@socketsecurity/cli-with-sentry 0.15.11 → 0.15.12

package/dist/shadow-inject.js

@@ -1,141 +1,116 @@
-'use strict'
+'use strict';
 
-const Module = require('node:module')
-const path = require('node:path')
-const path$1 = require('../external/@socketsecurity/registry/lib/path')
-const constants = require('./constants.js')
-const utils = require('./utils.js')
-const logger = require('../external/@socketsecurity/registry/lib/logger')
-const vendor = require('./vendor.js')
-const registry = require('../external/@socketsecurity/registry')
-const objects = require('../external/@socketsecurity/registry/lib/objects')
+var Module = require('node:module');
+var path = require('node:path');
+var path$1 = require('../external/@socketsecurity/registry/lib/path');
+var constants = require('./constants.js');
+var utils = require('./utils.js');
+var logger = require('../external/@socketsecurity/registry/lib/logger');
+var vendor = require('./vendor.js');
+var registry = require('../external/@socketsecurity/registry');
+var objects = require('../external/@socketsecurity/registry/lib/objects');
 
-const _documentCurrentScript =
-  typeof document !== 'undefined' ? document.currentScript : null
+var _documentCurrentScript = typeof document !== 'undefined' ? document.currentScript : null;
 const DiffAction = utils.createEnum({
   add: 'ADD',
   change: 'CHANGE',
   remove: 'REMOVE'
-})
+});
 
-let _arboristPkgPath
+let _arboristPkgPath;
 function getArboristPackagePath() {
   if (_arboristPkgPath === undefined) {
-    const pkgName = '@npmcli/arborist'
-    const mainPathWithForwardSlashes = path$1.normalizePath(
-      utils.getNpmRequire().resolve(pkgName)
-    )
-    const arboristPkgPathWithForwardSlashes = mainPathWithForwardSlashes.slice(
-      0,
-      mainPathWithForwardSlashes.lastIndexOf(pkgName) + pkgName.length
-    )
+    const pkgName = '@npmcli/arborist';
+    const mainPathWithForwardSlashes = path$1.normalizePath(utils.getNpmRequire().resolve(pkgName));
+    const arboristPkgPathWithForwardSlashes = mainPathWithForwardSlashes.slice(0, mainPathWithForwardSlashes.lastIndexOf(pkgName) + pkgName.length);
     // Lazily access constants.WIN32.
-    _arboristPkgPath = constants.WIN32
-      ? path.normalize(arboristPkgPathWithForwardSlashes)
-      : arboristPkgPathWithForwardSlashes
+    _arboristPkgPath = constants.WIN32 ? path.normalize(arboristPkgPathWithForwardSlashes) : arboristPkgPathWithForwardSlashes;
   }
-  return _arboristPkgPath
+  return _arboristPkgPath;
 }
-let _arboristClassPath
+let _arboristClassPath;
 function getArboristClassPath() {
   if (_arboristClassPath === undefined) {
-    _arboristClassPath = path.join(
-      getArboristPackagePath(),
-      'lib/arborist/index.js'
-    )
+    _arboristClassPath = path.join(getArboristPackagePath(), 'lib/arborist/index.js');
   }
-  return _arboristClassPath
+  return _arboristClassPath;
 }
-let _arboristDepValidPath
+let _arboristDepValidPath;
 function getArboristDepValidPath() {
   if (_arboristDepValidPath === undefined) {
-    _arboristDepValidPath = path.join(
-      getArboristPackagePath(),
-      'lib/dep-valid.js'
-    )
+    _arboristDepValidPath = path.join(getArboristPackagePath(), 'lib/dep-valid.js');
   }
-  return _arboristDepValidPath
+  return _arboristDepValidPath;
 }
-let _arboristEdgeClassPath
+let _arboristEdgeClassPath;
 function getArboristEdgeClassPath() {
   if (_arboristEdgeClassPath === undefined) {
-    _arboristEdgeClassPath = path.join(getArboristPackagePath(), 'lib/edge.js')
+    _arboristEdgeClassPath = path.join(getArboristPackagePath(), 'lib/edge.js');
   }
-  return _arboristEdgeClassPath
+  return _arboristEdgeClassPath;
 }
-let _arboristNodeClassPath
+let _arboristNodeClassPath;
 function getArboristNodeClassPath() {
   if (_arboristNodeClassPath === undefined) {
-    _arboristNodeClassPath = path.join(getArboristPackagePath(), 'lib/node.js')
+    _arboristNodeClassPath = path.join(getArboristPackagePath(), 'lib/node.js');
   }
-  return _arboristNodeClassPath
+  return _arboristNodeClassPath;
 }
-let _arboristOverrideSetClassPath
+let _arboristOverrideSetClassPath;
 function getArboristOverrideSetClassPath() {
   if (_arboristOverrideSetClassPath === undefined) {
-    _arboristOverrideSetClassPath = path.join(
-      getArboristPackagePath(),
-      'lib/override-set.js'
-    )
+    _arboristOverrideSetClassPath = path.join(getArboristPackagePath(), 'lib/override-set.js');
   }
-  return _arboristOverrideSetClassPath
+  return _arboristOverrideSetClassPath;
 }
 
-const require$6 = Module.createRequire(
-  require('u' + 'rl').pathToFileURL(__filename).href
-)
-let _depValid
+const require$6 =Module.createRequire(require('u' + 'rl').pathToFileURL(__filename).href)
+let _depValid;
 function depValid(child, requested, accept, requester) {
   if (_depValid === undefined) {
-    _depValid = require$6(getArboristDepValidPath())
+    _depValid = require$6(getArboristDepValidPath());
   }
-  return _depValid(child, requested, accept, requester)
+  return _depValid(child, requested, accept, requester);
 }
 
-const { UNDEFINED_TOKEN } = constants
+const {
+  UNDEFINED_TOKEN
+} = constants;
 function tryRequire(req, ...ids) {
   for (const data of ids) {
-    let id
-    let transformer
+    let id;
+    let transformer;
     if (Array.isArray(data)) {
-      id = data[0]
-      transformer = data[1]
+      id = data[0];
+      transformer = data[1];
     } else {
-      id = data
-      transformer = mod => mod
+      id = data;
+      transformer = mod => mod;
     }
     try {
       // Check that the transformed value isn't `undefined` because older
       // versions of packages like 'proc-log' may not export a `log` method.
-      const exported = transformer(req(id))
+      const exported = transformer(req(id));
       if (exported !== undefined) {
-        return exported
+        return exported;
       }
     } catch {}
   }
-  return undefined
+  return undefined;
 }
-let _log = UNDEFINED_TOKEN
+let _log = UNDEFINED_TOKEN;
 function getLogger() {
   if (_log === UNDEFINED_TOKEN) {
-    _log = tryRequire(
-      utils.getNpmRequire(),
-      [
-        'proc-log/lib/index.js',
-        // The proc-log DefinitelyTyped definition is incorrect. The type definition
-        // is really that of its export log.
-        mod => mod.log
-      ],
-      'npmlog/lib/log.js'
-    )
+    _log = tryRequire(utils.getNpmRequire(), ['proc-log/lib/index.js',
+    // The proc-log DefinitelyTyped definition is incorrect. The type definition
+    // is really that of its export log.
+    mod => mod.log], 'npmlog/lib/log.js');
   }
-  return _log
+  return _log;
 }
 
-const require$5 = Module.createRequire(
-  require('u' + 'rl').pathToFileURL(__filename).href
-)
-const OverrideSet = require$5(getArboristOverrideSetClassPath())
+const require$5 =Module.createRequire(require('u' + 'rl').pathToFileURL(__filename).href)
+const OverrideSet = require$5(getArboristOverrideSetClassPath());
 
