@socketsecurity/cli 0.14.93 → 0.14.95
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/constants.js +3 -3
- package/dist/constants.js.map +1 -1
- package/dist/module-sync/cli.js +177 -157
- package/dist/module-sync/cli.js.map +1 -1
- package/dist/module-sync/shadow-bin.js +3 -14
- package/dist/module-sync/shadow-bin.js.map +1 -1
- package/dist/module-sync/shadow-npm-inject.js +68 -59
- package/dist/module-sync/shadow-npm-inject.js.map +1 -1
- package/dist/module-sync/shadow-npm-paths.js +16 -29
- package/dist/module-sync/shadow-npm-paths.js.map +1 -1
- package/dist/module-sync/vendor.d.ts +0 -0
- package/dist/module-sync/vendor.js +85829 -12598
- package/dist/module-sync/vendor.js.map +1 -1
- package/dist/require/cli.js +159 -138
- package/dist/require/cli.js.map +1 -1
- package/dist/require/shadow-bin.d.ts +5 -0
- package/dist/require/shadow-bin.js +104 -1
- package/dist/require/shadow-bin.js.map +1 -0
- package/dist/require/shadow-npm-inject.d.ts +1 -0
- package/dist/require/shadow-npm-inject.js +2335 -1
- package/dist/require/shadow-npm-inject.js.map +1 -0
- package/dist/require/shadow-npm-paths.d.ts +29 -0
- package/dist/require/shadow-npm-paths.js +454 -1
- package/dist/require/shadow-npm-paths.js.map +1 -0
- package/package.json +29 -29
- package/dist/blessed/lib/alias.js +0 -521
- package/dist/blessed/lib/blessed.js +0 -34
- package/dist/blessed/lib/colors.js +0 -492
- package/dist/blessed/lib/events.js +0 -197
- package/dist/blessed/lib/gpmclient.js +0 -247
- package/dist/blessed/lib/helpers.js +0 -172
- package/dist/blessed/lib/keys.js +0 -514
- package/dist/blessed/lib/program.js +0 -4532
- package/dist/blessed/lib/tput.js +0 -3113
- package/dist/blessed/lib/unicode.js +0 -914
- package/dist/blessed/lib/widget.js +0 -62
- package/dist/blessed/lib/widgets/ansiimage.js +0 -175
- package/dist/blessed/lib/widgets/bigtext.js +0 -172
- package/dist/blessed/lib/widgets/box.js +0 -36
- package/dist/blessed/lib/widgets/button.js +0 -64
- package/dist/blessed/lib/widgets/checkbox.js +0 -97
- package/dist/blessed/lib/widgets/element.js +0 -2873
- package/dist/blessed/lib/widgets/filemanager.js +0 -225
- package/dist/blessed/lib/widgets/form.js +0 -303
- package/dist/blessed/lib/widgets/image.js +0 -73
- package/dist/blessed/lib/widgets/input.js +0 -36
- package/dist/blessed/lib/widgets/layout.js +0 -251
- package/dist/blessed/lib/widgets/line.js +0 -61
- package/dist/blessed/lib/widgets/list.js +0 -654
- package/dist/blessed/lib/widgets/listbar.js +0 -454
- package/dist/blessed/lib/widgets/listtable.js +0 -267
- package/dist/blessed/lib/widgets/loading.js +0 -90
- package/dist/blessed/lib/widgets/log.js +0 -84
- package/dist/blessed/lib/widgets/message.js +0 -147
- package/dist/blessed/lib/widgets/node.js +0 -315
- package/dist/blessed/lib/widgets/overlayimage.js +0 -796
- package/dist/blessed/lib/widgets/progressbar.js +0 -168
- package/dist/blessed/lib/widgets/prompt.js +0 -129
- package/dist/blessed/lib/widgets/question.js +0 -131
- package/dist/blessed/lib/widgets/radiobutton.js +0 -64
- package/dist/blessed/lib/widgets/radioset.js +0 -38
- package/dist/blessed/lib/widgets/screen.js +0 -2487
- package/dist/blessed/lib/widgets/scrollablebox.js +0 -417
- package/dist/blessed/lib/widgets/scrollabletext.js +0 -37
- package/dist/blessed/lib/widgets/table.js +0 -385
- package/dist/blessed/lib/widgets/terminal.js +0 -454
- package/dist/blessed/lib/widgets/text.js +0 -37
- package/dist/blessed/lib/widgets/textarea.js +0 -378
- package/dist/blessed/lib/widgets/textbox.js +0 -81
- package/dist/blessed/lib/widgets/video.js +0 -132
- package/dist/blessed/usr/fonts/AUTHORS +0 -1
- package/dist/blessed/usr/fonts/LICENSE +0 -94
- package/dist/blessed/usr/fonts/README +0 -340
- package/dist/blessed/usr/fonts/ter-u14b.json +0 -17826
- package/dist/blessed/usr/fonts/ter-u14n.json +0 -17826
- package/dist/blessed/usr/linux +0 -0
- package/dist/blessed/usr/windows-ansi +0 -0
- package/dist/blessed/usr/xterm +0 -0
- package/dist/blessed/usr/xterm-256color +0 -0
- package/dist/blessed/usr/xterm.termcap +0 -243
- package/dist/blessed/usr/xterm.terminfo +0 -1977
- package/dist/blessed/vendor/tng.js +0 -1878
package/dist/require/cli.js
CHANGED
|
@@ -12,54 +12,38 @@ function _socketInterop(e) {
|
|
|
12
12
|
}
|
|
13
13
|
|
|
14
14
|
const process$1 = require('node:process')
|
|
15
|
-
const require$$0 = require('node:url')
|
|
16
|
-
const ponyCause = _socketInterop(require('pony-cause'))
|
|
15
|
+
const require$$0$2 = require('node:url')
|
|
17
16
|
const vendor = require('./vendor.js')
|
|
18
17
|
const debug = require('@socketsecurity/registry/lib/debug')
|
|
19
18
|
const logger = require('@socketsecurity/registry/lib/logger')
|
|
20
19
|
const assert = require('node:assert')
|
|
21
20
|
const fs = require('node:fs/promises')
|
|
22
|
-
const commonTags = _socketInterop(require('common-tags'))
|
|
23
21
|
const strings = require('@socketsecurity/registry/lib/strings')
|
|
24
22
|
const shadowNpmInject = require('./shadow-npm-inject.js')
|
|
25
23
|
const constants = require('./constants.js')
|
|
26
|
-
const colors = _socketInterop(require('yoctocolors-cjs'))
|
|
27
24
|
const path$1 = require('node:path')
|
|
28
25
|
const objects = require('@socketsecurity/registry/lib/objects')
|
|
29
26
|
const path = require('@socketsecurity/registry/lib/path')
|
|
30
27
|
const regexps = require('@socketsecurity/registry/lib/regexps')
|
