@socketsecurity/lib 6.0.0 → 6.0.2

package/dist/external-tools/janus/asset-names.js

@@ -21,6 +21,7 @@ var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: tru
 var asset_names_exports = {};
 __export(asset_names_exports, {
   JANUS_ASSET_MAP: () => JANUS_ASSET_MAP,
+  JANUS_SUPPORTED_PLATFORM_ARCHES: () => JANUS_SUPPORTED_PLATFORM_ARCHES,
   getJanusAssetEntry: () => getJanusAssetEntry,
   getJanusDownloadUrl: () => getJanusDownloadUrl
 });
@@ -33,6 +34,9 @@ const JANUS_ASSET_MAP = (0, import_object.ObjectFreeze)({
     asset: "janus-aarch64-apple-darwin.tar.gz"
   })
 });
+const JANUS_SUPPORTED_PLATFORM_ARCHES = (0, import_object.ObjectFreeze)(
+  Object.keys(JANUS_ASSET_MAP)
+);
 function getJanusAssetEntry(platformArch) {
   return JANUS_ASSET_MAP[platformArch];
 }
@@ -47,6 +51,7 @@ function getJanusDownloadUrl(opts) {
 // Annotate the CommonJS export names for ESM import in node:
 0 && (module.exports = {
   JANUS_ASSET_MAP,
+  JANUS_SUPPORTED_PLATFORM_ARCHES,
   getJanusAssetEntry,
   getJanusDownloadUrl
 });

package/dist/external-tools/janus/from-download.d.ts

@@ -23,4 +23,4 @@ export interface JanusFromDownloadOptions {
     cacheDir?: string | undefined;
     downloader?: BinaryDownloader | undefined;
 }
-export declare function janusFromDownload(opts: JanusFromDownloadOptions): Promise<ResolvedJanus | undefined>;
+export declare function janusFromDownload(opts: JanusFromDownloadOptions): Promise<ResolvedJanus>;

package/dist/external-tools/janus/from-download.js

@@ -34,15 +34,24 @@ __export(from_download_exports, {
 });
 module.exports = __toCommonJS(from_download_exports);
 var import_node_path = __toESM(require("node:path"));
-var import_node_process = __toESM(require("node:process"));
 var import_socket = require("../../paths/socket");
 var import_from_download = require("../from-download");
 var import_asset_names = require("./asset-names");
 async function janusFromDownload(opts) {
   const { cacheDir, downloader, integrity, platformArch, version } = opts;
+  if (!import_asset_names.JANUS_SUPPORTED_PLATFORM_ARCHES.includes(platformArch)) {
+    const supported = import_asset_names.JANUS_SUPPORTED_PLATFORM_ARCHES.map((p) => `\`${p}\``).join(
+      ", "
+    );
+    throw new Error(
+      `janusFromDownload: platformArch must be one of [${supported}], got \`${platformArch}\`. Upstream janus only publishes the macOS arm64 build (see https://github.com/divmain/janus/releases); request \`darwin-arm64\` or use a different tool for other platforms.`
+    );
+  }
   const url = (0, import_asset_names.getJanusDownloadUrl)({ version, platformArch });
   if (!url) {
-    return void 0;
+    throw new Error(
+      `janusFromDownload: no upstream asset for janus@${version} on \`${platformArch}\`. The platform is in the supported set but the version may be missing; check https://github.com/divmain/janus/releases/tag/v${version}.`
+    );
   }
   const extractedDir = cacheDir ?? import_node_path.default.join((0, import_socket.getSocketWheelhouseDir)(), "janus", version, platformArch);
   const archive = await (0, import_from_download.downloadAndExtractTool)({
@@ -52,9 +61,8 @@ async function janusFromDownload(opts) {
     extractedDir,
     downloader
   });
-  const binary = import_node_process.default.platform === "win32" ? "janus.exe" : "janus";
   return {
-    path: import_node_path.default.join(extractedDir, binary),
+    path: import_node_path.default.join(extractedDir, "janus"),
     source: "download",
     integrity: archive.integrity
   };

