@socketsecurity/cli-with-sentry 0.15.60 → 0.15.62

package/dist/vendor.js

@@ -32895,7 +32895,7 @@ var isInteractiveExports = /*@__PURE__*/ requireIsInteractive();
 var dist$e = {};
 
 var name$2 = "@socketsecurity/sdk";
-var version$5 = "1.4.43";
+var version$5 = "1.4.45";
 var license = "MIT";
 var description = "SDK for the Socket API client";
 var author = {
@@ -32978,36 +32978,36 @@ var scripts = {
 	"update:deps": "npx --yes npm-check-updates"
 };
 var dependencies = {
-	"@socketsecurity/registry": "1.0.205"
+	"@socketsecurity/registry": "1.0.208"
 };
 var devDependencies = {
 	"@biomejs/biome": "1.9.4",
-	"@dotenvx/dotenvx": "1.44.1",
-	"@eslint/compat": "1.2.9",
+	"@dotenvx/dotenvx": "1.44.2",
+	"@eslint/compat": "1.3.0",
 	"@eslint/js": "9.28.0",
-	"@types/node": "22.15.30",
-	"@typescript-eslint/parser": "8.33.1",
-	"@vitest/coverage-v8": "3.2.2",
+	"@types/node": "24.0.1",
+	"@typescript-eslint/parser": "8.34.0",
+	"@vitest/coverage-v8": "3.2.3",
 	"del-cli": "6.0.0",
 	eslint: "9.28.0",
 	"eslint-import-resolver-typescript": "4.4.3",
-	"eslint-plugin-import-x": "4.15.1",
-	"eslint-plugin-jsdoc": "50.7.1",
+	"eslint-plugin-import-x": "4.15.2",
+	"eslint-plugin-jsdoc": "50.8.0",
 	"eslint-plugin-n": "17.19.0",
 	"eslint-plugin-sort-destructure-keys": "2.0.0",
 	"eslint-plugin-unicorn": "56.0.1",
 	globals: "16.2.0",
 	husky: "9.1.7",
-	knip: "5.60.2",
+	knip: "5.61.0",
 	"lint-staged": "16.1.0",
 	nock: "14.0.5",
 	"npm-run-all2": "8.0.4",
 	"openapi-typescript": "6.7.6",
-	oxlint: "0.18.0",
+	oxlint: "1.1.0",
 	"type-coverage": "2.29.7",
 	typescript: "~5.8.3",
-	"typescript-eslint": "8.33.1",
-	vitest: "3.2.2"
+	"typescript-eslint": "8.34.0",
+	vitest: "3.2.3"
 };
 var overrides = {
 	vite: "6.3.5"
@@ -33124,83 +33124,116 @@ function requireDist$e () {
 	    ];
 	}
 	async function createUploadRequest(baseUrl, urlPath, requestBodyNoBoundaries, options) {
-	    // Generate a unique boundary for multipart encoding.
-	    const boundary = `NodeMultipartBoundary${Date.now()}`;
-	    const boundarySep = `--${boundary}\r\n`;
-	    const finalBoundary = `--${boundary}--\r\n`;
-	    const requestBody = [
-	        ...requestBodyNoBoundaries.flatMap(part => [
-	            boundarySep,
-	            ...(Array.isArray(part) ? part : [part])
-	        ]),
-	        finalBoundary
-	    ];
-	    const url = new URL(urlPath, baseUrl);
-	    const req = getHttpModule(baseUrl).request(url, {
-	        method: 'POST',
-	        ...options,
-	        headers: {
-	            ...options?.headers,
-	            'Content-Type': `multipart/form-data; boundary=${boundary}`
-	        }
-	    });
-	    let aborted = false;
-	    req.on('error', _err => {
-	        aborted = true;
-	    });
-	    req.on('close', () => {
-	        aborted = true;
-	    });
-	    try {
-	        // Send the request body (headers + files).
-	        for (const part of requestBody) {
-	            if (aborted) {
-	                break;
+	    // Note: this will create a regular http request and stream in the file content
+	    //       implicitly. The outgoing buffer is (implicitly) flushed periodically
+	    //       by node. When this happens first it will send the headers to the server
+	    //       which may decide to reject the request, immediately send a response and
+	    //       then cut the connection (EPIPE or ECONNRESET errors may follow while
+	    //       writing the files).
+	    //       We have to make sure to guard for sudden reject responses because if we
+	    //       don't then the file streaming will fail with random errors and it gets
+	    //       hard to debug what's going on why.
+	    //       Example : `socket scan create --org badorg` should fail gracefully.
+	    // eslint-disable-next-line no-async-promise-executor
+	    return await new Promise(async (pass, fail) => {
+	        // Generate a unique boundary for multipart encoding.
