socket 1.0.71 → 1.0.72
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/bin/npm-cli.js +1 -1
- package/bin/npx-cli.js +1 -1
- package/dist/cli.js +76 -39
- package/dist/cli.js.map +1 -1
- package/dist/constants.js +4 -4
- package/dist/constants.js.map +1 -1
- package/dist/tsconfig.dts.tsbuildinfo +1 -1
- package/dist/types/commands/fix/npm-fix.d.mts.map +1 -1
- package/dist/types/commands/fix/pnpm-fix.d.mts.map +1 -1
- package/dist/types/utils/pnpm.d.mts.map +1 -1
- package/dist/utils.js +6 -2
- package/dist/utils.js.map +1 -1
- package/package.json +2 -2
- package/shadow-bin/npm +1 -1
- package/shadow-bin/npx +1 -1
package/bin/npm-cli.js
CHANGED
|
@@ -6,5 +6,5 @@ const path = require('node:path')
|
|
|
6
6
|
const rootPath = path.join(__dirname, '..')
|
|
7
7
|
Module.enableCompileCache?.(path.join(rootPath, '.cache'))
|
|
8
8
|
|
|
9
|
-
const shadowBin = require(path.join(rootPath, 'dist/shadow-bin.js'))
|
|
9
|
+
const shadowBin = require(path.join(rootPath, 'dist/shadow-npm-bin.js'))
|
|
10
10
|
shadowBin('npm')
|
package/bin/npx-cli.js
CHANGED
|
@@ -6,5 +6,5 @@ const path = require('node:path')
|
|
|
6
6
|
const rootPath = path.join(__dirname, '..')
|
|
7
7
|
Module.enableCompileCache?.(path.join(rootPath, '.cache'))
|
|
8
8
|
|
|
9
|
-
const shadowBin = require(path.join(rootPath, 'dist/shadow-bin.js'))
|
|
9
|
+
const shadowBin = require(path.join(rootPath, 'dist/shadow-npm-bin.js'))
|
|
10
10
|
shadowBin('npx')
|
package/dist/cli.js
CHANGED
|
@@ -4327,6 +4327,7 @@ async function npmFix(pkgEnvDetails, fixConfig) {
|
|
|
4327
4327
|
return await agentFix(pkgEnvDetails, actualTree, alertsMap, install$1, {
|
|
4328
4328
|
async beforeInstall(editablePkgJson) {
|
|
4329
4329
|
revertData = {
|
|
4330
|
+
// Track existing dependencies in the root package.json to revert to later.
|
|
4330
4331
|
...(editablePkgJson.content.dependencies && {
|
|
4331
4332
|
dependencies: {
|
|
4332
4333
|
...editablePkgJson.content.dependencies
|
|
@@ -4345,24 +4346,34 @@ async function npmFix(pkgEnvDetails, fixConfig) {
|
|
|
4345
4346
|
};
|
|
4346
4347
|
},
|
|
4347
4348
|
async afterUpdate(editablePkgJson, packument, oldVersion, newVersion) {
|
|
4348
|
-
|
|
4349
|
-
if (
|
|
4350
|
-
|
|
4351
|
-
|
|
4352
|
-
|
|
4353
|
-
|
|
4354
|
-
|
|
4355
|
-
|
|
4356
|
-
|
|
4357
|
-
|
|
4358
|
-
|
|
4359
|
-
|
|
4360
|
-
|
|
4349
|
+
// Exit early if not the root workspace.
|
|
4350
|
+
if (editablePkgJson.filename !== pkgEnvDetails.editablePkgJson.filename) {
|
|
4351
|
+
return;
|
|
4352
|
+
}
|
|
4353
|
+
// Update package-lock.json using @npmcli/arborist.
|
|
4354
|
+
const arb = new shadowNpmInject.Arborist({
|
|
4355
|
+
path: pkgEnvDetails.pkgPath,
|
|
4356
|
+
...flatConfig,
|
|
4357
|
+
...shadowNpmInject.SAFE_WITH_SAVE_ARBORIST_REIFY_OPTIONS_OVERRIDES
|
|
4358
|
+
});
|
|
4359
|
+
// Build the ideal tree of nodes that are used to generated the saved
|
|
4360
|
+
// package-lock.json
|
|
4361
|
+
const idealTree = await arb.buildIdealTree();
|
|
4362
|
+
const node = shadowNpmInject.findPackageNode(idealTree, packument.name, oldVersion);
|
|
4363
|
+
if (node) {
|
|
4364
|
+
// Update the ideal tree node.
|
|
4365
|
+
shadowNpmInject.updateNode(node, newVersion, packument.versions[newVersion]);
|
|
4366
|
+
// Save package-lock.json lockfile.