package/dist/fs/read-json-cache.d.ts

@@ -0,0 +1,83 @@
+/**
+ * @file Process-scoped LRU cache for `readJson` / `readJsonSync` results, keyed
+ *   by absolute path + stat (`ino + size + mtimeMs`). Why default-on caching is
+ *   safe:
+ *
+ *   - Stat-validated keys: a `stat()` call before serving a cache hit ensures the
+ *     file hasn't changed (mtime + size mismatch ⇒ cache miss, re-read).
+ *   - Defensive clone on hit: every hit returns `structuredClone(parsed)` so
+ *     callers can mutate the returned object without poisoning the cache for
+ *     the next reader. The clone cost is far less than re-read + re-parse for
+ *     anything bigger than a trivial JSON document.
+ *   - Reviver opt-out: when the caller passes a `reviver` function, we skip the
+ *     cache. Function identity isn't safely hashable across boundaries, and the
+ *     reviver can produce a different shape from the same bytes.
+ *   - Per-call escape hatch: `cache: false` in the options bypasses the cache for
+ *     cases where staleness must be observed (file-watcher tooling, etc.).
+ *   - Bounded growth: an LRU cap (default 256 entries) protects long-running
+ *     daemons. Tunable via `SOCKET_LIB_READ_JSON_CACHE_MAX` env or
+ *     `setReadJsonCacheMax()`.
+ *   - Test escape hatch: `clearReadJsonCache()` resets the whole cache between
+ *     test cases that rely on fresh reads. Not cached:
+ *   - Read failures (ENOENT under `throws: false` returns `undefined`). Caching
+ *     undefined would silently miss a file that gets created later.
+ *   - Reads with a `reviver` (see above).
+ *   - Reads with explicit `cache: false`.
+ *   - Relative paths whose `resolvePath` would change CWD-sensitively. We key on
+ *     the literal input path, so callers passing relative paths from different
+ *     CWDs would get separate cache entries — correct but pessimistic.
+ */
+import type { JsonValue } from '../json/types';
+/**
+ * Drop all cached entries. Tests call this between cases that depend on a fresh
+ * read; long-running daemons can call it on file-watcher invalidation events
+ * for paths the daemon knows are about to change in bulk.
+ */
+export declare function clearReadJsonCache(): void;
+/**
+ * Look up a cached parse result. Returns a fresh structured clone on hit (so
+ * callers can mutate freely), or `undefined` on miss.
+ *
+ * @param key Cache key — absolute file path. Caller resolves any relative
+ *   inputs to absolute so two different CWDs don't share an entry.
+ * @param ino Inode (or `0` on platforms without one — Windows reports 0 from
+ *   the Node `fs.Stats` shim, in which case size + mtimeMs carry the
+ *   invalidation signal).
+ * @param size File size in bytes.
+ * @param mtimeMs Modification time in milliseconds.
+ */
+export declare function getCachedJson(key: string, ino: number, size: number, mtimeMs: number): JsonValue | undefined;
+/**
+ * Snapshot diagnostics. Useful for tests and for tooling that wants to log
+ * cache effectiveness at end of run.
+ */
+export declare function getReadJsonCacheStats(): {
+    size: number;
+    max: number;
+    ttlMs: number;
+    hits: number;
+    misses: number;
+};
+export declare function readMaxFromEnv(): number;
+export declare function readTtlFromEnv(): number;
+/**
+ * Store a parsed value. Evicts the oldest entry when the cache is full.
+ *
+ * Never stores `undefined` — callers must guard for the "file not found,
+ * throws: false" case before invoking this.
+ */
+export declare function setCachedJson(key: string, ino: number, size: number, mtimeMs: number, parsed: JsonValue): void;
+/**
+ * Adjust the cache size cap at runtime. Useful for tooling that knows it'll
+ * walk many manifests in one pass and wants a larger cap, or for tests that
+ * want to bound the cap small so eviction is observable.
+ *
+ * Trims excess entries on shrink.
+ */
+export declare function setReadJsonCacheMax(max: number): void;
+/**
+ * Adjust the time-based ejection window at runtime. Default is 5 minutes; pass
+ * `0` to disable time-based ejection entirely (entries then live until LRU
+ * eviction or `clearReadJsonCache`).
+ */
+export declare function setReadJsonCacheTtlMs(ttlMs: number): void;

