@socketsecurity/cli-with-sentry 0.15.19 → 0.15.20

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (10) hide show
  1. package/dist/.config/tsconfig.dts.tsbuildinfo +1 -1
  2. package/dist/cli.js +134 -56
  3. package/dist/cli.js.map +1 -1
  4. package/dist/constants.js +3 -3
  5. package/dist/constants.js.map +1 -1
  6. package/dist/types/commands/fix/npm-fix.d.mts.map +1 -1
  7. package/dist/types/commands/fix/pnpm-fix.d.mts.map +1 -1
  8. package/dist/utils.js +3 -3
  9. package/dist/utils.js.map +1 -1
  10. package/package.json +1 -1
package/dist/cli.js CHANGED
@@ -4098,13 +4098,16 @@ async function install$1(arb, options) {
4098
4098
  __proto__: null,
4099
4099
  ...options
4100
4100
  };
4101
- const newArb = new shadowInject.Arborist({
4102
- path: cwd
4103
- });
4104
- newArb.idealTree = await arb.buildIdealTree();
4105
- const actualTree = await newArb.reify();
4106
- arb.actualTree = actualTree;
4107
- return actualTree;
4101
+ try {
4102
+ const newArb = new shadowInject.Arborist({
4103
+ path: cwd
4104
+ });
4105
+ newArb.idealTree = await arb.buildIdealTree();
4106
+ const actualTree = await newArb.reify();
4107
+ arb.actualTree = actualTree;
4108
+ return actualTree;
4109
+ } catch {}
4110
+ return null;
4108
4111
  }
4109
4112
  async function npmFix(pkgEnvDetails, {
4110
4113
  autoMerge,
@@ -4152,7 +4155,7 @@ async function npmFix(pkgEnvDetails, {
4152
4155
  });
4153
4156
  if (!infoByPkgName) {
4154
4157
  spinner?.stop();
4155
- logger.logger.info('No fixable vulnerabilities found.');
4158
+ logger.logger.info('No fixable vulns found.');
4156
4159
  return;
4157
4160
  }
4158
4161
 
@@ -4164,6 +4167,11 @@ async function npmFix(pkgEnvDetails, {
4164
4167
  const pkgJsonPaths = [...workspacePkgJsonPaths,
4165
4168
  // Process the workspace root last since it will add an override to package.json.
4166
4169
  pkgEnvDetails.editablePkgJson.filename];
4170
+ const handleInstallFail = () => {
4171
+ logger.logger.error(`Unexpected condition: ${pkgEnvDetails.agent} install failed.\n`);
4172
+ logger.logger.dedent();
4173
+ spinner?.dedent();
4174
+ };
4167
4175
  spinner?.stop();
4168
4176
  let count = 0;
4169
4177
  const sortedInfoEntries = [...infoByPkgName.entries()].sort((a, b) => sorts.naturalCompare(a[0], b[0]));
@@ -4175,7 +4183,7 @@ async function npmFix(pkgEnvDetails, {
4175
4183
  0: name,
4176
4184
  1: infos
4177
4185
  } = sortedInfoEntries[i];
4178
- logger.logger.log(`Processing vulnerable package: ${name}`);
4186
+ logger.logger.log(`Processing vulns for ${name}:`);
4179
4187
  logger.logger.indent();
4180
4188
  spinner?.indent();
4181
4189
  if (registry.getManifestData(NPM$a, name)) {
@@ -4240,7 +4248,7 @@ async function npmFix(pkgEnvDetails, {
4240
4248
  const newVersion = shadowInject.findBestPatchVersion(node, availableVersions, vulnerableVersionRange);
4241
4249
  const newVersionPackument = newVersion ? packument.versions[newVersion] : undefined;
4242
4250
  if (!(newVersion && newVersionPackument)) {
4243