|
|
4367
|
+
await arb.reify();
|
|
4361
4368
|
}
|
|
4362
4369
|
},
|
|
4363
4370
|
async revertInstall(editablePkgJson) {
|
|
4364
4371
|
if (revertData) {
|
|
4372
|
+
// Revert package.json.
|
|
4365
4373
|
editablePkgJson.update(revertData);
|
|
4374
|
+
await editablePkgJson.save({
|
|
4375
|
+
ignoreWhitespace: true
|
|
4376
|
+
});
|
|
4366
4377
|
}
|
|
4367
4378
|
}
|
|
4368
4379
|
}, fixConfig);
|
|
@@ -4459,8 +4470,12 @@ async function pnpmFix(pkgEnvDetails, fixConfig) {
|
|
|
4459
4470
|
cwd,
|
|
4460
4471
|
spinner
|
|
4461
4472
|
});
|
|
4462
|
-
|
|
4463
|
-
|
|
4473
|
+
if (maybeActualTree) {
|
|
4474
|
+
lockSrc = (await utils.readLockfile(pkgEnvDetails.lockPath)) ?? '';
|
|
4475
|
+
} else {
|
|
4476
|
+
lockSrc = '';
|
|
4477
|
+
}
|
|
4478
|
+
if (lockSrc) {
|
|
4464
4479
|
actualTree = maybeActualTree;
|
|
4465
4480
|
lockfile = utils.parsePnpmLockfile(lockSrc);
|
|
4466
4481
|
} else {
|
|
@@ -4498,25 +4513,29 @@ async function pnpmFix(pkgEnvDetails, fixConfig) {
|
|
|
4498
4513
|
let revertOverridesSrc = '';
|
|
4499
4514
|
return await agentFix(pkgEnvDetails, actualTree, alertsMap, install, {
|
|
4500
4515
|
async beforeInstall(editablePkgJson, packument, oldVersion, newVersion, vulnerableVersionRange, options) {
|
|
4501
|
-
|
|
4502
|
-
|
|
4503
|
-
|
|
4504
|
-
|
|
4505
|
-
|
|
4506
|
-
|
|
4507
|
-
|
|
4508
|
-
|
|
4509
|
-
|
|
4510
|
-
|
|
4511
|
-
|
|
4516
|
+
lockSrc = (await utils.readLockfile(pkgEnvDetails.lockPath)) ?? '';
|
|
4517
|
+
|
|
4518
|
+
// Update overrides for the root workspace.
|
|
4519
|
+
if (editablePkgJson.filename === pkgEnvDetails.editablePkgJson.filename) {
|
|
4520
|
+
const {
|
|
4521
|
+
overrides: oldOverrides
|
|
4522
|
+
} = getOverridesDataPnpm(pkgEnvDetails, editablePkgJson.content);
|
|
4523
|
+
const oldPnpmSection = editablePkgJson.content[PNPM$6];
|
|
4524
|
+
const overrideKey = `${packument.name}@${vulnerableVersionRange}`;
|
|
4525
|
+
revertOverridesSrc = utils.extractOverridesFromPnpmLockSrc(lockSrc);
|
|
4526
|
+
// Track existing overrides in the root package.json to revert to later.
|
|
4512
4527
|
revertOverrides = {
|
|
4513
4528
|
[PNPM$6]: oldPnpmSection ? {
|
|
4514
4529
|
...oldPnpmSection,
|
|
4515
4530
|
[OVERRIDES$1]: require$$7.hasKeys(oldOverrides) ? {
|
|
4516
4531
|
...oldOverrides,
|
|
4517
4532
|
[overrideKey]: undefined
|
|
4518
|
-
} :
|
|
4519
|
-
|
|
4533
|
+
} :
|
|
4534
|
+
// Properties with undefined values are deleted when saved as JSON.
|
|
4535
|
+
undefined
|
|
4536
|
+
} :
|
|
4537
|
+
// Properties with undefined values are deleted when saved as JSON.
|
|
4538
|
+
undefined
|
|
4520
4539
|
};
|
|
4521
4540
|
// Update overrides in the root package.json so that when `pnpm install`
|
|
4522
4541
|
// generates pnpm-lock.yaml it updates transitive dependencies too.
|
|
@@ -4529,9 +4548,15 @@ async function pnpmFix(pkgEnvDetails, fixConfig) {
|
|
|
4529
4548
|
}
|
|
4530
4549
|
}
|
|
4531
4550
|
});
|
|
4551
|
+
} else {
|
|
4552
|
+
revertOverrides = undefined;
|
|
4553
|
+
revertOverridesSrc = '';
|
|
4532
4554
|
}
|
|
4533
4555
|
revertData = {
|
|
4556
|
+
// If "pnpm" or "pnpm.overrides" fields are undefined they will be
|
|
4557
|
+
// deleted when saved.
