@socketsecurity/cli-with-sentry 1.0.82 → 1.0.83

package/dist/cli.js

@@ -446,7 +446,7 @@ async function run$P(argv, importMeta, {
     test: hasApiToken,
     message: 'You need to be logged in to use this command. See `socket login`.',
     pass: 'ok',
-    fail: 'missing API token'
+    fail: 'missing Socket API token'
   });
   if (!wasValidInput) {
     return;
@@ -860,7 +860,7 @@ async function run$O(argv, importMeta, {
     test: hasApiToken,
     message: 'You need to be logged in to use this command. See `socket login`.',
     pass: 'ok',
-    fail: 'missing API token'
+    fail: 'missing Socket API token'
   }, {
     nook: true,
     test: !json || !markdown,
@@ -1033,8 +1033,8 @@ async function fetchScanData(orgSlug, scanId, options) {
     updateScan('received invalid JSON response');
     return {
       ok: false,
-      message: 'Invalid API response',
-      cause: 'The API responded with at least one line that was not valid JSON. Please report if this persists.'
+      message: 'Invalid Socket API response',
+      cause: 'The Socket API responded with at least one line that was not valid JSON. Please report if this persists.'
     };
   }
   async function fetchSecurityPolicy() {
@@ -1044,18 +1044,18 @@ async function fetchScanData(orgSlug, scanId, options) {
   }
   updateProgress();
   const [scan, securityPolicy] = await Promise.all([fetchScanResult().catch(e => {
-    updateScan('failure; unknown blocking problem occurred');
+    updateScan('failure; unknown blocking error occurred');
     return {
       ok: false,
-      message: 'Unexpected API problem',
-      cause: `We encountered an unexpected problem while requesting the Scan from the API: ${e?.message || '(no error message found)'}${e?.cause ? ` (cause: ${e.cause})` : ''}`
+      message: 'Unexpected Socket API error',
+      cause: `We encountered an unexpected error while requesting the Scan from the API: ${e?.message || '(no error message found)'}${e?.cause ? ` (cause: ${e.cause})` : ''}`
     };
   }), fetchSecurityPolicy().catch(e => {
-    updatePolicy('failure; unknown blocking problem occurred');
+    updatePolicy('failure; unknown blocking error occurred');
     return {
       ok: false,
-      message: 'Unexpected API problem',
-      cause: `We encountered an unexpected problem while requesting the policy from the API: ${e?.message || '(no error message found)'}${e?.cause ? ` (cause: ${e.cause})` : ''}`
+      message: 'Unexpected Socket API error',
+      cause: `We encountered an unexpected error while requesting the policy from the Socket API: ${e?.message || '(no error message found)'}${e?.cause ? ` (cause: ${e.cause})` : ''}`
     };
   })]).finally(() => {
     finishedFetching = true;
@@ -2156,7 +2156,7 @@ const config$K = {
     accept or reject a current build. When the scan does not pass your security
     policy, the exit code will be non-zero.
 
-    It will use the default org for the set API token.
+    It will use the default org for the Socket API token.
 
     The --autoManifest flag does the same as the one from \`socket scan create\`
     but is not enabled by default since the CI is less likely to be set up with
@@ -3802,13 +3802,13 @@ async function agentFix(pkgEnvDetails, actualTree, alertsMap, installer, {
       return basename === 'package.json' || basename === pkgEnvDetails.lockName;
     }) : [];
   };
-  const handleInstallFail = () => {
+  const handleInstallFail = error => {
     cleanupInfoEntriesLoop();
     spinner?.stop();
     return {
       ok: false,
       message: 'Install failed',
-      cause: `Unexpected condition: ${pkgEnvDetails.agent} install failed`
+      cause: `${pkgEnvDetails.agent} install failed${error ? `; ${error}` : ''}`
     };
   };
   const hasModifiedFiles = async (cwd = process.cwd()) => {
@@ -3863,21 +3863,26 @@ async function agentFix(pkgEnvDetails, actualTree, alertsMap, installer, {
           // eslint-disable-next-line no-await-in-loop
           await utils.removeNodeModules(cwd);
         }
-        const maybeActualTree = fixEnv.isCi && fs$1.existsSync(path.join(rootPath, 'node_modules')) ?
