@socketsecurity/cli-with-sentry 1.0.107 → 1.0.109

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (32) hide show
  1. package/bin/cli.js +1 -0
  2. package/dist/cli.js +11 -12
  3. package/dist/cli.js.map +1 -1
  4. package/dist/constants.js +69 -47
  5. package/dist/constants.js.map +1 -1
  6. package/dist/shadow-npm-bin.js +10 -8
  7. package/dist/shadow-npm-bin.js.map +1 -1
  8. package/dist/shadow-npm-inject.js +15 -14
  9. package/dist/shadow-npm-inject.js.map +1 -1
  10. package/dist/tsconfig.dts.tsbuildinfo +1 -1
  11. package/dist/types/commands/manifest/run-cdxgen.d.mts.map +1 -1
  12. package/dist/types/constants.d.mts +13 -8
  13. package/dist/types/constants.d.mts.map +1 -1
  14. package/dist/types/shadow/npm/arborist/lib/arborist/index.d.mts.map +1 -1
  15. package/dist/types/shadow/npm/bin.d.mts +2 -1
  16. package/dist/types/shadow/npm/bin.d.mts.map +1 -1
  17. package/dist/types/shadow/npm/install.d.mts.map +1 -1
  18. package/dist/types/shadow/npm/link.d.mts +1 -1
  19. package/dist/types/shadow/npm/link.d.mts.map +1 -1
  20. package/dist/types/utils/alert/artifact.d.mts +1 -1
  21. package/dist/types/utils/alert/artifact.d.mts.map +1 -1
  22. package/dist/types/utils/alerts-map.d.mts +1 -1
  23. package/dist/types/utils/alerts-map.d.mts.map +1 -1
  24. package/dist/types/utils/coana.d.mts +3 -2
  25. package/dist/types/utils/coana.d.mts.map +1 -1
  26. package/dist/types/utils/sdk.d.mts +1 -1
  27. package/dist/types/utils/sdk.d.mts.map +1 -1
  28. package/dist/utils.js +10 -5
  29. package/dist/utils.js.map +1 -1
  30. package/external/@socketsecurity/registry/lib/constants/env.js +3 -3
  31. package/external/@socketsecurity/registry/lib/constants/node-harden-flags.js +11 -3
  32. package/package.json +6 -6
package/external/@socketsecurity/registry/lib/constants/env.js CHANGED
@@ -25,9 +25,9 @@ module.exports = ObjectFreeze({
25
25
  NODE_AUTH_TOKEN: envAsString(env.NODE_AUTH_TOKEN),
26
26
  // NODE_ENV is a recognized convention, but not a built-in Node.js feature.
27
27
  NODE_ENV:
28
- envAsString(env.NODE_ENV).toLowerCase() === 'development'
29
- ? 'development'
30
- : 'production',
28
+ envAsString(env.NODE_ENV).toLowerCase() === 'production'
29
+ ? 'production'
30
+ : 'development',
31
31
  // A space-separated list of command-line options. `options...` are interpreted
32
32
  // before command-line options, so command-line options will override or compound
33
33
  // after anything in `options...`. Node.js will exit with an error if an option
package/external/@socketsecurity/registry/lib/constants/node-harden-flags.js CHANGED
@@ -5,15 +5,23 @@ const { freeze: ObjectFreeze } = Object
5
5
  const WIN32 = require('./win32')
6
6
 
7
7
  module.exports = ObjectFreeze(
8
+ // Harden Node security.
9
+ // https://nodejs.org/en/learn/getting-started/security-best-practices
8
10
  WIN32
9
- ? ['--disallow-code-generation-from-strings']
11
+ ? [
12
+ // https://nodejs.org/api/cli.html#--disallow-code-generation-from-strings
13
+ '--disallow-code-generation-from-strings'
14
+ ]
10
15
  : [
16
+ '--disallow-code-generation-from-strings',
11
17
  // https://nodejs.org/api/cli.html#--disable-protomode
12
18
  '--disable-proto',
13
19
  'throw',
14
- // https://nodejs.org/api/cli.html#--disallow-code-generation-from-strings
15
- '--disallow-code-generation-from-strings',
16
20
  // https://nodejs.org/api/cli.html#--frozen-intrinsics
21
+ // We have contributed the following patches to our dependencies to make
22
+ // Node's --frozen-intrinsics workable.
23
+ // √ https://github.com/SBoudrias/Inquirer.js/pull/1683
24
+ // √ https://github.com/pnpm/components/pull/23
17
25
  '--frozen-intrinsics',
18
26
  // https://nodejs.org/api/cli.html#--no-deprecation
19
27
  '--no-deprecation'
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@socketsecurity/cli-with-sentry",
3
- "version": "1.0.107",
3
+ "version": "1.0.109",
4
4
  "description": "CLI for Socket.dev, includes Sentry error handling, otherwise identical to the regular `socket` package",
5
5
  "homepage": "https://github.com/SocketDev/socket-cli",
6
6
  "license": "MIT",
@@ -86,7 +86,7 @@
86
86
  "@babel/preset-typescript": "7.27.1",
87
87
  "@babel/runtime": "7.28.3",
88
88
  "@biomejs/biome": "2.2.2",
89
- "@coana-tech/cli": "14.12.14",
89
+ "@coana-tech/cli": "14.12.16",
90
90
  "@cyclonedx/cdxgen": "11.7.0",
91
91
  "@dotenvx/dotenvx": "1.49.0",
92
92
  "@eslint/compat": "1.3.2",
@@ -113,7 +113,7 @@
113
113
  "@socketregistry/is-interactive": "1.0.6",
114
114
  "@socketregistry/packageurl-js": "1.0.9",
115
115
  "@socketsecurity/config": "3.0.1",
116
- "@socketsecurity/registry": "1.0.278",
116
+ "@socketsecurity/registry": "1.0.279",
117
117
  "@socketsecurity/sdk": "1.4.83",
118
118
  "@types/blessed": "0.1.25",
119
119
  "@types/cmd-shim": "5.0.2",
@@ -124,11 +124,11 @@
124
124
  "@types/npmcli__arborist": "6.3.1",
125
125
  "@types/npmcli__config": "6.0.3",
126
126
  "@types/proc-log": "3.0.4",
127
- "@types/semver": "7.7.0",
127
+ "@types/semver": "7.7.1",
128
128
  "@types/which": "3.0.4",
129
129
  "@types/yargs-parser": "21.0.3",
130
130
  "@typescript-eslint/parser": "8.42.0",
131
- "@typescript/native-preview": "7.0.0-dev.20250902.1",
131
+ "@typescript/native-preview": "7.0.0-dev.20250903.1",
132
132
  "@vitest/coverage-v8": "3.2.4",
133
133
  "blessed": "0.1.81",
134
134
  "blessed-contrib": "4.11.0",
@@ -241,6 +241,6 @@
241
241
  "strict": true
242
242
  },
243
243
  "dependencies": {
244
- "@sentry/node": "10.8.0"
244
+ "@sentry/node": "10.9.0"
245
245
  }
246
246
  }