@socketsecurity/cli-with-sentry 1.0.0 → 1.0.2

package/dist/utils.js

@@ -279,7 +279,7 @@ function safeReadFileSync(filepath, options) {
 }
 
 const sensitiveConfigKeys = new Set(['apiToken']);
-const supportedConfigKeys = new Map([['apiBaseUrl', 'Base URL of the API endpoint'], ['apiProxy', 'A proxy through which to access the API'], ['apiToken', 'The API token required to access most API endpoints'], ['defaultOrg', 'The default org slug to use; usually the org your API token has access to. When set, all orgSlug arguments are implied to be this value.'], ['enforcedOrgs', 'Orgs in this list have their security policies enforced on this machine'], ['org', 'Alias for defaultOrg']]);
+const supportedConfigKeys = new Map([['apiBaseUrl', 'Base URL of the API endpoint'], ['apiProxy', 'A proxy through which to access the API'], ['apiToken', 'The API token required to access most API endpoints'], ['defaultOrg', 'The default org slug to use; usually the org your API token has access to. When set, all orgSlug arguments are implied to be this value.'], ['enforcedOrgs', 'Orgs in this list have their security policies enforced on this machine'], ['skipAskToPersistDefaultOrg', 'This flag prevents the CLI from asking you to persist the org slug when you selected one interactively'], ['org', 'Alias for defaultOrg']]);
 function getConfigValues() {
   if (_cachedConfig === undefined) {
     // Order: env var > --config flag > file
@@ -435,17 +435,31 @@ function overrideConfigApiToken(apiToken) {
   _readOnlyConfig = true;
 }
 let _pendingSave = false;
-function updateConfigValue(key, value) {
+function updateConfigValue(configKey, value) {
   const localConfig = getConfigValues();
-  const keyResult = normalizeConfigKey(key);
+  const keyResult = normalizeConfigKey(configKey);
   if (!keyResult.ok) {
     return keyResult;
   }
-  localConfig[keyResult.data] = value;
+  const key = keyResult.data;
+  let wasDeleted = value === undefined; // implicitly when serializing
+  if (key === 'skipAskToPersistDefaultOrg') {
+    if (value === 'true' || value === 'false') {
+      localConfig['skipAskToPersistDefaultOrg'] = value === 'true';
+    } else {
+      delete localConfig['skipAskToPersistDefaultOrg'];
+      wasDeleted = true;
+    }
+  } else {
+    if (value === 'undefined' || value === 'true' || value === 'false') {
+      logger.logger.warn(`Note: The value is set to "${value}", as a string (!). Use \`socket config unset\` to reset a key.`);
+    }
+    localConfig[key] = value;
+  }
   if (_readOnlyConfig) {
     return {
       ok: true,
-      message: `Config key '${keyResult.data}' was updated`,
+      message: `Config key '${key}' was ${wasDeleted ? 'deleted' : `updated`}`,
       data: 'Change applied but not persisted; current config is overridden through env var or flag'
     };
   }
@@ -464,7 +478,7 @@ function updateConfigValue(key, value) {
   }
   return {
     ok: true,
-    message: `Config key '${keyResult.data}' was updated`,
+    message: `Config key '${key}' was ${wasDeleted ? 'deleted' : `updated`}`,
     data: undefined
   };
 }
@@ -1153,6 +1167,7 @@ async function meowWithSubcommands(subcommands, options) {
     // Plus, if we allow this then meow() can just exit here.
     autoHelp: false
   });
+  const orgFlag = String(cli1.flags['org'] || '') || undefined;
 
   // Hard override the config if instructed to do so.
   // The env var overrides the --flag, which overrides the persisted config
@@ -1182,7 +1197,8 @@ async function meowWithSubcommands(subcommands, options) {
     }
   }
   if (configOverrideResult?.ok === false) {
-    emitBanner(name);
+    emitBanner(name, orgFlag);
+    logger.logger.error(''); // spacing in stderr
     logger.logger.fail(configOverrideResult.message);
     process.exitCode = 2;
     return;
@@ -1283,8 +1299,7 @@ async function meowWithSubcommands(subcommands, options) {
   const cli2 = vendor.meow(`
     Usage
       $ ${name} <command>
-
-${isRootCommand ? '' : '    Commands'}
+${isRootCommand ? '' : '\n    Commands'}
       ${formatCommandsForHelp(isRootCommand)}
 
 ${isRootCommand ? '    Options' : '    Options'}${isRootCommand ? '       (Note: all CLI commands have these flags even when not displayed in their help)\n' : ''}
@@ -1310,7 +1325,8 @@ ${isRootCommand ? `      $ ${name} scan create --json` : ''}${isRootCommand ? `\
 