|
31
|
-
const yargsParse = _socketInterop(require('yargs-parser'))
|
|
32
28
|
const words = require('@socketsecurity/registry/lib/words')
|
|
33
|
-
const
|
|
29
|
+
const require$$0 = require('node:fs')
|
|
34
30
|
const shadowBin = require('./shadow-bin.js')
|
|
35
31
|
const prompts = require('@socketsecurity/registry/lib/prompts')
|
|
36
32
|
const shadowNpmPaths = require('./shadow-npm-paths.js')
|
|
37
|
-
const chalkTable = _socketInterop(require('chalk-table'))
|
|
38
33
|
const require$$0$1 = require('node:util')
|
|
39
|
-
const terminalLink = _socketInterop(require('terminal-link'))
|
|
40
34
|
const arrays = require('@socketsecurity/registry/lib/arrays')
|
|
41
35
|
const registry = require('@socketsecurity/registry')
|
|
42
36
|
const npm = require('@socketsecurity/registry/lib/npm')
|
|
43
37
|
const packages = require('@socketsecurity/registry/lib/packages')
|
|
44
38
|
const spawn = require('@socketsecurity/registry/lib/spawn')
|
|
45
|
-
const lockfile_fs = _socketInterop(require('@pnpm/lockfile.fs'))
|
|
46
|
-
const lockfile_detectDepTypes = _socketInterop(
|
|
47
|
-
require('@pnpm/lockfile.detect-dep-types')
|
|
48
|
-
)
|
|
49
|
-
const browserslist = _socketInterop(require('browserslist'))
|
|
50
|
-
const semver = _socketInterop(require('semver'))
|
|
51
|
-
const which = _socketInterop(require('which'))
|
|
52
39
|
const index_cjs = require('@socketregistry/hyrious__bun.lockb/index.cjs')
|
|
53
40
|
const sorts = require('@socketsecurity/registry/lib/sorts')
|
|
54
41
|
const registryConstants = require('@socketsecurity/registry/lib/constants')
|
|
55
42
|
const isInteractive = require('@socketregistry/is-interactive/index.cjs')
|
|
56
|
-
const npa = _socketInterop(require('npm-package-arg'))
|
|
57
|
-
const tinyglobby = _socketInterop(require('tinyglobby'))
|
|
58
43
|
const promises = require('@socketsecurity/registry/lib/promises')
|
|
59
|
-
const yaml = _socketInterop(require('yaml'))
|
|
60
44
|
|
|
61
45
|
function failMsgWithBadge(badge, msg) {
|
|
62
|
-
return `${
|
|
46
|
+
return `${vendor.yoctocolorsCjsExports.bgRed(vendor.yoctocolorsCjsExports.bold(vendor.yoctocolorsCjsExports.white(` ${badge}: `)))} ${vendor.yoctocolorsCjsExports.bold(msg)}`
|
|
63
47
|
}
|
|
64
48
|
|
|
65
49
|
function handleUnsuccessfulApiResponse(_name, sockSdkError) {
|
|
@@ -362,7 +346,7 @@ function renderJson(data) {
|
|
|
362
346
|
}
|
|
363
347
|
}
|
|
364
348
|
function renderMarkdown(data, days, repoSlug) {
|
|
365
|
-
return
|
|
349
|
+
return vendor.stripIndents`
|
|
366
350
|
# Socket Alert Analytics
|
|
367
351
|
|
|
368
352
|
These are the Socket.dev stats are analytics for the ${repoSlug ? `${repoSlug} repo` : 'org'} of the past ${days} days
|
|
@@ -402,7 +386,7 @@ ${[
|
|
|
402
386
|
]
|
|
403
387
|
]
|
|
404
388
|
.map(
|
|
405
|
-
([title, table]) =>
|
|
389
|
+
([title, table]) => vendor.stripIndents`
|
|
406
390
|
## ${title}
|
|
407
391
|
|
|
408
392
|
${table}
|
|
@@ -681,7 +665,7 @@ function handleBadInput(...checks) {
|
|
|
681
665
|
// If the message has newlines then format the first line with the input
|
|
682
666
|
// expectation and teh rest indented below it
|
|
683
667
|
msg.push(
|
|
684
|
-
` - ${lines[0]} (${d.test ?
|
|
668
|
+
` - ${lines[0]} (${d.test ? vendor.yoctocolorsCjsExports.green(d.pass) : vendor.yoctocolorsCjsExports.red(d.fail)})`
|
|
685
669
|
)
|
|
686
670
|
if (lines.length > 1) {
|
|
687
671
|
msg.push(...lines.slice(1).map(str => ` ${str}`))
|
|
@@ -915,7 +899,7 @@ function emitBanner(name) {
|
|
|
915
899
|
logger.logger.error(getAsciiHeader(name))
|
|
916
900
|
}
|
|
917
901
|
function getAsciiHeader(command) {
|
|
918
|
-
const cliVersion = '0.14.
|
|
902
|
+
const cliVersion = '0.14.95:3360fca:4844779e:pub' // The '@rollup/plugin-replace' will replace "process.env['INLINED_SOCKET_CLI_VERSION_HASH']".
|
|
919
903
|
const nodeVersion = process$1.version
|
|
920
904
|
const apiToken = shadowNpmInject.getDefaultToken()
|
|
921
905
|
const shownToken = apiToken ? getLastFiveOfApiToken(apiToken) : 'no'
|
|
@@ -1361,9 +1345,9 @@ async function runCycloneDX(yargvWithYes) {
|
|
|
1361
1345
|
if (
|
|
1362
1346
|
yargv.type !== YARN$1 &&
|
|
1363
1347
|
nodejsPlatformTypes.has(yargv.type) &&
|
|
1364
|
-
|
|
1348
|
+
require$$0.existsSync(`./${YARN_LOCK}`)
|
|
1365
1349
|
) {
|
|
1366
|
-
if (
|
|
1350
|
+
if (require$$0.existsSync(`./${PACKAGE_LOCK_JSON}`)) {
|
|
1367
1351
|
yargv.type = NPM$g
|
|
1368
1352
|
} else {
|
|
1369
1353
|
// Use synp to create a package-lock.json from the yarn.lock,
|
|
@@ -1389,12 +1373,14 @@ async function runCycloneDX(yargvWithYes) {
|
|
|
1389
1373
|
])
|
|
1390
1374
|
if (cleanupPackageLock) {
|
|
1391
1375
|
try {
|
|
1392
|
-
await
|
|
1376
|
+
await require$$0.promises.rm(`./${PACKAGE_LOCK_JSON}`)
|
|
1393
1377
|
} catch {}
|
|
1394
1378
|
}
|
|
1395
1379
|
const fullOutputPath = path$1.join(process$1.cwd(), yargv.output)
|
|
1396
|
-
if (
|
|
1397
|
-
logger.logger.log(
|
|
1380
|
+
if (require$$0.existsSync(fullOutputPath)) {
|
|
1381
|
+
logger.logger.log(
|
|
1382
|
+
vendor.yoctocolorsCjsExports.cyanBright(`${yargv.output} created!`)
|
|
1383
|
+
)
|
|
1398
1384
|
}
|
|
1399
1385
|
}
|
|
1400
1386
|
function argvToArray(argv) {
|
|
@@ -1597,7 +1583,7 @@ async function run$I(argv, importMeta, { parentName }) {
|
|
|
1597
1583
|
|
|
1598
1584
|
// TODO: Convert to meow.
|
|
1599
1585
|
const yargv = {
|
|
1600
|
-
...
