@socketsecurity/cli-with-sentry 0.15.17 → 0.15.18

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (21) hide show
  1. package/dist/.config/tsconfig.dts.tsbuildinfo +1 -1
  2. package/dist/cli.js +187 -194
  3. package/dist/cli.js.map +1 -1
  4. package/dist/constants.js +3 -3
  5. package/dist/constants.js.map +1 -1
  6. package/dist/shadow-bin.js +5 -6
  7. package/dist/shadow-bin.js.map +1 -1
  8. package/dist/types/commands/fix/git.d.mts +1 -1
  9. package/dist/types/commands/fix/git.d.mts.map +1 -1
  10. package/dist/types/commands/fix/npm-fix.d.mts.map +1 -1
  11. package/dist/types/commands/fix/open-pr.d.mts +7 -2
  12. package/dist/types/commands/fix/open-pr.d.mts.map +1 -1
  13. package/dist/types/commands/fix/pnpm-fix.d.mts.map +1 -1
  14. package/dist/types/commands/manifest/convert_gradle_to_maven.d.mts.map +1 -1
  15. package/dist/types/shadow/npm/bin.d.mts.map +1 -1
  16. package/dist/vendor.js +18 -14
  17. package/dist/vendor.js.map +1 -1
  18. package/external/@socketsecurity/registry/lib/promises.d.ts +18 -4
  19. package/external/@socketsecurity/registry/lib/promises.js +112 -22
  20. package/external/@socketsecurity/registry/package.json +1 -1
  21. package/package.json +4 -4
package/dist/cli.js CHANGED
@@ -27,7 +27,7 @@ var fs$2 = require('../external/@socketsecurity/registry/lib/fs');
27
27
  var shadowInject = require('./shadow-inject.js');
28
28
  var objects = require('../external/@socketsecurity/registry/lib/objects');
29
29
  var registryConstants = require('../external/@socketsecurity/registry/lib/constants');
30
- var promises = require('../external/@socketsecurity/registry/lib/promises');
30
+ var require$$7 = require('../external/@socketsecurity/registry/lib/promises');
31
31
 
32
32
  var _documentCurrentScript = typeof document !== 'undefined' ? document.currentScript : null;
33
33
  async function fetchOrgAnalyticsData(time) {
@@ -1808,23 +1808,23 @@ async function convertGradleToMaven(target, bin, cwd, verbose, gradleOpts) {
1808
1808
  if (verbose) {
1809
1809
  logger.logger.log('[VERBOSE] Resolving:', [cwd, bin]);
1810
1810
  }
1811
- const rbin = path.resolve(cwd, bin);
1811
+ const rBin = path.resolve(cwd, bin);
1812
1812
  if (verbose) {
1813
1813
  logger.logger.log('[VERBOSE] Resolving:', [cwd, target]);
1814
1814
  }
1815
- const rtarget = path.resolve(cwd, target);
1816
- const binExists = fs$1.existsSync(rbin);
1817
- const targetExists = fs$1.existsSync(rtarget);
1815
+ const rTarget = path.resolve(cwd, target);
1816
+ const binExists = fs$1.existsSync(rBin);
1817
+ const targetExists = fs$1.existsSync(rTarget);
1818
1818
  logger.logger.group('gradle2maven:');
1819
1819
  if (verbose || debug.isDebug()) {
1820
- logger.logger.log(`[VERBOSE] - Absolute bin path: \`${rbin}\` (${binExists ? 'found' : vendor.yoctocolorsCjsExports.red('not found!')})`);
1821
- logger.logger.log(`[VERBOSE] - Absolute target path: \`${rtarget}\` (${targetExists ? 'found' : vendor.yoctocolorsCjsExports.red('not found!')})`);
1820
+ logger.logger.log(`[VERBOSE] - Absolute bin path: \`${rBin}\` (${binExists ? 'found' : vendor.yoctocolorsCjsExports.red('not found!')})`);
1821
+ logger.logger.log(`[VERBOSE] - Absolute target path: \`${rTarget}\` (${targetExists ? 'found' : vendor.yoctocolorsCjsExports.red('not found!')})`);
1822
1822
  } else {
1823
- logger.logger.log(`- executing: \`${rbin}\``);
1823
+ logger.logger.log(`- executing: \`${rBin}\``);
1824
1824
  if (!binExists) {
1825
1825
  logger.logger.warn('Warning: It appears the executable could not be found at this location. An error might be printed later because of that.');
1826
1826
  }
1827
- logger.logger.log(`- src dir: \`${rtarget}\``);
1827
+ logger.logger.log(`- src dir: \`${rTarget}\``);
1828
1828
  if (!targetExists) {
1829
1829
  logger.logger.warn('Warning: It appears the src dir could not be found at this location. An error might be printed later because of that.');
1830
1830
  }
@@ -1836,7 +1836,6 @@ async function convertGradleToMaven(target, bin, cwd, verbose, gradleOpts) {
1836
1836
  // we can upload them and predict them through the GitHub API. We could do a
1837
1837
  // .socket folder. We could do a socket.pom.gz with all the poms, although
1838
1838
  // I'd prefer something plain-text if it is to be committed.
