npm - @socketsecurity/lib - Versions diffs - 6.0.5 → 6.0.7 - Mend

@socketsecurity/lib 6.0.5 → 6.0.7

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (534) hide show

package/CHANGELOG.md +43 -0
package/dist/ai/discover.d.mts +2 -2
package/dist/ai/discover.js +6 -4
package/dist/ai/spawn.js +10 -6
package/dist/ai/types.d.mts +18 -6
package/dist/ai/worktree.d.mts +6 -6
package/dist/ai/worktree.js +12 -7
package/dist/ansi/strip.d.ts +1 -1
package/dist/ansi/strip.js +0 -2
package/dist/archives/_internal.js +7 -9
package/dist/archives/extract.js +1 -1
package/dist/archives/tar.js +6 -6
package/dist/archives/zip.js +4 -6
package/dist/argv/flag-predicates.d.ts +12 -12
package/dist/argv/flag-predicates.js +17 -17
package/dist/argv/flag-types.d.ts +18 -18
package/dist/argv/flag-types.js +4 -4
package/dist/argv/parse.d.ts +1 -1
package/dist/arrays/_internal.js +11 -12
package/dist/arrays/chunk.js +0 -1
package/dist/arrays/join.d.ts +37 -3
package/dist/arrays/join.js +43 -7
package/dist/arrays/unique.js +0 -1
package/dist/bin/_internal.d.ts +1 -1
package/dist/bin/_internal.js +1 -1
package/dist/bin/acorn-bindgen.cjs +769 -0
package/dist/bin/acorn.wasm +0 -0
package/dist/bin/exec.js +2 -3
package/dist/bin/find.js +13 -13
package/dist/bin/prim.cjs +39244 -0
package/dist/bin/resolve.js +12 -13
package/dist/bin/which.js +8 -8
package/dist/cache/ttl/store.js +5 -5
package/dist/checks/primordials-defaults.d.ts +3 -3
package/dist/checks/primordials-defaults.js +3 -3
package/dist/checks/primordials.js +4 -3
package/dist/{bin → cli}/check-primordials.d.ts +11 -11
package/dist/{bin → cli}/check-primordials.js +56 -52
package/dist/{bin → cli}/check.js +6 -5
package/dist/{bin → cli}/socket-lib.d.ts +1 -1
package/dist/{bin → cli}/socket-lib.js +4 -4
package/dist/colors/socket-palette.js +7 -9
package/dist/compression/_internal.d.ts +12 -12
package/dist/compression/_internal.js +20 -19
package/dist/compression/brotli.d.ts +25 -25
package/dist/compression/brotli.js +37 -44
package/dist/compression/gzip.d.ts +23 -23
package/dist/compression/gzip.js +44 -52
package/dist/constants/agents.d.ts +3 -1
package/dist/constants/agents.js +15 -11
package/dist/constants/licenses.js +3 -3
package/dist/constants/node.d.ts +23 -0
package/dist/constants/node.js +47 -15
package/dist/constants/packages.js +22 -28
package/dist/constants/platform.d.ts +30 -3
package/dist/constants/platform.js +72 -12
package/dist/constants/runtime.d.ts +22 -0
package/dist/constants/runtime.js +32 -0
package/dist/constants/socket.js +1 -1
package/dist/cover/code.js +8 -8
package/dist/cover/formatters.js +5 -5
package/dist/crypto/hash.d.ts +26 -1
package/dist/crypto/hash.js +43 -12
package/dist/debug/_internal.js +4 -6
package/dist/debug/caller-info.js +2 -3
package/dist/debug/namespace.d.ts +7 -0
package/dist/debug/namespace.js +21 -12
package/dist/debug/output.js +21 -24
package/dist/debug/types.d.ts +4 -4
package/dist/dlx/arborist.js +6 -6
package/dist/dlx/binary-cache.js +14 -14
package/dist/dlx/binary-download.d.ts +1 -1
package/dist/dlx/binary-download.js +14 -13
package/dist/dlx/binary-resolution.js +16 -14
package/dist/dlx/binary-types.d.ts +5 -5
package/dist/dlx/binary.js +5 -5
package/dist/dlx/cache.js +1 -1
package/dist/dlx/detect.d.ts +34 -25
package/dist/dlx/detect.js +86 -77
package/dist/dlx/dir.js +2 -2
package/dist/dlx/firewall.d.ts +1 -1
package/dist/dlx/lockfile.d.ts +19 -18
package/dist/dlx/lockfile.js +16 -16
package/dist/dlx/manifest.d.ts +6 -6
package/dist/dlx/manifest.js +5 -5
package/dist/dlx/package.d.ts +10 -10
package/dist/dlx/package.js +16 -16
package/dist/dlx/packages.js +4 -4
package/dist/dlx/paths.js +7 -7
package/dist/dlx/spec.js +1 -1
package/dist/dlx/types.d.ts +28 -27
package/dist/eco/cargo/parse-lockfile.d.ts +1 -1
package/dist/eco/cargo/parse-lockfile.js +2 -2
package/dist/eco/manifest/analyze-lockfile.js +2 -2
package/dist/eco/manifest/detect-format.js +4 -4
package/dist/eco/manifest/find-packages.js +2 -2
package/dist/eco/manifest/get-package-versions.js +2 -2
package/dist/eco/manifest/get-package.js +2 -2
package/dist/eco/manifest/parse-lockfile.js +2 -2
package/dist/eco/manifest/parse-manifest.js +2 -2
package/dist/eco/manifest/parse.js +2 -2
package/dist/eco/npm/npm/exec.js +2 -2
package/dist/eco/npm/npm/flags.js +7 -12
package/dist/eco/npm/npm/parse-lockfile.d.ts +14 -14
package/dist/eco/npm/npm/parse-lockfile.js +3 -3
package/dist/eco/npm/parse-package-json.js +3 -3
package/dist/eco/npm/pnpm/exec.d.ts +1 -1
package/dist/eco/npm/pnpm/exec.js +5 -5
package/dist/eco/npm/pnpm/flags.js +0 -3
package/dist/eco/npm/pnpm/parse-lockfile.d.ts +1 -1
package/dist/eco/npm/pnpm/parse-lockfile.js +4 -4
package/dist/eco/npm/script.js +9 -6
package/dist/eco/npm/yarnpkg/yarn/exec.js +3 -3
package/dist/eco/npm/yarnpkg/yarn/parse-lockfile.d.ts +2 -2
package/dist/eco/npm/yarnpkg/yarn/parse-lockfile.js +8 -8
package/dist/effects/pulse-frames.d.ts +3 -1
package/dist/effects/shimmer-keyframes.d.ts +1 -1
package/dist/effects/shimmer-terminal.d.ts +1 -1
package/dist/env/boolean.js +0 -1
package/dist/env/ci.js +0 -1
package/dist/env/debug.js +0 -1
package/dist/env/github-status.d.ts +51 -0
package/dist/env/github-status.js +90 -0
package/dist/env/github.js +0 -8
package/dist/env/home.js +0 -1
package/dist/env/locale.js +0 -3
package/dist/env/node-auth-token.js +0 -1
package/dist/env/node-env.js +0 -1
package/dist/env/node-version-managers.d.ts +53 -0
package/dist/env/node-version-managers.js +90 -0
package/dist/env/npm.js +0 -5
package/dist/env/number.js +0 -1
package/dist/env/package-manager.js +3 -6
package/dist/env/path.js +0 -1
package/dist/env/pre-commit.js +1 -2
package/dist/env/rewire.d.ts +7 -6
package/dist/env/rewire.js +15 -16