|
|
1586
|
+
...vendor.yargsParser(argv, yargsConfig)
|
|
1601
1587
|
}
|
|
1602
1588
|
const unknown = yargv._
|
|
1603
1589
|
const { length: unknownLength } = unknown
|
|
@@ -2332,7 +2318,9 @@ async function outputCreateNewScan(data, outputKind) {
|
|
|
2332
2318
|
logger.logger.log('')
|
|
2333
2319
|
return
|
|
2334
2320
|
}
|
|
2335
|
-
const link =
|
|
2321
|
+
const link = vendor.yoctocolorsCjsExports.underline(
|
|
2322
|
+
vendor.yoctocolorsCjsExports.cyan(`${data.html_report_url}`)
|
|
2323
|
+
)
|
|
2336
2324
|
logger.logger.log(`Available at: ${link}`)
|
|
2337
2325
|
if (
|
|
2338
2326
|
await prompts.confirm({
|
|
@@ -3327,35 +3315,35 @@ async function outputDependencies(data, { limit, offset, outputKind }) {
|
|
|
3327
3315
|
columns: [
|
|
3328
3316
|
{
|
|
3329
3317
|
field: 'namespace',
|
|
3330
|
-
name:
|
|
3318
|
+
name: vendor.yoctocolorsCjsExports.cyan('Namespace')
|
|
3331
3319
|
},
|
|
3332
3320
|
{
|
|
3333
3321
|
field: 'name',
|
|
3334
|
-
name:
|
|
3322
|
+
name: vendor.yoctocolorsCjsExports.cyan('Name')
|
|
3335
3323
|
},
|
|
3336
3324
|
{
|
|
3337
3325
|
field: 'version',
|
|
3338
|
-
name:
|
|
3326
|
+
name: vendor.yoctocolorsCjsExports.cyan('Version')
|
|
3339
3327
|
},
|
|
3340
3328
|
{
|
|
3341
3329
|
field: 'repository',
|
|
3342
|
-
name:
|
|
3330
|
+
name: vendor.yoctocolorsCjsExports.cyan('Repository')
|
|
3343
3331
|
},
|
|
3344
3332
|
{
|
|
3345
3333
|
field: 'branch',
|
|
3346
|
-
name:
|
|
3334
|
+
name: vendor.yoctocolorsCjsExports.cyan('Branch')
|
|
3347
3335
|
},
|
|
3348
3336
|
{
|
|
3349
3337
|
field: 'type',
|
|
3350
|
-
name:
|
|
3338
|
+
name: vendor.yoctocolorsCjsExports.cyan('Type')
|
|
3351
3339
|
},
|
|
3352
3340
|
{
|
|
3353
3341
|
field: 'direct',
|
|
3354
|
-
name:
|
|
3342
|
+
name: vendor.yoctocolorsCjsExports.cyan('Direct')
|
|
3355
3343
|
}
|
|
3356
3344
|
]
|
|
3357
3345
|
}
|
|
3358
|
-
logger.logger.log(
|
|
3346
|
+
logger.logger.log(vendor.srcExports(options, data.rows))
|
|
3359
3347
|
}
|
|
3360
3348
|
|
|
3361
3349
|
async function handleDependencies({ limit, offset, outputKind }) {
|
|
@@ -3482,7 +3470,7 @@ async function fetchDiffScan({ after, before, orgSlug }) {
|
|
|
3482
3470
|
async function outputDiffScan(result, { depth, file, outputKind }) {
|
|
3483
3471
|
const dashboardUrl = result.diff_report_url
|
|
3484
3472
|
const dashboardMessage = dashboardUrl
|
|
3485
|
-
? `\n View this diff scan in the Socket dashboard: ${
|
|
3473
|
+
? `\n View this diff scan in the Socket dashboard: ${vendor.yoctocolorsCjsExports.cyan(dashboardUrl)}`
|
|
3486
3474
|
: ''
|
|
3487
3475
|
|
|
3488
3476
|
// When forcing json, or dumping to file, serialize to string such that it
|
|
@@ -3501,7 +3489,7 @@ async function outputDiffScan(result, { depth, file, outputKind }) {
|
|
|
3501
3489
|
}
|
|
3502
3490
|
if (file && file !== '-') {
|
|
3503
3491
|
logger.logger.log(`Writing json to \`${file}\``)
|
|
3504
|
-
|
|
3492
|
+
require$$0.writeFile(file, JSON.stringify(result, null, 2), err => {
|
|
3505
3493
|
if (err) {
|
|
3506
3494
|
logger.logger.fail(`Writing to \`${file}\` failed...`)
|
|
3507
3495
|
logger.logger.error(err)
|
|
@@ -3830,7 +3818,7 @@ async function openGitHubPullRequest(
|
|
|
3830
3818
|
owner,
|
|
3831
3819
|
repo,
|
|
3832
3820
|
title: commitMsg,
|
|
3833
|
-
head: branch
|
|
3821
|
+
head: `${owner}:${branch}`,
|
|
3834
3822
|
base: baseBranch,
|
|
3835
3823
|
body: `[socket] Upgrade \`${name}\` to ${version}`
|
|
3836
3824
|
})
|
|
@@ -4058,7 +4046,7 @@ async function getAlertsMapFromPnpmLockfile(lockfile, options_) {
|
|
|
4058
4046
|
...options.include
|
|
4059
4047
|
}
|
|
4060
4048
|
const { spinner } = options
|
|
4061
|
-
const depTypes =
|
|
4049
|
+
const depTypes = vendor.libExports$2.detectDepTypes(lockfile)
|
|
4062
4050
|
const pkgIds = Object.keys(depTypes)
|
|
4063
4051
|
let { length: remaining } = pkgIds
|
|
4064
4052
|
const alertsByPkgId = new Map()
|
|
@@ -4260,7 +4248,7 @@ async function pnpmFix(
|
|
|
4260
4248
|
pkgEnvDetails,
|
|
4261
4249
|
{ autoMerge, cwd, rangeStyle, spinner, test, testScript }
|
|
4262
4250
|
) {
|
|
4263
|
-
const lockfile = await
|
|
4251
|
+
const lockfile = await vendor.libExports$3.readWantedLockfile(cwd, {
|
|
4264
4252
|
ignoreIncompatible: false
|
|
4265
4253
|
})
|
|
4266
4254
|
if (!lockfile) {
|
|
@@ -4509,7 +4497,7 @@ const binByAgent = new Map([
|
|
|
4509
4497
|
async function getAgentExecPath(agent) {
|
|
4510
4498
|
const binName = binByAgent.get(agent)
|
|
4511
4499
|
return (
|
|
4512
|
-
(await
|
|
4500
|
+
(await vendor.libExports$1(binName, {
|
|
4513
4501
|
nothrow: true
|
|
4514
4502
|
})) ?? binName
|
|
4515
4503
|
)
|
|
@@ -4521,7 +4509,7 @@ async function getAgentVersion(agentExecPath, cwd) {
|
|
|
4521
4509
|
// Coerce version output into a valid semver version by passing it through
|
|
4522
4510
|
// semver.coerce which strips leading v's, carets (^), comparators (<,<=,>,>=,=),
|
|
4523
4511
|
// and tildes (~).
|
|
4524
|
-
|
|
4512
|
+
vendor.semverExports.coerce(
|
|
4525
4513
|
// All package managers support the "--version" flag.
|
|
4526
4514
|
(
|
|
4527
4515
|
await spawn.spawn(agentExecPath, ['--version'], {
|
|
@@ -4615,7 +4603,7 @@ async function detectPackageEnvironment({
|
|
|
4615
4603
|
cwd
|
|
4616
4604
|
})
|
|
4617
4605
|
const pkgPath =
|
|
4618
|
-
pkgJsonPath &&
|
|
4606
|
+
pkgJsonPath && require$$0.existsSync(pkgJsonPath)
|
|
4619
4607
|
? path$1.dirname(pkgJsonPath)
|
|
4620
4608
|
: undefined
|
|
4621
4609
|
const editablePkgJson = pkgPath
|
|
@@ -4669,7 +4657,7 @@ async function detectPackageEnvironment({
|
|
|
4669
4657
|
// Lazily access constants.minimumVersionByAgent.
|
|
4670
4658
|
const minSupportedAgentVersion = constants.minimumVersionByAgent.get(agent)
|
|
4671
4659
|
const minSupportedNodeVersion = maintainedNodeVersions.last
|
|
4672
|
-
const nodeVersion =
|
|
4660
|
+
const nodeVersion = vendor.semverExports.coerce(process$1.version)
|
|
4673
4661
|
let lockSrc
|
|
4674
4662
|
let pkgAgentRange
|
|
4675
4663
|
let pkgNodeRange
|
|
@@ -4683,8 +4671,8 @@ async function detectPackageEnvironment({
|
|
|
4683
4671
|
pkgAgentRange = engineAgentRange
|
|
4684
4672
|
// Roughly check agent range as semver.coerce will strip leading
|
|
4685
4673
|
// v's, carets (^), comparators (<,<=,>,>=,=), and tildes (~).
