@socketsecurity/cli 0.4.0 → 0.4.2-provenance

package/LICENSE

@@ -1,4 +1,4 @@
-The MIT License (MIT)
+MIT License
 
 Copyright (c) 2022 Socket Inc
 

package/README.md

@@ -1,6 +1,6 @@
 # Socket CLI
 
-[![Socket Badge](https://socket.dev/api/badge/npm/pkg/@socketsecurity/cli)](https://socket.dev/npm/package/@socketsecurity/cli)
+[![Socket Badge](https://socket.dev/api/badge/npm/package/@socketsecurity/cli)](https://socket.dev/npm/package/@socketsecurity/cli)
 [![npm version](https://img.shields.io/npm/v/@socketsecurity/cli.svg?style=flat)](https://www.npmjs.com/package/@socketsecurity/cli)
 [![js-standard-style](https://img.shields.io/badge/code%20style-standard-brightgreen.svg)](https://github.com/SocketDev/eslint-config)
 [![Follow @SocketSecurity](https://img.shields.io/twitter/follow/SocketSecurity?style=social)](https://twitter.com/SocketSecurity)
@@ -34,6 +34,12 @@ socket report view QXU8PmK7LfH608RAwfIKdbcHgwEd_ZeWJ9QEGv05FJUQ
 
 * `socket report view <report-id>` - looks up issues and scores from a report
 
+## Aliases
+
+All aliases supports flags and arguments of the commands they alias.
+
+* `socket ci` - alias for `socket report create --view --strict` which creates a report and quits with an exit code if the result is unhealthy. Use like eg. `socket ci .` for a report for the current folder
+
 ## Flags
 
 ### Command specific flags

package/cli.js

@@ -18,6 +18,12 @@ try {
   await meowWithSubcommands(
     cliCommands,
     {
+      aliases: {
+        ci: {
+          description: 'Alias for "report create --view --strict"',
+          argv: ['report', 'create', '--view', '--strict']
+        },
+      },
       argv: process.argv.slice(2),
       name: 'socket',
       importMeta: import.meta

package/lib/commands/info/index.js

@@ -4,6 +4,7 @@ import chalk from 'chalk'
 import meow from 'meow'
 import ora from 'ora'
 
+import { outputFlags, validationFlags } from '../../flags/index.js'
 import { handleApiCall, handleUnsuccessfulApiResponse } from '../../utils/api-helpers.js'
 import { ChalkOrMarkdown } from '../../utils/chalk-markdown.js'
 import { InputError } from '../../utils/errors.js'
@@ -47,17 +48,17 @@ export const info = {
  * @returns {void|CommandContext}
  */
 function setupCommand (name, description, argv, importMeta) {
+  const flags = {
+    ...outputFlags,
+    ...validationFlags,
+  }
+
   const cli = meow(`
     Usage
       $ ${name} <name>
 
     Options
-      ${printFlagList({
-        '--all': 'Include all issues',
-        '--json': 'Output result as json',
-        '--markdown': 'Output result as markdown',
-        '--strict': 'Exits with an error code if any matching issues are found',
-      }, 6)}
+      ${printFlagList(flags, 6)}
 
     Examples
       $ ${name} webtorrent
@@ -66,26 +67,7 @@ function setupCommand (name, description, argv, importMeta) {
     argv,
     description,
     importMeta,
-    flags: {
-      all: {
-        type: 'boolean',
-        default: false,
-      },
-      json: {
-        type: 'boolean',
-        alias: 'j',
-        default: false,
-      },
-      markdown: {
-        type: 'boolean',
-        alias: 'm',
-        default: false,
-      },
-      strict: {
-        type: 'boolean',
-        default: false,
-      },
-    }
+    flags
   })
 
   const {
@@ -147,7 +129,7 @@ async function fetchPackageData (pkgName, pkgVersion, { includeAllIssues, strict
   const result = await handleApiCall(socketSdk.getIssuesByNPMPackage(pkgName, pkgVersion), spinner, 'looking up package')
 
   if (result.success === false) {
-    return handleUnsuccessfulApiResponse(result, spinner)
+    return handleUnsuccessfulApiResponse('getIssuesByNPMPackage', result, spinner)
   }
 
