@socketsecurity/lib 3.3.0 → 3.3.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +7 -0
- package/README.md +3 -2
- package/dist/constants/node.js +1 -1
- package/dist/constants/packages.js +6 -6
- package/dist/constants/socket.d.ts +1 -0
- package/dist/constants/socket.js +3 -0
- package/dist/external/@inquirer/checkbox.js +3361 -3
- package/dist/external/@inquirer/confirm.js +1 -0
- package/dist/external/@inquirer/input.js +1 -0
- package/dist/external/@inquirer/password.js +1 -0
- package/dist/external/@inquirer/search.js +1 -0
- package/dist/external/@inquirer/select.js +1 -0
- package/dist/lifecycle-script-names.d.ts +1 -2
- package/dist/lifecycle-script-names.js +2 -4
- package/dist/maintained-node-versions.d.ts +1 -2
- package/dist/maintained-node-versions.js +2 -4
- package/dist/package-default-node-range.d.ts +1 -2
- package/dist/package-default-node-range.js +3 -5
- package/dist/package-default-socket-categories.d.ts +1 -2
- package/dist/package-default-socket-categories.js +2 -4
- package/dist/package-extensions.d.ts +1 -2
- package/dist/package-extensions.js +2 -4
- package/dist/path.d.ts +11 -0
- package/dist/stdio/prompts.d.ts +17 -0
- package/dist/stdio/prompts.js +10 -11
- package/package.json +6 -3
- package/dist/external/@inquirer/core.js +0 -4
- package/dist/external/@inquirer/prompts.js +0 -4
|
@@ -3202,3 +3202,4 @@ var require_commonjs4 = __commonJS({
|
|
|
3202
3202
|
|
|
3203
3203
|
// src/external/@inquirer/confirm.js
|
|
3204
3204
|
module.exports = require_commonjs4();
|
|
3205
|
+
if (module.exports && module.exports.default && Object.keys(module.exports).length === 1) { module.exports = module.exports.default; }
|
|
@@ -3226,3 +3226,4 @@ var require_commonjs4 = __commonJS({
|
|
|
3226
3226
|
|
|
3227
3227
|
// src/external/@inquirer/input.js
|
|
3228
3228
|
module.exports = require_commonjs4();
|
|
3229
|
+
if (module.exports && module.exports.default && Object.keys(module.exports).length === 1) { module.exports = module.exports.default; }
|
|
@@ -3334,3 +3334,4 @@ var require_commonjs4 = __commonJS({
|
|
|
3334
3334
|
|
|
3335
3335
|
// src/external/@inquirer/password.js
|
|
3336
3336
|
module.exports = require_commonjs4();
|
|
3337
|
+
if (module.exports && module.exports.default && Object.keys(module.exports).length === 1) { module.exports = module.exports.default; }
|
|
@@ -3331,3 +3331,4 @@ ${theme.style.description(selectedChoice.description)}` : ``;
|
|
|
3331
3331
|
|
|
3332
3332
|
// src/external/@inquirer/search.js
|
|
3333
3333
|
module.exports = require_commonjs4();
|
|
3334
|
+
if (module.exports && module.exports.default && Object.keys(module.exports).length === 1) { module.exports = module.exports.default; }
|
|
@@ -3448,3 +3448,4 @@ ${page}${helpTipBottom}${choiceDescription}${ansi_escapes_1.default.cursorHide}`
|
|
|
3448
3448
|
|
|
3449
3449
|
// src/external/@inquirer/select.js
|
|
3450
3450
|
module.exports = require_commonjs4();
|
|
3451
|
+
if (module.exports && module.exports.default && Object.keys(module.exports).length === 1) { module.exports = module.exports.default; }
|
|
@@ -19,8 +19,7 @@ var __copyProps = (to, from, except, desc) => {
|
|
|
19
19
|
var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
|
|
20
20
|
var lifecycle_script_names_exports = {};
|
|
21
21
|
__export(lifecycle_script_names_exports, {
|
|
22
|
-
|
|
23
|
-
"module.exports": () => lifecycleScriptNames
|
|
22
|
+
lifecycleScriptNames: () => lifecycleScriptNames
|
|
24
23
|
});
|
|
25
24
|
module.exports = __toCommonJS(lifecycle_script_names_exports);
|
|
26
25
|
const lifecycleScriptNames = new Set(
|
|
@@ -39,8 +38,7 @@ const lifecycleScriptNames = new Set(
|
|
|
39
38
|
].map((n) => [`pre${n}`, n, `post${n}`])
|
|
40
39
|
].flat()
|
|
41
40
|
);
|
|
42
|
-
var lifecycle_script_names_default = lifecycleScriptNames;
|
|
43
41
|
// Annotate the CommonJS export names for ESM import in node:
|
|
44
42
|
0 && (module.exports = {
|
|
45
|
-
|
|
43
|
+
lifecycleScriptNames
|
|
46
44
|
});
|
|
@@ -19,8 +19,7 @@ var __copyProps = (to, from, except, desc) => {
|
|
|
19
19
|
var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
|
|
20
20
|
var maintained_node_versions_exports = {};
|
|
21
21
|
__export(maintained_node_versions_exports, {
|
