@socketsecurity/lib 5.3.0 → 5.4.0

package/dist/process-lock.js

@@ -22,11 +22,20 @@ __export(process_lock_exports, {
   processLock: () => processLock
 });
 module.exports = __toCommonJS(process_lock_exports);
-var import_fs = require("fs");
-var import_fs2 = require("./fs");
+var import_fs = require("./fs");
 var import_logger = require("./logger");
 var import_promises = require("./promises");
 var import_signal_exit = require("./signal-exit");
+let _fs;
+// @__NO_SIDE_EFFECTS__
+function getFs() {
+  if (_fs === void 0) {
+    _fs = require("fs");
+  }
+  return _fs;
+}
+const fs = /* @__PURE__ */ getFs();
+const { existsSync, mkdirSync, statSync, utimesSync } = fs;
 const logger = (0, import_logger.getDefaultLogger)();
 class ProcessLockManager {
   activeLocks = /* @__PURE__ */ new Set();
@@ -47,8 +56,8 @@ class ProcessLockManager {
       this.touchTimers.clear();
       for (const lockPath of this.activeLocks) {
         try {
-          if ((0, import_fs.existsSync)(lockPath)) {
-            (0, import_fs2.safeDeleteSync)(lockPath, { recursive: true });
+          if (existsSync(lockPath)) {
+            (0, import_fs.safeDeleteSync)(lockPath, { recursive: true });
           }
         } catch {
         }
@@ -64,9 +73,9 @@ class ProcessLockManager {
    */
   touchLock(lockPath) {
     try {
-      if ((0, import_fs.existsSync)(lockPath)) {
+      if (existsSync(lockPath)) {
         const now = /* @__PURE__ */ new Date();
-        (0, import_fs.utimesSync)(lockPath, now, now);
+        utimesSync(lockPath, now, now);
       }
     } catch (error) {
       logger.warn(
@@ -114,10 +123,10 @@ class ProcessLockManager {
    */
   isStale(lockPath, staleMs) {
     try {
-      if (!(0, import_fs.existsSync)(lockPath)) {
+      if (!existsSync(lockPath)) {
         return false;
       }
-      const stats = (0, import_fs.statSync)(lockPath);
+      const stats = statSync(lockPath);
       const ageSeconds = Math.floor((Date.now() - stats.mtime.getTime()) / 1e3);
       const staleSeconds = Math.floor(staleMs / 1e3);
       return ageSeconds > staleSeconds;
@@ -160,17 +169,17 @@ class ProcessLockManager {
     return await (0, import_promises.pRetry)(
       async () => {
         try {
-          if ((0, import_fs.existsSync)(lockPath) && this.isStale(lockPath, staleMs)) {
+          if (existsSync(lockPath) && this.isStale(lockPath, staleMs)) {
             logger.log(`Removing stale lock: ${lockPath}`);
             try {
-              (0, import_fs2.safeDeleteSync)(lockPath, { recursive: true });
+              (0, import_fs.safeDeleteSync)(lockPath, { recursive: true });
             } catch {
             }
           }
-          if ((0, import_fs.existsSync)(lockPath)) {
+          if (existsSync(lockPath)) {
             throw new Error(`Lock already exists: ${lockPath}`);
           }
-          (0, import_fs.mkdirSync)(lockPath, { recursive: true });
+          mkdirSync(lockPath, { recursive: true });
           this.activeLocks.add(lockPath);
           this.startTouchTimer(lockPath, touchIntervalMs);
           return () => this.release(lockPath);
@@ -246,8 +255,8 @@ To resolve:
   release(lockPath) {
     this.stopTouchTimer(lockPath);
     try {
-      if ((0, import_fs.existsSync)(lockPath)) {
-        (0, import_fs2.safeDeleteSync)(lockPath, { recursive: true });
+      if (existsSync(lockPath)) {
+        (0, import_fs.safeDeleteSync)(lockPath, { recursive: true });
       }
       this.activeLocks.delete(lockPath);
     } catch (error) {

package/dist/releases/github.d.ts

@@ -1,69 +1,84 @@
 /**
- * Socket-btm GitHub repository configuration.
