@socketsecurity/lib 5.5.2 → 5.6.0

package/CHANGELOG.md

@@ -5,6 +5,43 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## [5.6.0](https://github.com/SocketDev/socket-lib/releases/tag/v5.6.0) - 2026-02-08
+
+### Added
+
+- **http-request**: Added automatic default headers for JSON and text requests
+  - `httpJson()` now automatically sets `Accept: application/json` header
+  - `httpJson()` automatically sets `Content-Type: application/json` when body is present
+  - `httpText()` now automatically sets `Accept: text/plain` header
+  - `httpText()` automatically sets `Content-Type: text/plain` when body is present
+  - User-provided headers always override defaults
+  - Simplifies API usage - no need to manually set common headers
+
+### Changed
+
+- **http-request**: Renamed HTTP helper functions to support all HTTP methods (BREAKING CHANGE)
+  - `httpGetJson()` → `httpJson()` - Now supports GET, POST, PUT, DELETE, PATCH, etc.
+  - `httpGetText()` → `httpText()` - Now supports all HTTP methods via `method` option
+  - Functions now accept `method` parameter in options (defaults to 'GET')
+  - More flexible API that matches modern fetch-style conventions
+  - **Migration**: Replace `httpGetJson()` calls with `httpJson()` and `httpGetText()` with `httpText()`
+
+### Fixed
+
+- **http-request**: Fixed Content-Type header incorrectly sent with empty string body
+  - Empty string body (`""`) no longer triggers Content-Type header
+  - Changed condition from `if (body !== undefined)` to `if (body)` for semantic correctness
+  - Empty string represents "no content" and should not declare a Content-Type
+  - Affects `httpJson()` and `httpText()` functions
+  - Fixes potential API compatibility issues with servers expecting no Content-Type for empty bodies
+  - Added comprehensive test coverage for empty string edge case
+
+## [5.5.3](https://github.com/SocketDev/socket-lib/releases/tag/v5.5.3) - 2026-01-20
+
+### Fixed
+
+- **deps**: Added patch for execa@2.1.0 to fix signal-exit v4 compatibility. The package was using default import syntax with signal-exit v4, which now exports onExit as a named export.
+
 ## [5.5.2](https://github.com/SocketDev/socket-lib/releases/tag/v5.5.2) - 2026-01-20
 
 ### Changed

package/dist/dlx/binary.d.ts

@@ -10,9 +10,9 @@ export interface DlxBinaryOptions {
      */
     name?: string | undefined;
     /**
-     * Expected checksum (sha256) for verification.
+     * Expected SRI integrity hash (sha512-<base64>) for verification.
      */
-    checksum?: string | undefined;
+    integrity?: string | undefined;
     /**
      * Cache TTL in milliseconds (default: 7 days).
      */
@@ -47,65 +47,40 @@ export interface DlxBinaryResult {
 }
 /**
  * Metadata structure for cached binaries (.dlx-metadata.json).
- * Unified schema shared across TypeScript (dlxBinary) and C++ (socket_macho_decompress).
+ * Unified schema shared across TypeScript (dlxBinary) and C++ stub extractor.
  *
- * Core Fields (present in all implementations):
+ * Fields:
  * - version: Schema version (currently "1.0.0")
  * - cache_key: First 16 chars of SHA-512 hash (matches directory name)
  * - timestamp: Unix timestamp in milliseconds
- * - checksum: Full hash of cached binary (SHA-512 for C++, SHA-256 for TypeScript)
- * - checksum_algorithm: "sha512" or "sha256"
- * - platform: "darwin" | "linux" | "win32"
- * - arch: "x64" | "arm64"
+ * - integrity: SRI hash (sha512-<base64>, aligned with npm)
  * - size: Size of cached binary in bytes
  * - source: Origin information
- *   - type: "download" (from URL) or "decompression" (from embedded binary)
+ *   - type: "download" | "extract" | "package"
  *   - url: Download URL (if type is "download")
- *   - path: Source binary path (if type is "decompression")
+ *   - path: Source binary path (if type is "extract")
+ *   - spec: Package spec (if type is "package")
+ * - update_check: Update checking metadata (optional)
+ *   - last_check: Timestamp of last update check
+ *   - last_notification: Timestamp of last user notification
+ *   - latest_known: Latest known version string
  *
- * Extra Fields (implementation-specific):
- * - For C++ decompression:
- *   - compressed_size: Size of compressed data in bytes
- *   - compression_algorithm: Brotli level (numeric)
- *   - compression_ratio: original_size / compressed_size
- *
- * Example (TypeScript download):
+ * Example:
  * ```json
  * {
  *   "version": "1.0.0",
  *   "cache_key": "a1b2c3d4e5f67890",
  *   "timestamp": 1730332800000,
- *   "checksum": "sha256-abc123...",
- *   "checksum_algorithm": "sha256",
- *   "platform": "darwin",
- *   "arch": "arm64",
+ *   "integrity": "sha512-abc123base64...",
  *   "size": 15000000,
  *   "source": {
  *     "type": "download",
  *     "url": "https://example.com/binary"
- *   }
- * }
- * ```
- *
- * Example (C++ decompression):
- * ```json
- * {
- *   "version": "1.0.0",
- *   "cache_key": "0123456789abcdef",
- *   "timestamp": 1730332800000,
- *   "checksum": "sha512-def456...",
- *   "checksum_algorithm": "sha512",
- *   "platform": "darwin",
- *   "arch": "arm64",
- *   "size": 13000000,
- *   "source": {
- *     "type": "decompression",
- *     "path": "/usr/local/bin/socket"
  *   },
- *   "extra": {
- *     "compressed_size": 1700000,
- *     "compression_algorithm": 3,
- *     "compression_ratio": 7.647
+ *   "update_check": {
+ *     "last_check": 1730332800000,
+ *     "last_notification": 1730246400000,
+ *     "latest_known": "2.1.0"
  *   }
  * }
  * ```
@@ -116,17 +91,19 @@ export interface DlxMetadata {
     version: string;
     cache_key: string;
     timestamp: number;
-    checksum: string;
-    checksum_algorithm: string;
-    platform: string;
-    arch: string;
+    integrity: string;
     size: number;
     source?: {
-        type: 'download' | 'decompression';
+        type: 'download' | 'extract' | 'package';
         url?: string;
         path?: string;
+        spec?: string;
+    };
+    update_check?: {
+        last_check: number;
+        last_notification: number;
+        latest_known: string;
     };
-    extra?: Record<string, unknown>;
 }
 /**
  * Clean expired entries from the DLX cache.
@@ -169,10 +146,8 @@ export declare function getDlxCachePath(): string;
  */
 export declare function listDlxCache(): Promise<Array<{
     age: number;
-    arch: string;
-    checksum: string;
+    integrity: string;
     name: string;
-    platform: string;
     size: number;
     url: string;
 }>>;

