socket 0.14.42 → 0.14.43
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/dist/module-sync/cli.js
CHANGED
|
@@ -248,7 +248,13 @@ function shadowNpmInstall(opts) {
|
|
|
248
248
|
'--no-audit', '--no-fund',
|
|
249
249
|
// Add `--no-progress` flags to fix input being swallowed by the spinner
|
|
250
250
|
// when running the command with recent versions of npm.
|
|
251
|
-
'--no-progress', ...(useDebug ||
|
|
251
|
+
'--no-progress', ...(useDebug ||
|
|
252
|
+
// Detect loglevel flags:
|
|
253
|
+
flags.some(f =>
|
|
254
|
+
// https://docs.npmjs.com/cli/v11/using-npm/logging#setting-log-levels
|
|
255
|
+
f.startsWith('--loglevel') ||
|
|
256
|
+
// https://docs.npmjs.com/cli/v11/using-npm/logging#aliases
|
|
257
|
+
f === '-d' || f === '--dd' || f === '--ddd' || f === '-q' || f === '--quiet' || f === '-s' || f === '--silent') ? [] : ['--silent']), ...flags], {
|
|
252
258
|
signal: abortSignal$3,
|
|
253
259
|
// Set stdio to include 'ipc'.
|
|
254
260
|
// See https://github.com/nodejs/node/blob/v23.6.0/lib/child_process.js#L161-L166
|
|
@@ -1371,27 +1371,25 @@ async function updateAdvisoryDependencies(arb, alerts) {
|
|
|
1371
1371
|
const kRiskyReify = Symbol('riskyReify');
|
|
1372
1372
|
async function reify(...args) {
|
|
1373
1373
|
const IPC = await getIPC();
|
|
1374
|
+
const runningFixCommand = !!IPC[SOCKET_CLI_FIX_PACKAGE_LOCK_FILE];
|
|
1374
1375
|
// We are assuming `this[_diffTrees]()` has been called by `super.reify(...)`:
|
|
1375
1376
|
// https://github.com/npm/cli/blob/v11.0.0/workspaces/arborist/lib/arborist/reify.js#L141
|
|
1376
1377
|
let needInfoOn = getPackagesToQueryFromDiff(this.diff, {
|
|
1377
|
-
includeUnchanged:
|
|
1378
|
+
includeUnchanged: runningFixCommand
|
|
1378
1379
|
});
|
|
1379
1380
|
if (!needInfoOn.length) {
|
|
1380
1381
|
// Nothing to check, hmmm already installed or all private?
|
|
1381
1382
|
return await this[kRiskyReify](...args);
|
|
1382
1383
|
}
|
|
1383
|
-
const
|
|
1384
|
-
[SOCKET_CLI_FIX_PACKAGE_LOCK_FILE]: bypassConfirms,
|
|
1385
|
-
[SOCKET_CLI_UPDATE_OVERRIDES_IN_PACKAGE_LOCK_FILE]: bypassAlerts
|
|
1386
|
-
} = IPC;
|
|
1384
|
+
const runningOptimizeCommand = !!IPC[SOCKET_CLI_UPDATE_OVERRIDES_IN_PACKAGE_LOCK_FILE];
|
|
1387
1385
|
const {
|
|
1388
1386
|
stderr: output,
|
|
1389
1387
|
stdin: input
|
|
1390
1388
|
} = process;
|
|
1391
|
-
let alerts =
|
|
1389
|
+
let alerts = runningOptimizeCommand ? [] : await getPackagesAlerts(needInfoOn, {
|
|
1392
1390
|
output
|
|
1393
1391
|
});
|
|
1394
|
-
if (alerts.length && !
|
|
1392
|
+
if (alerts.length && !runningFixCommand && !(await prompts.confirm({
|
|
1395
1393
|
message: 'Accept risks of installing these packages?',
|
|
1396
1394
|
default: false
|
|
1397
1395
|
}, {
|
|
@@ -1401,14 +1399,7 @@ async function reify(...args) {
|
|
|
1401
1399
|
}))) {
|
|
1402
1400
|
throw new Error('Socket npm exiting due to risks');
|
|
1403
1401
|
}
|
|
1404
|
-
if (!alerts.length || !
|
|
1405
|
-
message: 'Try to fix alerts?',
|
|
1406
|
-
default: true
|
|
1407
|
-
}, {
|
|
1408
|
-
input,
|
|
1409
|
-
output,
|
|
1410
|
-
signal: abortSignal
|
|
1411
|
-
}))) {
|
|
1402
|
+
if (!alerts.length || !runningFixCommand) {
|
|
1412
1403
|
return await this[kRiskyReify](...args);
|
|
1413
1404
|
}
|
|
1414
1405
|
const prev = new Set(alerts.map(a => a.key));
|
|
@@ -59,9 +59,13 @@ async function shadowBin(binName, binArgs = process.argv.slice(2)) {
|
|
|
59
59
|
path.join(constants.distPath, 'npm-injection.js'),
|
|
60
60
|
// Lazily access constants.shadowBinPath.
|
|
61
61
|
await installLinks(constants.shadowBinPath, binName), ...(binName === NPM && binArgs.includes('install') ? [
|
|
62
|
-
// Add the `--quiet` and `--no-progress` flags to fix input being
|
|
63
|
-
// by the spinner when running the command with recent
|
|
64
|
-
|
|
62
|
+
// Add the `--quiet` and `--no-progress` flags to fix input being
|
|
63
|
+
// swallowed by the spinner when running the command with recent
|
|
64
|
+
// versions of npm.
|
|
65
|
+
...binArgs.filter(a => a !== '--progress' && a !== '--no-progress'), '--no-progress',
|
|
66
|
+
// Add the '--quiet' flag if an equivalent flag is not provided.
|
|
67
|
+
// https://docs.npmjs.com/cli/v11/using-npm/logging#aliases
|
|
68
|
+
...(binArgs.includes('-q') || binArgs.includes('--quiet') || binArgs.includes('-s') || binArgs.includes('--silent') ? [] : ['--quiet'])] : binArgs)], {
|
|
65
69
|
signal: abortSignal,
|
|
66
70
|
stdio: 'inherit'
|
|
67
71
|
});
|
package/dist/require/cli.js
CHANGED
|
@@ -246,7 +246,13 @@ function shadowNpmInstall(opts) {
|
|
|
246
246
|
'--no-audit', '--no-fund',
|
|
247
247
|
// Add `--no-progress` flags to fix input being swallowed by the spinner
|
|
248
248
|
// when running the command with recent versions of npm.
|
|
249
|
-
'--no-progress', ...(useDebug ||
|
|
249
|
+
'--no-progress', ...(useDebug ||
|
|
250
|
+
// Detect loglevel flags:
|
|
251
|
+
flags.some(f =>
|
|
252
|
+
// https://docs.npmjs.com/cli/v11/using-npm/logging#setting-log-levels
|
|
253
|
+
f.startsWith('--loglevel') ||
|
|
254
|
+
// https://docs.npmjs.com/cli/v11/using-npm/logging#aliases
|
|
255
|
+
f === '-d' || f === '--dd' || f === '--ddd' || f === '-q' || f === '--quiet' || f === '-s' || f === '--silent') ? [] : ['--silent']), ...flags], {
|
|
250
256
|
signal: abortSignal$3,
|
|
251
257
|
// Set stdio to include 'ipc'.
|
|
252
258
|
// See https://github.com/nodejs/node/blob/v23.6.0/lib/child_process.js#L161-L166
|