1839
-
1840
1839
  // Note: init.gradle will be exported by .config/rollup.dist.config.mjs
1841
1840
  const initLocation = path.join(constants.distPath, 'init.gradle');
1842
1841
  const commandArgs = ['--init-script', initLocation, ...gradleOpts, 'pom'];
@@ -1844,7 +1843,7 @@ async function convertGradleToMaven(target, bin, cwd, verbose, gradleOpts) {
1844
1843
  logger.logger.log('[VERBOSE] Executing:', [bin], ', args:', commandArgs);
1845
1844
  }
1846
1845
  logger.logger.log(`Converting gradle to maven from \`${bin}\` on \`${target}\` ...`);
1847
- const output = await execGradleWithSpinner(rbin, commandArgs, rtarget, cwd);
1846
+ const output = await execGradleWithSpinner(rBin, commandArgs, rTarget, cwd);
1848
1847
  if (verbose) {
1849
1848
  logger.logger.group('[VERBOSE] gradle stdout:');
1850
1849
  logger.logger.log(output);
@@ -1921,12 +1920,12 @@ async function convertSbtToMaven(target, bin, out, verbose, sbtOpts) {
1921
1920
  const {
1922
1921
  spinner
1923
1922
  } = constants;
1924
- const rbin = path.resolve(bin);
1925
- const rtarget = path.resolve(target);
1923
+ const rBin = path.resolve(bin);
1924
+ const rTarget = path.resolve(target);
1926
1925
  if (verbose) {
1927
1926
  logger.logger.group('sbt2maven:');
1928
- logger.logger.log(`[VERBOSE] - Absolute bin path: \`${rbin}\``);
1929
- logger.logger.log(`[VERBOSE] - Absolute target path: \`${rtarget}\``);
1927
+ logger.logger.log(`[VERBOSE] - Absolute bin path: \`${rBin}\``);
1928
+ logger.logger.log(`[VERBOSE] - Absolute target path: \`${rTarget}\``);
1930
1929
  // logger.log(`[VERBOSE] - Absolute out path: \`${rout}\``)
1931
1930
  logger.logger.groupEnd();
1932
1931
  } else {
@@ -1944,8 +1943,8 @@ async function convertSbtToMaven(target, bin, out, verbose, sbtOpts) {
1944
1943
  // we can upload them and predict them through the GitHub API. We could do a
1945
1944
  // .socket folder. We could do a socket.pom.gz with all the poms, although
1946
1945
  // I'd prefer something plain-text if it is to be committed.
1947
- const output = await spawn.spawn(bin, ['makePom'].concat(sbtOpts), {
1948
- cwd: target || '.'
1946
+ const output = await spawn.spawn(bin, ['makePom', ...sbtOpts], {
1947
+ cwd: target || process.cwd()
1949
1948
  });
1950
1949
  spinner.stop();
1951
1950
  if (verbose) {
@@ -3591,8 +3590,8 @@ const cmdDiffScan = {
3591
3590
 
3592
3591
  const GITHUB_ACTIONS_BOT_USERNAME = 'github-actions[bot]';
3593
3592
  const GITHUB_ACTIONS_BOT_EMAIL = `${GITHUB_ACTIONS_BOT_USERNAME}@users.noreply.github.com`;
3594
- function formatBranchName(str) {
3595
- return str.replace(/[-_.\\/]+/g, '-').replace(/[^-a-zA-Z0-9]+/g, '').replace(/^-+|-+$/g, '');
3593
+ function formatBranchName(name) {
3594
+ return name.replace(/[-_.\\/]+/g, '-').replace(/[^-a-zA-Z0-9]+/g, '').replace(/^-+|-+$/g, '');
3596
3595
  }
3597
3596
  function getBaseGitBranch() {
3598
3597
  // Lazily access constants.ENV.GITHUB_REF_NAME.
@@ -3632,56 +3631,52 @@ function getSocketCommitMessage(purl, newVersion, workspaceName) {
3632
3631
  const workspaceDetails = workspaceName ? ` in ${workspaceName}` : '';
3633
3632
  return `socket: Bump ${pkgFullName} from ${purlObj.version} to ${newVersion}${workspaceDetails}`;
3634
3633
  }
3634
+ async function gitCleanFdx(cwd = process.cwd()) {
3635
+ const stdioIgnoreOptions = {
3636
+ cwd,
3637
+ stdio: 'ignore'
3638
+ };
3639
+ await spawn.spawn('git', ['clean', '-fdx'], stdioIgnoreOptions);
3640
+ }
3635
3641
  async function gitCreateAndPushBranch(branch, commitMsg, filepaths, cwd = process.cwd()) {
3636
- await gitEnsureIdentity(cwd);
3637
- await spawn.spawn('git', ['checkout', '-b', branch], {
3638
- cwd
3639
- });
3640
- await spawn.spawn('git', ['add', ...filepaths], {
3641
- cwd
3642
- });
3643
- await spawn.spawn('git', ['commit', '-m', commitMsg], {
3644
- cwd
3645
- });
3642
+ const stdioIgnoreOptions = {
3643
+ cwd,
3644
+ stdio: 'ignore'
3645
+ };
3646
3646
  try {
3647
- await spawn.spawn('git', ['push', '--force', '--set-upstream', 'origin', branch], {
3648
- cwd
3649
- });
3647
+ await gitEnsureIdentity(cwd);
3648
+ await spawn.spawn('git', ['checkout', '-b', branch], stdioIgnoreOptions);
3649
