socket 0.14.78 → 0.14.80
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/module-sync/cli.js +85 -65
- package/dist/module-sync/cli.js.map +1 -1
- package/dist/module-sync/shadow-npm-inject.js +52 -5
- package/dist/module-sync/shadow-npm-inject.js.map +1 -1
- package/dist/module-sync/shared.d.ts +11 -0
- package/dist/module-sync/types.d.ts +24 -79
- package/dist/require/cli.js +85 -65
- package/dist/require/cli.js.map +1 -1
- package/package.json +3 -1
- package/dist/module-sync/fs.d.ts +0 -61
|
@@ -1,81 +1,26 @@
|
|
|
1
|
-
|
|
2
|
-
|
|
3
|
-
|
|
4
|
-
import { Options as ArboristOptions } from '@npmcli/arborist'
|
|
5
|
-
import { Advisory as BaseAdvisory } from '@npmcli/arborist'
|
|
6
|
-
import { Arborist as BaseArborist } from '@npmcli/arborist'
|
|
7
|
-
import { AuditReport as BaseAuditReport } from '@npmcli/arborist'
|
|
8
|
-
import { Diff as BaseDiff } from '@npmcli/arborist'
|
|
9
|
-
type ArboristClass = ArboristInstance & {
|
|
10
|
-
new (...args: any): ArboristInstance
|
|
1
|
+
import { Spinner } from '@socketsecurity/registry/lib/spinner'
|
|
2
|
+
type StripUndefined<T> = {
|
|
3
|
+
[K in keyof T]-?: Exclude<T[K], undefined>
|
|
11
4
|
}
|
|
12
|
-
type
|
|
13
|
-
|
|
14
|
-
| '
|
|
15
|
-
| '
|
|
16
|
-
| '
|
|
17
|
-
| '
|
|
18
|
-
| '
|
|
19
|
-
| '
|
|
20
|
-
| '
|
|
21
|
-
|
|
22
|
-
|
|
23
|
-
|
|
24
|
-
|
|
25
|
-
|
|
26
|
-
|
|
27
|
-
|
|
28
|
-
loadActual(options?: ArboristOptions): Promise<SafeNode>
|
|
29
|
-
loadVirtual(options?: ArboristOptions): Promise<SafeNode>
|
|
30
|
-
reify(options?: ArboristReifyOptions): Promise<SafeNode>
|
|
31
|
-
}
|
|
32
|
-
type ArboristReifyOptions = ReifyOptions & ArboristOptions
|
|
33
|
-
type AuditReportInstance = Omit<BaseAuditReport, 'report'> & {
|
|
34
|
-
report: {
|
|
35
|
-
[dependency: string]: AuditAdvisory[]
|
|
36
|
-
}
|
|
37
|
-
}
|
|
38
|
-
type AuditAdvisory = Omit<BaseAdvisory, 'id'> & {
|
|
39
|
-
id: number
|
|
40
|
-
cwe: string[]
|
|
41
|
-
cvss: {
|
|
42
|
-
score: number
|
|
43
|
-
vectorString: string
|
|
44
|
-
}
|
|
45
|
-
vulnerable_versions: string
|
|
46
|
-
}
|
|
47
|
-
declare enum DiffAction {
|
|
48
|
-
add = 'ADD',
|
|
49
|
-
change = 'CHANGE',
|
|
50
|
-
remove = 'REMOVE'
|
|
51
|
-
}
|
|
52
|
-
type Diff = Omit<
|
|
53
|
-
BaseDiff,
|
|
54
|
-
| 'actual'
|
|
55
|
-
| 'children'
|
|
56
|
-
| 'filterSet'
|
|
57
|
-
| 'ideal'
|
|
58
|
-
| 'leaves'
|
|
59
|
-
| 'removed'
|
|
60
|
-
| 'shrinkwrapInflated'
|
|
61
|
-
| 'unchanged'
|
|
62
|
-
> & {
|
|
63
|
-
actual: SafeNode
|
|
64
|
-
children: Diff[]
|
|
65
|
-
filterSet: Set<SafeNode>
|
|
66
|
-
ideal: SafeNode
|
|
67
|
-
leaves: SafeNode[]
|
|
68
