socket 0.14.61 → 0.14.63

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (16) hide show
  1. package/bin/cli.js +1 -0
  2. package/dist/constants.d.ts +26 -25
  3. package/dist/constants.js +27 -4
  4. package/dist/constants.js.map +1 -1
  5. package/dist/module-sync/cli.js +1975 -2052
  6. package/dist/module-sync/cli.js.map +1 -1
  7. package/dist/module-sync/cmd.d.ts +4 -0
  8. package/dist/module-sync/fs.d.ts +22 -0
  9. package/dist/module-sync/package-environment.d.ts +56 -0
  10. package/dist/module-sync/shadow-npm-inject.js +38 -27
  11. package/dist/module-sync/shadow-npm-inject.js.map +1 -1
  12. package/dist/require/cli.js +1975 -2051
  13. package/dist/require/cli.js.map +1 -1
  14. package/dist/require/vendor.js +1 -2414
  15. package/dist/require/vendor.js.map +1 -1
  16. package/package.json +22 -31
package/bin/cli.js CHANGED
@@ -46,6 +46,7 @@ if (
46
46
  if (signalName) {
47
47
  process.kill(process.pid, signalName)
48
48
  } else if (code !== null) {
49
+ // eslint-disable-next-line n/no-process-exit
49
50
  process.exit(code)
50
51
  }
51
52
  })
package/dist/constants.d.ts CHANGED
@@ -1,11 +1,12 @@
1
1
  /// <reference types="node" />
2
2
  import registryConstants from '@socketsecurity/registry/lib/constants';
3
+ import { Agent } from "./package-environment.js";
3
4
  import { Remap } from '@socketsecurity/registry/lib/objects';
4
5
  type RegistryEnv = typeof registryConstants.ENV;
5
6
  type RegistryInternals = (typeof registryConstants)['Symbol(kInternalsSymbol)'];
6
7
  type Sentry = any;
7
- type Internals = Remap<Omit<RegistryInternals, 'getIPC'> & Readonly<{
8
- getIPC: {
8
+ type Internals = Remap<Omit<RegistryInternals, 'getIpc'> & Readonly<{
9
+ getIpc: {
9
10
  (): Promise<IPC>;
10
11
  <K extends keyof IPC | undefined>(key?: K | undefined): Promise<K extends keyof IPC ? IPC[K] : IPC>;
11
12
  };
@@ -22,20 +23,10 @@ type IPC = Readonly<{
22
23
  SOCKET_CLI_SAFE_WRAPPER?: string | undefined;
23
24
  }>;
24
25
  declare const constants: {
25
- readonly CI: "CI";
26
26
  readonly [kInternalsSymbol]: registryConstants.Internals;
27
- readonly NODE_MODULES: "node_modules";
28
- readonly NPM: "npm";
29
- readonly NPX: "npx";
30
- readonly SOCKET_SECURITY_SCOPE: "@socketsecurity";
31
- readonly kInternalsSymbol: unique symbol;
32
- readonly NODE_AUTH_TOKEN: "NODE_AUTH_TOKEN";
33
- readonly NODE_ENV: "NODE_ENV";
34
- readonly PRE_COMMIT: "PRE_COMMIT";
35
- readonly TAP: "TAP";
36
- readonly VITEST: "VITEST";
37
27
  readonly AT_LATEST: "@latest";
38
28
  readonly BIOME_JSON: "biome.json";
29
+ readonly CI: "CI";
39
30
  readonly COLUMN_LIMIT: 80;
40
31
  readonly EMPTY_FILE: "/* empty */\n";
41
32
  readonly ESLINT_CONFIG_JS: "eslint.config.js";
@@ -44,7 +35,7 @@ declare const constants: {
44
35
  readonly EXT_PS1: ".ps1";
45
36
  readonly EXTENSIONS: "extensions";
46
37
  readonly EXTENSIONS_JSON: "extensions.json";
47
- readonly GIT_IGNORE: ".gitignore";
38
+ readonly GITIGNORE: ".gitignore";
48
39
  readonly HIDDEN_PACKAGE_LOCK_JSON: ".package-lock.json";
49
40
  readonly LATEST: "latest";
50
41
  readonly LICENSE: "LICENSE";
@@ -56,15 +47,21 @@ declare const constants: {
56
47
  readonly LOOP_SENTINEL: 1000000;
57
48
  readonly MANIFEST_JSON: "manifest.json";
58
49
  readonly MIT: "MIT";
50
+ readonly NODE_AUTH_TOKEN: "NODE_AUTH_TOKEN";
51
+ readonly NODE_ENV: "NODE_ENV";
52
+ readonly NODE_MODULES: "node_modules";
59
53
  readonly NODE_MODULES_GLOB_RECURSIVE: "**/node_modules";
60
54
  readonly NODE_WORKSPACES: "node_workspaces";
61
55
  readonly NODE_VERSION: string;
56
+ readonly NPM: "npm";
57
+ readonly NPX: "npx";
62
58
  readonly OVERRIDES: "overrides";
63
59
  readonly PACKAGE_DEFAULT_SOCKET_CATEGORIES: readonly ["cleanup"];
64
60
  readonly PACKAGE_DEFAULT_NODE_RANGE: string;
65
61
  readonly PACKAGE_DEFAULT_VERSION: "1.0.0";
66
62
  readonly PACKAGE_JSON: "package.json";
67
63
  readonly PACKAGE_LOCK_JSON: "package-lock.json";
64
+ readonly PRE_COMMIT: "PRE_COMMIT";
68
65
  readonly README_GLOB: "README{.*,}";
69
66
  readonly README_GLOB_RECURSIVE: "**/README{.*,}";
70
67
  readonly README_MD: "README.md";
@@ -80,11 +77,13 @@ declare const constants: {
80
77
  readonly SOCKET_REGISTRY_PACKAGE_NAME: "@socketsecurity/registry";
81
78
  readonly SOCKET_REGISTRY_REPO_NAME: "socket-registry";
82
79
  readonly SOCKET_REGISTRY_SCOPE: "@socketregistry";
80
+ readonly SOCKET_SECURITY_SCOPE: "@socketsecurity";
83
81
  readonly SUPPORTS_NODE_DISABLE_WARNING_FLAG: boolean;
84
82
  readonly SUPPORTS_NODE_REQUIRE_MODULE: boolean;
85
83
  readonly SUPPORTS_NODE_RUN: boolean;
86
84
  readonly SUPPORTS_PROCESS_SEND: boolean;
87
- readonly TEMPLATE_CJS: "cjs";
85
+ readonly TAP: "TAP";
86
+ readonly TEMPLATE_CJS: "CJS";
88
87
  readonly TEMPLATE_CJS_BROWSER: "cjs-browser";
89
88
  readonly TEMPLATE_CJS_ESM: "cjs-esm";
90
89
  readonly TEMPLATE_ES_SHIM_CONSTRUCTOR: "es-shim-constructor";
@@ -95,27 +94,28 @@ declare const constants: {
95
94
  readonly UNLICENCED: "UNLICENCED";
96
95
  readonly UNLICENSED: "UNLICENSED";
97
96
  readonly UTF8: "utf8";
97
+ readonly VITEST: "VITEST";
98
98
  readonly WIN32: boolean;
99
99
  readonly abortController: AbortController;
100
100
