@socketsecurity/cli-with-sentry 0.14.94 → 0.14.96
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/constants.js +3 -3
- package/dist/constants.js.map +1 -1
- package/dist/instrument-with-sentry.js +2 -2
- package/dist/instrument-with-sentry.js.map +1 -1
- package/dist/module-sync/cli.js +178 -159
- package/dist/module-sync/cli.js.map +1 -1
- package/dist/module-sync/shadow-bin.js +3 -14
- package/dist/module-sync/shadow-bin.js.map +1 -1
- package/dist/module-sync/shadow-npm-inject.js +68 -59
- package/dist/module-sync/shadow-npm-inject.js.map +1 -1
- package/dist/module-sync/shadow-npm-paths.js +16 -29
- package/dist/module-sync/shadow-npm-paths.js.map +1 -1
- package/dist/module-sync/vendor.d.ts +0 -0
- package/dist/module-sync/vendor.js +85829 -12598
- package/dist/module-sync/vendor.js.map +1 -1
- package/dist/require/cli.js +160 -140
- package/dist/require/cli.js.map +1 -1
- package/dist/require/shadow-bin.d.ts +5 -0
- package/dist/require/shadow-bin.js +108 -1
- package/dist/require/shadow-bin.js.map +1 -0
- package/dist/require/shadow-npm-inject.d.ts +1 -0
- package/dist/require/shadow-npm-inject.js +2335 -1
- package/dist/require/shadow-npm-inject.js.map +1 -0
- package/dist/require/shadow-npm-paths.d.ts +29 -0
- package/dist/require/shadow-npm-paths.js +454 -1
- package/dist/require/shadow-npm-paths.js.map +1 -0
- package/package.json +29 -29
- package/dist/blessed/lib/alias.js +0 -521
- package/dist/blessed/lib/blessed.js +0 -34
- package/dist/blessed/lib/colors.js +0 -492
- package/dist/blessed/lib/events.js +0 -197
- package/dist/blessed/lib/gpmclient.js +0 -247
- package/dist/blessed/lib/helpers.js +0 -172
- package/dist/blessed/lib/keys.js +0 -514
- package/dist/blessed/lib/program.js +0 -4532
- package/dist/blessed/lib/tput.js +0 -3113
- package/dist/blessed/lib/unicode.js +0 -914
- package/dist/blessed/lib/widget.js +0 -62
- package/dist/blessed/lib/widgets/ansiimage.js +0 -175
- package/dist/blessed/lib/widgets/bigtext.js +0 -172
- package/dist/blessed/lib/widgets/box.js +0 -36
- package/dist/blessed/lib/widgets/button.js +0 -64
- package/dist/blessed/lib/widgets/checkbox.js +0 -97
- package/dist/blessed/lib/widgets/element.js +0 -2873
- package/dist/blessed/lib/widgets/filemanager.js +0 -225
- package/dist/blessed/lib/widgets/form.js +0 -303
- package/dist/blessed/lib/widgets/image.js +0 -73
- package/dist/blessed/lib/widgets/input.js +0 -36
- package/dist/blessed/lib/widgets/layout.js +0 -251
- package/dist/blessed/lib/widgets/line.js +0 -61
- package/dist/blessed/lib/widgets/list.js +0 -654
- package/dist/blessed/lib/widgets/listbar.js +0 -454
- package/dist/blessed/lib/widgets/listtable.js +0 -267
- package/dist/blessed/lib/widgets/loading.js +0 -90
- package/dist/blessed/lib/widgets/log.js +0 -84
- package/dist/blessed/lib/widgets/message.js +0 -147
- package/dist/blessed/lib/widgets/node.js +0 -315
- package/dist/blessed/lib/widgets/overlayimage.js +0 -796
- package/dist/blessed/lib/widgets/progressbar.js +0 -168
- package/dist/blessed/lib/widgets/prompt.js +0 -129
- package/dist/blessed/lib/widgets/question.js +0 -131
- package/dist/blessed/lib/widgets/radiobutton.js +0 -64
- package/dist/blessed/lib/widgets/radioset.js +0 -38
- package/dist/blessed/lib/widgets/screen.js +0 -2487
- package/dist/blessed/lib/widgets/scrollablebox.js +0 -417
- package/dist/blessed/lib/widgets/scrollabletext.js +0 -37
- package/dist/blessed/lib/widgets/table.js +0 -385
- package/dist/blessed/lib/widgets/terminal.js +0 -454
- package/dist/blessed/lib/widgets/text.js +0 -37
- package/dist/blessed/lib/widgets/textarea.js +0 -378
- package/dist/blessed/lib/widgets/textbox.js +0 -81
- package/dist/blessed/lib/widgets/video.js +0 -132
- package/dist/blessed/usr/fonts/AUTHORS +0 -1
- package/dist/blessed/usr/fonts/LICENSE +0 -94
- package/dist/blessed/usr/fonts/README +0 -340
- package/dist/blessed/usr/fonts/ter-u14b.json +0 -17826
- package/dist/blessed/usr/fonts/ter-u14n.json +0 -17826
- package/dist/blessed/usr/linux +0 -0
- package/dist/blessed/usr/windows-ansi +0 -0
- package/dist/blessed/usr/xterm +0 -0
- package/dist/blessed/usr/xterm-256color +0 -0
- package/dist/blessed/usr/xterm.termcap +0 -243
- package/dist/blessed/usr/xterm.terminfo +0 -1977
- package/dist/blessed/vendor/tng.js +0 -1878
package/dist/require/cli.js
CHANGED
|
@@ -12,54 +12,38 @@ function _socketInterop(e) {
|
|
|
12
12
|
}
|
|
13
13
|
|
|
14
14
|
const process$1 = require('node:process')
|
|
15
|
-
const require$$0 = require('node:url')
|
|
16
|
-
const ponyCause = _socketInterop(require('pony-cause'))
|
|
15
|
+
const require$$0$2 = require('node:url')
|
|
17
16
|
const vendor = require('./vendor.js')
|
|
18
17
|
const debug = require('@socketsecurity/registry/lib/debug')
|
|
19
18
|
const logger = require('@socketsecurity/registry/lib/logger')
|
|
20
19
|
const assert = require('node:assert')
|
|
21
20
|
const fs = require('node:fs/promises')
|
|
22
|
-
const commonTags = _socketInterop(require('common-tags'))
|
|
23
21
|
const strings = require('@socketsecurity/registry/lib/strings')
|
|
24
22
|
const shadowNpmInject = require('./shadow-npm-inject.js')
|
|
25
23
|
const constants = require('./constants.js')
|
|
26
|
-
const colors = _socketInterop(require('yoctocolors-cjs'))
|
|
27
24
|
const path$1 = require('node:path')
|
|
28
25
|
const objects = require('@socketsecurity/registry/lib/objects')
|
|
29
26
|
const path = require('@socketsecurity/registry/lib/path')
|
|
30
27
|
