socket 0.14.40-alpha.2 → 0.14.40-alpha.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/constants.js +1 -1
- package/dist/module-sync/cli.js +98 -93
- package/dist/module-sync/constants.d.ts.map +1 -1
- package/dist/module-sync/npm-injection.js +22 -19
- package/dist/module-sync/sdk.js +4 -4
- package/dist/module-sync/shadow-bin.js +1 -1
- package/dist/require/cli.js +97 -92
- package/dist/require/constants.d.ts.map +1 -1
- package/dist/require/npm-injection.js +22 -19
- package/dist/require/sdk.js +4 -4
- package/dist/require/shadow-bin.js +1 -1
- package/package.json +15 -15
|
@@ -15,14 +15,14 @@ var https = require('node:https');
|
|
|
15
15
|
var path = require('node:path');
|
|
16
16
|
var readline = require('node:readline');
|
|
17
17
|
var promises = require('node:timers/promises');
|
|
18
|
-
var
|
|
18
|
+
var npa = _socketInterop(require('npm-package-arg'));
|
|
19
|
+
var semver = _socketInterop(require('semver'));
|
|
19
20
|
var config = require('@socketsecurity/config');
|
|
20
21
|
var registry = require('@socketsecurity/registry');
|
|
21
22
|
var objects = require('@socketsecurity/registry/lib/objects');
|
|
22
23
|
var packages = require('@socketsecurity/registry/lib/packages');
|
|
23
24
|
var prompts = require('@socketsecurity/registry/lib/prompts');
|
|
24
|
-
var
|
|
25
|
-
var semver = _socketInterop(require('semver'));
|
|
25
|
+
var spinner = require('@socketsecurity/registry/lib/spinner');
|
|
26
26
|
var constants = require('./constants.js');
|
|
27
27
|
var sdk = require('./sdk.js');
|
|
28
28
|
var pathResolve = require('./path-resolve.js');
|
|
@@ -374,7 +374,7 @@ function maybeReadfileSync(filepath) {
|
|
|
374
374
|
return undefined;
|
|
375
375
|
}
|
|
376
376
|
async function getPackagesAlerts(safeArb, pkgs, output) {
|
|
377
|
-
const spinner =
|
|
377
|
+
const spinner$1 = new spinner.Spinner({
|
|
378
378
|
stream: output
|
|
379
379
|
});
|
|
380
380
|
let {
|
|
@@ -382,11 +382,11 @@ async function getPackagesAlerts(safeArb, pkgs, output) {
|
|
|
382
382
|
} = pkgs;
|
|
383
383
|
const packageAlerts = [];
|
|
384
384
|
if (!remaining) {
|
|
385
|
-
spinner.success('No changes detected');
|
|
385
|
+
spinner$1.success('No changes detected');
|
|
386
386
|
return packageAlerts;
|
|
387
387
|
}
|
|
388
388
|
const getText = () => `Looking up data for ${remaining} packages`;
|
|
389
|
-
spinner.start(getText());
|
|
389
|
+
spinner$1.start(getText());
|
|
390
390
|
try {
|
|
391
391
|
for await (const artifact of batchScan(pkgs.map(p => p.pkgid))) {
|
|
392
392
|
if (!artifact.name || !artifact.version || !artifact.alerts?.length) {
|
|
@@ -455,7 +455,7 @@ async function getPackagesAlerts(safeArb, pkgs, output) {
|
|
|
455
455
|
}
|
|
456
456
|
}
|
|
457
457
|
if (displayWarning) {
