@socketsecurity/cli 0.14.42 → 0.14.44

package/dist/module-sync/sdk.d.ts

@@ -0,0 +1,5 @@
+import { SocketSdk } from '@socketsecurity/sdk';
+declare function getDefaultToken(): string | undefined;
+declare function getPublicToken(): string;
+declare function setupSdk(apiToken?: string | undefined, apiBaseUrl?: string | undefined, proxy?: string | undefined): Promise<SocketSdk>;
+export { getDefaultToken, getPublicToken, setupSdk };

package/dist/module-sync/settings.d.ts

@@ -1,9 +1,10 @@
 import config from '@socketsecurity/config';
 interface Settings {
-    apiKey?: string | null;
-    enforcedOrgs?: string[] | null;
-    apiBaseUrl?: string | null;
-    apiProxy?: string | null;
+    apiBaseUrl?: string | null | undefined;
+    apiKey?: string | null | undefined;
+    apiProxy?: string | null | undefined;
+    enforcedOrgs?: string[] | null | undefined;
+    apiToken?: string | null | undefined;
 }
 declare function findSocketYmlSync(): {
     path: string;

package/dist/module-sync/shadow-bin.d.ts

@@ -1,2 +1,2 @@
-declare function shadowBin(binName: 'npm' | 'npx', binArgs?: string[]): Promise<void>;
+declare function shadowBin(binName: 'npm' | 'npx', args?: string[]): Promise<void>;
 export { shadowBin as default };

package/dist/module-sync/shadow-bin.js

@@ -9,14 +9,16 @@ function _socketInterop(e) {
   return c ? e.default : e
 }
 
-var path = require('node:path');
 var process = require('node:process');
 var spawn = _socketInterop(require('@npmcli/promise-spawn'));
+var path = require('node:path');
 var cmdShim = _socketInterop(require('cmd-shim'));
 var npmPaths = require('./npm-paths.js');
 var constants = require('./constants.js');
+var npm = require('./npm.js');
 
 const {
+  CLI,
   NPX
 } = constants;
 async function installLinks(realBinPath, binName) {
@@ -37,7 +39,7 @@ async function installLinks(realBinPath, binName) {
     if (WIN32) {
       await cmdShim(
       // Lazily access constants.rootDistPath.
-      path.join(constants.rootDistPath, `${binName}-cli.js`), path.join(realBinPath, binName));
+      path.join(constants.rootDistPath, `${binName}-${CLI}.js`), path.join(realBinPath, binName));
     }
     process.env['PATH'] = `${realBinPath}${path.delimiter}${process.env['PATH']}`;
   }
@@ -45,25 +47,37 @@ async function installLinks(realBinPath, binName) {
 }
 
 const {
-  NPM,
+  SOCKET_CLI_SAFE_WRAPPER,
+  SOCKET_CLI_SENTRY_BUILD,
+  SOCKET_IPC_HANDSHAKE,
   abortSignal
 } = constants;
-async function shadowBin(binName, binArgs = process.argv.slice(2)) {
+async function shadowBin(binName, args = process.argv.slice(2)) {
   process.exitCode = 1;
+  const terminatorPos = args.indexOf('--');
+  const binArgs = (terminatorPos === -1 ? args : args.slice(0, terminatorPos)).filter(a => !npm.isProgressFlag(a));
+  const otherArgs = terminatorPos === -1 ? [] : args.slice(terminatorPos);
   const spawnPromise = spawn(
   // Lazily access constants.execPath.
   constants.execPath, [
   // Lazily access constants.nodeNoWarningsFlags.
-  ...constants.nodeNoWarningsFlags, '--require',
-  // Lazily access constants.distPath.
-  path.join(constants.distPath, 'npm-injection.js'),
+  ...constants.nodeNoWarningsFlags,
+  // Lazily access constants.ENV[SOCKET_CLI_SENTRY_BUILD].
+  ...(constants.ENV[SOCKET_CLI_SENTRY_BUILD] ? ['--require',
+  // Lazily access constants.instrumentWithSentryPath.
+  constants.instrumentWithSentryPath] : []), '--require',
+  // Lazily access constants.npmInjectionPath.
+  constants.npmInjectionPath,
   // Lazily access constants.shadowBinPath.
-  await installLinks(constants.shadowBinPath, binName), ...(binName === NPM && binArgs.includes('install') ? [
-  // Add the `--quiet` and `--no-progress` flags to fix input being swallowed
-  // by the spinner when running the command with recent versions of npm.
-  ...binArgs.filter(a => a !== '--progress' && a !== '--no-progress'), '--no-progress', ...(binArgs.includes('-q') || binArgs.includes('--quiet') || binArgs.includes('-s') || binArgs.includes('--silent') ? [] : ['--quiet'])] : binArgs)], {
+  await installLinks(constants.shadowBinPath, binName),
+  // Add `--no-progress` and `--quiet` flags to fix input being swallowed by
+  // the spinner when running the command with recent versions of npm.
+  '--no-progress',
+  // Add the '--quiet' flag if a loglevel flag is not provided.
+  ...(binArgs.some(npm.isLoglevelFlag) ? [] : ['--quiet']), ...binArgs, ...otherArgs], {
     signal: abortSignal,
-    stdio: 'inherit'
+    // 'inherit' + 'ipc'
+    stdio: [0, 1, 2, 'ipc']
   });
   // See https://nodejs.org/api/all.html#all_child_process_event-exit.
   spawnPromise.process.on('exit', (code, signalName) => {
@@ -76,7 +90,14 @@ async function shadowBin(binName, binArgs = process.argv.slice(2)) {
       process.exit(code);
     }
   });
+  spawnPromise.process.send({
+    [SOCKET_IPC_HANDSHAKE]: {
+      [SOCKET_CLI_SAFE_WRAPPER]: true
+    }
+  });
   await spawnPromise;
 }
 
