@socketsecurity/cli 0.14.103 → 0.14.105

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (25) hide show
  1. package/dist/constants.js +3 -3
  2. package/dist/constants.js.map +1 -1
  3. package/dist/module-sync/arborist-helpers.d.ts +69 -0
  4. package/dist/module-sync/cli.js +1560 -1165
  5. package/dist/module-sync/cli.js.map +1 -1
  6. package/dist/module-sync/index.d.ts +1 -1
  7. package/dist/module-sync/package-environment.d.ts +7 -7
  8. package/dist/module-sync/semver.d.ts +16 -0
  9. package/dist/module-sync/shadow-npm-inject.js +451 -431
  10. package/dist/module-sync/shadow-npm-inject.js.map +1 -1
  11. package/dist/module-sync/shadow-npm-paths.d.ts +23 -2
  12. package/dist/module-sync/shadow-npm-paths.js +135 -76
  13. package/dist/module-sync/shadow-npm-paths.js.map +1 -1
  14. package/dist/module-sync/vendor.js +25199 -25208
  15. package/dist/module-sync/vendor.js.map +1 -1
  16. package/dist/require/cli.js +1560 -1165
  17. package/dist/require/cli.js.map +1 -1
  18. package/dist/require/shadow-npm-inject.js +451 -431
  19. package/dist/require/shadow-npm-inject.js.map +1 -1
  20. package/dist/require/shadow-npm-paths.d.ts +23 -2
  21. package/dist/require/shadow-npm-paths.js +135 -76
  22. package/dist/require/shadow-npm-paths.js.map +1 -1
  23. package/package.json +9 -9
  24. package/dist/module-sync/shared.d.ts +0 -11
  25. package/dist/module-sync/types.d.ts +0 -27
package/dist/module-sync/cli.js CHANGED
@@ -12,7 +12,7 @@ function _socketInterop(e) {
12
12
  }
13
13
 
14
14
  const process$1 = require('node:process')
15
- const require$$0$2 = require('node:url')
15
+ const require$$0$1 = require('node:url')
16
16
  const vendor = require('./vendor.js')
17
17
  const debug = require('@socketsecurity/registry/lib/debug')
18
18
  const logger = require('@socketsecurity/registry/lib/logger')
@@ -26,11 +26,11 @@ const objects = require('@socketsecurity/registry/lib/objects')
26
26
  const path = require('@socketsecurity/registry/lib/path')
27
27
  const regexps = require('@socketsecurity/registry/lib/regexps')
28
28
  const words = require('@socketsecurity/registry/lib/words')
29
- const require$$0 = require('node:fs')
29
+ const fs$1 = require('node:fs')
30
30
  const shadowBin = require('./shadow-bin.js')
31
31
  const prompts = require('@socketsecurity/registry/lib/prompts')
32
32
  const shadowNpmPaths = require('./shadow-npm-paths.js')
33
- const require$$0$1 = require('node:util')
33
+ const require$$0 = require('node:util')
34
34
  const arrays = require('@socketsecurity/registry/lib/arrays')
35
35
  const registry = require('@socketsecurity/registry')
36
36
  const npm = require('@socketsecurity/registry/lib/npm')
@@ -347,7 +347,7 @@ function renderJson(data) {
347
347
  }
348
348
  }
349
349
  function renderMarkdown(data, days, repoSlug) {
350
- return vendor.stripIndents`
350
+ return vendor.html`
351
351
  # Socket Alert Analytics
352
352
 
353
353
  These are the Socket.dev stats are analytics for the ${repoSlug ? `${repoSlug} repo` : 'org'} of the past ${days} days
@@ -387,7 +387,7 @@ ${[
387
387
  ]
388
388
  ]
389
389
  .map(
390
- ([title, table]) => vendor.stripIndents`
390
+ ([title, table]) => vendor.html`
391
391
  ## ${title}
392
392
 
393
393
  ${table}
@@ -900,7 +900,7 @@ function emitBanner(name) {
900
900
  logger.logger.error(getAsciiHeader(name))
901
901
  }
902
902
  function getAsciiHeader(command) {
903
- const cliVersion = '0.14.103:d303e97:f73541fc:pub' // The '@rollup/plugin-replace' will replace "process.env['INLINED_SOCKET_CLI_VERSION_HASH']".
903
+ const cliVersion = '0.14.105:2179d68:e11e089b:pub' // The '@rollup/plugin-replace' will replace "process.env['INLINED_SOCKET_CLI_VERSION_HASH']".
904
904
  const nodeVersion = process$1.version
905
905
  const apiToken = shadowNpmInject.getDefaultToken()
906
906
  const shownToken = apiToken ? getLastFiveOfApiToken(apiToken) : 'no'
@@ -923,8 +923,8 @@ function getAsciiHeader(command) {
923
923
  return ` ${body}\n`
924
924
  }
925
925
 
926
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$H } = constants
927
- const config$K = {
926
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$I } = constants
927
+ const config$L = {
928
928
  commandName: 'analytics',
929
929
  description: `Look up analytics data`,
930
930
  hidden: false,
@@ -979,14 +979,14 @@ const config$K = {
979
979
  `
980
980
  }
981
981
  const cmdAnalytics = {
982
- description: config$K.description,
983
- hidden: config$K.hidden,
984
- run: run$K
982
+ description: config$L.description,
983
+ hidden: config$L.hidden,
984
+ run: run$L
985
985
  }
986
- async function run$K(argv, importMeta, { parentName }) {
986
+ async function run$L(argv, importMeta, { parentName }) {
987
987
  const cli = meowOrExit({
988
988
  argv,
989
- config: config$K,
989
+ config: config$L,
990
990
  importMeta,
991
991
  parentName
992
992
  })
@@ -1041,7 +1041,7 @@ async function run$K(argv, importMeta, { parentName }) {
1041
1041
  return
1042
1042
  }
1043
1043
  if (cli.flags['dryRun']) {
1044
- logger.logger.log(DRY_RUN_BAIL_TEXT$H)
1044
+ logger.logger.log(DRY_RUN_BAIL_TEXT$I)
1045
1045
  return
1046
1046
  }
1047
1047
  assert(assertScope(scope))
@@ -1216,8 +1216,8 @@ async function handleAuditLog({ logType, orgSlug, outputKind, page, perPage }) {
1216
1216
  })
1217
1217
  }
1218
1218
 
1219
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$G } = constants
1220
- const config$J = {
1219
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$H } = constants
1220
+ const config$K = {
1221
1221
  commandName: 'audit-log',
1222
1222
  description: 'Look up the audit log for an organization',
1223
1223
  hidden: false,
@@ -1262,14 +1262,14 @@ const config$J = {
1262
1262
  `
1263
1263
  }
1264
1264
  const cmdAuditLog = {
1265
- description: config$J.description,
1266
- hidden: config$J.hidden,
1267
- run: run$J
1265
+ description: config$K.description,
1266
+ hidden: config$K.hidden,
1267
+ run: run$K
1268
1268
  }
1269
- async function run$J(argv, importMeta, { parentName }) {
1269
+ async function run$K(argv, importMeta, { parentName }) {
1270
1270
  const cli = meowOrExit({
1271
1271
  argv,
1272
- config: config$J,
1272
+ config: config$K,
1273
1273
  importMeta,
1274
1274
  parentName
1275
1275
  })
@@ -1306,7 +1306,7 @@ async function run$J(argv, importMeta, { parentName }) {
1306
1306
  return
1307
1307
  }
1308
1308
  if (cli.flags['dryRun']) {
1309
- logger.logger.log(DRY_RUN_BAIL_TEXT$G)
1309
+ logger.logger.log(DRY_RUN_BAIL_TEXT$H)
1310
1310
  return
1311
1311
  }
1312
1312
  await handleAuditLog({
@@ -1322,7 +1322,7 @@ const {
1322
1322
  NPM: NPM$g,
1323
1323
  NPX: NPX$3,
1324
1324
  PACKAGE_LOCK_JSON,
1325
- PNPM: PNPM$b,
1325
+ PNPM: PNPM$a,
1326
1326
  YARN: YARN$1,
1327
1327
  YARN_LOCK
1328
1328
  } = constants
@@ -1331,7 +1331,7 @@ const nodejsPlatformTypes = new Set([
1331
1331
  'js',
1332
1332
  'nodejs',
1333
1333
  NPM$g,
1334
- PNPM$b,
1334
+ PNPM$a,
1335
1335
  'ts',
1336
1336
  'tsx',
1337
1337
  'typescript'
@@ -1346,9 +1346,9 @@ async function runCycloneDX(yargvWithYes) {
1346
1346
  if (
1347
1347
  yargv.type !== YARN$1 &&
1348
1348
  nodejsPlatformTypes.has(yargv.type) &&
1349
- require$$0.existsSync(`./${YARN_LOCK}`)
1349
+ fs$1.existsSync(`./${YARN_LOCK}`)
1350
1350
  ) {
1351
- if (require$$0.existsSync(`./${PACKAGE_LOCK_JSON}`)) {
1351
+ if (fs$1.existsSync(`./${PACKAGE_LOCK_JSON}`)) {
1352
1352
  yargv.type = NPM$g
1353
1353
  } else {
1354
1354
  // Use synp to create a package-lock.json from the yarn.lock,
@@ -1369,16 +1369,16 @@ async function runCycloneDX(yargvWithYes) {
1369
1369
  await shadowBin(NPX$3, [
1370
1370
  ...yesArgs,
1371
1371
  // The '@rollup/plugin-replace' will replace "process.env['INLINED_CYCLONEDX_CDXGEN_VERSION']".
1372
- `@cyclonedx/cdxgen@${'11.2.3'}`,
1372
+ `@cyclonedx/cdxgen@${'11.2.4'}`,
1373
1373
  ...argvToArray(yargv)
1374
1374
  ])
1375
1375
  if (cleanupPackageLock) {
1376
1376
  try {
1377
- await require$$0.promises.rm(`./${PACKAGE_LOCK_JSON}`)
1377
+ await fs$1.promises.rm(`./${PACKAGE_LOCK_JSON}`)
1378
1378
  } catch {}
1379
1379
  }
1380
1380
  const fullOutputPath = path$1.join(process$1.cwd(), yargv.output)
1381
- if (require$$0.existsSync(fullOutputPath)) {
1381
+ if (fs$1.existsSync(fullOutputPath)) {
1382
1382
  logger.logger.log(
1383
1383
  vendor.yoctocolorsCjsExports.cyanBright(`${yargv.output} created!`)
1384
1384
  )
@@ -1436,7 +1436,7 @@ function isHelpFlag(cmdArg) {
1436
1436
  }
1437
1437
 
1438
1438
  // import { meowOrExit } from '../../utils/meow-with-subcommands'
1439
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$F } = constants
1439
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$G } = constants
1440
1440
 
1441
1441
  // TODO: convert yargs to meow. Or convert all the other things to yargs.
1442
1442
  const toLower = arg => arg.toLowerCase()
@@ -1552,7 +1552,7 @@ const yargsConfig = {
1552
1552
  'spec-version'
1553
1553
  ]
1554
1554
  }
1555
- const config$I = {
1555
+ const config$J = {
1556
1556
  commandName: 'cdxgen',
1557
1557
  description: 'Create an SBOM with CycloneDX generator (cdxgen)',
1558
1558
  hidden: false,
@@ -1568,16 +1568,16 @@ const config$I = {
1568
1568
  `
1569
1569
  }
1570
1570
  const cmdCdxgen = {
1571
- description: config$I.description,
1572
- hidden: config$I.hidden,
1573
- run: run$I
1571
+ description: config$J.description,
1572
+ hidden: config$J.hidden,
1573
+ run: run$J
1574
1574
  }
1575
- async function run$I(argv, importMeta, { parentName }) {
1575
+ async function run$J(argv, importMeta, { parentName }) {
1576
1576
  const cli = meowOrExit({
1577
1577
  allowUnknownFlags: true,
1578
1578
  // Don't let meow take over --help.
1579
1579
  argv: argv.filter(a => !isHelpFlag(a)),
1580
- config: config$I,
1580
+ config: config$J,
1581
1581
  importMeta,
1582
1582
  parentName
1583
1583
  })
@@ -1599,7 +1599,7 @@ async function run$I(argv, importMeta, { parentName }) {
1599
1599
  return
1600
1600
  }
1601
1601
  if (cli.flags['dryRun']) {
1602
- logger.logger.log(DRY_RUN_BAIL_TEXT$F)
1602
+ logger.logger.log(DRY_RUN_BAIL_TEXT$G)
1603
1603
  return
1604
1604
  }
1605
1605
  if (yargv.output === undefined) {
@@ -2447,8 +2447,8 @@ async function handleCI() {
2447
2447
  })
2448
2448
  }
2449
2449
 
2450
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$E } = constants
2451
- const config$H = {
2450
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$F } = constants
2451
+ const config$I = {
2452
2452
  commandName: 'ci',
2453
2453
  description:
2454
2454
  'Create a new scan and report whether it passes your security policy',
@@ -2468,19 +2468,19 @@ const config$H = {
2468
2468
  `
2469
2469
  }
2470
2470
  const cmdCI = {
2471
- description: config$H.description,
2472
- hidden: config$H.hidden,
2473
- run: run$H
2471
+ description: config$I.description,
2472
+ hidden: config$I.hidden,
2473
+ run: run$I
2474
2474
  }
2475
- async function run$H(argv, importMeta, { parentName }) {
2475
+ async function run$I(argv, importMeta, { parentName }) {
2476
2476
  const cli = meowOrExit({
2477
2477
  argv,
2478
- config: config$H,
2478
+ config: config$I,
2479
2479
  importMeta,
2480
2480
  parentName
2481
2481
  })
2482
2482
  if (cli.flags['dryRun']) {
2483
- logger.logger.log(DRY_RUN_BAIL_TEXT$E)
2483
+ logger.logger.log(DRY_RUN_BAIL_TEXT$F)
2484
2484
  return
2485
2485
  }
2486
2486
  await handleCI()
@@ -2727,8 +2727,8 @@ async function handleConfigAuto({ key, outputKind }) {
2727
2727
  await outputConfigAuto(key, result, outputKind)
2728
2728
  }
2729
2729
 
2730
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$D } = constants
2731
- const config$G = {
2730
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$E } = constants
2731
+ const config$H = {
2732
2732
  commandName: 'auto',
2733
2733
  description: 'Automatically discover and set the correct value config item',
2734
2734
  hidden: false,
@@ -2759,14 +2759,14 @@ ${Array.from(shadowNpmInject.supportedConfigKeys.entries())
2759
2759
  `
2760
2760
  }
2761
2761
  const cmdConfigAuto = {
2762
- description: config$G.description,
2763
- hidden: config$G.hidden,
2764
- run: run$G
2762
+ description: config$H.description,
2763
+ hidden: config$H.hidden,
2764
+ run: run$H
2765
2765
  }
2766
- async function run$G(argv, importMeta, { parentName }) {
2766
+ async function run$H(argv, importMeta, { parentName }) {
2767
2767
  const cli = meowOrExit({
2768
2768
  argv,
2769
- config: config$G,
2769
+ config: config$H,
2770
2770
  importMeta,
2771
2771
  parentName
2772
2772
  })
@@ -2792,7 +2792,7 @@ async function run$G(argv, importMeta, { parentName }) {
2792
2792
  return
2793
2793
  }
2794
2794
  if (cli.flags['dryRun']) {
2795
- logger.logger.log(DRY_RUN_BAIL_TEXT$D)
2795
+ logger.logger.log(DRY_RUN_BAIL_TEXT$E)
2796
2796
  return
2797
2797
  }
2798
2798
  await handleConfigAuto({
@@ -2846,8 +2846,8 @@ async function handleConfigGet({ key, outputKind }) {
2846
2846
  await outputConfigGet(key, value, readOnly, outputKind)
2847
2847
  }
2848
2848
 
2849
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$C } = constants
2850
- const config$F = {
2849
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$D } = constants
2850
+ const config$G = {
2851
2851
  commandName: 'get',
2852
2852
  description: 'Get the value of a local CLI config item',
2853
2853
  hidden: false,
@@ -2873,14 +2873,14 @@ ${Array.from(shadowNpmInject.supportedConfigKeys.entries())
2873
2873
  `
2874
2874
  }
2875
2875
  const cmdConfigGet = {
2876
- description: config$F.description,
2877
- hidden: config$F.hidden,
2878
- run: run$F
2876
+ description: config$G.description,
2877
+ hidden: config$G.hidden,
2878
+ run: run$G
2879
2879
  }
2880
- async function run$F(argv, importMeta, { parentName }) {
2880
+ async function run$G(argv, importMeta, { parentName }) {
2881
2881
  const cli = meowOrExit({
2882
2882
  argv,
2883
- config: config$F,
2883
+ config: config$G,
2884
2884
  importMeta,
2885
2885
  parentName
2886
2886
  })
@@ -2906,7 +2906,7 @@ async function run$F(argv, importMeta, { parentName }) {
2906
2906
  return
2907
2907
  }
2908
2908
  if (cli.flags['dryRun']) {
2909
- logger.logger.log(DRY_RUN_BAIL_TEXT$C)
2909
+ logger.logger.log(DRY_RUN_BAIL_TEXT$D)
2910
2910
  return
2911
2911
  }
2912
2912
  await handleConfigGet({
@@ -2968,8 +2968,8 @@ async function outputConfigList({ full, outputKind }) {
2968
2968
  }
2969
2969
  }
2970
2970
 
2971
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$B } = constants
2972
- const config$E = {
2971
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$C } = constants
2972
+ const config$F = {
2973
2973
  commandName: 'list',
2974
2974
  description: 'Show all local CLI config items and their values',
2975
2975
  hidden: false,
@@ -3000,14 +3000,14 @@ ${Array.from(shadowNpmInject.supportedConfigKeys.entries())
3000
3000
  `
3001
3001
  }
3002
3002
  const cmdConfigList = {
3003
- description: config$E.description,
3004
- hidden: config$E.hidden,
3005
- run: run$E
3003
+ description: config$F.description,
3004
+ hidden: config$F.hidden,
3005
+ run: run$F
3006
3006
  }
3007
- async function run$E(argv, importMeta, { parentName }) {
3007
+ async function run$F(argv, importMeta, { parentName }) {
3008
3008
  const cli = meowOrExit({
3009
3009
  argv,
3010
- config: config$E,
3010
+ config: config$F,
3011
3011
  importMeta,
3012
3012
  parentName
3013
3013
  })
@@ -3024,7 +3024,7 @@ async function run$E(argv, importMeta, { parentName }) {
3024
3024
  return
3025
3025
  }
3026
3026
  if (cli.flags['dryRun']) {
3027
- logger.logger.log(DRY_RUN_BAIL_TEXT$B)
3027
+ logger.logger.log(DRY_RUN_BAIL_TEXT$C)
3028
3028
  return
3029
3029
  }
3030
3030
  await outputConfigList({
@@ -3069,8 +3069,8 @@ async function handleConfigSet({ key, outputKind, value }) {
3069
3069
  await outputConfigSet(key, value, readOnly, outputKind)
3070
3070
  }
3071
3071
 
3072
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$A } = constants
3073
- const config$D = {
3072
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$B } = constants
3073
+ const config$E = {
3074
3074
  commandName: 'set',
3075
3075
  description: 'Update the value of a local CLI config item',
3076
3076
  hidden: false,
@@ -3101,14 +3101,14 @@ ${Array.from(shadowNpmInject.supportedConfigKeys.entries())
3101
3101
  `
3102
3102
  }
3103
3103
  const cmdConfigSet = {
3104
- description: config$D.description,
3105
- hidden: config$D.hidden,
3106
- run: run$D
3104
+ description: config$E.description,
3105
+ hidden: config$E.hidden,
3106
+ run: run$E
3107
3107
  }
3108
- async function run$D(argv, importMeta, { parentName }) {
3108
+ async function run$E(argv, importMeta, { parentName }) {
3109
3109
  const cli = meowOrExit({
3110
3110
  argv,
3111
- config: config$D,
3111
+ config: config$E,
3112
3112
  importMeta,
3113
3113
  parentName
3114
3114
  })
@@ -3143,7 +3143,7 @@ async function run$D(argv, importMeta, { parentName }) {
3143
3143
  return
3144
3144
  }
3145
3145
  if (cli.flags['dryRun']) {
3146
- logger.logger.log(DRY_RUN_BAIL_TEXT$A)
3146
+ logger.logger.log(DRY_RUN_BAIL_TEXT$B)
3147
3147
  return
3148
3148
  }
3149
3149
  await handleConfigSet({
@@ -3175,8 +3175,8 @@ async function handleConfigUnset({ key, outputKind }) {
3175
3175
  await outputConfigUnset(key, outputKind)
3176
3176
  }
3177
3177
 
3178
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$z } = constants
3179
- const config$C = {
3178
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$A } = constants
3179
+ const config$D = {
3180
3180
  commandName: 'unset',
3181
3181
  description: 'Clear the value of a local CLI config item',
3182
3182
  hidden: false,
@@ -3202,14 +3202,14 @@ ${Array.from(shadowNpmInject.supportedConfigKeys.entries())
3202
3202
  `
3203
3203
  }
3204
3204
  const cmdConfigUnset = {
3205
- description: config$C.description,
3206
- hidden: config$C.hidden,
3207
- run: run$C
3205
+ description: config$D.description,
3206
+ hidden: config$D.hidden,
3207
+ run: run$D
3208
3208
  }
3209
- async function run$C(argv, importMeta, { parentName }) {
3209
+ async function run$D(argv, importMeta, { parentName }) {
3210
3210
  const cli = meowOrExit({
3211
3211
  argv,
3212
- config: config$C,
3212
+ config: config$D,
3213
3213
  importMeta,
3214
3214
  parentName
3215
3215
  })
@@ -3235,7 +3235,7 @@ async function run$C(argv, importMeta, { parentName }) {
3235
3235
  return
3236
3236
  }
3237
3237
  if (cli.flags['dryRun']) {
3238
- logger.logger.log(DRY_RUN_BAIL_TEXT$z)
3238
+ logger.logger.log(DRY_RUN_BAIL_TEXT$A)
3239
3239
  return
3240
3240
  }
3241
3241
  await handleConfigUnset({
@@ -3362,8 +3362,8 @@ async function handleDependencies({ limit, offset, outputKind }) {
3362
3362
  })
3363
3363
  }
3364
3364
 
3365
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$y } = constants
3366
- const config$B = {
3365
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$z } = constants
3366
+ const config$C = {
3367
3367
  commandName: 'dependencies',
3368
3368
  description:
3369
3369
  'Search for any dependency that is being used in your organization',
@@ -3400,14 +3400,14 @@ const config$B = {
3400
3400
  `
3401
3401
  }
3402
3402
  const cmdScanCreate$1 = {
3403
- description: config$B.description,
3404
- hidden: config$B.hidden,
3405
- run: run$B
3403
+ description: config$C.description,
3404
+ hidden: config$C.hidden,
3405
+ run: run$C
3406
3406
  }
3407
- async function run$B(argv, importMeta, { parentName }) {
3407
+ async function run$C(argv, importMeta, { parentName }) {
3408
3408
  const cli = meowOrExit({
3409
3409
  argv,
3410
- config: config$B,
3410
+ config: config$C,
3411
3411
  importMeta,
3412
3412
  parentName
3413
3413
  })
@@ -3435,7 +3435,7 @@ async function run$B(argv, importMeta, { parentName }) {
3435
3435
  return
3436
3436
  }
3437
3437
  if (cli.flags['dryRun']) {
3438
- logger.logger.log(DRY_RUN_BAIL_TEXT$y)
3438
+ logger.logger.log(DRY_RUN_BAIL_TEXT$z)
3439
3439
  return
3440
3440
  }
3441
3441
  await handleDependencies({
@@ -3445,7 +3445,7 @@ async function run$B(argv, importMeta, { parentName }) {
3445
3445
  })
3446
3446
  }
3447
3447
 
3448
- async function fetchDiffScan({ after, before, orgSlug }) {
3448
+ async function fetchDiffScan$1({ after, before, orgSlug }) {
3449
3449
  const apiToken = shadowNpmInject.getDefaultToken()
3450
3450
 
3451
3451
  // Lazily access constants.spinner.
@@ -3468,7 +3468,7 @@ async function fetchDiffScan({ after, before, orgSlug }) {
3468
3468
  return result
3469
3469
  }
3470
3470
 
3471
- async function outputDiffScan(result, { depth, file, outputKind }) {
3471
+ async function outputDiffScan$1(result, { depth, file, outputKind }) {
3472
3472
  const dashboardUrl = result.diff_report_url
3473
3473
  const dashboardMessage = dashboardUrl
3474
3474
  ? `\n View this diff scan in the Socket dashboard: ${vendor.yoctocolorsCjsExports.cyan(dashboardUrl)}`
@@ -3490,7 +3490,7 @@ async function outputDiffScan(result, { depth, file, outputKind }) {
3490
3490
  }
3491
3491
  if (file && file !== '-') {
3492
3492
  logger.logger.log(`Writing json to \`${file}\``)
3493
- require$$0.writeFile(file, JSON.stringify(result, null, 2), err => {
3493
+ fs$1.writeFile(file, JSON.stringify(result, null, 2), err => {
3494
3494
  if (err) {
3495
3495
  logger.logger.fail(`Writing to \`${file}\` failed...`)
3496
3496
  logger.logger.error(err)
@@ -3513,7 +3513,7 @@ async function outputDiffScan(result, { depth, file, outputKind }) {
3513
3513
 
3514
3514
  logger.logger.log('Diff scan result:')
3515
3515
  logger.logger.log(
3516
- require$$0$1.inspect(result, {
3516
+ require$$0.inspect(result, {
3517
3517
  showHidden: false,
3518
3518
  depth: depth > 0 ? depth : null,
3519
3519
  colors: true,
@@ -3526,7 +3526,7 @@ async function outputDiffScan(result, { depth, file, outputKind }) {
3526
3526
  logger.logger.log(dashboardMessage)
3527
3527
  }
3528
3528
 
3529
- async function handleDiffScan({
3529
+ async function handleDiffScan$1({
3530
3530
  after,
3531
3531
  before,
3532
3532
  depth,
@@ -3534,7 +3534,7 @@ async function handleDiffScan({
3534
3534
  orgSlug,
3535
3535
  outputKind
3536
3536
  }) {
3537
- const data = await fetchDiffScan({
3537
+ const data = await fetchDiffScan$1({
3538
3538
  after,
3539
3539
  before,
3540
3540
  orgSlug
@@ -3542,15 +3542,15 @@ async function handleDiffScan({
3542
3542
  if (!data) {
3543
3543
  return
3544
3544
  }
3545
- await outputDiffScan(data, {
3545
+ await outputDiffScan$1(data, {
3546
3546
  depth,
3547
3547
  file,
3548
3548
  outputKind
3549
3549
  })
3550
3550
  }
3551
3551
 
