socket 0.14.85 → 0.14.86

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (8) hide show
  1. package/dist/module-sync/cli.js +84 -50
  2. package/dist/module-sync/cli.js.map +1 -1
  3. package/dist/module-sync/shadow-npm-inject.js +2 -2
  4. package/dist/module-sync/shadow-npm-inject.js.map +1 -1
  5. package/dist/require/cli.js +84 -50
  6. package/dist/require/cli.js.map +1 -1
  7. package/package.json +1 -1
  8. package/dist/module-sync/fs.d.ts +0 -61
package/dist/module-sync/cli.js CHANGED
@@ -915,7 +915,7 @@ function emitBanner(name) {
915
915
  logger.logger.error(getAsciiHeader(name))
916
916
  }
917
917
  function getAsciiHeader(command) {
918
- const cliVersion = '0.14.85:f285d45:d2bf3ded:pub' // The '@rollup/plugin-replace' will replace "process.env['INLINED_SOCKET_CLI_VERSION_HASH']".
918
+ const cliVersion = '0.14.86:69093e9:cea7b31b:pub' // The '@rollup/plugin-replace' will replace "process.env['INLINED_SOCKET_CLI_VERSION_HASH']".
919
919
  const nodeVersion = process$1.version
920
920
  const apiToken = shadowNpmInject.getDefaultToken()
921
921
  const shownToken = apiToken ? getLastFiveOfApiToken(apiToken) : 'no'
@@ -3945,10 +3945,14 @@ async function npmFix(
3945
3945
  continue
3946
3946
  }
3947
3947
  const oldSpec = `${name}@${oldVersion}`
3948
+ let targetVersion
3949
+ let failed = false
3950
+ let installed = false
3951
+ let saved = false
3948
3952
  if (
3949
3953
  shadowNpmInject.updateNode(node, packument, vulnerableVersionRange)
3950
3954
  ) {
3951
- const targetVersion = node.package.version
3955
+ targetVersion = node.package.version
3952
3956
  const fixSpec = `${name}@^${targetVersion}`
3953
3957
  const revertData = {
3954
3958
  ...(pkgJson.dependencies
@@ -3968,8 +3972,6 @@ async function npmFix(
3968
3972
  : undefined)
3969
3973
  }
3970
3974
  spinner?.info(`Installing ${fixSpec}`)
3971
- let saved = false
3972
- let installed = false
3973
3975
  try {
3974
3976
  shadowNpmInject.updatePackageJsonFromNode(
3975
3977
  editablePkgJson,
@@ -3996,20 +3998,8 @@ async function npmFix(
3996
3998
  }
3997
3999
  spinner?.successAndStop(`Fixed ${name}`)
3998
4000
  spinner?.start()
3999
- // Lazily access constants.ENV[CI].
4000
- if (constants.ENV[CI$1]) {
4001
- // eslint-disable-next-line no-await-in-loop
4002
- const prResponse = await openGitHubPullRequest(
4003
- name,
4004
- targetVersion,
4005
- cwd
4006
- )
4007
- if (autoMerge) {
4008
- // eslint-disable-next-line no-await-in-loop
4009
- await enableAutoMerge(prResponse.data)
4010
- }
4011
- }
4012
4001
  } catch {
4002
+ failed = true
4013
4003
  spinner?.error(`Reverting ${fixSpec}`)
4014
4004
  if (saved) {
4015
4005
  editablePkgJson.update(revertData)
@@ -4025,8 +4015,35 @@ async function npmFix(
4025
4015
  spinner?.failAndStop(`Failed to fix ${oldSpec}`)
4026
4016
  }
4027
4017
  } else {
4018
+ failed = true
4028
4019
  spinner?.failAndStop(`Could not patch ${oldSpec}`)
4029
4020
  }
4021
+ if (
4022
+ !failed &&
4023
+ // Check targetVersion to make TypeScript happy.
4024
+ targetVersion &&
4025
+ // Lazily access constants.ENV[CI].