|
22
|
-
|
|
23
|
-
"module.exports": () => maintainedNodeVersions
|
|
22
|
+
maintainedNodeVersions: () => maintainedNodeVersions
|
|
24
23
|
});
|
|
25
24
|
module.exports = __toCommonJS(maintained_node_versions_exports);
|
|
26
25
|
const ObjectFreeze = Object.freeze;
|
|
@@ -36,8 +35,7 @@ const maintainedNodeVersions = ObjectFreeze(
|
|
|
36
35
|
previous
|
|
37
36
|
})
|
|
38
37
|
);
|
|
39
|
-
var maintained_node_versions_default = maintainedNodeVersions;
|
|
40
38
|
// Annotate the CommonJS export names for ESM import in node:
|
|
41
39
|
0 && (module.exports = {
|
|
42
|
-
|
|
40
|
+
maintainedNodeVersions
|
|
43
41
|
});
|
|
@@ -19,15 +19,13 @@ var __copyProps = (to, from, except, desc) => {
|
|
|
19
19
|
var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
|
|
20
20
|
var package_default_node_range_exports = {};
|
|
21
21
|
__export(package_default_node_range_exports, {
|
|
22
|
-
|
|
23
|
-
"module.exports": () => packageDefaultNodeRange
|
|
22
|
+
packageDefaultNodeRange: () => packageDefaultNodeRange
|
|
24
23
|
});
|
|
25
24
|
module.exports = __toCommonJS(package_default_node_range_exports);
|
|
26
|
-
const maintainedNodeVersions = require("#lib/maintained-node-versions")
|
|
25
|
+
const { maintainedNodeVersions } = require("#lib/maintained-node-versions");
|
|
27
26
|
const semver = require("./external/semver");
|
|
28
27
|
const packageDefaultNodeRange = `>=${semver.parse(maintainedNodeVersions.last).major}`;
|
|
29
|
-
var package_default_node_range_default = packageDefaultNodeRange;
|
|
30
28
|
// Annotate the CommonJS export names for ESM import in node:
|
|
31
29
|
0 && (module.exports = {
|
|
32
|
-
|
|
30
|
+
packageDefaultNodeRange
|
|
33
31
|
});
|
|
@@ -19,13 +19,11 @@ var __copyProps = (to, from, except, desc) => {
|
|
|
19
19
|
var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
|
|
20
20
|
var package_default_socket_categories_exports = {};
|
|
21
21
|
__export(package_default_socket_categories_exports, {
|
|
22
|
-
|
|
23
|
-
"module.exports": () => packageDefaultSocketCategories
|
|
22
|
+
packageDefaultSocketCategories: () => packageDefaultSocketCategories
|
|
24
23
|
});
|
|
25
24
|
module.exports = __toCommonJS(package_default_socket_categories_exports);
|
|
26
25
|
const packageDefaultSocketCategories = Object.freeze(["cleanup"]);
|
|
27
|
-
var package_default_socket_categories_default = packageDefaultSocketCategories;
|
|
28
26
|
// Annotate the CommonJS export names for ESM import in node:
|
|
29
27
|
0 && (module.exports = {
|
|
30
|
-
|
|
28
|
+
packageDefaultSocketCategories
|
|
31
29
|
});
|
|
@@ -19,8 +19,7 @@ var __copyProps = (to, from, except, desc) => {
|
|
|
19
19
|
var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
|
|
20
20
|
var package_extensions_exports = {};
|
|
21
21
|
__export(package_extensions_exports, {
|
|
22
|
-
|
|
23
|
-
"module.exports": () => packageExtensions
|
|
22
|
+
packageExtensions: () => packageExtensions
|
|
24
23
|
});
|
|
25
24
|
module.exports = __toCommonJS(package_extensions_exports);
|
|
26
25
|
const { freeze: ObjectFreeze } = Object;
|
|
@@ -65,8 +64,7 @@ const packageExtensions = ObjectFreeze(
|
|
|
65
64
|
return 0;
|
|
66
65
|
})
|
|
67
66
|
);
|
|
68
|
-
var package_extensions_default = packageExtensions;
|
|
69
67
|
// Annotate the CommonJS export names for ESM import in node:
|
|
70
68
|
0 && (module.exports = {
|
|
71
|
-
|
|
69
|
+
packageExtensions
|
|
72
70
|
});
|
package/dist/path.d.ts
CHANGED
|
@@ -162,6 +162,13 @@ export declare function isRelative(pathLike: string | Buffer | URL): boolean;
|
|
|
162
162
|
* @param {string | Buffer | URL} pathLike - The path to normalize
|
|
163
163
|
* @returns {string} The normalized path with forward slashes and collapsed segments
|
|
164
164
|
*
|
|
165
|
+
* @security
|
|
166
|
+
* **WARNING**: This function resolves `..` patterns as part of normalization, which means
|
|
167
|
+
* paths like `/../etc/passwd` become `/etc/passwd`. When processing untrusted user input
|
|
168
|
+
* (HTTP requests, file uploads, URL parameters), you MUST validate for path traversal
|
|
169
|
+
* attacks BEFORE calling this function. Check for patterns like `..`, `%2e%2e`, `\..`,
|
|
170
|
+
* and other traversal encodings first.
