@socketsecurity/cli 1.1.36 → 1.1.38

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (11) hide show
  1. package/CHANGELOG.md +11 -1
  2. package/dist/constants.js +3 -3
  3. package/dist/constants.js.map +1 -1
  4. package/dist/tsconfig.dts.tsbuildinfo +1 -1
  5. package/dist/types/utils/cve-to-ghsa.d.mts +1 -0
  6. package/dist/types/utils/cve-to-ghsa.d.mts.map +1 -1
  7. package/dist/types/utils/glob.d.mts.map +1 -1
  8. package/dist/types/utils/path-resolve.d.mts.map +1 -1
  9. package/dist/utils.js +9 -3
  10. package/dist/utils.js.map +1 -1
  11. package/package.json +1 -1
package/dist/types/utils/cve-to-ghsa.d.mts CHANGED
@@ -1,6 +1,7 @@
1
1
  import type { CResult } from '../types.mts';
2
2
  /**
3
3
  * Converts CVE IDs to GHSA IDs using GitHub API.
4
+ * CVE to GHSA mappings are permanent, so we cache for 30 days.
4
5
  */
5
6
  export declare function convertCveToGhsa(cveId: string): Promise<CResult<string>>;
6
7
  //# sourceMappingURL=cve-to-ghsa.d.mts.map
package/dist/types/utils/cve-to-ghsa.d.mts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"cve-to-ghsa.d.mts","sourceRoot":"","sources":["../../../src/utils/cve-to-ghsa.mts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,cAAc,CAAA;AAE3C;;GAEG;AACH,wBAAsB,gBAAgB,CACpC,KAAK,EAAE,MAAM,GACZ,OAAO,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CA6B1B"}
1
+ {"version":3,"file":"cve-to-ghsa.d.mts","sourceRoot":"","sources":["../../../src/utils/cve-to-ghsa.mts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,cAAc,CAAA;AAE3C;;;GAGG;AACH,wBAAsB,gBAAgB,CACpC,KAAK,EAAE,MAAM,GACZ,OAAO,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CA8C1B"}
package/dist/types/utils/glob.d.mts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"glob.d.mts","sourceRoot":"","sources":["../../../src/utils/glob.mts"],"names":[],"mappings":"AAeA,OAAO,KAAK,EAAE,KAAK,EAAE,MAAM,2BAA2B,CAAA;AACtD,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,wBAAwB,CAAA;AACvD,OAAO,KAAK,EAAE,sBAAsB,EAAE,MAAM,qBAAqB,CAAA;AACjE,OAAO,KAAK,EAAE,OAAO,IAAI,WAAW,EAAE,MAAM,WAAW,CAAA;AA4IvD,wBAAgB,0BAA0B,CACxC,SAAS,EAAE,MAAM,EAAE,GAAG,SAAS,MAAM,EAAE,EACvC,cAAc,EAAE,sBAAsB,CAAC,yBAAyB,CAAC,CAAC,MAAM,CAAC,GACxE,MAAM,EAAE,CAGV;AAED,wBAAgB,wBAAwB,CACtC,cAAc,EAAE,sBAAsB,CAAC,yBAAyB,CAAC,CAAC,MAAM,CAAC,GACxE,MAAM,EAAE,CASV;AAED,KAAK,wBAAwB,GAAG,WAAW,GAAG;IAC5C,YAAY,CAAC,EAAE,SAAS,GAAG,SAAS,CAAA;CACrC,CAAA;AAED,wBAAsB,iBAAiB,CACrC,QAAQ,EAAE,MAAM,EAAE,GAAG,SAAS,MAAM,EAAE,EACtC,OAAO,EAAE,wBAAwB,GAChC,OAAO,CAAC,MAAM,EAAE,CAAC,CA+EnB;AAED,wBAAsB,aAAa,CACjC,KAAK,EAAE,KAAK,EACZ,GAAG,SAAgB,GAClB,OAAO,CAAC,MAAM,EAAE,CAAC,CASnB;AAED,wBAAgB,qBAAqB,CACnC,QAAQ,EAAE,MAAM,EAChB,cAAc,EAAE,sBAAsB,CAAC,yBAAyB,CAAC,CAAC,MAAM,CAAC,WAI1E;AAED,wBAAgB,mBAAmB,CACjC,KAAK,EAAE,MAAM,EAAE,GAAG,SAAS,MAAM,EAAE,EACnC,GAAG,CAAC,EAAE,MAAM,GAAG,SAAS,GACvB,MAAM,EAAE,CAcV"}
