@socketsecurity/lib 6.0.5 → 6.0.7

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (534) hide show
  1. package/CHANGELOG.md +43 -0
  2. package/dist/ai/discover.d.mts +2 -2
  3. package/dist/ai/discover.js +6 -4
  4. package/dist/ai/spawn.js +10 -6
  5. package/dist/ai/types.d.mts +18 -6
  6. package/dist/ai/worktree.d.mts +6 -6
  7. package/dist/ai/worktree.js +12 -7
  8. package/dist/ansi/strip.d.ts +1 -1
  9. package/dist/ansi/strip.js +0 -2
  10. package/dist/archives/_internal.js +7 -9
  11. package/dist/archives/extract.js +1 -1
  12. package/dist/archives/tar.js +6 -6
  13. package/dist/archives/zip.js +4 -6
  14. package/dist/argv/flag-predicates.d.ts +12 -12
  15. package/dist/argv/flag-predicates.js +17 -17
  16. package/dist/argv/flag-types.d.ts +18 -18
  17. package/dist/argv/flag-types.js +4 -4
  18. package/dist/argv/parse.d.ts +1 -1
  19. package/dist/arrays/_internal.js +11 -12
  20. package/dist/arrays/chunk.js +0 -1
  21. package/dist/arrays/join.d.ts +37 -3
  22. package/dist/arrays/join.js +43 -7
  23. package/dist/arrays/unique.js +0 -1
  24. package/dist/bin/_internal.d.ts +1 -1
  25. package/dist/bin/_internal.js +1 -1
  26. package/dist/bin/acorn-bindgen.cjs +769 -0
  27. package/dist/bin/acorn.wasm +0 -0
  28. package/dist/bin/exec.js +2 -3
  29. package/dist/bin/find.js +13 -13
  30. package/dist/bin/prim.cjs +39244 -0
  31. package/dist/bin/resolve.js +12 -13
  32. package/dist/bin/which.js +8 -8
  33. package/dist/cache/ttl/store.js +5 -5
  34. package/dist/checks/primordials-defaults.d.ts +3 -3
  35. package/dist/checks/primordials-defaults.js +3 -3
  36. package/dist/checks/primordials.js +4 -3
  37. package/dist/{bin → cli}/check-primordials.d.ts +11 -11
  38. package/dist/{bin → cli}/check-primordials.js +56 -52
  39. package/dist/{bin → cli}/check.js +6 -5
  40. package/dist/{bin → cli}/socket-lib.d.ts +1 -1
  41. package/dist/{bin → cli}/socket-lib.js +4 -4
  42. package/dist/colors/socket-palette.js +7 -9
  43. package/dist/compression/_internal.d.ts +12 -12
  44. package/dist/compression/_internal.js +20 -19
  45. package/dist/compression/brotli.d.ts +25 -25
  46. package/dist/compression/brotli.js +37 -44
  47. package/dist/compression/gzip.d.ts +23 -23
  48. package/dist/compression/gzip.js +44 -52
  49. package/dist/constants/agents.d.ts +3 -1
  50. package/dist/constants/agents.js +15 -11
  51. package/dist/constants/licenses.js +3 -3
  52. package/dist/constants/node.d.ts +23 -0
  53. package/dist/constants/node.js +47 -15
  54. package/dist/constants/packages.js +22 -28
  55. package/dist/constants/platform.d.ts +30 -3
  56. package/dist/constants/platform.js +72 -12
  57. package/dist/constants/runtime.d.ts +22 -0
  58. package/dist/constants/runtime.js +32 -0
  59. package/dist/constants/socket.js +1 -1
  60. package/dist/cover/code.js +8 -8
  61. package/dist/cover/formatters.js +5 -5
  62. package/dist/crypto/hash.d.ts +26 -1
  63. package/dist/crypto/hash.js +43 -12
  64. package/dist/debug/_internal.js +4 -6
  65. package/dist/debug/caller-info.js +2 -3
  66. package/dist/debug/namespace.d.ts +7 -0
  67. package/dist/debug/namespace.js +21 -12
  68. package/dist/debug/output.js +21 -24
  69. package/dist/debug/types.d.ts +4 -4
  70. package/dist/dlx/arborist.js +6 -6
  71. package/dist/dlx/binary-cache.js +14 -14
  72. package/dist/dlx/binary-download.d.ts +1 -1
  73. package/dist/dlx/binary-download.js +14 -13
  74. package/dist/dlx/binary-resolution.js +16 -14
  75. package/dist/dlx/binary-types.d.ts +5 -5
  76. package/dist/dlx/binary.js +5 -5
  77. package/dist/dlx/cache.js +1 -1
  78. package/dist/dlx/detect.d.ts +34 -25
  79. package/dist/dlx/detect.js +86 -77
  80. package/dist/dlx/dir.js +2 -2
  81. package/dist/dlx/firewall.d.ts +1 -1
  82. package/dist/dlx/lockfile.d.ts +19 -18
  83. package/dist/dlx/lockfile.js +16 -16
  84. package/dist/dlx/manifest.d.ts +6 -6
  85. package/dist/dlx/manifest.js +5 -5
  86. package/dist/dlx/package.d.ts +10 -10
  87. package/dist/dlx/package.js +16 -16
  88. package/dist/dlx/packages.js +4 -4
  89. package/dist/dlx/paths.js +7 -7
  90. package/dist/dlx/spec.js +1 -1
  91. package/dist/dlx/types.d.ts +28 -27
  92. package/dist/eco/cargo/parse-lockfile.d.ts +1 -1
  93. package/dist/eco/cargo/parse-lockfile.js +2 -2
  94. package/dist/eco/manifest/analyze-lockfile.js +2 -2
  95. package/dist/eco/manifest/detect-format.js +4 -4
  96. package/dist/eco/manifest/find-packages.js +2 -2
  97. package/dist/eco/manifest/get-package-versions.js +2 -2
  98. package/dist/eco/manifest/get-package.js +2 -2
  99. package/dist/eco/manifest/parse-lockfile.js +2 -2
  100. package/dist/eco/manifest/parse-manifest.js +2 -2
  101. package/dist/eco/manifest/parse.js +2 -2
  102. package/dist/eco/npm/npm/exec.js +2 -2
  103. package/dist/eco/npm/npm/flags.js +7 -12
  104. package/dist/eco/npm/npm/parse-lockfile.d.ts +14 -14
  105. package/dist/eco/npm/npm/parse-lockfile.js +3 -3
  106. package/dist/eco/npm/parse-package-json.js +3 -3
  107. package/dist/eco/npm/pnpm/exec.d.ts +1 -1
  108. package/dist/eco/npm/pnpm/exec.js +5 -5
  109. package/dist/eco/npm/pnpm/flags.js +0 -3
  110. package/dist/eco/npm/pnpm/parse-lockfile.d.ts +1 -1
  111. package/dist/eco/npm/pnpm/parse-lockfile.js +4 -4
  112. package/dist/eco/npm/script.js +9 -6
  113. package/dist/eco/npm/yarnpkg/yarn/exec.js +3 -3
  114. package/dist/eco/npm/yarnpkg/yarn/parse-lockfile.d.ts +2 -2
  115. package/dist/eco/npm/yarnpkg/yarn/parse-lockfile.js +8 -8
  116. package/dist/effects/pulse-frames.d.ts +3 -1
  117. package/dist/effects/shimmer-keyframes.d.ts +1 -1
  118. package/dist/effects/shimmer-terminal.d.ts +1 -1
  119. package/dist/env/boolean.js +0 -1
  120. package/dist/env/ci.js +0 -1
  121. package/dist/env/debug.js +0 -1
  122. package/dist/env/github-status.d.ts +51 -0
  123. package/dist/env/github-status.js +90 -0
  124. package/dist/env/github.js +0 -8
  125. package/dist/env/home.js +0 -1
  126. package/dist/env/locale.js +0 -3
  127. package/dist/env/node-auth-token.js +0 -1
  128. package/dist/env/node-env.js +0 -1
  129. package/dist/env/node-version-managers.d.ts +53 -0
  130. package/dist/env/node-version-managers.js +90 -0
  131. package/dist/env/npm.js +0 -5
  132. package/dist/env/number.js +0 -1
  133. package/dist/env/package-manager.js +3 -6
  134. package/dist/env/path.js +0 -1
  135. package/dist/env/pre-commit.js +1 -2
  136. package/dist/env/rewire.d.ts +7 -6
  137. package/dist/env/rewire.js +15 -16
  138. package/dist/env/shell.js +0 -1
  139. package/dist/env/socket-cli.js +5 -18
  140. package/dist/env/socket-mcp.d.ts +114 -0
  141. package/dist/env/socket-mcp.js +146 -0
  142. package/dist/env/socket.d.ts +1 -109
  143. package/dist/env/socket.js +12 -166
  144. package/dist/env/string.js +0 -1
  145. package/dist/env/temp-dir.js +0 -3
  146. package/dist/env/term.js +0 -1
  147. package/dist/env/test.js +3 -6
  148. package/dist/env/windows.js +0 -4
  149. package/dist/env/xdg.js +0 -3
  150. package/dist/events/exit/_internal.d.ts +11 -9