package/dist/env/shell.js +0 -1
package/dist/env/socket-cli.js +5 -18
package/dist/env/socket-mcp.d.ts +114 -0
package/dist/env/socket-mcp.js +146 -0
package/dist/env/socket.d.ts +1 -109
package/dist/env/socket.js +12 -166
package/dist/env/string.js +0 -1
package/dist/env/temp-dir.js +0 -3
package/dist/env/term.js +0 -1
package/dist/env/test.js +3 -6
package/dist/env/windows.js +0 -4
package/dist/env/xdg.js +0 -3
package/dist/events/exit/_internal.d.ts +11 -9
package/dist/events/exit/_internal.js +31 -35
package/dist/events/exit/handler.js +3 -4
package/dist/events/exit/intercept.js +4 -6
package/dist/events/exit/lifecycle.js +16 -18
package/dist/events/exit/signals.js +1 -2
package/dist/events/exit/types.d.ts +6 -5
package/dist/external/@npmcli/package-json.js +2 -2
package/dist/external/@sinclair/typebox/value.js +5 -1
package/dist/external/@sinclair/typebox.js +5 -1
package/dist/external/@socketregistry/packageurl-js.js +27 -0
package/dist/external/npm-pack.js +2 -2
package/dist/external-tools/bazel/read-bazel-version-file.js +1 -1
package/dist/external-tools/bazel/resolve.js +2 -1
package/dist/external-tools/bazel/types.d.ts +1 -1
package/dist/external-tools/cdxgen/from-vfs.js +1 -1
package/dist/external-tools/cdxgen/resolve.js +2 -1
package/dist/external-tools/cdxgen/types.d.ts +1 -1
package/dist/external-tools/from-download.d.ts +1 -1
package/dist/external-tools/from-download.js +1 -1
package/dist/external-tools/from-pip-venv.d.ts +73 -0
package/dist/external-tools/from-pip-venv.js +98 -0
package/dist/external-tools/janus/asset-names.js +1 -1
package/dist/external-tools/janus/from-download.js +3 -5
package/dist/external-tools/janus/from-vfs.js +1 -1
package/dist/external-tools/janus/resolve.js +2 -1
package/dist/external-tools/janus/types.d.ts +1 -1
package/dist/external-tools/jre/detect-platform-arch.d.ts +10 -6
package/dist/external-tools/jre/detect-platform-arch.js +29 -14
package/dist/external-tools/jre/from-download.js +2 -1
package/dist/external-tools/jre/from-vfs.js +1 -1
package/dist/external-tools/jre/resolve.js +2 -1
package/dist/external-tools/jre/types.d.ts +1 -1
package/dist/external-tools/manifest.d.ts +7 -7
package/dist/external-tools/manifest.js +18 -16
package/dist/external-tools/opengrep/from-vfs.js +1 -1
package/dist/external-tools/opengrep/resolve.js +2 -1
package/dist/external-tools/opengrep/types.d.ts +1 -1
package/dist/external-tools/python/asset-names.d.ts +76 -0
package/dist/external-tools/python/asset-names.js +104 -0
package/dist/external-tools/python/dlx.d.ts +80 -0
package/dist/external-tools/python/dlx.js +87 -0
package/dist/external-tools/python/from-download.d.ts +53 -0
package/dist/external-tools/python/from-download.js +68 -0
package/dist/external-tools/python/from-path.d.ts +7 -0
package/dist/external-tools/python/from-path.js +23 -0
package/dist/external-tools/python/pin.d.ts +121 -0
package/dist/external-tools/python/pin.js +173 -0
package/dist/external-tools/python/pip-install.d.ts +75 -0
package/dist/external-tools/python/pip-install.js +139 -0
package/dist/external-tools/python/resolve.d.ts +42 -0
package/dist/external-tools/python/resolve.js +58 -0
package/dist/external-tools/python/types.d.ts +49 -0
package/dist/external-tools/sbt/from-vfs.js +1 -1
package/dist/external-tools/sbt/resolve.js +2 -1
package/dist/external-tools/sbt/types.d.ts +1 -1
package/dist/external-tools/skillspector/from-dlx.d.ts +24 -0
package/dist/external-tools/skillspector/from-dlx.js +41 -0
package/dist/external-tools/skillspector/from-path.d.ts +8 -0
package/dist/external-tools/skillspector/from-path.js +30 -0
package/dist/external-tools/skillspector/from-vfs.d.ts +8 -0
package/dist/external-tools/skillspector/from-vfs.js +27 -0
package/dist/external-tools/skillspector/resolve.d.ts +34 -0
package/dist/external-tools/skillspector/resolve.js +53 -0
package/dist/external-tools/skillspector/types.d.ts +24 -0
package/dist/external-tools/skillspector/types.js +2 -0
package/dist/external-tools/synp/from-download.js +2 -2
package/dist/external-tools/synp/from-vfs.js +1 -1
package/dist/external-tools/synp/resolve.js +2 -1
package/dist/external-tools/trivy/from-vfs.js +1 -1
package/dist/external-tools/trivy/resolve.js +2 -1
package/dist/external-tools/trivy/types.d.ts +1 -1
package/dist/external-tools/trufflehog/from-vfs.js +1 -1
package/dist/external-tools/trufflehog/resolve.js +2 -1
package/dist/external-tools/trufflehog/types.d.ts +1 -1
package/dist/fs/_internal.d.ts +1 -1
package/dist/fs/_internal.js +7 -7
package/dist/fs/access.js +5 -9
package/dist/fs/{path-cache.js → allowed-dirs-cache.js} +1 -1
package/dist/fs/encoding.js +5 -7
package/dist/fs/{find-up.js → find.js} +11 -13
package/dist/fs/inspect.js +7 -13
package/dist/fs/read-dir.js +7 -10
package/dist/fs/read-file.js +8 -14
package/dist/fs/read-json-cache.d.ts +6 -4
package/dist/fs/read-json-cache.js +9 -6
package/dist/fs/read-json.js +4 -6
package/dist/fs/resolve-module.js +1 -1
package/dist/fs/safe.d.ts +1 -1
package/dist/fs/safe.js +12 -13
package/dist/fs/unique.js +4 -5
package/dist/fs/validate.js +1 -2
package/dist/fs/write-json.js +4 -5
package/dist/git/_internal.js +12 -11
package/dist/git/changed.js +4 -4
package/dist/git/repo.js +3 -3
package/dist/git/staged.js +4 -4
package/dist/git/unstaged.js +4 -4
package/dist/github/ghsa.js +2 -2
package/dist/github/refs-cache.d.ts +1 -1
package/dist/github/refs-cache.js +5 -5
package/dist/github/refs-rest.js +5 -5
package/dist/github/{fetch.js → request.js} +13 -2
package/dist/github/token.js +1 -1
package/dist/github/types.d.ts +1 -1
package/dist/globs/_internal.js +7 -9
package/dist/globs/match.js +6 -7
package/dist/globs/matcher.d.ts +3 -3
package/dist/globs/matcher.js +12 -14
package/dist/globs/stream.js +1 -2