1
+ {"version":3,"file":"glob.d.mts","sourceRoot":"","sources":["../../../src/utils/glob.mts"],"names":[],"mappings":"AAeA,OAAO,KAAK,EAAE,KAAK,EAAE,MAAM,2BAA2B,CAAA;AACtD,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,wBAAwB,CAAA;AACvD,OAAO,KAAK,EAAE,sBAAsB,EAAE,MAAM,qBAAqB,CAAA;AACjE,OAAO,KAAK,EAAE,OAAO,IAAI,WAAW,EAAE,MAAM,WAAW,CAAA;AA4IvD,wBAAgB,0BAA0B,CACxC,SAAS,EAAE,MAAM,EAAE,GAAG,SAAS,MAAM,EAAE,EACvC,cAAc,EAAE,sBAAsB,CAAC,yBAAyB,CAAC,CAAC,MAAM,CAAC,GACxE,MAAM,EAAE,CAGV;AAED,wBAAgB,wBAAwB,CACtC,cAAc,EAAE,sBAAsB,CAAC,yBAAyB,CAAC,CAAC,MAAM,CAAC,GACxE,MAAM,EAAE,CASV;AAED,KAAK,wBAAwB,GAAG,WAAW,GAAG;IAC5C,YAAY,CAAC,EAAE,SAAS,GAAG,SAAS,CAAA;CACrC,CAAA;AAED,wBAAsB,iBAAiB,CACrC,QAAQ,EAAE,MAAM,EAAE,GAAG,SAAS,MAAM,EAAE,EACtC,OAAO,EAAE,wBAAwB,GAChC,OAAO,CAAC,MAAM,EAAE,CAAC,CA+EnB;AAED,wBAAsB,aAAa,CACjC,KAAK,EAAE,KAAK,EACZ,GAAG,SAAgB,GAClB,OAAO,CAAC,MAAM,EAAE,CAAC,CASnB;AAED,wBAAgB,qBAAqB,CACnC,QAAQ,EAAE,MAAM,EAChB,cAAc,EAAE,sBAAsB,CAAC,yBAAyB,CAAC,CAAC,MAAM,CAAC,WAI1E;AAED,wBAAgB,mBAAmB,CACjC,KAAK,EAAE,MAAM,EAAE,GAAG,SAAS,MAAM,EAAE,EACnC,GAAG,CAAC,EAAE,MAAM,GAAG,SAAS,GACvB,MAAM,EAAE,CAgBV"}
package/dist/types/utils/path-resolve.d.mts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"path-resolve.d.mts","sourceRoot":"","sources":["../../../src/utils/path-resolve.mts"],"names":[],"mappings":"AAgBA,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,wBAAwB,CAAA;AACvD,OAAO,KAAK,EAAE,sBAAsB,EAAE,MAAM,qBAAqB,CAAA;AAEjE,wBAAgB,sBAAsB,CAAC,OAAO,EAAE,MAAM,GAAG;IACvD,IAAI,EAAE,MAAM,CAAA;IACZ,IAAI,EAAE,MAAM,GAAG,SAAS,CAAA;IACxB,QAAQ,EAAE,OAAO,CAAA;CAClB,CA2BA;AAED,wBAAgB,kBAAkB,CAAC,UAAU,EAAE,MAAM,GAAG,MAAM,GAAG,SAAS,CA+CzE;AAED,MAAM,MAAM,0BAA0B,GAAG;IACvC,GAAG,CAAC,EAAE,MAAM,GAAG,SAAS,CAAA;IACxB,MAAM,CAAC,EAAE,SAAS,GAAG,SAAS,CAAA;CAC/B,CAAA;AAED,wBAAsB,sBAAsB,CAC1C,UAAU,EAAE,MAAM,EAAE,EACpB,cAAc,EAAE,sBAAsB,CAAC,yBAAyB,CAAC,CAAC,MAAM,CAAC,EACzE,OAAO,CAAC,EAAE,0BAA0B,GAAG,SAAS,GAC/C,OAAO,CAAC,MAAM,EAAE,CAAC,CAYnB"}
1