const regexps = require('@socketsecurity/registry/lib/regexps')
|
|
31
|
-
const yargsParse = _socketInterop(require('yargs-parser'))
|
|
32
28
|
const words = require('@socketsecurity/registry/lib/words')
|
|
33
|
-
const
|
|
29
|
+
const require$$0 = require('node:fs')
|
|
34
30
|
const shadowBin = require('./shadow-bin.js')
|
|
35
31
|
const prompts = require('@socketsecurity/registry/lib/prompts')
|
|
36
32
|
const shadowNpmPaths = require('./shadow-npm-paths.js')
|
|
37
|
-
const chalkTable = _socketInterop(require('chalk-table'))
|
|
38
33
|
const require$$0$1 = require('node:util')
|
|
39
|
-
const terminalLink = _socketInterop(require('terminal-link'))
|
|
40
34
|
const arrays = require('@socketsecurity/registry/lib/arrays')
|
|
41
35
|
const registry = require('@socketsecurity/registry')
|
|
42
36
|
const npm = require('@socketsecurity/registry/lib/npm')
|
|
43
37
|
const packages = require('@socketsecurity/registry/lib/packages')
|
|
44
38
|
const spawn = require('@socketsecurity/registry/lib/spawn')
|
|
45
|
-
const lockfile_fs = _socketInterop(require('@pnpm/lockfile.fs'))
|
|
46
|
-
const lockfile_detectDepTypes = _socketInterop(
|
|
47
|
-
require('@pnpm/lockfile.detect-dep-types')
|
|
48
|
-
)
|
|
49
|
-
const browserslist = _socketInterop(require('browserslist'))
|
|
50
|
-
const semver = _socketInterop(require('semver'))
|
|
51
|
-
const which = _socketInterop(require('which'))
|
|
52
39
|
const index_cjs = require('@socketregistry/hyrious__bun.lockb/index.cjs')
|
|
53
40
|
const sorts = require('@socketsecurity/registry/lib/sorts')
|
|
54
41
|
const registryConstants = require('@socketsecurity/registry/lib/constants')
|
|
55
42
|
const isInteractive = require('@socketregistry/is-interactive/index.cjs')
|
|
56
|
-
const npa = _socketInterop(require('npm-package-arg'))
|
|
57
|
-
const tinyglobby = _socketInterop(require('tinyglobby'))
|
|
58
43
|
const promises = require('@socketsecurity/registry/lib/promises')
|
|
59
|
-
const yaml = _socketInterop(require('yaml'))
|
|
60
44
|
|
|
61
45
|
function failMsgWithBadge(badge, msg) {
|
|
62
|
-
return `${
|
|
46
|
+
return `${vendor.yoctocolorsCjsExports.bgRed(vendor.yoctocolorsCjsExports.bold(vendor.yoctocolorsCjsExports.white(` ${badge}: `)))} ${vendor.yoctocolorsCjsExports.bold(msg)}`
|
|
63
47
|
}
|
|
64
48
|
|
|
65
49
|
function handleUnsuccessfulApiResponse(_name, sockSdkError) {
|
|
@@ -362,7 +346,7 @@ function renderJson(data) {
|
|
|
362
346
|
}
|
|
363
347
|
}
|
|
364
348
|
function renderMarkdown(data, days, repoSlug) {
|
|
365
|
-
return
|
|
349
|
+
return vendor.stripIndents`
|
|
366
350
|
# Socket Alert Analytics
|
|
367
351
|
|
|
368
352
|
These are the Socket.dev stats are analytics for the ${repoSlug ? `${repoSlug} repo` : 'org'} of the past ${days} days
|
|
@@ -402,7 +386,7 @@ ${[
|
|
|
402
386
|
]
|
|
403
387
|
]
|
|
404
388
|
.map(
|
|
405
|
-
([title, table]) =>
|
|
389
|
+
([title, table]) => vendor.stripIndents`
|
|
406
390
|
## ${title}
|
|
407
391
|
|
|
408
392
|
${table}
|
|
@@ -681,7 +665,7 @@ function handleBadInput(...checks) {
|
|
|
681
665
|
// If the message has newlines then format the first line with the input
|
|
682
666
|
// expectation and teh rest indented below it
|
|
683
667
|
msg.push(
|
|
684
|
-
` - ${lines[0]} (${d.test ?
|
|
668
|
+
` - ${lines[0]} (${d.test ? vendor.yoctocolorsCjsExports.green(d.pass) : vendor.yoctocolorsCjsExports.red(d.fail)})`
|
|
685
669
|
)
|
|
686
670
|
if (lines.length > 1) {
|
|
687
671
|
msg.push(...lines.slice(1).map(str => ` ${str}`))
|
|
@@ -915,7 +899,7 @@ function emitBanner(name) {
|
|
|
915
899
|
logger.logger.error(getAsciiHeader(name))
|
|
916
900
|
}
|
|
917
901
|
function getAsciiHeader(command) {
|
|
918
|
-
const cliVersion = '0.14.
|
|
902
|
+
const cliVersion = '0.14.96:b940b80:d716bd90:pub' // The '@rollup/plugin-replace' will replace "process.env['INLINED_SOCKET_CLI_VERSION_HASH']".
|
|
919
903
|
const nodeVersion = process$1.version
|
|
920
904
|
const apiToken = shadowNpmInject.getDefaultToken()
|
|
921
905
|
const shownToken = apiToken ? getLastFiveOfApiToken(apiToken) : 'no'
|
|
@@ -1361,9 +1345,9 @@ async function runCycloneDX(yargvWithYes) {
|
|
|
1361
1345
|
if (
|
|
1362
1346
|
yargv.type !== YARN$1 &&
|
|
1363
1347
|
nodejsPlatformTypes.has(yargv.type) &&
|
|
1364
|
-
|
|
1348
|
+
require$$0.existsSync(`./${YARN_LOCK}`)
|
|
1365
1349
|
) {
|
|
1366
|
-
if (
|
|
1350
|
+
if (require$$0.existsSync(`./${PACKAGE_LOCK_JSON}`)) {
|
|
1367
1351
|
yargv.type = NPM$g
|
|
1368
1352
|
} else {
|
|
1369
1353
|
// Use synp to create a package-lock.json from the yarn.lock,
|
|
@@ -1389,12 +1373,14 @@ async function runCycloneDX(yargvWithYes) {
|
|
|
1389
1373
|
])
|
|
1390
1374
|
if (cleanupPackageLock) {
|
|
1391
1375
|
try {
|
|
1392
|
-
await
|
|
1376
|
+
await require$$0.promises.rm(`./${PACKAGE_LOCK_JSON}`)
|
|
1393
1377
|
} catch {}
|
|
1394
1378
|
}
|
|
1395
1379
|
const fullOutputPath = path$1.join(process$1.cwd(), yargv.output)
|
|
1396
|
-
if (
|
|
1397
|
-
logger.logger.log(
|
|
1380
|
+
if (require$$0.existsSync(fullOutputPath)) {
|
|
1381
|
+
logger.logger.log(
|
|
1382
|
+
vendor.yoctocolorsCjsExports.cyanBright(`${yargv.output} created!`)
|
|
1383
|
+
)
|
|
1398
1384
|
}
|
|
1399
1385
|
}
|
|
1400
1386
|
function argvToArray(argv) {
|
|
@@ -1597,7 +1583,7 @@ async function run$I(argv, importMeta, { parentName }) {
|
|
|
1597
1583
|
|
|
1598
1584
|
// TODO: Convert to meow.
|
|
1599
1585
|
const yargv = {
|
|
1600
|
-
...
