@socketsecurity/cli-with-sentry 0.15.32 → 0.15.33

package/dist/constants.js

@@ -122,10 +122,10 @@ const LAZY_ENV = () => {
     INLINED_SOCKET_CLI_SENTRY_BUILD: envAsBoolean(true),
     // Comp-time inlined Socket package version.
     // The '@rollup/plugin-replace' will replace "process.env['INLINED_SOCKET_CLI_VERSION']".
-    INLINED_SOCKET_CLI_VERSION: envAsString("0.15.32"),
+    INLINED_SOCKET_CLI_VERSION: envAsString("0.15.33"),
     // Comp-time inlined Socket package version hash.
     // The '@rollup/plugin-replace' will replace "process.env['INLINED_SOCKET_CLI_VERSION_HASH']".
-    INLINED_SOCKET_CLI_VERSION_HASH: envAsString("0.15.32:57313f0:d79ef465:pub"),
+    INLINED_SOCKET_CLI_VERSION_HASH: envAsString("0.15.33:1002dd3:5760ccdc:pub"),
     // Comp-time inlined synp package version.
     // The '@rollup/plugin-replace' will replace "process.env['INLINED_SYNP_VERSION']".
     INLINED_SYNP_VERSION: envAsString("1.9.14"),
@@ -403,5 +403,5 @@ const constants = createConstantsObject({
 });
 
 module.exports = constants;
-//# debugId=61b13248-fe2c-4ad9-8f25-60dac0d9327a
+//# debugId=5cef6a24-9249-400c-bd2a-339c55777089
 //# sourceMappingURL=constants.js.map

package/dist/constants.js.map

@@ -1 +1 @@
-{"version":3,"file":"constants.js","sources":["../src/constants.mts"],"sourcesContent":["import { realpathSync } from 'node:fs'\nimport { createRequire } from 'node:module'\nimport os from 'node:os'\nimport path from 'node:path'\nimport { fileURLToPath } from 'node:url'\n\nimport registryConstants from '@socketsecurity/registry/lib/constants'\n\nimport type { Agent } from './utils/package-environment.mts'\nimport type { Remap } from '@socketsecurity/registry/lib/objects'\n\nconst require = createRequire(import.meta.url)\nconst __filename = fileURLToPath(import.meta.url)\nconst __dirname = path.dirname(__filename)\n\nconst {\n  kInternalsSymbol,\n  [kInternalsSymbol as unknown as 'Symbol(kInternalsSymbol)']: {\n    attributes: registryConstantsAttribs,\n    createConstantsObject,\n    getIpc,\n  },\n} = registryConstants\n\ntype RegistryEnv = typeof registryConstants.ENV\n\ntype RegistryInternals = (typeof registryConstants)['Symbol(kInternalsSymbol)']\n\ntype Sentry = any\n\ntype Internals = Remap<\n  Omit<RegistryInternals, 'getIpc'> &\n    Readonly<{\n      getIpc: {\n        (): Promise<IPC>\n        <K extends keyof IPC | undefined>(\n          key?: K | undefined,\n        ): Promise<K extends keyof IPC ? IPC[K] : IPC>\n      }\n      getSentry: () => Sentry\n      setSentry(Sentry: Sentry): boolean\n    }>\n>\n\ntype ENV = Remap<\n  RegistryEnv &\n    Readonly<{\n      DISABLE_GITHUB_CACHE: boolean\n      GITHUB_ACTIONS: boolean\n      GITHUB_REF_NAME: string\n      GITHUB_REF_TYPE: string\n      GITHUB_REPOSITORY: string\n      GITHUB_TOKEN: string\n      INLINED_CYCLONEDX_CDXGEN_VERSION: string\n      INLINED_SOCKET_CLI_HOMEPAGE: string\n      INLINED_SOCKET_CLI_LEGACY_BUILD: string\n      INLINED_SOCKET_CLI_NAME: string\n      INLINED_SOCKET_CLI_PUBLISHED_BUILD: string\n      INLINED_SOCKET_CLI_SENTRY_BUILD: string\n      INLINED_SOCKET_CLI_VERSION: string\n      INLINED_SOCKET_CLI_VERSION_HASH: string\n      INLINED_SYNP_VERSION: string\n      LOCALAPPDATA: string\n      NODE_COMPILE_CACHE: string\n      PATH: string\n      SOCKET_CLI_ACCEPT_RISKS: boolean\n      SOCKET_CLI_API_BASE_URL: string\n      SOCKET_CLI_API_PROXY: string\n      SOCKET_CLI_API_TOKEN: string\n      SOCKET_CLI_CONFIG: string\n      SOCKET_CLI_DEBUG: boolean\n      SOCKET_CLI_GIT_USER_EMAIL: string\n      SOCKET_CLI_GIT_USER_NAME: string\n      SOCKET_CLI_GITHUB_TOKEN: string\n      SOCKET_CLI_NO_API_TOKEN: boolean\n      SOCKET_CLI_VIEW_ALL_RISKS: boolean\n      TERM: string\n      XDG_DATA_HOME: string\n    }>\n>\n\ntype IPC = Readonly<{\n  SOCKET_CLI_FIX?: string | undefined\n  SOCKET_CLI_OPTIMIZE?: boolean | undefined\n  SOCKET_CLI_SAFE_BIN?: string | undefined\n  SOCKET_CLI_SAFE_PROGRESS?: boolean | undefined\n}>\n\ntype Constants = Remap<\n  Omit<typeof registryConstants, 'Symbol(kInternalsSymbol)' | 'ENV' | 'IPC'> & {\n    readonly 'Symbol(kInternalsSymbol)': Internals\n    readonly ALERT_TYPE_CRITICAL_CVE: 'criticalCVE'\n    readonly ALERT_TYPE_CVE: 'cve'\n    readonly ALERT_TYPE_MEDIUM_CVE: 'mediumCVE'\n    readonly ALERT_TYPE_MILD_CVE: 'mildCVE'\n    readonly API_V0_URL: 'https://api.socket.dev/v0/'\n    readonly BINARY_LOCK_EXT: '.lockb'\n    readonly BUN: 'bun'\n    readonly ENV: ENV\n    readonly DRY_RUN_LABEL: '[DryRun]'\n    readonly DRY_RUN_BAILING_NOW: '[DryRun] Bailing now'\n    readonly DRY_RUN_NOT_SAVING: '[DryRun] Not saving'\n    readonly IPC: IPC\n    readonly LOCK_EXT: '.lock'\n    readonly NPM_BUGGY_OVERRIDES_PATCHED_VERSION: '11.2.0'\n    readonly NPM_REGISTRY_URL: 'https://registry.npmjs.org'\n    readonly PNPM: 'pnpm'\n    readonly REDACTED: '<redacted>'\n    readonly SHADOW_BIN: 'shadow-bin'\n    readonly SHADOW_INJECT: 'shadow-inject'\n    readonly SOCKET: 'socket'\n    readonly SOCKET_CLI_ACCEPT_RISKS: 'SOCKET_CLI_ACCEPT_RISKS'\n    readonly SOCKET_CLI_BIN_NAME: 'socket'\n    readonly SOCKET_CLI_BIN_NAME_ALIAS: 'cli'\n    readonly SOCKET_CLI_CONFIG: 'SOCKET_CLI_CONFIG'\n    readonly SOCKET_CLI_FIX: 'SOCKET_CLI_FIX'\n    readonly SOCKET_CLI_ISSUES_URL: 'https://github.com/SocketDev/socket-cli/issues'\n    readonly SOCKET_CLI_SENTRY_BIN_NAME_ALIAS: 'cli-with-sentry'\n    readonly SOCKET_CLI_LEGACY_PACKAGE_NAME: '@socketsecurity/cli'\n    readonly SOCKET_CLI_NPM_BIN_NAME: 'socket-npm'\n    readonly SOCKET_CLI_NPX_BIN_NAME: 'socket-npx'\n    readonly SOCKET_CLI_OPTIMIZE: 'SOCKET_CLI_OPTIMIZE'\n    readonly SOCKET_CLI_PACKAGE_NAME: 'socket'\n    readonly SOCKET_CLI_SAFE_BIN: 'SOCKET_CLI_SAFE_BIN'\n    readonly SOCKET_CLI_SAFE_PROGRESS: 'SOCKET_CLI_SAFE_PROGRESS'\n    readonly SOCKET_CLI_SENTRY_BIN_NAME: 'socket-with-sentry'\n    readonly SOCKET_CLI_SENTRY_NPM_BIN_NAME: 'socket-npm-with-sentry'\n    readonly SOCKET_CLI_SENTRY_NPX_BIN_NAME: 'socket-npx-with-sentry'\n    readonly SOCKET_CLI_SENTRY_PACKAGE_NAME: '@socketsecurity/cli-with-sentry'\n    readonly SOCKET_CLI_VIEW_ALL_RISKS: 'SOCKET_CLI_VIEW_ALL_RISKS'\n    readonly SOCKET_WEBSITE_URL: 'https://socket.dev'\n    readonly VLT: 'vlt'\n    readonly WITH_SENTRY: 'with-sentry'\n    readonly YARN: 'yarn'\n    readonly YARN_BERRY: 'yarn/berry'\n    readonly YARN_CLASSIC: 'yarn/classic'\n    readonly YARN_LOCK: 'yarn.lock'\n    readonly bashRcPath: string\n    readonly binCliPath: string\n    readonly binPath: string\n    readonly blessedOptions: {\n      smartCSR: boolean\n      term: string\n      useBCE: boolean\n    }\n    readonly distCliPath: string\n    readonly distInstrumentWithSentryPath: string\n    readonly distPath: string\n    readonly distShadowBinPath: string\n    readonly distShadowInjectPath: string\n    readonly githubCachePath: string\n    readonly homePath: string\n    readonly minimumVersionByAgent: Map<Agent, string>\n    readonly nmBinPath: string\n    readonly nodeHardenFlags: string[]\n    readonly rootPath: string\n    readonly shadowBinPath: string\n    readonly socketAppDataPath: string\n    readonly socketCachePath: string\n    readonly zshRcPath: string\n  }\n>\n\nconst ALERT_TYPE_CRITICAL_CVE = 'criticalCVE'\nconst ALERT_TYPE_CVE = 'cve'\nconst ALERT_TYPE_MEDIUM_CVE = 'mediumCVE'\nconst ALERT_TYPE_MILD_CVE = 'mildCVE'\nconst API_V0_URL = 'https://api.socket.dev/v0/'\nconst BINARY_LOCK_EXT = '.lockb'\nconst BUN = 'bun'\nconst DRY_RUN_LABEL = '[DryRun]'\nconst DRY_RUN_BAILING_NOW = `${DRY_RUN_LABEL}: Bailing now`\nconst DRY_RUN_NOT_SAVING = `${DRY_RUN_LABEL}: Not saving`\nconst LOCALAPPDATA = 'LOCALAPPDATA'\nconst LOCK_EXT = '.lock'\nconst NPM_BUGGY_OVERRIDES_PATCHED_VERSION = '11.2.0'\nconst NPM_REGISTRY_URL = 'https://registry.npmjs.org'\nconst PNPM = 'pnpm'\nconst REDACTED = '<redacted>'\nconst SHADOW_BIN = 'shadow-bin'\nconst SHADOW_INJECT = 'shadow-inject'\nconst SOCKET = 'socket'\nconst SOCKET_CLI_ACCEPT_RISKS = 'SOCKET_CLI_ACCEPT_RISKS'\nconst SOCKET_CLI_BIN_NAME = 