@socketsecurity/lib 5.4.0 → 5.5.0

package/CHANGELOG.md

@@ -5,6 +5,28 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## [5.5.0](https://github.com/SocketDev/socket-lib/releases/tag/v5.5.0) - 2026-01-12
+
+### Added
+
+- **dlx/detect**: Executable type detection utilities for DLX cache and local file paths
+  - `detectDlxExecutableType()`: Detects Node.js packages vs native binaries in DLX cache by checking for node_modules/ directory
+  - `detectExecutableType()`: Generic entry point that routes to appropriate detection strategy
+  - `detectLocalExecutableType()`: Detects executables on local filesystem by checking package.json bin field or file extension
+  - `isJsFilePath()`: Validates if a file path has .js, .mjs, or .cjs extension
+  - `isNativeBinary()`: Simplified helper that returns true for native binary executables
+  - `isNodePackage()`: Simplified helper that returns true for Node.js packages
+
+### Fixed
+
+- **releases/github**: Sort releases by published_at to reliably find latest release instead of relying on creation order
+
+## [5.4.1](https://github.com/SocketDev/socket-lib/releases/tag/v5.4.1) - 2026-01-10
+
+### Fixed
+
+- **build**: Removed debug module stub to bundle real debug package. The stub was missing `enable()` and `disable()` methods, causing errors when downstream projects re-bundled the lib.
+
 ## [5.4.0](https://github.com/SocketDev/socket-lib/releases/tag/v5.4.0) - 2026-01-07
 
 ### Added

package/dist/dlx/detect.d.ts

@@ -0,0 +1,66 @@
+export type ExecutableType = 'package' | 'binary' | 'unknown';
+export interface ExecutableDetectionResult {
+    type: ExecutableType;
+    method: 'dlx-cache' | 'package-json' | 'file-extension';
+    packageJsonPath?: string;
+    inDlxCache?: boolean;
+}
+/**
+ * Detect if a path is a Node.js package or native binary executable.
+ * Works for both DLX cache paths and local filesystem paths.
+ *
+ * Detection strategy:
+ * 1. If in DLX cache: Use detectDlxExecutableType()
+ * 2. Otherwise: Use detectLocalExecutableType()
+ *
+ * @param filePath - Path to executable (DLX cache or local filesystem)
+ * @returns Detection result with type, method, and metadata
+ *
+ * @example
+ * ```typescript
+ * const result = detectExecutableType('/path/to/tool')
+ * if (result.type === 'package') {
+ *   spawnNode([filePath, ...args])
+ * } else {
+ *   spawn(filePath, args)
+ * }
+ * ```
+ */
+export declare function detectExecutableType(filePath: string): ExecutableDetectionResult;
+/**
+ * Detect executable type for paths in DLX cache.
+ * Uses filesystem structure (node_modules/ presence).
+ *
+ * @param filePath - Path within DLX cache (~/.socket/_dlx/)
+ * @returns Detection result
+ */
+export declare function detectDlxExecutableType(filePath: string): ExecutableDetectionResult;
+/**
+ * Detect executable type for local filesystem paths.
+ * Uses package.json and file extension checks.
+ *
+ * @param filePath - Local filesystem path (not in DLX cache)
+ * @returns Detection result
+ */
+export declare function detectLocalExecutableType(filePath: string): ExecutableDetectionResult;
+/**
+ * Check if a file path indicates a Node.js script.
+ *
+ * @param filePath - Path to check
+ * @returns True if file has .js, .mjs, or .cjs extension
+ */
+export declare function isJsFilePath(filePath: string): boolean;
+/**
+ * Simplified helper: Is this a native binary executable?
+ *
+ * @param filePath - Path to check
+ * @returns True if detected as native binary (not Node.js package)
+ */
+export declare function isNativeBinary(filePath: string): boolean;
+/**
+ * Simplified helper: Is this a Node.js package?
+ *
+ * @param filePath - Path to check
+ * @returns True if detected as Node.js package
+ */
+export declare function isNodePackage(filePath: string): boolean;

