socket 0.14.126 → 0.14.127
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/module-sync/cli.js +25 -23
- package/dist/module-sync/cli.js.map +1 -1
- package/dist/module-sync/shadow-npm-inject.js +2 -2
- package/dist/module-sync/shadow-npm-inject.js.map +1 -1
- package/dist/require/cli.js +25 -23
- package/dist/require/cli.js.map +1 -1
- package/dist/require/shadow-npm-inject.js +2 -2
- package/dist/require/shadow-npm-inject.js.map +1 -1
- package/package.json +1 -1
package/dist/module-sync/cli.js
CHANGED
|
@@ -917,7 +917,7 @@ function emitBanner(name) {
|
|
|
917
917
|
logger.logger.error(getAsciiHeader(name))
|
|
918
918
|
}
|
|
919
919
|
function getAsciiHeader(command) {
|
|
920
|
-
const cliVersion = '0.14.
|
|
920
|
+
const cliVersion = '0.14.127:0a19e43:aad274b8:pub' // The '@rollup/plugin-replace' will replace "process.env['INLINED_SOCKET_CLI_VERSION_HASH']".
|
|
921
921
|
const nodeVersion = process$1.version
|
|
922
922
|
const apiToken = shadowNpmInject.getDefaultToken()
|
|
923
923
|
const defaultOrg = shadowNpmInject.getConfigValue('defaultOrg')
|
|
@@ -4480,37 +4480,23 @@ async function pnpmFix(
|
|
|
4480
4480
|
// Process the workspace root last since it will add an override to package.json.
|
|
4481
4481
|
pkgEnvDetails.editablePkgJson.filename
|
|
4482
4482
|
]
|
|
4483
|
-
let actualTree = await getActualTree(cwd)
|
|
4484
4483
|
for (const { 0: name, 1: infos } of infoByPkg) {
|
|
4484
|
+
debug.debugLog(`Processing vulnerable package: ${name}`)
|
|
4485
4485
|
if (registry.getManifestData(NPM$c, name)) {
|
|
4486
4486
|
spinner?.info(`Skipping ${name}. Socket Optimize package exists.`)
|
|
4487
4487
|
continue
|
|
4488
4488
|
}
|
|
4489
|
-
const oldVersions = arrays.arrayUnique(
|
|
4490
|
-
shadowNpmInject
|
|
4491
|
-
.findPackageNodes(actualTree, name)
|
|
4492
|
-
.map(n => n.target?.version ?? n.version)
|
|
4493
|
-
.filter(Boolean)
|
|
4494
|
-
)
|
|
4495
|
-
const packument =
|
|
4496
|
-
oldVersions.length && infos.length
|
|
4497
|
-
? // eslint-disable-next-line no-await-in-loop
|
|
4498
|
-
await packages.fetchPackagePackument(name)
|
|
4499
|
-
: null
|
|
4500
|
-
if (!packument) {
|
|
4501
|
-
continue
|
|
4502
|
-
}
|
|
4503
4489
|
const fixedSpecs = new Set()
|
|
4504
4490
|
for (const pkgJsonPath of pkgJsonPaths) {
|
|
4505
|
-
|
|
4491
|
+
debug.debugLog(`Checking workspace: ${pkgJsonPath}`)
|
|
4492
|
+
|
|
4506
4493
|
// eslint-disable-next-line no-await-in-loop
|
|
4507
|
-
actualTree = await getActualTree(cwd)
|
|
4508
|
-
const pkgPath = path$1.dirname(pkgJsonPath)
|
|
4494
|
+
let actualTree = await getActualTree(cwd)
|
|
4509
4495
|
const isWorkspaceRoot =
|
|
4510
4496
|
pkgJsonPath === pkgEnvDetails.editablePkgJson.filename
|
|
4511
4497
|
const workspaceName = isWorkspaceRoot
|
|
4512
4498
|
? 'root'
|
|
4513
|
-
: path$1.relative(rootPath,
|
|
4499
|
+
