@socketsecurity/cli-with-sentry 1.0.11 → 1.0.12
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/cli.js +158 -153
- package/dist/cli.js.map +1 -1
- package/dist/constants.js +3 -3
- package/dist/constants.js.map +1 -1
- package/dist/types/commands/fix/open-pr.d.mts.map +1 -1
- package/dist/types/commands/json/output-cmd-json.d.mts.map +1 -1
- package/dist/types/commands/manifest/cmd-manifest-gradle.d.mts.map +1 -1
- package/dist/types/commands/manifest/cmd-manifest-kotlin.d.mts.map +1 -1
- package/dist/types/commands/manifest/cmd-manifest-scala.d.mts.map +1 -1
- package/dist/types/commands/manifest/detect-manifest-actions.d.mts +1 -1
- package/dist/types/commands/manifest/detect-manifest-actions.d.mts.map +1 -1
- package/dist/types/commands/manifest/generate_auto_manifest.d.mts.map +1 -1
- package/dist/types/commands/wrapper/remove-socket-wrapper.d.mts +1 -1
- package/dist/types/commands/wrapper/remove-socket-wrapper.d.mts.map +1 -1
- package/dist/types/utils/fs.d.mts +11 -1
- package/dist/types/utils/fs.d.mts.map +1 -1
- package/dist/types/utils/glob.d.mts.map +1 -1
- package/dist/types/utils/path-resolve.d.mts.map +1 -1
- package/dist/types/utils/socketjson.d.mts +1 -1
- package/dist/types/utils/socketjson.d.mts.map +1 -1
- package/dist/utils.js +27 -24
- package/dist/utils.js.map +1 -1
- package/external/@coana-tech/cli/cli.mjs +16 -5
- package/external/@socketsecurity/registry/lib/spawn.js +5 -3
- package/package.json +5 -5
|
@@ -221973,7 +221973,7 @@ async function onlineScan(dependencyTree, apiKey, timeout) {
|
|
|
221973
221973
|
}
|
|
221974
221974
|
|
|
221975
221975
|
// dist/version.js
|
|
221976
|
-
var version2 = "14.9.
|
|
221976
|
+
var version2 = "14.9.34";
|
|
221977
221977
|
|
|
221978
221978
|
// ../../node_modules/.pnpm/axios@1.9.0/node_modules/axios/lib/helpers/bind.js
|
|
221979
221979
|
function bind2(fn2, thisArg) {
|
|
@@ -226497,9 +226497,21 @@ async function computeFixesAndUpgradePurls(path2, options) {
|
|
|
226497
226497
|
...vulnerableArtifactIdsPerVulnerability.get(ghsa)?.values() ?? []
|
|
226498
226498
|
]);
|
|
226499
226499
|
const computedFix = await useSocketComputeFixEndpoint(artifacts, vulnerableArtifactIdsForGhsas);
|
|
226500
|
-
if (computedFix.type !== "
|
|
226500
|
+
if (computedFix.type !== "success") {
|
|
226501
226501
|
throw new Error(`No fix found for the given vulnerabilities`);
|
|
226502
226502
|
}
|
|
226503
|
+
if (computedFix.failedArtifacts) {
|
|
226504
|
+
const ghsasFailedToFix = options.applyFixesTo.filter((ghsa) => {
|
|
226505
|
+
const artifactIds = vulnerableArtifactIdsPerVulnerability.get(ghsa);
|
|
226506
|
+
if (!artifactIds)
|
|
226507
|
+
return false;
|
|
226508
|
+
return Array.from(artifactIds).some((vuln) => computedFix.failedArtifacts?.includes(vuln));
|
|
226509
|
+
});
|
|
226510
|
+
logger.info("Failed to compute fixes for the following vulnerabilities:");
|
|
226511
|
+
for (const ghsa of ghsasFailedToFix) {
|
|
226512
|
+
logger.info(` - ${ghsa} (${Array.from(vulnerableArtifactIdsPerVulnerability.get(ghsa)).map((id) => simplePurl(artifacts[id].type, artifacts[id].namespace ?? null, artifacts[id].name, artifacts[id].version ?? null)).join(", ")})`);
|
|
226513
|
+
}
|
|
226514
|
+
}
|
|
226503
226515
|
if (options.dryRun) {
|
|
226504
226516
|
logger.info("Fixes found:");
|
|
226505
226517
|
for (const fix of computedFix.fixes) {
|
|
@@ -226608,9 +226620,8 @@ async function useSocketComputeFixEndpoint(artifacts, vulnerableArtifactIdsForGh
|
|
|
226608
226620
|
} catch (error) {
|
|
226609
226621
|
logger.error("Request to compute fixes failed:", error);
|
|
226610
226622
|
return {
|
|
226611
|
-
type: "error
|
|
226612
|
-
message: "Error during computation"
|
|
226613
|
-
fixes: []
|
|
226623
|
+
type: "error",
|
|
226624
|
+
message: "Error during computation"
|
|
226614
226625
|
};
|
|
226615
226626
|
}
|
|
226616
226627
|
}
|
|
@@ -28,6 +28,7 @@ function getSpawn() {
|
|
|
28
28
|
function isStdioType(stdio, type) {
|
|
29
29
|
return (
|
|
30
30
|
stdio === type ||
|
|
31
|
+
(!stdio && type === 'pipe') ||
|
|
31
32
|
(Array.isArray(stdio) &&
|
|
32
33
|
stdio.length > 2 &&
|
|
33
34
|
stdio[0] === type &&
|
|
@@ -60,9 +61,10 @@ function spawn(cmd, args, options, extra) {
|
|
|
60
61
|
const { env, stdio, stdioString = true } = spawnOptions
|
|
61
62
|
// The stdio option can be a string or an array.
