socket 0.14.65 → 0.14.66
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/constants.d.ts +0 -2
- package/dist/constants.js +1 -5
- package/dist/constants.js.map +1 -1
- package/dist/module-sync/cli.js +20 -19
- package/dist/module-sync/cli.js.map +1 -1
- package/dist/module-sync/shadow-npm-inject.js +45 -33
- package/dist/module-sync/shadow-npm-inject.js.map +1 -1
- package/dist/module-sync/socket-package-alert.d.ts +1 -1
- package/dist/require/cli.js +20 -19
- package/dist/require/cli.js.map +1 -1
- package/package.json +6 -6
package/dist/constants.d.ts
CHANGED
|
@@ -139,8 +139,6 @@ declare const constants: {
|
|
|
139
139
|
readonly tsTypesAvailable: ReadonlySet<string>;
|
|
140
140
|
readonly win32EnsureTestsByEcosystem: Map<string, ReadonlySet<string>>;
|
|
141
141
|
readonly 'Symbol(kInternalsSymbol)': Internals;
|
|
142
|
-
readonly ALERT_FIX_TYPE_CVE: 'cve';
|
|
143
|
-
readonly ALERT_FIX_TYPE_UPGRADE: 'upgrade';
|
|
144
142
|
readonly ALERT_TYPE_CRITICAL_CVE: 'criticalCVE';
|
|
145
143
|
readonly ALERT_TYPE_CVE: 'cve';
|
|
146
144
|
readonly ALERT_TYPE_MEDIUM_CVE: 'mediumCVE';
|
package/dist/constants.js
CHANGED
|
@@ -17,8 +17,6 @@ const {
|
|
|
17
17
|
getIpc
|
|
18
18
|
}
|
|
19
19
|
} = registryConstants;
|
|
20
|
-
const ALERT_FIX_TYPE_CVE = 'cve';
|
|
21
|
-
const ALERT_FIX_TYPE_UPGRADE = 'upgrade';
|
|
22
20
|
const ALERT_TYPE_CRITICAL_CVE = 'criticalCVE';
|
|
23
21
|
const ALERT_TYPE_CVE = 'cve';
|
|
24
22
|
const ALERT_TYPE_MEDIUM_CVE = 'mediumCVE';
|
|
@@ -164,8 +162,6 @@ const lazyZshRcPath = () =>
|
|
|
164
162
|
// Lazily access constants.homePath.
|
|
165
163
|
path.join(constants.homePath, '.zshrc');
|
|
166
164
|
const constants = createConstantsObject({
|
|
167
|
-
ALERT_FIX_TYPE_CVE,
|
|
168
|
-
ALERT_FIX_TYPE_UPGRADE,
|
|
169
165
|
ALERT_TYPE_CRITICAL_CVE,
|
|
170
166
|
ALERT_TYPE_CVE,
|
|
171
167
|
ALERT_TYPE_MEDIUM_CVE,
|
|
@@ -269,5 +265,5 @@ const constants = createConstantsObject({
|
|
|
269
265
|
});
|
|
270
266
|
|
|
271
267
|
module.exports = constants;
|
|
272
|
-
//# debugId=
|
|
268
|
+
//# debugId=de43662e-a339-456d-bfec-0204b7d5e232
|
|
273
269
|
//# sourceMappingURL=constants.js.map
|
package/dist/constants.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"constants.js","sources":["../../src/constants.ts"],"sourcesContent":["import { realpathSync } from 'node:fs'\nimport os from 'node:os'\nimport path from 'node:path'\nimport process from 'node:process'\n\nimport registryConstants from '@socketsecurity/registry/lib/constants'\nimport { envAsBoolean } from '@socketsecurity/registry/lib/env'\n\nimport type { Agent } from './utils/package-environment'\nimport type { Remap } from '@socketsecurity/registry/lib/objects'\n\nconst {\n NODE_MODULES,\n NPM,\n SOCKET_SECURITY_SCOPE,\n kInternalsSymbol,\n [kInternalsSymbol as unknown as 'Symbol(kInternalsSymbol)']: {\n createConstantsObject,\n getIpc\n }\n} = registryConstants\n\ntype RegistryEnv = typeof registryConstants.ENV\n\ntype RegistryInternals = (typeof registryConstants)['Symbol(kInternalsSymbol)']\n\ntype Sentry = any\n\ntype Internals = Remap<\n Omit<RegistryInternals, 'getIpc'> &\n Readonly<{\n getIpc: {\n (): Promise<IPC>\n <K extends keyof IPC | undefined>(\n key?: K | undefined\n ): Promise<K extends keyof IPC ? IPC[K] : IPC>\n }\n getSentry: () => Sentry\n setSentry(Sentry: Sentry): boolean\n }>\n>\n\ntype ENV = Remap<\n RegistryEnv &\n Readonly<{\n SOCKET_CLI_DEBUG: boolean\n SOCKET_CLI_NO_API_TOKEN: boolean\n }>\n>\n\ntype IPC = Readonly<{\n SOCKET_CLI_FIX?: string | undefined\n SOCKET_CLI_OPTIMIZE?: boolean | undefined\n SOCKET_CLI_SAFE_WRAPPER?: string | undefined\n}>\n\ntype Constants = Remap<\n Omit<typeof registryConstants, 'Symbol(kInternalsSymbol)' | 'ENV' | 'IPC'> & {\n readonly 'Symbol(kInternalsSymbol)': Internals\n readonly ALERT_FIX_TYPE_CVE: 'cve'\n readonly ALERT_FIX_TYPE_UPGRADE: 'upgrade'\n readonly ALERT_TYPE_CRITICAL_CVE: 'criticalCVE'\n readonly ALERT_TYPE_CVE: 'cve'\n readonly ALERT_TYPE_MEDIUM_CVE: 'mediumCVE'\n readonly ALERT_TYPE_MILD_CVE: 'mildCVE'\n readonly API_V0_URL: 'https://api.socket.dev/v0/'\n readonly BINARY_LOCK_EXT: '.lockb'\n readonly BUN: 'bun'\n readonly CLI: 'cli'\n readonly CVE_ALERT_PROPS_FIRST_PATCHED_VERSION_IDENTIFIER: 'firstPatchedVersionIdentifier'\n readonly ENV: ENV\n readonly DIST_TYPE: 'module-sync' | 'require'\n readonly DRY_RUN_LABEL: '[DryRun]'\n readonly DRY_RUN_BAIL_TEXT: '[DryRun] Bailing now'\n readonly INLINED_SOCKET_CLI_LEGACY_BUILD: 'INLINED_SOCKET_CLI_LEGACY_BUILD'\n readonly INLINED_SOCKET_CLI_PUBLISHED_BUILD: 'INLINED_SOCKET_CLI_PUBLISHED_BUILD'\n readonly INLINED_SOCKET_CLI_SENTRY_BUILD: 'INLINED_SOCKET_CLI_SENTRY_BUILD'\n readonly IPC: IPC\n readonly LOCK_EXT: '.lock'\n readonly MODULE_SYNC: 'module-sync'\n readonly NPM_BUGGY_OVERRIDES_PATCHED_VERSION: '11.2.0'\n readonly NPM_REGISTRY_URL: 'https://registry.npmjs.org'\n