+	        const boundary = `NodeMultipartBoundary${Date.now()}`;
+	        const boundarySep = `--${boundary}\r\n`;
+	        const finalBoundary = `--${boundary}--\r\n`;
+	        const requestBody = [
+	            ...requestBodyNoBoundaries.flatMap(part => [
+	                boundarySep,
+	                ...(Array.isArray(part) ? part : [part])
+	            ]),
+	            finalBoundary
+	        ];
+	        const url = new URL(urlPath, baseUrl);
+	        const req = getHttpModule(baseUrl).request(url, {
+	            method: 'POST',
+	            ...options,
+	            headers: {
+	                ...options?.headers,
+	                'Content-Type': `multipart/form-data; boundary=${boundary}`
 	            }
-	            if (typeof part === 'string') {
-	                req.write(part);
+	        });
+	        // Send the headers now. If the server would reject this request, it should
+	        // do so asap. This prevents us from sending more data to it then necessary.
+	        // If it will reject we could just await the `req.on(response` now but if it
+	        // accepts the request then the response will not come until after the final
+	        // file. So we can't await the response at this time. Just proceed, carefully.
+	        req.flushHeaders();
+	        // Wait for the response. It may arrive at any point during the request or
+	        // afterwards. Node will flush the output buffer at some point, initiating
+	        // the request, and the server can decide to reject the request immediately
+	        // or at any point later (ike a timeout). We should handle those cases.
+	        getResponse(req).then(res => {
+	            // Note: this returns the response to the caller to createUploadRequest
+	            pass(res);
+	        }, async (err) => {
+	            // Note: this will throw an error for the caller to createUploadRequest
+	            if (err.response && !isResponseOk(err.response)) {
+	                fail(new ResponseError(err.response, `${err.method} request failed`));
 	            }
-	            else if (typeof part?.pipe === 'function') {
-	                part.pipe(req, { end: false });
-	                // Wait for file streaming to complete.
-	                // eslint-disable-next-line no-await-in-loop
-	                await new Promise((resolve, reject) => {
-	                    const cleanup = () => {
-	                        part.off('end', onEnd);
-	                        part.off('error', onError);
-	                    };
-	                    const onEnd = () => {
-	                        cleanup();
-	                        resolve();
-	                    };
-	                    const onError = (e) => {
-	                        cleanup();
-	                        reject(e);
-	                    };
-	                    part.on('end', onEnd);
-	                    part.on('error', onError);
-	                });
-	                if (!aborted) {
-	                    // Ensure a new line after file content.
-	                    req.write('\r\n');
+	            fail(err);
+	        });
+	        let aborted = false;
+	        req.on('error', _err => {
+	            aborted = true;
+	        });
+	        req.on('close', () => {
+	            aborted = true;
+	        });
+	        try {
+	            // Send the request body (headers + files).
+	            for (const part of requestBody) {
+	                if (aborted) {
+	                    break;
+	                }
+	                if (typeof part === 'string') {
+	                    req.write(part);
+	                }
+	                else if (typeof part?.pipe === 'function') {
+	                    part.pipe(req, { end: false });
+	                    // Wait for file streaming to complete.
+	                    // eslint-disable-next-line no-await-in-loop
+	                    await new Promise((resolve, reject) => {
+	                        const cleanup = () => {
+	                            part.off('end', onEnd);
+	                            part.off('error', onError);
+	                        };
+	                        const onEnd = () => {
+	                            cleanup();
+	                            resolve();
+	                        };
+	                        const onError = (e) => {
+	                            cleanup();
+	                            reject(e);
+	                        };
+	                        part.on('end', onEnd);
+	                        part.on('error', onError);
+	                    });
+	                    if (!aborted) {
+	                        // Ensure a new line after file content.
+	                        req.write('\r\n');
+	                    }
+	                }
+	                else {
+	                    throw new TypeError('Socket API - Invalid multipart part, expected string or stream');
 	                }
-	            }
-	            else {
-	                throw new TypeError('Socket API - Invalid multipart part, expected string or stream');
 	            }
 	        }
-	    }
-	    catch (e) {
-	        req.destroy(e);
-	        throw e;
-	    }
-	    finally {
-	        if (!aborted) {
-	            // Close request after writing all data.
-	            req.end();
+	        catch (e) {
+	            req.destroy(e);
+	            fail(e);
 	        }
-	    }
-	    return await getResponse(req);
+	        finally {
+	            if (!aborted) {
+	                // Close request after writing all data.