|
-
parent: Diff | null
|
|
69
|
-
removed: SafeNode[]
|
|
70
|
-
shrinkwrapInflated: Set<SafeNode>
|
|
71
|
-
unchanged: SafeNode[]
|
|
72
|
-
}
|
|
73
|
-
export {
|
|
74
|
-
ArboristClass,
|
|
75
|
-
ArboristInstance,
|
|
76
|
-
ArboristReifyOptions,
|
|
77
|
-
AuditReportInstance,
|
|
78
|
-
AuditAdvisory,
|
|
79
|
-
DiffAction,
|
|
80
|
-
Diff
|
|
5
|
+
type RangeStyle =
|
|
6
|
+
| 'caret'
|
|
7
|
+
| 'gt'
|
|
8
|
+
| 'gte'
|
|
9
|
+
| 'lt'
|
|
10
|
+
| 'lte'
|
|
11
|
+
| 'pin'
|
|
12
|
+
| 'preserve'
|
|
13
|
+
| 'tilde'
|
|
14
|
+
type FixOptions = {
|
|
15
|
+
autoMerge?: boolean | undefined
|
|
16
|
+
cwd?: string | undefined
|
|
17
|
+
rangeStyle?: RangeStyle | undefined
|
|
18
|
+
spinner?: Spinner | undefined
|
|
19
|
+
test?: boolean | undefined
|
|
20
|
+
testScript?: string | undefined
|
|
81
21
|
}
|
|
22
|
+
type NormalizedFixOptions = StripUndefined<
|
|
23
|
+
Required<Omit<FixOptions, 'spinner'>>
|
|
24
|
+
> &
|
|
25
|
+
Pick<FixOptions, 'spinner'>
|
|
26
|
+
export { RangeStyle, FixOptions, NormalizedFixOptions }
|
package/dist/require/cli.js
CHANGED
|
@@ -36,6 +36,7 @@ const prompts = require('@socketsecurity/registry/lib/prompts')
|
|
|
36
36
|
const shadowNpmPaths = require('./shadow-npm-paths.js')
|
|
37
37
|
const chalkTable = _socketInterop(require('chalk-table'))
|
|
38
38
|
const require$$0$1 = require('node:util')
|
|
39
|
+
const terminalLink = _socketInterop(require('terminal-link'))
|
|
39
40
|
const arrays = require('@socketsecurity/registry/lib/arrays')
|
|
40
41
|
const registry = require('@socketsecurity/registry')
|
|
41
42
|
const npm = require('@socketsecurity/registry/lib/npm')
|
|
@@ -52,7 +53,6 @@ const index_cjs = require('@socketregistry/hyrious__bun.lockb/index.cjs')
|
|
|
52
53
|
const sorts = require('@socketsecurity/registry/lib/sorts')
|
|
53
54
|
const registryConstants = require('@socketsecurity/registry/lib/constants')
|
|
54
55
|
const isInteractive = require('@socketregistry/is-interactive/index.cjs')
|
|
55
|
-
const terminalLink = _socketInterop(require('terminal-link'))
|
|
56
56
|
const npa = _socketInterop(require('npm-package-arg'))
|
|
57
57
|
const tinyglobby = _socketInterop(require('tinyglobby'))
|
|
58
58
|
const promises = require('@socketsecurity/registry/lib/promises')
|
|
@@ -912,7 +912,7 @@ function emitBanner(name) {
|
|
|
912
912
|
logger.logger.error(getAsciiHeader(name))
|
|
913
913
|
}
|
|
914
914
|
function getAsciiHeader(command) {
|
|
915
|
-
const cliVersion = '0.14.
|
|
915
|
+
const cliVersion = '0.14.80:4ef7be7:b1e38d93:pub' // The '@rollup/plugin-replace' will replace "process.env['INLINED_SOCKET_CLI_VERSION_HASH']".