  151. package/dist/events/exit/_internal.js +31 -35
  152. package/dist/events/exit/handler.js +3 -4
  153. package/dist/events/exit/intercept.js +4 -6
  154. package/dist/events/exit/lifecycle.js +16 -18
  155. package/dist/events/exit/signals.js +1 -2
  156. package/dist/events/exit/types.d.ts +6 -5
  157. package/dist/external/@npmcli/package-json.js +2 -2
  158. package/dist/external/@sinclair/typebox/value.js +5 -1
  159. package/dist/external/@sinclair/typebox.js +5 -1
  160. package/dist/external/@socketregistry/packageurl-js.js +27 -0
  161. package/dist/external/npm-pack.js +2 -2
  162. package/dist/external-tools/bazel/read-bazel-version-file.js +1 -1
  163. package/dist/external-tools/bazel/resolve.js +2 -1
  164. package/dist/external-tools/bazel/types.d.ts +1 -1
  165. package/dist/external-tools/cdxgen/from-vfs.js +1 -1
  166. package/dist/external-tools/cdxgen/resolve.js +2 -1
  167. package/dist/external-tools/cdxgen/types.d.ts +1 -1
  168. package/dist/external-tools/from-download.d.ts +1 -1
  169. package/dist/external-tools/from-download.js +1 -1
  170. package/dist/external-tools/from-pip-venv.d.ts +73 -0
  171. package/dist/external-tools/from-pip-venv.js +98 -0
  172. package/dist/external-tools/janus/asset-names.js +1 -1
  173. package/dist/external-tools/janus/from-download.js +3 -5
  174. package/dist/external-tools/janus/from-vfs.js +1 -1
  175. package/dist/external-tools/janus/resolve.js +2 -1
  176. package/dist/external-tools/janus/types.d.ts +1 -1
  177. package/dist/external-tools/jre/detect-platform-arch.d.ts +10 -6
  178. package/dist/external-tools/jre/detect-platform-arch.js +29 -14
  179. package/dist/external-tools/jre/from-download.js +2 -1
  180. package/dist/external-tools/jre/from-vfs.js +1 -1
  181. package/dist/external-tools/jre/resolve.js +2 -1
  182. package/dist/external-tools/jre/types.d.ts +1 -1
  183. package/dist/external-tools/manifest.d.ts +7 -7
  184. package/dist/external-tools/manifest.js +18 -16
  185. package/dist/external-tools/opengrep/from-vfs.js +1 -1
  186. package/dist/external-tools/opengrep/resolve.js +2 -1
  187. package/dist/external-tools/opengrep/types.d.ts +1 -1
  188. package/dist/external-tools/python/asset-names.d.ts +76 -0
  189. package/dist/external-tools/python/asset-names.js +104 -0
  190. package/dist/external-tools/python/dlx.d.ts +80 -0
  191. package/dist/external-tools/python/dlx.js +87 -0
  192. package/dist/external-tools/python/from-download.d.ts +53 -0
  193. package/dist/external-tools/python/from-download.js +68 -0
  194. package/dist/external-tools/python/from-path.d.ts +7 -0
  195. package/dist/external-tools/python/from-path.js +23 -0
  196. package/dist/external-tools/python/pin.d.ts +121 -0
  197. package/dist/external-tools/python/pin.js +173 -0
  198. package/dist/external-tools/python/pip-install.d.ts +75 -0
  199. package/dist/external-tools/python/pip-install.js +139 -0
  200. package/dist/external-tools/python/resolve.d.ts +42 -0
  201. package/dist/external-tools/python/resolve.js +58 -0
  202. package/dist/external-tools/python/types.d.ts +49 -0
  203. package/dist/external-tools/sbt/from-vfs.js +1 -1
  204. package/dist/external-tools/sbt/resolve.js +2 -1
  205. package/dist/external-tools/sbt/types.d.ts +1 -1
  206. package/dist/external-tools/skillspector/from-dlx.d.ts +24 -0
  207. package/dist/external-tools/skillspector/from-dlx.js +41 -0
  208. package/dist/external-tools/skillspector/from-path.d.ts +8 -0
  209. package/dist/external-tools/skillspector/from-path.js +30 -0
  210. package/dist/external-tools/skillspector/from-vfs.d.ts +8 -0
  211. package/dist/external-tools/skillspector/from-vfs.js +27 -0
  212. package/dist/external-tools/skillspector/resolve.d.ts +34 -0
  213. package/dist/external-tools/skillspector/resolve.js +53 -0
  214. package/dist/external-tools/skillspector/types.d.ts +24 -0
  215. package/dist/external-tools/skillspector/types.js +2 -0
  216. package/dist/external-tools/synp/from-download.js +2 -2
  217. package/dist/external-tools/synp/from-vfs.js +1 -1
  218. package/dist/external-tools/synp/resolve.js +2 -1
  219. package/dist/external-tools/trivy/from-vfs.js +1 -1
  220. package/dist/external-tools/trivy/resolve.js +2 -1
  221. package/dist/external-tools/trivy/types.d.ts +1 -1
  222. package/dist/external-tools/trufflehog/from-vfs.js +1 -1
  223. package/dist/external-tools/trufflehog/resolve.js +2 -1
  224. package/dist/external-tools/trufflehog/types.d.ts +1 -1
  225. package/dist/fs/_internal.d.ts +1 -1
  226. package/dist/fs/_internal.js +7 -7
  227. package/dist/fs/access.js +5 -9
  228. package/dist/fs/{path-cache.js → allowed-dirs-cache.js} +1 -1
  229. package/dist/fs/encoding.js +5 -7
  230. package/dist/fs/{find-up.js → find.js} +11 -13
  231. package/dist/fs/inspect.js +7 -13
  232. package/dist/fs/read-dir.js +7 -10
  233. package/dist/fs/read-file.js +8 -14
  234. package/dist/fs/read-json-cache.d.ts +6 -4
  235. package/dist/fs/read-json-cache.js +9 -6
  236. package/dist/fs/read-json.js +4 -6
  237. package/dist/fs/resolve-module.js +1 -1
  238. package/dist/fs/safe.d.ts +1 -1
  239. package/dist/fs/safe.js +12 -13
  240. package/dist/fs/unique.js +4 -5
  241. package/dist/fs/validate.js +1 -2
  242. package/dist/fs/write-json.js +4 -5
  243. package/dist/git/_internal.js +12 -11
  244. package/dist/git/changed.js +4 -4
  245. package/dist/git/repo.js +3 -3
  246. package/dist/git/staged.js +4 -4
  247. package/dist/git/unstaged.js +4 -4
  248. package/dist/github/ghsa.js +2 -2
  249. package/dist/github/refs-cache.d.ts +1 -1
  250. package/dist/github/refs-cache.js +5 -5
  251. package/dist/github/refs-rest.js +5 -5
  252. package/dist/github/{fetch.js → request.js} +13 -2
  253. package/dist/github/token.js +1 -1
  254. package/dist/github/types.d.ts +1 -1
  255. package/dist/globs/_internal.js +7 -9
  256. package/dist/globs/match.js +6 -7
  257. package/dist/globs/matcher.d.ts +3 -3
  258. package/dist/globs/matcher.js +12 -14
  259. package/dist/globs/stream.js +1 -2
  260. package/dist/globs/types.d.ts +24 -24
  261. package/dist/http-request/_internal.d.ts +1 -1
  262. package/dist/http-request/browser.js +21 -13
  263. package/dist/http-request/checksum-file.d.ts +55 -0
  264. package/dist/http-request/checksum-file.js +95 -0
  265. package/dist/http-request/download-types.d.ts +15 -23
  266. package/dist/http-request/download.js +4 -4
  267. package/dist/http-request/headers.d.ts +32 -3
  268. package/dist/http-request/headers.js +41 -13
  269. package/dist/http-request/request-attempt.js +38 -33
  270. package/dist/http-request/request-types.d.ts +7 -2
  271. package/dist/http-request/request.js +33 -16
  272. package/dist/http-request/response-reader.d.ts +12 -1
  273. package/dist/http-request/response-reader.js +22 -2
  274. package/dist/http-request/user-agent.js +3 -4
  275. package/dist/integrity.d.ts +86 -18
  276. package/dist/integrity.js +119 -30
  277. package/dist/ipc/directory.js +2 -2
  278. package/dist/ipc/paths.js +1 -1
  279. package/dist/ipc/write.js +1 -1
