@socketsecurity/lib 3.5.0 → 4.0.1

package/dist/packages/manifest.js

@@ -1,8 +1,10 @@
 "use strict";
 /* Socket Lib - Built with esbuild */
+var __create = Object.create;
 var __defProp = Object.defineProperty;
 var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
 var __getOwnPropNames = Object.getOwnPropertyNames;
+var __getProtoOf = Object.getPrototypeOf;
 var __hasOwnProp = Object.prototype.hasOwnProperty;
 var __export = (target, all) => {
   for (var name in all)
@@ -16,6 +18,14 @@ var __copyProps = (to, from, except, desc) => {
   }
   return to;
 };
+var __toESM = (mod, isNodeMode, target) => (target = mod != null ? __create(__getProtoOf(mod)) : {}, __copyProps(
+  // If the importer is in node compatibility mode or this is not an ESM
+  // file that has been converted to a CommonJS file using a Babel-
+  // compatible transform (i.e. "__esModule" has not been set), then set
+  // "default" to the CommonJS "module.exports" for node compatibility.
+  isNodeMode || !mod || !mod.__esModule ? __defProp(target, "default", { value: mod, enumerable: true }) : target,
+  mod
+));
 var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
 var manifest_exports = {};
 __export(manifest_exports, {
@@ -24,9 +34,12 @@ __export(manifest_exports, {
   fetchPackagePackument: () => fetchPackagePackument
 });
 module.exports = __toCommonJS(manifest_exports);
-var import_packages = require("#constants/packages");
-var import_process = require("#constants/process");
-var import_socket = require("#constants/socket");
+var import_packages = require("../constants/packages");
+var import_process = require("../constants/process");
+var import_socket = require("../constants/socket");
+var import_npm_package_arg = __toESM(require("../external/npm-package-arg"));
+var import_pacote = __toESM(require("../external/pacote"));
+var import_semver = __toESM(require("../external/semver"));
 var import_arrays = require("../arrays");
 var import_objects = require("../objects");
 var import_exports = require("./exports");
@@ -36,30 +49,6 @@ const packageDefaultNodeRange = (0, import_packages.getPackageDefaultNodeRange)(
 const PACKAGE_DEFAULT_SOCKET_CATEGORIES = (0, import_packages.getPackageDefaultSocketCategories)();
 const packumentCache = (0, import_packages.getPackumentCache)();
 const pkgScopePrefixRegExp = /^@socketregistry\//;
-let _npmPackageArg;
-// @__NO_SIDE_EFFECTS__
-function getNpmPackageArg() {
-  if (_npmPackageArg === void 0) {
-    _npmPackageArg = require("../external/npm-package-arg");
-  }
-  return _npmPackageArg;
-}
-let _pacote;
-// @__NO_SIDE_EFFECTS__
-function getPacote() {
-  if (_pacote === void 0) {
-    _pacote = require("../external/pacote");
-  }
-  return _pacote;
-}
-let _semver;
-// @__NO_SIDE_EFFECTS__
-function getSemver() {
-  if (_semver === void 0) {
-    _semver = require("../external/semver");
-  }
-  return _semver;
-}
 // @__NO_SIDE_EFFECTS__
 function createPackageJson(sockRegPkgName, directory, options) {
   const {
@@ -106,11 +95,10 @@ function createPackageJson(sockRegPkgName, directory, options) {
           const strKey = String(pair[0]);
           const result = [strKey, pair[1]];
           if (strKey === "node") {
-            const semver = /* @__PURE__ */ getSemver();
             const { 1: range } = result;
             if (typeof range === "string" && range && packageDefaultNodeRange) {
-              const coercedRange = semver.coerce(range);
-              if (!semver.satisfies(
+              const coercedRange = import_semver.default.coerce(range);
+              if (!import_semver.default.satisfies(
                 coercedRange?.version ?? "0.0.0",
                 packageDefaultNodeRange
               )) {
@@ -144,18 +132,16 @@ async function fetchPackageManifest(pkgNameOrId, options) {
