@socketsecurity/cli-with-sentry 0.15.9 → 0.15.11

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (15) hide show
  1. package/dist/.config/tsconfig.dts.tsbuildinfo +1 -1
  2. package/dist/cli.js +81 -34
  3. package/dist/cli.js.map +1 -1
  4. package/dist/constants.js +5 -3
  5. package/dist/constants.js.map +1 -1
  6. package/dist/shadow-inject.js +7 -3
  7. package/dist/shadow-inject.js.map +1 -1
  8. package/dist/types/commands/fix/npm-fix.d.mts.map +1 -1
  9. package/dist/types/commands/fix/pnpm-fix.d.mts.map +1 -1
  10. package/dist/types/shadow/npm/arborist-helpers.d.mts.map +1 -1
  11. package/external/@socketsecurity/registry/lib/logger.d.ts +3 -1
  12. package/external/@socketsecurity/registry/lib/logger.js +16 -0
  13. package/external/@socketsecurity/registry/lib/spinner.js +5 -1
  14. package/external/@socketsecurity/registry/package.json +2 -2
  15. package/package.json +5 -5
package/dist/cli.js CHANGED
@@ -4059,7 +4059,9 @@ async function install$1(arb, options) {
4059
4059
  path: cwd
4060
4060
  })
4061
4061
  newArb.idealTree = await arb.buildIdealTree()
4062
- return await newArb.reify()
4062
+ const actualTree = await newArb.reify()
4063
+ arb.actualTree = actualTree
4064
+ return actualTree
4063
4065
  }
4064
4066
  async function npmFix(
4065
4067
  pkgEnvDetails,
@@ -4119,7 +4121,13 @@ async function npmFix(
4119
4121
  const sortedInfoEntries = [...infoByPkgName.entries()].sort((a, b) =>
4120
4122
  sorts.naturalCompare(a[0], b[0])
4121
4123
  )
4122
- infoByPkgNameLoop: for (const { 0: name, 1: infos } of sortedInfoEntries) {
4124
+ infoEntriesLoop: for (
4125
+ let i = 0, { length } = sortedInfoEntries;
4126
+ i < length;
4127
+ i += 1
4128
+ ) {
4129
+ const { 0: name, 1: infos } = sortedInfoEntries[i]
4130
+ const isLastInfoEntry = i === length - 1
4123
4131
  logger.logger.log(`Processing vulnerable package: ${name}`)
4124
4132
  logger.logger.indent()
4125
4133
  spinner?.indent()
@@ -4134,11 +4142,11 @@ async function npmFix(
4134
4142
  )
4135
4143
  logger.logger.dedent()
4136
4144
  spinner?.dedent()
4137
- continue
4145
+ continue infoEntriesLoop
4138
4146
  }
4139
4147
  const availableVersions = Object.keys(packument.versions)
4140
4148
  const warningsForAfter = new Set()
4141
- for (const pkgJsonPath of pkgJsonPaths) {
4149
+ pkgJsonPathsLoop: for (const pkgJsonPath of pkgJsonPaths) {
4142
4150
  const pkgPath = path.dirname(pkgJsonPath)
4143
4151
  const isWorkspaceRoot =
4144
4152
  pkgJsonPath === pkgEnvDetails.editablePkgJson.filename
@@ -4146,6 +4154,7 @@ async function npmFix(
4146
4154
  ? 'root'
4147
4155
  : path.relative(rootPath, pkgPath)
4148
4156
  logger.logger.log(`Checking workspace: ${workspaceName}`)
4157
+ const workspaceLogCallCount = logger.logger.logCallCount
4149
4158
 
4150
4159
  // eslint-disable-next-line no-await-in-loop
4151
4160
  actualTree = await install$1(arb, {
@@ -4161,7 +4170,7 @@ async function npmFix(
4161
4170
  logger.logger.warn(
4162
4171
  `Unexpected condition: Lockfile entries not found for ${name}.\n`
4163
4172
  )
4164
- continue
4173
+ continue pkgJsonPathsLoop
4165
4174
  }
4166
4175
 
4167
4176
  // Always re-read the editable package.json to avoid stale mutations
@@ -4170,7 +4179,7 @@ async function npmFix(
4170
4179
  const editablePkgJson = await packages.readPackageJson(pkgJsonPath, {
4171
4180
  editable: true
4172
4181
  })
4173
- for (const oldVersion of oldVersions) {
4182
+ oldVersionsLoop: for (const oldVersion of oldVersions) {
