@socketsecurity/cli 0.11.0 → 0.12.0

package/dist/npx-cli.d.ts

@@ -0,0 +1,2 @@
+#!/usr/bin/env node
+export {};

package/dist/npx-cli.js

@@ -0,0 +1,60 @@
+#!/usr/bin/env node
+'use strict';
+
+var vendor = require('./vendor.js');
+var require$$0 = require('node:child_process');
+var require$$0$1 = require('node:fs');
+var require$$1 = require('node:path');
+var link = require('./link.js');
+
+var npxCli$1 = {};
+
+var npxCli = {};
+
+var _nodeChild_process = require$$0;
+var _nodeFs = require$$0$1;
+var _nodePath = require$$1;
+var _link = link.link;
+const realFilename = (0, _nodeFs.realpathSync)(__filename);
+const realDirname = _nodePath.dirname(realFilename);
+const npxPath = (0, _link.installLinks)(_nodePath.join(realDirname, 'bin'), 'npx');
+const injectionPath = _nodePath.join(realDirname, 'npm-injection.js');
+process.exitCode = 1;
+(0, _nodeChild_process.spawn)(process.execPath, ['--require', injectionPath, npxPath, ...process.argv.slice(2)], {
+  stdio: 'inherit'
+}).on('exit', (code, signal) => {
+  if (signal) {
+    process.kill(process.pid, signal);
+  } else if (code !== null) {
+    process.exit(code);
+  }
+});
+
+(function (exports) {
+
+	var _interopRequireWildcard = vendor.interopRequireWildcard.default;
+	Object.defineProperty(exports, "__esModule", {
+	  value: true
+	});
+	var _exportNames = {};
+	Object.defineProperty(exports, "default", {
+	  enumerable: true,
+	  get: function () {
+	    return _npxCli.default;
+	  }
+	});
+	var _npxCli = _interopRequireWildcard(npxCli, true);
+	Object.keys(_npxCli).forEach(function (key) {
+	  if (key === "default" || key === "__esModule") return;
+	  if (Object.prototype.hasOwnProperty.call(_exportNames, key)) return;
+	  if (key in exports && exports[key] === _npxCli[key]) return;
+	  Object.defineProperty(exports, key, {
+	    enumerable: true,
+	    get: function () {
+	      return _npxCli[key];
+	    }
+	  });
+	}); 
+} (npxCli$1));
+
+module.exports = npxCli$1;

package/dist/path-resolve.d.ts

@@ -0,0 +1,12 @@
+/// <reference types="node" />
+import { SocketYml } from '@socketsecurity/config';
+import { SocketSdkReturnType } from '@socketsecurity/sdk';
+declare function directories(): ("node_modules" | ".git" | ".log" | ".nyc_output" | ".sass-cache" | ".yarn" | "bower_components" | "coverage" | "flow-typed")[];
+declare function directoryPatterns(): string[];
+declare function arrayUnique<T>(array: T[]): T[];
+declare function getPackageFiles(cwd: string, inputPaths: string[], config: SocketYml | undefined, supportedFiles: SocketSdkReturnType<'getReportSupportedFiles'>['data'], debugLog: typeof console.error): Promise<string[]>;
+declare function getPackageFilesFullScans(cwd: string, inputPaths: string[], supportedFiles: SocketSdkReturnType<'getReportSupportedFiles'>['data'], debugLog: typeof console.error): Promise<string[]>;
+declare function mapGlobResultToFiles(entries: string[], supportedFiles: SocketSdkReturnType<'getReportSupportedFiles'>['data']): Promise<string[]>;
+declare function mapGlobEntryToFiles(entry: string, supportedFiles: SocketSdkReturnType<'getReportSupportedFiles'>['data']): Promise<string[]>;
+declare function findRoot(filepath: string): string | undefined;
+export { directories, directoryPatterns, arrayUnique, getPackageFiles, getPackageFilesFullScans, mapGlobResultToFiles, mapGlobEntryToFiles, findRoot };

