@socketsecurity/cli-with-sentry 0.15.7 → 0.15.9

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (21) hide show
  1. package/dist/.config/tsconfig.dts.tsbuildinfo +1 -1
  2. package/dist/cli.js +46 -59
  3. package/dist/cli.js.map +1 -1
  4. package/dist/constants.js +3 -3
  5. package/dist/constants.js.map +1 -1
  6. package/dist/shadow-inject.js +38 -14
  7. package/dist/shadow-inject.js.map +1 -1
  8. package/dist/types/commands/fix/npm-fix.d.mts.map +1 -1
  9. package/dist/types/commands/fix/pnpm-fix.d.mts.map +1 -1
  10. package/dist/types/shadow/npm/arborist/lib/node.d.mts +7 -2
  11. package/dist/types/shadow/npm/arborist/lib/node.d.mts.map +1 -1
  12. package/dist/types/shadow/npm/arborist-helpers.d.mts.map +1 -1
  13. package/dist/types/utils/pnpm.d.mts +1 -15
  14. package/dist/types/utils/pnpm.d.mts.map +1 -1
  15. package/dist/types/utils/spec.d.mts +2 -1
  16. package/dist/types/utils/spec.d.mts.map +1 -1
  17. package/dist/utils.js +33 -84
  18. package/dist/utils.js.map +1 -1
  19. package/dist/vendor.js +4070 -23949
  20. package/dist/vendor.js.map +1 -1
  21. package/package.json +6 -4
package/dist/cli.js CHANGED
@@ -19,11 +19,13 @@ const arrays = require('../external/@socketsecurity/registry/lib/arrays')
19
19
  const registry = require('../external/@socketsecurity/registry')
20
20
  const npm = require('../external/@socketsecurity/registry/lib/npm')
21
21
  const packages = require('../external/@socketsecurity/registry/lib/packages')
22
+ const sorts = require('../external/@socketsecurity/registry/lib/sorts')
22
23
  const path$1 = require('../external/@socketsecurity/registry/lib/path')
23
24
  const regexps = require('../external/@socketsecurity/registry/lib/regexps')
24
25
  const spawn = require('../external/@socketsecurity/registry/lib/spawn')
25
26
  const fs$2 = require('../external/@socketsecurity/registry/lib/fs')
26
27
  const shadowInject = require('./shadow-inject.js')
28
+ const strings = require('../external/@socketsecurity/registry/lib/strings')
27
29
  const objects = require('../external/@socketsecurity/registry/lib/objects')
28
30
  const registryConstants = require('../external/@socketsecurity/registry/lib/constants')
29
31
  const promises = require('../external/@socketsecurity/registry/lib/promises')
@@ -4048,16 +4050,16 @@ function normalizeFixOptions(options_) {
4048
4050
  }
4049
4051
 
4050
4052
  const { DRY_RUN_NOT_SAVING: DRY_RUN_NOT_SAVING$1, NPM: NPM$a } = constants
4051
- async function install$1(idealTree, options) {
4053
+ async function install$1(arb, options) {
4052
4054
  const { cwd = process.cwd() } = {
4053
4055
  __proto__: null,
4054
4056
  ...options
4055
4057
  }
4056
- const arb = new shadowInject.Arborist({
4058
+ const newArb = new shadowInject.Arborist({
4057
4059
  path: cwd
4058
4060
  })
4059
- arb.idealTree = idealTree
4060
- await arb.reify()
4061
+ newArb.idealTree = await arb.buildIdealTree()
4062
+ return await newArb.reify()
4061
4063
  }
4062
4064
  async function npmFix(
4063
4065
  pkgEnvDetails,
@@ -4075,8 +4077,9 @@ async function npmFix(
4075
4077
  path: rootPath,
4076
4078
  ...shadowInject.SAFE_ARBORIST_REIFY_OPTIONS_OVERRIDES
4077
4079
  })
4078
- // Calling arb.reify() creates the arb.diff object and nulls-out arb.idealTree.
4079
- await arb.reify()
4080
+ // Calling arb.reify() creates the arb.diff object, nulls-out arb.idealTree,
4081
+ // and populates arb.actualTree.
4082
+ let actualTree = await arb.reify()
4080
4083
  const alertsMap = purls.length
4081
4084
  ? await utils.getAlertsMapFromPurls(
4082
4085
  purls,
@@ -4113,7 +4116,10 @@ async function npmFix(
4113
4116
  ]
4114
4117
  spinner?.stop()
4115
4118
  let count = 0
4116
- infoByPkgNameLoop: for (const { 0: name, 1: infos } of infoByPkgName) {
4119
+ const sortedInfoEntries = [...infoByPkgName.entries()].sort((a, b) =>
4120
+ sorts.naturalCompare(a[0], b[0])
4121
+ )
4122
+ infoByPkgNameLoop: for (const { 0: name, 1: infos } of sortedInfoEntries) {
4117
4123
  logger.logger.log(`Processing vulnerable package: ${name}`)
4118
4124
  logger.logger.indent()
4119
4125
  spinner?.indent()
@@ -4140,12 +4146,14 @@ async function npmFix(
4140
4146
  ? 'root'
4141
4147
  : path.relative(rootPath, pkgPath)
4142
4148
  logger.logger.log(`Checking workspace: ${workspaceName}`)
4143
- arb.idealTree = null
4149
+
4144
4150
  // eslint-disable-next-line no-await-in-loop
4145
- await arb.buildIdealTree()
4151
+ actualTree = await install$1(arb, {
4152
+ cwd
4153
+ })
4146
4154
  const oldVersions = arrays.arrayUnique(
4147
4155
  shadowInject
4148
- .findPackageNodes(arb.idealTree, name)
4156
+ .findPackageNodes(actualTree, name)
4149
4157
  .map(n => n.target?.version ?? n.version)
4150
4158
  .filter(Boolean)
4151
4159
  )
@@ -4153,11 +4161,6 @@ async function npmFix(
4153
4161
  logger.logger.warn(
4154
4162
  `Unexpected condition: Lockfile entries not found for ${name}.\n`
4155
4163
  )
4156
- if (debug.isDebug()) {
4157
- console.dir(arb.idealTree, {
4158
- depth: 999
4159
- })
4160
- }
4161
4164
  continue
4162
4165
  }
4163
4166
 
