socket 0.15.31 → 0.15.33
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/cli.js +202 -69
- package/dist/cli.js.map +1 -1
- package/dist/constants.js +3 -3
- package/dist/constants.js.map +1 -1
- package/dist/utils.js +96 -69
- package/dist/utils.js.map +1 -1
- package/external/@socketsecurity/registry/external/@inquirer/confirm.js +0 -1
- package/external/@socketsecurity/registry/external/@inquirer/input.js +0 -1
- package/external/@socketsecurity/registry/external/@inquirer/password.js +0 -1
- package/external/@socketsecurity/registry/external/@inquirer/search.js +0 -1
- package/external/@socketsecurity/registry/external/@inquirer/select.js +0 -1
- package/external/@socketsecurity/registry/external/@npmcli/package-json/index.js +0 -1
- package/external/@socketsecurity/registry/external/@npmcli/package-json/lib/read-package.js +0 -1
- package/external/@socketsecurity/registry/external/@npmcli/package-json/lib/sort.js +0 -1
- package/external/@socketsecurity/registry/external/@npmcli/promise-spawn.js +0 -1
- package/external/@socketsecurity/registry/external/@socketregistry/is-unicode-supported.js +0 -1
- package/external/@socketsecurity/registry/external/@socketregistry/packageurl-js.js +0 -1
- package/external/@socketsecurity/registry/external/@socketregistry/yocto-spinner.js +0 -1
- package/external/@socketsecurity/registry/external/@yarnpkg/extensions.js +0 -1
- package/external/@socketsecurity/registry/external/browserslist.js +0 -1
- package/external/@socketsecurity/registry/external/cacache.js +0 -1
- package/external/@socketsecurity/registry/external/fast-sort.js +0 -1
- package/external/@socketsecurity/registry/external/libnpmpack.js +0 -1
- package/external/@socketsecurity/registry/external/make-fetch-happen.js +0 -1
- package/external/@socketsecurity/registry/external/normalize-package-data.js +0 -1
- package/external/@socketsecurity/registry/external/npm-package-arg.js +0 -1
- package/external/@socketsecurity/registry/external/pacote.js +0 -1
- package/external/@socketsecurity/registry/external/picomatch.js +0 -1
- package/external/@socketsecurity/registry/external/semver.js +0 -1
- package/external/@socketsecurity/registry/external/signal-exit.js +0 -1
- package/external/@socketsecurity/registry/external/spdx-correct.js +0 -1
- package/external/@socketsecurity/registry/external/spdx-expression-parse.js +0 -1
- package/external/@socketsecurity/registry/external/tinyglobby.js +0 -1
- package/external/@socketsecurity/registry/external/validate-npm-package-name.js +0 -1
- package/external/@socketsecurity/registry/external/which.js +0 -1
- package/external/@socketsecurity/registry/external/yoctocolors-cjs.js +0 -1
- package/external/@socketsecurity/registry/lib/debug.js +0 -2
- package/package.json +2 -2
package/dist/cli.js
CHANGED
|
@@ -3655,7 +3655,6 @@ async function outputFixResult(result, outputKind) {
|
|
|
3655
3655
|
}
|
|
3656
3656
|
logger.logger.log('');
|
|
3657
3657
|
logger.logger.success('Finished!');
|
|
3658
|
-
logger.logger.log('');
|
|
3659
3658
|
}
|
|
3660
3659
|
|
|
3661
3660
|
function formatBranchName(name) {
|
|
@@ -3712,6 +3711,7 @@ async function gitCleanFdx(cwd = process.cwd()) {
|
|
|
3712
3711
|
cwd,
|
|
3713
3712
|
stdio: 'ignore'
|
|
3714
3713
|
};
|
|
3714
|
+
// TODO: propagate CResult?
