@socketsecurity/cli-with-sentry 1.0.20 → 1.0.22

package/dist/utils.js

@@ -391,7 +391,7 @@ let _cachedConfig;
 // When using --config or SOCKET_CLI_CONFIG, do not persist the config.
 let _readOnlyConfig = false;
 function overrideCachedConfig(jsonConfig) {
-  debug.debugFn('override: full config (not stored)');
+  debug.debugFn('notice', 'override: full config (not stored)');
   let config;
   try {
     config = JSON.parse(String(jsonConfig));
@@ -432,7 +432,7 @@ function overrideCachedConfig(jsonConfig) {
   };
 }
 function overrideConfigApiToken(apiToken) {
-  debug.debugFn('override: API token (not stored)');
+  debug.debugFn('notice', 'override: API token (not stored)');
 
   // Set token to the local cached config and mark it read-only so it doesn't persist
   _cachedConfig = {
@@ -516,7 +516,7 @@ function captureExceptionSync(exception, hint) {
   if (!Sentry) {
     return '';
   }
-  debug.debugFn('send: exception to Sentry');
+  debug.debugFn('notice', 'send: exception to Sentry');
   return Sentry.captureException(exception, hint);
 }
 
@@ -639,7 +639,10 @@ async function handleApiCall(value, fetchingDesc) {
     spinner.failAndStop(`An error was thrown while requesting ${fetchingDesc}`);
     const message = `${e || 'No error message returned'}`;
     const reason = `${e || 'No error message returned'}`;
-    debug.debugFn(`catch: ${fetchingDesc} error:\n`, e);
+    debug.debugFn('error', `caught: ${fetchingDesc} error`);
+    debug.debugDir('inspect', {
+      error: e
+    });
     return {
       ok: false,
       message: 'Socket API returned an error',
@@ -651,12 +654,15 @@ async function handleApiCall(value, fetchingDesc) {
 
   // Note: TS can't narrow down the type of result due to generics
   if (result.success === false) {
-    const err = result;
-    const message = `${err.error || 'No error message returned'}`;
+    const error = result;
+    const message = `${error.error || 'No error message returned'}`;
     const {
       cause: reason
-    } = err;
-    debug.debugFn(`fail: ${fetchingDesc} bad response:\n`, err);
+    } = error;
+    debug.debugFn('error', `fail: ${fetchingDesc} bad response`);
+    debug.debugDir('inspect', {
+      error
+    });
     return {
       ok: false,
       message: 'Socket API returned an error',
@@ -680,7 +686,10 @@ async function handleApiCallNoSpinner(value, description) {
   } catch (e) {
     const message = `${e || 'No error message returned'}`;
     const reason = `${e || 'No error message returned'}`;
-    debug.debugFn(`catch: ${description} error:\n`, e);
+    debug.debugFn('error', `caught: ${description} error`);
+    debug.debugDir('inspect', {
+      error: e
+    });
     return {
       ok: false,
       message: 'Socket API returned an error',
@@ -690,13 +699,16 @@ async function handleApiCallNoSpinner(value, description) {
 
   // Note: TS can't narrow down the type of result due to generics
   if (result.success === false) {
-    const err = result;
-    const message = `${err.error || 'No error message returned'}`;
-    debug.debugFn(`fail: ${description} bad response:\n`, err);
+    const error = result;
+    const message = `${error.error || 'No error message returned'}`;
+    debug.debugFn('error', `fail: ${description} bad response`);
+    debug.debugDir('inspect', {
+      error
+    });
     return {
       ok: false,
       message: 'Socket API returned an error',
-      cause: `${message}${err.cause ? ` ( Reason: ${err.cause} )` : ''}`,
+      cause: `${message}${error.cause ? ` ( Reason: ${error.cause} )` : ''}`,
       data: {
         code: result.status
       }
@@ -777,7 +789,10 @@ async function queryApiSafeText(path, fetchSpinnerDesc) {
       spinner.failAndStop(`An error was thrown while requesting ${fetchSpinnerDesc}.`);
     }
     const cause = e?.message;
-    debug.debugFn('catch: queryApi() error\n', e);
+    debug.debugFn('error', 'caught: queryApi() error');
+    debug.debugDir('inspect', {
+      error: e
+    });
     return {
       ok: false,
       message: 'API Request failed to complete',
@@ -801,7 +816,10 @@ async function queryApiSafeText(path, fetchSpinnerDesc) {
       data
     };
   } catch (e) {
-    debug.debugFn('catch: await result.text() error\n', e);
+    debug.debugFn('error', 'caught: await result.text() error');
+    debug.debugDir('inspect', {
+      error: e
+    });
     return {
       ok: false,
       message: 'API Request failed to complete',
@@ -922,9 +940,9 @@ cols) {
 function serializeResultJson(data) {
   if (typeof data !== 'object' || !data) {
     process.exitCode = 1;
-    debug.debugFn('typeof data=', typeof data);
+    debug.debugFn('inspect', 'typeof data=', typeof data);
     if (typeof data !== 'object' && data) {
-      debug.debugFn('data:\n', data);
+      debug.debugFn('inspect', 'data:\n', data);
     }
 