 // Implementation code not related to patch https://github.com/npm/cli/pull/8089
 // is based on https://github.com/npm/cli/blob/v11.0.0/workspaces/arborist/lib/override-set.js:
@@ -146,64 +121,59 @@ class SafeOverrideSet extends OverrideSet {
     // If override sets contain one another then we can try to use the more
     // specific one. If neither one is more specific, then we consider them to
     // be in conflict.
-    return this.findSpecificOverrideSet(first, second) === undefined
+    return this.findSpecificOverrideSet(first, second) === undefined;
   }
 
   // Patch adding findSpecificOverrideSet is based on
   // https://github.com/npm/cli/pull/8089.
   static findSpecificOverrideSet(first, second) {
-    for (
-      let overrideSet = second;
-      overrideSet;
-      overrideSet = overrideSet.parent
-    ) {
+    for (let overrideSet = second; overrideSet; overrideSet = overrideSet.parent) {
       if (overrideSet.isEqual(first)) {
-        return second
+        return second;
       }
     }
-    for (
-      let overrideSet = first;
-      overrideSet;
-      overrideSet = overrideSet.parent
-    ) {
+    for (let overrideSet = first; overrideSet; overrideSet = overrideSet.parent) {
       if (overrideSet.isEqual(second)) {
-        return first
+        return first;
       }
     }
     // The override sets are incomparable. Neither one contains the other.
-    const log = getLogger()
-    log?.silly('Conflicting override sets', first, second)
-    return undefined
+    const log = getLogger();
+    log?.silly('Conflicting override sets', first, second);
+    return undefined;
   }
 
   // Patch adding childrenAreEqual is based on
   // https://github.com/npm/cli/pull/8089.
   childrenAreEqual(otherOverrideSet) {
     if (this.children.size !== otherOverrideSet.children.size) {
-      return false
+      return false;
     }
-    for (const { 0: key, 1: childOverrideSet } of this.children) {
-      const otherChildOverrideSet = otherOverrideSet.children.get(key)
+    for (const {
+      0: key,
+      1: childOverrideSet
+    } of this.children) {
+      const otherChildOverrideSet = otherOverrideSet.children.get(key);
       if (!otherChildOverrideSet) {
-        return false
+        return false;
       }
       if (childOverrideSet.value !== otherChildOverrideSet.value) {
-        return false
+        return false;
       }
       if (!childOverrideSet.childrenAreEqual(otherChildOverrideSet)) {
-        return false
+        return false;
       }
     }
-    return true
+    return true;
   }
   getEdgeRule(edge) {
     for (const rule of this.ruleset.values()) {
       if (rule.name !== edge.name) {
-        continue
+        continue;
       }
       // If keySpec is * we found our override.
       if (rule.keySpec === '*') {
-        return rule
+        return rule;
       }
       // Patch replacing
       // let spec = npa(`${edge.name}@${edge.spec}`)
@@ -212,62 +182,54 @@ class SafeOverrideSet extends OverrideSet {
       // We need to use the rawSpec here, because the spec has the overrides
       // applied to it already. The rawSpec can be undefined, so we need to use
       // the fallback value of spec if it is.
-      let spec = vendor.npaExports(`${edge.name}@${edge.rawSpec || edge.spec}`)
+      let spec = vendor.npaExports(`${edge.name}@${edge.rawSpec || edge.spec}`);
       if (spec.type === 'alias') {
-        spec = spec.subSpec
+        spec = spec.subSpec;
       }
       if (spec.type === 'git') {
-        if (
-          spec.gitRange &&
-          vendor.semverExports.intersects(spec.gitRange, rule.keySpec)
-        ) {
-          return rule
+        if (spec.gitRange && vendor.semverExports.intersects(spec.gitRange, rule.keySpec)) {
+          return rule;
         }
-        continue
+        continue;
       }
       if (spec.type === 'range' || spec.type === 'version') {
         if (vendor.semverExports.intersects(spec.fetchSpec, rule.keySpec)) {
-          return rule
+          return rule;
         }
-        continue
+        continue;
       }
       // If we got this far, the spec type is one of tag, directory or file
       // which means we have no real way to make version comparisons, so we
       // just accept the override.
-      return rule
+      return rule;
     }
-    return this
+    return this;
   }
 
   // Patch adding isEqual is based on
   // https://github.com/npm/cli/pull/8089.
   isEqual(otherOverrideSet) {
     if (this === otherOverrideSet) {
-      return true
+      return true;
     }
     if (!otherOverrideSet) {
-      return false
+      return false;
     }
-    if (
-      this.key !== otherOverrideSet.key ||
-      this.value !== otherOverrideSet.value
-    ) {
-      return false
+    if (this.key !== otherOverrideSet.key || this.value !== otherOverrideSet.value) {
+      return false;
     }
     if (!this.childrenAreEqual(otherOverrideSet)) {
-      return false
+      return false;
     }
     if (!this.parent) {
-      return !otherOverrideSet.parent
+      return !otherOverrideSet.parent;
     }
-    return this.parent.isEqual(otherOverrideSet.parent)
+    return this.parent.isEqual(otherOverrideSet.parent);
   }
 }
 
-const require$4 = Module.createRequire(
-  require('u' + 'rl').pathToFileURL(__filename).href
-)
-const Node = require$4(getArboristNodeClassPath())
+const require$4 =Module.createRequire(require('u' + 'rl').pathToFileURL(__filename).href)
+const Node = require$4(getArboristNodeClassPath());
 
 // Implementation code not related to patch https://github.com/npm/cli/pull/8089
 // is based on https://github.com/npm/cli/blob/v11.0.0/workspaces/arborist/lib/node.js:
@@ -278,28 +240,28 @@ class SafeNode extends Node {
   canDedupe(preferDedupe = false) {
     // Not allowed to mess with shrinkwraps or bundles.
     if (this.inDepBundle || this.inShrinkwrap) {
-      return false
+      return false;
     }
     // It's a top level pkg, or a dep of one.
     if (!this.resolveParent?.resolveParent) {
-      return false
+      return false;
     }
     // No one wants it, remove it.
     if (this.edgesIn.size === 0) {
-      return true
+      return true;
     }
-    const other = this.resolveParent.resolveParent.resolve(this.name)
+    const other = this.resolveParent.resolveParent.resolve(this.name);
     // Nothing else, need this one.
     if (!other) {
-      return false
+      return false;
     }
     // If it's the same thing, then always fine to remove.
     if (other.matches(this)) {
-      return true
+      return true;
     }
     // If the other thing can't replace this, then skip it.
     if (!other.canReplace(this)) {
-      return false
+      return false;
     }
     // Patch replacing
     // if (preferDedupe || semver.gte(other.version, this.version)) {
@@ -309,17 +271,14 @@ class SafeNode extends Node {
     //
     // If we prefer dedupe, or if the version is equal, take the other.
     if (preferDedupe || vendor.semverExports.eq(other.version, this.version)) {
-      return true
+      return true;
     }
     // If our current version isn't the result of an override, then prefer to
     // take the greater version.
-    if (
-      !this.overridden &&
-      vendor.semverExports.gt(other.version, this.version)
-    ) {
-      return true
+    if (!this.overridden && vendor.semverExports.gt(other.version, this.version)) {
+      return true;
     }
-    return false
+    return false;
   }
 
