@socketsecurity/cli 0.14.103 → 0.14.104

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (25) hide show
  1. package/dist/constants.js +3 -3
  2. package/dist/constants.js.map +1 -1
  3. package/dist/module-sync/arborist-helpers.d.ts +69 -0
  4. package/dist/module-sync/cli.js +1571 -1174
  5. package/dist/module-sync/cli.js.map +1 -1
  6. package/dist/module-sync/index.d.ts +1 -1
  7. package/dist/module-sync/package-environment.d.ts +7 -7
  8. package/dist/module-sync/semver.d.ts +16 -0
  9. package/dist/module-sync/shadow-npm-inject.js +445 -431
  10. package/dist/module-sync/shadow-npm-inject.js.map +1 -1
  11. package/dist/module-sync/shadow-npm-paths.d.ts +23 -2
  12. package/dist/module-sync/shadow-npm-paths.js +135 -76
  13. package/dist/module-sync/shadow-npm-paths.js.map +1 -1
  14. package/dist/module-sync/vendor.js +25199 -25208
  15. package/dist/module-sync/vendor.js.map +1 -1
  16. package/dist/require/cli.js +1571 -1174
  17. package/dist/require/cli.js.map +1 -1
  18. package/dist/require/shadow-npm-inject.js +445 -431
  19. package/dist/require/shadow-npm-inject.js.map +1 -1
  20. package/dist/require/shadow-npm-paths.d.ts +23 -2
  21. package/dist/require/shadow-npm-paths.js +135 -76
  22. package/dist/require/shadow-npm-paths.js.map +1 -1
  23. package/package.json +7 -7
  24. package/dist/module-sync/shared.d.ts +0 -11
  25. package/dist/module-sync/types.d.ts +0 -27
package/dist/module-sync/cli.js CHANGED
@@ -12,7 +12,7 @@ function _socketInterop(e) {
12
12
  }
13
13
 
14
14
  const process$1 = require('node:process')
15
- const require$$0$2 = require('node:url')
15
+ const require$$0$1 = require('node:url')
16
16
  const vendor = require('./vendor.js')
17
17
  const debug = require('@socketsecurity/registry/lib/debug')
18
18
  const logger = require('@socketsecurity/registry/lib/logger')
@@ -26,11 +26,11 @@ const objects = require('@socketsecurity/registry/lib/objects')
26
26
  const path = require('@socketsecurity/registry/lib/path')
27
27
  const regexps = require('@socketsecurity/registry/lib/regexps')
28
28
  const words = require('@socketsecurity/registry/lib/words')
29
- const require$$0 = require('node:fs')
29
+ const fs$1 = require('node:fs')
30
30
  const shadowBin = require('./shadow-bin.js')
31
31
  const prompts = require('@socketsecurity/registry/lib/prompts')
32
32
  const shadowNpmPaths = require('./shadow-npm-paths.js')
33
- const require$$0$1 = require('node:util')
33
+ const require$$0 = require('node:util')
34
34
  const arrays = require('@socketsecurity/registry/lib/arrays')
35
35
  const registry = require('@socketsecurity/registry')
36
36
  const npm = require('@socketsecurity/registry/lib/npm')
@@ -347,7 +347,7 @@ function renderJson(data) {
347
347
  }
348
348
  }
349
349
  function renderMarkdown(data, days, repoSlug) {
350
- return vendor.stripIndents`
350
+ return vendor.html`
351
351
  # Socket Alert Analytics
352
352
 
353
353
  These are the Socket.dev stats are analytics for the ${repoSlug ? `${repoSlug} repo` : 'org'} of the past ${days} days
@@ -387,7 +387,7 @@ ${[
387
387
  ]
388
388
  ]
389
389
  .map(
390
- ([title, table]) => vendor.stripIndents`
390
+ ([title, table]) => vendor.html`
391
391
  ## ${title}
392
392
 
393
393
  ${table}
@@ -900,7 +900,7 @@ function emitBanner(name) {
900
900
  logger.logger.error(getAsciiHeader(name))
901
901
  }
902
902
  function getAsciiHeader(command) {
903
- const cliVersion = '0.14.103:d303e97:f73541fc:pub' // The '@rollup/plugin-replace' will replace "process.env['INLINED_SOCKET_CLI_VERSION_HASH']".
903
+ const cliVersion = '0.14.104:da4a527:c0794558:pub' // The '@rollup/plugin-replace' will replace "process.env['INLINED_SOCKET_CLI_VERSION_HASH']".
904
904
  const nodeVersion = process$1.version
905
905
  const apiToken = shadowNpmInject.getDefaultToken()
906
906
  const shownToken = apiToken ? getLastFiveOfApiToken(apiToken) : 'no'
@@ -923,8 +923,8 @@ function getAsciiHeader(command) {
923
923
  return ` ${body}\n`
924
924
  }
925
925
 
926
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$H } = constants
927
- const config$K = {
926
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$I } = constants
927
+ const config$L = {
928
928
  commandName: 'analytics',
929
929
  description: `Look up analytics data`,
930
930
  hidden: false,
@@ -979,14 +979,14 @@ const config$K = {
979
979
  `
980
980
  }
981
981
  const cmdAnalytics = {
982
- description: config$K.description,
983
- hidden: config$K.hidden,
984
- run: run$K
982
+ description: config$L.description,
983
+ hidden: config$L.hidden,
984
+ run: run$L
985
985
  }
986
- async function run$K(argv, importMeta, { parentName }) {
986
+ async function run$L(argv, importMeta, { parentName }) {
987
987
  const cli = meowOrExit({
988
988
  argv,
989
- config: config$K,
989
+ config: config$L,
990
990
  importMeta,
991
991
  parentName
992
992
  })
@@ -1041,7 +1041,7 @@ async function run$K(argv, importMeta, { parentName }) {
1041
1041
  return
1042
1042
  }
1043
1043
  if (cli.flags['dryRun']) {
1044
- logger.logger.log(DRY_RUN_BAIL_TEXT$H)
1044
+ logger.logger.log(DRY_RUN_BAIL_TEXT$I)
1045
1045
  return
1046
1046
  }
1047
1047
  assert(assertScope(scope))
@@ -1216,8 +1216,8 @@ async function handleAuditLog({ logType, orgSlug, outputKind, page, perPage }) {
1216
1216
  })
1217
1217
  }
1218
1218
 
1219
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$G } = constants
1220
- const config$J = {
1219
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$H } = constants
1220
+ const config$K = {
1221
1221
  commandName: 'audit-log',
1222
1222
  description: 'Look up the audit log for an organization',
1223
1223
  hidden: false,
@@ -1262,14 +1262,14 @@ const config$J = {
1262
1262
  `
1263
1263
  }
1264
1264
  const cmdAuditLog = {
1265
- description: config$J.description,
1266
- hidden: config$J.hidden,
1267
- run: run$J
1265
+ description: config$K.description,
1266
+ hidden: config$K.hidden,
1267
+ run: run$K
1268
1268
  }
1269
- async function run$J(argv, importMeta, { parentName }) {
1269
+ async function run$K(argv, importMeta, { parentName }) {
1270
1270
  const cli = meowOrExit({
1271
1271
  argv,
1272
- config: config$J,
1272
+ config: config$K,
1273
1273
  importMeta,
1274
1274
  parentName
1275
1275
  })
@@ -1306,7 +1306,7 @@ async function run$J(argv, importMeta, { parentName }) {
1306
1306
  return
1307
1307
  }
1308
1308
  if (cli.flags['dryRun']) {
1309
- logger.logger.log(DRY_RUN_BAIL_TEXT$G)
1309
+ logger.logger.log(DRY_RUN_BAIL_TEXT$H)
1310
1310
  return
1311
1311
  }
1312
1312
  await handleAuditLog({
@@ -1322,7 +1322,7 @@ const {
1322
1322
  NPM: NPM$g,
1323
1323
  NPX: NPX$3,
1324
1324
  PACKAGE_LOCK_JSON,
1325
- PNPM: PNPM$b,
1325
+ PNPM: PNPM$a,
1326
1326
  YARN: YARN$1,
1327
1327
  YARN_LOCK
1328
1328
  } = constants
@@ -1331,7 +1331,7 @@ const nodejsPlatformTypes = new Set([
1331
1331
  'js',
1332
1332
  'nodejs',
1333
1333
  NPM$g,
1334
- PNPM$b,
1334
+ PNPM$a,
1335
1335
  'ts',
1336
1336
  'tsx',
1337
1337
  'typescript'
@@ -1346,9 +1346,9 @@ async function runCycloneDX(yargvWithYes) {
1346
1346
  if (
1347
1347
  yargv.type !== YARN$1 &&
1348
1348
  nodejsPlatformTypes.has(yargv.type) &&
1349
- require$$0.existsSync(`./${YARN_LOCK}`)
1349
+ fs$1.existsSync(`./${YARN_LOCK}`)
1350
1350
  ) {
1351
- if (require$$0.existsSync(`./${PACKAGE_LOCK_JSON}`)) {
1351
+ if (fs$1.existsSync(`./${PACKAGE_LOCK_JSON}`)) {
1352
1352
  yargv.type = NPM$g
1353
1353
  } else {
1354
1354
  // Use synp to create a package-lock.json from the yarn.lock,
@@ -1369,16 +1369,16 @@ async function runCycloneDX(yargvWithYes) {
1369
1369
  await shadowBin(NPX$3, [
1370
1370
  ...yesArgs,
1371
1371
  // The '@rollup/plugin-replace' will replace "process.env['INLINED_CYCLONEDX_CDXGEN_VERSION']".
1372
- `@cyclonedx/cdxgen@${'11.2.3'}`,
1372
+ `@cyclonedx/cdxgen@${'11.2.4'}`,
1373
1373
  ...argvToArray(yargv)
1374
1374
  ])
1375
1375
  if (cleanupPackageLock) {
1376
1376
  try {
1377
- await require$$0.promises.rm(`./${PACKAGE_LOCK_JSON}`)
1377
+ await fs$1.promises.rm(`./${PACKAGE_LOCK_JSON}`)
1378
1378
  } catch {}
1379
1379
  }
1380
1380
  const fullOutputPath = path$1.join(process$1.cwd(), yargv.output)
1381
- if (require$$0.existsSync(fullOutputPath)) {
1381
+ if (fs$1.existsSync(fullOutputPath)) {
1382
1382
  logger.logger.log(
1383
1383
  vendor.yoctocolorsCjsExports.cyanBright(`${yargv.output} created!`)
1384
1384
  )
@@ -1436,7 +1436,7 @@ function isHelpFlag(cmdArg) {
1436
1436
  }
1437
1437
 
1438
1438
  // import { meowOrExit } from '../../utils/meow-with-subcommands'
1439
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$F } = constants
1439
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$G } = constants
1440
1440
 
1441
1441
  // TODO: convert yargs to meow. Or convert all the other things to yargs.
1442
1442
  const toLower = arg => arg.toLowerCase()
@@ -1552,7 +1552,7 @@ const yargsConfig = {
1552
1552
  'spec-version'
1553
1553
  ]
1554
1554
  }
1555
- const config$I = {
1555
+ const config$J = {
1556
1556
  commandName: 'cdxgen',
1557
1557
  description: 'Create an SBOM with CycloneDX generator (cdxgen)',
1558
1558
  hidden: false,
@@ -1568,16 +1568,16 @@ const config$I = {
1568
1568
  `
1569
1569
  }
1570
1570
  const cmdCdxgen = {
1571
- description: config$I.description,
1572
- hidden: config$I.hidden,
1573
- run: run$I
1571
+ description: config$J.description,
1572
+ hidden: config$J.hidden,
1573
+ run: run$J
1574
1574
  }
1575
- async function run$I(argv, importMeta, { parentName }) {
1575
+ async function run$J(argv, importMeta, { parentName }) {
1576
1576
  const cli = meowOrExit({
1577
1577
  allowUnknownFlags: true,
1578
1578
  // Don't let meow take over --help.
1579
1579
  argv: argv.filter(a => !isHelpFlag(a)),
1580
- config: config$I,
1580
+ config: config$J,
1581
1581
  importMeta,
1582
1582
  parentName
1583
1583
  })
@@ -1599,7 +1599,7 @@ async function run$I(argv, importMeta, { parentName }) {
1599
1599
  return
1600
1600
  }
1601
1601
  if (cli.flags['dryRun']) {
1602
- logger.logger.log(DRY_RUN_BAIL_TEXT$F)
1602
+ logger.logger.log(DRY_RUN_BAIL_TEXT$G)
1603
1603
  return
1604
1604
  }
1605
1605
  if (yargv.output === undefined) {
@@ -2447,8 +2447,8 @@ async function handleCI() {
2447
2447
  })
2448
2448
  }
2449
2449
 
2450
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$E } = constants
2451
- const config$H = {
2450
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$F } = constants
2451
+ const config$I = {
2452
2452
  commandName: 'ci',
2453
2453
  description:
2454
2454
  'Create a new scan and report whether it passes your security policy',
@@ -2468,19 +2468,19 @@ const config$H = {
2468
2468
  `
2469
2469
  }
2470
2470
  const cmdCI = {
2471
- description: config$H.description,
2472
- hidden: config$H.hidden,
2473
- run: run$H
2471
+ description: config$I.description,
2472
+ hidden: config$I.hidden,
2473
+ run: run$I
2474
2474
  }
2475
- async function run$H(argv, importMeta, { parentName }) {
2475
+ async function run$I(argv, importMeta, { parentName }) {
2476
2476
  const cli = meowOrExit({
2477
2477
  argv,
2478
- config: config$H,
2478
+ config: config$I,
2479
2479
  importMeta,
2480
2480
  parentName
2481
2481
  })
2482
2482
  if (cli.flags['dryRun']) {
2483
- logger.logger.log(DRY_RUN_BAIL_TEXT$E)
2483
+ logger.logger.log(DRY_RUN_BAIL_TEXT$F)
2484
2484
  return
2485
2485
  }
2486
2486
  await handleCI()
@@ -2727,8 +2727,8 @@ async function handleConfigAuto({ key, outputKind }) {
2727
2727
  await outputConfigAuto(key, result, outputKind)
2728
2728
  }
2729
2729
 
2730
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$D } = constants
2731
- const config$G = {
2730
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$E } = constants
2731
+ const config$H = {
2732
2732
  commandName: 'auto',
2733
2733
  description: 'Automatically discover and set the correct value config item',
2734
2734
  hidden: false,
@@ -2759,14 +2759,14 @@ ${Array.from(shadowNpmInject.supportedConfigKeys.entries())
2759
2759
  `
2760
2760
  }
2761
2761
  const cmdConfigAuto = {
2762
- description: config$G.description,
2763
- hidden: config$G.hidden,
2764
- run: run$G
2762
+ description: config$H.description,
2763
+ hidden: config$H.hidden,
2764
+ run: run$H
2765
2765
  }
2766
- async function run$G(argv, importMeta, { parentName }) {
2766
+ async function run$H(argv, importMeta, { parentName }) {
2767
2767
  const cli = meowOrExit({
2768
2768
  argv,
2769
- config: config$G,
2769
+ config: config$H,
2770
2770
  importMeta,
2771
2771
  parentName
2772
2772
  })
@@ -2792,7 +2792,7 @@ async function run$G(argv, importMeta, { parentName }) {
2792
2792
  return
2793
2793
  }
2794
2794
  if (cli.flags['dryRun']) {
2795
- logger.logger.log(DRY_RUN_BAIL_TEXT$D)
2795
+ logger.logger.log(DRY_RUN_BAIL_TEXT$E)
2796
2796
  return
2797
2797
  }
2798
2798
  await handleConfigAuto({
@@ -2846,8 +2846,8 @@ async function handleConfigGet({ key, outputKind }) {
2846
2846
  await outputConfigGet(key, value, readOnly, outputKind)
2847
2847
  }
2848
2848
 
2849
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$C } = constants
2850
- const config$F = {
2849
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$D } = constants
2850
+ const config$G = {
2851
2851
  commandName: 'get',
2852
2852
  description: 'Get the value of a local CLI config item',
2853
2853
  hidden: false,
@@ -2873,14 +2873,14 @@ ${Array.from(shadowNpmInject.supportedConfigKeys.entries())
2873
2873
  `
2874
2874
  }
2875
2875
  const cmdConfigGet = {
2876
- description: config$F.description,
2877
- hidden: config$F.hidden,
2878
- run: run$F
2876
+ description: config$G.description,
2877
+ hidden: config$G.hidden,
2878
+ run: run$G
2879
2879
  }
2880
- async function run$F(argv, importMeta, { parentName }) {
2880
+ async function run$G(argv, importMeta, { parentName }) {
2881
2881
  const cli = meowOrExit({
2882
2882
  argv,
2883
- config: config$F,
2883
+ config: config$G,
2884
2884
  importMeta,
2885
2885
  parentName
2886
2886
  })
@@ -2906,7 +2906,7 @@ async function run$F(argv, importMeta, { parentName }) {
2906
2906
  return
2907
2907
  }
2908
2908
  if (cli.flags['dryRun']) {
2909
- logger.logger.log(DRY_RUN_BAIL_TEXT$C)
2909
+ logger.logger.log(DRY_RUN_BAIL_TEXT$D)
2910
2910
  return
2911
2911
  }
2912
2912
  await handleConfigGet({
@@ -2968,8 +2968,8 @@ async function outputConfigList({ full, outputKind }) {
2968
2968
  }
2969
2969
  }
2970
2970
 
2971
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$B } = constants
2972
- const config$E = {
2971
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$C } = constants
2972
+ const config$F = {
2973
2973
  commandName: 'list',
2974
2974
  description: 'Show all local CLI config items and their values',
2975
2975
  hidden: false,
@@ -3000,14 +3000,14 @@ ${Array.from(shadowNpmInject.supportedConfigKeys.entries())
3000
3000
  `
3001
3001
  }
3002
3002
  const cmdConfigList = {
3003
- description: config$E.description,
3004
- hidden: config$E.hidden,
3005
- run: run$E
3003
+ description: config$F.description,
3004
+ hidden: config$F.hidden,
3005
+ run: run$F
3006
3006
  }
3007
- async function run$E(argv, importMeta, { parentName }) {
3007
+ async function run$F(argv, importMeta, { parentName }) {
3008
3008
  const cli = meowOrExit({
3009
3009
  argv,
3010
- config: config$E,
3010
+ config: config$F,
3011
3011
  importMeta,
3012
3012
  parentName
3013
3013
  })
@@ -3024,7 +3024,7 @@ async function run$E(argv, importMeta, { parentName }) {
3024
3024
  return
3025
3025
  }
3026
3026
  if (cli.flags['dryRun']) {
3027
- logger.logger.log(DRY_RUN_BAIL_TEXT$B)
3027
+ logger.logger.log(DRY_RUN_BAIL_TEXT$C)
3028
3028
  return
3029
3029
  }
3030
3030
  await outputConfigList({
@@ -3069,8 +3069,8 @@ async function handleConfigSet({ key, outputKind, value }) {
3069
3069
  await outputConfigSet(key, value, readOnly, outputKind)
3070
3070
  }
3071
3071
 
3072
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$A } = constants
3073
- const config$D = {
3072
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$B } = constants
3073
+ const config$E = {
3074
3074
  commandName: 'set',
3075
3075
  description: 'Update the value of a local CLI config item',
3076
3076
  hidden: false,
@@ -3101,14 +3101,14 @@ ${Array.from(shadowNpmInject.supportedConfigKeys.entries())
3101
3101
  `
3102
3102
  }
3103
3103
  const cmdConfigSet = {
3104
- description: config$D.description,
3105
- hidden: config$D.hidden,
3106
- run: run$D
3104
+ description: config$E.description,
3105
+ hidden: config$E.hidden,
3106
+ run: run$E
3107
3107
  }
3108
- async function run$D(argv, importMeta, { parentName }) {
3108
+ async function run$E(argv, importMeta, { parentName }) {
3109
3109
  const cli = meowOrExit({
3110
3110
  argv,
3111
- config: config$D,
3111
+ config: config$E,
3112
3112
  importMeta,
3113
3113
  parentName
3114
3114
  })
@@ -3143,7 +3143,7 @@ async function run$D(argv, importMeta, { parentName }) {
3143
3143
  return
3144
3144
  }
3145
3145
  if (cli.flags['dryRun']) {
3146
- logger.logger.log(DRY_RUN_BAIL_TEXT$A)
3146
+ logger.logger.log(DRY_RUN_BAIL_TEXT$B)
3147
3147
  return
3148
3148
  }
3149
3149
  await handleConfigSet({
@@ -3175,8 +3175,8 @@ async function handleConfigUnset({ key, outputKind }) {
3175
3175
  await outputConfigUnset(key, outputKind)
3176
3176
  }
3177
3177
 
3178
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$z } = constants
3179
- const config$C = {
3178
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$A } = constants
3179
+ const config$D = {
3180
3180
  commandName: 'unset',
3181
3181
  description: 'Clear the value of a local CLI config item',
3182
3182
  hidden: false,
@@ -3202,14 +3202,14 @@ ${Array.from(shadowNpmInject.supportedConfigKeys.entries())
3202
3202
  `
3203
3203
  }
3204
3204
  const cmdConfigUnset = {
3205
- description: config$C.description,
3206
- hidden: config$C.hidden,
3207
- run: run$C
3205
+ description: config$D.description,
3206
+ hidden: config$D.hidden,
3207
+ run: run$D
3208
3208
  }
3209
- async function run$C(argv, importMeta, { parentName }) {
3209
+ async function run$D(argv, importMeta, { parentName }) {
3210
3210
  const cli = meowOrExit({
3211
3211
  argv,
3212
- config: config$C,
3212
+ config: config$D,
3213
3213
  importMeta,
3214
3214
  parentName
3215
3215
  })
@@ -3235,7 +3235,7 @@ async function run$C(argv, importMeta, { parentName }) {
3235
3235
  return
3236
3236
  }
3237
3237
  if (cli.flags['dryRun']) {
3238
- logger.logger.log(DRY_RUN_BAIL_TEXT$z)
3238
+ logger.logger.log(DRY_RUN_BAIL_TEXT$A)
3239
3239
  return
3240
3240
  }
3241
3241
  await handleConfigUnset({
@@ -3362,8 +3362,8 @@ async function handleDependencies({ limit, offset, outputKind }) {
3362
3362
  })
3363
3363
  }
3364
3364
 
3365
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$y } = constants
3366
- const config$B = {
3365
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$z } = constants
3366
+ const config$C = {
3367
3367
  commandName: 'dependencies',
3368
3368
  description:
3369
3369
  'Search for any dependency that is being used in your organization',
@@ -3400,14 +3400,14 @@ const config$B = {
3400
3400
  `
3401
3401
  }
3402
3402
  const cmdScanCreate$1 = {
3403
- description: config$B.description,
3404
- hidden: config$B.hidden,
3405
- run: run$B
3403
+ description: config$C.description,
3404
+ hidden: config$C.hidden,
3405
+ run: run$C
3406
3406
  }
3407
- async function run$B(argv, importMeta, { parentName }) {
3407
+ async function run$C(argv, importMeta, { parentName }) {
3408
3408
  const cli = meowOrExit({
3409
3409
  argv,
3410
- config: config$B,
3410
+ config: config$C,
3411
3411
  importMeta,
3412
3412
  parentName
3413
3413
  })
@@ -3435,7 +3435,7 @@ async function run$B(argv, importMeta, { parentName }) {
3435
3435
  return
3436
3436
  }
3437
3437
  if (cli.flags['dryRun']) {
3438
- logger.logger.log(DRY_RUN_BAIL_TEXT$y)
3438
+ logger.logger.log(DRY_RUN_BAIL_TEXT$z)
3439
3439
  return
3440
3440
  }
3441
3441
  await handleDependencies({
@@ -3445,7 +3445,7 @@ async function run$B(argv, importMeta, { parentName }) {
3445
3445
  })
3446
3446
  }
3447
3447
 
3448
- async function fetchDiffScan({ after, before, orgSlug }) {
3448
+ async function fetchDiffScan$1({ after, before, orgSlug }) {
3449
3449
  const apiToken = shadowNpmInject.getDefaultToken()
3450
3450
 
3451
3451
  // Lazily access constants.spinner.
@@ -3468,7 +3468,7 @@ async function fetchDiffScan({ after, before, orgSlug }) {
3468
3468
  return result
3469
3469
  }
3470
3470
 
3471
- async function outputDiffScan(result, { depth, file, outputKind }) {
3471
+ async function outputDiffScan$1(result, { depth, file, outputKind }) {
3472
3472
  const dashboardUrl = result.diff_report_url
3473
3473
  const dashboardMessage = dashboardUrl
3474
3474
  ? `\n View this diff scan in the Socket dashboard: ${vendor.yoctocolorsCjsExports.cyan(dashboardUrl)}`
@@ -3490,7 +3490,7 @@ async function outputDiffScan(result, { depth, file, outputKind }) {
3490
3490
  }
3491
3491
  if (file && file !== '-') {
3492
3492
  logger.logger.log(`Writing json to \`${file}\``)
3493
- require$$0.writeFile(file, JSON.stringify(result, null, 2), err => {
3493
+ fs$1.writeFile(file, JSON.stringify(result, null, 2), err => {
3494
3494
  if (err) {
3495
3495
  logger.logger.fail(`Writing to \`${file}\` failed...`)
3496
3496
  logger.logger.error(err)
@@ -3513,7 +3513,7 @@ async function outputDiffScan(result, { depth, file, outputKind }) {
3513
3513
 
3514
3514
  logger.logger.log('Diff scan result:')
3515
3515
  logger.logger.log(
3516
- require$$0$1.inspect(result, {
3516
+ require$$0.inspect(result, {
3517
3517
  showHidden: false,
3518
3518
  depth: depth > 0 ? depth : null,
3519
3519
  colors: true,
@@ -3526,7 +3526,7 @@ async function outputDiffScan(result, { depth, file, outputKind }) {
3526
3526
  logger.logger.log(dashboardMessage)
3527
3527
  }
3528
3528
 
3529
- async function handleDiffScan({
3529
+ async function handleDiffScan$1({
3530
3530
  after,
3531
3531
  before,
3532
3532
  depth,
@@ -3534,7 +3534,7 @@ async function handleDiffScan({
3534
3534
  orgSlug,
3535
3535
  outputKind
3536
3536
  }) {
3537
- const data = await fetchDiffScan({
3537
+ const data = await fetchDiffScan$1({
3538
3538
  after,
3539
3539
  before,
3540
3540
  orgSlug
@@ -3542,15 +3542,15 @@ async function handleDiffScan({
3542
3542
  if (!data) {
3543
3543
  return
3544
3544
  }
3545
- await outputDiffScan(data, {
3545
+ await outputDiffScan$1(data, {
3546
3546
  depth,
3547
3547
  file,
3548
3548
  outputKind
3549
3549
  })
3550
3550
  }
3551
3551
 
