@socketsecurity/cli 0.14.15 → 0.14.16
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/npm-injection.js +42 -0
- package/package.json +5 -2
package/dist/npm-injection.js
CHANGED
|
@@ -10,6 +10,8 @@ var require$$3 = require('node:readline');
|
|
|
10
10
|
var require$$5 = require('node:stream');
|
|
11
11
|
var require$$8$1 = require('node:timers/promises');
|
|
12
12
|
var require$$3$1 = require('@socketsecurity/config');
|
|
13
|
+
var require$$6$1 = require('npm-package-arg');
|
|
14
|
+
var require$$3$2 = require('semver');
|
|
13
15
|
var sdk = require('./sdk.js');
|
|
14
16
|
var require$$1$1 = require('node:net');
|
|
15
17
|
var require$$2 = require('node:os');
|
|
@@ -393,6 +395,8 @@ var _config = require$$3$1;
|
|
|
393
395
|
var _chalk = _interopRequireDefault(vendor.source);
|
|
394
396
|
var _isInteractive = _interopRequireDefault(vendor.isInteractive);
|
|
395
397
|
var _ora = _interopRequireWildcard(vendor.ora);
|
|
398
|
+
var _npmPackageArg = require$$6$1;
|
|
399
|
+
var _semver = require$$3$2;
|
|
396
400
|
var _constants = sdk.constants;
|
|
397
401
|
var _ttyServer = ttyServer$1;
|
|
398
402
|
var _chalkMarkdown = sdk.chalkMarkdown;
|
|
@@ -1202,6 +1206,44 @@ class SafeOverrideSet extends OverrideSet {
|
|
|
1202
1206
|
}
|
|
1203
1207
|
return true;
|
|
1204
1208
|
}
|
|
1209
|
+
getEdgeRule(edge) {
|
|
1210
|
+
for (const rule of this.ruleset.values()) {
|
|
1211
|
+
if (rule.name !== edge.name) {
|
|
1212
|
+
continue;
|
|
1213
|
+
}
|
|
1214
|
+
// If keySpec is * we found our override.
|
|
1215
|
+
if (rule.keySpec === '*') {
|
|
1216
|
+
return rule;
|
|
1217
|
+
}
|
|
1218
|
+
// Patch replacing
|
|
1219
|
+
// let spec = npa(`${edge.name}@${edge.spec}`)
|
|
1220
|
+
// is based on https://github.com/npm/cli/pull/7025.
|
|
1221
|
+
//
|
|
1222
|
+
// We need to use the rawSpec here, because the spec has the overrides
|
|
1223
|
+
// applied to it already.
|
|
1224
|
+
let spec = _npmPackageArg(`${edge.name}@${edge.rawSpec}`);
|
|
1225
|
+
if (spec.type === 'alias') {
|
|
1226
|
+
spec = spec.subSpec;
|
|
1227
|
+
}
|
|
1228
|
+
if (spec.type === 'git') {
|
|
1229
|
+
if (spec.gitRange && rule.keySpec && _semver.intersects(spec.gitRange, rule.keySpec)) {
|
|
1230
|
+
return rule;
|
|
1231
|
+
}
|
|
1232
|
+
continue;
|
|
1233
|
+
}
|
|
1234
|
+
if (spec.type === 'range' || spec.type === 'version') {
|
|
1235
|
+
if (rule.keySpec && _semver.intersects(spec.fetchSpec, rule.keySpec)) {
|
|
1236
|
+
return rule;
|
|
1237
|
+
}
|
|
1238
|
+
continue;
|
|
1239
|
+
}
|
|
1240
|
+
// If we got this far, the spec type is one of tag, directory or file
|
|
1241
|
+
// which means we have no real way to make version comparisons, so we
|
|
1242
|
+
// just accept the override.
|
|
1243
|
+
return rule;
|
|
1244
|
+
}
|
|
1245
|
+
return this;
|
|
1246
|
+
}
|
|
1205
1247
|
|
|
1206
1248
|
// Patch adding isEqual is based on
|
|
1207
1249
|
// https://github.com/npm/cli/pull/7025.
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@socketsecurity/cli",
|
|
3
|
-
"version": "0.14.
|
|
3
|
+
"version": "0.14.16",
|
|
4
4
|
"description": "CLI tool for Socket.dev",
|
|
5
5
|
"homepage": "http://github.com/SocketDev/socket-cli",
|
|
6
6
|
"license": "MIT",
|
|
@@ -119,7 +119,6 @@
|
|
|
119
119
|
"eslint-plugin-depend": "^0.11.0",
|
|
120
120
|
"eslint-plugin-n": "^17.11.1",
|
|
121
121
|
"eslint-plugin-unicorn": "^56.0.0",
|
|
122
|
-
"globby": "^14.0.2",
|
|
123
122
|
"husky": "^9.1.6",
|
|
124
123
|
"is-interactive": "^2.0.0",
|
|
125
124
|
"is-unicode-supported": "^2.1.0",
|
|
@@ -162,9 +161,11 @@
|
|
|
162
161
|
"indent-string": "npm:@socketregistry/indent-string@^1",
|
|
163
162
|
"is-core-module": "npm:@socketregistry/is-core-module@^1",
|
|
164
163
|
"isarray": "npm:@socketregistry/isarray@^1",
|
|
164
|
+
"npm-package-arg": "$npm-package-arg",
|
|
165
165
|
"path-parse": "npm:@socketregistry/path-parse@^1",
|
|
166
166
|
"safe-buffer": "npm:@socketregistry/safe-buffer@^1",
|
|
167
167
|
"safer-buffer": "npm:@socketregistry/safer-buffer@^1",
|
|
168
|
+
"semver": "$semver",
|
|
168
169
|
"set-function-length": "npm:@socketregistry/set-function-length@^1",
|
|
169
170
|
"side-channel": "npm:@socketregistry/side-channel@^1"
|
|
170
171
|
},
|
|
@@ -181,9 +182,11 @@
|
|
|
181
182
|
"indent-string": "npm:@socketregistry/indent-string@^1",
|
|
182
183
|
"is-core-module": "npm:@socketregistry/is-core-module@^1",
|
|
183
184
|
"isarray": "npm:@socketregistry/isarray@^1",
|
|
185
|
+
"npm-package-arg": "^12.0.0",
|
|
184
186
|
"path-parse": "npm:@socketregistry/path-parse@^1",
|
|
185
187
|
"safe-buffer": "npm:@socketregistry/safe-buffer@^1",
|
|
186
188
|
"safer-buffer": "npm:@socketregistry/safer-buffer@^1",
|
|
189
|
+
"semver": "^7.6.3",
|
|
187
190
|
"set-function-length": "npm:@socketregistry/set-function-length@^1",
|
|
188
191
|
"side-channel": "npm:@socketregistry/side-channel@^1"
|
|
189
192
|
},
|