@socketsecurity/lib 5.26.0 → 5.26.1

package/dist/dlx/arborist.js

@@ -37,6 +37,7 @@ __export(arborist_exports, {
 module.exports = __toCommonJS(arborist_exports);
 var import_arborist = __toESM(require("../external/@npmcli/arborist"));
 var import_socket = require("../paths/socket");
+var import_primordials = require("../primordials");
 let _fs;
 // @__NO_SIDE_EFFECTS__
 function getFs() {
@@ -70,11 +71,11 @@ function getBaseArboristOptions(installPath, quiet) {
 function readSingleDependency(packageJsonPath) {
   const fs = /* @__PURE__ */ getFs();
   const raw = fs.readFileSync(packageJsonPath, "utf8");
-  const pkg = JSON.parse(raw);
+  const pkg = (0, import_primordials.JSONParse)(raw);
   const deps = pkg.dependencies ?? {};
-  const names = Object.keys(deps);
+  const names = (0, import_primordials.ObjectKeys)(deps);
   if (names.length !== 1) {
-    throw new Error(
+    throw new import_primordials.ErrorCtor(
       `safeIdealTree expects exactly one top-level dependency in ${packageJsonPath}, found ${names.length}`
     );
   }
@@ -84,7 +85,7 @@ function readTopLevelFromIdealTree(tree, targetName) {
   const root = tree;
   const inventory = root?.inventory;
   if (!inventory || typeof inventory.values !== "function") {
-    throw new Error("Arborist idealTree missing inventory");
+    throw new import_primordials.ErrorCtor("Arborist idealTree missing inventory");
   }
   for (const node of inventory.values()) {
     if (node.isProjectRoot) {
@@ -92,7 +93,7 @@ function readTopLevelFromIdealTree(tree, targetName) {
     }
     if (node.name === targetName && node.depth === 1) {
       if (!node.version || !node.integrity) {
-        throw new Error(
+        throw new import_primordials.ErrorCtor(
           `Arborist idealTree node for ${targetName} missing version/integrity`
         );
       }
@@ -103,7 +104,7 @@ function readTopLevelFromIdealTree(tree, targetName) {
       };
     }
   }
-  throw new Error(
+  throw new import_primordials.ErrorCtor(
     `Arborist idealTree inventory has no top-level node for ${targetName}`
   );
 }
@@ -145,7 +146,7 @@ async function writeSafeNpmrc(installPath, options) {
     ...options
   };
   if (minReleaseDays !== void 0 && minReleaseMins !== void 0) {
-    throw new Error(
+    throw new import_primordials.ErrorCtor(
       "writeSafeNpmrc: minReleaseDays and minReleaseMins are mutually exclusive"
     );
   }
@@ -158,10 +159,10 @@ async function writeSafeNpmrc(installPath, options) {
     "progress=false"
   ];
   if (minReleaseDays !== void 0) {
-    lines.push(`min-release-age=${minReleaseDays}`);
+    (0, import_primordials.ArrayPrototypePush)(lines, `min-release-age=${minReleaseDays}`);
   }
   if (minReleaseMins !== void 0) {
-    lines.push(`minimum-release-age=${minReleaseMins}`);
+    (0, import_primordials.ArrayPrototypePush)(lines, `minimum-release-age=${minReleaseMins}`);
   }
   await fs.promises.writeFile(
     path.join(installPath, ".npmrc"),