- */
-export declare const SOCKET_BTM_REPO: {
-    readonly owner: "SocketDev";
-    readonly repo: "socket-btm";
-};
-/**
- * Configuration for repository access.
+ * Pattern for matching release assets.
+ * Can be either:
+ * - A string with glob pattern syntax
+ * - A prefix/suffix pair for explicit matching (backward compatible)
+ * - A RegExp for complex patterns
+ *
+ * String patterns support full glob syntax via picomatch.
+ * Examples:
+ * - Simple wildcard: yoga-sync-*.mjs matches yoga-sync-abc123.mjs
+ * - Complex: models-*.tar.gz matches models-2024-01-15.tar.gz
+ * - Prefix wildcard: *-models.tar.gz matches foo-models.tar.gz
+ * - Suffix wildcard: yoga-* matches yoga-layout
+ * - Brace expansion: {yoga,models}-*.{mjs,js} matches yoga-abc.mjs or models-xyz.js
+ *
+ * For backward compatibility, prefix/suffix objects are still supported but glob patterns are recommended.
  */
-export interface RepoConfig {
-    /**
-     * GitHub repository owner/organization.
-     */
-    owner: string;
-    /**
-     * GitHub repository name.
-     */
-    repo: string;
-}
+export type AssetPattern = string | {
+    prefix: string;
+    suffix: string;
+} | RegExp;
 /**
  * Configuration for downloading a GitHub release.
  */
 export interface DownloadGitHubReleaseConfig {
-    /** GitHub repository owner/organization. */
-    owner: string;
-    /** GitHub repository name. */
-    repo: string;
+    /** Asset name on GitHub. */
+    assetName: string;
+    /** Binary filename (e.g., 'node', 'binject'). */
+    binaryName: string;
     /** Working directory (defaults to process.cwd()). */
     cwd?: string;
     /** Download destination directory. @default 'build/downloaded' */
     downloadDir?: string;
-    /** Tool name for directory structure. */
-    toolName: string;
+    /** GitHub repository owner/organization. */
+    owner: string;
     /** Platform-arch identifier (e.g., 'linux-x64-musl'). */
     platformArch: string;
-    /** Binary filename (e.g., 'node', 'binject'). */
-    binaryName: string;
-    /** Asset name on GitHub. */
-    assetName: string;
-    /** Tool prefix for finding latest release. */
-    toolPrefix?: string;
-    /** Specific release tag to download. */
-    tag?: string;
     /** Suppress log messages. @default false */
     quiet?: boolean;
     /** Remove macOS quarantine attribute after download. @default true */
     removeMacOSQuarantine?: boolean;
+    /** GitHub repository name. */
+    repo: string;
+    /** Specific release tag to download. */
+    tag?: string;
+    /** Tool name for directory structure. */
+    toolName: string;
+    /** Tool prefix for finding latest release. */
+    toolPrefix?: string;
 }
 /**
- * Download a binary from any GitHub repository with version caching.
- *
- * @param config - Download configuration
- * @returns Path to the downloaded binary
+ * Configuration for repository access.
  */
-export declare function downloadGitHubRelease(config: DownloadGitHubReleaseConfig): Promise<string>;
+export interface RepoConfig {
+    /**
+     * GitHub repository owner/organization.
+     */
+    owner: string;
+    /**
+     * GitHub repository name.
+     */
+    repo: string;
+}
+/**
+ * Socket-btm GitHub repository configuration.
+ */
+export declare const SOCKET_BTM_REPO: {
+    readonly owner: "SocketDev";
+    readonly repo: "socket-btm";
+};
 /**
  * Download a specific release asset.
+ * Supports pattern matching for dynamic asset discovery.