   // Is it safe to replace one node with another?  check the edges to
@@ -333,7 +292,7 @@ class SafeNode extends Node {
   // it with more tree construction, because it's a user request.
   canReplaceWith(node, ignorePeers) {
     if (this.name !== node.name || this.packageName !== node.packageName) {
-      return false
+      return false;
     }
     // Patch replacing
     // if (node.overrides !== this.overrides) {
@@ -347,11 +306,11 @@ class SafeNode extends Node {
       // XXX need to check for two root nodes?
       if (node.overrides) {
         if (!node.overrides.isEqual(this.overrides)) {
-          return false
+          return false;
         }
       } else {
         if (this.overrides) {
-          return false
+          return false;
         }
       }
     }
@@ -359,27 +318,29 @@ class SafeNode extends Node {
     // so that the condition we want to replace,
     // if (this.overrides !== node.overrides) {
     // , is not hit.`
-    const oldOverrideSet = this.overrides
-    let result = true
+    const oldOverrideSet = this.overrides;
+    let result = true;
     if (oldOverrideSet !== node.overrides) {
-      this.overrides = node.overrides
+      this.overrides = node.overrides;
     }
     try {
-      result = super.canReplaceWith(node, ignorePeers)
-      this.overrides = oldOverrideSet
+      result = super.canReplaceWith(node, ignorePeers);
+      this.overrides = oldOverrideSet;
     } catch (e) {
-      this.overrides = oldOverrideSet
-      throw e
+      this.overrides = oldOverrideSet;
+      throw e;
     }
-    return result
+    return result;
   }
 
   // Patch adding deleteEdgeIn is based on https://github.com/npm/cli/pull/8089.
   deleteEdgeIn(edge) {
-    this.edgesIn.delete(edge)
-    const { overrides } = edge
+    this.edgesIn.delete(edge);
+    const {
+      overrides
+    } = edge;
     if (overrides) {
-      this.updateOverridesEdgeInRemoved(overrides)
+      this.updateOverridesEdgeInRemoved(overrides);
     }
   }
   addEdgeIn(edge) {
@@ -392,11 +353,11 @@ class SafeNode extends Node {
     // We need to handle the case where the new edge in has an overrides field
     // which is different from the current value.
     if (!this.overrides || !this.overrides.isEqual(edge.overrides)) {
-      this.updateOverridesEdgeInAdded(edge.overrides)
+      this.updateOverridesEdgeInAdded(edge.overrides);
     }
-    this.edgesIn.add(edge)
+    this.edgesIn.add(edge);
     // Try to get metadata from the yarn.lock file.
-    this.root.meta?.addEdge(edge)
+    this.root.meta?.addEdge(edge);
   }
 
   // @ts-ignore: Incorrectly typed as a property instead of an accessor.
@@ -404,12 +365,8 @@ class SafeNode extends Node {
     // Patch replacing
     // return !!(this.overrides && this.overrides.value && this.overrides.name === this.name)
     // is based on https://github.com/npm/cli/pull/8089.
-    if (
-      !this.overrides ||
-      !this.overrides.value ||
-      this.overrides.name !== this.name
-    ) {
-      return false
+    if (!this.overrides || !this.overrides.value || this.overrides.name !== this.name) {
+      return false;
     }
     // The overrides rule is for a package with this name, but some override
     // rules only apply to specific versions. To make sure this package was
@@ -417,17 +374,13 @@ class SafeNode extends Node {
     // applied to it, in which case its overrides set is different than its
     // source node.
     for (const edge of this.edgesIn) {
-      if (
-        edge.overrides &&
-        edge.overrides.name === this.name &&
-        edge.overrides.value === this.version
-      ) {
+      if (edge.overrides && edge.overrides.name === this.name && edge.overrides.value === this.version) {
         if (!edge.overrides.isEqual(edge.from?.overrides)) {
-          return true
+          return true;
         }
       }
     }
-    return false
+    return false;
   }
   set parent(newParent) {
     // Patch removing
@@ -439,16 +392,18 @@ class SafeNode extends Node {
     // The "parent" setter is a really large and complex function. To satisfy
     // the patch we hold on to the old overrides value and set `this.overrides`
     // to `undefined` so that the condition we want to remove is not hit.
-    const { overrides } = this
+    const {
+      overrides
+    } = this;
     if (overrides) {
-      this.overrides = undefined
+      this.overrides = undefined;
     }
     try {
-      super.parent = newParent
-      this.overrides = overrides
+      super.parent = newParent;
+      this.overrides = overrides;
     } catch (e) {
-      this.overrides = overrides
-      throw e
+      this.overrides = overrides;
+      throw e;
     }
   }
 
@@ -457,9 +412,9 @@ class SafeNode extends Node {
   recalculateOutEdgesOverrides() {
     // For each edge out propagate the new overrides through.
     for (const edge of this.edgesOut.values()) {
-      edge.reload(true)
+      edge.reload(true);
       if (edge.to) {
-        edge.to.updateOverridesEdgeInAdded(edge.overrides)
+        edge.to.updateOverridesEdgeInAdded(edge.overrides);
       }
     }
   }
@@ -478,14 +433,14 @@ class SafeNode extends Node {
     if (!this.overrides) {
       this.overrides = new SafeOverrideSet({
         overrides: ''
-      })
+      });
     }
     try {
-      super.root = newRoot
-      this.overrides = undefined
+      super.root = newRoot;
+      this.overrides = undefined;
     } catch (e) {
-      this.overrides = undefined
-      throw e
+      this.overrides = undefined;
+      throw e;
     }
   }
 
@@ -509,33 +464,30 @@ class SafeNode extends Node {
       // undefined for any node at the end state of the tree. So if the new edge's
       // overrides is undefined it will be updated later. So we can wait with
       // updating the node's overrides field.
-      return false
+      return false;
     }
     if (!this.overrides) {
-      this.overrides = otherOverrideSet
-      this.recalculateOutEdgesOverrides()
-      return true
+      this.overrides = otherOverrideSet;
+      this.recalculateOutEdgesOverrides();
+      return true;
     }
     if (this.overrides.isEqual(otherOverrideSet)) {
-      return false
+      return false;
     }
-    const newOverrideSet = SafeOverrideSet.findSpecificOverrideSet(
-      this.overrides,
-      otherOverrideSet
-    )
+    const newOverrideSet = SafeOverrideSet.findSpecificOverrideSet(this.overrides, otherOverrideSet);
     if (newOverrideSet) {
       if (this.overrides.isEqual(newOverrideSet)) {
-        return false
+        return false;
       }
-      this.overrides = newOverrideSet
-      this.recalculateOutEdgesOverrides()
-      return true
+      this.overrides = newOverrideSet;
+      this.recalculateOutEdgesOverrides();
+      return true;
     }
     // This is an error condition. We can only get here if the new override set
     // is in conflict with the existing.
-    const log = getLogger()
-    log?.silly('Conflicting override sets', this.name)
-    return false
+    const log = getLogger();
+    log?.silly('Conflicting override sets', this.name);
+    return false;
   }
 