+ await spawn.spawn('git', ['add', ...filepaths], stdioIgnoreOptions);
3650
+ await spawn.spawn('git', ['commit', '-m', commitMsg], stdioIgnoreOptions);
3651
+ await spawn.spawn('git', ['push', '--force', '--set-upstream', 'origin', branch], stdioIgnoreOptions);
3650
3652
  return true;
3651
3653
  } catch {}
3652
- await spawn.spawn('git', ['branch', '-D', branch], {
3653
- cwd
3654
- });
3654
+ try {
3655
+ await spawn.spawn('git', ['branch', '-D', branch], stdioIgnoreOptions);
3656
+ } catch {}
3655
3657
  return false;
3656
3658
  }
3657
3659
  async function gitEnsureIdentity(cwd = process.cwd()) {
3660
+ const stdioIgnoreOptions = {
3661
+ cwd,
3662
+ stdio: 'ignore'
3663
+ };
3664
+ const stdioPipeOptions = {
3665
+ cwd
3666
+ };
3658
3667
  let hasUserName = false;
3659
3668
  try {
3660
- const {
3661
- stdout
3662
- } = await spawn.spawn('git', ['config', '--get', 'user.name'], {
3663
- cwd
3664
- });
3665
- hasUserName = !!stdout.trim();
3669
+ hasUserName = !!(await spawn.spawn('git', ['config', '--get', 'user.name'], stdioPipeOptions)).stdout.trim();
3666
3670
  } catch {}
3667
3671
  if (!hasUserName) {
3668
- await spawn.spawn('git', ['config', 'user.name', GITHUB_ACTIONS_BOT_USERNAME], {
3669
- cwd
3670
- });
3672
+ await spawn.spawn('git', ['config', 'user.name', GITHUB_ACTIONS_BOT_USERNAME], stdioIgnoreOptions);
3671
3673
  }
3672
3674
  let hasUserEmail = false;
3673
3675
  try {
3674
- const {
3675
- stdout
3676
- } = await spawn.spawn('git', ['config', '--get', 'user.email'], {
3677
- cwd
3678
- });
3679
- hasUserEmail = !!stdout.trim();
3676
+ hasUserEmail = !!(await spawn.spawn('git', ['config', '--get', 'user.email'], stdioPipeOptions)).stdout.trim();
3680
3677
  } catch {}
3681
3678
  if (!hasUserEmail) {
3682
- await spawn.spawn('git', ['config', 'user.email', GITHUB_ACTIONS_BOT_EMAIL], {
3683
- cwd
3684
- });
3679
+ await spawn.spawn('git', ['config', 'user.email', GITHUB_ACTIONS_BOT_EMAIL], stdioIgnoreOptions);
3685
3680
  }
3686
3681
  }
3687
3682
  async function gitResetAndClean(branch = 'HEAD', cwd = process.cwd()) {
@@ -3691,34 +3686,28 @@ async function gitResetAndClean(branch = 'HEAD', cwd = process.cwd()) {
3691
3686
  await gitCleanFdx(cwd);
3692
3687
  }
3693
3688
  async function gitResetHard(branch = 'HEAD', cwd = process.cwd()) {
3694
- await spawn.spawn('git', ['reset', '--hard', branch], {
3695
- cwd
3696
- });
3697
- }
3698
- async function gitCleanFdx(cwd = process.cwd()) {
3699
- await spawn.spawn('git', ['clean', '-fdx'], {
3700
- cwd
3701
- });
3689
+ const stdioIgnoreOptions = {
3690
+ cwd,
3691
+ stdio: 'ignore'
3692
+ };
3693
+ await spawn.spawn('git', ['reset', '--hard', branch], stdioIgnoreOptions);
3702
3694
  }
3703
3695
  async function gitRemoteBranchExists(branch, cwd = process.cwd()) {
3696
+ const stdioPipeOptions = {
3697
+ cwd
3698
+ };
3704
3699
  try {
3705
- const {
3706
- stdout
3707
- } = await spawn.spawn('git', ['ls-remote', '--heads', 'origin', branch], {
3708
- cwd
3709
- });
3710
- return stdout.trim().length > 0;
3700
+ return (await spawn.spawn('git', ['ls-remote', '--heads', 'origin', branch], stdioPipeOptions)).stdout.trim().length > 0;
3711
3701
  } catch {
3712
3702
  return false;
3713
3703
  }
3714
3704
  }
3715
3705
  async function gitUnstagedModifiedFiles(cwd = process.cwd()) {
3716
- const {
3717
- stdout
3718
- } = await spawn.spawn('git', ['diff', '--name-only'], {
3706
+ const stdioPipeOptions = {
3719
3707
  cwd
3720
- });
3721
- const rawFiles = stdout?.trim().split('\n') ?? [];
3708
+ };
3709
+ const stdout = (await spawn.spawn('git', ['diff', '--name-only'], stdioPipeOptions)).stdout.trim();
3710
+ const rawFiles = stdout.split('\n') ?? [];
3722
3711
  return rawFiles.map(relPath => path$1.normalizePath(relPath));
3723
3712
  }
3724
3713
 
@@ -3886,8 +3875,9 @@ async function cleanupOpenPrs(owner, repo, purl, newVersion, options) {
3886
3875
  } = match;
3887
3876
  const versionText = /(?<= to )\S+/.exec(props.title)?.[0];
3888
3877
  const {
3889
- number: prNumber
3878
+ number: prNum
3890
3879
  } = props;
3880
+ const prRef = `PR #${prNum}`;
3891
3881
  const prVersion = vendor.semverExports.coerce(versionText);
3892
3882
  // Close older PRs.
