@socketsecurity/cli-with-sentry 0.15.6 → 0.15.8

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (23) hide show
  1. package/dist/.config/tsconfig.dts.tsbuildinfo +1 -1
  2. package/dist/cli.js +56 -49
  3. package/dist/cli.js.map +1 -1
  4. package/dist/constants.js +3 -3
  5. package/dist/constants.js.map +1 -1
  6. package/dist/shadow-inject.js +38 -14
  7. package/dist/shadow-inject.js.map +1 -1
  8. package/dist/types/commands/fix/npm-fix.d.mts.map +1 -1
  9. package/dist/types/commands/fix/pnpm-fix.d.mts.map +1 -1
  10. package/dist/types/shadow/npm/arborist/lib/node.d.mts +7 -2
  11. package/dist/types/shadow/npm/arborist/lib/node.d.mts.map +1 -1
  12. package/dist/types/shadow/npm/arborist-helpers.d.mts.map +1 -1
  13. package/dist/types/utils/pnpm.d.mts +1 -15
  14. package/dist/types/utils/pnpm.d.mts.map +1 -1
  15. package/dist/types/utils/spec.d.mts +2 -1
  16. package/dist/types/utils/spec.d.mts.map +1 -1
  17. package/dist/utils.js +33 -84
  18. package/dist/utils.js.map +1 -1
  19. package/dist/vendor.js +4036 -23919
  20. package/dist/vendor.js.map +1 -1
  21. package/external/@socketsecurity/registry/lib/logger.js +44 -30
  22. package/external/@socketsecurity/registry/package.json +3 -3
  23. package/package.json +6 -4
package/dist/cli.js CHANGED
@@ -19,11 +19,13 @@ const arrays = require('../external/@socketsecurity/registry/lib/arrays')
19
19
  const registry = require('../external/@socketsecurity/registry')
20
20
  const npm = require('../external/@socketsecurity/registry/lib/npm')
21
21
  const packages = require('../external/@socketsecurity/registry/lib/packages')
22
+ const sorts = require('../external/@socketsecurity/registry/lib/sorts')
22
23
  const path$1 = require('../external/@socketsecurity/registry/lib/path')
23
24
  const regexps = require('../external/@socketsecurity/registry/lib/regexps')
24
25
  const spawn = require('../external/@socketsecurity/registry/lib/spawn')
25
26
  const fs$2 = require('../external/@socketsecurity/registry/lib/fs')
26
27
  const shadowInject = require('./shadow-inject.js')
28
+ const strings = require('../external/@socketsecurity/registry/lib/strings')
27
29
  const objects = require('../external/@socketsecurity/registry/lib/objects')
28
30
  const registryConstants = require('../external/@socketsecurity/registry/lib/constants')
29
31
  const promises = require('../external/@socketsecurity/registry/lib/promises')
@@ -4048,16 +4050,16 @@ function normalizeFixOptions(options_) {
4048
4050
  }
4049
4051
 
4050
4052
  const { DRY_RUN_NOT_SAVING: DRY_RUN_NOT_SAVING$1, NPM: NPM$a } = constants
4051
- async function install$1(idealTree, options) {
4053
+ async function install$1(arb, options) {
4052
4054
  const { cwd = process.cwd() } = {
4053
4055
  __proto__: null,
4054
4056
  ...options
4055
4057
  }
4056
- const arb = new shadowInject.Arborist({
4058
+ const newArb = new shadowInject.Arborist({
4057
4059
  path: cwd
4058
4060
  })
4059
- arb.idealTree = idealTree
4060
- await arb.reify()
4061
+ newArb.idealTree = await arb.buildIdealTree()
4062
+ return await newArb.reify()
4061
4063
  }
4062
4064
  async function npmFix(
4063
4065
  pkgEnvDetails,
@@ -4075,8 +4077,9 @@ async function npmFix(
4075
4077
  path: rootPath,
4076
4078
  ...shadowInject.SAFE_ARBORIST_REIFY_OPTIONS_OVERRIDES
4077
4079
  })
4078
- // Calling arb.reify() creates the arb.diff object and nulls-out arb.idealTree.
4079
- await arb.reify()
4080
+ // Calling arb.reify() creates the arb.diff object, nulls-out arb.idealTree,
4081
+ // and populates arb.actualTree.
4082
+ let actualTree = await arb.reify()
4080
4083
  const alertsMap = purls.length
4081
4084
  ? await utils.getAlertsMapFromPurls(
4082
4085
  purls,
@@ -4113,7 +4116,10 @@ async function npmFix(
4113
4116
  ]
4114
4117
  spinner?.stop()
4115
4118
  let count = 0
4116
- infoByPkgNameLoop: for (const { 0: name, 1: infos } of infoByPkgName) {
4119
+ const sortedInfoEntries = [...infoByPkgName.entries()].sort((a, b) =>
4120
+ sorts.naturalCompare(a[0], b[0])
4121
+ )
4122
+ infoByPkgNameLoop: for (const { 0: name, 1: infos } of sortedInfoEntries) {
4117
4123
  logger.logger.log(`Processing vulnerable package: ${name}`)
4118
4124
  logger.logger.indent()
4119
4125
  spinner?.indent()
@@ -4140,12 +4146,14 @@ async function npmFix(
4140
4146
  ? 'root'
4141
4147
  : path.relative(rootPath, pkgPath)
4142
4148
  logger.logger.log(`Checking workspace: ${workspaceName}`)
4143
- arb.idealTree = null
4149
+
4144
4150
  // eslint-disable-next-line no-await-in-loop
4145
- await arb.buildIdealTree()
4151
+ actualTree = await install$1(arb, {
4152
+ cwd
4153
+ })
4146
4154
  const oldVersions = arrays.arrayUnique(
4147
4155
  shadowInject
4148
- .findPackageNodes(arb.idealTree, name)
4156
+ .findPackageNodes(actualTree, name)
4149
4157
  .map(n => n.target?.version ?? n.version)
4150
4158
  .filter(Boolean)
4151
4159
  )
@@ -4153,6 +4161,11 @@ async function npmFix(
4153
4161
  logger.logger.warn(
4154
4162
  `Unexpected condition: Lockfile entries not found for ${name}.\n`
4155
4163
  )
4164
+ if (debug.isDebug()) {
4165
+ console.dir(actualTree, {
4166
+ depth: 999
4167
+ })
4168
+ }
4156
4169
  continue
4157
4170
  }
4158
4171
 