3552
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$x } = constants
3553
- const config$A = {
3552
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$y } = constants
3553
+ const config$B = {
3554
3554
  commandName: 'get',
3555
3555
  description: 'Get a diff scan for an organization',
3556
3556
  hidden: false,
@@ -3609,14 +3609,14 @@ const config$A = {
3609
3609
  `
3610
3610
  }
3611
3611
  const cmdDiffScanGet = {
3612
- description: config$A.description,
3613
- hidden: config$A.hidden,
3614
- run: run$A
3612
+ description: config$B.description,
3613
+ hidden: config$B.hidden,
3614
+ run: run$B
3615
3615
  }
3616
- async function run$A(argv, importMeta, { parentName }) {
3616
+ async function run$B(argv, importMeta, { parentName }) {
3617
3617
  const cli = meowOrExit({
3618
3618
  argv,
3619
- config: config$A,
3619
+ config: config$B,
3620
3620
  importMeta,
3621
3621
  parentName
3622
3622
  })
@@ -3664,11 +3664,14 @@ async function run$A(argv, importMeta, { parentName }) {
3664
3664
  if (wasBadInput) {
3665
3665
  return
3666
3666
  }
3667
+ logger.logger.fail(
3668
+ 'Warning: this command is deprecated in favor of `socket scan diff` and will be removed in the next major bump.'
3669
+ )
3667
3670
  if (cli.flags['dryRun']) {
3668
- logger.logger.log(DRY_RUN_BAIL_TEXT$x)
3671
+ logger.logger.log(DRY_RUN_BAIL_TEXT$y)
3669
3672
  return
3670
3673
  }
3671
- await handleDiffScan({
3674
+ await handleDiffScan$1({
3672
3675
  before: String(before || ''),
3673
3676
  after: String(after || ''),
3674
3677
  depth: Number(depth),
@@ -3717,28 +3720,34 @@ function getBaseGitBranch() {
3717
3720
  'main'
3718
3721
  )
3719
3722
  }
3720
- function getSocketBranchName(purl, toVersion) {
3723
+ function getSocketBranchName(purl, newVersion, workspaceName) {
3721
3724
  const purlObj = packageurlJs.PackageURL.fromString(purl)
3722
- const namespace = formatBranchName(purlObj.namespace ?? '')
3723
- const name = formatBranchName(purlObj.name)
3724
- const version = formatBranchName(toVersion)
3725
- const fullName = `${namespace ? `${namespace}-` : ''}${name}`
3726
- return `socket-fix-${fullName}-${version}`
3725
+ const maybeWorkspaceName = workspaceName
3726
+ ? `${formatBranchName(workspaceName)}-`
3727
+ : ''
3728
+ const maybeNamespace = purlObj.namespace
3729
+ ? `${formatBranchName(purlObj.namespace)}-`
3730
+ : ''
3731
+ const fullName = `${maybeWorkspaceName}${maybeNamespace}${formatBranchName(purlObj.name)}`
3732
+ return `socket-fix-${fullName}-${formatBranchName(newVersion)}`
3727
3733
  }
3728
- function getSocketPullRequestTitle(purl, toVersion) {
3734
+ function getSocketPullRequestTitle(purl, newVersion, workspaceName) {
3729
3735
  const purlObj = packageurlJs.PackageURL.fromString(purl)
3730
3736
  const pkgName = getPkgNameFromPurlObj(purlObj)
3731
- return `Bump ${pkgName} from ${purlObj.version} to ${toVersion}`
3737
+ const workspaceDetails = workspaceName ? ` in ${workspaceName}` : ''
3738
+ return `Bump ${pkgName} from ${purlObj.version} to ${newVersion}${workspaceDetails}`
3732
3739
  }
3733
- function getSocketPullRequestBody(purl, toVersion) {
3740
+ function getSocketPullRequestBody(purl, newVersion, workspaceName) {
3734
3741
  const purlObj = packageurlJs.PackageURL.fromString(purl)
3735
3742
  const pkgName = getPkgNameFromPurlObj(purlObj)
3736
- return `Bumps [${pkgName}](https://socket.dev/${purlObj.type}/package/${pkgName}) from ${purlObj.version} to ${toVersion}.`
3743
+ const workspaceDetails = workspaceName ? ` in ${workspaceName}` : ''
3744
+ return `Bumps [${pkgName}](https://socket.dev/${purlObj.type}/package/${pkgName}) from ${purlObj.version} to ${newVersion}${workspaceDetails}.`
3737
3745
  }
3738
- function getSocketCommitMessage(purl, toVersion) {
3746
+ function getSocketCommitMessage(purl, newVersion, workspaceName) {
3739
3747
  const purlObj = packageurlJs.PackageURL.fromString(purl)
3740
3748
  const pkgName = getPkgNameFromPurlObj(purlObj)
3741
- return `socket: Bump ${pkgName} from ${purlObj.version} to ${toVersion}`
3749
+ const workspaceDetails = workspaceName ? ` in ${workspaceName}` : ''
3750
+ return `socket: Bump ${pkgName} from ${purlObj.version} to ${newVersion}${workspaceDetails}`
3742
3751
  }
3743
3752
  async function gitBranchExists(branch, cwd = process.cwd()) {
3744
3753
  try {
@@ -3854,7 +3863,7 @@ async function enableAutoMerge({ node_id: prId, number: prNumber }) {
3854
3863
  const octokitGraphql = getOctokitGraphql()
3855
3864
  try {
3856
3865
  await octokitGraphql(
3857
- `
3866
+ vendor.html`
3858
3867
  mutation EnableAutoMerge($pullRequestId: ID!) {
3859
3868
  enablePullRequestAutoMerge(input: {
3860
3869
  pullRequestId: $pullRequestId,
@@ -3878,7 +3887,9 @@ async function enableAutoMerge({ node_id: prId, number: prNumber }) {
3878
3887
  } catch (e) {
3879
3888
  let message = `Failed to enable auto-merge for PR #${prNumber}`
3880
3889
  if (e instanceof vendor.GraphqlResponseError && e.errors) {
3881
- const details = e.errors.map(({ message }) => ` - ${message}`).join('\n')
3890
+ const details = e.errors
3891
+ .map(({ message }) => ` - ${message.trim()}`)
3892
+ .join('\n')
3882
3893
  message += `:\n${details}`
3883
3894
  }
3884
3895
  logger.logger.error(message)
@@ -3903,9 +3914,13 @@ async function openGitHubPullRequest(
3903
3914
  baseBranch,
3904
3915
  branch,
3905
3916
  purl,
3906
- toVersion,
3907
- cwd = process.cwd()
3917
+ newVersion,
3918
+ options
3908
3919
  ) {
3920
+ const { cwd = process.cwd(), workspaceName } = {
3921
+ __proto__: null,
3922
+ ...options
3923
+ }
3909
3924
  // Lazily access constants.ENV[GITHUB_ACTIONS].
3910
3925
  if (constants.ENV[GITHUB_ACTIONS]) {
3911
3926
  // Lazily access constants.ENV[SOCKET_SECURITY_GITHUB_PAT].
@@ -3922,10 +3937,10 @@ async function openGitHubPullRequest(
3922
3937
  return await octokit.pulls.create({
3923
3938
  owner,
3924
3939
  repo,
3925
- title: getSocketPullRequestTitle(purl, toVersion),
3940
+ title: getSocketPullRequestTitle(purl, newVersion, workspaceName),
3926
3941
  head: branch,
3927
3942
  base: baseBranch,
3928
- body: getSocketPullRequestBody(purl, toVersion)
3943
+ body: getSocketPullRequestBody(purl, newVersion, workspaceName)
3929
3944
  })
3930
3945
  } catch (e) {
3931
3946
  let message = `Failed to open pull request`
@@ -3935,7 +3950,7 @@ async function openGitHubPullRequest(
3935
3950
  const details = restErrors
3936
3951
  .map(
3937
3952
  restErr =>
3938
- `- ${restErr.message ?? `${restErr.resource}.${restErr.field} (${restErr.code})`}`
3953
+ `- ${restErr.message?.trim() ?? `${restErr.resource}.${restErr.field} (${restErr.code})`}`
3939
3954
  )
3940
3955
  .join('\n')
3941
3956
  message += `:\n${details}`
@@ -3961,17 +3976,17 @@ async function install$1(idealTree, options) {
3961
3976
  await arb2.reify()
3962
3977
  }
3963
3978
  async function npmFix(
3964
- _pkgEnvDetails,
3965
- { autoMerge, cwd, rangeStyle, spinner, test, testScript }
3979
+ pkgEnvDetails,
3980
+ { autoMerge, cwd, purls, rangeStyle, spinner, test, testScript }
3966
3981
  ) {
3967
3982
  spinner?.start()
3968
3983
  const arb = new shadowNpmInject.SafeArborist({
3969
- path: cwd,
3984
+ path: pkgEnvDetails.pkgPath,
3970
3985
  ...shadowNpmInject.SAFE_ARBORIST_REIFY_OPTIONS_OVERRIDES
3971
3986
  })
3972
3987
  // Calling arb.reify() creates the arb.diff object and nulls-out arb.idealTree.
3973
3988
  await arb.reify()
3974
- const alertsMap = await shadowNpmInject.getAlertsMapFromArborist(arb, {
3989
+ const alertMapOptions = {
3975
3990
  consolidate: true,
3976
3991
  include: {
3977
3992
  existing: true,
@@ -3979,18 +3994,27 @@ async function npmFix(
3979
3994
  upgradable: false
3980
3995
  },
3981
3996
  nothrow: true
3982
- })
3997
+ }
3998
+ const alertsMap = purls.length
3999
+ ? await shadowNpmInject.getAlertsMapFromPurls(purls, alertMapOptions)
4000
+ : await shadowNpmInject.getAlertsMapFromArborist(arb, alertMapOptions)
3983
4001
  const infoByPkg = shadowNpmInject.getCveInfoByAlertsMap(alertsMap)
3984
4002
  if (!infoByPkg) {
3985
4003
  spinner?.stop()
3986
4004
  return
3987
4005
  }
3988
- const editablePkgJson = await packages.readPackageJson(cwd, {
3989
- editable: true
3990
- })
4006
+
3991
4007
  // Lazily access constants.ENV[CI].
3992
4008
  const isCi = constants.ENV[CI$1]
3993
- const isRepo = await isInGitRepo(cwd)
4009
+ const { pkgPath: rootPath } = pkgEnvDetails
4010
+ const { 0: isRepo, 1: workspacePkgJsonPaths } = await Promise.all([
4011
+ isInGitRepo(cwd),
4012
+ shadowNpmPaths.globWorkspace(pkgEnvDetails)
4013
+ ])
4014
+ const pkgJsonPaths = [
4015
+ pkgEnvDetails.editablePkgJson.filename,
4016
+ ...workspacePkgJsonPaths
4017
+ ]
3994
4018
  await arb.buildIdealTree()
3995
4019
  for (const { 0: name, 1: infos } of infoByPkg) {
3996
4020
  const hasUpgrade = !!registry.getManifestData(NPM$f, name)
@@ -3998,25 +4022,26 @@ async function npmFix(
3998
4022
  spinner?.info(`Skipping ${name}. Socket Optimize package exists.`)
3999
4023
  continue
4000
4024
  }
4001
- const specs = arrays.arrayUnique(
4002
- shadowNpmInject
4003
- .findPackageNodes(arb.idealTree, name)
4004
- .map(n => `${n.name}@${n.version}`)
4025
+ const oldVersions = arrays.arrayUnique(
4026
+ shadowNpmInject.findPackageNodes(arb.idealTree, name).map(n => n.version)
4005
4027
  )
4006
4028
  const packument =
4007
- specs.length && infos.length
4029
+ oldVersions.length && infos.length
4008
4030
  ? // eslint-disable-next-line no-await-in-loop
4009
4031
  await packages.fetchPackagePackument(name)
4010
4032
  : null
4011
4033
  if (!packument) {
4012
4034
  continue
4013
4035
  }
4014
- for (const spec of specs) {
4015
- const lastAtSignIndex = spec.lastIndexOf('@')
4016
- const name = spec.slice(0, lastAtSignIndex)
4017
- const fromVersion = spec.slice(lastAtSignIndex + 1)
4018
- const fromSpec = `${name}@${fromVersion}`
4019
- const fromPurl = `pkg:npm/${fromSpec}`
4036
+ const failedSpecs = new Set()
4037
+ const fixedSpecs = new Set()
4038
+ const installedSpecs = new Set()
4039
+ const testedSpecs = new Set()
4040
+ const unavailableSpecs = new Set()
4041
+ const revertedSpecs = new Set()
4042
+ for (const oldVersion of oldVersions) {
4043
+ const oldSpec = `${name}@${oldVersion}`
4044
+ const oldPurl = `pkg:npm/${oldSpec}`
4020
4045
  for (const {
4021
4046
  firstPatchedVersionIdentifier,
4022
4047
  vulnerableVersionRange
@@ -4028,7 +4053,7 @@ async function npmFix(
4028
4053
  const node = shadowNpmInject.findPackageNode(
4029
4054
  arb.idealTree,
4030
4055
  name,
4031
- fromVersion
4056
+ oldVersion
4032
4057
  )
4033
4058
  if (!node) {
4034
4059
  continue
@@ -4036,130 +4061,172 @@ async function npmFix(
4036
4061
  if (
4037
4062
  !shadowNpmInject.updateNode(node, packument, vulnerableVersionRange)
4038
4063
  ) {
4039
- spinner?.fail(`Could not patch ${fromSpec}`)
4064
+ if (!unavailableSpecs.has(oldSpec)) {
4065
+ unavailableSpecs.add(oldSpec)
4066
+ spinner?.fail(`No update available for ${oldSpec}`)
4067
+ }
4040
4068
  continue
4041
4069
  }
4042
- const toVersion = node.package.version
4043
- const toVersionRange = shadowNpmInject.applyRange(
4044
- fromVersion,
4045
- toVersion,
4046
- rangeStyle
4047
- )
4048
- const toSpec = `${name}@${toVersionRange}`
4049
- const branch = isCi ? getSocketBranchName(fromPurl, toVersion) : ''
4050
- const { owner, repo } = isCi
4051
- ? getGitHubEnvRepoInfo()
4052
- : {
4053
- owner: '',
4054
- repo: ''
4055
- }
4056
- const shouldOpenPr = isCi
4057
- ? // eslint-disable-next-line no-await-in-loop
4058
- !(await doesPullRequestExistForBranch(owner, repo, branch))
4059
- : false
4060
- const revertData = {
4061
- ...(editablePkgJson.content.dependencies
4062
- ? {
4063
- dependencies: editablePkgJson.content.dependencies
4064
- }
4065
- : undefined),
4066
- ...(editablePkgJson.content.optionalDependencies
4067
- ? {
4068
- optionalDependencies:
4069
- editablePkgJson.content.optionalDependencies
4070
- }
4071
- : undefined),
4072
- ...(editablePkgJson.content.peerDependencies
4073
- ? {
4074
- peerDependencies: editablePkgJson.content.peerDependencies
4070
+ for (const pkgJsonPath of pkgJsonPaths) {
4071
+ const isWorkspaceRoot =
4072
+ pkgJsonPath === pkgEnvDetails.editablePkgJson.filename
4073
+ const workspaceName = isWorkspaceRoot
4074
+ ? ''
4075
+ : path$1.relative(rootPath, path$1.dirname(pkgJsonPath))
4076
+ const workspaceDetails = workspaceName ? ` in ${workspaceName}` : ''
4077
+ const editablePkgJson = isWorkspaceRoot
4078
+ ? pkgEnvDetails.editablePkgJson
4079
+ : // eslint-disable-next-line no-await-in-loop
4080
+ await packages.readPackageJson(pkgJsonPath, {
4081
+ editable: true
4082
+ })
4083
+ const newVersion = node.package.version
4084
+ const newVersionRange = shadowNpmInject.applyRange(
4085
+ oldVersion,
4086
+ newVersion,
4087
+ rangeStyle
4088
+ )
4089
+ const newSpec = `${name}@${newVersionRange}`
4090
+ const newSpecKey = `${workspaceName ? `${workspaceName}>` : ''}${newSpec}`
4091
+ const revertData = {
4092
+ ...(editablePkgJson.content.dependencies
4093
+ ? {
4094
+ dependencies: editablePkgJson.content.dependencies
4095
+ }
4096
+ : undefined),
4097
+ ...(editablePkgJson.content.optionalDependencies
4098
+ ? {
4099
+ optionalDependencies:
4100
+ editablePkgJson.content.optionalDependencies
4101
+ }
4102
+ : undefined),
4103
+ ...(editablePkgJson.content.peerDependencies
4104
+ ? {
4105
+ peerDependencies: editablePkgJson.content.peerDependencies
4106
+ }
4107
+ : undefined)
4108
+ }
4109
+ const branch = isCi
4110
+ ? getSocketBranchName(oldPurl, newVersion, workspaceName)
4111
+ : ''
4112
+ const baseBranch = isCi ? getBaseGitBranch() : ''
4113
+ const { owner, repo } = isCi
4114
+ ? getGitHubEnvRepoInfo()
4115
+ : {
4116
+ owner: '',
4117
+ repo: ''
4075
4118
  }
4076
- : undefined)
4077
- }
4078
- spinner?.info(`Installing ${toSpec}`)
4079
- const baseBranch = getBaseGitBranch()
4080
-
4081
- // eslint-disable-next-line no-await-in-loop
4082
- await gitCheckoutBaseBranchIfAvailable(baseBranch, cwd)
4083
- let error
4084
- let errored = false
4085
- let installed = false
4086
- let saved = false
4087
- try {
4119
+ const shouldOpenPr = isCi
4120
+ ? // eslint-disable-next-line no-await-in-loop
4121
+ !(await doesPullRequestExistForBranch(owner, repo, branch))
4122
+ : false
4123
+ if (isCi) {
4124
+ // eslint-disable-next-line no-await-in-loop
4125
+ await gitCheckoutBaseBranchIfAvailable(baseBranch, cwd)
4126
+ }
4088
4127
  shadowNpmInject.updatePackageJsonFromNode(
4089
4128
  editablePkgJson,
4090
4129
  arb.idealTree,
4091
4130
  node,
4092
- toVersion,
4131
+ newVersion,
4093
4132
  rangeStyle
4094
4133
  )
4095
- // eslint-disable-next-line no-await-in-loop
4096
- await editablePkgJson.save()
4097
- saved = true
4134
+ let error
4135
+ let errored = false
4136
+ let installed = false
4137
+ let saved = false
4098
4138
 
4099
4139
  // eslint-disable-next-line no-await-in-loop
4100
- await install$1(arb.idealTree, {
4101
- cwd
4102
- })
4103
- installed = true
4104
- if (test) {
4105
- spinner?.info(`Testing ${toSpec}`)
4106
- // eslint-disable-next-line no-await-in-loop
4107
- await npm.runScript(testScript, [], {
4108
- spinner,
4109
- stdio: 'ignore'
4110
- })
4111
- }
4112
- spinner?.successAndStop(`Fixed ${name}`)
4113
- spinner?.start()
4114
- } catch (e) {
4115
- error = e
4116
- errored = true
4117
- }
4118
- if (!errored && shouldOpenPr) {
4119
- // eslint-disable-next-line no-await-in-loop
4120
- await gitCreateAndPushBranchIfNeeded(
4121
- branch,
4122
- getSocketCommitMessage(fromPurl, toVersion),
4123
- cwd
4124
- )
4125
- // eslint-disable-next-line no-await-in-loop
4126
- const prResponse = await openGitHubPullRequest(
4127
- owner,
4128
- repo,
4129
- baseBranch,
4130
- branch,
4131
- fromPurl,
4132
- toVersion,
4133
- cwd
4134
- )
4135
- if (prResponse && autoMerge) {
4136
- // eslint-disable-next-line no-await-in-loop
4137
- await enableAutoMerge(prResponse.data)
4140
+ if (await editablePkgJson.save()) {
4141
+ saved = true
4138
4142
  }
4139
- }
4140
- if (errored || isCi) {
4141
- if (errored) {
4142
- spinner?.error(`Reverting ${toSpec}`, error)
4143
+ if (!installedSpecs.has(newSpecKey)) {
4144
+ testedSpecs.add(newSpecKey)
4145
+ spinner?.info(`Installing ${newSpec}${workspaceDetails}`)
4143
4146
  }
4144
- if (isRepo) {
4147
+ try {
4145
4148
  // eslint-disable-next-line no-await-in-loop
4146
- await gitHardReset(cwd)
4147
- }
4148
- if (saved) {
4149
- editablePkgJson.update(revertData)
4150
- if (!isRepo) {
4149
+ await install$1(arb.idealTree, {
4150
+ cwd
4151
+ })
4152
+ installed = true
4153
+ if (test) {
4154
+ if (!testedSpecs.has(newSpecKey)) {
4155
+ testedSpecs.add(newSpecKey)
4156
+ spinner?.info(`Testing ${newSpec}${workspaceDetails}`)
4157
+ }
4151
4158
  // eslint-disable-next-line no-await-in-loop
4152
- await editablePkgJson.save()
4159
+ await npm.runScript(testScript, [], {
4160
+ spinner,
4161
+ stdio: 'ignore'
4162
+ })
4153
4163
  }
4164
+ if (!fixedSpecs.has(newSpecKey)) {
4165
+ fixedSpecs.add(newSpecKey)
4166
+ spinner?.successAndStop(`Fixed ${name}${workspaceDetails}`)
4167
+ spinner?.start()
4168
+ }
4169
+ } catch (e) {
4170
+ error = e
4171
+ errored = true
4154
4172
  }
4155
- if (!isRepo && installed) {
4173
+ if (!errored && shouldOpenPr) {
4156
4174
  // eslint-disable-next-line no-await-in-loop
4157
- await install$1(revertTree, {
4175
+ await gitCreateAndPushBranchIfNeeded(
4176
+ branch,
4177
+ getSocketCommitMessage(oldPurl, newVersion, workspaceName),
4158
4178
  cwd
4159
- })
4179
+ )
4180
+ // eslint-disable-next-line no-await-in-loop
4181
+ const prResponse = await openGitHubPullRequest(
4182
+ owner,
4183
+ repo,
4184
+ baseBranch,
4185
+ branch,
4186
+ oldPurl,
4187
+ newVersion,
4188
+ {
4189
+ cwd,
4190
+ workspaceName
4191
+ }
4192
+ )
4193
+ if (prResponse && autoMerge) {
4194
+ // eslint-disable-next-line no-await-in-loop
4195
+ await enableAutoMerge(prResponse.data)
4196
+ }
4160
4197
  }
4161
- if (errored) {
4162
- spinner?.failAndStop(`Failed to fix ${fromSpec}`)
4198
+ if (errored || isCi) {
4199
+ if (errored) {
4200
+ if (!revertedSpecs.has(newSpecKey)) {
4201
+ revertedSpecs.add(newSpecKey)
4202
+ spinner?.error(`Reverting ${newSpec}${workspaceDetails}`, error)
4203
+ }
4204
+ }
4205
+ if (isRepo) {
4206
+ // eslint-disable-next-line no-await-in-loop
4207
+ await gitHardReset(cwd)
4208
+ }
4209
+ if (saved) {
4210
+ editablePkgJson.update(revertData)
4211
+ if (!isRepo) {
4212
+ // eslint-disable-next-line no-await-in-loop
4213
+ await editablePkgJson.save()
4214
+ }
4215
+ }
4216
+ if (!isRepo && installed) {
4217
+ // eslint-disable-next-line no-await-in-loop
4218
+ await install$1(revertTree, {
4219
+ cwd
4220
+ })
4221
+ }
4222
+ if (errored) {
4223
+ if (!failedSpecs.has(newSpecKey)) {
4224
+ failedSpecs.add(newSpecKey)
4225
+ spinner?.failAndStop(
4226
+ `Update failed for ${oldSpec}${workspaceDetails}`
4227
+ )
4228
+ }
4229
+ }
4163
4230
  }
4164
4231
  }
4165
4232
  }
@@ -4168,78 +4235,6 @@ async function npmFix(
4168
4235
  spinner?.stop()
4169
4236
  }
4170
4237
 
4171
- async function getAlertsMapFromPnpmLockfile(lockfile, options_) {
4172
- const options = {
4173
- __proto__: null,
4174
- consolidate: false,
4175
- nothrow: false,
4176
- ...options_
4177
- }
4178
- const include = {
4179
- __proto__: null,
4180
- actions: undefined,
4181
- blocked: true,
4182
- critical: true,
4183
- cve: true,
4184
- existing: false,
4185
- unfixable: true,
4186
- upgradable: false,
4187
- ...options.include
4188
- }
4189
- const { spinner } = options
4190
- const depTypes = vendor.libExports$2.detectDepTypes(lockfile)
4191
- const pkgIds = Object.keys(depTypes)
4192
- let { length: remaining } = pkgIds
4193
- const alertsByPkgId = new Map()
4194
- if (!remaining) {
4195
- return alertsByPkgId
4196
- }
4197
- const getText = () => `Looking up data for ${remaining} packages`
4198
- spinner?.start(getText())
4199
- const sockSdk = await shadowNpmInject.setupSdk(
4200
- shadowNpmInject.getPublicToken()
4201
- )
4202
- const toAlertsMapOptions = {
4203
- overrides: lockfile.overrides,
4204
- consolidate: options.consolidate,
4205
- include,
4206
- spinner
4207
- }
4208
- for await (const batchResult of sockSdk.batchPackageStream(
4209
- {
4210
- alerts: 'true',
4211
- compact: 'true',
4212
- fixable: include.unfixable ? 'false' : 'true'
4213
- },
4214
- {
4215
- components: pkgIds.map(id => ({
4216
- purl: `pkg:npm/${id}`
4217
- }))
4218
- }
4219
- )) {
4220
- if (batchResult.success) {
4221
- await shadowNpmInject.addArtifactToAlertsMap(
4222
- batchResult.data,
4223
- alertsByPkgId,
4224
- toAlertsMapOptions
4225
- )
4226
- } else if (!options.nothrow) {
4227
- const statusCode = batchResult.status ?? 'unknown'
4228
- const statusMessage = batchResult.error ?? 'No status message'
4229
- throw new Error(
4230
- `Socket API server error (${statusCode}): ${statusMessage}`
4231
- )
4232
- }
4233
- remaining -= 1
4234
- if (spinner && remaining > 0) {
4235
- spinner.start()
4236
- spinner.setText(getText())
4237
- }
4238
- }
4239
- spinner?.stop()
4240
- return alertsByPkgId
4241
- }
4242
-
4243
4238
  const {
4244
4239
  NPM: NPM$e,
4245
4240
  SOCKET_CLI_SAFE_BIN,
@@ -4326,7 +4321,7 @@ function safeNpmInstall(options) {
4326
4321
  return spawnPromise
4327
4322
  }
4328
4323
 
4329
- const { NPM: NPM$d, PNPM: PNPM$a } = constants
4324
+ const { NPM: NPM$d, PNPM: PNPM$9 } = constants
4330
4325
  function runAgentInstall(pkgEnvDetails, options) {
4331
4326
  const { agent, agentExecPath } = pkgEnvDetails
4332
4327
  // All package managers support the "install" command.
@@ -4345,7 +4340,7 @@ function runAgentInstall(pkgEnvDetails, options) {
4345
4340
  ...options
4346
4341
  }
4347
4342
  const skipNodeHardenFlags =
4348
- agent === PNPM$a && pkgEnvDetails.agentVersion.major < 11
4343
+ agent === PNPM$9 && pkgEnvDetails.agentVersion.major < 11
4349
4344
  return spawn.spawn(agentExecPath, ['install', ...args], {
4350
4345
  spinner,
4351
4346
  stdio: 'inherit',
@@ -4365,7 +4360,7 @@ function runAgentInstall(pkgEnvDetails, options) {
4365
4360
  })
4366
4361
  }
4367
4362
 
