socket 1.0.40 → 1.0.42
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/cli.js +30 -32
- package/dist/cli.js.map +1 -1
- package/dist/constants.js +3 -3
- package/dist/constants.js.map +1 -1
- package/dist/types/commands/fix/agent-fix.d.mts +3 -4
- package/dist/types/commands/fix/agent-fix.d.mts.map +1 -1
- package/dist/types/commands/fix/handle-fix.d.mts +1 -1
- package/dist/types/commands/fix/handle-fix.d.mts.map +1 -1
- package/dist/types/commands/fix/npm-fix.d.mts.map +1 -1
- package/dist/utils.js +5 -5
- package/dist/utils.js.map +1 -1
- package/external/@coana-tech/cli/cli.mjs +3 -2
- package/external/@socketsecurity/registry/lib/packages.js +50 -3
- package/package.json +4 -4
package/dist/cli.js
CHANGED
|
@@ -3812,9 +3812,9 @@ function getOverridesData(pkgEnvDetails, pkgJson) {
|
|
|
3812
3812
|
|
|
3813
3813
|
const noopHandler = () => {};
|
|
3814
3814
|
async function agentFix(pkgEnvDetails, actualTree, alertsMap, installer, {
|
|
3815
|
-
beforeInstall = noopHandler,
|
|
3816
|
-
// eslint-disable-next-line sort-destructure-keys/sort-destructure-keys
|
|
3817
3815
|
afterInstall = noopHandler,
|
|
3816
|
+
afterUpdate = noopHandler,
|
|
3817
|
+
beforeInstall = noopHandler,
|
|
3818
3818
|
revertInstall = noopHandler
|
|
3819
3819
|
}, fixConfig) {
|
|
3820
3820
|
const {
|
|
@@ -3826,7 +3826,7 @@ async function agentFix(pkgEnvDetails, actualTree, alertsMap, installer, {
|
|
|
3826
3826
|
cwd,
|
|
3827
3827
|
limit,
|
|
3828
3828
|
minSatisfying,
|
|
3829
|
-
|
|
3829
|
+
prCheck,
|
|
3830
3830
|
rangeStyle,
|
|
3831
3831
|
spinner,
|
|
3832
3832
|
test,
|
|
@@ -4007,7 +4007,7 @@ async function agentFix(pkgEnvDetails, actualTree, alertsMap, installer, {
|
|
|
4007
4007
|
if (seenBranches.has(branch)) {
|
|
4008
4008
|
continue infosLoop;
|
|
4009
4009
|
}
|
|
4010
|
-
const pr =
|
|
4010
|
+
const pr = prCheck ? prs.find(p => p.headRefName === branch) : undefined;
|
|
4011
4011
|
if (pr) {
|
|
4012
4012
|
debug.debugFn('notice', `skip: PR #${pr.number} for ${name} exists`);
|
|
4013
4013
|
seenBranches.add(branch);
|
|
@@ -4040,6 +4040,9 @@ async function agentFix(pkgEnvDetails, actualTree, alertsMap, installer, {
|
|
|
4040
4040
|
ignoreWhitespace: true
|
|
4041
4041
|
});
|
|
4042
4042
|
|
|
4043
|
+
// eslint-disable-next-line no-await-in-loop
|
|
4044
|
+
await afterUpdate(editablePkgJson, packument, oldVersion, newVersion, vulnerableVersionRange, fixConfig);
|
|
4045
|
+
|
|
4043
4046
|
// eslint-disable-next-line no-await-in-loop
|
|
4044
4047
|
const unstagedCResult = await gitUnstagedModifiedFiles(cwd);
|
|
4045
4048
|
const moddedFilepaths = unstagedCResult.ok ? unstagedCResult.data.filter(filepath => {
|
|
@@ -4057,11 +4060,6 @@ async function agentFix(pkgEnvDetails, actualTree, alertsMap, installer, {
|
|
|
4057
4060
|
}
|
|
4058
4061
|
continue infosLoop;
|
|
4059
4062
|
}
|
|
4060
|
-
|
|
4061
|
-
// eslint-disable-next-line no-await-in-loop
|
|
4062
|
-
const pkgJsonSrc = await fs$1.promises.readFile(editablePkgJson.filename, 'utf8');
|
|
4063
|
-
// eslint-disable-next-line no-await-in-loop
|
|
4064
|
-
const lockSrc = await utils.readLockfile(pkgEnvDetails.lockPath);
|
|
4065
4063
|
if (!hasAnnouncedWorkspace) {
|
|
4066
4064
|
hasAnnouncedWorkspace = true;
|
|
4067
4065
|
workspaceLogCallCount = logger.logger.logCallCount;
|
|
@@ -4102,11 +4100,6 @@ async function agentFix(pkgEnvDetails, actualTree, alertsMap, installer, {
|
|
|
4102
4100
|
|
|
4103
4101
|
// Check repoInfo to make TypeScript happy.
|
|
4104
4102
|
if (!errored && fixEnv.isCi && fixEnv.repoInfo) {
|
|
4105
|
-
// Rewrite files in case the install reverted them.