4026
+ constants.ENV[CI$1]
4027
+ ) {
4028
+ let prResponse
4029
+ try {
4030
+ // eslint-disable-next-line no-await-in-loop
4031
+ prResponse = await openGitHubPullRequest(name, targetVersion, cwd)
4032
+ } catch (e) {
4033
+ logger.logger.error('Failed to open pull request', e)
4034
+ }
4035
+ if (prResponse && autoMerge) {
4036
+ try {
4037
+ // eslint-disable-next-line no-await-in-loop
4038
+ await enableAutoMerge(prResponse.data)
4039
+ } catch (e) {
4040
+ logger.logger.error(
4041
+ 'Failed to enable auto-merge in pull request',
4042
+ e
4043
+ )
4044
+ }
4045
+ }
4046
+ }
4030
4047
  }
4031
4048
  }
4032
4049
  }
@@ -4210,7 +4227,7 @@ function runAgentInstall(pkgEnvDetails, options) {
4210
4227
  ...options
4211
4228
  }
4212
4229
  const skipNodeHardenFlags =
4213
- pkgEnvDetails.agent === PNPM$a && pkgEnvDetails.agentVersion.major < 11
4230
+ agent === PNPM$a && pkgEnvDetails.agentVersion.major < 11
4214
4231
  return spawn.spawn(agentExecPath, ['install', ...args], {
4215
4232
  spinner,
4216
4233
  stdio: 'inherit',
@@ -4231,8 +4248,15 @@ function runAgentInstall(pkgEnvDetails, options) {
4231
4248
  }
4232
4249
 
4233
4250
  const { CI, NPM: NPM$c, OVERRIDES: OVERRIDES$2, PNPM: PNPM$9 } = constants
4234
- async function install(pkgEnvDetails, arb, options) {
4235
- const { spinner } = {
4251
+ async function getActualTree(cwd = process.cwd()) {
4252
+ const arb = new shadowNpmInject.SafeArborist({
4253
+ path: cwd,
4254
+ ...shadowNpmInject.SAFE_ARBORIST_REIFY_OPTIONS_OVERRIDES
4255
+ })
4256
+ return await arb.loadActual()
4257
+ }
4258
+ async function install(pkgEnvDetails, options) {
4259
+ const { cwd, spinner } = {
4236
4260
  __proto__: null,
4237
4261
  ...options
4238
4262
  }
@@ -4241,8 +4265,7 @@ async function install(pkgEnvDetails, arb, options) {
4241
4265
  spinner,
4242
4266
  stdio: debug.isDebug() ? 'inherit' : 'ignore'
4243
4267
  })
4244
- arb.actualTree = null
4245
- await arb.loadActual()
4268
+ return await getActualTree(cwd)
4246
4269
  }
4247
4270
  async function pnpmFix(
4248
4271
  pkgEnvDetails,
@@ -4272,11 +4295,7 @@ async function pnpmFix(
4272
4295
  editable: true
4273
4296
  })
4274
4297
  const { content: pkgJson } = editablePkgJson
4275
- const arb = new shadowNpmInject.SafeArborist({
4276
- path: cwd,
4277
- ...shadowNpmInject.SAFE_ARBORIST_REIFY_OPTIONS_OVERRIDES
4278
- })
4279
- await arb.loadActual()
4298
+ let actualTree = await getActualTree(cwd)
4280
4299
  for (const { 0: name, 1: infos } of infoByPkg) {
4281
4300
  if (registry.getManifestData(NPM$c, name)) {
4282
4301
  spinner?.info(`Skipping ${name}. Socket Optimize package exists.`)
@@ -4284,7 +4303,7 @@ async function pnpmFix(
4284
4303
  }
4285
4304
  const specs = arrays.arrayUnique(
4286
4305
  shadowNpmInject
4287
- .findPackageNodes(arb.actualTree, name)
4306
+ .findPackageNodes(actualTree, name)
4288
4307
  .map(n => `${n.name}@${n.version}`)
4289
4308
  )
4290
4309
  const packument =
@@ -4304,7 +4323,7 @@ async function pnpmFix(
4304
4323
  vulnerableVersionRange
4305
4324
  } of infos) {
4306
4325
  const node = shadowNpmInject.findPackageNode(
4307
- arb.actualTree,
4326
+ actualTree,
4308
4327
  name,
4309
4328
  oldVersion
4310
4329
  )
@@ -4321,6 +4340,9 @@ async function pnpmFix(
4321
4340
  const targetPackument = targetVersion
4322
4341
  ? packument.versions[targetVersion]
4323
4342
  : undefined
4343
+ let failed = false
4344
+ let installed = false
4345
+ let saved = false
4324
4346
  if (targetVersion && targetPackument) {
4325
4347
  const oldPnpm = pkgJson[PNPM$9]
4326
4348
  const pnpmKeyCount = oldPnpm ? Object.keys(oldPnpm).length : 0
@@ -4370,13 +4392,11 @@ async function pnpmFix(
4370
4392
  : undefined)
4371
4393
  }
4372
4394
  spinner?.info(`Installing ${fixSpec}`)
4373
- let saved = false
4374
- let installed = false
4375
4395
  try {
4376
4396
  editablePkgJson.update(updateData)
4377
4397
  shadowNpmInject.updatePackageJsonFromNode(
4378
4398
  editablePkgJson,
4379
- arb.actualTree,
4399
+ actualTree,
4380
4400
  node,
4381
4401
  rangeStyle
4382
4402
  )
@@ -4385,7 +4405,7 @@ async function pnpmFix(
4385
4405
  saved = true
4386
4406
 
4387
4407
  // eslint-disable-next-line no-await-in-loop
4388
- await install(pkgEnvDetails, arb, {
4408
+ actualTree = await install(pkgEnvDetails, {
4389
4409
  spinner
4390
4410
  })
4391
4411
  installed = true
@@ -4399,21 +4419,8 @@ async function pnpmFix(
4399
4419
  }
4400
4420
  spinner?.successAndStop(`Fixed ${name}`)
4401
4421
  spinner?.start()
4402
-
4403
- // Lazily access constants.ENV[CI].
