@socketsecurity/cli-with-sentry 0.15.25 → 0.15.27
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/cli.js +12 -2
- package/dist/cli.js.map +1 -1
- package/dist/constants.js +3 -3
- package/dist/constants.js.map +1 -1
- package/dist/shadow-inject.js +12 -7
- package/dist/shadow-inject.js.map +1 -1
- package/package.json +1 -1
package/dist/cli.js
CHANGED
|
@@ -3684,12 +3684,14 @@ async function gitEnsureIdentity(name, email, cwd = process.cwd()) {
|
|
|
3684
3684
|
cwd
|
|
3685
3685
|
};
|
|
3686
3686
|
const identEntries = [['user.email', name], ['user.name', email]];
|
|
3687
|
+
debug.debugLog('identEntries', identEntries);
|
|
3687
3688
|
await Promise.all(identEntries.map(async ({
|
|
3688
3689
|
0: prop,
|
|
3689
3690
|
1: value
|
|
3690
3691
|
}) => {
|
|
3691
3692
|
try {
|
|
3692
3693
|
const output = await spawn.spawn('git', ['config', '--get', prop], stdioPipeOptions);
|
|
3694
|
+
debug.debugLog(`git config --get ${prop}`, output.stdout.trim());
|
|
3693
3695
|
if (output.stdout.trim() !== value) {
|
|
3694
3696
|
await spawn.spawn('git', ['config', prop, value], stdioIgnoreOptions);
|
|
3695
3697
|
}
|
|
@@ -4286,6 +4288,10 @@ async function npmFix(pkgEnvDetails, {
|
|
|
4286
4288
|
firstPatchedVersionIdentifier,
|
|
4287
4289
|
vulnerableVersionRange
|
|
4288
4290
|
} of infos.values()) {
|
|
4291
|
+
if (vendor.semverExports.gte(oldVersion, firstPatchedVersionIdentifier)) {
|
|
4292
|
+
debug.debugLog(`${oldId} is >= ${firstPatchedVersionIdentifier}, skipping.`);
|
|
4293
|
+
continue infosLoop;
|
|
4294
|
+
}
|
|
4289
4295
|
const newVersion = shadowInject.findBestPatchVersion(node, availableVersions, vulnerableVersionRange);
|
|
4290
4296
|
const newVersionPackument = newVersion ? packument.versions[newVersion] : undefined;
|
|
4291
4297
|
if (!(newVersion && newVersionPackument)) {
|
|
@@ -4688,7 +4694,7 @@ async function pnpmFix(pkgEnvDetails, {
|
|
|
4688
4694
|
|
|
4689
4695
|
// actualTree may not be defined on the first iteration of pkgJsonPathsLoop.
|
|
4690
4696
|
if (!actualTree) {
|
|
4691
|
-
const maybeActualTree = fs$1.existsSync(path.join(rootPath, 'node_modules')) ?
|
|
4697
|
+
const maybeActualTree = isCi && fs$1.existsSync(path.join(rootPath, 'node_modules')) ?
|
|
4692
4698
|
// eslint-disable-next-line no-await-in-loop
|
|
4693
4699
|
await getActualTree(cwd) :
|
|
4694
4700
|
// eslint-disable-next-line no-await-in-loop
|
|
@@ -4746,6 +4752,10 @@ async function pnpmFix(pkgEnvDetails, {
|
|
|
4746
4752
|
firstPatchedVersionIdentifier,
|
|
4747
4753
|
vulnerableVersionRange
|
|
4748
4754
|
} of infos.values()) {
|
|
4755
|
+
if (vendor.semverExports.gte(oldVersion, firstPatchedVersionIdentifier)) {
|
|
4756
|
+
debug.debugLog(`${oldId} is >= ${firstPatchedVersionIdentifier}, skipping.`);
|
|
4757
|
+
continue infosLoop;
|
|
4758
|
+
}
|
|
4749
4759
|
const newVersion = shadowInject.findBestPatchVersion(node, availableVersions, vulnerableVersionRange);
|
|
4750
4760
|
const newVersionPackument = newVersion ? packument.versions[newVersion] : undefined;
|
|
4751
4761
|
if (!(newVersion && newVersionPackument)) {
|
|
@@ -12694,5 +12704,5 @@ void (async () => {
|
|
|
12694
12704
|
await utils.captureException(e);
|
|
12695
12705
|
}
|
|
12696
12706
|
})();
|
|
12697
|
-
//# debugId=
|
|
12707
|
+
//# debugId=6146693d-aec6-4897-9f06-173f731fa9c8
|
|
12698
12708
|
//# sourceMappingURL=cli.js.map
|