@socketsecurity/cli 0.14.132 → 0.14.133
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/cli.js +3 -3
- package/dist/cli.js.map +1 -1
- package/dist/shadow-npm-inject.js +17 -12
- package/dist/shadow-npm-inject.js.map +1 -1
- package/package.json +1 -1
|
@@ -662,7 +662,7 @@ async function setupSdk(
|
|
|
662
662
|
// The '@rollup/plugin-replace' will replace "process.env['INLINED_SOCKET_CLI_NAME']".
|
|
663
663
|
name: 'socket',
|
|
664
664
|
// The '@rollup/plugin-replace' will replace "process.env['INLINED_SOCKET_CLI_VERSION']".
|
|
665
|
-
version: '0.14.
|
|
665
|
+
version: '0.14.133',
|
|
666
666
|
// The '@rollup/plugin-replace' will replace "process.env['INLINED_SOCKET_CLI_HOMEPAGE']".
|
|
667
667
|
homepage: 'https://github.com/SocketDev/socket-cli'
|
|
668
668
|
})
|
|
@@ -2091,7 +2091,6 @@ async function addArtifactToAlertsMap(artifact, alertsByPkgId, options) {
|
|
|
2091
2091
|
return alertsByPkgId
|
|
2092
2092
|
}
|
|
2093
2093
|
function getCveInfoByAlertsMap(alertsMap, options) {
|
|
2094
|
-
debug.debugLog('getCveInfoByAlertsMap')
|
|
2095
2094
|
const exclude = {
|
|
2096
2095
|
upgradable: true,
|
|
2097
2096
|
...{
|
|
@@ -2123,16 +2122,22 @@ function getCveInfoByAlertsMap(alertsMap, options) {
|
|
|
2123
2122
|
}
|
|
2124
2123
|
const { firstPatchedVersionIdentifier, vulnerableVersionRange } =
|
|
2125
2124
|
alert.props
|
|
2126
|
-
|
|
2127
|
-
|
|
2128
|
-
|
|
2129
|
-
|
|
2130
|
-
|
|
2131
|
-
|
|
2132
|
-
|
|
2125
|
+
try {
|
|
2126
|
+
infos.push({
|
|
2127
|
+
firstPatchedVersionIdentifier,
|
|
2128
|
+
vulnerableVersionRange: new vendor.semverExports.Range(
|
|
2129
|
+
// Replace ', ' in a range like '>= 1.0.0, < 1.8.2' with ' ' so that
|
|
2130
|
+
// semver.Range will parse it without erroring.
|
|
2131
|
+
vulnerableVersionRange.replace(/, +/g, ' ')
|
|
2132
|
+
).format()
|
|
2133
|
+
})
|
|
2134
|
+
} catch (e) {
|
|
2135
|
+
debug.debugLog('getCveInfoByAlertsMap', {
|
|
2136
|
+
firstPatchedVersionIdentifier,
|
|
2133
2137
|
vulnerableVersionRange
|
|
2134
|
-
)
|
|
2135
|
-
|
|
2138
|
+
})
|
|
2139
|
+
debug.debugLog(e)
|
|
2140
|
+
}
|
|
2136
2141
|
}
|
|
2137
2142
|
}
|
|
2138
2143
|
return infoByPkg
|
|
@@ -2636,5 +2641,5 @@ exports.supportedConfigKeys = supportedConfigKeys
|
|
|
2636
2641
|
exports.updateConfigValue = updateConfigValue
|
|
2637
2642
|
exports.updateNode = updateNode
|
|
2638
2643
|
exports.updatePackageJsonFromNode = updatePackageJsonFromNode
|
|
2639
|
-
//# debugId=
|
|
2644
|
+
//# debugId=2a75b512-d681-4137-917d-d3b41bda7e56
|
|
2640
2645
|
//# sourceMappingURL=shadow-npm-inject.js.map
|