package/dist/dlx/detect.js

@@ -0,0 +1,139 @@
+"use strict";
+/* Socket Lib - Built with esbuild */
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+var detect_exports = {};
+__export(detect_exports, {
+  detectDlxExecutableType: () => detectDlxExecutableType,
+  detectExecutableType: () => detectExecutableType,
+  detectLocalExecutableType: () => detectLocalExecutableType,
+  isJsFilePath: () => isJsFilePath,
+  isNativeBinary: () => isNativeBinary,
+  isNodePackage: () => isNodePackage
+});
+module.exports = __toCommonJS(detect_exports);
+var import_paths = require("./paths");
+var import_socket = require("../paths/socket");
+let _fs;
+let _path;
+// @__NO_SIDE_EFFECTS__
+function getFs() {
+  if (_fs === void 0) {
+    _fs = require("fs");
+  }
+  return _fs;
+}
+// @__NO_SIDE_EFFECTS__
+function getPath() {
+  if (_path === void 0) {
+    _path = require("path");
+  }
+  return _path;
+}
+const NODE_JS_EXTENSIONS = /* @__PURE__ */ new Set([".js", ".mjs", ".cjs"]);
+function detectExecutableType(filePath) {
+  if ((0, import_paths.isInSocketDlx)(filePath)) {
+    return detectDlxExecutableType(filePath);
+  }
+  return detectLocalExecutableType(filePath);
+}
+function detectDlxExecutableType(filePath) {
+  const fs = /* @__PURE__ */ getFs();
+  const path = /* @__PURE__ */ getPath();
+  const dlxDir = (0, import_socket.getSocketDlxDir)();
+  const absolutePath = path.resolve(filePath);
+  const relativePath = path.relative(dlxDir, absolutePath);
+  const cacheKey = relativePath.split(path.sep)[0];
+  const cacheDir = path.join(dlxDir, cacheKey);
+  if (fs.existsSync(path.join(cacheDir, "node_modules"))) {
+    return {
+      type: "package",
+      method: "dlx-cache",
+      inDlxCache: true
+    };
+  }
+  return {
+    type: "binary",
+    method: "dlx-cache",
+    inDlxCache: true
+  };
+}
+function detectLocalExecutableType(filePath) {
+  const fs = /* @__PURE__ */ getFs();
+  const packageJsonPath = findPackageJson(filePath);
+  if (packageJsonPath !== void 0) {
+    try {
+      const packageJson = JSON.parse(fs.readFileSync(packageJsonPath, "utf8"));
+      if (packageJson.bin) {
+        return {
+          type: "package",
+          method: "package-json",
+          packageJsonPath,
+          inDlxCache: false
+        };
+      }
+    } catch {
+    }
+  }
+  if (isJsFilePath(filePath)) {
+    return {
+      inDlxCache: false,
+      method: "file-extension",
+      type: "package"
+    };
+  }
+  return {
+    type: "binary",
+    method: "file-extension",
+    inDlxCache: false
+  };
+}
+function findPackageJson(filePath) {
+  const fs = /* @__PURE__ */ getFs();
+  const path = /* @__PURE__ */ getPath();
+  let currentDir = path.dirname(path.resolve(filePath));
+  const root = path.parse(currentDir).root;
+  while (currentDir !== root) {
+    const packageJsonPath = path.join(currentDir, "package.json");
+    if (fs.existsSync(packageJsonPath)) {
+      return packageJsonPath;
+    }
+    currentDir = path.dirname(currentDir);
+  }
+  return void 0;
+}
+function isJsFilePath(filePath) {
+  const path = /* @__PURE__ */ getPath();
+  const ext = path.extname(filePath).toLowerCase();
+  return NODE_JS_EXTENSIONS.has(ext);
+}
+function isNativeBinary(filePath) {
+  return detectExecutableType(filePath).type === "binary";
+}
+function isNodePackage(filePath) {
+  return detectExecutableType(filePath).type === "package";
+}
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  detectDlxExecutableType,
+  detectExecutableType,
+  detectLocalExecutableType,
+  isJsFilePath,
+  isNativeBinary,
+  isNodePackage
+});

package/dist/external/@inquirer/checkbox.js

@@ -1,5 +1,5 @@
 'use strict'
 
