@socketsecurity/cli-with-sentry 1.1.18 → 1.1.20

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (150) hide show
  1. package/CHANGELOG.md +9 -0
  2. package/bin/npm-cli.js +2 -2
  3. package/bin/npx-cli.js +2 -2
  4. package/bin/pnpm-cli.js +2 -2
  5. package/bin/yarn-cli.js +2 -2
  6. package/dist/cli.js +285 -117
  7. package/dist/cli.js.map +1 -1
  8. package/dist/constants.js +8 -3
  9. package/dist/constants.js.map +1 -1
  10. package/dist/flags.js +3 -2
  11. package/dist/flags.js.map +1 -1
  12. package/dist/npm-cli.js +3 -4
  13. package/dist/npm-cli.js.map +1 -1
  14. package/dist/npx-cli.js +3 -3
  15. package/dist/npx-cli.js.map +1 -1
  16. package/dist/pnpm-cli.js +3 -3
  17. package/dist/pnpm-cli.js.map +1 -1
  18. package/dist/shadow-npm-bin.js +3 -106
  19. package/dist/shadow-npm-bin.js.map +1 -1
  20. package/dist/shadow-npm-bin2.js +125 -0
  21. package/dist/shadow-npm-bin2.js.map +1 -0
  22. package/dist/shadow-npx-bin.js +12 -0
  23. package/dist/shadow-npx-bin.js.map +1 -0
  24. package/dist/shadow-pnpm-bin.js +3 -228
  25. package/dist/shadow-pnpm-bin.js.map +1 -1
  26. package/dist/shadow-pnpm-bin2.js +323 -0
  27. package/dist/shadow-pnpm-bin2.js.map +1 -0
  28. package/dist/shadow-yarn-bin.js +62 -150
  29. package/dist/shadow-yarn-bin.js.map +1 -1
  30. package/dist/tsconfig.dts.tsbuildinfo +1 -1
  31. package/dist/types/commands/analytics/cmd-analytics.d.mts.map +1 -1
  32. package/dist/types/commands/analytics/output-analytics.d.mts.map +1 -1
  33. package/dist/types/commands/audit-log/cmd-audit-log.d.mts.map +1 -1
  34. package/dist/types/commands/audit-log/output-audit-log.d.mts.map +1 -1
  35. package/dist/types/commands/ci/handle-ci.d.mts.map +1 -1
  36. package/dist/types/commands/config/cmd-config-auto.d.mts.map +1 -1
  37. package/dist/types/commands/config/cmd-config-get.d.mts.map +1 -1
  38. package/dist/types/commands/config/cmd-config-list.d.mts.map +1 -1
  39. package/dist/types/commands/config/cmd-config-set.d.mts.map +1 -1
  40. package/dist/types/commands/config/cmd-config-unset.d.mts.map +1 -1
  41. package/dist/types/commands/config/handle-config-set.d.mts.map +1 -1
  42. package/dist/types/commands/fix/cmd-fix.d.mts.map +1 -1
  43. package/dist/types/commands/fix/coana-fix.d.mts.map +1 -1
  44. package/dist/types/commands/fix/handle-fix.d.mts.map +1 -1
  45. package/dist/types/commands/fix/pull-request.d.mts.map +1 -1
  46. package/dist/types/commands/login/attempt-login.d.mts.map +1 -1
  47. package/dist/types/commands/manifest/cmd-manifest-conda.d.mts.map +1 -1
  48. package/dist/types/commands/npm/cmd-npm.d.mts.map +1 -1
  49. package/dist/types/commands/optimize/handle-optimize.d.mts.map +1 -1
  50. package/dist/types/commands/optimize/ls-by-agent.d.mts.map +1 -1
  51. package/dist/types/commands/organization/cmd-organization-dependencies.d.mts.map +1 -1
  52. package/dist/types/commands/organization/cmd-organization-list.d.mts.map +1 -1
  53. package/dist/types/commands/organization/handle-dependencies.d.mts.map +1 -1
  54. package/dist/types/commands/organization/handle-organization-list.d.mts.map +1 -1
  55. package/dist/types/commands/package/handle-purl-deep-score.d.mts.map +1 -1
  56. package/dist/types/commands/package/handle-purls-shallow-score.d.mts.map +1 -1
  57. package/dist/types/commands/pnpm/cmd-pnpm.d.mts.map +1 -1
  58. package/dist/types/commands/raw-npm/run-raw-npm.d.mts.map +1 -1
  59. package/dist/types/commands/raw-npx/run-raw-npx.d.mts.map +1 -1
  60. package/dist/types/commands/repository/cmd-repository-create.d.mts.map +1 -1
  61. package/dist/types/commands/repository/cmd-repository-del.d.mts.map +1 -1
  62. package/dist/types/commands/repository/cmd-repository-list.d.mts.map +1 -1
  63. package/dist/types/commands/repository/cmd-repository-update.d.mts.map +1 -1
  64. package/dist/types/commands/repository/cmd-repository-view.d.mts.map +1 -1
  65. package/dist/types/commands/repository/handle-create-repo.d.mts.map +1 -1
  66. package/dist/types/commands/scan/cmd-scan-create.d.mts.map +1 -1
  67. package/dist/types/commands/scan/cmd-scan-diff.d.mts.map +1 -1
  68. package/dist/types/commands/scan/cmd-scan-list.d.mts.map +1 -1
  69. package/dist/types/commands/scan/create-scan-from-github.d.mts.map +1 -1
  70. package/dist/types/commands/scan/fetch-report-data.d.mts.map +1 -1
  71. package/dist/types/commands/scan/handle-create-new-scan.d.mts.map +1 -1
  72. package/dist/types/commands/scan/output-diff-scan.d.mts.map +1 -1
  73. package/dist/types/commands/scan/output-scan-view.d.mts.map +1 -1
  74. package/dist/types/commands/threat-feed/cmd-threat-feed.d.mts.map +1 -1
  75. package/dist/types/commands/wrapper/postinstall-wrapper.d.mts.map +1 -1
  76. package/dist/types/commands/yarn/cmd-yarn.d.mts.map +1 -1
  77. package/dist/types/constants.d.mts +1 -0
  78. package/dist/types/constants.d.mts.map +1 -1
  79. package/dist/types/flags.d.mts.map +1 -1
  80. package/dist/types/shadow/common.d.mts +31 -0
  81. package/dist/types/shadow/common.d.mts.map +1 -0
  82. package/dist/types/shadow/npm/bin.d.mts +4 -10
  83. package/dist/types/shadow/npm/bin.d.mts.map +1 -1
  84. package/dist/types/shadow/npm-base.d.mts +11 -0
  85. package/dist/types/shadow/npm-base.d.mts.map +1 -0
  86. package/dist/types/shadow/npx/bin.d.mts +5 -0
  87. package/dist/types/shadow/npx/bin.d.mts.map +1 -0
  88. package/dist/types/shadow/pnpm/bin.d.mts +1 -1
  89. package/dist/types/shadow/pnpm/bin.d.mts.map +1 -1
  90. package/dist/types/shadow/stdio-ipc.d.mts +7 -0
  91. package/dist/types/shadow/stdio-ipc.d.mts.map +1 -0
  92. package/dist/types/shadow/yarn/bin.d.mts +1 -1
  93. package/dist/types/shadow/yarn/bin.d.mts.map +1 -1
  94. package/dist/types/utils/agent.d.mts.map +1 -1
  95. package/dist/types/utils/alerts-map.d.mts.map +1 -1
  96. package/dist/types/utils/api.d.mts.map +1 -1
  97. package/dist/types/utils/cmd.d.mts.map +1 -1
  98. package/dist/types/utils/coana.d.mts.map +1 -1
  99. package/dist/types/utils/color-or-markdown.d.mts.map +1 -1
  100. package/dist/types/utils/config.d.mts.map +1 -1
  101. package/dist/types/utils/cve-to-ghsa.d.mts.map +1 -1
  102. package/dist/types/utils/debug.d.mts +45 -0
  103. package/dist/types/utils/debug.d.mts.map +1 -0
  104. package/dist/types/utils/determine-org-slug.d.mts.map +1 -1
  105. package/dist/types/utils/dlx.d.mts +1 -1
  106. package/dist/types/utils/dlx.d.mts.map +1 -1
  107. package/dist/types/utils/ecosystem.d.mts.map +1 -1
  108. package/dist/types/utils/errors.d.mts +48 -0
  109. package/dist/types/utils/errors.d.mts.map +1 -1
  110. package/dist/types/utils/filter-config.d.mts.map +1 -1
  111. package/dist/types/utils/fs.d.mts.map +1 -1
  112. package/dist/types/utils/get-output-kind.d.mts.map +1 -1
  113. package/dist/types/utils/git.d.mts.map +1 -1
  114. package/dist/types/utils/github.d.mts.map +1 -1
  115. package/dist/types/utils/markdown.d.mts +17 -0
  116. package/dist/types/utils/markdown.d.mts.map +1 -1
  117. package/dist/types/utils/meow-with-subcommands.d.mts.map +1 -1
  118. package/dist/types/utils/npm-package-arg.d.mts +5 -1
  119. package/dist/types/utils/npm-package-arg.d.mts.map +1 -1
  120. package/dist/types/utils/npm-paths.d.mts.map +1 -1
  121. package/dist/types/utils/npm-spec.d.mts +57 -0
  122. package/dist/types/utils/npm-spec.d.mts.map +1 -0
  123. package/dist/types/utils/output-formatting.d.mts.map +1 -1
  124. package/dist/types/utils/package-environment.d.mts.map +1 -1
  125. package/dist/types/utils/pnpm-paths.d.mts.map +1 -1
  126. package/dist/types/utils/purl-to-ghsa.d.mts.map +1 -1
  127. package/dist/types/utils/purl.d.mts +24 -0
  128. package/dist/types/utils/purl.d.mts.map +1 -1
  129. package/dist/types/utils/requirements.d.mts.map +1 -1
  130. package/dist/types/utils/sdk.d.mts.map +1 -1
  131. package/dist/types/utils/serialize-result-json.d.mts.map +1 -1
  132. package/dist/types/utils/socket-json.d.mts.map +1 -1
  133. package/dist/types/utils/socket-package-alert.d.mts.map +1 -1
  134. package/dist/types/utils/socket-url.d.mts.map +1 -1
  135. package/dist/types/utils/strings.d.mts +12 -0
  136. package/dist/types/utils/strings.d.mts.map +1 -1
  137. package/dist/types/utils/terminal-link.d.mts +45 -0
  138. package/dist/types/utils/terminal-link.d.mts.map +1 -0
  139. package/dist/types/utils/tildify.d.mts +0 -2
  140. package/dist/types/utils/tildify.d.mts.map +1 -1
  141. package/dist/types/utils/yarn-paths.d.mts.map +1 -1
  142. package/dist/types/utils/yarn-version.d.mts.map +1 -1
  143. package/dist/utils.js +1393 -453
  144. package/dist/utils.js.map +1 -1
  145. package/dist/vendor.js +682 -682
  146. package/package.json +3 -3
  147. package/shadow-bin/npm +2 -2
  148. package/shadow-bin/npx +2 -2
  149. package/shadow-bin/pnpm +2 -2
  150. package/shadow-bin/yarn +2 -2
package/dist/constants.js CHANGED
@@ -188,6 +188,9 @@ function getNpmStdioPipeOptions() {
188
188
  if (_npmStdioPipeOptions === undefined) {
189
189
  _npmStdioPipeOptions = {
190
190
  cwd: process.cwd(),
191
+ // On Windows, npm is often a .cmd file that requires shell execution.
192
+ // The spawn function from @socketsecurity/registry will handle this properly
193
+ // when shell is true.
191
194
  shell: constants.WIN32
192
195
  };
193
196
  }
@@ -268,10 +271,10 @@ const LAZY_ENV = () => {
268
271
  INLINED_SOCKET_CLI_SYNP_VERSION: envAsString("1.9.14"),
269
272
  // Comp-time inlined Socket package version.
270
273
  // The '@rollup/plugin-replace' will replace "process.env['INLINED_SOCKET_CLI_VERSION']".
271
- INLINED_SOCKET_CLI_VERSION: envAsString("1.1.18"),
274
+ INLINED_SOCKET_CLI_VERSION: envAsString("1.1.20"),
272
275
  // Comp-time inlined Socket package version hash.
273
276
  // The '@rollup/plugin-replace' will replace "process.env['INLINED_SOCKET_CLI_VERSION_HASH']".
274
- INLINED_SOCKET_CLI_VERSION_HASH: envAsString("1.1.18:15bd86d:52f656be:pub"),
277
+ INLINED_SOCKET_CLI_VERSION_HASH: envAsString("1.1.20:092bf7f:324ffae9:pub"),
275
278
  // Enable the module compile cache for the Node.js instance.
276
279
  // https://nodejs.org/api/cli.html#node_compile_cachedir
277
280
  NODE_COMPILE_CACHE: constants.SUPPORTS_NODE_COMPILE_CACHE_ENV_VAR ? constants.socketCachePath : '',
@@ -441,6 +444,7 @@ const lazyRootPath = () => path.join(fs.realpathSync.native(__dirname$1), '..');
441
444
  const lazyShadowBinPath = () => path.join(constants.rootPath, 'shadow-npm-bin');
442
445
  const lazyShadowNpmBinPath = () => path.join(constants.distPath, 'shadow-npm-bin.js');
443
446
  const lazyShadowNpmInjectPath = () => path.join(constants.distPath, 'shadow-npm-inject.js');
447
+ const lazyShadowNpxBinPath = () => path.join(constants.distPath, 'shadow-npx-bin.js');
444
448
  const lazyShadowPnpmBinPath = () => path.join(constants.distPath, 'shadow-pnpm-bin.js');
445
449
  const lazyShadowYarnBinPath = () => path.join(constants.distPath, 'shadow-yarn-bin.js');
446
450
  const lazySocketAppDataPath = () => {
@@ -631,6 +635,7 @@ const constants = createConstantsObject({
631
635
  shadowBinPath: lazyShadowBinPath,
632
636
  shadowNpmBinPath: lazyShadowNpmBinPath,
633
637
  shadowNpmInjectPath: lazyShadowNpmInjectPath,
638
+ shadowNpxBinPath: lazyShadowNpxBinPath,
634
639
  shadowPnpmBinPath: lazyShadowPnpmBinPath,
635
640
  shadowYarnBinPath: lazyShadowYarnBinPath,
636
641
  socketAppDataPath: lazySocketAppDataPath,
@@ -812,5 +817,5 @@ exports.YARN_BERRY = YARN_BERRY;
812
817
  exports.YARN_CLASSIC = YARN_CLASSIC;
813
818
  exports.YARN_LOCK = YARN_LOCK;
814
819
  exports.default = constants;
815
- //# debugId=ef843527-bde5-47b7-a51f-b7df003bdf25
820
+ //# debugId=c1920328-8086-4fc1-a542-3b0b654e3cc8
816
821
  //# sourceMappingURL=constants.js.map
package/dist/constants.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"constants.js","sources":["../src/constants.mts"],"sourcesContent":["import { realpathSync } from 'node:fs'\nimport { createRequire } from 'node:module'\nimport os from 'node:os'\nimport path from 'node:path'\nimport { fileURLToPath } from 'node:url'\n\nimport registryConstants from '@socketsecurity/registry/lib/constants'\n\nimport type { Agent } from './utils/package-environment.mts'\nimport type { Remap } from '@socketsecurity/registry/lib/objects'\nimport type { SpawnOptions } from '@socketsecurity/registry/lib/spawn'\n\nconst require = createRequire(import.meta.url)\nconst __filename = fileURLToPath(import.meta.url)\n// Using `path.dirname(__filename)` to resolve `__dirname` works for both 'dist'\n// AND 'src' directories because constants.js and constants.mts respectively are\n// in the root of each.\nconst __dirname = path.dirname(__filename)\n\nconst {\n AT_LATEST,\n BIOME_JSON,\n BUN,\n CI,\n COLUMN_LIMIT,\n DOT_GIT_DIR,\n DOT_SOCKET_DIR,\n EMPTY_FILE,\n EMPTY_VALUE,\n ESLINT_CONFIG_JS,\n ESNEXT,\n EXT_CJS,\n EXT_CMD,\n EXT_CTS,\n EXT_DTS,\n EXT_JS,\n EXT_JSON,\n EXT_LOCK,\n EXT_LOCKB,\n EXT_MD,\n EXT_MJS,\n EXT_MTS,\n EXT_PS1,\n EXT_YAML,\n EXT_YML,\n EXTENSIONS,\n EXTENSIONS_JSON,\n GITIGNORE,\n DOT_PACKAGE_LOCK_JSON,\n LATEST,\n LICENSE,\n LICENSE_GLOB,\n LICENSE_GLOB_RECURSIVE,\n LICENSE_ORIGINAL,\n LICENSE_ORIGINAL_GLOB,\n LICENSE_ORIGINAL_GLOB_RECURSIVE,\n LOOP_SENTINEL,\n MANIFEST_JSON,\n MIT,\n NODE_AUTH_TOKEN,\n NODE_ENV,\n NODE_MODULES,\n NODE_MODULES_GLOB_RECURSIVE,\n NPM,\n NPX,\n OVERRIDES,\n PACKAGE_DEFAULT_VERSION,\n PACKAGE_JSON,\n PACKAGE_LOCK_JSON,\n PNPM,\n PNPM_LOCK_YAML,\n PRE_COMMIT,\n README_GLOB,\n README_GLOB_RECURSIVE,\n REGISTRY_SCOPE_DELIMITER,\n README_MD,\n REGISTRY,\n RESOLUTIONS,\n SOCKET_GITHUB_ORG,\n SOCKET_IPC_HANDSHAKE,\n SOCKET_OVERRIDE_SCOPE,\n SOCKET_PUBLIC_API_TOKEN,\n SOCKET_REGISTRY_NPM_ORG,\n SOCKET_REGISTRY_PACKAGE_NAME,\n SOCKET_REGISTRY_REPO_NAME,\n SOCKET_REGISTRY_SCOPE,\n SOCKET_SECURITY_SCOPE,\n TSCONFIG_JSON,\n UNKNOWN_ERROR,\n UNKNOWN_VALUE,\n UNLICENCED,\n UNLICENSED,\n UTF8,\n VITEST,\n VLT,\n YARN,\n YARN_BERRY,\n YARN_CLASSIC,\n YARN_LOCK,\n kInternalsSymbol,\n [kInternalsSymbol as unknown as 'Symbol(kInternalsSymbol)']: {\n attributes: registryConstantsAttribs,\n createConstantsObject,\n getIpc,\n },\n} = registryConstants\n\nexport type RegistryEnv = typeof registryConstants.ENV\n\nexport type RegistryInternals =\n (typeof registryConstants)['Symbol(kInternalsSymbol)']\n\nexport type Sentry = any\n\nexport type Internals = Remap<\n Omit<RegistryInternals, 'getIpc'> &\n Readonly<{\n getIpc: {\n (): Promise<IpcObject>\n <K extends keyof IpcObject | undefined>(\n key?: K | undefined,\n ): Promise<K extends keyof IpcObject ? IpcObject[K] : IpcObject>\n }\n getSentry: () => Sentry\n setSentry(Sentry: Sentry): boolean\n }>\n>\n\nexport type ENV = Remap<\n RegistryEnv &\n Readonly<{\n DISABLE_GITHUB_CACHE: boolean\n GITHUB_API_URL: string\n GITHUB_BASE_REF: string\n GITHUB_REF_NAME: string\n GITHUB_REF_TYPE: string\n GITHUB_REPOSITORY: string\n GITHUB_SERVER_URL: string\n GITHUB_TOKEN: string\n INLINED_SOCKET_CLI_COANA_TECH_CLI_VERSION: string\n INLINED_SOCKET_CLI_CYCLONEDX_CDXGEN_VERSION: string\n INLINED_SOCKET_CLI_HOMEPAGE: string\n INLINED_SOCKET_CLI_LEGACY_BUILD: string\n INLINED_SOCKET_CLI_NAME: string\n INLINED_SOCKET_CLI_PUBLISHED_BUILD: string\n INLINED_SOCKET_CLI_SENTRY_BUILD: string\n INLINED_SOCKET_CLI_VERSION: string\n INLINED_SOCKET_CLI_VERSION_HASH: string\n INLINED_SOCKET_CLI_SYNP_VERSION: string\n LOCALAPPDATA: string\n NODE_COMPILE_CACHE: string\n NODE_EXTRA_CA_CERTS: string\n PATH: string\n SOCKET_CLI_ACCEPT_RISKS: boolean\n SOCKET_CLI_API_BASE_URL: string\n SOCKET_CLI_API_PROXY: string\n SOCKET_CLI_API_TIMEOUT: number\n SOCKET_CLI_API_TOKEN: string\n SOCKET_CLI_CONFIG: string\n SOCKET_CLI_GIT_USER_EMAIL: string\n SOCKET_CLI_GIT_USER_NAME: string\n SOCKET_CLI_GITHUB_TOKEN: string\n SOCKET_CLI_NO_API_TOKEN: boolean\n SOCKET_CLI_NPM_PATH: string\n SOCKET_CLI_ORG_SLUG: string\n SOCKET_CLI_VIEW_ALL_RISKS: boolean\n TERM: string\n XDG_DATA_HOME: string\n }>\n>\n\nexport type IpcObject = Readonly<{\n SOCKET_CLI_FIX?: string | undefined\n SOCKET_CLI_OPTIMIZE?: boolean | undefined\n SOCKET_CLI_SHADOW_ACCEPT_RISKS?: boolean | undefined\n SOCKET_CLI_SHADOW_API_TOKEN?: string | undefined\n SOCKET_CLI_SHADOW_BIN?: string | undefined\n SOCKET_CLI_SHADOW_PROGRESS?: boolean | undefined\n SOCKET_CLI_SHADOW_SILENT?: boolean | undefined\n}>\n\nexport type ProcessEnv = {\n [K in keyof ENV]?: string | undefined\n}\n\n// Socket CLI specific constants that are not in socket-registry.