@socketsecurity/cli 0.14.29 → 0.14.31
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/bin/cli.js +2 -4
- package/bin/npm-cli.js +2 -4
- package/bin/npx-cli.js +2 -4
- package/dist/module-sync/cli.js +137 -112
- package/dist/module-sync/constants.d.ts +8 -2
- package/dist/module-sync/constants.js +34 -16
- package/dist/module-sync/link.js +15 -3
- package/dist/module-sync/npm-cli.js +21 -9
- package/dist/module-sync/npm-injection.js +406 -173
- package/dist/module-sync/npx-cli.js +19 -7
- package/dist/module-sync/path-resolve.js +17 -5
- package/dist/module-sync/sdk.d.ts +1 -2
- package/dist/module-sync/sdk.js +42 -32
- package/dist/module-sync/vendor.js +82 -0
- package/dist/require/cli.js +102 -76
- package/dist/require/constants.d.ts +8 -2
- package/dist/require/constants.js +35 -12
- package/dist/require/link.js +15 -3
- package/dist/require/npm-cli.js +19 -7
- package/dist/require/npm-injection.js +167 -170
- package/dist/require/npx-cli.js +17 -5
- package/dist/require/path-resolve.js +17 -5
- package/dist/require/sdk.d.ts +1 -2
- package/dist/require/sdk.js +36 -26
- package/dist/require/vendor.js +23 -11
- package/package.json +6 -4
- package/translations.json +191 -288
|
@@ -1,11 +1,23 @@
|
|
|
1
1
|
#!/usr/bin/env node
|
|
2
2
|
'use strict';
|
|
3
3
|
|
|
4
|
-
|
|
5
|
-
|
|
6
|
-
|
|
7
|
-
|
|
8
|
-
|
|
4
|
+
function _interop(e) {
|
|
5
|
+
let d
|
|
6
|
+
if (e) {
|
|
7
|
+
let c = 0
|
|
8
|
+
for (const k in e) {
|
|
9
|
+
d = c++ === 0 && k === 'default' ? e[k] : void 0
|
|
10
|
+
if (!d) break
|
|
11
|
+
}
|
|
12
|
+
}
|
|
13
|
+
return d ?? e
|
|
14
|
+
}
|
|
15
|
+
|
|
16
|
+
var vendor = _interop(require('./vendor.js'));
|
|
17
|
+
var require$$1 = _interop(require('node:path'));
|
|
18
|
+
var require$$1$1 = _interop(require('@npmcli/promise-spawn'));
|
|
19
|
+
var constants = _interop(require('./constants.js'));
|
|
20
|
+
var link = _interop(require('./link.js'));
|
|
9
21
|
|
|
10
22
|
var npxCli$2 = {};
|
|
11
23
|
|
|
@@ -31,7 +43,7 @@ spawnPromise.process.on('exit', (code, signal) => {
|
|
|
31
43
|
|
|
32
44
|
(function (exports) {
|
|
33
45
|
|
|
34
|
-
var _interopRequireWildcard =
|
|
46
|
+
var _interopRequireWildcard = vendor.interopRequireWildcard.default;
|
|
35
47
|
Object.defineProperty(exports, "__esModule", {
|
|
36
48
|
value: true
|
|
37
49
|
});
|
|
@@ -56,6 +68,6 @@ spawnPromise.process.on('exit', (code, signal) => {
|
|
|
56
68
|
});
|
|
57
69
|
} (npxCli$2));
|
|
58
70
|
|
|
59
|
-
var npxCli = /*@__PURE__*/
|
|
71
|
+
var npxCli = /*@__PURE__*/vendor.getDefaultExportFromCjs(npxCli$2);
|
|
60
72
|
|
|
61
73
|
module.exports = npxCli;
|
|
@@ -1,10 +1,22 @@
|
|
|
1
1
|
'use strict';
|
|
2
2
|
|
|
3
|
-
|
|
4
|
-
|
|
5
|
-
|
|
6
|
-
|
|
7
|
-
|
|
3
|
+
function _interop(e) {
|
|
4
|
+
let d
|
|
5
|
+
if (e) {
|
|
6
|
+
let c = 0
|
|
7
|
+
for (const k in e) {
|
|
8
|
+
d = c++ === 0 && k === 'default' ? e[k] : void 0
|
|
9
|
+
if (!d) break
|
|
10
|
+
}
|
|
11
|
+
}
|
|
12
|
+
return d ?? e
|
|
13
|
+
}
|
|
14
|
+
|
|
15
|
+
var require$$1$1 = _interop(require('node:fs/promises'));
|
|
16
|
+
var require$$1 = _interop(require('node:path'));
|
|
17
|
+
var require$$2 = _interop(require('ignore'));
|
|
18
|
+
var require$$3 = _interop(require('micromatch'));
|
|
19
|
+
var require$$8 = _interop(require('tinyglobby'));
|
|
8
20
|
|
|
9
21
|
var pathResolve = {};
|
|
10
22
|
|
|
@@ -3,7 +3,6 @@ import { SocketSdk } from '@socketsecurity/sdk';
|
|
|
3
3
|
declare function createDebugLogger(printDebugLogs?: boolean): typeof console.error;
|
|
4
4
|
declare function isErrnoException(value: unknown): value is NodeJS.ErrnoException;
|
|
5
5
|
declare function stringJoinWithSeparateFinalSeparator(list: (string | undefined)[], separator?: string): string;
|
|
6
|
-
