@socketsecurity/cli-with-sentry 1.0.57 → 1.0.59
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/cli.js +83 -31
- package/dist/cli.js.map +1 -1
- package/dist/constants.js +4 -4
- package/dist/constants.js.map +1 -1
- package/dist/types/commands/fix/agent-fix.d.mts.map +1 -1
- package/dist/types/commands/fix/npm-fix.d.mts.map +1 -1
- package/dist/types/commands/fix/pnpm-fix.d.mts.map +1 -1
- package/dist/types/commands/fix/pull-request.d.mts +1 -1
- package/dist/types/commands/fix/pull-request.d.mts.map +1 -1
- package/dist/types/commands/scan/cmd-scan-create.d.mts.map +1 -1
- package/dist/types/commands/scan/suggest_target.d.mts +1 -1
- package/dist/types/commands/scan/suggest_target.d.mts.map +1 -1
- package/dist/types/utils/git.d.mts +2 -2
- package/dist/types/utils/git.d.mts.map +1 -1
- package/dist/utils.js +92 -22
- package/dist/utils.js.map +1 -1
- package/dist/vendor.js +8 -8
- package/external/@socketsecurity/registry/lib/debug.js +37 -6
- package/external/@socketsecurity/registry/lib/spinner.js +19 -7
- package/package.json +8 -8
package/dist/cli.js
CHANGED
|
@@ -1205,7 +1205,7 @@ function createLeaf(art, alert, policyAction) {
|
|
|
1205
1205
|
type: alert.type,
|
|
1206
1206
|
policy: policyAction,
|
|
1207
1207
|
url: utils.getSocketDevPackageOverviewUrlFromPurl(art),
|
|
1208
|
-
manifest: art.manifestFiles?.map(
|
|
1208
|
+
manifest: art.manifestFiles?.map(o => o.file) ?? []
|
|
1209
1209
|
};
|
|
1210
1210
|
return leaf;
|
|
1211
1211
|
}
|
|
@@ -3457,22 +3457,26 @@ async function openPr(owner, repo, branch, purl, newVersion, options) {
|
|
|
3457
3457
|
return null;
|
|
3458
3458
|
}
|
|
3459
3459
|
async function setGitRemoteGithubRepoUrl(owner, repo, token, cwd = process.cwd()) {
|
|
3460
|
-
const stdioIgnoreOptions = {
|
|
3461
|
-
cwd,
|
|
3462
|
-
stdio: debug.isDebug('stdio') ? 'inherit' : 'ignore'
|
|
3463
|
-
};
|
|
3464
3460
|
const {
|
|
3465
3461
|
host
|
|
3466
3462
|
} = new URL(constants.ENV.GITHUB_SERVER_URL);
|
|
3467
3463
|
const url = `https://x-access-token:${token}@${host}/${owner}/${repo}`;
|
|
3464
|
+
const stdioIgnoreOptions = {
|
|
3465
|
+
cwd,
|
|
3466
|
+
stdio: debug.isDebug('stdio') ? 'inherit' : 'ignore'
|
|
3467
|
+
};
|
|
3468
|
+
const quotedCmd = `\`git remote set-url origin ${url}\``;
|
|
3469
|
+
debug.debugFn('stdio', `spawn: ${quotedCmd}`);
|
|
3468
3470
|
try {
|
|
3469
3471
|
await spawn.spawn('git', ['remote', 'set-url', 'origin', url], stdioIgnoreOptions);
|
|
3472
|
+
return true;
|
|
3470
3473
|
} catch (e) {
|
|
3471
|
-
debug.debugFn('error',
|
|
3474
|
+
debug.debugFn('error', `caught: ${quotedCmd} failed`);
|
|
3472
3475
|
debug.debugDir('inspect', {
|
|
3473
3476
|
error: e
|
|
3474
3477
|
});
|
|
3475
3478
|
}
|
|
3479
|
+
return false;
|
|
3476
3480
|
}
|
|
3477
3481
|
|
|
3478
3482
|
function ciRepoInfo() {
|
|
@@ -3712,6 +3716,7 @@ async function agentFix(pkgEnvDetails, actualTree, alertsMap, installer, {
|
|
|
3712
3716
|
};
|
|
3713
3717
|
const handleInstallFail = () => {
|
|
3714
3718
|
cleanupInfoEntriesLoop();
|
|
3719
|
+
spinner?.stop();
|
|
3715
