socket 0.14.40-alpha.0 → 0.14.40-alpha.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (5) hide show
  1. package/dist/module-sync/cli.js +2 -1
  2. package/dist/module-sync/npm-injection.js +41 -25
  3. package/dist/require/cli.js +2 -1
  4. package/dist/require/npm-injection.js +41 -25
  5. package/package.json +1 -1
package/dist/module-sync/cli.js CHANGED
@@ -1745,8 +1745,9 @@ const optimize = {
1745
1745
  if (isNpm) {
1746
1746
  console.log(`💡 Re-run ${COMMAND_TITLE} whenever ${lockName} changes.\n This can be skipped once npm ships ${NPM_OVERRIDE_PR_URL}.`);
1747
1747
  }
1748
- } catch {
1748
+ } catch (e) {
1749
1749
  spinner.error(`${COMMAND_TITLE}: ${agent} install failed to update ${lockName}`);
1750
+ console.error(e);
1750
1751
  }
1751
1752
  }
1752
1753
  }
package/dist/module-sync/npm-injection.js CHANGED
@@ -426,17 +426,19 @@ async function getPackagesAlerts(safeArb, pkgs, output) {
426
426
  raw: alert,
427
427
  fixable: isAlertFixable(alert)
428
428
  });
429
- // Before we ask about problematic issues, check to see if they
430
- // already existed in the old version if they did, be quiet.
431
- const existing = pkgs.find(p => p.existing?.startsWith(`${name}@`))?.existing;
432
- if (existing) {
433
- const oldArtifact =
434
- // eslint-disable-next-line no-await-in-loop
435
- (await batchScan([existing]).next()).value;
436
- if (oldArtifact?.alerts?.length) {
437
- alerts = alerts.filter(({
438
- type
439
- }) => !oldArtifact.alerts?.find(a => a.type === type));
429
+ if (!ENV[SOCKET_CLI_FIX_PACKAGE_LOCK_FILE]) {
430
+ // Before we ask about problematic issues, check to see if they
431
+ // already existed in the old version if they did, be quiet.
432
+ const existing = pkgs.find(p => p.existing?.startsWith(`${name}@`))?.existing;
433
+ if (existing) {
434
+ const oldArtifact =
435
+ // eslint-disable-next-line no-await-in-loop
436
+ (await batchScan([existing]).next()).value;
437
+ if (oldArtifact?.alerts?.length) {
438
+ alerts = alerts.filter(({
439
+ type
440
+ }) => !oldArtifact.alerts?.find(a => a.type === type));
441
+ }
440
442
  }
441
443
  }
442
444
  }
@@ -482,10 +484,14 @@ async function getPackagesAlerts(safeArb, pkgs, output) {
482
484
  return packageAlerts;
483
485
  }
484
486
  function toRepoUrl(resolved) {
485
- return resolved.replace(/#[\s\S]*$/, '').replace(/\?[\s\S]*$/, '').replace(/\/[^/]*\/-\/[\s\S]*$/, '');
487
+ try {
488
+ return URL.parse(resolved)?.origin ?? '';
489
+ } catch {}
490
+ return '';
486
491
  }
487
- function walk(diff_, needInfoOn = []) {
488
- const queue = [diff_];
492
+ function walk(diff_) {
493
+ const needInfoOn = [];
494
+ const queue = [...diff_.children];
489
495
  let pos = 0;
490
496
  let {
491
497
  length: queueLength
@@ -495,9 +501,6 @@ function walk(diff_, needInfoOn = []) {
495
501
  throw new Error('Detected infinite loop while walking Arborist diff');
496
502
  }
497
503
  const diff = queue[pos++];
498
- if (!diff) {
499
- continue;
500
- }
501
504
  const {
502
505
  action
503
506
  } = diff;
@@ -526,10 +529,23 @@ function walk(diff_, needInfoOn = []) {
526
529
  });
527
530
  }
528
531
  }
529
- if (diff.children) {
530
- for (const child of diff.children) {
531
- queue[queueLength++] = child;
532
- }
532
+ for (const child of diff.children) {
533
+ queue[queueLength++] = child;
534
+ }
535
+ }
536
+ if (ENV[SOCKET_CLI_FIX_PACKAGE_LOCK_FILE]) {
537
+ const {
538
+ unchanged
539
+ } = diff_;
540
+ for (let i = 0, {
541
+ length
542
+ } = unchanged; i < length; i += 1) {
543
+ const pkgNode = unchanged[i];
544
+ needInfoOn.push({
545
+ existing: pkgNode.pkgid,
546
+ pkgid: pkgNode.pkgid,
547
+ repository_url: toRepoUrl(pkgNode.resolved)
548
+ });
533
549
  }
534
550
  }
535
551
  return needInfoOn;
@@ -1220,16 +1236,16 @@ class SafeArborist extends Arborist {
1220
1236
  options.dryRun = old.dryRun;
1221
1237
  options['save'] = old.save;
1222
1238
  options['saveBundle'] = old.saveBundle;
1223
- // Nothing to check, hmmm already installed or all private?