   if (signal?.aborted) {
     return void 0;
   }
-  const pacote = /* @__PURE__ */ getPacote();
   let result;
   try {
-    result = await pacote.manifest(pkgNameOrId, pacoteOptions);
+    result = await import_pacote.default.manifest(pkgNameOrId, pacoteOptions);
   } catch {
   }
   if (signal?.aborted) {
     return void 0;
   }
   if (result) {
-    const npmPackageArg = /* @__PURE__ */ getNpmPackageArg();
-    const spec = npmPackageArg(pkgNameOrId, pacoteOptions.where);
+    const spec = (0, import_npm_package_arg.default)(pkgNameOrId, pacoteOptions.where);
     if ((0, import_validation.isRegistryFetcherType)(spec.type)) {
       return result;
     }
@@ -171,9 +157,8 @@ async function fetchPackageManifest(pkgNameOrId, options) {
 }
 // @__NO_SIDE_EFFECTS__
 async function fetchPackagePackument(pkgNameOrId, options) {
-  const pacote = /* @__PURE__ */ getPacote();
   try {
-    return await pacote.packument(pkgNameOrId, {
+    return await import_pacote.default.packument(pkgNameOrId, {
       __proto__: null,
       signal: abortSignal,
       ...options,

package/dist/packages/normalize.js

@@ -1,8 +1,10 @@
 "use strict";
 /* Socket Lib - Built with esbuild */
+var __create = Object.create;
 var __defProp = Object.defineProperty;
 var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
 var __getOwnPropNames = Object.getOwnPropertyNames;
+var __getProtoOf = Object.getPrototypeOf;
 var __hasOwnProp = Object.prototype.hasOwnProperty;
 var __export = (target, all) => {
   for (var name in all)
@@ -16,6 +18,14 @@ var __copyProps = (to, from, except, desc) => {
   }
   return to;
 };
+var __toESM = (mod, isNodeMode, target) => (target = mod != null ? __create(__getProtoOf(mod)) : {}, __copyProps(
+  // If the importer is in node compatibility mode or this is not an ESM
+  // file that has been converted to a CommonJS file using a Babel-
+  // compatible transform (i.e. "__esModule" has not been set), then set
+  // "default" to the CommonJS "module.exports" for node compatibility.
+  isNodeMode || !mod || !mod.__esModule ? __defProp(target, "default", { value: mod, enumerable: true }) : target,
+  mod
+));
 var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
 var normalize_exports = {};
 __export(normalize_exports, {
@@ -25,57 +35,19 @@ __export(normalize_exports, {
   unescapeScope: () => unescapeScope
 });
 module.exports = __toCommonJS(normalize_exports);
+var import_socket = require("../constants/socket");
+var import_regexps = require("../regexps");
+var import_normalize_package_data = __toESM(require("../external/normalize-package-data"));
 var import_objects = require("../objects");
+var import_operations = require("./operations");
 const ArrayIsArray = Array.isArray;
 const ObjectHasOwn = Object.hasOwn;
-let _REGISTRY_SCOPE_DELIMITER;
-function getRegistryScopeDelimiter() {
-  if (_REGISTRY_SCOPE_DELIMITER === void 0) {
-    _REGISTRY_SCOPE_DELIMITER = /*@__INLINE__*/
-    require("../constants/socket").REGISTRY_SCOPE_DELIMITER;
-  }
-  return _REGISTRY_SCOPE_DELIMITER;
-}
-let _SOCKET_REGISTRY_SCOPE;
-function getSocketRegistryScope() {
-  if (_SOCKET_REGISTRY_SCOPE === void 0) {
-    _SOCKET_REGISTRY_SCOPE = /*@__INLINE__*/
-    require("../constants/socket").SOCKET_REGISTRY_SCOPE;
-  }
-  return _SOCKET_REGISTRY_SCOPE;
-}
-let _escapeRegExp;
-function getEscapeRegExp() {
-  if (_escapeRegExp === void 0) {
-    _escapeRegExp = require("../regexps").escapeRegExp;
-  }
-  return _escapeRegExp;
-}
 function getEscapedScopeRegExp() {
-  const REGISTRY_SCOPE_DELIMITER = getRegistryScopeDelimiter();
-  const escapeRegExp = getEscapeRegExp();
-  const firstChar = REGISTRY_SCOPE_DELIMITER[0];
+  const firstChar = import_socket.REGISTRY_SCOPE_DELIMITER[0];