  readonly abortSignal: AbortSignal;
101
101
  readonly copyLeftLicenses: ReadonlySet<string>;
102
102
  readonly execPath: string;
103
103
  readonly ignoreGlobs: readonly ["**/.git", "**/.npmrc", "**/bun.lockb?", "**/node_modules", "**/package-lock.json", "**/pnpm-lock.ya?ml", "**/yarn.lock", "**/.DS_Store", "**/.gitignore", "**/.hg", "**/.lock-wscript", "**/.npmignore", "**/.svn", "**/.wafpickle-*", "**/.*.swp", "**/._*/**", "**/archived-packages/**", "**/build/config.gypi", "**/CVS", "**/npm-debug.log", "**/*.orig", "**/.env", "**/.eslintcache", "**/.nvm", "**/.tap", "**/.tapci.yaml", "**/.vscode", "**/*.tsbuildinfo", "**/Thumbs.db"];
104
+ readonly kInternalsSymbol: unique symbol;
104
105
  readonly lifecycleScriptNames: ReadonlySet<string>;
105
- readonly maintainedNodeVersions: registryConstants.MaintainedNodeVersions;
106
- readonly nodeHardenFlags: readonly string[] & string[];
107
- readonly nodeNoWarningsFlags: readonly string[];
106
+ readonly maintainedNodeVersions: Readonly<MaintainedNodeVersions>;
107
+ readonly nodeHardenFlags: readonly ["--disable-proto", "delete", "--frozen-intrinsics", "--no-deprecation"] & string[];
108
+ readonly nodeNoWarningsFlags: readonly ["--disable-warning", "ExperimentalWarning"];
108
109
  readonly npmExecPath: string;
109
110
  readonly packageExtensions: readonly [string, object][];
110
111
  readonly packumentCache: Map<unknown, unknown>;
111
112
  readonly pacoteCachePath: string;
112
- readonly parseArgsConfig: registryConstants.ParseArgsConfig;
113
- readonly skipTestsByEcosystem: Readonly<Record<string, ReadonlySet<string>>>;
113
+ readonly parseArgsConfig: import("@socketsecurity/registry/lib/constants/parse-args-config");
114
+ readonly skipTestsByEcosystem: Map<string, ReadonlySet<string>>;
114
115
  readonly spinner: {
115
- clear: () => import("@socketregistry/yocto-spinner/index.cjs").Spinner;
116
- color: import("@socketregistry/yocto-spinner/index.cjs").Color;
117
- text: string;
118
- readonly isSpinning: boolean;
116
+ [x: string]: YoctoSpinner;
117
+ [x: number]: YoctoSpinner;
118
+ [x: symbol]: YoctoSpinner;
119
119
  error: (text?: string | undefined, ...extras: any[]) => any;
120
120
  errorAndStop: (text?: string | undefined, ...extras: any[]) => any;
121
121
  fail: (text?: string | undefined, ...extras: any[]) => any;
@@ -137,7 +137,7 @@ declare const constants: {
137
137
  };
138
138
  readonly tsLibsAvailable: ReadonlySet<string>;
139
139
  readonly tsTypesAvailable: ReadonlySet<string>;
140
- readonly win32EnsureTestsByEcosystem: Readonly<Record<string, ReadonlySet<string>>>;
140
+ readonly win32EnsureTestsByEcosystem: Map<string, ReadonlySet<string>>;
141
141
  readonly 'Symbol(kInternalsSymbol)': Internals;
142
142
  readonly ALERT_TYPE_CRITICAL_CVE: 'criticalCVE';
143
143
  readonly ALERT_TYPE_CVE: 'cve';
@@ -200,6 +200,7 @@ declare const constants: {
200
200
  readonly distShadowNpmBinPath: string;
201
201
  readonly distShadowNpmInjectPath: string;
202
202
  readonly homePath: string;
203
+ readonly minimumVersionByAgent: Map<Agent, string>;
203
204
  readonly nmBinPath: string;
204
205
  readonly rootBinPath: string;
205
206
  readonly rootDistPath: string;
package/dist/constants.js CHANGED
@@ -14,7 +14,8 @@ const {
14
14
  SOCKET_SECURITY_SCOPE,
15
15
  kInternalsSymbol,
16
16
  [kInternalsSymbol]: {
17
- createConstantsObject
17
+ createConstantsObject,
18
+ getIpc
18
19
  }
19
20
  } = registryConstants;
20
21
  const SOCKET = 'socket';
@@ -118,12 +119,31 @@ const lazyDistShadowNpmInjectPath = () =>
118
119
  // Lazily access constants.distPath.
119
120
  path.join(constants.distPath, `${SHADOW_NPM_INJECT}.js`);
120
121
  const lazyHomePath = () => os.homedir();
122
+ const lazyMinimumVersionByAgent = () => new Map([
123
+ // Bun >=1.1.39 supports the text-based lockfile.
124
+ // https://bun.sh/blog/bun-lock-text-lockfile
125
+ [BUN, '1.1.39'],
126
+ // The npm version bundled with Node 18.
127
+ // https://nodejs.org/en/about/previous-releases#looking-for-the-latest-release-of-a-version-branch
128
+ [NPM, '10.8.2'],
129
+ // 8.x is the earliest version to support Node 18.
130
+ // https://pnpm.io/installation#compatibility
131
+ // https://www.npmjs.com/package/pnpm?activeTab=versions
132
+ [PNPM, '8.15.9'],
133
+ // 4.x supports >= Node 18.12.0
134
+ // https://github.com/yarnpkg/berry/blob/%40yarnpkg/core/4.1.0/CHANGELOG.md#400
135
+ [YARN_BERRY, '4.0.0'],
136
+ // Latest 1.x.
137
+ // https://www.npmjs.com/package/yarn?activeTab=versions
138
+ [YARN_CLASSIC, '1.22.22'],
139
+ // vlt does not support overrides so we don't gate on it.
140
+ [VLT, '*']]);
121
141
  const lazyNmBinPath = () =>
122
142
  // Lazily access constants.rootPath.
123
143
  path.join(constants.rootPath, `${NODE_MODULES}/.bin`);
124
144
 
125
- // Redefine nodeHardenFlags to account for the INLINED_SOCKET_CLI_SENTRY_BUILD
126
- // environment variable.
145
+ // Redefine registryConstants.nodeHardenFlags to account for the
146
+ // INLINED_SOCKET_CLI_SENTRY_BUILD environment variable.
127
147
  const lazyNodeHardenFlags = () =>
128
148
  // The '@rollup/plugin-replace' will replace "process.env[INLINED_SOCKET_CLI_SENTRY_BUILD]".
129
149
  // Lazily access constants.WIN32.
