npm - @socketsecurity/lib - Versions diffs - 6.0.2 → 6.0.4 - Mend

@socketsecurity/lib 6.0.2 → 6.0.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (552) hide show

package/CHANGELOG.md +34 -0
package/dist/_virtual/_rolldown/runtime.js +45 -0
package/dist/abort/signal.js +53 -59
package/dist/ai/discover.js +110 -110
package/dist/ai/profiles.d.mts +48 -25
package/dist/ai/profiles.js +95 -59
package/dist/ai/spawn.d.mts +2 -2
package/dist/ai/spawn.js +172 -194
package/dist/ai/types.d.mts +3 -3
package/dist/ai/types.js +1 -17
package/dist/ai/worktree.d.mts +2 -2
package/dist/ai/worktree.js +160 -183
package/dist/ansi/constants.js +16 -38
package/dist/ansi/strip.js +44 -41
package/dist/archives/_internal.js +64 -73
package/dist/archives/detect.js +30 -43
package/dist/archives/extract.js +43 -50
package/dist/archives/tar.js +197 -228
package/dist/archives/types.js +1 -17
package/dist/archives/zip.js +85 -121
package/dist/argv/flag-predicates.js +203 -101
package/dist/argv/flag-types.js +96 -113
package/dist/argv/parse-args-string.d.ts +16 -14
package/dist/argv/parse-args-string.js +42 -39
package/dist/argv/parse.js +145 -163
package/dist/arrays/_internal.js +65 -48
package/dist/arrays/chunk.js +51 -40
package/dist/arrays/join.js +87 -35
package/dist/arrays/predicates.js +46 -28
package/dist/arrays/unique.js +45 -31
package/dist/bin/_internal.js +34 -42
package/dist/bin/check-primordials.js +175 -233
package/dist/bin/check.js +51 -72
package/dist/bin/exec.js +70 -74
package/dist/bin/find.js +151 -134
package/dist/bin/resolve.js +180 -246
package/dist/bin/shadow.js +24 -33
package/dist/bin/socket-lib.js +51 -73
package/dist/bin/types.js +1 -17
package/dist/bin/which.js +211 -146
package/dist/cacache/_internal.js +25 -40
package/dist/cacache/clear.js +79 -72
package/dist/cacache/read.js +48 -46
package/dist/cacache/tmp.js +29 -36
package/dist/cacache/types.js +1 -17
package/dist/cacache/write.js +43 -48
package/dist/cache/ttl/store.js +232 -288
package/dist/cache/ttl/types.js +1 -17
package/dist/checks/primordials-defaults.js +83 -89
package/dist/checks/primordials.js +225 -277
package/dist/colors/convert.js +45 -37
package/dist/colors/palette.js +88 -45
package/dist/colors/socket-palette.js +74 -84
package/dist/colors/types.js +1 -17
package/dist/compression/_internal.js +57 -72
package/dist/compression/brotli.js +94 -127
package/dist/compression/gzip.js +95 -121
package/dist/compression/types.js +1 -17
package/dist/constants/agents.js +61 -113
package/dist/constants/encoding.js +19 -42
package/dist/constants/github.js +12 -30
package/dist/constants/licenses.js +48 -63
package/dist/constants/lifecycle-script-names.js +31 -45
package/dist/constants/maintained-node-versions.js +22 -37
package/dist/constants/node.js +226 -167
package/dist/constants/package-default-node-range.js +16 -41
package/dist/constants/package-default-socket-categories.js +12 -30
package/dist/constants/packages.js +77 -126
package/dist/constants/platform.js +27 -49
package/dist/constants/sentinels.js +23 -48
package/dist/constants/socket.js +42 -87
package/dist/constants/testing.js +15 -34
package/dist/constants/time.js +16 -36
package/dist/constants/typescript.js +32 -52
package/dist/cover/code.js +111 -142
package/dist/cover/formatters.js +118 -101
package/dist/cover/type.js +50 -76
package/dist/cover/types.js +1 -17
package/dist/crypto/hash.js +54 -46
package/dist/debug/_internal.js +62 -71
package/dist/debug/caller-info.js +53 -64
package/dist/debug/namespace.js +80 -90
package/dist/debug/output.js +172 -188
package/dist/debug/types.js +1 -17
package/dist/dlx/_internal.js +24 -43
package/dist/dlx/arborist.js +162 -160
package/dist/dlx/binary-cache.js +228 -200
package/dist/dlx/binary-download.js +172 -211
package/dist/dlx/binary-resolution.js +165 -157
package/dist/dlx/binary-types.js +1 -17
package/dist/dlx/binary.js +149 -189
package/dist/dlx/cache.js +45 -30
package/dist/dlx/detect.js +245 -167
package/dist/dlx/dir.js +67 -51
package/dist/dlx/firewall.js +62 -100
package/dist/dlx/lockfile.js +122 -127
package/dist/dlx/manifest.js +264 -274
package/dist/dlx/package.js +241 -244
package/dist/dlx/packages.js +99 -96
package/dist/dlx/paths.js +73 -59
package/dist/dlx/spec.js +52 -60
package/dist/dlx/types.js +1 -17
package/dist/eco/cargo/lockfile-format.js +19 -36
package/dist/eco/cargo/manifest-format.js +17 -35
package/dist/eco/cargo/parse-lockfile.js +210 -237
package/dist/eco/manifest/analyze-lockfile.js +46 -63
package/dist/eco/manifest/detect-format.js +66 -90
package/dist/eco/manifest/find-packages.js +39 -64
package/dist/eco/manifest/get-package-versions.js +27 -48
package/dist/eco/manifest/get-package.js +21 -40
package/dist/eco/manifest/manifest-error.js +14 -35
package/dist/eco/manifest/parse-lockfile.js +40 -86
package/dist/eco/manifest/parse-manifest.js +26 -43
package/dist/eco/manifest/parse.js +26 -47
package/dist/eco/manifest/types.js +1 -17
package/dist/eco/npm/bun/exec.js +23 -32
package/dist/eco/npm/manifest-format.js +21 -35
package/dist/eco/npm/npm/exec.js +51 -61
package/dist/eco/npm/npm/extract-package-name-from-path.js +28 -50
package/dist/eco/npm/npm/flags.js +80 -52
package/dist/eco/npm/npm/lockfile-format.js +21 -40
package/dist/eco/npm/npm/parse-git-url.js +26 -40
package/dist/eco/npm/npm/parse-lockfile.js +184 -210
package/dist/eco/npm/parse-package-json.js +71 -102
package/dist/eco/npm/pnpm/detect-pnpm-version.js +22 -43
package/dist/eco/npm/pnpm/exec.js +51 -62
package/dist/eco/npm/pnpm/flags.js +75 -68
package/dist/eco/npm/pnpm/lockfile-format.js +19 -36
package/dist/eco/npm/pnpm/parse-lockfile.js +235 -259
package/dist/eco/npm/pnpm/parse-pnpm-package-id-v5.js +37 -47
package/dist/eco/npm/pnpm/parse-pnpm-package-id-v6-v9.js +36 -49
package/dist/eco/npm/script.js +82 -90
package/dist/eco/npm/vlt/exec.js +24 -32
package/dist/eco/npm/yarnpkg/yarn/exec.js +60 -59
package/dist/eco/npm/yarnpkg/yarn/lockfile-format.js +20 -36
package/dist/eco/npm/yarnpkg/yarn/parse-lockfile.js +194 -242
package/dist/eco/npm/yarnpkg/yarn/parse-yarn-descriptor.js +37 -61
package/dist/eco/purl.js +50 -60
package/dist/eco/types.js +1 -17
package/dist/effects/pulse-frames.js +64 -65
package/dist/effects/shimmer-keyframes.js +71 -52
package/dist/effects/shimmer-terminal.js +81 -50
package/dist/effects/shimmer.js +290 -153