package/dist/path-resolve.js

@@ -0,0 +1,139 @@
+'use strict';
+
+var require$$1 = require('node:fs/promises');
+var require$$1$1 = require('node:path');
+var vendor = require('./vendor.js');
+var require$$5 = require('ignore');
+
+var pathResolve = {};
+
+var arrays = {};
+
+Object.defineProperty(arrays, "__esModule", {
+  value: true
+});
+arrays.arrayUnique = arrayUnique;
+function arrayUnique(array) {
+  return [...new Set(array)];
+}
+
+var ignoreByDefault = {};
+
+Object.defineProperty(ignoreByDefault, "__esModule", {
+  value: true
+});
+ignoreByDefault.directories = directories;
+ignoreByDefault.directoryPatterns = directoryPatterns;
+const ignoredDirs = [
+// Taken from ignore-by-default:
+// https://github.com/novemberborn/ignore-by-default/blob/v2.1.0/index.js
+'.git',
+// Git repository files, see <https://git-scm.com/>
+'.log',
+// Log files emitted by tools such as `tsserver`, see <https://github.com/Microsoft/TypeScript/wiki/Standalone-Server-%28tsserver%29>
+'.nyc_output',
+// Temporary directory where nyc stores coverage data, see <https://github.com/bcoe/nyc>
+'.sass-cache',
+// Cache folder for node-sass, see <https://github.com/sass/node-sass>
+'.yarn',
+// Where node modules are installed when using Yarn, see <https://yarnpkg.com/>
+'bower_components',
+// Where Bower packages are installed, see <http://bower.io/>
+'coverage',
+// Standard output directory for code coverage reports, see <https://github.com/gotwarlost/istanbul>
+'node_modules',
+// Where Node modules are installed, see <https://nodejs.org/>
+// Taken from globby:
+// https://github.com/sindresorhus/globby/blob/v14.0.2/ignore.js#L11-L16
+'flow-typed'];
+const ignoredDirPatterns = ignoredDirs.map(i => `**/${i}`);
+function directories() {
+  return [...ignoredDirs];
+}
+function directoryPatterns() {
+  return [...ignoredDirPatterns];
+}
+
+Object.defineProperty(pathResolve, "__esModule", {
+  value: true
+});
+pathResolve.findRoot = findRoot;
+pathResolve.getPackageFiles = getPackageFiles;
+pathResolve.getPackageFilesFullScans = getPackageFilesFullScans;
+pathResolve.mapGlobEntryToFiles = mapGlobEntryToFiles;
+pathResolve.mapGlobResultToFiles = mapGlobResultToFiles;
+var _promises = require$$1;
+var _nodePath = require$$1$1;
+var _globby = vendor.globby;
+var _ignore = require$$5;
+var _arrays = arrays;
+var _ignoreByDefault = ignoreByDefault;
+const BASE_GLOBBY_OPTS = {
+  absolute: true,
+  expandDirectories: false,
+  gitignore: true,
+  ignore: (0, _ignoreByDefault.directoryPatterns)(),
+  markDirectories: true,
+  onlyFiles: true,
+  unique: true
+};
+async function getPackageFiles(cwd, inputPaths, config, supportedFiles, debugLog) {
+  debugLog(`Globbed resolving ${inputPaths.length} paths:`, inputPaths);
+
+  // TODO: Does not support `~/` paths
+  const entries = await (0, _globby.globby)(inputPaths, {
+    ...BASE_GLOBBY_OPTS,
+    cwd,
+    onlyFiles: false
+  });
+  debugLog(`Globbed resolved ${inputPaths.length} paths to ${entries.length} paths:`, entries);
+  const packageFiles = await mapGlobResultToFiles(entries, supportedFiles);
+  debugLog(`Mapped ${entries.length} entries to ${packageFiles.length} files:`, packageFiles);
+  const includedPackageFiles = config?.projectIgnorePaths?.length ? _ignore().add(config.projectIgnorePaths).filter(packageFiles.map(item => _nodePath.relative(cwd, item))).map(item => _nodePath.resolve(cwd, item)) : packageFiles;
+  return includedPackageFiles;
+}
+async function getPackageFilesFullScans(cwd, inputPaths, supportedFiles, debugLog) {
+  debugLog(`Globbed resolving ${inputPaths.length} paths:`, inputPaths);
+
+  // TODO: Does not support `~/` paths
+  const entries = await (0, _globby.globby)(inputPaths, {
+    ...BASE_GLOBBY_OPTS,
+    cwd,
+    onlyFiles: false
+  });
+  debugLog(`Globbed resolved ${inputPaths.length} paths to ${entries.length} paths:`, entries);
+  const packageFiles = await mapGlobResultToFiles(entries, supportedFiles);
+  debugLog(`Mapped ${entries.length} entries to ${packageFiles.length} files:`, packageFiles);
+  return packageFiles;
+}
+async function mapGlobResultToFiles(entries, supportedFiles) {
+  const packageFiles = await Promise.all(entries.map(entry => mapGlobEntryToFiles(entry, supportedFiles)));
+  return (0, _arrays.arrayUnique)(packageFiles.flat());
+}
+async function mapGlobEntryToFiles(entry, supportedFiles) {
+  const jsSupported = supportedFiles['npm'] ?? {};
+  const jsLockFilePatterns = Object.values(jsSupported).map(p => `**/${p.pattern}`);
+  const pyFilePatterns = Object.values(supportedFiles['pypi'] ?? {}).map(p => `**/${p.pattern}`);
+  const goSupported = supportedFiles['golang'] ?? {};
+  const goSupplementalPatterns = Object.values(goSupported).map(p => `**/${p.pattern}`);
+  return await (0, _globby.globby)([...jsLockFilePatterns, ...pyFilePatterns, ...goSupplementalPatterns], {
+    ...BASE_GLOBBY_OPTS,
+    onlyFiles: true,
+    cwd: _nodePath.resolve((await (0, _promises.stat)(entry)).isDirectory() ? entry : _nodePath.dirname(entry))
+  });
+}
+function findRoot(filepath) {
+  let curPath = filepath;
+  while (true) {
+    if (_nodePath.basename(curPath) === 'npm') {
+      return curPath;
+    }
+    const parent = _nodePath.dirname(curPath);
+    if (parent === curPath) {
+      return undefined;
+    }
+    curPath = parent;
+  }
+}
+
+exports.pathResolve = pathResolve;

