@socketsecurity/cli 0.14.94 → 0.14.96
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/constants.js +3 -3
- package/dist/constants.js.map +1 -1
- package/dist/module-sync/cli.js +178 -159
- package/dist/module-sync/cli.js.map +1 -1
- package/dist/module-sync/shadow-bin.js +3 -14
- package/dist/module-sync/shadow-bin.js.map +1 -1
- package/dist/module-sync/shadow-npm-inject.js +68 -59
- package/dist/module-sync/shadow-npm-inject.js.map +1 -1
- package/dist/module-sync/shadow-npm-paths.js +16 -29
- package/dist/module-sync/shadow-npm-paths.js.map +1 -1
- package/dist/module-sync/vendor.d.ts +0 -0
- package/dist/module-sync/vendor.js +85829 -12598
- package/dist/module-sync/vendor.js.map +1 -1
- package/dist/require/cli.js +160 -140
- package/dist/require/cli.js.map +1 -1
- package/dist/require/shadow-bin.d.ts +5 -0
- package/dist/require/shadow-bin.js +104 -1
- package/dist/require/shadow-bin.js.map +1 -0
- package/dist/require/shadow-npm-inject.d.ts +1 -0
- package/dist/require/shadow-npm-inject.js +2335 -1
- package/dist/require/shadow-npm-inject.js.map +1 -0
- package/dist/require/shadow-npm-paths.d.ts +29 -0
- package/dist/require/shadow-npm-paths.js +454 -1
- package/dist/require/shadow-npm-paths.js.map +1 -0
- package/package.json +29 -29
- package/dist/blessed/lib/alias.js +0 -521
- package/dist/blessed/lib/blessed.js +0 -34
- package/dist/blessed/lib/colors.js +0 -492
- package/dist/blessed/lib/events.js +0 -197
- package/dist/blessed/lib/gpmclient.js +0 -247
- package/dist/blessed/lib/helpers.js +0 -172
- package/dist/blessed/lib/keys.js +0 -514
- package/dist/blessed/lib/program.js +0 -4532
- package/dist/blessed/lib/tput.js +0 -3113
- package/dist/blessed/lib/unicode.js +0 -914
- package/dist/blessed/lib/widget.js +0 -62
- package/dist/blessed/lib/widgets/ansiimage.js +0 -175
- package/dist/blessed/lib/widgets/bigtext.js +0 -172
- package/dist/blessed/lib/widgets/box.js +0 -36
- package/dist/blessed/lib/widgets/button.js +0 -64
- package/dist/blessed/lib/widgets/checkbox.js +0 -97
- package/dist/blessed/lib/widgets/element.js +0 -2873
- package/dist/blessed/lib/widgets/filemanager.js +0 -225
- package/dist/blessed/lib/widgets/form.js +0 -303
- package/dist/blessed/lib/widgets/image.js +0 -73
- package/dist/blessed/lib/widgets/input.js +0 -36
- package/dist/blessed/lib/widgets/layout.js +0 -251
- package/dist/blessed/lib/widgets/line.js +0 -61
- package/dist/blessed/lib/widgets/list.js +0 -654
- package/dist/blessed/lib/widgets/listbar.js +0 -454
- package/dist/blessed/lib/widgets/listtable.js +0 -267
- package/dist/blessed/lib/widgets/loading.js +0 -90
- package/dist/blessed/lib/widgets/log.js +0 -84
- package/dist/blessed/lib/widgets/message.js +0 -147
- package/dist/blessed/lib/widgets/node.js +0 -315
- package/dist/blessed/lib/widgets/overlayimage.js +0 -796
- package/dist/blessed/lib/widgets/progressbar.js +0 -168
- package/dist/blessed/lib/widgets/prompt.js +0 -129
- package/dist/blessed/lib/widgets/question.js +0 -131
- package/dist/blessed/lib/widgets/radiobutton.js +0 -64
- package/dist/blessed/lib/widgets/radioset.js +0 -38
- package/dist/blessed/lib/widgets/screen.js +0 -2487
- package/dist/blessed/lib/widgets/scrollablebox.js +0 -417
- package/dist/blessed/lib/widgets/scrollabletext.js +0 -37
- package/dist/blessed/lib/widgets/table.js +0 -385
- package/dist/blessed/lib/widgets/terminal.js +0 -454
- package/dist/blessed/lib/widgets/text.js +0 -37
- package/dist/blessed/lib/widgets/textarea.js +0 -378
- package/dist/blessed/lib/widgets/textbox.js +0 -81
- package/dist/blessed/lib/widgets/video.js +0 -132
- package/dist/blessed/usr/fonts/AUTHORS +0 -1
- package/dist/blessed/usr/fonts/LICENSE +0 -94
- package/dist/blessed/usr/fonts/README +0 -340
- package/dist/blessed/usr/fonts/ter-u14b.json +0 -17826
- package/dist/blessed/usr/fonts/ter-u14n.json +0 -17826
- package/dist/blessed/usr/linux +0 -0
- package/dist/blessed/usr/windows-ansi +0 -0
- package/dist/blessed/usr/xterm +0 -0
- package/dist/blessed/usr/xterm-256color +0 -0
- package/dist/blessed/usr/xterm.termcap +0 -243
- package/dist/blessed/usr/xterm.terminfo +0 -1977
- package/dist/blessed/vendor/tng.js +0 -1878
package/dist/require/cli.js
CHANGED
|
@@ -12,54 +12,38 @@ function _socketInterop(e) {
|
|
|
12
12
|
}
|
|
13
13
|
|
|
14
14
|
const process$1 = require('node:process')
|
|
15
|
-
const require$$0 = require('node:url')
|
|
16
|
-
const ponyCause = _socketInterop(require('pony-cause'))
|
|
15
|
+
const require$$0$2 = require('node:url')
|
|
17
16
|
const vendor = require('./vendor.js')
|
|
18
17
|
const debug = require('@socketsecurity/registry/lib/debug')
|
|
19
18
|
const logger = require('@socketsecurity/registry/lib/logger')
|
|
20
19
|
const assert = require('node:assert')
|
|
21
20
|
const fs = require('node:fs/promises')
|
|
22
|
-
const commonTags = _socketInterop(require('common-tags'))
|
|
23
21
|
const strings = require('@socketsecurity/registry/lib/strings')
|
|
24
22
|
const shadowNpmInject = require('./shadow-npm-inject.js')
|
|
25
23
|
const constants = require('./constants.js')
|
|
26
|
-
const colors = _socketInterop(require('yoctocolors-cjs'))
|
|
27
24
|
const path$1 = require('node:path')
|
|
28
25
|
const objects = require('@socketsecurity/registry/lib/objects')
|
|
29
26
|
const path = require('@socketsecurity/registry/lib/path')
|
|
30
27
|
const regexps = require('@socketsecurity/registry/lib/regexps')
|