: path$1.relative(rootPath, path$1.dirname(pkgJsonPath))
|
|
4514
4500
|
const editablePkgJson = isWorkspaceRoot
|
|
4515
4501
|
? pkgEnvDetails.editablePkgJson
|
|
4516
4502
|
: // eslint-disable-next-line no-await-in-loop
|
|
@@ -4521,6 +4507,20 @@ async function pnpmFix(
|
|
|
4521
4507
|
// Get current overrides for revert logic
|
|
4522
4508
|
const oldPnpmSection = editablePkgJson.content[PNPM$8]
|
|
4523
4509
|
const oldOverrides = oldPnpmSection?.[OVERRIDES$2]
|
|
4510
|
+
const oldVersions = arrays.arrayUnique(
|
|
4511
|
+
shadowNpmInject
|
|
4512
|
+
.findPackageNodes(actualTree, name)
|
|
4513
|
+
.map(n => n.target?.version ?? n.version)
|
|
4514
|
+
.filter(Boolean)
|
|
4515
|
+
)
|
|
4516
|
+
const packument =
|
|
4517
|
+
oldVersions.length && infos.length
|
|
4518
|
+
? // eslint-disable-next-line no-await-in-loop
|
|
4519
|
+
await packages.fetchPackagePackument(name)
|
|
4520
|
+
: null
|
|
4521
|
+
if (!packument) {
|
|
4522
|
+
continue
|
|
4523
|
+
}
|
|
4524
4524
|
for (const oldVersion of oldVersions) {
|
|
4525
4525
|
const oldSpec = `${name}@${oldVersion}`
|
|
4526
4526
|
const oldPurl = `pkg:npm/${oldSpec}`
|
|
@@ -4685,11 +4685,13 @@ async function pnpmFix(
|
|
|
4685
4685
|
}
|
|
4686
4686
|
if (errored) {
|
|
4687
4687
|
editablePkgJson.update(revertData)
|
|
4688
|
+
|
|
4688
4689
|
// eslint-disable-next-line no-await-in-loop
|
|
4689
4690
|
await Promise.all([
|
|
4690
4691
|
shadowNpmInject.removeNodeModules(cwd),
|
|
4691
4692
|
editablePkgJson.save()
|
|
4692
4693
|
])
|
|
4694
|
+
|
|
4693
4695
|
// eslint-disable-next-line no-await-in-loop
|
|
4694
4696
|
actualTree = await install(pkgEnvDetails, {
|
|
4695
4697
|
spinner
|
|
@@ -4702,9 +4704,9 @@ async function pnpmFix(
|
|
|
4702
4704
|
// eslint-disable-next-line no-await-in-loop
|
|
4703
4705
|
await Promise.all([
|
|
4704
4706
|
shadowNpmInject.removeNodeModules(cwd),
|
|
4705
|
-
// Reset to base branch to isolate next PR
|
|
4706
4707
|
gitCheckoutBaseBranchIfAvailable(baseBranch, cwd)
|
|
4707
4708
|
])
|
|
4709
|
+
|
|
4708
4710
|
// eslint-disable-next-line no-await-in-loop
|
|
4709
4711
|
actualTree = await install(pkgEnvDetails, {
|
|
4710
4712
|
spinner
|
|
@@ -12282,7 +12284,7 @@ void (async () => {
|
|
|
12282
12284
|
await vendor.updater({
|
|
12283
12285
|
name: SOCKET_CLI_BIN_NAME,
|
|
12284
12286
|
// The '@rollup/plugin-replace' will replace "process.env['INLINED_SOCKET_CLI_VERSION']".
|
|
12285
|
-
version: '0.14.
|
|
12287
|
+
version: '0.14.127',
|
|
12286
12288
|
ttl: 86_400_000 /* 24 hours in milliseconds */
|
|
12287
12289
|
})
|
|
12288
12290
|
try {
|
|
@@ -12350,5 +12352,5 @@ void (async () => {
|
|
|
12350
12352
|
await shadowNpmInject.captureException(e)
|
|
12351
12353
|
}
|
|
12352
12354
|
})()
|
|
12353
|
-
//# debugId=
|
|
12355
|
+
//# debugId=2a168b95-a192-4aa3-a64c-03c6bd040aea
|
|
12354
12356
|
//# sourceMappingURL=cli.js.map
|