socket 0.14.16 → 0.14.18
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/cli.d.ts.map +1 -1
- package/dist/cli.js +202 -165
- package/dist/link.js +2 -2
- package/dist/npm-injection.js +6 -6
- package/dist/path-resolve.js +2 -4
- package/package.json +8 -6
package/dist/cli.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"cli.d.ts","sourceRoot":"","sources":["../src/cli.ts","../src/utils/formatting.ts","../src/utils/sorts.ts","../src/flags.ts","../src/utils/meow-with-subcommands.ts","../src/commands/cdxgen.ts","../src/utils/api-helpers.ts","../src/utils/format-issues.ts","../src/commands/info.ts","../src/commands/login.ts","../src/commands/logout.ts","../src/commands/npm.ts","../src/commands/npx.ts","../src/utils/fs.ts","../src/utils/
|
|
1
|
+
{"version":3,"file":"cli.d.ts","sourceRoot":"","sources":["../src/cli.ts","../src/utils/formatting.ts","../src/utils/sorts.ts","../src/flags.ts","../src/utils/meow-with-subcommands.ts","../src/commands/cdxgen.ts","../src/utils/api-helpers.ts","../src/utils/format-issues.ts","../src/commands/info.ts","../src/commands/login.ts","../src/commands/logout.ts","../src/commands/npm.ts","../src/commands/npx.ts","../src/utils/fs.ts","../src/utils/strings.ts","../src/utils/package-manager-detector.ts","../src/utils/arrays.ts","../src/utils/promises.ts","../src/utils/regexps.ts","../src/commands/optimize.ts","../src/commands/organization.ts","../src/commands/raw-npm.ts","../src/commands/raw-npx.ts","../src/commands/report/view.ts","../src/commands/report/create.ts","../src/commands/report/index.ts","../src/commands/wrapper.ts","../src/commands/scan/create.ts","../src/commands/scan/delete.ts","../src/commands/scan/list.ts","../src/commands/scan/metadata.ts","../src/commands/scan/stream.ts","../src/commands/scan/index.ts","../src/commands/audit-log.ts","../src/commands/repos/create.ts","../src/commands/repos/delete.ts","../src/commands/repos/list.ts","../src/commands/repos/update.ts","../src/commands/repos/view.ts","../src/commands/repos/index.ts","../src/commands/dependencies.ts","../src/commands/analytics.ts","../src/commands/diff-scan/get.ts","../src/commands/diff-scan/index.ts","../src/commands/threat-feed.ts","../src/commands/index.ts"],"names":[],"mappings":""}
|
package/dist/cli.js
CHANGED
|
@@ -4,31 +4,33 @@
|
|
|
4
4
|
var vendor = require('./vendor.js');
|
|
5
5
|
var require$$0 = require('node:fs');
|
|
6
6
|
var require$$1 = require('node:path');
|
|
7
|
-
var require$$2$
|
|
7
|
+
var require$$2$6 = require('node:url');
|
|
8
8
|
var require$$6 = require('pony-cause');
|
|
9
9
|
var require$$1$1 = require('@npmcli/promise-spawn');
|
|
10
10
|
var require$$5 = require('yargs-parser');
|
|
11
11
|
var sdk = require('./sdk.js');
|
|
12
12
|
var require$$1$2 = require('@inquirer/prompts');
|
|
13
|
-
var require$$
|
|
14
|
-
var require$$
|
|
15
|
-
var require$$
|
|
16
|
-
var require$$
|
|
17
|
-
var require$$
|
|
18
|
-
var require$$
|
|
19
|
-
var require$$
|
|
20
|
-
var require$$
|
|
21
|
-
var require$$2 = require('@
|
|
22
|
-
var require$$
|
|
13
|
+
var require$$1$4 = require('node:fs/promises');
|
|
14
|
+
var require$$1$3 = require('@npmcli/package-json');
|
|
15
|
+
var require$$5$1 = require('@socketsecurity/registry');
|
|
16
|
+
var require$$7 = require('npm-package-arg');
|
|
17
|
+
var require$$9 = require('pacote');
|
|
18
|
+
var require$$3 = require('semver');
|
|
19
|
+
var require$$11 = require('tinyglobby');
|
|
20
|
+
var require$$12 = require('yaml');
|
|
21
|
+
var require$$2 = require('@socketregistry/hyrious__bun.lockb');
|
|
22
|
+
var require$$4 = require('browserslist');
|
|
23
|
+
var require$$6$1 = require('which');
|
|
24
|
+
var require$$2$1 = require('@apideck/better-ajv-errors');
|
|
25
|
+
var require$$3$1 = require('@socketsecurity/config');
|
|
23
26
|
var pathResolve = require('./path-resolve.js');
|
|
24
|
-
var require$$2$
|
|
25
|
-
var require$$3$
|
|
27
|
+
var require$$2$2 = require('node:os');
|
|
28
|
+
var require$$3$2 = require('node:readline');
|
|
26
29
|
var require$$0$1 = require('node:process');
|
|
27
|
-
var require$$2$
|
|
28
|
-
var require$$2$
|
|
29
|
-
var require$$
|
|
30
|
-
var require$$
|
|
31
|
-
var require$$3$5 = require('blessed-contrib');
|
|
30
|
+
var require$$2$3 = require('node:readline/promises');
|
|
31
|
+
var require$$2$4 = require('chalk-table');
|
|
32
|
+
var require$$2$5 = require('blessed');
|
|
33
|
+
var require$$3$3 = require('blessed-contrib');
|
|
32
34
|
var require$$0$2 = require('node:util');
|
|
33
35
|
|
|
34
36
|
var cli$1 = {};
|
|
@@ -163,7 +165,6 @@ cdxgen.cdxgen = {
|
|
|
163
165
|
description: 'Create an SBOM with CycloneDX generator (cdxgen)',
|
|
164
166
|
async run(argv_) {
|
|
165
167
|
const yargv = {
|
|
166
|
-
__proto__: null,
|
|
167
168
|
..._yargsParser(argv_, yargsConfig)
|
|
168
169
|
};
|
|
169
170
|
const unknown = yargv._;
|
|
@@ -330,7 +331,7 @@ Object.defineProperty(formatIssues, "__esModule", {
|
|
|
330
331
|
formatIssues.formatSeverityCount = formatSeverityCount;
|
|
331
332
|
formatIssues.getSeverityCount = getSeverityCount;
|
|
332
333
|
var _misc$2 = sdk.misc;
|
|
333
|
-
var _objects$
|
|
334
|
+
var _objects$3 = sdk.objects;
|
|
334
335
|
const SEVERITIES_BY_ORDER = ['critical', 'high', 'middle', 'low'];
|
|
335
336
|
function getDesiredSeverities(lowestToInclude) {
|
|
336
337
|
const result = [];
|
|
@@ -352,7 +353,7 @@ function formatSeverityCount(severityCount) {
|
|
|
352
353
|
return (0, _misc$2.stringJoinWithSeparateFinalSeparator)(summary);
|
|
353
354
|
}
|
|
354
355
|
function getSeverityCount(issues, lowestToInclude) {
|
|
355
|
-
const severityCount = (0, _objects$
|
|
356
|
+
const severityCount = (0, _objects$3.pick)({
|
|
356
357
|
low: 0,
|
|
357
358
|
middle: 0,
|
|
358
359
|
high: 0,
|
|
@@ -416,7 +417,7 @@ var _chalkMarkdown$3 = sdk.chalkMarkdown;
|
|
|
416
417
|
var _errors$k = sdk.errors;
|
|
417
418
|
var _formatIssues$1 = formatIssues;
|
|
418
419
|
var _formatting$m = formatting;
|
|
419
|
-
var _objects$
|
|
420
|
+