     // We should not allow the json value to be "null", or a boolean/number/string,
@@ -939,12 +957,14 @@ function serializeResultJson(data) {
   try {
     return JSON.stringify(data, null, 2).trim() + '\n';
   } catch (e) {
-    debug.debugFn('catch: unexpected\n', e);
     process.exitCode = 1;
 
     // This could be caused by circular references, which is an "us" problem
     const message = 'There was a problem converting the data set to JSON. Please try again without --json';
     logger.logger.fail(message);
+    debug.debugDir('inspect', {
+      error: e
+    });
     return JSON.stringify({
       ok: false,
       message: 'Unable to serialize JSON',
@@ -1720,7 +1740,7 @@ function findNpmPathSync(npmBinPath) {
   }
 }
 async function getPackageFilesForScan(cwd, inputPaths, supportedFiles, config) {
-  debug.debugFn(`resolve: ${inputPaths.length} paths`, inputPaths);
+  debug.debugFn('notice', `resolve: ${inputPaths.length} paths`, inputPaths);
 
   // Lazily access constants.spinner.
   const {
@@ -1732,16 +1752,16 @@ async function getPackageFilesForScan(cwd, inputPaths, supportedFiles, config) {
     cwd,
     socketConfig: config
   });
-  if (debug.isDebug()) {
+  if (debug.isDebug('notice')) {
     spinner.stop();
-    debug.debugFn(`Resolved ${inputPaths.length} paths to ${entries.length} local paths:\n`, entries);
+    debug.debugFn('notice', `Resolved ${inputPaths.length} paths to ${entries.length} local paths:\n`, entries);
     spinner.start('Searching for files now...');
   } else {
     spinner.start(`Resolved ${inputPaths.length} paths to ${entries.length} local paths, searching for files now...`);
   }
   const packageFiles = await filterGlobResultToSupportedFiles(entries, supportedFiles);
   spinner.successAndStop(`Found ${packageFiles.length} local ${words.pluralize('file', packageFiles.length)}`);
-  debug.debugFn('paths: absolute', packageFiles);
+  debug.debugFn('inspect', 'paths: absolute', packageFiles);
   return packageFiles;
 }
 