package/dist/env/boolean.js +42 -43
package/dist/env/case-insensitive.js +54 -39
package/dist/env/ci.js +29 -31
package/dist/env/debug.js +28 -31
package/dist/env/github.js +144 -59
package/dist/env/home.js +38 -31
package/dist/env/locale.js +59 -39
package/dist/env/node-auth-token.js +28 -31
package/dist/env/node-env.js +28 -31
package/dist/env/npm.js +94 -47
package/dist/env/number.js +50 -51
package/dist/env/package-manager.js +95 -83
package/dist/env/path.js +28 -31
package/dist/env/pre-commit.js +30 -32
package/dist/env/proxy.js +121 -122
package/dist/env/rewire.js +204 -96
package/dist/env/shell.js +28 -31
package/dist/env/socket-cli.js +233 -81
package/dist/env/socket.js +521 -156
package/dist/env/string.js +43 -44
package/dist/env/temp-dir.js +59 -39
package/dist/env/term.js +28 -31
package/dist/env/test.js +65 -43
package/dist/env/types.js +1 -17
package/dist/env/windows.js +78 -43
package/dist/env/xdg.js +62 -39
package/dist/errors/message.js +40 -46
package/dist/errors/predicates.js +61 -49
package/dist/errors/stack.js +24 -36
package/dist/events/exit/_internal.js +86 -103
package/dist/events/exit/handler.js +48 -55
package/dist/events/exit/intercept.js +49 -70
package/dist/events/exit/lifecycle.js +92 -101
package/dist/events/exit/signals.js +25 -31
package/dist/events/exit/types.js +1 -17
package/dist/events/warning/handler.js +43 -40
package/dist/events/warning/suppress.js +111 -90
package/dist/external/@npmcli/package-json/lib/read-package.js +132 -153
package/dist/external/@npmcli/package-json/lib/sort.js +73 -105
package/dist/external/@npmcli/package-json.js +12705 -15140
package/dist/external/@npmcli/promise-spawn.js +451 -472
package/dist/external/@sinclair/typebox/value.js +7443 -9002
package/dist/external/@sinclair/typebox.js +7516 -7885
package/dist/external/@socketregistry/is-unicode-supported.js +31 -39
package/dist/external/@socketregistry/packageurl-js.js +6127 -7369
package/dist/external/@socketregistry/yocto-spinner.js +394 -455
package/dist/external/@yarnpkg/extensions.js +435 -1022
package/dist/external/adm-zip.js +2313 -2673
package/dist/external/debug.js +700 -687
package/dist/external/external-pack.js +2658 -3171
package/dist/external/fast-sort.js +124 -138
package/dist/external/get-east-asian-width.js +70 -64
package/dist/external/libnpmexec.js +28 -31
package/dist/external/npm-pack.js +43617 -50137
package/dist/external/p-map.js +198 -222
package/dist/external/pico-pack.js +6735 -7304
package/dist/external/pony-cause.js +143 -139
package/dist/external/shell-quote.js +226 -0
package/dist/external/spdx-pack.js +1283 -1403
package/dist/external/streaming-iterables.js +835 -1052
package/dist/external/tar-fs.js +2769 -3048
package/dist/external/which.js +267 -251
package/dist/external/yargs-parser.js +851 -1074
package/dist/external-tools/bazel/asset-names.js +98 -90
package/dist/external-tools/bazel/from-download.js +52 -46
package/dist/external-tools/bazel/from-path.js +27 -38
package/dist/external-tools/bazel/read-bazel-version-file.js +35 -57
package/dist/external-tools/bazel/resolve-asset-url.js +24 -39
package/dist/external-tools/bazel/resolve-bazel-version.js +34 -56
package/dist/external-tools/bazel/resolve.js +44 -58
package/dist/external-tools/bazel/types.js +1 -17
package/dist/external-tools/cdxgen/asset-names.js +59 -66
package/dist/external-tools/cdxgen/from-download.js +52 -80
package/dist/external-tools/cdxgen/from-path.js +19 -37
package/dist/external-tools/cdxgen/from-vfs.js +22 -43
package/dist/external-tools/cdxgen/resolve.js +48 -63
package/dist/external-tools/cdxgen/types.js +1 -17
package/dist/external-tools/from-download.js +107 -67
package/dist/external-tools/janus/asset-names.js +44 -51
package/dist/external-tools/janus/from-download.js +45 -70
package/dist/external-tools/janus/from-path.js +19 -37
package/dist/external-tools/janus/from-vfs.js +22 -43
package/dist/external-tools/janus/resolve.js +45 -63
package/dist/external-tools/janus/types.js +1 -17
package/dist/external-tools/jre/asset-names.js +109 -82
package/dist/external-tools/jre/detect-platform-arch.js +25 -49
package/dist/external-tools/jre/from-download.js +71 -67
package/dist/external-tools/jre/from-java-home.js +27 -54
package/dist/external-tools/jre/from-path.js +27 -49
package/dist/external-tools/jre/from-vfs.js +39 -60
package/dist/external-tools/jre/resolve.js +55 -68
package/dist/external-tools/jre/types.js +1 -17
package/dist/external-tools/manifest.js +130 -150
package/dist/external-tools/opengrep/asset-names.js +60 -72
package/dist/external-tools/opengrep/from-download.js +58 -80
package/dist/external-tools/opengrep/from-path.js +19 -37
package/dist/external-tools/opengrep/from-vfs.js +23 -43
package/dist/external-tools/opengrep/resolve.js +43 -63
package/dist/external-tools/opengrep/types.js +1 -17
package/dist/external-tools/sbt/asset-names.js +21 -30
package/dist/external-tools/sbt/from-download.js +50 -61
package/dist/external-tools/sbt/from-path.js +23 -38
package/dist/external-tools/sbt/from-vfs.js +30 -44
package/dist/external-tools/sbt/resolve.js +45 -63
package/dist/external-tools/sbt/types.js +1 -17
package/dist/external-tools/synp/asset-names.js +11 -29
package/dist/external-tools/synp/from-download.js +24 -41
package/dist/external-tools/synp/from-path.js +19 -37
package/dist/external-tools/synp/from-vfs.js +22 -43
package/dist/external-tools/synp/resolve.js +43 -62
package/dist/external-tools/synp/types.js +1 -17
package/dist/external-tools/trivy/asset-names.js +51 -62
package/dist/external-tools/trivy/from-download.js +42 -64
package/dist/external-tools/trivy/from-path.js +19 -37
package/dist/external-tools/trivy/from-vfs.js +22 -43
package/dist/external-tools/trivy/resolve.js +43 -63
package/dist/external-tools/trivy/types.js +1 -17
package/dist/external-tools/trufflehog/asset-names.js +54 -66
package/dist/external-tools/trufflehog/from-download.js +44 -62
package/dist/external-tools/trufflehog/from-path.js +21 -37
package/dist/external-tools/trufflehog/from-vfs.js +26 -43
package/dist/external-tools/trufflehog/resolve.js +43 -63
package/dist/external-tools/trufflehog/types.js +1 -17
package/dist/external-tools/uv/asset-names.js +64 -74
package/dist/external-tools/uv/from-download.js +44 -65
package/dist/external-tools/uv/from-path.js +19 -37