|
|
3715
3715
|
await spawn.spawn('git', ['clean', '-fdx'], stdioIgnoreOptions);
|
|
3716
3716
|
}
|
|
3717
3717
|
async function gitCreateAndPushBranch(branch, commitMsg, filepaths, options) {
|
|
@@ -3796,12 +3796,24 @@ async function gitResetHard(branch = 'HEAD', cwd = process.cwd()) {
|
|
|
3796
3796
|
await spawn.spawn('git', ['reset', '--hard', branch], stdioIgnoreOptions);
|
|
3797
3797
|
}
|
|
3798
3798
|
async function gitUnstagedModifiedFiles(cwd = process.cwd()) {
|
|
3799
|
-
|
|
3800
|
-
|
|
3801
|
-
|
|
3802
|
-
|
|
3803
|
-
|
|
3804
|
-
|
|
3799
|
+
try {
|
|
3800
|
+
const stdioPipeOptions = {
|
|
3801
|
+
cwd
|
|
3802
|
+
};
|
|
3803
|
+
const stdout = (await spawn.spawn('git', ['diff', '--name-only'], stdioPipeOptions)).stdout.trim();
|
|
3804
|
+
const rawFiles = stdout.split('\n') ?? [];
|
|
3805
|
+
return {
|
|
3806
|
+
ok: true,
|
|
3807
|
+
data: rawFiles.map(relPath => path$1.normalizePath(relPath))
|
|
3808
|
+
};
|
|
3809
|
+
} catch (e) {
|
|
3810
|
+
debug.debugFn('Unexpected error trying to run git diff --name-only');
|
|
3811
|
+
return {
|
|
3812
|
+
ok: false,
|
|
3813
|
+
message: 'Git Error',
|
|
3814
|
+
cause: 'Unexpected error while trying to ask git whether repo is dirty'
|
|
3815
|
+
};
|
|
3816
|
+
}
|
|
3805
3817
|
}
|
|
3806
3818
|
|
|
3807
3819
|
let _octokit;
|
|
@@ -4236,8 +4248,13 @@ async function npmFix(pkgEnvDetails, {
|
|
|
4236
4248
|
}));
|
|
4237
4249
|
} catch (e) {
|
|
4238
4250
|
spinner?.stop();
|
|
4239
|
-
|
|
4240
|
-
|
|
4251
|
+
debug.debugFn('API Error thrown:');
|
|
4252
|
+
debug.debugFn(e);
|
|
4253
|
+
return {
|
|
4254
|
+
ok: false,
|
|
4255
|
+
message: 'API Error',
|
|
4256
|
+
cause: e?.message || 'Unknown Socket batch PURL API error.'
|
|
4257
|
+
};
|
|
4241
4258
|
}
|
|
4242
4259
|
const infoByPkgName = utils.getCveInfoFromAlertsMap(alertsMap, {
|
|
4243
4260
|
limit
|
|
@@ -4245,7 +4262,12 @@ async function npmFix(pkgEnvDetails, {
|
|
|
4245
4262
|
if (!infoByPkgName) {
|
|
4246
4263
|
spinner?.stop();
|
|
4247
4264
|
logger.logger.info('No fixable vulns found.');
|
|
4248
|
-
return
|
|
4265
|
+
return {
|
|
4266
|
+
ok: true,
|
|
4267
|
+
data: {
|
|
4268
|
+
fixed: false
|
|
4269
|
+
}
|
|
4270
|
+
};
|
|
4249
4271
|
}
|
|
4250
4272
|
|
|
4251
4273
|
// Lazily access constants.ENV properties.
|
|
@@ -4257,9 +4279,14 @@ async function npmFix(pkgEnvDetails, {
|
|
|
4257
4279
|
// Process the workspace root last since it will add an override to package.json.
|
|
4258
4280
|
pkgEnvDetails.editablePkgJson.filename];
|
|
4259
4281
|
const handleInstallFail = () => {
|
|
4260
|
-
|
|
4282
|
+
debug.debugFn(`Unexpected condition: ${pkgEnvDetails.agent} install failed.\n`);
|
|
4261
4283
|
logger.logger.dedent();
|
|
4262
4284
|
spinner?.dedent();
|
|
4285
|
+
return {
|
|
4286
|
+
ok: false,
|
|
4287
|
+
message: 'Installation failure',
|
|
4288
|
+
cause: `Unexpected condition: ${pkgEnvDetails.agent} install failed.`
|
|
4289
|
+
};
|
|
4263
4290
|
};
|
|
4264
4291
|
spinner?.stop();
|
|
4265
4292
|
let count = 0;
|
|
@@ -4411,9 +4438,15 @@ async function npmFix(pkgEnvDetails, {
|
|
|
4411
4438
|
spinner?.stop();
|
|
4412
4439
|
if (!errored && isCi) {
|
|
4413
4440
|
try {
|
|
4414
|
-
const moddedFilepaths =
|
|
4415
4441
|
// eslint-disable-next-line no-await-in-loop
|
|
4416
|
-
|
|
4442
|
+
const result = await gitUnstagedModifiedFiles(cwd);
|
|
4443
|
+
if (!result.ok) {
|
|
4444
|
+
// Do we fail if this fails? If this git command
|
|
4445
|
+
// fails then probably other git commands do too?
