npm - @socketsecurity/lib - Versions diffs - 6.0.6 → 6.0.8 - Mend

@socketsecurity/lib 6.0.6 → 6.0.8

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (619) hide show

package/CHANGELOG.md +46 -1
package/README.md +1 -1
package/dist/ai/agent-context.d.mts +103 -0
package/dist/ai/agent-context.js +157 -0
package/dist/ai/backends.d.mts +83 -0
package/dist/ai/backends.js +173 -0
package/dist/ai/credentials.d.mts +49 -0
package/dist/ai/credentials.js +82 -0
package/dist/ai/discover.d.mts +6 -2
package/dist/ai/discover.js +4 -3
package/dist/ai/exec.d.mts +52 -0
package/dist/ai/exec.js +92 -0
package/dist/ai/http.d.mts +132 -0
package/dist/ai/http.js +130 -0
package/dist/ai/profiles.d.mts +41 -6
package/dist/ai/profiles.js +52 -10
package/dist/ai/route.d.mts +69 -0
package/dist/ai/route.js +156 -0
package/dist/ai/spawn.d.mts +10 -2
package/dist/ai/spawn.js +56 -31
package/dist/ai/subagent-status.d.mts +48 -0
package/dist/ai/subagent-status.js +57 -0
package/dist/ai/tier.d.mts +60 -0
package/dist/ai/tier.js +53 -0
package/dist/ai/types.d.mts +31 -6
package/dist/ai/worktree.d.mts +6 -6
package/dist/ai/worktree.js +5 -1
package/dist/ansi/strip.d.ts +1 -1
package/dist/ansi/strip.js +0 -2
package/dist/archives/_internal.js +7 -9
package/dist/archives/extract.js +1 -1
package/dist/archives/tar.js +7 -7
package/dist/archives/zip.js +5 -7
package/dist/argv/flag-predicates.d.ts +12 -12
package/dist/argv/flag-predicates.js +17 -17
package/dist/argv/flag-types.d.ts +18 -18
package/dist/argv/flag-types.js +4 -4
package/dist/argv/parse.d.ts +20 -3
package/dist/argv/parse.js +1 -1
package/dist/arrays/_internal.js +11 -12
package/dist/arrays/chunk.js +0 -1
package/dist/arrays/join.d.ts +37 -3
package/dist/arrays/join.js +47 -7
package/dist/arrays/unique.js +0 -1
package/dist/bin/_internal.d.ts +1 -1
package/dist/bin/_internal.js +1 -1
package/dist/bin/exec.js +2 -3
package/dist/bin/find.js +17 -17
package/dist/bin/prim.cjs +36175 -35861
package/dist/bin/resolve.js +13 -14
package/dist/bin/which.js +8 -8
package/dist/cache/ttl/store.js +6 -6
package/dist/checks/primordials-defaults.d.ts +3 -3
package/dist/checks/primordials-defaults.js +3 -3
package/dist/checks/primordials.js +4 -3
package/dist/{bin → cli}/check-primordials.d.ts +18 -13
package/dist/{bin → cli}/check-primordials.js +58 -55
package/dist/{bin → cli}/check.js +3 -3
package/dist/{bin → cli}/socket-lib.d.ts +1 -1
package/dist/{bin → cli}/socket-lib.js +4 -4
package/dist/colors/socket-palette.js +7 -9
package/dist/compression/_internal.d.ts +12 -12
package/dist/compression/_internal.js +18 -18
package/dist/compression/brotli.d.ts +26 -27
package/dist/compression/brotli.js +39 -35
package/dist/compression/gzip.d.ts +23 -23
package/dist/compression/gzip.js +46 -42
package/dist/constants/agents.d.ts +3 -1
package/dist/constants/agents.js +15 -11
package/dist/constants/licenses.js +3 -3
package/dist/constants/node.d.ts +23 -0
package/dist/constants/node.js +47 -15
package/dist/constants/packages.d.ts +3 -0
package/dist/constants/packages.js +24 -29
package/dist/constants/platform.d.ts +30 -3
package/dist/constants/platform.js +72 -12
package/dist/constants/runtime.d.ts +22 -0
package/dist/constants/runtime.js +32 -0
package/dist/constants/socket.d.ts +2 -6
package/dist/constants/socket.js +12 -14
package/dist/cover/code.js +10 -10
package/dist/cover/formatters.js +5 -5
package/dist/crypto/hash.d.ts +30 -2
package/dist/crypto/hash.js +47 -13
package/dist/debug/_internal.js +4 -6
package/dist/debug/caller-info.js +3 -4
package/dist/debug/namespace.d.ts +7 -0
package/dist/debug/namespace.js +21 -12
package/dist/debug/output.js +21 -24
package/dist/debug/types.d.ts +4 -4
package/dist/dlx/arborist.js +18 -8
package/dist/dlx/binary-cache.js +15 -15
package/dist/dlx/binary-download.d.ts +1 -1
package/dist/dlx/binary-download.js +11 -11
package/dist/dlx/binary-resolution.js +17 -15
package/dist/dlx/binary-types.d.ts +5 -5
package/dist/dlx/binary.js +5 -5
package/dist/dlx/cache.js +1 -1
package/dist/dlx/detect.d.ts +42 -25
package/dist/dlx/detect.js +86 -77
package/dist/dlx/dir.js +2 -2
package/dist/dlx/firewall.d.ts +9 -1
package/dist/dlx/firewall.js +1 -1
package/dist/dlx/lockfile.d.ts +19 -18
package/dist/dlx/lockfile.js +19 -16
package/dist/dlx/manifest.d.ts +6 -6
package/dist/dlx/manifest.js +5 -5
package/dist/dlx/package.d.ts +10 -10
package/dist/dlx/package.js +20 -16
package/dist/dlx/packages.js +4 -4
package/dist/dlx/paths.js +7 -7
package/dist/dlx/spec.js +1 -1
package/dist/dlx/types.d.ts +28 -27
package/dist/eco/cargo/parse-lockfile.d.ts +2 -3
package/dist/eco/cargo/parse-lockfile.js +5 -5
package/dist/eco/manifest/analyze-lockfile.js +2 -2
package/dist/eco/manifest/detect-format.js +5 -5
package/dist/eco/manifest/find-packages.js +2 -2
package/dist/eco/manifest/get-package-versions.js +2 -2
package/dist/eco/manifest/get-package.js +2 -2
package/dist/eco/manifest/parse-lockfile.js +2 -2
package/dist/eco/manifest/parse-manifest.js +2 -2
package/dist/eco/manifest/parse.js +2 -2
package/dist/eco/npm/npm/exec.js +2 -2
package/dist/eco/npm/npm/flags.js +7 -12
package/dist/eco/npm/npm/parse-lockfile.d.ts +17 -18
package/dist/eco/npm/npm/parse-lockfile.js +4 -4
package/dist/eco/npm/parse-package-json.d.ts +11 -0
package/dist/eco/npm/parse-package-json.js +3 -3
package/dist/eco/npm/pnpm/exec.d.ts +1 -1
package/dist/eco/npm/pnpm/exec.js +5 -5
package/dist/eco/npm/pnpm/flags.js +0 -3
package/dist/eco/npm/pnpm/parse-lockfile.d.ts +6 -4
package/dist/eco/npm/pnpm/parse-lockfile.js +7 -7
package/dist/eco/npm/script.js +9 -6
package/dist/eco/npm/yarnpkg/yarn/exec.js +4 -4
package/dist/eco/npm/yarnpkg/yarn/parse-lockfile.d.ts +3 -4
