socket 1.0.83 → 1.0.85
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/cli.js +87 -85
- package/dist/cli.js.map +1 -1
- package/dist/constants.js +3 -3
- package/dist/constants.js.map +1 -1
- package/dist/tsconfig.dts.tsbuildinfo +1 -1
- package/dist/types/commands/fix/agent-fix.d.mts +2 -2
- package/dist/types/commands/fix/agent-fix.d.mts.map +1 -1
- package/dist/types/commands/fix/get-actual-tree.d.mts +2 -2
- package/dist/types/commands/fix/get-actual-tree.d.mts.map +1 -1
- package/dist/types/commands/fix/npm-fix.d.mts.map +1 -1
- package/dist/types/commands/fix/pnpm-fix.d.mts.map +1 -1
- package/dist/utils.js +7 -7
- package/dist/utils.js.map +1 -1
- package/package.json +1 -1
package/dist/cli.js
CHANGED
|
@@ -1047,15 +1047,15 @@ async function fetchScanData(orgSlug, scanId, options) {
|
|
|
1047
1047
|
updateScan('failure; unknown blocking error occurred');
|
|
1048
1048
|
return {
|
|
1049
1049
|
ok: false,
|
|
1050
|
-
message: '
|
|
1051
|
-
cause: `
|
|
1050
|
+
message: 'Socket API error',
|
|
1051
|
+
cause: `Error requesting scan: ${e?.message || '(no error message found)'}${e?.cause ? ` (cause: ${e.cause})` : ''}`
|
|
1052
1052
|
};
|
|
1053
1053
|
}), fetchSecurityPolicy().catch(e => {
|
|
1054
1054
|
updatePolicy('failure; unknown blocking error occurred');
|
|
1055
1055
|
return {
|
|
1056
1056
|
ok: false,
|
|
1057
|
-
message: '
|
|
1058
|
-
cause: `
|
|
1057
|
+
message: 'Socket API error',
|
|
1058
|
+
cause: `Error requesting policy: ${e?.message || '(no error message found)'}${e?.cause ? ` (cause: ${e.cause})` : ''}`
|
|
1059
1059
|
};
|
|
1060
1060
|
})]).finally(() => {
|
|
1061
1061
|
finishedFetching = true;
|
|
@@ -3627,15 +3627,23 @@ async function getFixEnv() {
|
|
|
3627
3627
|
}
|
|
3628
3628
|
|
|
3629
3629
|
async function getActualTree(cwd = process.cwd()) {
|
|
3630
|
-
|
|
3631
|
-
|
|
3632
|
-
|
|
3633
|
-
|
|
3634
|
-
|
|
3635
|
-
|
|
3636
|
-
|
|
3637
|
-
|
|
3638
|
-
|
|
3630
|
+
try {
|
|
3631
|
+
// @npmcli/arborist DOES have partial support for pnpm structured node_modules
|
|
3632
|
+
// folders. However, support is iffy resulting in unhappy paths of errors and hangs.
|
|
3633
|
+
// So, to avoid unhappy paths, we restrict our usage to --dry-run loading of the
|
|
3634
|
+
// node_modules folder.
|
|
3635
|
+
const arb = new shadowNpmInject.Arborist({
|
|
3636
|
+
path: cwd,
|
|
3637
|
+
...shadowNpmInject.SAFE_NO_SAVE_ARBORIST_REIFY_OPTIONS_OVERRIDES
|
|
3638
|
+
});
|
|
3639
|
+
return {
|
|
3640
|
+
actualTree: await arb.loadActual()
|
|
3641
|
+
};
|
|
3642
|
+
} catch (e) {
|
|
3643
|
+
return {
|
|
3644
|
+
error: e
|
|
3645
|
+
};
|
|
3646
|
+
}
|
|
3639
3647
|
}
|
|
3640
3648
|
|
|
3641
3649
|
const {
|
|
@@ -3865,7 +3873,13 @@ async function agentFix(pkgEnvDetails, actualTree, alertsMap, installer, {
|
|
|
3865
3873
|
}
|
|
3866
3874
|
if (fixEnv.isCi && fs$1.existsSync(path.join(rootPath, 'node_modules'))) {
|
|
3867
3875
|
// eslint-disable-next-line no-await-in-loop
|
|
3868
|
-
|
|
3876
|
+
const treeResult = await getActualTree(cwd);
|
|
3877
|
+
const maybeActualTree = treeResult.actualTree;
|
|
3878
|
+
if (!maybeActualTree) {
|
|
3879
|
+
// Exit early if install fails.
