vendor.stripIndents`
|
|
369
350
|
# Socket Alert Analytics
|
|
370
351
|
|
|
371
352
|
These are the Socket.dev stats are analytics for the ${repoSlug ? `${repoSlug} repo` : 'org'} of the past ${days} days
|
|
@@ -405,7 +386,7 @@ ${[
|
|
|
405
386
|
]
|
|
406
387
|
]
|
|
407
388
|
.map(
|
|
408
|
-
([title, table]) =>
|
|
389
|
+
([title, table]) => vendor.stripIndents`
|
|
409
390
|
## ${title}
|
|
410
391
|
|
|
411
392
|
${table}
|
|
@@ -684,7 +665,7 @@ function handleBadInput(...checks) {
|
|
|
684
665
|
// If the message has newlines then format the first line with the input
|
|
685
666
|
// expectation and teh rest indented below it
|
|
686
667
|
msg.push(
|
|
687
|
-
` - ${lines[0]} (${d.test ?
|
|
668
|
+
` - ${lines[0]} (${d.test ? vendor.yoctocolorsCjsExports.green(d.pass) : vendor.yoctocolorsCjsExports.red(d.fail)})`
|
|
688
669
|
)
|
|
689
670
|
if (lines.length > 1) {
|
|
690
671
|
msg.push(...lines.slice(1).map(str => ` ${str}`))
|
|
@@ -757,7 +738,7 @@ async function meowWithSubcommands(subcommands, options) {
|
|
|
757
738
|
...commonFlags,
|
|
758
739
|
...additionalOptions.flags
|
|
759
740
|
}
|
|
760
|
-
const cli = meow(
|
|
741
|
+
const cli = vendor.meow(
|
|
761
742
|
`
|
|
762
743
|
Usage
|
|
763
744
|
$ ${name} <command>
|
|
@@ -889,7 +870,7 @@ function meowOrExit({
|
|
|
889
870
|
const command = `${parentName} ${config.commandName}`
|
|
890
871
|
|
|
891
872
|
// This exits if .printHelp() is called either by meow itself or by us.
|
|
892
|
-
const cli = meow({
|
|
873
|
+
const cli = vendor.meow({
|
|
893
874
|
argv,
|
|
894
875
|
description: config.description,
|
|
895
876
|
help: config.help(command, config),
|
|
@@ -918,7 +899,7 @@ function emitBanner(name) {
|
|
|
918
899
|
logger.logger.error(getAsciiHeader(name))
|
|
919
900
|
}
|
|
920
901
|
function getAsciiHeader(command) {
|
|
921
|
-
const cliVersion = '0.14.
|
|
902
|
+
const cliVersion = '0.14.95:3360fca:82287460:pub' // The '@rollup/plugin-replace' will replace "process.env['INLINED_SOCKET_CLI_VERSION_HASH']".
|
|
922
903
|
const nodeVersion = process$1.version
|
|
923
904
|
const apiToken = shadowNpmInject.getDefaultToken()
|
|
924
905
|
const shownToken = apiToken ? getLastFiveOfApiToken(apiToken) : 'no'
|
|
@@ -1364,9 +1345,9 @@ async function runCycloneDX(yargvWithYes) {
|
|
|
1364
1345
|
if (
|
|
1365
1346
|
yargv.type !== YARN$1 &&
|
|
1366
1347
|
nodejsPlatformTypes.has(yargv.type) &&
|
|
1367
|
-
|
|
1348
|
+
require$$0.existsSync(`./${YARN_LOCK}`)
|
|
1368
1349
|
) {
|
|
1369
|
-
if (
|
|
1350
|
+
if (require$$0.existsSync(`./${PACKAGE_LOCK_JSON}`)) {
|
|
1370
1351
|
yargv.type = NPM$g
|
|
1371
1352
|
} else {
|
|
1372
1353
|
// Use synp to create a package-lock.json from the yarn.lock,
|
|
@@ -1392,12 +1373,14 @@ async function runCycloneDX(yargvWithYes) {
|
|
|
1392
1373
|
])
|
|
1393
1374
|
if (cleanupPackageLock) {
|
|
1394
1375
|
try {
|
|
1395
|
-
await
|
|
1376
|
+
await require$$0.promises.rm(`./${PACKAGE_LOCK_JSON}`)
|
|
1396
1377
|
} catch {}
|
|
1397
1378
|
}
|
|
1398
1379
|
const fullOutputPath = path$1.join(process$1.cwd(), yargv.output)
|
|
1399
|
-
if (
|
|
1400
|
-
logger.logger.log(
|
|
1380
|
+
if (require$$0.existsSync(fullOutputPath)) {
|
|
1381
|
+
logger.logger.log(
|
|
1382
|
+
vendor.yoctocolorsCjsExports.cyanBright(`${yargv.output} created!`)
|
|
1383
|
+
)
|
|
1401
1384
|
}
|
|
1402
1385
|
}
|
|
1403
1386
|
function argvToArray(argv) {
|
|
@@ -1600,7 +1583,7 @@ async function run$I(argv, importMeta, { parentName }) {
|
|
|
1600
1583
|
|
|
1601
1584
|
// TODO: Convert to meow.
|
|
1602
1585
|
const yargv = {
|
|
1603
|
-
...