package/dist/eco/npm/yarnpkg/yarn/parse-lockfile.js +9 -9
package/dist/effects/pulse-frames.d.ts +3 -1
package/dist/effects/shimmer-keyframes.d.ts +1 -1
package/dist/effects/shimmer-terminal.d.ts +1 -1
package/dist/env/boolean.js +0 -1
package/dist/env/ci.js +0 -1
package/dist/env/debug.js +0 -1
package/dist/env/github-status.d.ts +51 -0
package/dist/env/github-status.js +90 -0
package/dist/env/github.js +0 -8
package/dist/env/home.js +0 -1
package/dist/env/locale.js +0 -3
package/dist/env/node-auth-token.js +0 -1
package/dist/env/node-env.js +0 -1
package/dist/env/node-version-managers.d.ts +53 -0
package/dist/env/node-version-managers.js +90 -0
package/dist/env/npm.js +0 -5
package/dist/env/number.js +0 -1
package/dist/env/package-manager.js +3 -6
package/dist/env/path.js +0 -1
package/dist/env/pre-commit.js +1 -2
package/dist/env/proxy.js +1 -1
package/dist/env/rewire.d.ts +8 -6
package/dist/env/rewire.js +16 -17
package/dist/env/shell.js +0 -1
package/dist/env/socket-cli.js +5 -18
package/dist/env/socket-mcp.d.ts +114 -0
package/dist/env/socket-mcp.js +146 -0
package/dist/env/socket.d.ts +8 -109
package/dist/env/socket.js +22 -167
package/dist/env/string.js +0 -1
package/dist/env/temp-dir.js +0 -3
package/dist/env/term.js +0 -1
package/dist/env/test.js +3 -6
package/dist/env/windows.js +0 -4
package/dist/env/xdg.js +0 -3
package/dist/errors/predicates.js +1 -1
package/dist/events/exit/_internal.d.ts +11 -9
package/dist/events/exit/_internal.js +31 -35
package/dist/events/exit/handler.js +3 -4
package/dist/events/exit/intercept.js +4 -6
package/dist/events/exit/lifecycle.js +16 -18
package/dist/events/exit/signals.js +1 -2
package/dist/events/exit/types.d.ts +6 -5
package/dist/external/@npmcli/package-json.js +2 -2
package/dist/external/@npmcli/promise-spawn.js +3 -1
package/dist/external/npm-pack.js +2 -2
package/dist/external/pico-pack.js +4 -2
package/dist/external/which.js +3 -1
package/dist/external-tools/bazel/asset-names.d.ts +1 -1
package/dist/external-tools/bazel/asset-names.js +5 -2
package/dist/external-tools/bazel/from-download.d.ts +1 -1
package/dist/external-tools/bazel/from-download.js +5 -2
package/dist/external-tools/bazel/read-bazel-version-file.js +1 -1
package/dist/external-tools/bazel/resolve-bazel-version.js +4 -0
package/dist/external-tools/bazel/resolve.d.ts +3 -3
package/dist/external-tools/bazel/resolve.js +16 -8
package/dist/external-tools/bazel/types.d.ts +1 -1
package/dist/external-tools/cdxgen/asset-names.d.ts +1 -1
package/dist/external-tools/cdxgen/asset-names.js +5 -2
package/dist/external-tools/cdxgen/from-download.d.ts +1 -1
package/dist/external-tools/cdxgen/from-download.js +7 -4
package/dist/external-tools/cdxgen/from-vfs.js +1 -1
package/dist/external-tools/cdxgen/resolve.d.ts +3 -3
package/dist/external-tools/cdxgen/resolve.js +16 -8
package/dist/external-tools/cdxgen/types.d.ts +1 -1
package/dist/external-tools/from-download.d.ts +3 -3
package/dist/external-tools/from-download.js +12 -6
package/dist/external-tools/from-pip-venv.d.ts +1 -1
package/dist/external-tools/from-pip-venv.js +12 -5
package/dist/external-tools/janus/asset-names.d.ts +1 -1
package/dist/external-tools/janus/asset-names.js +5 -2
package/dist/external-tools/janus/from-download.d.ts +1 -1
package/dist/external-tools/janus/from-download.js +5 -2
package/dist/external-tools/janus/from-vfs.js +1 -1
package/dist/external-tools/janus/resolve.d.ts +3 -3
package/dist/external-tools/janus/resolve.js +16 -8
package/dist/external-tools/janus/types.d.ts +1 -1
package/dist/external-tools/jre/asset-names.d.ts +1 -1
package/dist/external-tools/jre/asset-names.js +5 -2
package/dist/external-tools/jre/detect-platform-arch.d.ts +10 -6
package/dist/external-tools/jre/detect-platform-arch.js +29 -14
package/dist/external-tools/jre/from-download.d.ts +1 -1
package/dist/external-tools/jre/from-download.js +7 -4
package/dist/external-tools/jre/from-java-home.js +2 -2
package/dist/external-tools/jre/from-vfs.js +3 -3
package/dist/external-tools/jre/resolve.d.ts +3 -3
package/dist/external-tools/jre/resolve.js +16 -8
package/dist/external-tools/jre/types.d.ts +1 -1
package/dist/external-tools/manifest.d.ts +25 -7
package/dist/external-tools/manifest.js +13 -13
package/dist/external-tools/opengrep/asset-names.d.ts +1 -1
package/dist/external-tools/opengrep/asset-names.js +5 -2
package/dist/external-tools/opengrep/from-download.d.ts +1 -1
package/dist/external-tools/opengrep/from-download.js +5 -2
package/dist/external-tools/opengrep/from-vfs.js +1 -1
package/dist/external-tools/opengrep/resolve.d.ts +3 -3
package/dist/external-tools/opengrep/resolve.js +16 -8
package/dist/external-tools/opengrep/types.d.ts +1 -1
package/dist/external-tools/python/asset-names.d.ts +76 -0
package/dist/external-tools/python/asset-names.js +111 -0
package/dist/external-tools/python/dlx.d.ts +80 -0
package/dist/external-tools/python/dlx.js +98 -0
package/dist/external-tools/python/from-download.d.ts +53 -0
package/dist/external-tools/python/from-download.js +75 -0
package/dist/external-tools/python/from-path.d.ts +7 -0
package/dist/external-tools/python/from-path.js +23 -0
package/dist/external-tools/python/pin.d.ts +121 -0
package/dist/external-tools/python/pin.js +176 -0
package/dist/external-tools/python/pip-install.d.ts +75 -0
package/dist/external-tools/python/pip-install.js +142 -0
package/dist/external-tools/python/resolve.d.ts +42 -0
package/dist/external-tools/python/resolve.js +66 -0
package/dist/external-tools/python/types.d.ts +49 -0
package/dist/external-tools/sbt/asset-names.d.ts +1 -1
package/dist/external-tools/sbt/asset-names.js +5 -2
package/dist/external-tools/sbt/from-download.d.ts +1 -1