package/dist/dlx/binary.js

@@ -30,7 +30,6 @@ module.exports = __toCommonJS(binary_exports);
 var import_platform = require("../constants/platform");
 var import_time = require("../constants/time");
 var import_cache = require("./cache");
-var import_manifest = require("./manifest");
 var import_http_request = require("../http-request");
 var import_fs = require("../fs");
 var import_objects = require("../objects");
@@ -87,7 +86,7 @@ async function isCacheValid(cacheEntryPath, cacheTtl) {
     return false;
   }
 }
-async function downloadBinaryFile(url, destPath, checksum) {
+async function downloadBinaryFile(url, destPath, integrity) {
   const crypto = /* @__PURE__ */ getCrypto();
   const fs = /* @__PURE__ */ getFs();
   const path = /* @__PURE__ */ getPath();
@@ -100,9 +99,8 @@ async function downloadBinaryFile(url, destPath, checksum) {
         const stats = await fs.promises.stat(destPath);
         if (stats.size > 0) {
           const fileBuffer2 = await fs.promises.readFile(destPath);
-          const hasher2 = crypto.createHash("sha256");
-          hasher2.update(fileBuffer2);
-          return hasher2.digest("hex");
+          const hash2 = crypto.createHash("sha512").update(fileBuffer2).digest("base64");
+          return `sha512-${hash2}`;
         }
       }
       try {
@@ -116,19 +114,18 @@ Check your internet connection or verify the URL is accessible.`,
         );
       }
       const fileBuffer = await fs.promises.readFile(destPath);
-      const hasher = crypto.createHash("sha256");
-      hasher.update(fileBuffer);
-      const actualChecksum = hasher.digest("hex");
-      if (checksum && actualChecksum !== checksum) {
+      const hash = crypto.createHash("sha512").update(fileBuffer).digest("base64");
+      const actualIntegrity = `sha512-${hash}`;
+      if (integrity && actualIntegrity !== integrity) {
         await (0, import_fs.safeDelete)(destPath);
         throw new Error(
-          `Checksum mismatch: expected ${checksum}, got ${actualChecksum}`
+          `Integrity mismatch: expected ${integrity}, got ${actualIntegrity}`
         );
       }
       if (!import_platform.WIN32) {
         await fs.promises.chmod(destPath, 493);
       }
-      return actualChecksum;
+      return actualIntegrity;
     },
     {
       // Align with npm npx locking strategy.
@@ -137,16 +134,13 @@ Check your internet connection or verify the URL is accessible.`,
     }
   );
 }
-async function writeMetadata(cacheEntryPath, cacheKey, url, binaryName, checksum, size) {
+async function writeMetadata(cacheEntryPath, cacheKey, url, integrity, size) {
   const metaPath = getMetadataPath(cacheEntryPath);
   const metadata = {
     version: "1.0.0",
     cache_key: cacheKey,
     timestamp: Date.now(),
-    checksum,
-    checksum_algorithm: "sha256",
-    platform: (0, import_platform.getPlatform)(),
-    arch: (0, import_platform.getArch)(),
+    integrity,
     size,
     source: {
       type: "download",
@@ -155,21 +149,6 @@ async function writeMetadata(cacheEntryPath, cacheKey, url, binaryName, checksum
   };
   const fs = /* @__PURE__ */ getFs();
   await fs.promises.writeFile(metaPath, JSON.stringify(metadata, null, 2));
-  try {
-    const spec = `${url}:${binaryName}`;
-    await import_manifest.dlxManifest.setBinaryEntry(spec, cacheKey, {
-      checksum,
-      checksum_algorithm: metadata.checksum_algorithm,
-      platform: metadata.platform,
-      arch: metadata.arch,
-      size,
-      source: {
-        type: "download",
-        url
-      }
-    });
-  } catch {
-  }
 }
 async function cleanDlxCache(maxAge = import_time.DLX_BINARY_CACHE_TTL) {
   const cacheDir = getDlxCachePath();
@@ -214,8 +193,8 @@ async function cleanDlxCache(maxAge = import_time.DLX_BINARY_CACHE_TTL) {
 async function dlxBinary(args, options, spawnExtra) {
   const {
     cacheTtl = import_time.DLX_BINARY_CACHE_TTL,
-    checksum,
     force: userForce = false,
+    integrity,
     name,
     spawnOptions,
     url,
@@ -231,13 +210,13 @@ async function dlxBinary(args, options, spawnExtra) {
   const cacheEntryDir = path.join(cacheDir, cacheKey);
   const binaryPath = (0, import_normalize.normalizePath)(path.join(cacheEntryDir, binaryName));
   let downloaded = false;
-  let computedChecksum = checksum;
+  let computedIntegrity = integrity;
   if (!force && fs.existsSync(cacheEntryDir) && await isCacheValid(cacheEntryDir, cacheTtl)) {
     try {
       const metaPath = getMetadataPath(cacheEntryDir);
       const metadata = await (0, import_fs.readJson)(metaPath, { throws: false });
-      if (metadata && typeof metadata === "object" && !Array.isArray(metadata) && typeof metadata["checksum"] === "string") {
-        computedChecksum = metadata["checksum"];
+      if (metadata && typeof metadata === "object" && !Array.isArray(metadata) && typeof metadata["integrity"] === "string") {
+        computedIntegrity = metadata["integrity"];
       } else {
         downloaded = true;
       }
@@ -271,14 +250,13 @@ Ensure the filesystem is writable or set SOCKET_DLX_DIR to a writable location.`
         { cause: e }
       );
     }
-    computedChecksum = await downloadBinaryFile(url, binaryPath, checksum);
+    computedIntegrity = await downloadBinaryFile(url, binaryPath, integrity);
     const stats = await fs.promises.stat(binaryPath);
     await writeMetadata(
       cacheEntryDir,
       cacheKey,
       url,
-      binaryName,
-      computedChecksum || "",
+      computedIntegrity || "",
       stats.size
     );
   }
@@ -301,8 +279,8 @@ Ensure the filesystem is writable or set SOCKET_DLX_DIR to a writable location.`
 async function downloadBinary(options) {
   const {
     cacheTtl = import_time.DLX_BINARY_CACHE_TTL,
-    checksum,
     force = false,
+    integrity,
     name,
     url
   } = { __proto__: null, ...options };
@@ -341,14 +319,17 @@ Ensure the filesystem is writable or set SOCKET_DLX_DIR to a writable location.`
         { cause: e }
       );
     }
-    const computedChecksum = await downloadBinaryFile(url, binaryPath, checksum);
+    const computedIntegrity = await downloadBinaryFile(
+      url,
+      binaryPath,
+      integrity
+    );
     const stats = await fs.promises.stat(binaryPath);
     await writeMetadata(
       cacheEntryDir,
       cacheKey,
       url,
-      binaryName,
-      computedChecksum || "",
+      computedIntegrity || "",
       stats.size
     );
     downloaded = true;
@@ -406,10 +387,8 @@ async function listDlxCache() {
         const binaryStats = await fs.promises.stat(binaryPath);
         results.push({
           age: now - (metaObj["timestamp"] || 0),
-          arch: metaObj["arch"] || "unknown",
-          checksum: metaObj["checksum"] || "",
+          integrity: metaObj["integrity"] || "",
           name: binaryFile,
-          platform: metaObj["platform"] || "unknown",
           size: binaryStats.size,
           url
         });