|
|
1586
|
+
...vendor.yargsParser(argv, yargsConfig)
|
|
1604
1587
|
}
|
|
1605
1588
|
const unknown = yargv._
|
|
1606
1589
|
const { length: unknownLength } = unknown
|
|
@@ -2335,7 +2318,9 @@ async function outputCreateNewScan(data, outputKind) {
|
|
|
2335
2318
|
logger.logger.log('')
|
|
2336
2319
|
return
|
|
2337
2320
|
}
|
|
2338
|
-
const link =
|
|
2321
|
+
const link = vendor.yoctocolorsCjsExports.underline(
|
|
2322
|
+
vendor.yoctocolorsCjsExports.cyan(`${data.html_report_url}`)
|
|
2323
|
+
)
|
|
2339
2324
|
logger.logger.log(`Available at: ${link}`)
|
|
2340
2325
|
if (
|
|
2341
2326
|
await prompts.confirm({
|
|
@@ -2343,7 +2328,7 @@ async function outputCreateNewScan(data, outputKind) {
|
|
|
2343
2328
|
default: false
|
|
2344
2329
|
})
|
|
2345
2330
|
) {
|
|
2346
|
-
await open(`${data.html_report_url}`)
|
|
2331
|
+
await vendor.open(`${data.html_report_url}`)
|
|
2347
2332
|
}
|
|
2348
2333
|
}
|
|
2349
2334
|
|
|
@@ -3330,35 +3315,35 @@ async function outputDependencies(data, { limit, offset, outputKind }) {
|
|
|
3330
3315
|
columns: [
|
|
3331
3316
|
{
|
|
3332
3317
|
field: 'namespace',
|
|
3333
|
-
name:
|
|
3318
|
+
name: vendor.yoctocolorsCjsExports.cyan('Namespace')
|
|
3334
3319
|
},
|
|
3335
3320
|
{
|
|
3336
3321
|
field: 'name',
|
|
3337
|
-
name:
|
|
3322
|
+
name: vendor.yoctocolorsCjsExports.cyan('Name')
|
|
3338
3323
|
},
|
|
3339
3324
|
{
|
|
3340
3325
|
field: 'version',
|
|
3341
|
-
name:
|
|
3326
|
+
name: vendor.yoctocolorsCjsExports.cyan('Version')
|
|
3342
3327
|
},
|
|
3343
3328
|
{
|
|
3344
3329
|
field: 'repository',
|
|
3345
|
-
name:
|
|
3330
|
+
name: vendor.yoctocolorsCjsExports.cyan('Repository')
|
|
3346
3331
|
},
|
|
3347
3332
|
{
|
|
3348
3333
|
field: 'branch',
|
|
3349
|
-
name:
|
|
3334
|
+
name: vendor.yoctocolorsCjsExports.cyan('Branch')
|
|
3350
3335
|
},
|
|
3351
3336
|
{
|
|
3352
3337
|
field: 'type',
|
|
3353
|
-
name:
|
|
3338
|
+
name: vendor.yoctocolorsCjsExports.cyan('Type')
|
|
3354
3339
|
},
|
|
3355
3340
|
{
|
|
3356
3341
|
field: 'direct',
|
|
3357
|
-
name:
|
|
3342
|
+
name: vendor.yoctocolorsCjsExports.cyan('Direct')
|
|
3358
3343
|
}
|
|
3359
3344
|
]
|
|
3360
3345
|
}
|
|
3361
|
-
logger.logger.log(
|
|
3346
|
+
logger.logger.log(vendor.srcExports(options, data.rows))
|
|
3362
3347
|
}
|
|
3363
3348
|
|
|
3364
3349
|
async function handleDependencies({ limit, offset, outputKind }) {
|
|
@@ -3485,7 +3470,7 @@ async function fetchDiffScan({ after, before, orgSlug }) {
|
|
|
3485
3470
|
async function outputDiffScan(result, { depth, file, outputKind }) {
|
|
3486
3471
|
const dashboardUrl = result.diff_report_url
|
|
3487
3472
|
const dashboardMessage = dashboardUrl
|
|
3488
|
-
? `\n View this diff scan in the Socket dashboard: ${
|
|
3473
|
+
? `\n View this diff scan in the Socket dashboard: ${vendor.yoctocolorsCjsExports.cyan(dashboardUrl)}`
|
|
3489
3474
|
: ''
|
|
3490
3475
|
|
|
3491
3476
|
// When forcing json, or dumping to file, serialize to string such that it
|
|
@@ -3504,7 +3489,7 @@ async function outputDiffScan(result, { depth, file, outputKind }) {
|
|
|
3504
3489
|
}
|
|
3505
3490
|
if (file && file !== '-') {
|
|
3506
3491
|
logger.logger.log(`Writing json to \`${file}\``)
|
|
3507
|
-
|
|
3492
|
+
require$$0.writeFile(file, JSON.stringify(result, null, 2), err => {
|
|
3508
3493
|
if (err) {
|
|
3509
3494
|
logger.logger.fail(`Writing to \`${file}\` failed...`)
|
|
3510
3495
|
logger.logger.error(err)
|
|
@@ -3527,7 +3512,7 @@ async function outputDiffScan(result, { depth, file, outputKind }) {
|
|
|
3527
3512
|
|
|
3528
3513
|
logger.logger.log('Diff scan result:')
|
|
3529
3514
|
logger.logger.log(
|
|
3530
|
-
|
|
3515
|
+
require$$0$1.inspect(result, {
|
|
3531
3516
|
showHidden: false,
|
|
3532
3517
|
depth: depth > 0 ? depth : null,
|
|
3533
3518
|
colors: true,
|
|
@@ -3749,7 +3734,7 @@ const { GITHUB_ACTIONS, GITHUB_REPOSITORY, SOCKET_SECURITY_GITHUB_PAT } =
|
|
|
3749
3734
|
let _octokit
|
|
3750
3735
|
function getOctokit() {
|
|
3751
3736
|
if (_octokit === undefined) {
|
|
3752
|
-
_octokit = new
|
|
3737
|
+
_octokit = new vendor.Octokit({
|
|
3753
3738
|
// Lazily access constants.ENV[SOCKET_SECURITY_GITHUB_PAT].
|
|
3754
3739
|
auth: constants.ENV[SOCKET_SECURITY_GITHUB_PAT]
|
|
3755
3740
|
})
|
|
@@ -3833,7 +3818,7 @@ async function openGitHubPullRequest(
|
|
|
3833
3818
|
owner,
|
|
3834
3819
|
repo,
|
|
3835
3820
|
title: commitMsg,
|
|
3836
|
-
head: branch
|
|
3821
|
+
head: `${owner}:${branch}`,
|
|
3837
3822
|
base: baseBranch,
|
|
3838
3823
|
body: `[socket] Upgrade \`${name}\` to ${version}`
|
|
3839
3824
|
})
|
|
@@ -4061,7 +4046,7 @@ async function getAlertsMapFromPnpmLockfile(lockfile, options_) {
|
|
|
4061
4046
|
...options.include
|
|
4062
4047
|
}
|
|
4063
4048
|
const { spinner } = options
|
|
4064
|
-
const depTypes =
|
|
4049
|
+
const depTypes = vendor.libExports$2.detectDepTypes(lockfile)
|
|
4065
4050
|
const pkgIds = Object.keys(depTypes)
|
|
4066
4051
|
let { length: remaining } = pkgIds
|
|
4067
4052
|
const alertsByPkgId = new Map()
|
|
@@ -4267,7 +4252,7 @@ async function pnpmFix(
|
|
|
4267
4252
|
pkgEnvDetails,
|
|
4268
4253
|
{ autoMerge, cwd, rangeStyle, spinner, test, testScript }
|
|
4269
4254
|
) {
|
|
4270
|
-
const lockfile = await
|
|
4255
|
+
const lockfile = await vendor.libExports$3.readWantedLockfile(cwd, {
|
|
4271
4256
|
ignoreIncompatible: false
|
|
4272
4257
|
})
|
|
4273
4258
|
if (!lockfile) {
|
|
@@ -4516,7 +4501,7 @@ const binByAgent = new Map([
|
|
|
4516
4501
|
async function getAgentExecPath(agent) {
|
|
4517
4502
|
const binName = binByAgent.get(agent)
|
|
4518
4503
|
return (
|
|
4519
|
-
(await
|
|
4504
|
+
(await vendor.libExports$1(binName, {
|
|
4520
4505
|
nothrow: true
|
|
4521
4506
|
})) ?? binName
|
|
4522
4507
|
)
|
|
@@ -4528,7 +4513,7 @@ async function getAgentVersion(agentExecPath, cwd) {
|
|
|
4528
4513
|
// Coerce version output into a valid semver version by passing it through
|
|
4529
4514
|
// semver.coerce which strips leading v's, carets (^), comparators (<,<=,>,>=,=),
|
|
4530
4515
|
// and tildes (~).
|
|
4531
|
-
|
|
4516
|
+
vendor.semverExports.coerce(
|
|
4532
4517
|
// All package managers support the "--version" flag.
