npm - @socketsecurity/lib - Versions diffs - 6.0.3 → 6.0.4 - Mend

@socketsecurity/lib 6.0.3 → 6.0.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (542) hide show

package/CHANGELOG.md +16 -0
package/dist/_virtual/_rolldown/runtime.js +45 -0
package/dist/abort/signal.js +53 -59
package/dist/ai/discover.js +110 -110
package/dist/ai/profiles.js +94 -65
package/dist/ai/spawn.js +172 -194
package/dist/ai/types.js +1 -17
package/dist/ai/worktree.js +160 -183
package/dist/ansi/constants.js +16 -38
package/dist/ansi/strip.js +44 -41
package/dist/archives/_internal.js +64 -73
package/dist/archives/detect.js +30 -43
package/dist/archives/extract.js +43 -50
package/dist/archives/tar.js +197 -228
package/dist/archives/types.js +1 -17
package/dist/archives/zip.js +85 -121
package/dist/argv/flag-predicates.js +203 -101
package/dist/argv/flag-types.js +96 -113
package/dist/argv/parse-args-string.d.ts +16 -14
package/dist/argv/parse-args-string.js +42 -39
package/dist/argv/parse.js +145 -163
package/dist/arrays/_internal.js +65 -48
package/dist/arrays/chunk.js +51 -40
package/dist/arrays/join.js +87 -35
package/dist/arrays/predicates.js +46 -28
package/dist/arrays/unique.js +45 -31
package/dist/bin/_internal.js +34 -42
package/dist/bin/check-primordials.js +175 -233
package/dist/bin/check.js +51 -72
package/dist/bin/exec.js +70 -74
package/dist/bin/find.js +151 -134
package/dist/bin/resolve.js +180 -246
package/dist/bin/shadow.js +24 -33
package/dist/bin/socket-lib.js +51 -73
package/dist/bin/types.js +1 -17
package/dist/bin/which.js +211 -146
package/dist/cacache/_internal.js +25 -40
package/dist/cacache/clear.js +79 -72
package/dist/cacache/read.js +48 -46
package/dist/cacache/tmp.js +29 -36
package/dist/cacache/types.js +1 -17
package/dist/cacache/write.js +43 -48
package/dist/cache/ttl/store.js +232 -288
package/dist/cache/ttl/types.js +1 -17
package/dist/checks/primordials-defaults.js +83 -89
package/dist/checks/primordials.js +225 -277
package/dist/colors/convert.js +45 -37
package/dist/colors/palette.js +88 -45
package/dist/colors/socket-palette.js +74 -84
package/dist/colors/types.js +1 -17
package/dist/compression/_internal.js +57 -72
package/dist/compression/brotli.js +94 -127
package/dist/compression/gzip.js +95 -121
package/dist/compression/types.js +1 -17
package/dist/constants/agents.js +61 -113
package/dist/constants/encoding.js +19 -42
package/dist/constants/github.js +12 -30
package/dist/constants/licenses.js +48 -63
package/dist/constants/lifecycle-script-names.js +31 -45
package/dist/constants/maintained-node-versions.js +22 -37
package/dist/constants/node.js +226 -167
package/dist/constants/package-default-node-range.js +16 -41
package/dist/constants/package-default-socket-categories.js +12 -30
package/dist/constants/packages.js +77 -126
package/dist/constants/platform.js +27 -49
package/dist/constants/sentinels.js +23 -48
package/dist/constants/socket.js +42 -87
package/dist/constants/testing.js +15 -34
package/dist/constants/time.js +16 -36
package/dist/constants/typescript.js +32 -52
package/dist/cover/code.js +111 -142
package/dist/cover/formatters.js +118 -101
package/dist/cover/type.js +50 -76
package/dist/cover/types.js +1 -17
package/dist/crypto/hash.js +54 -46
package/dist/debug/_internal.js +62 -71
package/dist/debug/caller-info.js +53 -64
package/dist/debug/namespace.js +80 -90
package/dist/debug/output.js +172 -188
package/dist/debug/types.js +1 -17
package/dist/dlx/_internal.js +24 -43
package/dist/dlx/arborist.js +162 -160
package/dist/dlx/binary-cache.js +228 -200
package/dist/dlx/binary-download.js +172 -211
package/dist/dlx/binary-resolution.js +165 -157
package/dist/dlx/binary-types.js +1 -17
package/dist/dlx/binary.js +149 -189
package/dist/dlx/cache.js +45 -30
package/dist/dlx/detect.js +245 -159
package/dist/dlx/dir.js +67 -51
package/dist/dlx/firewall.js +62 -100
package/dist/dlx/lockfile.js +122 -127
package/dist/dlx/manifest.js +264 -274
package/dist/dlx/package.js +241 -244
package/dist/dlx/packages.js +99 -96
package/dist/dlx/paths.js +73 -59
package/dist/dlx/spec.js +52 -60
package/dist/dlx/types.js +1 -17
package/dist/eco/cargo/lockfile-format.js +19 -36
package/dist/eco/cargo/manifest-format.js +17 -35
package/dist/eco/cargo/parse-lockfile.js +210 -237
package/dist/eco/manifest/analyze-lockfile.js +46 -63
package/dist/eco/manifest/detect-format.js +66 -90
package/dist/eco/manifest/find-packages.js +39 -64
package/dist/eco/manifest/get-package-versions.js +27 -48