package/dist/dlx/manifest.d.ts

@@ -14,17 +14,23 @@ export interface PackageDetails {
  * Details for binary download entries.
  */
 export interface BinaryDetails {
-    checksum: string;
-    checksum_algorithm: ChecksumAlgorithm;
+    /** SRI integrity hash (sha512-<base64>, aligned with npm). */
+    integrity: string;
     platform: string;
     arch: string;
     size: number;
     source: {
-        type: 'download';
-        url: string;
+        type: 'download' | 'extract';
+        url?: string;
+        path?: string;
+    };
+    /** Update check metadata (same structure as packages). */
+    update_check?: {
+        last_check: number;
+        last_notification: number;
+        latest_known: string;
     };
 }
-export type ChecksumAlgorithm = 'sha256' | 'sha512';
 /**
  * Unified manifest entry for all cached items (packages and binaries).
  * Shared fields at root, type-specific fields in details.

package/dist/external/libnpmexec.js

@@ -11,9 +11,9 @@ var __commonJS = (cb, mod) => function __require() {
   return mod || (0, cb[__getOwnPropNames(cb)[0]])((mod = { exports: {} }).exports, mod), mod.exports;
 };
 
-// node_modules/.pnpm/libnpmexec@10.1.11_supports-color@10.0.0/node_modules/libnpmexec/lib/get-bin-from-manifest.js
+// node_modules/.pnpm/libnpmexec@10.2.0_supports-color@10.0.0/node_modules/libnpmexec/lib/get-bin-from-manifest.js
 var require_get_bin_from_manifest = __commonJS({
-  "node_modules/.pnpm/libnpmexec@10.1.11_supports-color@10.0.0/node_modules/libnpmexec/lib/get-bin-from-manifest.js"(exports2, module2) {
+  "node_modules/.pnpm/libnpmexec@10.2.0_supports-color@10.0.0/node_modules/libnpmexec/lib/get-bin-from-manifest.js"(exports2, module2) {
     var getBinFromManifest2 = /* @__PURE__ */ __name((mani) => {
       const bin = mani.bin || {};
       if (new Set(Object.values(bin)).size === 1) {