   // Conclude the status of the API call

package/lib/commands/report/create.js

@@ -9,9 +9,11 @@ import ora from 'ora'
 import { ErrorWithCause } from 'pony-cause'
 
 import { fetchReportData, formatReportDataOutput } from './view.js'
+import { outputFlags, validationFlags } from '../../flags/index.js'
 import { handleApiCall, handleUnsuccessfulApiResponse } from '../../utils/api-helpers.js'
 import { ChalkOrMarkdown, logSymbols } from '../../utils/chalk-markdown.js'
 import { InputError } from '../../utils/errors.js'
+import { prepareFlags } from '../../utils/flags.js'
 import { printFlagList } from '../../utils/formatting.js'
 import { createDebugLogger } from '../../utils/misc.js'
 import { getPackageFiles } from '../../utils/path-resolve.js'
@@ -79,6 +81,28 @@ export const create = {
  * @returns {Promise<void|CommandContext>}
  */
 async function setupCommand (name, description, argv, importMeta) {
+  const flags = prepareFlags({
+    ...outputFlags,
+    ...validationFlags,
+    debug: {
+      type: 'boolean',
+      alias: 'd',
+      default: false,
+      description: 'Output debug information',
+    },
+    dryRun: {
+      type: 'boolean',
+      default: false,
+      description: 'Only output what will be done without actually doing it',
+    },
+    view: {
+      type: 'boolean',
+      alias: 'v',
+      default: false,
+      description: 'Will wait for and return the created report'
+    },
+  })
+
   const cli = meow(`
     Usage
       $ ${name} <paths-to-package-folders-and-files>
@@ -114,40 +138,7 @@ async function setupCommand (name, description, argv, importMeta) {
     argv,
     description,
     importMeta,
-    flags: {
-      all: {
-        type: 'boolean',
-        default: false,
-      },
-      debug: {
-        type: 'boolean',
-        alias: 'd',
-        default: false,
-      },
-      dryRun: {
-        type: 'boolean',
-        default: false,
-      },
-      json: {
-        type: 'boolean',
-        alias: 'j',
-        default: false,
-      },
-      markdown: {
-        type: 'boolean',
-        alias: 'm',
-        default: false,
-      },
-      strict: {
-        type: 'boolean',
-        default: false,
-      },
-      view: {
-        type: 'boolean',
-        alias: 'v',
-        default: false,
-      },
-    }
+    flags,
   })
 
   const {
@@ -224,7 +215,7 @@ async function createReport (packagePaths, { config, cwd, debugLog, dryRun }) {
   const result = await handleApiCall(apiCall, spinner, 'creating report')
 
   if (result.success === false) {
-    return handleUnsuccessfulApiResponse(result, spinner)
+    return handleUnsuccessfulApiResponse('createReport', result, spinner)
   }
 
   // Conclude the status of the API call

package/lib/commands/report/view.js

@@ -4,6 +4,7 @@ import chalk from 'chalk'
 import meow from 'meow'
 import ora from 'ora'
 
+import { outputFlags, validationFlags } from '../../flags/index.js'
 import { handleApiCall, handleUnsuccessfulApiResponse } from '../../utils/api-helpers.js'
 import { ChalkOrMarkdown } from '../../utils/chalk-markdown.js'
 import { InputError } from '../../utils/errors.js'
@@ -28,7 +29,6 @@ export const view = {
 
 // Internal functions
 
-// TODO: Share more of the flag setup inbetween the commands
 /**
  * @typedef CommandContext
  * @property {boolean} includeAllIssues
@@ -46,17 +46,17 @@ export const view = {
  * @returns {void|CommandContext}
  */
 function setupCommand (name, description, argv, importMeta) {
+  const flags = {
+    ...outputFlags,
+    ...validationFlags,
+  }
+
   const cli = meow(`
     Usage
       $ ${name} <report-identifier>
 
     Options
-      ${printFlagList({
-        '--all': 'Include all issues',
-        '--json': 'Output result as json',
-        '--markdown': 'Output result as markdown',
-        '--strict': 'Exits with an error code if report result is deemed unhealthy',
-      }, 6)}
+      ${printFlagList(flags, 6)}
 