@@ -210,6 +230,7 @@ const constants = createConstantsObject({
210
230
  distShadowNpmBinPath: undefined,
211
231
  distShadowNpmInjectPath: undefined,
212
232
  homePath: undefined,
233
+ minimumVersionByAgent: undefined,
213
234
  nmBinPath: undefined,
214
235
  nodeHardenFlags: undefined,
215
236
  rootBinPath: undefined,
@@ -229,6 +250,7 @@ const constants = createConstantsObject({
229
250
  distShadowNpmBinPath: lazyDistShadowNpmBinPath,
230
251
  distShadowNpmInjectPath: lazyDistShadowNpmInjectPath,
231
252
  homePath: lazyHomePath,
253
+ minimumVersionByAgent: lazyMinimumVersionByAgent,
232
254
  nmBinPath: lazyNmBinPath,
233
255
  nodeHardenFlags: lazyNodeHardenFlags,
234
256
  rootBinPath: lazyRootBinPath,
@@ -238,6 +260,7 @@ const constants = createConstantsObject({
238
260
  zshRcPath: lazyZshRcPath
239
261
  },
240
262
  internals: {
263
+ getIpc,
241
264
  getSentry() {
242
265
  return _Sentry;
243
266
  },
@@ -253,5 +276,5 @@ const constants = createConstantsObject({
253
276
  });
254
277
 
255
278
  module.exports = constants;
256
- //# debugId=16968434-d3ec-4acd-901f-58f39010dc80
279
+ //# debugId=3907c1b1-6857-44ea-a3e6-0f0145f3652a
257
280
  //# sourceMappingURL=constants.js.map
package/dist/constants.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"constants.js","sources":["../../src/constants.ts"],"sourcesContent":["import { realpathSync } from 'node:fs'\nimport os from 'node:os'\nimport path from 'node:path'\nimport process from 'node:process'\n\nimport registryConstants from '@socketsecurity/registry/lib/constants'\nimport { envAsBoolean } from '@socketsecurity/registry/lib/env'\n\nimport type { Remap } from '@socketsecurity/registry/lib/objects'\n\nconst {\n NODE_MODULES,\n NPM,\n NPX,\n SOCKET_SECURITY_SCOPE,\n kInternalsSymbol,\n [kInternalsSymbol as unknown as 'Symbol(kInternalsSymbol)']: {\n createConstantsObject\n }\n} = registryConstants\n\ntype RegistryEnv = typeof registryConstants.ENV\n\ntype RegistryInternals = (typeof registryConstants)['Symbol(kInternalsSymbol)']\n\ntype Sentry = any\n\ntype Internals = Remap<\n Omit<RegistryInternals, 'getIPC'> &\n Readonly<{\n getIPC: {\n (): Promise<IPC>\n <K extends keyof IPC | undefined>(\n key?: K | undefined\n ): Promise<K extends keyof IPC ? IPC[K] : IPC>\n }\n getSentry: () => Sentry\n setSentry(Sentry: Sentry): boolean\n }>\n>\n\ntype ENV = Remap<\n RegistryEnv &\n Readonly<{\n SOCKET_CLI_DEBUG: boolean\n SOCKET_CLI_NO_API_TOKEN: boolean\n }>\n>\n\ntype IPC = Readonly<{\n SOCKET_CLI_FIX?: string | undefined\n SOCKET_CLI_OPTIMIZE?: boolean | undefined\n SOCKET_CLI_SAFE_WRAPPER?: string | undefined\n}>\n\ntype Constants = Remap<\n Omit<typeof registryConstants, 'Symbol(kInternalsSymbol)' | 'ENV' | 'IPC'> & {\n readonly 'Symbol(kInternalsSymbol)': Internals\n readonly ALERT_TYPE_CRITICAL_CVE: 'criticalCVE'\n readonly ALERT_TYPE_CVE: 'cve'\n readonly ALERT_TYPE_MEDIUM_CVE: 'mediumCVE'\n readonly ALERT_TYPE_MILD_CVE: 'mildCVE'\n readonly ALERT_TYPE_SOCKET_UPGRADE_AVAILABLE: 'socketUpgradeAvailable'\n readonly API_V0_URL: 'https://api.socket.dev/v0'\n readonly BATCH_PURL_ENDPOINT: 'https://api.socket.dev/v0/purl?alerts=true&compact=true'\n readonly BINARY_LOCK_EXT: '.lockb'\n readonly BUN: 'bun'\n readonly CLI: 'cli'\n readonly CVE_ALERT_PROPS_FIRST_PATCHED_VERSION_IDENTIFIER: 'firstPatchedVersionIdentifier'\n readonly CVE_ALERT_PROPS_VULNERABLE_VERSION_RANGE: 'vulnerableVersionRange'\n readonly ENV: ENV\n readonly DIST_TYPE: 'module-sync' | 'require'\n readonly DRY_RUN_LABEL: '[DryRun]'\n readonly DRY_RUN_BAIL_TEXT: '[DryRun] Bailing now'\n readonly INLINED_SOCKET_CLI_LEGACY_BUILD: 'INLINED_SOCKET_CLI_LEGACY_BUILD'\n readonly INLINED_SOCKET_CLI_PUBLISHED_BUILD: 'INLINED_SOCKET_CLI_PUBLISHED_BUILD'\n readonly INLINED_SOCKET_CLI_SENTRY_BUILD: 'INLINED_SOCKET_CLI_SENTRY_BUILD'\n readonly IPC: IPC\n readonly LOCK_EXT: '.lock'\n readonly MODULE_SYNC: 'module-sync'\n readonly NPM_BUGGY_OVERRIDES_PATCHED_VERSION: '11.2.0'\n readonly NPM_REGISTRY_URL: 'https://registry.npmjs.org'\n readonly PNPM: 'pnpm'\n readonly REDACTED: '<redacted>'\n readonly REQUIRE: 'require'\n readonly SHADOW_NPM_BIN: 'shadow-bin'\n readonly SHADOW_NPM_INJECT: 'shadow-npm-inject'\n readonly SHADOW_NPM_PATHS: 'shadow-npm-paths'\n readonly SOCKET: 'socket'\n readonly SOCKET_CLI_BIN_NAME: 'socket'\n readonly SOCKET_CLI_BIN_NAME_ALIAS: 'cli'\n readonly SOCKET_CLI_DEBUG: 'SOCKET_CLI_DEBUG'\n readonly SOCKET_CLI_FIX: 'SOCKET_CLI_FIX'\n readonly SOCKET_CLI_ISSUES_URL: 'https://github.com/SocketDev/socket-cli/issues'\n readonly SOCKET_CLI_SENTRY_BIN_NAME_ALIAS: 'cli-with-sentry'\n readonly SOCKET_CLI_LEGACY_PACKAGE_NAME: '@socketsecurity/cli'\n readonly SOCKET_CLI_NO_API_TOKEN: 'SOCKET_CLI_NO_API_TOKEN'\n readonly SOCKET_CLI_NPM_BIN_NAME: 'socket-npm'\n readonly SOCKET_CLI_NPX_BIN_NAME: 'socket-npx'\n readonly SOCKET_CLI_OPTIMIZE: 'SOCKET_CLI_OPTIMIZE'\n readonly SOCKET_CLI_PACKAGE_NAME: 'socket'\n readonly SOCKET_CLI_SAFE_WRAPPER: 'SOCKET_CLI_SAFE_WRAPPER'\n readonly SOCKET_CLI_SENTRY_BIN_NAME: 'socket-with-sentry'\n readonly SOCKET_CLI_SENTRY_NPM_BIN_NAME: 'socket-npm-with-sentry'\n readonly SOCKET_CLI_SENTRY_NPX_BIN_NAME: 'socket-npx-with-sentry'\n readonly SOCKET_CLI_SENTRY_PACKAGE_NAME: '@socketsecurity/cli-with-sentry'\n readonly VLT: 'vlt'\n readonly WITH_SENTRY: 'with-sentry'\n readonly YARN: 'yarn'\n readonly YARN_BERRY: 'yarn/berry'\n readonly YARN_CLASSIC: 'yarn/classic'\n readonly