socket 0.14.144 → 0.14.146

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (5) hide show
  1. package/dist/cli.js +36 -33
  2. package/dist/cli.js.map +1 -1
  3. package/dist/shadow-npm-inject.js +2 -2
  4. package/dist/shadow-npm-inject.js.map +1 -1
  5. package/package.json +5 -5
package/dist/cli.js CHANGED
@@ -904,7 +904,7 @@ function emitBanner(name) {
904
904
  logger.logger.error(getAsciiHeader(name))
905
905
  }
906
906
  function getAsciiHeader(command) {
907
- const cliVersion = '0.14.144:e577de2:1b356875:pub' // The '@rollup/plugin-replace' will replace "process.env['INLINED_SOCKET_CLI_VERSION_HASH']".
907
+ const cliVersion = '0.14.146:6152991:91bfab73:pub' // The '@rollup/plugin-replace' will replace "process.env['INLINED_SOCKET_CLI_VERSION_HASH']".
908
908
  const nodeVersion = process$1.version
909
909
  const apiToken = shadowNpmInject.getDefaultToken()
910
910
  const defaultOrg = shadowNpmInject.getConfigValue('defaultOrg')
@@ -3979,23 +3979,30 @@ const alertMapOptions = Object.freeze({
3979
3979
  },
3980
3980
  nothrow: true
3981
3981
  })
3982
- function assignDefaultFixOptions(options) {
3983
- if (options.autoPilot === undefined) {
3982
+ function normalizeFixOptions(options_) {
3983
+ const options = {
3984
+ __proto__: null,
3985
+ ...options_
3986
+ }
3987
+ if (typeof options.autoPilot !== 'boolean') {
3984
3988
  options.autoPilot = false
3985
3989
  }
3986
- if (options.autoMerge === undefined) {
3990
+ if (typeof options.autoMerge !== 'boolean') {
3987
3991
  options.autoMerge = !!options.autoPilot
3988
3992
  }
3989
- if (options.cwd === undefined) {
3993
+ if (typeof options.cwd !== 'string') {
3990
3994
  options.cwd = process.cwd()
3991
3995
  }
3992
- if (options.rangeStyle === undefined) {
3996
+ options.purls = Array.isArray(options.purls)
3997
+ ? options.purls.flatMap(p => p.split(/, */))
3998
+ : []
3999
+ if (typeof options.rangeStyle !== 'string') {
3993
4000
  options.rangeStyle = 'preserve'
3994
4001
  }
3995
- if (options.test === undefined) {
4002
+ if (typeof options.test !== 'boolean') {
3996
4003
  options.test = !!options.autoPilot || !!options.testScript
3997
4004
  }
3998
- if (options.testScript === undefined) {
4005
+ if (typeof options.testScript !== 'string') {
3999
4006
  options.testScript = 'test'
4000
4007
  }
4001
4008
  return options
@@ -5116,10 +5123,7 @@ async function detectAndValidatePackageEnvironment(cwd, options) {
5116
5123
 
5117
5124
  const { NPM: NPM$a, PNPM: PNPM$6 } = constants
5118
5125
  async function runFix(options_) {
5119
- const options = assignDefaultFixOptions({
5120
- __proto__: null,
5121
- ...options_
5122
- })
5126
+ const options = normalizeFixOptions(options_)
5123
5127
  const pkgEnvDetails = await detectAndValidatePackageEnvironment(options.cwd, {
5124
5128
  cmdName: CMD_NAME$1,
5125
5129
  logger: logger.logger
@@ -5139,8 +5143,8 @@ async function runFix(options_) {
5139
5143
  const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$y } = constants
5140
5144
  const config$B = {
5141
5145
  commandName: 'fix',
5142
- description: 'Fix "fixable" Socket alerts',
5143
- hidden: true,
5146
+ description: 'Update dependencies with "fixable" Socket alerts',
5147
+ hidden: false,
5144
5148
  flags: {
5145
5149
  ...commonFlags,
5146
5150
  autoPilot: {
@@ -5156,7 +5160,7 @@ const config$B = {
5156
5160
  purl: {
5157
5161
  type: 'string',
5158
5162
  default: [],
5159
- description: `User provided PURL to fix`,
5163
+ description: `Provide a list of ${vendor.terminalLinkExports('package URLs (PURLs)', 'https://github.com/package-url/purl-spec?tab=readme-ov-file#purl')} to fix, as either a comma separated value or as multiple flags, instead of querying the Socket API`,
5160
5164
  isMultiple: true,
5161
5165
  shortFlag: 'p'
5162
5166
  },
@@ -5167,10 +5171,12 @@ const config$B = {
5167
5171
  Define how updated dependency versions should be written in package.json.
