socket 0.15.60 → 0.15.61

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (19) hide show
  1. package/dist/cli.js +125 -130
  2. package/dist/cli.js.map +1 -1
  3. package/dist/constants.js +3 -3
  4. package/dist/constants.js.map +1 -1
  5. package/dist/shadow-npm-inject.js +2 -2
  6. package/dist/shadow-npm-inject.js.map +1 -1
  7. package/dist/types/commands/fix/fix-branch-helpers.d.mts +5 -0
  8. package/dist/types/commands/fix/fix-branch-helpers.d.mts.map +1 -0
  9. package/dist/types/commands/fix/fix-env-helpers.d.mts +13 -0
  10. package/dist/types/commands/fix/fix-env-helpers.d.mts.map +1 -0
  11. package/dist/types/commands/fix/npm-fix.d.mts.map +1 -1
  12. package/dist/types/commands/fix/pnpm-fix.d.mts.map +1 -1
  13. package/dist/types/shadow/npm/arborist-helpers.d.mts +1 -1
  14. package/dist/types/shadow/npm/arborist-helpers.d.mts.map +1 -1
  15. package/dist/types/utils/meow-with-subcommands.d.mts.map +1 -1
  16. package/dist/utils.js +2 -2
  17. package/dist/utils.js.map +1 -1
  18. package/dist/vendor.js +141 -114
  19. package/package.json +5 -5
package/dist/cli.js CHANGED
@@ -3859,6 +3859,28 @@ async function gitUnstagedModifiedFiles(cwd = process.cwd()) {
3859
3859
  }
3860
3860
  }
3861
3861
 
3862
+ function getActiveBranchesForPackage(ciEnv, partialPurl, openPrs) {
3863
+ if (!ciEnv) {
3864
+ return [];
3865
+ }
3866
+ const partialPurlObj = utils.getPurlObject(partialPurl);
3867
+ const activeBranches = [];
3868
+ const branchFullName = getSocketBranchFullNameComponent(partialPurlObj);
3869
+ const branchPurlType = getSocketBranchPurlTypeComponent(partialPurlObj);
3870
+ for (const pr of openPrs) {
3871
+ const parsedBranch = ciEnv.branchParser(pr.headRefName);
3872
+ if (branchPurlType === parsedBranch?.type && branchFullName === parsedBranch?.fullName) {
3873
+ activeBranches.push(parsedBranch);
3874
+ }
3875
+ }
3876
+ if (activeBranches.length) {
3877
+ debug.debugFn(`found: ${activeBranches.length} active branches\n`, activeBranches);
3878
+ } else if (openPrs.length) {
3879
+ debug.debugFn('miss: 0 active branches found');
3880
+ }
3881
+ return activeBranches;
3882
+ }
3883
+
3862
3884
  let _octokit;
3863
3885
  function getOctokit() {
3864
3886
  if (_octokit === undefined) {
@@ -4252,6 +4274,26 @@ async function setGitRemoteGithubRepoUrl(owner, repo, token, cwd = process.cwd()
4252
4274
  }
4253
4275
  }
4254
4276
 
4277
+ function getCiEnv() {
4278
+ const gitEmail = constants.ENV.SOCKET_CLI_GIT_USER_EMAIL;
4279
+ const gitUser = constants.ENV.SOCKET_CLI_GIT_USER_NAME;
4280
+ const githubToken = constants.ENV.SOCKET_CLI_GITHUB_TOKEN;
4281
+ const isCi = !!(constants.ENV.CI && constants.ENV.GITHUB_ACTIONS && constants.ENV.GITHUB_REPOSITORY && gitEmail && gitUser && githubToken);
4282
+ return isCi ? {
4283
+ gitEmail,
4284
+ gitUser,
4285
+ githubToken,
4286
+ repoInfo: getGithubEnvRepoInfo(),
4287
+ baseBranch: getBaseGitBranch(),
4288
+ branchParser: createSocketBranchParser()
4289
+ } : null;
4290
+ }
4291
+ async function getOpenPrsForEnvironment(env) {
4292
+ return env ? await getOpenSocketPrs(env.repoInfo.owner, env.repoInfo.repo, {
4293
+ author: env.gitUser
4294
+ }) : [];
4295
+ }
4296
+
4255
4297
  const CMD_NAME$1 = 'socket fix';
4256
4298
  function getAlertsMapOptions(options = {}) {
4257
4299
  return {
@@ -4303,19 +4345,9 @@ async function npmFix(pkgEnvDetails, {
4303
4345
  const {
4304
4346
  pkgPath: rootPath
4305
4347
  } = pkgEnvDetails;
4306
-
4307
- // Lazily access constants.ENV properties.