-        // eslint-disable-next-line no-await-in-loop
-        await getActualTree(cwd) :
-        // eslint-disable-next-line no-await-in-loop
-        await installer(pkgEnvDetails, {
-          cwd,
-          spinner
-        });
-        if (maybeActualTree && fs$1.existsSync(pkgEnvDetails.lockPath)) {
+        if (fixEnv.isCi && fs$1.existsSync(path.join(rootPath, 'node_modules'))) {
+          // eslint-disable-next-line no-await-in-loop
+          actualTree = await getActualTree(cwd);
+        } else {
+          // eslint-disable-next-line no-await-in-loop
+          const installResult = await installer(pkgEnvDetails, {
+            cwd,
+            spinner
+          });
+          const maybeActualTree = installResult.actualTree;
+          if (!maybeActualTree) {
+            // Exit early if install fails.
+            return handleInstallFail(installResult.error);
+          }
           actualTree = maybeActualTree;
         }
-      }
-      if (!actualTree) {
-        // Exit early if install fails.
-        return handleInstallFail();
+        if (!fs$1.existsSync(pkgEnvDetails.lockPath)) {
+          // Exit early if lockfile is missing.
+          return handleInstallFail(new Error(`Missing lockfile at ${pkgEnvDetails.lockPath}`));
+        }
       }
       const oldVersions = arrays.arrayUnique(shadowNpmInject.findPackageNodes(actualTree, name).map(n => n.version).filter(Boolean));
       if (!oldVersions.length) {
@@ -3994,11 +3999,18 @@ async function agentFix(pkgEnvDetails, actualTree, alertsMap, installer, {
           let errored = false;
           try {
             // eslint-disable-next-line no-await-in-loop
-            const maybeActualTree = await installer(pkgEnvDetails, {
+            const installResult = await installer(pkgEnvDetails, {
               cwd,
               spinner
             });
-            if (maybeActualTree && fs$1.existsSync(pkgEnvDetails.lockPath)) {
+            const maybeActualTree = installResult.actualTree;
+            if (!maybeActualTree) {
+              errored = true;
+              error = installResult.error;
+            } else if (!fs$1.existsSync(pkgEnvDetails.lockPath)) {
+              errored = true;
+              error = new Error(`Missing lockfile at ${pkgEnvDetails.lockPath}`);
+            } else {
               actualTree = maybeActualTree;
               // eslint-disable-next-line no-await-in-loop
               await afterInstall(editablePkgJson, packument, oldVersion, newVersion, vulnerableVersionRange, fixConfig);
@@ -4012,8 +4024,6 @@ async function agentFix(pkgEnvDetails, actualTree, alertsMap, installer, {
               }
               spinner?.success(`Fixed ${name} in ${workspace}.`);
               seenVersions.add(newVersion);
-            } else {
-              errored = true;
             }
           } catch (e) {
             error = e;
@@ -4049,16 +4059,21 @@ async function agentFix(pkgEnvDetails, actualTree, alertsMap, installer, {
                 // eslint-disable-next-line no-await-in-loop
                 await utils.gitDeleteBranch(branch, cwd);
                 // eslint-disable-next-line no-await-in-loop
-                const maybeActualTree = await installer(pkgEnvDetails, {
+                const installResult = await installer(pkgEnvDetails, {
                   cwd,
                   spinner
                 });
-                if (maybeActualTree && fs$1.existsSync(pkgEnvDetails.lockPath)) {
-                  actualTree = maybeActualTree;
-                  continue infosLoop;
+                const maybeActualTree = installResult.actualTree;
+                if (!maybeActualTree) {
+                  // Exit early if install fails.
+                  return handleInstallFail(installResult.error);
                 }
-                // Exit early if install fails.
-                return handleInstallFail();
+                if (!fs$1.existsSync(pkgEnvDetails.lockPath)) {
+                  // Exit early if lockfile is missing.