YARN_LOCK: 'yarn.lock'\n readonly bashRcPath: string\n readonly distCliPath: string\n readonly distInstrumentWithSentryPath: string\n readonly distPath: string\n readonly distShadowNpmBinPath: string\n readonly distShadowNpmInjectPath: string\n readonly homePath: string\n readonly nmBinPath: string\n readonly nodeHardenFlags: string[]\n readonly rootBinPath: string\n readonly rootDistPath: string\n readonly rootPath: string\n readonly shadowBinPath: string\n readonly zshRcPath: string\n }\n>\n\nconst SOCKET = 'socket'\nconst WITH_SENTRY = 'with-sentry'\n\nconst ALERT_TYPE_CRITICAL_CVE = 'criticalCVE'\nconst ALERT_TYPE_CVE = 'cve'\nconst ALERT_TYPE_MEDIUM_CVE = 'mediumCVE'\nconst ALERT_TYPE_MILD_CVE = 'mildCVE'\nconst ALERT_TYPE_SOCKET_UPGRADE_AVAILABLE = 'socketUpgradeAvailable'\nconst API_V0_URL = 'https://api.socket.dev/v0'\nconst BINARY_LOCK_EXT = '.lockb'\nconst BUN = 'bun'\nconst CLI = 'cli'\nconst CVE_ALERT_PROPS_FIRST_PATCHED_VERSION_IDENTIFIER =\n 'firstPatchedVersionIdentifier'\nconst CVE_ALERT_PROPS_VULNERABLE_VERSION_RANGE = 'vulnerableVersionRange'\nconst DRY_RUN_LABEL = '[DryRun]'\nconst DRY_RUN_BAIL_TEXT = `${DRY_RUN_LABEL}: Bailing now`\nconst INLINED_SOCKET_CLI_LEGACY_BUILD = 'INLINED_SOCKET_CLI_LEGACY_BUILD'\nconst INLINED_SOCKET_CLI_PUBLISHED_BUILD = 'INLINED_SOCKET_CLI_PUBLISHED_BUILD'\nconst INLINED_SOCKET_CLI_SENTRY_BUILD = 'INLINED_SOCKET_CLI_SENTRY_BUILD'\nconst LOCK_EXT = '.lock'\nconst MODULE_SYNC = 'module-sync'\nconst NPM_BUGGY_OVERRIDES_PATCHED_VERSION = '11.2.0'\nconst NPM_REGISTRY_URL = 'https://registry.npmjs.org'\nconst PNPM = 'pnpm'\nconst REDACTED = '<redacted>'\nconst REQUIRE = 'require'\nconst SHADOW_NPM_BIN = 'shadow-bin'\nconst SHADOW_NPM_INJECT = 'shadow-npm-inject'\nconst SHADOW_NPM_PATHS = 'shadow-npm-paths'\nconst SOCKET_CLI_BIN_NAME = SOCKET\nconst SOCKET_CLI_BIN_NAME_ALIAS = CLI\nconst SOCKET_CLI_DEBUG = 'SOCKET_CLI_DEBUG'\nconst SOCKET_CLI_FIX = 'SOCKET_CLI_FIX'\nconst SOCKET_CLI_ISSUES_URL = 'https://github.com/SocketDev/socket-cli/issues'\nconst SOCKET_CLI_LEGACY_PACKAGE_NAME = `${SOCKET_SECURITY_SCOPE}/${CLI}`\nconst SOCKET_CLI_NO_API_TOKEN = 'SOCKET_CLI_NO_API_TOKEN'\nconst SOCKET_CLI_OPTIMIZE = 'SOCKET_CLI_OPTIMIZE'\nconst SOCKET_CLI_NPM_BIN_NAME = `${SOCKET}-${NPM}`\nconst SOCKET_CLI_NPX_BIN_NAME = `${SOCKET}-${NPX}`\nconst SOCKET_CLI_PACKAGE_NAME = SOCKET\nconst SOCKET_CLI_SAFE_WRAPPER = 'SOCKET_CLI_SAFE_WRAPPER'\nconst SOCKET_CLI_SENTRY_BIN_NAME = `${SOCKET_CLI_BIN_NAME}-${WITH_SENTRY}`\nconst SOCKET_CLI_SENTRY_BIN_NAME_ALIAS = `${SOCKET_CLI_BIN_NAME_ALIAS}-${WITH_SENTRY}`\nconst SOCKET_CLI_SENTRY_NPM_BIN_NAME = `${SOCKET_CLI_NPM_BIN_NAME}-${WITH_SENTRY}`\nconst SOCKET_CLI_SENTRY_NPX_BIN_NAME = `${SOCKET_CLI_NPX_BIN_NAME}-${WITH_SENTRY}`\nconst SOCKET_CLI_SENTRY_PACKAGE_NAME = `${SOCKET_CLI_LEGACY_PACKAGE_NAME}-${WITH_SENTRY}`\nconst VLT = 'vlt'\nconst YARN = 'yarn'\nconst YARN_BERRY = `${YARN}/berry`\nconst YARN_CLASSIC = `${YARN}/classic`\nconst YARN_LOCK = `${YARN}${LOCK_EXT}`\n\nlet _Sentry: any\n\nconst LAZY_BATCH_PURL_ENDPOINT = () => {\n const query = new URLSearchParams()\n query.append('alerts', 'true')\n query.append('compact', 'true')\n return `${API_V0_URL}/purl?${query}`\n}\n\nconst LAZY_DIST_TYPE = () =>\n registryConstants.SUPPORTS_NODE_REQUIRE_MODULE ? MODULE_SYNC : REQUIRE\n\nconst LAZY_ENV = () => {\n const { env } = process\n // We inline some environment values so that they CANNOT be influenced by user\n // provided environment variables.\n return Object.freeze({\n // Lazily access registryConstants.ENV.\n ...registryConstants.ENV,\n // Inlined flag set to determine if this is the Legacy build.\n // The '@rollup/plugin-replace' will replace \"process.env[INLINED_SOCKET_CLI_LEGACY_BUILD]\".\n [INLINED_SOCKET_CLI_LEGACY_BUILD]:\n process.env[INLINED_SOCKET_CLI_LEGACY_BUILD],\n // Inlined flag set to determine if this is a published build.\n // The '@rollup/plugin-replace' will replace \"process.env[INLINED_SOCKET_CLI_PUBLISHED_BUILD]\".\n [INLINED_SOCKET_CLI_PUBLISHED_BUILD]:\n process.env[INLINED_SOCKET_CLI_PUBLISHED_BUILD],\n // Inlined flag set to determine if this is the Sentry build.\n // The '@rollup/plugin-replace' will replace \"process.env[INLINED_SOCKET_CLI_SENTRY_BUILD]\".\n [INLINED_SOCKET_CLI_SENTRY_BUILD]:\n process.env[INLINED_SOCKET_CLI_SENTRY_BUILD],\n // Flag set to help debug Socket CLI.\n [SOCKET_CLI_DEBUG]: envAsBoolean(env[SOCKET_CLI_DEBUG]),\n // Flag set to make the default API token `undefined`.\n [SOCKET_CLI_NO_API_TOKEN]: envAsBoolean(env[SOCKET_CLI_NO_API_TOKEN])\n })\n}\n\nconst lazyBashRcPath = () =>\n // Lazily access constants.homePath.\n path.join(constants.homePath, '.bashrc')\n\nconst lazyDistCliPath = () =>\n // Lazily access constants.distPath.\n path.join(constants.distPath, 'cli.js')\n\nconst lazyDistInstrumentWithSentryPath = () =>\n // Lazily access constants.rootDistPath.\n path.join(constants.rootDistPath, 'instrument-with-sentry.js')\n\nconst lazyDistPath = () =>\n // Lazily access constants.rootDistPath and constants.DIST_TYPE.\n path.join(constants.rootDistPath, constants.DIST_TYPE)\n\nconst lazyDistShadowNpmBinPath = () =>\n // Lazily access constants.distPath.\n path.join(constants.distPath, `${SHADOW_NPM_BIN}.js`)\n\nconst lazyDistShadowNpmInjectPath = () =>\n // Lazily access constants.distPath.\n path.join(constants.distPath, `${SHADOW_NPM_INJECT}.js`)\n\nconst lazyHomePath = () => os.homedir()\n\nconst lazyNmBinPath = () =>\n // Lazily access constants.rootPath.