@socketsecurity/cli 0.14.42 → 0.14.44

package/dist/module-sync/edge.d.ts

@@ -0,0 +1,66 @@
+/// <reference types="npmcli__arborist" />
+import { SafeNode } from "./node.js";
+import { SafeOverrideSet } from "./index.js";
+import { DependencyProblem } from '@npmcli/arborist';
+import { Edge as BaseEdge } from "@npmcli/arborist";
+type EdgeClass = Omit<BaseEdge, 'accept' | 'detach' | 'optional' | 'overrides' | 'peer' | 'peerConflicted' | 'rawSpec' | 'reload' | 'satisfiedBy' | 'spec' | 'to'> & {
+    optional: boolean;
+    overrides: SafeOverrideSet | undefined;
+    peer: boolean;
+    peerConflicted: boolean;
+    rawSpec: string;
+    get accept(): string | undefined;
+    get spec(): string;
+    get to(): SafeNode | null;
+    new (...args: any): EdgeClass;
+    detach(): void;
+    reload(hard?: boolean): void;
+    satisfiedBy(node: SafeNode): boolean;
+};
+type EdgeOptions = {
+    type: string;
+    name: string;
+    spec: string;
+    from: SafeNode;
+    accept?: string | undefined;
+    overrides?: SafeOverrideSet | undefined;
+    to?: SafeNode;
+};
+type ErrorStatus = DependencyProblem | 'OK';
+type Explanation = {
+    type: string;
+    name: string;
+    spec: string;
+    bundled: boolean;
+    overridden: boolean;
+    error: ErrorStatus | undefined;
+    rawSpec: string | undefined;
+    from: object | undefined;
+} | null;
+declare const Edge: EdgeClass;
+declare class SafeEdge extends Edge {
+    #private;
+    constructor(options: EdgeOptions);
+    get accept(): string | undefined;
+    get bundled(): boolean;
+    get error(): "DETACHED" | "MISSING" | "PEER LOCAL" | "INVALID" | null;
+    get from(): SafeNode | null;
+    get spec(): string;
+    get to(): SafeNode | null;
+    detach(): void;
+    // Return the edge data, and an explanation of how that edge came to be here.
+    // @ts-ignore: Edge#explain is defined with an unused `seen = []` param.
+    explain(): {
+        type: string;
+        name: string;
+        spec: string;
+        bundled: boolean;
+        overridden: boolean;
+        error: ErrorStatus | undefined;
+        rawSpec: string | undefined;
+        from: object | undefined;
+    };
+    reload(hard?: boolean): void;
+    satisfiedBy(node: SafeNode): boolean;
+}
+export { EdgeOptions, ErrorStatus, Explanation, Edge, SafeEdge };

package/dist/module-sync/errors.d.ts

@@ -1,9 +1,14 @@
 /// <reference types="node" />
+type EventHintOrCaptureContext = {
+    [key: string]: any;
+} | Function;
 declare class AuthError extends Error {
 }
 declare class InputError extends Error {
     body: string | undefined;
     constructor(message: string, body?: string);
 }
+declare function captureException(exception: unknown, hint?: EventHintOrCaptureContext | undefined): Promise<string>;
+declare function captureExceptionSync(exception: unknown, hint?: EventHintOrCaptureContext | undefined): string;
 declare function isErrnoException(value: unknown): value is NodeJS.ErrnoException;
-export { AuthError, InputError, isErrnoException };
+export { AuthError, InputError, captureException, captureExceptionSync, isErrnoException };