   // ...else we provide basic instructions and help.
   if (!cli2.flags['nobanner']) {
-    emitBanner(name);
+    emitBanner(name, orgFlag);
+    // meow will add newline so don't add stderr spacing here
   }
   if (!cli2.flags['help'] && cli2.flags['dryRun']) {
     process.exitCode = 0;
@@ -1349,7 +1365,9 @@ function meowOrExit({
     autoHelp: false // meow will exit(0) before printing the banner
   });
   if (!cli.flags['nobanner']) {
-    emitBanner(command);
+    emitBanner(command, String(cli.flags['org'] || '') || undefined);
+    // Add spacing in stderr. meow.help adds a newline too so we do it here
+    logger.logger.error('');
   }
 
   // As per https://github.com/sindresorhus/meow/issues/178
@@ -1390,7 +1408,7 @@ function meowOrExit({
   process.exitCode = 0;
   return cli;
 }
-function emitBanner(name) {
+function emitBanner(name, orgFlag) {
   // Print a banner at the top of each command.
   // This helps with brand recognition and marketing.
   // It also helps with debugging since it contains version and command details.
@@ -1399,9 +1417,9 @@ function emitBanner(name) {
   //       and pipe the result to other tools. By emitting the banner over stderr
   //       you can do something like `socket scan view xyz | jq | process`.
   //       The spinner also emits over stderr for example.
-  logger.logger.error(getAsciiHeader(name));
+  logger.logger.error(getAsciiHeader(name, orgFlag));
 }
-function getAsciiHeader(command) {
+function getAsciiHeader(command, orgFlag) {
   // Note: In tests we return <redacted> because otherwise snapshots will fail.
   const {
     REDACTED
@@ -1414,13 +1432,19 @@ function getAsciiHeader(command) {
   const nodeVersion = redacting ? REDACTED : process.version;
   const defaultOrg = getConfigValueOrUndef('defaultOrg');
   const readOnlyConfig = isReadOnlyConfig() ? '*' : '.';
-  const shownToken = redacting ? REDACTED : getVisibleTokenPrefix() || 'no';
+  const shownToken = redacting ? REDACTED : getVisibleTokenPrefix() || '(not set)';
   const relCwd = redacting ? REDACTED : path$1.normalizePath(tildify(process.cwd()));
+  // Note: we must redact org when creating snapshots because dev machine probably
+  //       has a default org set but CI won't. Showing --org is fine either way.
+  const orgPart = orgFlag ? `--org: ${orgFlag}` : redacting ? 'org: <redacted>' : defaultOrg ? `default org: ${defaultOrg}` : '(org not set)';
+  // Note: We could draw these with ascii box art instead but I worry about
+  //       portability and paste-ability. "simple" ascii chars just work.
   const body = `
    _____         _       _        /---------------
   |   __|___ ___| |_ ___| |_      | Socket.dev CLI ver ${cliVersion}
-  |__   | ${readOnlyConfig} |  _| '_| -_|  _|     | Node: ${nodeVersion}, API token set: ${shownToken}${defaultOrg ? `, org: ${redacting ? REDACTED : defaultOrg}` : ''}
-  |_____|___|___|_,_|___|_|.dev   | Command: \`${command}\`, cwd: ${relCwd}`.trimStart();
+  |__   | ${readOnlyConfig} |  _| '_| -_|  _|     | Node: ${nodeVersion}, API token: ${shownToken}, ${orgPart}
+  |_____|___|___|_,_|___|_|.dev   | Command: \`${command}\`, cwd: ${relCwd}
+  `.trim();
   return `   ${body}`; // Note: logger will auto-append a newline
 }
 
@@ -1472,6 +1496,9 @@ async function suggestOrgSlug() {
         description: 'Do not use any of these organizations (will end in a no-op)'
       }]
     });
+    if (proceed === undefined) {
+      return undefined;
+    }
     if (proceed) {
       return proceed;
     }
@@ -1480,19 +1507,76 @@ async function suggestOrgSlug() {
   }
 }
 