|
|
458
|
-
spinner.stop(`(socket) ${formatter.hyperlink(id, `https://socket.dev/npm/package/${name}/overview/${version}`)} contains risks:`);
|
|
458
|
+
spinner$1.stop(`(socket) ${formatter.hyperlink(id, `https://socket.dev/npm/package/${name}/overview/${version}`)} contains risks:`);
|
|
459
459
|
alerts.sort((a, b) => a.type < b.type ? -1 : 1);
|
|
460
460
|
const lines = new Set();
|
|
461
461
|
for (const alert of alerts) {
|
|
@@ -472,14 +472,14 @@ async function getPackagesAlerts(safeArb, pkgs, output) {
|
|
|
472
472
|
for (const line of lines) {
|
|
473
473
|
output?.write(line);
|
|
474
474
|
}
|
|
475
|
-
spinner.start();
|
|
475
|
+
spinner$1.start();
|
|
476
476
|
}
|
|
477
477
|
remaining -= 1;
|
|
478
|
-
spinner.text = remaining > 0 ? getText() : '';
|
|
478
|
+
spinner$1.text = remaining > 0 ? getText() : '';
|
|
479
479
|
packageAlerts.push(...alerts);
|
|
480
480
|
}
|
|
481
481
|
} finally {
|
|
482
|
-
spinner.stop();
|
|
482
|
+
spinner$1.stop();
|
|
483
483
|
}
|
|
484
484
|
return packageAlerts;
|
|
485
485
|
}
|
|
@@ -505,10 +505,16 @@ function walk(diff_) {
|
|
|
505
505
|
action
|
|
506
506
|
} = diff;
|
|
507
507
|
if (action) {
|
|
508
|
-
const
|
|
509
|
-
|
|
510
|
-
|
|
511
|
-
|
|
508
|
+
const {
|
|
509
|
+
actual: oldNode,
|
|
510
|
+
ideal: pkgNode
|
|
511
|
+
} = diff;
|
|
512
|
+
const {
|
|
513
|
+
pkgid: oldPkgid
|
|
514
|
+
} = oldNode;
|
|
515
|
+
const {
|
|
516
|
+
pkgid
|
|
517
|
+
} = pkgNode;
|
|
512
518
|
let existing;
|
|
513
519
|
let keep = false;
|
|
514
520
|
if (action === 'CHANGE') {
|
|
@@ -1359,8 +1365,7 @@ async function updateAdvisoryDependencies(arb, alerts) {
|
|
|
1359
1365
|
}
|
|
1360
1366
|
function findPackageRecursively(tree, packageName) {
|
|
1361
1367
|
const queue = [{
|
|
1362
|
-
node: tree
|
|
1363
|
-
depth: 0
|
|
1368
|
+
node: tree
|
|
1364
1369
|
}];
|
|
1365
1370
|
let sentinel = 0;
|
|
1366
1371
|
while (queue.length) {
|
|
@@ -1368,7 +1373,6 @@ function findPackageRecursively(tree, packageName) {
|
|
|
1368
1373
|
throw new Error('Detected infinite loop in findPackageRecursively');
|
|
1369
1374
|
}
|
|
1370
1375
|
const {
|
|
1371
|
-
depth,
|
|
1372
1376
|
node: currentNode
|
|
1373
1377
|
} = queue.pop();
|
|
1374
1378
|
const node = currentNode.children.get(packageName);
|
|
@@ -1379,8 +1383,7 @@ function findPackageRecursively(tree, packageName) {
|
|
|
1379
1383
|
const children = [...currentNode.children.values()];
|
|
1380
1384
|
for (let i = children.length - 1; i >= 0; i -= 1) {
|
|
1381
1385
|
queue.push({
|
|
1382
|
-
node: children[i]
|
|
1383
|
-
depth: depth + 1
|
|
1386
|
+
node: children[i]
|
|
1384
1387
|
});
|
|
1385
1388
|
}
|
|
1386
1389
|
}
|
package/dist/require/sdk.js
CHANGED
|