declare const FREE_API_KEY = "sktsec_t_--RAN5U4ivauy4w37-6aoKyYPDt5ZbaT5JBVMqiwKo_api";
|
|
7
6
|
declare function getDefaultKey(): string | undefined;
|
|
8
7
|
declare function setupSdk(apiKey?: string | undefined, apiBaseUrl?: string | undefined, proxy?: string | undefined): Promise<SocketSdk>;
|
|
9
|
-
export { createDebugLogger, isErrnoException, stringJoinWithSeparateFinalSeparator,
|
|
8
|
+
export { createDebugLogger, isErrnoException, stringJoinWithSeparateFinalSeparator, getDefaultKey, setupSdk };
|
package/dist/module-sync/sdk.js
CHANGED
|
@@ -1,18 +1,31 @@
|
|
|
1
1
|
'use strict';
|
|
2
2
|
|
|
3
|
-
|
|
4
|
-
|
|
5
|
-
|
|
6
|
-
|
|
7
|
-
|
|
8
|
-
|
|
9
|
-
|
|
10
|
-
|
|
11
|
-
|
|
12
|
-
|
|
13
|
-
|
|
14
|
-
|
|
15
|
-
var
|
|
3
|
+
function _interop(e) {
|
|
4
|
+
let d
|
|
5
|
+
if (e) {
|
|
6
|
+
let c = 0
|
|
7
|
+
for (const k in e) {
|
|
8
|
+
d = c++ === 0 && k === 'default' ? e[k] : void 0
|
|
9
|
+
if (!d) break
|
|
10
|
+
}
|
|
11
|
+
}
|
|
12
|
+
return d ?? e
|
|
13
|
+
}
|
|
14
|
+
|
|
15
|
+
var vendor = _interop(require('./vendor.js'));
|
|
16
|
+
var require$$1 = _interop(require('yoctocolors-cjs'));
|
|
17
|
+
var require$$2 = _interop(require('is-unicode-supported'));
|
|
18
|
+
var require$$3 = _interop(require('terminal-link'));
|
|
19
|
+
var require$$1$2 = _interop(require('@inquirer/password'));
|
|
20
|
+
var require$$2$2 = _interop(require('hpagent'));
|
|
21
|
+
var require$$3$2 = _interop(require('is-interactive'));
|
|
22
|
+
var require$$4 = _interop(require('@socketsecurity/registry/lib/strings'));
|
|
23
|
+
var require$$5 = _interop(require('@socketsecurity/sdk'));
|
|
24
|
+
var constants = _interop(require('./constants.js'));
|
|
25
|
+
var require$$0 = _interop(require('node:fs'));
|
|
26
|
+
var require$$2$1 = _interop(require('node:os'));
|
|
27
|
+
var require$$1$1 = _interop(require('node:path'));
|
|
28
|
+
var require$$3$1 = _interop(require('@socketregistry/yocto-spinner'));
|
|
16
29
|
|
|
17
30
|
var errors = {};
|
|
18
31
|
|
|
@@ -32,7 +45,7 @@ errors.InputError = InputError;
|
|
|
32
45
|
|
|
33
46
|
var colorOrMarkdown = {};
|
|
34
47
|
|
|
35
|
-
var _interopRequireDefault$1 =
|
|
48
|
+
var _interopRequireDefault$1 = vendor.interopRequireDefault.default;
|
|
36
49
|
Object.defineProperty(colorOrMarkdown, "__esModule", {
|
|
37
50
|
value: true
|
|
38
51
|
});
|
|
@@ -142,7 +155,7 @@ Object.defineProperty(settings$1, "__esModule", {
|
|
|
142
155
|
});
|
|
143
156
|
settings$1.getSetting = getSetting;
|
|
144
157
|
settings$1.updateSetting = updateSetting;
|
|
145
|
-
var _nodeFs = require$$0
|
|
158
|
+
var _nodeFs = require$$0;
|
|
146
159
|
var _nodeOs = require$$2$1;
|
|
147
160
|
var _nodePath = require$$1$1;
|
|
148
161
|
var _yoctoSpinner = require$$3$1;
|
|
@@ -181,45 +194,42 @@ function updateSetting(key, value) {
|
|
|
181
194
|
}
|
|
182
195
|
}
|
|
183
196
|
|
|
184
|
-
var _interopRequireDefault =
|
|
197
|
+
var _interopRequireDefault = vendor.interopRequireDefault.default;
|
|
185
198
|
Object.defineProperty(sdk, "__esModule", {
|
|
186
199
|
value: true
|
|
187
200
|
});
|
|
188
|
-
sdk.FREE_API_KEY = void 0;
|
|
189
201
|
sdk.getDefaultKey = getDefaultKey;
|
|
190
202
|
sdk.setupSdk = setupSdk;
|
|
191
|
-
var
|
|
203
|
+
var _password = require$$1$2;
|
|
192
204
|
var _hpagent = require$$2$2;
|
|
193
205
|
var _isInteractive = _interopRequireDefault(require$$3$2);
|
|
194
|
-
var
|
|
206
|
+
var _strings = require$$4;
|
|
207
|
+
var _sdk = require$$5;
|
|
195
208
|
var _constants = constants.constants;
|
|
196
209
|
var _errors = errors;
|
|
197
210
|
var _settings = settings$1;
|
|
198
|
-
|
|
199
|
-
|
|
200
|
-
// This API key should be stored globally for the duration of the CLI execution
|
|
211
|
+
// This API key should be stored globally for the duration of the CLI execution.