4308
- const gitEmail = constants.ENV.SOCKET_CLI_GIT_USER_EMAIL;
4309
- const gitUser = constants.ENV.SOCKET_CLI_GIT_USER_NAME;
4310
- const githubToken = constants.ENV.SOCKET_CLI_GITHUB_TOKEN;
4311
- const isCi = !!(constants.ENV.CI && constants.ENV.GITHUB_ACTIONS && constants.ENV.GITHUB_REPOSITORY && gitEmail && gitUser && githubToken);
4312
- const repoInfo = isCi ? getGithubEnvRepoInfo() : null;
4313
4348
  spinner?.start();
4314
- const openPrs =
4315
- // Check repoInfo to make TypeScript happy.
4316
- isCi && repoInfo ? await getOpenSocketPrs(repoInfo.owner, repoInfo.repo, {
4317
- author: gitUser
4318
- }) : [];
4349
+ const ciEnv = getCiEnv();
4350
+ const openPrs = ciEnv ? await getOpenPrsForEnvironment(ciEnv) : [];
4319
4351
  let count = 0;
4320
4352
  const arb = new shadowNpmInject.Arborist({
4321
4353
  path: rootPath,
@@ -4353,17 +4385,23 @@ async function npmFix(pkgEnvDetails, {
4353
4385
  }
4354
4386
  };
4355
4387
  }
4356
- const baseBranch = isCi ? getBaseGitBranch() : '';
4357
- const branchParser = isCi ? createSocketBranchParser() : null;
4388
+
4389
+ // Lazily access constants.packumentCache.
4390
+ const {
4391
+ packumentCache
4392
+ } = constants;
4358
4393
  const workspacePkgJsonPaths = await utils.globWorkspace(pkgEnvDetails.agent, rootPath);
4359
4394
  const pkgJsonPaths = [...workspacePkgJsonPaths,
4360
4395
  // Process the workspace root last since it will add an override to package.json.
4361
4396
  pkgEnvDetails.editablePkgJson.filename];
4362
4397
  const sortedInfoEntries = [...infoByPartialPurl.entries()].sort((a, b) => sorts.naturalCompare(a[0], b[0]));
4363
- const handleInstallFail = () => {
4364
- debug.debugFn(`fail: ${pkgEnvDetails.agent} install\n`);
4398
+ const cleanupInfoEntriesLoop = () => {
4365
4399
  logger.logger.dedent();
4366
4400
  spinner?.dedent();
4401
+ packumentCache.clear();
4402
+ };
4403
+ const handleInstallFail = () => {
4404
+ cleanupInfoEntriesLoop();
4367
4405
  return {
4368
4406
  ok: false,
4369
4407
  message: 'Installation failure',
@@ -4382,22 +4420,7 @@ async function npmFix(pkgEnvDetails, {
4382
4420
  if (!infos.length) {
4383
4421
  continue infoEntriesLoop;
4384
4422
  }
4385
- const activeBranches = [];
4386
- if (isCi) {
4387
- const branchFullName = getSocketBranchFullNameComponent(partialPurlObj);
4388
- const branchPurlType = getSocketBranchPurlTypeComponent(partialPurlObj);
4389
- for (const pr of openPrs) {
4390
- const parsedBranch = branchParser(pr.headRefName);
4391
- if (branchPurlType === parsedBranch?.type && branchFullName === parsedBranch?.fullName) {
4392
- activeBranches.push(parsedBranch);
4393
- }
4394
- }
4395
- if (activeBranches.length) {
4396
- debug.debugFn(`found: ${activeBranches.length} active branches\n`, activeBranches);
4397
- } else if (openPrs.length) {
4398
- debug.debugFn('miss: 0 active branches found');
4399
- }
4400
- }
4423
+ const activeBranches = getActiveBranchesForPackage(ciEnv, infoEntry[0], openPrs);
4401
4424
  logger.logger.log(`Processing vulns for ${name}:`);
4402
4425
  logger.logger.indent();
4403
4426
  spinner?.indent();
@@ -4408,8 +4431,7 @@ async function npmFix(pkgEnvDetails, {
4408
4431
  const packument = await packages.fetchPackagePackument(name);
4409
4432
  if (!packument) {
4410
4433
