@socketsecurity/lib 5.2.1 → 5.3.0

package/dist/releases/socket-btm.d.ts

@@ -1,156 +1,53 @@
-/**
- * Platform type for socket-btm binaries.
- */
-export type Platform = 'darwin' | 'linux' | 'win32';
-/**
- * Architecture type for socket-btm binaries.
- */
-export type Arch = 'arm64' | 'x64';
-/**
- * Linux libc variant.
- */
-export type Libc = 'musl' | 'glibc';
+import { type Arch, type Libc, type Platform } from '../constants/platform.js';
+export type { Arch, Libc, Platform };
 /**
  * Configuration for downloading socket-btm binary releases.
  */
 export interface SocketBtmBinaryConfig {
-    /**
-     * Working directory (defaults to process.cwd()).
-     */
+    /** Working directory (defaults to process.cwd()). */
     cwd?: string;
-    /**
-     * Download destination directory.
-     * Can be absolute or relative to cwd.
-     * @default 'build/downloaded' (relative to cwd)
-     *
-     * Inspired by: gh release download --dir
-     */
+    /** Download destination directory. @default 'build/downloaded' */
     downloadDir?: string;
-    /**
-     * Tool/package name for directory structure and release matching.
-     * Similar to: brew install <formula>, cargo install <crate>
-     *
-     * Examples: 'node-smol', 'binject', 'binflate'
-     *
-     * Used for:
-     * - Directory path: {downloadDir}/{tool}/{platformArch}/
-     * - Finding release: Searches for tags starting with '{tool}-'
-     */
+    /** Tool/package name for directory structure and release matching. */
     tool: string;
-    /**
-     * Binary/executable name (without extension).
-     * Similar to: brew formula→binary mapping (postgresql→psql, imagemagick→magick)
-     *
-     * Examples: 'node', 'binject', 'psql', 'magick'
-     *
-     * Used to construct:
-     * - Asset pattern: {bin}-{platform}-{arch}[-musl][.exe]
-     * - Output filename: {bin} or {bin}.exe
-     *
-     * Presence of this field indicates binary download (vs asset download).
-     *
-     * @default tool (e.g., 'binject'→'binject', but 'node-smol'→'node-smol')
-     */
+    /** Binary/executable name (without extension). @default tool */
     bin?: string;
-    /**
-     * Target platform (defaults to current platform).
-     */
+    /** Target platform (defaults to current platform). */
     targetPlatform?: Platform;
-    /**
-     * Target architecture (defaults to current arch).
-     */
+    /** Target architecture (defaults to current arch). */
     targetArch?: Arch;
-    /**
-     * Linux libc variant (musl or glibc).
-     * Defaults to musl for Linux for broader compatibility.
-     * Ignored for non-Linux platforms.
-     */
+    /** Linux libc variant. Auto-detected if not specified. */
     libc?: Libc;
-    /**
-     * Specific release tag to download.
-     * Inspired by: gh release download <tag>
-     *
-     * If not provided, downloads the latest release matching '{tool}-*' pattern.
-     *
-     * Examples: 'node-smol-20260105-c47753c', 'binject-20260106-1df5745'
-     */
+    /** Specific release tag to download. */
     tag?: string;
-    /**
-     * Suppress log messages.
-     * @default false
-     */
+    /** Suppress log messages. @default false */
     quiet?: boolean;
-    /**
-     * Remove macOS quarantine attribute after download.
-     * Only applies when downloading on macOS for macOS binaries.
-     * @default true
-     */
+    /** Remove macOS quarantine attribute after download. @default true */
     removeMacOSQuarantine?: boolean;
-    // Discriminator: presence of 'asset' means this is NOT a binary config
+    /** @internal Discriminator field */
     asset?: never;
 }
 /**
  * Configuration for downloading socket-btm generic assets.
  */
 export interface SocketBtmAssetConfig {
-    /**
-     * Working directory (defaults to process.cwd()).
-     */
+    /** Working directory (defaults to process.cwd()). */
     cwd?: string;
-    /**
-     * Download destination directory.
-     * Can be absolute or relative to cwd.
-     * @default 'build/downloaded' (relative to cwd)
-     *
-     * Inspired by: gh release download --dir
-     */
+    /** Download destination directory. @default 'build/downloaded' */
     downloadDir?: string;
-    /**
-     * Tool/package name for directory structure and release matching.
-     *
-     * Examples: 'yoga-layout', 'onnxruntime', 'models'
-     *
-     * Used for:
-     * - Directory path: {downloadDir}/{tool}/assets/
-     * - Finding release: Searches for tags starting with '{tool}-'
-     */
+    /** Tool/package name for directory structure and release matching. */
     tool: string;
-    /**
-     * Asset name pattern on GitHub.
-     * Inspired by: gh release download --pattern