package/dist/external-tools/sbt/from-download.js +5 -2
package/dist/external-tools/sbt/from-vfs.js +1 -1
package/dist/external-tools/sbt/resolve.d.ts +3 -3
package/dist/external-tools/sbt/resolve.js +16 -8
package/dist/external-tools/sbt/types.d.ts +1 -1
package/dist/external-tools/skillspector/from-dlx.d.ts +1 -1
package/dist/external-tools/skillspector/from-dlx.js +10 -3
package/dist/external-tools/skillspector/from-path.js +3 -5
package/dist/external-tools/skillspector/from-vfs.js +1 -1
package/dist/external-tools/skillspector/resolve.d.ts +2 -2
package/dist/external-tools/skillspector/resolve.js +14 -6
package/dist/external-tools/synp/asset-names.d.ts +1 -1
package/dist/external-tools/synp/asset-names.js +6 -2
package/dist/external-tools/synp/from-download.d.ts +1 -1
package/dist/external-tools/synp/from-download.js +7 -4
package/dist/external-tools/synp/from-vfs.js +1 -1
package/dist/external-tools/synp/resolve.d.ts +3 -3
package/dist/external-tools/synp/resolve.js +16 -8
package/dist/external-tools/trivy/asset-names.d.ts +1 -1
package/dist/external-tools/trivy/asset-names.js +5 -2
package/dist/external-tools/trivy/from-download.d.ts +1 -1
package/dist/external-tools/trivy/from-download.js +7 -4
package/dist/external-tools/trivy/from-vfs.js +1 -1
package/dist/external-tools/trivy/resolve.d.ts +3 -3
package/dist/external-tools/trivy/resolve.js +16 -8
package/dist/external-tools/trivy/types.d.ts +1 -1
package/dist/external-tools/trufflehog/asset-names.d.ts +1 -1
package/dist/external-tools/trufflehog/asset-names.js +5 -2
package/dist/external-tools/trufflehog/from-download.d.ts +1 -1
package/dist/external-tools/trufflehog/from-download.js +7 -4
package/dist/external-tools/trufflehog/from-vfs.js +1 -1
package/dist/external-tools/trufflehog/resolve.d.ts +3 -3
package/dist/external-tools/trufflehog/resolve.js +16 -8
package/dist/external-tools/trufflehog/types.d.ts +1 -1
package/dist/fs/_internal.d.ts +1 -1
package/dist/fs/_internal.js +7 -7
package/dist/fs/access.js +5 -9
package/dist/fs/allowed-dirs-cache.d.ts +47 -0
package/dist/fs/allowed-dirs-cache.js +69 -0
package/dist/fs/encoding.js +5 -7
package/dist/fs/{find-up.js → find.js} +12 -14
package/dist/fs/inspect.js +7 -13
package/dist/fs/read-dir.js +7 -10
package/dist/fs/read-file.js +8 -14
package/dist/fs/read-json-cache.d.ts +13 -4
package/dist/fs/read-json-cache.js +9 -6
package/dist/fs/read-json.js +4 -6
package/dist/fs/resolve-module.js +7 -3
package/dist/fs/safe.d.ts +1 -1
package/dist/fs/safe.js +13 -14
package/dist/fs/unique.js +4 -5
package/dist/fs/validate.js +1 -2
package/dist/fs/write-json.js +4 -5
package/dist/git/_internal.js +11 -11
package/dist/git/changed.js +4 -4
package/dist/git/repo.js +5 -7
package/dist/git/staged.js +12 -4
package/dist/git/tracked.d.ts +84 -0
package/dist/git/tracked.js +163 -0
package/dist/git/unstaged.js +12 -4
package/dist/github/ghsa.js +2 -2
package/dist/github/refs-cache.d.ts +1 -1
package/dist/github/refs-cache.js +5 -5
package/dist/github/refs-graphql.js +4 -0
package/dist/github/refs-rest.js +9 -5
package/dist/github/refs.js +15 -10
package/dist/github/{fetch.js → request.js} +13 -2
package/dist/github/token.js +1 -1
package/dist/github/types.d.ts +1 -1
package/dist/globs/_internal.js +8 -10
package/dist/globs/match.js +13 -7
package/dist/globs/matcher.d.ts +3 -3
package/dist/globs/matcher.js +16 -14
package/dist/globs/stream.js +1 -2
package/dist/globs/types.d.ts +24 -24
package/dist/http-request/_internal.d.ts +1 -1
package/dist/http-request/browser.js +10 -4
package/dist/http-request/checksum-file.d.ts +55 -0
package/dist/http-request/checksum-file.js +95 -0
package/dist/http-request/download-types.d.ts +15 -23
package/dist/http-request/download.js +3 -3
package/dist/http-request/{browser-fetch.d.ts → fetch/browser.d.ts} +2 -2
package/dist/http-request/{browser-fetch.js → fetch/browser.js} +4 -4
package/dist/http-request/headers.js +1 -2
package/dist/http-request/request-attempt.js +38 -34
package/dist/http-request/request-types.d.ts +2 -2
package/dist/http-request/request.js +1 -1
package/dist/http-request/user-agent.js +4 -5
package/dist/integrity.d.ts +92 -18
package/dist/integrity.js +125 -30
package/dist/ipc/directory.js +2 -2
package/dist/ipc/paths.js +1 -1
package/dist/ipc/write.js +1 -1
package/dist/ipc-cli/get.js +12 -12
package/dist/json/edit.js +51 -44
package/dist/json/format.js +1 -1
package/dist/json/parse.d.ts +1 -1
package/dist/json/parse.js +3 -7
package/dist/logger/_internal.d.ts +4 -4
package/dist/logger/_internal.js +3 -3
package/dist/logger/colors.js +4 -3
package/dist/logger/console-methods.d.ts +132 -0
package/dist/logger/console-methods.js +169 -0
package/dist/logger/console.d.ts +12 -0
package/dist/logger/console.js +42 -11
package/dist/logger/indentation-methods.d.ts +81 -0
package/dist/logger/indentation-methods.js +121 -0
package/dist/logger/node.d.ts +16 -338
package/dist/logger/node.js +75 -608
package/dist/logger/options.d.ts +39 -0
package/dist/logger/options.js +47 -0
package/dist/logger/semantic-methods.d.ts +63 -0
package/dist/logger/semantic-methods.js +108 -0
package/dist/logger/stream-methods.d.ts +63 -0
package/dist/logger/stream-methods.js +101 -0
package/dist/logger/stream.d.ts +37 -0
package/dist/logger/stream.js +42 -0
package/dist/logger/symbols-builder.js +9 -9
package/dist/logger/symbols.d.ts +2 -25
package/dist/logger/symbols.js +53 -74
package/dist/logger/types.d.ts +1 -1
package/dist/memo/types.d.ts +6 -6
package/dist/native-messaging/host.d.ts +20 -0
package/dist/native-messaging/host.js +120 -0
package/dist/native-messaging/index.d.ts +5 -0
package/dist/native-messaging/index.js +22 -0
package/dist/native-messaging/install.d.ts +60 -0
