@socketsecurity/lib 5.7.0 → 5.8.1

package/dist/spawn.js

@@ -53,9 +53,18 @@ function getPath() {
   }
   return _path;
 }
+let _fs;
+// @__NO_SIDE_EFFECTS__
+function getFs() {
+  if (_fs === void 0) {
+    _fs = require("fs");
+  }
+  return _fs;
+}
 const abortSignal = (0, import_process.getAbortSignal)();
 const spinner = (0, import_spinner.getDefaultSpinner)();
 const stackCache = /* @__PURE__ */ new WeakMap();
+const spawnBinPathCache = /* @__PURE__ */ new Map();
 const windowsScriptExtRegExp = /\.(?:cmd|bat|ps1)$/i;
 let _child_process;
 // @__NO_SIDE_EFFECTS__
@@ -92,7 +101,7 @@ function enhanceSpawnError(error) {
   }
   const trimmedStderr = stderrText.trim();
   if (trimmedStderr) {
-    const firstLine = trimmedStderr.split("\n")[0];
+    const firstLine = trimmedStderr.split("\n")[0] ?? "";
     if (firstLine.length < 200) {
       enhancedMessage += `
 ${firstLine}`;
@@ -178,14 +187,28 @@ function spawn(cmd, args, options, extra) {
   const cwd = spawnOptions.cwd ? String(spawnOptions.cwd) : void 0;
   let actualCmd = cmd;
   if (!(0, import_normalize.isPath)(cmd)) {
-    const resolved = (0, import_bin.whichSync)(cmd, { cwd, nothrow: true });
-    if (resolved && typeof resolved === "string") {
-      actualCmd = resolved;
+    const fs = /* @__PURE__ */ getFs();
+    const cached = spawnBinPathCache.get(cmd);
+    if (cached) {
+      if (fs.existsSync(cached)) {
+        actualCmd = cached;
+      } else {
+        spawnBinPathCache.delete(cmd);
+      }
+    }
+    if (actualCmd === cmd) {
+      const resolved = (0, import_bin.whichSync)(cmd, { cwd, nothrow: true });
+      if (resolved && typeof resolved === "string") {
+        actualCmd = resolved;
+        spawnBinPathCache.set(cmd, resolved);
+      }
     }
   }
   const WIN32 = process.platform === "win32";
   if (WIN32 && shell && windowsScriptExtRegExp.test(actualCmd)) {
-    actualCmd = (/* @__PURE__ */ getPath()).basename(actualCmd, (/* @__PURE__ */ getPath()).extname(actualCmd));
+    if (!(0, import_normalize.isPath)(actualCmd)) {
+      actualCmd = (/* @__PURE__ */ getPath()).basename(actualCmd, (/* @__PURE__ */ getPath()).extname(actualCmd));
+    }
   }
   const wasSpinning = !!spinnerInstance?.isSpinning;
   const shouldStopSpinner = wasSpinning && !/* @__PURE__ */ isStdioType(stdio, "ignore") && !/* @__PURE__ */ isStdioType(stdio, "pipe");
@@ -269,7 +292,9 @@ function spawnSync(cmd, args, options) {
   const shell = (0, import_objects.getOwn)(options, "shell");
   const WIN32 = process.platform === "win32";
   if (WIN32 && shell && windowsScriptExtRegExp.test(actualCmd)) {
-    actualCmd = (/* @__PURE__ */ getPath()).basename(actualCmd, (/* @__PURE__ */ getPath()).extname(actualCmd));
+    if (!(0, import_normalize.isPath)(actualCmd)) {
+      actualCmd = (/* @__PURE__ */ getPath()).basename(actualCmd, (/* @__PURE__ */ getPath()).extname(actualCmd));
+    }
   }
   const { stripAnsi: shouldStripAnsi = true, ...rawSpawnOptions } = {
     __proto__: null,

package/dist/spinner.js

@@ -66,7 +66,7 @@ function desc(value) {
 }
 function formatProgress(progress) {
   const { current, total, unit } = progress;
-  const percentage = Math.round(current / total * 100);
+  const percentage = total === 0 ? 0 : Math.round(current / total * 100);
   const bar = renderProgressBar(percentage);
   const count = unit ? `${current}/${total} ${unit}` : `${current}/${total}`;
   return `${bar} ${percentage}% (${count})`;