  logger.logger.warn(`Unexpected condition: No packument found for ${name}.\n`);
4411
- logger.logger.dedent();
4412
- spinner?.dedent();
4434
+ cleanupInfoEntriesLoop();
4413
4435
  continue infoEntriesLoop;
4414
4436
  }
4415
4437
  const availableVersions = Object.keys(packument.versions);
@@ -4424,13 +4446,12 @@ async function npmFix(pkgEnvDetails, {
4424
4446
  const pkgPath = path.dirname(pkgJsonPath);
4425
4447
  const isWorkspaceRoot = pkgJsonPath === pkgEnvDetails.editablePkgJson.filename;
4426
4448
  const workspace = isWorkspaceRoot ? 'root' : path.relative(rootPath, pkgPath);
4427
- const branchWorkspace = isCi ? getSocketBranchWorkspaceComponent(workspace) : '';
4449
+ const branchWorkspace = ciEnv ? getSocketBranchWorkspaceComponent(workspace) : '';
4428
4450
  const oldVersions = arrays.arrayUnique(shadowNpmInject.findPackageNodes(actualTree, name).map(n => n.target?.version ?? n.version).filter(Boolean));
4429
4451
  if (!oldVersions.length) {
4430
4452
  debug.debugFn(`skip: ${name} not found\n`);
4431
4453
  // Skip to next package.
4432
- logger.logger.dedent();
4433
- spinner?.dedent();
4454
+ cleanupInfoEntriesLoop();
4434
4455
  continue infoEntriesLoop;
4435
4456
  }
4436
4457
 
@@ -4459,25 +4480,24 @@ async function npmFix(pkgEnvDetails, {
4459
4480
  firstPatchedVersionIdentifier,
4460
4481
  vulnerableVersionRange
4461
4482
  } of infos.values()) {
4462
- if (vendor.semverExports.gte(oldVersion, firstPatchedVersionIdentifier)) {
4463
- debug.debugFn(`skip: ${oldId} is >= ${firstPatchedVersionIdentifier}`);
4483
+ const newVersion = shadowNpmInject.findBestPatchVersion(node, availableVersions, vulnerableVersionRange);
4484
+ const newVersionPackument = newVersion ? packument.versions[newVersion] : undefined;
4485
+ if (!(newVersion && newVersionPackument)) {
4486
+ warningsForAfter.add(`${oldId} not updated: requires >=${firstPatchedVersionIdentifier}`);
4487
+ continue infosLoop;
4488
+ }
4489
+ if (vendor.semverExports.gte(oldVersion, newVersion)) {
4490
+ debug.debugFn(`skip: ${oldId} is >= ${newVersion}`);
4464
4491
  continue infosLoop;
4465
4492
  }
4466
- const newVersion = shadowNpmInject.findBestPatchVersion(node, availableVersions, vulnerableVersionRange);
4467
4493
  if (activeBranches.find(b => b.workspace === branchWorkspace && b.newVersion === newVersion)) {
4468
4494
  debug.debugFn(`skip: open PR found for ${name}@${newVersion}`);
4469
4495
  if (++count >= limit) {
4470
- logger.logger.dedent();
4471
- spinner?.dedent();
4496
+ cleanupInfoEntriesLoop();
4472
4497
  break infoEntriesLoop;
4473
4498
  }
4474
4499
  continue infosLoop;
4475
4500
  }
4476
- const newVersionPackument = newVersion ? packument.versions[newVersion] : undefined;
4477
- if (!(newVersion && newVersionPackument)) {
4478
- warningsForAfter.add(`${oldId} not updated: requires >=${firstPatchedVersionIdentifier}`);
4479
- continue infosLoop;
4480
- }
4481
4501
  const newVersionRange = utils.applyRange(oldVersion, newVersion, rangeStyle);
4482
4502
  const newId = `${name}@${newVersionRange}`;
4483
4503
  const revertData = {
@@ -4507,9 +4527,9 @@ async function npmFix(pkgEnvDetails, {
4507
4527
  }))) {
4508
4528
  debug.debugFn(`skip: ${workspace}/package.json unchanged`);
4509
4529
  // Reset things just in case.