|
|
4686
|
-
const coerced =
|
|
4687
|
-
if (coerced &&
|
|
4674
|
+
const coerced = vendor.semverExports.coerce(pkgAgentRange)
|
|
4675
|
+
if (coerced && vendor.semverExports.lt(coerced, pkgMinAgentVersion)) {
|
|
4688
4676
|
pkgMinAgentVersion = coerced.version
|
|
4689
4677
|
}
|
|
4690
4678
|
}
|
|
@@ -4692,22 +4680,23 @@ async function detectPackageEnvironment({
|
|
|
4692
4680
|
pkgNodeRange = engineNodeRange
|
|
4693
4681
|
// Roughly check Node range as semver.coerce will strip leading
|
|
4694
4682
|
// v's, carets (^), comparators (<,<=,>,>=,=), and tildes (~).
|
|
4695
|
-
const coerced =
|
|
4696
|
-
if (coerced &&
|
|
4683
|
+
const coerced = vendor.semverExports.coerce(pkgNodeRange)
|
|
4684
|
+
if (coerced && vendor.semverExports.lt(coerced, pkgMinNodeVersion)) {
|
|
4697
4685
|
pkgMinNodeVersion = coerced.version
|
|
4698
4686
|
}
|
|
4699
4687
|
}
|
|
4700
4688
|
const browserslistQuery = pkgJson['browserslist']
|
|
4701
4689
|
if (Array.isArray(browserslistQuery)) {
|
|
4702
4690
|
// List Node targets in ascending version order.
|
|
4703
|
-
const browserslistNodeTargets =
|
|
4691
|
+
const browserslistNodeTargets = vendor
|
|
4692
|
+
.browserslistExports(browserslistQuery)
|
|
4704
4693
|
.filter(v => /^node /i.test(v))
|
|
4705
4694
|
.map(v => v.slice(5 /*'node '.length*/))
|
|
4706
4695
|
.sort(sorts.naturalCompare)
|
|
4707
4696
|
if (browserslistNodeTargets.length) {
|
|
4708
4697
|
// browserslistNodeTargets[0] is the lowest Node target version.
|
|
4709
|
-
const coerced =
|
|
4710
|
-
if (coerced &&
|
|
4698
|
+
const coerced = vendor.semverExports.coerce(browserslistNodeTargets[0])
|
|
4699
|
+
if (coerced && vendor.semverExports.lt(coerced, pkgMinNodeVersion)) {
|
|
4711
4700
|
pkgMinNodeVersion = coerced.version
|
|
4712
4701
|
}
|
|
4713
4702
|
}
|
|
@@ -4723,17 +4712,20 @@ async function detectPackageEnvironment({
|
|
|
4723
4712
|
// Does the system agent version meet our minimum supported agent version?
|
|
4724
4713
|
const agentSupported =
|
|
4725
4714
|
!!agentVersion &&
|
|
4726
|
-
|
|
4715
|
+
vendor.semverExports.satisfies(
|
|
4716
|
+
agentVersion,
|
|
4717
|
+
`>=${minSupportedAgentVersion}`
|
|
4718
|
+
)
|
|
4727
4719
|
|
|
4728
4720
|
// Does the system Node version meet our minimum supported Node version?
|
|
4729
|
-
const nodeSupported =
|
|
4721
|
+
const nodeSupported = vendor.semverExports.satisfies(
|
|
4730
4722
|
nodeVersion,
|
|
4731
4723
|
`>=${minSupportedNodeVersion}`
|
|
4732
4724
|
)
|
|
4733
4725
|
const npmBuggyOverrides =
|
|
4734
4726
|
agent === NPM$b &&
|
|
4735
4727
|
!!agentVersion &&
|
|
4736
|
-
|
|
4728
|
+
vendor.semverExports.lt(agentVersion, NPM_BUGGY_OVERRIDES_PATCHED_VERSION$1)
|
|
4737
4729
|
return {
|
|
4738
4730
|
agent,
|
|
4739
4731
|
agentExecPath,
|
|
@@ -4756,13 +4748,13 @@ async function detectPackageEnvironment({
|
|
|
4756
4748
|
},
|
|
4757
4749
|
pkgSupports: {
|
|
4758
4750
|
// Does our minimum supported agent version meet the package's requirements?
|
|
4759
|
-
agent:
|
|
4751
|
+
agent: vendor.semverExports.satisfies(
|
|
4760
4752
|
minSupportedAgentVersion,
|
|
4761
4753
|
`>=${pkgMinAgentVersion}`
|
|
4762
4754
|
),
|
|
4763
4755
|
// Does our supported Node versions meet the package's requirements?
|
|
4764
4756
|
node: maintainedNodeVersions.some(v =>
|
|
4765
|
-
|
|
4757
|
+
vendor.semverExports.satisfies(v, `>=${pkgMinNodeVersion}`)
|
|
4766
4758
|
)
|
|
4767
4759
|
}
|
|
4768
4760
|
}
|
|
@@ -4910,12 +4902,12 @@ const config$z = {
|
|
|
4910
4902
|
autoMerge: {
|
|
4911
4903
|
type: 'boolean',
|
|
4912
4904
|
default: false,
|
|
4913
|
-
description: `Enable auto-merge for pull requests that Socket opens.\n See ${
|
|
4905
|
+
description: `Enable auto-merge for pull requests that Socket opens.\n See ${vendor.terminalLinkExports('GitHub documentation', 'https://docs.github.com/en/repositories/configuring-branches-and-merges-in-your-repository/configuring-pull-request-merges/managing-auto-merge-for-pull-requests-in-your-repository')} for managing auto-merge for pull requests in your repository.`
|
|
4914
4906
|
},
|
|
4915
4907
|
rangeStyle: {
|
|
4916
4908
|
type: 'string',
|
|
4917
4909
|
default: 'preserve',
|
|
4918
|
-
description:
|
|
4910
|
+
description: vendor.stripIndent`
|
|
4919
4911
|
Define how updated dependency versions should be written in package.json.
|
|
4920
4912
|
Available styles:
|
|
4921
4913
|
* caret - Use ^ range for compatible updates (e.g. ^1.2.3)
|
|
@@ -5024,11 +5016,11 @@ async function fetchPackageInfo(pkgName, pkgVersion, includeAllIssues) {
|
|
|
5024
5016
|
const { NPM: NPM$9 } = registryConstants
|
|
5025
5017
|
function formatScore$1(score) {
|
|
5026
5018
|
if (score > 80) {
|
|
5027
|
-
return
|
|
5019
|
+
return vendor.yoctocolorsCjsExports.green(`${score}`)
|
|
5028
5020
|
} else if (score < 80 && score > 60) {
|
|
5029
|
-
return
|
|
5021
|
+
return vendor.yoctocolorsCjsExports.yellow(`${score}`)
|
|
5030
5022
|
}
|
|
5031
|
-
return
|
|
5023
|
+
return vendor.yoctocolorsCjsExports.red(`${score}`)
|
|
5032
5024
|
}
|
|
5033
5025
|
function outputPackageIssuesDetails(packageData, outputMarkdown) {
|
|
5034
5026
|
const issueDetails = packageData.filter(
|
|
@@ -5076,7 +5068,7 @@ function outputPackageInfo(
|
|
|
5076
5068
|
return
|
|
5077
5069
|
}
|
|
5078
5070
|
if (outputKind === 'markdown') {
|
|
5079
|
-
logger.logger.log(
|
|
5071
|
+
logger.logger.log(vendor.stripIndents`
|
|
5080
5072
|
# Package report for ${pkgName}
|
|
5081
5073
|
|
|
5082
5074
|
Package report card:
|
|
@@ -5133,8 +5125,8 @@ function outputPackageInfo(
|
|
|
5133
5125
|
}
|
|
5134
5126
|
if (outputKind !== 'markdown') {
|
|
5135
5127
|
logger.logger.log(
|
|
5136
|
-
|
|
5137
|
-
`\nOr rerun ${
|
|
5128
|
+
vendor.yoctocolorsCjsExports.dim(
|
|
5129
|
+
`\nOr rerun ${vendor.yoctocolorsCjsExports.italic(commandName)} using the ${vendor.yoctocolorsCjsExports.italic('--json')} flag to get full JSON output`
|
|
5138
5130
|
)
|
|
5139
5131
|
)
|
|
5140
5132
|
} else {
|
|
@@ -5265,7 +5257,7 @@ async function attemptLogin(apiBaseUrl, apiProxy) {
|
|
|
5265
5257
|
apiProxy ??= shadowNpmInject.getConfigValue('apiProxy') ?? undefined
|
|
5266
5258
|
const apiToken =
|
|
5267
5259
|
(await prompts.password({
|
|
5268
|
-
message: `Enter your ${
|
|
5260
|
+
message: `Enter your ${vendor.terminalLinkExports('Socket.dev API key', 'https://docs.socket.dev/docs/api-keys')} (leave blank for a public key)`
|
|
5269
5261
|
})) || SOCKET_PUBLIC_API_TOKEN
|
|
5270
5262
|
// Lazily access constants.spinner.