\nconst ALERT_TYPE_CRITICAL_CVE = 'criticalCVE'\nconst ALERT_TYPE_CVE = 'cve'\nconst ALERT_TYPE_MEDIUM_CVE = 'mediumCVE'\nconst ALERT_TYPE_MILD_CVE = 'mildCVE'\nconst API_V0_URL = 'https://api.socket.dev/v0/'\nconst CONFIG_KEY_API_BASE_URL = 'apiBaseUrl'\nconst CONFIG_KEY_API_PROXY = 'apiProxy'\nconst CONFIG_KEY_API_TOKEN = 'apiToken'\nconst CONFIG_KEY_DEFAULT_ORG = 'defaultOrg'\nconst CONFIG_KEY_ENFORCED_ORGS = 'enforcedOrgs'\nconst CONFIG_KEY_ORG = 'org'\nconst DOT_SOCKET_DOT_FACTS_JSON = `${DOT_SOCKET_DIR}.facts.json`\nconst DRY_RUN_LABEL = '[DryRun]'\nconst DRY_RUN_BAILING_NOW = `${DRY_RUN_LABEL}: Bailing now`\nconst DRY_RUN_NOT_SAVING = `${DRY_RUN_LABEL}: Not saving`\nconst ENVIRONMENT_YAML = 'environment.yaml'\nconst ENVIRONMENT_YML = 'environment.yml'\nconst ERROR_NO_MANIFEST_FILES = 'No manifest files found'\nconst ERROR_NO_PACKAGE_JSON = 'No package.json found'\nconst ERROR_NO_REPO_FOUND = 'No repo found'\nconst ERROR_NO_SOCKET_DIR = 'No .socket directory found'\nconst ERROR_UNABLE_RESOLVE_ORG =\n 'Unable to resolve a Socket account organization'\nconst FLAG_CONFIG = '--config'\nconst FLAG_DRY_RUN = '--dry-run'\nconst FLAG_HELP = '--help'\nconst FLAG_ID = '--id'\nconst FLAG_JSON = '--json'\nconst FLAG_MARKDOWN = '--markdown'\nconst FLAG_ORG = '--org'\nconst FLAG_PIN = '--pin'\nconst FLAG_PROD = '--prod'\nconst FLAG_QUIET = '--quiet'\nconst FLAG_SILENT = '--silent'\nconst FLAG_TEXT = '--text'\nconst FLAG_VERBOSE = '--verbose'\nconst FLAG_VERSION = '--version'\nconst FOLD_SETTING_FILE = 'file'\nconst FOLD_SETTING_NONE = 'none'\nconst FOLD_SETTING_PKG = 'pkg'\nconst FOLD_SETTING_VERSION = 'version'\nconst GQL_PAGE_SENTINEL = 100\nconst GQL_PR_STATE_CLOSED = 'CLOSED'\nconst GQL_PR_STATE_MERGED = 'MERGED'\nconst GQL_PR_STATE_OPEN = 'OPEN'\nconst HTTP_STATUS_BAD_REQUEST = 400\nconst HTTP_STATUS_FORBIDDEN = 403\nconst HTTP_STATUS_INTERNAL_SERVER_ERROR = 500\nconst HTTP_STATUS_NOT_FOUND = 404\nconst HTTP_STATUS_UNAUTHORIZED = 401\nconst NPM_BUGGY_OVERRIDES_PATCHED_VERSION = '11.2.0'\nconst NPM_REGISTRY_URL = 'https://registry.npmjs.org'\nconst OUTPUT_JSON = 'json'\nconst OUTPUT_MARKDOWN = 'markdown'\nconst OUTPUT_TEXT = 'text'\nconst PNPM_WORKSPACE_YAML = 'pnpm-workspace.yaml'\nconst REDACTED = '<redacted>'\nconst REPORT_LEVEL_DEFER = 'defer'\nconst REPORT_LEVEL_ERROR = 'error'\nconst REPORT_LEVEL_IGNORE = 'ignore'\nconst REPORT_LEVEL_MONITOR = 'monitor'\nconst REPORT_LEVEL_WARN = 'warn'\nconst REQUIREMENTS_TXT = 'requirements.txt'\nconst SOCKET_CLI_ACCEPT_RISKS = 'SOCKET_CLI_ACCEPT_RISKS'\nconst SOCKET_CLI_BIN_NAME = 'socket'\nconst SOCKET_CLI_ISSUES_URL = 'https://github.com/SocketDev/socket-cli/issues'\nconst SOCKET_CLI_SHADOW_ACCEPT_RISKS = 'SOCKET_CLI_SHADOW_ACCEPT_RISKS'\nconst SOCKET_CLI_SHADOW_API_TOKEN = 'SOCKET_CLI_SHADOW_API_TOKEN'\nconst SOCKET_CLI_SHADOW_BIN = 'SOCKET_CLI_SHADOW_BIN'\nconst SOCKET_CLI_SHADOW_PROGRESS = 'SOCKET_CLI_SHADOW_PROGRESS'\nconst SOCKET_CLI_SHADOW_SILENT = 'SOCKET_CLI_SHADOW_SILENT'\nconst SOCKET_CLI_VIEW_ALL_RISKS = 'SOCKET_CLI_VIEW_ALL_RISKS'\nconst SOCKET_DEFAULT_BRANCH = 'socket-default-branch'\nconst SOCKET_DEFAULT_REPOSITORY = 'socket-default-repository'\nconst SOCKET_JSON = 'socket.json'\nconst SOCKET_WEBSITE_URL = 'https://socket.dev'\nconst SOCKET_YAML = 'socket.yaml'\nconst SOCKET_YML = 'socket.yml'\nconst V1_MIGRATION_GUIDE_URL = 'https://docs.socket.dev/docs/v1-migration-guide'\n\nexport type Constants = Remap<\n Omit<\n typeof registryConstants,\n 'Symbol(kInternalsSymbol)' | 'ENV' | 'ipcObject'\n > & {\n readonly 'Symbol(kInternalsSymbol)': Internals\n readonly ALERT_TYPE_CRITICAL_CVE: typeof ALERT_TYPE_CRITICAL_CVE\n readonly ALERT_TYPE_CVE: typeof ALERT_TYPE_CVE\n readonly ALERT_TYPE_MEDIUM_CVE: typeof ALERT_TYPE_MEDIUM_CVE\n readonly ALERT_TYPE_MILD_CVE: typeof ALERT_TYPE_MILD_CVE\n readonly API_V0_URL: typeof API_V0_URL\n readonly BUN: typeof BUN\n readonly CONFIG_KEY_API_BASE_URL: typeof CONFIG_KEY_API_BASE_URL\n readonly CONFIG_KEY_API_PROXY: typeof CONFIG_KEY_API_PROXY\n readonly CONFIG_KEY_API_TOKEN: typeof CONFIG_KEY_API_TOKEN\n readonly CONFIG_KEY_DEFAULT_ORG: typeof CONFIG_KEY_DEFAULT_ORG\n readonly CONFIG_KEY_ENFORCED_ORGS: typeof CONFIG_KEY_ENFORCED_ORGS\n readonly CONFIG_KEY_ORG: typeof CONFIG_KEY_ORG\n readonly DOT_GIT_DIR: typeof DOT_GIT_DIR\n readonly DOT_SOCKET_DIR: typeof DOT_SOCKET_DIR\n readonly DOT_SOCKET_DOT_FACTS_JSON: typeof DOT_SOCKET_DOT_FACTS_JSON\n readonly DRY_RUN_BAILING_NOW: typeof DRY_RUN_BAILING_NOW\n readonly DRY_RUN_LABEL: typeof DRY_RUN_LABEL\n readonly DRY_RUN_NOT_SAVING: typeof DRY_RUN_NOT_SAVING\n readonly EMPTY_VALUE: typeof EMPTY_VALUE\n readonly ENV: ENV\n readonly ENVIRONMENT_YAML: typeof ENVIRONMENT_YAML\n readonly ENVIRONMENT_YML: typeof ENVIRONMENT_YML\n readonly ERROR_NO_MANIFEST_FILES: typeof ERROR_NO_MANIFEST_FILES\n readonly ERROR_NO_PACKAGE_JSON: typeof ERROR_NO_PACKAGE_JSON\n readonly ERROR_NO_REPO_FOUND: typeof ERROR_NO_REPO_FOUND\n readonly ERROR_NO_SOCKET_DIR: typeof ERROR_NO_SOCKET_DIR\n readonly ERROR_UNABLE_RESOLVE_ORG: typeof ERROR_UNABLE_RESOLVE_ORG\n readonly EXT_YAML: typeof EXT_YAML\n readonly EXT_YML: typeof EXT_YML\n readonly FLAG_CONFIG: typeof FLAG_CONFIG\n readonly FLAG_DRY_RUN: typeof FLAG_DRY_RUN\n readonly FLAG_HELP: typeof FLAG_HELP\n readonly FLAG_ID: typeof FLAG_ID\n readonly FLAG_JSON: typeof FLAG_JSON\n readonly FLAG_MARKDOWN: typeof FLAG_MARKDOWN\n readonly FLAG_ORG: typeof FLAG_ORG\n readonly FLAG_PIN: typeof FLAG_PIN\n readonly FLAG_PROD: typeof FLAG_PROD\n readonly FLAG_QUIET: typeof FLAG_QUIET\n readonly FLAG_SILENT: typeof FLAG_SILENT\n readonly FLAG_TEXT: typeof FLAG_TEXT\n readonly FLAG_VERBOSE: typeof FLAG_VERBOSE\n readonly FLAG_VERSION: typeof FLAG_VERSION\n readonly FOLD_SETTING_FILE: typeof FOLD_SETTING_FILE\n readonly FOLD_SETTING_NONE: typeof FOLD_SETTING_NONE\n readonly FOLD_SETTING_PKG: typeof FOLD_SETTING_PKG\n readonly FOLD_SETTING_VERSION: typeof FOLD_SETTING_VERSION\n readonly GQL_PAGE_SENTINEL: typeof GQL_PAGE_SENTINEL\n readonly GQL_PR_STATE_CLOSED: typeof GQL_PR_STATE_CLOSED\n readonly GQL_PR_STATE_MERGED: typeof GQL_PR_STATE_MERGED\n readonly GQL_PR_STATE_OPEN: typeof GQL_PR_STATE_OPEN\n readonly HTTP_STATUS_BAD_REQUEST: typeof HTTP_STATUS_BAD_REQUEST\n readonly HTTP_STATUS_FORBIDDEN: typeof HTTP_STATUS_FORBIDDEN\n readonly HTTP_STATUS_INTERNAL_SERVER_ERROR: typeof HTTP_STATUS_INTERNAL_SERVER_ERROR\n readonly HTTP_STATUS_NOT_FOUND: typeof HTTP_STATUS_NOT_FOUND\n readonly HTTP_STATUS_UNAUTHORIZED: typeof HTTP_STATUS_UNAUTHORIZED\n readonly NODE_MODULES: typeof NODE_MODULES\n readonly NPM: typeof NPM\n readonly NPM_BUGGY_OVERRIDES_PATCHED_VERSION: typeof NPM_BUGGY_OVERRIDES_PATCHED_VERSION\n readonly NPM_REGISTRY_URL: typeof NPM_REGISTRY_URL\n readonly NPX: typeof NPX\n readonly OUTPUT_JSON: typeof OUTPUT_JSON\n readonly OUTPUT_MARKDOWN: typeof OUTPUT_MARKDOWN\n readonly OUTPUT_TEXT: typeof OUTPUT_TEXT\n readonly PACKAGE_JSON: typeof PACKAGE_JSON\n readonly PACKAGE_LOCK_JSON: typeof PACKAGE_LOCK_JSON\n readonly PNPM: typeof PNPM\n readonly PNPM_LOCK_YAML: typeof PNPM_LOCK_YAML\n readonly PNPM_WORKSPACE_YAML: typeof PNPM_WORKSPACE_YAML\n readonly REDACTED: typeof REDACTED\n readonly REPORT_LEVEL_DEFER: typeof REPORT_LEVEL_DEFER\n readonly REPORT_LEVEL_ERROR: typeof REPORT_LEVEL_ERROR\n readonly REPORT_LEVEL_IGNORE: typeof REPORT_LEVEL_IGNORE\n readonly REPORT_LEVEL_MONITOR: typeof REPORT_LEVEL_MONITOR\n readonly REPORT_LEVEL_WARN: typeof REPORT_LEVEL_WARN\n readonly REQUIREMENTS_TXT: typeof REQUIREMENTS_TXT\n readonly SOCKET_CLI_ACCEPT_RISKS: typeof SOCKET_CLI_ACCEPT_RISKS\n readonly SOCKET_CLI_BIN_NAME: typeof SOCKET_CLI_BIN_NAME\n readonly SOCKET_CLI_ISSUES_URL: typeof SOCKET_CLI_ISSUES_URL\n readonly SOCKET_CLI_SHADOW_ACCEPT_RISKS: typeof SOCKET_CLI_SHADOW_ACCEPT_RISKS\n readonly SOCKET_CLI_SHADOW_API_TOKEN: typeof SOCKET_CLI_SHADOW_API_TOKEN\n readonly SOCKET_CLI_SHADOW_BIN: typeof SOCKET_CLI_SHADOW_BIN\n readonly SOCKET_CLI_SHADOW_PROGRESS: typeof SOCKET_CLI_SHADOW_PROGRESS\n readonly SOCKET_CLI_SHADOW_SILENT: typeof SOCKET_CLI_SHADOW_SILENT\n readonly SOCKET_CLI_VIEW_ALL_RISKS: typeof SOCKET_CLI_VIEW_ALL_RISKS\n readonly SOCKET_DEFAULT_BRANCH: typeof SOCKET_DEFAULT_BRANCH\n readonly SOCKET_DEFAULT_REPOSITORY: typeof SOCKET_DEFAULT_REPOSITORY\n readonly SOCKET_JSON: typeof SOCKET_JSON\n readonly SOCKET_WEBSITE_URL: typeof SOCKET_WEBSITE_URL\n readonly SOCKET_YAML: typeof SOCKET_YAML\n readonly SOCKET_YML: typeof SOCKET_YML\n readonly TSCONFIG_JSON: typeof TSCONFIG_JSON\n readonly UNKNOWN_ERROR: typeof UNKNOWN_ERROR\n readonly UNKNOWN_VALUE: typeof UNKNOWN_VALUE\n readonly V1_MIGRATION_GUIDE_URL: typeof V1_MIGRATION_GUIDE_URL\n readonly VLT: typeof VLT\n readonly YARN: typeof YARN\n readonly YARN_BERRY: typeof YARN_BERRY\n readonly YARN_CLASSIC: typeof YARN_CLASSIC\n readonly bashRcPath: string\n readonly binCliPath: string\n readonly binPath: string\n readonly blessedContribPath: string\n readonly blessedOptions: {\n smartCSR: boolean\n term: string\n useBCE: boolean\n }\n readonly blessedPath: string\n readonly distCliPath: string\n readonly distPath: string\n readonly externalPath: string\n readonly githubCachePath: string\n readonly homePath: string\n readonly instrumentWithSentryPath: string\n readonly ipcObject: IpcObject\n readonly minimumVersionByAgent: Map<Agent, string>\n readonly nmBinPath: string\n readonly nodeDebugFlags: string[]\n readonly nodeHardenFlags: string[]\n readonly nodeMemoryFlags: string[]\n readonly npmCachePath: string\n readonly npmGlobalPrefix: string\n readonly npmNmNodeGypPath: string\n readonly processEnv: ProcessEnv\n readonly rootPath: string\n readonly shadowBinPath: string\n readonly shadowNpmBinPath: string\n readonly shadowNpmInjectPath: string\n readonly shadowPnpmBinPath: string\n readonly shadowYarnBinPath: string\n readonly socketAppDataPath: string\n readonly socketCachePath: string\n readonly socketRegistryPath: string\n readonly zshRcPath: string\n }\n>\n\nlet _Sentry: any\n\nlet _npmStdioPipeOptions: SpawnOptions | undefined\nfunction getNpmStdioPipeOptions() {\n if (_npmStdioPipeOptions === undefined) {\n _npmStdioPipeOptions = {\n cwd: process.cwd(),\n shell: constants.WIN32,\n }\n }\n return _npmStdioPipeOptions\n}\n\nconst LAZY_ENV = () => {\n const { env } = process\n const envHelpers = /*@__PURE__*/ require('@socketsecurity/registry/lib/env')\n const utils = /*@__PURE__*/ require(\n path.join(constants.rootPath, 'dist/utils.js'),\n )\n const envAsBoolean = envHelpers.envAsBoolean\n const envAsNumber = envHelpers.envAsNumber\n const envAsString = envHelpers.envAsString\n const getConfigValueOrUndef = utils.getConfigValueOrUndef\n const readOrDefaultSocketJson = utils.readOrDefaultSocketJson\n const GITHUB_TOKEN = envAsString(env['GITHUB_TOKEN'])\n const INLINED_SOCKET_CLI_PUBLISHED_BUILD = envAsBoolean(\n process.env['INLINED_SOCKET_CLI_PUBLISHED_BUILD'],\n )\n // We inline some environment values so that they CANNOT be influenced by user\n // provided environment variables.\n return Object.freeze({\n __proto__: null,\n // Lazily access registryConstants.ENV.\n ...registryConstants.ENV,\n // Disable using GitHub's workflow actions/cache.\n // https://github.com/actions/cache\n DISABLE_GITHUB_CACHE: envAsBoolean(env['DISABLE_GITHUB_CACHE']),\n // The API URL. For example, https://api.github.com.\n // https://docs.github.com/en/codespaces/developing-in-a-codespace/default-environment-variables-for-your-codespace#list-of-default-environment-variables\n GITHUB_API_URL:\n envAsString(env['GITHUB_API_URL']) || 'https://api.github.com',\n // The name of the base ref or target branch of the pull request in a workflow\n // run. This is only set when the event that triggers a workflow run is either\n // pull_request or pull_request_target. For example, main.\n // https://docs.github.com/en/codespaces/developing-in-a-codespace/default-environment-variables-for-your-codespace#list-of-default-environment-variables\n GITHUB_BASE_REF: envAsString(env['GITHUB_BASE_REF']),\n // The short ref name of the branch or tag that triggered the GitHub workflow\n // run. This value matches the branch or tag name shown on GitHub. For example,\n // feature-branch-1. For pull requests, the format is <pr_number>/merge.\n // https://docs.github.com/en/codespaces/developing-in-a-codespace/default-environment-variables-for-your-codespace#list-of-default-environment-variables\n GITHUB_REF_NAME: envAsString(env['GITHUB_REF_NAME']),\n // The type of ref that triggered the workflow run. Valid values are branch or tag.\n // https://docs.github.com/en/codespaces/developing-in-a-codespace/default-environment-variables-for-your-codespace#list-of-default-environment-variables\n GITHUB_REF_TYPE: envAsString(env['GITHUB_REF_TYPE']),\n // The owner and repository name. For example, octocat/Hello-World.\n // https://docs.github.com/en/codespaces/developing-in-a-codespace/default-environment-variables-for-your-codespace#list-of-default-environment-variables\n GITHUB_REPOSITORY: envAsString(env['GITHUB_REPOSITORY']),\n // The URL of the GitHub server. For example, https://github.com.\n // https://docs.github.com/en/codespaces/developing-in-a-codespace/default-environment-variables-for-your-codespace#list-of-default-environment-variables\n GITHUB_SERVER_URL:\n envAsString(env['GITHUB_SERVER_URL']) || 'https://github.com',\n // The GITHUB_TOKEN secret is a GitHub App installation access token.\n // The token's permissions are limited to the repository that contains the\n // workflow.\n // https://docs.github.com/en/actions/security-for-github-actions/security-guides/automatic-token-authentication#about-the-github_token-secret\n GITHUB_TOKEN,\n // Comp-time inlined @coana-tech/cli package version.\n // The '@rollup/plugin-replace' will replace \"process.env['INLINED_SOCKET_CLI_COANA_TECH_CLI_VERSION']\".\n INLINED_SOCKET_CLI_COANA_TECH_CLI_VERSION: envAsString(\n process.env['INLINED_SOCKET_CLI_COANA_TECH_CLI_VERSION'],\n ),\n // Comp-time inlined @cyclonedx/cdxgen package version.\n // The '@rollup/plugin-replace' will replace \"process.env['INLINED_SOCKET_CLI_CYCLONEDX_CDXGEN_VERSION']\".\n INLINED_SOCKET_CLI_CYCLONEDX_CDXGEN_VERSION: envAsString(\n process.env['INLINED_SOCKET_CLI_CYCLONEDX_CDXGEN_VERSION'],\n ),\n // Comp-time inlined Socket package homepage.\n // The '@rollup/plugin-replace' will replace \"process.env['INLINED_SOCKET_CLI_HOMEPAGE']\".\n INLINED_SOCKET_CLI_HOMEPAGE: envAsString(\n process.env['INLINED_SOCKET_CLI_HOMEPAGE'],\n ),\n // Comp-time inlined flag to determine if this is the Legacy build.\n // The '@rollup/plugin-replace' will replace \"process.env['INLINED_SOCKET_CLI_LEGACY_BUILD']\".\n INLINED_SOCKET_CLI_LEGACY_BUILD: envAsBoolean(\n process.env['INLINED_SOCKET_CLI_LEGACY_BUILD'],\n ),\n // Comp-time inlined Socket package name.\n // The '@rollup/plugin-replace' will replace \"process.env['INLINED_SOCKET_CLI_NAME']\".\n INLINED_SOCKET_CLI_NAME: envAsString(\n process.env['INLINED_SOCKET_CLI_NAME'],\n ),\n // Comp-time inlined flag to determine if this is a published build.\n // The '@rollup/plugin-replace' will replace \"process.env['INLINED_SOCKET_CLI_PUBLISHED_BUILD']\".\n INLINED_SOCKET_CLI_PUBLISHED_BUILD,\n // Comp-time inlined flag to determine if this is the Sentry build.\n // The '@rollup/plugin-replace' will replace \"process.env['INLINED_SOCKET_CLI_SENTRY_BUILD']\".\n INLINED_SOCKET_CLI_SENTRY_BUILD: envAsBoolean(\n process.env['INLINED_SOCKET_CLI_SENTRY_BUILD'],\n ),\n // Comp-time inlined synp package version.\n // The '@rollup/plugin-replace' will replace \"process.env['INLINED_SOCKET_CLI_SYNP_VERSION']\".\n INLINED_SOCKET_CLI_SYNP_VERSION: envAsString(\n process.env['INLINED_SOCKET_CLI_SYNP_VERSION'],\n ),\n // Comp-time inlined Socket package version.\n // The '@rollup/plugin-replace' will replace \"process.env['INLINED_SOCKET_CLI_VERSION']\".\n INLINED_SOCKET_CLI_VERSION: envAsString(\n process.env['INLINED_SOCKET_CLI_VERSION'],\n ),\n // Comp-time inlined Socket package version hash.\n // The '@rollup/plugin-replace' will replace \"process.env['INLINED_SOCKET_CLI_VERSION_HASH']\".\n INLINED_SOCKET_CLI_VERSION_HASH: envAsString(\n process.env['INLINED_SOCKET_CLI_VERSION_HASH'],\n ),\n // Enable the module compile cache for the Node.js instance.\n // https://nodejs.org/api/cli.html#node_compile_cachedir\n NODE_COMPILE_CACHE: constants.SUPPORTS_NODE_COMPILE_CACHE_ENV_VAR\n ? constants.socketCachePath\n : '',\n // Redefine registryConstants.ENV.NODE_ENV to account for the\n // INLINED_SOCKET_CLI_PUBLISHED_BUILD environment variable.\n NODE_ENV:\n envAsString(env['NODE_ENV']).toLowerCase() === 'production'\n ? 'production'\n : INLINED_SOCKET_CLI_PUBLISHED_BUILD\n ? ''\n : 'development',\n // Well known \"root\" CAs (like VeriSign) will be extended with the extra\n // certificates in file. The file should consist of one or more trusted\n // certificates in PEM format.\n // https://nodejs.org/api/cli.html#node_extra_ca_certsfile\n NODE_EXTRA_CA_CERTS:\n envAsString(env['NODE_EXTRA_CA_CERTS']) ||\n // Commonly used environment variable to specify the path to a single\n // PEM-encoded certificate file.