package/dist/native-messaging/install.js +144 -0
package/dist/native-messaging/rate-limit.d.ts +69 -0
package/dist/native-messaging/rate-limit.js +119 -0
package/dist/native-messaging/run.d.ts +10 -0
package/dist/native-messaging/run.js +17 -0
package/dist/node/async-hooks.js +4 -3
package/dist/node/child-process.js +4 -3
package/dist/node/crypto.js +4 -3
package/dist/node/events.js +4 -3
package/dist/node/fs-promises.js +4 -3
package/dist/node/fs.d.ts +22 -6
package/dist/node/fs.js +17 -3
package/dist/node/http.js +4 -3
package/dist/node/https.js +4 -3
package/dist/node/module.js +10 -6
package/dist/node/os.d.ts +10 -2
package/dist/node/os.js +12 -4
package/dist/node/path.d.ts +11 -2
package/dist/node/path.js +18 -4
package/dist/node/timers-promises.js +4 -3
package/dist/node/url.js +4 -3
package/dist/node/util.js +4 -3
package/dist/objects/getters.js +6 -8
package/dist/objects/inspect.js +1 -4
package/dist/objects/mutate.js +4 -5
package/dist/objects/predicates.js +1 -5
package/dist/objects/sort.js +3 -7
package/dist/packages/edit-class.d.ts +2 -3
package/dist/packages/edit-class.js +53 -48
package/dist/packages/edit.js +12 -14
package/dist/packages/exports.js +15 -21
package/dist/packages/fetch.d.ts +16 -0
package/dist/packages/fetch.js +81 -0
package/dist/packages/find.d.ts +55 -0
package/dist/packages/find.js +65 -0
package/dist/packages/isolation.js +14 -14
package/dist/packages/licenses.js +18 -18
package/dist/packages/manifest.js +16 -19
package/dist/packages/metadata-extensions.d.ts +14 -0
package/dist/packages/metadata-extensions.js +43 -0
package/dist/packages/normalize.js +6 -10
package/dist/packages/provenance.js +17 -19
package/dist/packages/read.d.ts +29 -0
package/dist/packages/read.js +66 -0
package/dist/packages/specs.d.ts +48 -1
package/dist/packages/specs.js +75 -12
package/dist/packages/tarball.d.ts +24 -0
package/dist/packages/tarball.js +81 -0
package/dist/packages/types.d.ts +22 -22
package/dist/packages/validation.js +0 -3
package/dist/paths/_internal.d.ts +2 -1
package/dist/paths/_internal.js +7 -19
package/dist/paths/conversion.js +5 -9
package/dist/paths/dirnames.d.ts +1 -0
package/dist/paths/dirnames.js +2 -0
package/dist/paths/filenames.d.ts +0 -1
package/dist/paths/filenames.js +0 -2
package/dist/paths/normalize.js +4 -5
package/dist/paths/packages.js +4 -7
package/dist/paths/predicates.js +9 -16
package/dist/paths/resolve.js +17 -25
package/dist/paths/rewire.d.ts +5 -0
package/dist/paths/rewire.js +3 -3
package/dist/paths/socket.d.ts +74 -111
package/dist/paths/socket.js +106 -139
package/dist/paths/walk.d.ts +1 -1
package/dist/paths/walk.js +4 -4
package/dist/perf/report.js +2 -2
package/dist/perf/types.d.ts +1 -1
package/dist/pkg-ext/data.js +1 -1
package/dist/primordials/array.js +9 -9
package/dist/primordials/date.js +2 -2
package/dist/primordials/error.js +3 -3
package/dist/primordials/headers.d.ts +10 -0
package/dist/primordials/headers.js +23 -0
package/dist/primordials/intl.d.ts +13 -0
package/dist/primordials/intl.js +26 -0
package/dist/primordials/math.js +33 -33
package/dist/primordials/number.js +9 -9
package/dist/primordials/object.js +5 -5
package/dist/primordials/process.d.ts +88 -0
package/dist/primordials/process.js +132 -0
package/dist/primordials/string.d.ts +2 -2
package/dist/primordials/string.js +6 -6
package/dist/primordials/symbol.js +3 -3
package/dist/primordials/uncurry.d.ts +1 -2
package/dist/primordials/uncurry.js +9 -9
package/dist/process/abort.js +3 -3
package/dist/process/lock-manager.js +8 -8
package/dist/process/spawn/_internal.js +6 -8
package/dist/process/spawn/child.js +20 -14
package/dist/process/spawn/errors.js +3 -5
package/dist/process/spawn/kill-tree.d.ts +53 -0
package/dist/process/spawn/kill-tree.js +85 -0
package/dist/process/spawn/stdio.js +0 -1
package/dist/process/spawn/types.d.ts +5 -5
package/dist/process/transient.js +2 -2
package/dist/promises/_internal.d.ts +2 -1
package/dist/promises/_internal.js +2 -6
package/dist/promises/iterate.js +11 -15
package/dist/promises/options.js +3 -6
package/dist/promises/retry.js +4 -5
package/dist/promises/timers.d.ts +30 -0
package/dist/promises/timers.js +48 -0
package/dist/regexps/spec.js +1 -1
package/dist/releases/github-archives.d.ts +6 -6
package/dist/releases/github-archives.js +3 -3
package/dist/releases/github-asset-url.d.ts +1 -1
package/dist/releases/github-asset-url.js +5 -5
package/dist/releases/github-downloads.d.ts +1 -1
package/dist/releases/github-downloads.js +3 -3
package/dist/releases/github-listing.d.ts +12 -4
package/dist/releases/github-listing.js +20 -7
package/dist/releases/github-retry-config.js +1 -1
package/dist/releases/github-types.d.ts +6 -6
package/dist/releases/socket-btm-binary-naming.d.ts +107 -0
package/dist/releases/socket-btm-binary-naming.js +155 -0
package/dist/releases/socket-btm.d.ts +8 -115
package/dist/releases/socket-btm.js +16 -159
package/dist/schema/types.d.ts +4 -5
package/dist/schema/validate.js +1 -1
package/dist/sea/detect.js +6 -6
package/dist/secrets/_internal.d.ts +2 -2
package/dist/secrets/_internal.js +2 -2
package/dist/secrets/compare.d.ts +45 -0
package/dist/secrets/compare.js +61 -0
package/dist/secrets/find.d.ts +2 -2
package/dist/secrets/find.js +10 -4
package/dist/secrets/keychain.d.ts +1 -1
package/dist/secrets/keychain.js +6 -4
package/dist/secrets/linux.js +40 -52
package/dist/secrets/macos.d.ts +2 -3
package/dist/secrets/macos.js +24 -33
package/dist/secrets/rc.d.ts +4 -4
package/dist/secrets/rc.js +27 -17
package/dist/secrets/socket-api-token.d.ts +4 -4
package/dist/secrets/socket-api-token.js +26 -9
package/dist/secrets/windows.js +32 -37
package/dist/shadow/skip.js +2 -2
package/dist/shell/parse.d.ts +32 -0