     Examples
       $ ${name} QXU8PmK7LfH608RAwfIKdbcHgwEd_ZeWJ9QEGv05FJUQ
@@ -64,26 +64,7 @@ function setupCommand (name, description, argv, importMeta) {
     argv,
     description,
     importMeta,
-    flags: {
-      all: {
-        type: 'boolean',
-        default: false,
-      },
-      json: {
-        type: 'boolean',
-        alias: 'j',
-        default: false,
-      },
-      markdown: {
-        type: 'boolean',
-        alias: 'm',
-        default: false,
-      },
-      strict: {
-        type: 'boolean',
-        default: false,
-      },
-    }
+    flags,
   })
 
   // Extract the input
@@ -134,7 +115,7 @@ export async function fetchReportData (reportId, { includeAllIssues, strict }) {
   const result = await handleApiCall(socketSdk.getReport(reportId), spinner, 'fetching report')
 
   if (result.success === false) {
-    return handleUnsuccessfulApiResponse(result, spinner)
+    return handleUnsuccessfulApiResponse('getReport', result, spinner)
   }
 
   // Conclude the status of the API call

package/lib/flags/index.js

@@ -0,0 +1,2 @@
+export { outputFlags } from './output.js'
+export { validationFlags } from './validation.js'

package/lib/flags/output.js

@@ -0,0 +1,16 @@
+import { prepareFlags } from '../utils/flags.js'
+
+export const outputFlags = prepareFlags({
+  json: {
+    type: 'boolean',
+    alias: 'j',
+    default: false,
+  description: 'Output result as json',
+  },
+  markdown: {
+    type: 'boolean',
+    alias: 'm',
+    default: false,
+  description: 'Output result as markdown',
+  },
+})

package/lib/flags/validation.js

@@ -0,0 +1,14 @@
+import { prepareFlags } from '../utils/flags.js'
+
+export const validationFlags = prepareFlags({
+  all: {
+    type: 'boolean',
+    default: false,
+  description: 'Include all issues',
+  },
+  strict: {
+    type: 'boolean',
+    default: false,
+  description: 'Exits with an error code if any matching issues are found',
+  },
+})

package/lib/utils/api-helpers.js

@@ -4,12 +4,13 @@ import { ErrorWithCause } from 'pony-cause'
 import { AuthError } from './errors.js'
 
 /**
- * @template T
+ * @template {import('@socketsecurity/sdk').SocketSdkOperations} T
+ * @param {T} _name
  * @param {import('@socketsecurity/sdk').SocketSdkErrorType<T>} result
  * @param {import('ora').Ora} spinner
  * @returns {void}
  */
-export function handleUnsuccessfulApiResponse (result, spinner) {
+export function handleUnsuccessfulApiResponse (_name, result, spinner) {
   const resultError = 'error' in result && result.error && typeof result.error === 'object' ? result.error : {}
   const message = 'message' in resultError && typeof resultError.message === 'string' ? resultError.message : 'No error message returned'
 

package/lib/utils/flags.js

@@ -0,0 +1,27 @@
+/**
+ * @typedef FlagExtensions
+ * @property {string} description
+ */
+
+/**
+ * @template {import('meow').FlagType} Type
+ * @template Default
+ * @template {boolean} [IsMultiple=false]
+ * @typedef {import('meow').Flag<Type, Default, IsMultiple> & FlagExtensions} Flag
+ */
+
+/** @typedef {Flag<'string', string> | Flag<'string', string[], true>} StringFlag */
+/** @typedef {Flag<'boolean', boolean> | Flag<'boolean', boolean[], true>} BooleanFlag */
+/** @typedef {Flag<'number', number> | Flag<'number', number[], true>} NumberFlag */
+/** @typedef {StringFlag | BooleanFlag | NumberFlag} AnyFlag */
+/** @typedef {Record<string, AnyFlag>} AnyFlags */
+
+/**
+ * @template {AnyFlags} Flags
+ * @param {Flags} flags
+ * @returns {Readonly<Flags>}
+ */
+export function prepareFlags (flags) {
+  // As we can't do "satisfies AnyFlags" in JS yet (+ we add a bonus through Readonly<>)
+  return flags
+}

package/lib/utils/formatting.js

@@ -1,12 +1,23 @@
 /** @typedef {string|{ description: string }} ListDescription */
 
