npm - @socketsecurity/cli-with-sentry - Versions diffs - 0.15.61 → 0.15.62 - Mend

@socketsecurity/cli-with-sentry 0.15.61 → 0.15.62

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (18) hide show

package/dist/cli.js +147 -75
package/dist/cli.js.map +1 -1
package/dist/constants.js +8 -7
package/dist/constants.js.map +1 -1
package/dist/types/commands/fix/fix-env-helpers.d.mts +4 -4
package/dist/types/commands/fix/fix-env-helpers.d.mts.map +1 -1
package/dist/types/commands/fix/git.d.mts +19 -14
package/dist/types/commands/fix/git.d.mts.map +1 -1
package/dist/types/commands/fix/npm-fix.d.mts.map +1 -1
package/dist/types/commands/fix/open-pr.d.mts +0 -5
package/dist/types/commands/fix/open-pr.d.mts.map +1 -1
package/dist/types/commands/fix/pnpm-fix.d.mts.map +1 -1
package/dist/types/constants.d.mts +1 -1
package/dist/types/constants.d.mts.map +1 -1
package/dist/vendor.js +23 -15
package/external/@socketsecurity/registry/external/browserslist.js +242 -237
package/external/@socketsecurity/registry/lib/promises.js +17 -2
package/package.json +10 -10

package/dist/cli.js CHANGED Viewed

@@ -3660,29 +3660,64 @@ async function outputFixResult(result, outputKind) {
 function formatBranchName(name) {
   return name.replace(/[^-a-zA-Z0-9/._-]+/g, '+');
 }
-function getBaseGitBranch() {
-  // Lazily access constants.ENV.GITHUB_REF_NAME.
-  return constants.ENV.GITHUB_REF_NAME ||
+function createSocketBranchParser(options) {
+  const pattern = getSocketBranchPattern(options);
+  return function parse(branch) {
+    const match = pattern.exec(branch);
+    if (!match) {
+      return null;
+    }
+    const {
+      1: type,
+      2: workspace,
+      3: fullName,
+      4: version,
+      5: newVersion
+    } = match;
+    return {
+      fullName,
+      newVersion: vendor.semverExports.coerce(newVersion.replaceAll('+', '.'))?.version,
+      type,
+      workspace,
+      version: vendor.semverExports.coerce(version.replaceAll('+', '.'))?.version
+    };
+  };
+}
+async function getBaseGitBranch(cwd = process.cwd()) {
+  // Lazily access constants.ENV properties.
+  const {
+    GITHUB_BASE_REF,
+    GITHUB_REF_NAME,
+    GITHUB_REF_TYPE
+  } = constants.ENV;
+  // 1. In a pull request, this is always the base branch.
+  if (GITHUB_BASE_REF) {
+    return GITHUB_BASE_REF;
+  }
+  // 2. If it's a branch (not a tag), GITHUB_REF_TYPE should be 'branch'.
+  if (GITHUB_REF_TYPE === 'branch' && GITHUB_REF_NAME) {
+    return GITHUB_REF_NAME;
+  }
+  // 3. Try to resolve the default remote branch using 'git remote show origin'.
+  // This handles detached HEADs or workflows triggered by tags/releases.
+  try {
+    const stdout = (await spawn.spawn('git', ['remote', 'show', 'origin'], {
+      cwd
+    })).stdout.trim();
+    const match = /(?<=HEAD branch: ).+/.exec(stdout);
+    if (match?.[0]) {
+      return match[0].trim();
+    }
+  } catch {}
   // GitHub defaults to branch name "main"
   // https://docs.github.com/en/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/about-branches#about-the-default-branch
-  'main';
-}
-function getSocketBranchPurlTypeComponent(purl) {
-  const purlObj = utils.getPurlObject(purl);
-  return formatBranchName(purlObj.type);
+  return 'main';
 }
 function getSocketBranchFullNameComponent(pkgName) {
   const purlObj = utils.getPurlObject(typeof pkgName === 'string' && !pkgName.startsWith('pkg:') ? vendor.packageurlJsExports.PackageURL.fromString(`pkg:unknown/${pkgName}`) : pkgName);
   const fmtMaybeNamespace = purlObj.namespace ? `${formatBranchName(purlObj.namespace)}--` : '';
   return `${fmtMaybeNamespace}${formatBranchName(purlObj.name)}`;
 }
-function getSocketBranchPackageVersionComponent(version) {
-  const purlObj = utils.getPurlObject(typeof version === 'string' && !version.startsWith('pkg:') ? vendor.packageurlJsExports.PackageURL.fromString(`pkg:unknown/unknown@${version}`) : version);
-  return formatBranchName(purlObj.version);