   return new RegExp(
-    `^[^${escapeRegExp(firstChar)}]+${escapeRegExp(REGISTRY_SCOPE_DELIMITER)}(?!${escapeRegExp(firstChar)})`
+    `^[^${(0, import_regexps.escapeRegExp)(firstChar)}]+${(0, import_regexps.escapeRegExp)(import_socket.REGISTRY_SCOPE_DELIMITER)}(?!${(0, import_regexps.escapeRegExp)(firstChar)})`
   );
 }
-let _normalizePackageData;
-// @__NO_SIDE_EFFECTS__
-function getNormalizePackageData() {
-  if (_normalizePackageData === void 0) {
-    _normalizePackageData = require("../external/normalize-package-data");
-  }
-  return _normalizePackageData;
-}
-let _findPackageExtensions;
-// @__NO_SIDE_EFFECTS__
-function _getFindPackageExtensions() {
-  if (_findPackageExtensions === void 0) {
-    const operations = require("#packages/operations");
-    _findPackageExtensions = operations.findPackageExtensions;
-  }
-  return _findPackageExtensions;
-}
 // @__NO_SIDE_EFFECTS__
 function normalizePackageJson(pkgJson, options) {
   const { preserve } = { __proto__: null, ...options };
@@ -93,11 +65,9 @@ function normalizePackageJson(pkgJson, options) {
       ObjectHasOwn(pkgJson, k) ? pkgJson[k] : void 0
     ]) : []
   ];
-  const normalizePackageData = /* @__PURE__ */ getNormalizePackageData();
-  normalizePackageData(pkgJson);
+  (0, import_normalize_package_data.default)(pkgJson);
   if (pkgJson.name && pkgJson.version) {
-    const findPackageExtensions = /* @__PURE__ */ _getFindPackageExtensions();
-    const extensions = findPackageExtensions(pkgJson.name, pkgJson.version);
+    const extensions = (0, import_operations.findPackageExtensions)(pkgJson.name, pkgJson.version);
     if (extensions && typeof extensions === "object") {
       (0, import_objects.merge)(pkgJson, extensions);
     }
@@ -115,15 +85,13 @@ function resolveEscapedScope(sockRegPkgName) {
 }
 // @__NO_SIDE_EFFECTS__
 function resolveOriginalPackageName(sockRegPkgName) {
-  const SOCKET_REGISTRY_SCOPE = getSocketRegistryScope();
-  const name = sockRegPkgName.startsWith(`${SOCKET_REGISTRY_SCOPE}/`) ? sockRegPkgName.slice(SOCKET_REGISTRY_SCOPE.length + 1) : sockRegPkgName;
+  const name = sockRegPkgName.startsWith(`${import_socket.SOCKET_REGISTRY_SCOPE}/`) ? sockRegPkgName.slice(import_socket.SOCKET_REGISTRY_SCOPE.length + 1) : sockRegPkgName;
   const escapedScope = /* @__PURE__ */ resolveEscapedScope(name);
   return escapedScope ? `${/* @__PURE__ */ unescapeScope(escapedScope)}/${name.slice(escapedScope.length)}` : name;
 }
 // @__NO_SIDE_EFFECTS__
 function unescapeScope(escapedScope) {
-  const REGISTRY_SCOPE_DELIMITER = getRegistryScopeDelimiter();
-  return `@${escapedScope.slice(0, -REGISTRY_SCOPE_DELIMITER.length)}`;
+  return `@${escapedScope.slice(0, -import_socket.REGISTRY_SCOPE_DELIMITER.length)}`;
 }
 // Annotate the CommonJS export names for ESM import in node:
 0 && (module.exports = {

package/dist/packages/operations.js

@@ -1,8 +1,10 @@
 "use strict";
 /* Socket Lib - Built with esbuild */
+var __create = Object.create;
 var __defProp = Object.defineProperty;
 var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
 var __getOwnPropNames = Object.getOwnPropertyNames;
+var __getProtoOf = Object.getPrototypeOf;
 var __hasOwnProp = Object.prototype.hasOwnProperty;
 var __export = (target, all) => {
   for (var name in all)
@@ -16,6 +18,14 @@ var __copyProps = (to, from, except, desc) => {
   }
   return to;
 };
+var __toESM = (mod, isNodeMode, target) => (target = mod != null ? __create(__getProtoOf(mod)) : {}, __copyProps(
+  // If the importer is in node compatibility mode or this is not an ESM
+  // file that has been converted to a CommonJS file using a Babel-
+  // compatible transform (i.e. "__esModule" has not been set), then set
+  // "default" to the CommonJS "module.exports" for node compatibility.
