@socketsecurity/cli-with-sentry 1.0.41 → 1.0.43

package/dist/cli.js

@@ -3812,9 +3812,9 @@ function getOverridesData(pkgEnvDetails, pkgJson) {
 
 const noopHandler = () => {};
 async function agentFix(pkgEnvDetails, actualTree, alertsMap, installer, {
-  beforeInstall = noopHandler,
-  // eslint-disable-next-line sort-destructure-keys/sort-destructure-keys
   afterInstall = noopHandler,
+  afterUpdate = noopHandler,
+  beforeInstall = noopHandler,
   revertInstall = noopHandler
 }, fixConfig) {
   const {
@@ -3882,6 +3882,13 @@ async function agentFix(pkgEnvDetails, actualTree, alertsMap, installer, {
     spinner?.dedent();
     packumentCache.clear();
   };
+  const getModifiedFiles = async (cwd = process.cwd()) => {
+    const unstagedCResult = await gitUnstagedModifiedFiles(cwd);
+    return unstagedCResult.ok ? unstagedCResult.data.filter(filepath => {
+      const basename = path.basename(filepath);
+      return basename === 'package.json' || basename === pkgEnvDetails.lockName;
+    }) : [];
+  };
   const handleInstallFail = () => {
     cleanupInfoEntriesLoop();
     return {
@@ -3890,6 +3897,9 @@ async function agentFix(pkgEnvDetails, actualTree, alertsMap, installer, {
       cause: `Unexpected condition: ${pkgEnvDetails.agent} install failed`
     };
   };
+  const hasModifiedFiles = async (cwd = process.cwd()) => {
+    return (await getModifiedFiles(cwd)).length > 0;
+  };
   spinner?.stop();
   infoEntriesLoop: for (let i = 0, {
       length
@@ -4041,13 +4051,11 @@ async function agentFix(pkgEnvDetails, actualTree, alertsMap, installer, {
           });
 
           // eslint-disable-next-line no-await-in-loop
-          const unstagedCResult = await gitUnstagedModifiedFiles(cwd);
-          const moddedFilepaths = unstagedCResult.ok ? unstagedCResult.data.filter(filepath => {
-            const basename = path.basename(filepath);
-            return basename === 'package.json' || basename === pkgEnvDetails.lockName;
-          }) : [];
-          if (!moddedFilepaths.length) {
-            logger.logger.warn('Unexpected condition: Nothing to commit, skipping PR creation.');
+          await afterUpdate(editablePkgJson, packument, oldVersion, newVersion, vulnerableVersionRange, fixConfig);
+
+          // eslint-disable-next-line no-await-in-loop
+          if (!(await hasModifiedFiles(cwd))) {
+            debug.debugFn('notice', 'skip: nothing to commit, skipping PR creation');
             // Reset things just in case.
             if (fixEnv.isCi) {
               // eslint-disable-next-line no-await-in-loop
@@ -4057,11 +4065,6 @@ async function agentFix(pkgEnvDetails, actualTree, alertsMap, installer, {
             }
             continue infosLoop;
           }
-
-          // eslint-disable-next-line no-await-in-loop
-          const pkgJsonSrc = await fs$1.promises.readFile(editablePkgJson.filename, 'utf8');
-          // eslint-disable-next-line no-await-in-loop
-          const lockSrc = await utils.readLockfile(pkgEnvDetails.lockPath);
           if (!hasAnnouncedWorkspace) {
             hasAnnouncedWorkspace = true;
             workspaceLogCallCount = logger.logger.logCallCount;
@@ -4102,15 +4105,12 @@ async function agentFix(pkgEnvDetails, actualTree, alertsMap, installer, {
 
           // Check repoInfo to make TypeScript happy.
           if (!errored && fixEnv.isCi && fixEnv.repoInfo) {
-            // Rewrite files in case the install reverted them.
-            // eslint-disable-next-line no-await-in-loop
-            await fs$1.promises.writeFile(editablePkgJson.filename, pkgJsonSrc, 'utf8');
-            // eslint-disable-next-line no-await-in-loop
-            await fs$1.promises.writeFile(pkgEnvDetails.lockPath, lockSrc, 'utf8');
             try {
               if (
               // eslint-disable-next-line no-await-in-loop
-              !(await gitCreateAndPushBranch(branch, getSocketCommitMessage(oldPurl, newVersion, workspace), moddedFilepaths, {
+              !(await gitCreateAndPushBranch(branch, getSocketCommitMessage(oldPurl, newVersion, workspace),
+              // eslint-disable-next-line no-await-in-loop
+              await getModifiedFiles(cwd), {
                 cwd,
                 email: fixEnv.gitEmail,
                 user: fixEnv.gitUser
@@ -4328,7 +4328,7 @@ async function npmFix(pkgEnvDetails, fixConfig) {
   }
   let revertData;
   return await agentFix(pkgEnvDetails, actualTree, alertsMap, install$1, {
-    async beforeInstall(editablePkgJson, packument, oldVersion, newVersion) {
+    async beforeInstall(editablePkgJson) {
       revertData = {
         ...(editablePkgJson.content.dependencies && {
           dependencies: {
@@ -4346,15 +4346,20 @@ async function npmFix(pkgEnvDetails, fixConfig) {
           }
         })
       };
-      const arb = new shadowNpmInject.Arborist({
-        path: pkgEnvDetails.pkgPath,
-        ...flatConfig
-      });
-      const idealTree = await arb.buildIdealTree();
-      const node = shadowNpmInject.findPackageNode(idealTree, packument.name, oldVersion);
-      if (node) {
-        shadowNpmInject.updateNode(node, newVersion, packument.versions[newVersion]);
-        await arb.reify();
+    },
+    async afterUpdate(editablePkgJson, packument, oldVersion, newVersion) {
+      const isWorkspaceRoot = editablePkgJson.filename === pkgEnvDetails.editablePkgJson.filename;
+      if (isWorkspaceRoot) {
+        const arb = new shadowNpmInject.Arborist({
+          path: pkgEnvDetails.pkgPath,
+          ...flatConfig
+        });
+        const idealTree = await arb.buildIdealTree();
+        const node = shadowNpmInject.findPackageNode(idealTree, packument.name, oldVersion);
+        if (node) {
+          shadowNpmInject.updateNode(node, newVersion, packument.versions[newVersion]);
+          await arb.reify();
+        }
       }
     },
     async revertInstall(editablePkgJson) {
@@ -14305,5 +14310,5 @@ void (async () => {
     await utils.captureException(e);
   }
 })();
-//# debugId=61ea85e2-e40e-4ae7-ba74-ed9c4d21ffab
+//# debugId=54a399b0-5fc6-4a0b-ac22-11952f37b9d5
 //# sourceMappingURL=cli.js.map