socket 0.14.15 → 0.14.17
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/cli.d.ts.map +1 -1
- package/dist/cli.js +180 -154
- package/dist/link.js +2 -2
- package/dist/npm-injection.js +46 -4
- package/dist/path-resolve.js +2 -4
- package/package.json +12 -7
package/dist/cli.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"cli.d.ts","sourceRoot":"","sources":["../src/cli.ts","../src/utils/formatting.ts","../src/utils/sorts.ts","../src/flags.ts","../src/utils/meow-with-subcommands.ts","../src/commands/cdxgen.ts","../src/utils/api-helpers.ts","../src/utils/format-issues.ts","../src/commands/info.ts","../src/commands/login.ts","../src/commands/logout.ts","../src/commands/npm.ts","../src/commands/npx.ts","../src/utils/fs.ts","../src/utils/
|
|
1
|
+
{"version":3,"file":"cli.d.ts","sourceRoot":"","sources":["../src/cli.ts","../src/utils/formatting.ts","../src/utils/sorts.ts","../src/flags.ts","../src/utils/meow-with-subcommands.ts","../src/commands/cdxgen.ts","../src/utils/api-helpers.ts","../src/utils/format-issues.ts","../src/commands/info.ts","../src/commands/login.ts","../src/commands/logout.ts","../src/commands/npm.ts","../src/commands/npx.ts","../src/utils/fs.ts","../src/utils/strings.ts","../src/utils/package-manager-detector.ts","../src/utils/arrays.ts","../src/utils/promises.ts","../src/utils/regexps.ts","../src/commands/optimize.ts","../src/commands/organization.ts","../src/commands/raw-npm.ts","../src/commands/raw-npx.ts","../src/commands/report/view.ts","../src/commands/report/create.ts","../src/commands/report/index.ts","../src/commands/wrapper.ts","../src/commands/scan/create.ts","../src/commands/scan/delete.ts","../src/commands/scan/list.ts","../src/commands/scan/metadata.ts","../src/commands/scan/stream.ts","../src/commands/scan/index.ts","../src/commands/audit-log.ts","../src/commands/repos/create.ts","../src/commands/repos/delete.ts","../src/commands/repos/list.ts","../src/commands/repos/update.ts","../src/commands/repos/view.ts","../src/commands/repos/index.ts","../src/commands/dependencies.ts","../src/commands/analytics.ts","../src/commands/diff-scan/get.ts","../src/commands/diff-scan/index.ts","../src/commands/threat-feed.ts","../src/commands/index.ts"],"names":[],"mappings":""}
|
package/dist/cli.js
CHANGED
|
@@ -4,31 +4,33 @@
|
|
|
4
4
|
var vendor = require('./vendor.js');
|
|
5
5
|
var require$$0 = require('node:fs');
|
|
6
6
|
var require$$1 = require('node:path');
|
|
7
|
-
var require$$2$
|
|
7
|
+
var require$$2$6 = require('node:url');
|
|
8
8
|
var require$$6 = require('pony-cause');
|
|
9
9
|
var require$$1$1 = require('@npmcli/promise-spawn');
|
|
10
10
|
var require$$5 = require('yargs-parser');
|
|
11
11
|
var sdk = require('./sdk.js');
|
|
12
12
|
var require$$1$2 = require('@inquirer/prompts');
|
|
13
|
-
var require$$
|
|
14
|
-
var require$$
|
|
15
|
-
var require$$
|
|
16
|
-
var require$$
|
|
17
|
-
var require$$
|
|
18
|
-
var require$$
|
|
19
|
-
var require$$
|
|
20
|
-
var require$$
|
|
21
|
-
var require$$2 = require('@
|
|
22
|
-
var require$$
|
|
13
|
+
var require$$1$4 = require('node:fs/promises');
|
|
14
|
+
var require$$1$3 = require('@npmcli/package-json');
|
|
15
|
+
var require$$5$1 = require('@socketsecurity/registry');
|
|
16
|
+
var require$$7 = require('npm-package-arg');
|
|
17
|
+
var require$$9 = require('pacote');
|
|
18
|
+
var require$$3 = require('semver');
|
|
19
|
+
var require$$11 = require('tinyglobby');
|
|
20
|
+
var require$$12 = require('yaml');
|
|
21
|
+
var require$$2 = require('@socketregistry/hyrious__bun.lockb');
|
|
22
|
+
var require$$4 = require('browserslist');
|
|
23
|
+
var require$$6$1 = require('which');
|
|
24
|
+
var require$$2$1 = require('@apideck/better-ajv-errors');
|
|
25
|
+
var require$$3$1 = require('@socketsecurity/config');
|
|
23
26
|
var pathResolve = require('./path-resolve.js');
|
|
24
|
-
var require$$2$
|
|
25
|
-
var require$$3$
|
|
27
|
+
var require$$2$2 = require('node:os');
|
|
28
|
+
var require$$3$2 = require('node:readline');
|
|
26
29
|
var require$$0$1 = require('node:process');
|
|
27
|
-
var require$$2$
|
|
28
|
-
var require$$2$
|
|
29
|
-
var require$$
|
|
30
|
-
var require$$
|
|
31
|
-
var require$$3$5 = require('blessed-contrib');
|
|
30
|
+
var require$$2$3 = require('node:readline/promises');
|
|
31
|
+
var require$$2$4 = require('chalk-table');
|
|
32
|
+
var require$$2$5 = require('blessed');
|
|
33
|
+
var require$$3$3 = require('blessed-contrib');
|
|
32
34
|
var require$$0$2 = require('node:util');
|
|
33
35
|
|
|
34
36
|
var cli$1 = {};
|
|
@@ -163,7 +165,6 @@ cdxgen.cdxgen = {
|
|
|
163
165
|
description: 'Create an SBOM with CycloneDX generator (cdxgen)',
|
|
164
166
|
async run(argv_) {
|
|
165
167
|
const yargv = {
|
|
166
|
-
__proto__: null,
|
|
167
168
|
..._yargsParser(argv_, yargsConfig)
|
|
168
169
|
};
|
|
169
170
|
const unknown = yargv._;
|
|
@@ -330,7 +331,7 @@ Object.defineProperty(formatIssues, "__esModule", {
|
|
|
330
331
|
formatIssues.formatSeverityCount = formatSeverityCount;
|
|
331
332
|
formatIssues.getSeverityCount = getSeverityCount;
|
|
332
333
|
var _misc$2 = sdk.misc;
|
|
333
|
-
var _objects$
|
|
334
|
+
var _objects$3 = sdk.objects;
|
|
334
335
|
const SEVERITIES_BY_ORDER = ['critical', 'high', 'middle', 'low'];
|
|
335
336
|
function getDesiredSeverities(lowestToInclude) {
|
|
336
337
|
const result = [];
|
|
@@ -352,7 +353,7 @@ function formatSeverityCount(severityCount) {
|
|
|
352
353
|
return (0, _misc$2.stringJoinWithSeparateFinalSeparator)(summary);
|
|
353
354
|
}
|
|
354
355
|
function getSeverityCount(issues, lowestToInclude) {
|
|
355
|
-
const severityCount = (0, _objects$
|
|
356
|
+
const severityCount = (0, _objects$3.pick)({