 module.exports = shadowBin;
+//# debugId=f578bd6f-82f7-4281-b443-42099e9e8c53
+//# sourceMappingURL=shadow-bin.js.map

package/dist/module-sync/shadow-bin.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"shadow-bin.js","sources":["../../src/shadow/link.ts","../../src/shadow/shadow-bin.ts"],"sourcesContent":["import path from 'node:path'\nimport process from 'node:process'\n\nimport cmdShim from 'cmd-shim'\n\nimport {\n  getNpmBinPath,\n  getNpxBinPath,\n  isNpmBinPathShadowed,\n  isNpxBinPathShadowed\n} from './npm-paths'\nimport constants from '../constants'\n\nconst { CLI, NPX } = constants\n\nexport async function installLinks(\n  realBinPath: string,\n  binName: 'npm' | 'npx'\n): Promise<string> {\n  const isNpx = binName === NPX\n  // Find package manager being shadowed by this process.\n  const binPath = isNpx ? getNpxBinPath() : getNpmBinPath()\n  // Lazily access constants.WIN32.\n  const { WIN32 } = constants\n  // TODO: Is this early exit needed?\n  if (WIN32 && binPath) {\n    return binPath\n  }\n  const shadowed = isNpx ? isNpxBinPathShadowed() : isNpmBinPathShadowed()\n  // Move our bin directory to front of PATH so its found first.\n  if (!shadowed) {\n    if (WIN32) {\n      await cmdShim(\n        // Lazily access constants.rootDistPath.\n        path.join(constants.rootDistPath, `${binName}-${CLI}.js`),\n        path.join(realBinPath, binName)\n      )\n    }\n    process.env['PATH'] =\n      `${realBinPath}${path.delimiter}${process.env['PATH']}`\n  }\n  return binPath\n}\n","import process from 'node:process'\n\nimport spawn from '@npmcli/promise-spawn'\n\nimport { installLinks } from './link'\nimport constants from '../constants'\nimport { isLoglevelFlag, isProgressFlag } from '../utils/npm'\n\nconst {\n  SOCKET_CLI_SAFE_WRAPPER,\n  SOCKET_CLI_SENTRY_BUILD,\n  SOCKET_IPC_HANDSHAKE,\n  abortSignal\n} = constants\n\nexport default async function shadowBin(\n  binName: 'npm' | 'npx',\n  args = process.argv.slice(2)\n) {\n  process.exitCode = 1\n  const terminatorPos = args.indexOf('--')\n  const binArgs = (\n    terminatorPos === -1 ? args : args.slice(0, terminatorPos)\n  ).filter(a => !isProgressFlag(a))\n  const otherArgs = terminatorPos === -1 ? [] : args.slice(terminatorPos)\n  const spawnPromise = spawn(\n    // Lazily access constants.execPath.\n    constants.execPath,\n    [\n      // Lazily access constants.nodeNoWarningsFlags.\n      ...constants.nodeNoWarningsFlags,\n      // Lazily access constants.ENV[SOCKET_CLI_SENTRY_BUILD].\n      ...(constants.ENV[SOCKET_CLI_SENTRY_BUILD]\n        ? [\n            '--require',\n            // Lazily access constants.instrumentWithSentryPath.\n            constants.instrumentWithSentryPath\n          ]\n        : []),\n      '--require',\n      // Lazily access constants.npmInjectionPath.\n      constants.npmInjectionPath,\n      // Lazily access constants.shadowBinPath.\n      await installLinks(constants.shadowBinPath, binName),\n      // Add `--no-progress` and `--quiet` flags to fix input being swallowed by\n      // the spinner when running the command with recent versions of npm.\n      '--no-progress',\n      // Add the '--quiet' flag if a loglevel flag is not provided.\n      ...(binArgs.some(isLoglevelFlag) ? [] : ['--quiet']),\n      ...binArgs,\n      ...otherArgs\n    ],\n    {\n      signal: abortSignal,\n      // 'inherit' + 'ipc'\n      stdio: [0, 1, 2, 'ipc']\n    }\n  )\n  // See https://nodejs.org/api/all.html#all_child_process_event-exit.\n  spawnPromise.process.on('exit', (code, signalName) => {\n    if (abortSignal.aborted) {\n      return\n    }\n    if (signalName) {\n      process.kill(process.pid, signalName)\n    } else if (code !== null) {\n      process.exit(code)\n    }\n  })\n  spawnPromise.process.send({\n    [SOCKET_IPC_HANDSHAKE]: {\n      [SOCKET_CLI_SAFE_WRAPPER]: true\n    }\n  })\n  await spawnPromise\n}\n"],"names":["NPX","WIN32","process","abortSignal","constants","signal","spawnPromise"],"mappings":";;;;;;;;;;;;;;;;;;;AAaA;;AAAaA;AAAI;AAEV;AAIL;AACA;;AAEA;;AACQC;AAAM;AACd;;AAEE;AACF;;AAEA;;AAEE;AACE;AACE;;AAIJ;AACAC;AAEF;AACA;AACF;;AClCA;;;;AAIEC;AACF;AAEe;;AAKb;AACA;AAGA;;AAEE;;AAGE;;AAEA;;AAIM;AACAC;AAIN;AACAA;AACA;AACA;AACA;AACA;;AAEA;;AAMAC;AACA;;AAEF;AAEF;;;AAGI;AACF;AACA;;AAEA;AACEH;AACF;AACF;AACAI;AACE;AACE;AACF;AACF;AACA;AACF;;","debugId":"f578bd6f-82f7-4281-b443-42099e9e8c53"}