+/**
+ * @typedef HelpListOptions
+ * @property {string} [keyPrefix]
+ * @property {number} [padName]
+ */
+
 /**
  * @param {Record<string,ListDescription>} list
  * @param {number} indent
- * @param {number} padName
+ * @param {HelpListOptions} options
  * @returns {string}
  */
-export function printHelpList (list, indent, padName = 18) {
+export function printHelpList (list, indent, options = {}) {
+  const {
+    keyPrefix = '',
+    padName = 18,
+  } = options
+
   const names = Object.keys(list).sort()
 
   let result = ''
@@ -15,22 +26,22 @@ export function printHelpList (list, indent, padName = 18) {
     const rawDescription = list[name]
     const description = (typeof rawDescription === 'object' ? rawDescription.description : rawDescription) || ''
 
-    result += ''.padEnd(indent) + name.padEnd(padName) + description + '\n'
+    result += ''.padEnd(indent) + (keyPrefix + name).padEnd(padName) + description + '\n'
   }
 
   return result.trim()
 }
 
 /**
- * @param {Record<string,ListDescription>} list
+ * @param {Record<string, ListDescription>} list
  * @param {number} indent
- * @param {number} padName
+ * @param {HelpListOptions} options
  * @returns {string}
  */
- export function printFlagList (list, indent, padName = 18) {
+export function printFlagList (list, indent, options = {}) {
   return printHelpList({
-    '--help': 'Print this help and exits.',
-    '--version': 'Prints current version and exits.',
+    'help': 'Print this help and exits.',
+    'version': 'Prints current version and exits.',
     ...list,
-  }, indent, padName)
+  }, indent, { keyPrefix: '--', ...options })
 }

package/lib/utils/meow-with-subcommands.js

@@ -1,7 +1,14 @@
 import meow from 'meow'
 
 import { printFlagList, printHelpList } from './formatting.js'
-import { ensureIsKeyOf } from './type-helpers.js'
+
+/**
+ * @typedef CliAlias
+ * @property {string} description
+ * @property {readonly string[]} argv
+ */
+
+/** @typedef {Record<string, CliAlias>} CliAliases */
 
 /**
  * @callback CliSubcommandRun
@@ -20,39 +27,51 @@ import { ensureIsKeyOf } from './type-helpers.js'
 /**
  * @template {import('meow').AnyFlags} Flags
  * @param {Record<string, CliSubcommand>} subcommands
- * @param {import('meow').Options<Flags> & { argv: readonly string[], name: string }} options
+ * @param {import('meow').Options<Flags> & { aliases?: CliAliases, argv: readonly string[], name: string }} options
  * @returns {Promise<void>}
  */
 export async function meowWithSubcommands (subcommands, options) {
   const {
+    aliases = {},
     argv,
     name,
     importMeta,
     ...additionalOptions
   } = options
-  const [rawCommandName, ...commandArgv] = argv
-
-  const commandName = ensureIsKeyOf(subcommands, rawCommandName)
-  const command = commandName ? subcommands[commandName] : undefined
-
-  // If a valid command has been specified, run it...
-  if (command) {
-    return await command.run(
-      commandArgv,
-      importMeta,
-      {
-        parentName: name
-      }
-    )
+
+  const [commandOrAliasName, ...rawCommandArgv] = argv
+
+  // If we got at least some args, then lets find out if we can find a command
+  if (commandOrAliasName) {
+    const alias = aliases[commandOrAliasName]
+
+    // First: Resolve argv data from alias if its an alias that's been given
+    const [commandName, ...commandArgv] = alias
+      ? [...alias.argv, ...rawCommandArgv]
+      : [commandOrAliasName, ...rawCommandArgv]
+
+    // Second: Find a command definition using that data
+    const commandDefinition = commandName ? subcommands[commandName] : undefined
+
+    // Third: If a valid command has been found, then we run it...
+    if (commandDefinition) {
+      return await commandDefinition.run(
+        commandArgv,
+        importMeta,
+        {
+          parentName: name
+        }
+      )
+    }
   }
 
-  // ...else provide basic instructions and help
+  // ...else we provide basic instructions and help
   const cli = meow(`
     Usage
       $ ${name} <command>
 
     Commands
-      ${printHelpList(subcommands, 6)}
+      ${printHelpList({ ...subcommands, ...aliases }, 6)}
 