4368
- const { CI, NPM: NPM$c, OVERRIDES: OVERRIDES$2, PNPM: PNPM$9 } = constants
4363
+ const { CI, NPM: NPM$c, OVERRIDES: OVERRIDES$2, PNPM: PNPM$8 } = constants
4369
4364
  async function getActualTree(cwd = process.cwd()) {
4370
4365
  const arb = new shadowNpmInject.SafeArborist({
4371
4366
  path: cwd,
@@ -4387,15 +4382,18 @@ async function install(pkgEnvDetails, options) {
4387
4382
  }
4388
4383
  async function pnpmFix(
4389
4384
  pkgEnvDetails,
4390
- { autoMerge, cwd, rangeStyle, spinner, test, testScript }
4385
+ { autoMerge, cwd, purls, rangeStyle, spinner, test, testScript }
4391
4386
  ) {
4392
- const lockfile = await vendor.libExports$3.readWantedLockfile(cwd, {
4393
- ignoreIncompatible: false
4394
- })
4387
+ const lockfile = await vendor.libExports$3.readWantedLockfile(
4388
+ pkgEnvDetails.pkgPath,
4389
+ {
4390
+ ignoreIncompatible: false
4391
+ }
4392
+ )
4395
4393
  if (!lockfile) {
4396
4394
  return
4397
4395
  }
4398
- const alertsMap = await getAlertsMapFromPnpmLockfile(lockfile, {
4396
+ const alertMapOptions = {
4399
4397
  consolidate: true,
4400
4398
  include: {
4401
4399
  existing: true,
@@ -4403,43 +4401,61 @@ async function pnpmFix(
4403
4401
  upgradable: false
4404
4402
  },
4405
4403
  nothrow: true
4406
- })
4404
+ }
4405
+ const alertsMap = purls.length
4406
+ ? await shadowNpmInject.getAlertsMapFromPurls(purls, alertMapOptions)
4407
+ : await shadowNpmInject.getAlertsMapFromPnpmLockfile(
4408
+ lockfile,
4409
+ alertMapOptions
4410
+ )
4407
4411
  const infoByPkg = shadowNpmInject.getCveInfoByAlertsMap(alertsMap)
4408
4412
  if (!infoByPkg) {
4409
4413
  return
4410
4414
  }
4411
4415
  spinner?.start()
4412
- const editablePkgJson = await packages.readPackageJson(cwd, {
4413
- editable: true
4414
- })
4416
+
4415
4417
  // Lazily access constants.ENV[CI].
4416
4418
  const isCi = constants.ENV[CI]
4417
- const isRepo = await isInGitRepo(cwd)
4418
- let actualTree = await getActualTree(cwd)
4419
+ const { pkgPath: rootPath } = pkgEnvDetails
4420
+ const {
4421
+ 0: isRepo,
4422
+ 1: workspacePkgJsonPaths,
4423
+ 2: initialTree
4424
+ } = await Promise.all([
4425
+ isInGitRepo(cwd),
4426
+ shadowNpmPaths.globWorkspace(pkgEnvDetails),
4427
+ getActualTree(cwd)
4428
+ ])
4429
+ const pkgJsonPaths = [
4430
+ pkgEnvDetails.editablePkgJson.filename,
4431
+ ...workspacePkgJsonPaths
4432
+ ]
4433
+ let actualTree = initialTree
4419
4434
  for (const { 0: name, 1: infos } of infoByPkg) {
4420
4435
  if (registry.getManifestData(NPM$c, name)) {
4421
4436
  spinner?.info(`Skipping ${name}. Socket Optimize package exists.`)
4422
4437
  continue
4423
4438
  }
4424
- const specs = arrays.arrayUnique(
4425
- shadowNpmInject
4426
- .findPackageNodes(actualTree, name)
4427
- .map(n => `${n.name}@${n.version}`)
4439
+ const oldVersions = arrays.arrayUnique(
4440
+ shadowNpmInject.findPackageNodes(actualTree, name).map(n => n.version)
4428
4441
  )
4429
4442
  const packument =
4430
- specs.length && infos.length
4443
+ oldVersions.length && infos.length
4431
4444
  ? // eslint-disable-next-line no-await-in-loop
4432
4445
  await packages.fetchPackagePackument(name)
4433
4446
  : null
4434
4447
  if (!packument) {
4435
4448
  continue
4436
4449
  }
4437
- for (const spec of specs) {
4438
- const lastAtSignIndex = spec.lastIndexOf('@')
4439
- const name = spec.slice(0, lastAtSignIndex)
4440
- const fromVersion = spec.slice(lastAtSignIndex + 1)
4441
- const fromSpec = `${name}@${fromVersion}`
4442
- const fromPurl = `pkg:npm/${fromSpec}`
4450
+ const failedSpecs = new Set()
4451
+ const fixedSpecs = new Set()
4452
+ const installedSpecs = new Set()
4453
+ const testedSpecs = new Set()
4454
+ const unavailableSpecs = new Set()
4455
+ const revertedSpecs = new Set()
4456
+ for (const oldVersion of oldVersions) {
4457
+ const oldSpec = `${name}@${oldVersion}`
4458
+ const oldPurl = `pkg:npm/${oldSpec}`
4443
4459
  for (const {
4444
4460
  firstPatchedVersionIdentifier,
4445
4461
  vulnerableVersionRange
@@ -4447,177 +4463,219 @@ async function pnpmFix(
4447
4463
  const node = shadowNpmInject.findPackageNode(
4448
4464
  actualTree,
4449
4465
  name,
4450
- fromVersion
4466
+ oldVersion
4451
4467
  )
4452
4468
  if (!node) {
4453
4469
  continue
4454
4470
  }
4455
4471
  const availableVersions = Object.keys(packument.versions)
4456
- const toVersion = shadowNpmInject.findBestPatchVersion(
4472
+ const newVersion = shadowNpmInject.findBestPatchVersion(
4457
4473
  node,
4458
4474
  availableVersions,
4459
4475
  vulnerableVersionRange
4460
4476
  )
4461
- const targetPackument = toVersion
4462
- ? packument.versions[toVersion]
4477
+ const newVersionPackument = newVersion
4478
+ ? packument.versions[newVersion]
4463
4479
  : undefined
4464
- if (!(toVersion && targetPackument)) {
4465
- spinner?.fail(`Could not patch ${fromSpec}`)
4466
- continue
4467
- }
4468
- const oldPnpm = editablePkgJson.content[PNPM$9]
4469
- const oldPnpmKeyCount = oldPnpm ? Object.keys(oldPnpm).length : 0
4470
- const oldOverrides = oldPnpm?.[OVERRIDES$2]
4471
- const oldOverridesCount = oldOverrides
4472
- ? Object.keys(oldOverrides).length
4473
- : 0
4474
- const overrideKey = `${name}@${vulnerableVersionRange}`
4475
- const toVersionRange = shadowNpmInject.applyRange(
4476
- oldOverrides?.[overrideKey] ?? fromVersion,
4477
- toVersion,
4478
- rangeStyle
4479
- )
4480
- const toSpec = `${name}@${toVersionRange}`
4481
- const branch = isCi ? getSocketBranchName(fromPurl, toVersion) : ''
4482
- const baseBranch = isCi ? getBaseGitBranch() : ''
4483
- const { owner, repo } = isCi
4484
- ? getGitHubEnvRepoInfo()
4485
- : {
4486
- owner: '',
4487
- repo: ''
4488
- }
4489
- const shouldOpenPr = isCi
4490
- ? // eslint-disable-next-line no-await-in-loop
4491
- !(await doesPullRequestExistForBranch(owner, repo, branch))
4492
- : false
4493
- const updateData = {
4494
- [PNPM$9]: {
4495
- ...oldPnpm,
4496
- [OVERRIDES$2]: {
4497
- [overrideKey]: toVersionRange,
4498
- ...oldOverrides
4499
- }
4480
+ if (!(newVersion && newVersionPackument)) {
4481
+ if (!unavailableSpecs.has(oldSpec)) {
4482
+ unavailableSpecs.add(oldSpec)
4483
+ spinner?.fail(`No update available for ${oldSpec}`)
4500
4484
  }
4485
+ continue
4501
4486
  }
4502
- const revertData = {
4503
- [PNPM$9]: oldPnpmKeyCount
4504
- ? {
4505
- ...oldPnpm,
4506
- [OVERRIDES$2]:
4507
- oldOverridesCount === 1
4508
- ? undefined
4509
- : {
4510
- [overrideKey]: undefined,
4511
- ...oldOverrides
4512
- }
4513
- }
4514
- : undefined,
4515
- ...(editablePkgJson.content.dependencies
4516
- ? {
4517
- dependencies: editablePkgJson.content.dependencies
4518
- }
4519
- : undefined),
4520
- ...(editablePkgJson.content.optionalDependencies
4487
+ for (const pkgJsonPath of pkgJsonPaths) {
4488
+ const isWorkspaceRoot =
4489
+ pkgJsonPath === pkgEnvDetails.editablePkgJson.filename
4490
+ const workspaceName = isWorkspaceRoot
4491
+ ? ''
4492
+ : path$1.relative(rootPath, path$1.dirname(pkgJsonPath))
4493
+ const workspaceDetails = workspaceName ? ` in ${workspaceName}` : ''
4494
+ const editablePkgJson = isWorkspaceRoot
4495
+ ? pkgEnvDetails.editablePkgJson
4496
+ : // eslint-disable-next-line no-await-in-loop
4497
+ await packages.readPackageJson(pkgJsonPath, {
4498
+ editable: true
4499
+ })
4500
+ const oldPnpm = editablePkgJson.content[PNPM$8]
4501
+ const oldPnpmKeyCount = oldPnpm ? Object.keys(oldPnpm).length : 0
4502
+ const oldOverrides = oldPnpm?.[OVERRIDES$2]
4503
+ const oldOverridesCount = oldOverrides
4504
+ ? Object.keys(oldOverrides).length
4505
+ : 0
4506
+ const overrideKey = `${name}@${vulnerableVersionRange}`
4507
+ const newVersionRange = shadowNpmInject.applyRange(
4508
+ oldOverrides?.[overrideKey] ?? oldVersion,
4509
+ newVersion,
4510
+ rangeStyle
4511
+ )
4512
+ const newSpec = `${name}@${newVersionRange}`
4513
+ const newSpecKey = `${workspaceName ? `${workspaceName}>` : ''}${newSpec}`
4514
+ const updateData = isWorkspaceRoot
4521
4515
  ? {
4522
- optionalDependencies:
4523
- editablePkgJson.content.optionalDependencies
4516
+ [PNPM$8]: {
4517
+ ...oldPnpm,
4518
+ [OVERRIDES$2]: {
4519
+ [overrideKey]: newVersionRange,
4520
+ ...oldOverrides
4521
+ }
4522
+ }
4524
4523
  }
4525
- : undefined),
4526
- ...(editablePkgJson.content.peerDependencies
4527
- ? {
4528
- peerDependencies: editablePkgJson.content.peerDependencies
4524
+ : undefined
4525
+ const revertData = {
4526
+ ...(isWorkspaceRoot
4527
+ ? {
4528
+ [PNPM$8]: oldPnpmKeyCount
4529
+ ? {
4530
+ ...oldPnpm,
4531
+ [OVERRIDES$2]:
4532
+ oldOverridesCount === 1
4533
+ ? undefined
4534
+ : {
4535
+ [overrideKey]: undefined,
4536
+ ...oldOverrides
4537
+ }
4538
+ }
4539
+ : undefined
4540
+ }
4541
+ : {}),
4542
+ ...(editablePkgJson.content.dependencies
4543
+ ? {
4544
+ dependencies: editablePkgJson.content.dependencies
4545
+ }
4546
+ : undefined),
4547
+ ...(editablePkgJson.content.optionalDependencies
4548
+ ? {
4549
+ optionalDependencies:
4550
+ editablePkgJson.content.optionalDependencies
4551
+ }
4552
+ : undefined),
4553
+ ...(editablePkgJson.content.peerDependencies
4554
+ ? {
4555
+ peerDependencies: editablePkgJson.content.peerDependencies
4556
+ }
4557
+ : undefined)
4558
+ }
4559
+ const branch = isCi
4560
+ ? getSocketBranchName(oldPurl, newVersion, workspaceName)
4561
+ : ''
4562
+ const baseBranch = isCi ? getBaseGitBranch() : ''
4563
+ const { owner, repo } = isCi
4564
+ ? getGitHubEnvRepoInfo()
4565
+ : {
4566
+ owner: '',
4567
+ repo: ''
4529
4568
  }
4530
- : undefined)
4531
- }
4532
- spinner?.info(`Installing ${toSpec}`)
4533
- if (isCi) {
4534
- // eslint-disable-next-line no-await-in-loop
4535
- await gitCheckoutBaseBranchIfAvailable(baseBranch, cwd)
4536
- }
4537
- let error
4538
- let errored = false
4539
- let installed = false
4540
- let saved = false
4541
- try {
4542
- editablePkgJson.update(updateData)
4569
+ const shouldOpenPr = isCi
4570
+ ? // eslint-disable-next-line no-await-in-loop
4571
+ !(await doesPullRequestExistForBranch(owner, repo, branch))
4572
+ : false
4573
+ if (isCi) {
4574
+ // eslint-disable-next-line no-await-in-loop
4575
+ await gitCheckoutBaseBranchIfAvailable(baseBranch, cwd)
4576
+ }
4577
+ if (updateData) {
4578
+ editablePkgJson.update(updateData)
4579
+ }
4543
4580
  shadowNpmInject.updatePackageJsonFromNode(
4544
4581
  editablePkgJson,
4545
4582
  actualTree,
4546
4583
  node,
4547
- toVersion,
4584
+ newVersion,
4548
4585
  rangeStyle
4549
4586
  )
4550
- // eslint-disable-next-line no-await-in-loop
4551
- await editablePkgJson.save()
4552
- saved = true
4587
+ let error
4588
+ let errored = false
4589
+ let installed = false
4553
4590
 
4554
4591
  // eslint-disable-next-line no-await-in-loop
4555
- actualTree = await install(pkgEnvDetails, {
4556
- spinner
4557
- })
4558
- installed = true
4559
- if (test) {
4560
- spinner?.info(`Testing ${toSpec}`)
4592
+ if (!(await editablePkgJson.save())) {
4593
+ continue
4594
+ }
4595
+ if (!installedSpecs.has(newSpecKey)) {
4596
+ installedSpecs.add(newSpecKey)
4597
+ spinner?.info(`Installing ${newSpec}${workspaceDetails}`)
4598
+ }
4599
+ try {
4561
4600
  // eslint-disable-next-line no-await-in-loop
4562
- await npm.runScript(testScript, [], {
4563
- spinner,
4564
- stdio: 'ignore'
4601
+ actualTree = await install(pkgEnvDetails, {
4602
+ spinner
4565
4603
  })
4604
+ installed = true
4605
+ if (test) {
4606
+ if (!testedSpecs.has(newSpecKey)) {
4607
+ testedSpecs.add(newSpecKey)
4608
+ spinner?.info(`Testing ${newSpec}${workspaceDetails}`)
4609
+ }
4610
+ // eslint-disable-next-line no-await-in-loop
4611
+ await npm.runScript(testScript, [], {
4612
+ spinner,
4613
+ stdio: 'ignore'
4614
+ })
4615
+ }
4616
+ if (!fixedSpecs.has(newSpecKey)) {
4617
+ fixedSpecs.add(newSpecKey)
4618
+ spinner?.successAndStop(`Fixed ${name}${workspaceDetails}`)
4619
+ spinner?.start()
4620
+ }
4621
+ } catch (e) {
4622
+ error = e
4623
+ errored = true
4566
4624
  }
4567
- spinner?.successAndStop(`Fixed ${name}`)
4568
- spinner?.start()
4569
- } catch (e) {
4570
- error = e
4571
- errored = true
4572
- }
4573
- if (!errored && shouldOpenPr) {
4574
- // eslint-disable-next-line no-await-in-loop
4575
- await gitCreateAndPushBranchIfNeeded(
4576
- branch,
4577
- getSocketCommitMessage(fromPurl, toVersion),
4578
- cwd
4579
- )
4580
- // eslint-disable-next-line no-await-in-loop
4581
- const prResponse = await openGitHubPullRequest(
4582
- owner,
4583
- repo,
4584
- baseBranch,
4585
- branch,
4586
- fromPurl,
4587
- toVersion,
4588
- cwd
4589
- )
4590
- if (prResponse && autoMerge) {
4625
+ if (!errored && shouldOpenPr) {
4591
4626
  // eslint-disable-next-line no-await-in-loop
4592
- await enableAutoMerge(prResponse.data)
4593
- }
4594
- }
4595
- if (errored || isCi) {
4596
- if (errored) {
4597
- spinner?.error(`Reverting ${toSpec}`, error)
4598
- }
4599
- if (isRepo) {
4627
+ await gitCreateAndPushBranchIfNeeded(
4628
+ branch,
4629
+ getSocketCommitMessage(oldPurl, newVersion, workspaceName),
4630
+ cwd
4631
+ )
4600
4632
  // eslint-disable-next-line no-await-in-loop
4601
- await gitHardReset(cwd)
4633
+ const prResponse = await openGitHubPullRequest(
4634
+ owner,
4635
+ repo,
4636
+ baseBranch,
4637
+ branch,
4638
+ oldPurl,
4639
+ newVersion,
4640
+ {
4641
+ cwd,
4642
+ workspaceName
4643
+ }
4644
+ )
4645
+ if (prResponse && autoMerge) {
4646
+ // eslint-disable-next-line no-await-in-loop
4647
+ await enableAutoMerge(prResponse.data)
4648
+ }
4602
4649
  }
4603
- if (saved) {
4650
+ if (errored || isCi) {
4651
+ if (errored) {
4652
+ if (!revertedSpecs.has(newSpecKey)) {
4653
+ revertedSpecs.add(newSpecKey)
4654
+ spinner?.error(`Reverting ${newSpec}${workspaceDetails}`, error)
4655
+ }
4656
+ }
4604
4657
  editablePkgJson.update(revertData)
4605
- if (!isRepo) {
4658
+ if (isRepo) {
4659
+ // eslint-disable-next-line no-await-in-loop
4660
+ await gitHardReset(cwd)
4661
+ // eslint-disable-next-line no-await-in-loop
4662
+ actualTree = await getActualTree(cwd)
4663
+ } else if (installed) {
4606
4664
  // eslint-disable-next-line no-await-in-loop
4607
4665
  await editablePkgJson.save()
4666
+ // eslint-disable-next-line no-await-in-loop
4667
+ actualTree = await install(pkgEnvDetails, {
4668
+ spinner
4669
+ })
4670
+ }
4671
+ if (errored) {
4672
+ if (!failedSpecs.has(newSpecKey)) {
4673
+ failedSpecs.add(newSpecKey)
4674
+ spinner?.failAndStop(
4675
+ `Update failed for ${oldSpec}${workspaceDetails}`
4676
+ )
4677
+ }
4608
4678
  }
4609
- }
4610
- if (isRepo) {
4611
- // eslint-disable-next-line no-await-in-loop
4612
- actualTree = await getActualTree(cwd)
4613
- } else if (installed) {
4614
- // eslint-disable-next-line no-await-in-loop
4615
- actualTree = await install(pkgEnvDetails, {
4616
- spinner
4617
- })
4618
- }
4619
- if (errored) {
4620
- spinner?.failAndStop(`Failed to fix ${fromSpec}`)
4621
4679
  }
4622
4680
  }
4623
4681
  }
@@ -4626,6 +4684,29 @@ async function pnpmFix(
4626
4684
  spinner?.stop()
4627
4685
  }
4628
4686
 
4687
+ const CMD_NAME$1 = 'socket fix'
4688
+ function assignDefaultFixOptions(options) {
4689
+ if (options.autoPilot === undefined) {
4690
+ options.autoPilot = false
4691
+ }
4692
+ if (options.autoMerge === undefined) {
4693
+ options.autoMerge = !!options.autoPilot
4694
+ }
4695
+ if (options.cwd === undefined) {
4696
+ options.cwd = process.cwd()
4697
+ }
4698
+ if (options.rangeStyle === undefined) {
4699
+ options.rangeStyle = 'preserve'
4700
+ }
4701
+ if (options.test === undefined) {
4702
+ options.test = !!options.autoPilot || !!options.testScript
4703
+ }
4704
+ if (options.testScript === undefined) {
4705
+ options.testScript = 'test'
4706
+ }
4707
+ return options
4708
+ }
4709
+
4629
4710
  const {
4630
4711
  BINARY_LOCK_EXT,
4631
4712
  BUN: BUN$5,
@@ -4634,7 +4715,7 @@ const {
4634
4715
  NPM: NPM$b,
4635
4716
  NPM_BUGGY_OVERRIDES_PATCHED_VERSION: NPM_BUGGY_OVERRIDES_PATCHED_VERSION$1,
4636
4717
  PACKAGE_JSON,
4637
- PNPM: PNPM$8,
4718
+ PNPM: PNPM$7,
4638
4719
  VLT: VLT$5,
4639
4720
  YARN,
4640
4721
  YARN_BERRY: YARN_BERRY$5,
@@ -4643,7 +4724,7 @@ const {
4643
4724
  const AGENTS = new Set([
4644
4725
  BUN$5,
4645
4726
  NPM$b,
4646
- PNPM$8,
4727
+ PNPM$7,
4647
4728
  YARN_BERRY$5,
4648
4729
  YARN_CLASSIC$6,
4649
4730
  VLT$5
@@ -4651,7 +4732,7 @@ const AGENTS = new Set([
4651
4732
  const binByAgent = new Map([
4652
4733
  [BUN$5, BUN$5],
4653
4734
  [NPM$b, NPM$b],
4654
- [PNPM$8, PNPM$8],
4735
+ [PNPM$7, PNPM$7],
4655
4736
  [YARN_BERRY$5, YARN],
4656
4737
  [YARN_CLASSIC$6, YARN],
4657
4738
  [VLT$5, VLT$5]
@@ -4659,7 +4740,7 @@ const binByAgent = new Map([
4659
4740
  async function getAgentExecPath(agent) {
4660
4741
  const binName = binByAgent.get(agent)
4661
4742
  return (
4662
- (await vendor.libExports$1(binName, {
4743
+ (await vendor.libExports$2(binName, {
4663
4744
  nothrow: true
4664
4745
  })) ?? binName
4665
4746
  )
@@ -4693,8 +4774,8 @@ const LOCKS = {
4693
4774
  // https://docs.npmjs.com/cli/v10/configuring-npm/package-lock-json#package-lockjson-vs-npm-shrinkwrapjson
4694
4775
  'npm-shrinkwrap.json': NPM$b,
4695
4776
  'package-lock.json': NPM$b,
4696
- 'pnpm-lock.yaml': PNPM$8,
4697
- 'pnpm-lock.yml': PNPM$8,
4777
+ 'pnpm-lock.yaml': PNPM$7,
4778
+ 'pnpm-lock.yml': PNPM$7,
4698
4779
  [`yarn${LOCK_EXT$1}`]: YARN_CLASSIC$6,
4699
4780
  'vlt-lock.json': VLT$5,
4700
4781
  // Lastly, look for a hidden lock file which is present if .npmrc has package-lock=false:
@@ -4741,7 +4822,7 @@ const readLockFileByAgent = (() => {
4741
4822
  })
4742
4823
  ],
4743
4824
  [NPM$b, defaultReader],
4744
- [PNPM$8, defaultReader],
4825
+ [PNPM$7, defaultReader],
4745
4826
  [VLT$5, defaultReader],
4746
4827
  [YARN_BERRY$5, defaultReader],
4747
4828
  [YARN_CLASSIC$6, defaultReader]
@@ -4765,7 +4846,7 @@ async function detectPackageEnvironment({
4765
4846
  cwd
4766
4847
  })
4767
4848
  const pkgPath =
4768
- pkgJsonPath && require$$0.existsSync(pkgJsonPath)
4849
+ pkgJsonPath && fs$1.existsSync(pkgJsonPath)
4769
4850
  ? path$1.dirname(pkgJsonPath)
4770
4851
  : undefined
4771
4852
  const editablePkgJson = pkgPath
@@ -4773,11 +4854,12 @@ async function detectPackageEnvironment({
4773
4854
  editable: true
4774
4855
  })
4775
4856
  : undefined
4776
- const pkgJson = editablePkgJson?.content
4777
4857
  // Read Corepack `packageManager` field in package.json:
4778
4858
  // https://nodejs.org/api/packages.html#packagemanager
4779
- const pkgManager = strings.isNonEmptyString(pkgJson?.packageManager)
4780
- ? pkgJson.packageManager
4859
+ const pkgManager = strings.isNonEmptyString(
4860
+ editablePkgJson?.content?.packageManager
4861
+ )
4862
+ ? editablePkgJson.content.packageManager
4781
4863
  : undefined
4782
4864
  let agent
4783
4865
  let agentVersion
@@ -4825,8 +4907,8 @@ async function detectPackageEnvironment({
4825
4907
  let pkgNodeRange
4826
4908
  let pkgMinAgentVersion = minSupportedAgentVersion
4827
4909
  let pkgMinNodeVersion = minSupportedNodeVersion
4828
- if (pkgJson) {
4829
- const { engines } = pkgJson
4910
+ if (editablePkgJson?.content) {
4911
+ const { engines } = editablePkgJson.content
4830
4912
  const engineAgentRange = engines?.[agent]
4831
4913
  const engineNodeRange = engines?.['node']
4832
4914
  if (strings.isNonEmptyString(engineAgentRange)) {
@@ -4847,7 +4929,7 @@ async function detectPackageEnvironment({
4847
4929
  pkgMinNodeVersion = coerced.version
4848
4930
  }
4849
4931
  }
4850
- const browserslistQuery = pkgJson['browserslist']
4932
+ const browserslistQuery = editablePkgJson.content['browserslist']
4851
4933
  if (Array.isArray(browserslistQuery)) {
4852
4934
  // List Node targets in ascending version order.
4853
4935
  const browserslistNodeTargets = vendor
@@ -4893,6 +4975,7 @@ async function detectPackageEnvironment({
4893
4975
  agentExecPath,
4894
4976
  agentSupported,
4895
4977
  agentVersion,
4978
+ editablePkgJson,
4896
4979
  features: {
4897
4980
  npmBuggyOverrides
4898
4981
  },
@@ -4902,7 +4985,6 @@ async function detectPackageEnvironment({
4902
4985
  nodeSupported,
4903
4986
  nodeVersion,
4904
4987
  npmExecPath,
4905
- pkgJson: editablePkgJson,
4906
4988
  pkgPath,
4907
4989
  pkgRequirements: {
4908
4990
  agent: pkgAgentRange ?? `>=${pkgMinAgentVersion}`,
@@ -5026,15 +5108,14 @@ async function detectAndValidatePackageEnvironment(cwd, options) {
5026
5108
  return details
5027
5109
  }
5028
5110
 
