@socketsecurity/cli-with-sentry 1.1.25 → 1.1.27

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (25) hide show
  1. package/CHANGELOG.md +10 -0
  2. package/dist/cli.js +114 -49
  3. package/dist/cli.js.map +1 -1
  4. package/dist/constants.js +5 -3
  5. package/dist/constants.js.map +1 -1
  6. package/dist/tsconfig.dts.tsbuildinfo +1 -1
  7. package/dist/types/commands/fix/cmd-fix.d.mts.map +1 -1
  8. package/dist/types/commands/fix/coana-fix.d.mts.map +1 -1
  9. package/dist/types/commands/fix/handle-fix.d.mts +1 -4
  10. package/dist/types/commands/fix/handle-fix.d.mts.map +1 -1
  11. package/dist/types/commands/fix/types.d.mts +4 -3
  12. package/dist/types/commands/fix/types.d.mts.map +1 -1
  13. package/dist/types/commands/scan/create-scan-from-github.d.mts.map +1 -1
  14. package/dist/types/commands/scan/fetch-create-org-full-scan.d.mts.map +1 -1
  15. package/dist/types/constants.d.mts +1 -0
  16. package/dist/types/constants.d.mts.map +1 -1
  17. package/dist/types/utils/api.d.mts +0 -1
  18. package/dist/types/utils/api.d.mts.map +1 -1
  19. package/dist/types/utils/debug.d.mts +7 -2
  20. package/dist/types/utils/debug.d.mts.map +1 -1
  21. package/dist/types/utils/sdk.d.mts.map +1 -1
  22. package/dist/utils.js +71 -32
  23. package/dist/utils.js.map +1 -1
  24. package/dist/vendor.js +191 -43
  25. package/package.json +3 -3
package/CHANGELOG.md CHANGED
@@ -4,6 +4,16 @@ All notable changes to this project will be documented in this file.
4
4
 
5
5
  The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/).
6
6
 
7
+ ## [1.1.27](https://github.com/SocketDev/socket-cli/releases/tag/v1.1.27) - 2025-11-12
8
+
9
+ ### Added
10
+ - Backported `--exclude` and `--include` flags for `socket fix` command from v2
11
+
12
+ ## [1.1.26](https://github.com/SocketDev/socket-cli/releases/tag/v1.1.26) - 2025-11-08
13
+
14
+ ### Added
15
+ - Debug logging of API requests/responses
16
+
7
17
  ## [1.1.23](https://github.com/SocketDev/socket-cli/releases/tag/v1.1.23) - 2025-09-22
8
18
 