@@ -9,17 +9,17 @@ function _socketInterop(e) {
|
|
|
9
9
|
return c ? e.default : e
|
|
10
10
|
}
|
|
11
11
|
|
|
12
|
-
var colors = _socketInterop(require('yoctocolors-cjs'));
|
|
13
12
|
var vendor = require('./vendor.js');
|
|
13
|
+
var colors = _socketInterop(require('yoctocolors-cjs'));
|
|
14
14
|
var hpagent = _socketInterop(require('hpagent'));
|
|
15
15
|
var prompts = require('@socketsecurity/registry/lib/prompts');
|
|
16
16
|
var strings = require('@socketsecurity/registry/lib/strings');
|
|
17
17
|
var sdk = require('@socketsecurity/sdk');
|
|
18
|
-
var constants = require('./constants.js');
|
|
19
18
|
var fs = require('node:fs');
|
|
20
19
|
var os = require('node:os');
|
|
21
20
|
var path = require('node:path');
|
|
22
|
-
var
|
|
21
|
+
var spinner = require('@socketsecurity/registry/lib/spinner');
|
|
22
|
+
var constants = require('./constants.js');
|
|
23
23
|
|
|
24
24
|
class AuthError extends Error {}
|
|
25
25
|
class InputError extends Error {
|
|
@@ -125,7 +125,7 @@ if (fs.existsSync(settingsPath)) {
|
|
|
125
125
|
try {
|
|
126
126
|
settings = JSON.parse(Buffer.from(raw, 'base64').toString());
|
|
127
127
|
} catch {
|
|
128
|
-
|
|
128
|
+
new spinner.Spinner().warning(`Failed to parse settings at ${settingsPath}`);
|
|
129
129
|
}
|
|
130
130
|
} else {
|
|
131
131
|
fs.mkdirSync(path.dirname(settingsPath), {
|
|
@@ -11,8 +11,8 @@ function _socketInterop(e) {
|
|
|
11
11
|
|
|
12
12
|
var path = require('node:path');
|
|
13
13
|
var spawn = _socketInterop(require('@npmcli/promise-spawn'));
|
|
14
|
-
var constants = require('./constants.js');
|
|
15
14
|
var cmdShim = _socketInterop(require('cmd-shim'));
|
|
15
|
+
var constants = require('./constants.js');
|
|
16
16
|
var pathResolve = require('./path-resolve.js');
|
|
17
17
|
|
|
18
18
|
const {
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "socket",
|
|
3
|
-
"version": "0.14.40-alpha.
|
|
3
|
+
"version": "0.14.40-alpha.3",
|
|
4
4
|
"description": "CLI tool for Socket.dev",
|
|
5
5
|
"homepage": "http://github.com/SocketDev/socket-cli",
|
|
6
6
|
"license": "MIT",
|
|
@@ -61,16 +61,16 @@
|
|
|
61
61
|
"@socketregistry/hyrious__bun.lockb": "1.0.9",
|
|
62
62
|
"@socketregistry/yocto-spinner": "^1.0.2",
|
|
63
63
|
"@socketsecurity/config": "^2.1.3",
|
|
64
|
-
"@socketsecurity/registry": "^1.0.
|
|
65
|
-
"@socketsecurity/sdk": "^1.
|
|
64
|
+
"@socketsecurity/registry": "^1.0.67",
|
|
65
|
+
"@socketsecurity/sdk": "^1.4.5",
|
|
66
66
|
"blessed": "^0.1.81",
|
|
67
67
|
"blessed-contrib": "^4.11.0",
|
|
68
|
-
"browserslist": "4.24.
|
|
68
|
+
"browserslist": "4.24.4",
|
|
69
69
|
"chalk-table": "^1.0.2",
|
|
70
70
|
"cmd-shim": "^7.0.0",
|
|
71
71
|
"has-flag": "^4.0.0",
|
|
72
72
|
"hpagent": "^1.2.0",
|
|
73
|
-
"ignore": "^7.0.