@@ -4170,11 +4173,7 @@ async function npmFix(
4170
4173
  for (const oldVersion of oldVersions) {
4171
4174
  const oldId = `${name}@${oldVersion}`
4172
4175
  const oldPurl = utils.idToPurl(oldId)
4173
- const node = shadowInject.findPackageNode(
4174
- arb.idealTree,
4175
- name,
4176
- oldVersion
4177
- )
4176
+ const node = shadowInject.findPackageNode(actualTree, name, oldVersion)
4178
4177
  if (!node) {
4179
4178
  logger.logger.warn(
4180
4179
  `Unexpected condition: Arborist node not found, skipping ${oldId}`
@@ -4225,7 +4224,8 @@ async function npmFix(
4225
4224
  shadowInject.updateNode(node, newVersion, newVersionPackument)
4226
4225
  shadowInject.updatePackageJsonFromNode(
4227
4226
  editablePkgJson,
4228
- arb.idealTree,
4227
+ // eslint-disable-next-line no-await-in-loop
4228
+ await arb.buildIdealTree(),
4229
4229
  node,
4230
4230
  newVersion,
4231
4231
  rangeStyle
@@ -4252,7 +4252,7 @@ async function npmFix(
4252
4252
  let errored = false
4253
4253
  try {
4254
4254
  // eslint-disable-next-line no-await-in-loop
4255
- await install$1(arb.idealTree, {
4255
+ actualTree = await install$1(arb, {
4256
4256
  cwd
4257
4257
  })
4258
4258
  if (test) {
@@ -4352,10 +4352,6 @@ async function npmFix(
4352
4352
  if (isCi) {
4353
4353
  // eslint-disable-next-line no-await-in-loop
4354
4354
  await gitResetAndClean(baseBranch, cwd)
4355
- // eslint-disable-next-line no-await-in-loop
4356
- await install$1(arb.idealTree, {
4357
- cwd
4358
- })
4359
4355
  }
4360
4356
  if (errored) {
4361
4357
  if (!isCi) {
@@ -4367,10 +4363,6 @@ async function npmFix(
4367
4363
  ignoreWhitespace: true
4368
4364
  })
4369
4365
  ])
4370
- // eslint-disable-next-line no-await-in-loop
4371
- await install$1(arb.idealTree, {
4372
- cwd
4373
- })
4374
4366
  }
4375
4367
  spinner?.failAndStop(
4376
4368
  `Update failed for ${oldId} in ${workspaceName}`,
@@ -4409,6 +4401,13 @@ async function getActualTree(cwd = process.cwd()) {
4409
4401
  })
4410
4402
  return await arb.loadActual()
4411
4403
  }
4404
+ async function readLockfile(lockfilePath) {
4405
+ return fs$1.existsSync(lockfilePath)
4406
+ ? vendor.jsYaml.load(
4407
+ strings.stripBom(await utils.readFileUtf8(lockfilePath))
4408
+ )
4409
+ : null
4410
+ }
4412
4411
  async function install(pkgEnvDetails, options) {
4413
4412
  const { args, cwd, spinner } = {
4414
4413
  __proto__: null,
@@ -4429,11 +4428,6 @@ async function install(pkgEnvDetails, options) {
4429
4428
  })
4430
4429
  return await getActualTree(cwd)
4431
4430
  }
4432
- async function readLockfile(pkgPath) {
4433
- return await vendor.libExports$4.readWantedLockfile(pkgPath, {
4434
- ignoreIncompatible: false
4435
- })
4436
- }
4437
4431
  async function pnpmFix(
4438
4432
  pkgEnvDetails,
4439
4433
  { autoMerge, cwd, dryRun, limit, purls, rangeStyle, test, testScript }
@@ -4446,15 +4440,17 @@ async function pnpmFix(
4446
4440
  const { spinner } = constants
4447
4441
  const { pkgPath: rootPath } = pkgEnvDetails
4448
4442
  spinner?.start()
4449
- let lockfile = await readLockfile(rootPath)
4443
+ let actualTree
4444
+ const lockfilePath = path.join(rootPath, 'pnpm-lock.yaml')
4445
+ let lockfile = await readLockfile(lockfilePath)
4450
4446
 