|
|
4446
|
+
logger.logger.warn('Unexpected condition: Nothing to commit, skipping PR creation.');
|
|
4447
|
+
continue infosLoop;
|
|
4448
|
+
}
|
|
4449
|
+
const moddedFilepaths = result.data.filter(p => {
|
|
4417
4450
|
const basename = path.basename(p);
|
|
4418
4451
|
return basename === 'package.json' || basename === 'package-lock.json';
|
|
4419
4452
|
});
|
|
@@ -4451,8 +4484,7 @@ async function npmFix(pkgEnvDetails, {
|
|
|
4451
4484
|
});
|
|
4452
4485
|
if (!maybeActualTree) {
|
|
4453
4486
|
// Exit early if install fails.
|
|
4454
|
-
handleInstallFail();
|
|
4455
|
-
return;
|
|
4487
|
+
return handleInstallFail();
|
|
4456
4488
|
}
|
|
4457
4489
|
actualTree = maybeActualTree;
|
|
4458
4490
|
continue infosLoop;
|
|
@@ -4528,8 +4560,7 @@ async function npmFix(pkgEnvDetails, {
|
|
|
4528
4560
|
spinner?.stop();
|
|
4529
4561
|
if (!maybeActualTree) {
|
|
4530
4562
|
// Exit early if install fails.
|
|
4531
|
-
handleInstallFail();
|
|
4532
|
-
return;
|
|
4563
|
+
return handleInstallFail();
|
|
4533
4564
|
}
|
|
4534
4565
|
actualTree = maybeActualTree;
|
|
4535
4566
|
}
|
|
@@ -4556,6 +4587,12 @@ async function npmFix(pkgEnvDetails, {
|
|
|
4556
4587
|
spinner?.dedent();
|
|
4557
4588
|
}
|
|
4558
4589
|
spinner?.stop();
|
|
4590
|
+
return {
|
|
4591
|
+
ok: true,
|
|
4592
|
+
data: {
|
|
4593
|
+
fixed: true
|
|
4594
|
+
}
|
|
4595
|
+
}; // true? did we actually change anything?
|
|
4559
4596
|
}
|
|
4560
4597
|
|
|
4561
4598
|
const {
|
|
@@ -4655,8 +4692,11 @@ async function pnpmFix(pkgEnvDetails, {
|
|
|
4655
4692
|
// Check !lockfileContent to make TypeScript happy.
|
|
4656
4693
|
if (!lockfile || !lockfileContent) {
|
|
4657
4694
|
spinner?.stop();
|
|
4658
|
-
|
|
4659
|
-
|
|
4695
|
+
return {
|
|
4696
|
+
ok: false,
|
|
4697
|
+
message: 'Missing lockfile',
|
|
4698
|
+
cause: 'Required pnpm-lock.yaml not found or usable'
|
|
4699
|
+
};
|
|
4660
4700
|
}
|
|
4661
4701
|
let alertsMap;
|
|
4662
4702
|
try {
|
|
@@ -4667,8 +4707,13 @@ async function pnpmFix(pkgEnvDetails, {
|
|
|
4667
4707
|
}));
|
|
4668
4708
|
} catch (e) {
|
|
4669
4709
|
spinner?.stop();
|
|
4670
|
-
|
|
4671
|
-
|
|
4710
|
+
debug.debugFn('Unexpected Socket batch PURL API error:');
|
|
4711
|
+
debug.debugFn(e);
|
|
4712
|
+
return {
|
|
4713
|
+
ok: false,
|
|
4714
|
+
message: 'API Error',
|
|
4715
|
+
cause: e?.message || 'Unknown Socket batch PURL API error.'