3552
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$x } = constants
3553
- const config$A = {
3552
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$y } = constants
3553
+ const config$B = {
3554
3554
  commandName: 'get',
3555
3555
  description: 'Get a diff scan for an organization',
3556
3556
  hidden: false,
@@ -3609,14 +3609,14 @@ const config$A = {
3609
3609
  `
3610
3610
  }
3611
3611
  const cmdDiffScanGet = {
3612
- description: config$A.description,
3613
- hidden: config$A.hidden,
3614
- run: run$A
3612
+ description: config$B.description,
3613
+ hidden: config$B.hidden,
3614
+ run: run$B
3615
3615
  }
3616
- async function run$A(argv, importMeta, { parentName }) {
3616
+ async function run$B(argv, importMeta, { parentName }) {
3617
3617
  const cli = meowOrExit({
3618
3618
  argv,
3619
- config: config$A,
3619
+ config: config$B,
3620
3620
  importMeta,
3621
3621
  parentName
3622
3622
  })
@@ -3664,11 +3664,14 @@ async function run$A(argv, importMeta, { parentName }) {
3664
3664
  if (wasBadInput) {
3665
3665
  return
3666
3666
  }
3667
+ logger.logger.fail(
3668
+ 'Warning: this command is deprecated in favor of `socket scan diff` and will be removed in the next major bump.'
3669
+ )
3667
3670
  if (cli.flags['dryRun']) {
3668
- logger.logger.log(DRY_RUN_BAIL_TEXT$x)
3671
+ logger.logger.log(DRY_RUN_BAIL_TEXT$y)
3669
3672
  return
3670
3673
  }
3671
- await handleDiffScan({
3674
+ await handleDiffScan$1({
3672
3675
  before: String(before || ''),
3673
3676
  after: String(after || ''),
3674
3677
  depth: Number(depth),
@@ -3717,28 +3720,34 @@ function getBaseGitBranch() {
3717
3720
  'main'
3718
3721
  )
3719
3722
  }
3720
- function getSocketBranchName(purl, toVersion) {
3723
+ function getSocketBranchName(purl, newVersion, workspaceName) {
3721
3724
  const purlObj = packageurlJs.PackageURL.fromString(purl)
3722
- const namespace = formatBranchName(purlObj.namespace ?? '')
3723
- const name = formatBranchName(purlObj.name)
3724
- const version = formatBranchName(toVersion)
3725
- const fullName = `${namespace ? `${namespace}-` : ''}${name}`
3726
- return `socket-fix-${fullName}-${version}`
3725
+ const maybeWorkspaceName = workspaceName
3726
+ ? `${formatBranchName(workspaceName)}-`
3727
+ : ''
3728
+ const maybeNamespace = purlObj.namespace
3729
+ ? `${formatBranchName(purlObj.namespace)}-`
3730
+ : ''
3731
+ const fullName = `${maybeWorkspaceName}${maybeNamespace}${formatBranchName(purlObj.name)}`
3732
+ return `socket-fix-${fullName}-${formatBranchName(newVersion)}`
3727
3733
  }
3728
- function getSocketPullRequestTitle(purl, toVersion) {
3734
+ function getSocketPullRequestTitle(purl, newVersion, workspaceName) {
3729
3735
  const purlObj = packageurlJs.PackageURL.fromString(purl)
3730
3736
  const pkgName = getPkgNameFromPurlObj(purlObj)
3731
- return `Bump ${pkgName} from ${purlObj.version} to ${toVersion}`
3737
+ const workspaceDetails = workspaceName ? ` in ${workspaceName}` : ''
3738
+ return `Bump ${pkgName} from ${purlObj.version} to ${newVersion}${workspaceDetails}`
3732
3739
  }
3733
- function getSocketPullRequestBody(purl, toVersion) {
3740
+ function getSocketPullRequestBody(purl, newVersion, workspaceName) {
3734
3741
  const purlObj = packageurlJs.PackageURL.fromString(purl)
3735
3742
  const pkgName = getPkgNameFromPurlObj(purlObj)
3736
- return `Bumps [${pkgName}](https://socket.dev/${purlObj.type}/package/${pkgName}) from ${purlObj.version} to ${toVersion}.`
3743
+ const workspaceDetails = workspaceName ? ` in ${workspaceName}` : ''
3744
+ return `Bumps [${pkgName}](https://socket.dev/${purlObj.type}/package/${pkgName}) from ${purlObj.version} to ${newVersion}${workspaceDetails}.`
3737
3745
  }
3738
- function getSocketCommitMessage(purl, toVersion) {
3746
+ function getSocketCommitMessage(purl, newVersion, workspaceName) {
3739
3747
  const purlObj = packageurlJs.PackageURL.fromString(purl)
3740
3748
  const pkgName = getPkgNameFromPurlObj(purlObj)
3741
- return `socket: Bump ${pkgName} from ${purlObj.version} to ${toVersion}`
3749
+ const workspaceDetails = workspaceName ? ` in ${workspaceName}` : ''
3750
+ return `socket: Bump ${pkgName} from ${purlObj.version} to ${newVersion}${workspaceDetails}`
3742
3751
  }
3743
3752
  async function gitBranchExists(branch, cwd = process.cwd()) {
3744
3753
  try {
@@ -3854,7 +3863,7 @@ async function enableAutoMerge({ node_id: prId, number: prNumber }) {
3854
3863
  const octokitGraphql = getOctokitGraphql()
3855
3864
  try {
3856
3865
  await octokitGraphql(
3857
- `
3866
+ vendor.html`
3858
3867
  mutation EnableAutoMerge($pullRequestId: ID!) {
3859
3868
  enablePullRequestAutoMerge(input: {
3860
3869
  pullRequestId: $pullRequestId,
@@ -3878,7 +3887,9 @@ async function enableAutoMerge({ node_id: prId, number: prNumber }) {
3878
3887
  } catch (e) {
3879
3888
  let message = `Failed to enable auto-merge for PR #${prNumber}`
3880
3889
  if (e instanceof vendor.GraphqlResponseError && e.errors) {
3881
- const details = e.errors.map(({ message }) => ` - ${message}`).join('\n')
3890
+ const details = e.errors
3891
+ .map(({ message }) => ` - ${message.trim()}`)
3892
+ .join('\n')
3882
3893
  message += `:\n${details}`
3883
3894
  }
3884
3895
  logger.logger.error(message)
@@ -3903,9 +3914,13 @@ async function openGitHubPullRequest(
3903
3914
  baseBranch,
3904
3915
  branch,
3905
3916
  purl,
3906
- toVersion,
3907
- cwd = process.cwd()
3917
+ newVersion,
3918
+ options
3908
3919
  ) {
3920
+ const { cwd = process.cwd(), workspaceName } = {
3921
+ __proto__: null,
3922
+ ...options
3923
+ }
3909
3924
  // Lazily access constants.ENV[GITHUB_ACTIONS].
3910
3925
  if (constants.ENV[GITHUB_ACTIONS]) {
3911
3926
  // Lazily access constants.ENV[SOCKET_SECURITY_GITHUB_PAT].
@@ -3922,10 +3937,10 @@ async function openGitHubPullRequest(
3922
3937
  return await octokit.pulls.create({
3923
3938
  owner,
3924
3939
  repo,
3925
- title: getSocketPullRequestTitle(purl, toVersion),
3940
+ title: getSocketPullRequestTitle(purl, newVersion, workspaceName),
3926
3941
  head: branch,
3927
3942
  base: baseBranch,
3928
- body: getSocketPullRequestBody(purl, toVersion)
3943
+ body: getSocketPullRequestBody(purl, newVersion, workspaceName)
3929
3944
  })
3930
3945
  } catch (e) {
3931
3946
  let message = `Failed to open pull request`
@@ -3935,7 +3950,7 @@ async function openGitHubPullRequest(
3935
3950
  const details = restErrors
3936
3951
  .map(
3937
3952
  restErr =>
3938
- `- ${restErr.message ?? `${restErr.resource}.${restErr.field} (${restErr.code})`}`
3953
+ `- ${restErr.message?.trim() ?? `${restErr.resource}.${restErr.field} (${restErr.code})`}`
3939
3954
  )
3940
3955
  .join('\n')
3941
3956
  message += `:\n${details}`
@@ -3961,17 +3976,17 @@ async function install$1(idealTree, options) {
3961
3976
  await arb2.reify()
3962
3977
  }
3963
3978
  async function npmFix(
3964
- _pkgEnvDetails,
3965
- { autoMerge, cwd, rangeStyle, spinner, test, testScript }
3979
+ pkgEnvDetails,
3980
+ { autoMerge, cwd, purls, rangeStyle, spinner, test, testScript }
3966
3981
  ) {
3967
3982
  spinner?.start()
3968
3983
  const arb = new shadowNpmInject.SafeArborist({
3969
- path: cwd,
3984
+ path: pkgEnvDetails.pkgPath,
3970
3985
  ...shadowNpmInject.SAFE_ARBORIST_REIFY_OPTIONS_OVERRIDES
3971
3986
  })
3972
3987
  // Calling arb.reify() creates the arb.diff object and nulls-out arb.idealTree.
3973
3988
  await arb.reify()
3974
- const alertsMap = await shadowNpmInject.getAlertsMapFromArborist(arb, {
3989
+ const alertMapOptions = {
3975
3990
  consolidate: true,
3976
3991
  include: {
3977
3992
  existing: true,
@@ -3979,18 +3994,27 @@ async function npmFix(
3979
3994
  upgradable: false
3980
3995
  },
3981
3996
  nothrow: true
3982
- })
3997
+ }
3998
+ const alertsMap = purls.length
3999
+ ? await shadowNpmInject.getAlertsMapFromPurls(purls, alertMapOptions)
4000
+ : await shadowNpmInject.getAlertsMapFromArborist(arb, alertMapOptions)
3983
4001
  const infoByPkg = shadowNpmInject.getCveInfoByAlertsMap(alertsMap)
3984
4002
  if (!infoByPkg) {
3985
4003
  spinner?.stop()
3986
4004
  return
3987
4005
  }
3988
- const editablePkgJson = await packages.readPackageJson(cwd, {
3989
- editable: true
3990
- })
4006
+
3991
4007
  // Lazily access constants.ENV[CI].
3992
4008
  const isCi = constants.ENV[CI$1]
3993
- const isRepo = await isInGitRepo(cwd)
4009
+ const { pkgPath: rootPath } = pkgEnvDetails
4010
+ const { 0: isRepo, 1: workspacePkgJsonPaths } = await Promise.all([
4011
+ isInGitRepo(cwd),
4012
+ shadowNpmPaths.globWorkspace(pkgEnvDetails)
4013
+ ])
4014
+ const pkgJsonPaths = [
4015
+ pkgEnvDetails.editablePkgJson.filename,
4016
+ ...workspacePkgJsonPaths
4017
+ ]
3994
4018
  await arb.buildIdealTree()
3995
4019
  for (const { 0: name, 1: infos } of infoByPkg) {
3996
4020
  const hasUpgrade = !!registry.getManifestData(NPM$f, name)
@@ -3998,25 +4022,26 @@ async function npmFix(
3998
4022
  spinner?.info(`Skipping ${name}. Socket Optimize package exists.`)
3999
4023
  continue
4000
4024
  }
4001
- const specs = arrays.arrayUnique(
4002
- shadowNpmInject
4003
- .findPackageNodes(arb.idealTree, name)
4004
- .map(n => `${n.name}@${n.version}`)
4025
+ const oldVersions = arrays.arrayUnique(
4026
+ shadowNpmInject.findPackageNodes(arb.idealTree, name).map(n => n.version)
4005
4027
  )
4006
4028
  const packument =
4007
- specs.length && infos.length
4029
+ oldVersions.length && infos.length
4008
4030
  ? // eslint-disable-next-line no-await-in-loop
4009
4031
  await packages.fetchPackagePackument(name)
4010
4032
  : null
4011
4033
  if (!packument) {
4012
4034
  continue
4013
4035
  }
4014
- for (const spec of specs) {
4015
- const lastAtSignIndex = spec.lastIndexOf('@')
4016
- const name = spec.slice(0, lastAtSignIndex)
4017
- const fromVersion = spec.slice(lastAtSignIndex + 1)
4018
- const fromSpec = `${name}@${fromVersion}`
4019
- const fromPurl = `pkg:npm/${fromSpec}`
4036
+ const failedSpecs = new Set()
4037
+ const fixedSpecs = new Set()
4038
+ const installedSpecs = new Set()
4039
+ const testedSpecs = new Set()
4040
+ const unavailableSpecs = new Set()
4041
+ const revertedSpecs = new Set()
4042
+ for (const oldVersion of oldVersions) {
4043
+ const oldSpec = `${name}@${oldVersion}`
4044
+ const oldPurl = `pkg:npm/${oldSpec}`
4020
4045
  for (const {
4021
4046
  firstPatchedVersionIdentifier,
4022
4047
  vulnerableVersionRange
@@ -4028,7 +4053,7 @@ async function npmFix(
4028
4053
  const node = shadowNpmInject.findPackageNode(
4029
4054
  arb.idealTree,
4030
4055
  name,
4031
- fromVersion
4056
+ oldVersion
4032
4057
  )
4033
4058
  if (!node) {
4034
4059
  continue
@@ -4036,130 +4061,170 @@ async function npmFix(
4036
4061
  if (
4037
4062
  !shadowNpmInject.updateNode(node, packument, vulnerableVersionRange)
4038
4063
  ) {
4039
- spinner?.fail(`Could not patch ${fromSpec}`)
4064
+ if (!unavailableSpecs.has(oldSpec)) {
4065
+ unavailableSpecs.add(oldSpec)
4066
+ spinner?.fail(`No update available for ${oldSpec}`)
4067
+ }
4040
4068
  continue
4041
4069
  }
4042
- const toVersion = node.package.version
4043
- const toVersionRange = shadowNpmInject.applyRange(
4044
- fromVersion,
4045
- toVersion,
4046
- rangeStyle
4047
- )
4048
- const toSpec = `${name}@${toVersionRange}`
4049
- const branch = isCi ? getSocketBranchName(fromPurl, toVersion) : ''
4050
- const { owner, repo } = isCi
4051
- ? getGitHubEnvRepoInfo()
4052
- : {
4053
- owner: '',
4054
- repo: ''
4055
- }
4056
- const shouldOpenPr = isCi
4057
- ? // eslint-disable-next-line no-await-in-loop
4058
- !(await doesPullRequestExistForBranch(owner, repo, branch))
4059
- : false
4060
- const revertData = {
4061
- ...(editablePkgJson.content.dependencies
4062
- ? {
4063
- dependencies: editablePkgJson.content.dependencies
4064
- }
4065
- : undefined),
4066
- ...(editablePkgJson.content.optionalDependencies
4067
- ? {
4068
- optionalDependencies:
4069
- editablePkgJson.content.optionalDependencies
4070
- }
4071
- : undefined),
4072
- ...(editablePkgJson.content.peerDependencies
4073
- ? {
4074
- peerDependencies: editablePkgJson.content.peerDependencies
4075
- }
4076
- : undefined)
4077
- }
4078
- spinner?.info(`Installing ${toSpec}`)
4079
- const baseBranch = getBaseGitBranch()
4080
-
4081
- // eslint-disable-next-line no-await-in-loop
4082
- await gitCheckoutBaseBranchIfAvailable(baseBranch, cwd)
4083
- let error
4084
- let errored = false
4085
- let installed = false
4086
- let saved = false
4087
- try {
4088
- shadowNpmInject.updatePackageJsonFromNode(
4089
- editablePkgJson,
4090
- arb.idealTree,
4091
- node,
4092
- toVersion,
4070
+ for (const pkgJsonPath of pkgJsonPaths) {
4071
+ const isWorkspaceRoot =
4072
+ pkgJsonPath === pkgEnvDetails.editablePkgJson.filename
4073
+ const workspaceName = isWorkspaceRoot
4074
+ ? ''
4075
+ : path$1.relative(rootPath, path$1.dirname(pkgJsonPath))
4076
+ const workspaceDetails = workspaceName ? ` in ${workspaceName}` : ''
4077
+ const editablePkgJson = isWorkspaceRoot
4078
+ ? pkgEnvDetails.editablePkgJson
4079
+ : // eslint-disable-next-line no-await-in-loop
4080
+ await packages.readPackageJson(pkgJsonPath, {
4081
+ editable: true
4082
+ })
4083
+ const newVersion = node.package.version
4084
+ const newVersionRange = shadowNpmInject.applyRange(
4085
+ oldVersion,
4086
+ newVersion,
4093
4087
  rangeStyle
4094
4088
  )
4095
- // eslint-disable-next-line no-await-in-loop
4096
- await editablePkgJson.save()
4097
- saved = true
4098
-
4099
- // eslint-disable-next-line no-await-in-loop
4100
- await install$1(arb.idealTree, {
4101
- cwd
4102
- })
4103
- installed = true
4104
- if (test) {
4105
- spinner?.info(`Testing ${toSpec}`)
4106
- // eslint-disable-next-line no-await-in-loop
4107
- await npm.runScript(testScript, [], {
4108
- spinner,
4109
- stdio: 'ignore'
4110
- })
4089
+ const newSpec = `${name}@${newVersionRange}`
4090
+ const newSpecKey = `${workspaceName ? `${workspaceName}>` : ''}${newSpec}`
4091
+ const branch = isCi
4092
+ ? getSocketBranchName(oldPurl, newVersion, workspaceName)
4093
+ : ''
4094
+ const { owner, repo } = isCi
4095
+ ? getGitHubEnvRepoInfo()
4096
+ : {
4097
+ owner: '',
4098
+ repo: ''
4099
+ }
4100
+ const shouldOpenPr = isCi
4101
+ ? // eslint-disable-next-line no-await-in-loop
4102
+ !(await doesPullRequestExistForBranch(owner, repo, branch))
4103
+ : false
4104
+ const revertData = {
4105
+ ...(editablePkgJson.content.dependencies
4106
+ ? {
4107
+ dependencies: editablePkgJson.content.dependencies
4108
+ }
4109
+ : undefined),
4110
+ ...(editablePkgJson.content.optionalDependencies
4111
+ ? {
4112
+ optionalDependencies:
4113
+ editablePkgJson.content.optionalDependencies
4114
+ }
4115
+ : undefined),
4116
+ ...(editablePkgJson.content.peerDependencies
4117
+ ? {
4118
+ peerDependencies: editablePkgJson.content.peerDependencies
4119
+ }
4120
+ : undefined)
4111
4121
  }
4112
- spinner?.successAndStop(`Fixed ${name}`)
4113
- spinner?.start()
4114
- } catch (e) {
4115
- error = e
4116
- errored = true
4117
- }
4118
- if (!errored && shouldOpenPr) {
4119
- // eslint-disable-next-line no-await-in-loop
4120
- await gitCreateAndPushBranchIfNeeded(
4121
- branch,
4122
- getSocketCommitMessage(fromPurl, toVersion),
4123
- cwd
4124
- )
4122
+ if (!installedSpecs.has(newSpecKey)) {
4123
+ testedSpecs.add(newSpecKey)
4124
+ spinner?.info(`Installing ${newSpec}${workspaceDetails}`)
4125
+ }
4126
+ const baseBranch = getBaseGitBranch()
4127
+
4125
4128
  // eslint-disable-next-line no-await-in-loop
4126
- const prResponse = await openGitHubPullRequest(
4127
- owner,
4128
- repo,
4129
- baseBranch,
4130
- branch,
4131
- fromPurl,
4132
- toVersion,
4133
- cwd
4134
- )
4135
- if (prResponse && autoMerge) {
4129
+ await gitCheckoutBaseBranchIfAvailable(baseBranch, cwd)
4130
+ let error
4131
+ let errored = false
4132
+ let installed = false
4133
+ let saved = false
4134
+ try {
4135
+ shadowNpmInject.updatePackageJsonFromNode(
4136
+ editablePkgJson,
4137
+ arb.idealTree,
4138
+ node,
4139
+ newVersion,
4140
+ rangeStyle
4141
+ )
4136
4142
  // eslint-disable-next-line no-await-in-loop
4137
- await enableAutoMerge(prResponse.data)
4138
- }
4139
- }
4140
- if (errored || isCi) {
4141
- if (errored) {
4142
- spinner?.error(`Reverting ${toSpec}`, error)
4143
- }
4144
- if (isRepo) {
4143
+ if (await editablePkgJson.save()) {
4144
+ saved = true
4145
+ }
4145
4146
  // eslint-disable-next-line no-await-in-loop
4146
- await gitHardReset(cwd)
4147
- }
4148
- if (saved) {
4149
- editablePkgJson.update(revertData)
4150
- if (!isRepo) {
4147
+ await install$1(arb.idealTree, {
4148
+ cwd
4149
+ })
4150
+ installed = true
4151
+ if (test) {
4152
+ if (!testedSpecs.has(newSpecKey)) {
4153
+ testedSpecs.add(newSpecKey)
4154
+ spinner?.info(`Testing ${newSpec}${workspaceDetails}`)
4155
+ }
4151
4156
  // eslint-disable-next-line no-await-in-loop
4152
- await editablePkgJson.save()
4157
+ await npm.runScript(testScript, [], {
4158
+ spinner,
4159
+ stdio: 'ignore'
4160
+ })
4161
+ }
4162
+ if (!fixedSpecs.has(newSpecKey)) {
4163
+ fixedSpecs.add(newSpecKey)
4164
+ spinner?.successAndStop(`Fixed ${name}${workspaceDetails}`)
4165
+ spinner?.start()
4153
4166
  }
4167
+ } catch (e) {
4168
+ error = e
4169
+ errored = true
4154
4170
  }
4155
- if (!isRepo && installed) {
4171
+ if (!errored && shouldOpenPr) {
4156
4172
  // eslint-disable-next-line no-await-in-loop
4157
- await install$1(revertTree, {
4173
+ await gitCreateAndPushBranchIfNeeded(
4174
+ branch,
4175
+ getSocketCommitMessage(oldPurl, newVersion, workspaceName),
4158
4176
  cwd
4159
- })
4177
+ )
4178
+ // eslint-disable-next-line no-await-in-loop
4179
+ const prResponse = await openGitHubPullRequest(
4180
+ owner,
4181
+ repo,
4182
+ baseBranch,
4183
+ branch,
4184
+ oldPurl,
4185
+ newVersion,
4186
+ {
4187
+ cwd,
4188
+ workspaceName
4189
+ }
4190
+ )
4191
+ if (prResponse && autoMerge) {
4192
+ // eslint-disable-next-line no-await-in-loop
4193
+ await enableAutoMerge(prResponse.data)
4194
+ }
4160
4195
  }
4161
- if (errored) {
4162
- spinner?.failAndStop(`Failed to fix ${fromSpec}`)
4196
+ if (errored || isCi) {
4197
+ if (errored) {
4198
+ if (!revertedSpecs.has(newSpecKey)) {
4199
+ revertedSpecs.add(newSpecKey)
4200
+ spinner?.error(`Reverting ${newSpec}${workspaceDetails}`, error)
4201
+ }
4202
+ }
4203
+ if (isRepo) {
4204
+ // eslint-disable-next-line no-await-in-loop
4205
+ await gitHardReset(cwd)
4206
+ }
4207
+ if (saved) {
4208
+ editablePkgJson.update(revertData)
4209
+ if (!isRepo) {
4210
+ // eslint-disable-next-line no-await-in-loop
4211
+ await editablePkgJson.save()
4212
+ }
4213
+ }
4214
+ if (!isRepo && installed) {
4215
+ // eslint-disable-next-line no-await-in-loop
4216
+ await install$1(revertTree, {
4217
+ cwd
4218
+ })
4219
+ }
4220
+ if (errored) {
4221
+ if (!failedSpecs.has(newSpecKey)) {
4222
+ failedSpecs.add(newSpecKey)
4223
+ spinner?.failAndStop(
4224
+ `Update failed for ${oldSpec}${workspaceDetails}`
4225
+ )
4226
+ }
4227
+ }
4163
4228
  }
4164
4229
  }
4165
4230
  }
@@ -4168,78 +4233,6 @@ async function npmFix(
4168
4233
  spinner?.stop()
4169
4234
  }
4170
4235
 
4171
- async function getAlertsMapFromPnpmLockfile(lockfile, options_) {
4172
- const options = {
4173
- __proto__: null,
4174
- consolidate: false,
4175
- nothrow: false,
4176
- ...options_
4177
- }
4178
- const include = {
4179
- __proto__: null,
4180
- actions: undefined,
4181
- blocked: true,
4182
- critical: true,
4183
- cve: true,
4184
- existing: false,
4185
- unfixable: true,
4186
- upgradable: false,
4187
- ...options.include
4188
- }
4189
- const { spinner } = options
4190
- const depTypes = vendor.libExports$2.detectDepTypes(lockfile)
4191
- const pkgIds = Object.keys(depTypes)
4192
- let { length: remaining } = pkgIds
4193
- const alertsByPkgId = new Map()
4194
- if (!remaining) {
4195
- return alertsByPkgId
4196
- }
4197
- const getText = () => `Looking up data for ${remaining} packages`
4198
- spinner?.start(getText())
4199
- const sockSdk = await shadowNpmInject.setupSdk(
4200
- shadowNpmInject.getPublicToken()
4201
- )
4202
- const toAlertsMapOptions = {
4203
- overrides: lockfile.overrides,
4204
- consolidate: options.consolidate,
4205
- include,
4206
- spinner
4207
- }
4208
- for await (const batchResult of sockSdk.batchPackageStream(
4209
- {
4210
- alerts: 'true',
4211
- compact: 'true',
4212
- fixable: include.unfixable ? 'false' : 'true'
4213
- },
4214
- {
4215
- components: pkgIds.map(id => ({
4216
- purl: `pkg:npm/${id}`
4217
- }))
4218
- }
4219
- )) {
4220
- if (batchResult.success) {
4221
- await shadowNpmInject.addArtifactToAlertsMap(
4222
- batchResult.data,
4223
- alertsByPkgId,
4224
- toAlertsMapOptions
4225
- )
4226
- } else if (!options.nothrow) {
4227
- const statusCode = batchResult.status ?? 'unknown'
4228
- const statusMessage = batchResult.error ?? 'No status message'
4229
- throw new Error(
4230
- `Socket API server error (${statusCode}): ${statusMessage}`
4231
- )
4232
- }
4233
- remaining -= 1
4234
- if (spinner && remaining > 0) {
4235
- spinner.start()
4236
- spinner.setText(getText())
4237
- }
4238
- }
4239
- spinner?.stop()
4240
- return alertsByPkgId
4241
- }
4242
-
4243
4236
  const {
4244
4237
  NPM: NPM$e,
4245
4238
  SOCKET_CLI_SAFE_BIN,
@@ -4326,7 +4319,7 @@ function safeNpmInstall(options) {
4326
4319
  return spawnPromise
4327
4320
  }
4328
4321
 
4329
- const { NPM: NPM$d, PNPM: PNPM$a } = constants
4322
+ const { NPM: NPM$d, PNPM: PNPM$9 } = constants
4330
4323
  function runAgentInstall(pkgEnvDetails, options) {
4331
4324
  const { agent, agentExecPath } = pkgEnvDetails
4332
4325
  // All package managers support the "install" command.
@@ -4345,7 +4338,7 @@ function runAgentInstall(pkgEnvDetails, options) {
4345
4338
  ...options
4346
4339
  }
4347
4340
  const skipNodeHardenFlags =
4348
- agent === PNPM$a && pkgEnvDetails.agentVersion.major < 11
4341
+ agent === PNPM$9 && pkgEnvDetails.agentVersion.major < 11
4349
4342
  return spawn.spawn(agentExecPath, ['install', ...args], {
4350
4343
  spinner,
4351
4344
  stdio: 'inherit',
@@ -4365,7 +4358,7 @@ function runAgentInstall(pkgEnvDetails, options) {
4365
4358
  })
4366
4359
  }
4367
4360
 