|
|
1586
|
+
...vendor.yargsParser(argv, yargsConfig)
|
|
1601
1587
|
}
|
|
1602
1588
|
const unknown = yargv._
|
|
1603
1589
|
const { length: unknownLength } = unknown
|
|
@@ -2332,7 +2318,9 @@ async function outputCreateNewScan(data, outputKind) {
|
|
|
2332
2318
|
logger.logger.log('')
|
|
2333
2319
|
return
|
|
2334
2320
|
}
|
|
2335
|
-
const link =
|
|
2321
|
+
const link = vendor.yoctocolorsCjsExports.underline(
|
|
2322
|
+
vendor.yoctocolorsCjsExports.cyan(`${data.html_report_url}`)
|
|
2323
|
+
)
|
|
2336
2324
|
logger.logger.log(`Available at: ${link}`)
|
|
2337
2325
|
if (
|
|
2338
2326
|
await prompts.confirm({
|
|
@@ -3327,35 +3315,35 @@ async function outputDependencies(data, { limit, offset, outputKind }) {
|
|
|
3327
3315
|
columns: [
|
|
3328
3316
|
{
|
|
3329
3317
|
field: 'namespace',
|
|
3330
|
-
name:
|
|
3318
|
+
name: vendor.yoctocolorsCjsExports.cyan('Namespace')
|
|
3331
3319
|
},
|
|
3332
3320
|
{
|
|
3333
3321
|
field: 'name',
|
|
3334
|
-
name:
|
|
3322
|
+
name: vendor.yoctocolorsCjsExports.cyan('Name')
|
|
3335
3323
|
},
|
|
3336
3324
|
{
|
|
3337
3325
|
field: 'version',
|
|
3338
|
-
name:
|
|
3326
|
+
name: vendor.yoctocolorsCjsExports.cyan('Version')
|
|
3339
3327
|
},
|
|
3340
3328
|
{
|
|
3341
3329
|
field: 'repository',
|
|
3342
|
-
name:
|
|
3330
|
+
name: vendor.yoctocolorsCjsExports.cyan('Repository')
|
|
3343
3331
|
},
|
|
3344
3332
|
{
|
|
3345
3333
|
field: 'branch',
|
|
3346
|
-
name:
|
|
3334
|
+
name: vendor.yoctocolorsCjsExports.cyan('Branch')
|
|
3347
3335
|
},
|
|
3348
3336
|
{
|
|
3349
3337
|
field: 'type',
|
|
3350
|
-
name:
|
|
3338
|
+
name: vendor.yoctocolorsCjsExports.cyan('Type')
|
|
3351
3339
|
},
|
|
3352
3340
|
{
|
|
3353
3341
|
field: 'direct',
|
|
3354
|
-
name:
|
|
3342
|
+
name: vendor.yoctocolorsCjsExports.cyan('Direct')
|
|
3355
3343
|
}
|
|
3356
3344
|
]
|
|
3357
3345
|
}
|
|
3358
|
-
logger.logger.log(
|
|
3346
|
+
logger.logger.log(vendor.srcExports(options, data.rows))
|
|
3359
3347
|
}
|
|
3360
3348
|
|
|
3361
3349
|
async function handleDependencies({ limit, offset, outputKind }) {
|
|
@@ -3482,7 +3470,7 @@ async function fetchDiffScan({ after, before, orgSlug }) {
|
|
|
3482
3470
|
async function outputDiffScan(result, { depth, file, outputKind }) {
|
|
3483
3471
|
const dashboardUrl = result.diff_report_url
|
|
3484
3472
|
const dashboardMessage = dashboardUrl
|
|
3485
|
-
? `\n View this diff scan in the Socket dashboard: ${
|
|
3473
|
+
? `\n View this diff scan in the Socket dashboard: ${vendor.yoctocolorsCjsExports.cyan(dashboardUrl)}`
|
|
3486
3474
|
: ''
|
|
3487
3475
|
|
|
3488
3476
|
// When forcing json, or dumping to file, serialize to string such that it
|
|
@@ -3501,7 +3489,7 @@ async function outputDiffScan(result, { depth, file, outputKind }) {
|
|
|
3501
3489
|
}
|
|
3502
3490
|
if (file && file !== '-') {
|
|
3503
3491
|
logger.logger.log(`Writing json to \`${file}\``)
|
|
3504
|
-
|
|
3492
|
+
require$$0.writeFile(file, JSON.stringify(result, null, 2), err => {
|
|
3505
3493
|
if (err) {
|
|
3506
3494
|
logger.logger.fail(`Writing to \`${file}\` failed...`)
|
|
3507
3495
|
logger.logger.error(err)
|
|
@@ -3820,7 +3808,6 @@ async function openGitHubPullRequest(
|
|
|
3820
3808
|
if (!pat) {
|
|
3821
3809
|
throw new Error('Missing SOCKET_SECURITY_GITHUB_PAT environment variable')
|
|
3822
3810
|
}
|
|
3823
|
-
const commitMsg = `chore: upgrade ${name} to ${version}`
|
|
3824
3811
|
const url = `https://x-access-token:${pat}@github.com/${owner}/${repo}`
|
|
3825
3812
|
await spawn.spawn('git', ['remote', 'set-url', 'origin', url], {
|
|
3826
3813
|
cwd
|
|
@@ -3829,8 +3816,8 @@ async function openGitHubPullRequest(
|
|
|
3829
3816
|
return await octokit.pulls.create({
|
|
3830
3817
|
owner,
|
|
3831
3818
|
repo,
|
|
3832
|
-
title:
|
|
3833
|
-
head:
|
|
3819
|
+
title: `chore: upgrade ${name} to ${version}`,
|
|
3820
|
+
head: branch,
|
|
3834
3821
|
base: baseBranch,
|
|
3835
3822
|
body: `[socket] Upgrade \`${name}\` to ${version}`
|
|
3836
3823
|
})
|
|
@@ -4058,7 +4045,7 @@ async function getAlertsMapFromPnpmLockfile(lockfile, options_) {
|
|
|
4058
4045
|
...options.include
|
|
4059
4046
|
}
|
|
4060
4047
|
const { spinner } = options
|
|
4061
|
-
const depTypes =
|
|
4048
|
+
const depTypes = vendor.libExports$2.detectDepTypes(lockfile)
|
|
4062
4049
|
const pkgIds = Object.keys(depTypes)
|
|
4063
4050
|
let { length: remaining } = pkgIds
|
|
4064
4051
|
const alertsByPkgId = new Map()
|
|
@@ -4264,7 +4251,7 @@ async function pnpmFix(
|
|
|
4264
4251
|
pkgEnvDetails,
|
|
4265
4252
|
{ autoMerge, cwd, rangeStyle, spinner, test, testScript }
|
|
4266
4253
|
) {
|
|
4267
|
-
const lockfile = await
|
|
4254
|
+
const lockfile = await vendor.libExports$3.readWantedLockfile(cwd, {
|
|
4268
4255
|
ignoreIncompatible: false
|
|
4269
4256
|
})
|
|
4270
4257
|
if (!lockfile) {
|
|
@@ -4513,7 +4500,7 @@ const binByAgent = new Map([
|
|
|
4513
4500
|
async function getAgentExecPath(agent) {
|
|
4514
4501
|
const binName = binByAgent.get(agent)
|
|
4515
4502
|
return (
|
|
4516
|
-
(await
|
|
4503
|
+
(await vendor.libExports$1(binName, {
|
|
4517
4504
|
nothrow: true
|
|
4518
4505
|
})) ?? binName
|
|
4519
4506
|
)
|
|
@@ -4525,7 +4512,7 @@ async function getAgentVersion(agentExecPath, cwd) {
|
|
|
4525
4512
|
// Coerce version output into a valid semver version by passing it through
|
|
4526
4513
|
// semver.coerce which strips leading v's, carets (^), comparators (<,<=,>,>=,=),
|
|
4527
4514
|
// and tildes (~).
|
|
4528
|
-
|
|
4515
|
+
vendor.semverExports.coerce(
|
|
4529
4516
|
// All package managers support the "--version" flag.
|
|
4530
4517
|
(
|
|
4531
4518
|
await spawn.spawn(agentExecPath, ['--version'], {
|
|
@@ -4619,7 +4606,7 @@ async function detectPackageEnvironment({
|
|
|
4619
4606
|
cwd
|
|
4620
4607
|
})
|
|
4621
4608
|
const pkgPath =
|
|
4622
|
-
pkgJsonPath &&
|
|
4609
|
+
pkgJsonPath && require$$0.existsSync(pkgJsonPath)
|
|
4623
4610
|
? path$1.dirname(pkgJsonPath)
|
|
4624
4611
|
: undefined
|
|
4625
4612
|
const editablePkgJson = pkgPath
|
|
@@ -4673,7 +4660,7 @@ async function detectPackageEnvironment({
|
|
|
4673
4660
|
// Lazily access constants.minimumVersionByAgent.
|
|
4674
4661
|
const minSupportedAgentVersion = constants.minimumVersionByAgent.get(agent)
|
|
4675
4662
|
const minSupportedNodeVersion = maintainedNodeVersions.last
|
|
4676
|
-
const nodeVersion =
|
|
4663
|
+
const nodeVersion = vendor.semverExports.coerce(process$1.version)
|
|
4677
4664
|
let lockSrc
|
|
4678
4665
|
let pkgAgentRange
|
|
4679
4666
|
let pkgNodeRange
|
|
@@ -4687,8 +4674,8 @@ async function detectPackageEnvironment({
|
|
|
4687
4674
|
pkgAgentRange = engineAgentRange
|
|
4688
4675
|
// Roughly check agent range as semver.coerce will strip leading
|
|
4689
4676
|
// v's, carets (^), comparators (<,<=,>,>=,=), and tildes (~).