|
|
4716
|
+
};
|
|
4672
4717
|
}
|
|
4673
4718
|
const infoByPkgName = utils.getCveInfoFromAlertsMap(alertsMap, {
|
|
4674
4719
|
limit
|
|
@@ -4676,7 +4721,12 @@ async function pnpmFix(pkgEnvDetails, {
|
|
|
4676
4721
|
if (!infoByPkgName) {
|
|
4677
4722
|
spinner?.stop();
|
|
4678
4723
|
logger.logger.info('No fixable vulns found.');
|
|
4679
|
-
return
|
|
4724
|
+
return {
|
|
4725
|
+
ok: true,
|
|
4726
|
+
data: {
|
|
4727
|
+
fixed: false
|
|
4728
|
+
}
|
|
4729
|
+
};
|
|
4680
4730
|
}
|
|
4681
4731
|
|
|
4682
4732
|
// Lazily access constants.ENV properties.
|
|
@@ -4688,9 +4738,13 @@ async function pnpmFix(pkgEnvDetails, {
|
|
|
4688
4738
|
// Process the workspace root last since it will add an override to package.json.
|
|
4689
4739
|
pkgEnvDetails.editablePkgJson.filename];
|
|
4690
4740
|
const handleInstallFail = () => {
|
|
4691
|
-
logger.logger.error(`Unexpected condition: ${pkgEnvDetails.agent} install failed.\n`);
|
|
4692
4741
|
logger.logger.dedent();
|
|
4693
4742
|
spinner?.dedent();
|
|
4743
|
+
return {
|
|
4744
|
+
ok: false,
|
|
4745
|
+
message: 'Install failed',
|
|
4746
|
+
cause: `Unexpected condition: ${pkgEnvDetails.agent} install failed`
|
|
4747
|
+
};
|
|
4694
4748
|
};
|
|
4695
4749
|
spinner?.stop();
|
|
4696
4750
|
let count = 0;
|
|
@@ -4750,8 +4804,7 @@ async function pnpmFix(pkgEnvDetails, {
|
|
|
4750
4804
|
}
|
|
4751
4805
|
if (!actualTree) {
|
|
4752
4806
|
// Exit early if install fails.
|
|
4753
|
-
handleInstallFail();
|
|
4754
|
-
return;
|
|
4807
|
+
return handleInstallFail();
|
|
4755
4808
|
}
|
|
4756
4809
|
const oldVersions = arrays.arrayUnique(shadowInject.findPackageNodes(actualTree, name).map(n => n.version).filter(Boolean));
|
|
4757
4810
|
if (!oldVersions.length) {
|
|
@@ -4910,9 +4963,13 @@ async function pnpmFix(pkgEnvDetails, {
|
|
|
4910
4963
|
spinner?.stop();
|
|
4911
4964
|
if (!errored && isCi) {
|
|
4912
4965
|
try {
|
|
4913
|
-
const moddedFilepaths =
|
|
4914
4966
|
// eslint-disable-next-line no-await-in-loop
|
|
4915
|
-
|
|
4967
|
+
const result = await gitUnstagedModifiedFiles(cwd);
|
|
4968
|
+
if (!result.ok) {
|
|
4969
|
+
logger.logger.warn('Unexpected condition: Nothing to commit, skipping PR creation.');
|
|
4970
|
+
continue;
|
|
4971
|
+
}
|
|
4972
|
+
const moddedFilepaths = result.data.filter(p => {
|
|
4916
4973
|
const basename = path.basename(p);
|
|
4917
4974
|
return basename === 'package.json' || basename === 'pnpm-lock.yaml';
|
|
4918
4975
|
});
|
|
@@ -4958,8 +5015,7 @@ async function pnpmFix(pkgEnvDetails, {
|
|
|
4958
5015
|
continue infosLoop;
|
|
4959
5016
|
}
|
|
4960
5017
|
// Exit early if install fails.