package/dist/stdio/progress.js

@@ -128,11 +128,11 @@ class ProgressBar {
    */
   render(tokens) {
     const colorFn = import_yoctocolors_cjs.default[this.options.color] || ((s) => s);
-    const percent = Math.floor(this.current / this.total * 100);
+    const percent = this.total === 0 ? 0 : Math.floor(this.current / this.total * 100);
     const elapsed = Date.now() - this.startTime;
     const eta = this.current === 0 ? 0 : elapsed / this.current * (this.total - this.current);
     const availableWidth = this.options.width;
-    const filledWidth = Math.floor(this.current / this.total * availableWidth);
+    const filledWidth = this.total === 0 ? 0 : Math.floor(this.current / this.total * availableWidth);
     const emptyWidth = availableWidth - filledWidth;
     const filled = (0, import_strings.repeatString)(this.options.complete, filledWidth);
     const empty = (0, import_strings.repeatString)(this.options.incomplete, emptyWidth);

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@socketsecurity/lib",
-  "version": "5.7.0",
-  "packageManager": "pnpm@10.29.1",
+  "version": "5.8.1",
+  "packageManager": "pnpm@10.32.1",
   "license": "MIT",
   "description": "Core utilities and infrastructure for Socket.dev security tools",
   "keywords": [
@@ -103,6 +103,10 @@
       "types": "./dist/ansi.d.ts",
       "default": "./dist/ansi.js"
     },
+    "./archives": {
+      "types": "./dist/archives.d.ts",
+      "default": "./dist/archives.js"
+    },
     "./argv/flags": {
       "types": "./dist/argv/flags.d.ts",
       "default": "./dist/argv/flags.js"
@@ -679,7 +683,6 @@
       "types": "./dist/zod.d.ts",
       "default": "./dist/zod.js"
     },
-    "./biome.json": "./biome.json",
     "./data/extensions.json": "./data/extensions.json",
     "./package.json": "./package.json",
     "./tsconfig.dts.json": "./tsconfig.dts.json",
@@ -703,7 +706,11 @@
     "cover": "node scripts/test/cover.mjs",
     "dev": "node scripts/build/main.mjs --watch",
     "fix": "node scripts/lint.mjs --fix",
+    "format": "oxfmt",
+    "format:check": "oxfmt --check",
     "lint": "node scripts/lint.mjs",
+    "lint:oxlint": "oxlint .",
+    "lint:oxfmt": "oxfmt --check .",
     "prepare": "husky",
     "prepublishOnly": "pnpm run build",
     "test": "node scripts/test/main.mjs",
@@ -714,10 +721,7 @@
     "@babel/parser": "7.28.4",
     "@babel/traverse": "7.28.4",
     "@babel/types": "7.28.4",
-    "@biomejs/biome": "2.2.4",
     "@dotenvx/dotenvx": "1.49.0",
-    "@eslint/compat": "1.4.0",
-    "@eslint/js": "9.38.0",
     "@inquirer/checkbox": "4.3.1",
     "@inquirer/confirm": "5.1.16",
     "@inquirer/input": "4.2.2",
@@ -730,31 +734,27 @@
     "@socketregistry/is-unicode-supported": "1.0.5",
     "@socketregistry/packageurl-js": "1.3.5",
     "@socketregistry/yocto-spinner": "1.0.25",
-    "@socketsecurity/lib-stable": "npm:@socketsecurity/lib@5.5.3",
+    "@socketsecurity/lib-stable": "npm:@socketsecurity/lib@5.8.0",
     "@types/node": "24.9.2",
     "@typescript/native-preview": "7.0.0-dev.20250920.1",
     "@vitest/coverage-v8": "4.0.3",
     "@vitest/ui": "4.0.3",
     "@yarnpkg/core": "4.5.0",
     "@yarnpkg/extensions": "2.0.6",