package/dist/eco/manifest/get-package.js +21 -40
package/dist/eco/manifest/manifest-error.js +14 -35
package/dist/eco/manifest/parse-lockfile.js +40 -86
package/dist/eco/manifest/parse-manifest.js +26 -43
package/dist/eco/manifest/parse.js +26 -47
package/dist/eco/manifest/types.js +1 -17
package/dist/eco/npm/bun/exec.js +23 -32
package/dist/eco/npm/manifest-format.js +21 -35
package/dist/eco/npm/npm/exec.js +51 -61
package/dist/eco/npm/npm/extract-package-name-from-path.js +28 -50
package/dist/eco/npm/npm/flags.js +80 -52
package/dist/eco/npm/npm/lockfile-format.js +21 -40
package/dist/eco/npm/npm/parse-git-url.js +26 -40
package/dist/eco/npm/npm/parse-lockfile.js +184 -210
package/dist/eco/npm/parse-package-json.js +71 -102
package/dist/eco/npm/pnpm/detect-pnpm-version.js +22 -43
package/dist/eco/npm/pnpm/exec.js +51 -62
package/dist/eco/npm/pnpm/flags.js +75 -68
package/dist/eco/npm/pnpm/lockfile-format.js +19 -36
package/dist/eco/npm/pnpm/parse-lockfile.js +235 -259
package/dist/eco/npm/pnpm/parse-pnpm-package-id-v5.js +37 -47
package/dist/eco/npm/pnpm/parse-pnpm-package-id-v6-v9.js +36 -49
package/dist/eco/npm/script.js +82 -90
package/dist/eco/npm/vlt/exec.js +24 -32
package/dist/eco/npm/yarnpkg/yarn/exec.js +60 -59
package/dist/eco/npm/yarnpkg/yarn/lockfile-format.js +20 -36
package/dist/eco/npm/yarnpkg/yarn/parse-lockfile.js +194 -242
package/dist/eco/npm/yarnpkg/yarn/parse-yarn-descriptor.js +37 -61
package/dist/eco/purl.js +50 -60
package/dist/eco/types.js +1 -17
package/dist/effects/pulse-frames.js +64 -65
package/dist/effects/shimmer-keyframes.js +71 -52
package/dist/effects/shimmer-terminal.js +81 -50
package/dist/effects/shimmer.js +290 -153
package/dist/env/boolean.js +42 -43
package/dist/env/case-insensitive.js +54 -39
package/dist/env/ci.js +29 -31
package/dist/env/debug.js +28 -31
package/dist/env/github.js +144 -59
package/dist/env/home.js +38 -31
package/dist/env/locale.js +59 -39
package/dist/env/node-auth-token.js +28 -31
package/dist/env/node-env.js +28 -31
package/dist/env/npm.js +94 -47
package/dist/env/number.js +50 -51
package/dist/env/package-manager.js +95 -83
package/dist/env/path.js +28 -31
package/dist/env/pre-commit.js +30 -32
package/dist/env/proxy.js +121 -122
package/dist/env/rewire.js +204 -96
package/dist/env/shell.js +28 -31
package/dist/env/socket-cli.js +233 -81
package/dist/env/socket.js +521 -156
package/dist/env/string.js +43 -44
package/dist/env/temp-dir.js +59 -39
package/dist/env/term.js +28 -31
package/dist/env/test.js +65 -43
package/dist/env/types.js +1 -17
package/dist/env/windows.js +78 -43
package/dist/env/xdg.js +62 -39
package/dist/errors/message.js +40 -46
package/dist/errors/predicates.js +61 -49
package/dist/errors/stack.js +24 -36
package/dist/events/exit/_internal.js +86 -103
package/dist/events/exit/handler.js +48 -55
package/dist/events/exit/intercept.js +49 -70
package/dist/events/exit/lifecycle.js +92 -101
package/dist/events/exit/signals.js +25 -31
package/dist/events/exit/types.js +1 -17
package/dist/events/warning/handler.js +43 -40
package/dist/events/warning/suppress.js +111 -90
package/dist/external/@npmcli/package-json/lib/read-package.js +132 -153
package/dist/external/@npmcli/package-json/lib/sort.js +73 -105
package/dist/external/@npmcli/package-json.js +12705 -15140
package/dist/external/@npmcli/promise-spawn.js +451 -472
package/dist/external/@sinclair/typebox/value.js +7443 -9002
package/dist/external/@sinclair/typebox.js +7516 -7885
package/dist/external/@socketregistry/is-unicode-supported.js +31 -39
package/dist/external/@socketregistry/packageurl-js.js +6127 -7369
package/dist/external/@socketregistry/yocto-spinner.js +394 -455
package/dist/external/@yarnpkg/extensions.js +435 -1022
package/dist/external/adm-zip.js +2313 -2673
package/dist/external/debug.js +700 -687
package/dist/external/external-pack.js +2658 -3171
package/dist/external/fast-sort.js +124 -138
package/dist/external/get-east-asian-width.js +70 -64
package/dist/external/libnpmexec.js +28 -31
package/dist/external/npm-pack.js +43617 -50137
package/dist/external/p-map.js +198 -222
package/dist/external/pico-pack.js +6735 -7304
package/dist/external/pony-cause.js +143 -139
package/dist/external/shell-quote.js +226 -0
package/dist/external/spdx-pack.js +1283 -1403
package/dist/external/streaming-iterables.js +835 -1052
package/dist/external/tar-fs.js +2769 -3048
package/dist/external/which.js +267 -251
package/dist/external/yargs-parser.js +851 -1074