+ {"version":3,"file":"path-resolve.d.mts","sourceRoot":"","sources":["../../../src/utils/path-resolve.mts"],"names":[],"mappings":"AAgBA,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,wBAAwB,CAAA;AACvD,OAAO,KAAK,EAAE,sBAAsB,EAAE,MAAM,qBAAqB,CAAA;AAEjE,wBAAgB,sBAAsB,CAAC,OAAO,EAAE,MAAM,GAAG;IACvD,IAAI,EAAE,MAAM,CAAA;IACZ,IAAI,EAAE,MAAM,GAAG,SAAS,CAAA;IACxB,QAAQ,EAAE,OAAO,CAAA;CAClB,CA2BA;AAED,wBAAgB,kBAAkB,CAAC,UAAU,EAAE,MAAM,GAAG,MAAM,GAAG,SAAS,CA+CzE;AAED,MAAM,MAAM,0BAA0B,GAAG;IACvC,GAAG,CAAC,EAAE,MAAM,GAAG,SAAS,CAAA;IACxB,MAAM,CAAC,EAAE,SAAS,GAAG,SAAS,CAAA;CAC/B,CAAA;AAED,wBAAsB,sBAAsB,CAC1C,UAAU,EAAE,MAAM,EAAE,EACpB,cAAc,EAAE,sBAAsB,CAAC,yBAAyB,CAAC,CAAC,MAAM,CAAC,EACzE,OAAO,CAAC,EAAE,0BAA0B,GAAG,SAAS,GAC/C,OAAO,CAAC,MAAM,EAAE,CAAC,CAenB"}
package/dist/utils.js CHANGED
@@ -4220,15 +4220,17 @@ function isPnpmLockfileScanCommand(command) {
4220
4220
 
4221
4221
  /**
4222
4222
  * Converts CVE IDs to GHSA IDs using GitHub API.
4223
+ * CVE to GHSA mappings are permanent, so we cache for 30 days.
4223
4224
  */
4224
4225
  async function convertCveToGhsa(cveId) {
4225
4226
  try {
4226
4227
  const cacheKey = `cve-to-ghsa-${cveId}`;
4227
4228
  const octokit = getOctokit();
4229
+ const THIRTY_DAYS_MS = 30 * 24 * 60 * 60 * 1000;
4228
4230
  const response = await cacheFetch(cacheKey, () => octokit.rest.securityAdvisories.listGlobalAdvisories({
4229
4231
  cve_id: cveId,
4230
4232
  per_page: 1
4231
- }));
4233
+ }), THIRTY_DAYS_MS);
4232
4234
  if (!response.data.length) {
4233
4235
  return {
4234
4236
  ok: false,
@@ -4240,9 +4242,13 @@ async function convertCveToGhsa(cveId) {
4240
4242
  data: response.data[0].ghsa_id
4241
4243
  };
4242
4244
  } catch (e) {
4245
+ const errorCause = getErrorCause(e);
4246
+ const errorLower = errorCause.toLowerCase();
4247
+ // Detect GitHub API rate limit and network errors.
4248
+ const isRateLimitOrNetworkError = errorLower.includes('rate limit') || errorLower.includes('epipe') || errorLower.includes('econnreset') || errorLower.includes('status: 403') || errorLower.includes('status code 403');
4243
4249
  return {
4244
4250
  ok: false,
4245
- message: `Failed to convert CVE to GHSA: ${getErrorCause(e)}`
4251
+ message: isRateLimitOrNetworkError ? 'GitHub API rate limit exceeded while converting CVE to GHSA. Wait an hour or set SOCKET_CLI_GITHUB_TOKEN environment variable with a personal access token for higher limits.' : `Failed to convert CVE to GHSA: ${errorCause}`
4246
4252
  };
4247
4253
  }
4248
4254
  }
@@ -6215,5 +6221,5 @@ exports.updateConfigValue = updateConfigValue;
6215
6221
  exports.walkNestedMap = walkNestedMap;
6216
6222
  exports.webLink = webLink;
6217
6223
  exports.writeSocketJson = writeSocketJson;
6218
- //# debugId=f7f6f837-e9a9-4b4e-a7ab-36f286008941
6224
+ //# debugId=652cf0d7-6cf6-49b1-86ba-204b62a4be68
6219
6225
  //# sourceMappingURL=utils.js.map