|
|
5271
5263
|
const { spinner } = constants
|
|
@@ -6011,7 +6003,7 @@ async function run$t(argv, importMeta, { parentName }) {
|
|
|
6011
6003
|
subArgs.push('--verbose')
|
|
6012
6004
|
}
|
|
6013
6005
|
const dir = cwd
|
|
6014
|
-
if (
|
|
6006
|
+
if (require$$0.existsSync(path$1.join(dir, 'build.sbt'))) {
|
|
6015
6007
|
logger.logger.log(
|
|
6016
6008
|
'Detected a Scala sbt build, running default Scala generator...'
|
|
6017
6009
|
)
|
|
@@ -6028,7 +6020,7 @@ async function run$t(argv, importMeta, { parentName }) {
|
|
|
6028
6020
|
})
|
|
6029
6021
|
return
|
|
6030
6022
|
}
|
|
6031
|
-
if (
|
|
6023
|
+
if (require$$0.existsSync(path$1.join(dir, 'gradlew'))) {
|
|
6032
6024
|
logger.logger.log(
|
|
6033
6025
|
'Detected a gradle build, running default gradle generator...'
|
|
6034
6026
|
)
|
|
@@ -6542,7 +6534,7 @@ async function getWorkspaceGlobs(agent, pkgPath, editablePkgJson) {
|
|
|
6542
6534
|
const yml = await shadowNpmInject.safeReadFile(workspacePath)
|
|
6543
6535
|
if (yml) {
|
|
6544
6536
|
try {
|
|
6545
|
-
workspacePatterns =
|
|
6537
|
+
workspacePatterns = vendor.distExports$1.parse(yml)?.packages
|
|
6546
6538
|
} catch {}
|
|
6547
6539
|
if (workspacePatterns) {
|
|
6548
6540
|
break
|
|
@@ -7012,10 +7004,10 @@ async function addOverrides(pkgPath, pkgEnvDetails, options) {
|
|
|
7012
7004
|
const depAliasMap = new Map()
|
|
7013
7005
|
const depEntries = getDependencyEntries(editablePkgJson)
|
|
7014
7006
|
const manifestEntries = manifestNpmOverrides.filter(({ 1: data }) =>
|
|
7015
|
-
|
|
7007
|
+
vendor.semverExports.satisfies(
|
|
7016
7008
|
// Roughly check Node range as semver.coerce will strip leading
|
|
7017
7009
|
// v's, carets (^), comparators (<,<=,>,>=,=), and tildes (~).
|
|
7018
|
-
|
|
7010
|
+
vendor.semverExports.coerce(data.engines.node),
|
|
7019
7011
|
pkgEnvDetails.pkgRequirements.node
|
|
7020
7012
|
)
|
|
7021
7013
|
)
|
|
@@ -7023,7 +7015,7 @@ async function addOverrides(pkgPath, pkgEnvDetails, options) {
|
|
|
7023
7015
|
// Chunk package names to process them in parallel 3 at a time.
|
|
7024
7016
|
await promises.pEach(manifestEntries, 3, async ({ 1: data }) => {
|
|
7025
7017
|
const { name: sockRegPkgName, package: origPkgName, version } = data
|
|
7026
|
-
const major =
|
|
7018
|
+
const major = vendor.semverExports.major(version)
|
|
7027
7019
|
const sockOverridePrefix = `${NPM$1}:${sockRegPkgName}@`
|
|
7028
7020
|
const sockOverrideSpec = `${sockOverridePrefix}${pin ? version : `^${major}`}`
|
|
7029
7021
|
for (const { 1: depObj } of depEntries) {
|
|
@@ -7047,7 +7039,8 @@ async function addOverrides(pkgPath, pkgEnvDetails, options) {
|
|
|
7047
7039
|
thisSpec.startsWith(sockOverridePrefix) &&
|
|
7048
7040
|
// Check the validity of the spec by passing it through npa and
|
|
7049
7041
|
// seeing if it will coerce to a version.
|
|
7050
|
-
|
|
7042
|
+
vendor.semverExports.coerce(vendor.npaExports(thisSpec).rawSpec)
|
|
7043
|
+
?.version
|
|
7051
7044
|
)
|
|
7052
7045
|
) {
|
|
7053
7046
|
thisSpec = sockOverrideSpec
|
|
@@ -7104,20 +7097,22 @@ async function addOverrides(pkgPath, pkgEnvDetails, options) {
|
|
|
7104
7097
|
if (thisSpec.startsWith(sockOverridePrefix)) {
|
|
7105
7098
|
if (
|
|
7106
7099
|
pin &&
|
|
7107
|
-
|
|
7100
|
+
vendor.semverExports.major(
|
|
7108
7101
|
// Check the validity of the spec by passing it through npa
|
|
7109
7102
|
// and seeing if it will coerce to a version. semver.coerce
|
|
7110
7103
|
// will strip leading v's, carets (^), comparators (<,<=,>,>=,=),
|
|
7111
7104
|
// and tildes (~). If not coerced to a valid version then
|
|
7112
7105
|
// default to the manifest entry version.
|
|
7113
|
-
|
|
7106
|
+
vendor.semverExports.coerce(
|
|
7107
|
+
vendor.npaExports(thisSpec).rawSpec
|
|
7108
|
+
)?.version ?? version
|
|
7114
7109
|
) !== major
|
|
7115
7110
|
) {
|
|
7116
7111
|
const otherVersion = (
|
|
7117
7112
|
await packages.fetchPackageManifest(thisSpec)
|
|
7118
7113
|
)?.version
|
|
7119
7114
|
if (otherVersion && otherVersion !== version) {
|
|
7120
|
-
newSpec = `${sockOverridePrefix}${pin ? otherVersion : `^${
|
|
7115
|
+
newSpec = `${sockOverridePrefix}${pin ? otherVersion : `^${vendor.semverExports.major(otherVersion)}`}`
|
|
7121
7116
|
}
|
|
7122
7117
|
}
|
|
7123
7118
|
} else {
|
|
@@ -7135,11 +7130,14 @@ async function addOverrides(pkgPath, pkgEnvDetails, options) {
|
|
|
7135
7130
|
}
|
|
7136
7131
|
})
|
|
7137
7132
|
if (workspaceGlobs) {
|
|
7138
|
-
const workspacePkgJsonPaths = await
|
|
7139
|
-
|
|
7140
|
-
|
|
7141
|
-
|
|
7142
|
-
|
|
7133
|
+
const workspacePkgJsonPaths = await vendor.distExports.glob(
|
|
7134
|
+
workspaceGlobs,
|
|
7135
|
+
{
|
|
7136
|
+
absolute: true,
|
|
7137
|
+
cwd: pkgPath,
|
|
7138
|
+
ignore: ['**/node_modules/**', '**/bower_components/**']
|
|
7139
|
+
}
|
|
7140
|
+
)
|
|
7143
7141
|
// Chunk package names to process them in parallel 3 at a time.
