@socketsecurity/cli-with-sentry 1.0.56 → 1.0.58

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (17) hide show
  1. package/dist/cli.js +59 -26
  2. package/dist/cli.js.map +1 -1
  3. package/dist/constants.js +3 -3
  4. package/dist/constants.js.map +1 -1
  5. package/dist/types/commands/fix/npm-fix.d.mts.map +1 -1
  6. package/dist/types/commands/fix/pnpm-fix.d.mts.map +1 -1
  7. package/dist/types/commands/fix/pull-request.d.mts +1 -1
  8. package/dist/types/commands/fix/pull-request.d.mts.map +1 -1
  9. package/dist/types/commands/scan/cmd-scan-create.d.mts.map +1 -1
  10. package/dist/types/commands/scan/suggest_target.d.mts +1 -1
  11. package/dist/types/commands/scan/suggest_target.d.mts.map +1 -1
  12. package/dist/types/utils/git.d.mts +2 -2
  13. package/dist/types/utils/git.d.mts.map +1 -1
  14. package/dist/utils.js +94 -21
  15. package/dist/utils.js.map +1 -1
  16. package/external/@socketsecurity/registry/lib/spawn.js +20 -3
  17. package/package.json +8 -8
package/dist/cli.js CHANGED
@@ -1205,7 +1205,7 @@ function createLeaf(art, alert, policyAction) {
1205
1205
  type: alert.type,
1206
1206
  policy: policyAction,
1207
1207
  url: utils.getSocketDevPackageOverviewUrlFromPurl(art),
1208
- manifest: art.manifestFiles?.map(obj => obj.file) ?? []
1208
+ manifest: art.manifestFiles?.map(o => o.file) ?? []
1209
1209
  };
1210
1210
  return leaf;
1211
1211
  }
@@ -3457,22 +3457,26 @@ async function openPr(owner, repo, branch, purl, newVersion, options) {
3457
3457
  return null;
3458
3458
  }
3459
3459
  async function setGitRemoteGithubRepoUrl(owner, repo, token, cwd = process.cwd()) {
3460
- const stdioIgnoreOptions = {
3461
- cwd,
3462
- stdio: debug.isDebug('stdio') ? 'inherit' : 'ignore'
3463
- };
3464
3460
  const {
3465
3461
  host
3466
3462
  } = new URL(constants.ENV.GITHUB_SERVER_URL);
3467
3463
  const url = `https://x-access-token:${token}@${host}/${owner}/${repo}`;
3464
+ const stdioIgnoreOptions = {
3465
+ cwd,
3466
+ stdio: debug.isDebug('stdio') ? 'inherit' : 'ignore'
3467
+ };
3468
+ const quotedCmd = `\`git remote set-url origin ${url}\``;
3469
+ debug.debugFn('stdio', `spawn: ${quotedCmd}`);
3468
3470
  try {
3469
3471
  await spawn.spawn('git', ['remote', 'set-url', 'origin', url], stdioIgnoreOptions);
3472
+ return true;
3470
3473
  } catch (e) {
3471
- debug.debugFn('error', 'caught: unexpected error');
3474
+ debug.debugFn('error', `caught: ${quotedCmd} failed`);
3472
3475
  debug.debugDir('inspect', {
3473
3476
  error: e
3474
3477
  });
3475
3478
  }
3479
+ return false;
3476
3480
  }
3477
3481
 
3478
3482
  function ciRepoInfo() {
@@ -4105,21 +4109,37 @@ function getFixAlertsMapOptions(options = {}) {
4105
4109
 
