@socketsecurity/cli-with-sentry 1.1.25 → 1.1.26

package/dist/vendor.js

@@ -27712,7 +27712,7 @@ var isInteractiveExports = /*@__PURE__*/ requireIsInteractive();
 var dist$e = {};
 
 var name$4 = "@socketsecurity/sdk";
-var version$8 = "1.4.93";
+var version$8 = "1.4.94";
 var license = "MIT";
 var description = "SDK for the Socket API client";
 var author = {
@@ -27761,7 +27761,7 @@ var scripts = {
 	"build:esm": "dotenvx -q run -f .env.local -- tsc -p tsconfig.esm.json",
 	"build:clean:cjs": "dotenvx -q run -f .env.local -- node scripts/rename-dist-cjs-files.mjs",
 	"build:clean:esm": "dotenvx -q run -f .env.local -- node scripts/rename-dist-esm-files.mjs",
-	check: "run-p -c --aggregate-output check:*",
+	check: "node scripts/check.mjs",
 	"check:lint": "dotenvx -q run -f .env.local -- eslint --report-unused-disable-directives .",
 	"check:lint:fix": "npm run check:lint -- --fix",
 	"check:tsc": "dotenvx -q run -f .env.local -- tsc",
@@ -27778,7 +27778,7 @@ var scripts = {
 	"generate-sdk:03-clean-api": "npm run fix && npm run fix",
 	"knip:dependencies": "knip --dependencies",
 	"knip:exports": "knip --include exports,duplicates",
-	lint: "dotenvx -q run -f .env.local -- oxlint -c=.oxlintrc.json --ignore-path=.oxlintignore --tsconfig=tsconfig.json .",
+	lint: "node scripts/lint.mjs",
 	"lint:fix": "run-s -c lint:fix:*",
 	"lint:fix:oxlint": "dotenvx -q run -f .env.local -- oxlint -c=.oxlintrc.json --ignore-path=.oxlintignore --tsconfig=tsconfig.json --quiet --fix . | dev-null",
 	"lint:fix:biome": "dotenvx -q run -f .env.local -- biome format --log-level=none --fix . | dev-null",
@@ -27787,7 +27787,8 @@ var scripts = {
 	precommit: "lint-staged",
 	prepare: "dotenvx -q run -f .env.local -- husky",
 	prepublishOnly: "run-s build",
-	test: "run-s check test:*",
+	"publish:ci": "node scripts/publish.mjs --skip-checks",
+	test: "node scripts/test.mjs",
 	"test:prepare": "dotenvx -q run -f .env.test -- npm run build",
 	"test:unit": "dotenvx -q run -f .env.test -- vitest --run",
 	"test:unit:update": "dotenvx -q run -f .env.test -- vitest --run --update",
@@ -28014,6 +28015,42 @@ function requireDist$e () {
 	    ['usesEval', 'ignore'],
 	    ['zeroWidth', 'ignore']
 	]);
+	/**
+	 * Array of sensitive header names that should be redacted in logs
+	 */
+	const SENSITIVE_HEADERS = [
+	    'authorization',
+	    'cookie',
+	    'set-cookie',
+	    'proxy-authorization',
+	    'www-authenticate',
+	    'proxy-authenticate',
+	];
+	/**
+	 * Sanitize headers for logging by redacting sensitive values.