5168
5172
  Available styles:
5169
5173
  * caret - Use ^ range for compatible updates (e.g. ^1.2.3)
5170
- * gt - Use >= to allow any newer version (e.g. >=1.2.3)
5174
+ * gt - Use > to allow any newer version (e.g. >1.2.3)
5175
+ * gte - Use >= to allow any newer version (e.g. >=1.2.3)
5171
5176
  * lt - Use < to allow only lower versions (e.g. <1.2.3)
5177
+ * lte - Use <= to allow only lower versions (e.g. <=1.2.3)
5172
5178
  * pin - Use the exact version (e.g. 1.2.3)
5173
- * preserve - Retain the existing version range as-is
5179
+ * preserve - Retain the existing version range style as-is
5174
5180
  * tilde - Use ~ range for patch/minor updates (e.g. ~1.2.3)
5175
5181
  `
5176
5182
  },
@@ -7458,21 +7464,21 @@ async function addOverrides(pkgEnvDetails, pkgPath, options) {
7458
7464
  addedInWorkspaces: new Set(),
7459
7465
  updated: new Set(),
7460
7466
  updatedInWorkspaces: new Set(),
7461
- warnedPnpmWorkspaceRequiresNpm: false,
7462
- workspacePkgJsonPaths: await shadowNpmInject.globWorkspace(
7463
- agent,
7464
- rootPath
7465
- )
7467
+ warnedPnpmWorkspaceRequiresNpm: false
7466
7468
  }
7467
7469
  } = {
7468
7470
  __proto__: null,
7469
7471
  ...options
7470
7472
  }
7471
- const isWorkspace = state.workspacePkgJsonPaths.length > 0
7473
+ const workspacePkgJsonPaths = await shadowNpmInject.globWorkspace(
7474
+ agent,
7475
+ pkgPath
7476
+ )
7477
+ const isWorkspace = workspacePkgJsonPaths.length > 0
7472
7478
  const isWorkspaceRoot = pkgPath === rootPath
7473
7479
  const isLockScanned = isWorkspaceRoot && !prod
7474
7480
  const workspaceName = isWorkspaceRoot
7475
- ? ''
7481
+ ? 'root'
7476
7482
  : path$1.relative(rootPath, pkgPath)
7477
7483
  if (
7478
7484
  isWorkspace &&
@@ -7498,9 +7504,7 @@ async function addOverrides(pkgEnvDetails, pkgPath, options) {
7498
7504
  overridesDataByAgent.get(YARN_CLASSIC)(pkgEnvDetails)
7499
7505
  )
7500
7506
  }
7501
- spinner?.setText(
7502
- `Adding overrides${workspaceName ? ` to ${workspaceName}` : ''}...`
7503
- )
7507
+ spinner?.setText(`Adding overrides to ${workspaceName}...`)
7504
7508
  const depAliasMap = new Map()
7505
7509
  const depEntries = getDependencyEntries(pkgEnvDetails)
7506
7510
  const manifestEntries = manifestNpmOverrides.filter(({ 1: data }) =>
@@ -7546,7 +7550,7 @@ async function addOverrides(pkgEnvDetails, pkgPath, options) {
7546
7550
  thisSpec = sockOverrideSpec
7547
7551
  depObj[origPkgName] = thisSpec
7548
7552
  state.added.add(sockRegPkgName)
7549
- if (workspaceName) {
7553
+ if (!isWorkspaceRoot) {
7550
7554
  state.addedInWorkspaces.add(workspaceName)
7551
7555
  }
7552
7556
  }
@@ -7632,7 +7636,7 @@ async function addOverrides(pkgEnvDetails, pkgPath, options) {
7632
7636
  if (isWorkspace) {
7633
7637
  // Chunk package names to process them in parallel 3 at a time.
7634
7638
  await promises.pEach(
7635
- state.workspacePkgJsonPaths,
7639
+ workspacePkgJsonPaths,
7636
7640
  3,
7637
7641
  async workspacePkgJsonPath => {
7638
7642
  const otherState = await addOverrides(
@@ -7642,8 +7646,7 @@ async function addOverrides(pkgEnvDetails, pkgPath, options) {
7642
7646
  logger,
7643
7647
  pin,
7644
7648
  prod,
7645
- spinner,
7646
- state
7649
+ spinner
7647
7650
  }
7648
7651
  )
7649
7652
  for (const key of [
@@ -12254,7 +12257,7 @@ void (async () => {
12254
12257
  await vendor.updater({
12255
12258
  name: SOCKET_CLI_BIN_NAME,
12256
12259
  // The '@rollup/plugin-replace' will replace "process.env['INLINED_SOCKET_CLI_VERSION']".
12257
- version: '0.14.144',
12260
+ version: '0.14.146',
12258
12261
  ttl: 86_400_000 /* 24 hours in milliseconds */
12259
12262
  })
12260
12263
  try {
@@ -12322,5 +12325,5 @@ void (async () => {
12322
12325
  await shadowNpmInject.captureException(e)
12323
12326
  }
12324
12327
  })()
12325
- //# debugId=9446c8d2-a74a-4181-940f-b44814e0d818
12328
+ //# debugId=34e47639-9572-462a-a1a9-831502ee124f
12326
12329
  //# sourceMappingURL=cli.js.map