@socketsecurity/lib 5.18.1 → 5.19.0

package/dist/releases/socket-btm.js

@@ -1,5 +1,6 @@
 "use strict";
 /* Socket Lib - Built with esbuild */
+"use strict";
 var __defProp = Object.defineProperty;
 var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
 var __getOwnPropNames = Object.getOwnPropertyNames;
@@ -19,6 +20,7 @@ var __copyProps = (to, from, except, desc) => {
 var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
 var socket_btm_exports = {};
 __export(socket_btm_exports, {
+  SOCKET_BTM_REPO: () => SOCKET_BTM_REPO,
   detectLibc: () => detectLibc,
   downloadSocketBtmRelease: () => downloadSocketBtmRelease,
   getBinaryAssetName: () => getBinaryAssetName,
@@ -26,8 +28,12 @@ __export(socket_btm_exports, {
   getPlatformArch: () => getPlatformArch
 });
 module.exports = __toCommonJS(socket_btm_exports);
-var import_platform = require("../constants/platform.js");
-var import_github = require("./github.js");
+var import_platform = require("../constants/platform");
+var import_github = require("./github");
+const SOCKET_BTM_REPO = {
+  owner: "SocketDev",
+  repo: "socket-btm"
+};
 const PLATFORM_MAP = {
   __proto__: null,
   darwin: "darwin",
@@ -43,7 +49,7 @@ let _fs;
 // @__NO_SIDE_EFFECTS__
 function getFs() {
   if (_fs === void 0) {
-    _fs = require("fs");
+    _fs = require("node:fs");
   }
   return _fs;
 }
@@ -70,15 +76,15 @@ function detectLibc() {
   }
 }
 async function downloadSocketBtmRelease(tool, options) {
-  const config = Object.assign(/* @__PURE__ */ Object.create(null), options);
+  const config = { __proto__: null, ...options ?? {} };
   const { cwd, downloadDir, quiet = false, tag } = config;
   const toolPrefix = `${tool}-`;
   let downloadConfig;
   if (options && "asset" in options) {
-    const assetConfig = Object.assign(
-      /* @__PURE__ */ Object.create(null),
-      options
-    );
+    const assetConfig = {
+      __proto__: null,
+      ...options
+    };
     const { asset, output, removeMacOSQuarantine = false } = assetConfig;
     let resolvedAsset;
     let resolvedTag = tag;
@@ -91,17 +97,17 @@ async function downloadSocketBtmRelease(tool, options) {
           "Cannot use asset pattern with explicit tag. Either provide exact asset name or omit tag."
         );
       }
-      resolvedTag = await (0, import_github.getLatestRelease)(toolPrefix, import_github.SOCKET_BTM_REPO, {
+      resolvedTag = await (0, import_github.getLatestRelease)(toolPrefix, SOCKET_BTM_REPO, {
         assetPattern: asset,
         quiet
-      });
+      }) ?? void 0;
       if (!resolvedTag) {
         throw new Error(`No ${tool} release with matching asset pattern found`);
       }
       const assetUrl = await (0, import_github.getReleaseAssetUrl)(
         resolvedTag,
         asset,
-        import_github.SOCKET_BTM_REPO,
+        SOCKET_BTM_REPO,
         {
           quiet
         }
@@ -114,24 +120,24 @@ async function downloadSocketBtmRelease(tool, options) {
     const outputName = output || resolvedAsset;
     const platformArch = "assets";
     downloadConfig = {
-      owner: import_github.SOCKET_BTM_REPO.owner,
-      repo: import_github.SOCKET_BTM_REPO.repo,
-      cwd,
-      downloadDir,
+      owner: SOCKET_BTM_REPO.owner,
+      repo: SOCKET_BTM_REPO.repo,
+      ...cwd !== void 0 && { cwd },
+      ...downloadDir !== void 0 && { downloadDir },
       toolName: tool,
       platformArch,
       binaryName: outputName,
       assetName: resolvedAsset,
       toolPrefix,
-      tag: resolvedTag,
+      ...resolvedTag !== void 0 && { tag: resolvedTag },
       quiet,
       removeMacOSQuarantine
     };
   } else {
-    const binaryConfig = Object.assign(
-      /* @__PURE__ */ Object.create(null),
-      options
-    );
+    const binaryConfig = {
+      __proto__: null,
+      ...options
+    };
     const {
       bin,
       libc = detectLibc(),
@@ -149,16 +155,16 @@ async function downloadSocketBtmRelease(tool, options) {
     const platformArch = getPlatformArch(targetPlatform, targetArch, libc);
     const binaryName = getBinaryName(baseName, targetPlatform);
     downloadConfig = {
-      owner: import_github.SOCKET_BTM_REPO.owner,
-      repo: import_github.SOCKET_BTM_REPO.repo,
-      cwd,
-      downloadDir,
+      owner: SOCKET_BTM_REPO.owner,
+      repo: SOCKET_BTM_REPO.repo,
+      ...cwd !== void 0 && { cwd },
+      ...downloadDir !== void 0 && { downloadDir },
       toolName: tool,
       platformArch,
       binaryName,
       assetName,
       toolPrefix,
-      tag,
+      ...tag !== void 0 && { tag },
       quiet,
       removeMacOSQuarantine
     };
@@ -200,6 +206,7 @@ function getPlatformArch(platform, arch, libc) {
 }
 // Annotate the CommonJS export names for ESM import in node:
 0 && (module.exports = {
+  SOCKET_BTM_REPO,
   detectLibc,
   downloadSocketBtmRelease,
   getBinaryAssetName,