+	 */
+	function sanitizeHeaders(headers) {
+	    if (!headers) {
+	        return undefined;
+	    }
+	    // Handle readonly string[] case - this shouldn't normally happen for headers
+	    if (Array.isArray(headers)) {
+	        return { headers: headers.join(', ') };
+	    }
+	    const sanitized = {};
+	    // Plain object iteration works for both HeadersRecord and IncomingHttpHeaders
+	    for (const [key, value] of Object.entries(headers)) {
+	        const keyLower = key.toLowerCase();
+	        if (SENSITIVE_HEADERS.includes(keyLower)) {
+	            sanitized[key] = '[REDACTED]';
+	        }
+	        else {
+	            // Handle both string and string[] values
+	            sanitized[key] = Array.isArray(value) ? value.join(', ') : String(value);
+	        }
+	    }
+	    return sanitized;
+	}
 	class ResponseError extends Error {
 	    response;
 	    constructor(response, message = '') {
@@ -28025,32 +28062,114 @@ function requireDist$e () {
 	        Error.captureStackTrace(this, ResponseError);
 	    }
 	}
-	async function createDeleteRequest(baseUrl, urlPath, options) {
-	    const req = getHttpModule(baseUrl)
-	        .request(`${baseUrl}${urlPath}`, {
-	        method: 'DELETE',
-	        ...options
-	    })
-	        .end();
-	    return await getResponse(req);
+	async function createDeleteRequest(baseUrl, urlPath, options, hooks) {
+	    const startTime = Date.now();
+	    const url = `${baseUrl}${urlPath}`;
+	    const method = 'DELETE';
+	    try {
+	        const req = getHttpModule(baseUrl)
+	            .request(url, {
+	            method,
+	            ...options
+	        })
+	            .end();
+	        const response = await getResponse(req);
+	        hooks?.onResponse?.({
+	            method,
+	            url,
+	            duration: Date.now() - startTime,
+	            status: response.statusCode,
+	            statusText: response.statusMessage,
+	            headers: sanitizeHeaders(response.headers),
+	        });
+	        return response;
+	    }
+	    catch (error) {
+	        throw error;
+	    }
 	}
-	async function createGetRequest(baseUrl, urlPath, options) {
-	    const req = getHttpModule(baseUrl)
-	        .request(`${baseUrl}${urlPath}`, {
-	        method: 'GET',
-	        ...options
-	    })
-	        .end();
-	    return await getResponse(req);
+	async function createGetRequest(baseUrl, urlPath, options, hooks) {
+	    const startTime = Date.now();
+	    const url = `${baseUrl}${urlPath}`;
+	    const method = 'GET';
+	    hooks?.onRequest?.({
+	        method,
+	        url,
+	        headers: sanitizeHeaders(options.headers),
+	        timeout: options.timeout,
+	    });
+	    try {
+	        const req = getHttpModule(baseUrl)
+	            .request(url, {
+	            method,
+	            ...options
+	        })
+	            .end();
+	        const response = await getResponse(req);
+	        hooks?.onResponse?.({
+	            method,
+	            url,
+	            duration: Date.now() - startTime,
+	            status: response.statusCode,
+	            statusText: response.statusMessage,
+	            headers: sanitizeHeaders(response.headers),
+	        });
+	        return response;
+	    }
+	    catch (error) {
+	        hooks?.onResponse?.({
+	            method,
+	            url,
+	            duration: Date.now() - startTime,
+	            error: error,
+	        });
+	        throw error;
+	    }
 	}
-	async function createPostRequest(baseUrl, urlPath, postJson, options) {
-	    const req = getHttpModule(baseUrl)
-	        .request(`${baseUrl}${urlPath}`, {
-	        method: 'POST',
-	        ...options
-	    })
-	        .end(JSON.stringify(postJson));
-	    return await getResponse(req);
+	async function createPostRequest(baseUrl, urlPath, postJson, options, hooks) {
+	    const startTime = Date.now();
+	    const url = `${baseUrl}${urlPath}`;
+	    const method = 'POST';
+	    const body = JSON.stringify(postJson);
+	    const headers = {
+	        ...options?.headers,
+	        'Content-Length': Buffer.byteLength(body, 'utf8'),
+	        'Content-Type': 'application/json',
+	    };
+	    hooks?.onRequest?.({
+	        method,
+	        url,
+	        headers: sanitizeHeaders(headers),
+	        timeout: options.timeout,
+	    });
+	    try {
+	        const req = getHttpModule(baseUrl).request(url, {
+	            method,
+	            ...options,
+	            headers,
+	        });
+	        req.write(body);
+	        req.end();
+	        const response = await getResponse(req);
+	        hooks?.onResponse?.({
+	            method,
+	            url,
+	            duration: Date.now() - startTime,
+	            status: response.statusCode,
+	            statusText: response.statusMessage,
+	            headers: sanitizeHeaders(response.headers),
+	        });
+	        return response;
+	    }
+	    catch (error) {
+	        hooks?.onResponse?.({
+	            method,
+	            url,
+	            duration: Date.now() - startTime,
+	            error: error,
+	        });
+	        throw error;
+	    }
 	}
 	function createRequestBodyForFilepaths(filepaths, basePath) {
 	    const requestBody = [];
@@ -28075,7 +28194,7 @@ function requireDist$e () {
 	        '\r\n'
 	    ];
 	}
-	async function createUploadRequest(baseUrl, urlPath, requestBodyNoBoundaries, options) {
+	async function createUploadRequest(baseUrl, urlPath, requestBodyNoBoundaries, options, hooks) {
 	    // This function constructs and sends a multipart/form-data HTTP POST request
 	    // where each part is streamed to the server. It supports string payloads
 	    // and readable streams (e.g., large file uploads).