+                  return handleInstallFail(new Error(`Missing lockfile at ${pkgEnvDetails.lockPath}`));
+                }
+                actualTree = maybeActualTree;
+                continue infosLoop;
               }
               seenBranches.add(branch);
 
@@ -4112,15 +4127,17 @@ async function agentFix(pkgEnvDetails, actualTree, alertsMap, installer, {
             // eslint-disable-next-line no-await-in-loop
             await utils.gitCheckoutBranch(fixEnv.baseBranch, cwd);
             // eslint-disable-next-line no-await-in-loop
-            const maybeActualTree = await installer(pkgEnvDetails, {
+            const installResult = await installer(pkgEnvDetails, {
               cwd,
               spinner
             });
             spinner?.stop();
+            const maybeActualTree = installResult.actualTree;
             if (maybeActualTree) {
               actualTree = maybeActualTree;
             } else {
               errored = true;
+              error = installResult.error;
             }
           }
           if (errored) {
@@ -4133,17 +4150,17 @@ async function agentFix(pkgEnvDetails, actualTree, alertsMap, installer, {
                 ignoreWhitespace: true
               })]);
               // eslint-disable-next-line no-await-in-loop
-              const maybeActualTree = await installer(pkgEnvDetails, {
+              const installResult = await installer(pkgEnvDetails, {
                 cwd,
                 spinner
               });
               spinner?.stop();
-              if (maybeActualTree) {
-                actualTree = maybeActualTree;
-              } else {
+              const maybeActualTree = installResult.actualTree;
+              if (!maybeActualTree) {
                 // Exit early if install fails.
-                return handleInstallFail();
+                return handleInstallFail(installResult.error);
               }
+              actualTree = maybeActualTree;
             }
             return {
               ok: false,
@@ -4245,6 +4262,7 @@ async function install$1(pkgEnvDetails, options) {
   require$$6.debugFn('stdio', `spawn: ${quotedCmd}`);
   const isSpinning = spinner?.isSpinning;
   spinner?.stop();
+  let error;
   let errored = false;
   try {
     await utils.runAgentInstall(pkgEnvDetails, {
@@ -4253,27 +4271,37 @@ async function install$1(pkgEnvDetails, options) {
       stdio: useDebug ? 'inherit' : 'ignore'
     });
   } catch (e) {
+    errored = true;
+    error = e;
     require$$6.debugFn('error', `caught: ${quotedCmd} failed`);
     require$$6.debugDir('inspect', {
-      error: e
+      error
     });
-    errored = true;
   }
-  let actualTree = null;
+  let actualTree = undefined;
   if (!errored) {
     try {
       actualTree = await getActualTree(cwd);
     } catch (e) {
+      errored = true;
+      error = e;
       require$$6.debugFn('error', 'caught: Arborist error');
       require$$6.debugDir('inspect', {
-        error: e
+        error
       });
     }
   }
   if (isSpinning) {
     spinner.start();
   }
-  return actualTree;
+  return {
+    ...(actualTree ? {
+      actualTree
+    } : undefined),
+    ...(errored ? {
+      error
+    } : undefined)
+  };
 }
 async function npmFix(pkgEnvDetails, fixConfig) {
   const {
@@ -4411,6 +4439,7 @@ async function install(pkgEnvDetails, options) {
   require$$6.debugFn('stdio', `spawn: ${quotedCmd}`);
   const isSpinning = spinner?.isSpinning;
   spinner?.stop();
+  let error;
   let errored = false;
   try {
     await utils.runAgentInstall(pkgEnvDetails, {
@@ -4419,27 +4448,37 @@ async function install(pkgEnvDetails, options) {
       stdio: require$$6.isDebug('stdio') ? 'inherit' : 'ignore'
     });
   } catch (e) {
+    errored = true;
+    error = e;
     require$$6.debugFn('error', `caught: ${quotedCmd} failed`);
     require$$6.debugDir('inspect', {
-      error: e
+      error
     });
-    errored = true;
   }
-  let actualTree = null;
+  let actualTree = undefined;
   if (!errored) {
     try {
       actualTree = await getActualTree(cwd);
     } catch (e) {
+      errored = true;
+      error = e;
       require$$6.debugFn('error', 'caught: Arborist error');
       require$$6.debugDir('inspect', {
-        error: e
+        error
       });
     }
   }
   if (isSpinning) {
     spinner.start();
   }
-  return actualTree;
+  return {
+    ...(actualTree ? {
+      actualTree
+    } : undefined),
+    ...(errored ? {
+      error
+    } : undefined)
+  };
 }
 async function pnpmFix(pkgEnvDetails, fixConfig) {
   const {
@@ -4454,11 +4493,12 @@ async function pnpmFix(pkgEnvDetails, fixConfig) {
   // Update pnpm-lock.yaml if its version is older than what the installed pnpm
   // produces.