|
|
356
357
|
low: 0,
|
|
357
358
|
middle: 0,
|
|
358
359
|
high: 0,
|
|
@@ -416,7 +417,7 @@ var _chalkMarkdown$3 = sdk.chalkMarkdown;
|
|
|
416
417
|
var _errors$k = sdk.errors;
|
|
417
418
|
var _formatIssues$1 = formatIssues;
|
|
418
419
|
var _formatting$m = formatting;
|
|
419
|
-
var _objects$
|
|
420
|
+
var _objects$2 = sdk.objects;
|
|
420
421
|
var _sdk$j = sdk.sdk;
|
|
421
422
|
const info = info$1.info = {
|
|
422
423
|
description: 'Look up info regarding a package',
|
|
@@ -443,7 +444,6 @@ const info = info$1.info = {
|
|
|
443
444
|
|
|
444
445
|
function setupCommand$m(name, description, argv, importMeta) {
|
|
445
446
|
const flags = {
|
|
446
|
-
__proto__: null,
|
|
447
447
|
..._flags$k.commonFlags,
|
|
448
448
|
..._flags$k.outputFlags,
|
|
449
449
|
..._flags$k.validationFlags
|
|
@@ -533,7 +533,7 @@ function formatPackageDataOutput({
|
|
|
533
533
|
License: Math.floor(score.license.score * 100)
|
|
534
534
|
};
|
|
535
535
|
Object.entries(scoreResult).map(score => console.log(`- ${score[0]}: ${formatScore(score[1])}`));
|
|
536
|
-
if ((0, _objects$
|
|
536
|
+
if ((0, _objects$2.objectSome)(severityCount)) {
|
|
537
537
|
const issueSummary = (0, _formatIssues$1.formatSeverityCount)(severityCount);
|
|
538
538
|
console.log('\n');
|
|
539
539
|
spinner[strict ? 'fail' : 'succeed'](`Package has these issues: ${issueSummary}`);
|
|
@@ -557,7 +557,7 @@ function formatPackageDataOutput({
|
|
|
557
557
|
console.log(_chalk$h.default.dim('\nOr rerun', _chalk$h.default.italic(name), 'using the', _chalk$h.default.italic('--json'), 'flag to get full JSON output'));
|
|
558
558
|
}
|
|
559
559
|
}
|
|
560
|
-
if (strict && (0, _objects$
|
|
560
|
+
if (strict && (0, _objects$2.objectSome)(severityCount)) {
|
|
561
561
|
process.exit(1);
|
|
562
562
|
}
|
|
563
563
|
}
|
|
@@ -835,8 +835,6 @@ npx.npx = {
|
|
|
835
835
|
|
|
836
836
|
var optimize$1 = {};
|
|
837
837
|
|
|
838
|
-
var packageManagerDetector = {};
|
|
839
|
-
|
|
840
838
|
var fs = {};
|
|
841
839
|
|
|
842
840
|
Object.defineProperty(fs, "__esModule", {
|
|
@@ -890,22 +888,7 @@ async function readFileUtf8(filepath, options) {
|
|
|
890
888
|
});
|
|
891
889
|
}
|
|
892
890
|
|
|
893
|
-
var
|
|
894
|
-
|
|
895
|
-
Object.defineProperty(json, "__esModule", {
|
|
896
|
-
value: true
|
|
897
|
-
});
|
|
898
|
-
json.parseJSONObject = parseJSONObject;
|
|
899
|
-
var _objects$2 = sdk.objects;
|
|
900
|
-
function parseJSONObject(jsonStr) {
|
|
901
|
-
try {
|
|
902
|
-
const value = JSON.parse(jsonStr);
|
|
903
|
-
if ((0, _objects$2.isObjectObject)(value)) {
|
|
904
|
-
return value;
|
|
905
|
-
}
|
|
906
|
-
} catch {}
|
|
907
|
-
return null;
|
|
908
|
-
}
|
|
891
|
+
var packageManagerDetector = {};
|
|
909
892
|
|
|
910
893
|
var strings = {};
|
|
911
894
|
|
|
@@ -923,13 +906,13 @@ Object.defineProperty(packageManagerDetector, "__esModule", {
|
|
|
923
906
|
packageManagerDetector.AGENTS = void 0;
|
|
924
907
|
packageManagerDetector.detect = detect;
|
|
925
908
|
var _nodePath$3 = require$$1;
|
|
926
|
-
var
|
|
909
|
+
var _packageJson$1 = require$$1$3;
|
|
910
|
+
var _hyrious__bun = require$$2;
|
|
927
911
|
var _promiseSpawn$3 = require$$1$1;
|
|
928
|
-
var _browserslist = require$$
|
|
929
|
-
var _semver$1 = require$$3
|
|
930
|
-
var _which = require$$
|
|
931
|
-
var _fs = fs;
|
|
932
|
-
var _json = json;
|
|
912
|
+
var _browserslist = require$$4;
|
|
913
|
+
var _semver$1 = require$$3;
|
|
914
|
+
var _which = require$$6$1;
|
|
915
|
+
var _fs$1 = fs;
|
|
933
916
|
var _objects$1 = sdk.objects;
|
|
934
917
|
var _strings$1 = strings;
|
|
935
918
|
const AGENTS = packageManagerDetector.AGENTS = ['bun', 'npm', 'pnpm', 'yarn'];
|
|
@@ -983,7 +966,6 @@ const LOCKS = {
|
|
|
983
966
|
// it has to be handled differently.
|
|
984
967
|
'node_modules/.package-lock.json': 'npm'
|
|
985
968
|
};
|
|
986
|
-
const PNPM_WORKSPACE = 'pnpm-workspace';
|
|
987
969
|
const readLockFileByAgent = (() => {
|
|
988
970
|
function wrapReader(reader) {
|
|
989
971
|
return async (lockPath, agentExecPath) => {
|
|
@@ -997,7 +979,7 @@ const readLockFileByAgent = (() => {
|
|
|
997
979
|
bun: wrapReader(async (lockPath, agentExecPath) => {
|
|
998
980
|
let lockBuffer;
|
|
999
981
|
try {
|
|
1000
|
-
lockBuffer = await (0, _fs.readFileBinary)(lockPath);
|
|
982
|
+
lockBuffer = await (0, _fs$1.readFileBinary)(lockPath);
|
|
1001
983
|
} catch {
|
|
1002
984
|
return undefined;
|
|
1003
985
|
}
|
|
@@ -1008,27 +990,27 @@ const readLockFileByAgent = (() => {
|
|
|
1008
990
|
// https://bun.sh/guides/install/yarnlock
|
|
1009
991
|
return (await _promiseSpawn$3(agentExecPath, [lockPath])).stdout;
|
|
1010
992
|
}),
|
|
1011
|
-
npm: wrapReader(async lockPath => await (0, _fs.readFileUtf8)(lockPath)),
|
|
1012
|
-
pnpm: wrapReader(async lockPath => await (0, _fs.readFileUtf8)(lockPath)),
|
|
1013
|
-
yarn: wrapReader(async lockPath => await (0, _fs.readFileUtf8)(lockPath))
|
|
993
|
+
npm: wrapReader(async lockPath => await (0, _fs$1.readFileUtf8)(lockPath)),
|
|
994
|
+
pnpm: wrapReader(async lockPath => await (0, _fs$1.readFileUtf8)(lockPath)),
|
|
995
|
+
yarn: wrapReader(async lockPath => await (0, _fs$1.readFileUtf8)(lockPath))
|
|
1014
996
|
};
|
|
1015
997
|
})();
|
|
1016
998
|
async function detect({
|
|
1017
999
|
cwd = process.cwd(),
|
|
1018
1000
|
onUnknown
|
|
1019
1001
|
} = {}) {
|
|
1020
|
-
let lockPath = await (0, _fs.findUp)(Object.keys(LOCKS), {
|
|
1002
|
+
let lockPath = await (0, _fs$1.findUp)(Object.keys(LOCKS), {
|
|
1021
1003
|
cwd
|
|
1022
1004
|
});
|
|
1023
1005
|
const isHiddenLockFile = lockPath?.endsWith('.package-lock.json') ?? false;
|
|
1024
|
-