@@ -4165,11 +4178,7 @@ async function npmFix(
4165
4178
  for (const oldVersion of oldVersions) {
4166
4179
  const oldId = `${name}@${oldVersion}`
4167
4180
  const oldPurl = utils.idToPurl(oldId)
4168
- const node = shadowInject.findPackageNode(
4169
- arb.idealTree,
4170
- name,
4171
- oldVersion
4172
- )
4181
+ const node = shadowInject.findPackageNode(actualTree, name, oldVersion)
4173
4182
  if (!node) {
4174
4183
  logger.logger.warn(
4175
4184
  `Unexpected condition: Arborist node not found, skipping ${oldId}`
@@ -4220,7 +4229,8 @@ async function npmFix(
4220
4229
  shadowInject.updateNode(node, newVersion, newVersionPackument)
4221
4230
  shadowInject.updatePackageJsonFromNode(
4222
4231
  editablePkgJson,
4223
- arb.idealTree,
4232
+ // eslint-disable-next-line no-await-in-loop
4233
+ await arb.buildIdealTree(),
4224
4234
  node,
4225
4235
  newVersion,
4226
4236
  rangeStyle
@@ -4247,7 +4257,7 @@ async function npmFix(
4247
4257
  let errored = false
4248
4258
  try {
4249
4259
  // eslint-disable-next-line no-await-in-loop
4250
- await install$1(arb.idealTree, {
4260
+ actualTree = await install$1(arb, {
4251
4261
  cwd
4252
4262
  })
4253
4263
  if (test) {
@@ -4347,10 +4357,6 @@ async function npmFix(
4347
4357
  if (isCi) {
4348
4358
  // eslint-disable-next-line no-await-in-loop
4349
4359
  await gitResetAndClean(baseBranch, cwd)
4350
- // eslint-disable-next-line no-await-in-loop
4351
- await install$1(arb.idealTree, {
4352
- cwd
4353
- })
4354
4360
  }
4355
4361
  if (errored) {
4356
4362
  if (!isCi) {
@@ -4362,10 +4368,6 @@ async function npmFix(
4362
4368
  ignoreWhitespace: true
4363
4369
  })
4364
4370
  ])
4365
- // eslint-disable-next-line no-await-in-loop
4366
- await install$1(arb.idealTree, {
4367
- cwd
4368
- })
4369
4371
  }
4370
4372
  spinner?.failAndStop(
4371
4373
  `Update failed for ${oldId} in ${workspaceName}`,
@@ -4404,6 +4406,13 @@ async function getActualTree(cwd = process.cwd()) {
4404
4406
  })
4405
4407
  return await arb.loadActual()
4406
4408
  }
4409
+ async function readLockfile(lockfilePath) {
4410
+ return fs$1.existsSync(lockfilePath)
4411
+ ? vendor.jsYaml.load(
4412
+ strings.stripBom(await utils.readFileUtf8(lockfilePath))
4413
+ )
4414
+ : null
4415
+ }
4407
4416
  async function install(pkgEnvDetails, options) {
4408
4417
  const { args, cwd, spinner } = {
4409
4418
  __proto__: null,
@@ -4424,11 +4433,6 @@ async function install(pkgEnvDetails, options) {
4424
4433
  })
4425
4434
  return await getActualTree(cwd)
4426
4435
  }
4427
- async function readLockfile(pkgPath) {
4428
- return await vendor.libExports$4.readWantedLockfile(pkgPath, {
4429
- ignoreIncompatible: false
4430
- })
4431
- }
4432
4436
  async function pnpmFix(
4433
4437
  pkgEnvDetails,
4434
4438
  { autoMerge, cwd, dryRun, limit, purls, rangeStyle, test, testScript }
@@ -4441,15 +4445,17 @@ async function pnpmFix(
4441
4445
  const { spinner } = constants
4442
4446
  const { pkgPath: rootPath } = pkgEnvDetails
4443
4447
  spinner?.start()
4444
- let lockfile = await readLockfile(rootPath)
4448
+ let actualTree
4449
+ const lockfilePath = path.join(rootPath, 'pnpm-lock.yaml')
4450
+ let lockfile = await readLockfile(lockfilePath)
4445
4451
 
