socket 0.14.40-alpha.9 → 0.14.41

package/dist/module-sync/path-resolve.d.ts

@@ -8,6 +8,6 @@ declare function findBinPathDetails(binName: string): Promise<{
     path: string | undefined;
     shadowed: boolean;
 }>;
-declare function getPackageFiles(cwd: string, inputPaths: string[], config: SocketYml | undefined, supportedFiles: SocketSdkReturnType<'getReportSupportedFiles'>['data'], debugLog?: typeof console.error): Promise<string[]>;
+declare function getPackageFiles(cwd: string, inputPaths: string[], config: SocketYml | undefined, supportedFiles: SocketSdkReturnType<'getReportSupportedFiles'>['data']): Promise<string[]>;
 declare function getPackageFilesFullScans(cwd: string, inputPaths: string[], supportedFiles: SocketSdkReturnType<'getReportSupportedFiles'>['data'], debugLog?: typeof console.error): Promise<string[]>;
 export { directoryPatterns, findRoot, findBinPathDetails, getPackageFiles, getPackageFilesFullScans };

package/dist/module-sync/path-resolve.js

@@ -11,12 +11,56 @@ function _socketInterop(e) {
 
 var fs = require('node:fs');
 var path = require('node:path');
+var process = require('node:process');
 var ignore = _socketInterop(require('ignore'));
 var micromatch = _socketInterop(require('micromatch'));
 var tinyglobby = _socketInterop(require('tinyglobby'));
 var which = _socketInterop(require('which'));
+var colors = _socketInterop(require('yoctocolors-cjs'));
+var isUnicodeSupported = require('@socketregistry/is-unicode-supported/index.cjs');
+var spinner = require('@socketsecurity/registry/lib/spinner');
 var constants = require('./constants.js');
 
+const logSymbols = isUnicodeSupported() ? {
+  __proto__: null,
+  info: colors.blue('ℹ'),
+  success: colors.green('✔'),
+  warning: colors.yellow('⚠'),
+  error: colors.red('✖️')
+} : {
+  __proto__: null,
+  info: colors.blue('i'),
+  success: colors.green('√'),
+  warning: colors.yellow('‼'),
+  error: colors.red('×')
+};
+class Logger {
+  #spinnerLogger;
+  constructor() {
+    this.#spinnerLogger = new spinner.Spinner();
+  }
+  error(text) {
+    this.#spinnerLogger.error(text);
+  }
+  info(text) {
+    this.#spinnerLogger.info(text);
+  }
+  warn(text) {
+    this.#spinnerLogger.warning(text);
+  }
+}
+const logger = new Logger();
+
+function isDebug() {
+  // Lazily access constants.ENV.
+  return constants.ENV.SOCKET_CLI_DEBUG;
+}
+function debugLog(...args) {
+  if (isDebug()) {
+    console.error(logSymbols.info, ...args);
+  }
+}
+
 const ignoredDirs = [
 // Taken from ignore-by-default:
 // https://github.com/novemberborn/ignore-by-default/blob/v2.1.0/index.js
@@ -170,7 +214,7 @@ async function findBinPathDetails(binName) {
     shadowed: shadowIndex !== -1
   };
 }
-async function getPackageFiles(cwd, inputPaths, config, supportedFiles, debugLog = () => {}) {
+async function getPackageFiles(cwd, inputPaths, config, supportedFiles) {
   debugLog(`Globbed resolving ${inputPaths.length} paths:`, inputPaths);
   const entries = await globWithGitIgnore(pathsToPatterns(inputPaths), {
     cwd,
@@ -192,7 +236,11 @@ async function getPackageFilesFullScans(cwd, inputPaths, supportedFiles, debugLo
   return packageFiles;
 }
 