  *
  * @param tag - Release tag name
- * @param assetName - Asset name to download
+ * @param assetPattern - Asset name or pattern (glob string, prefix/suffix object, or RegExp)
  * @param outputPath - Path to write the downloaded file
  * @param repoConfig - Repository configuration (owner/repo)
  * @param options - Additional options
  */
-export declare function downloadReleaseAsset(tag: string, assetName: string, outputPath: string, repoConfig: RepoConfig, options?: {
+export declare function downloadReleaseAsset(tag: string, assetPattern: string | AssetPattern, outputPath: string, repoConfig: RepoConfig, options?: {
     quiet?: boolean;
 }): Promise<void>;
 /**
@@ -75,24 +90,35 @@ export declare function downloadReleaseAsset(tag: string, assetName: string, out
 export declare function getAuthHeaders(): Record<string, string>;
 /**
  * Get latest release tag matching a tool prefix.
+ * Optionally filter by releases containing a matching asset.
  *
  * @param toolPrefix - Tool name prefix to search for (e.g., 'node-smol-')
  * @param repoConfig - Repository configuration (owner/repo)
  * @param options - Additional options
+ * @param options.assetPattern - Optional pattern to filter releases by matching asset
  * @returns Latest release tag or null if not found
  */
 export declare function getLatestRelease(toolPrefix: string, repoConfig: RepoConfig, options?: {
+    assetPattern?: AssetPattern;
     quiet?: boolean;
 }): Promise<string | null>;
 /**
  * Get download URL for a specific release asset.
+ * Supports pattern matching for dynamic asset discovery.
  *
  * @param tag - Release tag name
- * @param assetName - Asset name to download
+ * @param assetPattern - Asset name or pattern (glob string, prefix/suffix object, or RegExp)
  * @param repoConfig - Repository configuration (owner/repo)
  * @param options - Additional options
  * @returns Browser download URL for the asset
  */
-export declare function getReleaseAssetUrl(tag: string, assetName: string, repoConfig: RepoConfig, options?: {
+export declare function getReleaseAssetUrl(tag: string, assetPattern: string | AssetPattern, repoConfig: RepoConfig, options?: {
     quiet?: boolean;
 }): Promise<string | null>;
+/**
+ * Download a binary from any GitHub repository with version caching.
+ *
+ * @param config - Download configuration
+ * @returns Path to the downloaded binary
+ */
+export declare function downloadGitHubRelease(config: DownloadGitHubReleaseConfig): Promise<string>;

package/dist/releases/github.js

@@ -1,8 +1,10 @@
 "use strict";
 /* Socket Lib - Built with esbuild */
+var __create = Object.create;
 var __defProp = Object.defineProperty;
 var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
 var __getOwnPropNames = Object.getOwnPropertyNames;
+var __getProtoOf = Object.getPrototypeOf;
 var __hasOwnProp = Object.prototype.hasOwnProperty;
 var __export = (target, all) => {
   for (var name in all)
@@ -16,6 +18,14 @@ var __copyProps = (to, from, except, desc) => {
   }
   return to;
 };
+var __toESM = (mod, isNodeMode, target) => (target = mod != null ? __create(__getProtoOf(mod)) : {}, __copyProps(
+  // If the importer is in node compatibility mode or this is not an ESM
+  // file that has been converted to a CommonJS file using a Babel-
+  // compatible transform (i.e. "__esModule" has not been set), then set
+  // "default" to the CommonJS "module.exports" for node compatibility.