package/dist/external-tools/bazel/asset-names.js +98 -90
package/dist/external-tools/bazel/from-download.js +52 -46
package/dist/external-tools/bazel/from-path.js +27 -38
package/dist/external-tools/bazel/read-bazel-version-file.js +35 -57
package/dist/external-tools/bazel/resolve-asset-url.js +24 -39
package/dist/external-tools/bazel/resolve-bazel-version.js +34 -56
package/dist/external-tools/bazel/resolve.js +44 -58
package/dist/external-tools/bazel/types.js +1 -17
package/dist/external-tools/cdxgen/asset-names.js +59 -66
package/dist/external-tools/cdxgen/from-download.js +52 -80
package/dist/external-tools/cdxgen/from-path.js +19 -37
package/dist/external-tools/cdxgen/from-vfs.js +22 -43
package/dist/external-tools/cdxgen/resolve.js +48 -63
package/dist/external-tools/cdxgen/types.js +1 -17
package/dist/external-tools/from-download.js +107 -67
package/dist/external-tools/janus/asset-names.js +44 -51
package/dist/external-tools/janus/from-download.js +45 -70
package/dist/external-tools/janus/from-path.js +19 -37
package/dist/external-tools/janus/from-vfs.js +22 -43
package/dist/external-tools/janus/resolve.js +45 -63
package/dist/external-tools/janus/types.js +1 -17
package/dist/external-tools/jre/asset-names.js +109 -82
package/dist/external-tools/jre/detect-platform-arch.js +25 -49
package/dist/external-tools/jre/from-download.js +71 -67
package/dist/external-tools/jre/from-java-home.js +27 -54
package/dist/external-tools/jre/from-path.js +27 -49
package/dist/external-tools/jre/from-vfs.js +39 -60
package/dist/external-tools/jre/resolve.js +55 -68
package/dist/external-tools/jre/types.js +1 -17
package/dist/external-tools/manifest.js +130 -150
package/dist/external-tools/opengrep/asset-names.js +60 -72
package/dist/external-tools/opengrep/from-download.js +58 -80
package/dist/external-tools/opengrep/from-path.js +19 -37
package/dist/external-tools/opengrep/from-vfs.js +23 -43
package/dist/external-tools/opengrep/resolve.js +43 -63
package/dist/external-tools/opengrep/types.js +1 -17
package/dist/external-tools/sbt/asset-names.js +21 -30
package/dist/external-tools/sbt/from-download.js +50 -61
package/dist/external-tools/sbt/from-path.js +23 -38
package/dist/external-tools/sbt/from-vfs.js +30 -44
package/dist/external-tools/sbt/resolve.js +45 -63
package/dist/external-tools/sbt/types.js +1 -17
package/dist/external-tools/synp/asset-names.js +11 -29
package/dist/external-tools/synp/from-download.js +24 -41
package/dist/external-tools/synp/from-path.js +19 -37
package/dist/external-tools/synp/from-vfs.js +22 -43
package/dist/external-tools/synp/resolve.js +43 -62
package/dist/external-tools/synp/types.js +1 -17
package/dist/external-tools/trivy/asset-names.js +51 -62
package/dist/external-tools/trivy/from-download.js +42 -64
package/dist/external-tools/trivy/from-path.js +19 -37
package/dist/external-tools/trivy/from-vfs.js +22 -43
package/dist/external-tools/trivy/resolve.js +43 -63
package/dist/external-tools/trivy/types.js +1 -17
package/dist/external-tools/trufflehog/asset-names.js +54 -66
package/dist/external-tools/trufflehog/from-download.js +44 -62
package/dist/external-tools/trufflehog/from-path.js +21 -37
package/dist/external-tools/trufflehog/from-vfs.js +26 -43
package/dist/external-tools/trufflehog/resolve.js +43 -63
package/dist/external-tools/trufflehog/types.js +1 -17
package/dist/external-tools/uv/asset-names.js +64 -74
package/dist/external-tools/uv/from-download.js +44 -65
package/dist/external-tools/uv/from-path.js +19 -37
package/dist/external-tools/uv/from-vfs.js +22 -43
package/dist/external-tools/uv/resolve.js +42 -63
package/dist/external-tools/uv/types.js +1 -17
package/dist/fs/_internal.js +40 -42
package/dist/fs/access.js +57 -54
package/dist/fs/encoding.js +80 -97
package/dist/fs/find-up.js +126 -125
package/dist/fs/inspect.js +168 -99
package/dist/fs/path-cache.js +31 -32
package/dist/fs/read-dir.js +102 -79
package/dist/fs/read-file.js +177 -118
package/dist/fs/read-json-cache.js +150 -134
package/dist/fs/read-json.js +172 -187
package/dist/fs/resolve-module.js +35 -58
package/dist/fs/safe.js +278 -169
package/dist/fs/types.js +1 -17
package/dist/fs/unique.js +52 -48
package/dist/fs/validate.js +56 -40
package/dist/fs/write-json.js +109 -75
package/dist/git/_internal.js +251 -216
package/dist/git/changed.js +191 -74
package/dist/git/repo.js +118 -104
package/dist/git/staged.js +172 -62
package/dist/git/types.js +1 -17
package/dist/git/unstaged.js +175 -62