4404
- if (constants.ENV[CI]) {
4405
- // eslint-disable-next-line no-await-in-loop
4406
- const prResponse = await openGitHubPullRequest(
4407
- name,
4408
- targetVersion,
4409
- cwd
4410
- )
4411
- if (autoMerge) {
4412
- // eslint-disable-next-line no-await-in-loop
4413
- await enableAutoMerge(prResponse.data)
4414
- }
4415
- }
4416
4422
  } catch (e) {
4423
+ failed = true
4417
4424
  spinner?.error(`Reverting ${fixSpec}`, e)
4418
4425
  if (saved) {
4419
4426
  editablePkgJson.update(revertData)
@@ -4422,15 +4429,42 @@ async function pnpmFix(
4422
4429
  }
4423
4430
  if (installed) {
4424
4431
  // eslint-disable-next-line no-await-in-loop
4425
- await install(pkgEnvDetails, arb, {
4432
+ actualTree = await install(pkgEnvDetails, {
4426
4433
  spinner
4427
4434
  })
4428
4435
  }
4429
4436
  spinner?.failAndStop(`Failed to fix ${oldSpec}`)
4430
4437
  }
4431
4438
  } else {
4439
+ failed = true
4432
4440
  spinner?.failAndStop(`Could not patch ${oldSpec}`)
4433
4441
  }
4442
+ if (
4443
+ !failed &&
4444
+ // Check targetVersion to make TypeScript happy.
4445
+ targetVersion &&
4446
+ // Lazily access constants.ENV[CI].
4447
+ constants.ENV[CI]
4448
+ ) {
4449
+ let prResponse
4450
+ try {
4451
+ // eslint-disable-next-line no-await-in-loop
4452
+ prResponse = await openGitHubPullRequest(name, targetVersion, cwd)
4453
+ } catch (e) {
4454
+ logger.logger.error('Failed to open pull request', e)
4455
+ }
4456
+ if (prResponse && autoMerge) {
4457
+ try {
4458
+ // eslint-disable-next-line no-await-in-loop
4459
+ await enableAutoMerge(prResponse.data)
4460
+ } catch (e) {
4461
+ logger.logger.error(
4462
+ 'Failed to enable auto-merge in pull request',
4463
+ e
4464
+ )
4465
+ }
4466
+ }
4467
+ }
4434
4468
  }
4435
4469
  }
4436
4470
  }
@@ -11304,7 +11338,7 @@ void (async () => {
11304
11338
  await updateNotifier({
11305
11339
  name: SOCKET_CLI_BIN_NAME,
11306
11340
  // The '@rollup/plugin-replace' will replace "process.env['INLINED_SOCKET_CLI_VERSION']".
11307
- version: '0.14.85',
11341
+ version: '0.14.86',
11308
11342
  ttl: 86_400_000 /* 24 hours in milliseconds */
11309
11343
  })
11310
11344
  try {
@@ -11372,5 +11406,5 @@ void (async () => {
11372
11406
  await shadowNpmInject.captureException(e)
11373
11407
  }
11374
11408
  })()
11375
- //# debugId=ff839060-5469-4c1b-a151-188589ff9d4a
11409
+ //# debugId=b44c2f38-222e-45b9-a2a0-1f9508a26ae9
11376
11410
  //# sourceMappingURL=cli.js.map