   // Patch adding updateOverridesEdgeInRemoved is based on
@@ -544,40 +496,37 @@ class SafeNode extends Node {
     // If this edge's overrides isn't equal to this node's overrides,
     // then removing it won't change newOverrideSet later.
     if (!this.overrides || !this.overrides.isEqual(otherOverrideSet)) {
-      return false
+      return false;
     }
-    let newOverrideSet
+    let newOverrideSet;
     for (const edge of this.edgesIn) {
-      const { overrides: edgeOverrides } = edge
+      const {
+        overrides: edgeOverrides
+      } = edge;
       if (newOverrideSet && edgeOverrides) {
-        newOverrideSet = SafeOverrideSet.findSpecificOverrideSet(
-          edgeOverrides,
-          newOverrideSet
-        )
+        newOverrideSet = SafeOverrideSet.findSpecificOverrideSet(edgeOverrides, newOverrideSet);
       } else {
-        newOverrideSet = edgeOverrides
+        newOverrideSet = edgeOverrides;
       }
     }
     if (this.overrides.isEqual(newOverrideSet)) {
-      return false
+      return false;
     }
-    this.overrides = newOverrideSet
+    this.overrides = newOverrideSet;
     if (newOverrideSet) {
       // Optimization: If there's any override set at all, then no non-extraneous
       // node has an empty override set. So if we temporarily have no override set
       // (for example, we removed all the edges in), there's no use updating all
       // the edges out right now. Let's just wait until we have an actual override
       // set later.
-      this.recalculateOutEdgesOverrides()
+      this.recalculateOutEdgesOverrides();
     }
-    return true
+    return true;
   }
 }
 
-const require$3 = Module.createRequire(
-  require('u' + 'rl').pathToFileURL(__filename).href
-)
-const Edge = require$3(getArboristEdgeClassPath())
+const require$3 =Module.createRequire(require('u' + 'rl').pathToFileURL(__filename).href)
+const Edge = require$3(getArboristEdgeClassPath());
 
 // The Edge class makes heavy use of private properties which subclasses do NOT
 // have access to. So we have to recreate any functionality that relies on those
@@ -592,129 +541,115 @@ const Edge = require$3(getArboristEdgeClassPath())
 // An edge in the dependency graph.
 // Represents a dependency relationship of some kind.
 class SafeEdge extends Edge {
-  #safeError
-  #safeExplanation
-  #safeFrom
-  #safeTo
+  #safeError;
+  #safeExplanation;
+  #safeFrom;
+  #safeTo;
   constructor(options) {
-    const { from } = options
+    const {
+      from
+    } = options;
     // Defer to supper to validate options and assign non-private values.
-    super(options)
+    super(options);
     if (from.constructor !== SafeNode) {
-      Reflect.setPrototypeOf(from, SafeNode.prototype)
+      Reflect.setPrototypeOf(from, SafeNode.prototype);
     }
-    this.#safeError = null
-    this.#safeExplanation = null
-    this.#safeFrom = from
-    this.#safeTo = null
-    this.reload(true)
+    this.#safeError = null;
+    this.#safeExplanation = null;
+    this.#safeFrom = from;
+    this.#safeTo = null;
+    this.reload(true);
   }
   get bundled() {
-    return !!this.#safeFrom?.package?.bundleDependencies?.includes(this.name)
+    return !!this.#safeFrom?.package?.bundleDependencies?.includes(this.name);
   }
   get error() {
     if (!this.#safeError) {
       if (!this.#safeTo) {
         if (this.optional) {
-          this.#safeError = null
+          this.#safeError = null;
         } else {
-          this.#safeError = 'MISSING'
+          this.#safeError = 'MISSING';
         }
-      } else if (
-        this.peer &&
-        this.#safeFrom === this.#safeTo.parent &&
-        // Patch adding "?." use based on
-        // https://github.com/npm/cli/pull/8089.
-        !this.#safeFrom?.isTop
-      ) {
-        this.#safeError = 'PEER LOCAL'
+      } else if (this.peer && this.#safeFrom === this.#safeTo.parent &&
+      // Patch adding "?." use based on
+      // https://github.com/npm/cli/pull/8089.
+      !this.#safeFrom?.isTop) {
+        this.#safeError = 'PEER LOCAL';
       } else if (!this.satisfiedBy(this.#safeTo)) {
-        this.#safeError = 'INVALID'
+        this.#safeError = 'INVALID';
       }
       // Patch adding "else if" condition is based on
       // https://github.com/npm/cli/pull/8089.
-      else if (
-        this.overrides &&
-        this.#safeTo.edgesOut.size &&
-        SafeOverrideSet.doOverrideSetsConflict(
-          this.overrides,
-          this.#safeTo.overrides
-        )
-      ) {
+      else if (this.overrides && this.#safeTo.edgesOut.size && SafeOverrideSet.doOverrideSetsConflict(this.overrides, this.#safeTo.overrides)) {
         // Any inconsistency between the edge's override set and the target's
         // override set is potentially problematic. But we only say the edge is
         // in error if the override sets are plainly conflicting. Note that if
         // the target doesn't have any dependencies of their own, then this
         // inconsistency is irrelevant.
-        this.#safeError = 'INVALID'
+        this.#safeError = 'INVALID';
       } else {
-        this.#safeError = 'OK'
+        this.#safeError = 'OK';
       }
     }
     if (this.#safeError === 'OK') {
-      return null
+      return null;
     }
-    return this.#safeError
+    return this.#safeError;
   }
 
   // @ts-ignore: Incorrectly typed as a property instead of an accessor.
   get from() {
-    return this.#safeFrom
+    return this.#safeFrom;
   }
 
   // @ts-ignore: Incorrectly typed as a property instead of an accessor.
   get spec() {
-    if (
-      this.overrides?.value &&
-      this.overrides.value !== '*' &&
-      this.overrides.name === this.name
-    ) {
+    if (this.overrides?.value && this.overrides.value !== '*' && this.overrides.name === this.name) {
       if (this.overrides.value.startsWith('$')) {
-        const ref = this.overrides.value.slice(1)
+        const ref = this.overrides.value.slice(1);
         // We may be a virtual root, if we are we want to resolve reference
         // overrides from the real root, not the virtual one.
         //
         // Patch adding "?." use based on
         // https://github.com/npm/cli/pull/8089.
-        const pkg = this.#safeFrom?.sourceReference
-          ? this.#safeFrom?.sourceReference.root.package
-          : this.#safeFrom?.root?.package
+        const pkg = this.#safeFrom?.sourceReference ? this.#safeFrom?.sourceReference.root.package : this.#safeFrom?.root?.package;
         if (pkg?.devDependencies?.[ref]) {
-          return pkg.devDependencies[ref]
+          return pkg.devDependencies[ref];
         }
         if (pkg?.optionalDependencies?.[ref]) {
-          return pkg.optionalDependencies[ref]
+          return pkg.optionalDependencies[ref];
         }
         if (pkg?.dependencies?.[ref]) {
-          return pkg.dependencies[ref]
+          return pkg.dependencies[ref];
         }
         if (pkg?.peerDependencies?.[ref]) {
-          return pkg.peerDependencies[ref]
+          return pkg.peerDependencies[ref];
         }
-        throw new Error(`Unable to resolve reference ${this.overrides.value}`)
+        throw new Error(`Unable to resolve reference ${this.overrides.value}`);
       }
-      return this.overrides.value
+      return this.overrides.value;
     }
-    return this.rawSpec
+    return this.rawSpec;
   }
 
   // @ts-ignore: Incorrectly typed as a property instead of an accessor.
   get to() {
-    return this.#safeTo
+    return this.#safeTo;
   }
   detach() {
-    this.#safeExplanation = null
+    this.#safeExplanation = null;
     // Patch replacing
     // if (this.#to) {
     //   this.#to.edgesIn.delete(this)
     // }
     // this.#from.edgesOut.delete(this.#name)
     // is based on https://github.com/npm/cli/pull/8089.
-    this.#safeTo?.deleteEdgeIn(this)
-    this.#safeFrom?.edgesOut.delete(this.name)
-    this.#safeTo = null
-    this.#safeError = 'DETACHED'
-    this.#safeFrom = null
+    this.#safeTo?.deleteEdgeIn(this);
+    this.#safeFrom?.edgesOut.delete(this.name);
+    this.#safeTo = null;
+    this.#safeError = 'DETACHED';
+    this.#safeFrom = null;
   }
 