+exports.debugLog = debugLog;
 exports.findBinPathDetails = findBinPathDetails;
 exports.findRoot = findRoot;
 exports.getPackageFiles = getPackageFiles;
 exports.getPackageFilesFullScans = getPackageFilesFullScans;
+exports.isDebug = isDebug;
+exports.logSymbols = logSymbols;
+exports.logger = logger;

package/dist/module-sync/settings.d.ts

@@ -1,9 +1,14 @@
+import config from '@socketsecurity/config';
 interface Settings {
     apiKey?: string | null;
     enforcedOrgs?: string[] | null;
     apiBaseUrl?: string | null;
     apiProxy?: string | null;
 }
+declare function findSocketYmlSync(): {
+    path: string;
+    parsed: config.SocketYml;
+} | null;
 declare function getSetting<Key extends keyof Settings>(key: Key): Settings[Key];
 declare function updateSetting<Key extends keyof Settings>(key: Key, value: Settings[Key]): void;
-export { getSetting, updateSetting };
+export { findSocketYmlSync, getSetting, updateSetting };

package/dist/module-sync/shadow-bin.d.ts

@@ -1,2 +1,2 @@
-declare function shadow(binName: 'npm' | 'npx', binArgs?: string[]): Promise<void>;
-export { shadow as default };
+declare function shadowBin(binName: 'npm' | 'npx', binArgs?: string[]): Promise<void>;
+export { shadowBin as default };

package/dist/module-sync/shadow-bin.js

@@ -10,15 +10,12 @@ function _socketInterop(e) {
 }
 
 var path = require('node:path');
+var process = require('node:process');
 var spawn = _socketInterop(require('@npmcli/promise-spawn'));
 var cmdShim = _socketInterop(require('cmd-shim'));
 var constants = require('./constants.js');
 var pathResolve = require('./path-resolve.js');
 
-const {
-  WIN32,
-  rootDistPath
-} = constants;
 async function installLinks(realBinPath, binName) {
   // Find package manager being shadowed by this process.
   const {
@@ -31,6 +28,10 @@ async function installLinks(realBinPath, binName) {
     console.error(`Socket unable to locate ${binName}; ensure it is available in the PATH environment variable.`);
     process.exit(127);
   }
+  // Lazily access constants.WIN32.
+  const {
+    WIN32
+  } = constants;
   // TODO: Is this early exit needed?
   if (WIN32 && binPath) {
     return binPath;
@@ -38,7 +39,9 @@ async function installLinks(realBinPath, binName) {
   // Move our bin directory to front of PATH so its found first.
   if (!shadowed) {
     if (WIN32) {
-      await cmdShim(path.join(rootDistPath, `${binName}-cli.js`), path.join(realBinPath, binName));
+      await cmdShim(
+      // Lazily access constants.rootDistPath.
+      path.join(constants.rootDistPath, `${binName}-cli.js`), path.join(realBinPath, binName));
     }
     process.env['PATH'] = `${realBinPath}${path.delimiter}${process.env['PATH']}`;
   }
@@ -49,7 +52,7 @@ const {
   NPM,
   abortSignal
 } = constants;
-async function shadow(binName, binArgs = process.argv.slice(2)) {
+async function shadowBin(binName, binArgs = process.argv.slice(2)) {
   process.exitCode = 1;
   const spawnPromise = spawn(
   // Lazily access constants.execPath.
@@ -80,4 +83,4 @@ async function shadow(binName, binArgs = process.argv.slice(2)) {
   await spawnPromise;
 }
 
-module.exports = shadow;
+module.exports = shadowBin;