-// Re-export from inquirer-pack bundle for better deduplication.
-const { checkbox } = require('../inquirer-pack')
+// Re-export from external-pack bundle for better deduplication.
+const { checkbox } = require('../external-pack')
 module.exports = checkbox

package/dist/external/@inquirer/confirm.js

@@ -1,5 +1,5 @@
 'use strict'
 
-// Re-export from inquirer-pack bundle for better deduplication.
-const { confirm } = require('../inquirer-pack')
+// Re-export from external-pack bundle for better deduplication.
+const { confirm } = require('../external-pack')
 module.exports = confirm

package/dist/external/@inquirer/input.js

@@ -1,5 +1,5 @@
 'use strict'
 
-// Re-export from inquirer-pack bundle for better deduplication.
-const { input } = require('../inquirer-pack')
+// Re-export from external-pack bundle for better deduplication.
+const { input } = require('../external-pack')
 module.exports = input

package/dist/external/@inquirer/password.js

@@ -1,5 +1,5 @@
 'use strict'
 
-// Re-export from inquirer-pack bundle for better deduplication.
-const { password } = require('../inquirer-pack')
+// Re-export from external-pack bundle for better deduplication.
+const { password } = require('../external-pack')
 module.exports = password

package/dist/external/@inquirer/search.js

@@ -1,5 +1,5 @@
 'use strict'
 
-// Re-export from inquirer-pack bundle for better deduplication.
-const { search } = require('../inquirer-pack')
+// Re-export from external-pack bundle for better deduplication.
+const { search } = require('../external-pack')
 module.exports = search

package/dist/external/@inquirer/select.js

@@ -1,5 +1,5 @@
 'use strict'
 
-// Re-export from inquirer-pack bundle for better deduplication.
-const { select } = require('../inquirer-pack')
+// Re-export from external-pack bundle for better deduplication.
+const { select } = require('../external-pack')
 module.exports = select

package/dist/external/@npmcli/package-json.js

@@ -714,9 +714,9 @@ var require_clean = __commonJS({
   }
 });
 
-// node_modules/.pnpm/proc-log@5.0.0/node_modules/proc-log/lib/index.js
+// node_modules/.pnpm/proc-log@6.1.0/node_modules/proc-log/lib/index.js
 var require_lib2 = __commonJS({
-  "node_modules/.pnpm/proc-log@5.0.0/node_modules/proc-log/lib/index.js"(exports2, module2) {
+  "node_modules/.pnpm/proc-log@6.1.0/node_modules/proc-log/lib/index.js"(exports2, module2) {
     var META = Symbol("proc-log.meta");
     module2.exports = {
       META,
@@ -842,10 +842,14 @@ var require_lib2 = __commonJS({
           end: "end",
           read: "read"
         },
-        start: /* @__PURE__ */ __name(function(fn) {
-          process.emit("input", "start");
+        start: /* @__PURE__ */ __name(function(...args) {
+          let fn;
+          if (typeof args[0] === "function") {
+            fn = args.shift();
+          }
+          process.emit("input", "start", ...args);
           function end() {
-            return process.emit("input", "end");
+            return process.emit("input", "end", ...args);
           }
           __name(end, "end");
           if (typeof fn === "function") {
@@ -858,8 +862,8 @@ var require_lib2 = __commonJS({
           }
           return end;
         }, "start"),
-        end: /* @__PURE__ */ __name(function() {
-          return process.emit("input", "end");
+        end: /* @__PURE__ */ __name(function(...args) {
+          return process.emit("input", "end", ...args);
         }, "end"),
         read: /* @__PURE__ */ __name(function(...args) {
           let resolve, reject;