9
19
  ### Changed
package/dist/cli.js CHANGED
@@ -12,9 +12,9 @@ var constants = require('./constants.js');
12
12
  var flags = require('./flags.js');
13
13
  var path = require('node:path');
14
14
  var words = require('../external/@socketsecurity/registry/lib/words');
15
+ var fs$1 = require('node:fs');
15
16
  var arrays = require('../external/@socketsecurity/registry/lib/arrays');
16
17
  var prompts = require('../external/@socketsecurity/registry/lib/prompts');
17
- var fs$1 = require('node:fs');
18
18
  var spawn = require('../external/@socketsecurity/registry/lib/spawn');
19
19
  var fs$2 = require('../external/@socketsecurity/registry/lib/fs');
20
20
  var strings = require('../external/@socketsecurity/registry/lib/strings');
@@ -907,6 +907,17 @@ async function fetchCreateOrgFullScan(packagePaths, orgSlug, config, options) {
907
907
  return sockSdkCResult;
908
908
  }
909
909
  const sockSdk = sockSdkCResult.data;
910
+ if (constants.default.ENV.SOCKET_CLI_DEBUG) {
911
+ const fileInfo = await Promise.all(packagePaths.map(async p => {
912
+ const absPath = path.resolve(process.cwd(), p);
913
+ const stat = await fs$1.promises.stat(absPath);
914
+ return {
915
+ path: absPath,
916
+ size: stat.size
917
+ };
918
+ }));
919
+ logger.logger.info(`[DEBUG] ${new Date().toISOString()} Uploading full scan manifests: ${JSON.stringify(fileInfo)}`);
920
+ }
910
921
  return await utils.handleApiCall(sockSdk.createOrgFullScan(orgSlug, packagePaths, cwd, {
911
922
  ...(branchName ? {
912
923
  branch: branchName
@@ -3548,8 +3559,9 @@ async function coanaFix(fixConfig) {
3548
3559
  autopilot,
3549
3560
  cwd,
3550
3561
  disableMajorUpdates,
3562
+ exclude,
3551
3563
  ghsas,
3552
- glob,
3564
+ include,
3553
3565
  limit,
3554
3566
  minimumReleaseAge,
3555
3567
  orgSlug,
@@ -3619,7 +3631,7 @@ async function coanaFix(fixConfig) {
3619
3631
  }
3620
3632
  };
3621
3633
  }
3622
- const fixCResult = await utils.spawnCoanaDlx(['compute-fixes-and-upgrade-purls', cwd, '--manifests-tar-hash', tarHash, '--apply-fixes-to', ...(isAll ? ['all'] : ghsas), ...(fixConfig.rangeStyle ? ['--range-style', fixConfig.rangeStyle] : []), ...(minimumReleaseAge ? ['--minimum-release-age', minimumReleaseAge] : []), ...(glob ? ['--glob', glob] : []), ...(!applyFixes ? [constants.FLAG_DRY_RUN] : []), ...(outputFile ? ['--output-file', outputFile] : []), ...(disableMajorUpdates ? ['--disable-major-updates'] : []), ...(showAffectedDirectDependencies ? ['--show-affected-direct-dependencies'] : []), ...fixConfig.unknownFlags], fixConfig.orgSlug, {
3634
+ const fixCResult = await utils.spawnCoanaDlx(['compute-fixes-and-upgrade-purls', cwd, '--manifests-tar-hash', tarHash, '--apply-fixes-to', ...(isAll ? ['all'] : ghsas), ...(fixConfig.rangeStyle ? ['--range-style', fixConfig.rangeStyle] : []), ...(minimumReleaseAge ? ['--minimum-release-age', minimumReleaseAge] : []), ...(include.length ? ['--include', ...include] : []), ...(exclude.length ? ['--exclude', ...exclude] : []), ...(!applyFixes ? [constants.FLAG_DRY_RUN] : []), ...(outputFile ? ['--output-file', outputFile] : []), ...(disableMajorUpdates ? ['--disable-major-updates'] : []), ...(showAffectedDirectDependencies ? ['--show-affected-direct-dependencies'] : []), ...fixConfig.unknownFlags], fixConfig.orgSlug, {
3623
3635
  cwd,
3624
3636
  spinner,
3625
3637
  stdio: 'inherit'
@@ -3654,7 +3666,7 @@ async function coanaFix(fixConfig) {
3654
3666
  const shouldSpawnCoana = adjustedLimit > 0;
3655
3667
  let ids;
3656
3668
  if (shouldSpawnCoana && isAll) {
3657
- const foundCResult = await utils.spawnCoanaDlx(['compute-fixes-and-upgrade-purls', cwd, '--manifests-tar-hash', tarHash, ...(fixConfig.rangeStyle ? ['--range-style', fixConfig.rangeStyle] : []), ...(minimumReleaseAge ? ['--minimum-release-age', minimumReleaseAge] : []), ...(glob ? ['--glob', glob] : []), ...(disableMajorUpdates ? ['--disable-major-updates'] : []), ...(showAffectedDirectDependencies ? ['--show-affected-direct-dependencies'] : []), ...fixConfig.unknownFlags], fixConfig.orgSlug, {
3669
+ const foundCResult = await utils.spawnCoanaDlx(['compute-fixes-and-upgrade-purls', cwd, '--manifests-tar-hash', tarHash, ...(fixConfig.rangeStyle ? ['--range-style', fixConfig.rangeStyle] : []), ...(minimumReleaseAge ? ['--minimum-release-age', minimumReleaseAge] : []), ...(include.length ? ['--include', ...include] : []), ...(exclude.length ? ['--exclude', ...exclude] : []), ...(disableMajorUpdates ? ['--disable-major-updates'] : []), ...(showAffectedDirectDependencies ? ['--show-affected-direct-dependencies'] : []), ...fixConfig.unknownFlags], fixConfig.orgSlug, {
3658
3670
  cwd,
3659
3671
  spinner
3660
3672
  });
@@ -3696,7 +3708,7 @@ async function coanaFix(fixConfig) {
3696
3708
 