package/dist/module-sync/socket-url.d.ts

@@ -0,0 +1,40 @@
+/// <reference types="node" />
+import { SocketSdk } from "@socketsecurity/sdk";
+import { ObjectEncodingOptions, OpenMode, PathLike } from "node:fs";
+import { promises as fs } from "node:fs";
+import { readFileSync as fsReadFileSync } from "node:fs";
+import { Abortable } from "node:events";
+import { FileHandle } from "node:fs/promises";
+import indentString from "@socketregistry/indent-string/index.cjs";
+import { logSymbols } from "./logging.js";
+declare function getDefaultToken(): string | undefined;
+declare function getPublicToken(): string;
+declare function setupSdk(apiToken?: string | undefined, apiBaseUrl?: string | undefined, proxy?: string | undefined): Promise<SocketSdk>;
+declare function findUp(name: string | string[], { cwd }: {
+    cwd: string | undefined;
+}): Promise<string | undefined>;
+type ReadFileOptions = ObjectEncodingOptions & Abortable & {
+    flag?: OpenMode | undefined;
+};
+declare function readFileBinary(filepath: PathLike | FileHandle, options?: ReadFileOptions): Promise<Buffer>;
+declare function readFileUtf8(filepath: PathLike | FileHandle, options?: ReadFileOptions): Promise<string>;
+declare function safeReadFile(...args: Parameters<typeof fs.readFile>): ReturnType<typeof fs.readFile> | undefined;
+declare function safeReadFileSync(...args: Parameters<typeof fsReadFileSync>): ReturnType<typeof fsReadFileSync> | undefined;
+declare class ColorOrMarkdown {
+    useMarkdown: boolean;
+    constructor(useMarkdown: boolean);
+    bold(text: string): string;
+    header(text: string, level?: number): string;
+    hyperlink(text: string, url: string | undefined, { fallback, fallbackToUrl }?: {
+        fallback?: boolean;
+        fallbackToUrl?: boolean;
+    }): string;
+    indent(...args: Parameters<typeof indentString>): ReturnType<typeof indentString>;
+    italic(text: string): string;
+    json(value: any): string;
+    list(items: string[]): string;
+    get logSymbols(): typeof logSymbols;
+}
+declare function getSocketDevAlertUrl(alertType: string): string;
+declare function getSocketDevPackageOverviewUrl(eco: string, name: string, version?: string): string;
+export { getDefaultToken, getPublicToken, setupSdk, findUp, ReadFileOptions, readFileBinary, readFileUtf8, safeReadFile, safeReadFileSync, ColorOrMarkdown, getSocketDevAlertUrl, getSocketDevPackageOverviewUrl };