  280. package/dist/ipc-cli/get.js +12 -12
  281. package/dist/json/edit.js +13 -14
  282. package/dist/json/format.js +2 -2
  283. package/dist/json/parse.d.ts +1 -1
  284. package/dist/json/parse.js +3 -7
  285. package/dist/logger/_internal.d.ts +4 -4
  286. package/dist/logger/_internal.js +3 -3
  287. package/dist/logger/colors.js +4 -3
  288. package/dist/logger/console-methods.d.ts +132 -0
  289. package/dist/logger/console-methods.js +169 -0
  290. package/dist/logger/console.d.ts +12 -0
  291. package/dist/logger/console.js +42 -11
  292. package/dist/logger/indentation-methods.d.ts +81 -0
  293. package/dist/logger/indentation-methods.js +121 -0
  294. package/dist/logger/node.d.ts +16 -338
  295. package/dist/logger/node.js +75 -608
  296. package/dist/logger/options.d.ts +39 -0
  297. package/dist/logger/options.js +47 -0
  298. package/dist/logger/semantic-methods.d.ts +63 -0
  299. package/dist/logger/semantic-methods.js +108 -0
  300. package/dist/logger/stream-methods.d.ts +63 -0
  301. package/dist/logger/stream-methods.js +101 -0
  302. package/dist/logger/stream.d.ts +37 -0
  303. package/dist/logger/stream.js +42 -0
  304. package/dist/logger/symbols-builder.js +9 -9
  305. package/dist/logger/symbols.d.ts +2 -25
  306. package/dist/logger/symbols.js +53 -74
  307. package/dist/logger/types.d.ts +1 -1
  308. package/dist/memo/types.d.ts +6 -6
  309. package/dist/native-messaging/host.d.ts +20 -0
  310. package/dist/native-messaging/host.js +120 -0
  311. package/dist/native-messaging/index.d.ts +5 -0
  312. package/dist/native-messaging/index.js +22 -0
  313. package/dist/native-messaging/install.d.ts +60 -0
  314. package/dist/native-messaging/install.js +141 -0
  315. package/dist/native-messaging/rate-limit.d.ts +62 -0
  316. package/dist/native-messaging/rate-limit.js +115 -0
  317. package/dist/native-messaging/run.d.ts +10 -0
  318. package/dist/native-messaging/run.js +17 -0
  319. package/dist/node/async-hooks.js +4 -3
  320. package/dist/node/child-process.js +4 -3
  321. package/dist/node/crypto.js +4 -3
  322. package/dist/node/events.js +4 -3
  323. package/dist/node/fs-promises.js +4 -3
  324. package/dist/node/fs.js +4 -3
  325. package/dist/node/http.js +4 -3
  326. package/dist/node/https.js +4 -3
  327. package/dist/node/module.js +10 -6
  328. package/dist/node/os.js +4 -3
  329. package/dist/node/path.js +4 -3
  330. package/dist/node/timers-promises.js +4 -3
  331. package/dist/node/url.js +4 -3
  332. package/dist/node/util.js +4 -3
  333. package/dist/objects/getters.js +5 -7
  334. package/dist/objects/inspect.js +1 -4
  335. package/dist/objects/mutate.js +2 -3
  336. package/dist/objects/predicates.js +0 -4
  337. package/dist/objects/sort.js +3 -7
  338. package/dist/packages/edit-class.js +15 -16
  339. package/dist/packages/edit.js +12 -14
  340. package/dist/packages/exports.js +11 -17
  341. package/dist/packages/fetch.d.ts +16 -0
  342. package/dist/packages/fetch.js +81 -0
  343. package/dist/packages/find.d.ts +55 -0
  344. package/dist/packages/find.js +65 -0
  345. package/dist/packages/isolation.js +14 -14
  346. package/dist/packages/licenses.js +16 -16
  347. package/dist/packages/manifest.js +12 -15
  348. package/dist/packages/metadata-extensions.d.ts +14 -0
  349. package/dist/packages/metadata-extensions.js +43 -0
  350. package/dist/packages/normalize.js +5 -9
  351. package/dist/packages/provenance.d.ts +6 -0
  352. package/dist/packages/provenance.js +25 -18
  353. package/dist/packages/read.d.ts +29 -0
  354. package/dist/packages/read.js +66 -0
  355. package/dist/packages/specs.d.ts +48 -1
  356. package/dist/packages/specs.js +74 -11
  357. package/dist/packages/tarball.d.ts +24 -0
  358. package/dist/packages/tarball.js +79 -0
  359. package/dist/packages/types.d.ts +21 -20
  360. package/dist/packages/validation.js +0 -3
  361. package/dist/paths/_internal.d.ts +2 -1
  362. package/dist/paths/_internal.js +7 -19
  363. package/dist/paths/conversion.js +5 -9
  364. package/dist/paths/filenames.d.ts +0 -1
  365. package/dist/paths/filenames.js +0 -2
  366. package/dist/paths/normalize.js +6 -5
  367. package/dist/paths/packages.js +4 -7
  368. package/dist/paths/predicates.js +9 -16
  369. package/dist/paths/resolve.js +11 -14
  370. package/dist/paths/rewire.js +3 -3
  371. package/dist/paths/socket.js +16 -16
  372. package/dist/paths/walk.d.ts +1 -1
  373. package/dist/paths/walk.js +4 -4
  374. package/dist/perf/report.js +2 -2
  375. package/dist/perf/types.d.ts +1 -1
  376. package/dist/pkg-ext/data.js +1 -1
  377. package/dist/primordials/array.js +9 -9
  378. package/dist/primordials/date.js +2 -2
  379. package/dist/primordials/error.js +3 -3
  380. package/dist/primordials/headers.d.ts +10 -0
  381. package/dist/primordials/headers.js +23 -0
  382. package/dist/primordials/intl.d.ts +13 -0
  383. package/dist/primordials/intl.js +26 -0
  384. package/dist/primordials/math.js +33 -33
  385. package/dist/primordials/number.js +9 -9
  386. package/dist/primordials/object.js +5 -5
  387. package/dist/primordials/string.d.ts +2 -2
  388. package/dist/primordials/string.js +6 -6
  389. package/dist/primordials/symbol.js +3 -3
  390. package/dist/primordials/uncurry.js +9 -9
  391. package/dist/process/abort.js +3 -3
  392. package/dist/process/lock-manager.js +8 -8
  393. package/dist/process/spawn/_internal.js +6 -8
  394. package/dist/process/spawn/child.js +14 -14
  395. package/dist/process/spawn/errors.js +2 -4
  396. package/dist/process/spawn/kill-tree.d.ts +53 -0
  397. package/dist/process/spawn/kill-tree.js +85 -0
  398. package/dist/process/spawn/stdio.js +0 -1
  399. package/dist/process/spawn/types.d.ts +5 -5
  400. package/dist/process/transient.js +2 -2
  401. package/dist/promises/_internal.d.ts +2 -1
  402. package/dist/promises/_internal.js +2 -6
  403. package/dist/promises/iterate.js +12 -16
  404. package/dist/promises/options.js +3 -6
  405. package/dist/promises/retry.js +4 -5
  406. package/dist/promises/timers.d.ts +30 -0
  407. package/dist/promises/timers.js +48 -0
  408. package/dist/releases/github-archives.d.ts +6 -6
  409. package/dist/releases/github-archives.js +2 -2
  410. package/dist/releases/github-asset-url.d.ts +1 -1
  411. package/dist/releases/github-asset-url.js +5 -5
  412. package/dist/releases/github-downloads.d.ts +1 -1
  413. package/dist/releases/github-downloads.js +3 -3
  414. package/dist/releases/github-listing.d.ts +11 -2
  415. package/dist/releases/github-listing.js +20 -7
  416. package/dist/releases/github-retry-config.js +1 -1
  417. package/dist/releases/github-types.d.ts +6 -6
  418. package/dist/releases/socket-btm-binary-naming.d.ts +107 -0
  419. package/dist/releases/socket-btm-binary-naming.js +155 -0
  420. package/dist/releases/socket-btm.d.ts +8 -115
  421. package/dist/releases/socket-btm.js +16 -159
  422. package/dist/schema/types.d.ts +1 -1
  423. package/dist/sea/detect.js +6 -6
  424. package/dist/secrets/_internal.d.ts +2 -2
  425. package/dist/secrets/_internal.js +5 -4
