@socketsecurity/cli-with-sentry 1.1.42 → 1.1.43
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +8 -0
- package/dist/cli.js +27 -4
- package/dist/cli.js.map +1 -1
- package/dist/constants.js +3 -3
- package/dist/constants.js.map +1 -1
- package/dist/tsconfig.dts.tsbuildinfo +1 -1
- package/dist/types/commands/fix/cmd-fix.d.mts.map +1 -1
- package/dist/types/commands/fix/coana-fix.d.mts.map +1 -1
- package/dist/types/commands/fix/handle-fix.d.mts +1 -1
- package/dist/types/commands/fix/handle-fix.d.mts.map +1 -1
- package/dist/types/commands/fix/types.d.mts +1 -0
- package/dist/types/commands/fix/types.d.mts.map +1 -1
- package/package.json +1 -1
package/CHANGELOG.md
CHANGED
|
@@ -4,6 +4,14 @@ All notable changes to this project will be documented in this file.
|
|
|
4
4
|
|
|
5
5
|
The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/).
|
|
6
6
|
|
|
7
|
+
## [1.1.43](https://github.com/SocketDev/socket-cli/releases/tag/v1.1.43) - 2025-12-08
|
|
8
|
+
|
|
9
|
+
### Added
|
|
10
|
+
- Added `--all` flag to `socket fix` for explicitly processing all vulnerabilities in local mode. Cannot be used with `--id`.
|
|
11
|
+
|
|
12
|
+
### Deprecated
|
|
13
|
+
- Running `socket fix` in local mode without `--all` or `--id` is deprecated. A warning is shown when neither flag is provided. In a future release, one of these flags will be required.
|
|
14
|
+
|
|
7
15
|
## [1.1.42](https://github.com/SocketDev/socket-cli/releases/tag/v1.1.42) - 2025-12-04
|
|
8
16
|
|
|
9
17
|
### Added
|
package/dist/cli.js
CHANGED
|
@@ -3720,6 +3720,7 @@ async function discoverGhsaIds(orgSlug, tarHash, options) {
|
|
|
3720
3720
|
}
|
|
3721
3721
|
async function coanaFix(fixConfig) {
|
|
3722
3722
|
const {
|
|
3723
|
+
all,
|
|
3723
3724
|
applyFixes,
|
|
3724
3725
|
autopilot,
|
|
3725
3726
|
coanaVersion,
|
|
@@ -3775,9 +3776,14 @@ async function coanaFix(fixConfig) {
|
|
|
3775
3776
|
data: uploadCResult.data
|
|
3776
3777
|
};
|
|
3777
3778
|
}
|
|
3778
|
-
const shouldDiscoverGhsaIds = !ghsas.length;
|
|
3779
|
+
const shouldDiscoverGhsaIds = all || !ghsas.length;
|
|
3779
3780
|
const shouldOpenPrs = fixEnv.isCi && fixEnv.repoInfo;
|
|
3780
3781
|
if (!shouldOpenPrs) {
|
|
3782
|
+
// In local mode, if neither --all nor --id is provided, show deprecation warning.
|
|
3783
|
+
if (shouldDiscoverGhsaIds && !all) {
|
|
3784
|
+
logger.logger.warn('Implicit --all is deprecated in local mode and will be removed in a future release. Please use --all explicitly.');
|
|
3785
|
+
}
|
|
3786
|
+
|
|
3781
3787
|
// Inform user about local mode when fixes will be applied.
|
|
3782
3788
|
if (applyFixes && ghsas.length) {
|
|
3783
3789
|
const envCheck = checkCiEnvVars();
|
|
@@ -4167,6 +4173,7 @@ async function convertIdsToGhsas(ids) {
|
|
|
4167
4173
|
return validGhsas;
|
|
4168
4174
|
}
|
|
4169
4175
|
async function handleFix({
|
|
4176
|
+
all,
|
|
4170
4177
|
applyFixes,
|
|
4171
4178
|
autopilot,
|
|
4172
4179
|
coanaVersion,
|
|
@@ -4190,6 +4197,7 @@ async function handleFix({
|
|
|
4190
4197
|
}) {
|
|
4191
4198
|
require$$9.debugFn('notice', `Starting fix command for ${orgSlug}`);
|
|
4192
4199
|
require$$9.debugDir('inspect', {
|
|
4200
|
+
all,
|
|
4193
4201
|
applyFixes,
|
|
4194
4202
|
autopilot,
|
|
4195
4203
|
coanaVersion,
|
|
@@ -4210,6 +4218,7 @@ async function handleFix({
|
|
|
4210
4218
|
unknownFlags
|
|
4211
4219
|
});
|
|
4212
4220
|
await outputFixResult(await coanaFix({
|
|
4221
|
+
all,
|
|
4213
4222
|
applyFixes,
|
|
4214
4223
|
autopilot,
|
|
4215
4224
|
coanaVersion,
|
|
@@ -4281,6 +4290,11 @@ const generalFlags$2 = {
|
|
|
4281
4290
|
// Hidden to allow custom documenting of the negated `--no-major-updates` variant.