4368
- const { CI, NPM: NPM$c, OVERRIDES: OVERRIDES$2, PNPM: PNPM$9 } = constants
4361
+ const { CI, NPM: NPM$c, OVERRIDES: OVERRIDES$2, PNPM: PNPM$8 } = constants
4369
4362
  async function getActualTree(cwd = process.cwd()) {
4370
4363
  const arb = new shadowNpmInject.SafeArborist({
4371
4364
  path: cwd,
@@ -4387,15 +4380,18 @@ async function install(pkgEnvDetails, options) {
4387
4380
  }
4388
4381
  async function pnpmFix(
4389
4382
  pkgEnvDetails,
4390
- { autoMerge, cwd, rangeStyle, spinner, test, testScript }
4383
+ { autoMerge, cwd, purls, rangeStyle, spinner, test, testScript }
4391
4384
  ) {
4392
- const lockfile = await vendor.libExports$3.readWantedLockfile(cwd, {
4393
- ignoreIncompatible: false
4394
- })
4385
+ const lockfile = await vendor.libExports$3.readWantedLockfile(
4386
+ pkgEnvDetails.pkgPath,
4387
+ {
4388
+ ignoreIncompatible: false
4389
+ }
4390
+ )
4395
4391
  if (!lockfile) {
4396
4392
  return
4397
4393
  }
4398
- const alertsMap = await getAlertsMapFromPnpmLockfile(lockfile, {
4394
+ const alertMapOptions = {
4399
4395
  consolidate: true,
4400
4396
  include: {
4401
4397
  existing: true,
@@ -4403,43 +4399,61 @@ async function pnpmFix(
4403
4399
  upgradable: false
4404
4400
  },
4405
4401
  nothrow: true
4406
- })
4402
+ }
4403
+ const alertsMap = purls.length
4404
+ ? await shadowNpmInject.getAlertsMapFromPurls(purls, alertMapOptions)
4405
+ : await shadowNpmInject.getAlertsMapFromPnpmLockfile(
4406
+ lockfile,
4407
+ alertMapOptions
4408
+ )
4407
4409
  const infoByPkg = shadowNpmInject.getCveInfoByAlertsMap(alertsMap)
4408
4410
  if (!infoByPkg) {
4409
4411
  return
4410
4412
  }
4411
4413
  spinner?.start()
4412
- const editablePkgJson = await packages.readPackageJson(cwd, {
4413
- editable: true
4414
- })
4414
+
4415
4415
  // Lazily access constants.ENV[CI].
4416
4416
  const isCi = constants.ENV[CI]
4417
- const isRepo = await isInGitRepo(cwd)
4418
- let actualTree = await getActualTree(cwd)
4417
+ const { pkgPath: rootPath } = pkgEnvDetails
4418
+ const {
4419
+ 0: isRepo,
4420
+ 1: workspacePkgJsonPaths,
4421
+ 2: initialTree
4422
+ } = await Promise.all([
4423
+ isInGitRepo(cwd),
4424
+ shadowNpmPaths.globWorkspace(pkgEnvDetails),
4425
+ getActualTree(cwd)
4426
+ ])
4427
+ const pkgJsonPaths = [
4428
+ pkgEnvDetails.editablePkgJson.filename,
4429
+ ...workspacePkgJsonPaths
4430
+ ]
4431
+ let actualTree = initialTree
4419
4432
  for (const { 0: name, 1: infos } of infoByPkg) {
4420
4433
  if (registry.getManifestData(NPM$c, name)) {
4421
4434
  spinner?.info(`Skipping ${name}. Socket Optimize package exists.`)
4422
4435
  continue
4423
4436
  }
4424
- const specs = arrays.arrayUnique(
4425
- shadowNpmInject
4426
- .findPackageNodes(actualTree, name)
4427
- .map(n => `${n.name}@${n.version}`)
4437
+ const oldVersions = arrays.arrayUnique(
4438
+ shadowNpmInject.findPackageNodes(actualTree, name).map(n => n.version)
4428
4439
  )
4429
4440
  const packument =
4430
- specs.length && infos.length
4441
+ oldVersions.length && infos.length
4431
4442
  ? // eslint-disable-next-line no-await-in-loop
4432
4443
  await packages.fetchPackagePackument(name)
4433
4444
  : null
4434
4445
  if (!packument) {
4435
4446
  continue
4436
4447
  }
4437
- for (const spec of specs) {
4438
- const lastAtSignIndex = spec.lastIndexOf('@')
4439
- const name = spec.slice(0, lastAtSignIndex)
4440
- const fromVersion = spec.slice(lastAtSignIndex + 1)
4441
- const fromSpec = `${name}@${fromVersion}`
4442
- const fromPurl = `pkg:npm/${fromSpec}`
4448
+ const failedSpecs = new Set()
4449
+ const fixedSpecs = new Set()
4450
+ const installedSpecs = new Set()
4451
+ const testedSpecs = new Set()
4452
+ const unavailableSpecs = new Set()
4453
+ const revertedSpecs = new Set()
4454
+ for (const oldVersion of oldVersions) {
4455
+ const oldSpec = `${name}@${oldVersion}`
4456
+ const oldPurl = `pkg:npm/${oldSpec}`
4443
4457
  for (const {
4444
4458
  firstPatchedVersionIdentifier,
4445
4459
  vulnerableVersionRange
@@ -4447,177 +4461,224 @@ async function pnpmFix(
4447
4461
  const node = shadowNpmInject.findPackageNode(
4448
4462
  actualTree,
4449
4463
  name,
4450
- fromVersion
4464
+ oldVersion
4451
4465
  )
4452
4466
  if (!node) {
4453
4467
  continue
4454
4468
  }
4455
4469
  const availableVersions = Object.keys(packument.versions)
4456
- const toVersion = shadowNpmInject.findBestPatchVersion(
4470
+ const newVersion = shadowNpmInject.findBestPatchVersion(
4457
4471
  node,
4458
4472
  availableVersions,
4459
4473
  vulnerableVersionRange
4460
4474
  )
4461
- const targetPackument = toVersion
4462
- ? packument.versions[toVersion]
4475
+ const newVersionPackument = newVersion
4476
+ ? packument.versions[newVersion]
4463
4477
  : undefined
4464
- if (!(toVersion && targetPackument)) {
4465
- spinner?.fail(`Could not patch ${fromSpec}`)
4466
- continue
4467
- }
4468
- const oldPnpm = editablePkgJson.content[PNPM$9]
4469
- const oldPnpmKeyCount = oldPnpm ? Object.keys(oldPnpm).length : 0
4470
- const oldOverrides = oldPnpm?.[OVERRIDES$2]
4471
- const oldOverridesCount = oldOverrides
4472
- ? Object.keys(oldOverrides).length
4473
- : 0
4474
- const overrideKey = `${name}@${vulnerableVersionRange}`
4475
- const toVersionRange = shadowNpmInject.applyRange(
4476
- oldOverrides?.[overrideKey] ?? fromVersion,
4477
- toVersion,
4478
- rangeStyle
4479
- )
4480
- const toSpec = `${name}@${toVersionRange}`
4481
- const branch = isCi ? getSocketBranchName(fromPurl, toVersion) : ''
4482
- const baseBranch = isCi ? getBaseGitBranch() : ''
4483
- const { owner, repo } = isCi
4484
- ? getGitHubEnvRepoInfo()
4485
- : {
4486
- owner: '',
4487
- repo: ''
4488
- }
4489
- const shouldOpenPr = isCi
4490
- ? // eslint-disable-next-line no-await-in-loop
4491
- !(await doesPullRequestExistForBranch(owner, repo, branch))
4492
- : false
4493
- const updateData = {
4494
- [PNPM$9]: {
4495
- ...oldPnpm,
4496
- [OVERRIDES$2]: {
4497
- [overrideKey]: toVersionRange,
4498
- ...oldOverrides
4499
- }
4478
+ if (!(newVersion && newVersionPackument)) {
4479
+ if (!unavailableSpecs.has(oldSpec)) {
4480
+ unavailableSpecs.add(oldSpec)
4481
+ spinner?.fail(`No update available for ${oldSpec}`)
4500
4482
  }
4483
+ continue
4501
4484
  }
4502
- const revertData = {
4503
- [PNPM$9]: oldPnpmKeyCount
4504
- ? {
4505
- ...oldPnpm,
4506
- [OVERRIDES$2]:
4507
- oldOverridesCount === 1
4508
- ? undefined
4509
- : {
4510
- [overrideKey]: undefined,
4511
- ...oldOverrides
4512
- }
4513
- }
4514
- : undefined,
4515
- ...(editablePkgJson.content.dependencies
4516
- ? {
4517
- dependencies: editablePkgJson.content.dependencies
4518
- }
4519
- : undefined),
4520
- ...(editablePkgJson.content.optionalDependencies
4521
- ? {
4522
- optionalDependencies:
4523
- editablePkgJson.content.optionalDependencies
4485
+ for (const pkgJsonPath of pkgJsonPaths) {
4486
+ const isWorkspaceRoot =
4487
+ pkgJsonPath === pkgEnvDetails.editablePkgJson.filename
4488
+ const workspaceName = isWorkspaceRoot
4489
+ ? ''
4490
+ : path$1.relative(rootPath, path$1.dirname(pkgJsonPath))
4491
+ const workspaceDetails = workspaceName ? ` in ${workspaceName}` : ''
4492
+ const editablePkgJson = isWorkspaceRoot
4493
+ ? pkgEnvDetails.editablePkgJson
4494
+ : // eslint-disable-next-line no-await-in-loop
4495
+ await packages.readPackageJson(pkgJsonPath, {
4496
+ editable: true
4497
+ })
4498
+ const oldPnpm = editablePkgJson.content[PNPM$8]
4499
+ const oldPnpmKeyCount = oldPnpm ? Object.keys(oldPnpm).length : 0
4500
+ const oldOverrides = oldPnpm?.[OVERRIDES$2]
4501
+ const oldOverridesCount = oldOverrides
4502
+ ? Object.keys(oldOverrides).length
4503
+ : 0
4504
+ const overrideKey = `${name}@${vulnerableVersionRange}`
4505
+ const newVersionRange = shadowNpmInject.applyRange(
4506
+ oldOverrides?.[overrideKey] ?? oldVersion,
4507
+ newVersion,
4508
+ rangeStyle
4509
+ )
4510
+ const newSpec = `${name}@${newVersionRange}`
4511
+ const newSpecKey = `${workspaceName ? `${workspaceName}>` : ''}${newSpec}`
4512
+ const branch = isCi
4513
+ ? getSocketBranchName(oldPurl, newVersion, workspaceName)
4514
+ : ''
4515
+ const baseBranch = isCi ? getBaseGitBranch() : ''
4516
+ const { owner, repo } = isCi
4517
+ ? getGitHubEnvRepoInfo()
4518
+ : {
4519
+ owner: '',
4520
+ repo: ''
4524
4521
  }
4525
- : undefined),
4526
- ...(editablePkgJson.content.peerDependencies
4522
+ const shouldOpenPr = isCi
4523
+ ? // eslint-disable-next-line no-await-in-loop
4524
+ !(await doesPullRequestExistForBranch(owner, repo, branch))
4525
+ : false
4526
+ const updateData = isWorkspaceRoot
4527
4527
  ? {
4528
- peerDependencies: editablePkgJson.content.peerDependencies
4528
+ [PNPM$8]: {
4529
+ ...oldPnpm,
4530
+ [OVERRIDES$2]: {
4531
+ [overrideKey]: newVersionRange,
4532
+ ...oldOverrides
4533
+ }
4534
+ }
4529
4535
  }
4530
- : undefined)
4531
- }
4532
- spinner?.info(`Installing ${toSpec}`)
4533
- if (isCi) {
4534
- // eslint-disable-next-line no-await-in-loop
4535
- await gitCheckoutBaseBranchIfAvailable(baseBranch, cwd)
4536
- }
4537
- let error
4538
- let errored = false
4539
- let installed = false
4540
- let saved = false
4541
- try {
4542
- editablePkgJson.update(updateData)
4543
- shadowNpmInject.updatePackageJsonFromNode(
4544
- editablePkgJson,
4545
- actualTree,
4546
- node,
4547
- toVersion,
4548
- rangeStyle
4549
- )
4550
- // eslint-disable-next-line no-await-in-loop
4551
- await editablePkgJson.save()
4552
- saved = true
4553
-
4554
- // eslint-disable-next-line no-await-in-loop
4555
- actualTree = await install(pkgEnvDetails, {
4556
- spinner
4557
- })
4558
- installed = true
4559
- if (test) {
4560
- spinner?.info(`Testing ${toSpec}`)
4561
- // eslint-disable-next-line no-await-in-loop
4562
- await npm.runScript(testScript, [], {
4563
- spinner,
4564
- stdio: 'ignore'
4565
- })
4566
- }
4567
- spinner?.successAndStop(`Fixed ${name}`)
4568
- spinner?.start()
4569
- } catch (e) {
4570
- error = e
4571
- errored = true
4572
- }
4573
- if (!errored && shouldOpenPr) {
4574
- // eslint-disable-next-line no-await-in-loop
4575
- await gitCreateAndPushBranchIfNeeded(
4576
- branch,
4577
- getSocketCommitMessage(fromPurl, toVersion),
4578
- cwd
4579
- )
4580
- // eslint-disable-next-line no-await-in-loop
4581
- const prResponse = await openGitHubPullRequest(
4582
- owner,
4583
- repo,
4584
- baseBranch,
4585
- branch,
4586
- fromPurl,
4587
- toVersion,
4588
- cwd
4589
- )
4590
- if (prResponse && autoMerge) {
4591
- // eslint-disable-next-line no-await-in-loop
4592
- await enableAutoMerge(prResponse.data)
4536
+ : {}
4537
+ const revertData = {
4538
+ ...(isWorkspaceRoot
4539
+ ? {
4540
+ [PNPM$8]: oldPnpmKeyCount
4541
+ ? {
4542
+ ...oldPnpm,
4543
+ [OVERRIDES$2]:
4544
+ oldOverridesCount === 1
4545
+ ? undefined
4546
+ : {
4547
+ [overrideKey]: undefined,
4548
+ ...oldOverrides
4549
+ }
4550
+ }
4551
+ : undefined
4552
+ }
4553
+ : {}),
4554
+ ...(editablePkgJson.content.dependencies
4555
+ ? {
4556
+ dependencies: editablePkgJson.content.dependencies
4557
+ }
4558
+ : undefined),
4559
+ ...(editablePkgJson.content.optionalDependencies
4560
+ ? {
4561
+ optionalDependencies:
4562
+ editablePkgJson.content.optionalDependencies
4563
+ }
4564
+ : undefined),
4565
+ ...(editablePkgJson.content.peerDependencies
4566
+ ? {
4567
+ peerDependencies: editablePkgJson.content.peerDependencies
4568
+ }
4569
+ : undefined)
4593
4570
  }
4594
- }
4595
- if (errored || isCi) {
4596
- if (errored) {
4597
- spinner?.error(`Reverting ${toSpec}`, error)
4571
+ if (!installedSpecs.has(newSpecKey)) {
4572
+ installedSpecs.add(newSpecKey)
4573
+ spinner?.info(`Installing ${newSpec}${workspaceDetails}`)
4598
4574
  }
4599
- if (isRepo) {
4575
+ if (isCi) {
4600
4576
  // eslint-disable-next-line no-await-in-loop
4601
- await gitHardReset(cwd)
4602
- }
4603
- if (saved) {
4604
- editablePkgJson.update(revertData)
4605
- if (!isRepo) {
4606
- // eslint-disable-next-line no-await-in-loop
4607
- await editablePkgJson.save()
4608
- }
4577
+ await gitCheckoutBaseBranchIfAvailable(baseBranch, cwd)
4609
4578
  }
4610
- if (isRepo) {
4579
+ let error
4580
+ let errored = false
4581
+ let installed = false
4582
+ let saved = false
4583
+ try {
4584
+ editablePkgJson.update(updateData)
4585
+ shadowNpmInject.updatePackageJsonFromNode(
4586
+ editablePkgJson,
4587
+ actualTree,
4588
+ node,
4589
+ newVersion,
4590
+ rangeStyle
4591
+ )
4611
4592
  // eslint-disable-next-line no-await-in-loop
4612
- actualTree = await getActualTree(cwd)
4613
- } else if (installed) {
4593
+ if (!(await editablePkgJson.save())) {
4594
+ continue
4595
+ }
4596
+ saved = true
4614
4597
  // eslint-disable-next-line no-await-in-loop
4615
4598
  actualTree = await install(pkgEnvDetails, {
4616
4599
  spinner
4617
4600
  })
4601
+ installed = true
4602
+ if (test) {
4603
+ if (!testedSpecs.has(newSpecKey)) {
4604
+ testedSpecs.add(newSpecKey)
4605
+ spinner?.info(`Testing ${newSpec}${workspaceDetails}`)
4606
+ }
4607
+ // eslint-disable-next-line no-await-in-loop
4608
+ await npm.runScript(testScript, [], {
4609
+ spinner,
4610
+ stdio: 'ignore'
4611
+ })
4612
+ }
4613
+ if (!fixedSpecs.has(newSpecKey)) {
4614
+ fixedSpecs.add(newSpecKey)
4615
+ spinner?.successAndStop(`Fixed ${name}${workspaceDetails}`)
4616
+ spinner?.start()
4617
+ }
4618
+ } catch (e) {
4619
+ error = e
4620
+ errored = true
4621
+ }
4622
+ if (!errored && shouldOpenPr) {
4623
+ // eslint-disable-next-line no-await-in-loop
4624
+ await gitCreateAndPushBranchIfNeeded(
4625
+ branch,
4626
+ getSocketCommitMessage(oldPurl, newVersion, workspaceName),
4627
+ cwd
4628
+ )
4629
+ // eslint-disable-next-line no-await-in-loop
4630
+ const prResponse = await openGitHubPullRequest(
4631
+ owner,
4632
+ repo,
4633
+ baseBranch,
4634
+ branch,
4635
+ oldPurl,
4636
+ newVersion,
4637
+ {
4638
+ cwd,
4639
+ workspaceName
4640
+ }
4641
+ )
4642
+ if (prResponse && autoMerge) {
4643
+ // eslint-disable-next-line no-await-in-loop
4644
+ await enableAutoMerge(prResponse.data)
4645
+ }
4618
4646
  }
4619
- if (errored) {
4620
- spinner?.failAndStop(`Failed to fix ${fromSpec}`)
4647
+ if (errored || isCi) {
4648
+ if (errored) {
4649
+ if (!revertedSpecs.has(newSpecKey)) {
4650
+ revertedSpecs.add(newSpecKey)
4651
+ spinner?.error(`Reverting ${newSpec}${workspaceDetails}`, error)
4652
+ }
4653
+ }
4654
+ if (isRepo) {
4655
+ // eslint-disable-next-line no-await-in-loop
4656
+ await gitHardReset(cwd)
4657
+ }
4658
+ if (saved) {
4659
+ editablePkgJson.update(revertData)
4660
+ if (!isRepo) {
4661
+ // eslint-disable-next-line no-await-in-loop
4662
+ await editablePkgJson.save()
4663
+ }
4664
+ }
4665
+ if (isRepo) {
4666
+ // eslint-disable-next-line no-await-in-loop
4667
+ actualTree = await getActualTree(cwd)
4668
+ } else if (installed) {
4669
+ // eslint-disable-next-line no-await-in-loop
4670
+ actualTree = await install(pkgEnvDetails, {
4671
+ spinner
4672
+ })
4673
+ }
4674
+ if (errored) {
4675
+ if (!failedSpecs.has(newSpecKey)) {
4676
+ failedSpecs.add(newSpecKey)
4677
+ spinner?.failAndStop(
4678
+ `Update failed for ${oldSpec}${workspaceDetails}`
4679
+ )
4680
+ }
4681
+ }
4621
4682
  }
4622
4683
  }
4623
4684
  }
@@ -4626,6 +4687,29 @@ async function pnpmFix(
4626
4687
  spinner?.stop()
4627
4688
  }
4628
4689
 
4690
+ const CMD_NAME$1 = 'socket fix'
4691
+ function assignDefaultFixOptions(options) {
4692
+ if (options.autoPilot === undefined) {
4693
+ options.autoPilot = false
4694
+ }
4695
+ if (options.autoMerge === undefined) {
4696
+ options.autoMerge = !!options.autoPilot
4697
+ }
4698
+ if (options.cwd === undefined) {
4699
+ options.cwd = process.cwd()
4700
+ }
4701
+ if (options.rangeStyle === undefined) {
4702
+ options.rangeStyle = 'preserve'
4703
+ }
4704
+ if (options.test === undefined) {
4705
+ options.test = !!options.autoPilot || !!options.testScript
4706
+ }
4707
+ if (options.testScript === undefined) {
4708
+ options.testScript = 'test'
4709
+ }
4710
+ return options
4711
+ }
4712
+
4629
4713
  const {
4630
4714
  BINARY_LOCK_EXT,
4631
4715
  BUN: BUN$5,
@@ -4634,7 +4718,7 @@ const {
4634
4718
  NPM: NPM$b,
4635
4719
  NPM_BUGGY_OVERRIDES_PATCHED_VERSION: NPM_BUGGY_OVERRIDES_PATCHED_VERSION$1,
4636
4720
  PACKAGE_JSON,
4637
- PNPM: PNPM$8,
4721
+ PNPM: PNPM$7,
4638
4722
  VLT: VLT$5,
4639
4723
  YARN,
4640
4724
  YARN_BERRY: YARN_BERRY$5,
@@ -4643,7 +4727,7 @@ const {
4643
4727
  const AGENTS = new Set([
4644
4728
  BUN$5,
4645
4729
  NPM$b,
4646
- PNPM$8,
4730
+ PNPM$7,
4647
4731
  YARN_BERRY$5,
4648
4732
  YARN_CLASSIC$6,
4649
4733
  VLT$5
@@ -4651,7 +4735,7 @@ const AGENTS = new Set([
4651
4735
  const binByAgent = new Map([
4652
4736
  [BUN$5, BUN$5],
4653
4737
  [NPM$b, NPM$b],
4654
- [PNPM$8, PNPM$8],
4738
+ [PNPM$7, PNPM$7],
4655
4739
  [YARN_BERRY$5, YARN],
4656
4740
  [YARN_CLASSIC$6, YARN],
4657
4741
  [VLT$5, VLT$5]
@@ -4659,7 +4743,7 @@ const binByAgent = new Map([
4659
4743
  async function getAgentExecPath(agent) {
4660
4744
  const binName = binByAgent.get(agent)
4661
4745
  return (
4662
- (await vendor.libExports$1(binName, {
4746
+ (await vendor.libExports$2(binName, {
4663
4747
  nothrow: true
4664
4748
  })) ?? binName
4665
4749
  )
@@ -4693,8 +4777,8 @@ const LOCKS = {
4693
4777
  // https://docs.npmjs.com/cli/v10/configuring-npm/package-lock-json#package-lockjson-vs-npm-shrinkwrapjson
4694
4778
  'npm-shrinkwrap.json': NPM$b,
4695
4779
  'package-lock.json': NPM$b,
4696
- 'pnpm-lock.yaml': PNPM$8,
4697
- 'pnpm-lock.yml': PNPM$8,
4780
+ 'pnpm-lock.yaml': PNPM$7,
4781
+ 'pnpm-lock.yml': PNPM$7,
4698
4782
  [`yarn${LOCK_EXT$1}`]: YARN_CLASSIC$6,
4699
4783
  'vlt-lock.json': VLT$5,
4700
4784
  // Lastly, look for a hidden lock file which is present if .npmrc has package-lock=false:
@@ -4741,7 +4825,7 @@ const readLockFileByAgent = (() => {
4741
4825
  })
4742
4826
  ],
4743
4827
  [NPM$b, defaultReader],
4744
- [PNPM$8, defaultReader],
4828
+ [PNPM$7, defaultReader],
4745
4829
  [VLT$5, defaultReader],
4746
4830
  [YARN_BERRY$5, defaultReader],
4747
4831
  [YARN_CLASSIC$6, defaultReader]
@@ -4765,7 +4849,7 @@ async function detectPackageEnvironment({
4765
4849
  cwd
4766
4850
  })
4767
4851
  const pkgPath =
4768
- pkgJsonPath && require$$0.existsSync(pkgJsonPath)
4852
+ pkgJsonPath && fs$1.existsSync(pkgJsonPath)
4769
4853
  ? path$1.dirname(pkgJsonPath)
4770
4854
  : undefined
4771
4855
  const editablePkgJson = pkgPath
@@ -4893,6 +4977,7 @@ async function detectPackageEnvironment({
4893
4977
  agentExecPath,
4894
4978
  agentSupported,
4895
4979
  agentVersion,
4980
+ editablePkgJson,
4896
4981
  features: {
4897
4982
  npmBuggyOverrides
4898
4983
  },
@@ -4902,7 +4987,6 @@ async function detectPackageEnvironment({
4902
4987
  nodeSupported,
4903
4988
  nodeVersion,
4904
4989
  npmExecPath,
4905
- pkgJson: editablePkgJson,
4906
4990
  pkgPath,
4907
4991
  pkgRequirements: {
4908
4992
  agent: pkgAgentRange ?? `>=${pkgMinAgentVersion}`,
@@ -5026,15 +5110,14 @@ async function detectAndValidatePackageEnvironment(cwd, options) {
5026
5110
  return details
5027
5111
  }
5028
5112
 
5029
- const { NPM: NPM$a, PNPM: PNPM$7 } = constants
5030
- const CMD_NAME$2 = 'socket fix'
5113
+ const { NPM: NPM$a, PNPM: PNPM$6 } = constants
5031
5114
  async function runFix(options_) {
5032
- const options = shadowNpmInject.assignDefaultFixOptions({
5115
+ const options = assignDefaultFixOptions({
5033
5116
  __proto__: null,
5034
5117
  ...options_
5035
5118
  })
5036
5119
  const pkgEnvDetails = await detectAndValidatePackageEnvironment(options.cwd, {
5037
- cmdName: CMD_NAME$2,
5120
+ cmdName: CMD_NAME$1,
5038
5121
  logger: logger.logger
5039
5122
  })
5040
5123
  if (!pkgEnvDetails) {
@@ -5044,13 +5127,13 @@ async function runFix(options_) {
5044
5127
  const { agent } = pkgEnvDetails
5045
5128
  if (agent === NPM$a) {
5046
5129
  await npmFix(pkgEnvDetails, options)
5047
- } else if (agent === PNPM$7) {
5130
+ } else if (agent === PNPM$6) {
5048
5131
  await pnpmFix(pkgEnvDetails, options)
5049
5132
  }
5050
5133
  }
5051
5134
 