3720
|
return {
|
|
3716
3721
|
ok: false,
|
|
3717
3722
|
message: 'Install failed',
|
|
@@ -4105,22 +4110,47 @@ function getFixAlertsMapOptions(options = {}) {
|
|
|
4105
4110
|
|
|
4106
4111
|
async function install$1(pkgEnvDetails, options) {
|
|
4107
4112
|
const {
|
|
4108
|
-
args,
|
|
4113
|
+
args: extraArgs,
|
|
4109
4114
|
cwd,
|
|
4110
4115
|
spinner
|
|
4111
4116
|
} = {
|
|
4112
4117
|
__proto__: null,
|
|
4113
4118
|
...options
|
|
4114
4119
|
};
|
|
4120
|
+
const args = ['--ignore-scripts', '--no-audit', '--no-fund', '--no-progress', '--no-save', '--silent', ...(extraArgs ?? [])];
|
|
4121
|
+
const quotedCmd = `\`${pkgEnvDetails.agent} install ${args.join(' ')}\``;
|
|
4122
|
+
debug.debugFn('stdio', `spawn: ${quotedCmd}`);
|
|
4123
|
+
const isSpinning = spinner?.isSpinning;
|
|
4124
|
+
spinner?.stop();
|
|
4125
|
+
let errored = false;
|
|
4115
4126
|
try {
|
|
4116
4127
|
await utils.runAgentInstall(pkgEnvDetails, {
|
|
4117
|
-
args
|
|
4128
|
+
args,
|
|
4118
4129
|
spinner,
|
|
4119
4130
|
stdio: debug.isDebug('stdio') ? 'inherit' : 'ignore'
|
|
4120
4131
|
});
|
|
4121
|
-
|
|
4122
|
-
|
|
4123
|
-
|
|
4132
|
+
} catch (e) {
|
|
4133
|
+
debug.debugFn('error', `caught: ${quotedCmd} failed`);
|
|
4134
|
+
debug.debugDir('inspect', {
|
|
4135
|
+
error: e
|
|
4136
|
+
});
|
|
4137
|
+
errored = true;
|
|
4138
|
+
}
|
|
4139
|
+
let actualTree = null;
|
|
4140
|
+
if (!errored) {
|
|
4141
|
+
try {
|
|
4142
|
+
actualTree = await getActualTree(cwd);
|
|
4143
|
+
} catch (e) {
|
|
4144
|
+
debug.debugFn('error', 'caught: Arborist error');
|
|
4145
|
+
debug.debugDir('inspect', {
|
|
4146
|
+
error: e
|
|
4147
|
+
});
|
|
4148
|
+
}
|
|
4149
|
+
}
|
|
4150
|
+
if (isSpinning) {
|
|
4151
|
+
spinner.start();
|
|
4152
|
+
}
|
|
4153
|
+
return actualTree;
|
|
4124
4154
|
}
|
|
4125
4155
|
async function npmFix(pkgEnvDetails, fixConfig) {
|
|
4126
4156
|
const {
|
|
@@ -4226,28 +4256,53 @@ const {
|
|
|
4226
4256
|
} = constants;
|
|
4227
4257
|
async function install(pkgEnvDetails, options) {
|
|
4228
4258
|
const {
|
|
4229
|
-
args,
|
|
4259
|
+
args: extraArgs,
|
|
4230
4260
|
cwd,
|
|
4231
4261
|
spinner
|
|
4232
4262
|
} = {
|
|
4233
4263
|
__proto__: null,
|
|
4234
4264
|
...options
|
|
4235
4265
|
};
|
|
4266
|
+
const args = [
|
|
4267
|
+
// Enable pnpm updates to pnpm-lock.yaml in CI environments.
|
|
4268
|
+
// https://pnpm.io/cli/install#--frozen-lockfile
|
|
4269
|
+
'--no-frozen-lockfile',
|
|
4270
|
+
// Enable a non-interactive pnpm install
|
|
4271
|
+
// https://github.com/pnpm/pnpm/issues/6778
|
|
4272
|
+
'--config.confirmModulesPurge=false', ...(extraArgs ?? [])];
|
|
4273
|
+
const quotedCmd = `\`${pkgEnvDetails.agent} install ${args.join(' ')}\``;
|
|
4274
|
+
debug.debugFn('stdio', `spawn: ${quotedCmd}`);
|
|
4275
|
+
const isSpinning = spinner?.isSpinning;
|
|
4276
|
+
spinner?.stop();
|
|
4277
|
+
let errored = false;
|
|
4236
4278
|
try {
|
|
4237
4279
|
await utils.runAgentInstall(pkgEnvDetails, {
|
|
4238
|
-
args
|
|
4239
|
-
// Enable pnpm updates to pnpm-lock.yaml in CI environments.