- warningsForAfter.add(`No update applied. ${oldId} needs >=${firstPatchedVersionIdentifier}.`);
4251
+ warningsForAfter.add(`No update applied: ${oldId} requires >=${firstPatchedVersionIdentifier}`);
4244
4252
  continue infosLoop;
4245
4253
  }
4246
4254
  const newVersionRange = utils.applyRange(oldVersion, newVersion, rangeStyle);
@@ -4288,18 +4296,23 @@ async function npmFix(pkgEnvDetails, {
4288
4296
  let errored = false;
4289
4297
  try {
4290
4298
  // eslint-disable-next-line no-await-in-loop
4291
- actualTree = await install$1(arb, {
4299
+ const maybeActualTree = await install$1(arb, {
4292
4300
  cwd
4293
4301
  });
4294
- if (test) {
4295
- spinner?.info(`Testing ${newId} in ${workspaceName}.`);
4296
- // eslint-disable-next-line no-await-in-loop
4297
- await npm.runScript(testScript, [], {
4298
- spinner,
4299
- stdio: 'ignore'
4300
- });
4302
+ if (maybeActualTree) {
4303
+ actualTree = maybeActualTree;
4304
+ if (test) {
4305
+ spinner?.info(`Testing ${newId} in ${workspaceName}.`);
4306
+ // eslint-disable-next-line no-await-in-loop
4307
+ await npm.runScript(testScript, [], {
4308
+ spinner,
4309
+ stdio: 'ignore'
4310
+ });
4311
+ }
4312
+ spinner?.success(`Fixed ${name} in ${workspaceName}.`);
4313
+ } else {
4314
+ errored = true;
4301
4315
  }
4302
- spinner?.success(`Fixed ${name} in ${workspaceName}.`);
4303
4316
  } catch (e) {
4304
4317
  errored = true;
4305
4318
  error = e;
@@ -4340,9 +4353,15 @@ async function npmFix(pkgEnvDetails, {
4340
4353
  // eslint-disable-next-line no-await-in-loop
4341
4354
  await gitResetAndClean(baseBranch, cwd);
4342
4355
  // eslint-disable-next-line no-await-in-loop
4343
- actualTree = await install$1(arb, {
4356
+ const maybeActualTree = await install$1(arb, {
4344
4357
  cwd
4345
4358
  });
4359
+ if (!maybeActualTree) {
4360
+ // Exit early if install fails.
4361
+ handleInstallFail();
4362
+ return;
4363
+ }
4364
+ actualTree = maybeActualTree;
4346
4365
  continue infosLoop;
4347
4366
  }
4348
4367
 
@@ -4386,12 +4405,19 @@ async function npmFix(pkgEnvDetails, {
4386
4405
  }
4387
4406
  }
4388
4407
  if (isCi) {
4408
+ spinner?.start();
4389
4409
  // eslint-disable-next-line no-await-in-loop
4390
4410
  await gitResetAndClean(baseBranch, cwd);
4391
4411
  // eslint-disable-next-line no-await-in-loop
4392
- actualTree = await install$1(arb, {
4412
+ const maybeActualTree = await install$1(arb, {
4393
4413
  cwd
4394
4414
  });
4415
+ spinner?.stop();
4416
+ if (maybeActualTree) {
4417
+ actualTree = maybeActualTree;
4418
+ } else {
4419
+ errored = true;
4420
+ }
4395
4421
  }
4396
4422
  if (errored) {
4397
4423
  if (!isCi) {
@@ -4402,10 +4428,16 @@ async function npmFix(pkgEnvDetails, {
4402
4428
  ignoreWhitespace: true
4403
4429
  })]);
4404
4430
  // eslint-disable-next-line no-await-in-loop
4405
- actualTree = await install$1(arb, {
4431
+ const maybeActualTree = await install$1(arb, {
4406
4432
  cwd
4407
4433
  });
4408
4434
  spinner?.stop();
4435
+ if (!maybeActualTree) {
4436
+ // Exit early if install fails.