\n envAsString(env['SSL_CERT_FILE']),\n // PATH is an environment variable that lists directories where executable\n // programs are located. When a command is run, the system searches these\n // directories to find the executable.\n PATH: envAsString(env['PATH']),\n // Accept risks of a Socket wrapped npm/npx run.\n SOCKET_CLI_ACCEPT_RISKS: envAsBoolean(env[SOCKET_CLI_ACCEPT_RISKS]),\n // Change the base URL for Socket API calls.\n // https://github.com/SocketDev/socket-cli?tab=readme-ov-file#environment-variables-for-development\n SOCKET_CLI_API_BASE_URL:\n envAsString(env['SOCKET_CLI_API_BASE_URL']) ||\n // TODO: Remove legacy environment variable name.\n envAsString(env['SOCKET_SECURITY_API_BASE_URL']) ||\n getConfigValueOrUndef('apiBaseUrl') ||\n API_V0_URL,\n // Set the proxy that all requests are routed through.\n // https://github.com/SocketDev/socket-cli?tab=readme-ov-file#environment-variables-for-development\n SOCKET_CLI_API_PROXY:\n envAsString(env['SOCKET_CLI_API_PROXY']) ||\n // TODO: Remove legacy environment variable name.\n envAsString(env['SOCKET_SECURITY_API_PROXY']) ||\n // Commonly used environment variables to specify routing requests through\n // a proxy server.\n envAsString(env['HTTPS_PROXY']) ||\n envAsString(env['https_proxy']) ||\n envAsString(env['HTTP_PROXY']) ||\n envAsString(env['http_proxy']),\n // Set the timeout in milliseconds for Socket API requests.\n // https://nodejs.org/api/http.html#httprequesturl-options-callback\n SOCKET_CLI_API_TIMEOUT: envAsNumber(env['SOCKET_CLI_API_TIMEOUT']),\n // Set the Socket API token.\n // https://github.com/SocketDev/socket-cli?tab=readme-ov-file#environment-variables\n SOCKET_CLI_API_TOKEN:\n envAsString(env['SOCKET_CLI_API_TOKEN']) ||\n // TODO: Remove legacy environment variable names.\n envAsString(env['SOCKET_CLI_API_KEY']) ||\n envAsString(env['SOCKET_SECURITY_API_TOKEN']) ||\n envAsString(env['SOCKET_SECURITY_API_KEY']),\n // A JSON stringified Socket configuration object.\n SOCKET_CLI_CONFIG: envAsString(env['SOCKET_CLI_CONFIG']),\n // The git config user.email used by Socket CLI.\n SOCKET_CLI_GIT_USER_EMAIL:\n envAsString(env['SOCKET_CLI_GIT_USER_EMAIL']) ||\n 'github-actions[bot]@users.noreply.github.com',\n // The git config user.name used by Socket CLI.\n SOCKET_CLI_GIT_USER_NAME:\n envAsString(env['SOCKET_CLI_GIT_USER_NAME']) ||\n envAsString(env['SOCKET_CLI_GIT_USERNAME']) ||\n 'github-actions[bot]',\n // Change the base URL for GitHub REST API calls.\n // https://docs.github.com/en/rest\n SOCKET_CLI_GITHUB_API_URL:\n envAsString(env['SOCKET_CLI_GITHUB_API_URL']) ||\n readOrDefaultSocketJson(process.cwd())?.defaults?.scan?.github\n ?.githubApiUrl ||\n 'https://api.github.com',\n // A classic GitHub personal access token with the \"repo\" scope or a\n // fine-grained access token with at least read/write permissions set for\n // \"Contents\" and \"Pull Request\".\n // https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/managing-your-personal-access-tokens\n SOCKET_CLI_GITHUB_TOKEN:\n envAsString(env['SOCKET_CLI_GITHUB_TOKEN']) ||\n // TODO: Remove undocumented legacy environment variable name.\n envAsString(env['SOCKET_SECURITY_GITHUB_PAT']) ||\n GITHUB_TOKEN,\n // Make the default API token `undefined`.\n SOCKET_CLI_NO_API_TOKEN: envAsBoolean(env['SOCKET_CLI_NO_API_TOKEN']),\n // The absolute location of the npm directory.\n SOCKET_CLI_NPM_PATH: envAsString(env['SOCKET_CLI_NPM_PATH']),\n // Specify the Socket organization slug.\n SOCKET_CLI_ORG_SLUG:\n envAsString(env['SOCKET_CLI_ORG_SLUG']) ||\n // Coana CLI accepts the SOCKET_ORG_SLUG environment variable.\n envAsString(env['SOCKET_ORG_SLUG']),\n // View all risks of a Socket wrapped npm/npx run.\n SOCKET_CLI_VIEW_ALL_RISKS: envAsBoolean(env[SOCKET_CLI_VIEW_ALL_RISKS]),\n // Specifies the type of terminal or terminal emulator being used by the process.\n TERM: envAsString(env['TERM']),\n })\n}\n\nconst lazyBashRcPath = () => path.join(constants.homePath, '.bashrc')\n\nconst lazyBinPath = () => path.join(constants.rootPath, 'bin')\n\nconst lazyBinCliPath = () => path.join(constants.binPath, 'cli.js')\n\nconst lazyBlessedContribPath = () =>\n path.join(constants.externalPath, 'blessed-contrib')\n\nconst lazyBlessedOptions = () =>\n Object.freeze({\n smartCSR: true,\n term: constants.WIN32 ? 'windows-ansi' : 'xterm',\n useBCE: true,\n })\n\nconst lazyBlessedPath = () => path.join(constants.externalPath, 'blessed')\n\nconst lazyDistCliPath = () => path.join(constants.distPath, 'cli.js')\n\nconst lazyDistPath = () => path.join(constants.rootPath, 'dist')\n\nconst lazyExternalPath = () => path.join(constants.rootPath, 'external')\n\nconst lazyGithubCachePath = () => path.join(constants.socketCachePath, 'github')\n\nconst lazyHomePath = () => os.homedir()\n\nconst lazyInstrumentWithSentryPath = () =>\n path.join(constants.distPath, 'instrument-with-sentry.js')\n\nconst lazyMinimumVersionByAgent = () =>\n new Map([\n // Bun >=1.1.39 supports the text-based lockfile.\n // https://bun.sh/blog/bun-lock-text-lockfile\n [BUN, '1.1.39'],\n // The npm version bundled with Node 18.\n // https://nodejs.org/en/about/previous-releases#looking-for-the-latest-release-of-a-version-branch\n [NPM, '10.8.2'],\n // 8.x is the earliest version to support Node 18.\n // https://pnpm.io/installation#compatibility\n // https://www.npmjs.com/package/pnpm?activeTab=versions\n [PNPM, '8.15.7'],\n // 4.x supports >= Node 18.12.0\n // https://github.com/yarnpkg/berry/blob/%40yarnpkg/core/4.1.0/CHANGELOG.md#400\n [YARN_BERRY, '4.0.0'],\n // Latest 1.x.\n // https://www.npmjs.com/package/yarn?activeTab=versions\n [YARN_CLASSIC, '1.22.22'],\n // vlt does not support overrides so we don't gate on it.\n [VLT, '*'],\n ])\n\nconst lazyNmBinPath = () => path.join(constants.rootPath, 'node_modules/.bin')\n\nconst lazyNodeDebugFlags = () =>\n constants.ENV.SOCKET_CLI_DEBUG ? ['--trace-uncaught', '--trace-warnings'] : []\n\n// Redefine registryConstants.nodeHardenFlags to account for the\n// INLINED_SOCKET_CLI_SENTRY_BUILD environment variable.\nconst lazyNodeHardenFlags = () =>\n Object.freeze(\n // Harden Node security.\n // https://nodejs.org/en/learn/getting-started/security-best-practices\n constants.ENV.INLINED_SOCKET_CLI_SENTRY_BUILD || constants.WIN32\n ? [\n // https://nodejs.org/api/cli.html#--disallow-code-generation-from-strings\n // '--disallow-code-generation-from-strings'\n ]\n : [\n // '--disallow-code-generation-from-strings',\n // https://nodejs.org/api/cli.html#--disable-protomode\n // '--disable-proto',\n // 'throw',\n // https://nodejs.org/api/cli.html#--frozen-intrinsics\n // We have contributed the following patches to our dependencies to make\n // Node's --frozen-intrinsics workable.\n // √ https://github.com/SBoudrias/Inquirer.js/pull/1683\n // √ https://github.com/pnpm/components/pull/23\n // '--frozen-intrinsics',\n // https://nodejs.org/api/cli.html#--no-deprecation\n // '--no-deprecation',\n ],\n )\n\nconst lazyNodeMemoryFlags = () => {\n const flags = /*@__PURE__*/ require(\n path.join(constants.rootPath, 'dist/flags.js'),\n )\n const getMaxOldSpaceSizeFlag = flags.getMaxOldSpaceSizeFlag\n const getMaxSemiSpaceSizeFlag = flags.getMaxSemiSpaceSizeFlag\n return Object.freeze([\n `--max-old-space-size=${getMaxOldSpaceSizeFlag()}`,\n `--max-semi-space-size=${getMaxSemiSpaceSizeFlag()}`,\n ])\n}\n\nconst lazyNpmCachePath = () => {\n const spawnHelpers = /*@__PURE__*/ require('@socketsecurity/registry/lib/spawn')\n const spawnSync = spawnHelpers.spawnSync\n return spawnSync(\n constants.npmExecPath,\n ['config', 'get', 'cache'],\n getNpmStdioPipeOptions(),\n ).stdout\n}\n\nconst lazyNpmGlobalPrefix = () => {\n const spawnHelpers = /*@__PURE__*/ require('@socketsecurity/registry/lib/spawn')\n const spawnSync = spawnHelpers.spawnSync\n return spawnSync(\n constants.npmExecPath,\n ['prefix', '-g'],\n getNpmStdioPipeOptions(),\n ).stdout\n}\n\nconst lazyNpmNmNodeGypPath = () =>\n path.join(\n constants.npmRealExecPath,\n '../../node_modules/node-gyp/bin/node-gyp.js',\n )\n\nconst lazyProcessEnv = () =>\n Object.setPrototypeOf(\n Object.fromEntries(\n Object.entries(constants.ENV).reduce(\n (entries, entry) => {\n const { 0: key, 1: value } = entry\n if (key.startsWith('INLINED_SOCKET_CLI_')) {\n return entries\n }\n if (typeof value === 'string') {\n if (value) {\n entries.push(entry as [string, string])\n }\n } else if (typeof value === 'boolean' && value) {\n entries.push([key, '1'])\n }\n return entries\n },\n [] as Array<[string, string]>,\n ),\n ),\n null,\n )\n\nconst lazyRootPath = () => path.join(realpathSync.native(__dirname), '..')\n\nconst lazyShadowBinPath = () => path.join(constants.rootPath, 'shadow-npm-bin')\n\nconst lazyShadowNpmBinPath = () =>\n path.join(constants.distPath, 'shadow-npm-bin.js')\n\nconst lazyShadowNpmInjectPath = () =>\n path.join(constants.distPath, 'shadow-npm-inject.js')\n\nconst lazyShadowPnpmBinPath = () =>\n path.join(constants.distPath, 'shadow-pnpm-bin.js')\n\nconst lazyShadowYarnBinPath = () =>\n path.join(constants.distPath, 'shadow-yarn-bin.js')\n\nconst lazySocketAppDataPath = (): string | undefined => {\n // Get the OS app data directory:\n // - Win: %LOCALAPPDATA% or fail?\n // - Mac: %XDG_DATA_HOME% or fallback to \"~/Library/Application Support/\"\n // - Linux: %XDG_DATA_HOME% or fallback to \"~/.local/share/\"\n // Note: LOCALAPPDATA is typically: C:\\Users\\USERNAME\\AppData\n // Note: XDG stands for \"X Desktop Group\", nowadays \"freedesktop.org\"\n // On most systems that path is: $HOME/.local/share\n // Then append `socket/settings`, so:\n // - Win: %LOCALAPPDATA%\\socket\\settings or return undefined\n // - Mac: %XDG_DATA_HOME%/socket/settings or \"~/Library/Application Support/socket/settings\"\n // - Linux: %XDG_DATA_HOME%/socket/settings or \"~/.local/share/socket/settings\"\n const { WIN32 } = constants\n let dataHome: string | undefined = WIN32\n ? constants.ENV.LOCALAPPDATA\n : constants.ENV.XDG_DATA_HOME\n if (!dataHome) {\n if (WIN32) {\n const logger = /*@__PURE__*/ require('@socketsecurity/registry/lib/logger')\n logger.warn(`Missing %LOCALAPPDATA%.`)\n } else {\n dataHome = path.join(\n constants.homePath,\n constants.DARWIN ? 'Library/Application Support' : '.local/share',\n )\n }\n }\n return dataHome ? path.join(dataHome, 'socket/settings') : undefined\n}\n\nconst lazySocketCachePath = () => path.join(constants.rootPath, '.cache')\n\nconst lazySocketRegistryPath = () =>\n path.join(constants.externalPath, '@socketsecurity/registry')\n\nconst lazyZshRcPath = () => path.join(constants.homePath, '.zshrc')\n\nconst constants: Constants = createConstantsObject(\n {\n ...registryConstantsAttribs.props,\n ALERT_TYPE_CRITICAL_CVE,\n ALERT_TYPE_CVE,\n ALERT_TYPE_MEDIUM_CVE,\n ALERT_TYPE_MILD_CVE,\n API_V0_URL,\n BUN,\n CONFIG_KEY_API_BASE_URL,\n CONFIG_KEY_API_PROXY,\n CONFIG_KEY_API_TOKEN,\n CONFIG_KEY_DEFAULT_ORG,\n CONFIG_KEY_ENFORCED_ORGS,\n CONFIG_KEY_ORG,\n DOT_GIT_DIR,\n DOT_SOCKET_DIR,\n DOT_SOCKET_DOT_FACTS_JSON,\n DRY_RUN_BAILING_NOW,\n DRY_RUN_LABEL,\n DRY_RUN_NOT_SAVING,\n ENV: undefined,\n ENVIRONMENT_YAML,\n ENVIRONMENT_YML,\n ERROR_NO_MANIFEST_FILES,\n ERROR_NO_PACKAGE_JSON,\n ERROR_NO_REPO_FOUND,\n ERROR_NO_SOCKET_DIR,\n ERROR_UNABLE_RESOLVE_ORG,\n EXT_YAML,\n EXT_YML,\n FLAG_CONFIG,\n FLAG_DRY_RUN,\n FLAG_HELP,\n FLAG_ID,\n FLAG_JSON,\n FLAG_MARKDOWN,\n FLAG_ORG,\n FLAG_PIN,\n FLAG_PROD,\n FLAG_QUIET,\n FLAG_SILENT,\n FLAG_TEXT,\n FLAG_VERBOSE,\n FLAG_VERSION,\n FOLD_SETTING_FILE,\n FOLD_SETTING_NONE,\n FOLD_SETTING_PKG,\n FOLD_SETTING_VERSION,\n GQL_PAGE_SENTINEL,\n GQL_PR_STATE_CLOSED,\n GQL_PR_STATE_MERGED,\n GQL_PR_STATE_OPEN,\n HTTP_STATUS_BAD_REQUEST,\n HTTP_STATUS_FORBIDDEN,\n HTTP_STATUS_INTERNAL_SERVER_ERROR,\n HTTP_STATUS_NOT_FOUND,\n HTTP_STATUS_UNAUTHORIZED,\n NODE_MODULES,\n NPM_BUGGY_OVERRIDES_PATCHED_VERSION,\n NPM_REGISTRY_URL,\n NPX,\n OUTPUT_JSON,\n OUTPUT_MARKDOWN,\n OUTPUT_TEXT,\n PACKAGE_JSON,\n PACKAGE_LOCK_JSON,\n PNPM,\n PNPM_LOCK_YAML,\n PNPM_WORKSPACE_YAML,\n REDACTED,\n REPORT_LEVEL_DEFER,\n REPORT_LEVEL_ERROR,\n REPORT_LEVEL_IGNORE,\n REPORT_LEVEL_MONITOR,\n REPORT_LEVEL_WARN,\n REQUIREMENTS_TXT,\n SOCKET_CLI_ACCEPT_RISKS,\n SOCKET_CLI_BIN_NAME,\n SOCKET_CLI_ISSUES_URL,\n SOCKET_CLI_SHADOW_ACCEPT_RISKS,\n SOCKET_CLI_SHADOW_API_TOKEN,\n SOCKET_CLI_SHADOW_BIN,\n SOCKET_CLI_SHADOW_PROGRESS,\n SOCKET_CLI_SHADOW_SILENT,\n SOCKET_CLI_VIEW_ALL_RISKS,\n SOCKET_DEFAULT_BRANCH,\n SOCKET_DEFAULT_REPOSITORY,\n SOCKET_JSON,\n SOCKET_WEBSITE_URL,\n SOCKET_YAML,\n SOCKET_YML,\n TSCONFIG_JSON,\n UNKNOWN_ERROR,\n UNKNOWN_VALUE,\n V1_MIGRATION_GUIDE_URL,\n VLT,\n YARN,\n YARN_BERRY,\n YARN_CLASSIC,\n bashRcPath: undefined,\n binPath: undefined,\n binCliPath: undefined,\n blessedContribPath: undefined,\n blessedOptions: undefined,\n blessedPath: undefined,\n distCliPath: undefined,\n distPath: undefined,\n externalPath: undefined,\n githubCachePath: undefined,\n homePath: undefined,\n instrumentWithSentryPath: undefined,\n minimumVersionByAgent: undefined,\n nmBinPath: undefined,\n nodeHardenFlags: undefined,\n nodeDebugFlags: undefined,\n nodeMemoryFlags: undefined,\n npmCachePath: undefined,\n npmGlobalPrefix: undefined,\n npmNmNodeGypPath: undefined,\n processEnv: undefined,\n rootPath: undefined,\n shadowBinPath: undefined,\n shadowNpmInjectPath: undefined,\n shadowNpmBinPath: undefined,\n shadowPnpmBinPath: undefined,\n shadowYarnBinPath: undefined,\n socketAppDataPath: undefined,\n socketCachePath: undefined,\n socketRegistryPath: undefined,\n zshRcPath: undefined,\n },\n {\n getters: {\n ...registryConstantsAttribs.getters,\n ENV: LAZY_ENV,\n bashRcPath: lazyBashRcPath,\n binCliPath: lazyBinCliPath,\n binPath: lazyBinPath,\n blessedContribPath: lazyBlessedContribPath,\n blessedOptions: lazyBlessedOptions,\n blessedPath: lazyBlessedPath,\n distCliPath: lazyDistCliPath,\n distPath: lazyDistPath,\n externalPath: lazyExternalPath,\n githubCachePath: lazyGithubCachePath,\n homePath: lazyHomePath,\n instrumentWithSentryPath: lazyInstrumentWithSentryPath,\n minimumVersionByAgent: lazyMinimumVersionByAgent,\n nmBinPath: lazyNmBinPath,\n nodeDebugFlags: lazyNodeDebugFlags,\n nodeHardenFlags: lazyNodeHardenFlags,\n nodeMemoryFlags: lazyNodeMemoryFlags,\n npmCachePath: lazyNpmCachePath,\n npmGlobalPrefix: lazyNpmGlobalPrefix,\n npmNmNodeGypPath: lazyNpmNmNodeGypPath,\n processEnv: lazyProcessEnv,\n rootPath: lazyRootPath,\n shadowBinPath: lazyShadowBinPath,\n shadowNpmBinPath: lazyShadowNpmBinPath,\n shadowNpmInjectPath: lazyShadowNpmInjectPath,\n shadowPnpmBinPath: lazyShadowPnpmBinPath,\n shadowYarnBinPath: lazyShadowYarnBinPath,\n socketAppDataPath: lazySocketAppDataPath,\n socketCachePath: lazySocketCachePath,\n socketRegistryPath: lazySocketRegistryPath,\n zshRcPath: lazyZshRcPath,\n },\n internals: {\n ...registryConstantsAttribs.internals,\n getIpc,\n getSentry() {\n return _Sentry\n },\n setSentry(Sentry: Sentry): boolean {\n if (_Sentry === undefined) {\n _Sentry = Sentry\n return true\n }\n return false\n },\n },\n },\n) as Constants\n\nexport {\n // Re-exported from socket-registry.\n AT_LATEST,\n BIOME_JSON,\n BUN,\n CI,\n COLUMN_LIMIT,\n DOT_GIT_DIR,\n DOT_PACKAGE_LOCK_JSON,\n DOT_SOCKET_DIR,\n EMPTY_FILE,\n EMPTY_VALUE,\n ESLINT_CONFIG_JS,\n ESNEXT,\n EXTENSIONS,\n EXTENSIONS_JSON,\n EXT_CJS,\n EXT_CMD,\n EXT_CTS,\n EXT_DTS,\n EXT_JS,\n EXT_JSON,\n EXT_LOCK,\n EXT_LOCKB,\n EXT_MD,\n EXT_MJS,\n EXT_MTS,\n EXT_PS1,\n EXT_YAML,\n EXT_YML,\n GITIGNORE,\n LATEST,\n LICENSE,\n LICENSE_GLOB,\n LICENSE_GLOB_RECURSIVE,\n LICENSE_ORIGINAL,\n LICENSE_ORIGINAL_GLOB,\n LICENSE_ORIGINAL_GLOB_RECURSIVE,\n LOOP_SENTINEL,\n MANIFEST_JSON,\n MIT,\n NODE_AUTH_TOKEN,\n NODE_ENV,\n NODE_MODULES,\n NODE_MODULES_GLOB_RECURSIVE,\n NPM,\n NPX,\n OVERRIDES,\n PACKAGE_DEFAULT_VERSION,\n PACKAGE_JSON,\n PACKAGE_LOCK_JSON,\n PNPM,\n PNPM_LOCK_YAML,\n PRE_COMMIT,\n README_GLOB,\n README_GLOB_RECURSIVE,\n README_MD,\n REGISTRY,\n REGISTRY_SCOPE_DELIMITER,\n RESOLUTIONS,\n SOCKET_GITHUB_ORG,\n SOCKET_IPC_HANDSHAKE,\n SOCKET_OVERRIDE_SCOPE,\n SOCKET_PUBLIC_API_TOKEN,\n SOCKET_REGISTRY_NPM_ORG,\n SOCKET_REGISTRY_PACKAGE_NAME,\n SOCKET_REGISTRY_REPO_NAME,\n SOCKET_REGISTRY_SCOPE,\n SOCKET_SECURITY_SCOPE,\n TSCONFIG_JSON,\n UNKNOWN_ERROR,\n UNKNOWN_VALUE,\n UNLICENCED,\n UNLICENSED,\n UTF8,\n VITEST,\n VLT,\n YARN,\n YARN_BERRY,\n YARN_CLASSIC,\n YARN_LOCK,\n // Socket CLI specific constants.