@socketsecurity/cli-with-sentry 1.0.10 → 1.0.12

package/dist/vendor.js

@@ -35572,7 +35572,7 @@ var isInteractiveExports = /*@__PURE__*/ requireIsInteractive();
 var dist$e = {};
 
 var name$2 = "@socketsecurity/sdk";
-var version$5 = "1.4.50";
+var version$5 = "1.4.51";
 var license = "MIT";
 var description = "SDK for the Socket API client";
 var author = {
@@ -35655,27 +35655,27 @@ var scripts = {
 	"update:deps": "npx --yes npm-check-updates"
 };
 var dependencies = {
-	"@socketsecurity/registry": "1.0.215"
+	"@socketsecurity/registry": "1.0.217"
 };
 var devDependencies = {
-	"@biomejs/biome": "2.0.5",
+	"@biomejs/biome": "2.0.6",
 	"@dotenvx/dotenvx": "1.45.1",
 	"@eslint/compat": "1.3.1",
-	"@eslint/js": "9.29.0",
-	"@types/node": "24.0.4",
+	"@eslint/js": "9.30.0",
+	"@types/node": "24.0.7",
 	"@typescript-eslint/parser": "8.35.0",
 	"@vitest/coverage-v8": "3.2.4",
 	"del-cli": "6.0.0",
-	eslint: "9.29.0",
+	eslint: "9.30.0",
 	"eslint-import-resolver-typescript": "4.4.4",
-	"eslint-plugin-import-x": "4.16.0",
+	"eslint-plugin-import-x": "4.16.1",
 	"eslint-plugin-jsdoc": "51.2.3",
 	"eslint-plugin-n": "17.20.0",
 	"eslint-plugin-sort-destructure-keys": "2.0.0",
 	"eslint-plugin-unicorn": "56.0.1",
 	globals: "16.2.0",
 	husky: "9.1.7",
-	knip: "5.61.2",
+	knip: "5.61.3",
 	"lint-staged": "16.1.2",
 	nock: "14.0.5",
 	"npm-run-all2": "8.0.4",
@@ -172598,5 +172598,5 @@ exports.terminalLinkExports = terminalLinkExports;
 exports.updater = updater$1;
 exports.yargsParser = yargsParser;
 exports.yoctocolorsCjsExports = yoctocolorsCjsExports;
-//# debugId=220c27c7-9cd6-40e7-ad6e-7b25f79cf1c0
+//# debugId=d7210c67-fab3-4cc3-8e6c-db0dd8a99646
 //# sourceMappingURL=vendor.js.map

package/external/@coana-tech/cli/cli.mjs

@@ -221973,7 +221973,7 @@ async function onlineScan(dependencyTree, apiKey, timeout) {
 }
 
 // dist/version.js
-var version2 = "14.9.33";
+var version2 = "14.9.34";
 
 // ../../node_modules/.pnpm/axios@1.9.0/node_modules/axios/lib/helpers/bind.js
 function bind2(fn2, thisArg) {
@@ -226497,9 +226497,21 @@ async function computeFixesAndUpgradePurls(path2, options) {
     ...vulnerableArtifactIdsPerVulnerability.get(ghsa)?.values() ?? []
   ]);
   const computedFix = await useSocketComputeFixEndpoint(artifacts, vulnerableArtifactIdsForGhsas);
-  if (computedFix.type !== "fix_found") {
+  if (computedFix.type !== "success") {
     throw new Error(`No fix found for the given vulnerabilities`);
   }
+  if (computedFix.failedArtifacts) {
+    const ghsasFailedToFix = options.applyFixesTo.filter((ghsa) => {
+      const artifactIds = vulnerableArtifactIdsPerVulnerability.get(ghsa);
+      if (!artifactIds)
+        return false;
+      return Array.from(artifactIds).some((vuln) => computedFix.failedArtifacts?.includes(vuln));
+    });
+    logger.info("Failed to compute fixes for the following vulnerabilities:");
+    for (const ghsa of ghsasFailedToFix) {
+      logger.info(`  - ${ghsa} (${Array.from(vulnerableArtifactIdsPerVulnerability.get(ghsa)).map((id) => simplePurl(artifacts[id].type, artifacts[id].namespace ?? null, artifacts[id].name, artifacts[id].version ?? null)).join(", ")})`);
+    }
+  }
   if (options.dryRun) {
     logger.info("Fixes found:");
     for (const fix of computedFix.fixes) {
@@ -226608,9 +226620,8 @@ async function useSocketComputeFixEndpoint(artifacts, vulnerableArtifactIdsForGh
   } catch (error) {
     logger.error("Request to compute fixes failed:", error);
     return {
-      type: "error during computation",
-      message: "Error during computation",
-      fixes: []
+      type: "error",
+      message: "Error during computation"
     };
   }
 }

package/external/@socketsecurity/registry/lib/spawn.js

@@ -1,5 +1,9 @@
 'use strict'
 
+const { stripAnsi } = /*@__PURE__*/ require('./strings')
+
+const { keys: ObjectKeys } = Object
+
 let _child_process
 /*@__NO_SIDE_EFFECTS__*/
 function getChildProcess() {
@@ -20,35 +24,48 @@ function getSpawn() {
   return _spawn
 }
 
