npm - @socketsecurity/lib - Versions diffs - 5.6.0 → 5.8.0 - Mend

@socketsecurity/lib 5.6.0 → 5.8.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (49) hide show

package/CHANGELOG.md +92 -2
package/README.md +190 -18
package/dist/archives.d.ts +58 -0
package/dist/archives.js +313 -0
package/dist/arrays.js +2 -3
package/dist/cache-with-ttl.js +25 -6
package/dist/constants/node.js +2 -1
package/dist/cover/formatters.js +5 -3
package/dist/dlx/binary.d.ts +20 -0
package/dist/dlx/binary.js +115 -99
package/dist/dlx/detect.d.ts +8 -8
package/dist/dlx/detect.js +18 -18
package/dist/dlx/manifest.d.ts +32 -31
package/dist/dlx/manifest.js +114 -112
package/dist/dlx/package.d.ts +55 -0
package/dist/dlx/package.js +90 -80
package/dist/env/ci.js +1 -2
package/dist/env/rewire.d.ts +33 -22
package/dist/env/rewire.js +20 -7
package/dist/env/socket-cli.d.ts +24 -24
package/dist/env/socket-cli.js +12 -12
package/dist/env/temp-dir.d.ts +6 -6
package/dist/env/temp-dir.js +4 -4
package/dist/env/windows.d.ts +6 -6
package/dist/env/windows.js +4 -4
package/dist/external/@npmcli/package-json.js +352 -824
package/dist/external/adm-zip.js +2695 -0
package/dist/external/debug.js +183 -7
package/dist/external/external-pack.js +19 -1409
package/dist/external/libnpmexec.js +2 -2
package/dist/external/npm-pack.js +18777 -19997
package/dist/external/pico-pack.js +29 -5
package/dist/external/spdx-pack.js +41 -263
package/dist/external/tar-fs.js +3053 -0
package/dist/git.js +22 -4
package/dist/github.js +17 -9
package/dist/globs.js +20 -1
package/dist/http-request.js +1 -1
package/dist/memoization.js +22 -13
package/dist/package-extensions.js +4 -2
package/dist/packages/normalize.js +3 -0
package/dist/packages/specs.js +1 -1
package/dist/process-lock.js +4 -2
package/dist/releases/github.d.ts +55 -4
package/dist/releases/github.js +203 -101
package/dist/spawn.js +1 -1
package/dist/spinner.js +1 -1
package/dist/stdio/progress.js +2 -2
package/package.json +38 -15

package/dist/env/rewire.js CHANGED Viewed

@@ -22,12 +22,14 @@ __export(rewire_exports, {
   clearEnv: () => clearEnv,
   getEnvValue: () => getEnvValue,
   hasOverride: () => hasOverride,
+  isInEnv: () => isInEnv,
   resetEnv: () => resetEnv,
   setEnv: () => setEnv,
   withEnv: () => withEnv,
   withEnvSync: () => withEnvSync
 });
 module.exports = __toCommonJS(rewire_exports);
+var import_objects = require("../objects");
 var import_helpers = require("./helpers");
 let _async_hooks;
 // @__NO_SIDE_EFFECTS__
@@ -47,6 +49,9 @@ if (isVitestEnv && !globalThis[sharedOverridesSymbol]) {
   globalThis[sharedOverridesSymbol] = /* @__PURE__ */ new Map();
 }
 const sharedOverrides = globalThis[sharedOverridesSymbol];
+function clearEnv(key) {
+  sharedOverrides?.delete(key);
+}
 function getEnvValue(key) {
   const isolatedOverrides = isolatedOverridesStorage.getStore();
   if (isolatedOverrides?.has(key)) {
@@ -57,18 +62,25 @@ function getEnvValue(key) {
   }
   return process.env[key];
 }
-function setEnv(key, value) {
-  sharedOverrides?.set(key, value);
+function hasOverride(key) {
+  const isolatedOverrides = isolatedOverridesStorage.getStore();
+  return !!(isolatedOverrides?.has(key) || sharedOverrides?.has(key));
 }
-function clearEnv(key) {
-  sharedOverrides?.delete(key);
+function isInEnv(key) {
+  const isolatedOverrides = isolatedOverridesStorage.getStore();
+  if (isolatedOverrides?.has(key)) {
+    return true;
+  }
+  if (sharedOverrides?.has(key)) {
+    return true;
+  }
+  return (0, import_objects.hasOwn)(process.env, key);
 }
 function resetEnv() {
   sharedOverrides?.clear();
 }
-function hasOverride(key) {
-  const isolatedOverrides = isolatedOverridesStorage.getStore();
-  return !!(isolatedOverrides?.has(key) || sharedOverrides?.has(key));
+function setEnv(key, value) {
+  sharedOverrides?.set(key, value);
 }
 async function withEnv(overrides, fn) {
   const map = new Map(Object.entries(overrides));
@@ -83,6 +95,7 @@ function withEnvSync(overrides, fn) {
   clearEnv,
   getEnvValue,
   hasOverride,
+  isInEnv,
   resetEnv,
   setEnv,
   withEnv,