|
31
|
-
const yargsParse = _socketInterop(require('yargs-parser'))
|
|
32
28
|
const words = require('@socketsecurity/registry/lib/words')
|
|
33
|
-
const
|
|
29
|
+
const require$$0 = require('node:fs')
|
|
34
30
|
const shadowBin = require('./shadow-bin.js')
|
|
35
31
|
const prompts = require('@socketsecurity/registry/lib/prompts')
|
|
36
32
|
const shadowNpmPaths = require('./shadow-npm-paths.js')
|
|
37
|
-
const chalkTable = _socketInterop(require('chalk-table'))
|
|
38
33
|
const require$$0$1 = require('node:util')
|
|
39
|
-
const terminalLink = _socketInterop(require('terminal-link'))
|
|
40
34
|
const arrays = require('@socketsecurity/registry/lib/arrays')
|
|
41
35
|
const registry = require('@socketsecurity/registry')
|
|
42
36
|
const npm = require('@socketsecurity/registry/lib/npm')
|
|
43
37
|
const packages = require('@socketsecurity/registry/lib/packages')
|
|
44
38
|
const spawn = require('@socketsecurity/registry/lib/spawn')
|
|
45
|
-
const lockfile_fs = _socketInterop(require('@pnpm/lockfile.fs'))
|
|
46
|
-
const lockfile_detectDepTypes = _socketInterop(
|
|
47
|
-
require('@pnpm/lockfile.detect-dep-types')
|
|
48
|
-
)
|
|
49
|
-
const browserslist = _socketInterop(require('browserslist'))
|
|
50
|
-
const semver = _socketInterop(require('semver'))
|
|
51
|
-
const which = _socketInterop(require('which'))
|
|
52
39
|
const index_cjs = require('@socketregistry/hyrious__bun.lockb/index.cjs')
|
|
53
40
|
const sorts = require('@socketsecurity/registry/lib/sorts')
|
|
54
41
|
const registryConstants = require('@socketsecurity/registry/lib/constants')
|
|
55
42
|
const isInteractive = require('@socketregistry/is-interactive/index.cjs')
|
|
56
|
-
const npa = _socketInterop(require('npm-package-arg'))
|
|
57
|
-
const tinyglobby = _socketInterop(require('tinyglobby'))
|
|
58
43
|
const promises = require('@socketsecurity/registry/lib/promises')
|
|
59
|
-
const yaml = _socketInterop(require('yaml'))
|
|
60
44
|
|
|
61
45
|
function failMsgWithBadge(badge, msg) {
|
|
62
|
-
return `${
|
|
46
|
+
return `${vendor.yoctocolorsCjsExports.bgRed(vendor.yoctocolorsCjsExports.bold(vendor.yoctocolorsCjsExports.white(` ${badge}: `)))} ${vendor.yoctocolorsCjsExports.bold(msg)}`
|
|
63
47
|
}
|
|
64
48
|
|
|
65
49
|
function handleUnsuccessfulApiResponse(_name, sockSdkError) {
|
|
@@ -362,7 +346,7 @@ function renderJson(data) {
|
|
|
362
346
|
}
|
|
363
347
|
}
|
|
364
348
|
function renderMarkdown(data, days, repoSlug) {
|
|
365
|
-
return
|
|
349
|
+
return vendor.stripIndents`
|
|
366
350
|
# Socket Alert Analytics
|
|
367
351
|
|
|
368
352
|
These are the Socket.dev stats are analytics for the ${repoSlug ? `${repoSlug} repo` : 'org'} of the past ${days} days
|
|
@@ -402,7 +386,7 @@ ${[
|
|
|
402
386
|
]
|
|
403
387
|
]
|
|
404
388
|
.map(
|
|
405
|
-
([title, table]) =>
|
|
389
|
+
([title, table]) => vendor.stripIndents`
|
|
406
390
|
## ${title}
|
|
407
391
|
|
|
408
392
|
${table}
|
|
@@ -681,7 +665,7 @@ function handleBadInput(...checks) {
|
|
|
681
665
|
// If the message has newlines then format the first line with the input
|
|
682
666
|
// expectation and teh rest indented below it
|
|
683
667
|
msg.push(
|
|
684
|
-
` - ${lines[0]} (${d.test ?
|
|
668
|
+
` - ${lines[0]} (${d.test ? vendor.yoctocolorsCjsExports.green(d.pass) : vendor.yoctocolorsCjsExports.red(d.fail)})`
|
|
685
669
|
)
|
|
686
670
|
if (lines.length > 1) {
|
|
687
671
|
msg.push(...lines.slice(1).map(str => ` ${str}`))
|
|
@@ -915,7 +899,7 @@ function emitBanner(name) {
|
|
|
915
899
|
logger.logger.error(getAsciiHeader(name))
|
|
916
900
|
}
|
|
917
901
|
function getAsciiHeader(command) {
|
|
918
|
-
const cliVersion = '0.14.
|
|
902
|
+
const cliVersion = '0.14.96:b940b80:a8cd3de0:pub' // The '@rollup/plugin-replace' will replace "process.env['INLINED_SOCKET_CLI_VERSION_HASH']".
|
|
919
903
|
const nodeVersion = process$1.version
|
|
920
904
|
const apiToken = shadowNpmInject.getDefaultToken()
|
|
921
905
|
const shownToken = apiToken ? getLastFiveOfApiToken(apiToken) : 'no'
|
|
@@ -1361,9 +1345,9 @@ async function runCycloneDX(yargvWithYes) {
|
|
|
1361
1345
|
if (
|
|
1362
1346
|
yargv.type !== YARN$1 &&
|
|
1363
1347
|
nodejsPlatformTypes.has(yargv.type) &&
|
|
1364
|
-
|
|
1348
|
+
require$$0.existsSync(`./${YARN_LOCK}`)
|
|
1365
1349
|
) {
|
|
1366
|
-
if (
|
|
1350
|
+
if (require$$0.existsSync(`./${PACKAGE_LOCK_JSON}`)) {
|
|
1367
1351
|
yargv.type = NPM$g
|
|
1368
1352
|
} else {
|
|
1369
1353
|
// Use synp to create a package-lock.json from the yarn.lock,
|
|
@@ -1389,12 +1373,14 @@ async function runCycloneDX(yargvWithYes) {
|
|
|
1389
1373
|
])
|
|
1390
1374
|
if (cleanupPackageLock) {
|
|
1391
1375
|
try {
|
|
1392
|
-
await
|
|
1376
|
+
await require$$0.promises.rm(`./${PACKAGE_LOCK_JSON}`)
|
|
1393
1377
|
} catch {}
|
|
1394
1378
|
}
|
|
1395
1379
|
const fullOutputPath = path$1.join(process$1.cwd(), yargv.output)
|
|
1396
|
-
if (
|
|
1397
|
-
logger.logger.log(
|
|
1380
|
+
if (require$$0.existsSync(fullOutputPath)) {
|
|
1381
|
+
logger.logger.log(
|
|
1382
|
+
vendor.yoctocolorsCjsExports.cyanBright(`${yargv.output} created!`)
|
|
1383
|
+
)
|
|
1398
1384
|
}
|
|
1399
1385
|
}
|
|
1400
1386
|
function argvToArray(argv) {
|
|
@@ -1597,7 +1583,7 @@ async function run$I(argv, importMeta, { parentName }) {
|
|
|
1597
1583
|
|
|
1598
1584
|
// TODO: Convert to meow.
|
|
1599
1585
|
const yargv = {
|
|
1600
|
-
...