3893
3883
  if (prVersion && vendor.semverExports.lt(prVersion, newVersion)) {
@@ -3895,16 +3885,16 @@ async function cleanupOpenPrs(owner, repo, purl, newVersion, options) {
3895
3885
  await octokit.pulls.update({
3896
3886
  owner,
3897
3887
  repo,
3898
- pull_number: prNumber,
3888
+ pull_number: prNum,
3899
3889
  state: 'closed'
3900
3890
  });
3901
- logger.logger.info(`Closed PR #${prNumber} for older version ${prVersion}`);
3891
+ debug.debugLog(`Closed ${prRef} for older version ${prVersion}.`);
3902
3892
  // Remove entry from parent object.
3903
3893
  match.parent.splice(match.index, 1);
3904
3894
  // Mark cache to be saved.
3905
3895
  cachesToSave.set(match.cacheKey, match.data);
3906
3896
  } catch (e) {
3907
- logger.logger.warn(`Failed to close PR #${prNumber}: ${e.message}`);
3897
+ debug.debugLog(`Failed to close ${prRef}: ${e?.message || 'Unknown error'}`);
3908
3898
  return;
3909
3899
  }
3910
3900
  }
@@ -3918,7 +3908,7 @@ async function cleanupOpenPrs(owner, repo, purl, newVersion, options) {
3918
3908
  base: props.headRefName,
3919
3909
  head: props.baseRefName
3920
3910
  });
3921
- logger.logger.info(`Updated stale PR #${prNumber}`);
3911
+ debug.debugLog(`Updated stale ${prRef}.`);
3922
3912
  // Update entry entry.
3923
3913
  if (match.apiType === 'graphql') {
3924
3914
  match.entry.mergeStateStatus = 'CLEAN';
@@ -3928,8 +3918,8 @@ async function cleanupOpenPrs(owner, repo, purl, newVersion, options) {
3928
3918
  // Mark cache to be saved.
3929
3919
  cachesToSave.set(match.cacheKey, match.data);
3930
3920
  } catch (e) {
3931
- const message = e?.message ?? 'Unknown error';
3932
- logger.logger.warn(`Failed to update PR #${prNumber}: ${message}`);
3921
+ const message = e?.message || 'Unknown error';
3922
+ debug.debugLog(`Failed to update ${prRef}: ${message}`);
3933
3923
  }
3934
3924
  }
3935
3925
  }));
@@ -3941,8 +3931,7 @@ async function cleanupOpenPrs(owner, repo, purl, newVersion, options) {
3941
3931
  }
3942
3932
  }
3943
3933
  async function enablePrAutoMerge({
3944
- node_id: prId,
3945
- number: prNumber
3934
+ node_id: prId
3946
3935
  }) {
3947
3936
  const octokitGraphql = getOctokitGraphql();
3948
3937
  let error;
@@ -3962,28 +3951,32 @@ async function enablePrAutoMerge({
3962
3951
  });
3963
3952
  const respPrNumber = response?.enablePullRequestAutoMerge?.pullRequest?.number;
3964
3953
  if (respPrNumber) {
3965
- logger.logger.info(`Auto-merge enabled for PR #${respPrNumber}`);
3966
- return true;
3954
+ return {
3955
+ enabled: true
3956
+ };
3967
3957
  }
3968
3958
  } catch (e) {
3969
3959
  error = e;
3970
3960
  }
3971
- let message = `Failed to enable auto-merge for PR #${prNumber}`;
3972
- if (error instanceof vendor.GraphqlResponseError && error.errors) {
3961
+ if (error instanceof vendor.GraphqlResponseError && Array.isArray(error.errors)) {
3973
3962
  const details = error.errors.map(({
3974
3963
  message
3975
- }) => ` - ${message.trim()}`).join('\n').trim();
3976
- message += `:\n${details}`;
3964
+ }) => message.trim());
3965
+ return {
3966
+ enabled: false,
3967
+ details
3968
+ };
3977
3969
  }
3978
- logger.logger.error(message);
3979
- return false;
3970
+ return {
3971
+ enabled: false
3972
+ };
3980
3973
  }
3981
3974
  function getGitHubEnvRepoInfo() {
3982
3975
  // Lazily access constants.ENV.GITHUB_REPOSITORY.
3983
3976
  const ownerSlashRepo = constants.ENV.GITHUB_REPOSITORY;
3984
3977
  const slashIndex = ownerSlashRepo.indexOf('/');
3985
3978
  if (slashIndex === -1) {
3986
- throw new Error('Missing GITHUB_REPOSITORY environment variable');
3979
+ return null;
3987
3980
  }
3988
3981
  return {
3989
3982
  owner: ownerSlashRepo.slice(0, slashIndex),
@@ -3993,44 +3986,36 @@ function getGitHubEnvRepoInfo() {
3993
3986
  async function openPr(owner, repo, branch, purl, newVersion, options) {
3994
3987
  const {
3995
3988
  baseBranch = 'main',
3996
- cwd = process.cwd(),
3997
3989
  workspaceName
3998
3990
  } = {
3999
3991
  __proto__: null,
4000
3992
  ...options
4001
3993
  };
4002
3994
  // Lazily access constants.ENV.GITHUB_ACTIONS.
4003
- if (constants.ENV.GITHUB_ACTIONS) {
4004
- // Lazily access constants.ENV properties.