package/dist/github/constants.js +25 -33
package/dist/github/errors.js +46 -38
package/dist/github/fetch.js +137 -82
package/dist/github/ghsa.js +217 -151
package/dist/github/refs-cache.js +54 -43
package/dist/github/refs-graphql.js +97 -89
package/dist/github/refs-rest.js +70 -101
package/dist/github/refs.js +105 -64
package/dist/github/token.js +96 -48
package/dist/github/types.js +1 -17
package/dist/globs/_internal.js +73 -82
package/dist/globs/defaults.js +40 -59
package/dist/globs/match.js +93 -77
package/dist/globs/matcher.js +104 -92
package/dist/globs/stream.js +43 -55
package/dist/globs/types.js +1 -17
package/dist/http-request/_internal.js +11 -38
package/dist/http-request/browser-fetch.js +19 -29
package/dist/http-request/browser.js +188 -206
package/dist/http-request/checksums.js +101 -65
package/dist/http-request/download-types.js +1 -17
package/dist/http-request/download.js +195 -196
package/dist/http-request/errors.js +39 -47
package/dist/http-request/headers.js +95 -80
package/dist/http-request/http-request.js +10 -35
package/dist/http-request/node.js +71 -97
package/dist/http-request/request-attempt.js +232 -285
package/dist/http-request/request-types.js +1 -17
package/dist/http-request/request.js +106 -108
package/dist/http-request/response-reader.js +47 -51
package/dist/http-request/response-types.js +22 -38
package/dist/http-request/user-agent.js +73 -55
package/dist/integrity.js +105 -106
package/dist/ipc/_internal.js +34 -48
package/dist/ipc/directory.js +55 -63
package/dist/ipc/paths.js +52 -45
package/dist/ipc/types.js +1 -17
package/dist/ipc/write.js +81 -74
package/dist/ipc-cli/get.js +29 -56
package/dist/ipc-cli/types.js +1 -17
package/dist/json/edit.js +182 -242
package/dist/json/format.js +202 -103
package/dist/json/parse.js +206 -109
package/dist/json/types.js +1 -17
package/dist/links/create.js +93 -60
package/dist/links/types.js +1 -17
package/dist/logger/_internal.js +109 -73
package/dist/logger/browser.js +45 -56
package/dist/logger/colors.js +31 -49
package/dist/logger/console.js +89 -112
package/dist/logger/default.js +19 -33
package/dist/logger/logger.js +5 -29
package/dist/logger/node.js +794 -854
package/dist/logger/symbols-builder.js +54 -56
package/dist/logger/symbols.js +135 -118
package/dist/logger/types.js +1 -17
package/dist/memo/_internal.js +39 -49
package/dist/memo/async.js +133 -117
package/dist/memo/clear.js +25 -34
package/dist/memo/decorator.js +43 -37
package/dist/memo/memoize.js +97 -88
package/dist/memo/once.js +42 -41
package/dist/memo/types.js +1 -17
package/dist/memo/weak.js +45 -41
package/dist/node/async-hooks.js +9 -30
package/dist/node/child-process.js +9 -30
package/dist/node/crypto.js +9 -30
package/dist/node/events.js +9 -30
package/dist/node/fs-promises.js +9 -30
package/dist/node/fs.js +9 -30
package/dist/node/http.js +9 -30
package/dist/node/https.js +9 -30
package/dist/node/module.js +20 -34
package/dist/node/os.js +9 -30
package/dist/node/path.js +9 -30
package/dist/node/timers-promises.js +9 -30
package/dist/node/url.js +9 -30
package/dist/node/util.js +9 -30
package/dist/objects/getters.js +185 -126
package/dist/objects/inspect.js +85 -52
package/dist/objects/mutate.js +96 -76
package/dist/objects/predicates.js +112 -59
package/dist/objects/sort.js +120 -76
package/dist/objects/types.js +1 -17
package/dist/packages/edit-class.js +198 -265
package/dist/packages/edit.js +79 -86
package/dist/packages/exports.js +146 -157
package/dist/packages/isolation.js +159 -209
package/dist/packages/licenses.js +207 -189
package/dist/packages/manifest.js +134 -172
package/dist/packages/normalize.js +91 -102
package/dist/packages/operations.d.ts +2 -0
package/dist/packages/operations.js +283 -254
package/dist/packages/provenance.js +195 -245
package/dist/packages/specs.js +94 -84
package/dist/packages/types.js +1 -17
package/dist/packages/validation.js +49 -50
package/dist/paths/_internal.js +82 -86
package/dist/paths/conversion.js +112 -65
package/dist/paths/dirnames.js +17 -42
package/dist/paths/exts.js +23 -54
package/dist/paths/filenames.js +21 -50
package/dist/paths/globs.js +15 -38
package/dist/paths/normalize.js +215 -236
package/dist/paths/packages.js +34 -49
package/dist/paths/predicates.js +184 -106
package/dist/paths/resolve.js +146 -128
package/dist/paths/rewire.js +108 -72
package/dist/paths/socket.js +252 -132
package/dist/paths/walk.js +55 -60
package/dist/perf/_internal.js +10 -28
package/dist/perf/enabled.js +21 -30