|
|
201
212
|
let defaultKey;
|
|
202
213
|
function getDefaultKey() {
|
|
203
|
-
|
|
214
|
+
const key = process.env['SOCKET_SECURITY_API_KEY'] || (0, _settings.getSetting)('apiKey') || defaultKey;
|
|
215
|
+
defaultKey = (0, _strings.isNonEmptyString)(key) ? key : undefined;
|
|
204
216
|
return defaultKey;
|
|
205
217
|
}
|
|
206
218
|
|
|
207
|
-
// The API server that should be used for operations
|
|
208
|
-
let defaultAPIBaseUrl;
|
|
219
|
+
// The API server that should be used for operations.
|
|
209
220
|
function getDefaultAPIBaseUrl() {
|
|
210
|
-
|
|
211
|
-
return
|
|
221
|
+
const baseUrl = process.env['SOCKET_SECURITY_API_BASE_URL'] || (0, _settings.getSetting)('apiBaseUrl');
|
|
222
|
+
return (0, _strings.isNonEmptyString)(baseUrl) ? baseUrl : undefined;
|
|
212
223
|
}
|
|
213
224
|
|
|
214
|
-
// The API server that should be used for operations
|
|
215
|
-
let defaultApiProxy;
|
|
225
|
+
// The API server that should be used for operations.
|
|
216
226
|
function getDefaultHTTPProxy() {
|
|
217
|
-
|
|
218
|
-
return
|
|
227
|
+
const apiProxy = process.env['SOCKET_SECURITY_API_PROXY'] || (0, _settings.getSetting)('apiProxy');
|
|
228
|
+
return (0, _strings.isNonEmptyString)(apiProxy) ? apiProxy : undefined;
|
|
219
229
|
}
|
|
220
230
|
async function setupSdk(apiKey = getDefaultKey(), apiBaseUrl = getDefaultAPIBaseUrl(), proxy = getDefaultHTTPProxy()) {
|
|
221
231
|
if (typeof apiKey !== 'string' && (0, _isInteractive.default)()) {
|
|
222
|
-
apiKey = await (
|
|
232
|
+
apiKey = await _password({
|
|
223
233
|
message: 'Enter your Socket.dev API key (not saved, use socket login to persist)'
|
|
224
234
|
});
|
|
225
235
|
defaultKey = apiKey;
|
|
@@ -0,0 +1,82 @@
|
|
|
1
|
+
'use strict';
|
|
2
|
+
|
|
3
|
+
function _interop(e) {
|
|
4
|
+
let d
|
|
5
|
+
if (e) {
|
|
6
|
+
let c = 0
|
|
7
|
+
for (const k in e) {
|
|
8
|
+
d = c++ === 0 && k === 'default' ? e[k] : void 0
|
|
9
|
+
if (!d) break
|
|
10
|
+
}
|
|
11
|
+
}
|
|
12
|
+
return d ?? e
|
|
13
|
+
}
|
|
14
|
+
|
|
15
|
+
function getDefaultExportFromCjs (x) {
|
|
16
|
+
return x && x.__esModule && Object.prototype.hasOwnProperty.call(x, 'default') ? x['default'] : x;
|
|
17
|
+
}
|
|
18
|
+
|
|
19
|
+
var interopRequireWildcard = {};
|
|
20
|
+
|
|
21
|
+
var _typeof$1 = {};
|
|
22
|
+
|
|
23
|
+
Object.defineProperty(_typeof$1, "__esModule", {
|
|
24
|
+
value: true
|
|
25
|
+
});
|
|
26
|
+
_typeof$1.default = _typeof;
|
|
27
|
+
function _typeof(o) {
|
|
28
|
+
"@babel/helpers - typeof";
|
|
29
|
+
|
|
30
|
+
return _typeof$1.default = _typeof = "function" == typeof Symbol && "symbol" == typeof Symbol.iterator ? function (o) {
|
|
31
|
+
return typeof o;
|
|
32
|
+
} : function (o) {
|
|
33
|
+
return o && "function" == typeof Symbol && o.constructor === Symbol && o !== Symbol.prototype ? "symbol" : typeof o;
|
|
34
|
+
}, _typeof(o);
|
|
35
|
+
}
|
|
36
|
+
|
|
37
|
+
Object.defineProperty(interopRequireWildcard, "__esModule", {
|
|
38
|
+
value: true
|
|
39
|
+
});
|
|
40
|
+
interopRequireWildcard.default = _interopRequireWildcard;
|
|
41
|
+
var _typeof2 = _typeof$1;
|
|
42
|
+
function _getRequireWildcardCache(e) {
|
|
43
|
+
if ("function" != typeof WeakMap) return null;
|
|
44
|
+
var r = new WeakMap(),
|
|
45
|
+
t = new WeakMap();
|
|
46
|
+
return (_getRequireWildcardCache = function _getRequireWildcardCache(e) {
|
|
47
|
+
return e ? t : r;
|
|
48
|
+
})(e);
|
|
49
|
+
}
|
|
50
|
+
function _interopRequireWildcard(e, r) {
|
|
51
|
+
if (!r && e && e.__esModule) return e;
|
|
52
|
+
if (null === e || "object" != (0, _typeof2.default)(e) && "function" != typeof e) return {
|
|
53
|
+
"default": e
|
|
54
|
+
};
|
|
55