4510
- if (isCi) {
4530
+ if (ciEnv) {
4511
4531
  // eslint-disable-next-line no-await-in-loop
4512
- await gitResetAndClean(baseBranch, cwd);
4532
+ await gitResetAndClean(ciEnv.baseBranch, cwd);
4513
4533
  }
4514
4534
  continue infosLoop;
4515
4535
  }
@@ -4547,7 +4567,7 @@ async function npmFix(pkgEnvDetails, {
4547
4567
  spinner?.stop();
4548
4568
 
4549
4569
  // Check repoInfo to make TypeScript happy.
4550
- if (!errored && isCi && repoInfo) {
4570
+ if (!errored && ciEnv?.repoInfo) {
4551
4571
  try {
4552
4572
  // eslint-disable-next-line no-await-in-loop
4553
4573
  const result = await gitUnstagedModifiedFiles(cwd);
@@ -4569,7 +4589,7 @@ async function npmFix(pkgEnvDetails, {
4569
4589
  let skipPr = false;
4570
4590
  if (
4571
4591
  // eslint-disable-next-line no-await-in-loop
4572
- await prExistForBranch(repoInfo.owner, repoInfo.repo, branch)) {
4592
+ await prExistForBranch(ciEnv.repoInfo.owner, ciEnv.repoInfo.repo, branch)) {
4573
4593
  skipPr = true;
4574
4594
  debug.debugFn(`skip: branch "${branch}" exists`);
4575
4595
  }
@@ -4581,15 +4601,15 @@ async function npmFix(pkgEnvDetails, {
4581
4601
  // eslint-disable-next-line no-await-in-loop
4582
4602
  !(await gitCreateAndPushBranch(branch, getSocketCommitMessage(oldPurl, newVersion, workspace), moddedFilepaths, {
4583
4603
  cwd,
4584
- email: gitEmail,
4585
- user: gitUser
4604
+ email: ciEnv.gitEmail,
4605
+ user: ciEnv.gitUser
4586
4606
  }))) {
4587
4607
  skipPr = true;
4588
4608
  logger.logger.warn('Unexpected condition: Push failed, skipping PR creation.');
4589
4609
  }
4590
4610
  if (skipPr) {
4591
4611
  // eslint-disable-next-line no-await-in-loop
4592
- await gitResetAndClean(baseBranch, cwd);
4612
+ await gitResetAndClean(ciEnv.baseBranch, cwd);
4593
4613
  // eslint-disable-next-line no-await-in-loop
4594
4614
  const maybeActualTree = await install$1(arb, {
4595
4615
  cwd
@@ -4603,14 +4623,14 @@ async function npmFix(pkgEnvDetails, {
4603
4623
  }
4604
4624
 
4605
4625
  // eslint-disable-next-line no-await-in-loop
4606
- await Promise.allSettled([setGitRemoteGithubRepoUrl(repoInfo.owner, repoInfo.repo, githubToken, cwd), cleanupOpenPrs(repoInfo.owner, repoInfo.repo, {
4626
+ await Promise.allSettled([setGitRemoteGithubRepoUrl(ciEnv.repoInfo.owner, ciEnv.repoInfo.repo, ciEnv.githubToken, cwd), cleanupOpenPrs(ciEnv.repoInfo.owner, ciEnv.repoInfo.repo, {
4607
4627
  newVersion,
4608
4628
  purl: oldPurl,
4609
4629
  workspace
4610
4630
  })]);
4611
4631
  // eslint-disable-next-line no-await-in-loop
4612
- const prResponse = await openPr(repoInfo.owner, repoInfo.repo, branch, oldPurl, newVersion, {
4613
- baseBranch,
4632
+ const prResponse = await openPr(ciEnv.repoInfo.owner, ciEnv.repoInfo.repo, branch, oldPurl, newVersion, {
4633
+ baseBranch: ciEnv.baseBranch,
4614
4634
  cwd,
4615
4635
  workspace
4616
4636
  });
@@ -4643,10 +4663,10 @@ async function npmFix(pkgEnvDetails, {
4643
4663
  errored = true;
4644
4664
  }
4645
4665