package/dist/http-request.d.ts

@@ -435,46 +435,6 @@ export interface HttpDownloadResult {
      */
     size: number;
 }
-/**
- * Make an HTTP/HTTPS request with retry logic and redirect support.
- * Provides a fetch-like API using Node.js native http/https modules.
- *
- * This is the main entry point for making HTTP requests. It handles retries,
- * redirects, timeouts, and provides a fetch-compatible response interface.
- *
- * @param url - The URL to request (must start with http:// or https://)
- * @param options - Request configuration options
- * @returns Promise resolving to response object with `.json()`, `.text()`, etc.
- * @throws {Error} When all retries are exhausted, timeout occurs, or non-retryable error happens
- *
- * @example
- * ```ts
- * // Simple GET request
- * const response = await httpRequest('https://api.example.com/data')
- * const data = response.json()
- *
- * // POST with JSON body
- * const response = await httpRequest('https://api.example.com/users', {
- *   method: 'POST',
- *   headers: { 'Content-Type': 'application/json' },
- *   body: JSON.stringify({ name: 'Alice', email: 'alice@example.com' })
- * })
- *
- * // With retries and timeout
- * const response = await httpRequest('https://api.example.com/data', {
- *   retries: 3,
- *   retryDelay: 1000,
- *   timeout: 60000
- * })
- *
- * // Don't follow redirects
- * const response = await httpRequest('https://example.com/redirect', {
- *   followRedirects: false
- * })
- * console.log(response.status) // 301, 302, etc.
- * ```
- */
-export declare function httpRequest(url: string, options?: HttpRequestOptions | undefined): Promise<HttpResponse>;
 /**
  * Download a file from a URL to a local path with redirect support, retry logic, and progress callbacks.
  * Uses streaming to avoid loading entire file in memory.
@@ -533,8 +493,12 @@ export declare function httpRequest(url: string, options?: HttpRequestOptions |
  */
 export declare function httpDownload(url: string, destPath: string, options?: HttpDownloadOptions | undefined): Promise<HttpDownloadResult>;
 /**
- * Perform a GET request and parse JSON response.
- * Convenience wrapper around `httpRequest` for common JSON API calls.
+ * Perform an HTTP request and parse JSON response.
+ * Convenience wrapper around `httpRequest` for JSON API calls.
+ * Automatically sets appropriate headers for JSON requests:
+ * - `Accept: application/json` (always)
+ * - `Content-Type: application/json` (when body is present)
+ * User-provided headers override these defaults.
  *
  * @template T - Expected JSON response type (defaults to `unknown`)
  * @param url - The URL to request (must start with http:// or https://)
@@ -544,34 +508,79 @@ export declare function httpDownload(url: string, destPath: string, options?: Ht
  *
  * @example
  * ```ts
- * // Simple JSON GET
- * const data = await httpGetJson('https://api.example.com/data')
+ * // Simple JSON GET (automatically sets Accept: application/json)
+ * const data = await httpJson('https://api.example.com/data')
  * console.log(data)
  *
  * // With type safety
  * interface User { id: number; name: string; email: string }
- * const user = await httpGetJson<User>('https://api.example.com/user/123')
+ * const user = await httpJson<User>('https://api.example.com/user/123')
  * console.log(user.name, user.email)
  *
- * // With custom headers
- * const data = await httpGetJson('https://api.example.com/data', {
- *   headers: {
- *     'Authorization': 'Bearer token123',
- *     'Accept': 'application/json'
- *   }
+ * // POST with JSON body (automatically sets Content-Type: application/json)
+ * const result = await httpJson('https://api.example.com/users', {
+ *   method: 'POST',
+ *   body: JSON.stringify({ name: 'Alice', email: 'alice@example.com' })
  * })
  *
- * // With retries
- * const data = await httpGetJson('https://api.example.com/data', {
+ * // With custom headers and retries
+ * const data = await httpJson('https://api.example.com/data', {