-     *
-     * Examples: 'yoga-sync.mjs', 'ort-wasm-simd.wasm', '*.onnx'
-     *
-     * Presence of this field indicates asset download (vs binary download).
-     */
+    /** Asset name pattern on GitHub. */
     asset: string;
-    /**
-     * Output filename (e.g., 'yoga-sync.mjs').
-     * Inspired by: gh release download --output
-     *
-     * @default asset (uses the asset name as-is)
-     */
+    /** Output filename. @default asset */
     output?: string;
-    /**
-     * Specific release tag to download.
-     * Inspired by: gh release download <tag>
-     *
-     * If not provided, downloads the latest release matching '{tool}-*' pattern.
-     *
-     * Examples: 'yoga-layout-v20260106-a39285c', 'onnxruntime-v20260106-a39285c'
-     */
+    /** Specific release tag to download. */
     tag?: string;
-    /**
-     * Suppress log messages.
-     * @default false
-     */
+    /** Suppress log messages. @default false */
     quiet?: boolean;
-    /**
-     * Remove macOS quarantine attribute after download.
-     * @default false (not needed for non-executable assets)
-     */
+    /** Remove macOS quarantine attribute after download. @default false */
     removeMacOSQuarantine?: boolean;
-    // Discriminators: mutually exclusive with binary-specific fields
+    /** @internal Discriminator fields */
     bin?: never;
     targetPlatform?: never;
     targetArch?: never;
@@ -161,61 +58,43 @@ export interface SocketBtmAssetConfig {
  */
 export type SocketBtmReleaseConfig = SocketBtmBinaryConfig | SocketBtmAssetConfig;
 /**
- * Download a release from socket-btm.
+ * Detect the libc variant (musl or glibc) on Linux systems.
+ * Returns undefined for non-Linux platforms.
  *
- * Generic function for downloading any socket-btm binary or asset.
- * Handles both platform-specific binaries and generic assets.
+ * @returns 'musl', 'glibc', or undefined (for non-Linux)
+ */
+export declare function detectLibc(): Libc | undefined;
+/**
+ * Download a release from socket-btm.
  *
  * @param config - Download configuration
  * @returns Path to the downloaded file
+ */
+export declare function downloadSocketBtmRelease(config: SocketBtmReleaseConfig): Promise<string>;
+/**
+ * Get asset name for a socket-btm binary.
  *
- * @example
- * ```ts
- * // Binary: node-smol (like: brew install nodejs → node)
- * const nodePath = await downloadSocketBtmRelease({
- *   tool: 'node-smol',
- *   bin: 'node'
- * })
- *
- * // Binary: binject (like: cargo install binject → binject)
- * const binjectPath = await downloadSocketBtmRelease({
- *   tool: 'binject'
- * })
- *
- * // Binary: cross-platform
- * const binflatePath = await downloadSocketBtmRelease({
- *   tool: 'binflate',
- *   targetPlatform: 'linux',
- *   targetArch: 'x64',
- *   libc: 'musl'
- * })
- *
- * // Asset: WASM file
- * const yogaPath = await downloadSocketBtmRelease({
- *   tool: 'yoga-layout',
- *   asset: 'yoga-sync.mjs'
- * })
- *
- * // Asset: with custom output name
- * const ortPath = await downloadSocketBtmRelease({
- *   tool: 'onnxruntime',
- *   asset: 'ort-wasm-simd.wasm',
- *   output: 'ort.wasm'
- * })
+ * @param binaryBaseName - Binary basename (e.g., 'binject', 'node')
+ * @param platform - Target platform
+ * @param arch - Target architecture
+ * @param libc - Linux libc variant (optional)
+ * @returns Asset name (e.g., 'binject-darwin-arm64', 'node-linux-x64-musl')
+ */
+export declare function getBinaryAssetName(binaryBaseName: string, platform: Platform, arch: Arch, libc?: Libc | undefined): string;
+/**
+ * Get binary filename for output.
  *
- * // Custom paths (like: gh release download --dir)
- * await downloadSocketBtmRelease({
- *   tool: 'node-smol',
- *   bin: 'node',
- *   cwd: '/path/to/project',
- *   downloadDir: 'build/cache'
- * })
+ * @param binaryBaseName - Binary basename (e.g., 'node', 'binject')
+ * @param platform - Target platform
+ * @returns Binary filename (e.g., 'node', 'node.exe')
+ */
+export declare function getBinaryName(binaryBaseName: string, platform: Platform): string;
+/**
+ * Get platform-arch identifier for directory structure.
  *
- * // Specific version (like: gh release download <tag>)
- * await downloadSocketBtmRelease({
- *   tool: 'binject',
- *   tag: 'binject-20260106-1df5745'
- * })
- * ```
+ * @param platform - Target platform
+ * @param arch - Target architecture
+ * @param libc - Linux libc variant (optional)
+ * @returns Platform-arch identifier (e.g., 'darwin-arm64', 'linux-x64-musl')
  */
-export declare function downloadSocketBtmRelease(config: SocketBtmReleaseConfig): Promise<string>;
+export declare function getPlatformArch(platform: Platform, arch: Arch, libc?: Libc | undefined): string;