|
|
4533
4518
|
(
|
|
4534
4519
|
await spawn.spawn(agentExecPath, ['--version'], {
|
|
@@ -4622,7 +4607,7 @@ async function detectPackageEnvironment({
|
|
|
4622
4607
|
cwd
|
|
4623
4608
|
})
|
|
4624
4609
|
const pkgPath =
|
|
4625
|
-
pkgJsonPath &&
|
|
4610
|
+
pkgJsonPath && require$$0.existsSync(pkgJsonPath)
|
|
4626
4611
|
? path$1.dirname(pkgJsonPath)
|
|
4627
4612
|
: undefined
|
|
4628
4613
|
const editablePkgJson = pkgPath
|
|
@@ -4676,7 +4661,7 @@ async function detectPackageEnvironment({
|
|
|
4676
4661
|
// Lazily access constants.minimumVersionByAgent.
|
|
4677
4662
|
const minSupportedAgentVersion = constants.minimumVersionByAgent.get(agent)
|
|
4678
4663
|
const minSupportedNodeVersion = maintainedNodeVersions.last
|
|
4679
|
-
const nodeVersion =
|
|
4664
|
+
const nodeVersion = vendor.semverExports.coerce(process$1.version)
|
|
4680
4665
|
let lockSrc
|
|
4681
4666
|
let pkgAgentRange
|
|
4682
4667
|
let pkgNodeRange
|
|
@@ -4690,8 +4675,8 @@ async function detectPackageEnvironment({
|
|
|
4690
4675
|
pkgAgentRange = engineAgentRange
|
|
4691
4676
|
// Roughly check agent range as semver.coerce will strip leading
|
|
4692
4677
|
// v's, carets (^), comparators (<,<=,>,>=,=), and tildes (~).
|
|
4693
|
-
const coerced =
|
|
4694
|
-
if (coerced &&
|
|
4678
|
+
const coerced = vendor.semverExports.coerce(pkgAgentRange)
|
|
4679
|
+
if (coerced && vendor.semverExports.lt(coerced, pkgMinAgentVersion)) {
|
|
4695
4680
|
pkgMinAgentVersion = coerced.version
|
|
4696
4681
|
}
|
|
4697
4682
|
}
|
|
@@ -4699,22 +4684,23 @@ async function detectPackageEnvironment({
|
|
|
4699
4684
|
pkgNodeRange = engineNodeRange
|
|
4700
4685
|
// Roughly check Node range as semver.coerce will strip leading
|
|
4701
4686
|
// v's, carets (^), comparators (<,<=,>,>=,=), and tildes (~).
|
|
4702
|
-
const coerced =
|
|
4703
|
-
if (coerced &&
|
|
4687
|
+
const coerced = vendor.semverExports.coerce(pkgNodeRange)
|
|
4688
|
+
if (coerced && vendor.semverExports.lt(coerced, pkgMinNodeVersion)) {
|
|
4704
4689
|
pkgMinNodeVersion = coerced.version
|
|
4705
4690
|
}
|
|
4706
4691
|
}
|
|
4707
4692
|
const browserslistQuery = pkgJson['browserslist']
|
|
4708
4693
|
if (Array.isArray(browserslistQuery)) {
|
|
4709
4694
|
// List Node targets in ascending version order.
|
|
4710
|
-
const browserslistNodeTargets =
|
|
4695
|
+
const browserslistNodeTargets = vendor
|
|
4696
|
+
.browserslistExports(browserslistQuery)
|
|
4711
4697
|
.filter(v => /^node /i.test(v))
|
|
4712
4698
|
.map(v => v.slice(5 /*'node '.length*/))
|
|
4713
4699
|
.sort(sorts.naturalCompare)
|
|
4714
4700
|
if (browserslistNodeTargets.length) {
|
|
4715
4701
|
// browserslistNodeTargets[0] is the lowest Node target version.
|
|
4716
|
-
const coerced =
|
|
4717
|
-
if (coerced &&
|
|
4702
|
+
const coerced = vendor.semverExports.coerce(browserslistNodeTargets[0])
|
|
4703
|
+
if (coerced && vendor.semverExports.lt(coerced, pkgMinNodeVersion)) {
|
|
4718
4704
|
pkgMinNodeVersion = coerced.version
|
|
4719
4705
|
}
|
|
4720
4706
|
}
|
|
@@ -4730,17 +4716,20 @@ async function detectPackageEnvironment({
|
|
|
4730
4716
|
// Does the system agent version meet our minimum supported agent version?
|
|
4731
4717
|
const agentSupported =
|
|
4732
4718
|
!!agentVersion &&
|
|
4733
|
-
|
|
4719
|
+
vendor.semverExports.satisfies(
|
|
4720
|
+
agentVersion,
|
|
4721
|
+
`>=${minSupportedAgentVersion}`
|
|
4722
|
+
)
|
|
4734
4723
|
|
|
4735
4724
|
// Does the system Node version meet our minimum supported Node version?
|
|
4736
|
-
const nodeSupported =
|
|
4725
|
+
const nodeSupported = vendor.semverExports.satisfies(
|
|
4737
4726
|
nodeVersion,
|
|
4738
4727
|
`>=${minSupportedNodeVersion}`
|
|
4739
4728
|
)
|
|
4740
4729
|
const npmBuggyOverrides =
|
|
4741
4730
|
agent === NPM$b &&
|
|
4742
4731
|
!!agentVersion &&
|
|
4743
|
-
|
|
4732
|
+
vendor.semverExports.lt(agentVersion, NPM_BUGGY_OVERRIDES_PATCHED_VERSION$1)
|
|
4744
4733
|
return {
|
|
4745
4734
|
agent,
|
|
4746
4735
|
agentExecPath,
|
|
@@ -4763,13 +4752,13 @@ async function detectPackageEnvironment({
|
|
|
4763
4752
|
},
|
|
4764
4753
|
pkgSupports: {
|
|
4765
4754
|
// Does our minimum supported agent version meet the package's requirements?
|
|
4766
|
-
agent:
|
|
4755
|
+
agent: vendor.semverExports.satisfies(
|
|
4767
4756
|
minSupportedAgentVersion,
|
|
4768
4757
|
`>=${pkgMinAgentVersion}`
|
|
4769
4758
|
),
|
|
4770
4759
|
// Does our supported Node versions meet the package's requirements?
|
|
4771
4760
|
node: maintainedNodeVersions.some(v =>
|
|
4772
|
-
|
|
4761
|
+
vendor.semverExports.satisfies(v, `>=${pkgMinNodeVersion}`)
|
|
4773
4762
|
)
|
|
4774
4763
|
}
|
|
4775
4764
|
}
|
|
@@ -4917,12 +4906,12 @@ const config$z = {
|
|
|
4917
4906
|
autoMerge: {
|
|
4918
4907
|
type: 'boolean',
|
|
4919
4908
|
default: false,
|
|
4920
|
-
description: `Enable auto-merge for pull requests that Socket opens.\n See ${
|
|
4909
|
+
description: `Enable auto-merge for pull requests that Socket opens.\n See ${vendor.terminalLinkExports('GitHub documentation', 'https://docs.github.com/en/repositories/configuring-branches-and-merges-in-your-repository/configuring-pull-request-merges/managing-auto-merge-for-pull-requests-in-your-repository')} for managing auto-merge for pull requests in your repository.`
|
|
4921
4910
|
},
|
|
4922
4911
|
rangeStyle: {
|
|
4923
4912
|
type: 'string',
|
|
4924
4913
|
default: 'preserve',
|
|
4925
|
-
description:
|
|
4914
|
+
description: vendor.stripIndent`
|
|
4926
4915
|
Define how updated dependency versions should be written in package.json.