|
|
4961
|
-
handleInstallFail();
|
|
4962
|
-
return;
|
|
5018
|
+
return handleInstallFail();
|
|
4963
5019
|
}
|
|
4964
5020
|
|
|
4965
5021
|
// eslint-disable-next-line no-await-in-loop
|
|
@@ -5044,11 +5100,14 @@ async function pnpmFix(pkgEnvDetails, {
|
|
|
5044
5100
|
lockfileContent = maybeLockfileContent;
|
|
5045
5101
|
} else {
|
|
5046
5102
|
// Exit early if install fails.
|
|
5047
|
-
handleInstallFail();
|
|
5048
|
-
return;
|
|
5103
|
+
return handleInstallFail();
|
|
5049
5104
|
}
|
|
5050
5105
|
}
|
|
5051
|
-
|
|
5106
|
+
return {
|
|
5107
|
+
ok: false,
|
|
5108
|
+
message: 'Update failed',
|
|
5109
|
+
cause: `Update failed for ${oldId} in ${workspace}${error ? '; ' + error : ''}`
|
|
5110
|
+
};
|
|
5052
5111
|
}
|
|
5053
5112
|
if (++count >= limit) {
|
|
5054
5113
|
logger.logger.dedent();
|
|
@@ -5071,6 +5130,12 @@ async function pnpmFix(pkgEnvDetails, {
|
|
|
5071
5130
|
spinner?.dedent();
|
|
5072
5131
|
}
|
|
5073
5132
|
spinner?.stop();
|
|
5133
|
+
return {
|
|
5134
|
+
ok: true,
|
|
5135
|
+
data: {
|
|
5136
|
+
fixed: true
|
|
5137
|
+
}
|
|
5138
|
+
}; // or, did we change anything?
|
|
5074
5139
|
}
|
|
5075
5140
|
|
|
5076
5141
|
const {
|
|
@@ -5086,11 +5151,14 @@ async function runFix({
|
|
|
5086
5151
|
test,
|
|
5087
5152
|
testScript
|
|
5088
5153
|
}) {
|
|
5089
|
-
|
|
5090
|
-
const pkgEnvDetails = await utils.detectAndValidatePackageEnvironment(cwd, {
|
|
5154
|
+
const result = await utils.detectAndValidatePackageEnvironment(cwd, {
|
|
5091
5155
|
cmdName: CMD_NAME$1,
|
|
5092
5156
|
logger: logger.logger
|
|
5093
5157
|
});
|
|
5158
|
+
if (!result.ok) {
|
|
5159
|
+
return result;
|
|
5160
|
+
}
|
|
5161
|
+
const pkgEnvDetails = result.data;
|
|
5094
5162
|
if (!pkgEnvDetails) {
|
|
5095
5163
|
return {
|
|
5096
5164
|
ok: false,
|
|
@@ -5103,8 +5171,7 @@ async function runFix({
|
|
|
5103
5171
|
agent
|
|
5104
5172
|
} = pkgEnvDetails;
|
|
5105
5173
|
if (agent === NPM$8) {
|
|
5106
|
-
|
|
5107
|
-
await npmFix(pkgEnvDetails, {
|
|
5174
|
+
return await npmFix(pkgEnvDetails, {
|
|
5108
5175
|
autoMerge,
|
|
5109
5176
|
cwd,
|
|
5110
5177
|
limit,
|
|
@@ -5114,8 +5181,7 @@ async function runFix({
|
|
|
5114
5181
|
testScript
|
|
5115
5182
|
});
|
|
5116
5183
|
} else if (agent === PNPM$6) {
|
|
5117
|
-
|
|
5118
|
-
await pnpmFix(pkgEnvDetails, {
|
|
5184
|
+
return await pnpmFix(pkgEnvDetails, {
|
|
5119
5185
|
autoMerge,
|
|
5120
5186
|
cwd,
|
|
5121
5187
|
limit,
|
|
@@ -5131,10 +5197,6 @@ async function runFix({
|
|
|
5131
5197
|
cause: `${agent} is not supported by this command at the moment.`
|
|
5132
5198
|
};
|
|
5133
5199
|
}
|
|
5134
|
-
return {
|
|
5135
|
-
ok: true,
|
|
5136
|
-
data: undefined
|
|
5137
|
-
};
|
|
5138
5200
|
}
|
|
5139
5201
|
|
|
5140
5202
|
async function handleFix({
|
|
@@ -5219,10 +5281,14 @@ const config$F = {
|
|
|
5219
5281
|
},
|
|
5220
5282
|
help: (command, config) => `
|
|
5221
5283
|
Usage
|
|
5222
|
-
$ ${command}
|
|
5284
|
+
$ ${command} [options] [CWD=.]