|
|
73
|
+
"ignore": "^7.0.1",
|
|
74
74
|
"is-interactive": "^2.0.0",
|
|
75
75
|
"is-unicode-supported": "^2.1.0",
|
|
76
76
|
"meow": "^13.2.0",
|
|
@@ -81,7 +81,7 @@
|
|
|
81
81
|
"semver": "^7.6.3",
|
|
82
82
|
"synp": "^1.9.14",
|
|
83
83
|
"terminal-link": "^3.0.0",
|
|
84
|
-
"tiny-updater": "^3.5.
|
|
84
|
+
"tiny-updater": "^3.5.3",
|
|
85
85
|
"tinyglobby": "^0.2.10",
|
|
86
86
|
"which": "^5.0.0",
|
|
87
87
|
"yaml": "^2.7.0",
|
|
@@ -97,8 +97,8 @@
|
|
|
97
97
|
"@babel/preset-env": "^7.26.0",
|
|
98
98
|
"@babel/preset-typescript": "^7.26.0",
|
|
99
99
|
"@babel/runtime": "^7.26.0",
|
|
100
|
-
"@eslint/compat": "^1.2.
|
|
101
|
-
"@eslint/js": "^9.
|
|
100
|
+
"@eslint/compat": "^1.2.5",
|
|
101
|
+
"@eslint/js": "^9.18.0",
|
|
102
102
|
"@rollup/plugin-commonjs": "^28.0.2",
|
|
103
103
|
"@rollup/plugin-json": "^6.1.0",
|
|
104
104
|
"@rollup/plugin-node-resolve": "^16.0.0",
|
|
@@ -118,11 +118,11 @@
|
|
|
118
118
|
"@types/update-notifier": "^6.0.8",
|
|
119
119
|
"@types/which": "^3.0.4",
|
|
120
120
|
"@types/yargs-parser": "^21.0.3",
|
|
121
|
-
"@typescript-eslint/eslint-plugin": "^8.
|
|
122
|
-
"@typescript-eslint/parser": "^8.
|
|
121
|
+
"@typescript-eslint/eslint-plugin": "^8.20.0",
|
|
122
|
+
"@typescript-eslint/parser": "^8.20.0",
|
|
123
123
|
"c8": "^10.1.3",
|
|
124
124
|
"custompatch": "^1.1.4",
|
|
125
|
-
"eslint": "^9.
|
|
125
|
+
"eslint": "^9.18.0",
|
|
126
126
|
"eslint-import-resolver-oxc": "^0.8.0",
|
|
127
127
|
"eslint-plugin-depend": "^0.12.0",
|
|
128
128
|
"eslint-plugin-import-x": "^4.6.1",
|
|
@@ -130,19 +130,19 @@
|
|
|
130
130
|
"eslint-plugin-sort-destructure-keys": "^2.0.0",
|
|
131
131
|
"eslint-plugin-unicorn": "^56.0.1",
|
|
132
132
|
"husky": "^9.1.7",
|
|
133
|
-
"knip": "^5.
|
|
133
|
+
"knip": "^5.42.0",
|
|
134
134
|
"magic-string": "^0.30.17",
|
|
135
135
|
"mock-fs": "^5.4.1",
|
|
136
136
|
"nock": "^13.5.6",
|
|
137
137
|
"npm-run-all2": "^7.0.2",
|
|
138
|
-
"oxlint": "0.15.
|
|
138
|
+
"oxlint": "0.15.6",
|
|
139
139
|
"prettier": "3.4.2",
|
|
140
140
|
"read-package-up": "^11.0.0",
|
|
141
|
-
"rollup": "4.30.
|
|
141
|
+
"rollup": "4.30.1",
|
|
142
142
|
"rollup-plugin-ts": "^3.4.5",
|
|
143
143
|
"type-coverage": "^2.29.7",
|
|
144
144
|
"typescript": "5.4.5",
|
|
145
|
-
"typescript-eslint": "^8.
|
|
145
|
+
"typescript-eslint": "^8.20.0",
|
|
146
146
|
"unplugin-purge-polyfills": "^0.0.7"
|
|
147
147
|
},
|
|
148
148
|
"overrides": {
|