package/dist/external-tools/uv/from-vfs.js +22 -43
package/dist/external-tools/uv/resolve.js +42 -63
package/dist/external-tools/uv/types.js +1 -17
package/dist/fs/_internal.js +40 -42
package/dist/fs/access.d.ts +32 -0
package/dist/fs/access.js +66 -0
package/dist/fs/encoding.js +80 -97
package/dist/fs/find-up.js +126 -147
package/dist/fs/inspect.js +168 -99
package/dist/fs/path-cache.js +31 -32
package/dist/fs/read-dir.js +102 -79
package/dist/fs/read-file.js +177 -118
package/dist/fs/read-json-cache.js +150 -134
package/dist/fs/read-json.js +172 -187
package/dist/fs/resolve-module.d.ts +57 -0
package/dist/fs/resolve-module.js +40 -0
package/dist/fs/safe.js +278 -169
package/dist/fs/types.js +1 -17
package/dist/fs/unique.js +52 -48
package/dist/fs/validate.js +56 -43
package/dist/fs/write-json.js +109 -75
package/dist/git/_internal.js +251 -216
package/dist/git/changed.js +191 -74
package/dist/git/repo.js +118 -104
package/dist/git/staged.js +172 -62
package/dist/git/types.js +1 -17
package/dist/git/unstaged.js +175 -62
package/dist/github/constants.js +25 -33
package/dist/github/errors.js +46 -38
package/dist/github/fetch.js +137 -82
package/dist/github/ghsa.js +217 -151
package/dist/github/refs-cache.js +54 -43
package/dist/github/refs-graphql.js +97 -89
package/dist/github/refs-rest.js +70 -101
package/dist/github/refs.js +105 -64
package/dist/github/token.js +96 -48
package/dist/github/types.js +1 -17
package/dist/globs/_internal.js +73 -82
package/dist/globs/defaults.js +40 -59
package/dist/globs/match.js +93 -77
package/dist/globs/matcher.js +104 -92
package/dist/globs/stream.js +43 -55
package/dist/globs/types.js +1 -17
package/dist/http-request/_internal.js +11 -38
package/dist/http-request/browser-fetch.js +19 -29
package/dist/http-request/browser.js +188 -206
package/dist/http-request/checksums.js +101 -65
package/dist/http-request/download-types.js +1 -17
package/dist/http-request/download.js +195 -196
package/dist/http-request/errors.js +39 -47
package/dist/http-request/headers.js +95 -80
package/dist/http-request/http-request.js +10 -35
package/dist/http-request/node.js +71 -97
package/dist/http-request/request-attempt.js +232 -285
package/dist/http-request/request-types.js +1 -17
package/dist/http-request/request.js +106 -108
package/dist/http-request/response-reader.js +47 -51
package/dist/http-request/response-types.js +22 -38
package/dist/http-request/user-agent.js +73 -55
package/dist/integrity.js +105 -106
package/dist/ipc/_internal.js +34 -48
package/dist/ipc/directory.js +55 -63
package/dist/ipc/paths.js +52 -45
package/dist/ipc/types.js +1 -17
package/dist/ipc/write.js +81 -74
package/dist/ipc-cli/get.js +29 -56
package/dist/ipc-cli/types.js +1 -17
package/dist/json/edit.js +182 -242
package/dist/json/format.js +202 -103
package/dist/json/parse.js +206 -109
package/dist/json/types.js +1 -17
package/dist/links/create.js +93 -60
package/dist/links/types.js +1 -17
package/dist/logger/_internal.js +109 -73
package/dist/logger/browser.js +45 -56
package/dist/logger/colors.js +31 -49
package/dist/logger/console.js +89 -112
package/dist/logger/default.js +19 -33
package/dist/logger/logger.js +5 -29
package/dist/logger/node.js +794 -854
package/dist/logger/symbols-builder.js +54 -56
package/dist/logger/symbols.js +135 -118
package/dist/logger/types.js +1 -17
package/dist/memo/_internal.js +39 -49
package/dist/memo/async.js +133 -117
package/dist/memo/clear.js +25 -34
package/dist/memo/decorator.js +43 -37
package/dist/memo/memoize.js +97 -88
package/dist/memo/once.js +42 -41
package/dist/memo/types.js +1 -17
package/dist/memo/weak.js +45 -41
package/dist/node/async-hooks.js +9 -30
package/dist/node/child-process.js +9 -30
package/dist/node/crypto.js +9 -30
package/dist/node/events.js +9 -30
package/dist/node/fs-promises.js +9 -30
package/dist/node/fs.js +9 -30
package/dist/node/http.js +9 -30
package/dist/node/https.js +9 -30
package/dist/node/module.js +20 -34
package/dist/node/os.js +9 -30
package/dist/node/path.js +9 -30
package/dist/node/timers-promises.js +9 -30
package/dist/node/url.js +9 -30
package/dist/node/util.js +9 -30
package/dist/objects/getters.js +185 -126
package/dist/objects/inspect.js +85 -52
package/dist/objects/mutate.js +96 -76
package/dist/objects/predicates.js +112 -59
package/dist/objects/sort.js +120 -76
package/dist/objects/types.js +1 -17
package/dist/packages/edit-class.js +198 -265
package/dist/packages/edit.js +79 -86
package/dist/packages/exports.js +146 -157
package/dist/packages/isolation.js +159 -209
package/dist/packages/licenses.js +207 -189
package/dist/packages/manifest.js +134 -172
package/dist/packages/normalize.js +91 -102
package/dist/packages/operations.d.ts +2 -0
package/dist/packages/operations.js +283 -254
package/dist/packages/provenance.js +195 -245
package/dist/packages/specs.js +94 -84
package/dist/packages/types.js +1 -17
package/dist/packages/validation.js +49 -50
package/dist/paths/_internal.js +82 -86
package/dist/paths/conversion.js +112 -65
package/dist/paths/dirnames.js +17 -42
package/dist/paths/exts.js +23 -54
package/dist/paths/filenames.js +21 -50
package/dist/paths/globs.js +15 -38
package/dist/paths/normalize.js +215 -236
package/dist/paths/packages.js +34 -49
package/dist/paths/predicates.js +184 -106
package/dist/paths/resolve.js +146 -128
package/dist/paths/rewire.js +108 -72
package/dist/paths/socket.js +252 -132
package/dist/paths/walk.d.ts +40 -0
package/dist/paths/walk.js +58 -0
package/dist/perf/_internal.js +10 -28
package/dist/perf/enabled.js +21 -30
package/dist/perf/metrics.js +81 -67
package/dist/perf/report.js +79 -80
package/dist/perf/timer.js +180 -126
package/dist/perf/types.js +1 -17
package/dist/pkg-ext/data.js +29 -82
package/dist/pkg-ext/types.js +1 -17
package/dist/primordials/array.js +120 -198
package/dist/primordials/buffer.js +28 -51
package/dist/primordials/date.js +26 -51
package/dist/primordials/error.js +33 -59
package/dist/primordials/function.js +21 -41
package/dist/primordials/globals.js +25 -48
package/dist/primordials/json.js +14 -30
package/dist/primordials/map-set.js +88 -152
package/dist/primordials/math.js +59 -116
package/dist/primordials/number.js +41 -76
package/dist/primordials/object.js +56 -116
package/dist/primordials/promise.js +28 -52