4437
+ handleInstallFail();
4438
+ return;
4439
+ }
4440
+ actualTree = maybeActualTree;
4409
4441
  }
4410
4442
  logger.logger.fail(`Update failed for ${oldId} in ${workspaceName}.`, error);
4411
4443
  }
@@ -4457,18 +4489,21 @@ async function install(pkgEnvDetails, options) {
4457
4489
  __proto__: null,
4458
4490
  ...options
4459
4491
  };
4460
- await utils.runAgentInstall(pkgEnvDetails, {
4461
- args: [...(args ?? []),
4462
- // Enable pnpm updates to pnpm-lock.yaml in CI environments.
4463
- // https://pnpm.io/cli/install#--frozen-lockfile
4464
- '--no-frozen-lockfile',
4465
- // Enable a non-interactive pnpm install
4466
- // https://github.com/pnpm/pnpm/issues/6778
4467
- '--config.confirmModulesPurge=false'],
4468
- spinner,
4469
- stdio: debug.isDebug() ? 'inherit' : 'ignore'
4470
- });
4471
- return await getActualTree(cwd);
4492
+ try {
4493
+ await utils.runAgentInstall(pkgEnvDetails, {
4494
+ args: [...(args ?? []),
4495
+ // Enable pnpm updates to pnpm-lock.yaml in CI environments.
4496
+ // https://pnpm.io/cli/install#--frozen-lockfile
4497
+ '--no-frozen-lockfile',
4498
+ // Enable a non-interactive pnpm install
4499
+ // https://github.com/pnpm/pnpm/issues/6778
4500
+ '--config.confirmModulesPurge=false'],
4501
+ spinner,
4502
+ stdio: debug.isDebug() ? 'inherit' : 'ignore'
4503
+ });
4504
+ return await getActualTree(cwd);
4505
+ } catch {}
4506
+ return null;
4472
4507
  }
4473
4508
  async function pnpmFix(pkgEnvDetails, {
4474
4509
  autoMerge,
@@ -4498,21 +4533,27 @@ async function pnpmFix(pkgEnvDetails, {
4498
4533
 
4499
4534
  // If pnpm-lock.yaml does NOT exist then install with pnpm to create it.
4500
4535
  if (!lockfile) {
4501
- actualTree = await install(pkgEnvDetails, {
4536
+ const maybeActualTree = await install(pkgEnvDetails, {
4502
4537
  cwd,
4503
4538
  spinner
4504
4539
  });
4505
- lockfile = await utils.readPnpmLockfile(lockfilePath);
4540
+ if (maybeActualTree) {
4541
+ actualTree = maybeActualTree;
4542
+ lockfile = await utils.readPnpmLockfile(lockfilePath);
4543
+ }
4506
4544
  }
4507
4545
  // Update pnpm-lock.yaml if its version is older than what the installed pnpm
4508
4546
  // produces.
4509
4547
  if (lockfile && pkgEnvDetails.agentVersion.major >= 10 && utils.parsePnpmLockfileVersion(lockfile.lockfileVersion).major <= 6) {
4510
- actualTree = await install(pkgEnvDetails, {
4548
+ const maybeActualTree = await install(pkgEnvDetails, {
4511
4549
  args: ['--lockfile-only'],
4512
4550
  cwd,
4513
4551
  spinner
4514
4552
  });
4515
- lockfile = await utils.readPnpmLockfile(lockfilePath);
4553
+ if (maybeActualTree) {
4554
+ actualTree = maybeActualTree;
4555
+ lockfile = await utils.readPnpmLockfile(lockfilePath);
4556
+ }
4516
4557
  }
4517
4558
 
4518
4559
  // Exit early if pnpm-lock.yaml is not found.
@@ -4538,7 +4579,7 @@ async function pnpmFix(pkgEnvDetails, {
4538
4579
  });
4539
4580
  if (!infoByPkgName) {
4540
4581
  spinner?.stop();
4541
- logger.logger.info('No fixable vulnerabilities found.');
4582
+ logger.logger.info('No fixable vulns found.');
4542
4583
  return;
4543
4584
  }
4544
4585
 
@@ -4550,6 +4591,11 @@ async function pnpmFix(pkgEnvDetails, {
4550
4591
  const pkgJsonPaths = [...workspacePkgJsonPaths,
4551
4592
  // Process the workspace root last since it will add an override to package.json.