5052
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$w } = constants
5053
- const config$z = {
5135
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$x } = constants
5136
+ const config$A = {
5054
5137
  commandName: 'fix',
5055
5138
  description: 'Fix "fixable" Socket alerts',
5056
5139
  hidden: true,
@@ -5066,10 +5149,17 @@ const config$z = {
5066
5149
  default: false,
5067
5150
  description: `Enable auto-merge for pull requests that Socket opens.\n See ${vendor.terminalLinkExports('GitHub documentation', 'https://docs.github.com/en/repositories/configuring-branches-and-merges-in-your-repository/configuring-pull-request-merges/managing-auto-merge-for-pull-requests-in-your-repository')} for managing auto-merge for pull requests in your repository.`
5068
5151
  },
5152
+ purl: {
5153
+ type: 'string',
5154
+ default: [],
5155
+ description: `User provided PURL to fix`,
5156
+ isMultiple: true,
5157
+ shortFlag: 'p'
5158
+ },
5069
5159
  rangeStyle: {
5070
5160
  type: 'string',
5071
5161
  default: 'preserve',
5072
- description: vendor.stripIndent`
5162
+ description: vendor.html`
5073
5163
  Define how updated dependency versions should be written in package.json.
5074
5164
  Available styles:
5075
5165
  * caret - Use ^ range for compatible updates (e.g. ^1.2.3)
@@ -5100,14 +5190,14 @@ const config$z = {
5100
5190
  `
5101
5191
  }
5102
5192
  const cmdFix = {
5103
- description: config$z.description,
5104
- hidden: config$z.hidden,
5105
- run: run$z
5193
+ description: config$A.description,
5194
+ hidden: config$A.hidden,
5195
+ run: run$A
5106
5196
  }
5107
- async function run$z(argv, importMeta, { parentName }) {
5197
+ async function run$A(argv, importMeta, { parentName }) {
5108
5198
  const cli = meowOrExit({
5109
5199
  argv,
5110
- config: config$z,
5200
+ config: config$A,
5111
5201
  importMeta,
5112
5202
  parentName
5113
5203
  })
@@ -5121,7 +5211,7 @@ async function run$z(argv, importMeta, { parentName }) {
5121
5211
  return
5122
5212
  }
5123
5213
  if (cli.flags['dryRun']) {
5124
- logger.logger.log(DRY_RUN_BAIL_TEXT$w)
5214
+ logger.logger.log(DRY_RUN_BAIL_TEXT$x)
5125
5215
  return
5126
5216
  }
5127
5217
 
@@ -5130,6 +5220,7 @@ async function run$z(argv, importMeta, { parentName }) {
5130
5220
  await runFix({
5131
5221
  autoMerge: Boolean(cli.flags['autoMerge']),
5132
5222
  autoPilot: Boolean(cli.flags['autoPilot']),
5223
+ purls: Array.isArray(cli.flags['purl']) ? cli.flags['purl'] : [],
5133
5224
  spinner,
5134
5225
  rangeStyle: cli.flags['rangeStyle'] ?? undefined,
5135
5226
  test: Boolean(cli.flags['test']),
@@ -5230,7 +5321,7 @@ function outputPackageInfo(
5230
5321
  return
5231
5322
  }
5232
5323
  if (outputKind === 'markdown') {
5233
- logger.logger.log(vendor.stripIndents`
5324
+ logger.logger.log(vendor.html`
5234
5325
  # Package report for ${pkgName}
5235
5326
 
5236
5327
  Package report card:
@@ -5323,11 +5414,12 @@ async function handlePackageInfo({
5323
5414
  }
5324
5415
  }
5325
5416
 
5326
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$v } = constants
5327
- const config$y = {
5417
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$w } = constants
5418
+ const config$z = {
5328
5419
  commandName: 'info',
5329
5420
  description: 'Look up info regarding a package',
5330
- hidden: false,
5421
+ hidden: true,
5422
+ // Deprecated
5331
5423
  flags: {
5332
5424
  ...commonFlags,
5333
5425
  ...outputFlags,
@@ -5348,14 +5440,14 @@ const config$y = {
5348
5440
  `
5349
5441
  }
5350
5442
  const cmdInfo = {
5351
- description: config$y.description,
5352
- hidden: config$y.hidden,
5353
- run: run$y
5443
+ description: config$z.description,
5444
+ hidden: config$z.hidden,
5445
+ run: run$z
5354
5446
  }
5355
- async function run$y(argv, importMeta, { parentName }) {
5447
+ async function run$z(argv, importMeta, { parentName }) {
5356
5448
  const cli = meowOrExit({
5357
5449
  argv,
5358
- config: config$y,
5450
+ config: config$z,
5359
5451
  importMeta,
5360
5452
  parentName
5361
5453
  })
@@ -5393,11 +5485,11 @@ async function run$y(argv, importMeta, { parentName }) {
5393
5485
  const pkgVersion =
5394
5486
  versionSeparator < 1 ? 'latest' : rawPkgName.slice(versionSeparator + 1)
5395
5487
  if (cli.flags['dryRun']) {
5396
- logger.logger.log(DRY_RUN_BAIL_TEXT$v)
5488
+ logger.logger.log(DRY_RUN_BAIL_TEXT$w)
5397
5489
  return
5398
5490
  }
5399
5491
  await handlePackageInfo({
5400
- commandName: `${parentName} ${config$y.commandName}`,
5492
+ commandName: `${parentName} ${config$z.commandName}`,
5401
5493
  includeAllIssues: Boolean(all),
5402
5494
  outputKind: json ? 'json' : markdown ? 'markdown' : 'print',
5403
5495
  pkgName,
@@ -5473,7 +5565,7 @@ async function attemptLogin(apiBaseUrl, apiProxy) {
5473
5565
  logger.logger.success(
5474
5566
  `API credentials ${previousPersistedToken === apiToken ? 'refreshed' : previousPersistedToken ? 'updated' : 'set'}`
5475
5567
  )
5476
- if (!shadowNpmInject.isReadOnlyConfig()) {
5568
+ if (shadowNpmInject.isReadOnlyConfig()) {
5477
5569
  logger.logger.log('')
5478
5570
  logger.logger.warn(
5479
5571
  'Note: config is in read-only mode, at least one key was overridden through flag/env, so the login was not persisted!'
@@ -5484,8 +5576,8 @@ async function attemptLogin(apiBaseUrl, apiProxy) {
5484
5576
  }
5485
5577
  }
5486
5578
 
5487
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$u } = constants
5488
- const config$x = {
5579
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$v } = constants
5580
+ const config$y = {
5489
5581
  commandName: 'login',
5490
5582
  description: 'Socket API login',
5491
5583
  hidden: false,
@@ -5518,21 +5610,21 @@ const config$x = {
5518
5610
  `
5519
5611
  }
5520
5612
  const cmdLogin = {
5521
- description: config$x.description,
5522
- hidden: config$x.hidden,
5523
- run: run$x
5613
+ description: config$y.description,
5614
+ hidden: config$y.hidden,
5615
+ run: run$y
5524
5616
  }
5525
- async function run$x(argv, importMeta, { parentName }) {
5617
+ async function run$y(argv, importMeta, { parentName }) {
5526
5618
  const cli = meowOrExit({
5527
5619
  argv,
5528
- config: config$x,
5620
+ config: config$y,
5529
5621
  importMeta,
5530
5622
  parentName
5531
5623
  })
5532
5624
  const apiBaseUrl = cli.flags['apiBaseUrl']
5533
5625
  const apiProxy = cli.flags['apiProxy']
5534
5626
  if (cli.flags['dryRun']) {
5535
- logger.logger.log(DRY_RUN_BAIL_TEXT$u)
5627
+ logger.logger.log(DRY_RUN_BAIL_TEXT$v)
5536
5628
  return
5537
5629
  }
5538
5630
  if (!isInteractive()) {
@@ -5554,7 +5646,7 @@ function attemptLogout() {
5554
5646
  try {
5555
5647
  applyLogout()
5556
5648
  logger.logger.success('Successfully logged out')
5557
- if (!shadowNpmInject.isReadOnlyConfig()) {
5649
+ if (shadowNpmInject.isReadOnlyConfig()) {
5558
5650
  logger.logger.log('')
5559
5651
  logger.logger.warn(
5560
5652
  'Note: config is in read-only mode, at least one key was overridden through flag/env, so the logout was not persisted!'
@@ -5565,8 +5657,8 @@ function attemptLogout() {
5565
5657
  }
5566
5658
  }
5567
5659
 
5568
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$t } = constants
5569
- const config$w = {
5660
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$u } = constants
5661
+ const config$x = {
5570
5662
  commandName: 'logout',
5571
5663
  description: 'Socket API logout',
5572
5664
  hidden: false,
@@ -5581,42 +5673,60 @@ const config$w = {
5581
5673
  `
5582
5674
  }
5583
5675
  const cmdLogout = {
5584
- description: config$w.description,
5585
- hidden: config$w.hidden,
5586
- run: run$w
5676
+ description: config$x.description,
5677
+ hidden: config$x.hidden,
5678
+ run: run$x
5587
5679
  }
5588
- async function run$w(argv, importMeta, { parentName }) {
5680
+ async function run$x(argv, importMeta, { parentName }) {
5589
5681
  const cli = meowOrExit({
5590
5682
  argv,
5591
- config: config$w,
5683
+ config: config$x,
5592
5684
  importMeta,
5593
5685
  parentName
5594
5686
  })
5595
5687
  if (cli.flags['dryRun']) {
5596
- logger.logger.log(DRY_RUN_BAIL_TEXT$t)
5688
+ logger.logger.log(DRY_RUN_BAIL_TEXT$u)
5597
5689
  return
5598
5690
  }
5599
5691
  attemptLogout()
5600
5692
  }
5601
5693
 
5602
- async function convertGradleToMaven(target, bin, _out, verbose, gradleOpts) {
5603
- // Lazily access constants.spinner.
5604
- const { spinner } = constants
5605
- const rbin = path$1.resolve(bin)
5606
- const rtarget = path$1.resolve(target)
5694
+ async function convertGradleToMaven(target, bin, cwd, verbose, gradleOpts) {
5607
5695
  if (verbose) {
5608
- logger.logger.group('gradle2maven:')
5609
- logger.logger.log(`[VERBOSE] - Absolute bin path: \`${rbin}\``)
5610
- logger.logger.log(`[VERBOSE] - Absolute target path: \`${rtarget}\``)
5611
- logger.logger.groupEnd()
5696
+ logger.logger.log('[VERBOSE] Resolving:', [cwd, bin])
5697
+ }
5698
+ const rbin = path$1.resolve(cwd, bin)
5699
+ if (verbose) {
5700
+ logger.logger.log('[VERBOSE] Resolving:', [cwd, target])
5701
+ }
5702
+ const rtarget = path$1.resolve(cwd, target)
5703
+ const binExists = fs$1.existsSync(rbin)
5704
+ const targetExists = fs$1.existsSync(rtarget)
5705
+ logger.logger.group('gradle2maven:')
5706
+ if (verbose || debug.isDebug()) {
5707
+ logger.logger.log(
5708
+ `[VERBOSE] - Absolute bin path: \`${rbin}\` (${binExists ? 'found' : vendor.yoctocolorsCjsExports.red('not found!')})`
5709
+ )
5710
+ logger.logger.log(
5711
+ `[VERBOSE] - Absolute target path: \`${rtarget}\` (${targetExists ? 'found' : vendor.yoctocolorsCjsExports.red('not found!')})`
5712
+ )
5612
5713
  } else {
5613
- logger.logger.group('gradle2maven:')
5614
- logger.logger.log(`- executing: \`${bin}\``)
5615
- logger.logger.log(`- src dir: \`${target}\``)
5616
- logger.logger.groupEnd()
5714
+ logger.logger.log(`- executing: \`${rbin}\``)
5715
+ if (!binExists) {
5716
+ logger.logger.warn(
5717
+ 'Warning: It appears the executable could not be found at this location. An error might be printed later because of that.'
5718
+ )
5719
+ }
5720
+ logger.logger.log(`- src dir: \`${rtarget}\``)
5721
+ if (!targetExists) {
5722
+ logger.logger.warn(
5723
+ 'Warning: It appears the src dir could not be found at this location. An error might be printed later because of that.'
5724
+ )
5725
+ }
5617
5726
  }
5727
+ logger.logger.groupEnd()
5618
5728
  try {
5619
- // Run sbt with the init script we provide which should yield zero or more
5729
+ // Run gradlew with the init script we provide which should yield zero or more
5620
5730
  // pom files. We have to figure out where to store those pom files such that
5621
5731
  // we can upload them and predict them through the GitHub API. We could do a
5622
5732
  // .socket folder. We could do a socket.pom.gz with all the poms, although
@@ -5626,26 +5736,23 @@ async function convertGradleToMaven(target, bin, _out, verbose, gradleOpts) {
5626
5736
  const initLocation = path$1.join(constants.rootDistPath, 'init.gradle')
5627
5737
  const commandArgs = ['--init-script', initLocation, ...gradleOpts, 'pom']
5628
5738
  if (verbose) {
5629
- logger.logger.log('[VERBOSE] Executing:', bin, commandArgs)
5739
+ logger.logger.log('[VERBOSE] Executing:', [bin], ', args:', commandArgs)
5630
5740
  }
5631
- spinner.start(
5632
- `Converting gradle to maven from \`${bin}\` on \`${target}\`...`
5741
+ logger.logger.log(
5742
+ `Converting gradle to maven from \`${bin}\` on \`${target}\` ...`
5633
5743
  )
5634
- const output = await spawn.spawn(bin, commandArgs, {
5635
- cwd: target || '.'
5636
- })
5637
- spinner.stop()
5744
+ const output = await execGradleWithSpinner(rbin, commandArgs, rtarget, cwd)
5638
5745
  if (verbose) {
5639
5746
  logger.logger.group('[VERBOSE] gradle stdout:')
5640
5747
  logger.logger.log(output)
5641
5748
  logger.logger.groupEnd()
5642
5749
  }
5643
- if (output.stderr) {
5750
+ if (output.code !== 0) {
5644
5751
  process.exitCode = 1
5645
- logger.logger.fail('There were errors while running gradle')
5752
+ logger.logger.fail(`Gradle exited with exit code ${output.code}`)
5646
5753
  // (In verbose mode, stderr was printed above, no need to repeat it)
5647
5754
  if (!verbose) {
5648
- logger.logger.group('[VERBOSE] stderr:')
5755
+ logger.logger.group('stderr:')
5649
5756
  logger.logger.error(output.stderr)
5650
5757
  logger.logger.groupEnd()
5651
5758
  }
@@ -5657,41 +5764,15 @@ async function convertGradleToMaven(target, bin, _out, verbose, gradleOpts) {
5657
5764
  logger.logger.log('- ', fn)
5658
5765
  return fn
5659
5766
  })
5660
-
5661
- // const loc = output.stdout?.match(/Wrote (.*?.pom)\n/)?.[1]?.trim()
5662
- // if (!loc) {
5663
- // logger.fail(
5664
- // 'There were no errors from sbt but could not find the location of resulting .pom file either'
5665
- // )
5666
- // // eslint-disable-next-line n/no-process-exit
5667
- // process.exit(1)
5668
- // }
5669
- //
5670
- // // Move the pom file to ...? initial cwd? loc will be an absolute path, or dump to stdout
5671
- // if (out === '-') {
5672
- // spinner.start('Result:\n```')
5673
- // spinner.log(await safeReadFile(loc))
5674
- // spinner.log('```')
5675
- // spinner.successAndStop(`OK`)
5676
- // } else {
5677
- // spinner.start()
5678
- // if (verbose) {
5679
- // spinner.log(
5680
- // `Moving manifest file from \`${loc.replace(/^\/home\/[^/]*?\//, '~/')}\` to \`${out}\``
5681
- // )
5682
- // } else {
5683
- // spinner.log('Moving output pom file')
5684
- // }
5685
- // // TODO: do we prefer fs-extra? renaming can be gnarly on windows and fs-extra's version is better
5686
- // await renamep(loc, out)
5687
- // spinner.successAndStop(`OK. File should be available in \`${out}\``)
5688
- // }
5767
+ logger.logger.log('')
5768
+ logger.logger.log(
5769
+ 'Next step is to generate a Scan by running the `socket scan create` command on the same directory'
5770
+ )
5689
5771
  } catch (e) {
5690
5772
  process.exitCode = 1
5691
- spinner.stop()
5692
5773
  logger.logger.fail(
5693
- 'There was an unexpected error while running this' +
5694
- (verbose ? '' : ' (use --verbose for details)')
5774
+ 'There was an unexpected error while generating manifests' +
5775
+ (verbose ? '' : ' (use --verbose for details)')
5695
5776
  )
5696
5777
  if (verbose) {
5697
5778
  logger.logger.group('[VERBOSE] error:')
@@ -5700,9 +5781,39 @@ async function convertGradleToMaven(target, bin, _out, verbose, gradleOpts) {
5700
5781
  }
5701
5782
  }
5702
5783
  }
5784
+ async function execGradleWithSpinner(bin, commandArgs, target, cwd) {
5785
+ // Lazily access constants.spinner.
5786
+ const { spinner } = constants
5787
+ let pass = false
5788
+ try {
5789
+ spinner.start(
5790
+ `Running gradlew... (this can take a while, it depends on how long gradlew has to run)`
5791
+ )
5792
+ const output = await spawn.spawn(bin, commandArgs, {
5793
+ // We can pipe the output through to have the user see the result
5794
+ // of running gradlew, but then we can't (easily) gather the output
5795
+ // to discover the generated files... probably a flag we should allow?
5796
+ // stdio: isDebug() ? 'inherit' : undefined,
5797
+ cwd: target || cwd
5798
+ })
5799
+ pass = true
5800
+ const { code, stderr, stdout } = output
5801
+ return {
5802
+ code,
5803
+ stdout,
5804
+ stderr
5805
+ }
5806
+ } finally {
5807
+ if (pass) {
5808
+ spinner.successAndStop('Completed gradlew execution')
5809
+ } else {
5810
+ spinner.failAndStop('There was an error while trying to run gradlew.')
5811
+ }
5812
+ }
5813
+ }
5703
5814
 
5704
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$s } = constants
5705
- const config$v = {
5815
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$t } = constants
5816
+ const config$w = {
5706
5817
  commandName: 'gradle',
5707
5818
  description:
5708
5819
  '[beta] Use Gradle to generate a manifest file (`pom.xml`) for a Gradle/Java/Kotlin/etc project',
@@ -5723,16 +5834,6 @@ const config$v = {
5723
5834
  description:
5724
5835
  'Additional options to pass on to ./gradlew, see `./gradlew --help`'
5725
5836
  },
5726
- out: {
5727
- type: 'string',
5728
- default: './socket.pom.xml',
5729
- description:
5730
- 'Path of output file; where to store the resulting manifest, see also --stdout'
5731
- },
5732
- stdout: {
5733
- type: 'boolean',
5734
- description: 'Print resulting pom.xml to stdout (supersedes --out)'
5735
- },
5736
5837
  task: {
5737
5838
  type: 'string',
5738
5839
  default: 'all',
@@ -5777,20 +5878,20 @@ const config$v = {
5777
5878
  `
5778
5879
  }
5779
5880
  const cmdManifestGradle = {
5780
- description: config$v.description,
5781
- hidden: config$v.hidden,
5782
- run: run$v
5783
- }
5784
- async function run$v(argv, importMeta, { parentName }) {
5881
+ description: config$w.description,
5882
+ hidden: config$w.hidden,
5883
+ run: run$w
5884
+ }
5885
+ async function run$w(argv, importMeta, { parentName }) {
5785
5886
  const cli = meowOrExit({
5786
5887
  argv,
5787
- config: config$v,
5888
+ config: config$w,
5788
5889
  importMeta,
5789
5890
  parentName
5790
5891
  })
5791
5892
  const verbose = Boolean(cli.flags['verbose'])
5792
5893
  if (verbose) {
5793
- logger.logger.group('- ', parentName, config$v.commandName, ':')
5894
+ logger.logger.group('- ', parentName, config$w.commandName, ':')
5794
5895
  logger.logger.group('- flags:', cli.flags)
5795
5896
  logger.logger.groupEnd()
5796
5897
  logger.logger.log('- input:', cli.input)
@@ -5811,7 +5912,7 @@ async function run$v(argv, importMeta, { parentName }) {
5811
5912
  },
5812
5913
  {
5813
5914
  nook: true,
5814
- test: cli.input.length === 1,
5915
+ test: cli.input.length <= 1,
5815
5916
  message: 'Can only accept one DIR (make sure to escape spaces!)',
5816
5917
  pass: 'ok',
5817
5918
  fail: 'received ' + cli.input.length
@@ -5820,24 +5921,12 @@ async function run$v(argv, importMeta, { parentName }) {
5820
5921
  if (wasBadInput) {
5821
5922
  return
5822
5923
  }
5823
- let bin
5824
- if (cli.flags['bin']) {
5825
- bin = cli.flags['bin']
5826
- } else {
5827
- bin = path$1.join(target, 'gradlew')
5828
- }
5829
- let out = './socket.pom.xml'
5830
- if (cli.flags['out']) {
5831
- out = cli.flags['out']
5832
- }
5833
- if (cli.flags['stdout']) {
5834
- out = '-'
5835
- }
5924
+ const { bin = path$1.join(target, 'gradlew'), cwd = process.cwd() } =
5925
+ cli.flags
5836
5926
  if (verbose) {
5837
5927
  logger.logger.group()
5838
5928
  logger.logger.log('- target:', target)
5839
5929
  logger.logger.log('- gradle bin:', bin)
5840
- logger.logger.log('- out:', out)
5841
5930
  logger.logger.groupEnd()
5842
5931
  }
5843
5932
  let gradleOpts = []
@@ -5848,10 +5937,16 @@ async function run$v(argv, importMeta, { parentName }) {
5848
5937
  .filter(Boolean)
5849
5938
  }
5850
5939
  if (cli.flags['dryRun']) {
5851
- logger.logger.log(DRY_RUN_BAIL_TEXT$s)
5940
+ logger.logger.log(DRY_RUN_BAIL_TEXT$t)
5852
5941
  return
5853
5942
  }
5854
- await convertGradleToMaven(target, bin, out, verbose, gradleOpts)
5943
+ await convertGradleToMaven(
5944
+ target,
5945
+ String(bin),
5946
+ String(cwd),
5947
+ verbose,
5948
+ gradleOpts
5949
+ )
5855
5950
  }
5856
5951
 
5857
5952
  async function convertSbtToMaven(target, bin, out, verbose, sbtOpts) {
@@ -5957,8 +6052,8 @@ async function convertSbtToMaven(target, bin, out, verbose, sbtOpts) {
5957
6052
  }
5958
6053
  }
5959
6054
 
5960
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$r } = constants
5961
- const config$u = {
6055
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$s } = constants
6056
+ const config$v = {
5962
6057
  commandName: 'scala',
5963
6058
  description:
5964
6059
  "[beta] Generate a manifest file (`pom.xml`) from Scala's `build.sbt` file",
@@ -6033,20 +6128,20 @@ const config$u = {
6033
6128
  `
6034
6129
  }
6035
6130
  const cmdManifestScala = {
6036
- description: config$u.description,
6037
- hidden: config$u.hidden,
6038
- run: run$u
6131
+ description: config$v.description,
6132
+ hidden: config$v.hidden,
6133
+ run: run$v
6039
6134
  }
6040
- async function run$u(argv, importMeta, { parentName }) {
6135
+ async function run$v(argv, importMeta, { parentName }) {
6041
6136
  const cli = meowOrExit({
6042
6137
  argv,
6043
- config: config$u,
6138
+ config: config$v,
6044
6139
  importMeta,
6045
6140
  parentName
6046
6141
  })
6047
6142
  const verbose = Boolean(cli.flags['verbose'])
6048
6143
  if (verbose) {
6049
- logger.logger.group('- ', parentName, config$u.commandName, ':')
6144
+ logger.logger.group('- ', parentName, config$v.commandName, ':')
6050
6145
  logger.logger.group('- flags:', cli.flags)
6051
6146
  logger.logger.groupEnd()
6052
6147
  logger.logger.log('- input:', cli.input)
@@ -6067,7 +6162,7 @@ async function run$u(argv, importMeta, { parentName }) {
6067
6162
  },
6068
6163
  {
6069
6164
  nook: true,
6070
- test: cli.input.length === 1,
6165
+ test: cli.input.length <= 1,
6071
6166
  message: 'Can only accept one DIR (make sure to escape spaces!)',
6072
6167
  pass: 'ok',
6073
6168
  fail: 'received ' + cli.input.length
@@ -6102,14 +6197,14 @@ async function run$u(argv, importMeta, { parentName }) {
6102
6197
  .filter(Boolean)
6103
6198
  }
6104
6199
  if (cli.flags['dryRun']) {
6105
- logger.logger.log(DRY_RUN_BAIL_TEXT$r)
6200
+ logger.logger.log(DRY_RUN_BAIL_TEXT$s)
6106
6201
  return
6107
6202
  }
6108
6203
  await convertSbtToMaven(target, bin, out, verbose, sbtOpts)
6109
6204
  }
6110
6205
 
6111
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$q } = constants
6112
- const config$t = {
6206
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$r } = constants
6207
+ const config$u = {
6113
6208
  commandName: 'auto',
6114
6209
  description: 'Auto-detect build and attempt to generate manifest file',
6115
6210
  hidden: false,
@@ -6139,21 +6234,21 @@ const config$t = {
6139
6234
  `
6140
6235
  }
6141
6236
  const cmdManifestAuto = {
6142
- description: config$t.description,
6143
- hidden: config$t.hidden,
6144
- run: run$t
6237
+ description: config$u.description,
6238
+ hidden: config$u.hidden,
6239
+ run: run$u
6145
6240
  }
6146
- async function run$t(argv, importMeta, { parentName }) {
6241
+ async function run$u(argv, importMeta, { parentName }) {
6147
6242
  const cli = meowOrExit({
6148
6243
  argv,
6149
- config: config$t,
6244
+ config: config$u,
6150
6245
  importMeta,
6151
6246
  parentName
6152
6247
  })
6153
6248
  const verbose = !!cli.flags['verbose']
6154
6249
  const cwd = cli.flags['cwd'] ?? process.cwd()
6155
6250
  if (verbose) {
6156
- logger.logger.group('- ', parentName, config$t.commandName, ':')
6251
+ logger.logger.group('- ', parentName, config$u.commandName, ':')
6157
6252
  logger.logger.group('- flags:', cli.flags)
6158
6253
  logger.logger.groupEnd()
6159
6254
  logger.logger.log('- input:', cli.input)
@@ -6165,7 +6260,7 @@ async function run$t(argv, importMeta, { parentName }) {
6165
6260
  subArgs.push('--verbose')
6166
6261
  }
6167
6262
  const dir = cwd
6168
- if (require$$0.existsSync(path$1.join(dir, 'build.sbt'))) {
6263
+ if (fs$1.existsSync(path$1.join(dir, 'build.sbt'))) {
6169
6264
  logger.logger.log(
6170
6265
  'Detected a Scala sbt build, running default Scala generator...'
6171
6266
  )
@@ -6174,7 +6269,7 @@ async function run$t(argv, importMeta, { parentName }) {
6174
6269
  }
6175
6270
  subArgs.push(dir)
6176
6271
  if (cli.flags['dryRun']) {
6177
- logger.logger.log(DRY_RUN_BAIL_TEXT$q)
6272
+ logger.logger.log(DRY_RUN_BAIL_TEXT$r)
6178
6273
  return
6179
6274
  }
6180
6275
  await cmdManifestScala.run(subArgs, importMeta, {
@@ -6182,7 +6277,7 @@ async function run$t(argv, importMeta, { parentName }) {
6182
6277
  })
6183
6278
  return
6184
6279
  }
6185
- if (require$$0.existsSync(path$1.join(dir, 'gradlew'))) {
6280
+ if (fs$1.existsSync(path$1.join(dir, 'gradlew'))) {
6186
6281
  logger.logger.log(
6187
6282
  'Detected a gradle build, running default gradle generator...'
6188
6283
  )
@@ -6191,7 +6286,7 @@ async function run$t(argv, importMeta, { parentName }) {
6191
6286
  subArgs.push(cwd)
6192
6287
  }
6193
6288
  if (cli.flags['dryRun']) {
6194
- logger.logger.log(DRY_RUN_BAIL_TEXT$q)
6289
+ logger.logger.log(DRY_RUN_BAIL_TEXT$r)
6195
6290
  return
6196
6291
  }
6197
6292
  await cmdManifestGradle.run(subArgs, importMeta, {
@@ -6200,7 +6295,7 @@ async function run$t(argv, importMeta, { parentName }) {
6200
6295
  return
6201
6296
  }
6202
6297
  if (cli.flags['dryRun']) {
6203
- logger.logger.log(DRY_RUN_BAIL_TEXT$q)
6298
+ logger.logger.log(DRY_RUN_BAIL_TEXT$r)
6204
6299
  return
6205
6300
  }
6206
6301
 