|
+
var t = _getRequireWildcardCache(r);
|
|
56
|
+
if (t && t.has(e)) return t.get(e);
|
|
57
|
+
var n = {
|
|
58
|
+
__proto__: null
|
|
59
|
+
},
|
|
60
|
+
a = Object.defineProperty && Object.getOwnPropertyDescriptor;
|
|
61
|
+
for (var u in e) if ("default" !== u && {}.hasOwnProperty.call(e, u)) {
|
|
62
|
+
var i = a ? Object.getOwnPropertyDescriptor(e, u) : null;
|
|
63
|
+
i && (i.get || i.set) ? Object.defineProperty(n, u, i) : n[u] = e[u];
|
|
64
|
+
}
|
|
65
|
+
return n["default"] = e, t && t.set(e, n), n;
|
|
66
|
+
}
|
|
67
|
+
|
|
68
|
+
var interopRequireDefault = {};
|
|
69
|
+
|
|
70
|
+
Object.defineProperty(interopRequireDefault, "__esModule", {
|
|
71
|
+
value: true
|
|
72
|
+
});
|
|
73
|
+
interopRequireDefault.default = _interopRequireDefault;
|
|
74
|
+
function _interopRequireDefault(e) {
|
|
75
|
+
return e && e.__esModule ? e : {
|
|
76
|
+
"default": e
|
|
77
|
+
};
|
|
78
|
+
}
|
|
79
|
+
|
|
80
|
+
exports.getDefaultExportFromCjs = getDefaultExportFromCjs;
|
|
81
|
+
exports.interopRequireDefault = interopRequireDefault;
|
|
82
|
+
exports.interopRequireWildcard = interopRequireWildcard;
|
package/dist/require/cli.js
CHANGED
|
@@ -1,48 +1,62 @@
|
|
|
1
1
|
#!/usr/bin/env node
|
|
2
2
|
'use strict';
|
|
3
3
|
|
|
4
|
-
|
|
5
|
-
|
|
6
|
-
|
|
7
|
-
|
|
8
|
-
|
|
9
|
-
|
|
10
|
-
|
|
11
|
-
|
|
12
|
-
|
|
13
|
-
|
|
14
|
-
|
|
15
|
-
|
|
16
|
-
var
|
|
17
|
-
var require$$
|
|
18
|
-
var require$$
|
|
19
|
-
var require$$4$
|
|
20
|
-
var require$$
|
|
21
|
-
var require$$
|
|
22
|
-
var require$$
|
|
23
|
-
var require$$
|
|
24
|
-
var require$$
|
|
25
|
-
var
|
|
26
|
-
var require$$
|
|
27
|
-
var
|
|
28
|
-
var require$$
|
|
29
|
-
var require$$4
|
|
30
|
-
var require$$
|
|
31
|
-
var require$$
|
|
32
|
-
var require$$2
|
|
33
|
-
var require$$
|
|
34
|
-
var
|
|
35
|
-
var require$$
|
|
36
|
-
var require$$
|
|
37
|
-
var require$$
|
|
38
|
-
var require$$
|
|
39
|
-
var require$$
|
|
40
|
-
var require$$
|
|
41
|
-
var require$$
|
|
42
|
-
var require$$
|
|
43
|
-
var require$$
|
|
44
|
-
var require$$
|
|
45
|
-
var require$$2
|
|
4
|
+
function _interop(e) {
|
|
5
|
+
let d
|
|
6
|
+
if (e) {
|
|
7
|
+
let c = 0
|
|
8
|
+
for (const k in e) {
|
|
9
|
+
d = c++ === 0 && k === 'default' ? e[k] : void 0
|
|
10
|
+
if (!d) break
|
|
11
|
+
}
|
|
12
|
+
}
|
|
13
|
+
return d ?? e
|
|
14
|
+
}
|
|
15
|
+
|
|
16
|
+
var vendor = _interop(require('./vendor.js'));
|
|
17
|
+
var require$$8$2 = _interop(require('node:url'));
|
|
18
|
+
var require$$1$2 = _interop(require('yoctocolors-cjs'));
|
|
19
|
+
var require$$4$1 = _interop(require('pony-cause'));
|
|
20
|
+
var require$$0 = _interop(require('node:fs'));
|
|
21
|
+
var require$$1 = _interop(require('node:path'));
|
|
22
|
+
var require$$1$1 = _interop(require('@npmcli/promise-spawn'));
|
|
23
|
+
var require$$4 = _interop(require('yargs-parser'));
|
|
24
|
+
var require$$5 = _interop(require('@socketsecurity/registry/lib/words'));
|
|
25
|
+
var constants = _interop(require('./constants.js'));
|
|
26
|
+
var require$$3 = _interop(require('@socketregistry/yocto-spinner'));
|
|
27
|
+
var sdk = _interop(require('./sdk.js'));
|
|
28
|
+
var require$$1$3 = _interop(require('@inquirer/confirm'));
|
|
29
|
+
var require$$1$4 = _interop(require('@inquirer/password'));
|
|
30
|
+
var require$$3$1 = _interop(require('@inquirer/select'));
|
|
31
|
+
var require$$1$5 = _interop(require('node:fs/promises'));
|
|
32
|
+
var require$$5$2 = _interop(require('npm-package-arg'));
|
|
33
|
+
var require$$4$2 = _interop(require('semver'));
|
|
34
|
+
var require$$8$1 = _interop(require('tinyglobby'));
|
|
35
|
+
var require$$9 = _interop(require('yaml'));