package/dist/sea.d.ts

@@ -1,3 +1,8 @@
+/**
+ * @fileoverview SEA (Single Executable Application) detection utilities for Socket ecosystem.
+ * Provides reliable detection of whether the current process is running
+ * as a Node.js Single Executable Application.
+ */
 /**
  * Get the current SEA binary path.
  * Only valid when running as a SEA binary.

package/dist/sea.js

@@ -1,5 +1,6 @@
 "use strict";
 /* Socket Lib - Built with esbuild */
+"use strict";
 var __create = Object.create;
 var __defProp = Object.defineProperty;
 var __getOwnPropDesc = Object.getOwnPropertyDescriptor;

package/dist/shadow.d.ts

@@ -1,3 +1,7 @@
+/**
+ * @fileoverview Shadow binary installation utilities for Socket ecosystem.
+ * Provides logic to determine when shadow binary installation should be skipped.
+ */
 export interface ShadowInstallationOptions {
     cwd?: string | undefined;
     win32?: boolean | undefined;

package/dist/shadow.js

@@ -1,5 +1,6 @@
 "use strict";
 /* Socket Lib - Built with esbuild */
+"use strict";
 var __create = Object.create;
 var __defProp = Object.defineProperty;
 var __getOwnPropDesc = Object.getOwnPropertyDescriptor;

package/dist/signal-exit.d.ts

@@ -1,3 +1,10 @@
+/**
+ * @fileoverview Process signal handling utilities.
+ * Provides cross-platform signal exit detection and cleanup handlers.
+ */
+export interface OnExitOptions {
+    alwaysLast?: boolean;
+}
 /**
  * Load signal handlers and hook into process exit events.
  *
@@ -7,11 +14,7 @@
  * // Signal handlers are now active
  * ```
  */
-/*@__NO_SIDE_EFFECTS__*/
 export declare function load(): void;
-export interface OnExitOptions {
-    alwaysLast?: boolean;
-}
 /**
  * Register a callback to run on process exit or signal.
  *
@@ -24,7 +27,6 @@ export interface OnExitOptions {
  * remove()
  * ```
  */
-/*@__NO_SIDE_EFFECTS__*/
 export declare function onExit(cb: (code: number | null, signal: string | null) => void, options?: OnExitOptions | undefined): () => void;
 /**
  * Get the list of signals that are currently being monitored.
@@ -35,7 +37,6 @@ export declare function onExit(cb: (code: number | null, signal: string | null)
  * console.log(sigs) // ['SIGABRT', 'SIGALRM', 'SIGHUP', ...]
  * ```
  */
-/*@__NO_SIDE_EFFECTS__*/
 export declare function signals(): string[];
 /**
  * Unload signal handlers and restore original process behavior.
@@ -46,5 +47,4 @@ export declare function signals(): string[];
  * // Signal handlers are now removed
  * ```
  */
-/*@__NO_SIDE_EFFECTS__*/
 export declare function unload(): void;