package/dist/shell/parse.js +60 -0
package/dist/smol/detect.js +9 -10
package/dist/smol/http.js +6 -7
package/dist/smol/https.js +6 -7
package/dist/smol/manifest.d.ts +1 -1
package/dist/smol/manifest.js +6 -7
package/dist/smol/path.d.ts +1 -1
package/dist/smol/path.js +7 -8
package/dist/smol/primordial.d.ts +4 -0
package/dist/smol/primordial.js +6 -7
package/dist/smol/purl.d.ts +1 -1
package/dist/smol/purl.js +7 -8
package/dist/smol/versions.js +6 -7
package/dist/smol/vfs.js +6 -7
package/dist/sorts/_internal.js +6 -8
package/dist/sorts/natural.js +10 -12
package/dist/sorts/semver.js +1 -2
package/dist/sorts/strings.js +0 -1
package/dist/sorts/types.d.ts +1 -1
package/dist/spinner/create-spinner-class.d.ts +38 -0
package/dist/spinner/create-spinner-class.js +302 -0
package/dist/spinner/default.js +8 -9
package/dist/spinner/spinner-internals.d.ts +36 -0
package/dist/spinner/spinner-internals.js +105 -0
package/dist/spinner/spinner-shimmer-methods.d.ts +54 -0
package/dist/spinner/spinner-shimmer-methods.js +143 -0
package/dist/spinner/spinner-status-methods.d.ts +40 -0
package/dist/spinner/spinner-status-methods.js +133 -0
package/dist/spinner/spinner.d.ts +8 -5
package/dist/spinner/spinner.js +19 -706
package/dist/spinner/types.d.ts +3 -1
package/dist/spinner/with.d.ts +10 -0
package/dist/spinner/with.js +16 -2
package/dist/stdio/divider.js +1 -1
package/dist/stdio/footer.js +3 -3
package/dist/stdio/header.js +4 -4
package/dist/stdio/progress.js +10 -6
package/dist/stdio/prompts.d.ts +7 -5
package/dist/stdio/prompts.js +7 -8
package/dist/stdio/stdout.js +3 -3
package/dist/streams/parallel.js +3 -5
package/dist/streams/transform.js +2 -3
package/dist/strings/format.js +2 -6
package/dist/strings/predicates.js +0 -2
package/dist/strings/search.js +1 -2
package/dist/strings/transform.js +0 -3
package/dist/strings/width.js +9 -10
package/dist/tables/bordered.js +4 -3
package/dist/tables/padding.js +1 -1
package/dist/tables/simple.js +8 -5
package/dist/temporal/instant.js +1 -1
package/dist/temporal/slots.js +6 -6
package/dist/temporal/system.js +9 -9
package/dist/themes/context.d.ts +3 -2
package/dist/themes/context.js +4 -5
package/dist/themes/themes.js +15 -15
package/dist/themes/types.d.ts +3 -3
package/dist/url/assert-safe.d.ts +29 -0
package/dist/url/assert-safe.js +54 -0
package/dist/url/parse.js +0 -2
package/dist/url/predicates.d.ts +31 -1
package/dist/url/predicates.js +43 -3
package/dist/url/search-params.js +3 -9
package/dist/url/types.d.ts +9 -5
package/dist/versions/_internal.js +3 -3
package/dist/words/article.js +0 -1
package/dist/words/capitalize.js +0 -1
package/dist/words/pluralize.js +15 -5
package/package.json +419 -216
package/dist/external-tools/uv/asset-names.d.ts +0 -36
package/dist/external-tools/uv/asset-names.js +0 -70
package/dist/external-tools/uv/from-download.d.ts +0 -17
package/dist/external-tools/uv/from-download.js +0 -47
package/dist/external-tools/uv/from-path.d.ts +0 -5
package/dist/external-tools/uv/from-path.js +0 -22
package/dist/external-tools/uv/from-vfs.d.ts +0 -7
package/dist/external-tools/uv/from-vfs.js +0 -26
package/dist/external-tools/uv/resolve.d.ts +0 -25
package/dist/external-tools/uv/resolve.js +0 -53
package/dist/external-tools/uv/types.d.ts +0 -24
package/dist/fs/path-cache.d.ts +0 -21
package/dist/fs/path-cache.js +0 -34
package/dist/http-request/checksums.d.ts +0 -69
package/dist/http-request/checksums.js +0 -108
package/dist/http-request/http-request.d.ts +0 -12
package/dist/http-request/http-request.js +0 -11
package/dist/packages/operations.d.ts +0 -113
package/dist/packages/operations.js +0 -304
package/dist/ssri/convert.d.ts +0 -48
package/dist/ssri/convert.js +0 -69
package/dist/ssri/parse.d.ts +0 -27
package/dist/ssri/parse.js +0 -41
package/dist/ssri/validate.d.ts +0 -41
package/dist/ssri/validate.js +0 -56
/package/dist/{bin → cli}/check.d.ts +0 -0
/package/dist/external-tools/{uv → python}/types.js +0 -0
/package/dist/fs/{find-up.d.ts → find.d.ts} +0 -0
/package/dist/github/{fetch.d.ts → request.d.ts} +0 -0

package/dist/env/socket-cli.js CHANGED Viewed

@@ -24,9 +24,8 @@ const require_env_number = require('./number.js');
 *
 * @returns Whether to accept all risks
 */
-/*@__NO_SIDE_EFFECTS__*/
 function getSocketCliAcceptRisks() {
-	return /* @__PURE__ */ require_env_boolean.envAsBoolean(require_env_rewire.getEnvValue("SOCKET_CLI_ACCEPT_RISKS"));
+	return require_env_boolean.envAsBoolean(require_env_rewire.getEnvValue("SOCKET_CLI_ACCEPT_RISKS"));
 }
 /**
 * Socket CLI API base URL (alternative name). Checks SOCKET_CLI_API_BASE_URL
@@ -42,7 +41,6 @@ function getSocketCliAcceptRisks() {
 *
 * @returns API base URL or undefined
 */
-/*@__NO_SIDE_EFFECTS__*/
 function getSocketCliApiBaseUrl() {
 	return require_env_rewire.getEnvValue("SOCKET_CLI_API_BASE_URL") || require_env_rewire.getEnvValue("SOCKET_SECURITY_API_BASE_URL");
 }
@@ -62,7 +60,6 @@ function getSocketCliApiBaseUrl() {
 *
 * @returns API proxy URL or undefined
 */
-/*@__NO_SIDE_EFFECTS__*/
 function getSocketCliApiProxy() {
 	return require_env_rewire.getEnvValue("SOCKET_CLI_API_PROXY") || require_env_rewire.getEnvValue("SOCKET_SECURITY_API_PROXY") || require_env_rewire.getEnvValue("HTTPS_PROXY") || require_env_rewire.getEnvValue("https_proxy") || require_env_rewire.getEnvValue("HTTP_PROXY") || require_env_rewire.getEnvValue("http_proxy");
 }
@@ -79,9 +76,8 @@ function getSocketCliApiProxy() {
 *
 * @returns API timeout in milliseconds
 */
-/*@__NO_SIDE_EFFECTS__*/
 function getSocketCliApiTimeout() {
-	return /* @__PURE__ */ require_env_number.envAsNumber(require_env_rewire.getEnvValue("SOCKET_CLI_API_TIMEOUT"));