-}
-function getSocketBranchWorkspaceComponent(workspace) {
-  return workspace ? formatBranchName(workspace) : 'root';
-}
 function getSocketBranchName(purl, newVersion, workspace) {
   const purlObj = utils.getPurlObject(purl);
   const fmtType = getSocketBranchPurlTypeComponent(purlObj);
@@ -3692,6 +3727,10 @@ function getSocketBranchName(purl, newVersion, workspace) {
   const fmtNewVersion = formatBranchName(newVersion);
   return `socket/${fmtType}/${fmtWorkspace}/${fmtFullName}_${fmtVersion}_${fmtNewVersion}`;
 }
+function getSocketBranchPackageVersionComponent(version) {
+  const purlObj = utils.getPurlObject(typeof version === 'string' && !version.startsWith('pkg:') ? vendor.packageurlJsExports.PackageURL.fromString(`pkg:unknown/unknown@${version}`) : version);
+  return formatBranchName(purlObj.version);
+}
 function getSocketBranchPattern(options) {
   const {
     newVersion,
@@ -3710,33 +3749,17 @@ function getSocketBranchPattern(options) {
   const escNewVersion = newVersion ? regexps.escapeRegExp(formatBranchName(newVersion)) : '[^_]+';
   return new RegExp(`^socket/(${escType})/(${escWorkspace})/(${escFullName})_(${escVersion})_(${escNewVersion})$`);
 }
-function createSocketBranchParser(options) {
-  const pattern = getSocketBranchPattern(options);
-  return function parse(branch) {
-    const match = pattern.exec(branch);
-    if (!match) {
-      return null;
-    }
-    const {
-      1: type,
-      2: workspace,
-      3: fullName,
-      4: version,
-      5: newVersion
-    } = match;
-    return {
-      fullName,
-      newVersion: vendor.semverExports.coerce(newVersion.replaceAll('+', '.'))?.version,
-      type,
-      workspace,
-      version: vendor.semverExports.coerce(version.replaceAll('+', '.'))?.version
-    };
-  };
+function getSocketBranchPurlTypeComponent(purl) {
+  const purlObj = utils.getPurlObject(purl);
+  return formatBranchName(purlObj.type);
 }
-function getSocketPullRequestTitle(purl, newVersion, workspace) {
+function getSocketBranchWorkspaceComponent(workspace) {
+  return workspace ? formatBranchName(workspace) : 'root';
+}
+function getSocketCommitMessage(purl, newVersion, workspace) {
   const purlObj = utils.getPurlObject(purl);
   const fullName = utils.getPkgFullNameFromPurl(purlObj);
-  return `Bump ${fullName} from ${purlObj.version} to ${newVersion}${workspace ? ` in ${workspace}` : ''}`;
+  return `socket: Bump ${fullName} from ${purlObj.version} to ${newVersion}${workspace ? ` in ${workspace}` : ''}`;
 }
 function getSocketPullRequestBody(purl, newVersion, workspace) {
   const purlObj = utils.getPurlObject(purl);
@@ -3744,10 +3767,10 @@ function getSocketPullRequestBody(purl, newVersion, workspace) {
   const pkgOverviewUrl = utils.getSocketDevPackageOverviewUrlFromPurl(purlObj);
   return `Bump [${fullName}](${pkgOverviewUrl}) from ${purlObj.version} to ${newVersion}${workspace ? ` in ${workspace}` : ''}.`;
 }
-function getSocketCommitMessage(purl, newVersion, workspace) {
+function getSocketPullRequestTitle(purl, newVersion, workspace) {
   const purlObj = utils.getPurlObject(purl);
   const fullName = utils.getPkgFullNameFromPurl(purlObj);
-  return `socket: Bump ${fullName} from ${purlObj.version} to ${newVersion}${workspace ? ` in ${workspace}` : ''}`;
+  return `Bump ${fullName} from ${purlObj.version} to ${newVersion}${workspace ? ` in ${workspace}` : ''}`;
 }
 async function gitCleanFdx(cwd = process.cwd()) {
   const stdioIgnoreOptions = {
@@ -3780,7 +3803,7 @@ async function gitCreateAndPushBranch(branch, commitMsg, filepaths, options) {
     await spawn.spawn('git', ['push', '--force', '--set-upstream', 'origin', branch], stdioIgnoreOptions);
     return true;
   } catch (e) {
-    debug.debugFn('catch: unexpected\n', e);
+    debug.debugFn(`catch: git push --force --set-upstream origin ${branch} failed\n`, e);
   }
   try {
     // Will throw with exit code 1 if branch does not exist.