+/*@__NO_SIDE_EFFECTS__*/
+function isStdioType(stdio, type) {
+  return (
+    stdio === type ||
+    (!stdio && type === 'pipe') ||
+    (Array.isArray(stdio) &&
+      stdio.length > 2 &&
+      stdio[0] === type &&
+      stdio[1] === type &&
+      stdio[2] === type)
+  )
+}
+
+/*@__NO_SIDE_EFFECTS__*/
+function stripAnsiFromSpawnResult(result) {
+  const { stderr, stdout } = result
+  if (typeof stdout === 'string') {
+    result.stdout = stripAnsi(stdout)
+  }
+  if (typeof stderr === 'string') {
+    result.stderr = stripAnsi(stderr)
+  }
+  return result
+}
+
 /*@__NO_SIDE_EFFECTS__*/
 function spawn(cmd, args, options, extra) {
   const {
     spinner = /*@__PURE__*/ require('./constants/spinner'),
+    stripAnsi: shouldStripAnsi = true,
     ...spawnOptions
   } = { __proto__: null, ...options }
   const spawn = getSpawn()
   const isSpinning = !!spinner?.isSpinning
-  const { env, stdio } = spawnOptions
+  const { env, stdio, stdioString = true } = spawnOptions
   // The stdio option can be a string or an array.
   // https://nodejs.org/api/child_process.html#optionsstdio
-  const isStdioIgnored =
-    stdio === 'ignore' ||
-    (Array.isArray(stdio) &&
-      stdio.length > 2 &&
-      stdio[0] === 'ignore' &&
-      stdio[1] === 'ignore' &&
-      stdio[2] === 'ignore')
-  const isStdioPiped =
-    stdio === undefined ||
-    stdio === 'pipe' ||
-    (Array.isArray(stdio) &&
-      stdio.length > 2 &&
-      stdio[0] === 'pipe' &&
-      stdio[1] === 'pipe' &&
-      stdio[2] === 'pipe')
-  const shouldPauseSpinner = !isStdioIgnored && !isStdioPiped
-  if (shouldPauseSpinner) {
-    spinner?.stop()
+  const shouldStopSpinner =
+    isSpinning && !isStdioType(stdio, 'ignore') && !isStdioType(stdio, 'pipe')
+  const shouldRestartSpinner = shouldStopSpinner
+  if (shouldStopSpinner) {
+    spinner.stop()
   }
   let spawnPromise = spawn(
     cmd,
@@ -69,13 +86,19 @@ function spawn(cmd, args, options, extra) {
     },
     extra
   )
-  if (shouldPauseSpinner && isSpinning) {
-    const oldSpawnPromise = spawnPromise
+  const oldSpawnPromise = spawnPromise
+  if (shouldStripAnsi && stdioString) {
+    spawnPromise = spawnPromise.then(stripAnsiFromSpawnResult).catch(error => {
+      throw stripAnsiFromSpawnResult(error)
+    })
+  }
+  if (shouldRestartSpinner) {
     spawnPromise = spawnPromise.finally(() => {
-      spinner?.start()
+      spinner.start()
     })
-    spawnPromise.process = oldSpawnPromise.process
-    spawnPromise.stdin = oldSpawnPromise.stdin
+  }
+  for (const key of ObjectKeys(oldSpawnPromise)) {
+    spawnPromise[key] = oldSpawnPromise[key]
   }
   return spawnPromise
 }

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@socketsecurity/cli-with-sentry",
-  "version": "1.0.10",
+  "version": "1.0.12",
   "description": "CLI for Socket.dev, includes Sentry error handling, otherwise identical to the regular `socket` package",
   "homepage": "https://github.com/SocketDev/socket-cli",
   "license": "MIT",
@@ -85,7 +85,7 @@
     "@babel/preset-typescript": "7.27.1",
     "@babel/runtime": "7.27.6",
     "@biomejs/biome": "2.0.6",
-    "@coana-tech/cli": "14.9.33",
+    "@coana-tech/cli": "14.9.34",
     "@cyclonedx/cdxgen": "11.4.1",
     "@dotenvx/dotenvx": "1.45.1",
     "@eslint/compat": "1.3.1",
@@ -112,8 +112,8 @@
     "@socketregistry/is-interactive": "1.0.6",
     "@socketregistry/packageurl-js": "1.0.8",
     "@socketsecurity/config": "3.0.1",
-    "@socketsecurity/registry": "1.0.217",
-    "@socketsecurity/sdk": "1.4.50",
+    "@socketsecurity/registry": "1.0.220",
+    "@socketsecurity/sdk": "1.4.51",
     "@types/blessed": "0.1.25",
     "@types/cmd-shim": "5.0.2",
     "@types/js-yaml": "4.0.9",
@@ -127,7 +127,7 @@
     "@types/which": "3.0.4",
     "@types/yargs-parser": "21.0.3",
     "@typescript-eslint/parser": "8.35.0",
-    "@typescript/native-preview": "7.0.0-dev.20250628.1",
+    "@typescript/native-preview": "7.0.0-dev.20250630.1",
     "@vitest/coverage-v8": "3.2.4",
     "blessed": "0.1.81",
     "blessed-contrib": "4.11.0",
@@ -158,7 +158,7 @@
     "npm-package-arg": "12.0.2",
     "npm-run-all2": "8.0.4",
     "open": "10.1.2",
-    "oxlint": "1.3.0",
+    "oxlint": "1.4.0",
     "pony-cause": "2.1.11",
     "registry-auth-token": "5.1.0",
     "registry-url": "7.2.0",