package/dist/dlx/binary.js

@@ -52,8 +52,10 @@ var import_normalize = require("../paths/normalize");
 var import_socket = require("../paths/socket");
 var import_process_lock = require("../process-lock");
 var import_spawn = require("../spawn");
+var import_crypto = require("../crypto");
 var import_cache = require("./cache");
 var import_integrity = require("./integrity");
+var import_primordials = require("../primordials");
 let _crypto;
 // @__NO_SIDE_EFFECTS__
 function getCrypto() {
@@ -85,7 +87,7 @@ async function cleanDlxCache(maxAge = import_time.DLX_BINARY_CACHE_TTL) {
     return 0;
   }
   let cleaned = 0;
-  const now = Date.now();
+  const now = (0, import_primordials.DateNow)();
   const path = /* @__PURE__ */ getPath();
   const entries = await fs.promises.readdir(cacheDir);
   for (const entry of entries) {
@@ -96,7 +98,7 @@ async function cleanDlxCache(maxAge = import_time.DLX_BINARY_CACHE_TTL) {
         continue;
       }
       const metadata = await (0, import_fs.readJson)(metaPath, { throws: false });
-      if (!metadata || typeof metadata !== "object" || Array.isArray(metadata)) {
+      if (!metadata || typeof metadata !== "object" || (0, import_primordials.ArrayIsArray)(metadata)) {
         continue;
       }
       const timestamp = metadata["timestamp"];
@@ -122,7 +124,7 @@ async function dlxBinary(args, options, spawnExtra) {
   const {
     cacheTtl = import_time.DLX_BINARY_CACHE_TTL,
     force: userForce = false,
-    hash,
+    hash: hash2,
     integrity: rawIntegrity,
     name,
     sha256: rawSha256,
@@ -132,8 +134,8 @@ async function dlxBinary(args, options, spawnExtra) {
   } = { __proto__: null, ...options };
   let integrity = rawIntegrity;
   let sha256 = rawSha256;
-  if (hash !== void 0) {
-    const normalized = (0, import_integrity.normalizeHash)(hash);
+  if (hash2 !== void 0) {
+    const normalized = (0, import_integrity.normalizeHash)(hash2);
     if (normalized.type === "integrity") {
       integrity = normalized.value;
     } else {
@@ -155,7 +157,7 @@ async function dlxBinary(args, options, spawnExtra) {
     try {
       const metaPath = getBinaryCacheMetadataPath(cacheEntryDir);
       const metadata = await (0, import_fs.readJson)(metaPath, { throws: false });
-      if (metadata && typeof metadata === "object" && !Array.isArray(metadata) && typeof metadata["integrity"] === "string") {
+      if (metadata && typeof metadata === "object" && !(0, import_primordials.ArrayIsArray)(metadata) && typeof metadata["integrity"] === "string") {
         computedIntegrity = metadata["integrity"];
         if (!fs.existsSync(binaryPath)) {
           downloaded = true;
@@ -175,20 +177,20 @@ async function dlxBinary(args, options, spawnExtra) {
     } catch (e) {
       const code = e.code;
       if (code === "EACCES" || code === "EPERM") {
-        throw new Error(
+        throw new import_primordials.ErrorCtor(
           `Permission denied creating binary cache directory: ${cacheEntryDir}
 Please check directory permissions or run with appropriate access.`,
           { cause: e }
         );
       }
       if (code === "EROFS") {
-        throw new Error(
+        throw new import_primordials.ErrorCtor(
           `Cannot create binary cache directory on read-only filesystem: ${cacheEntryDir}
 Ensure the filesystem is writable or set SOCKET_DLX_DIR to a writable location.`,
           { cause: e }
         );
       }
-      throw new Error(
+      throw new import_primordials.ErrorCtor(
         `Failed to create binary cache directory: ${cacheEntryDir}`,
         { cause: e }
       );
@@ -228,7 +230,7 @@ async function downloadBinary(options) {
   const {
     cacheTtl = import_time.DLX_BINARY_CACHE_TTL,
     force = false,
-    hash,
+    hash: hash2,
     integrity: rawIntegrity,
     name,
     sha256: rawSha256,
@@ -236,8 +238,8 @@ async function downloadBinary(options) {
   } = { __proto__: null, ...options };
   let integrity = rawIntegrity;
   let sha256 = rawSha256;
-  if (hash !== void 0) {
-    const normalized = (0, import_integrity.normalizeHash)(hash);
+  if (hash2 !== void 0) {