|
|
916
916
|
const nodeVersion = process$1.version
|
|
917
917
|
const apiToken = shadowNpmInject.getDefaultToken()
|
|
918
918
|
const shownToken = apiToken ? getLastFiveOfApiToken(apiToken) : 'no'
|
|
@@ -3775,6 +3775,35 @@ function getOctokit() {
|
|
|
3775
3775
|
}
|
|
3776
3776
|
return _octokit
|
|
3777
3777
|
}
|
|
3778
|
+
async function enableAutoMerge(prResponseData) {
|
|
3779
|
+
const octokit = getOctokit()
|
|
3780
|
+
const { node_id: prId, number: prNumber } = prResponseData
|
|
3781
|
+
try {
|
|
3782
|
+
await octokit.graphql(
|
|
3783
|
+
`
|
|
3784
|
+
mutation EnableAutoMerge($pullRequestId: ID!) {
|
|
3785
|
+
enablePullRequestAutoMerge(input: {
|
|
3786
|
+
pullRequestId: $pullRequestId,
|
|
3787
|
+
mergeMethod: SQUASH
|
|
3788
|
+
}) {
|
|
3789
|
+
pullRequest {
|
|
3790
|
+
number
|
|
3791
|
+
autoMergeRequest {
|
|
3792
|
+
enabledAt
|
|
3793
|
+
}
|
|
3794
|
+
}
|
|
3795
|
+
}
|
|
3796
|
+
}
|
|
3797
|
+
`,
|
|
3798
|
+
{
|
|
3799
|
+
pullRequestId: prId
|
|
3800
|
+
}
|
|
3801
|
+
)
|
|
3802
|
+
logger.logger.info(`Auto-merge enabled for PR #${prNumber}`)
|
|
3803
|
+
} catch (e) {
|
|
3804
|
+
logger.logger.error(`Failed to enable auto-merge for PR #${prNumber}:`, e)
|
|
3805
|
+
}
|
|
3806
|
+
}
|
|
3778
3807
|
async function openGitHubPullRequest(name, targetVersion, cwd = process.cwd()) {
|
|
3779
3808
|
// Lazily access constants.ENV[GITHUB_ACTIONS].
|
|
3780
3809
|
if (constants.ENV[GITHUB_ACTIONS]) {
|
|
@@ -3816,7 +3845,7 @@ async function openGitHubPullRequest(name, targetVersion, cwd = process.cwd()) {
|
|
|
3816
3845
|
})
|
|
3817
3846
|
}
|
|
3818
3847
|
const octokit = getOctokit()
|
|
3819
|
-
await octokit.pulls.create({
|
|
3848
|
+
return await octokit.pulls.create({
|
|
3820
3849
|
owner,
|
|
3821
3850
|
repo,
|
|
3822
3851
|
title: commitMsg,
|
|
@@ -3843,16 +3872,10 @@ async function install$1(idealTree, options) {
|
|
|
3843
3872
|
arb2.idealTree = idealTree
|
|
3844
3873
|
await arb2.reify()
|
|
3845
3874
|
}
|
|
3846
|
-
async function npmFix(
|
|
3847
|
-
|
|
3848
|
-
|
|
3849
|
-
|
|
3850
|
-
test = false,
|
|
3851
|
-
testScript = 'test'
|
|
3852
|
-
} = {
|
|
3853
|
-
__proto__: null,
|
|
3854
|
-
...options
|
|
3855
|
-
}
|
|
3875
|
+
async function npmFix(
|
|
3876
|
+
_pkgEnvDetails,
|
|
3877
|
+
{ autoMerge, cwd, rangeStyle, spinner, test, testScript }
|
|
3878
|
+
) {
|
|
3856
3879
|
spinner?.start()
|
|
3857
3880
|
const arb = new shadowNpmInject.SafeArborist({
|
|
3858
3881
|
path: cwd,
|
|
@@ -3948,7 +3971,8 @@ async function npmFix(_pkgEnvDetails, options) {
|
|
|
3948
3971
|
shadowNpmInject.updatePackageJsonFromNode(
|
|
3949
3972
|
editablePkgJson,
|
|
3950
3973
|
arb.idealTree,
|
|
3951
|
-
node
|
|
3974
|
+
node,
|
|
3975
|
+
rangeStyle
|
|
3952
3976
|
)
|
|
3953
3977
|
// eslint-disable-next-line no-await-in-loop
|
|
3954
3978
|
await editablePkgJson.save()
|
|
@@ -3972,7 +3996,15 @@ async function npmFix(_pkgEnvDetails, options) {
|
|
|
3972
3996
|
// Lazily access constants.ENV[CI].