package/dist/fs/read-json-cache.js

@@ -0,0 +1,156 @@
+"use strict";
+/* Socket Lib - Built with esbuild */
+"use strict";
+var __create = Object.create;
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __getProtoOf = Object.getPrototypeOf;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toESM = (mod, isNodeMode, target) => (target = mod != null ? __create(__getProtoOf(mod)) : {}, __copyProps(
+  // If the importer is in node compatibility mode or this is not an ESM
+  // file that has been converted to a CommonJS file using a Babel-
+  // compatible transform (i.e. "__esModule" has not been set), then set
+  // "default" to the CommonJS "module.exports" for node compatibility.
+  isNodeMode || !mod || !mod.__esModule ? __defProp(target, "default", { value: mod, enumerable: true }) : target,
+  mod
+));
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+var read_json_cache_exports = {};
+__export(read_json_cache_exports, {
+  clearReadJsonCache: () => clearReadJsonCache,
+  getCachedJson: () => getCachedJson,
+  getReadJsonCacheStats: () => getReadJsonCacheStats,
+  readMaxFromEnv: () => readMaxFromEnv,
+  readTtlFromEnv: () => readTtlFromEnv,
+  setCachedJson: () => setCachedJson,
+  setReadJsonCacheMax: () => setReadJsonCacheMax,
+  setReadJsonCacheTtlMs: () => setReadJsonCacheTtlMs
+});
+module.exports = __toCommonJS(read_json_cache_exports);
+var import_node_process = __toESM(require("node:process"));
+var import_date = require("../primordials/date");
+var import_error = require("../primordials/error");
+var import_map_set = require("../primordials/map-set");
+var import_number = require("../primordials/number");
+const DEFAULT_MAX_ENTRIES = 256;
+const DEFAULT_TTL_MS = 5 * 60 * 1e3;
+const cache = new import_map_set.MapCtor();
+let cacheMax = readMaxFromEnv();
+let cacheTtlMs = readTtlFromEnv();
+let hits = 0;
+let misses = 0;
+function clearReadJsonCache() {
+  cache.clear();
+  hits = 0;
+  misses = 0;
+}
+function getCachedJson(key, ino, size, mtimeMs) {
+  const entry = cache.get(key);
+  if (!entry) {
+    misses += 1;
+    return void 0;
+  }
+  if (cacheTtlMs > 0 && (0, import_date.DateNow)() - entry.insertedAt > cacheTtlMs) {
+    cache.delete(key);
+    misses += 1;
+    return void 0;
+  }
+  if (entry.ino !== ino || entry.size !== size || entry.mtimeMs !== mtimeMs) {
+    cache.delete(key);
+    misses += 1;
+    return void 0;
+  }
+  hits += 1;
+  return structuredClone(entry.parsed);
+}
+function getReadJsonCacheStats() {
+  return {
+    size: cache.size,
+    max: cacheMax,
+    ttlMs: cacheTtlMs,
+    hits,
+    misses
+  };
+}
+function readMaxFromEnv() {
+  const env = import_node_process.default.env["SOCKET_LIB_READ_JSON_CACHE_MAX"];
+  if (env) {
+    const n = (0, import_number.NumberParseInt)(env, 10);
+    if (n > 0 && (0, import_number.NumberIsFinite)(n)) {
+      return n;
+    }
+  }
+  return DEFAULT_MAX_ENTRIES;
+}
+function readTtlFromEnv() {
+  const env = import_node_process.default.env["SOCKET_LIB_READ_JSON_CACHE_TTL_MS"];
+  if (env) {
+    const n = (0, import_number.NumberParseInt)(env, 10);
+    if (n >= 0 && (0, import_number.NumberIsFinite)(n)) {
+      return n;
+    }
+  }
+  return DEFAULT_TTL_MS;
+}
+function setCachedJson(key, ino, size, mtimeMs, parsed) {
+  if (cache.size >= cacheMax) {
+    const oldest = cache.keys().next().value;
+    if (oldest !== void 0) {
+      cache.delete(oldest);
+    }
+  }
+  cache.set(key, {
+    ino,
+    size,
+    mtimeMs,
+    parsed: structuredClone(parsed),
+    insertedAt: (0, import_date.DateNow)()
+  });
+}
+function setReadJsonCacheMax(max) {
+  if (max <= 0 || !(0, import_number.NumberIsFinite)(max)) {
+    throw new import_error.ErrorCtor(
+      `setReadJsonCacheMax: max must be a positive finite number, got ${max}`
+    );
+  }
+  cacheMax = max;
+  while (cache.size > cacheMax) {
+    const oldest = cache.keys().next().value;
+    if (oldest === void 0) {
+      break;
+    }
+    cache.delete(oldest);
+  }
+}
+function setReadJsonCacheTtlMs(ttlMs) {
+  if (ttlMs < 0 || !(0, import_number.NumberIsFinite)(ttlMs)) {
+    throw new import_error.ErrorCtor(
+      `setReadJsonCacheTtlMs: ttlMs must be a non-negative finite number, got ${ttlMs}`
+    );
+  }
+  cacheTtlMs = ttlMs;
+}
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  clearReadJsonCache,
+  getCachedJson,
+  getReadJsonCacheStats,
+  readMaxFromEnv,
+  readTtlFromEnv,
+  setCachedJson,
+  setReadJsonCacheMax,
+  setReadJsonCacheTtlMs
+});