4174
4183
  const oldId = `${name}@${oldVersion}`
4175
4184
  const oldPurl = utils.idToPurl(oldId)
4176
4185
  const node = shadowInject.findPackageNode(actualTree, name, oldVersion)
@@ -4178,9 +4187,9 @@ async function npmFix(
4178
4187
  logger.logger.warn(
4179
4188
  `Unexpected condition: Arborist node not found, skipping ${oldId}`
4180
4189
  )
4181
- continue
4190
+ continue oldVersionsLoop
4182
4191
  }
4183
- for (const {
4192
+ infosLoop: for (const {
4184
4193
  firstPatchedVersionIdentifier,
4185
4194
  vulnerableVersionRange
4186
4195
  } of infos.values()) {
@@ -4196,7 +4205,7 @@ async function npmFix(
4196
4205
  warningsForAfter.add(
4197
4206
  `No update applied. ${oldId} needs >=${firstPatchedVersionIdentifier}`
4198
4207
  )
4199
- continue
4208
+ continue infosLoop
4200
4209
  }
4201
4210
  const newVersionRange = utils.applyRange(
4202
4211
  oldVersion,
@@ -4243,8 +4252,12 @@ async function npmFix(
4243
4252
  if (isCi) {
4244
4253
  // eslint-disable-next-line no-await-in-loop
4245
4254
  await gitResetAndClean(baseBranch, cwd)
4255
+ // eslint-disable-next-line no-await-in-loop
4256
+ actualTree = await install$1(arb, {
4257
+ cwd
4258
+ })
4246
4259
  }
4247
- continue
4260
+ continue infosLoop
4248
4261
  }
4249
4262
  spinner?.start()
4250
4263
  spinner?.info(`Installing ${newId} in ${workspaceName}`)
@@ -4281,14 +4294,14 @@ async function npmFix(
4281
4294
  debug.debugLog(
4282
4295
  `Branch "${branch}" exists, skipping PR creation.`
4283
4296
  )
4284
- continue
4297
+ continue infosLoop
4285
4298
  }
4286
4299
  // eslint-disable-next-line no-await-in-loop
4287
4300
  if (await gitRemoteBranchExists(branch, cwd)) {
4288
4301
  debug.debugLog(
4289
4302
  `Remote branch "${branch}" exists, skipping PR creation.`
4290
4303
  )
4291
- continue
4304
+ continue infosLoop
4292
4305
  }
4293
4306
  const moddedFilepaths =
4294
4307
  // eslint-disable-next-line no-await-in-loop
@@ -4303,7 +4316,7 @@ async function npmFix(
4303
4316
  logger.logger.warn(
4304
4317
  'Unexpected condition: Nothing to commit, skipping PR creation.'
4305
4318
  )
4306
- continue
4319
+ continue infosLoop
4307
4320
  }
4308
4321
  if (
4309
4322
  // eslint-disable-next-line no-await-in-loop
@@ -4317,7 +4330,7 @@ async function npmFix(
4317
4330
  logger.logger.warn(
4318
4331
  'Unexpected condition: Push failed, skipping PR creation.'
4319
4332
  )
4320
- continue
4333
+ continue infosLoop
4321
4334
  }
4322
4335
  // eslint-disable-next-line no-await-in-loop
4323
4336
  await cleanupOpenPrs(owner, repo, oldPurl, newVersion, {
@@ -4352,6 +4365,10 @@ async function npmFix(
4352
4365
  if (isCi) {
4353
4366
  // eslint-disable-next-line no-await-in-loop
4354
4367
  await gitResetAndClean(baseBranch, cwd)
4368
+ // eslint-disable-next-line no-await-in-loop
4369
+ actualTree = await install$1(arb, {
4370
+ cwd
4371
+ })
4355
4372
  }
4356
4373
  if (errored) {
4357
4374
  if (!isCi) {
@@ -4363,6 +4380,10 @@ async function npmFix(
4363
4380
  ignoreWhitespace: true
4364
4381
  })
4365
4382
  ])
4383
+ // eslint-disable-next-line no-await-in-loop
4384
+ actualTree = await install$1(arb, {
4385
+ cwd
4386
+ })
4366
4387
  }
4367
4388
  spinner?.failAndStop(
4368
4389
  `Update failed for ${oldId} in ${workspaceName}`,
@@ -4370,16 +4391,18 @@ async function npmFix(
4370
4391
  )
4371
4392
  }
4372
4393
  if (++count >= limit) {
4373
- break infoByPkgNameLoop
4394
+ break infoEntriesLoop
4374
4395
  }
4375
4396
  }
4376
4397
