socket 0.14.52 → 0.14.53

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (21) hide show
  1. package/bin/cli.js +10 -15
  2. package/dist/constants.d.ts +4 -4
  3. package/dist/constants.js +2 -2
  4. package/dist/constants.js.map +1 -1
  5. package/dist/module-sync/cli.js +81 -53
  6. package/dist/module-sync/cli.js.map +1 -1
  7. package/dist/module-sync/edge.d.ts +1 -1
  8. package/dist/module-sync/index.d.ts +22 -22
  9. package/dist/module-sync/index.js.map +1 -1
  10. package/dist/module-sync/npm-paths.js.map +1 -1
  11. package/dist/module-sync/reify.d.ts +8 -8
  12. package/dist/module-sync/settings.d.ts +1 -1
  13. package/dist/module-sync/shadow-bin.js +5 -10
  14. package/dist/module-sync/shadow-bin.js.map +1 -1
  15. package/dist/require/cli.js +81 -53
  16. package/dist/require/cli.js.map +1 -1
  17. package/package.json +2 -3
  18. package/dist/module-sync/npm.d.ts +0 -26
  19. package/dist/module-sync/npm.js +0 -114
  20. package/dist/module-sync/npm.js.map +0 -1
  21. package/dist/require/npm.js +0 -3
package/bin/cli.js CHANGED
@@ -16,11 +16,10 @@ if (
16
16
  require(`${constants.distPath}/${CLI}.js`)
17
17
  } else {
18
18
  const path = require('node:path')
19
- const spawn = require('@npmcli/promise-spawn')
20
- const { abortSignal } = constants
19
+ const { spawn } = require('@socketsecurity/registry/lib/spawn')
21
20
 
22
21
  process.exitCode = 1
23
- const spawnPromise = spawn(
22
+ spawn(
24
23
  // Lazily access constants.execPath.
25
24
  constants.execPath,
26
25
  [
@@ -39,19 +38,15 @@ if (
39
38
  ...process.argv.slice(2)
40
39
  ],
41
40
  {
42
- signal: abortSignal,
43
41
  stdio: 'inherit'
44
42
  }
45
43
  )
46
- // See https://nodejs.org/api/all.html#all_child_process_event-exit.
47
- spawnPromise.process.on('exit', (code, signalName) => {
48
- if (abortSignal.aborted) {
49
- return
50
- }
51
- if (signalName) {
52
- process.kill(process.pid, signalName)
53
- } else if (code !== null) {
54
- process.exit(code)
55
- }
56
- })
44
+ // See https://nodejs.org/api/all.html#all_child_process_event-exit.
45
+ .process.on('exit', (code, signalName) => {
46
+ if (signalName) {
47
+ process.kill(process.pid, signalName)
48
+ } else if (code !== null) {
49
+ process.exit(code)
50
+ }
51
+ })
57
52
  }
package/dist/constants.d.ts CHANGED
@@ -7,7 +7,7 @@ type Sentry = any;
7
7
  type Internals = Remap<Omit<RegistryInternals, 'getIPC'> & Readonly<{
8
8
  getIPC: {
9
9
  (): Promise<IPC>;
10
- <K extends keyof IPC | undefined>(key?: K): Promise<K extends keyof IPC ? IPC[K] : IPC>;
10
+ <K extends keyof IPC | undefined>(key?: K | undefined): Promise<K extends keyof IPC ? IPC[K] : IPC>;
11
11
  };
12
12
  getSentry: () => Sentry;
13
13
  setSentry(Sentry: Sentry): boolean;
@@ -22,9 +22,9 @@ type ENV = Remap<RegistryEnv & Readonly<{
22
22
  SOCKET_CLI_VERSION_HASH: string;
23
23
  }>>;
24
24
  type IPC = Readonly<{
25
- SOCKET_CLI_FIX?: string;
26
- SOCKET_CLI_OPTIMIZE?: boolean;
27
- SOCKET_CLI_SAFE_WRAPPER?: boolean;
25
+ SOCKET_CLI_FIX?: string | undefined;
26
+ SOCKET_CLI_OPTIMIZE?: boolean | undefined;
27
+ SOCKET_CLI_SAFE_WRAPPER?: boolean | undefined;
28
28
  }>;
29
29
  declare const constants: {
30
30
  readonly CI: "CI";
package/dist/constants.js CHANGED
@@ -88,7 +88,7 @@ const LAZY_ENV = () => {
88
88
  [SOCKET_CLI_SHOW_BANNER]: env.envAsBoolean(env$1[SOCKET_CLI_SHOW_BANNER]),
89
89
  // Inlined flag set to determine the version hash of the build.
90
90
  // The '@rollup/plugin-replace' will replace "process.env[SOCKET_CLI_VERSION_HASH]".
91
- [SOCKET_CLI_VERSION_HASH]: "0.14.52:709a145:a25834aa:pub"
91
+ [SOCKET_CLI_VERSION_HASH]: "0.14.53:e7fcb39:b1cdb520:pub"
92
92
  });
93
93
  };
94
94
  const lazyBashRcPath = () =>
@@ -226,5 +226,5 @@ const constants = createConstantsObject({
226
226
  });
227
227
 
228
228
  module.exports = constants;
229
- //# debugId=1e08178e-cc0e-442b-8aa8-79e70903ef03
229
+ //# debugId=bd130086-d631-467f-876d-3d82d433148d
230
230
  //# sourceMappingURL=constants.js.map
package/dist/constants.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"constants.js","sources":["../../src/constants.ts"],"sourcesContent":["import { realpathSync } from 'node:fs'\nimport os from 'node:os'\nimport path from 'node:path'\nimport process from 'node:process'\n\nimport registryConstants from '@socketsecurity/registry/lib/constants'\nimport { envAsBoolean } from '@socketsecurity/registry/lib/env'\n\nimport type { Remap } from '@socketsecurity/registry/lib/objects'\n\nconst {\n NODE_MODULES,\n PACKAGE_JSON,\n kInternalsSymbol,\n [kInternalsSymbol as unknown as 'Symbol(kInternalsSymbol)']: {\n createConstantsObject\n }\n} = registryConstants\n\ntype RegistryEnv = typeof registryConstants.ENV\n\ntype RegistryInternals = (typeof registryConstants)['Symbol(kInternalsSymbol)']\n\ntype Sentry = any\n\ntype Internals = Remap<\n Omit<RegistryInternals, 'getIPC'> &\n Readonly<{\n getIPC: {\n (): Promise<IPC>\n <K extends keyof IPC | undefined>(\n key?: K\n ): Promise<K extends keyof IPC ? IPC[K] : IPC>\n }\n getSentry: () => Sentry\n setSentry(Sentry: Sentry): boolean\n }>\n>\n\ntype ENV = Remap<\n RegistryEnv &\n Readonly<{\n SOCKET_CLI_DEBUG: boolean\n SOCKET_CLI_LEGACY_BUILD: boolean\n SOCKET_CLI_NO_API_TOKEN: boolean\n SOCKET_CLI_PUBLISHED_BUILD: boolean\n SOCKET_CLI_SENTRY_BUILD: boolean\n SOCKET_CLI_SHOW_BANNER: boolean\n SOCKET_CLI_VERSION_HASH: string\n }>\n>\n\ntype IPC = Readonly<{\n SOCKET_CLI_FIX?: string\n SOCKET_CLI_OPTIMIZE?: boolean\n SOCKET_CLI_SAFE_WRAPPER?: boolean\n}>\n\ntype Constants = Remap<\n Omit<typeof registryConstants, 'Symbol(kInternalsSymbol)' | 'ENV' | 'IPC'> & {\n readonly 'Symbol(kInternalsSymbol)': Internals\n readonly ALERT_TYPE_CRITICAL_CVE: 'criticalCVE'\n readonly ALERT_TYPE_CVE: 'cve'\n readonly ALERT_TYPE_MEDIUM_CVE: 'mediumCVE'\n readonly ALERT_TYPE_MILD_CVE: 'mildCVE'\n readonly ALERT_TYPE_SOCKET_UPGRADE_AVAILABLE: 'socketUpgradeAvailable'\n readonly API_V0_URL: 'https://api.socket.dev/v0'\n readonly BABEL_RUNTIME: '@babel/runtime'\n readonly BATCH_PURL_ENDPOINT: 'https://api.socket.dev/v0/purl?alerts=true&compact=true'\n readonly BINARY_LOCK_EXT: '.lockb'\n readonly BUN: 'bun'\n readonly CLI: 'cli'\n readonly CVE_ALERT_PROPS_FIRST_PATCHED_VERSION_IDENTIFIER: 'firstPatchedVersionIdentifier'\n readonly CVE_ALERT_PROPS_VULNERABLE_VERSION_RANGE: 'vulnerableVersionRange'\n readonly ENV: ENV\n readonly DIST_TYPE: 'module-sync' | 'require'\n readonly DRY_RUN_LABEL: '[DryRun]'\n readonly DRY_RUN_BAIL_TEXT: '[DryRun] Bailing now'\n readonly IPC: IPC\n readonly LOCK_EXT: '.lock'\n readonly MODULE_SYNC: 'module-sync'\n readonly NPM_INJECTION: 'npm-injection'\n readonly NPM_REGISTRY_URL: 'https://registry.npmjs.org'\n readonly NPX: 'npx'\n readonly PNPM: 'pnpm'\n readonly REDACTED: '<redacted>'\n readonly REQUIRE: 'require'\n readonly SHADOW_BIN: 'shadow-bin'\n readonly SOCKET: 'socket'\n readonly SOCKET_CLI_DEBUG: 'SOCKET_CLI_DEBUG'\n readonly SOCKET_CLI_FIX: 'SOCKET_CLI_FIX'\n readonly SOCKET_CLI_ISSUES_URL: 'https://github.com/SocketDev/socket-cli/issues'\n readonly SOCKET_CLI_LEGACY_BUILD: 'SOCKET_CLI_LEGACY_BUILD'\n readonly SOCKET_CLI_NO_API_TOKEN: 'SOCKET_CLI_NO_API_TOKEN'\n readonly SOCKET_CLI_OPTIMIZE: 'SOCKET_CLI_OPTIMIZE'\n readonly SOCKET_CLI_PUBLISHED_BUILD: 'SOCKET_CLI_PUBLISHED_BUILD'\n readonly SOCKET_CLI_SAFE_WRAPPER: 'SOCKET_CLI_SAFE_WRAPPER'\n readonly SOCKET_CLI_SENTRY_BUILD: 'SOCKET_CLI_SENTRY_BUILD'\n readonly SOCKET_CLI_SHOW_BANNER: 'SOCKET_CLI_SHOW_BANNER'\n readonly SOCKET_CLI_VERSION_HASH: 'SOCKET_CLI_VERSION_HASH'\n readonly VLT: 'vlt'\n readonly YARN: 'yarn'\n readonly YARN_BERRY: 'yarn/berry'\n readonly YARN_CLASSIC: 'yarn/classic'\n readonly bashRcPath: string\n readonly cdxgenBinPath: string\n readonly distPath: string\n readonly homePath: string\n readonly instrumentWithSentryPath: string\n readonly nmBinPath: string\n readonly npmInjectionPath: string\n readonly rootBinPath: string\n readonly rootDistPath: string\n readonly rootPath: string\n readonly rootPkgJsonPath: string\n readonly shadowBinPath: string\n readonly synpBinPath: string\n readonly zshRcPath: string\n }\n>\n\nconst ALERT_TYPE_CRITICAL_CVE = 'criticalCVE'\nconst ALERT_TYPE_CVE = 'cve'\nconst ALERT_TYPE_MEDIUM_CVE = 'mediumCVE'\nconst ALERT_TYPE_MILD_CVE = 'mildCVE'\nconst ALERT_TYPE_SOCKET_UPGRADE_AVAILABLE = 'socketUpgradeAvailable'\nconst API_V0_URL = 'https://api.socket.dev/v0'\nconst BABEL_RUNTIME = '@babel/runtime'\nconst BINARY_LOCK_EXT = '.lockb'\nconst BUN = 'bun'\nconst CLI = 'cli'\nconst CVE_ALERT_PROPS_FIRST_PATCHED_VERSION_IDENTIFIER =\n 'firstPatchedVersionIdentifier'\nconst CVE_ALERT_PROPS_VULNERABLE_VERSION_RANGE = 'vulnerableVersionRange'\nconst DRY_RUN_LABEL = '[DryRun]'\nconst DRY_RUN_BAIL_TEXT = `${DRY_RUN_LABEL}: Bailing now`\nconst LOCK_EXT = '.lock'\nconst MODULE_SYNC = 'module-sync'\nconst NPM_INJECTION = 'npm-injection'\nconst NPM_REGISTRY_URL = 'https://registry.npmjs.org'\nconst NPX = 'npx'\nconst PNPM = 'pnpm'\nconst REDACTED = '<redacted>'\nconst REQUIRE = 'require'\nconst SHADOW_BIN = 'shadow-bin'\nconst SOCKET = 'socket'\nconst SOCKET_CLI_DEBUG = 'SOCKET_CLI_DEBUG'\nconst SOCKET_CLI_FIX = 'SOCKET_CLI_FIX'\nconst SOCKET_CLI_ISSUES_URL = 'https://github.com/SocketDev/socket-cli/issues'\nconst SOCKET_CLI_LEGACY_BUILD = 'SOCKET_CLI_LEGACY_BUILD'\nconst SOCKET_CLI_NO_API_TOKEN = 'SOCKET_CLI_NO_API_TOKEN'\nconst SOCKET_CLI_OPTIMIZE = 'SOCKET_CLI_OPTIMIZE'\nconst SOCKET_CLI_PUBLISHED_BUILD = 'SOCKET_CLI_PUBLISHED_BUILD'\nconst SOCKET_CLI_SAFE_WRAPPER = 'SOCKET_CLI_SAFE_WRAPPER'\nconst SOCKET_CLI_SENTRY_BUILD = 'SOCKET_CLI_SENTRY_BUILD'\nconst SOCKET_CLI_SHOW_BANNER = 'SOCKET_CLI_SHOW_BANNER'\nconst SOCKET_CLI_VERSION_HASH = 'SOCKET_CLI_VERSION_HASH'\nconst VLT = 'vlt'\nconst YARN = 'yarn'\nconst YARN_BERRY = `${YARN}/berry`\nconst YARN_CLASSIC = `${YARN}/classic`\n\nlet _Sentry: any\n\nconst LAZY_BATCH_PURL_ENDPOINT = () => {\n const query = new URLSearchParams()\n query.append('alerts', 'true')\n query.append('compact', 'true')\n return `${API_V0_URL}/purl?${query}`\n}\n\nconst LAZY_DIST_TYPE = () =>\n registryConstants.SUPPORTS_NODE_REQUIRE_MODULE ? MODULE_SYNC : REQUIRE\n\nconst LAZY_ENV = () => {\n const { env } = process\n // We inline some environment values so that they CANNOT be influenced by user\n // provided environment variables.\n return Object.freeze({\n // Lazily access registryConstants.ENV.\n ...registryConstants.ENV,\n // Flag set to help debug Socket CLI.\n [SOCKET_CLI_DEBUG]: envAsBoolean(env[SOCKET_CLI_DEBUG]),\n // Inlined flag set to determine if this is the Legacy build.