package/dist/sdk.d.ts

@@ -0,0 +1,27 @@
+import { SocketSdk } from '@socketsecurity/sdk';
+// From the 'log-symbols' module
+declare const logSymbols: {
+    info: string;
+    success: string;
+    warning: string;
+    error: string;
+};
+declare class ChalkOrMarkdown {
+    useMarkdown: boolean;
+    constructor(useMarkdown: boolean);
+    header(text: string, level?: number): string;
+    bold(text: string): string;
+    italic(text: string): string;
+    hyperlink(text: string, url: string | undefined, { fallback, fallbackToUrl }?: {
+        fallback?: boolean;
+        fallbackToUrl?: boolean;
+    }): string;
+    list(items: string[]): string;
+    get logSymbols(): typeof logSymbols;
+    indent(text: string, level?: number): string;
+    json(value: unknown): string;
+}
+declare const FREE_API_KEY = "sktsec_t_--RAN5U4ivauy4w37-6aoKyYPDt5ZbaT5JBVMqiwKo_api";
+declare function getDefaultKey(): string | undefined;
+declare function setupSdk(apiKey?: string | undefined, apiBaseUrl?: string | undefined, proxy?: string | undefined): Promise<SocketSdk>;
+export { logSymbols, ChalkOrMarkdown, FREE_API_KEY, getDefaultKey, setupSdk };

