@socketsecurity/cli 0.14.131 → 0.14.133

package/dist/shadow-npm-inject.js

@@ -662,7 +662,7 @@ async function setupSdk(
       // The '@rollup/plugin-replace' will replace "process.env['INLINED_SOCKET_CLI_NAME']".
       name: 'socket',
       // The '@rollup/plugin-replace' will replace "process.env['INLINED_SOCKET_CLI_VERSION']".
-      version: '0.14.131',
+      version: '0.14.133',
       // The '@rollup/plugin-replace' will replace "process.env['INLINED_SOCKET_CLI_HOMEPAGE']".
       homepage: 'https://github.com/SocketDev/socket-cli'
     })
@@ -2122,12 +2122,22 @@ function getCveInfoByAlertsMap(alertsMap, options) {
       }
       const { firstPatchedVersionIdentifier, vulnerableVersionRange } =
         alert.props
-      infos.push({
-        firstPatchedVersionIdentifier,
-        vulnerableVersionRange: new vendor.semverExports.Range(
+      try {
+        infos.push({
+          firstPatchedVersionIdentifier,
+          vulnerableVersionRange: new vendor.semverExports.Range(
+            // Replace ', ' in a range like '>= 1.0.0, < 1.8.2' with ' ' so that
+            // semver.Range will parse it without erroring.
+            vulnerableVersionRange.replace(/, +/g, ' ')
+          ).format()
+        })
+      } catch (e) {
+        debug.debugLog('getCveInfoByAlertsMap', {
+          firstPatchedVersionIdentifier,
           vulnerableVersionRange
-        ).format()
-      })
+        })
+        debug.debugLog(e)
+      }
     }
   }
   return infoByPkg
@@ -2631,5 +2641,5 @@ exports.supportedConfigKeys = supportedConfigKeys
 exports.updateConfigValue = updateConfigValue
 exports.updateNode = updateNode
 exports.updatePackageJsonFromNode = updatePackageJsonFromNode
-//# debugId=4e381a74-f55d-4cc7-b704-6b7e16da57f8
+//# debugId=2a75b512-d681-4137-917d-d3b41bda7e56
 //# sourceMappingURL=shadow-npm-inject.js.map