+ *   headers: {
+ *     'Authorization': 'Bearer token123'
+ *   },
  *   retries: 3,
  *   retryDelay: 1000
  * })
  * ```
  */
-export declare function httpGetJson<T = unknown>(url: string, options?: HttpRequestOptions | undefined): Promise<T>;
+export declare function httpJson<T = unknown>(url: string, options?: HttpRequestOptions | undefined): Promise<T>;
+/**
+ * Make an HTTP/HTTPS request with retry logic and redirect support.
+ * Provides a fetch-like API using Node.js native http/https modules.
+ *
+ * This is the main entry point for making HTTP requests. It handles retries,
+ * redirects, timeouts, and provides a fetch-compatible response interface.
+ *
+ * @param url - The URL to request (must start with http:// or https://)
+ * @param options - Request configuration options
+ * @returns Promise resolving to response object with `.json()`, `.text()`, etc.
+ * @throws {Error} When all retries are exhausted, timeout occurs, or non-retryable error happens
+ *
+ * @example
+ * ```ts
+ * // Simple GET request
+ * const response = await httpRequest('https://api.example.com/data')
+ * const data = response.json()
+ *
+ * // POST with JSON body
+ * const response = await httpRequest('https://api.example.com/users', {
+ *   method: 'POST',
+ *   headers: { 'Content-Type': 'application/json' },
+ *   body: JSON.stringify({ name: 'Alice', email: 'alice@example.com' })
+ * })
+ *
+ * // With retries and timeout
+ * const response = await httpRequest('https://api.example.com/data', {
+ *   retries: 3,
+ *   retryDelay: 1000,
+ *   timeout: 60000
+ * })
+ *
+ * // Don't follow redirects
+ * const response = await httpRequest('https://example.com/redirect', {
+ *   followRedirects: false
+ * })
+ * console.log(response.status) // 301, 302, etc.
+ * ```
+ */
+export declare function httpRequest(url: string, options?: HttpRequestOptions | undefined): Promise<HttpResponse>;
 /**
- * Perform a GET request and return text response.
+ * Perform an HTTP request and return text response.
  * Convenience wrapper around `httpRequest` for fetching text content.
+ * Automatically sets appropriate headers for text requests:
+ * - `Accept: text/plain` (always)
+ * - `Content-Type: text/plain` (when body is present)
+ * User-provided headers override these defaults.
  *
  * @param url - The URL to request (must start with http:// or https://)
  * @param options - Request configuration options
@@ -580,25 +589,32 @@ export declare function httpGetJson<T = unknown>(url: string, options?: HttpRequ
  *
  * @example
  * ```ts
- * // Fetch HTML
- * const html = await httpGetText('https://example.com')
+ * // Fetch HTML (automatically sets Accept: text/plain)
+ * const html = await httpText('https://example.com')
  * console.log(html.includes('<!DOCTYPE html>'))
  *
  * // Fetch plain text
- * const text = await httpGetText('https://example.com/file.txt')
+ * const text = await httpText('https://example.com/file.txt')
  * console.log(text)
  *
- * // With custom headers
- * const text = await httpGetText('https://example.com/data.txt', {
+ * // POST with text body (automatically sets Content-Type: text/plain)
+ * const result = await httpText('https://example.com/api', {
+ *   method: 'POST',
+ *   body: 'raw text data'
+ * })
+ *
+ * // With custom headers (override defaults)
+ * const text = await httpText('https://example.com/data.txt', {
  *   headers: {
- *     'Authorization': 'Bearer token123'
+ *     'Authorization': 'Bearer token123',
+ *     'Accept': 'text/html'  // Override default Accept header
  *   }
  * })
  *
  * // With timeout
- * const text = await httpGetText('https://example.com/large-file.txt', {
+ * const text = await httpText('https://example.com/large-file.txt', {
  *   timeout: 60000 // 1 minute
  * })
  * ```
  */
-export declare function httpGetText(url: string, options?: HttpRequestOptions | undefined): Promise<string>;
+export declare function httpText(url: string, options?: HttpRequestOptions | undefined): Promise<string>;