|
|
4927
4916
|
Available styles:
|
|
4928
4917
|
* caret - Use ^ range for compatible updates (e.g. ^1.2.3)
|
|
@@ -5031,11 +5020,11 @@ async function fetchPackageInfo(pkgName, pkgVersion, includeAllIssues) {
|
|
|
5031
5020
|
const { NPM: NPM$9 } = registryConstants
|
|
5032
5021
|
function formatScore$1(score) {
|
|
5033
5022
|
if (score > 80) {
|
|
5034
|
-
return
|
|
5023
|
+
return vendor.yoctocolorsCjsExports.green(`${score}`)
|
|
5035
5024
|
} else if (score < 80 && score > 60) {
|
|
5036
|
-
return
|
|
5025
|
+
return vendor.yoctocolorsCjsExports.yellow(`${score}`)
|
|
5037
5026
|
}
|
|
5038
|
-
return
|
|
5027
|
+
return vendor.yoctocolorsCjsExports.red(`${score}`)
|
|
5039
5028
|
}
|
|
5040
5029
|
function outputPackageIssuesDetails(packageData, outputMarkdown) {
|
|
5041
5030
|
const issueDetails = packageData.filter(
|
|
@@ -5083,7 +5072,7 @@ function outputPackageInfo(
|
|
|
5083
5072
|
return
|
|
5084
5073
|
}
|
|
5085
5074
|
if (outputKind === 'markdown') {
|
|
5086
|
-
logger.logger.log(
|
|
5075
|
+
logger.logger.log(vendor.stripIndents`
|
|
5087
5076
|
# Package report for ${pkgName}
|
|
5088
5077
|
|
|
5089
5078
|
Package report card:
|
|
@@ -5140,8 +5129,8 @@ function outputPackageInfo(
|
|
|
5140
5129
|
}
|
|
5141
5130
|
if (outputKind !== 'markdown') {
|
|
5142
5131
|
logger.logger.log(
|
|
5143
|
-
|
|
5144
|
-
`\nOr rerun ${
|
|
5132
|
+
vendor.yoctocolorsCjsExports.dim(
|
|
5133
|
+
`\nOr rerun ${vendor.yoctocolorsCjsExports.italic(commandName)} using the ${vendor.yoctocolorsCjsExports.italic('--json')} flag to get full JSON output`
|
|
5145
5134
|
)
|
|
5146
5135
|
)
|
|
5147
5136
|
} else {
|
|
@@ -5272,7 +5261,7 @@ async function attemptLogin(apiBaseUrl, apiProxy) {
|
|
|
5272
5261
|
apiProxy ??= shadowNpmInject.getConfigValue('apiProxy') ?? undefined
|
|
5273
5262
|
const apiToken =
|
|
5274
5263
|
(await prompts.password({
|
|
5275
|
-
message: `Enter your ${
|
|
5264
|
+
message: `Enter your ${vendor.terminalLinkExports('Socket.dev API key', 'https://docs.socket.dev/docs/api-keys')} (leave blank for a public key)`
|
|
5276
5265
|
})) || SOCKET_PUBLIC_API_TOKEN
|
|
5277
5266
|
// Lazily access constants.spinner.
|
|
5278
5267
|
const { spinner } = constants
|
|
@@ -6018,7 +6007,7 @@ async function run$t(argv, importMeta, { parentName }) {
|
|
|
6018
6007
|
subArgs.push('--verbose')
|
|
6019
6008
|
}
|
|
6020
6009
|
const dir = cwd
|
|
6021
|
-
if (
|
|
6010
|
+
if (require$$0.existsSync(path$1.join(dir, 'build.sbt'))) {
|
|
6022
6011
|
logger.logger.log(
|
|
6023
6012
|
'Detected a Scala sbt build, running default Scala generator...'
|
|
6024
6013
|
)
|
|
@@ -6035,7 +6024,7 @@ async function run$t(argv, importMeta, { parentName }) {
|
|
|
6035
6024
|
})
|
|
6036
6025
|
return
|
|
6037
6026
|
}
|
|
6038
|
-
if (
|
|
6027
|
+
if (require$$0.existsSync(path$1.join(dir, 'gradlew'))) {
|
|
6039
6028
|
logger.logger.log(
|
|
6040
6029
|
'Detected a gradle build, running default gradle generator...'
|
|
6041
6030
|
)
|
|
@@ -6058,8 +6047,9 @@ async function run$t(argv, importMeta, { parentName }) {
|
|
|
6058
6047
|
}
|
|
6059
6048
|
|
|
6060
6049
|
// Show new help screen and exit.
|
|
6061
|
-
|
|
6062
|
-
|
|
6050
|
+
vendor
|
|
6051
|
+
.meow(
|
|
6052
|
+
`
|
|
6063
6053
|
$ ${parentName} ${config$t.commandName}
|
|
6064
6054
|
|
|
6065
6055
|
Unfortunately this script did not discover a supported language in the
|
|
@@ -6072,12 +6062,13 @@ async function run$t(argv, importMeta, { parentName }) {
|
|
|
6072
6062
|
If that doesn't work, see \`${parentName} <lang> --help\` for config details for
|
|
6073
6063
|
your target language.
|
|
6074
6064
|
`,
|
|
6075
|
-
|
|
6076
|
-
|
|
6077
|
-
|
|
6078
|
-
|
|
6079
|
-
|
|
6080
|
-
|
|
6065
|
+
{
|
|
6066
|
+
argv: [],
|
|
6067
|
+
description: config$t.description,
|
|
6068
|
+
importMeta
|
|
6069
|
+
}
|
|
6070
|
+
)
|
|
6071
|
+
.showHelp()
|
|
6081
6072
|
}
|
|
6082
6073
|
|
|
6083
6074
|
const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$p } = constants
|
|
@@ -6547,7 +6538,7 @@ async function getWorkspaceGlobs(agent, pkgPath, editablePkgJson) {
|
|
|
6547
6538
|
const yml = await shadowNpmInject.safeReadFile(workspacePath)
|
|
6548
6539
|
if (yml) {
|
|
6549
6540
|
try {
|
|
6550
|
-
workspacePatterns =
|
|
6541
|
+
workspacePatterns = vendor.distExports$1.parse(yml)?.packages
|
|
6551
6542
|
} catch {}
|
|
6552
6543
|
if (workspacePatterns) {
|
|
6553
6544
|
break
|
|
@@ -7017,10 +7008,10 @@ async function addOverrides(pkgPath, pkgEnvDetails, options) {
|
|
|
7017
7008
|
const depAliasMap = new Map()
|
|
7018
7009
|
const depEntries = getDependencyEntries(editablePkgJson)
|
|
7019
7010
|
const manifestEntries = manifestNpmOverrides.filter(({ 1: data }) =>
|
|
7020
|
-
|
|
7011
|
+
vendor.semverExports.satisfies(
|
|
7021
7012
|
// Roughly check Node range as semver.coerce will strip leading
|
|
7022
7013
|
// v's, carets (^), comparators (<,<=,>,>=,=), and tildes (~).