|
|
3973
3997
|
if (constants.ENV[CI$1]) {
|
|
3974
3998
|
// eslint-disable-next-line no-await-in-loop
|
|
3975
|
-
await openGitHubPullRequest(
|
|
3999
|
+
const prResponse = await openGitHubPullRequest(
|
|
4000
|
+
name,
|
|
4001
|
+
targetVersion,
|
|
4002
|
+
cwd
|
|
4003
|
+
)
|
|
4004
|
+
if (autoMerge) {
|
|
4005
|
+
// eslint-disable-next-line no-await-in-loop
|
|
4006
|
+
await enableAutoMerge(prResponse.data)
|
|
4007
|
+
}
|
|
3976
4008
|
}
|
|
3977
4009
|
} catch {
|
|
3978
4010
|
spinner?.error(`Reverting ${fixSpec}`)
|
|
@@ -4203,16 +4235,10 @@ async function install(pkgEnvDetails, options) {
|
|
|
4203
4235
|
stdio: 'ignore'
|
|
4204
4236
|
})
|
|
4205
4237
|
}
|
|
4206
|
-
async function pnpmFix(
|
|
4207
|
-
|
|
4208
|
-
|
|
4209
|
-
|
|
4210
|
-
test = false,
|
|
4211
|
-
testScript = 'test'
|
|
4212
|
-
} = {
|
|
4213
|
-
__proto__: null,
|
|
4214
|
-
...options
|
|
4215
|
-
}
|
|
4238
|
+
async function pnpmFix(
|
|
4239
|
+
pkgEnvDetails,
|
|
4240
|
+
{ autoMerge, cwd, rangeStyle, spinner, test, testScript }
|
|
4241
|
+
) {
|
|
4216
4242
|
const lockfile = await lockfile_fs.readWantedLockfile(cwd, {
|
|
4217
4243
|
ignoreIncompatible: false
|
|
4218
4244
|
})
|
|
@@ -4269,7 +4295,7 @@ async function pnpmFix(pkgEnvDetails, options) {
|
|
|
4269
4295
|
vulnerableVersionRange
|
|
4270
4296
|
} of infos) {
|
|
4271
4297
|
const node = shadowNpmInject.findPackageNode(
|
|
4272
|
-
arb.
|
|
4298
|
+
arb.actualTree,
|
|
4273
4299
|
name,
|
|
4274
4300
|
oldVersion
|
|
4275
4301
|
)
|
|
@@ -4342,7 +4368,8 @@ async function pnpmFix(pkgEnvDetails, options) {
|
|
|
4342
4368
|
shadowNpmInject.updatePackageJsonFromNode(
|
|
4343
4369
|
editablePkgJson,
|
|
4344
4370
|
arb.actualTree,
|
|
4345
|
-
node
|
|
4371
|
+
node,
|
|
4372
|
+
rangeStyle
|
|
4346
4373
|
)
|
|
4347
4374
|
// eslint-disable-next-line no-await-in-loop
|
|
4348
4375
|
await editablePkgJson.save()
|
|
@@ -4367,7 +4394,15 @@ async function pnpmFix(pkgEnvDetails, options) {
|
|
|
4367
4394
|
// Lazily access constants.ENV[CI].