+    "adm-zip": "0.5.16",
     "cacache": "20.0.1",
     "debug": "4.4.3",
     "del": "8.0.1",
     "del-cli": "6.0.0",
     "esbuild": "0.25.11",
-    "eslint": "9.35.0",
-    "eslint-import-resolver-typescript": "4.4.4",
-    "eslint-plugin-import-x": "4.16.1",
-    "eslint-plugin-n": "17.23.1",
     "eslint-plugin-sort-destructure-keys": "2.0.0",
-    "eslint-plugin-unicorn": "61.0.2",
     "fast-glob": "3.3.3",
     "fast-sort": "3.4.1",
     "get-east-asian-width": "1.3.0",
     "globals": "16.4.0",
     "has-flag": "5.0.1",
     "husky": "9.1.7",
-    "libnpmexec": "^10.2.0",
+    "libnpmexec": "10.2.3",
     "libnpmpack": "9.0.9",
     "lint-staged": "15.2.11",
     "magic-string": "0.30.17",
@@ -762,6 +762,8 @@
     "nock": "14.0.10",
     "normalize-package-data": "8.0.0",
     "npm-package-arg": "13.0.0",
+    "oxfmt": "^0.37.0",
+    "oxlint": "1.53.0",
     "pacote": "21.0.1",
     "picomatch": "2.3.1",
     "pony-cause": "2.1.11",
@@ -771,11 +773,12 @@
     "spdx-expression-parse": "4.0.0",
     "streaming-iterables": "8.0.1",
     "supports-color": "10.0.0",
+    "tar-fs": "3.1.2",
+    "tar-stream": "3.1.8",
     "taze": "19.9.2",
     "trash": "10.0.0",
     "type-coverage": "2.29.7",
     "typescript": "5.9.2",
-    "typescript-eslint": "8.44.1",
     "validate-npm-package-name": "6.0.2",
     "vite-tsconfig-paths": "5.1.4",
     "vitest": "4.0.3",
@@ -794,23 +797,40 @@
   },
   "pnpm": {
     "overrides": {
+      "@inquirer/ansi": "1.0.2",
+      "@inquirer/core": "10.3.1",
+      "@inquirer/figures": "1.0.15",
       "@npmcli/arborist": "9.1.6",
+      "@npmcli/git": "6.0.3",
       "@npmcli/run-script": "10.0.0",
       "@sigstore/core": "3.1.0",
       "@sigstore/sign": "4.1.0",
       "ansi-regex": "6.2.2",
+      "chownr": "3.0.0",
       "debug": "4.4.3",
       "execa": "5.1.1",
       "has-flag": "5.0.1",
+      "hosted-git-info": "8.1.0",
       "isexe": "3.1.1",
       "lru-cache": "11.2.2",
+      "minimatch": "9.0.5",
+      "minipass": "7.1.3",
+      "minipass-fetch": "4.0.1",
+      "minipass-sized": "1.0.3",
+      "minipass@7": "7.1.3",
+      "minizlib": "3.1.0",
+      "npm-package-arg": "12.0.2",
+      "npm-pick-manifest": "10.0.0",
       "picomatch": "4.0.3",
       "proc-log": "6.1.0",
       "semver": "7.7.2",
       "signal-exit": "4.1.0",
+      "spdx-expression-parse": "4.0.0",
+      "ssri": "12.0.0",
       "string-width": "8.1.0",
       "strip-ansi": "7.1.2",
       "supports-color": "10.0.0",
+      "tar": "7.5.11",
       "which": "5.0.0",
       "wrap-ansi": "9.0.2",
       "yoctocolors-cjs": "2.1.3"
@@ -819,7 +839,10 @@
       "@npmcli/run-script@10.0.0": "patches/@npmcli__run-script@10.0.0.patch",
       "@sigstore/sign@4.1.0": "patches/@sigstore__sign@4.1.0.patch",
       "execa@5.1.1": "patches/execa@5.1.1.patch",
-      "node-gyp@11.5.0": "patches/node-gyp@11.5.0.patch"
+      "minipass-flush@1.0.5": "patches/minipass-flush@1.0.5.patch",
+      "minipass-pipeline@1.2.4": "patches/minipass-pipeline@1.2.4.patch",
+      "node-gyp@11.5.0": "patches/node-gyp@11.5.0.patch",
+      "minipass-sized@1.0.3": "patches/minipass-sized@1.0.3.patch"
     }
   }
 }