'socket'\nconst SOCKET_CLI_BIN_NAME_ALIAS = 'cli'\nconst SOCKET_CLI_FIX = 'SOCKET_CLI_FIX'\nconst SOCKET_CLI_ISSUES_URL = 'https://github.com/SocketDev/socket-cli/issues'\nconst SOCKET_CLI_LEGACY_PACKAGE_NAME = '@socketsecurity/cli'\nconst SOCKET_CLI_OPTIMIZE = 'SOCKET_CLI_OPTIMIZE'\nconst SOCKET_CLI_NPM_BIN_NAME = 'socket-npm'\nconst SOCKET_CLI_NPX_BIN_NAME = 'socket-npx'\nconst SOCKET_CLI_PACKAGE_NAME = 'socket'\nconst SOCKET_CLI_SAFE_BIN = 'SOCKET_CLI_SAFE_BIN'\nconst SOCKET_CLI_SAFE_PROGRESS = 'SOCKET_CLI_SAFE_PROGRESS'\nconst SOCKET_CLI_SENTRY_BIN_NAME = 'socket-with-sentry'\nconst SOCKET_CLI_SENTRY_BIN_NAME_ALIAS = 'cli-with-sentry'\nconst SOCKET_CLI_SENTRY_NPM_BIN_NAME = 'socket-npm-with-sentry'\nconst SOCKET_CLI_SENTRY_NPX_BIN_NAME = 'socket-npx-with-sentry'\nconst SOCKET_CLI_SENTRY_PACKAGE_NAME = '@socketsecurity/cli-with-sentry'\nconst SOCKET_CLI_VIEW_ALL_RISKS = 'SOCKET_CLI_VIEW_ALL_RISKS'\nconst SOCKET_WEBSITE_URL = 'https://socket.dev'\nconst VLT = 'vlt'\nconst WITH_SENTRY = 'with-sentry'\nconst YARN = 'yarn'\nconst YARN_BERRY = 'yarn/berry'\nconst YARN_CLASSIC = 'yarn/classic'\nconst YARN_LOCK = 'yarn.lock'\n\nlet _Sentry: any\n\nconst LAZY_ENV = () => {\n  const {\n    envAsBoolean,\n    envAsString,\n  } = require('@socketsecurity/registry/lib/env')\n  const { env } = process\n  const GITHUB_TOKEN = envAsString(env['GITHUB_TOKEN'])\n  // We inline some environment values so that they CANNOT be influenced by user\n  // provided environment variables.\n  return Object.freeze({\n    __proto__: null,\n    // Lazily access registryConstants.ENV.\n    ...registryConstants.ENV,\n    // Flag to disable using GitHub's workflow actions/cache.\n    // https://github.com/actions/cache\n    DISABLE_GITHUB_CACHE: envAsBoolean(env['DISABLE_GITHUB_CACHE']),\n    // Always set to true when GitHub Actions is running the workflow. This variable\n    // can be used to differentiate when tests are being run locally or by GitHub Actions.\n    // https://docs.github.com/en/actions/writing-workflows/choosing-what-your-workflow-does/store-information-in-variables#default-environment-variables\n    GITHUB_ACTIONS: envAsBoolean(env['GITHUB_ACTIONS']),\n    // The short ref name of the branch or tag that triggered the GitHub workflow\n    // run. This value matches the branch or tag name shown on GitHub. For example,\n    // feature-branch-1. For pull requests, the format is <pr_number>/merge.\n    // https://docs.github.com/en/actions/writing-workflows/choosing-what-your-workflow-does/store-information-in-variables#default-environment-variables\n    GITHUB_REF_NAME: envAsString(env['GITHUB_REF_NAME']),\n    // The type of ref that triggered the workflow run. Valid values are branch or tag.\n    // https://docs.github.com/en/actions/writing-workflows/choosing-what-your-workflow-does/store-information-in-variables#default-environment-variables\n    GITHUB_REF_TYPE: envAsString(env['GITHUB_REF_TYPE']),\n    // The owner and repository name. For example, octocat/Hello-World.\n    // https://docs.github.com/en/actions/writing-workflows/choosing-what-your-workflow-does/store-information-in-variables#default-environment-variables\n    GITHUB_REPOSITORY: envAsString(env['GITHUB_REPOSITORY']),\n    // The GITHUB_TOKEN secret is a GitHub App installation access token.\n    // The token's permissions are limited to the repository that contains the\n    // workflow.\n    // https://docs.github.com/en/actions/security-for-github-actions/security-guides/automatic-token-authentication#about-the-github_token-secret\n    GITHUB_TOKEN,\n    // Comp-time inlined @cyclonedx/cdxgen package version.\n    // The '@rollup/plugin-replace' will replace \"process.env['INLINED_CYCLONEDX_CDXGEN_VERSION']\".\n    INLINED_CYCLONEDX_CDXGEN_VERSION: envAsString(\n      process.env['INLINED_CYCLONEDX_CDXGEN_VERSION'],\n    ),\n    // Comp-time inlined Socket package homepage.\n    // The '@rollup/plugin-replace' will replace \"process.env['INLINED_SOCKET_CLI_HOMEPAGE']\".\n    INLINED_SOCKET_CLI_HOMEPAGE: envAsString(\n      process.env['INLINED_SOCKET_CLI_HOMEPAGE'],\n    ),\n    // Comp-time inlined flag to determine if this is the Legacy build.\n    // The '@rollup/plugin-replace' will replace \"process.env['INLINED_SOCKET_CLI_LEGACY_BUILD']\".\n    INLINED_SOCKET_CLI_LEGACY_BUILD: envAsBoolean(\n      process.env['INLINED_SOCKET_CLI_LEGACY_BUILD'],\n    ),\n    // Comp-time inlined Socket package name.\n    // The '@rollup/plugin-replace' will replace \"process.env['INLINED_SOCKET_CLI_NAME']\".\n    INLINED_SOCKET_CLI_NAME: envAsString(\n      process.env['INLINED_SOCKET_CLI_NAME'],\n    ),\n    // Comp-time inlined flag to determine if this is a published build.\n    // The '@rollup/plugin-replace' will replace \"process.env['INLINED_SOCKET_CLI_PUBLISHED_BUILD']\".\n    INLINED_SOCKET_CLI_PUBLISHED_BUILD: envAsBoolean(\n      process.env['INLINED_SOCKET_CLI_PUBLISHED_BUILD'],\n    ),\n    // Comp-time inlined flag to determine if this is the Sentry build.\n    // The '@rollup/plugin-replace' will replace \"process.env['INLINED_SOCKET_CLI_SENTRY_BUILD']\".\n    INLINED_SOCKET_CLI_SENTRY_BUILD: envAsBoolean(\n      process.env['INLINED_SOCKET_CLI_SENTRY_BUILD'],\n    ),\n    // Comp-time inlined Socket package version.\n    // The '@rollup/plugin-replace' will replace \"process.env['INLINED_SOCKET_CLI_VERSION']\".\n    INLINED_SOCKET_CLI_VERSION: envAsString(\n      process.env['INLINED_SOCKET_CLI_VERSION'],\n    ),\n    // Comp-time inlined Socket package version hash.\n    // The '@rollup/plugin-replace' will replace \"process.env['INLINED_SOCKET_CLI_VERSION_HASH']\".\n    INLINED_SOCKET_CLI_VERSION_HASH: envAsString(\n      process.env['INLINED_SOCKET_CLI_VERSION_HASH'],\n    ),\n    // Comp-time inlined synp package version.\n    // The '@rollup/plugin-replace' will replace \"process.env['INLINED_SYNP_VERSION']\".\n    INLINED_SYNP_VERSION: envAsString(process.env['INLINED_SYNP_VERSION']),\n    // The location of the %localappdata% folder on Windows used to store user-specific,\n    // non-roaming application data, like temporary files, cached data, and program\n    // settings, that are specific to the current machine and user.\n    LOCALAPPDATA: envAsString(env[LOCALAPPDATA]),\n    // Flag to enable the module compile cache for the Node.js instance.\n    // https://nodejs.org/api/cli.html#node_compile_cachedir\n    NODE_COMPILE_CACHE:\n      // Lazily access constants.SUPPORTS_NODE_COMPILE_CACHE_ENV_VAR.\n      constants.SUPPORTS_NODE_COMPILE_CACHE_ENV_VAR\n        ? // Lazily access constants.socketCachePath.\n          constants.socketCachePath\n        : '',\n    // PATH is an environment variable that lists directories where executable\n    // programs are located. When a command is run, the system searches these\n    // directories to find the executable.\n    PATH: envAsString(env['PATH']),\n    // Flag to accepts risks of safe-npm and safe-npx run.\n    SOCKET_CLI_ACCEPT_RISKS: envAsBoolean(env[SOCKET_CLI_ACCEPT_RISKS]),\n    // Flag to change the base URL for all API-calls.\n    // https://github.com/SocketDev/socket-cli?tab=readme-ov-file#environment-variables-for-development\n    SOCKET_CLI_API_BASE_URL:\n      envAsString(env['SOCKET_CLI_API_BASE_URL']) ||\n      envAsString(env['SOCKET_SECURITY_API_BASE_URL']),\n    // Flag to set the proxy all requests are routed through.\n    // https://github.com/SocketDev/socket-cli?tab=readme-ov-file#environment-variables-for-development\n    SOCKET_CLI_API_PROXY:\n      envAsString(env['SOCKET_CLI_API_PROXY']) ||\n      envAsString(env['SOCKET_SECURITY_API_PROXY']),\n    // Flag to set the API token.\n    // https://github.com/SocketDev/socket-cli?tab=readme-ov-file#environment-variables\n    SOCKET_CLI_API_TOKEN:\n      envAsString(env['SOCKET_CLI_API_TOKEN']) ||\n      envAsString(env['SOCKET_CLI_API_KEY']) ||\n      envAsString(env['SOCKET_SECURITY_API_TOKEN']) ||\n      envAsString(env['SOCKET_SECURITY_API_KEY']),\n    // Flag containing a JSON stringified Socket configuration object.