@socketsecurity/cli-with-sentry 0.15.7 → 0.15.8

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (21) hide show
  1. package/dist/.config/tsconfig.dts.tsbuildinfo +1 -1
  2. package/dist/cli.js +47 -50
  3. package/dist/cli.js.map +1 -1
  4. package/dist/constants.js +3 -3
  5. package/dist/constants.js.map +1 -1
  6. package/dist/shadow-inject.js +38 -14
  7. package/dist/shadow-inject.js.map +1 -1
  8. package/dist/types/commands/fix/npm-fix.d.mts.map +1 -1
  9. package/dist/types/commands/fix/pnpm-fix.d.mts.map +1 -1
  10. package/dist/types/shadow/npm/arborist/lib/node.d.mts +7 -2
  11. package/dist/types/shadow/npm/arborist/lib/node.d.mts.map +1 -1
  12. package/dist/types/shadow/npm/arborist-helpers.d.mts.map +1 -1
  13. package/dist/types/utils/pnpm.d.mts +1 -15
  14. package/dist/types/utils/pnpm.d.mts.map +1 -1
  15. package/dist/types/utils/spec.d.mts +2 -1
  16. package/dist/types/utils/spec.d.mts.map +1 -1
  17. package/dist/utils.js +33 -84
  18. package/dist/utils.js.map +1 -1
  19. package/dist/vendor.js +4036 -23919
  20. package/dist/vendor.js.map +1 -1
  21. package/package.json +5 -3
package/dist/cli.js CHANGED
@@ -19,11 +19,13 @@ const arrays = require('../external/@socketsecurity/registry/lib/arrays')
19
19
  const registry = require('../external/@socketsecurity/registry')
20
20
  const npm = require('../external/@socketsecurity/registry/lib/npm')
21
21
  const packages = require('../external/@socketsecurity/registry/lib/packages')
22
+ const sorts = require('../external/@socketsecurity/registry/lib/sorts')
22
23
  const path$1 = require('../external/@socketsecurity/registry/lib/path')
23
24
  const regexps = require('../external/@socketsecurity/registry/lib/regexps')
24
25
  const spawn = require('../external/@socketsecurity/registry/lib/spawn')
25
26
  const fs$2 = require('../external/@socketsecurity/registry/lib/fs')
26
27
  const shadowInject = require('./shadow-inject.js')
28
+ const strings = require('../external/@socketsecurity/registry/lib/strings')
27
29
  const objects = require('../external/@socketsecurity/registry/lib/objects')
28
30
  const registryConstants = require('../external/@socketsecurity/registry/lib/constants')
29
31
  const promises = require('../external/@socketsecurity/registry/lib/promises')
@@ -4048,16 +4050,16 @@ function normalizeFixOptions(options_) {
4048
4050
  }
4049
4051
 
4050
4052
  const { DRY_RUN_NOT_SAVING: DRY_RUN_NOT_SAVING$1, NPM: NPM$a } = constants
4051
- async function install$1(idealTree, options) {
4053
+ async function install$1(arb, options) {
4052
4054
  const { cwd = process.cwd() } = {
4053
4055
  __proto__: null,
4054
4056
  ...options
4055
4057
  }
4056
- const arb = new shadowInject.Arborist({
4058
+ const newArb = new shadowInject.Arborist({
4057
4059
  path: cwd
4058
4060
  })
4059
- arb.idealTree = idealTree
4060
- await arb.reify()
4061
+ newArb.idealTree = await arb.buildIdealTree()
4062
+ return await newArb.reify()
4061
4063
  }
4062
4064
  async function npmFix(
4063
4065
  pkgEnvDetails,
@@ -4075,8 +4077,9 @@ async function npmFix(
4075
4077
  path: rootPath,
4076
4078
  ...shadowInject.SAFE_ARBORIST_REIFY_OPTIONS_OVERRIDES
4077
4079
  })
4078
- // Calling arb.reify() creates the arb.diff object and nulls-out arb.idealTree.
4079
- await arb.reify()
4080
+ // Calling arb.reify() creates the arb.diff object, nulls-out arb.idealTree,
4081
+ // and populates arb.actualTree.