5029
- const { NPM: NPM$a, PNPM: PNPM$7 } = constants
5030
- const CMD_NAME$2 = 'socket fix'
5111
+ const { NPM: NPM$a, PNPM: PNPM$6 } = constants
5031
5112
  async function runFix(options_) {
5032
- const options = shadowNpmInject.assignDefaultFixOptions({
5113
+ const options = assignDefaultFixOptions({
5033
5114
  __proto__: null,
5034
5115
  ...options_
5035
5116
  })
5036
5117
  const pkgEnvDetails = await detectAndValidatePackageEnvironment(options.cwd, {
5037
- cmdName: CMD_NAME$2,
5118
+ cmdName: CMD_NAME$1,
5038
5119
  logger: logger.logger
5039
5120
  })
5040
5121
  if (!pkgEnvDetails) {
@@ -5044,13 +5125,13 @@ async function runFix(options_) {
5044
5125
  const { agent } = pkgEnvDetails
5045
5126
  if (agent === NPM$a) {
5046
5127
  await npmFix(pkgEnvDetails, options)
5047
- } else if (agent === PNPM$7) {
5128
+ } else if (agent === PNPM$6) {
5048
5129
  await pnpmFix(pkgEnvDetails, options)
5049
5130
  }
5050
5131
  }
5051
5132
 
5052
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$w } = constants
5053
- const config$z = {
5133
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$x } = constants
5134
+ const config$A = {
5054
5135
  commandName: 'fix',
5055
5136
  description: 'Fix "fixable" Socket alerts',
5056
5137
  hidden: true,
@@ -5066,10 +5147,17 @@ const config$z = {
5066
5147
  default: false,
5067
5148
  description: `Enable auto-merge for pull requests that Socket opens.\n See ${vendor.terminalLinkExports('GitHub documentation', 'https://docs.github.com/en/repositories/configuring-branches-and-merges-in-your-repository/configuring-pull-request-merges/managing-auto-merge-for-pull-requests-in-your-repository')} for managing auto-merge for pull requests in your repository.`
5068
5149
  },
5150
+ purl: {
5151
+ type: 'string',
5152
+ default: [],
5153
+ description: `User provided PURL to fix`,
5154
+ isMultiple: true,
5155
+ shortFlag: 'p'
5156
+ },
5069
5157
  rangeStyle: {
5070
5158
  type: 'string',
5071
5159
  default: 'preserve',
5072
- description: vendor.stripIndent`
5160
+ description: vendor.html`
5073
5161
  Define how updated dependency versions should be written in package.json.
5074
5162
  Available styles:
5075
5163
  * caret - Use ^ range for compatible updates (e.g. ^1.2.3)
@@ -5100,14 +5188,14 @@ const config$z = {
5100
5188
  `
5101
5189
  }
5102
5190
  const cmdFix = {
5103
- description: config$z.description,
5104
- hidden: config$z.hidden,
5105
- run: run$z
5191
+ description: config$A.description,
5192
+ hidden: config$A.hidden,
5193
+ run: run$A
5106
5194
  }
5107
- async function run$z(argv, importMeta, { parentName }) {
5195
+ async function run$A(argv, importMeta, { parentName }) {
5108
5196
  const cli = meowOrExit({
5109
5197
  argv,
5110
- config: config$z,
5198
+ config: config$A,
5111
5199
  importMeta,
5112
5200
  parentName
5113
5201
  })
@@ -5121,7 +5209,7 @@ async function run$z(argv, importMeta, { parentName }) {
5121
5209
  return
5122
5210
  }
5123
5211
  if (cli.flags['dryRun']) {
5124
- logger.logger.log(DRY_RUN_BAIL_TEXT$w)
5212
+ logger.logger.log(DRY_RUN_BAIL_TEXT$x)
5125
5213
  return
5126
5214
  }
5127
5215
 
@@ -5130,6 +5218,7 @@ async function run$z(argv, importMeta, { parentName }) {
5130
5218
  await runFix({
5131
5219
  autoMerge: Boolean(cli.flags['autoMerge']),
5132
5220
  autoPilot: Boolean(cli.flags['autoPilot']),
5221
+ purls: Array.isArray(cli.flags['purl']) ? cli.flags['purl'] : [],
5133
5222
  spinner,
5134
5223
  rangeStyle: cli.flags['rangeStyle'] ?? undefined,
5135
5224
  test: Boolean(cli.flags['test']),
@@ -5230,7 +5319,7 @@ function outputPackageInfo(
5230
5319
  return
5231
5320
  }
5232
5321
  if (outputKind === 'markdown') {
5233
- logger.logger.log(vendor.stripIndents`
5322
+ logger.logger.log(vendor.html`
5234
5323
  # Package report for ${pkgName}
5235
5324
 
5236
5325
  Package report card:
@@ -5323,11 +5412,12 @@ async function handlePackageInfo({
5323
5412
  }
5324
5413
  }
5325
5414
 
5326
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$v } = constants
5327
- const config$y = {
5415
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$w } = constants
5416
+ const config$z = {
5328
5417
  commandName: 'info',
5329
5418
  description: 'Look up info regarding a package',
5330
- hidden: false,
5419
+ hidden: true,
5420
+ // Deprecated
5331
5421
  flags: {
5332
5422
  ...commonFlags,
5333
5423
  ...outputFlags,
@@ -5348,14 +5438,14 @@ const config$y = {
5348
5438
  `
5349
5439
  }
5350
5440
  const cmdInfo = {
5351
- description: config$y.description,
5352
- hidden: config$y.hidden,
5353
- run: run$y
5441
+ description: config$z.description,
5442
+ hidden: config$z.hidden,
5443
+ run: run$z
5354
5444
  }
5355
- async function run$y(argv, importMeta, { parentName }) {
5445
+ async function run$z(argv, importMeta, { parentName }) {
5356
5446
  const cli = meowOrExit({
5357
5447
  argv,
5358
- config: config$y,
5448
+ config: config$z,
5359
5449
  importMeta,
5360
5450
  parentName
5361
5451
  })
@@ -5393,11 +5483,11 @@ async function run$y(argv, importMeta, { parentName }) {
5393
5483
  const pkgVersion =
5394
5484
  versionSeparator < 1 ? 'latest' : rawPkgName.slice(versionSeparator + 1)
5395
5485
  if (cli.flags['dryRun']) {
5396
- logger.logger.log(DRY_RUN_BAIL_TEXT$v)
5486
+ logger.logger.log(DRY_RUN_BAIL_TEXT$w)
5397
5487
  return
5398
5488
  }
5399
5489
  await handlePackageInfo({
5400
- commandName: `${parentName} ${config$y.commandName}`,
5490
+ commandName: `${parentName} ${config$z.commandName}`,
5401
5491
  includeAllIssues: Boolean(all),
5402
5492
  outputKind: json ? 'json' : markdown ? 'markdown' : 'print',
5403
5493
  pkgName,
@@ -5473,7 +5563,7 @@ async function attemptLogin(apiBaseUrl, apiProxy) {
5473
5563
  logger.logger.success(
5474
5564
  `API credentials ${previousPersistedToken === apiToken ? 'refreshed' : previousPersistedToken ? 'updated' : 'set'}`
5475
5565
  )
5476
- if (!shadowNpmInject.isReadOnlyConfig()) {
5566
+ if (shadowNpmInject.isReadOnlyConfig()) {
5477
5567
  logger.logger.log('')
5478
5568
  logger.logger.warn(
5479
5569
  'Note: config is in read-only mode, at least one key was overridden through flag/env, so the login was not persisted!'
@@ -5484,8 +5574,8 @@ async function attemptLogin(apiBaseUrl, apiProxy) {
5484
5574
  }
5485
5575
  }
5486
5576
 
5487
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$u } = constants
5488
- const config$x = {
5577
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$v } = constants
5578
+ const config$y = {
5489
5579
  commandName: 'login',
5490
5580
  description: 'Socket API login',
5491
5581
  hidden: false,
@@ -5518,21 +5608,21 @@ const config$x = {
5518
5608
  `
5519
5609
  }
5520
5610
  const cmdLogin = {
5521
- description: config$x.description,
5522
- hidden: config$x.hidden,
5523
- run: run$x
5611
+ description: config$y.description,
5612
+ hidden: config$y.hidden,
5613
+ run: run$y
5524
5614
  }
5525
- async function run$x(argv, importMeta, { parentName }) {
5615
+ async function run$y(argv, importMeta, { parentName }) {
5526
5616
  const cli = meowOrExit({
5527
5617
  argv,
5528
- config: config$x,
5618
+ config: config$y,
5529
5619
  importMeta,
5530
5620
  parentName
5531
5621
  })
5532
5622
  const apiBaseUrl = cli.flags['apiBaseUrl']
5533
5623
  const apiProxy = cli.flags['apiProxy']
5534
5624
  if (cli.flags['dryRun']) {
5535
- logger.logger.log(DRY_RUN_BAIL_TEXT$u)
5625
+ logger.logger.log(DRY_RUN_BAIL_TEXT$v)
5536
5626
  return
5537
5627
  }
5538
5628
  if (!isInteractive()) {
@@ -5554,7 +5644,7 @@ function attemptLogout() {
5554
5644
  try {
5555
5645
  applyLogout()
5556
5646
  logger.logger.success('Successfully logged out')
5557
- if (!shadowNpmInject.isReadOnlyConfig()) {
5647
+ if (shadowNpmInject.isReadOnlyConfig()) {
5558
5648
  logger.logger.log('')
5559
5649
  logger.logger.warn(
5560
5650
  'Note: config is in read-only mode, at least one key was overridden through flag/env, so the logout was not persisted!'
@@ -5565,8 +5655,8 @@ function attemptLogout() {
5565
5655
  }
5566
5656
  }
5567
5657
 
5568
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$t } = constants
5569
- const config$w = {
5658
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$u } = constants
5659
+ const config$x = {
5570
5660
  commandName: 'logout',
5571
5661
  description: 'Socket API logout',
5572
5662
  hidden: false,
@@ -5581,42 +5671,60 @@ const config$w = {
5581
5671
  `
5582
5672
  }
5583
5673
  const cmdLogout = {
5584
- description: config$w.description,
5585
- hidden: config$w.hidden,
5586
- run: run$w
5674
+ description: config$x.description,
5675
+ hidden: config$x.hidden,
5676
+ run: run$x
5587
5677
  }
5588
- async function run$w(argv, importMeta, { parentName }) {
5678
+ async function run$x(argv, importMeta, { parentName }) {
5589
5679
  const cli = meowOrExit({
5590
5680
  argv,
5591
- config: config$w,
5681
+ config: config$x,
5592
5682
  importMeta,
5593
5683
  parentName
5594
5684
  })
5595
5685
  if (cli.flags['dryRun']) {
5596
- logger.logger.log(DRY_RUN_BAIL_TEXT$t)
5686
+ logger.logger.log(DRY_RUN_BAIL_TEXT$u)
5597
5687
  return
5598
5688
  }
5599
5689
  attemptLogout()
5600
5690
  }
5601
5691
 
5602
- async function convertGradleToMaven(target, bin, _out, verbose, gradleOpts) {
5603
- // Lazily access constants.spinner.
5604
- const { spinner } = constants
5605
- const rbin = path$1.resolve(bin)
5606
- const rtarget = path$1.resolve(target)
5692
+ async function convertGradleToMaven(target, bin, cwd, verbose, gradleOpts) {
5607
5693
  if (verbose) {
5608
- logger.logger.group('gradle2maven:')
5609
- logger.logger.log(`[VERBOSE] - Absolute bin path: \`${rbin}\``)
5610
- logger.logger.log(`[VERBOSE] - Absolute target path: \`${rtarget}\``)
5611
- logger.logger.groupEnd()
5694
+ logger.logger.log('[VERBOSE] Resolving:', [cwd, bin])
5695
+ }
5696
+ const rbin = path$1.resolve(cwd, bin)
5697
+ if (verbose) {
5698
+ logger.logger.log('[VERBOSE] Resolving:', [cwd, target])
5699
+ }
5700
+ const rtarget = path$1.resolve(cwd, target)
5701
+ const binExists = fs$1.existsSync(rbin)
5702
+ const targetExists = fs$1.existsSync(rtarget)
5703
+ logger.logger.group('gradle2maven:')
5704
+ if (verbose || debug.isDebug()) {
5705
+ logger.logger.log(
5706
+ `[VERBOSE] - Absolute bin path: \`${rbin}\` (${binExists ? 'found' : vendor.yoctocolorsCjsExports.red('not found!')})`
5707
+ )
5708
+ logger.logger.log(
5709
+ `[VERBOSE] - Absolute target path: \`${rtarget}\` (${targetExists ? 'found' : vendor.yoctocolorsCjsExports.red('not found!')})`
5710
+ )
5612
5711
  } else {
5613
- logger.logger.group('gradle2maven:')
5614
- logger.logger.log(`- executing: \`${bin}\``)
5615
- logger.logger.log(`- src dir: \`${target}\``)
5616
- logger.logger.groupEnd()
5712
+ logger.logger.log(`- executing: \`${rbin}\``)
5713
+ if (!binExists) {
5714
+ logger.logger.warn(
5715
+ 'Warning: It appears the executable could not be found at this location. An error might be printed later because of that.'
5716
+ )
5717
+ }
5718
+ logger.logger.log(`- src dir: \`${rtarget}\``)
5719
+ if (!targetExists) {
5720
+ logger.logger.warn(
5721
+ 'Warning: It appears the src dir could not be found at this location. An error might be printed later because of that.'
5722
+ )
5723
+ }
5617
5724
  }
5725
+ logger.logger.groupEnd()
5618
5726
  try {
5619
- // Run sbt with the init script we provide which should yield zero or more
5727
+ // Run gradlew with the init script we provide which should yield zero or more
5620
5728
  // pom files. We have to figure out where to store those pom files such that
5621
5729
  // we can upload them and predict them through the GitHub API. We could do a
5622
5730
  // .socket folder. We could do a socket.pom.gz with all the poms, although
@@ -5626,26 +5734,23 @@ async function convertGradleToMaven(target, bin, _out, verbose, gradleOpts) {
5626
5734
  const initLocation = path$1.join(constants.rootDistPath, 'init.gradle')
5627
5735
  const commandArgs = ['--init-script', initLocation, ...gradleOpts, 'pom']
5628
5736
  if (verbose) {
5629
- logger.logger.log('[VERBOSE] Executing:', bin, commandArgs)
5737
+ logger.logger.log('[VERBOSE] Executing:', [bin], ', args:', commandArgs)
5630
5738
  }
5631
- spinner.start(
5632
- `Converting gradle to maven from \`${bin}\` on \`${target}\`...`
5739
+ logger.logger.log(
5740
+ `Converting gradle to maven from \`${bin}\` on \`${target}\` ...`
5633
5741
  )
5634
- const output = await spawn.spawn(bin, commandArgs, {
5635
- cwd: target || '.'
5636
- })
5637
- spinner.stop()
5742
+ const output = await execGradleWithSpinner(rbin, commandArgs, rtarget, cwd)
5638
5743
  if (verbose) {
5639
5744
  logger.logger.group('[VERBOSE] gradle stdout:')
5640
5745
  logger.logger.log(output)
5641
5746
  logger.logger.groupEnd()
5642
5747
  }
5643
- if (output.stderr) {
5748
+ if (output.code !== 0) {
5644
5749
  process.exitCode = 1
5645
- logger.logger.fail('There were errors while running gradle')
5750
+ logger.logger.fail(`Gradle exited with exit code ${output.code}`)
5646
5751
  // (In verbose mode, stderr was printed above, no need to repeat it)
5647
5752
  if (!verbose) {
5648
- logger.logger.group('[VERBOSE] stderr:')
5753
+ logger.logger.group('stderr:')
5649
5754
  logger.logger.error(output.stderr)
5650
5755
  logger.logger.groupEnd()
5651
5756
  }
@@ -5657,41 +5762,15 @@ async function convertGradleToMaven(target, bin, _out, verbose, gradleOpts) {
5657
5762
  logger.logger.log('- ', fn)
5658
5763
  return fn
5659
5764
  })
5660
-
5661
- // const loc = output.stdout?.match(/Wrote (.*?.pom)\n/)?.[1]?.trim()
5662
- // if (!loc) {
5663
- // logger.fail(
5664
- // 'There were no errors from sbt but could not find the location of resulting .pom file either'
5665
- // )
5666
- // // eslint-disable-next-line n/no-process-exit
5667
- // process.exit(1)
5668
- // }
5669
- //
5670
- // // Move the pom file to ...? initial cwd? loc will be an absolute path, or dump to stdout
5671
- // if (out === '-') {
5672
- // spinner.start('Result:\n```')
5673
- // spinner.log(await safeReadFile(loc))
5674
- // spinner.log('```')
5675
- // spinner.successAndStop(`OK`)
5676
- // } else {
5677
- // spinner.start()
5678
- // if (verbose) {
5679
- // spinner.log(
5680
- // `Moving manifest file from \`${loc.replace(/^\/home\/[^/]*?\//, '~/')}\` to \`${out}\``
5681
- // )
5682
- // } else {
5683
- // spinner.log('Moving output pom file')
5684
- // }
5685
- // // TODO: do we prefer fs-extra? renaming can be gnarly on windows and fs-extra's version is better
5686
- // await renamep(loc, out)
5687
- // spinner.successAndStop(`OK. File should be available in \`${out}\``)
5688
- // }
5765
+ logger.logger.log('')
5766
+ logger.logger.log(
5767
+ 'Next step is to generate a Scan by running the `socket scan create` command on the same directory'
5768
+ )
5689
5769
  } catch (e) {
5690
5770
  process.exitCode = 1
5691
- spinner.stop()
5692
5771
  logger.logger.fail(
5693
- 'There was an unexpected error while running this' +
5694
- (verbose ? '' : ' (use --verbose for details)')
5772
+ 'There was an unexpected error while generating manifests' +
5773
+ (verbose ? '' : ' (use --verbose for details)')
5695
5774
  )
5696
5775
  if (verbose) {
5697
5776
  logger.logger.group('[VERBOSE] error:')
@@ -5700,9 +5779,39 @@ async function convertGradleToMaven(target, bin, _out, verbose, gradleOpts) {
5700
5779
  }
5701
5780
  }
5702
5781
  }
5782
+ async function execGradleWithSpinner(bin, commandArgs, target, cwd) {
5783
+ // Lazily access constants.spinner.
5784
+ const { spinner } = constants
5785
+ let pass = false
5786
+ try {
5787
+ spinner.start(
5788
+ `Running gradlew... (this can take a while, it depends on how long gradlew has to run)`
5789
+ )
5790
+ const output = await spawn.spawn(bin, commandArgs, {
5791
+ // We can pipe the output through to have the user see the result
5792
+ // of running gradlew, but then we can't (easily) gather the output
5793
+ // to discover the generated files... probably a flag we should allow?
5794
+ // stdio: isDebug() ? 'inherit' : undefined,
5795
+ cwd: target || cwd
5796
+ })
5797
+ pass = true
5798
+ const { code, stderr, stdout } = output
5799
+ return {
5800
+ code,
5801
+ stdout,
5802
+ stderr
5803
+ }
5804
+ } finally {
5805
+ if (pass) {
5806
+ spinner.successAndStop('Completed gradlew execution')
5807
+ } else {
5808
+ spinner.failAndStop('There was an error while trying to run gradlew.')
5809
+ }
5810
+ }
5811
+ }
5703
5812
 
5704
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$s } = constants
5705
- const config$v = {
5813
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$t } = constants
5814
+ const config$w = {
5706
5815
  commandName: 'gradle',
5707
5816
  description:
5708
5817
  '[beta] Use Gradle to generate a manifest file (`pom.xml`) for a Gradle/Java/Kotlin/etc project',
@@ -5723,16 +5832,6 @@ const config$v = {
5723
5832
  description:
5724
5833
  'Additional options to pass on to ./gradlew, see `./gradlew --help`'
5725
5834
  },
5726
- out: {
5727
- type: 'string',
5728
- default: './socket.pom.xml',
5729
- description:
5730
- 'Path of output file; where to store the resulting manifest, see also --stdout'
5731
- },
5732
- stdout: {
5733
- type: 'boolean',
5734
- description: 'Print resulting pom.xml to stdout (supersedes --out)'
5735
- },
5736
5835
  task: {
5737
5836
  type: 'string',
5738
5837
  default: 'all',
@@ -5777,20 +5876,20 @@ const config$v = {
5777
5876
  `
5778
5877
  }
5779
5878
  const cmdManifestGradle = {
5780
- description: config$v.description,
5781
- hidden: config$v.hidden,
5782
- run: run$v
5879
+ description: config$w.description,
5880
+ hidden: config$w.hidden,
5881
+ run: run$w
5783
5882
  }
5784
- async function run$v(argv, importMeta, { parentName }) {
5883
+ async function run$w(argv, importMeta, { parentName }) {
5785
5884
  const cli = meowOrExit({
5786
5885
  argv,
5787
- config: config$v,
5886
+ config: config$w,
5788
5887
  importMeta,
5789
5888
  parentName
5790
5889
  })
5791
5890
  const verbose = Boolean(cli.flags['verbose'])
5792
5891
  if (verbose) {
5793
- logger.logger.group('- ', parentName, config$v.commandName, ':')
5892
+ logger.logger.group('- ', parentName, config$w.commandName, ':')
5794
5893
  logger.logger.group('- flags:', cli.flags)
5795
5894
  logger.logger.groupEnd()
5796
5895
  logger.logger.log('- input:', cli.input)
@@ -5811,7 +5910,7 @@ async function run$v(argv, importMeta, { parentName }) {
5811
5910
  },
5812
5911
  {
5813
5912
  nook: true,
5814
- test: cli.input.length === 1,
5913
+ test: cli.input.length <= 1,
5815
5914
  message: 'Can only accept one DIR (make sure to escape spaces!)',
5816
5915
  pass: 'ok',
5817
5916
  fail: 'received ' + cli.input.length
@@ -5820,24 +5919,12 @@ async function run$v(argv, importMeta, { parentName }) {
5820
5919
  if (wasBadInput) {
5821
5920
  return
5822
5921
  }
5823
- let bin
5824
- if (cli.flags['bin']) {
5825
- bin = cli.flags['bin']
5826
- } else {
5827
- bin = path$1.join(target, 'gradlew')
5828
- }
5829
- let out = './socket.pom.xml'
5830
- if (cli.flags['out']) {
5831
- out = cli.flags['out']
5832
- }
5833
- if (cli.flags['stdout']) {
5834
- out = '-'
5835
- }
5922
+ const { bin = path$1.join(target, 'gradlew'), cwd = process.cwd() } =
5923
+ cli.flags
5836
5924
  if (verbose) {
5837
5925
  logger.logger.group()
5838
5926
  logger.logger.log('- target:', target)
5839
5927
  logger.logger.log('- gradle bin:', bin)
5840
- logger.logger.log('- out:', out)
5841
5928
  logger.logger.groupEnd()
5842
5929
  }
5843
5930
  let gradleOpts = []
@@ -5848,10 +5935,16 @@ async function run$v(argv, importMeta, { parentName }) {
5848
5935
  .filter(Boolean)
5849
5936
  }
5850
5937
  if (cli.flags['dryRun']) {
5851
- logger.logger.log(DRY_RUN_BAIL_TEXT$s)
5938
+ logger.logger.log(DRY_RUN_BAIL_TEXT$t)
5852
5939
  return
5853
5940
  }
5854
- await convertGradleToMaven(target, bin, out, verbose, gradleOpts)
5941
+ await convertGradleToMaven(
5942
+ target,
5943
+ String(bin),
5944
+ String(cwd),
5945
+ verbose,
5946
+ gradleOpts
5947
+ )
5855
5948
  }
5856
5949
 
5857
5950
  async function convertSbtToMaven(target, bin, out, verbose, sbtOpts) {
@@ -5957,8 +6050,8 @@ async function convertSbtToMaven(target, bin, out, verbose, sbtOpts) {
5957
6050
  }
5958
6051
  }
5959
6052
 
5960
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$r } = constants
5961
- const config$u = {
6053
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$s } = constants
6054
+ const config$v = {
5962
6055
  commandName: 'scala',
5963
6056
  description:
5964
6057
  "[beta] Generate a manifest file (`pom.xml`) from Scala's `build.sbt` file",
@@ -6033,20 +6126,20 @@ const config$u = {
6033
6126
  `
6034
6127
  }
6035
6128
  const cmdManifestScala = {
6036
- description: config$u.description,
6037
- hidden: config$u.hidden,
6038
- run: run$u
6129
+ description: config$v.description,
6130
+ hidden: config$v.hidden,
6131
+ run: run$v
6039
6132
  }
6040
- async function run$u(argv, importMeta, { parentName }) {
6133
+ async function run$v(argv, importMeta, { parentName }) {
6041
6134
  const cli = meowOrExit({
6042
6135
  argv,
6043
- config: config$u,
6136
+ config: config$v,
6044
6137
  importMeta,
6045
6138
  parentName
6046
6139
  })
6047
6140
  const verbose = Boolean(cli.flags['verbose'])
6048
6141
  if (verbose) {
6049
- logger.logger.group('- ', parentName, config$u.commandName, ':')
6142
+ logger.logger.group('- ', parentName, config$v.commandName, ':')
6050
6143
  logger.logger.group('- flags:', cli.flags)
6051
6144
  logger.logger.groupEnd()
6052
6145
  logger.logger.log('- input:', cli.input)
@@ -6067,7 +6160,7 @@ async function run$u(argv, importMeta, { parentName }) {
6067
6160
  },
6068
6161
  {
6069
6162
  nook: true,
6070
- test: cli.input.length === 1,
6163
+ test: cli.input.length <= 1,
6071
6164
  message: 'Can only accept one DIR (make sure to escape spaces!)',
6072
6165
  pass: 'ok',
6073
6166
  fail: 'received ' + cli.input.length
@@ -6102,14 +6195,14 @@ async function run$u(argv, importMeta, { parentName }) {
6102
6195
  .filter(Boolean)
6103
6196
  }
6104
6197
  if (cli.flags['dryRun']) {
6105
- logger.logger.log(DRY_RUN_BAIL_TEXT$r)
6198
+ logger.logger.log(DRY_RUN_BAIL_TEXT$s)
6106
6199
  return
6107
6200
  }
6108
6201
  await convertSbtToMaven(target, bin, out, verbose, sbtOpts)
6109
6202
  }
6110
6203
 