const pkgJsonPath = lockPath ? _nodePath$3.resolve(lockPath, `${isHiddenLockFile ? '../' : ''}../package.json`) : await (0, _fs.findUp)('package.json', {
|
|
1006
|
+
const pkgJsonPath = lockPath ? _nodePath$3.resolve(lockPath, `${isHiddenLockFile ? '../' : ''}../package.json`) : await (0, _fs$1.findUp)('package.json', {
|
|
1025
1007
|
cwd
|
|
1026
1008
|
});
|
|
1009
|
+
const pkgPath = (0, _fs$1.existsSync)(pkgJsonPath) ? _nodePath$3.dirname(pkgJsonPath) : undefined;
|
|
1010
|
+
const pkgJson = pkgPath ? await _packageJson$1.load(pkgPath) : undefined;
|
|
1027
1011
|
// Read Corepack `packageManager` field in package.json:
|
|
1028
1012
|
// https://nodejs.org/api/packages.html#packagemanager
|
|
1029
|
-
const
|
|
1030
|
-
const pkgJson = typeof pkgJsonStr === 'string' ? (0, _json.parseJSONObject)(pkgJsonStr) ?? undefined : undefined;
|
|
1031
|
-
const pkgManager = (0, _strings$1.isNonEmptyString)(pkgJson?.['packageManager']) ? pkgJson['packageManager'] : undefined;
|
|
1013
|
+
const pkgManager = (0, _strings$1.isNonEmptyString)(pkgJson?.content?.packageManager) ? pkgJson.content.packageManager : undefined;
|
|
1032
1014
|
let agent;
|
|
1033
1015
|
let agentVersion;
|
|
1034
1016
|
if (pkgManager) {
|
|
@@ -1057,25 +1039,20 @@ async function detect({
|
|
|
1057
1039
|
node: true
|
|
1058
1040
|
};
|
|
1059
1041
|
let lockSrc;
|
|
1060
|
-
let isPrivate = false;
|
|
1061
|
-
let isWorkspace = false;
|
|
1062
1042
|
let minimumNodeVersion = maintainedNodeVersions.previous;
|
|
1063
1043
|
if (pkgJson) {
|
|
1064
|
-
const
|
|
1065
|
-
isPrivate = !!pkgJson['private'];
|
|
1066
|
-
isWorkspace = !!pkgJson['workspaces'] || (0, _fs.existsSync)(_nodePath$3.join(pkgPath, `${PNPM_WORKSPACE}.yaml`)) || (0, _fs.existsSync)(_nodePath$3.join(pkgPath, `${PNPM_WORKSPACE}.yml`));
|
|
1067
|
-
const browserField = pkgJson['browser'];
|
|
1044
|
+
const browserField = pkgJson.content.browser;
|
|
1068
1045
|
if ((0, _strings$1.isNonEmptyString)(browserField) || (0, _objects$1.isObjectObject)(browserField)) {
|
|
1069
1046
|
targets.browser = true;
|
|
1070
1047
|
}
|
|
1071
|
-
const nodeRange = pkgJson
|
|
1048
|
+
const nodeRange = pkgJson.content.engines?.['node'];
|
|
1072
1049
|
if ((0, _strings$1.isNonEmptyString)(nodeRange)) {
|
|
1073
1050
|
const coerced = _semver$1.coerce(nodeRange);
|
|
1074
1051
|
if (coerced && _semver$1.lt(coerced, minimumNodeVersion)) {
|
|
1075
1052
|
minimumNodeVersion = coerced.version;
|
|
1076
1053
|
}
|
|
1077
1054
|
}
|
|
1078
|
-
const browserslistQuery = pkgJson['browserslist'];
|
|
1055
|
+
const browserslistQuery = pkgJson.content['browserslist'];
|
|
1079
1056
|
if (Array.isArray(browserslistQuery)) {
|
|
1080
1057
|
const browserslistTargets = _browserslist(browserslistQuery).map(s => s.toLowerCase()).toSorted(alphaNumericComparator);
|
|
1081
1058
|
const browserslistNodeTargets = browserslistTargets.filter(v => v.startsWith('node ')).map(v => v.slice(5 /*'node '.length*/));
|
|
@@ -1098,14 +1075,11 @@ async function detect({
|
|
|
1098
1075
|
agent,
|
|
1099
1076
|
agentExecPath,
|
|
1100
1077
|
agentVersion,
|
|
1101
|
-
isPrivate,
|
|
1102
|
-
isWorkspace,
|
|
1103
1078
|
lockPath,
|
|
1104
1079
|
lockSrc,
|
|
1105
1080
|
minimumNodeVersion,
|
|
1106
1081
|
pkgJson,
|
|
1107
|
-
|
|
1108
|
-
pkgJsonStr,
|
|
1082
|
+
pkgPath,
|
|
1109
1083
|
supported: targets.browser || targets.node,
|
|
1110
1084
|
targets
|
|
1111
1085
|
};
|
|
@@ -1198,27 +1172,32 @@ Object.defineProperty(optimize$1, "__esModule", {
|
|
|
1198
1172
|
value: true
|
|
1199
1173
|
});
|
|
1200
1174
|
optimize$1.optimize = void 0;
|
|
1175
|
+
var _promises$2 = require$$1$4;
|
|
1201
1176
|
var _nodePath$2 = require$$1;
|
|
1202
1177
|
var _promiseSpawn$2 = require$$1$1;
|
|
1203
|
-
var _packageJson = require$$3
|
|
1204
|
-
var _registry = require$$
|
|
1178
|
+
var _packageJson = require$$1$3;
|
|
1179
|
+
var _registry = require$$5$1;
|
|
1205
1180
|
var _meow$m = _interopRequireDefault$n(vendor.build);
|
|
1206
|
-
var _npmPackageArg = require$$
|
|
1181
|
+
var _npmPackageArg = require$$7;
|
|
1207
1182
|
var _ora$i = _interopRequireDefault$n(vendor.ora);
|
|
1208
|
-
var _pacote = require$$
|
|
1209
|
-
var _semver = require$$3
|
|
1183
|
+
var _pacote = require$$9;
|
|
1184
|
+
var _semver = require$$3;
|
|
1185
|
+
var _tinyglobby = require$$11;
|
|
1186
|
+
var _yaml = require$$12;
|
|
1210
1187
|
var _flags$j = flags$1;
|
|
1211
1188
|
var _formatting$k = formatting;
|
|
1189
|
+
var _fs = fs;
|
|
1212
1190
|
var _objects = sdk.objects;
|
|
1213
1191
|
var _packageManagerDetector = packageManagerDetector;
|
|
1214
|
-
var
|
|
1192
|
+
var _promises2 = promises;
|
|
1215
1193
|
var _regexps = regexps;
|
|
1216
1194
|
var _sorts$1 = sorts;
|
|
1217
1195
|
var _strings = strings;
|
|
1218
|
-
const distPath$1 = __dirname;
|
|
1219
1196
|
const COMMAND_TITLE = 'Socket Optimize';
|
|
1220
1197
|
const OVERRIDES_FIELD_NAME = 'overrides';
|
|
1198
|
+
const PNPM_WORKSPACE = 'pnpm-workspace';
|
|
1221
1199
|
const RESOLUTIONS_FIELD_NAME = 'resolutions';
|
|
1200
|
+
const distPath$1 = __dirname;
|
|
1222
1201
|
const manifestNpmOverrides = (0, _registry.getManifestData)('npm');
|
|
1223
1202
|
const packumentCache = new Map();
|
|
1224
1203
|
const getOverridesDataByAgent = {
|
|
@@ -1278,47 +1257,33 @@ const lockIncludesByAgent = {
|
|
|
1278
1257
|
}
|
|
1279
1258
|
};
|
|
1280
1259
|
const updateManifestByAgent = {
|
|
1281
|
-
|
|
1282
|
-
|
|
1283
|
-
editablePkgJson.update({
|
|
1284
|
-
__proto__: null,
|
|
1260
|
+
npm(pkgJson, overrides) {
|
|
1261
|
+
pkgJson.update({
|
|
1285
1262
|
[OVERRIDES_FIELD_NAME]: overrides
|
|
1286
1263
|
});
|
|
1287
1264
|
},
|
|
1288
|
-
pnpm(
|
|
1289
|
-
|
|
1265
|
+
pnpm(pkgJson, overrides) {