package/dist/perf/metrics.js +81 -67
package/dist/perf/report.js +79 -80
package/dist/perf/timer.js +180 -126
package/dist/perf/types.js +1 -17
package/dist/pkg-ext/data.js +29 -82
package/dist/pkg-ext/types.js +1 -17
package/dist/primordials/array.js +120 -198
package/dist/primordials/buffer.js +28 -51
package/dist/primordials/date.js +26 -51
package/dist/primordials/error.js +33 -59
package/dist/primordials/function.js +21 -41
package/dist/primordials/globals.js +25 -48
package/dist/primordials/json.js +14 -30
package/dist/primordials/map-set.js +88 -152
package/dist/primordials/math.js +59 -116
package/dist/primordials/number.js +41 -76
package/dist/primordials/object.js +56 -116
package/dist/primordials/promise.js +28 -52
package/dist/primordials/reflect.js +24 -52
package/dist/primordials/regexp.js +25 -47
package/dist/primordials/string.js +114 -167
package/dist/primordials/symbol.js +40 -72
package/dist/primordials/uncurry.js +38 -55
package/dist/primordials/url.js +27 -66
package/dist/process/_internal.js +7 -32
package/dist/process/abort.js +29 -35
package/dist/process/lock-instance.js +26 -30
package/dist/process/lock-manager.js +279 -307
package/dist/process/lock-types.js +1 -17
package/dist/process/spawn/_internal.js +43 -55
package/dist/process/spawn/child.js +172 -211
package/dist/process/spawn/errors.js +116 -113
package/dist/process/spawn/stdio.js +51 -35
package/dist/process/spawn/types.js +1 -17
package/dist/process/transient.js +49 -66
package/dist/promises/_internal.js +31 -34
package/dist/promises/iterate.js +238 -102
package/dist/promises/options.js +123 -101
package/dist/promises/queue.js +115 -136
package/dist/promises/resolvers.js +77 -46
package/dist/promises/retry.js +156 -101
package/dist/promises/types.js +1 -17
package/dist/regexps/escape.js +32 -30
package/dist/regexps/hex.js +16 -33
package/dist/regexps/spec.js +53 -81
package/dist/releases/github-archives.js +127 -118
package/dist/releases/github-asset-url.js +162 -146
package/dist/releases/github-assets.js +37 -49
package/dist/releases/github-auth.js +32 -48
package/dist/releases/github-downloads.js +118 -138
package/dist/releases/github-listing.js +175 -145
package/dist/releases/github-retry-config.js +41 -47
package/dist/releases/github-types.js +1 -17
package/dist/releases/socket-btm.js +273 -192
package/dist/schema/parse.js +35 -36
package/dist/schema/types.js +1 -17
package/dist/schema/validate.js +118 -99
package/dist/sea/detect.js +57 -52
package/dist/secrets/_internal.js +86 -67
package/dist/secrets/find.js +96 -77
package/dist/secrets/keychain.js +315 -309
package/dist/secrets/linux.js +133 -135
package/dist/secrets/macos.js +151 -147
package/dist/secrets/rc.js +182 -181
package/dist/secrets/socket-api-token.js +28 -43
package/dist/secrets/types.js +1 -17
package/dist/secrets/windows.js +184 -242
package/dist/shadow/skip.js +51 -70
package/dist/shadow/types.js +1 -17
package/dist/shell/parse.d.ts +26 -0
package/dist/shell/parse.js +35 -0
package/dist/shell/quote.d.ts +19 -0
package/dist/shell/quote.js +30 -0
package/dist/smol/detect.js +67 -43
package/dist/smol/http.js +33 -37
package/dist/smol/https.js +31 -37
package/dist/smol/manifest.js +33 -37
package/dist/smol/path.js +33 -37
package/dist/smol/primordial.js +35 -37
package/dist/smol/purl.js +34 -37
package/dist/smol/versions.js +31 -37
package/dist/smol/vfs.js +46 -38
package/dist/sorts/_internal.js +14 -40
package/dist/sorts/natural.js +57 -64
package/dist/sorts/semver.js +33 -43
package/dist/sorts/strings.js +24 -30
package/dist/sorts/types.js +1 -17
package/dist/spinner/default.js +72 -63
package/dist/spinner/format.js +86 -71
package/dist/spinner/spinner.js +749 -797
package/dist/spinner/types.js +1 -17
package/dist/spinner/with.js +193 -137
package/dist/ssri/convert.js +64 -47
package/dist/ssri/parse.js +38 -37
package/dist/ssri/validate.js +51 -34
package/dist/stdio/_internal.js +50 -46
package/dist/stdio/clear.js +208 -86
package/dist/stdio/divider.js +170 -97
package/dist/stdio/footer.js +116 -110
package/dist/stdio/header.js +117 -90
package/dist/stdio/progress.js +189 -218
package/dist/stdio/prompts.js +244 -168
package/dist/stdio/stderr.js +173 -78
package/dist/stdio/stdout.js +177 -94
package/dist/streams/parallel.js +58 -50
package/dist/streams/transform.js +36 -45
package/dist/strings/format.js +145 -63
package/dist/strings/predicates.js +56 -34
package/dist/strings/search.js +52 -42
package/dist/strings/transform.js +113 -72
package/dist/strings/types.js +1 -17