  426. package/dist/secrets/compare.d.ts +45 -0
  427. package/dist/secrets/compare.js +61 -0
  428. package/dist/secrets/keychain.js +9 -6
  429. package/dist/secrets/linux.js +25 -23
  430. package/dist/secrets/macos.d.ts +1 -1
  431. package/dist/secrets/macos.js +18 -16
  432. package/dist/secrets/rc.d.ts +2 -2
  433. package/dist/secrets/rc.js +15 -10
  434. package/dist/secrets/socket-api-token.d.ts +4 -4
  435. package/dist/secrets/socket-api-token.js +18 -9
  436. package/dist/secrets/windows.js +21 -17
  437. package/dist/shadow/skip.js +2 -2
  438. package/dist/shell/parse.d.ts +108 -1
  439. package/dist/shell/parse.js +168 -2
  440. package/dist/smol/detect.js +9 -10
  441. package/dist/smol/http.js +6 -7
  442. package/dist/smol/https.js +6 -7
  443. package/dist/smol/manifest.d.ts +1 -1
  444. package/dist/smol/manifest.js +6 -7
  445. package/dist/smol/path.d.ts +1 -1
  446. package/dist/smol/path.js +7 -8
  447. package/dist/smol/primordial.d.ts +4 -0
  448. package/dist/smol/primordial.js +6 -7
  449. package/dist/smol/purl.d.ts +1 -1
  450. package/dist/smol/purl.js +7 -8
  451. package/dist/smol/versions.js +6 -7
  452. package/dist/smol/vfs.js +6 -7
  453. package/dist/sorts/_internal.js +6 -8
  454. package/dist/sorts/natural.js +10 -12
  455. package/dist/sorts/semver.js +1 -2
  456. package/dist/sorts/strings.js +0 -1
  457. package/dist/sorts/types.d.ts +1 -1
  458. package/dist/spinner/create-spinner-class.d.ts +38 -0
  459. package/dist/spinner/create-spinner-class.js +302 -0
  460. package/dist/spinner/default.js +8 -9
  461. package/dist/spinner/spinner-internals.d.ts +36 -0
  462. package/dist/spinner/spinner-internals.js +101 -0
  463. package/dist/spinner/spinner-shimmer-methods.d.ts +54 -0
  464. package/dist/spinner/spinner-shimmer-methods.js +143 -0
  465. package/dist/spinner/spinner-status-methods.d.ts +40 -0
  466. package/dist/spinner/spinner-status-methods.js +133 -0
  467. package/dist/spinner/spinner.d.ts +4 -5
  468. package/dist/spinner/spinner.js +18 -705
  469. package/dist/spinner/types.d.ts +3 -1
  470. package/dist/spinner/with.d.ts +10 -0
  471. package/dist/spinner/with.js +16 -2
  472. package/dist/stdio/divider.js +1 -1
  473. package/dist/stdio/footer.js +3 -3
  474. package/dist/stdio/header.js +4 -4
  475. package/dist/stdio/progress.js +5 -5
  476. package/dist/stdio/prompts.d.ts +5 -3
  477. package/dist/stdio/prompts.js +6 -7
  478. package/dist/stdio/stdout.js +3 -3
  479. package/dist/streams/parallel.js +3 -5
  480. package/dist/streams/transform.js +2 -3
  481. package/dist/strings/format.js +2 -6
  482. package/dist/strings/predicates.js +0 -2
  483. package/dist/strings/search.js +1 -2
  484. package/dist/strings/transform.js +0 -3
  485. package/dist/strings/width.js +9 -10
  486. package/dist/tables/bordered.js +4 -3
  487. package/dist/tables/padding.js +1 -1
  488. package/dist/tables/simple.js +8 -5
  489. package/dist/temporal/instant.js +4 -2
  490. package/dist/temporal/slots.js +7 -6
  491. package/dist/temporal/system.js +9 -9
  492. package/dist/themes/context.d.ts +3 -2
  493. package/dist/themes/context.js +4 -5
  494. package/dist/themes/themes.js +15 -15
  495. package/dist/themes/types.d.ts +3 -3
  496. package/dist/url/parse.js +0 -2
  497. package/dist/url/predicates.js +1 -2
  498. package/dist/url/search-params.js +3 -9
  499. package/dist/url/types.d.ts +5 -5
  500. package/dist/versions/_internal.js +3 -3
  501. package/dist/words/article.js +0 -1
  502. package/dist/words/capitalize.js +0 -1
  503. package/dist/words/pluralize.d.ts +24 -2
  504. package/dist/words/pluralize.js +47 -2
  505. package/dist/words/types.d.ts +25 -2
  506. package/package.json +289 -108
  507. package/dist/external-tools/uv/asset-names.d.ts +0 -36
  508. package/dist/external-tools/uv/asset-names.js +0 -70
  509. package/dist/external-tools/uv/from-download.d.ts +0 -17
  510. package/dist/external-tools/uv/from-download.js +0 -47
  511. package/dist/external-tools/uv/from-path.d.ts +0 -5
  512. package/dist/external-tools/uv/from-path.js +0 -22
  513. package/dist/external-tools/uv/from-vfs.d.ts +0 -7
  514. package/dist/external-tools/uv/from-vfs.js +0 -26
  515. package/dist/external-tools/uv/resolve.d.ts +0 -25
  516. package/dist/external-tools/uv/resolve.js +0 -52
  517. package/dist/external-tools/uv/types.d.ts +0 -24
  518. package/dist/http-request/checksums.d.ts +0 -69
  519. package/dist/http-request/checksums.js +0 -108
  520. package/dist/http-request/http-request.d.ts +0 -12
  521. package/dist/http-request/http-request.js +0 -11
  522. package/dist/packages/operations.d.ts +0 -113
  523. package/dist/packages/operations.js +0 -304
  524. package/dist/ssri/convert.d.ts +0 -48
  525. package/dist/ssri/convert.js +0 -69
  526. package/dist/ssri/parse.d.ts +0 -27
  527. package/dist/ssri/parse.js +0 -41
  528. package/dist/ssri/validate.d.ts +0 -41
  529. package/dist/ssri/validate.js +0 -56
  530. /package/dist/{bin → cli}/check.d.ts +0 -0
  531. /package/dist/external-tools/{uv → python}/types.js +0 -0
  532. /package/dist/fs/{path-cache.d.ts → allowed-dirs-cache.d.ts} +0 -0
  533. /package/dist/fs/{find-up.d.ts → find.d.ts} +0 -0
  534. /package/dist/github/{fetch.d.ts → request.d.ts} +0 -0
package/dist/env/socket.d.ts CHANGED
@@ -1,38 +1,6 @@
1
1
  /**
2
2
  * @file Socket Security environment variable getters.
3
3
  */
4
- /**
5
- * Whether the MCP server should run in HTTP mode. MCP_HTTP_MODE — when set to
6
- * the literal string `'true'`, the MCP server serves over HTTP instead of
7
- * stdio. Returns `false` for any other value (including unset).
8
- *
9
- * @example
10
- * ;```typescript
11
- * import { getMcpHttpMode } from '@socketsecurity/lib/env/socket'
12
- *
13
- * if (getMcpHttpMode()) {
14
- * startHttpServer()
15
- * }
16
- * ```
17
- *
18
- * @returns `true` if HTTP mode is enabled, `false` otherwise
19
- */
20
- export declare function getMcpHttpMode(): boolean;
21
- /**
22
- * MCP HTTP server listen port. MCP_PORT — port the MCP HTTP server binds to.
23
- * Defaults to `3000` (matches socket-mcp's documented default). Invalid /
24
- * non-numeric values also fall back to `3000`.
25
- *
26
- * @example
27
- * ;```typescript
28
- * import { getMcpPort } from '@socketsecurity/lib/env/socket'
29
- *
30
- * const port = getMcpPort()
31
- * ```
32
- *
33
- * @returns The MCP server port (default `3000`)
34
- */
35
- export declare function getMcpPort(): number;
36
4
  /**
37
5
  * SOCKET_ACCEPT_RISKS environment variable getter. Whether to accept all Socket
38
6
  * Security risks.
@@ -308,67 +276,6 @@ export declare function getSocketNoApiToken(): boolean;
308
276
  * @returns The Socket NPM registry URL, or `undefined` if not set
309
277
  */
310
278
  export declare function getSocketNpmRegistry(): string | undefined;
311
- /**
312
- * OAuth introspection client ID for the MCP HTTP server.
313
- * SOCKET_OAUTH_INTROSPECTION_CLIENT_ID — client credential used to call the
314
- * issuer's introspection endpoint. Empty string when unset.