|
|
62
63
|
// https://nodejs.org/api/child_process.html#optionsstdio
|
|
63
|
-
const
|
|
64
|
+
const shouldStopSpinner =
|
|
64
65
|
isSpinning && !isStdioType(stdio, 'ignore') && !isStdioType(stdio, 'pipe')
|
|
65
|
-
|
|
66
|
+
const shouldRestartSpinner = shouldStopSpinner
|
|
67
|
+
if (shouldStopSpinner) {
|
|
66
68
|
spinner.stop()
|
|
67
69
|
}
|
|
68
70
|
let spawnPromise = spawn(
|
|
@@ -90,7 +92,7 @@ function spawn(cmd, args, options, extra) {
|
|
|
90
92
|
throw stripAnsiFromSpawnResult(error)
|
|
91
93
|
})
|
|
92
94
|
}
|
|
93
|
-
if (
|
|
95
|
+
if (shouldRestartSpinner) {
|
|
94
96
|
spawnPromise = spawnPromise.finally(() => {
|
|
95
97
|
spinner.start()
|
|
96
98
|
})
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@socketsecurity/cli-with-sentry",
|
|
3
|
-
"version": "1.0.
|
|
3
|
+
"version": "1.0.12",
|
|
4
4
|
"description": "CLI for Socket.dev, includes Sentry error handling, otherwise identical to the regular `socket` package",
|
|
5
5
|
"homepage": "https://github.com/SocketDev/socket-cli",
|
|
6
6
|
"license": "MIT",
|
|
@@ -85,7 +85,7 @@
|
|
|
85
85
|
"@babel/preset-typescript": "7.27.1",
|
|
86
86
|
"@babel/runtime": "7.27.6",
|
|
87
87
|
"@biomejs/biome": "2.0.6",
|
|
88
|
-
"@coana-tech/cli": "14.9.
|
|
88
|
+
"@coana-tech/cli": "14.9.34",
|
|
89
89
|
"@cyclonedx/cdxgen": "11.4.1",
|
|
90
90
|
"@dotenvx/dotenvx": "1.45.1",
|
|
91
91
|
"@eslint/compat": "1.3.1",
|
|
@@ -112,7 +112,7 @@
|
|
|
112
112
|
"@socketregistry/is-interactive": "1.0.6",
|
|
113
113
|
"@socketregistry/packageurl-js": "1.0.8",
|
|
114
114
|
"@socketsecurity/config": "3.0.1",
|
|
115
|
-
"@socketsecurity/registry": "1.0.
|
|
115
|
+
"@socketsecurity/registry": "1.0.220",
|
|
116
116
|
"@socketsecurity/sdk": "1.4.51",
|
|
117
117
|
"@types/blessed": "0.1.25",
|
|
118
118
|
"@types/cmd-shim": "5.0.2",
|
|
@@ -127,7 +127,7 @@
|
|
|
127
127
|
"@types/which": "3.0.4",
|
|
128
128
|
"@types/yargs-parser": "21.0.3",
|
|
129
129
|
"@typescript-eslint/parser": "8.35.0",
|
|
130
|
-
"@typescript/native-preview": "7.0.0-dev.
|
|
130
|
+
"@typescript/native-preview": "7.0.0-dev.20250630.1",
|
|
131
131
|
"@vitest/coverage-v8": "3.2.4",
|
|
132
132
|
"blessed": "0.1.81",
|
|
133
133
|
"blessed-contrib": "4.11.0",
|
|
@@ -158,7 +158,7 @@
|
|
|
158
158
|
"npm-package-arg": "12.0.2",
|
|
159
159
|
"npm-run-all2": "8.0.4",
|
|
160
160
|
"open": "10.1.2",
|
|
161
|
-
"oxlint": "1.
|
|
161
|
+
"oxlint": "1.4.0",
|
|
162
162
|
"pony-cause": "2.1.11",
|
|
163
163
|
"registry-auth-token": "5.1.0",
|
|
164
164
|
"registry-url": "7.2.0",
|