npm - @socketsecurity/lib - Versions diffs - 6.0.6 → 6.0.8 - Mend

@socketsecurity/lib 6.0.6 → 6.0.8

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (619) hide show

package/CHANGELOG.md +46 -1
package/README.md +1 -1
package/dist/ai/agent-context.d.mts +103 -0
package/dist/ai/agent-context.js +157 -0
package/dist/ai/backends.d.mts +83 -0
package/dist/ai/backends.js +173 -0
package/dist/ai/credentials.d.mts +49 -0
package/dist/ai/credentials.js +82 -0
package/dist/ai/discover.d.mts +6 -2
package/dist/ai/discover.js +4 -3
package/dist/ai/exec.d.mts +52 -0
package/dist/ai/exec.js +92 -0
package/dist/ai/http.d.mts +132 -0
package/dist/ai/http.js +130 -0
package/dist/ai/profiles.d.mts +41 -6
package/dist/ai/profiles.js +52 -10
package/dist/ai/route.d.mts +69 -0
package/dist/ai/route.js +156 -0
package/dist/ai/spawn.d.mts +10 -2
package/dist/ai/spawn.js +56 -31
package/dist/ai/subagent-status.d.mts +48 -0
package/dist/ai/subagent-status.js +57 -0
package/dist/ai/tier.d.mts +60 -0
package/dist/ai/tier.js +53 -0
package/dist/ai/types.d.mts +31 -6
package/dist/ai/worktree.d.mts +6 -6
package/dist/ai/worktree.js +5 -1
package/dist/ansi/strip.d.ts +1 -1
package/dist/ansi/strip.js +0 -2
package/dist/archives/_internal.js +7 -9
package/dist/archives/extract.js +1 -1
package/dist/archives/tar.js +7 -7
package/dist/archives/zip.js +5 -7
package/dist/argv/flag-predicates.d.ts +12 -12
package/dist/argv/flag-predicates.js +17 -17
package/dist/argv/flag-types.d.ts +18 -18
package/dist/argv/flag-types.js +4 -4
package/dist/argv/parse.d.ts +20 -3
package/dist/argv/parse.js +1 -1
package/dist/arrays/_internal.js +11 -12
package/dist/arrays/chunk.js +0 -1
package/dist/arrays/join.d.ts +37 -3
package/dist/arrays/join.js +47 -7
package/dist/arrays/unique.js +0 -1
package/dist/bin/_internal.d.ts +1 -1
package/dist/bin/_internal.js +1 -1
package/dist/bin/exec.js +2 -3
package/dist/bin/find.js +17 -17
package/dist/bin/prim.cjs +36175 -35861
package/dist/bin/resolve.js +13 -14
package/dist/bin/which.js +8 -8
package/dist/cache/ttl/store.js +6 -6
package/dist/checks/primordials-defaults.d.ts +3 -3
package/dist/checks/primordials-defaults.js +3 -3
package/dist/checks/primordials.js +4 -3
package/dist/{bin → cli}/check-primordials.d.ts +18 -13
package/dist/{bin → cli}/check-primordials.js +58 -55
package/dist/{bin → cli}/check.js +3 -3
package/dist/{bin → cli}/socket-lib.d.ts +1 -1
package/dist/{bin → cli}/socket-lib.js +4 -4
package/dist/colors/socket-palette.js +7 -9
package/dist/compression/_internal.d.ts +12 -12
package/dist/compression/_internal.js +18 -18
package/dist/compression/brotli.d.ts +26 -27
package/dist/compression/brotli.js +39 -35
package/dist/compression/gzip.d.ts +23 -23
package/dist/compression/gzip.js +46 -42
package/dist/constants/agents.d.ts +3 -1
package/dist/constants/agents.js +15 -11
package/dist/constants/licenses.js +3 -3
package/dist/constants/node.d.ts +23 -0
package/dist/constants/node.js +47 -15
package/dist/constants/packages.d.ts +3 -0
package/dist/constants/packages.js +24 -29
package/dist/constants/platform.d.ts +30 -3
package/dist/constants/platform.js +72 -12
package/dist/constants/runtime.d.ts +22 -0
package/dist/constants/runtime.js +32 -0
package/dist/constants/socket.d.ts +2 -6
package/dist/constants/socket.js +12 -14
package/dist/cover/code.js +10 -10
package/dist/cover/formatters.js +5 -5
package/dist/crypto/hash.d.ts +30 -2
package/dist/crypto/hash.js +47 -13
package/dist/debug/_internal.js +4 -6
package/dist/debug/caller-info.js +3 -4
package/dist/debug/namespace.d.ts +7 -0
package/dist/debug/namespace.js +21 -12
package/dist/debug/output.js +21 -24
package/dist/debug/types.d.ts +4 -4
package/dist/dlx/arborist.js +18 -8
package/dist/dlx/binary-cache.js +15 -15
package/dist/dlx/binary-download.d.ts +1 -1
package/dist/dlx/binary-download.js +11 -11
package/dist/dlx/binary-resolution.js +17 -15
package/dist/dlx/binary-types.d.ts +5 -5
package/dist/dlx/binary.js +5 -5
package/dist/dlx/cache.js +1 -1
package/dist/dlx/detect.d.ts +42 -25
package/dist/dlx/detect.js +86 -77
package/dist/dlx/dir.js +2 -2
package/dist/dlx/firewall.d.ts +9 -1
package/dist/dlx/firewall.js +1 -1
package/dist/dlx/lockfile.d.ts +19 -18
package/dist/dlx/lockfile.js +19 -16
package/dist/dlx/manifest.d.ts +6 -6
package/dist/dlx/manifest.js +5 -5
package/dist/dlx/package.d.ts +10 -10
package/dist/dlx/package.js +20 -16
package/dist/dlx/packages.js +4 -4
package/dist/dlx/paths.js +7 -7
package/dist/dlx/spec.js +1 -1
package/dist/dlx/types.d.ts +28 -27
package/dist/eco/cargo/parse-lockfile.d.ts +2 -3
package/dist/eco/cargo/parse-lockfile.js +5 -5
package/dist/eco/manifest/analyze-lockfile.js +2 -2
package/dist/eco/manifest/detect-format.js +5 -5
package/dist/eco/manifest/find-packages.js +2 -2
package/dist/eco/manifest/get-package-versions.js +2 -2
package/dist/eco/manifest/get-package.js +2 -2
package/dist/eco/manifest/parse-lockfile.js +2 -2
package/dist/eco/manifest/parse-manifest.js +2 -2
package/dist/eco/manifest/parse.js +2 -2
package/dist/eco/npm/npm/exec.js +2 -2
package/dist/eco/npm/npm/flags.js +7 -12
package/dist/eco/npm/npm/parse-lockfile.d.ts +17 -18
package/dist/eco/npm/npm/parse-lockfile.js +4 -4
package/dist/eco/npm/parse-package-json.d.ts +11 -0
package/dist/eco/npm/parse-package-json.js +3 -3
package/dist/eco/npm/pnpm/exec.d.ts +1 -1
package/dist/eco/npm/pnpm/exec.js +5 -5
package/dist/eco/npm/pnpm/flags.js +0 -3
package/dist/eco/npm/pnpm/parse-lockfile.d.ts +6 -4
package/dist/eco/npm/pnpm/parse-lockfile.js +7 -7
package/dist/eco/npm/script.js +9 -6
package/dist/eco/npm/yarnpkg/yarn/exec.js +4 -4
package/dist/eco/npm/yarnpkg/yarn/parse-lockfile.d.ts +3 -4
package/dist/eco/npm/yarnpkg/yarn/parse-lockfile.js +9 -9
package/dist/effects/pulse-frames.d.ts +3 -1
package/dist/effects/shimmer-keyframes.d.ts +1 -1
package/dist/effects/shimmer-terminal.d.ts +1 -1
package/dist/env/boolean.js +0 -1
package/dist/env/ci.js +0 -1
package/dist/env/debug.js +0 -1
package/dist/env/github-status.d.ts +51 -0
package/dist/env/github-status.js +90 -0
package/dist/env/github.js +0 -8
package/dist/env/home.js +0 -1
package/dist/env/locale.js +0 -3
package/dist/env/node-auth-token.js +0 -1
package/dist/env/node-env.js +0 -1
package/dist/env/node-version-managers.d.ts +53 -0
package/dist/env/node-version-managers.js +90 -0
package/dist/env/npm.js +0 -5
package/dist/env/number.js +0 -1
package/dist/env/package-manager.js +3 -6
package/dist/env/path.js +0 -1
package/dist/env/pre-commit.js +1 -2
package/dist/env/proxy.js +1 -1
package/dist/env/rewire.d.ts +8 -6
package/dist/env/rewire.js +16 -17
package/dist/env/shell.js +0 -1
package/dist/env/socket-cli.js +5 -18
package/dist/env/socket-mcp.d.ts +114 -0