readonly PNPM: 'pnpm'\n readonly REDACTED: '<redacted>'\n readonly REQUIRE: 'require'\n readonly SHADOW_NPM_BIN: 'shadow-bin'\n readonly SHADOW_NPM_INJECT: 'shadow-npm-inject'\n readonly SHADOW_NPM_PATHS: 'shadow-npm-paths'\n readonly SOCKET: 'socket'\n readonly SOCKET_CLI_BIN_NAME: 'socket'\n readonly SOCKET_CLI_BIN_NAME_ALIAS: 'cli'\n readonly SOCKET_CLI_DEBUG: 'SOCKET_CLI_DEBUG'\n readonly SOCKET_CLI_FIX: 'SOCKET_CLI_FIX'\n readonly SOCKET_CLI_ISSUES_URL: 'https://github.com/SocketDev/socket-cli/issues'\n readonly SOCKET_CLI_SENTRY_BIN_NAME_ALIAS: 'cli-with-sentry'\n readonly SOCKET_CLI_LEGACY_PACKAGE_NAME: '@socketsecurity/cli'\n readonly SOCKET_CLI_NO_API_TOKEN: 'SOCKET_CLI_NO_API_TOKEN'\n readonly SOCKET_CLI_NPM_BIN_NAME: 'socket-npm'\n readonly SOCKET_CLI_NPX_BIN_NAME: 'socket-npx'\n readonly SOCKET_CLI_OPTIMIZE: 'SOCKET_CLI_OPTIMIZE'\n readonly SOCKET_CLI_PACKAGE_NAME: 'socket'\n readonly SOCKET_CLI_SAFE_WRAPPER: 'SOCKET_CLI_SAFE_WRAPPER'\n readonly SOCKET_CLI_SENTRY_BIN_NAME: 'socket-with-sentry'\n readonly SOCKET_CLI_SENTRY_NPM_BIN_NAME: 'socket-npm-with-sentry'\n readonly SOCKET_CLI_SENTRY_NPX_BIN_NAME: 'socket-npx-with-sentry'\n readonly SOCKET_CLI_SENTRY_PACKAGE_NAME: '@socketsecurity/cli-with-sentry'\n readonly VLT: 'vlt'\n readonly WITH_SENTRY: 'with-sentry'\n readonly YARN: 'yarn'\n readonly YARN_BERRY: 'yarn/berry'\n readonly YARN_CLASSIC: 'yarn/classic'\n readonly YARN_LOCK: 'yarn.lock'\n readonly bashRcPath: string\n readonly distCliPath: string\n readonly distInstrumentWithSentryPath: string\n readonly distPath: string\n readonly distShadowNpmBinPath: string\n readonly distShadowNpmInjectPath: string\n readonly homePath: string\n readonly minimumVersionByAgent: Map<Agent, string>\n readonly nmBinPath: string\n readonly nodeHardenFlags: string[]\n readonly rootBinPath: string\n readonly rootDistPath: string\n readonly rootPath: string\n readonly shadowBinPath: string\n readonly zshRcPath: string\n }\n>\n\nconst ALERT_FIX_TYPE_CVE = 'cve'\nconst ALERT_FIX_TYPE_UPGRADE = 'upgrade'\nconst ALERT_TYPE_CRITICAL_CVE = 'criticalCVE'\nconst ALERT_TYPE_CVE = 'cve'\nconst ALERT_TYPE_MEDIUM_CVE = 'mediumCVE'\nconst ALERT_TYPE_MILD_CVE = 'mildCVE'\nconst API_V0_URL = 'https://api.socket.dev/v0/'\nconst BINARY_LOCK_EXT = '.lockb'\nconst BUN = 'bun'\nconst CLI = 'cli'\nconst CVE_ALERT_PROPS_FIRST_PATCHED_VERSION_IDENTIFIER =\n 'firstPatchedVersionIdentifier'\nconst DRY_RUN_LABEL = '[DryRun]'\nconst DRY_RUN_BAIL_TEXT = `${DRY_RUN_LABEL}: Bailing now`\nconst INLINED_SOCKET_CLI_LEGACY_BUILD = 'INLINED_SOCKET_CLI_LEGACY_BUILD'\nconst INLINED_SOCKET_CLI_PUBLISHED_BUILD = 'INLINED_SOCKET_CLI_PUBLISHED_BUILD'\nconst INLINED_SOCKET_CLI_SENTRY_BUILD = 'INLINED_SOCKET_CLI_SENTRY_BUILD'\nconst LOCK_EXT = '.lock'\nconst MODULE_SYNC = 'module-sync'\nconst NPM_BUGGY_OVERRIDES_PATCHED_VERSION = '11.2.0'\nconst NPM_REGISTRY_URL = 'https://registry.npmjs.org'\nconst PNPM = 'pnpm'\nconst REDACTED = '<redacted>'\nconst REQUIRE = 'require'\nconst SHADOW_NPM_BIN = 'shadow-bin'\nconst SHADOW_NPM_INJECT = 'shadow-npm-inject'\nconst SHADOW_NPM_PATHS = 'shadow-npm-paths'\nconst SOCKET = 'socket'\nconst SOCKET_CLI_BIN_NAME = 'socket'\nconst SOCKET_CLI_BIN_NAME_ALIAS = 'cli'\nconst SOCKET_CLI_DEBUG = 'SOCKET_CLI_DEBUG'\nconst SOCKET_CLI_FIX = 'SOCKET_CLI_FIX'\nconst SOCKET_CLI_ISSUES_URL = 'https://github.com/SocketDev/socket-cli/issues'\nconst SOCKET_CLI_LEGACY_PACKAGE_NAME = `${SOCKET_SECURITY_SCOPE}/cli`\nconst SOCKET_CLI_NO_API_TOKEN = 'SOCKET_CLI_NO_API_TOKEN'\nconst SOCKET_CLI_OPTIMIZE = 'SOCKET_CLI_OPTIMIZE'\nconst SOCKET_CLI_NPM_BIN_NAME = 'socket-npm'\nconst SOCKET_CLI_NPX_BIN_NAME = 'socket-npx'\nconst SOCKET_CLI_PACKAGE_NAME = 'socket'\nconst SOCKET_CLI_SAFE_WRAPPER = 'SOCKET_CLI_SAFE_WRAPPER'\nconst SOCKET_CLI_SENTRY_BIN_NAME = 'socket-with-sentry'\nconst SOCKET_CLI_SENTRY_BIN_NAME_ALIAS = 'cli-with-sentry'\nconst SOCKET_CLI_SENTRY_NPM_BIN_NAME = 'socket-npm-with-sentry'\nconst SOCKET_CLI_SENTRY_NPX_BIN_NAME = 'socket-npx-with-sentry'\nconst SOCKET_CLI_SENTRY_PACKAGE_NAME = `${SOCKET_SECURITY_SCOPE}/cli-with-sentry`\nconst VLT = 'vlt'\nconst WITH_SENTRY = 'with-sentry'\nconst YARN = 'yarn'\nconst YARN_BERRY = 'yarn/berry'\nconst YARN_CLASSIC = 'yarn/classic'\nconst YARN_LOCK = 'yarn.lock'\n\nlet _Sentry: any\n\nconst LAZY_DIST_TYPE = () =>\n registryConstants.SUPPORTS_NODE_REQUIRE_MODULE ? MODULE_SYNC : REQUIRE\n\nconst LAZY_ENV = () => {\n const { env } = process\n // We inline some environment values so that they CANNOT be influenced by user\n // provided environment variables.\n return Object.freeze({\n // Lazily access registryConstants.ENV.\n ...registryConstants.ENV,\n // Inlined flag set to determine if this is the Legacy build.\n // The '@rollup/plugin-replace' will replace \"process.env[INLINED_SOCKET_CLI_LEGACY_BUILD]\".