|
|
4368
4395
|
if (constants.ENV[CI]) {
|
|
4369
4396
|
// eslint-disable-next-line no-await-in-loop
|
|
4370
|
-
await openGitHubPullRequest(
|
|
4397
|
+
const prResponse = await openGitHubPullRequest(
|
|
4398
|
+
name,
|
|
4399
|
+
targetVersion,
|
|
4400
|
+
cwd
|
|
4401
|
+
)
|
|
4402
|
+
if (autoMerge) {
|
|
4403
|
+
// eslint-disable-next-line no-await-in-loop
|
|
4404
|
+
await enableAutoMerge(prResponse.data)
|
|
4405
|
+
}
|
|
4371
4406
|
}
|
|
4372
4407
|
} catch {
|
|
4373
4408
|
spinner?.error(`Reverting ${fixSpec}`)
|
|
@@ -4794,48 +4829,27 @@ async function detectAndValidatePackageEnvironment(cwd, options) {
|
|
|
4794
4829
|
|
|
4795
4830
|
const { NPM: NPM$a, PNPM: PNPM$7 } = constants
|
|
4796
4831
|
const CMD_NAME$2 = 'socket fix'
|
|
4797
|
-
async function runFix({
|
|
4798
|
-
|
|
4799
|
-
|
|
4800
|
-
|
|
4801
|
-
|
|
4802
|
-
|
|
4803
|
-
}) {
|
|
4804
|
-
const pkgEnvDetails = await detectAndValidatePackageEnvironment(cwd, {
|
|
4832
|
+
async function runFix(options_) {
|
|
4833
|
+
const options = shadowNpmInject.assignDefaultFixOptions({
|
|
4834
|
+
__proto__: null,
|
|
4835
|
+
...options_
|
|
4836
|
+
})
|
|
4837
|
+
const pkgEnvDetails = await detectAndValidatePackageEnvironment(options.cwd, {
|
|
4805
4838
|
cmdName: CMD_NAME$2,
|
|
4806
4839
|
logger: logger.logger
|
|
4807
4840
|
})
|
|
4808
4841
|
if (!pkgEnvDetails) {
|
|
4809
|
-
spinner?.stop()
|
|
4810
4842
|
return
|
|
4811
4843
|
}
|
|
4812
4844
|
logger.logger.info(`Fixing packages for ${pkgEnvDetails.agent}`)
|
|
4813
|
-
|
|
4814
|
-
|
|
4815
|
-
|
|
4816
|
-
|
|
4817
|
-
|
|
4818
|
-
test,
|
|
4819
|
-
testScript
|
|
4820
|
-
})
|
|
4821
|
-
break
|
|
4822
|
-
}
|
|
4823
|
-
case PNPM$7: {
|
|
4824
|
-
await pnpmFix(pkgEnvDetails, {
|
|
4825
|
-
rangeStyle,
|
|
4826
|
-
spinner,
|
|
4827
|
-
test,
|
|
4828
|
-
testScript
|
|
4829
|
-
})
|
|
4830
|
-
break
|
|
4831
|
-
}
|
|
4845
|
+
const { agent } = pkgEnvDetails
|
|
4846
|
+
if (agent === NPM$a) {
|
|
4847
|
+
await npmFix(pkgEnvDetails, options)
|
|
4848
|
+
} else if (agent === PNPM$7) {
|
|
4849
|
+
await pnpmFix(pkgEnvDetails, options)
|
|
4832
4850
|
}
|
|
4833
|
-
spinner?.stop()
|
|
4834
|
-
// spinner.successAndStop('Socket.dev fix successful')
|
|
4835
4851
|
}
|
|
4836
4852
|
|
|
4837
|
-
const RangeStyles = ['caret', 'gt', 'lt', 'pin', 'preserve', 'tilde']
|
|
4838
|
-
|
|
4839
4853
|
const { DRY_RUN_BAIL_TEXT: DRY_RUN_BAIL_TEXT$w } = constants
|
|
4840
4854
|
const config$z = {
|
|
4841
4855
|
commandName: 'fix',
|
|
@@ -4843,6 +4857,11 @@ const config$z = {
|
|
|
4843
4857
|
hidden: true,
|
|
4844
4858
|
flags: {
|