package/dist/strings/width.js +89 -82
package/dist/tables/bordered.js +81 -81
package/dist/tables/padding.js +36 -46
package/dist/tables/simple.js +62 -70
package/dist/tables/types.js +1 -17
package/dist/temporal/instant.js +72 -81
package/dist/temporal/now.js +40 -31
package/dist/temporal/slots.js +42 -36
package/dist/temporal/system.js +36 -36
package/dist/temporal/temporal.js +11 -41
package/dist/themes/context.js +131 -69
package/dist/themes/resolve.js +207 -132
package/dist/themes/themes.js +225 -194
package/dist/themes/types.js +1 -17
package/dist/url/parse.js +48 -51
package/dist/url/predicates.js +24 -31
package/dist/url/search-params.js +133 -101
package/dist/url/types.js +1 -17
package/dist/versions/_internal.js +31 -33
package/dist/versions/compare.js +80 -58
package/dist/versions/modify.js +41 -39
package/dist/versions/parse.js +88 -64
package/dist/versions/range.js +58 -41
package/dist/versions/types.js +1 -17
package/dist/words/article.js +22 -30
package/dist/words/capitalize.js +25 -34
package/dist/words/pluralize.js +23 -31
package/dist/words/types.js +1 -17
package/package.json +17 -5

package/dist/ai/spawn.js CHANGED Viewed

@@ -1,207 +1,185 @@
 "use strict";
-/* Socket Lib - Built with esbuild */
-"use strict";
-var __defProp = Object.defineProperty;
-var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
-var __getOwnPropNames = Object.getOwnPropertyNames;
-var __hasOwnProp = Object.prototype.hasOwnProperty;
-var __export = (target, all) => {
-  for (var name in all)
-    __defProp(target, name, { get: all[name], enumerable: true });
-};
-var __copyProps = (to, from, except, desc) => {
-  if (from && typeof from === "object" || typeof from === "function") {
-    for (let key of __getOwnPropNames(from))
-      if (!__hasOwnProp.call(to, key) && key !== except)
-        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
-  }
-  return to;
-};
-var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
-var spawn_exports = {};
-__export(spawn_exports, {
-  backoffFor: () => backoffFor,
-  buildArgs: () => buildArgs,
-  isOverloaded: () => isOverloaded,
-  pickAgent: () => pickAgent,
-  spawnAiAgent: () => spawnAiAgent
-});
-module.exports = __toCommonJS(spawn_exports);
-var import_message = require("../errors/message");
-var import_object = require("../primordials/object");
-var import_child = require("../process/spawn/child");
-var import_errors = require("../process/spawn/errors");
-var import_discover = require("./discover");
+/* Socket Lib - Built with rolldown */
+Object.defineProperty(exports, Symbol.toStringTag, { value: 'Module' });
+const require_primordials_object = require('../primordials/object.js');
+const require_errors_message = require('../errors/message.js');
+const require_ai_discover = require('./discover.js');
+const require_process_spawn_errors = require('../process/spawn/errors.js');
+const require_process_spawn_child = require('../process/spawn/child.js');
+//#region src/ai/spawn.mts
+/**
+* @file Locked-down spawn for AI agent CLIs (Claude / Codex / Gemini /
+*   OpenCode). Per the CLAUDE.md "Programmatic Claude calls" rule: every
+*   headless invocation MUST set the four lockdown flags (tools / disallow /
+*   permissionMode / no-session-persistence). The helper enforces this at the
+*   type level (`SpawnAiAgentOptions` requires the relevant fields) AND at the
+*   spawn site (per-agent flag translator). Why CLI subprocess instead of an
+*   SDK call: the fleet's contract matches what the local user sees when
+*   invoking the CLI — same auth config, same model availability, same tool
+*   permissions. SDK calls would diverge on auth handling and force per-agent
+*   SDK installs. Retry: 3 attempts on overload (HTTP 529 / "Overloaded"), exp.
+*   backoff (5s / 15s / 45s). Each retry is a fresh subprocess.
+*/
 const MAX_ATTEMPTS = 3;
 const BACKOFF_BASE_MS = 5e3;
 function backoffFor(attempt) {
-  return BACKOFF_BASE_MS * 3 ** (attempt - 1);
+	return BACKOFF_BASE_MS * 3 ** (attempt - 1);
 }
+/**
+* Build CLI arg list for a given agent. The flag names differ across agents but
+* the conceptual surface is the same: "here are the allowed tools, here are the
+* denied tools, here is the permission mode, do not persist a session." This
+* translator is the single source of truth for how each agent's flags map.
+*
+* Update sites (when an agent changes its flag surface): 1. The relevant case
+* below. 2. The agent's docs link (cited inline).