  }
4646
- if (isCi) {
4666
+ if (ciEnv) {
4647
4667
  spinner?.start();
4648
4668
  // eslint-disable-next-line no-await-in-loop
4649
- await gitResetAndClean(baseBranch, cwd);
4669
+ await gitResetAndClean(ciEnv.baseBranch, cwd);
4650
4670
  // eslint-disable-next-line no-await-in-loop
4651
4671
  const maybeActualTree = await install$1(arb, {
4652
4672
  cwd
@@ -4659,7 +4679,7 @@ async function npmFix(pkgEnvDetails, {
4659
4679
  }
4660
4680
  }
4661
4681
  if (errored) {
4662
- if (!isCi) {
4682
+ if (!ciEnv) {
4663
4683
  spinner?.start();
4664
4684
  editablePkgJson.update(revertData);
4665
4685
  // eslint-disable-next-line no-await-in-loop
@@ -4680,8 +4700,7 @@ async function npmFix(pkgEnvDetails, {
4680
4700
  logger.logger.fail(`Update failed for ${oldId} in ${workspace}.`, error);
4681
4701
  }
4682
4702
  if (++count >= limit) {
4683
- logger.logger.dedent();
4684
- spinner?.dedent();
4703
+ cleanupInfoEntriesLoop();
4685
4704
  break infoEntriesLoop;
4686
4705
  }
4687
4706
  }
@@ -4696,8 +4715,7 @@ async function npmFix(pkgEnvDetails, {
4696
4715
  if (!isLastInfoEntry) {
4697
4716
  logger.logger.logNewline();
4698
4717
  }
4699
- logger.logger.dedent();
4700
- spinner?.dedent();
4718
+ cleanupInfoEntriesLoop();
4701
4719
  }
4702
4720
  spinner?.stop();
4703
4721
  return {
@@ -4764,19 +4782,9 @@ async function pnpmFix(pkgEnvDetails, {
4764
4782
  const {
4765
4783
  pkgPath: rootPath
4766
4784
  } = pkgEnvDetails;
4767
-
4768
- // Lazily access constants.ENV properties.
4769
- const gitEmail = constants.ENV.SOCKET_CLI_GIT_USER_EMAIL;
4770
- const gitUser = constants.ENV.SOCKET_CLI_GIT_USER_NAME;
4771
- const githubToken = constants.ENV.SOCKET_CLI_GITHUB_TOKEN;
4772
- const isCi = !!(constants.ENV.CI && constants.ENV.GITHUB_ACTIONS && constants.ENV.GITHUB_REPOSITORY && gitEmail && gitUser && githubToken);
4773
- const repoInfo = isCi ? getGithubEnvRepoInfo() : null;
4774
4785
  spinner?.start();
4775
- const openPrs =
4776
- // Check repoInfo to make TypeScript happy.
4777
- isCi && repoInfo ? await getOpenSocketPrs(repoInfo.owner, repoInfo.repo, {
4778
- author: gitUser
4779
- }) : [];
4786
+ const ciEnv = getCiEnv();
4787
+ const openPrs = ciEnv ? await getOpenPrsForEnvironment(ciEnv) : [];
4780
4788
  let count = 0;
4781
4789
  let actualTree;
4782
4790
  const lockfilePath = path.join(rootPath, 'pnpm-lock.yaml');
@@ -4852,16 +4860,23 @@ async function pnpmFix(pkgEnvDetails, {
4852
4860
  }
4853
4861
  };
4854
4862
  }
4855
- const baseBranch = isCi ? getBaseGitBranch() : '';
4856
- const branchParser = isCi ? createSocketBranchParser() : null;
4863
+
4864
+ // Lazily access constants.packumentCache.
4865
+ const {
4866
+ packumentCache
4867
+ } = constants;
4857
4868
  const workspacePkgJsonPaths = await utils.globWorkspace(pkgEnvDetails.agent, rootPath);
4858
4869
  const pkgJsonPaths = [...workspacePkgJsonPaths,
4859
4870
  // Process the workspace root last since it will add an override to package.json.