   if (pkgEnvDetails.agentVersion.major >= 10 && (utils.parsePnpmLockfileVersion(lockfile?.lockfileVersion)?.major ?? 0) <= 6) {
-    const maybeActualTree = await install(pkgEnvDetails, {
+    const installResult = await install(pkgEnvDetails, {
       args: ['--lockfile-only'],
       cwd,
       spinner
     });
+    const maybeActualTree = installResult.actualTree;
     if (maybeActualTree) {
       lockSrc = (await utils.readLockfile(pkgEnvDetails.lockPath)) ?? '';
     } else {
@@ -5152,7 +5192,7 @@ async function attemptLogin(apiBaseUrl, apiProxy) {
   apiBaseUrl ??= utils.getConfigValueOrUndef('apiBaseUrl') ?? undefined;
   apiProxy ??= utils.getConfigValueOrUndef('apiProxy') ?? undefined;
   const apiTokenInput = await prompts.password({
-    message: `Enter your ${vendor.terminalLinkExports('Socket.dev API key', 'https://docs.socket.dev/docs/api-keys')} (leave blank for a public key)`
+    message: `Enter your ${vendor.terminalLinkExports('Socket.dev API token', 'https://docs.socket.dev/docs/api-keys')} (leave blank for a public key)`
   });
   if (apiTokenInput === undefined) {
     logger.logger.fail('Canceled by user');
@@ -5186,7 +5226,7 @@ async function attemptLogin(apiBaseUrl, apiProxy) {
     organizations
   } = orgsCResult.data;
   const orgSlugs = Object.values(organizations).map(obj => obj.slug);
-  logger.logger.success(`API key verified: ${orgSlugs}`);
+  logger.logger.success(`API token verified: ${orgSlugs}`);
   const enforcedChoices = Object.values(organizations).filter(org => org?.plan === 'enterprise').map(org => ({
     name: org.name ?? 'undefined',
     value: org.id
@@ -5301,7 +5341,7 @@ const config$E = {
     API Token Requirements
       - Quota: 1 unit
 
-    Logs into the Socket API by prompting for an API key
+    Logs into the Socket API by prompting for an API token
 
     Options
       ${utils.getFlagListOutput(config.flags)}
@@ -8220,7 +8260,7 @@ async function run$q(argv, importMeta, {
     test: hasApiToken,
     message: 'You need to be logged in to use this command. See `socket login`.',
     pass: 'ok',
-    fail: 'missing API token'
+    fail: 'missing Socket API token'
   });
   if (!wasValidInput) {
     return;
@@ -8360,7 +8400,7 @@ async function run$p(argv, importMeta, {
     test: hasApiToken,
     message: 'You need to be logged in to use this command. See `socket login`.',
     pass: 'ok',
-    fail: 'missing API token'
+    fail: 'missing Socket API token'
   });
   if (!wasValidInput) {
     return;
@@ -8499,7 +8539,7 @@ async function run$o(argv, importMeta, {
     test: hasApiToken,
     message: 'You need to be logged in to use this command. See `socket login`.',
     pass: 'ok',
-    fail: 'missing API token'
+    fail: 'missing Socket API token'
   });
   if (!wasValidInput) {
     return;
@@ -8541,7 +8581,7 @@ async function outputOrganizationList(result, outputKind = 'text') {
           mw3 = Math.max(mw3, o.plan.length);
         }
         logger.logger.log('# Organizations\n');
-        logger.logger.log(`List of organizations associated with your API key, starting with: ${vendor.yoctocolorsCjsExports.italic(visibleTokenPrefix)}\n`);
+        logger.logger.log(`List of organizations associated with your API token, starting with: ${vendor.yoctocolorsCjsExports.italic(visibleTokenPrefix)}\n`);
         logger.logger.log(`| Name${' '.repeat(mw1 - 4)} | ID${' '.repeat(mw2 - 2)} | Plan${' '.repeat(mw3 - 4)} |`);
         logger.logger.log(`| ${'-'.repeat(mw1)} | ${'-'.repeat(mw2)} | ${'-'.repeat(mw3)} |`);
         for (const o of organizations) {
@@ -8552,7 +8592,7 @@ async function outputOrganizationList(result, outputKind = 'text') {