\n path.join(constants.rootPath, `${NODE_MODULES}/.bin`)\n\n// Redefine nodeHardenFlags to account for the INLINED_SOCKET_CLI_SENTRY_BUILD\n// environment variable.\nconst lazyNodeHardenFlags = () =>\n // The '@rollup/plugin-replace' will replace \"process.env[INLINED_SOCKET_CLI_SENTRY_BUILD]\".\n // Lazily access constants.WIN32.\n process.env[INLINED_SOCKET_CLI_SENTRY_BUILD] || constants.WIN32\n ? []\n : // Harden Node security.\n // https://nodejs.org/en/learn/getting-started/security-best-practices\n // We have contributed the following patches to our dependencies to make\n // Node's --frozen-intrinsics workable.\n // √ https://github.com/SBoudrias/Inquirer.js/pull/1683\n // √ https://github.com/pnpm/components/pull/23\n ['--disable-proto', 'delete', '--frozen-intrinsics', '--no-deprecation']\n\nconst lazyRootBinPath = () =>\n // Lazily access constants.rootPath.\n path.join(constants.rootPath, 'bin')\n\nconst lazyRootDistPath = () =>\n // Lazily access constants.rootPath.\n path.join(constants.rootPath, 'dist')\n\nconst lazyRootPath = () =>\n // The '@rollup/plugin-replace' will replace \"process.env['INLINED_SOCKET_CLI_TEST_DIST_BUILD']\".\n path.join(\n realpathSync.native(__dirname),\n process.env['INLINED_SOCKET_CLI_TEST_DIST_BUILD'] ? '../..' : '..'\n )\n\nconst lazyShadowBinPath = () =>\n // Lazily access constants.rootPath.\n path.join(constants.rootPath, SHADOW_NPM_BIN)\n\nconst lazyZshRcPath = () =>\n // Lazily access constants.homePath.\n path.join(constants.homePath, '.zshrc')\n\nconst constants = createConstantsObject(\n {\n ALERT_TYPE_CRITICAL_CVE,\n ALERT_TYPE_CVE,\n ALERT_TYPE_MEDIUM_CVE,\n ALERT_TYPE_MILD_CVE,\n ALERT_TYPE_SOCKET_UPGRADE_AVAILABLE,\n API_V0_URL,\n // Lazily defined values are initialized as `undefined` to keep their key order.\n BATCH_PURL_ENDPOINT: undefined,\n BINARY_LOCK_EXT,\n BUN,\n CLI,\n CVE_ALERT_PROPS_FIRST_PATCHED_VERSION_IDENTIFIER,\n CVE_ALERT_PROPS_VULNERABLE_VERSION_RANGE,\n DIST_TYPE: undefined,\n DRY_RUN_LABEL,\n DRY_RUN_BAIL_TEXT,\n ENV: undefined,\n INLINED_SOCKET_CLI_LEGACY_BUILD,\n INLINED_SOCKET_CLI_PUBLISHED_BUILD,\n INLINED_SOCKET_CLI_SENTRY_BUILD,\n LOCK_EXT,\n MODULE_SYNC,\n NPM_BUGGY_OVERRIDES_PATCHED_VERSION,\n NPM_REGISTRY_URL,\n PNPM,\n REDACTED,\n REQUIRE,\n SHADOW_NPM_BIN,\n SHADOW_NPM_INJECT,\n SHADOW_NPM_PATHS,\n SOCKET,\n SOCKET_CLI_BIN_NAME,\n SOCKET_CLI_BIN_NAME_ALIAS,\n SOCKET_CLI_DEBUG,\n SOCKET_CLI_FIX,\n SOCKET_CLI_ISSUES_URL,\n SOCKET_CLI_SENTRY_BIN_NAME_ALIAS,\n SOCKET_CLI_LEGACY_PACKAGE_NAME,\n SOCKET_CLI_NO_API_TOKEN,\n SOCKET_CLI_OPTIMIZE,\n SOCKET_CLI_PACKAGE_NAME,\n SOCKET_CLI_SAFE_WRAPPER,\n SOCKET_CLI_SENTRY_BIN_NAME,\n SOCKET_CLI_SENTRY_NPM_BIN_NAME,\n SOCKET_CLI_SENTRY_NPX_BIN_NAME,\n SOCKET_CLI_SENTRY_PACKAGE_NAME,\n VLT,\n WITH_SENTRY,\n YARN,\n YARN_BERRY,\n YARN_CLASSIC,\n YARN_LOCK,\n bashRcPath: undefined,\n distCliPath: undefined,\n distInstrumentWithSentryPath: undefined,\n distPath: undefined,\n distShadowNpmBinPath: undefined,\n distShadowNpmInjectPath: undefined,\n homePath: undefined,\n nmBinPath: undefined,\n nodeHardenFlags: undefined,\n rootBinPath: undefined,\n rootDistPath: undefined,\n rootPath: undefined,\n shadowBinPath: undefined,\n zshRcPath: undefined\n },\n {\n getters: {\n BATCH_PURL_ENDPOINT: LAZY_BATCH_PURL_ENDPOINT,\n DIST_TYPE: LAZY_DIST_TYPE,\n ENV: LAZY_ENV,\n bashRcPath: lazyBashRcPath,\n distCliPath: lazyDistCliPath,\n distInstrumentWithSentryPath: lazyDistInstrumentWithSentryPath,\n distPath: lazyDistPath,\n distShadowNpmBinPath: lazyDistShadowNpmBinPath,\n distShadowNpmInjectPath: lazyDistShadowNpmInjectPath,\n homePath: lazyHomePath,\n nmBinPath: lazyNmBinPath,\n nodeHardenFlags: lazyNodeHardenFlags,\n rootBinPath: lazyRootBinPath,\n rootDistPath: lazyRootDistPath,\n rootPath: lazyRootPath,\n shadowBinPath: lazyShadowBinPath,\n zshRcPath: lazyZshRcPath\n },\n internals: {\n getSentry() {\n return _Sentry\n },\n setSentry(Sentry: Sentry): boolean {\n if (_Sentry === undefined) {\n _Sentry = Sentry\n return true\n }\n return false\n }\n },\n mixin: registryConstants\n }\n) as Constants\n\nexport default constants\n"],"names":["createConstantsObject","query","env","path","constants","BATCH_PURL_ENDPOINT","DIST_TYPE","ENV","bashRcPath","distCliPath","distInstrumentWithSentryPath","distPath","distShadowNpmBinPath","distShadowNpmInjectPath","homePath","nmBinPath","nodeHardenFlags","rootBinPath","rootDistPath","rootPath","shadowBinPath","zshRcPath","getters","internals","getSentry","_Sentry","mixin"],"mappings":";;;;;;;;;AAUA;;;;;;AAME;AACEA;AACF;AACF;AA8GA;AACA;AAEA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAEA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAEA;AAEA;AACE;AACAC;AACAA;AACA;AACF;AAEA;AAGA;;AACUC;AAAI;AACZ;AACA;;AAEE;;AAEA;AACA;AACA;AAEA;AACA;AACA;AAEA;AACA;AACA;AAEA;;AAEA;AACA;AACF;AACF;AAEA;AACE;AACAC;AAEF;AACE;AACAA;AAEF;AACE;AACAA;AAEF;AACE;AACAA;AAEF;AACE;AACAA;AAEF;AACE;AACAA;AAEF;AAEA;AACE;AACAA;;AAEF;AACA;AACA;AACE;AACA;AACgDC;AAE5C;AACA;AACA;AACA;AACA;AACA;AACA;AAEN;AACE;AACAD;AAEF;AACE;AACAA;AAEF;AACE;AACAA;AAKF;AACE;AACAA;AAEF;AACE;AACAA;AAEIC;;;;;;;AAQF;AACAC;;;;;;AAMAC;;;AAGAC;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAoCAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACF;AAEEC;AACEjB;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;;AAEFE;AACEC;AACE;;;;AAIEC;AACA;AACF;AACA;AACF;;AAEFC;AACF;;","debugId":"16968434-d3ec-4acd-901f-58f39010dc80"}