4005
- const token = constants.ENV.SOCKET_SECURITY_GITHUB_PAT || constants.ENV.GITHUB_TOKEN;
4006
- const url = `https://x-access-token:${token}@github.com/${owner}/${repo}`;
4007
- await spawn.spawn('git', ['remote', 'set-url', 'origin', url], {
4008
- cwd
3995
+ if (!constants.ENV.GITHUB_ACTIONS) {
3996
+ debug.debugLog('Missing GITHUB_ACTIONS environment variable.');
3997
+ return null;
3998
+ }
3999
+ const octokit = getOctokit();
4000
+ try {
4001
+ return await octokit.pulls.create({
4002
+ owner,
4003
+ repo,
4004
+ title: getSocketPullRequestTitle(purl, newVersion, workspaceName),
4005
+ head: branch,
4006
+ base: baseBranch,
4007
+ body: getSocketPullRequestBody(purl, newVersion, workspaceName)
4009
4008
  });
4010
- const octokit = getOctokit();
4011
- try {
4012
- return await octokit.pulls.create({
4013
- owner,
4014
- repo,
4015
- title: getSocketPullRequestTitle(purl, newVersion, workspaceName),
4016
- head: branch,
4017
- base: baseBranch,
4018
- body: getSocketPullRequestBody(purl, newVersion, workspaceName)
4019
- });
4020
- } catch (e) {
4021
- let message = `Failed to open pull request`;
4022
- if (e instanceof vendor.RequestError) {
4023
- const restErrors = e.response?.data?.['errors'];
4024
- if (Array.isArray(restErrors)) {
4025
- const details = restErrors.map(restErr => `- ${restErr.message?.trim() ?? `${restErr.resource}.${restErr.field} (${restErr.code})`}`).join('\n');
4026
- message += `:\n${details}`;
4027
- }
4028
- }
4029
- logger.logger.error(message);
4030
- return null;
4009
+ } catch (e) {
4010
+ let message = `Failed to open pull request`;
4011
+ const errors = e instanceof vendor.RequestError ? e.response?.data?.['errors'] : undefined;
4012
+ if (Array.isArray(errors)) {
4013
+ const details = errors.map(d => `- ${d.message?.trim() ?? `${d.resource}.${d.field} (${d.code})`}`).join('\n');
4014
+ message += `:\n${details}`;
4031
4015
  }
4016
+ debug.debugLog(message);
4032
4017
  }
4033
- throw new Error('Missing GITHUB_ACTIONS environment variable');
4018
+ return null;
4034
4019
  }
4035
4020
  async function prExistForBranch(owner, repo, branch) {
4036
4021
  const octokit = getOctokit();
@@ -4048,6 +4033,14 @@ async function prExistForBranch(owner, repo, branch) {
4048
4033
  } catch {}
4049
4034
  return false;
4050
4035
  }
4036
+ async function setGitRemoteGitHubRepoUrl(owner, repo, token, cwd = process.cwd()) {
4037
+ const stdioIgnoreOptions = {
4038
+ cwd,
4039
+ stdio: 'ignore'
4040
+ };
4041
+ const url = `https://x-access-token:${token}@github.com/${owner}/${repo}`;
4042
+ await spawn.spawn('git', ['remote', 'set-url', 'origin', url], stdioIgnoreOptions);
4043
+ }
4051
4044
 
4052
4045
  const CMD_NAME$1 = 'socket fix';
4053
4046
  function getAlertMapOptions(options = {}) {
@@ -4163,8 +4156,9 @@ async function npmFix(pkgEnvDetails, {
4163
4156
  return;
4164
4157
  }
4165
4158
 
4166
- // Lazily access constants.ENV.CI.
4167
- const isCi = constants.ENV.CI;
4159
+ // Lazily access constants.ENV properties.
4160
+ const token = constants.ENV.SOCKET_SECURITY_GITHUB_PAT || constants.ENV.GITHUB_TOKEN;
4161
+ const isCi = !!(constants.ENV.CI && constants.ENV.GITHUB_ACTIONS && constants.ENV.GITHUB_REPOSITORY && token);
4168
4162
  const baseBranch = isCi ? getBaseGitBranch() : '';
4169
4163
  const workspacePkgJsonPaths = await utils.globWorkspace(pkgEnvDetails.agent, rootPath);
4170
4164
  const pkgJsonPaths = [...workspacePkgJsonPaths,
@@ -4190,7 +4184,7 @@ async function npmFix(pkgEnvDetails, {
4190
4184
  // eslint-disable-next-line no-await-in-loop
4191
4185
  const packument = await packages.fetchPackagePackument(name);
4192
4186
  if (!packument) {
4193
- logger.logger.warn(`Unexpected condition: No packument found for ${name}\n`);
4187
+ logger.logger.warn(`Unexpected condition: No packument found for ${name}.\n`);
4194
4188
  logger.logger.dedent();
4195
4189
  spinner?.dedent();
4196
4190
  continue infoEntriesLoop;
@@ -4289,7 +4283,7 @@ async function npmFix(pkgEnvDetails, {
4289
4283
  workspaceLogCallCount = logger.logger.logCallCount;
4290
4284
  }
4291
4285
  spinner?.start();
4292
- spinner?.info(`Installing ${newId} in ${workspaceName}`);
4286
+ spinner?.info(`Installing ${newId} in ${workspaceName}.`);
4293
4287
  let error;
4294
4288
  let errored = false;
4295
4289
  try {
@@ -4305,14 +4299,13 @@ async function npmFix(pkgEnvDetails, {
4305
4299
  stdio: 'ignore'
4306