+  isNodeMode || !mod || !mod.__esModule ? __defProp(target, "default", { value: mod, enumerable: true }) : target,
+  mod
+));
 var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
 var operations_exports = {};
 __export(operations_exports, {
@@ -30,98 +40,33 @@ __export(operations_exports, {
   resolveRegistryPackageName: () => resolveRegistryPackageName
 });
 module.exports = __toCommonJS(operations_exports);
-var import_packages = require("#constants/packages");
-var import_process = require("#constants/process");
-var import_socket = require("#constants/socket");
+var import_packages = require("../constants/packages");
+var import_process = require("../constants/process");
+var import_socket = require("../constants/socket");
+var import_cacache = __toESM(require("../external/cacache"));
+var import_libnpmpack = __toESM(require("../external/libnpmpack"));
+var import_make_fetch_happen = __toESM(require("../external/make-fetch-happen"));
+var import_npm_package_arg = __toESM(require("../external/npm-package-arg"));
+var import_packageurl_js = require("../external/@socketregistry/packageurl-js");
+var import_pacote = __toESM(require("../external/pacote"));
+var semver = __toESM(require("../external/semver"));
 var import_fs = require("../fs");
 var import_objects = require("../objects");
 var import_normalize = require("./normalize");
-var import_paths = require("./paths");
+var import_packages2 = require("../paths/packages");
 var import_specs = require("./specs");
+var import_editable = require("./editable");
 const abortSignal = (0, import_process.getAbortSignal)();
 const packageExtensions = (0, import_packages.getPackageExtensions)();
 const packumentCache = (0, import_packages.getPackumentCache)();
 const pacoteCachePath = (0, import_packages.getPacoteCachePath)();
-let _cacache;
-// @__NO_SIDE_EFFECTS__
-function getCacache() {
-  if (_cacache === void 0) {
-    _cacache = require("../external/cacache");
-  }
-  return _cacache;
-}
-let _fetcher;
-// @__NO_SIDE_EFFECTS__
-function getFetcher() {
-  if (_fetcher === void 0) {
-    const makeFetchHappen = require("../external/make-fetch-happen");
-    _fetcher = makeFetchHappen.defaults({
-      cachePath: pacoteCachePath,
-      // Prefer-offline: Staleness checks for cached data will be bypassed, but
-      // missing data will be requested from the server.
-      // https://github.com/npm/make-fetch-happen?tab=readme-ov-file#--optscache
-      cache: "force-cache"
-    });
-  }
-  return _fetcher;
-}
-let _npmPackageArg;
-// @__NO_SIDE_EFFECTS__
-function getNpmPackageArg() {
-  if (_npmPackageArg === void 0) {
-    _npmPackageArg = require("../external/npm-package-arg");
-  }
-  return _npmPackageArg;
-}
-let _pack;
-// @__NO_SIDE_EFFECTS__
-function getPack() {
-  if (_pack === void 0) {
-    _pack = require("../external/libnpmpack");
-  }
-  return _pack;
-}
-let _PackageURL;
-// @__NO_SIDE_EFFECTS__
-function getPackageURL() {
-  if (_PackageURL === void 0) {
-    const packageUrlJs = require("../external/@socketregistry/packageurl-js");
-    _PackageURL = packageUrlJs.PackageURL;
-  }
-  return _PackageURL;
-}
-let _pacote;
-// @__NO_SIDE_EFFECTS__
-function getPacote() {
-  if (_pacote === void 0) {
-    _pacote = require("../external/pacote");
-  }
-  return _pacote;
-}
-let _semver;
-// @__NO_SIDE_EFFECTS__
-function getSemver() {
-  if (_semver === void 0) {
-    _semver = require("../external/semver");
-  }
-  return _semver;
-}
-let _toEditablePackageJson;
-// @__NO_SIDE_EFFECTS__
-function _getToEditablePackageJson() {
-  if (_toEditablePackageJson === void 0) {
-    _toEditablePackageJson = require("#packages/editable").toEditablePackageJson;
-  }
-  return _toEditablePackageJson;
-}
-let _toEditablePackageJsonSync;
-// @__NO_SIDE_EFFECTS__
-function _getToEditablePackageJsonSync() {
-  if (_toEditablePackageJsonSync === void 0) {
-    _toEditablePackageJsonSync = require("#packages/editable").toEditablePackageJsonSync;
-  }
-  return _toEditablePackageJsonSync;
-}
+const fetcher = import_make_fetch_happen.default.defaults({
+  cachePath: pacoteCachePath,
+  // Prefer-offline: Staleness checks for cached data will be bypassed, but
+  // missing data will be requested from the server.