|
|
4690
|
-
const coerced =
|
|
4691
|
-
if (coerced &&
|
|
4677
|
+
const coerced = vendor.semverExports.coerce(pkgAgentRange)
|
|
4678
|
+
if (coerced && vendor.semverExports.lt(coerced, pkgMinAgentVersion)) {
|
|
4692
4679
|
pkgMinAgentVersion = coerced.version
|
|
4693
4680
|
}
|
|
4694
4681
|
}
|
|
@@ -4696,22 +4683,23 @@ async function detectPackageEnvironment({
|
|
|
4696
4683
|
pkgNodeRange = engineNodeRange
|
|
4697
4684
|
// Roughly check Node range as semver.coerce will strip leading
|
|
4698
4685
|
// v's, carets (^), comparators (<,<=,>,>=,=), and tildes (~).
|
|
4699
|
-
const coerced =
|
|
4700
|
-
if (coerced &&
|
|
4686
|
+
const coerced = vendor.semverExports.coerce(pkgNodeRange)
|
|
4687
|
+
if (coerced && vendor.semverExports.lt(coerced, pkgMinNodeVersion)) {
|
|
4701
4688
|
pkgMinNodeVersion = coerced.version
|
|
4702
4689
|
}
|
|
4703
4690
|
}
|
|
4704
4691
|
const browserslistQuery = pkgJson['browserslist']
|
|
4705
4692
|
if (Array.isArray(browserslistQuery)) {
|
|
4706
4693
|
// List Node targets in ascending version order.
|
|
4707
|
-
const browserslistNodeTargets =
|
|
4694
|
+
const browserslistNodeTargets = vendor
|
|
4695
|
+
.browserslistExports(browserslistQuery)
|
|
4708
4696
|
.filter(v => /^node /i.test(v))
|
|
4709
4697
|
.map(v => v.slice(5 /*'node '.length*/))
|
|
4710
4698
|
.sort(sorts.naturalCompare)
|
|
4711
4699
|
if (browserslistNodeTargets.length) {
|
|
4712
4700
|
// browserslistNodeTargets[0] is the lowest Node target version.
|
|
4713
|
-
const coerced =
|
|
4714
|
-
if (coerced &&
|
|
4701
|
+
const coerced = vendor.semverExports.coerce(browserslistNodeTargets[0])
|
|
4702
|
+
if (coerced && vendor.semverExports.lt(coerced, pkgMinNodeVersion)) {
|
|
4715
4703
|
pkgMinNodeVersion = coerced.version
|
|
4716
4704
|
}
|
|
4717
4705
|
}
|
|
@@ -4727,17 +4715,20 @@ async function detectPackageEnvironment({
|
|
|
4727
4715
|
// Does the system agent version meet our minimum supported agent version?
|
|
4728
4716
|
const agentSupported =
|
|
4729
4717
|
!!agentVersion &&
|
|
4730
|
-
|
|
4718
|
+
vendor.semverExports.satisfies(
|
|
4719
|
+
agentVersion,
|
|
4720
|
+
`>=${minSupportedAgentVersion}`
|
|
4721
|
+
)
|
|
4731
4722
|
|
|
4732
4723
|
// Does the system Node version meet our minimum supported Node version?
|
|
4733
|
-
const nodeSupported =
|
|
4724
|
+
const nodeSupported = vendor.semverExports.satisfies(
|
|
4734
4725
|
nodeVersion,
|
|
4735
4726
|
`>=${minSupportedNodeVersion}`
|
|
4736
4727
|
)
|
|
4737
4728
|
const npmBuggyOverrides =
|
|
4738
4729
|
agent === NPM$b &&
|
|
4739
4730
|
!!agentVersion &&
|
|
4740
|
-
|
|
4731
|
+
vendor.semverExports.lt(agentVersion, NPM_BUGGY_OVERRIDES_PATCHED_VERSION$1)
|
|
4741
4732
|
return {
|
|
4742
4733
|
agent,
|
|
4743
4734
|
agentExecPath,
|
|
@@ -4760,13 +4751,13 @@ async function detectPackageEnvironment({
|
|
|
4760
4751
|
},
|
|
4761
4752
|
pkgSupports: {
|
|
4762
4753
|
// Does our minimum supported agent version meet the package's requirements?
|
|
4763
|
-
agent:
|
|
4754
|
+
agent: vendor.semverExports.satisfies(
|
|
4764
4755
|
minSupportedAgentVersion,
|
|
4765
4756
|
`>=${pkgMinAgentVersion}`
|
|
4766
4757
|
),
|
|
4767
4758
|
// Does our supported Node versions meet the package's requirements?
|
|
4768
4759
|
node: maintainedNodeVersions.some(v =>
|
|
4769
|
-
|
|
4760
|
+
vendor.semverExports.satisfies(v, `>=${pkgMinNodeVersion}`)
|
|
4770
4761
|
)
|
|
4771
4762
|
}
|
|
4772
4763
|
}
|
|
@@ -4914,12 +4905,12 @@ const config$z = {
|
|
|
4914
4905
|
autoMerge: {
|
|
4915
4906
|
type: 'boolean',
|
|
4916
4907
|
default: false,
|
|
4917
|
-
description: `Enable auto-merge for pull requests that Socket opens.\n See ${
|
|
4908
|
+
description: `Enable auto-merge for pull requests that Socket opens.\n See ${vendor.terminalLinkExports('GitHub documentation', 'https://docs.github.com/en/repositories/configuring-branches-and-merges-in-your-repository/configuring-pull-request-merges/managing-auto-merge-for-pull-requests-in-your-repository')} for managing auto-merge for pull requests in your repository.`
|
|
4918
4909
|
},
|
|
4919
4910
|
rangeStyle: {
|
|
4920
4911
|
type: 'string',
|
|
4921
4912
|
default: 'preserve',
|
|
4922
|
-
description:
|
|
4913
|
+
description: vendor.stripIndent`
|
|
4923
4914
|
Define how updated dependency versions should be written in package.json.
|
|
4924
4915
|
Available styles:
|
|
4925
4916
|
* caret - Use ^ range for compatible updates (e.g. ^1.2.3)
|
|
@@ -5028,11 +5019,11 @@ async function fetchPackageInfo(pkgName, pkgVersion, includeAllIssues) {
|
|
|
5028
5019
|
const { NPM: NPM$9 } = registryConstants
|
|
5029
5020
|
function formatScore$1(score) {
|
|
5030
5021
|
if (score > 80) {
|
|
5031
|
-
return
|
|
5022
|
+
return vendor.yoctocolorsCjsExports.green(`${score}`)
|
|
5032
5023
|
} else if (score < 80 && score > 60) {
|
|
5033
|
-
return
|
|
5024
|
+
return vendor.yoctocolorsCjsExports.yellow(`${score}`)
|
|
5034
5025
|
}
|
|
5035
|
-
return
|
|
5026
|
+
return vendor.yoctocolorsCjsExports.red(`${score}`)
|
|
5036
5027
|
}
|
|
5037
5028
|
function outputPackageIssuesDetails(packageData, outputMarkdown) {
|
|
5038
5029
|
const issueDetails = packageData.filter(
|
|
@@ -5080,7 +5071,7 @@ function outputPackageInfo(
|
|
|
5080
5071
|
return
|
|
5081
5072
|
}
|
|
5082
5073
|
if (outputKind === 'markdown') {
|
|
5083
|
-
logger.logger.log(
|
|
5074
|
+
logger.logger.log(vendor.stripIndents`
|
|
5084
5075
|
# Package report for ${pkgName}
|
|
5085
5076
|
|
|
5086
5077
|
Package report card:
|
|
@@ -5137,8 +5128,8 @@ function outputPackageInfo(
|
|
|
5137
5128
|
}
|
|
5138
5129
|
if (outputKind !== 'markdown') {
|
|
5139
5130
|
logger.logger.log(
|
|
5140
|
-
|
|
5141
|
-
`\nOr rerun ${
|
|
5131
|
+
vendor.yoctocolorsCjsExports.dim(
|
|
5132
|
+
`\nOr rerun ${vendor.yoctocolorsCjsExports.italic(commandName)} using the ${vendor.yoctocolorsCjsExports.italic('--json')} flag to get full JSON output`
|
|
5142
5133
|
)
|
|
5143
5134
|
)
|
|
5144
5135
|
} else {
|
|
@@ -5269,7 +5260,7 @@ async function attemptLogin(apiBaseUrl, apiProxy) {
|
|
|
5269
5260
|
apiProxy ??= shadowNpmInject.getConfigValue('apiProxy') ?? undefined
|
|
5270
5261
|
const apiToken =
|
|
5271
5262
|
(await prompts.password({
|
|
5272
|
-
message: `Enter your ${
|
|
5263
|
+
message: `Enter your ${vendor.terminalLinkExports('Socket.dev API key', 'https://docs.socket.dev/docs/api-keys')} (leave blank for a public key)`
|
|
5273
5264
|
})) || SOCKET_PUBLIC_API_TOKEN
|
|
5274
5265
|
// Lazily access constants.spinner.