var _objects$2 = sdk.objects;
|
|
420
421
|
var _sdk$j = sdk.sdk;
|
|
421
422
|
const info = info$1.info = {
|
|
422
423
|
description: 'Look up info regarding a package',
|
|
@@ -443,7 +444,6 @@ const info = info$1.info = {
|
|
|
443
444
|
|
|
444
445
|
function setupCommand$m(name, description, argv, importMeta) {
|
|
445
446
|
const flags = {
|
|
446
|
-
__proto__: null,
|
|
447
447
|
..._flags$k.commonFlags,
|
|
448
448
|
..._flags$k.outputFlags,
|
|
449
449
|
..._flags$k.validationFlags
|
|
@@ -533,7 +533,7 @@ function formatPackageDataOutput({
|
|
|
533
533
|
License: Math.floor(score.license.score * 100)
|
|
534
534
|
};
|
|
535
535
|
Object.entries(scoreResult).map(score => console.log(`- ${score[0]}: ${formatScore(score[1])}`));
|
|
536
|
-
if ((0, _objects$
|
|
536
|
+
if ((0, _objects$2.objectSome)(severityCount)) {
|
|
537
537
|
const issueSummary = (0, _formatIssues$1.formatSeverityCount)(severityCount);
|
|
538
538
|
console.log('\n');
|
|
539
539
|
spinner[strict ? 'fail' : 'succeed'](`Package has these issues: ${issueSummary}`);
|
|
@@ -557,7 +557,7 @@ function formatPackageDataOutput({
|
|
|
557
557
|
console.log(_chalk$h.default.dim('\nOr rerun', _chalk$h.default.italic(name), 'using the', _chalk$h.default.italic('--json'), 'flag to get full JSON output'));
|
|
558
558
|
}
|
|
559
559
|
}
|
|
560
|
-
if (strict && (0, _objects$
|
|
560
|
+
if (strict && (0, _objects$2.objectSome)(severityCount)) {
|
|
561
561
|
process.exit(1);
|
|
562
562
|
}
|
|
563
563
|
}
|
|
@@ -835,8 +835,6 @@ npx.npx = {
|
|
|
835
835
|
|
|
836
836
|
var optimize$1 = {};
|
|
837
837
|
|
|
838
|
-
var packageManagerDetector = {};
|
|
839
|
-
|
|
840
838
|
var fs = {};
|
|
841
839
|
|
|
842
840
|
Object.defineProperty(fs, "__esModule", {
|
|
@@ -890,22 +888,7 @@ async function readFileUtf8(filepath, options) {
|
|
|
890
888
|
});
|
|
891
889
|
}
|
|
892
890
|
|
|
893
|
-
var
|
|
894
|
-
|
|
895
|
-
Object.defineProperty(json, "__esModule", {
|
|
896
|
-
value: true
|
|
897
|
-
});
|
|
898
|
-
json.parseJSONObject = parseJSONObject;
|
|
899
|
-
var _objects$2 = sdk.objects;
|
|
900
|
-
function parseJSONObject(jsonStr) {
|
|
901
|
-
try {
|
|
902
|
-
const value = JSON.parse(jsonStr);
|
|
903
|
-
if ((0, _objects$2.isObjectObject)(value)) {
|
|
904
|
-
return value;
|
|
905
|
-
}
|
|
906
|
-
} catch {}
|
|
907
|
-
return null;
|
|
908
|
-
}
|
|
891
|
+
var packageManagerDetector = {};
|
|
909
892
|
|
|
910
893
|
var strings = {};
|
|
911
894
|
|
|
@@ -923,13 +906,13 @@ Object.defineProperty(packageManagerDetector, "__esModule", {
|
|
|
923
906
|
packageManagerDetector.AGENTS = void 0;
|
|
924
907
|
packageManagerDetector.detect = detect;
|
|
925
908
|
var _nodePath$3 = require$$1;
|
|
926
|
-
var
|
|
909
|
+
var _packageJson$1 = require$$1$3;
|
|
910
|
+
var _hyrious__bun = require$$2;
|
|
927
911
|
var _promiseSpawn$3 = require$$1$1;
|
|
928
|
-
var _browserslist = require$$
|
|
929
|
-
var _semver$1 = require$$3
|
|
930
|
-
var _which = require$$
|
|
931
|
-
var _fs = fs;
|
|
932
|
-
var _json = json;
|
|
912
|
+
var _browserslist = require$$4;
|
|
913
|
+
var _semver$1 = require$$3;
|
|
914
|
+
var _which = require$$6$1;
|
|
915
|
+
var _fs$1 = fs;
|
|
933
916
|
var _objects$1 = sdk.objects;
|
|
934
917
|
var _strings$1 = strings;
|
|
935
918
|
const AGENTS = packageManagerDetector.AGENTS = ['bun', 'npm', 'pnpm', 'yarn'];
|
|
@@ -983,7 +966,6 @@ const LOCKS = {
|
|
|
983
966
|
// it has to be handled differently.
|
|
984
967
|
'node_modules/.package-lock.json': 'npm'
|
|
985
968
|
};
|
|
986
|
-
const PNPM_WORKSPACE = 'pnpm-workspace';
|
|
987
969
|
const readLockFileByAgent = (() => {
|
|
988
970
|
function wrapReader(reader) {
|
|
989
971
|
return async (lockPath, agentExecPath) => {
|
|
@@ -997,7 +979,7 @@ const readLockFileByAgent = (() => {
|
|
|
997
979
|
bun: wrapReader(async (lockPath, agentExecPath) => {
|
|
998
980
|
let lockBuffer;
|
|
999
981
|
try {
|
|
1000
|
-
lockBuffer = await (0, _fs.readFileBinary)(lockPath);
|
|
982
|
+
lockBuffer = await (0, _fs$1.readFileBinary)(lockPath);
|
|
1001
983
|
} catch {
|
|
1002
984
|
return undefined;
|
|
1003
985
|
}
|
|
@@ -1008,27 +990,27 @@ const readLockFileByAgent = (() => {
|
|
|
1008
990
|
// https://bun.sh/guides/install/yarnlock
|
|
1009
991
|
return (await _promiseSpawn$3(agentExecPath, [lockPath])).stdout;
|
|
1010
992
|
}),
|
|
1011
|
-
npm: wrapReader(async lockPath => await (0, _fs.readFileUtf8)(lockPath)),
|
|
1012
|
-
pnpm: wrapReader(async lockPath => await (0, _fs.readFileUtf8)(lockPath)),
|
|
1013
|
-
yarn: wrapReader(async lockPath => await (0, _fs.readFileUtf8)(lockPath))
|
|
993
|
+
npm: wrapReader(async lockPath => await (0, _fs$1.readFileUtf8)(lockPath)),
|
|
994
|
+
pnpm: wrapReader(async lockPath => await (0, _fs$1.readFileUtf8)(lockPath)),
|
|
995
|
+
yarn: wrapReader(async lockPath => await (0, _fs$1.readFileUtf8)(lockPath))
|
|
1014
996
|
};
|
|
1015
997
|
})();
|
|
1016
998
|
async function detect({
|
|
1017
999
|
cwd = process.cwd(),
|
|
1018
1000
|
onUnknown
|
|
1019
1001
|
} = {}) {
|
|
1020
|
-
let lockPath = await (0, _fs.findUp)(Object.keys(LOCKS), {
|
|
1002
|
+
let lockPath = await (0, _fs$1.findUp)(Object.keys(LOCKS), {
|
|
1021
1003
|
cwd
|
|
1022
1004
|
});
|
|
1023
1005
|
const isHiddenLockFile = lockPath?.endsWith('.package-lock.json') ?? false;
|
|
1024
|
-
const pkgJsonPath = lockPath ? _nodePath$3.resolve(lockPath, `${isHiddenLockFile ? '../' : ''}../package.json`) : await (0, _fs.findUp)('package.json', {
|
|
1006
|
+
const pkgJsonPath = lockPath ? _nodePath$3.resolve(lockPath, `${isHiddenLockFile ? '../' : ''}../package.json`) : await (0, _fs$1.findUp)('package.json', {
|
|
1025
1007
|
cwd
|
|
1026
1008
|
});
|
|
1009
|
+
const pkgPath = (0, _fs$1.existsSync)(pkgJsonPath) ? _nodePath$3.dirname(pkgJsonPath) : undefined;
|
|
1010
|
+
const pkgJson = pkgPath ? await _packageJson$1.load(pkgPath) : undefined;
|
|
1027
1011
|
// Read Corepack `packageManager` field in package.json:
|
|
1028
1012
|
// https://nodejs.org/api/packages.html#packagemanager