@@ -6208,7 +6303,7 @@ async function run$t(argv, importMeta, { parentName }) {
6208
6303
  vendor
6209
6304
  .meow(
6210
6305
  `
6211
- $ ${parentName} ${config$t.commandName}
6306
+ $ ${parentName} ${config$u.commandName}
6212
6307
 
6213
6308
  Unfortunately this script did not discover a supported language in the
6214
6309
  current folder.
@@ -6222,21 +6317,21 @@ async function run$t(argv, importMeta, { parentName }) {
6222
6317
  `,
6223
6318
  {
6224
6319
  argv: [],
6225
- description: config$t.description,
6320
+ description: config$u.description,
6226
6321
  importMeta
6227
6322
  }
6228
6323
  )
6229
6324
  .showHelp()
6230
6325
  }
6231
6326
 
6232
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$p } = constants
6327
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$q } = constants
6233
6328
 
6234
6329
  // TODO: we may want to dedupe some pieces for all gradle languages. I think it
6235
6330
  // makes sense to have separate commands for them and I think it makes
6236
6331
  // sense for the help panels to note the requested language, rather than
6237
6332
  // `socket manifest kotlin` to print help screens with `gradle` as the
6238
6333
  // command. Room for improvement.
6239
- const config$s = {
6334
+ const config$t = {
6240
6335
  commandName: 'kotlin',
6241
6336
  description:
6242
6337
  '[beta] Use Gradle to generate a manifest file (`pom.xml`) for a Kotlin project',
@@ -6257,16 +6352,6 @@ const config$s = {
6257
6352
  description:
6258
6353
  'Additional options to pass on to ./gradlew, see `./gradlew --help`'
6259
6354
  },
6260
- out: {
6261
- type: 'string',
6262
- default: './socket.pom.xml',
6263
- description:
6264
- 'Path of output file; where to store the resulting manifest, see also --stdout'
6265
- },
6266
- stdout: {
6267
- type: 'boolean',
6268
- description: 'Print resulting pom.xml to stdout (supersedes --out)'
6269
- },
6270
6355
  task: {
6271
6356
  type: 'string',
6272
6357
  default: 'all',
@@ -6311,20 +6396,20 @@ const config$s = {
6311
6396
  `
6312
6397
  }
6313
6398
  const cmdManifestKotlin = {
6314
- description: config$s.description,
6315
- hidden: config$s.hidden,
6316
- run: run$s
6399
+ description: config$t.description,
6400
+ hidden: config$t.hidden,
6401
+ run: run$t
6317
6402
  }
6318
- async function run$s(argv, importMeta, { parentName }) {
6403
+ async function run$t(argv, importMeta, { parentName }) {
6319
6404
  const cli = meowOrExit({
6320
6405
  argv,
6321
- config: config$s,
6406
+ config: config$t,
6322
6407
  importMeta,
6323
6408
  parentName
6324
6409
  })
6325
6410
  const verbose = Boolean(cli.flags['verbose'])
6326
6411
  if (verbose) {
6327
- logger.logger.group('- ', parentName, config$s.commandName, ':')
6412
+ logger.logger.group('- ', parentName, config$t.commandName, ':')
6328
6413
  logger.logger.group('- flags:', cli.flags)
6329
6414
  logger.logger.groupEnd()
6330
6415
  logger.logger.log('- input:', cli.input)
@@ -6345,7 +6430,7 @@ async function run$s(argv, importMeta, { parentName }) {
6345
6430
  },
6346
6431
  {
6347
6432
  nook: true,
6348
- test: cli.input.length === 1,
6433
+ test: cli.input.length <= 1,
6349
6434
  message: 'Can only accept one DIR (make sure to escape spaces!)',
6350
6435
  pass: 'ok',
6351
6436
  fail: 'received ' + cli.input.length
@@ -6354,24 +6439,12 @@ async function run$s(argv, importMeta, { parentName }) {
6354
6439
  if (wasBadInput) {
6355
6440
  return
6356
6441
  }
6357
- let bin
6358
- if (cli.flags['bin']) {
6359
- bin = cli.flags['bin']
6360
- } else {
6361
- bin = path$1.join(target, 'gradlew')
6362
- }
6363
- let out = './socket.pom.xml'
6364
- if (cli.flags['out']) {
6365
- out = cli.flags['out']
6366
- }
6367
- if (cli.flags['stdout']) {
6368
- out = '-'
6369
- }
6442
+ const { bin = path$1.join(target, 'gradlew'), cwd = process.cwd() } =
6443
+ cli.flags
6370
6444
  if (verbose) {
6371
6445
  logger.logger.group()
6372
6446
  logger.logger.log('- target:', target)
6373
6447
  logger.logger.log('- gradle bin:', bin)
6374
- logger.logger.log('- out:', out)
6375
6448
  logger.logger.groupEnd()
6376
6449
  }
6377
6450
  let gradleOpts = []
@@ -6382,13 +6455,19 @@ async function run$s(argv, importMeta, { parentName }) {
6382
6455
  .filter(Boolean)
6383
6456
  }
6384
6457
  if (cli.flags['dryRun']) {
6385
- logger.logger.log(DRY_RUN_BAIL_TEXT$p)
6458
+ logger.logger.log(DRY_RUN_BAIL_TEXT$q)
6386
6459
  return
6387
6460
  }
6388
- await convertGradleToMaven(target, bin, out, verbose, gradleOpts)
6461
+ await convertGradleToMaven(
6462
+ target,
6463
+ String(bin),
6464
+ String(cwd),
6465
+ verbose,
6466
+ gradleOpts
6467
+ )
6389
6468
  }
6390
6469
 
6391
- const config$r = {
6470
+ const config$s = {
6392
6471
  commandName: 'manifest',
6393
6472
  description: 'Generate a dependency manifest for given file or dir',
6394
6473
  hidden: false,
@@ -6397,11 +6476,11 @@ const config$r = {
6397
6476
  }
6398
6477
  }
6399
6478
  const cmdManifest = {
6400
- description: config$r.description,
6401
- hidden: config$r.hidden,
6402
- run: run$r
6479
+ description: config$s.description,
6480
+ hidden: config$s.hidden,
6481
+ run: run$s
6403
6482
  }
6404
- async function run$r(argv, importMeta, { parentName }) {
6483
+ async function run$s(argv, importMeta, { parentName }) {
6405
6484
  await meowWithSubcommands(
6406
6485
  {
6407
6486
  auto: cmdManifestAuto,
@@ -6413,15 +6492,15 @@ async function run$r(argv, importMeta, { parentName }) {
6413
6492
  argv,
6414
6493
  aliases: {
6415
6494
  yolo: {
6416
- description: config$r.description,
6495
+ description: config$s.description,
6417
6496
  hidden: true,
6418
6497
  argv: ['auto']
6419
6498
  }
6420
6499
  },
6421
- description: config$r.description,
6500
+ description: config$s.description,
6422
6501
  importMeta,
6423
- flags: config$r.flags,
6424
- name: `${parentName} ${config$r.commandName}`
6502
+ flags: config$s.flags,
6503
+ name: `${parentName} ${config$s.commandName}`
6425
6504
  }
6426
6505
  )
6427
6506
  }
@@ -6433,8 +6512,8 @@ async function wrapNpm(argv) {
6433
6512
  await shadowBin(NPM$8, argv)
6434
6513
  }
6435
6514
 
6436
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$o, NPM: NPM$7 } = constants
6437
- const config$q = {
6515
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$p, NPM: NPM$7 } = constants
6516
+ const config$r = {
6438
6517
  commandName: 'npm',
6439
6518
  description: `${NPM$7} wrapper functionality`,
6440
6519
  hidden: false,
@@ -6447,20 +6526,20 @@ const config$q = {
6447
6526
  `
6448
6527
  }
6449
6528
  const cmdNpm = {
6450
- description: config$q.description,
6451
- hidden: config$q.hidden,
6452
- run: run$q
6529
+ description: config$r.description,
6530
+ hidden: config$r.hidden,
6531
+ run: run$r
6453
6532
  }
6454
- async function run$q(argv, importMeta, { parentName }) {
6533
+ async function run$r(argv, importMeta, { parentName }) {
6455
6534
  const cli = meowOrExit({
6456
6535
  allowUnknownFlags: true,
6457
6536
  argv,
6458
- config: config$q,
6537
+ config: config$r,
6459
6538
  importMeta,
6460
6539
  parentName
6461
6540
  })
6462
6541
  if (cli.flags['dryRun']) {
6463
- logger.logger.log(DRY_RUN_BAIL_TEXT$o)
6542
+ logger.logger.log(DRY_RUN_BAIL_TEXT$p)
6464
6543
  return
6465
6544
  }
6466
6545
  await wrapNpm(argv)
@@ -6473,8 +6552,8 @@ async function wrapNpx(argv) {
6473
6552
  await shadowBin(NPX$2, argv)
6474
6553
  }
6475
6554
 
6476
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$n, NPX: NPX$1 } = constants
6477
- const config$p = {
6555
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$o, NPX: NPX$1 } = constants
6556
+ const config$q = {
6478
6557
  commandName: 'npx',
6479
6558
  description: `${NPX$1} wrapper functionality`,
6480
6559
  hidden: false,
@@ -6487,27 +6566,27 @@ const config$p = {
6487
6566
  `
6488
6567
  }
6489
6568
  const cmdNpx = {
6490
- description: config$p.description,
6491
- hidden: config$p.hidden,
6492
- run: run$p
6569
+ description: config$q.description,
6570
+ hidden: config$q.hidden,
6571
+ run: run$q
6493
6572
  }
6494
- async function run$p(argv, importMeta, { parentName }) {
6573
+ async function run$q(argv, importMeta, { parentName }) {
6495
6574
  const cli = meowOrExit({
6496
6575
  allowUnknownFlags: true,
6497
6576
  argv,
6498
- config: config$p,
6577
+ config: config$q,
6499
6578
  importMeta,
6500
6579
  parentName
6501
6580
  })
6502
6581
  if (cli.flags['dryRun']) {
6503
- logger.logger.log(DRY_RUN_BAIL_TEXT$n)
6582
+ logger.logger.log(DRY_RUN_BAIL_TEXT$o)
6504
6583
  return
6505
6584
  }
6506
6585
  await wrapNpx(argv)
6507
6586
  }
6508
6587
 
6509
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$m } = constants
6510
- const config$o = {
6588
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$n } = constants
6589
+ const config$p = {
6511
6590
  commandName: 'oops',
6512
6591
  description: 'Trigger an intentional error (for development)',
6513
6592
  hidden: true,
@@ -6522,19 +6601,19 @@ const config$o = {
6522
6601
  `
6523
6602
  }
6524
6603
  const cmdOops = {
6525
- description: config$o.description,
6526
- hidden: config$o.hidden,
6527
- run: run$o
6604
+ description: config$p.description,
6605
+ hidden: config$p.hidden,
6606
+ run: run$p
6528
6607
  }
6529
- async function run$o(argv, importMeta, { parentName }) {
6608
+ async function run$p(argv, importMeta, { parentName }) {
6530
6609
  const cli = meowOrExit({
6531
6610
  argv,
6532
- config: config$o,
6611
+ config: config$p,
6533
6612
  importMeta,
6534
6613
  parentName
6535
6614
  })
6536
6615
  if (cli.flags['dryRun']) {
6537
- logger.logger.log(DRY_RUN_BAIL_TEXT$m)
6616
+ logger.logger.log(DRY_RUN_BAIL_TEXT$n)
6538
6617
  return
6539
6618
  }
6540
6619
  throw new Error('This error was intentionally left blank')
@@ -6543,7 +6622,7 @@ async function run$o(argv, importMeta, { parentName }) {
6543
6622
  const {
6544
6623
  BUN: BUN$4,
6545
6624
  NPM: NPM$6,
6546
- PNPM: PNPM$6,
6625
+ PNPM: PNPM$5,
6547
6626
  VLT: VLT$4,
6548
6627
  YARN_BERRY: YARN_BERRY$4,
6549
6628
  YARN_CLASSIC: YARN_CLASSIC$5
@@ -6557,19 +6636,19 @@ function matchQueryCmdStdout(stdout, name) {
6557
6636
  const depsIncludesByAgent = new Map([
6558
6637
  [BUN$4, matchLsCmdViewHumanStdout],
6559
6638
  [NPM$6, matchQueryCmdStdout],
6560
- [PNPM$6, matchQueryCmdStdout],
6639
+ [PNPM$5, matchQueryCmdStdout],
6561
6640
  [VLT$4, matchQueryCmdStdout],
6562
6641
  [YARN_BERRY$4, matchLsCmdViewHumanStdout],
6563
6642
  [YARN_CLASSIC$5, matchLsCmdViewHumanStdout]
6564
6643
  ])
6565
6644
 
6566
- function getDependencyEntries(editablePkgJson) {
6645
+ function getDependencyEntries(pkgEnvDetails) {
6567
6646
  const {
6568
6647
  dependencies,
6569
6648
  devDependencies,
6570
6649
  optionalDependencies,
6571
6650
  peerDependencies
6572
- } = editablePkgJson.content
6651
+ } = pkgEnvDetails.editablePkgJson.content
6573
6652
  return [
6574
6653
  [
6575
6654
  'dependencies',
@@ -6614,14 +6693,14 @@ const {
6614
6693
  BUN: BUN$3,
6615
6694
  NPM: NPM$5,
6616
6695
  OVERRIDES: OVERRIDES$1,
6617
- PNPM: PNPM$5,
6696
+ PNPM: PNPM$4,
6618
6697
  RESOLUTIONS: RESOLUTIONS$1,
6619
6698
  VLT: VLT$3,
6620
6699
  YARN_BERRY: YARN_BERRY$3,
6621
6700
  YARN_CLASSIC: YARN_CLASSIC$4
6622
6701
  } = constants
6623
- function getOverridesDataBun(editablePkgJson) {
6624
- const overrides = editablePkgJson.content?.[RESOLUTIONS$1] ?? {}
6702
+ function getOverridesDataBun(pkgEnvDetails) {
6703
+ const overrides = pkgEnvDetails.editablePkgJson.content?.[RESOLUTIONS$1] ?? {}
6625
6704
  return {
6626
6705
  type: YARN_BERRY$3,
6627
6706
  overrides
@@ -6630,8 +6709,8 @@ function getOverridesDataBun(editablePkgJson) {
6630
6709
 
6631
6710
  // npm overrides documentation:
6632
6711
  // https://docs.npmjs.com/cli/v10/configuring-npm/package-json#overrides
6633
- function getOverridesDataNpm(editablePkgJson) {
6634
- const overrides = editablePkgJson.content?.[OVERRIDES$1] ?? {}
6712
+ function getOverridesDataNpm(pkgEnvDetails) {
6713
+ const overrides = pkgEnvDetails.editablePkgJson.content?.[OVERRIDES$1] ?? {}
6635
6714
  return {
6636
6715
  type: NPM$5,
6637
6716
  overrides
@@ -6640,15 +6719,16 @@ function getOverridesDataNpm(editablePkgJson) {
6640
6719
 
6641
6720
  // pnpm overrides documentation:
6642
6721
  // https://pnpm.io/package_json#pnpmoverrides
6643
- function getOverridesDataPnpm(editablePkgJson) {
6644
- const overrides = editablePkgJson.content?.[PNPM$5]?.[OVERRIDES$1] ?? {}
6722
+ function getOverridesDataPnpm(pkgEnvDetails) {
6723
+ const overrides =
6724
+ pkgEnvDetails.editablePkgJson.content?.[PNPM$4]?.[OVERRIDES$1] ?? {}
6645
6725
  return {
6646
- type: PNPM$5,
6726
+ type: PNPM$4,
6647
6727
  overrides
6648
6728
  }
6649
6729
  }
6650
- function getOverridesDataVlt(editablePkgJson) {
6651
- const overrides = editablePkgJson.content?.[OVERRIDES$1] ?? {}
6730
+ function getOverridesDataVlt(pkgEnvDetails) {
6731
+ const overrides = pkgEnvDetails.editablePkgJson.content?.[OVERRIDES$1] ?? {}
6652
6732
  return {
6653
6733
  type: VLT$3,
6654
6734
  overrides
@@ -6657,8 +6737,8 @@ function getOverridesDataVlt(editablePkgJson) {
6657
6737
 
6658
6738
  // Yarn resolutions documentation:
6659
6739
  // https://yarnpkg.com/configuration/manifest#resolutions
6660
- function getOverridesDataYarn(editablePkgJson) {
6661
- const overrides = editablePkgJson.content?.[RESOLUTIONS$1] ?? {}
6740
+ function getOverridesDataYarn(pkgEnvDetails) {
6741
+ const overrides = pkgEnvDetails.editablePkgJson.content?.[RESOLUTIONS$1] ?? {}
6662
6742
  return {
6663
6743
  type: YARN_BERRY$3,
6664
6744
  overrides
@@ -6667,8 +6747,8 @@ function getOverridesDataYarn(editablePkgJson) {
6667
6747
 
6668
6748
  // Yarn resolutions documentation:
6669
6749
  // https://classic.yarnpkg.com/en/docs/selective-version-resolutions
6670
- function getOverridesDataYarnClassic(editablePkgJson) {
6671
- const overrides = editablePkgJson.content?.[RESOLUTIONS$1] ?? {}
6750
+ function getOverridesDataYarnClassic(pkgEnvDetails) {
6751
+ const overrides = pkgEnvDetails.editablePkgJson.content?.[RESOLUTIONS$1] ?? {}
6672
6752
  return {
6673
6753
  type: YARN_CLASSIC$4,
6674
6754
  overrides
@@ -6677,62 +6757,12 @@ function getOverridesDataYarnClassic(editablePkgJson) {
6677
6757
  const overridesDataByAgent = new Map([
6678
6758
  [BUN$3, getOverridesDataBun],
6679
6759
  [NPM$5, getOverridesDataNpm],
6680
- [PNPM$5, getOverridesDataPnpm],
6760
+ [PNPM$4, getOverridesDataPnpm],
6681
6761
  [VLT$3, getOverridesDataVlt],
6682
6762
  [YARN_BERRY$3, getOverridesDataYarn],
6683
6763
  [YARN_CLASSIC$4, getOverridesDataYarnClassic]
6684
6764
  ])
6685
6765
 
6686
- const { PNPM: PNPM$4 } = constants
6687
- const PNPM_WORKSPACE = `${PNPM$4}-workspace`
6688
- async function getWorkspaceGlobs(agent, pkgPath, editablePkgJson) {
6689
- let workspacePatterns
6690
- if (agent === PNPM$4) {
6691
- for (const workspacePath of [
6692
- path$1.join(pkgPath, `${PNPM_WORKSPACE}.yaml`),
6693
- path$1.join(pkgPath, `${PNPM_WORKSPACE}.yml`)
6694
- ]) {
6695
- // eslint-disable-next-line no-await-in-loop
6696
- const yml = await shadowNpmInject.safeReadFile(workspacePath)
6697
- if (yml) {
6698
- try {
6699
- workspacePatterns = vendor.distExports$1.parse(yml)?.packages
6700
- } catch {}
6701
- if (workspacePatterns) {
6702
- break
6703
- }
6704
- }
6705
- }
6706
- } else {
6707
- workspacePatterns = editablePkgJson.content['workspaces']
6708
- }
6709
- return Array.isArray(workspacePatterns)
6710
- ? workspacePatterns
6711
- .filter(strings.isNonEmptyString)
6712
- .map(workspacePatternToGlobPattern)
6713
- : undefined
6714
- }
6715
- function workspacePatternToGlobPattern(workspace) {
6716
- const { length } = workspace
6717
- if (!length) {
6718
- return ''
6719
- }
6720
- // If the workspace ends with "/"
6721
- if (workspace.charCodeAt(length - 1) === 47 /*'/'*/) {
6722
- return `${workspace}/*/package.json`
6723
- }
6724
- // If the workspace ends with "/**"
6725
- if (
6726
- workspace.charCodeAt(length - 1) === 42 /*'*'*/ &&
6727
- workspace.charCodeAt(length - 2) === 42 /*'*'*/ &&
6728
- workspace.charCodeAt(length - 3) === 47 /*'/'*/
6729
- ) {
6730
- return `${workspace}/*/**/package.json`
6731
- }
6732
- // Things like "packages/a" or "packages/*"
6733
- return `${workspace}/package.json`
6734
- }
6735
-
6736
6766
  const {
6737
6767
  BUN: BUN$2,
6738
6768
  LOCK_EXT,
@@ -6850,22 +6880,22 @@ async function npmQuery(npmExecPath, cwd) {
6850
6880
  } catch {}
6851
6881
  return cleanupQueryStdout(stdout)
6852
6882
  }
6853
- async function lsBun(agentExecPath, cwd) {
6883
+ async function lsBun(pkgEnvDetails, cwd) {
6854
6884
  try {
6855
6885
  // Bun does not support filtering by production packages yet.
6856
6886
  // https://github.com/oven-sh/bun/issues/8283
6857
6887
  return (
6858
- await spawn.spawn(agentExecPath, ['pm', 'ls', '--all'], {
6888
+ await spawn.spawn(pkgEnvDetails.agentExecPath, ['pm', 'ls', '--all'], {
6859
6889
  cwd
6860
6890
  })
6861
6891
  ).stdout
6862
6892
  } catch {}
6863
6893
  return ''
6864
6894
  }
6865
- async function lsNpm(agentExecPath, cwd) {
6866
- return await npmQuery(agentExecPath, cwd)
6895
+ async function lsNpm(pkgEnvDetails, cwd) {
6896
+ return await npmQuery(pkgEnvDetails.agentExecPath, cwd)
6867
6897
  }
6868
- async function lsPnpm(agentExecPath, cwd, options) {
6898
+ async function lsPnpm(pkgEnvDetails, cwd, options) {
6869
6899
  const npmExecPath = options?.npmExecPath
6870
6900
  if (npmExecPath && npmExecPath !== NPM$3) {
6871
6901
  const result = await npmQuery(npmExecPath, cwd)
@@ -6877,7 +6907,7 @@ async function lsPnpm(agentExecPath, cwd, options) {
6877
6907
  try {
6878
6908
  stdout = (
6879
6909
  await spawn.spawn(
6880
- agentExecPath,
6910
+ pkgEnvDetails.agentExecPath,
6881
6911
  // Pnpm uses the alternative spelling of parsable.
6882
6912
  // https://en.wiktionary.org/wiki/parsable
6883
6913
  ['ls', '--parseable', '--prod', '--depth', 'Infinity'],
@@ -6889,13 +6919,13 @@ async function lsPnpm(agentExecPath, cwd, options) {
6889
6919
  } catch {}
6890
6920
  return parsableToQueryStdout(stdout)
6891
6921
  }
6892
- async function lsVlt(agentExecPath, cwd) {
6922
+ async function lsVlt(pkgEnvDetails, cwd) {
6893
6923
  let stdout = ''
6894
6924
  try {
6895
6925
  // See https://docs.vlt.sh/cli/commands/list#options.
6896
6926
  stdout = (
6897
6927
  await spawn.spawn(
6898
- agentExecPath,
6928
+ pkgEnvDetails.agentExecPath,
6899
6929
  ['ls', '--view', 'human', ':not(.dev)'],
6900
6930
  {
6901
6931
  cwd
@@ -6905,14 +6935,14 @@ async function lsVlt(agentExecPath, cwd) {
6905
6935
  } catch {}
6906
6936
  return cleanupQueryStdout(stdout)
6907
6937
  }
6908
- async function lsYarnBerry(agentExecPath, cwd) {
6938
+ async function lsYarnBerry(pkgEnvDetails, cwd) {
6909
6939
  try {
6910
6940
  return (
6911
6941
  // Yarn Berry does not support filtering by production packages yet.
6912
6942
  // https://github.com/yarnpkg/berry/issues/5117
6913
6943
  (
6914
6944
  await spawn.spawn(
6915
- agentExecPath,
6945
+ pkgEnvDetails.agentExecPath,
6916
6946
  ['info', '--recursive', '--name-only'],
6917
6947
  {
6918
6948
  cwd
@@ -6923,14 +6953,14 @@ async function lsYarnBerry(agentExecPath, cwd) {
6923
6953
  } catch {}
6924
6954
  return ''
6925
6955
  }
6926
- async function lsYarnClassic(agentExecPath, cwd) {
6956
+ async function lsYarnClassic(pkgEnvDetails, cwd) {
6927
6957
  try {
6928
6958
  // However, Yarn Classic does support it.
6929
6959
  // https://github.com/yarnpkg/yarn/releases/tag/v1.0.0
6930
6960
  // > Fix: Excludes dev dependencies from the yarn list output when the
6931
6961
  // environment is production
6932
6962
  return (
6933
- await spawn.spawn(agentExecPath, ['list', '--prod'], {
6963
+ await spawn.spawn(pkgEnvDetails.agentExecPath, ['list', '--prod'], {
6934
6964
  cwd
6935
6965
  })
6936
6966
  ).stdout.trim()
@@ -6946,6 +6976,8 @@ const lsByAgent = new Map([
6946
6976
  [YARN_CLASSIC$2, lsYarnClassic]
6947
6977
  ])
6948
6978
 