package/dist/primordials/reflect.js +24 -52
package/dist/primordials/regexp.js +25 -47
package/dist/primordials/string.js +114 -167
package/dist/primordials/symbol.js +40 -72
package/dist/primordials/uncurry.js +38 -55
package/dist/primordials/url.js +27 -66
package/dist/process/_internal.js +7 -32
package/dist/process/abort.js +29 -35
package/dist/process/lock-instance.js +26 -30
package/dist/process/lock-manager.js +279 -307
package/dist/process/lock-types.js +1 -17
package/dist/process/spawn/_internal.js +43 -55
package/dist/process/spawn/child.js +172 -211
package/dist/process/spawn/errors.js +116 -113
package/dist/process/spawn/stdio.js +51 -35
package/dist/process/spawn/types.js +1 -17
package/dist/process/transient.js +49 -66
package/dist/promises/_internal.d.ts +8 -2
package/dist/promises/_internal.js +31 -38
package/dist/promises/iterate.js +238 -102
package/dist/promises/options.js +123 -101
package/dist/promises/queue.js +115 -136
package/dist/promises/resolvers.js +77 -46
package/dist/promises/retry.js +156 -101
package/dist/promises/types.js +1 -17
package/dist/regexps/escape.js +32 -30
package/dist/regexps/hex.js +16 -33
package/dist/regexps/spec.js +53 -81
package/dist/releases/github-archives.js +127 -118
package/dist/releases/github-asset-url.js +162 -155
package/dist/releases/github-assets.js +37 -49
package/dist/releases/github-auth.js +32 -48
package/dist/releases/github-downloads.js +118 -138
package/dist/releases/github-listing.js +175 -154
package/dist/releases/github-retry-config.d.ts +31 -0
package/dist/releases/github-retry-config.js +46 -0
package/dist/releases/github-types.js +1 -17
package/dist/releases/socket-btm.js +273 -192
package/dist/schema/parse.js +35 -36
package/dist/schema/types.js +1 -17
package/dist/schema/validate.js +118 -99
package/dist/sea/detect.js +57 -52
package/dist/secrets/_internal.js +86 -67
package/dist/secrets/find.js +96 -77
package/dist/secrets/keychain.js +315 -309
package/dist/secrets/linux.js +133 -135
package/dist/secrets/macos.js +151 -147
package/dist/secrets/rc.js +182 -181
package/dist/secrets/socket-api-token.js +28 -43
package/dist/secrets/types.js +1 -17
package/dist/secrets/windows.js +184 -242
package/dist/shadow/skip.js +51 -70
package/dist/shadow/types.js +1 -17
package/dist/shell/parse.d.ts +26 -0
package/dist/shell/parse.js +35 -0
package/dist/shell/quote.d.ts +19 -0
package/dist/shell/quote.js +30 -0
package/dist/smol/detect.js +67 -43
package/dist/smol/http.js +33 -37
package/dist/smol/https.js +31 -37
package/dist/smol/manifest.js +33 -37
package/dist/smol/path.d.ts +51 -0
package/dist/smol/path.js +38 -0
package/dist/smol/primordial.js +35 -37
package/dist/smol/purl.js +34 -37
package/dist/smol/versions.js +31 -37
package/dist/smol/vfs.js +46 -38
package/dist/sorts/_internal.js +14 -40
package/dist/sorts/natural.js +57 -64
package/dist/sorts/semver.js +33 -43
package/dist/sorts/strings.js +24 -30
package/dist/sorts/types.js +1 -17
package/dist/spinner/default.js +72 -63
package/dist/spinner/format.js +86 -71
package/dist/spinner/spinner.js +749 -797
package/dist/spinner/types.js +1 -17
package/dist/spinner/with.js +193 -137
package/dist/ssri/convert.js +64 -47
package/dist/ssri/parse.js +38 -37
package/dist/ssri/validate.js +51 -34
package/dist/stdio/_internal.js +50 -46
package/dist/stdio/clear.js +208 -86
package/dist/stdio/divider.js +170 -97
package/dist/stdio/footer.js +116 -110
package/dist/stdio/header.js +117 -90
package/dist/stdio/progress.js +189 -218
package/dist/stdio/prompts.js +244 -168
package/dist/stdio/stderr.js +173 -78
package/dist/stdio/stdout.js +177 -94
package/dist/streams/parallel.js +58 -50
package/dist/streams/transform.js +36 -45
package/dist/strings/format.js +145 -63
package/dist/strings/predicates.js +56 -34
package/dist/strings/search.js +52 -42
package/dist/strings/transform.js +113 -72
package/dist/strings/types.js +1 -17
package/dist/strings/width.js +89 -82
package/dist/tables/bordered.js +81 -81
package/dist/tables/padding.js +36 -46
package/dist/tables/simple.js +62 -70
package/dist/tables/types.js +1 -17
package/dist/temporal/instant.js +72 -81
package/dist/temporal/now.js +40 -31
package/dist/temporal/slots.js +42 -36
package/dist/temporal/system.js +36 -36
package/dist/temporal/temporal.js +11 -41
package/dist/themes/context.js +131 -69
package/dist/themes/resolve.js +207 -132
package/dist/themes/themes.js +225 -194
package/dist/themes/types.js +1 -17
package/dist/url/parse.js +48 -51
package/dist/url/predicates.js +24 -31
package/dist/url/search-params.js +133 -101
package/dist/url/types.js +1 -17
package/dist/versions/_internal.js +31 -33
package/dist/versions/compare.js +80 -58
package/dist/versions/modify.js +41 -39
package/dist/versions/parse.js +88 -64
package/dist/versions/range.js +58 -41
package/dist/versions/types.js +1 -17
package/dist/words/article.js +22 -30
package/dist/words/capitalize.js +25 -34
package/dist/words/pluralize.js +23 -31
package/dist/words/types.js +1 -17
package/package.json +42 -5

package/dist/releases/github-downloads.js CHANGED Viewed

@@ -1,143 +1,123 @@
 "use strict";
-/* Socket Lib - Built with esbuild */
-"use strict";
-var __create = Object.create;
-var __defProp = Object.defineProperty;
-var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
-var __getOwnPropNames = Object.getOwnPropertyNames;
-var __getProtoOf = Object.getPrototypeOf;
-var __hasOwnProp = Object.prototype.hasOwnProperty;
-var __export = (target, all) => {
-  for (var name in all)
-    __defProp(target, name, { get: all[name], enumerable: true });
-};
-var __copyProps = (to, from, except, desc) => {
-  if (from && typeof from === "object" || typeof from === "function") {
-    for (let key of __getOwnPropNames(from))
-      if (!__hasOwnProp.call(to, key) && key !== except)
-        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
-  }
-  return to;
-};
-var __toESM = (mod, isNodeMode, target) => (target = mod != null ? __create(__getProtoOf(mod)) : {}, __copyProps(
-  // If the importer is in node compatibility mode or this is not an ESM
-  // file that has been converted to a CommonJS file using a Babel-
-  // compatible transform (i.e. "__esModule" has not been set), then set
-  // "default" to the CommonJS "module.exports" for node compatibility.