\n    SOCKET_CLI_CONFIG: envAsString(env['SOCKET_CLI_CONFIG']),\n    // Flag to help debug Socket CLI.\n    SOCKET_CLI_DEBUG: envAsBoolean(env['SOCKET_CLI_DEBUG']),\n    // The git config user.email used by Socket CLI.\n    SOCKET_CLI_GIT_USER_EMAIL:\n      envAsString(env['SOCKET_CLI_GIT_USER_EMAIL']) ||\n      `github-actions[bot]@users.noreply.github.com`,\n    // The git config user.name used by Socket CLI.\n    SOCKET_CLI_GIT_USER_NAME:\n      envAsString(env['SOCKET_CLI_GIT_USER_NAME']) ||\n      envAsString(env['SOCKET_CLI_GIT_USERNAME']) ||\n      'github-actions[bot]',\n    // A classic GitHub personal access token with the \"repo\" scope or a\n    // fine-grained access token with at least read/write permissions set for\n    // \"Contents\" and \"Pull Request\".\n    // https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/managing-your-personal-access-tokens\n    SOCKET_CLI_GITHUB_TOKEN:\n      envAsString(env['SOCKET_CLI_GITHUB_TOKEN']) ||\n      envAsString(env['SOCKET_SECURITY_GITHUB_PAT']) ||\n      GITHUB_TOKEN,\n    // Flag to make the default API token `undefined`.\n    SOCKET_CLI_NO_API_TOKEN: envAsBoolean(env['SOCKET_CLI_NO_API_TOKEN']),\n    // Flag to view all risks of safe-npm and safe-npx run.\n    SOCKET_CLI_VIEW_ALL_RISKS: envAsBoolean(env[SOCKET_CLI_VIEW_ALL_RISKS]),\n    // Specifies the type of terminal or terminal emulator being used by the process.\n    TERM: envAsString(env['TERM']),\n    // The location of the base directory on Linux and MacOS used to store\n    // user-specific data files, defaulting to $HOME/.local/share if not set or empty.\n    XDG_DATA_HOME: envAsString(env['XDG_DATA_HOME']),\n  })\n}\n\nconst lazyBashRcPath = () =>\n  // Lazily access constants.homePath.\n  path.join(constants.homePath, '.bashrc')\n\nconst lazyBinPath = () =>\n  // Lazily access constants.rootPath.\n  path.join(constants.rootPath, 'bin')\n\nconst lazyBinCliPath = () =>\n  // Lazily access constants.binPath.\n  path.join(constants.binPath, 'cli.js')\n\nconst lazyBlessedOptions = () =>\n  Object.freeze({\n    smartCSR: true,\n    // Lazily access constants.WIN32.\n    term: constants.WIN32 ? 'windows-ansi' : 'xterm',\n    useBCE: true,\n  })\n\nconst lazyDistPath = () =>\n  // Lazily access constants.rootPath.\n  path.join(constants.rootPath, 'dist')\n\nconst lazyDistCliPath = () =>\n  // Lazily access constants.distPath.\n  path.join(constants.distPath, 'cli.js')\n\nconst lazyDistInstrumentWithSentryPath = () =>\n  // Lazily access constants.distPath.\n  path.join(constants.distPath, 'instrument-with-sentry.js')\n\nconst lazyDistShadowBinPath = () =>\n  // Lazily access constants.distPath.\n  path.join(constants.distPath, `${SHADOW_BIN}.js`)\n\nconst lazyDistShadowInjectPath = () =>\n  // Lazily access constants.distPath.\n  path.join(constants.distPath, `${SHADOW_INJECT}.js`)\n\nconst lazyGithubCachePath = () =>\n  // Lazily access constants.socketCachePath.\n  path.join(constants.socketCachePath, 'github')\n\nconst lazyHomePath = () => os.homedir()\n\nconst lazyMinimumVersionByAgent = () =>\n  new Map([\n    // Bun >=1.1.39 supports the text-based lockfile.\n    // https://bun.sh/blog/bun-lock-text-lockfile\n    [BUN, '1.1.39'],\n    // The npm version bundled with Node 18.\n    // https://nodejs.org/en/about/previous-releases#looking-for-the-latest-release-of-a-version-branch\n    ['npm', '10.8.2'],\n    // 8.x is the earliest version to support Node 18.\n    // https://pnpm.io/installation#compatibility\n    // https://www.npmjs.com/package/pnpm?activeTab=versions\n    [PNPM, '8.15.7'],\n    // 4.x supports >= Node 18.12.0\n    // https://github.com/yarnpkg/berry/blob/%40yarnpkg/core/4.1.0/CHANGELOG.md#400\n    [YARN_BERRY, '4.0.0'],\n    // Latest 1.x.\n    // https://www.npmjs.com/package/yarn?activeTab=versions\n    [YARN_CLASSIC, '1.22.22'],\n    // vlt does not support overrides so we don't gate on it.\n    [VLT, '*'],\n  ])\n\nconst lazyNmBinPath = () =>\n  // Lazily access constants.rootPath.\n  path.join(constants.rootPath, 'node_modules/.bin')\n\n// Redefine registryConstants.nodeHardenFlags to account for the\n// INLINED_SOCKET_CLI_SENTRY_BUILD environment variable.\nconst lazyNodeHardenFlags = () =>\n  Object.freeze(\n    // Lazily access constants.ENV.INLINED_SOCKET_CLI_SENTRY_BUILD.\n    constants.ENV.INLINED_SOCKET_CLI_SENTRY_BUILD ||\n      // Lazily access constants.WIN32.\n      constants.WIN32\n      ? []\n      : // Harden Node security.\n        // https://nodejs.org/en/learn/getting-started/security-best-practices\n        [\n          '--disable-proto',\n          'throw',\n          // We have contributed the following patches to our dependencies to make\n          // Node's --frozen-intrinsics workable.\n          // √ https://github.com/SBoudrias/Inquirer.js/pull/1683\n          // √ https://github.com/pnpm/components/pull/23\n          '--frozen-intrinsics',\n          '--no-deprecation',\n        ],\n  )\n\nconst lazyRootPath = () => path.join(realpathSync.native(__dirname), '..')\n\nconst lazySocketAppDataPath = (): string | undefined => {\n  // Get the OS app data folder:\n  // - Win: %LOCALAPPDATA% or fail?\n  // - Mac: %XDG_DATA_HOME% or fallback to \"~/Library/Application Support/\"\n  // - Linux: %XDG_DATA_HOME% or fallback to \"~/.local/share/\"\n  // Note: LOCALAPPDATA is typically: C:\\Users\\USERNAME\\AppData\n  // Note: XDG stands for \"X Desktop Group\", nowadays \"freedesktop.org\"\n  //       On most systems that path is: $HOME/.local/share\n  // Then append `socket/settings`, so:\n  // - Win: %LOCALAPPDATA%\\socket\\settings or return undefined\n  // - Mac: %XDG_DATA_HOME%/socket/settings or \"~/Library/Application Support/socket/settings\"\n  // - Linux: %XDG_DATA_HOME%/socket/settings or \"~/.local/share/socket/settings\"\n\n  // Lazily access constants.WIN32.\n  const { WIN32 } = constants\n  let dataHome: string | undefined = WIN32\n    ? // Lazily access constants.ENV.LOCALAPPDATA\n      constants.ENV.LOCALAPPDATA\n    : // Lazily access constants.ENV.XDG_DATA_HOME\n      constants.ENV.XDG_DATA_HOME\n  if (!dataHome) {\n    if (WIN32) {\n      const logger = require('@socketsecurity/registry/lib/logger')\n      logger.warn(`Missing %${LOCALAPPDATA}%`)\n    } else {\n      dataHome = path.join(\n        // Lazily access constants.homePath.\n        constants.homePath,\n        // Lazily access constants.DARWIN.\n        constants.DARWIN ? 'Library/Application Support' : '.local/share',\n      )\n    }\n  }\n  return dataHome ? path.join(dataHome, 'socket/settings') : undefined\n}\n\nconst lazySocketCachePath = () =>\n  // Lazily access constants.rootPath.\n  path.join(constants.rootPath, '.cache')\n\nconst lazyShadowBinPath = () =>\n  // Lazily access constants.rootPath.\n  path.join(constants.rootPath, SHADOW_BIN)\n\nconst lazyZshRcPath = () =>\n  // Lazily access constants.homePath.