|
|
1586
|
+
...vendor.yargsParser(argv, yargsConfig)
|
|
1601
1587
|
}
|
|
1602
1588
|
const unknown = yargv._
|
|
1603
1589
|
const { length: unknownLength } = unknown
|
|
@@ -2332,7 +2318,9 @@ async function outputCreateNewScan(data, outputKind) {
|
|
|
2332
2318
|
logger.logger.log('')
|
|
2333
2319
|
return
|
|
2334
2320
|
}
|
|
2335
|
-
const link =
|
|
2321
|
+
const link = vendor.yoctocolorsCjsExports.underline(
|
|
2322
|
+
vendor.yoctocolorsCjsExports.cyan(`${data.html_report_url}`)
|
|
2323
|
+
)
|
|
2336
2324
|
logger.logger.log(`Available at: ${link}`)
|
|
2337
2325
|
if (
|
|
2338
2326
|
await prompts.confirm({
|
|
@@ -3327,35 +3315,35 @@ async function outputDependencies(data, { limit, offset, outputKind }) {
|
|
|
3327
3315
|
columns: [
|
|
3328
3316
|
{
|
|
3329
3317
|
field: 'namespace',
|
|
3330
|
-
name:
|
|
3318
|
+
name: vendor.yoctocolorsCjsExports.cyan('Namespace')
|
|
3331
3319
|
},
|
|
3332
3320
|
{
|
|
3333
3321
|
field: 'name',
|
|
3334
|
-
name:
|
|
3322
|
+
name: vendor.yoctocolorsCjsExports.cyan('Name')
|
|
3335
3323
|
},
|
|
3336
3324
|
{
|
|
3337
3325
|
field: 'version',
|
|
3338
|
-
name:
|
|
3326
|
+
name: vendor.yoctocolorsCjsExports.cyan('Version')
|
|
3339
3327
|
},
|
|
3340
3328
|
{
|
|
3341
3329
|
field: 'repository',
|
|
3342
|
-
name:
|
|
3330
|
+
name: vendor.yoctocolorsCjsExports.cyan('Repository')
|
|
3343
3331
|
},
|
|
3344
3332
|
{
|
|
3345
3333
|
field: 'branch',
|
|
3346
|
-
name:
|
|
3334
|
+
name: vendor.yoctocolorsCjsExports.cyan('Branch')
|
|
3347
3335
|
},
|
|
3348
3336
|
{
|
|
3349
3337
|
field: 'type',
|
|
3350
|
-
name:
|
|
3338
|
+
name: vendor.yoctocolorsCjsExports.cyan('Type')
|
|
3351
3339
|
},
|
|
3352
3340
|
{
|
|
3353
3341
|
field: 'direct',
|
|
3354
|
-
name:
|
|
3342
|
+
name: vendor.yoctocolorsCjsExports.cyan('Direct')
|
|
3355
3343
|
}
|
|
3356
3344
|
]
|
|
3357
3345
|
}
|
|
3358
|
-
logger.logger.log(
|
|
3346
|
+
logger.logger.log(vendor.srcExports(options, data.rows))
|
|
3359
3347
|
}
|
|
3360
3348
|
|
|
3361
3349
|
async function handleDependencies({ limit, offset, outputKind }) {
|
|
@@ -3482,7 +3470,7 @@ async function fetchDiffScan({ after, before, orgSlug }) {
|
|
|
3482
3470
|
async function outputDiffScan(result, { depth, file, outputKind }) {
|
|
3483
3471
|
const dashboardUrl = result.diff_report_url
|
|
3484
3472
|
const dashboardMessage = dashboardUrl
|
|
3485
|
-
? `\n View this diff scan in the Socket dashboard: ${
|
|
3473
|
+
? `\n View this diff scan in the Socket dashboard: ${vendor.yoctocolorsCjsExports.cyan(dashboardUrl)}`
|
|
3486
3474
|
: ''
|
|
3487
3475
|
|
|
3488
3476
|
// When forcing json, or dumping to file, serialize to string such that it
|
|
@@ -3501,7 +3489,7 @@ async function outputDiffScan(result, { depth, file, outputKind }) {
|
|
|
3501
3489
|
}
|
|
3502
3490
|
if (file && file !== '-') {
|
|
3503
3491
|
logger.logger.log(`Writing json to \`${file}\``)
|
|
3504
|
-
|
|
3492
|
+
require$$0.writeFile(file, JSON.stringify(result, null, 2), err => {
|
|
3505
3493
|
if (err) {
|
|
3506
3494
|
logger.logger.fail(`Writing to \`${file}\` failed...`)
|
|
3507
3495
|
logger.logger.error(err)
|
|
@@ -3820,7 +3808,6 @@ async function openGitHubPullRequest(
|
|
|
3820
3808
|
if (!pat) {
|
|
3821
3809
|
throw new Error('Missing SOCKET_SECURITY_GITHUB_PAT environment variable')
|
|
3822
3810
|
}
|
|
3823
|
-
const commitMsg = `chore: upgrade ${name} to ${version}`
|
|
3824
3811
|
const url = `https://x-access-token:${pat}@github.com/${owner}/${repo}`
|
|
3825
3812
|
await spawn.spawn('git', ['remote', 'set-url', 'origin', url], {
|
|
3826
3813
|
cwd
|
|
@@ -3829,8 +3816,8 @@ async function openGitHubPullRequest(
|
|
|
3829
3816
|
return await octokit.pulls.create({
|
|
3830
3817
|
owner,
|
|
3831
3818
|
repo,
|
|
3832
|
-
title:
|
|
3833
|
-
head:
|
|
3819
|
+
title: `chore: upgrade ${name} to ${version}`,
|
|
3820
|
+
head: branch,
|
|
3834
3821
|
base: baseBranch,
|
|
3835
3822
|
body: `[socket] Upgrade \`${name}\` to ${version}`
|
|
3836
3823
|
})
|
|
@@ -4058,7 +4045,7 @@ async function getAlertsMapFromPnpmLockfile(lockfile, options_) {
|
|
|
4058
4045
|
...options.include
|
|
4059
4046
|
}
|
|
4060
4047
|
const { spinner } = options
|
|
4061
|
-
const depTypes =
|
|
4048
|
+
const depTypes = vendor.libExports$2.detectDepTypes(lockfile)
|
|
4062
4049
|
const pkgIds = Object.keys(depTypes)
|
|
4063
4050
|
let { length: remaining } = pkgIds
|
|
4064
4051
|
const alertsByPkgId = new Map()
|
|
@@ -4260,7 +4247,7 @@ async function pnpmFix(
|
|
|
4260
4247
|
pkgEnvDetails,
|
|
4261
4248
|
{ autoMerge, cwd, rangeStyle, spinner, test, testScript }
|
|
4262
4249
|
) {
|
|
4263
|
-
const lockfile = await
|
|
4250
|
+
const lockfile = await vendor.libExports$3.readWantedLockfile(cwd, {
|
|
4264
4251
|
ignoreIncompatible: false
|
|
4265
4252
|
})
|
|
4266
4253
|
if (!lockfile) {
|
|
@@ -4509,7 +4496,7 @@ const binByAgent = new Map([
|
|
|
4509
4496
|
async function getAgentExecPath(agent) {
|
|
4510
4497
|
const binName = binByAgent.get(agent)
|
|
4511
4498
|
return (
|
|
4512
|
-
(await
|
|
4499
|
+
(await vendor.libExports$1(binName, {
|
|
4513
4500
|
nothrow: true
|
|
4514
4501
|
})) ?? binName
|
|
4515
4502
|
)
|
|
@@ -4521,7 +4508,7 @@ async function getAgentVersion(agentExecPath, cwd) {
|
|
|
4521
4508
|
// Coerce version output into a valid semver version by passing it through
|
|
4522
4509
|
// semver.coerce which strips leading v's, carets (^), comparators (<,<=,>,>=,=),
|
|
4523
4510
|
// and tildes (~).
|
|
4524
|
-
|
|
4511
|
+
vendor.semverExports.coerce(
|
|
4525
4512
|
// All package managers support the "--version" flag.
|
|
4526
4513
|
(
|
|
4527
4514
|
await spawn.spawn(agentExecPath, ['--version'], {
|
|
@@ -4615,7 +4602,7 @@ async function detectPackageEnvironment({
|
|
|
4615
4602
|
cwd
|
|
4616
4603
|
})
|
|
4617
4604
|
const pkgPath =
|
|
4618
|
-
pkgJsonPath &&
|
|
4605
|
+
pkgJsonPath && require$$0.existsSync(pkgJsonPath)
|
|
4619
4606
|
? path$1.dirname(pkgJsonPath)
|
|
4620
4607
|
: undefined
|
|
4621
4608
|
const editablePkgJson = pkgPath
|
|
@@ -4669,7 +4656,7 @@ async function detectPackageEnvironment({
|
|
|
4669
4656
|
// Lazily access constants.minimumVersionByAgent.
|
|
4670
4657
|
const minSupportedAgentVersion = constants.minimumVersionByAgent.get(agent)
|
|
4671
4658
|
const minSupportedNodeVersion = maintainedNodeVersions.last
|
|
4672
|
-
const nodeVersion =
|
|
4659
|
+
const nodeVersion = vendor.semverExports.coerce(process$1.version)
|
|
4673
4660
|
let lockSrc
|
|
4674
4661
|
let pkgAgentRange
|
|
4675
4662
|
let pkgNodeRange
|
|
@@ -4683,8 +4670,8 @@ async function detectPackageEnvironment({
|
|
|
4683
4670
|
pkgAgentRange = engineAgentRange
|
|
4684
4671
|
// Roughly check agent range as semver.coerce will strip leading
|
|
4685
4672
|
// v's, carets (^), comparators (<,<=,>,>=,=), and tildes (~).