-  isNodeMode || !mod || !mod.__esModule ? __defProp(target, "default", { value: mod, enumerable: true }) : target,
-  mod
-));
-var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
-var github_downloads_exports = {};
-__export(github_downloads_exports, {
-  downloadGitHubRelease: () => downloadGitHubRelease,
-  downloadReleaseAsset: () => downloadReleaseAsset
-});
-module.exports = __toCommonJS(github_downloads_exports);
-var import_node_process = __toESM(require("node:process"));
-var import_safe = require("../fs/safe");
-var import_download = require("../http-request/download");
-var import_default = require("../logger/default");
-var import_error = require("../primordials/error");
-var import_string = require("../primordials/string");
-var import_child = require("../process/spawn/child");
-var import_github_asset_url = require("./github-asset-url");
-var import_github_listing = require("./github-listing");
-var import_fs = require("../node/fs");
-var import_path = require("../node/path");
-const logger = (0, import_default.getDefaultLogger)();
+/* Socket Lib - Built with rolldown */
+Object.defineProperty(exports, Symbol.toStringTag, { value: 'Module' });
+const require_runtime = require('../_virtual/_rolldown/runtime.js');
+const require_primordials_error = require('../primordials/error.js');
+const require_primordials_string = require('../primordials/string.js');
+const require_node_fs = require('../node/fs.js');
+const require_node_path = require('../node/path.js');
+const require_logger_default = require('../logger/default.js');
+const require_process_spawn_child = require('../process/spawn/child.js');
+const require_fs_safe = require('../fs/safe.js');
+const require_http_request_download = require('../http-request/download.js');
+const require_releases_github_asset_url = require('./github-asset-url.js');
+const require_releases_github_listing = require('./github-listing.js');
+let node_process = require("node:process");
+node_process = require_runtime.__toESM(node_process);
+//#region src/releases/github-downloads.ts
+/**
+* @file GitHub release asset downloads.
+*/
+const logger = require_logger_default.getDefaultLogger();
+/**
+* Download a binary from any GitHub repository with version caching.
+*
+* @example
+*   ;```typescript
+*   const binaryPath = await downloadGitHubRelease({
+*     owner: 'SocketDev',
+*     repo: 'socket-btm',
+*     toolName: 'lief',
+*     toolPrefix: 'lief-',
+*     assetName: 'lief-linux-x64',
+*     binaryName: 'lief',
+*     platformArch: 'linux-x64',
+*   })
+*   ```
+*
+* @param config - Download configuration.
+*
+* @returns Path to the downloaded binary
+*/
 async function downloadGitHubRelease(config) {
-  const {
-    assetName,
-    binaryName,
-    cwd = import_node_process.default.cwd(),
-    downloadDir = "build/downloaded",
-    owner,
-    platformArch,
-    quiet = false,
-    removeMacOSQuarantine = true,
-    repo,
-    tag: explicitTag,
-    toolName,
-    toolPrefix
-  } = config;
-  let tag;
-  if (explicitTag) {
-    tag = explicitTag;
-  } else if (toolPrefix) {
-    const latestTag = await (0, import_github_listing.getLatestRelease)(toolPrefix, { owner, repo });
-    if (!latestTag) {
-      throw new import_error.ErrorCtor(`No ${toolPrefix} release found in ${owner}/${repo}`);
-    }
-    tag = latestTag;
-  } else {
-    throw new import_error.ErrorCtor("Either toolPrefix or tag must be provided");
-  }
-  const path = (0, import_path.getNodePath)();
-  const resolvedDownloadDir = path.isAbsolute(downloadDir) ? downloadDir : path.join(cwd, downloadDir);
-  const binaryDir = resolvedDownloadDir;
-  const binaryPath = path.join(binaryDir, binaryName);
-  const versionPath = path.join(binaryDir, ".version");
-  const fs = (0, import_fs.getNodeFs)();
-  if (fs.existsSync(versionPath) && fs.existsSync(binaryPath)) {
-    const cachedVersion = (await fs.promises.readFile(versionPath, "utf8")).trim();
-    if (cachedVersion === tag && fs.existsSync(binaryPath)) {
-      if (!quiet) {
-        logger.info(`Using cached ${toolName} (${platformArch}): ${binaryPath}`);
-      }
-      return binaryPath;
-    }
-  }
-  if (!quiet) {
-    logger.info(`Downloading ${toolName} for ${platformArch}...`);
-  }
-  await downloadReleaseAsset(
-    tag,
-    assetName,
-    binaryPath,
-    { owner, repo },
-    { quiet }
-  );
-  const isWindows = (0, import_string.StringPrototypeEndsWith)(binaryName, ".exe");
-  if (!isWindows) {
-    fs.chmodSync(binaryPath, 493);
-    if (removeMacOSQuarantine && import_node_process.default.platform === "darwin" && (0, import_string.StringPrototypeStartsWith)(platformArch, "darwin")) {
-      try {
-        await (0, import_child.spawn)("xattr", ["-d", "com.apple.quarantine", binaryPath], {
-          stdio: "ignore"
-        });
-      } catch {
-      }
-    }
-  }
-  await fs.promises.writeFile(versionPath, tag, "utf8");
-  if (!quiet) {
-    logger.info(`Downloaded ${toolName} to ${binaryPath}`);
-  }
-  return binaryPath;
+	const { assetName, binaryName, cwd = node_process.default.cwd(), downloadDir = "build/downloaded", owner, platformArch, quiet = false, removeMacOSQuarantine = true, repo, tag: explicitTag, toolName, toolPrefix } = config;
+	let tag;
+	if (explicitTag) tag = explicitTag;
+	else if (toolPrefix) {
+		const latestTag = await require_releases_github_listing.getLatestRelease(toolPrefix, {
+			owner,
+			repo
+		});
+		if (!latestTag) throw new require_primordials_error.ErrorCtor(`No ${toolPrefix} release found in ${owner}/${repo}`);
+		tag = latestTag;
+	} else throw new require_primordials_error.ErrorCtor("Either toolPrefix or tag must be provided");
+	const path = /* @__PURE__ */ require_node_path.getNodePath();
+	const binaryDir = path.isAbsolute(downloadDir) ? downloadDir : path.join(cwd, downloadDir);
+	const binaryPath = path.join(binaryDir, binaryName);
+	const versionPath = path.join(binaryDir, ".version");
+	const fs = /* @__PURE__ */ require_node_fs.getNodeFs();
+	if (fs.existsSync(versionPath) && fs.existsSync(binaryPath)) {
+		if ((await fs.promises.readFile(versionPath, "utf8")).trim() === tag && fs.existsSync(binaryPath)) {
+			if (!quiet) logger.info(`Using cached ${toolName} (${platformArch}): ${binaryPath}`);
+			return binaryPath;
+		}
+	}
+	if (!quiet) logger.info(`Downloading ${toolName} for ${platformArch}...`);
+	await downloadReleaseAsset(tag, assetName, binaryPath, {
+		owner,
+		repo
+	}, { quiet });
+	if (!require_primordials_string.StringPrototypeEndsWith(binaryName, ".exe")) {
+		fs.chmodSync(binaryPath, 493);
+		if (removeMacOSQuarantine && node_process.default.platform === "darwin" && require_primordials_string.StringPrototypeStartsWith(platformArch, "darwin")) try {
+			await require_process_spawn_child.spawn("xattr", [
+				"-d",
+				"com.apple.quarantine",
+				binaryPath
+			], { stdio: "ignore" });
+		} catch {}
+	}
+	await fs.promises.writeFile(versionPath, tag, "utf8");
+	if (!quiet) logger.info(`Downloaded ${toolName} to ${binaryPath}`);
+	return binaryPath;
 }
+/**
+* Download a specific release asset. Supports pattern matching for dynamic
+* asset discovery.