package/dist/signal-exit.js

@@ -1,5 +1,6 @@
 "use strict";
 /* Socket Lib - Built with esbuild */
+"use strict";
 var __defProp = Object.defineProperty;
 var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
 var __getOwnPropNames = Object.getOwnPropertyNames;
@@ -32,14 +33,21 @@ const platform = globalProcess?.platform ?? "";
 const originalProcessReallyExit = globalProcess?.reallyExit;
 const WIN32 = platform === "win32";
 let _events;
+let _emitter;
+let _sigListeners;
+let loaded = false;
+let _signals;
 // @__NO_SIDE_EFFECTS__
-function getEvents() {
-  if (_events === void 0) {
-    _events = require("events");
+function emit(event, code, signal) {
+  const emitter = /* @__PURE__ */ getEmitter();
+  if (emitter.emitted?.[event]) {
+    return;
   }
-  return _events;
+  if (emitter.emitted) {
+    emitter.emitted[event] = true;
+  }
+  emitter.emit(event, code, signal);
 }
-let _emitter;
 // @__NO_SIDE_EFFECTS__
 function getEmitter() {
   if (_emitter === void 0) {
@@ -58,7 +66,13 @@ function getEmitter() {
   }
   return _emitter;
 }
-let _sigListeners;
+// @__NO_SIDE_EFFECTS__
+function getEvents() {
+  if (_events === void 0) {
+    _events = require("node:events");
+  }
+  return _events;
+}
 // @__NO_SIDE_EFFECTS__
 function getSignalListeners() {
   if (_sigListeners === void 0) {
@@ -81,44 +95,6 @@ function getSignalListeners() {
   return _sigListeners;
 }
 // @__NO_SIDE_EFFECTS__
-function emit(event, code, signal) {
-  const emitter = /* @__PURE__ */ getEmitter();
-  if (emitter.emitted?.[event]) {
-    return;
-  }
-  if (emitter.emitted) {
-    emitter.emitted[event] = true;
-  }
-  emitter.emit(event, code, signal);
-}
-let loaded = false;
-// @__NO_SIDE_EFFECTS__
-function load() {
-  if (loaded || !globalProcess) {
-    return;
-  }
-  loaded = true;
-  const emitter = /* @__PURE__ */ getEmitter();
-  if (emitter.count !== void 0) {
-    emitter.count += 1;
-  }
-  const sigs = /* @__PURE__ */ signals();
-  const sigListeners = /* @__PURE__ */ getSignalListeners();
-  _signals = sigs.filter((sig) => {
-    try {
-      globalProcess.on(
-        sig,
-        sigListeners[sig]
-      );
-      return true;
-    } catch {
-    }
-    return false;
-  });
-  globalProcess.emit = processEmit;
-  globalProcess.reallyExit = processReallyExit;
-}
-// @__NO_SIDE_EFFECTS__
 function processEmit(eventName, exitCode, ...args) {
   if (eventName === "exit") {
     let actualExitCode = exitCode;
@@ -160,6 +136,32 @@ function processReallyExit(code) {
   throw new Error("processReallyExit should never return");
 }
 // @__NO_SIDE_EFFECTS__
+function load() {
+  if (loaded || !globalProcess) {
+    return;
+  }
+  loaded = true;
+  const emitter = /* @__PURE__ */ getEmitter();
+  if (emitter.count !== void 0) {
+    emitter.count += 1;
+  }
+  const sigs = /* @__PURE__ */ signals();
+  const sigListeners = /* @__PURE__ */ getSignalListeners();
+  _signals = sigs.filter((sig) => {
+    try {
+      globalProcess.on(
+        sig,
+        sigListeners[sig]
+      );
+      return true;
+    } catch {
+    }
+    return false;
+  });
+  globalProcess.emit = processEmit;
+  globalProcess.reallyExit = processReallyExit;
+}
+// @__NO_SIDE_EFFECTS__
 function onExit(cb, options) {
   if (!globalProcess) {
     return function remove() {
@@ -185,7 +187,6 @@ function onExit(cb, options) {
     }
   };
 }
-let _signals;
 // @__NO_SIDE_EFFECTS__
 function signals() {
   if (_signals === void 0) {