4300
  });
4307
4301
  }
4308
- spinner?.success(`Fixed ${name} in ${workspaceName}`);
4302
+ spinner?.success(`Fixed ${name} in ${workspaceName}.`);
4309
4303
  } catch (e) {
4310
4304
  errored = true;
4311
4305
  error = e;
4312
4306
  }
4313
4307
  spinner?.stop();
4314
4308
  if (!errored && isCi) {
4315
- const branch = getSocketBranchName(oldPurl, newVersion, workspaceName);
4316
4309
  try {
4317
4310
  const moddedFilepaths =
4318
4311
  // eslint-disable-next-line no-await-in-loop
@@ -4324,36 +4317,26 @@ async function npmFix(pkgEnvDetails, {
4324
4317
  logger.logger.warn('Unexpected condition: Nothing to commit, skipping PR creation.');
4325
4318
  continue infosLoop;
4326
4319
  }
4327
- const {
4328
- owner,
4329
- repo
4330
- } = getGitHubEnvRepoInfo();
4320
+ const repoInfo = getGitHubEnvRepoInfo();
4321
+ const branch = getSocketBranchName(oldPurl, newVersion, workspaceName);
4322
+ let skipPr = false;
4323
+ if (
4331
4324
  // eslint-disable-next-line no-await-in-loop
4332
- if (await prExistForBranch(owner, repo, branch)) {
4325
+ await prExistForBranch(repoInfo.owner, repoInfo.repo, branch)) {
4326
+ skipPr = true;
4333
4327
  debug.debugLog(`Branch "${branch}" exists, skipping PR creation.`);
4334
- // eslint-disable-next-line no-await-in-loop
4335
- await gitResetAndClean(baseBranch, cwd);
4336
- // eslint-disable-next-line no-await-in-loop
4337
- actualTree = await install$1(arb, {
4338
- cwd
4339
- });
4340
- continue infosLoop;
4341
4328
  }
4342
4329
  // eslint-disable-next-line no-await-in-loop
4343
- if (await gitRemoteBranchExists(branch, cwd)) {
4330
+ else if (await gitRemoteBranchExists(branch, cwd)) {
4331
+ skipPr = true;
4344
4332
  debug.debugLog(`Remote branch "${branch}" exists, skipping PR creation.`);
4345
- // eslint-disable-next-line no-await-in-loop
4346
- await gitResetAndClean(baseBranch, cwd);
4347
- // eslint-disable-next-line no-await-in-loop
4348
- actualTree = await install$1(arb, {
4349
- cwd
4350
- });
4351
- continue infosLoop;
4352
- }
4353
- if (
4333
+ } else if (
4354
4334
  // eslint-disable-next-line no-await-in-loop
4355
4335
  !(await gitCreateAndPushBranch(branch, getSocketCommitMessage(oldPurl, newVersion, workspaceName), moddedFilepaths, cwd))) {
4336
+ skipPr = true;
4356
4337
  logger.logger.warn('Unexpected condition: Push failed, skipping PR creation.');
4338
+ }
4339
+ if (skipPr) {
4357
4340
  // eslint-disable-next-line no-await-in-loop
4358
4341
  await gitResetAndClean(baseBranch, cwd);
4359
4342
  // eslint-disable-next-line no-await-in-loop
@@ -4362,12 +4345,13 @@ async function npmFix(pkgEnvDetails, {
4362
4345
  });
4363
4346
  continue infosLoop;
4364
4347
  }
4348
+
4365
4349
  // eslint-disable-next-line no-await-in-loop
4366
- await cleanupOpenPrs(owner, repo, oldPurl, newVersion, {
4350
+ await Promise.allSettled([setGitRemoteGitHubRepoUrl(repoInfo.owner, repoInfo.repo, token, cwd), cleanupOpenPrs(repoInfo.owner, repoInfo.repo, oldPurl, newVersion, {
4367
4351
  workspaceName
4368
- });
4352
+ })]);
4369
4353
  // eslint-disable-next-line no-await-in-loop
4370
- const prResponse = await openPr(owner, repo, branch, oldPurl, newVersion, {
4354
+ const prResponse = await openPr(repoInfo.owner, repoInfo.repo, branch, oldPurl, newVersion, {
4371
4355
  baseBranch,
4372
4356
  cwd,
4373
4357
  workspaceName
@@ -4376,12 +4360,22 @@ async function npmFix(pkgEnvDetails, {
4376
4360
  const {
4377
4361
  data
4378
4362
  } = prResponse;
4379
- logger.logger.success(`Opened PR #${data.number}.`);
4363
+ const prRef = `PR #${data.number}`;
4364
+ logger.logger.success(`Opened ${prRef}.`);
4380
4365
  if (autoMerge) {
4381
4366
  logger.logger.indent();
4382
4367
  spinner?.indent();
4383
4368
  // eslint-disable-next-line no-await-in-loop
4384
- await enablePrAutoMerge(data);
4369
+ const {
4370
+ details,
4371
+ enabled
4372
+ } = await enablePrAutoMerge(data);
4373
+ if (enabled) {
4374
+ logger.logger.info(`Auto-merge enabled for ${prRef}.`);
4375
+ } else {
4376
+ const message = `Failed to enable auto-merge for ${prRef}${details ? `:\n${details.map(d => ` - ${d}`).join('\n')}` : '.'}`;
4377
+ logger.logger.error(message);
4378
+ }
4385
4379
  logger.logger.dedent();
4386
4380
  spinner?.dedent();
4387
4381
  }
@@ -4548,8 +4542,9 @@ async function pnpmFix(pkgEnvDetails, {
4548
4542
  return;
4549
4543
  }
4550
4544
 
4551
- // Lazily access constants.ENV.CI.