|
|
1266
|
+
pkgJson.update({
|
|
1290
1267
|
pnpm: {
|
|
1291
|
-
|
|
1292
|
-
...editablePkgJson.content['pnpm'],
|
|
1268
|
+
...pkgJson.content['pnpm'],
|
|
1293
1269
|
[OVERRIDES_FIELD_NAME]: overrides
|
|
1294
1270
|
}
|
|
1295
1271
|
});
|
|
1296
1272
|
},
|
|
1297
|
-
yarn(
|
|
1298
|
-
|
|
1299
|
-
__proto__: null,
|
|
1273
|
+
yarn(pkgJson, overrides) {
|
|
1274
|
+
pkgJson.update({
|
|
1300
1275
|
[RESOLUTIONS_FIELD_NAME]: overrides
|
|
1301
1276
|
});
|
|
1302
1277
|
}
|
|
1303
1278
|
};
|
|
1304
|
-
|
|
1305
|
-
agent,
|
|
1306
|
-
isPrivate,
|
|
1307
|
-
isWorkspace,
|
|
1308
|
-
lockSrc,
|
|
1309
|
-
lockIncludes,
|
|
1310
|
-
manifestEntries,
|
|
1311
|
-
pkgJsonPath,
|
|
1312
|
-
pin
|
|
1313
|
-
}, state) {
|
|
1314
|
-
const editablePkgJson = await _packageJson.load(_nodePath$2.dirname(pkgJsonPath));
|
|
1279
|
+
function getDependencyEntries(pkgJson) {
|
|
1315
1280
|
const {
|
|
1316
1281
|
dependencies,
|
|
1317
1282
|
devDependencies,
|
|
1318
|
-
|
|
1319
|
-
|
|
1320
|
-
} =
|
|
1321
|
-
|
|
1283
|
+
optionalDependencies,
|
|
1284
|
+
peerDependencies
|
|
1285
|
+
} = pkgJson;
|
|
1286
|
+
return [['dependencies', dependencies ? {
|
|
1322
1287
|
__proto__: null,
|
|
1323
1288
|
...dependencies
|
|
1324
1289
|
} : undefined], ['devDependencies', devDependencies ? {
|
|
@@ -1333,16 +1298,71 @@ async function addOverrides({
|
|
|
1333
1298
|
} : undefined]].filter(({
|
|
1334
1299
|
1: o
|
|
1335
1300
|
}) => o);
|
|
1301
|
+
}
|
|
1302
|
+
async function getWorkspaces(agent, pkgPath, pkgJson) {
|
|
1303
|
+
if (agent !== 'pnpm') {
|
|
1304
|
+
return Array.isArray(pkgJson['workspaces']) ? pkgJson['workspaces'].filter(_strings.isNonEmptyString) : undefined;
|
|
1305
|
+
}
|
|
1306
|
+
for (const workspacePath of [_nodePath$2.join(pkgPath, `${PNPM_WORKSPACE}.yaml`), _nodePath$2.join(pkgPath, `${PNPM_WORKSPACE}.yml`)]) {
|
|
1307
|
+
if ((0, _fs.existsSync)(workspacePath)) {
|
|
1308
|
+
let packages;
|
|
1309
|
+
try {
|
|
1310
|
+
// eslint-disable-next-line no-await-in-loop
|
|
1311
|
+
packages = (0, _yaml.parse)(await _promises$2.readFile(workspacePath, 'utf8'))?.packages;
|
|
1312
|
+
} catch {}
|
|
1313
|
+
if (Array.isArray(packages)) {
|
|
1314
|
+
return packages.filter(_strings.isNonEmptyString);
|
|
1315
|
+
}
|
|
1316
|
+
}
|
|
1317
|
+
}
|
|
1318
|
+
return undefined;
|
|
1319
|
+
}
|
|
1320
|
+
function workspaceToGlobPattern(workspace) {
|
|
1321
|
+
const {
|
|
1322
|
+
length
|
|
1323
|
+
} = workspace;
|
|
1324
|
+
// If the workspace ends with "/"
|
|
1325
|
+
if (workspace.charCodeAt(length - 1) === 47 /*'/'*/) {
|
|
1326
|
+
return `${workspace}/*/package.json`;
|
|
1327
|
+
}
|
|
1328
|
+
// If the workspace ends with "/**"
|
|
1329
|
+
if (workspace.charCodeAt(length - 1) === 42 /*'*'*/ && workspace.charCodeAt(length - 2) === 42 /*'*'*/ && workspace.charCodeAt(length - 3) === 47 /*'/'*/) {
|
|
1330
|
+
return `${workspace}/*/**/package.json`;
|
|
1331
|
+
}
|
|
1332
|
+
// Things like "packages/a" or "packages/*"
|
|
1333
|
+
return `${workspace}/package.json`;
|
|
1334
|
+
}
|
|
1335
|
+
async function addOverrides({
|
|
1336
|
+
agent,
|
|
1337
|
+
lockIncludes,
|
|
1338
|
+
lockSrc,
|
|
1339
|
+
manifestEntries,
|
|
1340
|
+
pkgJson: editablePkgJson,
|
|
1341
|
+
pkgPath,
|
|
1342
|
+
pin,
|
|
1343
|
+
rootPath
|
|
1344
|
+
}, state = {
|
|
1345
|
+
added: new Set(),
|
|
1346
|
+
updated: new Set()
|
|
1347
|
+
}) {
|
|
1348
|
+
if (editablePkgJson === undefined) {
|
|
1349
|
+
editablePkgJson = await _packageJson.load(pkgPath);
|
|
1350
|
+
}
|
|
1351
|
+
const pkgJson = editablePkgJson.content;
|
|
1352
|
+
const isRoot = pkgPath === rootPath;
|
|
1353
|
+
const depEntries = getDependencyEntries(pkgJson);
|
|
1354
|
+
const workspaces = await getWorkspaces(agent, pkgPath, pkgJson);
|
|
1355
|
+
const isWorkspace = !!workspaces;
|
|
1336
1356
|
const overridesDataObjects = [];
|
|
1337
|
-
if (
|
|
1338
|
-
overridesDataObjects.push(getOverridesDataByAgent[agent](
|
|
1357
|
+
if (pkgJson['private'] || isWorkspace) {
|
|
1358
|
+
overridesDataObjects.push(getOverridesDataByAgent[agent](pkgJson));
|
|
1339
1359
|
} else {
|
|
1340
|
-
overridesDataObjects.push(getOverridesDataByAgent['npm'](
|
|
1360
|
+
overridesDataObjects.push(getOverridesDataByAgent['npm'](pkgJson), getOverridesDataByAgent['yarn'](pkgJson));
|
|
1341
1361
|
}
|
|
1362
|
+
const spinner = isRoot ? (0, _ora$i.default)('Fetching override manifests...').start() : undefined;
|
|
1342
1363
|
const depAliasMap = new Map();
|
|
1343
|
-
const spinner = (0, _ora$i.default)(`Fetching override manifests...`).start();
|
|
1344
1364
|
// Chunk package names to process them in parallel 3 at a time.
|
|
1345
|
-
await (0,
|
|
1365
|
+
await (0, _promises2.pEach)(manifestEntries, 3, async ({
|
|
1346
1366
|
1: data
|
|
1347
1367
|
}) => {
|
|
1348
1368
|
const {
|
|
@@ -1373,8 +1393,11 @@ async function addOverrides({
|
|
|
1373
1393
|
});
|
|
1374
1394
|
}
|
|
1375
1395
|
}
|
|
1396
|
+
if (!isRoot) {
|
|
1397
|
+
return;
|
|
1398
|
+
}
|
|
1376
1399
|
// Chunk package names to process them in parallel 3 at a time.
|
|
1377
|
-
await (0,
|
|
1400
|
+
await (0, _promises2.pEach)(overridesDataObjects, 3, async ({
|
|
1378
1401
|
overrides,
|
|
1379
1402
|
type
|
|
1380
1403
|
}) => {
|
|
@@ -1402,7 +1425,34 @@ async function addOverrides({
|
|
|
1402
1425
|
}
|
|
1403
1426
|
});
|
|
1404
1427
|
});
|
|
1405
|
-
|
|
1428
|
+
if (workspaces) {
|
|
1429
|
+
const wsPkgJsonPaths = await (0, _tinyglobby.glob)(workspaces.map(workspaceToGlobPattern), {
|
|
1430
|
+
absolute: true,
|
|
1431
|
+
cwd: pkgPath
|
|
1432
|
+
});
|
|
1433
|
+
// Chunk package names to process them in parallel 3 at a time.