4446
4452
  // If pnpm-lock.yaml does NOT exist then install with pnpm to create it.
4447
4453
  if (!lockfile) {
4448
- await install(pkgEnvDetails, {
4454
+ actualTree = await install(pkgEnvDetails, {
4449
4455
  cwd,
4450
4456
  spinner
4451
4457
  })
4452
- lockfile = await readLockfile(rootPath)
4458
+ lockfile = await readLockfile(lockfilePath)
4453
4459
  }
4454
4460
  // Update pnpm-lock.yaml if its version is older than what the installed pnpm
4455
4461
  // produces.
@@ -4458,12 +4464,12 @@ async function pnpmFix(
4458
4464
  pkgEnvDetails.agentVersion.major >= 10 &&
4459
4465
  utils.parsePnpmLockfileVersion(lockfile.lockfileVersion).major <= 6
4460
4466
  ) {
4461
- await install(pkgEnvDetails, {
4467
+ actualTree = await install(pkgEnvDetails, {
4462
4468
  args: ['--lockfile-only'],
4463
4469
  cwd,
4464
4470
  spinner
4465
4471
  })
4466
- lockfile = await readLockfile(rootPath)
4472
+ lockfile = await readLockfile(lockfilePath)
4467
4473
  }
4468
4474
  // Exit early if pnpm-lock.yaml is not found.
4469
4475
  if (!lockfile) {
@@ -4507,7 +4513,10 @@ async function pnpmFix(
4507
4513
  ]
4508
4514
  spinner?.stop()
4509
4515
  let count = 0
4510
- infoByPkgNameLoop: for (const { 0: name, 1: infos } of infoByPkgName) {
4516
+ const sortedInfoEntries = [...infoByPkgName.entries()].sort((a, b) =>
4517
+ sorts.naturalCompare(a[0], b[0])
4518
+ )
4519
+ infoByPkgNameLoop: for (const { 0: name, 1: infos } of sortedInfoEntries) {
4511
4520
  logger.logger.log(`Processing vulnerable package: ${name}`)
4512
4521
  logger.logger.indent()
4513
4522
  spinner?.indent()
@@ -4536,17 +4545,25 @@ async function pnpmFix(
4536
4545
  logger.logger.log(`Checking workspace: ${workspaceName}`)
4537
4546
 
4538
4547
  // eslint-disable-next-line no-await-in-loop
4539
- let actualTree = await getActualTree(cwd)
4548
+ actualTree = await install(pkgEnvDetails, {
4549
+ cwd,
4550
+ spinner
4551
+ })
4540
4552
  const oldVersions = arrays.arrayUnique(
4541
4553
  shadowInject
4542
4554
  .findPackageNodes(actualTree, name)
4543
- .map(n => n.target?.version ?? n.version)
4555
+ .map(n => n.version)
4544
4556
  .filter(Boolean)
4545
4557
  )
4546
4558
  if (!oldVersions.length) {
4547
4559
  logger.logger.warn(
4548
4560
  `Unexpected condition: Lockfile entries not found for ${name}.\n`
4549
4561
  )
4562
+ if (debug.isDebug()) {
4563
+ console.dir(actualTree, {
4564
+ depth: 999
4565
+ })
4566
+ }
4550
4567
  continue
4551
4568
  }
4552
4569
 
@@ -4769,11 +4786,6 @@ async function pnpmFix(
4769
4786
  if (isCi) {
4770
4787
  // eslint-disable-next-line no-await-in-loop
4771
4788
  await gitResetAndClean(baseBranch, cwd)
4772
- // eslint-disable-next-line no-await-in-loop
4773
- actualTree = await install(pkgEnvDetails, {
4774
- cwd,
4775
- spinner
4776
- })
4777
4789
  }
4778
4790
  if (errored) {
4779
4791
  if (!isCi) {
@@ -4785,11 +4797,6 @@ async function pnpmFix(
4785
4797
  ignoreWhitespace: true
4786
4798
  })
4787
4799
  ])
4788
- // eslint-disable-next-line no-await-in-loop
4789
- actualTree = await install(pkgEnvDetails, {
4790
- cwd,
4791
- spinner
4792
- })
4793
4800
  }
4794
4801
  spinner?.failAndStop(
4795
4802
  `Update failed for ${oldId} in ${workspaceName}`,
@@ -12359,5 +12366,5 @@ void (async () => {
12359
12366
  await utils.captureException(e)
12360
12367
  }
12361
12368
  })()
12362
- //# debugId=7be17873-378c-4746-b5ba-617639c5ac8a
12369
+ //# debugId=74a80f74-c3fe-4491-ac5e-46b5e6dfdec
12363
12370
  //# sourceMappingURL=cli.js.map