package/dist/env/socket-mcp.js +146 -0
package/dist/env/socket.d.ts +8 -109
package/dist/env/socket.js +22 -167
package/dist/env/string.js +0 -1
package/dist/env/temp-dir.js +0 -3
package/dist/env/term.js +0 -1
package/dist/env/test.js +3 -6
package/dist/env/windows.js +0 -4
package/dist/env/xdg.js +0 -3
package/dist/errors/predicates.js +1 -1
package/dist/events/exit/_internal.d.ts +11 -9
package/dist/events/exit/_internal.js +31 -35
package/dist/events/exit/handler.js +3 -4
package/dist/events/exit/intercept.js +4 -6
package/dist/events/exit/lifecycle.js +16 -18
package/dist/events/exit/signals.js +1 -2
package/dist/events/exit/types.d.ts +6 -5
package/dist/external/@npmcli/package-json.js +2 -2
package/dist/external/@npmcli/promise-spawn.js +3 -1
package/dist/external/npm-pack.js +2 -2
package/dist/external/pico-pack.js +4 -2
package/dist/external/which.js +3 -1
package/dist/external-tools/bazel/asset-names.d.ts +1 -1
package/dist/external-tools/bazel/asset-names.js +5 -2
package/dist/external-tools/bazel/from-download.d.ts +1 -1
package/dist/external-tools/bazel/from-download.js +5 -2
package/dist/external-tools/bazel/read-bazel-version-file.js +1 -1
package/dist/external-tools/bazel/resolve-bazel-version.js +4 -0
package/dist/external-tools/bazel/resolve.d.ts +3 -3
package/dist/external-tools/bazel/resolve.js +16 -8
package/dist/external-tools/bazel/types.d.ts +1 -1
package/dist/external-tools/cdxgen/asset-names.d.ts +1 -1
package/dist/external-tools/cdxgen/asset-names.js +5 -2
package/dist/external-tools/cdxgen/from-download.d.ts +1 -1
package/dist/external-tools/cdxgen/from-download.js +7 -4
package/dist/external-tools/cdxgen/from-vfs.js +1 -1
package/dist/external-tools/cdxgen/resolve.d.ts +3 -3
package/dist/external-tools/cdxgen/resolve.js +16 -8
package/dist/external-tools/cdxgen/types.d.ts +1 -1
package/dist/external-tools/from-download.d.ts +3 -3
package/dist/external-tools/from-download.js +12 -6
package/dist/external-tools/from-pip-venv.d.ts +1 -1
package/dist/external-tools/from-pip-venv.js +12 -5
package/dist/external-tools/janus/asset-names.d.ts +1 -1
package/dist/external-tools/janus/asset-names.js +5 -2
package/dist/external-tools/janus/from-download.d.ts +1 -1
package/dist/external-tools/janus/from-download.js +5 -2
package/dist/external-tools/janus/from-vfs.js +1 -1
package/dist/external-tools/janus/resolve.d.ts +3 -3
package/dist/external-tools/janus/resolve.js +16 -8
package/dist/external-tools/janus/types.d.ts +1 -1
package/dist/external-tools/jre/asset-names.d.ts +1 -1
package/dist/external-tools/jre/asset-names.js +5 -2
package/dist/external-tools/jre/detect-platform-arch.d.ts +10 -6
package/dist/external-tools/jre/detect-platform-arch.js +29 -14
package/dist/external-tools/jre/from-download.d.ts +1 -1
package/dist/external-tools/jre/from-download.js +7 -4
package/dist/external-tools/jre/from-java-home.js +2 -2
package/dist/external-tools/jre/from-vfs.js +3 -3
package/dist/external-tools/jre/resolve.d.ts +3 -3
package/dist/external-tools/jre/resolve.js +16 -8
package/dist/external-tools/jre/types.d.ts +1 -1
package/dist/external-tools/manifest.d.ts +25 -7
package/dist/external-tools/manifest.js +13 -13
package/dist/external-tools/opengrep/asset-names.d.ts +1 -1
package/dist/external-tools/opengrep/asset-names.js +5 -2
package/dist/external-tools/opengrep/from-download.d.ts +1 -1
package/dist/external-tools/opengrep/from-download.js +5 -2
package/dist/external-tools/opengrep/from-vfs.js +1 -1
package/dist/external-tools/opengrep/resolve.d.ts +3 -3
package/dist/external-tools/opengrep/resolve.js +16 -8
package/dist/external-tools/opengrep/types.d.ts +1 -1
package/dist/external-tools/python/asset-names.d.ts +76 -0
package/dist/external-tools/python/asset-names.js +111 -0
package/dist/external-tools/python/dlx.d.ts +80 -0
package/dist/external-tools/python/dlx.js +98 -0
package/dist/external-tools/python/from-download.d.ts +53 -0
package/dist/external-tools/python/from-download.js +75 -0
package/dist/external-tools/python/from-path.d.ts +7 -0
package/dist/external-tools/python/from-path.js +23 -0
package/dist/external-tools/python/pin.d.ts +121 -0
package/dist/external-tools/python/pin.js +176 -0
package/dist/external-tools/python/pip-install.d.ts +75 -0
package/dist/external-tools/python/pip-install.js +142 -0
package/dist/external-tools/python/resolve.d.ts +42 -0
package/dist/external-tools/python/resolve.js +66 -0
package/dist/external-tools/python/types.d.ts +49 -0
package/dist/external-tools/sbt/asset-names.d.ts +1 -1
package/dist/external-tools/sbt/asset-names.js +5 -2
package/dist/external-tools/sbt/from-download.d.ts +1 -1
package/dist/external-tools/sbt/from-download.js +5 -2
package/dist/external-tools/sbt/from-vfs.js +1 -1
package/dist/external-tools/sbt/resolve.d.ts +3 -3
package/dist/external-tools/sbt/resolve.js +16 -8
package/dist/external-tools/sbt/types.d.ts +1 -1
package/dist/external-tools/skillspector/from-dlx.d.ts +1 -1
package/dist/external-tools/skillspector/from-dlx.js +10 -3
package/dist/external-tools/skillspector/from-path.js +3 -5
package/dist/external-tools/skillspector/from-vfs.js +1 -1
package/dist/external-tools/skillspector/resolve.d.ts +2 -2
package/dist/external-tools/skillspector/resolve.js +14 -6
package/dist/external-tools/synp/asset-names.d.ts +1 -1
package/dist/external-tools/synp/asset-names.js +6 -2
package/dist/external-tools/synp/from-download.d.ts +1 -1
package/dist/external-tools/synp/from-download.js +7 -4
package/dist/external-tools/synp/from-vfs.js +1 -1
package/dist/external-tools/synp/resolve.d.ts +3 -3
package/dist/external-tools/synp/resolve.js +16 -8
package/dist/external-tools/trivy/asset-names.d.ts +1 -1
package/dist/external-tools/trivy/asset-names.js +5 -2
package/dist/external-tools/trivy/from-download.d.ts +1 -1
package/dist/external-tools/trivy/from-download.js +7 -4
package/dist/external-tools/trivy/from-vfs.js +1 -1
package/dist/external-tools/trivy/resolve.d.ts +3 -3
package/dist/external-tools/trivy/resolve.js +16 -8
package/dist/external-tools/trivy/types.d.ts +1 -1
package/dist/external-tools/trufflehog/asset-names.d.ts +1 -1
package/dist/external-tools/trufflehog/asset-names.js +5 -2
package/dist/external-tools/trufflehog/from-download.d.ts +1 -1
package/dist/external-tools/trufflehog/from-download.js +7 -4
package/dist/external-tools/trufflehog/from-vfs.js +1 -1
package/dist/external-tools/trufflehog/resolve.d.ts +3 -3
package/dist/external-tools/trufflehog/resolve.js +16 -8
package/dist/external-tools/trufflehog/types.d.ts +1 -1
package/dist/fs/_internal.d.ts +1 -1
package/dist/fs/_internal.js +7 -7
package/dist/fs/access.js +5 -9
package/dist/fs/allowed-dirs-cache.d.ts +47 -0