|
|
171
|
+
*
|
|
165
172
|
* @example
|
|
166
173
|
* ```typescript
|
|
167
174
|
* // Basic normalization
|
|
@@ -182,6 +189,10 @@ export declare function isRelative(pathLike: string | Buffer | URL): boolean;
|
|
|
182
189
|
* normalizePath('..') // '..'
|
|
183
190
|
* normalizePath('///foo///bar///') // '/foo/bar'
|
|
184
191
|
* normalizePath('foo/../..') // '..'
|
|
192
|
+
*
|
|
193
|
+
* // Security: Path traversal is resolved (intended behavior for trusted paths)
|
|
194
|
+
* normalizePath('/../etc/passwd') // '/etc/passwd' ⚠️
|
|
195
|
+
* normalizePath('/safe/../../unsafe') // '/unsafe' ⚠️
|
|
185
196
|
* ```
|
|
186
197
|
*/
|
|
187
198
|
/*@__NO_SIDE_EFFECTS__*/
|
package/dist/stdio/prompts.d.ts
CHANGED
|
@@ -98,6 +98,8 @@ export declare function createInquirerTheme(theme: Theme | ThemeName | unknown):
|
|
|
98
98
|
*/
|
|
99
99
|
/*@__NO_SIDE_EFFECTS__*/
|
|
100
100
|
export declare function wrapPrompt<T = unknown>(inquirerPrompt: (...args: unknown[]) => Promise<T>): (...args: unknown[]) => Promise<T | undefined>;
|
|
101
|
+
// c8 ignore start - Third-party inquirer library requires and exports not testable in isolation.
|
|
102
|
+
declare const checkboxRaw: any;
|
|
101
103
|
declare const confirmRaw: any;
|
|
102
104
|
declare const inputRaw: any;
|
|
103
105
|
declare const passwordRaw: any;
|
|
@@ -105,6 +107,21 @@ declare const searchRaw: any;
|
|
|
105
107
|
declare const selectRaw: any;
|
|
106
108
|
declare const ActualSeparator: any;
|
|
107
109
|
// c8 ignore stop
|
|
110
|
+
/**
|
|
111
|
+
* Prompt to select multiple items from a list of choices.
|
|
112
|
+
* Wrapped with spinner handling and abort signal support.
|
|
113
|
+
*
|
|
114
|
+
* @example
|
|
115
|
+
* const choices = await checkbox({
|
|
116
|
+
* message: 'Select options:',
|
|
117
|
+
* choices: [
|
|
118
|
+
* { name: 'Option 1', value: 'opt1' },
|
|
119
|
+
* { name: 'Option 2', value: 'opt2' },
|
|
120
|
+
* { name: 'Option 3', value: 'opt3' }
|
|
121
|
+
* ]
|
|
122
|
+
* })
|
|
123
|
+
*/
|
|
124
|
+
export declare const checkbox: typeof checkboxRaw;
|
|
108
125
|
/**
|
|
109
126
|
* Prompt for a yes/no confirmation.
|
|
110
127
|
* Wrapped with spinner handling and abort signal support.