+  // https://github.com/npm/make-fetch-happen?tab=readme-ov-file#--optscache
+  cache: "force-cache"
+});
 // @__NO_SIDE_EFFECTS__
 async function extractPackage(pkgNameOrId, options, callback) {
   let actualCallback = callback;
@@ -139,19 +84,17 @@ async function extractPackage(pkgNameOrId, options, callback) {
     preferOffline: true,
     ...extractOptions_
   };
-  const pacote = /* @__PURE__ */ getPacote();
   if (typeof dest === "string") {
-    await pacote.extract(pkgNameOrId, dest, extractOptions);
+    await import_pacote.default.extract(pkgNameOrId, dest, extractOptions);
     if (typeof actualCallback === "function") {
       await actualCallback(dest);
     }
   } else {
-    const cacache = /* @__PURE__ */ getCacache();
-    await cacache.tmp.withTmp(
+    await import_cacache.default.tmp.withTmp(
       pacoteCachePath,
       { tmpPrefix },
       async (tmpDirPath) => {
-        await pacote.extract(pkgNameOrId, tmpDirPath, extractOptions);
+        await import_pacote.default.extract(pkgNameOrId, tmpDirPath, extractOptions);
         if (typeof actualCallback === "function") {
           await actualCallback(tmpDirPath);
         }
@@ -168,7 +111,6 @@ function findPackageExtensions(pkgName, pkgVer) {
     const lastAtSignIndex = selector.lastIndexOf("@");
     const name = selector.slice(0, lastAtSignIndex);
     if (pkgName === name) {
-      const semver = /* @__PURE__ */ getSemver();
       const range = selector.slice(lastAtSignIndex + 1);
       if (semver.satisfies(pkgVer, range)) {
         if (result === void 0) {
@@ -200,8 +142,7 @@ function getReleaseTag(spec) {
 }
 // @__NO_SIDE_EFFECTS__
 async function packPackage(spec, options) {
-  const pack = /* @__PURE__ */ getPack();
-  return await pack(spec, {
+  return await (0, import_libnpmpack.default)(spec, {
     __proto__: null,
     signal: abortSignal,
     ...options,
@@ -215,13 +156,12 @@ async function readPackageJson(filepath, options) {
     __proto__: null,
     ...options
   };
-  const pkgJson = await (0, import_fs.readJson)((0, import_paths.resolvePackageJsonPath)(filepath), {
+  const pkgJson = await (0, import_fs.readJson)((0, import_packages2.resolvePackageJsonPath)(filepath), {
     throws
   });
   if (pkgJson) {
     if (editable) {
-      const toEditablePackageJson = /* @__PURE__ */ _getToEditablePackageJson();
-      return await toEditablePackageJson(pkgJson, {
+      return await (0, import_editable.toEditablePackageJson)(pkgJson, {
         path: filepath,
         normalize,
         ...normalizeOptions
@@ -237,11 +177,10 @@ function readPackageJsonSync(filepath, options) {
     __proto__: null,
     ...options
   };
-  const pkgJson = (0, import_fs.readJsonSync)((0, import_paths.resolvePackageJsonPath)(filepath), { throws });
+  const pkgJson = (0, import_fs.readJsonSync)((0, import_packages2.resolvePackageJsonPath)(filepath), { throws });
   if (pkgJson) {
     if (editable) {
-      const toEditablePackageJsonSync = /* @__PURE__ */ _getToEditablePackageJsonSync();
-      return toEditablePackageJsonSync(pkgJson, {
+      return (0, import_editable.toEditablePackageJsonSync)(pkgJson, {
         path: filepath,
         normalize,
         ...normalizeOptions
@@ -259,8 +198,7 @@ async function resolveGitHubTgzUrl(pkgNameOrId, where) {
     return "";
   }
   const { version } = pkgJson;
-  const npmPackageArg = /* @__PURE__ */ getNpmPackageArg();
-  const parsedSpec = npmPackageArg(
+  const parsedSpec = (0, import_npm_package_arg.default)(
     pkgNameOrId,
     whereIsPkgJson ? void 0 : where