       }
     default:
       {
-        logger.logger.log(`List of organizations associated with your API key, starting with: ${vendor.yoctocolorsCjsExports.italic(visibleTokenPrefix)}\n`);
+        logger.logger.log(`List of organizations associated with your API token, starting with: ${vendor.yoctocolorsCjsExports.italic(visibleTokenPrefix)}\n`);
         // Just dump
         for (const o of organizations) {
           logger.logger.log(`- Name: ${vendor.yoctocolorsCjsExports.bold(o.name ?? 'undefined')}, ID: ${vendor.yoctocolorsCjsExports.bold(o.id)}, Plan: ${vendor.yoctocolorsCjsExports.bold(o.plan)}`);
@@ -8571,7 +8611,7 @@ const {
 } = constants;
 const config$n = {
   commandName: 'list',
-  description: 'List organizations associated with the API key used',
+  description: 'List organizations associated with the Socket API token',
   hidden: false,
   flags: {
     ...flags.commonFlags,
@@ -8624,7 +8664,7 @@ async function run$n(argv, importMeta, {
     test: hasApiToken,
     message: 'You need to be logged in to use this command. See `socket login`.',
     pass: 'ok',
-    fail: 'missing API token'
+    fail: 'missing Socket API token'
   });
   if (!wasValidInput) {
     return;
@@ -8711,7 +8751,7 @@ const {
 } = constants;
 const config$m = {
   commandName: 'quota',
-  description: 'List organizations associated with the API key used',
+  description: 'List organizations associated with the Socket API token',
   hidden: true,
   flags: {
     ...flags.commonFlags,
@@ -8758,7 +8798,7 @@ async function run$m(argv, importMeta, {
     test: hasApiToken,
     message: 'You need to be logged in to use this command. See `socket login`.',
     pass: 'ok',
-    fail: 'missing API token'
+    fail: 'missing Socket API token'
   });
   if (!wasValidInput) {
     return;
@@ -9122,7 +9162,7 @@ async function run$l(argv, importMeta, {
     test: hasApiToken,
     message: 'You need to be logged in to use this command. See `socket login`.',
     pass: 'ok',
-    fail: 'missing API token'
+    fail: 'missing Socket API token'
   });
   if (!wasValidInput) {
     return;
@@ -9825,7 +9865,7 @@ async function run$h(argv, importMeta, {
     test: hasApiToken,
     message: 'You need to be logged in to use this command. See `socket login`.',
     pass: 'ok',
-    fail: 'missing API token'
+    fail: 'missing Socket API token'
   });
   if (!wasValidInput) {
     return;
@@ -9964,7 +10004,7 @@ async function run$g(argv, importMeta, {
     test: hasApiToken,
     message: 'You need to be logged in to use this command. See `socket login`.',
     pass: 'ok',
-    fail: 'missing API token'
+    fail: 'missing Socket API token'
   });
   if (!wasValidInput) {
     return;
@@ -10258,7 +10298,7 @@ async function run$f(argv, importMeta, {
     test: hasApiToken,
     message: 'You need to be logged in to use this command. See `socket login`.',
     pass: 'ok',
-    fail: 'missing API token'
+    fail: 'missing Socket API token'
   }, {
     nook: true,
     test: direction === 'asc' || direction === 'desc',
@@ -10461,7 +10501,7 @@ async function run$e(argv, importMeta, {
     test: hasApiToken,
     message: 'You need to be logged in to use this command. See `socket login`.',
     pass: 'ok',
-    fail: 'missing API token'
+    fail: 'missing Socket API token'
   });
   if (!wasValidInput) {
     return;
@@ -10632,7 +10672,7 @@ async function run$d(argv, importMeta, {
     test: hasApiToken,
     message: 'You need to be logged in to use this command. See `socket login`.',
     pass: 'ok',
-    fail: 'missing API token'
+    fail: 'missing Socket API token'