\n ALERT_TYPE_CRITICAL_CVE,\n ALERT_TYPE_CVE,\n ALERT_TYPE_MEDIUM_CVE,\n ALERT_TYPE_MILD_CVE,\n API_V0_URL,\n CONFIG_KEY_API_BASE_URL,\n CONFIG_KEY_API_PROXY,\n CONFIG_KEY_API_TOKEN,\n CONFIG_KEY_DEFAULT_ORG,\n CONFIG_KEY_ENFORCED_ORGS,\n CONFIG_KEY_ORG,\n DOT_SOCKET_DOT_FACTS_JSON,\n DRY_RUN_BAILING_NOW,\n DRY_RUN_LABEL,\n DRY_RUN_NOT_SAVING,\n ENVIRONMENT_YAML,\n ENVIRONMENT_YML,\n ERROR_NO_MANIFEST_FILES,\n ERROR_NO_PACKAGE_JSON,\n ERROR_NO_REPO_FOUND,\n ERROR_NO_SOCKET_DIR,\n ERROR_UNABLE_RESOLVE_ORG,\n FLAG_CONFIG,\n FLAG_DRY_RUN,\n FLAG_HELP,\n FLAG_ID,\n FLAG_JSON,\n FLAG_MARKDOWN,\n FLAG_ORG,\n FLAG_PIN,\n FLAG_PROD,\n FLAG_QUIET,\n FLAG_SILENT,\n FLAG_TEXT,\n FLAG_VERBOSE,\n FLAG_VERSION,\n FOLD_SETTING_FILE,\n FOLD_SETTING_NONE,\n FOLD_SETTING_PKG,\n FOLD_SETTING_VERSION,\n GQL_PAGE_SENTINEL,\n GQL_PR_STATE_CLOSED,\n GQL_PR_STATE_MERGED,\n GQL_PR_STATE_OPEN,\n HTTP_STATUS_BAD_REQUEST,\n HTTP_STATUS_FORBIDDEN,\n HTTP_STATUS_INTERNAL_SERVER_ERROR,\n HTTP_STATUS_NOT_FOUND,\n HTTP_STATUS_UNAUTHORIZED,\n NPM_BUGGY_OVERRIDES_PATCHED_VERSION,\n NPM_REGISTRY_URL,\n OUTPUT_JSON,\n OUTPUT_MARKDOWN,\n OUTPUT_TEXT,\n PNPM_WORKSPACE_YAML,\n REDACTED,\n REPORT_LEVEL_DEFER,\n REPORT_LEVEL_ERROR,\n REPORT_LEVEL_IGNORE,\n REPORT_LEVEL_MONITOR,\n REPORT_LEVEL_WARN,\n REQUIREMENTS_TXT,\n SOCKET_CLI_ACCEPT_RISKS,\n SOCKET_CLI_BIN_NAME,\n SOCKET_CLI_ISSUES_URL,\n SOCKET_CLI_SHADOW_ACCEPT_RISKS,\n SOCKET_CLI_SHADOW_API_TOKEN,\n SOCKET_CLI_SHADOW_BIN,\n SOCKET_CLI_SHADOW_PROGRESS,\n SOCKET_CLI_SHADOW_SILENT,\n SOCKET_CLI_VIEW_ALL_RISKS,\n SOCKET_DEFAULT_BRANCH,\n SOCKET_DEFAULT_REPOSITORY,\n SOCKET_JSON,\n SOCKET_WEBSITE_URL,\n SOCKET_YAML,\n SOCKET_YML,\n V1_MIGRATION_GUIDE_URL,\n}\n\nexport default constants\n"],"names":["attributes","getIpc","_npmStdioPipeOptions","cwd","env","__proto__","DISABLE_GITHUB_CACHE","GITHUB_BASE_REF","GITHUB_REF_NAME","GITHUB_REF_TYPE","GITHUB_REPOSITORY","NODE_EXTRA_CA_CERTS","envAsString","PATH","SOCKET_CLI_ACCEPT_RISKS","SOCKET_CLI_API_BASE_URL","SOCKET_CLI_API_PROXY","SOCKET_CLI_API_TIMEOUT","SOCKET_CLI_API_TOKEN","SOCKET_CLI_CONFIG","SOCKET_CLI_GIT_USER_NAME","SOCKET_CLI_GITHUB_TOKEN","SOCKET_CLI_NO_API_TOKEN","SOCKET_CLI_NPM_PATH","SOCKET_CLI_ORG_SLUG","SOCKET_CLI_VIEW_ALL_RISKS","TERM","smartCSR","term","useBCE","constants","entries","WIN32","logger","dataHome","ENV","bashRcPath","binPath","binCliPath","blessedContribPath","blessedOptions","blessedPath","distCliPath","distPath","externalPath","githubCachePath","homePath","instrumentWithSentryPath","minimumVersionByAgent","nmBinPath","nodeHardenFlags","nodeDebugFlags","nodeMemoryFlags","npmCachePath","npmGlobalPrefix","npmNmNodeGypPath","processEnv","rootPath","shadowBinPath","shadowNpmInjectPath","shadowNpmBinPath","shadowPnpmBinPath","shadowYarnBinPath","socketAppDataPath","socketCachePath","socketRegistryPath","zshRcPath","getters","internals","getSentry","_Sentry"],"mappings":";;;;;;;;;;;;AAYA;AACA;AACA;AACA;AACA;AACA;AAEA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAiFE;AACEA;;AAEAC;AACF;AACF;AAgFA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAEA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAkJA;AAEA;AACA;;AAEIC;AACEC;;;AAGJ;AACA;AACF;AAEA;;AACUC;AAAI;AACZ;AACA;AAGA;AACA;AACA;AACA;AACA;;;AAKA;AACA;;AAEEC;AACA;;AAEA;AACA;AACAC;AACA;AACA;;AAGA;AACA;AACA;AACA;AACAC;AACA;AACA;AACA;AACA;AACAC;AACA;AACA;AACAC;AACA;AACA;AACAC;AACA;AACA;;AAGA;AACA;AACA;AACA;;AAEA;AACA;;AAIA;AACA;;AAIA;AACA;;AAIA;AACA;;AAIA;AACA;;AAIA;AACA;;AAEA;AACA;;AAIA;AACA;;AAIA;AACA;;AAIA;AACA;;AAIA;AACA;;AAIA;AACA;;AAOA;AACA;AACA;AACA;AACAC;AAEE;AACA;AACAC;AACF;AACA;AACA;AACAC;AACA;AACAC;AACA;AACA;AACAC;AAEE;AACAH;AAGF;AACA;AACAI;AAEE;AACAJ;AACA;AACA;AACAA;AAIF;AACA;AACAK;AACA;AACA;AACAC;AAEE;;AAIF;AACAC;AACA;;AAIA;AACAC;AAIA;AACA;;AAMA;AACA;AACA;AACA;AACAC;AAEE;AACAT;AAEF;AACAU;AACA;AACAC;AACA;AACAC;AAEE;AACAZ;AACF;AACAa;AACA;AACAC;AACF;AACF;AAEA;AAEA;AAEA;AAEA;AAGA;AAEIC;AACAC;AACAC;AACF;AAEF;AAEA;AAEA;AAEA;AAEA;AAEA;AAEA;AAGA;AAEI;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAGJ;AAEA;;AAGA;AACA;AACA;AAEI;AACA;AACAC;AAEM;AACA;AAAA;AAGA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAAA;AAIV;AACE;AAGA;AACA;AACA;AAIF;AAEA;AACE;AACA;AACA;AAKF;AAEA;AACE;AACA;AACA;AAKF;AAEA;AAMA;;AAKkB;AAAQ;AAAS;AACzB;AACE;AACF;AACA;AACE;AACEC;AACF;;;AAGF;AACA;AACF;AAOR;AAEA;AAEA;AAGA;AAGA;AAGA;AAGA;AACE;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AACQC;AAAM;AACd;;AAIE;AACE;AACAC;AACF;AACEC;AAIF;AACF;;AAEF;AAEA;AAEA;AAGA;AAEA;;;;;;;;;;;;;;;;;;;;AAqBIC;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AA+EAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACF;AAEEC;;AAEEhC;AACAC;AACAE;AACAD;AACAE;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAE;AACAD;AACAE;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAE;AACAD;AACAE;AACAC;AACAC;AACAC;AACAC;AACAC;;AAEFE;;;AAGEC;AACE;;;;AAIEC;AACA;AACF;AACA;AACF;AACF;AACF;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;","debugId":"ef843527-bde5-47b7-a51f-b7df003bdf25"}
1
+ {"version":3,"file":"constants.js","sources":["../src/constants.mts"],"sourcesContent":["import { realpathSync } from 'node:fs'\nimport { createRequire } from 'node:module'\nimport os from 'node:os'\nimport path from 'node:path'\nimport { fileURLToPath } from 'node:url'\n\nimport registryConstants from '@socketsecurity/registry/lib/constants'\n\nimport type { Agent } from './utils/package-environment.mts'\nimport type { Remap } from '@socketsecurity/registry/lib/objects'\nimport type { SpawnOptions } from '@socketsecurity/registry/lib/spawn'\n\nconst require = createRequire(import.meta.url)\nconst __filename = fileURLToPath(import.meta.url)\n// Using `path.dirname(__filename)` to resolve `__dirname` works for both 'dist'\n// AND 'src' directories because constants.js and constants.mts respectively are\n// in the root of each.\nconst __dirname = path.dirname(__filename)\n\nconst {\n AT_LATEST,\n BIOME_JSON,\n BUN,\n CI,\n COLUMN_LIMIT,\n DOT_GIT_DIR,\n DOT_SOCKET_DIR,\n EMPTY_FILE,\n EMPTY_VALUE,\n ESLINT_CONFIG_JS,\n ESNEXT,\n EXT_CJS,\n EXT_CMD,\n EXT_CTS,\n EXT_DTS,\n EXT_JS,\n EXT_JSON,\n EXT_LOCK,\n EXT_LOCKB,\n EXT_MD,\n EXT_MJS,\n EXT_MTS,\n EXT_PS1,\n EXT_YAML,\n EXT_YML,\n EXTENSIONS,\n EXTENSIONS_JSON,\n GITIGNORE,\n DOT_PACKAGE_LOCK_JSON,\n LATEST,\n LICENSE,\n LICENSE_GLOB,\n LICENSE_GLOB_RECURSIVE,\n LICENSE_ORIGINAL,\n LICENSE_ORIGINAL_GLOB,\n LICENSE_ORIGINAL_GLOB_RECURSIVE,\n LOOP_SENTINEL,\n MANIFEST_JSON,\n MIT,\n NODE_AUTH_TOKEN,\n NODE_ENV,\n NODE_MODULES,\n NODE_MODULES_GLOB_RECURSIVE,\n NPM,\n NPX,\n OVERRIDES,\n PACKAGE_DEFAULT_VERSION,\n PACKAGE_JSON,\n PACKAGE_LOCK_JSON,\n PNPM,\n PNPM_LOCK_YAML,\n PRE_COMMIT,\n README_GLOB,\n README_GLOB_RECURSIVE,\n REGISTRY_SCOPE_DELIMITER,\n README_MD,\n REGISTRY,\n RESOLUTIONS,\n SOCKET_GITHUB_ORG,\n SOCKET_IPC_HANDSHAKE,\n SOCKET_OVERRIDE_SCOPE,\n SOCKET_PUBLIC_API_TOKEN,\n SOCKET_REGISTRY_NPM_ORG,\n SOCKET_REGISTRY_PACKAGE_NAME,\n SOCKET_REGISTRY_REPO_NAME,\n SOCKET_REGISTRY_SCOPE,\n SOCKET_SECURITY_SCOPE,\n TSCONFIG_JSON,\n UNKNOWN_ERROR,\n UNKNOWN_VALUE,\n UNLICENCED,\n UNLICENSED,\n UTF8,\n VITEST,\n VLT,\n YARN,\n YARN_BERRY,\n YARN_CLASSIC,\n YARN_LOCK,\n kInternalsSymbol,\n [kInternalsSymbol as unknown as 'Symbol(kInternalsSymbol)']: {\n attributes: registryConstantsAttribs,\n createConstantsObject,\n getIpc,\n },\n} = registryConstants\n\nexport type RegistryEnv = typeof registryConstants.ENV\n\nexport type RegistryInternals =\n (typeof registryConstants)['Symbol(kInternalsSymbol)']\n\nexport type Sentry = any\n\nexport type Internals = Remap<\n Omit<RegistryInternals, 'getIpc'> &\n Readonly<{\n getIpc: {\n (): Promise<IpcObject>\n <K extends keyof IpcObject | undefined>(\n key?: K | undefined,\n ): Promise<K extends keyof IpcObject ? IpcObject[K] : IpcObject>\n }\n getSentry: () => Sentry\n setSentry(Sentry: Sentry): boolean\n }>\n>\n\nexport type ENV = Remap<\n RegistryEnv &\n Readonly<{\n DISABLE_GITHUB_CACHE: boolean\n GITHUB_API_URL: string\n GITHUB_BASE_REF: string\n GITHUB_REF_NAME: string\n GITHUB_REF_TYPE: string\n GITHUB_REPOSITORY: string\n GITHUB_SERVER_URL: string\n GITHUB_TOKEN: string\n INLINED_SOCKET_CLI_COANA_TECH_CLI_VERSION: string\n INLINED_SOCKET_CLI_CYCLONEDX_CDXGEN_VERSION: string\n INLINED_SOCKET_CLI_HOMEPAGE: string\n INLINED_SOCKET_CLI_LEGACY_BUILD: string\n INLINED_SOCKET_CLI_NAME: string\n INLINED_SOCKET_CLI_PUBLISHED_BUILD: string\n INLINED_SOCKET_CLI_SENTRY_BUILD: string\n INLINED_SOCKET_CLI_VERSION: string\n INLINED_SOCKET_CLI_VERSION_HASH: string\n INLINED_SOCKET_CLI_SYNP_VERSION: string\n LOCALAPPDATA: string\n NODE_COMPILE_CACHE: string\n NODE_EXTRA_CA_CERTS: string\n PATH: string\n SOCKET_CLI_ACCEPT_RISKS: boolean\n SOCKET_CLI_API_BASE_URL: string\n SOCKET_CLI_API_PROXY: string\n SOCKET_CLI_API_TIMEOUT: number\n SOCKET_CLI_API_TOKEN: string\n SOCKET_CLI_CONFIG: string\n SOCKET_CLI_GIT_USER_EMAIL: string\n SOCKET_CLI_GIT_USER_NAME: string\n SOCKET_CLI_GITHUB_TOKEN: string\n SOCKET_CLI_NO_API_TOKEN: boolean\n SOCKET_CLI_NPM_PATH: string\n SOCKET_CLI_ORG_SLUG: string\n SOCKET_CLI_VIEW_ALL_RISKS: boolean\n TERM: string\n XDG_DATA_HOME: string\n }>\n>\n\nexport type IpcObject = Readonly<{\n SOCKET_CLI_FIX?: string | undefined\n SOCKET_CLI_OPTIMIZE?: boolean | undefined\n SOCKET_CLI_SHADOW_ACCEPT_RISKS?: boolean | undefined\n SOCKET_CLI_SHADOW_API_TOKEN?: string | undefined\n SOCKET_CLI_SHADOW_BIN?: string | undefined\n SOCKET_CLI_SHADOW_PROGRESS?: boolean | undefined\n SOCKET_CLI_SHADOW_SILENT?: boolean | undefined\n}>\n\nexport type ProcessEnv = {\n [K in keyof ENV]?: string | undefined\n}\n\n// Socket CLI specific constants that are not in socket-registry.\nconst ALERT_TYPE_CRITICAL_CVE = 'criticalCVE'\nconst ALERT_TYPE_CVE = 'cve'\nconst ALERT_TYPE_MEDIUM_CVE = 'mediumCVE'\nconst ALERT_TYPE_MILD_CVE = 'mildCVE'\nconst API_V0_URL = 'https://api.socket.dev/v0/'\nconst CONFIG_KEY_API_BASE_URL = 'apiBaseUrl'\nconst CONFIG_KEY_API_PROXY = 'apiProxy'\nconst CONFIG_KEY_API_TOKEN = 'apiToken'\nconst CONFIG_KEY_DEFAULT_ORG = 'defaultOrg'\nconst CONFIG_KEY_ENFORCED_ORGS = 'enforcedOrgs'\nconst CONFIG_KEY_ORG = 'org'\nconst DOT_SOCKET_DOT_FACTS_JSON = `${DOT_SOCKET_DIR}.facts.json`\nconst DRY_RUN_LABEL = '[DryRun]'\nconst DRY_RUN_BAILING_NOW = `${DRY_RUN_LABEL}: Bailing now`\nconst DRY_RUN_NOT_SAVING = `${DRY_RUN_LABEL}: Not saving`\nconst ENVIRONMENT_YAML = 'environment.yaml'\nconst ENVIRONMENT_YML = 'environment.yml'\nconst ERROR_NO_MANIFEST_FILES = 'No manifest files found'\nconst ERROR_NO_PACKAGE_JSON = 'No package.json found'\nconst ERROR_NO_REPO_FOUND = 'No repo found'\nconst ERROR_NO_SOCKET_DIR = 'No .socket directory found'\nconst ERROR_UNABLE_RESOLVE_ORG =\n 'Unable to resolve a Socket account organization'\nconst FLAG_CONFIG = '--config'\nconst FLAG_DRY_RUN = '--dry-run'\nconst FLAG_HELP = '--help'\nconst FLAG_ID = '--id'\nconst FLAG_JSON = '--json'\nconst FLAG_MARKDOWN = '--markdown'\nconst FLAG_ORG = '--org'\nconst FLAG_PIN = '--pin'\nconst FLAG_PROD = '--prod'\nconst FLAG_QUIET = '--quiet'\nconst FLAG_SILENT = '--silent'\nconst FLAG_TEXT = '--text'\nconst FLAG_VERBOSE = '--verbose'\nconst FLAG_VERSION = '--version'\nconst FOLD_SETTING_FILE = 'file'\nconst FOLD_SETTING_NONE = 'none'\nconst FOLD_SETTING_PKG = 'pkg'\nconst FOLD_SETTING_VERSION = 'version'\nconst GQL_PAGE_SENTINEL = 100\nconst GQL_PR_STATE_CLOSED = 'CLOSED'\nconst GQL_PR_STATE_MERGED = 'MERGED'\nconst GQL_PR_STATE_OPEN = 'OPEN'\nconst HTTP_STATUS_BAD_REQUEST = 400\nconst HTTP_STATUS_FORBIDDEN = 403\nconst HTTP_STATUS_INTERNAL_SERVER_ERROR = 500\nconst HTTP_STATUS_NOT_FOUND = 404\nconst HTTP_STATUS_UNAUTHORIZED = 401\nconst NPM_BUGGY_OVERRIDES_PATCHED_VERSION = '11.2.0'\nconst NPM_REGISTRY_URL = 'https://registry.npmjs.org'\nconst OUTPUT_JSON = 'json'\nconst OUTPUT_MARKDOWN = 'markdown'\nconst OUTPUT_TEXT = 'text'\nconst PNPM_WORKSPACE_YAML = 'pnpm-workspace.yaml'\nconst REDACTED = '<redacted>'\nconst REPORT_LEVEL_DEFER = 'defer'\nconst REPORT_LEVEL_ERROR = 'error'\nconst REPORT_LEVEL_IGNORE = 'ignore'\nconst REPORT_LEVEL_MONITOR = 'monitor'\nconst REPORT_LEVEL_WARN = 'warn'\nconst REQUIREMENTS_TXT = 'requirements.txt'\nconst SOCKET_CLI_ACCEPT_RISKS = 'SOCKET_CLI_ACCEPT_RISKS'\nconst SOCKET_CLI_BIN_NAME = 'socket'\nconst SOCKET_CLI_ISSUES_URL = 'https://github.com/SocketDev/socket-cli/issues'\nconst SOCKET_CLI_SHADOW_ACCEPT_RISKS = 'SOCKET_CLI_SHADOW_ACCEPT_RISKS'\nconst SOCKET_CLI_SHADOW_API_TOKEN = 'SOCKET_CLI_SHADOW_API_TOKEN'\nconst SOCKET_CLI_SHADOW_BIN = 'SOCKET_CLI_SHADOW_BIN'\nconst SOCKET_CLI_SHADOW_PROGRESS = 'SOCKET_CLI_SHADOW_PROGRESS'\nconst SOCKET_CLI_SHADOW_SILENT = 'SOCKET_CLI_SHADOW_SILENT'\nconst SOCKET_CLI_VIEW_ALL_RISKS = 'SOCKET_CLI_VIEW_ALL_RISKS'\nconst SOCKET_DEFAULT_BRANCH = 'socket-default-branch'\nconst SOCKET_DEFAULT_REPOSITORY = 'socket-default-repository'\nconst SOCKET_JSON = 'socket.json'\nconst SOCKET_WEBSITE_URL = 'https://socket.dev'\nconst SOCKET_YAML = 'socket.yaml'\nconst SOCKET_YML = 'socket.yml'\nconst V1_MIGRATION_GUIDE_URL = 'https://docs.socket.dev/docs/v1-migration-guide'\n\nexport type Constants = Remap<\n Omit<\n typeof registryConstants,\n 'Symbol(kInternalsSymbol)' | 'ENV' | 'ipcObject'\n > & {\n readonly 'Symbol(kInternalsSymbol)': Internals\n readonly ALERT_TYPE_CRITICAL_CVE: typeof ALERT_TYPE_CRITICAL_CVE\n readonly ALERT_TYPE_CVE: typeof ALERT_TYPE_CVE\n readonly ALERT_TYPE_MEDIUM_CVE: typeof ALERT_TYPE_MEDIUM_CVE\n readonly ALERT_TYPE_MILD_CVE: typeof ALERT_TYPE_MILD_CVE\n readonly API_V0_URL: typeof API_V0_URL\n readonly BUN: typeof BUN\n readonly CONFIG_KEY_API_BASE_URL: typeof CONFIG_KEY_API_BASE_URL\n readonly CONFIG_KEY_API_PROXY: typeof CONFIG_KEY_API_PROXY\n readonly CONFIG_KEY_API_TOKEN: typeof CONFIG_KEY_API_TOKEN\n readonly CONFIG_KEY_DEFAULT_ORG: typeof CONFIG_KEY_DEFAULT_ORG\n readonly CONFIG_KEY_ENFORCED_ORGS: typeof CONFIG_KEY_ENFORCED_ORGS\n readonly CONFIG_KEY_ORG: typeof CONFIG_KEY_ORG\n readonly DOT_GIT_DIR: typeof DOT_GIT_DIR\n readonly DOT_SOCKET_DIR: typeof DOT_SOCKET_DIR\n readonly DOT_SOCKET_DOT_FACTS_JSON: typeof DOT_SOCKET_DOT_FACTS_JSON\n readonly DRY_RUN_BAILING_NOW: typeof DRY_RUN_BAILING_NOW\n readonly DRY_RUN_LABEL: typeof DRY_RUN_LABEL\n readonly DRY_RUN_NOT_SAVING: typeof DRY_RUN_NOT_SAVING\n readonly EMPTY_VALUE: typeof EMPTY_VALUE\n readonly ENV: ENV\n readonly ENVIRONMENT_YAML: typeof ENVIRONMENT_YAML\n readonly ENVIRONMENT_YML: typeof ENVIRONMENT_YML\n readonly ERROR_NO_MANIFEST_FILES: typeof ERROR_NO_MANIFEST_FILES\n readonly ERROR_NO_PACKAGE_JSON: typeof ERROR_NO_PACKAGE_JSON\n readonly ERROR_NO_REPO_FOUND: typeof ERROR_NO_REPO_FOUND\n readonly ERROR_NO_SOCKET_DIR: typeof ERROR_NO_SOCKET_DIR\n readonly ERROR_UNABLE_RESOLVE_ORG: typeof ERROR_UNABLE_RESOLVE_ORG\n readonly EXT_YAML: typeof EXT_YAML\n readonly EXT_YML: typeof EXT_YML\n readonly FLAG_CONFIG: typeof FLAG_CONFIG\n readonly FLAG_DRY_RUN: typeof FLAG_DRY_RUN\n readonly FLAG_HELP: typeof FLAG_HELP\n readonly FLAG_ID: typeof FLAG_ID\n readonly FLAG_JSON: typeof FLAG_JSON\n readonly FLAG_MARKDOWN: typeof FLAG_MARKDOWN\n readonly FLAG_ORG: typeof FLAG_ORG\n readonly FLAG_PIN: typeof FLAG_PIN\n readonly FLAG_PROD: typeof FLAG_PROD\n readonly FLAG_QUIET: typeof FLAG_QUIET\n readonly FLAG_SILENT: typeof FLAG_SILENT\n readonly FLAG_TEXT: typeof FLAG_TEXT\n readonly FLAG_VERBOSE: typeof FLAG_VERBOSE\n readonly FLAG_VERSION: typeof FLAG_VERSION\n readonly FOLD_SETTING_FILE: typeof FOLD_SETTING_FILE\n readonly FOLD_SETTING_NONE: typeof FOLD_SETTING_NONE\n readonly FOLD_SETTING_PKG: typeof FOLD_SETTING_PKG\n readonly FOLD_SETTING_VERSION: typeof FOLD_SETTING_VERSION\n readonly GQL_PAGE_SENTINEL: typeof GQL_PAGE_SENTINEL\n readonly GQL_PR_STATE_CLOSED: typeof GQL_PR_STATE_CLOSED\n readonly GQL_PR_STATE_MERGED: typeof GQL_PR_STATE_MERGED\n readonly GQL_PR_STATE_OPEN: typeof GQL_PR_STATE_OPEN\n readonly HTTP_STATUS_BAD_REQUEST: typeof HTTP_STATUS_BAD_REQUEST\n readonly HTTP_STATUS_FORBIDDEN: typeof HTTP_STATUS_FORBIDDEN\n readonly HTTP_STATUS_INTERNAL_SERVER_ERROR: typeof HTTP_STATUS_INTERNAL_SERVER_ERROR\n readonly HTTP_STATUS_NOT_FOUND: typeof HTTP_STATUS_NOT_FOUND\n readonly HTTP_STATUS_UNAUTHORIZED: typeof HTTP_STATUS_UNAUTHORIZED\n readonly NODE_MODULES: typeof NODE_MODULES\n readonly NPM: typeof NPM\n readonly NPM_BUGGY_OVERRIDES_PATCHED_VERSION: typeof NPM_BUGGY_OVERRIDES_PATCHED_VERSION\n readonly NPM_REGISTRY_URL: typeof NPM_REGISTRY_URL\n readonly NPX: typeof NPX\n readonly OUTPUT_JSON: typeof OUTPUT_JSON\n readonly OUTPUT_MARKDOWN: typeof OUTPUT_MARKDOWN\n readonly OUTPUT_TEXT: typeof OUTPUT_TEXT\n readonly PACKAGE_JSON: typeof PACKAGE_JSON\n readonly PACKAGE_LOCK_JSON: typeof PACKAGE_LOCK_JSON\n readonly PNPM: typeof PNPM\n readonly PNPM_LOCK_YAML: typeof PNPM_LOCK_YAML\n readonly PNPM_WORKSPACE_YAML: typeof PNPM_WORKSPACE_YAML\n readonly REDACTED: typeof REDACTED\n readonly REPORT_LEVEL_DEFER: typeof REPORT_LEVEL_DEFER\n readonly REPORT_LEVEL_ERROR: typeof REPORT_LEVEL_ERROR\n readonly REPORT_LEVEL_IGNORE: typeof REPORT_LEVEL_IGNORE\n readonly REPORT_LEVEL_MONITOR: typeof REPORT_LEVEL_MONITOR\n readonly REPORT_LEVEL_WARN: typeof REPORT_LEVEL_WARN\n readonly REQUIREMENTS_TXT: typeof REQUIREMENTS_TXT\n readonly