+    const normalized = (0, import_integrity.normalizeHash)(hash2);
     if (normalized.type === "integrity") {
       integrity = normalized.value;
     } else {
@@ -261,20 +263,20 @@ async function downloadBinary(options) {
     } catch (e) {
       const code = e.code;
       if (code === "EACCES" || code === "EPERM") {
-        throw new Error(
+        throw new import_primordials.ErrorCtor(
           `Permission denied creating binary cache directory: ${cacheEntryDir}
 Please check directory permissions or run with appropriate access.`,
           { cause: e }
         );
       }
       if (code === "EROFS") {
-        throw new Error(
+        throw new import_primordials.ErrorCtor(
           `Cannot create binary cache directory on read-only filesystem: ${cacheEntryDir}
 Ensure the filesystem is writable or set SOCKET_DLX_DIR to a writable location.`,
           { cause: e }
         );
       }
-      throw new Error(
+      throw new import_primordials.ErrorCtor(
         `Failed to create binary cache directory: ${cacheEntryDir}`,
         { cause: e }
       );
@@ -313,8 +315,7 @@ async function downloadBinaryFile(url, destPath, integrity, sha256) {
         const stats = await fs.promises.stat(destPath);
         if (stats.size > 0) {
           const fileBuffer2 = await fs.promises.readFile(destPath);
-          const hash2 = crypto.createHash("sha512").update(fileBuffer2).digest("base64");
-          return `sha512-${hash2}`;
+          return `sha512-${(0, import_crypto.hash)("sha512", fileBuffer2, "base64")}`;
         }
       }
       try {
@@ -328,8 +329,7 @@ Check your internet connection or verify the URL is accessible.`,
         );
       }
       const fileBuffer = await fs.promises.readFile(destPath);
-      const hash = crypto.createHash("sha512").update(fileBuffer).digest("base64");
-      const actualIntegrity = `sha512-${hash}`;
+      const actualIntegrity = `sha512-${(0, import_crypto.hash)("sha512", fileBuffer, "base64")}`;
       if (integrity) {
         const integrityMatch = actualIntegrity.length === integrity.length && crypto.timingSafeEqual(
           Buffer.from(actualIntegrity),
@@ -383,7 +383,7 @@ async function isBinaryCacheValid(cacheEntryPath, cacheTtl) {
     if (!(0, import_objects.isObjectObject)(metadata)) {
       return false;
     }
-    const now = Date.now();
+    const now = (0, import_primordials.DateNow)();
     const timestamp = metadata["timestamp"];
     if (typeof timestamp !== "number" || timestamp <= 0) {
       return false;
@@ -404,7 +404,7 @@ async function listDlxCache() {
     return [];
   }
   const results = [];
-  const now = Date.now();
+  const now = (0, import_primordials.DateNow)();
   const path = /* @__PURE__ */ getPath();
   const entries = await fs.promises.readdir(cacheDir);
   for (const entry of entries) {
@@ -415,14 +415,17 @@ async function listDlxCache() {
       }
       const metaPath = getBinaryCacheMetadataPath(entryPath);
       const metadata = await (0, import_fs.readJson)(metaPath, { throws: false });
-      if (!metadata || typeof metadata !== "object" || Array.isArray(metadata)) {
+      if (!metadata || typeof metadata !== "object" || (0, import_primordials.ArrayIsArray)(metadata)) {
         continue;
       }
       const metaObj = metadata;
       const source = metaObj["source"];
       const url = source?.["url"] || metaObj["url"] || "";
       const files = await fs.promises.readdir(entryPath);
-      const binaryFile = files.find((f) => !f.startsWith("."));
+      const binaryFile = (0, import_primordials.ArrayPrototypeFind)(
+        files,
+        (f) => !(0, import_primordials.StringPrototypeStartsWith)(f, ".")
+      );
       if (binaryFile) {
         const binaryPath = path.join(entryPath, binaryFile);
         const binaryStats = await fs.promises.stat(binaryPath);
@@ -444,7 +447,7 @@ async function writeBinaryCacheMetadata(cacheEntryPath, cacheKey, url, integrity
   const metadata = {
     version: "1.0.0",
     cache_key: cacheKey,
-    timestamp: Date.now(),
+    timestamp: (0, import_primordials.DateNow)(),
     integrity,
     size,
     source: {