\n // The '@rollup/plugin-replace' will replace \"process.env[SOCKET_CLI_LEGACY_BUILD]\".\n [SOCKET_CLI_LEGACY_BUILD]: process.env[SOCKET_CLI_LEGACY_BUILD],\n // Flag set to make the default API token `undefined`.\n [SOCKET_CLI_NO_API_TOKEN]: envAsBoolean(env[SOCKET_CLI_NO_API_TOKEN]),\n // Inlined flag set to determine if this is a published build.\n // The '@rollup/plugin-replace' will replace \"process.env[SOCKET_CLI_PUBLISHED_BUILD]\".\n [SOCKET_CLI_PUBLISHED_BUILD]: process.env[SOCKET_CLI_PUBLISHED_BUILD],\n // Inlined flag set to determine if this is the Sentry build.\n // The '@rollup/plugin-replace' will replace \"process.env[SOCKET_CLI_SENTRY_BUILD]\".\n [SOCKET_CLI_SENTRY_BUILD]: process.env[SOCKET_CLI_SENTRY_BUILD],\n // Flag set to toggle the informative ASCII art banner.\n [SOCKET_CLI_SHOW_BANNER]: envAsBoolean(env[SOCKET_CLI_SHOW_BANNER]),\n // Inlined flag set to determine the version hash of the build.\n // The '@rollup/plugin-replace' will replace \"process.env[SOCKET_CLI_VERSION_HASH]\".\n [SOCKET_CLI_VERSION_HASH]: process.env[SOCKET_CLI_VERSION_HASH]\n })\n}\n\nconst lazyBashRcPath = () =>\n // Lazily access constants.homePath.\n path.join(constants.homePath, '.bashrc')\n\nconst lazyCdxgenBinPath = () =>\n // Lazily access constants.nmBinPath.\n path.join(constants.nmBinPath, 'cdxgen')\n\nconst lazyDistPath = () =>\n // Lazily access constants.rootDistPath and constants.DIST_TYPE.\n path.join(constants.rootDistPath, constants.DIST_TYPE)\n\nconst lazyHomePath = () => os.homedir()\n\nconst lazyInstrumentWithSentryPath = () =>\n // Lazily access constants.rootDistPath.\n path.join(constants.rootDistPath, 'instrument-with-sentry.js')\n\nconst lazyNmBinPath = () =>\n // Lazily access constants.rootPath.\n path.join(constants.rootPath, `${NODE_MODULES}/.bin`)\n\nconst lazyNpmInjectionPath = () =>\n // Lazily access constants.distPath.\n path.join(constants.distPath, `${NPM_INJECTION}.js`)\n\nconst lazyRootBinPath = () =>\n // Lazily access constants.rootPath.\n path.join(constants.rootPath, 'bin')\n\nconst lazyRootDistPath = () =>\n // Lazily access constants.rootPath.\n path.join(constants.rootPath, 'dist')\n\nconst lazyRootPath = () =>\n // The '@rollup/plugin-replace' will replace \"process.env.['VITEST']\" with `false` and\n // it will be dead code eliminated by Rollup.\n path.resolve(\n realpathSync.native(__dirname),\n process.env['SOCKET_CLI_TEST_DIST_BUILD'] ? '../..' : '..'\n )\n\nconst lazyRootPkgJsonPath = () =>\n // Lazily access constants.rootPath.\n path.join(constants.rootPath, PACKAGE_JSON)\n\nconst lazyShadowBinPath = () =>\n // Lazily access constants.rootPath.\n path.join(constants.rootPath, SHADOW_BIN)\n\nconst lazySynpBinPath = () =>\n // Lazily access constants.nmBinPath.\n path.join(constants.nmBinPath, 'synp')\n\nconst lazyZshRcPath = () =>\n // Lazily access constants.homePath.\n path.join(constants.homePath, '.zshrc')\n\nconst constants = <Constants>createConstantsObject(\n {\n ALERT_TYPE_CRITICAL_CVE,\n ALERT_TYPE_CVE,\n ALERT_TYPE_MEDIUM_CVE,\n ALERT_TYPE_MILD_CVE,\n ALERT_TYPE_SOCKET_UPGRADE_AVAILABLE,\n API_V0_URL,\n BABEL_RUNTIME,\n // Lazily defined values are initialized as `undefined` to keep their key order.\n BATCH_PURL_ENDPOINT: undefined,\n BINARY_LOCK_EXT,\n BUN,\n CLI,\n CVE_ALERT_PROPS_FIRST_PATCHED_VERSION_IDENTIFIER,\n CVE_ALERT_PROPS_VULNERABLE_VERSION_RANGE,\n DIST_TYPE: undefined,\n DRY_RUN_LABEL,\n DRY_RUN_BAIL_TEXT,\n ENV: undefined,\n LOCK_EXT,\n MODULE_SYNC,\n NPM_INJECTION,\n NPM_REGISTRY_URL,\n NPX,\n PNPM,\n REDACTED,\n REQUIRE,\n SHADOW_BIN,\n SOCKET,\n SOCKET_CLI_DEBUG,\n SOCKET_CLI_FIX,\n SOCKET_CLI_ISSUES_URL,\n SOCKET_CLI_LEGACY_BUILD,\n SOCKET_CLI_NO_API_TOKEN,\n SOCKET_CLI_OPTIMIZE,\n SOCKET_CLI_PUBLISHED_BUILD,\n SOCKET_CLI_SAFE_WRAPPER,\n SOCKET_CLI_SENTRY_BUILD,\n SOCKET_CLI_SHOW_BANNER,\n SOCKET_CLI_VERSION_HASH,\n VLT,\n YARN,\n YARN_BERRY,\n YARN_CLASSIC,\n bashRcPath: undefined,\n cdxgenBinPath: undefined,\n distPath: undefined,\n homePath: undefined,\n instrumentWithSentryPath: undefined,\n nmBinPath: undefined,\n npmInjectionPath: undefined,\n rootBinPath: undefined,\n rootDistPath: undefined,\n rootPath: undefined,\n rootPkgJsonPath: undefined,\n shadowBinPath: undefined,\n synpBinPath: undefined,\n zshRcPath: undefined\n },\n {\n getters: {\n BATCH_PURL_ENDPOINT: LAZY_BATCH_PURL_ENDPOINT,\n DIST_TYPE: LAZY_DIST_TYPE,\n ENV: LAZY_ENV,\n bashRcPath: lazyBashRcPath,\n distPath: lazyDistPath,\n cdxgenBinPath: lazyCdxgenBinPath,\n homePath: lazyHomePath,\n instrumentWithSentryPath: lazyInstrumentWithSentryPath,\n nmBinPath: lazyNmBinPath,\n npmInjectionPath: lazyNpmInjectionPath,\n rootBinPath: lazyRootBinPath,\n rootDistPath: lazyRootDistPath,\n rootPath: lazyRootPath,\n rootPkgJsonPath: lazyRootPkgJsonPath,\n shadowBinPath: lazyShadowBinPath,\n synpBinPath: lazySynpBinPath,\n zshRcPath: lazyZshRcPath\n },\n internals: {\n getSentry() {\n return _Sentry\n },\n setSentry(Sentry: Sentry): boolean {\n if (_Sentry === undefined) {\n _Sentry = Sentry\n return true\n }\n return false\n }\n },\n mixin: registryConstants\n }\n)\n\nexport default