package/dist/fs/allowed-dirs-cache.js +69 -0
package/dist/fs/encoding.js +5 -7
package/dist/fs/{find-up.js → find.js} +12 -14
package/dist/fs/inspect.js +7 -13
package/dist/fs/read-dir.js +7 -10
package/dist/fs/read-file.js +8 -14
package/dist/fs/read-json-cache.d.ts +13 -4
package/dist/fs/read-json-cache.js +9 -6
package/dist/fs/read-json.js +4 -6
package/dist/fs/resolve-module.js +7 -3
package/dist/fs/safe.d.ts +1 -1
package/dist/fs/safe.js +13 -14
package/dist/fs/unique.js +4 -5
package/dist/fs/validate.js +1 -2
package/dist/fs/write-json.js +4 -5
package/dist/git/_internal.js +11 -11
package/dist/git/changed.js +4 -4
package/dist/git/repo.js +5 -7
package/dist/git/staged.js +12 -4
package/dist/git/tracked.d.ts +84 -0
package/dist/git/tracked.js +163 -0
package/dist/git/unstaged.js +12 -4
package/dist/github/ghsa.js +2 -2
package/dist/github/refs-cache.d.ts +1 -1
package/dist/github/refs-cache.js +5 -5
package/dist/github/refs-graphql.js +4 -0
package/dist/github/refs-rest.js +9 -5
package/dist/github/refs.js +15 -10
package/dist/github/{fetch.js → request.js} +13 -2
package/dist/github/token.js +1 -1
package/dist/github/types.d.ts +1 -1
package/dist/globs/_internal.js +8 -10
package/dist/globs/match.js +13 -7
package/dist/globs/matcher.d.ts +3 -3
package/dist/globs/matcher.js +16 -14
package/dist/globs/stream.js +1 -2
package/dist/globs/types.d.ts +24 -24
package/dist/http-request/_internal.d.ts +1 -1
package/dist/http-request/browser.js +10 -4
package/dist/http-request/checksum-file.d.ts +55 -0
package/dist/http-request/checksum-file.js +95 -0
package/dist/http-request/download-types.d.ts +15 -23
package/dist/http-request/download.js +3 -3
package/dist/http-request/{browser-fetch.d.ts → fetch/browser.d.ts} +2 -2
package/dist/http-request/{browser-fetch.js → fetch/browser.js} +4 -4
package/dist/http-request/headers.js +1 -2
package/dist/http-request/request-attempt.js +38 -34
package/dist/http-request/request-types.d.ts +2 -2
package/dist/http-request/request.js +1 -1
package/dist/http-request/user-agent.js +4 -5
package/dist/integrity.d.ts +92 -18
package/dist/integrity.js +125 -30
package/dist/ipc/directory.js +2 -2
package/dist/ipc/paths.js +1 -1
package/dist/ipc/write.js +1 -1
package/dist/ipc-cli/get.js +12 -12
package/dist/json/edit.js +51 -44
package/dist/json/format.js +1 -1
package/dist/json/parse.d.ts +1 -1
package/dist/json/parse.js +3 -7
package/dist/logger/_internal.d.ts +4 -4
package/dist/logger/_internal.js +3 -3
package/dist/logger/colors.js +4 -3
package/dist/logger/console-methods.d.ts +132 -0
package/dist/logger/console-methods.js +169 -0
package/dist/logger/console.d.ts +12 -0
package/dist/logger/console.js +42 -11
package/dist/logger/indentation-methods.d.ts +81 -0
package/dist/logger/indentation-methods.js +121 -0
package/dist/logger/node.d.ts +16 -338
package/dist/logger/node.js +75 -608
package/dist/logger/options.d.ts +39 -0
package/dist/logger/options.js +47 -0
package/dist/logger/semantic-methods.d.ts +63 -0
package/dist/logger/semantic-methods.js +108 -0
package/dist/logger/stream-methods.d.ts +63 -0
package/dist/logger/stream-methods.js +101 -0
package/dist/logger/stream.d.ts +37 -0
package/dist/logger/stream.js +42 -0
package/dist/logger/symbols-builder.js +9 -9
package/dist/logger/symbols.d.ts +2 -25
package/dist/logger/symbols.js +53 -74
package/dist/logger/types.d.ts +1 -1
package/dist/memo/types.d.ts +6 -6
package/dist/native-messaging/host.d.ts +20 -0
package/dist/native-messaging/host.js +120 -0
package/dist/native-messaging/index.d.ts +5 -0
package/dist/native-messaging/index.js +22 -0
package/dist/native-messaging/install.d.ts +60 -0
package/dist/native-messaging/install.js +144 -0
package/dist/native-messaging/rate-limit.d.ts +69 -0
package/dist/native-messaging/rate-limit.js +119 -0
package/dist/native-messaging/run.d.ts +10 -0
package/dist/native-messaging/run.js +17 -0
package/dist/node/async-hooks.js +4 -3
package/dist/node/child-process.js +4 -3
package/dist/node/crypto.js +4 -3
package/dist/node/events.js +4 -3
package/dist/node/fs-promises.js +4 -3
package/dist/node/fs.d.ts +22 -6
package/dist/node/fs.js +17 -3
package/dist/node/http.js +4 -3
package/dist/node/https.js +4 -3
package/dist/node/module.js +10 -6
package/dist/node/os.d.ts +10 -2
package/dist/node/os.js +12 -4
package/dist/node/path.d.ts +11 -2
package/dist/node/path.js +18 -4
package/dist/node/timers-promises.js +4 -3
package/dist/node/url.js +4 -3
package/dist/node/util.js +4 -3
package/dist/objects/getters.js +6 -8
package/dist/objects/inspect.js +1 -4
package/dist/objects/mutate.js +4 -5
package/dist/objects/predicates.js +1 -5
package/dist/objects/sort.js +3 -7
package/dist/packages/edit-class.d.ts +2 -3
package/dist/packages/edit-class.js +53 -48
package/dist/packages/edit.js +12 -14
package/dist/packages/exports.js +15 -21
package/dist/packages/fetch.d.ts +16 -0
package/dist/packages/fetch.js +81 -0
package/dist/packages/find.d.ts +55 -0
package/dist/packages/find.js +65 -0
package/dist/packages/isolation.js +14 -14
package/dist/packages/licenses.js +18 -18
package/dist/packages/manifest.js +16 -19
package/dist/packages/metadata-extensions.d.ts +14 -0
package/dist/packages/metadata-extensions.js +43 -0
package/dist/packages/normalize.js +6 -10
package/dist/packages/provenance.js +17 -19
package/dist/packages/read.d.ts +29 -0
package/dist/packages/read.js +66 -0
package/dist/packages/specs.d.ts +48 -1
package/dist/packages/specs.js +75 -12
package/dist/packages/tarball.d.ts +24 -0
package/dist/packages/tarball.js +81 -0
package/dist/packages/types.d.ts +22 -22
package/dist/packages/validation.js +0 -3
package/dist/paths/_internal.d.ts +2 -1
package/dist/paths/_internal.js +7 -19
package/dist/paths/conversion.js +5 -9
package/dist/paths/dirnames.d.ts +1 -0
package/dist/paths/dirnames.js +2 -0
package/dist/paths/filenames.d.ts +0 -1
package/dist/paths/filenames.js +0 -2
package/dist/paths/normalize.js +4 -5
package/dist/paths/packages.js +4 -7
package/dist/paths/predicates.js +9 -16
package/dist/paths/resolve.js +17 -25
package/dist/paths/rewire.d.ts +5 -0
package/dist/paths/rewire.js +3 -3
package/dist/paths/socket.d.ts +74 -111
package/dist/paths/socket.js +106 -139
package/dist/paths/walk.d.ts +1 -1
package/dist/paths/walk.js +4 -4
package/dist/perf/report.js +2 -2
package/dist/perf/types.d.ts +1 -1
package/dist/pkg-ext/data.js +1 -1
package/dist/primordials/array.js +9 -9
package/dist/primordials/date.js +2 -2
package/dist/primordials/error.js +3 -3
package/dist/primordials/headers.d.ts +10 -0
package/dist/primordials/headers.js +23 -0
package/dist/primordials/intl.d.ts +13 -0
package/dist/primordials/intl.js +26 -0
package/dist/primordials/math.js +33 -33