|
package/dist/stdio/prompts.js
CHANGED
|
@@ -30,6 +30,7 @@ var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: tru
|
|
|
30
30
|
var prompts_exports = {};
|
|
31
31
|
__export(prompts_exports, {
|
|
32
32
|
Separator: () => ActualSeparator,
|
|
33
|
+
checkbox: () => checkbox,
|
|
33
34
|
confirm: () => confirm,
|
|
34
35
|
createInquirerTheme: () => createInquirerTheme,
|
|
35
36
|
createSeparator: () => createSeparator,
|
|
@@ -140,17 +141,14 @@ function wrapPrompt(inquirerPrompt) {
|
|
|
140
141
|
return typeof result === "string" ? result.trim() : result;
|
|
141
142
|
};
|
|
142
143
|
}
|
|
143
|
-
const
|
|
144
|
-
const
|
|
145
|
-
const
|
|
146
|
-
const
|
|
147
|
-
const
|
|
148
|
-
const
|
|
149
|
-
const
|
|
150
|
-
const
|
|
151
|
-
const searchRaw = searchExport.default ?? searchExport;
|
|
152
|
-
const selectRaw = selectExport.default ?? selectExport;
|
|
153
|
-
const ActualSeparator = selectExport.Separator;
|
|
144
|
+
const checkboxRaw = require("../external/@inquirer/checkbox");
|
|
145
|
+
const confirmRaw = require("../external/@inquirer/confirm");
|
|
146
|
+
const inputRaw = require("../external/@inquirer/input");
|
|
147
|
+
const passwordRaw = require("../external/@inquirer/password");
|
|
148
|
+
const searchRaw = require("../external/@inquirer/search");
|
|
149
|
+
const selectRaw = require("../external/@inquirer/select");
|
|
150
|
+
const ActualSeparator = selectRaw.Separator;
|
|
151
|
+
const checkbox = /* @__PURE__ */ wrapPrompt(checkboxRaw);
|
|
154
152
|
const confirm = /* @__PURE__ */ wrapPrompt(confirmRaw);
|
|
155
153
|
const input = /* @__PURE__ */ wrapPrompt(inputRaw);
|
|
156
154
|
const password = /* @__PURE__ */ wrapPrompt(passwordRaw);
|
|
@@ -162,6 +160,7 @@ function createSeparator(text) {
|
|
|
162
160
|
// Annotate the CommonJS export names for ESM import in node:
|
|
163
161
|
0 && (module.exports = {
|
|
164
162
|
Separator,
|
|
163
|
+
checkbox,
|
|
165
164
|
confirm,
|
|
166
165
|
createInquirerTheme,
|
|
167
166
|
createSeparator,
|
package/package.json
CHANGED
|
@@ -1,6 +1,7 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@socketsecurity/lib",
|
|
3
|
-
"version": "3.3.
|
|
3
|
+
"version": "3.3.1",
|
|
4
|
+
"packageManager": "pnpm@10.21.0",
|
|
4
5
|
"license": "MIT",
|
|
5
6
|
"description": "Core utilities and infrastructure for Socket.dev security tools",
|
|
6
7
|
"keywords": [
|
|
@@ -578,7 +579,8 @@
|
|
|
578
579
|
"CHANGELOG.md"
|
|
579
580
|
],
|
|
580
581
|
"engines": {
|
|
581
|
-
"node": ">=22"
|
|
582
|
+
"node": ">=22",
|
|
583
|
+
"pnpm": ">=10.21.0"
|
|
582
584
|
},
|
|
583
585
|
"sideEffects": false,
|
|
584
586
|
"scripts": {
|
|
@@ -602,6 +604,7 @@
|
|
|
602
604
|
"@biomejs/biome": "2.2.4",
|
|
603
605
|
"@eslint/compat": "1.4.0",
|
|
604
606
|
"@eslint/js": "9.38.0",
|
|
607
|
+
"@inquirer/checkbox": "4.3.1",
|
|
605
608
|
"@inquirer/confirm": "5.1.16",
|
|
606
609
|
"@inquirer/input": "4.2.2",
|
|
607
610
|
"@inquirer/password": "4.0.18",
|
|
@@ -612,7 +615,7 @@
|
|
|
612
615
|
"@socketregistry/is-unicode-supported": "1.0.5",
|
|
613
616
|
"@socketregistry/packageurl-js": "1.3.5",
|
|
614
617
|
"@socketregistry/yocto-spinner": "1.0.25",
|
|
615
|
-
"@socketsecurity/lib-stable": "https://registry.npmjs.org/@socketsecurity/lib/-/lib-3.
|
|
618
|
+
"@socketsecurity/lib-stable": "https://registry.npmjs.org/@socketsecurity/lib/-/lib-3.3.0.tgz",
|
|
616
619
|
"@types/node": "24.9.2",
|
|
617
620
|
"@typescript/native-preview": "7.0.0-dev.20250920.1",
|
|
618
621
|
"@vitest/coverage-v8": "4.0.3",
|