socket 1.0.6 → 1.0.8

package/dist/cli.js

@@ -1606,7 +1606,7 @@ async function execGradleWithSpinner(bin, commandArgs, cwd) {
   try {
     logger.logger.info('(Running gradle can take a while, it depends on how long gradlew has to run)');
     logger.logger.info('(It will show no output, you can use --verbose to see its output)');
-    spinner.start(`Running gradlew`);
+    spinner.start(`Running gradlew...`);
     const output = await spawn.spawn(bin, commandArgs, {
       // We can pipe the output through to have the user see the result
       // of running gradlew, but then we can't (easily) gather the output
@@ -3944,7 +3944,7 @@ async function agentFix(pkgEnvDetails, actualTree, alertsMap, installer, {
               if (test) {
                 spinner?.info(`Testing ${newId} in ${workspace}.`);
                 // eslint-disable-next-line no-await-in-loop
-                await npm.runScript(testScript, [], {
+                await npm.runNpmScript(testScript, [], {
                   spinner,
                   stdio: 'ignore'
                 });
@@ -4250,11 +4250,18 @@ async function npmFix(pkgEnvDetails, options) {
         shorthands: vendor.definitionsExports.shorthands
       });
       await config.load();
-      debug.debugFn('npm config:', config);
+      const flatConfig = {
+        __proto__: null,
+        ...config.flat
+      };
+      flatConfig.nodeVersion = constants.NODE_VERSION;
+      flatConfig.npmVersion = pkgEnvDetails.agentVersion.toString();
+      flatConfig.npmCommand = 'install';
+      debug.debugFn('npm config:', flatConfig);
       const arb = new shadowNpmInject.Arborist({
         path: pkgEnvDetails.pkgPath,
-        ...shadowNpmInject.SAFE_ARBORIST_REIFY_OPTIONS_OVERRIDES,
-        config
+        ...flatConfig,
+        ...shadowNpmInject.SAFE_ARBORIST_REIFY_OPTIONS_OVERRIDES
       });
       actualTree = await arb.reify();
       // Calling arb.reify() creates the arb.diff object, nulls-out arb.idealTree,
@@ -4487,7 +4494,7 @@ const {
   NPM: NPM$7,
   PNPM: PNPM$6
 } = constants;
-async function handleFix(argv, {
+async function handleFix({
   autoMerge,
   cwd,
   ghsas,
@@ -4496,37 +4503,51 @@ async function handleFix(argv, {
   purls,
   rangeStyle,
   test,
-  testScript
+  testScript,
+  unknownFlags
 }) {
+  // Lazily access constants.spinner.
+  const {
+    spinner
+  } = constants;
   let {
     length: ghsasCount
   } = ghsas;
   if (ghsasCount) {
-    // Lazily access constants.spinner.
-    const {
-      spinner
-    } = constants;
     spinner.start('Fetching GHSA IDs...');
     if (ghsasCount === 1 && ghsas[0] === 'auto') {
       const autoCResult = await utils.spawnCoana(['compute-fixes-and-upgrade-purls', cwd], {
         cwd,
         spinner
       });
+      spinner.stop();
       if (autoCResult.ok) {
         ghsas = utils.cmdFlagValueToArray(/(?<=Vulnerabilities found: )[^\n]+/.exec(autoCResult.data)?.[0]);
         ghsasCount = ghsas.length;
       } else {
+        debug.debugFn('coana fail:', {
+          message: autoCResult.message,
+          cause: autoCResult.cause
+        });
         ghsas = [];
         ghsasCount = 0;
       }
+      spinner.start();
     }
     if (ghsasCount) {
       spinner.info(`Found ${ghsasCount} GHSA ${words.pluralize('ID', ghsasCount)}.`);
-      await outputFixResult(await utils.spawnCoana(['compute-fixes-and-upgrade-purls', cwd, '--apply-fixes-to', ...ghsas, ...argv], {
+      const applyFixesCResult = await utils.spawnCoana(['compute-fixes-and-upgrade-purls', cwd, '--apply-fixes-to', ...ghsas, ...unknownFlags], {
         cwd,
         spinner
-      }), outputKind);
+      });
       spinner.stop();
+      if (!applyFixesCResult.ok) {
+        debug.debugFn('coana fail:', {
+          message: applyFixesCResult.message,
+          cause: applyFixesCResult.cause
+        });
+      }
+      await outputFixResult(applyFixesCResult, outputKind);
       return;
     }
     spinner.infoAndStop('No GHSA IDs found.');
@@ -4567,11 +4588,6 @@ async function handleFix(argv, {
     }, outputKind);
     return;
   }
-
-  // Lazily access spinner.
-  const {
-    spinner
-  } = constants;
   const fixer = agent === NPM$7 ? npmFix : pnpmFix;
   await outputFixResult(await fixer(pkgEnvDetails, {
     autoMerge,
@@ -4712,7 +4728,10 @@ async function run$H(argv, importMeta, {
   const limit = (cli.flags['limit'] ? parseInt(String(cli.flags['limit'] || ''), 10) : Infinity) || Infinity;
   const purls = utils.cmdFlagValueToArray(cli.flags['purl']);
   const testScript = String(cli.flags['testScript'] || 'test');
-  await handleFix(argv, {
+  const {
+    unknownFlags
+  } = cli;
+  await handleFix({
     autoMerge,
     cwd,
     ghsas,
@@ -4721,7 +4740,8 @@ async function run$H(argv, importMeta, {
     purls,
     rangeStyle,
     test,
-    testScript
+    testScript,
+    unknownFlags
   });
 }
 