package/dist/sdk.js

@@ -0,0 +1,224 @@
+'use strict';
+
+var vendor = require('./vendor.js');
+var require$$1$1 = require('node:fs/promises');
+var require$$1 = require('node:path');
+var require$$1$2 = require('@inquirer/prompts');
+var require$$4 = require('@socketsecurity/sdk');
+var require$$5 = require('hpagent');
+var require$$0$1 = require('node:fs');
+var require$$0 = require('node:os');
+
+var errors = {};
+
+Object.defineProperty(errors, "__esModule", {
+  value: true
+});
+errors.InputError = errors.AuthError = void 0;
+class AuthError extends Error {}
+errors.AuthError = AuthError;
+class InputError extends Error {
+  constructor(message, body) {
+    super(message);
+    this.body = body;
+  }
+}
+errors.InputError = InputError;
+
+var chalkMarkdown = {};
+
+var _interopRequireDefault$2 = vendor.interopRequireDefault.default;
+Object.defineProperty(chalkMarkdown, "__esModule", {
+  value: true
+});
+chalkMarkdown.logSymbols = chalkMarkdown.ChalkOrMarkdown = void 0;
+var _chalk = _interopRequireDefault$2(vendor.source);
+var _isUnicodeSupported = _interopRequireDefault$2(vendor.isUnicodeSupported);
+var _terminalLink = _interopRequireDefault$2(vendor.terminalLink);
+// From the 'log-symbols' module
+const unicodeLogSymbols = {
+  info: _chalk.default.blue('ℹ'),
+  success: _chalk.default.green('✔'),
+  warning: _chalk.default.yellow('⚠'),
+  error: _chalk.default.red('✖')
+};
+
+// From the 'log-symbols' module
+const fallbackLogSymbols = {
+  info: _chalk.default.blue('i'),
+  success: _chalk.default.green('√'),
+  warning: _chalk.default.yellow('‼'),
+  error: _chalk.default.red('×')
+};
+
+// From the 'log-symbols' module
+const logSymbols = chalkMarkdown.logSymbols = (0, _isUnicodeSupported.default)() ? unicodeLogSymbols : fallbackLogSymbols;
+const markdownLogSymbols = {
+  info: ':information_source:',
+  error: ':stop_sign:',
+  success: ':white_check_mark:',
+  warning: ':warning:'
+};
+class ChalkOrMarkdown {
+  constructor(useMarkdown) {
+    this.useMarkdown = !!useMarkdown;
+  }
+  header(text, level = 1) {
+    return this.useMarkdown ? `\n${''.padStart(level, '#')} ${text}\n` : _chalk.default.underline(`\n${level === 1 ? _chalk.default.bold(text) : text}\n`);
+  }
+  bold(text) {
+    return this.useMarkdown ? `**${text}**` : _chalk.default.bold(`${text}`);
+  }
+  italic(text) {
+    return this.useMarkdown ? `_${text}_` : _chalk.default.italic(`${text}`);
+  }
+  hyperlink(text, url, {
+    fallback = true,
+    fallbackToUrl
+  } = {}) {
+    if (!url) return text;
+    return this.useMarkdown ? `[${text}](${url})` : (0, _terminalLink.default)(text, url, {
+      fallback: fallbackToUrl ? (_text, url) => url : fallback
+    });
+  }
+  list(items) {
+    const indentedContent = items.map(item => this.indent(item).trimStart());
+    return this.useMarkdown ? '* ' + indentedContent.join('\n* ') + '\n' : indentedContent.join('\n') + '\n';
+  }
+  get logSymbols() {
+    return this.useMarkdown ? markdownLogSymbols : logSymbols;
+  }
+  indent(text, level = 1) {
+    const indent = ''.padStart(level * 2, ' ');
+    return indent + text.split('\n').join('\n' + indent);
+  }
+  json(value) {
+    return this.useMarkdown ? '```json\n' + JSON.stringify(value) + '\n```' : JSON.stringify(value);
+  }
+}
+chalkMarkdown.ChalkOrMarkdown = ChalkOrMarkdown;
+
+var sdk = {};
+
+var settings$1 = {};
+
+var _interopRequireDefault$1 = vendor.interopRequireDefault.default;
+var _interopRequireWildcard = vendor.interopRequireWildcard.default;
+Object.defineProperty(settings$1, "__esModule", {
+  value: true
+});
+settings$1.getSetting = getSetting;
+settings$1.updateSetting = updateSetting;
+var _nodeFs = require$$0$1;
+var os = _interopRequireWildcard(require$$0, true);
+var path = _interopRequireWildcard(require$$1, true);
+var _ora = _interopRequireDefault$1(vendor.ora);
+let dataHome = process.platform === 'win32' ? process.env['LOCALAPPDATA'] : process.env['XDG_DATA_HOME'];
+if (!dataHome) {
+  if (process.platform === 'win32') throw new Error('missing %LOCALAPPDATA%');
+  const home = os.homedir();