|
|
1434
|
+
await (0, _promises2.pEach)(wsPkgJsonPaths, 3, async wsPkgJsonPath => {
|
|
1435
|
+
const {
|
|
1436
|
+
added,
|
|
1437
|
+
updated
|
|
1438
|
+
} = await addOverrides({
|
|
1439
|
+
agent,
|
|
1440
|
+
lockSrc,
|
|
1441
|
+
lockIncludes,
|
|
1442
|
+
manifestEntries,
|
|
1443
|
+
pin,
|
|
1444
|
+
pkgPath: _nodePath$2.dirname(wsPkgJsonPath),
|
|
1445
|
+
rootPath
|
|
1446
|
+
});
|
|
1447
|
+
for (const regPkgName of added) {
|
|
1448
|
+
state.added.add(regPkgName);
|
|
1449
|
+
}
|
|
1450
|
+
for (const regPkgName of updated) {
|
|
1451
|
+
state.updated.add(regPkgName);
|
|
1452
|
+
}
|
|
1453
|
+
});
|
|
1454
|
+
}
|
|
1455
|
+
spinner?.stop();
|
|
1406
1456
|
if (state.added.size || state.updated.size) {
|
|
1407
1457
|
editablePkgJson.update(Object.fromEntries(depEntries));
|
|
1408
1458
|
for (const {
|
|
@@ -1417,7 +1467,6 @@ async function addOverrides({
|
|
|
1417
1467
|
}
|
|
1418
1468
|
async function fetchPackageManifest(pkgNameOrId, options) {
|
|
1419
1469
|
const pacoteOptions = {
|
|
1420
|
-
__proto__: null,
|
|
1421
1470
|
...options,
|
|
1422
1471
|
packumentCache,
|
|
1423
1472
|
preferOffline: true
|
|
@@ -1453,13 +1502,11 @@ const optimize = optimize$1.optimize = {
|
|
|
1453
1502
|
const {
|
|
1454
1503
|
agent,
|
|
1455
1504
|
agentExecPath,
|
|
1456
|
-
isPrivate,
|
|
1457
|
-
isWorkspace,
|
|
1458
1505
|
lockSrc,
|
|
1459
1506
|
lockPath,
|
|
1460
1507
|
minimumNodeVersion,
|
|
1461
|
-
pkgJsonPath,
|
|
1462
1508
|
pkgJson,
|
|
1509
|
+
pkgPath,
|
|
1463
1510
|
supported
|
|
1464
1511
|
} = await (0, _packageManagerDetector.detect)({
|
|
1465
1512
|
cwd,
|
|
@@ -1476,7 +1523,7 @@ const optimize = optimize$1.optimize = {
|
|
|
1476
1523
|
console.log(`✘ ${COMMAND_TITLE}: No ${lockName} found`);
|
|
1477
1524
|
return;
|
|
1478
1525
|
}
|
|
1479
|
-
if (
|
|
1526
|
+
if (pkgPath === undefined) {
|
|
1480
1527
|
console.log(`✘ ${COMMAND_TITLE}: No package.json found`);
|
|
1481
1528
|
return;
|
|
1482
1529
|
}
|
|
@@ -1494,15 +1541,14 @@ const optimize = optimize$1.optimize = {
|
|
|
1494
1541
|
1: data
|
|
1495
1542
|
}) => _semver.satisfies(_semver.coerce(data.engines.node), nodeRange));
|
|
1496
1543
|
await addOverrides({
|
|
1497
|
-
__proto__: null,
|
|
1498
1544
|
agent: agent === 'bun' ? 'yarn' : agent,
|
|
1499
|
-
isPrivate,
|
|
1500
|
-
isWorkspace,
|
|
1501
1545
|
lockIncludes,
|
|
1502
1546
|
lockSrc,
|
|
1503
1547
|
manifestEntries,
|
|
1504
1548
|
pin,
|
|
1505
|
-
|
|
1549
|
+
pkgJson,
|
|
1550
|
+
pkgPath,
|
|
1551
|
+
rootPath: pkgPath
|
|
1506
1552
|
}, state);
|
|
1507
1553
|
}
|
|
1508
1554
|
const pkgJsonChanged = state.updated.size > 0 || state.updated.size > 0;
|
|
@@ -1526,7 +1572,6 @@ const optimize = optimize$1.optimize = {
|
|
|
1526
1572
|
await _promiseSpawn$2(process.execPath, [wrapperPath, 'install'], {
|
|
1527
1573
|
stdio: 'pipe',
|
|
1528
1574
|
env: {
|
|
1529
|
-
__proto__: null,
|
|
1530
1575
|
...process.env,
|
|
1531
1576
|
UPDATE_SOCKET_OVERRIDES_IN_PACKAGE_LOCK_FILE: '1'
|
|
1532
1577
|
}
|
|
@@ -1552,7 +1597,6 @@ const optimize = optimize$1.optimize = {
|
|
|
1552
1597
|
|
|
1553
1598
|
function setupCommand$l(name, description, argv, importMeta) {
|
|
1554
1599
|
const flags = {
|
|
1555
|
-
__proto__: null,
|
|
1556
1600
|
..._flags$j.commonFlags,
|
|
1557
1601
|
pin: {
|
|
1558
1602
|
type: 'boolean',
|
|
@@ -1668,7 +1712,6 @@ const rawNpm = rawNpm$1.rawNpm = {
|
|
|
1668
1712
|
};
|
|
1669
1713
|
async function setupCommand$j(name, description, argv, importMeta) {
|
|
1670
1714
|
const flags = {
|
|
1671
|
-
__proto__: null,
|
|
1672
1715
|
..._flags$i.commonFlags,
|
|
1673
1716
|
..._flags$i.validationFlags
|
|
1674
1717
|
};
|
|
@@ -1729,7 +1772,6 @@ const rawNpx = rawNpx$1.rawNpx = {
|
|
|
1729
1772
|
};
|
|
1730
1773
|
async function setupCommand$i(name, description, argv, importMeta) {
|
|
1731
1774
|
const flags = {
|
|
1732
|
-
__proto__: null,
|
|
1733
1775
|
..._flags$h.commonFlags,
|
|
1734
1776
|
..._flags$h.validationFlags
|
|
1735
1777
|
};
|
|
@@ -1814,7 +1856,6 @@ const view$2 = view$3.view = {
|
|
|
1814
1856
|
|
|
1815
1857
|
function setupCommand$h(name, description, argv, importMeta) {
|
|
1816
1858
|
const flags = {
|
|
1817
|
-
__proto__: null,
|
|
1818
1859
|
..._flags$g.commonFlags,
|
|
1819
1860
|
..._flags$g.outputFlags,
|
|
1820
1861
|
..._flags$g.validationFlags
|
|
@@ -1925,8 +1966,8 @@ Object.defineProperty(create$5, "__esModule", {
|
|
|
1925
1966
|
});
|
|
1926
1967
|
create$5.create = void 0;
|
|
1927
1968
|
var _nodePath$1 = require$$1;
|
|
1928
|
-
var _betterAjvErrors = require$$2;
|
|
1929
|
-
var _config = require$$3$
|
|
1969
|
+
var _betterAjvErrors = require$$2$1;
|
|
1970
|
+
var _config = require$$3$1;
|
|
1930
1971
|
var _meow$h = _interopRequireDefault$i(vendor.build);
|
|
1931
1972
|
var _ora$f = _interopRequireDefault$i(vendor.ora);
|
|
1932
1973
|
var _ponyCause$2 = require$$6;
|
|
@@ -1995,7 +2036,6 @@ const create$4 = create$5.create = {
|
|
|
1995
2036
|
|
|
1996
2037
|
async function setupCommand$g(name, description, argv, importMeta) {
|
|
1997
2038
|
const flags = {
|
|
1998
|
-
__proto__: null,
|
|
1999
2039
|
..._flags$f.commonFlags,
|
|
2000
2040
|
..._flags$f.outputFlags,
|
|
2001
2041
|
..._flags$f.validationFlags,
|
|
@@ -2183,7 +2223,6 @@ async function meowWithSubcommands(subcommands, options) {
|
|
|
2183
2223
|
}
|
|
2184
2224
|
}
|
|
2185
2225
|
const flags = {
|
|
2186
|
-
__proto__: null,
|
|
2187
2226
|
..._flags$e.commonFlags,
|
|
2188
2227
|
...additionalOptions.flags
|
|
2189
2228
|
};
|
|
@@ -2245,8 +2284,8 @@ Object.defineProperty(wrapper$1, "__esModule", {
|
|
|
2245
2284
|
});
|
|
2246
2285
|
wrapper$1.wrapper = void 0;
|
|
2247
2286
|
var _nodeFs$2 = require$$0;
|
|
2248
|
-
var _nodeOs = require$$2$
|
|
2249
|
-
var _nodeReadline = require$$3$
|
|
2287
|
+
var _nodeOs = require$$2$2;
|
|
2288
|
+
var _nodeReadline = require$$3$2;
|
|
2250
2289
|
var _meow$f = _interopRequireDefault$g(vendor.build);