@@ -28102,18 +28221,45 @@ function requireDist$e () {
 	            finalBoundary
 	        ];
 	        const url = new URL(urlPath, baseUrl);
+	        const method = 'POST';
+	        const headers = {
+	            ...options?.headers,
+	            'Content-Type': `multipart/form-data; boundary=${boundary}`,
+	        };
+	        const startTime = Date.now();
 	        const req = getHttpModule(baseUrl).request(url, {
-	            method: 'POST',
+	            method,
 	            ...options,
-	            headers: {
-	                ...options?.headers,
-	                'Content-Type': `multipart/form-data; boundary=${boundary}`
-	            }
+	            headers,
+	        });
+	        hooks?.onRequest?.({
+	            method,
+	            url: url.toString(),
+	            headers: sanitizeHeaders(headers),
+	            timeout: options.timeout,
 	        });
 	        // Send headers early to prompt server validation (auth, URL, quota, etc.).
 	        req.flushHeaders();
 	        // Concurrently wait for response while we stream body.
-	        getResponse(req).then(pass, fail);
+	        getResponse(req).then(response => {
+	            hooks?.onResponse?.({
+	                method,
+	                url: url.toString(),
+	                duration: Date.now() - startTime,
+	                status: response.statusCode,
+	                statusText: response.statusMessage,
+	                headers: sanitizeHeaders(response.headers),
+	            });
+	            pass(response);
+	        }, error => {
+	            hooks?.onResponse?.({
+	                method,
+	                url: url.toString(),
+	                duration: Date.now() - startTime,
+	                error: error,
+	            });
+	            fail(error);
+	        });
 	        let aborted = false;
 	        req.on('error', () => (aborted = true));
 	        req.on('close', () => (aborted = true));
@@ -28354,9 +28500,10 @@ function requireDist$e () {
 	class SocketSdk {
 	    #apiToken;
 	    #baseUrl;
+	    #hooks;
 	    #reqOptions;
 	    constructor(apiToken, options) {
-	        const { agent: agentOrObj, baseUrl = 'https://api.socket.dev/v0/', timeout, userAgent } = { __proto__: null, ...options };
+	        const { agent: agentOrObj, baseUrl = 'https://api.socket.dev/v0/', hooks, timeout, userAgent } = { __proto__: null, ...options };
 	        const agentKeys = agentOrObj ? Object.keys(agentOrObj) : [];
 	        const agentAsGotOptions = agentOrObj;
 	        const agent = (agentKeys.length && agentKeys.every(k => agentNames.has(k))
@@ -28366,6 +28513,7 @@ function requireDist$e () {
 	            : agentOrObj);
 	        this.#apiToken = apiToken;
 	        this.#baseUrl = baseUrl;
+	        this.#hooks = hooks;
 	        this.#reqOptions = {
 	            ...(agent ? { agent } : {}),
 	            headers: {
@@ -28594,7 +28742,7 @@ function requireDist$e () {
 	        const basePath = resolveBasePath(pathsRelativeTo);
 	        const absFilepaths = resolveAbsPaths(filepaths, basePath);
 	        try {
-	            const data = await getResponseJson(await createUploadRequest(this.#baseUrl, `dependencies/upload?${queryToSearchParams(queryParams)}`, createRequestBodyForFilepaths(absFilepaths, basePath), this.#reqOptions));
+	            const data = await getResponseJson(await createUploadRequest(this.#baseUrl, `dependencies/upload?${queryToSearchParams(queryParams)}`, createRequestBodyForFilepaths(absFilepaths, basePath), this.#reqOptions, this.#hooks));
 	            return this.#handleApiSuccess(data);
 	        }
 	        catch (e) {
@@ -28614,7 +28762,7 @@ function requireDist$e () {
 	        const basePath = resolveBasePath(pathsRelativeTo);
 	        const absFilepaths = resolveAbsPaths(filepaths, basePath);