|
|
4534
4558
|
...revertOverrides,
|
|
4559
|
+
// Track existing dependencies in the root package.json to revert to later.
|
|
4535
4560
|
...(editablePkgJson.content.dependencies && {
|
|
4536
4561
|
dependencies: {
|
|
4537
4562
|
...editablePkgJson.content.dependencies
|
|
@@ -4554,20 +4579,32 @@ async function pnpmFix(pkgEnvDetails, fixConfig) {
|
|
|
4554
4579
|
// Revert overrides metadata in package.json now that pnpm-lock.yaml
|
|
4555
4580
|
// has been updated.
|
|
4556
4581
|
editablePkgJson.update(revertOverrides);
|
|
4582
|
+
await editablePkgJson.save({
|
|
4583
|
+
ignoreWhitespace: true
|
|
4584
|
+
});
|
|
4557
4585
|
}
|
|
4558
|
-
await
|
|
4559
|
-
|
|
4560
|
-
|
|
4561
|
-
|
|
4562
|
-
|
|
4563
|
-
|
|
4564
|
-
|
|
4565
|
-
|
|
4586
|
+
lockSrc = (await utils.readLockfile(pkgEnvDetails.lockPath)) ?? '';
|
|
4587
|
+
// Remove "overrides" block from pnpm-lock.yaml lockfile when processing
|
|
4588
|
+
// the root workspace.
|
|
4589
|
+
if (editablePkgJson.filename === pkgEnvDetails.editablePkgJson.filename) {
|
|
4590
|
+
const updatedOverridesContent = utils.extractOverridesFromPnpmLockSrc(lockSrc);
|
|
4591
|
+
if (updatedOverridesContent) {
|
|
4592
|
+
// Remove "overrides" block from pnpm-lock.yaml lockfile.
|
|
4593
|
+
lockSrc = lockSrc.replace(updatedOverridesContent, revertOverridesSrc);
|
|
4594
|
+
// Save pnpm-lock.yaml lockfile.
|
|
4595
|
+
await fs$1.promises.writeFile(pkgEnvDetails.lockPath, lockSrc, 'utf8');
|
|
4596
|
+
}
|
|
4566
4597
|
}
|
|
4567
4598
|
},
|
|
4568
4599
|
async revertInstall(editablePkgJson) {
|
|
4569
4600
|
if (revertData) {
|
|
4601
|
+
// Revert package.json.
|
|
4570
4602
|
editablePkgJson.update(revertData);
|
|
4603
|
+
await editablePkgJson.save({
|
|
4604
|
+
ignoreWhitespace: true
|
|
4605
|
+
});
|
|
4606
|
+
// Revert pnpm-lock.yaml lockfile to be on the safe side.
|
|
4607
|
+
await fs$1.promises.writeFile(pkgEnvDetails.lockPath, lockSrc, 'utf8');
|
|
4571
4608
|
}
|
|
4572
4609
|
}
|
|
4573
4610
|
}, fixConfig);
|
|
@@ -7479,7 +7516,7 @@ function updatePkgJsonField(editablePkgJson, field, value) {
|
|
|
7479
7516
|
}
|
|
7480
7517
|
});
|
|
7481
7518
|
} else {
|
|
7482
|
-
// Properties with undefined values are
|
|
7519
|
+
// Properties with undefined values are deleted when saved as JSON.
|
|
7483
7520
|
editablePkgJson.update(require$$7.hasKeys(oldValue) ? {
|
|
7484
7521
|
[field]: {
|
|
7485
7522
|
...(isPnpmObj ? oldValue : {}),
|
|
@@ -7490,7 +7527,7 @@ function updatePkgJsonField(editablePkgJson, field, value) {
|
|
|
7490
7527
|
});
|
|
7491
7528
|
}
|
|
7492
7529
|
} else if (field === OVERRIDES || field === RESOLUTIONS) {
|
|
7493
|
-
// Properties with undefined values are
|
|
7530
|
+
// Properties with undefined values are deleted when saved as JSON.
|
|
7494
7531
|
editablePkgJson.update({
|
|
7495
7532
|
[field]: require$$7.hasKeys(value) ? value : undefined
|
|
7496
7533
|
});
|
|
@@ -14594,5 +14631,5 @@ void (async () => {
|
|
|
14594
14631
|
await utils.captureException(e);
|
|
14595
14632
|
}
|
|
14596
14633
|
})();
|
|
14597
|
-
//# debugId=
|
|
14634
|
+
//# debugId=e65f1be3-82a5-4c66-a17f-0c3cdbe8bf46
|
|
14598
14635
|
//# sourceMappingURL=cli.js.map
|