package/dist/primordials/number.js +9 -9
package/dist/primordials/object.js +5 -5
package/dist/primordials/process.d.ts +88 -0
package/dist/primordials/process.js +132 -0
package/dist/primordials/string.d.ts +2 -2
package/dist/primordials/string.js +6 -6
package/dist/primordials/symbol.js +3 -3
package/dist/primordials/uncurry.d.ts +1 -2
package/dist/primordials/uncurry.js +9 -9
package/dist/process/abort.js +3 -3
package/dist/process/lock-manager.js +8 -8
package/dist/process/spawn/_internal.js +6 -8
package/dist/process/spawn/child.js +20 -14
package/dist/process/spawn/errors.js +3 -5
package/dist/process/spawn/kill-tree.d.ts +53 -0
package/dist/process/spawn/kill-tree.js +85 -0
package/dist/process/spawn/stdio.js +0 -1
package/dist/process/spawn/types.d.ts +5 -5
package/dist/process/transient.js +2 -2
package/dist/promises/_internal.d.ts +2 -1
package/dist/promises/_internal.js +2 -6
package/dist/promises/iterate.js +11 -15
package/dist/promises/options.js +3 -6
package/dist/promises/retry.js +4 -5
package/dist/promises/timers.d.ts +30 -0
package/dist/promises/timers.js +48 -0
package/dist/regexps/spec.js +1 -1
package/dist/releases/github-archives.d.ts +6 -6
package/dist/releases/github-archives.js +3 -3
package/dist/releases/github-asset-url.d.ts +1 -1
package/dist/releases/github-asset-url.js +5 -5
package/dist/releases/github-downloads.d.ts +1 -1
package/dist/releases/github-downloads.js +3 -3
package/dist/releases/github-listing.d.ts +12 -4
package/dist/releases/github-listing.js +20 -7
package/dist/releases/github-retry-config.js +1 -1
package/dist/releases/github-types.d.ts +6 -6
package/dist/releases/socket-btm-binary-naming.d.ts +107 -0
package/dist/releases/socket-btm-binary-naming.js +155 -0
package/dist/releases/socket-btm.d.ts +8 -115
package/dist/releases/socket-btm.js +16 -159
package/dist/schema/types.d.ts +4 -5
package/dist/schema/validate.js +1 -1
package/dist/sea/detect.js +6 -6
package/dist/secrets/_internal.d.ts +2 -2
package/dist/secrets/_internal.js +2 -2
package/dist/secrets/compare.d.ts +45 -0
package/dist/secrets/compare.js +61 -0
package/dist/secrets/find.d.ts +2 -2
package/dist/secrets/find.js +10 -4
package/dist/secrets/keychain.d.ts +1 -1
package/dist/secrets/keychain.js +6 -4
package/dist/secrets/linux.js +40 -52
package/dist/secrets/macos.d.ts +2 -3
package/dist/secrets/macos.js +24 -33
package/dist/secrets/rc.d.ts +4 -4
package/dist/secrets/rc.js +27 -17
package/dist/secrets/socket-api-token.d.ts +4 -4
package/dist/secrets/socket-api-token.js +26 -9
package/dist/secrets/windows.js +32 -37
package/dist/shadow/skip.js +2 -2
package/dist/shell/parse.d.ts +32 -0
package/dist/shell/parse.js +60 -0
package/dist/smol/detect.js +9 -10
package/dist/smol/http.js +6 -7
package/dist/smol/https.js +6 -7
package/dist/smol/manifest.d.ts +1 -1
package/dist/smol/manifest.js +6 -7
package/dist/smol/path.d.ts +1 -1
package/dist/smol/path.js +7 -8
package/dist/smol/primordial.d.ts +4 -0
package/dist/smol/primordial.js +6 -7
package/dist/smol/purl.d.ts +1 -1
package/dist/smol/purl.js +7 -8
package/dist/smol/versions.js +6 -7
package/dist/smol/vfs.js +6 -7
package/dist/sorts/_internal.js +6 -8
package/dist/sorts/natural.js +10 -12
package/dist/sorts/semver.js +1 -2
package/dist/sorts/strings.js +0 -1
package/dist/sorts/types.d.ts +1 -1
package/dist/spinner/create-spinner-class.d.ts +38 -0
package/dist/spinner/create-spinner-class.js +302 -0
package/dist/spinner/default.js +8 -9
package/dist/spinner/spinner-internals.d.ts +36 -0
package/dist/spinner/spinner-internals.js +105 -0
package/dist/spinner/spinner-shimmer-methods.d.ts +54 -0
package/dist/spinner/spinner-shimmer-methods.js +143 -0
package/dist/spinner/spinner-status-methods.d.ts +40 -0
package/dist/spinner/spinner-status-methods.js +133 -0
package/dist/spinner/spinner.d.ts +8 -5
package/dist/spinner/spinner.js +19 -706
package/dist/spinner/types.d.ts +3 -1
package/dist/spinner/with.d.ts +10 -0
package/dist/spinner/with.js +16 -2
package/dist/stdio/divider.js +1 -1
package/dist/stdio/footer.js +3 -3
package/dist/stdio/header.js +4 -4
package/dist/stdio/progress.js +10 -6
package/dist/stdio/prompts.d.ts +7 -5
package/dist/stdio/prompts.js +7 -8
package/dist/stdio/stdout.js +3 -3
package/dist/streams/parallel.js +3 -5
package/dist/streams/transform.js +2 -3
package/dist/strings/format.js +2 -6
package/dist/strings/predicates.js +0 -2
package/dist/strings/search.js +1 -2
package/dist/strings/transform.js +0 -3
package/dist/strings/width.js +9 -10
package/dist/tables/bordered.js +4 -3
package/dist/tables/padding.js +1 -1
package/dist/tables/simple.js +8 -5
package/dist/temporal/instant.js +1 -1
package/dist/temporal/slots.js +6 -6
package/dist/temporal/system.js +9 -9
package/dist/themes/context.d.ts +3 -2
package/dist/themes/context.js +4 -5
package/dist/themes/themes.js +15 -15
package/dist/themes/types.d.ts +3 -3
package/dist/url/assert-safe.d.ts +29 -0
package/dist/url/assert-safe.js +54 -0
package/dist/url/parse.js +0 -2
package/dist/url/predicates.d.ts +31 -1
package/dist/url/predicates.js +43 -3
package/dist/url/search-params.js +3 -9
package/dist/url/types.d.ts +9 -5
package/dist/versions/_internal.js +3 -3
package/dist/words/article.js +0 -1
package/dist/words/capitalize.js +0 -1
package/dist/words/pluralize.js +15 -5
package/package.json +419 -216
package/dist/external-tools/uv/asset-names.d.ts +0 -36
package/dist/external-tools/uv/asset-names.js +0 -70
package/dist/external-tools/uv/from-download.d.ts +0 -17
package/dist/external-tools/uv/from-download.js +0 -47
package/dist/external-tools/uv/from-path.d.ts +0 -5
package/dist/external-tools/uv/from-path.js +0 -22
package/dist/external-tools/uv/from-vfs.d.ts +0 -7
package/dist/external-tools/uv/from-vfs.js +0 -26
package/dist/external-tools/uv/resolve.d.ts +0 -25
package/dist/external-tools/uv/resolve.js +0 -53
package/dist/external-tools/uv/types.d.ts +0 -24
package/dist/fs/path-cache.d.ts +0 -21
package/dist/fs/path-cache.js +0 -34
package/dist/http-request/checksums.d.ts +0 -69
package/dist/http-request/checksums.js +0 -108
package/dist/http-request/http-request.d.ts +0 -12
package/dist/http-request/http-request.js +0 -11
package/dist/packages/operations.d.ts +0 -113
package/dist/packages/operations.js +0 -304
package/dist/ssri/convert.d.ts +0 -48
package/dist/ssri/convert.js +0 -69
package/dist/ssri/parse.d.ts +0 -27
package/dist/ssri/parse.js +0 -41
package/dist/ssri/validate.d.ts +0 -41
package/dist/ssri/validate.js +0 -56
/package/dist/{bin → cli}/check.d.ts +0 -0
/package/dist/external-tools/{uv → python}/types.js +0 -0
/package/dist/fs/{find-up.d.ts → find.d.ts} +0 -0
/package/dist/github/{fetch.d.ts → request.d.ts} +0 -0