package/dist/module-sync/socket-url.js

@@ -0,0 +1,301 @@
+'use strict';
+
+function _socketInterop(e) {
+  let c = 0
+  for (const k in e ?? {}) {
+    c = c === 0 && k === 'default' ? 1 : 0
+    if (!c && k !== '__esModule') break
+  }
+  return c ? e.default : e
+}
+
+var terminalLink = _socketInterop(require('terminal-link'));
+var colors = _socketInterop(require('yoctocolors-cjs'));
+var indentString = require('@socketregistry/indent-string/index.cjs');
+var pathResolve = require('./path-resolve.js');
+var process = require('node:process');
+var hpagent = _socketInterop(require('hpagent'));
+var isInteractive = require('@socketregistry/is-interactive/index.cjs');
+var registryConstants = require('@socketsecurity/registry/lib/constants');
+var prompts = require('@socketsecurity/registry/lib/prompts');
+var strings = require('@socketsecurity/registry/lib/strings');
+var sdk = require('@socketsecurity/sdk');
+var fs = require('node:fs');
+var os = require('node:os');
+var path = require('node:path');
+var config = require('@socketsecurity/config');
+var constants = require('./constants.js');
+
+class AuthError extends Error {}
+class InputError extends Error {
+  constructor(message, body) {
+    super(message);
+    this.body = body;
+  }
+}
+function isErrnoException(value) {
+  if (!(value instanceof Error)) {
+    return false;
+  }
+  return value.code !== undefined;
+}
+
+const markdownLogSymbols = {
+  __proto__: null,
+  info: ':information_source:',
+  error: ':stop_sign:',
+  success: ':white_check_mark:',
+  warning: ':warning:'
+};
+class ColorOrMarkdown {
+  constructor(useMarkdown) {
+    this.useMarkdown = !!useMarkdown;
+  }
+  bold(text) {
+    return this.useMarkdown ? `**${text}**` : colors.bold(`${text}`);
+  }
+  header(text, level = 1) {
+    return this.useMarkdown ? `\n${''.padStart(level, '#')} ${text}\n` : colors.underline(`\n${level === 1 ? colors.bold(text) : text}\n`);
+  }
+  hyperlink(text, url, {
+    fallback = true,
+    fallbackToUrl
+  } = {}) {
+    if (url) {
+      return this.useMarkdown ? `[${text}](${url})` : terminalLink(text, url, {
+        fallback: fallbackToUrl ? (_text, url) => url : fallback
+      });
+    }
+    return text;
+  }
+  indent(...args) {
+    return indentString(...args);
+  }
+  italic(text) {
+    return this.useMarkdown ? `_${text}_` : colors.italic(`${text}`);
+  }
+  json(value) {
+    return this.useMarkdown ? '```json\n' + JSON.stringify(value) + '\n```' : JSON.stringify(value);
+  }
+  list(items) {
+    const indentedContent = items.map(item => this.indent(item).trimStart());
+    return this.useMarkdown ? `* ${indentedContent.join('\n* ')}\n` : `${indentedContent.join('\n')}\n`;
+  }
+  get logSymbols() {
+    return this.useMarkdown ? markdownLogSymbols : pathResolve.logSymbols;
+  }
+}
+
+async function findUp(name, {
+  cwd = process.cwd()
+}) {
+  let dir = path.resolve(cwd);
+  const {
+    root
+  } = path.parse(dir);
+  const names = [name].flat();
+  while (dir && dir !== root) {
+    for (const name of names) {
+      const filePath = path.join(dir, name);
+      try {
+        // eslint-disable-next-line no-await-in-loop
+        const stats = await fs.promises.stat(filePath);
+        if (stats.isFile()) {
+          return filePath;
+        }
+      } catch {}
+    }
+    dir = path.dirname(dir);
+  }
+  return undefined;
+}
+async function readFileBinary(filepath, options) {
+  return await fs.promises.readFile(filepath, {
+    ...options,
+    encoding: 'binary'
+  });
+}
+async function readFileUtf8(filepath, options) {
+  return await fs.promises.readFile(filepath, {
+    ...options,
+    encoding: 'utf8'
+  });
+}
+function safeReadFile(...args) {
+  try {
+    return fs.promises.readFile(...args);
+  } catch {}
+  return undefined;
+}
+function safeReadFileSync(...args) {
+  try {
+    return fs.readFileSync(...args);
+  } catch {}
+  return undefined;
+}
+
+const LOCALAPPDATA = 'LOCALAPPDATA';
+let _settings;
+function getSettings() {
+  if (_settings === undefined) {
+    _settings = {};
+    const settingsPath = getSettingsPath();
+    if (settingsPath) {
+      const raw = safeReadFileSync(settingsPath, 'utf8');
+      if (raw) {
+        try {
+          Object.assign(_settings, JSON.parse(Buffer.from(raw, 'base64').toString()));
+        } catch {
+          pathResolve.logger.warn(`Failed to parse settings at ${settingsPath}`);
+        }
+      } else {
+        fs.mkdirSync(path.dirname(settingsPath), {
+          recursive: true
+        });
+      }
+    }
+  }
+  return _settings;
+}
+let _settingsPath;
+let _warnedSettingPathWin32Missing = false;
+function getSettingsPath() {
+  if (_settingsPath === undefined) {
+    // Lazily access constants.WIN32.