|
|
7023
|
-
|
|
7014
|
+
vendor.semverExports.coerce(data.engines.node),
|
|
7024
7015
|
pkgEnvDetails.pkgRequirements.node
|
|
7025
7016
|
)
|
|
7026
7017
|
)
|
|
@@ -7028,7 +7019,7 @@ async function addOverrides(pkgPath, pkgEnvDetails, options) {
|
|
|
7028
7019
|
// Chunk package names to process them in parallel 3 at a time.
|
|
7029
7020
|
await promises.pEach(manifestEntries, 3, async ({ 1: data }) => {
|
|
7030
7021
|
const { name: sockRegPkgName, package: origPkgName, version } = data
|
|
7031
|
-
const major =
|
|
7022
|
+
const major = vendor.semverExports.major(version)
|
|
7032
7023
|
const sockOverridePrefix = `${NPM$1}:${sockRegPkgName}@`
|
|
7033
7024
|
const sockOverrideSpec = `${sockOverridePrefix}${pin ? version : `^${major}`}`
|
|
7034
7025
|
for (const { 1: depObj } of depEntries) {
|
|
@@ -7052,7 +7043,8 @@ async function addOverrides(pkgPath, pkgEnvDetails, options) {
|
|
|
7052
7043
|
thisSpec.startsWith(sockOverridePrefix) &&
|
|
7053
7044
|
// Check the validity of the spec by passing it through npa and
|
|
7054
7045
|
// seeing if it will coerce to a version.
|
|
7055
|
-
|
|
7046
|
+
vendor.semverExports.coerce(vendor.npaExports(thisSpec).rawSpec)
|
|
7047
|
+
?.version
|
|
7056
7048
|
)
|
|
7057
7049
|
) {
|
|
7058
7050
|
thisSpec = sockOverrideSpec
|
|
@@ -7109,20 +7101,22 @@ async function addOverrides(pkgPath, pkgEnvDetails, options) {
|
|
|
7109
7101
|
if (thisSpec.startsWith(sockOverridePrefix)) {
|
|
7110
7102
|
if (
|
|
7111
7103
|
pin &&
|
|
7112
|
-
|
|
7104
|
+
vendor.semverExports.major(
|
|
7113
7105
|
// Check the validity of the spec by passing it through npa
|
|
7114
7106
|
// and seeing if it will coerce to a version. semver.coerce
|
|
7115
7107
|
// will strip leading v's, carets (^), comparators (<,<=,>,>=,=),
|
|
7116
7108
|
// and tildes (~). If not coerced to a valid version then
|
|
7117
7109
|
// default to the manifest entry version.
|
|
7118
|
-
|
|
7110
|
+
vendor.semverExports.coerce(
|
|
7111
|
+
vendor.npaExports(thisSpec).rawSpec
|
|
7112
|
+
)?.version ?? version
|
|
7119
7113
|
) !== major
|
|
7120
7114
|
) {
|
|
7121
7115
|
const otherVersion = (
|
|
7122
7116
|
await packages.fetchPackageManifest(thisSpec)
|
|
7123
7117
|
)?.version
|
|
7124
7118
|
if (otherVersion && otherVersion !== version) {
|
|
7125
|
-
newSpec = `${sockOverridePrefix}${pin ? otherVersion : `^${
|
|
7119
|
+
newSpec = `${sockOverridePrefix}${pin ? otherVersion : `^${vendor.semverExports.major(otherVersion)}`}`
|
|
7126
7120
|
}
|
|
7127
7121
|
}
|
|
7128
7122
|
} else {
|
|
@@ -7140,11 +7134,14 @@ async function addOverrides(pkgPath, pkgEnvDetails, options) {
|
|
|
7140
7134
|
}
|
|
7141
7135
|
})
|
|
7142
7136
|
if (workspaceGlobs) {
|
|
7143
|
-
const workspacePkgJsonPaths = await
|
|
7144
|
-
|
|
7145
|
-
|
|
7146
|
-
|
|
7147
|
-
|
|
7137
|
+
const workspacePkgJsonPaths = await vendor.distExports.glob(
|
|
7138
|
+
workspaceGlobs,
|
|
7139
|
+
{
|
|
7140
|
+
absolute: true,
|
|
7141
|
+
cwd: pkgPath,
|
|
7142
|
+
ignore: ['**/node_modules/**', '**/bower_components/**']
|
|
7143
|
+
}
|
|
7144
|
+
)
|
|
7148
7145
|
// Chunk package names to process them in parallel 3 at a time.
|
|
7149
7146
|
await promises.pEach(
|
|
7150
7147
|
workspacePkgJsonPaths,
|
|
@@ -7381,7 +7378,7 @@ async function outputOrganizationList(data, outputKind = 'text') {
|
|
|
7381
7378
|
}
|
|
7382
7379
|
logger.logger.log('# Organizations\n')
|
|
7383
7380
|
logger.logger.log(
|
|
7384
|
-
`List of organizations associated with your API key, ending with: ${
|
|
7381
|
+
`List of organizations associated with your API key, ending with: ${vendor.yoctocolorsCjsExports.italic(lastFiveOfApiToken)}\n`
|
|
7385
7382
|
)
|
|
7386
7383
|
logger.logger.log(
|
|
7387
7384
|
`| Name${' '.repeat(mw1 - 4)} | ID${' '.repeat(mw2 - 2)} | Plan${' '.repeat(mw3 - 4)} |`
|
|
@@ -7401,12 +7398,12 @@ async function outputOrganizationList(data, outputKind = 'text') {
|
|
|
7401
7398
|
}
|
|
7402
7399
|
default: {
|
|
7403
7400
|
logger.logger.log(
|
|
7404
|
-
`List of organizations associated with your API key, ending with: ${
|
|
7401
|
+
`List of organizations associated with your API key, ending with: ${vendor.yoctocolorsCjsExports.italic(lastFiveOfApiToken)}\n`
|
|
7405
7402
|
)
|
|
7406
7403
|
// Just dump
|
|
7407
7404
|
for (const o of organizations) {
|
|
7408
7405
|
logger.logger.log(
|
|
7409
|
-
`- Name: ${
|
|
7406
|
+
`- Name: ${vendor.yoctocolorsCjsExports.bold(o.name ?? 'undefined')}, ID: ${vendor.yoctocolorsCjsExports.bold(o.id)}, Plan: ${vendor.yoctocolorsCjsExports.bold(o.plan)}`
|
|
7410
7407
|
)
|
|
7411
7408
|
}
|
|
7412
7409
|
}
|
|
@@ -8395,7 +8392,7 @@ function outputPurlsShallowScore(purls, packageData, outputKind) {
|
|
|
8395
8392
|
return true // not found
|
|
8396
8393
|
})
|
|
8397
8394
|
if (outputKind === 'markdown') {
|
|
8398
|
-
logger.logger.log(
|
|
8395
|
+
logger.logger.log(vendor.stripIndents`
|
|
8399
8396
|
# Shallow Package Report
|
|
8400
8397
|
|
|
8401
8398
|
This report contains the response for requesting data on some package url(s).