|
|
36
|
+
var require$$10 = _interop(require('@socketsecurity/registry'));
|
|
37
|
+
var require$$7 = _interop(require('@socketsecurity/registry/lib/objects'));
|
|
38
|
+
var require$$8 = _interop(require('@socketsecurity/registry/lib/packages'));
|
|
39
|
+
var require$$13 = _interop(require('@socketsecurity/registry/lib/promises'));
|
|
40
|
+
var require$$14 = _interop(require('@socketsecurity/registry/lib/regexps'));
|
|
41
|
+
var require$$4$3 = _interop(require('@socketsecurity/registry/lib/strings'));
|
|
42
|
+
var require$$2 = _interop(require('browserslist'));
|
|
43
|
+
var require$$4$4 = _interop(require('which'));
|
|
44
|
+
var require$$5$1 = _interop(require('@socketregistry/hyrious__bun.lockb'));
|
|
45
|
+
var require$$3$2 = _interop(require('@socketsecurity/registry/lib/constants'));
|
|
46
|
+
var require$$2$1 = _interop(require('@apideck/better-ajv-errors'));
|
|
47
|
+
var require$$6 = _interop(require('@socketsecurity/config'));
|
|
48
|
+
var pathResolve = _interop(require('./path-resolve.js'));
|
|
49
|
+
var require$$1$6 = _interop(require('node:os'));
|
|
50
|
+
var require$$3$3 = _interop(require('node:readline'));
|
|
51
|
+
var require$$0$1 = _interop(require('node:process'));
|
|
52
|
+
var require$$2$2 = _interop(require('node:readline/promises'));
|
|
53
|
+
var require$$2$3 = _interop(require('chalk-table'));
|
|
54
|
+
var require$$2$4 = _interop(require('blessed/lib/widgets/screen'));
|
|
55
|
+
var require$$3$4 = _interop(require('blessed-contrib/lib/widget/charts/bar'));
|
|
56
|
+
var require$$4$5 = _interop(require('blessed-contrib/lib/layout/grid'));
|
|
57
|
+
var require$$5$3 = _interop(require('blessed-contrib/lib/widget/charts/line'));
|
|
58
|
+
var require$$0$2 = _interop(require('node:util'));
|
|
59
|
+
var require$$2$5 = _interop(require('blessed-contrib/lib/widget/table'));
|
|
46
60
|
|
|
47
61
|
var cli$2 = {};
|
|
48
62
|
|
|
@@ -62,7 +76,7 @@ var _promiseSpawn$6 = require$$1$1;
|
|
|
62
76
|
var _yoctocolorsCjs$j = require$$1$2;
|
|
63
77
|
var _yargsParser = require$$4;
|
|
64
78
|
var _words$1 = require$$5;
|
|
65
|
-
var _constants$
|
|
79
|
+
var _constants$8 = constants.constants;
|
|
66
80
|
const {
|
|
67
81
|
execPath
|
|
68
82
|
} = process;
|
|
@@ -191,7 +205,7 @@ cdxgen.cdxgen = {
|
|
|
191
205
|
// Use synp to create a package-lock.json from the yarn.lock,
|
|
192
206
|
// based on the node_modules folder, for a more accurate SBOM.
|
|
193
207
|
try {
|
|
194
|
-
await _promiseSpawn$6(execPath, [await _nodeFs$3.promises.realpath(_constants$
|
|
208
|
+
await _promiseSpawn$6(execPath, [await _nodeFs$3.promises.realpath(_constants$8.synpBinPath), '--source-file', './yarn.lock'], {
|
|
195
209
|
shell: true
|
|
196
210
|
});
|
|
197
211
|
yargv.type = 'npm';
|
|
@@ -202,7 +216,7 @@ cdxgen.cdxgen = {
|
|
|
202
216
|
if (yargv.output === undefined) {
|
|
203
217
|
yargv.output = 'socket-cdx.json';
|
|
204
218
|
}
|
|
205
|
-
await _promiseSpawn$6(execPath, [await _nodeFs$3.promises.realpath(_constants$
|
|
219
|
+
await _promiseSpawn$6(execPath, [await _nodeFs$3.promises.realpath(_constants$8.cdxgenBinPath), ...argvToArray(yargv)], {
|
|
206
220
|
env: {
|
|
207
221
|
NODE_ENV: '',
|
|
208
222
|
SBOM_SIGN_ALGORITHM,
|
|
@@ -291,10 +305,11 @@ apiHelpers.queryAPI = queryAPI;
|
|
|
291
305
|
var _yoctocolorsCjs$i = require$$1$2;
|
|
292
306
|
var _ponyCause$4 = require$$4$1;
|
|
293
307
|
var _errors$l = sdk.errors;
|
|
294
|
-
var _constants$
|
|
308
|
+
var _constants$7 = constants.constants;
|
|
295
309
|
function handleUnsuccessfulApiResponse(_name, result, spinner) {
|
|
296
|
-
|
|
297
|
-
const
|
|
310
|
+
// SocketSdkErrorType['error'] is not typed.