4552
- const isCi = constants.ENV.CI;
4545
+ // Lazily access constants.ENV properties.
4546
+ const token = constants.ENV.SOCKET_SECURITY_GITHUB_PAT || constants.ENV.GITHUB_TOKEN;
4547
+ const isCi = !!(constants.ENV.CI && constants.ENV.GITHUB_ACTIONS && constants.ENV.GITHUB_REPOSITORY && token);
4553
4548
  const baseBranch = isCi ? getBaseGitBranch() : '';
4554
4549
  const workspacePkgJsonPaths = await utils.globWorkspace(pkgEnvDetails.agent, rootPath);
4555
4550
  const pkgJsonPaths = [...workspacePkgJsonPaths,
@@ -4708,7 +4703,7 @@ async function pnpmFix(pkgEnvDetails, {
4708
4703
  workspaceLogCallCount = logger.logger.logCallCount;
4709
4704
  }
4710
4705
  spinner?.start();
4711
- spinner?.info(`Installing ${newId} in ${workspaceName}`);
4706
+ spinner?.info(`Installing ${newId} in ${workspaceName}.`);
4712
4707
  let error;
4713
4708
  let errored = false;
4714
4709
  try {
@@ -4725,14 +4720,13 @@ async function pnpmFix(pkgEnvDetails, {
4725
4720
  stdio: 'ignore'
4726
4721
  });
4727
4722
  }
4728
- spinner?.success(`Fixed ${name} in ${workspaceName}`);
4723
+ spinner?.success(`Fixed ${name} in ${workspaceName}.`);
4729
4724
  } catch (e) {
4730
4725
  error = e;
4731
4726
  errored = true;
4732
4727
  }
4733
4728
  spinner?.stop();
4734
4729
  if (!errored && isCi) {
4735
- const branch = getSocketBranchName(oldPurl, newVersion, workspaceName);
4736
4730
  try {
4737
4731
  const moddedFilepaths =
4738
4732
  // eslint-disable-next-line no-await-in-loop
@@ -4744,38 +4738,26 @@ async function pnpmFix(pkgEnvDetails, {
4744
4738
  logger.logger.warn('Unexpected condition: Nothing to commit, skipping PR creation.');
4745
4739
  continue infosLoop;
4746
4740
  }
4747
- const {
4748
- owner,
4749
- repo
4750
- } = getGitHubEnvRepoInfo();
4741
+ const repoInfo = getGitHubEnvRepoInfo();
4742
+ const branch = getSocketBranchName(oldPurl, newVersion, workspaceName);
4743
+ let skipPr = false;
4744
+ if (
4751
4745
  // eslint-disable-next-line no-await-in-loop
4752
- if (await prExistForBranch(owner, repo, branch)) {
4746
+ await prExistForBranch(repoInfo.owner, repoInfo.repo, branch)) {
4747
+ skipPr = true;
4753
4748
  debug.debugLog(`Branch "${branch}" exists, skipping PR creation.`);
4754
- // eslint-disable-next-line no-await-in-loop
4755
- await gitResetAndClean(baseBranch, cwd);
4756
- // eslint-disable-next-line no-await-in-loop
4757
- actualTree = await install(pkgEnvDetails, {
4758
- cwd,
4759
- spinner
4760
- });
4761
- continue infosLoop;
4762
4749
  }
4763
4750
  // eslint-disable-next-line no-await-in-loop
4764
- if (await gitRemoteBranchExists(branch, cwd)) {
4751
+ else if (await gitRemoteBranchExists(branch, cwd)) {
4752
+ skipPr = true;
4765
4753
  debug.debugLog(`Remote branch "${branch}" exists, skipping PR creation.`);
4766
- // eslint-disable-next-line no-await-in-loop
4767
- await gitResetAndClean(baseBranch, cwd);
4768
- // eslint-disable-next-line no-await-in-loop
4769
- actualTree = await install(pkgEnvDetails, {
4770
- cwd,
4771
- spinner
4772
- });
4773
- continue infosLoop;
4774
- }
4775
- if (
4754
+ } else if (
4776
4755
  // eslint-disable-next-line no-await-in-loop
4777
4756
  !(await gitCreateAndPushBranch(branch, getSocketCommitMessage(oldPurl, newVersion, workspaceName), moddedFilepaths, cwd))) {
4757
+ skipPr = true;
4778
4758
  logger.logger.warn('Unexpected condition: Push failed, skipping PR creation.');
4759
+ }
4760
+ if (skipPr) {
4779
4761
  // eslint-disable-next-line no-await-in-loop
4780
4762
  await gitResetAndClean(baseBranch, cwd);
4781
4763
  // eslint-disable-next-line no-await-in-loop
@@ -4785,12 +4767,13 @@ async function pnpmFix(pkgEnvDetails, {
4785
4767
  });
4786
4768
  continue infosLoop;
4787
4769
  }
4770
+
4788
4771
  // eslint-disable-next-line no-await-in-loop
4789
- await cleanupOpenPrs(owner, repo, oldPurl, newVersion, {
4772
+ await Promise.allSettled([setGitRemoteGitHubRepoUrl(repoInfo.owner, repoInfo.repo, token, cwd), cleanupOpenPrs(repoInfo.owner, repoInfo.repo, oldPurl, newVersion, {
4790
4773
  workspaceName