@@ -1765,7 +1785,7 @@ function getDefaultSocketJson() {
 async function readSocketJson(cwd, defaultOnError = false) {
   const sockJsonPath = path.join(cwd, 'socket.json');
   if (!fs.existsSync(sockJsonPath)) {
-    debug.debugFn(`miss: file not found ${sockJsonPath}`);
+    debug.debugFn('notice', `miss: file not found ${sockJsonPath}`);
     return {
       ok: true,
       data: getDefaultSocketJson()
@@ -1775,8 +1795,9 @@ async function readSocketJson(cwd, defaultOnError = false) {
   try {
     json = await fs.promises.readFile(sockJsonPath, 'utf8');
   } catch (e) {
-    debug.debugLog('[DEBUG] Raw error:');
-    debug.debugLog(e);
+    debug.debugDir('inspect', {
+      error: e
+    });
     if (defaultOnError) {
       logger.logger.warn('Warning: failed to read file, using default');
       return {
@@ -1795,7 +1816,10 @@ async function readSocketJson(cwd, defaultOnError = false) {
   try {
     obj = JSON.parse(json);
   } catch {
-    debug.debugFn('fail: parse JSON\n', json);
+    debug.debugFn('error', 'fail: parse JSON');
+    debug.debugDir('inspect', {
+      json
+    });
     if (defaultOnError) {
       logger.logger.warn('Warning: failed to parse file, using default');
       return {
@@ -1830,8 +1854,13 @@ async function writeSocketJson(cwd, sockJson) {
   try {
     json = JSON.stringify(sockJson, null, 2);
   } catch (e) {
-    debug.debugFn('fail: stringify JSON\n', e);
-    debug.debugLog('[DEBUG] Object:\n', sockJson);
+    debug.debugFn('error', 'fail: stringify JSON');
+    debug.debugDir('inspect', {
+      error: e
+    });
+    debug.debugDir('inspect', {
+      sockJson
+    });
     return {
       ok: false,
       message: 'Failed to serialize to JSON',
@@ -1859,26 +1888,6 @@ function exitWithBinPathError(binName) {
   // eslint-disable-next-line n/no-process-exit
   process.exit(127);
 }
-let _npmBinPathDetails;
-function getNpmBinPathDetails() {
-  if (_npmBinPathDetails === undefined) {
-    _npmBinPathDetails = findBinPathDetailsSync(NPM$3);
-  }
-  return _npmBinPathDetails;
-}
-let _npxBinPathDetails;
-function getNpxBinPathDetails() {
-  if (_npxBinPathDetails === undefined) {
-    _npxBinPathDetails = findBinPathDetailsSync(NPX);
-  }
-  return _npxBinPathDetails;
-}
-function isNpmBinPathShadowed() {
-  return getNpmBinPathDetails().shadowed;
-}
-function isNpxBinPathShadowed() {
-  return getNpxBinPathDetails().shadowed;
-}
 let _npmBinPath;
 function getNpmBinPath() {
   if (_npmBinPath === undefined) {
@@ -1889,6 +1898,13 @@ function getNpmBinPath() {
   }
   return _npmBinPath;
 }
+let _npmBinPathDetails;
+function getNpmBinPathDetails() {
+  if (_npmBinPathDetails === undefined) {
+    _npmBinPathDetails = findBinPathDetailsSync(NPM$3);
+  }
+  return _npmBinPathDetails;
+}
 let _npmPath;
 function getNpmPath() {
   if (_npmPath === undefined) {
@@ -1928,6 +1944,19 @@ function getNpxBinPath() {
   }
   return _npxBinPath;
 }
+let _npxBinPathDetails;
+function getNpxBinPathDetails() {
+  if (_npxBinPathDetails === undefined) {
+    _npxBinPathDetails = findBinPathDetailsSync(NPX);
+  }
+  return _npxBinPathDetails;
+}
+function isNpmBinPathShadowed() {
+  return getNpmBinPathDetails().shadowed;
+}
+function isNpxBinPathShadowed() {
+  return getNpxBinPathDetails().shadowed;
+}
 
 const {
   ALERT_TYPE_CRITICAL_CVE,
@@ -2262,20 +2291,20 @@ function getAlertSeverityOrder(alert) {
 function getAlertsSeverityOrder(alerts) {
   return alertsHaveBlocked(alerts) || alertsHaveSeverity(alerts, ALERT_SEVERITY.critical) ? 0 : alertsHaveSeverity(alerts, ALERT_SEVERITY.high) ? 1 : alertsHaveSeverity(alerts, ALERT_SEVERITY.middle) ? 2 : alertsHaveSeverity(alerts, ALERT_SEVERITY.low) ? 3 : 4;
 }
-function getCveInfoFromAlertsMap(alertsMap, options_) {
-  const options = {
+function getCveInfoFromAlertsMap(alertsMap, options) {
+  const {
+    exclude: exclude_
+  } = {
     __proto__: null,
-    exclude: undefined,
-    limit: Infinity,
-    ...options_
+    ...options
   };
-  options.exclude = {
+  const exclude = {
     __proto__: null,
-    ...options.exclude
+    ...exclude_
   };
-  let count = 0;
   let infoByPartialPurl = null;
-  alertsMapLoop: for (const {
+  // eslint-disable-next-line no-unused-labels
+  for (const {
     0: purl,
     1: sockPkgAlerts
   } of alertsMap) {
@@ -2284,7 +2313,7 @@ function getCveInfoFromAlertsMap(alertsMap, options_) {
     const name = packages.resolvePackageName(purlObj);
     sockPkgAlertsLoop: for (const sockPkgAlert of sockPkgAlerts) {
       const alert = sockPkgAlert.raw;
-      if (alert.fix?.type !== ALERT_FIX_TYPE.cve || options.exclude.upgradable && registry.getManifestData(sockPkgAlert.ecosystem, name)) {
+      if (alert.fix?.type !== ALERT_FIX_TYPE.cve || exclude.upgradable && registry.getManifestData(sockPkgAlert.ecosystem, name)) {
         continue sockPkgAlertsLoop;
       }
       if (!infoByPartialPurl) {
@@ -2314,18 +2343,19 @@ function getCveInfoFromAlertsMap(alertsMap, options_) {
               // semver.Range will parse it without erroring.
               vulnerableVersionRange.replace(/, +/g, ' ').replace(/; +/g, ' || ')).format()
             });
-            if (++count >= options.limit) {
-              break alertsMapLoop;
-            }
             continue sockPkgAlertsLoop;
           } catch (e) {
             error = e;
           }
         }
-        debug.debugFn('fail: invalid SocketPackageAlert\n', alert);
+        debug.debugFn('error', 'fail: invalid SocketPackageAlert');
+        debug.debugDir('inspect', {
+          alert
+        });
         if (error) {
-          // Explicitly use debugLog here.
-          debug.debugLog(error.message ?? error);
+          debug.debugDir('inspect', {
+            error: error.message ?? error
+          });
         }
       }
     }
@@ -2583,7 +2613,7 @@ async function getAlertsMapFromPurls(purls, options_) {
     spinner
   } = options;
   const uniqPurls = arrays.arrayUnique(purls);
-  debug.debugFn('inspect:', {
+  debug.debugDir('inspect', {
     purls: uniqPurls
   });
   let {
@@ -2630,7 +2660,7 @@ async function getAlertsMapFromPurls(purls, options_) {
     } else {
       spinner?.stop();
       logger.logger.fail(`Received a ${batchResult.status} response from Socket API which we consider a permanent failure:`, batchResult.error, batchResult.cause ? `( ${batchResult.cause} )` : '');
-      debug.debugFn('inspect:', {
+      debug.debugDir('inspect', {
         batchResult
       });
       break;
@@ -2815,9 +2845,53 @@ function runAgentInstall(pkgEnvDetails, options) {
   });
 }
 
