socket 0.14.78 → 0.14.79

package/dist/module-sync/cli.js

@@ -38,6 +38,7 @@ const prompts = require('@socketsecurity/registry/lib/prompts')
 const shadowNpmPaths = require('./shadow-npm-paths.js')
 const chalkTable = _socketInterop(require('chalk-table'))
 const util = require('node:util')
+const terminalLink = _socketInterop(require('terminal-link'))
 const arrays = require('@socketsecurity/registry/lib/arrays')
 const registry = require('@socketsecurity/registry')
 const npm = require('@socketsecurity/registry/lib/npm')
@@ -55,7 +56,6 @@ const index_cjs = require('@socketregistry/hyrious__bun.lockb/index.cjs')
 const sorts = require('@socketsecurity/registry/lib/sorts')
 const registryConstants = require('@socketsecurity/registry/lib/constants')
 const isInteractive = require('@socketregistry/is-interactive/index.cjs')
-const terminalLink = _socketInterop(require('terminal-link'))
 const npa = _socketInterop(require('npm-package-arg'))
 const tinyglobby = _socketInterop(require('tinyglobby'))
 const promises = require('@socketsecurity/registry/lib/promises')
@@ -915,7 +915,7 @@ function emitBanner(name) {
   logger.logger.error(getAsciiHeader(name))
 }
 function getAsciiHeader(command) {
-  const cliVersion = '0.14.78:559893b:f292c468:pub' // The '@rollup/plugin-replace' will replace "process.env['INLINED_SOCKET_CLI_VERSION_HASH']".
+  const cliVersion = '0.14.79:a3df48b:dfff0bac:pub' // The '@rollup/plugin-replace' will replace "process.env['INLINED_SOCKET_CLI_VERSION_HASH']".
   const nodeVersion = process$1.version
   const apiToken = shadowNpmInject.getDefaultToken()
   const shownToken = apiToken ? getLastFiveOfApiToken(apiToken) : 'no'
@@ -3778,6 +3778,35 @@ function getOctokit() {
   }
   return _octokit
 }
+async function enableAutoMerge(prResponseData) {
+  const octokit = getOctokit()
+  const { node_id: prId, number: prNumber } = prResponseData
+  try {
+    await octokit.graphql(
+      `
+      mutation EnableAutoMerge($pullRequestId: ID!) {
+        enablePullRequestAutoMerge(input: {
+          pullRequestId: $pullRequestId,
+          mergeMethod: SQUASH
+        }) {
+          pullRequest {
+            number
+            autoMergeRequest {
+              enabledAt
+            }
+          }
+        }
+      }
+      `,
+      {
+        pullRequestId: prId
+      }
+    )
+    logger.logger.info(`Auto-merge enabled for PR #${prNumber}`)
+  } catch (e) {
+    logger.logger.error(`Failed to enable auto-merge for PR #${prNumber}:`, e)
+  }
+}
 async function openGitHubPullRequest(name, targetVersion, cwd = process.cwd()) {
   // Lazily access constants.ENV[GITHUB_ACTIONS].
   if (constants.ENV[GITHUB_ACTIONS]) {
@@ -3819,7 +3848,7 @@ async function openGitHubPullRequest(name, targetVersion, cwd = process.cwd()) {
       })
     }
     const octokit = getOctokit()
-    await octokit.pulls.create({
+    return await octokit.pulls.create({
       owner,
       repo,
       title: commitMsg,
@@ -3846,16 +3875,10 @@ async function install$1(idealTree, options) {
   arb2.idealTree = idealTree
   await arb2.reify()
 }
-async function npmFix(_pkgEnvDetails, options) {
-  const {
-    cwd = process.cwd(),
-    spinner,
-    test = false,
-    testScript = 'test'
-  } = {
-    __proto__: null,
-    ...options
-  }
+async function npmFix(
+  _pkgEnvDetails,
+  { autoMerge, cwd, rangeStyle, spinner, test, testScript }
+) {
   spinner?.start()
   const arb = new shadowNpmInject.SafeArborist({
     path: cwd,
@@ -3951,7 +3974,8 @@ async function npmFix(_pkgEnvDetails, options) {
             shadowNpmInject.updatePackageJsonFromNode(
               editablePkgJson,
               arb.idealTree,
-              node
+              node,
+              rangeStyle
             )
             // eslint-disable-next-line no-await-in-loop
             await editablePkgJson.save()
@@ -3975,7 +3999,15 @@ async function npmFix(_pkgEnvDetails, options) {
             // Lazily access constants.ENV[CI].
             if (constants.ENV[CI$1]) {
               // eslint-disable-next-line no-await-in-loop
-              await openGitHubPullRequest(name, targetVersion, cwd)
+              const prResponse = await openGitHubPullRequest(
+                name,
+                targetVersion,
+                cwd
+              )
+              if (autoMerge) {
+                // eslint-disable-next-line no-await-in-loop
+                await enableAutoMerge(prResponse.data)
+              }
             }
           } catch {
             spinner?.error(`Reverting ${fixSpec}`)
@@ -4206,16 +4238,10 @@ async function install(pkgEnvDetails, options) {
     stdio: 'ignore'
   })
 }
-async function pnpmFix(pkgEnvDetails, options) {
-  const {
-    cwd = process.cwd(),
-    spinner,
-    test = false,
-    testScript = 'test'
-  } = {
-    __proto__: null,
-    ...options
-  }
+async function pnpmFix(
+  pkgEnvDetails,
+  { autoMerge, cwd, rangeStyle, spinner, test, testScript }
+) {
   const lockfile = await lockfile_fs.readWantedLockfile(cwd, {
     ignoreIncompatible: false
   })
@@ -4345,7 +4371,8 @@ async function pnpmFix(pkgEnvDetails, options) {
             shadowNpmInject.updatePackageJsonFromNode(
               editablePkgJson,
               arb.actualTree,
-              node
+              node,
+              rangeStyle
             )
             // eslint-disable-next-line no-await-in-loop
             await editablePkgJson.save()
@@ -4370,7 +4397,15 @@ async function pnpmFix(pkgEnvDetails, options) {
             // Lazily access constants.ENV[CI].
             if (constants.ENV[CI]) {
               // eslint-disable-next-line no-await-in-loop
-              await openGitHubPullRequest(name, targetVersion, cwd)
+              const prResponse = await openGitHubPullRequest(
+                name,
+                targetVersion,
+                cwd
+              )
+              if (autoMerge) {
+                // eslint-disable-next-line no-await-in-loop
+                await enableAutoMerge(prResponse.data)
+              }
             }
           } catch {
             spinner?.error(`Reverting ${fixSpec}`)
@@ -4797,48 +4832,27 @@ async function detectAndValidatePackageEnvironment(cwd, options) {
 