|
|
4686
|
-
const coerced =
|
|
4687
|
-
if (coerced &&
|
|
4673
|
+
const coerced = vendor.semverExports.coerce(pkgAgentRange)
|
|
4674
|
+
if (coerced && vendor.semverExports.lt(coerced, pkgMinAgentVersion)) {
|
|
4688
4675
|
pkgMinAgentVersion = coerced.version
|
|
4689
4676
|
}
|
|
4690
4677
|
}
|
|
@@ -4692,22 +4679,23 @@ async function detectPackageEnvironment({
|
|
|
4692
4679
|
pkgNodeRange = engineNodeRange
|
|
4693
4680
|
// Roughly check Node range as semver.coerce will strip leading
|
|
4694
4681
|
// v's, carets (^), comparators (<,<=,>,>=,=), and tildes (~).
|
|
4695
|
-
const coerced =
|
|
4696
|
-
if (coerced &&
|
|
4682
|
+
const coerced = vendor.semverExports.coerce(pkgNodeRange)
|
|
4683
|
+
if (coerced && vendor.semverExports.lt(coerced, pkgMinNodeVersion)) {
|
|
4697
4684
|
pkgMinNodeVersion = coerced.version
|
|
4698
4685
|
}
|
|
4699
4686
|
}
|
|
4700
4687
|
const browserslistQuery = pkgJson['browserslist']
|
|
4701
4688
|
if (Array.isArray(browserslistQuery)) {
|
|
4702
4689
|
// List Node targets in ascending version order.
|
|
4703
|
-
const browserslistNodeTargets =
|
|
4690
|
+
const browserslistNodeTargets = vendor
|
|
4691
|
+
.browserslistExports(browserslistQuery)
|
|
4704
4692
|
.filter(v => /^node /i.test(v))
|
|
4705
4693
|
.map(v => v.slice(5 /*'node '.length*/))
|
|
4706
4694
|
.sort(sorts.naturalCompare)
|
|
4707
4695
|
if (browserslistNodeTargets.length) {
|
|
4708
4696
|
// browserslistNodeTargets[0] is the lowest Node target version.
|
|
4709
|
-
const coerced =
|
|
4710
|
-
if (coerced &&
|
|
4697
|
+
const coerced = vendor.semverExports.coerce(browserslistNodeTargets[0])
|
|
4698
|
+
if (coerced && vendor.semverExports.lt(coerced, pkgMinNodeVersion)) {
|
|
4711
4699
|
pkgMinNodeVersion = coerced.version
|
|
4712
4700
|
}
|
|
4713
4701
|
}
|
|
@@ -4723,17 +4711,20 @@ async function detectPackageEnvironment({
|
|
|
4723
4711
|
// Does the system agent version meet our minimum supported agent version?
|
|
4724
4712
|
const agentSupported =
|
|
4725
4713
|
!!agentVersion &&
|
|
4726
|
-
|
|
4714
|
+
vendor.semverExports.satisfies(
|
|
4715
|
+
agentVersion,
|
|
4716
|
+
`>=${minSupportedAgentVersion}`
|
|
4717
|
+
)
|
|
4727
4718
|
|
|
4728
4719
|
// Does the system Node version meet our minimum supported Node version?
|
|
4729
|
-
const nodeSupported =
|
|
4720
|
+
const nodeSupported = vendor.semverExports.satisfies(
|
|
4730
4721
|
nodeVersion,
|
|
4731
4722
|
`>=${minSupportedNodeVersion}`
|
|
4732
4723
|
)
|
|
4733
4724
|
const npmBuggyOverrides =
|
|
4734
4725
|
agent === NPM$b &&
|
|
4735
4726
|
!!agentVersion &&
|
|
4736
|
-
|
|
4727
|
+
vendor.semverExports.lt(agentVersion, NPM_BUGGY_OVERRIDES_PATCHED_VERSION$1)
|
|
4737
4728
|
return {
|
|
4738
4729
|
agent,
|
|
4739
4730
|
agentExecPath,
|
|
@@ -4756,13 +4747,13 @@ async function detectPackageEnvironment({
|
|
|
4756
4747
|
},
|
|
4757
4748
|
pkgSupports: {
|
|
4758
4749
|
// Does our minimum supported agent version meet the package's requirements?
|
|
4759
|
-
agent:
|
|
4750
|
+
agent: vendor.semverExports.satisfies(
|
|
4760
4751
|
minSupportedAgentVersion,
|
|
4761
4752
|
`>=${pkgMinAgentVersion}`
|
|
4762
4753
|
),
|
|
4763
4754
|
// Does our supported Node versions meet the package's requirements?
|
|
4764
4755
|
node: maintainedNodeVersions.some(v =>
|
|
4765
|
-
|
|
4756
|
+
vendor.semverExports.satisfies(v, `>=${pkgMinNodeVersion}`)
|
|
4766
4757
|
)
|
|
4767
4758
|
}
|
|
4768
4759
|
}
|
|
@@ -4910,12 +4901,12 @@ const config$z = {
|
|
|
4910
4901
|
autoMerge: {
|
|
4911
4902
|
type: 'boolean',
|
|
4912
4903
|
default: false,
|
|
4913
|
-
description: `Enable auto-merge for pull requests that Socket opens.\n See ${
|
|
4904
|
+
description: `Enable auto-merge for pull requests that Socket opens.\n See ${vendor.terminalLinkExports('GitHub documentation', 'https://docs.github.com/en/repositories/configuring-branches-and-merges-in-your-repository/configuring-pull-request-merges/managing-auto-merge-for-pull-requests-in-your-repository')} for managing auto-merge for pull requests in your repository.`
|
|
4914
4905
|
},
|
|
4915
4906
|
rangeStyle: {
|
|
4916
4907
|
type: 'string',
|
|
4917
4908
|
default: 'preserve',
|
|
4918
|
-
description:
|
|
4909
|
+
description: vendor.stripIndent`
|
|
4919
4910
|
Define how updated dependency versions should be written in package.json.
|
|
4920
4911
|
Available styles:
|
|
4921
4912
|
* caret - Use ^ range for compatible updates (e.g. ^1.2.3)
|
|
@@ -5024,11 +5015,11 @@ async function fetchPackageInfo(pkgName, pkgVersion, includeAllIssues) {
|
|
|
5024
5015
|
const { NPM: NPM$9 } = registryConstants
|
|
5025
5016
|
function formatScore$1(score) {
|
|
5026
5017
|
if (score > 80) {
|
|
5027
|
-
return
|
|
5018
|
+
return vendor.yoctocolorsCjsExports.green(`${score}`)
|
|
5028
5019
|
} else if (score < 80 && score > 60) {
|
|
5029
|
-
return
|
|
5020
|
+
return vendor.yoctocolorsCjsExports.yellow(`${score}`)
|
|
5030
5021
|
}
|
|
5031
|
-
return
|
|
5022
|
+
return vendor.yoctocolorsCjsExports.red(`${score}`)
|
|
5032
5023
|
}
|
|
5033
5024
|
function outputPackageIssuesDetails(packageData, outputMarkdown) {
|
|
5034
5025
|
const issueDetails = packageData.filter(
|
|
@@ -5076,7 +5067,7 @@ function outputPackageInfo(
|
|
|
5076
5067
|
return
|
|
5077
5068
|
}
|
|
5078
5069
|
if (outputKind === 'markdown') {
|
|
5079
|
-
logger.logger.log(
|
|
5070
|
+
logger.logger.log(vendor.stripIndents`
|
|
5080
5071
|
# Package report for ${pkgName}
|
|
5081
5072
|
|
|
5082
5073
|
Package report card:
|
|
@@ -5133,8 +5124,8 @@ function outputPackageInfo(
|
|
|
5133
5124
|
}
|
|
5134
5125
|
if (outputKind !== 'markdown') {
|
|
5135
5126
|
logger.logger.log(
|
|
5136
|
-
|
|
5137
|
-
`\nOr rerun ${
|
|
5127
|
+
vendor.yoctocolorsCjsExports.dim(
|
|
5128
|
+
`\nOr rerun ${vendor.yoctocolorsCjsExports.italic(commandName)} using the ${vendor.yoctocolorsCjsExports.italic('--json')} flag to get full JSON output`
|
|
5138
5129
|
)
|
|
5139
5130
|
)
|
|
5140
5131
|
} else {
|
|
@@ -5265,7 +5256,7 @@ async function attemptLogin(apiBaseUrl, apiProxy) {
|
|
|
5265
5256
|
apiProxy ??= shadowNpmInject.getConfigValue('apiProxy') ?? undefined
|
|
5266
5257
|
const apiToken =
|
|
5267
5258
|
(await prompts.password({
|
|
5268
|
-
message: `Enter your ${
|
|
5259
|
+
message: `Enter your ${vendor.terminalLinkExports('Socket.dev API key', 'https://docs.socket.dev/docs/api-keys')} (leave blank for a public key)`
|
|
5269
5260
|
})) || SOCKET_PUBLIC_API_TOKEN
|
|
5270
5261
|
// Lazily access constants.spinner.