constants\n"],"names":["createConstantsObject","query","env","path","constants","BATCH_PURL_ENDPOINT","DIST_TYPE","ENV","bashRcPath","cdxgenBinPath","distPath","homePath","instrumentWithSentryPath","nmBinPath","npmInjectionPath","rootBinPath","rootDistPath","rootPath","rootPkgJsonPath","shadowBinPath","synpBinPath","zshRcPath","getters","internals","getSentry","_Sentry","mixin"],"mappings":";;;;;;;;;AAUA;;;;AAIE;AACEA;AACF;AACF;AAwGA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAEA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAEA;AAEA;AACE;AACAC;AACAA;AACA;AACF;AAEA;AAGA;;AACUC;AAAI;AACZ;AACA;;AAEE;;AAEA;;AAEA;AACA;AACA;AACA;;AAEA;AACA;AACA;AACA;AACA;AACA;AACA;;AAEA;AACA;AACA;AACF;AACF;AAEA;AACE;AACAC;AAEF;AACE;AACAA;AAEF;AACE;AACAA;AAEF;AAEA;AACE;AACAA;AAEF;AACE;AACAA;AAEF;AACE;AACAA;AAEF;AACE;AACAA;AAEF;AACE;AACAA;AAEF;AACE;AACA;AACAA;AAKF;AACE;AACAA;AAEF;AACE;AACAA;AAEF;AACE;AACAA;AAEF;AACE;AACAA;AAEIC;;;;;;;;AASF;AACAC;;;;;;AAMAC;;;AAGAC;;;;;;;;;;;;;;;;;;;;;;;;;;AA0BAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACF;AAEEC;AACEjB;AACAC;AACAC;AACAC;AACAE;AACAD;AACAE;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;;AAEFE;AACEC;AACE;;;;AAIEC;AACA;AACF;AACA;AACF;;AAEFC;AACF;;","debugId":"1e08178e-cc0e-442b-8aa8-79e70903ef03"}
1
+ {"version":3,"file":"constants.js","sources":["../../src/constants.ts"],"sourcesContent":["import { realpathSync } from 'node:fs'\nimport os from 'node:os'\nimport path from 'node:path'\nimport process from 'node:process'\n\nimport registryConstants from '@socketsecurity/registry/lib/constants'\nimport { envAsBoolean } from '@socketsecurity/registry/lib/env'\n\nimport type { Remap } from '@socketsecurity/registry/lib/objects'\n\nconst {\n NODE_MODULES,\n PACKAGE_JSON,\n kInternalsSymbol,\n [kInternalsSymbol as unknown as 'Symbol(kInternalsSymbol)']: {\n createConstantsObject\n }\n} = registryConstants\n\ntype RegistryEnv = typeof registryConstants.ENV\n\ntype RegistryInternals = (typeof registryConstants)['Symbol(kInternalsSymbol)']\n\ntype Sentry = any\n\ntype Internals = Remap<\n Omit<RegistryInternals, 'getIPC'> &\n Readonly<{\n getIPC: {\n (): Promise<IPC>\n <K extends keyof IPC | undefined>(\n key?: K | undefined\n ): Promise<K extends keyof IPC ? IPC[K] : IPC>\n }\n getSentry: () => Sentry\n setSentry(Sentry: Sentry): boolean\n }>\n>\n\ntype ENV = Remap<\n RegistryEnv &\n Readonly<{\n SOCKET_CLI_DEBUG: boolean\n SOCKET_CLI_LEGACY_BUILD: boolean\n SOCKET_CLI_NO_API_TOKEN: boolean\n SOCKET_CLI_PUBLISHED_BUILD: boolean\n SOCKET_CLI_SENTRY_BUILD: boolean\n SOCKET_CLI_SHOW_BANNER: boolean\n SOCKET_CLI_VERSION_HASH: string\n }>\n>\n\ntype IPC = Readonly<{\n SOCKET_CLI_FIX?: string | undefined\n SOCKET_CLI_OPTIMIZE?: boolean | undefined\n SOCKET_CLI_SAFE_WRAPPER?: boolean | undefined\n}>\n\ntype Constants = Remap<\n Omit<typeof registryConstants, 'Symbol(kInternalsSymbol)' | 'ENV' | 'IPC'> & {\n readonly 'Symbol(kInternalsSymbol)': Internals\n readonly ALERT_TYPE_CRITICAL_CVE: 'criticalCVE'\n readonly ALERT_TYPE_CVE: 'cve'\n readonly ALERT_TYPE_MEDIUM_CVE: 'mediumCVE'\n readonly ALERT_TYPE_MILD_CVE: 'mildCVE'\n readonly ALERT_TYPE_SOCKET_UPGRADE_AVAILABLE: 'socketUpgradeAvailable'\n readonly API_V0_URL: 'https://api.socket.dev/v0'\n readonly BABEL_RUNTIME: '@babel/runtime'\n readonly BATCH_PURL_ENDPOINT: 'https://api.socket.dev/v0/purl?alerts=true&compact=true'\n readonly BINARY_LOCK_EXT: '.lockb'\n readonly BUN: 'bun'\n readonly CLI: 'cli'\n readonly CVE_ALERT_PROPS_FIRST_PATCHED_VERSION_IDENTIFIER: 'firstPatchedVersionIdentifier'\n readonly CVE_ALERT_PROPS_VULNERABLE_VERSION_RANGE: 'vulnerableVersionRange'\n readonly ENV: ENV\n readonly DIST_TYPE: 'module-sync' | 'require'\n readonly DRY_RUN_LABEL: '[DryRun]'\n readonly DRY_RUN_BAIL_TEXT: '[DryRun] Bailing now'\n readonly IPC: IPC\n readonly LOCK_EXT: '.lock'\n readonly MODULE_SYNC: 'module-sync'\n readonly NPM_INJECTION: 'npm-injection'\n readonly NPM_REGISTRY_URL: 'https://registry.npmjs.org'\n readonly NPX: 'npx'\n readonly PNPM: 'pnpm'\n readonly REDACTED: '<redacted>'\n readonly REQUIRE: 'require'\n readonly SHADOW_BIN: 'shadow-bin'\n readonly SOCKET: 'socket'\n readonly SOCKET_CLI_DEBUG: 'SOCKET_CLI_DEBUG'\n readonly SOCKET_CLI_FIX: 'SOCKET_CLI_FIX'\n readonly SOCKET_CLI_ISSUES_URL: 'https://github.com/SocketDev/socket-cli/issues'\n readonly SOCKET_CLI_LEGACY_BUILD: 'SOCKET_CLI_LEGACY_BUILD'\n readonly SOCKET_CLI_NO_API_TOKEN: 'SOCKET_CLI_NO_API_TOKEN'\n readonly SOCKET_CLI_OPTIMIZE: 'SOCKET_CLI_OPTIMIZE'\n readonly SOCKET_CLI_PUBLISHED_BUILD: 'SOCKET_CLI_PUBLISHED_BUILD'\n readonly SOCKET_CLI_SAFE_WRAPPER: 'SOCKET_CLI_SAFE_WRAPPER'\n readonly SOCKET_CLI_SENTRY_BUILD: 'SOCKET_CLI_SENTRY_BUILD'\n readonly SOCKET_CLI_SHOW_BANNER: 'SOCKET_CLI_SHOW_BANNER'\n readonly SOCKET_CLI_VERSION_HASH: 'SOCKET_CLI_VERSION_HASH'\n readonly VLT: 'vlt'\n readonly YARN: 'yarn'\n readonly YARN_BERRY: 'yarn/berry'\n readonly YARN_CLASSIC: 'yarn/classic'\n readonly bashRcPath: string\n readonly cdxgenBinPath: string\n readonly distPath: string\n readonly homePath: string\n readonly instrumentWithSentryPath: string\n readonly nmBinPath: string\n readonly npmInjectionPath: string\n readonly rootBinPath: string\n readonly rootDistPath: string\n readonly rootPath: string\n readonly rootPkgJsonPath: string\n readonly shadowBinPath: string\n readonly synpBinPath: string\n readonly zshRcPath: string\n }\n>\n\nconst ALERT_TYPE_CRITICAL_CVE = 