     Options
       ${printFlagList({}, 6)}

package/lib/utils/path-resolve.js

@@ -39,6 +39,9 @@ const GLOB_IGNORE = [
  * @throws {InputError}
  */
 export async function getPackageFiles (cwd, inputPaths, config, debugLog) {
+  debugLog(`Globbed resolving ${inputPaths.length} paths:`, inputPaths)
+
+  // TODO: Does not support `~/` paths
   const entries = await globby(inputPaths, {
     absolute: true,
     cwd,

package/lib/utils/sdk.js

@@ -9,10 +9,17 @@ import prompts from 'prompts'
 import { AuthError } from './errors.js'
 
 /**
- * @returns {Promise<import('@socketsecurity/sdk').SocketSdk>}
+ * The API key should be stored globally for the duration of the CLI execution
+ *
+ * @type {string | undefined}
  */
+let apiKey
+
+/** @returns {Promise<import('@socketsecurity/sdk').SocketSdk>} */
 export async function setupSdk () {
-  let apiKey = process.env['SOCKET_SECURITY_API_KEY']
+  if (!apiKey) {
+    apiKey = process.env['SOCKET_SECURITY_API_KEY']
+  }
 
   if (!apiKey && isInteractive()) {
     const input = await prompts({

package/lib/utils/type-helpers.js

@@ -1,13 +1,3 @@
-/**
- * @template T
- * @param {T} obj
- * @param {string|undefined} key
- * @returns {(keyof T) | undefined}
- */
-export function ensureIsKeyOf (obj, key) {
-  return /** @type {keyof T} */ (key && Object.prototype.hasOwnProperty.call(obj, key) ? key : undefined)
-}
-
 /**
  * @param {unknown} value
  * @returns {value is NodeJS.ErrnoException}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@socketsecurity/cli",
-  "version": "0.4.0",
+  "version": "0.4.2-provenance",
   "description": "CLI tool for Socket.dev",
   "homepage": "http://github.com/SocketDev/socket-cli-js",
   "repository": {
@@ -38,7 +38,7 @@
     "test": "run-s check test:*"
   },
   "devDependencies": {
-    "@socketsecurity/eslint-config": "^1.0.0",
+    "@socketsecurity/eslint-config": "^2.0.0",
     "@tsconfig/node14": "^1.0.3",
     "@types/chai": "^4.3.3",
     "@types/chai-as-promised": "^7.1.5",
@@ -46,22 +46,22 @@
     "@types/mock-fs": "^4.13.1",
     "@types/node": "^14.18.31",
     "@types/prompts": "^2.4.1",
-    "@types/update-notifier": "^6.0.1",
-    "@typescript-eslint/eslint-plugin": "^5.48.2",
-    "@typescript-eslint/parser": "^5.48.2",
+    "@types/update-notifier": "^6.0.2",
+    "@typescript-eslint/eslint-plugin": "^5.51.0",
+    "@typescript-eslint/parser": "^5.51.0",
     "c8": "^7.12.0",
     "chai": "^4.3.6",
     "chai-as-promised": "^7.1.1",
     "dependency-check": "^5.0.0-7",
-    "eslint": "^8.32.0",
+    "eslint": "^8.34.0",
     "eslint-config-standard": "^17.0.0",
     "eslint-config-standard-jsx": "^11.0.0",
     "eslint-import-resolver-typescript": "^3.5.3",
     "eslint-plugin-import": "^2.27.5",
-    "eslint-plugin-jsdoc": "^39.5.0",
+    "eslint-plugin-jsdoc": "^40.0.0",
     "eslint-plugin-n": "^15.6.1",
     "eslint-plugin-promise": "^6.1.1",
-    "eslint-plugin-react": "^7.32.1",
+    "eslint-plugin-react": "^7.32.2",
     "eslint-plugin-react-hooks": "^4.6.0",
     "eslint-plugin-unicorn": "^45.0.2",
     "husky": "^8.0.1",
@@ -71,12 +71,12 @@
     "nock": "^13.3.0",
     "npm-run-all2": "^6.0.2",
     "type-coverage": "^2.24.1",
-    "typescript": "~4.9.4"
+    "typescript": "~4.9.5"
   },
   "dependencies": {
     "@apideck/better-ajv-errors": "^0.3.6",
     "@socketsecurity/config": "^2.0.0",
-    "@socketsecurity/sdk": "^0.5.2",
+    "@socketsecurity/sdk": "^0.5.4",
     "chalk": "^5.1.2",
     "globby": "^13.1.3",
     "hpagent": "^1.2.0",