|
|
5271
5262
|
const { spinner } = constants
|
|
@@ -6011,7 +6002,7 @@ async function run$t(argv, importMeta, { parentName }) {
|
|
|
6011
6002
|
subArgs.push('--verbose')
|
|
6012
6003
|
}
|
|
6013
6004
|
const dir = cwd
|
|
6014
|
-
if (
|
|
6005
|
+
if (require$$0.existsSync(path$1.join(dir, 'build.sbt'))) {
|
|
6015
6006
|
logger.logger.log(
|
|
6016
6007
|
'Detected a Scala sbt build, running default Scala generator...'
|
|
6017
6008
|
)
|
|
@@ -6028,7 +6019,7 @@ async function run$t(argv, importMeta, { parentName }) {
|
|
|
6028
6019
|
})
|
|
6029
6020
|
return
|
|
6030
6021
|
}
|
|
6031
|
-
if (
|
|
6022
|
+
if (require$$0.existsSync(path$1.join(dir, 'gradlew'))) {
|
|
6032
6023
|
logger.logger.log(
|
|
6033
6024
|
'Detected a gradle build, running default gradle generator...'
|
|
6034
6025
|
)
|
|
@@ -6542,7 +6533,7 @@ async function getWorkspaceGlobs(agent, pkgPath, editablePkgJson) {
|
|
|
6542
6533
|
const yml = await shadowNpmInject.safeReadFile(workspacePath)
|
|
6543
6534
|
if (yml) {
|
|
6544
6535
|
try {
|
|
6545
|
-
workspacePatterns =
|
|
6536
|
+
workspacePatterns = vendor.distExports$1.parse(yml)?.packages
|
|
6546
6537
|
} catch {}
|
|
6547
6538
|
if (workspacePatterns) {
|
|
6548
6539
|
break
|
|
@@ -7012,10 +7003,10 @@ async function addOverrides(pkgPath, pkgEnvDetails, options) {
|
|
|
7012
7003
|
const depAliasMap = new Map()
|
|
7013
7004
|
const depEntries = getDependencyEntries(editablePkgJson)
|
|
7014
7005
|
const manifestEntries = manifestNpmOverrides.filter(({ 1: data }) =>
|
|
7015
|
-
|
|
7006
|
+
vendor.semverExports.satisfies(
|
|
7016
7007
|
// Roughly check Node range as semver.coerce will strip leading
|
|
7017
7008
|
// v's, carets (^), comparators (<,<=,>,>=,=), and tildes (~).
|
|
7018
|
-
|
|
7009
|
+
vendor.semverExports.coerce(data.engines.node),
|
|
7019
7010
|
pkgEnvDetails.pkgRequirements.node
|
|
7020
7011
|
)
|
|
7021
7012
|
)
|
|
@@ -7023,7 +7014,7 @@ async function addOverrides(pkgPath, pkgEnvDetails, options) {
|
|
|
7023
7014
|
// Chunk package names to process them in parallel 3 at a time.
|
|
7024
7015
|
await promises.pEach(manifestEntries, 3, async ({ 1: data }) => {
|
|
7025
7016
|
const { name: sockRegPkgName, package: origPkgName, version } = data
|
|
7026
|
-
const major =
|
|
7017
|
+
const major = vendor.semverExports.major(version)
|
|
7027
7018
|
const sockOverridePrefix = `${NPM$1}:${sockRegPkgName}@`
|
|
7028
7019
|
const sockOverrideSpec = `${sockOverridePrefix}${pin ? version : `^${major}`}`
|
|
7029
7020
|
for (const { 1: depObj } of depEntries) {
|
|
@@ -7047,7 +7038,8 @@ async function addOverrides(pkgPath, pkgEnvDetails, options) {
|
|
|
7047
7038
|
thisSpec.startsWith(sockOverridePrefix) &&
|
|
7048
7039
|
// Check the validity of the spec by passing it through npa and
|
|
7049
7040
|
// seeing if it will coerce to a version.
|
|
7050
|
-
|
|
7041
|
+
vendor.semverExports.coerce(vendor.npaExports(thisSpec).rawSpec)
|
|
7042
|
+
?.version
|
|
7051
7043
|
)
|
|
7052
7044
|
) {
|
|
7053
7045
|
thisSpec = sockOverrideSpec
|
|
@@ -7104,20 +7096,22 @@ async function addOverrides(pkgPath, pkgEnvDetails, options) {
|
|
|
7104
7096
|
if (thisSpec.startsWith(sockOverridePrefix)) {
|
|
7105
7097
|
if (
|
|
7106
7098
|
pin &&
|
|
7107
|
-
|
|
7099
|
+
vendor.semverExports.major(
|
|
7108
7100
|
// Check the validity of the spec by passing it through npa
|
|
7109
7101
|
// and seeing if it will coerce to a version. semver.coerce
|
|
7110
7102
|
// will strip leading v's, carets (^), comparators (<,<=,>,>=,=),
|
|
7111
7103
|
// and tildes (~). If not coerced to a valid version then
|
|
7112
7104
|
// default to the manifest entry version.
|
|
7113
|
-
|
|
7105
|
+
vendor.semverExports.coerce(
|
|
7106
|
+
vendor.npaExports(thisSpec).rawSpec
|
|
7107
|
+
)?.version ?? version
|
|
7114
7108
|
) !== major
|
|
7115
7109
|
) {
|
|
7116
7110
|
const otherVersion = (
|
|
7117
7111
|
await packages.fetchPackageManifest(thisSpec)
|
|
7118
7112
|
)?.version
|
|
7119
7113
|
if (otherVersion && otherVersion !== version) {
|
|
7120
|
-
newSpec = `${sockOverridePrefix}${pin ? otherVersion : `^${
|
|
7114
|
+
newSpec = `${sockOverridePrefix}${pin ? otherVersion : `^${vendor.semverExports.major(otherVersion)}`}`
|
|
7121
7115
|
}
|
|
7122
7116
|
}
|
|
7123
7117
|
} else {
|
|
@@ -7135,11 +7129,14 @@ async function addOverrides(pkgPath, pkgEnvDetails, options) {
|
|
|
7135
7129
|
}
|
|
7136
7130
|
})
|
|
7137
7131
|
if (workspaceGlobs) {
|
|
7138
|
-
const workspacePkgJsonPaths = await
|
|
7139
|
-
|
|
7140
|
-
|
|
7141
|
-
|
|
7142
|
-
|
|
7132
|
+
const workspacePkgJsonPaths = await vendor.distExports.glob(
|
|
7133
|
+
workspaceGlobs,
|
|
7134
|
+
{
|
|
7135
|
+
absolute: true,
|
|
7136
|
+
cwd: pkgPath,
|
|
7137
|
+
ignore: ['**/node_modules/**', '**/bower_components/**']
|
|
7138
|
+
}
|
|
7139
|
+
)
|
|
7143
7140
|
// Chunk package names to process them in parallel 3 at a time.