package/dist/globs/types.d.ts +24 -24
package/dist/http-request/_internal.d.ts +1 -1
package/dist/http-request/browser.js +21 -13
package/dist/http-request/checksum-file.d.ts +55 -0
package/dist/http-request/checksum-file.js +95 -0
package/dist/http-request/download-types.d.ts +15 -23
package/dist/http-request/download.js +4 -4
package/dist/http-request/headers.d.ts +32 -3
package/dist/http-request/headers.js +41 -13
package/dist/http-request/request-attempt.js +38 -33
package/dist/http-request/request-types.d.ts +7 -2
package/dist/http-request/request.js +33 -16
package/dist/http-request/response-reader.d.ts +12 -1
package/dist/http-request/response-reader.js +22 -2
package/dist/http-request/user-agent.js +3 -4
package/dist/integrity.d.ts +86 -18
package/dist/integrity.js +119 -30
package/dist/ipc/directory.js +2 -2
package/dist/ipc/paths.js +1 -1
package/dist/ipc/write.js +1 -1
package/dist/ipc-cli/get.js +12 -12
package/dist/json/edit.js +13 -14
package/dist/json/format.js +2 -2
package/dist/json/parse.d.ts +1 -1
package/dist/json/parse.js +3 -7
package/dist/logger/_internal.d.ts +4 -4
package/dist/logger/_internal.js +3 -3
package/dist/logger/colors.js +4 -3
package/dist/logger/console-methods.d.ts +132 -0
package/dist/logger/console-methods.js +169 -0
package/dist/logger/console.d.ts +12 -0
package/dist/logger/console.js +42 -11
package/dist/logger/indentation-methods.d.ts +81 -0
package/dist/logger/indentation-methods.js +121 -0
package/dist/logger/node.d.ts +16 -338
package/dist/logger/node.js +75 -608
package/dist/logger/options.d.ts +39 -0
package/dist/logger/options.js +47 -0
package/dist/logger/semantic-methods.d.ts +63 -0
package/dist/logger/semantic-methods.js +108 -0
package/dist/logger/stream-methods.d.ts +63 -0
package/dist/logger/stream-methods.js +101 -0
package/dist/logger/stream.d.ts +37 -0
package/dist/logger/stream.js +42 -0
package/dist/logger/symbols-builder.js +9 -9
package/dist/logger/symbols.d.ts +2 -25
package/dist/logger/symbols.js +53 -74
package/dist/logger/types.d.ts +1 -1
package/dist/memo/types.d.ts +6 -6
package/dist/native-messaging/host.d.ts +20 -0
package/dist/native-messaging/host.js +120 -0
package/dist/native-messaging/index.d.ts +5 -0
package/dist/native-messaging/index.js +22 -0
package/dist/native-messaging/install.d.ts +60 -0
package/dist/native-messaging/install.js +141 -0
package/dist/native-messaging/rate-limit.d.ts +62 -0
package/dist/native-messaging/rate-limit.js +115 -0
package/dist/native-messaging/run.d.ts +10 -0
package/dist/native-messaging/run.js +17 -0
package/dist/node/async-hooks.js +4 -3
package/dist/node/child-process.js +4 -3
package/dist/node/crypto.js +4 -3
package/dist/node/events.js +4 -3
package/dist/node/fs-promises.js +4 -3
package/dist/node/fs.js +4 -3
package/dist/node/http.js +4 -3
package/dist/node/https.js +4 -3
package/dist/node/module.js +10 -6
package/dist/node/os.js +4 -3
package/dist/node/path.js +4 -3
package/dist/node/timers-promises.js +4 -3
package/dist/node/url.js +4 -3
package/dist/node/util.js +4 -3
package/dist/objects/getters.js +5 -7
package/dist/objects/inspect.js +1 -4
package/dist/objects/mutate.js +2 -3
package/dist/objects/predicates.js +0 -4
package/dist/objects/sort.js +3 -7
package/dist/packages/edit-class.js +15 -16
package/dist/packages/edit.js +12 -14
package/dist/packages/exports.js +11 -17
package/dist/packages/fetch.d.ts +16 -0
package/dist/packages/fetch.js +81 -0
package/dist/packages/find.d.ts +55 -0
package/dist/packages/find.js +65 -0
package/dist/packages/isolation.js +14 -14
package/dist/packages/licenses.js +16 -16
package/dist/packages/manifest.js +12 -15
package/dist/packages/metadata-extensions.d.ts +14 -0
package/dist/packages/metadata-extensions.js +43 -0
package/dist/packages/normalize.js +5 -9
package/dist/packages/provenance.d.ts +6 -0
package/dist/packages/provenance.js +25 -18
package/dist/packages/read.d.ts +29 -0
package/dist/packages/read.js +66 -0
package/dist/packages/specs.d.ts +48 -1
package/dist/packages/specs.js +74 -11
package/dist/packages/tarball.d.ts +24 -0
package/dist/packages/tarball.js +79 -0
package/dist/packages/types.d.ts +21 -20
package/dist/packages/validation.js +0 -3
package/dist/paths/_internal.d.ts +2 -1
package/dist/paths/_internal.js +7 -19
package/dist/paths/conversion.js +5 -9
package/dist/paths/filenames.d.ts +0 -1
package/dist/paths/filenames.js +0 -2
package/dist/paths/normalize.js +6 -5
package/dist/paths/packages.js +4 -7
package/dist/paths/predicates.js +9 -16
package/dist/paths/resolve.js +11 -14
package/dist/paths/rewire.js +3 -3
package/dist/paths/socket.js +16 -16
package/dist/paths/walk.d.ts +1 -1
package/dist/paths/walk.js +4 -4
package/dist/perf/report.js +2 -2
package/dist/perf/types.d.ts +1 -1
package/dist/pkg-ext/data.js +1 -1
package/dist/primordials/array.js +9 -9
package/dist/primordials/date.js +2 -2
package/dist/primordials/error.js +3 -3
package/dist/primordials/headers.d.ts +10 -0
package/dist/primordials/headers.js +23 -0
package/dist/primordials/intl.d.ts +13 -0
package/dist/primordials/intl.js +26 -0
package/dist/primordials/math.js +33 -33
package/dist/primordials/number.js +9 -9
package/dist/primordials/object.js +5 -5
package/dist/primordials/string.d.ts +2 -2
package/dist/primordials/string.js +6 -6
package/dist/primordials/symbol.js +3 -3
package/dist/primordials/uncurry.js +9 -9
package/dist/process/abort.js +3 -3
package/dist/process/lock-manager.js +8 -8
package/dist/process/spawn/_internal.js +6 -8
package/dist/process/spawn/child.js +14 -14
package/dist/process/spawn/errors.js +2 -4
package/dist/process/spawn/kill-tree.d.ts +53 -0
package/dist/process/spawn/kill-tree.js +85 -0
package/dist/process/spawn/stdio.js +0 -1