315
- *
316
- * @example
317
- * ;```typescript
318
- * import { getSocketOauthIntrospectionClientId } from '@socketsecurity/lib/env/socket'
319
- *
320
- * const clientId = getSocketOauthIntrospectionClientId()
321
- * ```
322
- *
323
- * @returns The OAuth client ID, or `''` if not set
324
- */
325
- export declare function getSocketOauthIntrospectionClientId(): string;
326
- /**
327
- * OAuth introspection client secret for the MCP HTTP server.
328
- * SOCKET_OAUTH_INTROSPECTION_CLIENT_SECRET — paired with the client ID for
329
- * authenticated introspection requests. Empty string when unset.
330
- *
331
- * @example
332
- * ;```typescript
333
- * import { getSocketOauthIntrospectionClientSecret } from '@socketsecurity/lib/env/socket'
334
- *
335
- * const clientSecret = getSocketOauthIntrospectionClientSecret()
336
- * ```
337
- *
338
- * @returns The OAuth client secret, or `''` if not set
339
- */
340
- export declare function getSocketOauthIntrospectionClientSecret(): string;
341
- /**
342
- * OAuth issuer URL for the MCP HTTP server. SOCKET_OAUTH_ISSUER — issuer to
343
- * validate inbound OAuth tokens against. Returns the empty string when unset;
344
- * callers treat empty as "no issuer configured".
345
- *
346
- * @example
347
- * ;```typescript
348
- * import { getSocketOauthIssuer } from '@socketsecurity/lib/env/socket'
349
- *
350
- * const issuer = getSocketOauthIssuer()
351
- * if (issuer) { ... }
352
- * ```
353
- *
354
- * @returns The OAuth issuer URL, or `''` if not set
355
- */
356
- export declare function getSocketOauthIssuer(): string;
357
- /**
358
- * Required OAuth scopes for the MCP HTTP server. SOCKET_OAUTH_REQUIRED_SCOPES —
359
- * whitespace-separated list of scopes inbound tokens must carry. Defaults to
360
- * `'packages:list'` (the minimum scope socket-mcp's depscore tool needs).
361
- *
362
- * @example
363
- * ;```typescript
364
- * import { getSocketOauthRequiredScopes } from '@socketsecurity/lib/env/socket'
365
- *
366
- * const scopes = getSocketOauthRequiredScopes().split(/\s+/u)
367
- * ```
368
- *
369
- * @returns The required-scopes string, defaulting to `'packages:list'`
370
- */
371
- export declare function getSocketOauthRequiredScopes(): string;
372
279
  /**
373
280
  * SOCKET_ORG_SLUG environment variable getter. Socket Security organization
374
281
  * slug identifier.
@@ -430,19 +337,4 @@ export declare function getSocketRepositoryName(): string | undefined;
430
337
  * @returns `true` if viewing all risks, `false` otherwise
431
338
  */
432
339
  export declare function getSocketViewAllRisks(): boolean;
433
- /**
434
- * Whether the MCP HTTP server should trust upstream proxy headers. TRUST_PROXY
435
- * — when set to the literal string `'true'`, the server honors
436
- * `X-Forwarded-Host` / `X-Forwarded-Proto` when composing OAuth metadata URLs.
437
- * Off by default to prevent header spoofing when no upstream proxy is present.
438
- *
439
- * @example
440
- * ;```typescript
441
- * import { getTrustProxy } from '@socketsecurity/lib/env/socket'
442
- *
443
- * if (getTrustProxy()) { ... }
444
- * ```
445
- *
446
- * @returns `true` if proxy headers are trusted, `false` otherwise
447
- */
448
- export declare function getTrustProxy(): boolean;
340
+ export { getMcpHttpMode, getMcpPort, getSocketOauthIntrospectionClientId, getSocketOauthIntrospectionClientSecret, getSocketOauthIssuer, getSocketOauthRequiredScopes, getTrustProxy, } from './socket-mcp';
package/dist/env/socket.js CHANGED
@@ -4,51 +4,13 @@ Object.defineProperty(exports, Symbol.toStringTag, { value: 'Module' });
4
4
  const require_env_boolean = require('./boolean.js');
5
5
  const require_env_rewire = require('./rewire.js');
6
6
  const require_env_number = require('./number.js');
7
+ const require_env_socket_mcp = require('./socket-mcp.js');
7
8
 
8
9
  //#region src/env/socket.ts
9
10
  /**
10
11
  * @file Socket Security environment variable getters.
11
12
  */
12
13
  /**
13
- * Whether the MCP server should run in HTTP mode. MCP_HTTP_MODE — when set to
14
- * the literal string `'true'`, the MCP server serves over HTTP instead of
15
- * stdio. Returns `false` for any other value (including unset).
16
- *
17
- * @example
18
- * ;```typescript
19
- * import { getMcpHttpMode } from '@socketsecurity/lib/env/socket'
20
- *
21
- * if (getMcpHttpMode()) {
22
- * startHttpServer()
23
- * }
24
- * ```
25
- *
26
- * @returns `true` if HTTP mode is enabled, `false` otherwise
27
- */
28
- /* @__NO_SIDE_EFFECTS__ */
29
- function getMcpHttpMode() {
30
- return require_env_rewire.getEnvValue("MCP_HTTP_MODE") === "true";
31
- }
32
- /**
33
- * MCP HTTP server listen port. MCP_PORT — port the MCP HTTP server binds to.
34
- * Defaults to `3000` (matches socket-mcp's documented default). Invalid /
35
- * non-numeric values also fall back to `3000`.
36
- *
37
- * @example
38
- * ;```typescript
39
- * import { getMcpPort } from '@socketsecurity/lib/env/socket'
40
- *
41
- * const port = getMcpPort()
42
- * ```
43
- *
44
- * @returns The MCP server port (default `3000`)
45
- */
46
- /* @__NO_SIDE_EFFECTS__ */
47
- function getMcpPort() {
48
- const parsed = /* @__PURE__ */ require_env_number.envAsNumber(require_env_rewire.getEnvValue("MCP_PORT"));
49
- return Number.isFinite(parsed) && parsed > 0 ? parsed : 3e3;
50
- }
51
- /**
52
14
  * SOCKET_ACCEPT_RISKS environment variable getter. Whether to accept all Socket
53
15
  * Security risks.
54
16
  *
@@ -63,9 +25,8 @@ function getMcpPort() {
63
25
  *
64
26
  * @returns `true` if risks are accepted, `false` otherwise
65
27
  */
66
- /* @__NO_SIDE_EFFECTS__ */
67
28
  function getSocketAcceptRisks() {
68
- return /* @__PURE__ */ require_env_boolean.envAsBoolean(require_env_rewire.getEnvValue("SOCKET_ACCEPT_RISKS"));
29
+ return require_env_boolean.envAsBoolean(require_env_rewire.getEnvValue("SOCKET_ACCEPT_RISKS"));
69
30
  }
70
31
  /**
71
32
  * SOCKET_API_BASE_URL environment variable getter. Socket Security API base
@@ -81,7 +42,6 @@ function getSocketAcceptRisks() {
81
42
  *
82
43
  * @returns The API base URL, or `undefined` if not set
83
44
  */
84
- /* @__NO_SIDE_EFFECTS__ */
85
45
  function getSocketApiBaseUrl() {
86
46
  return require_env_rewire.getEnvValue("SOCKET_API_BASE_URL");
87
47
  }
@@ -99,7 +59,6 @@ function getSocketApiBaseUrl() {
99
59
  *
100
60
  * @returns The API proxy URL, or `undefined` if not set
101
61
  */
102
- /* @__NO_SIDE_EFFECTS__ */
103
62
  function getSocketApiProxy() {
104
63
  return require_env_rewire.getEnvValue("SOCKET_API_PROXY");
105
64
  }
@@ -117,9 +76,8 @@ function getSocketApiProxy() {
117
76
  *
118
77
  * @returns The timeout in milliseconds, or `0` if not set
119
78
  */
120
- /* @__NO_SIDE_EFFECTS__ */
121
79
  function getSocketApiTimeout() {
122
- return /* @__PURE__ */ require_env_number.envAsNumber(require_env_rewire.getEnvValue("SOCKET_API_TIMEOUT"));
80
+ return require_env_number.envAsNumber(require_env_rewire.getEnvValue("SOCKET_API_TIMEOUT"));
123
81
  }
124
82
  /**
125
83
  * Socket Security API authentication token.