 const { NPM: NPM$a, PNPM: PNPM$7 } = constants
 const CMD_NAME$2 = 'socket fix'
-async function runFix({
-  cwd = process.cwd(),
-  rangeStyle,
-  spinner,
-  test = false,
-  testScript = 'test'
-}) {
-  const pkgEnvDetails = await detectAndValidatePackageEnvironment(cwd, {
+async function runFix(options_) {
+  const options = shadowNpmInject.assignDefaultFixOptions({
+    __proto__: null,
+    ...options_
+  })
+  const pkgEnvDetails = await detectAndValidatePackageEnvironment(options.cwd, {
     cmdName: CMD_NAME$2,
     logger: logger.logger
   })
   if (!pkgEnvDetails) {
-    spinner?.stop()
     return
   }
   logger.logger.info(`Fixing packages for ${pkgEnvDetails.agent}`)
-  switch (pkgEnvDetails.agent) {
-    case NPM$a: {
-      await npmFix(pkgEnvDetails, {
-        rangeStyle,
-        spinner,
-        test,
-        testScript
-      })
-      break
-    }
-    case PNPM$7: {
-      await pnpmFix(pkgEnvDetails, {
-        rangeStyle,
-        spinner,
-        test,
-        testScript
-      })
-      break
-    }
+  const { agent } = pkgEnvDetails
+  if (agent === NPM$a) {
+    await npmFix(pkgEnvDetails, options)
+  } else if (agent === PNPM$7) {
+    await pnpmFix(pkgEnvDetails, options)
   }
-  spinner?.stop()
-  // spinner.successAndStop('Socket.dev fix successful')
 }
 
-const RangeStyles = ['caret', 'gt', 'lt', 'pin', 'preserve', 'tilde']
-
 const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$w } = constants
 const config$z = {
   commandName: 'fix',
@@ -4846,6 +4860,11 @@ const config$z = {
   hidden: true,
   flags: {
     ...commonFlags,
+    autoMerge: {
+      type: 'boolean',
+      default: true,
+      description: `Enable auto-merge for pull requests that Socket opens.\n                        See ${terminalLink('GitHub documentation', 'https://docs.github.com/en/repositories/configuring-branches-and-merges-in-your-repository/configuring-pull-request-merges/managing-auto-merge-for-pull-requests-in-your-repository')} for managing auto-merge for pull requests in your repository.`
+    },
     rangeStyle: {
       type: 'string',
       default: 'preserve',
@@ -4863,7 +4882,7 @@ const config$z = {
     test: {
       type: 'boolean',
       default: true,
-      description: 'Very the fix by running unit tests'
+      description: 'Verify the fix by running unit tests'
     },
     testScript: {
       type: 'string',
@@ -4892,8 +4911,8 @@ async function run$z(argv, importMeta, { parentName }) {
     parentName
   })
   const wasBadInput = handleBadInput({
-    test: RangeStyles.includes(cli.flags['rangeStyle']),
-    message: `Expecting range style of ${arrays.joinOr(RangeStyles)}`,
+    test: shadowNpmInject.RangeStyles.includes(cli.flags['rangeStyle']),
+    message: `Expecting range style of ${arrays.joinOr(shadowNpmInject.RangeStyles)}`,
     pass: 'ok',
     fail: 'missing'
   })
@@ -4908,6 +4927,7 @@ async function run$z(argv, importMeta, { parentName }) {
   // Lazily access constants.spinner.
   const { spinner } = constants
   await runFix({
+    autoMerge: Boolean(cli.flags['autoMerge']),
     spinner,
     rangeStyle: cli.flags['rangeStyle'] ?? undefined,
     test: Boolean(cli.flags['test']),
@@ -11281,7 +11301,7 @@ void (async () => {
   await updateNotifier({
     name: SOCKET_CLI_BIN_NAME,
     // The '@rollup/plugin-replace' will replace "process.env['INLINED_SOCKET_CLI_VERSION']".
-    version: '0.14.78',
+    version: '0.14.79',
     ttl: 86_400_000 /* 24 hours in milliseconds */
   })
   try {
@@ -11349,5 +11369,5 @@ void (async () => {
     await shadowNpmInject.captureException(e)
   }
 })()
-//# debugId=a3834357-ec99-46d9-b838-179df271da88
+//# debugId=b660eaf5-1e09-4d0e-9a7d-a1d707ccafed
 //# sourceMappingURL=cli.js.map