npm - @socketsecurity/cli-with-sentry - Versions diffs - 0.15.30 → 0.15.31 - Mend

@socketsecurity/cli-with-sentry 0.15.30 → 0.15.31

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (6) hide show

package/dist/cli.js CHANGED Viewed

@@ -3641,6 +3641,23 @@ const cmdDiffScan = {
   }
 };
+async function outputFixResult(result, outputKind) {
+  if (!result.ok) {
+    process.exitCode = result.code ?? 1;
+  }
+  if (outputKind === 'json') {
+    logger.logger.log(utils.serializeResultJson(result));
+    return;
+  }
+  if (!result.ok) {
+    logger.logger.fail(utils.failMsgWithBadge(result.message, result.cause));
+    return;
+  }
+  logger.logger.log('');
+  logger.logger.success('Finished!');
+  logger.logger.log('');
+}
 function formatBranchName(name) {
   return name.replace(/[-_.\\/]+/g, '-').replace(/[^-a-zA-Z0-9]+/g, '').replace(/^-+|-+$/g, '');
 }
@@ -4164,37 +4181,8 @@ function getAlertsMapOptions(options = {}) {
     }
   };
 }
-function normalizeFixOptions(options_) {
-  const options = {
-    __proto__: null,
-    ...options_
-  };
-  if (typeof options.autopilot !== 'boolean') {
-    options.autopilot = false;
-  }
-  if (typeof options.autoMerge !== 'boolean') {
-    options.autoMerge = !!options.autopilot;
-  }
-  if (typeof options.cwd !== 'string') {
-    options.cwd = process.cwd();
-  }
-  const limit = typeof options.limit === 'number' ? options.limit : parseInt(`${options.limit || ''}`, 10);
-  options.limit = Number.isNaN(limit) ? Infinity : limit;
-  options.purls = Array.isArray(options.purls) ? options.purls.flatMap(p => p.split(/, */)) : [];
-  if (typeof options.rangeStyle !== 'string') {
-    options.rangeStyle = 'preserve';
-  }
-  if (typeof options.test !== 'boolean') {
-    options.test = !!options.autopilot || !!options.testScript;
-  }
-  if (typeof options.testScript !== 'string') {
-    options.testScript = 'test';
-  }
-  return options;
-}
 const {
-  DRY_RUN_NOT_SAVING: DRY_RUN_NOT_SAVING$1,
   NPM: NPM$a
 } = constants;
 async function install$1(arb, options) {
@@ -4218,17 +4206,12 @@ async function install$1(arb, options) {
 async function npmFix(pkgEnvDetails, {
   autoMerge,
   cwd,
-  dryRun,
   limit,
   purls,
   rangeStyle,
   test,
   testScript
 }) {
-  if (dryRun) {
-    logger.logger.log(DRY_RUN_NOT_SAVING$1);
-    return;
-  }
   // Lazily access constants.spinner.
   const {
     spinner
@@ -4576,7 +4559,6 @@ async function npmFix(pkgEnvDetails, {
 }
 const {
-  DRY_RUN_NOT_SAVING,
   NPM: NPM$9,
   OVERRIDES: OVERRIDES$2,
   PNPM: PNPM$7
@@ -4620,17 +4602,12 @@ async function install(pkgEnvDetails, options) {
 async function pnpmFix(pkgEnvDetails, {
   autoMerge,
   cwd,
-  dryRun,
   limit,
   purls,
   rangeStyle,
   test,
   testScript
 }) {
-  if (dryRun) {
-    logger.logger.log(DRY_RUN_NOT_SAVING);
-    return;
-  }
   // Lazily access constants.spinner.