|
|
1029
|
-
const
|
|
1030
|
-
const pkgJson = typeof pkgJsonStr === 'string' ? (0, _json.parseJSONObject)(pkgJsonStr) ?? undefined : undefined;
|
|
1031
|
-
const pkgManager = (0, _strings$1.isNonEmptyString)(pkgJson?.['packageManager']) ? pkgJson['packageManager'] : undefined;
|
|
1013
|
+
const pkgManager = (0, _strings$1.isNonEmptyString)(pkgJson?.content?.packageManager) ? pkgJson.content.packageManager : undefined;
|
|
1032
1014
|
let agent;
|
|
1033
1015
|
let agentVersion;
|
|
1034
1016
|
if (pkgManager) {
|
|
@@ -1057,25 +1039,20 @@ async function detect({
|
|
|
1057
1039
|
node: true
|
|
1058
1040
|
};
|
|
1059
1041
|
let lockSrc;
|
|
1060
|
-
let isPrivate = false;
|
|
1061
|
-
let isWorkspace = false;
|
|
1062
1042
|
let minimumNodeVersion = maintainedNodeVersions.previous;
|
|
1063
1043
|
if (pkgJson) {
|
|
1064
|
-
const
|
|
1065
|
-
isPrivate = !!pkgJson['private'];
|
|
1066
|
-
isWorkspace = !!pkgJson['workspaces'] || (0, _fs.existsSync)(_nodePath$3.join(pkgPath, `${PNPM_WORKSPACE}.yaml`)) || (0, _fs.existsSync)(_nodePath$3.join(pkgPath, `${PNPM_WORKSPACE}.yml`));
|
|
1067
|
-
const browserField = pkgJson['browser'];
|
|
1044
|
+
const browserField = pkgJson.content.browser;
|
|
1068
1045
|
if ((0, _strings$1.isNonEmptyString)(browserField) || (0, _objects$1.isObjectObject)(browserField)) {
|
|
1069
1046
|
targets.browser = true;
|
|
1070
1047
|
}
|
|
1071
|
-
const nodeRange = pkgJson
|
|
1048
|
+
const nodeRange = pkgJson.content.engines?.['node'];
|
|
1072
1049
|
if ((0, _strings$1.isNonEmptyString)(nodeRange)) {
|
|
1073
1050
|
const coerced = _semver$1.coerce(nodeRange);
|
|
1074
1051
|
if (coerced && _semver$1.lt(coerced, minimumNodeVersion)) {
|
|
1075
1052
|
minimumNodeVersion = coerced.version;
|
|
1076
1053
|
}
|
|
1077
1054
|
}
|
|
1078
|
-
const browserslistQuery = pkgJson['browserslist'];
|
|
1055
|
+
const browserslistQuery = pkgJson.content['browserslist'];
|
|
1079
1056
|
if (Array.isArray(browserslistQuery)) {
|
|
1080
1057
|
const browserslistTargets = _browserslist(browserslistQuery).map(s => s.toLowerCase()).toSorted(alphaNumericComparator);
|
|
1081
1058
|
const browserslistNodeTargets = browserslistTargets.filter(v => v.startsWith('node ')).map(v => v.slice(5 /*'node '.length*/));
|
|
@@ -1098,14 +1075,11 @@ async function detect({
|
|
|
1098
1075
|
agent,
|
|
1099
1076
|
agentExecPath,
|
|
1100
1077
|
agentVersion,
|
|
1101
|
-
isPrivate,
|
|
1102
|
-
isWorkspace,
|
|
1103
1078
|
lockPath,
|
|
1104
1079
|
lockSrc,
|
|
1105
1080
|
minimumNodeVersion,
|
|
1106
1081
|
pkgJson,
|
|
1107
|
-
|
|
1108
|
-
pkgJsonStr,
|
|
1082
|
+
pkgPath,
|
|
1109
1083
|
supported: targets.browser || targets.node,
|
|
1110
1084
|
targets
|
|
1111
1085
|
};
|
|
@@ -1198,27 +1172,32 @@ Object.defineProperty(optimize$1, "__esModule", {
|
|
|
1198
1172
|
value: true
|
|
1199
1173
|
});
|
|
1200
1174
|
optimize$1.optimize = void 0;
|
|
1175
|
+
var _promises$2 = require$$1$4;
|
|
1201
1176
|
var _nodePath$2 = require$$1;
|
|
1202
1177
|
var _promiseSpawn$2 = require$$1$1;
|
|
1203
|
-
var _packageJson = require$$3
|
|
1204
|
-
var _registry = require$$
|
|
1178
|
+
var _packageJson = require$$1$3;
|
|
1179
|
+
var _registry = require$$5$1;
|
|
1205
1180
|
var _meow$m = _interopRequireDefault$n(vendor.build);
|
|
1206
|
-
var _npmPackageArg = require$$
|
|
1181
|
+
var _npmPackageArg = require$$7;
|
|
1207
1182
|
var _ora$i = _interopRequireDefault$n(vendor.ora);
|
|
1208
|
-
var _pacote = require$$
|
|
1209
|
-
var _semver = require$$3
|
|
1183
|
+
var _pacote = require$$9;
|
|
1184
|
+
var _semver = require$$3;
|
|
1185
|
+
var _tinyglobby = require$$11;
|
|
1186
|
+
var _yaml = require$$12;
|
|
1210
1187
|
var _flags$j = flags$1;
|
|
1211
1188
|
var _formatting$k = formatting;
|
|
1189
|
+
var _fs = fs;
|
|
1212
1190
|
var _objects = sdk.objects;
|
|
1213
1191
|
var _packageManagerDetector = packageManagerDetector;
|
|
1214
|
-
var
|
|
1192
|
+
var _promises2 = promises;
|
|
1215
1193
|
var _regexps = regexps;
|
|
1216
1194
|
var _sorts$1 = sorts;
|
|
1217
1195
|
var _strings = strings;
|
|
1218
|
-
const distPath$1 = __dirname;
|
|
1219
1196
|
const COMMAND_TITLE = 'Socket Optimize';
|
|
1220
1197
|
const OVERRIDES_FIELD_NAME = 'overrides';
|
|
1198
|
+
const PNPM_WORKSPACE = 'pnpm-workspace';
|
|
1221
1199
|
const RESOLUTIONS_FIELD_NAME = 'resolutions';
|
|
1200
|
+
const distPath$1 = __dirname;
|
|
1222
1201
|
const manifestNpmOverrides = (0, _registry.getManifestData)('npm');
|
|
1223
1202
|
const packumentCache = new Map();
|
|
1224
1203
|
const getOverridesDataByAgent = {
|
|
@@ -1278,47 +1257,33 @@ const lockIncludesByAgent = {
|
|
|
1278
1257
|
}
|
|
1279
1258
|
};
|
|
1280
1259
|
const updateManifestByAgent = {
|
|
1281
|
-
|
|
1282
|
-
|
|
1283
|
-
editablePkgJson.update({
|
|
1284
|
-
__proto__: null,
|
|
1260
|
+
npm(pkgJson, overrides) {
|
|
1261
|
+
pkgJson.update({
|
|
1285
1262
|
[OVERRIDES_FIELD_NAME]: overrides
|
|
1286
1263
|
});
|
|
1287
1264
|
},
|
|
1288
|
-
pnpm(
|
|
1289
|
-
|
|
1265
|
+
pnpm(pkgJson, overrides) {
|
|
1266
|
+
pkgJson.update({
|
|
1290
1267
|
pnpm: {
|
|
1291
|
-
|
|
1292
|
-
...editablePkgJson.content['pnpm'],
|
|
1268
|
+
...pkgJson.content['pnpm'],
|
|
1293
1269
|
[OVERRIDES_FIELD_NAME]: overrides
|
|
1294
1270
|
}
|
|
1295
1271
|
});
|
|
1296
1272
|
},
|
|
1297
|
-
yarn(
|
|
1298
|
-
|
|
1299
|
-
__proto__: null,
|
|
1273
|
+
yarn(pkgJson, overrides) {
|
|
1274
|
+
pkgJson.update({
|
|
1300
1275
|
[RESOLUTIONS_FIELD_NAME]: overrides
|
|
1301
1276
|
});
|
|
1302
1277
|
}
|
|
1303
1278
|
};
|
|
1304
|
-
|
|
1305
|
-
agent,
|
|
1306
|
-
isPrivate,
|
|
1307
|
-
isWorkspace,
|
|
1308
|
-
lockSrc,
|
|
1309
|
-
lockIncludes,
|
|
1310
|
-
manifestEntries,
|
|
1311
|
-
pkgJsonPath,
|
|
1312
|
-
pin
|
|
1313
|
-
}, state) {
|
|
1314
|
-
const editablePkgJson = await _packageJson.load(_nodePath$2.dirname(pkgJsonPath));
|
|
1279
|
+
function getDependencyEntries(pkgJson) {
|
|
1315
1280
|
const {
|
|
1316
1281
|
dependencies,
|
|
1317
1282
|
devDependencies,
|
|
1318
|
-
|
|
1319