|
|
4240
|
-
// https://pnpm.io/cli/install#--frozen-lockfile
|
|
4241
|
-
'--no-frozen-lockfile',
|
|
4242
|
-
// Enable a non-interactive pnpm install
|
|
4243
|
-
// https://github.com/pnpm/pnpm/issues/6778
|
|
4244
|
-
'--config.confirmModulesPurge=false', ...(args ?? [])],
|
|
4280
|
+
args,
|
|
4245
4281
|
spinner,
|
|
4246
4282
|
stdio: debug.isDebug('stdio') ? 'inherit' : 'ignore'
|
|
4247
4283
|
});
|
|
4248
|
-
|
|
4249
|
-
|
|
4250
|
-
|
|
4284
|
+
} catch (e) {
|
|
4285
|
+
debug.debugFn('error', `caught: ${quotedCmd} failed`);
|
|
4286
|
+
debug.debugDir('inspect', {
|
|
4287
|
+
error: e
|
|
4288
|
+
});
|
|
4289
|
+
errored = true;
|
|
4290
|
+
}
|
|
4291
|
+
let actualTree = null;
|
|
4292
|
+
if (!errored) {
|
|
4293
|
+
try {
|
|
4294
|
+
actualTree = await getActualTree(cwd);
|
|
4295
|
+
} catch (e) {
|
|
4296
|
+
debug.debugFn('error', 'caught: Arborist error');
|
|
4297
|
+
debug.debugDir('inspect', {
|
|
4298
|
+
error: e
|
|
4299
|
+
});
|
|
4300
|
+
}
|
|
4301
|
+
}
|
|
4302
|
+
if (isSpinning) {
|
|
4303
|
+
spinner.start();
|
|
4304
|
+
}
|
|
4305
|
+
return actualTree;
|
|
4251
4306
|
}
|
|
4252
4307
|
async function pnpmFix(pkgEnvDetails, fixConfig) {
|
|
4253
4308
|
const {
|
|
@@ -6295,8 +6350,8 @@ async function setupManifestConfig(cwd, defaultOnReadError = false) {
|
|
|
6295
6350
|
logger.logger.log(' CLI commands. You can still override them by explicitly');
|
|
6296
6351
|
logger.logger.log(' setting the flag. It is meant to be a convenience tool.');
|
|
6297
6352
|
logger.logger.log('');
|
|
6298
|
-
logger.logger.log('This command will generate a
|
|
6299
|
-
logger.logger.log('You can choose to add this file to your repo (handy for
|
|
6353
|
+
logger.logger.log('This command will generate a socket.json file in the target cwd.');
|
|
6354
|
+
logger.logger.log('You can choose to add this file to your repo (handy for collaboration)');
|
|
6300
6355
|
logger.logger.log('or to add it to the ignored files, or neither. This file is only');
|
|
6301
6356
|
logger.logger.log('used in CLI workflows.');
|
|
6302
6357
|
logger.logger.log('');
|
|
@@ -7484,7 +7539,7 @@ async function updateLockfile(pkgEnvDetails, options) {
|
|
|
7484
7539
|
__proto__: null,
|
|
7485
7540
|
...options
|
|
7486
7541
|
};
|
|
7487
|
-
const isSpinning = !!spinner?.
|
|
7542
|
+
const isSpinning = !!spinner?.isSpinning;
|
|
7488
7543
|
if (!isSpinning) {
|
|
7489
7544
|
spinner?.start();
|
|
7490
7545
|
}
|
|
@@ -10245,9 +10300,7 @@ async function suggestTarget() {
|
|
|
10245
10300
|
description: 'Do not use the current directory (this will end in a no-op)'
|
|
10246
10301
|
}]
|
|
10247
10302
|
});
|
|
10248
|
-
|
|
10249
|
-
return ['.'];
|
|
10250
|
-
}
|
|
10303
|
+
return proceed ? ['.'] : [];
|
|
10251
10304
|
}
|
|
10252
10305
|
|
|
10253
10306
|
const {
|
|
@@ -10475,8 +10528,7 @@ async function run$c(argv, importMeta, {
|
|
|
10475
10528
|
// the command without requiring user input, as a suggestion.
|
|
10476
10529
|
let updatedInput = false;
|
|
10477
10530
|
if (!targets.length && !dryRun && interactive) {
|
|
10478
|
-
|
|
10479
|
-
targets = received ?? [];
|
|
10531
|
+
targets = await suggestTarget();
|
|
10480
10532
|
updatedInput = true;
|
|
10481
10533
|
}
|
|
10482
10534
|
|
|
@@ -14158,5 +14210,5 @@ void (async () => {
|
|
|
14158
14210
|
await utils.captureException(e);
|
|
14159
14211
|
}
|
|
14160
14212
|
})();
|
|
14161
|
-
//# debugId=
|
|
14213
|
+
//# debugId=b9685bcd-e040-4012-90f5-54b3bfba5ba0
|
|
14162
14214
|
//# sourceMappingURL=cli.js.map
|