package/dist/env/socket-cli.d.ts CHANGED Viewed

@@ -38,6 +38,22 @@ export declare function getSocketCliApiTimeout(): number;
  */
 /*@__NO_SIDE_EFFECTS__*/
 export declare function getSocketCliApiToken(): string | undefined;
+/**
+ * Bootstrap cache directory path.
+ * Set by bootstrap wrappers to pass dlx cache location to CLI.
+ *
+ * @returns Bootstrap cache directory or undefined
+ */
+/*@__NO_SIDE_EFFECTS__*/
+export declare function getSocketCliBootstrapCacheDir(): string | undefined;
+/**
+ * Bootstrap package spec (e.g., @socketsecurity/cli@^2.0.11).
+ * Set by bootstrap wrappers (SEA/smol/npm) to pass package spec to CLI.
+ *
+ * @returns Bootstrap package spec or undefined
+ */
+/*@__NO_SIDE_EFFECTS__*/
+export declare function getSocketCliBootstrapSpec(): string | undefined;
 /**
  * Socket CLI configuration file path (alternative name).
  *
@@ -52,6 +68,14 @@ export declare function getSocketCliConfig(): string | undefined;
  */
 /*@__NO_SIDE_EFFECTS__*/
 export declare function getSocketCliFix(): string | undefined;
+/**
+ * Socket CLI GitHub authentication token.
+ * Checks SOCKET_CLI_GITHUB_TOKEN, SOCKET_SECURITY_GITHUB_PAT, then falls back to GITHUB_TOKEN.
+ *
+ * @returns GitHub token or undefined
+ */
+/*@__NO_SIDE_EFFECTS__*/
+export declare function getSocketCliGithubToken(): string | undefined;
 /**
  * Whether to skip Socket CLI API token requirement (alternative name).
  *
@@ -81,27 +105,3 @@ export declare function getSocketCliOrgSlug(): string | undefined;
  */
 /*@__NO_SIDE_EFFECTS__*/
 export declare function getSocketCliViewAllRisks(): boolean;
-/**
- * Socket CLI GitHub authentication token.
- * Checks SOCKET_CLI_GITHUB_TOKEN, SOCKET_SECURITY_GITHUB_PAT, then falls back to GITHUB_TOKEN.
- *
- * @returns GitHub token or undefined
- */
-/*@__NO_SIDE_EFFECTS__*/
-export declare function getSocketCliGithubToken(): string | undefined;
-/**
- * Bootstrap package spec (e.g., @socketsecurity/cli@^2.0.11).
- * Set by bootstrap wrappers (SEA/smol/npm) to pass package spec to CLI.
- *
- * @returns Bootstrap package spec or undefined
- */
-/*@__NO_SIDE_EFFECTS__*/
-export declare function getSocketCliBootstrapSpec(): string | undefined;
-/**
- * Bootstrap cache directory path.
- * Set by bootstrap wrappers to pass dlx cache location to CLI.
- *
- * @returns Bootstrap cache directory or undefined
- */
-/*@__NO_SIDE_EFFECTS__*/
-export declare function getSocketCliBootstrapCacheDir(): string | undefined;

package/dist/env/socket-cli.js CHANGED Viewed

@@ -58,6 +58,14 @@ function getSocketCliApiToken() {
   return (0, import_rewire.getEnvValue)("SOCKET_CLI_API_TOKEN") || (0, import_rewire.getEnvValue)("SOCKET_CLI_API_KEY") || (0, import_rewire.getEnvValue)("SOCKET_SECURITY_API_TOKEN") || (0, import_rewire.getEnvValue)("SOCKET_SECURITY_API_KEY");
 }
 // @__NO_SIDE_EFFECTS__
+function getSocketCliBootstrapCacheDir() {
+  return (0, import_rewire.getEnvValue)("SOCKET_CLI_BOOTSTRAP_CACHE_DIR");
+}
+// @__NO_SIDE_EFFECTS__
+function getSocketCliBootstrapSpec() {
+  return (0, import_rewire.getEnvValue)("SOCKET_CLI_BOOTSTRAP_SPEC");
+}
+// @__NO_SIDE_EFFECTS__
 function getSocketCliConfig() {
   return (0, import_rewire.getEnvValue)("SOCKET_CLI_CONFIG");
 }
@@ -66,6 +74,10 @@ function getSocketCliFix() {
   return (0, import_rewire.getEnvValue)("SOCKET_CLI_FIX");
 }
 // @__NO_SIDE_EFFECTS__
+function getSocketCliGithubToken() {
+  return (0, import_rewire.getEnvValue)("SOCKET_CLI_GITHUB_TOKEN") || (0, import_rewire.getEnvValue)("SOCKET_SECURITY_GITHUB_PAT") || (0, import_rewire.getEnvValue)("GITHUB_TOKEN");
+}
+// @__NO_SIDE_EFFECTS__
 function getSocketCliNoApiToken() {
   return (0, import_helpers.envAsBoolean)((0, import_rewire.getEnvValue)("SOCKET_CLI_NO_API_TOKEN"));
 }
@@ -81,18 +93,6 @@ function getSocketCliOrgSlug() {
 function getSocketCliViewAllRisks() {
   return (0, import_helpers.envAsBoolean)((0, import_rewire.getEnvValue)("SOCKET_CLI_VIEW_ALL_RISKS"));
 }
-// @__NO_SIDE_EFFECTS__
-function getSocketCliGithubToken() {
-  return (0, import_rewire.getEnvValue)("SOCKET_CLI_GITHUB_TOKEN") || (0, import_rewire.getEnvValue)("SOCKET_SECURITY_GITHUB_PAT") || (0, import_rewire.getEnvValue)("GITHUB_TOKEN");
-}
-// @__NO_SIDE_EFFECTS__
-function getSocketCliBootstrapSpec() {
-  return (0, import_rewire.getEnvValue)("SOCKET_CLI_BOOTSTRAP_SPEC");
-}
-// @__NO_SIDE_EFFECTS__
-function getSocketCliBootstrapCacheDir() {
-  return (0, import_rewire.getEnvValue)("SOCKET_CLI_BOOTSTRAP_CACHE_DIR");
-}
 // Annotate the CommonJS export names for ESM import in node:
 0 && (module.exports = {
   getSocketCliAcceptRisks,