4791
- });
4774
+ })]);
4792
4775
  // eslint-disable-next-line no-await-in-loop
4793
- const prResponse = await openPr(owner, repo, branch, oldPurl, newVersion, {
4776
+ const prResponse = await openPr(repoInfo.owner, repoInfo.repo, branch, oldPurl, newVersion, {
4794
4777
  baseBranch,
4795
4778
  cwd,
4796
4779
  workspaceName
@@ -4799,12 +4782,22 @@ async function pnpmFix(pkgEnvDetails, {
4799
4782
  const {
4800
4783
  data
4801
4784
  } = prResponse;
4802
- logger.logger.success(`Opened PR #${data.number}.`);
4785
+ const prRef = `PR #${data.number}`;
4786
+ logger.logger.success(`Opened ${prRef}.`);
4803
4787
  if (autoMerge) {
4804
4788
  logger.logger.indent();
4805
4789
  spinner?.indent();
4806
4790
  // eslint-disable-next-line no-await-in-loop
4807
- await enablePrAutoMerge(data);
4791
+ const {
4792
+ details,
4793
+ enabled
4794
+ } = await enablePrAutoMerge(data);
4795
+ if (enabled) {
4796
+ logger.logger.info(`Auto-merge enabled for ${prRef}.`);
4797
+ } else {
4798
+ const message = `Failed to enable auto-merge for ${prRef}${details ? `:\n${details.map(d => ` - ${d}`).join('\n')}` : '.'}`;
4799
+ logger.logger.error(message);
4800
+ }
4808
4801
  logger.logger.dedent();
4809
4802
  spinner?.dedent();
4810
4803
  }
@@ -6638,7 +6631,7 @@ async function npmQuery(npmExecPath, cwd) {
6638
6631
  cwd,
6639
6632
  // Lazily access constants.WIN32.
6640
6633
  shell: constants.WIN32
6641
- })).stdout;
6634
+ })).stdout.trim();
6642
6635
  } catch {}
6643
6636
  return cleanupQueryStdout(stdout);
6644
6637
  }
@@ -6650,7 +6643,7 @@ async function lsBun(pkgEnvDetails, cwd) {
6650
6643
  cwd,
6651
6644
  // Lazily access constants.WIN32.
6652
6645
  shell: constants.WIN32
6653
- })).stdout;
6646
+ })).stdout.trim();
6654
6647
  } catch {}
6655
6648
  return '';
6656
6649
  }
@@ -6674,7 +6667,7 @@ async function lsPnpm(pkgEnvDetails, cwd, options) {
6674
6667
  cwd,
6675
6668
  // Lazily access constants.WIN32.
6676
6669
  shell: constants.WIN32
6677
- })).stdout;
6670
+ })).stdout.trim();
6678
6671
  } catch {}
6679
6672
  return parsableToQueryStdout(stdout);
6680
6673
  }
@@ -6686,7 +6679,7 @@ async function lsVlt(pkgEnvDetails, cwd) {
6686
6679
  cwd,
6687
6680
  // Lazily access constants.WIN32.
6688
6681
  shell: constants.WIN32
6689
- })).stdout;
6682
+ })).stdout.trim();
6690
6683
  } catch {}
6691
6684
  return cleanupQueryStdout(stdout);
6692
6685
  }
@@ -6892,7 +6885,7 @@ async function addOverrides(pkgEnvDetails, pkgPath, options) {
6892
6885
  vendor.semverExports.coerce(data.engines.node), pkgEnvDetails.pkgRequirements.node));
6893
6886
 
6894
6887
  // Chunk package names to process them in parallel 3 at a time.
6895
- await promises.pEach(manifestEntries, 3, async ({
6888
+ await require$$7.pEach(manifestEntries, 3, async ({
6896
6889
  1: data
6897
6890
  }) => {
6898
6891
  const {
@@ -6942,7 +6935,7 @@ async function addOverrides(pkgEnvDetails, pkgPath, options) {
6942
6935
  npmExecPath
6943
6936
  });
6944
6937
  // Chunk package names to process them in parallel 3 at a time.
6945
- await promises.pEach(overridesDataObjects, 3, async ({
6938
+ await require$$7.pEach(overridesDataObjects, 3, async ({
6946
6939
  overrides,
6947
6940
  type
6948
6941
  }) => {
@@ -6992,7 +6985,7 @@ async function addOverrides(pkgEnvDetails, pkgPath, options) {
6992
6985
  });
6993
6986
  if (isWorkspace) {
6994
6987
  // Chunk package names to process them in parallel 3 at a time.
6995
- await promises.pEach(workspacePkgJsonPaths, 3, async workspacePkgJsonPath => {
6988
+ await require$$7.pEach(workspacePkgJsonPaths, 3, async workspacePkgJsonPath => {
6996
6989
  const otherState = await addOverrides(pkgEnvDetails, path.dirname(workspacePkgJsonPath), {
6997
6990
  logger,
6998
6991
  pin,
@@ -11746,5 +11739,5 @@ void (async () => {
11746
11739
  await utils.captureException(e);
11747
11740
  }
11748
11741
  })();
11749
- //# debugId=a62b48d4-63b9-4b1e-b260-b363f86c80da
11742
+ //# debugId=9dea3102-060a-4a56-a311-fca26f56933e
11750
11743
  //# sourceMappingURL=cli.js.map