+	                req.end();
+	            }
+	        }
+	        pass(getResponse(req));
+	    });
 	}
 	async function getErrorResponseBody(response) {
 	    const chunks = [];
@@ -33233,39 +33266,33 @@ function requireDist$e () {
 	    return protocol === 'https:' ? node_https_1.default : node_http_1.default;
 	}
 	async function getResponse(req) {
-	    try {
-	        const res = await new Promise((resolve, reject) => {
-	            const cleanup = () => {
-	                req.off('response', onResponse);
-	                req.off('error', onError);
-	                abort_signal_1.default?.removeEventListener('abort', onAbort);
-	            };
-	            const onAbort = () => {
-	                cleanup();
-	                req.destroy();
-	                reject(new Error('Request aborted by signal'));
-	            };
-	            const onError = (e) => {
-	                cleanup();
-	                reject(e);
-	            };
-	            const onResponse = (res) => {
-	                cleanup();
-	                resolve(res);
-	            };
-	            req.on('response', onResponse);
-	            req.on('error', onError);
-	            abort_signal_1.default?.addEventListener('abort', onAbort);
-	        });
-	        if (!isResponseOk(res)) {
-	            throw new ResponseError(res, `${req.method} request failed`);
-	        }
-	        return res;
-	    }
-	    catch (e) {
-	        req.destroy();
-	        throw e;
+	    const res = await new Promise((resolve, reject) => {
+	        const cleanup = () => {
+	            req.off('response', onResponse);
+	            req.off('error', onError);
+	            abort_signal_1.default?.removeEventListener('abort', onAbort);
+	        };
+	        const onAbort = () => {
+	            cleanup();
+	            req.destroy();
+	            reject(new Error('Request aborted by signal'));
+	        };
+	        const onError = (e) => {
+	            cleanup();
+	            reject(e);
+	        };
+	        const onResponse = (res) => {
+	            cleanup();
+	            resolve(res);
+	        };
+	        req.on('response', onResponse);
+	        req.on('error', onError);
+	        abort_signal_1.default?.addEventListener('abort', onAbort);
+	    });
+	    if (!isResponseOk(res)) {
+	        throw new ResponseError(res, `${req.method} request failed`);
 	    }
+	    return res;
 	}
 	async function getResponseJson(response) {
 	    let data = '';
@@ -33311,9 +33338,6 @@ function requireDist$e () {
 	class SocketSdk {
 	    #baseUrl;
 	    #reqOptions;
-	    /**
-	     * @throws {SocketSdkAuthError}
-	     */
 	    constructor(apiToken, options) {
 	        const { agent: agentOrObj, baseUrl = 'https://api.socket.dev/v0/', userAgent } = { __proto__: null, ...options };
 	        const agentKeys = agentOrObj ? Object.keys(agentOrObj) : [];
@@ -33344,7 +33368,17 @@ function requireDist$e () {
 	        let res;
 	        try {
 	            res = await (0, promises_1.pRetry)(() => this.#createBatchPurlRequest(queryParams, componentsObj), {
-	                retries: 4
+	                retries: 4,
+	                onRetryRethrow: true,
+	                onRetry(_attempt, error) {
+	                    if (!(error instanceof ResponseError)) {
+	                        return;
+	                    }
+	                    const { statusCode } = error.response;
+	                    if (statusCode === 401 || statusCode === 403) {
+	                        throw error;
+	                    }
+	                }
 	            });
 	        }
 	        catch (e) {
@@ -33365,7 +33399,7 @@ function requireDist$e () {
 	                cause: error
 	            });
 	        }
-	        const statusCode = error.response.statusCode;
+	        const { statusCode } = error.response;
 	        if (statusCode >= 500) {
 	            throw new Error(`Socket API server error (${statusCode})`, {
 	                cause: error
@@ -33422,7 +33456,7 @@ function requireDist$e () {
 	        return this.#handleApiSuccess(results);
 	    }
 	    async *batchPackageStream(queryParams, componentsObj, options) {
-	        const { chunkSize = 5, concurrencyLimit = 10 } = {
+	        const { chunkSize = 500, concurrencyLimit = 10 } = {
 	            __proto__: null,
 	            ...options
 	        };
@@ -148099,6 +148133,7 @@ function requireReify() {
     time
   } = requireLib$B();
   const rpj = requireLib$x();
+  const hgi = requireLib$D();
   const {
     dirname,
     resolve,
@@ -148953,7 +148988,7 @@ function requireReify() {
       // Shrinkwrap and Node classes carefully, so for now, just treat
       // the default reg as the magical animal that it has been.
       try {
-        const resolvedURL = new URL(resolved);
+        const resolvedURL = hgi.parseUrl(resolved);
         if (this.options.replaceRegistryHost === resolvedURL.hostname || this.options.replaceRegistryHost === 'always') {
           const registryURL = new URL(this.registry);
 
@@ -164963,5 +164998,5 @@ exports.terminalLinkExports = terminalLinkExports;
 exports.updater = updater$1;
 exports.yargsParser = yargsParser;
 exports.yoctocolorsCjsExports = yoctocolorsCjsExports;
-//# debugId=54cac667-1a93-40c1-a094-bf9382b9516d
+//# debugId=2e114319-515b-421c-9aa6-21e4aadf9b6a
 //# sourceMappingURL=vendor.js.map