|
|
7144
7142
|
await promises.pEach(
|
|
7145
7143
|
workspacePkgJsonPaths,
|
|
@@ -7376,7 +7374,7 @@ async function outputOrganizationList(data, outputKind = 'text') {
|
|
|
7376
7374
|
}
|
|
7377
7375
|
logger.logger.log('# Organizations\n')
|
|
7378
7376
|
logger.logger.log(
|
|
7379
|
-
`List of organizations associated with your API key, ending with: ${
|
|
7377
|
+
`List of organizations associated with your API key, ending with: ${vendor.yoctocolorsCjsExports.italic(lastFiveOfApiToken)}\n`
|
|
7380
7378
|
)
|
|
7381
7379
|
logger.logger.log(
|
|
7382
7380
|
`| Name${' '.repeat(mw1 - 4)} | ID${' '.repeat(mw2 - 2)} | Plan${' '.repeat(mw3 - 4)} |`
|
|
@@ -7396,12 +7394,12 @@ async function outputOrganizationList(data, outputKind = 'text') {
|
|
|
7396
7394
|
}
|
|
7397
7395
|
default: {
|
|
7398
7396
|
logger.logger.log(
|
|
7399
|
-
`List of organizations associated with your API key, ending with: ${
|
|
7397
|
+
`List of organizations associated with your API key, ending with: ${vendor.yoctocolorsCjsExports.italic(lastFiveOfApiToken)}\n`
|
|
7400
7398
|
)
|
|
7401
7399
|
// Just dump
|
|
7402
7400
|
for (const o of organizations) {
|
|
7403
7401
|
logger.logger.log(
|
|
7404
|
-
`- Name: ${
|
|
7402
|
+
`- Name: ${vendor.yoctocolorsCjsExports.bold(o.name ?? 'undefined')}, ID: ${vendor.yoctocolorsCjsExports.bold(o.id)}, Plan: ${vendor.yoctocolorsCjsExports.bold(o.plan)}`
|
|
7405
7403
|
)
|
|
7406
7404
|
}
|
|
7407
7405
|
}
|
|
@@ -8390,7 +8388,7 @@ function outputPurlsShallowScore(purls, packageData, outputKind) {
|
|
|
8390
8388
|
return true // not found
|
|
8391
8389
|
})
|
|
8392
8390
|
if (outputKind === 'markdown') {
|
|
8393
|
-
logger.logger.log(
|
|
8391
|
+
logger.logger.log(vendor.stripIndents`
|
|
8394
8392
|
# Shallow Package Report
|
|
8395
8393
|
|
|
8396
8394
|
This report contains the response for requesting data on some package url(s).
|
|
@@ -8404,14 +8402,16 @@ function outputPurlsShallowScore(purls, packageData, outputKind) {
|
|
|
8404
8402
|
`)
|
|
8405
8403
|
return
|
|
8406
8404
|
}
|
|
8407
|
-
logger.logger.log(
|
|
8405
|
+
logger.logger.log(
|
|
8406
|
+
'\n' + vendor.yoctocolorsCjsExports.bold('Shallow Package Score') + '\n'
|
|
8407
|
+
)
|
|
8408
8408
|
logger.logger.log(
|
|
8409
8409
|
'Please note: The listed scores are ONLY for the package itself. It does NOT\n' +
|
|
8410
8410
|
' reflect the scores of any dependencies, transitive or otherwise.'
|
|
8411
8411
|
)
|
|
8412
8412
|
if (missing.length) {
|
|
8413
8413
|
logger.logger.log(
|
|
8414
|
-
`\nAt least one package had no response or the purl was not canonical:\n${missing.map(purl => '\n- ' +
|
|
8414
|
+
`\nAt least one package had no response or the purl was not canonical:\n${missing.map(purl => '\n- ' + vendor.yoctocolorsCjsExports.bold(purl)).join('')}`
|
|
8415
8415
|
)
|
|
8416
8416
|
}
|
|
8417
8417
|
packageData.forEach(data => {
|
|
@@ -8431,7 +8431,7 @@ function formatReportCard(data, color) {
|
|
|
8431
8431
|
const alertString = getAlertString(data.alerts, !color)
|
|
8432
8432
|
const purl = 'pkg:' + data.type + '/' + data.name + '@' + data.version
|
|
8433
8433
|
return [
|
|
8434
|
-
'Package: ' + (color ?
|
|
8434
|
+
'Package: ' + (color ? vendor.yoctocolorsCjsExports.bold(purl) : purl),
|
|
8435
8435
|
'',
|
|
8436
8436
|
...Object.entries(scoreResult).map(
|
|
8437
8437
|
score =>
|
|
@@ -8447,16 +8447,18 @@ function formatScore(score, noColor = false, pad = false) {
|
|
|
8447
8447
|
return padded
|
|
8448
8448
|
}
|
|
8449
8449
|
if (score >= 80) {
|
|
8450
|
-
return
|
|
8450
|
+
return vendor.yoctocolorsCjsExports.green(padded)
|
|
8451
8451
|
}
|
|
8452
8452
|
if (score >= 60) {
|
|
8453
|
-
return
|
|
8453
|
+
return vendor.yoctocolorsCjsExports.yellow(padded)
|
|
8454
8454
|
}
|
|
8455
|
-
return
|
|
8455
|
+
return vendor.yoctocolorsCjsExports.red(padded)
|
|
8456
8456
|
}
|
|
8457
8457
|
function getAlertString(alerts, noColor = false) {
|
|
8458
8458
|
if (!alerts?.length) {
|
|
8459
|
-
return noColor
|
|
8459
|
+
return noColor
|
|
8460
|
+
? `- Alerts: none!`
|
|
8461
|
+
: `- Alerts: ${vendor.yoctocolorsCjsExports.green('none')}!`
|
|
8460
8462
|
}
|
|
8461
8463
|
const bad = alerts
|
|
8462
8464
|
.filter(alert => alert.severity !== 'low' && alert.severity !== 'middle')
|
|
@@ -8486,22 +8488,32 @@ function getAlertString(alerts, noColor = false) {
|
|
|
8486
8488
|
)
|
|
8487
8489
|
}
|
|
8488
8490
|
return (
|
|
8489
|
-
`- Alerts (${
|
|
8491
|
+
`- Alerts (${vendor.yoctocolorsCjsExports.red(bad.length.toString())}/${vendor.yoctocolorsCjsExports.yellow(mid.length.toString())}/${low.length}):` +
|
|
8490
8492
|
' '.repeat(Math.max(0, 20 - colorless.length)) +
|
|
8491
8493
|
' ' +
|
|
8492
8494
|
[
|
|
8493
8495
|
bad
|
|
8494
8496
|
.map(alert =>
|
|
8495
|
-
|
|
8497
|
+
vendor.yoctocolorsCjsExports.red(
|
|
8498
|
+
vendor.yoctocolorsCjsExports.dim(`[${alert.severity}] `) +
|
|
8499
|
+
alert.type
|
|
8500
|
+
)
|
|
8496
8501
|
)
|
|
8497
8502
|
.join(', '),
|
|
8498
8503
|
mid
|
|
8499
8504
|
.map(alert =>
|
|
8500
|
-
|
|
8505
|
+
vendor.yoctocolorsCjsExports.yellow(
|
|
8506
|
+
vendor.yoctocolorsCjsExports.dim(`[${alert.severity}] `) +