|
|
5275
5266
|
const { spinner } = constants
|
|
@@ -6015,7 +6006,7 @@ async function run$t(argv, importMeta, { parentName }) {
|
|
|
6015
6006
|
subArgs.push('--verbose')
|
|
6016
6007
|
}
|
|
6017
6008
|
const dir = cwd
|
|
6018
|
-
if (
|
|
6009
|
+
if (require$$0.existsSync(path$1.join(dir, 'build.sbt'))) {
|
|
6019
6010
|
logger.logger.log(
|
|
6020
6011
|
'Detected a Scala sbt build, running default Scala generator...'
|
|
6021
6012
|
)
|
|
@@ -6032,7 +6023,7 @@ async function run$t(argv, importMeta, { parentName }) {
|
|
|
6032
6023
|
})
|
|
6033
6024
|
return
|
|
6034
6025
|
}
|
|
6035
|
-
if (
|
|
6026
|
+
if (require$$0.existsSync(path$1.join(dir, 'gradlew'))) {
|
|
6036
6027
|
logger.logger.log(
|
|
6037
6028
|
'Detected a gradle build, running default gradle generator...'
|
|
6038
6029
|
)
|
|
@@ -6546,7 +6537,7 @@ async function getWorkspaceGlobs(agent, pkgPath, editablePkgJson) {
|
|
|
6546
6537
|
const yml = await shadowNpmInject.safeReadFile(workspacePath)
|
|
6547
6538
|
if (yml) {
|
|
6548
6539
|
try {
|
|
6549
|
-
workspacePatterns =
|
|
6540
|
+
workspacePatterns = vendor.distExports$1.parse(yml)?.packages
|
|
6550
6541
|
} catch {}
|
|
6551
6542
|
if (workspacePatterns) {
|
|
6552
6543
|
break
|
|
@@ -7016,10 +7007,10 @@ async function addOverrides(pkgPath, pkgEnvDetails, options) {
|
|
|
7016
7007
|
const depAliasMap = new Map()
|
|
7017
7008
|
const depEntries = getDependencyEntries(editablePkgJson)
|
|
7018
7009
|
const manifestEntries = manifestNpmOverrides.filter(({ 1: data }) =>
|
|
7019
|
-
|
|
7010
|
+
vendor.semverExports.satisfies(
|
|
7020
7011
|
// Roughly check Node range as semver.coerce will strip leading
|
|
7021
7012
|
// v's, carets (^), comparators (<,<=,>,>=,=), and tildes (~).
|
|
7022
|
-
|
|
7013
|
+
vendor.semverExports.coerce(data.engines.node),
|
|
7023
7014
|
pkgEnvDetails.pkgRequirements.node
|
|
7024
7015
|
)
|
|
7025
7016
|
)
|
|
@@ -7027,7 +7018,7 @@ async function addOverrides(pkgPath, pkgEnvDetails, options) {
|
|
|
7027
7018
|
// Chunk package names to process them in parallel 3 at a time.
|
|
7028
7019
|
await promises.pEach(manifestEntries, 3, async ({ 1: data }) => {
|
|
7029
7020
|
const { name: sockRegPkgName, package: origPkgName, version } = data
|
|
7030
|
-
const major =
|
|
7021
|
+
const major = vendor.semverExports.major(version)
|
|
7031
7022
|
const sockOverridePrefix = `${NPM$1}:${sockRegPkgName}@`
|
|
7032
7023
|
const sockOverrideSpec = `${sockOverridePrefix}${pin ? version : `^${major}`}`
|
|
7033
7024
|
for (const { 1: depObj } of depEntries) {
|
|
@@ -7051,7 +7042,8 @@ async function addOverrides(pkgPath, pkgEnvDetails, options) {
|
|
|
7051
7042
|
thisSpec.startsWith(sockOverridePrefix) &&
|
|
7052
7043
|
// Check the validity of the spec by passing it through npa and
|
|
7053
7044
|
// seeing if it will coerce to a version.
|
|
7054
|
-
|
|
7045
|
+
vendor.semverExports.coerce(vendor.npaExports(thisSpec).rawSpec)
|
|
7046
|
+
?.version
|
|
7055
7047
|
)
|
|
7056
7048
|
) {
|
|
7057
7049
|
thisSpec = sockOverrideSpec
|
|
@@ -7108,20 +7100,22 @@ async function addOverrides(pkgPath, pkgEnvDetails, options) {
|
|
|
7108
7100
|
if (thisSpec.startsWith(sockOverridePrefix)) {
|
|
7109
7101
|
if (
|
|
7110
7102
|
pin &&
|
|
7111
|
-
|
|
7103
|
+
vendor.semverExports.major(
|
|
7112
7104
|
// Check the validity of the spec by passing it through npa
|
|
7113
7105
|
// and seeing if it will coerce to a version. semver.coerce
|
|
7114
7106
|
// will strip leading v's, carets (^), comparators (<,<=,>,>=,=),
|
|
7115
7107
|
// and tildes (~). If not coerced to a valid version then
|
|
7116
7108
|
// default to the manifest entry version.
|
|
7117
|
-
|
|
7109
|
+
vendor.semverExports.coerce(
|
|
7110
|
+
vendor.npaExports(thisSpec).rawSpec
|
|
7111
|
+
)?.version ?? version
|
|
7118
7112
|
) !== major
|
|
7119
7113
|
) {
|
|
7120
7114
|
const otherVersion = (
|
|
7121
7115
|
await packages.fetchPackageManifest(thisSpec)
|
|
7122
7116
|
)?.version
|
|
7123
7117
|
if (otherVersion && otherVersion !== version) {
|
|
7124
|
-
newSpec = `${sockOverridePrefix}${pin ? otherVersion : `^${
|
|
7118
|
+
newSpec = `${sockOverridePrefix}${pin ? otherVersion : `^${vendor.semverExports.major(otherVersion)}`}`
|
|
7125
7119
|
}
|
|
7126
7120
|
}
|
|
7127
7121
|
} else {
|
|
@@ -7139,11 +7133,14 @@ async function addOverrides(pkgPath, pkgEnvDetails, options) {
|
|
|
7139
7133
|
}
|
|
7140
7134
|
})
|
|
7141
7135
|
if (workspaceGlobs) {
|
|
7142
|
-
const workspacePkgJsonPaths = await
|
|
7143
|
-
|
|
7144
|
-
|
|
7145
|
-
|
|
7146
|
-
|
|
7136
|
+
const workspacePkgJsonPaths = await vendor.distExports.glob(
|
|
7137
|
+
workspaceGlobs,
|
|
7138
|
+
{
|
|
7139
|
+
absolute: true,
|
|
7140
|
+
cwd: pkgPath,
|
|
7141
|
+
ignore: ['**/node_modules/**', '**/bower_components/**']
|
|
7142
|
+
}
|
|
7143
|
+
)
|
|
7147
7144
|
// Chunk package names to process them in parallel 3 at a time.