@@ -3788,6 +3811,38 @@ async function gitCreateAndPushBranch(branch, commitMsg, filepaths, options) {
   } catch {}
   return false;
 }
+async function gitRepoInfo(cwd = process.cwd()) {
+  try {
+    const remoteUrl = (await spawn.spawn('git', ['remote', 'get-url', 'origin'], {
+      cwd
+    })).stdout.trim();
+    // 1. Handle SSH-style, e.g. git@github.com:owner/repo.git
+    const sshMatch = /^git@[^:]+:([^/]+)\/(.+?)(?:\.git)?$/.exec(remoteUrl);
+    if (sshMatch) {
+      return {
+        owner: sshMatch[1],
+        repo: sshMatch[2]
+      };
+    }
+    // 2. Handle HTTPS/URL-style, e.g. https://github.com/owner/repo.git
+    try {
+      const parsed = new URL(remoteUrl);
+      const segments = parsed.pathname.split('/');
+      const owner = segments.at(-2);
+      const repo = segments.at(-1)?.replace(/\.git$/, '');
+      if (owner && repo) {
+        return {
+          owner,
+          repo
+        };
+      }
+    } catch {}
+    debug.debugFn('git: unmatched git remote URL format', remoteUrl);
+  } catch (e) {
+    debug.debugFn('catch: git remote get-url origin failed\n', e);
+  }
+  return null;
+}
 async function gitEnsureIdentity(name, email, cwd = process.cwd()) {
   const stdioIgnoreOptions = {
     cwd,
@@ -3810,7 +3865,7 @@ async function gitEnsureIdentity(name, email, cwd = process.cwd()) {
       try {
         await spawn.spawn('git', ['config', prop, value], stdioIgnoreOptions);
       } catch (e) {
-        debug.debugFn('catch: unexpected\n', e);
+        debug.debugFn(`catch: git config ${prop} ${value} failed\n`, e);
       }
     }
   }));
@@ -4075,24 +4130,6 @@ async function enablePrAutoMerge({
     enabled: false
   };
 }
-function getGithubEnvRepoInfo() {
-  // Lazily access constants.ENV.GITHUB_REPOSITORY.
-  const {
-    GITHUB_REPOSITORY
-  } = constants.ENV;
-  if (!GITHUB_REPOSITORY) {
-    debug.debugFn('miss: GITHUB_REPOSITORY env var');
-  }
-  const ownerSlashRepo = GITHUB_REPOSITORY;
-  const slashIndex = ownerSlashRepo.indexOf('/');
-  if (slashIndex === -1) {
-    return null;
-  }
-  return {
-    owner: ownerSlashRepo.slice(0, slashIndex),
-    repo: ownerSlashRepo.slice(slashIndex + 1)
-  };
-}
 async function getOpenSocketPrs(owner, repo, options) {
   return (await getOpenSocketPrsWithContext(owner, repo, options)).map(d => d.match);
 }
@@ -4218,11 +4255,6 @@ async function openPr(owner, repo, branch, purl, newVersion, options) {
     __proto__: null,
     ...options
   };
-  // Lazily access constants.ENV.GITHUB_ACTIONS.
-  if (!constants.ENV.GITHUB_ACTIONS) {
-    debug.debugFn('miss: GITHUB_ACTIONS env var');
-    return null;
-  }
   const purlObj = utils.getPurlObject(purl);
   const octokit = getOctokit();
   try {
@@ -4274,19 +4306,48 @@ async function setGitRemoteGithubRepoUrl(owner, repo, token, cwd = process.cwd()
   }
 }
-function getCiEnv() {
+async function getEnvRepoInfo(cwd) {
+  // Lazily access constants.ENV.GITHUB_REPOSITORY.