|
-
|
|
1320
|
-
} =
|
|
1321
|
-
|
|
1283
|
+
optionalDependencies,
|
|
1284
|
+
peerDependencies
|
|
1285
|
+
} = pkgJson;
|
|
1286
|
+
return [['dependencies', dependencies ? {
|
|
1322
1287
|
__proto__: null,
|
|
1323
1288
|
...dependencies
|
|
1324
1289
|
} : undefined], ['devDependencies', devDependencies ? {
|
|
@@ -1333,16 +1298,71 @@ async function addOverrides({
|
|
|
1333
1298
|
} : undefined]].filter(({
|
|
1334
1299
|
1: o
|
|
1335
1300
|
}) => o);
|
|
1301
|
+
}
|
|
1302
|
+
async function getWorkspaces(agent, pkgPath, pkgJson) {
|
|
1303
|
+
if (agent !== 'pnpm') {
|
|
1304
|
+
return Array.isArray(pkgJson['workspaces']) ? pkgJson['workspaces'].filter(_strings.isNonEmptyString) : undefined;
|
|
1305
|
+
}
|
|
1306
|
+
for (const workspacePath of [_nodePath$2.join(pkgPath, `${PNPM_WORKSPACE}.yaml`), _nodePath$2.join(pkgPath, `${PNPM_WORKSPACE}.yml`)]) {
|
|
1307
|
+
if ((0, _fs.existsSync)(workspacePath)) {
|
|
1308
|
+
let packages;
|
|
1309
|
+
try {
|
|
1310
|
+
// eslint-disable-next-line no-await-in-loop
|
|
1311
|
+
packages = (0, _yaml.parse)(await _promises$2.readFile(workspacePath, 'utf8'))?.packages;
|
|
1312
|
+
} catch {}
|
|
1313
|
+
if (Array.isArray(packages)) {
|
|
1314
|
+
return packages.filter(_strings.isNonEmptyString);
|
|
1315
|
+
}
|
|
1316
|
+
}
|
|
1317
|
+
}
|
|
1318
|
+
return undefined;
|
|
1319
|
+
}
|
|
1320
|
+
function workspaceToGlobPattern(workspace) {
|
|
1321
|
+
const {
|
|
1322
|
+
length
|
|
1323
|
+
} = workspace;
|
|
1324
|
+
// If the workspace ends with "/"
|
|
1325
|
+
if (workspace.charCodeAt(length - 1) === 47 /*'/'*/) {
|
|
1326
|
+
return `${workspace}/*/package.json`;
|
|
1327
|
+
}
|
|
1328
|
+
// If the workspace ends with "/**"
|
|
1329
|
+
if (workspace.charCodeAt(length - 1) === 42 /*'*'*/ && workspace.charCodeAt(length - 2) === 42 /*'*'*/ && workspace.charCodeAt(length - 3) === 47 /*'/'*/) {
|
|
1330
|
+
return `${workspace}/*/**/package.json`;
|
|
1331
|
+
}
|
|
1332
|
+
// Things like "packages/a" or "packages/*"
|
|
1333
|
+
return `${workspace}/package.json`;
|
|
1334
|
+
}
|
|
1335
|
+
async function addOverrides({
|
|
1336
|
+
agent,
|
|
1337
|
+
lockIncludes,
|
|
1338
|
+
lockSrc,
|
|
1339
|
+
manifestEntries,
|
|
1340
|
+
pkgJson: editablePkgJson,
|
|
1341
|
+
pkgPath,
|
|
1342
|
+
pin,
|
|
1343
|
+
rootPath
|
|
1344
|
+
}, state = {
|
|
1345
|
+
added: new Set(),
|
|
1346
|
+
updated: new Set()
|
|
1347
|
+
}) {
|
|
1348
|
+
if (editablePkgJson === undefined) {
|
|
1349
|
+
editablePkgJson = await _packageJson.load(pkgPath);
|
|
1350
|
+
}
|
|
1351
|
+
const pkgJson = editablePkgJson.content;
|
|
1352
|
+
const isRoot = pkgPath === rootPath;
|
|
1353
|
+
const depEntries = getDependencyEntries(pkgJson);
|
|
1354
|
+
const workspaces = await getWorkspaces(agent, pkgPath, pkgJson);
|
|
1355
|
+
const isWorkspace = !!workspaces;
|
|
1336
1356
|
const overridesDataObjects = [];
|
|
1337
|
-
if (
|
|
1338
|
-
overridesDataObjects.push(getOverridesDataByAgent[agent](
|
|
1357
|
+
if (pkgJson['private'] || isWorkspace) {
|
|
1358
|
+
overridesDataObjects.push(getOverridesDataByAgent[agent](pkgJson));
|
|
1339
1359
|
} else {
|
|
1340
|
-
overridesDataObjects.push(getOverridesDataByAgent['npm'](
|
|
1360
|
+
overridesDataObjects.push(getOverridesDataByAgent['npm'](pkgJson), getOverridesDataByAgent['yarn'](pkgJson));
|
|
1341
1361
|
}
|
|
1362
|
+
const spinner = isRoot ? (0, _ora$i.default)('Fetching override manifests...').start() : undefined;
|
|
1342
1363
|
const depAliasMap = new Map();
|
|
1343
|
-
const spinner = (0, _ora$i.default)(`Fetching override manifests...`).start();
|
|
1344
1364
|
// Chunk package names to process them in parallel 3 at a time.
|
|
1345
|
-
await (0,
|
|
1365
|
+
await (0, _promises2.pEach)(manifestEntries, 3, async ({
|
|
1346
1366
|
1: data
|
|
1347
1367
|
}) => {
|
|
1348
1368
|
const {
|
|
@@ -1350,6 +1370,7 @@ async function addOverrides({
|
|
|
1350
1370
|
package: origPkgName,
|
|
1351
1371
|
version
|
|
1352
1372
|
} = data;
|
|
1373
|
+
const major = _semver.major(version);
|
|
1353
1374
|
for (const {
|
|
1354
1375
|
1: depObj
|
|
1355
1376
|
} of depEntries) {
|
|
@@ -1373,24 +1394,37 @@ async function addOverrides({
|
|
|
1373
1394
|
});
|
|
1374
1395
|
}
|
|
1375
1396
|
}
|
|
1397
|
+
if (!isRoot) {
|
|
1398
|
+
return;
|
|
1399
|
+
}
|
|
1376
1400
|
// Chunk package names to process them in parallel 3 at a time.
|
|
1377
|
-
await (0,
|
|
1401
|
+
await (0, _promises2.pEach)(overridesDataObjects, 3, async ({
|
|
1378
1402
|
overrides,
|
|
1379
1403
|
type
|
|
1380
1404
|
}) => {
|
|
1381
1405
|
const overrideExists = (0, _objects.hasOwn)(overrides, origPkgName);
|
|
1382
1406
|
if (overrideExists || lockIncludes(lockSrc, origPkgName)) {
|
|
1383
|
-
|
|
1384
|
-
// depends on unless both the dependency and the override itself share
|
|
1385
|
-
// the exact same spec. To make this limitation easier to deal with,
|
|
1386
|
-
// overrides may also be defined as a reference to a spec for a direct
|
|
1387
|
-
// dependency by prefixing the name of the package to match the version
|
|
1388
|
-
// of with a $.
|
|
1389
|
-
// https://docs.npmjs.com/cli/v8/configuring-npm/package-json#overrides
|
|
1390
|
-
const oldSpec = overrides[origPkgName];
|
|
1407
|
+
const oldSpec = overrideExists ? overrides[origPkgName] : undefined;
|
|
1391
1408
|
const depAlias = depAliasMap.get(origPkgName);
|
|
1392
|
-
|
|
1393
|
-
|
|
1409
|
+
let newSpec = `npm:${regPkgName}@^${pin ? version : major}`;
|
|
1410
|
+
let thisVersion = version;
|
|
1411
|
+
if (depAlias && type === 'npm') {
|
|
1412
|
+
// With npm one may not set an override for a package that one directly
|
|
1413
|
+
// depends on unless both the dependency and the override itself share
|
|
1414
|
+
// the exact same spec. To make this limitation easier to deal with,
|
|
1415
|
+
// overrides may also be defined as a reference to a spec for a direct
|
|
1416
|
+
// dependency by prefixing the name of the package to match the version
|
|
1417
|
+
// of with a $.