6979
+ const CMD_NAME = 'socket optimize'
6980
+
6949
6981
  const {
6950
6982
  BUN,
6951
6983
  NPM: NPM$2,
@@ -7075,14 +7107,14 @@ function updatePkgJsonField(editablePkgJson, field, value) {
7075
7107
  `${JSON.stringify(Object.fromEntries(entries), null, 2)}\n`
7076
7108
  )
7077
7109
  }
7078
- function updateOverridesField(editablePkgJson, overrides) {
7079
- updatePkgJsonField(editablePkgJson, OVERRIDES, overrides)
7110
+ function updateOverridesField(pkgEnvDetails, overrides) {
7111
+ updatePkgJsonField(pkgEnvDetails.editablePkgJson, OVERRIDES, overrides)
7080
7112
  }
7081
- function updateResolutionsField(editablePkgJson, overrides) {
7082
- updatePkgJsonField(editablePkgJson, RESOLUTIONS, overrides)
7113
+ function updateResolutionsField(pkgEnvDetails, overrides) {
7114
+ updatePkgJsonField(pkgEnvDetails.editablePkgJson, RESOLUTIONS, overrides)
7083
7115
  }
7084
- function updatePnpmField(editablePkgJson, overrides) {
7085
- updatePkgJsonField(editablePkgJson, PNPM$1, overrides)
7116
+ function updatePnpmField(pkgEnvDetails, overrides) {
7117
+ updatePkgJsonField(pkgEnvDetails.editablePkgJson, PNPM$1, overrides)
7086
7118
  }
7087
7119
  const updateManifestByAgent = new Map([
7088
7120
  [BUN, updateResolutionsField],
@@ -7094,12 +7126,10 @@ const updateManifestByAgent = new Map([
7094
7126
  ])
7095
7127
 
7096
7128
  const { NPM: NPM$1, PNPM, YARN_CLASSIC } = constants
7097
- const CMD_NAME$1 = 'socket optimize'
7098
7129
  const manifestNpmOverrides = registry.getManifestData(NPM$1)
7099
- async function addOverrides(pkgPath, pkgEnvDetails, options) {
7130
+ async function addOverrides(pkgEnvDetails, pkgPath, options) {
7100
7131
  const {
7101
7132
  agent,
7102
- agentExecPath,
7103
7133
  lockName,
7104
7134
  lockSrc,
7105
7135
  npmExecPath,
@@ -7115,27 +7145,19 @@ async function addOverrides(pkgPath, pkgEnvDetails, options) {
7115
7145
  addedInWorkspaces: new Set(),
7116
7146
  updated: new Set(),
7117
7147
  updatedInWorkspaces: new Set(),
7118
- warnedPnpmWorkspaceRequiresNpm: false
7148
+ warnedPnpmWorkspaceRequiresNpm: false,
7149
+ workspacePkgJsonPaths: await shadowNpmPaths.globWorkspace(pkgEnvDetails)
7119
7150
  }
7120
7151
  } = {
7121
7152
  __proto__: null,
7122
7153
  ...options
7123
7154
  }
7124
- let { pkgJson: editablePkgJson } = pkgEnvDetails
7125
- if (editablePkgJson === undefined) {
7126
- editablePkgJson = await packages.readPackageJson(pkgPath, {
7127
- editable: true
7128
- })
7129
- }
7130
- const workspaceName = path$1.relative(rootPath, pkgPath)
7131
- const workspaceGlobs = await getWorkspaceGlobs(
7132
- agent,
7133
- pkgPath,
7134
- editablePkgJson
7135
- )
7136
- const isRoot = pkgPath === rootPath
7137
- const isLockScanned = isRoot && !prod
7138
- const isWorkspace = !!workspaceGlobs
7155
+ const isWorkspace = state.workspacePkgJsonPaths.length > 0
7156
+ const isWorkspaceRoot = pkgPath === rootPath
7157
+ const isLockScanned = isWorkspaceRoot && !prod
7158
+ const workspaceName = isWorkspaceRoot
7159
+ ? ''
7160
+ : path$1.relative(rootPath, pkgPath)
7139
7161
  if (
7140
7162
  isWorkspace &&
7141
7163
  agent === PNPM &&
@@ -7146,25 +7168,25 @@ async function addOverrides(pkgPath, pkgEnvDetails, options) {
7146
7168
  state.warnedPnpmWorkspaceRequiresNpm = true
7147
7169
  logger?.warn(
7148
7170
  cmdPrefixMessage(
7149
- CMD_NAME$1,
7171
+ CMD_NAME,
7150
7172
  `${agent} workspace support requires \`npm ls\`, falling back to \`${agent} list\``
7151
7173
  )
7152
7174
  )
7153
7175
  }
7154
7176
  const overridesDataObjects = []
7155
- if (editablePkgJson.content['private'] || isWorkspace) {
7156
- overridesDataObjects.push(overridesDataByAgent.get(agent)(editablePkgJson))
7177
+ if (isWorkspace || pkgEnvDetails.editablePkgJson.content['private']) {
7178
+ overridesDataObjects.push(overridesDataByAgent.get(agent)(pkgEnvDetails))
7157
7179
  } else {
7158
7180
  overridesDataObjects.push(
7159
- overridesDataByAgent.get(NPM$1)(editablePkgJson),
7160
- overridesDataByAgent.get(YARN_CLASSIC)(editablePkgJson)
7181
+ overridesDataByAgent.get(NPM$1)(pkgEnvDetails),
7182
+ overridesDataByAgent.get(YARN_CLASSIC)(pkgEnvDetails)
7161
7183
  )
7162
7184
  }
7163
7185
  spinner?.setText(
7164
7186
  `Adding overrides${workspaceName ? ` to ${workspaceName}` : ''}...`
7165
7187
  )
7166
7188
  const depAliasMap = new Map()
7167
- const depEntries = getDependencyEntries(editablePkgJson)
7189
+ const depEntries = getDependencyEntries(pkgEnvDetails)
7168
7190
  const manifestEntries = manifestNpmOverrides.filter(({ 1: data }) =>
7169
7191
  vendor.semverExports.satisfies(
7170
7192
  // Roughly check Node range as semver.coerce will strip leading
@@ -7215,7 +7237,7 @@ async function addOverrides(pkgPath, pkgEnvDetails, options) {
7215
7237
  depAliasMap.set(origPkgName, thisSpec)
7216
7238
  }
7217
7239
  }
7218
- if (isRoot) {
7240
+ if (isWorkspaceRoot) {
7219
7241
  // The AgentDepsIncludesFn and AgentLockIncludesFn types overlap in their
7220
7242
  // first two parameters. AgentLockIncludesFn accepts an optional third
7221
7243
  // parameter which AgentDepsIncludesFn will ignore so we cast thingScanner
@@ -7225,7 +7247,7 @@ async function addOverrides(pkgPath, pkgEnvDetails, options) {
7225
7247
  : depsIncludesByAgent.get(agent)
7226
7248
  const thingToScan = isLockScanned
7227
7249
  ? lockSrc
7228
- : await lsByAgent.get(agent)(agentExecPath, pkgPath, {
7250
+ : await lsByAgent.get(agent)(pkgEnvDetails, pkgPath, {
7229
7251
  npmExecPath
7230
7252
  })
7231
7253
  // Chunk package names to process them in parallel 3 at a time.
@@ -7291,28 +7313,21 @@ async function addOverrides(pkgPath, pkgEnvDetails, options) {
7291
7313
  )
7292
7314
  }
7293
7315
  })
7294
- if (workspaceGlobs) {
7295
- const workspacePkgJsonPaths = await vendor.distExports.glob(
7296
- workspaceGlobs,
7297
- {
7298
- absolute: true,
7299
- cwd: pkgPath,
7300
- ignore: ['**/node_modules/**', '**/bower_components/**']
7301
- }
7302
- )
7316
+ if (isWorkspace) {
7303
7317
  // Chunk package names to process them in parallel 3 at a time.
7304
7318
  await promises.pEach(
7305
- workspacePkgJsonPaths,
7319
+ state.workspacePkgJsonPaths,
7306
7320
  3,
7307
7321
  async workspacePkgJsonPath => {
7308
7322
  const otherState = await addOverrides(
7309
- path$1.dirname(workspacePkgJsonPath),
7310
7323
  pkgEnvDetails,
7324
+ path$1.dirname(workspacePkgJsonPath),
7311
7325
  {
7312
7326
  logger,
7313
7327
  pin,
7314
7328
  prod,
7315
- spinner
7329
+ spinner,
7330
+ state
7316
7331
  }
7317
7332
  )
7318
7333
  for (const key of [
@@ -7329,14 +7344,14 @@ async function addOverrides(pkgPath, pkgEnvDetails, options) {
7329
7344
  )
7330
7345
  }
7331
7346
  if (state.added.size > 0 || state.updated.size > 0) {
7332
- editablePkgJson.update(Object.fromEntries(depEntries))
7347
+ pkgEnvDetails.editablePkgJson.update(Object.fromEntries(depEntries))
7333
7348
  for (const { overrides, type } of overridesDataObjects) {
7334
7349
  updateManifestByAgent.get(type)(
7335
- editablePkgJson,
7350
+ pkgEnvDetails,
7336
7351
  objects.toSortedObject(overrides)
7337
7352
  )
7338
7353
  }
7339
- await editablePkgJson.save()
7354
+ await pkgEnvDetails.editablePkgJson.save()
7340
7355
  }
7341
7356
  return state
7342
7357
  }
@@ -7382,7 +7397,6 @@ async function updateLockfile(pkgEnvDetails, options) {
7382
7397
  }
7383
7398
  }
7384
7399
 
7385
- const CMD_NAME = 'socket optimize'
7386
7400
  function createActionMessage(verb, overrideCount, workspaceCount) {
7387
7401
  return `${verb} ${overrideCount} Socket.dev optimized ${words.pluralize('override', overrideCount)}${workspaceCount ? ` in ${workspaceCount} ${words.pluralize('workspace', workspaceCount)}` : ''}`
7388
7402
  }
@@ -7398,7 +7412,7 @@ async function applyOptimization(cwd, pin, prod) {
7398
7412
  // Lazily access constants.spinner.
7399
7413
  const { spinner } = constants
7400
7414
  spinner.start('Socket optimizing...')
7401
- const state = await addOverrides(pkgEnvDetails.pkgPath, pkgEnvDetails, {
7415
+ const state = await addOverrides(pkgEnvDetails, pkgEnvDetails.pkgPath, {
7402
7416
  logger: logger.logger,
7403
7417
  pin,
7404
7418
  prod,
@@ -7431,8 +7445,8 @@ async function applyOptimization(cwd, pin, prod) {
7431
7445
  }
7432
7446
  }
7433
7447
 
7434
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$l } = constants
7435
- const config$n = {
7448
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$m } = constants
7449
+ const config$o = {
7436
7450
  commandName: 'optimize',
7437
7451
  description: 'Optimize dependencies with @socketregistry overrides',
7438
7452
  hidden: false,
@@ -7462,20 +7476,20 @@ const config$n = {
7462
7476
  `
7463
7477
  }
7464
7478
  const cmdOptimize = {
7465
- description: config$n.description,
7466
- hidden: config$n.hidden,
7467
- run: run$n
7479
+ description: config$o.description,
7480
+ hidden: config$o.hidden,
7481
+ run: run$o
7468
7482
  }
7469
- async function run$n(argv, importMeta, { parentName }) {
7483
+ async function run$o(argv, importMeta, { parentName }) {
7470
7484
  const cli = meowOrExit({
7471
7485
  argv,
7472
- config: config$n,
7486
+ config: config$o,
7473
7487
  importMeta,
7474
7488
  parentName
7475
7489
  })
7476
7490
  const cwd = process.cwd()
7477
7491
  if (cli.flags['dryRun']) {
7478
- logger.logger.log(DRY_RUN_BAIL_TEXT$l)
7492
+ logger.logger.log(DRY_RUN_BAIL_TEXT$m)
7479
7493
  return
7480
7494
  }
7481
7495
  await applyOptimization(
@@ -7576,8 +7590,8 @@ async function handleOrganizationList(outputKind = 'text') {
7576
7590
  await outputOrganizationList(data, outputKind)
7577
7591
  }
7578
7592
 
7579
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$k } = constants
7580
- const config$m = {
7593
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$l } = constants
7594
+ const config$n = {
7581
7595
  commandName: 'list',
7582
7596
  description: 'List organizations associated with the API key used',
7583
7597
  hidden: false,
@@ -7594,18 +7608,18 @@ const config$m = {
7594
7608
  - Permissions: none (does need a token)
7595
7609
 
7596
7610
  Options
7597
- ${getFlagListOutput(config$m.flags, 6)}
7611
+ ${getFlagListOutput(config$n.flags, 6)}
7598
7612
  `
7599
7613
  }
7600
7614
  const cmdOrganizationList = {
7601
- description: config$m.description,
7602
- hidden: config$m.hidden,
7603
- run: run$m
7615
+ description: config$n.description,
7616
+ hidden: config$n.hidden,
7617
+ run: run$n
7604
7618
  }
7605
- async function run$m(argv, importMeta, { parentName }) {
7619
+ async function run$n(argv, importMeta, { parentName }) {
7606
7620
  const cli = meowOrExit({
7607
7621
  argv,
7608
- config: config$m,
7622
+ config: config$n,
7609
7623
  importMeta,
7610
7624
  parentName
7611
7625
  })
@@ -7633,7 +7647,7 @@ async function run$m(argv, importMeta, { parentName }) {
7633
7647
  return
7634
7648
  }
7635
7649
  if (cli.flags['dryRun']) {
7636
- logger.logger.log(DRY_RUN_BAIL_TEXT$k)
7650
+ logger.logger.log(DRY_RUN_BAIL_TEXT$l)
7637
7651
  return
7638
7652
  }
7639
7653
  await handleOrganizationList(json ? 'json' : markdown ? 'markdown' : 'text')
@@ -7677,8 +7691,7 @@ async function outputLicensePolicy(data, outputKind) {
7677
7691
  logger.logger.log('This is the license policy for your organization:')
7678
7692
  logger.logger.log('')
7679
7693
  const rules = data.license_policy
7680
- // @ts-ignore -- not sure what it's complaining about
7681
- const entries = Object.entries(rules)
7694
+ const entries = rules ? Object.entries(rules) : []
7682
7695
  const mapped = entries.map(([key, value]) => [
7683
7696
  key,
7684
7697
  value.allowed ? ' yes' : ' no'
@@ -7696,10 +7709,10 @@ async function handleLicensePolicy(orgSlug, outputKind) {
7696
7709
  await outputLicensePolicy(data, outputKind)
7697
7710
  }
7698
7711
 
7699
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$j } = constants
7712
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$k } = constants
7700
7713
 
7701
7714
  // TODO: secret toplevel alias `socket license policy`?
7702
- const config$l = {
7715
+ const config$m = {
7703
7716
  commandName: 'license',
7704
7717
  description: 'Retrieve the license policy of an organization',
7705
7718
  hidden: true,
@@ -7716,7 +7729,7 @@ const config$l = {
7716
7729
  - Permissions: license-policy:read
7717
7730
 
7718
7731
  Options
7719
- ${getFlagListOutput(config$l.flags, 6)}
7732
+ ${getFlagListOutput(config$m.flags, 6)}
7720
7733
 
7721
7734
  Your API token will need the \`license-policy:read\` permission otherwise
7722
7735
  the request will fail with an authentication error.
@@ -7727,14 +7740,14 @@ const config$l = {
7727
7740
  `
7728
7741
  }
7729
7742
  const cmdOrganizationPolicyLicense = {
7730
- description: config$l.description,
7731
- hidden: config$l.hidden,
7732
- run: run$l
7743
+ description: config$m.description,
7744
+ hidden: config$m.hidden,
7745
+ run: run$m
7733
7746
  }
7734
- async function run$l(argv, importMeta, { parentName }) {
7747
+ async function run$m(argv, importMeta, { parentName }) {
7735
7748
  const cli = meowOrExit({
7736
7749
  argv,
7737
- config: config$l,
7750
+ config: config$m,
7738
7751
  importMeta,
7739
7752
  parentName
7740
7753
  })
@@ -7771,7 +7784,7 @@ async function run$l(argv, importMeta, { parentName }) {
7771
7784
  return
7772
7785
  }
7773
7786
  if (cli.flags['dryRun']) {
7774
- logger.logger.log(DRY_RUN_BAIL_TEXT$j)
7787
+ logger.logger.log(DRY_RUN_BAIL_TEXT$k)
7775
7788
  return
7776
7789
  }
7777
7790
  await handleLicensePolicy(
@@ -7823,7 +7836,7 @@ async function outputSecurityPolicy(data, outputKind) {
7823
7836
  )
7824
7837
  logger.logger.log('')
7825
7838
  const rules = data.securityPolicyRules
7826
- const entries = Object.entries(rules)
7839
+ const entries = rules ? Object.entries(rules) : []
7827
7840
  const mapped = entries.map(([key, value]) => [key, value.action])
7828
7841
  mapped.sort(([a], [b]) => (a < b ? -1 : a > b ? 1 : 0))
7829
7842
  logger.logger.log(mdTableOfPairs(mapped, ['name', 'action']))
@@ -7838,10 +7851,10 @@ async function handleSecurityPolicy(orgSlug, outputKind) {
7838
7851
  await outputSecurityPolicy(data, outputKind)
7839
7852
  }
7840
7853
 
7841
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$i } = constants
7854
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$j } = constants
7842
7855
 
7843
7856
  // TODO: secret toplevel alias `socket security policy`?
7844
- const config$k = {
7857
+ const config$l = {
7845
7858
  commandName: 'security',
7846
7859
  description: 'Retrieve the security policy of an organization',
7847
7860
  hidden: true,
@@ -7858,7 +7871,7 @@ const config$k = {
7858
7871
  - Permissions: security-policy:read
7859
7872
 
7860
7873
  Options
7861
- ${getFlagListOutput(config$k.flags, 6)}
7874
+ ${getFlagListOutput(config$l.flags, 6)}
7862
7875
 
7863
7876
  Your API token will need the \`security-policy:read\` permission otherwise
7864
7877
  the request will fail with an authentication error.
@@ -7869,14 +7882,14 @@ const config$k = {
7869
7882
  `
7870
7883
  }
7871
7884
  const cmdOrganizationPolicyPolicy = {
7872
- description: config$k.description,
7873
- hidden: config$k.hidden,
7874
- run: run$k
7885
+ description: config$l.description,
7886
+ hidden: config$l.hidden,
7887
+ run: run$l
7875
7888
  }
7876
- async function run$k(argv, importMeta, { parentName }) {
7889
+ async function run$l(argv, importMeta, { parentName }) {
7877
7890
  const cli = meowOrExit({
7878
7891
  argv,
7879
- config: config$k,
7892
+ config: config$l,
7880
7893
  importMeta,
7881
7894
  parentName
7882
7895
  })
@@ -7913,7 +7926,7 @@ async function run$k(argv, importMeta, { parentName }) {
7913
7926
  return
7914
7927
  }
7915
7928
  if (cli.flags['dryRun']) {
7916
- logger.logger.log(DRY_RUN_BAIL_TEXT$i)
7929
+ logger.logger.log(DRY_RUN_BAIL_TEXT$j)
7917
7930
  return
7918
7931
  }
7919
7932
  await handleSecurityPolicy(
@@ -7999,8 +8012,8 @@ async function handleQuota(outputKind = 'text') {
7999
8012
  await outputQuota(data, outputKind)
8000
8013
  }
8001
8014
 
8002
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$h } = constants
8003
- const config$j = {
8015
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$i } = constants
8016
+ const config$k = {
8004
8017
  commandName: 'quota',
8005
8018
  description: 'List organizations associated with the API key used',
8006
8019
  hidden: true,
@@ -8013,18 +8026,18 @@ const config$j = {
8013
8026
  $ ${command}
8014
8027
 
8015
8028
  Options
8016
- ${getFlagListOutput(config$j.flags, 6)}
8029
+ ${getFlagListOutput(config$k.flags, 6)}
8017
8030
  `
8018
8031
  }
8019
8032
  const cmdOrganizationQuota = {
8020
- description: config$j.description,
8021
- hidden: config$j.hidden,
8022
- run: run$j
8033
+ description: config$k.description,
8034
+ hidden: config$k.hidden,
8035
+ run: run$k
8023
8036
  }
8024
- async function run$j(argv, importMeta, { parentName }) {
8037
+ async function run$k(argv, importMeta, { parentName }) {
8025
8038
  const cli = meowOrExit({
8026
8039
  argv,
8027
- config: config$j,
8040
+ config: config$k,
8028
8041
  importMeta,
8029
8042
  parentName
8030
8043
  })
@@ -8052,7 +8065,7 @@ async function run$j(argv, importMeta, { parentName }) {
8052
8065
  return
8053
8066
  }
8054
8067
  if (cli.flags['dryRun']) {
8055
- logger.logger.log(DRY_RUN_BAIL_TEXT$h)
8068
+ logger.logger.log(DRY_RUN_BAIL_TEXT$i)
8056
8069
  return
8057
8070
  }
8058
8071
  await handleQuota(json ? 'json' : markdown ? 'markdown' : 'text')
@@ -8393,8 +8406,8 @@ function parsePackageSpecifiers(ecosystem, pkgs) {
8393
8406
  }
8394
8407
  }
8395
8408
 
8396
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$g } = constants
8397
- const config$i = {
8409
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$h } = constants
8410
+ const config$j = {
8398
8411
  commandName: 'score',
8399
8412
  description:
8400
8413
  '[beta] Look up score for one package which reflects all of its transitive dependencies as well',
@@ -8437,14 +8450,14 @@ const config$i = {
8437
8450
  `
8438
8451
  }
8439
8452
  const cmdPackageScore = {
8440
- description: config$i.description,
8441
- hidden: config$i.hidden,
8442
- run: run$i
8453
+ description: config$j.description,
8454
+ hidden: config$j.hidden,
8455
+ run: run$j
8443
8456
  }
8444
- async function run$i(argv, importMeta, { parentName }) {
8457
+ async function run$j(argv, importMeta, { parentName }) {
8445
8458
  const cli = meowOrExit({
8446
8459
  argv,
8447
- config: config$i,
8460
+ config: config$j,
8448
8461
  importMeta,
8449
8462
  parentName
8450
8463
  })
@@ -8485,7 +8498,7 @@ async function run$i(argv, importMeta, { parentName }) {
8485
8498
  return
8486
8499
  }
8487
8500
  if (cli.flags['dryRun']) {
8488
- logger.logger.log(DRY_RUN_BAIL_TEXT$g)
8501
+ logger.logger.log(DRY_RUN_BAIL_TEXT$h)
8489
8502
  return
8490
8503
  }
8491
8504
  await handlePurlDeepScore(
@@ -8550,7 +8563,7 @@ function outputPurlsShallowScore(purls, packageData, outputKind) {
8550
8563
  return true // not found
8551
8564
  })
8552
8565
  if (outputKind === 'markdown') {
8553
- logger.logger.log(vendor.stripIndents`
8566
+ logger.logger.log(vendor.html`
8554
8567
  # Shallow Package Report
8555
8568
 
8556
8569
  This report contains the response for requesting data on some package url(s).
@@ -8691,8 +8704,8 @@ async function handlePurlsShallowScore({ outputKind, purls }) {
8691
8704
  outputPurlsShallowScore(purls, packageData.data, outputKind)
8692
8705
  }
8693
8706
 
8694
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$f } = constants
8695
- const config$h = {
8707
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$g } = constants
8708
+ const config$i = {
8696
8709
  commandName: 'shallow',
8697
8710
  description:
8698
8711
  '[beta] Look up info regarding one or more packages but not their transitives',
@@ -8735,21 +8748,21 @@ const config$h = {
8735
8748
  `
8736
8749
  }
8737
8750
  const cmdPackageShallow = {
8738
- description: config$h.description,
8739
- hidden: config$h.hidden,
8751
+ description: config$i.description,
8752
+ hidden: config$i.hidden,
8740
8753
  alias: {
8741
8754
  shallowScore: {
8742
- description: config$h.description,
8755
+ description: config$i.description,
8743
8756
  hidden: true,
8744
8757
  argv: []
8745
8758
  }
8746
8759
  },
8747
- run: run$h
8760
+ run: run$i
8748
8761
  }
8749
- async function run$h(argv, importMeta, { parentName }) {
8762
+ async function run$i(argv, importMeta, { parentName }) {
8750
8763
  const cli = meowOrExit({
8751
8764
  argv,
8752
- config: config$h,
8765
+ config: config$i,
8753
8766
  importMeta,
8754
8767
  parentName
8755
8768
  })
@@ -8782,7 +8795,7 @@ async function run$h(argv, importMeta, { parentName }) {
8782
8795
  return
8783
8796
  }
8784
8797
  if (cli.flags['dryRun']) {
8785
- logger.logger.log(DRY_RUN_BAIL_TEXT$f)
8798
+ logger.logger.log(DRY_RUN_BAIL_TEXT$g)
8786
8799
  return
8787
8800
  }
8788
8801
  await handlePurlsShallowScore({
@@ -8834,8 +8847,8 @@ async function runRawNpm(argv) {
8834
8847
  await spawnPromise
8835
8848
  }
8836
8849
 
8837
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$e, NPM } = constants
8838
- const config$g = {
8850
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$f, NPM } = constants
8851
+ const config$h = {
8839
8852
  commandName: 'raw-npm',
8840
8853
  description: `Temporarily disable the Socket ${NPM} wrapper`,
8841
8854
  hidden: false,
@@ -8849,20 +8862,20 @@ const config$g = {
8849
8862
  `
8850
8863
  }
8851
8864
  const cmdRawNpm = {
8852
- description: config$g.description,
8853
- hidden: config$g.hidden,
8854
- run: run$g
8865
+ description: config$h.description,
8866
+ hidden: config$h.hidden,
8867
+ run: run$h
8855
8868
  }
8856
- async function run$g(argv, importMeta, { parentName }) {
8869
+ async function run$h(argv, importMeta, { parentName }) {
8857
8870
  const cli = meowOrExit({
8858
8871
  allowUnknownFlags: true,
8859
8872
  argv,
8860
- config: config$g,
8873
+ config: config$h,
8861
8874
  importMeta,
8862
8875
  parentName
8863
8876
  })
8864
8877
  if (cli.flags['dryRun']) {
8865
- logger.logger.log(DRY_RUN_BAIL_TEXT$e)
8878
+ logger.logger.log(DRY_RUN_BAIL_TEXT$f)
8866
8879
  return
8867
8880
  }
8868
8881
  await runRawNpm(argv)
@@ -8884,8 +8897,8 @@ async function runRawNpx(argv) {
8884
8897
  await spawnPromise
8885
8898
  }
8886
8899
 
