@socketsecurity/cli 0.14.92 → 0.14.94

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (8) hide show
  1. package/dist/module-sync/cli.js +36 -57
  2. package/dist/module-sync/cli.js.map +1 -1
  3. package/dist/module-sync/shadow-npm-inject.js +2 -2
  4. package/dist/module-sync/shadow-npm-inject.js.map +1 -1
  5. package/dist/require/cli.js +35 -56
  6. package/dist/require/cli.js.map +1 -1
  7. package/package.json +1 -1
  8. package/dist/module-sync/fs.d.ts +0 -61
package/dist/require/cli.js CHANGED
@@ -915,7 +915,7 @@ function emitBanner(name) {
915
915
  logger.logger.error(getAsciiHeader(name))
916
916
  }
917
917
  function getAsciiHeader(command) {
918
- const cliVersion = '0.14.92:5d5aa04:b37f17a4:pub' // The '@rollup/plugin-replace' will replace "process.env['INLINED_SOCKET_CLI_VERSION_HASH']".
918
+ const cliVersion = '0.14.94:8a54136:2ee6cb06:pub' // The '@rollup/plugin-replace' will replace "process.env['INLINED_SOCKET_CLI_VERSION_HASH']".
919
919
  const nodeVersion = process$1.version
920
920
  const apiToken = shadowNpmInject.getDefaultToken()
921
921
  const shownToken = apiToken ? getLastFiveOfApiToken(apiToken) : 'no'
@@ -3712,26 +3712,7 @@ const cmdDiffScan = {
3712
3712
  }
3713
3713
  }
3714
3714
 
3715
- const {
3716
- GITHUB_ACTIONS,
3717
- GITHUB_REF_NAME,
3718
- GITHUB_REPOSITORY,
3719
- SOCKET_SECURITY_GITHUB_PAT
3720
- } = constants
3721
- async function branchExists(branch, cwd = process.cwd()) {
3722
- try {
3723
- await spawn.spawn(
3724
- 'git',
3725
- ['show-ref', '--verify', '--quiet', `refs/heads/${branch}`],
3726
- {
3727
- cwd,
3728
- stdio: 'ignore'
3729
- }
3730
- )
3731
- return true
3732
- } catch {}
3733
- return false
3734
- }
3715
+ const { GITHUB_REF_NAME } = constants
3735
3716
  async function checkoutBaseBranchIfAvailable(baseBranch, cwd = process.cwd()) {
3736
3717
  try {
3737
3718
  await spawn.spawn('git', ['checkout', baseBranch], {
@@ -3747,6 +3728,21 @@ async function checkoutBaseBranchIfAvailable(baseBranch, cwd = process.cwd()) {
3747
3728
  )
3748
3729
  }
3749
3730
  }
3731
+ function getBaseBranch() {
3732
+ // Lazily access constants.ENV[GITHUB_REF_NAME].
3733
+ return (
3734
+ constants.ENV[GITHUB_REF_NAME] ??
3735
+ // GitHub defaults to branch name "main"
3736
+ // https://docs.github.com/en/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/about-branches#about-the-default-branch
3737
+ 'main'
3738
+ )
3739
+ }
3740
+ function getSocketBranchName(name, version) {
3741
+ return `socket-fix-${name}-${version.replace(/\./g, '-')}`
3742
+ }
3743
+
3744
+ const { GITHUB_ACTIONS, GITHUB_REPOSITORY, SOCKET_SECURITY_GITHUB_PAT } =
3745
+ constants
3750
3746
  let _octokit
3751
3747
  function getOctokit() {
3752
3748
  if (_octokit === undefined) {
@@ -3808,12 +3804,10 @@ function getGitHubRepoInfo() {
3808
3804
  repo: ownerSlashRepo.slice(slashIndex + 1)
3809
3805
  }
3810
3806
  }
3811
- function getSocketBranchName(name, version) {
3812
- return `socket-fix-${name}-${version.replace(/\./g, '-')}`
3813
- }
3814
3807
  async function openGitHubPullRequest(
3815
3808
  owner,
3816
3809
  repo,
3810
+ baseBranch,
3817
3811
  branch,
3818
3812
  name,
3819
3813
  version,
@@ -3826,42 +3820,17 @@ async function openGitHubPullRequest(
3826
3820
  if (!pat) {
3827
3821
  throw new Error('Missing SOCKET_SECURITY_GITHUB_PAT environment variable')
3828
3822
  }
3829
- const baseBranch =
3830
- // Lazily access constants.ENV[GITHUB_REF_NAME].
3831
- constants.ENV[GITHUB_REF_NAME] ??