|
|
1418
|
+
// https://docs.npmjs.com/cli/v8/configuring-npm/package-json#overrides
|
|
1419
|
+
newSpec = `$${origPkgName}`;
|
|
1420
|
+
} else if (overrideExists && pin) {
|
|
1421
|
+
const thisSpec = oldSpec.startsWith('$') ? depAlias?.id ?? newSpec : oldSpec ?? newSpec;
|
|
1422
|
+
thisVersion = _semver.coerce(_npmPackageArg(thisSpec).rawSpec)?.version ?? version;
|
|
1423
|
+
if (_semver.major(thisVersion) !== major) {
|
|
1424
|
+
thisVersion = (await fetchPackageManifest(thisSpec))?.version ?? version;
|
|
1425
|
+
}
|
|
1426
|
+
newSpec = `npm:${regPkgName}@^${pin ? thisVersion : _semver.major(thisVersion)}`;
|
|
1427
|
+
}
|
|
1394
1428
|
if (newSpec !== oldSpec) {
|
|
1395
1429
|
if (overrideExists) {
|
|
1396
1430
|
state.updated.add(regPkgName);
|
|
@@ -1402,7 +1436,34 @@ async function addOverrides({
|
|
|
1402
1436
|
}
|
|
1403
1437
|
});
|
|
1404
1438
|
});
|
|
1405
|
-
|
|
1439
|
+
if (workspaces) {
|
|
1440
|
+
const wsPkgJsonPaths = await (0, _tinyglobby.glob)(workspaces.map(workspaceToGlobPattern), {
|
|
1441
|
+
absolute: true,
|
|
1442
|
+
cwd: pkgPath
|
|
1443
|
+
});
|
|
1444
|
+
// Chunk package names to process them in parallel 3 at a time.
|
|
1445
|
+
await (0, _promises2.pEach)(wsPkgJsonPaths, 3, async wsPkgJsonPath => {
|
|
1446
|
+
const {
|
|
1447
|
+
added,
|
|
1448
|
+
updated
|
|
1449
|
+
} = await addOverrides({
|
|
1450
|
+
agent,
|
|
1451
|
+
lockSrc,
|
|
1452
|
+
lockIncludes,
|
|
1453
|
+
manifestEntries,
|
|
1454
|
+
pin,
|
|
1455
|
+
pkgPath: _nodePath$2.dirname(wsPkgJsonPath),
|
|
1456
|
+
rootPath
|
|
1457
|
+
});
|
|
1458
|
+
for (const regPkgName of added) {
|
|
1459
|
+
state.added.add(regPkgName);
|
|
1460
|
+
}
|
|
1461
|
+
for (const regPkgName of updated) {
|
|
1462
|
+
state.updated.add(regPkgName);
|
|
1463
|
+
}
|
|
1464
|
+
});
|
|
1465
|
+
}
|
|
1466
|
+
spinner?.stop();
|
|
1406
1467
|
if (state.added.size || state.updated.size) {
|
|
1407
1468
|
editablePkgJson.update(Object.fromEntries(depEntries));
|
|
1408
1469
|
for (const {
|
|
@@ -1417,7 +1478,6 @@ async function addOverrides({
|
|
|
1417
1478
|
}
|
|
1418
1479
|
async function fetchPackageManifest(pkgNameOrId, options) {
|
|
1419
1480
|
const pacoteOptions = {
|
|
1420
|
-
__proto__: null,
|
|
1421
1481
|
...options,
|
|
1422
1482
|
packumentCache,
|
|
1423
1483
|
preferOffline: true
|
|
@@ -1453,13 +1513,11 @@ const optimize = optimize$1.optimize = {
|
|
|
1453
1513
|
const {
|
|
1454
1514
|
agent,
|
|
1455
1515
|
agentExecPath,
|
|
1456
|
-
isPrivate,
|
|
1457
|
-
isWorkspace,
|
|
1458
1516
|
lockSrc,
|
|
1459
1517
|
lockPath,
|
|
1460
1518
|
minimumNodeVersion,
|
|
1461
|
-
pkgJsonPath,
|
|
1462
1519
|
pkgJson,
|
|
1520
|
+
pkgPath,
|
|
1463
1521
|
supported
|
|
1464
1522
|
} = await (0, _packageManagerDetector.detect)({
|
|
1465
1523
|
cwd,
|
|
@@ -1476,7 +1534,7 @@ const optimize = optimize$1.optimize = {
|
|
|
1476
1534
|
console.log(`✘ ${COMMAND_TITLE}: No ${lockName} found`);
|
|
1477
1535
|
return;
|
|
1478
1536
|
}
|
|
1479
|
-
if (
|
|
1537
|
+
if (pkgPath === undefined) {
|
|
1480
1538
|
console.log(`✘ ${COMMAND_TITLE}: No package.json found`);
|
|
1481
1539
|
return;
|
|
1482
1540
|
}
|
|
@@ -1494,18 +1552,17 @@ const optimize = optimize$1.optimize = {
|
|
|
1494
1552
|
1: data
|
|
1495
1553
|
}) => _semver.satisfies(_semver.coerce(data.engines.node), nodeRange));
|
|
1496
1554
|
await addOverrides({
|
|
1497
|
-
__proto__: null,
|
|
1498
1555
|
agent: agent === 'bun' ? 'yarn' : agent,
|
|
1499
|
-
isPrivate,
|
|
1500
|
-
isWorkspace,
|
|
1501
1556
|
lockIncludes,
|
|
1502
1557
|
lockSrc,
|
|
1503
1558
|
manifestEntries,
|
|
1504
1559
|
pin,
|
|
1505
|
-
|
|
1560
|
+
pkgJson,
|
|
1561
|
+
pkgPath,
|
|
1562
|
+
rootPath: pkgPath
|
|
1506
1563
|
}, state);
|
|
1507
1564
|
}
|
|
1508
|
-
const pkgJsonChanged = state.
|
|
1565
|
+
const pkgJsonChanged = state.added.size > 0 || state.updated.size > 0;
|
|
1509
1566
|
if (state.updated.size > 0) {
|
|
1510
1567
|
console.log(`Updated ${state.updated.size} Socket.dev optimized overrides ${state.added.size ? '.' : '🚀'}`);
|
|
1511
1568
|
}
|
|
@@ -1526,7 +1583,6 @@ const optimize = optimize$1.optimize = {
|
|
|
1526
1583
|
await _promiseSpawn$2(process.execPath, [wrapperPath, 'install'], {
|
|
1527
1584
|
stdio: 'pipe',
|
|
1528
1585
|
env: {
|
|
1529
|
-
__proto__: null,
|
|
1530
1586
|
...process.env,
|
|
1531
1587
|
UPDATE_SOCKET_OVERRIDES_IN_PACKAGE_LOCK_FILE: '1'
|
|
1532
1588
|
}
|
|
@@ -1552,7 +1608,6 @@ const optimize = optimize$1.optimize = {
|
|
|
1552
1608
|
|
|
1553
1609
|
function setupCommand$l(name, description, argv, importMeta) {
|
|
1554
1610
|
const flags = {
|
|
1555
|
-
__proto__: null,
|
|
1556
1611
|
..._flags$j.commonFlags,
|
|
1557
1612
|
pin: {
|
|
1558
1613
|
type: 'boolean',
|
|
@@ -1668,7 +1723,6 @@ const rawNpm = rawNpm$1.rawNpm = {
|
|
|
1668
1723
|
};
|
|
1669
1724
|
async function setupCommand$j(name, description, argv, importMeta) {
|
|
1670
1725
|
const flags = {
|
|
1671
|
-
__proto__: null,
|
|
1672
1726
|
..._flags$i.commonFlags,
|
|
1673
1727
|
..._flags$i.validationFlags
|
|
1674
1728
|
};
|
|
@@ -1729,7 +1783,6 @@ const rawNpx = rawNpx$1.rawNpx = {
|
|
|
1729
1783
|
};
|
|
1730
1784
|
async function setupCommand$i(name, description, argv, importMeta) {
|
|
1731
1785
|
const flags = {
|
|
1732
|
-
__proto__: null,
|
|
1733
1786
|
..._flags$h.commonFlags,
|
|
1734
1787
|
..._flags$h.validationFlags
|
|
1735
1788
|
};
|
|
@@ -1814,7 +1867,6 @@ const view$2 = view$3.view = {
|
|
|
1814
1867
|
|
|
1815
1868
|
function setupCommand$h(name, description, argv, importMeta) {
|
|
1816
1869
|
const flags = {
|
|
1817
|
-
__proto__: null,
|
|
1818
1870
|
..._flags$g.commonFlags,
|
|
1819
1871
|
..._flags$g.outputFlags,
|
|
1820
1872
|
..._flags$g.validationFlags
|
|