@@ -141,7 +99,6 @@ function getSocketApiTimeout() {
141
99
  *
142
100
  * @returns The API token, or `undefined` if no name in the chain is set
143
101
  */
144
- /* @__NO_SIDE_EFFECTS__ */
145
102
  function getSocketApiToken() {
146
103
  return require_env_rewire.getEnvValue("SOCKET_API_TOKEN") || require_env_rewire.getEnvValue("SOCKET_API_KEY") || require_env_rewire.getEnvValue("SOCKET_CLI_API_TOKEN") || require_env_rewire.getEnvValue("SOCKET_CLI_API_KEY") || require_env_rewire.getEnvValue("SOCKET_SECURITY_API_TOKEN") || require_env_rewire.getEnvValue("SOCKET_SECURITY_API_KEY");
147
104
  }
@@ -160,7 +117,6 @@ function getSocketApiToken() {
160
117
  *
161
118
  * @returns The API URL override, or `undefined` if not set
162
119
  */
163
- /* @__NO_SIDE_EFFECTS__ */
164
120
  function getSocketApiUrl() {
165
121
  return require_env_rewire.getEnvValue("SOCKET_API_URL");
166
122
  }
@@ -177,7 +133,6 @@ function getSocketApiUrl() {
177
133
  *
178
134
  * @returns The branch name, or `undefined` if not set
179
135
  */
180
- /* @__NO_SIDE_EFFECTS__ */
181
136
  function getSocketBranchName() {
182
137
  return require_env_rewire.getEnvValue("SOCKET_BRANCH_NAME");
183
138
  }
@@ -195,7 +150,6 @@ function getSocketBranchName() {
195
150
  *
196
151
  * @returns The cacache directory path, or `undefined` if not set
197
152
  */
198
- /* @__NO_SIDE_EFFECTS__ */
199
153
  function getSocketCacacheDirEnv() {
200
154
  return require_env_rewire.getEnvValue("SOCKET_CACACHE_DIR");
201
155
  }
@@ -215,7 +169,6 @@ function getSocketCacacheDirEnv() {
215
169
  *
216
170
  * @returns The override URL, or `undefined` when default applies
217
171
  */
218
- /* @__NO_SIDE_EFFECTS__ */
219
172
  function getSocketCloudAuthUrl() {
220
173
  return require_env_rewire.getEnvValue("SOCKET_CLOUD_AUTH_URL");
221
174
  }
@@ -227,7 +180,6 @@ function getSocketCloudAuthUrl() {
227
180
  *
228
181
  * @returns The client ID, or `undefined` if not set
229
182
  */
230
- /* @__NO_SIDE_EFFECTS__ */
231
183
  function getSocketCloudClientId() {
232
184
  return require_env_rewire.getEnvValue("SOCKET_CLOUD_CLIENT_ID");
233
185
  }
@@ -238,7 +190,6 @@ function getSocketCloudClientId() {
238
190
  *
239
191
  * @returns The client secret, or `undefined` if not set
240
192
  */
241
- /* @__NO_SIDE_EFFECTS__ */
242
193
  function getSocketCloudClientSecret() {
243
194
  return require_env_rewire.getEnvValue("SOCKET_CLOUD_CLIENT_SECRET");
244
195
  }
@@ -249,7 +200,6 @@ function getSocketCloudClientSecret() {
249
200
  *
250
201
  * @returns The override URL, or `undefined` when default applies
251
202
  */
252
- /* @__NO_SIDE_EFFECTS__ */
253
203
  function getSocketCloudIntrospectUrl() {
254
204
  return require_env_rewire.getEnvValue("SOCKET_CLOUD_INTROSPECT_URL");
255
205
  }
@@ -260,7 +210,6 @@ function getSocketCloudIntrospectUrl() {
260
210
  *
261
211
  * @returns The override URL, or `undefined` when default applies
262
212
  */
263
- /* @__NO_SIDE_EFFECTS__ */
264
213
  function getSocketCloudTokenUrl() {
265
214
  return require_env_rewire.getEnvValue("SOCKET_CLOUD_TOKEN_URL");
266
215
  }
@@ -271,7 +220,6 @@ function getSocketCloudTokenUrl() {
271
220
  *
272
221
  * @returns The override URL, or `undefined` when default applies
273
222
  */
274
- /* @__NO_SIDE_EFFECTS__ */
275
223
  function getSocketCloudUserinfoUrl() {
276
224
  return require_env_rewire.getEnvValue("SOCKET_CLOUD_USERINFO_URL");
277
225
  }
@@ -289,7 +237,6 @@ function getSocketCloudUserinfoUrl() {
289
237
  *
290
238
  * @returns The config file path, or `undefined` if not set
291
239
  */
292
- /* @__NO_SIDE_EFFECTS__ */
293
240
  function getSocketConfig() {
294
241
  return require_env_rewire.getEnvValue("SOCKET_CONFIG");
295
242
  }
@@ -307,7 +254,6 @@ function getSocketConfig() {
307
254
  *
308
255
  * @returns The Socket debug filter, or `undefined` if not set
309
256
  */
310
- /* @__NO_SIDE_EFFECTS__ */
311
257
  function getSocketDebug() {
312
258
  return require_env_rewire.getEnvValue("SOCKET_DEBUG");
313
259
  }
@@ -325,7 +271,6 @@ function getSocketDebug() {
325
271
  *
326
272
  * @returns The DLX directory path, or `undefined` if not set
327
273
  */
328
- /* @__NO_SIDE_EFFECTS__ */
329
274
  function getSocketDlxDirEnv() {
330
275
  return require_env_rewire.getEnvValue("SOCKET_DLX_DIR");
331
276
  }
@@ -342,7 +287,6 @@ function getSocketDlxDirEnv() {
342
287
  *
343
288
  * @returns The Socket home directory, or `undefined` if not set
344
289
  */
345
- /* @__NO_SIDE_EFFECTS__ */
346
290
  function getSocketHome() {
347
291
  return require_env_rewire.getEnvValue("SOCKET_HOME");
348
292
  }
@@ -361,9 +305,8 @@ function getSocketHome() {
361
305
  *
362
306
  * @returns `true` if the API token requirement is skipped, `false` otherwise
363
307
  */
364
- /* @__NO_SIDE_EFFECTS__ */
365
308
  function getSocketNoApiToken() {
366
- return /* @__PURE__ */ require_env_boolean.envAsBoolean(require_env_rewire.getEnvValue("SOCKET_NO_API_TOKEN"));
309
+ return require_env_boolean.envAsBoolean(require_env_rewire.getEnvValue("SOCKET_NO_API_TOKEN"));
367
310
  }
368
311
  /**
369
312
  * SOCKET_NPM_REGISTRY environment variable getter. Socket NPM registry URL
@@ -379,84 +322,10 @@ function getSocketNoApiToken() {
379
322
  *
380
323
  * @returns The Socket NPM registry URL, or `undefined` if not set
381
324
  */
382
- /* @__NO_SIDE_EFFECTS__ */
383
325
  function getSocketNpmRegistry() {
384
326
  return require_env_rewire.getEnvValue("SOCKET_NPM_REGISTRY");
385
327
  }
386
328
  /**
387
- * OAuth introspection client ID for the MCP HTTP server.
388
- * SOCKET_OAUTH_INTROSPECTION_CLIENT_ID — client credential used to call the
389
- * issuer's introspection endpoint. Empty string when unset.
390
- *
391
- * @example
392
- * ;```typescript
393
- * import { getSocketOauthIntrospectionClientId } from '@socketsecurity/lib/env/socket'
394
- *
395
- * const clientId = getSocketOauthIntrospectionClientId()
396
- * ```
397
- *
398
- * @returns The OAuth client ID, or `''` if not set
399
- */
400
- /* @__NO_SIDE_EFFECTS__ */
401
- function getSocketOauthIntrospectionClientId() {
402
- return require_env_rewire.getEnvValue("SOCKET_OAUTH_INTROSPECTION_CLIENT_ID") ?? "";
403
- }
404
- /**
405
- * OAuth introspection client secret for the MCP HTTP server.
406
- * SOCKET_OAUTH_INTROSPECTION_CLIENT_SECRET — paired with the client ID for
407
- * authenticated introspection requests. Empty string when unset.
408
- *
409
- * @example
410
- * ;```typescript
411
- * import { getSocketOauthIntrospectionClientSecret } from '@socketsecurity/lib/env/socket'
412
- *
413
- * const clientSecret = getSocketOauthIntrospectionClientSecret()
414
- * ```
415
- *
416
- * @returns The OAuth client secret, or `''` if not set
417
- */
418
- /* @__NO_SIDE_EFFECTS__ */
419
- function getSocketOauthIntrospectionClientSecret() {
420
- return require_env_rewire.getEnvValue("SOCKET_OAUTH_INTROSPECTION_CLIENT_SECRET") ?? "";
421
- }
422
- /**
423
- * OAuth issuer URL for the MCP HTTP server. SOCKET_OAUTH_ISSUER — issuer to
424
- * validate inbound OAuth tokens against. Returns the empty string when unset;
425
- * callers treat empty as "no issuer configured".