|
|
8507
|
+
alert.type
|
|
8508
|
+
)
|
|
8501
8509
|
)
|
|
8502
8510
|
.join(', '),
|
|
8503
8511
|
low
|
|
8504
|
-
.map(
|
|
8512
|
+
.map(
|
|
8513
|
+
alert =>
|
|
8514
|
+
vendor.yoctocolorsCjsExports.dim(`[${alert.severity}] `) +
|
|
8515
|
+
alert.type
|
|
8516
|
+
)
|
|
8505
8517
|
.join(', ')
|
|
8506
8518
|
]
|
|
8507
8519
|
.filter(Boolean)
|
|
@@ -9119,27 +9131,27 @@ async function outputListRepos(data, outputKind) {
|
|
|
9119
9131
|
columns: [
|
|
9120
9132
|
{
|
|
9121
9133
|
field: 'id',
|
|
9122
|
-
name:
|
|
9134
|
+
name: vendor.yoctocolorsCjsExports.magenta('ID')
|
|
9123
9135
|
},
|
|
9124
9136
|
{
|
|
9125
9137
|
field: 'name',
|
|
9126
|
-
name:
|
|
9138
|
+
name: vendor.yoctocolorsCjsExports.magenta('Name')
|
|
9127
9139
|
},
|
|
9128
9140
|
{
|
|
9129
9141
|
field: 'visibility',
|
|
9130
|
-
name:
|
|
9142
|
+
name: vendor.yoctocolorsCjsExports.magenta('Visibility')
|
|
9131
9143
|
},
|
|
9132
9144
|
{
|
|
9133
9145
|
field: 'default_branch',
|
|
9134
|
-
name:
|
|
9146
|
+
name: vendor.yoctocolorsCjsExports.magenta('Default branch')
|
|
9135
9147
|
},
|
|
9136
9148
|
{
|
|
9137
9149
|
field: 'archived',
|
|
9138
|
-
name:
|
|
9150
|
+
name: vendor.yoctocolorsCjsExports.magenta('Archived')
|
|
9139
9151
|
}
|
|
9140
9152
|
]
|
|
9141
9153
|
}
|
|
9142
|
-
logger.logger.log(
|
|
9154
|
+
logger.logger.log(vendor.srcExports(options, data.results))
|
|
9143
9155
|
}
|
|
9144
9156
|
|
|
9145
9157
|
async function handleListRepos({
|
|
@@ -9484,35 +9496,35 @@ async function outputViewRepo(data, outputKind) {
|
|
|
9484
9496
|
columns: [
|
|
9485
9497
|
{
|
|
9486
9498
|
field: 'id',
|
|
9487
|
-
name:
|
|
9499
|
+
name: vendor.yoctocolorsCjsExports.magenta('ID')
|
|
9488
9500
|
},
|
|
9489
9501
|
{
|
|
9490
9502
|
field: 'name',
|
|
9491
|
-
name:
|
|
9503
|
+
name: vendor.yoctocolorsCjsExports.magenta('Name')
|
|
9492
9504
|
},
|
|
9493
9505
|
{
|
|
9494
9506
|
field: 'visibility',
|
|
9495
|
-
name:
|
|
9507
|
+
name: vendor.yoctocolorsCjsExports.magenta('Visibility')
|
|
9496
9508
|
},
|
|
9497
9509
|
{
|
|
9498
9510
|
field: 'default_branch',
|
|
9499
|
-
name:
|
|
9511
|
+
name: vendor.yoctocolorsCjsExports.magenta('Default branch')
|
|
9500
9512
|
},
|
|
9501
9513
|
{
|
|
9502
9514
|
field: 'homepage',
|
|
9503
|
-
name:
|
|
9515
|
+
name: vendor.yoctocolorsCjsExports.magenta('Homepage')
|
|
9504
9516
|
},
|
|
9505
9517
|
{
|
|
9506
9518
|
field: 'archived',
|
|
9507
|
-
name:
|
|
9519
|
+
name: vendor.yoctocolorsCjsExports.magenta('Archived')
|
|
9508
9520
|
},
|
|
9509
9521
|
{
|
|
9510
9522
|
field: 'created_at',
|
|
9511
|
-
name:
|
|
9523
|
+
name: vendor.yoctocolorsCjsExports.magenta('Created at')
|
|
9512
9524
|
}
|
|
9513
9525
|
]
|
|
9514
9526
|
}
|
|
9515
|
-
logger.logger.log(
|
|
9527
|
+
logger.logger.log(vendor.srcExports(options, [data]))
|
|
9516
9528
|
}
|
|
9517
9529
|
|
|
9518
9530
|
async function handleViewRepo(orgSlug, repoName, outputKind) {
|
|
@@ -10117,26 +10129,28 @@ async function outputListScans(data, outputKind) {
|
|
|
10117
10129
|
columns: [
|
|
10118
10130
|
{
|
|
10119
10131
|
field: 'id',
|
|
10120
|
-
name:
|
|
10132
|
+
name: vendor.yoctocolorsCjsExports.magenta('ID')
|
|
10121
10133
|
},
|
|
10122
10134
|
{
|
|
10123
10135
|
field: 'report_url',
|
|
10124
|
-
name:
|
|
10136
|
+
name: vendor.yoctocolorsCjsExports.magenta('Scan URL')
|
|
10125
10137
|
},
|
|
10126
10138
|
{
|
|
10127
10139
|
field: 'branch',
|
|
10128
|
-
name:
|
|
10140
|
+
name: vendor.yoctocolorsCjsExports.magenta('Branch')
|
|
10129
10141
|
},
|
|
10130
10142
|
{
|
|
10131
10143
|
field: 'created_at',
|
|
10132
|
-
name:
|
|
10144
|
+
name: vendor.yoctocolorsCjsExports.magenta('Created at')
|
|
10133
10145
|
}
|
|
10134
10146
|
]
|
|
10135
10147
|
}
|
|
10136
10148
|
const formattedResults = data.results.map(d => {
|
|
10137
10149
|
return {
|
|
10138
10150
|
id: d.id,
|
|
10139
|
-
report_url:
|
|
10151
|
+
report_url: vendor.yoctocolorsCjsExports.underline(
|
|
10152
|
+
`${d.html_report_url}`
|
|
10153
|
+
),
|
|
10140
10154
|
created_at: d.created_at
|
|
10141
10155
|
? new Date(d.created_at).toLocaleDateString('en-us', {
|
|
10142
10156
|
year: 'numeric',
|
|
@@ -10147,7 +10161,7 @@ async function outputListScans(data, outputKind) {
|
|
|
10147
10161
|
branch: d.branch
|
|
10148
10162
|
}
|
|
10149
10163
|
})
|
|
10150
|
-
logger.logger.log(
|
|
10164
|
+
logger.logger.log(vendor.srcExports(options, formattedResults))
|
|
10151
10165
|
}
|
|
10152
10166
|
|
|
10153
10167
|
async function handleListScans({
|
|
@@ -11148,7 +11162,7 @@ async function run$1(argv, importMeta, { parentName }) {
|
|
|
11148
11162
|
}
|
|
11149
11163
|
|
|
11150
11164
|
function addSocketWrapper(file) {
|
|
11151
|
-
return
|
|
11165
|
+
return require$$0.appendFile(
|
|
11152
11166
|
file,
|
|
11153
11167
|
'alias npm="socket npm"\nalias npx="socket npx"\n',
|
|
11154
11168
|
err => {
|
|
@@ -11157,7 +11171,7 @@ function addSocketWrapper(file) {
|
|
|
11157
11171
|
}
|
|
11158
11172
|
// TODO: pretty sure you need to source the file or restart
|
|
11159
11173
|
// any terminal session before changes are reflected.