@@ -1925,8 +1977,8 @@ Object.defineProperty(create$5, "__esModule", {
|
|
|
1925
1977
|
});
|
|
1926
1978
|
create$5.create = void 0;
|
|
1927
1979
|
var _nodePath$1 = require$$1;
|
|
1928
|
-
var _betterAjvErrors = require$$2;
|
|
1929
|
-
var _config = require$$3$
|
|
1980
|
+
var _betterAjvErrors = require$$2$1;
|
|
1981
|
+
var _config = require$$3$1;
|
|
1930
1982
|
var _meow$h = _interopRequireDefault$i(vendor.build);
|
|
1931
1983
|
var _ora$f = _interopRequireDefault$i(vendor.ora);
|
|
1932
1984
|
var _ponyCause$2 = require$$6;
|
|
@@ -1995,7 +2047,6 @@ const create$4 = create$5.create = {
|
|
|
1995
2047
|
|
|
1996
2048
|
async function setupCommand$g(name, description, argv, importMeta) {
|
|
1997
2049
|
const flags = {
|
|
1998
|
-
__proto__: null,
|
|
1999
2050
|
..._flags$f.commonFlags,
|
|
2000
2051
|
..._flags$f.outputFlags,
|
|
2001
2052
|
..._flags$f.validationFlags,
|
|
@@ -2183,7 +2234,6 @@ async function meowWithSubcommands(subcommands, options) {
|
|
|
2183
2234
|
}
|
|
2184
2235
|
}
|
|
2185
2236
|
const flags = {
|
|
2186
|
-
__proto__: null,
|
|
2187
2237
|
..._flags$e.commonFlags,
|
|
2188
2238
|
...additionalOptions.flags
|
|
2189
2239
|
};
|
|
@@ -2245,8 +2295,8 @@ Object.defineProperty(wrapper$1, "__esModule", {
|
|
|
2245
2295
|
});
|
|
2246
2296
|
wrapper$1.wrapper = void 0;
|
|
2247
2297
|
var _nodeFs$2 = require$$0;
|
|
2248
|
-
var _nodeOs = require$$2$
|
|
2249
|
-
var _nodeReadline = require$$3$
|
|
2298
|
+
var _nodeOs = require$$2$2;
|
|
2299
|
+
var _nodeReadline = require$$3$2;
|
|
2250
2300
|
var _meow$f = _interopRequireDefault$g(vendor.build);
|
|
2251
2301
|
var _flags$d = flags$1;
|
|
2252
2302
|
var _formatting$e = formatting;
|
|
@@ -2406,7 +2456,7 @@ Object.defineProperty(create$3, "__esModule", {
|
|
|
2406
2456
|
});
|
|
2407
2457
|
create$3.create = void 0;
|
|
2408
2458
|
var _nodeProcess = require$$0$1;
|
|
2409
|
-
var _promises$1 = require$$2$
|
|
2459
|
+
var _promises$1 = require$$2$3;
|
|
2410
2460
|
var _chalk$e = _interopRequireDefault$f(vendor.source);
|
|
2411
2461
|
var _meow$e = _interopRequireDefault$f(vendor.build);
|
|
2412
2462
|
var _open = _interopRequireDefault$f(vendor.open);
|
|
@@ -2643,7 +2693,6 @@ const del$1 = _delete$3.del = {
|
|
|
2643
2693
|
|
|
2644
2694
|
function setupCommand$d(name, description, argv, importMeta) {
|
|
2645
2695
|
const flags = {
|
|
2646
|
-
__proto__: null,
|
|
2647
2696
|
..._flags$c.commonFlags,
|
|
2648
2697
|
..._flags$c.outputFlags
|
|
2649
2698
|
};
|
|
@@ -2701,7 +2750,7 @@ Object.defineProperty(list$3, "__esModule", {
|
|
|
2701
2750
|
});
|
|
2702
2751
|
list$3.list = void 0;
|
|
2703
2752
|
var _chalk$c = _interopRequireDefault$d(vendor.source);
|
|
2704
|
-
var _chalkTable$3 = require$$2$
|
|
2753
|
+
var _chalkTable$3 = require$$2$4;
|
|
2705
2754
|
var _meow$c = _interopRequireDefault$d(vendor.build);
|
|
2706
2755
|
var _ora$c = _interopRequireDefault$d(vendor.ora);
|
|
2707
2756
|
var _flags$b = flags$1;
|
|
@@ -2772,7 +2821,6 @@ const listFullScanFlags = {
|
|
|
2772
2821
|
|
|
2773
2822
|
function setupCommand$c(name, description, argv, importMeta) {
|
|
2774
2823
|
const flags = {
|
|
2775
|
-
__proto__: null,
|
|
2776
2824
|
..._flags$b.commonFlags,
|
|
2777
2825
|
...listFullScanFlags,
|
|
2778
2826
|
..._flags$b.outputFlags
|
|
@@ -2893,7 +2941,6 @@ const metadata = metadata$1.metadata = {
|
|
|
2893
2941
|
|
|
2894
2942
|
function setupCommand$b(name, description, argv, importMeta) {
|
|
2895
2943
|
const flags = {
|
|
2896
|
-
__proto__: null,
|
|
2897
2944
|
..._flags$a.commonFlags,
|
|
2898
2945
|
..._flags$a.outputFlags
|
|
2899
2946
|
};
|
|
@@ -2982,7 +3029,6 @@ const stream = stream$1.stream = {
|
|
|
2982
3029
|
|
|
2983
3030
|
function setupCommand$a(name, description, argv, importMeta) {
|
|
2984
3031
|
const flags = {
|
|
2985
|
-
__proto__: null,
|
|
2986
3032
|
..._flags$9.commonFlags,
|
|
2987
3033
|
..._flags$9.outputFlags
|
|
2988
3034
|
};
|
|
@@ -3123,7 +3169,6 @@ const auditLogFlags = {
|
|
|
3123
3169
|
|
|
3124
3170
|
function setupCommand$9(name, description, argv, importMeta) {
|
|
3125
3171
|
const flags = {
|
|
3126
|
-
__proto__: null,
|
|
3127
3172
|
...auditLogFlags,
|
|
3128
3173
|
..._flags$8.commonFlags,
|
|
3129
3174
|
..._flags$8.outputFlags
|
|
@@ -3276,7 +3321,6 @@ const repositoryCreationFlags = {
|
|
|
3276
3321
|
|
|
3277
3322
|
function setupCommand$8(name, description, argv, importMeta) {
|
|
3278
3323
|
const flags = {
|
|
3279
|
-
__proto__: null,
|
|
3280
3324
|
..._flags$7.commonFlags,
|
|
3281
3325
|
..._flags$7.outputFlags,
|
|
3282
3326
|
...repositoryCreationFlags
|
|
@@ -3417,7 +3461,7 @@ Object.defineProperty(list$1, "__esModule", {
|
|
|
3417
3461
|
});
|
|
3418
3462
|
list$1.list = void 0;
|
|
3419
3463
|
var _chalk$6 = _interopRequireDefault$7(vendor.source);
|
|
3420
|
-
var _chalkTable$2 = require$$2$
|
|
3464
|
+
var _chalkTable$2 = require$$2$4;
|
|
3421
3465
|
var _meow$6 = _interopRequireDefault$7(vendor.build);
|
|
3422
3466
|
var _ora$6 = _interopRequireDefault$7(vendor.ora);
|
|
3423
3467
|
var _flags$6 = flags$1;
|
|
@@ -3475,7 +3519,6 @@ const listRepoFlags = {
|
|
|
3475
3519
|
|
|
3476
3520
|
function setupCommand$6(name, description, argv, importMeta) {
|
|
3477
3521
|
const flags = {
|
|
3478
|
-
__proto__: null,
|
|
3479
3522
|
..._flags$6.commonFlags,
|
|
3480
3523
|
...listRepoFlags,
|
|
3481
3524
|
..._flags$6.outputFlags
|
|
@@ -3616,7 +3659,6 @@ const repositoryUpdateFlags = {
|
|
|
3616
3659
|
|
|
3617
3660
|
function setupCommand$5(name, description, argv, importMeta) {
|
|
3618
3661
|
const flags = {
|
|
3619
|
-
__proto__: null,
|
|
3620
3662
|
..._flags$5.commonFlags,
|
|
3621
3663
|
..._flags$5.outputFlags,
|
|
3622
3664
|
...repositoryUpdateFlags
|
|
@@ -3682,7 +3724,7 @@ Object.defineProperty(view$1, "__esModule", {
|
|
|
3682