   // Return the edge data, and an explanation of how that edge came to be here.
@@ -730,66 +665,66 @@ class SafeEdge extends Edge {
         error: undefined,
         from: undefined,
         rawSpec: undefined
-      }
+      };
       if (this.rawSpec !== this.spec) {
-        explanation.rawSpec = this.rawSpec
-        explanation.overridden = true
+        explanation.rawSpec = this.rawSpec;
+        explanation.overridden = true;
       }
       if (this.bundled) {
-        explanation.bundled = this.bundled
+        explanation.bundled = this.bundled;
       }
       if (this.error) {
-        explanation.error = this.error
+        explanation.error = this.error;
       }
       if (this.#safeFrom) {
-        explanation.from = this.#safeFrom.explain()
+        explanation.from = this.#safeFrom.explain();
       }
-      this.#safeExplanation = explanation
+      this.#safeExplanation = explanation;
     }
-    return this.#safeExplanation
+    return this.#safeExplanation;
   }
   reload(hard = false) {
-    this.#safeExplanation = null
+    this.#safeExplanation = null;
     // Patch replacing
     // if (this.#from.overrides) {
     // is based on https://github.com/npm/cli/pull/8089.
-    let needToUpdateOverrideSet = false
-    let newOverrideSet
-    let oldOverrideSet
+    let needToUpdateOverrideSet = false;
+    let newOverrideSet;
+    let oldOverrideSet;
     if (this.#safeFrom?.overrides) {
-      newOverrideSet = this.#safeFrom.overrides.getEdgeRule(this)
+      newOverrideSet = this.#safeFrom.overrides.getEdgeRule(this);
       if (newOverrideSet && !newOverrideSet.isEqual(this.overrides)) {
         // If there's a new different override set we need to propagate it to
         // the nodes. If we're deleting the override set then there's no point
         // propagating it right now since it will be filled with another value
         // later.
-        needToUpdateOverrideSet = true
-        oldOverrideSet = this.overrides
-        this.overrides = newOverrideSet
+        needToUpdateOverrideSet = true;
+        oldOverrideSet = this.overrides;
+        this.overrides = newOverrideSet;
       }
     } else {
-      this.overrides = undefined
+      this.overrides = undefined;
     }
     // Patch adding "?." use based on
     // https://github.com/npm/cli/pull/8089.
-    const newTo = this.#safeFrom?.resolve(this.name)
+    const newTo = this.#safeFrom?.resolve(this.name);
     if (newTo !== this.#safeTo) {
       // Patch replacing
       // this.#to.edgesIn.delete(this)
       // is based on https://github.com/npm/cli/pull/8089.
-      this.#safeTo?.deleteEdgeIn(this)
-      this.#safeTo = newTo ?? null
-      this.#safeError = null
-      this.#safeTo?.addEdgeIn(this)
+      this.#safeTo?.deleteEdgeIn(this);
+      this.#safeTo = newTo ?? null;
+      this.#safeError = null;
+      this.#safeTo?.addEdgeIn(this);
     } else if (hard) {
-      this.#safeError = null
+      this.#safeError = null;
     }
     // Patch adding "else if" condition based on
     // https://github.com/npm/cli/pull/8089.
     else if (needToUpdateOverrideSet && this.#safeTo) {
       // Propagate the new override set to the target node.
-      this.#safeTo.updateOverridesEdgeInRemoved(oldOverrideSet)
-      this.#safeTo.updateOverridesEdgeInAdded(newOverrideSet)
+      this.#safeTo.updateOverridesEdgeInRemoved(oldOverrideSet);
+      this.#safeTo.updateOverridesEdgeInAdded(newOverrideSet);
     }
   }
   satisfiedBy(node) {
@@ -799,12 +734,12 @@ class SafeEdge extends Edge {
     // }
     // is based on https://github.com/npm/cli/pull/8089.
     if (node.name !== this.name || !this.#safeFrom) {
-      return false
+      return false;
     }
     // NOTE: this condition means we explicitly do not support overriding
     // bundled or shrinkwrapped dependencies
     if (node.hasShrinkwrap || node.inShrinkwrap || node.inBundle) {
-      return depValid(node, this.rawSpec, this.accept, this.#safeFrom)
+      return depValid(node, this.rawSpec, this.accept, this.#safeFrom);
     }
     // Patch replacing
     // return depValid(node, this.spec, this.#accept, this.#from)
@@ -812,16 +747,16 @@ class SafeEdge extends Edge {
     //
     // If there's no override we just use the spec.
     if (!this.overrides?.keySpec) {
-      return depValid(node, this.spec, this.accept, this.#safeFrom)
+      return depValid(node, this.spec, this.accept, this.#safeFrom);
     }
     // There's some override. If the target node satisfies the overriding spec
     // then it's okay.
     if (depValid(node, this.spec, this.accept, this.#safeFrom)) {
-      return true
+      return true;
     }
     // If it doesn't, then it should at least satisfy the original spec.
     if (!depValid(node, this.rawSpec, this.accept, this.#safeFrom)) {
-      return false
+      return false;
     }
     // It satisfies the original spec, not the overriding spec. We need to make
     // sure it doesn't use the overridden spec.
@@ -833,115 +768,107 @@ class SafeEdge extends Edge {
     //   If the node is 8.23.0, then it's not okay because even though it's consistent
     //   with the rawSpec, it's also consistent with the keySpec.
     //   So we're looking for ^8.0.0 or 9.0.0 and not 8.23.0.
-    return !depValid(node, this.overrides.keySpec, this.accept, this.#safeFrom)
+    return !depValid(node, this.overrides.keySpec, this.accept, this.#safeFrom);
   }
 }
 