package/dist/module-sync/index.d.ts

@@ -0,0 +1,192 @@
+/// <reference types="node" />
+import { SafeEdge } from "./edge.js";
+import { SafeNode } from "./node.js";
+import indentString from "@socketregistry/indent-string/index.cjs";
+import { LogSymbols } from "./logging.js";
+import { SocketSdkResultType } from "@socketsecurity/sdk";
+import { Diff, ArboristClass } from "./types.js";
+import { ObjectEncodingOptions, OpenMode, PathLike } from "node:fs";
+import { promises as fs } from "node:fs";
+import { readFileSync as fsReadFileSync } from "node:fs";
+import { Abortable } from "node:events";
+import { FileHandle } from "node:fs/promises";
+import { kRiskyReify } from "./reify.js";
+interface OverrideSetClass {
+    children: Map<string, SafeOverrideSet>;
+    key: string | undefined;
+    keySpec: string | undefined;
+    name: string | undefined;
+    parent: SafeOverrideSet | undefined;
+    value: string | undefined;
+    version: string | undefined;
+    // eslint-disable-next-line @typescript-eslint/no-misused-new
+    new (...args: any[]): OverrideSetClass;
+    get isRoot(): boolean;
+    get ruleset(): Map<string, SafeOverrideSet>;
+    ancestry(): Generator<SafeOverrideSet>;
+    childrenAreEqual(otherOverrideSet: SafeOverrideSet | undefined): boolean;
+    getEdgeRule(edge: SafeEdge): SafeOverrideSet;
+    getNodeRule(node: SafeNode): SafeOverrideSet;
+    getMatchingRule(node: SafeNode): SafeOverrideSet | null;
+    isEqual(otherOverrideSet: SafeOverrideSet | undefined): boolean;
+}
+declare const OverrideSet: OverrideSetClass;
+// Implementation code not related to patch https://github.com/npm/cli/pull/7025
+// is based on https://github.com/npm/cli/blob/v11.0.0/workspaces/arborist/lib/override-set.js:
+declare class SafeOverrideSet extends OverrideSet {
+    // Patch adding doOverrideSetsConflict is based on
+    // https://github.com/npm/cli/pull/7025.
+    static doOverrideSetsConflict(first: SafeOverrideSet | undefined, second: SafeOverrideSet | undefined): boolean;
+    // Patch adding findSpecificOverrideSet is based on
+    // https://github.com/npm/cli/pull/7025.
+    static findSpecificOverrideSet(first: SafeOverrideSet | undefined, second: SafeOverrideSet | undefined): SafeOverrideSet | undefined;
+    // Patch adding childrenAreEqual is based on
+    // https://github.com/npm/cli/pull/7025.
+    childrenAreEqual(otherOverrideSet: SafeOverrideSet): boolean;
+    getEdgeRule(edge: SafeEdge): SafeOverrideSet;
+    // Patch adding isEqual is based on
+    // https://github.com/npm/cli/pull/7025.
+    isEqual(otherOverrideSet: SafeOverrideSet | undefined): boolean;
+}
+declare const depValid: (child: SafeNode, requested: string, accept: string | undefined, requester: SafeNode) => boolean;
+declare function getSocketDevAlertUrl(alertType: string): string;
+declare function getSocketDevPackageOverviewUrl(eco: string, name: string, version?: string): string;
+declare class ColorOrMarkdown {
+    useMarkdown: boolean;
+    constructor(useMarkdown: boolean);
+    bold(text: string): string;
+    header(text: string, level?: number): string;
+    hyperlink(text: string, url: string | undefined, { fallback, fallbackToUrl }?: {
+        fallback?: boolean;
+        fallbackToUrl?: boolean;
+    }): string;
+    indent(...args: Parameters<typeof indentString>): ReturnType<typeof indentString>;
+    italic(text: string): string;
+    json(value: any): string;
+    list(items: string[]): string;
+    get logSymbols(): LogSymbols;
+}
+type AlertUxLookup = ReturnType<typeof createAlertUXLookup>;
+type AlertUxLookupSettings = Parameters<AlertUxLookup>[0];
+type AlertUxLookupResult = ReturnType<AlertUxLookup>;
+type RuleActionUX = {
+    block: boolean;
+    display: boolean;
+};
+type SettingsType = (SocketSdkResultType<"postSettings"> & {
+    success: true;
+})["data"];
+declare function createAlertUXLookup(settings: SettingsType): (context: {
+    package: {
+        name: string;
+        version: string;
+    };
+    alert: {
+        type: string;
+    };
+}) => RuleActionUX;
+declare function uxLookup(settings: AlertUxLookupSettings): Promise<AlertUxLookupResult>;
+type CveAlertType = "cve" | "mediumCVE" | "mildCVE" | "criticalCVE";