|
|
5223
5285
|
|
|
5224
5286
|
Options
|
|
5225
5287
|
${utils.getFlagListOutput(config.flags, 6)}
|
|
5288
|
+
|
|
5289
|
+
Examples
|
|
5290
|
+
$ ${command}
|
|
5291
|
+
$ ${command} ./proj/tree --autoMerge
|
|
5226
5292
|
`
|
|
5227
5293
|
};
|
|
5228
5294
|
const cmdFix = {
|
|
@@ -5249,7 +5315,6 @@ async function run$F(argv, importMeta, {
|
|
|
5249
5315
|
rangeStyle,
|
|
5250
5316
|
test
|
|
5251
5317
|
} = cli.flags;
|
|
5252
|
-
// TODO: impl json/md further
|
|
5253
5318
|
const outputKind = utils.getOutputKind(json, markdown);
|
|
5254
5319
|
let [cwd = '.'] = cli.input;
|
|
5255
5320
|
// Note: path.resolve vs .join:
|
|
@@ -7951,34 +8016,43 @@ async function updateLockfile(pkgEnvDetails, options) {
|
|
|
7951
8016
|
}
|
|
7952
8017
|
} catch (e) {
|
|
7953
8018
|
spinner?.stop();
|
|
7954
|
-
|
|
7955
|
-
|
|
8019
|
+
debug.debugFn(e);
|
|
8020
|
+
return {
|
|
8021
|
+
ok: false,
|
|
8022
|
+
message: 'Update failed',
|
|
8023
|
+
cause: utils.cmdPrefixMessage(cmdName, `${pkgEnvDetails.agent} install failed to update ${pkgEnvDetails.lockName}`)
|
|
8024
|
+
};
|
|
7956
8025
|
}
|
|
7957
8026
|
if (isSpinning) {
|
|
7958
8027
|
spinner?.start();
|
|
7959
8028
|
} else {
|
|
7960
8029
|
spinner?.stop();
|
|
7961
8030
|
}
|
|
8031
|
+
return {
|
|
8032
|
+
ok: true,
|
|
8033
|
+
data: undefined
|
|
8034
|
+
};
|
|
7962
8035
|
}
|
|
7963
8036
|
|
|
7964
8037
|
const {
|
|
7965
8038
|
VLT
|
|
7966
8039
|
} = constants;
|
|
7967
|
-
function createActionMessage(verb, overrideCount, workspaceCount) {
|
|
7968
|
-
return `${verb} ${overrideCount} Socket.dev optimized ${words.pluralize('override', overrideCount)}${workspaceCount ? ` in ${workspaceCount} ${words.pluralize('workspace', workspaceCount)}` : ''}`;
|
|
7969
|
-
}
|
|
7970
8040
|
async function applyOptimization(cwd, pin, prod) {
|
|
7971
|
-
const
|
|
8041
|
+
const result = await utils.detectAndValidatePackageEnvironment(cwd, {
|
|
7972
8042
|
cmdName: CMD_NAME,
|
|
7973
8043
|
logger: logger.logger,
|
|
7974
8044
|
prod
|
|
7975
8045
|
});
|
|
7976
|
-
if (!
|
|
7977
|
-
return;
|
|
8046
|
+
if (!result.ok) {
|
|
8047
|
+
return result;
|
|
7978
8048
|
}
|
|
8049
|
+
const pkgEnvDetails = result.data;
|
|
7979
8050
|
if (pkgEnvDetails.agent === VLT) {
|
|
7980
|
-
|
|
7981
|
-
|
|
8051
|
+
return {
|
|
8052
|
+
ok: false,
|
|
8053
|
+
message: 'Unsupported',
|
|
8054
|
+
cause: utils.cmdPrefixMessage(CMD_NAME, `${VLT} does not support overrides. Soon, though ⚡`)
|
|
8055
|
+
};
|
|
7982
8056
|
}
|
|
7983
8057
|
|
|
7984
8058
|
// Lazily access constants.spinner.