1224
- const diff = walk(this['diff']);
1225
- if (diff.findIndex(c => c.repository_url === NPM_REGISTRY_URL) === -1) {
1239
+ const needInfoOn = walk(this['diff']);
1240
+ if (needInfoOn.findIndex(c => c.repository_url === NPM_REGISTRY_URL) === -1) {
1241
+ // Nothing to check, hmmm already installed or all private?
1226
1242
  return await this[kRiskyReify](...args);
1227
1243
  }
1228
1244
  const input = process.stdin;
1229
1245
  const output = process.stderr;
1230
1246
  let alerts;
1231
1247
  const proceed = ENV[SOCKET_CLI_UPDATE_OVERRIDES_IN_PACKAGE_LOCK_FILE] || (await (async () => {
1232
- alerts = await getPackagesAlerts(this, diff, output);
1248
+ alerts = await getPackagesAlerts(this, needInfoOn, output);
1233
1249
  if (!alerts.length || ENV[SOCKET_CLI_FIX_PACKAGE_LOCK_FILE]) {
1234
1250
  return true;
1235
1251
  }
package/dist/require/cli.js CHANGED
@@ -1741,8 +1741,9 @@ const optimize = {
1741
1741
  if (isNpm) {
1742
1742
  console.log(`💡 Re-run ${COMMAND_TITLE} whenever ${lockName} changes.\n This can be skipped once npm ships ${NPM_OVERRIDE_PR_URL}.`);
1743
1743
  }
1744
- } catch {
1744
+ } catch (e) {
1745
1745
  spinner.error(`${COMMAND_TITLE}: ${agent} install failed to update ${lockName}`);
1746
+ console.error(e);
1746
1747
  }
1747
1748
  }
1748
1749
  }
package/dist/require/npm-injection.js CHANGED
@@ -426,17 +426,19 @@ async function getPackagesAlerts(safeArb, pkgs, output) {
426
426
  raw: alert,
427
427
  fixable: isAlertFixable(alert)
428
428
  });
429
- // Before we ask about problematic issues, check to see if they
430
- // already existed in the old version if they did, be quiet.
431
- const existing = pkgs.find(p => p.existing?.startsWith(`${name}@`))?.existing;
432
- if (existing) {
433
- const oldArtifact =
434
- // eslint-disable-next-line no-await-in-loop
435
- (await batchScan([existing]).next()).value;
436
- if (oldArtifact?.alerts?.length) {
437
- alerts = alerts.filter(({
438
- type
439
- }) => !oldArtifact.alerts?.find(a => a.type === type));
429
+ if (!ENV[SOCKET_CLI_FIX_PACKAGE_LOCK_FILE]) {
430
+ // Before we ask about problematic issues, check to see if they
431
+ // already existed in the old version if they did, be quiet.