8887
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$d, NPX } = constants
8888
- const config$f = {
8900
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$e, NPX } = constants
8901
+ const config$g = {
8889
8902
  commandName: 'raw-npx',
8890
8903
  description: `Temporarily disable the Socket ${NPX} wrapper`,
8891
8904
  hidden: false,
@@ -8899,26 +8912,26 @@ const config$f = {
8899
8912
  `
8900
8913
  }
8901
8914
  const cmdRawNpx = {
8902
- description: config$f.description,
8903
- hidden: config$f.hidden,
8904
- run: run$f
8915
+ description: config$g.description,
8916
+ hidden: config$g.hidden,
8917
+ run: run$g
8905
8918
  }
8906
- async function run$f(argv, importMeta, { parentName }) {
8919
+ async function run$g(argv, importMeta, { parentName }) {
8907
8920
  const cli = meowOrExit({
8908
8921
  allowUnknownFlags: true,
8909
8922
  argv,
8910
- config: config$f,
8923
+ config: config$g,
8911
8924
  importMeta,
8912
8925
  parentName
8913
8926
  })
8914
8927
  if (cli.flags['dryRun']) {
8915
- logger.logger.log(DRY_RUN_BAIL_TEXT$d)
8928
+ logger.logger.log(DRY_RUN_BAIL_TEXT$e)
8916
8929
  return
8917
8930
  }
8918
8931
  await runRawNpx(argv)
8919
8932
  }
8920
8933
 
8921
- const config$e = {
8934
+ const config$f = {
8922
8935
  commandName: 'create',
8923
8936
  description: '[Deprecated] Create a project report',
8924
8937
  hidden: false,
@@ -8932,14 +8945,14 @@ const config$e = {
8932
8945
  `
8933
8946
  }
8934
8947
  const cmdReportCreate = {
8935
- description: config$e.description,
8936
- hidden: config$e.hidden,
8937
- run: run$e
8948
+ description: config$f.description,
8949
+ hidden: config$f.hidden,
8950
+ run: run$f
8938
8951
  }
8939
- async function run$e(argv, importMeta, { parentName }) {
8952
+ async function run$f(argv, importMeta, { parentName }) {
8940
8953
  meowOrExit({
8941
8954
  argv,
8942
- config: config$e,
8955
+ config: config$f,
8943
8956
  importMeta,
8944
8957
  parentName
8945
8958
  })
@@ -8949,7 +8962,7 @@ async function run$e(argv, importMeta, { parentName }) {
8949
8962
  process.exitCode = 1
8950
8963
  }
8951
8964
 
8952
- const config$d = {
8965
+ const config$e = {
8953
8966
  commandName: 'view',
8954
8967
  description: '[Deprecated] View a project report',
8955
8968
  hidden: false,
@@ -8963,14 +8976,14 @@ const config$d = {
8963
8976
  `
8964
8977
  }
8965
8978
  const cmdReportView = {
8966
- description: config$d.description,
8967
- hidden: config$d.hidden,
8968
- run: run$d
8979
+ description: config$e.description,
8980
+ hidden: config$e.hidden,
8981
+ run: run$e
8969
8982
  }
8970
- async function run$d(argv, importMeta, { parentName }) {
8983
+ async function run$e(argv, importMeta, { parentName }) {
8971
8984
  meowOrExit({
8972
8985
  argv,
8973
- config: config$d,
8986
+ config: config$e,
8974
8987
  importMeta,
8975
8988
  parentName
8976
8989
  })
@@ -9057,8 +9070,8 @@ async function handleCreateRepo({
9057
9070
  await outputCreateRepo()
9058
9071
  }
9059
9072
 
9060
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$c } = constants
9061
- const config$c = {
9073
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$d } = constants
9074
+ const config$d = {
9062
9075
  commandName: 'create',
9063
9076
  description: 'Create a repository in an organization',
9064
9077
  hidden: false,
@@ -9111,14 +9124,14 @@ const config$c = {
9111
9124
  `
9112
9125
  }
9113
9126
  const cmdReposCreate = {
9114
- description: config$c.description,
9115
- hidden: config$c.hidden,
9116
- run: run$c
9127
+ description: config$d.description,
9128
+ hidden: config$d.hidden,
9129
+ run: run$d
9117
9130
  }
9118
- async function run$c(argv, importMeta, { parentName }) {
9131
+ async function run$d(argv, importMeta, { parentName }) {
9119
9132
  const cli = meowOrExit({
9120
9133
  argv,
9121
- config: config$c,
9134
+ config: config$d,
9122
9135
  importMeta,
9123
9136
  parentName
9124
9137
  })
@@ -9153,7 +9166,7 @@ async function run$c(argv, importMeta, { parentName }) {
9153
9166
  return
9154
9167
  }
9155
9168
  if (cli.flags['dryRun']) {
9156
- logger.logger.log(DRY_RUN_BAIL_TEXT$c)
9169
+ logger.logger.log(DRY_RUN_BAIL_TEXT$d)
9157
9170
  return
9158
9171
  }
9159
9172
  await handleCreateRepo({
@@ -9182,8 +9195,8 @@ async function handleDeleteRepo(orgSlug, repoName) {
9182
9195
  spinner.successAndStop('Repository deleted successfully')
9183
9196
  }
9184
9197
 
9185
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$b } = constants
9186
- const config$b = {
9198
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$c } = constants
9199
+ const config$c = {
9187
9200
  commandName: 'del',
9188
9201
  description: 'Delete a repository in an organization',
9189
9202
  hidden: false,
@@ -9206,14 +9219,14 @@ const config$b = {
9206
9219
  `
9207
9220
  }
9208
9221
  const cmdReposDel = {
9209
- description: config$b.description,
9210
- hidden: config$b.hidden,
9211
- run: run$b
9222
+ description: config$c.description,
9223
+ hidden: config$c.hidden,
9224
+ run: run$c
9212
9225
  }
9213
- async function run$b(argv, importMeta, { parentName }) {
9226
+ async function run$c(argv, importMeta, { parentName }) {
9214
9227
  const cli = meowOrExit({
9215
9228
  argv,
9216
- config: config$b,
9229
+ config: config$c,
9217
9230
  importMeta,
9218
9231
  parentName
9219
9232
  })
@@ -9248,7 +9261,7 @@ async function run$b(argv, importMeta, { parentName }) {
9248
9261
  return
9249
9262
  }
9250
9263
  if (cli.flags['dryRun']) {
9251
- logger.logger.log(DRY_RUN_BAIL_TEXT$b)
9264
+ logger.logger.log(DRY_RUN_BAIL_TEXT$c)
9252
9265
  return
9253
9266
  }
9254
9267
  await handleDeleteRepo(orgSlug, repoName)
@@ -9337,8 +9350,8 @@ async function handleListRepos({
9337
9350
  await outputListRepos(data, outputKind)
9338
9351
  }
9339
9352
 
9340
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$a } = constants
9341
- const config$a = {
9353
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$b } = constants
9354
+ const config$b = {
9342
9355
  commandName: 'list',
9343
9356
  description: 'List repositories in an organization',
9344
9357
  hidden: false,
@@ -9385,14 +9398,14 @@ const config$a = {
9385
9398
  `
9386
9399
  }
9387
9400
  const cmdReposList = {
9388
- description: config$a.description,
9389
- hidden: config$a.hidden,
9390
- run: run$a
9401
+ description: config$b.description,
9402
+ hidden: config$b.hidden,
9403
+ run: run$b
9391
9404
  }
9392
- async function run$a(argv, importMeta, { parentName }) {
9405
+ async function run$b(argv, importMeta, { parentName }) {
9393
9406
  const cli = meowOrExit({
9394
9407
  argv,
9395
- config: config$a,
9408
+ config: config$b,
9396
9409
  importMeta,
9397
9410
  parentName
9398
9411
  })
@@ -9429,7 +9442,7 @@ async function run$a(argv, importMeta, { parentName }) {
9429
9442
  return
9430
9443
  }
9431
9444
  if (cli.flags['dryRun']) {
9432
- logger.logger.log(DRY_RUN_BAIL_TEXT$a)
9445
+ logger.logger.log(DRY_RUN_BAIL_TEXT$b)
9433
9446
  return
9434
9447
  }
9435
9448
  await handleListRepos({
@@ -9499,8 +9512,8 @@ async function handleUpdateRepo({
9499
9512
  await outputUpdateRepo()
9500
9513
  }
9501
9514
 
9502
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$9 } = constants
9503
- const config$9 = {
9515
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$a } = constants
9516
+ const config$a = {
9504
9517
  commandName: 'update',
9505
9518
  description: 'Update a repository in an organization',
9506
9519
  hidden: false,
@@ -9553,14 +9566,14 @@ const config$9 = {
9553
9566
  `
9554
9567
  }
9555
9568
  const cmdReposUpdate = {
9556
- description: config$9.description,
9557
- hidden: config$9.hidden,
9558
- run: run$9
9569
+ description: config$a.description,
9570
+ hidden: config$a.hidden,
9571
+ run: run$a
9559
9572
  }
9560
- async function run$9(argv, importMeta, { parentName }) {
9573
+ async function run$a(argv, importMeta, { parentName }) {
9561
9574
  const cli = meowOrExit({
9562
9575
  argv,
9563
- config: config$9,
9576
+ config: config$a,
9564
9577
  importMeta,
9565
9578
  parentName
9566
9579
  })
@@ -9595,7 +9608,7 @@ async function run$9(argv, importMeta, { parentName }) {
9595
9608
  return
9596
9609
  }
9597
9610
  if (cli.flags['dryRun']) {
9598
- logger.logger.log(DRY_RUN_BAIL_TEXT$9)
9611
+ logger.logger.log(DRY_RUN_BAIL_TEXT$a)
9599
9612
  return
9600
9613
  }
9601
9614
  await handleUpdateRepo({
@@ -9697,8 +9710,8 @@ async function handleViewRepo(orgSlug, repoName, outputKind) {
9697
9710
  await outputViewRepo(data, outputKind)
9698
9711
  }
9699
9712
 
9700
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$8 } = constants
9701
- const config$8 = {
9713
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$9 } = constants
9714
+ const config$9 = {
9702
9715
  commandName: 'view',
9703
9716
  description: 'View repositories in an organization',
9704
9717
  hidden: false,
@@ -9727,14 +9740,14 @@ const config$8 = {
9727
9740
  `
9728
9741
  }
9729
9742
  const cmdReposView = {
9730
- description: config$8.description,
9731
- hidden: config$8.hidden,
9732
- run: run$8
9743
+ description: config$9.description,
9744
+ hidden: config$9.hidden,
9745
+ run: run$9
9733
9746
  }
9734
- async function run$8(argv, importMeta, { parentName }) {
9747
+ async function run$9(argv, importMeta, { parentName }) {
9735
9748
  const cli = meowOrExit({
9736
9749
  argv,
9737
- config: config$8,
9750
+ config: config$9,
9738
9751
  importMeta,
9739
9752
  parentName
9740
9753
  })
@@ -9777,7 +9790,7 @@ async function run$8(argv, importMeta, { parentName }) {
9777
9790
  return
9778
9791
  }
9779
9792
  if (cli.flags['dryRun']) {
9780
- logger.logger.log(DRY_RUN_BAIL_TEXT$8)
9793
+ logger.logger.log(DRY_RUN_BAIL_TEXT$9)
9781
9794
  return
9782
9795
  }
9783
9796
  await handleViewRepo(
@@ -9872,8 +9885,8 @@ async function suggestTarget() {
9872
9885
  }
9873
9886
  }
9874
9887
 
9875
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$7 } = constants
9876
- const config$7 = {
9888
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$8 } = constants
9889
+ const config$8 = {
9877
9890
  commandName: 'create',
9878
9891
  description: 'Create a scan',
9879
9892
  hidden: false,
@@ -9979,6 +9992,9 @@ const config$7 = {
9979
9992
  When a FILE is given only that FILE is targeted. Otherwise any eligible
9980
9993
  files in the given DIR will be considered.
9981
9994
 
9995
+ The --repo and --branch flags tell Socket to associate this Scan with that
9996
+ repo/branch. The names will show up on your dashboard on the Socket website.
9997
+
9982
9998
  Note: for a first run you probably want to set --defaultBranch to indicate
9983
9999
  the default branch name, like "main" or "master".
9984
10000
 
@@ -9993,14 +10009,14 @@ const config$7 = {
9993
10009
  `
9994
10010
  }
9995
10011
  const cmdScanCreate = {
9996
- description: config$7.description,
9997
- hidden: config$7.hidden,
9998
- run: run$7
10012
+ description: config$8.description,
10013
+ hidden: config$8.hidden,
10014
+ run: run$8
9999
10015
  }
10000
- async function run$7(argv, importMeta, { parentName }) {
10016
+ async function run$8(argv, importMeta, { parentName }) {
10001
10017
  const cli = meowOrExit({
10002
10018
  argv,
10003
- config: config$7,
10019
+ config: config$8,
10004
10020
  importMeta,
10005
10021
  parentName
10006
10022
  })
@@ -10052,154 +10068,484 @@ async function run$7(argv, importMeta, { parentName }) {
10052
10068
  if (suggestion) {
10053
10069
  orgSlug = suggestion
10054
10070
  }
10055
- updatedInput = true
10071
+ updatedInput = true
10072
+ }
10073
+ }
10074
+ if (updatedInput && orgSlug && targets?.length) {
10075
+ logger.logger.error(
10076
+ 'Note: You can invoke this command next time to skip the interactive questions:'
10077
+ )
10078
+ logger.logger.error('```')
10079
+ logger.logger.error(
10080
+ ` socket scan create [other flags...] ${defaultOrgSlug ? '' : orgSlug} ${targets.join(' ')}`
10081
+ )
10082
+ logger.logger.error('```\n')
10083
+ }
10084
+ const wasBadInput = handleBadInput(
10085
+ {
10086
+ nook: !!defaultOrgSlug,
10087
+ test: !!orgSlug && orgSlug !== '.',
10088
+ message: 'Org name as the first argument',
10089
+ pass: 'ok',
10090
+ fail:
10091
+ orgSlug === '.'
10092
+ ? 'dot is an invalid org, most likely you forgot the org name here?'
10093
+ : 'missing'
10094
+ },
10095
+ {
10096
+ test: !!targets.length,
10097
+ message: 'At least one TARGET (e.g. `.` or `./package.json`)',
10098
+ pass: 'ok',
10099
+ fail: 'missing (or perhaps you forgot the org slug?)'
10100
+ },
10101
+ {
10102
+ nook: true,
10103
+ test: !json || !markdown,
10104
+ message: 'The json and markdown flags cannot be both set, pick one',
10105
+ pass: 'ok',
10106
+ fail: 'omit one'
10107
+ },
10108
+ {
10109
+ nook: true,
10110
+ test: !!apiToken,
10111
+ message: 'This command requires an API token for access',
10112
+ pass: 'ok',
10113
+ fail: 'missing (try `socket login`)'
10114
+ },
10115
+ {
10116
+ nook: true,
10117
+ test: !pendingHead || !tmp,
10118
+ message: 'Can not use --pendingHead and --tmp at the same time',
10119
+ pass: 'ok',
10120
+ fail: 'remove at least one flag'
10121
+ },
10122
+ {
10123
+ nook: true,
10124
+ test: !pendingHead || !!branchName,
10125
+ message: 'When --pendingHead is set, --branch is mandatory',
10126
+ pass: 'ok',
10127
+ fail: 'missing branch name'
10128
+ },
10129
+ {
10130
+ nook: true,
10131
+ test: !defaultBranch || !!branchName,
10132
+ message: 'When --defaultBranch is set, --branch is mandatory',
10133
+ pass: 'ok',
10134
+ fail: 'missing branch name'
10135
+ }
10136
+ )
10137
+ if (wasBadInput) {
10138
+ return
10139
+ }
10140
+
10141
+ // Note exiting earlier to skirt a hidden auth requirement
10142
+ if (dryRun) {
10143
+ logger.logger.log(DRY_RUN_BAIL_TEXT$8)
10144
+ return
10145
+ }
10146
+ await handleCreateNewScan({
10147
+ branchName: branchName,
10148
+ commitHash: (commitHash && String(commitHash)) || '',
10149
+ commitMessage: (commitMessage && String(commitMessage)) || '',
10150
+ committers: (committers && String(committers)) || '',
10151
+ cwd,
10152
+ defaultBranch: Boolean(defaultBranch),
10153
+ orgSlug,
10154
+ outputKind: json ? 'json' : markdown ? 'markdown' : 'text',
10155
+ pendingHead: Boolean(pendingHead),
10156
+ pullRequest: Number(pullRequest),
10157
+ readOnly: Boolean(readOnly),
10158
+ repoName: repoName,
10159
+ report,
10160
+ targets,
10161
+ tmp: Boolean(tmp)
10162
+ })
10163
+ }
10164
+
10165
+ async function fetchDeleteOrgFullScan(orgSlug, scanId) {
10166
+ const sockSdk = await shadowNpmInject.setupSdk()
10167
+
10168
+ // Lazily access constants.spinner.
10169
+ const { spinner } = constants
10170
+ spinner.start('Requesting the scan to be deleted...')
10171
+ const result = await handleApiCall(
10172
+ sockSdk.deleteOrgFullScan(orgSlug, scanId),
10173
+ 'Deleting scan'
10174
+ )
10175
+ spinner.successAndStop('Received response for deleting a scan.')
10176
+ if (!result.success) {
10177
+ handleUnsuccessfulApiResponse('deleteOrgFullScan', result)
10178
+ }
10179
+ return result.data
10180
+ }
10181
+
10182
+ async function outputDeleteScan(_data) {
10183
+ logger.logger.success('Scan deleted successfully')
10184
+ }
10185
+
10186
+ async function handleDeleteScan(orgSlug, scanId) {
10187
+ const data = await fetchDeleteOrgFullScan(orgSlug, scanId)
10188
+ if (!data) {
10189
+ return
10190
+ }
10191
+ await outputDeleteScan()
10192
+ }
10193
+
10194
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$7 } = constants
10195
+ const config$7 = {
10196
+ commandName: 'del',
10197
+ description: 'Delete a scan',
10198
+ hidden: false,
10199
+ flags: {
10200
+ ...commonFlags,
10201
+ ...outputFlags
10202
+ },
10203
+ help: (command, config) => `
10204
+ Usage
10205
+ $ ${command} <org slug> <scan ID>
10206
+
10207
+ API Token Requirements
10208
+ - Quota: 1 unit
10209
+ - Permissions: full-scans:delete
10210
+
10211
+ Options
10212
+ ${getFlagListOutput(config.flags, 6)}
10213
+
10214
+ Examples
10215
+ $ ${command} FakeOrg 000aaaa1-0000-0a0a-00a0-00a0000000a0
10216
+ `
10217
+ }
10218
+ const cmdScanDel = {
10219
+ description: config$7.description,
10220
+ hidden: config$7.hidden,
10221
+ run: run$7
10222
+ }
10223
+ async function run$7(argv, importMeta, { parentName }) {
10224
+ const cli = meowOrExit({
10225
+ argv,
10226
+ config: config$7,
10227
+ importMeta,
10228
+ parentName
10229
+ })
10230
+ const defaultOrgSlug = shadowNpmInject.getConfigValue('defaultOrg')
10231
+ const orgSlug = defaultOrgSlug || cli.input[0] || ''
10232
+ const scanId = (defaultOrgSlug ? cli.input[0] : cli.input[1]) || ''
10233
+ const apiToken = shadowNpmInject.getDefaultToken()
10234
+ const wasBadInput = handleBadInput(
10235
+ {
10236
+ nook: !!defaultOrgSlug,
10237
+ test: !!orgSlug && orgSlug !== '.',
10238
+ message: 'Org name as the first argument',
10239
+ pass: 'ok',
10240
+ fail:
10241
+ orgSlug === '.'
10242
+ ? 'dot is an invalid org, most likely you forgot the org name here?'
10243
+ : 'missing'
10244
+ },
10245
+ {
10246
+ test: !!scanId,
10247
+ message: 'Scan ID to delete',
10248
+ pass: 'ok',
10249
+ fail: 'missing'
10250
+ },
10251
+ {
10252
+ nook: true,
10253
+ test: !!apiToken,
10254
+ message:
10255
+ 'You need to be logged in to use this command. See `socket login`.',
10256
+ pass: 'ok',
10257
+ fail: 'missing API token'
10258
+ }
10259
+ )
10260
+ if (wasBadInput) {
10261
+ return
10262
+ }
10263
+ if (cli.flags['dryRun']) {
10264
+ logger.logger.log(DRY_RUN_BAIL_TEXT$7)
10265
+ return
10266
+ }
10267
+ await handleDeleteScan(orgSlug, scanId)
10268
+ }
10269
+
10270
+ async function fetchDiffScan({ id1, id2, orgSlug }) {
10271
+ const apiToken = shadowNpmInject.getDefaultToken()
10272
+
10273
+ // Lazily access constants.spinner.
10274
+ const { spinner } = constants
10275
+ logger.logger.error('Scan ID 1:', id1)
10276
+ logger.logger.error('Scan ID 2:', id2)
10277
+ spinner.start('Fetching scan diff... (this may take a while)')
10278
+ const response = await queryApi(
10279
+ `orgs/${orgSlug}/full-scans/diff?before=${encodeURIComponent(id1)}&after=${encodeURIComponent(id2)}`,
10280
+ apiToken || ''
10281
+ )
10282
+ spinner.successAndStop('Received scan diff response')
10283
+ if (!response.ok) {
10284
+ const err = await handleApiError(response.status)
10285
+ logger.logger.fail(failMsgWithBadge(response.statusText, err))
10286
+ return
10287
+ }
10288
+ const result = await handleApiCall(
10289
+ await response.json(),
10290
+ 'Deserializing json'
10291
+ )
10292
+ return result
10293
+ }
10294
+
10295
+ const SOCKET_SBOM_URL_PREFIX$1 =
10296
+ 'https://socket.dev/dashboard/org/SocketDev/sbom/'
10297
+ async function outputDiffScan(result, { depth, file, outputKind }) {
10298
+ const dashboardUrl = result.diff_report_url
10299
+ const dashboardMessage = dashboardUrl
10300
+ ? `\n View this diff scan in the Socket dashboard: ${vendor.yoctocolorsCjsExports.cyan(dashboardUrl)}`
10301
+ : ''
10302
+
10303
+ // When forcing json, or dumping to file, serialize to string such that it
10304
+ // won't get truncated. The only way to dump the full raw JSON to stdout is
10305
+ // to use `--json --file -` (the dash is a standard notation for stdout)
10306
+ if (outputKind === 'json' || file) {
10307
+ let json
10308
+ try {
10309
+ json = JSON.stringify(result, null, 2)
10310
+ } catch (e) {
10311
+ process.exitCode = 1
10312
+ // Most likely caused by a circular reference (or OOM)
10313
+ logger.logger.fail('There was a problem converting the data to JSON')
10314
+ logger.logger.error(e)
10315
+ return
10316
+ }
10317
+ if (file && file !== '-') {
10318
+ logger.logger.log(`Writing json to \`${file}\``)
10319
+ fs$1.writeFile(file, JSON.stringify(result, null, 2), err => {
10320
+ if (err) {
10321
+ logger.logger.fail(`Writing to \`${file}\` failed...`)
10322
+ logger.logger.error(err)
10323
+ } else {
10324
+ logger.logger.log(`Data successfully written to \`${file}\``)
10325
+ }
10326
+ logger.logger.error(dashboardMessage)
10327
+ })
10328
+ } else {
10329
+ // TODO: expose different method for writing to stderr when simply dodging stdout
10330
+ logger.logger.error(`\n Diff scan result: \n`)
10331
+ logger.logger.log(json)
10332
+ logger.logger.error(dashboardMessage)
10333
+ }
10334
+ return
10335
+ }
10336
+ if (outputKind === 'markdown') {
10337
+ logger.logger.log('# Scan diff result')
10338
+ logger.logger.log('')
10339
+ logger.logger.log(
10340
+ 'This Socket.dev report shows the changes between two scans:'
10341
+ )
10342
+ logger.logger.log(
10343
+ `- [${result.before.id}](${SOCKET_SBOM_URL_PREFIX$1}${result.before.id})`
10344
+ )
10345
+ logger.logger.log(
10346
+ `- [${result.after.id}](${SOCKET_SBOM_URL_PREFIX$1}${result.after.id})`
10347
+ )
10348
+ logger.logger.log('')
10349
+ logger.logger.log(
10350
+ `You can [view this report in your dashboard](${result.diff_report_url})`
10351
+ )
10352
+ logger.logger.log('')
10353
+ logger.logger.log('## Changes')
10354
+ logger.logger.log('')
10355
+ logger.logger.log(
10356
+ `- directDependenciesChanged: ${result.directDependenciesChanged}`
10357
+ )
10358
+ logger.logger.log(`- Added packages: ${result.artifacts.added.length}`)
10359
+ if (result.artifacts.added.length > 0) {
10360
+ result.artifacts.added.slice(0, 10).forEach(artifact => {
10361
+ logger.logger.log(
10362
+ ` - ${artifact.type} ${artifact.name}@${artifact.version}`
10363
+ )
10364
+ })
10365
+ if (result.artifacts.added.length > 10) {
10366
+ logger.logger.log(
10367
+ ` ... and ${result.artifacts.added.length - 10} more`
10368
+ )
10369
+ }
10370
+ }
10371
+ logger.logger.log(`- Removed packages: ${result.artifacts.removed.length}`)
10372
+ if (result.artifacts.removed.length > 0) {
10373
+ result.artifacts.removed.slice(0, 10).forEach(artifact => {
10374
+ logger.logger.log(
10375
+ ` - ${artifact.type} ${artifact.name}@${artifact.version}`
10376
+ )
10377
+ })
10378
+ if (result.artifacts.removed.length > 10) {
10379
+ logger.logger.log(
10380
+ ` ... and ${result.artifacts.removed.length - 10} more`
10381
+ )
10382
+ }
10383
+ }
10384
+ logger.logger.log(
10385
+ `- Replaced packages: ${result.artifacts.replaced.length}`
10386
+ )
10387
+ if (result.artifacts.replaced.length > 0) {
10388
+ result.artifacts.replaced.slice(0, 10).forEach(artifact => {
10389
+ logger.logger.log(
10390
+ ` - ${artifact.type} ${artifact.name}@${artifact.version}`
10391
+ )
10392
+ })
10393
+ if (result.artifacts.replaced.length > 10) {
10394
+ logger.logger.log(
10395
+ ` ... and ${result.artifacts.replaced.length - 10} more`
10396
+ )
10397
+ }
10398
+ }
10399
+ logger.logger.log(`- Updated packages: ${result.artifacts.updated.length}`)
10400
+ if (result.artifacts.updated.length > 0) {
10401
+ result.artifacts.updated.slice(0, 10).forEach(artifact => {
10402
+ logger.logger.log(
10403
+ ` - ${artifact.type} ${artifact.name}@${artifact.version}`
10404
+ )
10405
+ })
10406
+ if (result.artifacts.updated.length > 10) {
10407
+ logger.logger.log(
10408
+ ` ... and ${result.artifacts.updated.length - 10} more`
10409
+ )
10410
+ }
10411
+ }
10412
+ logger.logger.log(
10413
+ `- Unchanged packages: ${result.artifacts.unchanged.length}`
10414
+ )
10415
+ if (result.artifacts.unchanged.length > 0) {
10416
+ result.artifacts.unchanged.slice(0, 10).forEach(artifact => {
10417
+ logger.logger.log(
10418
+ ` - ${artifact.type} ${artifact.name}@${artifact.version}`
10419
+ )
10420
+ })
10421
+ if (result.artifacts.unchanged.length > 10) {
10422
+ logger.logger.log(
10423
+ ` ... and ${result.artifacts.unchanged.length - 10} more`
10424
+ )
10425
+ }
10056
10426
  }
10057
- }
10058
- if (updatedInput && orgSlug && targets?.length) {
10059
- logger.logger.error(
10060
- 'Note: You can invoke this command next time to skip the interactive questions:'
10427
+ logger.logger.log('')
10428
+ logger.logger.log(`## Scan ${result.before.id}`)
10429
+ logger.logger.log('')
10430
+ logger.logger.log(
10431
+ 'This Scan was considered to be the "base" / "from" / "before" Scan.'
10061
10432
  )
10062
- logger.logger.error('```')
10063
- logger.logger.error(
10064
- ` socket scan create [other flags...] ${defaultOrgSlug ? '' : orgSlug} ${targets.join(' ')}`
10433
+ logger.logger.log('')
10434
+ for (const [key, value] of Object.entries(result.before)) {
10435
+ if (key === 'pull_request' && !value) {
10436
+ continue
10437
+ }
10438
+ if (!['id', 'organization_id', 'repository_id'].includes(key)) {
10439
+ logger.logger.group(
10440
+ `- ${key === 'repository_slug' ? 'repo' : key === 'organization_slug' ? 'org' : key}: ${value}`
10441
+ )
10442
+ logger.logger.groupEnd()
10443
+ }
10444
+ }
10445
+ logger.logger.log('')
10446
+ logger.logger.log(`## Scan ${result.after.id}`)
10447
+ logger.logger.log('')
10448
+ logger.logger.log(
10449
+ 'This Scan was considered to be the "head" / "to" / "after" Scan.'
10065
10450
  )
10066
- logger.logger.error('```\n')
10067
- }
10068
- const wasBadInput = handleBadInput(
10069
- {
10070
- nook: !!defaultOrgSlug,
10071
- test: !!orgSlug && orgSlug !== '.',
10072
- message: 'Org name as the first argument',
10073
- pass: 'ok',
10074
- fail:
10075
- orgSlug === '.'
10076
- ? 'dot is an invalid org, most likely you forgot the org name here?'
10077
- : 'missing'
10078
- },
10079
- {
10080
- test: !!targets.length,
10081
- message: 'At least one TARGET (e.g. `.` or `./package.json`)',
10082
- pass: 'ok',
10083
- fail: 'missing (or perhaps you forgot the org slug?)'
10084
- },
10085
- {
10086
- nook: true,
10087
- test: !json || !markdown,
10088
- message: 'The json and markdown flags cannot be both set, pick one',
10089
- pass: 'ok',
10090
- fail: 'omit one'
10091
- },
10092
- {
10093
- nook: true,
10094
- test: !!apiToken,
10095
- message: 'This command requires an API token for access',
10096
- pass: 'ok',
10097
- fail: 'missing (try `socket login`)'
10098
- },
10099
- {
10100
- nook: true,
10101
- test: !pendingHead || !tmp,
10102
- message: 'Can not use --pendingHead and --tmp at the same time',
10103
- pass: 'ok',
10104
- fail: 'remove at least one flag'
10105
- },
10106
- {
10107
- nook: true,
10108
- test: !pendingHead || !!branchName,
10109
- message: 'When --pendingHead is set, --branch is mandatory',
10110
- pass: 'ok',
10111
- fail: 'missing branch name'
10112
- },
10113
- {
10114
- nook: true,
10115
- test: !defaultBranch || !!branchName,
10116
- message: 'When --defaultBranch is set, --branch is mandatory',
10117
- pass: 'ok',
10118
- fail: 'missing branch name'
10451
+ logger.logger.log('')
10452
+ for (const [key, value] of Object.entries(result.after)) {
10453
+ if (key === 'pull_request' && !value) {
10454
+ continue
10455
+ }
10456
+ if (!['id', 'organization_id', 'repository_id'].includes(key)) {
10457
+ logger.logger.group(
10458
+ `- ${key === 'repository_slug' ? 'repo' : key === 'organization_slug' ? 'org' : key}: ${value}`
10459
+ )
10460
+ logger.logger.groupEnd()
10461
+ }
10119
10462
  }
10120
- )
10121
- if (wasBadInput) {
10122
- return
10123
- }
10124
-
10125
- // Note exiting earlier to skirt a hidden auth requirement
10126
- if (dryRun) {
10127
- logger.logger.log(DRY_RUN_BAIL_TEXT$7)
10463
+ logger.logger.log('')
10128
10464
  return
10129
10465
  }
10130
- await handleCreateNewScan({
10131
- branchName: branchName,
10132
- commitHash: (commitHash && String(commitHash)) || '',
10133
- commitMessage: (commitMessage && String(commitMessage)) || '',
10134
- committers: (committers && String(committers)) || '',
10135
- cwd,
10136
- defaultBranch: Boolean(defaultBranch),
10137
- orgSlug,
10138
- outputKind: json ? 'json' : markdown ? 'markdown' : 'text',
10139
- pendingHead: Boolean(pendingHead),
10140
- pullRequest: Number(pullRequest),
10141
- readOnly: Boolean(readOnly),
10142
- repoName: repoName,
10143
- report,
10144
- targets,
10145
- tmp: Boolean(tmp)
10146
- })
10147
- }
10148
10466
 