\n  path.join(constants.homePath, '.zshrc')\n\nconst constants: Constants = createConstantsObject(\n  {\n    ...registryConstantsAttribs.props,\n    ALERT_TYPE_CRITICAL_CVE,\n    ALERT_TYPE_CVE,\n    ALERT_TYPE_MEDIUM_CVE,\n    ALERT_TYPE_MILD_CVE,\n    API_V0_URL,\n    BINARY_LOCK_EXT,\n    BUN,\n    DRY_RUN_LABEL,\n    DRY_RUN_BAILING_NOW,\n    DRY_RUN_NOT_SAVING,\n    ENV: undefined,\n    LOCK_EXT,\n    NPM_BUGGY_OVERRIDES_PATCHED_VERSION,\n    NPM_REGISTRY_URL,\n    PNPM,\n    REDACTED,\n    SHADOW_BIN,\n    SHADOW_INJECT,\n    SOCKET,\n    SOCKET_CLI_ACCEPT_RISKS,\n    SOCKET_CLI_BIN_NAME,\n    SOCKET_CLI_BIN_NAME_ALIAS,\n    SOCKET_CLI_FIX,\n    SOCKET_CLI_ISSUES_URL,\n    SOCKET_CLI_SENTRY_BIN_NAME_ALIAS,\n    SOCKET_CLI_LEGACY_PACKAGE_NAME,\n    SOCKET_CLI_NPM_BIN_NAME,\n    SOCKET_CLI_NPX_BIN_NAME,\n    SOCKET_CLI_OPTIMIZE,\n    SOCKET_CLI_PACKAGE_NAME,\n    SOCKET_CLI_SAFE_BIN,\n    SOCKET_CLI_SAFE_PROGRESS,\n    SOCKET_CLI_SENTRY_BIN_NAME,\n    SOCKET_CLI_SENTRY_NPM_BIN_NAME,\n    SOCKET_CLI_SENTRY_NPX_BIN_NAME,\n    SOCKET_CLI_SENTRY_PACKAGE_NAME,\n    SOCKET_CLI_VIEW_ALL_RISKS,\n    SOCKET_WEBSITE_URL,\n    VLT,\n    WITH_SENTRY,\n    YARN,\n    YARN_BERRY,\n    YARN_CLASSIC,\n    YARN_LOCK,\n    bashRcPath: undefined,\n    binPath: undefined,\n    binCliPath: undefined,\n    blessedOptions: undefined,\n    distCliPath: undefined,\n    distInstrumentWithSentryPath: undefined,\n    distPath: undefined,\n    distShadowBinPath: undefined,\n    distShadowInjectPath: undefined,\n    githubCachePath: undefined,\n    homePath: undefined,\n    minimumVersionByAgent: undefined,\n    nmBinPath: undefined,\n    nodeHardenFlags: undefined,\n    rootPath: undefined,\n    shadowBinPath: undefined,\n    socketAppDataPath: undefined,\n    socketCachePath: undefined,\n    zshRcPath: undefined,\n  },\n  {\n    getters: {\n      ...registryConstantsAttribs.getters,\n      ENV: LAZY_ENV,\n      bashRcPath: lazyBashRcPath,\n      binCliPath: lazyBinCliPath,\n      binPath: lazyBinPath,\n      blessedOptions: lazyBlessedOptions,\n      distCliPath: lazyDistCliPath,\n      distInstrumentWithSentryPath: lazyDistInstrumentWithSentryPath,\n      distPath: lazyDistPath,\n      distShadowBinPath: lazyDistShadowBinPath,\n      distShadowInjectPath: lazyDistShadowInjectPath,\n      githubCachePath: lazyGithubCachePath,\n      homePath: lazyHomePath,\n      minimumVersionByAgent: lazyMinimumVersionByAgent,\n      nmBinPath: lazyNmBinPath,\n      nodeHardenFlags: lazyNodeHardenFlags,\n      rootPath: lazyRootPath,\n      shadowBinPath: lazyShadowBinPath,\n      socketAppDataPath: lazySocketAppDataPath,\n      socketCachePath: lazySocketCachePath,\n      zshRcPath: lazyZshRcPath,\n    },\n    internals: {\n      ...registryConstantsAttribs.internals,\n      getIpc,\n      getSentry() {\n        return _Sentry\n      },\n      setSentry(Sentry: Sentry): boolean {\n        if (_Sentry === undefined) {\n          _Sentry = Sentry\n          return true\n        }\n        return false\n      },\n    },\n  },\n) as Constants\n\nexport default constants\n"],"names":["attributes","getIpc","envAsString","env","__proto__","DISABLE_GITHUB_CACHE","GITHUB_ACTIONS","GITHUB_REF_NAME","GITHUB_REF_TYPE","GITHUB_REPOSITORY","LOCALAPPDATA","constants","PATH","SOCKET_CLI_ACCEPT_RISKS","SOCKET_CLI_API_BASE_URL","SOCKET_CLI_API_PROXY","SOCKET_CLI_API_TOKEN","SOCKET_CLI_CONFIG","SOCKET_CLI_DEBUG","SOCKET_CLI_GIT_USER_NAME","SOCKET_CLI_GITHUB_TOKEN","SOCKET_CLI_NO_API_TOKEN","SOCKET_CLI_VIEW_ALL_RISKS","TERM","XDG_DATA_HOME","path","smartCSR","term","useBCE","WIN32","logger","ENV","bashRcPath","binPath","binCliPath","blessedOptions","distCliPath","distInstrumentWithSentryPath","distPath","distShadowBinPath","distShadowInjectPath","githubCachePath","homePath","minimumVersionByAgent","nmBinPath","nodeHardenFlags","rootPath","shadowBinPath","socketAppDataPath","socketCachePath","zshRcPath","getters","internals","getSentry","_Sentry"],"mappings":";;;;;;;;;;AAWA,iBAAA;AACA;AACA;AAEA;;AAEE;AACEA;;AAEAC;AACF;AACF;AA6IA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAEA;AAEA;;;AAGIC;AACF;;AACQC;AAAI;;AAEZ;AACA;;AAEEC;AACA;;AAEA;AACA;AACAC;AACA;AACA;AACA;AACAC;AACA;AACA;AACA;AACA;AACAC;AACA;AACA;AACAC;AACA;AACA;AACAC;AACA;AACA;AACA;AACA;;AAEA;AACA;;AAIA;AACA;;AAIA;AACA;;AAIA;AACA;;AAIA;AACA;;AAIA;AACA;;AAIA;AACA;;AAIA;AACA;;AAIA;AACA;;AAEA;AACA;AACA;AACAC;AACA;AACA;;AAEE;AACAC;AACI;;AAGN;AACA;AACA;AACAC;AACA;AACAC;AACA;AACA;AACAC;AAGA;AACA;AACAC;AAGA;AACA;AACAC;AAKA;AACAC;AACA;AACAC;AACA;;AAIA;AACAC;AAIA;AACA;AACA;AACA;AACAC;AAIA;AACAC;AACA;AACAC;AACA;AACAC;AACA;AACA;AACAC;AACF;AACF;AAEA;AACE;AACAC;AAEF;AACE;AACAA;AAEF;AACE;AACAA;AAEF;AAEIC;AACA;AACAC;AACAC;AACF;AAEF;AACE;AACAH;AAEF;AACE;AACAA;AAEF;AACE;AACAA;AAEF;AACE;AACAA;AAEF;AACE;AACAA;AAEF;AACE;AACAA;AAEF;AAEA;AAEI;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAGJ;AACE;AACAA;;AAEF;AACA;AACA;AAEI;AACAd;AACE;AACAA;AAEE;AACA;AACA;AAGE;AACA;AACA;AACA;AACA;AAKV;AAEA;AACE;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAEA;;AACQkB;AAAM;;AAEV;;AAEA;;;AAGF;AACE;AACAC;AACF;;AAEI;AACAnB;AACA;AACAA;AAEJ;AACF;;AAEF;AAEA;AACE;AACAc;AAEF;AACE;AACAA;AAEF;AACE;AACAA;AAEId;;;;;;;;;;;;AAaFoB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAkCAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACF;AAEEC;;AAEEpB;AACAC;AACAE;AACAD;AACAE;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;;AAEFE;;;AAGEC;AACE;;;;AAIEC;AACA;AACF;AACA;AACF;AACF;AACF;;","debugId":"61b13248-fe2c-4ad9-8f25-60dac0d9327a"}
+{"version":3,"file":"constants.js","sources":["../src/constants.mts"],"sourcesContent":["import { realpathSync } from 'node:fs'\nimport { createRequire } from 'node:module'\nimport os from 'node:os'\nimport path from 'node:path'\nimport { fileURLToPath } from 'node:url'\n\nimport registryConstants from '@socketsecurity/registry/lib/constants'\n\nimport type { Agent } from './utils/package-environment.mts'\nimport type { Remap } from '@socketsecurity/registry/lib/objects'\n\nconst require = createRequire(import.meta.url)\nconst __filename = fileURLToPath(import.meta.url)\nconst __dirname = path.dirname(__filename)\n\nconst {\n  kInternalsSymbol,\n  [kInternalsSymbol as unknown as 'Symbol(kInternalsSymbol)']: {\n    attributes: registryConstantsAttribs,\n    createConstantsObject,\n    getIpc,\n  },\n} = registryConstants\n\ntype RegistryEnv = typeof registryConstants.ENV\n\ntype RegistryInternals = (typeof registryConstants)['Symbol(kInternalsSymbol)']\n\ntype Sentry = any\n\ntype Internals = Remap<\n  Omit<RegistryInternals, 'getIpc'> &\n    Readonly<{\n      getIpc: {\n        (): Promise<IPC>\n        <K extends keyof IPC | undefined>(\n          key?: K | undefined,\n        ): Promise<K extends keyof IPC ? IPC[K] : IPC>\n      }\n      getSentry: () => Sentry\n      setSentry(Sentry: Sentry): boolean\n    }>\n>\n\ntype ENV = Remap<\n  RegistryEnv &\n    Readonly<{\n      DISABLE_GITHUB_CACHE: boolean\n      GITHUB_ACTIONS: boolean\n      GITHUB_REF_NAME: string\n      GITHUB_REF_TYPE: string\n      GITHUB_REPOSITORY: string\n      GITHUB_TOKEN: string\n      INLINED_CYCLONEDX_CDXGEN_VERSION: string\n      INLINED_SOCKET_CLI_HOMEPAGE: string\n      INLINED_SOCKET_CLI_LEGACY_BUILD: string\n      INLINED_SOCKET_CLI_NAME: string\n      INLINED_SOCKET_CLI_PUBLISHED_BUILD: string\n      INLINED_SOCKET_CLI_SENTRY_BUILD: string\n      INLINED_SOCKET_CLI_VERSION: string\n      INLINED_SOCKET_CLI_VERSION_HASH: string\n      INLINED_SYNP_VERSION: string\n      LOCALAPPDATA: string\n      NODE_COMPILE_CACHE: string\n      PATH: string\n      SOCKET_CLI_ACCEPT_RISKS: boolean\n      SOCKET_CLI_API_BASE_URL: string\n      SOCKET_CLI_API_PROXY: string\n      SOCKET_CLI_API_TOKEN: string\n      SOCKET_CLI_CONFIG: string\n      SOCKET_CLI_DEBUG: boolean\n      SOCKET_CLI_GIT_USER_EMAIL: string\n      SOCKET_CLI_GIT_USER_NAME: string\n      SOCKET_CLI_GITHUB_TOKEN: string\n      SOCKET_CLI_NO_API_TOKEN: boolean\n      SOCKET_CLI_VIEW_ALL_RISKS: boolean\n      TERM: string\n      XDG_DATA_HOME: string\n    }>\n>\n\ntype IPC = Readonly<{\n  SOCKET_CLI_FIX?: string | undefined\n  SOCKET_CLI_OPTIMIZE?: boolean | undefined\n  SOCKET_CLI_SAFE_BIN?: string | undefined\n  SOCKET_CLI_SAFE_PROGRESS?: boolean | undefined\n}>\n\ntype Constants = Remap<\n  Omit<typeof registryConstants, 'Symbol(kInternalsSymbol)' | 'ENV' | 'IPC'> & {\n    readonly 'Symbol(kInternalsSymbol)': Internals\n    readonly ALERT_TYPE_CRITICAL_CVE: 'criticalCVE'\n    readonly ALERT_TYPE_CVE: 'cve'\n    readonly ALERT_TYPE_MEDIUM_CVE: 'mediumCVE'\n    readonly ALERT_TYPE_MILD_CVE: 'mildCVE'\n    readonly API_V0_URL: 'https://api.socket.dev/v0/'\n    readonly BINARY_LOCK_EXT: '.lockb'\n    readonly BUN: 'bun'\n    readonly ENV: ENV\n    readonly DRY_RUN_LABEL: '[DryRun]'\n    readonly DRY_RUN_BAILING_NOW: '[DryRun] Bailing now'\n    readonly DRY_RUN_NOT_SAVING: '[DryRun] Not saving'\n    readonly IPC: IPC\n    readonly LOCK_EXT: '.lock'\n    readonly NPM_BUGGY_OVERRIDES_PATCHED_VERSION: '11.2.0'\n    readonly NPM_REGISTRY_URL: 'https://registry.npmjs.org'\n    readonly PNPM: 'pnpm'\n    