package/dist/sorts.d.ts

@@ -1,3 +1,8 @@
+/**
+ * @fileoverview Sorting comparison functions including locale-aware and natural sorting.
+ * Provides various comparison utilities for arrays and collections.
+ */
+type FastSortFunction = ReturnType<typeof import('fast-sort').createNewSortInstance>;
 /**
  * Compare semantic versions.
  *
@@ -8,7 +13,6 @@
  * compareSemver('1.0.0', '1.0.0')  // 0
  * ```
  */
-/*@__NO_SIDE_EFFECTS__*/
 export declare function compareSemver(a: string, b: string): number;
 /**
  * Simple string comparison.
@@ -20,7 +24,6 @@ export declare function compareSemver(a: string, b: string): number;
  * compareStr('a', 'a')  // 0
  * ```
  */
-/*@__NO_SIDE_EFFECTS__*/
 export declare function compareStr(a: string, b: string): number;
 /**
  * Compare two strings using locale-aware comparison.
@@ -32,7 +35,6 @@ export declare function compareStr(a: string, b: string): number;
  * localeCompare('a', 'a')  // 0
  * ```
  */
-/*@__NO_SIDE_EFFECTS__*/
 export declare function localeCompare(x: string, y: string): number;
 /**
  * Compare two strings using natural sorting (numeric-aware, case-insensitive).
@@ -43,10 +45,7 @@ export declare function localeCompare(x: string, y: string): number;
  * naturalCompare('img10', 'img2')    // positive (img10 after img2)
  * ```
  */
-/*@__NO_SIDE_EFFECTS__*/
 export declare function naturalCompare(x: string, y: string): number;
-// Type for fast-sort sorter function.
-type FastSortFunction = ReturnType<typeof import('fast-sort').createNewSortInstance>;
 /**
  * Sort an array using natural comparison.
  *
@@ -56,6 +55,5 @@ type FastSortFunction = ReturnType<typeof import('fast-sort').createNewSortInsta
  * // ['file1', 'file2', 'file10']
  * ```
  */
-/*@__NO_SIDE_EFFECTS__*/
 export declare function naturalSorter<T>(arrayToSort: T[]): ReturnType<FastSortFunction>;
 export {};

package/dist/sorts.js

@@ -1,5 +1,6 @@
 "use strict";
 /* Socket Lib - Built with esbuild */
+"use strict";
 var __defProp = Object.defineProperty;
 var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
 var __getOwnPropNames = Object.getOwnPropertyNames;
@@ -26,20 +27,23 @@ __export(sorts_exports, {
   naturalSorter: () => naturalSorter
 });
 module.exports = __toCommonJS(sorts_exports);
-let _semver;
-function getSemver() {
-  if (_semver === void 0) {
-    _semver = require("./external/semver.js");
-  }
-  return _semver;
-}
 let _fastSort;
+let _localeCompare;
+let _naturalCompare;
+let _naturalSorter;
+let _semver;
 function getFastSort() {
   if (_fastSort === void 0) {
     _fastSort = require("./external/fast-sort.js");
   }
   return _fastSort;
 }
+function getSemver() {
+  if (_semver === void 0) {
+    _semver = require("./external/semver.js");
+  }
+  return _semver;
+}
 // @__NO_SIDE_EFFECTS__
 function compareSemver(a, b) {
   const semver = getSemver();
@@ -60,7 +64,6 @@ function compareSemver(a, b) {
 function compareStr(a, b) {
   return a < b ? -1 : a > b ? 1 : 0;
 }
-let _localeCompare;
 // @__NO_SIDE_EFFECTS__
 function localeCompare(x, y) {
   if (_localeCompare === void 0) {
@@ -68,7 +71,6 @@ function localeCompare(x, y) {
   }
   return _localeCompare(x, y);
 }
-let _naturalCompare;
 // @__NO_SIDE_EFFECTS__
 function naturalCompare(x, y) {
   if (_naturalCompare === void 0) {