|
|
4282
4291
|
hidden: true
|
|
4283
4292
|
},
|
|
4293
|
+
all: {
|
|
4294
|
+
type: 'boolean',
|
|
4295
|
+
default: false,
|
|
4296
|
+
description: 'Process all discovered vulnerabilities in local mode. Cannot be used with --id.'
|
|
4297
|
+
},
|
|
4284
4298
|
id: {
|
|
4285
4299
|
type: 'string',
|
|
4286
4300
|
default: [],
|
|
@@ -4288,7 +4302,7 @@ const generalFlags$2 = {
|
|
|
4288
4302
|
- ${vendor.terminalLinkExports('GHSA IDs', 'https://docs.github.com/en/code-security/security-advisories/working-with-global-security-advisories-from-the-github-advisory-database/about-the-github-advisory-database#about-ghsa-ids')} (e.g., GHSA-xxxx-xxxx-xxxx)
|
|
4289
4303
|
- ${vendor.terminalLinkExports('CVE IDs', 'https://cve.mitre.org/cve/identifiers/')} (e.g., CVE-${new Date().getFullYear()}-1234) - automatically converted to GHSA
|
|
4290
4304
|
- ${vendor.terminalLinkExports('PURLs', 'https://github.com/package-url/purl-spec')} (e.g., pkg:npm/package@1.0.0) - automatically converted to GHSA
|
|
4291
|
-
Can be provided as comma separated values or as multiple flags
|
|
4305
|
+
Can be provided as comma separated values or as multiple flags. Cannot be used with --all.`,
|
|
4292
4306
|
isMultiple: true
|
|
4293
4307
|
},
|
|
4294
4308
|
prLimit: {
|
|
@@ -4434,6 +4448,7 @@ async function run$K(argv, importMeta, {
|
|
|
4434
4448
|
allowUnknownFlags: false
|
|
4435
4449
|
});
|
|
4436
4450
|
const {
|
|
4451
|
+
all,
|
|
4437
4452
|
applyFixes,
|
|
4438
4453
|
autopilot,
|
|
4439
4454
|
ecosystems,
|
|
@@ -4473,6 +4488,9 @@ async function run$K(argv, importMeta, {
|
|
|
4473
4488
|
}
|
|
4474
4489
|
validatedEcosystems.push(ecosystem);
|
|
4475
4490
|
}
|
|
4491
|
+
|
|
4492
|
+
// Collect ghsas early to validate --all and --id mutual exclusivity.
|
|
4493
|
+
const ghsas = arrays.arrayUnique([...utils.cmdFlagValueToArray(cli.flags['id']), ...utils.cmdFlagValueToArray(cli.flags['ghsa']), ...utils.cmdFlagValueToArray(cli.flags['purl'])]);
|
|
4476
4494
|
const wasValidInput = utils.checkCommandInput(outputKind, {
|
|
4477
4495
|
test: utils.RangeStyles.includes(rangeStyle),
|
|
4478
4496
|
message: `Expecting range style of ${arrays.joinOr(utils.RangeStyles)}`,
|
|
@@ -4482,6 +4500,11 @@ async function run$K(argv, importMeta, {
|
|
|
4482
4500
|
test: !json || !markdown,
|
|
4483
4501
|
message: 'The json and markdown flags cannot be both set, pick one',
|
|
4484
4502
|
fail: 'omit one'
|
|
4503
|
+
}, {
|
|
4504
|
+
nook: true,
|
|
4505
|
+
test: !all || !ghsas.length,
|
|
4506
|
+
message: 'The --all and --id flags cannot be used together',
|
|
4507
|
+
fail: 'omit one'
|
|
4485
4508
|
});
|
|
4486
4509
|
if (!wasValidInput) {
|
|
4487
4510
|
return;
|
|
@@ -4504,10 +4527,10 @@ async function run$K(argv, importMeta, {
|
|
|
4504
4527
|
const {
|
|
4505
4528
|
spinner
|
|
4506
4529
|
} = constants.default;
|
|
4507
|
-
const ghsas = arrays.arrayUnique([...utils.cmdFlagValueToArray(cli.flags['id']), ...utils.cmdFlagValueToArray(cli.flags['ghsa']), ...utils.cmdFlagValueToArray(cli.flags['purl'])]);
|
|
4508
4530
|
const includePatterns = utils.cmdFlagValueToArray(include);
|
|
4509
4531
|
const excludePatterns = utils.cmdFlagValueToArray(exclude);
|
|
4510
4532
|
await handleFix({
|
|
4533
|
+
all,
|
|
4511
4534
|
applyFixes,
|
|
4512
4535
|
autopilot,
|
|
4513
4536
|
coanaVersion: fixVersion,
|
|
@@ -15494,5 +15517,5 @@ void (async () => {
|
|
|
15494
15517
|
await utils.captureException(e);
|
|
15495
15518
|
}
|
|
15496
15519
|
})();
|
|
15497
|
-
//# debugId=
|
|
15520
|
+
//# debugId=ebb27358-0f57-49ac-99e3-bf4b9dd0739e
|
|
15498
15521
|
//# sourceMappingURL=cli.js.map
|