package/dist/integrity.d.ts CHANGED Viewed

@@ -1,21 +1,9 @@
-/**
- * @file Integrity specification helpers for downloads and file verification.
- *   Used by `dlx/binary-download` and external-tools resolvers; safe to consume
- *   from any module that needs to verify bytes against an expected hash. Single
- *   supported format per flavor:
- *
- *   - integrity: SRI with sha512 only (what npm registry returns)
- *   - checksum: sha256 hex (what `shasum -a 256` produces; common for binary
- *     release assets on GitHub) Callers may pass a {@link HashSpec} as a bare
- *     string (sniffed via format) or as an explicit `{ type, value }` object.
- *     The normalized form carried around internally is always the object.
- */
 /**
  * Tagged union representing an expected hash.
  *
  * @example
  *   // Bare SRI (sniffed as integrity):
- *   'sha512-abc...'
+ *   'sha256-NiCg/K+B7NOq7M1ZZZGdkNvJE/TQepbhHnyvwseFBUs='
  *
  * @example
  *   // Bare sha256 hex (sniffed as checksum):
@@ -23,7 +11,7 @@
  *
  * @example
  *   // Explicit:
- *   { type: 'integrity', value: 'sha512-abc...' }
+ *   { type: 'integrity', value: 'sha512-...' }
  *   { type: 'checksum', value: 'a1b2c3...' }
  */
 export type HashSpec = string | {
@@ -50,22 +38,95 @@ export interface ComputedHashes {
      */
     integrity: string;
     /**
-     * SHA-256 hex (64 chars). Matches `shasum -a 256`.
+     * Sha256 hex (64 chars). Matches `shasum -a 256`.
      */
     checksum: string;
 }
+/**
+ * Parsed components of an integrity string.
+ */
+export interface ParsedIntegrity {
+    /**
+     * SRI algorithm: `'sha256' | 'sha384' | 'sha512'`.
+     */
+    algorithm: string;
+    /**
+     * Base64-encoded digest body (everything after the `-`).
+     */
+    body: string;
+}
+/**
+ * Convert a sha256 hex checksum to its SRI integrity form (`sha256-<base64>`).
+ * Idempotent on integrity input — call this on user-supplied data without first
+ * sniffing the format.
+ *
+ * The default algorithm is `'sha256'` because this converts a _checksum_, and
+ * checksums are sha256 by fleet convention (the GitHub-SHA256SUMS interop shape
+ * its only caller, `checksum-file.ts`, parses). Do NOT flip this default to
+ * sha512: this function only relabels the hex bytes, it does not re-hash, so a
+ * sha512 label on a 256-bit digest would be a lie. The canonical algorithm for
+ * OUR-side integrity values is sha512 — emitted by `computeHashes` as the
+ * `integrity` (`sha512-<base64>`) field; sha256 is reserved for
+ * upstream-SHASUMS interop and content addressing. Pass an explicit algorithm
+ * if you have a hex digest from `sha384` or `sha512` (the function does not
+ * verify hex length against the algorithm — caller's responsibility).
+ *
+ * @example
+ *   ;```typescript
+ *   checksumToIntegrity(
+ *     '3620a0fcaf81ecd3aaeccd5965919d90dbc913f4d07a96e11e7cafc2c785054b',
+ *   )
+ *   // 'sha256-NiCg/K+B7NOq7M1ZZZGdkNvJE/TQepbhHnyvwseFBUs='
+ *
+ *   checksumToIntegrity('sha256-NiCg/K+B7NOq7M1ZZZGdkNvJE/TQepbhHnyvwseFBUs=')
+ *   // 'sha256-NiCg/K+B7NOq7M1ZZZGdkNvJE/TQepbhHnyvwseFBUs=' (idempotent)
+ *   ```
+ *
+ * @throws TypeError when the input is neither a recognized SRI nor a hex
+ *   digest.
+ */
+export declare function checksumToIntegrity(input: string, algorithm?: string): string;
 /**
  * Compute both integrity (sha512 SRI) and checksum (sha256 hex) for a buffer of
  * bytes.
  */
 export declare function computeHashes(bytes: Buffer): ComputedHashes;
-export declare function isChecksumString(s: string): boolean;
-export declare function isIntegrityString(s: string): boolean;
+/**
+ * Convert a sha256 SRI integrity string to its hex checksum form (64 lowercase
+ * chars). Idempotent on checksum input.
+ *
+ * Throws on `sha384` and `sha512` SRI — checksums are sha256-only by fleet
+ * convention. Callers that need a hex digest for those algorithms can call
+ * `parseIntegrity(sri)` and decode `.body` manually.
+ *
+ * @example
+ *   ;```typescript
+ *   integrityToChecksum('sha256-NiCg/K+B7NOq7M1ZZZGdkNvJE/TQepbhHnyvwseFBUs=')
+ *   // '3620a0fcaf81ecd3aaeccd5965919d90dbc913f4d07a96e11e7cafc2c785054b'
+ *
+ *   integrityToChecksum(
+ *     '3620a0fcaf81ecd3aaeccd5965919d90dbc913f4d07a96e11e7cafc2c785054b',
+ *   )
+ *   // '3620a0fcaf81ecd3aaeccd5965919d90dbc913f4d07a96e11e7cafc2c785054b' (idempotent)
+ *   ```
+ *
+ * @throws TypeError when the input is neither a recognized SRI nor a hex
+ *   checksum, or when the input is a non-sha256 SRI.
+ */
+export declare function integrityToChecksum(input: string): string;
+/**
+ * True when `s` is a sha256 hex checksum (exactly 64 hex chars).
+ */
+export declare function isChecksum(s: string): boolean;
+/**
+ * True when `s` is a W3C SRI integrity string: `sha(256|384|512)-<base64>`.
+ */
+export declare function isIntegrity(s: string): boolean;
 /**
  * Normalize a {@link HashSpec} to its canonical `{ type, value }` form.
  *
  * - Object form is trusted (its `value` is validated for shape).
- * - Bare string matching sha512 SRI → integrity.
+ * - Bare string matching SRI → integrity.
  * - Bare string of 64 hex chars → checksum.
  * - Anything else throws TypeError.
  *
@@ -73,6 +134,19 @@ export declare function isIntegrityString(s: string): boolean;
  *   object's value doesn't match its declared type.
  */
 export declare function normalizeHash(spec: HashSpec): NormalizedHash;
+/**
+ * Split an integrity string into its `{ algorithm, body }` components. `body`
+ * is the base64-encoded digest (everything after the algorithm + dash).
+ *
+ * @example
+ *   ;```typescript
+ *   parseIntegrity('sha256-NiCg/K+B7NOq7M1ZZZGdkNvJE/TQepbhHnyvwseFBUs=')
+ *   // { algorithm: 'sha256', body: 'NiCg/K+B7NOq7M1ZZZGdkNvJE/TQepbhHnyvwseFBUs=' }
+ *   ```
+ *
+ * @throws Error when the input is not a valid SRI integrity string.
+ */
+export declare function parseIntegrity(sri: string): ParsedIntegrity;
 /**
  * Verify computed hashes against an expected {@link NormalizedHash}. Uses
  * `crypto.timingSafeEqual` for constant-time comparison.