|
|
3880
|
+
return handleInstallFail(treeResult.error);
|
|
3881
|
+
}
|
|
3882
|
+
actualTree = maybeActualTree;
|
|
3869
3883
|
} else {
|
|
3870
3884
|
// eslint-disable-next-line no-await-in-loop
|
|
3871
3885
|
const installResult = await installer(pkgEnvDetails, {
|
|
@@ -4258,50 +4272,37 @@ async function install$1(pkgEnvDetails, options) {
|
|
|
4258
4272
|
// default is "notice".
|
|
4259
4273
|
// https://docs.npmjs.com/cli/v8/using-npm/config#loglevel
|
|
4260
4274
|
...(useDebug ? [] : ['--silent']), ...(extraArgs ?? [])];
|
|
4261
|
-
const quotedCmd = `\`${pkgEnvDetails.agent} install ${args.join(' ')}\``;
|
|
4262
|
-
require$$6.debugFn('stdio', `spawn: ${quotedCmd}`);
|
|
4263
4275
|
const isSpinning = spinner?.isSpinning;
|
|
4264
4276
|
spinner?.stop();
|
|
4265
|
-
|
|
4266
|
-
|
|
4277
|
+
const quotedCmd = `\`${pkgEnvDetails.agent} install ${args.join(' ')}\``;
|
|
4278
|
+
require$$6.debugFn('stdio', `spawn: ${quotedCmd}`);
|
|
4267
4279
|
try {
|
|
4268
4280
|
await utils.runAgentInstall(pkgEnvDetails, {
|
|
4269
4281
|
args,
|
|
4270
4282
|
spinner,
|
|
4271
4283
|
stdio: useDebug ? 'inherit' : 'ignore'
|
|
4272
4284
|
});
|
|
4273
|
-
} catch (
|
|
4274
|
-
|
|
4275
|
-
error = e;
|
|
4276
|
-
require$$6.debugFn('error', `caught: ${quotedCmd} failed`);
|
|
4277
|
-
require$$6.debugDir('inspect', {
|
|
4285
|
+
} catch (error) {
|
|
4286
|
+
const result = {
|
|
4278
4287
|
error
|
|
4279
|
-
}
|
|
4288
|
+
};
|
|
4289
|
+
require$$6.debugFn('error', `caught: ${quotedCmd} failed`);
|
|
4290
|
+
require$$6.debugDir('inspect', result);
|
|
4291
|
+
return result;
|
|
4280
4292
|
}
|
|
4281
|
-
|
|
4282
|
-
if (
|
|
4283
|
-
|
|
4284
|
-
|
|
4285
|
-
} catch (e) {
|
|
4286
|
-
errored = true;
|
|
4287
|
-
error = e;
|
|
4288
|
-
require$$6.debugFn('error', 'caught: Arborist error');
|
|
4289
|
-
require$$6.debugDir('inspect', {
|
|
4290
|
-
error
|
|
4291
|
-
});
|
|
4293
|
+
const treeResult = await getActualTree(cwd);
|
|
4294
|
+
if (treeResult.actualTree) {
|
|
4295
|
+
if (isSpinning) {
|
|
4296
|
+
spinner.start();
|
|
4292
4297
|
}
|
|
4298
|
+
return treeResult;
|
|
4293
4299
|
}
|
|
4300
|
+
require$$6.debugFn('error', 'caught: await arb.loadActual() error');
|
|
4301
|
+