6111
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$q } = constants
6112
- const config$t = {
6204
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$r } = constants
6205
+ const config$u = {
6113
6206
  commandName: 'auto',
6114
6207
  description: 'Auto-detect build and attempt to generate manifest file',
6115
6208
  hidden: false,
@@ -6139,21 +6232,21 @@ const config$t = {
6139
6232
  `
6140
6233
  }
6141
6234
  const cmdManifestAuto = {
6142
- description: config$t.description,
6143
- hidden: config$t.hidden,
6144
- run: run$t
6235
+ description: config$u.description,
6236
+ hidden: config$u.hidden,
6237
+ run: run$u
6145
6238
  }
6146
- async function run$t(argv, importMeta, { parentName }) {
6239
+ async function run$u(argv, importMeta, { parentName }) {
6147
6240
  const cli = meowOrExit({
6148
6241
  argv,
6149
- config: config$t,
6242
+ config: config$u,
6150
6243
  importMeta,
6151
6244
  parentName
6152
6245
  })
6153
6246
  const verbose = !!cli.flags['verbose']
6154
6247
  const cwd = cli.flags['cwd'] ?? process.cwd()
6155
6248
  if (verbose) {
6156
- logger.logger.group('- ', parentName, config$t.commandName, ':')
6249
+ logger.logger.group('- ', parentName, config$u.commandName, ':')
6157
6250
  logger.logger.group('- flags:', cli.flags)
6158
6251
  logger.logger.groupEnd()
6159
6252
  logger.logger.log('- input:', cli.input)
@@ -6165,7 +6258,7 @@ async function run$t(argv, importMeta, { parentName }) {
6165
6258
  subArgs.push('--verbose')
6166
6259
  }
6167
6260
  const dir = cwd
6168
- if (require$$0.existsSync(path$1.join(dir, 'build.sbt'))) {
6261
+ if (fs$1.existsSync(path$1.join(dir, 'build.sbt'))) {
6169
6262
  logger.logger.log(
6170
6263
  'Detected a Scala sbt build, running default Scala generator...'
6171
6264
  )
@@ -6174,7 +6267,7 @@ async function run$t(argv, importMeta, { parentName }) {
6174
6267
  }
6175
6268
  subArgs.push(dir)
6176
6269
  if (cli.flags['dryRun']) {
6177
- logger.logger.log(DRY_RUN_BAIL_TEXT$q)
6270
+ logger.logger.log(DRY_RUN_BAIL_TEXT$r)
6178
6271
  return
6179
6272
  }
6180
6273
  await cmdManifestScala.run(subArgs, importMeta, {
@@ -6182,7 +6275,7 @@ async function run$t(argv, importMeta, { parentName }) {
6182
6275
  })
6183
6276
  return
6184
6277
  }
6185
- if (require$$0.existsSync(path$1.join(dir, 'gradlew'))) {
6278
+ if (fs$1.existsSync(path$1.join(dir, 'gradlew'))) {
6186
6279
  logger.logger.log(
6187
6280
  'Detected a gradle build, running default gradle generator...'
6188
6281
  )
@@ -6191,7 +6284,7 @@ async function run$t(argv, importMeta, { parentName }) {
6191
6284
  subArgs.push(cwd)
6192
6285
  }
6193
6286
  if (cli.flags['dryRun']) {
6194
- logger.logger.log(DRY_RUN_BAIL_TEXT$q)
6287
+ logger.logger.log(DRY_RUN_BAIL_TEXT$r)
6195
6288
  return
6196
6289
  }
6197
6290
  await cmdManifestGradle.run(subArgs, importMeta, {
@@ -6200,7 +6293,7 @@ async function run$t(argv, importMeta, { parentName }) {
6200
6293
  return
6201
6294
  }
6202
6295
  if (cli.flags['dryRun']) {
6203
- logger.logger.log(DRY_RUN_BAIL_TEXT$q)
6296
+ logger.logger.log(DRY_RUN_BAIL_TEXT$r)
6204
6297
  return
6205
6298
  }
6206
6299
 
@@ -6208,7 +6301,7 @@ async function run$t(argv, importMeta, { parentName }) {
6208
6301
  vendor
6209
6302
  .meow(
6210
6303
  `
6211
- $ ${parentName} ${config$t.commandName}
6304
+ $ ${parentName} ${config$u.commandName}
6212
6305
 
6213
6306
  Unfortunately this script did not discover a supported language in the
6214
6307
  current folder.
@@ -6222,21 +6315,21 @@ async function run$t(argv, importMeta, { parentName }) {
6222
6315
  `,
6223
6316
  {
6224
6317
  argv: [],
6225
- description: config$t.description,
6318
+ description: config$u.description,
6226
6319
  importMeta
6227
6320
  }
6228
6321
  )
6229
6322
  .showHelp()
6230
6323
  }
6231
6324
 
6232
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$p } = constants
6325
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$q } = constants
6233
6326
 
6234
6327
  // TODO: we may want to dedupe some pieces for all gradle languages. I think it
6235
6328
  // makes sense to have separate commands for them and I think it makes
6236
6329
  // sense for the help panels to note the requested language, rather than
6237
6330
  // `socket manifest kotlin` to print help screens with `gradle` as the
6238
6331
  // command. Room for improvement.
6239
- const config$s = {
6332
+ const config$t = {
6240
6333
  commandName: 'kotlin',
6241
6334
  description:
6242
6335
  '[beta] Use Gradle to generate a manifest file (`pom.xml`) for a Kotlin project',
@@ -6257,16 +6350,6 @@ const config$s = {
6257
6350
  description:
6258
6351
  'Additional options to pass on to ./gradlew, see `./gradlew --help`'
6259
6352
  },
6260
- out: {
6261
- type: 'string',
6262
- default: './socket.pom.xml',
6263
- description:
6264
- 'Path of output file; where to store the resulting manifest, see also --stdout'
6265
- },
6266
- stdout: {
6267
- type: 'boolean',
6268
- description: 'Print resulting pom.xml to stdout (supersedes --out)'
6269
- },
6270
6353
  task: {
6271
6354
  type: 'string',
6272
6355
  default: 'all',
@@ -6311,20 +6394,20 @@ const config$s = {
6311
6394
  `
6312
6395
  }
6313
6396
  const cmdManifestKotlin = {
6314
- description: config$s.description,
6315
- hidden: config$s.hidden,
6316
- run: run$s
6397
+ description: config$t.description,
6398
+ hidden: config$t.hidden,
6399
+ run: run$t
6317
6400
  }
6318
- async function run$s(argv, importMeta, { parentName }) {
6401
+ async function run$t(argv, importMeta, { parentName }) {
6319
6402
  const cli = meowOrExit({
6320
6403
  argv,
6321
- config: config$s,
6404
+ config: config$t,
6322
6405
  importMeta,
6323
6406
  parentName
6324
6407
  })
6325
6408
  const verbose = Boolean(cli.flags['verbose'])
6326
6409
  if (verbose) {
6327
- logger.logger.group('- ', parentName, config$s.commandName, ':')
6410
+ logger.logger.group('- ', parentName, config$t.commandName, ':')
6328
6411
  logger.logger.group('- flags:', cli.flags)
6329
6412
  logger.logger.groupEnd()
6330
6413
  logger.logger.log('- input:', cli.input)
@@ -6345,7 +6428,7 @@ async function run$s(argv, importMeta, { parentName }) {
6345
6428
  },
6346
6429
  {
6347
6430
  nook: true,
6348
- test: cli.input.length === 1,
6431
+ test: cli.input.length <= 1,
6349
6432
  message: 'Can only accept one DIR (make sure to escape spaces!)',
6350
6433
  pass: 'ok',
6351
6434
  fail: 'received ' + cli.input.length
@@ -6354,24 +6437,12 @@ async function run$s(argv, importMeta, { parentName }) {
6354
6437
  if (wasBadInput) {
6355
6438
  return
6356
6439
  }
6357
- let bin
6358
- if (cli.flags['bin']) {
6359
- bin = cli.flags['bin']
6360
- } else {
6361
- bin = path$1.join(target, 'gradlew')
6362
- }
6363
- let out = './socket.pom.xml'
6364
- if (cli.flags['out']) {
6365
- out = cli.flags['out']
6366
- }
6367
- if (cli.flags['stdout']) {
6368
- out = '-'
6369
- }
6440
+ const { bin = path$1.join(target, 'gradlew'), cwd = process.cwd() } =
6441
+ cli.flags
6370
6442
  if (verbose) {
6371
6443
  logger.logger.group()
6372
6444
  logger.logger.log('- target:', target)
6373
6445
  logger.logger.log('- gradle bin:', bin)
6374
- logger.logger.log('- out:', out)
6375
6446
  logger.logger.groupEnd()
6376
6447
  }
6377
6448
  let gradleOpts = []
@@ -6382,13 +6453,19 @@ async function run$s(argv, importMeta, { parentName }) {
6382
6453
  .filter(Boolean)
6383
6454
  }
6384
6455
  if (cli.flags['dryRun']) {
6385
- logger.logger.log(DRY_RUN_BAIL_TEXT$p)
6456
+ logger.logger.log(DRY_RUN_BAIL_TEXT$q)
6386
6457
  return
6387
6458
  }
6388
- await convertGradleToMaven(target, bin, out, verbose, gradleOpts)
6459
+ await convertGradleToMaven(
6460
+ target,
6461
+ String(bin),
6462
+ String(cwd),
6463
+ verbose,
6464
+ gradleOpts
6465
+ )
6389
6466
  }
6390
6467
 
6391
- const config$r = {
6468
+ const config$s = {
6392
6469
  commandName: 'manifest',
6393
6470
  description: 'Generate a dependency manifest for given file or dir',
6394
6471
  hidden: false,
@@ -6397,11 +6474,11 @@ const config$r = {
6397
6474
  }
6398
6475
  }
6399
6476
  const cmdManifest = {
6400
- description: config$r.description,
6401
- hidden: config$r.hidden,
6402
- run: run$r
6477
+ description: config$s.description,
6478
+ hidden: config$s.hidden,
6479
+ run: run$s
6403
6480
  }
6404
- async function run$r(argv, importMeta, { parentName }) {
6481
+ async function run$s(argv, importMeta, { parentName }) {
6405
6482
  await meowWithSubcommands(
6406
6483
  {
6407
6484
  auto: cmdManifestAuto,
@@ -6413,15 +6490,15 @@ async function run$r(argv, importMeta, { parentName }) {
6413
6490
  argv,
6414
6491
  aliases: {
6415
6492
  yolo: {
6416
- description: config$r.description,
6493
+ description: config$s.description,
6417
6494
  hidden: true,
6418
6495
  argv: ['auto']
6419
6496
  }
6420
6497
  },
6421
- description: config$r.description,
6498
+ description: config$s.description,
6422
6499
  importMeta,
6423
- flags: config$r.flags,
6424
- name: `${parentName} ${config$r.commandName}`
6500
+ flags: config$s.flags,
6501
+ name: `${parentName} ${config$s.commandName}`
6425
6502
  }
6426
6503
  )
6427
6504
  }
@@ -6433,8 +6510,8 @@ async function wrapNpm(argv) {
6433
6510
  await shadowBin(NPM$8, argv)
6434
6511
  }
6435
6512
 
6436
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$o, NPM: NPM$7 } = constants
6437
- const config$q = {
6513
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$p, NPM: NPM$7 } = constants
6514
+ const config$r = {
6438
6515
  commandName: 'npm',
6439
6516
  description: `${NPM$7} wrapper functionality`,
6440
6517
  hidden: false,
@@ -6447,20 +6524,20 @@ const config$q = {
6447
6524
  `
6448
6525
  }
6449
6526
  const cmdNpm = {
6450
- description: config$q.description,
6451
- hidden: config$q.hidden,
6452
- run: run$q
6527
+ description: config$r.description,
6528
+ hidden: config$r.hidden,
6529
+ run: run$r
6453
6530
  }
6454
- async function run$q(argv, importMeta, { parentName }) {
6531
+ async function run$r(argv, importMeta, { parentName }) {
6455
6532
  const cli = meowOrExit({
6456
6533
  allowUnknownFlags: true,
6457
6534
  argv,
6458
- config: config$q,
6535
+ config: config$r,
6459
6536
  importMeta,
6460
6537
  parentName
6461
6538
  })
6462
6539
  if (cli.flags['dryRun']) {
6463
- logger.logger.log(DRY_RUN_BAIL_TEXT$o)
6540
+ logger.logger.log(DRY_RUN_BAIL_TEXT$p)
6464
6541
  return
6465
6542
  }
6466
6543
  await wrapNpm(argv)
@@ -6473,8 +6550,8 @@ async function wrapNpx(argv) {
6473
6550
  await shadowBin(NPX$2, argv)
6474
6551
  }
6475
6552
 
6476
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$n, NPX: NPX$1 } = constants
6477
- const config$p = {
6553
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$o, NPX: NPX$1 } = constants
6554
+ const config$q = {
6478
6555
  commandName: 'npx',
6479
6556
  description: `${NPX$1} wrapper functionality`,
6480
6557
  hidden: false,
@@ -6487,27 +6564,27 @@ const config$p = {
6487
6564
  `
6488
6565
  }
6489
6566
  const cmdNpx = {
6490
- description: config$p.description,
6491
- hidden: config$p.hidden,
6492
- run: run$p
6567
+ description: config$q.description,
6568
+ hidden: config$q.hidden,
6569
+ run: run$q
6493
6570
  }
6494
- async function run$p(argv, importMeta, { parentName }) {
6571
+ async function run$q(argv, importMeta, { parentName }) {
6495
6572
  const cli = meowOrExit({
6496
6573
  allowUnknownFlags: true,
6497
6574
  argv,
6498
- config: config$p,
6575
+ config: config$q,
6499
6576
  importMeta,
6500
6577
  parentName
6501
6578
  })
6502
6579
  if (cli.flags['dryRun']) {
6503
- logger.logger.log(DRY_RUN_BAIL_TEXT$n)
6580
+ logger.logger.log(DRY_RUN_BAIL_TEXT$o)
6504
6581
  return
6505
6582
  }
6506
6583
  await wrapNpx(argv)
6507
6584
  }
6508
6585
 
6509
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$m } = constants
6510
- const config$o = {
6586
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$n } = constants
6587
+ const config$p = {
6511
6588
  commandName: 'oops',
6512
6589
  description: 'Trigger an intentional error (for development)',
6513
6590
  hidden: true,
@@ -6522,19 +6599,19 @@ const config$o = {
6522
6599
  `
6523
6600
  }
6524
6601
  const cmdOops = {
6525
- description: config$o.description,
6526
- hidden: config$o.hidden,
6527
- run: run$o
6602
+ description: config$p.description,
6603
+ hidden: config$p.hidden,
6604
+ run: run$p
6528
6605
  }
6529
- async function run$o(argv, importMeta, { parentName }) {
6606
+ async function run$p(argv, importMeta, { parentName }) {
6530
6607
  const cli = meowOrExit({
6531
6608
  argv,
6532
- config: config$o,
6609
+ config: config$p,
6533
6610
  importMeta,
6534
6611
  parentName
6535
6612
  })
6536
6613
  if (cli.flags['dryRun']) {
6537
- logger.logger.log(DRY_RUN_BAIL_TEXT$m)
6614
+ logger.logger.log(DRY_RUN_BAIL_TEXT$n)
6538
6615
  return
6539
6616
  }
6540
6617
  throw new Error('This error was intentionally left blank')
@@ -6543,7 +6620,7 @@ async function run$o(argv, importMeta, { parentName }) {
6543
6620
  const {
6544
6621
  BUN: BUN$4,
6545
6622
  NPM: NPM$6,
6546
- PNPM: PNPM$6,
6623
+ PNPM: PNPM$5,
6547
6624
  VLT: VLT$4,
6548
6625
  YARN_BERRY: YARN_BERRY$4,
6549
6626
  YARN_CLASSIC: YARN_CLASSIC$5
@@ -6557,19 +6634,19 @@ function matchQueryCmdStdout(stdout, name) {
6557
6634
  const depsIncludesByAgent = new Map([
6558
6635
  [BUN$4, matchLsCmdViewHumanStdout],
6559
6636
  [NPM$6, matchQueryCmdStdout],
6560
- [PNPM$6, matchQueryCmdStdout],
6637
+ [PNPM$5, matchQueryCmdStdout],
6561
6638
  [VLT$4, matchQueryCmdStdout],
6562
6639
  [YARN_BERRY$4, matchLsCmdViewHumanStdout],
6563
6640
  [YARN_CLASSIC$5, matchLsCmdViewHumanStdout]
6564
6641
  ])
6565
6642
 
6566
- function getDependencyEntries(editablePkgJson) {
6643
+ function getDependencyEntries(pkgEnvDetails) {
6567
6644
  const {
6568
6645
  dependencies,
6569
6646
  devDependencies,
6570
6647
  optionalDependencies,
6571
6648
  peerDependencies
6572
- } = editablePkgJson.content
6649
+ } = pkgEnvDetails.editablePkgJson.content
6573
6650
  return [
6574
6651
  [
6575
6652
  'dependencies',
@@ -6614,14 +6691,14 @@ const {
6614
6691
  BUN: BUN$3,
6615
6692
  NPM: NPM$5,
6616
6693
  OVERRIDES: OVERRIDES$1,
6617
- PNPM: PNPM$5,
6694
+ PNPM: PNPM$4,
6618
6695
  RESOLUTIONS: RESOLUTIONS$1,
6619
6696
  VLT: VLT$3,
6620
6697
  YARN_BERRY: YARN_BERRY$3,
6621
6698
  YARN_CLASSIC: YARN_CLASSIC$4
6622
6699
  } = constants
6623
- function getOverridesDataBun(editablePkgJson) {
6624
- const overrides = editablePkgJson.content?.[RESOLUTIONS$1] ?? {}
6700
+ function getOverridesDataBun(pkgEnvDetails) {
6701
+ const overrides = pkgEnvDetails.editablePkgJson.content?.[RESOLUTIONS$1] ?? {}
6625
6702
  return {
6626
6703
  type: YARN_BERRY$3,
6627
6704
  overrides
@@ -6630,8 +6707,8 @@ function getOverridesDataBun(editablePkgJson) {
6630
6707
 
6631
6708
  // npm overrides documentation:
6632
6709
  // https://docs.npmjs.com/cli/v10/configuring-npm/package-json#overrides
6633
- function getOverridesDataNpm(editablePkgJson) {
6634
- const overrides = editablePkgJson.content?.[OVERRIDES$1] ?? {}
6710
+ function getOverridesDataNpm(pkgEnvDetails) {
6711
+ const overrides = pkgEnvDetails.editablePkgJson.content?.[OVERRIDES$1] ?? {}
6635
6712
  return {
6636
6713
  type: NPM$5,
6637
6714
  overrides
@@ -6640,15 +6717,16 @@ function getOverridesDataNpm(editablePkgJson) {
6640
6717
 
6641
6718
  // pnpm overrides documentation:
6642
6719
  // https://pnpm.io/package_json#pnpmoverrides
6643
- function getOverridesDataPnpm(editablePkgJson) {
6644
- const overrides = editablePkgJson.content?.[PNPM$5]?.[OVERRIDES$1] ?? {}
6720
+ function getOverridesDataPnpm(pkgEnvDetails) {
6721
+ const overrides =
6722
+ pkgEnvDetails.editablePkgJson.content?.[PNPM$4]?.[OVERRIDES$1] ?? {}
6645
6723
  return {
6646
- type: PNPM$5,
6724
+ type: PNPM$4,
6647
6725
  overrides
6648
6726
  }
6649
6727
  }
6650
- function getOverridesDataVlt(editablePkgJson) {
6651
- const overrides = editablePkgJson.content?.[OVERRIDES$1] ?? {}
6728
+ function getOverridesDataVlt(pkgEnvDetails) {
6729
+ const overrides = pkgEnvDetails.editablePkgJson.content?.[OVERRIDES$1] ?? {}
6652
6730
  return {
6653
6731
  type: VLT$3,
6654
6732
  overrides
@@ -6657,8 +6735,8 @@ function getOverridesDataVlt(editablePkgJson) {
6657
6735
 
6658
6736
  // Yarn resolutions documentation:
6659
6737
  // https://yarnpkg.com/configuration/manifest#resolutions
6660
- function getOverridesDataYarn(editablePkgJson) {
6661
- const overrides = editablePkgJson.content?.[RESOLUTIONS$1] ?? {}
6738
+ function getOverridesDataYarn(pkgEnvDetails) {
6739
+ const overrides = pkgEnvDetails.editablePkgJson.content?.[RESOLUTIONS$1] ?? {}
6662
6740
  return {
6663
6741
  type: YARN_BERRY$3,
6664
6742
  overrides
@@ -6667,8 +6745,8 @@ function getOverridesDataYarn(editablePkgJson) {
6667
6745
 
6668
6746
  // Yarn resolutions documentation:
6669
6747
  // https://classic.yarnpkg.com/en/docs/selective-version-resolutions
6670
- function getOverridesDataYarnClassic(editablePkgJson) {
6671
- const overrides = editablePkgJson.content?.[RESOLUTIONS$1] ?? {}
6748
+ function getOverridesDataYarnClassic(pkgEnvDetails) {
6749
+ const overrides = pkgEnvDetails.editablePkgJson.content?.[RESOLUTIONS$1] ?? {}
6672
6750
  return {
6673
6751
  type: YARN_CLASSIC$4,
6674
6752
  overrides
@@ -6677,62 +6755,12 @@ function getOverridesDataYarnClassic(editablePkgJson) {
6677
6755
  const overridesDataByAgent = new Map([
6678
6756
  [BUN$3, getOverridesDataBun],
6679
6757
  [NPM$5, getOverridesDataNpm],
6680
- [PNPM$5, getOverridesDataPnpm],
6758
+ [PNPM$4, getOverridesDataPnpm],
6681
6759
  [VLT$3, getOverridesDataVlt],
6682
6760
  [YARN_BERRY$3, getOverridesDataYarn],
6683
6761
  [YARN_CLASSIC$4, getOverridesDataYarnClassic]
6684
6762
  ])
6685
6763
 
6686
- const { PNPM: PNPM$4 } = constants
6687
- const PNPM_WORKSPACE = `${PNPM$4}-workspace`
6688
- async function getWorkspaceGlobs(agent, pkgPath, editablePkgJson) {
6689
- let workspacePatterns
6690
- if (agent === PNPM$4) {
6691
- for (const workspacePath of [
6692
- path$1.join(pkgPath, `${PNPM_WORKSPACE}.yaml`),
6693
- path$1.join(pkgPath, `${PNPM_WORKSPACE}.yml`)
6694
- ]) {
6695
- // eslint-disable-next-line no-await-in-loop
6696
- const yml = await shadowNpmInject.safeReadFile(workspacePath)
6697
- if (yml) {
6698
- try {
6699
- workspacePatterns = vendor.distExports$1.parse(yml)?.packages
6700
- } catch {}
6701
- if (workspacePatterns) {
6702
- break
6703
- }
6704
- }
6705
- }
6706
- } else {
6707
- workspacePatterns = editablePkgJson.content['workspaces']
6708
- }
6709
- return Array.isArray(workspacePatterns)
6710
- ? workspacePatterns
6711
- .filter(strings.isNonEmptyString)
6712
- .map(workspacePatternToGlobPattern)
6713
- : undefined
6714
- }
6715
- function workspacePatternToGlobPattern(workspace) {
6716
- const { length } = workspace
6717
- if (!length) {
6718
- return ''
6719
- }
6720
- // If the workspace ends with "/"
6721
- if (workspace.charCodeAt(length - 1) === 47 /*'/'*/) {
6722
- return `${workspace}/*/package.json`
6723
- }
6724
- // If the workspace ends with "/**"
6725
- if (
6726
- workspace.charCodeAt(length - 1) === 42 /*'*'*/ &&
6727
- workspace.charCodeAt(length - 2) === 42 /*'*'*/ &&
6728
- workspace.charCodeAt(length - 3) === 47 /*'/'*/
6729
- ) {
6730
- return `${workspace}/*/**/package.json`
6731
- }
6732
- // Things like "packages/a" or "packages/*"
6733
- return `${workspace}/package.json`
6734
- }
6735
-
6736
6764
  const {
6737
6765
  BUN: BUN$2,
6738
6766
  LOCK_EXT,
@@ -6850,22 +6878,22 @@ async function npmQuery(npmExecPath, cwd) {
6850
6878
  } catch {}
6851
6879
  return cleanupQueryStdout(stdout)
6852
6880
  }
6853
- async function lsBun(agentExecPath, cwd) {
6881
+ async function lsBun(pkgEnvDetails, cwd) {
6854
6882
  try {
6855
6883
  // Bun does not support filtering by production packages yet.
6856
6884
  // https://github.com/oven-sh/bun/issues/8283
6857
6885
  return (
6858
- await spawn.spawn(agentExecPath, ['pm', 'ls', '--all'], {
6886
+ await spawn.spawn(pkgEnvDetails.agentExecPath, ['pm', 'ls', '--all'], {
6859
6887
  cwd
6860
6888
  })
6861
6889
  ).stdout
6862
6890
  } catch {}
6863
6891
  return ''
6864
6892
  }
6865
- async function lsNpm(agentExecPath, cwd) {
6866
- return await npmQuery(agentExecPath, cwd)
6893
+ async function lsNpm(pkgEnvDetails, cwd) {
6894
+ return await npmQuery(pkgEnvDetails.agentExecPath, cwd)
6867
6895
  }
6868
- async function lsPnpm(agentExecPath, cwd, options) {
6896
+ async function lsPnpm(pkgEnvDetails, cwd, options) {
6869
6897
  const npmExecPath = options?.npmExecPath
6870
6898
  if (npmExecPath && npmExecPath !== NPM$3) {
6871
6899
  const result = await npmQuery(npmExecPath, cwd)
@@ -6877,7 +6905,7 @@ async function lsPnpm(agentExecPath, cwd, options) {
6877
6905
  try {
6878
6906
  stdout = (
6879
6907
  await spawn.spawn(
6880
- agentExecPath,
6908
+ pkgEnvDetails.agentExecPath,
6881
6909
  // Pnpm uses the alternative spelling of parsable.
6882
6910
  // https://en.wiktionary.org/wiki/parsable
6883
6911
  ['ls', '--parseable', '--prod', '--depth', 'Infinity'],
@@ -6889,13 +6917,13 @@ async function lsPnpm(agentExecPath, cwd, options) {
6889
6917
  } catch {}
6890
6918
  return parsableToQueryStdout(stdout)
6891
6919
  }
6892
- async function lsVlt(agentExecPath, cwd) {
6920
+ async function lsVlt(pkgEnvDetails, cwd) {
6893
6921
  let stdout = ''
6894
6922
  try {
6895
6923
  // See https://docs.vlt.sh/cli/commands/list#options.
6896
6924
  stdout = (
6897
6925
  await spawn.spawn(
6898
- agentExecPath,
6926
+ pkgEnvDetails.agentExecPath,
6899
6927
  ['ls', '--view', 'human', ':not(.dev)'],
6900
6928
  {
6901
6929
  cwd
@@ -6905,14 +6933,14 @@ async function lsVlt(agentExecPath, cwd) {
6905
6933
  } catch {}
6906
6934
  return cleanupQueryStdout(stdout)
6907
6935
  }
6908
- async function lsYarnBerry(agentExecPath, cwd) {
6936
+ async function lsYarnBerry(pkgEnvDetails, cwd) {
6909
6937
  try {
6910
6938
  return (
6911
6939
  // Yarn Berry does not support filtering by production packages yet.
6912
6940
  // https://github.com/yarnpkg/berry/issues/5117
6913
6941
  (
6914
6942
  await spawn.spawn(
6915
- agentExecPath,
6943
+ pkgEnvDetails.agentExecPath,
6916
6944
  ['info', '--recursive', '--name-only'],
6917
6945
  {
6918
6946
  cwd
@@ -6923,14 +6951,14 @@ async function lsYarnBerry(agentExecPath, cwd) {
6923
6951
  } catch {}
6924
6952
  return ''
6925
6953
  }
6926
- async function lsYarnClassic(agentExecPath, cwd) {
6954
+ async function lsYarnClassic(pkgEnvDetails, cwd) {
6927
6955
  try {
6928
6956
  // However, Yarn Classic does support it.
6929
6957
  // https://github.com/yarnpkg/yarn/releases/tag/v1.0.0
6930
6958
  // > Fix: Excludes dev dependencies from the yarn list output when the
6931
6959
  // environment is production
6932
6960
  return (
6933
- await spawn.spawn(agentExecPath, ['list', '--prod'], {
6961
+ await spawn.spawn(pkgEnvDetails.agentExecPath, ['list', '--prod'], {
6934
6962
  cwd
6935
6963
  })
6936
6964
  ).stdout.trim()
@@ -6946,6 +6974,8 @@ const lsByAgent = new Map([
6946
6974
  [YARN_CLASSIC$2, lsYarnClassic]
6947
6975
  ])
6948
6976
 