+  isNodeMode || !mod || !mod.__esModule ? __defProp(target, "default", { value: mod, enumerable: true }) : target,
+  mod
+));
 var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
 var github_exports = {};
 __export(github_exports, {
@@ -27,26 +37,13 @@ __export(github_exports, {
   getReleaseAssetUrl: () => getReleaseAssetUrl
 });
 module.exports = __toCommonJS(github_exports);
-var import_fs = require("fs");
-var import_promises = require("fs/promises");
-var import_fs2 = require("../fs.js");
+var import_picomatch = __toESM(require("../external/picomatch.js"));
+var import_fs = require("../fs.js");
 var import_http_request = require("../http-request.js");
 var import_logger = require("../logger.js");
-var import_promises2 = require("../promises.js");
+var import_promises = require("../promises.js");
 var import_spawn = require("../spawn.js");
 const logger = (0, import_logger.getDefaultLogger)();
-let _path;
-// @__NO_SIDE_EFFECTS__
-function getPath() {
-  if (_path === void 0) {
-    _path = require("path");
-  }
-  return _path;
-}
-const SOCKET_BTM_REPO = {
-  owner: "SocketDev",
-  repo: "socket-btm"
-};
 const RETRY_CONFIG = Object.freeze({
   __proto__: null,
   // Exponential backoff: delay doubles with each retry (5s, 10s, 20s).
@@ -56,93 +53,52 @@ const RETRY_CONFIG = Object.freeze({
   // Maximum number of retry attempts (excluding initial request).
   retries: 2
 });
-async function downloadGitHubRelease(config) {
-  const {
-    assetName,
-    binaryName,
-    cwd = process.cwd(),
-    downloadDir = "build/downloaded",
-    owner,
-    platformArch,
-    quiet = false,
-    removeMacOSQuarantine = true,
-    repo,
-    tag: explicitTag,
-    toolName,
-    toolPrefix
-  } = config;
-  let tag;
-  if (explicitTag) {
-    tag = explicitTag;
-  } else if (toolPrefix) {
-    const latestTag = await getLatestRelease(
-      toolPrefix,
-      { owner, repo },
-      { quiet }
-    );
-    if (!latestTag) {
-      throw new Error(`No ${toolPrefix} release found in ${owner}/${repo}`);
-    }
-    tag = latestTag;
-  } else {
-    throw new Error("Either toolPrefix or tag must be provided");
-  }
-  const path = /* @__PURE__ */ getPath();
-  const resolvedDownloadDir = path.isAbsolute(downloadDir) ? downloadDir : path.join(cwd, downloadDir);
-  const binaryDir = path.join(resolvedDownloadDir, toolName, platformArch);
-  const binaryPath = path.join(binaryDir, binaryName);
-  const versionPath = path.join(binaryDir, ".version");
-  if ((0, import_fs.existsSync)(versionPath) && (0, import_fs.existsSync)(binaryPath)) {
-    const cachedVersion = (await (0, import_promises.readFile)(versionPath, "utf8")).trim();
-    if (cachedVersion === tag) {
-      if (!quiet) {
-        logger.info(`Using cached ${toolName} (${platformArch}): ${binaryPath}`);
-      }
-      return binaryPath;
-    }
+let _fs;
+let _path;
+function createMatcher(pattern) {
+  if (typeof pattern === "string") {
+    const isMatch = (0, import_picomatch.default)(pattern);
+    return (input) => isMatch(input);
   }
-  if (!quiet) {
-    logger.info(`Downloading ${toolName} for ${platformArch}...`);
+  if (pattern instanceof RegExp) {
+    return (input) => pattern.test(input);
   }
-  await downloadReleaseAsset(
-    tag,
-    assetName,
-    binaryPath,
-    { owner, repo },
-    { quiet }
-  );
-  const isWindows = binaryName.endsWith(".exe");
-  if (!isWindows) {
-    (0, import_fs.chmodSync)(binaryPath, 493);
-    if (removeMacOSQuarantine && process.platform === "darwin" && platformArch.startsWith("darwin")) {
-      try {
-        await (0, import_spawn.spawn)("xattr", ["-d", "com.apple.quarantine", binaryPath], {