package/dist/dlx/cache.js

@@ -23,17 +23,9 @@ __export(cache_exports, {
   generateCacheKey: () => generateCacheKey
 });
 module.exports = __toCommonJS(cache_exports);
-let _crypto;
-// @__NO_SIDE_EFFECTS__
-function getCrypto() {
-  if (_crypto === void 0) {
-    _crypto = require("node:crypto");
-  }
-  return _crypto;
-}
+var import_crypto = require("../crypto");
 function generateCacheKey(spec) {
-  const crypto = /* @__PURE__ */ getCrypto();
-  return crypto.createHash("sha512").update(spec).digest("hex").substring(0, 16);
+  return (0, import_crypto.hash)("sha512", spec, "hex").substring(0, 16);
 }
 // Annotate the CommonJS export names for ESM import in node:
 0 && (module.exports = {

package/dist/dlx/detect.js

@@ -30,12 +30,13 @@ __export(detect_exports, {
 module.exports = __toCommonJS(detect_exports);
 var import_paths = require("./paths");
 var import_socket = require("../paths/socket");
+var import_primordials = require("../primordials");
 let _fs;
 let _path;
-const NODE_JS_EXTENSIONS = /* @__PURE__ */ new Set([".js", ".mjs", ".cjs"]);
+const NODE_JS_EXTENSIONS = new import_primordials.SetCtor([".js", ".mjs", ".cjs"]);
 const PACKAGE_JSON_PATH_CACHE_MAX_SIZE = 200;
 const PACKAGE_JSON_NEGATIVE_TTL_MS = 1e4;
-const packageJsonPathCache = /* @__PURE__ */ new Map();
+const packageJsonPathCache = new import_primordials.MapCtor();
 function packageJsonPathCacheSet(key, value) {
   if (packageJsonPathCache.has(key)) {
     packageJsonPathCache.delete(key);
@@ -47,7 +48,7 @@ function packageJsonPathCacheSet(key, value) {
   }
   packageJsonPathCache.set(key, { path: value, at: Date.now() });
 }
-const packageJsonContentCache = /* @__PURE__ */ new Map();
+const packageJsonContentCache = new import_primordials.MapCtor();
 function findPackageJson(filePath) {
   const fs = /* @__PURE__ */ getFs();
   const path = /* @__PURE__ */ getPath();
@@ -55,7 +56,7 @@ function findPackageJson(filePath) {
   const cached = packageJsonPathCache.get(startDir);
   if (cached !== void 0) {
     if (cached.path === null) {
-      if (Date.now() - cached.at < PACKAGE_JSON_NEGATIVE_TTL_MS) {
+      if ((0, import_primordials.DateNow)() - cached.at < PACKAGE_JSON_NEGATIVE_TTL_MS) {
         return void 0;
       }
       packageJsonPathCache.delete(startDir);
@@ -107,7 +108,7 @@ function readPackageJson(packageJsonPath) {
     return cached.content;
   }
   try {
-    const content = JSON.parse(fs.readFileSync(packageJsonPath, "utf8"));
+    const content = (0, import_primordials.JSONParse)(fs.readFileSync(packageJsonPath, "utf8"));
     packageJsonContentCache.set(packageJsonPath, { mtimeMs, content });
     return content;
   } catch {