|
|
311
|
+
const resultErrorMessage = result.error?.message;
|
|
312
|
+
const message = typeof resultErrorMessage === 'string' ? resultErrorMessage : 'No error message returned';
|
|
298
313
|
if (result.status === 401 || result.status === 403) {
|
|
299
314
|
spinner.stop();
|
|
300
315
|
throw new _errors$l.AuthError(message);
|
|
@@ -315,16 +330,16 @@ async function handleApiCall(value, description) {
|
|
|
315
330
|
}
|
|
316
331
|
async function handleAPIError(code) {
|
|
317
332
|
if (code === 400) {
|
|
318
|
-
return
|
|
333
|
+
return 'One of the options passed might be incorrect.';
|
|
319
334
|
} else if (code === 403) {
|
|
320
|
-
return
|
|
335
|
+
return 'You might be trying to access an organization that is not linked to the API key you are logged in with.';
|
|
321
336
|
}
|
|
322
337
|
}
|
|
323
338
|
async function queryAPI(path, apiKey) {
|
|
324
|
-
return await fetch(`${_constants$
|
|
339
|
+
return await fetch(`${_constants$7.API_V0_URL}/${path}`, {
|
|
325
340
|
method: 'GET',
|
|
326
341
|
headers: {
|
|
327
|
-
Authorization:
|
|
342
|
+
Authorization: `Basic ${btoa(`${apiKey}:${apiKey}`)}`
|
|
328
343
|
}
|
|
329
344
|
});
|
|
330
345
|
}
|
|
@@ -440,6 +455,7 @@ info$1.info = void 0;
|
|
|
440
455
|
var _yoctocolorsCjs$h = require$$1$2;
|
|
441
456
|
var _meow$p = _interopRequireDefault$q(vendor.build);
|
|
442
457
|
var _yoctoSpinner$l = require$$3;
|
|
458
|
+
var _constants$6 = constants.constants;
|
|
443
459
|
var _flags$k = flags$1;
|
|
444
460
|
var _apiHelpers$i = apiHelpers;
|
|
445
461
|
var _colorOrMarkdown$3 = sdk.colorOrMarkdown;
|
|
@@ -524,7 +540,7 @@ function setupCommand$m(name, description, argv, importMeta) {
|
|
|
524
540
|
async function fetchPackageData(pkgName, pkgVersion, {
|
|
525
541
|
includeAllIssues
|
|
526
542
|
}, spinner) {
|
|
527
|
-
const socketSdk = await (0, _sdk$j.setupSdk)((0, _sdk$j.getDefaultKey)()
|
|
543
|
+
const socketSdk = await (0, _sdk$j.setupSdk)((0, _sdk$j.getDefaultKey)() ?? _constants$6.SOCKET_PUBLIC_API_KEY);
|
|
528
544
|
const result = await (0, _apiHelpers$i.handleApiCall)(socketSdk.getIssuesByNPMPackage(pkgName, pkgVersion), 'looking up package');
|
|
529
545
|
const scoreResult = await (0, _apiHelpers$i.handleApiCall)(socketSdk.getScoreByNPMPackage(pkgName, pkgVersion), 'looking up package score');
|
|
530
546
|
if (result.success === false) {
|
|
@@ -637,11 +653,14 @@ Object.defineProperty(login, "__esModule", {
|
|
|
637
653
|
value: true
|
|
638
654
|
});
|
|
639
655
|
login.login = void 0;
|
|
640
|
-
var
|
|
656
|
+
var _confirm = require$$1$3;
|
|
657
|
+
var _password = require$$1$4;
|
|
658
|
+
var _select$1 = require$$3$1;
|
|
641
659
|
var _isInteractive = _interopRequireDefault$p(vendor.isInteractive);
|
|
642
660
|
var _meow$o = _interopRequireDefault$p(vendor.build);
|
|
643
661
|
var _yoctoSpinner$k = require$$3;
|
|
644
662
|
var _terminalLink = _interopRequireDefault$p(vendor.terminalLink);
|
|
663
|
+
var _constants$5 = constants.constants;
|
|
645
664
|
var _errors$j = sdk.errors;
|
|
646
665
|
var _formatting$l = formatting;
|
|
647
666
|
var _sdk$i = sdk.sdk;
|
|
@@ -697,9 +716,9 @@ login.login = {
|
|
|
697
716
|
if (!(0, _isInteractive.default)()) {
|
|
698
717
|
throw new _errors$j.InputError('Cannot prompt for credentials in a non-interactive shell');
|
|
699
718
|
}
|
|
700
|
-
const apiKey = (await (
|
|
719
|
+
const apiKey = (await _password({
|
|
701
720
|
message: `Enter your ${(0, _terminalLink.default)('Socket.dev API key', 'https://docs.socket.dev/docs/api-keys')} (leave blank for a public key)`
|
|
702
|
-
})) ||
|
|
721
|
+
})) || _constants$5.SOCKET_PUBLIC_API_KEY;
|
|
703
722
|
let apiBaseUrl = cli.flags['apiBaseUrl'];
|
|
704
723
|
apiBaseUrl ??= (0, _settings$1.getSetting)('apiBaseUrl') ?? undefined;
|
|
705
724
|
let apiProxy = cli.flags['apiProxy'];
|
|
@@ -726,7 +745,7 @@ login.login = {
|
|
|
726
745
|
}));
|
|
727
746
|