@@ -89,7 +91,6 @@ function naturalCompare(x, y) {
   }
   return _naturalCompare(x, y);
 }
-let _naturalSorter;
 // @__NO_SIDE_EFFECTS__
 function naturalSorter(arrayToSort) {
   if (_naturalSorter === void 0) {

package/dist/spawn.d.ts

@@ -1,5 +1,32 @@
+/**
+ * @fileoverview Child process spawning utilities with cross-platform support.
+ * Provides enhanced spawn functionality with stdio handling and error management.
+ *
+ * SECURITY: Array-Based Arguments Prevent Command Injection
+ *
+ * This module uses array-based arguments for all command execution, which is the
+ * PRIMARY DEFENSE against command injection attacks. When you pass arguments as
+ * an array to spawn():
+ *
+ *   spawn('npx', ['sfw', tool, ...args], { shell: true })
+ *
+ * Node.js handles escaping automatically. Each argument is passed directly to the
+ * OS without shell interpretation. Shell metacharacters like ; | & $ ( ) ` are
+ * treated as LITERAL STRINGS, not as commands. This approach is secure even when
+ * shell: true is used on Windows for .cmd/.bat file resolution.
+ *
+ * UNSAFE ALTERNATIVE (not used in this codebase):
+ *   spawn(`npx sfw ${tool} ${args.join(' ')}`, { shell: true })  // ✖ VULNERABLE
+ *
+ * String concatenation allows injection. For example, if tool = "foo; rm -rf /",
+ * the shell would execute both commands. Array-based arguments prevent this.
+ *
+ * References:
+ * - https://nodejs.org/api/child_process.html#child_processspawncommand-args-options
+ * - https://cheatsheetseries.owasp.org/cheatsheets/Nodejs_Security_Cheat_Sheet.html
+ */
+import type { SendHandle, Serializable, StdioOptions } from 'node:child_process';
 import type { EventEmitter } from 'node:events';
-// Define BufferEncoding type for TypeScript compatibility.
 type BufferEncoding = globalThis.BufferEncoding;
 /**
  * Options for spawning a child process with promise-based completion.
@@ -158,69 +185,11 @@ export interface SpawnSyncReturns<T> {
     signal: NodeJS.Signals | null;
     error?: Error | undefined;
 }
-/**
- * Enhances spawn error with better context.
- * Converts generic "command failed" to detailed error with command, exit code, and stderr.
- *
- * @example
- * ```typescript
- * try {
- *   await spawn('git', ['status'])
- * } catch (err) {
- *   throw enhanceSpawnError(err)
- * }
- * ```
- */
-/*@__NO_SIDE_EFFECTS__*/
-export declare function enhanceSpawnError(error: unknown): unknown;
-/**
- * Check if a value is a spawn error with expected error properties.
- * Tests for common error properties from child process failures.
- *
- * @param {unknown} value - Value to check
- * @returns {boolean} `true` if the value has spawn error properties
- *
- * @example
- * try {
- *   await spawn('nonexistent-command')
- * } catch (error) {
- *   if (isSpawnError(error)) {
- *     console.error(`Spawn failed: ${error.code}`)
- *   }
- * }
- */
-/*@__NO_SIDE_EFFECTS__*/
-export declare function isSpawnError(value: unknown): value is SpawnError;
-/**
- * Check if stdio configuration matches a specific type.
- * When called with one argument, validates if it's a valid stdio type.
- * When called with two arguments, checks if the stdio config matches the specified type.
- *
- * @param {string | string[]} stdio - Stdio configuration to check