4860
4871
  pkgEnvDetails.editablePkgJson.filename];
4861
4872
  const sortedInfoEntries = [...infoByPartialPurl.entries()].sort((a, b) => sorts.naturalCompare(a[0], b[0]));
4862
- const handleInstallFail = () => {
4873
+ const cleanupInfoEntriesLoop = () => {
4863
4874
  logger.logger.dedent();
4864
4875
  spinner?.dedent();
4876
+ packumentCache.clear();
4877
+ };
4878
+ const handleInstallFail = () => {
4879
+ cleanupInfoEntriesLoop();
4865
4880
  return {
4866
4881
  ok: false,
4867
4882
  message: 'Install failed',
@@ -4880,22 +4895,7 @@ async function pnpmFix(pkgEnvDetails, {
4880
4895
  if (!infos.length) {
4881
4896
  continue infoEntriesLoop;
4882
4897
  }
4883
- const activeBranches = [];
4884
- if (isCi) {
4885
- const branchFullName = getSocketBranchFullNameComponent(partialPurlObj);
4886
- const branchPurlType = getSocketBranchPurlTypeComponent(partialPurlObj);
4887
- for (const pr of openPrs) {
4888
- const parsedBranch = branchParser(pr.headRefName);
4889
- if (branchPurlType === parsedBranch?.type && branchFullName === parsedBranch?.fullName) {
4890
- activeBranches.push(parsedBranch);
4891
- }
4892
- }
4893
- if (activeBranches.length) {
4894
- debug.debugFn(`found: ${activeBranches.length} active branches\n`, activeBranches);
4895
- } else if (openPrs.length) {
4896
- debug.debugFn('miss: 0 active branches found');
4897
- }
4898
- }
4898
+ const activeBranches = getActiveBranchesForPackage(ciEnv, infoEntry[0], openPrs);
4899
4899
  logger.logger.log(`Processing vulns for ${name}:`);
4900
4900
  logger.logger.indent();
4901
4901
  spinner?.indent();
@@ -4906,8 +4906,7 @@ async function pnpmFix(pkgEnvDetails, {
4906
4906
  const packument = await packages.fetchPackagePackument(name);
4907
4907
  if (!packument) {
4908
4908
  logger.logger.warn(`Unexpected condition: No packument found for ${name}.\n`);
4909
- logger.logger.dedent();
4910
- spinner?.dedent();
4909
+ cleanupInfoEntriesLoop();
4911
4910
  continue infoEntriesLoop;
4912
4911
  }
4913
4912
  const availableVersions = Object.keys(packument.versions);
@@ -4922,15 +4921,15 @@ async function pnpmFix(pkgEnvDetails, {
4922
4921
  const pkgPath = path.dirname(pkgJsonPath);
4923
4922
  const isWorkspaceRoot = pkgJsonPath === pkgEnvDetails.editablePkgJson.filename;
4924
4923
  const workspace = isWorkspaceRoot ? 'root' : path.relative(rootPath, pkgPath);
4925
- const branchWorkspace = isCi ? getSocketBranchWorkspaceComponent(workspace) : '';
4924
+ const branchWorkspace = ciEnv ? getSocketBranchWorkspaceComponent(workspace) : '';
4926
4925
 
4927
4926
  // actualTree may not be defined on the first iteration of pkgJsonPathsLoop.
4928
4927
  if (!actualTree) {
4929
- if (!isCi) {
4928
+ if (!ciEnv) {
4930
4929
  // eslint-disable-next-line no-await-in-loop
4931
4930
  await utils.removeNodeModules(cwd);
4932
4931
  }
4933
- const maybeActualTree = isCi && fs$1.existsSync(path.join(rootPath, 'node_modules')) ?
4932
+ const maybeActualTree = ciEnv && fs$1.existsSync(path.join(rootPath, 'node_modules')) ?
4934
4933
  // eslint-disable-next-line no-await-in-loop
4935
4934
  await getActualTree(cwd) :
4936
4935
  // eslint-disable-next-line no-await-in-loop
@@ -4954,8 +4953,7 @@ async function pnpmFix(pkgEnvDetails, {
4954
4953
  if (!oldVersions.length) {
4955
4954
  debug.debugFn(`skip: ${name} not found\n`);
4956
4955
  // Skip to next package.