package/dist/fs/read-json.d.ts

@@ -3,8 +3,13 @@
  *   error messages keyed off `ENOENT` / `EACCES` / `EPERM` so callers see "JSON
  *   file not found" / "Permission denied" rather than the bare errno. Both
  *   variants honor `throws: false` to fall back to `undefined` on parse or read
- *   failure.
+ *   failure. Both variants cache parse results by default — keyed on `path +
+ *   ino + size \+ mtimeMs`, with a defensive `structuredClone` on every hit so
+ *   callers can mutate the returned object freely. See `_read-json-cache.ts`
+ *   for the safety rationale + opt-out controls.
  */
+import { clearReadJsonCache, getReadJsonCacheStats, setReadJsonCacheMax, setReadJsonCacheTtlMs } from './read-json-cache';
+export { clearReadJsonCache, getReadJsonCacheStats, setReadJsonCacheMax, setReadJsonCacheTtlMs, };
 import type { PathLike } from 'node:fs';
 import type { ReadJsonOptions } from './types';
 /**

package/dist/fs/read-json.js

@@ -20,22 +20,45 @@ var __copyProps = (to, from, except, desc) => {
 var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
 var read_json_exports = {};
 __export(read_json_exports, {
+  clearReadJsonCache: () => import_read_json_cache.clearReadJsonCache,
+  getReadJsonCacheStats: () => import_read_json_cache.getReadJsonCacheStats,
   readJson: () => readJson,
-  readJsonSync: () => readJsonSync
+  readJsonSync: () => readJsonSync,
+  setReadJsonCacheMax: () => import_read_json_cache.setReadJsonCacheMax,
+  setReadJsonCacheTtlMs: () => import_read_json_cache.setReadJsonCacheTtlMs
 });
 module.exports = __toCommonJS(read_json_exports);
+var import_read_json_cache = require("./read-json-cache");
 var import_parse = require("../json/parse");
 var import_fs = require("../node/fs");
 var import_error = require("../primordials/error");
+var import_number = require("../primordials/number");
 // @__NO_SIDE_EFFECTS__
 async function readJson(filepath, options) {
   const opts = typeof options === "string" ? { encoding: options } : options;
-  const { reviver, throws, ...fsOptions } = {
+  const { cache, reviver, throws, ...fsOptions } = {
     __proto__: null,
     ...opts
   };
   const shouldThrow = throws === void 0 || !!throws;
+  const cacheEnabled = cache !== false && reviver === void 0;
   const fs = (0, import_fs.getNodeFs)();
+  const pathStr = String(filepath);
+  if (cacheEnabled) {
+    try {
+      const stat = await fs.promises.stat(filepath);
+      const cached = (0, import_read_json_cache.getCachedJson)(
+        pathStr,
+        (0, import_number.NumberCtor)(stat.ino),
+        (0, import_number.NumberCtor)(stat.size),
+        (0, import_number.NumberCtor)(stat.mtimeMs)
+      );
+      if (cached !== void 0) {
+        return cached;
+      }
+    } catch {
+    }
+  }
   let content = "";
   try {
     content = await fs.promises.readFile(filepath, {
@@ -64,21 +87,52 @@ Check file permissions or run with appropriate access.`,
     }
     return void 0;
   }
-  return (0, import_parse.parseJson)(content, {
-    filepath: String(filepath),
+  const parsed = (0, import_parse.parseJson)(content, {
+    filepath: pathStr,
     reviver,
     throws: shouldThrow
   });
+  if (cacheEnabled && parsed !== void 0) {
+    try {
+      const stat = await fs.promises.stat(filepath);
+      (0, import_read_json_cache.setCachedJson)(
+        pathStr,
+        (0, import_number.NumberCtor)(stat.ino),
+        (0, import_number.NumberCtor)(stat.size),
+        (0, import_number.NumberCtor)(stat.mtimeMs),
+        parsed
+      );
+    } catch {
+    }
+  }
+  return parsed;
 }
 // @__NO_SIDE_EFFECTS__
 function readJsonSync(filepath, options) {
   const opts = typeof options === "string" ? { encoding: options } : options;
-  const { reviver, throws, ...fsOptions } = {
+  const { cache, reviver, throws, ...fsOptions } = {
     __proto__: null,
     ...opts
   };
   const shouldThrow = throws === void 0 || !!throws;
+  const cacheEnabled = cache !== false && reviver === void 0;
   const fs = (0, import_fs.getNodeFs)();
+  const pathStr = String(filepath);
+  if (cacheEnabled) {
+    try {
+      const stat = fs.statSync(filepath);
+      const cached = (0, import_read_json_cache.getCachedJson)(
+        pathStr,
+        (0, import_number.NumberCtor)(stat.ino),
+        (0, import_number.NumberCtor)(stat.size),
+        (0, import_number.NumberCtor)(stat.mtimeMs)
+      );
+      if (cached !== void 0) {
+        return cached;
+      }
+    } catch {
+    }
+  }
   let content = "";
   try {
     content = fs.readFileSync(filepath, {
@@ -107,14 +161,32 @@ Check file permissions or run with appropriate access.`,
     }
     return void 0;
   }
-  return (0, import_parse.parseJson)(content, {
-    filepath: String(filepath),
+  const parsed = (0, import_parse.parseJson)(content, {
+    filepath: pathStr,
     reviver,
     throws: shouldThrow
   });
+  if (cacheEnabled && parsed !== void 0) {
+    try {
+      const stat = fs.statSync(filepath);
+      (0, import_read_json_cache.setCachedJson)(
+        pathStr,
+        (0, import_number.NumberCtor)(stat.ino),
+        (0, import_number.NumberCtor)(stat.size),
+        (0, import_number.NumberCtor)(stat.mtimeMs),
+        parsed
+      );
+    } catch {
+    }
+  }
+  return parsed;
 }
 // Annotate the CommonJS export names for ESM import in node:
 0 && (module.exports = {
+  clearReadJsonCache,
+  getReadJsonCacheStats,
   readJson,
-  readJsonSync
+  readJsonSync,
+  setReadJsonCacheMax,
+  setReadJsonCacheTtlMs
 });