|
|
4106
|
-
// eslint-disable-next-line no-await-in-loop
|
|
4107
|
-
await fs$1.promises.writeFile(editablePkgJson.filename, pkgJsonSrc, 'utf8');
|
|
4108
|
-
// eslint-disable-next-line no-await-in-loop
|
|
4109
|
-
await fs$1.promises.writeFile(pkgEnvDetails.lockPath, lockSrc, 'utf8');
|
|
4110
4103
|
try {
|
|
4111
4104
|
if (
|
|
4112
4105
|
// eslint-disable-next-line no-await-in-loop
|
|
@@ -4328,7 +4321,7 @@ async function npmFix(pkgEnvDetails, fixConfig) {
|
|
|
4328
4321
|
}
|
|
4329
4322
|
let revertData;
|
|
4330
4323
|
return await agentFix(pkgEnvDetails, actualTree, alertsMap, install$1, {
|
|
4331
|
-
async beforeInstall(editablePkgJson
|
|
4324
|
+
async beforeInstall(editablePkgJson) {
|
|
4332
4325
|
revertData = {
|
|
4333
4326
|
...(editablePkgJson.content.dependencies && {
|
|
4334
4327
|
dependencies: {
|
|
@@ -4346,15 +4339,20 @@ async function npmFix(pkgEnvDetails, fixConfig) {
|
|
|
4346
4339
|
}
|
|
4347
4340
|
})
|
|
4348
4341
|
};
|
|
4349
|
-
|
|
4350
|
-
|
|
4351
|
-
|
|
4352
|
-
|
|
4353
|
-
|
|
4354
|
-
|
|
4355
|
-
|
|
4356
|
-
|
|
4357
|
-
await arb.
|
|
4342
|
+
},
|
|
4343
|
+
async afterUpdate(editablePkgJson, packument, oldVersion, newVersion) {
|
|
4344
|
+
const isWorkspaceRoot = editablePkgJson.filename === pkgEnvDetails.editablePkgJson.filename;
|
|
4345
|
+
if (isWorkspaceRoot) {
|
|
4346
|
+
const arb = new shadowNpmInject.Arborist({
|
|
4347
|
+
path: pkgEnvDetails.pkgPath,
|
|
4348
|
+
...flatConfig
|
|
4349
|
+
});
|
|
4350
|
+
const idealTree = await arb.buildIdealTree();
|
|
4351
|
+
const node = shadowNpmInject.findPackageNode(idealTree, packument.name, oldVersion);
|
|
4352
|
+
if (node) {
|
|
4353
|
+
shadowNpmInject.updateNode(node, newVersion, packument.versions[newVersion]);
|
|
4354
|
+
await arb.reify();
|
|
4355
|
+
}
|
|
4358
4356
|
}
|
|
4359
4357
|
},
|
|
4360
4358
|
async revertInstall(editablePkgJson) {
|
|
@@ -4553,8 +4551,8 @@ async function handleFix({
|
|
|
4553
4551
|
ghsas,
|
|
4554
4552
|
limit,
|
|
4555
4553
|
minSatisfying,
|
|
4556
|
-
noPrCheck,
|
|
4557
4554
|
outputKind,
|
|
4555
|
+
prCheck,
|
|
4558
4556
|
purls,
|
|
4559
4557
|
rangeStyle,
|
|
4560
4558
|
spinner,
|
|
@@ -4649,7 +4647,7 @@ async function handleFix({
|
|
|
4649
4647
|
cwd,
|
|
4650
4648
|
limit,
|
|
4651
4649
|
minSatisfying,
|
|
4652
|
-
|
|
4650
|
+
prCheck,
|
|
4653
4651
|
purls,
|
|
4654
4652
|
rangeStyle,
|
|
4655
4653
|
spinner,
|
|
@@ -4699,10 +4697,10 @@ const config$H = {
|
|
|
4699
4697
|
default: false,
|
|
4700
4698
|
description: 'Constrain dependency updates to the minimum satisfying version'
|
|
4701
4699
|
},
|
|
4702
|
-
|
|
4700
|
+
prCheck: {
|
|
4703
4701
|
type: 'boolean',
|
|
4704
|
-
default:
|
|
4705
|
-
description: '
|
|
4702
|
+
default: true,
|
|
4703
|
+
description: 'Check for an existing PR before attempting a fix',
|
|
4706
4704
|
hidden: true
|
|
4707
4705
|
},
|
|
4708
4706
|
purl: {
|
|
@@ -4810,7 +4808,7 @@ async function run$H(argv, importMeta, {
|
|
|
4810
4808
|
const limit = (cli.flags['limit'] ? parseInt(String(cli.flags['limit'] || ''), 10) : Infinity) || Infinity;
|
|
4811
4809
|
const maxSatisfying = Boolean(cli.flags['maxSatisfying']);
|
|
4812
4810
|
const minSatisfying = Boolean(cli.flags['minSatisfying']) || !maxSatisfying;
|
|
4813
|
-
const
|
|
4811
|
+
const prCheck = Boolean(cli.flags['prCheck']);
|
|
4814
4812
|
const purls = utils.cmdFlagValueToArray(cli.flags['purl']);
|
|
4815
4813
|
const testScript = String(cli.flags['testScript'] || 'test');
|
|
4816
4814
|
await handleFix({
|
|
@@ -4819,7 +4817,7 @@ async function run$H(argv, importMeta, {
|
|
|
4819
4817
|
ghsas,
|
|
4820
4818
|
limit,
|
|
4821
4819
|
minSatisfying,
|
|
4822
|
-
|
|
4820
|
+
prCheck,
|
|
4823
4821
|
outputKind,
|
|
4824
4822
|
purls,
|
|
4825
4823
|
rangeStyle,
|
|
@@ -14305,5 +14303,5 @@ void (async () => {
|
|
|
14305
14303
|
await utils.captureException(e);
|
|
14306
14304
|
}
|
|
14307
14305
|
})();
|
|
14308
|
-
//# debugId=
|
|
14306
|
+
//# debugId=1cc1c955-a609-45d8-a905-6f7ba892424a
|
|
14309
14307
|
//# sourceMappingURL=cli.js.map
|