@socketsecurity/cli 0.9.3 → 0.10.0

package/lib/commands/scan/stream.js

@@ -0,0 +1,115 @@
+/* eslint-disable no-console */
+
+import chalk from 'chalk'
+import meow from 'meow'
+import ora from 'ora'
+
+import { outputFlags } from '../../flags/index.js'
+import { handleApiCall, handleUnsuccessfulApiResponse } from '../../utils/api-helpers.js'
+import { printFlagList } from '../../utils/formatting.js'
+import { getDefaultKey, setupSdk } from '../../utils/sdk.js'
+
+/** @type {import('../../utils/meow-with-subcommands.js').CliSubcommand} */
+export const stream = {
+  description: 'Stream the output of a scan',
+  async run (argv, importMeta, { parentName }) {
+    const name = parentName + ' stream'
+
+    const input = setupCommand(name, stream.description, argv, importMeta)
+    if (input) {
+      const spinnerText = 'Streaming scan... \n'
+      const spinner = ora(spinnerText).start()
+      await getOrgFullScan(input.orgSlug, input.fullScanId, input.file, spinner)
+    }
+  }
+}
+
+// Internal functions
+
+/**
+ * @typedef CommandContext
+ * @property {boolean} outputJson
+ * @property {boolean} outputMarkdown
+ * @property {string} orgSlug
+ * @property {string} fullScanId
+ * @property {string | undefined} file
+ */
+
+/**
+ * @param {string} name
+ * @param {string} description
+ * @param {readonly string[]} argv
+ * @param {ImportMeta} importMeta
+ * @returns {void|CommandContext}
+ */
+function setupCommand (name, description, argv, importMeta) {
+  const flags = {
+    ...outputFlags
+  }
+
+  const cli = meow(`
+    Usage
+      $ ${name} <org slug> <scan ID> <path to output file>
+
+    Options
+      ${printFlagList(flags, 6)}
+
+    Examples
+      $ ${name} FakeOrg 000aaaa1-0000-0a0a-00a0-00a0000000a0 ./stream.txt
+  `, {
+    argv,
+    description,
+    importMeta,
+    flags
+  })
+
+  const {
+    json: outputJson,
+    markdown: outputMarkdown,
+  } = cli.flags
+
+  if (cli.input.length < 2) {
+    console.error(`${chalk.bgRed('Input error')}: Please specify an organization slug and a scan ID.\n`)
+    cli.showHelp()
+    return
+  }
+
+  const [orgSlug = '', fullScanId = '', file] = cli.input
+
+  return {
+    outputJson,
+    outputMarkdown,
+    orgSlug,
+    fullScanId,
+    file
+  }
+}
+
+/**
+ * @typedef FullScanData
+ * @property {import('@socketsecurity/sdk').SocketSdkReturnType<'getOrgFullScan'>["data"]} data
+ */
+
+/**
+ * @param {string} orgSlug
+ * @param {string} fullScanId
+ * @param {string | undefined} file
+ * @param {import('ora').Ora} spinner
+ * @returns {Promise<void|FullScanData>}
+ */
+async function getOrgFullScan (orgSlug, fullScanId, file, spinner) {
+  const socketSdk = await setupSdk(getDefaultKey())
+  const result = await handleApiCall(socketSdk.getOrgFullScan(orgSlug, fullScanId, file), 'Streaming a scan')
+
+  if (!result?.success) {
+    return handleUnsuccessfulApiResponse('getOrgFullScan', result, spinner)
+  }
+
+  spinner.stop()
+
+  console.log(file ? `\nFull scan details written to ${file} \n` : '\nFull scan details: \n')
+
+  return {
+    data: result.data
+  }
+}

package/lib/commands/wrapper/index.js

@@ -11,7 +11,7 @@ import { printFlagList } from '../../utils/formatting.js'
 const BASH_FILE = `${homedir.homedir()}/.bashrc`
 const ZSH_BASH_FILE = `${homedir.homedir()}/.zshrc`
 