3832
- // GitHub defaults to branch name "main"
3833
- // https://docs.github.com/en/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/about-branches#about-the-default-branch
3834
- 'main'
3835
3823
  const commitMsg = `chore: upgrade ${name} to ${version}`
3836
3824
  const url = `https://x-access-token:${pat}@github.com/${owner}/${repo}`
3837
3825
  await spawn.spawn('git', ['remote', 'set-url', 'origin', url], {
3838
3826
  cwd
3839
3827
  })
3840
- if (await branchExists(branch, cwd)) {
3841
- logger.logger.warn(
3842
- `Branch "${branch}" already exists. Skipping creation.`
3843
- )
3844
- } else {
3845
- await checkoutBaseBranchIfAvailable(baseBranch, cwd)
3846
- await spawn.spawn('git', ['checkout', '-b', branch], {
3847
- cwd
3848
- })
3849
- await spawn.spawn('git', ['add', 'package.json', 'pnpm-lock.yaml'], {
3850
- cwd
3851
- })
3852
- await spawn.spawn('git', ['commit', '-m', commitMsg], {
3853
- cwd
3854
- })
3855
- await spawn.spawn('git', ['push', '--set-upstream', 'origin', branch], {
3856
- cwd
3857
- })
3858
- }
3859
3828
  const octokit = getOctokit()
3860
3829
  return await octokit.pulls.create({
3861
3830
  owner,
3862
3831
  repo,
3863
3832
  title: commitMsg,
3864
- head: branch,
3833
+ head: `${owner}:${branch}`,
3865
3834
  base: baseBranch,
3866
3835
  body: `[socket] Upgrade \`${name}\` to ${version}`
3867
3836
  })
@@ -3980,6 +3949,12 @@ async function npmFix(
3980
3949
  : undefined)
3981
3950
  }
3982
3951
  spinner?.info(`Installing ${fixSpec}`)
3952
+ const { owner, repo } = getGitHubRepoInfo()
3953
+ const baseBranch = getBaseBranch()
3954
+ const branch = getSocketBranchName(name, targetVersion)
3955
+
3956
+ // eslint-disable-next-line no-await-in-loop
3957
+ await checkoutBaseBranchIfAvailable(baseBranch, cwd)
3983
3958
  let installed = false
3984
3959
  let saved = false
3985
3960
  try {
@@ -4025,8 +4000,6 @@ async function npmFix(
4025
4000
  spinner?.failAndStop(`Failed to fix ${oldSpec}`)
4026
4001
  return
4027
4002
  }
4028
- const { owner, repo } = getGitHubRepoInfo()
4029
- const branch = getSocketBranchName(name, targetVersion)
4030
4003
  if (
4031
4004
  // Lazily access constants.ENV[CI].
4032
4005
  constants.ENV[CI$1] &&
@@ -4039,6 +4012,7 @@ async function npmFix(
4039
4012
  prResponse = await openGitHubPullRequest(
4040
4013
  owner,
4041
4014
  repo,
4015
+ baseBranch,
4042
4016
  branch,
4043
4017
  name,
4044
4018
  targetVersion,
@@ -4411,6 +4385,12 @@ async function pnpmFix(
4411
4385
  : undefined)
4412
4386
  }
4413
4387
  spinner?.info(`Installing ${fixSpec}`)
4388
+ const { owner, repo } = getGitHubRepoInfo()
4389
+ const baseBranch = getBaseBranch()
4390
+ const branch = getSocketBranchName(name, targetVersion)
4391
+
4392
+ // eslint-disable-next-line no-await-in-loop
4393
+ await checkoutBaseBranchIfAvailable(baseBranch, cwd)
4414
4394
  let installed = false
4415
4395
  let saved = false
4416
4396
  try {
@@ -4457,8 +4437,6 @@ async function pnpmFix(
4457
4437
  spinner?.failAndStop(`Failed to fix ${oldSpec}`)
4458
4438
  return
4459
4439
  }
4460
- const { owner, repo } = getGitHubRepoInfo()
4461
- const branch = getSocketBranchName(name, targetVersion)
4462
4440
  if (
4463
4441
  // Lazily access constants.ENV[CI].
4464
4442
  constants.ENV[CI] &&
@@ -4471,6 +4449,7 @@ async function pnpmFix(
4471
4449
  prResponse = await openGitHubPullRequest(
4472
4450
  owner,
4473
4451
  repo,
4452
+ baseBranch,
4474
4453
  branch,
4475
4454
  name,
4476
4455
  targetVersion,
@@ -11377,7 +11356,7 @@ void (async () => {
11377
11356
  await vendor.updater({
11378
11357
  name: SOCKET_CLI_BIN_NAME,
11379
11358
  // The '@rollup/plugin-replace' will replace "process.env['INLINED_SOCKET_CLI_VERSION']".
11380
- version: '0.14.92',
11359
+ version: '0.14.94',
11381
11360
  ttl: 86_400_000 /* 24 hours in milliseconds */
11382
11361
  })
11383
11362
  try {
@@ -11445,5 +11424,5 @@ void (async () => {
11445
11424
  await shadowNpmInject.captureException(e)
11446
11425
  }
11447
11426
  })()
11448
- //# debugId=250a0889-ea75-4014-b465-519a0252e6fe
11427
+ //# debugId=b5886abf-7fa0-44b9-8bda-b2bec382b60d
11449
11428
  //# sourceMappingURL=cli.js.map