@socketsecurity/cli-with-sentry 0.15.48 → 0.15.49

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (6) hide show
  1. package/dist/cli.js +11 -20
  2. package/dist/cli.js.map +1 -1
  3. package/dist/constants.js +3 -3
  4. package/dist/constants.js.map +1 -1
  5. package/dist/types/commands/fix/pnpm-fix.d.mts.map +1 -1
  6. package/package.json +1 -1
package/dist/cli.js CHANGED
@@ -4875,16 +4875,16 @@ async function pnpmFix(pkgEnvDetails, {
4875
4875
  const infoEntry = sortedInfoEntries[i];
4876
4876
  const partialPurlObj = utils.getPurlObject(infoEntry[0]);
4877
4877
  const name = packages.resolvePackageName(partialPurlObj);
4878
- let infos = [...infoEntry[1].values()];
4878
+ const infos = [...infoEntry[1].values()];
4879
+ if (!infos.length) {
4880
+ continue infoEntriesLoop;
4881
+ }
4882
+ const activeBranches = [];
4879
4883
  if (isCi) {
4880
4884
  const branchFullName = getSocketBranchFullNameComponent(partialPurlObj);
4881
4885
  const branchPurlType = getSocketBranchPurlTypeComponent(partialPurlObj);
4882
- const activeBranches = [];
4883
4886
  for (const pr of openPrs) {
4884
4887
  const parsedBranch = branchParser(pr.headRefName);
4885
- debug.debugFn(`parse: ${pr.headRefName}\n`, parsedBranch);
4886
- debug.debugFn(`check: branchPurlType ${branchPurlType} === ${parsedBranch?.type}`);
4887
- debug.debugFn(`check: branchFullName ${branchFullName} === ${parsedBranch?.fullName}`);
4888
4888
  if (branchPurlType === parsedBranch?.type && branchFullName === parsedBranch?.fullName) {
4889
4889
  activeBranches.push(parsedBranch);
4890
4890
  }
@@ -4894,19 +4894,6 @@ async function pnpmFix(pkgEnvDetails, {
4894
4894
  } else if (openPrs.length) {
4895
4895
  debug.debugFn('miss: 0 active branches found');
4896
4896
  }
4897
- infos = infos.filter(info => {
4898
- const found = activeBranches.find(b => b.newVersion === info.firstPatchedVersionIdentifier);
4899
- if (found) {
4900
- debug.debugFn(`found: active branch for ${name}@${info.firstPatchedVersionIdentifier}`);
4901
- return false;
4902
- } else {
4903
- debug.debugFn(`miss: no active branch found for ${name}@${info.firstPatchedVersionIdentifier}`);
4904
- return true;
4905
- }
4906
- });
4907
- }
4908
- if (!infos.length) {
4909
- continue infoEntriesLoop;
4910
4897
  }
4911
4898
  logger.logger.log(`Processing vulns for ${name}:`);
4912
4899
  logger.logger.indent();
@@ -4997,12 +4984,16 @@ async function pnpmFix(pkgEnvDetails, {
4997
4984
  infosLoop: for (const {
4998
4985
  firstPatchedVersionIdentifier,
4999
4986
  vulnerableVersionRange
5000
- } of infos.values()) {
4987
+ } of infos) {
5001
4988
  if (vendor.semverExports.gte(oldVersion, firstPatchedVersionIdentifier)) {
5002
4989
  debug.debugFn(`skip: ${oldId} is >= ${firstPatchedVersionIdentifier}`);
5003
4990
  continue infosLoop;
5004
4991
  }
5005
4992
  const newVersion = shadowInject.findBestPatchVersion(node, availableVersions, vulnerableVersionRange);
4993
+ if (activeBranches.find(b => b.newVersion === newVersion)) {
4994
+ debug.debugFn(`skip: open PR found for ${name}@${newVersion}`);
4995
+ continue infosLoop;
4996
+ }
5006
4997
  const newVersionPackument = newVersion ? packument.versions[newVersion] : undefined;
5007
4998
  if (!(newVersion && newVersionPackument)) {
5008
4999
  warningsForAfter.add(`${oldId} not updated: requires >=${firstPatchedVersionIdentifier}`);
@@ -14284,5 +14275,5 @@ void (async () => {
14284
14275
  await utils.captureException(e);
14285
14276
  }
14286
14277
  })();
14287
- //# debugId=d77f850e-4116-456a-acb9-b74d5a8977aa
14278
+ //# debugId=5e90f708-2e66-4276-baa6-9beceb5ddf65
14288
14279
  //# sourceMappingURL=cli.js.map