3697
3709
  // Apply fix for single GHSA ID.
3698
3710
  // eslint-disable-next-line no-await-in-loop
3699
- const fixCResult = await utils.spawnCoanaDlx(['compute-fixes-and-upgrade-purls', cwd, '--manifests-tar-hash', tarHash, '--apply-fixes-to', ghsaId, ...(fixConfig.rangeStyle ? ['--range-style', fixConfig.rangeStyle] : []), ...(minimumReleaseAge ? ['--minimum-release-age', minimumReleaseAge] : []), ...(glob ? ['--glob', glob] : []), ...(disableMajorUpdates ? ['--disable-major-updates'] : []), ...(showAffectedDirectDependencies ? ['--show-affected-direct-dependencies'] : []), ...fixConfig.unknownFlags], fixConfig.orgSlug, {
3711
+ const fixCResult = await utils.spawnCoanaDlx(['compute-fixes-and-upgrade-purls', cwd, '--manifests-tar-hash', tarHash, '--apply-fixes-to', ghsaId, ...(fixConfig.rangeStyle ? ['--range-style', fixConfig.rangeStyle] : []), ...(minimumReleaseAge ? ['--minimum-release-age', minimumReleaseAge] : []), ...(include.length ? ['--include', ...include] : []), ...(exclude.length ? ['--exclude', ...exclude] : []), ...(disableMajorUpdates ? ['--disable-major-updates'] : []), ...(showAffectedDirectDependencies ? ['--show-affected-direct-dependencies'] : []), ...fixConfig.unknownFlags], fixConfig.orgSlug, {
3700
3712
  cwd,
3701
3713
  spinner,
3702
3714
  stdio: 'inherit'
@@ -3910,8 +3922,9 @@ async function handleFix({
3910
3922
  autopilot,
3911
3923
  cwd,
3912
3924
  disableMajorUpdates,
3925
+ exclude,
3913
3926
  ghsas,
3914
- glob,
3927
+ include,
3915
3928
  limit,
3916
3929
  minSatisfying,
3917
3930
  minimumReleaseAge,
@@ -3926,14 +3939,16 @@ async function handleFix({
3926
3939
  }) {
3927
3940
  require$$9.debugFn('notice', `Starting fix command for ${orgSlug}`);
3928
3941
  require$$9.debugDir('inspect', {
3942
+ applyFixes,
3929
3943
  autopilot,
3930
3944
  cwd,
3931
3945
  disableMajorUpdates,
3946
+ exclude,
3932
3947
  ghsas,
3933
- glob,
3948
+ include,
3934
3949
  limit,
3935
3950
  minSatisfying,
3936
- applyFixes,
3951
+ minimumReleaseAge,
3937
3952
  outputFile,
3938
3953
  outputKind,
3939
3954
  prCheck,
@@ -3942,21 +3957,22 @@ async function handleFix({
3942
3957
  unknownFlags
3943
3958
  });
3944
3959
  await outputFixResult(await coanaFix({
3945
- autopilot,
3946
3960
  applyFixes,
3961
+ autopilot,
3947
3962
  cwd,
3948
3963
  disableMajorUpdates,
3949
- // Convert mixed CVE/GHSA/PURL inputs to GHSA IDs only
3964
+ exclude,
3965
+ // Convert mixed CVE/GHSA/PURL inputs to GHSA IDs only.
3950
3966
  ghsas: await convertIdsToGhsas(ghsas),
3951
- glob,
3967
+ include,
3952
3968
  limit,
3953
3969
  minimumReleaseAge,
3954
3970
  orgSlug,
3971
+ outputFile,
3955
3972
  rangeStyle,
3956
3973
  showAffectedDirectDependencies,
3957
3974
  spinner,
3958
- unknownFlags,
3959
- outputFile
3975
+ unknownFlags
3960
3976
  }), outputKind);
3961
3977
  }
3962
3978
 