432
+ const existing = pkgs.find(p => p.existing?.startsWith(`${name}@`))?.existing;
433
+ if (existing) {
434
+ const oldArtifact =
435
+ // eslint-disable-next-line no-await-in-loop
436
+ (await batchScan([existing]).next()).value;
437
+ if (oldArtifact?.alerts?.length) {
438
+ alerts = alerts.filter(({
439
+ type
440
+ }) => !oldArtifact.alerts?.find(a => a.type === type));
441
+ }
440
442
  }
441
443
  }
442
444
  }
@@ -482,10 +484,14 @@ async function getPackagesAlerts(safeArb, pkgs, output) {
482
484
  return packageAlerts;
483
485
  }
484
486
  function toRepoUrl(resolved) {
485
- return resolved.replace(/#[\s\S]*$/, '').replace(/\?[\s\S]*$/, '').replace(/\/[^/]*\/-\/[\s\S]*$/, '');
487
+ try {
488
+ return URL.parse(resolved)?.origin ?? '';
489
+ } catch {}
490
+ return '';
486
491
  }
487
- function walk(diff_, needInfoOn = []) {
488
- const queue = [diff_];
492
+ function walk(diff_) {
493
+ const needInfoOn = [];
494
+ const queue = [...diff_.children];
489
495
  let pos = 0;
490
496
  let {
491
497
  length: queueLength
@@ -495,9 +501,6 @@ function walk(diff_, needInfoOn = []) {
495
501
  throw new Error('Detected infinite loop while walking Arborist diff');
496
502
  }
497
503
  const diff = queue[pos++];
498
- if (!diff) {
499
- continue;
500
- }
501
504
  const {
502
505
  action
503
506
  } = diff;
@@ -526,10 +529,23 @@ function walk(diff_, needInfoOn = []) {
526
529
  });
527
530
  }
528
531
  }
529
- if (diff.children) {
530
- for (const child of diff.children) {
531
- queue[queueLength++] = child;
532
- }
532
+ for (const child of diff.children) {
533
+ queue[queueLength++] = child;
534
+ }
535
+ }
536
+ if (ENV[SOCKET_CLI_FIX_PACKAGE_LOCK_FILE]) {
537
+ const {
538
+ unchanged
539
+ } = diff_;
540
+ for (let i = 0, {
541
+ length
542
+ } = unchanged; i < length; i += 1) {
543
+ const pkgNode = unchanged[i];
544
+ needInfoOn.push({
545
+ existing: pkgNode.pkgid,
546
+ pkgid: pkgNode.pkgid,
547
+ repository_url: toRepoUrl(pkgNode.resolved)
548
+ });
533
549
  }
534
550
  }
535
551
  return needInfoOn;
@@ -1220,16 +1236,16 @@ class SafeArborist extends Arborist {
1220
1236
  options.dryRun = old.dryRun;
1221
1237
  options['save'] = old.save;
1222
1238
  options['saveBundle'] = old.saveBundle;
1223
- // Nothing to check, hmmm already installed or all private?
1224
- const diff = walk(this['diff']);
1225
- if (diff.findIndex(c => c.repository_url === NPM_REGISTRY_URL) === -1) {
1239
+ const needInfoOn = walk(this['diff']);
1240
+ if (needInfoOn.findIndex(c => c.repository_url === NPM_REGISTRY_URL) === -1) {
1241
+ // Nothing to check, hmmm already installed or all private?
1226
1242
  return await this[kRiskyReify](...args);
1227
1243
  }
1228
1244
  const input = process.stdin;
1229
1245
  const output = process.stderr;
1230
1246
  let alerts;
1231
1247
  const proceed = ENV[SOCKET_CLI_UPDATE_OVERRIDES_IN_PACKAGE_LOCK_FILE] || (await (async () => {
1232
- alerts = await getPackagesAlerts(this, diff, output);
1248
+ alerts = await getPackagesAlerts(this, needInfoOn, output);
1233
1249
  if (!alerts.length || ENV[SOCKET_CLI_FIX_PACKAGE_LOCK_FILE]) {
1234
1250
  return true;
1235
1251
  }
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "socket",
3
- "version": "0.14.40-alpha.0",
3
+ "version": "0.14.40-alpha.2",
4
4
  "description": "CLI tool for Socket.dev",
5
5
  "homepage": "http://github.com/SocketDev/socket-cli",
6
6
  "license": "MIT",