|
|
7144
7141
|
await promises.pEach(
|
|
7145
7142
|
workspacePkgJsonPaths,
|
|
@@ -7376,7 +7373,7 @@ async function outputOrganizationList(data, outputKind = 'text') {
|
|
|
7376
7373
|
}
|
|
7377
7374
|
logger.logger.log('# Organizations\n')
|
|
7378
7375
|
logger.logger.log(
|
|
7379
|
-
`List of organizations associated with your API key, ending with: ${
|
|
7376
|
+
`List of organizations associated with your API key, ending with: ${vendor.yoctocolorsCjsExports.italic(lastFiveOfApiToken)}\n`
|
|
7380
7377
|
)
|
|
7381
7378
|
logger.logger.log(
|
|
7382
7379
|
`| Name${' '.repeat(mw1 - 4)} | ID${' '.repeat(mw2 - 2)} | Plan${' '.repeat(mw3 - 4)} |`
|
|
@@ -7396,12 +7393,12 @@ async function outputOrganizationList(data, outputKind = 'text') {
|
|
|
7396
7393
|
}
|
|
7397
7394
|
default: {
|
|
7398
7395
|
logger.logger.log(
|
|
7399
|
-
`List of organizations associated with your API key, ending with: ${
|
|
7396
|
+
`List of organizations associated with your API key, ending with: ${vendor.yoctocolorsCjsExports.italic(lastFiveOfApiToken)}\n`
|
|
7400
7397
|
)
|
|
7401
7398
|
// Just dump
|
|
7402
7399
|
for (const o of organizations) {
|
|
7403
7400
|
logger.logger.log(
|
|
7404
|
-
`- Name: ${
|
|
7401
|
+
`- Name: ${vendor.yoctocolorsCjsExports.bold(o.name ?? 'undefined')}, ID: ${vendor.yoctocolorsCjsExports.bold(o.id)}, Plan: ${vendor.yoctocolorsCjsExports.bold(o.plan)}`
|
|
7405
7402
|
)
|
|
7406
7403
|
}
|
|
7407
7404
|
}
|
|
@@ -8390,7 +8387,7 @@ function outputPurlsShallowScore(purls, packageData, outputKind) {
|
|
|
8390
8387
|
return true // not found
|
|
8391
8388
|
})
|
|
8392
8389
|
if (outputKind === 'markdown') {
|
|
8393
|
-
logger.logger.log(
|
|
8390
|
+
logger.logger.log(vendor.stripIndents`
|
|
8394
8391
|
# Shallow Package Report
|
|
8395
8392
|
|
|
8396
8393
|
This report contains the response for requesting data on some package url(s).
|
|
@@ -8404,14 +8401,16 @@ function outputPurlsShallowScore(purls, packageData, outputKind) {
|
|
|
8404
8401
|
`)
|
|
8405
8402
|
return
|
|
8406
8403
|
}
|
|
8407
|
-
logger.logger.log(
|
|
8404
|
+
logger.logger.log(
|
|
8405
|
+
'\n' + vendor.yoctocolorsCjsExports.bold('Shallow Package Score') + '\n'
|
|
8406
|
+
)
|
|
8408
8407
|
logger.logger.log(
|
|
8409
8408
|
'Please note: The listed scores are ONLY for the package itself. It does NOT\n' +
|
|
8410
8409
|
' reflect the scores of any dependencies, transitive or otherwise.'
|
|
8411
8410
|
)
|
|
8412
8411
|
if (missing.length) {
|
|
8413
8412
|
logger.logger.log(
|
|
8414
|
-
`\nAt least one package had no response or the purl was not canonical:\n${missing.map(purl => '\n- ' +
|
|
8413
|
+
`\nAt least one package had no response or the purl was not canonical:\n${missing.map(purl => '\n- ' + vendor.yoctocolorsCjsExports.bold(purl)).join('')}`
|
|
8415
8414
|
)
|
|
8416
8415
|
}
|
|
8417
8416
|
packageData.forEach(data => {
|
|
@@ -8431,7 +8430,7 @@ function formatReportCard(data, color) {
|
|
|
8431
8430
|
const alertString = getAlertString(data.alerts, !color)
|
|
8432
8431
|
const purl = 'pkg:' + data.type + '/' + data.name + '@' + data.version
|
|
8433
8432
|
return [
|
|
8434
|
-
'Package: ' + (color ?
|
|
8433
|
+
'Package: ' + (color ? vendor.yoctocolorsCjsExports.bold(purl) : purl),
|
|
8435
8434
|
'',
|
|
8436
8435
|
...Object.entries(scoreResult).map(
|
|
8437
8436
|
score =>
|
|
@@ -8447,16 +8446,18 @@ function formatScore(score, noColor = false, pad = false) {
|
|
|
8447
8446
|
return padded
|
|
8448
8447
|
}
|
|
8449
8448
|
if (score >= 80) {
|
|
8450
|
-
return
|
|
8449
|
+
return vendor.yoctocolorsCjsExports.green(padded)
|
|
8451
8450
|
}
|
|
8452
8451
|
if (score >= 60) {
|
|
8453
|
-
return
|
|
8452
|
+
return vendor.yoctocolorsCjsExports.yellow(padded)
|
|
8454
8453
|
}
|
|
8455
|
-
return
|
|
8454
|
+
return vendor.yoctocolorsCjsExports.red(padded)
|
|
8456
8455
|
}
|
|
8457
8456
|
function getAlertString(alerts, noColor = false) {
|
|
8458
8457
|
if (!alerts?.length) {
|
|
8459
|
-
return noColor
|
|
8458
|
+
return noColor
|
|
8459
|
+
? `- Alerts: none!`
|
|
8460
|
+
: `- Alerts: ${vendor.yoctocolorsCjsExports.green('none')}!`
|
|
8460
8461
|
}
|
|
8461
8462
|
const bad = alerts
|
|
8462
8463
|
.filter(alert => alert.severity !== 'low' && alert.severity !== 'middle')
|
|
@@ -8486,22 +8487,32 @@ function getAlertString(alerts, noColor = false) {
|
|
|
8486
8487
|
)
|
|
8487
8488
|
}
|
|
8488
8489
|
return (
|
|
8489
|
-
`- Alerts (${
|
|
8490
|
+
`- Alerts (${vendor.yoctocolorsCjsExports.red(bad.length.toString())}/${vendor.yoctocolorsCjsExports.yellow(mid.length.toString())}/${low.length}):` +
|
|
8490
8491
|
' '.repeat(Math.max(0, 20 - colorless.length)) +
|
|
8491
8492
|
' ' +
|
|
8492
8493
|
[
|
|
8493
8494
|
bad
|
|
8494
8495
|
.map(alert =>
|
|
8495
|
-
|
|
8496
|
+
vendor.yoctocolorsCjsExports.red(
|
|
8497
|
+
vendor.yoctocolorsCjsExports.dim(`[${alert.severity}] `) +
|
|
8498
|
+
alert.type
|
|
8499
|
+
)
|
|
8496
8500
|
)
|
|
8497
8501
|
.join(', '),
|
|
8498
8502
|
mid
|
|
8499
8503
|
.map(alert =>
|
|
8500
|
-
|
|
8504
|
+
vendor.yoctocolorsCjsExports.yellow(
|
|
8505
|
+
vendor.yoctocolorsCjsExports.dim(`[${alert.severity}] `) +