4552
4593
  pkgEnvDetails.editablePkgJson.filename];
4594
+ const handleInstallFail = () => {
4595
+ logger.logger.error(`Unexpected condition: ${pkgEnvDetails.agent} install failed.\n`);
4596
+ logger.logger.dedent();
4597
+ spinner?.dedent();
4598
+ };
4553
4599
  spinner?.stop();
4554
4600
  let count = 0;
4555
4601
  const sortedInfoEntries = [...infoByPkgName.entries()].sort((a, b) => sorts.naturalCompare(a[0], b[0]));
@@ -4561,7 +4607,7 @@ async function pnpmFix(pkgEnvDetails, {
4561
4607
  0: name,
4562
4608
  1: infos
4563
4609
  } = sortedInfoEntries[i];
4564
- logger.logger.log(`Processing vulnerable package: ${name}`);
4610
+ logger.logger.log(`Processing vulns for ${name}:`);
4565
4611
  logger.logger.indent();
4566
4612
  spinner?.indent();
4567
4613
  if (registry.getManifestData(NPM$9, name)) {
@@ -4590,7 +4636,7 @@ async function pnpmFix(pkgEnvDetails, {
4590
4636
 
4591
4637
  // actualTree may not be defined on the first iteration of pkgJsonPathsLoop.
4592
4638
  if (!actualTree) {
4593
- actualTree = fs$1.existsSync(path.join(rootPath, 'node_modules')) ?
4639
+ const maybeActualTree = fs$1.existsSync(path.join(rootPath, 'node_modules')) ?
4594
4640
  // eslint-disable-next-line no-await-in-loop
4595
4641
  await getActualTree(cwd) :
4596
4642
  // eslint-disable-next-line no-await-in-loop
@@ -4598,6 +4644,14 @@ async function pnpmFix(pkgEnvDetails, {
4598
4644
  cwd,
4599
4645
  spinner
4600
4646
  });
4647
+ if (maybeActualTree) {
4648
+ actualTree = maybeActualTree;
4649
+ }
4650
+ }
4651
+ if (!actualTree) {
4652
+ // Exit early if install fails.
4653
+ handleInstallFail();
4654
+ return;
4601
4655
  }
4602
4656
  const oldVersions = arrays.arrayUnique(shadowInject.findPackageNodes(actualTree, name).map(n => n.version).filter(Boolean));
4603
4657
  if (!oldVersions.length) {
@@ -4641,7 +4695,7 @@ async function pnpmFix(pkgEnvDetails, {
4641
4695
  const newVersion = shadowInject.findBestPatchVersion(node, availableVersions, vulnerableVersionRange);
4642
4696
  const newVersionPackument = newVersion ? packument.versions[newVersion] : undefined;
4643
4697
  if (!(newVersion && newVersionPackument)) {
4644
- warningsForAfter.add(`No update applied. ${oldId} needs >=${firstPatchedVersionIdentifier}.`);
4698
+ warningsForAfter.add(`No update applied: ${oldId} requires >=${firstPatchedVersionIdentifier}`);
4645
4699
  continue infosLoop;
4646
4700
  }
4647
4701
  const overrideKey = `${name}@${vulnerableVersionRange}`;
@@ -4708,19 +4762,24 @@ async function pnpmFix(pkgEnvDetails, {
4708
4762
  let errored = false;
4709
4763
  try {
4710
4764
  // eslint-disable-next-line no-await-in-loop
4711
- actualTree = await install(pkgEnvDetails, {
4765
+ const maybeActualTree = await install(pkgEnvDetails, {
4712
4766
  cwd,
4713
4767
  spinner
4714
4768
  });
4715
- if (test) {
4716
- spinner?.info(`Testing ${newId} in ${workspaceName}.`);
4717
- // eslint-disable-next-line no-await-in-loop
4718
- await npm.runScript(testScript, [], {
4719