@@ -4811,7 +4831,7 @@ function getTabCompletionScriptRaw() {
   if (!fs$1.existsSync(sourcePath)) {
     return {
       ok: false,
-      message: 'Source not found',
+      message: 'Source not found.',
       cause: `Unable to find the source tab completion bash script that Socket should ship. Expected to find it in \`${sourcePath}\` but it was not there.`
     };
   }
@@ -4826,12 +4846,11 @@ function updateInstalledTabCompletionScript(targetPath) {
     return content;
   }
 
-  // Lazily access constants.ENV.INLINED_SOCKET_CLI_VERSION_HASH.
-  const CLI_VERSION = constants.ENV.INLINED_SOCKET_CLI_VERSION_HASH;
-
   // When installing set the current package.json version.
   // Later, we can call _socket_completion_version to get the installed version.
-  fs$1.writeFileSync(targetPath, content.data.replaceAll('SOCKET_VERSION_TOKEN', CLI_VERSION), 'utf8');
+  fs$1.writeFileSync(targetPath, content.data.replaceAll('%SOCKET_VERSION_TOKEN%',
+  // Lazily access constants.ENV.INLINED_SOCKET_CLI_VERSION_HASH.
+  constants.ENV.INLINED_SOCKET_CLI_VERSION_HASH), 'utf8');
   return {
     ok: true,
     data: undefined
@@ -9202,7 +9221,9 @@ const config$j = {
   commandName: 'raw-npm',
   description: `Temporarily disable the Socket ${NPM} wrapper`,
   hidden: false,
-  flags: {},
+  flags: {
+    ...utils.commonFlags
+  },
   help: command => `
     Usage
       $ ${command} ...
@@ -9265,7 +9286,9 @@ const config$i = {
   commandName: 'raw-npx',
   description: `Temporarily disable the Socket ${NPX} wrapper`,
   hidden: false,
-  flags: {},
+  flags: {
+    ...utils.commonFlags
+  },
   help: command => `
     Usage
       $ ${command} ...
@@ -14092,18 +14115,16 @@ void (async () => {
     debug.debugFn('Uncaught error (BAD!):');
     debug.debugFn(e);
 
-    // Try to parse the flags, find out if --json or --markdown is set
+    // Try to parse the flags, find out if --json or --markdown is set.
     let isJson = false;
     try {
       const cli = vendor.meow(``, {
         argv: process.argv.slice(2),
+        autoHelp: false,
+        flags: {},
         importMeta: {
           url: `${require$$0.pathToFileURL(__filename$1)}`
-        },
-        flags: {},
-        // Do not strictly check for flags here.
-        allowUnknownFlags: true,
-        autoHelp: false
+        }
       });
       isJson = !!cli.flags['json'];
     } catch {}
@@ -14141,5 +14162,5 @@ void (async () => {
     await utils.captureException(e);
   }
 })();
-//# debugId=bac54bf5-401a-488b-a2bb-65fdb17e2e2c
+//# debugId=fa52588f-cff8-4914-9a1b-357283f4db17
 //# sourceMappingURL=cli.js.map