socket 0.14.125 → 0.14.127

package/dist/module-sync/cli.js

@@ -917,7 +917,7 @@ function emitBanner(name) {
   logger.logger.error(getAsciiHeader(name))
 }
 function getAsciiHeader(command) {
-  const cliVersion = '0.14.125:11530dd:821f8925:pub' // The '@rollup/plugin-replace' will replace "process.env['INLINED_SOCKET_CLI_VERSION_HASH']".
+  const cliVersion = '0.14.127:0a19e43:aad274b8:pub' // The '@rollup/plugin-replace' will replace "process.env['INLINED_SOCKET_CLI_VERSION_HASH']".
   const nodeVersion = process$1.version
   const apiToken = shadowNpmInject.getDefaultToken()
   const defaultOrg = shadowNpmInject.getConfigValue('defaultOrg')
@@ -4480,37 +4480,23 @@ async function pnpmFix(
     // Process the workspace root last since it will add an override to package.json.
     pkgEnvDetails.editablePkgJson.filename
   ]
-  let actualTree = await getActualTree(cwd)
   for (const { 0: name, 1: infos } of infoByPkg) {
+    debug.debugLog(`Processing vulnerable package: ${name}`)
     if (registry.getManifestData(NPM$c, name)) {
       spinner?.info(`Skipping ${name}. Socket Optimize package exists.`)
       continue
     }
-    const oldVersions = arrays.arrayUnique(
-      shadowNpmInject
-        .findPackageNodes(actualTree, name)
-        .map(n => n.target?.version ?? n.version)
-        .filter(Boolean)
-    )
-    const packument =
-      oldVersions.length && infos.length
-        ? // eslint-disable-next-line no-await-in-loop
-          await packages.fetchPackagePackument(name)
-        : null
-    if (!packument) {
-      continue
-    }
     const fixedSpecs = new Set()
     for (const pkgJsonPath of pkgJsonPaths) {
-      // Re-read actualTree to avoid lockfile state issues
+      debug.debugLog(`Checking workspace: ${pkgJsonPath}`)
+
       // eslint-disable-next-line no-await-in-loop
-      actualTree = await getActualTree(cwd)
-      const pkgPath = path$1.dirname(pkgJsonPath)
+      let actualTree = await getActualTree(cwd)
       const isWorkspaceRoot =
         pkgJsonPath === pkgEnvDetails.editablePkgJson.filename
       const workspaceName = isWorkspaceRoot
         ? 'root'
-        : path$1.relative(rootPath, pkgPath)
+        : path$1.relative(rootPath, path$1.dirname(pkgJsonPath))
       const editablePkgJson = isWorkspaceRoot
         ? pkgEnvDetails.editablePkgJson
         : // eslint-disable-next-line no-await-in-loop
@@ -4521,6 +4507,20 @@ async function pnpmFix(
       // Get current overrides for revert logic
       const oldPnpmSection = editablePkgJson.content[PNPM$8]
       const oldOverrides = oldPnpmSection?.[OVERRIDES$2]
+      const oldVersions = arrays.arrayUnique(
+        shadowNpmInject
+          .findPackageNodes(actualTree, name)
+          .map(n => n.target?.version ?? n.version)
+          .filter(Boolean)
+      )
+      const packument =
+        oldVersions.length && infos.length
+          ? // eslint-disable-next-line no-await-in-loop
+            await packages.fetchPackagePackument(name)
+          : null
+      if (!packument) {
+        continue
+      }
       for (const oldVersion of oldVersions) {
         const oldSpec = `${name}@${oldVersion}`
         const oldPurl = `pkg:npm/${oldSpec}`
@@ -4683,28 +4683,34 @@ async function pnpmFix(
             error = e
             errored = true
           }
-          if (errored || isCi) {
+          if (errored) {
             editablePkgJson.update(revertData)
 
             // eslint-disable-next-line no-await-in-loop
             await Promise.all([
               shadowNpmInject.removeNodeModules(cwd),
-              ...(isCi
-                ? [gitCheckoutBaseBranchIfAvailable(baseBranch, cwd)]
-                : []),
-              ...(isCi ? [] : [editablePkgJson.save()])
+              editablePkgJson.save()
+            ])
+
+            // eslint-disable-next-line no-await-in-loop
+            actualTree = await install(pkgEnvDetails, {
+              spinner
+            })
+            spinner?.failAndStop(
+              `Update failed for ${oldSpec} in ${workspaceName}`,
+              error
+            )
+          } else if (isCi) {
+            // eslint-disable-next-line no-await-in-loop
+            await Promise.all([
+              shadowNpmInject.removeNodeModules(cwd),
+              gitCheckoutBaseBranchIfAvailable(baseBranch, cwd)
             ])
 
             // eslint-disable-next-line no-await-in-loop
             actualTree = await install(pkgEnvDetails, {
               spinner
             })
-            if (errored) {
-              spinner?.failAndStop(
-                `Update failed for ${oldSpec} in ${workspaceName}`,
-                error
-              )
-            }
           }
         }
       }
@@ -12278,7 +12284,7 @@ void (async () => {
   await vendor.updater({
     name: SOCKET_CLI_BIN_NAME,
     // The '@rollup/plugin-replace' will replace "process.env['INLINED_SOCKET_CLI_VERSION']".
-    version: '0.14.125',
+    version: '0.14.127',
     ttl: 86_400_000 /* 24 hours in milliseconds */
   })
   try {
@@ -12346,5 +12352,5 @@ void (async () => {
     await shadowNpmInject.captureException(e)
   }
 })()
-//# debugId=8c8790a2-a162-431b-99ab-b980237160d8
+//# debugId=2a168b95-a192-4aa3-a64c-03c6bd040aea
 //# sourceMappingURL=cli.js.map