readonly REDACTED: '<redacted>'\n    readonly SHADOW_BIN: 'shadow-bin'\n    readonly SHADOW_INJECT: 'shadow-inject'\n    readonly SOCKET: 'socket'\n    readonly SOCKET_CLI_ACCEPT_RISKS: 'SOCKET_CLI_ACCEPT_RISKS'\n    readonly SOCKET_CLI_BIN_NAME: 'socket'\n    readonly SOCKET_CLI_BIN_NAME_ALIAS: 'cli'\n    readonly SOCKET_CLI_CONFIG: 'SOCKET_CLI_CONFIG'\n    readonly SOCKET_CLI_FIX: 'SOCKET_CLI_FIX'\n    readonly SOCKET_CLI_ISSUES_URL: 'https://github.com/SocketDev/socket-cli/issues'\n    readonly SOCKET_CLI_SENTRY_BIN_NAME_ALIAS: 'cli-with-sentry'\n    readonly SOCKET_CLI_LEGACY_PACKAGE_NAME: '@socketsecurity/cli'\n    readonly SOCKET_CLI_NPM_BIN_NAME: 'socket-npm'\n    readonly SOCKET_CLI_NPX_BIN_NAME: 'socket-npx'\n    readonly SOCKET_CLI_OPTIMIZE: 'SOCKET_CLI_OPTIMIZE'\n    readonly SOCKET_CLI_PACKAGE_NAME: 'socket'\n    readonly SOCKET_CLI_SAFE_BIN: 'SOCKET_CLI_SAFE_BIN'\n    readonly SOCKET_CLI_SAFE_PROGRESS: 'SOCKET_CLI_SAFE_PROGRESS'\n    readonly SOCKET_CLI_SENTRY_BIN_NAME: 'socket-with-sentry'\n    readonly SOCKET_CLI_SENTRY_NPM_BIN_NAME: 'socket-npm-with-sentry'\n    readonly SOCKET_CLI_SENTRY_NPX_BIN_NAME: 'socket-npx-with-sentry'\n    readonly SOCKET_CLI_SENTRY_PACKAGE_NAME: '@socketsecurity/cli-with-sentry'\n    readonly SOCKET_CLI_VIEW_ALL_RISKS: 'SOCKET_CLI_VIEW_ALL_RISKS'\n    readonly SOCKET_WEBSITE_URL: 'https://socket.dev'\n    readonly VLT: 'vlt'\n    readonly WITH_SENTRY: 'with-sentry'\n    readonly YARN: 'yarn'\n    readonly YARN_BERRY: 'yarn/berry'\n    readonly YARN_CLASSIC: 'yarn/classic'\n    readonly YARN_LOCK: 'yarn.lock'\n    readonly bashRcPath: string\n    readonly binCliPath: string\n    readonly binPath: string\n    readonly blessedOptions: {\n      smartCSR: boolean\n      term: string\n      useBCE: boolean\n    }\n    readonly distCliPath: string\n    readonly distInstrumentWithSentryPath: string\n    readonly distPath: string\n    readonly distShadowBinPath: string\n    readonly distShadowInjectPath: string\n    readonly githubCachePath: string\n    readonly homePath: string\n    readonly minimumVersionByAgent: Map<Agent, string>\n    readonly nmBinPath: string\n    readonly nodeHardenFlags: string[]\n    readonly rootPath: string\n    readonly shadowBinPath: string\n    readonly socketAppDataPath: string\n    readonly socketCachePath: string\n    readonly zshRcPath: string\n  }\n>\n\nconst ALERT_TYPE_CRITICAL_CVE = 'criticalCVE'\nconst ALERT_TYPE_CVE = 'cve'\nconst ALERT_TYPE_MEDIUM_CVE = 'mediumCVE'\nconst ALERT_TYPE_MILD_CVE = 'mildCVE'\nconst API_V0_URL = 'https://api.socket.dev/v0/'\nconst BINARY_LOCK_EXT = '.lockb'\nconst BUN = 'bun'\nconst DRY_RUN_LABEL = '[DryRun]'\nconst DRY_RUN_BAILING_NOW = `${DRY_RUN_LABEL}: Bailing now`\nconst DRY_RUN_NOT_SAVING = `${DRY_RUN_LABEL}: Not saving`\nconst LOCALAPPDATA = 'LOCALAPPDATA'\nconst LOCK_EXT = '.lock'\nconst NPM_BUGGY_OVERRIDES_PATCHED_VERSION = '11.2.0'\nconst NPM_REGISTRY_URL = 'https://registry.npmjs.org'\nconst PNPM = 'pnpm'\nconst REDACTED = '<redacted>'\nconst SHADOW_BIN = 'shadow-bin'\nconst SHADOW_INJECT = 'shadow-inject'\nconst SOCKET = 'socket'\nconst SOCKET_CLI_ACCEPT_RISKS = 'SOCKET_CLI_ACCEPT_RISKS'\nconst SOCKET_CLI_BIN_NAME = 'socket'\nconst SOCKET_CLI_BIN_NAME_ALIAS = 'cli'\nconst SOCKET_CLI_FIX = 'SOCKET_CLI_FIX'\nconst SOCKET_CLI_ISSUES_URL = 'https://github.com/SocketDev/socket-cli/issues'\nconst SOCKET_CLI_LEGACY_PACKAGE_NAME = '@socketsecurity/cli'\nconst SOCKET_CLI_OPTIMIZE = 'SOCKET_CLI_OPTIMIZE'\nconst SOCKET_CLI_NPM_BIN_NAME = 'socket-npm'\nconst SOCKET_CLI_NPX_BIN_NAME = 'socket-npx'\nconst SOCKET_CLI_PACKAGE_NAME = 'socket'\nconst SOCKET_CLI_SAFE_BIN = 'SOCKET_CLI_SAFE_BIN'\nconst SOCKET_CLI_SAFE_PROGRESS = 'SOCKET_CLI_SAFE_PROGRESS'\nconst SOCKET_CLI_SENTRY_BIN_NAME = 'socket-with-sentry'\nconst SOCKET_CLI_SENTRY_BIN_NAME_ALIAS = 'cli-with-sentry'\nconst SOCKET_CLI_SENTRY_NPM_BIN_NAME = 'socket-npm-with-sentry'\nconst SOCKET_CLI_SENTRY_NPX_BIN_NAME = 'socket-npx-with-sentry'\nconst SOCKET_CLI_SENTRY_PACKAGE_NAME = '@socketsecurity/cli-with-sentry'\nconst SOCKET_CLI_VIEW_ALL_RISKS = 'SOCKET_CLI_VIEW_ALL_RISKS'\nconst SOCKET_WEBSITE_URL = 'https://socket.dev'\nconst VLT = 'vlt'\nconst WITH_SENTRY = 'with-sentry'\nconst YARN = 'yarn'\nconst YARN_BERRY = 'yarn/berry'\nconst YARN_CLASSIC = 'yarn/classic'\nconst YARN_LOCK = 'yarn.lock'\n\nlet _Sentry: any\n\nconst LAZY_ENV = () => {\n  const {\n    envAsBoolean,\n    envAsString,\n  } = require('@socketsecurity/registry/lib/env')\n  const { env } = process\n  const GITHUB_TOKEN = envAsString(env['GITHUB_TOKEN'])\n  // We inline some environment values so that they CANNOT be influenced by user\n  // provided environment variables.\n  return Object.freeze({\n    __proto__: null,\n    // Lazily access registryConstants.ENV.\n    ...registryConstants.ENV,\n    // Flag to disable using GitHub's workflow actions/cache.\n    // https://github.com/actions/cache\n    DISABLE_GITHUB_CACHE: envAsBoolean(env['DISABLE_GITHUB_CACHE']),\n    // Always set to true when GitHub Actions is running the workflow. This variable\n    // can be used to differentiate when tests are being run locally or by GitHub Actions.\n    // https://docs.github.com/en/actions/writing-workflows/choosing-what-your-workflow-does/store-information-in-variables#default-environment-variables\n    GITHUB_ACTIONS: envAsBoolean(env['GITHUB_ACTIONS']),\n    // The short ref name of the branch or tag that triggered the GitHub workflow\n    // run. This value matches the branch or tag name shown on GitHub. For example,\n    // feature-branch-1. For pull requests, the format is <pr_number>/merge.\n    // https://docs.github.com/en/actions/writing-workflows/choosing-what-your-workflow-does/store-information-in-variables#default-environment-variables\n    GITHUB_REF_NAME: envAsString(env['GITHUB_REF_NAME']),\n    // The type of ref that triggered the workflow run. Valid values are branch or tag.\n    // https://docs.github.com/en/actions/writing-workflows/choosing-what-your-workflow-does/store-information-in-variables#default-environment-variables\n    GITHUB_REF_TYPE: envAsString(env['GITHUB_REF_TYPE']),\n    // The owner and repository name. For example, octocat/Hello-World.\n    // https://docs.github.com/en/actions/writing-workflows/choosing-what-your-workflow-does/store-information-in-variables#default-environment-variables\n    GITHUB_REPOSITORY: envAsString(env['GITHUB_REPOSITORY']),\n    // The GITHUB_TOKEN secret is a GitHub App installation access token.\n    // The token's permissions are limited to the repository that contains the\n    // workflow.\n    // https://docs.github.com/en/actions/security-for-github-actions/security-guides/automatic-token-authentication#about-the-github_token-secret\n    GITHUB_TOKEN,\n    // Comp-time inlined @cyclonedx/cdxgen package version.\n    // The '@rollup/plugin-replace' will replace \"process.env['INLINED_CYCLONEDX_CDXGEN_VERSION']\".\n    INLINED_CYCLONEDX_CDXGEN_VERSION: envAsString(\n      process.env['INLINED_CYCLONEDX_CDXGEN_VERSION'],\n    ),\n    // Comp-time inlined Socket package homepage.\n    // The '@rollup/plugin-replace' will replace \"process.env['INLINED_SOCKET_CLI_HOMEPAGE']\".\n    INLINED_SOCKET_CLI_HOMEPAGE: envAsString(\n      process.env['INLINED_SOCKET_CLI_HOMEPAGE'],\n    ),\n    // Comp-time inlined flag to determine if this is the Legacy build.\n    // The '@rollup/plugin-replace' will replace \"process.env['INLINED_SOCKET_CLI_LEGACY_BUILD']\".\n    INLINED_SOCKET_CLI_LEGACY_BUILD: envAsBoolean(\n      process.env['INLINED_SOCKET_CLI_LEGACY_BUILD'],\n    ),\n    // Comp-time inlined Socket package name.\n    // The '@rollup/plugin-replace' will replace \"process.env['INLINED_SOCKET_CLI_NAME']\".\n    INLINED_SOCKET_CLI_NAME: envAsString(\n      process.env['INLINED_SOCKET_CLI_NAME'],\n    ),\n    // Comp-time inlined flag to determine if this is a published build.\n    // The '@rollup/plugin-replace' will replace \"process.env['INLINED_SOCKET_CLI_PUBLISHED_BUILD']\".