let enforcedOrgs = [];
|
|
728
747
|
if (enforcedChoices.length > 1) {
|
|
729
|
-
const id = await
|
|
748
|
+
const id = await _select$1({
|
|
730
749
|
message: "Which organization's policies should Socket enforce system-wide?",
|
|
731
750
|
choices: enforcedChoices.concat({
|
|
732
751
|
name: 'None',
|
|
@@ -738,7 +757,7 @@ login.login = {
|
|
|
738
757
|
enforcedOrgs = [id];
|
|
739
758
|
}
|
|
740
759
|
} else if (enforcedChoices.length) {
|
|
741
|
-
const confirmOrg = await (
|
|
760
|
+
const confirmOrg = await _confirm({
|
|
742
761
|
message: `Should Socket enforce ${enforcedChoices[0]?.name}'s security policies system-wide?`,
|
|
743
762
|
default: true
|
|
744
763
|
});
|
|
@@ -928,12 +947,12 @@ var _nodePath$2 = require$$1;
|
|
|
928
947
|
var _promiseSpawn$3 = require$$1$1;
|
|
929
948
|
var _browserslist = require$$2;
|
|
930
949
|
var _semver$1 = require$$4$2;
|
|
931
|
-
var _which = require$$4$
|
|
950
|
+
var _which = require$$4$4;
|
|
932
951
|
var _hyrious__bun = require$$5$1;
|
|
933
|
-
var _constants$2 = require$$3$
|
|
952
|
+
var _constants$2 = require$$3$2;
|
|
934
953
|
var _objects$2 = require$$7;
|
|
935
954
|
var _packages$1 = require$$8;
|
|
936
|
-
var _strings$1 = require$$
|
|
955
|
+
var _strings$1 = require$$4$3;
|
|
937
956
|
var _fs$1 = fs;
|
|
938
957
|
const AGENTS = packageManagerDetector.AGENTS = ['bun', 'npm', 'pnpm', 'yarn/berry', 'yarn/classic', 'vlt'];
|
|
939
958
|
const {
|
|
@@ -1116,7 +1135,7 @@ Object.defineProperty(optimize$1, "__esModule", {
|
|
|
1116
1135
|
value: true
|
|
1117
1136
|
});
|
|
1118
1137
|
optimize$1.optimize = void 0;
|
|
1119
|
-
var _promises$2 = require$$1$
|
|
1138
|
+
var _promises$2 = require$$1$5;
|
|
1120
1139
|
var _nodePath$1 = require$$1;
|
|
1121
1140
|
var _promiseSpawn$2 = require$$1$1;
|
|
1122
1141
|
var _meow$m = _interopRequireDefault$n(vendor.build);
|
|
@@ -1124,13 +1143,13 @@ var _npmPackageArg = require$$5$2;
|
|
|
1124
1143
|
var _yoctoSpinner$i = require$$3;
|
|
1125
1144
|
var _semver = require$$4$2;
|
|
1126
1145
|
var _tinyglobby = require$$8$1;
|
|
1127
|
-
var _yaml = require$$9
|
|
1146
|
+
var _yaml = require$$9;
|
|
1128
1147
|
var _registry = require$$10;
|
|
1129
1148
|
var _objects$1 = require$$7;
|
|
1130
1149
|
var _packages = require$$8;
|
|
1131
1150
|
var _promises2 = require$$13;
|
|
1132
1151
|
var _regexps = require$$14;
|
|
1133
|
-
var _strings = require$$
|
|
1152
|
+
var _strings = require$$4$3;
|
|
1134
1153
|
var _words = require$$5;
|
|
1135
1154
|
var _constants$1 = constants.constants;
|
|
1136
1155
|
var _flags$j = flags$1;
|
|
@@ -1139,6 +1158,7 @@ var _fs = fs;
|
|
|
1139
1158
|
var _packageManagerDetector = packageManagerDetector;
|
|
1140
1159
|
const COMMAND_TITLE = 'Socket Optimize';
|
|
1141
1160
|
const OVERRIDES_FIELD_NAME = 'overrides';
|
|
1161
|
+
const NPM_OVERRIDE_PR_URL = 'https://github.com/npm/cli/pull/7025';
|
|
1142
1162
|
const PNPM_FIELD_NAME = 'pnpm';
|
|
1143
1163
|
const PNPM_WORKSPACE = 'pnpm-workspace';
|
|
1144
1164
|
const RESOLUTIONS_FIELD_NAME = 'resolutions';
|
|
@@ -1820,13 +1840,18 @@ const optimize = optimize$1.optimize = {
|
|
|
1820
1840
|
try {
|
|
1821
1841
|
if (isNpm) {
|
|
1822
1842
|
const wrapperPath = _nodePath$1.join(_constants$1.distPath, 'npm-cli.js');
|
|
1823
|
-
|
|
1843
|
+
const npmSpawnOptions = {
|
|
1824
1844
|
stdio: 'ignore',
|
|
1825
1845
|
env: {
|
|
1826
1846
|
...process.env,
|
|
1827
|
-
UPDATE_SOCKET_OVERRIDES_IN_PACKAGE_LOCK_FILE: '1'
|
|
1847
|
+
[_constants$1.UPDATE_SOCKET_OVERRIDES_IN_PACKAGE_LOCK_FILE]: '1'
|
|
1828
1848
|
}
|
|
1829
|
-
}
|
|
1849
|
+
};
|
|
1850
|
+
await _promiseSpawn$2(process.execPath, [wrapperPath, 'install', '--silent'], npmSpawnOptions);
|
|
1851
|
+
// TODO: This is a temporary workaround for an `npm ci` bug where it
|
|
1852
|
+
// will error out after Socket Optimize generates a lock file. More
|
|
1853
|
+
// investigation is needed.