4082
+ let actualTree = await arb.reify()
4080
4083
  const alertsMap = purls.length
4081
4084
  ? await utils.getAlertsMapFromPurls(
4082
4085
  purls,
@@ -4113,7 +4116,10 @@ async function npmFix(
4113
4116
  ]
4114
4117
  spinner?.stop()
4115
4118
  let count = 0
4116
- infoByPkgNameLoop: for (const { 0: name, 1: infos } of infoByPkgName) {
4119
+ const sortedInfoEntries = [...infoByPkgName.entries()].sort((a, b) =>
4120
+ sorts.naturalCompare(a[0], b[0])
4121
+ )
4122
+ infoByPkgNameLoop: for (const { 0: name, 1: infos } of sortedInfoEntries) {
4117
4123
  logger.logger.log(`Processing vulnerable package: ${name}`)
4118
4124
  logger.logger.indent()
4119
4125
  spinner?.indent()
@@ -4140,12 +4146,14 @@ async function npmFix(
4140
4146
  ? 'root'
4141
4147
  : path.relative(rootPath, pkgPath)
4142
4148
  logger.logger.log(`Checking workspace: ${workspaceName}`)
4143
- arb.idealTree = null
4149
+
4144
4150
  // eslint-disable-next-line no-await-in-loop
4145
- await arb.buildIdealTree()
4151
+ actualTree = await install$1(arb, {
4152
+ cwd
4153
+ })
4146
4154
  const oldVersions = arrays.arrayUnique(
4147
4155
  shadowInject
4148
- .findPackageNodes(arb.idealTree, name)
4156
+ .findPackageNodes(actualTree, name)
4149
4157
  .map(n => n.target?.version ?? n.version)
4150
4158
  .filter(Boolean)
4151
4159
  )
@@ -4154,7 +4162,7 @@ async function npmFix(
4154
4162
  `Unexpected condition: Lockfile entries not found for ${name}.\n`
4155
4163
  )
4156
4164
  if (debug.isDebug()) {
4157
- console.dir(arb.idealTree, {
4165
+ console.dir(actualTree, {
4158
4166
  depth: 999
4159
4167
  })
4160
4168
  }
@@ -4170,11 +4178,7 @@ async function npmFix(
4170
4178
  for (const oldVersion of oldVersions) {
4171
4179
  const oldId = `${name}@${oldVersion}`
4172
4180
  const oldPurl = utils.idToPurl(oldId)
4173
- const node = shadowInject.findPackageNode(
4174
- arb.idealTree,
4175
- name,
4176
- oldVersion
4177
- )
4181
+ const node = shadowInject.findPackageNode(actualTree, name, oldVersion)
4178
4182
  if (!node) {
4179
4183
  logger.logger.warn(
4180
4184
  `Unexpected condition: Arborist node not found, skipping ${oldId}`
@@ -4225,7 +4229,8 @@ async function npmFix(
4225
4229
  shadowInject.updateNode(node, newVersion, newVersionPackument)
4226
4230
  shadowInject.updatePackageJsonFromNode(
4227
4231
  editablePkgJson,
4228
- arb.idealTree,
4232
+ // eslint-disable-next-line no-await-in-loop
4233
+ await arb.buildIdealTree(),
4229
4234
  node,
4230
4235
  newVersion,
4231
4236
  rangeStyle
@@ -4252,7 +4257,7 @@ async function npmFix(
4252
4257
  let errored = false
4253
4258
  try {
4254
4259
  // eslint-disable-next-line no-await-in-loop
4255
- await install$1(arb.idealTree, {
4260
+ actualTree = await install$1(arb, {
4256
4261
  cwd
4257
4262
  })
4258
4263
  if (test) {
@@ -4352,10 +4357,6 @@ async function npmFix(
4352
4357
  if (isCi) {
4353
4358
  // eslint-disable-next-line no-await-in-loop
4354
4359
  await gitResetAndClean(baseBranch, cwd)
4355
- // eslint-disable-next-line no-await-in-loop
4356
- await install$1(arb.idealTree, {
4357
- cwd
4358
- })
4359
4360
  }
4360
4361
  if (errored) {
4361
4362
  if (!isCi) {
@@ -4367,10 +4368,6 @@ async function npmFix(
4367
4368
  ignoreWhitespace: true
4368
4369
  })
4369
4370
  ])
4370
- // eslint-disable-next-line no-await-in-loop
4371
- await install$1(arb.idealTree, {
4372
- cwd
4373
- })
4374
4371
  }
4375
4372
  spinner?.failAndStop(
4376
4373
  `Update failed for ${oldId} in ${workspaceName}`,
@@ -4409,6 +4406,13 @@ async function getActualTree(cwd = process.cwd()) {
4409
4406
  })
4410
4407
  return await arb.loadActual()
4411
4408
  }
4409
+ async function readLockfile(lockfilePath) {
4410
+ return fs$1.existsSync(lockfilePath)
4411
+ ? vendor.jsYaml.load(
4412
+ strings.stripBom(await utils.readFileUtf8(lockfilePath))
4413
+ )
4414
+ : null
4415
+ }
4412
4416
  async function install(pkgEnvDetails, options) {
4413
4417
  const { args, cwd, spinner } = {
4414
4418
  __proto__: null,
@@ -4429,11 +4433,6 @@ async function install(pkgEnvDetails, options) {
4429
4433
  })
4430
4434
  return await getActualTree(cwd)
4431
4435
  }
4432
- async function readLockfile(pkgPath) {
4433
- return await vendor.libExports$4.readWantedLockfile(pkgPath, {
4434
- ignoreIncompatible: false
4435
- })
4436
- }
4437
4436
  async function pnpmFix(
4438
4437
  pkgEnvDetails,
4439
4438
  { autoMerge, cwd, dryRun, limit, purls, rangeStyle, test, testScript }
@@ -4446,15 +4445,17 @@ async function pnpmFix(
4446
4445
  const { spinner } = constants
4447
4446
  const { pkgPath: rootPath } = pkgEnvDetails
4448
4447
  spinner?.start()
4449
- let lockfile = await readLockfile(rootPath)
4448
+ let actualTree
4449
+ const lockfilePath = path.join(rootPath, 'pnpm-lock.yaml')
4450
+ let lockfile = await readLockfile(lockfilePath)
4450
4451
 
4451
4452
  // If pnpm-lock.yaml does NOT exist then install with pnpm to create it.