require$$6.debugDir('inspect', treeResult);
|
|
4294
4302
|
if (isSpinning) {
|
|
4295
4303
|
spinner.start();
|
|
4296
4304
|
}
|
|
4297
|
-
return
|
|
4298
|
-
...(actualTree ? {
|
|
4299
|
-
actualTree
|
|
4300
|
-
} : undefined),
|
|
4301
|
-
...(errored ? {
|
|
4302
|
-
error
|
|
4303
|
-
} : undefined)
|
|
4304
|
-
};
|
|
4305
|
+
return treeResult;
|
|
4305
4306
|
}
|
|
4306
4307
|
async function npmFix(pkgEnvDetails, fixConfig) {
|
|
4307
4308
|
const {
|
|
@@ -4318,25 +4319,39 @@ async function npmFix(pkgEnvDetails, fixConfig) {
|
|
|
4318
4319
|
if (purls.length) {
|
|
4319
4320
|
alertsMap = await utils.getAlertsMapFromPurls(purls, getFixAlertsMapOptions());
|
|
4320
4321
|
} else {
|
|
4321
|
-
|
|
4322
|
-
|
|
4323
|
-
|
|
4324
|
-
|
|
4325
|
-
|
|
4326
|
-
|
|
4327
|
-
|
|
4328
|
-
|
|
4322
|
+
let arb;
|
|
4323
|
+
try {
|
|
4324
|
+
arb = new shadowNpmInject.Arborist({
|
|
4325
|
+
path: pkgEnvDetails.pkgPath,
|
|
4326
|
+
...flatConfig,
|
|
4327
|
+
...shadowNpmInject.SAFE_WITH_SAVE_ARBORIST_REIFY_OPTIONS_OVERRIDES
|
|
4328
|
+
});
|
|
4329
|
+
// Calling arb.reify() creates the arb.diff object, nulls-out arb.idealTree,
|
|
4330
|
+
// and populates arb.actualTree.
|
|
4331
|
+
actualTree = await arb.reify();
|
|
4332
|
+
} catch (e) {
|
|
4333
|
+
spinner?.stop();
|
|
4334
|
+
require$$6.debugFn('error', 'caught: await arb.reify() error');
|
|
4335
|
+
require$$6.debugDir('inspect', {
|
|
4336
|
+
error: e
|
|
4337
|
+
});
|
|
4338
|
+
return {
|
|
4339
|
+
ok: false,
|
|
4340
|
+
message: 'npm error',
|
|
4341
|
+
cause: e?.message || 'Unknown npm error.'
|
|
4342
|
+
};
|
|
4343
|
+
}
|
|
4329
4344
|
alertsMap = await shadowNpmInject.getAlertsMapFromArborist(arb, getFixAlertsMapOptions());
|
|
4330
4345
|
}
|
|
4331
4346
|
} catch (e) {
|
|
4332
4347
|
spinner?.stop();
|
|
4333
|
-
require$$6.debugFn('error', 'caught: PURL API');
|
|
4348
|
+
require$$6.debugFn('error', 'caught: Socket batch PURL API error');
|
|
4334
4349
|
require$$6.debugDir('inspect', {
|
|
4335
4350
|
error: e
|
|
4336
4351
|
});
|
|
4337
4352
|
return {
|
|
4338
4353
|
ok: false,
|
|
4339
|
-
message: 'API
|
|
4354
|
+
message: 'Socket API error',
|
|
4340
4355
|
cause: e?.message || 'Unknown Socket batch PURL API error.'