SOCKET_CLI_ACCEPT_RISKS: typeof SOCKET_CLI_ACCEPT_RISKS\n readonly SOCKET_CLI_BIN_NAME: typeof SOCKET_CLI_BIN_NAME\n readonly SOCKET_CLI_ISSUES_URL: typeof SOCKET_CLI_ISSUES_URL\n readonly SOCKET_CLI_SHADOW_ACCEPT_RISKS: typeof SOCKET_CLI_SHADOW_ACCEPT_RISKS\n readonly SOCKET_CLI_SHADOW_API_TOKEN: typeof SOCKET_CLI_SHADOW_API_TOKEN\n readonly SOCKET_CLI_SHADOW_BIN: typeof SOCKET_CLI_SHADOW_BIN\n readonly SOCKET_CLI_SHADOW_PROGRESS: typeof SOCKET_CLI_SHADOW_PROGRESS\n readonly SOCKET_CLI_SHADOW_SILENT: typeof SOCKET_CLI_SHADOW_SILENT\n readonly SOCKET_CLI_VIEW_ALL_RISKS: typeof SOCKET_CLI_VIEW_ALL_RISKS\n readonly SOCKET_DEFAULT_BRANCH: typeof SOCKET_DEFAULT_BRANCH\n readonly SOCKET_DEFAULT_REPOSITORY: typeof SOCKET_DEFAULT_REPOSITORY\n readonly SOCKET_JSON: typeof SOCKET_JSON\n readonly SOCKET_WEBSITE_URL: typeof SOCKET_WEBSITE_URL\n readonly SOCKET_YAML: typeof SOCKET_YAML\n readonly SOCKET_YML: typeof SOCKET_YML\n readonly TSCONFIG_JSON: typeof TSCONFIG_JSON\n readonly UNKNOWN_ERROR: typeof UNKNOWN_ERROR\n readonly UNKNOWN_VALUE: typeof UNKNOWN_VALUE\n readonly V1_MIGRATION_GUIDE_URL: typeof V1_MIGRATION_GUIDE_URL\n readonly VLT: typeof VLT\n readonly YARN: typeof YARN\n readonly YARN_BERRY: typeof YARN_BERRY\n readonly YARN_CLASSIC: typeof YARN_CLASSIC\n readonly bashRcPath: string\n readonly binCliPath: string\n readonly binPath: string\n readonly blessedContribPath: string\n readonly blessedOptions: {\n smartCSR: boolean\n term: string\n useBCE: boolean\n }\n readonly blessedPath: string\n readonly distCliPath: string\n readonly distPath: string\n readonly externalPath: string\n readonly githubCachePath: string\n readonly homePath: string\n readonly instrumentWithSentryPath: string\n readonly ipcObject: IpcObject\n readonly minimumVersionByAgent: Map<Agent, string>\n readonly nmBinPath: string\n readonly nodeDebugFlags: string[]\n readonly nodeHardenFlags: string[]\n readonly nodeMemoryFlags: string[]\n readonly npmCachePath: string\n readonly npmGlobalPrefix: string\n readonly npmNmNodeGypPath: string\n readonly processEnv: ProcessEnv\n readonly rootPath: string\n readonly shadowBinPath: string\n readonly shadowNpmBinPath: string\n readonly shadowNpmInjectPath: string\n readonly shadowNpxBinPath: string\n readonly shadowPnpmBinPath: string\n readonly shadowYarnBinPath: string\n readonly socketAppDataPath: string\n readonly socketCachePath: string\n readonly socketRegistryPath: string\n readonly zshRcPath: string\n }\n>\n\nlet _Sentry: any\n\nlet _npmStdioPipeOptions: SpawnOptions | undefined\nfunction getNpmStdioPipeOptions() {\n if (_npmStdioPipeOptions === undefined) {\n _npmStdioPipeOptions = {\n cwd: process.cwd(),\n // On Windows, npm is often a .cmd file that requires shell execution.\n // The spawn function from @socketsecurity/registry will handle this properly\n // when shell is true.\n shell: constants.WIN32,\n }\n }\n return _npmStdioPipeOptions\n}\n\nconst LAZY_ENV = () => {\n const { env } = process\n const envHelpers = /*@__PURE__*/ require('@socketsecurity/registry/lib/env')\n const utils = /*@__PURE__*/ require(\n path.join(constants.rootPath, 'dist/utils.js'),\n )\n const envAsBoolean = envHelpers.envAsBoolean\n const envAsNumber = envHelpers.envAsNumber\n const envAsString = envHelpers.envAsString\n const getConfigValueOrUndef = utils.getConfigValueOrUndef\n const readOrDefaultSocketJson = utils.readOrDefaultSocketJson\n const GITHUB_TOKEN = envAsString(env['GITHUB_TOKEN'])\n const INLINED_SOCKET_CLI_PUBLISHED_BUILD = envAsBoolean(\n process.env['INLINED_SOCKET_CLI_PUBLISHED_BUILD'],\n )\n // We inline some environment values so that they CANNOT be influenced by user\n // provided environment variables.\n return Object.freeze({\n __proto__: null,\n // Lazily access registryConstants.ENV.\n ...registryConstants.ENV,\n // Disable using GitHub's workflow actions/cache.\n // https://github.com/actions/cache\n DISABLE_GITHUB_CACHE: envAsBoolean(env['DISABLE_GITHUB_CACHE']),\n // The API URL. For example, https://api.github.com.\n // https://docs.github.com/en/codespaces/developing-in-a-codespace/default-environment-variables-for-your-codespace#list-of-default-environment-variables\n GITHUB_API_URL:\n envAsString(env['GITHUB_API_URL']) || 'https://api.github.com',\n // The name of the base ref or target branch of the pull request in a workflow\n // run. This is only set when the event that triggers a workflow run is either\n // pull_request or pull_request_target. For example, main.\n // https://docs.github.com/en/codespaces/developing-in-a-codespace/default-environment-variables-for-your-codespace#list-of-default-environment-variables\n GITHUB_BASE_REF: envAsString(env['GITHUB_BASE_REF']),\n // The short ref name of the branch or tag that triggered the GitHub workflow\n // run. This value matches the branch or tag name shown on GitHub. For example,\n // feature-branch-1. For pull requests, the format is <pr_number>/merge.\n // https://docs.github.com/en/codespaces/developing-in-a-codespace/default-environment-variables-for-your-codespace#list-of-default-environment-variables\n GITHUB_REF_NAME: envAsString(env['GITHUB_REF_NAME']),\n // The type of ref that triggered the workflow run. Valid values are branch or tag.\n // https://docs.github.com/en/codespaces/developing-in-a-codespace/default-environment-variables-for-your-codespace#list-of-default-environment-variables\n GITHUB_REF_TYPE: envAsString(env['GITHUB_REF_TYPE']),\n // The owner and repository name. For example, octocat/Hello-World.\n // https://docs.github.com/en/codespaces/developing-in-a-codespace/default-environment-variables-for-your-codespace#list-of-default-environment-variables\n GITHUB_REPOSITORY: envAsString(env['GITHUB_REPOSITORY']),\n // The URL of the GitHub server. For example, https://github.com.\n // https://docs.github.com/en/codespaces/developing-in-a-codespace/default-environment-variables-for-your-codespace#list-of-default-environment-variables\n GITHUB_SERVER_URL:\n envAsString(env['GITHUB_SERVER_URL']) || 'https://github.com',\n // The GITHUB_TOKEN secret is a GitHub App installation access token.\n // The token's permissions are limited to the repository that contains the\n // workflow.\n // https://docs.github.com/en/actions/security-for-github-actions/security-guides/automatic-token-authentication#about-the-github_token-secret\n GITHUB_TOKEN,\n // Comp-time inlined @coana-tech/cli package version.\n // The '@rollup/plugin-replace' will replace \"process.env['INLINED_SOCKET_CLI_COANA_TECH_CLI_VERSION']\".\n INLINED_SOCKET_CLI_COANA_TECH_CLI_VERSION: envAsString(\n process.env['INLINED_SOCKET_CLI_COANA_TECH_CLI_VERSION'],\n ),\n // Comp-time inlined @cyclonedx/cdxgen package version.\n // The '@rollup/plugin-replace' will replace \"process.env['INLINED_SOCKET_CLI_CYCLONEDX_CDXGEN_VERSION']\".\n INLINED_SOCKET_CLI_CYCLONEDX_CDXGEN_VERSION: envAsString(\n process.env['INLINED_SOCKET_CLI_CYCLONEDX_CDXGEN_VERSION'],\n ),\n // Comp-time inlined Socket package homepage.\n // The '@rollup/plugin-replace' will replace \"process.env['INLINED_SOCKET_CLI_HOMEPAGE']\".\n INLINED_SOCKET_CLI_HOMEPAGE: envAsString(\n process.env['INLINED_SOCKET_CLI_HOMEPAGE'],\n ),\n // Comp-time inlined flag to determine if this is the Legacy build.\n // The '@rollup/plugin-replace' will replace \"process.env['INLINED_SOCKET_CLI_LEGACY_BUILD']\".\n INLINED_SOCKET_CLI_LEGACY_BUILD: envAsBoolean(\n process.env['INLINED_SOCKET_CLI_LEGACY_BUILD'],\n ),\n // Comp-time inlined Socket package name.\n // The '@rollup/plugin-replace' will replace \"process.env['INLINED_SOCKET_CLI_NAME']\".\n INLINED_SOCKET_CLI_NAME: envAsString(\n process.env['INLINED_SOCKET_CLI_NAME'],\n ),\n // Comp-time inlined flag to determine if this is a published build.\n // The '@rollup/plugin-replace' will replace \"process.env['INLINED_SOCKET_CLI_PUBLISHED_BUILD']\".\n INLINED_SOCKET_CLI_PUBLISHED_BUILD,\n // Comp-time inlined flag to determine if this is the Sentry build.\n // The '@rollup/plugin-replace' will replace \"process.env['INLINED_SOCKET_CLI_SENTRY_BUILD']\".\n INLINED_SOCKET_CLI_SENTRY_BUILD: envAsBoolean(\n process.env['INLINED_SOCKET_CLI_SENTRY_BUILD'],\n ),\n // Comp-time inlined synp package version.\n // The '@rollup/plugin-replace' will replace \"process.env['INLINED_SOCKET_CLI_SYNP_VERSION']\".\n INLINED_SOCKET_CLI_SYNP_VERSION: envAsString(\n process.env['INLINED_SOCKET_CLI_SYNP_VERSION'],\n ),\n // Comp-time inlined Socket package version.\n // The '@rollup/plugin-replace' will replace \"process.env['INLINED_SOCKET_CLI_VERSION']\".\n INLINED_SOCKET_CLI_VERSION: envAsString(\n process.env['INLINED_SOCKET_CLI_VERSION'],\n ),\n // Comp-time inlined Socket package version hash.\n // The '@rollup/plugin-replace' will replace \"process.env['INLINED_SOCKET_CLI_VERSION_HASH']\".\n INLINED_SOCKET_CLI_VERSION_HASH: envAsString(\n process.env['INLINED_SOCKET_CLI_VERSION_HASH'],\n ),\n // Enable the module compile cache for the Node.js instance.\n // https://nodejs.org/api/cli.html#node_compile_cachedir\n NODE_COMPILE_CACHE: constants.SUPPORTS_NODE_COMPILE_CACHE_ENV_VAR\n ? constants.socketCachePath\n : '',\n // Redefine registryConstants.ENV.NODE_ENV to account for the\n // INLINED_SOCKET_CLI_PUBLISHED_BUILD environment variable.\n NODE_ENV:\n envAsString(env['NODE_ENV']).toLowerCase() === 'production'\n ? 'production'\n : INLINED_SOCKET_CLI_PUBLISHED_BUILD\n ? ''\n : 'development',\n // Well known \"root\" CAs (like VeriSign) will be extended with the extra\n // certificates in file. The file should consist of one or more trusted\n // certificates in PEM format.\n // https://nodejs.org/api/cli.html#node_extra_ca_certsfile\n NODE_EXTRA_CA_CERTS:\n envAsString(env['NODE_EXTRA_CA_CERTS']) ||\n // Commonly used environment variable to specify the path to a single\n // PEM-encoded certificate file.\n envAsString(env['SSL_CERT_FILE']),\n // PATH is an environment variable that lists directories where executable\n // programs are located. When a command is run, the system searches these\n // directories to find the executable.\n PATH: envAsString(env['PATH']),\n // Accept risks of a Socket wrapped npm/npx run.\n SOCKET_CLI_ACCEPT_RISKS: envAsBoolean(env[SOCKET_CLI_ACCEPT_RISKS]),\n // Change the base URL for Socket API calls.\n // https://github.com/SocketDev/socket-cli?tab=readme-ov-file#environment-variables-for-development\n SOCKET_CLI_API_BASE_URL:\n envAsString(env['SOCKET_CLI_API_BASE_URL']) ||\n // TODO: Remove legacy environment variable name.\n envAsString(env['SOCKET_SECURITY_API_BASE_URL']) ||\n getConfigValueOrUndef('apiBaseUrl') ||\n API_V0_URL,\n // Set the proxy that all requests are routed through.\n // https://github.com/SocketDev/socket-cli?tab=readme-ov-file#environment-variables-for-development\n SOCKET_CLI_API_PROXY:\n envAsString(env['SOCKET_CLI_API_PROXY']) ||\n // TODO: Remove legacy environment variable name.\n envAsString(env['SOCKET_SECURITY_API_PROXY']) ||\n // Commonly used environment variables to specify routing requests through\n // a proxy server.\n envAsString(env['HTTPS_PROXY']) ||\n envAsString(env['https_proxy']) ||\n envAsString(env['HTTP_PROXY']) ||\n envAsString(env['http_proxy']),\n // Set the timeout in milliseconds for Socket API requests.\n // https://nodejs.org/api/http.html#httprequesturl-options-callback\n SOCKET_CLI_API_TIMEOUT: envAsNumber(env['SOCKET_CLI_API_TIMEOUT']),\n // Set the Socket API token.\n // https://github.com/SocketDev/socket-cli?tab=readme-ov-file#environment-variables\n SOCKET_CLI_API_TOKEN:\n envAsString(env['SOCKET_CLI_API_TOKEN']) ||\n // TODO: Remove legacy environment variable names.\n envAsString(env['SOCKET_CLI_API_KEY']) ||\n envAsString(env['SOCKET_SECURITY_API_TOKEN']) ||\n envAsString(env['SOCKET_SECURITY_API_KEY']),\n // A JSON stringified Socket configuration object.\n SOCKET_CLI_CONFIG: envAsString(env['SOCKET_CLI_CONFIG']),\n // The git config user.email used by Socket CLI.\n SOCKET_CLI_GIT_USER_EMAIL:\n envAsString(env['SOCKET_CLI_GIT_USER_EMAIL']) ||\n 'github-actions[bot]@users.noreply.github.com',\n // The git config user.name used by Socket CLI.\n SOCKET_CLI_GIT_USER_NAME:\n envAsString(env['SOCKET_CLI_GIT_USER_NAME']) ||\n envAsString(env['SOCKET_CLI_GIT_USERNAME']) ||\n 'github-actions[bot]',\n // Change the base URL for GitHub REST API calls.\n // https://docs.github.com/en/rest\n SOCKET_CLI_GITHUB_API_URL:\n envAsString(env['SOCKET_CLI_GITHUB_API_URL']) ||\n readOrDefaultSocketJson(process.cwd())?.defaults?.scan?.github\n ?.githubApiUrl ||\n 'https://api.github.com',\n // A classic GitHub personal access token with the \"repo\" scope or a\n // fine-grained access token with at least read/write permissions set for\n // \"Contents\" and \"Pull Request\".\n // https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/managing-your-personal-access-tokens\n SOCKET_CLI_GITHUB_TOKEN:\n envAsString(env['SOCKET_CLI_GITHUB_TOKEN']) ||\n // TODO: Remove undocumented legacy environment variable name.\n envAsString(env['SOCKET_SECURITY_GITHUB_PAT']) ||\n GITHUB_TOKEN,\n // Make the default API token `undefined`.\n SOCKET_CLI_NO_API_TOKEN: envAsBoolean(env['SOCKET_CLI_NO_API_TOKEN']),\n // The absolute location of the npm directory.\n SOCKET_CLI_NPM_PATH: envAsString(env['SOCKET_CLI_NPM_PATH']),\n // Specify the Socket organization slug.\n SOCKET_CLI_ORG_SLUG:\n envAsString(env['SOCKET_CLI_ORG_SLUG']) ||\n // Coana CLI accepts the SOCKET_ORG_SLUG environment variable.\n envAsString(env['SOCKET_ORG_SLUG']),\n // View all risks of a Socket wrapped npm/npx run.\n SOCKET_CLI_VIEW_ALL_RISKS: envAsBoolean(env[SOCKET_CLI_VIEW_ALL_RISKS]),\n // Specifies the type of terminal or terminal emulator being used by the process.\n TERM: envAsString(env['TERM']),\n })\n}\n\nconst lazyBashRcPath = () => path.join(constants.homePath, '.bashrc')\n\nconst lazyBinPath = () => path.join(constants.rootPath, 'bin')\n\nconst lazyBinCliPath = () => path.join(constants.binPath, 'cli.js')\n\nconst lazyBlessedContribPath = () =>\n path.join(constants.externalPath, 'blessed-contrib')\n\nconst lazyBlessedOptions = () =>\n Object.freeze({\n smartCSR: true,\n term: constants.WIN32 ? 'windows-ansi' : 'xterm',\n useBCE: true,\n })\n\nconst lazyBlessedPath = () => path.join(constants.externalPath, 'blessed')\n\nconst lazyDistCliPath = () => path.join(constants.distPath, 'cli.js')\n\nconst lazyDistPath = () => path.join(constants.rootPath, 'dist')\n\nconst lazyExternalPath = () => path.join(constants.rootPath, 'external')\n\nconst lazyGithubCachePath = () => path.join(constants.socketCachePath, 'github')\n\nconst lazyHomePath = () => os.homedir()\n\nconst lazyInstrumentWithSentryPath = () =>\n path.join(constants.distPath, 'instrument-with-sentry.js')\n\nconst lazyMinimumVersionByAgent = () =>\n new Map([\n // Bun >=1.1.39 supports the text-based lockfile.\n // https://bun.sh/blog/bun-lock-text-lockfile\n [BUN, '1.1.39'],\n // The npm version bundled with Node 18.\n // https://nodejs.org/en/about/previous-releases#looking-for-the-latest-release-of-a-version-branch\n [NPM, '10.8.2'],\n // 8.x is the earliest version to support Node 18.\n // https://pnpm.io/installation#compatibility\n // https://www.npmjs.com/package/pnpm?activeTab=versions\n [PNPM, '8.15.7'],\n // 4.x supports >= Node 18.12.0\n // https://github.com/yarnpkg/berry/blob/%40yarnpkg/core/4.1.0/CHANGELOG.md#400\n [YARN_BERRY, '4.0.0'],\n // Latest 1.x.\n // https://www.npmjs.com/package/yarn?activeTab=versions\n [YARN_CLASSIC, '1.22.22'],\n // vlt does not support overrides so we don't gate on it.\n [VLT, '*'],\n ])\n\nconst lazyNmBinPath = () => path.join(constants.rootPath, 'node_modules/.bin')\n\nconst lazyNodeDebugFlags = () =>\n constants.ENV.SOCKET_CLI_DEBUG ? ['--trace-uncaught', '--trace-warnings'] : []\n\n// Redefine registryConstants.nodeHardenFlags to account for the\n// INLINED_SOCKET_CLI_SENTRY_BUILD environment variable.\nconst lazyNodeHardenFlags = () =>\n Object.freeze(\n // Harden Node security.\n // https://nodejs.org/en/learn/getting-started/security-best-practices\n constants.ENV.INLINED_SOCKET_CLI_SENTRY_BUILD || constants.WIN32\n ? [\n // https://nodejs.org/api/cli.html#--disallow-code-generation-from-strings\n // '--disallow-code-generation-from-strings'\n ]\n : [\n // '--disallow-code-generation-from-strings',\n // https://nodejs.org/api/cli.html#--disable-protomode\n // '--disable-proto',\n // 'throw',\n // https://nodejs.org/api/cli.html#--frozen-intrinsics\n // We have contributed the following patches to our dependencies to make\n // Node's --frozen-intrinsics workable.