'criticalCVE'\nconst ALERT_TYPE_CVE = 'cve'\nconst ALERT_TYPE_MEDIUM_CVE = 'mediumCVE'\nconst ALERT_TYPE_MILD_CVE = 'mildCVE'\nconst ALERT_TYPE_SOCKET_UPGRADE_AVAILABLE = 'socketUpgradeAvailable'\nconst API_V0_URL = 'https://api.socket.dev/v0'\nconst BABEL_RUNTIME = '@babel/runtime'\nconst BINARY_LOCK_EXT = '.lockb'\nconst BUN = 'bun'\nconst CLI = 'cli'\nconst CVE_ALERT_PROPS_FIRST_PATCHED_VERSION_IDENTIFIER =\n 'firstPatchedVersionIdentifier'\nconst CVE_ALERT_PROPS_VULNERABLE_VERSION_RANGE = 'vulnerableVersionRange'\nconst DRY_RUN_LABEL = '[DryRun]'\nconst DRY_RUN_BAIL_TEXT = `${DRY_RUN_LABEL}: Bailing now`\nconst LOCK_EXT = '.lock'\nconst MODULE_SYNC = 'module-sync'\nconst NPM_INJECTION = 'npm-injection'\nconst NPM_REGISTRY_URL = 'https://registry.npmjs.org'\nconst NPX = 'npx'\nconst PNPM = 'pnpm'\nconst REDACTED = '<redacted>'\nconst REQUIRE = 'require'\nconst SHADOW_BIN = 'shadow-bin'\nconst SOCKET = 'socket'\nconst SOCKET_CLI_DEBUG = 'SOCKET_CLI_DEBUG'\nconst SOCKET_CLI_FIX = 'SOCKET_CLI_FIX'\nconst SOCKET_CLI_ISSUES_URL = 'https://github.com/SocketDev/socket-cli/issues'\nconst SOCKET_CLI_LEGACY_BUILD = 'SOCKET_CLI_LEGACY_BUILD'\nconst SOCKET_CLI_NO_API_TOKEN = 'SOCKET_CLI_NO_API_TOKEN'\nconst SOCKET_CLI_OPTIMIZE = 'SOCKET_CLI_OPTIMIZE'\nconst SOCKET_CLI_PUBLISHED_BUILD = 'SOCKET_CLI_PUBLISHED_BUILD'\nconst SOCKET_CLI_SAFE_WRAPPER = 'SOCKET_CLI_SAFE_WRAPPER'\nconst SOCKET_CLI_SENTRY_BUILD = 'SOCKET_CLI_SENTRY_BUILD'\nconst SOCKET_CLI_SHOW_BANNER = 'SOCKET_CLI_SHOW_BANNER'\nconst SOCKET_CLI_VERSION_HASH = 'SOCKET_CLI_VERSION_HASH'\nconst VLT = 'vlt'\nconst YARN = 'yarn'\nconst YARN_BERRY = `${YARN}/berry`\nconst YARN_CLASSIC = `${YARN}/classic`\n\nlet _Sentry: any\n\nconst LAZY_BATCH_PURL_ENDPOINT = () => {\n const query = new URLSearchParams()\n query.append('alerts', 'true')\n query.append('compact', 'true')\n return `${API_V0_URL}/purl?${query}`\n}\n\nconst LAZY_DIST_TYPE = () =>\n registryConstants.SUPPORTS_NODE_REQUIRE_MODULE ? MODULE_SYNC : REQUIRE\n\nconst LAZY_ENV = () => {\n const { env } = process\n // We inline some environment values so that they CANNOT be influenced by user\n // provided environment variables.\n return Object.freeze({\n // Lazily access registryConstants.ENV.\n ...registryConstants.ENV,\n // Flag set to help debug Socket CLI.\n [SOCKET_CLI_DEBUG]: envAsBoolean(env[SOCKET_CLI_DEBUG]),\n // Inlined flag set to determine if this is the Legacy build.\n // The '@rollup/plugin-replace' will replace \"process.env[SOCKET_CLI_LEGACY_BUILD]\".\n [SOCKET_CLI_LEGACY_BUILD]: process.env[SOCKET_CLI_LEGACY_BUILD],\n // Flag set to make the default API token `undefined`.\n [SOCKET_CLI_NO_API_TOKEN]: envAsBoolean(env[SOCKET_CLI_NO_API_TOKEN]),\n // Inlined flag set to determine if this is a published build.\n // The '@rollup/plugin-replace' will replace \"process.env[SOCKET_CLI_PUBLISHED_BUILD]\".\n [SOCKET_CLI_PUBLISHED_BUILD]: process.env[SOCKET_CLI_PUBLISHED_BUILD],\n // Inlined flag set to determine if this is the Sentry build.\n // The '@rollup/plugin-replace' will replace \"process.env[SOCKET_CLI_SENTRY_BUILD]\".\n [SOCKET_CLI_SENTRY_BUILD]: process.env[SOCKET_CLI_SENTRY_BUILD],\n // Flag set to toggle the informative ASCII art banner.\n [SOCKET_CLI_SHOW_BANNER]: envAsBoolean(env[SOCKET_CLI_SHOW_BANNER]),\n // Inlined flag set to determine the version hash of the build.\n // The '@rollup/plugin-replace' will replace \"process.env[SOCKET_CLI_VERSION_HASH]\".\n [SOCKET_CLI_VERSION_HASH]: process.env[SOCKET_CLI_VERSION_HASH]\n })\n}\n\nconst lazyBashRcPath = () =>\n // Lazily access constants.homePath.\n path.join(constants.homePath, '.bashrc')\n\nconst lazyCdxgenBinPath = () =>\n // Lazily access constants.nmBinPath.\n path.join(constants.nmBinPath, 'cdxgen')\n\nconst lazyDistPath = () =>\n // Lazily access constants.rootDistPath and constants.DIST_TYPE.\n path.join(constants.rootDistPath, constants.DIST_TYPE)\n\nconst lazyHomePath = () => os.homedir()\n\nconst lazyInstrumentWithSentryPath = () =>\n // Lazily access constants.rootDistPath.\n path.join(constants.rootDistPath, 'instrument-with-sentry.js')\n\nconst lazyNmBinPath = () =>\n // Lazily access constants.rootPath.\n path.join(constants.rootPath, `${NODE_MODULES}/.bin`)\n\nconst lazyNpmInjectionPath = () =>\n // Lazily access constants.distPath.\n path.join(constants.distPath, `${NPM_INJECTION}.js`)\n\nconst lazyRootBinPath = () =>\n // Lazily access constants.rootPath.\n path.join(constants.rootPath, 'bin')\n\nconst lazyRootDistPath = () =>\n // Lazily access constants.rootPath.\n path.join(constants.rootPath, 'dist')\n\nconst lazyRootPath = () =>\n // The '@rollup/plugin-replace' will replace \"process.env.['VITEST']\" with `false` and\n // it will be dead code eliminated by Rollup.\n path.resolve(\n realpathSync.native(__dirname),\n process.env['SOCKET_CLI_TEST_DIST_BUILD'] ? '../..' : '..'\n )\n\nconst lazyRootPkgJsonPath = () =>\n // Lazily access constants.rootPath.\n path.join(constants.rootPath, PACKAGE_JSON)\n\nconst lazyShadowBinPath = () =>\n // Lazily access constants.rootPath.\n path.join(constants.rootPath, SHADOW_BIN)\n\nconst lazySynpBinPath = () =>\n // Lazily access constants.nmBinPath.\n path.join(constants.nmBinPath, 'synp')\n\nconst lazyZshRcPath = () =>\n // Lazily access constants.homePath.