+	return require_env_number.envAsNumber(require_env_rewire.getEnvValue("SOCKET_CLI_API_TIMEOUT"));
 }
 /**
 * Bootstrap cache directory path. Set by bootstrap wrappers to pass dlx cache
@@ -97,7 +93,6 @@ function getSocketCliApiTimeout() {
 *
 * @returns Bootstrap cache directory or undefined
 */
-/*@__NO_SIDE_EFFECTS__*/
 function getSocketCliBootstrapCacheDir() {
 	return require_env_rewire.getEnvValue("SOCKET_CLI_BOOTSTRAP_CACHE_DIR");
 }
@@ -115,7 +110,6 @@ function getSocketCliBootstrapCacheDir() {
 *
 * @returns Bootstrap package spec or undefined
 */
-/*@__NO_SIDE_EFFECTS__*/
 function getSocketCliBootstrapSpec() {
 	return require_env_rewire.getEnvValue("SOCKET_CLI_BOOTSTRAP_SPEC");
 }
@@ -132,7 +126,6 @@ function getSocketCliBootstrapSpec() {
 *
 * @returns Config file path or undefined
 */
-/*@__NO_SIDE_EFFECTS__*/
 function getSocketCliConfig() {
 	return require_env_rewire.getEnvValue("SOCKET_CLI_CONFIG");
 }
@@ -149,7 +142,6 @@ function getSocketCliConfig() {
 *
 * @returns Fix mode value or undefined
 */
-/*@__NO_SIDE_EFFECTS__*/
 function getSocketCliFix() {
 	return require_env_rewire.getEnvValue("SOCKET_CLI_FIX");
 }
@@ -167,7 +159,6 @@ function getSocketCliFix() {
 *
 * @returns GitHub token or undefined
 */
-/*@__NO_SIDE_EFFECTS__*/
 function getSocketCliGithubToken() {
 	return require_env_rewire.getEnvValue("SOCKET_CLI_GITHUB_TOKEN") || require_env_rewire.getEnvValue("SOCKET_SECURITY_GITHUB_PAT") || require_env_rewire.getEnvValue("GITHUB_TOKEN");
 }
@@ -185,9 +176,8 @@ function getSocketCliGithubToken() {
 *
 * @returns Whether to skip API token requirement
 */
-/*@__NO_SIDE_EFFECTS__*/
 function getSocketCliNoApiToken() {
-	return /* @__PURE__ */ require_env_boolean.envAsBoolean(require_env_rewire.getEnvValue("SOCKET_CLI_NO_API_TOKEN"));
+	return require_env_boolean.envAsBoolean(require_env_rewire.getEnvValue("SOCKET_CLI_NO_API_TOKEN"));
 }
 /**
 * Controls Socket CLI optimization mode.
@@ -203,9 +193,8 @@ function getSocketCliNoApiToken() {
 *
 * @returns Whether optimization mode is enabled
 */
-/*@__NO_SIDE_EFFECTS__*/
 function getSocketCliOptimize() {
-	return /* @__PURE__ */ require_env_boolean.envAsBoolean(require_env_rewire.getEnvValue("SOCKET_CLI_OPTIMIZE"));
+	return require_env_boolean.envAsBoolean(require_env_rewire.getEnvValue("SOCKET_CLI_OPTIMIZE"));
 }
 /**
 * Socket CLI organization slug identifier (alternative name). Checks
@@ -221,7 +210,6 @@ function getSocketCliOptimize() {
 *
 * @returns Organization slug or undefined
 */
-/*@__NO_SIDE_EFFECTS__*/
 function getSocketCliOrgSlug() {
 	return require_env_rewire.getEnvValue("SOCKET_CLI_ORG_SLUG") || require_env_rewire.getEnvValue("SOCKET_ORG_SLUG");
 }
@@ -239,9 +227,8 @@ function getSocketCliOrgSlug() {
 *
 * @returns Whether to view all risks
 */
-/*@__NO_SIDE_EFFECTS__*/
 function getSocketCliViewAllRisks() {
-	return /* @__PURE__ */ require_env_boolean.envAsBoolean(require_env_rewire.getEnvValue("SOCKET_CLI_VIEW_ALL_RISKS"));
+	return require_env_boolean.envAsBoolean(require_env_rewire.getEnvValue("SOCKET_CLI_VIEW_ALL_RISKS"));
 }
 //#endregion

package/dist/env/socket-mcp.d.ts ADDED Viewed

@@ -0,0 +1,114 @@
+/**
+ * @file Socket MCP HTTP server environment variable getters. Covers the MCP
+ *   transport (HTTP mode, port) and the OAuth credentials / proxy-trust
+ *   settings the MCP HTTP server reads at startup.
+ */
+/**
+ * Whether the MCP server should run in HTTP mode. MCP_HTTP_MODE — when set to
+ * the literal string `'true'`, the MCP server serves over HTTP instead of
+ * stdio. Returns `false` for any other value (including unset).
+ *
+ * @example
+ *   ;```typescript
+ *   import { getMcpHttpMode } from '@socketsecurity/lib/env/socket-mcp'
+ *
+ *   if (getMcpHttpMode()) {
+ *     startHttpServer()
+ *   }
+ *   ```
+ *
+ * @returns `true` if HTTP mode is enabled, `false` otherwise
+ */
+export declare function getMcpHttpMode(): boolean;
+/**
+ * MCP HTTP server listen port. MCP_PORT — port the MCP HTTP server binds to.
+ * Defaults to `3000` (matches socket-mcp's documented default). Invalid /
+ * non-numeric values also fall back to `3000`.
+ *
+ * @example
+ *   ;```typescript
+ *   import { getMcpPort } from '@socketsecurity/lib/env/socket-mcp'
+ *
+ *   const port = getMcpPort()
+ *   ```
+ *
+ * @returns The MCP server port (default `3000`)
+ */
+export declare function getMcpPort(): number;
+/**
+ * OAuth introspection client ID for the MCP HTTP server.
+ * SOCKET_OAUTH_INTROSPECTION_CLIENT_ID — client credential used to call the
+ * issuer's introspection endpoint. Empty string when unset.
+ *
+ * @example
+ *   ;```typescript
+ *   import { getSocketOauthIntrospectionClientId } from '@socketsecurity/lib/env/socket-mcp'
+ *
+ *   const clientId = getSocketOauthIntrospectionClientId()
+ *   ```
+ *
+ * @returns The OAuth client ID, or `''` if not set
+ */
+export declare function getSocketOauthIntrospectionClientId(): string;
+/**
+ * OAuth introspection client secret for the MCP HTTP server.
+ * SOCKET_OAUTH_INTROSPECTION_CLIENT_SECRET — paired with the client ID for
+ * authenticated introspection requests. Empty string when unset.
+ *
+ * @example
+ *   ;```typescript
+ *   import { getSocketOauthIntrospectionClientSecret } from '@socketsecurity/lib/env/socket-mcp'
+ *
+ *   const clientSecret = getSocketOauthIntrospectionClientSecret()
+ *   ```
+ *
+ * @returns The OAuth client secret, or `''` if not set
+ */
+export declare function getSocketOauthIntrospectionClientSecret(): string;
+/**
+ * OAuth issuer URL for the MCP HTTP server. SOCKET_OAUTH_ISSUER — issuer to
+ * validate inbound OAuth tokens against. Returns the empty string when unset;
+ * callers treat empty as "no issuer configured".