4451
4447
  // If pnpm-lock.yaml does NOT exist then install with pnpm to create it.
4452
4448
  if (!lockfile) {
4453
- await install(pkgEnvDetails, {
4449
+ actualTree = await install(pkgEnvDetails, {
4454
4450
  cwd,
4455
4451
  spinner
4456
4452
  })
4457
- lockfile = await readLockfile(rootPath)
4453
+ lockfile = await readLockfile(lockfilePath)
4458
4454
  }
4459
4455
  // Update pnpm-lock.yaml if its version is older than what the installed pnpm
4460
4456
  // produces.
@@ -4463,12 +4459,12 @@ async function pnpmFix(
4463
4459
  pkgEnvDetails.agentVersion.major >= 10 &&
4464
4460
  utils.parsePnpmLockfileVersion(lockfile.lockfileVersion).major <= 6
4465
4461
  ) {
4466
- await install(pkgEnvDetails, {
4462
+ actualTree = await install(pkgEnvDetails, {
4467
4463
  args: ['--lockfile-only'],
4468
4464
  cwd,
4469
4465
  spinner
4470
4466
  })
4471
- lockfile = await readLockfile(rootPath)
4467
+ lockfile = await readLockfile(lockfilePath)
4472
4468
  }
4473
4469
  // Exit early if pnpm-lock.yaml is not found.
4474
4470
  if (!lockfile) {
@@ -4512,7 +4508,10 @@ async function pnpmFix(
4512
4508
  ]
4513
4509
  spinner?.stop()
4514
4510
  let count = 0
4515
- infoByPkgNameLoop: for (const { 0: name, 1: infos } of infoByPkgName) {
4511
+ const sortedInfoEntries = [...infoByPkgName.entries()].sort((a, b) =>
4512
+ sorts.naturalCompare(a[0], b[0])
4513
+ )
4514
+ infoByPkgNameLoop: for (const { 0: name, 1: infos } of sortedInfoEntries) {
4516
4515
  logger.logger.log(`Processing vulnerable package: ${name}`)
4517
4516
  logger.logger.indent()
4518
4517
  spinner?.indent()
@@ -4541,22 +4540,20 @@ async function pnpmFix(
4541
4540
  logger.logger.log(`Checking workspace: ${workspaceName}`)
4542
4541
 
4543
4542
  // eslint-disable-next-line no-await-in-loop
4544
- let actualTree = await getActualTree(cwd)
4543
+ actualTree = await install(pkgEnvDetails, {
4544
+ cwd,
4545
+ spinner
4546
+ })
4545
4547
  const oldVersions = arrays.arrayUnique(
4546
4548
  shadowInject
4547
4549
  .findPackageNodes(actualTree, name)
4548
- .map(n => n.target?.version ?? n.version)
4550
+ .map(n => n.version)
4549
4551
  .filter(Boolean)
4550
4552
  )
4551
4553
  if (!oldVersions.length) {
4552
4554
  logger.logger.warn(
4553
4555
  `Unexpected condition: Lockfile entries not found for ${name}.\n`
4554
4556
  )
4555
- if (debug.isDebug()) {
4556
- console.dir(actualTree, {
4557
- depth: 999
4558
- })
4559
- }
4560
4557
  continue
4561
4558
  }
4562
4559
 
@@ -4779,11 +4776,6 @@ async function pnpmFix(
4779
4776
  if (isCi) {
4780
4777
  // eslint-disable-next-line no-await-in-loop
4781
4778
  await gitResetAndClean(baseBranch, cwd)
4782
- // eslint-disable-next-line no-await-in-loop
4783
- actualTree = await install(pkgEnvDetails, {
4784
- cwd,
4785
- spinner
4786
- })
4787
4779
  }
4788
4780
  if (errored) {
4789
4781
  if (!isCi) {
@@ -4795,11 +4787,6 @@ async function pnpmFix(
4795
4787
  ignoreWhitespace: true
4796
4788
  })
4797
4789
  ])
4798
- // eslint-disable-next-line no-await-in-loop
4799
- actualTree = await install(pkgEnvDetails, {
4800
- cwd,
4801
- spinner
4802
- })
4803
4790
  }
4804
4791
  spinner?.failAndStop(
4805
4792
  `Update failed for ${oldId} in ${workspaceName}`,
@@ -12369,5 +12356,5 @@ void (async () => {
12369
12356
  await utils.captureException(e)
12370
12357
  }
12371
12358
  })()
12372
- //# debugId=481bc06b-e0e9-407e-a853-42da3bb2abbb
12359
+ //# debugId=dea4f491-8a2b-49bf-8e18-2cf5743e0432
12373
12360
  //# sourceMappingURL=cli.js.map