+  dataHome = path.join(home, ...(process.platform === 'darwin' ? ['Library', 'Application Support'] : ['.local', 'share']));
+}
+const settingsPath = path.join(dataHome, 'socket', 'settings');
+let settings = {};
+if ((0, _nodeFs.existsSync)(settingsPath)) {
+  const raw = (0, _nodeFs.readFileSync)(settingsPath, 'utf-8');
+  try {
+    settings = JSON.parse(Buffer.from(raw, 'base64').toString());
+  } catch {
+    (0, _ora.default)(`Failed to parse settings at ${settingsPath}`).warn();
+  }
+} else {
+  (0, _nodeFs.mkdirSync)(path.dirname(settingsPath), {
+    recursive: true
+  });
+}
+function getSetting(key) {
+  return settings[key];
+}
+let pendingSave = false;
+function updateSetting(key, value) {
+  settings[key] = value;
+  if (!pendingSave) {
+    pendingSave = true;
+    process.nextTick(() => {
+      pendingSave = false;
+      (0, _nodeFs.writeFileSync)(settingsPath, Buffer.from(JSON.stringify(settings)).toString('base64'));
+    });
+  }
+}
+
+var _interopRequireDefault = vendor.interopRequireDefault.default;
+Object.defineProperty(sdk, "__esModule", {
+  value: true
+});
+sdk.FREE_API_KEY = void 0;
+sdk.getDefaultKey = getDefaultKey;
+sdk.setupSdk = setupSdk;
+var _promises = require$$1$1;
+var _nodePath = require$$1;
+var _prompts = require$$1$2;
+var _sdk = require$$4;
+var _hpagent = require$$5;
+var _isInteractive = _interopRequireDefault(vendor.isInteractive);
+var _errors = errors;
+var _settings = settings$1;
+const distPath = __dirname;
+const rootPath = _nodePath.resolve(distPath, '..');
+sdk.FREE_API_KEY = 'sktsec_t_--RAN5U4ivauy4w37-6aoKyYPDt5ZbaT5JBVMqiwKo_api';
+
+// This API key should be stored globally for the duration of the CLI execution
+let defaultKey;
+function getDefaultKey() {
+  defaultKey = process.env['SOCKET_SECURITY_API_KEY'] || (0, _settings.getSetting)('apiKey') || defaultKey;
+  return defaultKey;
+}
+
+// The API server that should be used for operations
+let defaultAPIBaseUrl;
+function getDefaultAPIBaseUrl() {
+  defaultAPIBaseUrl = process.env['SOCKET_SECURITY_API_BASE_URL'] || (0, _settings.getSetting)('apiBaseUrl') || undefined;
+  return defaultAPIBaseUrl;
+}
+
+// The API server that should be used for operations
+let defaultApiProxy;
+function getDefaultHTTPProxy() {
+  defaultApiProxy = process.env['SOCKET_SECURITY_API_PROXY'] || (0, _settings.getSetting)('apiProxy') || undefined;
+  return defaultApiProxy;
+}
+async function setupSdk(apiKey = getDefaultKey(), apiBaseUrl = getDefaultAPIBaseUrl(), proxy = getDefaultHTTPProxy()) {
+  if (typeof apiKey !== 'string' && (0, _isInteractive.default)()) {
+    apiKey = await (0, _prompts.password)({
+      message: 'Enter your Socket.dev API key (not saved, use socket login to persist)'
+    });
+    defaultKey = apiKey;
+  }
+  if (!apiKey) {
+    throw new _errors.AuthError('You need to provide an API key');
+  }
+  let agent;
+  if (proxy) {
+    agent = {
+      http: new _hpagent.HttpProxyAgent({
+        proxy
+      }),
+      https: new _hpagent.HttpsProxyAgent({
+        proxy
+      })
+    };
+  }
+  const packageJsonPath = _nodePath.join(rootPath, 'package.json');
+  const packageJson = await _promises.readFile(packageJsonPath, 'utf8');
+  const sdkOptions = {
+    agent,
+    baseUrl: apiBaseUrl,
+    userAgent: (0, _sdk.createUserAgentFromPkgJson)(JSON.parse(packageJson))
+  };
+  return new _sdk.SocketSdk(apiKey || '', sdkOptions);
+}
+
+exports.chalkMarkdown = chalkMarkdown;
+exports.errors = errors;
+exports.sdk = sdk;
+exports.settings = settings$1;

package/dist/settings.d.ts

@@ -0,0 +1,9 @@
+interface Settings {
+    apiKey?: string | null;
+    enforcedOrgs?: string[] | null;
+    apiBaseUrl?: string | null;
+    apiProxy?: string | null;
+}
+declare function getSetting<Key extends keyof Settings>(key: Key): Settings[Key];
+declare function updateSetting<Key extends keyof Settings>(key: Key, value: Settings[Key]): void;
+export { getSetting, updateSetting };

package/dist/type-helpers.d.ts

@@ -0,0 +1,3 @@
+/// <reference types="node" />
+declare function isErrnoException(value: unknown): value is NodeJS.ErrnoException;
+export { isErrnoException };