|
|
@@ -8409,14 +8406,16 @@ function outputPurlsShallowScore(purls, packageData, outputKind) {
|
|
|
8409
8406
|
`)
|
|
8410
8407
|
return
|
|
8411
8408
|
}
|
|
8412
|
-
logger.logger.log(
|
|
8409
|
+
logger.logger.log(
|
|
8410
|
+
'\n' + vendor.yoctocolorsCjsExports.bold('Shallow Package Score') + '\n'
|
|
8411
|
+
)
|
|
8413
8412
|
logger.logger.log(
|
|
8414
8413
|
'Please note: The listed scores are ONLY for the package itself. It does NOT\n' +
|
|
8415
8414
|
' reflect the scores of any dependencies, transitive or otherwise.'
|
|
8416
8415
|
)
|
|
8417
8416
|
if (missing.length) {
|
|
8418
8417
|
logger.logger.log(
|
|
8419
|
-
`\nAt least one package had no response or the purl was not canonical:\n${missing.map(purl => '\n- ' +
|
|
8418
|
+
`\nAt least one package had no response or the purl was not canonical:\n${missing.map(purl => '\n- ' + vendor.yoctocolorsCjsExports.bold(purl)).join('')}`
|
|
8420
8419
|
)
|
|
8421
8420
|
}
|
|
8422
8421
|
packageData.forEach(data => {
|
|
@@ -8436,7 +8435,7 @@ function formatReportCard(data, color) {
|
|
|
8436
8435
|
const alertString = getAlertString(data.alerts, !color)
|
|
8437
8436
|
const purl = 'pkg:' + data.type + '/' + data.name + '@' + data.version
|
|
8438
8437
|
return [
|
|
8439
|
-
'Package: ' + (color ?
|
|
8438
|
+
'Package: ' + (color ? vendor.yoctocolorsCjsExports.bold(purl) : purl),
|
|
8440
8439
|
'',
|
|
8441
8440
|
...Object.entries(scoreResult).map(
|
|
8442
8441
|
score =>
|
|
@@ -8452,16 +8451,18 @@ function formatScore(score, noColor = false, pad = false) {
|
|
|
8452
8451
|
return padded
|
|
8453
8452
|
}
|
|
8454
8453
|
if (score >= 80) {
|
|
8455
|
-
return
|
|
8454
|
+
return vendor.yoctocolorsCjsExports.green(padded)
|
|
8456
8455
|
}
|
|
8457
8456
|
if (score >= 60) {
|
|
8458
|
-
return
|
|
8457
|
+
return vendor.yoctocolorsCjsExports.yellow(padded)
|
|
8459
8458
|
}
|
|
8460
|
-
return
|
|
8459
|
+
return vendor.yoctocolorsCjsExports.red(padded)
|
|
8461
8460
|
}
|
|
8462
8461
|
function getAlertString(alerts, noColor = false) {
|
|
8463
8462
|
if (!alerts?.length) {
|
|
8464
|
-
return noColor
|
|
8463
|
+
return noColor
|
|
8464
|
+
? `- Alerts: none!`
|
|
8465
|
+
: `- Alerts: ${vendor.yoctocolorsCjsExports.green('none')}!`
|
|
8465
8466
|
}
|
|
8466
8467
|
const bad = alerts
|
|
8467
8468
|
.filter(alert => alert.severity !== 'low' && alert.severity !== 'middle')
|
|
@@ -8491,22 +8492,32 @@ function getAlertString(alerts, noColor = false) {
|
|
|
8491
8492
|
)
|
|
8492
8493
|
}
|
|
8493
8494
|
return (
|
|
8494
|
-
`- Alerts (${
|
|
8495
|
+
`- Alerts (${vendor.yoctocolorsCjsExports.red(bad.length.toString())}/${vendor.yoctocolorsCjsExports.yellow(mid.length.toString())}/${low.length}):` +
|
|
8495
8496
|
' '.repeat(Math.max(0, 20 - colorless.length)) +
|
|
8496
8497
|
' ' +
|
|
8497
8498
|
[
|
|
8498
8499
|
bad
|
|
8499
8500
|
.map(alert =>
|
|
8500
|
-
|
|
8501
|
+
vendor.yoctocolorsCjsExports.red(
|
|
8502
|
+
vendor.yoctocolorsCjsExports.dim(`[${alert.severity}] `) +
|
|
8503
|
+
alert.type
|
|
8504
|
+
)
|
|
8501
8505
|
)
|
|
8502
8506
|
.join(', '),
|
|
8503
8507
|
mid
|
|
8504
8508
|
.map(alert =>
|
|
8505
|
-
|
|
8509
|
+
vendor.yoctocolorsCjsExports.yellow(
|
|
8510
|
+
vendor.yoctocolorsCjsExports.dim(`[${alert.severity}] `) +
|
|
8511
|
+
alert.type
|
|
8512
|
+
)
|
|
8506
8513
|
)
|
|
8507
8514
|
.join(', '),
|
|
8508
8515
|
low
|
|
8509
|
-
.map(
|
|
8516
|
+
.map(
|
|
8517
|
+
alert =>
|
|
8518
|
+
vendor.yoctocolorsCjsExports.dim(`[${alert.severity}] `) +
|
|
8519
|
+
alert.type
|
|
8520
|
+
)
|
|
8510
8521
|
.join(', ')
|
|
8511
8522
|
]
|
|
8512
8523
|
.filter(Boolean)
|
|
@@ -9124,27 +9135,27 @@ async function outputListRepos(data, outputKind) {
|
|
|
9124
9135
|
columns: [
|
|
9125
9136
|
{
|
|
9126
9137
|
field: 'id',
|
|
9127
|
-
name:
|
|
9138
|
+
name: vendor.yoctocolorsCjsExports.magenta('ID')
|
|
9128
9139
|
},
|
|
9129
9140
|
{
|
|
9130
9141
|
field: 'name',
|
|
9131
|
-
name:
|
|
9142
|
+
name: vendor.yoctocolorsCjsExports.magenta('Name')
|
|
9132
9143
|
},
|
|
9133
9144
|
{
|
|
9134
9145
|
field: 'visibility',
|
|
9135
|
-
name:
|
|
9146
|
+
name: vendor.yoctocolorsCjsExports.magenta('Visibility')
|
|
9136
9147
|
},
|
|
9137
9148
|
{
|
|
9138
9149
|
field: 'default_branch',
|
|
9139
|
-
name:
|
|
9150
|
+
name: vendor.yoctocolorsCjsExports.magenta('Default branch')
|
|
9140
9151
|
},
|
|
9141
9152
|
{
|
|
9142
9153
|
field: 'archived',
|
|
9143
|
-
name:
|
|
9154
|
+
name: vendor.yoctocolorsCjsExports.magenta('Archived')
|
|
9144
9155
|
}
|
|
9145
9156
|
]
|
|
9146
9157
|
}
|
|
9147
|
-
logger.logger.log(
|
|
9158
|
+
logger.logger.log(vendor.srcExports(options, data.results))