3724
|
});
|
|
3683
3725
|
view$1.view = void 0;
|
|
3684
3726
|
var _chalk$4 = _interopRequireDefault$5(vendor.source);
|
|
3685
|
-
var _chalkTable$1 = require$$2$
|
|
3727
|
+
var _chalkTable$1 = require$$2$4;
|
|
3686
3728
|
var _meow$4 = _interopRequireDefault$5(vendor.build);
|
|
3687
3729
|
var _ora$4 = _interopRequireDefault$5(vendor.ora);
|
|
3688
3730
|
var _flags$4 = flags$1;
|
|
@@ -3715,7 +3757,6 @@ const view = view$1.view = {
|
|
|
3715
3757
|
|
|
3716
3758
|
function setupCommand$4(name, description, argv, importMeta) {
|
|
3717
3759
|
const flags = {
|
|
3718
|
-
__proto__: null,
|
|
3719
3760
|
..._flags$4.commonFlags,
|
|
3720
3761
|
..._flags$4.outputFlags
|
|
3721
3762
|
};
|
|
@@ -3828,7 +3869,7 @@ Object.defineProperty(dependencies$1, "__esModule", {
|
|
|
3828
3869
|
});
|
|
3829
3870
|
dependencies$1.dependencies = void 0;
|
|
3830
3871
|
var _chalk$3 = _interopRequireDefault$4(vendor.source);
|
|
3831
|
-
var _chalkTable = require$$2$
|
|
3872
|
+
var _chalkTable = require$$2$4;
|
|
3832
3873
|
var _meow$3 = _interopRequireDefault$4(vendor.build);
|
|
3833
3874
|
var _ora$3 = _interopRequireDefault$4(vendor.ora);
|
|
3834
3875
|
var _flags$3 = flags$1;
|
|
@@ -3869,7 +3910,6 @@ const dependenciesFlags = {
|
|
|
3869
3910
|
|
|
3870
3911
|
function setupCommand$3(name, description, argv, importMeta) {
|
|
3871
3912
|
const flags = {
|
|
3872
|
-
__proto__: null,
|
|
3873
3913
|
..._flags$3.commonFlags,
|
|
3874
3914
|
...dependenciesFlags,
|
|
3875
3915
|
..._flags$3.outputFlags
|
|
@@ -3963,8 +4003,8 @@ Object.defineProperty(analytics$1, "__esModule", {
|
|
|
3963
4003
|
});
|
|
3964
4004
|
analytics$1.analytics = void 0;
|
|
3965
4005
|
var _promises = require$$1$4;
|
|
3966
|
-
var _blessed$1 = require$$2$
|
|
3967
|
-
var _blessedContrib$1 = require$$3$
|
|
4006
|
+
var _blessed$1 = require$$2$5;
|
|
4007
|
+
var _blessedContrib$1 = require$$3$3;
|
|
3968
4008
|
var _chalk$2 = _interopRequireDefault$3(vendor.source);
|
|
3969
4009
|
var _meow$2 = _interopRequireDefault$3(vendor.build);
|
|
3970
4010
|
var _ora$2 = _interopRequireDefault$3(vendor.ora);
|
|
@@ -4030,7 +4070,6 @@ const analyticsFlags = {
|
|
|
4030
4070
|
|
|
4031
4071
|
function setupCommand$2(name, description, argv, importMeta) {
|
|
4032
4072
|
const flags = {
|
|
4033
|
-
__proto__: null,
|
|
4034
4073
|
..._flags$2.commonFlags,
|
|
4035
4074
|
..._flags$2.outputFlags,
|
|
4036
4075
|
...analyticsFlags
|
|
@@ -4343,7 +4382,6 @@ const getDiffScanFlags = {
|
|
|
4343
4382
|
|
|
4344
4383
|
function setupCommand$1(name, description, argv, importMeta) {
|
|
4345
4384
|
const flags = {
|
|
4346
|
-
__proto__: null,
|
|
4347
4385
|
..._flags$1.commonFlags,
|
|
4348
4386
|
...getDiffScanFlags,
|
|
4349
4387
|
..._flags$1.outputFlags
|
|
@@ -4460,8 +4498,8 @@ Object.defineProperty(threatFeed$1, "__esModule", {
|
|
|
4460
4498
|
value: true
|
|
4461
4499
|
});
|
|
4462
4500
|
threatFeed$1.threatFeed = void 0;
|
|
4463
|
-
var _blessed = require$$2$
|
|
4464
|
-
var _blessedContrib = require$$3$
|
|
4501
|
+
var _blessed = require$$2$5;
|
|
4502
|
+
var _blessedContrib = require$$3$3;
|
|
4465
4503
|
var _meow = _interopRequireDefault$1(vendor.build);
|
|
4466
4504
|
var _ora = _interopRequireDefault$1(vendor.ora);
|
|
4467
4505
|
var _flags = flags$1;
|
|
@@ -4519,7 +4557,6 @@ const threatFeedFlags = {
|
|
|
4519
4557
|
|
|
4520
4558
|
function setupCommand(name, description, argv, importMeta) {
|
|
4521
4559
|
const flags = {
|
|
4522
|
-
__proto__: null,
|
|
4523
4560
|
..._flags.commonFlags,
|
|
4524
4561
|
..._flags.outputFlags,
|
|
4525
4562
|
...threatFeedFlags
|
|
@@ -4842,7 +4879,7 @@ var _interopRequireWildcard = vendor.interopRequireWildcard.default;
|
|
|
4842
4879
|
var _interopRequireDefault = vendor.interopRequireDefault.default;
|
|
4843
4880
|
var _nodeFs = require$$0;
|
|
4844
4881
|
var _nodePath = require$$1;
|
|
4845
|
-
var _nodeUrl = require$$2$
|
|
4882
|
+
var _nodeUrl = require$$2$6;
|
|
4846
4883
|
var _chalk = _interopRequireDefault(vendor.source);
|
|
4847
4884
|
var _ponyCause = require$$6;
|
|
4848
4885
|
var _updateNotifier = _interopRequireDefault(vendor.updateNotifier);
|
package/dist/link.js
CHANGED
|
@@ -2,7 +2,7 @@
|
|
|
2
2
|
|
|
3
3
|
var require$$0 = require('node:fs');
|
|
4
4
|
var require$$1 = require('node:path');
|
|
5
|
-
var require$$
|
|
5
|
+
var require$$6 = require('which');
|
|
6
6
|
|
|
7
7
|
var link = {};
|
|
8
8
|
|
|
@@ -12,7 +12,7 @@ Object.defineProperty(link, "__esModule", {
|
|
|
12
12
|
link.installLinks = installLinks;
|
|
13
13
|
var _nodeFs = require$$0;
|
|
14
14
|
var _nodePath = require$$1;
|
|
15
|
-
var _which = require$$
|
|
15
|
+
var _which = require$$6;
|
|
16
16
|
function installLinks(realDirname, binName) {
|
|
17
17
|
const realShadowBinDir = realDirname;
|
|
18
18
|
// find package manager being shadowed by this process
|
package/dist/npm-injection.js
CHANGED
|
@@ -8,16 +8,16 @@ var require$$2$1 = require('node:events');
|
|
|
8
8
|
var require$$4 = require('node:https');
|
|
9
9
|
var require$$3 = require('node:readline');
|
|
10
10
|
var require$$5 = require('node:stream');
|
|
11
|
-
var require$$8
|
|
11
|
+
var require$$8 = require('node:timers/promises');
|
|
12
12
|
var require$$3$1 = require('@socketsecurity/config');
|
|
13
|
-
var require$$
|
|
13
|
+
var require$$7 = require('npm-package-arg');
|
|
14
14
|
var require$$3$2 = require('semver');
|
|
15
15
|
var sdk = require('./sdk.js');
|
|
16
16
|
var require$$1$1 = require('node:net');
|
|
17
17
|
var require$$2 = require('node:os');
|
|
18
18
|
var require$$6 = require('../package.json');
|
|
19
19
|
var pathResolve = require('./path-resolve.js');
|
|
20
|
-
var require$$
|
|
20
|
+
var require$$9 = require('pacote');
|
|
21
21
|
|
|
22
22
|
var npmInjection$1 = {};
|