|
|
11160
|
-
logger.logger.log(
|
|
11174
|
+
logger.logger.log(vendor.stripIndents`
|
|
11161
11175
|
The alias was added to ${file}. Running 'npm install' will now be wrapped in Socket's "safe npm" 🎉
|
|
11162
11176
|
If you want to disable it at any time, run \`socket wrapper --disable\`
|
|
11163
11177
|
`)
|
|
@@ -11166,7 +11180,7 @@ If you want to disable it at any time, run \`socket wrapper --disable\`
|
|
|
11166
11180
|
}
|
|
11167
11181
|
|
|
11168
11182
|
function checkSocketWrapperSetup(file) {
|
|
11169
|
-
const fileContent =
|
|
11183
|
+
const fileContent = require$$0.readFileSync(file, 'utf8')
|
|
11170
11184
|
const linesWithSocketAlias = fileContent
|
|
11171
11185
|
.split('\n')
|
|
11172
11186
|
.filter(
|
|
@@ -11185,10 +11199,11 @@ async function postinstallWrapper() {
|
|
|
11185
11199
|
// Lazily access constants.bashRcPath and constants.zshRcPath.
|
|
11186
11200
|
const { bashRcPath, zshRcPath } = constants
|
|
11187
11201
|
const socketWrapperEnabled =
|
|
11188
|
-
(
|
|
11189
|
-
|
|
11202
|
+
(require$$0.existsSync(bashRcPath) &&
|
|
11203
|
+
checkSocketWrapperSetup(bashRcPath)) ||
|
|
11204
|
+
(require$$0.existsSync(zshRcPath) && checkSocketWrapperSetup(zshRcPath))
|
|
11190
11205
|
if (!socketWrapperEnabled) {
|
|
11191
|
-
await installSafeNpm(
|
|
11206
|
+
await installSafeNpm(vendor.stripIndents`
|
|
11192
11207
|
The Socket CLI is now successfully installed! 🎉
|
|
11193
11208
|
|
|
11194
11209
|
To better protect yourself against supply-chain attacks, our "safe npm" wrapper can warn you about malicious packages whenever you run 'npm install'.
|
|
@@ -11213,10 +11228,10 @@ async function installSafeNpm(query) {
|
|
|
11213
11228
|
// Lazily access constants.bashRcPath and constants.zshRcPath.
|
|
11214
11229
|
const { bashRcPath, zshRcPath } = constants
|
|
11215
11230
|
try {
|
|
11216
|
-
if (
|
|
11231
|
+
if (require$$0.existsSync(bashRcPath)) {
|
|
11217
11232
|
addSocketWrapper(bashRcPath)
|
|
11218
11233
|
}
|
|
11219
|
-
if (
|
|
11234
|
+
if (require$$0.existsSync(zshRcPath)) {
|
|
11220
11235
|
addSocketWrapper(zshRcPath)
|
|
11221
11236
|
}
|
|
11222
11237
|
} catch (e) {
|
|
@@ -11228,7 +11243,7 @@ async function installSafeNpm(query) {
|
|
|
11228
11243
|
}
|
|
11229
11244
|
|
|
11230
11245
|
function removeSocketWrapper(file) {
|
|
11231
|
-
return
|
|
11246
|
+
return require$$0.readFile(file, 'utf8', function (err, data) {
|
|
11232
11247
|
if (err) {
|
|
11233
11248
|
logger.logger.fail('There was an error removing the alias:')
|
|
11234
11249
|
logger.logger.error(err)
|
|
@@ -11240,7 +11255,7 @@ function removeSocketWrapper(file) {
|
|
|
11240
11255
|
l => l !== 'alias npm="socket npm"' && l !== 'alias npx="socket npx"'
|
|
11241
11256
|
)
|
|
11242
11257
|
const updatedFileContent = linesWithoutSocketAlias.join('\n')
|
|
11243
|
-
|
|
11258
|
+
require$$0.writeFile(file, updatedFileContent, function (err) {
|
|
11244
11259
|
if (err) {
|
|
11245
11260
|
logger.logger.error(err)
|
|
11246
11261
|
return
|
|
@@ -11328,21 +11343,27 @@ async function run(argv, importMeta, { parentName }) {
|
|
|
11328
11343
|
// Lazily access constants.bashRcPath and constants.zshRcPath.
|
|
11329
11344
|
const { bashRcPath, zshRcPath } = constants
|
|
11330
11345
|
if (enable) {
|
|
11331
|
-
if (
|
|
11346
|
+
if (
|
|
11347
|
+
require$$0.existsSync(bashRcPath) &&
|
|
11348
|
+
!checkSocketWrapperSetup(bashRcPath)
|
|
11349
|
+
) {
|
|
11332
11350
|
addSocketWrapper(bashRcPath)
|
|
11333
11351
|
}
|
|
11334
|
-
if (
|
|
11352
|
+
if (
|
|
11353
|
+
require$$0.existsSync(zshRcPath) &&
|
|
11354
|
+
!checkSocketWrapperSetup(zshRcPath)
|
|
11355
|
+
) {
|
|
11335
11356
|
addSocketWrapper(zshRcPath)
|
|
11336
11357
|
}
|
|
11337
11358
|
} else {
|
|
11338
|
-
if (
|
|
11359
|
+
if (require$$0.existsSync(bashRcPath)) {
|
|
11339
11360
|
removeSocketWrapper(bashRcPath)
|
|
11340
11361
|
}
|
|
11341
|
-
if (
|
|
11362
|
+
if (require$$0.existsSync(zshRcPath)) {
|
|
11342
11363
|
removeSocketWrapper(zshRcPath)
|
|
11343
11364
|
}
|
|
11344
11365
|
}
|
|
11345
|
-
if (!
|
|
11366
|
+
if (!require$$0.existsSync(bashRcPath) && !require$$0.existsSync(zshRcPath)) {
|
|
11346
11367
|
logger.logger.fail(
|
|
11347
11368
|
'There was an issue setting up the alias in your bash profile'
|
|
11348
11369
|
)
|
|
@@ -11356,7 +11377,7 @@ void (async () => {
|
|
|
11356
11377
|
await vendor.updater({
|
|
11357
11378
|
name: SOCKET_CLI_BIN_NAME,
|
|
11358
11379
|
// The '@rollup/plugin-replace' will replace "process.env['INLINED_SOCKET_CLI_VERSION']".
|
|
11359
|
-
version: '0.14.
|
|
11380
|
+
version: '0.14.95',
|
|
11360
11381
|
ttl: 86_400_000 /* 24 hours in milliseconds */
|
|
11361
11382
|
})
|
|
11362
11383
|
try {
|
|
@@ -11393,7 +11414,7 @@ void (async () => {
|
|
|
11393
11414
|
argv: process$1.argv.slice(2),
|
|
11394
11415
|
name: SOCKET_CLI_BIN_NAME,
|
|
11395
11416
|
importMeta: {
|
|
11396
|
-
url: `${require$$0.pathToFileURL(__filename)}`
|
|
11417
|
+
url: `${require$$0$2.pathToFileURL(__filename)}`
|
|
11397
11418
|
}
|
|
11398
11419
|
}
|
|
11399
11420
|
)
|
|
@@ -11411,8 +11432,8 @@ void (async () => {
|
|
|
11411
11432
|
errorBody = e.body
|
|
11412
11433
|
} else if (e instanceof Error) {
|
|
11413
11434
|
errorTitle = 'Unexpected error'
|
|
11414
|
-
errorMessage =
|
|
11415
|
-
errorBody =
|
|
11435
|
+
errorMessage = vendor.messageWithCauses(e)
|
|
11436
|
+
errorBody = vendor.stackWithCauses(e)
|
|
11416
11437
|
} else {
|
|
11417
11438
|
errorTitle = 'Unexpected error with no details'
|
|
11418
11439
|
}
|
|
@@ -11424,5 +11445,5 @@ void (async () => {
|
|
|
11424
11445
|
await shadowNpmInject.captureException(e)
|
|
11425
11446
|
}
|
|
11426
11447
|
})()
|
|
11427
|
-
//# debugId=
|
|
11448
|
+
//# debugId=4e21884a-80c4-4f38-8597-4b9f4bfb5852
|
|
11428
11449
|
//# sourceMappingURL=cli.js.map
|