   );
@@ -276,7 +214,6 @@ async function resolveGitHubTgzUrl(pkgNameOrId, where) {
     if (isGitHubUrl) {
       apiUrl = (0, import_specs.gitHubTagRefUrl)(user, project, parsedSpec.gitCommittish || "");
     } else {
-      const fetcher = /* @__PURE__ */ getFetcher();
       const versionStr = version;
       apiUrl = (0, import_specs.gitHubTagRefUrl)(user, project, `v${versionStr}`);
       if (!(await fetcher(apiUrl, { method: "head" })).ok) {
@@ -287,7 +224,6 @@ async function resolveGitHubTgzUrl(pkgNameOrId, where) {
       }
     }
     if (apiUrl) {
-      const fetcher = /* @__PURE__ */ getFetcher();
       const resp = await fetcher(apiUrl);
       const json = await resp.json();
       const sha = json?.object?.sha;
@@ -305,7 +241,7 @@ function resolvePackageName(purlObj, delimiter = "/") {
 }
 // @__NO_SIDE_EFFECTS__
 function resolveRegistryPackageName(pkgName) {
-  const purlObj = (/* @__PURE__ */ getPackageURL()).fromString(`pkg:npm/${pkgName}`);
+  const purlObj = import_packageurl_js.PackageURL.fromString(`pkg:npm/${pkgName}`);
   return purlObj.namespace ? `${purlObj.namespace.slice(1)}${import_socket.REGISTRY_SCOPE_DELIMITER}${purlObj.name}` : pkgName;
 }
 // Annotate the CommonJS export names for ESM import in node:

package/dist/packages/provenance.js

@@ -1,8 +1,10 @@
 "use strict";
 /* Socket Lib - Built with esbuild */
+var __create = Object.create;
 var __defProp = Object.defineProperty;
 var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
 var __getOwnPropNames = Object.getOwnPropertyNames;
+var __getProtoOf = Object.getPrototypeOf;
 var __hasOwnProp = Object.prototype.hasOwnProperty;
 var __export = (target, all) => {
   for (var name in all)
@@ -16,6 +18,14 @@ var __copyProps = (to, from, except, desc) => {
   }
   return to;
 };
+var __toESM = (mod, isNodeMode, target) => (target = mod != null ? __create(__getProtoOf(mod)) : {}, __copyProps(
+  // If the importer is in node compatibility mode or this is not an ESM
+  // file that has been converted to a CommonJS file using a Babel-
+  // compatible transform (i.e. "__esModule" has not been set), then set
+  // "default" to the CommonJS "module.exports" for node compatibility.
+  isNodeMode || !mod || !mod.__esModule ? __defProp(target, "default", { value: mod, enumerable: true }) : target,
+  mod
+));
 var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
 var provenance_exports = {};
 __export(provenance_exports, {
@@ -23,7 +33,9 @@ __export(provenance_exports, {
   getProvenanceDetails: () => getProvenanceDetails
 });
 module.exports = __toCommonJS(provenance_exports);
-var import_agents = require("#constants/agents");
+var import_agents = require("../constants/agents");
+var import_packages = require("../constants/packages");
+var import_make_fetch_happen = __toESM(require("../external/make-fetch-happen"));
 var import_abort = require("../abort");
 var import_url = require("../url");
 const ArrayIsArray = Array.isArray;
@@ -33,10 +45,8 @@ let _fetcher;
 // @__NO_SIDE_EFFECTS__
 function getFetcher() {
   if (_fetcher === void 0) {
-    const makeFetchHappen = require("../external/make-fetch-happen");
-    const { getPacoteCachePath } = require("../constants/packages");
-    _fetcher = makeFetchHappen.defaults({
-      cachePath: getPacoteCachePath(),
+    _fetcher = import_make_fetch_happen.default.defaults({
+      cachePath: (0, import_packages.getPacoteCachePath)(),
       // Prefer-offline: Staleness checks for cached data will be bypassed, but
       // missing data will be requested from the server.