-const { LOOP_SENTINEL, NPM: NPM$1, NPM_REGISTRY_URL } = constants
+const {
+  LOOP_SENTINEL,
+  NPM: NPM$1,
+  NPM_REGISTRY_URL
+} = constants;
 function getUrlOrigin(input) {
   try {
     // TODO: URL.parse is available in Node 22.1.0. We can use it when we drop Node 18.
     // https://nodejs.org/docs/latest-v22.x/api/url.html#urlparseinput-base
     // return URL.parse(input)?.origin ?? ''
-    return new URL(input).origin ?? ''
+    return new URL(input).origin ?? '';
   } catch {}
-  return ''
+  return '';
 }
-function findBestPatchVersion(
-  node,
-  availableVersions,
-  vulnerableVersionRange,
-  _firstPatchedVersionIdentifier
-) {
-  const manifestData = registry.getManifestData(NPM$1, node.name)
-  let eligibleVersions
+function findBestPatchVersion(node, availableVersions, vulnerableVersionRange, _firstPatchedVersionIdentifier) {
+  const manifestData = registry.getManifestData(NPM$1, node.name);
+  let eligibleVersions;
   if (manifestData && manifestData.name === manifestData.package) {
-    const major = utils.getMajor(manifestData.version)
+    const major = utils.getMajor(manifestData.version);
     if (typeof major !== 'number') {
-      return null
+      return null;
     }
-    eligibleVersions = availableVersions.filter(
-      v => utils.getMajor(v) === major
-    )
+    eligibleVersions = availableVersions.filter(v => utils.getMajor(v) === major);
   } else {
-    const major = utils.getMajor(node.version)
+    const major = utils.getMajor(node.version);
     if (typeof major !== 'number') {
-      return null
-    }
-    eligibleVersions = availableVersions.filter(
-      v =>
-        // Filter for versions that are within the current major version and
-        // are NOT in the vulnerable range.
-        utils.getMajor(v) === major &&
-        (!vulnerableVersionRange ||
-          !vendor.semverExports.satisfies(v, vulnerableVersionRange))
-    )
+      return null;
+    }
+    eligibleVersions = availableVersions.filter(v =>
+    // Filter for versions that are within the current major version and
+    // are NOT in the vulnerable range.
+    utils.getMajor(v) === major && (!vulnerableVersionRange || !vendor.semverExports.satisfies(v, vulnerableVersionRange)));
   }
-  return eligibleVersions
-    ? vendor.semverExports.maxSatisfying(eligibleVersions, '*')
-    : null
+  return eligibleVersions ? vendor.semverExports.maxSatisfying(eligibleVersions, '*') : null;
 }
 function findPackageNode(tree, name, version) {
-  const queue = [tree]
-  const visited = new Set()
-  let sentinel = 0
+  const queue = [tree];
+  const visited = new Set();
+  let sentinel = 0;
   while (queue.length) {
     if (sentinel++ === LOOP_SENTINEL) {
-      throw new Error('Detected infinite loop in findPackageNode')
+      throw new Error('Detected infinite loop in findPackageNode');
     }
-    const nodeOrLink = queue.pop()
-    const node = nodeOrLink.isLink ? nodeOrLink.target : nodeOrLink
+    const nodeOrLink = queue.pop();
+    const node = getTargetNode(nodeOrLink);
     if (visited.has(node)) {
-      continue
+      continue;
     }
-    visited.add(node)
-    if (
-      node.name === name &&
-      (typeof version !== 'string' || node.version === version)
-    ) {
-      return node
+    visited.add(node);
+    if (node.name === name && (typeof version !== 'string' || node.version === version)) {
+      return node;
     }
     for (const child of node.children.values()) {
-      queue.push(child)
+      queue.push(child);
     }
     for (const edge of node.edgesOut.values()) {
-      const { to } = edge
+      const {
+        to
+      } = edge;
       if (to) {
-        queue.push(to)
+        queue.push(to);
       }
     }
   }
-  return undefined
+  return undefined;
 }
 function findPackageNodes(tree, name, version) {
-  const matches = []
-  const queue = [tree]
-  const visited = new Set()
-  let sentinel = 0
+  const matches = [];
+  const queue = [tree];
+  const visited = new Set();
+  let sentinel = 0;
   while (queue.length) {
     if (sentinel++ === LOOP_SENTINEL) {
-      throw new Error('Detected infinite loop in findPackageNodes')
+      throw new Error('Detected infinite loop in findPackageNodes');
     }
-    const nodeOrLink = queue.pop()
-    const node = nodeOrLink.isLink ? nodeOrLink.target : nodeOrLink
+    const nodeOrLink = queue.pop();
+    const node = getTargetNode(nodeOrLink);
     if (visited.has(node)) {
-      continue
+      continue;
     }
-    visited.add(node)
-    if (node.name === name && 'undefined' !== 'string') {
-      matches.push(node)
+    visited.add(node);
+    if (node.name === name && ("undefined" !== 'string')) {
+      matches.push(node);
     }
     for (const child of node.children.values()) {
-      queue.push(child)
+      queue.push(child);
     }
     for (const edge of node.edgesOut.values()) {
-      const { to } = edge
+      const {
+        to
+      } = edge;
       if (to) {
-        queue.push(to)
+        queue.push(to);
       }
     }
   }
-  return matches
+  return matches;
 }
 async function getAlertsMapFromArborist(arb, options_) {
   const options = {
@@ -950,41 +877,35 @@ async function getAlertsMapFromArborist(arb, options_) {
     limit: Infinity,
     nothrow: false,
     ...options_
-  }
+  };
   const include = {
     __proto__: null,
     existing: false,
     ...options.include
-  }
+  };
   const needInfoOn = getDetailsFromDiff(arb.diff, {
     include: {
       unchanged: include.existing
     }
-  })
-  const purls = needInfoOn.map(d => utils.idToPurl(d.node.pkgid))
-  let overrides
-  const overridesMap = (
-    arb.actualTree ??
-    arb.idealTree ??
-    (await arb.loadActual())
-  )?.overrides?.children
+  });
+  const purls = needInfoOn.map(d => utils.idToPurl(d.node.pkgid));
+  let overrides;
+  const overridesMap = (arb.actualTree ?? arb.idealTree ?? (await arb.loadActual()))?.overrides?.children;
   if (overridesMap) {
-    overrides = Object.fromEntries(
-      [...overridesMap.entries()].map(([key, overrideSet]) => {
-        return [key, overrideSet.value]
-      })
-    )
+    overrides = Object.fromEntries([...overridesMap.entries()].map(([key, overrideSet]) => {
+      return [key, overrideSet.value];
+    }));
   }
   return await utils.getAlertsMapFromPurls(purls, {
     overrides,
     ...options
-  })
+  });
 }
 function getDetailsFromDiff(diff_, options) {
-  const details = []
+  const details = [];
   // `diff_` is `null` when `npm install --package-lock-only` is passed.
   if (!diff_) {
-    return details
+    return details;
   }
   const include = {
     __proto__: null,
@@ -994,76 +915,77 @@ function getDetailsFromDiff(diff_, options) {
       __proto__: null,
       ...options
     }.include
-  }
-  const queue = [...diff_.children]
-  let pos = 0
-  let { length: queueLength } = queue
+  };
+  const queue = [...diff_.children];
+  let pos = 0;
+  let {
+    length: queueLength
+  } = queue;
   while (pos < queueLength) {
     if (pos === LOOP_SENTINEL) {
-      throw new Error('Detected infinite loop while walking Arborist diff')
+      throw new Error('Detected infinite loop while walking Arborist diff');
     }
-    const diff = queue[pos++]
-    const { action } = diff
+    const diff = queue[pos++];
+    const {
+      action
+    } = diff;
     if (action) {
       // The `pkgNode`, i.e. the `ideal` node, will be `undefined` if the diff
       // action is 'REMOVE'
       // The `oldNode`, i.e. the `actual` node, will be `undefined` if the diff
       // action is 'ADD'.
-      const { actual: oldNode, ideal: pkgNode } = diff
-      let existing
-      let keep = false
+      const {
+        actual: oldNode,
+        ideal: pkgNode
+      } = diff;
+      let existing;
+      let keep = false;
       if (action === DiffAction.change) {
         if (pkgNode?.package.version !== oldNode?.package.version) {
-          keep = true
-          if (
-            oldNode?.package.name &&
-            oldNode.package.name === pkgNode?.package.name
-          ) {
-            existing = oldNode
+          keep = true;
+          if (oldNode?.package.name && oldNode.package.name === pkgNode?.package.name) {
+            existing = oldNode;
           }
         }
       } else {
-        keep = action !== DiffAction.remove
+        keep = action !== DiffAction.remove;
       }
       if (keep && pkgNode?.resolved && (!oldNode || oldNode.resolved)) {
-        if (
-          include.unknownOrigin ||
-          getUrlOrigin(pkgNode.resolved) === NPM_REGISTRY_URL
-        ) {
+        if (include.unknownOrigin || getUrlOrigin(pkgNode.resolved) === NPM_REGISTRY_URL) {
           details.push({
             node: pkgNode,
             existing
-          })
+          });
         }
       }
     }
     for (const child of diff.children) {
-      queue[queueLength++] = child
+      queue[queueLength++] = child;
     }
   }
   if (include.unchanged) {
-    const { unchanged } = diff_
-    for (let i = 0, { length } = unchanged; i < length; i += 1) {
-      const pkgNode = unchanged[i]
-      if (
-        include.unknownOrigin ||
-        getUrlOrigin(pkgNode.resolved) === NPM_REGISTRY_URL
-      ) {
+    const {
+      unchanged
+    } = diff_;
+    for (let i = 0, {
+        length
+      } = unchanged; i < length; i += 1) {
+      const pkgNode = unchanged[i];
+      if (include.unknownOrigin || getUrlOrigin(pkgNode.resolved) === NPM_REGISTRY_URL) {
         details.push({
           node: pkgNode,
           existing: pkgNode
-        })
+        });
       }
     }
   }
-  return details
+  return details;
+}
+function getTargetNode(nodeOrLink) {
+  return nodeOrLink?.isLink ? nodeOrLink.target : nodeOrLink ?? null;
 }
 function isTopLevel(tree, node) {
-  const childNodeOrLink = tree.children.get(node.name)
-  const childNode = childNodeOrLink?.isLink
-    ? childNodeOrLink.target
-    : childNodeOrLink
-  return childNode === node
+  return getTargetNode(tree.children.get(node.name)) === node;
 }
 function updateNode(node, newVersion, newVersionPackument) {
   // Object.defineProperty is needed to set the version property and replace
@@ -1072,40 +994,42 @@ function updateNode(node, newVersion, newVersionPackument) {
     configurable: true,
     enumerable: true,
     get: () => newVersion
-  })
+  });
   // Update package.version associated with the node.
-  node.package.version = newVersion
+  node.package.version = newVersion;
   // Update node.resolved.
-  const purlObj = vendor.packageurlJsExports.PackageURL.fromString(
-    utils.idToPurl(node.name)
-  )
-  node.resolved = `${NPM_REGISTRY_URL}/${node.name}/-/${purlObj.name}-${newVersion}.tgz`
+  const purlObj = vendor.packageurlJsExports.PackageURL.fromString(utils.idToPurl(node.name));
+  node.resolved = `${NPM_REGISTRY_URL}/${node.name}/-/${purlObj.name}-${newVersion}.tgz`;
   // Update node.integrity with the targetPackument.dist.integrity value if available
   // else delete node.integrity so a new value is resolved for the target version.
-  const { integrity } = newVersionPackument.dist
+  const {
+    integrity
+  } = newVersionPackument.dist;
   if (integrity) {
-    node.integrity = integrity
+    node.integrity = integrity;
   } else {
-    delete node.integrity
+    delete node.integrity;
   }
   // Update node.package.deprecated based on targetPackument.deprecated.
   if (objects.hasOwn(newVersionPackument, 'deprecated')) {
-    node.package['deprecated'] = newVersionPackument.deprecated
+    node.package['deprecated'] = newVersionPackument.deprecated;
   } else {
-    delete node.package['deprecated']
+    delete node.package['deprecated'];
   }
   // Update node.package.dependencies.
   const newDeps = {
     ...newVersionPackument.dependencies
-  }
-  const { dependencies: oldDeps } = node.package
-  node.package.dependencies = newDeps
+  };
+  const {
+    dependencies: oldDeps
+  } = node.package;
+  node.package.dependencies = newDeps;
   if (oldDeps) {
     for (const oldDepName of Object.keys(oldDeps)) {
       if (!objects.hasOwn(newDeps, oldDepName)) {
         // Detach old edges for dependencies that don't exist on the updated
         // node.package.dependencies.
-        node.edgesOut.get(oldDepName)?.detach()
+        node.edgesOut.get(oldDepName)?.detach();
       }
     }
   }
@@ -1113,57 +1037,45 @@ function updateNode(node, newVersion, newVersionPackument) {
     if (!objects.hasOwn(oldDeps, newDepName)) {
       // Add new edges for dependencies that don't exist on the old
       // node.package.dependencies.
-      node.addEdgeOut(
-        new Edge({
-          from: node,
-          name: newDepName,
-          spec: newDeps[newDepName],
-          type: 'prod'
-        })
-      )
+      node.addEdgeOut(new Edge({
+        from: node,
+        name: newDepName,
+        spec: newDeps[newDepName],
+        type: 'prod'
+      }));
     }
   }
 }
-function updatePackageJsonFromNode(
-  editablePkgJson,
-  tree,
-  node,
-  newVersion,
-  rangeStyle
-) {
-  let result = false
+function updatePackageJsonFromNode(editablePkgJson, tree, node, newVersion, rangeStyle) {
+  let result = false;
   if (!isTopLevel(tree, node)) {
-    return result
+    return result;
   }
-  const { name } = node
-  for (const depField of [
-    'dependencies',
-    'optionalDependencies',
-    'peerDependencies'
-  ]) {
-    const depObject = editablePkgJson.content[depField]
+  const {
+    name
+  } = node;
+  for (const depField of ['dependencies', 'optionalDependencies', 'peerDependencies']) {
+    const depObject = editablePkgJson.content[depField];
     if (depObject) {
-      const oldRange = depObject[name]
+      const oldRange = depObject[name];
       if (oldRange) {
-        const newRange = utils.applyRange(oldRange, newVersion, rangeStyle)
+        const newRange = utils.applyRange(oldRange, newVersion, rangeStyle);
         if (oldRange !== newRange) {
-          result = true
+          result = true;
           editablePkgJson.update({
             [depField]: {
               ...depObject,
               [name]: newRange
             }
-          })
+          });
         }
       }
     }
   }
-  return result
+  return result;
 }
 