|
|
8506
|
+
alert.type
|
|
8507
|
+
)
|
|
8501
8508
|
)
|
|
8502
8509
|
.join(', '),
|
|
8503
8510
|
low
|
|
8504
|
-
.map(
|
|
8511
|
+
.map(
|
|
8512
|
+
alert =>
|
|
8513
|
+
vendor.yoctocolorsCjsExports.dim(`[${alert.severity}] `) +
|
|
8514
|
+
alert.type
|
|
8515
|
+
)
|
|
8505
8516
|
.join(', ')
|
|
8506
8517
|
]
|
|
8507
8518
|
.filter(Boolean)
|
|
@@ -9119,27 +9130,27 @@ async function outputListRepos(data, outputKind) {
|
|
|
9119
9130
|
columns: [
|
|
9120
9131
|
{
|
|
9121
9132
|
field: 'id',
|
|
9122
|
-
name:
|
|
9133
|
+
name: vendor.yoctocolorsCjsExports.magenta('ID')
|
|
9123
9134
|
},
|
|
9124
9135
|
{
|
|
9125
9136
|
field: 'name',
|
|
9126
|
-
name:
|
|
9137
|
+
name: vendor.yoctocolorsCjsExports.magenta('Name')
|
|
9127
9138
|
},
|
|
9128
9139
|
{
|
|
9129
9140
|
field: 'visibility',
|
|
9130
|
-
name:
|
|
9141
|
+
name: vendor.yoctocolorsCjsExports.magenta('Visibility')
|
|
9131
9142
|
},
|
|
9132
9143
|
{
|
|
9133
9144
|
field: 'default_branch',
|
|
9134
|
-
name:
|
|
9145
|
+
name: vendor.yoctocolorsCjsExports.magenta('Default branch')
|
|
9135
9146
|
},
|
|
9136
9147
|
{
|
|
9137
9148
|
field: 'archived',
|
|
9138
|
-
name:
|
|
9149
|
+
name: vendor.yoctocolorsCjsExports.magenta('Archived')
|
|
9139
9150
|
}
|
|
9140
9151
|
]
|
|
9141
9152
|
}
|
|
9142
|
-
logger.logger.log(
|
|
9153
|
+
logger.logger.log(vendor.srcExports(options, data.results))
|
|
9143
9154
|
}
|
|
9144
9155
|
|
|
9145
9156
|
async function handleListRepos({
|
|
@@ -9484,35 +9495,35 @@ async function outputViewRepo(data, outputKind) {
|
|
|
9484
9495
|
columns: [
|
|
9485
9496
|
{
|
|
9486
9497
|
field: 'id',
|
|
9487
|
-
name:
|
|
9498
|
+
name: vendor.yoctocolorsCjsExports.magenta('ID')
|
|
9488
9499
|
},
|
|
9489
9500
|
{
|
|
9490
9501
|
field: 'name',
|
|
9491
|
-
name:
|
|
9502
|
+
name: vendor.yoctocolorsCjsExports.magenta('Name')
|
|
9492
9503
|
},
|
|
9493
9504
|
{
|
|
9494
9505
|
field: 'visibility',
|
|
9495
|
-
name:
|
|
9506
|
+
name: vendor.yoctocolorsCjsExports.magenta('Visibility')
|
|
9496
9507
|
},
|
|
9497
9508
|
{
|
|
9498
9509
|
field: 'default_branch',
|
|
9499
|
-
name:
|
|
9510
|
+
name: vendor.yoctocolorsCjsExports.magenta('Default branch')
|
|
9500
9511
|
},
|
|
9501
9512
|
{
|
|
9502
9513
|
field: 'homepage',
|
|
9503
|
-
name:
|
|
9514
|
+
name: vendor.yoctocolorsCjsExports.magenta('Homepage')
|
|
9504
9515
|
},
|
|
9505
9516
|
{
|
|
9506
9517
|
field: 'archived',
|
|
9507
|
-
name:
|
|
9518
|
+
name: vendor.yoctocolorsCjsExports.magenta('Archived')
|
|
9508
9519
|
},
|
|
9509
9520
|
{
|
|
9510
9521
|
field: 'created_at',
|
|
9511
|
-
name:
|
|
9522
|
+
name: vendor.yoctocolorsCjsExports.magenta('Created at')
|
|
9512
9523
|
}
|
|
9513
9524
|
]
|
|
9514
9525
|
}
|
|
9515
|
-
logger.logger.log(
|
|
9526
|
+
logger.logger.log(vendor.srcExports(options, [data]))
|
|
9516
9527
|
}
|
|
9517
9528
|
|
|
9518
9529
|
async function handleViewRepo(orgSlug, repoName, outputKind) {
|
|
@@ -10117,26 +10128,28 @@ async function outputListScans(data, outputKind) {
|
|
|
10117
10128
|
columns: [
|
|
10118
10129
|
{
|
|
10119
10130
|
field: 'id',
|
|
10120
|
-
name:
|
|
10131
|
+
name: vendor.yoctocolorsCjsExports.magenta('ID')
|
|
10121
10132
|
},
|
|
10122
10133
|
{
|
|
10123
10134
|
field: 'report_url',
|
|
10124
|
-
name:
|
|
10135
|
+
name: vendor.yoctocolorsCjsExports.magenta('Scan URL')
|
|
10125
10136
|
},
|
|
10126
10137
|
{
|
|
10127
10138
|
field: 'branch',
|
|
10128
|
-
name:
|
|
10139
|
+
name: vendor.yoctocolorsCjsExports.magenta('Branch')
|
|
10129
10140
|
},
|
|
10130
10141
|
{
|
|
10131
10142
|
field: 'created_at',
|
|
10132
|
-
name:
|
|
10143
|
+
name: vendor.yoctocolorsCjsExports.magenta('Created at')
|
|
10133
10144
|
}
|
|
10134
10145
|
]
|
|
10135
10146
|
}
|
|
10136
10147
|
const formattedResults = data.results.map(d => {
|
|
10137
10148
|
return {
|
|
10138
10149
|
id: d.id,
|
|
10139
|
-
report_url:
|
|
10150
|
+
report_url: vendor.yoctocolorsCjsExports.underline(
|
|
10151
|
+
`${d.html_report_url}`
|
|
10152
|
+
),
|
|
10140
10153
|
created_at: d.created_at
|
|
10141
10154
|
? new Date(d.created_at).toLocaleDateString('en-us', {
|
|
10142
10155
|
year: 'numeric',
|
|
@@ -10147,7 +10160,7 @@ async function outputListScans(data, outputKind) {
|
|
|
10147
10160
|
branch: d.branch
|
|
10148
10161
|
}
|
|
10149
10162
|
})
|
|
10150
|
-
logger.logger.log(
|
|
10163
|
+
logger.logger.log(vendor.srcExports(options, formattedResults))
|
|
10151
10164
|
}
|
|
10152
10165
|
|
|
10153
10166
|
async function handleListScans({
|
|
@@ -11148,7 +11161,7 @@ async function run$1(argv, importMeta, { parentName }) {
|
|
|
11148
11161
|
}
|
|
11149
11162
|
|
|
11150
11163
|
function addSocketWrapper(file) {
|
|
11151
|
-
return
|
|
11164
|
+
return require$$0.appendFile(
|
|
11152
11165
|
file,
|
|
11153
11166
|
'alias npm="socket npm"\nalias npx="socket npx"\n',
|
|
11154
11167
|
err => {
|
|
@@ -11157,7 +11170,7 @@ function addSocketWrapper(file) {
|
|
|
11157
11170
|
}
|
|
11158
11171
|
// TODO: pretty sure you need to source the file or restart
|
|
11159
11172
|
// any terminal session before changes are reflected.