6977
+ const CMD_NAME = 'socket optimize'
6978
+
6949
6979
  const {
6950
6980
  BUN,
6951
6981
  NPM: NPM$2,
@@ -7075,14 +7105,14 @@ function updatePkgJsonField(editablePkgJson, field, value) {
7075
7105
  `${JSON.stringify(Object.fromEntries(entries), null, 2)}\n`
7076
7106
  )
7077
7107
  }
7078
- function updateOverridesField(editablePkgJson, overrides) {
7079
- updatePkgJsonField(editablePkgJson, OVERRIDES, overrides)
7108
+ function updateOverridesField(pkgEnvDetails, overrides) {
7109
+ updatePkgJsonField(pkgEnvDetails.editablePkgJson, OVERRIDES, overrides)
7080
7110
  }
7081
- function updateResolutionsField(editablePkgJson, overrides) {
7082
- updatePkgJsonField(editablePkgJson, RESOLUTIONS, overrides)
7111
+ function updateResolutionsField(pkgEnvDetails, overrides) {
7112
+ updatePkgJsonField(pkgEnvDetails.editablePkgJson, RESOLUTIONS, overrides)
7083
7113
  }
7084
- function updatePnpmField(editablePkgJson, overrides) {
7085
- updatePkgJsonField(editablePkgJson, PNPM$1, overrides)
7114
+ function updatePnpmField(pkgEnvDetails, overrides) {
7115
+ updatePkgJsonField(pkgEnvDetails.editablePkgJson, PNPM$1, overrides)
7086
7116
  }
7087
7117
  const updateManifestByAgent = new Map([
7088
7118
  [BUN, updateResolutionsField],
@@ -7094,12 +7124,10 @@ const updateManifestByAgent = new Map([
7094
7124
  ])
7095
7125
 
7096
7126
  const { NPM: NPM$1, PNPM, YARN_CLASSIC } = constants
7097
- const CMD_NAME$1 = 'socket optimize'
7098
7127
  const manifestNpmOverrides = registry.getManifestData(NPM$1)
7099
- async function addOverrides(pkgPath, pkgEnvDetails, options) {
7128
+ async function addOverrides(pkgEnvDetails, pkgPath, options) {
7100
7129
  const {
7101
7130
  agent,
7102
- agentExecPath,
7103
7131
  lockName,
7104
7132
  lockSrc,
7105
7133
  npmExecPath,
@@ -7115,27 +7143,19 @@ async function addOverrides(pkgPath, pkgEnvDetails, options) {
7115
7143
  addedInWorkspaces: new Set(),
7116
7144
  updated: new Set(),
7117
7145
  updatedInWorkspaces: new Set(),
7118
- warnedPnpmWorkspaceRequiresNpm: false
7146
+ warnedPnpmWorkspaceRequiresNpm: false,
7147
+ workspacePkgJsonPaths: await shadowNpmPaths.globWorkspace(pkgEnvDetails)
7119
7148
  }
7120
7149
  } = {
7121
7150
  __proto__: null,
7122
7151
  ...options
7123
7152
  }
7124
- let { pkgJson: editablePkgJson } = pkgEnvDetails
7125
- if (editablePkgJson === undefined) {
7126
- editablePkgJson = await packages.readPackageJson(pkgPath, {
7127
- editable: true
7128
- })
7129
- }
7130
- const workspaceName = path$1.relative(rootPath, pkgPath)
7131
- const workspaceGlobs = await getWorkspaceGlobs(
7132
- agent,
7133
- pkgPath,
7134
- editablePkgJson
7135
- )
7136
- const isRoot = pkgPath === rootPath
7137
- const isLockScanned = isRoot && !prod
7138
- const isWorkspace = !!workspaceGlobs
7153
+ const isWorkspace = state.workspacePkgJsonPaths.length > 0
7154
+ const isWorkspaceRoot = pkgPath === rootPath
7155
+ const isLockScanned = isWorkspaceRoot && !prod
7156
+ const workspaceName = isWorkspaceRoot
7157
+ ? ''
7158
+ : path$1.relative(rootPath, pkgPath)
7139
7159
  if (
7140
7160
  isWorkspace &&
7141
7161
  agent === PNPM &&
@@ -7146,25 +7166,25 @@ async function addOverrides(pkgPath, pkgEnvDetails, options) {
7146
7166
  state.warnedPnpmWorkspaceRequiresNpm = true
7147
7167
  logger?.warn(
7148
7168
  cmdPrefixMessage(
7149
- CMD_NAME$1,
7169
+ CMD_NAME,
7150
7170
  `${agent} workspace support requires \`npm ls\`, falling back to \`${agent} list\``
7151
7171
  )
7152
7172
  )
7153
7173
  }
7154
7174
  const overridesDataObjects = []
7155
- if (editablePkgJson.content['private'] || isWorkspace) {
7156
- overridesDataObjects.push(overridesDataByAgent.get(agent)(editablePkgJson))
7175
+ if (isWorkspace || pkgEnvDetails.editablePkgJson.content['private']) {
7176
+ overridesDataObjects.push(overridesDataByAgent.get(agent)(pkgEnvDetails))
7157
7177
  } else {
7158
7178
  overridesDataObjects.push(
7159
- overridesDataByAgent.get(NPM$1)(editablePkgJson),
7160
- overridesDataByAgent.get(YARN_CLASSIC)(editablePkgJson)
7179
+ overridesDataByAgent.get(NPM$1)(pkgEnvDetails),
7180
+ overridesDataByAgent.get(YARN_CLASSIC)(pkgEnvDetails)
7161
7181
  )
7162
7182
  }
7163
7183
  spinner?.setText(
7164
7184
  `Adding overrides${workspaceName ? ` to ${workspaceName}` : ''}...`
7165
7185
  )
7166
7186
  const depAliasMap = new Map()
7167
- const depEntries = getDependencyEntries(editablePkgJson)
7187
+ const depEntries = getDependencyEntries(pkgEnvDetails)
7168
7188
  const manifestEntries = manifestNpmOverrides.filter(({ 1: data }) =>
7169
7189
  vendor.semverExports.satisfies(
7170
7190
  // Roughly check Node range as semver.coerce will strip leading
@@ -7215,7 +7235,7 @@ async function addOverrides(pkgPath, pkgEnvDetails, options) {
7215
7235
  depAliasMap.set(origPkgName, thisSpec)
7216
7236
  }
7217
7237
  }
7218
- if (isRoot) {
7238
+ if (isWorkspaceRoot) {
7219
7239
  // The AgentDepsIncludesFn and AgentLockIncludesFn types overlap in their
7220
7240
  // first two parameters. AgentLockIncludesFn accepts an optional third
7221
7241
  // parameter which AgentDepsIncludesFn will ignore so we cast thingScanner
@@ -7225,7 +7245,7 @@ async function addOverrides(pkgPath, pkgEnvDetails, options) {
7225
7245
  : depsIncludesByAgent.get(agent)
7226
7246
  const thingToScan = isLockScanned
7227
7247
  ? lockSrc
7228
- : await lsByAgent.get(agent)(agentExecPath, pkgPath, {
7248
+ : await lsByAgent.get(agent)(pkgEnvDetails, pkgPath, {
7229
7249
  npmExecPath
7230
7250
  })
7231
7251
  // Chunk package names to process them in parallel 3 at a time.
@@ -7291,28 +7311,21 @@ async function addOverrides(pkgPath, pkgEnvDetails, options) {
7291
7311
  )
7292
7312
  }
7293
7313
  })
7294
- if (workspaceGlobs) {
7295
- const workspacePkgJsonPaths = await vendor.distExports.glob(
7296
- workspaceGlobs,
7297
- {
7298
- absolute: true,
7299
- cwd: pkgPath,
7300
- ignore: ['**/node_modules/**', '**/bower_components/**']
7301
- }
7302
- )
7314
+ if (isWorkspace) {
7303
7315
  // Chunk package names to process them in parallel 3 at a time.
7304
7316
  await promises.pEach(
7305
- workspacePkgJsonPaths,
7317
+ state.workspacePkgJsonPaths,
7306
7318
  3,
7307
7319
  async workspacePkgJsonPath => {
7308
7320
  const otherState = await addOverrides(
7309
- path$1.dirname(workspacePkgJsonPath),
7310
7321
  pkgEnvDetails,
7322
+ path$1.dirname(workspacePkgJsonPath),
7311
7323
  {
7312
7324
  logger,
7313
7325
  pin,
7314
7326
  prod,
7315
- spinner
7327
+ spinner,
7328
+ state
7316
7329
  }
7317
7330
  )
7318
7331
  for (const key of [
@@ -7329,14 +7342,14 @@ async function addOverrides(pkgPath, pkgEnvDetails, options) {
7329
7342
  )
7330
7343
  }
7331
7344
  if (state.added.size > 0 || state.updated.size > 0) {
7332
- editablePkgJson.update(Object.fromEntries(depEntries))
7345
+ pkgEnvDetails.editablePkgJson.update(Object.fromEntries(depEntries))
7333
7346
  for (const { overrides, type } of overridesDataObjects) {
7334
7347
  updateManifestByAgent.get(type)(
7335
- editablePkgJson,
7348
+ pkgEnvDetails,
7336
7349
  objects.toSortedObject(overrides)
7337
7350
  )
7338
7351
  }
7339
- await editablePkgJson.save()
7352
+ await pkgEnvDetails.editablePkgJson.save()
7340
7353
  }
7341
7354
  return state
7342
7355
  }
@@ -7382,7 +7395,6 @@ async function updateLockfile(pkgEnvDetails, options) {
7382
7395
  }
7383
7396
  }
7384
7397
 
7385
- const CMD_NAME = 'socket optimize'
7386
7398
  function createActionMessage(verb, overrideCount, workspaceCount) {
7387
7399
  return `${verb} ${overrideCount} Socket.dev optimized ${words.pluralize('override', overrideCount)}${workspaceCount ? ` in ${workspaceCount} ${words.pluralize('workspace', workspaceCount)}` : ''}`
7388
7400
  }
@@ -7398,7 +7410,7 @@ async function applyOptimization(cwd, pin, prod) {
7398
7410
  // Lazily access constants.spinner.
7399
7411
  const { spinner } = constants
7400
7412
  spinner.start('Socket optimizing...')
7401
- const state = await addOverrides(pkgEnvDetails.pkgPath, pkgEnvDetails, {
7413
+ const state = await addOverrides(pkgEnvDetails, pkgEnvDetails.pkgPath, {
7402
7414
  logger: logger.logger,
7403
7415
  pin,
7404
7416
  prod,
@@ -7431,8 +7443,8 @@ async function applyOptimization(cwd, pin, prod) {
7431
7443
  }
7432
7444
  }
7433
7445
 
7434
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$l } = constants
7435
- const config$n = {
7446
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$m } = constants
7447
+ const config$o = {
7436
7448
  commandName: 'optimize',
7437
7449
  description: 'Optimize dependencies with @socketregistry overrides',
7438
7450
  hidden: false,
@@ -7462,20 +7474,20 @@ const config$n = {
7462
7474
  `
7463
7475
  }
7464
7476
  const cmdOptimize = {
7465
- description: config$n.description,
7466
- hidden: config$n.hidden,
7467
- run: run$n
7477
+ description: config$o.description,
7478
+ hidden: config$o.hidden,
7479
+ run: run$o
7468
7480
  }
7469
- async function run$n(argv, importMeta, { parentName }) {
7481
+ async function run$o(argv, importMeta, { parentName }) {
7470
7482
  const cli = meowOrExit({
7471
7483
  argv,
7472
- config: config$n,
7484
+ config: config$o,
7473
7485
  importMeta,
7474
7486
  parentName
7475
7487
  })
7476
7488
  const cwd = process.cwd()
7477
7489
  if (cli.flags['dryRun']) {
7478
- logger.logger.log(DRY_RUN_BAIL_TEXT$l)
7490
+ logger.logger.log(DRY_RUN_BAIL_TEXT$m)
7479
7491
  return
7480
7492
  }
7481
7493
  await applyOptimization(
@@ -7576,8 +7588,8 @@ async function handleOrganizationList(outputKind = 'text') {
7576
7588
  await outputOrganizationList(data, outputKind)
7577
7589
  }
7578
7590
 
7579
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$k } = constants
7580
- const config$m = {
7591
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$l } = constants
7592
+ const config$n = {
7581
7593
  commandName: 'list',
7582
7594
  description: 'List organizations associated with the API key used',
7583
7595
  hidden: false,
@@ -7594,18 +7606,18 @@ const config$m = {
7594
7606
  - Permissions: none (does need a token)
7595
7607
 
7596
7608
  Options
7597
- ${getFlagListOutput(config$m.flags, 6)}
7609
+ ${getFlagListOutput(config$n.flags, 6)}
7598
7610
  `
7599
7611
  }
7600
7612
  const cmdOrganizationList = {
7601
- description: config$m.description,
7602
- hidden: config$m.hidden,
7603
- run: run$m
7613
+ description: config$n.description,
7614
+ hidden: config$n.hidden,
7615
+ run: run$n
7604
7616
  }
7605
- async function run$m(argv, importMeta, { parentName }) {
7617
+ async function run$n(argv, importMeta, { parentName }) {
7606
7618
  const cli = meowOrExit({
7607
7619
  argv,
7608
- config: config$m,
7620
+ config: config$n,
7609
7621
  importMeta,
7610
7622
  parentName
7611
7623
  })
@@ -7633,7 +7645,7 @@ async function run$m(argv, importMeta, { parentName }) {
7633
7645
  return
7634
7646
  }
7635
7647
  if (cli.flags['dryRun']) {
7636
- logger.logger.log(DRY_RUN_BAIL_TEXT$k)
7648
+ logger.logger.log(DRY_RUN_BAIL_TEXT$l)
7637
7649
  return
7638
7650
  }
7639
7651
  await handleOrganizationList(json ? 'json' : markdown ? 'markdown' : 'text')
@@ -7677,8 +7689,7 @@ async function outputLicensePolicy(data, outputKind) {
7677
7689
  logger.logger.log('This is the license policy for your organization:')
7678
7690
  logger.logger.log('')
7679
7691
  const rules = data.license_policy
7680
- // @ts-ignore -- not sure what it's complaining about
7681
- const entries = Object.entries(rules)
7692
+ const entries = rules ? Object.entries(rules) : []
7682
7693
  const mapped = entries.map(([key, value]) => [
7683
7694
  key,
7684
7695
  value.allowed ? ' yes' : ' no'
@@ -7696,10 +7707,10 @@ async function handleLicensePolicy(orgSlug, outputKind) {
7696
7707
  await outputLicensePolicy(data, outputKind)
7697
7708
  }
7698
7709
 
7699
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$j } = constants
7710
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$k } = constants
7700
7711
 
7701
7712
  // TODO: secret toplevel alias `socket license policy`?
7702
- const config$l = {
7713
+ const config$m = {
7703
7714
  commandName: 'license',
7704
7715
  description: 'Retrieve the license policy of an organization',
7705
7716
  hidden: true,
@@ -7716,7 +7727,7 @@ const config$l = {
7716
7727
  - Permissions: license-policy:read
7717
7728
 
7718
7729
  Options
7719
- ${getFlagListOutput(config$l.flags, 6)}
7730
+ ${getFlagListOutput(config$m.flags, 6)}
7720
7731
 
7721
7732
  Your API token will need the \`license-policy:read\` permission otherwise
7722
7733
  the request will fail with an authentication error.
@@ -7727,14 +7738,14 @@ const config$l = {
7727
7738
  `
7728
7739
  }
7729
7740
  const cmdOrganizationPolicyLicense = {
7730
- description: config$l.description,
7731
- hidden: config$l.hidden,
7732
- run: run$l
7741
+ description: config$m.description,
7742
+ hidden: config$m.hidden,
7743
+ run: run$m
7733
7744
  }
7734
- async function run$l(argv, importMeta, { parentName }) {
7745
+ async function run$m(argv, importMeta, { parentName }) {
7735
7746
  const cli = meowOrExit({
7736
7747
  argv,
7737
- config: config$l,
7748
+ config: config$m,
7738
7749
  importMeta,
7739
7750
  parentName
7740
7751
  })
@@ -7771,7 +7782,7 @@ async function run$l(argv, importMeta, { parentName }) {
7771
7782
  return
7772
7783
  }
7773
7784
  if (cli.flags['dryRun']) {
7774
- logger.logger.log(DRY_RUN_BAIL_TEXT$j)
7785
+ logger.logger.log(DRY_RUN_BAIL_TEXT$k)
7775
7786
  return
7776
7787
  }
7777
7788
  await handleLicensePolicy(
@@ -7823,7 +7834,7 @@ async function outputSecurityPolicy(data, outputKind) {
7823
7834
  )
7824
7835
  logger.logger.log('')
7825
7836
  const rules = data.securityPolicyRules
7826
- const entries = Object.entries(rules)
7837
+ const entries = rules ? Object.entries(rules) : []
7827
7838
  const mapped = entries.map(([key, value]) => [key, value.action])
7828
7839
  mapped.sort(([a], [b]) => (a < b ? -1 : a > b ? 1 : 0))
7829
7840
  logger.logger.log(mdTableOfPairs(mapped, ['name', 'action']))
@@ -7838,10 +7849,10 @@ async function handleSecurityPolicy(orgSlug, outputKind) {
7838
7849
  await outputSecurityPolicy(data, outputKind)
7839
7850
  }
7840
7851
 
7841
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$i } = constants
7852
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$j } = constants
7842
7853
 
7843
7854
  // TODO: secret toplevel alias `socket security policy`?
7844
- const config$k = {
7855
+ const config$l = {
7845
7856
  commandName: 'security',
7846
7857
  description: 'Retrieve the security policy of an organization',
7847
7858
  hidden: true,
@@ -7858,7 +7869,7 @@ const config$k = {
7858
7869
  - Permissions: security-policy:read
7859
7870
 
7860
7871
  Options
7861
- ${getFlagListOutput(config$k.flags, 6)}
7872
+ ${getFlagListOutput(config$l.flags, 6)}
7862
7873
 
7863
7874
  Your API token will need the \`security-policy:read\` permission otherwise
7864
7875
  the request will fail with an authentication error.
@@ -7869,14 +7880,14 @@ const config$k = {
7869
7880
  `
7870
7881
  }
7871
7882
  const cmdOrganizationPolicyPolicy = {
7872
- description: config$k.description,
7873
- hidden: config$k.hidden,
7874
- run: run$k
7883
+ description: config$l.description,
7884
+ hidden: config$l.hidden,
7885
+ run: run$l
7875
7886
  }
7876
- async function run$k(argv, importMeta, { parentName }) {
7887
+ async function run$l(argv, importMeta, { parentName }) {
7877
7888
  const cli = meowOrExit({
7878
7889
  argv,
7879
- config: config$k,
7890
+ config: config$l,
7880
7891
  importMeta,
7881
7892
  parentName
7882
7893
  })
@@ -7913,7 +7924,7 @@ async function run$k(argv, importMeta, { parentName }) {
7913
7924
  return
7914
7925
  }
7915
7926
  if (cli.flags['dryRun']) {
7916
- logger.logger.log(DRY_RUN_BAIL_TEXT$i)
7927
+ logger.logger.log(DRY_RUN_BAIL_TEXT$j)
7917
7928
  return
7918
7929
  }
7919
7930
  await handleSecurityPolicy(
@@ -7999,8 +8010,8 @@ async function handleQuota(outputKind = 'text') {
7999
8010
  await outputQuota(data, outputKind)
8000
8011
  }
8001
8012
 
8002
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$h } = constants
8003
- const config$j = {
8013
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$i } = constants
8014
+ const config$k = {
8004
8015
  commandName: 'quota',
8005
8016
  description: 'List organizations associated with the API key used',
8006
8017
  hidden: true,
@@ -8013,18 +8024,18 @@ const config$j = {
8013
8024
  $ ${command}
8014
8025
 
8015
8026
  Options
8016
- ${getFlagListOutput(config$j.flags, 6)}
8027
+ ${getFlagListOutput(config$k.flags, 6)}
8017
8028
  `
8018
8029
  }
8019
8030
  const cmdOrganizationQuota = {
8020
- description: config$j.description,
8021
- hidden: config$j.hidden,
8022
- run: run$j
8031
+ description: config$k.description,
8032
+ hidden: config$k.hidden,
8033
+ run: run$k
8023
8034
  }
8024
- async function run$j(argv, importMeta, { parentName }) {
8035
+ async function run$k(argv, importMeta, { parentName }) {
8025
8036
  const cli = meowOrExit({
8026
8037
  argv,
8027
- config: config$j,
8038
+ config: config$k,
8028
8039
  importMeta,
8029
8040
  parentName
8030
8041
  })
@@ -8052,7 +8063,7 @@ async function run$j(argv, importMeta, { parentName }) {
8052
8063
  return
8053
8064
  }
8054
8065
  if (cli.flags['dryRun']) {
8055
- logger.logger.log(DRY_RUN_BAIL_TEXT$h)
8066
+ logger.logger.log(DRY_RUN_BAIL_TEXT$i)
8056
8067
  return
8057
8068
  }
8058
8069
  await handleQuota(json ? 'json' : markdown ? 'markdown' : 'text')
@@ -8393,8 +8404,8 @@ function parsePackageSpecifiers(ecosystem, pkgs) {
8393
8404
  }
8394
8405
  }
8395
8406
 
8396
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$g } = constants
8397
- const config$i = {
8407
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$h } = constants
8408
+ const config$j = {
8398
8409
  commandName: 'score',
8399
8410
  description:
8400
8411
  '[beta] Look up score for one package which reflects all of its transitive dependencies as well',
@@ -8437,14 +8448,14 @@ const config$i = {
8437
8448
  `
8438
8449
  }
8439
8450
  const cmdPackageScore = {
8440
- description: config$i.description,
8441
- hidden: config$i.hidden,
8442
- run: run$i
8451
+ description: config$j.description,
8452
+ hidden: config$j.hidden,
8453
+ run: run$j
8443
8454
  }
8444
- async function run$i(argv, importMeta, { parentName }) {
8455
+ async function run$j(argv, importMeta, { parentName }) {
8445
8456
  const cli = meowOrExit({
8446
8457
  argv,
8447
- config: config$i,
8458
+ config: config$j,
8448
8459
  importMeta,
8449
8460
  parentName
8450
8461
  })
@@ -8485,7 +8496,7 @@ async function run$i(argv, importMeta, { parentName }) {
8485
8496
  return
8486
8497
  }
8487
8498
  if (cli.flags['dryRun']) {
8488
- logger.logger.log(DRY_RUN_BAIL_TEXT$g)
8499
+ logger.logger.log(DRY_RUN_BAIL_TEXT$h)
8489
8500
  return
8490
8501
  }
8491
8502
  await handlePurlDeepScore(
@@ -8550,7 +8561,7 @@ function outputPurlsShallowScore(purls, packageData, outputKind) {
8550
8561
  return true // not found
8551
8562
  })
8552
8563
  if (outputKind === 'markdown') {
8553
- logger.logger.log(vendor.stripIndents`
8564
+ logger.logger.log(vendor.html`
8554
8565
  # Shallow Package Report
8555
8566
 
8556
8567
  This report contains the response for requesting data on some package url(s).
@@ -8691,8 +8702,8 @@ async function handlePurlsShallowScore({ outputKind, purls }) {
8691
8702
  outputPurlsShallowScore(purls, packageData.data, outputKind)
8692
8703
  }
8693
8704
 
8694
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$f } = constants
8695
- const config$h = {
8705
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$g } = constants
8706
+ const config$i = {
8696
8707
  commandName: 'shallow',
8697
8708
  description:
8698
8709
  '[beta] Look up info regarding one or more packages but not their transitives',
@@ -8735,21 +8746,21 @@ const config$h = {
8735
8746
  `
8736
8747
  }
8737
8748
  const cmdPackageShallow = {
8738
- description: config$h.description,
8739
- hidden: config$h.hidden,
8749
+ description: config$i.description,
8750
+ hidden: config$i.hidden,
8740
8751
  alias: {
8741
8752
  shallowScore: {
8742
- description: config$h.description,
8753
+ description: config$i.description,
8743
8754
  hidden: true,
8744
8755
  argv: []
8745
8756
  }
8746
8757
  },
8747
- run: run$h
8758
+ run: run$i
8748
8759
  }
8749
- async function run$h(argv, importMeta, { parentName }) {
8760
+ async function run$i(argv, importMeta, { parentName }) {
8750
8761
  const cli = meowOrExit({
8751
8762
  argv,
8752
- config: config$h,
8763
+ config: config$i,
8753
8764
  importMeta,
8754
8765
  parentName
8755
8766
  })
@@ -8782,7 +8793,7 @@ async function run$h(argv, importMeta, { parentName }) {
8782
8793
  return
8783
8794
  }
8784
8795
  if (cli.flags['dryRun']) {
8785
- logger.logger.log(DRY_RUN_BAIL_TEXT$f)
8796
+ logger.logger.log(DRY_RUN_BAIL_TEXT$g)
8786
8797
  return
8787
8798
  }
8788
8799
  await handlePurlsShallowScore({
@@ -8834,8 +8845,8 @@ async function runRawNpm(argv) {
8834
8845
  await spawnPromise
8835
8846
  }
8836
8847
 
8837
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$e, NPM } = constants
8838
- const config$g = {
8848
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$f, NPM } = constants
8849
+ const config$h = {
8839
8850
  commandName: 'raw-npm',
8840
8851
  description: `Temporarily disable the Socket ${NPM} wrapper`,
8841
8852
  hidden: false,
@@ -8849,20 +8860,20 @@ const config$g = {
8849
8860
  `
8850
8861
  }
8851
8862
  const cmdRawNpm = {
8852
- description: config$g.description,
8853
- hidden: config$g.hidden,
8854
- run: run$g
8863
+ description: config$h.description,
8864
+ hidden: config$h.hidden,
8865
+ run: run$h
8855
8866
  }
8856
- async function run$g(argv, importMeta, { parentName }) {
8867
+ async function run$h(argv, importMeta, { parentName }) {
8857
8868
  const cli = meowOrExit({
8858
8869
  allowUnknownFlags: true,
8859
8870
  argv,
8860
- config: config$g,
8871
+ config: config$h,
8861
8872
  importMeta,
8862
8873
  parentName
8863
8874
  })
8864
8875
  if (cli.flags['dryRun']) {
8865
- logger.logger.log(DRY_RUN_BAIL_TEXT$e)
8876
+ logger.logger.log(DRY_RUN_BAIL_TEXT$f)
8866
8877
  return
8867
8878
  }
8868
8879
  await runRawNpm(argv)
@@ -8884,8 +8895,8 @@ async function runRawNpx(argv) {
8884
8895
  await spawnPromise
8885
8896
  }
8886
8897
 