|
|
9148
9159
|
}
|
|
9149
9160
|
|
|
9150
9161
|
async function handleListRepos({
|
|
@@ -9489,35 +9500,35 @@ async function outputViewRepo(data, outputKind) {
|
|
|
9489
9500
|
columns: [
|
|
9490
9501
|
{
|
|
9491
9502
|
field: 'id',
|
|
9492
|
-
name:
|
|
9503
|
+
name: vendor.yoctocolorsCjsExports.magenta('ID')
|
|
9493
9504
|
},
|
|
9494
9505
|
{
|
|
9495
9506
|
field: 'name',
|
|
9496
|
-
name:
|
|
9507
|
+
name: vendor.yoctocolorsCjsExports.magenta('Name')
|
|
9497
9508
|
},
|
|
9498
9509
|
{
|
|
9499
9510
|
field: 'visibility',
|
|
9500
|
-
name:
|
|
9511
|
+
name: vendor.yoctocolorsCjsExports.magenta('Visibility')
|
|
9501
9512
|
},
|
|
9502
9513
|
{
|
|
9503
9514
|
field: 'default_branch',
|
|
9504
|
-
name:
|
|
9515
|
+
name: vendor.yoctocolorsCjsExports.magenta('Default branch')
|
|
9505
9516
|
},
|
|
9506
9517
|
{
|
|
9507
9518
|
field: 'homepage',
|
|
9508
|
-
name:
|
|
9519
|
+
name: vendor.yoctocolorsCjsExports.magenta('Homepage')
|
|
9509
9520
|
},
|
|
9510
9521
|
{
|
|
9511
9522
|
field: 'archived',
|
|
9512
|
-
name:
|
|
9523
|
+
name: vendor.yoctocolorsCjsExports.magenta('Archived')
|
|
9513
9524
|
},
|
|
9514
9525
|
{
|
|
9515
9526
|
field: 'created_at',
|
|
9516
|
-
name:
|
|
9527
|
+
name: vendor.yoctocolorsCjsExports.magenta('Created at')
|
|
9517
9528
|
}
|
|
9518
9529
|
]
|
|
9519
9530
|
}
|
|
9520
|
-
logger.logger.log(
|
|
9531
|
+
logger.logger.log(vendor.srcExports(options, [data]))
|
|
9521
9532
|
}
|
|
9522
9533
|
|
|
9523
9534
|
async function handleViewRepo(orgSlug, repoName, outputKind) {
|
|
@@ -10122,26 +10133,28 @@ async function outputListScans(data, outputKind) {
|
|
|
10122
10133
|
columns: [
|
|
10123
10134
|
{
|
|
10124
10135
|
field: 'id',
|
|
10125
|
-
name:
|
|
10136
|
+
name: vendor.yoctocolorsCjsExports.magenta('ID')
|
|
10126
10137
|
},
|
|
10127
10138
|
{
|
|
10128
10139
|
field: 'report_url',
|
|
10129
|
-
name:
|
|
10140
|
+
name: vendor.yoctocolorsCjsExports.magenta('Scan URL')
|
|
10130
10141
|
},
|
|
10131
10142
|
{
|
|
10132
10143
|
field: 'branch',
|
|
10133
|
-
name:
|
|
10144
|
+
name: vendor.yoctocolorsCjsExports.magenta('Branch')
|
|
10134
10145
|
},
|
|
10135
10146
|
{
|
|
10136
10147
|
field: 'created_at',
|
|
10137
|
-
name:
|
|
10148
|
+
name: vendor.yoctocolorsCjsExports.magenta('Created at')
|
|
10138
10149
|
}
|
|
10139
10150
|
]
|
|
10140
10151
|
}
|
|
10141
10152
|
const formattedResults = data.results.map(d => {
|
|
10142
10153
|
return {
|
|
10143
10154
|
id: d.id,
|
|
10144
|
-
report_url:
|
|
10155
|
+
report_url: vendor.yoctocolorsCjsExports.underline(
|
|
10156
|
+
`${d.html_report_url}`
|
|
10157
|
+
),
|
|
10145
10158
|
created_at: d.created_at
|
|
10146
10159
|
? new Date(d.created_at).toLocaleDateString('en-us', {
|
|
10147
10160
|
year: 'numeric',
|
|
@@ -10152,7 +10165,7 @@ async function outputListScans(data, outputKind) {
|
|
|
10152
10165
|
branch: d.branch
|
|
10153
10166
|
}
|
|
10154
10167
|
})
|
|
10155
|
-
logger.logger.log(
|
|
10168
|
+
logger.logger.log(vendor.srcExports(options, formattedResults))
|
|
10156
10169
|
}
|
|
10157
10170
|
|
|
10158
10171
|
async function handleListScans({
|
|
@@ -11153,7 +11166,7 @@ async function run$1(argv, importMeta, { parentName }) {
|
|
|
11153
11166
|
}
|
|
11154
11167
|
|
|
11155
11168
|
function addSocketWrapper(file) {
|
|
11156
|
-
return
|
|
11169
|
+
return require$$0.appendFile(
|
|
11157
11170
|
file,
|
|
11158
11171
|
'alias npm="socket npm"\nalias npx="socket npx"\n',
|
|
11159
11172
|
err => {
|
|
@@ -11162,7 +11175,7 @@ function addSocketWrapper(file) {
|
|
|
11162
11175
|
}
|
|
11163
11176
|
// TODO: pretty sure you need to source the file or restart
|
|
11164
11177
|
// any terminal session before changes are reflected.
|
|
11165
|
-
logger.logger.log(
|
|
11178
|
+
logger.logger.log(vendor.stripIndents`
|
|
11166
11179
|
The alias was added to ${file}. Running 'npm install' will now be wrapped in Socket's "safe npm" 🎉
|
|
11167
11180
|
If you want to disable it at any time, run \`socket wrapper --disable\`
|
|
11168
11181
|
`)
|
|
@@ -11171,7 +11184,7 @@ If you want to disable it at any time, run \`socket wrapper --disable\`
|
|
|
11171
11184
|
}
|
|
11172
11185
|
|
|
11173
11186
|
function checkSocketWrapperSetup(file) {
|
|
11174
|
-
const fileContent =
|
|
11187
|
+
const fileContent = require$$0.readFileSync(file, 'utf8')
|
|
11175
11188
|
const linesWithSocketAlias = fileContent
|
|
11176
11189
|
.split('\n')
|
|
11177
11190
|
.filter(
|
|
@@ -11190,10 +11203,11 @@ async function postinstallWrapper() {
|
|
|
11190
11203
|
// Lazily access constants.bashRcPath and constants.zshRcPath.