|
|
7148
7145
|
await promises.pEach(
|
|
7149
7146
|
workspacePkgJsonPaths,
|
|
@@ -7380,7 +7377,7 @@ async function outputOrganizationList(data, outputKind = 'text') {
|
|
|
7380
7377
|
}
|
|
7381
7378
|
logger.logger.log('# Organizations\n')
|
|
7382
7379
|
logger.logger.log(
|
|
7383
|
-
`List of organizations associated with your API key, ending with: ${
|
|
7380
|
+
`List of organizations associated with your API key, ending with: ${vendor.yoctocolorsCjsExports.italic(lastFiveOfApiToken)}\n`
|
|
7384
7381
|
)
|
|
7385
7382
|
logger.logger.log(
|
|
7386
7383
|
`| Name${' '.repeat(mw1 - 4)} | ID${' '.repeat(mw2 - 2)} | Plan${' '.repeat(mw3 - 4)} |`
|
|
@@ -7400,12 +7397,12 @@ async function outputOrganizationList(data, outputKind = 'text') {
|
|
|
7400
7397
|
}
|
|
7401
7398
|
default: {
|
|
7402
7399
|
logger.logger.log(
|
|
7403
|
-
`List of organizations associated with your API key, ending with: ${
|
|
7400
|
+
`List of organizations associated with your API key, ending with: ${vendor.yoctocolorsCjsExports.italic(lastFiveOfApiToken)}\n`
|
|
7404
7401
|
)
|
|
7405
7402
|
// Just dump
|
|
7406
7403
|
for (const o of organizations) {
|
|
7407
7404
|
logger.logger.log(
|
|
7408
|
-
`- Name: ${
|
|
7405
|
+
`- Name: ${vendor.yoctocolorsCjsExports.bold(o.name ?? 'undefined')}, ID: ${vendor.yoctocolorsCjsExports.bold(o.id)}, Plan: ${vendor.yoctocolorsCjsExports.bold(o.plan)}`
|
|
7409
7406
|
)
|
|
7410
7407
|
}
|
|
7411
7408
|
}
|
|
@@ -8394,7 +8391,7 @@ function outputPurlsShallowScore(purls, packageData, outputKind) {
|
|
|
8394
8391
|
return true // not found
|
|
8395
8392
|
})
|
|
8396
8393
|
if (outputKind === 'markdown') {
|
|
8397
|
-
logger.logger.log(
|
|
8394
|
+
logger.logger.log(vendor.stripIndents`
|
|
8398
8395
|
# Shallow Package Report
|
|
8399
8396
|
|
|
8400
8397
|
This report contains the response for requesting data on some package url(s).
|
|
@@ -8408,14 +8405,16 @@ function outputPurlsShallowScore(purls, packageData, outputKind) {
|
|
|
8408
8405
|
`)
|
|
8409
8406
|
return
|
|
8410
8407
|
}
|
|
8411
|
-
logger.logger.log(
|
|
8408
|
+
logger.logger.log(
|
|
8409
|
+
'\n' + vendor.yoctocolorsCjsExports.bold('Shallow Package Score') + '\n'
|
|
8410
|
+
)
|
|
8412
8411
|
logger.logger.log(
|
|
8413
8412
|
'Please note: The listed scores are ONLY for the package itself. It does NOT\n' +
|
|
8414
8413
|
' reflect the scores of any dependencies, transitive or otherwise.'
|
|
8415
8414
|
)
|
|
8416
8415
|
if (missing.length) {
|
|
8417
8416
|
logger.logger.log(
|
|
8418
|
-
`\nAt least one package had no response or the purl was not canonical:\n${missing.map(purl => '\n- ' +
|
|
8417
|
+
`\nAt least one package had no response or the purl was not canonical:\n${missing.map(purl => '\n- ' + vendor.yoctocolorsCjsExports.bold(purl)).join('')}`
|
|
8419
8418
|
)
|
|
8420
8419
|
}
|
|
8421
8420
|
packageData.forEach(data => {
|
|
@@ -8435,7 +8434,7 @@ function formatReportCard(data, color) {
|
|
|
8435
8434
|
const alertString = getAlertString(data.alerts, !color)
|
|
8436
8435
|
const purl = 'pkg:' + data.type + '/' + data.name + '@' + data.version
|
|
8437
8436
|
return [
|
|
8438
|
-
'Package: ' + (color ?
|
|
8437
|
+
'Package: ' + (color ? vendor.yoctocolorsCjsExports.bold(purl) : purl),
|
|
8439
8438
|
'',
|
|
8440
8439
|
...Object.entries(scoreResult).map(
|
|
8441
8440
|
score =>
|
|
@@ -8451,16 +8450,18 @@ function formatScore(score, noColor = false, pad = false) {
|
|
|
8451
8450
|
return padded
|
|
8452
8451
|
}
|
|
8453
8452
|
if (score >= 80) {
|
|
8454
|
-
return
|
|
8453
|
+
return vendor.yoctocolorsCjsExports.green(padded)
|
|
8455
8454
|
}
|
|
8456
8455
|
if (score >= 60) {
|
|
8457
|
-
return
|
|
8456
|
+
return vendor.yoctocolorsCjsExports.yellow(padded)
|
|
8458
8457
|
}
|
|
8459
|
-
return
|
|
8458
|
+
return vendor.yoctocolorsCjsExports.red(padded)
|
|
8460
8459
|
}
|
|
8461
8460
|
function getAlertString(alerts, noColor = false) {
|
|
8462
8461
|
if (!alerts?.length) {
|
|
8463
|
-
return noColor
|
|
8462
|
+
return noColor
|
|
8463
|
+
? `- Alerts: none!`
|
|
8464
|
+
: `- Alerts: ${vendor.yoctocolorsCjsExports.green('none')}!`
|
|
8464
8465
|
}
|
|
8465
8466
|
const bad = alerts
|
|
8466
8467
|
.filter(alert => alert.severity !== 'low' && alert.severity !== 'middle')
|
|
@@ -8490,22 +8491,32 @@ function getAlertString(alerts, noColor = false) {
|
|
|
8490
8491
|
)
|
|
8491
8492
|
}
|
|
8492
8493
|
return (
|
|
8493
|
-
`- Alerts (${
|
|
8494
|
+
`- Alerts (${vendor.yoctocolorsCjsExports.red(bad.length.toString())}/${vendor.yoctocolorsCjsExports.yellow(mid.length.toString())}/${low.length}):` +
|
|
8494
8495
|
' '.repeat(Math.max(0, 20 - colorless.length)) +
|
|
8495
8496
|
' ' +
|
|
8496
8497
|
[
|
|
8497
8498
|
bad
|
|
8498
8499
|
.map(alert =>
|
|
8499
|
-
|
|
8500
|
+
vendor.yoctocolorsCjsExports.red(
|
|
8501
|
+
vendor.yoctocolorsCjsExports.dim(`[${alert.severity}] `) +
|
|
8502
|
+
alert.type
|
|
8503
|
+
)
|
|
8500
8504
|
)
|
|
8501
8505
|
.join(', '),
|
|
8502
8506
|
mid
|
|
8503
8507
|
.map(alert =>
|
|
8504
|
-
|
|
8508
|
+
vendor.yoctocolorsCjsExports.yellow(
|
|
8509
|
+
vendor.yoctocolorsCjsExports.dim(`[${alert.severity}] `) +