|
|
@@ -7996,22 +8070,66 @@ async function applyOptimization(cwd, pin, prod) {
|
|
|
7996
8070
|
const updatedCount = state.updated.size;
|
|
7997
8071
|
const pkgJsonChanged = addedCount > 0 || updatedCount > 0;
|
|
7998
8072
|
if (pkgJsonChanged || pkgEnvDetails.features.npmBuggyOverrides) {
|
|
7999
|
-
await updateLockfile(pkgEnvDetails, {
|
|
8073
|
+
const result = await updateLockfile(pkgEnvDetails, {
|
|
8000
8074
|
cmdName: CMD_NAME,
|
|
8001
8075
|
logger: logger.logger,
|
|
8002
8076
|
spinner
|
|
8003
8077
|
});
|
|
8078
|
+
if (!result.ok) {
|
|
8079
|
+
return result;
|
|
8080
|
+
}
|
|
8004
8081
|
}
|
|
8005
8082
|
spinner.stop();
|
|
8006
|
-
|
|
8007
|
-
|
|
8083
|
+
return {
|
|
8084
|
+
ok: true,
|
|
8085
|
+
data: {
|
|
8086
|
+
addedCount,
|
|
8087
|
+
updatedCount,
|
|
8088
|
+
pkgJsonChanged,
|
|
8089
|
+
updatedInWorkspaces: state.updatedInWorkspaces.size,
|
|
8090
|
+
addedInWorkspaces: state.addedInWorkspaces.size
|
|
8091
|
+
}
|
|
8092
|
+
};
|
|
8093
|
+
}
|
|
8094
|
+
|
|
8095
|
+
async function outputOptimizeResult(result, outputKind) {
|
|
8096
|
+
if (!result.ok) {
|
|
8097
|
+
process.exitCode = result.code ?? 1;
|
|
8098
|
+
}
|
|
8099
|
+
if (outputKind === 'json') {
|
|
8100
|
+
logger.logger.log(utils.serializeResultJson(result));
|
|
8101
|
+
return;
|
|
8102
|
+
}
|
|
8103
|
+
if (!result.ok) {
|
|
8104
|
+
logger.logger.fail(utils.failMsgWithBadge(result.message, result.cause));
|
|
8105
|
+
return;
|
|
8106
|
+
}
|
|
8107
|
+
const data = result.data;
|
|
8108
|
+
if (data.updatedCount > 0) {
|
|
8109
|
+
logger.logger?.log(`${createActionMessage('Updated', data.updatedCount, data.updatedInWorkspaces)}${data.addedCount ? '.' : '🚀'}`);
|
|
8008
8110
|
}
|
|
8009
|
-
if (addedCount > 0) {
|
|
8010
|
-
logger.logger?.log(`${createActionMessage('Added', addedCount,
|
|
8111
|
+
if (data.addedCount > 0) {
|
|
8112
|
+
logger.logger?.log(`${createActionMessage('Added', data.addedCount, data.addedInWorkspaces)} 🚀`);
|
|
8011
8113
|
}
|
|
8012
|
-
if (!pkgJsonChanged) {
|
|
8114
|
+
if (!data.pkgJsonChanged) {
|
|
8013
8115
|
logger.logger?.log('Scan complete. No Socket.dev optimized overrides applied.');
|
|
8014
8116
|
}
|
|
8117
|
+
logger.logger.log('');
|
|
8118
|
+
logger.logger.success('Finished!');
|
|
8119
|
+
logger.logger.log('');
|
|
8120
|
+
}
|
|
8121
|
+
function createActionMessage(verb, overrideCount, workspaceCount) {
|
|
8122
|
+
return `${verb} ${overrideCount} Socket.dev optimized ${words.pluralize('override', overrideCount)}${workspaceCount ? ` in ${workspaceCount} ${words.pluralize('workspace', workspaceCount)}` : ''}`;
|
|
8123
|
+
}
|
|
8124
|
+
|
|
8125
|
+
async function handleOptimize({
|
|
8126
|
+
cwd,
|
|
8127
|
+
outputKind,
|
|
8128
|
+
pin,
|
|
8129
|
+
prod
|
|
8130
|
+
}) {
|
|
8131
|
+
const result = await applyOptimization(cwd, pin, prod);
|
|
8132
|
+
await outputOptimizeResult(result, outputKind);
|
|
8015
8133
|
}
|
|
8016
8134
|
|
|
8017
8135
|
const {
|
|
@@ -8036,14 +8154,14 @@ const config$q = {
|
|
|
8036
8154
|
},
|
|
8037
8155
|
help: (command, config) => `
|
|
8038
8156
|
Usage
|
|
8039
|
-
$ ${command}
|
|
8157
|
+
$ ${command} [options] [CWD=.]