8887
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$d, NPX } = constants
8888
- const config$f = {
8898
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$e, NPX } = constants
8899
+ const config$g = {
8889
8900
  commandName: 'raw-npx',
8890
8901
  description: `Temporarily disable the Socket ${NPX} wrapper`,
8891
8902
  hidden: false,
@@ -8899,26 +8910,26 @@ const config$f = {
8899
8910
  `
8900
8911
  }
8901
8912
  const cmdRawNpx = {
8902
- description: config$f.description,
8903
- hidden: config$f.hidden,
8904
- run: run$f
8913
+ description: config$g.description,
8914
+ hidden: config$g.hidden,
8915
+ run: run$g
8905
8916
  }
8906
- async function run$f(argv, importMeta, { parentName }) {
8917
+ async function run$g(argv, importMeta, { parentName }) {
8907
8918
  const cli = meowOrExit({
8908
8919
  allowUnknownFlags: true,
8909
8920
  argv,
8910
- config: config$f,
8921
+ config: config$g,
8911
8922
  importMeta,
8912
8923
  parentName
8913
8924
  })
8914
8925
  if (cli.flags['dryRun']) {
8915
- logger.logger.log(DRY_RUN_BAIL_TEXT$d)
8926
+ logger.logger.log(DRY_RUN_BAIL_TEXT$e)
8916
8927
  return
8917
8928
  }
8918
8929
  await runRawNpx(argv)
8919
8930
  }
8920
8931
 
8921
- const config$e = {
8932
+ const config$f = {
8922
8933
  commandName: 'create',
8923
8934
  description: '[Deprecated] Create a project report',
8924
8935
  hidden: false,
@@ -8932,14 +8943,14 @@ const config$e = {
8932
8943
  `
8933
8944
  }
8934
8945
  const cmdReportCreate = {
8935
- description: config$e.description,
8936
- hidden: config$e.hidden,
8937
- run: run$e
8946
+ description: config$f.description,
8947
+ hidden: config$f.hidden,
8948
+ run: run$f
8938
8949
  }
8939
- async function run$e(argv, importMeta, { parentName }) {
8950
+ async function run$f(argv, importMeta, { parentName }) {
8940
8951
  meowOrExit({
8941
8952
  argv,
8942
- config: config$e,
8953
+ config: config$f,
8943
8954
  importMeta,
8944
8955
  parentName
8945
8956
  })
@@ -8949,7 +8960,7 @@ async function run$e(argv, importMeta, { parentName }) {
8949
8960
  process.exitCode = 1
8950
8961
  }
8951
8962
 
8952
- const config$d = {
8963
+ const config$e = {
8953
8964
  commandName: 'view',
8954
8965
  description: '[Deprecated] View a project report',
8955
8966
  hidden: false,
@@ -8963,14 +8974,14 @@ const config$d = {
8963
8974
  `
8964
8975
  }
8965
8976
  const cmdReportView = {
8966
- description: config$d.description,
8967
- hidden: config$d.hidden,
8968
- run: run$d
8977
+ description: config$e.description,
8978
+ hidden: config$e.hidden,
8979
+ run: run$e
8969
8980
  }
8970
- async function run$d(argv, importMeta, { parentName }) {
8981
+ async function run$e(argv, importMeta, { parentName }) {
8971
8982
  meowOrExit({
8972
8983
  argv,
8973
- config: config$d,
8984
+ config: config$e,
8974
8985
  importMeta,
8975
8986
  parentName
8976
8987
  })
@@ -9057,8 +9068,8 @@ async function handleCreateRepo({
9057
9068
  await outputCreateRepo()
9058
9069
  }
9059
9070
 
9060
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$c } = constants
9061
- const config$c = {
9071
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$d } = constants
9072
+ const config$d = {
9062
9073
  commandName: 'create',
9063
9074
  description: 'Create a repository in an organization',
9064
9075
  hidden: false,
@@ -9111,14 +9122,14 @@ const config$c = {
9111
9122
  `
9112
9123
  }
9113
9124
  const cmdReposCreate = {
9114
- description: config$c.description,
9115
- hidden: config$c.hidden,
9116
- run: run$c
9125
+ description: config$d.description,
9126
+ hidden: config$d.hidden,
9127
+ run: run$d
9117
9128
  }
9118
- async function run$c(argv, importMeta, { parentName }) {
9129
+ async function run$d(argv, importMeta, { parentName }) {
9119
9130
  const cli = meowOrExit({
9120
9131
  argv,
9121
- config: config$c,
9132
+ config: config$d,
9122
9133
  importMeta,
9123
9134
  parentName
9124
9135
  })
@@ -9153,7 +9164,7 @@ async function run$c(argv, importMeta, { parentName }) {
9153
9164
  return
9154
9165
  }
9155
9166
  if (cli.flags['dryRun']) {
9156
- logger.logger.log(DRY_RUN_BAIL_TEXT$c)
9167
+ logger.logger.log(DRY_RUN_BAIL_TEXT$d)
9157
9168
  return
9158
9169
  }
9159
9170
  await handleCreateRepo({
@@ -9182,8 +9193,8 @@ async function handleDeleteRepo(orgSlug, repoName) {
9182
9193
  spinner.successAndStop('Repository deleted successfully')
9183
9194
  }
9184
9195
 
9185
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$b } = constants
9186
- const config$b = {
9196
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$c } = constants
9197
+ const config$c = {
9187
9198
  commandName: 'del',
9188
9199
  description: 'Delete a repository in an organization',
9189
9200
  hidden: false,
@@ -9206,14 +9217,14 @@ const config$b = {
9206
9217
  `
9207
9218
  }
9208
9219
  const cmdReposDel = {
9209
- description: config$b.description,
9210
- hidden: config$b.hidden,
9211
- run: run$b
9220
+ description: config$c.description,
9221
+ hidden: config$c.hidden,
9222
+ run: run$c
9212
9223
  }
9213
- async function run$b(argv, importMeta, { parentName }) {
9224
+ async function run$c(argv, importMeta, { parentName }) {
9214
9225
  const cli = meowOrExit({
9215
9226
  argv,
9216
- config: config$b,
9227
+ config: config$c,
9217
9228
  importMeta,
9218
9229
  parentName
9219
9230
  })
@@ -9248,7 +9259,7 @@ async function run$b(argv, importMeta, { parentName }) {
9248
9259
  return
9249
9260
  }
9250
9261
  if (cli.flags['dryRun']) {
9251
- logger.logger.log(DRY_RUN_BAIL_TEXT$b)
9262
+ logger.logger.log(DRY_RUN_BAIL_TEXT$c)
9252
9263
  return
9253
9264
  }
9254
9265
  await handleDeleteRepo(orgSlug, repoName)
@@ -9337,8 +9348,8 @@ async function handleListRepos({
9337
9348
  await outputListRepos(data, outputKind)
9338
9349
  }
9339
9350
 
9340
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$a } = constants
9341
- const config$a = {
9351
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$b } = constants
9352
+ const config$b = {
9342
9353
  commandName: 'list',
9343
9354
  description: 'List repositories in an organization',
9344
9355
  hidden: false,
@@ -9385,14 +9396,14 @@ const config$a = {
9385
9396
  `
9386
9397
  }
9387
9398
  const cmdReposList = {
9388
- description: config$a.description,
9389
- hidden: config$a.hidden,
9390
- run: run$a
9399
+ description: config$b.description,
9400
+ hidden: config$b.hidden,
9401
+ run: run$b
9391
9402
  }
9392
- async function run$a(argv, importMeta, { parentName }) {
9403
+ async function run$b(argv, importMeta, { parentName }) {
9393
9404
  const cli = meowOrExit({
9394
9405
  argv,
9395
- config: config$a,
9406
+ config: config$b,
9396
9407
  importMeta,
9397
9408
  parentName
9398
9409
  })
@@ -9429,7 +9440,7 @@ async function run$a(argv, importMeta, { parentName }) {
9429
9440
  return
9430
9441
  }
9431
9442
  if (cli.flags['dryRun']) {
9432
- logger.logger.log(DRY_RUN_BAIL_TEXT$a)
9443
+ logger.logger.log(DRY_RUN_BAIL_TEXT$b)
9433
9444
  return
9434
9445
  }
9435
9446
  await handleListRepos({
@@ -9499,8 +9510,8 @@ async function handleUpdateRepo({
9499
9510
  await outputUpdateRepo()
9500
9511
  }
9501
9512
 
9502
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$9 } = constants
9503
- const config$9 = {
9513
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$a } = constants
9514
+ const config$a = {
9504
9515
  commandName: 'update',
9505
9516
  description: 'Update a repository in an organization',
9506
9517
  hidden: false,
@@ -9553,14 +9564,14 @@ const config$9 = {
9553
9564
  `
9554
9565
  }
9555
9566
  const cmdReposUpdate = {
9556
- description: config$9.description,
9557
- hidden: config$9.hidden,
9558
- run: run$9
9567
+ description: config$a.description,
9568
+ hidden: config$a.hidden,
9569
+ run: run$a
9559
9570
  }
9560
- async function run$9(argv, importMeta, { parentName }) {
9571
+ async function run$a(argv, importMeta, { parentName }) {
9561
9572
  const cli = meowOrExit({
9562
9573
  argv,
9563
- config: config$9,
9574
+ config: config$a,
9564
9575
  importMeta,
9565
9576
  parentName
9566
9577
  })
@@ -9595,7 +9606,7 @@ async function run$9(argv, importMeta, { parentName }) {
9595
9606
  return
9596
9607
  }
9597
9608
  if (cli.flags['dryRun']) {
9598
- logger.logger.log(DRY_RUN_BAIL_TEXT$9)
9609
+ logger.logger.log(DRY_RUN_BAIL_TEXT$a)
9599
9610
  return
9600
9611
  }
9601
9612
  await handleUpdateRepo({
@@ -9697,8 +9708,8 @@ async function handleViewRepo(orgSlug, repoName, outputKind) {
9697
9708
  await outputViewRepo(data, outputKind)
9698
9709
  }
9699
9710
 
9700
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$8 } = constants
9701
- const config$8 = {
9711
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$9 } = constants
9712
+ const config$9 = {
9702
9713
  commandName: 'view',
9703
9714
  description: 'View repositories in an organization',
9704
9715
  hidden: false,
@@ -9727,14 +9738,14 @@ const config$8 = {
9727
9738
  `
9728
9739
  }
9729
9740
  const cmdReposView = {
9730
- description: config$8.description,
9731
- hidden: config$8.hidden,
9732
- run: run$8
9741
+ description: config$9.description,
9742
+ hidden: config$9.hidden,
9743
+ run: run$9
9733
9744
  }
9734
- async function run$8(argv, importMeta, { parentName }) {
9745
+ async function run$9(argv, importMeta, { parentName }) {
9735
9746
  const cli = meowOrExit({
9736
9747
  argv,
9737
- config: config$8,
9748
+ config: config$9,
9738
9749
  importMeta,
9739
9750
  parentName
9740
9751
  })
@@ -9777,7 +9788,7 @@ async function run$8(argv, importMeta, { parentName }) {
9777
9788
  return
9778
9789
  }
9779
9790
  if (cli.flags['dryRun']) {
9780
- logger.logger.log(DRY_RUN_BAIL_TEXT$8)
9791
+ logger.logger.log(DRY_RUN_BAIL_TEXT$9)
9781
9792
  return
9782
9793
  }
9783
9794
  await handleViewRepo(
@@ -9872,8 +9883,8 @@ async function suggestTarget() {
9872
9883
  }
9873
9884
  }
9874
9885
 
9875
- const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$7 } = constants
9876
- const config$7 = {
9886
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$8 } = constants
9887
+ const config$8 = {
9877
9888
  commandName: 'create',
9878
9889
  description: 'Create a scan',
9879
9890
  hidden: false,
@@ -9979,6 +9990,9 @@ const config$7 = {
9979
9990
  When a FILE is given only that FILE is targeted. Otherwise any eligible
9980
9991
  files in the given DIR will be considered.
9981
9992
 
9993
+ The --repo and --branch flags tell Socket to associate this Scan with that
9994
+ repo/branch. The names will show up on your dashboard on the Socket website.
9995
+
9982
9996
  Note: for a first run you probably want to set --defaultBranch to indicate
9983
9997
  the default branch name, like "main" or "master".
9984
9998
 
@@ -9993,14 +10007,14 @@ const config$7 = {
9993
10007
  `
9994
10008
  }
9995
10009
  const cmdScanCreate = {
9996
- description: config$7.description,
9997
- hidden: config$7.hidden,
9998
- run: run$7
10010
+ description: config$8.description,
10011
+ hidden: config$8.hidden,
10012
+ run: run$8
9999
10013
  }
10000
- async function run$7(argv, importMeta, { parentName }) {
10014
+ async function run$8(argv, importMeta, { parentName }) {
10001
10015
  const cli = meowOrExit({
10002
10016
  argv,
10003
- config: config$7,
10017
+ config: config$8,
10004
10018
  importMeta,
10005
10019
  parentName
10006
10020
  })
@@ -10052,154 +10066,484 @@ async function run$7(argv, importMeta, { parentName }) {
10052
10066
  if (suggestion) {
10053
10067
  orgSlug = suggestion
10054
10068
  }
10055
- updatedInput = true
10069
+ updatedInput = true
10070
+ }
10071
+ }
10072
+ if (updatedInput && orgSlug && targets?.length) {
10073
+ logger.logger.error(
10074
+ 'Note: You can invoke this command next time to skip the interactive questions:'
10075
+ )
10076
+ logger.logger.error('```')
10077
+ logger.logger.error(
10078
+ ` socket scan create [other flags...] ${defaultOrgSlug ? '' : orgSlug} ${targets.join(' ')}`
10079
+ )
10080
+ logger.logger.error('```\n')
10081
+ }
10082
+ const wasBadInput = handleBadInput(
10083
+ {
10084
+ nook: !!defaultOrgSlug,
10085
+ test: !!orgSlug && orgSlug !== '.',
10086
+ message: 'Org name as the first argument',
10087
+ pass: 'ok',
10088
+ fail:
10089
+ orgSlug === '.'
10090
+ ? 'dot is an invalid org, most likely you forgot the org name here?'
10091
+ : 'missing'
10092
+ },
10093
+ {
10094
+ test: !!targets.length,
10095
+ message: 'At least one TARGET (e.g. `.` or `./package.json`)',
10096
+ pass: 'ok',
10097
+ fail: 'missing (or perhaps you forgot the org slug?)'
10098
+ },
10099
+ {
10100
+ nook: true,
10101
+ test: !json || !markdown,
10102
+ message: 'The json and markdown flags cannot be both set, pick one',
10103
+ pass: 'ok',
10104
+ fail: 'omit one'
10105
+ },
10106
+ {
10107
+ nook: true,
10108
+ test: !!apiToken,
10109
+ message: 'This command requires an API token for access',
10110
+ pass: 'ok',
10111
+ fail: 'missing (try `socket login`)'
10112
+ },
10113
+ {
10114
+ nook: true,
10115
+ test: !pendingHead || !tmp,
10116
+ message: 'Can not use --pendingHead and --tmp at the same time',
10117
+ pass: 'ok',
10118
+ fail: 'remove at least one flag'
10119
+ },
10120
+ {
10121
+ nook: true,
10122
+ test: !pendingHead || !!branchName,
10123
+ message: 'When --pendingHead is set, --branch is mandatory',
10124
+ pass: 'ok',
10125
+ fail: 'missing branch name'
10126
+ },
10127
+ {
10128
+ nook: true,
10129
+ test: !defaultBranch || !!branchName,
10130
+ message: 'When --defaultBranch is set, --branch is mandatory',
10131
+ pass: 'ok',
10132
+ fail: 'missing branch name'
10133
+ }
10134
+ )
10135
+ if (wasBadInput) {
10136
+ return
10137
+ }
10138
+
10139
+ // Note exiting earlier to skirt a hidden auth requirement
10140
+ if (dryRun) {
10141
+ logger.logger.log(DRY_RUN_BAIL_TEXT$8)
10142
+ return
10143
+ }
10144
+ await handleCreateNewScan({
10145
+ branchName: branchName,
10146
+ commitHash: (commitHash && String(commitHash)) || '',
10147
+ commitMessage: (commitMessage && String(commitMessage)) || '',
10148
+ committers: (committers && String(committers)) || '',
10149
+ cwd,
10150
+ defaultBranch: Boolean(defaultBranch),
10151
+ orgSlug,
10152
+ outputKind: json ? 'json' : markdown ? 'markdown' : 'text',
10153
+ pendingHead: Boolean(pendingHead),
10154
+ pullRequest: Number(pullRequest),
10155
+ readOnly: Boolean(readOnly),
10156
+ repoName: repoName,
10157
+ report,
10158
+ targets,
10159
+ tmp: Boolean(tmp)
10160
+ })
10161
+ }
10162
+
10163
+ async function fetchDeleteOrgFullScan(orgSlug, scanId) {
10164
+ const sockSdk = await shadowNpmInject.setupSdk()
10165
+
10166
+ // Lazily access constants.spinner.
10167
+ const { spinner } = constants
10168
+ spinner.start('Requesting the scan to be deleted...')
10169
+ const result = await handleApiCall(
10170
+ sockSdk.deleteOrgFullScan(orgSlug, scanId),
10171
+ 'Deleting scan'
10172
+ )
10173
+ spinner.successAndStop('Received response for deleting a scan.')
10174
+ if (!result.success) {
10175
+ handleUnsuccessfulApiResponse('deleteOrgFullScan', result)
10176
+ }
10177
+ return result.data
10178
+ }
10179
+
10180
+ async function outputDeleteScan(_data) {
10181
+ logger.logger.success('Scan deleted successfully')
10182
+ }
10183
+
10184
+ async function handleDeleteScan(orgSlug, scanId) {
10185
+ const data = await fetchDeleteOrgFullScan(orgSlug, scanId)
10186
+ if (!data) {
10187
+ return
10188
+ }
10189
+ await outputDeleteScan()
10190
+ }
10191
+
10192
+ const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$7 } = constants
10193
+ const config$7 = {
10194
+ commandName: 'del',
10195
+ description: 'Delete a scan',
10196
+ hidden: false,
10197
+ flags: {
10198
+ ...commonFlags,
10199
+ ...outputFlags
10200
+ },
10201
+ help: (command, config) => `
10202
+ Usage
10203
+ $ ${command} <org slug> <scan ID>
10204
+
10205
+ API Token Requirements
10206
+ - Quota: 1 unit
10207
+ - Permissions: full-scans:delete
10208
+
10209
+ Options
10210
+ ${getFlagListOutput(config.flags, 6)}
10211
+
10212
+ Examples
10213
+ $ ${command} FakeOrg 000aaaa1-0000-0a0a-00a0-00a0000000a0
10214
+ `
10215
+ }
10216
+ const cmdScanDel = {
10217
+ description: config$7.description,
10218
+ hidden: config$7.hidden,
10219
+ run: run$7
10220
+ }
10221
+ async function run$7(argv, importMeta, { parentName }) {
10222
+ const cli = meowOrExit({
10223
+ argv,
10224
+ config: config$7,
10225
+ importMeta,
10226
+ parentName
10227
+ })
10228
+ const defaultOrgSlug = shadowNpmInject.getConfigValue('defaultOrg')
10229
+ const orgSlug = defaultOrgSlug || cli.input[0] || ''
10230
+ const scanId = (defaultOrgSlug ? cli.input[0] : cli.input[1]) || ''
10231
+ const apiToken = shadowNpmInject.getDefaultToken()
10232
+ const wasBadInput = handleBadInput(
10233
+ {
10234
+ nook: !!defaultOrgSlug,
10235
+ test: !!orgSlug && orgSlug !== '.',
10236
+ message: 'Org name as the first argument',
10237
+ pass: 'ok',
10238
+ fail:
10239
+ orgSlug === '.'
10240
+ ? 'dot is an invalid org, most likely you forgot the org name here?'
10241
+ : 'missing'
10242
+ },
10243
+ {
10244
+ test: !!scanId,
10245
+ message: 'Scan ID to delete',
10246
+ pass: 'ok',
10247
+ fail: 'missing'
10248
+ },
10249
+ {
10250
+ nook: true,
10251
+ test: !!apiToken,
10252
+ message:
10253
+ 'You need to be logged in to use this command. See `socket login`.',
10254
+ pass: 'ok',
10255
+ fail: 'missing API token'
10256
+ }
10257
+ )
10258
+ if (wasBadInput) {
10259
+ return
10260
+ }
10261
+ if (cli.flags['dryRun']) {
10262
+ logger.logger.log(DRY_RUN_BAIL_TEXT$7)
10263
+ return
10264
+ }
10265
+ await handleDeleteScan(orgSlug, scanId)
10266
+ }
10267
+
10268
+ async function fetchDiffScan({ id1, id2, orgSlug }) {
10269
+ const apiToken = shadowNpmInject.getDefaultToken()
10270
+
10271
+ // Lazily access constants.spinner.
10272
+ const { spinner } = constants
10273
+ logger.logger.error('Scan ID 1:', id1)
10274
+ logger.logger.error('Scan ID 2:', id2)
10275
+ spinner.start('Fetching scan diff... (this may take a while)')
10276
+ const response = await queryApi(
10277
+ `orgs/${orgSlug}/full-scans/diff?before=${encodeURIComponent(id1)}&after=${encodeURIComponent(id2)}`,
10278
+ apiToken || ''
10279
+ )
10280
+ spinner.successAndStop('Received scan diff response')
10281
+ if (!response.ok) {
10282
+ const err = await handleApiError(response.status)
10283
+ logger.logger.fail(failMsgWithBadge(response.statusText, err))
10284
+ return
10285
+ }
10286
+ const result = await handleApiCall(
10287
+ await response.json(),
10288
+ 'Deserializing json'
10289
+ )
10290
+ return result
10291
+ }
10292
+
10293
+ const SOCKET_SBOM_URL_PREFIX$1 =
10294
+ 'https://socket.dev/dashboard/org/SocketDev/sbom/'
10295
+ async function outputDiffScan(result, { depth, file, outputKind }) {
10296
+ const dashboardUrl = result.diff_report_url
10297
+ const dashboardMessage = dashboardUrl
10298
+ ? `\n View this diff scan in the Socket dashboard: ${vendor.yoctocolorsCjsExports.cyan(dashboardUrl)}`
10299
+ : ''
10300
+
10301
+ // When forcing json, or dumping to file, serialize to string such that it
10302
+ // won't get truncated. The only way to dump the full raw JSON to stdout is
10303
+ // to use `--json --file -` (the dash is a standard notation for stdout)
10304
+ if (outputKind === 'json' || file) {
10305
+ let json
10306
+ try {
10307
+ json = JSON.stringify(result, null, 2)
10308
+ } catch (e) {
10309
+ process.exitCode = 1
10310
+ // Most likely caused by a circular reference (or OOM)
10311
+ logger.logger.fail('There was a problem converting the data to JSON')
10312
+ logger.logger.error(e)
10313
+ return
10314
+ }
10315
+ if (file && file !== '-') {
10316
+ logger.logger.log(`Writing json to \`${file}\``)
10317
+ fs$1.writeFile(file, JSON.stringify(result, null, 2), err => {
10318
+ if (err) {
10319
+ logger.logger.fail(`Writing to \`${file}\` failed...`)
10320
+ logger.logger.error(err)
10321
+ } else {
10322
+ logger.logger.log(`Data successfully written to \`${file}\``)
10323
+ }
10324
+ logger.logger.error(dashboardMessage)
10325
+ })
10326
+ } else {
10327
+ // TODO: expose different method for writing to stderr when simply dodging stdout
10328
+ logger.logger.error(`\n Diff scan result: \n`)
10329
+ logger.logger.log(json)
10330
+ logger.logger.error(dashboardMessage)
10331
+ }
10332
+ return
10333
+ }
10334
+ if (outputKind === 'markdown') {
10335
+ logger.logger.log('# Scan diff result')
10336
+ logger.logger.log('')
10337
+ logger.logger.log(
10338
+ 'This Socket.dev report shows the changes between two scans:'
10339
+ )
10340
+ logger.logger.log(
10341
+ `- [${result.before.id}](${SOCKET_SBOM_URL_PREFIX$1}${result.before.id})`
10342
+ )
10343
+ logger.logger.log(
10344
+ `- [${result.after.id}](${SOCKET_SBOM_URL_PREFIX$1}${result.after.id})`
10345
+ )
10346
+ logger.logger.log('')
10347
+ logger.logger.log(
10348
+ `You can [view this report in your dashboard](${result.diff_report_url})`
10349
+ )
10350
+ logger.logger.log('')
10351
+ logger.logger.log('## Changes')
10352
+ logger.logger.log('')
10353
+ logger.logger.log(
10354
+ `- directDependenciesChanged: ${result.directDependenciesChanged}`
10355
+ )
10356
+ logger.logger.log(`- Added packages: ${result.artifacts.added.length}`)
10357
+ if (result.artifacts.added.length > 0) {
10358
+ result.artifacts.added.slice(0, 10).forEach(artifact => {
10359
+ logger.logger.log(
10360
+ ` - ${artifact.type} ${artifact.name}@${artifact.version}`
10361
+ )
10362
+ })
10363
+ if (result.artifacts.added.length > 10) {
10364
+ logger.logger.log(
10365
+ ` ... and ${result.artifacts.added.length - 10} more`
10366
+ )
10367
+ }
10368
+ }
10369
+ logger.logger.log(`- Removed packages: ${result.artifacts.removed.length}`)
10370
+ if (result.artifacts.removed.length > 0) {
10371
+ result.artifacts.removed.slice(0, 10).forEach(artifact => {
10372
+ logger.logger.log(
10373
+ ` - ${artifact.type} ${artifact.name}@${artifact.version}`
10374
+ )
10375
+ })
10376
+ if (result.artifacts.removed.length > 10) {
10377
+ logger.logger.log(
10378
+ ` ... and ${result.artifacts.removed.length - 10} more`
10379
+ )
10380
+ }
10381
+ }
10382
+ logger.logger.log(
10383
+ `- Replaced packages: ${result.artifacts.replaced.length}`
10384
+ )
10385
+ if (result.artifacts.replaced.length > 0) {
10386
+ result.artifacts.replaced.slice(0, 10).forEach(artifact => {
10387
+ logger.logger.log(
10388
+ ` - ${artifact.type} ${artifact.name}@${artifact.version}`
10389
+ )
10390
+ })
10391
+ if (result.artifacts.replaced.length > 10) {
10392
+ logger.logger.log(
10393
+ ` ... and ${result.artifacts.replaced.length - 10} more`
10394
+ )
10395
+ }
10396
+ }
10397
+ logger.logger.log(`- Updated packages: ${result.artifacts.updated.length}`)
10398
+ if (result.artifacts.updated.length > 0) {
10399
+ result.artifacts.updated.slice(0, 10).forEach(artifact => {
10400
+ logger.logger.log(
10401
+ ` - ${artifact.type} ${artifact.name}@${artifact.version}`
10402
+ )
10403
+ })
10404
+ if (result.artifacts.updated.length > 10) {
10405
+ logger.logger.log(
10406
+ ` ... and ${result.artifacts.updated.length - 10} more`
10407
+ )
10408
+ }
10409
+ }
10410
+ logger.logger.log(
10411
+ `- Unchanged packages: ${result.artifacts.unchanged.length}`
10412
+ )
10413
+ if (result.artifacts.unchanged.length > 0) {
10414
+ result.artifacts.unchanged.slice(0, 10).forEach(artifact => {
10415
+ logger.logger.log(
10416
+ ` - ${artifact.type} ${artifact.name}@${artifact.version}`
10417
+ )
10418
+ })
10419
+ if (result.artifacts.unchanged.length > 10) {
10420
+ logger.logger.log(
10421
+ ` ... and ${result.artifacts.unchanged.length - 10} more`
10422
+ )
10423
+ }
10056
10424
  }
10057
- }
10058
- if (updatedInput && orgSlug && targets?.length) {
10059
- logger.logger.error(
10060
- 'Note: You can invoke this command next time to skip the interactive questions:'
10425
+ logger.logger.log('')
10426
+ logger.logger.log(`## Scan ${result.before.id}`)
10427
+ logger.logger.log('')
10428
+ logger.logger.log(
10429
+ 'This Scan was considered to be the "base" / "from" / "before" Scan.'
10061
10430
  )
10062
- logger.logger.error('```')
10063
- logger.logger.error(
10064
- ` socket scan create [other flags...] ${defaultOrgSlug ? '' : orgSlug} ${targets.join(' ')}`
10431
+ logger.logger.log('')
10432
+ for (const [key, value] of Object.entries(result.before)) {
10433
+ if (key === 'pull_request' && !value) {
10434
+ continue
10435
+ }
10436
+ if (!['id', 'organization_id', 'repository_id'].includes(key)) {
10437
+ logger.logger.group(
10438
+ `- ${key === 'repository_slug' ? 'repo' : key === 'organization_slug' ? 'org' : key}: ${value}`
10439
+ )
10440
+ logger.logger.groupEnd()
10441
+ }
10442
+ }
10443
+ logger.logger.log('')
10444
+ logger.logger.log(`## Scan ${result.after.id}`)
10445
+ logger.logger.log('')
10446
+ logger.logger.log(
10447
+ 'This Scan was considered to be the "head" / "to" / "after" Scan.'
10065
10448
  )
10066
- logger.logger.error('```\n')
10067
- }
10068
- const wasBadInput = handleBadInput(
10069
- {
10070
- nook: !!defaultOrgSlug,
10071
- test: !!orgSlug && orgSlug !== '.',
10072
- message: 'Org name as the first argument',
10073
- pass: 'ok',
10074
- fail:
10075
- orgSlug === '.'
10076
- ? 'dot is an invalid org, most likely you forgot the org name here?'
10077
- : 'missing'
10078
- },
10079
- {
10080
- test: !!targets.length,
10081
- message: 'At least one TARGET (e.g. `.` or `./package.json`)',
10082
- pass: 'ok',
10083
- fail: 'missing (or perhaps you forgot the org slug?)'
10084
- },
10085
- {
10086
- nook: true,
10087
- test: !json || !markdown,
10088
- message: 'The json and markdown flags cannot be both set, pick one',
10089
- pass: 'ok',
10090
- fail: 'omit one'
10091
- },
10092
- {
10093
- nook: true,
10094
- test: !!apiToken,
10095
- message: 'This command requires an API token for access',
10096
- pass: 'ok',
10097
- fail: 'missing (try `socket login`)'
10098
- },
10099
- {
10100
- nook: true,
10101
- test: !pendingHead || !tmp,
10102
- message: 'Can not use --pendingHead and --tmp at the same time',
10103
- pass: 'ok',
10104
- fail: 'remove at least one flag'
10105
- },
10106
- {
10107
- nook: true,
10108
- test: !pendingHead || !!branchName,
10109
- message: 'When --pendingHead is set, --branch is mandatory',
10110
- pass: 'ok',
10111
- fail: 'missing branch name'
10112
- },
10113
- {
10114
- nook: true,
10115
- test: !defaultBranch || !!branchName,
10116
- message: 'When --defaultBranch is set, --branch is mandatory',
10117
- pass: 'ok',
10118
- fail: 'missing branch name'
10449
+ logger.logger.log('')
10450
+ for (const [key, value] of Object.entries(result.after)) {
10451
+ if (key === 'pull_request' && !value) {
10452
+ continue
10453
+ }
10454
+ if (!['id', 'organization_id', 'repository_id'].includes(key)) {
10455
+ logger.logger.group(
10456
+ `- ${key === 'repository_slug' ? 'repo' : key === 'organization_slug' ? 'org' : key}: ${value}`
10457
+ )
10458
+ logger.logger.groupEnd()
10459
+ }
10119
10460
  }
10120
- )
10121
- if (wasBadInput) {
10122
- return
10123
- }
10124
-
10125
- // Note exiting earlier to skirt a hidden auth requirement
10126
- if (dryRun) {
10127
- logger.logger.log(DRY_RUN_BAIL_TEXT$7)
10461
+ logger.logger.log('')
10128
10462
  return
10129
10463
  }
10130
- await handleCreateNewScan({
10131
- branchName: branchName,
10132
- commitHash: (commitHash && String(commitHash)) || '',
10133
- commitMessage: (commitMessage && String(commitMessage)) || '',
10134
- committers: (committers && String(committers)) || '',
10135
- cwd,
10136
- defaultBranch: Boolean(defaultBranch),
10137
- orgSlug,
10138
- outputKind: json ? 'json' : markdown ? 'markdown' : 'text',
10139
- pendingHead: Boolean(pendingHead),
10140
- pullRequest: Number(pullRequest),
10141
- readOnly: Boolean(readOnly),
10142
- repoName: repoName,
10143
- report,
10144
- targets,
10145
- tmp: Boolean(tmp)
10146
- })
10147
- }
10148
10464
 