|
|
1854
|
+
await _promiseSpawn$2(process.execPath, [wrapperPath, 'install', '--silent', '--ignore-scripts', '--package-lock-only'], npmSpawnOptions);
|
|
1830
1855
|
} else {
|
|
1831
1856
|
// All package managers support the "install" command.
|
|
1832
1857
|
await _promiseSpawn$2(agentExecPath, ['install'], {
|
|
@@ -1835,7 +1860,7 @@ const optimize = optimize$1.optimize = {
|
|
|
1835
1860
|
}
|
|
1836
1861
|
spinner.stop();
|
|
1837
1862
|
if (isNpm) {
|
|
1838
|
-
console.log(`💡 Re-run ${COMMAND_TITLE} whenever ${lockName} changes.\n This can be skipped once npm ships
|
|
1863
|
+
console.log(`💡 Re-run ${COMMAND_TITLE} whenever ${lockName} changes.\n This can be skipped once npm ships ${NPM_OVERRIDE_PR_URL}.`);
|
|
1839
1864
|
}
|
|
1840
1865
|
} catch {
|
|
1841
1866
|
spinner.error(`${COMMAND_TITLE}: ${agent} install failed to update ${lockName}`);
|
|
@@ -2545,8 +2570,8 @@ Object.defineProperty(wrapper$1, "__esModule", {
|
|
|
2545
2570
|
});
|
|
2546
2571
|
wrapper$1.wrapper = void 0;
|
|
2547
2572
|
var _nodeFs$1 = require$$0;
|
|
2548
|
-
var _nodeOs = require$$1$
|
|
2549
|
-
var _nodeReadline = require$$3$
|
|
2573
|
+
var _nodeOs = require$$1$6;
|
|
2574
|
+
var _nodeReadline = require$$3$3;
|
|
2550
2575
|
var _meow$f = _interopRequireDefault$g(vendor.build);
|
|
2551
2576
|
var _flags$d = flags$1;
|
|
2552
2577
|
var _formatting$e = formatting;
|
|
@@ -3368,11 +3393,12 @@ scan.scan = {
|
|
|
3368
3393
|
var auditLog$1 = {};
|
|
3369
3394
|
|
|
3370
3395
|
var _interopRequireDefault$a = vendor.interopRequireDefault.default;
|
|
3396
|
+
var _interopRequireWildcard$1 = vendor.interopRequireWildcard.default;
|
|
3371
3397
|
Object.defineProperty(auditLog$1, "__esModule", {
|
|
3372
3398
|
value: true
|
|
3373
3399
|
});
|
|
3374
3400
|
auditLog$1.auditLog = void 0;
|
|
3375
|
-
var
|
|
3401
|
+
var _select = _interopRequireWildcard$1(require$$3$1, true);
|
|
3376
3402
|
var _yoctocolorsCjs$9 = require$$1$2;
|
|
3377
3403
|
var _meow$9 = _interopRequireDefault$a(vendor.build);
|
|
3378
3404
|
var _yoctoSpinner$9 = require$$3;
|
|
@@ -3494,11 +3520,11 @@ async function fetchOrgAuditLog(orgSlug, input, spinner, apiKey) {
|
|
|
3494
3520
|
})} - ${d.user_email} - ${d.type} - ${d.ip_address} - ${d.user_agent}`;
|
|
3495
3521
|
data.push({
|
|
3496
3522
|
name
|
|
3497
|
-
}, new
|
|
3523
|
+
}, new _select.Separator());
|
|
3498
3524
|
logDetails[name] = JSON.stringify(d.payload);
|
|
3499
3525
|
}
|
|
3500
3526
|
}
|
|
3501
|
-
console.log(logDetails[await (0,
|
|
3527
|
+
console.log(logDetails[await (0, _select.default)({
|
|
3502
3528
|
message: input.type ? `\n Audit log for: ${orgSlug} with type: ${input.type}\n` : `\n Audit log for: ${orgSlug}\n`,
|
|
3503
3529
|
choices: data,
|
|
3504
3530
|
pageSize: 30
|
|
@@ -4263,10 +4289,10 @@ Object.defineProperty(analytics$1, "__esModule", {
|
|
|
4263
4289
|
value: true
|
|
4264
4290
|
});
|
|
4265
4291
|
analytics$1.analytics = void 0;
|
|
4266
|
-
var _promises = require$$1$
|
|
4292
|
+
var _promises = require$$1$5;
|
|
4267
4293
|
var _screen$1 = require$$2$4;
|
|
4268
|
-
var _bar = require$$3$
|
|
4269
|
-
var _grid = require$$4$
|
|
4294
|
+
var _bar = require$$3$4;
|
|
4295
|
+
var _grid = require$$4$5;
|
|
4270
4296
|
var _line = require$$5$3;
|
|
4271
4297
|
var _meow$2 = _interopRequireDefault$3(vendor.build);
|
|
4272
4298
|
var _yoctocolorsCjs$2 = require$$1$2;
|