\n // √ https://github.com/SBoudrias/Inquirer.js/pull/1683\n // √ https://github.com/pnpm/components/pull/23\n // '--frozen-intrinsics',\n // https://nodejs.org/api/cli.html#--no-deprecation\n // '--no-deprecation',\n ],\n )\n\nconst lazyNodeMemoryFlags = () => {\n const flags = /*@__PURE__*/ require(\n path.join(constants.rootPath, 'dist/flags.js'),\n )\n const getMaxOldSpaceSizeFlag = flags.getMaxOldSpaceSizeFlag\n const getMaxSemiSpaceSizeFlag = flags.getMaxSemiSpaceSizeFlag\n return Object.freeze([\n `--max-old-space-size=${getMaxOldSpaceSizeFlag()}`,\n `--max-semi-space-size=${getMaxSemiSpaceSizeFlag()}`,\n ])\n}\n\nconst lazyNpmCachePath = () => {\n const spawnHelpers = /*@__PURE__*/ require('@socketsecurity/registry/lib/spawn')\n const spawnSync = spawnHelpers.spawnSync\n return spawnSync(\n constants.npmExecPath,\n ['config', 'get', 'cache'],\n getNpmStdioPipeOptions(),\n ).stdout\n}\n\nconst lazyNpmGlobalPrefix = () => {\n const spawnHelpers = /*@__PURE__*/ require('@socketsecurity/registry/lib/spawn')\n const spawnSync = spawnHelpers.spawnSync\n return spawnSync(\n constants.npmExecPath,\n ['prefix', '-g'],\n getNpmStdioPipeOptions(),\n ).stdout\n}\n\nconst lazyNpmNmNodeGypPath = () =>\n path.join(\n constants.npmRealExecPath,\n '../../node_modules/node-gyp/bin/node-gyp.js',\n )\n\nconst lazyProcessEnv = () =>\n Object.setPrototypeOf(\n Object.fromEntries(\n Object.entries(constants.ENV).reduce(\n (entries, entry) => {\n const { 0: key, 1: value } = entry\n if (key.startsWith('INLINED_SOCKET_CLI_')) {\n return entries\n }\n if (typeof value === 'string') {\n if (value) {\n entries.push(entry as [string, string])\n }\n } else if (typeof value === 'boolean' && value) {\n entries.push([key, '1'])\n }\n return entries\n },\n [] as Array<[string, string]>,\n ),\n ),\n null,\n )\n\nconst lazyRootPath = () => path.join(realpathSync.native(__dirname), '..')\n\nconst lazyShadowBinPath = () => path.join(constants.rootPath, 'shadow-npm-bin')\n\nconst lazyShadowNpmBinPath = () =>\n path.join(constants.distPath, 'shadow-npm-bin.js')\n\nconst lazyShadowNpmInjectPath = () =>\n path.join(constants.distPath, 'shadow-npm-inject.js')\n\nconst lazyShadowNpxBinPath = () =>\n path.join(constants.distPath, 'shadow-npx-bin.js')\n\nconst lazyShadowPnpmBinPath = () =>\n path.join(constants.distPath, 'shadow-pnpm-bin.js')\n\nconst lazyShadowYarnBinPath = () =>\n path.join(constants.distPath, 'shadow-yarn-bin.js')\n\nconst lazySocketAppDataPath = (): string | undefined => {\n // Get the OS app data directory:\n // - Win: %LOCALAPPDATA% or fail?\n // - Mac: %XDG_DATA_HOME% or fallback to \"~/Library/Application Support/\"\n // - Linux: %XDG_DATA_HOME% or fallback to \"~/.local/share/\"\n // Note: LOCALAPPDATA is typically: C:\\Users\\USERNAME\\AppData\n // Note: XDG stands for \"X Desktop Group\", nowadays \"freedesktop.org\"\n // On most systems that path is: $HOME/.local/share\n // Then append `socket/settings`, so:\n // - Win: %LOCALAPPDATA%\\socket\\settings or return undefined\n // - Mac: %XDG_DATA_HOME%/socket/settings or \"~/Library/Application Support/socket/settings\"\n // - Linux: %XDG_DATA_HOME%/socket/settings or \"~/.local/share/socket/settings\"\n const { WIN32 } = constants\n let dataHome: string | undefined = WIN32\n ? constants.ENV.LOCALAPPDATA\n : constants.ENV.XDG_DATA_HOME\n if (!dataHome) {\n if (WIN32) {\n const logger = /*@__PURE__*/ require('@socketsecurity/registry/lib/logger')\n logger.warn(`Missing %LOCALAPPDATA%.`)\n } else {\n dataHome = path.join(\n constants.homePath,\n constants.DARWIN ? 'Library/Application Support' : '.local/share',\n )\n }\n }\n return dataHome ? path.join(dataHome, 'socket/settings') : undefined\n}\n\nconst lazySocketCachePath = () => path.join(constants.rootPath, '.cache')\n\nconst lazySocketRegistryPath = () =>\n path.join(constants.externalPath, '@socketsecurity/registry')\n\nconst lazyZshRcPath = () => path.join(constants.homePath, '.zshrc')\n\nconst constants: Constants = createConstantsObject(\n {\n ...registryConstantsAttribs.props,\n ALERT_TYPE_CRITICAL_CVE,\n ALERT_TYPE_CVE,\n ALERT_TYPE_MEDIUM_CVE,\n ALERT_TYPE_MILD_CVE,\n API_V0_URL,\n BUN,\n CONFIG_KEY_API_BASE_URL,\n CONFIG_KEY_API_PROXY,\n CONFIG_KEY_API_TOKEN,\n CONFIG_KEY_DEFAULT_ORG,\n CONFIG_KEY_ENFORCED_ORGS,\n CONFIG_KEY_ORG,\n DOT_GIT_DIR,\n DOT_SOCKET_DIR,\n DOT_SOCKET_DOT_FACTS_JSON,\n DRY_RUN_BAILING_NOW,\n DRY_RUN_LABEL,\n DRY_RUN_NOT_SAVING,\n ENV: undefined,\n ENVIRONMENT_YAML,\n ENVIRONMENT_YML,\n ERROR_NO_MANIFEST_FILES,\n ERROR_NO_PACKAGE_JSON,\n ERROR_NO_REPO_FOUND,\n ERROR_NO_SOCKET_DIR,\n ERROR_UNABLE_RESOLVE_ORG,\n EXT_YAML,\n EXT_YML,\n FLAG_CONFIG,\n FLAG_DRY_RUN,\n FLAG_HELP,\n FLAG_ID,\n FLAG_JSON,\n FLAG_MARKDOWN,\n FLAG_ORG,\n FLAG_PIN,\n FLAG_PROD,\n FLAG_QUIET,\n FLAG_SILENT,\n FLAG_TEXT,\n FLAG_VERBOSE,\n FLAG_VERSION,\n FOLD_SETTING_FILE,\n FOLD_SETTING_NONE,\n FOLD_SETTING_PKG,\n FOLD_SETTING_VERSION,\n GQL_PAGE_SENTINEL,\n GQL_PR_STATE_CLOSED,\n GQL_PR_STATE_MERGED,\n GQL_PR_STATE_OPEN,\n HTTP_STATUS_BAD_REQUEST,\n HTTP_STATUS_FORBIDDEN,\n HTTP_STATUS_INTERNAL_SERVER_ERROR,\n HTTP_STATUS_NOT_FOUND,\n HTTP_STATUS_UNAUTHORIZED,\n NODE_MODULES,\n NPM_BUGGY_OVERRIDES_PATCHED_VERSION,\n NPM_REGISTRY_URL,\n NPX,\n OUTPUT_JSON,\n OUTPUT_MARKDOWN,\n OUTPUT_TEXT,\n PACKAGE_JSON,\n PACKAGE_LOCK_JSON,\n PNPM,\n PNPM_LOCK_YAML,\n PNPM_WORKSPACE_YAML,\n REDACTED,\n REPORT_LEVEL_DEFER,\n REPORT_LEVEL_ERROR,\n REPORT_LEVEL_IGNORE,\n REPORT_LEVEL_MONITOR,\n REPORT_LEVEL_WARN,\n REQUIREMENTS_TXT,\n SOCKET_CLI_ACCEPT_RISKS,\n SOCKET_CLI_BIN_NAME,\n SOCKET_CLI_ISSUES_URL,\n SOCKET_CLI_SHADOW_ACCEPT_RISKS,\n SOCKET_CLI_SHADOW_API_TOKEN,\n SOCKET_CLI_SHADOW_BIN,\n SOCKET_CLI_SHADOW_PROGRESS,\n SOCKET_CLI_SHADOW_SILENT,\n SOCKET_CLI_VIEW_ALL_RISKS,\n SOCKET_DEFAULT_BRANCH,\n SOCKET_DEFAULT_REPOSITORY,\n SOCKET_JSON,\n SOCKET_WEBSITE_URL,\n SOCKET_YAML,\n SOCKET_YML,\n TSCONFIG_JSON,\n UNKNOWN_ERROR,\n UNKNOWN_VALUE,\n V1_MIGRATION_GUIDE_URL,\n VLT,\n YARN,\n YARN_BERRY,\n YARN_CLASSIC,\n bashRcPath: undefined,\n binPath: undefined,\n binCliPath: undefined,\n blessedContribPath: undefined,\n blessedOptions: undefined,\n blessedPath: undefined,\n distCliPath: undefined,\n distPath: undefined,\n externalPath: undefined,\n githubCachePath: undefined,\n homePath: undefined,\n instrumentWithSentryPath: undefined,\n minimumVersionByAgent: undefined,\n nmBinPath: undefined,\n nodeHardenFlags: undefined,\n nodeDebugFlags: undefined,\n nodeMemoryFlags: undefined,\n npmCachePath: undefined,\n npmGlobalPrefix: undefined,\n npmNmNodeGypPath: undefined,\n processEnv: undefined,\n rootPath: undefined,\n shadowBinPath: undefined,\n shadowNpmInjectPath: undefined,\n shadowNpmBinPath: undefined,\n shadowPnpmBinPath: undefined,\n shadowYarnBinPath: undefined,\n socketAppDataPath: undefined,\n socketCachePath: undefined,\n socketRegistryPath: undefined,\n zshRcPath: undefined,\n },\n {\n getters: {\n ...registryConstantsAttribs.getters,\n ENV: LAZY_ENV,\n bashRcPath: lazyBashRcPath,\n binCliPath: lazyBinCliPath,\n binPath: lazyBinPath,\n blessedContribPath: lazyBlessedContribPath,\n blessedOptions: lazyBlessedOptions,\n blessedPath: lazyBlessedPath,\n distCliPath: lazyDistCliPath,\n distPath: lazyDistPath,\n externalPath: lazyExternalPath,\n githubCachePath: lazyGithubCachePath,\n homePath: lazyHomePath,\n instrumentWithSentryPath: lazyInstrumentWithSentryPath,\n minimumVersionByAgent: lazyMinimumVersionByAgent,\n nmBinPath: lazyNmBinPath,\n nodeDebugFlags: lazyNodeDebugFlags,\n nodeHardenFlags: lazyNodeHardenFlags,\n nodeMemoryFlags: lazyNodeMemoryFlags,\n npmCachePath: lazyNpmCachePath,\n npmGlobalPrefix: lazyNpmGlobalPrefix,\n npmNmNodeGypPath: lazyNpmNmNodeGypPath,\n processEnv: lazyProcessEnv,\n rootPath: lazyRootPath,\n shadowBinPath: lazyShadowBinPath,\n shadowNpmBinPath: lazyShadowNpmBinPath,\n shadowNpmInjectPath: lazyShadowNpmInjectPath,\n shadowNpxBinPath: lazyShadowNpxBinPath,\n shadowPnpmBinPath: lazyShadowPnpmBinPath,\n shadowYarnBinPath: lazyShadowYarnBinPath,\n socketAppDataPath: lazySocketAppDataPath,\n socketCachePath: lazySocketCachePath,\n socketRegistryPath: lazySocketRegistryPath,\n zshRcPath: lazyZshRcPath,\n },\n internals: {\n ...registryConstantsAttribs.internals,\n getIpc,\n getSentry() {\n return _Sentry\n },\n setSentry(Sentry: Sentry): boolean {\n if (_Sentry === undefined) {\n _Sentry = Sentry\n return true\n }\n return false\n },\n },\n },\n) as Constants\n\nexport {\n // Re-exported from socket-registry.\n AT_LATEST,\n BIOME_JSON,\n BUN,\n CI,\n COLUMN_LIMIT,\n DOT_GIT_DIR,\n DOT_PACKAGE_LOCK_JSON,\n DOT_SOCKET_DIR,\n EMPTY_FILE,\n EMPTY_VALUE,\n ESLINT_CONFIG_JS,\n ESNEXT,\n EXTENSIONS,\n EXTENSIONS_JSON,\n EXT_CJS,\n EXT_CMD,\n EXT_CTS,\n EXT_DTS,\n EXT_JS,\n EXT_JSON,\n EXT_LOCK,\n EXT_LOCKB,\n EXT_MD,\n EXT_MJS,\n EXT_MTS,\n EXT_PS1,\n EXT_YAML,\n EXT_YML,\n GITIGNORE,\n LATEST,\n LICENSE,\n LICENSE_GLOB,\n LICENSE_GLOB_RECURSIVE,\n LICENSE_ORIGINAL,\n LICENSE_ORIGINAL_GLOB,\n LICENSE_ORIGINAL_GLOB_RECURSIVE,\n LOOP_SENTINEL,\n MANIFEST_JSON,\n MIT,\n NODE_AUTH_TOKEN,\n NODE_ENV,\n NODE_MODULES,\n NODE_MODULES_GLOB_RECURSIVE,\n NPM,\n NPX,\n OVERRIDES,\n PACKAGE_DEFAULT_VERSION,\n PACKAGE_JSON,\n PACKAGE_LOCK_JSON,\n PNPM,\n PNPM_LOCK_YAML,\n PRE_COMMIT,\n README_GLOB,\n README_GLOB_RECURSIVE,\n README_MD,\n REGISTRY,\n REGISTRY_SCOPE_DELIMITER,\n RESOLUTIONS,\n SOCKET_GITHUB_ORG,\n SOCKET_IPC_HANDSHAKE,\n SOCKET_OVERRIDE_SCOPE,\n SOCKET_PUBLIC_API_TOKEN,\n SOCKET_REGISTRY_NPM_ORG,\n SOCKET_REGISTRY_PACKAGE_NAME,\n SOCKET_REGISTRY_REPO_NAME,\n SOCKET_REGISTRY_SCOPE,\n SOCKET_SECURITY_SCOPE,\n TSCONFIG_JSON,\n UNKNOWN_ERROR,\n UNKNOWN_VALUE,\n UNLICENCED,\n UNLICENSED,\n UTF8,\n VITEST,\n VLT,\n YARN,\n YARN_BERRY,\n YARN_CLASSIC,\n YARN_LOCK,\n // Socket CLI specific constants.\n ALERT_TYPE_CRITICAL_CVE,\n ALERT_TYPE_CVE,\n ALERT_TYPE_MEDIUM_CVE,\n ALERT_TYPE_MILD_CVE,\n API_V0_URL,\n CONFIG_KEY_API_BASE_URL,\n CONFIG_KEY_API_PROXY,\n CONFIG_KEY_API_TOKEN,\n CONFIG_KEY_DEFAULT_ORG,\n CONFIG_KEY_ENFORCED_ORGS,\n CONFIG_KEY_ORG,\n DOT_SOCKET_DOT_FACTS_JSON,\n DRY_RUN_BAILING_NOW,\n DRY_RUN_LABEL,\n DRY_RUN_NOT_SAVING,\n ENVIRONMENT_YAML,\n ENVIRONMENT_YML,\n ERROR_NO_MANIFEST_FILES,\n ERROR_NO_PACKAGE_JSON,\n ERROR_NO_REPO_FOUND,\n ERROR_NO_SOCKET_DIR,\n ERROR_UNABLE_RESOLVE_ORG,\n FLAG_CONFIG,\n FLAG_DRY_RUN,\n FLAG_HELP,\n FLAG_ID,\n FLAG_JSON,\n FLAG_MARKDOWN,\n FLAG_ORG,\n FLAG_PIN,\n FLAG_PROD,\n FLAG_QUIET,\n FLAG_SILENT,\n FLAG_TEXT,\n FLAG_VERBOSE,\n FLAG_VERSION,\n FOLD_SETTING_FILE,\n FOLD_SETTING_NONE,\n FOLD_SETTING_PKG,\n FOLD_SETTING_VERSION,\n GQL_PAGE_SENTINEL,\n GQL_PR_STATE_CLOSED,\n GQL_PR_STATE_MERGED,\n GQL_PR_STATE_OPEN,\n HTTP_STATUS_BAD_REQUEST,\n HTTP_STATUS_FORBIDDEN,\n HTTP_STATUS_INTERNAL_SERVER_ERROR,\n HTTP_STATUS_NOT_FOUND,\n HTTP_STATUS_UNAUTHORIZED,\n NPM_BUGGY_OVERRIDES_PATCHED_VERSION,\n NPM_REGISTRY_URL,\n OUTPUT_JSON,\n OUTPUT_MARKDOWN,\n OUTPUT_TEXT,\n PNPM_WORKSPACE_YAML,\n REDACTED,\n REPORT_LEVEL_DEFER,\n REPORT_LEVEL_ERROR,\n REPORT_LEVEL_IGNORE,\n REPORT_LEVEL_MONITOR,\n REPORT_LEVEL_WARN,\n REQUIREMENTS_TXT,\n SOCKET_CLI_ACCEPT_RISKS,\n SOCKET_CLI_BIN_NAME,\n SOCKET_CLI_ISSUES_URL,\n SOCKET_CLI_SHADOW_ACCEPT_RISKS,\n SOCKET_CLI_SHADOW_API_TOKEN,\n SOCKET_CLI_SHADOW_BIN,\n SOCKET_CLI_SHADOW_PROGRESS,\n SOCKET_CLI_SHADOW_SILENT,\n SOCKET_CLI_VIEW_ALL_RISKS,\n SOCKET_DEFAULT_BRANCH,\n SOCKET_DEFAULT_REPOSITORY,\n SOCKET_JSON,\n SOCKET_WEBSITE_URL,\n SOCKET_YAML,\n SOCKET_YML,\n V1_MIGRATION_GUIDE_URL,\n}\n\nexport default constants\n"],"names":["attributes","getIpc","_npmStdioPipeOptions","cwd","env","__proto__","DISABLE_GITHUB_CACHE","GITHUB_BASE_REF","GITHUB_REF_NAME","GITHUB_REF_TYPE","GITHUB_REPOSITORY","NODE_EXTRA_CA_CERTS","envAsString","PATH","SOCKET_CLI_ACCEPT_RISKS","SOCKET_CLI_API_BASE_URL","SOCKET_CLI_API_PROXY","SOCKET_CLI_API_TIMEOUT","SOCKET_CLI_API_TOKEN","SOCKET_CLI_CONFIG","SOCKET_CLI_GIT_USER_NAME","SOCKET_CLI_GITHUB_TOKEN","SOCKET_CLI_NO_API_TOKEN","SOCKET_CLI_NPM_PATH","SOCKET_CLI_ORG_SLUG","SOCKET_CLI_VIEW_ALL_RISKS","TERM","smartCSR","term","useBCE","constants","entries","WIN32","logger","dataHome","ENV","bashRcPath","binPath","binCliPath","blessedContribPath","blessedOptions","blessedPath","distCliPath","distPath","externalPath","githubCachePath","homePath","instrumentWithSentryPath","minimumVersionByAgent","nmBinPath","nodeHardenFlags","nodeDebugFlags","nodeMemoryFlags","npmCachePath","npmGlobalPrefix","npmNmNodeGypPath","processEnv","rootPath","shadowBinPath","shadowNpmInjectPath","shadowNpmBinPath","shadowPnpmBinPath","shadowYarnBinPath","socketAppDataPath","socketCachePath","socketRegistryPath","zshRcPath","getters","shadowNpxBinPath","internals","getSentry","_Sentry"],"mappings":";;;;;;;;;;;;AAYA;AACA;AACA;AACA;AACA;AACA;AAEA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAiFE;AACEA;;AAEAC;AACF;AACF;AAgFA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAEA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAmJA;AAEA;AACA;;AAEIC;AACEC;AACA;AACA;AACA;;;AAGJ;AACA;AACF;AAEA;;AACUC;AAAI;AACZ;AACA;AAGA;AACA;AACA;AACA;AACA;;;AAKA;AACA;;AAEEC;AACA;;AAEA;AACA;AACAC;AACA;AACA;;AAGA;AACA;AACA;AACA;AACAC;AACA;AACA;AACA;AACA;AACAC;AACA;AACA;AACAC;AACA;AACA;AACAC;AACA;AACA;;AAGA;AACA;AACA;AACA;;AAEA;AACA;;AAIA;AACA;;AAIA;AACA;;AAIA;AACA;;AAIA;AACA;;AAIA;AACA;;AAEA;AACA;;AAIA;AACA;;AAIA;AACA;;AAIA;AACA;;AAIA;AACA;;AAIA;AACA;;AAOA;AACA;AACA;AACA;AACAC;AAEE;AACA;AACAC;AACF;AACA;AACA;AACAC;AACA;AACAC;AACA;AACA;AACAC;AAEE;AACAH;AAGF;AACA;AACAI;AAEE;AACAJ;AACA;AACA;AACAA;AAIF;AACA;AACAK;AACA;AACA;AACAC;AAEE;;AAIF;AACAC;AACA;;AAIA;AACAC;AAIA;AACA;;AAMA;AACA;AACA;AACA;AACAC;AAEE;AACAT;AAEF;AACAU;AACA;AACAC;AACA;AACAC;AAEE;AACAZ;AACF;AACAa;AACA;AACAC;AACF;AACF;AAEA;AAEA;AAEA;AAEA;AAGA;AAEIC;AACAC;AACAC;AACF;AAEF;AAEA;AAEA;AAEA;AAEA;AAEA;AAEA;AAGA;AAEI;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAGJ;AAEA;;AAGA;AACA;AACA;AAEI;AACA;AACAC;AAEM;AACA;AAAA;AAGA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAAA;AAIV;AACE;AAGA;AACA;AACA;AAIF;AAEA;AACE;AACA;AACA;AAKF;AAEA;AACE;AACA;AACA;AAKF;AAEA;AAMA;;AAKkB;AAAQ;AAAS;AACzB;AACE;AACF;AACA;AACE;AACEC;AACF;;;AAGF;AACA;AACF;AAOR;AAEA;AAEA;AAGA;AAGA;AAGA;AAGA;AAGA;AACE;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AACQC;AAAM;AACd;;AAIE;AACE;AACAC;AACF;AACEC;AAIF;AACF;;AAEF;AAEA;AAEA;AAGA;AAEA;;;;;;;;;;;;;;;;;;;;AAqBIC;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AA+EAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACF;AAEEC;;AAEEhC;AACAC;AACAE;AACAD;AACAE;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAE;AACAD;AACAE;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAE;AACAD;AACAS;AACAP;AACAC;AACAC;AACAC;AACAC;AACAC;;AAEFG;;;AAGEC;AACE;;;;AAIEC;AACA;AACF;AACA;AACF;AACF;AACF;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;","debugId":"c1920328-8086-4fc1-a542-3b0b654e3cc8"}
package/dist/flags.js CHANGED
@@ -132,6 +132,7 @@ const commonFlags = {
132
132
  type: 'string',
133
133
  default: '',
134
134
  description: 'Override the local config with this JSON',
135
+ shortFlag: 'c',
135
136
  hidden: true
136
137
  },
137
138
  dryRun: {
@@ -144,8 +145,8 @@ const commonFlags = {
144
145
  help: {
145
146
  type: 'boolean',
146
147
  default: false,
147
- shortFlag: 'h',
148
148
  description: 'Print this help',
149
+ shortFlag: 'h',
149
150
  hidden: true
150
151
  },
151
152
  maxOldSpaceSize: {
@@ -189,5 +190,5 @@ const outputFlags = {
189
190
 
190
191
  exports.commonFlags = commonFlags;
191
192
  exports.outputFlags = outputFlags;
192
- //# debugId=32ed1806-5840-44e5-9f34-4e74e8e5ed8c
193
+ //# debugId=6944fd6e-6374-4def-9a2e-f5afb186925c
193
194
  //# sourceMappingURL=flags.js.map