+*/
 function buildArgs(agent, opts) {
-  const allAllowed = [...opts.tools, ...opts.allow ?? []];
-  switch (agent) {
-    case "claude": {
-      const args = [
-        "--print",
-        "--no-session-persistence",
-        "--permission-mode",
-        opts.permissionMode,
-        "--add-dir",
-        opts.cwd
-      ];
-      for (const dir of opts.addDirs ?? []) {
-        args.push("--add-dir", dir);
-      }
-      if (opts.model) {
-        args.push("--model", opts.model);
-      }
-      if (allAllowed.length > 0) {
-        args.push("--allowedTools", ...allAllowed);
-      }
-      if (opts.disallow.length > 0) {
-        args.push("--disallowedTools", ...opts.disallow);
-      }
-      if (opts.extraArgs) {
-        args.push(...opts.extraArgs);
-      }
-      return args;
-    }
-    case "codex": {
-      const args = ["--print"];
-      if (opts.permissionMode === "plan") {
-        args.push("--read-only");
-      }
-      if (opts.model) {
-        args.push("--model", opts.model);
-      }
-      if (allAllowed.length > 0) {
-        args.push("--tools", allAllowed.join(","));
-      }
-      if (opts.disallow.length > 0) {
-        args.push("--disallow-tools", opts.disallow.join(","));
-      }
-      args.push("--cwd", opts.cwd);
-      if (opts.extraArgs) {
-        args.push(...opts.extraArgs);
-      }
-      return args;
-    }
-    case "gemini": {
-      const args = ["--no-interactive", "--workspace", opts.cwd];
-      if (opts.model) {
-        args.push("--model", opts.model);
-      }
-      if (allAllowed.length > 0) {
-        args.push("--allowed-tools", allAllowed.join(","));
-      }
-      if (opts.disallow.length > 0) {
-        args.push("--denied-tools", opts.disallow.join(","));
-      }
-      if (opts.permissionMode === "plan") {
-        args.push("--read-only");
-      }
-      if (opts.extraArgs) {
-        args.push(...opts.extraArgs);
-      }
-      return args;
-    }
-    case "opencode": {
-      const args = ["--print", "--cwd", opts.cwd];
-      if (opts.model) {
-        args.push("--model", opts.model);
-      }
-      if (allAllowed.length > 0) {
-        args.push("--tools", allAllowed.join(","));
-      }
-      if (opts.disallow.length > 0) {
-        args.push("--no-tools", opts.disallow.join(","));
-      }
-      if (opts.extraArgs) {
-        args.push(...opts.extraArgs);
-      }
-      return args;
-    }
-  }
+	const allAllowed = [...opts.tools, ...opts.allow ?? []];
+	switch (agent) {
+		case "claude": {
+			const args = [
+				"--print",
+				"--no-session-persistence",
+				"--permission-mode",
+				opts.permissionMode,
+				"--add-dir",
+				opts.cwd
+			];
+			for (const dir of opts.addDirs ?? []) args.push("--add-dir", dir);
+			if (opts.model) args.push("--model", opts.model);
+			if (allAllowed.length > 0) args.push("--allowedTools", ...allAllowed);
+			if (opts.disallow.length > 0) args.push("--disallowedTools", ...opts.disallow);
+			if (opts.extraArgs) args.push(...opts.extraArgs);
+			return args;
+		}
+		case "codex": {
+			const args = ["--print"];
+			if (opts.permissionMode === "plan") args.push("--read-only");
+			if (opts.model) args.push("--model", opts.model);
+			if (allAllowed.length > 0) args.push("--tools", allAllowed.join(","));
+			if (opts.disallow.length > 0) args.push("--disallow-tools", opts.disallow.join(","));
+			args.push("--cwd", opts.cwd);
+			if (opts.extraArgs) args.push(...opts.extraArgs);
+			return args;
+		}
+		case "gemini": {
+			const args = [
+				"--no-interactive",
+				"--workspace",
+				opts.cwd
+			];
+			if (opts.model) args.push("--model", opts.model);
+			if (allAllowed.length > 0) args.push("--allowed-tools", allAllowed.join(","));
+			if (opts.disallow.length > 0) args.push("--denied-tools", opts.disallow.join(","));
+			if (opts.permissionMode === "plan") args.push("--read-only");
+			if (opts.extraArgs) args.push(...opts.extraArgs);
+			return args;
+		}
+		case "opencode": {
+			const args = [
+				"--print",
+				"--cwd",
+				opts.cwd
+			];
+			if (opts.model) args.push("--model", opts.model);
+			if (allAllowed.length > 0) args.push("--tools", allAllowed.join(","));
+			if (opts.disallow.length > 0) args.push("--no-tools", opts.disallow.join(","));
+			if (opts.extraArgs) args.push(...opts.extraArgs);
+			return args;
+		}
+	}
 }
 function isOverloaded(stdout, stderr) {
-  const re = /API Error: 529|Overloaded/i;
-  return re.test(stdout) || re.test(stderr);
+	const re = /API Error: 529|Overloaded/i;
+	return re.test(stdout) || re.test(stderr);
 }
 async function pickAgent(requested, cwd) {
-  const discovered = await (0, import_discover.discoverAiAgents)({ repoRoot: cwd });
-  if (requested) {
-    if (!(requested in discovered)) {
-      throw new Error(
-        `spawnAiAgent: requested agent "${requested}" is not on PATH. Install the CLI or pass a different agent. Discovered: ${(0, import_object.ObjectKeys)(discovered).join(", ") || "(none)"}`
-      );
-    }
-    return requested;
-  }
-  if ("claude" in discovered) {
-    return "claude";
-  }
-  for (const candidate of ["codex", "opencode", "gemini"]) {
-    if (candidate in discovered) {
-      return candidate;
-    }
-  }
-  throw new Error(
-    "spawnAiAgent: no AI agent CLI on PATH. Install one of: claude, codex, opencode, gemini."
-  );
+	const discovered = await require_ai_discover.discoverAiAgents({ repoRoot: cwd });
+	if (requested) {
+		if (!(requested in discovered)) throw new Error(`spawnAiAgent: requested agent "${requested}" is not on PATH. Install the CLI or pass a different agent. Discovered: ${require_primordials_object.ObjectKeys(discovered).join(", ") || "(none)"}`);
+		return requested;
+	}
+	if ("claude" in discovered) return "claude";
+	for (const candidate of [
+		"codex",
+		"opencode",
+		"gemini"
+	]) if (candidate in discovered) return candidate;
+	throw new Error("spawnAiAgent: no AI agent CLI on PATH. Install one of: claude, codex, opencode, gemini.");
 }
+/**
+* Spawn an AI agent CLI subprocess with the locked-down flag set.