\n    INLINED_SOCKET_CLI_PUBLISHED_BUILD: envAsBoolean(\n      process.env['INLINED_SOCKET_CLI_PUBLISHED_BUILD'],\n    ),\n    // Comp-time inlined flag to determine if this is the Sentry build.\n    // The '@rollup/plugin-replace' will replace \"process.env['INLINED_SOCKET_CLI_SENTRY_BUILD']\".\n    INLINED_SOCKET_CLI_SENTRY_BUILD: envAsBoolean(\n      process.env['INLINED_SOCKET_CLI_SENTRY_BUILD'],\n    ),\n    // Comp-time inlined Socket package version.\n    // The '@rollup/plugin-replace' will replace \"process.env['INLINED_SOCKET_CLI_VERSION']\".\n    INLINED_SOCKET_CLI_VERSION: envAsString(\n      process.env['INLINED_SOCKET_CLI_VERSION'],\n    ),\n    // Comp-time inlined Socket package version hash.\n    // The '@rollup/plugin-replace' will replace \"process.env['INLINED_SOCKET_CLI_VERSION_HASH']\".\n    INLINED_SOCKET_CLI_VERSION_HASH: envAsString(\n      process.env['INLINED_SOCKET_CLI_VERSION_HASH'],\n    ),\n    // Comp-time inlined synp package version.\n    // The '@rollup/plugin-replace' will replace \"process.env['INLINED_SYNP_VERSION']\".\n    INLINED_SYNP_VERSION: envAsString(process.env['INLINED_SYNP_VERSION']),\n    // The location of the %localappdata% folder on Windows used to store user-specific,\n    // non-roaming application data, like temporary files, cached data, and program\n    // settings, that are specific to the current machine and user.\n    LOCALAPPDATA: envAsString(env[LOCALAPPDATA]),\n    // Flag to enable the module compile cache for the Node.js instance.\n    // https://nodejs.org/api/cli.html#node_compile_cachedir\n    NODE_COMPILE_CACHE:\n      // Lazily access constants.SUPPORTS_NODE_COMPILE_CACHE_ENV_VAR.\n      constants.SUPPORTS_NODE_COMPILE_CACHE_ENV_VAR\n        ? // Lazily access constants.socketCachePath.\n          constants.socketCachePath\n        : '',\n    // PATH is an environment variable that lists directories where executable\n    // programs are located. When a command is run, the system searches these\n    // directories to find the executable.\n    PATH: envAsString(env['PATH']),\n    // Flag to accepts risks of safe-npm and safe-npx run.\n    SOCKET_CLI_ACCEPT_RISKS: envAsBoolean(env[SOCKET_CLI_ACCEPT_RISKS]),\n    // Flag to change the base URL for all API-calls.\n    // https://github.com/SocketDev/socket-cli?tab=readme-ov-file#environment-variables-for-development\n    SOCKET_CLI_API_BASE_URL:\n      envAsString(env['SOCKET_CLI_API_BASE_URL']) ||\n      envAsString(env['SOCKET_SECURITY_API_BASE_URL']),\n    // Flag to set the proxy all requests are routed through.\n    // https://github.com/SocketDev/socket-cli?tab=readme-ov-file#environment-variables-for-development\n    SOCKET_CLI_API_PROXY:\n      envAsString(env['SOCKET_CLI_API_PROXY']) ||\n      envAsString(env['SOCKET_SECURITY_API_PROXY']),\n    // Flag to set the API token.\n    // https://github.com/SocketDev/socket-cli?tab=readme-ov-file#environment-variables\n    SOCKET_CLI_API_TOKEN:\n      envAsString(env['SOCKET_CLI_API_TOKEN']) ||\n      envAsString(env['SOCKET_CLI_API_KEY']) ||\n      envAsString(env['SOCKET_SECURITY_API_TOKEN']) ||\n      envAsString(env['SOCKET_SECURITY_API_KEY']),\n    // Flag containing a JSON stringified Socket configuration object.\n    SOCKET_CLI_CONFIG: envAsString(env['SOCKET_CLI_CONFIG']),\n    // Flag to help debug Socket CLI.\n    SOCKET_CLI_DEBUG: envAsBoolean(env['SOCKET_CLI_DEBUG']),\n    // The git config user.email used by Socket CLI.\n    SOCKET_CLI_GIT_USER_EMAIL:\n      envAsString(env['SOCKET_CLI_GIT_USER_EMAIL']) ||\n      `github-actions[bot]@users.noreply.github.com`,\n    // The git config user.name used by Socket CLI.\n    SOCKET_CLI_GIT_USER_NAME:\n      envAsString(env['SOCKET_CLI_GIT_USER_NAME']) ||\n      envAsString(env['SOCKET_CLI_GIT_USERNAME']) ||\n      'github-actions[bot]',\n    // A classic GitHub personal access token with the \"repo\" scope or a\n    // fine-grained access token with at least read/write permissions set for\n    // \"Contents\" and \"Pull Request\".\n    // https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/managing-your-personal-access-tokens\n    SOCKET_CLI_GITHUB_TOKEN:\n      envAsString(env['SOCKET_CLI_GITHUB_TOKEN']) ||\n      envAsString(env['SOCKET_SECURITY_GITHUB_PAT']) ||\n      GITHUB_TOKEN,\n    // Flag to make the default API token `undefined`.\n    SOCKET_CLI_NO_API_TOKEN: envAsBoolean(env['SOCKET_CLI_NO_API_TOKEN']),\n    // Flag to view all risks of safe-npm and safe-npx run.\n    SOCKET_CLI_VIEW_ALL_RISKS: envAsBoolean(env[SOCKET_CLI_VIEW_ALL_RISKS]),\n    // Specifies the type of terminal or terminal emulator being used by the process.\n    TERM: envAsString(env['TERM']),\n    // The location of the base directory on Linux and MacOS used to store\n    // user-specific data files, defaulting to $HOME/.local/share if not set or empty.\n    XDG_DATA_HOME: envAsString(env['XDG_DATA_HOME']),\n  })\n}\n\nconst lazyBashRcPath = () =>\n  // Lazily access constants.homePath.\n  path.join(constants.homePath, '.bashrc')\n\nconst lazyBinPath = () =>\n  // Lazily access constants.rootPath.\n  path.join(constants.rootPath, 'bin')\n\nconst lazyBinCliPath = () =>\n  // Lazily access constants.binPath.\n  path.join(constants.binPath, 'cli.js')\n\nconst lazyBlessedOptions = () =>\n  Object.freeze({\n    smartCSR: true,\n    // Lazily access constants.WIN32.\n    term: constants.WIN32 ? 'windows-ansi' : 'xterm',\n    useBCE: true,\n  })\n\nconst lazyDistPath = () =>\n  // Lazily access constants.rootPath.\n  path.join(constants.rootPath, 'dist')\n\nconst lazyDistCliPath = () =>\n  // Lazily access constants.distPath.\n  path.join(constants.distPath, 'cli.js')\n\nconst lazyDistInstrumentWithSentryPath = () =>\n  // Lazily access constants.distPath.\n  path.join(constants.distPath, 'instrument-with-sentry.js')\n\nconst lazyDistShadowBinPath = () =>\n  // Lazily access constants.distPath.\n  path.join(constants.distPath, `${SHADOW_BIN}.js`)\n\nconst lazyDistShadowInjectPath = () =>\n  // Lazily access constants.distPath.\n  path.join(constants.distPath, `${SHADOW_INJECT}.js`)\n\nconst lazyGithubCachePath = () =>\n  // Lazily access constants.socketCachePath.\n  path.join(constants.socketCachePath, 'github')\n\nconst lazyHomePath = () => os.homedir()\n\nconst lazyMinimumVersionByAgent = () =>\n  new Map([\n    // Bun >=1.1.39 supports the text-based lockfile.\n    // https://bun.sh/blog/bun-lock-text-lockfile\n    [BUN, '1.1.39'],\n    // The npm version bundled with Node 18.\n    // https://nodejs.org/en/about/previous-releases#looking-for-the-latest-release-of-a-version-branch\n    ['npm', '10.8.2'],\n    // 8.x is the earliest version to support Node 18.\n    // https://pnpm.io/installation#compatibility\n    // https://www.npmjs.com/package/pnpm?activeTab=versions\n    [PNPM, '8.15.7'],\n    // 4.x supports >= Node 18.12.0\n    // https://github.com/yarnpkg/berry/blob/%40yarnpkg/core/4.1.0/CHANGELOG.md#400\n    [YARN_BERRY, '4.0.0'],\n    // Latest 1.x.\n    // https://www.npmjs.com/package/yarn?activeTab=versions\n    [YARN_CLASSIC, '1.22.22'],\n    // vlt does not support overrides so we don't gate on it.\n    [VLT, '*'],\n  ])\n\nconst lazyNmBinPath = () =>\n  // Lazily access constants.rootPath.\n  path.join(constants.rootPath, 'node_modules/.bin')\n\n// Redefine registryConstants.nodeHardenFlags to account for the\n// INLINED_SOCKET_CLI_SENTRY_BUILD environment variable.\nconst lazyNodeHardenFlags = () =>\n  Object.freeze(\n    // Lazily access constants.ENV.INLINED_SOCKET_CLI_SENTRY_BUILD.\n    constants.ENV.INLINED_SOCKET_CLI_SENTRY_BUILD ||\n      // Lazily access constants.WIN32.\n      constants.WIN32\n      ? []\n      : // Harden Node security.\n        // https://nodejs.org/en/learn/getting-started/security-best-practices\n        [\n          '--disable-proto',\n          'throw',\n          // We have contributed the following patches to our dependencies to make\n          // Node's --frozen-intrinsics workable.