  }
4377
- logger.logger.log('')
4398
+ if (logger.logger.logCallCount > workspaceLogCallCount) {
4399
+ logger.logger.log('')
4400
+ }
4378
4401
  }
4379
4402
  for (const warningText of warningsForAfter) {
4380
4403
  logger.logger.warn(warningText)
4381
4404
  }
4382
- if (warningsForAfter.size) {
4405
+ if (!isLastInfoEntry) {
4383
4406
  logger.logger.log('')
4384
4407
  }
4385
4408
  logger.logger.dedent()
@@ -4511,7 +4534,13 @@ async function pnpmFix(
4511
4534
  const sortedInfoEntries = [...infoByPkgName.entries()].sort((a, b) =>
4512
4535
  sorts.naturalCompare(a[0], b[0])
4513
4536
  )
4514
- infoByPkgNameLoop: for (const { 0: name, 1: infos } of sortedInfoEntries) {
4537
+ infoEntriesLoop: for (
4538
+ let i = 0, { length } = sortedInfoEntries;
4539
+ i < length;
4540
+ i += 1
4541
+ ) {
4542
+ const { 0: name, 1: infos } = sortedInfoEntries[i]
4543
+ const isLastInfoEntry = i === length - 1
4515
4544
  logger.logger.log(`Processing vulnerable package: ${name}`)
4516
4545
  logger.logger.indent()
4517
4546
  spinner?.indent()
@@ -4526,11 +4555,11 @@ async function pnpmFix(
4526
4555
  )
4527
4556
  logger.logger.dedent()
4528
4557
  spinner?.dedent()
4529
- continue
4558
+ continue infoEntriesLoop
4530
4559
  }
4531
4560
  const availableVersions = Object.keys(packument.versions)
4532
4561
  const warningsForAfter = new Set()
4533
- for (const pkgJsonPath of pkgJsonPaths) {
4562
+ pkgJsonPathsLoop: for (const pkgJsonPath of pkgJsonPaths) {
4534
4563
  const pkgPath = path.dirname(pkgJsonPath)
4535
4564
  const isWorkspaceRoot =
4536
4565
  pkgJsonPath === pkgEnvDetails.editablePkgJson.filename
@@ -4538,6 +4567,7 @@ async function pnpmFix(
4538
4567
  ? 'root'
4539
4568
  : path.relative(rootPath, pkgPath)
4540
4569
  logger.logger.log(`Checking workspace: ${workspaceName}`)
4570
+ const workspaceLogCallCount = logger.logger.logCallCount
4541
4571
 
4542
4572
  // eslint-disable-next-line no-await-in-loop
4543
4573
  actualTree = await install(pkgEnvDetails, {
@@ -4554,7 +4584,7 @@ async function pnpmFix(
4554
4584
  logger.logger.warn(
4555
4585
  `Unexpected condition: Lockfile entries not found for ${name}.\n`
4556
4586
  )
4557
- continue
4587
+ continue pkgJsonPathsLoop
4558
4588
  }
4559
4589
 
4560
4590
  // Always re-read the editable package.json to avoid stale mutations
@@ -4566,7 +4596,7 @@ async function pnpmFix(
4566
4596
  // Get current overrides for revert logic
4567
4597
  const oldPnpmSection = editablePkgJson.content[PNPM$7]
4568
4598
  const oldOverrides = oldPnpmSection?.[OVERRIDES$2]
4569
- for (const oldVersion of oldVersions) {
4599
+ oldVersionsLoop: for (const oldVersion of oldVersions) {
4570
4600
  const oldId = `${name}@${oldVersion}`
4571
4601
  const oldPurl = utils.idToPurl(oldId)
4572
4602
  const node = shadowInject.findPackageNode(actualTree, name, oldVersion)
@@ -4574,9 +4604,9 @@ async function pnpmFix(
4574
4604
  logger.logger.warn(
4575
4605
  `Unexpected condition: Arborist node not found, skipping ${oldId}`
4576
4606
  )
4577
- continue
4607
+ continue oldVersionsLoop
4578
4608
  }
4579
- for (const {
4609
+ infosLoop: for (const {
4580
4610
  firstPatchedVersionIdentifier,
4581
4611
  vulnerableVersionRange
4582
4612
  } of infos.values()) {
@@ -4592,7 +4622,7 @@ async function pnpmFix(
4592
4622
  warningsForAfter.add(
4593
4623
  `No update applied. ${oldId} needs >=${firstPatchedVersionIdentifier}`
4594
4624
  )
4595
- continue
4625
+ continue infosLoop
4596
4626
  }
4597