1
+ {"version":3,"file":"constants.js","sources":["../../src/constants.ts"],"sourcesContent":["import { realpathSync } from 'node:fs'\nimport os from 'node:os'\nimport path from 'node:path'\nimport process from 'node:process'\n\nimport registryConstants from '@socketsecurity/registry/lib/constants'\nimport { envAsBoolean } from '@socketsecurity/registry/lib/env'\n\nimport type { Agent } from './utils/package-environment'\nimport type { Remap } from '@socketsecurity/registry/lib/objects'\n\nconst {\n NODE_MODULES,\n NPM,\n NPX,\n SOCKET_SECURITY_SCOPE,\n kInternalsSymbol,\n [kInternalsSymbol as unknown as 'Symbol(kInternalsSymbol)']: {\n createConstantsObject,\n getIpc\n }\n} = registryConstants\n\ntype RegistryEnv = typeof registryConstants.ENV\n\ntype RegistryInternals = (typeof registryConstants)['Symbol(kInternalsSymbol)']\n\ntype Sentry = any\n\ntype Internals = Remap<\n Omit<RegistryInternals, 'getIpc'> &\n Readonly<{\n getIpc: {\n (): Promise<IPC>\n <K extends keyof IPC | undefined>(\n key?: K | undefined\n ): Promise<K extends keyof IPC ? IPC[K] : IPC>\n }\n getSentry: () => Sentry\n setSentry(Sentry: Sentry): boolean\n }>\n>\n\ntype ENV = Remap<\n RegistryEnv &\n Readonly<{\n SOCKET_CLI_DEBUG: boolean\n SOCKET_CLI_NO_API_TOKEN: boolean\n }>\n>\n\ntype IPC = Readonly<{\n SOCKET_CLI_FIX?: string | undefined\n SOCKET_CLI_OPTIMIZE?: boolean | undefined\n SOCKET_CLI_SAFE_WRAPPER?: string | undefined\n}>\n\ntype Constants = Remap<\n Omit<typeof registryConstants, 'Symbol(kInternalsSymbol)' | 'ENV' | 'IPC'> & {\n readonly 'Symbol(kInternalsSymbol)': Internals\n readonly ALERT_TYPE_CRITICAL_CVE: 'criticalCVE'\n readonly ALERT_TYPE_CVE: 'cve'\n readonly ALERT_TYPE_MEDIUM_CVE: 'mediumCVE'\n readonly ALERT_TYPE_MILD_CVE: 'mildCVE'\n readonly ALERT_TYPE_SOCKET_UPGRADE_AVAILABLE: 'socketUpgradeAvailable'\n readonly API_V0_URL: 'https://api.socket.dev/v0'\n readonly BATCH_PURL_ENDPOINT: 'https://api.socket.dev/v0/purl?alerts=true&compact=true'\n readonly BINARY_LOCK_EXT: '.lockb'\n readonly BUN: 'bun'\n readonly CLI: 'cli'\n readonly CVE_ALERT_PROPS_FIRST_PATCHED_VERSION_IDENTIFIER: 'firstPatchedVersionIdentifier'\n readonly CVE_ALERT_PROPS_VULNERABLE_VERSION_RANGE: 'vulnerableVersionRange'\n readonly ENV: ENV\n readonly DIST_TYPE: 'module-sync' | 'require'\n readonly DRY_RUN_LABEL: '[DryRun]'\n readonly DRY_RUN_BAIL_TEXT: '[DryRun] Bailing now'\n readonly INLINED_SOCKET_CLI_LEGACY_BUILD: 'INLINED_SOCKET_CLI_LEGACY_BUILD'\n readonly INLINED_SOCKET_CLI_PUBLISHED_BUILD: 'INLINED_SOCKET_CLI_PUBLISHED_BUILD'\n readonly INLINED_SOCKET_CLI_SENTRY_BUILD: 'INLINED_SOCKET_CLI_SENTRY_BUILD'\n readonly IPC: IPC\n readonly LOCK_EXT: '.lock'\n readonly MODULE_SYNC: 'module-sync'\n readonly NPM_BUGGY_OVERRIDES_PATCHED_VERSION: '11.2.0'\n readonly NPM_REGISTRY_URL: 'https://registry.npmjs.org'\n readonly PNPM: 'pnpm'\n readonly REDACTED: '<redacted>'\n readonly REQUIRE: 'require'\n readonly SHADOW_NPM_BIN: 'shadow-bin'\n readonly SHADOW_NPM_INJECT: 'shadow-npm-inject'\n readonly SHADOW_NPM_PATHS: 'shadow-npm-paths'\n readonly SOCKET: 'socket'\n readonly SOCKET_CLI_BIN_NAME: 'socket'\n readonly SOCKET_CLI_BIN_NAME_ALIAS: 'cli'\n readonly SOCKET_CLI_DEBUG: 'SOCKET_CLI_DEBUG'\n readonly SOCKET_CLI_FIX: 'SOCKET_CLI_FIX'\n readonly SOCKET_CLI_ISSUES_URL: 'https://github.com/SocketDev/socket-cli/issues'\n readonly SOCKET_CLI_SENTRY_BIN_NAME_ALIAS: 'cli-with-sentry'\n readonly SOCKET_CLI_LEGACY_PACKAGE_NAME: '@socketsecurity/cli'\n readonly SOCKET_CLI_NO_API_TOKEN: 'SOCKET_CLI_NO_API_TOKEN'\n readonly SOCKET_CLI_NPM_BIN_NAME: 'socket-npm'\n readonly SOCKET_CLI_NPX_BIN_NAME: 'socket-npx'\n readonly SOCKET_CLI_OPTIMIZE: 'SOCKET_CLI_OPTIMIZE'\n readonly SOCKET_CLI_PACKAGE_NAME: 'socket'\n readonly SOCKET_CLI_SAFE_WRAPPER: 'SOCKET_CLI_SAFE_WRAPPER'\n readonly SOCKET_CLI_SENTRY_BIN_NAME: 'socket-with-sentry'\n readonly SOCKET_CLI_SENTRY_NPM_BIN_NAME: 'socket-npm-with-sentry'\n readonly SOCKET_CLI_SENTRY_NPX_BIN_NAME: 'socket-npx-with-sentry'\n readonly SOCKET_CLI_SENTRY_PACKAGE_NAME: '@socketsecurity/cli-with-sentry'\n readonly VLT: 'vlt'\n readonly WITH_SENTRY: 'with-sentry'\n readonly YARN: 'yarn'\n readonly YARN_BERRY: 'yarn/berry'\n readonly YARN_CLASSIC: 'yarn/classic'\n readonly YARN_LOCK: 'yarn.lock'\n readonly bashRcPath: string\n readonly distCliPath: string\n readonly distInstrumentWithSentryPath: string\n readonly distPath: string\n readonly distShadowNpmBinPath: string\n readonly distShadowNpmInjectPath: string\n readonly homePath: string\n readonly minimumVersionByAgent: Map<Agent, string>\n readonly nmBinPath: string\n readonly nodeHardenFlags: string[]\n readonly rootBinPath: string\n readonly rootDistPath: string\n readonly rootPath: string\n readonly shadowBinPath: string\n readonly zshRcPath: string\n }\n>\n\nconst SOCKET = 'socket'\nconst WITH_SENTRY = 'with-sentry'\n\nconst ALERT_TYPE_CRITICAL_CVE = 'criticalCVE'\nconst ALERT_TYPE_CVE = 'cve'\nconst ALERT_TYPE_MEDIUM_CVE = 'mediumCVE'\nconst ALERT_TYPE_MILD_CVE = 'mildCVE'\nconst ALERT_TYPE_SOCKET_UPGRADE_AVAILABLE = 'socketUpgradeAvailable'\nconst API_V0_URL = 'https://api.socket.dev/v0'\nconst BINARY_LOCK_EXT = '.lockb'\nconst BUN = 'bun'\nconst CLI = 'cli'\nconst CVE_ALERT_PROPS_FIRST_PATCHED_VERSION_IDENTIFIER =\n 'firstPatchedVersionIdentifier'\nconst CVE_ALERT_PROPS_VULNERABLE_VERSION_RANGE = 'vulnerableVersionRange'\nconst