+ *
+ * @example
+ *   ;```typescript
+ *   import { getSocketOauthIssuer } from '@socketsecurity/lib/env/socket-mcp'
+ *
+ *   const issuer = getSocketOauthIssuer()
+ *   if (issuer) { ... }
+ *   ```
+ *
+ * @returns The OAuth issuer URL, or `''` if not set
+ */
+export declare function getSocketOauthIssuer(): string;
+/**
+ * Required OAuth scopes for the MCP HTTP server. SOCKET_OAUTH_REQUIRED_SCOPES —
+ * whitespace-separated list of scopes inbound tokens must carry. Defaults to
+ * `'packages:list'` (the minimum scope socket-mcp's depscore tool needs).
+ *
+ * @example
+ *   ;```typescript
+ *   import { getSocketOauthRequiredScopes } from '@socketsecurity/lib/env/socket-mcp'
+ *
+ *   const scopes = getSocketOauthRequiredScopes().split(/\s+/u)
+ *   ```
+ *
+ * @returns The required-scopes string, defaulting to `'packages:list'`
+ */
+export declare function getSocketOauthRequiredScopes(): string;
+/**
+ * Whether the MCP HTTP server should trust upstream proxy headers. TRUST_PROXY
+ * — when set to the literal string `'true'`, the server honors
+ * `X-Forwarded-Host` / `X-Forwarded-Proto` when composing OAuth metadata URLs.
+ * Off by default to prevent header spoofing when no upstream proxy is present.
+ *
+ * @example
+ *   ;```typescript
+ *   import { getTrustProxy } from '@socketsecurity/lib/env/socket-mcp'
+ *
+ *   if (getTrustProxy()) { ... }
+ *   ```
+ *
+ * @returns `true` if proxy headers are trusted, `false` otherwise
+ */
+export declare function getTrustProxy(): boolean;

package/dist/env/socket-mcp.js ADDED Viewed

@@ -0,0 +1,146 @@
+"use strict";
+/* Socket Lib - Built with rolldown */
+Object.defineProperty(exports, Symbol.toStringTag, { value: 'Module' });
+const require_primordials_number = require('../primordials/number.js');
+const require_env_rewire = require('./rewire.js');
+const require_env_number = require('./number.js');
+//#region src/env/socket-mcp.ts
+/**
+* @file Socket MCP HTTP server environment variable getters. Covers the MCP
+*   transport (HTTP mode, port) and the OAuth credentials / proxy-trust
+*   settings the MCP HTTP server reads at startup.
+*/
+/**
+* Whether the MCP server should run in HTTP mode. MCP_HTTP_MODE — when set to
+* the literal string `'true'`, the MCP server serves over HTTP instead of
+* stdio. Returns `false` for any other value (including unset).
+*
+* @example
+*   ;```typescript
+*   import { getMcpHttpMode } from '@socketsecurity/lib/env/socket-mcp'
+*
+*   if (getMcpHttpMode()) {
+*     startHttpServer()
+*   }
+*   ```
+*
+* @returns `true` if HTTP mode is enabled, `false` otherwise
+*/
+function getMcpHttpMode() {
+	return require_env_rewire.getEnvValue("MCP_HTTP_MODE") === "true";
+}
+/**
+* MCP HTTP server listen port. MCP_PORT — port the MCP HTTP server binds to.
+* Defaults to `3000` (matches socket-mcp's documented default). Invalid /
+* non-numeric values also fall back to `3000`.
+*
+* @example
+*   ;```typescript
+*   import { getMcpPort } from '@socketsecurity/lib/env/socket-mcp'
+*
+*   const port = getMcpPort()
+*   ```
+*
+* @returns The MCP server port (default `3000`)
+*/
+function getMcpPort() {
+	const parsed = require_env_number.envAsNumber(require_env_rewire.getEnvValue("MCP_PORT"));
+	return require_primordials_number.NumberIsFinite(parsed) && parsed > 0 ? parsed : 3e3;
+}
+/**
+* OAuth introspection client ID for the MCP HTTP server.
+* SOCKET_OAUTH_INTROSPECTION_CLIENT_ID — client credential used to call the
+* issuer's introspection endpoint. Empty string when unset.
+*
+* @example
+*   ;```typescript
+*   import { getSocketOauthIntrospectionClientId } from '@socketsecurity/lib/env/socket-mcp'
+*
+*   const clientId = getSocketOauthIntrospectionClientId()
+*   ```
+*
+* @returns The OAuth client ID, or `''` if not set
+*/
+function getSocketOauthIntrospectionClientId() {
+	return require_env_rewire.getEnvValue("SOCKET_OAUTH_INTROSPECTION_CLIENT_ID") ?? "";
+}
+/**
+* OAuth introspection client secret for the MCP HTTP server.
+* SOCKET_OAUTH_INTROSPECTION_CLIENT_SECRET — paired with the client ID for
+* authenticated introspection requests. Empty string when unset.
+*
+* @example
+*   ;```typescript
+*   import { getSocketOauthIntrospectionClientSecret } from '@socketsecurity/lib/env/socket-mcp'
+*
+*   const clientSecret = getSocketOauthIntrospectionClientSecret()
+*   ```
+*
+* @returns The OAuth client secret, or `''` if not set
+*/
+function getSocketOauthIntrospectionClientSecret() {
+	return require_env_rewire.getEnvValue("SOCKET_OAUTH_INTROSPECTION_CLIENT_SECRET") ?? "";
+}
+/**
+* OAuth issuer URL for the MCP HTTP server. SOCKET_OAUTH_ISSUER — issuer to
+* validate inbound OAuth tokens against. Returns the empty string when unset;
+* callers treat empty as "no issuer configured".
+*
+* @example
+*   ;```typescript
+*   import { getSocketOauthIssuer } from '@socketsecurity/lib/env/socket-mcp'
+*
+*   const issuer = getSocketOauthIssuer()
+*   if (issuer) { ... }
+*   ```
+*
+* @returns The OAuth issuer URL, or `''` if not set
+*/
+function getSocketOauthIssuer() {
+	return require_env_rewire.getEnvValue("SOCKET_OAUTH_ISSUER") ?? "";
+}
+/**
+* Required OAuth scopes for the MCP HTTP server. SOCKET_OAUTH_REQUIRED_SCOPES —
+* whitespace-separated list of scopes inbound tokens must carry. Defaults to
+* `'packages:list'` (the minimum scope socket-mcp's depscore tool needs).
+*
+* @example
+*   ;```typescript
+*   import { getSocketOauthRequiredScopes } from '@socketsecurity/lib/env/socket-mcp'
+*
+*   const scopes = getSocketOauthRequiredScopes().split(/\s+/u)
+*   ```
+*
+* @returns The required-scopes string, defaulting to `'packages:list'`
+*/
+function getSocketOauthRequiredScopes() {
+	return require_env_rewire.getEnvValue("SOCKET_OAUTH_REQUIRED_SCOPES") ?? "packages:list";
+}
+/**
+* Whether the MCP HTTP server should trust upstream proxy headers. TRUST_PROXY
+* — when set to the literal string `'true'`, the server honors
+* `X-Forwarded-Host` / `X-Forwarded-Proto` when composing OAuth metadata URLs.