-          stdio: "ignore"
-        });
-      } catch {
-      }
-    }
+  const { prefix, suffix } = pattern;
+  return (input) => input.startsWith(prefix) && input.endsWith(suffix);
+}
+// @__NO_SIDE_EFFECTS__
+function getFs() {
+  if (_fs === void 0) {
+    _fs = require("fs");
   }
-  await (0, import_promises.writeFile)(versionPath, tag, "utf8");
-  if (!quiet) {
-    logger.info(`Downloaded ${toolName} to ${binaryPath}`);
+  return _fs;
+}
+// @__NO_SIDE_EFFECTS__
+function getPath() {
+  if (_path === void 0) {
+    _path = require("path");
   }
-  return binaryPath;
+  return _path;
 }
-async function downloadReleaseAsset(tag, assetName, outputPath, repoConfig, options = {}) {
+const SOCKET_BTM_REPO = {
+  owner: "SocketDev",
+  repo: "socket-btm"
+};
+async function downloadReleaseAsset(tag, assetPattern, outputPath, repoConfig, options = {}) {
   const { owner, repo } = repoConfig;
   const { quiet = false } = options;
   const downloadUrl = await getReleaseAssetUrl(
     tag,
-    assetName,
+    assetPattern,
     { owner, repo },
     { quiet }
   );
   if (!downloadUrl) {
-    throw new Error(`Asset ${assetName} not found in release ${tag}`);
+    const patternDesc = typeof assetPattern === "string" ? assetPattern : "matching pattern";
+    throw new Error(`Asset ${patternDesc} not found in release ${tag}`);
   }
   const path = /* @__PURE__ */ getPath();
-  await (0, import_fs2.safeMkdir)(path.dirname(outputPath));
+  await (0, import_fs.safeMkdir)(path.dirname(outputPath));
   await (0, import_http_request.httpDownload)(downloadUrl, outputPath, {
     logger: quiet ? void 0 : logger,
     progressInterval: 10,
@@ -162,9 +118,10 @@ function getAuthHeaders() {
   return headers;
 }
 async function getLatestRelease(toolPrefix, repoConfig, options = {}) {
+  const { assetPattern, quiet = false } = options;
   const { owner, repo } = repoConfig;
-  const { quiet = false } = options;
-  return await (0, import_promises2.pRetry)(
+  const isMatch = assetPattern ? createMatcher(assetPattern) : void 0;
+  return await (0, import_promises.pRetry)(
     async () => {
       const response = await (0, import_http_request.httpRequest)(
         `https://api.github.com/repos/${owner}/${repo}/releases?per_page=100`,
@@ -177,13 +134,22 @@ async function getLatestRelease(toolPrefix, repoConfig, options = {}) {
       }
       const releases = JSON.parse(response.body.toString("utf8"));
       for (const release of releases) {
-        const { tag_name: tag } = release;
-        if (tag.startsWith(toolPrefix)) {
-          if (!quiet) {
-            logger.info(`Found release: ${tag}`);
+        const { assets, tag_name: tag } = release;
+        if (!tag.startsWith(toolPrefix)) {
+          continue;
+        }
+        if (isMatch) {
+          const hasMatchingAsset = assets.some(
+            (a) => isMatch(a.name)
+          );
+          if (!hasMatchingAsset) {
+            continue;
           }
-          return tag;
         }
+        if (!quiet) {
+          logger.info(`Found release: ${tag}`);
+        }
+        return tag;
       }
       if (!quiet) {
         logger.info(`No ${toolPrefix} release found in latest 100 releases`);
@@ -206,10 +172,11 @@ async function getLatestRelease(toolPrefix, repoConfig, options = {}) {
     }
   );
 }
-async function getReleaseAssetUrl(tag, assetName, repoConfig, options = {}) {
+async function getReleaseAssetUrl(tag, assetPattern, repoConfig, options = {}) {
   const { owner, repo } = repoConfig;
   const { quiet = false } = options;
-  return await (0, import_promises2.pRetry)(