-/** @type {import('../../utils/meow-with-subcommands').CliSubcommand} */
+/** @type {import('../../utils/meow-with-subcommands.js').CliSubcommand} */
 export const wrapper = {
   description: 'Enable or disable the Socket npm/npx wrapper',
   async run (argv, importMeta, { parentName }) {

package/lib/shadow/npm-injection.cjs

@@ -268,7 +268,17 @@ function findRoot (filepath) {
 }
 const npmDir = findRoot(path.dirname(npmEntrypoint))
 const arboristLibClassPath = path.join(npmDir, 'node_modules', '@npmcli', 'arborist', 'lib', 'arborist', 'index.js')
-const npmlog = require(path.join(npmDir, 'node_modules', 'npmlog', 'lib', 'log.js'))
+
+const npmVersion = process.env.NPM_VERSION.split('.')
+let npmlog
+
+if(npmVersion[0] === '10' && npmVersion[1] >= '6'){
+  const { log } = require(path.join(npmDir, 'node_modules', 'proc-log', 'lib', 'index.js'))
+  npmlog = log
+} else {
+  npmlog = require(path.join(npmDir, 'node_modules', 'npmlog', 'lib', 'log.js'))
+}
+
 /**
  * @type {import('pacote')}
  */

package/lib/utils/format-issues.js

@@ -27,7 +27,7 @@ const SEVERITIES_BY_ORDER = /** @type {const} */ ([
 
   return result
 }
-
+/* TODO: Delete this function when we remove the report command */
 /**
  * @param {SocketIssueList} issues
  * @param {SocketIssue['severity']} [lowestToInclude]
@@ -54,6 +54,33 @@ export function getSeverityCount (issues, lowestToInclude) {
   return severityCount
 }
 
+/* The following function is the updated one */
+/**
+ * @param {Array<SocketIssue>} issues
+ * @param {SocketIssue['severity']} [lowestToInclude]
+ * @returns {Record<SocketIssue['severity'], number>}
+ */
+export function getCountSeverity (issues, lowestToInclude) {
+  const severityCount = pick(
+    { low: 0, middle: 0, high: 0, critical: 0 },
+    getDesiredSeverities(lowestToInclude)
+  )
+
+  for (const issue of issues) {
+    const severity = issue.severity
+
+    if (!severity) {
+      continue
+    }
+
+    if (severityCount[severity] !== undefined) {
+      severityCount[severity] += 1
+    }
+  }
+
+  return severityCount
+}
+
 /**
  * @param {Record<SocketIssue['severity'], number>} severityCount
  * @returns {string}

package/lib/utils/meow-with-subcommands.js

@@ -25,9 +25,8 @@ import { printFlagList, printHelpList } from './formatting.js'
  */
 
 /**
- * @template {import('meow').AnyFlags} Flags
  * @param {Record<string, CliSubcommand>} subcommands
- * @param {import('meow').Options<Flags> & { aliases?: CliAliases, argv: readonly string[], name: string }} options
+ * @param {import('meow').Options<any> & { aliases?: CliAliases, argv: readonly string[], name: string }} options
  * @returns {Promise<void>}
  */
 export async function meowWithSubcommands (subcommands, options) {

package/lib/utils/misc.js

@@ -30,7 +30,6 @@ export function stringJoinWithSeparateFinalSeparator (list, separator = ' and ')
 
 /**
  * Returns a new object with only the specified keys from the input object
- *
  * @template {Record<string,any>} T
  * @template {keyof T} K
  * @param {T} input

package/lib/utils/path-resolve.js

@@ -12,7 +12,6 @@ import { isErrnoException } from './type-helpers.cjs'
 