+* Off by default to prevent header spoofing when no upstream proxy is present.
+*
+* @example
+*   ;```typescript
+*   import { getTrustProxy } from '@socketsecurity/lib/env/socket-mcp'
+*
+*   if (getTrustProxy()) { ... }
+*   ```
+*
+* @returns `true` if proxy headers are trusted, `false` otherwise
+*/
+function getTrustProxy() {
+	return require_env_rewire.getEnvValue("TRUST_PROXY") === "true";
+}
+//#endregion
+exports.getMcpHttpMode = getMcpHttpMode;
+exports.getMcpPort = getMcpPort;
+exports.getSocketOauthIntrospectionClientId = getSocketOauthIntrospectionClientId;
+exports.getSocketOauthIntrospectionClientSecret = getSocketOauthIntrospectionClientSecret;
+exports.getSocketOauthIssuer = getSocketOauthIssuer;
+exports.getSocketOauthRequiredScopes = getSocketOauthRequiredScopes;
+exports.getTrustProxy = getTrustProxy;

package/dist/env/socket.d.ts CHANGED Viewed

@@ -1,38 +1,6 @@
 /**
  * @file Socket Security environment variable getters.
  */
-/**
- * Whether the MCP server should run in HTTP mode. MCP_HTTP_MODE — when set to
- * the literal string `'true'`, the MCP server serves over HTTP instead of
- * stdio. Returns `false` for any other value (including unset).
- *
- * @example
- *   ;```typescript
- *   import { getMcpHttpMode } from '@socketsecurity/lib/env/socket'
- *
- *   if (getMcpHttpMode()) {
- *     startHttpServer()
- *   }
- *   ```
- *
- * @returns `true` if HTTP mode is enabled, `false` otherwise
- */
-export declare function getMcpHttpMode(): boolean;
-/**
- * MCP HTTP server listen port. MCP_PORT — port the MCP HTTP server binds to.
- * Defaults to `3000` (matches socket-mcp's documented default). Invalid /
- * non-numeric values also fall back to `3000`.
- *
- * @example
- *   ;```typescript
- *   import { getMcpPort } from '@socketsecurity/lib/env/socket'
- *
- *   const port = getMcpPort()
- *   ```
- *
- * @returns The MCP server port (default `3000`)
- */
-export declare function getMcpPort(): number;
 /**
  * SOCKET_ACCEPT_RISKS environment variable getter. Whether to accept all Socket
  * Security risks.
@@ -308,67 +276,6 @@ export declare function getSocketNoApiToken(): boolean;
  * @returns The Socket NPM registry URL, or `undefined` if not set
  */
 export declare function getSocketNpmRegistry(): string | undefined;
-/**
- * OAuth introspection client ID for the MCP HTTP server.
- * SOCKET_OAUTH_INTROSPECTION_CLIENT_ID — client credential used to call the
- * issuer's introspection endpoint. Empty string when unset.
- *
- * @example
- *   ;```typescript
- *   import { getSocketOauthIntrospectionClientId } from '@socketsecurity/lib/env/socket'
- *
- *   const clientId = getSocketOauthIntrospectionClientId()
- *   ```
- *
- * @returns The OAuth client ID, or `''` if not set
- */
-export declare function getSocketOauthIntrospectionClientId(): string;
-/**
- * OAuth introspection client secret for the MCP HTTP server.
- * SOCKET_OAUTH_INTROSPECTION_CLIENT_SECRET — paired with the client ID for
- * authenticated introspection requests. Empty string when unset.
- *
- * @example
- *   ;```typescript
- *   import { getSocketOauthIntrospectionClientSecret } from '@socketsecurity/lib/env/socket'
- *
- *   const clientSecret = getSocketOauthIntrospectionClientSecret()
- *   ```
- *
- * @returns The OAuth client secret, or `''` if not set
- */
-export declare function getSocketOauthIntrospectionClientSecret(): string;
-/**
- * OAuth issuer URL for the MCP HTTP server. SOCKET_OAUTH_ISSUER — issuer to
- * validate inbound OAuth tokens against. Returns the empty string when unset;
- * callers treat empty as "no issuer configured".
- *
- * @example
- *   ;```typescript
- *   import { getSocketOauthIssuer } from '@socketsecurity/lib/env/socket'
- *
- *   const issuer = getSocketOauthIssuer()
- *   if (issuer) { ... }
- *   ```
- *
- * @returns The OAuth issuer URL, or `''` if not set
- */
-export declare function getSocketOauthIssuer(): string;
-/**
- * Required OAuth scopes for the MCP HTTP server. SOCKET_OAUTH_REQUIRED_SCOPES —
- * whitespace-separated list of scopes inbound tokens must carry. Defaults to
- * `'packages:list'` (the minimum scope socket-mcp's depscore tool needs).
- *
- * @example
- *   ;```typescript
- *   import { getSocketOauthRequiredScopes } from '@socketsecurity/lib/env/socket'
- *
- *   const scopes = getSocketOauthRequiredScopes().split(/\s+/u)
- *   ```
- *
- * @returns The required-scopes string, defaulting to `'packages:list'`
- */
-export declare function getSocketOauthRequiredScopes(): string;
 /**
  * SOCKET_ORG_SLUG environment variable getter. Socket Security organization
  * slug identifier.
@@ -414,6 +321,13 @@ export declare function getSocketRegistryUrl(): string | undefined;
  * @returns The repository name, or `undefined` if neither is set
  */
 export declare function getSocketRepositoryName(): string | undefined;
+/**
+ * SOCKET_STATE_DIR environment variable getter. Overrides the default Socket
+ * state directory (~/.socket/_state) location.
+ *
+ * @returns The state directory path, or `undefined` if not set
+ */
+export declare function getSocketStateDirEnv(): string | undefined;
 /**
  * SOCKET_VIEW_ALL_RISKS environment variable getter. Whether to view all Socket
  * Security risks.
@@ -430,19 +344,4 @@ export declare function getSocketRepositoryName(): string | undefined;
  * @returns `true` if viewing all risks, `false` otherwise
  */
 export declare function getSocketViewAllRisks(): boolean;
-/**
- * Whether the MCP HTTP server should trust upstream proxy headers. TRUST_PROXY
- * — when set to the literal string `'true'`, the server honors
- * `X-Forwarded-Host` / `X-Forwarded-Proto` when composing OAuth metadata URLs.
- * Off by default to prevent header spoofing when no upstream proxy is present.
- *
- * @example
- *   ;```typescript
- *   import { getTrustProxy } from '@socketsecurity/lib/env/socket'
- *
- *   if (getTrustProxy()) { ... }
- *   ```
- *
- * @returns `true` if proxy headers are trusted, `false` otherwise
- */
-export declare function getTrustProxy(): boolean;
+export { getMcpHttpMode, getMcpPort, getSocketOauthIntrospectionClientId, getSocketOauthIntrospectionClientSecret, getSocketOauthIssuer, getSocketOauthRequiredScopes, getTrustProxy, } from './socket-mcp';