+*
+* @example
+*   ```ts
+*   import { AI_PROFILE } from '@socketsecurity/lib/ai/profiles'
+*   import { spawnAiAgent } from '@socketsecurity/lib/ai/spawn'
+*
+*   const result = await spawnAiAgent({
+*   ...AI_PROFILE.edit,
+*   prompt: 'Fix the lint findings in src/foo.ts',
+*   cwd: process.cwd(),
+*   model: 'claude-sonnet-4-6',
+*   timeoutMs: 5 * 60 * 1000,
+*   })
+*   if (result.exitCode !== 0) { ... }
+*   ```
+*
+*   Throws when the requested agent isn't on PATH (or, when no agent
+*   is requested, when none of the known agents are on PATH).
+*/
 async function spawnAiAgent(opts) {
-  const agent = await pickAgent(opts.agent, opts.cwd);
-  const args = buildArgs(agent, opts);
-  let stdout = "";
-  let stderr = "";
-  let exitCode = 0;
-  let attempts = 0;
-  const start = Date.now();
-  while (attempts < MAX_ATTEMPTS) {
-    attempts += 1;
-    stdout = "";
-    stderr = "";
-    exitCode = 0;
-    try {
-      const child = (0, import_child.spawn)(agent, args, {
-        cwd: opts.cwd,
-        stdio: "pipe",
-        stdioString: true,
-        timeout: opts.timeoutMs
-      });
-      child.stdin?.end(opts.prompt);
-      const result = await child;
-      stdout = String(result.stdout ?? "");
-      stderr = String(result.stderr ?? "");
-      exitCode = result.code ?? 0;
-    } catch (e) {
-      if ((0, import_errors.isSpawnError)(e)) {
-        stdout = String(e.stdout ?? "");
-        stderr = String(e.stderr ?? "");
-        exitCode = e.code ?? 1;
-      } else {
-        stderr = (0, import_message.errorMessage)(e);
-        exitCode = 1;
-      }
-    }
-    if (!isOverloaded(stdout, stderr) || attempts >= MAX_ATTEMPTS) {
-      break;
-    }
-    await new Promise((resolve) => setTimeout(resolve, backoffFor(attempts)));
-  }
-  return {
-    attempts,
-    durationMs: Date.now() - start,
-    exitCode,
-    stderr,
-    stdout
-  };
+	const agent = await pickAgent(opts.agent, opts.cwd);
+	const args = buildArgs(agent, opts);
+	let stdout = "";
+	let stderr = "";
+	let exitCode = 0;
+	let attempts = 0;
+	const start = Date.now();
+	while (attempts < MAX_ATTEMPTS) {
+		attempts += 1;
+		stdout = "";
+		stderr = "";
+		exitCode = 0;
+		try {
+			const child = require_process_spawn_child.spawn(agent, args, {
+				cwd: opts.cwd,
+				stdio: "pipe",
+				stdioString: true,
+				timeout: opts.timeoutMs
+			});
+			child.stdin?.end(opts.prompt);
+			const result = await child;
+			stdout = String(result.stdout ?? "");
+			stderr = String(result.stderr ?? "");
+			exitCode = result.code ?? 0;
+		} catch (e) {
+			if (/* @__PURE__ */ require_process_spawn_errors.isSpawnError(e)) {
+				stdout = String(e.stdout ?? "");
+				stderr = String(e.stderr ?? "");
+				exitCode = e.code ?? 1;
+			} else {
+				stderr = require_errors_message.errorMessage(e);
+				exitCode = 1;
+			}
+		}
+		if (!isOverloaded(stdout, stderr) || attempts >= MAX_ATTEMPTS) break;
+		await new Promise((resolve) => setTimeout(resolve, backoffFor(attempts)));
+	}
+	return {
+		attempts,
+		durationMs: Date.now() - start,
+		exitCode,
+		stderr,
+		stdout
+	};
 }
-// Annotate the CommonJS export names for ESM import in node:
-0 && (module.exports = {
-  backoffFor,
-  buildArgs,
-  isOverloaded,
-  pickAgent,
-  spawnAiAgent
-});
+//#endregion
+exports.backoffFor = backoffFor;
+exports.buildArgs = buildArgs;
+exports.isOverloaded = isOverloaded;
+exports.pickAgent = pickAgent;
+exports.spawnAiAgent = spawnAiAgent;

package/dist/ai/types.js CHANGED Viewed

@@ -1,18 +1,2 @@
 "use strict";
-/* Socket Lib - Built with esbuild */
-"use strict";
-var __defProp = Object.defineProperty;
-var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
-var __getOwnPropNames = Object.getOwnPropertyNames;
-var __hasOwnProp = Object.prototype.hasOwnProperty;
-var __copyProps = (to, from, except, desc) => {
-  if (from && typeof from === "object" || typeof from === "function") {
-    for (let key of __getOwnPropNames(from))
-      if (!__hasOwnProp.call(to, key) && key !== except)
-        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
-  }
-  return to;
-};
-var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
-var types_exports = {};
-module.exports = __toCommonJS(types_exports);
+/* Socket Lib - Built with rolldown */