package/dist/integrity.js CHANGED Viewed

@@ -1,51 +1,123 @@
 "use strict";
 /* Socket Lib - Built with rolldown */
 Object.defineProperty(exports, Symbol.toStringTag, { value: 'Module' });
+const require_runtime = require('./_virtual/_rolldown/runtime.js');
 const require_crypto_hash = require('./crypto/hash.js');
 const require_primordials_buffer = require('./primordials/buffer.js');
 const require_primordials_error = require('./primordials/error.js');
-const require_primordials_string = require('./primordials/string.js');
 let node_crypto = require("node:crypto");
+node_crypto = require_runtime.__toESM(node_crypto);
 //#region src/integrity.ts
 /**
-* @file Integrity specification helpers for downloads and file verification.
-*   Used by `dlx/binary-download` and external-tools resolvers; safe to consume
-*   from any module that needs to verify bytes against an expected hash. Single
-*   supported format per flavor:
+* @file Integrity + checksum helpers. The fleet uses two named hash flavors:
 *
-*   - integrity: SRI with sha512 only (what npm registry returns)
-*   - checksum: sha256 hex (what `shasum -a 256` produces; common for binary
-*     release assets on GitHub) Callers may pass a {@link HashSpec} as a bare
-*     string (sniffed via format) or as an explicit `{ type, value }` object.
-*     The normalized form carried around internally is always the object.
+*   - **integrity** — W3C Subresource Integrity string:
+*     `sha(256|384|512)-<base64>`. The same shape the npm registry returns and
+*     the `<script integrity>` HTML attribute accepts. Algorithm is embedded.
+*   - **checksum** — sha256 hex digest, exactly 64 lowercase chars. The shape
+*     produced by `shasum -a 256` and used in GitHub-release SHA256SUMS files.
+*     Conversion is direction-specific so the names read in English:
+*     `checksumToIntegrity(hex)` and `integrityToChecksum(sri)`. Both are
+*     idempotent on the destination format (pass an SRI to
+*     `checksumToIntegrity`, get the same SRI back) so callers can apply them
+*     without first sniffing the input shape. "SSRI" is just another name for
+*     Subresource Integrity — this module is the only one that should mention
+*     it, and only inside `parseIntegrity` to extract the embedded algorithm +
+*     body.
 */
-const INTEGRITY_PREFIX = "sha512-";
-const INTEGRITY_BODY_RE = /^[A-Za-z0-9+/=]+$/;
+const INTEGRITY_RE = /^(sha(?:256|384|512))-([A-Za-z0-9+/]+=*)$/;
 const CHECKSUM_RE = /^[a-f0-9]{64}$/i;
 /**
+* Convert a sha256 hex checksum to its SRI integrity form (`sha256-<base64>`).
+* Idempotent on integrity input — call this on user-supplied data without first
+* sniffing the format.
+*
+* The default algorithm is `'sha256'` because this converts a _checksum_, and
+* checksums are sha256 by fleet convention (the GitHub-SHA256SUMS interop shape
+* its only caller, `checksum-file.ts`, parses). Do NOT flip this default to
+* sha512: this function only relabels the hex bytes, it does not re-hash, so a
+* sha512 label on a 256-bit digest would be a lie. The canonical algorithm for
+* OUR-side integrity values is sha512 — emitted by `computeHashes` as the
+* `integrity` (`sha512-<base64>`) field; sha256 is reserved for
+* upstream-SHASUMS interop and content addressing. Pass an explicit algorithm
+* if you have a hex digest from `sha384` or `sha512` (the function does not
+* verify hex length against the algorithm — caller's responsibility).
+*
+* @example
+*   ;```typescript
+*   checksumToIntegrity(
+*     '3620a0fcaf81ecd3aaeccd5965919d90dbc913f4d07a96e11e7cafc2c785054b',
+*   )
+*   // 'sha256-NiCg/K+B7NOq7M1ZZZGdkNvJE/TQepbhHnyvwseFBUs='
+*
+*   checksumToIntegrity('sha256-NiCg/K+B7NOq7M1ZZZGdkNvJE/TQepbhHnyvwseFBUs=')
+*   // 'sha256-NiCg/K+B7NOq7M1ZZZGdkNvJE/TQepbhHnyvwseFBUs=' (idempotent)
+*   ```
+*
+* @throws TypeError when the input is neither a recognized SRI nor a hex
+*   digest.
+*/
+function checksumToIntegrity(input, algorithm = "sha256") {
+	if (isIntegrity(input)) return input;
+	if (!/^[a-f0-9]+$/i.test(input)) throw new require_primordials_error.TypeErrorCtor(`checksumToIntegrity: expected a hex digest or SRI string, got: ${input}`);
+	return `${algorithm}-${require_primordials_buffer.BufferPrototypeToString(require_primordials_buffer.BufferFrom(input, "hex"), "base64")}`;
+}
+/**
 * Compute both integrity (sha512 SRI) and checksum (sha256 hex) for a buffer of
 * bytes.
 */
 function computeHashes(bytes) {
 	return {
-		integrity: `sha512-${/* @__PURE__ */ require_crypto_hash.hash("sha512", bytes, "base64")}`,
-		checksum: /* @__PURE__ */ require_crypto_hash.hash("sha256", bytes, "hex")
+		integrity: `sha512-${require_crypto_hash.hash("sha512", bytes, "base64")}`,
+		checksum: require_crypto_hash.hash("sha256", bytes, "hex")
 	};
 }
-function isChecksumString(s) {
+/**
+* Convert a sha256 SRI integrity string to its hex checksum form (64 lowercase
+* chars). Idempotent on checksum input.
+*
+* Throws on `sha384` and `sha512` SRI — checksums are sha256-only by fleet
+* convention. Callers that need a hex digest for those algorithms can call
+* `parseIntegrity(sri)` and decode `.body` manually.
+*
+* @example
+*   ;```typescript
+*   integrityToChecksum('sha256-NiCg/K+B7NOq7M1ZZZGdkNvJE/TQepbhHnyvwseFBUs=')
+*   // '3620a0fcaf81ecd3aaeccd5965919d90dbc913f4d07a96e11e7cafc2c785054b'
+*
+*   integrityToChecksum(
+*     '3620a0fcaf81ecd3aaeccd5965919d90dbc913f4d07a96e11e7cafc2c785054b',
+*   )
+*   // '3620a0fcaf81ecd3aaeccd5965919d90dbc913f4d07a96e11e7cafc2c785054b' (idempotent)
+*   ```
+*
+* @throws TypeError when the input is neither a recognized SRI nor a hex
+*   checksum, or when the input is a non-sha256 SRI.
+*/
+function integrityToChecksum(input) {
+	if (isChecksum(input)) return input;
+	const parsed = parseIntegrity(input);
+	if (parsed.algorithm !== "sha256") throw new require_primordials_error.TypeErrorCtor(`integrityToChecksum: ${parsed.algorithm} integrity has no 64-hex-char checksum form — checksums are sha256-only by fleet convention.`);
+	return require_primordials_buffer.BufferPrototypeToString(require_primordials_buffer.BufferFrom(parsed.body, "base64"), "hex");
+}
+/**
+* True when `s` is a sha256 hex checksum (exactly 64 hex chars).
+*/
+function isChecksum(s) {
 	return CHECKSUM_RE.test(s);
 }
-function isIntegrityString(s) {
-	if (!require_primordials_string.StringPrototypeStartsWith(s, INTEGRITY_PREFIX)) return false;
-	const body = require_primordials_string.StringPrototypeSlice(s, 7);
-	return body.length > 0 && INTEGRITY_BODY_RE.test(body);
+/**
+* True when `s` is a W3C SRI integrity string: `sha(256|384|512)-<base64>`.
+*/
+function isIntegrity(s) {
+	return INTEGRITY_RE.test(s);
 }
 /**
 * Normalize a {@link HashSpec} to its canonical `{ type, value }` form.
 *
 * - Object form is trusted (its `value` is validated for shape).
-* - Bare string matching sha512 SRI → integrity.
+* - Bare string matching SRI → integrity.
 * - Bare string of 64 hex chars → checksum.
 * - Anything else throws TypeError.
 *
@@ -55,31 +127,51 @@ function isIntegrityString(s) {
 function normalizeHash(spec) {
 	if (typeof spec === "object" && spec !== null) {
 		if (spec.type === "integrity") {
-			if (!isIntegrityString(spec.value)) throw new require_primordials_error.TypeErrorCtor(`Expected SRI integrity string "sha512-<base64>", got: ${spec.value}`);
+			if (!isIntegrity(spec.value)) throw new require_primordials_error.TypeErrorCtor(`normalizeHash: expected SRI integrity "sha(256|384|512)-<base64>", got: ${spec.value}`);
 			return {
 				type: "integrity",
 				value: spec.value
 			};
 		}
 		if (spec.type === "checksum") {
-			if (!isChecksumString(spec.value)) throw new require_primordials_error.TypeErrorCtor(`Expected sha256 hex string (64 hex chars), got: ${spec.value}`);
+			if (!isChecksum(spec.value)) throw new require_primordials_error.TypeErrorCtor(`normalizeHash: expected sha256 hex checksum (64 hex chars), got: ${spec.value}`);
 			return {
 				type: "checksum",
 				value: spec.value
 			};
 		}
-		throw new require_primordials_error.TypeErrorCtor(`Unknown hash type: ${spec.type}`);
+		throw new require_primordials_error.TypeErrorCtor(`normalizeHash: unknown hash type: ${spec.type}`);
 	}
-	if (typeof spec !== "string") throw new require_primordials_error.TypeErrorCtor(`HashSpec must be a string or { type, value } object, got: ${typeof spec}`);
-	if (isIntegrityString(spec)) return {
+	if (typeof spec !== "string") throw new require_primordials_error.TypeErrorCtor(`normalizeHash: expected string or { type, value }, got: ${typeof spec}`);
+	if (isIntegrity(spec)) return {
 		type: "integrity",
 		value: spec
 	};
-	if (isChecksumString(spec)) return {
+	if (isChecksum(spec)) return {
 		type: "checksum",
 		value: spec
 	};
-	throw new require_primordials_error.TypeErrorCtor(`Unrecognized hash format. Expected SRI integrity ("sha512-<base64>") or sha256 hex (64 hex chars), got: ${spec}`);
+	throw new require_primordials_error.TypeErrorCtor(`normalizeHash: unrecognized hash format. Expected SRI integrity ("sha(256|384|512)-<base64>") or sha256 hex checksum (64 hex chars), got: ${spec}`);
+}
+/**
+* Split an integrity string into its `{ algorithm, body }` components. `body`
+* is the base64-encoded digest (everything after the algorithm + dash).
+*
+* @example
+*   ;```typescript
+*   parseIntegrity('sha256-NiCg/K+B7NOq7M1ZZZGdkNvJE/TQepbhHnyvwseFBUs=')
+*   // { algorithm: 'sha256', body: 'NiCg/K+B7NOq7M1ZZZGdkNvJE/TQepbhHnyvwseFBUs=' }
+*   ```
+*
+* @throws Error when the input is not a valid SRI integrity string.
+*/
+function parseIntegrity(sri) {
+	const m = INTEGRITY_RE.exec(sri);
+	if (!m) throw new require_primordials_error.ErrorCtor(`parseIntegrity: invalid SRI format: ${sri}`);
+	return {
+		algorithm: m[1],
+		body: m[2]
+	};
 }
 /**
 * Verify computed hashes against an expected {@link NormalizedHash}. Uses
@@ -92,7 +184,7 @@ function verifyHash(expected, computed) {
 	const actual = expected.type === "integrity" ? computed.integrity : computed.checksum;
 	const expectedBuf = require_primordials_buffer.BufferFrom(expected.value);
 	const actualBuf = require_primordials_buffer.BufferFrom(actual);
-	if (expectedBuf.length !== actualBuf.length || !(0, node_crypto.timingSafeEqual)(expectedBuf, actualBuf)) throw new DlxHashMismatchError(expected, computed);
+	if (expectedBuf.length !== actualBuf.length || !node_crypto.default.timingSafeEqual(expectedBuf, actualBuf)) throw new DlxHashMismatchError(expected, computed);
 }
 /**
 * Thrown when an expected hash doesn't match the computed hash of the
@@ -112,8 +204,11 @@ var DlxHashMismatchError = class extends Error {
 //#endregion
 exports.DlxHashMismatchError = DlxHashMismatchError;
+exports.checksumToIntegrity = checksumToIntegrity;
 exports.computeHashes = computeHashes;
-exports.isChecksumString = isChecksumString;
-exports.isIntegrityString = isIntegrityString;
+exports.integrityToChecksum = integrityToChecksum;
+exports.isChecksum = isChecksum;
+exports.isIntegrity = isIntegrity;
 exports.normalizeHash = normalizeHash;
+exports.parseIntegrity = parseIntegrity;
 exports.verifyHash = verifyHash;