\n INLINED_SOCKET_CLI_LEGACY_BUILD:\n process.env['INLINED_SOCKET_CLI_LEGACY_BUILD'],\n // Inlined flag set to determine if this is a published build.\n // The '@rollup/plugin-replace' will replace \"process.env[INLINED_SOCKET_CLI_PUBLISHED_BUILD]\".\n INLINED_SOCKET_CLI_PUBLISHED_BUILD:\n process.env['INLINED_SOCKET_CLI_PUBLISHED_BUILD'],\n // Inlined flag set to determine if this is the Sentry build.\n // The '@rollup/plugin-replace' will replace \"process.env[INLINED_SOCKET_CLI_SENTRY_BUILD]\".\n INLINED_SOCKET_CLI_SENTRY_BUILD:\n process.env['INLINED_SOCKET_CLI_SENTRY_BUILD'],\n // Flag set to help debug Socket CLI.\n SOCKET_CLI_DEBUG: envAsBoolean(env['SOCKET_CLI_DEBUG']),\n // Flag set to make the default API token `undefined`.\n SOCKET_CLI_NO_API_TOKEN: envAsBoolean(env['SOCKET_CLI_NO_API_TOKEN'])\n })\n}\n\nconst lazyBashRcPath = () =>\n // Lazily access constants.homePath.\n path.join(constants.homePath, '.bashrc')\n\nconst lazyDistCliPath = () =>\n // Lazily access constants.distPath.\n path.join(constants.distPath, 'cli.js')\n\nconst lazyDistInstrumentWithSentryPath = () =>\n // Lazily access constants.rootDistPath.\n path.join(constants.rootDistPath, 'instrument-with-sentry.js')\n\nconst lazyDistPath = () =>\n // Lazily access constants.rootDistPath and constants.DIST_TYPE.\n path.join(constants.rootDistPath, constants.DIST_TYPE)\n\nconst lazyDistShadowNpmBinPath = () =>\n // Lazily access constants.distPath.\n path.join(constants.distPath, `${SHADOW_NPM_BIN}.js`)\n\nconst lazyDistShadowNpmInjectPath = () =>\n // Lazily access constants.distPath.\n path.join(constants.distPath, `${SHADOW_NPM_INJECT}.js`)\n\nconst lazyHomePath = () => os.homedir()\n\nconst lazyMinimumVersionByAgent = () =>\n new Map([\n // Bun >=1.1.39 supports the text-based lockfile.\n // https://bun.sh/blog/bun-lock-text-lockfile\n [BUN, '1.1.39'],\n // The npm version bundled with Node 18.\n // https://nodejs.org/en/about/previous-releases#looking-for-the-latest-release-of-a-version-branch\n [NPM, '10.8.2'],\n // 8.x is the earliest version to support Node 18.\n // https://pnpm.io/installation#compatibility\n // https://www.npmjs.com/package/pnpm?activeTab=versions\n [PNPM, '8.15.9'],\n // 4.x supports >= Node 18.12.0\n // https://github.com/yarnpkg/berry/blob/%40yarnpkg/core/4.1.0/CHANGELOG.md#400\n [YARN_BERRY, '4.0.0'],\n // Latest 1.x.\n // https://www.npmjs.com/package/yarn?activeTab=versions\n [YARN_CLASSIC, '1.22.22'],\n // vlt does not support overrides so we don't gate on it.\n [VLT, '*']\n ])\n\nconst lazyNmBinPath = () =>\n // Lazily access constants.rootPath.\n path.join(constants.rootPath, `${NODE_MODULES}/.bin`)\n\n// Redefine registryConstants.nodeHardenFlags to account for the\n// INLINED_SOCKET_CLI_SENTRY_BUILD environment variable.\nconst lazyNodeHardenFlags = () =>\n // The '@rollup/plugin-replace' will replace \"process.env[INLINED_SOCKET_CLI_SENTRY_BUILD]\".\n // Lazily access constants.WIN32.\n process.env['INLINED_SOCKET_CLI_SENTRY_BUILD'] || constants.WIN32\n ? []\n : // Harden Node security.\n // https://nodejs.org/en/learn/getting-started/security-best-practices\n // We have contributed the following patches to our dependencies to make\n // Node's --frozen-intrinsics workable.\n // √ https://github.com/SBoudrias/Inquirer.js/pull/1683\n // √ https://github.com/pnpm/components/pull/23\n ['--disable-proto', 'delete', '--frozen-intrinsics', '--no-deprecation']\n\nconst lazyRootBinPath = () =>\n // Lazily access constants.rootPath.\n path.join(constants.rootPath, 'bin')\n\nconst lazyRootDistPath = () =>\n // Lazily access constants.rootPath.\n path.join(constants.rootPath, 'dist')\n\nconst lazyRootPath = () =>\n // The '@rollup/plugin-replace' will replace \"process.env['INLINED_SOCKET_CLI_TEST_DIST_BUILD']\".\n path.join(\n realpathSync.native(__dirname),\n process.env['INLINED_SOCKET_CLI_TEST_DIST_BUILD'] ? '../..' : '..'\n )\n\nconst lazyShadowBinPath = () =>\n // Lazily access constants.rootPath.\n path.join(constants.rootPath, SHADOW_NPM_BIN)\n\nconst lazyZshRcPath = () =>\n // Lazily access constants.homePath.\n path.join(constants.homePath, '.zshrc')\n\nconst constants = createConstantsObject(\n {\n ALERT_FIX_TYPE_CVE,\n ALERT_FIX_TYPE_UPGRADE,\n ALERT_TYPE_CRITICAL_CVE,\n ALERT_TYPE_CVE,\n ALERT_TYPE_MEDIUM_CVE,\n ALERT_TYPE_MILD_CVE,\n API_V0_URL,\n BINARY_LOCK_EXT,\n BUN,\n CLI,\n CVE_ALERT_PROPS_FIRST_PATCHED_VERSION_IDENTIFIER,\n // Lazily defined values are initialized as `undefined` to keep their key order.