   });
   if (!wasValidInput) {
     return;
@@ -11125,7 +11165,7 @@ async function run$b(argv, importMeta, {
     test: hasApiToken,
     message: 'You need to be logged in to use this command. See `socket login`.',
     pass: 'ok',
-    fail: 'missing API token'
+    fail: 'missing Socket API token'
   });
   if (!wasValidInput) {
     return;
@@ -11440,7 +11480,7 @@ async function run$a(argv, importMeta, {
     test: hasApiToken,
     message: 'You need to be logged in to use this command. See `socket login`.',
     pass: 'ok',
-    fail: 'missing API token'
+    fail: 'missing Socket API token'
   });
   if (!wasValidInput) {
     return;
@@ -12282,7 +12322,7 @@ async function run$9(argv, importMeta, {
   }, {
     nook: true,
     test: hasSocketApiToken,
-    message: 'This command requires an API token for access',
+    message: 'This command requires an Socket API token for access',
     pass: 'ok',
     fail: 'missing (try `socket login`)'
   }, {
@@ -12556,7 +12596,7 @@ async function run$8(argv, importMeta, {
     test: hasApiToken,
     message: 'You need to be logged in to use this command. See `socket login`.',
     pass: 'ok',
-    fail: 'missing API token'
+    fail: 'missing Socket API token'
   }, {
     nook: true,
     test: !branchFlag || !branchArg,
@@ -12718,7 +12758,7 @@ async function run$7(argv, importMeta, {
     test: hasApiToken,
     message: 'You need to be logged in to use this command. See `socket login`.',
     pass: 'ok',
-    fail: 'missing API token'
+    fail: 'missing Socket API token'
   });
   if (!wasValidInput) {
     return;
@@ -12963,7 +13003,7 @@ async function run$5(argv, importMeta, {
     test: hasApiToken,
     message: 'You need to be logged in to use this command. See `socket login`.',
     pass: 'ok',
-    fail: 'missing API token'
+    fail: 'missing Socket API token'
   });
   if (!wasValidInput) {
     return;
@@ -13182,7 +13222,7 @@ async function configureScan(config, cwd = process.cwd()) {
   return notCanceled();
 }
 async function configureGithub(config) {
-  // Do not store the github API token. Just leads to a security rabbit hole.
+  // Do not store the GitHub API token. Just leads to a security rabbit hole.
 
   const all = await prompts.select({
     message: '(--all) Do you by default want to fetch all repos from the GitHub API and scan all known repos?',
@@ -13382,8 +13422,8 @@ async function fetchScan(orgSlug, scanId) {
   }
   return {
     ok: false,
-    message: 'Invalid API response',
-    cause: 'The API responded with at least one line that was not valid JSON. Please report if this persists.'
+    message: 'Invalid Socket API response',
+    cause: 'The Socket API responded with at least one line that was not valid JSON. Please report if this persists.'
   };
 }
 
@@ -13577,7 +13617,7 @@ async function run$3(argv, importMeta, {
     test: hasApiToken,
     message: 'You need to be logged in to use this command. See `socket login`.',
     pass: 'ok',
-    fail: 'missing API token'
+    fail: 'missing Socket API token'
   }, {
     nook: true,
     test: !stream || !!json,
@@ -14014,7 +14054,7 @@ async function run$2(argv, importMeta, {
     test: hasApiToken,
     message: 'You need to be logged in to use this command. See `socket login`.',
     pass: 'ok',
-    fail: 'missing API token'
+    fail: 'missing Socket API token'
   });
   if (!wasValidInput) {
     return;
@@ -14630,5 +14670,5 @@ void (async () => {
     await utils.captureException(e);
   }
 })();
-//# debugId=58ac1bfa-a01a-4cc9-829a-f7eefa14421f
+//# debugId=2badc2bc-a4d7-4304-94c6-958c975e9822
 //# sourceMappingURL=cli.js.map