   const {
     spinner
@@ -5100,28 +5077,91 @@ const {
   NPM: NPM$8,
   PNPM: PNPM$6
 } = constants;
-async function runFix(options_) {
-  const options = normalizeFixOptions(options_);
-  const pkgEnvDetails = await utils.detectAndValidatePackageEnvironment(options.cwd, {
+async function runFix({
+  autoMerge,
+  cwd,
+  limit,
+  purls,
+  rangeStyle,
+  test,
+  testScript
+}) {
+  // TODO: make detectAndValidatePackageEnvironment return a CResult<pkgEnvDetails> and propagate it
+  const pkgEnvDetails = await utils.detectAndValidatePackageEnvironment(cwd, {
     cmdName: CMD_NAME$1,
     logger: logger.logger
   });
   if (!pkgEnvDetails) {
-    return;
+    return {
+      ok: false,
+      message: 'No package found',
+      cause: `No valid package environment was found in given cwd (${cwd})`
+    };
   }
   logger.logger.info(`Fixing packages for ${pkgEnvDetails.agent}.\n`);
   const {
     agent
   } = pkgEnvDetails;
   if (agent === NPM$8) {
-    await npmFix(pkgEnvDetails, options);
+    // TODO: make npmFix return a CResult and propagate it
+    await npmFix(pkgEnvDetails, {
+      autoMerge,
+      cwd,
+      limit,
+      purls,
+      rangeStyle,
+      test,
+      testScript
+    });
   } else if (agent === PNPM$6) {
-    await pnpmFix(pkgEnvDetails, options);
+    // TODO: make pnpmFix return a CResult and propagate it
+    await pnpmFix(pkgEnvDetails, {
+      autoMerge,
+      cwd,
+      limit,
+      purls,
+      rangeStyle,
+      test,
+      testScript
+    });
   } else {
-    logger.logger.warn(utils.cmdPrefixMessage(CMD_NAME$1, `${agent} is not supported at the moment.`));
+    return {
+      ok: false,
+      message: 'Not supported',
+      cause: `${agent} is not supported by this command at the moment.`
+    };
   }
+  return {
+    ok: true,
+    data: undefined
+  };
 }
+async function handleFix({
+  autoMerge,
+  cwd,
+  limit,
+  outputKind,
+  purls,
+  rangeStyle,
+  test,
+  testScript
+}) {
+  const result = await runFix({
+    autoMerge,
+    cwd,
+    limit,
+    purls,
+    rangeStyle,
+    test,
+    testScript
+  });
+  await outputFixResult(result, outputKind);
+}
+const {
+  DRY_RUN_NOT_SAVING
+} = constants;
 const config$F = {
   commandName: 'fix',
   description: 'Update dependencies with "fixable" Socket alerts',
@@ -5200,11 +5240,25 @@ async function run$F(argv, importMeta, {
     parentName
   });
   const {
+    autopilot,
     json,
     markdown
   } = cli.flags;
-  const outputKind = utils.getOutputKind(json, markdown); // TODO: impl json/md further
+  let {
+    autoMerge,
+    rangeStyle,
+    test
+  } = cli.flags;
+  // TODO: impl json/md further
+  const outputKind = utils.getOutputKind(json, markdown);
+  let [cwd = '.'] = cli.input;
+  // Note: path.resolve vs .join:
+  // If given path is absolute then cwd should not affect it.
+  cwd = path.resolve(process.cwd(), cwd);
+  if (autopilot) {
+    autoMerge = true;
+    test = true;
+  }
   const wasValidInput = utils.checkCommandInput(outputKind, {
     test: utils.RangeStyles.includes(cli.flags['rangeStyle']),
     message: `Expecting range style of ${arrays.joinOr(utils.RangeStyles)}`,
@@ -5214,15 +5268,24 @@ async function run$F(argv, importMeta, {
   if (!wasValidInput) {
     return;
   }
-  await runFix({
-    autoMerge: Boolean(cli.flags['autoMerge']),
-    autopilot: Boolean(cli.flags['autopilot']),
-    limit: Number(cli.flags['limit']),
-    dryRun: Boolean(cli.flags['dryRun']),
-    purls: Array.isArray(cli.flags['purl']) ? cli.flags['purl'] : [],
-    rangeStyle: cli.flags['rangeStyle'] ?? undefined,
-    test: Boolean(cli.flags['test']),
-    testScript: cli.flags['testScript']
+  if (cli.flags['dryRun']) {
+    logger.logger.log(DRY_RUN_NOT_SAVING);
+    return;
+  }
+  let purls = Array.isArray(cli.flags['purl']) ? cli.flags['purl'] : [];
+  purls = purls.flatMap(p => p.split(/, */));
+  if (!['caret', 'gt', 'gte', 'lt', 'lte', 'pin', 'preserve', 'tilde'].includes(rangeStyle)) {
+    rangeStyle = 'preserve';
+  }
+  await handleFix({
+    autoMerge: Boolean(autoMerge),
+    cwd,
+    limit: (cli.flags['limit'] ? parseInt(String(cli.flags['limit'] || ''), 10) : Infinity) || Infinity,
+    outputKind,
+    purls,
+    rangeStyle: rangeStyle,
+    test: Boolean(test),
+    testScript: String(cli.flags['testScript'] || 'test')
   });
 }
@@ -5928,7 +5991,8 @@ async function run$A(argv, importMeta, {
   const outputKind = utils.getOutputKind(json, markdown); // TODO: impl json/md further
   const verbose = !!verboseFlag;
   let [cwd = '.'] = cli.input;
-  // Note: path.resolve vs .join: If given path is abs then cwd should not affect it
+  // Note: path.resolve vs .join:
+  // If given path is absolute then cwd should not affect it.