-const require$2 = Module.createRequire(
-  require('u' + 'rl').pathToFileURL(__filename).href
-)
+const require$2 =Module.createRequire(require('u' + 'rl').pathToFileURL(__filename).href)
 const {
   NPM,
   NPX,
@@ -1172,8 +1084,10 @@ const {
   SOCKET_CLI_SAFE_PROGRESS,
   SOCKET_CLI_VIEW_ALL_RISKS,
   kInternalsSymbol,
-  [kInternalsSymbol]: { getIpc }
-} = constants
+  [kInternalsSymbol]: {
+    getIpc
+  }
+} = constants;
 const SAFE_ARBORIST_REIFY_OPTIONS_OVERRIDES = {
   __proto__: null,
   audit: false,
@@ -1184,44 +1098,34 @@ const SAFE_ARBORIST_REIFY_OPTIONS_OVERRIDES = {
   save: false,
   saveBundle: false,
   silent: true
-}
-const kCtorArgs = Symbol('ctorArgs')
-const kRiskyReify = Symbol('riskyReify')
-const Arborist = require$2(getArboristClassPath())
+};
+const kCtorArgs = Symbol('ctorArgs');
+const kRiskyReify = Symbol('riskyReify');
+const Arborist = require$2(getArboristClassPath());
 
 // Implementation code not related to our custom behavior is based on
 // https://github.com/npm/cli/blob/v11.0.0/workspaces/arborist/lib/arborist/index.js:
 class SafeArborist extends Arborist {
   constructor(...ctorArgs) {
-    super(
-      {
-        path:
-          (ctorArgs.length ? ctorArgs[0]?.path : undefined) ?? process.cwd(),
-        ...(ctorArgs.length ? ctorArgs[0] : undefined),
-        ...SAFE_ARBORIST_REIFY_OPTIONS_OVERRIDES
-      },
-      ...ctorArgs.slice(1)
-    )
-    this[kCtorArgs] = ctorArgs
+    super({
+      path: (ctorArgs.length ? ctorArgs[0]?.path : undefined) ?? process.cwd(),
+      ...(ctorArgs.length ? ctorArgs[0] : undefined),
+      ...SAFE_ARBORIST_REIFY_OPTIONS_OVERRIDES
+    }, ...ctorArgs.slice(1));
+    this[kCtorArgs] = ctorArgs;
   }
   async [kRiskyReify](...args) {
-    const ctorArgs = this[kCtorArgs]
-    const arb = new Arborist(
-      {
-        ...(ctorArgs.length ? ctorArgs[0] : undefined),
-        progress: false
-      },
-      ...ctorArgs.slice(1)
-    )
-    const ret = await arb.reify(
-      {
-        ...(args.length ? args[0] : undefined),
-        progress: false
-      },
-      ...args.slice(1)
-    )
-    Object.assign(this, arb)
-    return ret
+    const ctorArgs = this[kCtorArgs];
+    const arb = new Arborist({
+      ...(ctorArgs.length ? ctorArgs[0] : undefined),
+      progress: false
+    }, ...ctorArgs.slice(1));
+    const ret = await arb.reify({
+      ...(args.length ? args[0] : undefined),
+      progress: false
+    }, ...args.slice(1));
+    Object.assign(this, arb);
+    return ret;
   }
 