DRY_RUN_LABEL = '[DryRun]'\nconst DRY_RUN_BAIL_TEXT = `${DRY_RUN_LABEL}: Bailing now`\nconst INLINED_SOCKET_CLI_LEGACY_BUILD = 'INLINED_SOCKET_CLI_LEGACY_BUILD'\nconst INLINED_SOCKET_CLI_PUBLISHED_BUILD = 'INLINED_SOCKET_CLI_PUBLISHED_BUILD'\nconst INLINED_SOCKET_CLI_SENTRY_BUILD = 'INLINED_SOCKET_CLI_SENTRY_BUILD'\nconst LOCK_EXT = '.lock'\nconst MODULE_SYNC = 'module-sync'\nconst NPM_BUGGY_OVERRIDES_PATCHED_VERSION = '11.2.0'\nconst NPM_REGISTRY_URL = 'https://registry.npmjs.org'\nconst PNPM = 'pnpm'\nconst REDACTED = '<redacted>'\nconst REQUIRE = 'require'\nconst SHADOW_NPM_BIN = 'shadow-bin'\nconst SHADOW_NPM_INJECT = 'shadow-npm-inject'\nconst SHADOW_NPM_PATHS = 'shadow-npm-paths'\nconst SOCKET_CLI_BIN_NAME = SOCKET\nconst SOCKET_CLI_BIN_NAME_ALIAS = CLI\nconst SOCKET_CLI_DEBUG = 'SOCKET_CLI_DEBUG'\nconst SOCKET_CLI_FIX = 'SOCKET_CLI_FIX'\nconst SOCKET_CLI_ISSUES_URL = 'https://github.com/SocketDev/socket-cli/issues'\nconst SOCKET_CLI_LEGACY_PACKAGE_NAME = `${SOCKET_SECURITY_SCOPE}/${CLI}`\nconst SOCKET_CLI_NO_API_TOKEN = 'SOCKET_CLI_NO_API_TOKEN'\nconst SOCKET_CLI_OPTIMIZE = 'SOCKET_CLI_OPTIMIZE'\nconst SOCKET_CLI_NPM_BIN_NAME = `${SOCKET}-${NPM}`\nconst SOCKET_CLI_NPX_BIN_NAME = `${SOCKET}-${NPX}`\nconst SOCKET_CLI_PACKAGE_NAME = SOCKET\nconst SOCKET_CLI_SAFE_WRAPPER = 'SOCKET_CLI_SAFE_WRAPPER'\nconst SOCKET_CLI_SENTRY_BIN_NAME = `${SOCKET_CLI_BIN_NAME}-${WITH_SENTRY}`\nconst SOCKET_CLI_SENTRY_BIN_NAME_ALIAS = `${SOCKET_CLI_BIN_NAME_ALIAS}-${WITH_SENTRY}`\nconst SOCKET_CLI_SENTRY_NPM_BIN_NAME = `${SOCKET_CLI_NPM_BIN_NAME}-${WITH_SENTRY}`\nconst SOCKET_CLI_SENTRY_NPX_BIN_NAME = `${SOCKET_CLI_NPX_BIN_NAME}-${WITH_SENTRY}`\nconst SOCKET_CLI_SENTRY_PACKAGE_NAME = `${SOCKET_CLI_LEGACY_PACKAGE_NAME}-${WITH_SENTRY}`\nconst VLT = 'vlt'\nconst YARN = 'yarn'\nconst YARN_BERRY = `${YARN}/berry`\nconst YARN_CLASSIC = `${YARN}/classic`\nconst YARN_LOCK = `${YARN}${LOCK_EXT}`\n\nlet _Sentry: any\n\nconst LAZY_BATCH_PURL_ENDPOINT = () => {\n const query = new URLSearchParams()\n query.append('alerts', 'true')\n query.append('compact', 'true')\n return `${API_V0_URL}/purl?${query}`\n}\n\nconst LAZY_DIST_TYPE = () =>\n registryConstants.SUPPORTS_NODE_REQUIRE_MODULE ? MODULE_SYNC : REQUIRE\n\nconst LAZY_ENV = () => {\n const { env } = process\n // We inline some environment values so that they CANNOT be influenced by user\n // provided environment variables.\n return Object.freeze({\n // Lazily access registryConstants.ENV.\n ...registryConstants.ENV,\n // Inlined flag set to determine if this is the Legacy build.\n // The '@rollup/plugin-replace' will replace \"process.env[INLINED_SOCKET_CLI_LEGACY_BUILD]\".\n [INLINED_SOCKET_CLI_LEGACY_BUILD]:\n process.env[INLINED_SOCKET_CLI_LEGACY_BUILD],\n // Inlined flag set to determine if this is a published build.\n // The '@rollup/plugin-replace' will replace \"process.env[INLINED_SOCKET_CLI_PUBLISHED_BUILD]\".\n [INLINED_SOCKET_CLI_PUBLISHED_BUILD]:\n process.env[INLINED_SOCKET_CLI_PUBLISHED_BUILD],\n // Inlined flag set to determine if this is the Sentry build.\n // The '@rollup/plugin-replace' will replace \"process.env[INLINED_SOCKET_CLI_SENTRY_BUILD]\".\n [INLINED_SOCKET_CLI_SENTRY_BUILD]:\n process.env[INLINED_SOCKET_CLI_SENTRY_BUILD],\n // Flag set to help debug Socket CLI.\n [SOCKET_CLI_DEBUG]: envAsBoolean(env[SOCKET_CLI_DEBUG]),\n // Flag set to make the default API token `undefined`.\n [SOCKET_CLI_NO_API_TOKEN]: envAsBoolean(env[SOCKET_CLI_NO_API_TOKEN])\n })\n}\n\nconst lazyBashRcPath = () =>\n // Lazily access constants.homePath.\n path.join(constants.homePath, '.bashrc')\n\nconst lazyDistCliPath = () =>\n // Lazily access constants.distPath.\n path.join(constants.distPath, 'cli.js')\n\nconst lazyDistInstrumentWithSentryPath = () =>\n // Lazily access constants.rootDistPath.\n path.join(constants.rootDistPath, 'instrument-with-sentry.js')\n\nconst lazyDistPath = () =>\n // Lazily access constants.rootDistPath and constants.DIST_TYPE.\n path.join(constants.rootDistPath, constants.DIST_TYPE)\n\nconst lazyDistShadowNpmBinPath = () =>\n // Lazily access constants.distPath.\n path.join(constants.distPath, `${SHADOW_NPM_BIN}.js`)\n\nconst lazyDistShadowNpmInjectPath = () =>\n // Lazily access constants.distPath.\n path.join(constants.distPath, `${SHADOW_NPM_INJECT}.js`)\n\nconst lazyHomePath = () => os.homedir()\n\nconst lazyMinimumVersionByAgent = () =>\n new Map([\n // Bun >=1.1.39 supports the text-based lockfile.\n // https://bun.sh/blog/bun-lock-text-lockfile\n [BUN, '1.1.39'],\n // The npm version bundled with Node 18.\n // https://nodejs.org/en/about/previous-releases#looking-for-the-latest-release-of-a-version-branch\n [NPM, '10.8.2'],\n // 8.x is the earliest version to support Node 18.\n // https://pnpm.io/installation#compatibility\n // https://www.npmjs.com/package/pnpm?activeTab=versions\n [PNPM, '8.15.9'],\n // 4.x supports >= Node 18.12.0\n // https://github.com/yarnpkg/berry/blob/%40yarnpkg/core/4.1.0/CHANGELOG.md#400\n [YARN_BERRY, '4.0.0'],\n // Latest 1.x.\n // https://www.npmjs.com/package/yarn?activeTab=versions\n [YARN_CLASSIC, '1.22.22'],\n // vlt does not support overrides so we don't gate on it.\n [VLT, '*']\n ])\n\nconst lazyNmBinPath = () =>\n // Lazily access constants.rootPath.\n path.join(constants.rootPath, `${NODE_MODULES}/.bin`)\n\n// Redefine registryConstants.nodeHardenFlags to account for the\n// INLINED_SOCKET_CLI_SENTRY_BUILD environment variable.