|
|
2251
2290
|
var _flags$d = flags$1;
|
|
2252
2291
|
var _formatting$e = formatting;
|
|
@@ -2406,7 +2445,7 @@ Object.defineProperty(create$3, "__esModule", {
|
|
|
2406
2445
|
});
|
|
2407
2446
|
create$3.create = void 0;
|
|
2408
2447
|
var _nodeProcess = require$$0$1;
|
|
2409
|
-
var _promises$1 = require$$2$
|
|
2448
|
+
var _promises$1 = require$$2$3;
|
|
2410
2449
|
var _chalk$e = _interopRequireDefault$f(vendor.source);
|
|
2411
2450
|
var _meow$e = _interopRequireDefault$f(vendor.build);
|
|
2412
2451
|
var _open = _interopRequireDefault$f(vendor.open);
|
|
@@ -2643,7 +2682,6 @@ const del$1 = _delete$3.del = {
|
|
|
2643
2682
|
|
|
2644
2683
|
function setupCommand$d(name, description, argv, importMeta) {
|
|
2645
2684
|
const flags = {
|
|
2646
|
-
__proto__: null,
|
|
2647
2685
|
..._flags$c.commonFlags,
|
|
2648
2686
|
..._flags$c.outputFlags
|
|
2649
2687
|
};
|
|
@@ -2701,7 +2739,7 @@ Object.defineProperty(list$3, "__esModule", {
|
|
|
2701
2739
|
});
|
|
2702
2740
|
list$3.list = void 0;
|
|
2703
2741
|
var _chalk$c = _interopRequireDefault$d(vendor.source);
|
|
2704
|
-
var _chalkTable$3 = require$$2$
|
|
2742
|
+
var _chalkTable$3 = require$$2$4;
|
|
2705
2743
|
var _meow$c = _interopRequireDefault$d(vendor.build);
|
|
2706
2744
|
var _ora$c = _interopRequireDefault$d(vendor.ora);
|
|
2707
2745
|
var _flags$b = flags$1;
|
|
@@ -2772,7 +2810,6 @@ const listFullScanFlags = {
|
|
|
2772
2810
|
|
|
2773
2811
|
function setupCommand$c(name, description, argv, importMeta) {
|
|
2774
2812
|
const flags = {
|
|
2775
|
-
__proto__: null,
|
|
2776
2813
|
..._flags$b.commonFlags,
|
|
2777
2814
|
...listFullScanFlags,
|
|
2778
2815
|
..._flags$b.outputFlags
|
|
@@ -2893,7 +2930,6 @@ const metadata = metadata$1.metadata = {
|
|
|
2893
2930
|
|
|
2894
2931
|
function setupCommand$b(name, description, argv, importMeta) {
|
|
2895
2932
|
const flags = {
|
|
2896
|
-
__proto__: null,
|
|
2897
2933
|
..._flags$a.commonFlags,
|
|
2898
2934
|
..._flags$a.outputFlags
|
|
2899
2935
|
};
|
|
@@ -2982,7 +3018,6 @@ const stream = stream$1.stream = {
|
|
|
2982
3018
|
|
|
2983
3019
|
function setupCommand$a(name, description, argv, importMeta) {
|
|
2984
3020
|
const flags = {
|
|
2985
|
-
__proto__: null,
|
|
2986
3021
|
..._flags$9.commonFlags,
|
|
2987
3022
|
..._flags$9.outputFlags
|
|
2988
3023
|
};
|
|
@@ -3123,7 +3158,6 @@ const auditLogFlags = {
|
|
|
3123
3158
|
|
|
3124
3159
|
function setupCommand$9(name, description, argv, importMeta) {
|
|
3125
3160
|
const flags = {
|
|
3126
|
-
__proto__: null,
|
|
3127
3161
|
...auditLogFlags,
|
|
3128
3162
|
..._flags$8.commonFlags,
|
|
3129
3163
|
..._flags$8.outputFlags
|
|
@@ -3276,7 +3310,6 @@ const repositoryCreationFlags = {
|
|
|
3276
3310
|
|
|
3277
3311
|
function setupCommand$8(name, description, argv, importMeta) {
|
|
3278
3312
|
const flags = {
|
|
3279
|
-
__proto__: null,
|
|
3280
3313
|
..._flags$7.commonFlags,
|
|
3281
3314
|
..._flags$7.outputFlags,
|
|
3282
3315
|
...repositoryCreationFlags
|
|
@@ -3417,7 +3450,7 @@ Object.defineProperty(list$1, "__esModule", {
|
|
|
3417
3450
|
});
|
|
3418
3451
|
list$1.list = void 0;
|
|
3419
3452
|
var _chalk$6 = _interopRequireDefault$7(vendor.source);
|
|
3420
|
-
var _chalkTable$2 = require$$2$
|
|
3453
|
+
var _chalkTable$2 = require$$2$4;
|
|
3421
3454
|
var _meow$6 = _interopRequireDefault$7(vendor.build);
|
|
3422
3455
|
var _ora$6 = _interopRequireDefault$7(vendor.ora);
|
|
3423
3456
|
var _flags$6 = flags$1;
|
|
@@ -3475,7 +3508,6 @@ const listRepoFlags = {
|
|
|
3475
3508
|
|
|
3476
3509
|
function setupCommand$6(name, description, argv, importMeta) {
|
|
3477
3510
|
const flags = {
|
|
3478
|
-
__proto__: null,
|
|
3479
3511
|
..._flags$6.commonFlags,
|
|
3480
3512
|
...listRepoFlags,
|
|
3481
3513
|
..._flags$6.outputFlags
|
|
@@ -3616,7 +3648,6 @@ const repositoryUpdateFlags = {
|
|
|
3616
3648
|
|
|
3617
3649
|
function setupCommand$5(name, description, argv, importMeta) {
|
|
3618
3650
|
const flags = {
|
|
3619
|
-
__proto__: null,
|
|
3620
3651
|
..._flags$5.commonFlags,
|
|
3621
3652
|
..._flags$5.outputFlags,
|
|
3622
3653
|
...repositoryUpdateFlags
|
|
@@ -3682,7 +3713,7 @@ Object.defineProperty(view$1, "__esModule", {
|
|
|
3682
3713
|
});
|
|
3683
3714
|
view$1.view = void 0;
|
|
3684
3715
|
var _chalk$4 = _interopRequireDefault$5(vendor.source);
|
|
3685
|
-
var _chalkTable$1 = require$$2$
|
|
3716
|
+
var _chalkTable$1 = require$$2$4;
|
|
3686
3717
|
var _meow$4 = _interopRequireDefault$5(vendor.build);
|
|
3687
3718
|
var _ora$4 = _interopRequireDefault$5(vendor.ora);
|
|
3688
3719
|
var _flags$4 = flags$1;
|
|
@@ -3715,7 +3746,6 @@ const view = view$1.view = {
|
|
|
3715
3746
|
|
|
3716
3747
|
function setupCommand$4(name, description, argv, importMeta) {
|
|
3717
3748
|
const flags = {
|
|
3718
|
-
__proto__: null,
|
|
3719
3749
|
..._flags$4.commonFlags,
|
|
3720
3750
|
..._flags$4.outputFlags
|
|
3721
3751
|
};
|
|
@@ -3828,7 +3858,7 @@ Object.defineProperty(dependencies$1, "__esModule", {
|
|
|
3828
3858
|
});
|
|
3829
3859
|
dependencies$1.dependencies = void 0;
|
|
3830
3860
|
var _chalk$3 = _interopRequireDefault$4(vendor.source);
|
|
3831
|
-
var _chalkTable = require$$2$
|
|
3861
|
+
var _chalkTable = require$$2$4;
|
|
3832
3862
|
var _meow$3 = _interopRequireDefault$4(vendor.build);
|
|
3833
3863
|
var _ora$3 = _interopRequireDefault$4(vendor.ora);
|
|
3834
3864
|
var _flags$3 = flags$1;
|
|
@@ -3869,7 +3899,6 @@ const dependenciesFlags = {
|
|
|
3869
3899
|
|
|
3870
3900
|
function setupCommand$3(name, description, argv, importMeta) {
|
|
3871
3901
|
const flags = {
|
|
3872
|
-
__proto__: null,
|
|
3873
3902
|
..._flags$3.commonFlags,
|
|
3874
3903
|
...dependenciesFlags,
|
|
3875
3904
|
..._flags$3.outputFlags
|
|
@@ -3963,8 +3992,8 @@ Object.defineProperty(analytics$1, "__esModule", {
|
|
|
3963
3992
|
});
|
|
3964
3993
|
analytics$1.analytics = void 0;
|
|
3965
3994
|