   cwd = path.resolve(process.cwd(), cwd);
   if (verbose) {
     logger.logger.group('- ', parentName, config$A.commandName, ':');
@@ -6043,7 +6107,8 @@ async function run$z(argv, importMeta, {
   } = cli.flags;
   const outputKind = utils.getOutputKind(json, markdown);
   let [cwd = '.'] = cli.input;
-  // Note: path.resolve vs .join: If given path is abs then cwd should not affect it
+  // Note: path.resolve vs .join:
+  // If given path is absolute then cwd should not affect it.
   cwd = path.resolve(process.cwd(), cwd);
   const socketJson = await utils.readOrDefaultSocketJson(cwd);
@@ -6200,7 +6265,8 @@ async function run$y(argv, importMeta, {
   } = cli.flags;
   const outputKind = utils.getOutputKind(json, markdown); // TODO: impl json/md further
   let [cwd = '.'] = cli.input;
-  // Note: path.resolve vs .join: If given path is abs then cwd should not affect it
+  // Note: path.resolve vs .join:
+  // If given path is absolute then cwd should not affect it.
   cwd = path.resolve(process.cwd(), cwd);
   const socketJson = await utils.readOrDefaultSocketJson(cwd);
   debug.debugLog('[DEBUG] socket.json gradle override:', socketJson?.defaults?.manifest?.gradle);
@@ -6356,7 +6422,8 @@ async function run$x(argv, importMeta, {
   } = cli.flags;
   const outputKind = utils.getOutputKind(json, markdown); // TODO: impl json/md further
   let [cwd = '.'] = cli.input;
-  // Note: path.resolve vs .join: If given path is abs then cwd should not affect it
+  // Note: path.resolve vs .join:
+  // If given path is absolute then cwd should not affect it.
   cwd = path.resolve(process.cwd(), cwd);
   const socketJson = await utils.readOrDefaultSocketJson(cwd);
   debug.debugLog('[DEBUG] socket.json gradle override:', socketJson?.defaults?.manifest?.gradle);
@@ -6521,7 +6588,8 @@ async function run$w(argv, importMeta, {
   } = cli.flags;
   const outputKind = utils.getOutputKind(json, markdown); // TODO: impl json/md further
   let [cwd = '.'] = cli.input;
-  // Note: path.resolve vs .join: If given path is abs then cwd should not affect it
+  // Note: path.resolve vs .join:
+  // If given path is absolute then cwd should not affect it.
   cwd = path.resolve(process.cwd(), cwd);
   const socketJson = await utils.readOrDefaultSocketJson(cwd);
   debug.debugLog('[DEBUG] socket.json sbt override:', socketJson?.defaults?.manifest?.sbt);
@@ -7078,7 +7146,8 @@ async function run$v(argv, importMeta, {
     defaultOnReadError = false
   } = cli.flags;
   let [cwd = '.'] = cli.input;
-  // Note: path.resolve vs .join: If given path is abs then cwd should not affect it
+  // Note: path.resolve vs .join:
+  // If given path is absolute then cwd should not affect it.
   cwd = path.resolve(process.cwd(), cwd);
   if (cli.flags['dryRun']) {
     logger.logger.log(DRY_RUN_BAILING_NOW$s);
@@ -13380,5 +13449,5 @@ void (async () => {
     await utils.captureException(e);
   }
 })();
-//# debugId=7c0cdab3-f7e1-4ab3-b66c-161b557a17a4
+//# debugId=e400d892-bcd3-4bf3-a6e0-ddafe9d984ad
 //# sourceMappingURL=cli.js.map