npm - @socketsecurity/cli-with-sentry - Versions diffs - 0.14.95 → 0.14.97 - Mend

@socketsecurity/cli-with-sentry 0.14.95 → 0.14.97

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (11) hide show

package/dist/instrument-with-sentry.js +2 -2
package/dist/instrument-with-sentry.js.map +1 -1
package/dist/module-sync/cli.js +79 -21
package/dist/module-sync/cli.js.map +1 -1
package/dist/module-sync/shadow-npm-inject.js +2 -2
package/dist/module-sync/shadow-npm-inject.js.map +1 -1
package/dist/require/cli.js +79 -21
package/dist/require/cli.js.map +1 -1
package/dist/require/shadow-npm-inject.js +2 -2
package/dist/require/shadow-npm-inject.js.map +1 -1
package/package.json +1 -1

package/dist/require/cli.js CHANGED Viewed

@@ -899,7 +899,7 @@ function emitBanner(name) {
   logger.logger.error(getAsciiHeader(name))
 }
 function getAsciiHeader(command) {
-  const cliVersion = '0.14.95:3360fca:82287460:pub' // The '@rollup/plugin-replace' will replace "process.env['INLINED_SOCKET_CLI_VERSION_HASH']".
+  const cliVersion = '0.14.97:f7d4687:6a21dfff:pub' // The '@rollup/plugin-replace' will replace "process.env['INLINED_SOCKET_CLI_VERSION_HASH']".
   const nodeVersion = process$1.version
   const apiToken = shadowNpmInject.getDefaultToken()
   const shownToken = apiToken ? getLastFiveOfApiToken(apiToken) : 'no'
@@ -3701,6 +3701,20 @@ const cmdDiffScan = {
 }
 const { GITHUB_REF_NAME } = constants
+async function branchExists(branch, cwd = process.cwd()) {
+  try {
+    await spawn.spawn(
+      'git',
+      ['show-ref', '--verify', '--quiet', `refs/heads/${branch}`],
+      {
+        cwd,
+        stdio: 'ignore'
+      }
+    )
+    return true
+  } catch {}
+  return false
+}
 async function checkoutBaseBranchIfAvailable(baseBranch, cwd = process.cwd()) {
   try {
     await spawn.spawn('git', ['checkout', baseBranch], {
@@ -3716,6 +3730,29 @@ async function checkoutBaseBranchIfAvailable(baseBranch, cwd = process.cwd()) {
     )
   }
 }
+async function createAndPushBranchIfNeeded(
+  branch,
+  commitMsg,
+  cwd = process.cwd()
+) {
+  if (await branchExists(branch, cwd)) {
+    logger.logger.warn(`Branch "${branch}" already exists. Skipping creation.`)
+    return false
+  }
+  await spawn.spawn('git', ['checkout', '-b', branch], {
+    cwd
+  })
+  await spawn.spawn('git', ['add', 'package.json', 'pnpm-lock.yaml'], {
+    cwd
+  })
+  await spawn.spawn('git', ['commit', '-m', commitMsg], {
+    cwd
+  })
+  await spawn.spawn('git', ['push', '--set-upstream', 'origin', branch], {
+    cwd
+  })
+  return true
+}
 function getBaseBranch() {
   // Lazily access constants.ENV[GITHUB_REF_NAME].
   return (
@@ -3808,7 +3845,6 @@ async function openGitHubPullRequest(
     if (!pat) {
       throw new Error('Missing SOCKET_SECURITY_GITHUB_PAT environment variable')
     }
-    const commitMsg = `chore: upgrade ${name} to ${version}`
     const url = `https://x-access-token:${pat}@github.com/${owner}/${repo}`
     await spawn.spawn('git', ['remote', 'set-url', 'origin', url], {
       cwd
@@ -3817,8 +3853,8 @@ async function openGitHubPullRequest(
     return await octokit.pulls.create({
       owner,
       repo,
-      title: commitMsg,
-      head: `${owner}:${branch}`,
+      title: `chore: upgrade ${name} to ${version}`,
+      head: branch,
       base: baseBranch,
       body: `[socket] Upgrade \`${name}\` to ${version}`
     })
@@ -3917,6 +3953,21 @@ async function npmFix(
           return
         }
         const targetVersion = node.package.version
+        let branch
+        let owner
+        let repo
+        let shouldOpenPr = false
+        // Lazily access constants.ENV[CI].
+        if (constants.ENV[CI$1]) {
+          ;({ owner, repo } = getGitHubRepoInfo())