package/dist/process/spawn/types.d.ts +5 -5
package/dist/process/transient.js +2 -2
package/dist/promises/_internal.d.ts +2 -1
package/dist/promises/_internal.js +2 -6
package/dist/promises/iterate.js +12 -16
package/dist/promises/options.js +3 -6
package/dist/promises/retry.js +4 -5
package/dist/promises/timers.d.ts +30 -0
package/dist/promises/timers.js +48 -0
package/dist/releases/github-archives.d.ts +6 -6
package/dist/releases/github-archives.js +2 -2
package/dist/releases/github-asset-url.d.ts +1 -1
package/dist/releases/github-asset-url.js +5 -5
package/dist/releases/github-downloads.d.ts +1 -1
package/dist/releases/github-downloads.js +3 -3
package/dist/releases/github-listing.d.ts +11 -2
package/dist/releases/github-listing.js +20 -7
package/dist/releases/github-retry-config.js +1 -1
package/dist/releases/github-types.d.ts +6 -6
package/dist/releases/socket-btm-binary-naming.d.ts +107 -0
package/dist/releases/socket-btm-binary-naming.js +155 -0
package/dist/releases/socket-btm.d.ts +8 -115
package/dist/releases/socket-btm.js +16 -159
package/dist/schema/types.d.ts +1 -1
package/dist/sea/detect.js +6 -6
package/dist/secrets/_internal.d.ts +2 -2
package/dist/secrets/_internal.js +5 -4
package/dist/secrets/compare.d.ts +45 -0
package/dist/secrets/compare.js +61 -0
package/dist/secrets/keychain.js +9 -6
package/dist/secrets/linux.js +25 -23
package/dist/secrets/macos.d.ts +1 -1
package/dist/secrets/macos.js +18 -16
package/dist/secrets/rc.d.ts +2 -2
package/dist/secrets/rc.js +15 -10
package/dist/secrets/socket-api-token.d.ts +4 -4
package/dist/secrets/socket-api-token.js +18 -9
package/dist/secrets/windows.js +21 -17
package/dist/shadow/skip.js +2 -2
package/dist/shell/parse.d.ts +108 -1
package/dist/shell/parse.js +168 -2
package/dist/smol/detect.js +9 -10
package/dist/smol/http.js +6 -7
package/dist/smol/https.js +6 -7
package/dist/smol/manifest.d.ts +1 -1
package/dist/smol/manifest.js +6 -7
package/dist/smol/path.d.ts +1 -1
package/dist/smol/path.js +7 -8
package/dist/smol/primordial.d.ts +4 -0
package/dist/smol/primordial.js +6 -7
package/dist/smol/purl.d.ts +1 -1
package/dist/smol/purl.js +7 -8
package/dist/smol/versions.js +6 -7
package/dist/smol/vfs.js +6 -7
package/dist/sorts/_internal.js +6 -8
package/dist/sorts/natural.js +10 -12
package/dist/sorts/semver.js +1 -2
package/dist/sorts/strings.js +0 -1
package/dist/sorts/types.d.ts +1 -1
package/dist/spinner/create-spinner-class.d.ts +38 -0
package/dist/spinner/create-spinner-class.js +302 -0
package/dist/spinner/default.js +8 -9
package/dist/spinner/spinner-internals.d.ts +36 -0
package/dist/spinner/spinner-internals.js +101 -0
package/dist/spinner/spinner-shimmer-methods.d.ts +54 -0
package/dist/spinner/spinner-shimmer-methods.js +143 -0
package/dist/spinner/spinner-status-methods.d.ts +40 -0
package/dist/spinner/spinner-status-methods.js +133 -0
package/dist/spinner/spinner.d.ts +4 -5
package/dist/spinner/spinner.js +18 -705
package/dist/spinner/types.d.ts +3 -1
package/dist/spinner/with.d.ts +10 -0
package/dist/spinner/with.js +16 -2
package/dist/stdio/divider.js +1 -1
package/dist/stdio/footer.js +3 -3
package/dist/stdio/header.js +4 -4
package/dist/stdio/progress.js +5 -5
package/dist/stdio/prompts.d.ts +5 -3
package/dist/stdio/prompts.js +6 -7
package/dist/stdio/stdout.js +3 -3
package/dist/streams/parallel.js +3 -5
package/dist/streams/transform.js +2 -3
package/dist/strings/format.js +2 -6
package/dist/strings/predicates.js +0 -2
package/dist/strings/search.js +1 -2
package/dist/strings/transform.js +0 -3
package/dist/strings/width.js +9 -10
package/dist/tables/bordered.js +4 -3
package/dist/tables/padding.js +1 -1
package/dist/tables/simple.js +8 -5
package/dist/temporal/instant.js +4 -2
package/dist/temporal/slots.js +7 -6
package/dist/temporal/system.js +9 -9
package/dist/themes/context.d.ts +3 -2
package/dist/themes/context.js +4 -5
package/dist/themes/themes.js +15 -15
package/dist/themes/types.d.ts +3 -3
package/dist/url/parse.js +0 -2
package/dist/url/predicates.js +1 -2
package/dist/url/search-params.js +3 -9
package/dist/url/types.d.ts +5 -5
package/dist/versions/_internal.js +3 -3
package/dist/words/article.js +0 -1
package/dist/words/capitalize.js +0 -1
package/dist/words/pluralize.d.ts +24 -2
package/dist/words/pluralize.js +47 -2
package/dist/words/types.d.ts +25 -2
package/package.json +289 -108
package/dist/external-tools/uv/asset-names.d.ts +0 -36
package/dist/external-tools/uv/asset-names.js +0 -70
package/dist/external-tools/uv/from-download.d.ts +0 -17
package/dist/external-tools/uv/from-download.js +0 -47
package/dist/external-tools/uv/from-path.d.ts +0 -5
package/dist/external-tools/uv/from-path.js +0 -22
package/dist/external-tools/uv/from-vfs.d.ts +0 -7
package/dist/external-tools/uv/from-vfs.js +0 -26
package/dist/external-tools/uv/resolve.d.ts +0 -25
package/dist/external-tools/uv/resolve.js +0 -52
package/dist/external-tools/uv/types.d.ts +0 -24
package/dist/http-request/checksums.d.ts +0 -69
package/dist/http-request/checksums.js +0 -108
package/dist/http-request/http-request.d.ts +0 -12
package/dist/http-request/http-request.js +0 -11
package/dist/packages/operations.d.ts +0 -113
package/dist/packages/operations.js +0 -304
package/dist/ssri/convert.d.ts +0 -48
package/dist/ssri/convert.js +0 -69
package/dist/ssri/parse.d.ts +0 -27
package/dist/ssri/parse.js +0 -41
package/dist/ssri/validate.d.ts +0 -41
package/dist/ssri/validate.js +0 -56
/package/dist/{bin → cli}/check.d.ts +0 -0
/package/dist/external-tools/{uv → python}/types.js +0 -0
/package/dist/fs/{path-cache.d.ts → allowed-dirs-cache.d.ts} +0 -0
/package/dist/fs/{find-up.d.ts → find.d.ts} +0 -0
/package/dist/github/{fetch.d.ts → request.d.ts} +0 -0