- spinner,
4720
- stdio: 'ignore'
4721
- });
4769
+ if (maybeActualTree) {
4770
+ actualTree = maybeActualTree;
4771
+ if (test) {
4772
+ spinner?.info(`Testing ${newId} in ${workspaceName}.`);
4773
+ // eslint-disable-next-line no-await-in-loop
4774
+ await npm.runScript(testScript, [], {
4775
+ spinner,
4776
+ stdio: 'ignore'
4777
+ });
4778
+ }
4779
+ spinner?.success(`Fixed ${name} in ${workspaceName}.`);
4780
+ } else {
4781
+ errored = true;
4722
4782
  }
4723
- spinner?.success(`Fixed ${name} in ${workspaceName}.`);
4724
4783
  } catch (e) {
4725
4784
  error = e;
4726
4785
  errored = true;
@@ -4761,10 +4820,16 @@ async function pnpmFix(pkgEnvDetails, {
4761
4820
  // eslint-disable-next-line no-await-in-loop
4762
4821
  await gitResetAndClean(baseBranch, cwd);
4763
4822
  // eslint-disable-next-line no-await-in-loop
4764
- actualTree = await install(pkgEnvDetails, {
4823
+ const maybeActualTree = await install(pkgEnvDetails, {
4765
4824
  cwd,
4766
4825
  spinner
4767
4826
  });
4827
+ if (!maybeActualTree) {
4828
+ // Exit early if install fails.
4829
+ handleInstallFail();
4830
+ return;
4831
+ }
4832
+ actualTree = maybeActualTree;
4768
4833
  continue infosLoop;
4769
4834
  }
4770
4835
 
@@ -4808,13 +4873,20 @@ async function pnpmFix(pkgEnvDetails, {
4808
4873
  }
4809
4874
  }
4810
4875
  if (isCi) {
4876
+ spinner?.start();
4811
4877
  // eslint-disable-next-line no-await-in-loop
4812
4878
  await gitResetAndClean(baseBranch, cwd);
4813
4879
  // eslint-disable-next-line no-await-in-loop
4814
- actualTree = await install(pkgEnvDetails, {
4880
+ const maybeActualTree = await install(pkgEnvDetails, {
4815
4881
  cwd,
4816
4882
  spinner
4817
4883
  });
4884
+ spinner?.stop();
4885
+ if (maybeActualTree) {
4886
+ actualTree = maybeActualTree;
4887
+ } else {
4888
+ errored = true;
4889
+ }
4818
4890
  }
4819
4891
  if (errored) {
4820
4892
  if (!isCi) {
@@ -4825,13 +4897,19 @@ async function pnpmFix(pkgEnvDetails, {
4825
4897
  ignoreWhitespace: true
4826
4898
  })]);
4827
4899
  // eslint-disable-next-line no-await-in-loop
4828
- actualTree = await install(pkgEnvDetails, {
4900
+ const maybeActualTree = await install(pkgEnvDetails, {
4829
4901
  cwd,
4830
4902
  spinner
4831
4903
  });
4832
4904
  spinner?.stop();
4905
+ if (!maybeActualTree) {
4906
+ // Exit early if install fails.
4907
+ handleInstallFail();
4908
+ return;
4909
+ }
4910
+ actualTree = maybeActualTree;
4833
4911
  }
4834
- logger.logger.fail(`Update failed for ${oldId} in ${workspaceName}.`, error);
4912
+ logger.logger.fail(`Update failed for ${oldId} in ${workspaceName}.`, ...(error ? [error] : []));
4835
4913
  }
4836
4914
  if (++count >= limit) {
4837
4915
  logger.logger.dedent();
@@ -11739,5 +11817,5 @@ void (async () => {
11739
11817
  await utils.captureException(e);
11740
11818
  }
11741
11819
  })();
11742
- //# debugId=5ee308bf-7f52-47e1-b4b2-79a10b530aa3
11820
+ //# debugId=ea32bfda-aafa-4d81-bddd-d4a28dbfd4ff
11743
11821
  //# sourceMappingURL=cli.js.map