package/dist/fs/types.d.ts

@@ -128,8 +128,22 @@ export type ReadJsonOptions = Remap<ReadFileOptions & {
     /**
      * JSON reviver function to transform parsed values. Same as the second
      * parameter to `JSON.parse()`.
+     *
+     * Note: when a `reviver` is passed, the read-result cache is bypassed —
+     * function identity isn't safely hashable and the reviver can transform the
+     * same bytes into a different shape.
      */
     reviver?: Parameters<typeof JSON.parse>[1] | undefined;
+    /**
+     * Opt out of the process-scoped read-result cache. Default `true` (cache
+     * ON). Set to `false` when staleness must be observed — e.g. file-watcher
+     * tooling that wants to see live disk state on every call. The cache
+     * validates entries with a `stat()` (inode + size + mtime) on every hit, so
+     * the default-on path is safe for everyday use.
+     *
+     * @default true
+     */
+    cache?: boolean | undefined;
 }>;
 /**
  * Options for read operations with abort support.

package/dist/git/_internal.js

@@ -43,7 +43,7 @@ var import_json = require("../primordials/json");
 var import_map_set = require("../primordials/map-set");
 var import_object = require("../primordials/object");
 var import_string = require("../primordials/string");
-var import_spawn = require("../spawn/spawn");
+var import_child = require("../process/spawn/child");
 var import_strip = require("../ansi/strip");
 var import_repo = require("./repo");
 const gitDiffCache = new import_map_set.MapCtor();
@@ -107,7 +107,7 @@ async function innerDiff(args, options) {
   }
   let result;
   try {
-    const spawnResult = await (0, import_spawn.spawn)(args[0], args[1], {
+    const spawnResult = await (0, import_child.spawn)(args[0], args[1], {
       ...args[2],
       stdioString: false
     });
@@ -141,7 +141,7 @@ function innerDiffSync(args, options) {
   }
   let result;
   try {
-    const spawnResult = (0, import_spawn.spawnSync)(args[0], args[1], {
+    const spawnResult = (0, import_child.spawnSync)(args[0], args[1], {
       ...args[2],
       stdioString: false
     });