package/dist/http-request.js

@@ -20,9 +20,9 @@ var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: tru
 var http_request_exports = {};
 __export(http_request_exports, {
   httpDownload: () => httpDownload,
-  httpGetJson: () => httpGetJson,
-  httpGetText: () => httpGetText,
-  httpRequest: () => httpRequest
+  httpJson: () => httpJson,
+  httpRequest: () => httpRequest,
+  httpText: () => httpText
 });
 module.exports = __toCommonJS(http_request_exports);
 let _fs;
@@ -49,38 +49,131 @@ function getHttps() {
   }
   return _https;
 }
-async function httpRequest(url, options) {
+async function httpDownloadAttempt(url, destPath, options) {
   const {
-    body,
     followRedirects = true,
     headers = {},
     maxRedirects = 5,
-    method = "GET",
-    retries = 0,
-    retryDelay = 1e3,
-    timeout = 3e4
+    onProgress,
+    timeout = 12e4
   } = { __proto__: null, ...options };
-  let lastError;
-  for (let attempt = 0; attempt <= retries; attempt++) {
-    try {
-      return await httpRequestAttempt(url, {
-        body,
-        followRedirects,
-        headers,
-        maxRedirects,
-        method,
-        timeout
-      });
-    } catch (e) {
-      lastError = e;
-      if (attempt === retries) {
-        break;
+  return await new Promise((resolve, reject) => {
+    const parsedUrl = new URL(url);
+    const isHttps = parsedUrl.protocol === "https:";
+    const httpModule = isHttps ? /* @__PURE__ */ getHttps() : /* @__PURE__ */ getHttp();
+    const requestOptions = {
+      headers: {
+        "User-Agent": "socket-registry/1.0",
+        ...headers
+      },
+      hostname: parsedUrl.hostname,
+      method: "GET",
+      path: parsedUrl.pathname + parsedUrl.search,
+      port: parsedUrl.port,
+      timeout
+    };
+    const { createWriteStream } = /* @__PURE__ */ getFs();
+    let fileStream;
+    let streamClosed = false;
+    const closeStream = () => {
+      if (!streamClosed && fileStream) {
+        streamClosed = true;
+        fileStream.close();
       }
-      const delayMs = retryDelay * 2 ** attempt;
-      await new Promise((resolve) => setTimeout(resolve, delayMs));
-    }
-  }
-  throw lastError || new Error("Request failed after retries");
+    };
+    const request = httpModule.request(
+      requestOptions,
+      (res) => {
+        if (followRedirects && res.statusCode && res.statusCode >= 300 && res.statusCode < 400 && res.headers.location) {
+          if (maxRedirects <= 0) {
+            reject(
+              new Error(
+                `Too many redirects (exceeded maximum: ${maxRedirects})`
+              )
+            );
+            return;
+          }
+          const redirectUrl = res.headers.location.startsWith("http") ? res.headers.location : new URL(res.headers.location, url).toString();
+          resolve(
+            httpDownloadAttempt(redirectUrl, destPath, {
+              followRedirects,
+              headers,
+              maxRedirects: maxRedirects - 1,
+              onProgress,
+              timeout
+            })
+          );
+          return;
+        }
+        if (!res.statusCode || res.statusCode < 200 || res.statusCode >= 300) {
+          closeStream();
+          reject(
+            new Error(
+              `Download failed: HTTP ${res.statusCode} ${res.statusMessage}`
+            )
+          );
+          return;
+        }
+        const totalSize = Number.parseInt(
+          res.headers["content-length"] || "0",
+          10
+        );
+        let downloadedSize = 0;
+        fileStream = createWriteStream(destPath);
+        fileStream.on("error", (error) => {
+          closeStream();
+          const err = new Error(`Failed to write file: ${error.message}`, {
+            cause: error
+          });
+          reject(err);
+        });
+        res.on("data", (chunk) => {
+          downloadedSize += chunk.length;
+          if (onProgress && totalSize > 0) {
+            onProgress(downloadedSize, totalSize);
+          }
+        });
+        res.on("end", () => {
+          fileStream?.close(() => {
+            streamClosed = true;
+            resolve({
+              path: destPath,
+              size: downloadedSize
+            });
+          });
+        });
+        res.on("error", (error) => {
+          closeStream();
+          reject(error);
+        });
+        res.pipe(fileStream);
+      }
+    );
+    request.on("error", (error) => {
+      closeStream();
+      const code = error.code;
+      let message = `HTTP download failed for ${url}: ${error.message}
+`;
+      if (code === "ENOTFOUND") {
+        message += "DNS lookup failed. Check the hostname and your network connection.";
+      } else if (code === "ECONNREFUSED") {
+        message += "Connection refused. Verify the server is running and accessible.";
+      } else if (code === "ETIMEDOUT") {
+        message += "Request timed out. Check your network or increase the timeout value.";
+      } else if (code === "ECONNRESET") {
+        message += "Connection reset. The server may have closed the connection unexpectedly.";
+      } else {
+        message += "Check your network connection and verify the URL is correct.";
+      }
+      reject(new Error(message, { cause: error }));
+    });
+    request.on("timeout", () => {
+      request.destroy();
+      closeStream();
+      reject(new Error(`Download timed out after ${timeout}ms`));
+    });
+    request.end();
+  });
 }
 async function httpRequestAttempt(url, options) {
   const {
@@ -236,134 +329,30 @@ async function httpDownload(url, destPath, options) {
   }
   throw lastError || new Error("Download failed after retries");
 }
-async function httpDownloadAttempt(url, destPath, options) {
+async function httpJson(url, options) {
   const {
-    followRedirects = true,
+    body,
     headers = {},
-    maxRedirects = 5,
-    onProgress,
-    timeout = 12e4
-  } = { __proto__: null, ...options };
-  return await new Promise((resolve, reject) => {
-    const parsedUrl = new URL(url);
-    const isHttps = parsedUrl.protocol === "https:";
-    const httpModule = isHttps ? /* @__PURE__ */ getHttps() : /* @__PURE__ */ getHttp();
-    const requestOptions = {
-      headers: {