\n          // √ https://github.com/SBoudrias/Inquirer.js/pull/1683\n          // √ https://github.com/pnpm/components/pull/23\n          '--frozen-intrinsics',\n          '--no-deprecation',\n        ],\n  )\n\nconst lazyRootPath = () => path.join(realpathSync.native(__dirname), '..')\n\nconst lazySocketAppDataPath = (): string | undefined => {\n  // Get the OS app data folder:\n  // - Win: %LOCALAPPDATA% or fail?\n  // - Mac: %XDG_DATA_HOME% or fallback to \"~/Library/Application Support/\"\n  // - Linux: %XDG_DATA_HOME% or fallback to \"~/.local/share/\"\n  // Note: LOCALAPPDATA is typically: C:\\Users\\USERNAME\\AppData\n  // Note: XDG stands for \"X Desktop Group\", nowadays \"freedesktop.org\"\n  //       On most systems that path is: $HOME/.local/share\n  // Then append `socket/settings`, so:\n  // - Win: %LOCALAPPDATA%\\socket\\settings or return undefined\n  // - Mac: %XDG_DATA_HOME%/socket/settings or \"~/Library/Application Support/socket/settings\"\n  // - Linux: %XDG_DATA_HOME%/socket/settings or \"~/.local/share/socket/settings\"\n\n  // Lazily access constants.WIN32.\n  const { WIN32 } = constants\n  let dataHome: string | undefined = WIN32\n    ? // Lazily access constants.ENV.LOCALAPPDATA\n      constants.ENV.LOCALAPPDATA\n    : // Lazily access constants.ENV.XDG_DATA_HOME\n      constants.ENV.XDG_DATA_HOME\n  if (!dataHome) {\n    if (WIN32) {\n      const logger = require('@socketsecurity/registry/lib/logger')\n      logger.warn(`Missing %${LOCALAPPDATA}%`)\n    } else {\n      dataHome = path.join(\n        // Lazily access constants.homePath.\n        constants.homePath,\n        // Lazily access constants.DARWIN.\n        constants.DARWIN ? 'Library/Application Support' : '.local/share',\n      )\n    }\n  }\n  return dataHome ? path.join(dataHome, 'socket/settings') : undefined\n}\n\nconst lazySocketCachePath = () =>\n  // Lazily access constants.rootPath.\n  path.join(constants.rootPath, '.cache')\n\nconst lazyShadowBinPath = () =>\n  // Lazily access constants.rootPath.\n  path.join(constants.rootPath, SHADOW_BIN)\n\nconst lazyZshRcPath = () =>\n  // Lazily access constants.homePath.\n  path.join(constants.homePath, '.zshrc')\n\nconst constants: Constants = createConstantsObject(\n  {\n    ...registryConstantsAttribs.props,\n    ALERT_TYPE_CRITICAL_CVE,\n    ALERT_TYPE_CVE,\n    ALERT_TYPE_MEDIUM_CVE,\n    ALERT_TYPE_MILD_CVE,\n    API_V0_URL,\n    BINARY_LOCK_EXT,\n    BUN,\n    DRY_RUN_LABEL,\n    DRY_RUN_BAILING_NOW,\n    DRY_RUN_NOT_SAVING,\n    ENV: undefined,\n    LOCK_EXT,\n    NPM_BUGGY_OVERRIDES_PATCHED_VERSION,\n    NPM_REGISTRY_URL,\n    PNPM,\n    REDACTED,\n    SHADOW_BIN,\n    SHADOW_INJECT,\n    SOCKET,\n    SOCKET_CLI_ACCEPT_RISKS,\n    SOCKET_CLI_BIN_NAME,\n    SOCKET_CLI_BIN_NAME_ALIAS,\n    SOCKET_CLI_FIX,\n    SOCKET_CLI_ISSUES_URL,\n    SOCKET_CLI_SENTRY_BIN_NAME_ALIAS,\n    SOCKET_CLI_LEGACY_PACKAGE_NAME,\n    SOCKET_CLI_NPM_BIN_NAME,\n    SOCKET_CLI_NPX_BIN_NAME,\n    SOCKET_CLI_OPTIMIZE,\n    SOCKET_CLI_PACKAGE_NAME,\n    SOCKET_CLI_SAFE_BIN,\n    SOCKET_CLI_SAFE_PROGRESS,\n    SOCKET_CLI_SENTRY_BIN_NAME,\n    SOCKET_CLI_SENTRY_NPM_BIN_NAME,\n    SOCKET_CLI_SENTRY_NPX_BIN_NAME,\n    SOCKET_CLI_SENTRY_PACKAGE_NAME,\n    SOCKET_CLI_VIEW_ALL_RISKS,\n    SOCKET_WEBSITE_URL,\n    VLT,\n    WITH_SENTRY,\n    YARN,\n    YARN_BERRY,\n    YARN_CLASSIC,\n    YARN_LOCK,\n    bashRcPath: undefined,\n    binPath: undefined,\n    binCliPath: undefined,\n    blessedOptions: undefined,\n    distCliPath: undefined,\n    distInstrumentWithSentryPath: undefined,\n    distPath: undefined,\n    distShadowBinPath: undefined,\n    distShadowInjectPath: undefined,\n    githubCachePath: undefined,\n    homePath: undefined,\n    minimumVersionByAgent: undefined,\n    nmBinPath: undefined,\n    nodeHardenFlags: undefined,\n    rootPath: undefined,\n    shadowBinPath: undefined,\n    socketAppDataPath: undefined,\n    socketCachePath: undefined,\n    zshRcPath: undefined,\n  },\n  {\n    getters: {\n      ...registryConstantsAttribs.getters,\n      ENV: LAZY_ENV,\n      bashRcPath: lazyBashRcPath,\n      binCliPath: lazyBinCliPath,\n      binPath: lazyBinPath,\n      blessedOptions: lazyBlessedOptions,\n      distCliPath: lazyDistCliPath,\n      distInstrumentWithSentryPath: lazyDistInstrumentWithSentryPath,\n      distPath: lazyDistPath,\n      distShadowBinPath: lazyDistShadowBinPath,\n      distShadowInjectPath: lazyDistShadowInjectPath,\n      githubCachePath: lazyGithubCachePath,\n      homePath: lazyHomePath,\n      minimumVersionByAgent: lazyMinimumVersionByAgent,\n      nmBinPath: lazyNmBinPath,\n      nodeHardenFlags: lazyNodeHardenFlags,\n      rootPath: lazyRootPath,\n      shadowBinPath: lazyShadowBinPath,\n      socketAppDataPath: lazySocketAppDataPath,\n      socketCachePath: lazySocketCachePath,\n      zshRcPath: lazyZshRcPath,\n    },\n    internals: {\n      ...registryConstantsAttribs.internals,\n      getIpc,\n      getSentry() {\n        return _Sentry\n      },\n      setSentry(Sentry: Sentry): boolean {\n        if (_Sentry === undefined) {\n          _Sentry = Sentry\n          return true\n        }\n        return false\n      },\n    },\n  },\n) as Constants\n\nexport default constants\n"],"names":["attributes","getIpc","envAsString","env","__proto__","DISABLE_GITHUB_CACHE","GITHUB_ACTIONS","GITHUB_REF_NAME","GITHUB_REF_TYPE","GITHUB_REPOSITORY","LOCALAPPDATA","constants","PATH","SOCKET_CLI_ACCEPT_RISKS","SOCKET_CLI_API_BASE_URL","SOCKET_CLI_API_PROXY","SOCKET_CLI_API_TOKEN","SOCKET_CLI_CONFIG","SOCKET_CLI_DEBUG","SOCKET_CLI_GIT_USER_NAME","SOCKET_CLI_GITHUB_TOKEN","SOCKET_CLI_NO_API_TOKEN","SOCKET_CLI_VIEW_ALL_RISKS","TERM","XDG_DATA_HOME","path","smartCSR","term","useBCE","WIN32","logger","ENV","bashRcPath","binPath","binCliPath","blessedOptions","distCliPath","distInstrumentWithSentryPath","distPath","distShadowBinPath","distShadowInjectPath","githubCachePath","homePath","minimumVersionByAgent","nmBinPath","nodeHardenFlags","rootPath","shadowBinPath","socketAppDataPath","socketCachePath","zshRcPath","getters","internals","getSentry","_Sentry"],"mappings":";;;;;;;;;;AAWA,iBAAA;AACA;AACA;AAEA;;AAEE;AACEA;;AAEAC;AACF;AACF;AA6IA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAEA;AAEA;;;AAGIC;AACF;;AACQC;AAAI;;AAEZ;AACA;;AAEEC;AACA;;AAEA;AACA;AACAC;AACA;AACA;AACA;AACAC;AACA;AACA;AACA;AACA;AACAC;AACA;AACA;AACAC;AACA;AACA;AACAC;AACA;AACA;AACA;AACA;;AAEA;AACA;;AAIA;AACA;;AAIA;AACA;;AAIA;AACA;;AAIA;AACA;;AAIA;AACA;;AAIA;AACA;;AAIA;AACA;;AAIA;AACA;;AAEA;AACA;AACA;AACAC;AACA;AACA;;AAEE;AACAC;AACI;;AAGN;AACA;AACA;AACAC;AACA;AACAC;AACA;AACA;AACAC;AAGA;AACA;AACAC;AAGA;AACA;AACAC;AAKA;AACAC;AACA;AACAC;AACA;;AAIA;AACAC;AAIA;AACA;AACA;AACA;AACAC;AAIA;AACAC;AACA;AACAC;AACA;AACAC;AACA;AACA;AACAC;AACF;AACF;AAEA;AACE;AACAC;AAEF;AACE;AACAA;AAEF;AACE;AACAA;AAEF;AAEIC;AACA;AACAC;AACAC;AACF;AAEF;AACE;AACAH;AAEF;AACE;AACAA;AAEF;AACE;AACAA;AAEF;AACE;AACAA;AAEF;AACE;AACAA;AAEF;AACE;AACAA;AAEF;AAEA;AAEI;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAGJ;AACE;AACAA;;AAEF;AACA;AACA;AAEI;AACAd;AACE;AACAA;AAEE;AACA;AACA;AAGE;AACA;AACA;AACA;AACA;AAKV;AAEA;AACE;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAEA;;AACQkB;AAAM;;AAEV;;AAEA;;;AAGF;AACE;AACAC;AACF;;AAEI;AACAnB;AACA;AACAA;AAEJ;AACF;;AAEF;AAEA;AACE;AACAc;AAEF;AACE;AACAA;AAEF;AACE;AACAA;AAEId;;;;;;;;;;;;AAaFoB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAkCAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACF;AAEEC;;AAEEpB;AACAC;AACAE;AACAD;AACAE;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;;AAEFE;;;AAGEC;AACE;;;;AAIEC;AACA;AACF;AACA;AACF;AACF;AACF;;","debugId":"5cef6a24-9249-400c-bd2a-339c55777089"}

package/dist/utils.js

@@ -2660,57 +2660,6 @@ const {
 } = constants;
 const AGENTS = [BUN, NPM, PNPM, YARN_BERRY, YARN_CLASSIC, VLT];
 const binByAgent = new Map([[BUN, BUN], [NPM, NPM], [PNPM, PNPM], [YARN_BERRY, YARN], [YARN_CLASSIC, YARN], [VLT, VLT]]);
-async function getAgentExecPath(agent) {
-  const binName = binByAgent.get(agent);
-  if (binName === NPM) {
-    // Lazily access constants.npmExecPath.