|
|
8040
8158
|
|
|
8041
8159
|
Options
|
|
8042
8160
|
${utils.getFlagListOutput(config.flags, 6)}
|
|
8043
8161
|
|
|
8044
8162
|
Examples
|
|
8045
8163
|
$ ${command}
|
|
8046
|
-
$ ${command} --pin
|
|
8164
|
+
$ ${command} ./proj/tree --pin
|
|
8047
8165
|
`
|
|
8048
8166
|
};
|
|
8049
8167
|
const cmdOptimize = {
|
|
@@ -8060,15 +8178,29 @@ async function run$q(argv, importMeta, {
|
|
|
8060
8178
|
importMeta,
|
|
8061
8179
|
parentName
|
|
8062
8180
|
});
|
|
8063
|
-
|
|
8064
|
-
|
|
8065
|
-
|
|
8066
|
-
|
|
8181
|
+
const {
|
|
8182
|
+
json,
|
|
8183
|
+
markdown
|
|
8184
|
+
} = cli.flags;
|
|
8185
|
+
const {
|
|
8186
|
+
pin,
|
|
8187
|
+
prod
|
|
8188
|
+
} = cli.flags;
|
|
8189
|
+
const outputKind = utils.getOutputKind(json, markdown);
|
|
8190
|
+
let [cwd = '.'] = cli.input;
|
|
8191
|
+
// Note: path.resolve vs .join:
|
|
8192
|
+
// If given path is absolute then cwd should not affect it.
|
|
8193
|
+
cwd = path.resolve(process.cwd(), cwd);
|
|
8067
8194
|
if (cli.flags['dryRun']) {
|
|
8068
8195
|
logger.logger.log(DRY_RUN_BAILING_NOW$o);
|
|
8069
8196
|
return;
|
|
8070
8197
|
}
|
|
8071
|
-
await
|
|
8198
|
+
await handleOptimize({
|
|
8199
|
+
cwd,
|
|
8200
|
+
pin: Boolean(pin),
|
|
8201
|
+
outputKind,
|
|
8202
|
+
prod: Boolean(prod)
|
|
8203
|
+
});
|
|
8072
8204
|
}
|
|
8073
8205
|
|
|
8074
8206
|
async function fetchOrganization() {
|
|
@@ -11716,7 +11848,8 @@ async function handleCreateGithubScan({
|
|
|
11716
11848
|
logger.logger.fail(utils.failMsgWithBadge(result.message, result.cause));
|
|
11717
11849
|
return;
|
|
11718
11850
|
}
|
|
11719
|
-
logger.logger.
|
|
11851
|
+
logger.logger.log('');
|
|
11852
|
+
logger.logger.success('Finished!');
|
|
11720
11853
|
}
|
|
11721
11854
|
|
|
11722
11855
|
const {
|
|
@@ -13449,5 +13582,5 @@ void (async () => {
|
|
|
13449
13582
|
await utils.captureException(e);
|
|
13450
13583
|
}
|
|
13451
13584
|
})();
|
|
13452
|
-
//# debugId=
|
|
13585
|
+
//# debugId=2fd0bc0c-3a6c-42d6-8ccd-1745d5682e7e
|
|
13453
13586
|
//# sourceMappingURL=cli.js.map
|