4957
- logger.logger.dedent();
4958
- spinner?.dedent();
4956
+ cleanupInfoEntriesLoop();
4959
4957
  continue infoEntriesLoop;
4960
4958
  }
4961
4959
 
@@ -4987,25 +4985,24 @@ async function pnpmFix(pkgEnvDetails, {
4987
4985
  firstPatchedVersionIdentifier,
4988
4986
  vulnerableVersionRange
4989
4987
  } of infos) {
4990
- if (vendor.semverExports.gte(oldVersion, firstPatchedVersionIdentifier)) {
4991
- debug.debugFn(`skip: ${oldId} is >= ${firstPatchedVersionIdentifier}`);
4988
+ const newVersion = shadowNpmInject.findBestPatchVersion(node, availableVersions, vulnerableVersionRange);
4989
+ const newVersionPackument = newVersion ? packument.versions[newVersion] : undefined;
4990
+ if (!(newVersion && newVersionPackument)) {
4991
+ warningsForAfter.add(`${oldId} not updated: requires >=${firstPatchedVersionIdentifier}`);
4992
+ continue infosLoop;
4993
+ }
4994
+ if (vendor.semverExports.gte(oldVersion, newVersion)) {
4995
+ debug.debugFn(`skip: ${oldId} is >= ${newVersion}`);
4992
4996
  continue infosLoop;
4993
4997
  }
4994
- const newVersion = shadowNpmInject.findBestPatchVersion(node, availableVersions, vulnerableVersionRange);
4995
4998
  if (activeBranches.find(b => b.workspace === branchWorkspace && b.newVersion === newVersion)) {
4996
4999
  debug.debugFn(`skip: open PR found for ${name}@${newVersion}`);
4997
5000
  if (++count >= limit) {
4998
- logger.logger.dedent();
4999
- spinner?.dedent();
5001
+ cleanupInfoEntriesLoop();
5000
5002
  break infoEntriesLoop;
5001
5003
  }
5002
5004
  continue infosLoop;
5003
5005
  }
5004
- const newVersionPackument = newVersion ? packument.versions[newVersion] : undefined;
5005
- if (!(newVersion && newVersionPackument)) {
5006
- warningsForAfter.add(`${oldId} not updated: requires >=${firstPatchedVersionIdentifier}`);
5007
- continue infosLoop;
5008
- }
5009
5006
  const overrideKey = `${name}@${vulnerableVersionRange}`;
5010
5007
  const newVersionRange = utils.applyRange(oldOverrides?.[overrideKey] ?? oldVersion, newVersion, rangeStyle);
5011
5008
  const newId = `${name}@${newVersionRange}`;
@@ -5057,9 +5054,9 @@ async function pnpmFix(pkgEnvDetails, {
5057
5054
  }))) {
5058
5055
  debug.debugFn(`skip: ${workspace}/package.json unchanged`);
5059
5056
  // Reset things just in case.
5060
- if (isCi) {
5057
+ if (ciEnv) {
5061
5058
  // eslint-disable-next-line no-await-in-loop
5062
- await gitResetAndClean(baseBranch, cwd);
5059
+ await gitResetAndClean(ciEnv.baseBranch, cwd);
5063
5060
  }
5064
5061
  continue infosLoop;
5065
5062
  }
@@ -5116,7 +5113,7 @@ async function pnpmFix(pkgEnvDetails, {
5116
5113
  spinner?.stop();
5117
5114
 
5118
5115
  // Check repoInfo to make TypeScript happy.
5119
- if (!errored && isCi && repoInfo) {
5116
+ if (!errored && ciEnv?.repoInfo) {
5120
5117
  try {
5121
5118
  // eslint-disable-next-line no-await-in-loop
5122
5119
  const result = await gitUnstagedModifiedFiles(cwd);
@@ -5136,7 +5133,7 @@ async function pnpmFix(pkgEnvDetails, {
5136
5133
  let skipPr = false;
5137
5134
  if (
5138
5135
  // eslint-disable-next-line no-await-in-loop
5139
- await prExistForBranch(repoInfo.owner, repoInfo.repo, branch)) {
5136
+ await prExistForBranch(ciEnv.repoInfo.owner, ciEnv.repoInfo.repo, branch)) {
5140
5137
  skipPr = true;
5141
5138
  debug.debugFn(`skip: branch "${branch}" exists`);
5142
5139
  }
@@ -5148,15 +5145,15 @@ async function pnpmFix(pkgEnvDetails, {
5148
5145