\n DIST_TYPE: undefined,\n DRY_RUN_LABEL,\n DRY_RUN_BAIL_TEXT,\n ENV: undefined,\n INLINED_SOCKET_CLI_LEGACY_BUILD,\n INLINED_SOCKET_CLI_PUBLISHED_BUILD,\n INLINED_SOCKET_CLI_SENTRY_BUILD,\n LOCK_EXT,\n MODULE_SYNC,\n NPM_BUGGY_OVERRIDES_PATCHED_VERSION,\n NPM_REGISTRY_URL,\n PNPM,\n REDACTED,\n REQUIRE,\n SHADOW_NPM_BIN,\n SHADOW_NPM_INJECT,\n SHADOW_NPM_PATHS,\n SOCKET,\n SOCKET_CLI_BIN_NAME,\n SOCKET_CLI_BIN_NAME_ALIAS,\n SOCKET_CLI_DEBUG,\n SOCKET_CLI_FIX,\n SOCKET_CLI_ISSUES_URL,\n SOCKET_CLI_SENTRY_BIN_NAME_ALIAS,\n SOCKET_CLI_LEGACY_PACKAGE_NAME,\n SOCKET_CLI_NO_API_TOKEN,\n SOCKET_CLI_NPM_BIN_NAME,\n SOCKET_CLI_NPX_BIN_NAME,\n SOCKET_CLI_OPTIMIZE,\n SOCKET_CLI_PACKAGE_NAME,\n SOCKET_CLI_SAFE_WRAPPER,\n SOCKET_CLI_SENTRY_BIN_NAME,\n SOCKET_CLI_SENTRY_NPM_BIN_NAME,\n SOCKET_CLI_SENTRY_NPX_BIN_NAME,\n SOCKET_CLI_SENTRY_PACKAGE_NAME,\n VLT,\n WITH_SENTRY,\n YARN,\n YARN_BERRY,\n YARN_CLASSIC,\n YARN_LOCK,\n bashRcPath: undefined,\n distCliPath: undefined,\n distInstrumentWithSentryPath: undefined,\n distPath: undefined,\n distShadowNpmBinPath: undefined,\n distShadowNpmInjectPath: undefined,\n homePath: undefined,\n minimumVersionByAgent: undefined,\n nmBinPath: undefined,\n nodeHardenFlags: undefined,\n rootBinPath: undefined,\n rootDistPath: undefined,\n rootPath: undefined,\n shadowBinPath: undefined,\n zshRcPath: undefined\n },\n {\n getters: {\n DIST_TYPE: LAZY_DIST_TYPE,\n ENV: LAZY_ENV,\n bashRcPath: lazyBashRcPath,\n distCliPath: lazyDistCliPath,\n distInstrumentWithSentryPath: lazyDistInstrumentWithSentryPath,\n distPath: lazyDistPath,\n distShadowNpmBinPath: lazyDistShadowNpmBinPath,\n distShadowNpmInjectPath: lazyDistShadowNpmInjectPath,\n homePath: lazyHomePath,\n minimumVersionByAgent: lazyMinimumVersionByAgent,\n nmBinPath: lazyNmBinPath,\n nodeHardenFlags: lazyNodeHardenFlags,\n rootBinPath: lazyRootBinPath,\n rootDistPath: lazyRootDistPath,\n rootPath: lazyRootPath,\n shadowBinPath: lazyShadowBinPath,\n zshRcPath: lazyZshRcPath\n },\n internals: {\n getIpc,\n getSentry() {\n return _Sentry\n },\n setSentry(Sentry: Sentry): boolean {\n if (_Sentry === undefined) {\n _Sentry = Sentry\n return true\n }\n return false\n }\n },\n mixin: registryConstants\n }\n) as Constants\n\nexport default constants\n"],"names":["getIpc","env","INLINED_SOCKET_CLI_LEGACY_BUILD","INLINED_SOCKET_CLI_PUBLISHED_BUILD","INLINED_SOCKET_CLI_SENTRY_BUILD","SOCKET_CLI_DEBUG","SOCKET_CLI_NO_API_TOKEN","path","constants","DIST_TYPE","ENV","bashRcPath","distCliPath","distInstrumentWithSentryPath","distPath","distShadowNpmBinPath","distShadowNpmInjectPath","homePath","minimumVersionByAgent","nmBinPath","nodeHardenFlags","rootBinPath","rootDistPath","rootPath","shadowBinPath","zshRcPath","getters","internals","getSentry","_Sentry","mixin"],"mappings":";;;;;;;;;AAWA;;;;;AAKE;;AAEEA;AACF;AACF;AA8GA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAEA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAEA;AAEA;AAGA;;AACUC;AAAI;AACZ;AACA;;AAEE;;AAEA;AACA;AACAC;AAEA;AACA;AACAC;AAEA;AACA;AACAC;AAEA;AACAC;AACA;AACAC;AACF;AACF;AAEA;AACE;AACAC;AAEF;AACE;AACAA;AAEF;AACE;AACAA;AAEF;AACE;AACAA;AAEF;AACE;AACAA;AAEF;AACE;AACAA;AAEF;AAEA;AAEI;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAGJ;AACE;AACAA;;AAEF;AACA;AACA;AACE;AACA;AACkDC;AAE9C;AACA;AACA;AACA;AACA;AACA;AACA;AAEN;AACE;AACAD;AAEF;AACE;AACAA;AAEF;AACE;AACAA;AAKF;AACE;AACAA;AAEF;AACE;AACAA;AAEIC;;;;;;;;;;;;AAaF;AACAC;;;AAGAC;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAsCAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACF;AAEEC;AACEjB;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;;AAEFE;;AAEEC;AACE;;;;AAIEC;AACA;AACF;AACA;AACF;;AAEFC;AACF;;","debugId":"8401a60a-f43c-476e-ac2a-afaf93b90a64"}
|
|
1
|
+
{"version":3,"file":"constants.js","sources":["../../src/constants.ts"],"sourcesContent":["import { realpathSync } from 'node:fs'\nimport os from 'node:os'\nimport path from 'node:path'\nimport process from 'node:process'\n\nimport registryConstants from '@socketsecurity/registry/lib/constants'\nimport { envAsBoolean } from '@socketsecurity/registry/lib/env'\n\nimport type { Agent } from './utils/package-environment'\nimport type { Remap } from '@socketsecurity/registry/lib/objects'\n\nconst {\n NODE_MODULES,\n NPM,\n SOCKET_SECURITY_SCOPE,\n kInternalsSymbol,\n [kInternalsSymbol as unknown as 'Symbol(kInternalsSymbol)']: {\n createConstantsObject,\n getIpc\n }\n} = registryConstants\n\ntype RegistryEnv = typeof registryConstants.ENV\n\ntype RegistryInternals = (typeof registryConstants)['Symbol(kInternalsSymbol)']\n\ntype Sentry = any\n\ntype Internals = Remap<\n Omit<RegistryInternals, 'getIpc'> &\n Readonly<{\n getIpc: {\n (): Promise<IPC>\n <K extends keyof IPC | undefined>(\n key?: K | undefined\n ): Promise<K extends keyof IPC ? IPC[K] : IPC>\n }\n getSentry: () => Sentry\n setSentry(Sentry: Sentry): boolean\n }>\n>\n\ntype ENV = Remap<\n RegistryEnv &\n Readonly<{\n SOCKET_CLI_DEBUG: boolean\n SOCKET_CLI_NO_API_TOKEN: boolean\n }>\n>\n\ntype IPC = Readonly<{\n SOCKET_CLI_FIX?: string | undefined\n SOCKET_CLI_OPTIMIZE?: boolean | undefined\n SOCKET_CLI_SAFE_WRAPPER?: string | undefined\n}>\n\ntype Constants = Remap<\n Omit<typeof registryConstants, 'Symbol(kInternalsSymbol)' | 'ENV' | 'IPC'> & {\n readonly 'Symbol(kInternalsSymbol)': Internals\n