package/dist/dlx/integrity.js

@@ -27,14 +27,16 @@ __export(integrity_exports, {
 });
 module.exports = __toCommonJS(integrity_exports);
 var import_node_crypto = require("node:crypto");
+var import_crypto = require("../crypto");
+var import_primordials = require("../primordials");
 const INTEGRITY_PREFIX = "sha512-";
 const INTEGRITY_BODY_RE = /^[A-Za-z0-9+/=]+$/;
 const CHECKSUM_RE = /^[a-f0-9]{64}$/i;
 function isIntegrityString(s) {
-  if (!s.startsWith(INTEGRITY_PREFIX)) {
+  if (!(0, import_primordials.StringPrototypeStartsWith)(s, INTEGRITY_PREFIX)) {
     return false;
   }
-  const body = s.slice(INTEGRITY_PREFIX.length);
+  const body = (0, import_primordials.StringPrototypeSlice)(s, INTEGRITY_PREFIX.length);
   return body.length > 0 && INTEGRITY_BODY_RE.test(body);
 }
 function isChecksumString(s) {
@@ -44,7 +46,7 @@ function normalizeHash(spec) {
   if (typeof spec === "object" && spec !== null) {
     if (spec.type === "integrity") {
       if (!isIntegrityString(spec.value)) {
-        throw new TypeError(
+        throw new import_primordials.TypeErrorCtor(
           `Expected SRI integrity string "sha512-<base64>", got: ${spec.value}`
         );
       }
@@ -52,18 +54,18 @@ function normalizeHash(spec) {
     }
     if (spec.type === "checksum") {
       if (!isChecksumString(spec.value)) {
-        throw new TypeError(
+        throw new import_primordials.TypeErrorCtor(
           `Expected sha256 hex string (64 hex chars), got: ${spec.value}`
         );
       }
       return { type: "checksum", value: spec.value };
     }
-    throw new TypeError(
+    throw new import_primordials.TypeErrorCtor(
       `Unknown hash type: ${spec.type}`
     );
   }
   if (typeof spec !== "string") {
-    throw new TypeError(
+    throw new import_primordials.TypeErrorCtor(
       `HashSpec must be a string or { type, value } object, got: ${typeof spec}`
     );
   }
@@ -73,19 +75,19 @@ function normalizeHash(spec) {
   if (isChecksumString(spec)) {
     return { type: "checksum", value: spec };
   }
-  throw new TypeError(
+  throw new import_primordials.TypeErrorCtor(
     `Unrecognized hash format. Expected SRI integrity ("sha512-<base64>") or sha256 hex (64 hex chars), got: ${spec}`
   );
 }
 function computeHashes(bytes) {
-  const integrity = `sha512-${(0, import_node_crypto.createHash)("sha512").update(bytes).digest("base64")}`;
-  const checksum = (0, import_node_crypto.createHash)("sha256").update(bytes).digest("hex");
+  const integrity = `sha512-${(0, import_crypto.hash)("sha512", bytes, "base64")}`;
+  const checksum = (0, import_crypto.hash)("sha256", bytes, "hex");
   return { integrity, checksum };
 }
 function verifyHash(expected, computed) {
   const actual = expected.type === "integrity" ? computed.integrity : computed.checksum;
-  const expectedBuf = Buffer.from(expected.value);
-  const actualBuf = Buffer.from(actual);
+  const expectedBuf = (0, import_primordials.BufferFrom)(expected.value);
+  const actualBuf = (0, import_primordials.BufferFrom)(actual);
   if (expectedBuf.length !== actualBuf.length || !(0, import_node_crypto.timingSafeEqual)(expectedBuf, actualBuf)) {
     throw new DlxHashMismatchError(expected, computed);
   }