4452
4453
  if (!lockfile) {
4453
- await install(pkgEnvDetails, {
4454
+ actualTree = await install(pkgEnvDetails, {
4454
4455
  cwd,
4455
4456
  spinner
4456
4457
  })
4457
- lockfile = await readLockfile(rootPath)
4458
+ lockfile = await readLockfile(lockfilePath)
4458
4459
  }
4459
4460
  // Update pnpm-lock.yaml if its version is older than what the installed pnpm
4460
4461
  // produces.
@@ -4463,12 +4464,12 @@ async function pnpmFix(
4463
4464
  pkgEnvDetails.agentVersion.major >= 10 &&
4464
4465
  utils.parsePnpmLockfileVersion(lockfile.lockfileVersion).major <= 6
4465
4466
  ) {
4466
- await install(pkgEnvDetails, {
4467
+ actualTree = await install(pkgEnvDetails, {
4467
4468
  args: ['--lockfile-only'],
4468
4469
  cwd,
4469
4470
  spinner
4470
4471
  })
4471
- lockfile = await readLockfile(rootPath)
4472
+ lockfile = await readLockfile(lockfilePath)
4472
4473
  }
4473
4474
  // Exit early if pnpm-lock.yaml is not found.
4474
4475
  if (!lockfile) {
@@ -4512,7 +4513,10 @@ async function pnpmFix(
4512
4513
  ]
4513
4514
  spinner?.stop()
4514
4515
  let count = 0
4515
- infoByPkgNameLoop: for (const { 0: name, 1: infos } of infoByPkgName) {
4516
+ const sortedInfoEntries = [...infoByPkgName.entries()].sort((a, b) =>
4517
+ sorts.naturalCompare(a[0], b[0])
4518
+ )
4519
+ infoByPkgNameLoop: for (const { 0: name, 1: infos } of sortedInfoEntries) {
4516
4520
  logger.logger.log(`Processing vulnerable package: ${name}`)
4517
4521
  logger.logger.indent()
4518
4522
  spinner?.indent()
@@ -4541,11 +4545,14 @@ async function pnpmFix(
4541
4545
  logger.logger.log(`Checking workspace: ${workspaceName}`)
4542
4546
 
4543
4547
  // eslint-disable-next-line no-await-in-loop
4544
- let actualTree = await getActualTree(cwd)
4548
+ actualTree = await install(pkgEnvDetails, {
4549
+ cwd,
4550
+ spinner
4551
+ })
4545
4552
  const oldVersions = arrays.arrayUnique(
4546
4553
  shadowInject
4547
4554
  .findPackageNodes(actualTree, name)
4548
- .map(n => n.target?.version ?? n.version)
4555
+ .map(n => n.version)
4549
4556
  .filter(Boolean)
4550
4557
  )
4551
4558
  if (!oldVersions.length) {
@@ -4779,11 +4786,6 @@ async function pnpmFix(
4779
4786
  if (isCi) {
4780
4787
  // eslint-disable-next-line no-await-in-loop
4781
4788
  await gitResetAndClean(baseBranch, cwd)
4782
- // eslint-disable-next-line no-await-in-loop
4783
- actualTree = await install(pkgEnvDetails, {
4784
- cwd,
4785
- spinner
4786
- })
4787
4789
  }
4788
4790
  if (errored) {
4789
4791
  if (!isCi) {
@@ -4795,11 +4797,6 @@ async function pnpmFix(
4795
4797
  ignoreWhitespace: true
4796
4798
  })
4797
4799
  ])
4798
- // eslint-disable-next-line no-await-in-loop
4799
- actualTree = await install(pkgEnvDetails, {
4800
- cwd,
4801
- spinner
4802
- })
4803
4800
  }
4804
4801
  spinner?.failAndStop(
4805
4802
  `Update failed for ${oldId} in ${workspaceName}`,
@@ -12369,5 +12366,5 @@ void (async () => {
12369
12366
  await utils.captureException(e)
12370
12367
  }
12371
12368
  })()
12372
- //# debugId=481bc06b-e0e9-407e-a853-42da3bb2abbb
12369
+ //# debugId=74a80f74-c3fe-4491-ac5e-46b5e6dfdec
12373
12370
  //# sourceMappingURL=cli.js.map