+async function getNpmConfig(options) {
+  const {
+    cwd = process.cwd(),
+    env = process.env,
+    execPath = process.execPath,
+    nodeVersion = process.version,
+    npmCommand = 'install',
+    npmPath = getNpmPath(),
+    npmVersion,
+    platform = process.platform
+  } = {
+    __proto__: null,
+    ...options
+  };
+  const config = new vendor.libExports$2({
+    argv: [],
+    cwd,
+    definitions: vendor.definitionsExports.definitions,
+    execPath,
+    env: {
+      ...env
+    },
+    flatten: vendor.definitionsExports.flatten,
+    npmPath,
+    platform,
+    shorthands: vendor.definitionsExports.shorthands
+  });
+  await config.load();
+  const flatConfig = {
+    __proto__: null,
+    ...config.flat
+  };
+  if (nodeVersion) {
+    flatConfig.nodeVersion = nodeVersion;
+  }
+  if (npmCommand) {
+    flatConfig.npmCommand = npmCommand;
+  }
+  if (npmVersion) {
+    flatConfig.npmVersion = npmVersion.toString();
+  }
+  return flatConfig;
+}
+
 async function spawnCoana(args, options, extra) {
   const {
-    env: optionsEnv
+    env: spawnEnv
   } = {
     __proto__: null,
     ...options
@@ -2831,7 +2905,7 @@ async function spawnCoana(args, options, extra) {
       ...options,
       env: {
         ...process.env,
-        ...optionsEnv,
+        ...spawnEnv,
         SOCKET_CLI_API_BASE_URL: constants.ENV.SOCKET_CLI_API_BASE_URL || undefined,
         SOCKET_CLI_API_TOKEN: getDefaultToken()
       }
@@ -2950,7 +3024,10 @@ async function getAgentVersion(agentExecPath, cwd) {
       shell: constants.WIN32
     })).stdout) ?? undefined;
   } catch (e) {
-    debug.debugFn('catch: unexpected\n', e);
+    debug.debugFn('error', 'caught: unexpected error');
+    debug.debugDir('inspect', {
+      error: e
+    });
   }
   return result;
 }
@@ -3269,6 +3346,7 @@ exports.getFlagListOutput = getFlagListOutput;
 exports.getMajor = getMajor;
 exports.getMinVersion = getMinVersion;
 exports.getNpmBinPath = getNpmBinPath;
+exports.getNpmConfig = getNpmConfig;
 exports.getNpmRequire = getNpmRequire;
 exports.getNpxBinPath = getNpxBinPath;
 exports.getOutputKind = getOutputKind;
@@ -3319,5 +3397,5 @@ exports.tildify = tildify;
 exports.updateConfigValue = updateConfigValue;
 exports.walkNestedMap = walkNestedMap;
 exports.writeSocketJson = writeSocketJson;
-//# debugId=738e476d-5a8a-49d7-a6be-c50b9907d6f1
+//# debugId=ad76cecb-5b19-4d94-97e3-1d71fa1d1902
 //# sourceMappingURL=utils.js.map