\n path.join(constants.homePath, '.zshrc')\n\nconst constants = <Constants>createConstantsObject(\n {\n ALERT_TYPE_CRITICAL_CVE,\n ALERT_TYPE_CVE,\n ALERT_TYPE_MEDIUM_CVE,\n ALERT_TYPE_MILD_CVE,\n ALERT_TYPE_SOCKET_UPGRADE_AVAILABLE,\n API_V0_URL,\n BABEL_RUNTIME,\n // Lazily defined values are initialized as `undefined` to keep their key order.\n BATCH_PURL_ENDPOINT: undefined,\n BINARY_LOCK_EXT,\n BUN,\n CLI,\n CVE_ALERT_PROPS_FIRST_PATCHED_VERSION_IDENTIFIER,\n CVE_ALERT_PROPS_VULNERABLE_VERSION_RANGE,\n DIST_TYPE: undefined,\n DRY_RUN_LABEL,\n DRY_RUN_BAIL_TEXT,\n ENV: undefined,\n LOCK_EXT,\n MODULE_SYNC,\n NPM_INJECTION,\n NPM_REGISTRY_URL,\n NPX,\n PNPM,\n REDACTED,\n REQUIRE,\n SHADOW_BIN,\n SOCKET,\n SOCKET_CLI_DEBUG,\n SOCKET_CLI_FIX,\n SOCKET_CLI_ISSUES_URL,\n SOCKET_CLI_LEGACY_BUILD,\n SOCKET_CLI_NO_API_TOKEN,\n SOCKET_CLI_OPTIMIZE,\n SOCKET_CLI_PUBLISHED_BUILD,\n SOCKET_CLI_SAFE_WRAPPER,\n SOCKET_CLI_SENTRY_BUILD,\n SOCKET_CLI_SHOW_BANNER,\n SOCKET_CLI_VERSION_HASH,\n VLT,\n YARN,\n YARN_BERRY,\n YARN_CLASSIC,\n bashRcPath: undefined,\n cdxgenBinPath: undefined,\n distPath: undefined,\n homePath: undefined,\n instrumentWithSentryPath: undefined,\n nmBinPath: undefined,\n npmInjectionPath: undefined,\n rootBinPath: undefined,\n rootDistPath: undefined,\n rootPath: undefined,\n rootPkgJsonPath: undefined,\n shadowBinPath: undefined,\n synpBinPath: undefined,\n zshRcPath: undefined\n },\n {\n getters: {\n BATCH_PURL_ENDPOINT: LAZY_BATCH_PURL_ENDPOINT,\n DIST_TYPE: LAZY_DIST_TYPE,\n ENV: LAZY_ENV,\n bashRcPath: lazyBashRcPath,\n distPath: lazyDistPath,\n cdxgenBinPath: lazyCdxgenBinPath,\n homePath: lazyHomePath,\n instrumentWithSentryPath: lazyInstrumentWithSentryPath,\n nmBinPath: lazyNmBinPath,\n npmInjectionPath: lazyNpmInjectionPath,\n rootBinPath: lazyRootBinPath,\n rootDistPath: lazyRootDistPath,\n rootPath: lazyRootPath,\n rootPkgJsonPath: lazyRootPkgJsonPath,\n shadowBinPath: lazyShadowBinPath,\n synpBinPath: lazySynpBinPath,\n zshRcPath: lazyZshRcPath\n },\n internals: {\n getSentry() {\n return _Sentry\n },\n setSentry(Sentry: Sentry): boolean {\n if (_Sentry === undefined) {\n _Sentry = Sentry\n return true\n }\n return false\n }\n },\n mixin: registryConstants\n }\n)\n\nexport default constants\n"],"names":["createConstantsObject","query","env","path","constants","BATCH_PURL_ENDPOINT","DIST_TYPE","ENV","bashRcPath","cdxgenBinPath","distPath","homePath","instrumentWithSentryPath","nmBinPath","npmInjectionPath","rootBinPath","rootDistPath","rootPath","rootPkgJsonPath","shadowBinPath","synpBinPath","zshRcPath","getters","internals","getSentry","_Sentry","mixin"],"mappings":";;;;;;;;;AAUA;;;;AAIE;AACEA;AACF;AACF;AAwGA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAEA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAEA;AAEA;AACE;AACAC;AACAA;AACA;AACF;AAEA;AAGA;;AACUC;AAAI;AACZ;AACA;;AAEE;;AAEA;;AAEA;AACA;AACA;AACA;;AAEA;AACA;AACA;AACA;AACA;AACA;AACA;;AAEA;AACA;AACA;AACF;AACF;AAEA;AACE;AACAC;AAEF;AACE;AACAA;AAEF;AACE;AACAA;AAEF;AAEA;AACE;AACAA;AAEF;AACE;AACAA;AAEF;AACE;AACAA;AAEF;AACE;AACAA;AAEF;AACE;AACAA;AAEF;AACE;AACA;AACAA;AAKF;AACE;AACAA;AAEF;AACE;AACAA;AAEF;AACE;AACAA;AAEF;AACE;AACAA;AAEIC;;;;;;;;AASF;AACAC;;;;;;AAMAC;;;AAGAC;;;;;;;;;;;;;;;;;;;;;;;;;;AA0BAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACF;AAEEC;AACEjB;AACAC;AACAC;AACAC;AACAE;AACAD;AACAE;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;;AAEFE;AACEC;AACE;;;;AAIEC;AACA;AACF;AACA;AACF;;AAEFC;AACF;;","debugId":"bd130086-d631-467f-876d-3d82d433148d"}
package/dist/module-sync/cli.js CHANGED
@@ -43,7 +43,7 @@ var packages = require('@socketsecurity/registry/lib/packages');
43
43
  var registryConstants = require('@socketsecurity/registry/lib/constants');
44
44
  var isInteractive = require('@socketregistry/is-interactive/index.cjs');
45
45
  var terminalLink = _socketInterop(require('terminal-link'));
46
- var spawn = _socketInterop(require('@npmcli/promise-spawn'));
46
+ var spawn = require('@socketsecurity/registry/lib/spawn');
47
47
  var npa = _socketInterop(require('npm-package-arg'));
48
48
  var semver = _socketInterop(require('semver'));
49
49
  var tinyglobby = _socketInterop(require('tinyglobby'));
@@ -55,14 +55,12 @@ var sorts = require('@socketsecurity/registry/lib/sorts');
55
55
  var strings = require('@socketsecurity/registry/lib/strings');
56
56
  var yaml = _socketInterop(require('yaml'));
57
57
  var debug = require('@socketsecurity/registry/lib/debug');
58
- var npm$1 = require('./npm.js');
59
58
  var npmPaths = require('./npm-paths.js');
60
59
  var betterAjvErrors = _socketInterop(require('@apideck/better-ajv-errors'));
61
60
  var config$A = require('@socketsecurity/config');
62
61
  var assert = require('node:assert');
63
62
  var readline = require('node:readline/promises');
64
63
  var open = _socketInterop(require('open'));
65
- var node_child_process = require('node:child_process');
66
64
  var TableWidget = _socketInterop(require('blessed-contrib/lib/widget/table'));
67
65
  var readline$1 = require('node:readline');
68
66
 
@@ -1520,7 +1518,7 @@ function meowOrExit({
1520
1518
  }
1521
1519
  function getAsciiHeader(command) {
1522
1520
  const cliVersion = // The '@rollup/plugin-replace' will replace "process.env['SOCKET_CLI_VERSION_HASH']".