|
4845
4859
|
...commonFlags,
|
|
4860
|
+
autoMerge: {
|
|
4861
|
+
type: 'boolean',
|
|
4862
|
+
default: true,
|
|
4863
|
+
description: `Enable auto-merge for pull requests that Socket opens.\n See ${terminalLink('GitHub documentation', 'https://docs.github.com/en/repositories/configuring-branches-and-merges-in-your-repository/configuring-pull-request-merges/managing-auto-merge-for-pull-requests-in-your-repository')} for managing auto-merge for pull requests in your repository.`
|
|
4864
|
+
},
|
|
4846
4865
|
rangeStyle: {
|
|
4847
4866
|
type: 'string',
|
|
4848
4867
|
default: 'preserve',
|
|
@@ -4860,7 +4879,7 @@ const config$z = {
|
|
|
4860
4879
|
test: {
|
|
4861
4880
|
type: 'boolean',
|
|
4862
4881
|
default: true,
|
|
4863
|
-
description: '
|
|
4882
|
+
description: 'Verify the fix by running unit tests'
|
|
4864
4883
|
},
|
|
4865
4884
|
testScript: {
|
|
4866
4885
|
type: 'string',
|
|
@@ -4889,8 +4908,8 @@ async function run$z(argv, importMeta, { parentName }) {
|
|
|
4889
4908
|
parentName
|
|
4890
4909
|
})
|
|
4891
4910
|
const wasBadInput = handleBadInput({
|
|
4892
|
-
test: RangeStyles.includes(cli.flags['rangeStyle']),
|
|
4893
|
-
message: `Expecting range style of ${arrays.joinOr(RangeStyles)}`,
|
|
4911
|
+
test: shadowNpmInject.RangeStyles.includes(cli.flags['rangeStyle']),
|
|
4912
|
+
message: `Expecting range style of ${arrays.joinOr(shadowNpmInject.RangeStyles)}`,
|
|
4894
4913
|
pass: 'ok',
|
|
4895
4914
|
fail: 'missing'
|
|
4896
4915
|
})
|
|
@@ -4905,6 +4924,7 @@ async function run$z(argv, importMeta, { parentName }) {
|
|
|
4905
4924
|
// Lazily access constants.spinner.
|
|
4906
4925
|
const { spinner } = constants
|
|
4907
4926
|
await runFix({
|
|
4927
|
+
autoMerge: Boolean(cli.flags['autoMerge']),
|
|
4908
4928
|
spinner,
|
|
4909
4929
|
rangeStyle: cli.flags['rangeStyle'] ?? undefined,
|
|
4910
4930
|
test: Boolean(cli.flags['test']),
|
|
@@ -11280,7 +11300,7 @@ void (async () => {
|
|
|
11280
11300
|
await vendor.updater({
|
|
11281
11301
|
name: SOCKET_CLI_BIN_NAME,
|
|
11282
11302
|
// The '@rollup/plugin-replace' will replace "process.env['INLINED_SOCKET_CLI_VERSION']".
|
|
11283
|
-
version: '0.14.
|
|
11303
|
+
version: '0.14.80',
|
|
11284
11304
|
ttl: 86_400_000 /* 24 hours in milliseconds */
|
|
11285
11305
|
})
|
|
11286
11306
|
try {
|
|
@@ -11348,5 +11368,5 @@ void (async () => {
|
|
|
11348
11368
|
await shadowNpmInject.captureException(e)
|
|
11349
11369
|
}
|
|
11350
11370
|
})()
|
|
11351
|
-
//# debugId=
|
|
11371
|
+
//# debugId=7245fc85-8ea2-46f6-9d98-5d890466bd4f
|
|
11352
11372
|
//# sourceMappingURL=cli.js.map
|