-    return constants.npmExecPath;
-  }
-  return (await vendor.libExports$1(binName, {
-    nothrow: true
-  })) ?? binName;
-}
-async function getAgentVersion(agentExecPath, cwd) {
-  let result;
-  try {
-    result =
-    // Coerce version output into a valid semver version by passing it through
-    // semver.coerce which strips leading v's, carets (^), comparators (<,<=,>,>=,=),
-    // and tildes (~).
-    vendor.semverExports.coerce(
-    // All package managers support the "--version" flag.
-    (await spawn.spawn(agentExecPath, ['--version'], {
-      cwd,
-      // Lazily access constants.WIN32.
-      shell: constants.WIN32
-    })).stdout.trim()) ?? undefined;
-  } catch (e) {
-    debug.debugFn('Unexpected error:\n', e);
-  }
-  return result;
-}
-
-// The order of LOCKS properties IS significant as it affects iteration order.
-const LOCKS = {
-  [`bun${LOCK_EXT}`]: BUN,
-  [`bun${BINARY_LOCK_EXT}`]: BUN,
-  // If both package-lock.json and npm-shrinkwrap.json are present in the root
-  // of a project, npm-shrinkwrap.json will take precedence and package-lock.json
-  // will be ignored.
-  // https://docs.npmjs.com/cli/v10/configuring-npm/package-lock-json#package-lockjson-vs-npm-shrinkwrapjson
-  'npm-shrinkwrap.json': NPM,
-  'package-lock.json': NPM,
-  'pnpm-lock.yaml': PNPM,
-  'pnpm-lock.yml': PNPM,
-  [`yarn${LOCK_EXT}`]: YARN_CLASSIC,
-  'vlt-lock.json': VLT,
-  // Lastly, look for a hidden lock file which is present if .npmrc has package-lock=false:
-  // https://docs.npmjs.com/cli/v10/configuring-npm/package-lock-json#hidden-lockfiles
-  //
-  // Unlike the other LOCKS keys this key contains a directory AND filename so
-  // it has to be handled differently.
-  'node_modules/.package-lock.json': NPM
-};
 const readLockFileByAgent = (() => {
   function wrapReader(reader) {
     return async (...args) => {
@@ -2746,6 +2695,57 @@ const readLockFileByAgent = (() => {
     return undefined;
   })], [NPM, defaultReader], [PNPM, defaultReader], [VLT, defaultReader], [YARN_BERRY, defaultReader], [YARN_CLASSIC, defaultReader]]);
 })();
+
+// The order of LOCKS properties IS significant as it affects iteration order.
+const LOCKS = {
+  [`bun${LOCK_EXT}`]: BUN,
+  [`bun${BINARY_LOCK_EXT}`]: BUN,
+  // If both package-lock.json and npm-shrinkwrap.json are present in the root
+  // of a project, npm-shrinkwrap.json will take precedence and package-lock.json
+  // will be ignored.
+  // https://docs.npmjs.com/cli/v10/configuring-npm/package-lock-json#package-lockjson-vs-npm-shrinkwrapjson
+  'npm-shrinkwrap.json': NPM,
+  'package-lock.json': NPM,
+  'pnpm-lock.yaml': PNPM,
+  'pnpm-lock.yml': PNPM,
+  [`yarn${LOCK_EXT}`]: YARN_CLASSIC,
+  'vlt-lock.json': VLT,
+  // Lastly, look for a hidden lock file which is present if .npmrc has package-lock=false:
+  // https://docs.npmjs.com/cli/v10/configuring-npm/package-lock-json#hidden-lockfiles
+  //
+  // Unlike the other LOCKS keys this key contains a directory AND filename so
+  // it has to be handled differently.
+  'node_modules/.package-lock.json': NPM
+};
+async function getAgentExecPath(agent) {
+  const binName = binByAgent.get(agent);
+  if (binName === NPM) {
+    // Lazily access constants.npmExecPath.
+    return constants.npmExecPath;
+  }
+  return (await vendor.libExports$1(binName, {
+    nothrow: true
+  })) ?? binName;
+}
+async function getAgentVersion(agentExecPath, cwd) {
+  let result;
+  try {
+    result =
+    // Coerce version output into a valid semver version by passing it through
+    // semver.coerce which strips leading v's, carets (^), comparators (<,<=,>,>=,=),
+    // and tildes (~).
+    vendor.semverExports.coerce(
+    // All package managers support the "--version" flag.
+    (await spawn.spawn(agentExecPath, ['--version'], {
+      cwd,
+      // Lazily access constants.WIN32.
+      shell: constants.WIN32
+    })).stdout.trim()) ?? undefined;
+  } catch (e) {
+    debug.debugFn('Unexpected error:\n', e);
+  }
+  return result;
+}
 async function detectPackageEnvironment({
   cwd = process.cwd(),
   onUnknown
@@ -2902,38 +2902,62 @@ async function detectAndValidatePackageEnvironment(cwd, options) {
   const agentVersion = details.agentVersion ?? 'unknown';
   if (!details.agentSupported) {
     const minVersion = constants.minimumVersionByAgent.get(agent);
-    logger?.fail(cmdPrefixMessage(cmdName, `Requires ${agent} >=${minVersion}. Current version: ${agentVersion}.`));
-    return;
+    return {
+      ok: false,
+      message: 'Version Mismatch',
+      cause: cmdPrefixMessage(cmdName, `Requires ${agent} >=${minVersion}. Current version: ${agentVersion}.`)
+    };
   }
   if (!details.nodeSupported) {
     const minVersion = constants.maintainedNodeVersions.last;
-    logger?.fail(cmdPrefixMessage(cmdName, `Requires Node >=${minVersion}. Current version: ${nodeVersion}.`));
-    return;
+    return {
+      ok: false,
+      message: 'Version Mismatch',
+      cause: cmdPrefixMessage(cmdName, `Requires Node >=${minVersion}. Current version: ${nodeVersion}.`)
+    };
   }
   if (!details.pkgSupports.agent) {
-    logger?.fail(cmdPrefixMessage(cmdName, `Package engine "${agent}" requires ${pkgRequirements.agent}. Current version: ${agentVersion}`));
-    return;
+    return {
+      ok: false,
+      message: 'Engine Mismatch',
+      cause: cmdPrefixMessage(cmdName, `Package engine "${agent}" requires ${pkgRequirements.agent}. Current version: ${agentVersion}`)
+    };
   }
   if (!details.pkgSupports.node) {
-    logger?.fail(cmdPrefixMessage(cmdName, `Package engine "node" requires ${pkgRequirements.node}. Current version: ${nodeVersion}`));
-    return;
+    return {
+      ok: false,
+      message: 'Version Mismatch',
+      cause: cmdPrefixMessage(cmdName, `Package engine "node" requires ${pkgRequirements.node}. Current version: ${nodeVersion}`)
+    };
   }
   const lockName = details.lockName ?? 'lock file';
   if (details.lockName === undefined || details.lockSrc === undefined) {
-    logger?.fail(cmdPrefixMessage(cmdName, `No ${lockName} found`));
-    return;
+    return {
+      ok: false,
+      message: 'Missing Lock File',
+      cause: cmdPrefixMessage(cmdName, `No ${lockName} found`)
+    };
   }
   if (details.lockSrc.trim() === '') {
-    logger?.fail(cmdPrefixMessage(cmdName, `${lockName} is empty`));
-    return;
+    return {
+      ok: false,
+      message: 'Empty Lock File',
+      cause: cmdPrefixMessage(cmdName, `${lockName} is empty`)
+    };
   }
   if (details.pkgPath === undefined) {
-    logger?.fail(cmdPrefixMessage(cmdName, `No ${PACKAGE_JSON} found`));
-    return;
+    return {
+      ok: false,
+      message: 'Missing package.json',
+      cause: cmdPrefixMessage(cmdName, `No ${PACKAGE_JSON} found`)
+    };
   }
   if (prod && (agent === BUN || agent === YARN_BERRY)) {
-    logger?.fail(cmdPrefixMessage(cmdName, `--prod not supported for ${agent}${agentVersion ? `@${agentVersion}` : ''}`));
-    return;
+    return {
+      ok: false,
+      message: 'Bad input',
+      cause: cmdPrefixMessage(cmdName, `--prod not supported for ${agent}${agentVersion ? `@${agentVersion}` : ''}`)
+    };
   }
   if (details.lockPath && path.relative(cwd, details.lockPath).startsWith('.')) {
     // Note: In tests we return <redacted> because otherwise snapshots will fail.
@@ -2944,7 +2968,10 @@ async function detectAndValidatePackageEnvironment(cwd, options) {
     const redacting = constants.ENV.VITEST;
     logger?.warn(cmdPrefixMessage(cmdName, `Package ${lockName} found at ${redacting ? REDACTED : details.lockPath}`));
   }
-  return details;
+  return {
+    ok: true,
+    data: details
+  };
 }
 
 const COMPLETION_CMD_PREFIX = 'complete -F _socket_completion';
@@ -3086,5 +3113,5 @@ exports.updateConfigValue = updateConfigValue;
 exports.validationFlags = validationFlags;
 exports.walkNestedMap = walkNestedMap;
 exports.writeSocketJson = writeSocketJson;
-//# debugId=ec929ce8-d2ad-4474-bc64-e03115717674
+//# debugId=35a0ad9c-ba9c-45c7-9e52-170f0d729a07
 //# sourceMappingURL=utils.js.map