426
- *
427
- * @example
428
- * ;```typescript
429
- * import { getSocketOauthIssuer } from '@socketsecurity/lib/env/socket'
430
- *
431
- * const issuer = getSocketOauthIssuer()
432
- * if (issuer) { ... }
433
- * ```
434
- *
435
- * @returns The OAuth issuer URL, or `''` if not set
436
- */
437
- /* @__NO_SIDE_EFFECTS__ */
438
- function getSocketOauthIssuer() {
439
- return require_env_rewire.getEnvValue("SOCKET_OAUTH_ISSUER") ?? "";
440
- }
441
- /**
442
- * Required OAuth scopes for the MCP HTTP server. SOCKET_OAUTH_REQUIRED_SCOPES —
443
- * whitespace-separated list of scopes inbound tokens must carry. Defaults to
444
- * `'packages:list'` (the minimum scope socket-mcp's depscore tool needs).
445
- *
446
- * @example
447
- * ;```typescript
448
- * import { getSocketOauthRequiredScopes } from '@socketsecurity/lib/env/socket'
449
- *
450
- * const scopes = getSocketOauthRequiredScopes().split(/\s+/u)
451
- * ```
452
- *
453
- * @returns The required-scopes string, defaulting to `'packages:list'`
454
- */
455
- /* @__NO_SIDE_EFFECTS__ */
456
- function getSocketOauthRequiredScopes() {
457
- return require_env_rewire.getEnvValue("SOCKET_OAUTH_REQUIRED_SCOPES") ?? "packages:list";
458
- }
459
- /**
460
329
  * SOCKET_ORG_SLUG environment variable getter. Socket Security organization
461
330
  * slug identifier.
462
331
  *
@@ -470,7 +339,6 @@ function getSocketOauthRequiredScopes() {
470
339
  *
471
340
  * @returns The organization slug, or `undefined` if not set
472
341
  */
473
- /* @__NO_SIDE_EFFECTS__ */
474
342
  function getSocketOrgSlug() {
475
343
  return require_env_rewire.getEnvValue("SOCKET_ORG_SLUG");
476
344
  }
@@ -488,7 +356,6 @@ function getSocketOrgSlug() {
488
356
  *
489
357
  * @returns The Socket registry URL, or `undefined` if not set
490
358
  */
491
- /* @__NO_SIDE_EFFECTS__ */
492
359
  function getSocketRegistryUrl() {
493
360
  return require_env_rewire.getEnvValue("SOCKET_REGISTRY_URL");
494
361
  }
@@ -506,7 +373,6 @@ function getSocketRegistryUrl() {
506
373
  *
507
374
  * @returns The repository name, or `undefined` if neither is set
508
375
  */
509
- /* @__NO_SIDE_EFFECTS__ */
510
376
  function getSocketRepositoryName() {
511
377
  return require_env_rewire.getEnvValue("SOCKET_REPOSITORY_NAME") || require_env_rewire.getEnvValue("SOCKET_REPO_NAME");
512
378
  }
@@ -525,33 +391,13 @@ function getSocketRepositoryName() {
525
391
  *
526
392
  * @returns `true` if viewing all risks, `false` otherwise
527
393
  */
528
- /* @__NO_SIDE_EFFECTS__ */
529
394
  function getSocketViewAllRisks() {
530
- return /* @__PURE__ */ require_env_boolean.envAsBoolean(require_env_rewire.getEnvValue("SOCKET_VIEW_ALL_RISKS"));
531
- }
532
- /**
533
- * Whether the MCP HTTP server should trust upstream proxy headers. TRUST_PROXY
534
- * — when set to the literal string `'true'`, the server honors
535
- * `X-Forwarded-Host` / `X-Forwarded-Proto` when composing OAuth metadata URLs.
536
- * Off by default to prevent header spoofing when no upstream proxy is present.
537
- *
538
- * @example
539
- * ;```typescript
540
- * import { getTrustProxy } from '@socketsecurity/lib/env/socket'
541
- *
542
- * if (getTrustProxy()) { ... }
543
- * ```
544
- *
545
- * @returns `true` if proxy headers are trusted, `false` otherwise
546
- */
547
- /* @__NO_SIDE_EFFECTS__ */
548
- function getTrustProxy() {
549
- return require_env_rewire.getEnvValue("TRUST_PROXY") === "true";
395
+ return require_env_boolean.envAsBoolean(require_env_rewire.getEnvValue("SOCKET_VIEW_ALL_RISKS"));
550
396
  }
551
397
 
552
398
  //#endregion
553
- exports.getMcpHttpMode = getMcpHttpMode;
554
- exports.getMcpPort = getMcpPort;
399
+ exports.getMcpHttpMode = require_env_socket_mcp.getMcpHttpMode;
400
+ exports.getMcpPort = require_env_socket_mcp.getMcpPort;
555
401
  exports.getSocketAcceptRisks = getSocketAcceptRisks;
556
402
  exports.getSocketApiBaseUrl = getSocketApiBaseUrl;
557
403
  exports.getSocketApiProxy = getSocketApiProxy;
@@ -572,12 +418,12 @@ exports.getSocketDlxDirEnv = getSocketDlxDirEnv;
572
418
  exports.getSocketHome = getSocketHome;
573
419
  exports.getSocketNoApiToken = getSocketNoApiToken;
574
420
  exports.getSocketNpmRegistry = getSocketNpmRegistry;
575
- exports.getSocketOauthIntrospectionClientId = getSocketOauthIntrospectionClientId;
576
- exports.getSocketOauthIntrospectionClientSecret = getSocketOauthIntrospectionClientSecret;
577
- exports.getSocketOauthIssuer = getSocketOauthIssuer;
578
- exports.getSocketOauthRequiredScopes = getSocketOauthRequiredScopes;
421
+ exports.getSocketOauthIntrospectionClientId = require_env_socket_mcp.getSocketOauthIntrospectionClientId;
422
+ exports.getSocketOauthIntrospectionClientSecret = require_env_socket_mcp.getSocketOauthIntrospectionClientSecret;
423
+ exports.getSocketOauthIssuer = require_env_socket_mcp.getSocketOauthIssuer;
424
+ exports.getSocketOauthRequiredScopes = require_env_socket_mcp.getSocketOauthRequiredScopes;
579
425
  exports.getSocketOrgSlug = getSocketOrgSlug;
580
426
  exports.getSocketRegistryUrl = getSocketRegistryUrl;
581
427
  exports.getSocketRepositoryName = getSocketRepositoryName;
582
428
  exports.getSocketViewAllRisks = getSocketViewAllRisks;
583
- exports.getTrustProxy = getTrustProxy;
429
+ exports.getTrustProxy = require_env_socket_mcp.getTrustProxy;
package/dist/env/string.js CHANGED
@@ -31,7 +31,6 @@ const require_primordials_array = require('../primordials/array.js');
31
31
  *
32
32
  * @returns The string value, or the default value
33
33
  */
34
- /* @__NO_SIDE_EFFECTS__ */
35
34
  function envAsString(value, defaultValueOrOptions = "") {
36
35
  /* c8 ignore stop */
37
36
  const { defaultValue = "", trim = true } = typeof defaultValueOrOptions === "object" && defaultValueOrOptions !== null && !require_primordials_array.ArrayIsArray(defaultValueOrOptions) && ("defaultValue" in defaultValueOrOptions || "trim" in defaultValueOrOptions) ? defaultValueOrOptions : { defaultValue: defaultValueOrOptions === void 0 ? "" : typeof defaultValueOrOptions === "string" ? defaultValueOrOptions : require_primordials_string.StringCtor(defaultValueOrOptions) };
package/dist/env/temp-dir.js CHANGED
@@ -21,7 +21,6 @@ const require_env_rewire = require('./rewire.js');
21
21
  *
22
22
  * @returns The Windows temp directory path, or `undefined` if not set
23
23
  */
24
- /* @__NO_SIDE_EFFECTS__ */
25
24
  function getTemp() {
26
25
  return require_env_rewire.getEnvValue("TEMP");
27
26
  }
@@ -38,7 +37,6 @@ function getTemp() {
38
37
  *
39
38
  * @returns The alternative temp directory path, or `undefined` if not set
40
39
  */
41
- /* @__NO_SIDE_EFFECTS__ */
42
40
  function getTmp() {
43
41
  return require_env_rewire.getEnvValue("TMP");
44
42
  }
@@ -55,7 +53,6 @@ function getTmp() {
55
53
  *
56
54
  * @returns The Unix/macOS temp directory path, or `undefined` if not set
57
55
  */
58
- /* @__NO_SIDE_EFFECTS__ */
59
56
  function getTmpdir() {
60
57
  return require_env_rewire.getEnvValue("TMPDIR");
61
58
  }
package/dist/env/term.js CHANGED
@@ -22,7 +22,6 @@ const require_env_rewire = require('./rewire.js');
22
22
  *
23
23
  * @returns The terminal type identifier, or `undefined` if not set
24
24
  */
25
- /* @__NO_SIDE_EFFECTS__ */
26
25
  function getTerm() {
27
26
  return require_env_rewire.getEnvValue("TERM");
28
27
  }
package/dist/env/test.js CHANGED
@@ -24,9 +24,8 @@ const require_env_string = require('./string.js');
24
24
  *
25
25
  * @returns The Jest worker ID string, or empty string if not set
26
26
  */
27
- /* @__NO_SIDE_EFFECTS__ */
28
27
  function getJestWorkerId() {
29
- return /* @__PURE__ */ require_env_string.envAsString(require_env_rewire.getEnvValue("JEST_WORKER_ID"));
28
+ return require_env_string.envAsString(require_env_rewire.getEnvValue("JEST_WORKER_ID"));
30
29
  }
31
30
  /**
32
31
  * VITEST environment variable. Set when running tests with Vitest.