var _promises = require$$1$4;
|
|
3966
|
-
var _blessed$1 = require$$2$
|
|
3967
|
-
var _blessedContrib$1 = require$$3$
|
|
3995
|
+
var _blessed$1 = require$$2$5;
|
|
3996
|
+
var _blessedContrib$1 = require$$3$3;
|
|
3968
3997
|
var _chalk$2 = _interopRequireDefault$3(vendor.source);
|
|
3969
3998
|
var _meow$2 = _interopRequireDefault$3(vendor.build);
|
|
3970
3999
|
var _ora$2 = _interopRequireDefault$3(vendor.ora);
|
|
@@ -4030,7 +4059,6 @@ const analyticsFlags = {
|
|
|
4030
4059
|
|
|
4031
4060
|
function setupCommand$2(name, description, argv, importMeta) {
|
|
4032
4061
|
const flags = {
|
|
4033
|
-
__proto__: null,
|
|
4034
4062
|
..._flags$2.commonFlags,
|
|
4035
4063
|
..._flags$2.outputFlags,
|
|
4036
4064
|
...analyticsFlags
|
|
@@ -4343,7 +4371,6 @@ const getDiffScanFlags = {
|
|
|
4343
4371
|
|
|
4344
4372
|
function setupCommand$1(name, description, argv, importMeta) {
|
|
4345
4373
|
const flags = {
|
|
4346
|
-
__proto__: null,
|
|
4347
4374
|
..._flags$1.commonFlags,
|
|
4348
4375
|
...getDiffScanFlags,
|
|
4349
4376
|
..._flags$1.outputFlags
|
|
@@ -4460,8 +4487,8 @@ Object.defineProperty(threatFeed$1, "__esModule", {
|
|
|
4460
4487
|
value: true
|
|
4461
4488
|
});
|
|
4462
4489
|
threatFeed$1.threatFeed = void 0;
|
|
4463
|
-
var _blessed = require$$2$
|
|
4464
|
-
var _blessedContrib = require$$3$
|
|
4490
|
+
var _blessed = require$$2$5;
|
|
4491
|
+
var _blessedContrib = require$$3$3;
|
|
4465
4492
|
var _meow = _interopRequireDefault$1(vendor.build);
|
|
4466
4493
|
var _ora = _interopRequireDefault$1(vendor.ora);
|
|
4467
4494
|
var _flags = flags$1;
|
|
@@ -4519,7 +4546,6 @@ const threatFeedFlags = {
|
|
|
4519
4546
|
|
|
4520
4547
|
function setupCommand(name, description, argv, importMeta) {
|
|
4521
4548
|
const flags = {
|
|
4522
|
-
__proto__: null,
|
|
4523
4549
|
..._flags.commonFlags,
|
|
4524
4550
|
..._flags.outputFlags,
|
|
4525
4551
|
...threatFeedFlags
|
|
@@ -4842,7 +4868,7 @@ var _interopRequireWildcard = vendor.interopRequireWildcard.default;
|
|
|
4842
4868
|
var _interopRequireDefault = vendor.interopRequireDefault.default;
|
|
4843
4869
|
var _nodeFs = require$$0;
|
|
4844
4870
|
var _nodePath = require$$1;
|
|
4845
|
-
var _nodeUrl = require$$2$
|
|
4871
|
+
var _nodeUrl = require$$2$6;
|
|
4846
4872
|
var _chalk = _interopRequireDefault(vendor.source);
|
|
4847
4873
|
var _ponyCause = require$$6;
|
|
4848
4874
|
var _updateNotifier = _interopRequireDefault(vendor.updateNotifier);
|
package/dist/link.js
CHANGED
|
@@ -2,7 +2,7 @@
|
|
|
2
2
|
|
|
3
3
|
var require$$0 = require('node:fs');
|
|
4
4
|
var require$$1 = require('node:path');
|
|
5
|
-
var require$$
|
|
5
|
+
var require$$6 = require('which');
|
|
6
6
|
|
|
7
7
|
var link = {};
|
|
8
8
|
|
|
@@ -12,7 +12,7 @@ Object.defineProperty(link, "__esModule", {
|
|
|
12
12
|
link.installLinks = installLinks;
|
|
13
13
|
var _nodeFs = require$$0;
|
|
14
14
|
var _nodePath = require$$1;
|
|
15
|
-
var _which = require$$
|
|
15
|
+
var _which = require$$6;
|
|
16
16
|
function installLinks(realDirname, binName) {
|
|
17
17
|
const realShadowBinDir = realDirname;
|
|
18
18
|
// find package manager being shadowed by this process
|
package/dist/npm-injection.js
CHANGED
|
@@ -8,14 +8,16 @@ var require$$2$1 = require('node:events');
|
|
|
8
8
|
var require$$4 = require('node:https');
|
|
9
9
|
var require$$3 = require('node:readline');
|
|
10
10
|
var require$$5 = require('node:stream');
|
|
11
|
-
var require$$8
|
|
11
|
+
var require$$8 = require('node:timers/promises');
|
|
12
12
|
var require$$3$1 = require('@socketsecurity/config');
|
|
13
|
+
var require$$7 = require('npm-package-arg');
|
|
14
|
+
var require$$3$2 = require('semver');
|
|
13
15
|
var sdk = require('./sdk.js');
|
|
14
16
|
var require$$1$1 = require('node:net');
|
|
15
17
|
var require$$2 = require('node:os');
|
|
16
18
|
var require$$6 = require('../package.json');
|
|
17
19
|
var pathResolve = require('./path-resolve.js');
|
|
18
|
-
var require$$
|
|
20
|
+
var require$$9 = require('pacote');
|
|
19
21
|
|
|
20
22
|
var npmInjection$1 = {};
|
|
21
23
|
|
|
@@ -388,11 +390,13 @@ var _nodeHttps = require$$4;
|
|
|
388
390
|
var _nodePath$1 = require$$1;
|
|
389
391
|
var _nodeReadline = require$$3;
|
|
390
392
|
var _nodeStream = require$$5;
|
|
391
|
-
var _promises = require$$8
|
|
393
|
+
var _promises = require$$8;
|
|
392
394
|
var _config = require$$3$1;
|
|
393
395
|
var _chalk = _interopRequireDefault(vendor.source);
|
|
394
396
|
var _isInteractive = _interopRequireDefault(vendor.isInteractive);
|
|
395
397
|
var _ora = _interopRequireWildcard(vendor.ora);
|
|
398
|
+
var _npmPackageArg = require$$7;
|
|
399
|
+
var _semver = require$$3$2;
|
|
396
400
|
var _constants = sdk.constants;
|
|
397
401
|
var _ttyServer = ttyServer$1;
|
|
398
402
|
var _chalkMarkdown = sdk.chalkMarkdown;
|
|
@@ -440,7 +444,7 @@ let tarball;
|
|
|
440
444
|
try {
|
|
441
445
|
tarball = require(_nodePath$1.join(npmNmPath, 'pacote')).tarball;
|
|
442
446
|
} catch {
|
|
443
|
-
tarball = require$$
|
|
447
|
+
tarball = require$$9.tarball;
|
|
444
448
|
}
|
|
445
449
|
const Arborist = require(arboristClassPath);
|
|
446
450
|
const Edge = require(arboristEdgeClassPath);
|
|
@@ -1202,6 +1206,44 @@ class SafeOverrideSet extends OverrideSet {
|
|
|
1202
1206
|
}
|
|
1203
1207
|
return true;
|
|
1204
1208
|
}
|
|
1209
|
+
getEdgeRule(edge) {
|
|
1210
|
+
for (const rule of this.ruleset.values()) {
|
|
1211
|
+
if (rule.name !== edge.name) {
|
|
1212
|
+
continue;
|
|
1213
|
+
}
|
|
1214
|
+
// If keySpec is * we found our override.
|
|
1215
|
+
if (rule.keySpec === '*') {
|
|
1216
|
+
return rule;
|
|
1217
|
+
}
|
|
1218
|
+
// Patch replacing
|
|
1219
|
+
// let spec = npa(`${edge.name}@${edge.spec}`)
|
|
1220
|
+
// is based on https://github.com/npm/cli/pull/7025.
|
|
1221
|
+
//
|
|
1222
|
+
// We need to use the rawSpec here, because the spec has the overrides
|
|
1223
|
+
// applied to it already.