+*
+* @example
+*   ;```typescript
+*   await downloadReleaseAsset('v1.0.0', 'tool-linux-x64', '/tmp/tool', {
+*     owner: 'SocketDev',
+*     repo: 'socket-btm',
+*   })
+*   ```
+*
+* @param tag - Release tag name.
+* @param assetPattern - Asset name or pattern (glob string, prefix/suffix
+*   object, or RegExp)
+* @param outputPath - Path to write the downloaded file.
+* @param repoConfig - Repository configuration (owner/repo)
+* @param options - Additional options.
+*/
 async function downloadReleaseAsset(tag, assetPattern, outputPath, repoConfig, options = {}) {
-  const { owner, repo } = repoConfig;
-  const { quiet = false } = options;
-  const downloadUrl = await (0, import_github_asset_url.getReleaseAssetUrl)(tag, assetPattern, {
-    owner,
-    repo
-  });
-  if (!downloadUrl) {
-    const patternDesc = typeof assetPattern === "string" ? assetPattern : "matching pattern";
-    throw new import_error.ErrorCtor(`Asset ${patternDesc} not found in release ${tag}`);
-  }
-  const path = (0, import_path.getNodePath)();
-  await (0, import_safe.safeMkdir)(path.dirname(outputPath));
-  await (0, import_download.httpDownload)(downloadUrl, outputPath, {
-    logger: quiet ? void 0 : logger,
-    progressInterval: 10,
-    retries: 2,
-    retryDelay: 5e3
-  });
+	const { owner, repo } = repoConfig;
+	const { quiet = false } = options;
+	const downloadUrl = await require_releases_github_asset_url.getReleaseAssetUrl(tag, assetPattern, {
+		owner,
+		repo
+	});
+	if (!downloadUrl) throw new require_primordials_error.ErrorCtor(`Asset ${typeof assetPattern === "string" ? assetPattern : "matching pattern"} not found in release ${tag}`);
+	await require_fs_safe.safeMkdir((/* @__PURE__ */ require_node_path.getNodePath()).dirname(outputPath));
+	await require_http_request_download.httpDownload(downloadUrl, outputPath, {
+		logger: quiet ? void 0 : logger,
+		progressInterval: 10,
+		retries: 2,
+		retryDelay: 5e3
+	});
 }
-// Annotate the CommonJS export names for ESM import in node:
-0 && (module.exports = {
-  downloadGitHubRelease,
-  downloadReleaseAsset
-});
+//#endregion
+exports.downloadGitHubRelease = downloadGitHubRelease;
+exports.downloadReleaseAsset = downloadReleaseAsset;

package/dist/releases/github-listing.js CHANGED Viewed

@@ -1,53 +1,56 @@
 "use strict";
-/* Socket Lib - Built with esbuild */
-"use strict";
-var __defProp = Object.defineProperty;
-var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
-var __getOwnPropNames = Object.getOwnPropertyNames;
-var __hasOwnProp = Object.prototype.hasOwnProperty;
-var __export = (target, all) => {
-  for (var name in all)
-    __defProp(target, name, { get: all[name], enumerable: true });
-};
-var __copyProps = (to, from, except, desc) => {
-  if (from && typeof from === "object" || typeof from === "function") {
-    for (let key of __getOwnPropNames(from))
-      if (!__hasOwnProp.call(to, key) && key !== except)
-        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
-  }
-  return to;
-};
-var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
-var github_listing_exports = {};
-__export(github_listing_exports, {
-  fetchReleasesViaGraphQL: () => fetchReleasesViaGraphQL,
-  fetchReleasesViaRest: () => fetchReleasesViaRest,
-  getLatestRelease: () => getLatestRelease
-});
-module.exports = __toCommonJS(github_listing_exports);
-var import_request = require("../http-request/request");
-var import_retry = require("../promises/retry");
-var import_array = require("../primordials/array");
-var import_date = require("../primordials/date");
-var import_error = require("../primordials/error");
-var import_json = require("../primordials/json");
-var import_object = require("../primordials/object");
-var import_string = require("../primordials/string");
-var import_github_assets = require("./github-assets");
-var import_github_auth = require("./github-auth");
-const RETRY_CONFIG = (0, import_object.ObjectFreeze)({
-  __proto__: null,
-  // Exponential backoff: delay doubles with each retry (5s, 10s, 20s).
-  backoffFactor: 2,
-  // Initial delay before first retry.
-  baseDelayMs: 5e3,
-  // Maximum number of retry attempts (excluding initial request).
-  retries: 2
-});
+/* Socket Lib - Built with rolldown */
+Object.defineProperty(exports, Symbol.toStringTag, { value: 'Module' });
+const require_primordials_error = require('../primordials/error.js');
+const require_primordials_string = require('../primordials/string.js');
+const require_primordials_array = require('../primordials/array.js');
+const require_primordials_date = require('../primordials/date.js');
+const require_primordials_json = require('../primordials/json.js');
+const require_promises_retry = require('../promises/retry.js');
+const require_http_request_request = require('../http-request/request.js');
+const require_releases_github_assets = require('./github-assets.js');
+const require_releases_github_auth = require('./github-auth.js');
+const require_releases_github_retry_config = require('./github-retry-config.js');
+//#region src/releases/github-listing.ts
+/**
+* @file GitHub release listing via REST + GraphQL. Split out of
+*   `releases/github-api.ts` for size hygiene. Holds the "list all releases for
+*   a repo" path (both transports + the latest-matching-tag picker that
+*   composes them):
+*
+*   - `fetchReleasesViaRest` — canonical REST `/releases?per_page=100` listing
+*   - `fetchReleasesViaGraphQL` — GraphQL fallback when REST's ES index is
+*     degraded
+*   - `getLatestRelease` — REST → GraphQL fallback + prefix/asset filter The
+*     per-tag asset-URL lookup lives in `./github-asset-url`.