@@ -3983,6 +3999,20 @@ const generalFlags$2 = {
3983
3999
  // Hidden to allow custom documenting of the negated `--no-apply-fixes` variant.
3984
4000
  hidden: true
3985
4001
  },
4002
+ exclude: {
4003
+ type: 'string',
4004
+ default: [],
4005
+ description: 'Exclude workspaces matching these glob patterns. Can be provided as comma separated values or as multiple flags',
4006
+ isMultiple: true,
4007
+ hidden: false
4008
+ },
4009
+ include: {
4010
+ type: 'string',
4011
+ default: [],
4012
+ description: 'Include workspaces matching these glob patterns. Can be provided as comma separated values or as multiple flags',
4013
+ isMultiple: true,
4014
+ hidden: false
4015
+ },
3986
4016
  majorUpdates: {
3987
4017
  type: 'boolean',
3988
4018
  default: true,
@@ -4040,12 +4070,6 @@ const hiddenFlags = {
4040
4070
  ...generalFlags$2['id'],
4041
4071
  hidden: true
4042
4072
  },
4043
- glob: {
4044
- type: 'string',
4045
- default: '',
4046
- description: 'Glob pattern to filter workspaces by',
4047
- hidden: true
4048
- },
4049
4073
  maxSatisfying: {
4050
4074
  type: 'boolean',
4051
4075
  default: true,
@@ -4144,7 +4168,8 @@ async function run$K(argv, importMeta, {
4144
4168
  const {
4145
4169
  applyFixes,
4146
4170
  autopilot,
4147
- glob,
4171
+ exclude,
4172
+ include,
4148
4173
  json,
4149
4174
  limit,
4150
4175
  majorUpdates,
@@ -4195,24 +4220,27 @@ async function run$K(argv, importMeta, {
4195
4220
  spinner
4196
4221
  } = constants.default;
4197
4222
  const ghsas = arrays.arrayUnique([...utils.cmdFlagValueToArray(cli.flags['id']), ...utils.cmdFlagValueToArray(cli.flags['ghsa']), ...utils.cmdFlagValueToArray(cli.flags['purl'])]);
4223
+ const includePatterns = utils.cmdFlagValueToArray(include);
4224
+ const excludePatterns = utils.cmdFlagValueToArray(exclude);
4198
4225
  await handleFix({
4199
- autopilot,
4200
4226
  applyFixes,
4227
+ autopilot,
4201
4228
  cwd,
4202
4229
  disableMajorUpdates,
4230
+ exclude: excludePatterns,
4203
4231
  ghsas,
4204
- glob,
4232
+ include: includePatterns,
4205
4233
  limit,
4206
4234
  minimumReleaseAge,
4207
4235
  minSatisfying,
4208
- prCheck,
4209
4236
  orgSlug,
4237
+ outputFile,
4210
4238
  outputKind,
4239
+ prCheck,
4211
4240
  rangeStyle,
4212
4241
  showAffectedDirectDependencies,
4213
4242
  spinner,
4214
- unknownFlags,
4215
- outputFile
4243
+ unknownFlags
4216
4244
  });
4217
4245
  }
4218
4246
 
@@ -11969,12 +11997,20 @@ async function downloadManifestFile({
11969
11997
  require$$9.debugDir('inspect', {
11970
11998
  fileUrl
11971
11999
  });
11972
- const downloadUrlResponse = await fetch(fileUrl, {
11973
- method: 'GET',
11974
- headers: {
11975
- Authorization: `Bearer ${githubToken}`
11976
- }
11977
- });
12000
+ utils.debugApiRequest('GET', fileUrl);
12001
+ let downloadUrlResponse;
12002
+ try {
12003
+ downloadUrlResponse = await fetch(fileUrl, {
12004
+ method: 'GET',
12005
+ headers: {
12006
+ Authorization: `Bearer ${githubToken}`
12007
+ }
12008
+ });
12009
+ utils.debugApiResponse('GET', fileUrl, downloadUrlResponse.status);
12010
+ } catch (e) {
12011
+ utils.debugApiResponse('GET', fileUrl, undefined, e);
12012
+ throw e;
12013
+ }
11978
12014
  require$$9.debugFn('notice', 'complete: request');
11979
12015
  const downloadUrlText = await downloadUrlResponse.text();
11980
12016
  require$$9.debugFn('inspect', 'response: raw download url', downloadUrlText);
@@ -12011,7 +12047,9 @@ async function streamDownloadWithFetch(localPath, downloadUrl) {
12011
12047
  let response; // Declare response here to access it in catch if needed
12012
12048
 
12013
12049
  try {
12050
+ utils.debugApiRequest('GET', downloadUrl);
12014
12051
  response = await fetch(downloadUrl);
12052
+ utils.debugApiResponse('GET', downloadUrl, response.status);
12015
12053
  if (!response.ok) {
12016
12054
  const errorMsg = `Download failed due to bad server response: ${response.status} ${response.statusText} for ${downloadUrl}`;
12017
12055
  logger.logger.fail(errorMsg);
@@ -12050,6 +12088,9 @@ async function streamDownloadWithFetch(localPath, downloadUrl) {
12050
12088
  data: localPath
12051
12089
  };
12052
12090
  } catch (e) {
12091
+ if (!response) {
12092
+ utils.debugApiResponse('GET', downloadUrl, undefined, e);
12093
+ }
12053
12094
  logger.logger.fail('An error was thrown while trying to download a manifest file... url:', downloadUrl);
12054
12095
  require$$9.debugDir('error', e);
12055
12096
 