package/dist/ipc/directory.js CHANGED Viewed

@@ -27,8 +27,8 @@ node_process = require_runtime.__toESM(node_process);
 * @internal
 */
 async function ensureIpcDirectory(filePath) {
-	const fs = /* @__PURE__ */ require_node_fs.getNodeFs();
-	const dir = (/* @__PURE__ */ require_node_path.getNodePath()).dirname(filePath);
+	const fs = require_node_fs.getNodeFs();
+	const dir = require_node_path.getNodePath().dirname(filePath);
 	await fs.promises.mkdir(dir, {
 		recursive: true,
 		mode: 448

package/dist/ipc/paths.js CHANGED Viewed

@@ -46,7 +46,7 @@ node_process = require_runtime.__toESM(node_process);
 */
 function getIpcStubPath(appName) {
 	const tempDir = require_paths_socket.getOsTmpDir();
-	const path = /* @__PURE__ */ require_node_path.getNodePath();
+	const path = require_node_path.getNodePath();
 	const stubDir = path.join(tempDir, ".socket-ipc", appName);
 	return path.join(stubDir, `stub-${node_process.default.pid}.json`);
 }

package/dist/ipc/write.js CHANGED Viewed

@@ -60,7 +60,7 @@ async function writeIpcStub(appName, data) {
 		pid: node_process.default.pid,
 		timestamp: require_primordials_date.DateNow()
 	});
-	const fs = /* @__PURE__ */ require_node_fs.getNodeFs();
+	const fs = require_node_fs.getNodeFs();
 	const flags = fs.constants.O_CREAT | fs.constants.O_WRONLY | fs.constants.O_EXCL | fs.constants.O_NOFOLLOW;
 	let handle;
 	try {

package/dist/ipc-cli/get.js CHANGED Viewed

@@ -12,21 +12,21 @@ const require_primordials_object = require('../primordials/object.js');
 *   `@socketsecurity/lib/ipc` (`getIpcStubPath`, `writeIpcStub`) for cases
 *   where data exceeds env-var size limits.
 */
-let _ipcObject;
+let ipcObject;
 async function getIpc(key) {
-	if (_ipcObject === void 0) {
-		_ipcObject = {};
+	if (ipcObject === void 0) {
+		ipcObject = {};
 		const { env } = process;
-		if (env["SOCKET_CLI_FIX"]) _ipcObject.SOCKET_CLI_FIX = env["SOCKET_CLI_FIX"];
-		if (env["SOCKET_CLI_OPTIMIZE"]) _ipcObject.SOCKET_CLI_OPTIMIZE = env["SOCKET_CLI_OPTIMIZE"] === "true" || env["SOCKET_CLI_OPTIMIZE"] === "1";
-		if (env["SOCKET_CLI_SHADOW_ACCEPT_RISKS"]) _ipcObject.SOCKET_CLI_SHADOW_ACCEPT_RISKS = env["SOCKET_CLI_SHADOW_ACCEPT_RISKS"] === "true" || env["SOCKET_CLI_SHADOW_ACCEPT_RISKS"] === "1";
-		if (env["SOCKET_CLI_SHADOW_API_TOKEN"]) _ipcObject.SOCKET_CLI_SHADOW_API_TOKEN = env["SOCKET_CLI_SHADOW_API_TOKEN"];
-		if (env["SOCKET_CLI_SHADOW_BIN"]) _ipcObject.SOCKET_CLI_SHADOW_BIN = env["SOCKET_CLI_SHADOW_BIN"];
-		if (env["SOCKET_CLI_SHADOW_PROGRESS"]) _ipcObject.SOCKET_CLI_SHADOW_PROGRESS = env["SOCKET_CLI_SHADOW_PROGRESS"] === "true" || env["SOCKET_CLI_SHADOW_PROGRESS"] === "1";
-		if (env["SOCKET_CLI_SHADOW_SILENT"]) _ipcObject.SOCKET_CLI_SHADOW_SILENT = env["SOCKET_CLI_SHADOW_SILENT"] === "true" || env["SOCKET_CLI_SHADOW_SILENT"] === "1";
-		require_primordials_object.ObjectFreeze(_ipcObject);
+		if (env["SOCKET_CLI_FIX"]) ipcObject.SOCKET_CLI_FIX = env["SOCKET_CLI_FIX"];
+		if (env["SOCKET_CLI_OPTIMIZE"]) ipcObject.SOCKET_CLI_OPTIMIZE = env["SOCKET_CLI_OPTIMIZE"] === "1" || env["SOCKET_CLI_OPTIMIZE"] === "true";
+		if (env["SOCKET_CLI_SHADOW_ACCEPT_RISKS"]) ipcObject.SOCKET_CLI_SHADOW_ACCEPT_RISKS = env["SOCKET_CLI_SHADOW_ACCEPT_RISKS"] === "1" || env["SOCKET_CLI_SHADOW_ACCEPT_RISKS"] === "true";
+		if (env["SOCKET_CLI_SHADOW_API_TOKEN"]) ipcObject.SOCKET_CLI_SHADOW_API_TOKEN = env["SOCKET_CLI_SHADOW_API_TOKEN"];
+		if (env["SOCKET_CLI_SHADOW_BIN"]) ipcObject.SOCKET_CLI_SHADOW_BIN = env["SOCKET_CLI_SHADOW_BIN"];
+		if (env["SOCKET_CLI_SHADOW_PROGRESS"]) ipcObject.SOCKET_CLI_SHADOW_PROGRESS = env["SOCKET_CLI_SHADOW_PROGRESS"] === "1" || env["SOCKET_CLI_SHADOW_PROGRESS"] === "true";
+		if (env["SOCKET_CLI_SHADOW_SILENT"]) ipcObject.SOCKET_CLI_SHADOW_SILENT = env["SOCKET_CLI_SHADOW_SILENT"] === "1" || env["SOCKET_CLI_SHADOW_SILENT"] === "true";
+		require_primordials_object.ObjectFreeze(ipcObject);
 	}
-	return key ? _ipcObject[key] : _ipcObject;
+	return key ? ipcObject[key] : ipcObject;
 }
 //#endregion