+    const {
+      WIN32
+    } = constants;
+    let dataHome = WIN32 ? process.env[LOCALAPPDATA] : process.env['XDG_DATA_HOME'];
+    if (!dataHome) {
+      if (WIN32) {
+        if (!_warnedSettingPathWin32Missing) {
+          _warnedSettingPathWin32Missing = true;
+          pathResolve.logger.warn(`Missing %${LOCALAPPDATA}%`);
+        }
+      } else {
+        dataHome = path.join(os.homedir(), ...(process.platform === 'darwin' ? ['Library', 'Application Support'] : ['.local', 'share']));
+      }
+    }
+    _settingsPath = dataHome ? path.join(dataHome, 'socket', 'settings') : undefined;
+  }
+  return _settingsPath;
+}
+function findSocketYmlSync() {
+  let prevDir = null;
+  let dir = process.cwd();
+  while (dir !== prevDir) {
+    let ymlPath = path.join(dir, 'socket.yml');
+    let yml = safeReadFileSync(ymlPath, 'utf8');
+    if (yml === undefined) {
+      ymlPath = path.join(dir, 'socket.yaml');
+      yml = safeReadFileSync(ymlPath, 'utf8');
+    }
+    if (typeof yml === 'string') {
+      try {
+        return {
+          path: ymlPath,
+          parsed: config.parseSocketConfig(yml)
+        };
+      } catch {
+        throw new Error(`Found file but was unable to parse ${ymlPath}`);
+      }
+    }
+    prevDir = dir;
+    dir = path.join(dir, '..');
+  }
+  return null;
+}
+function getSetting(key) {
+  return getSettings()[key];
+}
+let pendingSave = false;
+function updateSetting(key, value) {
+  const settings = getSettings();
+  settings[key] = value;
+  if (!pendingSave) {
+    pendingSave = true;
+    process.nextTick(() => {
+      pendingSave = false;
+      const settingsPath = getSettingsPath();
+      if (settingsPath) {
+        fs.writeFileSync(settingsPath, Buffer.from(JSON.stringify(settings)).toString('base64'));
+      }
+    });
+  }
+}
+
+// The API server that should be used for operations.
+function getDefaultApiBaseUrl() {
+  const baseUrl = process.env['SOCKET_SECURITY_API_BASE_URL'] || getSetting('apiBaseUrl');
+  return strings.isNonEmptyString(baseUrl) ? baseUrl : undefined;
+}
+
+// The API server that should be used for operations.
+function getDefaultHttpProxy() {
+  const apiProxy = process.env['SOCKET_SECURITY_API_PROXY'] || getSetting('apiProxy');
+  return strings.isNonEmptyString(apiProxy) ? apiProxy : undefined;
+}
+
+// This API key should be stored globally for the duration of the CLI execution.
+let _defaultToken;
+function getDefaultToken() {
+  const key = process.env['SOCKET_SECURITY_API_TOKEN'] ||
+  // Keep 'SOCKET_SECURITY_API_KEY' as an alias of 'SOCKET_SECURITY_API_TOKEN'.
+  // TODO: Remove 'SOCKET_SECURITY_API_KEY' alias.
+  process.env['SOCKET_SECURITY_API_KEY'] ||
+  // TODO: Rename the 'apiKey' setting to 'apiToken'.
+  getSetting('apiKey') || _defaultToken;
+  _defaultToken = strings.isNonEmptyString(key) ? key : undefined;
+  return _defaultToken;
+}
+function getPublicToken() {
+  return getDefaultToken() ?? registryConstants.SOCKET_PUBLIC_API_TOKEN;
+}
+async function setupSdk(apiToken = getDefaultToken(), apiBaseUrl = getDefaultApiBaseUrl(), proxy = getDefaultHttpProxy()) {
+  if (typeof apiToken !== 'string' && isInteractive()) {
+    apiToken = await prompts.password({
+      message: 'Enter your Socket.dev API key (not saved, use socket login to persist)'
+    });
+    _defaultToken = apiToken;
+  }
+  if (!apiToken) {
+    throw new AuthError('You need to provide an API key');
+  }
+  return new sdk.SocketSdk(apiToken, {
+    agent: proxy ? {
+      http: new hpagent.HttpProxyAgent({
+        proxy
+      }),
+      https: new hpagent.HttpsProxyAgent({
+        proxy
+      })
+    } : undefined,
+    baseUrl: apiBaseUrl,
+    // Lazily access constants.rootPkgJsonPath.
+    userAgent: sdk.createUserAgentFromPkgJson(require(constants.rootPkgJsonPath))
+  });
+}
+
+function getSocketDevAlertUrl(alertType) {
+  return `https://socket.dev/alerts/${alertType}`;
+}
+function getSocketDevPackageOverviewUrl(eco, name, version) {
+  return `https://socket.dev/${eco}/package/${name}${version ? `/overview/${version}` : ''}`;
+}
+
+exports.AuthError = AuthError;
+exports.ColorOrMarkdown = ColorOrMarkdown;
+exports.InputError = InputError;
+exports.findSocketYmlSync = findSocketYmlSync;
+exports.findUp = findUp;
+exports.getDefaultToken = getDefaultToken;
+exports.getPublicToken = getPublicToken;
+exports.getSetting = getSetting;
+exports.getSocketDevAlertUrl = getSocketDevAlertUrl;
+exports.getSocketDevPackageOverviewUrl = getSocketDevPackageOverviewUrl;
+exports.isErrnoException = isErrnoException;
+exports.readFileBinary = readFileBinary;
+exports.readFileUtf8 = readFileUtf8;
+exports.safeReadFile = safeReadFile;
+exports.setupSdk = setupSdk;
+exports.updateSetting = updateSetting;