package/dist/dlx/detect.d.ts CHANGED Viewed

@@ -11,36 +11,13 @@
  *   - DLX cache: Check for node_modules/ directory
  *   - Local paths: Check for package.json with bin field, then file extension
  */
-export declare function packageJsonPathCacheSet(key: string, value: string | undefined): void;
 export type ExecutableType = 'package' | 'binary' | 'unknown';
 export interface ExecutableDetectionResult {
     type: ExecutableType;
     method: 'dlx-cache' | 'package-json' | 'file-extension';
-    packageJsonPath?: string;
-    inDlxCache?: boolean;
+    packageJsonPath?: string | undefined;
+    inDlxCache?: boolean | undefined;
 }
-/**
- * Find package.json in the directory containing the file or parent directories.
- * Results are cached to avoid repeated directory traversal.
- *
- * @private
- *
- * @param filePath - Path to search from.
- *
- * @returns Path to package.json if found, undefined otherwise
- */
-export declare function findPackageJson(filePath: string): string | undefined;
-/**
- * Read and parse package.json with caching. Results are cached to avoid
- * repeated file reads.
- *
- * @private
- *
- * @param packageJsonPath - Path to package.json.
- *
- * @returns Parsed package.json or null if invalid
- */
-export declare function readPackageJson(packageJsonPath: string): object | undefined;
 /**
  * Detect executable type for paths in DLX cache. Uses filesystem structure
  * (node_modules/ presence).
@@ -95,6 +72,17 @@ export declare function detectExecutableType(filePath: string): ExecutableDetect
  * @returns Detection result
  */
 export declare function detectLocalExecutableType(filePath: string): ExecutableDetectionResult;
+/**
+ * Find package.json in the directory containing the file or parent directories.
+ * Results are cached to avoid repeated directory traversal.
+ *
+ * @private
+ *
+ * @param filePath - Path to search from.
+ *
+ * @returns Path to package.json if found, undefined otherwise
+ */
+export declare function findPackageJson(filePath: string): string | undefined;
 /**
  * Check if a file path indicates a Node.js script.
  *
@@ -138,3 +126,24 @@ export declare function isNativeBinary(filePath: string): boolean;
  * @returns True if detected as Node.js package
  */
 export declare function isNodePackage(filePath: string): boolean;
+/**
+ * Set a package.json path cache entry, evicting the oldest when the LRU is
+ * full.
+ *
+ * @private
+ *
+ * @param key - Start directory used as the cache key.
+ * @param value - Resolved package.json path, or undefined for a negative entry.
+ */
+export declare function packageJsonPathCacheSet(key: string, value: string | undefined): void;
+/**
+ * Read and parse package.json with caching. Results are cached to avoid
+ * repeated file reads.
+ *
+ * @private
+ *
+ * @param packageJsonPath - Path to package.json.
+ *
+ * @returns Parsed package.json or null if invalid
+ */
+export declare function readPackageJson(packageJsonPath: string): object | undefined;

package/dist/dlx/detect.js CHANGED Viewed

@@ -8,7 +8,7 @@ const require_primordials_date = require('../primordials/date.js');
 const require_primordials_json = require('../primordials/json.js');
 const require_paths_socket = require('../paths/socket.js');
 const require_dlx_paths = require('./paths.js');
-const require_fs_find_up = require('../fs/find-up.js');
+const require_fs_find = require('../fs/find.js');
 //#region src/dlx/detect.ts
 /**
@@ -35,81 +35,8 @@ const NODE_JS_EXTENSIONS = new require_primordials_map_set.SetCtor([
 const PACKAGE_JSON_PATH_CACHE_MAX_SIZE = 200;
 const PACKAGE_JSON_NEGATIVE_TTL_MS = 1e4;
 const packageJsonPathCache = new require_primordials_map_set.MapCtor();
-function packageJsonPathCacheSet(key, value) {
-	if (packageJsonPathCache.has(key)) packageJsonPathCache.delete(key);
-	else if (packageJsonPathCache.size >= PACKAGE_JSON_PATH_CACHE_MAX_SIZE) {
-		const oldest = packageJsonPathCache.keys().next().value;
-		if (oldest !== void 0) packageJsonPathCache.delete(oldest);
-	}
-	packageJsonPathCache.set(key, {
-		path: value,
-		at: Date.now()
-	});
-}
 const packageJsonContentCache = new require_primordials_map_set.MapCtor();
 /**
-* Find package.json in the directory containing the file or parent directories.
-* Results are cached to avoid repeated directory traversal.
-*
-* @private
-*
-* @param filePath - Path to search from.
-*
-* @returns Path to package.json if found, undefined otherwise
-*/
-function findPackageJson(filePath) {
-	const fs = /* @__PURE__ */ require_node_fs.getNodeFs();
-	const nodePath = /* @__PURE__ */ require_node_path.getNodePath();
-	const startDir = nodePath.dirname(nodePath.resolve(filePath));
-	const cached = packageJsonPathCache.get(startDir);
-	if (cached !== void 0) if (cached.path === void 0) {
-		if (require_primordials_date.DateNow() - cached.at < PACKAGE_JSON_NEGATIVE_TTL_MS) return;
-		packageJsonPathCache.delete(startDir);
-	} else if (fs.existsSync(cached.path)) {
-		packageJsonPathCacheSet(startDir, cached.path);
-		return cached.path;
-	} else packageJsonPathCache.delete(startDir);
-	const packageJsonPath = /* @__PURE__ */ require_fs_find_up.findUpSync("package.json", { cwd: startDir });
-	packageJsonPathCacheSet(startDir, packageJsonPath);
-	return packageJsonPath;
-}
-/**
-* Read and parse package.json with caching. Results are cached to avoid
-* repeated file reads.
-*
-* @private
-*
-* @param packageJsonPath - Path to package.json.
-*
-* @returns Parsed package.json or null if invalid
-*/
-function readPackageJson(packageJsonPath) {
-	const fs = /* @__PURE__ */ require_node_fs.getNodeFs();
-	let mtimeMs = 0;
-	try {
-		mtimeMs = fs.statSync(packageJsonPath).mtimeMs;
-	} catch {
-		packageJsonContentCache.delete(packageJsonPath);
-		return;
-	}
-	const cached = packageJsonContentCache.get(packageJsonPath);
-	if (cached !== void 0 && cached.mtimeMs === mtimeMs) return cached.content;
-	try {
-		const content = require_primordials_json.JSONParse(fs.readFileSync(packageJsonPath, "utf8"));
-		packageJsonContentCache.set(packageJsonPath, {
-			mtimeMs,
-			content
-		});
-		return content;
-	} catch {
-		packageJsonContentCache.set(packageJsonPath, {
-			mtimeMs,
-			content: void 0
-		});
-		return;
-	}
-}
-/**
 * Detect executable type for paths in DLX cache. Uses filesystem structure
 * (node_modules/ presence).
 *
@@ -124,8 +51,8 @@ function readPackageJson(packageJsonPath) {
 * @returns Detection result
 */
 function detectDlxExecutableType(filePath) {
-	const fs = /* @__PURE__ */ require_node_fs.getNodeFs();
-	const path = /* @__PURE__ */ require_node_path.getNodePath();
+	const fs = require_node_fs.getNodeFs();
+	const path = require_node_path.getNodePath();
 	const dlxDir = require_paths_socket.getSocketDlxDir();
 	const absolutePath = path.resolve(filePath);
 	const cacheKey = path.relative(dlxDir, absolutePath).split(path.sep)[0] ?? "";
@@ -204,6 +131,32 @@ function detectLocalExecutableType(filePath) {
 	};
 }
 /**
+* Find package.json in the directory containing the file or parent directories.
+* Results are cached to avoid repeated directory traversal.
+*
+* @private
+*
+* @param filePath - Path to search from.
+*
+* @returns Path to package.json if found, undefined otherwise
+*/
+function findPackageJson(filePath) {
+	const fs = require_node_fs.getNodeFs();
+	const nodePath = require_node_path.getNodePath();
+	const startDir = nodePath.dirname(nodePath.resolve(filePath));
+	const cached = packageJsonPathCache.get(startDir);
+	if (cached !== void 0) if (cached.path === void 0) {
+		if (require_primordials_date.DateNow() - cached.at < PACKAGE_JSON_NEGATIVE_TTL_MS) return;
+		packageJsonPathCache.delete(startDir);
+	} else if (fs.existsSync(cached.path)) {
+		packageJsonPathCacheSet(startDir, cached.path);
+		return cached.path;
+	} else packageJsonPathCache.delete(startDir);
+	const packageJsonPath = require_fs_find.findUpSync("package.json", { cwd: startDir });
+	packageJsonPathCacheSet(startDir, packageJsonPath);
+	return packageJsonPath;
+}
+/**
 * Check if a file path indicates a Node.js script.
 *
 * @example
@@ -218,7 +171,7 @@ function detectLocalExecutableType(filePath) {
 * @returns True if file has .js, .mjs, or .cjs extension
 */
 function isJsFilePath(filePath) {
-	const ext = (/* @__PURE__ */ require_node_path.getNodePath()).extname(filePath).toLowerCase();
+	const ext = require_node_path.getNodePath().extname(filePath).toLowerCase();
 	return NODE_JS_EXTENSIONS.has(ext);
 }
 /**
@@ -253,6 +206,62 @@ function isNativeBinary(filePath) {
 function isNodePackage(filePath) {
 	return detectExecutableType(filePath).type === "package";
 }
+/**
+* Set a package.json path cache entry, evicting the oldest when the LRU is
+* full.
+*
+* @private
+*
+* @param key - Start directory used as the cache key.
+* @param value - Resolved package.json path, or undefined for a negative entry.
+*/
+function packageJsonPathCacheSet(key, value) {
+	if (packageJsonPathCache.has(key)) packageJsonPathCache.delete(key);
+	else if (packageJsonPathCache.size >= PACKAGE_JSON_PATH_CACHE_MAX_SIZE) {
+		const oldest = packageJsonPathCache.keys().next().value;
+		if (oldest !== void 0) packageJsonPathCache.delete(oldest);
+	}
+	packageJsonPathCache.set(key, {
+		path: value,
+		at: Date.now()
+	});
+}
+/**
+* Read and parse package.json with caching. Results are cached to avoid
+* repeated file reads.
+*
+* @private
+*
+* @param packageJsonPath - Path to package.json.
+*
+* @returns Parsed package.json or null if invalid
+*/
+function readPackageJson(packageJsonPath) {
+	const fs = require_node_fs.getNodeFs();
+	let mtimeMs = 0;
+	try {
+		mtimeMs = fs.statSync(packageJsonPath).mtimeMs;
+	} catch {
+		packageJsonContentCache.delete(packageJsonPath);
+		return;
+	}
+	const cached = packageJsonContentCache.get(packageJsonPath);
+	if (cached !== void 0 && cached.mtimeMs === mtimeMs) return cached.content;
+	try {
+		const content = require_primordials_json.JSONParse(fs.readFileSync(packageJsonPath, "utf8"));
+		packageJsonContentCache.set(packageJsonPath, {
+			mtimeMs,
+			content
+		});
+		return content;
+	} catch {
+		packageJsonContentCache.set(packageJsonPath, {
+			mtimeMs,
+			content: void 0
+		});
+		return;
+	}
+}
 //#endregion
 exports.detectDlxExecutableType = detectDlxExecutableType;