       // https://github.com/npm/make-fetch-happen?tab=readme-ov-file#--optscache

package/dist/packages/specs.js

@@ -1,8 +1,10 @@
 "use strict";
 /* Socket Lib - Built with esbuild */
+var __create = Object.create;
 var __defProp = Object.defineProperty;
 var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
 var __getOwnPropNames = Object.getOwnPropertyNames;
+var __getProtoOf = Object.getPrototypeOf;
 var __hasOwnProp = Object.prototype.hasOwnProperty;
 var __export = (target, all) => {
   for (var name in all)
@@ -16,6 +18,14 @@ var __copyProps = (to, from, except, desc) => {
   }
   return to;
 };
+var __toESM = (mod, isNodeMode, target) => (target = mod != null ? __create(__getProtoOf(mod)) : {}, __copyProps(
+  // If the importer is in node compatibility mode or this is not an ESM
+  // file that has been converted to a CommonJS file using a Babel-
+  // compatible transform (i.e. "__esModule" has not been set), then set
+  // "default" to the CommonJS "module.exports" for node compatibility.
+  isNodeMode || !mod || !mod.__esModule ? __defProp(target, "default", { value: mod, enumerable: true }) : target,
+  mod
+));
 var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
 var specs_exports = {};
 __export(specs_exports, {
@@ -26,16 +36,9 @@ __export(specs_exports, {
   isGitHubUrlSpec: () => isGitHubUrlSpec
 });
 module.exports = __toCommonJS(specs_exports);
+var import_npm_package_arg = __toESM(require("../external/npm-package-arg"));
 var import_objects = require("../objects");
 var import_strings = require("../strings");
-let _npmPackageArg;
-// @__NO_SIDE_EFFECTS__
-function getNpmPackageArg() {
-  if (_npmPackageArg === void 0) {
-    _npmPackageArg = require("../external/npm-package-arg");
-  }
-  return _npmPackageArg;
-}
 // @__NO_SIDE_EFFECTS__
 function getRepoUrlDetails(repoUrl = "") {
   const userAndRepo = repoUrl.replace(/^.+github.com\//, "").split("/");
@@ -57,8 +60,7 @@ function isGitHubTgzSpec(spec, where) {
   if ((0, import_objects.isObjectObject)(spec)) {
     parsedSpec = spec;
   } else {
-    const npmPackageArg = /* @__PURE__ */ getNpmPackageArg();
-    parsedSpec = npmPackageArg(spec, where);
+    parsedSpec = (0, import_npm_package_arg.default)(spec, where);
   }
   const typedSpec = parsedSpec;
   return typedSpec.type === "remote" && !!typedSpec.saveSpec?.endsWith(".tar.gz");
@@ -69,8 +71,7 @@ function isGitHubUrlSpec(spec, where) {
   if ((0, import_objects.isObjectObject)(spec)) {
     parsedSpec = spec;
   } else {
-    const npmPackageArg = /* @__PURE__ */ getNpmPackageArg();
-    parsedSpec = npmPackageArg(spec, where);
+    parsedSpec = (0, import_npm_package_arg.default)(spec, where);
   }
   const typedSpec = parsedSpec;
   return typedSpec.type === "git" && typedSpec.hosted?.domain === "github.com" && (0, import_strings.isNonEmptyString)(typedSpec.gitCommittish);

package/dist/packages/validation.js

@@ -1,8 +1,10 @@
 "use strict";
 /* Socket Lib - Built with esbuild */
+var __create = Object.create;
 var __defProp = Object.defineProperty;
 var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
 var __getOwnPropNames = Object.getOwnPropertyNames;
+var __getProtoOf = Object.getPrototypeOf;
 var __hasOwnProp = Object.prototype.hasOwnProperty;
 var __export = (target, all) => {
   for (var name in all)
@@ -16,6 +18,14 @@ var __copyProps = (to, from, except, desc) => {
   }
   return to;
 };
+var __toESM = (mod, isNodeMode, target) => (target = mod != null ? __create(__getProtoOf(mod)) : {}, __copyProps(
+  // If the importer is in node compatibility mode or this is not an ESM
+  // file that has been converted to a CommonJS file using a Babel-
+  // compatible transform (i.e. "__esModule" has not been set), then set
+  // "default" to the CommonJS "module.exports" for node compatibility.
