@socketsecurity/cli-with-sentry 0.15.47 → 0.15.49
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/cli.js +11 -11
- package/dist/cli.js.map +1 -1
- package/dist/constants.js +3 -3
- package/dist/constants.js.map +1 -1
- package/dist/types/commands/fix/pnpm-fix.d.mts.map +1 -1
- package/package.json +1 -1
package/dist/cli.js
CHANGED
|
@@ -4875,16 +4875,16 @@ async function pnpmFix(pkgEnvDetails, {
|
|
|
4875
4875
|
const infoEntry = sortedInfoEntries[i];
|
|
4876
4876
|
const partialPurlObj = utils.getPurlObject(infoEntry[0]);
|
|
4877
4877
|
const name = packages.resolvePackageName(partialPurlObj);
|
|
4878
|
-
|
|
4878
|
+
const infos = [...infoEntry[1].values()];
|
|
4879
|
+
if (!infos.length) {
|
|
4880
|
+
continue infoEntriesLoop;
|
|
4881
|
+
}
|
|
4882
|
+
const activeBranches = [];
|
|
4879
4883
|
if (isCi) {
|
|
4880
4884
|
const branchFullName = getSocketBranchFullNameComponent(partialPurlObj);
|
|
4881
4885
|
const branchPurlType = getSocketBranchPurlTypeComponent(partialPurlObj);
|
|
4882
|
-
const activeBranches = [];
|
|
4883
4886
|
for (const pr of openPrs) {
|
|
4884
4887
|
const parsedBranch = branchParser(pr.headRefName);
|
|
4885
|
-
debug.debugFn(`parse: ${pr.headRefName}\n`, parsedBranch);
|
|
4886
|
-
debug.debugFn(`check: branchPurlType ${branchPurlType} === ${parsedBranch?.type}`);
|
|
4887
|
-
debug.debugFn(`check: branchFullName ${branchFullName} === ${parsedBranch?.fullName}`);
|
|
4888
4888
|
if (branchPurlType === parsedBranch?.type && branchFullName === parsedBranch?.fullName) {
|
|
4889
4889
|
activeBranches.push(parsedBranch);
|
|
4890
4890
|
}
|
|
@@ -4894,10 +4894,6 @@ async function pnpmFix(pkgEnvDetails, {
|
|
|
4894
4894
|
} else if (openPrs.length) {
|
|
4895
4895
|
debug.debugFn('miss: 0 active branches found');
|
|
4896
4896
|
}
|
|
4897
|
-
infos = infos.filter(info => !activeBranches.find(b => b.newVersion === info.firstPatchedVersionIdentifier));
|
|
4898
|
-
}
|
|
4899
|
-
if (!infos.length) {
|
|
4900
|
-
continue infoEntriesLoop;
|
|
4901
4897
|
}
|
|
4902
4898
|
logger.logger.log(`Processing vulns for ${name}:`);
|
|
4903
4899
|
logger.logger.indent();
|
|
@@ -4988,12 +4984,16 @@ async function pnpmFix(pkgEnvDetails, {
|
|
|
4988
4984
|
infosLoop: for (const {
|
|
4989
4985
|
firstPatchedVersionIdentifier,
|
|
4990
4986
|
vulnerableVersionRange
|
|
4991
|
-
} of infos
|
|
4987
|
+
} of infos) {
|
|
4992
4988
|
if (vendor.semverExports.gte(oldVersion, firstPatchedVersionIdentifier)) {
|
|
4993
4989
|
debug.debugFn(`skip: ${oldId} is >= ${firstPatchedVersionIdentifier}`);
|
|
4994
4990
|
continue infosLoop;
|
|
4995
4991
|
}
|
|
4996
4992
|
const newVersion = shadowInject.findBestPatchVersion(node, availableVersions, vulnerableVersionRange);
|
|
4993
|
+
if (activeBranches.find(b => b.newVersion === newVersion)) {
|
|
4994
|
+
debug.debugFn(`skip: open PR found for ${name}@${newVersion}`);
|
|
4995
|
+
continue infosLoop;
|
|
4996
|
+
}
|
|
4997
4997
|
const newVersionPackument = newVersion ? packument.versions[newVersion] : undefined;
|
|
4998
4998
|
if (!(newVersion && newVersionPackument)) {
|
|
4999
4999
|
warningsForAfter.add(`${oldId} not updated: requires >=${firstPatchedVersionIdentifier}`);
|
|
@@ -14275,5 +14275,5 @@ void (async () => {
|
|
|
14275
14275
|
await utils.captureException(e);
|
|
14276
14276
|
}
|
|
14277
14277
|
})();
|
|
14278
|
-
//# debugId=
|
|
14278
|
+
//# debugId=5e90f708-2e66-4276-baa6-9beceb5ddf65
|
|
14279
14279
|
//# sourceMappingURL=cli.js.map
|