|
|
11160
|
-
logger.logger.log(
|
|
11173
|
+
logger.logger.log(vendor.stripIndents`
|
|
11161
11174
|
The alias was added to ${file}. Running 'npm install' will now be wrapped in Socket's "safe npm" 🎉
|
|
11162
11175
|
If you want to disable it at any time, run \`socket wrapper --disable\`
|
|
11163
11176
|
`)
|
|
@@ -11166,7 +11179,7 @@ If you want to disable it at any time, run \`socket wrapper --disable\`
|
|
|
11166
11179
|
}
|
|
11167
11180
|
|
|
11168
11181
|
function checkSocketWrapperSetup(file) {
|
|
11169
|
-
const fileContent =
|
|
11182
|
+
const fileContent = require$$0.readFileSync(file, 'utf8')
|
|
11170
11183
|
const linesWithSocketAlias = fileContent
|
|
11171
11184
|
.split('\n')
|
|
11172
11185
|
.filter(
|
|
@@ -11185,10 +11198,11 @@ async function postinstallWrapper() {
|
|
|
11185
11198
|
// Lazily access constants.bashRcPath and constants.zshRcPath.
|
|
11186
11199
|
const { bashRcPath, zshRcPath } = constants
|
|
11187
11200
|
const socketWrapperEnabled =
|
|
11188
|
-
(
|
|
11189
|
-
|
|
11201
|
+
(require$$0.existsSync(bashRcPath) &&
|
|
11202
|
+
checkSocketWrapperSetup(bashRcPath)) ||
|
|
11203
|
+
(require$$0.existsSync(zshRcPath) && checkSocketWrapperSetup(zshRcPath))
|
|
11190
11204
|
if (!socketWrapperEnabled) {
|
|
11191
|
-
await installSafeNpm(
|
|
11205
|
+
await installSafeNpm(vendor.stripIndents`
|
|
11192
11206
|
The Socket CLI is now successfully installed! 🎉
|
|
11193
11207
|
|
|
11194
11208
|
To better protect yourself against supply-chain attacks, our "safe npm" wrapper can warn you about malicious packages whenever you run 'npm install'.
|
|
@@ -11213,10 +11227,10 @@ async function installSafeNpm(query) {
|
|
|
11213
11227
|
// Lazily access constants.bashRcPath and constants.zshRcPath.
|
|
11214
11228
|
const { bashRcPath, zshRcPath } = constants
|
|
11215
11229
|
try {
|
|
11216
|
-
if (
|
|
11230
|
+
if (require$$0.existsSync(bashRcPath)) {
|
|
11217
11231
|
addSocketWrapper(bashRcPath)
|
|
11218
11232
|
}
|
|
11219
|
-
if (
|
|
11233
|
+
if (require$$0.existsSync(zshRcPath)) {
|
|
11220
11234
|
addSocketWrapper(zshRcPath)
|
|
11221
11235
|
}
|
|
11222
11236
|
} catch (e) {
|
|
@@ -11228,7 +11242,7 @@ async function installSafeNpm(query) {
|
|
|
11228
11242
|
}
|
|
11229
11243
|
|
|
11230
11244
|
function removeSocketWrapper(file) {
|
|
11231
|
-
return
|
|
11245
|
+
return require$$0.readFile(file, 'utf8', function (err, data) {
|
|
11232
11246
|
if (err) {
|
|
11233
11247
|
logger.logger.fail('There was an error removing the alias:')
|
|
11234
11248
|
logger.logger.error(err)
|
|
@@ -11240,7 +11254,7 @@ function removeSocketWrapper(file) {
|
|
|
11240
11254
|
l => l !== 'alias npm="socket npm"' && l !== 'alias npx="socket npx"'
|
|
11241
11255
|
)
|
|
11242
11256
|
const updatedFileContent = linesWithoutSocketAlias.join('\n')
|
|
11243
|
-
|
|
11257
|
+
require$$0.writeFile(file, updatedFileContent, function (err) {
|
|
11244
11258
|
if (err) {
|
|
11245
11259
|
logger.logger.error(err)
|
|
11246
11260
|
return
|
|
@@ -11328,21 +11342,27 @@ async function run(argv, importMeta, { parentName }) {
|
|
|
11328
11342
|
// Lazily access constants.bashRcPath and constants.zshRcPath.
|
|
11329
11343
|
const { bashRcPath, zshRcPath } = constants
|
|
11330
11344
|
if (enable) {
|
|
11331
|
-
if (
|
|
11345
|
+
if (
|
|
11346
|
+
require$$0.existsSync(bashRcPath) &&
|
|
11347
|
+
!checkSocketWrapperSetup(bashRcPath)
|
|
11348
|
+
) {
|
|
11332
11349
|
addSocketWrapper(bashRcPath)
|
|
11333
11350
|
}
|
|
11334
|
-
if (
|
|
11351
|
+
if (
|
|
11352
|
+
require$$0.existsSync(zshRcPath) &&
|
|
11353
|
+
!checkSocketWrapperSetup(zshRcPath)
|
|
11354
|
+
) {
|
|
11335
11355
|
addSocketWrapper(zshRcPath)
|
|
11336
11356
|
}
|
|
11337
11357
|
} else {
|
|
11338
|
-
if (
|
|
11358
|
+
if (require$$0.existsSync(bashRcPath)) {
|
|
11339
11359
|
removeSocketWrapper(bashRcPath)
|
|
11340
11360
|
}
|
|
11341
|
-
if (
|
|
11361
|
+
if (require$$0.existsSync(zshRcPath)) {
|
|
11342
11362
|
removeSocketWrapper(zshRcPath)
|
|
11343
11363
|
}
|
|
11344
11364
|
}
|
|
11345
|
-
if (!
|
|
11365
|
+
if (!require$$0.existsSync(bashRcPath) && !require$$0.existsSync(zshRcPath)) {
|
|
11346
11366
|
logger.logger.fail(
|
|
11347
11367
|
'There was an issue setting up the alias in your bash profile'
|
|
11348
11368
|
)
|
|
@@ -11356,7 +11376,7 @@ void (async () => {
|
|
|
11356
11376
|
await vendor.updater({
|
|
11357
11377
|
name: SOCKET_CLI_BIN_NAME,
|
|
11358
11378
|
// The '@rollup/plugin-replace' will replace "process.env['INLINED_SOCKET_CLI_VERSION']".
|
|
11359
|
-
version: '0.14.
|
|
11379
|
+
version: '0.14.96',
|
|
11360
11380
|
ttl: 86_400_000 /* 24 hours in milliseconds */
|
|
11361
11381
|
})
|
|
11362
11382
|
try {
|
|
@@ -11393,7 +11413,7 @@ void (async () => {
|
|
|
11393
11413
|
argv: process$1.argv.slice(2),
|
|
11394
11414
|
name: SOCKET_CLI_BIN_NAME,
|
|
11395
11415
|
importMeta: {
|
|
11396
|
-
url: `${require$$0.pathToFileURL(__filename)}`
|
|
11416
|
+
url: `${require$$0$2.pathToFileURL(__filename)}`
|
|
11397
11417
|
}
|
|
11398
11418
|
}
|
|
11399
11419
|
)
|
|
@@ -11411,8 +11431,8 @@ void (async () => {
|
|
|
11411
11431
|
errorBody = e.body
|
|
11412
11432
|
} else if (e instanceof Error) {
|
|
11413
11433
|
errorTitle = 'Unexpected error'
|
|
11414
|
-
errorMessage =
|
|
11415
|
-
errorBody =
|
|
11434
|
+
errorMessage = vendor.messageWithCauses(e)
|
|
11435
|
+
errorBody = vendor.stackWithCauses(e)
|
|
11416
11436
|
} else {
|
|
11417
11437
|
errorTitle = 'Unexpected error with no details'
|
|
11418
11438
|
}
|
|
@@ -11424,5 +11444,5 @@ void (async () => {
|
|
|
11424
11444
|
await shadowNpmInject.captureException(e)
|
|
11425
11445
|
}
|
|
11426
11446
|
})()
|
|
11427
|
-
//# debugId=
|
|
11447
|
+
//# debugId=98a204be-dc7b-4215-8459-2b077524373f
|
|
11428
11448
|
//# sourceMappingURL=cli.js.map
|