package/dist/dlx/dir.js CHANGED Viewed

@@ -20,7 +20,7 @@ const require_dlx_packages = require('./packages.js');
 *   ```
 */
 async function clearDlx() {
-	await /* @__PURE__ */ require_promises_iterate.pEach(await require_dlx_packages.listDlxPackagesAsync(), (pkg) => require_dlx_packages.removeDlxPackage(pkg));
+	await require_promises_iterate.pEach(await require_dlx_packages.listDlxPackagesAsync(), (pkg) => require_dlx_packages.removeDlxPackage(pkg));
 }
 /**
 * Clear all DLX package installations synchronously.
@@ -45,7 +45,7 @@ function clearDlxSync() {
 *   ```
 */
 function dlxDirExists() {
-	return (/* @__PURE__ */ require_node_fs.getNodeFs()).existsSync(require_paths_socket.getSocketDlxDir());
+	return require_node_fs.getNodeFs().existsSync(require_paths_socket.getSocketDlxDir());
 }
 /**
 * Ensure the DLX directory exists, creating it if necessary.

package/dist/dlx/firewall.d.ts CHANGED Viewed

@@ -7,7 +7,7 @@
  *     `dlx/package.ts` so the firewall logic + PURL helper can be reused by
  *     other dlx flows without dragging in the install orchestrator.
  */
-import Arborist from '../external/@npmcli/arborist';
+import type Arborist from '../external/@npmcli/arborist';
 /**
  * Check all resolved packages in an Arborist ideal tree against the Socket
  * Firewall API (public, no auth required). Throws if any dependency has