package/dist/releases/socket-btm.js

@@ -1,10 +1,8 @@
 "use strict";
 /* Socket Lib - Built with esbuild */
-var __create = Object.create;
 var __defProp = Object.defineProperty;
 var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
 var __getOwnPropNames = Object.getOwnPropertyNames;
-var __getProtoOf = Object.getPrototypeOf;
 var __hasOwnProp = Object.prototype.hasOwnProperty;
 var __export = (target, all) => {
   for (var name in all)
@@ -18,54 +16,43 @@ var __copyProps = (to, from, except, desc) => {
   }
   return to;
 };
-var __toESM = (mod, isNodeMode, target) => (target = mod != null ? __create(__getProtoOf(mod)) : {}, __copyProps(
-  // If the importer is in node compatibility mode or this is not an ESM
-  // file that has been converted to a CommonJS file using a Babel-
-  // compatible transform (i.e. "__esModule" has not been set), then set
-  // "default" to the CommonJS "module.exports" for node compatibility.
-  isNodeMode || !mod || !mod.__esModule ? __defProp(target, "default", { value: mod, enumerable: true }) : target,
-  mod
-));
 var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
 var socket_btm_exports = {};
 __export(socket_btm_exports, {
-  downloadSocketBtmRelease: () => downloadSocketBtmRelease
+  detectLibc: () => detectLibc,
+  downloadSocketBtmRelease: () => downloadSocketBtmRelease,
+  getBinaryAssetName: () => getBinaryAssetName,
+  getBinaryName: () => getBinaryName,
+  getPlatformArch: () => getPlatformArch
 });
 module.exports = __toCommonJS(socket_btm_exports);
-var import_node_os = __toESM(require("node:os"));
+var import_fs = require("fs");
+var import_platform = require("../constants/platform.js");
 var import_github = require("./github.js");
 const ARCH_MAP = {
   arm64: "arm64",
   x64: "x64"
 };
-function getBinaryAssetName(binaryBaseName, platform, arch, libc) {
-  const mappedArch = ARCH_MAP[arch];
-  if (!mappedArch) {
-    throw new Error(`Unsupported architecture: ${arch}`);
+function detectLibc() {
+  if ((0, import_platform.getPlatform)() !== "linux") {
+    return void 0;
   }
-  const muslSuffix = platform === "linux" && libc === "musl" ? "-musl" : "";
-  const ext = platform === "win32" ? ".exe" : "";
-  if (platform === "darwin") {
-    return `${binaryBaseName}-darwin-${mappedArch}${ext}`;
+  try {
+    const muslPaths = [
+      "/lib/ld-musl-x86_64.so.1",
+      "/lib/ld-musl-aarch64.so.1",
+      "/usr/lib/ld-musl-x86_64.so.1",
+      "/usr/lib/ld-musl-aarch64.so.1"
+    ];
+    for (const path of muslPaths) {
+      if ((0, import_fs.existsSync)(path)) {
+        return "musl";
+      }
+    }
+    return "glibc";
+  } catch {
+    return "glibc";
   }
-  if (platform === "linux") {
-    return `${binaryBaseName}-linux-${mappedArch}${muslSuffix}${ext}`;
-  }
-  if (platform === "win32") {
-    return `${binaryBaseName}-win-${mappedArch}${ext}`;
-  }
-  throw new Error(`Unsupported platform: ${platform}`);
-}
-function getPlatformArch(platform, arch, libc) {
-  const mappedArch = ARCH_MAP[arch];
-  if (!mappedArch) {
-    throw new Error(`Unsupported architecture: ${arch}`);
-  }
-  const muslSuffix = platform === "linux" && libc === "musl" ? "-musl" : "";
-  return `${platform}-${mappedArch}${muslSuffix}`;
-}
-function getBinaryName(binaryBaseName, platform) {
-  return platform === "win32" ? `${binaryBaseName}.exe` : binaryBaseName;
 }
 async function downloadSocketBtmRelease(config) {
   const { cwd, downloadDir, quiet = false, tag, tool } = config;
@@ -96,18 +83,20 @@ async function downloadSocketBtmRelease(config) {
   } else {
     const {
       bin,
-      libc,
+      libc = detectLibc(),
       removeMacOSQuarantine = true,
-      targetArch,
-      targetPlatform
+      targetArch = (0, import_platform.getArch)(),
+      targetPlatform = (0, import_platform.getPlatform)()
     } = config;
     const baseName = bin || tool;
-    const platform = targetPlatform || import_node_os.default.platform();
-    const arch = targetArch || import_node_os.default.arch();
-    const libcType = libc || (platform === "linux" ? "musl" : void 0);
-    const assetName = getBinaryAssetName(baseName, platform, arch, libcType);
-    const platformArch = getPlatformArch(platform, arch, libcType);
-    const binaryName = getBinaryName(baseName, platform);
+    const assetName = getBinaryAssetName(
+      baseName,
+      targetPlatform,
+      targetArch,
+      libc
+    );
+    const platformArch = getPlatformArch(targetPlatform, targetArch, libc);
+    const binaryName = getBinaryName(baseName, targetPlatform);
     downloadConfig = {
       owner: import_github.SOCKET_BTM_REPO.owner,
       repo: import_github.SOCKET_BTM_REPO.repo,
@@ -125,7 +114,40 @@ async function downloadSocketBtmRelease(config) {
   }
   return await (0, import_github.downloadGitHubRelease)(downloadConfig);
 }
+function getBinaryAssetName(binaryBaseName, platform, arch, libc) {
+  const mappedArch = ARCH_MAP[arch];
+  if (!mappedArch) {
+    throw new Error(`Unsupported architecture: ${arch}`);
+  }
+  const muslSuffix = platform === "linux" && libc === "musl" ? "-musl" : "";
+  const ext = platform === "win32" ? ".exe" : "";
+  if (platform === "darwin") {
+    return `${binaryBaseName}-darwin-${mappedArch}${ext}`;
+  }
+  if (platform === "linux") {
+    return `${binaryBaseName}-linux-${mappedArch}${muslSuffix}${ext}`;
+  }
+  if (platform === "win32") {
+    return `${binaryBaseName}-win-${mappedArch}${ext}`;
+  }
+  throw new Error(`Unsupported platform: ${platform}`);
+}
+function getBinaryName(binaryBaseName, platform) {
+  return platform === "win32" ? `${binaryBaseName}.exe` : binaryBaseName;
+}
+function getPlatformArch(platform, arch, libc) {
+  const mappedArch = ARCH_MAP[arch];
+  if (!mappedArch) {
+    throw new Error(`Unsupported architecture: ${arch}`);
+  }
+  const muslSuffix = platform === "linux" && libc === "musl" ? "-musl" : "";
+  return `${platform}-${mappedArch}${muslSuffix}`;
+}
 // Annotate the CommonJS export names for ESM import in node:
 0 && (module.exports = {
-  downloadSocketBtmRelease
+  detectLibc,
+  downloadSocketBtmRelease,
+  getBinaryAssetName,
+  getBinaryName,
+  getPlatformArch
 });