   // @ts-ignore Incorrectly typed.
@@ -1229,105 +1133,91 @@ class SafeArborist extends Arborist {
     const options = {
       __proto__: null,
       ...(args.length ? args[0] : undefined)
-    }
-    const ipc = await getIpc()
-    const binName = ipc[SOCKET_CLI_SAFE_BIN]
+    };
+    const ipc = await getIpc();
+    const binName = ipc[SOCKET_CLI_SAFE_BIN];
     if (!binName) {
-      return await this[kRiskyReify](...args)
-    }
-    await super.reify(
-      {
-        ...options,
-        ...SAFE_ARBORIST_REIFY_OPTIONS_OVERRIDES,
-        progress: false
-      },
-      // @ts-ignore: TypeScript gets grumpy about rest parameters.
-      ...args.slice(1)
-    )
+      return await this[kRiskyReify](...args);
+    }
+    await super.reify({
+      ...options,
+      ...SAFE_ARBORIST_REIFY_OPTIONS_OVERRIDES,
+      progress: false
+    },
+    // @ts-ignore: TypeScript gets grumpy about rest parameters.
+    ...args.slice(1));
     // Lazily access constants.ENV.SOCKET_CLI_ACCEPT_RISKS.
-    const acceptRisks = constants.ENV.SOCKET_CLI_ACCEPT_RISKS
-    const progress = ipc[SOCKET_CLI_SAFE_PROGRESS]
-    const spinner =
-      options['silent'] || !progress
-        ? undefined
-        : // Lazily access constants.spinner.
-          constants.spinner
-    const isSafeNpm = binName === NPM
-    const isSafeNpx = binName === NPX
+    const acceptRisks = constants.ENV.SOCKET_CLI_ACCEPT_RISKS;
+    const progress = ipc[SOCKET_CLI_SAFE_PROGRESS];
+    const spinner = options['silent'] || !progress ? undefined :
+    // Lazily access constants.spinner.
+    constants.spinner;
+    const isSafeNpm = binName === NPM;
+    const isSafeNpx = binName === NPX;
     const alertsMap = await getAlertsMapFromArborist(this, {
       spinner,
-      include:
-        acceptRisks || options.dryRun || options['yes']
-          ? {
-              actions: ['error'],
-              blocked: true,
-              critical: false,
-              cve: false,
-              existing: true,
-              unfixable: false
-            }
-          : {
-              existing: isSafeNpx,
-              unfixable: isSafeNpm
-            }
-    })
+      include: acceptRisks || options.dryRun || options['yes'] ? {
+        actions: ['error'],
+        blocked: true,
+        critical: false,
+        cve: false,
+        existing: true,
+        unfixable: false
+      } : {
+        existing: isSafeNpx,
+        unfixable: isSafeNpm
+      }
+    });
     if (alertsMap.size) {
-      process.exitCode = 1
+      process.exitCode = 1;
       // Lazily access constants.ENV.SOCKET_CLI_VIEW_ALL_RISKS.
-      const viewAllRisks = constants.ENV.SOCKET_CLI_VIEW_ALL_RISKS
+      const viewAllRisks = constants.ENV.SOCKET_CLI_VIEW_ALL_RISKS;
       utils.logAlertsMap(alertsMap, {
         hideAt: viewAllRisks ? 'none' : 'middle',
         output: process.stderr
-      })
-      throw new Error(
-        `
+      });
+      throw new Error(`
           Socket ${binName} exiting due to risks.${viewAllRisks ? '' : `\nView all risks - Rerun with environment variable ${SOCKET_CLI_VIEW_ALL_RISKS}=1.`}${acceptRisks ? '' : `\nAccept risks - Rerun with environment variable ${SOCKET_CLI_ACCEPT_RISKS}=1.`}
-        `.trim()
-      )
+        `.trim());
     } else if (!options['silent']) {
-      logger.logger.success(
-        `Socket ${binName} ${acceptRisks ? 'accepted' : 'found no'} risks`
-      )
+      logger.logger.success(`Socket ${binName} ${acceptRisks ? 'accepted' : 'found no'} risks`);
       if (binName === NPX) {
-        logger.logger.log(`Running ${options.add[0]}`)
+        logger.logger.log(`Running ${options.add[0]}`);
       }
     }
-    return await this[kRiskyReify](...args)
+    return await this[kRiskyReify](...args);
   }
 }
 
-const require$1 = Module.createRequire(
-  require('u' + 'rl').pathToFileURL(__filename).href
-)
+const require$1 =Module.createRequire(require('u' + 'rl').pathToFileURL(__filename).href)
 function installSafeArborist() {
   // Override '@npmcli/arborist' module exports with patched variants based on
   // https://github.com/npm/cli/pull/8089.
-  const cache = require$1.cache
+  const cache = require$1.cache;
   cache[getArboristClassPath()] = {
     exports: SafeArborist
-  }
+  };
   cache[getArboristEdgeClassPath()] = {
     exports: SafeEdge
-  }
+  };
   cache[getArboristNodeClassPath()] = {
     exports: SafeNode
-  }
+  };
   cache[getArboristOverrideSetClassPath()] = {
     exports: SafeOverrideSet
-  }
+  };
 }
 
-installSafeArborist()
+installSafeArborist();
 
-exports.Arborist = Arborist
-exports.SAFE_ARBORIST_REIFY_OPTIONS_OVERRIDES =
-  SAFE_ARBORIST_REIFY_OPTIONS_OVERRIDES
-exports.SafeArborist = SafeArborist
-exports.findBestPatchVersion = findBestPatchVersion
-exports.findPackageNode = findPackageNode
-exports.findPackageNodes = findPackageNodes
-exports.getAlertsMapFromArborist = getAlertsMapFromArborist
-exports.updateNode = updateNode
-exports.updatePackageJsonFromNode = updatePackageJsonFromNode
-//# debugId=4d43be43-e3e8-4e13-b9a6-432f79e6face
+exports.Arborist = Arborist;
+exports.SAFE_ARBORIST_REIFY_OPTIONS_OVERRIDES = SAFE_ARBORIST_REIFY_OPTIONS_OVERRIDES;
+exports.SafeArborist = SafeArborist;
+exports.findBestPatchVersion = findBestPatchVersion;
+exports.findPackageNode = findPackageNode;
+exports.findPackageNodes = findPackageNodes;
+exports.getAlertsMapFromArborist = getAlertsMapFromArborist;
+exports.updateNode = updateNode;
+exports.updatePackageJsonFromNode = updatePackageJsonFromNode;
+//# debugId=aa475dcb-56c6-4bc2-8b36-54e92a6963a9
 //# sourceMappingURL=shadow-inject.js.map