|
|
1224
|
+
let spec = _npmPackageArg(`${edge.name}@${edge.rawSpec}`);
|
|
1225
|
+
if (spec.type === 'alias') {
|
|
1226
|
+
spec = spec.subSpec;
|
|
1227
|
+
}
|
|
1228
|
+
if (spec.type === 'git') {
|
|
1229
|
+
if (spec.gitRange && rule.keySpec && _semver.intersects(spec.gitRange, rule.keySpec)) {
|
|
1230
|
+
return rule;
|
|
1231
|
+
}
|
|
1232
|
+
continue;
|
|
1233
|
+
}
|
|
1234
|
+
if (spec.type === 'range' || spec.type === 'version') {
|
|
1235
|
+
if (rule.keySpec && _semver.intersects(spec.fetchSpec, rule.keySpec)) {
|
|
1236
|
+
return rule;
|
|
1237
|
+
}
|
|
1238
|
+
continue;
|
|
1239
|
+
}
|
|
1240
|
+
// If we got this far, the spec type is one of tag, directory or file
|
|
1241
|
+
// which means we have no real way to make version comparisons, so we
|
|
1242
|
+
// just accept the override.
|
|
1243
|
+
return rule;
|
|
1244
|
+
}
|
|
1245
|
+
return this;
|
|
1246
|
+
}
|
|
1205
1247
|
|
|
1206
1248
|
// Patch adding isEqual is based on
|
|
1207
1249
|
// https://github.com/npm/cli/pull/7025.
|
package/dist/path-resolve.js
CHANGED
|
@@ -4,7 +4,7 @@ var require$$1$1 = require('node:fs/promises');
|
|
|
4
4
|
var require$$1 = require('node:path');
|
|
5
5
|
var require$$2 = require('ignore');
|
|
6
6
|
var require$$3 = require('micromatch');
|
|
7
|
-
var require$$
|
|
7
|
+
var require$$11 = require('tinyglobby');
|
|
8
8
|
|
|
9
9
|
var pathResolve = {};
|
|
10
10
|
|
|
@@ -51,7 +51,7 @@ var _promises = require$$1$1;
|
|
|
51
51
|
var _nodePath = require$$1;
|
|
52
52
|
var _ignore = require$$2;
|
|
53
53
|
var _micromatch = require$$3;
|
|
54
|
-
var _tinyglobby = require$$
|
|
54
|
+
var _tinyglobby = require$$11;
|
|
55
55
|
var _ignoreByDefault = ignoreByDefault;
|
|
56
56
|
async function filterGlobResultToSupportedFiles(entries, supportedFiles) {
|
|
57
57
|
const patterns = ['golang', 'npm', 'pypi'].reduce((r, n) => {
|
|
@@ -72,7 +72,6 @@ async function globWithGitIgnore(patterns, options) {
|
|
|
72
72
|
};
|
|
73
73
|
const projectIgnorePaths = socketConfig?.projectIgnorePaths;
|
|
74
74
|
const ignoreFiles = await (0, _tinyglobby.glob)(['**/.gitignore'], {
|
|
75
|
-
__proto__: null,
|
|
76
75
|
absolute: true,
|
|
77
76
|
cwd,
|
|
78
77
|
expandDirectories: true
|
|
@@ -80,7 +79,6 @@ async function globWithGitIgnore(patterns, options) {
|
|
|
80
79
|
const ignores = [...(0, _ignoreByDefault.directoryPatterns)(), ...(Array.isArray(projectIgnorePaths) ? ignoreFileLinesToGlobPatterns(projectIgnorePaths, _nodePath.join(cwd, '.gitignore'), cwd) : []), ...(await Promise.all(ignoreFiles.map(async filepath => ignoreFileToGlobPatterns(await _promises.readFile(filepath, 'utf8'), filepath, cwd)))).flat()];
|
|
81
80
|
const hasNegatedPattern = ignores.some(p => p.charCodeAt(0) === 33 /*'!'*/);
|
|
82
81
|
const globOptions = {
|
|
83
|
-
__proto__: null,
|
|
84
82
|
absolute: true,
|
|
85
83
|
cwd,
|
|
86
84
|
expandDirectories: false,
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "socket",
|
|
3
|
-
"version": "0.14.
|
|
3
|
+
"version": "0.14.17",
|
|
4
4
|
"description": "CLI tool for Socket.dev",
|
|
5
5
|
"homepage": "http://github.com/SocketDev/socket-cli",
|
|
6
6
|
"license": "MIT",
|
|
@@ -79,6 +79,7 @@
|
|
|
79
79
|
"tinyglobby": "^0.2.10",
|
|
80
80
|
"which": "^5.0.0",
|
|
81
81
|
"write-file-atomic": "^6.0.0",
|
|
82
|
+
"yaml": "^2.6.0",
|
|
82
83
|
"yargs-parser": "^21.1.1"
|
|
83
84
|
},
|
|
84
85
|
"devDependencies": {
|
|
@@ -118,7 +119,6 @@
|
|
|
118
119
|
"eslint-plugin-depend": "^0.11.0",
|
|
119
120
|
"eslint-plugin-n": "^17.11.1",
|
|
120
121
|
"eslint-plugin-unicorn": "^56.0.0",
|
|
121
|
-
"globby": "^14.0.2",
|
|
122
122
|
"husky": "^9.1.6",
|
|
123
123
|
"is-interactive": "^2.0.0",
|
|
124
124
|
"is-unicode-supported": "^2.1.0",
|
|
@@ -146,9 +146,6 @@
|
|
|
146
146
|
"validate-npm-package-name": "^6.0.0"
|
|
147
147
|
},
|
|
148
148
|
"overrides": {
|
|
149
|
-
"@cyclonedx/cdxgen": {
|
|
150
|
-
"packageurl-js": "https://registry.npmjs.org/packageurl-js/-/packageurl-js-2.0.1.tgz"
|
|
151
|
-
},
|
|
152
149
|
"aggregate-error": "npm:@socketregistry/aggregate-error@^1",
|
|
153
150
|
"es-define-property": "npm:@socketregistry/es-define-property@^1",
|
|
154
151
|
"function-bind": "npm:@socketregistry/function-bind@^1",
|
|
@@ -161,11 +158,15 @@
|
|
|
161
158
|
"indent-string": "npm:@socketregistry/indent-string@^1",
|
|
162
159
|
"is-core-module": "npm:@socketregistry/is-core-module@^1",
|
|
163
160
|
"isarray": "npm:@socketregistry/isarray@^1",
|
|
161
|
+
"npm-package-arg": "$npm-package-arg",
|
|
162
|
+
"packageurl-js": "https://registry.npmjs.org/packageurl-js/-/packageurl-js-2.0.1.tgz",
|
|
164
163
|
"path-parse": "npm:@socketregistry/path-parse@^1",
|
|
165
164
|
"safe-buffer": "npm:@socketregistry/safe-buffer@^1",
|
|
166
165
|
"safer-buffer": "npm:@socketregistry/safer-buffer@^1",
|
|
166
|
+
"semver": "$semver",
|
|
167
167
|
"set-function-length": "npm:@socketregistry/set-function-length@^1",
|
|
168
|
-
"side-channel": "npm:@socketregistry/side-channel@^1"
|
|
168
|
+
"side-channel": "npm:@socketregistry/side-channel@^1",
|
|
169
|
+
"yaml": "$yaml"
|
|
169
170
|
},
|
|
170
171
|
"resolutions": {
|
|
171
172
|
"aggregate-error": "npm:@socketregistry/aggregate-error@^1",
|
|
@@ -180,11 +181,15 @@
|
|
|
180
181
|
"indent-string": "npm:@socketregistry/indent-string@^1",
|
|
181
182
|
"is-core-module": "npm:@socketregistry/is-core-module@^1",
|
|
182
183
|
"isarray": "npm:@socketregistry/isarray@^1",
|
|
184
|
+
"npm-package-arg": "^12.0.0",
|
|
185
|
+
"packageurl-js": "https://registry.npmjs.org/packageurl-js/-/packageurl-js-2.0.1.tgz",
|
|
183
186
|
"path-parse": "npm:@socketregistry/path-parse@^1",
|
|
184
187
|
"safe-buffer": "npm:@socketregistry/safe-buffer@^1",
|
|
185
188
|
"safer-buffer": "npm:@socketregistry/safer-buffer@^1",
|
|
189
|
+
"semver": "^7.6.3",
|
|
186
190
|
"set-function-length": "npm:@socketregistry/set-function-length@^1",
|
|
187
|
-
"side-channel": "npm:@socketregistry/side-channel@^1"
|
|
191
|
+
"side-channel": "npm:@socketregistry/side-channel@^1",
|
|
192
|
+
"yaml": "^2.6.0"
|
|
188
193
|
},
|
|
189
194
|
"engines": {
|
|
190
195
|
"node": "^20.9.0 || >=22.0.0"
|