package/dist/flags.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"flags.js","sources":["../src/flags.mts"],"sourcesContent":["import os from 'node:os'\n\nimport meow from 'meow'\nimport terminalLink from 'terminal-link'\n\nimport constants from './constants.mts'\n\nimport type { Flag } from 'meow'\n\n// Meow doesn't expose this.\nexport type AnyFlag = StringFlag | BooleanFlag | NumberFlag\n\nexport type BooleanFlag =\n | Flag<'boolean', boolean>\n | Flag<'boolean', boolean[], true>\n\nexport type NumberFlag = Flag<'number', number> | Flag<'number', number[], true>\n\nexport type StringFlag = Flag<'string', string> | Flag<'string', string[], true>\n\nexport type MeowFlag = AnyFlag & {\n description: string\n hidden?: boolean | undefined\n}\n\n// We use this description in getFlagListOutput, meow doesn't care.\nexport type MeowFlags = Record<string, MeowFlag>\n\ntype RawSpaceSizeFlags = {\n maxOldSpaceSize: number\n maxSemiSpaceSize: number\n}\n\nlet _rawSpaceSizeFlags: RawSpaceSizeFlags | undefined\nfunction getRawSpaceSizeFlags(): RawSpaceSizeFlags {\n if (_rawSpaceSizeFlags === undefined) {\n const cli = meow({\n argv: process.argv.slice(2),\n // Prevent meow from potentially exiting early.\n autoHelp: false,\n autoVersion: false,\n flags: {\n maxOldSpaceSize: {\n type: 'number',\n default: 0,\n },\n maxSemiSpaceSize: {\n type: 'number',\n default: 0,\n },\n },\n importMeta: { url: import.meta.url } as ImportMeta,\n })\n _rawSpaceSizeFlags = {\n maxOldSpaceSize: cli.flags['maxOldSpaceSize'],\n maxSemiSpaceSize: cli.flags['maxSemiSpaceSize'],\n }\n }\n return _rawSpaceSizeFlags\n}\n\nlet _maxOldSpaceSizeFlag: number | undefined\nexport function getMaxOldSpaceSizeFlag(): number {\n if (_maxOldSpaceSizeFlag === undefined) {\n _maxOldSpaceSizeFlag = getRawSpaceSizeFlags().maxOldSpaceSize\n if (!_maxOldSpaceSizeFlag) {\n const match = /(?<=--max-old-space-size=)\\d+/.exec(\n constants.ENV.NODE_OPTIONS,\n )?.[0]\n _maxOldSpaceSizeFlag = match ? Number(match) : 0\n }\n if (!_maxOldSpaceSizeFlag) {\n // Default value determined by available system memory.\n _maxOldSpaceSizeFlag = Math.floor(\n // Total system memory in MiB.\n (os.totalmem() / 1_024 / 1_024) *\n // Set 75% of total memory (safe buffer to avoid system pressure).\n 0.75,\n )\n }\n }\n return _maxOldSpaceSizeFlag\n}\n// Ensure export because dist/flags.js is required in src/constants.mts.\n// eslint-disable-next-line n/exports-style\nif (typeof exports === 'object' && exports !== null) {\n // eslint-disable-next-line n/exports-style\n exports.getMaxOldSpaceSizeFlag = getMaxOldSpaceSizeFlag\n}\n\nlet _maxSemiSpaceSizeFlag: number | undefined\nexport function getMaxSemiSpaceSizeFlag(): number {\n if (_maxSemiSpaceSizeFlag === undefined) {\n _maxSemiSpaceSizeFlag = getRawSpaceSizeFlags().maxSemiSpaceSize\n if (!_maxSemiSpaceSizeFlag) {\n const match = /(?<=--max-semi-space-size=)\\d+/.exec(\n constants.ENV.NODE_OPTIONS,\n )?.[0]\n _maxSemiSpaceSizeFlag = match ? Number(match) : 0\n }\n if (!_maxSemiSpaceSizeFlag) {\n const maxOldSpaceSize = getMaxOldSpaceSizeFlag()\n // Dynamically scale semi-space size based on max-old-space-size.\n // https://nodejs.org/api/cli.html#--max-semi-space-sizesize-in-mib\n if (maxOldSpaceSize <= 8_192) {\n // Use tiered values for smaller heaps to avoid excessive young\n // generation size. This helps stay within safe memory limits on\n // constrained systems or CI.\n if (maxOldSpaceSize <= 512) {\n _maxSemiSpaceSizeFlag = 4\n } else if (maxOldSpaceSize <= 1_024) {\n _maxSemiSpaceSizeFlag = 8\n } else if (maxOldSpaceSize <= 2_048) {\n _maxSemiSpaceSizeFlag = 16\n } else if (maxOldSpaceSize <= 4_096) {\n _maxSemiSpaceSizeFlag = 32\n } else {\n _maxSemiSpaceSizeFlag = 64\n }\n } else {\n // For large heaps (> 8 GiB), compute semi-space size using a log-scaled\n // function.\n //\n // The idea:\n // - log2(16_384 MiB) = 14 → semi = 14 * 8 = 112\n // - log2(32_768 MiB) = 15 → semi = 15 * 8 = 120\n // - Scales gradually as heap increases, avoiding overly large jumps\n //\n // Each 1 MiB of semi-space adds ~3 MiB to the total young generation\n // (V8 uses 3 spaces). So this keeps semi-space proportional, without\n // over committing.\n //\n // Also note: V8 won’t benefit much from >256 MiB semi-space unless\n // you’re allocating large short-lived objects very frequently\n // (e.g. large arrays, buffers).\n const log2OldSpace = Math.log2(maxOldSpaceSize)\n const scaledSemiSpace = Math.floor(log2OldSpace) * 8\n _maxSemiSpaceSizeFlag = scaledSemiSpace\n }\n }\n }\n return _maxSemiSpaceSizeFlag\n}\n// Ensure export because dist/flags.js is required in src/constants.mts.\n// eslint-disable-next-line n/exports-style\nif (typeof exports === 'object' && exports !== null) {\n // eslint-disable-next-line n/exports-style\n exports.getMaxSemiSpaceSizeFlag = getMaxSemiSpaceSizeFlag\n}\n\nexport const commonFlags: MeowFlags = {\n // Hidden to allow custom documenting of the negated `--no-banner` variant.\n banner: {\n type: 'boolean',\n default: true,\n description: 'Hide the Socket banner',\n hidden: true,\n },\n config: {\n type: 'string',\n default: '',\n description: 'Override the local config with this JSON',\n hidden: true,\n },\n dryRun: {\n type: 'boolean',\n default: false,\n description:\n 'Do input validation for a command and exit 0 when input is ok',\n // Only show in root command.\n hidden: true,\n },\n help: {\n type: 'boolean',\n default: false,\n shortFlag: 'h',\n description: 'Print this help',\n hidden: true,\n },\n maxOldSpaceSize: {\n type: 'number',\n get default() {\n return getMaxOldSpaceSizeFlag()\n },\n description: `Set Node's V8 ${terminalLink('--max-old-space-size', 'https://nodejs.org/api/cli.html#--max-old-space-sizesize-in-mib')} option`,\n hidden: true,\n },\n maxSemiSpaceSize: {\n type: 'number',\n get default() {\n return getMaxSemiSpaceSizeFlag()\n },\n description: `Set Node's V8 ${terminalLink('--max-semi-space-size', 'https://nodejs.org/api/cli.html#--max-semi-space-sizesize-in-mib')} option`,\n hidden: true,\n },\n // Hidden to allow custom documenting of the negated `--no-spinner` variant.\n spinner: {\n type: 'boolean',\n default: true,\n description: 'Hide the console spinner',\n hidden: true,\n },\n}\n\nexport const outputFlags: MeowFlags = {\n json: {\n type: 'boolean',\n default: false,\n description: 'Output result as json',\n shortFlag: 'j',\n },\n markdown: {\n type: 'boolean',\n default: false,\n description: 'Output result as markdown',\n shortFlag: 'm',\n },\n}\n\nexport const validationFlags: MeowFlags = {\n all: {\n type: 'boolean',\n default: false,\n description: 'Include all issues',\n },\n strict: {\n type: 'boolean',\n default: false,\n description: 'Exits with an error code if any matching issues are found',\n },\n}\n"],"names":["autoHelp","autoVersion","flags","maxOldSpaceSize","type","default","maxSemiSpaceSize","importMeta","url","_rawSpaceSizeFlags","_maxOldSpaceSizeFlag","os","_maxSemiSpaceSizeFlag","banner","description","hidden","config","dryRun","help","shortFlag","spinner","json","markdown"],"mappings":";;;;;;;AASA;;AAgBA;;AAQA;AACA;;;;AAIM;AACAA;AACAC;AACAC;AACEC;AACEC;AACAC;;AAEFC;AACEF;AACAC;AACF;;AAEFE;AAAcC;AAAqB;AACrC;AACAC;AACEN;AACAG;;AAEJ;AACA;AACF;AAEA;AACO;;AAEHI;;AAEE;;AAIF;;AAEE;;AAEE;AACCC;AACC;AACA;AAEN;AACF;AACA;AACF;AACA;AACA;AACA;AACE;;AAEF;AAEA;AACO;;AAEHC;;AAEE;;AAIF;;AAEE;AACA;AACA;;AAEE;AACA;AACA;;AAEEA;AACF;AACEA;AACF;AACEA;AACF;AACEA;AACF;AACEA;AACF;AACF;AACE;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAEAA;AACF;AACF;AACF;AACA;AACF;AACA;AACA;AACA;AACE;;AAEF;AAEO;AACL;AACAC;AACET;AACAC;AACAS;AACAC;;AAEFC;AACEZ;AACAC;AACAS;AACAC;;AAEFE;AACEb;AACAC;AACAS;AAEA;AACAC;;AAEFG;AACEd;AACAC;AACAc;AACAL;AACAC;;AAEFZ;AACEC;;;;;AAKAW;;AAEFT;AACEF;;;;;AAKAW;;AAEF;AACAK;AACEhB;AACAC;AACAS;AACAC;AACF;AACF;AAEO;AACLM;AACEjB;AACAC;AACAS;AACAK;;AAEFG;AACElB;AACAC;AACAS;AACAK;AACF;AACF;;;","debugId":"32ed1806-5840-44e5-9f34-4e74e8e5ed8c"}
1
+ {"version":3,"file":"flags.js","sources":["../src/flags.mts"],"sourcesContent":["import os from 'node:os'\n\nimport meow from 'meow'\nimport terminalLink from 'terminal-link'\n\nimport constants from './constants.mts'\n\nimport type { Flag } from 'meow'\n\n// Meow doesn't expose this.\nexport type AnyFlag = StringFlag | BooleanFlag | NumberFlag\n\nexport type BooleanFlag =\n | Flag<'boolean', boolean>\n | Flag<'boolean', boolean[], true>\n\nexport type NumberFlag = Flag<'number', number> | Flag<'number', number[], true>\n\nexport type StringFlag = Flag<'string', string> | Flag<'string', string[], true>\n\nexport type MeowFlag = AnyFlag & {\n description: string\n hidden?: boolean | undefined\n}\n\n// We use this description in getFlagListOutput, meow doesn't care.\nexport type MeowFlags = Record<string, MeowFlag>\n\ntype RawSpaceSizeFlags = {\n maxOldSpaceSize: number\n maxSemiSpaceSize: number\n}\n\nlet _rawSpaceSizeFlags: RawSpaceSizeFlags | undefined\nfunction getRawSpaceSizeFlags(): RawSpaceSizeFlags {\n if (_rawSpaceSizeFlags === undefined) {\n const cli = meow({\n argv: process.argv.slice(2),\n // Prevent meow from potentially exiting early.\n autoHelp: false,\n autoVersion: false,\n flags: {\n maxOldSpaceSize: {\n type: 'number',\n default: 0,\n },\n maxSemiSpaceSize: {\n type: 'number',\n default: 0,\n },\n },\n importMeta: { url: import.meta.url } as ImportMeta,\n })\n _rawSpaceSizeFlags = {\n maxOldSpaceSize: cli.flags['maxOldSpaceSize'],\n maxSemiSpaceSize: cli.flags['maxSemiSpaceSize'],\n }\n }\n return _rawSpaceSizeFlags\n}\n\nlet _maxOldSpaceSizeFlag: number | undefined\nexport function getMaxOldSpaceSizeFlag(): number {\n if (_maxOldSpaceSizeFlag === undefined) {\n _maxOldSpaceSizeFlag = getRawSpaceSizeFlags().maxOldSpaceSize\n if (!_maxOldSpaceSizeFlag) {\n const match = /(?<=--max-old-space-size=)\\d+/.exec(\n constants.ENV.NODE_OPTIONS,\n )?.[0]\n _maxOldSpaceSizeFlag = match ? Number(match) : 0\n }\n if (!_maxOldSpaceSizeFlag) {\n // Default value determined by available system memory.\n _maxOldSpaceSizeFlag = Math.floor(\n // Total system memory in MiB.\n (os.totalmem() / 1_024 / 1_024) *\n // Set 75% of total memory (safe buffer to avoid system pressure).\n 0.75,\n )\n }\n }\n return _maxOldSpaceSizeFlag\n}\n// Ensure export because dist/flags.js is required in src/constants.mts.\n// eslint-disable-next-line n/exports-style\nif (typeof exports === 'object' && exports !== null) {\n // eslint-disable-next-line n/exports-style\n exports.getMaxOldSpaceSizeFlag = getMaxOldSpaceSizeFlag\n}\n\nlet _maxSemiSpaceSizeFlag: number | undefined\nexport function getMaxSemiSpaceSizeFlag(): number {\n if (_maxSemiSpaceSizeFlag === undefined) {\n _maxSemiSpaceSizeFlag = getRawSpaceSizeFlags().maxSemiSpaceSize\n if (!_maxSemiSpaceSizeFlag) {\n const match = /(?<=--max-semi-space-size=)\\d+/.exec(\n constants.ENV.NODE_OPTIONS,\n )?.[0]\n _maxSemiSpaceSizeFlag = match ? Number(match) : 0\n }\n if (!_maxSemiSpaceSizeFlag) {\n const maxOldSpaceSize = getMaxOldSpaceSizeFlag()\n // Dynamically scale semi-space size based on max-old-space-size.\n // https://nodejs.org/api/cli.html#--max-semi-space-sizesize-in-mib\n if (maxOldSpaceSize <= 8_192) {\n // Use tiered values for smaller heaps to avoid excessive young\n // generation size. This helps stay within safe memory limits on\n // constrained systems or CI.\n if (maxOldSpaceSize <= 512) {\n _maxSemiSpaceSizeFlag = 4\n } else if (maxOldSpaceSize <= 1_024) {\n _maxSemiSpaceSizeFlag = 8\n } else if (maxOldSpaceSize <= 2_048) {\n _maxSemiSpaceSizeFlag = 16\n } else if (maxOldSpaceSize <= 4_096) {\n _maxSemiSpaceSizeFlag = 32\n } else {\n _maxSemiSpaceSizeFlag = 64\n }\n } else {\n // For large heaps (> 8 GiB), compute semi-space size using a log-scaled\n // function.\n //\n // The idea:\n // - log2(16_384 MiB) = 14 → semi = 14 * 8 = 112\n // - log2(32_768 MiB) = 15 → semi = 15 * 8 = 120\n // - Scales gradually as heap increases, avoiding overly large jumps\n //\n // Each 1 MiB of semi-space adds ~3 MiB to the total young generation\n // (V8 uses 3 spaces). So this keeps semi-space proportional, without\n // over committing.\n //\n // Also note: V8 won’t benefit much from >256 MiB semi-space unless\n // you’re allocating large short-lived objects very frequently\n // (e.g. large arrays, buffers).\n const log2OldSpace = Math.log2(maxOldSpaceSize)\n const scaledSemiSpace = Math.floor(log2OldSpace) * 8\n _maxSemiSpaceSizeFlag = scaledSemiSpace\n }\n }\n }\n return _maxSemiSpaceSizeFlag\n}\n// Ensure export because dist/flags.js is required in src/constants.mts.\n// eslint-disable-next-line n/exports-style\nif (typeof exports === 'object' && exports !== null) {\n // eslint-disable-next-line n/exports-style\n exports.getMaxSemiSpaceSizeFlag = getMaxSemiSpaceSizeFlag\n}\n\nexport const commonFlags: MeowFlags = {\n // Hidden to allow custom documenting of the negated `--no-banner` variant.\n banner: {\n type: 'boolean',\n default: true,\n description: 'Hide the Socket banner',\n hidden: true,\n },\n config: {\n type: 'string',\n default: '',\n description: 'Override the local config with this JSON',\n shortFlag: 'c',\n hidden: true,\n },\n dryRun: {\n type: 'boolean',\n default: false,\n description:\n 'Do input validation for a command and exit 0 when input is ok',\n // Only show in root command.\n hidden: true,\n },\n help: {\n type: 'boolean',\n default: false,\n description: 'Print this help',\n shortFlag: 'h',\n hidden: true,\n },\n maxOldSpaceSize: {\n type: 'number',\n get default() {\n return getMaxOldSpaceSizeFlag()\n },\n description: `Set Node's V8 ${terminalLink('--max-old-space-size', 'https://nodejs.org/api/cli.html#--max-old-space-sizesize-in-mib')} option`,\n hidden: true,\n },\n maxSemiSpaceSize: {\n type: 'number',\n get default() {\n return getMaxSemiSpaceSizeFlag()\n },\n description: `Set Node's V8 ${terminalLink('--max-semi-space-size', 'https://nodejs.org/api/cli.html#--max-semi-space-sizesize-in-mib')} option`,\n hidden: true,\n },\n // Hidden to allow custom documenting of the negated `--no-spinner` variant.\n spinner: {\n type: 'boolean',\n default: true,\n description: 'Hide the console spinner',\n hidden: true,\n },\n}\n\nexport const outputFlags: MeowFlags = {\n json: {\n type: 'boolean',\n default: false,\n description: 'Output result as json',\n shortFlag: 'j',\n },\n markdown: {\n type: 'boolean',\n default: false,\n description: 'Output result as markdown',\n shortFlag: 'm',\n },\n}\n\nexport const validationFlags: MeowFlags = {\n all: {\n type: 'boolean',\n default: false,\n description: 'Include all issues',\n },\n strict: {\n type: 'boolean',\n default: false,\n description: 'Exits with an error code if any matching issues are found',\n },\n}\n"],"names":["autoHelp","autoVersion","flags","maxOldSpaceSize","type","default","maxSemiSpaceSize","importMeta","url","_rawSpaceSizeFlags","_maxOldSpaceSizeFlag","os","_maxSemiSpaceSizeFlag","banner","description","hidden","config","shortFlag","dryRun","help","spinner","json","markdown"],"mappings":";;;;;;;AASA;;AAgBA;;AAQA;AACA;;;;AAIM;AACAA;AACAC;AACAC;AACEC;AACEC;AACAC;;AAEFC;AACEF;AACAC;AACF;;AAEFE;AAAcC;AAAqB;AACrC;AACAC;AACEN;AACAG;;AAEJ;AACA;AACF;AAEA;AACO;;AAEHI;;AAEE;;AAIF;;AAEE;;AAEE;AACCC;AACC;AACA;AAEN;AACF;AACA;AACF;AACA;AACA;AACA;AACE;;AAEF;AAEA;AACO;;AAEHC;;AAEE;;AAIF;;AAEE;AACA;AACA;;AAEE;AACA;AACA;;AAEEA;AACF;AACEA;AACF;AACEA;AACF;AACEA;AACF;AACEA;AACF;AACF;AACE;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AAEAA;AACF;AACF;AACF;AACA;AACF;AACA;AACA;AACA;AACE;;AAEF;AAEO;AACL;AACAC;AACET;AACAC;AACAS;AACAC;;AAEFC;AACEZ;AACAC;AACAS;AACAG;AACAF;;AAEFG;AACEd;AACAC;AACAS;AAEA;AACAC;;AAEFI;AACEf;AACAC;AACAS;AACAG;AACAF;;AAEFZ;AACEC;;;;;AAKAW;;AAEFT;AACEF;;;;;AAKAW;;AAEF;AACAK;AACEhB;AACAC;AACAS;AACAC;AACF;AACF;AAEO;AACLM;AACEjB;AACAC;AACAS;AACAG;;AAEFK;AACElB;AACAC;AACAS;AACAG;AACF;AACF;;;","debugId":"6944fd6e-6374-4def-9a2e-f5afb186925c"}
package/dist/npm-cli.js CHANGED
@@ -1,14 +1,13 @@
1
1
  #!/usr/bin/env node
2
2
  'use strict';
3
3
 
4
- var constants = require('./constants.js');
5
- var shadowNpmBin = require('./shadow-npm-bin.js');
4
+ var shadowNpmBin = require('./shadow-npm-bin2.js');
6
5
 
7
6
  void (async () => {
8
7
  process.exitCode = 1;
9
8
  const {
10
9
  spawnPromise
11
- } = await shadowNpmBin(constants.NPM, process.argv.slice(2), {
10
+ } = await shadowNpmBin.shadowNpmBin(process.argv.slice(2), {
12
11
  stdio: 'inherit'
13
12
  });
14
13
 
@@ -23,5 +22,5 @@ void (async () => {
23
22
  });
24
23
  await spawnPromise;
25
24
  })();
26
- //# debugId=cbfc26c9-32c6-4255-a7a4-f123d48a4afa
25
+ //# debugId=6b20bb60-c89d-4ff1-b9a7-42dde7e901ca
27
26
  //# sourceMappingURL=npm-cli.js.map
package/dist/npm-cli.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"npm-cli.js","sources":["../src/npm-cli.mts"],"sourcesContent":["#!/usr/bin/env node\n\nimport { NPM } from './constants.mts'\nimport shadowNpmBin from './shadow/npm/bin.mts'\n\nvoid (async () => {\n process.exitCode = 1\n\n const { spawnPromise } = await shadowNpmBin(NPM, process.argv.slice(2), {\n stdio: 'inherit',\n })\n\n // See https://nodejs.org/api/child_process.html#event-exit.\n spawnPromise.process.on('exit', (code, signalName) => {\n if (signalName) {\n process.kill(process.pid, signalName)\n } else if (typeof code === 'number') {\n // eslint-disable-next-line n/no-process-exit\n process.exit(code)\n }\n })\n\n await spawnPromise\n})()\n"],"names":["spawnPromise","stdio","process"],"mappings":";;;;;;AAKA;;;AAGUA;AAAa;AACnBC;AACF;;AAEA;;AAEE;;AAEA;AACE;AACAC;AACF;AACF;AAEA;AACF","debugId":"cbfc26c9-32c6-4255-a7a4-f123d48a4afa"}
1
+ {"version":3,"file":"npm-cli.js","sources":["../src/npm-cli.mts"],"sourcesContent":["#!/usr/bin/env node\n\nimport shadowNpmBin from './shadow/npm/bin.mts'\n\nvoid (async () => {\n process.exitCode = 1\n\n const { spawnPromise } = await shadowNpmBin(process.argv.slice(2), {\n stdio: 'inherit',\n })\n\n // See https://nodejs.org/api/child_process.html#event-exit.\n spawnPromise.process.on('exit', (code, signalName) => {\n if (signalName) {\n process.kill(process.pid, signalName)\n } else if (typeof code === 'number') {\n // eslint-disable-next-line n/no-process-exit\n process.exit(code)\n }\n })\n\n await spawnPromise\n})()\n"],"names":["spawnPromise","stdio","process"],"mappings":";;;;;AAIA;;;AAGUA;AAAa;AACnBC;AACF;;AAEA;;AAEE;;AAEA;AACE;AACAC;AACF;AACF;AAEA;AACF","debugId":"6b20bb60-c89d-4ff1-b9a7-42dde7e901ca"}