 	        try {
-	            const data = await getResponseJson(await createUploadRequest(this.#baseUrl, `orgs/${encodeURIComponent(orgSlug)}/full-scans?${queryToSearchParams(queryParams)}`, createRequestBodyForFilepaths(absFilepaths, basePath), this.#reqOptions));
+	            const data = await getResponseJson(await createUploadRequest(this.#baseUrl, `orgs/${encodeURIComponent(orgSlug)}/full-scans?${queryToSearchParams(queryParams)}`, createRequestBodyForFilepaths(absFilepaths, basePath), this.#reqOptions, this.#hooks));
 	            return this.#handleApiSuccess(data);
 	        }
 	        catch (e) {
@@ -28623,7 +28771,7 @@ function requireDist$e () {
 	    }
 	    async createOrgRepo(orgSlug, queryParams) {
 	        try {
-	            const data = await getResponseJson(await createPostRequest(this.#baseUrl, `orgs/${encodeURIComponent(orgSlug)}/repos`, queryParams, this.#reqOptions));
+	            const data = await getResponseJson(await createPostRequest(this.#baseUrl, `orgs/${encodeURIComponent(orgSlug)}/repos`, queryParams, this.#reqOptions, this.#hooks));
 	            return this.#handleApiSuccess(data);
 	        }
 	        catch (e) {
@@ -28642,7 +28790,7 @@ function requireDist$e () {
 	            ], {
 	                ...this.#reqOptions,
 	                method: 'PUT'
-	            });
+	            }, this.#hooks);
 	            return this.#handleApiSuccess(data);
 	        }
 	        catch (e) {
@@ -28782,7 +28930,7 @@ function requireDist$e () {
 	    }
 	    async getQuota() {
 	        try {
-	            const data = await getResponseJson(await createGetRequest(this.#baseUrl, 'quota', this.#reqOptions));
+	            const data = await getResponseJson(await createGetRequest(this.#baseUrl, 'quota', this.#reqOptions, this.#hooks));
 	            return this.#handleApiSuccess(data);
 	        }
 	        catch (e) {
@@ -28865,7 +29013,7 @@ function requireDist$e () {
 	        const basePath = resolveBasePath(pathsRelativeTo);
 	        const absFilepaths = resolveAbsPaths(filepaths, basePath);
 	        try {
-	            const data = await getResponseJson(await createUploadRequest(this.#baseUrl, `orgs/${encodeURIComponent(orgSlug)}/upload-manifest-files`, createRequestBodyForFilepaths(absFilepaths, basePath), this.#reqOptions));
+	            const data = await getResponseJson(await createUploadRequest(this.#baseUrl, `orgs/${encodeURIComponent(orgSlug)}/upload-manifest-files`, createRequestBodyForFilepaths(absFilepaths, basePath), this.#reqOptions, this.#hooks));
 	            return this.#handleApiSuccess(data);
 	        }
 	        catch (e) {
@@ -162070,5 +162218,5 @@ exports.terminalLinkExports = terminalLinkExports;
 exports.updater = updater$1;
 exports.yargsParser = yargsParser;
 exports.yoctocolorsCjsExports = yoctocolorsCjsExports;
-//# debugId=9a6302b5-f211-4b16-8677-590380a490f0
+//# debugId=3d614f77-809d-4117-9e22-04bd010c12f2
 //# sourceMappingURL=vendor.js.map

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@socketsecurity/cli-with-sentry",
-  "version": "1.1.25",
+  "version": "1.1.26",
   "description": "CLI for Socket.dev, includes Sentry error handling, otherwise identical to the regular `socket` package",
   "homepage": "https://github.com/SocketDev/socket-cli",
   "license": "MIT AND OFL-1.1",
@@ -122,7 +122,7 @@
     "@socketregistry/packageurl-js": "1.0.9",
     "@socketsecurity/config": "3.0.1",
     "@socketsecurity/registry": "1.1.17",
-    "@socketsecurity/sdk": "1.4.93",
+    "@socketsecurity/sdk": "1.4.94",
     "@types/blessed": "0.1.25",
     "@types/cmd-shim": "5.0.2",
     "@types/js-yaml": "4.0.9",
@@ -290,6 +290,6 @@
     "strict": true
   },
   "dependencies": {
-    "@sentry/node": "10.19.0"
+    "@sentry/node": "10.23.0"
   }
 }