package/dist/dlx/lockfile.d.ts CHANGED Viewed

@@ -1,15 +1,15 @@
 /**
- * @file Package pin generation for dlx installs. `generatePackagePin` resolves
- *   an npm package against the registry using Arborist's lockfile-only mode and
- *   fetches its top-level tarball to return both hash formats plus the lockfile
- *   content — everything needed to vendor a reproducible install. The
+ * @file Package pin generation for dlx installs. `resolveNpmPackagePin`
+ *   resolves an npm package against the registry using Arborist's lockfile-only
+ *   mode and fetches its top-level tarball to return both hash formats plus the
+ *   lockfile content — everything needed to vendor a reproducible install. The
  *   `LockfileSpec` type is also exported here for use as the `lockfile` option
- *   on `downloadPackage`. Sniff/write handling lives inline in `./package.ts` —
- *   no helper.
+ *   on `downloadNpmPackage`. Sniff/write handling lives inline in
+ *   `./package.ts` — no helper.
  */
 import type { ComputedHashes } from '../integrity';
 /**
- * Lockfile source for the `lockfile` option on `downloadPackage`.
+ * Lockfile source for the `lockfile` option on `downloadNpmPackage`.
  *
  * Bare strings are sniffed: a leading `{` (after whitespace) means JSON
  * content, anything else is treated as a filesystem path. Pass the explicit `{
@@ -40,11 +40,7 @@ export declare const DEFAULT_MIN_RELEASE_DAYS = 7;
 /**
  * Options for generating a vendorable pin for an npm package.
  */
-export interface GeneratePackagePinOptions {
-    /**
-     * Package spec, e.g. `'@anthropic-ai/claude-code@2.1.92'`.
-     */
-    package: string;
+export interface ResolveNpmPackagePinOptions {
     /**
      * Minimum release age in days. Refuses to resolve any version (direct or
      * transitive) published more recently than `Date.now() - N days`.
@@ -62,12 +58,17 @@ export interface GeneratePackagePinOptions {
      * exclusive with {@link minReleaseDays}.
      */
     minReleaseMins?: number | undefined;
+    /**
+     * Package spec, e.g. `'@anthropic-ai/claude-code@2.1.92'`. Named `spec` to
+     * match `downloadNpmPackage`/`downloadPipPackage`.
+     */
+    spec: string;
 }
 /**
- * Result of {@link generatePackagePin}. All file data is returned as content —
+ * Result of {@link resolveNpmPackagePin}. All file data is returned as content —
  * the caller decides whether/where to write it.
  */
-export interface PinDetails {
+export interface NpmPackagePin {
     /**
      * Resolved package name.
      */
@@ -95,7 +96,7 @@ export interface PinDetails {
  */
 export declare class DlxLockfileError extends Error {
     constructor(message: string, options?: {
-        cause?: unknown;
+        cause?: unknown | undefined;
     } | undefined);
 }
 /**
@@ -112,15 +113,15 @@ export declare class DlxLockfileError extends Error {
  *
  * @example
  *   ;```ts
- *   const pin = await generatePackagePin({
- *     package: '@anthropic-ai/claude-code@2.1.92',
+ *   const pin = await resolveNpmPackagePin({
+ *     spec: '@anthropic-ai/claude-code@2.1.92',
  *   })
  *   await fs.writeFile('./claude.lock.json', pin.lockfile, 'utf8')
  *   // pin.hash.integrity → 'sha512-…'
  *   // pin.hash.checksum  → hex
  *   ```
  */
-export declare function generatePackagePin(options: GeneratePackagePinOptions): Promise<PinDetails>;
+export declare function resolveNpmPackagePin(options: ResolveNpmPackagePinOptions): Promise<NpmPackagePin>;
 /**
  * Extract the package name from a spec like `'name@range'` or
  * `'@scope/name@range'` or a bare `'name'`.

package/dist/dlx/lockfile.js CHANGED Viewed

@@ -2,8 +2,8 @@
 /* Socket Lib - Built with rolldown */
 Object.defineProperty(exports, Symbol.toStringTag, { value: 'Module' });
 const require_runtime = require('../_virtual/_rolldown/runtime.js');
-const require_primordials_string = require('../primordials/string.js');
 const require_integrity = require('../integrity.js');
+const require_primordials_string = require('../primordials/string.js');
 const require_node_fs = require('../node/fs.js');
 const require_node_path = require('../node/path.js');
 const require_primordials_date = require('../primordials/date.js');
@@ -17,13 +17,13 @@ src_external_pacote = require_runtime.__toESM(src_external_pacote);
 //#region src/dlx/lockfile.ts
 /**
-* @file Package pin generation for dlx installs. `generatePackagePin` resolves
-*   an npm package against the registry using Arborist's lockfile-only mode and
-*   fetches its top-level tarball to return both hash formats plus the lockfile
-*   content — everything needed to vendor a reproducible install. The
+* @file Package pin generation for dlx installs. `resolveNpmPackagePin`
+*   resolves an npm package against the registry using Arborist's lockfile-only
+*   mode and fetches its top-level tarball to return both hash formats plus the
+*   lockfile content — everything needed to vendor a reproducible install. The
 *   `LockfileSpec` type is also exported here for use as the `lockfile` option
-*   on `downloadPackage`. Sniff/write handling lives inline in `./package.ts` —
-*   no helper.
+*   on `downloadNpmPackage`. Sniff/write handling lives inline in
+*   `./package.ts` — no helper.
 */
 /**
 * Default minimum release age in days applied when a caller passes neither
@@ -55,20 +55,20 @@ var DlxLockfileError = class extends Error {
 *
 * @example
 *   ;```ts
-*   const pin = await generatePackagePin({
-*     package: '@anthropic-ai/claude-code@2.1.92',
+*   const pin = await resolveNpmPackagePin({
+*     spec: '@anthropic-ai/claude-code@2.1.92',
 *   })
 *   await fs.writeFile('./claude.lock.json', pin.lockfile, 'utf8')
 *   // pin.hash.integrity → 'sha512-…'
 *   // pin.hash.checksum  → hex
 *   ```
 */
-async function generatePackagePin(options) {
-	const fs = /* @__PURE__ */ require_node_fs.getNodeFs();
-	const path = /* @__PURE__ */ require_node_path.getNodePath();
-	const { minReleaseDays, minReleaseMins, package: spec } = options;
-	if (typeof spec !== "string" || spec.length === 0) throw new DlxLockfileError("generatePackagePin requires a package spec");
-	if (minReleaseDays !== void 0 && minReleaseMins !== void 0) throw new DlxLockfileError("generatePackagePin: minReleaseDays and minReleaseMins are mutually exclusive");
+async function resolveNpmPackagePin(options) {
+	const fs = require_node_fs.getNodeFs();
+	const path = require_node_path.getNodePath();
+	const { minReleaseDays, minReleaseMins, spec } = options;
+	if (typeof spec !== "string" || spec.length === 0) throw new DlxLockfileError("resolveNpmPackagePin requires a package spec");
+	if (minReleaseDays !== void 0 && minReleaseMins !== void 0) throw new DlxLockfileError("resolveNpmPackagePin: minReleaseDays and minReleaseMins are mutually exclusive");
 	const effectiveDays = minReleaseDays !== void 0 ? minReleaseDays : minReleaseMins !== void 0 ? void 0 : 7;
 	const ageMs = effectiveDays !== void 0 ? effectiveDays * 864e5 : minReleaseMins !== void 0 ? minReleaseMins * 6e4 : 0;
 	const before = ageMs > 0 ? new require_primordials_date.DateCtor(require_primordials_date.DateNow() - ageMs) : void 0;
@@ -125,6 +125,6 @@ function specRange(spec) {
 //#endregion
 exports.DEFAULT_MIN_RELEASE_DAYS = DEFAULT_MIN_RELEASE_DAYS;
 exports.DlxLockfileError = DlxLockfileError;
-exports.generatePackagePin = generatePackagePin;
+exports.resolveNpmPackagePin = resolveNpmPackagePin;
 exports.specName = specName;
 exports.specRange = specRange;

package/dist/dlx/manifest.d.ts CHANGED Viewed

@@ -27,12 +27,12 @@
  */
 export interface PackageDetails {
     installed_version: string;
-    size?: number;
+    size?: number | undefined;
     update_check?: {
         last_check: number;
         last_notification: number;
         latest_known: string;
-    };
+    } | undefined;
 }
 /**
  * Details for binary download entries.
@@ -47,8 +47,8 @@ export interface BinaryDetails {
     size: number;
     source: {
         type: 'download' | 'extract';
-        url?: string;
-        path?: string;
+        url?: string | undefined;
+        path?: string | undefined;
     };
     /**
      * Update check metadata (same structure as packages).
@@ -57,7 +57,7 @@ export interface BinaryDetails {
         last_check: number;
         last_notification: number;
         latest_known: string;
-    };
+    } | undefined;
 }
 /**
  * Unified manifest entry for all cached items (packages and binaries). Shared
@@ -81,7 +81,7 @@ export interface DlxManifestOptions {
     /**
      * Custom manifest file path (defaults to ~/.socket/_dlx/.dlx-manifest.json).
      */
-    manifestPath?: string;
+    manifestPath?: string | undefined;
 }
 /**
  * Type guard for binary entries.