@@ -42,9 +41,8 @@ function getJestWorkerId() {
42
41
  *
43
42
  * @returns `true` if running in Vitest, `false` otherwise
44
43
  */
45
- /* @__NO_SIDE_EFFECTS__ */
46
44
  function getVitest() {
47
- return /* @__PURE__ */ require_env_boolean.envAsBoolean(require_env_rewire.getEnvValue("VITEST"));
45
+ return require_env_boolean.envAsBoolean(require_env_rewire.getEnvValue("VITEST"));
48
46
  }
49
47
  /**
50
48
  * Check if code is running in a test environment. Checks NODE_ENV, VITEST, and
@@ -61,9 +59,8 @@ function getVitest() {
61
59
  *
62
60
  * @returns `true` if running in a test environment, `false` otherwise
63
61
  */
64
- /* @__NO_SIDE_EFFECTS__ */
65
62
  function isTest() {
66
- return /* @__PURE__ */ require_env_string.envAsString(/* @__PURE__ */ require_env_node_env.getNodeEnv()) === "test" || /* @__PURE__ */ getVitest() || !!/* @__PURE__ */ getJestWorkerId();
63
+ return require_env_string.envAsString(require_env_node_env.getNodeEnv()) === "test" || getVitest() || !!getJestWorkerId();
67
64
  }
68
65
 
69
66
  //#endregion
package/dist/env/windows.js CHANGED
@@ -22,7 +22,6 @@ const require_env_rewire = require('./rewire.js');
22
22
  *
23
23
  * @returns The Windows AppData roaming directory, or `undefined` if not set
24
24
  */
25
- /* @__NO_SIDE_EFFECTS__ */
26
25
  function getAppdata() {
27
26
  return require_env_rewire.getEnvValue("APPDATA");
28
27
  }
@@ -40,7 +39,6 @@ function getAppdata() {
40
39
  *
41
40
  * @returns The path to the command processor, or `undefined` if not set
42
41
  */
43
- /* @__NO_SIDE_EFFECTS__ */
44
42
  function getComspec() {
45
43
  return require_env_rewire.getEnvValue("COMSPEC");
46
44
  }
@@ -58,7 +56,6 @@ function getComspec() {
58
56
  *
59
57
  * @returns The Windows local AppData directory, or `undefined` if not set
60
58
  */
61
- /* @__NO_SIDE_EFFECTS__ */
62
59
  function getLocalappdata() {
63
60
  return require_env_rewire.getEnvValue("LOCALAPPDATA");
64
61
  }
@@ -75,7 +72,6 @@ function getLocalappdata() {
75
72
  *
76
73
  * @returns The Windows user profile directory, or `undefined` if not set
77
74
  */
78
- /* @__NO_SIDE_EFFECTS__ */
79
75
  function getUserprofile() {
80
76
  return require_env_rewire.getEnvValue("USERPROFILE");
81
77
  }
package/dist/env/xdg.js CHANGED
@@ -22,7 +22,6 @@ const require_env_rewire = require('./rewire.js');
22
22
  *
23
23
  * @returns The XDG cache directory path, or `undefined` if not set
24
24
  */
25
- /* @__NO_SIDE_EFFECTS__ */
26
25
  function getXdgCacheHome() {
27
26
  return require_env_rewire.getEnvValue("XDG_CACHE_HOME");
28
27
  }
@@ -40,7 +39,6 @@ function getXdgCacheHome() {
40
39
  *
41
40
  * @returns The XDG config directory path, or `undefined` if not set
42
41
  */
43
- /* @__NO_SIDE_EFFECTS__ */
44
42
  function getXdgConfigHome() {
45
43
  return require_env_rewire.getEnvValue("XDG_CONFIG_HOME");
46
44
  }
@@ -58,7 +56,6 @@ function getXdgConfigHome() {
58
56
  *
59
57
  * @returns The XDG data directory path, or `undefined` if not set
60
58
  */
61
- /* @__NO_SIDE_EFFECTS__ */
62
59
  function getXdgDataHome() {
63
60
  return require_env_rewire.getEnvValue("XDG_DATA_HOME");
64
61
  }
package/dist/events/exit/_internal.d.ts CHANGED
@@ -8,10 +8,12 @@
8
8
  * License — Copyright (c) 2015-2023 Benjamin Coe, Isaac Z. Schlueter, and
9
9
  * Contributors.
10
10
  */
11
+ import type { EventEmitter } from 'node:events';
12
+ import type * as NodeEvents from 'node:events';
11
13
  import type { SignalExitEmitter } from './types';
12
14
  export declare const globalProcess: (NodeJS.Process & {
13
- __signal_exit_emitter__?: import('node:events').EventEmitter;
14
- reallyExit?: (code?: number | undefined) => never;
15
+ __signal_exit_emitter__?: EventEmitter | undefined;
16
+ reallyExit?: ((code?: number | undefined) => never) | undefined;
15
17
  }) | undefined;
16
18
  export declare const originalProcessEmit: {
17
19
  (event: "beforeExit", code: number): boolean;
@@ -23,17 +25,17 @@ export declare const originalProcessEmit: {
23
25
  (event: "unhandledRejection", reason: unknown, promise: Promise<unknown>): boolean;
24
26
  (event: "warning", warning: Error): boolean;
25
27
  (event: "message", message: unknown, sendHandle: import("child_process").SendHandle): NodeJS.Process & {
26
- __signal_exit_emitter__?: import('node:events').EventEmitter;
27
- reallyExit?: (code?: number | undefined) => never;
28
+ __signal_exit_emitter__?: EventEmitter | undefined;
29
+ reallyExit?: ((code?: number | undefined) => never) | undefined;
28
30
  };
29
31
  (event: NodeJS.Signals, signal?: NodeJS.Signals): boolean;
30
32
  (event: "multipleResolves", type: NodeJS.MultipleResolveType, promise: Promise<unknown>, value: unknown): NodeJS.Process & {
31
- __signal_exit_emitter__?: import('node:events').EventEmitter;
32
- reallyExit?: (code?: number | undefined) => never;
33
+ __signal_exit_emitter__?: EventEmitter | undefined;
34
+ reallyExit?: ((code?: number | undefined) => never) | undefined;
33
35
  };
34
36
  (event: "worker", listener: NodeJS.WorkerListener): NodeJS.Process & {
35
- __signal_exit_emitter__?: import('node:events').EventEmitter;
36
- reallyExit?: (code?: number | undefined) => never;
37
+ __signal_exit_emitter__?: EventEmitter | undefined;
38
+ reallyExit?: ((code?: number | undefined) => never) | undefined;
37
39
  };
38
40
  } | undefined;
39
41
  export declare const platform: string;
@@ -41,7 +43,7 @@ export declare const originalProcessReallyExit: ((code?: number | undefined) =>
41
43
  export declare const WIN32: boolean;
42
44
  export declare function emit(event: string, code: number | undefined, signal: string | undefined): void;
43
45
  export declare function getEmitter(): SignalExitEmitter;
44
- export declare function getEvents(): typeof import('node:events');
46
+ export declare function getEvents(): typeof NodeEvents;
45
47
  /**
46
48
  * Get the cached signal list. Triggers lazy init on first call; after `load()`
47
49
  * runs it returns the filtered subset of successfully registered signals