package/dist/github/refs-cache.d.ts

@@ -9,7 +9,7 @@
  *   - Default TTL: 5 minutes
  *   - Disable everything with the `DISABLE_GITHUB_CACHE` env var
  */
-import type { TtlCache } from '../ttl-cache/types';
+import type { TtlCache } from '../cache/ttl/types';
 /**
  * Clear the ref resolution cache (in-memory only). Clears the in-memory
  * memoization cache without affecting the persistent disk cache. Useful for

package/dist/github/refs-cache.js

@@ -24,7 +24,7 @@ __export(refs_cache_exports, {
   getGithubCache: () => getGithubCache
 });
 module.exports = __toCommonJS(refs_cache_exports);
-var import_cache = require("../ttl-cache/cache");
+var import_store = require("../cache/ttl/store");
 var import_constants = require("./constants");
 let _githubCache;
 async function clearRefCache() {
@@ -34,7 +34,7 @@ async function clearRefCache() {
 }
 function getGithubCache() {
   if (_githubCache === void 0) {
-    _githubCache = (0, import_cache.createTtlCache)({
+    _githubCache = (0, import_store.createTtlCache)({
       memoize: true,
       prefix: "github-refs",
       ttl: import_constants.DEFAULT_CACHE_TTL_MS

package/dist/github/token.d.ts

@@ -5,7 +5,7 @@
  *   helpers exist so callers can constrain the search (e.g., env-only contexts
  *   where shelling out to git would be wrong).
  */
-import type { SpawnOptions } from '../spawn/types';
+import type { SpawnOptions } from '../process/spawn/types';
 /**
  * Get GitHub authentication token from environment variables. Checks multiple
  * environment variable names in priority order.

package/dist/github/token.js

@@ -27,13 +27,13 @@ __export(token_exports, {
 module.exports = __toCommonJS(token_exports);
 var import_github = require("../env/github");
 var import_socket_cli = require("../env/socket-cli");
-var import_spawn = require("../spawn/spawn");
+var import_child = require("../process/spawn/child");
 function getGitHubToken() {
   return (0, import_github.getGithubToken)() || (0, import_github.getGhToken)() || (0, import_socket_cli.getSocketCliGithubToken)() || void 0;
 }
 async function getGitHubTokenFromGitConfig(options) {
   try {
-    const result = await (0, import_spawn.spawn)("git", ["config", "github.token"], {
+    const result = await (0, import_child.spawn)("git", ["config", "github.token"], {
       ...options,
       stdio: "pipe"
     });

package/dist/globs/{glob.js → match.js}

@@ -18,13 +18,13 @@ var __copyProps = (to, from, except, desc) => {
   return to;
 };
 var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
-var glob_exports = {};
-__export(glob_exports, {
+var match_exports = {};
+__export(match_exports, {
   canUseNodeFsGlob: () => canUseNodeFsGlob,
   glob: () => glob,
   globSync: () => globSync
 });
-module.exports = __toCommonJS(glob_exports);
+module.exports = __toCommonJS(match_exports);
 var import_resolvers = require("../promises/resolvers");
 var import_internal = require("./_internal");
 function canUseNodeFsGlob(options) {

package/dist/http-request/browser-fetch.d.ts

@@ -0,0 +1,10 @@
+/**
+ * @file Thin wrapper over the global `fetch()` so tests can mock the network
+ *   layer via `vi.mock('@socketsecurity/lib/http-request/browser-fetch')`
+ *   without monkey-patching `globalThis.fetch` (which conflicts with the
+ *   project's nock-based test setup). The wrapper itself is `c8 ignore`-marked
+ *   because the body is a single uncoverable fetch call; coverage credit is
+ *   preserved by the wider test suite that mocks this module and asserts the
+ *   call shape.
+ */
+export declare function doFetch(input: RequestInfo | URL, init?: RequestInit): Promise<Response>;

package/dist/http-request/browser-fetch.js

@@ -0,0 +1,32 @@
+"use strict";
+/* Socket Lib - Built with esbuild */
+"use strict";
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+var browser_fetch_exports = {};
+__export(browser_fetch_exports, {
+  doFetch: () => doFetch
+});
+module.exports = __toCommonJS(browser_fetch_exports);
+function doFetch(input, init) {
+  return fetch(input, init);
+}
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  doFetch
+});