|
|
11191
11204
|
const { bashRcPath, zshRcPath } = constants
|
|
11192
11205
|
const socketWrapperEnabled =
|
|
11193
|
-
(
|
|
11194
|
-
|
|
11206
|
+
(require$$0.existsSync(bashRcPath) &&
|
|
11207
|
+
checkSocketWrapperSetup(bashRcPath)) ||
|
|
11208
|
+
(require$$0.existsSync(zshRcPath) && checkSocketWrapperSetup(zshRcPath))
|
|
11195
11209
|
if (!socketWrapperEnabled) {
|
|
11196
|
-
await installSafeNpm(
|
|
11210
|
+
await installSafeNpm(vendor.stripIndents`
|
|
11197
11211
|
The Socket CLI is now successfully installed! 🎉
|
|
11198
11212
|
|
|
11199
11213
|
To better protect yourself against supply-chain attacks, our "safe npm" wrapper can warn you about malicious packages whenever you run 'npm install'.
|
|
@@ -11218,10 +11232,10 @@ async function installSafeNpm(query) {
|
|
|
11218
11232
|
// Lazily access constants.bashRcPath and constants.zshRcPath.
|
|
11219
11233
|
const { bashRcPath, zshRcPath } = constants
|
|
11220
11234
|
try {
|
|
11221
|
-
if (
|
|
11235
|
+
if (require$$0.existsSync(bashRcPath)) {
|
|
11222
11236
|
addSocketWrapper(bashRcPath)
|
|
11223
11237
|
}
|
|
11224
|
-
if (
|
|
11238
|
+
if (require$$0.existsSync(zshRcPath)) {
|
|
11225
11239
|
addSocketWrapper(zshRcPath)
|
|
11226
11240
|
}
|
|
11227
11241
|
} catch (e) {
|
|
@@ -11233,7 +11247,7 @@ async function installSafeNpm(query) {
|
|
|
11233
11247
|
}
|
|
11234
11248
|
|
|
11235
11249
|
function removeSocketWrapper(file) {
|
|
11236
|
-
return
|
|
11250
|
+
return require$$0.readFile(file, 'utf8', function (err, data) {
|
|
11237
11251
|
if (err) {
|
|
11238
11252
|
logger.logger.fail('There was an error removing the alias:')
|
|
11239
11253
|
logger.logger.error(err)
|
|
@@ -11245,7 +11259,7 @@ function removeSocketWrapper(file) {
|
|
|
11245
11259
|
l => l !== 'alias npm="socket npm"' && l !== 'alias npx="socket npx"'
|
|
11246
11260
|
)
|
|
11247
11261
|
const updatedFileContent = linesWithoutSocketAlias.join('\n')
|
|
11248
|
-
|
|
11262
|
+
require$$0.writeFile(file, updatedFileContent, function (err) {
|
|
11249
11263
|
if (err) {
|
|
11250
11264
|
logger.logger.error(err)
|
|
11251
11265
|
return
|
|
@@ -11333,21 +11347,27 @@ async function run(argv, importMeta, { parentName }) {
|
|
|
11333
11347
|
// Lazily access constants.bashRcPath and constants.zshRcPath.
|
|
11334
11348
|
const { bashRcPath, zshRcPath } = constants
|
|
11335
11349
|
if (enable) {
|
|
11336
|
-
if (
|
|
11350
|
+
if (
|
|
11351
|
+
require$$0.existsSync(bashRcPath) &&
|
|
11352
|
+
!checkSocketWrapperSetup(bashRcPath)
|
|
11353
|
+
) {
|
|
11337
11354
|
addSocketWrapper(bashRcPath)
|
|
11338
11355
|
}
|
|
11339
|
-
if (
|
|
11356
|
+
if (
|
|
11357
|
+
require$$0.existsSync(zshRcPath) &&
|
|
11358
|
+
!checkSocketWrapperSetup(zshRcPath)
|
|
11359
|
+
) {
|
|
11340
11360
|
addSocketWrapper(zshRcPath)
|
|
11341
11361
|
}
|
|
11342
11362
|
} else {
|
|
11343
|
-
if (
|
|
11363
|
+
if (require$$0.existsSync(bashRcPath)) {
|
|
11344
11364
|
removeSocketWrapper(bashRcPath)
|
|
11345
11365
|
}
|
|
11346
|
-
if (
|
|
11366
|
+
if (require$$0.existsSync(zshRcPath)) {
|
|
11347
11367
|
removeSocketWrapper(zshRcPath)
|
|
11348
11368
|
}
|
|
11349
11369
|
}
|
|
11350
|
-
if (!
|
|
11370
|
+
if (!require$$0.existsSync(bashRcPath) && !require$$0.existsSync(zshRcPath)) {
|
|
11351
11371
|
logger.logger.fail(
|
|
11352
11372
|
'There was an issue setting up the alias in your bash profile'
|
|
11353
11373
|
)
|
|
@@ -11358,10 +11378,10 @@ const { SOCKET_CLI_BIN_NAME } = constants
|
|
|
11358
11378
|
|
|
11359
11379
|
// TODO: Add autocompletion using https://socket.dev/npm/package/omelette
|
|
11360
11380
|
void (async () => {
|
|
11361
|
-
await
|
|
11381
|
+
await vendor.updater({
|
|
11362
11382
|
name: SOCKET_CLI_BIN_NAME,
|
|
11363
11383
|
// The '@rollup/plugin-replace' will replace "process.env['INLINED_SOCKET_CLI_VERSION']".
|
|
11364
|
-
version: '0.14.
|
|
11384
|
+
version: '0.14.95',
|
|
11365
11385
|
ttl: 86_400_000 /* 24 hours in milliseconds */
|
|
11366
11386
|
})
|
|
11367
11387
|
try {
|
|
@@ -11398,7 +11418,7 @@ void (async () => {
|
|
|
11398
11418
|
argv: process$1.argv.slice(2),
|
|
11399
11419
|
name: SOCKET_CLI_BIN_NAME,
|
|
11400
11420
|
importMeta: {
|
|
11401
|
-
url: `${
|
|
11421
|
+
url: `${require$$0$2.pathToFileURL(__filename)}`
|
|
11402
11422
|
}
|
|
11403
11423
|
}
|
|
11404
11424
|
)
|
|
@@ -11416,8 +11436,8 @@ void (async () => {
|
|
|
11416
11436
|
errorBody = e.body
|
|
11417
11437
|
} else if (e instanceof Error) {
|
|
11418
11438
|
errorTitle = 'Unexpected error'
|
|
11419
|
-
errorMessage =
|
|
11420
|
-
errorBody =
|
|
11439
|
+
errorMessage = vendor.messageWithCauses(e)
|
|
11440
|
+
errorBody = vendor.stackWithCauses(e)
|
|
11421
11441
|
} else {
|
|
11422
11442
|
errorTitle = 'Unexpected error with no details'
|
|
11423
11443
|
}
|
|
@@ -11429,5 +11449,5 @@ void (async () => {
|
|
|
11429
11449
|
await shadowNpmInject.captureException(e)
|
|
11430
11450
|
}
|
|
11431
11451
|
})()
|
|
11432
|
-
//# debugId=
|
|
11452
|
+
//# debugId=c34fd255-4999-4681-9636-3dc45d80a01d
|
|
11433
11453
|
//# sourceMappingURL=cli.js.map
|