+*/
+/**
+* Fetch the latest 100 releases for a repo via GraphQL.
+*
+* Why this exists: `fetchReleasesViaRest` can return `[]` for two reasons (real
+* empty repo vs. GitHub-incident-degraded backend). When REST returns nothing,
+* the caller in `getLatestRelease` calls THIS to disambiguate — if we return >0
+* here, REST was lying.
+*
+* Field shape diffs we normalize: GraphQL returns REST equivalent Why they
+* differ `tagName` `tag_name` camelCase vs. snake_case `publishedAt`
+* `published_at` camelCase vs. snake_case `releaseAssets.nodes` `assets`
+* GraphQL connection wrapper unwrapped.
+*
+* We re-shape inside the `.map(...)` at the bottom so callers downstream can
+* use the SAME code path regardless of which transport ran.
+*
+* Why we hit a different backend: GraphQL queries don't go through the same
+* Elasticsearch index that REST listings rely on. During incidents that drop
+* the ES index (or its connectivity), GraphQL's `repository.releases`
+* connection keeps working because it reads from a different data path inside
+* GitHub. That's the entire reason this fallback exists.
+*/
 async function fetchReleasesViaGraphQL(owner, repo) {
-  const response = await (0, import_request.httpRequest)("https://api.github.com/graphql", {
-    body: (0, import_json.JSONStringify)({
-      query: `query($owner: String!, $repo: String!) {
+	const response = await require_http_request_request.httpRequest("https://api.github.com/graphql", {
+		body: require_primordials_json.JSONStringify({
+			query: `query($owner: String!, $repo: String!) {
         repository(owner: $owner, name: $repo) {
           releases(first: 100, orderBy: {field: CREATED_AT, direction: DESC}) {
             nodes {
@@ -58,114 +61,132 @@ async function fetchReleasesViaGraphQL(owner, repo) {
           }
         }
       }`,
-      variables: { owner, repo }
-    }),
-    headers: { ...(0, import_github_auth.getAuthHeaders)(), "Content-Type": "application/json" },
-    method: "POST"
-  });
-  if (!response.ok) {
-    throw new import_error.ErrorCtor(
-      `Failed to fetch ${owner}/${repo} releases (GraphQL): ${response.status}`
-    );
-  }
-  let parsed;
-  try {
-    parsed = (0, import_json.JSONParse)(response.body.toString("utf8"));
-  } catch (cause) {
-    throw new import_error.ErrorCtor(
-      `Failed to parse GitHub GraphQL response for ${owner}/${repo} releases`,
-      { cause }
-    );
-  }
-  if (parsed.errors?.length) {
-    throw new import_error.ErrorCtor(
-      `GraphQL repository.releases(${owner}/${repo}) returned errors: ${parsed.errors.map((e) => e.message).join("; ")}`
-    );
-  }
-  return (parsed.data?.repository?.releases?.nodes ?? []).map((n) => ({
-    tag_name: n.tagName,
-    published_at: n.publishedAt,
-    assets: n.releaseAssets?.nodes ?? []
-  }));
+			variables: {
+				owner,
+				repo
+			}
+		}),
+		headers: {
+			...require_releases_github_auth.getAuthHeaders(),
+			"Content-Type": "application/json"
+		},
+		method: "POST"
+	});
+	if (!response.ok) throw new require_primordials_error.ErrorCtor(`Failed to fetch ${owner}/${repo} releases (GraphQL): ${response.status}`);
+	let parsed;
+	try {
+		parsed = require_primordials_json.JSONParse(response.body.toString("utf8"));
+	} catch (cause) {
+		throw new require_primordials_error.ErrorCtor(`Failed to parse GitHub GraphQL response for ${owner}/${repo} releases`, { cause });
+	}
+	/* c8 ignore start */
+	if (parsed.errors?.length) throw new require_primordials_error.ErrorCtor(`GraphQL repository.releases(${owner}/${repo}) returned errors: ${parsed.errors.map((e) => e.message).join("; ")}`);
+	return (parsed.data?.repository?.releases?.nodes ?? []).map((n) => ({
+		tag_name: n.tagName,
+		published_at: n.publishedAt,
+		assets: n.releaseAssets?.nodes ?? []
+	}));
+	/* c8 ignore stop */
 }
+/**
+* Fetch the latest 100 releases for a repo via REST.
+*
+* Why this returns `[]` on TWO different cases:
+*
+* - HTTP 200 + zero-byte body. This is the documented GitHub "search degraded"
+*   incident shape (see status.github.com). The releases listing endpoint
+*   shares an Elasticsearch index with search; when that ES is degraded,
+*   `/releases` returns a successful 200 OK but with NO BODY. There's no error
+*   code, no Retry-After, no rate-limit header — just an empty payload.
+* - HTTP 200 + literal `[]`. This is the _normal_ "the repo has no releases"
+*   response — say a brand-new repo with no published versions.
+*
+* Both produce the same `[]` here because the helper can't tell them apart
+* without context. The CALLER (getLatestRelease) does the cross-check: if REST
+* returns `[]`, query GraphQL once. If GraphQL also returns `[]`, the repo
+* really is empty. If it returns >0, REST was lying and we use GraphQL's
+* answer.
+*
+* Why we throw on non-OK status: `pRetry` wraps this call and retries on thrown
+* errors with exponential backoff. A 5xx is transient and worth retrying; we
+* want it to throw so pRetry can do its job. Empty body is NOT thrown because
+* pRetry can't help — a 200 OK is "done" as far as retry policy is concerned.
+*/
 async function fetchReleasesViaRest(owner, repo) {
-  const response = await (0, import_request.httpRequest)(
-    `https://api.github.com/repos/${owner}/${repo}/releases?per_page=100`,
-    { headers: (0, import_github_auth.getAuthHeaders)() }
-  );
-  if (!response.ok) {
-    throw new import_error.ErrorCtor(
-      `Failed to fetch ${owner}/${repo} releases: ${response.status}`
-    );
-  }
-  const text = response.body.toString("utf8");
-  if (text.length === 0) {
-    return [];
-  }
-  let parsed;
-  try {
-    parsed = (0, import_json.JSONParse)(text);
-  } catch (cause) {
-    throw new import_error.ErrorCtor(`Failed to parse ${owner}/${repo} releases response`, {
-      cause
-    });
-  }
-  return (0, import_array.ArrayIsArray)(parsed) ? parsed : [];
+	const response = await require_http_request_request.httpRequest(`https://api.github.com/repos/${owner}/${repo}/releases?per_page=100`, { headers: require_releases_github_auth.getAuthHeaders() });
+	if (!response.ok) throw new require_primordials_error.ErrorCtor(`Failed to fetch ${owner}/${repo} releases: ${response.status}`);
+	const text = response.body.toString("utf8");
+	if (text.length === 0) return [];
+	let parsed;
+	try {
+		parsed = require_primordials_json.JSONParse(text);
+	} catch (cause) {
+		throw new require_primordials_error.ErrorCtor(`Failed to parse ${owner}/${repo} releases response`, { cause });
+	}
+	/* c8 ignore start */
+	return require_primordials_array.ArrayIsArray(parsed) ? parsed : [];
+	/* c8 ignore stop */
 }
+/**
+* Get latest release tag matching a tool prefix. Optionally filter by releases
+* containing a matching asset.