1523
- "0.14.52:709a145:a25834aa:pub";
1521
+ "0.14.53:e7fcb39:b1cdb520:pub";
1524
1522
  const nodeVersion = process.version;
1525
1523
  const apiToken = index.getSetting('apiToken');
1526
1524
  const shownToken = apiToken ? getLastFiveOfApiToken(apiToken) : 'no';
@@ -2941,8 +2939,6 @@ function applyLogin(apiToken, enforcedOrgs, apiBaseUrl, apiProxy) {
2941
2939
  index.updateSetting('apiProxy', apiProxy);
2942
2940
  }
2943
2941
 
2944
- // TODO: this type should come from a general Socket REST API type doc
2945
-
2946
2942
  const {
2947
2943
  SOCKET_PUBLIC_API_TOKEN
2948
2944
  } = constants;
@@ -3154,7 +3150,7 @@ async function convertGradleToMaven(target, bin, _out, verbose, gradleOpts) {
3154
3150
  if (verbose) {
3155
3151
  spinner.log('[VERBOSE] Executing:', bin, commandArgs);
3156
3152
  }
3157
- const output = await spawn(bin, commandArgs, {
3153
+ const output = await spawn.spawn(bin, commandArgs, {
3158
3154
  cwd: target || '.'
3159
3155
  });
3160
3156
  spinner.stop();
@@ -3388,7 +3384,7 @@ async function convertSbtToMaven(target, bin, out, verbose, sbtOpts) {
3388
3384
  // we can upload them and predict them through the GitHub API. We could do a
3389
3385
  // .socket folder. We could do a socket.pom.gz with all the poms, although
3390
3386
  // I'd prefer something plain-text if it is to be committed.
3391
- const output = await spawn(bin, ['makePom'].concat(sbtOpts), {
3387
+ const output = await spawn.spawn(bin, ['makePom'].concat(sbtOpts), {
3392
3388
  cwd: target || '.'
3393
3389
  });
3394
3390
  spinner.stop();
@@ -4067,7 +4063,7 @@ async function getAgentVersion(agentExecPath, cwd) {
4067
4063
  try {
4068
4064
  result = semver.coerce(
4069
4065
  // All package managers support the "--version" flag.
4070
- (await spawn(agentExecPath, ['--version'], {
4066
+ (await spawn.spawn(agentExecPath, ['--version'], {
4071
4067
  cwd
4072
4068
  })).stdout) ?? undefined;
4073
4069
  } catch {}
@@ -4122,7 +4118,7 @@ const readLockFileByAgent = (() => {
4122
4118
  // To print a Yarn lockfile to your console without writing it to disk
4123
4119
  // use `bun bun.lockb`.
4124
4120
  // https://bun.sh/guides/install/yarnlock
4125
- return (await spawn(agentExecPath, [lockPath])).stdout.trim();
4121
+ return (await spawn.spawn(agentExecPath, [lockPath])).stdout.trim();
4126
4122
  }
4127
4123
  return undefined;
4128
4124
  }),
@@ -4521,7 +4517,7 @@ function parseableToQueryStdout(stdout) {
4521
4517
  async function npmQuery(npmExecPath, cwd) {
4522
4518
  let stdout = '';
4523
4519
  try {
4524
- stdout = (await spawn(npmExecPath, ['query', ':not(.dev)'], {
4520
+ stdout = (await spawn.spawn(npmExecPath, ['query', ':not(.dev)'], {
4525
4521
  cwd
4526
4522
  })).stdout;
4527
4523
  } catch {}
@@ -4531,7 +4527,7 @@ async function lsBun(agentExecPath, cwd) {
4531
4527
  try {
4532
4528
  // Bun does not support filtering by production packages yet.
4533
4529
  // https://github.com/oven-sh/bun/issues/8283
4534
- return (await spawn(agentExecPath, ['pm', 'ls', '--all'], {
4530
+ return (await spawn.spawn(agentExecPath, ['pm', 'ls', '--all'], {
4535
4531
  cwd
4536
4532
  })).stdout;
4537
4533
  } catch {}
@@ -4550,7 +4546,7 @@ async function lsPnpm(agentExecPath, cwd, options) {
4550
4546
  }
4551
4547
  let stdout = '';
4552
4548
  try {
4553
- stdout = (await spawn(agentExecPath, ['ls', '--parseable', '--prod', '--depth', 'Infinity'], {
4549
+ stdout = (await spawn.spawn(agentExecPath, ['ls', '--parseable', '--prod', '--depth', 'Infinity'], {
4554
4550
  cwd
4555
4551
  })).stdout;
4556
4552
  } catch {}
@@ -4559,7 +4555,7 @@ async function lsPnpm(agentExecPath, cwd, options) {
4559
4555
  async function lsVlt(agentExecPath, cwd) {
4560
4556
  let stdout = '';
4561
4557
  try {
4562
- stdout = (await spawn(agentExecPath, ['ls', '--view', 'human', ':not(.dev)'], {
4558
+ stdout = (await spawn.spawn(agentExecPath, ['ls', '--view', 'human', ':not(.dev)'], {
4563
4559
  cwd
4564
4560
  })).stdout;
4565
4561
  } catch {}
@@ -4570,7 +4566,7 @@ async function lsYarnBerry(agentExecPath, cwd) {
4570
4566
  return (
4571
4567
  // Yarn Berry does not support filtering by production packages yet.
4572
4568
  // https://github.com/yarnpkg/berry/issues/5117
4573
- (await spawn(agentExecPath, ['info', '--recursive', '--name-only'], {
4569
+ (await spawn.spawn(agentExecPath, ['info', '--recursive', '--name-only'], {
4574
4570
  cwd
4575
4571
  })).stdout.trim()
4576
4572
  );
@@ -4583,7 +4579,7 @@ async function lsYarnClassic(agentExecPath, cwd) {
4583
4579
  // https://github.com/yarnpkg/yarn/releases/tag/v1.0.0
4584
4580
  // > Fix: Excludes dev dependencies from the yarn list output when the
4585
4581
  // environment is production
4586
- return (await spawn(agentExecPath, ['list', '--prod'], {
4582
+ return (await spawn.spawn(agentExecPath, ['list', '--prod'], {
4587
4583
  cwd
4588
4584
  })).stdout.trim();
4589
4585
  } catch {}
@@ -4708,14 +4704,73 @@ function pnpmUpdatePkgJson(editablePkgJson, overrides) {
4708
4704
  }
4709
4705
  const updateManifestByAgent = new Map([[BUN, updateResolutions], [NPM$4, updateOverrides], [PNPM$1, pnpmUpdatePkgJson], [VLT, updateOverrides], [YARN_BERRY, updateResolutions], [YARN_CLASSIC$1, updateResolutions]]);
4710
4706
 
4707
+ const {
4708
+ SOCKET_IPC_HANDSHAKE
4709
+ } = constants;
4710
+ function safeNpmInstall(options) {
4711
+ const {
4712
+ args = [],
4713
+ ipc,
4714
+ spinner,
4715
+ ...spawnOptions
4716
+ } = {
4717
+ __proto__: null,
4718
+ ...options
4719
+ };
4720
+ const terminatorPos = args.indexOf('--');
4721
+ const npmArgs = (terminatorPos === -1 ? args : args.slice(0, terminatorPos)).filter(a => !npm.isAuditFlag(a) && !npm.isFundFlag(a) && !npm.isProgressFlag(a));
4722
+ const otherArgs = terminatorPos === -1 ? [] : args.slice(terminatorPos);
4723
+ const useIpc = objects.isObject(ipc);
4724
+ const useDebug = debug.isDebug();
4725
+ const isSilent = !useDebug && !npmArgs.some(npm.isLoglevelFlag);
4726
+ const spawnPromise = spawn.spawn(
4727
+ // Lazily access constants.execPath.
4728
+ constants.execPath, [
4729
+ // Lazily access constants.nodeNoWarningsFlags.
4730
+ ...constants.nodeNoWarningsFlags, '--require',
4731
+ // Lazily access constants.npmInjectionPath.
4732
+ constants.npmInjectionPath, npmPaths.getNpmBinPath(), 'install',
4733
+ // Even though the '--silent' flag is passed npm will still run through
4734
+ // code paths for 'audit' and 'fund' unless '--no-audit' and '--no-fund'
4735
+ // flags are passed.