+async function suggestToPersistOrgSlug(orgSlug) {
+  const skipAsk = getConfigValue('skipAskToPersistDefaultOrg');
+  if (!skipAsk.ok || skipAsk.data) {
+    // Don't ask to store it when disabled before, or when reading config fails.
+    return;
+  }
+  const result = await prompts.select({
+    message: `Would you like to use this org (${orgSlug}) as the default org for future calls?`,
+    choices: [{
+      name: 'Yes',
+      value: 'yes',
+      description: 'Stores it in your config'
+    }, {
+      name: 'No',
+      value: 'no',
+      description: 'Do not persist this org as default org'
+    }, {
+      name: "No and don't ask again",
+      value: 'sush',
+      description: 'Do not store as default org and do not ask again to persist it'
+    }]
+  });
+  if (result === 'yes') {
+    const updateResult = updateConfigValue('defaultOrg', orgSlug);
+    if (updateResult.ok) {
+      logger.logger.success('Updated default org config to:', orgSlug);
+    } else {
+      logger.logger.fail('(Non blocking) Failed to update default org in config:', updateResult.cause);
+    }
+  } else if (result === 'sush') {
+    const updateResult = updateConfigValue('skipAskToPersistDefaultOrg', true);
+    if (updateResult.ok) {
+      logger.logger.info('Default org not changed. Will not ask to persist again.');
+    } else {
+      logger.logger.fail(`(Non blocking) Failed to store preference; will ask to persist again next time. Reason: ${updateResult.cause}`);
+    }
+  }
+}
+
 async function determineOrgSlug(orgFlag, interactive, dryRun) {
   const defaultOrgSlug = getConfigValueOrUndef('defaultOrg');
   let orgSlug = String(orgFlag || defaultOrgSlug || '');
   if (!orgSlug) {
+    if (!interactive) {
+      logger.logger.warn('Note: This command requires an org slug because the remote API endpoint does.');
+      logger.logger.warn('');
+      logger.logger.warn('It seems no default org was setup and the `--org` flag was not used.');
+      logger.logger.warn("Additionally, `--no-interactive` was set so we can't ask for it.");
+      logger.logger.warn('Since v1.0.0 the org _argument_ for all commands was dropped in favor of an');
+      logger.logger.warn('implicit default org setting, which will be setup when you run `socket login`.');
+      logger.logger.warn('');
+      logger.logger.warn('Note: When running in CI, you probably want to set the `--org` flag.');
+      logger.logger.warn('');
+      logger.logger.warn('For details, see: https://docs.socket.dev/docs/v1-migration-guide');
+      logger.logger.warn('');
+      logger.logger.warn('This command will exit now because the org slug is required to proceed.');
+      return ['', undefined];
+    }
+
     // ask from server
-    logger.logger.warn('Missing the org slug and no --org flag set. Trying to auto-discover the org now...');
-    logger.logger.info('Note: you can set the default org slug to prevent this issue. You can also override all that with the --org flag.');
+    logger.logger.warn('Unable to determine the target org. Trying to auto-discover it now...');
+    logger.logger.info('Note: you can run `socket login` to set a default org. You can also override it with the --org flag.');
+    logger.logger.error(''); // spacing in stderr
     if (dryRun) {
       logger.logger.fail('Skipping auto-discovery of org in dry-run mode');
-    } else if (!interactive) {
-      logger.logger.fail('Skipping auto-discovery of org when interactive = false');
     } else {
       orgSlug = (await suggestOrgSlug()) || '';
+      if (orgSlug) {
+        await suggestToPersistOrgSlug(orgSlug);
+      }
     }
   }
   return [orgSlug, defaultOrgSlug];
@@ -1906,7 +1990,7 @@ class ColorOrMarkdown {
   }
 }
 
-const RangeStyles = ['caret', 'gt', 'lt', 'pin', 'preserve', 'tilde'];
+const RangeStyles = ['caret', 'gt', 'gte', 'lt', 'lte', 'pin', 'preserve', 'tilde'];
 function applyRange(refRange, version, style = 'preserve') {
   switch (style) {
     case 'caret':
@@ -2400,7 +2484,7 @@ function idToPurl(id, type) {
   return `pkg:${type}/${id}`;
 }
 
-function extractOverridesFromPnpmLockfileContent(lockfileContent) {
+function extractOverridesFromPnpmLockSrc(lockfileContent) {
   return typeof lockfileContent === 'string' ? /^overrides:(\r?\n {2}.+)+(?:\r?\n)*/m.exec(lockfileContent)?.[0] ?? '' : '';
 }
 async function extractPurlsFromPnpmLockfile(lockfile) {
@@ -2450,9 +2534,6 @@ function parsePnpmLockfileVersion(version) {
   } catch {}
   return null;
 }
-async function readPnpmLockfile(lockfilePath) {
-  return fs.existsSync(lockfilePath) ? await readFileUtf8(lockfilePath) : null;
-}
 function stripLeadingPnpmDepPathSlash(depPath) {
   return isPnpmDepPath(depPath) ? depPath.slice(1) : depPath;
 }
@@ -2560,6 +2641,10 @@ function npa(...args) {
   return null;
 }
 