@@ -12091,11 +12132,19 @@ async function getLastCommitDetails({
12091
12132
  logger.logger.info(`Requesting last commit for default branch ${defaultBranch} for ${orgGithub}/${repoSlug}...`);
12092
12133
  const commitApiUrl = `${repoApiUrl}/commits?sha=${defaultBranch}&per_page=1`;
12093
12134
  require$$9.debugFn('inspect', 'url: commit', commitApiUrl);
12094
- const commitResponse = await fetch(commitApiUrl, {
12095
- headers: {
12096
- Authorization: `Bearer ${githubToken}`
12097
- }
12098
- });
12135
+ utils.debugApiRequest('GET', commitApiUrl);
12136
+ let commitResponse;
12137
+ try {
12138
+ commitResponse = await fetch(commitApiUrl, {
12139
+ headers: {
12140
+ Authorization: `Bearer ${githubToken}`
12141
+ }
12142
+ });
12143
+ utils.debugApiResponse('GET', commitApiUrl, commitResponse.status);
12144
+ } catch (e) {
12145
+ utils.debugApiResponse('GET', commitApiUrl, undefined, e);
12146
+ throw e;
12147
+ }
12099
12148
  const commitText = await commitResponse.text();
12100
12149
  require$$9.debugFn('inspect', 'response: commit', commitText);
12101
12150
  let lastCommit;
@@ -12187,12 +12236,20 @@ async function getRepoDetails({
12187
12236
  require$$9.debugDir('inspect', {
12188
12237
  repoApiUrl
12189
12238
  });
12190
- const repoDetailsResponse = await fetch(repoApiUrl, {
12191
- method: 'GET',
12192
- headers: {
12193
- Authorization: `Bearer ${githubToken}`
12194
- }
12195
- });
12239
+ let repoDetailsResponse;
12240
+ try {
12241
+ utils.debugApiRequest('GET', repoApiUrl);
12242
+ repoDetailsResponse = await fetch(repoApiUrl, {
12243
+ method: 'GET',
12244
+ headers: {
12245
+ Authorization: `Bearer ${githubToken}`
12246
+ }
12247
+ });
12248
+ utils.debugApiResponse('GET', repoApiUrl, repoDetailsResponse.status);
12249
+ } catch (e) {
12250
+ utils.debugApiResponse('GET', repoApiUrl, undefined, e);
12251
+ throw e;
12252
+ }
12196
12253
  logger.logger.success(`Request completed.`);
12197
12254
  const repoDetailsText = await repoDetailsResponse.text();
12198
12255
  require$$9.debugFn('inspect', 'response: repo', repoDetailsText);
@@ -12235,12 +12292,20 @@ async function getRepoBranchTree({
12235
12292
  logger.logger.info(`Requesting default branch file tree; branch \`${defaultBranch}\`, repo \`${orgGithub}/${repoSlug}\`...`);
12236
12293
  const treeApiUrl = `${repoApiUrl}/git/trees/${defaultBranch}?recursive=1`;
12237
12294
  require$$9.debugFn('inspect', 'url: tree', treeApiUrl);
12238
- const treeResponse = await fetch(treeApiUrl, {
12239
- method: 'GET',
12240
- headers: {
12241
- Authorization: `Bearer ${githubToken}`
12242
- }
12243
- });
12295
+ let treeResponse;
12296
+ try {
12297
+ utils.debugApiRequest('GET', treeApiUrl);
12298
+ treeResponse = await fetch(treeApiUrl, {
12299
+ method: 'GET',
12300
+ headers: {
12301
+ Authorization: `Bearer ${githubToken}`
12302
+ }
12303
+ });
12304
+ utils.debugApiResponse('GET', treeApiUrl, treeResponse.status);
12305
+ } catch (e) {
12306
+ utils.debugApiResponse('GET', treeApiUrl, undefined, e);
12307
+ throw e;
12308
+ }
12244
12309
  const treeText = await treeResponse.text();
12245
12310
  require$$9.debugFn('inspect', 'response: tree', treeText);
12246
12311
  let treeDetails;
@@ -14995,5 +15060,5 @@ void (async () => {
14995
15060
  await utils.captureException(e);
14996
15061
  }
14997
15062
  })();
14998
- //# debugId=3a127de6-5ee9-48f9-aded-7e7e7e868c6a
15063
+ //# debugId=ede65737-8f7f-42fe-be24-d7339a0b3189
14999
15064
  //# sourceMappingURL=cli.js.map