+          branch = getSocketBranchName(name, targetVersion)
+          // eslint-disable-next-line no-await-in-loop
+          shouldOpenPr = !(await doesPullRequestExistForBranch(
+            owner,
+            repo,
+            branch
+          ))
+        }
         const fixSpec = `${name}@^${targetVersion}`
         const revertData = {
           ...(editablePkgJson.content.dependencies
@@ -3937,9 +3988,7 @@ async function npmFix(
             : undefined)
         }
         spinner?.info(`Installing ${fixSpec}`)
-        const { owner, repo } = getGitHubRepoInfo()
         const baseBranch = getBaseBranch()
-        const branch = getSocketBranchName(name, targetVersion)
         // eslint-disable-next-line no-await-in-loop
         await checkoutBaseBranchIfAvailable(baseBranch, cwd)
@@ -3988,12 +4037,7 @@ async function npmFix(
           spinner?.failAndStop(`Failed to fix ${oldSpec}`)
           return
         }
-        if (
-          // Lazily access constants.ENV[CI].
-          constants.ENV[CI$1] &&
-          // eslint-disable-next-line no-await-in-loop
-          !(await doesPullRequestExistForBranch(owner, repo, branch))
-        ) {
+        if (shouldOpenPr) {
           let prResponse
           try {
             // eslint-disable-next-line no-await-in-loop
@@ -4324,6 +4368,21 @@ async function pnpmFix(
           spinner?.failAndStop(`Could not patch ${oldSpec}`)
           return
         }
+        let branch
+        let owner
+        let repo
+        let shouldOpenPr = false
+        // Lazily access constants.ENV[CI].
+        if (constants.ENV[CI]) {
+          ;({ owner, repo } = getGitHubRepoInfo())
+          branch = getSocketBranchName(name, targetVersion)
+          // eslint-disable-next-line no-await-in-loop
+          shouldOpenPr = !(await doesPullRequestExistForBranch(
+            owner,
+            repo,
+            branch
+          ))
+        }
         const oldPnpm = editablePkgJson.content[PNPM$9]
         const oldPnpmKeyCount = oldPnpm ? Object.keys(oldPnpm).length : 0
         const oldOverrides = oldPnpm?.[OVERRIDES$2]
@@ -4377,9 +4436,7 @@ async function pnpmFix(
             : undefined)
         }
         spinner?.info(`Installing ${fixSpec}`)
-        const { owner, repo } = getGitHubRepoInfo()
         const baseBranch = getBaseBranch()
-        const branch = getSocketBranchName(name, targetVersion)
         // eslint-disable-next-line no-await-in-loop
         await checkoutBaseBranchIfAvailable(baseBranch, cwd)
@@ -4429,12 +4486,13 @@ async function pnpmFix(
           spinner?.failAndStop(`Failed to fix ${oldSpec}`)
           return
         }
-        if (
-          // Lazily access constants.ENV[CI].
-          constants.ENV[CI] &&
+        if (shouldOpenPr) {
           // eslint-disable-next-line no-await-in-loop
-          !(await doesPullRequestExistForBranch(owner, repo, branch))
-        ) {
+          await createAndPushBranchIfNeeded(
+            branch,
+            `fix: upgrade ${name} to ${targetVersion}`,
+            cwd
+          )
           let prResponse
           try {
             // eslint-disable-next-line no-await-in-loop
@@ -11381,7 +11439,7 @@ void (async () => {
   await vendor.updater({
     name: SOCKET_CLI_BIN_NAME,
     // The '@rollup/plugin-replace' will replace "process.env['INLINED_SOCKET_CLI_VERSION']".
-    version: '0.14.95',
+    version: '0.14.97',
     ttl: 86_400_000 /* 24 hours in milliseconds */
   })
   try {
@@ -11449,5 +11507,5 @@ void (async () => {
     await shadowNpmInject.captureException(e)
   }
 })()
-//# debugId=c34fd255-4999-4681-9636-3dc45d80a01d
+//# debugId=bba1f45e-da3b-4698-9168-d6e8c394995d
 //# sourceMappingURL=cli.js.map