package/dist/module-sync/types.d.ts

@@ -0,0 +1,45 @@
+/// <reference types="npmcli__arborist" />
+import { SafeNode } from "./node.js";
+import { ReifyOptions } from '@npmcli/arborist';
+import { Options as ArboristOptions } from "@npmcli/arborist";
+import { Advisory as BaseAdvisory } from "@npmcli/arborist";
+import { Arborist as BaseArborist } from "@npmcli/arborist";
+import { AuditReport as BaseAuditReport } from "@npmcli/arborist";
+import { Diff as BaseDiff } from "@npmcli/arborist";
+type ArboristClass = ArboristInstance & {
+    new (...args: any): ArboristInstance;
+};
+type ArboristInstance = Omit<typeof BaseArborist, 'actualTree' | 'auditReport' | 'diff' | 'idealTree' | 'reify'> & {
+    auditReport?: AuditReportInstance | null | undefined;
+    actualTree?: SafeNode | null | undefined;
+    diff: Diff | null;
+    idealTree?: SafeNode | null | undefined;
+    reify(options?: ArboristReifyOptions): Promise<SafeNode>;
+};
+type ArboristReifyOptions = ReifyOptions & ArboristOptions;
+type AuditReportInstance = Omit<BaseAuditReport, 'report'> & {
+    report: {
+        [dependency: string]: AuditAdvisory[];
+    };
+};
+type AuditAdvisory = Omit<BaseAdvisory, 'id'> & {
+    id: number;
+    cwe: string[];
+    cvss: {
+        score: number;
+        vectorString: string;
+    };
+    vulnerable_versions: string;
+};
+type Diff = Omit<BaseDiff, 'actual' | 'children' | 'filterSet' | 'ideal' | 'leaves' | 'removed' | 'shrinkwrapInflated' | 'unchanged'> & {
+    actual: SafeNode;
+    children: Diff[];
+    filterSet: Set<SafeNode>;
+    ideal: SafeNode;
+    leaves: SafeNode[];
+    parent: Diff | null;
+    removed: SafeNode[];
+    shrinkwrapInflated: Set<SafeNode>;
+    unchanged: SafeNode[];
+};
+export { ArboristClass, ArboristInstance, ArboristReifyOptions, AuditReportInstance, AuditAdvisory, Diff };