package/dist/dlx/lockfile.js

@@ -40,6 +40,7 @@ var import_pacote = __toESM(require("../external/pacote"));
 var import_fs = require("../fs");
 var import_arborist = require("./arborist");
 var import_integrity = require("./integrity");
+var import_primordials = require("../primordials");
 let _fs;
 // @__NO_SIDE_EFFECTS__
 function getFs() {
@@ -64,18 +65,18 @@ class DlxLockfileError extends Error {
   }
 }
 function specName(spec) {
-  const atIdx = spec.lastIndexOf("@");
+  const atIdx = (0, import_primordials.StringPrototypeLastIndexOf)(spec, "@");
   if (atIdx <= 0) {
     return spec;
   }
-  return spec.slice(0, atIdx);
+  return (0, import_primordials.StringPrototypeSlice)(spec, 0, atIdx);
 }
 function specRange(spec) {
-  const atIdx = spec.lastIndexOf("@");
+  const atIdx = (0, import_primordials.StringPrototypeLastIndexOf)(spec, "@");
   if (atIdx <= 0) {
     return "latest";
   }
-  return spec.slice(atIdx + 1) || "latest";
+  return (0, import_primordials.StringPrototypeSlice)(spec, atIdx + 1) || "latest";
 }
 async function generatePackagePin(options) {
   const fs = /* @__PURE__ */ getFs();
@@ -91,14 +92,14 @@ async function generatePackagePin(options) {
   }
   const effectiveDays = minReleaseDays !== void 0 ? minReleaseDays : minReleaseMins !== void 0 ? void 0 : DEFAULT_MIN_RELEASE_DAYS;
   const ageMs = effectiveDays !== void 0 ? effectiveDays * 864e5 : minReleaseMins !== void 0 ? minReleaseMins * 6e4 : 0;
-  const before = ageMs > 0 ? new Date(Date.now() - ageMs) : void 0;
+  const before = ageMs > 0 ? new import_primordials.DateCtor((0, import_primordials.DateNow)() - ageMs) : void 0;
   const scratch = path.join(
     (0, import_node_os.tmpdir)(),
     `socket-lib-pin-${process.pid}-${Date.now()}`
   );
   await (0, import_fs.safeMkdir)(scratch, { recursive: true });
   try {
-    const packageJson = JSON.stringify(
+    const packageJson = (0, import_primordials.JSONStringify)(
       {
         name: "socket-lib-pin",
         version: "0.0.0",

package/dist/dlx/manifest.js

@@ -31,6 +31,7 @@ var import_fs = require("../fs");
 var import_logger = require("../logger");
 var import_socket = require("../paths/socket");
 var import_process_lock = require("../process-lock");
+var import_primordials = require("../primordials");
 let _fs;
 let _path;
 // @__NO_SIDE_EFFECTS__
@@ -78,7 +79,7 @@ class DlxManifest {
       if (!content) {
         return { __proto__: null };
       }
-      return JSON.parse(content);
+      return (0, import_primordials.JSONParse)(content);
     } catch (e) {
       logger.warn(`Failed to read manifest: ${(0, import_errors.errorMessage)(e)}`);
       return { __proto__: null };
@@ -95,7 +96,7 @@ class DlxManifest {
     } catch (e) {
       logger.warn(`Failed to create manifest directory: ${(0, import_errors.errorMessage)(e)}`);
     }
-    const content = JSON.stringify(data, null, 2);
+    const content = (0, import_primordials.JSONStringify)(data, null, 2);
     const tempPath = `${this.manifestPath}.tmp`;
     try {
       fs.writeFileSync(tempPath, content, "utf8");
@@ -170,8 +171,8 @@ class DlxManifest {
       if (!content) {
         return [];
       }
-      const data = JSON.parse(content);
-      return Object.keys(data);
+      const data = (0, import_primordials.JSONParse)(content);
+      return (0, import_primordials.ObjectKeys)(data);
     } catch (e) {
       logger.warn(`Failed to get package list: ${(0, import_errors.errorMessage)(e)}`);
       return [];
@@ -195,7 +196,7 @@ class DlxManifest {
     if (!record) {
       return false;
     }
-    const age = Date.now() - record.timestampFetch;
+    const age = (0, import_primordials.DateNow)() - record.timestampFetch;
     return age < ttlMs;
   }
   /**