- * @param {StdioType | undefined} type - Expected stdio type (optional)
- * @returns {boolean} `true` if stdio matches the type or is valid
- *
- * @example
- * // Check if valid stdio type
- * isStdioType('pipe') // true
- * isStdioType('invalid') // false
- *
- * @example
- * // Check if stdio matches specific type
- * isStdioType('pipe', 'pipe') // true
- * isStdioType(['pipe', 'pipe', 'pipe'], 'pipe') // true
- * isStdioType('ignore', 'pipe') // false
- */
-/*@__NO_SIDE_EFFECTS__*/
-export declare function isStdioType(stdio: string | string[], type?: StdioType | undefined): boolean;
-/*@__NO_SIDE_EFFECTS__*/
-// Duplicated from Node.js child_process.SpawnOptions
-// These are the options passed to child_process.spawn()
 interface NodeSpawnOptions {
     cwd?: string | URL | undefined;
     env?: NodeJS.ProcessEnv | undefined;
     argv0?: string | undefined;
-    stdio?: any;
+    stdio?: StdioOptions | undefined;
     detached?: boolean | undefined;
     uid?: number | undefined;
     gid?: number | undefined;
@@ -232,13 +201,11 @@ interface NodeSpawnOptions {
     timeout?: number | undefined;
     killSignal?: NodeJS.Signals | number | undefined;
 }
-// Duplicated from Node.js child_process.ChildProcess
-// This represents a spawned child process
 interface ChildProcess extends EventEmitter {
     stdin: NodeJS.WritableStream | null;
     stdout: NodeJS.ReadableStream | null;
     stderr: NodeJS.ReadableStream | null;
-    readonly channel?: any;
+    readonly channel?: unknown;
     readonly stdio: [
         NodeJS.WritableStream | null,
         NodeJS.ReadableStream | null,
@@ -254,14 +221,15 @@ interface ChildProcess extends EventEmitter {
     readonly spawnargs: string[];
     readonly spawnfile: string;
     kill(signal?: NodeJS.Signals | number): boolean;
-    send(message: any, callback?: (error: Error | null) => void): boolean;
-    send(message: any, sendHandle?: any | undefined, callback?: (error: Error | null) => void): boolean;
-    send(message: any, sendHandle?: any | undefined, options?: any | undefined, callback?: (error: Error | null) => void): boolean;
+    send(message: Serializable, callback?: (error: Error | null) => void): boolean;
+    send(message: Serializable, sendHandle?: SendHandle | undefined, callback?: (error: Error | null) => void): boolean;
+    send(message: Serializable, sendHandle?: SendHandle | undefined, options?: {
+        keepOpen?: boolean | undefined;
+    } | undefined, callback?: (error: Error | null) => void): boolean;
     disconnect(): void;
     unref(): void;
     ref(): void;
 }
-// Duplicated from Node.js stream.Writable
 interface WritableStreamType {
     writable: boolean;
     writableEnded: boolean;
@@ -271,11 +239,11 @@ interface WritableStreamType {
     writableObjectMode: boolean;
     writableCorked: number;
     destroyed: boolean;
-    write(chunk: any, encoding?: BufferEncoding | undefined, callback?: (error?: Error | null) => void): boolean;
-    write(chunk: any, callback?: (error?: Error | null) => void): boolean;
+    write(chunk: unknown, encoding?: BufferEncoding | undefined, callback?: (error?: Error | null) => void): boolean;
+    write(chunk: unknown, callback?: (error?: Error | null) => void): boolean;
     end(cb?: () => void): this;
-    end(chunk: any, cb?: () => void): this;