package/dist/env/temp-dir.d.ts CHANGED Viewed

@@ -1,9 +1,3 @@
-/**
- * TMPDIR environment variable.
- * Unix/macOS temporary directory path.
- */
-/*@__NO_SIDE_EFFECTS__*/
-export declare function getTmpdir(): string | undefined;
 /**
  * TEMP environment variable.
  * Windows temporary directory path.
@@ -16,3 +10,9 @@ export declare function getTemp(): string | undefined;
  */
 /*@__NO_SIDE_EFFECTS__*/
 export declare function getTmp(): string | undefined;
+/**
+ * TMPDIR environment variable.
+ * Unix/macOS temporary directory path.
+ */
+/*@__NO_SIDE_EFFECTS__*/
+export declare function getTmpdir(): string | undefined;

package/dist/env/temp-dir.js CHANGED Viewed

@@ -26,10 +26,6 @@ __export(temp_dir_exports, {
 module.exports = __toCommonJS(temp_dir_exports);
 var import_rewire = require("./rewire");
 // @__NO_SIDE_EFFECTS__
-function getTmpdir() {
-  return (0, import_rewire.getEnvValue)("TMPDIR");
-}
-// @__NO_SIDE_EFFECTS__
 function getTemp() {
   return (0, import_rewire.getEnvValue)("TEMP");
 }
@@ -37,6 +33,10 @@ function getTemp() {
 function getTmp() {
   return (0, import_rewire.getEnvValue)("TMP");
 }
+// @__NO_SIDE_EFFECTS__
+function getTmpdir() {
+  return (0, import_rewire.getEnvValue)("TMPDIR");
+}
 // Annotate the CommonJS export names for ESM import in node:
 0 && (module.exports = {
   getTemp,

package/dist/env/windows.d.ts CHANGED Viewed

@@ -4,6 +4,12 @@
  */
 /*@__NO_SIDE_EFFECTS__*/
 export declare function getAppdata(): string | undefined;
+/**
+ * COMSPEC environment variable.
+ * Points to the Windows command processor (typically cmd.exe).
+ */
+/*@__NO_SIDE_EFFECTS__*/
+export declare function getComspec(): string | undefined;
 /**
  * LOCALAPPDATA environment variable.
  * Points to the Local Application Data directory on Windows.
@@ -16,9 +22,3 @@ export declare function getLocalappdata(): string | undefined;
  */
 /*@__NO_SIDE_EFFECTS__*/
 export declare function getUserprofile(): string | undefined;
-/**
- * COMSPEC environment variable.
- * Points to the Windows command processor (typically cmd.exe).
- */
-/*@__NO_SIDE_EFFECTS__*/
-export declare function getComspec(): string | undefined;

package/dist/env/windows.js CHANGED Viewed

@@ -31,6 +31,10 @@ function getAppdata() {
   return (0, import_rewire.getEnvValue)("APPDATA");
 }
 // @__NO_SIDE_EFFECTS__
+function getComspec() {
+  return (0, import_rewire.getEnvValue)("COMSPEC");
+}
+// @__NO_SIDE_EFFECTS__
 function getLocalappdata() {
   return (0, import_rewire.getEnvValue)("LOCALAPPDATA");
 }
@@ -38,10 +42,6 @@ function getLocalappdata() {
 function getUserprofile() {
   return (0, import_rewire.getEnvValue)("USERPROFILE");
 }
-// @__NO_SIDE_EFFECTS__
-function getComspec() {
-  return (0, import_rewire.getEnvValue)("COMSPEC");
-}
 // Annotate the CommonJS export names for ESM import in node:
 0 && (module.exports = {
   getAppdata,