package/dist/dlx/package.js

@@ -54,17 +54,18 @@ var import_socket2 = require("../paths/socket");
 var import_process_lock = require("../process-lock");
 var import_spawn = require("../spawn");
 var import_cache = require("./cache");
+var import_primordials = require("../primordials");
 let _fs;
 let _path;
 const rangeOperatorsRegExp = /[~^><=xX* ]|\|\|/;
 const FIREWALL_API_URL = "https://firewall-api.socket.dev/purl";
 const FIREWALL_TIMEOUT = 1e4;
-const FIREWALL_BLOCK_SEVERITIES = /* @__PURE__ */ new Set([
+const FIREWALL_BLOCK_SEVERITIES = new import_primordials.SetCtor([
   "critical",
   "high"
 ]);
 const BINARY_PATH_CACHE_MAX_SIZE = 200;
-const binaryPathCache = /* @__PURE__ */ new Map();
+const binaryPathCache = new import_primordials.MapCtor();
 function binaryPathCacheSet(key, value) {
   if (binaryPathCache.has(key)) {
     binaryPathCache.delete(key);
@@ -96,7 +97,7 @@ async function checkFirewallPurls(arb, requestedPackage) {
     return;
   }
   const blocked = [];
-  await Promise.allSettled(
+  await (0, import_primordials.PromiseAllSettled)(
     purls.map(async ({ name, purl, version }) => {
       try {
         const data = await (0, import_http_request.httpJson)(
@@ -126,7 +127,7 @@ async function checkFirewallPurls(arb, requestedPackage) {
   );
   if (blocked.length > 0) {
     const details = blocked.map((b) => `  ${b.name}@${b.version}: ${b.alerts.join(", ")}`).join("\n");
-    throw new Error(
+    throw new import_primordials.ErrorCtor(
       `Socket Firewall blocked installation of "${requestedPackage}".
 The following dependencies have security alerts:
 ${details}
@@ -175,7 +176,7 @@ async function downloadPackage(options) {
     ...options
   };
   const { name: packageName, version: packageVersion } = parsePackageSpec(packageSpec);
-  const isVersionRange = packageVersion !== void 0 && rangeOperatorsRegExp.test(packageVersion);
+  const isVersionRange = packageVersion !== void 0 && (0, import_primordials.RegExpPrototypeTest)(rangeOperatorsRegExp, packageVersion);
   const force = userForce !== void 0 ? userForce : yes === true ? true : isVersionRange;
   const fullPackageSpec = packageVersion ? `${packageName}@${packageVersion}` : packageName;
   const { installed, packageDir } = await ensurePackageInstalled(
@@ -205,20 +206,20 @@ async function ensurePackageInstalled(packageName, packageSpec, force, install)
   } catch (e) {
     const code = e.code;
     if (code === "EACCES" || code === "EPERM") {
-      throw new Error(
+      throw new import_primordials.ErrorCtor(
         `Permission denied creating package directory: ${packageDir}
 Please check directory permissions or run with appropriate access.`,
         { cause: e }
       );
     }
     if (code === "EROFS") {
-      throw new Error(
+      throw new import_primordials.ErrorCtor(
         `Cannot create package directory on read-only filesystem: ${packageDir}
 Ensure the filesystem is writable or set SOCKET_DLX_DIR to a writable location.`,
         { cause: e }
       );
     }
-    throw new Error(`Failed to create package directory: ${packageDir}`, {
+    throw new import_primordials.ErrorCtor(`Failed to create package directory: ${packageDir}`, {
       cause: e
     });
   }
@@ -334,7 +335,7 @@ function findBinaryPath(packageDir, packageName, binaryName) {
     binPath = bin;
   } else if (typeof bin === "object" && bin !== null) {
     const binObj = bin;
-    const binKeys = Object.keys(binObj);
+    const binKeys = (0, import_primordials.ObjectKeys)(binObj);
     if (binKeys.length === 1) {
       binName = binKeys[0];
       binPath = binObj[binName];
@@ -369,7 +370,7 @@ function findBinaryPath(packageDir, packageName, binaryName) {
     }
   }
   if (!binPath) {
-    throw new Error(`No binary found for package "${packageName}"`);
+    throw new import_primordials.ErrorCtor(`No binary found for package "${packageName}"`);
   }
   const rawPath = (0, import_normalize.normalizePath)(path.join(installedDir, binPath));
   return resolveBinaryPath(rawPath);
@@ -395,7 +396,7 @@ function makePackageBinsExecutable(packageDir, packageName) {
       binPaths.push(bin);
     } else if (typeof bin === "object" && bin !== null) {
       const binObj = bin;
-      binPaths.push(...Object.values(binObj));
+      binPaths.push(...(0, import_primordials.ObjectValues)(binObj));
     }
     for (const binPath of binPaths) {
       const fullPath = (0, import_normalize.normalizePath)(path.join(installedDir, binPath));
@@ -410,8 +411,8 @@ function makePackageBinsExecutable(packageDir, packageName) {
   }
 }
 function npmPurl(name, version) {
-  const encoded = name.startsWith("@") ? `%40${name.slice(1)}` : name;
-  const encodedVersion = version.replace(/\+/g, "%2B");
+  const encoded = (0, import_primordials.StringPrototypeStartsWith)(name, "@") ? `%40${(0, import_primordials.StringPrototypeSlice)(name, 1)}` : name;
+  const encodedVersion = (0, import_primordials.StringPrototypeReplace)(version, /\+/g, "%2B");
   return `pkg:npm/${encoded}@${encodedVersion}`;
 }
 function parsePackageSpec(spec) {
@@ -423,13 +424,13 @@ function parsePackageSpec(spec) {
       version
     };
   } catch {
-    const atIndex = spec.lastIndexOf("@");
+    const atIndex = (0, import_primordials.StringPrototypeLastIndexOf)(spec, "@");
     if (atIndex === -1 || atIndex === 0) {
       return { name: spec, version: void 0 };
     }
-    const sliced = spec.slice(atIndex + 1);
+    const sliced = (0, import_primordials.StringPrototypeSlice)(spec, atIndex + 1);
     return {
-      name: spec.slice(0, atIndex),
+      name: (0, import_primordials.StringPrototypeSlice)(spec, 0, atIndex),
       // A trailing `@` (e.g. `'pkg@'`) yields an empty slice — normalize
       // to undefined so downstream "no version" checks behave.
       version: sliced || void 0