package/dist/json/edit.js CHANGED Viewed

@@ -6,10 +6,10 @@ const require_primordials_error = require('../primordials/error.js');
 const require_node_fs = require('../node/fs.js');
 const require_primordials_json = require('../primordials/json.js');
 const require_errors_predicates = require('../errors/predicates.js');
+const require_promises_timers = require('../promises/timers.js');
 const require_json_format = require('./format.js');
 let node_process = require("node:process");
 node_process = require_runtime.__toESM(node_process);
-let node_timers_promises = require("node:timers/promises");
 //#region src/json/edit.ts
 /**
@@ -17,7 +17,7 @@ let node_timers_promises = require("node:timers/promises");
 */
 const identSymbol = require_json_format.INDENT_SYMBOL;
 const newlineSymbol = require_json_format.NEWLINE_SYMBOL;
-let _EditableJsonClass;
+let editableJsonClass;
 /**
 * Get the EditableJson class for JSON file manipulation.
 *
@@ -31,24 +31,23 @@ let _EditableJsonClass;
 *   await config.save({ sort: true })
 *   ```
 */
-/*@__NO_SIDE_EFFECTS__*/
 function getEditableJsonClass() {
-	if (_EditableJsonClass === void 0) _EditableJsonClass = class EditableJson {
-		_canSave = true;
-		_content = {};
-		_path = void 0;
-		_readFileContent = "";
-		_readFileJson = void 0;
+	if (editableJsonClass === void 0) editableJsonClass = class EditableJson {
+		canSave = true;
+		contentData = {};
+		pathValue = void 0;
+		readFileContent = "";
+		readFileJson = void 0;
 		get content() {
-			return this._content;
+			return this.contentData;
 		}
 		get filename() {
-			const path = this._path;
+			const path = this.pathValue;
 			if (!path) return "";
 			return path;
 		}
 		get path() {
-			return this._path;
+			return this.pathValue;
 		}
 		static async create(path, opts = { __proto__: null }) {
 			const instance = new EditableJson();
@@ -67,14 +66,14 @@ function getEditableJsonClass() {
 			/* c8 ignore stop */
 		}
 		create(path) {
-			this._path = path;
-			this._content = {};
-			this._canSave = true;
+			this.pathValue = path;
+			this.contentData = {};
+			this.canSave = true;
 			return this;
 		}
 		fromContent(data) {
-			this._content = data;
-			this._canSave = false;
+			this.contentData = data;
+			this.canSave = false;
 			return this;
 		}
 		fromJSON(data) {
@@ -83,49 +82,57 @@ function getEditableJsonClass() {
 			const newline = require_json_format.detectNewline(data);
 			parsed[identSymbol] = indent;
 			parsed[newlineSymbol] = newline;
-			this._content = parsed;
+			this.contentData = parsed;
 			return this;
 		}
 		async load(path) {
-			this._path = path;
-			this._readFileContent = await readFile(this.filename);
-			this.fromJSON(this._readFileContent);
-			this._readFileJson = require_primordials_json.JSONParse(this._readFileContent);
+			this.pathValue = path;
+			this.readFileContent = await readFile(this.filename);
+			this.fromJSON(this.readFileContent);
+			this.readFileJson = require_primordials_json.JSONParse(this.readFileContent);
 			return this;
 		}
 		async save(options) {
-			if (!this._canSave || this.content === void 0) throw new require_primordials_error.ErrorCtor("No file path to save to");
-			if (!require_json_format.shouldSave(this.content, this._readFileJson, this._readFileContent, options)) return false;
+			options = {
+				__proto__: null,
+				...options
+			};
+			if (!this.canSave || this.content === void 0) throw new require_primordials_error.ErrorCtor("No file path to save to");
+			if (!require_json_format.shouldSave(this.content, this.readFileJson, this.readFileContent, options)) return false;
 			const content = require_json_format.stripFormattingSymbols(this.content);
 			const fileContent = require_json_format.stringifyWithFormatting(options?.sort ? require_json_format.sortKeys(content) : content, require_json_format.getFormattingFromContent(this.content));
 			await retryWrite(this.filename, fileContent);
-			this._readFileContent = fileContent;
-			this._readFileJson = require_primordials_json.JSONParse(fileContent);
+			this.readFileContent = fileContent;
+			this.readFileJson = require_primordials_json.JSONParse(fileContent);
 			return true;
 		}
 		saveSync(options) {
-			if (!this._canSave || this.content === void 0) throw new require_primordials_error.ErrorCtor("No file path to save to");
-			if (!require_json_format.shouldSave(this.content, this._readFileJson, this._readFileContent, options)) return false;
+			options = {
+				__proto__: null,
+				...options
+			};
+			if (!this.canSave || this.content === void 0) throw new require_primordials_error.ErrorCtor("No file path to save to");
+			if (!require_json_format.shouldSave(this.content, this.readFileJson, this.readFileContent, options)) return false;
 			const content = require_json_format.stripFormattingSymbols(this.content);
 			const fileContent = require_json_format.stringifyWithFormatting(options?.sort ? require_json_format.sortKeys(content) : content, require_json_format.getFormattingFromContent(this.content));
-			(/* @__PURE__ */ require_node_fs.getNodeFs()).writeFileSync(this.filename, fileContent);
-			this._readFileContent = fileContent;
-			this._readFileJson = require_primordials_json.JSONParse(fileContent);
+			require_node_fs.getNodeFs().writeFileSync(this.filename, fileContent);
+			this.readFileContent = fileContent;
+			this.readFileJson = require_primordials_json.JSONParse(fileContent);
 			return true;
 		}
 		update(content) {
-			this._content = {
-				...this._content,
+			this.contentData = {
+				...this.contentData,
 				...content
 			};
 			return this;
 		}
 		willSave(options) {
-			if (!this._canSave || this.content === void 0) return false;
-			return require_json_format.shouldSave(this.content, this._readFileJson, this._readFileContent, options);
+			if (!this.canSave || this.content === void 0) return false;
+			return require_json_format.shouldSave(this.content, this.readFileJson, this.readFileContent, options);
 		}
 	};
-	return _EditableJsonClass;
+	return editableJsonClass;
 }
 /**
 * Read file content from disk with retry logic for ENOENT errors.
@@ -133,7 +140,7 @@ function getEditableJsonClass() {
 * @private
 */
 async function readFile(filepath) {
-	const { promises: fsPromises } = /* @__PURE__ */ require_node_fs.getNodeFs();
+	const { promises: fsPromises } = require_node_fs.getNodeFs();
 	/* c8 ignore start */
 	const maxRetries = node_process.default.platform === "win32" ? 5 : 1;
 	for (let attempt = 0; attempt <= maxRetries; attempt++) try {
@@ -141,7 +148,7 @@ async function readFile(filepath) {
 	} catch (e) {
 		const isLastAttempt = attempt === maxRetries;
 		if (!(require_errors_predicates.isErrnoException(e) && e.code === "ENOENT") || isLastAttempt) throw e;
-		await (0, node_timers_promises.setTimeout)(node_process.default.platform === "win32" ? 50 * (attempt + 1) : 20);
+		await require_promises_timers.sleep(node_process.default.platform === "win32" ? 50 * (attempt + 1) : 20);
 	}
 	/* c8 ignore stop */
 	/* c8 ignore next 3 - Loop has 'return' on success and 'throw' in
@@ -156,22 +163,22 @@ async function readFile(filepath) {
 * @private
 */
 async function retryWrite(filepath, content, retries = 3, baseDelay = 10) {
-	const fs = /* @__PURE__ */ require_node_fs.getNodeFs();
+	const fs = require_node_fs.getNodeFs();
 	const { promises: fsPromises } = fs;
 	for (let attempt = 0; attempt <= retries; attempt++) try {
 		await fsPromises.writeFile(filepath, content);
 		/* c8 ignore start - Windows-only flush+verify loop. Tested on
 		Windows runners. */
 		if (node_process.default.platform === "win32") {
-			await (0, node_timers_promises.setTimeout)(50);
+			await require_promises_timers.sleep(50);
 			let accessRetries = 0;
 			const maxAccessRetries = 5;
 			while (accessRetries < maxAccessRetries) {
 				if (fs.existsSync(filepath)) {
-					await (0, node_timers_promises.setTimeout)(10);
+					await require_promises_timers.sleep(10);
 					break;
 				}
-				await (0, node_timers_promises.setTimeout)(20 * (accessRetries + 1));
+				await require_promises_timers.sleep(20 * (accessRetries + 1));
 				accessRetries++;
 			}
 		}
@@ -179,8 +186,8 @@ async function retryWrite(filepath, content, retries = 3, baseDelay = 10) {
 		return;
 	} catch (e) {
 		const isLastAttempt = attempt === retries;
-		if (!(require_errors_predicates.isErrnoException(e) && (e.code === "EPERM" || e.code === "EBUSY" || e.code === "ENOENT")) || isLastAttempt) throw e;
-		await (0, node_timers_promises.setTimeout)(baseDelay * 2 ** attempt);
+		if (!(require_errors_predicates.isErrnoException(e) && (e.code === "EBUSY" || e.code === "ENOENT" || e.code === "EPERM")) || isLastAttempt) throw e;
+		await require_promises_timers.sleep(baseDelay * 2 ** attempt);
 	}
 }

package/dist/json/format.js CHANGED Viewed

@@ -165,7 +165,7 @@ function shouldSave(currentContent, originalContent, originalFileContent, option
 */
 function sortKeys(obj) {
 	const sorted = { __proto__: null };
-	const keys = require_primordials_object.ObjectKeys(obj).sort();
+	const keys = require_primordials_object.ObjectKeys(obj).toSorted();
 	for (const key of keys) sorted[key] = obj[key];
 	return sorted;
 }