@socketsecurity/lib 5.8.1 → 5.8.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +10 -0
- package/dist/http-request.js +15 -1
- package/package.json +2 -2
package/CHANGELOG.md
CHANGED
|
@@ -5,6 +5,16 @@ All notable changes to this project will be documented in this file.
|
|
|
5
5
|
The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/),
|
|
6
6
|
and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
|
|
7
7
|
|
|
8
|
+
## [5.8.2](https://github.com/SocketDev/socket-lib/releases/tag/v5.8.2) - 2026-03-13
|
|
9
|
+
|
|
10
|
+
### Fixed
|
|
11
|
+
|
|
12
|
+
- **http-request**: Download to temp file then atomically rename to prevent corruption
|
|
13
|
+
- Downloads now write to `{destPath}.download` temp file first
|
|
14
|
+
- On success, atomically renames to the destination path
|
|
15
|
+
- On failure, cleans up temp file and preserves any existing file at destination
|
|
16
|
+
- Prevents partial/corrupted files from CI caching causing extraction failures
|
|
17
|
+
|
|
8
18
|
## [5.8.1](https://github.com/SocketDev/socket-lib/releases/tag/v5.8.1) - 2026-03-11
|
|
9
19
|
|
|
10
20
|
### Performance
|
package/dist/http-request.js
CHANGED
|
@@ -25,6 +25,7 @@ __export(http_request_exports, {
|
|
|
25
25
|
httpText: () => httpText
|
|
26
26
|
});
|
|
27
27
|
module.exports = __toCommonJS(http_request_exports);
|
|
28
|
+
var import_fs = require("./fs.js");
|
|
28
29
|
let _fs;
|
|
29
30
|
// @__NO_SIDE_EFFECTS__
|
|
30
31
|
function getFs() {
|
|
@@ -308,18 +309,31 @@ async function httpDownload(url, destPath, options) {
|
|
|
308
309
|
}
|
|
309
310
|
};
|
|
310
311
|
}
|
|
312
|
+
const fs = /* @__PURE__ */ getFs();
|
|
313
|
+
const tempPath = `${destPath}.download`;
|
|
314
|
+
if (fs.existsSync(tempPath)) {
|
|
315
|
+
await (0, import_fs.safeDelete)(tempPath);
|
|
316
|
+
}
|
|
311
317
|
let lastError;
|
|
312
318
|
for (let attempt = 0; attempt <= retries; attempt++) {
|
|
313
319
|
try {
|
|
314
|
-
|
|
320
|
+
const result = await httpDownloadAttempt(url, tempPath, {
|
|
315
321
|
followRedirects,
|
|
316
322
|
headers,
|
|
317
323
|
maxRedirects,
|
|
318
324
|
onProgress: progressCallback,
|
|
319
325
|
timeout
|
|
320
326
|
});
|
|
327
|
+
await fs.promises.rename(tempPath, destPath);
|
|
328
|
+
return {
|
|
329
|
+
path: destPath,
|
|
330
|
+
size: result.size
|
|
331
|
+
};
|
|
321
332
|
} catch (e) {
|
|
322
333
|
lastError = e;
|
|
334
|
+
if (fs.existsSync(tempPath)) {
|
|
335
|
+
await (0, import_fs.safeDelete)(tempPath);
|
|
336
|
+
}
|
|
323
337
|
if (attempt === retries) {
|
|
324
338
|
break;
|
|
325
339
|
}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@socketsecurity/lib",
|
|
3
|
-
"version": "5.8.
|
|
3
|
+
"version": "5.8.2",
|
|
4
4
|
"packageManager": "pnpm@10.32.1",
|
|
5
5
|
"license": "MIT",
|
|
6
6
|
"description": "Core utilities and infrastructure for Socket.dev security tools",
|
|
@@ -734,7 +734,7 @@
|
|
|
734
734
|
"@socketregistry/is-unicode-supported": "1.0.5",
|
|
735
735
|
"@socketregistry/packageurl-js": "1.3.5",
|
|
736
736
|
"@socketregistry/yocto-spinner": "1.0.25",
|
|
737
|
-
"@socketsecurity/lib-stable": "npm:@socketsecurity/lib@5.8.
|
|
737
|
+
"@socketsecurity/lib-stable": "npm:@socketsecurity/lib@5.8.1",
|
|
738
738
|
"@types/node": "24.9.2",
|
|
739
739
|
"@typescript/native-preview": "7.0.0-dev.20250920.1",
|
|
740
740
|
"@vitest/coverage-v8": "4.0.3",
|