4106
4110
  async function install$1(pkgEnvDetails, options) {
4107
4111
  const {
4108
- args,
4112
+ args: extraArgs,
4109
4113
  cwd,
4110
4114
  spinner
4111
4115
  } = {
4112
4116
  __proto__: null,
4113
4117
  ...options
4114
4118
  };
4119
+ const args = ['--ignore-scripts', '--no-audit', '--no-fund', '--no-progress', '--no-save', '--silent', ...(extraArgs ?? [])];
4120
+ const quotedCmd = `\`${pkgEnvDetails.agent} install ${args.join(' ')}\``;
4121
+ debug.debugFn('stdio', `spawn: ${quotedCmd}`);
4115
4122
  try {
4116
4123
  await utils.runAgentInstall(pkgEnvDetails, {
4117
- args: ['--ignore-scripts', '--no-audit', '--no-fund', '--no-progress', '--no-save', '--silent', ...(args ?? [])],
4124
+ args,
4118
4125
  spinner,
4119
4126
  stdio: debug.isDebug('stdio') ? 'inherit' : 'ignore'
4120
4127
  });
4128
+ } catch (e) {
4129
+ debug.debugFn('error', `caught: ${quotedCmd} failed`);
4130
+ debug.debugDir('inspect', {
4131
+ error: e
4132
+ });
4133
+ return null;
4134
+ }
4135
+ try {
4121
4136
  return await getActualTree(cwd);
4122
- } catch {}
4137
+ } catch (e) {
4138
+ debug.debugFn('error', 'caught: Arborist error');
4139
+ debug.debugDir('inspect', {
4140
+ error: e
4141
+ });
4142
+ }
4123
4143
  return null;
4124
4144
  }
4125
4145
  async function npmFix(pkgEnvDetails, fixConfig) {
@@ -4226,27 +4246,43 @@ const {
4226
4246
  } = constants;
4227
4247
  async function install(pkgEnvDetails, options) {
4228
4248
  const {
4229
- args,
4249
+ args: extraArgs,
4230
4250
  cwd,
4231
4251
  spinner
4232
4252
  } = {
4233
4253
  __proto__: null,
4234
4254
  ...options
4235
4255
  };
4256
+ const args = [
4257
+ // Enable pnpm updates to pnpm-lock.yaml in CI environments.
4258
+ // https://pnpm.io/cli/install#--frozen-lockfile
4259
+ '--no-frozen-lockfile',
4260
+ // Enable a non-interactive pnpm install
4261
+ // https://github.com/pnpm/pnpm/issues/6778
4262
+ '--config.confirmModulesPurge=false', ...(extraArgs ?? [])];
4263
+ const quotedCmd = `\`${pkgEnvDetails.agent} install ${args.join(' ')}\``;
4264
+ debug.debugFn('stdio', `spawn: ${quotedCmd}`);
4236
4265
  try {
4237
4266
  await utils.runAgentInstall(pkgEnvDetails, {
4238
- args: [
4239
- // Enable pnpm updates to pnpm-lock.yaml in CI environments.
4240
- // https://pnpm.io/cli/install#--frozen-lockfile
4241
- '--no-frozen-lockfile',
4242
- // Enable a non-interactive pnpm install
4243
- // https://github.com/pnpm/pnpm/issues/6778
4244
- '--config.confirmModulesPurge=false', ...(args ?? [])],
4267
+ args,
4245
4268
  spinner,
4246
4269
  stdio: debug.isDebug('stdio') ? 'inherit' : 'ignore'
4247
4270
  });
4271
+ } catch (e) {
4272
+ debug.debugFn('error', `caught: ${quotedCmd} failed`);
4273
+ debug.debugDir('inspect', {
4274
+ error: e
4275
+ });
4276
+ return null;
4277
+ }
4278
+ try {
4248
4279
  return await getActualTree(cwd);
4249
- } catch {}
4280
+ } catch (e) {
4281
+ debug.debugFn('error', 'caught: Arborist error');
4282
+ debug.debugDir('inspect', {
4283
+ error: e
4284
+ });
4285
+ }
4250
4286
  return null;
4251
4287
  }
4252
4288
  async function pnpmFix(pkgEnvDetails, fixConfig) {
@@ -6295,8 +6331,8 @@ async function setupManifestConfig(cwd, defaultOnReadError = false) {
6295
6331
  logger.logger.log(' CLI commands. You can still override them by explicitly');
6296
6332
  logger.logger.log(' setting the flag. It is meant to be a convenience tool.');
6297
6333
  logger.logger.log('');
6298
- logger.logger.log('This command will generate a `socket.json` file in the target cwd.');
6299
- logger.logger.log('You can choose to add this file to your repo (handy for collab)');
6334
+ logger.logger.log('This command will generate a socket.json file in the target cwd.');
6335
+ logger.logger.log('You can choose to add this file to your repo (handy for collaboration)');
6300
6336
  logger.logger.log('or to add it to the ignored files, or neither. This file is only');
6301
6337
  logger.logger.log('used in CLI workflows.');
6302
6338
  logger.logger.log('');
@@ -10245,9 +10281,7 @@ async function suggestTarget() {
10245
10281
  description: 'Do not use the current directory (this will end in a no-op)'
10246
10282
  }]
10247
10283
  });
10248
- if (proceed) {
10249
- return ['.'];
10250
- }
10284
+ return proceed ? ['.'] : [];
10251
10285
  }
10252
10286
 
10253
10287
  const {
@@ -10475,8 +10509,7 @@ async function run$c(argv, importMeta, {
10475
10509
  // the command without requiring user input, as a suggestion.
10476
10510
  let updatedInput = false;
10477
10511
  if (!targets.length && !dryRun && interactive) {
10478
- const received = await suggestTarget();
10479
- targets = received ?? [];
10512
+ targets = await suggestTarget();
10480
10513
  updatedInput = true;
10481
10514
  }
10482
10515
 
@@ -14158,5 +14191,5 @@ void (async () => {
14158
14191
  await utils.captureException(e);
14159
14192
  }
14160
14193
  })();
14161
- //# debugId=4fadc2fa-389d-44dd-820e-1cd78bae1dd6
14194
+ //# debugId=1ea5a8dd-5995-4b46-91ba-648181473483
14162
14195
  //# sourceMappingURL=cli.js.map