\nconst lazyNodeHardenFlags = () =>\n // The '@rollup/plugin-replace' will replace \"process.env[INLINED_SOCKET_CLI_SENTRY_BUILD]\".\n // Lazily access constants.WIN32.\n process.env[INLINED_SOCKET_CLI_SENTRY_BUILD] || constants.WIN32\n ? []\n : // Harden Node security.\n // https://nodejs.org/en/learn/getting-started/security-best-practices\n // We have contributed the following patches to our dependencies to make\n // Node's --frozen-intrinsics workable.\n // √ https://github.com/SBoudrias/Inquirer.js/pull/1683\n // √ https://github.com/pnpm/components/pull/23\n ['--disable-proto', 'delete', '--frozen-intrinsics', '--no-deprecation']\n\nconst lazyRootBinPath = () =>\n // Lazily access constants.rootPath.\n path.join(constants.rootPath, 'bin')\n\nconst lazyRootDistPath = () =>\n // Lazily access constants.rootPath.\n path.join(constants.rootPath, 'dist')\n\nconst lazyRootPath = () =>\n // The '@rollup/plugin-replace' will replace \"process.env['INLINED_SOCKET_CLI_TEST_DIST_BUILD']\".\n path.join(\n realpathSync.native(__dirname),\n process.env['INLINED_SOCKET_CLI_TEST_DIST_BUILD'] ? '../..' : '..'\n )\n\nconst lazyShadowBinPath = () =>\n // Lazily access constants.rootPath.\n path.join(constants.rootPath, SHADOW_NPM_BIN)\n\nconst lazyZshRcPath = () =>\n // Lazily access constants.homePath.\n path.join(constants.homePath, '.zshrc')\n\nconst constants = createConstantsObject(\n {\n ALERT_TYPE_CRITICAL_CVE,\n ALERT_TYPE_CVE,\n ALERT_TYPE_MEDIUM_CVE,\n ALERT_TYPE_MILD_CVE,\n ALERT_TYPE_SOCKET_UPGRADE_AVAILABLE,\n API_V0_URL,\n // Lazily defined values are initialized as `undefined` to keep their key order.\n BATCH_PURL_ENDPOINT: undefined,\n BINARY_LOCK_EXT,\n BUN,\n CLI,\n CVE_ALERT_PROPS_FIRST_PATCHED_VERSION_IDENTIFIER,\n CVE_ALERT_PROPS_VULNERABLE_VERSION_RANGE,\n DIST_TYPE: undefined,\n DRY_RUN_LABEL,\n DRY_RUN_BAIL_TEXT,\n ENV: undefined,\n INLINED_SOCKET_CLI_LEGACY_BUILD,\n INLINED_SOCKET_CLI_PUBLISHED_BUILD,\n INLINED_SOCKET_CLI_SENTRY_BUILD,\n LOCK_EXT,\n MODULE_SYNC,\n NPM_BUGGY_OVERRIDES_PATCHED_VERSION,\n NPM_REGISTRY_URL,\n PNPM,\n REDACTED,\n REQUIRE,\n SHADOW_NPM_BIN,\n SHADOW_NPM_INJECT,\n SHADOW_NPM_PATHS,\n SOCKET,\n SOCKET_CLI_BIN_NAME,\n SOCKET_CLI_BIN_NAME_ALIAS,\n SOCKET_CLI_DEBUG,\n SOCKET_CLI_FIX,\n SOCKET_CLI_ISSUES_URL,\n SOCKET_CLI_SENTRY_BIN_NAME_ALIAS,\n SOCKET_CLI_LEGACY_PACKAGE_NAME,\n SOCKET_CLI_NO_API_TOKEN,\n SOCKET_CLI_OPTIMIZE,\n SOCKET_CLI_PACKAGE_NAME,\n SOCKET_CLI_SAFE_WRAPPER,\n SOCKET_CLI_SENTRY_BIN_NAME,\n SOCKET_CLI_SENTRY_NPM_BIN_NAME,\n SOCKET_CLI_SENTRY_NPX_BIN_NAME,\n SOCKET_CLI_SENTRY_PACKAGE_NAME,\n VLT,\n WITH_SENTRY,\n YARN,\n YARN_BERRY,\n YARN_CLASSIC,\n YARN_LOCK,\n bashRcPath: undefined,\n distCliPath: undefined,\n distInstrumentWithSentryPath: undefined,\n distPath: undefined,\n distShadowNpmBinPath: undefined,\n distShadowNpmInjectPath: undefined,\n homePath: undefined,\n minimumVersionByAgent: undefined,\n nmBinPath: undefined,\n nodeHardenFlags: undefined,\n rootBinPath: undefined,\n rootDistPath: undefined,\n rootPath: undefined,\n shadowBinPath: undefined,\n zshRcPath: undefined\n },\n {\n getters: {\n BATCH_PURL_ENDPOINT: LAZY_BATCH_PURL_ENDPOINT,\n DIST_TYPE: LAZY_DIST_TYPE,\n ENV: LAZY_ENV,\n bashRcPath: lazyBashRcPath,\n distCliPath: lazyDistCliPath,\n distInstrumentWithSentryPath: lazyDistInstrumentWithSentryPath,\n distPath: lazyDistPath,\n distShadowNpmBinPath: lazyDistShadowNpmBinPath,\n distShadowNpmInjectPath: lazyDistShadowNpmInjectPath,\n homePath: lazyHomePath,\n minimumVersionByAgent: lazyMinimumVersionByAgent,\n nmBinPath: lazyNmBinPath,\n nodeHardenFlags: lazyNodeHardenFlags,\n rootBinPath: lazyRootBinPath,\n rootDistPath: lazyRootDistPath,\n rootPath: lazyRootPath,\n shadowBinPath: lazyShadowBinPath,\n zshRcPath: lazyZshRcPath\n },\n internals: {\n getIpc,\n getSentry() {\n return _Sentry\n },\n setSentry(Sentry: Sentry): boolean {\n if (_Sentry === undefined) {\n _Sentry = Sentry\n return true\n }\n return false\n }\n },\n mixin: registryConstants\n }\n) as Constants\n\nexport default constants\n"],"names":["getIpc","query","env","path","constants","BATCH_PURL_ENDPOINT","DIST_TYPE","ENV","bashRcPath","distCliPath","distInstrumentWithSentryPath","distPath","distShadowNpmBinPath","distShadowNpmInjectPath","homePath","minimumVersionByAgent","nmBinPath","nodeHardenFlags","rootBinPath","rootDistPath","rootPath","shadowBinPath","zshRcPath","getters","internals","getSentry","_Sentry","mixin"],"mappings":";;;;;;;;;AAWA;;;;;;AAME;;AAEEA;AACF;AACF;AA+GA;AACA;AAEA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAEA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAEA;AAEA;AACE;AACAC;AACAA;AACA;AACF;AAEA;AAGA;;AACUC;AAAI;AACZ;AACA;;AAEE;;AAEA;AACA;AACA;AAEA;AACA;AACA;AAEA;AACA;AACA;AAEA;;AAEA;AACA;AACF;AACF;AAEA;AACE;AACAC;AAEF;AACE;AACAA;AAEF;AACE;AACAA;AAEF;AACE;AACAA;AAEF;AACE;AACAA;AAEF;AACE;AACAA;AAEF;AAEA;AAEI;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAGJ;AACE;AACAA;;AAEF;AACA;AACA;AACE;AACA;AACgDC;AAE5C;AACA;AACA;AACA;AACA;AACA;AACA;AAEN;AACE;AACAD;AAEF;AACE;AACAA;AAEF;AACE;AACAA;AAKF;AACE;AACAA;AAEF;AACE;AACAA;AAEIC;;;;;;;AAQF;AACAC;;;;;;AAMAC;;;AAGAC;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAoCAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACF;AAEEC;AACElB;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;;AAEFE;;AAEEC;AACE;;;;AAIEC;AACA;AACF;AACA;AACF;;AAEFC;AACF;;","debugId":"3907c1b1-6857-44ea-a3e6-0f0145f3652a"}