package/dist/dlx/packages.js

@@ -30,6 +30,7 @@ module.exports = __toCommonJS(packages_exports);
 var import_fs = require("../fs");
 var import_socket = require("../paths/socket");
 var import_paths = require("./paths");
+var import_primordials = require("../primordials");
 let _fs;
 // @__NO_SIDE_EFFECTS__
 function getFs() {
@@ -55,7 +56,7 @@ async function listDlxPackagesAsync() {
     const entries = await fs.promises.readdir((0, import_socket.getSocketDlxDir)(), {
       withFileTypes: true
     });
-    return entries.filter((e) => e.isDirectory()).map((e) => e.name).sort();
+    return (0, import_primordials.ArrayPrototypeFilter)(entries, (e) => e.isDirectory()).map((e) => e.name).sort();
   } catch {
     return [];
   }
@@ -65,7 +66,7 @@ async function removeDlxPackage(packageName) {
   try {
     await (0, import_fs.safeDelete)(packageDir, { recursive: true, force: true });
   } catch (e) {
-    throw new Error(`Failed to remove DLX package "${packageName}"`, {
+    throw new import_primordials.ErrorCtor(`Failed to remove DLX package "${packageName}"`, {
       cause: e
     });
   }
@@ -77,7 +78,7 @@ function removeDlxPackageSync(packageName) {
   } catch (e) {
     const code = e.code;
     if (code === "EACCES" || code === "EPERM") {
-      throw new Error(
+      throw new import_primordials.ErrorCtor(
         `Permission denied removing DLX package "${packageName}"
 Directory: ${packageDir}
 To resolve:
@@ -89,14 +90,14 @@ To resolve:
       );
     }
     if (code === "EROFS") {
-      throw new Error(
+      throw new import_primordials.ErrorCtor(
         `Cannot remove DLX package "${packageName}" from read-only filesystem
 Directory: ${packageDir}
 The filesystem is mounted read-only.`,
         { cause: e }
       );
     }
-    throw new Error(
+    throw new import_primordials.ErrorCtor(
       `Failed to remove DLX package "${packageName}"
 Directory: ${packageDir}
 Check permissions and ensure no programs are using this directory.`,