readonly ALERT_TYPE_CRITICAL_CVE: 'criticalCVE'\n readonly ALERT_TYPE_CVE: 'cve'\n readonly ALERT_TYPE_MEDIUM_CVE: 'mediumCVE'\n readonly ALERT_TYPE_MILD_CVE: 'mildCVE'\n readonly API_V0_URL: 'https://api.socket.dev/v0/'\n readonly BINARY_LOCK_EXT: '.lockb'\n readonly BUN: 'bun'\n readonly CLI: 'cli'\n readonly CVE_ALERT_PROPS_FIRST_PATCHED_VERSION_IDENTIFIER: 'firstPatchedVersionIdentifier'\n readonly ENV: ENV\n readonly DIST_TYPE: 'module-sync' | 'require'\n readonly DRY_RUN_LABEL: '[DryRun]'\n readonly DRY_RUN_BAIL_TEXT: '[DryRun] Bailing now'\n readonly INLINED_SOCKET_CLI_LEGACY_BUILD: 'INLINED_SOCKET_CLI_LEGACY_BUILD'\n readonly INLINED_SOCKET_CLI_PUBLISHED_BUILD: 'INLINED_SOCKET_CLI_PUBLISHED_BUILD'\n readonly INLINED_SOCKET_CLI_SENTRY_BUILD: 'INLINED_SOCKET_CLI_SENTRY_BUILD'\n readonly IPC: IPC\n readonly LOCK_EXT: '.lock'\n readonly MODULE_SYNC: 'module-sync'\n readonly NPM_BUGGY_OVERRIDES_PATCHED_VERSION: '11.2.0'\n readonly NPM_REGISTRY_URL: 'https://registry.npmjs.org'\n readonly PNPM: 'pnpm'\n readonly REDACTED: '<redacted>'\n readonly REQUIRE: 'require'\n readonly SHADOW_NPM_BIN: 'shadow-bin'\n readonly SHADOW_NPM_INJECT: 'shadow-npm-inject'\n readonly SHADOW_NPM_PATHS: 'shadow-npm-paths'\n readonly SOCKET: 'socket'\n readonly SOCKET_CLI_BIN_NAME: 'socket'\n readonly SOCKET_CLI_BIN_NAME_ALIAS: 'cli'\n readonly SOCKET_CLI_DEBUG: 'SOCKET_CLI_DEBUG'\n readonly SOCKET_CLI_FIX: 'SOCKET_CLI_FIX'\n readonly SOCKET_CLI_ISSUES_URL: 'https://github.com/SocketDev/socket-cli/issues'\n readonly SOCKET_CLI_SENTRY_BIN_NAME_ALIAS: 'cli-with-sentry'\n readonly SOCKET_CLI_LEGACY_PACKAGE_NAME: '@socketsecurity/cli'\n readonly SOCKET_CLI_NO_API_TOKEN: 'SOCKET_CLI_NO_API_TOKEN'\n readonly SOCKET_CLI_NPM_BIN_NAME: 'socket-npm'\n readonly SOCKET_CLI_NPX_BIN_NAME: 'socket-npx'\n readonly SOCKET_CLI_OPTIMIZE: 'SOCKET_CLI_OPTIMIZE'\n readonly SOCKET_CLI_PACKAGE_NAME: 'socket'\n readonly SOCKET_CLI_SAFE_WRAPPER: 'SOCKET_CLI_SAFE_WRAPPER'\n readonly SOCKET_CLI_SENTRY_BIN_NAME: 'socket-with-sentry'\n readonly SOCKET_CLI_SENTRY_NPM_BIN_NAME: 'socket-npm-with-sentry'\n readonly SOCKET_CLI_SENTRY_NPX_BIN_NAME: 'socket-npx-with-sentry'\n readonly SOCKET_CLI_SENTRY_PACKAGE_NAME: '@socketsecurity/cli-with-sentry'\n readonly VLT: 'vlt'\n readonly WITH_SENTRY: 'with-sentry'\n readonly YARN: 'yarn'\n readonly YARN_BERRY: 'yarn/berry'\n readonly YARN_CLASSIC: 'yarn/classic'\n readonly YARN_LOCK: 'yarn.lock'\n readonly bashRcPath: string\n readonly distCliPath: string\n readonly distInstrumentWithSentryPath: string\n readonly distPath: string\n readonly distShadowNpmBinPath: string\n readonly distShadowNpmInjectPath: string\n readonly homePath: string\n readonly minimumVersionByAgent: Map<Agent, string>\n readonly nmBinPath: string\n readonly nodeHardenFlags: string[]\n readonly rootBinPath: string\n readonly rootDistPath: string\n readonly rootPath: string\n readonly shadowBinPath: string\n readonly zshRcPath: string\n }\n>\n\nconst ALERT_TYPE_CRITICAL_CVE = 'criticalCVE'\nconst ALERT_TYPE_CVE = 'cve'\nconst ALERT_TYPE_MEDIUM_CVE = 'mediumCVE'\nconst ALERT_TYPE_MILD_CVE = 'mildCVE'\nconst API_V0_URL = 'https://api.socket.dev/v0/'\nconst BINARY_LOCK_EXT = '.lockb'\nconst BUN = 'bun'\nconst CLI = 'cli'\nconst CVE_ALERT_PROPS_FIRST_PATCHED_VERSION_IDENTIFIER =\n 'firstPatchedVersionIdentifier'\nconst DRY_RUN_LABEL = '[DryRun]'\nconst DRY_RUN_BAIL_TEXT = `${DRY_RUN_LABEL}: Bailing now`\nconst INLINED_SOCKET_CLI_LEGACY_BUILD = 'INLINED_SOCKET_CLI_LEGACY_BUILD'\nconst INLINED_SOCKET_CLI_PUBLISHED_BUILD = 'INLINED_SOCKET_CLI_PUBLISHED_BUILD'\nconst INLINED_SOCKET_CLI_SENTRY_BUILD = 'INLINED_SOCKET_CLI_SENTRY_BUILD'\nconst LOCK_EXT = '.lock'\nconst MODULE_SYNC = 'module-sync'\nconst NPM_BUGGY_OVERRIDES_PATCHED_VERSION = '11.2.0'\nconst NPM_REGISTRY_URL = 'https://registry.npmjs.org'\nconst PNPM = 'pnpm'\nconst REDACTED = '<redacted>'\nconst REQUIRE = 'require'\nconst SHADOW_NPM_BIN = 'shadow-bin'\nconst SHADOW_NPM_INJECT = 'shadow-npm-inject'\nconst SHADOW_NPM_PATHS = 'shadow-npm-paths'\nconst SOCKET = 'socket'\nconst SOCKET_CLI_BIN_NAME = 'socket'\nconst SOCKET_CLI_BIN_NAME_ALIAS = 'cli'\nconst SOCKET_CLI_DEBUG = 'SOCKET_CLI_DEBUG'\nconst SOCKET_CLI_FIX = 'SOCKET_CLI_FIX'\nconst SOCKET_CLI_ISSUES_URL = 'https://github.com/SocketDev/socket-cli/issues'\nconst SOCKET_CLI_LEGACY_PACKAGE_NAME = `${SOCKET_SECURITY_SCOPE}/cli`\nconst SOCKET_CLI_NO_API_TOKEN = 'SOCKET_CLI_NO_API_TOKEN'\nconst SOCKET_CLI_OPTIMIZE = 'SOCKET_CLI_OPTIMIZE'\nconst SOCKET_CLI_NPM_BIN_NAME = 'socket-npm'\nconst SOCKET_CLI_NPX_BIN_NAME = 'socket-npx'\nconst SOCKET_CLI_PACKAGE_NAME = 'socket'\nconst SOCKET_CLI_SAFE_WRAPPER = 'SOCKET_CLI_SAFE_WRAPPER'\nconst SOCKET_CLI_SENTRY_BIN_NAME = 'socket-with-sentry'\nconst SOCKET_CLI_SENTRY_BIN_NAME_ALIAS = 'cli-with-sentry'\nconst SOCKET_CLI_SENTRY_NPM_BIN_NAME = 'socket-npm-with-sentry'\nconst SOCKET_CLI_SENTRY_NPX_BIN_NAME = 'socket-npx-with-sentry'\nconst SOCKET_CLI_SENTRY_PACKAGE_NAME = `${SOCKET_SECURITY_SCOPE}/cli-with-sentry`\nconst VLT = 'vlt'\nconst WITH_SENTRY = 'with-sentry'\nconst YARN = 'yarn'\nconst YARN_BERRY = 'yarn/berry'\nconst YARN_CLASSIC = 'yarn/classic'\nconst YARN_LOCK = 'yarn.lock'\n\nlet _Sentry: any\n\nconst LAZY_DIST_TYPE = () =>\n registryConstants.SUPPORTS_NODE_REQUIRE_MODULE ? MODULE_SYNC : REQUIRE\n\nconst LAZY_ENV = () => {\n const { env } = process\n // We inline some environment values so that they CANNOT be influenced by user\n // provided environment variables.