package/dist/dlx/manifest.js CHANGED Viewed

@@ -4,8 +4,8 @@ Object.defineProperty(exports, Symbol.toStringTag, { value: 'Module' });
 const require_node_fs = require('../node/fs.js');
 const require_node_path = require('../node/path.js');
 const require_primordials_date = require('../primordials/date.js');
-const require_primordials_object = require('../primordials/object.js');
 const require_primordials_json = require('../primordials/json.js');
+const require_primordials_object = require('../primordials/object.js');
 const require_errors_message = require('../errors/message.js');
 const require_logger_default = require('../logger/default.js');
 const require_paths_socket = require('../paths/socket.js');
@@ -38,8 +38,8 @@ const require_fs_read_file = require('../fs/read-file.js');
 *   - Binary metadata tracking
 *   - Rate limiting registry requests
 */
-const fs = /* @__PURE__ */ require_node_fs.getNodeFs();
-const path = /* @__PURE__ */ require_node_path.getNodePath();
+const fs = require_node_fs.getNodeFs();
+const path = require_node_path.getNodePath();
 const logger = require_logger_default.getDefaultLogger();
 /**
 * Manifest file name.
@@ -92,7 +92,7 @@ var DlxManifest = class {
 	readManifest() {
 		try {
 			if (!fs.existsSync(this.manifestPath)) return { __proto__: null };
-			const rawContent = /* @__PURE__ */ require_fs_read_file.readFileUtf8Sync(this.manifestPath);
+			const rawContent = require_fs_read_file.readFileUtf8Sync(this.manifestPath);
 			const content = (typeof rawContent === "string" ? rawContent : rawContent.toString("utf8")).trim();
 			if (!content) return { __proto__: null };
 			return require_primordials_json.JSONParse(content);
@@ -172,7 +172,7 @@ var DlxManifest = class {
 	getAllPackages() {
 		try {
 			if (!fs.existsSync(this.manifestPath)) return [];
-			const rawContent = /* @__PURE__ */ require_fs_read_file.readFileUtf8Sync(this.manifestPath);
+			const rawContent = require_fs_read_file.readFileUtf8Sync(this.manifestPath);
 			const content = (typeof rawContent === "string" ? rawContent : rawContent.toString("utf8")).trim();
 			if (!content) return [];
 			return require_primordials_object.ObjectKeys(require_primordials_json.JSONParse(content));

package/dist/dlx/package.d.ts CHANGED Viewed

@@ -20,9 +20,9 @@
  *   - dlx/binary.ts: Downloads standalone binaries from URLs
  *   - dlx/package.ts: Installs npm packages from registries Implementation:
  *   - Uses Arborist for package installation (like npx, no npm CLI required)
- *   - Split into downloadPackage() and executePackage() for flexibility
+ *   - Split into downloadNpmPackage() and executePackage() for flexibility
  *   - dlxPackage() combines both for convenience Module shape: this file holds
- *     the three async orchestrators (`dlxPackage`, `downloadPackage`,
+ *     the three async orchestrators (`dlxPackage`, `downloadNpmPackage`,
  *     `ensurePackageInstalled`) and the synchronous `executePackage`. The
  *     supporting surface lives in sibling leaves and is re-exported here so
  *     existing `dlx/package` importers keep working unchanged:
@@ -33,7 +33,7 @@
  *   - lazy `node:fs` / `node:path` + LRU cache — `./_internal`
  */
 import { spawn } from '../process/spawn/child';
-import type { DlxPackageOptions, DlxPackageResult, DownloadPackageResult, EnsurePackageInstallOptions } from './types';
+import type { DlxPackageOptions, DlxPackageResult, DownloadNpmPackageResult, EnsurePackageInstallOptions } from './types';
 import type { SpawnExtra, SpawnOptions } from '../process/spawn/types';
 /**
  * Execute a package via DLX - install if needed and run its binary.
@@ -47,7 +47,7 @@ import type { SpawnExtra, SpawnOptions } from '../process/spawn/types';
  *   ;```typescript
  *   // Download and execute cdxgen
  *   const result = await dlxPackage(['--version'], {
- *     package: '@cyclonedx/cdxgen@10.0.0',
+ *     spec: '@cyclonedx/cdxgen@10.0.0',
  *   })
  *   await result.spawnPromise
  *   ```
@@ -61,15 +61,15 @@ export declare function dlxPackage(args: readonly string[] | string[], options:
  * @example
  *   ;```typescript
  *   // Install @socketsecurity/cli without running it
- *   const result = await downloadPackage({
- *     package: '@socketsecurity/cli@1.2.0',
+ *   const result = await downloadNpmPackage({
+ *     spec: '@socketsecurity/cli@1.2.0',
  *     force: true,
  *   })
  *   console.log('Installed to:', result.packageDir)
  *   console.log('Binary at:', result.binaryPath)
  *   ```
  */
-export declare function downloadPackage(options: DlxPackageOptions): Promise<DownloadPackageResult>;
+export declare function downloadNpmPackage(options: DlxPackageOptions): Promise<DownloadNpmPackageResult>;
 /**
  * Install package to ~/.socket/_dlx/<hash>/ if not already installed. Uses
  * pacote for installation (no npm CLI required). Protected by process lock to
@@ -91,7 +91,7 @@ export declare function ensurePackageInstalled(packageName: string, packageSpec:
 }>;
 /**
  * Execute a package's binary with cross-platform shell handling. The package
- * must already be installed (use downloadPackage first).
+ * must already be installed (use downloadNpmPackage first).
  *
  * On Windows, script files (.bat, .cmd, .ps1) require shell: true. Matches
  * npm/npx execution behavior.
@@ -99,7 +99,7 @@ export declare function ensurePackageInstalled(packageName: string, packageSpec:
  * @example
  *   ;```typescript
  *   // Execute an already-installed package
- *   const downloaded = await downloadPackage({ package: 'cowsay@1.5.0' })
+ *   const downloaded = await downloadNpmPackage({ spec: 'cowsay@1.5.0' })
  *   const result = await executePackage(
  *     downloaded.binaryPath,
  *     ['Hello World'],
@@ -112,4 +112,4 @@ export { binaryPathCacheSet } from './_internal';
 export { findBinaryPath, makePackageBinsExecutable, resolveBinaryPath, } from './binary-resolution';
 export { checkFirewallPurls, npmPurl } from './firewall';
 export { parsePackageSpec } from './spec';
-export type { DlxPackageOptions, DlxPackageResult, DownloadPackageResult, EnsurePackageInstallOptions, } from './types';
+export type { DlxPackageOptions, DlxPackageResult, DownloadNpmPackageResult, EnsurePackageInstallOptions, } from './types';