package/dist/signal-exit.js

@@ -35,7 +35,7 @@ let _events;
 // @__NO_SIDE_EFFECTS__
 function getEvents() {
   if (_events === void 0) {
-    _events = require("node:events");
+    _events = require("events");
   }
   return _events;
 }

package/dist/spawn.js

@@ -51,7 +51,7 @@ let _child_process;
 // @__NO_SIDE_EFFECTS__
 function getChildProcess() {
   if (_child_process === void 0) {
-    _child_process = require("node:child_process");
+    _child_process = require("child_process");
   }
   return _child_process;
 }

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@socketsecurity/lib",
-  "version": "5.2.1",
+  "version": "5.3.0",
   "packageManager": "pnpm@10.27.0",
   "license": "MIT",
   "description": "Core utilities and infrastructure for Socket.dev security tools",
@@ -722,7 +722,7 @@
     "@socketregistry/is-unicode-supported": "1.0.5",
     "@socketregistry/packageurl-js": "1.3.5",
     "@socketregistry/yocto-spinner": "1.0.25",
-    "@socketsecurity/lib-stable": "npm:@socketsecurity/lib@5.2.0",
+    "@socketsecurity/lib-stable": "npm:@socketsecurity/lib@5.2.1",
     "@types/node": "24.9.2",
     "@typescript/native-preview": "7.0.0-dev.20250920.1",
     "@vitest/coverage-v8": "4.0.3",