  // eslint-disable-next-line no-await-in-loop
5149
5146
  !(await gitCreateAndPushBranch(branch, getSocketCommitMessage(oldPurl, newVersion, workspace), moddedFilepaths, {
5150
5147
  cwd,
5151
- email: gitEmail,
5152
- user: gitUser
5148
+ email: ciEnv.gitEmail,
5149
+ user: ciEnv.gitUser
5153
5150
  }))) {
5154
5151
  skipPr = true;
5155
5152
  logger.logger.warn('Unexpected condition: Push failed, skipping PR creation.');
5156
5153
  }
5157
5154
  if (skipPr) {
5158
5155
  // eslint-disable-next-line no-await-in-loop
5159
- await gitResetAndClean(baseBranch, cwd);
5156
+ await gitResetAndClean(ciEnv.baseBranch, cwd);
5160
5157
  // eslint-disable-next-line no-await-in-loop
5161
5158
  const maybeActualTree = await install(pkgEnvDetails, {
5162
5159
  cwd,
@@ -5175,14 +5172,14 @@ async function pnpmFix(pkgEnvDetails, {
5175
5172
  }
5176
5173
 
5177
5174
  // eslint-disable-next-line no-await-in-loop
5178
- await Promise.allSettled([setGitRemoteGithubRepoUrl(repoInfo.owner, repoInfo.repo, githubToken, cwd), cleanupOpenPrs(repoInfo.owner, repoInfo.repo, {
5175
+ await Promise.allSettled([setGitRemoteGithubRepoUrl(ciEnv.repoInfo.owner, ciEnv.repoInfo.repo, ciEnv.githubToken, cwd), cleanupOpenPrs(ciEnv.repoInfo.owner, ciEnv.repoInfo.repo, {
5179
5176
  newVersion,
5180
5177
  purl: oldPurl,
5181
5178
  workspace
5182
5179
  })]);
5183
5180
  // eslint-disable-next-line no-await-in-loop
5184
- const prResponse = await openPr(repoInfo.owner, repoInfo.repo, branch, oldPurl, newVersion, {
5185
- baseBranch,
5181
+ const prResponse = await openPr(ciEnv.repoInfo.owner, ciEnv.repoInfo.repo, branch, oldPurl, newVersion, {
5182
+ baseBranch: ciEnv.baseBranch,
5186
5183
  cwd,
5187
5184
  workspace
5188
5185
  });
@@ -5215,10 +5212,10 @@ async function pnpmFix(pkgEnvDetails, {
5215
5212
  errored = true;
5216
5213
  }
5217
5214
  }
5218
- if (isCi) {
5215
+ if (ciEnv) {
5219
5216
  spinner?.start();
5220
5217
  // eslint-disable-next-line no-await-in-loop
5221
- await gitResetAndClean(baseBranch, cwd);
5218
+ await gitResetAndClean(ciEnv.baseBranch, cwd);
5222
5219
  // eslint-disable-next-line no-await-in-loop
5223
5220
  const maybeActualTree = await install(pkgEnvDetails, {
5224
5221
  cwd,
@@ -5236,7 +5233,7 @@ async function pnpmFix(pkgEnvDetails, {
5236
5233
  }
5237
5234
  }
5238
5235
  if (errored) {
5239
- if (!isCi) {
5236
+ if (!ciEnv) {
5240
5237
  spinner?.start();
5241
5238
  editablePkgJson.update(revertData);
5242
5239
  // eslint-disable-next-line no-await-in-loop
@@ -5269,8 +5266,7 @@ async function pnpmFix(pkgEnvDetails, {
5269
5266
  debug.debugFn('name:', name);
5270
5267
  debug.debugFn('increment: count', count + 1);
5271
5268
  if (++count >= limit) {
5272
- logger.logger.dedent();
5273
- spinner?.dedent();
5269
+ cleanupInfoEntriesLoop();
5274
5270
  break infoEntriesLoop;
5275
5271
  }
5276
5272
  }
@@ -5285,8 +5281,7 @@ async function pnpmFix(pkgEnvDetails, {
5285
5281
  if (!isLastInfoEntry) {
5286
5282
  logger.logger.logNewline();
5287
5283
  }
5288
- logger.logger.dedent();
5289
- spinner?.dedent();
5284
+ cleanupInfoEntriesLoop();
5290
5285
  }
5291
5286
  spinner?.stop();
5292
5287
 
@@ -14645,5 +14640,5 @@ void (async () => {
14645
14640
  await utils.captureException(e);
14646
14641
  }
14647
14642
  })();
14648
- //# debugId=858f0ee1-e2b9-482a-bf53-f0c50425ff4
14643
+ //# debugId=f55e6ed3-61c1-4ff4-b932-f2758fcef19
14649
14644
  //# sourceMappingURL=cli.js.map