\n return Object.freeze({\n // Lazily access registryConstants.ENV.\n ...registryConstants.ENV,\n // Inlined flag set to determine if this is the Legacy build.\n // The '@rollup/plugin-replace' will replace \"process.env[INLINED_SOCKET_CLI_LEGACY_BUILD]\".\n INLINED_SOCKET_CLI_LEGACY_BUILD:\n process.env['INLINED_SOCKET_CLI_LEGACY_BUILD'],\n // Inlined flag set to determine if this is a published build.\n // The '@rollup/plugin-replace' will replace \"process.env[INLINED_SOCKET_CLI_PUBLISHED_BUILD]\".\n INLINED_SOCKET_CLI_PUBLISHED_BUILD:\n process.env['INLINED_SOCKET_CLI_PUBLISHED_BUILD'],\n // Inlined flag set to determine if this is the Sentry build.\n // The '@rollup/plugin-replace' will replace \"process.env[INLINED_SOCKET_CLI_SENTRY_BUILD]\".\n INLINED_SOCKET_CLI_SENTRY_BUILD:\n process.env['INLINED_SOCKET_CLI_SENTRY_BUILD'],\n // Flag set to help debug Socket CLI.\n SOCKET_CLI_DEBUG: envAsBoolean(env['SOCKET_CLI_DEBUG']),\n // Flag set to make the default API token `undefined`.\n SOCKET_CLI_NO_API_TOKEN: envAsBoolean(env['SOCKET_CLI_NO_API_TOKEN'])\n })\n}\n\nconst lazyBashRcPath = () =>\n // Lazily access constants.homePath.\n path.join(constants.homePath, '.bashrc')\n\nconst lazyDistCliPath = () =>\n // Lazily access constants.distPath.\n path.join(constants.distPath, 'cli.js')\n\nconst lazyDistInstrumentWithSentryPath = () =>\n // Lazily access constants.rootDistPath.\n path.join(constants.rootDistPath, 'instrument-with-sentry.js')\n\nconst lazyDistPath = () =>\n // Lazily access constants.rootDistPath and constants.DIST_TYPE.\n path.join(constants.rootDistPath, constants.DIST_TYPE)\n\nconst lazyDistShadowNpmBinPath = () =>\n // Lazily access constants.distPath.\n path.join(constants.distPath, `${SHADOW_NPM_BIN}.js`)\n\nconst lazyDistShadowNpmInjectPath = () =>\n // Lazily access constants.distPath.\n path.join(constants.distPath, `${SHADOW_NPM_INJECT}.js`)\n\nconst lazyHomePath = () => os.homedir()\n\nconst lazyMinimumVersionByAgent = () =>\n new Map([\n // Bun >=1.1.39 supports the text-based lockfile.\n // https://bun.sh/blog/bun-lock-text-lockfile\n [BUN, '1.1.39'],\n // The npm version bundled with Node 18.\n // https://nodejs.org/en/about/previous-releases#looking-for-the-latest-release-of-a-version-branch\n [NPM, '10.8.2'],\n // 8.x is the earliest version to support Node 18.\n // https://pnpm.io/installation#compatibility\n // https://www.npmjs.com/package/pnpm?activeTab=versions\n [PNPM, '8.15.9'],\n // 4.x supports >= Node 18.12.0\n // https://github.com/yarnpkg/berry/blob/%40yarnpkg/core/4.1.0/CHANGELOG.md#400\n [YARN_BERRY, '4.0.0'],\n // Latest 1.x.\n // https://www.npmjs.com/package/yarn?activeTab=versions\n [YARN_CLASSIC, '1.22.22'],\n // vlt does not support overrides so we don't gate on it.\n [VLT, '*']\n ])\n\nconst lazyNmBinPath = () =>\n // Lazily access constants.rootPath.\n path.join(constants.rootPath, `${NODE_MODULES}/.bin`)\n\n// Redefine registryConstants.nodeHardenFlags to account for the\n// INLINED_SOCKET_CLI_SENTRY_BUILD environment variable.\nconst lazyNodeHardenFlags = () =>\n // The '@rollup/plugin-replace' will replace \"process.env[INLINED_SOCKET_CLI_SENTRY_BUILD]\".\n // Lazily access constants.WIN32.\n process.env['INLINED_SOCKET_CLI_SENTRY_BUILD'] || constants.WIN32\n ? []\n : // Harden Node security.\n // https://nodejs.org/en/learn/getting-started/security-best-practices\n // We have contributed the following patches to our dependencies to make\n // Node's --frozen-intrinsics workable.\n // √ https://github.com/SBoudrias/Inquirer.js/pull/1683\n // √ https://github.com/pnpm/components/pull/23\n ['--disable-proto', 'delete', '--frozen-intrinsics', '--no-deprecation']\n\nconst lazyRootBinPath = () =>\n // Lazily access constants.rootPath.\n path.join(constants.rootPath, 'bin')\n\nconst lazyRootDistPath = () =>\n // Lazily access constants.rootPath.\n path.join(constants.rootPath, 'dist')\n\nconst lazyRootPath = () =>\n // The '@rollup/plugin-replace' will replace \"process.env['INLINED_SOCKET_CLI_TEST_DIST_BUILD']\".\n path.join(\n realpathSync.native(__dirname),\n process.env['INLINED_SOCKET_CLI_TEST_DIST_BUILD'] ? '../..' : '..'\n )\n\nconst lazyShadowBinPath = () =>\n // Lazily access constants.rootPath.