+async function readLockfile(lockfilePath) {
+  return fs.existsSync(lockfilePath) ? await readFileUtf8(lockfilePath) : null;
+}
+
 const helpFlags = new Set(['--help', '-h']);
 function cmdFlagsToString(args) {
   const result = [];
@@ -2578,6 +2663,15 @@ function cmdFlagsToString(args) {
   }
   return result.join(' ');
 }
+function cmdFlagValueToArray(flagValue) {
+  if (typeof flagValue === 'string') {
+    return flagValue.trim().split(/, */);
+  }
+  if (Array.isArray(flagValue)) {
+    return flagValue.flatMap(v => v.split(/, */));
+  }
+  return [];
+}
 function cmdPrefixMessage(cmdName, text) {
   const cmdPrefix = cmdName ? `${cmdName}: ` : '';
   return `${cmdPrefix}${text}`;
@@ -2711,6 +2805,41 @@ function runAgentInstall(pkgEnvDetails, options) {
   });
 }
 
+async function spawnCoana(args, options, extra) {
+  const {
+    env: optionsEnv
+  } = {
+    __proto__: null,
+    ...options
+  };
+  try {
+    const output = await spawn.spawn(constants.execPath, [
+    // Lazily access constants.nodeNoWarningsFlags.
+    ...constants.nodeNoWarningsFlags,
+    // Lazily access constants.coanaBinPath.
+    constants.coanaBinPath, ...args], {
+      ...options,
+      env: {
+        ...process.env,
+        ...optionsEnv,
+        SOCKET_CLI_API_BASE_URL: constants.ENV.SOCKET_CLI_API_BASE_URL || undefined,
+        SOCKET_CLI_API_TOKEN: getDefaultToken()
+      }
+    }, extra);
+    return {
+      ok: true,
+      data: output.stdout.trim()
+    };
+  } catch (e) {
+    const message = e?.stdout ?? e?.message;
+    return {
+      ok: false,
+      data: e,
+      message
+    };
+  }
+}
+
 const {
   BINARY_LOCK_EXT,
   BUN,
@@ -3109,13 +3238,14 @@ exports.RangeStyles = RangeStyles;
 exports.applyRange = applyRange;
 exports.captureException = captureException;
 exports.checkCommandInput = checkCommandInput;
+exports.cmdFlagValueToArray = cmdFlagValueToArray;
 exports.cmdFlagsToString = cmdFlagsToString;
 exports.cmdPrefixMessage = cmdPrefixMessage;
 exports.commonFlags = commonFlags;
 exports.createEnum = createEnum;
 exports.detectAndValidatePackageEnvironment = detectAndValidatePackageEnvironment;
 exports.determineOrgSlug = determineOrgSlug;
-exports.extractOverridesFromPnpmLockfileContent = extractOverridesFromPnpmLockfileContent;
+exports.extractOverridesFromPnpmLockSrc = extractOverridesFromPnpmLockSrc;
 exports.failMsgWithBadge = failMsgWithBadge;
 exports.getAlertsMapFromPnpmLockfile = getAlertsMapFromPnpmLockfile;
 exports.getAlertsMapFromPurls = getAlertsMapFromPurls;
@@ -3123,7 +3253,6 @@ exports.getBashrcDetails = getBashrcDetails;
 exports.getConfigValue = getConfigValue;
 exports.getConfigValueOrUndef = getConfigValueOrUndef;
 exports.getCveInfoFromAlertsMap = getCveInfoFromAlertsMap;
-exports.getDefaultToken = getDefaultToken;
 exports.getFlagListOutput = getFlagListOutput;
 exports.getMajor = getMajor;
 exports.getMinVersion = getMinVersion;
@@ -3160,8 +3289,8 @@ exports.parsePnpmLockfile = parsePnpmLockfile;
 exports.parsePnpmLockfileVersion = parsePnpmLockfileVersion;
 exports.queryApiSafeJson = queryApiSafeJson;
 exports.queryApiSafeText = queryApiSafeText;
+exports.readLockfile = readLockfile;
 exports.readOrDefaultSocketJson = readOrDefaultSocketJson;
-exports.readPnpmLockfile = readPnpmLockfile;
 exports.readSocketJson = readSocketJson;
 exports.removeNodeModules = removeNodeModules;
 exports.runAgentInstall = runAgentInstall;
@@ -3169,11 +3298,12 @@ exports.safeReadFile = safeReadFile;
 exports.sensitiveConfigKeys = sensitiveConfigKeys;
 exports.serializeResultJson = serializeResultJson;
 exports.setupSdk = setupSdk;
+exports.spawnCoana = spawnCoana;
 exports.suggestOrgSlug = suggestOrgSlug;
 exports.supportedConfigKeys = supportedConfigKeys;
 exports.tildify = tildify;
 exports.updateConfigValue = updateConfigValue;
 exports.walkNestedMap = walkNestedMap;
 exports.writeSocketJson = writeSocketJson;
-//# debugId=94178b1d-85ee-4390-b193-3a3d369ed113
+//# debugId=88d9d91b-8101-48d8-a336-71d3fbea0f10
 //# sourceMappingURL=utils.js.map