-        "User-Agent": "socket-registry/1.0",
-        ...headers
-      },
-      hostname: parsedUrl.hostname,
-      method: "GET",
-      path: parsedUrl.pathname + parsedUrl.search,
-      port: parsedUrl.port,
-      timeout
-    };
-    const { createWriteStream } = /* @__PURE__ */ getFs();
-    let fileStream;
-    let streamClosed = false;
-    const closeStream = () => {
-      if (!streamClosed && fileStream) {
-        streamClosed = true;
-        fileStream.close();
-      }
-    };
-    const request = httpModule.request(
-      requestOptions,
-      (res) => {
-        if (followRedirects && res.statusCode && res.statusCode >= 300 && res.statusCode < 400 && res.headers.location) {
-          if (maxRedirects <= 0) {
-            reject(
-              new Error(
-                `Too many redirects (exceeded maximum: ${maxRedirects})`
-              )
-            );
-            return;
-          }
-          const redirectUrl = res.headers.location.startsWith("http") ? res.headers.location : new URL(res.headers.location, url).toString();
-          resolve(
-            httpDownloadAttempt(redirectUrl, destPath, {
-              followRedirects,
-              headers,
-              maxRedirects: maxRedirects - 1,
-              onProgress,
-              timeout
-            })
-          );
-          return;
-        }
-        if (!res.statusCode || res.statusCode < 200 || res.statusCode >= 300) {
-          closeStream();
-          reject(
-            new Error(
-              `Download failed: HTTP ${res.statusCode} ${res.statusMessage}`
-            )
-          );
-          return;
-        }
-        const totalSize = Number.parseInt(
-          res.headers["content-length"] || "0",
-          10
-        );
-        let downloadedSize = 0;
-        fileStream = createWriteStream(destPath);
-        fileStream.on("error", (error) => {
-          closeStream();
-          const err = new Error(`Failed to write file: ${error.message}`, {
-            cause: error
-          });
-          reject(err);
-        });
-        res.on("data", (chunk) => {
-          downloadedSize += chunk.length;
-          if (onProgress && totalSize > 0) {
-            onProgress(downloadedSize, totalSize);
-          }
-        });
-        res.on("end", () => {
-          fileStream?.close(() => {
-            streamClosed = true;
-            resolve({
-              path: destPath,
-              size: downloadedSize
-            });
-          });
-        });
-        res.on("error", (error) => {
-          closeStream();
-          reject(error);
-        });
-        res.pipe(fileStream);
-      }
-    );
-    request.on("error", (error) => {
-      closeStream();
-      const code = error.code;
-      let message = `HTTP download failed for ${url}: ${error.message}
-`;
-      if (code === "ENOTFOUND") {
-        message += "DNS lookup failed. Check the hostname and your network connection.";
-      } else if (code === "ECONNREFUSED") {
-        message += "Connection refused. Verify the server is running and accessible.";
-      } else if (code === "ETIMEDOUT") {
-        message += "Request timed out. Check your network or increase the timeout value.";
-      } else if (code === "ECONNRESET") {
-        message += "Connection reset. The server may have closed the connection unexpectedly.";
-      } else {
-        message += "Check your network connection and verify the URL is correct.";
-      }
-      reject(new Error(message, { cause: error }));
-    });
-    request.on("timeout", () => {
-      request.destroy();
-      closeStream();
-      reject(new Error(`Download timed out after ${timeout}ms`));
-    });
-    request.end();
+    ...restOptions
+  } = {
+    __proto__: null,
+    ...options
+  };
+  const defaultHeaders = {
+    Accept: "application/json"
+  };
+  if (body) {
+    defaultHeaders["Content-Type"] = "application/json";
+  }
+  const mergedHeaders = {
+    ...defaultHeaders,
+    ...headers
+  };
+  const response = await httpRequest(url, {
+    body,
+    headers: mergedHeaders,
+    ...restOptions
   });
-}
-async function httpGetJson(url, options) {
-  const response = await httpRequest(url, { ...options, method: "GET" });
   if (!response.ok) {
     throw new Error(`HTTP ${response.status}: ${response.statusText}`);
   }
@@ -373,8 +362,63 @@ async function httpGetJson(url, options) {
     throw new Error("Failed to parse JSON response", { cause: e });
   }
 }
-async function httpGetText(url, options) {
-  const response = await httpRequest(url, { ...options, method: "GET" });
+async function httpRequest(url, options) {
+  const {
+    body,
+    followRedirects = true,
+    headers = {},
+    maxRedirects = 5,
+    method = "GET",
+    retries = 0,
+    retryDelay = 1e3,
+    timeout = 3e4
+  } = { __proto__: null, ...options };
+  let lastError;
+  for (let attempt = 0; attempt <= retries; attempt++) {
+    try {
+      return await httpRequestAttempt(url, {
+        body,
+        followRedirects,
+        headers,
+        maxRedirects,
+        method,
+        timeout
+      });
+    } catch (e) {
+      lastError = e;
+      if (attempt === retries) {
+        break;
+      }
+      const delayMs = retryDelay * 2 ** attempt;
+      await new Promise((resolve) => setTimeout(resolve, delayMs));
+    }
+  }
+  throw lastError || new Error("Request failed after retries");
+}
+async function httpText(url, options) {
+  const {
+    body,
+    headers = {},
+    ...restOptions
+  } = {
+    __proto__: null,
+    ...options
+  };
+  const defaultHeaders = {
+    Accept: "text/plain"
+  };
+  if (body) {
+    defaultHeaders["Content-Type"] = "text/plain";
+  }
+  const mergedHeaders = {
+    ...defaultHeaders,
+    ...headers
+  };
+  const response = await httpRequest(url, {
+    body,
+    headers: mergedHeaders,
+    ...restOptions
+  });
   if (!response.ok) {
     throw new Error(`HTTP ${response.status}: ${response.statusText}`);
   }
@@ -383,7 +427,7 @@ async function httpGetText(url, options) {
 // Annotate the CommonJS export names for ESM import in node:
 0 && (module.exports = {
   httpDownload,
-  httpGetJson,
-  httpGetText,
-  httpRequest
+  httpJson,
+  httpRequest,
+  httpText
 });