 /**
  * There are a lot of possible folders that we should not be looking in and "ignore-by-default" helps us with defining those
- *
  * @type {readonly string[]}
  */
 const ignoreByDefault = directories()
@@ -31,7 +30,6 @@ const BASE_GLOBBY_OPTS = {
 
 /**
  * Resolves package.json and lockfiles from (globbed) input paths, applying relevant ignores
- *
  * @param {string} cwd The working directory to use when resolving paths
  * @param {string[]} inputPaths A list of paths to folders, package.json files and/or recognized lockfiles. Supports globs.
  * @param {import('@socketsecurity/config').SocketYml|undefined} config
@@ -57,18 +55,46 @@ export async function getPackageFiles (cwd, inputPaths, config, supportedFiles,
   debugLog(`Mapped ${entries.length} entries to ${packageFiles.length} files:`, packageFiles)
 
   const includedPackageFiles = config?.projectIgnorePaths?.length
+    // @ts-ignore
     ? ignore()
       .add(config.projectIgnorePaths)
       .filter(packageFiles.map(item => path.relative(cwd, item)))
-      .map(item => path.resolve(cwd, item))
+      .map((/** @type {string} */ item) => path.resolve(cwd, item))
     : packageFiles
 
   return includedPackageFiles
 }
 
+/**
+ * Resolves package.json and lockfiles from (globbed) input paths, applying relevant ignores
+ * @param {string} cwd The working directory to use when resolving paths
+ * @param {string[]} inputPaths A list of paths to folders, package.json files and/or recognized lockfiles. Supports globs.
+ * @param {import('@socketsecurity/sdk').SocketSdkReturnType<"getReportSupportedFiles">['data']} supportedFiles
+ * @param {typeof console.error} debugLog
+ * @returns {Promise<string[]>}
+ * @throws {InputError}
+ */
+export async function getPackageFilesFullScans (cwd, inputPaths, supportedFiles, debugLog) {
+  debugLog(`Globbed resolving ${inputPaths.length} paths:`, inputPaths)
+
+  // TODO: Does not support `~/` paths
+  const entries = await globby(inputPaths, {
+    ...BASE_GLOBBY_OPTS,
+    cwd,
+    onlyFiles: false
+  })
+
+  debugLog(`Globbed resolved ${inputPaths.length} paths to ${entries.length} paths:`, entries)
+
+  const packageFiles = await mapGlobResultToFiles(entries, supportedFiles)
+
+  debugLog(`Mapped ${entries.length} entries to ${packageFiles.length} files:`, packageFiles)
+
+  return packageFiles
+}
+
 /**
  * Takes paths to folders, package.json and/or recognized lock files and resolves them to package.json + lockfile pairs (where possible)
- *
  * @param {string[]} entries
  * @param {import('@socketsecurity/sdk').SocketSdkReturnType<"getReportSupportedFiles">['data']} supportedFiles
  * @returns {Promise<string[]>}
@@ -86,7 +112,6 @@ export async function mapGlobResultToFiles (entries, supportedFiles) {
 
 /**
  * Takes a single path to a folder, package.json or a recognized lock file and resolves to a package.json + lockfile pair (where possible)
- *
  * @param {string} entry
  * @param {import('@socketsecurity/sdk').SocketSdkReturnType<'getReportSupportedFiles'>['data']} supportedFiles
  * @returns {Promise<string[]>}

package/lib/utils/sdk.js

@@ -13,7 +13,6 @@ export const FREE_API_KEY = 'sktsec_t_--RAN5U4ivauy4w37-6aoKyYPDt5ZbaT5JBVMqiwKo
 
 /**
  * This API key should be stored globally for the duration of the CLI execution
- *
  * @type {string | undefined}
  */
 let defaultKey
@@ -26,7 +25,6 @@ export function getDefaultKey () {
 
 /**
  * The API server that should be used for operations
- *
  * @type {string | undefined}
  */
 let defaultAPIBaseUrl
@@ -41,7 +39,6 @@ export function getDefaultAPIBaseUrl () {
 