|
|
8510
|
+
alert.type
|
|
8511
|
+
)
|
|
8505
8512
|
)
|
|
8506
8513
|
.join(', '),
|
|
8507
8514
|
low
|
|
8508
|
-
.map(
|
|
8515
|
+
.map(
|
|
8516
|
+
alert =>
|
|
8517
|
+
vendor.yoctocolorsCjsExports.dim(`[${alert.severity}] `) +
|
|
8518
|
+
alert.type
|
|
8519
|
+
)
|
|
8509
8520
|
.join(', ')
|
|
8510
8521
|
]
|
|
8511
8522
|
.filter(Boolean)
|
|
@@ -9123,27 +9134,27 @@ async function outputListRepos(data, outputKind) {
|
|
|
9123
9134
|
columns: [
|
|
9124
9135
|
{
|
|
9125
9136
|
field: 'id',
|
|
9126
|
-
name:
|
|
9137
|
+
name: vendor.yoctocolorsCjsExports.magenta('ID')
|
|
9127
9138
|
},
|
|
9128
9139
|
{
|
|
9129
9140
|
field: 'name',
|
|
9130
|
-
name:
|
|
9141
|
+
name: vendor.yoctocolorsCjsExports.magenta('Name')
|
|
9131
9142
|
},
|
|
9132
9143
|
{
|
|
9133
9144
|
field: 'visibility',
|
|
9134
|
-
name:
|
|
9145
|
+
name: vendor.yoctocolorsCjsExports.magenta('Visibility')
|
|
9135
9146
|
},
|
|
9136
9147
|
{
|
|
9137
9148
|
field: 'default_branch',
|
|
9138
|
-
name:
|
|
9149
|
+
name: vendor.yoctocolorsCjsExports.magenta('Default branch')
|
|
9139
9150
|
},
|
|
9140
9151
|
{
|
|
9141
9152
|
field: 'archived',
|
|
9142
|
-
name:
|
|
9153
|
+
name: vendor.yoctocolorsCjsExports.magenta('Archived')
|
|
9143
9154
|
}
|
|
9144
9155
|
]
|
|
9145
9156
|
}
|
|
9146
|
-
logger.logger.log(
|
|
9157
|
+
logger.logger.log(vendor.srcExports(options, data.results))
|
|
9147
9158
|
}
|
|
9148
9159
|
|
|
9149
9160
|
async function handleListRepos({
|
|
@@ -9488,35 +9499,35 @@ async function outputViewRepo(data, outputKind) {
|
|
|
9488
9499
|
columns: [
|
|
9489
9500
|
{
|
|
9490
9501
|
field: 'id',
|
|
9491
|
-
name:
|
|
9502
|
+
name: vendor.yoctocolorsCjsExports.magenta('ID')
|
|
9492
9503
|
},
|
|
9493
9504
|
{
|
|
9494
9505
|
field: 'name',
|
|
9495
|
-
name:
|
|
9506
|
+
name: vendor.yoctocolorsCjsExports.magenta('Name')
|
|
9496
9507
|
},
|
|
9497
9508
|
{
|
|
9498
9509
|
field: 'visibility',
|
|
9499
|
-
name:
|
|
9510
|
+
name: vendor.yoctocolorsCjsExports.magenta('Visibility')
|
|
9500
9511
|
},
|
|
9501
9512
|
{
|
|
9502
9513
|
field: 'default_branch',
|
|
9503
|
-
name:
|
|
9514
|
+
name: vendor.yoctocolorsCjsExports.magenta('Default branch')
|
|
9504
9515
|
},
|
|
9505
9516
|
{
|
|
9506
9517
|
field: 'homepage',
|
|
9507
|
-
name:
|
|
9518
|
+
name: vendor.yoctocolorsCjsExports.magenta('Homepage')
|
|
9508
9519
|
},
|
|
9509
9520
|
{
|
|
9510
9521
|
field: 'archived',
|
|
9511
|
-
name:
|
|
9522
|
+
name: vendor.yoctocolorsCjsExports.magenta('Archived')
|
|
9512
9523
|
},
|
|
9513
9524
|
{
|
|
9514
9525
|
field: 'created_at',
|
|
9515
|
-
name:
|
|
9526
|
+
name: vendor.yoctocolorsCjsExports.magenta('Created at')
|
|
9516
9527
|
}
|
|
9517
9528
|
]
|
|
9518
9529
|
}
|
|
9519
|
-
logger.logger.log(
|
|
9530
|
+
logger.logger.log(vendor.srcExports(options, [data]))
|
|
9520
9531
|
}
|
|
9521
9532
|
|
|
9522
9533
|
async function handleViewRepo(orgSlug, repoName, outputKind) {
|
|
@@ -10121,26 +10132,28 @@ async function outputListScans(data, outputKind) {
|
|
|
10121
10132
|
columns: [
|
|
10122
10133
|
{
|
|
10123
10134
|
field: 'id',
|
|
10124
|
-
name:
|
|
10135
|
+
name: vendor.yoctocolorsCjsExports.magenta('ID')
|
|
10125
10136
|
},
|
|
10126
10137
|
{
|
|
10127
10138
|
field: 'report_url',
|
|
10128
|
-
name:
|
|
10139
|
+
name: vendor.yoctocolorsCjsExports.magenta('Scan URL')
|
|
10129
10140
|
},
|
|
10130
10141
|
{
|
|
10131
10142
|
field: 'branch',
|
|
10132
|
-
name:
|
|
10143
|
+
name: vendor.yoctocolorsCjsExports.magenta('Branch')
|
|
10133
10144
|
},
|
|
10134
10145
|
{
|
|
10135
10146
|
field: 'created_at',
|
|
10136
|
-
name:
|
|
10147
|
+
name: vendor.yoctocolorsCjsExports.magenta('Created at')
|
|
10137
10148
|
}
|
|
10138
10149
|
]
|
|
10139
10150
|
}
|
|
10140
10151
|
const formattedResults = data.results.map(d => {
|
|
10141
10152
|
return {
|
|
10142
10153
|
id: d.id,
|
|
10143
|
-
report_url:
|
|
10154
|
+
report_url: vendor.yoctocolorsCjsExports.underline(
|
|
10155
|
+
`${d.html_report_url}`
|
|
10156
|
+
),
|
|
10144
10157
|
created_at: d.created_at
|
|
10145
10158
|
? new Date(d.created_at).toLocaleDateString('en-us', {
|
|
10146
10159
|
year: 'numeric',
|
|
@@ -10151,7 +10164,7 @@ async function outputListScans(data, outputKind) {
|
|
|
10151
10164
|
branch: d.branch
|
|
10152
10165
|
}
|
|
10153
10166
|
})
|
|
10154
|
-
logger.logger.log(
|
|
10167
|
+
logger.logger.log(vendor.srcExports(options, formattedResults))
|
|
10155
10168
|
}
|
|
10156
10169
|
|
|
10157
10170
|
async function handleListScans({
|
|
@@ -11152,7 +11165,7 @@ async function run$1(argv, importMeta, { parentName }) {
|
|
|
11152
11165
|
}
|
|
11153
11166
|
|
|
11154
11167
|
function addSocketWrapper(file) {
|
|
11155
|
-
return
|
|
11168
|
+
return require$$0.appendFile(
|
|
11156
11169
|
file,
|
|
11157
11170
|
'alias npm="socket npm"\nalias npx="socket npx"\n',
|
|
11158
11171
|
err => {
|
|
@@ -11161,7 +11174,7 @@ function addSocketWrapper(file) {
|
|
|
11161
11174
|
}
|
|
11162
11175
|
// TODO: pretty sure you need to source the file or restart
|
|
11163
11176
|
// any terminal session before changes are reflected.