|
23
23
|
|
|
@@ -390,12 +390,12 @@ var _nodeHttps = require$$4;
|
|
|
390
390
|
var _nodePath$1 = require$$1;
|
|
391
391
|
var _nodeReadline = require$$3;
|
|
392
392
|
var _nodeStream = require$$5;
|
|
393
|
-
var _promises = require$$8
|
|
393
|
+
var _promises = require$$8;
|
|
394
394
|
var _config = require$$3$1;
|
|
395
395
|
var _chalk = _interopRequireDefault(vendor.source);
|
|
396
396
|
var _isInteractive = _interopRequireDefault(vendor.isInteractive);
|
|
397
397
|
var _ora = _interopRequireWildcard(vendor.ora);
|
|
398
|
-
var _npmPackageArg = require$$
|
|
398
|
+
var _npmPackageArg = require$$7;
|
|
399
399
|
var _semver = require$$3$2;
|
|
400
400
|
var _constants = sdk.constants;
|
|
401
401
|
var _ttyServer = ttyServer$1;
|
|
@@ -444,7 +444,7 @@ let tarball;
|
|
|
444
444
|
try {
|
|
445
445
|
tarball = require(_nodePath$1.join(npmNmPath, 'pacote')).tarball;
|
|
446
446
|
} catch {
|
|
447
|
-
tarball = require$$
|
|
447
|
+
tarball = require$$9.tarball;
|
|
448
448
|
}
|
|
449
449
|
const Arborist = require(arboristClassPath);
|
|
450
450
|
const Edge = require(arboristEdgeClassPath);
|
package/dist/path-resolve.js
CHANGED
|
@@ -4,7 +4,7 @@ var require$$1$1 = require('node:fs/promises');
|
|
|
4
4
|
var require$$1 = require('node:path');
|
|
5
5
|
var require$$2 = require('ignore');
|
|
6
6
|
var require$$3 = require('micromatch');
|
|
7
|
-
var require$$
|
|
7
|
+
var require$$11 = require('tinyglobby');
|
|
8
8
|
|
|
9
9
|
var pathResolve = {};
|
|
10
10
|
|
|
@@ -51,7 +51,7 @@ var _promises = require$$1$1;
|
|
|
51
51
|
var _nodePath = require$$1;
|
|
52
52
|
var _ignore = require$$2;
|
|
53
53
|
var _micromatch = require$$3;
|
|
54
|
-
var _tinyglobby = require$$
|
|
54
|
+
var _tinyglobby = require$$11;
|
|
55
55
|
var _ignoreByDefault = ignoreByDefault;
|
|
56
56
|
async function filterGlobResultToSupportedFiles(entries, supportedFiles) {
|
|
57
57
|
const patterns = ['golang', 'npm', 'pypi'].reduce((r, n) => {
|
|
@@ -72,7 +72,6 @@ async function globWithGitIgnore(patterns, options) {
|
|
|
72
72
|
};
|
|
73
73
|
const projectIgnorePaths = socketConfig?.projectIgnorePaths;
|
|
74
74
|
const ignoreFiles = await (0, _tinyglobby.glob)(['**/.gitignore'], {
|
|
75
|
-
__proto__: null,
|
|
76
75
|
absolute: true,
|
|
77
76
|
cwd,
|
|
78
77
|
expandDirectories: true
|
|
@@ -80,7 +79,6 @@ async function globWithGitIgnore(patterns, options) {
|
|
|
80
79
|
const ignores = [...(0, _ignoreByDefault.directoryPatterns)(), ...(Array.isArray(projectIgnorePaths) ? ignoreFileLinesToGlobPatterns(projectIgnorePaths, _nodePath.join(cwd, '.gitignore'), cwd) : []), ...(await Promise.all(ignoreFiles.map(async filepath => ignoreFileToGlobPatterns(await _promises.readFile(filepath, 'utf8'), filepath, cwd)))).flat()];
|
|
81
80
|
const hasNegatedPattern = ignores.some(p => p.charCodeAt(0) === 33 /*'!'*/);
|
|
82
81
|
const globOptions = {
|
|
83
|
-
__proto__: null,
|
|
84
82
|
absolute: true,
|
|
85
83
|
cwd,
|
|
86
84
|
expandDirectories: false,
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "socket",
|
|
3
|
-
"version": "0.14.
|
|
3
|
+
"version": "0.14.18",
|
|
4
4
|
"description": "CLI tool for Socket.dev",
|
|
5
5
|
"homepage": "http://github.com/SocketDev/socket-cli",
|
|
6
6
|
"license": "MIT",
|
|
@@ -79,6 +79,7 @@
|
|
|
79
79
|
"tinyglobby": "^0.2.10",
|
|
80
80
|
"which": "^5.0.0",
|
|
81
81
|
"write-file-atomic": "^6.0.0",
|
|
82
|
+
"yaml": "^2.6.0",
|
|
82
83
|
"yargs-parser": "^21.1.1"
|
|
83
84
|
},
|
|
84
85
|
"devDependencies": {
|
|
@@ -145,9 +146,6 @@
|
|
|
145
146
|
"validate-npm-package-name": "^6.0.0"
|
|
146
147
|
},
|
|
147
148
|
"overrides": {
|
|
148
|
-
"@cyclonedx/cdxgen": {
|
|
149
|
-
"packageurl-js": "https://registry.npmjs.org/packageurl-js/-/packageurl-js-2.0.1.tgz"
|
|
150
|
-
},
|
|
151
149
|
"aggregate-error": "npm:@socketregistry/aggregate-error@^1",
|
|
152
150
|
"es-define-property": "npm:@socketregistry/es-define-property@^1",
|
|
153
151
|
"function-bind": "npm:@socketregistry/function-bind@^1",
|
|
@@ -161,12 +159,14 @@
|
|
|
161
159
|
"is-core-module": "npm:@socketregistry/is-core-module@^1",
|
|
162
160
|
"isarray": "npm:@socketregistry/isarray@^1",
|
|
163
161
|
"npm-package-arg": "$npm-package-arg",
|
|
162
|
+
"packageurl-js": "https://registry.npmjs.org/packageurl-js/-/packageurl-js-2.0.1.tgz",
|
|
164
163
|
"path-parse": "npm:@socketregistry/path-parse@^1",
|
|
165
164
|
"safe-buffer": "npm:@socketregistry/safe-buffer@^1",
|
|
166
165
|
"safer-buffer": "npm:@socketregistry/safer-buffer@^1",
|
|
167
166
|
"semver": "$semver",
|
|
168
167
|
"set-function-length": "npm:@socketregistry/set-function-length@^1",
|
|
169
|
-
"side-channel": "npm:@socketregistry/side-channel@^1"
|
|
168
|
+
"side-channel": "npm:@socketregistry/side-channel@^1",
|
|
169
|
+
"yaml": "$yaml"
|
|
170
170
|
},
|
|
171
171
|
"resolutions": {
|
|
172
172
|
"aggregate-error": "npm:@socketregistry/aggregate-error@^1",
|
|
@@ -182,12 +182,14 @@
|
|
|
182
182
|
"is-core-module": "npm:@socketregistry/is-core-module@^1",
|
|
183
183
|
"isarray": "npm:@socketregistry/isarray@^1",
|
|
184
184
|
"npm-package-arg": "^12.0.0",
|
|
185
|
+
"packageurl-js": "https://registry.npmjs.org/packageurl-js/-/packageurl-js-2.0.1.tgz",
|
|
185
186
|
"path-parse": "npm:@socketregistry/path-parse@^1",
|
|
186
187
|
"safe-buffer": "npm:@socketregistry/safe-buffer@^1",
|
|
187
188
|
"safer-buffer": "npm:@socketregistry/safer-buffer@^1",
|
|
188
189
|
"semver": "^7.6.3",
|
|
189
190
|
"set-function-length": "npm:@socketregistry/set-function-length@^1",
|
|
190
|
-
"side-channel": "npm:@socketregistry/side-channel@^1"
|
|
191
|
+
"side-channel": "npm:@socketregistry/side-channel@^1",
|
|
192
|
+
"yaml": "^2.6.0"
|
|
191
193
|
},
|
|
192
194
|
"engines": {
|
|
193
195
|
"node": "^20.9.0 || >=22.0.0"
|