\n path.join(constants.rootPath, SHADOW_NPM_BIN)\n\nconst lazyZshRcPath = () =>\n // Lazily access constants.homePath.\n path.join(constants.homePath, '.zshrc')\n\nconst constants = createConstantsObject(\n {\n ALERT_TYPE_CRITICAL_CVE,\n ALERT_TYPE_CVE,\n ALERT_TYPE_MEDIUM_CVE,\n ALERT_TYPE_MILD_CVE,\n API_V0_URL,\n BINARY_LOCK_EXT,\n BUN,\n CLI,\n CVE_ALERT_PROPS_FIRST_PATCHED_VERSION_IDENTIFIER,\n // Lazily defined values are initialized as `undefined` to keep their key order.\n DIST_TYPE: undefined,\n DRY_RUN_LABEL,\n DRY_RUN_BAIL_TEXT,\n ENV: undefined,\n INLINED_SOCKET_CLI_LEGACY_BUILD,\n INLINED_SOCKET_CLI_PUBLISHED_BUILD,\n INLINED_SOCKET_CLI_SENTRY_BUILD,\n LOCK_EXT,\n MODULE_SYNC,\n NPM_BUGGY_OVERRIDES_PATCHED_VERSION,\n NPM_REGISTRY_URL,\n PNPM,\n REDACTED,\n REQUIRE,\n SHADOW_NPM_BIN,\n SHADOW_NPM_INJECT,\n SHADOW_NPM_PATHS,\n SOCKET,\n SOCKET_CLI_BIN_NAME,\n SOCKET_CLI_BIN_NAME_ALIAS,\n SOCKET_CLI_DEBUG,\n SOCKET_CLI_FIX,\n SOCKET_CLI_ISSUES_URL,\n SOCKET_CLI_SENTRY_BIN_NAME_ALIAS,\n SOCKET_CLI_LEGACY_PACKAGE_NAME,\n SOCKET_CLI_NO_API_TOKEN,\n SOCKET_CLI_NPM_BIN_NAME,\n SOCKET_CLI_NPX_BIN_NAME,\n SOCKET_CLI_OPTIMIZE,\n SOCKET_CLI_PACKAGE_NAME,\n SOCKET_CLI_SAFE_WRAPPER,\n SOCKET_CLI_SENTRY_BIN_NAME,\n SOCKET_CLI_SENTRY_NPM_BIN_NAME,\n SOCKET_CLI_SENTRY_NPX_BIN_NAME,\n SOCKET_CLI_SENTRY_PACKAGE_NAME,\n VLT,\n WITH_SENTRY,\n YARN,\n YARN_BERRY,\n YARN_CLASSIC,\n YARN_LOCK,\n bashRcPath: undefined,\n distCliPath: undefined,\n distInstrumentWithSentryPath: undefined,\n distPath: undefined,\n distShadowNpmBinPath: undefined,\n distShadowNpmInjectPath: undefined,\n homePath: undefined,\n minimumVersionByAgent: undefined,\n nmBinPath: undefined,\n nodeHardenFlags: undefined,\n rootBinPath: undefined,\n rootDistPath: undefined,\n rootPath: undefined,\n shadowBinPath: undefined,\n zshRcPath: undefined\n },\n {\n getters: {\n DIST_TYPE: LAZY_DIST_TYPE,\n ENV: LAZY_ENV,\n bashRcPath: lazyBashRcPath,\n distCliPath: lazyDistCliPath,\n distInstrumentWithSentryPath: lazyDistInstrumentWithSentryPath,\n distPath: lazyDistPath,\n distShadowNpmBinPath: lazyDistShadowNpmBinPath,\n distShadowNpmInjectPath: lazyDistShadowNpmInjectPath,\n homePath: lazyHomePath,\n minimumVersionByAgent: lazyMinimumVersionByAgent,\n nmBinPath: lazyNmBinPath,\n nodeHardenFlags: lazyNodeHardenFlags,\n rootBinPath: lazyRootBinPath,\n rootDistPath: lazyRootDistPath,\n rootPath: lazyRootPath,\n shadowBinPath: lazyShadowBinPath,\n zshRcPath: lazyZshRcPath\n },\n internals: {\n getIpc,\n getSentry() {\n return _Sentry\n },\n setSentry(Sentry: Sentry): boolean {\n if (_Sentry === undefined) {\n _Sentry = Sentry\n return true\n }\n return false\n }\n },\n mixin: registryConstants\n }\n) as Constants\n\nexport default constants\n"],"names":["getIpc","env","INLINED_SOCKET_CLI_LEGACY_BUILD","INLINED_SOCKET_CLI_PUBLISHED_BUILD","INLINED_SOCKET_CLI_SENTRY_BUILD","SOCKET_CLI_DEBUG","SOCKET_CLI_NO_API_TOKEN","path","constants","DIST_TYPE","ENV","bashRcPath","distCliPath","distInstrumentWithSentryPath","distPath","distShadowNpmBinPath","distShadowNpmInjectPath","homePath","minimumVersionByAgent","nmBinPath","nodeHardenFlags","rootBinPath","rootDistPath","rootPath","shadowBinPath","zshRcPath","getters","internals","getSentry","_Sentry","mixin"],"mappings":";;;;;;;;;AAWA;;;;;AAKE;;AAEEA;AACF;AACF;AA4GA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAEA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAEA;AAEA;AAGA;;AACUC;AAAI;AACZ;AACA;;AAEE;;AAEA;AACA;AACAC;AAEA;AACA;AACAC;AAEA;AACA;AACAC;AAEA;AACAC;AACA;AACAC;AACF;AACF;AAEA;AACE;AACAC;AAEF;AACE;AACAA;AAEF;AACE;AACAA;AAEF;AACE;AACAA;AAEF;AACE;AACAA;AAEF;AACE;AACAA;AAEF;AAEA;AAEI;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAGJ;AACE;AACAA;;AAEF;AACA;AACA;AACE;AACA;AACkDC;AAE9C;AACA;AACA;AACA;AACA;AACA;AACA;AAEN;AACE;AACAD;AAEF;AACE;AACAA;AAEF;AACE;AACAA;AAKF;AACE;AACAA;AAEF;AACE;AACAA;AAEIC;;;;;;;;;;AAWF;AACAC;;;AAGAC;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAsCAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACF;AAEEC;AACEjB;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;AACAC;;AAEFE;;AAEEC;AACE;;;;AAIEC;AACA;AACF;AACA;AACF;;AAEFC;AACF;;","debugId":"de43662e-a339-456d-bfec-0204b7d5e232"}
|
package/dist/module-sync/cli.js
CHANGED
|
@@ -64,11 +64,12 @@ var BoxWidget = _socketInterop(require('blessed/lib/widgets/box'));
|
|
|
64
64
|
var TableWidget = _socketInterop(require('blessed-contrib/lib/widget/table'));
|
|
65
65
|
var readline$1 = require('node:readline');
|
|
66
66
|
|
|
67
|
-
function handleUnsuccessfulApiResponse(_name,
|
|
68
|
-
|
|
69
|
-
const
|
|
70
|
-
|
|
71
|
-
|
|
67
|
+
function handleUnsuccessfulApiResponse(_name, sockSdkError) {
|
|
68
|
+
const message = sockSdkError.error || 'No error message returned';
|
|
69
|
+
const {
|
|
70
|
+
status
|
|
71
|
+
} = sockSdkError;
|
|
72
|
+
if (status === 401 || status === 403) {
|
|
72
73
|
// Lazily access constants.spinner.