 /**
  * The API server that should be used for operations
- *
  * @type {string | undefined}
  */
 let defaultApiProxy

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@socketsecurity/cli",
-  "version": "0.9.3",
+  "version": "0.10.0",
   "description": "CLI tool for Socket.dev",
   "homepage": "http://github.com/SocketDev/socket-cli-js",
   "repository": {
@@ -14,9 +14,6 @@
     "url": "https://socket.dev"
   },
   "license": "MIT",
-  "engines": {
-    "node": "^16.13.0 || >=18.0.0"
-  },
   "type": "module",
   "bin": {
     "socket": "cli.js",
@@ -30,8 +27,83 @@
     "lib/**/*.cjs",
     "lib/shadow/**"
   ],
+  "dependencies": {
+    "@apideck/better-ajv-errors": "^0.3.6",
+    "@cyclonedx/cdxgen": "^10.7.0",
+    "@inquirer/select": "^2.3.5",
+    "@socketsecurity/config": "^2.1.3",
+    "@socketsecurity/sdk": "^1.2.0",
+    "chalk": "^5.3.0",
+    "chalk-table": "^1.0.2",
+    "execa": "^9.1.0",
+    "globby": "^14.0.1",
+    "hpagent": "^1.2.0",
+    "ignore": "^5.3.1",
+    "ignore-by-default": "^2.1.0",
+    "inquirer": "^9.2.23",
+    "is-interactive": "^2.0.0",
+    "is-unicode-supported": "^2.0.0",
+    "meow": "^13.2.0",
+    "open": "^10.1.0",
+    "ora": "^8.0.1",
+    "pony-cause": "^2.1.11",
+    "prompts": "^2.4.2",
+    "synp": "^1.9.13",
+    "terminal-link": "^3.0.0",
+    "update-notifier": "^7.0.0",
+    "which": "^4.0.0",
+    "yargs-parser": "^21.1.1"
+  },
+  "devDependencies": {
+    "@socketsecurity/eslint-config": "^5.0.1",
+    "@tsconfig/node20": "^20.1.4",
+    "@types/chai": "^4.3.16",
+    "@types/chai-as-promised": "^7.1.8",
+    "@types/inquirer": "^9.0.7",
+    "@types/micromatch": "^4.0.7",
+    "@types/mocha": "^10.0.6",
+    "@types/mock-fs": "^4.13.4",
+    "@types/node": "^20.12.13",
+    "@types/npm": "^7.19.3",
+    "@types/npmcli__arborist": "^5.6.6",
+    "@types/prompts": "^2.4.9",
+    "@types/update-notifier": "^6.0.8",
+    "@types/which": "^3.0.4",
+    "@types/yargs-parser": "^21.0.3",
+    "@typescript-eslint/eslint-plugin": "^7.11.0",
+    "@typescript-eslint/parser": "7.10.0",
+    "c8": "^10.1.2",
+    "dependency-check": "^5.0.0-7",
+    "eslint": "^8.56.0",
+    "eslint-config-standard": "^17.1.0",
+    "eslint-config-standard-jsx": "^11.0.0",
+    "eslint-import-resolver-typescript": "^3.6.1",
+    "eslint-plugin-import": "^2.29.1",
+    "eslint-plugin-jsdoc": "^48.2.7",
+    "eslint-plugin-n": "^16.6.2",
+    "eslint-plugin-promise": "^6.2.0",
+    "eslint-plugin-react": "^7.34.2",
+    "eslint-plugin-react-hooks": "^4.6.2",
+    "eslint-plugin-unicorn": "^48.0.1",
+    "husky": "^9.0.11",
+    "installed-check": "^9.3.0",
+    "mock-fs": "^5.2.0",
+    "nock": "^13.5.4",
+    "npm-run-all2": "^6.2.0",
+    "type-coverage": "^2.29.0",
+    "typescript": "~5.5.2"