+*
+* @example
+*   ;```typescript
+*   const tag = await getLatestRelease('lief-', {
+*     owner: 'SocketDev',
+*     repo: 'socket-btm',
+*   })
+*   console.log(tag) // 'lief-2025-01-15-abc1234'
+*   ```
+*
+* @param toolPrefix - Tool name prefix to search for (e.g., 'node-smol-')
+* @param repoConfig - Repository configuration (owner/repo)
+* @param options - Additional options.
+* @param options.assetPattern - Optional pattern to filter releases by matching
+*   asset.
+* @param options.nothrow - If true, return undefined instead of throwing when
+*   both REST and GraphQL backends are degraded. Default: false.
+*
+* @returns Latest release tag or undefined if not found
+*
+* @throws {Error} If both REST and GraphQL backends are degraded and nothrow is
+*   false.
+*/
 async function getLatestRelease(toolPrefix, repoConfig, options = {}) {
-  const { assetPattern, nothrow = false } = options;
-  const { owner, repo } = repoConfig;
-  const isMatch = assetPattern ? (0, import_github_assets.createAssetMatcher)(assetPattern) : void 0;
-  return await (0, import_retry.pRetry)(async () => {
-    let releases = await fetchReleasesViaRest(owner, repo);
-    if (releases.length === 0) {
-      let graphqlReleases;
-      try {
-        graphqlReleases = await fetchReleasesViaGraphQL(owner, repo);
-      } catch (cause) {
-        if (nothrow) {
-          return void 0;
-        }
-        throw new import_error.ErrorCtor(
-          `Failed to list ${owner}/${repo} releases: both REST and GraphQL backends degraded`,
-          { cause }
-        );
-      }
-      if (graphqlReleases.length > 0) {
-        releases = graphqlReleases;
-      }
-    }
-    const matchingReleases = releases.filter((release) => {
-      const { assets, tag_name: tag } = release;
-      if (!(0, import_string.StringPrototypeStartsWith)(tag, toolPrefix)) {
-        return false;
-      }
-      if (!assets || assets.length === 0) {
-        return false;
-      }
-      if (isMatch) {
-        const hasMatchingAsset = assets.some(
-          (a) => isMatch(a.name)
-        );
-        if (!hasMatchingAsset) {
-          return false;
-        }
-      }
-      return true;
-    });
-    if (matchingReleases.length === 0) {
-      return void 0;
-    }
-    matchingReleases.sort(
-      (a, b) => (0, import_date.DateParse)(b.published_at) - (0, import_date.DateParse)(a.published_at)
-    );
-    const latestRelease = matchingReleases[0];
-    return latestRelease.tag_name;
-  }, RETRY_CONFIG) ?? void 0;
+	const { assetPattern, nothrow = false } = options;
+	const { owner, repo } = repoConfig;
+	const isMatch = assetPattern ? require_releases_github_assets.createAssetMatcher(assetPattern) : void 0;
+	return await /* @__PURE__ */ require_promises_retry.pRetry(async () => {
+		let releases = await fetchReleasesViaRest(owner, repo);
+		if (releases.length === 0) {
+			let graphqlReleases;
+			try {
+				graphqlReleases = await fetchReleasesViaGraphQL(owner, repo);
+			} catch (cause) {
+				/* c8 ignore next 7 - REST + GraphQL both-degraded branch
+				requires both real backends to fail simultaneously. */
+				if (nothrow) return;
+				throw new require_primordials_error.ErrorCtor(`Failed to list ${owner}/${repo} releases: both REST and GraphQL backends degraded`, { cause });
+			}
+			if (graphqlReleases.length > 0) releases = graphqlReleases;
+		}
+		const matchingReleases = releases.filter((release) => {
+			const { assets, tag_name: tag } = release;
+			if (!require_primordials_string.StringPrototypeStartsWith(tag, toolPrefix)) return false;
+			if (!assets || assets.length === 0) return false;
+			if (isMatch) {
+				if (!assets.some((a) => isMatch(a.name))) return false;
+			}
+			return true;
+		});
+		if (matchingReleases.length === 0) return;
+		matchingReleases.sort((a, b) => require_primordials_date.DateParse(b.published_at) - require_primordials_date.DateParse(a.published_at));
+		return matchingReleases[0].tag_name;
+	}, require_releases_github_retry_config.GITHUB_RETRY_CONFIG) ?? void 0;
 }
-// Annotate the CommonJS export names for ESM import in node:
-0 && (module.exports = {
-  fetchReleasesViaGraphQL,
-  fetchReleasesViaRest,
-  getLatestRelease
-});
+//#endregion
+exports.fetchReleasesViaGraphQL = fetchReleasesViaGraphQL;
+exports.fetchReleasesViaRest = fetchReleasesViaRest;
+exports.getLatestRelease = getLatestRelease;

package/dist/releases/github-retry-config.d.ts ADDED Viewed

@@ -0,0 +1,31 @@
+/**
+ * @file Shared retry configuration for the GitHub release helpers
+ *   (`github-listing`, `github-asset-url`). Exponential backoff over the
+ *   transient-failure / rate-limit surface. `baseDelayMs` is overridable via
+ *   `SOCKET_GITHUB_RETRY_BASE_DELAY_MS` — set it to `0` for near-instant
+ *   retries. Tests set it so the backoff sleep (5s + 10s of real wallclock)
+ *   doesn't run: pRetry's delay goes through `node:timers/promises`, which
+ *   `vi.useFakeTimers()` doesn't reliably intercept, so a zero base delay is
+ *   the robust, fake-timer-independent way to keep these tests fast. CI can
+ *   also dial it down. Default stays 5000ms for production resilience.
+ */
+/**
+ * Default base delay (ms) before the first retry when the env override is unset
+ * or non-numeric.
+ */
+export declare const DEFAULT_BASE_DELAY_MS = 5000;
+/**
+ * Resolve the retry base delay from `SOCKET_GITHUB_RETRY_BASE_DELAY_MS`,
+ * falling back to {@link DEFAULT_BASE_DELAY_MS}. Read live (not memoized) so
+ * it's unit-testable by mutating the env — and so a long-lived process that has
+ * the env changed under it picks up the new value on next read.
+ *
+ * @returns The configured base delay in milliseconds.
+ */
+export declare function resolveBaseDelayMs(): number;
+export declare const GITHUB_RETRY_CONFIG: Readonly<{
+    __proto__: null;
+    backoffFactor: 2;
+    baseDelayMs: number;
+    retries: 2;
+}>;