4627
  const overrideKey = `${name}@${vulnerableVersionRange}`
4598
4628
  const newVersionRange = utils.applyRange(
@@ -4666,8 +4696,13 @@ async function pnpmFix(
4666
4696
  if (isCi) {
4667
4697
  // eslint-disable-next-line no-await-in-loop
4668
4698
  await gitResetAndClean(baseBranch, cwd)
4699
+ // eslint-disable-next-line no-await-in-loop
4700
+ actualTree = await install(pkgEnvDetails, {
4701
+ cwd,
4702
+ spinner
4703
+ })
4669
4704
  }
4670
- continue
4705
+ continue infosLoop
4671
4706
  }
4672
4707
  spinner?.start()
4673
4708
  spinner?.info(`Installing ${newId} in ${workspaceName}`)
@@ -4706,14 +4741,14 @@ async function pnpmFix(
4706
4741
  debug.debugLog(
4707
4742
  `Branch "${branch}" exists, skipping PR creation.`
4708
4743
  )
4709
- continue
4744
+ continue infosLoop
4710
4745
  }
4711
4746
  // eslint-disable-next-line no-await-in-loop
4712
4747
  if (await gitRemoteBranchExists(branch, cwd)) {
4713
4748
  debug.debugLog(
4714
4749
  `Remote branch "${branch}" exists, skipping PR creation.`
4715
4750
  )
4716
- continue
4751
+ continue infosLoop
4717
4752
  }
4718
4753
  const moddedFilepaths =
4719
4754
  // eslint-disable-next-line no-await-in-loop
@@ -4727,7 +4762,7 @@ async function pnpmFix(
4727
4762
  logger.logger.warn(
4728
4763
  'Unexpected condition: Nothing to commit, skipping PR creation.'
4729
4764
  )
4730
- continue
4765
+ continue infosLoop
4731
4766
  }
4732
4767
  if (
4733
4768
  // eslint-disable-next-line no-await-in-loop
@@ -4741,7 +4776,7 @@ async function pnpmFix(
4741
4776
  logger.logger.warn(
4742
4777
  'Unexpected condition: Push failed, skipping PR creation.'
4743
4778
  )
4744
- continue
4779
+ continue infosLoop
4745
4780
  }
4746
4781
  // eslint-disable-next-line no-await-in-loop
4747
4782
  await cleanupOpenPrs(owner, repo, oldPurl, newVersion, {
@@ -4776,6 +4811,11 @@ async function pnpmFix(
4776
4811
  if (isCi) {
4777
4812
  // eslint-disable-next-line no-await-in-loop
4778
4813
  await gitResetAndClean(baseBranch, cwd)
4814
+ // eslint-disable-next-line no-await-in-loop
4815
+ actualTree = await install(pkgEnvDetails, {
4816
+ cwd,
4817
+ spinner
4818
+ })
4779
4819
  }
4780
4820
  if (errored) {
4781
4821
  if (!isCi) {
@@ -4787,6 +4827,11 @@ async function pnpmFix(
4787
4827
  ignoreWhitespace: true
4788
4828
  })
4789
4829
  ])
4830
+ // eslint-disable-next-line no-await-in-loop
4831
+ actualTree = await install(pkgEnvDetails, {
4832
+ cwd,
4833
+ spinner
4834
+ })
4790
4835
  }
4791
4836
  spinner?.failAndStop(
4792
4837
  `Update failed for ${oldId} in ${workspaceName}`,
@@ -4794,16 +4839,18 @@ async function pnpmFix(
4794
4839
  )
4795
4840
  }
4796
4841
  if (++count >= limit) {
4797
- break infoByPkgNameLoop
4842
+ break infoEntriesLoop
4798
4843
  }
4799
4844
  }
4800
4845
  }
4801
- logger.logger.log('')
4846
+ if (logger.logger.logCallCount > workspaceLogCallCount) {
4847
+ logger.logger.log('')
4848
+ }
4802
4849
  }
4803
4850
  for (const warningText of warningsForAfter) {
4804
4851
  logger.logger.warn(warningText)
4805
4852
  }
4806
- if (warningsForAfter.size) {
4853
+ if (!isLastInfoEntry) {
4807
4854
  logger.logger.log('')
4808
4855
  }
4809
4856
  logger.logger.dedent()
@@ -12356,5 +12403,5 @@ void (async () => {
12356
12403
  await utils.captureException(e)
12357
12404
  }
12358
12405
  })()
12359
- //# debugId=dea4f491-8a2b-49bf-8e18-2cf5743e0432
12406
+ //# debugId=55747463-2478-4bf7-b270-e981f6a95bd1
12360
12407
  //# sourceMappingURL=cli.js.map