+  const isMatch = typeof assetPattern === "string" && !assetPattern.includes("*") && !assetPattern.includes("{") ? (input) => input === assetPattern : createMatcher(assetPattern);
+  return await (0, import_promises.pRetry)(
     async () => {
       const response = await (0, import_http_request.httpRequest)(
         `https://api.github.com/repos/${owner}/${repo}/releases/tags/${tag}`,
@@ -222,13 +189,14 @@ async function getReleaseAssetUrl(tag, assetName, repoConfig, options = {}) {
       }
       const release = JSON.parse(response.body.toString("utf8"));
       const asset = release.assets.find(
-        (a) => a.name === assetName
+        (a) => isMatch(a.name)
       );
       if (!asset) {
-        throw new Error(`Asset ${assetName} not found in release ${tag}`);
+        const patternDesc = typeof assetPattern === "string" ? assetPattern : "matching pattern";
+        throw new Error(`Asset ${patternDesc} not found in release ${tag}`);
       }
       if (!quiet) {
-        logger.info(`Found asset: ${assetName}`);
+        logger.info(`Found asset: ${asset.name}`);
       }
       return asset.browser_download_url;
     },
@@ -248,6 +216,80 @@ async function getReleaseAssetUrl(tag, assetName, repoConfig, options = {}) {
     }
   );
 }
+async function downloadGitHubRelease(config) {
+  const {
+    assetName,
+    binaryName,
+    cwd = process.cwd(),
+    downloadDir = "build/downloaded",
+    owner,
+    platformArch,
+    quiet = false,
+    removeMacOSQuarantine = true,
+    repo,
+    tag: explicitTag,
+    toolName,
+    toolPrefix
+  } = config;
+  let tag;
+  if (explicitTag) {
+    tag = explicitTag;
+  } else if (toolPrefix) {
+    const latestTag = await getLatestRelease(
+      toolPrefix,
+      { owner, repo },
+      { quiet }
+    );
+    if (!latestTag) {
+      throw new Error(`No ${toolPrefix} release found in ${owner}/${repo}`);
+    }
+    tag = latestTag;
+  } else {
+    throw new Error("Either toolPrefix or tag must be provided");
+  }
+  const path = /* @__PURE__ */ getPath();
+  const resolvedDownloadDir = path.isAbsolute(downloadDir) ? downloadDir : path.join(cwd, downloadDir);
+  const binaryDir = path.join(resolvedDownloadDir, toolName, platformArch);
+  const binaryPath = path.join(binaryDir, binaryName);
+  const versionPath = path.join(binaryDir, ".version");
+  const fs = /* @__PURE__ */ getFs();
+  if (fs.existsSync(versionPath) && fs.existsSync(binaryPath)) {
+    const cachedVersion = (await fs.promises.readFile(versionPath, "utf8")).trim();
+    if (cachedVersion === tag) {
+      if (!quiet) {
+        logger.info(`Using cached ${toolName} (${platformArch}): ${binaryPath}`);
+      }
+      return binaryPath;
+    }
+  }
+  if (!quiet) {
+    logger.info(`Downloading ${toolName} for ${platformArch}...`);
+  }
+  await downloadReleaseAsset(
+    tag,
+    assetName,
+    binaryPath,
+    { owner, repo },
+    { quiet }
+  );
+  const isWindows = binaryName.endsWith(".exe");
+  if (!isWindows) {
+    fs.chmodSync(binaryPath, 493);
+    if (removeMacOSQuarantine && process.platform === "darwin" && platformArch.startsWith("darwin")) {
+      try {
+        await (0, import_spawn.spawn)("xattr", ["-d", "com.apple.quarantine", binaryPath], {
+          stdio: "ignore"
+        });
+      } catch {
+      }
+    }
+  }
+  await fs.promises.writeFile(versionPath, tag, "utf8");
+  if (!quiet) {
+    logger.info(`Downloaded ${toolName} to ${binaryPath}`);
+  }
+  return binaryPath;
+}
 // Annotate the CommonJS export names for ESM import in node:
 0 && (module.exports = {
   SOCKET_BTM_REPO,

package/dist/releases/socket-btm.d.ts

@@ -1,57 +1,64 @@
+/**
+ * @fileoverview Socket-btm release download utilities.