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@socketsecurity/lib",
-  "version": "5.5.2",
-  "packageManager": "pnpm@10.28.0",
+  "version": "5.6.0",
+  "packageManager": "pnpm@10.29.1",
   "license": "MIT",
   "description": "Core utilities and infrastructure for Socket.dev security tools",
   "keywords": [
@@ -730,7 +730,7 @@
     "@socketregistry/is-unicode-supported": "1.0.5",
     "@socketregistry/packageurl-js": "1.3.5",
     "@socketregistry/yocto-spinner": "1.0.25",
-    "@socketsecurity/lib-stable": "npm:@socketsecurity/lib@5.5.0",
+    "@socketsecurity/lib-stable": "npm:@socketsecurity/lib@5.5.3",
     "@types/node": "24.9.2",
     "@typescript/native-preview": "7.0.0-dev.20250920.1",
     "@vitest/coverage-v8": "4.0.3",
@@ -754,7 +754,7 @@
     "globals": "16.4.0",
     "has-flag": "5.0.1",
     "husky": "9.1.7",
-    "libnpmexec": "^10.1.11",
+    "libnpmexec": "^10.2.0",
     "libnpmpack": "9.0.9",
     "lint-staged": "15.2.11",
     "magic-string": "0.30.17",
@@ -818,8 +818,8 @@
     "patchedDependencies": {
       "@npmcli/run-script@10.0.0": "patches/@npmcli__run-script@10.0.0.patch",
       "@sigstore/sign@4.1.0": "patches/@sigstore__sign@4.1.0.patch",
-      "node-gyp@11.5.0": "patches/node-gyp@11.5.0.patch",
-      "execa@5.1.1": "patches/execa@5.1.1.patch"
+      "execa@5.1.1": "patches/execa@5.1.1.patch",
+      "node-gyp@11.5.0": "patches/node-gyp@11.5.0.patch"
     }
   }
 }