4736
+ '--no-audit', '--no-fund',
4737
+ // Add `--no-progress` and `--silent` flags to fix input being swallowed
4738
+ // by the spinner when running the command with recent versions of npm.
4739
+ '--no-progress',
4740
+ // Add the '--silent' flag if a loglevel flag is not provided and the
4741
+ // SOCKET_CLI_DEBUG environment variable is not truthy.
4742
+ ...(isSilent ? ['--silent'] : []), ...npmArgs, ...otherArgs], {
4743
+ spinner,
4744
+ // Set stdio to include 'ipc'.
4745
+ // See https://github.com/nodejs/node/blob/v23.6.0/lib/child_process.js#L161-L166
4746
+ // and https://github.com/nodejs/node/blob/v23.6.0/lib/internal/child_process.js#L238.
4747
+ stdio: isSilent ?
4748
+ // 'ignore'
4749
+ useIpc ? ['ignore', 'ignore', 'ignore', 'ipc'] : 'ignore' :
4750
+ // 'inherit'
4751
+ useIpc ? [0, 1, 2, 'ipc'] : 'inherit',
4752
+ ...spawnOptions,
4753
+ env: {
4754
+ ...process$1.env,
4755
+ ...spawnOptions.env
4756
+ }
4757
+ });
4758
+ if (useIpc) {
4759
+ spawnPromise.process.send({
4760
+ [SOCKET_IPC_HANDSHAKE]: ipc
4761
+ });
4762
+ }
4763
+ return spawnPromise;
4764
+ }
4765
+
4711
4766
  const {
4712
4767
  NPM: NPM$3,
4713
- abortSignal: abortSignal$2
4768
+ abortSignal
4714
4769
  } = constants;
4715
4770
  function runAgentInstall(agent, agentExecPath, options) {
4716
4771
  // All package managers support the "install" command.
4717
4772
  if (agent === NPM$3) {
4718
- return npm$1.safeNpmInstall(options);
4773
+ return safeNpmInstall(options);
4719
4774
  }
4720
4775
  const {
4721
4776
  args = [],
@@ -4726,12 +4781,9 @@ function runAgentInstall(agent, agentExecPath, options) {
4726
4781
  ...options
4727
4782
  };
4728
4783
  const isSilent = !debug.isDebug();
4729
- const isSpinning = spinner?.isSpinning ?? false;
4730
- if (!isSilent) {
4731
- spinner?.stop();
4732
- }
4733
- let spawnPromise = spawn(agentExecPath, ['install', ...args], {
4734
- signal: abortSignal$2,
4784
+ return spawn.spawn(agentExecPath, ['install', ...args], {
4785
+ signal: abortSignal,
4786
+ spinner,
4735
4787
  stdio: isSilent ? 'ignore' : 'inherit',
4736
4788
  ...spawnOptions,
4737
4789
  env: {
@@ -4739,22 +4791,12 @@ function runAgentInstall(agent, agentExecPath, options) {
4739
4791
  ...spawnOptions.env
4740
4792
  }
4741
4793
  });
4742
- if (!isSilent && isSpinning) {
4743
- const oldSpawnPromise = spawnPromise;
4744
- spawnPromise = spawnPromise.finally(() => {
4745
- spinner?.start();
4746
- });
4747
- spawnPromise.process = oldSpawnPromise.process;
4748
- spawnPromise.stdin = spawnPromise.stdin;
4749
- }
4750
- return spawnPromise;
4751
4794
  }
4752
4795
 
4753
4796
  const {
4754
4797
  NPM: NPM$2
4755
4798
  } = constants;
4756
4799
  const COMMAND_TITLE$1 = 'Socket Optimize';
4757
- const NPM_OVERRIDE_PR_URL = 'https://github.com/npm/cli/pull/8089';
4758
4800
  async function updatePackageLockJson(pkgEnvDetails, options) {
4759
4801
  const {
4760
4802
  logger,
@@ -4770,7 +4812,7 @@ async function updatePackageLockJson(pkgEnvDetails, options) {
4770
4812
  });
4771
4813
  spinner?.stop();
4772
4814
  if (pkgEnvDetails.agent === NPM$2) {
4773
- logger?.log(`💡 Re-run ${COMMAND_TITLE$1} whenever ${pkgEnvDetails.lockName} changes.\n This can be skipped once npm ships ${NPM_OVERRIDE_PR_URL}.`);
4815
+ logger?.log(`💡 Re-run ${COMMAND_TITLE$1} whenever ${pkgEnvDetails.lockName} changes.\n This can be skipped once npm v11.2.0 is released.`);
4774
4816
  }
4775
4817
  } catch (e) {
4776
4818
  spinner?.stop();
@@ -5184,19 +5226,12 @@ async function run$g(argv, importMeta, {
5184
5226
  await getOrganization(json ? 'json' : markdown ? 'markdown' : 'text');
5185
5227
  }
5186
5228
 
5187
- const {
5188
- abortSignal: abortSignal$1
5189
- } = constants;
5190
5229
  async function runRawNpm(argv) {
5191
- const spawnPromise = spawn(npmPaths.getNpmBinPath(), argv.slice(0), {
5192
- signal: abortSignal$1,
5230
+ const spawnPromise = spawn.spawn(npmPaths.getNpmBinPath(), argv, {
5193
5231
  stdio: 'inherit'
5194
5232
  });
5195
5233
  // See https://nodejs.org/api/all.html#all_child_process_event-exit.
5196
5234
  spawnPromise.process.on('exit', (code, signalName) => {
5197
- if (abortSignal$1.aborted) {
5198
- return;
5199
- }
5200
5235
  if (signalName) {
5201
5236
  process$1.kill(process$1.pid, signalName);
5202
5237
  } else if (code !== null) {
@@ -5248,19 +5283,12 @@ async function run$f(argv, importMeta, {
5248
5283
  await runRawNpm(argv);
5249
5284
  }
5250
5285
 
5251
- const {
5252
- abortSignal
5253
- } = constants;
5254
5286
  async function runRawNpx(argv) {
5255
- const spawnPromise = spawn(npmPaths.getNpxBinPath(), argv, {
5256
- signal: abortSignal,
5287
+ const spawnPromise = spawn.spawn(npmPaths.getNpxBinPath(), argv, {
5257
5288
  stdio: 'inherit'
5258
5289
  });
5259
5290
  // See https://nodejs.org/api/all.html#all_child_process_event-exit.
5260
5291
  spawnPromise.process.on('exit', (code, signalName) => {
5261
- if (abortSignal.aborted) {
5262
- return;
5263
- }
5264
5292
  if (signalName) {
5265
5293
  process$1.kill(process$1.pid, signalName);
5266
5294
  } else if (code !== null) {
@@ -6344,7 +6372,7 @@ function dirNameToSlug(name) {
6344
6372
  }
6345
6373
 
6346
6374
  async function suggestBranchSlug(repoDefaultBranch) {
6347
- const spawnResult = node_child_process.spawnSync('git', ['branch', '--show-current']);
6375
+ const spawnResult = spawn.spawnSync('git', ['branch', '--show-current']);
6348
6376
  const currentBranch = spawnResult.stdout.toString('utf8').trim();
6349
6377
  if (currentBranch && spawnResult.status === 0) {
6350
6378
  const proceed = await prompts.select({
@@ -7490,5 +7518,5 @@ void (async () => {
7490
7518
  await index.captureException(e);
7491
7519
  }
7492
7520
  })();
7493
- //# debugId=10d9d626-91e3-4f77-a5fd-f8a9b2249aa
7521
+ //# debugId=81bdecc8-019c-471b-9b60-621850fd7160
7494
7522
  //# sourceMappingURL=cli.js.map