+type ArtifactAlertCveFixable = Omit<SocketArtifactAlert, "props" | "title"> & {
+    type: CveAlertType;
+    props: {
+        firstPatchedVersionIdentifier: string;
+        vulnerableVersionRange: string;
+        [key: string]: any;
+    };
+};
+type ArtifactAlertFixable = ArtifactAlertCveFixable & {
+    type: CveAlertType | "socketUpgradeAvailable";
+};
+type SocketArtifactAlert = {
+    key: string;
+    type: string;
+    severity: string;
+    category: string;
+    action?: string;
+    actionPolicyIndex?: number;
+    file?: string;
+    props?: any;
+    start?: number;
+    end?: number;
+};
+type SocketArtifact = {
+    type: string;
+    name: string;
+    namespace?: string;
+    version?: string;
+    subpath?: string;
+    release?: string;
+    id?: string;
+    author?: string[];
+    license?: string;
+    licenseDetails?: {
+        spdxDisj: string;
+        provenance: string;
+        filepath: string;
+        match_strength: number;
+    }[];
+    licenseAttrib?: {
+        attribText: string;
+        attribData: {
+            purl: string;
+            foundInFilepath: string;
+            spdxExpr: string;
+            foundAuthors: string[];
+        }[];
+    }[];
+    score?: {
+        supplyChain: number;
+        quality: number;
+        maintenance: number;
+        vulnerability: number;
+        license: number;
+        overall: number;
+    };
+    alerts?: SocketArtifactAlert[];
+    size?: number;
+    batchIndex?: number;
+};
+declare function batchScan(pkgIds: string[], concurrencyLimit?: number): AsyncGenerator<SocketArtifact>;
+declare function isArtifactAlertCveFixable(alert: SocketArtifactAlert): alert is ArtifactAlertCveFixable;
+declare function isArtifactAlertUpgradeFixable(alert: SocketArtifactAlert): alert is ArtifactAlertFixable;
+declare function isArtifactAlertFixable(alert: SocketArtifactAlert): alert is ArtifactAlertFixable;
+type PackageDetail = {
+    node: SafeNode;
+    existing?: SafeNode | undefined;
+};
+type GetPackagesToQueryFromDiffOptions = {
+    includeUnchanged?: boolean;
+    includeUnknownOrigin?: boolean;
+};
+declare function getPackagesToQueryFromDiff(diff_: Diff | null, options?: GetPackagesToQueryFromDiffOptions): PackageDetail[];
+declare function findUp(name: string | string[], { cwd }: {
+    cwd: string;
+}): Promise<string | undefined>;
+type ReadFileOptions = ObjectEncodingOptions & Abortable & {
+    flag?: OpenMode | undefined;
+};
+declare function readFileBinary(filepath: PathLike | FileHandle, options?: ReadFileOptions): Promise<Buffer>;
+declare function readFileUtf8(filepath: PathLike | FileHandle, options?: ReadFileOptions): Promise<string>;
+declare function safeReadFile(...args: Parameters<typeof fs.readFile>): ReturnType<typeof fs.readFile> | undefined;
+declare function safeReadFileSync(...args: Parameters<typeof fsReadFileSync>): ReturnType<typeof fsReadFileSync> | undefined;
+declare const Arborist: ArboristClass;
+declare const kCtorArgs: unique symbol;
+declare const SAFE_ARBORIST_REIFY_OPTIONS_OVERRIDES: {
+    __proto__: null;
+    audit: boolean;
+    dryRun: boolean;
+    fund: boolean;
+    ignoreScripts: boolean;
+    progress: boolean;
+    save: boolean;
+    saveBundle: boolean;
+    silent: boolean;
+};
+declare class SafeArborist extends Arborist {
+    constructor(...ctorArgs: ConstructorParameters<ArboristClass>);
+    [kRiskyReify](...args: Parameters<InstanceType<ArboristClass>['reify']>): Promise<SafeNode>;
+    // @ts-ignore Incorrectly typed.
+    reify(this: SafeArborist, ...args: Parameters<InstanceType<ArboristClass>['reify']>): Promise<SafeNode>;
+}
+export { SafeOverrideSet, depValid, getSocketDevAlertUrl, getSocketDevPackageOverviewUrl, ColorOrMarkdown, createAlertUXLookup, uxLookup, CveAlertType, ArtifactAlertCveFixable, ArtifactAlertFixable, SocketArtifactAlert, SocketArtifact, batchScan, isArtifactAlertCveFixable, isArtifactAlertUpgradeFixable, isArtifactAlertFixable, PackageDetail, getPackagesToQueryFromDiff, findUp, ReadFileOptions, readFileBinary, readFileUtf8, safeReadFile, safeReadFileSync, Arborist, kCtorArgs, SAFE_ARBORIST_REIFY_OPTIONS_OVERRIDES, SafeArborist };