+  const {
+    GITHUB_REPOSITORY
+  } = constants.ENV;
+  if (!GITHUB_REPOSITORY) {
+    debug.debugFn('miss: GITHUB_REPOSITORY env var');
+  }
+  const ownerSlashRepo = GITHUB_REPOSITORY;
+  const slashIndex = ownerSlashRepo.indexOf('/');
+  if (slashIndex !== -1) {
+    return {
+      owner: ownerSlashRepo.slice(0, slashIndex),
+      repo: ownerSlashRepo.slice(slashIndex + 1)
+    };
+  }
+  return await gitRepoInfo(cwd);
+}
+async function getCiEnv() {
   const gitEmail = constants.ENV.SOCKET_CLI_GIT_USER_EMAIL;
   const gitUser = constants.ENV.SOCKET_CLI_GIT_USER_NAME;
   const githubToken = constants.ENV.SOCKET_CLI_GITHUB_TOKEN;
-  const isCi = !!(constants.ENV.CI && constants.ENV.GITHUB_ACTIONS && constants.ENV.GITHUB_REPOSITORY && gitEmail && gitUser && githubToken);
-  return isCi ? {
+  const isCi = !!(constants.ENV.CI && gitEmail && gitUser && githubToken);
+  if (!isCi) {
+    return null;
+  }
+  const baseBranch = await getBaseGitBranch();
+  if (!baseBranch) {
+    return null;
+  }
+  const repoInfo = await getEnvRepoInfo();
+  if (!repoInfo) {
+    return null;
+  }
+  return {
     gitEmail,
     gitUser,
     githubToken,
-    repoInfo: getGithubEnvRepoInfo(),
-    baseBranch: getBaseGitBranch(),
+    repoInfo,
+    baseBranch,
     branchParser: createSocketBranchParser()
-  } : null;
+  };
 }
 async function getOpenPrsForEnvironment(env) {
   return env ? await getOpenSocketPrs(env.repoInfo.owner, env.repoInfo.repo, {
@@ -4346,7 +4407,7 @@ async function npmFix(pkgEnvDetails, {
     pkgPath: rootPath
   } = pkgEnvDetails;
   spinner?.start();
-  const ciEnv = getCiEnv();
+  const ciEnv = await getCiEnv();
   const openPrs = ciEnv ? await getOpenPrsForEnvironment(ciEnv) : [];
   let count = 0;
   const arb = new shadowNpmInject.Arborist({
@@ -4461,6 +4522,7 @@ async function npmFix(pkgEnvDetails, {
       const editablePkgJson = await packages.readPackageJson(pkgJsonPath, {
         editable: true
       });
+      const fixedVersions = new Set();
       let hasAnnouncedWorkspace = false;
       let workspaceLogCallCount = logger.logger.logCallCount;
       if (debug.isDebug()) {
@@ -4486,6 +4548,9 @@ async function npmFix(pkgEnvDetails, {
             warningsForAfter.add(`${oldId} not updated: requires >=${firstPatchedVersionIdentifier}`);
             continue infosLoop;
           }
+          if (fixedVersions.has(newVersion)) {
+            continue infosLoop;
+          }
           if (vendor.semverExports.gte(oldVersion, newVersion)) {
             debug.debugFn(`skip: ${oldId} is >= ${newVersion}`);
             continue infosLoop;
@@ -4557,6 +4622,7 @@ async function npmFix(pkgEnvDetails, {
                 });
               }
               spinner?.success(`Fixed ${name} in ${workspace}.`);
+              fixedVersions.add(newVersion);
             } else {
               errored = true;
             }
@@ -4783,7 +4849,7 @@ async function pnpmFix(pkgEnvDetails, {
     pkgPath: rootPath
   } = pkgEnvDetails;
   spinner?.start();
-  const ciEnv = getCiEnv();
+  const ciEnv = await getCiEnv();
   const openPrs = ciEnv ? await getOpenPrsForEnvironment(ciEnv) : [];
   let count = 0;
   let actualTree;
@@ -4963,6 +5029,8 @@ async function pnpmFix(pkgEnvDetails, {
       const editablePkgJson = await packages.readPackageJson(pkgJsonPath, {
         editable: true
       });
+      const fixedVersions = new Set();
       // Get current overrides for revert logic.
       const oldPnpmSection = editablePkgJson.content[PNPM$7];
       const oldOverrides = oldPnpmSection?.[OVERRIDES$2];
@@ -4991,6 +5059,9 @@ async function pnpmFix(pkgEnvDetails, {
             warningsForAfter.add(`${oldId} not updated: requires >=${firstPatchedVersionIdentifier}`);
             continue infosLoop;
           }
+          if (fixedVersions.has(newVersion)) {
+            continue infosLoop;
+          }
           if (vendor.semverExports.gte(oldVersion, newVersion)) {
             debug.debugFn(`skip: ${oldId} is >= ${newVersion}`);
             continue infosLoop;
@@ -5103,6 +5174,7 @@ async function pnpmFix(pkgEnvDetails, {
                 });
               }
               spinner?.success(`Fixed ${name} in ${workspace}.`);
+              fixedVersions.add(newVersion);
             } else {
               errored = true;
             }
@@ -14640,5 +14712,5 @@ void (async () => {
     await utils.captureException(e);
   }
 })();
-//# debugId=f55e6ed3-61c1-4ff4-b932-f2758fcef19
+//# debugId=ff4cb15e-6c8d-4702-a71b-9fdebd5e1b1
 //# sourceMappingURL=cli.js.map