-    end(chunk: any, encoding?: BufferEncoding | undefined, cb?: () => void): this;
+    end(chunk: unknown, cb?: () => void): this;
+    end(chunk: unknown, encoding?: BufferEncoding | undefined, cb?: () => void): this;
     cork(): void;
     uncork(): void;
     destroy(error?: Error | undefined): this;
@@ -321,6 +289,63 @@ export type SpawnStdioResult = {
     stdout: string | Buffer;
     stderr: string | Buffer;
 };
+/**
+ * Options for synchronously spawning a child process with {@link spawnSync}.
+ * Same as {@link SpawnOptions} but excludes the `spinner` property (not applicable for synchronous execution).
+ */
+export type SpawnSyncOptions = Omit<SpawnOptions, 'spinner'>;
+/**
+ * Enhances spawn error with better context.
+ * Converts generic "command failed" to detailed error with command, exit code, and stderr.
+ *
+ * @example
+ * ```typescript
+ * try {
+ *   await spawn('git', ['status'])
+ * } catch (err) {
+ *   throw enhanceSpawnError(err)
+ * }
+ * ```
+ */
+export declare function enhanceSpawnError(error: unknown): unknown;
+/**
+ * Check if a value is a spawn error with expected error properties.
+ * Tests for common error properties from child process failures.
+ *
+ * @param {unknown} value - Value to check
+ * @returns {boolean} `true` if the value has spawn error properties
+ *
+ * @example
+ * try {
+ *   await spawn('nonexistent-command')
+ * } catch (error) {
+ *   if (isSpawnError(error)) {
+ *     console.error(`Spawn failed: ${error.code}`)
+ *   }
+ * }
+ */
+export declare function isSpawnError(value: unknown): value is SpawnError;
+/**
+ * Check if stdio configuration matches a specific type.
+ * When called with one argument, validates if it's a valid stdio type.
+ * When called with two arguments, checks if the stdio config matches the specified type.
+ *
+ * @param {string | string[]} stdio - Stdio configuration to check
+ * @param {StdioType | undefined} type - Expected stdio type (optional)
+ * @returns {boolean} `true` if stdio matches the type or is valid
+ *
+ * @example
+ * // Check if valid stdio type
+ * isStdioType('pipe') // true
+ * isStdioType('invalid') // false
+ *
+ * @example
+ * // Check if stdio matches specific type
+ * isStdioType('pipe', 'pipe') // true
+ * isStdioType(['pipe', 'pipe', 'pipe'], 'pipe') // true
+ * isStdioType('ignore', 'pipe') // false
+ */
+export declare function isStdioType(stdio: string | string[], type?: StdioType | undefined): boolean;
 /**
  * Spawn a child process and return a promise that resolves when it completes.
  * Provides enhanced error handling, output capture, and cross-platform support.
@@ -384,12 +409,6 @@ export type SpawnStdioResult = {
  * }
  */
 export declare function spawn(cmd: string, args?: string[] | readonly string[], options?: SpawnOptions | undefined, extra?: SpawnExtra | undefined): SpawnResult;
-/*@__NO_SIDE_EFFECTS__*/
-/**
- * Options for synchronously spawning a child process with {@link spawnSync}.
- * Same as {@link SpawnOptions} but excludes the `spinner` property (not applicable for synchronous execution).
- */
-export type SpawnSyncOptions = Omit<SpawnOptions, 'spinner'>;
 /**
  * Synchronously spawn a child process and wait for it to complete.
  * Blocks execution until the process exits, returning all output and exit information.