+  isNodeMode || !mod || !mod.__esModule ? __defProp(target, "default", { value: mod, enumerable: true }) : target,
+  mod
+));
 var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
 var validation_exports = {};
 __export(validation_exports, {
@@ -24,14 +34,7 @@ __export(validation_exports, {
   isValidPackageName: () => isValidPackageName
 });
 module.exports = __toCommonJS(validation_exports);
-let _validateNpmPackageName;
-// @__NO_SIDE_EFFECTS__
-function getValidateNpmPackageName() {
-  if (_validateNpmPackageName === void 0) {
-    _validateNpmPackageName = require("../external/validate-npm-package-name");
-  }
-  return _validateNpmPackageName;
-}
+var import_validate_npm_package_name = __toESM(require("../external/validate-npm-package-name"));
 // @__NO_SIDE_EFFECTS__
 function isBlessedPackageName(name) {
   return typeof name === "string" && (name === "sfw" || name === "socket" || name.startsWith("@socketoverride/") || name.startsWith("@socketregistry/") || name.startsWith("@socketsecurity/"));
@@ -42,8 +45,7 @@ function isRegistryFetcherType(type) {
 }
 // @__NO_SIDE_EFFECTS__
 function isValidPackageName(name) {
-  const validateNpmPackageName = /* @__PURE__ */ getValidateNpmPackageName();
-  return validateNpmPackageName(name).validForOldPackages;
+  return (0, import_validate_npm_package_name.default)(name).validForOldPackages;
 }
 // Annotate the CommonJS export names for ESM import in node:
 0 && (module.exports = {

package/dist/packages.d.ts

@@ -2,7 +2,7 @@
  * @fileoverview Package registry management with Socket.dev specific utilities.
  * Provides npm package analysis, dependency resolution, and registry operations.
  */
-import type { CategoryString } from '#types';
+import type { CategoryString } from './types';
 import { getEditablePackageJsonClass, pkgJsonToEditable, toEditablePackageJson, toEditablePackageJsonSync } from './packages/editable';
 import { findTypesForSubpath, getExportFilePaths, getSubpaths, isConditionalExports, isSubpathExports, resolvePackageJsonEntryExports } from './packages/exports';
 import { isolatePackage } from './packages/isolation';
@@ -10,7 +10,7 @@ import { collectIncompatibleLicenses, collectLicenseWarnings, createAstNode, cre
 import { createPackageJson, fetchPackageManifest, fetchPackagePackument } from './packages/manifest';
 import { normalizePackageJson, resolveEscapedScope, resolveOriginalPackageName, unescapeScope } from './packages/normalize';
 import { extractPackage, findPackageExtensions, getReleaseTag, packPackage, readPackageJson, readPackageJsonSync, resolveGitHubTgzUrl, resolvePackageName, resolveRegistryPackageName } from './packages/operations';
-import { resolvePackageJsonDirname, resolvePackageJsonPath } from './packages/paths';
+import { resolvePackageJsonDirname, resolvePackageJsonPath } from './paths/packages';
 import { fetchPackageProvenance, getProvenanceDetails } from './packages/provenance';
 import { getRepoUrlDetails, gitHubTagRefUrl, gitHubTgzUrl, isGitHubTgzSpec, isGitHubUrlSpec } from './packages/specs';
 import { isBlessedPackageName, isRegistryFetcherType, isValidPackageName } from './packages/validation';