+  },
+  "overrides": {
+    "@cyclonedx/cdxgen": {
+      "packageurl-js": "https://registry.npmjs.org/@jdalton/packageurl-js/-/packageurl-js-1.2.7.tgz"
+    }
+  },
+  "engines": {
+    "node": "^20.9.0 || >=21.1.0"
+  },
+
   "scripts": {
-    "check:dependency-check": "dependency-check '*.js' 'lib/shadow/*.cjs' '*.mjs' 'test/**/*.js' --no-dev --ignore-module node:test --ignore-module node:assert/strict",
+    "check:dependency-check": "dependency-check '*.js' 'lib/shadow/*.cjs' '*.mjs' 'test/**/*.js' --no-dev --ignore-module node:* --ignore-module @cyclonedx/* --ignore-module synp",
     "check:installed-check": "installed-check -i eslint-plugin-jsdoc",
     "check:lint": "eslint --report-unused-disable-directives .",
     "check:tsc": "tsc",
@@ -42,61 +114,5 @@
     "test-ci": "run-s test:*",
     "test": "run-s check test:*",
     "//postinstall": "node ./cli.js wrapper --postinstall"
-  },
-  "devDependencies": {
-    "@socketsecurity/eslint-config": "^3.0.1",
-    "@tsconfig/node14": "^14.1.0",
-    "@types/chai": "^4.3.3",
-    "@types/chai-as-promised": "^7.1.5",
-    "@types/micromatch": "^4.0.2",
-    "@types/mocha": "^10.0.1",
-    "@types/mock-fs": "^4.13.1",
-    "@types/node": "^20.4.2",
-    "@types/npm": "^7.19.0",
-    "@types/npmcli__arborist": "^5.6.1",
-    "@types/prompts": "^2.4.1",
-    "@types/update-notifier": "^6.0.2",
-    "@types/which": "^3.0.0",
-    "@typescript-eslint/eslint-plugin": "^5.51.0",
-    "@typescript-eslint/parser": "^5.51.0",
-    "c8": "^8.0.0",
-    "dependency-check": "^5.0.0-7",
-    "eslint": "^8.34.0",
-    "eslint-config-standard": "^17.0.0",
-    "eslint-config-standard-jsx": "^11.0.0",
-    "eslint-import-resolver-typescript": "^3.5.3",
-    "eslint-plugin-import": "^2.27.5",
-    "eslint-plugin-jsdoc": "^40.0.0",
-    "eslint-plugin-n": "^15.6.1",
-    "eslint-plugin-promise": "^6.1.1",
-    "eslint-plugin-react": "^7.32.2",
-    "eslint-plugin-react-hooks": "^4.6.0",
-    "eslint-plugin-unicorn": "^45.0.2",
-    "husky": "^8.0.1",
-    "installed-check": "^6.0.5",
-    "mock-fs": "^5.2.0",
-    "nock": "^13.3.0",
-    "npm-run-all2": "^6.0.2",
-    "type-coverage": "^2.24.1",
-    "typescript": "~5.1.6"
-  },
-  "dependencies": {
-    "@apideck/better-ajv-errors": "^0.3.6",
-    "@socketsecurity/config": "^2.0.0",
-    "@socketsecurity/sdk": "^0.7.3",
-    "chalk": "^5.1.2",
-    "globby": "^13.1.3",
-    "hpagent": "^1.2.0",
-    "ignore": "^5.2.1",
-    "ignore-by-default": "^2.1.0",
-    "is-interactive": "^2.0.0",
-    "is-unicode-supported": "^1.3.0",
-    "meow": "^12.0.1",
-    "ora": "^6.1.2",
-    "pony-cause": "^2.1.8",
-    "prompts": "^2.4.2",
-    "terminal-link": "^3.0.0",
-    "update-notifier": "^6.0.2",
-    "which": "^3.0.0"
   }
 }