10149
- async function fetchDeleteOrgFullScan(orgSlug, scanId) {
10150
- const sockSdk = await shadowNpmInject.setupSdk()
10467
+ // In this case neither the --json nor the --file flag was passed
10468
+ // Dump the JSON to CLI and let NodeJS deal with truncation
10151
10469
 
10152
- // Lazily access constants.spinner.
10153
- const { spinner } = constants
10154
- spinner.start('Requesting the scan to be deleted...')
10155
- const result = await handleApiCall(
10156
- sockSdk.deleteOrgFullScan(orgSlug, scanId),
10157
- 'Deleting scan'
10470
+ logger.logger.log('Diff scan result:')
10471
+ logger.logger.log(
10472
+ require$$0.inspect(result, {
10473
+ showHidden: false,
10474
+ depth: depth > 0 ? depth : null,
10475
+ colors: true,
10476
+ maxArrayLength: null
10477
+ })
10158
10478
  )
10159
- spinner.successAndStop('Received response for deleting a scan.')
10160
- if (!result.success) {
10161
- handleUnsuccessfulApiResponse('deleteOrgFullScan', result)
10162
- }
10163
- return result.data
10164
- }
10165
-
10166
- async function outputDeleteScan(_data) {
10167
- logger.logger.success('Scan deleted successfully')
10479
+ logger.logger.error(
10480
+ `\n 📝 To display the detailed report in the terminal, use the --json flag. For a friendlier report, use the --markdown flag.\n`
10481
+ )
10482
+ logger.logger.log(dashboardMessage)
10168
10483
  }
10169
10484
 
10170
- async function handleDeleteScan(orgSlug, scanId) {
10171
- const data = await fetchDeleteOrgFullScan(orgSlug, scanId)
10485
+ async function handleDiffScan({ depth, file, id1, id2, orgSlug, outputKind }) {
10486
+ const data = await fetchDiffScan({
10487
+ id1,
10488
+ id2,
10489
+ orgSlug
10490
+ })
10172
10491
  if (!data) {
10173
10492
  return
10174
10493
  }
10175
- await outputDeleteScan()
10494
+ await outputDiffScan(data, {
10495
+ depth,
10496
+ file,
10497
+ outputKind
10498
+ })
10176
10499
  }
10177
10500
 
10178
10501
  const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$6 } = constants
10502
+ const SOCKET_SBOM_URL_PREFIX =
10503
+ 'https://socket.dev/dashboard/org/SocketDev/sbom/'
10179
10504
  const config$6 = {
10180
- commandName: 'del',
10181
- description: 'Delete a scan',
10505
+ commandName: 'diff',
10506
+ description: 'See what changed between two Scans',
10182
10507
  hidden: false,
10183
10508
  flags: {
10184
10509
  ...commonFlags,
10185
- ...outputFlags
10510
+ ...outputFlags,
10511
+ depth: {
10512
+ type: 'number',
10513
+ default: 2,
10514
+ description:
10515
+ 'Max depth of JSON to display before truncating, use zero for no limit (without --json/--file)'
10516
+ },
10517
+ file: {
10518
+ type: 'string',
10519
+ shortFlag: 'f',
10520
+ default: '',
10521
+ description:
10522
+ 'Path to a local file where the output should be saved. Use `-` to force stdout.'
10523
+ }
10186
10524
  },
10187
10525
  help: (command, config) => `
10188
10526
  Usage
10189
- $ ${command} <org slug> <scan ID>
10527
+ $ ${command} <org slug> <ID1> <ID2>
10190
10528
 
10191
10529
  API Token Requirements
10192
10530
  - Quota: 1 unit
10193
- - Permissions: full-scans:delete
10531
+ - Permissions: full-scans:list
10532
+
10533
+ This command displays the package changes between two scans. The full output
10534
+ can be pretty large depending on the size of your repo and time range. It is
10535
+ best stored to disk (with --json) to be further analyzed by other tools.
10536
+
10537
+ Note: First Scan ID is assumed to be the older ID. This is only relevant for
10538
+ the added/removed list (similar to diffing two files with git).
10194
10539
 
10195
10540
  Options
10196
10541
  ${getFlagListOutput(config.flags, 6)}
10197
10542
 
10198
10543
  Examples
10199
- $ ${command} FakeOrg 000aaaa1-0000-0a0a-00a0-00a0000000a0
10544
+ $ ${command} FakeCorp aaa0aa0a-aaaa-0000-0a0a-0000000a00a0 aaa1aa1a-aaaa-1111-1a1a-1111111a11a1
10545
+ $ ${command} FakeCorp aaa0aa0a-aaaa-0000-0a0a-0000000a00a0 aaa1aa1a-aaaa-1111-1a1a-1111111a11a1 --json
10200
10546
  `
10201
10547
  }
10202
- const cmdScanDel = {
10548
+ const cmdScanDiff = {
10203
10549
  description: config$6.description,
10204
10550
  hidden: config$6.hidden,
10205
10551
  run: run$6
@@ -10211,27 +10557,46 @@ async function run$6(argv, importMeta, { parentName }) {
10211
10557
  importMeta,
10212
10558
  parentName
10213
10559
  })
10560
+ const { depth, file, json, markdown } = cli.flags
10214
10561
  const defaultOrgSlug = shadowNpmInject.getConfigValue('defaultOrg')
10215
10562
  const orgSlug = defaultOrgSlug || cli.input[0] || ''
10216
- const scanId = (defaultOrgSlug ? cli.input[0] : cli.input[1]) || ''
10563
+ let id1 = cli.input[defaultOrgSlug ? 0 : 1] || ''
10564
+ let id2 = cli.input[defaultOrgSlug ? 1 : 2] || ''
10565
+ if (id1.startsWith(SOCKET_SBOM_URL_PREFIX)) {
10566
+ id1 = id1.slice(SOCKET_SBOM_URL_PREFIX.length)
10567
+ }
10568
+ if (id2.startsWith(SOCKET_SBOM_URL_PREFIX)) {
10569
+ id2 = id2.slice(SOCKET_SBOM_URL_PREFIX.length)
10570
+ }
10217
10571
  const apiToken = shadowNpmInject.getDefaultToken()
10218
10572
  const wasBadInput = handleBadInput(
10219
10573
  {
10220
- nook: !!defaultOrgSlug,
10221
- test: !!orgSlug && orgSlug !== '.',
10222
- message: 'Org name as the first argument',
10574
+ test: !!(id1 && id2),
10575
+ message:
10576
+ 'Specify two Scan IDs.\nA Scan ID looks like `aaa0aa0a-aaaa-0000-0a0a-0000000a00a0`.',
10223
10577
  pass: 'ok',
10224
10578
  fail:
10225
- orgSlug === '.'
10226
- ? 'dot is an invalid org, most likely you forgot the org name here?'
10227
- : 'missing'
10579
+ !id1 && !id2
10580
+ ? 'missing both Scan IDs'
10581
+ : !id2
10582
+ ? 'missing second Scan ID'
10583
+ : 'missing first Scan ID' // Not sure how this can happen but ok.
10228
10584
  },
10229
10585
  {
10230
- test: !!scanId,
10231
- message: 'Scan ID to delete',
10586
+ test: !!orgSlug,
10587
+ nook: true,
10588
+ message: 'Org name as the first argument',
10232
10589
  pass: 'ok',
10233
10590
  fail: 'missing'
10234
10591
  },
10592
+ {
10593
+ nook: true,
10594
+ test: !json || !markdown,
10595
+ message:
10596
+ 'The `--json` and `--markdown` flags can not be used at the same time',
10597
+ pass: 'ok',
10598
+ fail: 'bad'
10599
+ },
10235
10600
  {
10236
10601
  nook: true,
10237
10602
  test: !!apiToken,
@@ -10248,15 +10613,24 @@ async function run$6(argv, importMeta, { parentName }) {
10248
10613
  logger.logger.log(DRY_RUN_BAIL_TEXT$6)
10249
10614
  return
10250
10615
  }
10251
- await handleDeleteScan(orgSlug, scanId)
10616
+ await handleDiffScan({
10617
+ id1: String(id1 || ''),
10618
+ id2: String(id2 || ''),
10619
+ depth: Number(depth),
10620
+ orgSlug,
10621
+ outputKind: json ? 'json' : markdown ? 'markdown' : 'text',
10622
+ file: String(file || '')
10623
+ })
10252
10624
  }
10253
10625
 
10254
10626
  async function fetchListScans({
10627
+ branch,
10255
10628
  direction,
10256
10629
  from_time,
10257
10630
  orgSlug,
10258
10631
  page,
10259
10632
  per_page,
10633
+ repo,
10260
10634
  sort
10261
10635
  }) {
10262
10636
  const sockSdk = await shadowNpmInject.setupSdk()
@@ -10266,6 +10640,16 @@ async function fetchListScans({
10266
10640
  spinner.start('Fetching list of scans...')
10267
10641
  const result = await handleApiCall(
10268
10642
  sockSdk.getOrgFullScanList(orgSlug, {
10643
+ ...(branch
10644
+ ? {
10645
+ branch
10646
+ }
10647
+ : {}),
10648
+ ...(repo
10649
+ ? {
10650
+ repo
10651
+ }
10652
+ : {}),
10269
10653
  sort,
10270
10654
  direction,
10271
10655
  per_page: String(per_page),
@@ -10297,6 +10681,10 @@ async function outputListScans(data, outputKind) {
10297
10681
  field: 'report_url',
10298
10682
  name: vendor.yoctocolorsCjsExports.magenta('Scan URL')
10299
10683
  },
10684
+ {
10685
+ field: 'repo',
10686
+ name: vendor.yoctocolorsCjsExports.magenta('Repo')
10687
+ },
10300
10688
  {
10301
10689
  field: 'branch',
10302
10690
  name: vendor.yoctocolorsCjsExports.magenta('Branch')
@@ -10320,6 +10708,7 @@ async function outputListScans(data, outputKind) {
10320
10708
  day: 'numeric'
10321
10709
  })
10322
10710
  : '',
10711
+ repo: d.repo,
10323
10712
  branch: d.branch
10324
10713
  }
10325
10714
  })
@@ -10327,20 +10716,24 @@ async function outputListScans(data, outputKind) {
10327
10716
  }
10328
10717
 
10329
10718
  async function handleListScans({
10719
+ branch,
10330
10720
  direction,
10331
10721
  from_time,
10332
10722
  orgSlug,
10333
10723
  outputKind,
10334
10724
  page,
10335
10725
  per_page,
10726
+ repo,
10336
10727
  sort
10337
10728
  }) {
10338
10729
  const data = await fetchListScans({
10730
+ branch,
10339
10731
  direction,
10340
10732
  from_time,
10341
10733
  orgSlug,
10342
10734
  page,
10343
10735
  per_page,
10736
+ repo,
10344
10737
  sort
10345
10738
  })
10346
10739
  if (!data) {
@@ -10357,12 +10750,9 @@ const config$5 = {
10357
10750
  flags: {
10358
10751
  ...commonFlags,
10359
10752
  ...outputFlags,
10360
- sort: {
10753
+ branch: {
10361
10754
  type: 'string',
10362
- shortFlag: 's',
10363
- default: 'created_at',
10364
- description:
10365
- 'Sorting option (`name` or `created_at`) - default is `created_at`'
10755
+ description: 'Filter to show only scans with this branch name'
10366
10756
  },
10367
10757
  direction: {
10368
10758
  type: 'string',
@@ -10370,11 +10760,11 @@ const config$5 = {
10370
10760
  default: 'desc',
10371
10761
  description: 'Direction option (`desc` or `asc`) - Default is `desc`'
10372
10762
  },
10373
- perPage: {
10374
- type: 'number',
10375
- shortFlag: 'pp',
10376
- default: 30,
10377
- description: 'Results per page - Default is 30'
10763
+ fromTime: {
10764
+ type: 'string',
10765
+ shortFlag: 'f',
10766
+ default: '',
10767
+ description: 'From time - as a unix timestamp'
10378
10768
  },
10379
10769
  page: {
10380
10770
  type: 'number',
@@ -10382,11 +10772,22 @@ const config$5 = {
10382
10772
  default: 1,
10383
10773
  description: 'Page number - Default is 1'
10384
10774
  },
10385
- fromTime: {
10775
+ perPage: {
10776
+ type: 'number',
10777
+ shortFlag: 'pp',
10778
+ default: 30,
10779
+ description: 'Results per page - Default is 30'
10780
+ },
10781
+ repo: {
10386
10782
  type: 'string',
10387
- shortFlag: 'f',
10388
- default: '',
10389
- description: 'From time - as a unix timestamp'
10783
+ description: 'Filter to show only scans with this repository name'
10784
+ },
10785
+ sort: {
10786
+ type: 'string',
10787
+ shortFlag: 's',
10788
+ default: 'created_at',
10789
+ description:
10790
+ 'Sorting option (`name` or `created_at`) - default is `created_at`'
10390
10791
  },
10391
10792
  untilTime: {
10392
10793
  type: 'string',
@@ -10422,7 +10823,7 @@ async function run$5(argv, importMeta, { parentName }) {
10422
10823
  importMeta,
10423
10824
  parentName
10424
10825
  })
10425
- const { json, markdown } = cli.flags
10826
+ const { branch, json, markdown, repo } = cli.flags
10426
10827
  const defaultOrgSlug = shadowNpmInject.getConfigValue('defaultOrg')
10427
10828
  const orgSlug = defaultOrgSlug || cli.input[0] || ''
10428
10829
  const apiToken = shadowNpmInject.getDefaultToken()
@@ -10461,12 +10862,14 @@ async function run$5(argv, importMeta, { parentName }) {
10461
10862
  return
10462
10863
  }
10463
10864
  await handleListScans({
10865
+ branch: branch ? String(branch) : '',
10464
10866
  direction: String(cli.flags['direction'] || ''),
10465
10867
  from_time: String(cli.flags['fromTime'] || ''),
10466
10868
  orgSlug,
10467
10869
  outputKind: json ? 'json' : markdown ? 'markdown' : 'print',
10468
10870
  page: Number(cli.flags['page'] || 1),
10469
10871
  per_page: Number(cli.flags['perPage'] || 30),
10872
+ repo: repo ? String(repo) : '',
10470
10873
  sort: String(cli.flags['sort'] || '')
10471
10874
  })
10472
10875
  }
@@ -10956,6 +11359,7 @@ const cmdScan = {
10956
11359
  create: cmdScanCreate,
10957
11360
  list: cmdScanList,
10958
11361
  del: cmdScanDel,
11362
+ diff: cmdScanDiff,
10959
11363
  metadata: cmdScanMetadata,
10960
11364
  report: cmdScanReport,
10961
11365
  view: cmdScanView
@@ -11324,7 +11728,7 @@ async function run$1(argv, importMeta, { parentName }) {
11324
11728
  }
11325
11729
 
11326
11730
  function addSocketWrapper(file) {
11327
- return require$$0.appendFile(
11731
+ return fs$1.appendFile(
11328
11732
  file,
11329
11733
  'alias npm="socket npm"\nalias npx="socket npx"\n',
11330
11734
  err => {
@@ -11333,7 +11737,7 @@ function addSocketWrapper(file) {
11333
11737
  }
11334
11738
  // TODO: pretty sure you need to source the file or restart
11335
11739
  // any terminal session before changes are reflected.
11336
- logger.logger.log(vendor.stripIndents`
11740
+ logger.logger.log(vendor.html`
11337
11741
  The alias was added to ${file}. Running 'npm install' will now be wrapped in Socket's "safe npm" 🎉
11338
11742
  If you want to disable it at any time, run \`socket wrapper --disable\`
11339
11743
  `)
@@ -11342,7 +11746,7 @@ If you want to disable it at any time, run \`socket wrapper --disable\`
11342
11746
  }
11343
11747
 
11344
11748
  function checkSocketWrapperSetup(file) {
11345
- const fileContent = require$$0.readFileSync(file, 'utf8')
11749
+ const fileContent = fs$1.readFileSync(file, 'utf8')
11346
11750
  const linesWithSocketAlias = fileContent
11347
11751
  .split('\n')
11348
11752
  .filter(
@@ -11361,11 +11765,10 @@ async function postinstallWrapper() {
11361
11765
  // Lazily access constants.bashRcPath and constants.zshRcPath.
11362
11766
  const { bashRcPath, zshRcPath } = constants
11363
11767
  const socketWrapperEnabled =
11364
- (require$$0.existsSync(bashRcPath) &&
11365
- checkSocketWrapperSetup(bashRcPath)) ||
11366
- (require$$0.existsSync(zshRcPath) && checkSocketWrapperSetup(zshRcPath))
11768
+ (fs$1.existsSync(bashRcPath) && checkSocketWrapperSetup(bashRcPath)) ||
11769
+ (fs$1.existsSync(zshRcPath) && checkSocketWrapperSetup(zshRcPath))
11367
11770
  if (!socketWrapperEnabled) {
11368
- await installSafeNpm(vendor.stripIndents`
11771
+ await installSafeNpm(vendor.html`
11369
11772
  The Socket CLI is now successfully installed! 🎉
11370
11773
 
11371
11774
  To better protect yourself against supply-chain attacks, our "safe npm" wrapper can warn you about malicious packages whenever you run 'npm install'.
@@ -11390,10 +11793,10 @@ async function installSafeNpm(query) {
11390
11793
  // Lazily access constants.bashRcPath and constants.zshRcPath.
11391
11794
  const { bashRcPath, zshRcPath } = constants
11392
11795
  try {
11393
- if (require$$0.existsSync(bashRcPath)) {
11796
+ if (fs$1.existsSync(bashRcPath)) {
11394
11797
  addSocketWrapper(bashRcPath)
11395
11798
  }
11396
- if (require$$0.existsSync(zshRcPath)) {
11799
+ if (fs$1.existsSync(zshRcPath)) {
11397
11800
  addSocketWrapper(zshRcPath)
11398
11801
  }
11399
11802
  } catch (e) {
@@ -11405,7 +11808,7 @@ async function installSafeNpm(query) {
11405
11808
  }
11406
11809
 
11407
11810
  function removeSocketWrapper(file) {
11408
- return require$$0.readFile(file, 'utf8', function (err, data) {
11811
+ return fs$1.readFile(file, 'utf8', function (err, data) {
11409
11812
  if (err) {
11410
11813
  logger.logger.fail('There was an error removing the alias:')
11411
11814
  logger.logger.error(err)
@@ -11417,7 +11820,7 @@ function removeSocketWrapper(file) {
11417
11820
  l => l !== 'alias npm="socket npm"' && l !== 'alias npx="socket npx"'
11418
11821
  )
11419
11822
  const updatedFileContent = linesWithoutSocketAlias.join('\n')
11420
- require$$0.writeFile(file, updatedFileContent, function (err) {
11823
+ fs$1.writeFile(file, updatedFileContent, function (err) {
11421
11824
  if (err) {
11422
11825
  logger.logger.error(err)
11423
11826
  return
@@ -11505,27 +11908,21 @@ async function run(argv, importMeta, { parentName }) {
11505
11908
  // Lazily access constants.bashRcPath and constants.zshRcPath.
11506
11909
  const { bashRcPath, zshRcPath } = constants
11507
11910
  if (enable) {
11508
- if (
11509
- require$$0.existsSync(bashRcPath) &&
11510
- !checkSocketWrapperSetup(bashRcPath)
11511
- ) {
11911
+ if (fs$1.existsSync(bashRcPath) && !checkSocketWrapperSetup(bashRcPath)) {
11512
11912
  addSocketWrapper(bashRcPath)
11513
11913
  }
11514
- if (
11515
- require$$0.existsSync(zshRcPath) &&
11516
- !checkSocketWrapperSetup(zshRcPath)
11517
- ) {
11914
+ if (fs$1.existsSync(zshRcPath) && !checkSocketWrapperSetup(zshRcPath)) {
11518
11915
  addSocketWrapper(zshRcPath)
11519
11916
  }
11520
11917
  } else {
11521
- if (require$$0.existsSync(bashRcPath)) {
11918
+ if (fs$1.existsSync(bashRcPath)) {
11522
11919
  removeSocketWrapper(bashRcPath)
11523
11920
  }
11524
- if (require$$0.existsSync(zshRcPath)) {
11921
+ if (fs$1.existsSync(zshRcPath)) {
11525
11922
  removeSocketWrapper(zshRcPath)
11526
11923
  }
11527
11924
  }
11528
- if (!require$$0.existsSync(bashRcPath) && !require$$0.existsSync(zshRcPath)) {
11925
+ if (!fs$1.existsSync(bashRcPath) && !fs$1.existsSync(zshRcPath)) {
11529
11926
  logger.logger.fail(
11530
11927
  'There was an issue setting up the alias in your bash profile'
11531
11928
  )
@@ -11539,7 +11936,7 @@ void (async () => {
11539
11936
  await vendor.updater({
11540
11937
  name: SOCKET_CLI_BIN_NAME,
11541
11938
  // The '@rollup/plugin-replace' will replace "process.env['INLINED_SOCKET_CLI_VERSION']".
11542
- version: '0.14.103',
11939
+ version: '0.14.104',
11543
11940
  ttl: 86_400_000 /* 24 hours in milliseconds */
11544
11941
  })
11545
11942
  try {
@@ -11576,7 +11973,7 @@ void (async () => {
11576
11973
  argv: process$1.argv.slice(2),
11577
11974
  name: SOCKET_CLI_BIN_NAME,
11578
11975
  importMeta: {
11579
- url: `${require$$0$2.pathToFileURL(__filename)}`
11976
+ url: `${require$$0$1.pathToFileURL(__filename)}`
11580
11977
  }
11581
11978
  }
11582
11979
  )
@@ -11607,5 +12004,5 @@ void (async () => {
11607
12004
  await shadowNpmInject.captureException(e)
11608
12005
  }
11609
12006
  })()
11610
- //# debugId=8a009c64-0a0e-45fc-8e4e-cf58dc470a45
12007
+ //# debugId=35cb6fe4-28c3-408a-9222-5359160941e5
11611
12008
  //# sourceMappingURL=cli.js.map