|
|
4341
4356
|
};
|
|
4342
4357
|
}
|
|
@@ -4435,50 +4450,37 @@ async function install(pkgEnvDetails, options) {
|
|
|
4435
4450
|
// Enable a non-interactive pnpm install
|
|
4436
4451
|
// https://github.com/pnpm/pnpm/issues/6778
|
|
4437
4452
|
'--config.confirmModulesPurge=false', ...(extraArgs ?? [])];
|
|
4438
|
-
const quotedCmd = `\`${pkgEnvDetails.agent} install ${args.join(' ')}\``;
|
|
4439
|
-
require$$6.debugFn('stdio', `spawn: ${quotedCmd}`);
|
|
4440
4453
|
const isSpinning = spinner?.isSpinning;
|
|
4441
4454
|
spinner?.stop();
|
|
4442
|
-
|
|
4443
|
-
|
|
4455
|
+
const quotedCmd = `\`${pkgEnvDetails.agent} install ${args.join(' ')}\``;
|
|
4456
|
+
require$$6.debugFn('stdio', `spawn: ${quotedCmd}`);
|
|
4444
4457
|
try {
|
|
4445
4458
|
await utils.runAgentInstall(pkgEnvDetails, {
|
|
4446
4459
|
args,
|
|
4447
4460
|
spinner,
|
|
4448
4461
|
stdio: require$$6.isDebug('stdio') ? 'inherit' : 'ignore'
|
|
4449
4462
|
});
|
|
4450
|
-
} catch (
|
|
4451
|
-
|
|
4452
|
-
error = e;
|
|
4453
|
-
require$$6.debugFn('error', `caught: ${quotedCmd} failed`);
|
|
4454
|
-
require$$6.debugDir('inspect', {
|
|
4463
|
+
} catch (error) {
|
|
4464
|
+
const result = {
|
|
4455
4465
|
error
|
|
4456
|
-
}
|
|
4466
|
+
};
|
|
4467
|
+
require$$6.debugFn('error', `caught: ${quotedCmd} failed`);
|
|
4468
|
+
require$$6.debugDir('inspect', result);
|
|
4469
|
+
return result;
|
|
4457
4470
|
}
|
|
4458
|
-
|
|
4459
|
-
if (
|
|
4460
|
-
|
|
4461
|
-
|
|
4462
|
-
} catch (e) {
|
|
4463
|
-
errored = true;
|
|
4464
|
-
error = e;
|
|
4465
|
-
require$$6.debugFn('error', 'caught: Arborist error');
|
|
4466
|
-
require$$6.debugDir('inspect', {
|
|
4467
|
-
error
|
|
4468
|
-
});
|
|
4471
|
+
const treeResult = await getActualTree(cwd);
|
|
4472
|
+
if (treeResult.actualTree) {
|
|
4473
|
+
if (isSpinning) {
|
|
4474
|
+
spinner.start();
|
|
4469
4475
|
}
|
|
4476
|
+
return treeResult;
|
|
4470
4477
|
}
|
|
4478
|
+
require$$6.debugFn('error', 'caught: await arb.loadActual() error');
|
|
4479
|
+
require$$6.debugDir('inspect', treeResult);
|
|
4471
4480
|
if (isSpinning) {
|
|
4472
4481
|
spinner.start();
|
|
4473
4482
|
}
|
|
4474
|
-
return
|
|
4475
|
-
...(actualTree ? {
|
|
4476
|
-
actualTree
|
|
4477
|
-
} : undefined),
|
|
4478
|
-
...(errored ? {
|
|
4479
|
-
error
|
|
4480
|
-
} : undefined)
|
|
4481
|
-
};
|
|
4483
|
+
return treeResult;
|
|
4482
4484
|
}
|
|
4483
4485
|
async function pnpmFix(pkgEnvDetails, fixConfig) {
|
|
4484
4486
|
const {
|
|
@@ -4527,13 +4529,13 @@ async function pnpmFix(pkgEnvDetails, fixConfig) {
|
|
|
4527
4529
|
alertsMap = purls.length ? await utils.getAlertsMapFromPurls(purls, getFixAlertsMapOptions()) : await utils.getAlertsMapFromPnpmLockfile(lockfile, getFixAlertsMapOptions());
|
|
4528
4530
|
} catch (e) {
|
|
4529
4531
|
spinner?.stop();
|
|
4530
|
-
require$$6.debugFn('error', 'caught: PURL API');
|
|
4532
|
+
require$$6.debugFn('error', 'caught: Socket batch PURL API error');
|
|
4531
4533
|
require$$6.debugDir('inspect', {
|
|
4532
4534
|
error: e
|
|
4533
4535
|
});
|
|
4534
4536
|
return {
|
|
4535
4537
|
ok: false,
|
|
4536
|
-
message: 'API
|
|
4538
|
+
message: 'Socket API error',
|
|
4537
4539
|
cause: e?.message || 'Unknown Socket batch PURL API error.'
|
|
4538
4540
|
};
|
|
4539
4541
|
}
|
|
@@ -14670,5 +14672,5 @@ void (async () => {
|
|
|
14670
14672
|
await utils.captureException(e);
|
|
14671
14673
|
}
|
|
14672
14674
|
})();
|
|
14673
|
-
//# debugId=
|
|
14675
|
+
//# debugId=45ca8976-a28f-4fa2-8dee-275eacd6152a
|
|
14674
14676
|
//# sourceMappingURL=cli.js.map
|