+ */
 import { type Arch, type Libc, type Platform } from '../constants/platform.js';
+import { type AssetPattern } from './github.js';
 export type { Arch, Libc, Platform };
 /**
- * Configuration for downloading socket-btm binary releases.
+ * Configuration for downloading socket-btm generic assets.
  */
-export interface SocketBtmBinaryConfig {
+export interface SocketBtmAssetConfig {
+    /** Asset name or pattern on GitHub. */
+    asset: string | AssetPattern;
+    /** @internal Discriminator fields */
+    bin?: never;
     /** Working directory (defaults to process.cwd()). */
     cwd?: string;
     /** Download destination directory. @default 'build/downloaded' */
     downloadDir?: string;
-    /** Tool/package name for directory structure and release matching. */
-    tool: string;
-    /** Binary/executable name (without extension). @default tool */
-    bin?: string;
-    /** Target platform (defaults to current platform). */
-    targetPlatform?: Platform;
-    /** Target architecture (defaults to current arch). */
-    targetArch?: Arch;
-    /** Linux libc variant. Auto-detected if not specified. */
-    libc?: Libc;
-    /** Specific release tag to download. */
-    tag?: string;
+    /** @internal Discriminator fields */
+    libc?: never;
+    /** Output filename. @default resolved asset name */
+    output?: string;
     /** Suppress log messages. @default false */
     quiet?: boolean;
-    /** Remove macOS quarantine attribute after download. @default true */
+    /** Remove macOS quarantine attribute after download. @default false */
     removeMacOSQuarantine?: boolean;
-    /** @internal Discriminator field */
-    asset?: never;
+    /** Specific release tag to download. */
+    tag?: string;
+    /** @internal Discriminator fields */
+    targetArch?: never;
+    /** @internal Discriminator fields */
+    targetPlatform?: never;
+    /** Tool/package name for directory structure and release matching. */
+    tool: string;
 }
 /**
- * Configuration for downloading socket-btm generic assets.
+ * Configuration for downloading socket-btm binary releases.
  */
-export interface SocketBtmAssetConfig {
+export interface SocketBtmBinaryConfig {
+    /** @internal Discriminator field */
+    asset?: never;
+    /** Binary/executable name (without extension). @default tool */
+    bin?: string;
     /** Working directory (defaults to process.cwd()). */
     cwd?: string;
     /** Download destination directory. @default 'build/downloaded' */
     downloadDir?: string;
-    /** Tool/package name for directory structure and release matching. */
-    tool: string;
-    /** Asset name pattern on GitHub. */
-    asset: string;
-    /** Output filename. @default asset */
-    output?: string;
-    /** Specific release tag to download. */
-    tag?: string;
+    /** Linux libc variant. Auto-detected if not specified. */
+    libc?: Libc;
     /** Suppress log messages. @default false */
     quiet?: boolean;
-    /** Remove macOS quarantine attribute after download. @default false */
+    /** Remove macOS quarantine attribute after download. @default true */
     removeMacOSQuarantine?: boolean;
-    /** @internal Discriminator fields */
-    bin?: never;
-    targetPlatform?: never;
-    targetArch?: never;
-    libc?: never;
+    /** Specific release tag to download. */
+    tag?: string;
+    /** Target architecture (defaults to current arch). */
+    targetArch?: Arch;
+    /** Target platform (defaults to current platform). */
+    targetPlatform?: Platform;
+    /** Tool/package name for directory structure and release matching. */
+    tool: string;
 }
 /**
  * Configuration for downloading socket-btm releases (binary or asset).