10149
- async function fetchDeleteOrgFullScan(orgSlug, scanId) {
10150
- const sockSdk = await shadowNpmInject.setupSdk()
10465
+ // In this case neither the --json nor the --file flag was passed
10466
+ // Dump the JSON to CLI and let NodeJS deal with truncation
10151
10467
 
10152
- // Lazily access constants.spinner.
10153
- const { spinner } = constants
10154
- spinner.start('Requesting the scan to be deleted...')
10155
- const result = await handleApiCall(
10156
- sockSdk.deleteOrgFullScan(orgSlug, scanId),
10157
- 'Deleting scan'
10468
+ logger.logger.log('Diff scan result:')
10469
+ logger.logger.log(
10470
+ require$$0.inspect(result, {
10471
+ showHidden: false,
10472
+ depth: depth > 0 ? depth : null,
10473
+ colors: true,
10474
+ maxArrayLength: null
10475
+ })
10158
10476
  )
10159
- spinner.successAndStop('Received response for deleting a scan.')
10160
- if (!result.success) {
10161
- handleUnsuccessfulApiResponse('deleteOrgFullScan', result)
10162
- }
10163
- return result.data
10164
- }
10165
-
10166
- async function outputDeleteScan(_data) {
10167
- logger.logger.success('Scan deleted successfully')
10477
+ logger.logger.error(
10478
+ `\n 📝 To display the detailed report in the terminal, use the --json flag. For a friendlier report, use the --markdown flag.\n`
10479
+ )
10480
+ logger.logger.log(dashboardMessage)
10168
10481
  }
10169
10482
 
10170
- async function handleDeleteScan(orgSlug, scanId) {
10171
- const data = await fetchDeleteOrgFullScan(orgSlug, scanId)
10483
+ async function handleDiffScan({ depth, file, id1, id2, orgSlug, outputKind }) {
10484
+ const data = await fetchDiffScan({
10485
+ id1,
10486
+ id2,
10487
+ orgSlug
10488
+ })
10172
10489
  if (!data) {
10173
10490
  return
10174
10491
  }
10175
- await outputDeleteScan()
10492
+ await outputDiffScan(data, {
10493
+ depth,
10494
+ file,
10495
+ outputKind
10496
+ })
10176
10497
  }
10177
10498
 
10178
10499
  const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$6 } = constants
10500
+ const SOCKET_SBOM_URL_PREFIX =
10501
+ 'https://socket.dev/dashboard/org/SocketDev/sbom/'
10179
10502
  const config$6 = {
10180
- commandName: 'del',
10181
- description: 'Delete a scan',
10503
+ commandName: 'diff',
10504
+ description: 'See what changed between two Scans',
10182
10505
  hidden: false,
10183
10506
  flags: {
10184
10507
  ...commonFlags,
10185
- ...outputFlags
10508
+ ...outputFlags,
10509
+ depth: {
10510
+ type: 'number',
10511
+ default: 2,
10512
+ description:
10513
+ 'Max depth of JSON to display before truncating, use zero for no limit (without --json/--file)'
10514
+ },
10515
+ file: {
10516
+ type: 'string',
10517
+ shortFlag: 'f',
10518
+ default: '',
10519
+ description:
10520
+ 'Path to a local file where the output should be saved. Use `-` to force stdout.'
10521
+ }
10186
10522
  },
10187
10523
  help: (command, config) => `
10188
10524
  Usage
10189
- $ ${command} <org slug> <scan ID>
10525
+ $ ${command} <org slug> <ID1> <ID2>
10190
10526
 
10191
10527
  API Token Requirements
10192
10528
  - Quota: 1 unit
10193
- - Permissions: full-scans:delete
10529
+ - Permissions: full-scans:list
10530
+
10531
+ This command displays the package changes between two scans. The full output
10532
+ can be pretty large depending on the size of your repo and time range. It is
10533
+ best stored to disk (with --json) to be further analyzed by other tools.
10534
+
10535
+ Note: First Scan ID is assumed to be the older ID. This is only relevant for
10536
+ the added/removed list (similar to diffing two files with git).
10194
10537
 
10195
10538
  Options
10196
10539
  ${getFlagListOutput(config.flags, 6)}
10197
10540
 
10198
10541
  Examples
10199
- $ ${command} FakeOrg 000aaaa1-0000-0a0a-00a0-00a0000000a0
10542
+ $ ${command} FakeCorp aaa0aa0a-aaaa-0000-0a0a-0000000a00a0 aaa1aa1a-aaaa-1111-1a1a-1111111a11a1
10543
+ $ ${command} FakeCorp aaa0aa0a-aaaa-0000-0a0a-0000000a00a0 aaa1aa1a-aaaa-1111-1a1a-1111111a11a1 --json
10200
10544
  `
10201
10545
  }
10202
- const cmdScanDel = {
10546
+ const cmdScanDiff = {
10203
10547
  description: config$6.description,
10204
10548
  hidden: config$6.hidden,
10205
10549
  run: run$6
@@ -10211,27 +10555,46 @@ async function run$6(argv, importMeta, { parentName }) {
10211
10555
  importMeta,
10212
10556
  parentName
10213
10557
  })
10558
+ const { depth, file, json, markdown } = cli.flags
10214
10559
  const defaultOrgSlug = shadowNpmInject.getConfigValue('defaultOrg')
10215
10560
  const orgSlug = defaultOrgSlug || cli.input[0] || ''
10216
- const scanId = (defaultOrgSlug ? cli.input[0] : cli.input[1]) || ''
10561
+ let id1 = cli.input[defaultOrgSlug ? 0 : 1] || ''
10562
+ let id2 = cli.input[defaultOrgSlug ? 1 : 2] || ''
10563
+ if (id1.startsWith(SOCKET_SBOM_URL_PREFIX)) {
10564
+ id1 = id1.slice(SOCKET_SBOM_URL_PREFIX.length)
10565
+ }
10566
+ if (id2.startsWith(SOCKET_SBOM_URL_PREFIX)) {
10567
+ id2 = id2.slice(SOCKET_SBOM_URL_PREFIX.length)
10568
+ }
10217
10569
  const apiToken = shadowNpmInject.getDefaultToken()
10218
10570
  const wasBadInput = handleBadInput(
10219
10571
  {
10220
- nook: !!defaultOrgSlug,
10221
- test: !!orgSlug && orgSlug !== '.',
10222
- message: 'Org name as the first argument',
10572
+ test: !!(id1 && id2),
10573
+ message:
10574
+ 'Specify two Scan IDs.\nA Scan ID looks like `aaa0aa0a-aaaa-0000-0a0a-0000000a00a0`.',
10223
10575
  pass: 'ok',
10224
10576
  fail:
10225
- orgSlug === '.'
10226
- ? 'dot is an invalid org, most likely you forgot the org name here?'
10227
- : 'missing'
10577
+ !id1 && !id2
10578
+ ? 'missing both Scan IDs'
10579
+ : !id2
10580
+ ? 'missing second Scan ID'
10581
+ : 'missing first Scan ID' // Not sure how this can happen but ok.
10228
10582
  },
10229
10583
  {
10230
- test: !!scanId,
10231
- message: 'Scan ID to delete',
10584
+ test: !!orgSlug,
10585
+ nook: true,
10586
+ message: 'Org name as the first argument',
10232
10587
  pass: 'ok',
10233
10588
  fail: 'missing'
10234
10589
  },
10590
+ {
10591
+ nook: true,
10592
+ test: !json || !markdown,
10593
+ message:
10594
+ 'The `--json` and `--markdown` flags can not be used at the same time',
10595
+ pass: 'ok',
10596
+ fail: 'bad'
10597
+ },
10235
10598
  {
10236
10599
  nook: true,
10237
10600
  test: !!apiToken,
@@ -10248,15 +10611,24 @@ async function run$6(argv, importMeta, { parentName }) {
10248
10611
  logger.logger.log(DRY_RUN_BAIL_TEXT$6)
10249
10612
  return
10250
10613
  }
10251
- await handleDeleteScan(orgSlug, scanId)
10614
+ await handleDiffScan({
10615
+ id1: String(id1 || ''),
10616
+ id2: String(id2 || ''),
10617
+ depth: Number(depth),
10618
+ orgSlug,
10619
+ outputKind: json ? 'json' : markdown ? 'markdown' : 'text',
10620
+ file: String(file || '')
10621
+ })
10252
10622
  }
10253
10623
 
10254
10624
  async function fetchListScans({
10625
+ branch,
10255
10626
  direction,
10256
10627
  from_time,
10257
10628
  orgSlug,
10258
10629
  page,
10259
10630
  per_page,
10631
+ repo,
10260
10632
  sort
10261
10633
  }) {
10262
10634
  const sockSdk = await shadowNpmInject.setupSdk()
@@ -10266,6 +10638,16 @@ async function fetchListScans({
10266
10638
  spinner.start('Fetching list of scans...')
10267
10639
  const result = await handleApiCall(
10268
10640
  sockSdk.getOrgFullScanList(orgSlug, {
10641
+ ...(branch
10642
+ ? {
10643
+ branch
10644
+ }
10645
+ : {}),
10646
+ ...(repo
10647
+ ? {
10648
+ repo
10649
+ }
10650
+ : {}),
10269
10651
  sort,
10270
10652
  direction,
10271
10653
  per_page: String(per_page),
@@ -10297,6 +10679,10 @@ async function outputListScans(data, outputKind) {
10297
10679
  field: 'report_url',
10298
10680
  name: vendor.yoctocolorsCjsExports.magenta('Scan URL')
10299
10681
  },
10682
+ {
10683
+ field: 'repo',
10684
+ name: vendor.yoctocolorsCjsExports.magenta('Repo')
10685
+ },
10300
10686
  {
10301
10687
  field: 'branch',
10302
10688
  name: vendor.yoctocolorsCjsExports.magenta('Branch')
@@ -10320,6 +10706,7 @@ async function outputListScans(data, outputKind) {
10320
10706
  day: 'numeric'
10321
10707
  })
10322
10708
  : '',
10709
+ repo: d.repo,
10323
10710
  branch: d.branch
10324
10711
  }
10325
10712
  })
@@ -10327,20 +10714,24 @@ async function outputListScans(data, outputKind) {
10327
10714
  }
10328
10715
 
10329
10716
  async function handleListScans({
10717
+ branch,
10330
10718
  direction,
10331
10719
  from_time,
10332
10720
  orgSlug,
10333
10721
  outputKind,
10334
10722
  page,
10335
10723
  per_page,
10724
+ repo,
10336
10725
  sort
10337
10726
  }) {
10338
10727
  const data = await fetchListScans({
10728
+ branch,
10339
10729
  direction,
10340
10730
  from_time,
10341
10731
  orgSlug,
10342
10732
  page,
10343
10733
  per_page,
10734
+ repo,
10344
10735
  sort
10345
10736
  })
10346
10737
  if (!data) {
@@ -10357,12 +10748,9 @@ const config$5 = {
10357
10748
  flags: {
10358
10749
  ...commonFlags,
10359
10750
  ...outputFlags,
10360
- sort: {
10751
+ branch: {
10361
10752
  type: 'string',
10362
- shortFlag: 's',
10363
- default: 'created_at',
10364
- description:
10365
- 'Sorting option (`name` or `created_at`) - default is `created_at`'
10753
+ description: 'Filter to show only scans with this branch name'
10366
10754
  },
10367
10755
  direction: {
10368
10756
  type: 'string',
@@ -10370,11 +10758,11 @@ const config$5 = {
10370
10758
  default: 'desc',
10371
10759
  description: 'Direction option (`desc` or `asc`) - Default is `desc`'
10372
10760
  },
10373
- perPage: {
10374
- type: 'number',
10375
- shortFlag: 'pp',
10376
- default: 30,
10377
- description: 'Results per page - Default is 30'
10761
+ fromTime: {
10762
+ type: 'string',
10763
+ shortFlag: 'f',
10764
+ default: '',
10765
+ description: 'From time - as a unix timestamp'
10378
10766
  },
10379
10767
  page: {
10380
10768
  type: 'number',
@@ -10382,11 +10770,22 @@ const config$5 = {
10382
10770
  default: 1,
10383
10771
  description: 'Page number - Default is 1'
10384
10772
  },
10385
- fromTime: {
10773
+ perPage: {
10774
+ type: 'number',
10775
+ shortFlag: 'pp',
10776
+ default: 30,
10777
+ description: 'Results per page - Default is 30'
10778
+ },
10779
+ repo: {
10386
10780
  type: 'string',
10387
- shortFlag: 'f',
10388
- default: '',
10389
- description: 'From time - as a unix timestamp'
10781
+ description: 'Filter to show only scans with this repository name'
10782
+ },
10783
+ sort: {
10784
+ type: 'string',
10785
+ shortFlag: 's',
10786
+ default: 'created_at',
10787
+ description:
10788
+ 'Sorting option (`name` or `created_at`) - default is `created_at`'
10390
10789
  },
10391
10790
  untilTime: {
10392
10791
  type: 'string',
@@ -10422,7 +10821,7 @@ async function run$5(argv, importMeta, { parentName }) {
10422
10821
  importMeta,
10423
10822
  parentName
10424
10823
  })
10425
- const { json, markdown } = cli.flags
10824
+ const { branch, json, markdown, repo } = cli.flags
10426
10825
  const defaultOrgSlug = shadowNpmInject.getConfigValue('defaultOrg')
10427
10826
  const orgSlug = defaultOrgSlug || cli.input[0] || ''
10428
10827
  const apiToken = shadowNpmInject.getDefaultToken()
@@ -10461,12 +10860,14 @@ async function run$5(argv, importMeta, { parentName }) {
10461
10860
  return
10462
10861
  }
10463
10862
  await handleListScans({
10863
+ branch: branch ? String(branch) : '',
10464
10864
  direction: String(cli.flags['direction'] || ''),
10465
10865
  from_time: String(cli.flags['fromTime'] || ''),
10466
10866
  orgSlug,
10467
10867
  outputKind: json ? 'json' : markdown ? 'markdown' : 'print',
10468
10868
  page: Number(cli.flags['page'] || 1),
10469
10869
  per_page: Number(cli.flags['perPage'] || 30),
10870
+ repo: repo ? String(repo) : '',
10470
10871
  sort: String(cli.flags['sort'] || '')
10471
10872
  })
10472
10873
  }
@@ -10956,6 +11357,7 @@ const cmdScan = {
10956
11357
  create: cmdScanCreate,
10957
11358
  list: cmdScanList,
10958
11359
  del: cmdScanDel,
11360
+ diff: cmdScanDiff,
10959
11361
  metadata: cmdScanMetadata,
10960
11362
  report: cmdScanReport,
10961
11363
  view: cmdScanView
@@ -11324,7 +11726,7 @@ async function run$1(argv, importMeta, { parentName }) {
11324
11726
  }
11325
11727
 
11326
11728
  function addSocketWrapper(file) {
11327
- return require$$0.appendFile(
11729
+ return fs$1.appendFile(
11328
11730
  file,
11329
11731
  'alias npm="socket npm"\nalias npx="socket npx"\n',
11330
11732
  err => {
@@ -11333,7 +11735,7 @@ function addSocketWrapper(file) {
11333
11735
  }
11334
11736
  // TODO: pretty sure you need to source the file or restart
11335
11737
  // any terminal session before changes are reflected.
11336
- logger.logger.log(vendor.stripIndents`
11738
+ logger.logger.log(vendor.html`
11337
11739
  The alias was added to ${file}. Running 'npm install' will now be wrapped in Socket's "safe npm" 🎉
11338
11740
  If you want to disable it at any time, run \`socket wrapper --disable\`
11339
11741
  `)
@@ -11342,7 +11744,7 @@ If you want to disable it at any time, run \`socket wrapper --disable\`
11342
11744
  }
11343
11745
 
11344
11746
  function checkSocketWrapperSetup(file) {
11345
- const fileContent = require$$0.readFileSync(file, 'utf8')
11747
+ const fileContent = fs$1.readFileSync(file, 'utf8')
11346
11748
  const linesWithSocketAlias = fileContent
11347
11749
  .split('\n')
11348
11750
  .filter(
@@ -11361,11 +11763,10 @@ async function postinstallWrapper() {
11361
11763
  // Lazily access constants.bashRcPath and constants.zshRcPath.
11362
11764
  const { bashRcPath, zshRcPath } = constants
11363
11765
  const socketWrapperEnabled =
11364
- (require$$0.existsSync(bashRcPath) &&
11365
- checkSocketWrapperSetup(bashRcPath)) ||
11366
- (require$$0.existsSync(zshRcPath) && checkSocketWrapperSetup(zshRcPath))
11766
+ (fs$1.existsSync(bashRcPath) && checkSocketWrapperSetup(bashRcPath)) ||
11767
+ (fs$1.existsSync(zshRcPath) && checkSocketWrapperSetup(zshRcPath))
11367
11768
  if (!socketWrapperEnabled) {
11368
- await installSafeNpm(vendor.stripIndents`
11769
+ await installSafeNpm(vendor.html`
11369
11770
  The Socket CLI is now successfully installed! 🎉
11370
11771
 
11371
11772
  To better protect yourself against supply-chain attacks, our "safe npm" wrapper can warn you about malicious packages whenever you run 'npm install'.
@@ -11390,10 +11791,10 @@ async function installSafeNpm(query) {
11390
11791
  // Lazily access constants.bashRcPath and constants.zshRcPath.
11391
11792
  const { bashRcPath, zshRcPath } = constants
11392
11793
  try {
11393
- if (require$$0.existsSync(bashRcPath)) {
11794
+ if (fs$1.existsSync(bashRcPath)) {
11394
11795
  addSocketWrapper(bashRcPath)
11395
11796
  }
11396
- if (require$$0.existsSync(zshRcPath)) {
11797
+ if (fs$1.existsSync(zshRcPath)) {
11397
11798
  addSocketWrapper(zshRcPath)
11398
11799
  }
11399
11800
  } catch (e) {
@@ -11405,7 +11806,7 @@ async function installSafeNpm(query) {
11405
11806
  }
11406
11807
 
11407
11808
  function removeSocketWrapper(file) {
11408
- return require$$0.readFile(file, 'utf8', function (err, data) {
11809
+ return fs$1.readFile(file, 'utf8', function (err, data) {
11409
11810
  if (err) {
11410
11811
  logger.logger.fail('There was an error removing the alias:')
11411
11812
  logger.logger.error(err)
@@ -11417,7 +11818,7 @@ function removeSocketWrapper(file) {
11417
11818
  l => l !== 'alias npm="socket npm"' && l !== 'alias npx="socket npx"'
11418
11819
  )
11419
11820
  const updatedFileContent = linesWithoutSocketAlias.join('\n')
11420
- require$$0.writeFile(file, updatedFileContent, function (err) {
11821
+ fs$1.writeFile(file, updatedFileContent, function (err) {
11421
11822
  if (err) {
11422
11823
  logger.logger.error(err)
11423
11824
  return
@@ -11505,27 +11906,21 @@ async function run(argv, importMeta, { parentName }) {
11505
11906
  // Lazily access constants.bashRcPath and constants.zshRcPath.
11506
11907
  const { bashRcPath, zshRcPath } = constants
11507
11908
  if (enable) {
11508
- if (
11509
- require$$0.existsSync(bashRcPath) &&
11510
- !checkSocketWrapperSetup(bashRcPath)
11511
- ) {
11909
+ if (fs$1.existsSync(bashRcPath) && !checkSocketWrapperSetup(bashRcPath)) {
11512
11910
  addSocketWrapper(bashRcPath)
11513
11911
  }
11514
- if (
11515
- require$$0.existsSync(zshRcPath) &&
11516
- !checkSocketWrapperSetup(zshRcPath)
11517
- ) {
11912
+ if (fs$1.existsSync(zshRcPath) && !checkSocketWrapperSetup(zshRcPath)) {
11518
11913
  addSocketWrapper(zshRcPath)
11519
11914
  }
11520
11915
  } else {
11521
- if (require$$0.existsSync(bashRcPath)) {
11916
+ if (fs$1.existsSync(bashRcPath)) {
11522
11917
  removeSocketWrapper(bashRcPath)
11523
11918
  }
11524
- if (require$$0.existsSync(zshRcPath)) {
11919
+ if (fs$1.existsSync(zshRcPath)) {
11525
11920
  removeSocketWrapper(zshRcPath)
11526
11921
  }
11527
11922
  }
11528
- if (!require$$0.existsSync(bashRcPath) && !require$$0.existsSync(zshRcPath)) {
11923
+ if (!fs$1.existsSync(bashRcPath) && !fs$1.existsSync(zshRcPath)) {
11529
11924
  logger.logger.fail(
11530
11925
  'There was an issue setting up the alias in your bash profile'
11531
11926
  )
@@ -11539,7 +11934,7 @@ void (async () => {
11539
11934
  await vendor.updater({
11540
11935
  name: SOCKET_CLI_BIN_NAME,
11541
11936
  // The '@rollup/plugin-replace' will replace "process.env['INLINED_SOCKET_CLI_VERSION']".
11542
- version: '0.14.103',
11937
+ version: '0.14.105',
11543
11938
  ttl: 86_400_000 /* 24 hours in milliseconds */
11544
11939
  })
11545
11940
  try {
@@ -11576,7 +11971,7 @@ void (async () => {
11576
11971
  argv: process$1.argv.slice(2),
11577
11972
  name: SOCKET_CLI_BIN_NAME,
11578
11973
  importMeta: {
11579
- url: `${require$$0$2.pathToFileURL(__filename)}`
11974
+ url: `${require$$0$1.pathToFileURL(__filename)}`
11580
11975
  }
11581
11976
  }
11582
11977
  )
@@ -11607,5 +12002,5 @@ void (async () => {
11607
12002
  await shadowNpmInject.captureException(e)
11608
12003
  }
11609
12004
  })()
11610
- //# debugId=8a009c64-0a0e-45fc-8e4e-cf58dc470a45
12005
+ //# debugId=e3bfb582-f5fe-4bbe-813e-edda33ab6143
11611
12006
  //# sourceMappingURL=cli.js.map