|
|
11164
|
-
logger.logger.log(
|
|
11177
|
+
logger.logger.log(vendor.stripIndents`
|
|
11165
11178
|
The alias was added to ${file}. Running 'npm install' will now be wrapped in Socket's "safe npm" 🎉
|
|
11166
11179
|
If you want to disable it at any time, run \`socket wrapper --disable\`
|
|
11167
11180
|
`)
|
|
@@ -11170,7 +11183,7 @@ If you want to disable it at any time, run \`socket wrapper --disable\`
|
|
|
11170
11183
|
}
|
|
11171
11184
|
|
|
11172
11185
|
function checkSocketWrapperSetup(file) {
|
|
11173
|
-
const fileContent =
|
|
11186
|
+
const fileContent = require$$0.readFileSync(file, 'utf8')
|
|
11174
11187
|
const linesWithSocketAlias = fileContent
|
|
11175
11188
|
.split('\n')
|
|
11176
11189
|
.filter(
|
|
@@ -11189,10 +11202,11 @@ async function postinstallWrapper() {
|
|
|
11189
11202
|
// Lazily access constants.bashRcPath and constants.zshRcPath.
|
|
11190
11203
|
const { bashRcPath, zshRcPath } = constants
|
|
11191
11204
|
const socketWrapperEnabled =
|
|
11192
|
-
(
|
|
11193
|
-
|
|
11205
|
+
(require$$0.existsSync(bashRcPath) &&
|
|
11206
|
+
checkSocketWrapperSetup(bashRcPath)) ||
|
|
11207
|
+
(require$$0.existsSync(zshRcPath) && checkSocketWrapperSetup(zshRcPath))
|
|
11194
11208
|
if (!socketWrapperEnabled) {
|
|
11195
|
-
await installSafeNpm(
|
|
11209
|
+
await installSafeNpm(vendor.stripIndents`
|
|
11196
11210
|
The Socket CLI is now successfully installed! 🎉
|
|
11197
11211
|
|
|
11198
11212
|
To better protect yourself against supply-chain attacks, our "safe npm" wrapper can warn you about malicious packages whenever you run 'npm install'.
|
|
@@ -11217,10 +11231,10 @@ async function installSafeNpm(query) {
|
|
|
11217
11231
|
// Lazily access constants.bashRcPath and constants.zshRcPath.
|
|
11218
11232
|
const { bashRcPath, zshRcPath } = constants
|
|
11219
11233
|
try {
|
|
11220
|
-
if (
|
|
11234
|
+
if (require$$0.existsSync(bashRcPath)) {
|
|
11221
11235
|
addSocketWrapper(bashRcPath)
|
|
11222
11236
|
}
|
|
11223
|
-
if (
|
|
11237
|
+
if (require$$0.existsSync(zshRcPath)) {
|
|
11224
11238
|
addSocketWrapper(zshRcPath)
|
|
11225
11239
|
}
|
|
11226
11240
|
} catch (e) {
|
|
@@ -11232,7 +11246,7 @@ async function installSafeNpm(query) {
|
|
|
11232
11246
|
}
|
|
11233
11247
|
|
|
11234
11248
|
function removeSocketWrapper(file) {
|
|
11235
|
-
return
|
|
11249
|
+
return require$$0.readFile(file, 'utf8', function (err, data) {
|
|
11236
11250
|
if (err) {
|
|
11237
11251
|
logger.logger.fail('There was an error removing the alias:')
|
|
11238
11252
|
logger.logger.error(err)
|
|
@@ -11244,7 +11258,7 @@ function removeSocketWrapper(file) {
|
|
|
11244
11258
|
l => l !== 'alias npm="socket npm"' && l !== 'alias npx="socket npx"'
|
|
11245
11259
|
)
|
|
11246
11260
|
const updatedFileContent = linesWithoutSocketAlias.join('\n')
|
|
11247
|
-
|
|
11261
|
+
require$$0.writeFile(file, updatedFileContent, function (err) {
|
|
11248
11262
|
if (err) {
|
|
11249
11263
|
logger.logger.error(err)
|
|
11250
11264
|
return
|
|
@@ -11332,21 +11346,27 @@ async function run(argv, importMeta, { parentName }) {
|
|
|
11332
11346
|
// Lazily access constants.bashRcPath and constants.zshRcPath.
|
|
11333
11347
|
const { bashRcPath, zshRcPath } = constants
|
|
11334
11348
|
if (enable) {
|
|
11335
|
-
if (
|
|
11349
|
+
if (
|
|
11350
|
+
require$$0.existsSync(bashRcPath) &&
|
|
11351
|
+
!checkSocketWrapperSetup(bashRcPath)
|
|
11352
|
+
) {
|
|
11336
11353
|
addSocketWrapper(bashRcPath)
|
|
11337
11354
|
}
|
|
11338
|
-
if (
|
|
11355
|
+
if (
|
|
11356
|
+
require$$0.existsSync(zshRcPath) &&
|
|
11357
|
+
!checkSocketWrapperSetup(zshRcPath)
|
|
11358
|
+
) {
|
|
11339
11359
|
addSocketWrapper(zshRcPath)
|
|
11340
11360
|
}
|
|
11341
11361
|
} else {
|
|
11342
|
-
if (
|
|
11362
|
+
if (require$$0.existsSync(bashRcPath)) {
|
|
11343
11363
|
removeSocketWrapper(bashRcPath)
|
|
11344
11364
|
}
|
|
11345
|
-
if (
|
|
11365
|
+
if (require$$0.existsSync(zshRcPath)) {
|
|
11346
11366
|
removeSocketWrapper(zshRcPath)
|
|
11347
11367
|
}
|
|
11348
11368
|
}
|
|
11349
|
-
if (!
|
|
11369
|
+
if (!require$$0.existsSync(bashRcPath) && !require$$0.existsSync(zshRcPath)) {
|
|
11350
11370
|
logger.logger.fail(
|
|
11351
11371
|
'There was an issue setting up the alias in your bash profile'
|
|
11352
11372
|
)
|
|
@@ -11360,7 +11380,7 @@ void (async () => {
|
|
|
11360
11380
|
await vendor.updater({
|
|
11361
11381
|
name: SOCKET_CLI_BIN_NAME,
|
|
11362
11382
|
// The '@rollup/plugin-replace' will replace "process.env['INLINED_SOCKET_CLI_VERSION']".
|
|
11363
|
-
version: '0.14.
|
|
11383
|
+
version: '0.14.96',
|
|
11364
11384
|
ttl: 86_400_000 /* 24 hours in milliseconds */
|
|
11365
11385
|
})
|
|
11366
11386
|
try {
|
|
@@ -11397,7 +11417,7 @@ void (async () => {
|
|
|
11397
11417
|
argv: process$1.argv.slice(2),
|
|
11398
11418
|
name: SOCKET_CLI_BIN_NAME,
|
|
11399
11419
|
importMeta: {
|
|
11400
|
-
url: `${require$$0.pathToFileURL(__filename)}`
|
|
11420
|
+
url: `${require$$0$2.pathToFileURL(__filename)}`
|
|
11401
11421
|
}
|
|
11402
11422
|
}
|
|
11403
11423
|
)
|
|
@@ -11415,8 +11435,8 @@ void (async () => {
|
|
|
11415
11435
|
errorBody = e.body
|
|
11416
11436
|
} else if (e instanceof Error) {
|
|
11417
11437
|
errorTitle = 'Unexpected error'
|
|
11418
|
-
errorMessage =
|
|
11419
|
-
errorBody =
|
|
11438
|
+
errorMessage = vendor.messageWithCauses(e)
|
|
11439
|
+
errorBody = vendor.stackWithCauses(e)
|
|
11420
11440
|
} else {
|
|
11421
11441
|
errorTitle = 'Unexpected error with no details'
|
|
11422
11442
|
}
|
|
@@ -11428,5 +11448,5 @@ void (async () => {
|
|
|
11428
11448
|
await shadowNpmInject.captureException(e)
|
|
11429
11449
|
}
|
|
11430
11450
|
})()
|
|
11431
|
-
//# debugId=
|
|
11451
|
+
//# debugId=f7c27252-6de0-4577-9a6d-4ca8ce4c19fe
|
|
11432
11452
|
//# sourceMappingURL=cli.js.map
|