package/dist/npx-cli.js CHANGED
@@ -1,13 +1,13 @@
1
1
  #!/usr/bin/env node
2
2
  'use strict';
3
3
 
4
- var shadowNpmBin = require('./shadow-npm-bin.js');
4
+ var shadowNpxBin = require('./shadow-npx-bin.js');
5
5
 
6
6
  void (async () => {
7
7
  process.exitCode = 1;
8
8
  const {
9
9
  spawnPromise
10
- } = await shadowNpmBin('npx', process.argv.slice(2), {
10
+ } = await shadowNpxBin(process.argv.slice(2), {
11
11
  stdio: 'inherit'
12
12
  });
13
13
 
@@ -22,5 +22,5 @@ void (async () => {
22
22
  });
23
23
  await spawnPromise;
24
24
  })();
25
- //# debugId=916eab81-da92-4adf-96e6-6c584ea1a61b
25
+ //# debugId=5cd12cb6-eaab-445b-ac32-8aa57a64b454
26
26
  //# sourceMappingURL=npx-cli.js.map
package/dist/npx-cli.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"npx-cli.js","sources":["../src/npx-cli.mts"],"sourcesContent":["#!/usr/bin/env node\n\nimport shadowNpmBin from './shadow/npm/bin.mts'\n\nvoid (async () => {\n process.exitCode = 1\n\n const { spawnPromise } = await shadowNpmBin('npx', process.argv.slice(2), {\n stdio: 'inherit',\n })\n\n // See https://nodejs.org/api/child_process.html#event-exit.\n spawnPromise.process.on('exit', (code, signalName) => {\n if (signalName) {\n process.kill(process.pid, signalName)\n } else if (typeof code === 'number') {\n // eslint-disable-next-line n/no-process-exit\n process.exit(code)\n }\n })\n\n await spawnPromise\n})()\n"],"names":["spawnPromise","stdio","process"],"mappings":";;;;;AAIA;;;AAGUA;AAAa;AACnBC;AACF;;AAEA;;AAEE;;AAEA;AACE;AACAC;AACF;AACF;AAEA;AACF","debugId":"916eab81-da92-4adf-96e6-6c584ea1a61b"}
1
+ {"version":3,"file":"npx-cli.js","sources":["../src/npx-cli.mts"],"sourcesContent":["#!/usr/bin/env node\n\nimport shadowNpxBin from './shadow/npx/bin.mts'\n\nvoid (async () => {\n process.exitCode = 1\n\n const { spawnPromise } = await shadowNpxBin(process.argv.slice(2), {\n stdio: 'inherit',\n })\n\n // See https://nodejs.org/api/child_process.html#event-exit.\n spawnPromise.process.on('exit', (code, signalName) => {\n if (signalName) {\n process.kill(process.pid, signalName)\n } else if (typeof code === 'number') {\n // eslint-disable-next-line n/no-process-exit\n process.exit(code)\n }\n })\n\n await spawnPromise\n})()\n"],"names":["spawnPromise","stdio","process"],"mappings":";;;;;AAIA;;;AAGUA;AAAa;AACnBC;AACF;;AAEA;;AAEE;;AAEA;AACE;AACAC;AACF;AACF;AAEA;AACF","debugId":"5cd12cb6-eaab-445b-ac32-8aa57a64b454"}
package/dist/pnpm-cli.js CHANGED
@@ -1,13 +1,13 @@
1
1
  #!/usr/bin/env node
2
2
  'use strict';
3
3
 
4
- var shadowPnpmBin = require('./shadow-pnpm-bin.js');
4
+ var shadowPnpmBin = require('./shadow-pnpm-bin2.js');
5
5
 
6
6
  void (async () => {
7
7
  process.exitCode = 1;
8
8
  const {
9
9
  spawnPromise
10
- } = await shadowPnpmBin(process.argv.slice(2), {
10
+ } = await shadowPnpmBin.shadowPnpmBin(process.argv.slice(2), {
11
11
  stdio: 'inherit'
12
12
  });
13
13
 
@@ -22,5 +22,5 @@ void (async () => {
22
22
  });
23
23
  await spawnPromise;
24
24
  })();
25
- //# debugId=e61d61bd-2fda-42bf-9deb-0b9d3e70f243
25
+ //# debugId=51759390-e500-4f4b-b353-e98475a543bf
26
26
  //# sourceMappingURL=pnpm-cli.js.map
package/dist/pnpm-cli.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"pnpm-cli.js","sources":["../src/pnpm-cli.mts"],"sourcesContent":["#!/usr/bin/env node\n\nimport shadowPnpmBin from './shadow/pnpm/bin.mts'\n\nvoid (async () => {\n process.exitCode = 1\n\n const { spawnPromise } = await shadowPnpmBin(process.argv.slice(2), {\n stdio: 'inherit',\n })\n\n // See https://nodejs.org/api/child_process.html#event-exit.\n spawnPromise.process.on('exit', (code, signalName) => {\n if (signalName) {\n process.kill(process.pid, signalName)\n } else if (typeof code === 'number') {\n // eslint-disable-next-line n/no-process-exit\n process.exit(code)\n }\n })\n\n await spawnPromise\n})()\n"],"names":["spawnPromise","stdio","process"],"mappings":";;;;;AAIA;;;AAGUA;AAAa;AACnBC;AACF;;AAEA;;AAEE;;AAEA;AACE;AACAC;AACF;AACF;AAEA;AACF","debugId":"e61d61bd-2fda-42bf-9deb-0b9d3e70f243"}
1
+ {"version":3,"file":"pnpm-cli.js","sources":["../src/pnpm-cli.mts"],"sourcesContent":["#!/usr/bin/env node\n\nimport shadowPnpmBin from './shadow/pnpm/bin.mts'\n\nvoid (async () => {\n process.exitCode = 1\n\n const { spawnPromise } = await shadowPnpmBin(process.argv.slice(2), {\n stdio: 'inherit',\n })\n\n // See https://nodejs.org/api/child_process.html#event-exit.\n spawnPromise.process.on('exit', (code, signalName) => {\n if (signalName) {\n process.kill(process.pid, signalName)\n } else if (typeof code === 'number') {\n // eslint-disable-next-line n/no-process-exit\n process.exit(code)\n }\n })\n\n await spawnPromise\n})()\n"],"names":["spawnPromise","stdio","process"],"mappings":";;;;;AAIA;;;AAGUA;AAAa;AACnBC;AACF;;AAEA;;AAEE;;AAEA;AACE;AACAC;AACF;AACF;AAEA;AACF","debugId":"51759390-e500-4f4b-b353-e98475a543bf"}
package/dist/shadow-npm-bin.js CHANGED
@@ -1,111 +1,8 @@
1
1
  'use strict';
2
+ var shadowNpmBin = require('./shadow-npm-bin2.js');
2
3
 
3
- var agent = require('../external/@socketsecurity/registry/lib/agent');
4
- var require$$9 = require('../external/@socketsecurity/registry/lib/debug');
5
- var require$$11 = require('../external/@socketsecurity/registry/lib/objects');
6
- var spawn = require('../external/@socketsecurity/registry/lib/spawn');
7
- var path = require('node:path');
8
- var vendor = require('./vendor.js');
9
- var constants = require('./constants.js');
10
- var utils = require('./utils.js');
11
4
 
12
- async function installLinks(shadowBinPath, binName) {
13
- const isNpx = binName === 'npx';
14
- // Find package manager being shadowed by this process.
15
- const binPath = isNpx ? utils.getNpxBinPath() : utils.getNpmBinPath();
16
- const {
17
- WIN32
18
- } = constants.default;
19
- // TODO: Is this early exit needed?
20
- if (WIN32 && binPath) {
21
- return binPath;
22
- }
23
- const shadowed = isNpx ? utils.isNpxBinPathShadowed() : utils.isNpmBinPathShadowed();
24
- // Move our bin directory to front of PATH so its found first.
25
- if (!shadowed) {
26
- if (WIN32) {
27
- await vendor.libExports(path.join(constants.default.distPath, `${binName}-cli.js`), path.join(shadowBinPath, binName));
28
- }
29
- const {
30
- env
31
- } = process;
32
- env['PATH'] = `${shadowBinPath}${path.delimiter}${env['PATH']}`;
33
- }
34
- return binPath;
35
- }
36
5
 
37
- async function shadowBin(binName, args = process.argv.slice(2), options, extra) {
38
- const {
39
- env: spawnEnv,
40
- ipc,
41
- ...spawnOpts
42
- } = {
43
- __proto__: null,
44
- ...options
45
- };
46
- const cwd = require$$11.getOwn(spawnOpts, 'cwd') ?? process.cwd();
47
- const isShadowNpm = binName === constants.NPM;
48
- const terminatorPos = args.indexOf('--');
49
- const rawBinArgs = terminatorPos === -1 ? args : args.slice(0, terminatorPos);
50
- const nodeOptionsArg = rawBinArgs.findLast(agent.isNpmNodeOptionsFlag);
51
- const progressArg = rawBinArgs.findLast(agent.isNpmProgressFlag) !== '--no-progress';
52
- const otherArgs = terminatorPos === -1 ? [] : args.slice(terminatorPos);
53
- const permArgs = isShadowNpm && constants.default.SUPPORTS_NODE_PERMISSION_FLAG ? ['--permission', '--allow-child-process',
54
- // '--allow-addons',
55
- // '--allow-wasi',
56
- // Allow all reads because npm walks up directories looking for config
57
- // and package.json files.
58
- '--allow-fs-read=*', `--allow-fs-write=${cwd}/*`, `--allow-fs-write=${constants.default.npmGlobalPrefix}/*`, `--allow-fs-write=${constants.default.npmCachePath}/*`] : [];
59
- const useAudit = rawBinArgs.includes('--audit');
60
- const useDebug = require$$9.isDebug('stdio');
61
- const useNodeOptions = nodeOptionsArg || permArgs.length;
62
- const binArgs = rawBinArgs.filter(a => !agent.isNpmAuditFlag(a) && !agent.isNpmProgressFlag(a));
63
- const isSilent = !useDebug && !binArgs.some(agent.isNpmLoglevelFlag);
64
- // The default value of loglevel is "notice". We default to "error" which is
65
- // two levels quieter.
66
- const logLevelArgs = isSilent ? ['--loglevel', 'error'] : [];
67
- const noAuditArgs = useAudit || !(await utils.findUp(constants.NODE_MODULES, {
68
- cwd,
69
- onlyDirectories: true
70
- })) ? [] : ['--no-audit'];
71
- let stdio = require$$11.getOwn(spawnOpts, 'stdio');
72
- if (typeof stdio === 'string') {
73
- stdio = [stdio, stdio, stdio, 'ipc'];
74
- } else if (Array.isArray(stdio)) {
75
- if (!stdio.includes('ipc')) {
76
- stdio = stdio.concat('ipc');
77
- }
78
- } else {
79
- stdio = ['pipe', 'pipe', 'pipe', 'ipc'];
80
- }
81
- const realBinPath = await installLinks(constants.default.shadowBinPath, binName);
82
- const spawnPromise = spawn.spawn(constants.default.execPath, [...constants.default.nodeNoWarningsFlags, ...constants.default.nodeDebugFlags, ...constants.default.nodeHardenFlags, ...constants.default.nodeMemoryFlags, ...(constants.default.ENV.INLINED_SOCKET_CLI_SENTRY_BUILD ? ['--require', constants.default.instrumentWithSentryPath] : []), '--require', constants.default.shadowNpmInjectPath, realBinPath, ...noAuditArgs, ...(useNodeOptions ? [`--node-options='${nodeOptionsArg ? nodeOptionsArg.slice(15) : ''}${utils.cmdFlagsToString(permArgs)}'`] : []), '--no-fund',
83
- // Add '--no-progress' to fix input being swallowed by the npm spinner.
84
- '--no-progress',
85
- // Add '--loglevel=error' if a loglevel flag is not provided and the
86
- // SOCKET_CLI_DEBUG environment variable is not truthy.
87
- ...logLevelArgs, ...binArgs, ...otherArgs], {
88
- ...spawnOpts,
89
- env: {
90
- ...process.env,
91
- ...constants.default.processEnv,
92
- ...spawnEnv
93
- },
94
- stdio
95
- }, extra);
96
- spawnPromise.process.send({
97
- [constants.default.SOCKET_IPC_HANDSHAKE]: {
98
- [constants.default.SOCKET_CLI_SHADOW_API_TOKEN]: utils.getPublicApiToken(),
99
- [constants.default.SOCKET_CLI_SHADOW_BIN]: binName,
100
- [constants.default.SOCKET_CLI_SHADOW_PROGRESS]: progressArg,
101
- ...ipc
102
- }
103
- });
104
- return {
105
- spawnPromise
106
- };
107
- }
108
-
109
- module.exports = shadowBin;
110
- //# debugId=c5a533a4-98e8-498c-a65a-c5509dd4fdbe
6
+ module.exports = shadowNpmBin.shadowNpmBin;
7
+ //# debugId=b6ee2805-0bfe-4b8d-a2df-609b517340be
111
8
  //# sourceMappingURL=shadow-npm-bin.js.map
package/dist/shadow-npm-bin.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"shadow-npm-bin.js","sources":["../src/shadow/npm/link.mts","../src/shadow/npm/bin.mts"],"sourcesContent":["import path from 'node:path'\n\nimport cmdShim from 'cmd-shim'\n\nimport constants from '../../constants.mts'\nimport {\n getNpmBinPath,\n getNpxBinPath,\n isNpmBinPathShadowed,\n isNpxBinPathShadowed,\n} from '../../utils/npm-paths.mts'\n\nexport async function installLinks(\n shadowBinPath: string,\n binName: 'npm' | 'npx',\n): Promise<string> {\n const isNpx = binName === 'npx'\n // Find package manager being shadowed by this process.\n const binPath = isNpx ? getNpxBinPath() : getNpmBinPath()\n const { WIN32 } = constants\n // TODO: Is this early exit needed?\n if (WIN32 && binPath) {\n return binPath\n }\n const shadowed = isNpx ? isNpxBinPathShadowed() : isNpmBinPathShadowed()\n // Move our bin directory to front of PATH so its found first.\n if (!shadowed) {\n if (WIN32) {\n await cmdShim(\n path.join(constants.distPath, `${binName}-cli.js`),\n path.join(shadowBinPath, binName),\n )\n }\n const { env } = process\n env['PATH'] = `${shadowBinPath}${path.delimiter}${env['PATH']}`\n }\n return binPath\n}\n","import {\n isNpmAuditFlag,\n isNpmLoglevelFlag,\n isNpmNodeOptionsFlag,\n isNpmProgressFlag,\n} from '@socketsecurity/registry/lib/agent'\nimport { isDebug } from '@socketsecurity/registry/lib/debug'\nimport { getOwn } from '@socketsecurity/registry/lib/objects'\nimport { spawn } from '@socketsecurity/registry/lib/spawn'\n\nimport { installLinks } from './link.mts'\nimport constants, { NODE_MODULES, NPM, NPX } from '../../constants.mts'\nimport { cmdFlagsToString } from '../../utils/cmd.mts'\nimport { findUp } from '../../utils/fs.mts'\nimport { getPublicApiToken } from '../../utils/sdk.mts'\n\nimport type { IpcObject } from '../../constants.mts'\nimport type {\n SpawnExtra,\n SpawnOptions,\n SpawnResult,\n} from '@socketsecurity/registry/lib/spawn'\n\nexport type ShadowBinOptions = SpawnOptions & {\n ipc?: IpcObject | undefined\n}\n\nexport type ShadowBinResult = {\n spawnPromise: SpawnResult<string, SpawnExtra | undefined>\n}\n\nexport default async function shadowBin(\n binName: typeof NPM | typeof NPX,\n args: string[] | readonly string[] = process.argv.slice(2),\n options?: ShadowBinOptions | undefined,\n extra?: SpawnExtra | undefined,\n): Promise<ShadowBinResult> {\n const {\n env: spawnEnv,\n ipc,\n ...spawnOpts\n } = { __proto__: null, ...options } as ShadowBinOptions\n const cwd = getOwn(spawnOpts, 'cwd') ?? process.cwd()\n const isShadowNpm = binName === NPM\n const terminatorPos = args.indexOf('--')\n const rawBinArgs = terminatorPos === -1 ? args : args.slice(0, terminatorPos)\n const nodeOptionsArg = rawBinArgs.findLast(isNpmNodeOptionsFlag)\n const progressArg = rawBinArgs.findLast(isNpmProgressFlag) !== '--no-progress'\n const otherArgs = terminatorPos === -1 ? [] : args.slice(terminatorPos)\n const permArgs =\n isShadowNpm && constants.SUPPORTS_NODE_PERMISSION_FLAG\n ? [\n '--permission',\n '--allow-child-process',\n // '--allow-addons',\n // '--allow-wasi',\n // Allow all reads because npm walks up directories looking for config\n // and package.json files.\n '--allow-fs-read=*',\n `--allow-fs-write=${cwd}/*`,\n `--allow-fs-write=${constants.npmGlobalPrefix}/*`,\n `--allow-fs-write=${constants.npmCachePath}/*`,\n ]\n : []\n\n const useAudit = rawBinArgs.includes('--audit')\n const useDebug = isDebug('stdio')\n const useNodeOptions = nodeOptionsArg || permArgs.length\n const binArgs = rawBinArgs.filter(\n a => !isNpmAuditFlag(a) && !isNpmProgressFlag(a),\n )\n const isSilent = !useDebug && !binArgs.some(isNpmLoglevelFlag)\n // The default value of loglevel is \"notice\". We default to \"error\" which is\n // two levels quieter.\n const logLevelArgs = isSilent ? ['--loglevel', 'error'] : []\n const noAuditArgs =\n useAudit || !(await findUp(NODE_MODULES, { cwd, onlyDirectories: true }))\n ? []\n : ['--no-audit']\n\n let stdio = getOwn(spawnOpts, 'stdio')\n if (typeof stdio === 'string') {\n stdio = [stdio, stdio, stdio, 'ipc']\n } else if (Array.isArray(stdio)) {\n if (!stdio.includes('ipc')) {\n stdio = stdio.concat('ipc')\n }\n } else {\n stdio = ['pipe', 'pipe', 'pipe', 'ipc']\n }\n\n const realBinPath = await installLinks(constants.shadowBinPath, binName)\n\n const spawnPromise = spawn(\n constants.execPath,\n [\n ...constants.nodeNoWarningsFlags,\n ...constants.nodeDebugFlags,\n ...constants.nodeHardenFlags,\n ...constants.nodeMemoryFlags,\n ...(constants.ENV.INLINED_SOCKET_CLI_SENTRY_BUILD\n ? ['--require', constants.instrumentWithSentryPath]\n : []),\n '--require',\n constants.shadowNpmInjectPath,\n realBinPath,\n ...noAuditArgs,\n ...(useNodeOptions\n ? [\n `--node-options='${nodeOptionsArg ? nodeOptionsArg.slice(15) : ''}${cmdFlagsToString(permArgs)}'`,\n ]\n : []),\n '--no-fund',\n // Add '--no-progress' to fix input being swallowed by the npm spinner.\n '--no-progress',\n // Add '--loglevel=error' if a loglevel flag is not provided and the\n // SOCKET_CLI_DEBUG environment variable is not truthy.\n ...logLevelArgs,\n ...binArgs,\n ...otherArgs,\n ],\n {\n ...spawnOpts,\n env: {\n ...process.env,\n ...constants.processEnv,\n ...spawnEnv,\n },\n stdio,\n },\n extra,\n )\n\n spawnPromise.process.send({\n [constants.SOCKET_IPC_HANDSHAKE]: {\n [constants.SOCKET_CLI_SHADOW_API_TOKEN]: getPublicApiToken(),\n [constants.SOCKET_CLI_SHADOW_BIN]: binName,\n [constants.SOCKET_CLI_SHADOW_PROGRESS]: progressArg,\n ...ipc,\n },\n })\n\n return { spawnPromise }\n}\n"],"names":["WIN32","env","__proto__","onlyDirectories","stdio","spawnPromise"],"mappings":";;;;;;;;;;;AAYO;AAIL;AACA;;;AAEQA;AAAM;AACd;;AAEE;AACF;;AAEA;;AAEE;;AAKA;;AACQC;AAAI;AACZA;AACF;AACA;AACF;;ACNe;;AAOXA;;;AAGF;AAAMC;;;AACN;AACA;AACA;AACA;AACA;;AAEA;;AAMQ;AACA;AACA;AACA;AACA;AAOR;AACA;AACA;AACA;;AAIA;AACA;;;;AAGkDC;AAAsB;AAIxE;AACA;;;AAGE;AACEC;AACF;AACF;;AAEA;;AAIA;AAoBI;;AAEA;AACA;;AAMA;AACAH;;;;;AAKAG;;AAKJC;;AAEI;AACA;AACA;;AAEF;AACF;;AAESA;;AACX;;","debugId":"c5a533a4-98e8-498c-a65a-c5509dd4fdbe"}
1
+ {"version":3,"file":"shadow-npm-bin.js","sources":[],"sourcesContent":[],"names":[],"mappings":";;;;;","debugId":"b6ee2805-0bfe-4b8d-a2df-609b517340be"}