|
|
73
74
|
const {
|
|
74
75
|
spinner
|
|
@@ -90,7 +91,7 @@ async function handleApiCall(value, description) {
|
|
|
90
91
|
}
|
|
91
92
|
return result;
|
|
92
93
|
}
|
|
93
|
-
async function
|
|
94
|
+
async function handleApiError(code) {
|
|
94
95
|
if (code === 400) {
|
|
95
96
|
return 'One of the options passed might be incorrect.';
|
|
96
97
|
} else if (code === 403) {
|
|
@@ -107,12 +108,12 @@ function getDefaultApiBaseUrl() {
|
|
|
107
108
|
const baseUrl = process$1.env['SOCKET_SECURITY_API_BASE_URL'] || shadowNpmInject.getSetting('apiBaseUrl');
|
|
108
109
|
return strings.isNonEmptyString(baseUrl) ? baseUrl : undefined;
|
|
109
110
|
}
|
|
110
|
-
async function
|
|
111
|
+
async function queryApi(path, apiToken) {
|
|
111
112
|
const API_V0_URL = getDefaultApiBaseUrl();
|
|
112
113
|
return await fetch(`${API_V0_URL}/${path}`, {
|
|
113
114
|
method: 'GET',
|
|
114
115
|
headers: {
|
|
115
|
-
Authorization: `Basic ${btoa(`${apiToken}
|
|
116
|
+
Authorization: `Basic ${btoa(`${apiToken}:`)}`
|
|
116
117
|
}
|
|
117
118
|
});
|
|
118
119
|
}
|
|
@@ -654,7 +655,7 @@ function emitBanner(name) {
|
|
|
654
655
|
}
|
|
655
656
|
function getAsciiHeader(command) {
|
|
656
657
|
const cliVersion = // The '@rollup/plugin-replace' will replace "process.env['INLINED_SOCKET_CLI_VERSION_HASH']".
|
|
657
|
-
"0.14.
|
|
658
|
+
"0.14.66:3dec148:ec0f93b3:pub";
|
|
658
659
|
const nodeVersion = process.version;
|
|
659
660
|
const apiToken = shadowNpmInject.getSetting('apiToken');
|
|
660
661
|
const shownToken = apiToken ? getLastFiveOfApiToken(apiToken) : 'no';
|
|
@@ -1481,10 +1482,10 @@ async function fetchDiffScanWithToken(apiToken, {
|
|
|
1481
1482
|
spinner
|
|
1482
1483
|
} = constants;
|
|
1483
1484
|
spinner.start('Fetching diff-scan...');
|
|
1484
|
-
const response = await
|
|
1485
|
+
const response = await queryApi(`orgs/${orgSlug}/full-scans/diff?before=${encodeURIComponent(before)}&after=${encodeURIComponent(after)}`, apiToken);
|
|
1485
1486
|
spinner?.successAndStop('Received diff-scan response');
|
|
1486
1487
|
if (!response.ok) {
|
|
1487
|
-
const err = await
|
|
1488
|
+
const err = await handleApiError(response.status);
|
|
1488
1489
|
spinner.errorAndStop(`${colors.bgRed(colors.white(response.statusText))}: ${err}`);
|
|
1489
1490
|
return;
|
|
1490
1491
|
}
|
|
@@ -2469,7 +2470,7 @@ function formatScore$1(score) {
|
|
|
2469
2470
|
return colors.red(`${score}`);
|
|
2470
2471
|
}
|
|
2471
2472
|
function outputPackageIssuesDetails(packageData, outputMarkdown) {
|
|
2472
|
-
const issueDetails = packageData.filter(d => d.value?.severity === shadowNpmInject.
|
|
2473
|
+
const issueDetails = packageData.filter(d => d.value?.severity === shadowNpmInject.ALERT_SEVERITY.critical || d.value?.severity === shadowNpmInject.ALERT_SEVERITY.high);
|
|
2473
2474
|
const uniqueIssueDetails = issueDetails.reduce((acc, issue) => {
|
|
2474
2475
|
const {
|
|
2475
2476
|
type
|
|
@@ -5484,10 +5485,10 @@ async function getFullScan(orgSlug, fullScanId) {
|
|
|
5484
5485
|
throw new shadowNpmInject.AuthError('User must be authenticated to run this command. To log in, run the command `socket login` and enter your API key.');
|
|
5485
5486
|
}
|
|
5486
5487
|
spinner.start('Fetching full-scan...');
|
|
5487
|
-
const response = await
|
|
5488
|
+
const response = await queryApi(`orgs/${orgSlug}/full-scans/${encodeURIComponent(fullScanId)}`, apiToken);
|
|
5488
5489
|
spinner.stop('Fetch complete.');
|
|
5489
5490
|
if (!response.ok) {
|
|
5490
|
-
const err = await
|
|
5491
|
+
const err = await handleApiError(response.status);
|
|
5491
5492
|
logger.logger.fail(`${colors.bgRed(colors.white(response.statusText))}: Fetch error: ${err}`);
|
|
5492
5493
|
return;
|
|
5493
5494
|
}
|
|
@@ -7316,11 +7317,11 @@ includeSecurityPolicy) {
|
|
|
7316
7317
|
// licensePolicyMaybe,
|
|
7317
7318
|
securityPolicyMaybe] = await Promise.all([(async () => {
|
|
7318
7319
|
try {
|
|
7319
|
-
const response = await
|
|
7320
|
+
const response = await queryApi(`orgs/${orgSlug}/full-scans/${encodeURIComponent(fullScanId)}`, apiToken);
|
|
7320
7321
|
haveScan = true;
|
|
7321
7322
|
updateProgress();
|
|
7322
7323
|
if (!response.ok) {
|
|
7323
|
-
const err = await
|
|
7324
|
+
const err = await handleApiError(response.status);
|
|
7324
7325
|
logger.logger.fail(`${colors.bgRed(colors.white(response.statusText))}: Fetch error: ${err}`);
|
|
7325
7326
|
return undefined;
|
|
7326
7327
|
}
|
|
@@ -8034,7 +8035,7 @@ async function getThreatFeedWithToken({
|
|
|
8034
8035
|
} = constants;
|
|
8035
8036
|
const queryParams = new URLSearchParams([['direction', direction], ['ecosystem', ecosystem], ['filter', filter], ['page', page], ['per_page', String(perPage)]]);
|
|
8036
8037
|
spinner.start('Fetching Threat Feed data...');
|
|
8037
|
-
const response = await
|
|
8038
|
+
const response = await queryApi(`threat-feed?${queryParams}`, apiToken);
|
|
8038
8039
|
const data = await response.json();
|
|
8039
8040
|
spinner.stop('Threat feed data fetched');
|
|
8040
8041
|
if (outputKind === 'json') {
|
|
@@ -8457,7 +8458,7 @@ void (async () => {
|
|
|
8457
8458
|
await updateNotifier({
|
|
8458
8459
|
name: SOCKET_CLI_BIN_NAME,
|
|
8459
8460
|
// The '@rollup/plugin-replace' will replace "process.env['INLINED_SOCKET_CLI_VERSION']".
|
|
8460
|
-
version: "0.14.
|
|
8461
|
+
version: "0.14.66",
|
|
8461
8462
|
ttl: 86_400_000 /* 24 hours in milliseconds */
|
|
8462
8463
|
});
|
|
8463
8464
|
try {
|
|
@@ -8524,5 +8525,5 @@ void (async () => {
|
|
|
8524
8525
|
await shadowNpmInject.captureException(e);
|
|
8525
8526
|
}
|
|
8526
8527
|
})();
|
|
8527
|
-
//# debugId=
|
|
8528
|
+
//# debugId=cf810ddf-d663-4a2a-9b87-d7de41ca2005
|
|
8528
8529
|
//# sourceMappingURL=cli.js.map
|